Dobré odpoledne, moc bych poprosil o kontrolu logu. Díky moc.
// Jenom abych to doplnil. Žena měla výborný nápad, že si nainstaluje na notebook MS Office a protože ji nešel aktivovat přes fakultu, tak stáhla nějaký crack, zřejmě ruské provenience.
Takže jsem to odinstaloval, projel pomocí mbam kde bylo cca 60 nálezů a poslal log. Teď tam má oficiální Office s licencí od fakulty, kde vyučuje.
Scan result of Farbar Recovery Scan Tool (FRST) (x64) Version: 31-10-2022 02
Ran by musil (administrator) on TEREZKA-MUSILOV (HP HP EliteBook 855 G7 Notebook PC) (03-11-2022 16:33:30)
Running from C:\Users\musil\OneDrive\Plocha
Loaded Profiles: musil
Platform: Microsoft Windows 10 Pro Education Version 21H2 19044.2130 (X64) Language: Čeština (Česko)
Default browser: Chrome
Boot Mode: Normal
==================== Processes (Whitelisted) =================
(If an entry is included in the fixlist, the process will be closed. The file will not be moved.)
(Advanced Micro Devices Inc.) C:\Program Files\WindowsApps\AdvancedMicroDevicesInc-2.AMDRadeonSoftware_10.21.30024.0_x64__0a9344xs7nr4m\radeonsoftware\AMDRSServ.exe
(Advanced Micro Devices Inc.) C:\Program Files\WindowsApps\AdvancedMicroDevicesInc-2.AMDRadeonSoftware_10.21.30024.0_x64__0a9344xs7nr4m\radeonsoftware\RadeonSoftware.exe
(C:\Program Files\HP\HP ProtectTools Security Manager\Bin\DpHostW.exe ->) (DigitalPersona, Inc. -> Crossmatch, Inc.) C:\Program Files\HP\HP ProtectTools Security Manager\Bin\DpCardEngine.exe
(C:\Program Files\Malwarebytes\Anti-Malware\MBAMService.exe ->) (Malwarebytes Inc. -> Malwarebytes) C:\Program Files\Malwarebytes\Anti-Malware\mbamtray.exe
(C:\Program Files\WindowsApps\AdvancedMicroDevicesInc-2.AMDRadeonSoftware_10.21.30024.0_x64__0a9344xs7nr4m\radeonsoftware\AMDRSServ.exe ->) (Advanced Micro Devices Inc.) C:\Program Files\WindowsApps\AdvancedMicroDevicesInc-2.AMDRadeonSoftware_10.21.30024.0_x64__0a9344xs7nr4m\radeonsoftware\AMDRSSrcExt.exe
(C:\Program Files\WindowsApps\AdvancedMicroDevicesInc-2.AMDRadeonSoftware_10.21.30024.0_x64__0a9344xs7nr4m\radeonsoftware\RadeonSoftware.exe ->) (Advanced Micro Devices Inc.) C:\Program Files\WindowsApps\AdvancedMicroDevicesInc-2.AMDRadeonSoftware_10.21.30024.0_x64__0a9344xs7nr4m\radeonsoftware\cncmd.exe
(C:\Program Files\WindowsApps\AdvancedMicroDevicesInc-2.AMDRadeonSoftware_10.21.30024.0_x64__0a9344xs7nr4m\radeonsoftware\RadeonSoftware.exe ->) (Advanced Micro Devices Inc.) C:\Program Files\WindowsApps\AdvancedMicroDevicesInc-2.AMDRadeonSoftware_10.21.30024.0_x64__0a9344xs7nr4m\radeonsoftware\QtWebEngineProcess.exe
(C:\ProgramData\Microsoft\Windows Defender\Platform\4.18.2210.4-0\MsMpEng.exe ->) (Microsoft Windows Publisher -> Microsoft Corporation) C:\ProgramData\Microsoft\Windows Defender\Platform\4.18.2210.4-0\MpCopyAccelerator.exe
(DriverStore\FileRepository\hpcustomcapcomp.inf_amd64_708a715d015f867d\x64\SysInfoCap.exe ->) (HP Inc. -> HP Inc.) C:\Windows\System32\DriverStore\FileRepository\hpcustomcapcomp.inf_amd64_708a715d015f867d\x64\BridgeCommunication.exe
(DriverStore\FileRepository\u0382887.inf_amd64_c0c8f96c746954a2\B382882\atiesrxx.exe ->) (Advanced Micro Devices Inc. -> AMD) C:\Windows\System32\DriverStore\FileRepository\u0382887.inf_amd64_c0c8f96c746954a2\B382882\atieclxx.exe
(explorer.exe ->) (Google LLC -> Google LLC) C:\Program Files\Google\Chrome\Application\chrome.exe <14>
(explorer.exe ->) (OpenVPN Inc. -> ) C:\Program Files\OpenVPN\bin\openvpn-gui.exe
(services.exe ->) (Adobe Inc. -> Adobe Inc.) C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\armsvc.exe
(services.exe ->) (Advanced Micro Devices Inc. -> Advanced Micro Devices, Inc.) C:\Windows\System32\amdfendrsr.exe
(services.exe ->) (Advanced Micro Devices Inc. -> AMD) C:\Windows\System32\DriverStore\FileRepository\u0382887.inf_amd64_c0c8f96c746954a2\B382882\atiesrxx.exe
(services.exe ->) (Bromium, Inc. -> HP) C:\Program Files\HP\Security Update Service\4.3.0.1811\SecurityUpdateService.exe
(services.exe ->) (DigitalPersona, Inc. -> Crossmatch, Inc.) C:\Program Files\HP\HP ProtectTools Security Manager\Bin\DpHostW.exe
(services.exe ->) (HP Inc. -> HP Inc.) C:\Windows\System32\DriverStore\FileRepository\hpanalyticscomp.inf_amd64_c33d3226824e4250\x64\TouchpointAnalyticsClientService.exe
(services.exe ->) (HP Inc. -> HP Inc.) C:\Windows\System32\DriverStore\FileRepository\hpcustomcapcomp.inf_amd64_708a715d015f867d\x64\AppHelperCap.exe
(services.exe ->) (HP Inc. -> HP Inc.) C:\Windows\System32\DriverStore\FileRepository\hpcustomcapcomp.inf_amd64_708a715d015f867d\x64\DiagsCap.exe
(services.exe ->) (HP Inc. -> HP Inc.) C:\Windows\System32\DriverStore\FileRepository\hpcustomcapcomp.inf_amd64_708a715d015f867d\x64\NetworkCap.exe
(services.exe ->) (HP Inc. -> HP Inc.) C:\Windows\System32\DriverStore\FileRepository\hpcustomcapcomp.inf_amd64_708a715d015f867d\x64\SysInfoCap.exe
(services.exe ->) (HP Inc. -> HP Inc.) C:\Windows\System32\DriverStore\FileRepository\hpqkbsoftwarecompnent.inf_amd64_e2143fc8249238dd\HotKeyServiceUWP.exe
(services.exe ->) (HP Inc. -> HP Inc.) C:\Windows\System32\DriverStore\FileRepository\hpqkbsoftwarecompnent.inf_amd64_e2143fc8249238dd\LanWlanWwanSwitchingServiceUWP.exe
(services.exe ->) (HP Inc. -> HP) C:\Program Files (x86)\HP\Shared\hpqwmiex.exe
(services.exe ->) (Intel(R) Wireless Connectivity Solutions -> Intel Corporation) C:\Windows\System32\ibtsiva.exe
(services.exe ->) (Malwarebytes Inc. -> Malwarebytes) C:\Program Files\Malwarebytes\Anti-Malware\MBAMService.exe
(services.exe ->) (Microsoft Windows -> Microsoft Corporation) C:\Windows\System32\msiexec.exe
(services.exe ->) (Microsoft Windows Hardware Compatibility Publisher -> Fortemedia) C:\Windows\System32\FMService64.exe
(services.exe ->) (Microsoft Windows Publisher -> Microsoft Corporation) C:\ProgramData\Microsoft\Windows Defender\Platform\4.18.2210.4-0\MsMpEng.exe
(services.exe ->) (Microsoft Windows Publisher -> Microsoft Corporation) C:\ProgramData\Microsoft\Windows Defender\Platform\4.18.2210.4-0\NisSrv.exe
(services.exe ->) (OpenVPN Inc. -> The OpenVPN Project) C:\Program Files\OpenVPN\bin\openvpnserv.exe
(services.exe ->) (Realtek Semiconductor Corp. -> Realtek Semiconductor) C:\Windows\System32\DriverStore\FileRepository\realtekservice.inf_amd64_96504635f974b562\RtkAudUService64.exe <3>
(services.exe ->) (Sound Research Corporation -> Sound Research, Corp.) C:\Windows\System32\SECOMN64.exe
(services.exe ->) (Synaptics Incorporated -> Synaptics Incorporated) C:\Windows\System32\SynTPEnhService.exe
(services.exe ->) (TeamViewer Germany GmbH -> TeamViewer Germany GmbH) C:\Program Files\TeamViewer\TeamViewer_Service.exe
(svchost.exe ->) (HP Inc.) C:\Program Files\WindowsApps\AD2F1837.HPJumpStarts_1.10.1627.0_x64__v10z8vjag6ke6\HP.JumpStarts.exe
(svchost.exe ->) (Microsoft Corporation) C:\Program Files\WindowsApps\Microsoft.WindowsCalculator_10.2103.8.0_x64__8wekyb3d8bbwe\Calculator.exe
(svchost.exe ->) (Microsoft Corporation) C:\Program Files\WindowsApps\Microsoft.YourPhone_1.22082.119.0_x64__8wekyb3d8bbwe\PhoneExperienceHost.exe
(svchost.exe ->) (Microsoft Windows -> Microsoft Corporation) C:\Windows\ImmersiveControlPanel\SystemSettings.exe
(svchost.exe ->) (Microsoft Windows -> Microsoft Corporation) C:\Windows\System32\dllhost.exe <2>
(svchost.exe ->) (Microsoft Windows -> Microsoft Corporation) C:\Windows\System32\smartscreen.exe
(svchost.exe ->) (Microsoft Windows -> Microsoft Corporation) C:\Windows\System32\wlanext.exe
(Synaptics Incorporated -> Synaptics Incorporated) C:\Windows\System32\SynTPHelper.exe
(SynTPEnhService.exe ->) (Synaptics Incorporated -> Synaptics Incorporated) C:\Windows\System32\SynTPEnh.exe
==================== Registry (Whitelisted) ===================
(If an entry is included in the fixlist, the registry item will be restored to default or removed. The file will not be moved.)
HKLM\...\Run: [RtkAudUService] => C:\windows\System32\DriverStore\FileRepository\realtekservice.inf_amd64_96504635f974b562\RtkAudUService64.exe [3495272 2022-07-12] (Realtek Semiconductor Corp. -> Realtek Semiconductor)
HKLM\...\Run: [AdobeAAMUpdater-1.0] => C:\Program Files (x86)\Common Files\Adobe\OOBE\PDApp\UWA\UpdaterStartupUtility.exe [509936 2018-04-11] (Adobe Systems Incorporated -> Adobe Systems Incorporated)
HKLM-x32\...\Run: [TeamsMachineUninstallerLocalAppData] => C:\Users\musil\AppData\Local\Microsoft\Teams\Update.exe [2454240 2022-11-03] (Microsoft 3rd Party Application Component -> Microsoft Corporation)
HKLM\SOFTWARE\Policies\Microsoft\Windows Defender: Restriction <==== ATTENTION
HKU\S-1-5-21-949278216-457431651-1449700313-1001\...\Run: [OpenVPN-GUI] => C:\Program Files\OpenVPN\bin\openvpn-gui.exe [820960 2022-05-31] (OpenVPN Inc. -> )
HKLM\...\Windows x64\Print Processors\us015PC: C:\Windows\System32\spool\prtprocs\x64\us015pc.dll [52088 2019-08-26] (Microsoft Windows Hardware Compatibility Publisher -> Windows (R) Codename Longhorn DDK provider)
HKLM\...\Print\Monitors\us015 Langmon: C:\windows\system32\us015lm.dll [31096 2019-08-26] (Microsoft Windows Hardware Compatibility Publisher -> )
HKLM\Software\Microsoft\Active Setup\Installed Components: [{8A69D345-D564-463c-AFF1-A69D9E530F96}] -> C:\Program Files\Google\Chrome\Application\107.0.5304.88\Installer\chrmstp.exe [2022-11-02] (Google LLC -> Google LLC)
HKLM\Software\Microsoft\Active Setup\Installed Components: [{C57B257B-3D92-4AC0-8FE8-7D6FF81AEF73}] -> reg add HKCU\Software\Microsoft\Windows\CurrentVersion\Run /f /v OPENVPN-GUI /t REG_SZ /d "C:\Program Files\OpenVPN\bin\openvpn-gui.exe"
Lsa: [Notification Packages] DPPassFilter scecli
Policies: c:\ProgramData\NTUSER.pol: Restriction <==== ATTENTION
HKLM\SOFTWARE\Policies\Mozilla\Firefox: Restriction <==== ATTENTION
==================== Scheduled Tasks (Whitelisted) ============
(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)
Task: {27FD1261-CC06-44B2-8E41-48313BFFA339} - System32\Tasks\Microsoft\Windows\Windows Defender\Windows Defender Verification => C:\ProgramData\Microsoft\Windows Defender\Platform\4.18.2210.4-0\MpCmdRun.exe [1567336 2022-11-01] (Microsoft Windows Publisher -> Microsoft Corporation)
Task: {33E53AE6-BA18-4E23-931E-3C2B86C78B41} - System32\Tasks\Opera scheduled Autoupdate 1612351560 => C:\Users\musil\AppData\Local\Programs\Opera\launcher.exe --scheduledautoupdate $(Arg0) (No File)
Task: {386B6EAB-3E49-4E4B-8A91-0A5AFC1DBD0E} - System32\Tasks\CCleaner Update => C:\Program Files\CCleaner\CCUpdate.exe [684976 2022-10-20] (Piriform Software Ltd -> Piriform)
Task: {42E04C9F-C2BF-4A8B-B476-C7F7FD813782} - System32\Tasks\AMDLinkUpdate => C:\Program Files\AMD\CIM\Bin64\InstallManagerApp.exe [1627648 2020-07-31] (Advanced Micro Devices, Inc.) [File not signed]
Task: {51CB3590-2456-4BCD-852F-5C0D58BA4D49} - System32\Tasks\Opera scheduled assistant Autoupdate 1612351568 => C:\Users\musil\AppData\Local\Programs\Opera\launcher.exe -> --scheduledautoupdate --component-name=assistant --component-path="C:\Users\musil\AppData\Local\Programs\Opera\assistant" $(Arg0)
Task: {9D6B6404-A276-46DE-A8ED-EA1D9039AC63} - System32\Tasks\OneDrive Reporting Task-S-1-5-21-949278216-457431651-1449700313-1001 => C:\Users\musil\AppData\Local\Microsoft\OneDrive\OneDriveStandaloneUpdater.exe /reporting (No File)
Task: {A7B86A59-C2F4-411F-BED6-96DB2EEF93A3} - System32\Tasks\Microsoft\Windows\Windows Defender\Windows Defender Cleanup => C:\ProgramData\Microsoft\Windows Defender\Platform\4.18.2210.4-0\MpCmdRun.exe [1567336 2022-11-01] (Microsoft Windows Publisher -> Microsoft Corporation)
Task: {AD482DD8-BABD-49FA-B60A-080A5F0E2D27} - System32\Tasks\Opera scheduled Autoupdate 1667487658 => C:\Users\musil\AppData\Local\Programs\Opera\launcher.exe --scheduledautoupdate $(Arg0) (No File)
Task: {AFB8624A-B335-4238-85CD-9407719CC56C} - System32\Tasks\Mozilla\Firefox Background Update 308046B0AF4A39CB => C:\Program Files\Mozilla Firefox\firefox.exe --MOZ_LOG sync,prependheader,timestamp,append,maxsize:1,Dump:5 --MOZ_LOG_FILE C:\ProgramData\Mozilla-1de4eec8-1241-4177-a864-e594e8d1fb38\updates\308046B0AF4A39CB\backgroundupdate.moz_log --backgroundtask backgroundupdate
Task: {B16A6F8B-B648-4617-A559-C8D81B901A05} - System32\Tasks\Microsoft\Windows\Windows Defender\Windows Defender Scheduled Scan => C:\ProgramData\Microsoft\Windows Defender\Platform\4.18.2210.4-0\MpCmdRun.exe [1567336 2022-11-01] (Microsoft Windows Publisher -> Microsoft Corporation)
Task: {C357BD13-7B3F-40B1-98E3-BDD2CBF50B29} - System32\Tasks\Microsoft\Windows\Windows Defender\Windows Defender Cache Maintenance => C:\ProgramData\Microsoft\Windows Defender\Platform\4.18.2210.4-0\MpCmdRun.exe [1567336 2022-11-01] (Microsoft Windows Publisher -> Microsoft Corporation)
Task: {C83CF624-B3C4-47C0-A4DD-8F6610BA8EC4} - System32\Tasks\CCleanerSkipUAC - musil => C:\Program Files\CCleaner\CCleaner.exe [32472400 2022-10-20] (PIRIFORM SOFTWARE LIMITED -> Piriform Software Ltd)
Task: {C9C5F910-2F07-4200-BF06-C20E25706045} - System32\Tasks\ModifyLinkUpdate => C:\Program Files\AMD\CIM\Bin64\InstallManagerApp.exe [1627648 2020-07-31] (Advanced Micro Devices, Inc.) [File not signed]
Task: {CEB549DE-2331-4583-8971-230033BC795B} - System32\Tasks\Adobe Acrobat Update Task => C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\AdobeARM.exe [1552376 2022-09-26] (Adobe Inc. -> Adobe Inc.)
Task: {D7E33217-62EC-4EA7-BFBF-FC3A4BF5925C} - System32\Tasks\HP\Consent Manager Launcher => sc start hptouchpointanalyticsservice
Task: {F1020E02-E43D-4D48-BB41-38F7EC45B9DC} - System32\Tasks\Mozilla\Firefox Default Browser Agent 308046B0AF4A39CB => C:\Program Files\Mozilla Firefox\default-browser-agent.exe do-task "308046B0AF4A39CB"
Task: {F8D0C2E2-4506-4E72-A03A-57AE39166EFF} - System32\Tasks\OneDrive Per-Machine Standalone Update Task => C:\Program Files (x86)\Microsoft OneDrive\OneDriveStandaloneUpdater.exe (No File)
Task: {FE43ADE8-E5CC-4301-9278-7FBD6CE2EE7E} - System32\Tasks\CCleanerCrashReporting => C:\Program Files\CCleaner\CCleanerBugReport.exe [4669264 2022-10-20] (PIRIFORM SOFTWARE LIMITED -> Piriform Software) -> --product 90 --send dumps|report --path "C:\Program Files\CCleaner\LOG" --programpath "C:\Program Files\CCleaner" --configpath "C:\Program Files\CCleaner\Setup" --guid "00364b1b-b745-4bed-a2d1-c38a5953a4d7" --version "6.05.10110" --silent
(If an entry is included in the fixlist, the task (.job) file will be moved. The file which is running by the task will not be moved.)
Task: C:\windows\Tasks\CCleanerCrashReporting.job => C:\Program Files\CCleaner\CCleanerBugReport.exe
==================== Internet (Whitelisted) ====================
(If an item is included in the fixlist, if it is a registry item it will be removed or restored to default.)
HKLM\SOFTWARE\Policies\Microsoft\Windows\CurrentVersion\Internet Settings\Zones\3: <==== ATTENTION (Restriction - Zones)
Tcpip\Parameters: [DhcpNameServer] 192.168.1.1
Tcpip\..\Interfaces\{f0e21c73-fb45-47db-949c-52e5ef3dc74c}: [DhcpNameServer] 192.168.1.1
Edge:
=======
Edge Profile: C:\Users\musil\AppData\Local\Microsoft\Edge\User Data\Default [2022-11-03]
Edge HKLM-x32\...\Edge\Extension: [odbmjgikedenicicookngdckhkjbebpd]
FireFox:
========
FF DefaultProfile: 8eggo6av.default
FF DefaultProfile: vxzdkdg4.default
FF ProfilePath: C:\Users\musil\AppData\Roaming\Zotero\Zotero\Profiles\8eggo6av.default [2022-11-03]
FF ProfilePath: C:\Users\musil\AppData\Roaming\Mozilla\Firefox\Profiles\vxzdkdg4.default [2022-11-03]
FF Extension: (New tab with poshukach.com search) - C:\Users\musil\AppData\Roaming\Mozilla\Firefox\Profiles\vxzdkdg4.default\Extensions\{5737b515-9d7d-44ca-bbe3-e2e15bec0d4f}.xpi [2022-11-03]
FF ProfilePath: C:\Users\musil\AppData\Roaming\Mozilla\Firefox\Profiles\9ip0k7t9.default-release [2022-11-03]
FF Homepage: Mozilla\Firefox\Profiles\9ip0k7t9.default-release -> hxxps://www.google.com/
FF Session Restore: Mozilla\Firefox\Profiles\9ip0k7t9.default-release -> is enabled.
FF Notifications: Mozilla\Firefox\Profiles\9ip0k7t9.default-release -> hxxps://mail-notification.info; hxxps://zarabotok-online.xyz; hxxps://supertopfreegames.com; hxxps://best-loan-info.com; hxxps://ccleaner-download.xyz; hxxps://pinghauz.xyz; hxxps://s-tracking.xyz; hxxps://mnthor.xyz
FF Extension: (uBlock Origin) - C:\Users\musil\AppData\Roaming\Mozilla\Firefox\Profiles\9ip0k7t9.default-release\Extensions\uBlock0@raymondhill.net.xpi [2022-03-15]
FF Extension: (New tab with poshukach.com search) - C:\Users\musil\AppData\Roaming\Mozilla\Firefox\Profiles\9ip0k7t9.default-release\Extensions\{5737b515-9d7d-44ca-bbe3-e2e15bec0d4f}.xpi [2022-11-03]
FF HKLM-x32\...\Firefox\Extensions: [dpmaxz_ng@jetpack] - c:\Program Files (x86)\HP\HP ProtectTools Security Manager\Bin\BrowserExt\dpchrome => not found
FF Plugin: @videolan.org/vlc,version=3.0.12 -> C:\Program Files\VideoLAN\VLC\npvlc.dll [2021-01-04] (VideoLAN -> VideoLAN)
FF Plugin: Adobe Acrobat -> C:\Program Files\Adobe\Acrobat DC\Acrobat\Air\nppdf32.dll [2022-10-16] (Adobe Inc. -> Adobe Systems Inc.)
Chrome:
=======
CHR Profile: C:\Users\musil\AppData\Local\Google\Chrome\User Data\Default [2022-11-03]
CHR Notifications: Default -> hxxps://jimezdrave.cz; hxxps://meet.google.com; hxxps://www.facebook.com
CHR HomePage: Default -> hxxps://www.seznam.cz/
CHR StartupUrls: Default -> "hxxps://find-it.pro/?utm_source=distr_m"
CHR Session Restore: Default -> is enabled.
CHR Extension: (uBlock Origin) - C:\Users\musil\AppData\Local\Google\Chrome\User Data\Default\Extensions\cjpalhdlnbpafiamejdnhcphjbkeiagm [2022-10-03]
CHR Extension: (Zotero Connector) - C:\Users\musil\AppData\Local\Google\Chrome\User Data\Default\Extensions\ekhagklcjbdpajgpjgmbionohlpdbjgc [2022-11-03]
CHR Extension: (Dokumenty Google offline) - C:\Users\musil\AppData\Local\Google\Chrome\User Data\Default\Extensions\ghbmnnjooekpmoecnnnilnnbdlolhkhi [2022-11-03]
CHR Extension: (Platby Internetového obchodu Chrome) - C:\Users\musil\AppData\Local\Google\Chrome\User Data\Default\Extensions\nmmhkkegccagdldgiimedpiccmgmieda [2021-01-31]
CHR HKLM-x32\...\Chrome\Extension: [caljgklbbfbcjjanaijlacgncafpegll]
CHR HKLM-x32\...\Chrome\Extension: [ccbpbkebodcjkknkfkpmfeciinhidaeh]
==================== Services (Whitelisted) ===================
(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)
R2 AdobeARMservice; C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\armsvc.exe [173040 2022-09-26] (Adobe Inc. -> Adobe Inc.)
R2 DpHost; c:\Program Files\HP\HP ProtectTools Security Manager\Bin\DpHostW.exe [530136 2020-04-11] (DigitalPersona, Inc. -> Crossmatch, Inc.)
R2 FMAPOService; C:\windows\System32\FMService64.exe [350008 2020-12-24] (Microsoft Windows Hardware Compatibility Publisher -> Fortemedia)
R2 HotKeyServiceUWP; C:\windows\System32\DriverStore\FileRepository\hpqkbsoftwarecompnent.inf_amd64_e2143fc8249238dd\HotKeyServiceUWP.exe [1556592 2022-06-14] (HP Inc. -> HP Inc.)
R2 HPAppHelperCap; C:\windows\System32\DriverStore\FileRepository\hpcustomcapcomp.inf_amd64_708a715d015f867d\x64\AppHelperCap.exe [786888 2022-09-28] (HP Inc. -> HP Inc.)
R2 HPDiagsCap; C:\windows\System32\DriverStore\FileRepository\hpcustomcapcomp.inf_amd64_708a715d015f867d\x64\DiagsCap.exe [785888 2022-09-28] (HP Inc. -> HP Inc.)
R2 HPNetworkCap; C:\windows\System32\DriverStore\FileRepository\hpcustomcapcomp.inf_amd64_708a715d015f867d\x64\NetworkCap.exe [782296 2022-09-28] (HP Inc. -> HP Inc.)
R3 hpqcaslwmiex; C:\Program Files (x86)\HP\Shared\hpqwmiex.exe [1149480 2019-04-12] (HP Inc. -> HP)
R2 HPSysInfoCap; C:\windows\System32\DriverStore\FileRepository\hpcustomcapcomp.inf_amd64_708a715d015f867d\x64\SysInfoCap.exe [786376 2022-09-28] (HP Inc. -> HP Inc.)
R2 HpTouchpointAnalyticsService; C:\windows\System32\DriverStore\FileRepository\hpanalyticscomp.inf_amd64_c33d3226824e4250\x64\TouchpointAnalyticsClientService.exe [493664 2022-09-28] (HP Inc. -> HP Inc.)
R2 LanWlanWwanSwitchingServiceUWP; C:\windows\System32\DriverStore\FileRepository\hpqkbsoftwarecompnent.inf_amd64_e2143fc8249238dd\LanWlanWwanSwitchingServiceUWP.exe [602224 2022-06-14] (HP Inc. -> HP Inc.)
R2 MBAMService; C:\Program Files\Malwarebytes\Anti-Malware\MBAMService.exe [8842536 2022-11-03] (Malwarebytes Inc. -> Malwarebytes)
R2 OpenVPNServiceInteractive; C:\Program Files\OpenVPN\bin\openvpnserv.exe [64736 2022-05-31] (OpenVPN Inc. -> The OpenVPN Project)
R2 SecurityUpdateService; C:\Program Files\HP\Security Update Service\4.3.0.1811\SecurityUpdateService.exe [6394328 2021-03-03] (Bromium, Inc. -> HP)
S3 Sense; C:\Program Files\Windows Defender Advanced Threat Protection\MsSense.exe [224192 2022-09-14] (Microsoft Windows Publisher -> Microsoft Corporation)
R2 TeamViewer; C:\Program Files\TeamViewer\TeamViewer_Service.exe [14283048 2021-04-29] (TeamViewer Germany GmbH -> TeamViewer Germany GmbH)
R3 WdNisSvc; C:\ProgramData\Microsoft\Windows Defender\Platform\4.18.2210.4-0\NisSrv.exe [3191224 2022-11-01] (Microsoft Windows Publisher -> Microsoft Corporation)
R2 WinDefend; C:\ProgramData\Microsoft\Windows Defender\Platform\4.18.2210.4-0\MsMpEng.exe [133536 2022-11-01] (Microsoft Windows Publisher -> Microsoft Corporation)
===================== Drivers (Whitelisted) ===================
(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)
R3 amdfendrmgr; C:\windows\System32\drivers\amdfendrmgr.sys [54720 2022-09-01] (Advanced Micro Devices Inc. -> Advanced Micro Devices, Inc.)
R3 amdwddmg; C:\windows\System32\DriverStore\FileRepository\u0382887.inf_amd64_c0c8f96c746954a2\B382882\amdkmdag.sys [94378872 2022-09-01] (Advanced Micro Devices Inc. -> Advanced Micro Devices, Inc.)
R3 HPCustomCapDriver; C:\windows\System32\DriverStore\FileRepository\hpcustomcapdriver.inf_amd64_a955fa431e522f5e\x64\hpcustomcapdriver.sys [25592 2021-09-15] (HP Inc. -> HP Inc.)
R2 MBAMChameleon; C:\windows\System32\Drivers\MbamChameleon.sys [223176 2022-11-03] (Microsoft Windows Hardware Compatibility Publisher -> Malwarebytes)
S0 MbamElam; C:\windows\System32\DRIVERS\MbamElam.sys [21480 2022-11-03] (Microsoft Windows Early Launch Anti-malware Publisher -> Malwarebytes)
R3 MBAMSwissArmy; C:\windows\System32\Drivers\mbamswissarmy.sys [239544 2022-11-03] (Microsoft Windows Hardware Compatibility Publisher -> Malwarebytes)
R3 MpKsleec58ec5; C:\ProgramData\Microsoft\Windows Defender\Definition Updates\{610170DB-C2E9-45E8-B0A6-789DACCDD0A4}\MpKslDrv.sys [228632 2022-11-03] (Microsoft Windows -> Microsoft Corporation)
S3 SynStykFilterHID; C:\windows\System32\drivers\SynTP.sys [810952 2021-09-02] (Synaptics Incorporated -> Synaptics Incorporated)
R3 tap0901; C:\windows\System32\drivers\tap0901.sys [39920 2022-10-13] (Microsoft Windows Hardware Compatibility Publisher -> The OpenVPN Project)
S0 WdBoot; C:\windows\System32\drivers\wd\WdBoot.sys [49616 2022-11-01] (Microsoft Windows Early Launch Anti-malware Publisher -> Microsoft Corporation)
R0 WdFilter; C:\windows\System32\drivers\wd\WdFilter.sys [469280 2022-11-01] (Microsoft Windows -> Microsoft Corporation)
R3 WdNisDrv; C:\windows\System32\drivers\wd\WdNisDrv.sys [95520 2022-11-01] (Microsoft Windows -> Microsoft Corporation)
R3 wintun; C:\windows\System32\drivers\wintun.sys [38176 2022-10-13] (WireGuard LLC -> WireGuard LLC)
R3 WirelessButtonDriver64; C:\windows\System32\drivers\WirelessButtonDriver64.sys [40104 2022-06-17] (HP Inc. -> HP)
S3 ax_pvi; \??\C:\Program Files\HP\Sure Click\bin\ax_pvi.sys [X]
S3 uxen; \??\C:\Program Files\HP\Sure Click\bin\uxen.sys [X]
==================== NetSvcs (Whitelisted) ===================
(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)
==================== One month (created) (Whitelisted) =========
(If an entry is included in the fixlist, the file/folder will be moved.)
2022-11-03 16:33 - 2022-11-03 16:33 - 000000000 ____D C:\FRST
2022-11-03 16:30 - 2022-11-03 16:30 - 000000000 ____D C:\Program Files (x86)\KMS_VL_ALL_AIO
2022-11-03 16:29 - 2022-11-03 16:29 - 000912692 _____ C:\Users\musil\OneDrive\Dokumenty\cc_20221103_162945.reg
2022-11-03 16:28 - 2022-11-03 16:28 - 000003472 _____ C:\windows\system32\Tasks\CCleanerCrashReporting
2022-11-03 16:28 - 2022-11-03 16:28 - 000000760 _____ C:\windows\Tasks\CCleanerCrashReporting.job
2022-11-03 16:25 - 2022-11-03 16:25 - 000223176 _____ (Malwarebytes) C:\windows\system32\Drivers\MbamChameleon.sys
2022-11-03 16:21 - 2022-11-03 16:21 - 000000000 ____D C:\KVRT2020_Data
2022-11-03 16:15 - 2022-11-03 16:16 - 104809024 _____ (AO Kaspersky Lab) C:\Users\musil\Downloads\KVRT.exe
2022-11-03 16:13 - 2022-11-03 16:13 - 000239544 _____ (Malwarebytes) C:\windows\system32\Drivers\mbamswissarmy.sys
2022-11-03 16:13 - 2022-11-03 16:13 - 000158640 _____ (Malwarebytes) C:\windows\system32\Drivers\mbae64.sys
2022-11-03 16:13 - 2022-11-03 16:13 - 000021480 _____ (Malwarebytes) C:\windows\system32\Drivers\MbamElam.sys
2022-11-03 16:13 - 2022-11-03 16:13 - 000002041 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Malwarebytes.lnk
2022-11-03 16:13 - 2022-11-03 16:13 - 000000000 ____D C:\Program Files\Malwarebytes
2022-11-03 16:11 - 2022-11-03 16:11 - 008791352 _____ (Malwarebytes) C:\Users\musil\Downloads\adwcleaner(1).exe
2022-11-03 16:11 - 2022-11-03 16:11 - 002632256 _____ (Malwarebytes) C:\Users\musil\Downloads\MBSetup-37335.37335.exe
2022-11-03 16:07 - 2022-11-03 16:11 - 000000004 _____ C:\ProgramData\rc.dat
2022-11-03 16:06 - 2022-11-03 16:11 - 000000004 _____ C:\ProgramData\lock.dat
2022-11-03 16:06 - 2022-11-03 16:06 - 000000008 _____ C:\ProgramData\ts.dat
2022-11-03 16:06 - 2022-11-03 16:06 - 000000004 _____ C:\ProgramData\lir.bats
2022-11-03 16:01 - 2022-11-03 16:20 - 000000000 __SHD C:\ProgramData\IntelToolSkits
2022-11-03 16:01 - 2022-11-03 16:07 - 000000000 ____D C:\Users\musil\AppData\Local\Opera Software
2022-11-03 16:01 - 2022-11-03 16:01 - 000004210 _____ C:\windows\system32\Tasks\Opera scheduled Autoupdate 1667487658
2022-11-03 16:01 - 2022-11-03 16:01 - 000000000 ____D C:\windows\system32\Tasks\Windows
2022-11-03 16:00 - 2022-11-03 16:20 - 000000000 ____D C:\Users\musil\AppData\Roaming\mfGcAQ4IpMS
2022-11-03 16:00 - 2022-11-03 16:20 - 000000000 ____D C:\Users\musil\AppData\Roaming\L1ZCB1
2022-11-03 16:00 - 2022-11-03 16:20 - 000000000 ____D C:\Users\musil\AppData\Roaming\786UKVsE3
2022-11-03 16:00 - 2022-11-03 16:20 - 000000000 ____D C:\ProgramData\FileOptimizer
2022-11-03 16:00 - 2022-11-03 16:20 - 000000000 ____D C:\ProgramData\DiskOptimizer
2022-11-03 16:00 - 2022-11-03 16:07 - 000000000 ____D C:\Program Files (x86)\PFM Disk Master
2022-11-03 16:00 - 2022-11-03 16:00 - 016873971 _____ C:\Users\musil\OneDrive\Dokumenty\kms_auto-zip
2022-11-03 16:00 - 2022-11-03 16:00 - 000000014 _____ C:\ProgramData\backup.txt
2022-11-03 15:59 - 2022-11-03 16:04 - 000000000 ____D C:\Program Files (x86)\Disk Tools
2022-11-03 15:58 - 2022-11-03 15:58 - 000000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Nástroje Microsoft Office
2022-11-03 15:40 - 2022-11-03 15:40 - 000002464 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Skype for Business.lnk
2022-11-03 15:40 - 2022-11-03 15:40 - 000000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Microsoft Office Tools
2022-11-03 15:39 - 2022-11-03 15:39 - 000000000 ____D C:\Users\musil\AppData\Roaming\Teams
2022-11-03 15:38 - 2022-11-03 15:39 - 000000000 ____D C:\Users\musil\AppData\Local\SquirrelTemp
2022-11-03 15:36 - 2022-11-03 15:36 - 000000000 ____D C:\Users\musil\AppData\Local\Yandex
2022-11-03 15:30 - 2022-11-03 15:59 - 000003206 _____ C:\windows\system32\Tasks\OneDrive Per-Machine Standalone Update Task
2022-11-03 15:30 - 2022-11-03 15:30 - 000000000 ___RD C:\Users\Default\OneDrive
2022-11-03 15:29 - 2022-11-03 16:09 - 000000000 ____D C:\Program Files (x86)\Microsoft OneDrive
2022-11-03 15:27 - 2022-11-03 15:58 - 000002525 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Programs\OneNote.lnk
2022-11-03 15:27 - 2022-11-03 15:58 - 000002519 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Word.lnk
2022-11-03 15:27 - 2022-11-03 15:58 - 000002496 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Programs\PowerPoint.lnk
2022-11-03 15:27 - 2022-11-03 15:58 - 000002491 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Excel.lnk
2022-11-03 15:27 - 2022-11-03 15:58 - 000002452 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Access.lnk
2022-11-03 15:27 - 2022-11-03 15:58 - 000002417 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Outlook.lnk
2022-11-03 15:27 - 2022-11-03 15:58 - 000002413 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Publisher.lnk
2022-11-02 17:51 - 2022-11-03 15:38 - 000000000 ____D C:\Program Files\Mozilla Firefox
2022-10-13 23:55 - 2022-10-13 23:55 - 000012253 _____ C:\windows\system32\DrtmAuthTxt.wim
2022-10-13 23:54 - 2022-10-13 23:54 - 002260480 _____ C:\windows\system32\TextInputMethodFormatter.dll
2022-10-13 23:54 - 2022-10-13 23:54 - 001333760 _____ C:\windows\SysWOW64\TextInputMethodFormatter.dll
2022-10-13 23:54 - 2022-10-13 23:54 - 000288768 _____ C:\windows\system32\Windows.Management.InprocObjects.dll
2022-10-13 23:54 - 2022-10-13 23:54 - 000060928 _____ C:\windows\system32\runexehelper.exe
2022-10-13 23:54 - 2022-10-13 23:54 - 000048640 _____ (Adobe Systems) C:\windows\system32\atmlib.dll
2022-10-13 23:54 - 2022-10-13 23:54 - 000039936 _____ (Adobe Systems) C:\windows\SysWOW64\atmlib.dll
2022-10-13 23:45 - 2022-10-13 23:45 - 000000000 ___HD C:\$WinREAgent
2022-10-13 16:59 - 2022-10-13 16:59 - 000039920 _____ (The OpenVPN Project) C:\windows\system32\Drivers\tap0901.sys
2022-10-13 16:59 - 2022-10-13 16:59 - 000038176 _____ (WireGuard LLC) C:\windows\system32\Drivers\wintun.sys
2022-10-13 16:59 - 2022-10-13 16:59 - 000000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\OpenVPN
2022-10-13 16:59 - 2022-10-13 16:59 - 000000000 ____D C:\Program Files\OpenVPN
2022-10-13 16:53 - 2022-10-13 16:53 - 000000000 ____D C:\Users\musil\OpenVPN
2022-10-13 12:18 - 2022-10-29 19:27 - 000002081 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Adobe Acrobat.lnk
==================== One month (modified) ==================
(If an entry is included in the fixlist, the file/folder will be moved.)
2022-11-03 16:30 - 2020-10-10 16:45 - 001605786 _____ C:\windows\system32\PerfStringBackup.INI
2022-11-03 16:30 - 2020-07-14 05:36 - 000683544 _____ C:\windows\system32\perfh005.dat
2022-11-03 16:30 - 2020-07-14 05:36 - 000137268 _____ C:\windows\system32\perfc005.dat
2022-11-03 16:30 - 2019-12-07 10:13 - 000000000 ____D C:\windows\INF
2022-11-03 16:28 - 2021-10-09 19:13 - 000002250 _____ C:\windows\system32\Tasks\CCleanerSkipUAC - musil
2022-11-03 16:28 - 2021-02-03 09:50 - 000000000 ____D C:\Users\musil\AppData\Local\CrashDumps
2022-11-03 16:28 - 2021-01-31 20:03 - 000003936 _____ C:\windows\system32\Tasks\CCleaner Update
2022-11-03 16:28 - 2021-01-31 20:03 - 000000000 ____D C:\Program Files\CCleaner
2022-11-03 16:25 - 2021-05-21 12:22 - 000000270 __RSH C:\ProgramData\ntuser.pol
2022-11-03 16:25 - 2021-05-09 10:51 - 000000000 ____D C:\Program Files\TeamViewer
2022-11-03 16:25 - 2020-07-14 04:44 - 000008192 ___SH C:\DumpStack.log.tmp
2022-11-03 16:25 - 2020-05-05 21:03 - 000000006 ____H C:\windows\Tasks\SA.DAT
2022-11-03 16:25 - 2019-12-07 10:14 - 000000000 ____D C:\windows\ServiceState
2022-11-03 16:25 - 2019-12-07 10:14 - 000000000 ____D C:\ProgramData\regid.1991-06.com.microsoft
2022-11-03 16:25 - 2019-12-07 10:03 - 000786432 _____ C:\windows\system32\config\BBI
2022-11-03 16:13 - 2021-02-03 13:26 - 000000000 ____D C:\ProgramData\Malwarebytes
2022-11-03 16:13 - 2019-12-07 10:14 - 000000000 ___HD C:\windows\ELAMBKUP
2022-11-03 16:09 - 2021-01-31 19:55 - 000000000 ___RD C:\Users\musil\OneDrive
2022-11-03 16:08 - 2019-12-07 10:14 - 000000000 ____D C:\Program Files\Common Files\microsoft shared
2022-11-03 16:01 - 2019-12-07 10:14 - 000000000 ___HD C:\windows\system32\GroupPolicy
2022-11-03 16:00 - 2021-02-03 12:25 - 000000000 ____D C:\Users\musil\AppData\Roaming\Opera Software
2022-11-03 15:40 - 2021-01-31 20:00 - 000000000 ____D C:\Program Files (x86)\Google
2022-11-03 15:38 - 2021-08-31 15:30 - 000000000 ____D C:\Program Files (x86)\Mozilla Maintenance Service
2022-11-03 15:38 - 2020-10-10 16:38 - 000000000 ____D C:\windows\system32\AMD
2022-11-03 15:27 - 2021-01-31 20:01 - 000000000 ____D C:\Program Files\Google
2022-11-03 15:23 - 2021-07-12 22:46 - 000000000 ____D C:\Users\musil\OneDrive\Dokumenty\Photos
2022-11-03 15:23 - 2019-12-07 10:14 - 000000000 ____D C:\windows\AppReadiness
2022-11-03 15:14 - 2021-08-31 15:30 - 000000000 ____D C:\Users\musil\AppData\LocalLow\Mozilla
2022-11-03 14:58 - 2022-08-27 15:23 - 000000000 ____D C:\Users\musil\Zotero
2022-11-03 14:53 - 2022-08-27 15:22 - 000001169 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Zotero.lnk
2022-11-03 14:53 - 2022-08-27 15:22 - 000000000 ____D C:\Program Files (x86)\Zotero
2022-11-03 14:31 - 2020-05-05 21:03 - 000000000 ____D C:\windows\system32\SleepStudy
2022-11-02 23:33 - 2021-01-31 20:01 - 000002255 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Google Chrome.lnk
2022-11-02 21:59 - 2021-12-12 21:24 - 000003584 _____ C:\windows\system32\Tasks\OneDrive Reporting Task-S-1-5-21-949278216-457431651-1449700313-1001
2022-11-02 20:23 - 2021-11-04 13:30 - 000000000 ____D C:\windows\system32\Tasks\Mozilla
2022-11-02 20:23 - 2021-08-31 15:30 - 000001013 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Firefox.lnk
2022-11-02 17:52 - 2019-12-07 10:14 - 000000000 ___HD C:\Program Files\WindowsApps
2022-11-01 11:40 - 2020-05-05 21:03 - 000000000 ____D C:\windows\system32\Drivers\wd
2022-10-31 10:35 - 2021-01-31 19:54 - 000000000 ____D C:\Users\musil\AppData\Local\AMD
2022-10-31 10:33 - 2020-07-14 04:48 - 000002444 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Microsoft Edge.lnk
2022-10-30 10:53 - 2020-10-10 16:52 - 000165565 _____ C:\windows\diagerr.xml
2022-10-30 10:53 - 2020-10-10 16:52 - 000160023 _____ C:\windows\diagwrn.xml
2022-10-29 22:11 - 2019-12-07 10:03 - 000032768 _____ C:\windows\system32\config\ELAM
2022-10-29 22:09 - 2021-06-05 19:37 - 000000000 ___HD C:\$WINDOWS.~BT
2022-10-29 22:05 - 2020-05-05 22:02 - 000000000 ____D C:\windows\Panther
2022-10-29 19:28 - 2021-02-09 19:52 - 000004562 _____ C:\windows\system32\Tasks\Adobe Acrobat Update Task
2022-10-28 16:58 - 2020-05-05 21:03 - 000571072 _____ C:\windows\system32\FNTCACHE.DAT
2022-10-28 16:57 - 2020-10-11 02:28 - 000000000 ____D C:\Program Files\Windows Defender Advanced Threat Protection
2022-10-28 16:57 - 2019-12-07 10:14 - 000000000 ___RD C:\windows\ImmersiveControlPanel
2022-10-28 16:57 - 2019-12-07 10:14 - 000000000 ____D C:\windows\SysWOW64\Dism
2022-10-28 16:57 - 2019-12-07 10:14 - 000000000 ____D C:\windows\SystemResources
2022-10-28 16:57 - 2019-12-07 10:14 - 000000000 ____D C:\windows\system32\PerceptionSimulation
2022-10-28 16:57 - 2019-12-07 10:14 - 000000000 ____D C:\windows\system32\oobe
2022-10-28 16:57 - 2019-12-07 10:14 - 000000000 ____D C:\windows\system32\Dism
2022-10-28 16:57 - 2019-12-07 10:14 - 000000000 ____D C:\windows\Provisioning
2022-10-28 16:57 - 2019-12-07 10:14 - 000000000 ____D C:\windows\PolicyDefinitions
2022-10-28 16:57 - 2019-12-07 10:14 - 000000000 ____D C:\windows\bcastdvr
2022-10-15 06:58 - 2020-07-14 04:48 - 000003640 _____ C:\windows\system32\Tasks\MicrosoftEdgeUpdateTaskMachineUA
2022-10-15 06:58 - 2020-07-14 04:48 - 000003516 _____ C:\windows\system32\Tasks\MicrosoftEdgeUpdateTaskMachineCore
2022-10-14 00:00 - 2019-12-07 10:03 - 000000000 ____D C:\windows\CbsTemp
2022-10-13 23:59 - 2019-12-07 10:15 - 000208384 _____ (Microsoft Corporation) C:\windows\SysWOW64\msclmd.dll
2022-10-13 23:59 - 2019-12-07 10:14 - 000232448 _____ (Microsoft Corporation) C:\windows\system32\msclmd.dll
2022-10-13 23:54 - 2020-05-05 21:05 - 003015168 _____ (Microsoft Corporation) C:\windows\SysWOW64\PrintConfig.dll
2022-10-13 23:43 - 2021-02-03 09:46 - 000000000 ____D C:\windows\system32\MRT
2022-10-13 23:41 - 2021-02-03 09:46 - 147398024 ____C (Microsoft Corporation) C:\windows\system32\MRT.exe
2022-10-13 16:53 - 2021-01-31 19:47 - 000000000 ____D C:\Users\musil
==================== Files in the root of some directories ========
2022-11-03 16:06 - 2022-11-03 16:11 - 000000004 _____ () c:\ProgramData\lock.dat
2022-11-03 16:07 - 2022-11-03 16:11 - 000000004 _____ () c:\ProgramData\rc.dat
2022-09-05 14:30 - 2022-09-05 14:30 - 001106998 _____ (SQLite Development Team) c:\ProgramData\sqlite3.dll
2022-11-03 16:06 - 2022-11-03 16:06 - 000000008 _____ () c:\ProgramData\ts.dat
==================== FLock ==============================
2022-11-03 16:20 C:\ProgramData\IntelToolSkits
==================== SigCheck ============================
(There is no automatic fix for files that do not pass verification.)
==================== End of FRST.txt ========================
Addition.txt.
Additional scan result of Farbar Recovery Scan Tool (x64) Version: 31-10-2022 02
Ran by musil (03-11-2022 16:35:15)
Running from C:\Users\musil\OneDrive\Plocha
Microsoft Windows 10 Pro Education Version 21H2 19044.2130 (X64) (2021-01-31 16:41:52)
Boot Mode: Normal
==========================================================
==================== Accounts: =============================
(If an entry is included in the fixlist, it will be removed.)
Administrator (S-1-5-21-949278216-457431651-1449700313-500 - Administrator - Disabled)
DefaultAccount (S-1-5-21-949278216-457431651-1449700313-503 - Limited - Disabled)
Guest (S-1-5-21-949278216-457431651-1449700313-501 - Limited - Disabled)
musil (S-1-5-21-949278216-457431651-1449700313-1001 - Administrator - Enabled) => C:\Users\musil
WDAGUtilityAccount (S-1-5-21-949278216-457431651-1449700313-504 - Limited - Disabled)
==================== Security Center ========================
(If an entry is included in the fixlist, it will be removed.)
AV: Windows Defender (Enabled - Up to date) {D68DDC3A-831F-4fae-9E44-DA132C1ACF46}
==================== Installed Programs ======================
(Only the adware programs with "Hidden" flag could be added to the fixlist to unhide them. The adware programs should be uninstalled manually.)
7-Zip 21.00 alpha (x64) (HKLM\...\7-Zip) (Version: 21.00 alpha - Igor Pavlov)
Adobe Acrobat (64-bit) (HKLM\...\{AC76BA86-1029-1033-7760-BC15014EA700}) (Version: 22.003.20263 - Adobe)
Adobe Lightroom Classic (HKLM-x32\...\LTRM_8_3_1) (Version: 8.3.1 - Adobe Systems Incorporated)
Adobe Refresh Manager (HKLM-x32\...\{AC76BA86-0804-1033-1959-018244601032}) (Version: 1.8.0 - Adobe Systems Incorporated) Hidden
AMD GPIO2 Driver (HKLM-x32\...\{E9DD399F-21A3-479E-A7DF-D6CF4B2ADBF3}) (Version: 2.2.0.126 - Advanced Micro Devices, Inc.) Hidden
AMD Chipset Software (HKLM-x32\...\AMD_Chipset_IODrivers) (Version: 2.05.08.216 - Advanced Micro Devices, Inc.)
AMD I2C Driver (HKLM-x32\...\{B31D92D9-2914-46B0-9738-F668A563DE73}) (Version: 1.2.0.102 - Advanced Micro Devices, Inc.) Hidden
AMD MicroPEP Driver (HKLM-x32\...\{C36029EB-19FF-4462-A283-03B41BE9EFA4}) (Version: 1.0.27.0 - Advanced Micro Devices, Inc.) Hidden
AMD PSP Driver (HKLM-x32\...\{988F14B8-79A8-475D-BAC7-83F96AD3D821}) (Version: 4.13.0.0 - Advanced Micro Devices, Inc.) Hidden
AMD SBxxx SMBus Driver Alpha (HKLM-x32\...\{AAE0E27D-C88A-49BA-8715-77ADCD4286A3}) (Version: 5.12.0.38 - Advanced Micro Devices, Inc.) Hidden
AMD Software (HKLM\...\AMD Catalyst Install Manager) (Version: 20.10.21.05 - Advanced Micro Devices, Inc.)
AMD_Chipset_Drivers (HKLM-x32\...\{e36e248d-ed89-4b28-97d1-24d4ae1b647f}) (Version: 2.05.08.216 - Advanced Micro Devices, Inc.) Hidden
CCleaner (HKLM\...\CCleaner) (Version: 6.05 - Piriform)
Google Chrome (HKLM-x32\...\Google Chrome) (Version: 107.0.5304.88 - Google LLC)
HP Client Security Manager (HKLM\...\{31251EAE-6479-43C8-8F69-37CD23E3C3C7}) (Version: 9.5.2.2896 - HP Inc.) Hidden
HP Client Security Manager (HKLM\...\HPProtectTools) (Version: 9.5.2.2896 - HP Inc.)
HP Documentation (HKLM\...\HP_Documentation) (Version: 1.0.0.1 - HP Inc.)
HP Notifications (HKLM-x32\...\{FDBB153D-8F11-4C93-BC0A-9BBF95B26427}) (Version: 1.1.23.1 - HP)
HP Security Update Service (HKLM\...\{F95ACB1A-6CB3-4360-BC16-A5E375B22720}) (Version: 4.3.0.1811 - HP Inc.)
HP Sure Recover (HKLM\...\{EBF9A3F5-C495-4A8D-91BF-7C23C67F72D0}) (Version: 2.4.2.1 - HP Inc.)
HP Sure Run (HKLM\...\{E84148C6-6E8D-40C5-832D-68EB369ACDE1}) (Version: 3.0.3.1 - HP Inc.)
HP System Default Settings (HKLM-x32\...\{0B054492-401C-4028-AAC2-D44BAF5182C5}) (Version: 1.4.15.1 - HP Inc.) Hidden
KMS_VL_ALL_AIO (HKLM-x32\...\{21498B56-B51C-4EB6-8846-0A7A5A62C93F}) (Version: 1.0.0 - KMS_VL_ALL_AIO)
Malwarebytes version 4.5.16.217 (HKLM\...\{35065F43-4BB2-439A-BFF7-0F1014F2E0CD}_is1) (Version: 4.5.16.217 - Malwarebytes)
Microsoft Edge (HKLM-x32\...\Microsoft Edge) (Version: 107.0.1418.26 - Microsoft Corporation)
Microsoft OneDrive (HKLM-x32\...\OneDriveSetup.exe) (Version: 21.030.0211.0002 - Microsoft Corporation)
Microsoft OneDrive (HKU\.DEFAULT\...\OneDriveSetup.exe) (Version: 18.151.0729.0013 - Microsoft Corporation)
Microsoft Visual C++ 2005 Redistributable (HKLM-x32\...\{710f4c1c-cc18-4c49-8cbf-51240c89a1a2}) (Version: 8.0.61001 - Microsoft Corporation)
Microsoft Visual C++ 2005 Redistributable (x64) (HKLM\...\{071c9b48-7c32-4621-a0ac-3f809523288f}) (Version: 8.0.56336 - Microsoft Corporation)
Microsoft Visual C++ 2005 Redistributable (x64) (HKLM\...\{ad8a2fa1-06e7-4b0d-927d-6e54b3d31028}) (Version: 8.0.61000 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x64 9.0.30729.17 (HKLM\...\{8220EEFE-38CD-377E-8595-13398D740ACE}) (Version: 9.0.30729 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x64 9.0.30729.6161 (HKLM\...\{5FCE6D76-F5DC-37AB-B2B8-22AB8CEDB1D4}) (Version: 9.0.30729.6161 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.17 (HKLM-x32\...\{9A25302D-30C0-39D9-BD6F-21E6EC160475}) (Version: 9.0.30729 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.6161 (HKLM-x32\...\{9BE518E6-ECC6-35A9-88E4-87755C07200F}) (Version: 9.0.30729.6161 - Microsoft Corporation)
Microsoft Visual C++ 2010 x64 Redistributable - 10.0.40219 (HKLM\...\{1D8E6291-B0D5-35EC-8441-6616F567A0F7}) (Version: 10.0.40219 - Microsoft Corporation)
Microsoft Visual C++ 2010 x86 Redistributable - 10.0.40219 (HKLM-x32\...\{F0C3E5D1-1ADE-321E-8167-68EF0DE699A5}) (Version: 10.0.40219 - Microsoft Corporation)
Microsoft Visual C++ 2012 Redistributable (x64) - 11.0.61030 (HKLM-x32\...\{ca67548a-5ebe-413a-b50c-4b9ceb6d66c6}) (Version: 11.0.61030.0 - Microsoft Corporation)
Microsoft Visual C++ 2012 Redistributable (x86) - 11.0.61030 (HKLM-x32\...\{33d1fd90-4274-48a1-9bc1-97e33d9c2d6f}) (Version: 11.0.61030.0 - Microsoft Corporation)
Microsoft Visual C++ 2012 x64 Additional Runtime - 11.0.61030 (HKLM\...\{37B8F9C7-03FB-3253-8781-2517C99D7C00}) (Version: 11.0.61030 - Microsoft Corporation) Hidden
Microsoft Visual C++ 2012 x64 Minimum Runtime - 11.0.61030 (HKLM\...\{CF2BEA3C-26EA-32F8-AA9B-331F7E34BA97}) (Version: 11.0.61030 - Microsoft Corporation) Hidden
Microsoft Visual C++ 2012 x86 Additional Runtime - 11.0.61030 (HKLM-x32\...\{B175520C-86A2-35A7-8619-86DC379688B9}) (Version: 11.0.61030 - Microsoft Corporation) Hidden
Microsoft Visual C++ 2012 x86 Minimum Runtime - 11.0.61030 (HKLM-x32\...\{BD95A8CD-1D9F-35AD-981A-3E7925026EBB}) (Version: 11.0.61030 - Microsoft Corporation) Hidden
Microsoft Visual C++ 2013 Redistributable (x64) - 12.0.40660 (HKLM-x32\...\{ef6b00ec-13e1-4c25-9064-b2f383cb8412}) (Version: 12.0.40660.0 - Microsoft Corporation)
Microsoft Visual C++ 2013 Redistributable (x86) - 12.0.40660 (HKLM-x32\...\{61087a79-ac85-455c-934d-1fa22cc64f36}) (Version: 12.0.40660.0 - Microsoft Corporation)
Microsoft Visual C++ 2013 x64 Additional Runtime - 12.0.40660 (HKLM\...\{5740BD44-B58D-321A-AFC0-6D3D4556DD6C}) (Version: 12.0.40660 - Microsoft Corporation) Hidden
Microsoft Visual C++ 2013 x64 Minimum Runtime - 12.0.40660 (HKLM\...\{CB0836EC-B072-368D-82B2-D3470BF95707}) (Version: 12.0.40660 - Microsoft Corporation) Hidden
Microsoft Visual C++ 2013 x86 Additional Runtime - 12.0.40660 (HKLM-x32\...\{7DAD0258-515C-3DD4-8964-BD714199E0F7}) (Version: 12.0.40660 - Microsoft Corporation) Hidden
Microsoft Visual C++ 2013 x86 Minimum Runtime - 12.0.40660 (HKLM-x32\...\{E30D8B21-D82D-3211-82CC-0F0A5D1495E8}) (Version: 12.0.40660 - Microsoft Corporation) Hidden
Microsoft Visual C++ 2017 Redistributable (x64) - 14.15.26706 (HKLM-x32\...\{95ac1cfa-f4fb-4d1b-8912-7f9d5fbb140d}) (Version: 14.15.26706.0 - Microsoft Corporation)
Microsoft Visual C++ 2017 Redistributable (x86) - 14.15.26706 (HKLM-x32\...\{7e9fae12-5bbf-47fb-b944-09c49e75c061}) (Version: 14.15.26706.0 - Microsoft Corporation)
Microsoft Visual C++ 2017 x64 Additional Runtime - 14.15.26706 (HKLM\...\{F106B700-BFF8-3065-B305-14D36AD40539}) (Version: 14.15.26706 - Microsoft Corporation) Hidden
Microsoft Visual C++ 2017 x64 Minimum Runtime - 14.15.26706 (HKLM\...\{C77195A4-CEB8-38EE-BDD6-C46CB459EF6E}) (Version: 14.15.26706 - Microsoft Corporation) Hidden
Microsoft Visual C++ 2017 x86 Additional Runtime - 14.15.26706 (HKLM-x32\...\{2757496A-3E74-320A-B007-36120A9F126D}) (Version: 14.15.26706 - Microsoft Corporation) Hidden
Microsoft Visual C++ 2017 x86 Minimum Runtime - 14.15.26706 (HKLM-x32\...\{39E15475-23F2-345D-8977-B5DC47A94E26}) (Version: 14.15.26706 - Microsoft Corporation) Hidden
Mozilla Firefox (x64 cs) (HKLM\...\Mozilla Firefox 106.0.2 (x64 cs)) (Version: 106.0.2 - Mozilla)
Mozilla Maintenance Service (HKLM\...\MozillaMaintenanceService) (Version: 91.0.2 - Mozilla)
OpenVPN 2.5.7-I602 amd64 (HKLM\...\{C57B257B-3D92-4AC0-8FE8-7D6FF81AEF73}) (Version: 2.5.036 - OpenVPN, Inc.)
Pomocník s instalací Windows 11 (HKLM-x32\...\{115DF11E-4B4C-4EA9-9A79-00DB0C7EF02D}) (Version: 1.4.19041.1401 - Microsoft Corporation)
Realtek USB Audio (HKLM-x32\...\{0A46A65D-89AC-464C-8026-3CD44960BD04}) (Version: 6.3.9600.250 - Realtek Semiconductor Corp.)
SoftMaker FreeOffice 2018 (HKLM-x32\...\{02B0F09C-4910-4F32-BB8A-F22606E9E320}) (Version: 1.0.4910 - SoftMaker Software GmbH)
TeamViewer (HKLM\...\TeamViewer) (Version: 15.17.7 - TeamViewer)
Uninstall Samsung Printer Software (HKLM-x32\...\TotalUninstaller) (Version: 4.0.0.93 - Samsung Electronics CO., LTD.)
VLC media player (HKLM\...\VLC media player) (Version: 3.0.12 - VideoLAN)
Zoom (HKU\S-1-5-21-949278216-457431651-1449700313-1001\...\ZoomUMX) (Version: 5.8.0 (1324) - Zoom Video Communications, Inc.)
Zotero (HKLM-x32\...\Zotero 6.0.16 (x86 en-US)) (Version: 6.0.16 - Corporation for Digital Scholarship)
Packages:
=========
AMD Radeon Software -> C:\Program Files\WindowsApps\AdvancedMicroDevicesInc-2.AMDRadeonSoftware_10.21.30024.0_x64__0a9344xs7nr4m [2022-04-10] (Advanced Micro Devices Inc.) [Startup Task]
Doplněk multimediálního modulu pro aplikaci Fotografie -> C:\Program Files\WindowsApps\Microsoft.Photos.MediaEngineDLC_1.0.0.0_x64__8wekyb3d8bbwe [2021-09-11] (Microsoft Corporation)
HP Audio Control -> C:\Program Files\WindowsApps\RealtekSemiconductorCorp.HPAudioControl_2.36.273.0_x64__dt26b99r8h8gj [2022-08-10] (Realtek Semiconductor Corp)
HP JumpStarts -> C:\Program Files\WindowsApps\AD2F1837.HPJumpStarts_1.10.1627.0_x64__v10z8vjag6ke6 [2022-08-15] (HP Inc.)
HP PC Hardware Diagnostics Windows -> C:\Program Files\WindowsApps\AD2F1837.HPPCHardwareDiagnosticsWindows_1.8.3.0_x64__v10z8vjag6ke6 [2022-10-13] (HP Inc.)
HP Privacy Settings -> C:\Program Files\WindowsApps\AD2F1837.HPPrivacySettings_1.1.54.0_x64__v10z8vjag6ke6 [2022-10-24] (HP Inc.)
HP Programmable Key -> C:\Program Files\WindowsApps\AD2F1837.HPProgrammableKey_1.0.17.0_x64__v10z8vjag6ke6 [2022-08-15] (HP Inc.)
HP System Information -> C:\Program Files\WindowsApps\AD2F1837.HPSystemInformation_8.10.29.0_x64__v10z8vjag6ke6 [2022-03-25] (HP Inc.)
Microsoft Advertising SDK for XAML -> C:\Program Files\WindowsApps\Microsoft.Advertising.Xaml_10.1811.1.0_x64__8wekyb3d8bbwe [2021-02-01] (Microsoft Corporation) [MS Ad]
Microsoft Advertising SDK for XAML -> C:\Program Files\WindowsApps\Microsoft.Advertising.Xaml_10.1811.1.0_x86__8wekyb3d8bbwe [2021-02-01] (Microsoft Corporation) [MS Ad]
Samsung Printer Experience -> C:\Program Files\WindowsApps\SAMSUNGELECTRONICSCO.LTD.SamsungPrinterExperience_1.3.15.0_x64__3c1yjt4zspk6g [2021-08-03] (Samsung Electronics Co. Ltd.)
Synaptics PointStick Settings Manager – Commercial -> C:\Program Files\WindowsApps\SynapticsIncorporated.SynHPCommercialStykDApp_19006.1005.0.0_x64__807d65c4rvak2 [2020-10-10] (Synaptics Incorporated)
==================== Custom CLSID (Whitelisted): ==============
(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)
CustomCLSID: HKU\S-1-5-21-949278216-457431651-1449700313-1001_Classes\CLSID\{47E6DCAF-41F8-441C-BD0E-A50D5FE6C4D1}\localserver32 -> "C:\Users\musil\AppData\Local\Microsoft\OneDrive\22.212.1009.0004\Microsoft.SharePoint.exe" => No File
CustomCLSID: HKU\S-1-5-21-949278216-457431651-1449700313-1001_Classes\CLSID\{81843de1-cd70-4c5e-bdb6-316862e1d82f}\localserver32 -> hp-sure-sense: => No File
CustomCLSID: HKU\S-1-5-21-949278216-457431651-1449700313-1001_Classes\CLSID\{917E8742-AA3B-7318-FA12-10485FB322A2}\localserver32 -> "C:\Users\musil\AppData\Local\Microsoft\OneDrive\22.212.1009.0004\Microsoft.SharePoint.exe" => No File
ContextMenuHandlers1: [7-Zip] -> {23170F69-40C1-278A-1000-000100020000} => C:\Program Files\7-Zip\7-zip.dll [2021-01-19] (Igor Pavlov) [File not signed]
ContextMenuHandlers3: [MBAMShlExt] -> {57CE581A-0CB6-4266-9CA0-19364C90A0B3} => C:\Program Files\Malwarebytes\Anti-Malware\mbshlext.dll [2022-11-03] (Malwarebytes Inc. -> Malwarebytes)
ContextMenuHandlers4: [7-Zip] -> {23170F69-40C1-278A-1000-000100020000} => C:\Program Files\7-Zip\7-zip.dll [2021-01-19] (Igor Pavlov) [File not signed]
ContextMenuHandlers5: [ACE] -> {5E2121EE-0300-11D4-8D3B-444553540000} => -> No File
ContextMenuHandlers6: [7-Zip] -> {23170F69-40C1-278A-1000-000100020000} => C:\Program Files\7-Zip\7-zip.dll [2021-01-19] (Igor Pavlov) [File not signed]
ContextMenuHandlers6: [MBAMShlExt] -> {57CE581A-0CB6-4266-9CA0-19364C90A0B3} => C:\Program Files\Malwarebytes\Anti-Malware\mbshlext.dll [2022-11-03] (Malwarebytes Inc. -> Malwarebytes)
ContextMenuHandlers1_.DEFAULT: [ FileSyncEx] -> {CB3D0F55-BC2C-4C1A-85ED-23ED75B5106B} => -> No File
ContextMenuHandlers4_.DEFAULT: [ FileSyncEx] -> {CB3D0F55-BC2C-4C1A-85ED-23ED75B5106B} => -> No File
ContextMenuHandlers5_.DEFAULT: [ FileSyncEx] -> {CB3D0F55-BC2C-4C1A-85ED-23ED75B5106B} => -> No File
==================== Codecs (Whitelisted) ====================
==================== Shortcuts & WMI ========================
==================== Loaded Modules (Whitelisted) =============
2022-04-10 18:28 - 2022-04-10 18:28 - 000438784 _____ () [File not signed] C:\Program Files\WindowsApps\AdvancedMicroDevicesInc-2.AMDRadeonSoftware_10.21.30024.0_x64__0a9344xs7nr4m\radeonsoftware\amdlinkremoteserver.dll
2022-04-10 18:28 - 2022-04-10 18:28 - 000017920 _____ () [File not signed] C:\Program Files\WindowsApps\AdvancedMicroDevicesInc-2.AMDRadeonSoftware_10.21.30024.0_x64__0a9344xs7nr4m\radeonsoftware\libEGL.dll
2022-04-10 18:28 - 2022-04-10 18:28 - 003567616 _____ () [File not signed] C:\Program Files\WindowsApps\AdvancedMicroDevicesInc-2.AMDRadeonSoftware_10.21.30024.0_x64__0a9344xs7nr4m\radeonsoftware\libGLESv2.dll
2022-04-10 18:28 - 2022-04-10 18:29 - 000258560 _____ () [File not signed] C:\Program Files\WindowsApps\AdvancedMicroDevicesInc-2.AMDRadeonSoftware_10.21.30024.0_x64__0a9344xs7nr4m\radeonsoftware\WirelessVR-windesktop64.dll
2020-04-11 00:27 - 2020-04-11 00:27 - 000382464 _____ (Crossmatch, Inc.) [File not signed] c:\Program Files\HP\HP ProtectTools Security Manager\Bin\DPCPFelica.dll
2020-04-11 00:27 - 2020-04-11 00:27 - 000338432 _____ (Crossmatch, Inc.) [File not signed] c:\Program Files\HP\HP ProtectTools Security Manager\Bin\DPDevice2.dll
2020-04-11 00:27 - 2020-04-11 00:27 - 000456192 _____ (Crossmatch, Inc.) [File not signed] c:\Program Files\HP\HP ProtectTools Security Manager\Bin\DPDevice5.dll
2021-01-31 20:06 - 2021-01-19 16:00 - 000077312 _____ (Igor Pavlov) [File not signed] C:\Program Files\7-Zip\7-zip.dll
2022-04-10 18:28 - 2022-04-10 18:28 - 004396032 _____ (Microsoft Corporation) [File not signed] C:\Program Files\WindowsApps\AdvancedMicroDevicesInc-2.AMDRadeonSoftware_10.21.30024.0_x64__0a9344xs7nr4m\radeonsoftware\D3DCompiler_47.dll
2022-04-10 18:28 - 2022-04-10 18:29 - 000031744 _____ (The Qt Company Ltd.) [File not signed] C:\Program Files\WindowsApps\AdvancedMicroDevicesInc-2.AMDRadeonSoftware_10.21.30024.0_x64__0a9344xs7nr4m\radeonsoftware\plugins\imageformats\qgif.dll
2022-04-10 18:28 - 2022-04-10 18:29 - 000039424 _____ (The Qt Company Ltd.) [File not signed] C:\Program Files\WindowsApps\AdvancedMicroDevicesInc-2.AMDRadeonSoftware_10.21.30024.0_x64__0a9344xs7nr4m\radeonsoftware\plugins\imageformats\qicns.dll
2022-04-10 18:28 - 2022-04-10 18:29 - 000031232 _____ (The Qt Company Ltd.) [File not signed] C:\Program Files\WindowsApps\AdvancedMicroDevicesInc-2.AMDRadeonSoftware_10.21.30024.0_x64__0a9344xs7nr4m\radeonsoftware\plugins\imageformats\qico.dll
2022-04-10 18:28 - 2022-04-10 18:29 - 000415232 _____ (The Qt Company Ltd.) [File not signed] C:\Program Files\WindowsApps\AdvancedMicroDevicesInc-2.AMDRadeonSoftware_10.21.30024.0_x64__0a9344xs7nr4m\radeonsoftware\plugins\imageformats\qjpeg.dll
2022-04-10 18:28 - 2022-04-10 18:29 - 000025088 _____ (The Qt Company Ltd.) [File not signed] C:\Program Files\WindowsApps\AdvancedMicroDevicesInc-2.AMDRadeonSoftware_10.21.30024.0_x64__0a9344xs7nr4m\radeonsoftware\plugins\imageformats\qsvg.dll
2022-04-10 18:28 - 2022-04-10 18:29 - 000025088 _____ (The Qt Company Ltd.) [File not signed] C:\Program Files\WindowsApps\AdvancedMicroDevicesInc-2.AMDRadeonSoftware_10.21.30024.0_x64__0a9344xs7nr4m\radeonsoftware\plugins\imageformats\qtga.dll
2022-04-10 18:28 - 2022-04-10 18:29 - 000023552 _____ (The Qt Company Ltd.) [File not signed] C:\Program Files\WindowsApps\AdvancedMicroDevicesInc-2.AMDRadeonSoftware_10.21.30024.0_x64__0a9344xs7nr4m\radeonsoftware\plugins\imageformats\qwbmp.dll
2022-04-10 18:28 - 2022-04-10 18:29 - 000532992 _____ (The Qt Company Ltd.) [File not signed] C:\Program Files\WindowsApps\AdvancedMicroDevicesInc-2.AMDRadeonSoftware_10.21.30024.0_x64__0a9344xs7nr4m\radeonsoftware\plugins\imageformats\qwebp.dll
2022-04-10 18:28 - 2022-04-10 18:29 - 001455104 _____ (The Qt Company Ltd.) [File not signed] C:\Program Files\WindowsApps\AdvancedMicroDevicesInc-2.AMDRadeonSoftware_10.21.30024.0_x64__0a9344xs7nr4m\radeonsoftware\plugins\platforms\qwindows.dll
2022-04-10 18:28 - 2022-04-10 18:29 - 001227776 _____ (The Qt Company Ltd.) [File not signed] C:\Program Files\WindowsApps\AdvancedMicroDevicesInc-2.AMDRadeonSoftware_10.21.30024.0_x64__0a9344xs7nr4m\radeonsoftware\plugins\sqldrivers\qsqlite.dll
2022-04-10 18:28 - 2022-04-10 18:29 - 000135680 _____ (The Qt Company Ltd.) [File not signed] C:\Program Files\WindowsApps\AdvancedMicroDevicesInc-2.AMDRadeonSoftware_10.21.30024.0_x64__0a9344xs7nr4m\radeonsoftware\plugins\styles\qwindowsvistastyle.dll
2022-04-10 18:28 - 2022-04-10 18:29 - 006270976 _____ (The Qt Company Ltd.) [File not signed] C:\Program Files\WindowsApps\AdvancedMicroDevicesInc-2.AMDRadeonSoftware_10.21.30024.0_x64__0a9344xs7nr4m\radeonsoftware\Qt5Core.dll
2022-04-10 18:28 - 2022-04-10 18:29 - 006947328 _____ (The Qt Company Ltd.) [File not signed] C:\Program Files\WindowsApps\AdvancedMicroDevicesInc-2.AMDRadeonSoftware_10.21.30024.0_x64__0a9344xs7nr4m\radeonsoftware\Qt5Gui.dll
2022-04-10 18:28 - 2022-04-10 18:29 - 000740352 _____ (The Qt Company Ltd.) [File not signed] C:\Program Files\WindowsApps\AdvancedMicroDevicesInc-2.AMDRadeonSoftware_10.21.30024.0_x64__0a9344xs7nr4m\radeonsoftware\Qt5Multimedia.dll
2022-04-10 18:28 - 2022-04-10 18:29 - 000123392 _____ (The Qt Company Ltd.) [File not signed] C:\Program Files\WindowsApps\AdvancedMicroDevicesInc-2.AMDRadeonSoftware_10.21.30024.0_x64__0a9344xs7nr4m\radeonsoftware\Qt5MultimediaQuick.dll
2022-04-10 18:28 - 2022-04-10 18:29 - 001110528 _____ (The Qt Company Ltd.) [File not signed] C:\Program Files\WindowsApps\AdvancedMicroDevicesInc-2.AMDRadeonSoftware_10.21.30024.0_x64__0a9344xs7nr4m\radeonsoftware\Qt5Network.dll
2022-04-10 18:28 - 2022-04-10 18:29 - 000326656 _____ (The Qt Company Ltd.) [File not signed] C:\Program Files\WindowsApps\AdvancedMicroDevicesInc-2.AMDRadeonSoftware_10.21.30024.0_x64__0a9344xs7nr4m\radeonsoftware\Qt5Positioning.dll
2022-04-10 18:28 - 2022-04-10 18:29 - 003798528 _____ (The Qt Company Ltd.) [File not signed] C:\Program Files\WindowsApps\AdvancedMicroDevicesInc-2.AMDRadeonSoftware_10.21.30024.0_x64__0a9344xs7nr4m\radeonsoftware\Qt5Qml.dll
2022-04-10 18:28 - 2022-04-10 18:29 - 000440832 _____ (The Qt Company Ltd.) [File not signed] C:\Program Files\WindowsApps\AdvancedMicroDevicesInc-2.AMDRadeonSoftware_10.21.30024.0_x64__0a9344xs7nr4m\radeonsoftware\Qt5QmlModels.dll
2022-04-10 18:28 - 2022-04-10 18:29 - 000054784 _____ (The Qt Company Ltd.) [File not signed] C:\Program Files\WindowsApps\AdvancedMicroDevicesInc-2.AMDRadeonSoftware_10.21.30024.0_x64__0a9344xs7nr4m\radeonsoftware\Qt5QmlWorkerScript.dll
2022-04-10 18:28 - 2022-04-10 18:29 - 004255744 _____ (The Qt Company Ltd.) [File not signed] C:\Program Files\WindowsApps\AdvancedMicroDevicesInc-2.AMDRadeonSoftware_10.21.30024.0_x64__0a9344xs7nr4m\radeonsoftware\Qt5Quick.dll
2022-04-10 18:28 - 2022-04-10 18:29 - 000171520 _____ (The Qt Company Ltd.) [File not signed] C:\Program Files\WindowsApps\AdvancedMicroDevicesInc-2.AMDRadeonSoftware_10.21.30024.0_x64__0a9344xs7nr4m\radeonsoftware\Qt5QuickControls2.dll
2022-04-10 18:28 - 2022-04-10 18:29 - 001128448 _____ (The Qt Company Ltd.) [File not signed] C:\Program Files\WindowsApps\AdvancedMicroDevicesInc-2.AMDRadeonSoftware_10.21.30024.0_x64__0a9344xs7nr4m\radeonsoftware\Qt5QuickTemplates2.dll
2022-04-10 18:28 - 2022-04-10 18:29 - 000206336 _____ (The Qt Company Ltd.) [File not signed] C:\Program Files\WindowsApps\AdvancedMicroDevicesInc-2.AMDRadeonSoftware_10.21.30024.0_x64__0a9344xs7nr4m\radeonsoftware\Qt5Sql.dll
2022-04-10 18:28 - 2022-04-10 18:29 - 000334336 _____ (The Qt Company Ltd.) [File not signed] C:\Program Files\WindowsApps\AdvancedMicroDevicesInc-2.AMDRadeonSoftware_10.21.30024.0_x64__0a9344xs7nr4m\radeonsoftware\Qt5Svg.dll
2022-04-10 18:28 - 2022-04-10 18:29 - 000396800 _____ (The Qt Company Ltd.) [File not signed] C:\Program Files\WindowsApps\AdvancedMicroDevicesInc-2.AMDRadeonSoftware_10.21.30024.0_x64__0a9344xs7nr4m\radeonsoftware\Qt5WebEngine.dll
2022-04-10 18:28 - 2022-04-10 18:29 - 102854656 _____ (The Qt Company Ltd.) [File not signed] C:\Program Files\WindowsApps\AdvancedMicroDevicesInc-2.AMDRadeonSoftware_10.21.30024.0_x64__0a9344xs7nr4m\radeonsoftware\Qt5WebEngineCore.dll
2022-04-10 18:28 - 2022-04-10 18:29 - 000133120 _____ (The Qt Company Ltd.) [File not signed] C:\Program Files\WindowsApps\AdvancedMicroDevicesInc-2.AMDRadeonSoftware_10.21.30024.0_x64__0a9344xs7nr4m\radeonsoftware\Qt5WebChannel.dll
2022-04-10 18:28 - 2022-04-10 18:29 - 005611008 _____ (The Qt Company Ltd.) [File not signed] C:\Program Files\WindowsApps\AdvancedMicroDevicesInc-2.AMDRadeonSoftware_10.21.30024.0_x64__0a9344xs7nr4m\radeonsoftware\Qt5Widgets.dll
2022-04-10 18:28 - 2022-04-10 18:29 - 000463360 _____ (The Qt Company Ltd.) [File not signed] C:\Program Files\WindowsApps\AdvancedMicroDevicesInc-2.AMDRadeonSoftware_10.21.30024.0_x64__0a9344xs7nr4m\radeonsoftware\Qt5WinExtras.dll
2022-04-10 18:28 - 2022-04-10 18:29 - 000210432 _____ (The Qt Company Ltd.) [File not signed] C:\Program Files\WindowsApps\AdvancedMicroDevicesInc-2.AMDRadeonSoftware_10.21.30024.0_x64__0a9344xs7nr4m\radeonsoftware\Qt5Xml.dll
2022-04-10 18:28 - 2022-04-10 18:29 - 002877440 _____ (The Qt Company Ltd.) [File not signed] C:\Program Files\WindowsApps\AdvancedMicroDevicesInc-2.AMDRadeonSoftware_10.21.30024.0_x64__0a9344xs7nr4m\radeonsoftware\Qt5XmlPatterns.dll
2022-04-10 18:28 - 2022-04-10 18:29 - 000056832 _____ (The Qt Company Ltd.) [File not signed] C:\Program Files\WindowsApps\AdvancedMicroDevicesInc-2.AMDRadeonSoftware_10.21.30024.0_x64__0a9344xs7nr4m\radeonsoftware\QtGraphicalEffects\private\qtgraphicaleffectsprivate.dll
2022-04-10 18:28 - 2022-04-10 18:29 - 000059392 _____ (The Qt Company Ltd.) [File not signed] C:\Program Files\WindowsApps\AdvancedMicroDevicesInc-2.AMDRadeonSoftware_10.21.30024.0_x64__0a9344xs7nr4m\radeonsoftware\QtGraphicalEffects\qtgraphicaleffectsplugin.dll
2022-04-10 18:28 - 2022-04-10 18:29 - 000267776 _____ (The Qt Company Ltd.) [File not signed] C:\Program Files\WindowsApps\AdvancedMicroDevicesInc-2.AMDRadeonSoftware_10.21.30024.0_x64__0a9344xs7nr4m\radeonsoftware\QtMultimedia\declarative_multimedia.dll
2022-04-10 18:28 - 2022-04-10 18:29 - 000017408 _____ (The Qt Company Ltd.) [File not signed] C:\Program Files\WindowsApps\AdvancedMicroDevicesInc-2.AMDRadeonSoftware_10.21.30024.0_x64__0a9344xs7nr4m\radeonsoftware\QtQml\qmlplugin.dll
2022-04-10 18:28 - 2022-04-10 18:29 - 000017920 _____ (The Qt Company Ltd.) [File not signed] C:\Program Files\WindowsApps\AdvancedMicroDevicesInc-2.AMDRadeonSoftware_10.21.30024.0_x64__0a9344xs7nr4m\radeonsoftware\QtQuick.2\qtquick2plugin.dll
2022-04-10 18:28 - 2022-04-10 18:29 - 000290816 _____ (The Qt Company Ltd.) [File not signed] C:\Program Files\WindowsApps\AdvancedMicroDevicesInc-2.AMDRadeonSoftware_10.21.30024.0_x64__0a9344xs7nr4m\radeonsoftware\QtQuick\Controls.2\qtquickcontrols2plugin.dll
2022-04-10 18:28 - 2022-04-10 18:29 - 000336896 _____ (The Qt Company Ltd.) [File not signed] C:\Program Files\WindowsApps\AdvancedMicroDevicesInc-2.AMDRadeonSoftware_10.21.30024.0_x64__0a9344xs7nr4m\radeonsoftware\QtQuick\Controls\qtquickcontrolsplugin.dll
2022-04-10 18:28 - 2022-04-10 18:29 - 000134144 _____ (The Qt Company Ltd.) [File not signed] C:\Program Files\WindowsApps\AdvancedMicroDevicesInc-2.AMDRadeonSoftware_10.21.30024.0_x64__0a9344xs7nr4m\radeonsoftware\QtQuick\Dialogs\dialogplugin.dll
2022-04-10 18:28 - 2022-04-10 18:29 - 000106496 _____ (The Qt Company Ltd.) [File not signed] C:\Program Files\WindowsApps\AdvancedMicroDevicesInc-2.AMDRadeonSoftware_10.21.30024.0_x64__0a9344xs7nr4m\radeonsoftware\QtQuick\Layouts\qquicklayoutsplugin.dll
2022-04-10 18:28 - 2022-04-10 18:29 - 000325120 _____ (The Qt Company Ltd.) [File not signed] C:\Program Files\WindowsApps\AdvancedMicroDevicesInc-2.AMDRadeonSoftware_10.21.30024.0_x64__0a9344xs7nr4m\radeonsoftware\QtQuick\Templates.2\qtquicktemplates2plugin.dll
2022-04-10 18:28 - 2022-04-10 18:29 - 000045568 _____ (The Qt Company Ltd.) [File not signed] C:\Program Files\WindowsApps\AdvancedMicroDevicesInc-2.AMDRadeonSoftware_10.21.30024.0_x64__0a9344xs7nr4m\radeonsoftware\QtQuick\Window.2\windowplugin.dll
2022-04-10 18:28 - 2022-04-10 18:29 - 000093184 _____ (The Qt Company Ltd.) [File not signed] C:\Program Files\WindowsApps\AdvancedMicroDevicesInc-2.AMDRadeonSoftware_10.21.30024.0_x64__0a9344xs7nr4m\radeonsoftware\QtWebEngine\qtwebengineplugin.dll
==================== Alternate Data Streams (Whitelisted) ========
==================== Safe Mode (Whitelisted) ==================
(If an entry is included in the fixlist, it will be removed from the registry. The "AlternateShell" will be restored.)
HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\MBAMService => ""="Service"
HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Network\MBAMService => ""="Service"
==================== Association (Whitelisted) =================
==================== Internet Explorer (Whitelisted) ==========
SearchScopes: HKLM-x32 -> DefaultScope {0633EE93-D776-472f-A0FF-E1416B8B2E3A} URL =
==================== Hosts content: =========================
(If needed Hosts: directive could be included in the fixlist to reset Hosts.)
2019-12-07 10:14 - 2019-12-07 10:12 - 000000824 _____ C:\windows\system32\drivers\etc\hosts
==================== Other Areas ===========================
(Currently there is no automatic fix for this section.)
HKU\S-1-5-21-949278216-457431651-1449700313-1001\Control Panel\Desktop\\Wallpaper -> C:\Users\musil\AppData\Local\Packages\Microsoft.Windows.Photos_8wekyb3d8bbwe\LocalState\PhotosAppBackground\paul-gilmore-6HmilN41EDc-unsplash.jpg
DNS Servers: 192.168.1.1
HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Policies\System => (ConsentPromptBehaviorAdmin: 5) (ConsentPromptBehaviorUser: 3) (EnableLUA: 1)
HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer => (SmartScreenEnabled: )
Windows Firewall is enabled.
==================== MSCONFIG/TASK MANAGER disabled items ==
(If an entry is included in the fixlist, it will be removed.)
HKLM\...\StartupApproved\Run32: => "AdobeAAMUpdater-1.0"
HKU\S-1-5-21-949278216-457431651-1449700313-1001\...\StartupApproved\Run: => "CCleaner Smart Cleaning"
==================== FirewallRules (Whitelisted) ================
(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)
FirewallRules: [{3D088DC9-AB35-440E-9B76-C3D743E2313B}] => (Allow) C:\Program Files\TeamViewer\TeamViewer.exe (TeamViewer Germany GmbH -> TeamViewer Germany GmbH)
FirewallRules: [{D037FDCD-CF98-4CB5-B500-91AD0F1BD9FD}] => (Allow) C:\Program Files\TeamViewer\TeamViewer.exe (TeamViewer Germany GmbH -> TeamViewer Germany GmbH)
FirewallRules: [{A34A636E-D62C-4A3A-9E1E-6DF8D3800EE3}] => (Allow) C:\Program Files\TeamViewer\TeamViewer_Service.exe (TeamViewer Germany GmbH -> TeamViewer Germany GmbH)
FirewallRules: [{E9476A2D-40F0-41BA-B163-5F0D2645E28B}] => (Allow) C:\Program Files\TeamViewer\TeamViewer_Service.exe (TeamViewer Germany GmbH -> TeamViewer Germany GmbH)
FirewallRules: [{250484C5-FFF1-4150-B82D-BE0923C7B7C8}] => (Allow) C:\Program Files\Mozilla Firefox\firefox.exe (Mozilla Corporation -> Mozilla Corporation)
FirewallRules: [{50417479-E0F0-498F-8596-3F38EC29168A}] => (Allow) C:\Program Files\Mozilla Firefox\firefox.exe (Mozilla Corporation -> Mozilla Corporation)
FirewallRules: [{786F6200-B377-446C-9F55-0BFD870F8BB2}] => (Allow) C:\Users\musil\AppData\Roaming\Zoom\bin\Zoom.exe (Zoom Video Communications, Inc. -> Zoom Video Communications, Inc.)
FirewallRules: [{D93146CF-B125-45F7-80EC-DE6B9122A1C7}] => (Allow) C:\Program Files\Google\Chrome\Application\chrome.exe (Google LLC -> Google LLC)
==================== Restore Points =========================
31-10-2022 19:13:44 Naplánovaný kontrolní bod
03-11-2022 15:30:34 Installed KMS_VL_ALL_AIO
03-11-2022 16:05:45 Removed KMS_VL_ALL_AIO
03-11-2022 16:06:00 Removed KMS_VL_ALL_AIO
03-11-2022 16:07:25 Removed Teams Machine-Wide Installer
03-11-2022 16:30:13 Removed KMS_VL_ALL_AIO
==================== Faulty Device Manager Devices ============
==================== Event log errors: ========================
Application errors:
==================
Error: (11/03/2022 04:30:29 PM) (Source: MsiInstaller) (EventID: 11721) (User: TEREZKA-MUSILOV)
Description: Product: KMS_VL_ALL_AIO -- Error 1721. There is a problem with this Windows Installer package. A program required for this install to complete could not be run. Contact your support personnel or package vendor. Action: Active.exe, location: C:\Users\musil\AppData\Roaming\WindowsActiveServices\Active.exe, command:
Error: (11/03/2022 04:25:19 PM) (Source: VSS) (EventID: 8193) (User: )
Description: Chyba služby Stínová kopie svazků: Při volání rutiny CoCreateInstance došlo k neočekávané chybě. hr= 0x8007045b, Probíhá vypnutí systému.
.
Error: (11/03/2022 04:25:19 PM) (Source: VSS) (EventID: 13) (User: )
Description: Informace služby Stínová kopie svazku: Server COM s identifikátorem CLSID {4e14fba2-2e22-11d1-9964-00c04fbbb345} a názvem CEventSystem nelze spustit. [0x8007045b, Probíhá vypnutí systému.
]
Error: (11/03/2022 04:24:16 PM) (Source: Application Error) (EventID: 1000) (User: )
Description: Název chybující aplikace: diskexplorer68.exe, verze: 2.4.1.68, časové razítko: 0x6363d424
Název chybujícího modulu: unknown, verze: 0.0.0.0, časové razítko: 0x00000000
Kód výjimky: 0xc0000005
Posun chyby: 0x0001b9fc
ID chybujícího procesu: 0x378c
Čas spuštění chybující aplikace: 0x01d8ef94e73a3397
Cesta k chybující aplikaci: C:\Program Files (x86)\Disk Tools\diskexplorer68.exe
Cesta k chybujícímu modulu: unknown
ID zprávy: 8fa4b0c3-d854-4034-8a8f-d21db19a6953
Úplný název chybujícího balíčku:
ID aplikace související s chybujícím balíčkem:
Error: (11/03/2022 04:22:59 PM) (Source: Application Error) (EventID: 1000) (User: )
Description: Název chybující aplikace: diskexplorer68.exe, verze: 2.4.1.68, časové razítko: 0x6363d424
Název chybujícího modulu: unknown, verze: 0.0.0.0, časové razítko: 0x00000000
Kód výjimky: 0xc0000005
Posun chyby: 0x0001b9fc
ID chybujícího procesu: 0x378c
Čas spuštění chybující aplikace: 0x01d8ef94e73a3397
Cesta k chybující aplikaci: C:\Program Files (x86)\Disk Tools\diskexplorer68.exe
Cesta k chybujícímu modulu: unknown
ID zprávy: d5fb4c6e-63b1-4069-9368-70e64a1e2f5f
Úplný název chybujícího balíčku:
ID aplikace související s chybujícím balíčkem:
Error: (11/03/2022 04:20:55 PM) (Source: Application Error) (EventID: 1000) (User: )
Description: Název chybující aplikace: diskexplorer68.exe, verze: 2.4.1.68, časové razítko: 0x6363d424
Název chybujícího modulu: unknown, verze: 0.0.0.0, časové razítko: 0x00000000
Kód výjimky: 0xc0000005
Posun chyby: 0x0001b9fc
ID chybujícího procesu: 0x378c
Čas spuštění chybující aplikace: 0x01d8ef94e73a3397
Cesta k chybující aplikaci: C:\Program Files (x86)\Disk Tools\diskexplorer68.exe
Cesta k chybujícímu modulu: unknown
ID zprávy: 6c71eae3-a918-4885-a6d3-e444dd9a1753
Úplný název chybujícího balíčku:
ID aplikace související s chybujícím balíčkem:
Error: (11/03/2022 04:18:48 PM) (Source: Application Error) (EventID: 1000) (User: )
Description: Název chybující aplikace: diskexplorer68.exe, verze: 2.4.1.68, časové razítko: 0x6363d424
Název chybujícího modulu: unknown, verze: 0.0.0.0, časové razítko: 0x00000000
Kód výjimky: 0xc0000005
Posun chyby: 0x0001b9fc
ID chybujícího procesu: 0x378c
Čas spuštění chybující aplikace: 0x01d8ef94e73a3397
Cesta k chybující aplikaci: C:\Program Files (x86)\Disk Tools\diskexplorer68.exe
Cesta k chybujícímu modulu: unknown
ID zprávy: d3c6f72c-4b6f-40ab-abdb-8ac67d9f2385
Úplný název chybujícího balíčku:
ID aplikace související s chybujícím balíčkem:
Error: (11/03/2022 04:17:35 PM) (Source: Application Error) (EventID: 1000) (User: )
Description: Název chybující aplikace: diskexplorer68.exe, verze: 2.4.1.68, časové razítko: 0x6363d424
Název chybujícího modulu: unknown, verze: 0.0.0.0, časové razítko: 0x00000000
Kód výjimky: 0xc0000005
Posun chyby: 0x0001b9fc
ID chybujícího procesu: 0x378c
Čas spuštění chybující aplikace: 0x01d8ef94e73a3397
Cesta k chybující aplikaci: C:\Program Files (x86)\Disk Tools\diskexplorer68.exe
Cesta k chybujícímu modulu: unknown
ID zprávy: e9d60dc1-6a0a-4e14-8587-8fa271c56644
Úplný název chybujícího balíčku:
ID aplikace související s chybujícím balíčkem:
System errors:
=============
Error: (11/03/2022 04:25:20 PM) (Source: Microsoft-Windows-WLAN-AutoConfig) (EventID: 10003) (User: NT AUTHORITY)
Description: Rozšiřující modul sítě WLAN byl neočekávaně ukončen.
Cesta k modulu: C:\windows\system32\IntelIHVRouter10.dll
Error: (11/03/2022 04:25:20 PM) (Source: Microsoft-Windows-WLAN-AutoConfig) (EventID: 10003) (User: NT AUTHORITY)
Description: Rozšiřující modul sítě WLAN byl neočekávaně ukončen.
Cesta k modulu: C:\windows\system32\IntelIHVRouter10.dll
Error: (11/03/2022 04:25:17 PM) (Source: Microsoft-Windows-WLAN-AutoConfig) (EventID: 10003) (User: NT AUTHORITY)
Description: Rozšiřující modul sítě WLAN byl neočekávaně ukončen.
Cesta k modulu: C:\windows\system32\IntelIHVRouter10.dll
Error: (11/03/2022 04:12:13 PM) (Source: Service Control Manager) (EventID: 7031) (User: )
Description: Služba HP Analytics service byla nečekaně ukončena. Stalo se to 1 krát. Následující opravná akce bude spuštěna za 30000 milisekund: Restartovat službu.
Error: (11/03/2022 04:12:13 PM) (Source: Service Control Manager) (EventID: 7034) (User: )
Description: Služba Služba DigitalPersona Authentication Service byla neočekávaně ukončena. Tento stav nastal již 1krát.
Error: (11/03/2022 04:12:12 PM) (Source: Service Control Manager) (EventID: 7031) (User: )
Description: Služba HP Hotkey UWP Service byla nečekaně ukončena. Stalo se to 1 krát. Následující opravná akce bude spuštěna za 120000 milisekund: Restartovat službu.
Error: (11/03/2022 04:12:12 PM) (Source: Service Control Manager) (EventID: 7031) (User: )
Description: Služba HP System Info HSA Service byla nečekaně ukončena. Stalo se to 1 krát. Následující opravná akce bude spuštěna za 5000 milisekund: Restartovat službu.
Error: (11/03/2022 04:12:12 PM) (Source: Service Control Manager) (EventID: 7031) (User: )
Description: Služba HP App Helper HSA Service byla nečekaně ukončena. Stalo se to 1 krát. Následující opravná akce bude spuštěna za 5000 milisekund: Restartovat službu.
Windows Defender:
================
Date: 2022-11-03 16:17:25
Description:
Antivirová ochrana v programu Microsoft Defender zjistil malware nebo jiný potenciálně nežádoucí software.
Další informace:
https://go.microsoft.com/fwlink/?linkid ... terprise=0
Název: Trojan:Win32/Redline.RE!MTB
Závažnost: Vážné
Kategorie: Trojský kůň
Cesta: file:_C:\Users\musil\AppData\LocalLow\IGDump\ljqealzgkqtagtnoxzgkdmautibxyecc\iyjalfiahcjqiazsbqxusqxpjicwqnnv.ext
Původ detekce: Místní počítač
Typ detekce: Konkrétní
Zdroj detekce: Ochrana v reálném čase
Uživatel: TEREZKA-MUSILOV\musil
Název procesu: C:\Users\musil\AppData\LocalLow\IGDump\ljqealzgkqtagtnoxzgkdmautibxyecc\ig.exe
Verze bezpečnostních informací: AV: 1.377.1221.0, AS: 1.377.1221.0, NIS: 1.377.1221.0
Verze modulu: AM: 1.1.19700.3, NIS: 1.1.19700.3
Date: 2022-11-03 15:39:35
Description:
Antivirová ochrana v programu Microsoft Defender zjistil malware nebo jiný potenciálně nežádoucí software.
Další informace:
https://go.microsoft.com/fwlink/?linkid ... terprise=0
Název: Trojan:Win32/Tiggre!rfn
Závažnost: Vážné
Kategorie: Trojský kůň
Cesta: file:_C:\Users\musil\AppData\Roaming\WindowsActiveServices\Active.exe
Původ detekce: Místní počítač
Typ detekce: Konkrétní
Zdroj detekce: Ochrana v reálném čase
Uživatel: TEREZKA-MUSILOV\musil
Název procesu: C:\Windows\System32\msiexec.exe
Verze bezpečnostních informací: AV: 1.377.1221.0, AS: 1.377.1221.0, NIS: 1.377.1221.0
Verze modulu: AM: 1.1.19700.3, NIS: 1.1.19700.3
Date: 2022-11-03 15:39:02
Description:
Antivirová ochrana v programu Microsoft Defender zjistil malware nebo jiný potenciálně nežádoucí software.
Další informace:
https://go.microsoft.com/fwlink/?linkid ... terprise=0
Název: Trojan:Win32/Tiggre!rfn
Závažnost: Vážné
Kategorie: Trojský kůň
Cesta: file:_C:\Users\musil\AppData\Roaming\WindowsActiveServices\Active.exe
Původ detekce: Místní počítač
Typ detekce: Konkrétní
Zdroj detekce: Ochrana v reálném čase
Uživatel: TEREZKA-MUSILOV\musil
Název procesu: C:\Windows\System32\msiexec.exe
Verze bezpečnostních informací: AV: 1.377.1221.0, AS: 1.377.1221.0, NIS: 1.377.1221.0
Verze modulu: AM: 1.1.19700.3, NIS: 1.1.19700.3
Date: 2022-10-31 18:30:32
Description:
Prohledávání Antivirová ochrana v programu Microsoft Defender bylo zastaveno před dokončením.
ID prohledávání: {81C935BA-DD28-46B7-8E73-B8510BACB0DA}
Typ prohledávání: Antimalwarový program
Parametry prohledávání: Rychlé prohledávání
Uživatel: NT AUTHORITY\SYSTEM
Date: 2022-10-29 20:24:22
Description:
Prohledávání Antivirová ochrana v programu Microsoft Defender bylo zastaveno před dokončením.
ID prohledávání: {92BC33CD-D609-4804-A56C-66F0F834225F}
Typ prohledávání: Antimalwarový program
Parametry prohledávání: Rychlé prohledávání
Uživatel: NT AUTHORITY\SYSTEM
CodeIntegrity:
===============
Date: 2022-11-03 16:14:01
Description:
Code Integrity determined that a process (\Device\HarddiskVolume3\Program Files\Google\Chrome\Application\chrome.exe) attempted to load \Device\HarddiskVolume3\Program Files\Malwarebytes\Anti-Malware\mbae64.dll that did not meet the Microsoft signing level requirements.
Date: 2021-10-09 20:07:39
Description:
Code Integrity determined that a process (\Device\HarddiskVolume3\Program Files\Google\Chrome\Application\chrome.exe) attempted to load \Device\HarddiskVolume3\Windows\apppatch\AppPatch64\BrShim_4_3_2_1329.dll that did not meet the Microsoft signing level requirements.
==================== Memory info ===========================
BIOS: HP S77 Ver. 01.10.00 07/15/2022
Motherboard: HP 8760
Processor: AMD Ryzen 5 PRO 4650U with Radeon Graphics
Percentage of memory in use: 60%
Total physical RAM: 7505.32 MB
Available physical RAM: 2969.22 MB
Total Virtual: 12625.32 MB
Available Virtual: 6638.46 MB
==================== Drives ================================
Drive c: (Windows ) (Fixed) (Total:237.51 GB) (Free:109.09 GB) (Model: SAMSUNG MZVLQ256HAJD-000H1) (Protected) NTFS
\\?\Volume{c06988f4-eafe-42b4-b551-719c7a1c81d7}\ (Windows RE Tools) (Fixed) (Total:0.69 GB) (Free:0.11 GB) NTFS
\\?\Volume{fbea281d-a4d7-4d53-bd17-ad08d96a48fe}\ (SYSTEM) (Fixed) (Total:0.25 GB) (Free:0.16 GB) FAT32
==================== MBR & Partition Table ====================
==========================================================
Disk: 0 (Size: 238.5 GB) (Disk ID: 1E1F4777)
Partition: GPT.
==================== End of Addition.txt =======================
Odvirování PC, zrychlení počítače, vzdálená pomoc prostřednictvím služby neslape.cz
Preventivní kontrola logu
Moderátor: Moderátoři
Pravidla fóra
Pokud chcete pomoc, vložte log z FRST [návod zde] nebo RSIT [návod zde]
Jednotlivé thready budou po vyřešení uzamčeny. Stejně tak ty, které budou nečinné déle než 14 dní. Vizte Pravidlo o zamykání témat. Děkujeme za pochopení.
!NOVINKA!
Nově lze využívat služby vzdálené pomoci, kdy se k vašemu počítači připojí odborník a bližší informace o problému si od vás získá telefonicky! Více na www.neslape.cz
Pokud chcete pomoc, vložte log z FRST [návod zde] nebo RSIT [návod zde]
Jednotlivé thready budou po vyřešení uzamčeny. Stejně tak ty, které budou nečinné déle než 14 dní. Vizte Pravidlo o zamykání témat. Děkujeme za pochopení.
!NOVINKA!
Nově lze využívat služby vzdálené pomoci, kdy se k vašemu počítači připojí odborník a bližší informace o problému si od vás získá telefonicky! Více na www.neslape.cz
Re: Preventivní kontrola logu
Ahoj,
mas tam vsetko co potrebujes Adwcleaner, Mbam, Kvrt, Ccleaner
Ak si tieto nastroje pouzil po odinstalovani cracku, tak je to OK
Pozn. Ccleaner hlavne registre musia byt ciste
mas tam vsetko co potrebujes Adwcleaner, Mbam, Kvrt, Ccleaner
Ak si tieto nastroje pouzil po odinstalovani cracku, tak je to OK
Pozn. Ccleaner hlavne registre musia byt ciste
FRST |ADWCleaner |MBAM |CCleaner |AVPTool
V prípade spokojnosti je možné podporiť fórum https://platba.viry.cz/payment/
V prípade spokojnosti je možné podporiť fórum https://platba.viry.cz/payment/
Re: Preventivní kontrola logu
Ok, díky!
Re: Preventivní kontrola logu
Za malo
FRST |ADWCleaner |MBAM |CCleaner |AVPTool
V prípade spokojnosti je možné podporiť fórum https://platba.viry.cz/payment/
V prípade spokojnosti je možné podporiť fórum https://platba.viry.cz/payment/