Odvirování PC, zrychlení počítače, vzdálená pomoc prostřednictvím služby neslape.cz

Prosím o kontrolu logu

Máte problém s virem? Vložte sem log z FRST nebo RSIT.

Moderátor: Moderátoři

Pravidla fóra
Pokud chcete pomoc, vložte log z FRST [návod zde] nebo RSIT [návod zde]

Jednotlivé thready budou po vyřešení uzamčeny. Stejně tak ty, které budou nečinné déle než 14 dní. Vizte Pravidlo o zamykání témat. Děkujeme za pochopení.

!NOVINKA!
Nově lze využívat služby vzdálené pomoci, kdy se k vašemu počítači připojí odborník a bližší informace o problému si od vás získá telefonicky! Více na www.neslape.cz
Zamčeno
Zpráva
Autor
slidercz
Návštěvník
Návštěvník
Příspěvky: 38
Registrován: 18 zář 2014 19:19

Prosím o kontrolu logu

#1 Příspěvek od slidercz »

Zdravím dostal se mi do rukou NB a posledních pár týdnů došlo v něm k celkem velkému zpomalení.
Uživatel není jistý jestli se to projevilo po nějaké instalaci nějakého programu, snad něco vypadne z logu.

Scan result of Farbar Recovery Scan Tool (FRST) (x64) Version: 25-04-2023
Ran by Lukáš Botur (administrator) on LAPTOP-5QLDSND1 (HP HP Pavilion Gaming Laptop 15-ec0xxx) (25-04-2023 18:16:43)
Running from C:\Users\Lukáš Botur\Desktop\FRST64.exe
Loaded Profiles: Lukáš Botur
Platform: Microsoft Windows 11 Home Version 21H2 22000.1574 (X64) Language: Čeština (Česko)
Default browser: Edge
Boot Mode: Normal

==================== Processes (Whitelisted) =================

(If an entry is included in the fixlist, the process will be closed. The file will not be moved.)

(Advanced Micro Devices, Inc. -> Advanced Micro Devices, Inc.) C:\Program Files\AMD\CNext\CNext\AMDRSServ.exe
(Advanced Micro Devices, Inc. -> Advanced Micro Devices, Inc.) C:\Program Files\AMD\CNext\CNext\RadeonSettings.exe
(C:\Program Files (x86)\Steam\steam.exe ->) (Valve Corp. -> Valve Corporation) C:\Program Files (x86)\Steam\bin\cef\cef.win7x64\steamwebhelper.exe <8>
(C:\Program Files\Malwarebytes\Anti-Malware\MBAMService.exe ->) (Malwarebytes Inc. -> Malwarebytes) C:\Program Files\Malwarebytes\Anti-Malware\mbamtray.exe
(C:\Program Files\WindowsApps\MicrosoftTeams_23078.300.1950.927_x64__8wekyb3d8bbwe\msteams.exe ->) (Microsoft Corporation -> Microsoft Corporation) C:\Program Files (x86)\Microsoft\EdgeWebView\Application\112.0.1722.48\msedgewebview2.exe <12>
(C:\Program Files\WindowsApps\MicrosoftWindows.Client.WebExperience_423.3400.0.0_x64__cw5n1h2txyewy\Dashboard\Widgets.exe ->) (Microsoft Corporation -> Microsoft Corporation) C:\Program Files (x86)\Microsoft\EdgeWebView\Application\112.0.1722.58\msedgewebview2.exe <6>
(Discord Inc. -> Discord Inc.) C:\ProgramData\Lukáš Botur\Discord\app-1.0.9012\Discord.exe <6>
(DriverStore\FileRepository\hpanalyticscomp.inf_amd64_f23fc423d26e5d79\x64\TouchpointAnalyticsClientService.exe ->) (HP Inc. -> HP Inc.) C:\Windows\System32\DriverStore\FileRepository\hpanalyticscomp.inf_amd64_f23fc423d26e5d79\x64\TouchpointGpuInfo.exe
(DriverStore\FileRepository\hpcustomcapcomp.inf_amd64_d04f01dd16ecf753\x64\SysInfoCap.exe ->) (HP Inc. -> HP Inc.) C:\Windows\System32\DriverStore\FileRepository\hpcustomcapcomp.inf_amd64_d04f01dd16ecf753\x64\BridgeCommunication.exe <3>
(DriverStore\FileRepository\u0356148.inf_amd64_49a476cb3d4116cb\B355990\atiesrxx.exe ->) (Advanced Micro Devices, Inc. -> AMD) C:\Windows\System32\DriverStore\FileRepository\u0356148.inf_amd64_49a476cb3d4116cb\B355990\atieclxx.exe
(ED346674-0FA1-4272-85CE-3187C9C86E26 -> ) C:\Program Files\WindowsApps\AD2F1837.HPSystemEventUtility_1.3.2.0_x64__v10z8vjag6ke6\SystemEventUtility\HPSystemEventUtilityHost.exe
(ETDService.exe ->) (ELAN MICROELECTRONICS CORPORATION -> ELAN Microelectronics Corp.) C:\Windows\System32\ETDCtrl.exe
(explorer.exe ->) (Microsoft Corporation -> ) C:\Program Files\WindowsApps\MicrosoftCorporationII.QuickAssist_2.0.19.0_x64__8wekyb3d8bbwe\Microsoft.RemoteAssistance.QuickAssist\QuickAssist.exe
(explorer.exe ->) (Microsoft Corporation -> Microsoft Corporation) C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe <12>
(explorer.exe ->) (Microsoft Windows -> Microsoft Corporation) C:\Windows\System32\Taskmgr.exe
(explorer.exe ->) (Valve Corp. -> Valve Corporation) C:\Program Files (x86)\Steam\steam.exe
(Famatech Corp. -> Famatech Corp.) C:\Program Files (x86)\Radmin VPN\RvRvpnGui.exe
(NVIDIA Corporation -> Node.js) C:\Program Files (x86)\NVIDIA Corporation\NvNode\NVIDIA Web Helper.exe
(services.exe ->) (Advanced Micro Devices, Inc. -> AMD) C:\Windows\System32\DriverStore\FileRepository\u0356148.inf_amd64_49a476cb3d4116cb\B355990\atiesrxx.exe
(services.exe ->) (ELAN MICROELECTRONICS CORPORATION -> ELAN Microelectronics Corp.) C:\Windows\System32\ETDService.exe
(services.exe ->) (Famatech Corp. -> Famatech Corp.) C:\Program Files (x86)\Radmin VPN\RvControlSvc.exe
(services.exe ->) (HP Inc. -> HP Inc.) C:\Program Files\HPCommRecovery\HPCommRecovery.exe
(services.exe ->) (HP Inc. -> HP Inc.) C:\Windows\System32\DriverStore\FileRepository\hpanalyticscomp.inf_amd64_f23fc423d26e5d79\x64\TouchpointAnalyticsClientService.exe
(services.exe ->) (HP Inc. -> HP Inc.) C:\Windows\System32\DriverStore\FileRepository\hpcustomcapcomp.inf_amd64_d04f01dd16ecf753\x64\AppHelperCap.exe
(services.exe ->) (HP Inc. -> HP Inc.) C:\Windows\System32\DriverStore\FileRepository\hpcustomcapcomp.inf_amd64_d04f01dd16ecf753\x64\DiagsCap.exe
(services.exe ->) (HP Inc. -> HP Inc.) C:\Windows\System32\DriverStore\FileRepository\hpcustomcapcomp.inf_amd64_d04f01dd16ecf753\x64\NetworkCap.exe
(services.exe ->) (HP Inc. -> HP Inc.) C:\Windows\System32\DriverStore\FileRepository\hpcustomcapcomp.inf_amd64_d04f01dd16ecf753\x64\SysInfoCap.exe
(services.exe ->) (HP Inc. -> HP Inc.) C:\Windows\System32\DriverStore\FileRepository\hpomencustomcapcomp.inf_amd64_e711c85c03558fc4\x64\OmenCap\OmenCap.exe
(services.exe ->) (Malwarebytes Inc. -> Malwarebytes) C:\Program Files\Malwarebytes\Anti-Malware\MBAMService.exe
(services.exe ->) (Microsoft Corporation -> ) C:\Program Files\WindowsApps\Microsoft.GamingServices_11.76.5001.0_x64__8wekyb3d8bbwe\gamingservices.exe
(services.exe ->) (Microsoft Corporation -> ) C:\Program Files\WindowsApps\Microsoft.GamingServices_11.76.5001.0_x64__8wekyb3d8bbwe\gamingservicesnet.exe
(services.exe ->) (Microsoft Corporation -> Microsoft Corporation) C:\Program Files (x86)\Microsoft GameInput\x64\gameinputsvc.exe <2>
(services.exe ->) (Microsoft Corporation -> Microsoft Corporation) C:\Program Files\Common Files\microsoft shared\ClickToRun\OfficeClickToRun.exe
(services.exe ->) (Microsoft Corporation -> Microsoft Corporation) C:\Windows\Microsoft.NET\Framework64\v3.0\WPF\PresentationFontCache.exe
(services.exe ->) (NVIDIA Corporation -> NVIDIA Corporation) C:\Program Files\NVIDIA Corporation\NvContainer\nvcontainer.exe <2>
(services.exe ->) (Nvidia Corporation -> NVIDIA Corporation) C:\Windows\System32\DriverStore\FileRepository\nvhm.inf_amd64_178c927f3d4607c8\Display.NvContainer\NVDisplay.Container.exe <2>
(services.exe ->) (Realtek Semiconductor Corp. -> Realtek Semiconductor Corp.) C:\Windows\RtkBtManServ.exe
(services.exe ->) (Realtek Semiconductor Corp. -> Realtek Semiconductor) C:\Windows\System32\RtkAudUService64.exe <2>
(services.exe ->) (Sound Research Corporation -> Sound Research, Corp.) C:\Windows\System32\SECOMN64.exe
(services.exe ->) (Valve Corp. -> Valve Corporation) C:\Program Files (x86)\Common Files\Steam\steamservice.exe
(sihost.exe ->) (649690DD-9BE8-48E7-8019-88DCA877AF4E -> ) C:\Program Files\WindowsApps\5A894077.McAfeeSecurity_2.1.68.0_x64__wafk5atnkzcwy\Win32\mcafee-security-ft.exe
(sihost.exe ->) (Microsoft Corporation -> ) C:\Program Files\WindowsApps\Microsoft.PowerAutomateDesktop_10.0.5878.0_x64__8wekyb3d8bbwe\PAD.Console.Host.exe
(sihost.exe ->) (Skype Software Sarl -> ) C:\Program Files\WindowsApps\Microsoft.SkypeApp_15.94.3428.0_x86__kzf8qxf38zg5c\Skype\Skype.exe <5>
(svchost.exe ->) (649690DD-9BE8-48E7-8019-88DCA877AF4E -> ) C:\Program Files\WindowsApps\5A894077.McAfeeSecurity_2.1.68.0_x64__wafk5atnkzcwy\mcafee-security.exe
(svchost.exe ->) (ED346674-0FA1-4272-85CE-3187C9C86E26 -> ) C:\Program Files\WindowsApps\ad2f1837.hpjumpstarts_1.10.1627.0_x64__v10z8vjag6ke6\HP.JumpStarts.exe
(svchost.exe ->) (HP Inc. -> HP Inc.) C:\Program Files (x86)\HP\HPAudioSwitch\HPAudioSwitch.exe
(svchost.exe ->) (Microsoft Corporation -> ) C:\Program Files\WindowsApps\Microsoft.YourPhone_1.23012.167.0_x64__8wekyb3d8bbwe\PhoneExperienceHost.exe
(svchost.exe ->) (Microsoft Windows -> Microsoft Corporation) C:\Windows\System32\dllhost.exe <3>
(svchost.exe ->) (Microsoft Windows -> Microsoft Corporation) C:\Windows\System32\smartscreen.exe
(svchost.exe ->) (Microsoft Windows -> Microsoft Corporation) C:\Windows\UUS\amd64\MoUsoCoreWorker.exe
(svchost.exe ->) (Microsoft Windows -> Microsoft Corporation) C:\Windows\WinSxS\amd64_microsoft-windows-servicingstack_31bf3856ad364e35_10.0.22000.1811_none_82553daeff1d29a6\TiWorker.exe

==================== Registry (Whitelisted) ===================

(If an entry is included in the fixlist, the registry item will be restored to default or removed. The file will not be moved.)

HKLM\...\Run: [RtkAudUService] => C:\WINDOWS\System32\RtkAudUService64.exe [971256 2019-09-12] (Realtek Semiconductor Corp. -> Realtek Semiconductor)
HKLM-x32\...\Run: [amd_dc_opt] => C:\Program Files (x86)\AMD\Dual-Core Optimizer\amd_dc_opt.exe [77824 2008-07-22] (AMD) [File not signed]
HKLM-x32\...\Run: [RadminVPN] => C:\Program Files (x86)\Radmin VPN\RvRvpnGui.exe [2131984 2022-10-18] (Famatech Corp. -> Famatech Corp.)
HKLM\...\RunOnce: [msedge_cleanup_{F3017226-FE2A-4295-8BDF-00C3A9A7E4C5}] => C:\Program Files (x86)\Microsoft\EdgeWebView\Application\112.0.1722.58\Installer\setup.exe [4007888 2023-04-25] (Microsoft Corporation -> Microsoft Corporation)
HKLM\SOFTWARE\Microsoft\Windows Defender: [DisableAntiSpyware] Restriction <==== ATTENTION
HKLM\SOFTWARE\Microsoft\Windows Defender: [DisableAntiVirus] Restriction <==== ATTENTION
HKU\S-1-5-19\...\Run: [HPSEU_Host_Launcher] => C:\System.sav\util\HpseuHostLauncher.exe [536152 2022-08-15] (HP Inc. -> HP Inc.)
HKU\S-1-5-20\...\Run: [HPSEU_Host_Launcher] => C:\System.sav\util\HpseuHostLauncher.exe [536152 2022-08-15] (HP Inc. -> HP Inc.)
HKU\S-1-5-21-4073583191-3554750098-3520840650-1002\...\Run: [HPSEU_Host_Launcher] => C:\System.sav\util\HpseuHostLauncher.exe [536152 2022-08-15] (HP Inc. -> HP Inc.)
HKU\S-1-5-21-4073583191-3554750098-3520840650-1002\...\Run: [Web Companion] => C:\Program Files (x86)\Lavasoft\Web Companion\Application\WebCompanion.exe --minimize (No File)
HKU\S-1-5-21-4073583191-3554750098-3520840650-1002\...\Run: [Discord] => C:\ProgramData\Lukáš Botur\Discord\Update.exe [1522176 2022-06-08] (Discord Inc. -> GitHub)
HKU\S-1-5-21-4073583191-3554750098-3520840650-1002\...\Run: [com.squirrel.Teams.Teams] => C:\Users\Lukáš Botur\AppData\Local\Microsoft\Teams\Update.exe [2587368 2023-04-17] (Microsoft 3rd Party Application Component -> Microsoft Corporation)
HKU\S-1-5-21-4073583191-3554750098-3520840650-1002\...\Run: [Steam] => C:\Program Files (x86)\Steam\steam.exe [4362600 2023-03-24] (Valve Corp. -> Valve Corporation)
HKLM\Software\...\Authentication\Credential Providers: [{C885AA15-1764-4293-B82A-0586ADD46B35}] ->
Startup: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Startup\$McRebootA5E6DEAA56$.lnk [2023-04-25]
ShortcutTarget: $McRebootA5E6DEAA56$.lnk -> (No File)
Startup: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Startup\update.bat [2019-12-24] () [File not signed] <==== ATTENTION
HKLM\SOFTWARE\Policies\Mozilla\Firefox: Restriction <==== ATTENTION

==================== Scheduled Tasks (Whitelisted) ============

(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)

Task: {099740BE-3171-4236-B924-440DB670F75E} - System32\Tasks\HP\Consent Manager Launcher => sc start hptouchpointanalyticsservice
Task: {4617F6E5-C14D-48AE-882E-FD77E2A6EADC} - System32\Tasks\Microsoft\Office\Office Automatic Updates 2.0 => C:\Program Files\Common Files\Microsoft Shared\ClickToRun\OfficeC2RClient.exe [26409896 2023-04-17] (Microsoft Corporation -> Microsoft Corporation)
Task: {493A617C-A6B9-461E-8118-A14160552CDA} - System32\Tasks\NVIDIA GeForce Experience SelfUpdate_{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8} => C:\Program Files\NVIDIA Corporation\NVIDIA GeForce Experience\NVIDIA GeForce Experience.exe [3339120 2021-06-15] (NVIDIA Corporation -> NVIDIA Corporation)
Task: {49FE205F-307E-41FF-BDC6-057058A02DC4} - System32\Tasks\Microsoft\Windows\Mobile Broadband Accounts\MNO Metadata Parser => C:\WINDOWS\System32\MbaeParserTask.exe (No File)
Task: {5100A477-348F-48CA-A0F9-BA0C7018AC24} - System32\Tasks\OneDrive Standalone Update Task-S-1-5-21-638729200-3266139460-2610184524-500 => C:\Users\Lukáš Botur\AppData\Local\Microsoft\OneDrive\OneDriveStandaloneUpdater.exe (No File)
Task: {5C44B166-5585-4794-B545-3E8E1145F794} - System32\Tasks\NvProfileUpdaterDaily_{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8} => C:\Program Files\NVIDIA Corporation\Update Core\NvProfileUpdater64.exe [905072 2021-06-09] (NVIDIA Corporation -> NVIDIA Corporation)
Task: {631BC59A-8287-49A8-8BDE-B5D65661588B} - System32\Tasks\NvTmRep_CrashReport3_{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8} => C:\Program Files\NVIDIA Corporation\NvBackend\NvTmRep.exe [1261424 2021-06-09] (NVIDIA Corporation -> NVIDIA Corporation)
Task: {6B8E9E78-7AF0-4340-BA6F-57FC9EEAD827} - System32\Tasks\NvTmRep_CrashReport2_{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8} => C:\Program Files\NVIDIA Corporation\NvBackend\NvTmRep.exe [1261424 2021-06-09] (NVIDIA Corporation -> NVIDIA Corporation)
Task: {7CA1A5C9-9121-43EF-9065-0B8BEC67D8CF} - System32\Tasks\StartDVR => C:\Program Files\AMD\CNext\CNext\RSServCmd.exe [68280 2019-08-07] (Advanced Micro Devices, Inc. -> Advanced Micro Devices, Inc.)
Task: {7ED79E6A-06E4-48D3-BE88-85A35F3A8458} - System32\Tasks\HPAudioSwitch => C:\Program Files (x86)\HP\HPAudioSwitch\HPAudioSwitch.exe [1644472 2019-06-21] (HP Inc. -> HP Inc.)
Task: {847D6FBF-1EA4-4F12-9C21-6DE595B3FDAD} - System32\Tasks\NvTmRep_CrashReport4_{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8} => C:\Program Files\NVIDIA Corporation\NvBackend\NvTmRep.exe [1261424 2021-06-09] (NVIDIA Corporation -> NVIDIA Corporation)
Task: {875FE6B5-9730-4D2D-91E3-74FEEC4B558F} - System32\Tasks\StartCN => C:\Program Files\AMD\CNext\CNext\cncmd.exe [60088 2019-08-07] (Advanced Micro Devices, Inc. -> Advanced Micro Devices, Inc.)
Task: {8BD0D06D-1401-41B0-A285-9064C21FDF87} - System32\Tasks\NvTmRep_CrashReport1_{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8} => C:\Program Files\NVIDIA Corporation\NvBackend\NvTmRep.exe [1261424 2021-06-09] (NVIDIA Corporation -> NVIDIA Corporation)
Task: {9CDB8C0B-3BA8-46C4-8359-0EC614ED0B34} - System32\Tasks\NvDriverUpdateCheckDaily_{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8} => C:\Program Files\NVIDIA Corporation\NvContainer\nvcontainer.exe [903024 2021-05-04] (NVIDIA Corporation -> NVIDIA Corporation) -> -d "C:\Program Files\NVIDIA Corporation\NvDriverUpdateCheck" -l 3 -f C:\ProgramData\NVIDIA\NvContainerDriverUpdateCheck.log
Task: {A4ED597D-1134-4120-93CA-D4D620F35955} - System32\Tasks\Microsoft\Office\Office Performance Monitor => C:\Program Files\Microsoft Office\root\VFS\ProgramFilesCommonX64\Microsoft Shared\Office16\operfmon.exe [168880 2023-04-17] (Microsoft Corporation -> Microsoft Corporation)
Task: {B0A5CEEC-898C-441D-84BE-5967F483194F} - System32\Tasks\NvNodeLauncher_{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8} => C:\Program Files (x86)\NVIDIA Corporation\NvNode\nvnodejslauncher.exe [645488 2021-06-09] (NVIDIA Corporation -> NVIDIA Corporation)
Task: {B20DC49E-C0CA-4ECA-B857-DD12DF1983D4} - System32\Tasks\Hewlett-Packard\HP Support Assistant\HP Support Assistant Update Notice => C:\Program Files (x86)\HP\HP Support Framework\Resources\BingPopup\BingPopup.exe [847392 2023-01-10] (HP Inc. -> HP Inc.)
Task: {BFB1D7B0-B6BC-4850-BBCC-68B98180ADDD} - System32\Tasks\Opera scheduled assistant Autoupdate 1634229318 => C:\Users\Lukáš Botur\AppData\Local\Programs\Opera\launcher.exe -> --scheduledautoupdate --component-name=assistant --component-path="C:\Users\Lukáš Botur\AppData\Local\Programs\Opera\assistant" $(Arg0)
Task: {C00D7065-0BBC-4C6A-9F3C-E05C665E6C6B} - System32\Tasks\Microsoft\Office\Office Feature Updates => C:\Program Files\Microsoft Office\root\Office16\sdxhelper.exe [144272 2023-04-17] (Microsoft Corporation -> Microsoft Corporation)
Task: {D36738AF-A4A1-44AE-9521-21E5F0EC45DA} - System32\Tasks\Microsoft\Office\Office Feature Updates Logon => C:\Program Files\Microsoft Office\root\Office16\sdxhelper.exe [144272 2023-04-17] (Microsoft Corporation -> Microsoft Corporation)
Task: {D9CFCAA1-658D-40F4-940B-965B1DABD3F6} - System32\Tasks\NvProfileUpdaterOnLogon_{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8} => C:\Program Files\NVIDIA Corporation\Update Core\NvProfileUpdater64.exe [905072 2021-06-09] (NVIDIA Corporation -> NVIDIA Corporation)
Task: {DE945749-B9C8-4D0D-9ED6-2CC975C6EB0E} - System32\Tasks\Microsoft\Windows\WaaSMedic\DeferredWork => {72566E27-1ABB-4EB3-B4F0-EB431CB1CB32}
Task: {DFE60965-FC94-4944-84EF-9B818DF4950E} - System32\Tasks\Microsoft\Office\Office ClickToRun Service Monitor => C:\Program Files\Common Files\Microsoft Shared\ClickToRun\OfficeC2RClient.exe [26409896 2023-04-17] (Microsoft Corporation -> Microsoft Corporation)
Task: {E551AF4A-8415-4826-BD41-CAAE4C49621B} - System32\Tasks\NvBatteryBoostCheckOnLogon_{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8} => C:\Program Files\NVIDIA Corporation\NvContainer\nvcontainer.exe [903024 2021-05-04] (NVIDIA Corporation -> NVIDIA Corporation) -> -d "C:\Program Files\NVIDIA Corporation\NvBackend\NvBatteryBoostCheck" -l 3 -f C:\ProgramData\NVIDIA\NvContainerBatteryBoostCheck.log
Task: {FC0A88C0-032D-4E05-829A-BAA1ED625865} - System32\Tasks\Hewlett-Packard\HP Support Assistant\HP Support Solutions Framework Report => C:\Program Files (x86)\HP\HP Support Framework\Resources\HPSFReport.exe [138328 2023-01-10] (HP Inc. -> HP Inc.)
Task: {FFFD28D7-0207-4A6F-AEB5-FA64D62D8A74} - System32\Tasks\Opera scheduled Autoupdate 1634229314 => C:\Users\Lukáš Botur\AppData\Local\Programs\Opera\launcher.exe --scheduledautoupdate $(Arg0) (No File)

(If an entry is included in the fixlist, the task (.job) file will be moved. The file which is running by the task will not be moved.)


==================== Internet (Whitelisted) ====================

(If an item is included in the fixlist, if it is a registry item it will be removed or restored to default.)

Tcpip\Parameters: [DhcpNameServer] 192.168.0.1
Tcpip\..\Interfaces\{56bf6dde-f136-4058-975c-123639afeb3c}: [DhcpNameServer] 192.168.0.1

Edge:
=======
Edge DefaultProfile: Default
Edge Profile: C:\Users\Lukáš Botur\AppData\Local\Microsoft\Edge\User Data\Default [2023-04-25]
Edge Extension: (Edge relevant text changes) - C:\Users\Lukáš Botur\AppData\Local\Microsoft\Edge\User Data\Default\Extensions\jmjflgjpcpepeafmmgdpfkogkghcpiha [2023-04-25]
Edge HKU\S-1-5-21-4073583191-3554750098-3520840650-1002\SOFTWARE\Microsoft\Edge\Extensions\...\Edge\Extension: [kagpabjoboikccfdghpdlaaopmgpgfdc]

FireFox:
========
FF Plugin: @microsoft.com/SharePoint,version=14.0 -> C:\Program Files\Microsoft Office\root\Office16\NPSPWRAP.DLL [2022-11-02] (Microsoft Corporation -> Microsoft Corporation)
FF Plugin-x32: @microsoft.com/SharePoint,version=14.0 -> C:\Program Files\Microsoft Office\root\VFS\ProgramFilesX86\Microsoft Office\Office16\NPSPWRAP.DLL [2022-11-02] (Microsoft Corporation -> Microsoft Corporation)

Chrome:
=======
CHR HKU\S-1-5-21-4073583191-3554750098-3520840650-1002\SOFTWARE\Google\Chrome\Extensions\...\Chrome\Extension: [ljglajjnnkapghbckkcmodicjhacbfhk]

==================== Services (Whitelisted) ===================

(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)

S2 0255411682438974mcinstcleanup; C:\ProgramData\McInstTemp0255411682438974\McInst.exe [872896 2021-09-29] (McAfee, LLC -> McAfee, LLC)
R2 ClickToRunSvc; C:\Program Files\Common Files\Microsoft Shared\ClickToRun\OfficeClickToRun.exe [12634544 2023-04-17] (Microsoft Corporation -> Microsoft Corporation)
R2 GamingServices; C:\Program Files\WindowsApps\Microsoft.GamingServices_11.76.5001.0_x64__8wekyb3d8bbwe\GamingServices.exe [75256 2023-04-17] (Microsoft Corporation -> )
R2 GamingServicesNet; C:\Program Files\WindowsApps\Microsoft.GamingServices_11.76.5001.0_x64__8wekyb3d8bbwe\GamingServicesNet.exe [75256 2023-04-17] (Microsoft Corporation -> )
R2 HP Comm Recover; C:\Program Files\HPCommRecovery\HPCommRecovery.exe [1321096 2018-09-28] (HP Inc. -> HP Inc.)
R2 HPAppHelperCap; C:\WINDOWS\System32\DriverStore\FileRepository\hpcustomcapcomp.inf_amd64_d04f01dd16ecf753\x64\AppHelperCap.exe [858064 2023-02-28] (HP Inc. -> HP Inc.)
R2 HPDiagsCap; C:\WINDOWS\System32\DriverStore\FileRepository\hpcustomcapcomp.inf_amd64_d04f01dd16ecf753\x64\DiagsCap.exe [857032 2023-02-28] (HP Inc. -> HP Inc.)
R2 HPNetworkCap; C:\WINDOWS\System32\DriverStore\FileRepository\hpcustomcapcomp.inf_amd64_d04f01dd16ecf753\x64\NetworkCap.exe [853920 2023-02-28] (HP Inc. -> HP Inc.)
R2 HPOmenCap; C:\WINDOWS\System32\DriverStore\FileRepository\hpomencustomcapcomp.inf_amd64_e711c85c03558fc4\x64\OmenCap\OmenCap.exe [775136 2022-11-04] (HP Inc. -> HP Inc.)
R2 HPSysInfoCap; C:\WINDOWS\System32\DriverStore\FileRepository\hpcustomcapcomp.inf_amd64_d04f01dd16ecf753\x64\SysInfoCap.exe [857032 2023-02-28] (HP Inc. -> HP Inc.)
R2 HpTouchpointAnalyticsService; C:\WINDOWS\System32\DriverStore\FileRepository\hpanalyticscomp.inf_amd64_f23fc423d26e5d79\x64\TouchpointAnalyticsClientService.exe [493712 2022-12-19] (HP Inc. -> HP Inc.)
S3 IDriverT; C:\Program Files (x86)\Common Files\InstallShield\Driver\1050\Intel 32\IDriverT.exe [73728 2004-10-22] (Macrovision Corporation) [File not signed]
R2 MBAMService; C:\Program Files\Malwarebytes\Anti-Malware\MBAMService.exe [9245528 2023-04-25] (Malwarebytes Inc. -> Malwarebytes)
R2 RvControlSvc; C:\Program Files (x86)\Radmin VPN\RvControlSvc.exe [1069584 2022-10-18] (Famatech Corp. -> Famatech Corp.)
S3 WdNisSvc; C:\ProgramData\Microsoft\Windows Defender\Platform\4.18.2303.8-0\NisSrv.exe [3228400 2023-04-17] (Microsoft Windows Publisher -> Microsoft Corporation)
S3 WinDefend; C:\ProgramData\Microsoft\Windows Defender\Platform\4.18.2303.8-0\MsMpEng.exe [133536 2023-04-17] (Microsoft Windows Publisher -> Microsoft Corporation)
S3 mfefire; "C:\Program Files\Common Files\McAfee\SystemCore\mfemms.exe" [X]
S2 mfemms; "C:\Program Files\Common Files\McAfee\SystemCore\mfemms.exe" [X]
S3 mfevtp; no ImagePath
R2 NVDisplay.ContainerLocalSystem; C:\WINDOWS\System32\DriverStore\FileRepository\nvhm.inf_amd64_178c927f3d4607c8\Display.NvContainer\NVDisplay.Container.exe -s NVDisplay.ContainerLocalSystem -f %ProgramData%\NVIDIA\NVDisplay.ContainerLocalSystem.log -l 3 -d C:\WINDOWS\System32\DriverStore\FileRepository\nvhm.inf_amd64_178c927f3d4607c8\Display.NvContainer\plugins\LocalSystem -r -p 30000 -cfg NVDisplay.ContainerLocalSystem\LocalSystem

===================== Drivers (Whitelisted) ===================

(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)

S3 AmUStor; C:\WINDOWS\system32\drivers\AmUStorU.sys [127936 2019-05-22] (Alcorlink Corp. -> )
S3 BthA2dp; C:\WINDOWS\System32\drivers\BthA2dp.sys [507904 2022-10-18] (Microsoft Corporation) [File not signed]
S3 BTHMODEM; C:\WINDOWS\System32\drivers\bthmodem.sys [98304 2021-06-05] (Microsoft Corporation) [File not signed]
R1 ESProtectionDriver; C:\WINDOWS\system32\drivers\mbae64.sys [158640 2023-04-25] (Microsoft Windows Hardware Compatibility Publisher -> Malwarebytes)
S3 ew_usbccgpfilter; C:\WINDOWS\System32\drivers\ew_usbccgpfilter.sys [18944 2021-11-08] (Microsoft Windows Hardware Compatibility Publisher -> Huawei Technologies Co., Ltd.)
R3 HPCustomCapDriver; C:\WINDOWS\System32\DriverStore\FileRepository\hpcustomcapdriver.inf_amd64_a955fa431e522f5e\x64\hpcustomcapdriver.sys [25592 2021-09-16] (HP Inc. -> HP Inc.)
R3 HPOmenCustomCapDriver; C:\WINDOWS\System32\DriverStore\FileRepository\hpomencustomcapdriver.inf_amd64_326f2e1d16385daf\x64\hpomencustomcapdriver.sys [23888 2019-05-03] (HP Inc. -> HP Inc.)
R2 MBAMChameleon; C:\WINDOWS\System32\Drivers\MbamChameleon.sys [223176 2023-04-25] (Microsoft Windows Hardware Compatibility Publisher -> Malwarebytes)
S0 MbamElam; C:\WINDOWS\System32\DRIVERS\MbamElam.sys [21480 2023-04-25] (Microsoft Windows Early Launch Anti-malware Publisher -> Malwarebytes)
R3 MBAMFarflt; C:\WINDOWS\System32\DRIVERS\farflt11.sys [232072 2023-04-25] (Malwarebytes Inc. -> Malwarebytes)
R3 MBAMProtection; C:\WINDOWS\system32\DRIVERS\mbam.sys [77736 2023-04-25] (Microsoft Windows Hardware Compatibility Publisher -> Malwarebytes)
R3 MBAMSwissArmy; C:\WINDOWS\System32\Drivers\mbamswissarmy.sys [239544 2023-04-25] (Microsoft Windows Hardware Compatibility Publisher -> Malwarebytes)
R1 rtf64; C:\WINDOWS\system32\DRIVERS\rtf64x64.sys [70560 2018-09-03] (Realtek Semiconductor Corp. -> Realtek)
R3 RvNetMP60; C:\WINDOWS\System32\drivers\RvNetMP60.sys [58288 2022-10-18] (Microsoft Windows Hardware Compatibility Publisher -> Famatech Corp.)
R3 ViGEmBus; C:\WINDOWS\System32\DriverStore\FileRepository\vigembus.inf_amd64_8a927fc43d8a7838\x64\ViGEmBus.sys [91432 2020-04-21] (HP Inc. -> Benjamin Hoeglinger-Stelzer)
S3 WdBoot; C:\WINDOWS\system32\drivers\wd\WdBoot.sys [49600 2023-04-17] (Microsoft Windows Early Launch Anti-malware Publisher -> Microsoft Corporation)
S3 WdFilter; C:\WINDOWS\system32\drivers\wd\WdFilter.sys [497920 2023-04-17] (Microsoft Windows -> Microsoft Corporation)
S3 WdNisDrv; C:\WINDOWS\System32\drivers\wd\WdNisDrv.sys [99608 2023-04-17] (Microsoft Windows -> Microsoft Corporation)
R3 WirelessButtonDriver64; C:\WINDOWS\System32\drivers\WirelessButtonDriver64.sys [40104 2022-06-17] (HP Inc. -> HP)
U3 aspnet_state; no ImagePath
S0 cfwids; system32\drivers\cfwids.sys [X]
R0 mfeaack; system32\drivers\mfeaack.sys [X]
R0 mfeavfk; system32\drivers\mfeavfk.sys [X]
S0 mfeelamk; system32\drivers\mfeelamk.sys [X]
S0 mfefirek; system32\drivers\mfefirek.sys [X]
R0 mfehidk; system32\drivers\mfehidk.sys [X]
R0 mfeplk; system32\drivers\mfeplk.sys [X]
R0 mfewfpk; system32\drivers\mfewfpk.sys [X]

==================== NetSvcs (Whitelisted) ===================

(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)


==================== One month (created) (Whitelisted) =========

(If an entry is included in the fixlist, the file/folder will be moved.)

2023-04-25 18:16 - 2023-04-25 18:18 - 000025786 _____ C:\Users\Lukáš Botur\Desktop\FRST.txt
2023-04-25 18:15 - 2023-04-25 18:14 - 002382336 _____ (Farbar) C:\Users\Lukáš Botur\Desktop\FRST64.exe
2023-04-25 18:14 - 2023-04-25 18:17 - 000000000 ____D C:\FRST
2023-04-25 18:14 - 2023-04-25 18:14 - 002382336 _____ (Farbar) C:\Users\Lukáš Botur\Downloads\FRST64.exe
2023-04-25 18:09 - 2023-04-25 18:09 - 000000000 ____D C:\ProgramData\McInstTemp0255411682438974
2023-04-25 17:58 - 2023-04-25 17:58 - 000232072 _____ (Malwarebytes) C:\WINDOWS\system32\Drivers\farflt11.sys
2023-04-25 17:57 - 2023-04-25 17:57 - 000000000 ____D C:\Users\Lukáš Botur\AppData\Local\mbam
2023-04-25 17:56 - 2023-04-25 17:57 - 000000000 ____D C:\Users\Lukáš Botur\AppData\Local\Malwarebytes
2023-04-25 17:56 - 2023-04-25 17:56 - 000002040 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Malwarebytes.lnk
2023-04-25 17:56 - 2023-04-25 17:56 - 000002028 _____ C:\Users\Public\Desktop\Malwarebytes.lnk
2023-04-25 17:54 - 2023-04-25 17:54 - 000000000 ____D C:\ProgramData\Malwarebytes
2023-04-25 17:54 - 2023-04-25 17:54 - 000000000 ____D C:\Program Files\Malwarebytes
2023-04-25 17:53 - 2023-04-25 17:53 - 002649088 _____ (Malwarebytes) C:\Users\Lukáš Botur\Downloads\MBSetup.exe
2023-04-25 17:43 - 2023-04-25 17:43 - 000000000 ___HD C:\$WinREAgent
2023-04-22 04:55 - 2023-04-22 04:55 - 1548739558 _____ C:\WINDOWS\MEMORY.DMP
2023-04-22 04:55 - 2023-04-22 04:55 - 001871580 _____ C:\WINDOWS\Minidump\042223-13203-01.dmp
2023-04-22 04:55 - 2023-04-22 04:55 - 000000000 ____D C:\WINDOWS\Minidump
2023-04-21 03:45 - 2023-04-21 16:17 - 000000000 ___HD C:\$WINDOWS.~BT
2023-03-27 10:56 - 2023-03-27 10:56 - 000000017 _____ C:\Users\Lukáš Botur\AppData\Local\resmon.resmoncfg
2023-03-26 17:13 - 2023-03-26 17:13 - 000000000 ____D C:\Program Files (x86)\Windows Kits
2023-03-26 17:13 - 2023-03-26 17:13 - 000000000 ____D C:\Program Files (x86)\Microsoft GameInput

==================== One month (modified) ==================

(If an entry is included in the fixlist, the file/folder will be moved.)

2023-04-25 18:11 - 2021-06-05 14:10 - 000000000 ___HD C:\WINDOWS\ELAMBKUP
2023-04-25 18:11 - 2021-06-05 14:09 - 000000000 ____D C:\WINDOWS\INF
2023-04-25 18:11 - 2021-06-05 14:01 - 000032768 _____ C:\WINDOWS\system32\config\ELAM
2023-04-25 18:10 - 2022-12-09 16:14 - 000000000 ____D C:\Program Files (x86)\Steam
2023-04-25 18:10 - 2020-08-23 02:04 - 000000000 ____D C:\ProgramData\McAfee
2023-04-25 18:09 - 2021-11-11 19:32 - 000000000 ____D C:\Users\LukáGLCache
2023-04-25 18:09 - 2021-11-11 19:32 - 000000000 ____D C:\Users\Luká
2023-04-25 18:09 - 2020-08-23 02:04 - 000000000 ____D C:\Program Files\Common Files\McAfee
2023-04-25 18:02 - 2021-06-05 14:10 - 000000000 ____D C:\ProgramData\regid.1991-06.com.microsoft
2023-04-25 17:58 - 2021-06-05 14:10 - 000000000 ____D C:\WINDOWS\SystemTemp
2023-04-25 17:57 - 2022-06-16 16:28 - 000000000 ____D C:\Users\Lukáš Botur\AppData\Local\D3DSCache
2023-04-25 17:47 - 2021-06-05 14:10 - 000000000 ___HD C:\Program Files\WindowsApps
2023-04-25 17:47 - 2021-06-05 14:10 - 000000000 ____D C:\WINDOWS\AppReadiness
2023-04-25 17:46 - 2021-08-21 15:18 - 000002443 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Microsoft Edge.lnk
2023-04-25 17:46 - 2021-08-21 15:18 - 000002281 _____ C:\Users\Public\Desktop\Microsoft Edge.lnk
2023-04-25 17:46 - 2021-06-05 14:01 - 000000000 ____D C:\WINDOWS\CbsTemp
2023-04-25 17:45 - 2022-10-18 13:53 - 000004224 _____ C:\WINDOWS\system32\Tasks\User_Feed_Synchronization-{6EAAF5FF-2D45-4BF6-9EC0-79A81F6D0E69}
2023-04-25 17:44 - 2021-08-21 15:18 - 000000000 ____D C:\ProgramData\NVIDIA
2023-04-25 17:40 - 2022-10-21 14:03 - 000000000 ____D C:\Users\Lukáš Botur\AppData\Roaming\Microsoft\Teams
2023-04-25 17:39 - 2022-10-18 13:53 - 000000000 ____D C:\WINDOWS\system32\Tasks\Hewlett-Packard
2023-04-25 17:39 - 2022-06-29 18:33 - 000000000 ____D C:\Users\Lukáš Botur\AppData\Roaming\discord
2023-04-25 17:39 - 2021-06-05 14:10 - 000000000 ____D C:\WINDOWS\ServiceState
2023-04-24 04:58 - 2022-10-18 13:45 - 000000000 ____D C:\WINDOWS\system32\SleepStudy
2023-04-23 03:37 - 2022-10-18 11:39 - 000000000 ____D C:\Users\Lukáš Botur
2023-04-22 04:59 - 2022-10-18 13:46 - 001823322 _____ C:\WINDOWS\system32\PerfStringBackup.INI
2023-04-22 04:59 - 2021-06-05 19:20 - 000754734 _____ C:\WINDOWS\system32\perfh005.dat
2023-04-22 04:59 - 2021-06-05 19:20 - 000166072 _____ C:\WINDOWS\system32\perfc005.dat
2023-04-22 04:55 - 2022-10-18 13:53 - 000000006 ____H C:\WINDOWS\Tasks\SA.DAT
2023-04-22 04:55 - 2021-08-21 15:18 - 000012288 ___SH C:\DumpStack.log.tmp
2023-04-21 16:34 - 2021-06-05 14:10 - 000000000 ____D C:\WINDOWS\LiveKernelReports
2023-04-21 05:17 - 2021-08-23 18:14 - 000000000 ____D C:\WINDOWS\system32\MRT
2023-04-21 03:52 - 2022-12-09 13:48 - 000000000 ____D C:\WINDOWS\Panther
2023-04-20 19:13 - 2021-08-23 18:14 - 156112424 ____C (Microsoft Corporation) C:\WINDOWS\system32\MRT.exe
2023-04-20 19:11 - 2021-06-05 14:01 - 000524288 _____ C:\WINDOWS\system32\config\BBI
2023-04-18 17:18 - 2022-10-24 12:54 - 000000000 ____D C:\Users\Lukáš Botur\Documents\PPSSPP
2023-04-18 17:09 - 2022-10-18 13:52 - 000080013 _____ C:\WINDOWS\diagwrn.xml
2023-04-18 17:09 - 2022-10-18 13:52 - 000080013 _____ C:\WINDOWS\diagerr.xml
2023-04-18 16:58 - 2021-06-05 14:10 - 000000000 ____D C:\WINDOWS\system32\SecurityHealth
2023-04-18 16:55 - 2021-09-06 18:39 - 000000000 ____D C:\Users\Lukáš Botur\AppData\Local\CrashDumps
2023-04-18 16:49 - 2021-08-21 15:59 - 000000000 ____D C:\Users\Lukáš Botur\AppData\Local\PlaceholderTileLogoFolder
2023-04-18 16:49 - 2021-08-21 15:57 - 000000000 ____D C:\Users\Lukáš Botur\AppData\Local\Packages
2023-04-17 17:33 - 2021-08-21 15:18 - 000000000 ____D C:\WINDOWS\system32\Drivers\wd
2023-04-17 17:24 - 2022-11-22 10:15 - 002790904 _____ (Microsoft Corporation) C:\WINDOWS\system32\xgameruntime.dll
2023-04-17 17:24 - 2022-11-22 10:15 - 000484856 _____ (Microsoft Corporation) C:\WINDOWS\system32\gameplatformservices.dll
2023-04-17 17:24 - 2022-11-22 10:15 - 000247248 _____ (Microsoft Corporation) C:\WINDOWS\system32\gamingservicesproxy.dll
2023-04-17 17:24 - 2022-11-22 10:15 - 000202232 _____ (Microsoft Corporation) C:\WINDOWS\system32\gameconfighelper.dll
2023-04-17 17:24 - 2022-11-22 10:15 - 000165368 _____ (Microsoft Corporation) C:\WINDOWS\system32\gamelaunchhelper.dll
2023-04-17 17:24 - 2022-11-22 10:15 - 000131072 _____ (Microsoft Corporation) C:\WINDOWS\system32\gamingtcuihelpers.dll
2023-04-17 17:24 - 2022-11-22 10:15 - 000079352 _____ (Microsoft Corporation) C:\WINDOWS\system32\xgamehelper.exe
2023-04-17 17:24 - 2022-11-22 10:15 - 000062968 _____ (Microsoft Corporation) C:\WINDOWS\system32\xgamecontrol.exe
2023-04-17 17:22 - 2020-08-23 02:04 - 000000000 ____D C:\Program Files (x86)\McAfee
2023-04-17 13:21 - 2019-12-03 02:21 - 000000000 ____D C:\Program Files\Microsoft Office
2023-04-17 13:15 - 2022-10-21 14:04 - 000002439 _____ C:\Users\Lukáš Botur\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Microsoft Teams (work or school).lnk
2023-04-17 12:58 - 2022-11-11 16:17 - 000001438 _____ C:\Users\Lukáš Botur\Desktop\Roblox Player.lnk
2023-04-17 12:58 - 2022-11-11 16:16 - 000001261 _____ C:\Users\Lukáš Botur\Desktop\Roblox Studio.lnk
2023-04-17 12:58 - 2022-11-11 16:16 - 000000000 ____D C:\Users\Lukáš Botur\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Roblox
2023-04-17 12:48 - 2022-10-18 13:53 - 000003640 _____ C:\WINDOWS\system32\Tasks\MicrosoftEdgeUpdateTaskMachineUA
2023-04-17 12:48 - 2022-10-18 13:53 - 000003516 _____ C:\WINDOWS\system32\Tasks\MicrosoftEdgeUpdateTaskMachineCore
2023-03-29 10:05 - 2022-10-24 13:36 - 000000000 ____D C:\Users\Lukáš Botur\Counter-Strike 1.6
2023-03-27 10:47 - 2022-10-18 13:53 - 000000000 ____D C:\WINDOWS\system32\Tasks\NCH Software
2023-03-27 10:21 - 2021-09-24 19:18 - 000000000 ____D C:\Users\Lukáš Botur\AppData\Roaming\Microsoft\Word

==================== Files in the root of some directories ========

2022-06-27 19:23 - 2022-06-28 18:35 - 000000016 _____ () C:\Users\Lukáš Botur\AppData\Roaming\obs-virtualcam.txt
2022-03-31 18:37 - 2022-06-07 18:44 - 000458890 _____ () C:\Users\Lukáš Botur\AppData\Roaming\VideoPad.dmp
2023-03-27 10:56 - 2023-03-27 10:56 - 000000017 _____ () C:\Users\Lukáš Botur\AppData\Local\resmon.resmoncfg

==================== SigCheck ============================

(There is no automatic fix for files that do not pass verification.)

==================== End of FRST.txt ========================

Additional scan result of Farbar Recovery Scan Tool (x64) Version: 25-04-2023
Ran by Lukáš Botur (25-04-2023 18:19:20)
Running from C:\Users\Lukáš Botur\Desktop
Microsoft Windows 11 Home Version 21H2 22000.1574 (X64) (2022-10-18 11:54:00)
Boot Mode: Normal
==========================================================


==================== Accounts: =============================


(If an entry is included in the fixlist, it will be removed.)

Administrator (S-1-5-21-4073583191-3554750098-3520840650-500 - Administrator - Disabled)
DefaultAccount (S-1-5-21-4073583191-3554750098-3520840650-503 - Limited - Disabled)
Guest (S-1-5-21-4073583191-3554750098-3520840650-501 - Limited - Disabled)
Lukáš Botur (S-1-5-21-4073583191-3554750098-3520840650-1002 - Administrator - Enabled) => C:\Users\Lukáš Botur
WDAGUtilityAccount (S-1-5-21-4073583191-3554750098-3520840650-504 - Limited - Disabled)

==================== Security Center ========================

(If an entry is included in the fixlist, it will be removed.)

AV: Malwarebytes (Enabled - Up to date) {0D452135-A081-B000-D6B6-132E52638543}
AV: Windows Defender (Disabled - Up to date) {D68DDC3A-831F-4fae-9E44-DA132C1ACF46}

==================== Installed Programs ======================

(Only the adware programs with "Hidden" flag could be added to the fixlist to unhide them. The adware programs should be uninstalled manually.)

AMD Radeon Settings (HKLM\...\WUCCCApp) (Version: 2019.0807.2241.40847 - Advanced Micro Devices, Inc.)
AMD Ryzen Master SDK Alpha (HKLM\...\{716F53C3-0B3F-4FB7-9AD7-9BC7DB7134A1}) (Version: 1.3.0.0533 - Advanced Micro Devices, Inc.)
Audacity 3.2.1 (HKLM\...\Audacity_is1) (Version: 3.2.1 - Audacity Team)
blender (HKLM\...\{A72A2DF9-8505-48E0-8CBA-49252FBF4600}) (Version: 3.2.1 - Blender Foundation)
Counter-Strike 1.6 (HKU\S-1-5-21-4073583191-3554750098-3520840650-1002\...\Counter-Strike 1.6) (Version: - )
Discord (HKU\S-1-5-21-4073583191-3554750098-3520840650-1002\...\Discord) (Version: 1.0.9005 - Discord Inc.)
Dragon UnPACKer 5 (HKLM-x32\...\DragonUnPACKer5_is1) (Version: 5.7.0 Beta - Alexandre Devilliers (aka Elbereth))
Dual-Core Optimizer (HKLM-x32\...\{9FD6F1A8-5550-46AF-8509-271DF0E768B5}) (Version: 1.1.4.0169 - AMD)
HP Audio Switch (HKLM-x32\...\{3A5141D4-47DB-4302-9B1C-272BE585BC8A}) (Version: 1.0.179.0 - HP Inc.)
HP Connection Optimizer (HKLM-x32\...\{6468C4A5-E47E-405F-B675-A70A70983EA6}) (Version: 2.0.15.0 - HP Inc.)
HP Documentation (HKLM\...\HP_Documentation) (Version: 1.0.0.1 - HP Inc.)
LEGO® Batman™ DEMO (HKLM-x32\...\InstallShield_{0B9F8BEE-59F2-43D5-A890-65F649D887A2}) (Version: 1.00.0000 - Warner Bros. Interactive Entertainment)
LEGO® Star Wars™: The Complete Saga (HKLM-x32\...\InstallShield_{D596980D-17BE-4425-B8F0-5640719AADE9}) (Version: 1.00.0000 - LucasArts)
Malwarebytes version 4.5.27.262 (HKLM\...\{35065F43-4BB2-439A-BFF7-0F1014F2E0CD}_is1) (Version: 4.5.27.262 - Malwarebytes)
Microsoft 365 - cs-cz (HKLM\...\O365HomePremRetail - cs-cz) (Version: 16.0.16227.20280 - Microsoft Corporation)
Microsoft 365 - en-us (HKLM\...\O365HomePremRetail - en-us) (Version: 16.0.16227.20280 - Microsoft Corporation)
Microsoft 365 - sk-sk (HKLM\...\O365HomePremRetail - sk-sk) (Version: 16.0.16227.20280 - Microsoft Corporation)
Microsoft Edge (HKLM-x32\...\Microsoft Edge) (Version: 112.0.1722.58 - Microsoft Corporation)
Microsoft Edge WebView2 Runtime (HKLM-x32\...\Microsoft EdgeWebView) (Version: 112.0.1722.58 - Microsoft Corporation)
Microsoft GameInput (HKLM-x32\...\{1F2B6AF3-C260-8666-5950-E3FEDBC851D6}) (Version: 10.1.22621.3036 - Microsoft Corporation)
Microsoft Teams (HKU\S-1-5-21-4073583191-3554750098-3520840650-1002\...\Teams) (Version: 1.6.00.6754 - Microsoft Corporation)
Microsoft Update Health Tools (HKLM\...\{843E8BAC-637E-4354-94D7-73D910E2168F}) (Version: 4.71.0.0 - Microsoft Corporation)
Microsoft Visual C++ 2005 Redistributable (HKLM-x32\...\{710f4c1c-cc18-4c49-8cbf-51240c89a1a2}) (Version: 8.0.61001 - Microsoft Corporation)
Microsoft Visual C++ 2005 Redistributable (HKLM-x32\...\{7299052b-02a4-4627-81f2-1818da5d550d}) (Version: 8.0.56336 - Microsoft Corporation)
Microsoft Visual C++ 2005 Redistributable (HKLM-x32\...\{837b34e3-7c30-493c-8f6a-2b0f04e2912c}) (Version: 8.0.59193 - Microsoft Corporation)
Microsoft Visual C++ 2005 Redistributable (x64) (HKLM\...\{071c9b48-7c32-4621-a0ac-3f809523288f}) (Version: 8.0.56336 - Microsoft Corporation)
Microsoft Visual C++ 2005 Redistributable (x64) (HKLM\...\{ad8a2fa1-06e7-4b0d-927d-6e54b3d31028}) (Version: 8.0.61000 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x64 9.0.30729.6161 (HKLM\...\{5FCE6D76-F5DC-37AB-B2B8-22AB8CEDB1D4}) (Version: 9.0.30729.6161 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x86 9.0.21022 (HKLM-x32\...\{FF66E9F6-83E7-3A3E-AF14-8DE9A809A6A4}) (Version: 9.0.21022 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.17 (HKLM-x32\...\{9A25302D-30C0-39D9-BD6F-21E6EC160475}) (Version: 9.0.30729 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.6161 (HKLM-x32\...\{9BE518E6-ECC6-35A9-88E4-87755C07200F}) (Version: 9.0.30729.6161 - Microsoft Corporation)
Microsoft Visual C++ 2010 x64 Redistributable - 10.0.40219 (HKLM\...\{1D8E6291-B0D5-35EC-8441-6616F567A0F7}) (Version: 10.0.40219 - Microsoft Corporation)
Microsoft Visual C++ 2010 x86 Redistributable - 10.0.40219 (HKLM-x32\...\{F0C3E5D1-1ADE-321E-8167-68EF0DE699A5}) (Version: 10.0.40219 - Microsoft Corporation)
Microsoft Visual C++ 2012 Redistributable (x64) - 11.0.61030 (HKLM-x32\...\{ca67548a-5ebe-413a-b50c-4b9ceb6d66c6}) (Version: 11.0.61030.0 - Microsoft Corporation)
Microsoft Visual C++ 2012 Redistributable (x86) - 11.0.61030 (HKLM-x32\...\{33d1fd90-4274-48a1-9bc1-97e33d9c2d6f}) (Version: 11.0.61030.0 - Microsoft Corporation)
Microsoft Visual C++ 2012 x64 Additional Runtime - 11.0.61030 (HKLM\...\{37B8F9C7-03FB-3253-8781-2517C99D7C00}) (Version: 11.0.61030 - Microsoft Corporation) Hidden
Microsoft Visual C++ 2012 x64 Minimum Runtime - 11.0.61030 (HKLM\...\{CF2BEA3C-26EA-32F8-AA9B-331F7E34BA97}) (Version: 11.0.61030 - Microsoft Corporation) Hidden
Microsoft Visual C++ 2012 x86 Additional Runtime - 11.0.61030 (HKLM-x32\...\{B175520C-86A2-35A7-8619-86DC379688B9}) (Version: 11.0.61030 - Microsoft Corporation) Hidden
Microsoft Visual C++ 2012 x86 Minimum Runtime - 11.0.61030 (HKLM-x32\...\{BD95A8CD-1D9F-35AD-981A-3E7925026EBB}) (Version: 11.0.61030 - Microsoft Corporation) Hidden
Microsoft Visual C++ 2013 Redistributable (x64) - 12.0.40664 (HKLM-x32\...\{042d26ef-3dbe-4c25-95d3-4c1b11b235a7}) (Version: 12.0.40664.0 - Microsoft Corporation)
Microsoft Visual C++ 2013 Redistributable (x86) - 12.0.40664 (HKLM-x32\...\{9dff3540-fc85-4ed5-ac84-9e3c7fd8bece}) (Version: 12.0.40664.0 - Microsoft Corporation)
Microsoft Visual C++ 2013 x64 Additional Runtime - 12.0.40664 (HKLM\...\{010792BA-551A-3AC0-A7EF-0FAB4156C382}) (Version: 12.0.40664 - Microsoft Corporation) Hidden
Microsoft Visual C++ 2013 x64 Minimum Runtime - 12.0.40664 (HKLM\...\{53CF6934-A98D-3D84-9146-FC4EDF3D5641}) (Version: 12.0.40664 - Microsoft Corporation) Hidden
Microsoft Visual C++ 2013 x86 Additional Runtime - 12.0.40664 (HKLM-x32\...\{D401961D-3A20-3AC7-943B-6139D5BD490A}) (Version: 12.0.40664 - Microsoft Corporation) Hidden
Microsoft Visual C++ 2013 x86 Minimum Runtime - 12.0.40664 (HKLM-x32\...\{8122DAB1-ED4D-3676-BB0A-CA368196543E}) (Version: 12.0.40664 - Microsoft Corporation) Hidden
Microsoft Visual C++ 2015-2022 Redistributable (x64) - 14.32.31326 (HKLM-x32\...\{2d507699-404c-4c8b-a54a-38e352f32cdd}) (Version: 14.32.31326.0 - Microsoft Corporation)
Microsoft Visual C++ 2015-2022 Redistributable (x86) - 14.32.31326 (HKLM-x32\...\{817e21c1-6b3a-4bc1-8c49-67e4e1887b3a}) (Version: 14.32.31326.0 - Microsoft Corporation)
Microsoft Visual C++ 2022 X64 Additional Runtime - 14.32.31326 (HKLM\...\{38624EB5-356D-4B08-8357-C33D89A5C0C5}) (Version: 14.32.31326 - Microsoft Corporation) Hidden
Microsoft Visual C++ 2022 X64 Minimum Runtime - 14.32.31326 (HKLM\...\{C96241EA-9900-4FE8-85B3-1E238D509DF6}) (Version: 14.32.31326 - Microsoft Corporation) Hidden
Microsoft Visual C++ 2022 X86 Additional Runtime - 14.32.31326 (HKLM-x32\...\{A250E750-DB3F-40C1-8460-8EF77C7582DA}) (Version: 14.32.31326 - Microsoft Corporation) Hidden
Microsoft Visual C++ 2022 X86 Minimum Runtime - 14.32.31326 (HKLM-x32\...\{46E11E7F-01E1-44D0-BB86-C67342D253DD}) (Version: 14.32.31326 - Microsoft Corporation) Hidden
NVIDIA FrameView SDK 1.1.4923.29968894 (HKLM\...\{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_FrameViewSdk) (Version: 1.1.4923.29968894 - NVIDIA Corporation)
NVIDIA GeForce Experience 3.23.0.74 (HKLM\...\{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_Display.GFExperience) (Version: 3.23.0.74 - NVIDIA Corporation)
NVIDIA Ovladače grafiky 526.56 (HKLM\...\{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_Display.Driver) (Version: 526.56 - NVIDIA Corporation)
NVIDIA Systémový software PhysX 9.19.0218 (HKLM\...\{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_Display.PhysX) (Version: 9.19.0218 - NVIDIA Corporation)
OBS Studio (HKLM-x32\...\OBS Studio) (Version: 27.2.4 - OBS Project)
Office 16 Click-to-Run Extensibility Component (HKLM\...\{90160000-008C-0000-1000-0000000FF1CE}) (Version: 16.0.16130.20218 - Microsoft Corporation) Hidden
Office 16 Click-to-Run Licensing Component (HKLM\...\{90160000-007E-0000-1000-0000000FF1CE}) (Version: 16.0.16227.20204 - Microsoft Corporation) Hidden
Office 16 Click-to-Run Localization Component (HKLM\...\{90160000-008C-0405-1000-0000000FF1CE}) (Version: 16.0.11929.20394 - Microsoft Corporation) Hidden
Office 16 Click-to-Run Localization Component (HKLM\...\{90160000-008C-0409-1000-0000000FF1CE}) (Version: 16.0.11929.20394 - Microsoft Corporation) Hidden
OpenAL (HKLM-x32\...\OpenAL) (Version: - )
paint.net (HKLM\...\{DBC43589-CC32-4502-BBEC-5B931AF4BD2E}) (Version: 5.0.2 - dotPDN LLC)
PhotoPad Image Editor (HKLM-x32\...\PhotoPad) (Version: 9.46 - NCH Software)
PPSSPP (HKLM\...\PPSSPP_is1) (Version: 1.13.2.0 - PPSSPP Team)
Radmin VPN 1.3.3 (HKLM-x32\...\{45781F86-380A-43AF-B82F-9093D4EC1047}) (Version: 1.3.4568.3 - Famatech)
Rayman Arena The Definitive Edition Online (HKLM-x32\...\{7D1F742E-99DE-46EE-98AF-BAEAD9861FFF}) (Version: 2.052 - Ubisoft) Hidden
Rayman Arena The Definitive Edition Online (HKLM-x32\...\Rayman Arena The Definitive Edition Online 2.052) (Version: 2.052 - Ubisoft)
Roblox Player for Lukáš Botur (HKU\S-1-5-21-4073583191-3554750098-3520840650-1002\...\roblox-player) (Version: - Roblox Corporation)
Roblox Studio for Lukáš Botur (HKU\S-1-5-21-4073583191-3554750098-3520840650-1002\...\roblox-studio) (Version: - Roblox Corporation)
Santa Claus in Trouble (HKLM-x32\...\Santa Claus in Trouble) (Version: - )
Steam (HKLM-x32\...\Steam) (Version: 2.10.91.91 - Valve Corporation)
Super Smash Flash 2 Beta (HKLM-x32\...\{7603695C-A9FF-48D5-BE83-CD07DB80E957}_is1) (Version: 1.3.1.2 - McLeodGaming Inc.)
TeamSpeak 3 Client (HKU\S-1-5-21-4073583191-3554750098-3520840650-1002\...\TeamSpeak 3 Client) (Version: 3.5.6 - TeamSpeak Systems GmbH)
The Witcher 2 - Assassins of Kings Enhanced Edition (HKLM-x32\...\1207658930_is1) (Version: 3.5.0.26 - GOG.com)
The Witcher Enhanced Edition Director's Cut (HKLM-x32\...\1207658924_is1) (Version: 2.1.0.15 - GOG.com)
Update for Windows 10 for x64-based Systems (KB5001716) (HKLM\...\{82BD0A1C-815F-487F-9AE7-CE73DA413CFF}) (Version: 4.91.0.0 - Microsoft Corporation)
WavePad Sound Editor (HKLM-x32\...\WavePad) (Version: 16.91 - NCH Software)
WinRAR 6.02 (64-bit) (HKLM\...\WinRAR archiver) (Version: 6.02.0 - win.rar GmbH)
XMLBCUI (HKLM-x32\...\XMLBCUI) (Version: - )

Packages:
=========
Amazon -> C:\Program Files\WindowsApps\Amazon.com.Amazon_2018.519.2815.0_x64__343d40qqvtj1t [2023-02-10] (Amazon.com)
B&O Audio Control -> C:\Program Files\WindowsApps\AD2F1837.BOAudioControl_1.7.195.0_x64__v10z8vjag6ke6 [2023-04-17] (HP Inc.)
Disney+ -> C:\Program Files\WindowsApps\Disney.37853FC22B2CE_1.49.3.0_x64__6rarf9sa4v8jt [2023-04-18] (Disney)
Doplněk multimediálního modulu pro aplikaci Fotografie -> C:\Program Files\WindowsApps\Microsoft.Photos.MediaEngineDLC_1.0.0.0_x64__8wekyb3d8bbwe [2023-02-10] (Microsoft Corporation)
Dropbox promotion -> C:\Program Files\WindowsApps\C27EB4BA.DropboxOEM_23.4.5.0_x64__xbfy0k16fey96 [2023-03-11] (Dropbox Inc.)
Energy Star -> C:\Program Files\WindowsApps\AD2F1837.HPInc.EnergyStar_1.2.0.0_x64__v10z8vjag6ke6 [2023-04-17] (HP Inc.)
HP CoolSense -> C:\Program Files\WindowsApps\ad2f1837.hpcoolsense_1.0.6.0_x64__v10z8vjag6ke6 [2023-02-10] (HP Inc.)
HP JumpStarts -> C:\Program Files\WindowsApps\AD2F1837.HPJumpStarts_1.10.1627.0_x64__v10z8vjag6ke6 [2023-03-13] (HP Inc.)
HP PC Hardware Diagnostics Windows -> C:\Program Files\WindowsApps\AD2F1837.HPPCHardwareDiagnosticsWindows_2.1.0.0_x64__v10z8vjag6ke6 [2023-02-10] (HP Inc.)
HP Privacy Settings -> C:\Program Files\WindowsApps\AD2F1837.HPPrivacySettings_1.2.74.0_x64__v10z8vjag6ke6 [2023-04-17] (HP Inc.)
HP Smart -> C:\Program Files\WindowsApps\AD2F1837.HPPrinterControl_143.1.1136.0_x64__v10z8vjag6ke6 [2023-03-11] (HP Inc.)
HP Support Assistant -> C:\Program Files\WindowsApps\AD2F1837.HPSupportAssistant_9.23.20.0_x64__v10z8vjag6ke6 [2023-04-17] (HP Inc.)
HP System Event Utility -> C:\Program Files\WindowsApps\AD2F1837.HPSystemEventUtility_1.3.2.0_x64__v10z8vjag6ke6 [2023-02-10] (HP Inc.)
McAfee® Personal Security -> C:\Program Files\WindowsApps\5A894077.McAfeeSecurity_2.1.68.0_x64__wafk5atnkzcwy [2023-03-11] (McAfee LLC.)
Minecraft Launcher -> C:\Program Files\WindowsApps\Microsoft.4297127D64EC6_1.2.4.0_x64__8wekyb3d8bbwe [2023-03-26] (Microsoft Studios)
NVIDIA Control Panel -> C:\Program Files\WindowsApps\NVIDIACorp.NVIDIAControlPanel_8.1.964.0_x64__56jybvy8sckqj [2023-03-11] (NVIDIA Corp.)
Power Automate -> C:\Program Files\WindowsApps\Microsoft.PowerAutomateDesktop_10.0.5878.0_x64__8wekyb3d8bbwe [2023-03-13] (Microsoft Corporation) [Startup Task]
Simple Solitaire -> C:\Program Files\WindowsApps\26720RandomSaladGamesLLC.SimpleSolitaire_7.4.14.0_x64__kx24dqmazqk8j [2023-04-17] (Random Salad Games LLC)
Spotify Music -> C:\Program Files\WindowsApps\SpotifyAB.SpotifyMusic_1.207.1277.0_x86__zpdnekdrzrea0 [2023-04-17] (Spotify AB) [Startup Task]

==================== Custom CLSID (Whitelisted): ==============

(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)

CustomCLSID: HKU\S-1-5-21-4073583191-3554750098-3520840650-1002_Classes\CLSID\{19A6E644-14E6-4A60-B8D7-DD20610A871D}\InprocServer32 -> C:\Users\Lukáš Botur\AppData\Local\Microsoft\TeamsMeetingAddin\1.0.23061.1\x64\Microsoft.Teams.AddinLoader.dll (Microsoft Corporation -> Microsoft Corporation)
CustomCLSID: HKU\S-1-5-21-4073583191-3554750098-3520840650-1002_Classes\CLSID\{23B3E3D8-C162-4A8B-AB0C-0905DCB1DF19}\InprocServer32 -> C:\Users\Lukáš Botur\AppData\Local\Packages\Microsoft.PowerAutomateDesktop_8wekyb3d8bbwe\TempState\RDP\DVCPlugin\x64\Microsoft.Flow.RPA.Desktop.UIAutomation.RDP.DVC.Plugin.dll (Microsoft Corporation -> )
ShellIconOverlayIdentifiers: [ OneDrive1] -> {BBACC218-34EA-4666-9D7A-C78F2274A524} => -> No File
ShellIconOverlayIdentifiers: [ OneDrive2] -> {5AB7172C-9C11-405C-8DD5-AF20F3606282} => -> No File
ShellIconOverlayIdentifiers: [ OneDrive3] -> {A78ED123-AB77-406B-9962-2A5D9D2F7F30} => -> No File
ShellIconOverlayIdentifiers: [ OneDrive4] -> {F241C880-6982-4CE5-8CF7-7085BA96DA5A} => -> No File
ShellIconOverlayIdentifiers: [ OneDrive5] -> {A0396A93-DC06-4AEF-BEE9-95FFCCAEF20E} => -> No File
ShellIconOverlayIdentifiers: [ OneDrive6] -> {9AA2F32D-362A-42D9-9328-24A483E2CCC3} => -> No File
ShellIconOverlayIdentifiers: [ OneDrive7] -> {C5FF006E-2AE9-408C-B85B-2DFDD5449D9C} => -> No File
ShellIconOverlayIdentifiers-x32: [ OneDrive1] -> {BBACC218-34EA-4666-9D7A-C78F2274A524} => -> No File
ShellIconOverlayIdentifiers-x32: [ OneDrive2] -> {5AB7172C-9C11-405C-8DD5-AF20F3606282} => -> No File
ShellIconOverlayIdentifiers-x32: [ OneDrive3] -> {A78ED123-AB77-406B-9962-2A5D9D2F7F30} => -> No File
ShellIconOverlayIdentifiers-x32: [ OneDrive4] -> {F241C880-6982-4CE5-8CF7-7085BA96DA5A} => -> No File
ShellIconOverlayIdentifiers-x32: [ OneDrive5] -> {A0396A93-DC06-4AEF-BEE9-95FFCCAEF20E} => -> No File
ShellIconOverlayIdentifiers-x32: [ OneDrive6] -> {9AA2F32D-362A-42D9-9328-24A483E2CCC3} => -> No File
ShellIconOverlayIdentifiers-x32: [ OneDrive7] -> {C5FF006E-2AE9-408C-B85B-2DFDD5449D9C} => -> No File
ContextMenuHandlers1: [WinRAR] -> {B41DB860-64E4-11D2-9906-E49FADC173CA} => C:\Program Files\WinRAR\rarext.dll [2021-06-11] (win.rar GmbH -> Alexander Roshal)
ContextMenuHandlers1-x32: [WinRAR32] -> {B41DB860-8EE4-11D2-9906-E49FADC173CA} => C:\Program Files\WinRAR\rarext32.dll [2021-06-11] (win.rar GmbH -> Alexander Roshal)
ContextMenuHandlers3: [MBAMShlExt] -> {57CE581A-0CB6-4266-9CA0-19364C90A0B3} => C:\Program Files\Malwarebytes\Anti-Malware\mbshlext.dll [2023-04-25] (Malwarebytes Inc. -> Malwarebytes)
ContextMenuHandlers5: [NvCplDesktopContext] -> {3D1975AF-48C6-4f8e-A182-BE0E08FA86A9} => C:\WINDOWS\System32\DriverStore\FileRepository\nvhm.inf_amd64_178c927f3d4607c8\nvshext.dll [2022-12-07] (Nvidia Corporation -> NVIDIA Corporation)
ContextMenuHandlers6: [MBAMShlExt] -> {57CE581A-0CB6-4266-9CA0-19364C90A0B3} => C:\Program Files\Malwarebytes\Anti-Malware\mbshlext.dll [2023-04-25] (Malwarebytes Inc. -> Malwarebytes)
ContextMenuHandlers6: [WinRAR] -> {B41DB860-64E4-11D2-9906-E49FADC173CA} => C:\Program Files\WinRAR\rarext.dll [2021-06-11] (win.rar GmbH -> Alexander Roshal)
ContextMenuHandlers6-x32: [WinRAR32] -> {B41DB860-8EE4-11D2-9906-E49FADC173CA} => C:\Program Files\WinRAR\rarext32.dll [2021-06-11] (win.rar GmbH -> Alexander Roshal)

==================== Codecs (Whitelisted) ====================

==================== Shortcuts & WMI ========================

==================== Loaded Modules (Whitelisted) =============

2022-12-09 16:16 - 2022-11-07 12:17 - 000387072 _____ () [File not signed] C:\Program Files (x86)\Steam\bin\cef\cef.win7x64\libegl.dll
2022-12-09 16:16 - 2022-11-07 12:17 - 008052736 _____ () [File not signed] C:\Program Files (x86)\Steam\bin\cef\cef.win7x64\libglesv2.dll
2019-01-08 13:03 - 2019-01-08 13:03 - 000017920 _____ () [File not signed] C:\Program Files\AMD\CNext\CNext\libEGL.DLL
2019-01-08 13:03 - 2019-01-08 13:03 - 003598336 _____ () [File not signed] C:\Program Files\AMD\CNext\CNext\libGLESv2.dll
2023-03-11 19:30 - 2023-03-11 19:30 - 000138240 _____ () [File not signed] C:\WINDOWS\assembly\NativeImages_v4.0.30319_32\Interop.IWs06dcaa36#\7c0462f0e7adc64124e14e8b45d14958\Interop.IWshRuntimeLibrary.ni.dll
2023-03-11 19:29 - 2023-03-11 19:29 - 000134656 _____ (hardcodet.net) [File not signed] C:\WINDOWS\assembly\NativeImages_v4.0.30319_32\Hardcodet.W6cab32f3#\0045abb09b8ceb4d8eeb9481014cba82\Hardcodet.Wpf.TaskbarNotification.ni.dll
2023-03-11 19:30 - 2023-03-11 19:30 - 001701888 _____ (Mark Heath & Contributors) [File not signed] C:\WINDOWS\assembly\NativeImages_v4.0.30319_32\NAudio\34490771b6a233f228710bbe979de45b\NAudio.ni.dll
2023-03-11 19:29 - 2023-03-11 19:29 - 003060736 _____ (Newtonsoft) [File not signed] C:\WINDOWS\assembly\NativeImages_v4.0.30319_32\Newtonsoft.Json\579eb7e151317089a61d6c22e33e797c\Newtonsoft.Json.ni.dll
2023-03-11 19:29 - 2023-03-11 19:29 - 000793088 _____ (The Apache Software Foundation) [File not signed] C:\WINDOWS\assembly\NativeImages_v4.0.30319_32\log4net\416d3c3071fed194df6f95173f7db30b\log4net.ni.dll
2019-01-08 13:03 - 2019-01-08 13:03 - 000031744 _____ (The Qt Company Ltd.) [File not signed] C:\Program Files\AMD\CNext\CNext\imageformats\qgif.dll
2019-01-08 13:03 - 2019-01-08 13:03 - 000040960 _____ (The Qt Company Ltd.) [File not signed] C:\Program Files\AMD\CNext\CNext\imageformats\qicns.dll
2019-01-08 13:03 - 2019-01-08 13:03 - 000031744 _____ (The Qt Company Ltd.) [File not signed] C:\Program Files\AMD\CNext\CNext\imageformats\qico.dll
2019-01-08 13:03 - 2019-01-08 13:03 - 000414208 _____ (The Qt Company Ltd.) [File not signed] C:\Program Files\AMD\CNext\CNext\imageformats\qjpeg.dll
2019-01-08 13:03 - 2019-01-08 13:03 - 000025088 _____ (The Qt Company Ltd.) [File not signed] C:\Program Files\AMD\CNext\CNext\imageformats\qsvg.dll
2019-01-08 13:03 - 2019-01-08 13:03 - 000025088 _____ (The Qt Company Ltd.) [File not signed] C:\Program Files\AMD\CNext\CNext\imageformats\qtga.dll
2019-01-08 13:03 - 2019-01-08 13:03 - 000023552 _____ (The Qt Company Ltd.) [File not signed] C:\Program Files\AMD\CNext\CNext\imageformats\qwbmp.dll
2019-01-08 13:03 - 2019-01-08 13:03 - 000516608 _____ (The Qt Company Ltd.) [File not signed] C:\Program Files\AMD\CNext\CNext\imageformats\qwebp.dll
2019-01-08 13:03 - 2019-01-08 13:03 - 001441280 _____ (The Qt Company Ltd.) [File not signed] C:\Program Files\AMD\CNext\CNext\platforms\qwindows.dll
2019-08-07 22:39 - 2019-08-07 22:39 - 005999104 _____ (The Qt Company Ltd.) [File not signed] C:\Program Files\AMD\CNext\CNext\Qt5Core.dll
2019-01-08 13:03 - 2019-01-08 13:03 - 006413824 _____ (The Qt Company Ltd.) [File not signed] C:\Program Files\AMD\CNext\CNext\Qt5Gui.dll
2019-01-08 13:03 - 2019-01-08 13:03 - 001141760 _____ (The Qt Company Ltd.) [File not signed] C:\Program Files\AMD\CNext\CNext\Qt5Network.dll
2019-01-08 13:03 - 2019-01-08 13:03 - 000339968 _____ (The Qt Company Ltd.) [File not signed] C:\Program Files\AMD\CNext\CNext\Qt5Positioning.dll
2019-01-08 13:03 - 2019-01-08 13:03 - 004143104 _____ (The Qt Company Ltd.) [File not signed] C:\Program Files\AMD\CNext\CNext\Qt5Qml.dll
2019-01-08 13:03 - 2019-01-08 13:03 - 003840000 _____ (The Qt Company Ltd.) [File not signed] C:\Program Files\AMD\CNext\CNext\Qt5Quick.dll
2019-01-08 13:03 - 2019-01-08 13:03 - 000332800 _____ (The Qt Company Ltd.) [File not signed] C:\Program Files\AMD\CNext\CNext\Qt5Svg.dll
2019-01-08 13:03 - 2019-01-08 13:03 - 000349184 _____ (The Qt Company Ltd.) [File not signed] C:\Program Files\AMD\CNext\CNext\Qt5WebEngine.dll
2019-01-08 13:03 - 2019-01-08 13:03 - 080959488 _____ (The Qt Company Ltd.) [File not signed] C:\Program Files\AMD\CNext\CNext\Qt5WebEngineCore.dll
2019-01-08 13:03 - 2019-01-08 13:03 - 000113152 _____ (The Qt Company Ltd.) [File not signed] C:\Program Files\AMD\CNext\CNext\Qt5WebChannel.dll
2019-01-08 13:03 - 2019-01-08 13:03 - 005622272 _____ (The Qt Company Ltd.) [File not signed] C:\Program Files\AMD\CNext\CNext\Qt5Widgets.dll
2019-01-08 13:03 - 2019-01-08 13:03 - 000463360 _____ (The Qt Company Ltd.) [File not signed] C:\Program Files\AMD\CNext\CNext\Qt5WinExtras.dll
2019-01-08 13:03 - 2019-01-08 13:03 - 000190464 _____ (The Qt Company Ltd.) [File not signed] C:\Program Files\AMD\CNext\CNext\Qt5Xml.dll
2019-01-08 13:03 - 2019-01-08 13:03 - 002825216 _____ (The Qt Company Ltd.) [File not signed] C:\Program Files\AMD\CNext\CNext\Qt5XmlPatterns.dll
2019-01-08 13:04 - 2019-01-08 13:04 - 000053760 _____ (The Qt Company Ltd.) [File not signed] C:\Program Files\AMD\CNext\CNext\QtGraphicalEffects\private\qtgraphicaleffectsprivate.dll
2019-01-08 13:04 - 2019-01-08 13:04 - 000059392 _____ (The Qt Company Ltd.) [File not signed] C:\Program Files\AMD\CNext\CNext\QtGraphicalEffects\qtgraphicaleffectsplugin.dll
2019-01-08 13:04 - 2019-01-08 13:04 - 000017408 _____ (The Qt Company Ltd.) [File not signed] C:\Program Files\AMD\CNext\CNext\QtQuick.2\qtquick2plugin.dll
2019-01-08 13:04 - 2019-01-08 13:04 - 000330752 _____ (The Qt Company Ltd.) [File not signed] C:\Program Files\AMD\CNext\CNext\QtQuick\Controls\qtquickcontrolsplugin.dll
2019-01-08 13:04 - 2019-01-08 13:04 - 000137216 _____ (The Qt Company Ltd.) [File not signed] C:\Program Files\AMD\CNext\CNext\QtQuick\Dialogs\dialogplugin.dll
2019-01-08 13:04 - 2019-01-08 13:04 - 000090112 _____ (The Qt Company Ltd.) [File not signed] C:\Program Files\AMD\CNext\CNext\QtQuick\Layouts\qquicklayoutsplugin.dll
2019-01-08 13:04 - 2019-01-08 13:04 - 000017920 _____ (The Qt Company Ltd.) [File not signed] C:\Program Files\AMD\CNext\CNext\QtQuick\Window.2\windowplugin.dll
2019-01-08 13:04 - 2019-01-08 13:04 - 000136192 _____ (The Qt Company Ltd.) [File not signed] C:\Program Files\AMD\CNext\CNext\styles\qwindowsvistastyle.dll

==================== Alternate Data Streams (Whitelisted) ========

(If an entry is included in the fixlist, only the ADS will be removed.)

AlternateDataStreams: C:\Users\Lukáš Botur\Desktop\FRST64.exe:MBAM.Zone.Identifier [240]
AlternateDataStreams: C:\Users\Lukáš Botur\Downloads\FRST64.exe:MBAM.Zone.Identifier [240]

==================== Safe Mode (Whitelisted) ==================

(If an entry is included in the fixlist, it will be removed from the registry. The "AlternateShell" will be restored.)

HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\MBAMService => ""="Service"
HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Network\MBAMService => ""="Service"

==================== Association (Whitelisted) =================

==================== Internet Explorer (Whitelisted) ==========

HKU\S-1-5-21-4073583191-3554750098-3520840650-1002\Software\Microsoft\Internet Explorer\Main,Start Page = hxxps://securesearch.org/homepage?hp=2&pId=BT170902&iDate=2022-03-22 05:31:37&iid=d93e7395-f8f6-4786-9655-453419f419f2&bName=
SearchScopes: HKLM -> {B65FF17C-B648-4501-A58A-2E2075516D2F} URL = hxxp://www.amazon.co.uk/s/ref=azs_osd_ieauk?ie ... earchTerms}
SearchScopes: HKLM-x32 -> {B65FF17C-B648-4501-A58A-2E2075516D2F} URL = hxxp://www.amazon.co.uk/s/ref=azs_osd_ieauk?ie ... earchTerms}
SearchScopes: HKU\S-1-5-21-4073583191-3554750098-3520840650-1002 -> {B65FF17C-B648-4501-A58A-2E2075516D2F} URL = hxxp://www.amazon.co.uk/s/ref=azs_osd_ieauk?ie ... earchTerms}
BHO: HP Network Check Helper -> {E76FD755-C1BA-4DCB-9F13-99BD91223ADE} -> C:\Program Files (x86)\HP\HP Support Framework\Resources\HPNetworkCheck\HPNetworkCheckPluginx64.dll [2023-01-10] (HP Inc. -> HP Inc.)
BHO-x32: Skype for Business Browser Helper -> {31D09BA0-12F5-4CCE-BE8A-2923E76605DA} -> C:\Program Files\Microsoft Office\root\VFS\ProgramFilesX86\Microsoft Office\Office16\OCHelper.dll [2023-03-07] (Microsoft Corporation -> Microsoft Corporation)
BHO-x32: HP Network Check Helper -> {E76FD755-C1BA-4DCB-9F13-99BD91223ADE} -> C:\Program Files (x86)\HP\HP Support Framework\Resources\HPNetworkCheck\HPNetworkCheckPlugin.dll [2023-01-10] (HP Inc. -> HP Inc.)
Handler: mso-minsb-roaming.16 - {83C25742-A9F7-49FB-9138-434302C88D07} - C:\Program Files\Microsoft Office\root\Office16\MSOSB.DLL [2023-04-17] (Microsoft Corporation -> Microsoft Corporation)
Handler-x32: mso-minsb-roaming.16 - {83C25742-A9F7-49FB-9138-434302C88D07} - C:\Program Files\Microsoft Office\root\VFS\ProgramFilesX86\Microsoft Office\Office16\MSOSB.DLL [2023-04-17] (Microsoft Corporation -> Microsoft Corporation)
Handler: mso-minsb.16 - {42089D2D-912D-4018-9087-2B87803E93FB} - C:\Program Files\Microsoft Office\root\Office16\MSOSB.DLL [2023-04-17] (Microsoft Corporation -> Microsoft Corporation)
Handler-x32: mso-minsb.16 - {42089D2D-912D-4018-9087-2B87803E93FB} - C:\Program Files\Microsoft Office\root\VFS\ProgramFilesX86\Microsoft Office\Office16\MSOSB.DLL [2023-04-17] (Microsoft Corporation -> Microsoft Corporation)
Handler: osf-roaming.16 - {42089D2D-912D-4018-9087-2B87803E93FB} - C:\Program Files\Microsoft Office\root\Office16\MSOSB.DLL [2023-04-17] (Microsoft Corporation -> Microsoft Corporation)
Handler-x32: osf-roaming.16 - {42089D2D-912D-4018-9087-2B87803E93FB} - C:\Program Files\Microsoft Office\root\VFS\ProgramFilesX86\Microsoft Office\Office16\MSOSB.DLL [2023-04-17] (Microsoft Corporation -> Microsoft Corporation)
Handler: osf.16 - {5504BE45-A83B-4808-900A-3A5C36E7F77A} - C:\Program Files\Microsoft Office\root\Office16\MSOSB.DLL [2023-04-17] (Microsoft Corporation -> Microsoft Corporation)
Handler-x32: osf.16 - {5504BE45-A83B-4808-900A-3A5C36E7F77A} - C:\Program Files\Microsoft Office\root\VFS\ProgramFilesX86\Microsoft Office\Office16\MSOSB.DLL [2023-04-17] (Microsoft Corporation -> Microsoft Corporation)

(If an entry is included in the fixlist, it will be removed from the registry.)

IE trusted site: HKU\.DEFAULT\...\localhost -> localhost
IE trusted site: HKU\.DEFAULT\...\webcompanion.com -> hxxp://webcompanion.com
IE trusted site: HKU\S-1-5-21-4073583191-3554750098-3520840650-1002\...\localhost -> localhost
IE trusted site: HKU\S-1-5-21-4073583191-3554750098-3520840650-1002\...\webcompanion.com -> hxxp://webcompanion.com

==================== Hosts content: =========================

(If needed Hosts: directive could be included in the fixlist to reset Hosts.)

2019-03-19 06:49 - 2019-03-19 06:49 - 000000824 _____ C:\WINDOWS\system32\drivers\etc\hosts

==================== Other Areas ===========================

(Currently there is no automatic fix for this section.)

HKLM\System\CurrentControlSet\Control\Session Manager\Environment\\Path -> C:\ProgramData\Oracle\Java\javapath;C:\windows\system32;C:\windows;C:\windows\System32\Wbem;C:\windows\System32\WindowsPowerShell\v1.0\;C:\windows\System32\OpenSSH\;C:\Program Files (x86)\NVIDIA Corporation\PhysX\Common;C:\Program Files\NVIDIA Corporation\NVIDIA NvDLISR;%SystemRoot%\system32;%SystemRoot%;%SystemRoot%\System32\Wbem;%SYSTEMROOT%\System32\WindowsPowerShell\v1.0\;%SYSTEMROOT%\System32\OpenSSH\
HKU\S-1-5-21-4073583191-3554750098-3520840650-1002\Control Panel\Desktop\\Wallpaper -> C:\Users\Lukáš Botur\Downloads\marvel-wallpaper-hd.jpg
DNS Servers: 192.168.0.1
HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Policies\System => (ConsentPromptBehaviorAdmin: 0) (ConsentPromptBehaviorUser: 3) (EnableLUA: 1)
Windows Firewall is enabled.

Network Binding:
=============
Radmin VPN: Realtek LightWeight Filter (NDIS6.40) -> nt_rtf64 (enabled)
Ethernet: Realtek LightWeight Filter (NDIS6.40) -> nt_rtf64 (enabled)
Wi-Fi: Realtek LightWeight Filter (NDIS6.40) -> nt_rtf64 (enabled)

==================== MSCONFIG/TASK MANAGER disabled items ==

(If an entry is included in the fixlist, it will be removed.)

HKU\S-1-5-21-4073583191-3554750098-3520840650-1002\...\StartupApproved\Run: => "MicrosoftEdgeAutoLaunch_C6B7CCDA677ECBAD0E76550B0401620A"

==================== FirewallRules (Whitelisted) ================

(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)

FirewallRules: [{47F1F495-F2C8-425D-852F-95EA8F9B89BB}] => (Allow) C:\Program Files (x86)\Steam\steamapps\common\Mafia\Mafia\Setup.exe => No File
FirewallRules: [{84946910-CD6E-4204-9229-F302D16E5C14}] => (Allow) C:\Program Files (x86)\Steam\steamapps\common\Mafia\Mafia\Setup.exe => No File
FirewallRules: [{31CD852D-5735-432F-B681-DD8F6B69D2C2}] => (Allow) C:\Program Files (x86)\Steam\steamapps\common\Mafia\Mafia\Game.exe => No File
FirewallRules: [{7B9C8E68-4E85-4895-8228-80C5BF8841D1}] => (Allow) C:\Program Files (x86)\Steam\steamapps\common\Mafia\Mafia\Game.exe => No File
FirewallRules: [UDP Query User{25176159-9924-43ED-B42A-697AA1765E07}C:\programdata\lukáš botur\discord\app-1.0.9006\discord.exe] => (Block) C:\programdata\lukáš botur\discord\app-1.0.9006\discord.exe => No File
FirewallRules: [TCP Query User{979119C8-323F-4271-A6D3-C1E8DD1BC2BA}C:\programdata\lukáš botur\discord\app-1.0.9006\discord.exe] => (Block) C:\programdata\lukáš botur\discord\app-1.0.9006\discord.exe => No File
FirewallRules: [UDP Query User{C724F105-7F60-4604-8057-B926602E66F5}C:\program files (x86)\steam\steamapps\common\borderlandspresequel\binaries\win32\borderlandspresequel.exe] => (Block) C:\program files (x86)\steam\steamapps\common\borderlandspresequel\binaries\win32\borderlandspresequel.exe => No File
FirewallRules: [TCP Query User{26A0E475-C03C-4C0A-BE7D-9D59E2E0857C}C:\program files (x86)\steam\steamapps\common\borderlandspresequel\binaries\win32\borderlandspresequel.exe] => (Block) C:\program files (x86)\steam\steamapps\common\borderlandspresequel\binaries\win32\borderlandspresequel.exe => No File
FirewallRules: [UDP Query User{45DBFCA6-7653-4DD9-B070-B74DBAF8D54B}C:\program files (x86)\steam\steamapps\common\batman arkham asylum goty\binaries\shippingpc-bmgame.exe] => (Block) C:\program files (x86)\steam\steamapps\common\batman arkham asylum goty\binaries\shippingpc-bmgame.exe => No File
FirewallRules: [TCP Query User{7EB20860-EE59-413F-8294-62AE42F210AA}C:\program files (x86)\steam\steamapps\common\batman arkham asylum goty\binaries\shippingpc-bmgame.exe] => (Block) C:\program files (x86)\steam\steamapps\common\batman arkham asylum goty\binaries\shippingpc-bmgame.exe => No File
FirewallRules: [UDP Query User{BF0991D6-F450-4686-81B2-0FC14641C1D6}C:\program files (x86)\gog galaxy\games\the witcher 2\bin\witcher2.exe] => (Block) C:\program files (x86)\gog galaxy\games\the witcher 2\bin\witcher2.exe () [File not signed]
FirewallRules: [TCP Query User{24661F20-E2EF-4C27-A255-6A58D22A0FEB}C:\program files (x86)\gog galaxy\games\the witcher 2\bin\witcher2.exe] => (Block) C:\program files (x86)\gog galaxy\games\the witcher 2\bin\witcher2.exe () [File not signed]
FirewallRules: [{F034352C-C2FB-4CD6-931C-B956F99D65D0}] => (Allow) C:\Program Files\NVIDIA Corporation\NvStreamSrv\nvstreamer.exe (NVIDIA Corporation -> NVIDIA Corporation)
FirewallRules: [{3C44160C-DBF5-46F9-B01E-1940C5F30B58}] => (Allow) C:\Program Files\NVIDIA Corporation\NvStreamSrv\nvstreamer.exe (NVIDIA Corporation -> NVIDIA Corporation)
FirewallRules: [{342B6439-5768-4425-8C8D-62191594791D}] => (Allow) C:\Program Files\NVIDIA Corporation\NvContainer\nvcontainer.exe (NVIDIA Corporation -> NVIDIA Corporation)
FirewallRules: [{EBF94358-01E9-4AD0-BF8C-A6BAE678B008}] => (Allow) C:\Program Files\NVIDIA Corporation\NvContainer\nvcontainer.exe (NVIDIA Corporation -> NVIDIA Corporation)
FirewallRules: [{ABF32917-2007-468B-B08F-887DB709BD3B}] => (Allow) C:\Program Files (x86)\Steam\bin\cef\cef.win7x64\steamwebhelper.exe (Valve Corp. -> Valve Corporation)
FirewallRules: [{391D1A98-BE17-4DA5-A842-AF2C57D1D4E8}] => (Allow) C:\Program Files (x86)\Steam\bin\cef\cef.win7x64\steamwebhelper.exe (Valve Corp. -> Valve Corporation)
FirewallRules: [{83E3DB46-ED3C-46A0-8021-940625C80EFF}] => (Allow) C:\Program Files (x86)\Steam\Steam.exe (Valve Corp. -> Valve Corporation)
FirewallRules: [{47AE67E2-48CF-4787-8D56-1640048CA02D}] => (Allow) C:\Program Files (x86)\Steam\Steam.exe (Valve Corp. -> Valve Corporation)
FirewallRules: [UDP Query User{08C0E333-D051-4269-85D8-556C16C77867}C:\users\lukáš botur\appdata\local\temp\rar$exa12500.10190\rayman arena\r_arena_21_9.exe] => (Block) C:\users\lukáš botur\appdata\local\temp\rar$exa12500.10190\rayman arena\r_arena_21_9.exe => No File
FirewallRules: [TCP Query User{E9358A7F-928E-4DB8-83CA-BE340328E710}C:\users\lukáš botur\appdata\local\temp\rar$exa12500.10190\rayman arena\r_arena_21_9.exe] => (Block) C:\users\lukáš botur\appdata\local\temp\rar$exa12500.10190\rayman arena\r_arena_21_9.exe => No File
FirewallRules: [UDP Query User{11A40E61-3E1F-4EE9-86A0-C21A43DB0E37}C:\users\lukáš botur\appdata\local\temp\rar$exa12500.35052\rayman arena\r_arena.exe] => (Block) C:\users\lukáš botur\appdata\local\temp\rar$exa12500.35052\rayman arena\r_arena.exe => No File
FirewallRules: [TCP Query User{224A7BD1-9BBD-4CD6-A4D7-23CFCB6B69D8}C:\users\lukáš botur\appdata\local\temp\rar$exa12500.35052\rayman arena\r_arena.exe] => (Block) C:\users\lukáš botur\appdata\local\temp\rar$exa12500.35052\rayman arena\r_arena.exe => No File
FirewallRules: [UDP Query User{079B436C-C742-4838-84E2-0499CFE46CB9}C:\program files (x86)\ubisoft\rayman arena the definitive edition online\game\sd\r_arena.exe] => (Block) C:\program files (x86)\ubisoft\rayman arena the definitive edition online\game\sd\r_arena.exe () [File not signed]
FirewallRules: [TCP Query User{B987B1F6-C4E7-4BB6-A4BC-60E203B9BF55}C:\program files (x86)\ubisoft\rayman arena the definitive edition online\game\sd\r_arena.exe] => (Block) C:\program files (x86)\ubisoft\rayman arena the definitive edition online\game\sd\r_arena.exe () [File not signed]
FirewallRules: [UDP Query User{97BCE61E-D387-4AB8-8BC1-85D5692979FA}C:\program files (x86)\ubisoft\rayman arena the definitive edition online\game\hd\r_arena.exe] => (Block) C:\program files (x86)\ubisoft\rayman arena the definitive edition online\game\hd\r_arena.exe () [File not signed]
FirewallRules: [TCP Query User{BB61525D-73E0-4930-A5A5-9FF4A13596E6}C:\program files (x86)\ubisoft\rayman arena the definitive edition online\game\hd\r_arena.exe] => (Block) C:\program files (x86)\ubisoft\rayman arena the definitive edition online\game\hd\r_arena.exe () [File not signed]
FirewallRules: [{3391E28C-FC00-445C-9705-81F4E1E210B3}] => (Allow) C:\Users\Lukáš Botur\AppData\Roaming\uTorrent\uTorrent.exe => No File
FirewallRules: [{D41D0ADD-09FB-4FAC-B4BA-B234092D7DC0}] => (Allow) C:\Users\Lukáš Botur\AppData\Roaming\uTorrent\uTorrent.exe => No File
FirewallRules: [{FB78C2FD-837A-4925-BB94-F7F267F85801}] => (Allow) C:\Users\Lukáš Botur\AppData\Roaming\uTorrent\uTorrent.exe => No File
FirewallRules: [{B3505644-3029-4670-B462-DE816EBC5A8F}] => (Allow) C:\Users\Lukáš Botur\AppData\Roaming\uTorrent\uTorrent.exe => No File
FirewallRules: [{64F811DE-0BC7-4B41-A74F-29C5963E33C2}] => (Allow) C:\Users\Lukáš Botur\AppData\Roaming\uTorrent\uTorrent.exe => No File
FirewallRules: [{498EB3A0-CC91-4523-B32A-C5DE44EE62CF}] => (Allow) C:\Users\Lukáš Botur\AppData\Roaming\uTorrent\uTorrent.exe => No File
FirewallRules: [UDP Query User{2F147AC1-E513-43F8-8E71-ABACAF6DBB8A}C:\program files (x86)\corepack\crash bandicoot n sane trilogy\crashbandicootnsanetrilogy.exe] => (Block) C:\program files (x86)\corepack\crash bandicoot n sane trilogy\crashbandicootnsanetrilogy.exe => No File
FirewallRules: [TCP Query User{68F6D587-99EA-47C6-AA06-2E958148EAB1}C:\program files (x86)\corepack\crash bandicoot n sane trilogy\crashbandicootnsanetrilogy.exe] => (Block) C:\program files (x86)\corepack\crash bandicoot n sane trilogy\crashbandicootnsanetrilogy.exe => No File
FirewallRules: [UDP Query User{A129F162-DDA4-4E83-85CE-2EFB300A02F3}C:\users\lukáš botur\appdata\roaming\.minecraft\runtime\java-runtime-beta\windows\java-runtime-beta\bin\javaw.exe] => (Block) C:\users\lukáš botur\appdata\roaming\.minecraft\runtime\java-runtime-beta\windows\java-runtime-beta\bin\javaw.exe
FirewallRules: [TCP Query User{202641E2-13FB-4944-A4A4-41ACAB6F1230}C:\users\lukáš botur\appdata\roaming\.minecraft\runtime\java-runtime-beta\windows\java-runtime-beta\bin\javaw.exe] => (Block) C:\users\lukáš botur\appdata\roaming\.minecraft\runtime\java-runtime-beta\windows\java-runtime-beta\bin\javaw.exe
FirewallRules: [UDP Query User{1E3E1B92-311B-4A13-9A72-FEB93FC991DF}C:\users\lukáš botur\pictures\camera roll\crash bandicoot serié\crash bandicoot ps1,ps2,psp,gba games\binaries\nodeserver.exe] => (Block) C:\users\lukáš botur\pictures\camera roll\crash bandicoot serié\crash bandicoot ps1,ps2,psp,gba games\binaries\nodeserver.exe => No File
FirewallRules: [TCP Query User{326C8CC3-A3EB-4148-92E9-8B9AF5DBA53D}C:\users\lukáš botur\pictures\camera roll\crash bandicoot serié\crash bandicoot ps1,ps2,psp,gba games\binaries\nodeserver.exe] => (Block) C:\users\lukáš botur\pictures\camera roll\crash bandicoot serié\crash bandicoot ps1,ps2,psp,gba games\binaries\nodeserver.exe => No File
FirewallRules: [UDP Query User{3EC9127F-6286-4E18-B9D1-D52673DFCA0F}C:\users\lukáš botur\appdata\roaming\.minecraft\runtime\jre-legacy\windows\jre-legacy\bin\javaw.exe] => (Block) C:\users\lukáš botur\appdata\roaming\.minecraft\runtime\jre-legacy\windows\jre-legacy\bin\javaw.exe
FirewallRules: [TCP Query User{1A37A13D-2338-4185-A74B-020AF1DB3049}C:\users\lukáš botur\appdata\roaming\.minecraft\runtime\jre-legacy\windows\jre-legacy\bin\javaw.exe] => (Block) C:\users\lukáš botur\appdata\roaming\.minecraft\runtime\jre-legacy\windows\jre-legacy\bin\javaw.exe
FirewallRules: [UDP Query User{55C5EE01-0CB2-4FFC-9B0B-DFF0A6D6CA40}C:\users\lukáš botur\appdata\roaming\.tlauncher\jvms\jre1.8.0_281\bin\javaw.exe] => (Block) C:\users\lukáš botur\appdata\roaming\.tlauncher\jvms\jre1.8.0_281\bin\javaw.exe
FirewallRules: [TCP Query User{8768F781-768F-4B83-8AFF-E823A9561CD7}C:\users\lukáš botur\appdata\roaming\.tlauncher\jvms\jre1.8.0_281\bin\javaw.exe] => (Block) C:\users\lukáš botur\appdata\roaming\.tlauncher\jvms\jre1.8.0_281\bin\javaw.exe
FirewallRules: [UDP Query User{A7B79216-6585-4E62-A684-9AE8D43ED4EB}C:\users\lukáš botur\documents\ryujinx\ryujinx.exe] => (Block) C:\users\lukáš botur\documents\ryujinx\ryujinx.exe => No File
FirewallRules: [TCP Query User{EEDCB58F-BBD1-4DAB-BB05-0BDF534EFD93}C:\users\lukáš botur\documents\ryujinx\ryujinx.exe] => (Block) C:\users\lukáš botur\documents\ryujinx\ryujinx.exe => No File
FirewallRules: [{D5907747-AD4A-4C89-BD0B-0A7D398499FA}] => (Allow) C:\Program Files\Microsoft Office\root\Office16\outlook.exe (Microsoft Corporation -> Microsoft Corporation)
FirewallRules: [{ACB5484B-1E7A-41CB-9660-9294D6494BD9}] => (Allow) C:\Program Files\BlueStacks_nxt\HD-Player.exe => No File
FirewallRules: [{00AA2CC6-D843-43FC-8A71-AAC9D4D611F1}] => (Allow) C:\Users\Lukáš Botur\AppData\Local\Programs\Opera\80.0.4170.40\opera.exe => No File
FirewallRules: [{75A9D824-3D6B-4885-ACB3-DDA2AFF20F2E}] => (Allow) C:\Program Files\NVIDIA Corporation\NvContainer\nvcontainer.exe (NVIDIA Corporation -> NVIDIA Corporation)
FirewallRules: [{BD3119C1-AFAE-449C-AE29-BFD0A319A6F1}] => (Allow) C:\Program Files\NVIDIA Corporation\NvContainer\nvcontainer.exe (NVIDIA Corporation -> NVIDIA Corporation)
FirewallRules: [{C62B112F-B117-4445-B3E7-7C27404695DE}] => (Allow) C:\Program Files\Common Files\McAfee\Platform\McSvcHost\McSvHost.exe => No File
FirewallRules: [TCP Query User{06E870F2-48E5-4B44-82DA-BFBA0E9541BF}C:\users\lukáš botur\counter-strike 1.6\hl.exe] => (Block) C:\users\lukáš botur\counter-strike 1.6\hl.exe (Valve) [File not signed]
FirewallRules: [UDP Query User{BA2E9E57-F5D9-41FB-9B23-8BB637AB02D6}C:\users\lukáš botur\counter-strike 1.6\hl.exe] => (Block) C:\users\lukáš botur\counter-strike 1.6\hl.exe (Valve) [File not signed]
FirewallRules: [{A4E5DFE7-D422-442F-B885-454C63140111}] => (Allow) C:\Program Files (x86)\Steam\steamapps\common\Sega Classics\SEGAGameRoom.exe => No File
FirewallRules: [{158740C6-A2FF-4BF8-9A42-BD7A8505A1A7}] => (Allow) C:\Program Files (x86)\Steam\steamapps\common\Sega Classics\SEGAGameRoom.exe => No File
FirewallRules: [{D9E36B52-104B-47A2-96C2-2F895C1B9B6B}] => (Allow) C:\Program Files (x86)\Steam\steamapps\common\Sega Classics\SEGAGenesisClassics.exe => No File
FirewallRules: [{90FD0391-E0BA-4202-A083-66A82508D238}] => (Allow) C:\Program Files (x86)\Steam\steamapps\common\Sega Classics\SEGAGenesisClassics.exe => No File
FirewallRules: [{425172ED-EDA5-4AB7-BF8D-781F55F236A9}] => (Allow) C:\Program Files (x86)\Steam\steamapps\common\LEGO Lord of the Rings\LEGOLOTR.exe => No File
FirewallRules: [{C8421B9E-813D-45E1-BD6D-03B54663EED1}] => (Allow) C:\Program Files (x86)\Steam\steamapps\common\LEGO Lord of the Rings\LEGOLOTR.exe => No File
FirewallRules: [{499DAE9E-C36D-4C15-AB64-825F10BD5F85}] => (Allow) C:\Program Files (x86)\Steam\steamapps\common\Sonic Generations\SonicGenerations.exe => No File
FirewallRules: [{DEB55A25-CBF0-4846-888A-7965BD425A06}] => (Allow) C:\Program Files (x86)\Steam\steamapps\common\Sonic Generations\SonicGenerations.exe => No File
FirewallRules: [{6EB29B80-0029-4D81-866E-1B196F638CCD}] => (Allow) C:\Program Files (x86)\Steam\steamapps\common\Sonic Generations\ConfigurationTool.exe => No File
FirewallRules: [{DD9D0945-80B7-4ED5-B0D4-F37746AD5981}] => (Allow) C:\Program Files (x86)\Steam\steamapps\common\Sonic Generations\ConfigurationTool.exe => No File
FirewallRules: [{C9A99B0A-CBCA-4268-B152-F34618B2B003}] => (Allow) C:\Program Files (x86)\Radmin VPN\RvControlSvc.exe (Famatech Corp. -> Famatech Corp.)
FirewallRules: [TCP Query User{1C10BB4C-86F5-429C-98B8-73532B0CAE16}C:\users\lukáš botur\appdata\local\roblox\versions\version-414f30f9e7d44304\robloxstudiobeta.exe] => (Block) C:\users\lukáš botur\appdata\local\roblox\versions\version-414f30f9e7d44304\robloxstudiobeta.exe (Roblox Corporation -> Roblox Corporation)
FirewallRules: [UDP Query User{A756E8D7-1534-473C-8F0A-03108FFF3A41}C:\users\lukáš botur\appdata\local\roblox\versions\version-414f30f9e7d44304\robloxstudiobeta.exe] => (Block) C:\users\lukáš botur\appdata\local\roblox\versions\version-414f30f9e7d44304\robloxstudiobeta.exe (Roblox Corporation -> Roblox Corporation)
FirewallRules: [TCP Query User{C4AB3B21-58E7-402C-A03E-64B897EE55C4}C:\program files\windowsapps\microsoftcorporationii.quickassist_2.0.9.0_x64__8wekyb3d8bbwe\quickassist.exe] => (Allow) C:\program files\windowsapps\microsoftcorporationii.quickassist_2.0.9.0_x64__8wekyb3d8bbwe\quickassist.exe => No File
FirewallRules: [UDP Query User{5E4185B6-903C-489F-9CD5-052523042AB2}C:\program files\windowsapps\microsoftcorporationii.quickassist_2.0.9.0_x64__8wekyb3d8bbwe\quickassist.exe] => (Allow) C:\program files\windowsapps\microsoftcorporationii.quickassist_2.0.9.0_x64__8wekyb3d8bbwe\quickassist.exe => No File
FirewallRules: [{3BB86E73-FC5A-42EE-8270-35F382301361}] => (Allow) C:\Program Files (x86)\Steam\steamapps\common\Team Fortress 2\hl2.exe (Valve Corp. -> )
FirewallRules: [{13403022-014A-4610-AF0B-047178686DAB}] => (Allow) C:\Program Files (x86)\Steam\steamapps\common\Team Fortress 2\hl2.exe (Valve Corp. -> )
FirewallRules: [{99830835-D069-4FD0-B3BF-7F4C4A24E04C}] => (Allow) C:\Program Files (x86)\Steam\steamapps\common\Counter-Strike Global Offensive\csgo.exe (Valve Corp. -> )
FirewallRules: [{D88DF53A-FE47-4FCF-B726-DB66B0B6DABF}] => (Allow) C:\Program Files (x86)\Steam\steamapps\common\Counter-Strike Global Offensive\csgo.exe (Valve Corp. -> )
FirewallRules: [{B6C533A9-2DCE-4CA9-BC16-A9E80E8CB1C9}] => (Allow) C:\Program Files\WindowsApps\Microsoft.SkypeApp_15.94.3428.0_x86__kzf8qxf38zg5c\Skype\Skype.exe (Skype Software Sarl -> )
FirewallRules: [{CE9F9E3C-3E45-43AE-9494-146921242445}] => (Allow) C:\Program Files\WindowsApps\Microsoft.SkypeApp_15.94.3428.0_x86__kzf8qxf38zg5c\Skype\Skype.exe (Skype Software Sarl -> )
FirewallRules: [{803F925E-C9A2-47D6-9E53-85A7295DB109}] => (Allow) C:\Program Files\WindowsApps\Microsoft.SkypeApp_15.94.3428.0_x86__kzf8qxf38zg5c\Skype\Skype.exe (Skype Software Sarl -> )
FirewallRules: [{0AE67226-6F31-442D-B915-23EB0F76E786}] => (Allow) C:\Program Files\WindowsApps\Microsoft.SkypeApp_15.94.3428.0_x86__kzf8qxf38zg5c\Skype\Skype.exe (Skype Software Sarl -> )
FirewallRules: [TCP Query User{81F08922-13F6-4B36-9F80-DEDE4E99AC53}C:\users\lukáš botur\appdata\local\temp\rar$exa16132.23861\windowsnoeditor\finalnights2\binaries\win64\finalnights2.exe] => (Block) C:\users\lukáš botur\appdata\local\temp\rar$exa16132.23861\windowsnoeditor\finalnights2\binaries\win64\finalnights2.exe => No File
FirewallRules: [UDP Query User{637F5EEF-2C49-4BFE-984A-D0CD5C5EDFE8}C:\users\lukáš botur\appdata\local\temp\rar$exa16132.23861\windowsnoeditor\finalnights2\binaries\win64\finalnights2.exe] => (Block) C:\users\lukáš botur\appdata\local\temp\rar$exa16132.23861\windowsnoeditor\finalnights2\binaries\win64\finalnights2.exe => No File
FirewallRules: [{97525A94-2541-4204-8212-E65A9D80F491}] => (Allow) C:\Program Files\WindowsApps\MicrosoftTeams_23078.300.1950.927_x64__8wekyb3d8bbwe\msteams.exe (Microsoft Corporation -> )
FirewallRules: [{92CC0E1D-B8B8-4F17-927D-F97FB4C73948}] => (Allow) C:\Program Files\WindowsApps\MicrosoftTeams_23078.300.1950.927_x64__8wekyb3d8bbwe\msteams.exe (Microsoft Corporation -> )
FirewallRules: [{6DB73ADD-6E2E-404F-915A-FA4C057111C8}] => (Allow) C:\Program Files\WindowsApps\SpotifyAB.SpotifyMusic_1.207.1277.0_x86__zpdnekdrzrea0\Spotify.exe (453637B3-4E12-4CDF-B0D3-2A3C863BF6EF -> )
FirewallRules: [{2D6035FE-EED4-4866-8125-74DB39618CE8}] => (Allow) C:\Program Files\WindowsApps\SpotifyAB.SpotifyMusic_1.207.1277.0_x86__zpdnekdrzrea0\Spotify.exe (453637B3-4E12-4CDF-B0D3-2A3C863BF6EF -> )
FirewallRules: [{01DBC090-3A8D-48E5-9B94-058DCC1B2556}] => (Allow) C:\Program Files\WindowsApps\SpotifyAB.SpotifyMusic_1.207.1277.0_x86__zpdnekdrzrea0\Spotify.exe (453637B3-4E12-4CDF-B0D3-2A3C863BF6EF -> )
FirewallRules: [{0C91A644-FA48-4FC6-B1EE-6EACA71946E7}] => (Allow) C:\Program Files\WindowsApps\SpotifyAB.SpotifyMusic_1.207.1277.0_x86__zpdnekdrzrea0\Spotify.exe (453637B3-4E12-4CDF-B0D3-2A3C863BF6EF -> )
FirewallRules: [{93500BA5-A312-4A64-BB53-6B2C3E7C6673}] => (Allow) C:\Program Files\WindowsApps\SpotifyAB.SpotifyMusic_1.207.1277.0_x86__zpdnekdrzrea0\Spotify.exe (453637B3-4E12-4CDF-B0D3-2A3C863BF6EF -> )
FirewallRules: [{2BA16EB6-F5D1-4FAE-A6F4-665F7B5182F3}] => (Allow) C:\Program Files\WindowsApps\SpotifyAB.SpotifyMusic_1.207.1277.0_x86__zpdnekdrzrea0\Spotify.exe (453637B3-4E12-4CDF-B0D3-2A3C863BF6EF -> )
FirewallRules: [{2F790046-C019-46B5-B80D-10913BA4BFD4}] => (Allow) C:\Program Files\WindowsApps\SpotifyAB.SpotifyMusic_1.207.1277.0_x86__zpdnekdrzrea0\Spotify.exe (453637B3-4E12-4CDF-B0D3-2A3C863BF6EF -> )
FirewallRules: [{6C5C14AC-5FE2-4963-AFB2-BF5F7D0E02F4}] => (Allow) C:\Program Files\WindowsApps\SpotifyAB.SpotifyMusic_1.207.1277.0_x86__zpdnekdrzrea0\Spotify.exe (453637B3-4E12-4CDF-B0D3-2A3C863BF6EF -> )
FirewallRules: [{6E6161A7-C92B-41C2-A224-2579D9C20210}] => (Allow) C:\Program Files (x86)\Microsoft\EdgeWebView\Application\112.0.1722.48\msedgewebview2.exe (Microsoft Corporation -> Microsoft Corporation)
FirewallRules: [{518B470A-765C-4A8E-9BB3-2877A4C8922C}] => (Allow) C:\Program Files (x86)\Microsoft\EdgeWebView\Application\112.0.1722.58\msedgewebview2.exe (Microsoft Corporation -> Microsoft Corporation)

==================== Restore Points =========================

21-04-2023 06:37:29 Naplánovaný kontrolní bod
25-04-2023 17:43:59 Instalační služba modulů systému Windows

==================== Faulty Device Manager Devices ============


==================== Event log errors: ========================

Application errors:
==================
Error: (04/25/2023 05:47:55 PM) (Source: Application Error) (EventID: 1000) (User: )
Description: Název chybující aplikace: SecurityHealthService.exe, verze: 10.0.22000.1042, časové razítko: 0x9618ea7b
Název chybujícího modulu: ucrtbase.dll, verze: 10.0.22000.1, časové razítko: 0x00e78ce9
Kód výjimky: 0xc0000409
Posun chyby: 0x000000000007dd7e
ID chybujícího procesu: 0x2cf4
Čas spuštění chybující aplikace: 0x01d9778d4c94cd18
Cesta k chybující aplikaci: C:\WINDOWS\system32\SecurityHealthService.exe
Cesta k chybujícímu modulu: C:\WINDOWS\SYSTEM32\ucrtbase.dll
ID zprávy: 5bfea0c9-b6eb-43d9-a6fb-fd5ef8bb53c0
Úplný název chybujícího balíčku:
ID aplikace související s chybujícím balíčkem:

Error: (04/25/2023 05:47:32 PM) (Source: Application Error) (EventID: 1000) (User: )
Description: Název chybující aplikace: SecurityHealthService.exe, verze: 10.0.22000.1042, časové razítko: 0x9618ea7b
Název chybujícího modulu: ucrtbase.dll, verze: 10.0.22000.1, časové razítko: 0x00e78ce9
Kód výjimky: 0xc0000409
Posun chyby: 0x000000000007dd7e
ID chybujícího procesu: 0xc14
Čas spuštění chybující aplikace: 0x01d974c8b0e03698
Cesta k chybující aplikaci: C:\WINDOWS\system32\SecurityHealthService.exe
Cesta k chybujícímu modulu: C:\WINDOWS\SYSTEM32\ucrtbase.dll
ID zprávy: de62cdae-13f2-4736-9a99-9fbeaf3c03b5
Úplný název chybujícího balíčku:
ID aplikace související s chybujícím balíčkem:

Error: (04/22/2023 04:56:36 AM) (Source: CertEnroll) (EventID: 86) (User: NT AUTHORITY)
Description: Inicializace registrace certifikátu SCEP pro WORKGROUP\LAPTOP-5QLDSND1$ přes https://AMD-KeyId-8a0578cf56146fea399af ... s/Aik/scep se nepovedla:

GetCACaps
GetCACaps: Not Found
{"Message":"The authority \"amd-keyid-8a0578cf56146fea399af903fb5b0ac36eb2786a.microsoftaik.azure.net\" does not exist."}
HTTP/1.1 404 Not Found
Date: Sat, 22 Apr 2023 02:56:35 GMT
Content-Length: 121
Content-Type: application/json; charset=utf-8
X-Content-Type-Options: nosniff
Strict-Transport-Security: max-age=31536000;includeSubDomains
x-ms-request-id: 801b544c-18a0-48cc-99f2-2095797d54b1

Metoda: GET(469ms)
Fáze: GetCACaps
Nenalezeno (404) 0x80190194 (-2145844844 HTTP_E_STATUS_NOT_FOUND)

Error: (04/22/2023 04:56:35 AM) (Source: CertEnroll) (EventID: 86) (User: NT AUTHORITY)
Description: Inicializace registrace certifikátu SCEP pro Místní systém přes https://AMD-KeyId-8a0578cf56146fea399af ... s/Aik/scep se nepovedla:

GetCACaps

Metoda: GET(76110ms)
Fáze: GetCACaps
Operace nebyla v požadované době dokončena. 0x80072ee2 (WinHttp: 12002 ERROR_WINHTTP_TIMEOUT)

Error: (04/20/2023 07:11:47 PM) (Source: CertEnroll) (EventID: 86) (User: NT AUTHORITY)
Description: Inicializace registrace certifikátu SCEP pro WORKGROUP\LAPTOP-5QLDSND1$ přes https://AMD-KeyId-8a0578cf56146fea399af ... s/Aik/scep se nepovedla:

GetCACaps

Metoda: GET(0ms)
Fáze: GetCACaps
Nelze rozpoznat název nebo adresu serveru. 0x80072ee7 (WinHttp: 12007 ERROR_WINHTTP_NAME_NOT_RESOLVED)

Error: (04/20/2023 07:11:47 PM) (Source: CertEnroll) (EventID: 86) (User: NT AUTHORITY)
Description: Inicializace registrace certifikátu SCEP pro Místní systém přes https://AMD-KeyId-8a0578cf56146fea399af ... s/Aik/scep se nepovedla:

GetCACaps

Metoda: GET(140ms)
Fáze: GetCACaps
Nelze rozpoznat název nebo adresu serveru. 0x80072ee7 (WinHttp: 12007 ERROR_WINHTTP_NAME_NOT_RESOLVED)

Error: (04/18/2023 04:55:55 PM) (Source: Application Error) (EventID: 1000) (User: )
Description: Název chybující aplikace: ShellExperienceHost.exe, verze: 10.0.22000.918, časové razítko: 0x7d80f2fe
Název chybujícího modulu: Windows.UI.Xaml.dll, verze: 10.0.22000.1574, časové razítko: 0x9e9bb144
Kód výjimky: 0xc000027b
Posun chyby: 0x0000000000834a20
ID chybujícího procesu: 0x4d54
Čas spuštění chybující aplikace: 0x01d97205afd959fd
Cesta k chybující aplikaci: C:\Windows\SystemApps\ShellExperienceHost_cw5n1h2txyewy\ShellExperienceHost.exe
Cesta k chybujícímu modulu: C:\Windows\System32\Windows.UI.Xaml.dll
ID zprávy: 32d92ba8-ead8-45d6-ad85-033b323dee3b
Úplný název chybujícího balíčku: Microsoft.Windows.ShellExperienceHost_10.0.22000.71_neutral_neutral_cw5n1h2txyewy
ID aplikace související s chybujícím balíčkem: App

Error: (04/17/2023 05:22:28 PM) (Source: CertEnroll) (EventID: 86) (User: NT AUTHORITY)
Description: Inicializace registrace certifikátu SCEP pro WORKGROUP\LAPTOP-5QLDSND1$ přes https://AMD-KeyId-8a0578cf56146fea399af ... s/Aik/scep se nepovedla:

GetCACaps
GetCACaps: Not Found
{"Message":"The authority \"amd-keyid-8a0578cf56146fea399af903fb5b0ac36eb2786a.microsoftaik.azure.net\" does not exist."}
HTTP/1.1 404 Not Found
Date: Mon, 17 Apr 2023 15:22:28 GMT
Content-Length: 121
Content-Type: application/json; charset=utf-8
X-Content-Type-Options: nosniff
Strict-Transport-Security: max-age=31536000;includeSubDomains
x-ms-request-id: 983c81db-b342-426e-9b27-0464a71fe716

Metoda: GET(265ms)
Fáze: GetCACaps
Nenalezeno (404) 0x80190194 (-2145844844 HTTP_E_STATUS_NOT_FOUND)


System errors:
=============
Error: (04/25/2023 05:47:55 PM) (Source: Service Control Manager) (EventID: 7031) (User: )
Description: Služba Služba Zabezpečení Windows byla nečekaně ukončena. Stalo se to 2 krát. Následující opravná akce bude spuštěna za 60000 milisekund: Restartovat službu.

Error: (04/25/2023 05:47:32 PM) (Source: Service Control Manager) (EventID: 7031) (User: )
Description: Služba Služba Zabezpečení Windows byla nečekaně ukončena. Stalo se to 1 krát. Následující opravná akce bude spuštěna za 60000 milisekund: Restartovat službu.

Error: (04/25/2023 05:42:15 PM) (Source: DCOM) (EventID: 10010) (User: LAPTOP-5QLDSND1)
Description: Server {8CFC164F-4BE5-4FDD-94E9-E2AF73ED4A19} se v daném časovém limitu neregistroval u služby DCOM.

Error: (04/25/2023 05:38:45 PM) (Source: Server) (EventID: 2505) (User: )
Description: Server nemohl vytvořit vazbu na přenos \Device\NetBT_Tcpip_{56BF6DDE-F136-4058-975C-123639AFEB3C}, protože jiný počítač v síti má stejný název. Server nelze spustit.

Error: (04/25/2023 05:38:41 PM) (Source: Server) (EventID: 2505) (User: )
Description: Server nemohl vytvořit vazbu na přenos \Device\NetBT_Tcpip_{C32F882A-8A76-4393-A8E1-BB3977F8B7CF}, protože jiný počítač v síti má stejný název. Server nelze spustit.

Error: (04/25/2023 05:06:54 PM) (Source: Server) (EventID: 2505) (User: )
Description: Server nemohl vytvořit vazbu na přenos \Device\NetBT_Tcpip_{C32F882A-8A76-4393-A8E1-BB3977F8B7CF}, protože jiný počítač v síti má stejný název. Server nelze spustit.

Error: (04/24/2023 05:02:19 AM) (Source: Server) (EventID: 2505) (User: )
Description: Server nemohl vytvořit vazbu na přenos \Device\NetBT_Tcpip_{C32F882A-8A76-4393-A8E1-BB3977F8B7CF}, protože jiný počítač v síti má stejný název. Server nelze spustit.

Error: (04/24/2023 04:58:25 AM) (Source: Server) (EventID: 2505) (User: )
Description: Server nemohl vytvořit vazbu na přenos \Device\NetBT_Tcpip_{C32F882A-8A76-4393-A8E1-BB3977F8B7CF}, protože jiný počítač v síti má stejný název. Server nelze spustit.


Windows Defender:
================
Date: 2023-04-23 03:21:21
Description:
Prohledávání Antivirová ochrana v programu Microsoft Defender bylo zastaveno před dokončením.
ID prohledávání: {300DA119-44E7-4CB1-9554-27086F99E30C}
Typ prohledávání: Antimalwarový program
Parametry prohledávání: Rychlé prohledávání
Uživatel: NT AUTHORITY\SYSTEM

Date: 2023-04-20 19:30:22
Description:
Prohledávání Antivirová ochrana v programu Microsoft Defender bylo zastaveno před dokončením.
ID prohledávání: {DBFA4894-22A8-4332-A482-4B1375D1BCCC}
Typ prohledávání: Antimalwarový program
Parametry prohledávání: Rychlé prohledávání
Uživatel: NT AUTHORITY\SYSTEM

Date: 2023-04-17 13:30:27
Description:
Prohledávání Antivirová ochrana v programu Microsoft Defender bylo zastaveno před dokončením.
ID prohledávání: {2E67BF94-79EE-4461-8B9B-12C346D71DD5}
Typ prohledávání: Antimalwarový program
Parametry prohledávání: Rychlé prohledávání
Uživatel: NT AUTHORITY\SYSTEM

Date: 2023-03-07 10:40:40
Description:
Prohledávání Antivirová ochrana v programu Microsoft Defender bylo zastaveno před dokončením.
ID prohledávání: {E5973FDD-6C23-4719-9603-084C43685495}
Typ prohledávání: Antimalwarový program
Parametry prohledávání: Rychlé prohledávání
Uživatel: NT AUTHORITY\SYSTEM

Date: 2023-02-28 10:33:55
Description:
Prohledávání Antivirová ochrana v programu Microsoft Defender bylo zastaveno před dokončením.
ID prohledávání: {EB7DA7E3-DC30-4ECC-ADAB-9201855F47BC}
Typ prohledávání: Antimalwarový program
Parametry prohledávání: Rychlé prohledávání
Uživatel: NT AUTHORITY\SYSTEM
Event[0]

Date: 2023-04-23 03:31:25
Description:
Antivirová ochrana v programu Microsoft Defender narazil na chybu při pokusu o aktualizaci bezpečnostních informací.
Nová verze bezpečnostních informací:
Předchozí verze bezpečnostních informací: 1.387.1781.0
Zdroj aktualizace: Server Microsoft Update
Typ bezpečnostních informací: Antivirový program
Typ aktualizace: Úplné
Uživatel: NT AUTHORITY\SYSTEM
Aktuální verze modulu:
Předchozí verze modulu: 1.1.20200.4
Kód chyby: 0x80240438
Popis chyby: Při zjišťování aktualizací došlo k neočekávaným potížím. Informace o instalaci nebo řešení potíží s aktualizacemi naleznete v nápovědě a podpoře.

Date: 2023-04-21 04:19:06
Description:
Antivirová ochrana v programu Microsoft Defender narazil na chybu při pokusu o aktualizaci bezpečnostních informací.
Nová verze bezpečnostních informací:
Předchozí verze bezpečnostních informací: 1.387.1423.0
Zdroj aktualizace: Centrum společnosti Microsoft pro ochranu před škodlivým softwarem
Typ bezpečnostních informací: Antivirový program
Typ aktualizace: Úplné
Uživatel: NT AUTHORITY\SYSTEM
Aktuální verze modulu:
Předchozí verze modulu: 1.1.20200.4
Kód chyby: 0x80072ee7
Popis chyby: Nelze rozpoznat název nebo adresu serveru.

Date: 2023-04-21 04:19:06
Description:
Antivirová ochrana v programu Microsoft Defender narazil na chybu při pokusu o aktualizaci bezpečnostních informací.
Nová verze bezpečnostních informací:
Předchozí verze bezpečnostních informací: 1.387.1423.0
Zdroj aktualizace: Centrum společnosti Microsoft pro ochranu před škodlivým softwarem
Typ bezpečnostních informací: Antispywarový program
Typ aktualizace: Úplné
Uživatel: NT AUTHORITY\SYSTEM
Aktuální verze modulu:
Předchozí verze modulu: 1.1.20200.4
Kód chyby: 0x80072ee7
Popis chyby: Nelze rozpoznat název nebo adresu serveru.

Date: 2023-04-21 04:19:06
Description:
Antivirová ochrana v programu Microsoft Defender narazil na chybu při pokusu o aktualizaci bezpečnostních informací.
Nová verze bezpečnostních informací:
Předchozí verze bezpečnostních informací: 1.387.1423.0
Zdroj aktualizace: Centrum společnosti Microsoft pro ochranu před škodlivým softwarem
Typ bezpečnostních informací: Antivirový program
Typ aktualizace: Úplné
Uživatel: NT AUTHORITY\SYSTEM
Aktuální verze modulu:
Předchozí verze modulu: 1.1.20200.4
Kód chyby: 0x80072ee7
Popis chyby: Nelze rozpoznat název nebo adresu serveru.

Date: 2023-04-21 04:19:06
Description:
Antivirová ochrana v programu Microsoft Defender narazil na chybu při pokusu o aktualizaci bezpečnostních informací.
Nová verze bezpečnostních informací:
Předchozí verze bezpečnostních informací: 1.387.1423.0
Zdroj aktualizace: Centrum společnosti Microsoft pro ochranu před škodlivým softwarem
Typ bezpečnostních informací: Antivirový program
Typ aktualizace: Úplné
Uživatel: NT AUTHORITY\SYSTEM
Aktuální verze modulu:
Předchozí verze modulu: 1.1.20200.4
Kód chyby: 0x80072ee7
Popis chyby: Nelze rozpoznat název nebo adresu serveru.

CodeIntegrity:
===============
Date: 2023-04-25 18:09:50
Description:
Code Integrity determined that a process (\Device\HarddiskVolume3\Program Files\Common Files\McAfee\ModuleCore\ProtectedModuleHost.exe) attempted to load \Device\HarddiskVolume3\Program Files\McAfee.com\Agent\WSCLLCGlobalSign.exe that did not meet the Custom 3 / Antimalware signing level requirements.

Date: 2023-04-25 18:09:50
Description:
Code Integrity determined that a process (\Device\HarddiskVolume3\Program Files\Common Files\McAfee\ModuleCore\ProtectedModuleHost.exe) attempted to load \Device\HarddiskVolume3\Program Files\Common Files\McAfee\Platform\Core\vtploader.dll that did not meet the Custom 3 / Antimalware signing level requirements.


==================== Memory info ===========================

BIOS: AMI F.13 03/03/2022
Motherboard: HP 86D4
Processor: AMD Ryzen 5 3550H with Radeon Vega Mobile Gfx
Percentage of memory in use: 83%
Total physical RAM: 6021.14 MB
Available physical RAM: 991.48 MB
Total Virtual: 14725.14 MB
Available Virtual: 5156.41 MB

==================== Drives ================================

Drive c: (Windows) (Fixed) (Total:237.62 GB) (Free:35.13 GB) (Model: SAMSUNG MZVLQ256HAJD-000H1) NTFS

\\?\Volume{2bf7d32c-3169-4918-9ae8-3340d3a0b707}\ () (Fixed) (Total:0.58 GB) (Free:0.08 GB) NTFS
\\?\Volume{a76424e6-ecfb-463c-a9fe-cbd76488f6ff}\ (SYSTEM) (Fixed) (Total:0.25 GB) (Free:0.17 GB) FAT32

==================== MBR & Partition Table ====================

==========================================================
Disk: 0 (Size: 238.5 GB) (Disk ID: 52F19EB3)

Partition: GPT.

==================== End of Addition.txt =======================
Nahoru
slidercz
Návštěvník
Návštěvník
Příspěvky: 38
Registrován: 18 zář 2014 19:19

Re: Prosím o kontrolu logu

#2 Příspěvek od slidercz »

zdravím ještě přikládám jeden poznatek dneska když jsem si ho vyzvedl a zapl tak po přihlášení do windows mi automaticky vyskočí okno v edgi s těmahle 2 stránkama

http://libittarc.com/ykT
https://oaxyteek.net/-81172JZKN/ykT?rnd ... 1682502142
Nahoru
Uživatelský avatar
JaRon
Moderátor
Moderátor
Příspěvky: 15214
Registrován: 29 bře 2005 13:39
Bydliště: BB-SK

Re: Prosím o kontrolu logu

#3 Příspěvek od JaRon »

Ahoj,
najdi a zmaz subor C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Startup\update.bat
Restart PC
Prescanuj s Adwcleanerom - log sem :)
FRST |ADWCleaner |MBAM |CCleaner |AVPTool

V prípade spokojnosti je možné podporiť fórum https://platba.viry.cz/payment/
Nahoru
slidercz
Návštěvník
Návštěvník
Příspěvky: 38
Registrován: 18 zář 2014 19:19

Re: Prosím o kontrolu logu

#4 Příspěvek od slidercz »

update.bat smazán log zde


# -------------------------------
# Malwarebytes AdwCleaner 8.4.0.0
# -------------------------------
# Build: 08-30-2022
# Database: 2022-10-10.1 (Cloud)
# Support: https://www.malwarebytes.com/support
#
# -------------------------------
# Mode: Scan
# -------------------------------
# Start: 04-26-2023
# Duration: 00:00:20
# OS: Windows 11 (Build 22000.1817)
# Scanned: 32101
# Detected: 22


***** [ Services ] *****

No malicious services found.

***** [ Folders ] *****

No malicious folders found.

***** [ Files ] *****

No malicious files found.

***** [ DLL ] *****

No malicious DLLs found.

***** [ WMI ] *****

No malicious WMI found.

***** [ Shortcuts ] *****

No malicious shortcuts found.

***** [ Tasks ] *****

No malicious tasks found.

***** [ Registry ] *****

No malicious registry entries found.

***** [ Chromium (and derivatives) ] *****

No malicious Chromium entries found.

***** [ Chromium URLs ] *****

No malicious Chromium URLs found.

***** [ Firefox (and derivatives) ] *****

No malicious Firefox entries found.

***** [ Firefox URLs ] *****

No malicious Firefox URLs found.

***** [ Hosts File Entries ] *****

No malicious hosts file entries found.

***** [ Preinstalled Software ] *****

Preinstalled.HPAudioSwitch Folder C:\Program Files (x86)\HP\HPAUDIOSWITCH
Preinstalled.HPAudioSwitch Registry HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tasks\{7ED79E6A-06E4-48D3-BE88-85A35F3A8458}
Preinstalled.HPAudioSwitch Registry HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tree\HPAudioSwitch
Preinstalled.HPAudioSwitch Task C:\Windows\System32\Tasks\HPAUDIOSWITCH
Preinstalled.HPCleanFLC Registry HKCU\Software\Microsoft\Windows\CurrentVersion\Explorer\StartupApproved\Run|HPSEU_Host_Launcher
Preinstalled.HPCleanFLC Registry HKCU\Software\Microsoft\Windows\CurrentVersion\Run|HPSEU_Host_Launcher
Preinstalled.HPCleanFLC Registry HKU\S-1-5-19\Software\Microsoft\Windows\CurrentVersion\Run|HPSEU_Host_Launcher
Preinstalled.HPCleanFLC Registry HKU\S-1-5-20\Software\Microsoft\Windows\CurrentVersion\Run|HPSEU_Host_Launcher
Preinstalled.HPRegistrationService Folder C:\ProgramData\HP\HP REGISTRATION SERVICE
Preinstalled.HPSupportAssistant Folder C:\HP\SUPPORT
Preinstalled.HPSupportAssistant Folder C:\ProgramData\HEWLETT-PACKARD\HP SUPPORT FRAMEWORK
Preinstalled.HPSupportAssistant Folder C:\Users\Lukáš Botur\AppData\Roaming\HEWLETT-PACKARD\HP SUPPORT FRAMEWORK
Preinstalled.HPSupportAssistant Registry HKCU\Software\Microsoft\Windows\CurrentVersion\Ext\Settings\{E76FD755-C1BA-4DCB-9F13-99BD91223ADE}
Preinstalled.HPSupportAssistant Registry HKCU\Software\Microsoft\Windows\CurrentVersion\Ext\Stats\{E76FD755-C1BA-4DCB-9F13-99BD91223ADE}
Preinstalled.HPSupportAssistant Registry HKLM\Software\Classes\CLSID\{E76FD755-C1BA-4DCB-9F13-99BD91223ADE}
Preinstalled.HPSupportAssistant Registry HKLM\Software\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{E76FD755-C1BA-4DCB-9F13-99BD91223ADE}
Preinstalled.HPSupportAssistant Registry HKLM\Software\Wow6432Node\\Classes\CLSID\{E76FD755-C1BA-4DCB-9F13-99BD91223ADE}
Preinstalled.HPSupportAssistant Registry HKLM\Software\Wow6432Node\\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{E76FD755-C1BA-4DCB-9F13-99BD91223ADE}
Preinstalled.HPSureConnect Folder C:\Program Files\HPCOMMRECOVERY
Preinstalled.HPSureConnect Registry HKLM\Software\Wow6432Node\\Microsoft\Windows\CurrentVersion\Uninstall\{6468C4A5-E47E-405F-B675-A70A70983EA6}
Preinstalled.HPTouchpointAnalyticsClient Folder C:\ProgramData\HP\HP TOUCHPOINT ANALYTICS CLIENT
Preinstalled.HPTouchpointAnalyticsClient Registry HKLM\Software\Microsoft\Windows\CurrentVersion\Uninstall\{E5FB98E0-0784-44F0-8CEC-95CD4690C43F}


AdwCleaner[S00].txt - [4824 octets] - [26/04/2023 10:53:17]
AdwCleaner[C00].txt - [2256 octets] - [26/04/2023 10:54:00]
AdwCleaner[S01].txt - [5866 octets] - [26/04/2023 11:12:20]
AdwCleaner[C01].txt - [3151 octets] - [26/04/2023 11:13:20]
AdwCleaner[S02].txt - [4274 octets] - [26/04/2023 11:13:46]

########## EOF - C:\AdwCleaner\Logs\AdwCleaner[S03].txt ##########
Nahoru
Uživatelský avatar
JaRon
Moderátor
Moderátor
Příspěvky: 15214
Registrován: 29 bře 2005 13:39
Bydliště: BB-SK

Re: Prosím o kontrolu logu

#5 Příspěvek od JaRon »

Vycisti PC s CCleanerom vcetne registrov
Restart
Ak je McAfee nefunkny odinstaluj ho
Napis ako sa sprava PC
FRST |ADWCleaner |MBAM |CCleaner |AVPTool

V prípade spokojnosti je možné podporiť fórum https://platba.viry.cz/payment/
Nahoru
slidercz
Návštěvník
Návštěvník
Příspěvky: 38
Registrován: 18 zář 2014 19:19

Re: Prosím o kontrolu logu

#6 Příspěvek od slidercz »

Zdravím děkuji za kontrolu cleanerem jsem to projel. Mcaffe odinstaloval. A nb je svižnejší. Ještě do něj koupím SSD disk pro druhé uložiště a zvednu ramku a myslím že nb ještě pár let vydrží.
Děkuji moc.
Nahoru
Uživatelský avatar
JaRon
Moderátor
Moderátor
Příspěvky: 15214
Registrován: 29 bře 2005 13:39
Bydliště: BB-SK

Re: Prosím o kontrolu logu

#7 Příspěvek od JaRon »

rado sa stalo :)
FRST |ADWCleaner |MBAM |CCleaner |AVPTool

V prípade spokojnosti je možné podporiť fórum https://platba.viry.cz/payment/
Nahoru
Zamčeno

Zpět na „Řešení problémů, logy“