Prosím o kontrolu logu, zpomalené PC

[Irbis]

Dobrý den, prosím o kontrolu logu. PC je velmi zpomalené.

Scan result of Farbar Recovery Scan Tool (FRST) (x64) Version: 28-08-2023
Ran by Luděk (administrator) on DESKTOP-MDPI0UB (Gigabyte Technology Co., Ltd. GA-870A-USB3) (08-09-2023 15:58:11)
Running from C:\Users\Luděk\Desktop\FRST64.exe
Loaded Profiles: Luděk
Platform: Microsoft Windows 10 Home Version 22H2 19045.3324 (X64) Language: Čeština (Česko)
Default browser: Opera
Boot Mode: Normal

==================== Processes (Whitelisted) =================

(If an entry is included in the fixlist, the process will be closed. The file will not be moved.)

() [File not signed] C:\Program Files (x86)\Gaming Keyboard\Monitor.EXE
(Advanced Micro Devices, Inc. -> Advanced Micro Devices Inc.) C:\Program Files (x86)\ATI Technologies\ATI.ACE\Core-Static\MOM.exe
(atiesrxx.exe ->) (Microsoft Windows Hardware Compatibility Publisher -> AMD) C:\Windows\System32\atieclxx.exe
(C:\Program Files (x86)\ATI Technologies\ATI.ACE\Core-Static\MOM.exe ->) (Advanced Micro Devices, Inc. -> Advanced Micro Devices Inc.) C:\Program Files (x86)\ATI Technologies\ATI.ACE\Core-Static\CCC.exe
(C:\Program Files (x86)\Gaming Keyboard\Monitor.EXE ->) () [File not signed] C:\Program Files (x86)\Gaming Keyboard\OSD.exe
(explorer.exe ->) (Microsoft Windows -> Microsoft Corporation) C:\Windows\System32\rundll32.exe
(explorer.exe ->) (Vivaldi Technologies AS -> Vivaldi Technologies AS) C:\Users\Luděk\AppData\Local\Vivaldi\Application\update_notifier.exe
(Hewlett-Packard Company -> Hewlett-Packard) C:\Program Files (x86)\HP\HP Software Update\hpwuschd2.exe
(Microsoft Windows -> Microsoft Corporation) C:\Windows\System32\MusNotifyIcon.exe
(Microsoft Windows -> Microsoft Corporation) C:\Windows\System32\SrTasks.exe
(PIRIFORM SOFTWARE LIMITED -> Piriform Software Ltd) C:\Program Files\CCleaner\CCleaner64.exe
(services.exe ->) (Adobe Inc. -> Adobe Inc.) C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\armsvc.exe
(services.exe ->) (Advanced Micro Devices, Inc. -> Advanced Micro Devices, Inc.) C:\Program Files\ATI Technologies\ATI.ACE\Fuel\Fuel.Service.exe
(services.exe ->) (Microsoft Windows Hardware Compatibility Publisher -> AMD) C:\Windows\System32\atiesrxx.exe
(services.exe ->) (Microsoft Windows Publisher -> Microsoft Corporation) C:\ProgramData\Microsoft\Windows Defender\Platform\4.18.23080.2006-0\MsMpEng.exe
(services.exe ->) (Microsoft Windows Publisher -> Microsoft Corporation) C:\ProgramData\Microsoft\Windows Defender\Platform\4.18.23080.2006-0\NisSrv.exe
(svchost.exe ->) (Google Inc -> Google LLC) C:\Program Files (x86)\Google\Update\GoogleUpdate.exe
(svchost.exe ->) (Hewlett Packard -> Hewlett-Packard Co.) C:\Program Files\HP\HP Deskjet 6520 series\Bin\HPNetworkCommunicatorCom.exe
(svchost.exe ->) (Microsoft Windows -> Microsoft Corporation) C:\Windows\System32\CompatTelRunner.exe <2>
(svchost.exe ->) (Microsoft Windows -> Microsoft Corporation) C:\Windows\System32\MoUsoCoreWorker.exe
(svchost.exe ->) (Microsoft Windows -> Microsoft Corporation) C:\Windows\System32\smartscreen.exe

==================== Registry (Whitelisted) ===================

(If an entry is included in the fixlist, the registry item will be restored to default or removed. The file will not be moved.)

HKLM-x32\...\Run: [Gaming Keyboard] => C:\Program Files (x86)\Gaming Keyboard\Monitor.exe [479232 2014-01-16] () [File not signed]
HKLM-x32\...\Run: [HP Software Update] => C:\Program Files (x86)\Hp\HP Software Update\HPWuSchd2.exe [96056 2013-05-30] (Hewlett-Packard Company -> Hewlett-Packard)
HKLM-x32\...\Run: [StartCCC] => C:\Program Files (x86)\ATI Technologies\ATI.ACE\Core-Static\amd64\CLIStart.exe [767176 2015-11-04] (Advanced Micro Devices, Inc. -> Advanced Micro Devices, Inc.)
HKLM\SOFTWARE\Policies\Microsoft\Windows\WindowsUpdate: Restriction <==== ATTENTION
HKU\S-1-5-21-2413350920-2034389097-1973294252-1001\...\Run: [CCleaner Smart Cleaning] => C:\Program Files\CCleaner\CCleaner64.exe [41584544 2023-08-11] (PIRIFORM SOFTWARE LIMITED -> Piriform Software Ltd)
HKU\S-1-5-21-2413350920-2034389097-1973294252-1001\...\Run: [Vivaldi Update Notifier] => C:\Users\Luděk\AppData\Local\Vivaldi\Application\update_notifier.exe [1868360 2019-11-07] (Vivaldi Technologies AS -> Vivaldi Technologies AS)
HKU\S-1-5-21-2413350920-2034389097-1973294252-1001\...\Run: [Opera Browser Assistant] => C:\Users\Luděk\AppData\Local\Programs\Opera\assistant\browser_assistant.exe [3955608 2023-06-20] (Opera Norway AS -> Opera Software)
HKLM\...\Print\Monitors\HP BA11 Status Monitor: C:\WINDOWS\system32\hpinkstsBA11LM.dll [331664 2012-06-12] (Hewlett Packard -> Hewlett-Packard Co.)
HKLM\...\Print\Monitors\HP Discovery Port Monitor (HP Deskjet 6520 series): C:\WINDOWS\system32\HPDiscoPMBA11.dll [741480 2012-10-17] (Hewlett Packard -> Hewlett-Packard Co.)
HKLM\Software\Microsoft\Active Setup\Installed Components: [{89B4C1CD-B018-4511-B0A1-5476DBF70820}] -> C:\Windows\System32\Rundll32.exe C:\Windows\System32\mscories.dll,Install
HKLM\Software\Microsoft\Active Setup\Installed Components: [{8A69D345-D564-463c-AFF1-A69D9E530F96}] -> C:\Program Files (x86)\Google\Chrome\Application\116.0.5845.180\Installer\chrmstp.exe [2023-09-08] (Google LLC -> Google LLC)
HKLM\Software\Wow6432Node\Microsoft\Active Setup\Installed Components: [{89B4C1CD-B018-4511-B0A1-5476DBF70820}] -> C:\Windows\SysWOW64\Rundll32.exe C:\Windows\SysWOW64\mscories.dll,Install
Startup: C:\Users\Luděk\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup\Sledovat výstrahy inkoustu - HP Deskjet 6520 series (Síť).lnk [2023-09-08]
ShortcutAndArgument: Sledovat výstrahy inkoustu - HP Deskjet 6520 series (Síť).lnk -> C:\WINDOWS\system32\RunDll32.exe => "C:\Program Files\HP\HP Deskjet 6520 series\bin\HPStatusBL.dll",RunDLLEntry SERIALNUMBER=TH471581W505XR;CONNECTION=NW;MONITOR=1;
GroupPolicy: Restriction ? <==== ATTENTION
Policies: C:\ProgramData\NTUSER.pol: Restriction <==== ATTENTION
HKLM\SOFTWARE\Policies\Mozilla\Firefox: Restriction <==== ATTENTION

==================== Scheduled Tasks (Whitelisted) =================

(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)

Task: {D50A5811-FA59-4419-9EED-04D05A8F00AA} - System32\Tasks\Adobe Acrobat Update Task => C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\AdobeARM.exe [1564152 2023-04-03] (Adobe Inc. -> Adobe Inc.)
Task: {EC7BC4ED-D860-4E92-9ED4-0D029ADE70BE} - System32\Tasks\Adobe Flash Player NPAPI Notifier => C:\WINDOWS\SysWOW64\Macromed\Flash\FlashUtil32_32_0_0_344_Plugin.exe [1458232 2020-04-07] (Adobe Inc. -> Adobe)
Task: {BBE6AED4-F3CC-4532-BB8C-13BC37399D16} - System32\Tasks\Adobe Flash Player PPAPI Notifier => C:\WINDOWS\SysWOW64\Macromed\Flash\FlashUtil32_29_0_0_171_pepper.exe [1367552 2018-05-25] (Adobe Systems Incorporated -> Adobe Systems Incorporated)
Task: {5F7351A8-B3DE-43FA-BF52-ACFFF91DED84} - System32\Tasks\CCleaner Update => C:\Program Files\CCleaner\CCUpdate.exe [714256 2023-08-11] (PIRIFORM SOFTWARE LIMITED -> Piriform Software Ltd)
Task: {A4CA4323-1BC0-4DFD-BB56-A73D661A2FB5} - System32\Tasks\CCleanerCrashReporting => C:\Program Files\CCleaner\CCleanerBugReport.exe [4703648 2023-08-11] (PIRIFORM SOFTWARE LIMITED -> Piriform Software) -> --product 90 --send dumps|report --path "C:\Program Files\CCleaner\LOG" --programpath "C:\Program Files\CCleaner" --configpath "C:\Program Files\CCleaner\Setup" --guid "6b0ecaf3-2418-4d46-b829-99fc295db756" --version "6.15.10623" --silent
Task: {73E3E88F-61AF-4C21-8668-C24B2AA30A79} - System32\Tasks\CCleanerSkipUAC - Luděk => C:\Program Files\CCleaner\CCleaner.exe [34687904 2023-08-11] (PIRIFORM SOFTWARE LIMITED -> Piriform Software Ltd)
Task: {76B3499E-5BC2-4221-B31A-8231FB59B539} - System32\Tasks\GoogleUpdateTaskMachineCore{10132984-78B2-4B79-A4CF-C2288057E5D6} => C:\Program Files (x86)\Google\Update\GoogleUpdate.exe [156456 2019-05-10] (Google Inc -> Google LLC)
Task: {AB957353-004E-4155-9614-BB1C3CABAB72} - System32\Tasks\GoogleUpdateTaskMachineUA{428DAF77-2FD7-4C6D-AD16-C1306C1430BF} => C:\Program Files (x86)\Google\Update\GoogleUpdate.exe [156456 2019-05-10] (Google Inc -> Google LLC)
Task: {21D6A383-D9C9-499C-A1D7-74EA2BC7E151} - System32\Tasks\Microsoft\Windows\WaaSMedic\MaintenanceWork => {72566E27-1ABB-4EB3-B4F0-EB431CB1CB32}
Task: {E348DDE2-5992-4FDB-8025-07532E42856E} - System32\Tasks\Microsoft\Windows\Windows Defender\Windows Defender Cache Maintenance => C:\ProgramData\Microsoft\Windows Defender\Platform\4.18.23080.2006-0\MpCmdRun.exe [1596304 2023-08-31] (Microsoft Windows Publisher -> Microsoft Corporation)
Task: {BA664ADD-792C-48ED-9226-BBAAECE40BD1} - System32\Tasks\Microsoft\Windows\Windows Defender\Windows Defender Cleanup => C:\ProgramData\Microsoft\Windows Defender\Platform\4.18.23080.2006-0\MpCmdRun.exe [1596304 2023-08-31] (Microsoft Windows Publisher -> Microsoft Corporation)
Task: {5CDB4870-7EE2-4D10-B3E4-654787F5A977} - System32\Tasks\Microsoft\Windows\Windows Defender\Windows Defender Scheduled Scan => C:\ProgramData\Microsoft\Windows Defender\Platform\4.18.23080.2006-0\MpCmdRun.exe [1596304 2023-08-31] (Microsoft Windows Publisher -> Microsoft Corporation)
Task: {AC3E566A-6801-40FF-B50A-7984AC7185CF} - System32\Tasks\Microsoft\Windows\Windows Defender\Windows Defender Verification => C:\ProgramData\Microsoft\Windows Defender\Platform\4.18.23080.2006-0\MpCmdRun.exe [1596304 2023-08-31] (Microsoft Windows Publisher -> Microsoft Corporation)
Task: {FD68B08B-5A19-4113-BBF9-9902DEE662B1} - System32\Tasks\Opera scheduled assistant Autoupdate 1583253520 => C:\Users\Luděk\AppData\Local\Programs\Opera\launcher.exe [2730912 2023-08-09] (Opera Norway AS -> Opera Software) -> --scheduledautoupdate --component-name=assistant --component-path="C:\Users\Luděk\AppData\Local\Programs\Opera\assistant" $(Arg0)
Task: {40E04251-7723-4EF7-8974-7453E35D80EB} - System32\Tasks\Opera scheduled Autoupdate 1583253510 => C:\Users\Luděk\AppData\Local\Programs\Opera\launcher.exe [2730912 2023-08-09] (Opera Norway AS -> Opera Software)

(If an entry is included in the fixlist, the task (.job) file will be moved. The file which is running by the task will not be moved.)

Task: C:\WINDOWS\Tasks\CCleanerCrashReporting.job => C:\Program Files\CCleaner\CCleanerBugReport.exe
Task: C:\WINDOWS\Tasks\CreateExplorerShellUnelevatedTask.job => C:\WINDOWS\explorer.exe

==================== Internet (Whitelisted) ====================

(If an item is included in the fixlist, if it is a registry item it will be removed or restored to default.)

Tcpip\Parameters: [DhcpNameServer] 192.168.2.1
Tcpip\..\Interfaces\{1f481996-2dc3-45c7-8a54-51b444d3aca5}: [DhcpNameServer] 192.168.2.1

Edge:
=======
Edge DefaultProfile: Default
Edge Profile: C:\Users\Luděk\AppData\Local\Microsoft\Edge\User Data\Default [2023-09-03]

FireFox:
========
FF DefaultProfile: 9a5fzjqm.default
FF ProfilePath: C:\Users\Luděk\AppData\Roaming\Mozilla\Firefox\Profiles\9a5fzjqm.default [2023-09-03]
FF Homepage: Mozilla\Firefox\Profiles\9a5fzjqm.default -> about:home
FF NewTab: Mozilla\Firefox\Profiles\9a5fzjqm.default -> about:newtab
FF Extension: (Vývojové sestavení Adblock Plus) - C:\Users\Luděk\AppData\Roaming\Mozilla\Firefox\Profiles\9a5fzjqm.default\Extensions\{d10d0bf8-f5b5-c8b4-a8b2-2b9879e08c5d}.xpi [2018-12-07]
FF Plugin: @adobe.com/FlashPlayer -> C:\WINDOWS\system32\Macromed\Flash\NPSWF64_32_0_0_344.dll [2020-04-07] (Adobe Inc. -> )
FF Plugin: Adobe Acrobat -> C:\Program Files\Adobe\Acrobat DC\Acrobat\Air\nppdf32.dll [2023-08-19] (Adobe Inc. -> Adobe Systems Inc.)
FF Plugin-x32: @adobe.com/FlashPlayer -> C:\WINDOWS\SysWOW64\Macromed\Flash\NPSWF32_32_0_0_344.dll [2020-04-07] (Adobe Inc. -> )
FF Plugin HKU\S-1-5-21-2413350920-2034389097-1973294252-1001: @updates.epicbrowser.com/Epic Privacy Browser Installer;version=3 -> C:\Users\Luděk\AppData\Local\Epic Privacy Browser\Installer\1.3.27.13\npEpicUpdate3.dll [No File]
FF Plugin HKU\S-1-5-21-2413350920-2034389097-1973294252-1001: @updates.epicbrowser.com/Epic Privacy Browser Installer;version=9 -> C:\Users\Luděk\AppData\Local\Epic Privacy Browser\Installer\1.3.27.13\npEpicUpdate3.dll [No File]

Chrome:
=======
CHR Profile: C:\Users\Luděk\AppData\Local\Google\Chrome\User Data\Default [2023-09-03]
CHR Extension: (Platby Internetového obchodu Chrome) - C:\Users\Luděk\AppData\Local\Google\Chrome\User Data\Default\Extensions\nmmhkkegccagdldgiimedpiccmgmieda [2021-12-12]

Opera:
=======
OPR Profile: C:\Users\Luděk\AppData\Roaming\Opera Software\Opera Stable [2023-09-08]
OPR DefaultSearchURL: Opera Stable -> hxxps://www.google.com/search?client=opera&q={s ... utEncoding}
OPR DefaultSearchKeyword: Opera Stable -> g
OPR Extension: (Rich Hints Agent) - C:\Users\Luděk\AppData\Roaming\Opera Software\Opera Stable\Extensions\enegjkbbakeegngfapepobipndnebkdk [2023-07-07]
OPR Extension: (Opera Wallet) - C:\Users\Luděk\AppData\Roaming\Opera Software\Opera Stable\Extensions\gojhcdgcpbpfigcaejpfhfegekdgiblk [2023-08-31]
OPR Extension: (Aria) - C:\Users\Luděk\AppData\Roaming\Opera Software\Opera Stable\Extensions\igpdmclhhlcpoindmhkhillbfhdgoegm [2023-08-31]
OPR Extension: (Amazon Assistant Promotion) - C:\Users\Luděk\AppData\Roaming\Opera Software\Opera Stable\Extensions\kbmoiomgmchbpihhdpabemajcbjpcijk [2021-11-15]
OPR Extension: (opera-intro) - C:\Users\Luděk\AppData\Local\Programs\Opera\101.0.4843.33\resources\opera_intro_extension [2023-08-08]

Vivaldi:
=======
VIV Profile: C:\Users\Luděk\AppData\Local\Vivaldi\User Data\Default [2023-09-03]

==================== Services (Whitelisted) ===================

(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)

R2 AdobeARMservice; C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\armsvc.exe [173040 2023-04-03] (Adobe Inc. -> Adobe Inc.)
R2 AMD FUEL Service; C:\Program Files\ATI Technologies\ATI.ACE\Fuel\Fuel.Service.exe [351944 2015-11-04] (Advanced Micro Devices, Inc. -> Advanced Micro Devices, Inc.)
S3 CCleanerPerformanceOptimizerService; C:\Program Files\CCleaner\CCleanerPerformanceOptimizerService.exe [1074080 2023-08-11] (PIRIFORM SOFTWARE LIMITED -> Piriform Software Ltd)
S2 MBAMService; C:\Program Files\Malwarebytes\Anti-Malware\MBAMService.exe [7848632 2021-11-10] (Malwarebytes Inc -> Malwarebytes)
R3 WdNisSvc; C:\ProgramData\Microsoft\Windows Defender\Platform\4.18.23080.2006-0\NisSrv.exe [3121008 2023-08-31] (Microsoft Windows Publisher -> Microsoft Corporation)
R2 WinDefend; C:\ProgramData\Microsoft\Windows Defender\Platform\4.18.23080.2006-0\MsMpEng.exe [133688 2023-08-31] (Microsoft Windows Publisher -> Microsoft Corporation)

===================== Drivers (Whitelisted) ===================

(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)

R2 AODDriver4.3; C:\Program Files\ATI Technologies\ATI.ACE\Fuel\amd64\AODDriver2.sys [59616 2014-02-11] (Advanced Micro Devices, Inc. -> Advanced Micro Devices)
S3 BthA2dp; C:\WINDOWS\System32\drivers\BthA2dp.sys [279040 2019-12-07] (Microsoft Corporation) [File not signed]
S3 BthHFEnum; C:\WINDOWS\System32\drivers\bthhfenum.sys [144896 2019-12-07] (Microsoft Corporation) [File not signed]
S3 MBAMSwissArmy; C:\WINDOWS\System32\Drivers\mbamswissarmy.sys [248992 2021-08-01] (Malwarebytes Inc -> Malwarebytes)
S0 WdBoot; C:\WINDOWS\System32\drivers\wd\WdBoot.sys [55872 2023-08-31] (Microsoft Windows Early Launch Anti-malware Publisher -> Microsoft Corporation)
R0 WdFilter; C:\WINDOWS\System32\drivers\wd\WdFilter.sys [574872 2023-08-31] (Microsoft Windows -> Microsoft Corporation)
R3 WdNisDrv; C:\WINDOWS\System32\drivers\wd\WdNisDrv.sys [105864 2023-08-31] (Microsoft Windows -> Microsoft Corporation)

==================== NetSvcs (Whitelisted) ===================

(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)


==================== One month (created) (Whitelisted) =========

(If an entry is included in the fixlist, the file/folder will be moved.)

2023-09-08 15:58 - 2023-09-08 16:02 - 000016142 _____ C:\Users\Luděk\Desktop\FRST.txt
2023-09-08 15:55 - 2023-09-08 15:55 - 002382336 _____ (Farbar) C:\Users\Luděk\Desktop\FRST64.exe
2023-09-05 17:56 - 2023-09-05 17:56 - 000091253 _____ C:\Users\Luděk\Downloads\poi_sp1815or939.zip
2023-09-05 17:55 - 2023-09-05 17:55 - 000091867 _____ C:\Users\Luděk\Downloads\poi_sp1755or939 (2).zip
2023-08-31 13:59 - 2023-08-31 13:59 - 000000270 __RSH C:\ProgramData\ntuser.pol
2023-08-31 13:29 - 2023-08-31 13:43 - 2699055104 _____ C:\Users\Luděk\Downloads\garuda-lxqt-kwin-linux-zen-230501.iso
2023-08-30 17:08 - 2023-08-30 17:17 - 2040672256 _____ C:\Users\Luděk\Downloads\Endeavouros_Cassini_Nova-03-2023_R3.iso
2023-08-29 18:13 - 2023-08-29 18:29 - 2683869184 _____ C:\Users\Luděk\Downloads\garuda-dr460nized-linux-zen-230501.iso
2023-08-28 18:00 - 2023-08-28 18:19 - 4052418560 _____ C:\Users\Luděk\Downloads\Mageia-9-Live-Plasma-x86_64.iso
2023-08-27 17:44 - 2023-08-27 17:55 - 2607808512 _____ C:\Users\Luděk\Downloads\MX-23_KDE_x64.iso
2023-08-12 16:13 - 2023-08-12 16:13 - 000000000 ___HD C:\$WinREAgent

==================== One month (modified) ==================

(If an entry is included in the fixlist, the file/folder will be moved.)

2023-09-08 16:06 - 2019-12-07 11:14 - 000000000 ____D C:\ProgramData\regid.1991-06.com.microsoft
2023-09-08 16:00 - 2023-01-21 15:29 - 000000000 ____D C:\FRST
2023-09-08 15:54 - 2023-02-23 16:57 - 000000000 ____D C:\WINDOWS\SystemTemp
2023-09-08 15:54 - 2016-03-13 11:38 - 000000000 ____D C:\Program Files (x86)\Google
2023-09-08 15:53 - 2019-05-10 17:18 - 000002301 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Google Chrome.lnk
2023-09-08 15:53 - 2019-05-10 17:18 - 000002260 _____ C:\Users\Public\Desktop\Google Chrome.lnk
2023-09-08 15:24 - 2017-10-26 12:40 - 000000000 ____D C:\Program Files\CCleaner
2023-09-07 18:40 - 2019-12-07 11:03 - 000000000 ____D C:\WINDOWS\CbsTemp
2023-09-07 18:37 - 2019-12-07 11:14 - 000000000 ____D C:\WINDOWS\AppReadiness
2023-09-06 17:34 - 2019-12-07 11:14 - 000000000 ___HD C:\Program Files\WindowsApps
2023-09-05 18:46 - 2023-02-14 13:02 - 000019606 _____ C:\Users\Luděk\Desktop\OpenRailsLog.txt
2023-09-05 18:40 - 2018-08-04 22:53 - 000000000 ____D C:\Users\Luděk\AppData\Local\CrashDumps
2023-09-05 18:11 - 2022-08-09 11:19 - 000000000 ____D C:\OpenRails
2023-09-04 17:46 - 2023-01-28 17:01 - 000000000 ____D C:\Aktualizace trati BP
2023-09-04 17:21 - 2023-02-23 17:56 - 000000006 ____H C:\WINDOWS\Tasks\SA.DAT
2023-09-04 17:21 - 2020-09-12 14:39 - 000008192 ___SH C:\DumpStack.log.tmp
2023-09-04 17:20 - 2019-12-07 11:03 - 000524288 _____ C:\WINDOWS\system32\config\BBI
2023-09-04 17:07 - 2016-03-11 13:09 - 000000000 ____D C:\Program Files (x86)\Steam
2023-09-04 17:05 - 2016-03-11 13:12 - 000000000 ____D C:\Users\Luděk\AppData\Local\Steam
2023-09-03 10:25 - 2020-06-14 17:29 - 000002436 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Microsoft Edge.lnk
2023-09-03 10:25 - 2020-06-14 17:29 - 000002274 _____ C:\Users\Public\Desktop\Microsoft Edge.lnk
2023-09-01 17:19 - 2023-02-23 17:56 - 000003592 _____ C:\WINDOWS\system32\Tasks\OneDrive Reporting Task-S-1-5-21-2413350920-2034389097-1973294252-1001
2023-09-01 17:19 - 2023-02-23 17:56 - 000003380 _____ C:\WINDOWS\system32\Tasks\OneDrive Standalone Update Task-S-1-5-21-2413350920-2034389097-1973294252-1001
2023-09-01 17:19 - 2023-02-23 17:26 - 000002381 _____ C:\Users\Luděk\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\OneDrive.lnk
2023-08-31 11:06 - 2018-05-24 13:38 - 000000000 ____D C:\WINDOWS\system32\Drivers\wd
2023-08-30 17:00 - 2023-02-23 17:26 - 000000000 ____D C:\Users\Luděk
2023-08-27 18:01 - 2021-09-20 15:51 - 000000000 ____D C:\Users\Luděk\AppData\Local\Rufus
2023-08-27 17:42 - 2019-12-07 11:13 - 000000000 ____D C:\WINDOWS\INF
2023-08-27 11:49 - 2021-01-24 19:35 - 000000000 ____D C:\Program Files\Microsoft Update Health Tools
2023-08-27 11:44 - 2023-02-23 17:38 - 001693136 _____ C:\WINDOWS\system32\PerfStringBackup.INI
2023-08-27 11:44 - 2019-12-07 16:41 - 000716602 _____ C:\WINDOWS\system32\perfh005.dat
2023-08-27 11:44 - 2019-12-07 16:41 - 000144780 _____ C:\WINDOWS\system32\perfc005.dat
2023-08-27 11:39 - 2023-02-23 17:18 - 000340680 _____ C:\WINDOWS\system32\FNTCACHE.DAT
2023-08-27 11:37 - 2022-11-08 12:16 - 000000760 _____ C:\WINDOWS\Tasks\CCleanerCrashReporting.job
2023-08-27 11:32 - 2019-12-07 11:14 - 000000000 ____D C:\WINDOWS\SysWOW64\WinMetadata
2023-08-27 11:32 - 2019-12-07 11:14 - 000000000 ____D C:\WINDOWS\SystemResources
2023-08-27 11:32 - 2019-12-07 11:14 - 000000000 ____D C:\WINDOWS\system32\WinMetadata
2023-08-27 11:32 - 2019-12-07 11:14 - 000000000 ____D C:\WINDOWS\system32\setup
2023-08-27 11:32 - 2019-12-07 11:14 - 000000000 ____D C:\WINDOWS\system32\migwiz
2023-08-27 11:32 - 2019-12-07 11:14 - 000000000 ____D C:\WINDOWS\system32\appraiser
2023-08-27 11:32 - 2019-12-07 11:14 - 000000000 ____D C:\WINDOWS\bcastdvr
2023-08-27 11:32 - 2019-12-07 11:14 - 000000000 ____D C:\WINDOWS\appcompat
2023-08-26 15:56 - 2023-02-23 17:56 - 000004562 _____ C:\WINDOWS\system32\Tasks\Adobe Acrobat Update Task
2023-08-26 15:55 - 2022-10-19 19:02 - 000002073 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Adobe Acrobat.lnk
2023-08-26 15:55 - 2022-10-19 19:02 - 000002061 _____ C:\Users\Public\Desktop\Adobe Acrobat.lnk
2023-08-19 15:22 - 2023-02-23 17:22 - 003015168 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\PrintConfig.dll
2023-08-19 14:31 - 2023-02-23 17:56 - 000003936 _____ C:\WINDOWS\system32\Tasks\CCleaner Update
2023-08-19 14:31 - 2023-02-23 17:56 - 000003476 _____ C:\WINDOWS\system32\Tasks\CCleanerCrashReporting
2023-08-19 14:24 - 2023-04-12 11:46 - 000004206 _____ C:\WINDOWS\system32\Tasks\Opera scheduled Autoupdate 1583253510
2023-08-19 14:24 - 2020-03-03 18:38 - 000001461 _____ C:\Users\Luděk\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Prohlížeč Opera.lnk
2023-08-12 16:01 - 2016-03-07 18:25 - 000000000 ____D C:\WINDOWS\system32\MRT
2023-08-12 15:48 - 2016-03-07 18:25 - 175983240 ____C (Microsoft Corporation) C:\WINDOWS\system32\MRT.exe

==================== Files in the root of some directories ========

2022-08-09 11:25 - 2022-08-09 11:25 - 000000025 _____ () C:\Users\Luděk\AppData\Roaming\alsoft.ini

==================== SigCheck ============================

(There is no automatic fix for files that do not pass verification.)

==================== End of FRST.txt ========================


Additional scan result of Farbar Recovery Scan Tool (x64) Version: 28-08-2023
Ran by Luděk (08-09-2023 16:22:42)
Running from C:\Users\Luděk\Desktop
Microsoft Windows 10 Home Version 22H2 19045.3324 (X64) (2023-02-23 15:58:20)
Boot Mode: Normal
==========================================================


==================== Accounts: =============================


(If an entry is included in the fixlist, it will be removed.)

Administrator (S-1-5-21-2413350920-2034389097-1973294252-500 - Administrator - Disabled)
DefaultAccount (S-1-5-21-2413350920-2034389097-1973294252-503 - Limited - Disabled)
Guest (S-1-5-21-2413350920-2034389097-1973294252-501 - Limited - Disabled)
Luděk (S-1-5-21-2413350920-2034389097-1973294252-1001 - Administrator - Enabled) => C:\Users\Luděk
WDAGUtilityAccount (S-1-5-21-2413350920-2034389097-1973294252-504 - Limited - Disabled)

==================== Security Center ========================

(If an entry is included in the fixlist, it will be removed.)

AV: Windows Defender (Enabled - Up to date) {D68DDC3A-831F-4fae-9E44-DA132C1ACF46}
AV: Kaspersky Internet Security (Disabled - Up to date) {4F76F112-43EB-40E8-11D8-F7BD1853EA23}
FW: Kaspersky Internet Security (Disabled) {774D7037-0984-41B0-3A87-5E88E680AD58}

==================== Installed Programs ======================

(Only the adware programs with "Hidden" flag could be added to the fixlist to unhide them. The adware programs should be uninstalled manually.)

7-Zip 15.13 (x64) (HKLM\...\7-Zip) (Version: 15.13 - Igor Pavlov)
7-Zip 22.01 (x64 edition) (HKLM\...\{23170F69-40C1-2702-2201-000001000000}) (Version: 22.01.00.0 - Igor Pavlov)
Adobe Acrobat (64-bit) (HKLM\...\{AC76BA86-1029-1033-7760-BC15014EA700}) (Version: 23.003.20284 - Adobe)
Adobe Flash Player 29 PPAPI (HKLM-x32\...\Adobe Flash Player PPAPI) (Version: 29.0.0.171 - Adobe Systems Incorporated)
Adobe Flash Player 32 NPAPI (HKLM-x32\...\Adobe Flash Player NPAPI) (Version: 32.0.0.344 - Adobe)
Adobe Refresh Manager (HKLM-x32\...\{AC76BA86-0804-1033-1959-018244601047}) (Version: 1.8.0 - Adobe Systems Incorporated) Hidden
AMD Catalyst Control Center (HKLM-x32\...\WUCCCApp) (Version: 1.00.0000 - AMD)
Ashampoo Burning Studio 6 FREE v.6.84 (HKLM-x32\...\{91B33C97-3ED1-03EA-A67B-244AA4D7B559}_is1) (Version: 6.8.4 - Ashampoo GmbH & Co. KG)
BomberFUN V1.02 (HKLM-x32\...\BomberFUN V1.02) (Version: - )
Catalyst Control Center - Branding (HKLM-x32\...\{11087D24-567D-7D88-69C6-D7A08B5F4C47}) (Version: 1.00.0000 - Advanced Micro Devices, Inc.) Hidden
CCleaner (HKLM\...\CCleaner) (Version: 6.15 - Piriform)
ConBuilder (HKLM-x32\...\ConBuilder) (Version: 2.03.0002 - WeiRuan)
Defraggler (HKLM\...\Defraggler) (Version: 2.22 - Piriform)
Dolní Kounice v2.1 (HKLM-x32\...\{B997EA27-ADE2-47BC-B4A9-A9187FD8A49E}) (Version: 2.1 - Dyk, Vačice, Bajou)
Farming Simulator 15 (HKLM-x32\...\FarmingSimulator2015CZ_is1) (Version: 1.4.0.0 - GIANTS Software)
FlatOut2 (HKLM-x32\...\{D4006E71-FF32-44FF-AD5A-B5EE4389B825}_is1) (Version: 1.0 - US - ACTION, s.r.o.)
Gaming Keyboard Driver (HKLM-x32\...\{4860EC50-3BEE-4AD4-9A52-D1D7CF92C592}) (Version: 1.0 - )
Google Chrome (HKLM-x32\...\Google Chrome) (Version: 116.0.5845.180 - Google LLC)
HP Deskjet 6520 series Nápověda (HKLM-x32\...\{CB98887B-0D5D-482A-8039-102F60DAA960}) (Version: 28.0.0 - Hewlett Packard)
HP Update (HKLM-x32\...\{912D30CF-F39E-4B31-AD9A-123C6B794EE2}) (Version: 5.005.002.002 - Hewlett-Packard)
Kontrola stavu osobního počítače s Windows (HKLM\...\{D1F15F7A-707A-42BD-BE6B-3380616F796D}) (Version: 3.6.2204.08001 - Microsoft Corporation)
LibreOffice 5.1 Help Pack (Czech) (HKLM\...\{CF75D6E3-00A3-4BB1-815C-0BBB999324CF}) (Version: 5.1.1.3 - The Document Foundation)
LibreOffice 5.1.1.3 (HKLM\...\{407B69E0-F7D7-45E2-AC19-96134B0294A2}) (Version: 5.1.1.3 - The Document Foundation)
Microsoft .NET Host - 5.0.10 (x86) (HKLM-x32\...\{EEC610D2-6934-4567-A658-092A1429A21A}) (Version: 40.40.30412 - Microsoft Corporation) Hidden
Microsoft .NET Host FX Resolver - 5.0.10 (x86) (HKLM-x32\...\{29F55E7D-9FB8-4F1D-A233-1F5995CB0FF5}) (Version: 40.40.30412 - Microsoft Corporation) Hidden
Microsoft .NET Runtime - 5.0.10 (x86) (HKLM-x32\...\{17675144-2D5B-4BA3-AF21-A65F7D824149}) (Version: 40.40.30412 - Microsoft Corporation) Hidden
Microsoft Edge (HKLM-x32\...\Microsoft Edge) (Version: 116.0.1938.69 - Microsoft Corporation)
Microsoft Edge WebView2 Runtime (HKLM-x32\...\Microsoft EdgeWebView) (Version: 116.0.1938.69 - Microsoft Corporation)
Microsoft OneDrive (HKU\S-1-5-21-2413350920-2034389097-1973294252-1001\...\OneDriveSetup.exe) (Version: 23.169.0813.0001 - Microsoft Corporation)
Microsoft Update Health Tools (HKLM\...\{2953E19B-9F91-4A49-A23B-7E25970A1951}) (Version: 3.73.0.0 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x64 9.0.30729.6161 (HKLM\...\{5FCE6D76-F5DC-37AB-B2B8-22AB8CEDB1D4}) (Version: 9.0.30729.6161 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.6161 (HKLM-x32\...\{9BE518E6-ECC6-35A9-88E4-87755C07200F}) (Version: 9.0.30729.6161 - Microsoft Corporation)
Microsoft Visual C++ 2010 x64 Redistributable - 10.0.40219 (HKLM\...\{1D8E6291-B0D5-35EC-8441-6616F567A0F7}) (Version: 10.0.40219 - Microsoft Corporation)
Microsoft Visual C++ 2010 x86 Redistributable - 10.0.40219 (HKLM-x32\...\{F0C3E5D1-1ADE-321E-8167-68EF0DE699A5}) (Version: 10.0.40219 - Microsoft Corporation)
Microsoft Visual C++ 2012 Redistributable (x64) - 11.0.50727 (HKLM-x32\...\{15134cb0-b767-4960-a911-f2d16ae54797}) (Version: 11.0.50727.1 - Microsoft Corporation)
Microsoft Visual C++ 2012 Redistributable (x86) - 11.0.50727 (HKLM-x32\...\{22154f09-719a-4619-bb71-5b3356999fbf}) (Version: 11.0.50727.1 - Microsoft Corporation)
Microsoft Visual C++ 2012 x64 Additional Runtime - 11.0.50727 (HKLM\...\{AC53FC8B-EE18-3F9C-9B59-60937D0B182C}) (Version: 11.0.50727 - Microsoft Corporation) Hidden
Microsoft Visual C++ 2012 x64 Minimum Runtime - 11.0.50727 (HKLM\...\{A2CB1ACB-94A2-32BA-A15E-7D80319F7589}) (Version: 11.0.50727 - Microsoft Corporation) Hidden
Microsoft Visual C++ 2012 x86 Additional Runtime - 11.0.50727 (HKLM-x32\...\{FDB30193-FDA0-3DAA-ACCA-A75EEFE53607}) (Version: 11.0.50727 - Microsoft Corporation) Hidden
Microsoft Visual C++ 2012 x86 Minimum Runtime - 11.0.50727 (HKLM-x32\...\{2F73A7B2-E50E-39A6-9ABC-EF89E4C62E36}) (Version: 11.0.50727 - Microsoft Corporation) Hidden
Microsoft Visual C++ 2015 Redistributable (x64) - 14.0.24215 (HKLM-x32\...\{d992c12e-cab2-426f-bde3-fb8c53950b0d}) (Version: 14.0.24215.1 - Microsoft Corporation)
Microsoft Visual C++ 2015 Redistributable (x86) - 14.0.24215 (HKLM-x32\...\{e2803110-78b3-4664-a479-3611a381656a}) (Version: 14.0.24215.1 - Microsoft Corporation)
Microsoft Visual C++ 2015 x86 Additional Runtime - 14.0.24215 (HKLM-x32\...\{69BCE4AC-9572-3271-A2FB-9423BDA36A43}) (Version: 14.0.24215 - Microsoft Corporation) Hidden
Microsoft Visual C++ 2015 x86 Minimum Runtime - 14.0.24215 (HKLM-x32\...\{BBF2AC74-720C-3CB3-8291-5E34039232FA}) (Version: 14.0.24215 - Microsoft Corporation) Hidden
Microsoft Visual C++ 2015-2022 Redistributable (x64) - 14.34.31931 (HKLM-x32\...\{d4cecf3b-b68f-4995-8840-52ea0fab646e}) (Version: 14.34.31931.0 - Microsoft Corporation)
Microsoft Visual C++ 2017 Redistributable (x64) - 14.16.27027 (HKLM-x32\...\{fd9b6070-d13e-45dc-819b-41806bf45b6b}) (Version: 14.16.27027.1 - Microsoft Corporation)
Microsoft Visual C++ 2022 X64 Additional Runtime - 14.34.31931 (HKLM\...\{EAE242B1-0A26-485A-BFEB-0292EE9F03CB}) (Version: 14.34.31931 - Microsoft Corporation) Hidden
Microsoft Visual C++ 2022 X64 Minimum Runtime - 14.34.31931 (HKLM\...\{CF4C347D-954E-4543-88D2-EC17F07F466F}) (Version: 14.34.31931 - Microsoft Corporation) Hidden
Microsoft Windows Desktop Runtime - 5.0.10 (x86) (HKLM-x32\...\{DCE5198A-7449-4F9F-A630-C8363759D0FB}) (Version: 40.40.30418 - Microsoft Corporation) Hidden
Microsoft XNA Framework Redistributable 3.1 (HKLM-x32\...\{19BFDA5D-1FE2-4F25-97F9-1A79DD04EE20}) (Version: 3.1.10527.0 - Microsoft Corporation)
MKVToolNix 51.0.0 (64-bit) (HKLM-x32\...\MKVToolNix) (Version: 51.0.0 - Moritz Bunkus)
Mozilla Firefox 64.0.2 (x64 cs) (HKLM\...\Mozilla Firefox 64.0.2 (x64 cs)) (Version: 64.0.2 - Mozilla)
Mozilla Maintenance Service (HKLM\...\MozillaMaintenanceService) (Version: 63.0.3 - Mozilla)
NVIDIA PhysX (HKLM-x32\...\{3F5C371F-8EA2-4F25-9D3D-D0B4526E3AEA}) (Version: 9.10.0513 - NVIDIA Corporation)
Open Rails 1.4 (HKLM-x32\...\{94E15E08-869D-4B69-B8D7-8C82075CB51C} ; Generat~67F3DAC8_is1) (Version: 1.4 - Open Rails Project)
OpenAL (HKLM-x32\...\OpenAL) (Version: - )
Opera Stable 101.0.4843.43 (HKU\S-1-5-21-2413350920-2034389097-1973294252-1001\...\Opera 101.0.4843.43) (Version: 101.0.4843.43 - Opera Software)
Pomocník s aktualizací Windows 10 (HKLM-x32\...\{D5C69738-B486-402E-85AC-2456D98A64E4}) (Version: 1.4.19041.2183 - Microsoft Corporation)
Recuva (HKLM\...\Recuva) (Version: 1.53 - Piriform)
SMPlayer 16.4.0 (x64) (HKLM\...\SMPlayer) (Version: 16.4.0 - Ricardo Villalba)
Steam (HKLM-x32\...\Steam) (Version: 2.10.91.91 - Valve Corporation)
Trať Bratislava-Brno-Praha pro MSTS verze BP95.20-T13OR/21.03.2 (HKLM-x32\...\Trať Bratislava-Brno-Praha pro MSTS_is1) (Version: - Zbyněk Šemora)
Update for Windows 10 for x64-based Systems (KB5001716) (HKLM\...\{C22F49B1-0F67-47DC-A490-E8B4B6558EA9}) (Version: 8.91.0.0 - Microsoft Corporation)
Visual Studio 2012 x64 Redistributables (HKLM\...\{8C775E70-A791-4DA8-BCC3-6AB7136F4484}) (Version: 14.0.0.1 - AVG Technologies)
Visual Studio 2012 x86 Redistributables (HKLM-x32\...\{98EFF19A-30AB-4E4B-B943-F06B1C63EBF8}) (Version: 14.0.0.1 - AVG Technologies CZ, s.r.o.)
Vivaldi (HKU\S-1-5-21-2413350920-2034389097-1973294252-1001\...\Vivaldi) (Version: 2.9.1705.41 - Vivaldi Technologies AS.)
Základní software zařízení HP Deskjet 6520 series (HKLM\...\{E0365A88-9BCE-4E15-98C5-21F454C7479F}) (Version: 28.0.1315.0 - Hewlett-Packard Co.)

Packages:
=========
Autodesk SketchBook -> C:\Program Files\WindowsApps\89006A2E.AutodeskSketchBook_5.1.0.0_x64__tf1gferkr813w [2019-11-08] (Autodesk Inc.)
Candy Crush Soda Saga -> C:\Program Files\WindowsApps\king.com.CandyCrushSodaSaga_1.250.400.0_x64__kgqvnymyfvs32 [2023-08-29] (king.com)
Cortana -> C:\Program Files\WindowsApps\Microsoft.549981C3F5F10_4.2308.1005.0_x64__8wekyb3d8bbwe [2023-08-20] (Microsoft Corporation)
HP Smart -> C:\Program Files\WindowsApps\AD2F1837.HPPrinterControl_148.2.1069.0_x64__v10z8vjag6ke6 [2023-08-20] (HP Inc.)
Microsoft Advertising SDK for XAML -> C:\Program Files\WindowsApps\Microsoft.Advertising.Xaml_10.1811.1.0_x64__8wekyb3d8bbwe [2023-02-23] (Microsoft Corporation) [MS Ad]
Microsoft Advertising SDK for XAML -> C:\Program Files\WindowsApps\Microsoft.Advertising.Xaml_10.1811.1.0_x86__8wekyb3d8bbwe [2023-02-23] (Microsoft Corporation) [MS Ad]
Solitaire & Casual Games -> C:\Program Files\WindowsApps\Microsoft.MicrosoftSolitaireCollection_4.17.8180.0_x64__8wekyb3d8bbwe [2023-08-29] (Microsoft Studios) [MS Ad]
Spotify Music -> C:\Program Files\WindowsApps\SpotifyAB.SpotifyMusic_1.219.941.0_x64__zpdnekdrzrea0 [2023-09-01] (Spotify AB) [Startup Task]
Twitter -> C:\Program Files\WindowsApps\9E2F88E3.TWITTER_7.0.1.0_neutral__wgeqdkkx372wm [2023-02-23] (Twitter Inc.)

==================== Custom CLSID (Whitelisted): ==============

(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)

CustomCLSID: HKU\S-1-5-21-2413350920-2034389097-1973294252-1001_Classes\CLSID\{BCA9D37C-CA60-4160-9115-97A00F24702D}\localserver32 -> C:\Users\Luděk\AppData\Local\Vivaldi\Application\2.9.1705.41\notification_helper.exe (Vivaldi Technologies AS -> Vivaldi Technologies AS)
ContextMenuHandlers1: [7-Zip] -> {23170F69-40C1-278A-1000-000100020000} => C:\Program Files\7-Zip\7-zip.dll [2022-07-15] (Igor Pavlov) [File not signed]
ContextMenuHandlers1: [DefragglerShellExtension] -> {4380C993-0C43-4E02-9A7A-0D40B6EA7590} => C:\Program Files\Defraggler\DefragglerShell64.dll [2018-05-02] (Piriform Ltd -> Piriform Ltd)
ContextMenuHandlers4: [7-Zip] -> {23170F69-40C1-278A-1000-000100020000} => C:\Program Files\7-Zip\7-zip.dll [2022-07-15] (Igor Pavlov) [File not signed]
ContextMenuHandlers4: [RecuvaShellExt] -> {435E5DF5-2510-463C-B223-BDA47006D002} => C:\Program Files\Recuva\RecuvaShell64.dll [2016-06-06] (Piriform Ltd -> Piriform Ltd)
ContextMenuHandlers5: [ACE] -> {5E2121EE-0300-11D4-8D3B-444553540000} => C:\Program Files (x86)\ATI Technologies\ATI.ACE\Core-Static\atiacm64.dll [2015-11-04] (Advanced Micro Devices, Inc. -> Advanced Micro Devices, Inc.)
ContextMenuHandlers6: [7-Zip] -> {23170F69-40C1-278A-1000-000100020000} => C:\Program Files\7-Zip\7-zip.dll [2022-07-15] (Igor Pavlov) [File not signed]
ContextMenuHandlers6: [DefragglerShellExtension] -> {4380C993-0C43-4E02-9A7A-0D40B6EA7590} => C:\Program Files\Defraggler\DefragglerShell64.dll [2018-05-02] (Piriform Ltd -> Piriform Ltd)
ContextMenuHandlers6: [RecuvaShellExt] -> {435E5DF5-2510-463C-B223-BDA47006D002} => C:\Program Files\Recuva\RecuvaShell64.dll [2016-06-06] (Piriform Ltd -> Piriform Ltd)

==================== Codecs (Whitelisted) ====================

(If an entry is included in the fixlist, the registry item will be restored to default or removed. The file will not be moved.)

HKLM\...\Drivers32: [VIDC.FMVC] => C:\Windows\SysWOW64\fmcodec.dll [77824 2008-08-18] (Fox Magic Software) [File not signed]

==================== Shortcuts & WMI ========================

==================== Loaded Modules (Whitelisted) =============

2016-08-28 19:36 - 2014-01-10 16:01 - 000061440 _____ () [File not signed] C:\Program Files (x86)\Gaming Keyboard\hiddriver.dll
2016-08-28 19:36 - 2014-06-23 09:58 - 000057344 _____ () [File not signed] C:\Program Files (x86)\Gaming Keyboard\lan.dll
2014-02-11 07:08 - 2014-02-11 07:08 - 000817152 _____ () [File not signed] C:\Program Files\ATI Technologies\ATI.ACE\Fuel\Device.dll
2015-11-04 17:43 - 2015-11-04 17:43 - 000214528 _____ () [File not signed] C:\Program Files\ATI Technologies\ATI.ACE\Fuel\Fuel.Container.PerformanceTuning.dll
2015-11-04 17:43 - 2015-11-04 17:43 - 000102400 _____ () [File not signed] C:\Program Files\ATI Technologies\ATI.ACE\Fuel\Fuel.Proxy.Native.dll
2014-02-11 07:08 - 2014-02-11 07:08 - 003650560 _____ () [File not signed] C:\Program Files\ATI Technologies\ATI.ACE\Fuel\Platform.dll

==================== Alternate Data Streams (Whitelisted) ========

==================== Safe Mode (Whitelisted) ==================

==================== Association (Whitelisted) =================

==================== Internet Explorer (Whitelisted) ==========


==================== Hosts content: =========================

(If needed Hosts: directive could be included in the fixlist to reset Hosts.)

2015-10-30 09:24 - 2021-11-15 16:40 - 000000841 _____ C:\WINDOWS\system32\drivers\etc\hosts
127.0.0.1 localhost

==================== Other Areas ===========================

(Currently there is no automatic fix for this section.)

HKLM\System\CurrentControlSet\Control\Session Manager\Environment\\Path -> C:\Program Files (x86)\NVIDIA Corporation\PhysX\Common;%SystemRoot%\system32;%SystemRoot%;%SystemRoot%\System32\Wbem;%SYSTEMROOT%\System32\WindowsPowerShell\v1.0\;C:\Program Files (x86)\ATI Technologies\ATI.ACE\Core-Static;%SYSTEMROOT%\System32\OpenSSH\;C:\Program Files (x86)\dotnet\
HKU\S-1-5-21-2413350920-2034389097-1973294252-1001\Control Panel\Desktop\\Wallpaper -> C:\Users\Luděk\Desktop\04.jpg
DNS Servers: 192.168.2.1
HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Policies\System => (ConsentPromptBehaviorAdmin: 5) (ConsentPromptBehaviorUser: 3) (EnableLUA: 1)
HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer => (SmartScreenEnabled: Warn)
HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\AppHost => (EnableWebContentEvaluation: 1)
Windows Firewall is enabled.

==================== MSCONFIG/TASK MANAGER disabled items ==

(If an entry is included in the fixlist, it will be removed.)

HKU\S-1-5-21-2413350920-2034389097-1973294252-1001\...\StartupApproved\Run: => "Steam"

==================== FirewallRules (Whitelisted) ================

(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)

FirewallRules: [UDP Query User{A93F5D6F-EF6B-40BA-ABBB-C5FE3D3E727F}C:\users\luděk\appdata\local\programs\opera\opera.exe] => (Block) C:\users\luděk\appdata\local\programs\opera\opera.exe (Opera Norway AS -> Opera Software)
FirewallRules: [TCP Query User{E7652214-B165-43D1-B61C-8253CDE8FBE4}C:\users\luděk\appdata\local\programs\opera\opera.exe] => (Block) C:\users\luděk\appdata\local\programs\opera\opera.exe (Opera Norway AS -> Opera Software)
FirewallRules: [UDP Query User{DCD664F8-6CFB-4F6C-95B2-E67391D95F39}C:\users\luděk\appdata\local\programs\opera\opera.exe] => (Block) C:\users\luděk\appdata\local\programs\opera\opera.exe (Opera Norway AS -> Opera Software)
FirewallRules: [TCP Query User{89733AC4-56D4-4C4D-8CB6-2ACF47255A88}C:\users\luděk\appdata\local\programs\opera\opera.exe] => (Block) C:\users\luděk\appdata\local\programs\opera\opera.exe (Opera Norway AS -> Opera Software)
FirewallRules: [{1069A213-6C57-4D31-BC22-B3DA47D699D3}] => (Allow) C:\Program Files (x86)\Steam\steamapps\common\OMSI 2\Launcher.exe () [File not signed]
FirewallRules: [{78ABEC01-D2C1-4AAA-AE13-92284106D4AF}] => (Allow) C:\Program Files (x86)\Steam\steamapps\common\OMSI 2\Launcher.exe () [File not signed]
FirewallRules: [{031BADA1-78FC-400D-B655-3C1F577ED47E}] => (Allow) C:\Program Files (x86)\Steam\steamapps\common\Spintires\SpinTires.exe (Oovee Ltd.) [File not signed]
FirewallRules: [{59734E27-FF46-4D5B-AAF7-2140B7053E6E}] => (Allow) C:\Program Files (x86)\Steam\steamapps\common\Spintires\SpinTires.exe (Oovee Ltd.) [File not signed]
FirewallRules: [{081441BF-23BF-4705-864B-7AF0FB551E3B}] => (Allow) C:\Program Files (x86)\Steam\steamapps\common\RailWorks\RailWorks64.exe () [File not signed]
FirewallRules: [{8A2BEFAB-3AF2-4B8F-A1F6-16B877795CD3}] => (Allow) C:\Program Files (x86)\Steam\steamapps\common\RailWorks\RailWorks64.exe () [File not signed]
FirewallRules: [{48D88520-5094-4192-9F62-0D5E2B037BF4}] => (Allow) C:\Program Files (x86)\Steam\steamapps\common\OMSI 2\Omsi.exe (MR-Software) [File not signed]
FirewallRules: [{4C387352-FDC8-4944-BCDD-181FC6FADF22}] => (Allow) C:\Program Files (x86)\Steam\steamapps\common\OMSI 2\Omsi.exe (MR-Software) [File not signed]
FirewallRules: [{241AF613-6422-4F70-BB99-5A269BD7F73F}] => (Allow) C:\Program Files\Mozilla Firefox\firefox.exe (Mozilla Corporation -> Mozilla Corporation)
FirewallRules: [{DD64A906-5282-4944-9764-DC8AFD732483}] => (Allow) C:\Program Files\Mozilla Firefox\firefox.exe (Mozilla Corporation -> Mozilla Corporation)
FirewallRules: [{7BD95FC3-D0FE-44D6-BD7A-AE0984B6C69A}] => (Allow) C:\Program Files (x86)\Steam\bin\cef\cef.win7x64\steamwebhelper.exe (Valve Corp. -> Valve Corporation)
FirewallRules: [{426C08BD-211C-46D5-AC20-9559816DC8C3}] => (Allow) C:\Program Files (x86)\Steam\bin\cef\cef.win7x64\steamwebhelper.exe (Valve Corp. -> Valve Corporation)
FirewallRules: [TCP Query User{38800719-7A9A-4CF3-8FB0-59FFABD3A30D}C:\program files\hp\hp deskjet 6520 series\bin\hpnetworkcommunicator.exe] => (Allow) C:\program files\hp\hp deskjet 6520 series\bin\hpnetworkcommunicator.exe (Hewlett Packard -> Hewlett-Packard Co.)
FirewallRules: [UDP Query User{584CC4F1-36B3-4E0B-950D-A6450CE09DF5}C:\program files\hp\hp deskjet 6520 series\bin\hpnetworkcommunicator.exe] => (Allow) C:\program files\hp\hp deskjet 6520 series\bin\hpnetworkcommunicator.exe (Hewlett Packard -> Hewlett-Packard Co.)
FirewallRules: [TCP Query User{27F63A43-C233-4699-A3DE-D9DA052DC1D8}C:\program files\hp\hp deskjet 6520 series\bin\hpnetworkcommunicatorcom.exe] => (Allow) C:\program files\hp\hp deskjet 6520 series\bin\hpnetworkcommunicatorcom.exe (Hewlett Packard -> Hewlett-Packard Co.)
FirewallRules: [UDP Query User{5B4D5438-B92D-4902-A212-D7A6FBD6E979}C:\program files\hp\hp deskjet 6520 series\bin\hpnetworkcommunicatorcom.exe] => (Allow) C:\program files\hp\hp deskjet 6520 series\bin\hpnetworkcommunicatorcom.exe (Hewlett Packard -> Hewlett-Packard Co.)
FirewallRules: [TCP Query User{A4CE6DE5-D5CE-4C63-AC4E-B04EDC316D0E}C:\program files\hp\hp deskjet 6520 series\bin\hpnetworkcommunicatorcom.exe] => (Block) C:\program files\hp\hp deskjet 6520 series\bin\hpnetworkcommunicatorcom.exe (Hewlett Packard -> Hewlett-Packard Co.)
FirewallRules: [UDP Query User{6769A318-1795-4A62-B2AF-2E4E2DCCF199}C:\program files\hp\hp deskjet 6520 series\bin\hpnetworkcommunicatorcom.exe] => (Block) C:\program files\hp\hp deskjet 6520 series\bin\hpnetworkcommunicatorcom.exe (Hewlett Packard -> Hewlett-Packard Co.)
FirewallRules: [TCP Query User{0587E1A2-CD53-4846-A0ED-932212A520D5}C:\program files\hp\hp deskjet 6520 series\bin\hpnetworkcommunicator.exe] => (Block) C:\program files\hp\hp deskjet 6520 series\bin\hpnetworkcommunicator.exe (Hewlett Packard -> Hewlett-Packard Co.)
FirewallRules: [UDP Query User{15F6940B-8956-4508-9026-1635FF597393}C:\program files\hp\hp deskjet 6520 series\bin\hpnetworkcommunicator.exe] => (Block) C:\program files\hp\hp deskjet 6520 series\bin\hpnetworkcommunicator.exe (Hewlett Packard -> Hewlett-Packard Co.)
FirewallRules: [{8315A6EE-10C1-4756-B662-684C7C8C61B1}] => (Allow) C:\Program Files (x86)\Steam\Steam.exe (Valve Corp. -> Valve Corporation)
FirewallRules: [{5C6661D2-A8BF-474C-8071-1CA5D81D937D}] => (Allow) C:\Program Files (x86)\Steam\Steam.exe (Valve Corp. -> Valve Corporation)
FirewallRules: [{CDD8E730-DEE0-4241-9E1B-7CDF2EF2A75D}] => (Allow) C:\Program Files (x86)\Steam\steamapps\common\RailWorks\RailWorks.exe () [File not signed]
FirewallRules: [{7ABA0ABF-410C-4443-BFFD-C3AD37E0E53C}] => (Allow) C:\Program Files (x86)\Steam\steamapps\common\RailWorks\RailWorks.exe () [File not signed]
FirewallRules: [{BF8844B1-A38C-4093-8708-78F4FB6781DF}] => (Allow) C:\Program Files (x86)\Steam\steamapps\common\Euro Truck Simulator 2\bin\win_x64\eurotrucks2.exe (SCS Software s.r.o. -> SCS Software)
FirewallRules: [{DA92E787-8953-423B-ABE2-5A1E7DAE16DC}] => (Allow) C:\Program Files (x86)\Steam\steamapps\common\Euro Truck Simulator 2\bin\win_x64\eurotrucks2.exe (SCS Software s.r.o. -> SCS Software)
FirewallRules: [{D8671BFA-510A-480F-90C8-4DFAD3B63D48}] => (Allow) C:\Program Files (x86)\Steam\steamapps\common\Euro Truck Simulator 2\bin\win_x86\eurotrucks2.exe (SCS Software s.r.o. -> SCS Software)
FirewallRules: [{282BF0BA-B9B2-4CEB-9F10-BA7F8916595C}] => (Allow) C:\Program Files (x86)\Steam\steamapps\common\Euro Truck Simulator 2\bin\win_x86\eurotrucks2.exe (SCS Software s.r.o. -> SCS Software)
FirewallRules: [{D94231E5-6747-45B4-ADBE-7754795123FA}] => (Allow) C:\Program Files\WindowsApps\SpotifyAB.SpotifyMusic_1.219.941.0_x64__zpdnekdrzrea0\Spotify.exe (453637B3-4E12-4CDF-B0D3-2A3C863BF6EF -> Spotify Ltd)
FirewallRules: [{552A216C-6536-4188-9B2A-7B249A5ABAFF}] => (Allow) C:\Program Files\WindowsApps\SpotifyAB.SpotifyMusic_1.219.941.0_x64__zpdnekdrzrea0\Spotify.exe (453637B3-4E12-4CDF-B0D3-2A3C863BF6EF -> Spotify Ltd)
FirewallRules: [{6E3173B8-9EFE-40BC-86A3-82A11552EEE7}] => (Allow) C:\Program Files\WindowsApps\SpotifyAB.SpotifyMusic_1.219.941.0_x64__zpdnekdrzrea0\Spotify.exe (453637B3-4E12-4CDF-B0D3-2A3C863BF6EF -> Spotify Ltd)
FirewallRules: [{AB5EE641-7BE4-488A-91F8-72C3BF2C95F5}] => (Allow) C:\Program Files\WindowsApps\SpotifyAB.SpotifyMusic_1.219.941.0_x64__zpdnekdrzrea0\Spotify.exe (453637B3-4E12-4CDF-B0D3-2A3C863BF6EF -> Spotify Ltd)
FirewallRules: [{96310F6F-17EE-420A-88C3-85C33409726D}] => (Allow) C:\Program Files\WindowsApps\SpotifyAB.SpotifyMusic_1.219.941.0_x64__zpdnekdrzrea0\Spotify.exe (453637B3-4E12-4CDF-B0D3-2A3C863BF6EF -> Spotify Ltd)
FirewallRules: [{4B15C4E2-2BDD-4F04-9748-8A4C5E1B77BC}] => (Allow) C:\Program Files\WindowsApps\SpotifyAB.SpotifyMusic_1.219.941.0_x64__zpdnekdrzrea0\Spotify.exe (453637B3-4E12-4CDF-B0D3-2A3C863BF6EF -> Spotify Ltd)
FirewallRules: [{6D4728C5-D1FD-4CA4-BB45-5AEA6E1512E8}] => (Allow) C:\Program Files\WindowsApps\SpotifyAB.SpotifyMusic_1.219.941.0_x64__zpdnekdrzrea0\Spotify.exe (453637B3-4E12-4CDF-B0D3-2A3C863BF6EF -> Spotify Ltd)
FirewallRules: [{035E7C67-1237-4AC3-8854-826BD3736A21}] => (Allow) C:\Program Files\WindowsApps\SpotifyAB.SpotifyMusic_1.219.941.0_x64__zpdnekdrzrea0\Spotify.exe (453637B3-4E12-4CDF-B0D3-2A3C863BF6EF -> Spotify Ltd)
FirewallRules: [{18114D56-E2A7-4970-824A-6BE36BE36D10}] => (Allow) C:\Program Files\WindowsApps\SpotifyAB.SpotifyMusic_1.219.941.0_x64__zpdnekdrzrea0\Spotify.exe (453637B3-4E12-4CDF-B0D3-2A3C863BF6EF -> Spotify Ltd)
FirewallRules: [{09A283D9-82DF-4783-A8C3-307138608634}] => (Allow) C:\Program Files\WindowsApps\SpotifyAB.SpotifyMusic_1.219.941.0_x64__zpdnekdrzrea0\Spotify.exe (453637B3-4E12-4CDF-B0D3-2A3C863BF6EF -> Spotify Ltd)
FirewallRules: [{20889CA1-88DC-4481-BDFF-F1DAB6F44D88}] => (Allow) C:\Program Files (x86)\Microsoft\EdgeWebView\Application\116.0.1938.69\msedgewebview2.exe (Microsoft Corporation -> Microsoft Corporation)
FirewallRules: [{C40BDD35-8F34-4B8D-B0B6-7435FCCE2E45}] => (Allow) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe (Google LLC -> Google LLC)
FirewallRules: [{CF596A83-F317-4994-AFB5-CA8021775F5F}] => (Allow) C:\Program Files\WindowsApps\Microsoft.SkypeApp_15.103.3208.0_x64__kzf8qxf38zg5c\Skype\Skype.exe (Skype Software Sarl -> Skype Technologies S.A.)
FirewallRules: [{1CCDE933-3A67-438B-8B69-B87B25BE26C0}] => (Allow) C:\Program Files\WindowsApps\Microsoft.SkypeApp_15.103.3208.0_x64__kzf8qxf38zg5c\Skype\Skype.exe (Skype Software Sarl -> Skype Technologies S.A.)
FirewallRules: [{43AD490E-5061-4F06-953D-668E1B8175B0}] => (Allow) C:\Program Files\WindowsApps\Microsoft.SkypeApp_15.103.3208.0_x64__kzf8qxf38zg5c\Skype\Skype.exe (Skype Software Sarl -> Skype Technologies S.A.)
FirewallRules: [{44094F7F-A630-4EF3-8F5C-F5CDAB5C1596}] => (Allow) C:\Program Files\WindowsApps\Microsoft.SkypeApp_15.103.3208.0_x64__kzf8qxf38zg5c\Skype\Skype.exe (Skype Software Sarl -> Skype Technologies S.A.)

==================== Restore Points =========================

04-09-2023 16:15:22 Instalační služba modulů systému Windows
06-09-2023 18:28:34 Instalační služba modulů systému Windows
07-09-2023 18:29:55 Instalační služba modulů systému Windows

==================== Faulty Device Manager Devices ============


==================== Event log errors: ========================

Application errors:
==================
Error: (09/05/2023 06:42:08 PM) (Source: Microsoft-Windows-Perflib) (EventID: 1023) (User: DESKTOP-MDPI0UB)
Description: Systém Windows nemůže načíst knihovnu DLL rozšiřitelných čítačů C:\WINDOWS\system32\sysmain.dll (kód chyby Win32 126).

Error: (09/05/2023 06:42:08 PM) (Source: Microsoft-Windows-PerfNet) (EventID: 2004) (User: DESKTOP-MDPI0UB)
Description: Nelze otevřít objekt výkonu služby serveru. Vrácený kód stavu představují první čtyři bajty (DWORD) datové části.

Error: (09/05/2023 06:40:02 PM) (Source: Application Error) (EventID: 1000) (User: )
Description: Název chybující aplikace: RunActivity.exe, verze: 0.0.8094.34704, časové razítko: 0x621d1191
Název chybujícího modulu: KERNELBASE.dll, verze: 10.0.19041.3324, časové razítko: 0xbe39fd8b
Kód výjimky: 0xe0434352
Posun chyby: 0x0013d8c2
ID chybujícího procesu: 0x1bcc
Čas spuštění chybující aplikace: 0x01d9e01796a76a27
Cesta k chybující aplikaci: C:\OpenRails\RunActivity.exe
Cesta k chybujícímu modulu: C:\WINDOWS\System32\KERNELBASE.dll
ID zprávy: f6171792-1849-4bab-ac1a-3970ec618591
Úplný název chybujícího balíčku:
ID aplikace související s chybujícím balíčkem:

Error: (09/05/2023 06:39:54 PM) (Source: .NET Runtime) (EventID: 1026) (User: )
Description: Aplikace: RunActivity.exe
Verze Framework: v4.0.30319
Popis: Proces byl ukončen z důvodu neošetřené výjimky.
Informace o výjimce: SharpDX.SharpDXException
na SharpDX.Result.CheckError()
na SharpDX.DXGI.SwapChain.SetFullscreenState(SharpDX.Mathematics.Interop.RawBool, SharpDX.DXGI.Output)
na Microsoft.Xna.Framework.Graphics.GraphicsDevice.SetHardwareFullscreen()
na MonoGame.Framework.WinFormsGameWindow.EnterFullScreen(Microsoft.Xna.Framework.Graphics.PresentationParameters)
na MonoGame.Framework.WinFormsGameWindow.Initialize(Microsoft.Xna.Framework.Graphics.PresentationParameters)
na MonoGame.Framework.WinFormsGamePlatform.BeforeInitialize()
na Microsoft.Xna.Framework.Game.DoInitialize()
na Microsoft.Xna.Framework.Game.Run(Microsoft.Xna.Framework.GameRunBehavior)
na Orts.Program.Main(System.String[])

Error: (09/05/2023 06:29:48 PM) (Source: Microsoft-Windows-Perflib) (EventID: 1023) (User: DESKTOP-MDPI0UB)
Description: Systém Windows nemůže načíst knihovnu DLL rozšiřitelných čítačů C:\WINDOWS\system32\sysmain.dll (kód chyby Win32 126).

Error: (09/05/2023 06:29:48 PM) (Source: Microsoft-Windows-PerfNet) (EventID: 2004) (User: DESKTOP-MDPI0UB)
Description: Nelze otevřít objekt výkonu služby serveru. Vrácený kód stavu představují první čtyři bajty (DWORD) datové části.

Error: (09/05/2023 06:18:20 PM) (Source: Microsoft-Windows-Perflib) (EventID: 1023) (User: DESKTOP-MDPI0UB)
Description: Systém Windows nemůže načíst knihovnu DLL rozšiřitelných čítačů C:\WINDOWS\system32\sysmain.dll (kód chyby Win32 126).

Error: (09/05/2023 06:18:20 PM) (Source: Microsoft-Windows-PerfNet) (EventID: 2004) (User: DESKTOP-MDPI0UB)
Description: Nelze otevřít objekt výkonu služby serveru. Vrácený kód stavu představují první čtyři bajty (DWORD) datové části.


System errors:
=============
Error: (09/08/2023 03:28:49 PM) (Source: Microsoft-Windows-WindowsUpdateClient) (EventID: 20) (User: NT AUTHORITY)
Description: Instalace se nezdařila: Instalování následující aktualizace se nezdařilo z důvodu chyby (0x80240016): Aktualizace bezpečnostních informací pro produkt Microsoft Defender Antivirus - KB2267602 (verze 1.397.605.0).

Error: (09/04/2023 05:27:58 PM) (Source: Service Control Manager) (EventID: 7022) (User: )
Description: Služba Optimalizace doručení přestala během spouštění reagovat.

Error: (09/04/2023 05:27:52 PM) (Source: Service Control Manager) (EventID: 7000) (User: )
Description: Služba Malwarebytes Service neuspěla při spuštění v důsledku následující chyby:
V systému Windows nelze ověřit digitální podpis tohoto souboru. Při nedávné změně hardwaru nebo softwaru mohl být nainstalován nesprávně podepsaný nebo poškozený soubor nebo soubor škodlivého softwaru z neznámého zdroje.

Error: (09/04/2023 05:23:37 PM) (Source: DCOM) (EventID: 10010) (User: NT AUTHORITY)
Description: Server Windows.Internal.StateRepository.ApplicationExtension se v daném časovém limitu neregistroval u služby DCOM.

Error: (08/31/2023 01:59:21 PM) (Source: Virtual Disk Service) (EventID: 8) (User: )
Description: Otevření zařízení \\?\usbstor#disk&ven_vendorco&prod_productcode&rev_2.00#560650d01a6a230f&0#{53f56307-b6bf-11d0-94f2-00a0c91efb8b} se nezdařilo. Kód chyby: 5@020D0002

Error: (08/31/2023 01:12:35 PM) (Source: Service Control Manager) (EventID: 7009) (User: )
Description: Při čekání na připojení služby Hostitel synchronizace_24f6b3e bylo dosaženo časového limitu (30000 ms).

Error: (08/31/2023 01:09:21 PM) (Source: DCOM) (EventID: 10010) (User: DESKTOP-MDPI0UB)
Description: Server {283EDD52-69B2-473D-BEB6-2C0B4C01FD73} se v daném časovém limitu neregistroval u služby DCOM.

Error: (08/31/2023 12:08:44 PM) (Source: DCOM) (EventID: 10010) (User: DESKTOP-MDPI0UB)
Description: Server Microsoft.Windows.Search_1.14.10.19041_neutral_neutral_cw5n1h2txyewy!CortanaUI.AppX49we79s9ab0xp8xpjb6t6g31ep03r71y.mca se v daném časovém limitu neregistroval u služby DCOM.


Windows Defender:
================
Date: 2023-04-19 17:41:29
Description:
Prohledávání Antivirová ochrana v programu Microsoft Defender bylo zastaveno před dokončením.
ID prohledávání: {A42F13D0-56D0-4664-AB9F-8591368797AC}
Typ prohledávání: Antimalwarový program
Parametry prohledávání: Rychlé prohledávání
Uživatel: NT AUTHORITY\NETWORK SERVICE

Date: 2023-04-19 17:41:29
Description:
Prohledávání Antivirová ochrana v programu Microsoft Defender bylo zastaveno před dokončením.
ID prohledávání: {35D089B2-E408-4689-A660-2B85607E9F9A}
Typ prohledávání: Antimalwarový program
Parametry prohledávání: Rychlé prohledávání
Uživatel: NT AUTHORITY\NETWORK SERVICE

Date: 2023-04-13 15:41:12
Description:
Prohledávání Antivirová ochrana v programu Microsoft Defender bylo zastaveno před dokončením.
ID prohledávání: {2DA7F6C8-35D4-409E-9319-DE57995CBF66}
Typ prohledávání: Antimalwarový program
Parametry prohledávání: Rychlé prohledávání
Uživatel: NT AUTHORITY\NETWORK SERVICE

Date: 2023-04-03 16:54:14
Description:
Prohledávání Antivirová ochrana v programu Microsoft Defender bylo zastaveno před dokončením.
ID prohledávání: {4A22B6FF-4623-4B98-8E75-6AC5D769935E}
Typ prohledávání: Antimalwarový program
Parametry prohledávání: Rychlé prohledávání
Uživatel: NT AUTHORITY\SYSTEM
Event[0]:

Date: 2023-09-01 17:12:53
Description:
Antivirová ochrana v programu Microsoft Defender narazil na chybu při pokusu o aktualizaci bezpečnostních informací.
Nová verze bezpečnostních informací:
Předchozí verze bezpečnostních informací: 1.397.89.0
Zdroj aktualizace: Server Microsoft Update
Typ bezpečnostních informací: Antivirový program
Typ aktualizace: Úplné
Uživatel: NT AUTHORITY\SYSTEM
Aktuální verze modulu:
Předchozí verze modulu: 1.1.23080.2005
Kód chyby: 0x80070102
Popis chyby: Vypršel časový limit operace čekání.

Date: 2023-09-01 17:12:53
Description:
Antivirová ochrana v programu Microsoft Defender narazil na chybu při pokusu o aktualizaci bezpečnostních informací.
Nová verze bezpečnostních informací:
Předchozí verze bezpečnostních informací: 1.397.89.0
Zdroj aktualizace: Server Microsoft Update
Typ bezpečnostních informací: Antivirový program
Typ aktualizace: Úplné
Uživatel: NT AUTHORITY\SYSTEM
Aktuální verze modulu:
Předchozí verze modulu: 1.1.23080.2005
Kód chyby: 0x80070102
Popis chyby: Vypršel časový limit operace čekání.

Date: 2023-08-26 15:12:54
Description:
Antivirová ochrana v programu Microsoft Defender narazil na chybu při pokusu o aktualizaci bezpečnostních informací.
Nová verze bezpečnostních informací:
Předchozí verze bezpečnostních informací: 1.395.1065.0
Zdroj aktualizace: Centrum společnosti Microsoft pro ochranu před škodlivým softwarem
Typ bezpečnostních informací: Antivirový program
Typ aktualizace: Úplné
Uživatel: NT AUTHORITY\SYSTEM
Aktuální verze modulu:
Předchozí verze modulu: 1.1.23070.1005
Kód chyby: 0x80070020
Popis chyby: Proces nemá přístup k souboru, neboť jej právě využívá jiný proces.

Date: 2023-08-26 15:12:54
Description:
Antivirová ochrana v programu Microsoft Defender narazil na chybu při pokusu o aktualizaci bezpečnostních informací.
Nová verze bezpečnostních informací:
Předchozí verze bezpečnostních informací: 1.395.1065.0
Zdroj aktualizace: Centrum společnosti Microsoft pro ochranu před škodlivým softwarem
Typ bezpečnostních informací: Antispywarový program
Typ aktualizace: Úplné
Uživatel: NT AUTHORITY\SYSTEM
Aktuální verze modulu:
Předchozí verze modulu: 1.1.23070.1005
Kód chyby: 0x80070020
Popis chyby: Proces nemá přístup k souboru, neboť jej právě využívá jiný proces.

Date: 2023-08-26 15:12:54
Description:
Antivirová ochrana v programu Microsoft Defender narazil na chybu při pokusu o aktualizaci bezpečnostních informací.
Nová verze bezpečnostních informací:
Předchozí verze bezpečnostních informací: 1.395.1065.0
Zdroj aktualizace: Centrum společnosti Microsoft pro ochranu před škodlivým softwarem
Typ bezpečnostních informací: Antivirový program
Typ aktualizace: Úplné
Uživatel: NT AUTHORITY\SYSTEM
Aktuální verze modulu:
Předchozí verze modulu: 1.1.23070.1005
Kód chyby: 0x80070020
Popis chyby: Proces nemá přístup k souboru, neboť jej právě využívá jiný proces.

CodeIntegrity:
===============
Date: 2023-09-04 17:27:52
Description:
Code Integrity determined that a process (\Device\HarddiskVolume2\Windows\System32\services.exe) attempted to load \Device\HarddiskVolume2\Program Files\Malwarebytes\Anti-Malware\MBAMService.exe that did not meet the Custom 3 / Antimalware signing level requirements.

Date: 2023-03-12 11:31:55
Description:
Code Integrity determined that a process (\Device\HarddiskVolume2\Program Files\Windows Defender\MpCmdRun.exe) attempted to load \Device\HarddiskVolume2\Program Files\Avast Software\Avast\aswAMSI.dll that did not meet the Microsoft signing level requirements.


==================== Memory info ===========================

BIOS: Award Software International, Inc. F4 03/09/2011
Motherboard: Gigabyte Technology Co., Ltd. GA-870A-USB3
Processor: AMD Phenom(tm) II X4 955 Processor
Percentage of memory in use: 62%
Total physical RAM: 4093.55 MB
Available physical RAM: 1541.63 MB
Total Virtual: 9097.45 MB
Available Virtual: 5825.46 MB

==================== Drives ================================

Drive c: () (Fixed) (Total:930.52 GB) (Free:506.81 GB) (Model: WDC WD10EALX-759BA1 ATA Device) NTFS

\\?\Volume{0008e4fc-0000-0000-0000-100000000000}\ (Rezervováno systémem) (Fixed) (Total:0.49 GB) (Free:0.45 GB) NTFS
\\?\Volume{0008e4fc-0000-0000-0000-d0c0e8000000}\ () (Fixed) (Total:0.5 GB) (Free:0.07 GB) NTFS

==================== MBR & Partition Table ====================

==========================================================
Disk: 0 (MBR Code: Windows 7/8/10) (Size: 931.5 GB) (Disk ID: 0008E4FC)
Partition 1: (Active) - (Size=500 MB) - (Type=07 NTFS)
Partition 2: (Not Active) - (Size=930.5 GB) - (Type=07 NTFS)
Partition 3: (Not Active) - (Size=510 MB) - (Type=27)

==================== End of Addition.txt =======================

[Rudy]

Zdravím!
Spusťte tuto utilitu:

Ulozte na plochu AdwCleaner https://malwarebytes.com/adwcleaner/ nebo http://www.bleepingcomputer.com/download/adwcleaner/

ukoncete vsechny programy
odsouhlaste licencni podmiky (EULA) klikem na Souhlasim
kliknete pravym na ikonu AdwCleaneru a vyberte Spustit jako spravce (v pripade Win XP spustte obycejne dvojklikem)
kliknete na Skenovat nyni (Scan now), pote na Cisteni a opravy (Clean and Repair)
po restartu na Vas vyskoci log (pripadne jej najdete v C:\AdwCleaner\Logs\AdwCleaner[Cxx].txt), jehoz obsah zkopirujte do pristi odpovedi

[Irbis]

Restartovat nebylo potřeba, AdwCleaner nic nenašel.

# -------------------------------
# Malwarebytes AdwCleaner 8.4.0.0
# -------------------------------
# Build: 08-30-2022
# Database: 2023-07-19.3 (Cloud)
# Support: https://www.malwarebytes.com/support
#
# -------------------------------
# Mode: Scan
# -------------------------------
# Start: 09-08-2023
# Duration: 00:01:06
# OS: Windows 10 (Build 19045.3324)
# Scanned: 32109
# Detected: 0


***** [ Services ] *****

No malicious services found.

***** [ Folders ] *****

No malicious folders found.

***** [ Files ] *****

No malicious files found.

***** [ DLL ] *****

No malicious DLLs found.

***** [ WMI ] *****

No malicious WMI found.

***** [ Shortcuts ] *****

No malicious shortcuts found.

***** [ Tasks ] *****

No malicious tasks found.

***** [ Registry ] *****

No malicious registry entries found.

***** [ Chromium (and derivatives) ] *****

No malicious Chromium entries found.

***** [ Chromium URLs ] *****

No malicious Chromium URLs found.

***** [ Firefox (and derivatives) ] *****

No malicious Firefox entries found.

***** [ Firefox URLs ] *****

No malicious Firefox URLs found.

***** [ Hosts File Entries ] *****

No malicious hosts file entries found.

***** [ Preinstalled Software ] *****

No Preinstalled Software found.


AdwCleaner[S00].txt - [1420 octets] - [21/01/2023 15:32:40]

########## EOF - C:\AdwCleaner\Logs\AdwCleaner[S01].txt ##########

[Rudy]

Toto je OK. Otevřte poznámkový blok a zkopírujte do něj:

Start

CloseProcesses:
HKLM\SOFTWARE\Policies\Microsoft\Windows\WindowsUpdate: Restriction <==== ATTENTION
GroupPolicy: Restriction ? <==== ATTENTION
Policies: C:\ProgramData\NTUSER.pol: Restriction <==== ATTENTION
HKLM\SOFTWARE\Policies\Mozilla\Firefox: Restriction <==== ATTENTION
Task: {76B3499E-5BC2-4221-B31A-8231FB59B539} - System32\Tasks\GoogleUpdateTaskMachineCore{10132984-78B2-4B79-A4CF-C2288057E5D6} => C:\Program Files (x86)\Google\Update\GoogleUpdate.exe [156456 2019-05-10] (Google Inc -> Google LLC)
Task: {AB957353-004E-4155-9614-BB1C3CABAB72} - System32\Tasks\GoogleUpdateTaskMachineUA{428DAF77-2FD7-4C6D-AD16-C1306C1430BF} => C:\Program Files (x86)\Google\Update\GoogleUpdate.exe [156456 2019-05-10] (Google Inc -> Google LLC)

EmptyTemp:
End

Uložte na plochu jako fixlist.txt. Spusťte znovu FRST a klikněte na >Fix<. Po skončení akce se objeví log, který sem zkopírujte.

[Irbis]

Fix result of Farbar Recovery Scan Tool (x64) Version: 28-08-2023
Ran by Luděk (09-09-2023 11:37:32) Run:2
Running from C:\Users\Luděk\Desktop
Loaded Profiles: Luděk
Boot Mode: Normal
==============================================

fixlist content:
*****************
Start

CloseProcesses:
HKLM\SOFTWARE\Policies\Microsoft\Windows\WindowsUpdate: Restriction <==== ATTENTION
GroupPolicy: Restriction ? <==== ATTENTION
Policies: C:\ProgramData\NTUSER.pol: Restriction <==== ATTENTION
HKLM\SOFTWARE\Policies\Mozilla\Firefox: Restriction <==== ATTENTION
Task: {76B3499E-5BC2-4221-B31A-8231FB59B539} - System32\Tasks\GoogleUpdateTaskMachineCore{10132984-78B2-4B79-A4CF-C2288057E5D6} => C:\Program Files (x86)\Google\Update\GoogleUpdate.exe [156456 2019-05-10] (Google Inc -> Google LLC)
Task: {AB957353-004E-4155-9614-BB1C3CABAB72} - System32\Tasks\GoogleUpdateTaskMachineUA{428DAF77-2FD7-4C6D-AD16-C1306C1430BF} => C:\Program Files (x86)\Google\Update\GoogleUpdate.exe [156456 2019-05-10] (Google Inc -> Google LLC)

EmptyTemp:
End
*****************

Processes closed successfully.
HKLM\SOFTWARE\Policies\Microsoft\Windows\WindowsUpdate => removed successfully

"C:\WINDOWS\system32\GroupPolicy\Machine" folder move:

C:\WINDOWS\system32\GroupPolicy\Machine => moved successfully
C:\WINDOWS\system32\GroupPolicy\GPT.ini => moved successfully
C:\WINDOWS\SysWOW64\GroupPolicy\GPT.ini => moved successfully
C:\ProgramData\NTUSER.pol => moved successfully
HKLM\SOFTWARE\Policies\Mozilla => removed successfully
"HKLM\Software\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Logon\{76B3499E-5BC2-4221-B31A-8231FB59B539}" => removed successfully
"HKLM\Software\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tasks\{76B3499E-5BC2-4221-B31A-8231FB59B539}" => removed successfully
C:\WINDOWS\System32\Tasks\GoogleUpdateTaskMachineCore{10132984-78B2-4B79-A4CF-C2288057E5D6} => moved successfully
"HKLM\Software\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tree\GoogleUpdateTaskMachineCore{10132984-78B2-4B79-A4CF-C2288057E5D6}" => removed successfully
"HKLM\Software\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Plain\{AB957353-004E-4155-9614-BB1C3CABAB72}" => removed successfully
"HKLM\Software\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tasks\{AB957353-004E-4155-9614-BB1C3CABAB72}" => removed successfully
C:\WINDOWS\System32\Tasks\GoogleUpdateTaskMachineUA{428DAF77-2FD7-4C6D-AD16-C1306C1430BF} => moved successfully
"HKLM\Software\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tree\GoogleUpdateTaskMachineUA{428DAF77-2FD7-4C6D-AD16-C1306C1430BF}" => removed successfully

=========== EmptyTemp: ==========

FlushDNS => completed
BITS transfer queue => 0 B
DOMStore, IE Recovery, AppCache, Feeds Cache, Thumbcache, IconCache => 14859774 B
Java, Discord, Steam htmlcache, WinHttpAutoProxySvc/winhttp *.cache => 423527580 B
Windows/system/drivers => 1919512 B
Edge => 0 B
Chrome => 229376 B
Vivaldi => 158698 B
Firefox => 0 B
Opera => 123041848 B

Temp, IE cache, history, cookies, recent:
Default => 6656 B
ProgramData => 6656 B
Public => 6656 B
systemprofile => 6656 B
systemprofile32 => 6656 B
LocalService => 6656 B
NetworkService => 5476896 B
Luděk => 108033155 B

RecycleBin => 0 B
EmptyTemp: => 645.9 MB temporary data Removed.

================================


The system needed a reboot.

==== End of Fixlog 11:39:38 ====

[Rudy]

Smazáno. Zrychlil se chod?

[Irbis]

Že by se nějak zrychlil, to se úplně nedá říct. Akorát, nemám tam vir? Já jsem tam zadal jednu stránku z SMS zprávy, a to byla podvodná stránka. Sice jsem na ni jenom najel, ale teď mám strach, zda se mi něco nedostalo do PC. Takže mám ho skutečně čistý?

[Rudy]

Virus tam není, jen zbytečnosti. Ty jsme odstranili. Je to v pořádku. Pokud chcete ještě o něco zrychlit chod, defragmentujte disk.

[Irbis]

Tak moc děkuji za pomoc.

[Rudy]

Rádo se stalo!