Zdravím,
byl bych moc vděčný za kontrolu a návrh řešení oprav.
Additional scan result of Farbar Recovery Scan Tool (x64) Version: 19.02.2024 02
Ran by unigl (22-02-2024 12:42:15)
Running from C:\Users\unigl\Desktop
Microsoft Windows 11 Home Version 23H2 22631.3155 (X64) (2023-09-01 10:54:13)
Boot Mode: Normal
==========================================================
==================== Accounts: =============================
(If an entry is included in the fixlist, it will be removed.)
Administrator (S-1-5-21-4206321900-3256822646-2102545685-500 - Administrator - Disabled)
DefaultAccount (S-1-5-21-4206321900-3256822646-2102545685-503 - Limited - Disabled)
Guest (S-1-5-21-4206321900-3256822646-2102545685-501 - Limited - Enabled)
unigl (S-1-5-21-4206321900-3256822646-2102545685-1001 - Administrator - Enabled) => C:\Users\unigl
WDAGUtilityAccount (S-1-5-21-4206321900-3256822646-2102545685-504 - Limited - Disabled)
==================== Security Center ========================
(If an entry is included in the fixlist, it will be removed.)
AV: Windows Defender (Enabled - Up to date) {D68DDC3A-831F-4fae-9E44-DA132C1ACF46}
==================== Installed Programs ======================
(Only the adware programs with "Hidden" flag could be added to the fixlist to unhide them. The adware programs should be uninstalled manually.)
µTorrent (HKU\S-1-5-21-4206321900-3256822646-2102545685-1001\...\uTorrent) (Version: 3.6.0.47006 - BitTorrent Limited)
Adobe Acrobat (64-bit) (HKLM\...\{AC76BA86-1033-1033-7760-BC15014EA700}) (Version: 23.008.20533 - Adobe)
Adobe Refresh Manager (HKLM-x32\...\{AC76BA86-0804-1033-1959-018244601067}) (Version: 1.8.0 - Adobe Systems Incorporated) Hidden
Call of Duty Modern Warfare 2 Campaign Remastered v. 1.1.1.1279145 (HKLM-x32\...\Call of Duty Modern Warfare 2 Campaign Remastered_is1) (Version: - )
DraftSight 2023 SP3 x64 (HKLM\...\{C71B9368-123F-44BB-82F6-5C53C6B75066}) (Version: 23.3.0025 - Dassault Systemes)
Dynamic Application Loader Host Interface Service (HKLM\...\{3252E69D-9075-40FD-A9EF-F6D96091B5BF}) (Version: 1.0.0.0 - Intel Corporation) Hidden
EA app (HKLM\...\{C2622085-ABD2-49E5-8AB9-D3D6A642C091}) (Version: 13.133.0.5646 - Electronic Arts) Hidden
EA app (HKLM-x32\...\{808115f5-372e-4994-b758-514aa090a54d}) (Version: 13.133.0.5646 - Electronic Arts)
EA SPORTS FC 24 (HKLM-x32\...\{D599A8A7-E083-496C-B891-5752CD4E04F3}) (Version: 1.0.85.48150 - Electronic Arts)
Google Chrome (HKLM-x32\...\Google Chrome) (Version: 121.0.6167.187 - Google LLC)
Chrome Remote Desktop Host (HKLM-x32\...\{3AD6E7D6-4AED-4BE4-BD97-0D2D815EF181}) (Version: 122.0.6261.0 - Google LLC)
Intel(R) Dynamic Platform and Thermal Framework (HKLM-x32\...\{654EE65D-FAA4-4EA6-8C07-DC94E6A304D4}) (Version: 8.5.10103.7263 - Intel Corporation)
Intel(R) HID Event Filter (HKLM-x32\...\3FB06EEC-013D-4366-9918-71B97DFB84EB) (Version: 2.2.1.375 - Intel Corporation)
Intel(R) Chipset Device Software (HKLM\...\{148D6ED8-24B8-443D-9C5B-5D6BF506671B}) (Version: 10.1.17903.8106 - Intel Corporation) Hidden
Intel(R) Icls (HKLM\...\{4625C928-49BB-44DC-92E3-B9EC0972C72D}) (Version: 1.0.0.0 - Intel Corporation) Hidden
Intel(R) LMS (HKLM\...\{C6577DC3-0C37-48BF-817B-54941E2A9D5F}) (Version: 1.0.0.0 - Intel Corporation) Hidden
Intel(R) Management Engine Components (HKLM\...\{0854C811-6DAD-441D-AB36-2F73631A04A1}) (Version: 1.0.0.0 - Intel Corporation) Hidden
Intel(R) Management Engine Components (HKLM\...\{1CEAC85D-2590-4760-800F-8DE5E91F3700}) (Version: 1914.12.0.1255 - Intel Corporation)
Intel(R) Management Engine Components (HKLM\...\{7715518B-08D0-4754-BB81-FE4FC61DFDF7}) (Version: 1.0.0.0 - Intel Corporation) Hidden
Intel(R) Management Engine Driver (HKLM\...\{4C230277-5515-4B51-B9E6-97880684B10C}) (Version: 1.0.0.0 - Intel Corporation) Hidden
Intel(R) OEM Extension (HKLM\...\{FEB772C1-919E-4145-9691-AFFAC915496F}) (Version: 1.0.0.0 - Intel Corporation) Hidden
Intel(R) Processor Graphics (HKLM-x32\...\{F0E3AD40-2BBD-4360-9C76-B9AC9A5886EA}) (Version: 25.20.100.6617 - Intel Corporation)
Intel® Chipset Device Software (HKLM-x32\...\{70281077-96c3-4f75-938c-dc4746110c00}) (Version: 10.1.17903.8106 - Intel(R) Corporation)
Microsoft .NET Host - 6.0.21 (x64) (HKLM\...\{26FF35F7-ADBB-4C9F-97DA-79120DB80EC6}) (Version: 48.87.64667 - Microsoft Corporation) Hidden
Microsoft .NET Host FX Resolver - 6.0.21 (x64) (HKLM\...\{D937EF87-F11D-4778-973C-B71E178F95D0}) (Version: 48.87.64667 - Microsoft Corporation) Hidden
Microsoft .NET Runtime - 6.0.21 (x64) (HKLM\...\{8D2EC92E-5903-4B25-9406-182B8EFA834F}) (Version: 48.87.64667 - Microsoft Corporation) Hidden
Microsoft 365 - cs-cz (HKLM\...\O365HomePremRetail - cs-cz) (Version: 16.0.17231.20236 - Microsoft Corporation)
Microsoft SQL Server Compact 3.5 SP2 ENU (HKLM-x32\...\{3A9FC03D-C685-4831-94CF-4EDFD3749497}) (Version: 3.5.8080.0 - Microsoft Corporation) Hidden
Microsoft SQL Server Compact 3.5 SP2 x64 ENU (HKLM\...\{D4AD39AD-091E-4D33-BB2B-59F6FCB8ADC3}) (Version: 3.5.8080.0 - Microsoft Corporation) Hidden
Microsoft SQL Server Compact 4.0 SP1 x64 ENU (HKLM\...\{78909610-D229-459C-A936-25D92283D3FD}) (Version: 4.0.8876.1 - Microsoft Corporation)
Microsoft Update Health Tools (HKLM\...\{C6FD611E-7EFE-488C-A0E0-974C09EF6473}) (Version: 5.72.0.0 - Microsoft Corporation)
Microsoft VC++ redistributables repacked. (HKLM\...\{2FAF2A80-5906-467E-8AD2-B83C94383600}) (Version: 12.0.0.0 - Intel Corporation) Hidden
Microsoft VC++ redistributables repacked. (HKLM-x32\...\{F85F7FF0-5DFF-4BC0-9045-C9573D1BC11F}) (Version: 12.0.0.0 - Intel Corporation) Hidden
Microsoft Visual C++ 2010 x86 Redistributable - 10.0.30319 (HKLM-x32\...\{196BB40D-1578-3D01-B289-BEFC77A11A1E}) (Version: 10.0.30319 - Microsoft Corporation)
Microsoft Visual C++ 2012 Redistributable (x64) - 11.0.60610 (HKLM-x32\...\{a1909659-0a08-4554-8af1-2175904903a1}) (Version: 11.0.60610.1 - Microsoft Corporation)
Microsoft Visual C++ 2012 Redistributable (x64) - 11.0.61030 (HKLM-x32\...\{ca67548a-5ebe-413a-b50c-4b9ceb6d66c6}) (Version: 11.0.61030.0 - Microsoft Corporation)
Microsoft Visual C++ 2012 Redistributable (x86) - 11.0.60610 (HKLM-x32\...\{95716cce-fc71-413f-8ad5-56c2892d4b3a}) (Version: 11.0.60610.1 - Microsoft Corporation)
Microsoft Visual C++ 2012 Redistributable (x86) - 11.0.61030 (HKLM-x32\...\{33d1fd90-4274-48a1-9bc1-97e33d9c2d6f}) (Version: 11.0.61030.0 - Microsoft Corporation)
Microsoft Visual C++ 2012 Redistributable (x86) - 11.0.61030 (HKLM-x32\...\{f0080ca2-80ae-4958-b6eb-e8fa916d744a}) (Version: 11.0.61030.0 - Корпорация Майкрософт)
Microsoft Visual C++ 2012 x64 Additional Runtime - 11.0.61030 (HKLM\...\{37B8F9C7-03FB-3253-8781-2517C99D7C00}) (Version: 11.0.61030 - Microsoft Corporation) Hidden
Microsoft Visual C++ 2012 x64 Minimum Runtime - 11.0.61030 (HKLM\...\{CF2BEA3C-26EA-32F8-AA9B-331F7E34BA97}) (Version: 11.0.61030 - Microsoft Corporation) Hidden
Microsoft Visual C++ 2012 x86 Additional Runtime - 11.0.61030 (HKLM-x32\...\{B175520C-86A2-35A7-8619-86DC379688B9}) (Version: 11.0.61030 - Microsoft Corporation) Hidden
Microsoft Visual C++ 2012 x86 Minimum Runtime - 11.0.61030 (HKLM-x32\...\{BD95A8CD-1D9F-35AD-981A-3E7925026EBB}) (Version: 11.0.61030 - Microsoft Corporation) Hidden
Microsoft Visual C++ 2013 Redistributable (x64) - 12.0.30501 (HKLM-x32\...\{050d4fc8-5d48-4b8f-8972-47c82c46020f}) (Version: 12.0.30501.0 - Microsoft Corporation)
Microsoft Visual C++ 2013 Redistributable (x86) - 12.0.30501 (HKLM-x32\...\{f65db027-aff3-4070-886a-0d87064aabb1}) (Version: 12.0.30501.0 - Microsoft Corporation)
Microsoft Visual C++ 2013 x64 Additional Runtime - 12.0.21005 (HKLM\...\{929FBD26-9020-399B-9A7A-751D61F0B942}) (Version: 12.0.21005 - Microsoft Corporation) Hidden
Microsoft Visual C++ 2013 x64 Minimum Runtime - 12.0.21005 (HKLM\...\{A749D8E6-B613-3BE3-8F5F-045C84EBA29B}) (Version: 12.0.21005 - Microsoft Corporation) Hidden
Microsoft Visual C++ 2013 x86 Additional Runtime - 12.0.21005 (HKLM-x32\...\{F8CFEB22-A2E7-3971-9EDA-4B11EDEFC185}) (Version: 12.0.21005 - Microsoft Corporation) Hidden
Microsoft Visual C++ 2013 x86 Minimum Runtime - 12.0.21005 (HKLM-x32\...\{13A4EE12-23EA-3371-91EE-EFB36DDFFF3E}) (Version: 12.0.21005 - Microsoft Corporation) Hidden
Microsoft Visual C++ 2015-2022 Redistributable (x64) - 14.36.32532 (HKLM-x32\...\{8bdfe669-9705-4184-9368-db9ce581e0e7}) (Version: 14.36.32532.0 - Microsoft Corporation)
Microsoft Visual C++ 2015-2022 Redistributable (x86) - 14.36.32532 (HKLM-x32\...\{410c0ee1-00bb-41b6-9772-e12c2828b02f}) (Version: 14.36.32532.0 - Microsoft Corporation)
Microsoft Visual C++ 2022 X64 Additional Runtime - 14.36.32532 (HKLM\...\{0025DD72-A959-45B5-A0A3-7EFEB15A8050}) (Version: 14.36.32532 - Microsoft Corporation) Hidden
Microsoft Visual C++ 2022 X64 Minimum Runtime - 14.36.32532 (HKLM\...\{D5D19E2F-7189-42FE-8103-92CD1FA457C2}) (Version: 14.36.32532 - Microsoft Corporation) Hidden
Microsoft Visual C++ 2022 X86 Additional Runtime - 14.36.32532 (HKLM-x32\...\{C2C59CAB-8766-4ABD-A8EF-1151A36C41E5}) (Version: 14.36.32532 - Microsoft Corporation) Hidden
Microsoft Visual C++ 2022 X86 Minimum Runtime - 14.36.32532 (HKLM-x32\...\{73F77E4E-5A17-46E5-A5FC-8A061047725F}) (Version: 14.36.32532 - Microsoft Corporation) Hidden
Microsoft Windows Desktop Runtime - 6.0.21 (x64) (HKLM\...\{AF6BF7DD-2B12-40C5-919C-2EC99054BBE1}) (Version: 48.87.64723 - Microsoft Corporation) Hidden
Microsoft Windows Desktop Runtime - 6.0.21 (x64) (HKLM-x32\...\{0f39db03-9030-48f3-82ef-5384bed81d85}) (Version: 6.0.21.32717 - Microsoft Corporation)
NVIDIA Ovladač HD audia 1.3.40.14 (HKLM\...\{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_HDAudio.Driver) (Version: 1.3.40.14 - NVIDIA Corporation)
NVIDIA Ovladače grafiky 551.52 (HKLM\...\{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_Display.Driver) (Version: 551.52 - NVIDIA Corporation)
NVIDIA Systémový software PhysX 9.21.0713 (HKLM\...\{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_Display.PhysX) (Version: 9.21.0713 - NVIDIA Corporation)
Office 16 Click-to-Run Extensibility Component (HKLM\...\{90160000-008C-0000-1000-0000000FF1CE}) (Version: 16.0.17231.20236 - Microsoft Corporation) Hidden
Office 16 Click-to-Run Licensing Component (HKLM\...\{90160000-007E-0000-1000-0000000FF1CE}) (Version: 16.0.17231.20236 - Microsoft Corporation) Hidden
Office 16 Click-to-Run Localization Component (HKLM\...\{90160000-008C-0405-1000-0000000FF1CE}) (Version: 16.0.11425.20202 - Microsoft Corporation) Hidden
OptaneDowngradeGuard (HKLM\...\{86B0E6C1-32E0-42CC-BC4F-BF3C0730CECB}) (Version: 18.0.0.0 - Intel Corporation) Hidden
Qualcomm 11ac Wireless LAN&Bluetooth Installer (HKLM-x32\...\{E7086B15-806E-4519-A876-DBA9FDDE9A13}) (Version: 11.0.0.10531 - Qualcomm)
Realtek High Definition Audio Driver (HKLM-x32\...\{F132AF7F-7BCA-4EDE-8A7C-958108FE7DBC}) (Version: 6.0.8694.1 - Realtek Semiconductor Corp.)
RstDowngradeGuard (HKLM\...\{13C2A26E-7AD4-4D82-BB4F-DEA6E871B958}) (Version: 18.0.0.0 - Intel Corporation) Hidden
Steam (HKLM-x32\...\Steam) (Version: 2.10.91.91 - Valve Corporation)
Way of the Hunter (HKLM-x32\...\1350104287_is1) (Version: 1.25b - GOG.com)
Chrome apps:
============
Disk Google (HKU\S-1-5-21-4206321900-3256822646-2102545685-1001\...\6fb9b06d4f88696fefb20724a4424de3) (Version: 1.0 - Google\Chrome)
Dokumenty (HKU\S-1-5-21-4206321900-3256822646-2102545685-1001\...\51e33e4ab6fb98be1d8352b477e9e465) (Version: 1.0 - Google\Chrome)
Gmail (HKU\S-1-5-21-4206321900-3256822646-2102545685-1001\...\7c321199c15af17d480c7d88a460203b) (Version: 1.0 - Google\Chrome)
Prezentace (HKU\S-1-5-21-4206321900-3256822646-2102545685-1001\...\cb87c2b9b84116177b1430c670f3f8de) (Version: 1.0 - Google\Chrome)
Tabulky (HKU\S-1-5-21-4206321900-3256822646-2102545685-1001\...\24d1b98abdad683ba6db3b9a88d914ba) (Version: 1.0 - Google\Chrome)
Vzdálená plocha Chrome (HKU\S-1-5-21-4206321900-3256822646-2102545685-1001\...\c32e19182aaaf4dbd4413d41ae0ae674) (Version: 1.0 - Google\Chrome)
YouTube (HKU\S-1-5-21-4206321900-3256822646-2102545685-1001\...\7a7affc14752174e389cd28bcc96bd5f) (Version: 1.0 - Google\Chrome)
Packages:
=========
Adobe Acrobat Reader -> C:\Program Files\Adobe\Acrobat DC [2024-02-15] ()
Dev Home -> C:\Program Files\WindowsApps\Microsoft.Windows.DevHome_0.1000.389.0_x64__8wekyb3d8bbwe [2024-02-16] (Microsoft Corporation)
Microsoft Advertising SDK for XAML -> C:\Program Files\WindowsApps\microsoft.advertising.xaml_10.1811.1.0_x64__8wekyb3d8bbwe [2024-02-11] (Microsoft Corporation) [MS Ad]
Microsoft Advertising SDK for XAML -> C:\Program Files\WindowsApps\microsoft.advertising.xaml_10.1811.1.0_x86__8wekyb3d8bbwe [2024-02-11] (Microsoft Corporation) [MS Ad]
Microsoft Defender -> C:\Program Files\WindowsApps\Microsoft.6365217CE6EB4_102.2311.21003.0_x64__8wekyb3d8bbwe [2024-01-05] (Microsoft Corporation) [Startup Task]
Microsoft.MPEG2VideoExtension -> C:\Program Files\WindowsApps\Microsoft.MPEG2VideoExtension_1.0.61931.0_x64__8wekyb3d8bbwe [2023-10-12] (Microsoft Corporation)
Microsoft.WindowsAppRuntime.CBS -> C:\WINDOWS\SystemApps\Microsoft.WindowsAppRuntime.CBS_8wekyb3d8bbwe [2024-01-10] (Microsoft Corporation)
NVIDIA Control Panel -> C:\Program Files\WindowsApps\NVIDIACorp.NVIDIAControlPanel_8.1.964.0_x64__56jybvy8sckqj [2024-02-13] (NVIDIA Corp.)
Příslušenství pro Xbox -> C:\Program Files\WindowsApps\Microsoft.XboxDevices_2402.2402.12001.0_x64__8wekyb3d8bbwe [2024-02-16] (Microsoft Corporation)
Windows Feature Experience Pack -> C:\WINDOWS\SystemApps\MicrosoftWindows.Client.FileExp_cw5n1h2txyewy [2024-01-24] (Microsoft Corporation)
==================== Custom CLSID (Whitelisted): ==============
(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)
CustomCLSID: HKU\S-1-5-21-4206321900-3256822646-2102545685-1001_Classes\CLSID\{14100442-9664-1407-2647-000000000000}\localserver32 -> no filepath
CustomCLSID: HKU\S-1-5-21-4206321900-3256822646-2102545685-1001_Classes\CLSID\{38142727-3008-9161-1521-349515000000}\localserver32 -> C:\Program Files\Adobe\Acrobat DC\Acrobat\ADNotificationManager.exe (Adobe Inc. -> Adobe)
CustomCLSID: HKU\S-1-5-21-4206321900-3256822646-2102545685-1001_Classes\CLSID\{D5C4136A-93E5-4678-A6F8-0B2D9BB10999}\localserver32 -> C:\WINDOWS\System32\RunDll32.exe "C:\Program Files\Reg Organizer\Notifications.dll",Activate -ToastActivated => No File
ShellIconOverlayIdentifiers: [ OptaneIconOverlay] -> {A3AF6F6C-8BED-3D93-8B5D-33427B5D38E9} => C:\WINDOWS\System32\DriverStore\FileRepository\iastorpinningcomponent.inf_amd64_357b728ba88fb99a\OptaneShellExt.dll [2022-12-18] (Intel Corporation -> )
ContextMenuHandlers3: [OptaneContextMenu] -> {AD7EBB13-617D-3270-8FA8-46583499C4FB} => C:\WINDOWS\System32\DriverStore\FileRepository\iastorpinningcomponent.inf_amd64_357b728ba88fb99a\OptaneShellExt.dll [2022-12-18] (Intel Corporation -> )
ContextMenuHandlers5: [NvCplDesktopContext] -> {3D1975AF-48C6-4f8e-A182-BE0E08FA86A9} => C:\WINDOWS\System32\DriverStore\FileRepository\nvdmi.inf_amd64_bf6d2a134ab6747a\nvshext.dll [2024-02-08] (NVIDIA Corporation -> NVIDIA Corporation)
==================== Codecs (Whitelisted) ====================
==================== Shortcuts & WMI ========================
(The entries could be listed to be restored or removed.)
ShortcutWithArgument: C:\Users\unigl\Desktop\Vzdálená plocha Chrome.lnk -> C:\Program Files\Google\Chrome\Application\chrome_proxy.exe (Google LLC) -> --profile-directory=Default --app-id=cmkncekebbebpfilplodngbpllndjkfo
ShortcutWithArgument: C:\Users\unigl\AppData\Local\Google\Chrome\User Data\Default\Web Applications\_crx_cmkncekebbebpfilplodngbpllndjkfo\Vzdálená plocha Chrome.lnk -> C:\Program Files\Google\Chrome\Application\chrome_proxy.exe (Google LLC) -> --profile-directory=Default --app-id=cmkncekebbebpfilplodngbpllndjkfo
ShortcutWithArgument: C:\Users\unigl\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Aplikace Chrome\Disk Google (1).lnk -> C:\Program Files\Google\Chrome\Application\chrome_proxy.exe (Google LLC) -> --profile-directory="Profile 1" --app-id=aghbiahbpaijignceidepookljebhfak
ShortcutWithArgument: C:\Users\unigl\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Aplikace Chrome\Dokumenty (1).lnk -> C:\Program Files\Google\Chrome\Application\chrome_proxy.exe (Google LLC) -> --profile-directory="Profile 1" --app-id=mpnpojknpmmopombnjdcgaaiekajbnjb
ShortcutWithArgument: C:\Users\unigl\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Aplikace Chrome\Gmail (1).lnk -> C:\Program Files\Google\Chrome\Application\chrome_proxy.exe (Google LLC) -> --profile-directory="Profile 1" --app-id=fmgjjmmmlfnkbppncabfkddbjimcfncm
ShortcutWithArgument: C:\Users\unigl\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Aplikace Chrome\Prezentace (1).lnk -> C:\Program Files\Google\Chrome\Application\chrome_proxy.exe (Google LLC) -> --profile-directory="Profile 1" --app-id=kefjledonklijopmnomlcbpllchaibag
ShortcutWithArgument: C:\Users\unigl\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Aplikace Chrome\Tabulky (1).lnk -> C:\Program Files\Google\Chrome\Application\chrome_proxy.exe (Google LLC) -> --profile-directory="Profile 1" --app-id=fhihpiojkbmbpdjeoajapmgkhlnakfjf
ShortcutWithArgument: C:\Users\unigl\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Aplikace Chrome\Vzdálená plocha Chrome.lnk -> C:\Program Files\Google\Chrome\Application\chrome_proxy.exe (Google LLC) -> --profile-directory=Default --app-id=cmkncekebbebpfilplodngbpllndjkfo
ShortcutWithArgument: C:\Users\unigl\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Aplikace Chrome\YouTube.lnk -> C:\Program Files\Google\Chrome\Application\chrome_proxy.exe (Google LLC) -> --profile-directory="Profile 1" --app-id=agimnkijcaahngcdmfeangaknmldooml
==================== Loaded Modules (Whitelisted) =============
2019-10-04 10:56 - 2019-10-04 10:56 - 000000000 ____L (Microsoft Corporation) [symlink -> C:\Program Files\Common Files\Microsoft Shared\ClickToRun\AppvIsvSubsystems64.dll] C:\Program Files\Microsoft Office\root\Client\AppVIsvSubsystems64.dll
2019-10-04 10:56 - 2019-10-04 10:56 - 000000000 ____L (Microsoft Corporation) [symlink -> C:\Program Files\Common Files\Microsoft Shared\ClickToRun\AppvIsvSubsystems64.dll] C:\Program Files\Microsoft Office\root\Office16\AppVIsvSubsystems64.dll
2019-10-04 10:56 - 2019-10-04 10:56 - 000000000 ____L (Microsoft Corporation) [symlink -> C:\Program Files\Common Files\Microsoft Shared\ClickToRun\C2R64.dll] C:\Program Files\Microsoft Office\root\Office16\c2r64.dll
2019-10-04 10:56 - 2019-10-04 10:56 - 000000000 ____L (Microsoft Corporation) [symlink -> C:\Program Files\Common Files\Microsoft Shared\ClickToRun\C2R64.dll] C:\Program Files\Microsoft Office\root\vfs\ProgramFilesCommonX64\Microsoft Shared\OFFICE16\c2r64.dll
2024-02-21 22:22 - 2024-02-21 22:22 - 002849280 _____ (The OpenSSL Project, hxxps://www.openssl.org/) [File not signed] C:\Program Files\Electronic Arts\EA Desktop\EA Desktop\libcrypto-1_1-x64.dll
2024-02-21 22:22 - 2024-02-21 22:22 - 000685056 _____ (The OpenSSL Project, hxxps://www.openssl.org/) [File not signed] C:\Program Files\Electronic Arts\EA Desktop\EA Desktop\libssl-1_1-x64.dll
2024-02-21 22:22 - 2024-02-21 22:22 - 000046592 _____ (The Qt Company Ltd.) [File not signed] C:\Program Files\Electronic Arts\EA Desktop\EA Desktop\bearer\qgenericbearer.dll
2024-02-21 22:22 - 2024-02-21 22:22 - 006270976 _____ (The Qt Company Ltd.) [File not signed] C:\Program Files\Electronic Arts\EA Desktop\EA Desktop\Qt5Core.dll
2024-02-21 22:22 - 2024-02-21 22:22 - 001389568 _____ (The Qt Company Ltd.) [File not signed] C:\Program Files\Electronic Arts\EA Desktop\EA Desktop\Qt5Network.dll
2024-02-21 22:22 - 2024-02-21 22:22 - 000157184 _____ (The Qt Company Ltd.) [File not signed] C:\Program Files\Electronic Arts\EA Desktop\EA Desktop\Qt5WebSockets.dll
==================== Alternate Data Streams (Whitelisted) ========
==================== Safe Mode (Whitelisted) ==================
(If an entry is included in the fixlist, it will be removed from the registry. The "AlternateShell" will be restored.)
HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\MCODS => ""="Service"
HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Network\McMPFSvc => ""="Service"
HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Network\MCODS => ""="Service"
==================== Association (Whitelisted) =================
==================== Internet Explorer (Whitelisted) ==========
HKLM\Software\Wow6432Node\Microsoft\Internet Explorer\Main,Search Page =
HKLM\Software\Wow6432Node\Microsoft\Internet Explorer\Main,Default_Page_URL =
HKLM\Software\Wow6432Node\Microsoft\Internet Explorer\Main,Default_Search_URL =
HKLM\Software\Wow6432Node\Microsoft\Internet Explorer\Main,Local Page =
BHO-x32: Skype for Business Browser Helper -> {31D09BA0-12F5-4CCE-BE8A-2923E76605DA} -> C:\Program Files\Microsoft Office\root\VFS\ProgramFilesX86\Microsoft Office\Office16\OCHelper.dll [2024-02-02] (Microsoft Corporation -> Microsoft Corporation)
Handler: mso-minsb-roaming.16 - {83C25742-A9F7-49FB-9138-434302C88D07} - C:\Program Files\Microsoft Office\root\Office16\MSOSB.DLL [2024-02-02] (Microsoft Corporation -> Microsoft Corporation)
Handler-x32: mso-minsb-roaming.16 - {83C25742-A9F7-49FB-9138-434302C88D07} - C:\Program Files\Microsoft Office\root\VFS\ProgramFilesX86\Microsoft Office\Office16\MSOSB.DLL [2024-02-02] (Microsoft Corporation -> Microsoft Corporation)
Handler: mso-minsb.16 - {42089D2D-912D-4018-9087-2B87803E93FB} - C:\Program Files\Microsoft Office\root\Office16\MSOSB.DLL [2024-02-02] (Microsoft Corporation -> Microsoft Corporation)
Handler-x32: mso-minsb.16 - {42089D2D-912D-4018-9087-2B87803E93FB} - C:\Program Files\Microsoft Office\root\VFS\ProgramFilesX86\Microsoft Office\Office16\MSOSB.DLL [2024-02-02] (Microsoft Corporation -> Microsoft Corporation)
Handler: osf-roaming.16 - {42089D2D-912D-4018-9087-2B87803E93FB} - C:\Program Files\Microsoft Office\root\Office16\MSOSB.DLL [2024-02-02] (Microsoft Corporation -> Microsoft Corporation)
Handler-x32: osf-roaming.16 - {42089D2D-912D-4018-9087-2B87803E93FB} - C:\Program Files\Microsoft Office\root\VFS\ProgramFilesX86\Microsoft Office\Office16\MSOSB.DLL [2024-02-02] (Microsoft Corporation -> Microsoft Corporation)
Handler: osf.16 - {5504BE45-A83B-4808-900A-3A5C36E7F77A} - C:\Program Files\Microsoft Office\root\Office16\MSOSB.DLL [2024-02-02] (Microsoft Corporation -> Microsoft Corporation)
Handler-x32: osf.16 - {5504BE45-A83B-4808-900A-3A5C36E7F77A} - C:\Program Files\Microsoft Office\root\VFS\ProgramFilesX86\Microsoft Office\Office16\MSOSB.DLL [2024-02-02] (Microsoft Corporation -> Microsoft Corporation)
==================== Hosts content: =========================
(If needed Hosts: directive could be included in the fixlist to reset Hosts.)
2019-03-19 05:49 - 2019-03-19 05:49 - 000000824 _____ C:\WINDOWS\system32\drivers\etc\hosts
==================== Other Areas ===========================
(Currently there is no automatic fix for this section.)
HKU\S-1-5-21-4206321900-3256822646-2102545685-1001\Control Panel\Desktop\\Wallpaper -> c:\users\unigl\appdata\local\microsoft\windows\themes\beach tim\desktopbackground\01 gettyimages-1170458461_resized.jpg
DNS Servers: 8.8.8.8 - 8.8.4.4
HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Policies\System => (ConsentPromptBehaviorAdmin: 0) (ConsentPromptBehaviorUser: 3) (EnableLUA: 1)
HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer => (SmartScreenEnabled: Warn)
Windows Firewall is enabled.
==================== MSCONFIG/TASK MANAGER disabled items ==
(If an entry is included in the fixlist, it will be removed.)
MSCONFIG\Services: DDVCollectorSvcApi => 2
MSCONFIG\Services: DDVDataCollector => 2
MSCONFIG\Services: DDVRulesProcessor => 2
MSCONFIG\Services: DellClientManagementService => 2
MSCONFIG\Services: DellTechHub => 2
MSCONFIG\Services: ESRV_SVC_QUEENCREEK => 2
MSCONFIG\Services: MicrosoftEdgeElevationService => 3
MSCONFIG\Services: SupportAssistAgent => 2
MSCONFIG\Services: SystemUsageReportSvc_QUEENCREEK => 2
MSCONFIG\Services: USER_ESRV_SVC_QUEENCREEK => 3
HKLM\...\StartupApproved\Run: => "SecurityHealth"
HKLM\...\StartupApproved\Run: => "RtkAudUService"
HKLM\...\StartupApproved\Run: => "Wondershare Helper Compact.exe"
HKLM\...\StartupApproved\Run: => "UniConverterUpdateHelper"
HKLM\...\StartupApproved\Run32: => "Wondershare Helper Compact.exe"
HKU\S-1-5-21-4206321900-3256822646-2102545685-1001\...\StartupApproved\Run: => "EADM"
HKU\S-1-5-21-4206321900-3256822646-2102545685-1001\...\StartupApproved\Run: => "MicrosoftEdgeAutoLaunch_CA8893526DA595542D4789D1145D5425"
HKU\S-1-5-21-4206321900-3256822646-2102545685-1001\...\StartupApproved\Run: => "OneDrive"
HKU\S-1-5-21-4206321900-3256822646-2102545685-1001\...\StartupApproved\Run: => "EpicGamesLauncher"
HKU\S-1-5-21-4206321900-3256822646-2102545685-1001\...\StartupApproved\Run: => "Steam"
==================== FirewallRules (Whitelisted) ================
(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)
FirewallRules: [TCP Query User{01BC3B94-41AE-4896-B12C-DBEC41DE1EBE}C:\program files\ea games\ea sports fc 24\fc24.exe] => (Allow) C:\program files\ea games\ea sports fc 24\fc24.exe (Electronic Arts, Inc. -> Electronic Arts)
FirewallRules: [UDP Query User{49ADC446-B825-4770-B38C-671B74FF6A82}C:\program files\ea games\ea sports fc 24\fc24.exe] => (Allow) C:\program files\ea games\ea sports fc 24\fc24.exe (Electronic Arts, Inc. -> Electronic Arts)
FirewallRules: [TCP Query User{6CA7479A-4206-497E-8DA4-E6A4BD9D4B5D}C:\program files\google\chrome\application\chrome.exe] => (Block) C:\program files\google\chrome\application\chrome.exe (Google LLC -> Google LLC)
FirewallRules: [UDP Query User{02DEE30B-47EE-4CD3-AFF4-8AF7E3110043}C:\program files\google\chrome\application\chrome.exe] => (Block) C:\program files\google\chrome\application\chrome.exe (Google LLC -> Google LLC)
FirewallRules: [TCP Query User{D3A65F8B-44F7-4196-A9C2-123CB44BAA73}D:\games\download\call of duty 2 cz\setup\data\cod2mp_s.exe] => (Allow) D:\games\download\call of duty 2 cz\setup\data\cod2mp_s.exe () [File not signed]
FirewallRules: [UDP Query User{8A1BF716-2616-4A14-9EC4-ECA9CFC4FE8A}D:\games\download\call of duty 2 cz\setup\data\cod2mp_s.exe] => (Allow) D:\games\download\call of duty 2 cz\setup\data\cod2mp_s.exe () [File not signed]
FirewallRules: [TCP Query User{1838CC55-32C8-480C-A069-3E48AED5F2B6}C:\users\unigl\appdata\roaming\utorrent\utorrent.exe] => (Allow) C:\users\unigl\appdata\roaming\utorrent\utorrent.exe (BitTorrent Inc -> BitTorrent Limited)
FirewallRules: [UDP Query User{103A716F-38B7-4242-8AF2-D829B53DC333}C:\users\unigl\appdata\roaming\utorrent\utorrent.exe] => (Allow) C:\users\unigl\appdata\roaming\utorrent\utorrent.exe (BitTorrent Inc -> BitTorrent Limited)
FirewallRules: [TCP Query User{8D12593C-9641-4F4A-8516-3C5811F9A6F1}D:\games\call of duty modern warfare 2 campaign remastered\mw2cr.exe] => (Allow) D:\games\call of duty modern warfare 2 campaign remastered\mw2cr.exe (Activision Publishing Inc -> Activision) [File not signed]
FirewallRules: [UDP Query User{9682F152-F117-4C10-BAF7-7CF6CB6F82A7}D:\games\call of duty modern warfare 2 campaign remastered\mw2cr.exe] => (Allow) D:\games\call of duty modern warfare 2 campaign remastered\mw2cr.exe (Activision Publishing Inc -> Activision) [File not signed]
FirewallRules: [{5A3C99FB-8480-4BF6-85E6-8E6572E01EF5}] => (Allow) C:\Program Files (x86)\Google\Chrome Remote Desktop\122.0.6261.0\remoting_host.exe (Google LLC -> Google LLC)
FirewallRules: [TCP Query User{51CDC24E-452D-47FA-94BF-00F64A645AFB}D:\games\soundwire server\soundwireserver.exe] => (Allow) D:\games\soundwire server\soundwireserver.exe => No File
FirewallRules: [UDP Query User{F8C3E1D3-727D-4BD8-A0CF-02312FCA2F09}D:\games\soundwire server\soundwireserver.exe] => (Allow) D:\games\soundwire server\soundwireserver.exe => No File
FirewallRules: [{93FDFAC1-CDA4-475A-976D-722F1AE31C79}] => (Allow) D:\Games\Steam\Steam.exe (Valve Corp. -> Valve Corporation)
FirewallRules: [{426AD73F-97DA-466B-81CC-E42B251DE8DA}] => (Allow) D:\Games\Steam\Steam.exe (Valve Corp. -> Valve Corporation)
FirewallRules: [{06EF3345-B8E9-495E-BD02-A9A291D4FCE3}] => (Allow) D:\Games\Steam\bin\cef\cef.win7x64\steamwebhelper.exe (Valve Corp. -> Valve Corporation)
FirewallRules: [{008BDD13-9A6C-4689-BFF6-7E35B0685972}] => (Allow) D:\Games\Steam\bin\cef\cef.win7x64\steamwebhelper.exe (Valve Corp. -> Valve Corporation)
FirewallRules: [{617B14C6-5B12-436A-9B89-83FA201D567D}] => (Allow) C:\Program Files\Microsoft Office\root\Office16\outlook.exe (Microsoft Corporation -> Microsoft Corporation)
FirewallRules: [{5EBCD5BC-C762-42ED-B215-34696687DEF9}] => (Allow) c:\program files (x86)\exitlag\exitlag.exe => No File
FirewallRules: [{58BF604B-106D-4EFA-8AB8-26E05B1AD4C8}] => (Allow) c:\program files (x86)\exitlag\exitlag.exe => No File
FirewallRules: [{EDE85C07-4932-4521-AAA9-62C520344A95}] => (Allow) C:\Program Files (x86)\Microsoft\EdgeWebView\Application\121.0.2277.128\msedgewebview2.exe => No File
FirewallRules: [{CFFD5907-A41E-40F1-98B0-79503A550C9D}] => (Allow) C:\Program Files\EA Games\EA SPORTS FC 24\EAAntiCheat.GameServiceLauncher.exe (Electronic Arts, Inc. -> Electronic Arts)
FirewallRules: [{F0B91869-1E9B-4DB2-A80D-DCC65F116E5A}] => (Allow) C:\Program Files\EA Games\EA SPORTS FC 24\EAAntiCheat.GameServiceLauncher.exe (Electronic Arts, Inc. -> Electronic Arts)
FirewallRules: [{8DB30B22-6F9D-4C7B-A3BC-B9F92FAFB752}] => (Allow) C:\Program Files\Google\Chrome\Application\chrome.exe (Google LLC -> Google LLC)
FirewallRules: [{E21181F6-F204-4257-8CAB-B47BA34D0F93}] => (Allow) C:\Program Files\Electronic Arts\EA Desktop\EA Desktop\EABackgroundService.exe (Electronic Arts, Inc. -> Electronic Arts)
FirewallRules: [{AECB1237-427D-4164-8B27-03DE8DA6EA82}] => (Allow) C:\Program Files\Electronic Arts\EA Desktop\EA Desktop\EABackgroundService.exe (Electronic Arts, Inc. -> Electronic Arts)
FirewallRules: [{32ED9914-7741-4B49-A761-EBB8490FB0AA}] => (Allow) C:\Program Files\Electronic Arts\EA Desktop\EA Desktop\EAConnect_microsoft.exe (Electronic Arts, Inc. -> Electronic Arts)
FirewallRules: [{2AEB749D-B60F-4780-B0FC-316A31CB0BAE}] => (Allow) C:\Program Files\Electronic Arts\EA Desktop\EA Desktop\EAConnect_microsoft.exe (Electronic Arts, Inc. -> Electronic Arts)
FirewallRules: [{D79CDD41-4C5D-4F70-85DE-B99CEE69DDB2}] => (Allow) C:\Program Files\Electronic Arts\EA Desktop\EA Desktop\EADesktop.exe (Electronic Arts, Inc. -> Electronic Arts)
FirewallRules: [{28B76544-DA88-49E1-8FDB-3448C150DA45}] => (Allow) C:\Program Files\Electronic Arts\EA Desktop\EA Desktop\EADesktop.exe (Electronic Arts, Inc. -> Electronic Arts)
FirewallRules: [{637E6E07-77C5-494A-8CFB-D7D7EED9DEF7}] => (Allow) C:\Program Files\Electronic Arts\EA Desktop\EA Desktop\EAGEP.exe (Electronic Arts, Inc. -> Electronic Arts)
FirewallRules: [{44A30D32-14F4-423F-9BF4-2B8357B5E80B}] => (Allow) C:\Program Files\Electronic Arts\EA Desktop\EA Desktop\EAGEP.exe (Electronic Arts, Inc. -> Electronic Arts)
FirewallRules: [{966BA8BD-2AE0-49BC-AF1E-385098A9A4F9}] => (Allow) C:\Program Files\Electronic Arts\EA Desktop\EA Desktop\EALocalHostSvc.exe (Electronic Arts, Inc. -> Electronic Arts)
FirewallRules: [{7279517B-9637-44F0-BDF5-A5DA5B8417D7}] => (Allow) C:\Program Files\Electronic Arts\EA Desktop\EA Desktop\EALocalHostSvc.exe (Electronic Arts, Inc. -> Electronic Arts)
FirewallRules: [{8C1006DA-5619-4C58-A952-20ADC88B6D99}] => (Allow) C:\Program Files\Electronic Arts\EA Desktop\EA Desktop\EALaunchHelper.exe (Electronic Arts, Inc. -> Electronic Arts)
==================== Restore Points =========================
19-02-2024 13:26:15 EA app
21-02-2024 15:13:32 Microsoft Visual C++ 2012 Redistributable (x86) - 11.0.60610
21-02-2024 15:13:42 Microsoft Visual C++ 2012 Redistributable (x64) - 11.0.60610
22-02-2024 10:03:10 Removed Microsoft GameInput
==================== Faulty Device Manager Devices ============
Name: Technologie Intel(R) Smart Sound OED
Description: Technologie Intel(R) Smart Sound OED
Class Guid: {4d36e97d-e325-11ce-bfc1-08002be10318}
Manufacturer: Intel(R) Corporation
Service: IntcOED
Problem: : This device is disabled. (Code 22)
Resolution: In Device Manager, click "Action", and then click "Enable Device". This starts the Enable Device wizard. Follow the instructions.
==================== Event log errors: ========================
Application errors:
==================
Error: (02/22/2024 10:27:32 AM) (Source: VSS) (EventID: 8193) (User: )
Description: Chyba služby Stínová kopie svazků: Při volání rutiny CoCreateInstance došlo k neočekávané chybě. hr= 0x8007045b, Probíhá vypnutí systému..
Error: (02/22/2024 10:27:32 AM) (Source: VSS) (EventID: 13) (User: )
Description: Informace služby Stínová kopie svazku: Server COM s identifikátorem CLSID {4e14fba2-2e22-11d1-9964-00c04fbbb345} a názvem CEventSystem nelze spustit. [0x8007045b, Probíhá vypnutí systému.]
Error: (02/22/2024 10:26:17 AM) (Source: Application Error) (EventID: 1000) (User: GOGO_PC)
Description: Název chybující aplikace: bad_module_info, verze: 0.0.0.0, časové razítko: 0x00000000
Název chybujícího modulu: unknown, verze: 0.0.0.0, časové razítko: 0x00000000
Kód výjimky: 0xc0000005
Posun chyby: 0x00007ffc2f1a76ae
ID chybujícího procesu: 0x0x2d20
Čas spuštění chybující aplikace: 0x0x1da656ee743b69c
Cesta k chybující aplikaci: bad_module_info
Cesta k chybujícímu modulu: unknown
ID zprávy: b160361f-85db-4dfe-bd9a-7c9626a859e9
Úplný název chybujícího balíčku: Microsoft.GamingApp_2401.1001.10.0_x64__8wekyb3d8bbwe
ID aplikace související s chybujícím balíčkem: Microsoft.Xbox.App
Error: (02/21/2024 10:31:44 PM) (Source: Application Error) (EventID: 1000) (User: GOGO_PC)
Description: Název chybující aplikace: ShellExperienceHost.exe, verze: 10.0.22621.3085, časové razítko: 0x6075c8a3
Název chybujícího modulu: ucrtbase.dll, verze: 10.0.22621.2506, časové razítko: 0x097c794c
Kód výjimky: 0xc0000409
Posun chyby: 0x000000000007f61e
ID chybujícího procesu: 0x0x26f8
Čas spuštění chybující aplikace: 0x0x1da650d5ccae55f
Cesta k chybující aplikaci: C:\WINDOWS\SystemApps\ShellExperienceHost_cw5n1h2txyewy\ShellExperienceHost.exe
Cesta k chybujícímu modulu: C:\WINDOWS\System32\ucrtbase.dll
ID zprávy: 5697eee5-1b5d-4238-bdae-99fbd7897242
Úplný název chybujícího balíčku: Microsoft.Windows.ShellExperienceHost_10.0.22621.3085_neutral_neutral_cw5n1h2txyewy
ID aplikace související s chybujícím balíčkem: App
Error: (02/21/2024 10:31:41 PM) (Source: Application Error) (EventID: 1000) (User: GOGO_PC)
Description: Název chybující aplikace: ShellExperienceHost.exe, verze: 10.0.22621.3085, časové razítko: 0x6075c8a3
Název chybujícího modulu: ucrtbase.dll, verze: 10.0.22621.2506, časové razítko: 0x097c794c
Kód výjimky: 0xc0000409
Posun chyby: 0x000000000007f61e
ID chybujícího procesu: 0x0x234c
Čas spuštění chybující aplikace: 0x0x1da650d5a871dfd
Cesta k chybující aplikaci: C:\WINDOWS\SystemApps\ShellExperienceHost_cw5n1h2txyewy\ShellExperienceHost.exe
Cesta k chybujícímu modulu: C:\WINDOWS\System32\ucrtbase.dll
ID zprávy: c8ca0cfe-3fd0-47ea-9298-4de481623ec8
Úplný název chybujícího balíčku: Microsoft.Windows.ShellExperienceHost_10.0.22621.3085_neutral_neutral_cw5n1h2txyewy
ID aplikace související s chybujícím balíčkem: App
Error: (02/21/2024 10:31:34 PM) (Source: Application Error) (EventID: 1000) (User: GOGO_PC)
Description: Název chybující aplikace: ShellExperienceHost.exe, verze: 10.0.22621.3085, časové razítko: 0x6075c8a3
Název chybujícího modulu: ucrtbase.dll, verze: 10.0.22621.2506, časové razítko: 0x097c794c
Kód výjimky: 0xc0000409
Posun chyby: 0x000000000007f61e
ID chybujícího procesu: 0x0x16cc
Čas spuštění chybující aplikace: 0x0x1da650d540b1cbd
Cesta k chybující aplikaci: C:\WINDOWS\SystemApps\ShellExperienceHost_cw5n1h2txyewy\ShellExperienceHost.exe
Cesta k chybujícímu modulu: C:\WINDOWS\System32\ucrtbase.dll
ID zprávy: 8a94403d-7eab-4ce7-a250-2e37dfef48db
Úplný název chybujícího balíčku: Microsoft.Windows.ShellExperienceHost_10.0.22621.3085_neutral_neutral_cw5n1h2txyewy
ID aplikace související s chybujícím balíčkem: App
Error: (02/21/2024 02:55:08 PM) (Source: Application) (EventID: 1) (User: )
Description: Event-ID 1
Error: (02/21/2024 10:59:22 AM) (Source: Application) (EventID: 1) (User: )
Description: Event-ID 1
System errors:
=============
Error: (02/22/2024 12:04:26 PM) (Source: DCOM) (EventID: 10010) (User: GOGO_PC)
Description: Server {8CFC164F-4BE5-4FDD-94E9-E2AF73ED4A19} se v daném časovém limitu neregistroval u služby DCOM.
Error: (02/22/2024 10:35:41 AM) (Source: Service Control Manager) (EventID: 7001) (User: )
Description: Služba igfxCUIService2.0.0.0 závisí na službě SENS, která neuspěla při spuštění v důsledku následující chyby:
Zvolenou službu nelze spustit, protože není povolena nebo s ní není spojeno žádné povolené zařízení.
Error: (02/22/2024 10:35:37 AM) (Source: i8042prt) (EventID: 23) (User: )
Description: Nelze nastavit rozlišení myši.
Error: (02/22/2024 10:35:36 AM) (Source: i8042prt) (EventID: 23) (User: )
Description: Nelze nastavit rozlišení myši.
Error: (02/22/2024 10:35:34 AM) (Source: i8042prt) (EventID: 23) (User: )
Description: Nelze nastavit rozlišení myši.
Error: (02/22/2024 10:34:03 AM) (Source: Service Control Manager) (EventID: 7034) (User: )
Description: Služba Intel(R) Content Protection HECI Service byla neočekávaně ukončena. Tento stav nastal již 1krát.
Error: (02/22/2024 10:34:03 AM) (Source: Service Control Manager) (EventID: 7034) (User: )
Description: Služba Intel(R) Content Protection HDCP Service byla neočekávaně ukončena. Tento stav nastal již 1krát.
Error: (02/22/2024 10:34:03 AM) (Source: Service Control Manager) (EventID: 7031) (User: )
Description: Služba GameInput Service byla nečekaně ukončena. Stalo se to 1 krát. Následující opravná akce bude spuštěna za 1000 milisekund: Restartovat službu.
Windows Defender:
================
Date: 2024-02-22 03:19:18
Description:
Prohledávání Antivirová ochrana v programu Microsoft Defender bylo zastaveno před dokončením.
ID prohledávání: {B158DCB9-A851-4323-B487-61335F30D62C}
Typ prohledávání: Antimalwarový program
Parametry prohledávání: Rychlé prohledávání
Uživatel: NT AUTHORITY\SYSTEM
Date: 2024-02-21 22:30:39
Description:
Prohledávání Antivirová ochrana v programu Microsoft Defender bylo zastaveno před dokončením.
ID prohledávání: {C7F67E52-6BDF-470F-9FD3-7455A4C7A1C8}
Typ prohledávání: Antimalwarový program
Parametry prohledávání: Rychlé prohledávání
Uživatel: NT AUTHORITY\SYSTEM
Date: 2024-02-21 12:20:24
Description:
Prohledávání Antivirová ochrana v programu Microsoft Defender bylo zastaveno před dokončením.
ID prohledávání: {11FCB6A8-557C-43E9-8A81-26B9910A9E3B}
Typ prohledávání: Antimalwarový program
Parametry prohledávání: Rychlé prohledávání
Uživatel: NT AUTHORITY\SYSTEM
Date: 2024-02-19 22:34:59
Description:
Prohledávání Antivirová ochrana v programu Microsoft Defender bylo zastaveno před dokončením.
ID prohledávání: {637BCA5D-493A-4F37-B657-382ED19F8DBB}
Typ prohledávání: Antimalwarový program
Parametry prohledávání: Rychlé prohledávání
Uživatel: NT AUTHORITY\SYSTEM
Date: 2024-02-19 14:59:02
Description:
Prohledávání Antivirová ochrana v programu Microsoft Defender bylo zastaveno před dokončením.
ID prohledávání: {33A6AC08-8E62-479A-935F-C1ABF98561F4}
Typ prohledávání: Antimalwarový program
Parametry prohledávání: Rychlé prohledávání
Uživatel: NT AUTHORITY\SYSTEM
Event[0]
Date: 2024-02-22 01:13:26
Description:
Antivirová ochrana v programu Microsoft Defender Sledování prostředků: Využití procesoru překročilo svůj limit.
Počet přístupů: 51
Aktuální prahová hodnota: 3735609
Date: 2024-02-22 01:04:13
Description:
Antivirová ochrana v programu Microsoft Defender Sledování prostředků: Využití procesoru překročilo svůj limit.
Počet přístupů: 50
Aktuální prahová hodnota: 3735609
Date: 2024-02-22 00:53:43
Description:
Antivirová ochrana v programu Microsoft Defender Sledování prostředků: Využití procesoru překročilo svůj limit.
Počet přístupů: 49
Aktuální prahová hodnota: 3735609
Date: 2023-11-29 10:48:00
Description:
Antivirová ochrana v programu Microsoft Defender Sledování prostředků: Využití procesoru překročilo svůj limit.
Počet přístupů: 57
Aktuální prahová hodnota: 3735609
Date: 2023-11-29 10:38:40
Description:
Antivirová ochrana v programu Microsoft Defender Sledování prostředků: Využití procesoru překročilo svůj limit.
Počet přístupů: 56
Aktuální prahová hodnota: 3735609
CodeIntegrity:
===============
Date: 2023-12-04 16:29:33
Description:
Code Integrity determined that a process (\Device\HarddiskVolume5\ProgramData\Microsoft\Windows Defender\Platform\4.18.23100.2009-0\MsMpEng.exe) attempted to load \Device\HarddiskVolume5\Program Files\Microsoft Office\root\vfs\ProgramFilesCommonX64\Microsoft Shared\OFFICE16\MSOXMLMF.DLL that did not meet the Custom 3 / Antimalware signing level requirements.
Date: 2023-11-28 23:09:53
Description:
Code Integrity is unable to verify the image integrity of the file \Device\HarddiskVolume5\Windows\System32\fcon.dll because the set of per-page image hashes could not be found on the system.
==================== Memory info ===========================
BIOS: Dell Inc. 1.16.0 12/14/2021
Motherboard: Dell Inc. 0VFVNR
Processor: Intel(R) Core(TM) i5-9300H CPU @ 2.40GHz
Percentage of memory in use: 47%
Total physical RAM: 8036.81 MB
Available physical RAM: 4245.98 MB
Total Virtual: 16740.81 MB
Available Virtual: 10963.17 MB
==================== Drives ================================
Drive c: (OS) (Fixed) (Total:220.34 GB) (Free:95.28 GB) (Model: BC501 NVMe SK hynix 256GB) NTFS
Drive d: (DATA) (Fixed) (Total:931.39 GB) (Free:424.74 GB) (Model: ST1000LM035-1RK172) NTFS
\\?\Volume{e1c04f3b-c99c-411c-a771-f9951377bf69}\ (WINRETOOLS) (Fixed) (Total:0.97 GB) (Free:0.06 GB) NTFS
\\?\Volume{cae6b7bf-16d7-4af6-a402-49172a61d04b}\ (Image) (Fixed) (Total:15.16 GB) (Free:0.15 GB) NTFS
\\?\Volume{ec4c7600-3f57-4b6e-8f79-9b8773823385}\ (DELLSUPPORT) (Fixed) (Total:1.23 GB) (Free:0.4 GB) NTFS
\\?\Volume{99876d80-3da3-48aa-9859-d8c6f22ce6d7}\ (ESP) (Fixed) (Total:0.63 GB) (Free:0.55 GB) FAT32
==================== MBR & Partition Table ====================
==========================================================
Disk: 0 (Size: 931.5 GB) (Disk ID: 284F5D41)
Partition: GPT.
==========================================================
Disk: 1 (Size: 238.5 GB) (Disk ID: 284F5844)
Partition: GPT.
==================== End of Addition.txt =======================
Odvirování PC, zrychlení počítače, vzdálená pomoc prostřednictvím služby neslape.cz
Prosím o kontrolu a opravení chyb
Moderátor: Moderátoři
Pravidla fóra
Pokud chcete pomoc, vložte log z FRST [návod zde] nebo RSIT [návod zde]
Jednotlivé thready budou po vyřešení uzamčeny. Stejně tak ty, které budou nečinné déle než 14 dní. Vizte Pravidlo o zamykání témat. Děkujeme za pochopení.
!NOVINKA!
Nově lze využívat služby vzdálené pomoci, kdy se k vašemu počítači připojí odborník a bližší informace o problému si od vás získá telefonicky! Více na www.neslape.cz
Pokud chcete pomoc, vložte log z FRST [návod zde] nebo RSIT [návod zde]
Jednotlivé thready budou po vyřešení uzamčeny. Stejně tak ty, které budou nečinné déle než 14 dní. Vizte Pravidlo o zamykání témat. Děkujeme za pochopení.
!NOVINKA!
Nově lze využívat služby vzdálené pomoci, kdy se k vašemu počítači připojí odborník a bližší informace o problému si od vás získá telefonicky! Více na www.neslape.cz
-
Rudy
- Site Admin
- Příspěvky: 118275
- Registrován: 30 říj 2003 13:42
- Bydliště: Plzeň
- Kontaktovat uživatele:
Re: Prosím o kontrolu a opravení chyb
Zdravím!
Chybí log FRST. Najdete ho na ploše v souboru frst.txt. Děkuji.
Chybí log FRST. Najdete ho na ploše v souboru frst.txt. Děkuji.
Dotazy a logy vkládejte pouze do vašich threadů. Soukromé zprávy, icq a e-maily neslouží k řešení vašich problémů.
Podpořte, prosím, naše fórum : https://platba.viry.cz/payment/.
Navštivte:
e-mail: rudy(zavináč)forum.viry.cz
Varování: Před odvirováním PC si udělejte zálohy svých důležitých dat (pošta, kontakty, dokumenty, fotografie, videa, hudba apod.). Virus mimo svých "viditelných" aktivit může poškodit systém!
Po dořešení vašeho problému bude vlákno zamknuto. Stejně tak tehdy, pokud bude nečinné více než 14dnů. Pokud budete chtít vlákno aktivovat, napište mi na mail uvedený výše.
Podpořte, prosím, naše fórum : https://platba.viry.cz/payment/.
Navštivte:
e-mail: rudy(zavináč)forum.viry.cz
Varování: Před odvirováním PC si udělejte zálohy svých důležitých dat (pošta, kontakty, dokumenty, fotografie, videa, hudba apod.). Virus mimo svých "viditelných" aktivit může poškodit systém!
Po dořešení vašeho problému bude vlákno zamknuto. Stejně tak tehdy, pokud bude nečinné více než 14dnů. Pokud budete chtít vlákno aktivovat, napište mi na mail uvedený výše.
Re: Prosím o kontrolu a opravení chyb
Scan result of Farbar Recovery Scan Tool (FRST) (x64) Version: 19.02.2024 02
Ran by unigl (administrator) on GOGO_PC (Dell Inc. G3 3590) (22-02-2024 12:41:11)
Running from C:\Users\unigl\Desktop\FRST64.exe
Loaded Profiles: unigl
Platform: Microsoft Windows 11 Home Version 23H2 22631.3155 (X64) Language: Čeština (Česko)
Default browser: Chrome
Boot Mode: Normal
==================== Processes (Whitelisted) =================
(If an entry is included in the fixlist, the process will be closed. The file will not be moved.)
(Adobe Inc. -> Adobe Systems Incorporated) C:\Program Files\Adobe\Acrobat DC\Acrobat\AdobeCollabSync.exe <2>
(A-Volute SAS -> A-Volute) C:\Windows\System32\NhNotifSys.exe
(C:\Program Files\Microsoft Office\root\Office16\OUTLOOK.EXE ->) (Microsoft Corporation -> Microsoft Corporation) C:\Program Files\Microsoft Office\root\vfs\ProgramFilesCommonX64\Microsoft Shared\OFFICE16\ai.exe
(DriverStore\FileRepository\dptf_cpu.inf_amd64_c2c5b0e17a28a48f\esif_uf.exe ->) (Intel Corporation -> Intel Corporation) C:\Windows\System32\DriverStore\FileRepository\dptf_cpu.inf_amd64_c2c5b0e17a28a48f\dptf_helper.exe
(explorer.exe ->) (Microsoft Corporation -> Microsoft Corporation) C:\Program Files\Microsoft Office\root\Office16\OUTLOOK.EXE
(Google LLC -> Google LLC) C:\Program Files (x86)\Google\Update\1.3.36.372\GoogleCrashHandler.exe
(Google LLC -> Google LLC) C:\Program Files (x86)\Google\Update\1.3.36.372\GoogleCrashHandler64.exe
(services.exe ->) (Adobe Inc. -> Adobe Inc.) C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\armsvc.exe
(services.exe ->) (A-Volute SAS -> Nahimic) C:\Windows\System32\NahimicService.exe
(services.exe ->) (Electronic Arts, Inc. -> Electronic Arts) C:\Program Files\Electronic Arts\EA Desktop\EA Desktop\EABackgroundService.exe
(services.exe ->) (Flexera Software LLC -> Flexera) C:\Program Files\Common Files\Macrovision Shared\FlexNet Publisher\FNPLicensingService64.exe
(services.exe ->) (Intel Corporation -> Intel Corporation) C:\Windows\System32\DriverStore\FileRepository\dptf_cpu.inf_amd64_c2c5b0e17a28a48f\esif_uf.exe
(services.exe ->) (Intel Corporation -> Intel Corporation) C:\Windows\System32\DriverStore\FileRepository\iastorac.inf_amd64_d6e4236a0f82e7b4\RstMwService.exe
(services.exe ->) (Intel Corporation -> Intel Corporation) C:\Windows\System32\DriverStore\FileRepository\igcc_dch.inf_amd64_9cf4db1a1fd1b22d\OneApp.IGCC.WinService.exe
(services.exe ->) (Intel Corporation -> Intel Corporation) C:\Windows\System32\DriverStore\FileRepository\iigd_dch.inf_amd64_4de65d949492707a\IntelCpHDCPSvc.exe
(services.exe ->) (Intel Corporation -> Intel Corporation) C:\Windows\System32\DriverStore\FileRepository\iigd_dch.inf_amd64_4de65d949492707a\IntelCpHeciSvc.exe
(services.exe ->) (Intel(R) Embedded Subsystems and IP Blocks Group -> Intel Corporation) C:\Windows\System32\DriverStore\FileRepository\dal.inf_amd64_b5484efd38adbe8d\jhi_service.exe
(services.exe ->) (Intel(R) Embedded Subsystems and IP Blocks Group -> Intel Corporation) C:\Windows\System32\DriverStore\FileRepository\lms.inf_amd64_dd349ca1e8d98184\LMS.exe
(services.exe ->) (Microsoft Corporation -> Microsoft Corporation) C:\Program Files\Common Files\microsoft shared\ClickToRun\OfficeClickToRun.exe
(services.exe ->) (Microsoft Corporation -> Microsoft Corporation) C:\Windows\System32\GameInputSvc.exe <2>
(services.exe ->) (Microsoft Corporation -> Microsoft Corporation) C:\Windows\System32\WirelessKB850NotificationService.exe
(services.exe ->) (Microsoft Windows Hardware Compatibility Publisher -> ) C:\Windows\System32\drivers\SessionService.exe
(services.exe ->) (Microsoft Windows Hardware Compatibility Publisher -> Windows (R) Win 7 DDK provider) C:\Windows\System32\drivers\AdminService.exe
(services.exe ->) (Microsoft Windows Publisher -> Microsoft Corporation) C:\ProgramData\Microsoft\Windows Defender\Platform\4.18.23110.3-0\MsMpEng.exe
(services.exe ->) (Microsoft Windows Publisher -> Microsoft Corporation) C:\ProgramData\Microsoft\Windows Defender\Platform\4.18.23110.3-0\NisSrv.exe
(services.exe ->) (NVIDIA Corporation -> NVIDIA Corporation) C:\Windows\System32\DriverStore\FileRepository\nvdmi.inf_amd64_bf6d2a134ab6747a\Display.NvContainer\NVDisplay.Container.exe <2>
(services.exe ->) (Qualcomm Atheros, Inc. -> ) C:\Windows\System32\drivers\QcomWlanSrvx64.exe
(services.exe ->) (Realtek Semiconductor Corp. -> Realtek Semiconductor) C:\Windows\System32\DriverStore\FileRepository\realtekservice.inf_amd64_fdd83e4dd87bcfa1\RtkAudUService64.exe
(services.exe ->) (Smart Sound Technology -> Intel) C:\Windows\System32\cAVS\Intel(R) Audio Service\IntelAudioService.exe
(svchost.exe ->) (Microsoft Corporation -> Microsoft Corporation) C:\Program Files\WindowsApps\Microsoft.GamingApp_2401.1001.10.0_x64__8wekyb3d8bbwe\XboxGameBarWidgets.exe
(svchost.exe ->) (Microsoft Corporation -> Microsoft Corporation) C:\Program Files\WindowsApps\Microsoft.GamingApp_2401.1001.10.0_x64__8wekyb3d8bbwe\XboxPcAppFT.exe
(svchost.exe ->) (Microsoft Corporation -> Microsoft Corporation) C:\Program Files\WindowsApps\Microsoft.XboxGamingOverlay_6.124.1221.0_x64__8wekyb3d8bbwe\GameBar.exe
(svchost.exe ->) (Microsoft Corporation -> Microsoft Corporation) C:\Program Files\WindowsApps\Microsoft.XboxGamingOverlay_6.124.1221.0_x64__8wekyb3d8bbwe\GameBarFTServer.exe
(svchost.exe ->) (Microsoft Windows -> ) C:\Program Files\WindowsApps\MicrosoftWindows.Client.WebExperience_424.1301.140.0_x64__cw5n1h2txyewy\Dashboard\WidgetService.exe
(svchost.exe ->) (Microsoft Windows -> Microsoft Corporation) C:\Windows\ImmersiveControlPanel\SystemSettings.exe
(svchost.exe ->) (Microsoft Windows -> Microsoft Corporation) C:\Windows\System32\DataExchangeHost.exe
(svchost.exe ->) (Microsoft Windows -> Microsoft Corporation) C:\Windows\System32\dllhost.exe
(svchost.exe ->) (Microsoft Windows -> Microsoft Corporation) C:\Windows\System32\smartscreen.exe
(svchost.exe ->) (Microsoft Windows -> Microsoft Corporation) C:\Windows\UUS\Packages\Preview\amd64\MoUsoCoreWorker.exe
(svchost.exe ->) (Microsoft Windows -> Microsoft Corporation) C:\Windows\WinSxS\amd64_microsoft-windows-servicingstack_31bf3856ad364e35_10.0.22621.3073_none_e9771ec042bad855\TiWorker.exe
==================== Registry (Whitelisted) ===================
(If an entry is included in the fixlist, the registry item will be restored to default or removed. The file will not be moved.)
HKLM\...\Run: [RtkAudUService] => C:\Windows\System32\RtkAudUService64.exe [873976 2019-05-02] (Realtek Semiconductor Corp. -> Realtek Semiconductor)
HKLM\Software\Microsoft\Active Setup\Installed Components: [{8A69D345-D564-463c-AFF1-A69D9E530F96}] -> C:\Program Files\Google\Chrome\Application\121.0.6167.187\Installer\chrmstp.exe [2024-02-22] (Google LLC -> Google LLC)
HKLM\Software\...\Authentication\Credential Providers: [{C885AA15-1764-4293-B82A-0586ADD46B35}] ->
==================== Scheduled Tasks (Whitelisted) =================
(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)
Task: {1465500d-a209-4108-842c-089ebad64693} - no filepath. <==== ATTENTION
Task: {2cbbfda8-4b0c-49ac-85a7-8818410a0893} - no filepath. <==== ATTENTION
Task: {2fcca34f-ecc2-44b4-ad7e-3da6176209ba} - no filepath. <==== ATTENTION
Task: {415ff2d6-e7d8-412a-a347-9f908923de20} - no filepath. <==== ATTENTION
Task: {7dd9f761-c13c-4526-8281-99a1c0e60012} - no filepath. <==== ATTENTION
Task: {F1F00F8A-E352-412A-8CA2-E90FA7BB8589} - \Microsoft\Windows\UpdateOrchestrator\USO_UxBroker -> No File <==== ATTENTION
Task: {1FA7DD15-9360-48E6-B508-BAE31EABFA0E} - System32\Tasks\Adobe Acrobat Update Task => C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\AdobeARM.exe [1547208 2024-01-31] (Adobe Inc. -> Adobe Inc.)
Task: {687CB701-A669-4CF8-B70E-80059B603892} - System32\Tasks\GoogleUpdateTaskMachineCore{5F370170-0F3C-4C5B-A2E8-95DCBC4EA4D0} => C:\Program Files (x86)\Google\Update\GoogleUpdate.exe [162080 2023-10-12] (Google LLC -> Google LLC)
Task: {D48CF43E-0C21-48A8-B053-A6822F8C6AB5} - System32\Tasks\GoogleUpdateTaskMachineUA{527DC2E4-1B68-4EF5-A0E0-AF25E9D62FB8} => C:\Program Files (x86)\Google\Update\GoogleUpdate.exe [162080 2023-10-12] (Google LLC -> Google LLC)
Task: {60F4808A-B05C-41DF-A608-9653F850B229} - System32\Tasks\Microsoft\Office\Office Automatic Updates 2.0 => C:\Program Files\Common Files\Microsoft Shared\ClickToRun\OfficeC2RClient.exe [28372672 2024-02-10] (Microsoft Corporation -> Microsoft Corporation)
Task: {C7684857-0539-4910-9574-1E7E8EE5C3FA} - System32\Tasks\Microsoft\Office\Office ClickToRun Service Monitor => C:\Program Files\Common Files\Microsoft Shared\ClickToRun\OfficeC2RClient.exe [28372672 2024-02-10] (Microsoft Corporation -> Microsoft Corporation)
Task: {B7180413-5674-4717-961F-C67F2601760C} - System32\Tasks\Microsoft\Office\Office Feature Updates => C:\Program Files\Microsoft Office\root\Office16\sdxhelper.exe [306328 2024-02-16] (Microsoft Corporation -> Microsoft Corporation)
Task: {0813B751-3A92-4ADF-856B-7AC59E6EEF9E} - System32\Tasks\Microsoft\Office\Office Feature Updates Logon => C:\Program Files\Microsoft Office\root\Office16\sdxhelper.exe [306328 2024-02-16] (Microsoft Corporation -> Microsoft Corporation)
Task: {CE4E6670-4117-4B79-A127-67C4FC676EAE} - System32\Tasks\Microsoft\Office\Office Performance Monitor => C:\Program Files\Microsoft Office\root\VFS\ProgramFilesCommonX64\Microsoft Shared\Office16\operfmon.exe [170128 2024-02-02] (Microsoft Corporation -> Microsoft Corporation)
Task: {45CF73C8-9A94-47C5-8E45-347738A58FC5} - System32\Tasks\Microsoft\Windows\Mobile Broadband Accounts\MNO Metadata Parser => %SystemRoot%\System32\MbaeParserTask.exe (No File)
Task: {7F77C5FC-9809-44DC-B1A7-71E84501BDFE} - System32\Tasks\Microsoft\Windows\Windows Defender\Windows Defender Cache Maintenance => C:\ProgramData\Microsoft\Windows Defender\Platform\4.18.23110.3-0\MpCmdRun.exe [1608808 2023-12-07] (Microsoft Windows Publisher -> Microsoft Corporation)
Task: {1C6D182A-656B-49C8-BCC2-1FC2EBCC5C6A} - System32\Tasks\Microsoft\Windows\Windows Defender\Windows Defender Cleanup => C:\ProgramData\Microsoft\Windows Defender\Platform\4.18.23110.3-0\MpCmdRun.exe [1608808 2023-12-07] (Microsoft Windows Publisher -> Microsoft Corporation)
Task: {2649DECD-8B36-4240-9CF8-9ABAE04548E3} - System32\Tasks\Microsoft\Windows\Windows Defender\Windows Defender Scheduled Scan => C:\ProgramData\Microsoft\Windows Defender\Platform\4.18.23110.3-0\MpCmdRun.exe [1608808 2023-12-07] (Microsoft Windows Publisher -> Microsoft Corporation)
Task: {05ADFD6F-60A7-4A37-8F60-ED2E2C4A61CA} - System32\Tasks\Microsoft\Windows\Windows Defender\Windows Defender Verification => C:\ProgramData\Microsoft\Windows Defender\Platform\4.18.23110.3-0\MpCmdRun.exe [1608808 2023-12-07] (Microsoft Windows Publisher -> Microsoft Corporation)
Task: {8FB98E2B-31C5-49F1-9485-5B71E21857A3} - System32\Tasks\NvProfileUpdaterDaily_{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8} => C:\Program Files\NVIDIA Corporation\Update Core\NvProfileUpdater64.exe [910888 2023-11-02] (NVIDIA Corporation -> NVIDIA Corporation)
Task: {9B6C834C-C817-4BBE-8F08-D63B814969F4} - System32\Tasks\NvProfileUpdaterOnLogon_{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8} => C:\Program Files\NVIDIA Corporation\Update Core\NvProfileUpdater64.exe [910888 2023-11-02] (NVIDIA Corporation -> NVIDIA Corporation)
Task: {DF80E7CC-786E-4671-8ABF-D45F5C27227A} - System32\Tasks\Opera scheduled Autoupdate 1706874079 => C:\Users\unigl\AppData\Local\Programs\Opera\launcher.exe [2350496 2024-01-31] (Opera Norway AS -> Opera Software)
(If an entry is included in the fixlist, the task (.job) file will be moved. The file which is running by the task will not be moved.)
==================== Internet (Whitelisted) ====================
(If an item is included in the fixlist, if it is a registry item it will be removed or restored to default.)
Tcpip\Parameters: [DhcpNameServer] 10.0.0.138
Tcpip\..\Interfaces\{769a924c-b032-4a2c-a940-8b6e91c50654}: [NameServer] 8.8.8.8,8.8.4.4
Tcpip\..\Interfaces\{769a924c-b032-4a2c-a940-8b6e91c50654}: [DhcpNameServer] 10.0.0.138
Tcpip\..\Interfaces\{8ca6bab5-7671-435b-bda0-da848df7c0ce}: [DhcpNameServer] 10.0.0.138
Edge:
=======
Edge Profile: C:\Users\unigl\AppData\Local\Microsoft\Edge\User Data\Default [2024-02-13]
Edge Extension: (Dokumenty Google offline) - C:\Users\unigl\AppData\Local\Microsoft\Edge\User Data\Default\Extensions\ghbmnnjooekpmoecnnnilnnbdlolhkhi [2024-02-03]
Edge Extension: (Edge relevant text changes) - C:\Users\unigl\AppData\Local\Microsoft\Edge\User Data\Default\Extensions\jmjflgjpcpepeafmmgdpfkogkghcpiha [2024-02-10]
FireFox:
========
FF Plugin: @microsoft.com/SharePoint,version=14.0 -> C:\Program Files\Microsoft Office\root\Office16\NPSPWRAP.DLL [2024-02-02] (Microsoft Corporation -> Microsoft Corporation)
FF Plugin: Adobe Acrobat -> C:\Program Files\Adobe\Acrobat DC\Acrobat\Air\nppdf32.dll [2024-02-10] (Adobe Inc. -> Adobe Systems Inc.)
FF Plugin-x32: @microsoft.com/SharePoint,version=14.0 -> C:\Program Files\Microsoft Office\root\VFS\ProgramFilesX86\Microsoft Office\Office16\NPSPWRAP.DLL [2024-02-02] (Microsoft Corporation -> Microsoft Corporation)
Chrome:
=======
CHR DefaultProfile: Default
CHR Profile: C:\Users\unigl\AppData\Local\Google\Chrome\User Data\Default [2024-02-22]
CHR HomePage: Default -> hxxp://www.ask.com/?l=dis&o=41648005cr&gct=hp
CHR StartupUrls: Default -> "hxxp://www.google.com/"
CHR Session Restore: Default -> is enabled.
CHR Extension: (Adobe Acrobat: nástroje pro úpravu, převod a podpis souborů PDF) - C:\Users\unigl\AppData\Local\Google\Chrome\User Data\Default\Extensions\efaidnbmnnnibpcajpcglclefindmkaj [2024-02-01]
CHR Extension: (Dokumenty Google offline) - C:\Users\unigl\AppData\Local\Google\Chrome\User Data\Default\Extensions\ghbmnnjooekpmoecnnnilnnbdlolhkhi [2024-02-20]
CHR Extension: (LastPass: Free Password Manager) - C:\Users\unigl\AppData\Local\Google\Chrome\User Data\Default\Extensions\hdokiejnpimakedhajhdlcegeplioahd [2024-02-20]
CHR Extension: (Chrome Remote Desktop) - C:\Users\unigl\AppData\Local\Google\Chrome\User Data\Default\Extensions\inomeogfingihgjfjlpeplalcfajhgai [2023-09-01]
CHR Extension: (Rozšíření pro webové stránky - WP Screenshot) - C:\Users\unigl\AppData\Local\Google\Chrome\User Data\Default\Extensions\mhnppmochppgeilojkicdoghhgfnaaig [2023-09-01]
CHR Extension: (Úžasný snímek obrazovky a záznam obrazovky) - C:\Users\unigl\AppData\Local\Google\Chrome\User Data\Default\Extensions\nlipoenfbbikpbjkfpfillcgkoblgpmj [2024-02-21]
CHR Extension: (Platby Internetového obchodu Chrome) - C:\Users\unigl\AppData\Local\Google\Chrome\User Data\Default\Extensions\nmmhkkegccagdldgiimedpiccmgmieda [2023-09-01]
CHR Extension: (Snímání obrazovky - Nástroj pro snímání obrazovky) - C:\Users\unigl\AppData\Local\Google\Chrome\User Data\Default\Extensions\pmnphobdokkajkpbkajlaiooipfcpgio [2024-02-02]
CHR Profile: C:\Users\unigl\AppData\Local\Google\Chrome\User Data\Profile 1 [2024-02-22]
CHR Extension: (Adobe Acrobat: nástroje pro úpravu, převod a podpis souborů PDF) - C:\Users\unigl\AppData\Local\Google\Chrome\User Data\Profile 1\Extensions\efaidnbmnnnibpcajpcglclefindmkaj [2024-02-13]
CHR Extension: (Dokumenty Google offline) - C:\Users\unigl\AppData\Local\Google\Chrome\User Data\Profile 1\Extensions\ghbmnnjooekpmoecnnnilnnbdlolhkhi [2023-10-18]
CHR Extension: (Platby Internetového obchodu Chrome) - C:\Users\unigl\AppData\Local\Google\Chrome\User Data\Profile 1\Extensions\nmmhkkegccagdldgiimedpiccmgmieda [2023-09-08]
CHR Profile: C:\Users\unigl\AppData\Local\Google\Chrome\User Data\Profile 2 [2024-02-22]
CHR Extension: (Adobe Acrobat: nástroje pro úpravu, převod a podpis souborů PDF) - C:\Users\unigl\AppData\Local\Google\Chrome\User Data\Profile 2\Extensions\efaidnbmnnnibpcajpcglclefindmkaj [2023-12-14]
CHR Extension: (Dokumenty Google offline) - C:\Users\unigl\AppData\Local\Google\Chrome\User Data\Profile 2\Extensions\ghbmnnjooekpmoecnnnilnnbdlolhkhi [2023-10-18]
CHR Extension: (Platby Internetového obchodu Chrome) - C:\Users\unigl\AppData\Local\Google\Chrome\User Data\Profile 2\Extensions\nmmhkkegccagdldgiimedpiccmgmieda [2023-10-18]
CHR Profile: C:\Users\unigl\AppData\Local\Google\Chrome\User Data\System Profile [2024-02-22]
CHR HKU\S-1-5-21-4206321900-3256822646-2102545685-1001\SOFTWARE\Google\Chrome\Extensions\...\Chrome\Extension: [efaidnbmnnnibpcajpcglclefindmkaj]
CHR HKLM-x32\...\Chrome\Extension: [efaidnbmnnnibpcajpcglclefindmkaj]
Opera:
=======
OPR DefaultProfile: Default
==================== Services (Whitelisted) ===================
(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)
"MpKsla06c1369" => service could not be unlocked. <==== ATTENTION
HKLM\SYSTEM\ControlSet001\Services\MpKsla06c1369 => \??\C:\ProgramData\Microsoft\Windows Defender\Definition Updates\{DE539A92-ED9F-46A6-A2BB-644568167F33}\MpKslDrv.sys <==== ATTENTION (Rootkit!/Locked Service)
R2 AdobeARMservice; C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\armsvc.exe [172992 2024-01-31] (Adobe Inc. -> Adobe Inc.)
S3 chromoting; C:\Program Files (x86)\Google\Chrome Remote Desktop\122.0.6261.0\remoting_host.exe [73504 2024-01-23] (Google LLC -> Google LLC)
R3 ClickToRunSvc; C:\Program Files\Common Files\Microsoft Shared\ClickToRun\OfficeClickToRun.exe [14048768 2024-02-10] (Microsoft Corporation -> Microsoft Corporation)
S3 DraftSight API Service; C:\Program Files\Dassault Systemes\DraftSight\bin\dsHttpApiService.exe [132384 2023-05-11] (DASSAULT SYSTEMES SE -> Dassault Systèmes)
S3 EAAntiCheatService; C:\Program Files\EA\AC\eaanticheat.gameservice.exe [53217096 2024-02-14] (Electronic Arts, Inc. -> Electronic Arts)
R3 EABackgroundService; C:\Program Files\Electronic Arts\EA Desktop\EA Desktop\EABackgroundService.exe [12094568 2024-02-21] (Electronic Arts, Inc. -> Electronic Arts)
R2 NahimicService; C:\WINDOWS\system32\NahimicService.exe [1926840 2022-07-15] (A-Volute SAS -> Nahimic)
R2 NVDisplay.ContainerLocalSystem; C:\WINDOWS\System32\DriverStore\FileRepository\nvdmi.inf_amd64_bf6d2a134ab6747a\Display.NvContainer\NVDisplay.Container.exe [1275528 2024-02-08] (NVIDIA Corporation -> NVIDIA Corporation)
R2 QcomWlanSrv; C:\WINDOWS\System32\drivers\QcomWlanSrvx64.exe [188728 2022-01-23] (Qualcomm Atheros, Inc. -> )
R3 WdNisSvc; C:\ProgramData\Microsoft\Windows Defender\Platform\4.18.23110.3-0\NisSrv.exe [3174840 2023-12-07] (Microsoft Windows Publisher -> Microsoft Corporation)
R2 WinDefend; C:\ProgramData\Microsoft\Windows Defender\Platform\4.18.23110.3-0\MsMpEng.exe [133592 2023-12-07] (Microsoft Windows Publisher -> Microsoft Corporation)
R2 WirelessKB850NotificationService; C:\WINDOWS\System32\WirelessKB850NotificationService.exe [176624 2018-05-14] (Microsoft Corporation -> Microsoft Corporation)
===================== Drivers (Whitelisted) ===================
(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)
R1 Amfilter; C:\WINDOWS\System32\drivers\Amfltx64.sys [12288 2023-05-23] (Microsoft Windows Hardware Compatibility Publisher -> (Standard mouse types))
R3 Amps2prt; C:\WINDOWS\System32\drivers\Amps2x64.sys [21504 2023-05-23] (Microsoft Windows Hardware Compatibility Publisher -> (Standard mouse types))
S3 Amusbprt; C:\WINDOWS\System32\drivers\Amusbx64.sys [17920 2023-05-23] (Microsoft Windows Hardware Compatibility Publisher -> A4Tech Co.,Ltd.)
S3 AWCCDriver; C:\WINDOWS\System32\drivers\AWCCDriver.sys [43496 2023-04-09] (IndiLogic LLC -> Dell Inc.)
S3 DDDriver; C:\WINDOWS\System32\drivers\dddriver64Dcsa.sys [36728 2019-05-21] (Microsoft Windows Hardware Compatibility Publisher -> Dell Inc.)
S3 DellInstrumentation; C:\WINDOWS\System32\drivers\DellInstrumentation.sys [46640 2023-08-29] (Microsoft Windows Hardware Compatibility Publisher -> Dell)
S3 dg_ssudbus; C:\WINDOWS\System32\drivers\ssudbus2.sys [167440 2022-09-30] (Samsung Electronics CO., LTD. -> Samsung Electronics Co., Ltd.)
R3 MpKsleaeb8ecc; C:\ProgramData\Microsoft\Windows Defender\Definition Updates\{E03CE832-C6AC-4A33-98EA-458156B6801A}\MpKslDrv.sys [272664 2024-02-22] (Microsoft Windows -> Microsoft Corporation)
S1 ndextlag; C:\WINDOWS\system32\DRIVERS\ndextlag.sys [59696 2023-03-16] (WHIMSTERS FINANCIAL SOLUTIONS LTD -> Skowsand Tecnologia LTDA)
S3 ScpVBus; C:\WINDOWS\System32\drivers\ScpVBus.sys [39168 2013-05-19] (Bruce James -> Scarlet.Crush Productions)
S3 ssudqcfilter; C:\WINDOWS\System32\drivers\ssudqcfilter.sys [76832 2022-09-30] (Samsung Electronics CO., LTD. -> QUALCOMM Incorporated)
R1 steamxbox; C:\WINDOWS\System32\drivers\steamxbox.sys [278208 2023-02-21] (Valve Corp. -> Valve Corporation)
S0 WdBoot; C:\WINDOWS\System32\drivers\wd\WdBoot.sys [55856 2023-12-07] (Microsoft Windows Early Launch Anti-malware Publisher -> Microsoft Corporation)
R0 WdFilter; C:\WINDOWS\System32\drivers\wd\WdFilter.sys [594304 2023-12-07] (Microsoft Windows -> Microsoft Corporation)
R3 WdNisDrv; C:\WINDOWS\System32\drivers\wd\WdNisDrv.sys [105856 2023-12-07] (Microsoft Windows -> Microsoft Corporation)
S3 WOVAD; C:\WINDOWS\System32\drivers\womic.sys [51192 2022-01-14] (Microsoft Windows Hardware Compatibility Publisher -> Windows (R) Win 7 DDK provider)
S3 DellWAL; \??\C:\Program Files\Dell\DellDataVault\DDDriver64Dcsa.sys [X]
S3 EAAntiCheat; system32\drivers\eaanticheat.sys [X]
==================== NetSvcs (Whitelisted) ===================
(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)
==================== One month (created) (Whitelisted) =========
(If an entry is included in the fixlist, the file/folder will be moved.)
2024-02-22 12:41 - 2024-02-22 12:41 - 000021847 _____ C:\Users\unigl\Desktop\FRST.txt
2024-02-22 12:39 - 2024-02-22 12:39 - 000020438 _____ C:\Users\unigl\Downloads\[SkT]Prince_of_Persia_The_Lost_Crown_2024__Deluxe_Edition_Nintendo_Switch_Emulator_.torrent
2024-02-22 10:42 - 2024-02-22 10:42 - 000728678 _____ C:\WINDOWS\system32\perfh005.dat
2024-02-22 10:42 - 2024-02-22 10:42 - 000151894 _____ C:\WINDOWS\system32\perfc005.dat
2024-02-22 10:35 - 2024-02-22 10:35 - 000000008 _____ C:\ProgramData\ntuser.pol
2024-02-22 10:20 - 2024-02-22 12:41 - 000000000 ____D C:\FRST
2024-02-22 10:19 - 2024-02-22 10:19 - 002386944 _____ (Farbar) C:\Users\unigl\Desktop\FRST64.exe
2024-02-22 02:25 - 2024-02-22 02:25 - 000000000 ____D C:\WINDOWS\pss
2024-02-22 02:18 - 2024-02-22 02:18 - 000000000 ____D C:\Users\unigl\AppData\Local\ElevatedDiagnostics
2024-02-21 15:18 - 2024-02-21 20:59 - 000000000 ____D C:\Users\unigl\OneDrive\Dokumenty\FC 24
2024-02-20 04:17 - 2024-02-20 04:17 - 000000000 ____D C:\Users\unigl\AppData\Local\WayOfTheHunter
2024-02-20 00:30 - 2024-02-20 00:30 - 000000860 _____ C:\Users\Public\Desktop\Way of the Hunter.lnk
2024-02-20 00:30 - 2024-02-20 00:30 - 000000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Way of the Hunter [GOG.com]
2024-02-20 00:29 - 2024-02-20 00:29 - 000000000 ____D C:\ProgramData\GOG.com
2024-02-19 15:22 - 2024-02-19 15:22 - 000000000 ____D C:\Users\unigl\AppData\LocalLow\Messenger
2024-02-19 15:22 - 2024-02-19 15:22 - 000000000 ____D C:\Users\unigl\AppData\Local\Messenger
2024-02-19 14:38 - 2024-02-21 15:19 - 000000000 ____D C:\Program Files\EA
2024-02-19 14:38 - 2024-02-19 14:38 - 000001200 _____ C:\Users\Public\Desktop\EA SPORTS FC 24.lnk
2024-02-19 14:38 - 2024-02-19 14:38 - 000000000 ___HD C:\Program Files\Common Files\EAInstaller
2024-02-19 14:38 - 2024-02-19 14:38 - 000000000 ____D C:\ProgramData\eaanticheat
2024-02-19 13:26 - 2024-02-21 22:22 - 000000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\EA
2024-02-19 13:26 - 2024-02-21 22:22 - 000000000 ____D C:\ProgramData\EA Desktop
2024-02-19 13:26 - 2024-02-19 13:26 - 000000000 ____D C:\Users\unigl\AppData\Local\Electronic Arts
2024-02-19 13:26 - 2024-02-19 13:26 - 000000000 ____D C:\Users\unigl\AppData\Local\EADesktop
2024-02-17 14:23 - 2024-02-17 14:23 - 000000000 ____D C:\Users\unigl\OneDrive\Dokumenty\CPY_SAVES
2024-02-16 13:38 - 2024-02-16 13:38 - 000000000 ____D C:\Program Files\Common Files\DESIGNER
2024-02-16 13:01 - 2024-02-16 13:01 - 000000651 _____ C:\Users\Public\Desktop\Steam.lnk
2024-02-16 13:01 - 2024-02-16 13:01 - 000000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Steam
2024-02-16 10:35 - 2024-02-19 15:26 - 000000000 ____D C:\WINDOWS\system32\Tasks\Meta
2024-02-16 10:34 - 2024-02-16 10:34 - 000000000 ____D C:\Users\unigl\AppData\Local\messenger-updater
2024-02-14 10:14 - 2024-02-14 10:15 - 000000000 ___HD C:\$WinREAgent
2024-02-13 15:22 - 2024-02-08 09:25 - 002095464 _____ C:\WINDOWS\system32\vulkaninfo-1-999-0-0-0.exe
2024-02-13 15:22 - 2024-02-08 09:25 - 002095464 _____ C:\WINDOWS\system32\vulkaninfo.exe
2024-02-13 15:22 - 2024-02-08 09:25 - 001655656 _____ C:\WINDOWS\SysWOW64\vulkaninfo-1-999-0-0-0.exe
2024-02-13 15:22 - 2024-02-08 09:25 - 001655656 _____ C:\WINDOWS\SysWOW64\vulkaninfo.exe
2024-02-13 15:22 - 2024-02-08 09:25 - 001278824 _____ C:\WINDOWS\SysWOW64\vulkan-1-999-0-0-0.dll
2024-02-13 15:22 - 2024-02-08 09:25 - 001278824 _____ C:\WINDOWS\SysWOW64\vulkan-1.dll
2024-02-13 15:22 - 2024-02-08 09:24 - 001487904 _____ (Khronos Group) C:\WINDOWS\system32\OpenCL.dll
2024-02-13 15:22 - 2024-02-08 09:24 - 001434368 _____ C:\WINDOWS\system32\vulkan-1-999-0-0-0.dll
2024-02-13 15:22 - 2024-02-08 09:24 - 001434368 _____ C:\WINDOWS\system32\vulkan-1.dll
2024-02-13 15:22 - 2024-02-08 09:24 - 001226760 _____ (Khronos Group) C:\WINDOWS\SysWOW64\OpenCL.dll
2024-02-13 15:22 - 2024-02-08 09:20 - 001542176 _____ (NVIDIA Corporation) C:\WINDOWS\system32\NvIFR64.dll
2024-02-13 15:22 - 2024-02-08 09:20 - 001199224 _____ (NVIDIA Corporation) C:\WINDOWS\SysWOW64\NvIFR.dll
2024-02-13 15:22 - 2024-02-08 09:20 - 001040920 _____ (NVIDIA Corporation) C:\WINDOWS\system32\nvml.dll
2024-02-13 15:22 - 2024-02-08 09:20 - 000670240 _____ (NVIDIA Corporation) C:\WINDOWS\system32\nvofapi64.dll
2024-02-13 15:22 - 2024-02-08 09:20 - 000505352 _____ (NVIDIA Corporation) C:\WINDOWS\SysWOW64\nvofapi.dll
2024-02-13 15:22 - 2024-02-08 09:19 - 002173984 _____ (NVIDIA Corporation) C:\WINDOWS\system32\NvFBC64.dll
2024-02-13 15:22 - 2024-02-08 09:19 - 001625096 _____ (NVIDIA Corporation) C:\WINDOWS\SysWOW64\NvFBC.dll
2024-02-13 15:22 - 2024-02-08 09:19 - 001024136 _____ (NVIDIA Corporation) C:\WINDOWS\system32\nvEncodeAPI64.dll
2024-02-13 15:22 - 2024-02-08 09:19 - 000842376 _____ (NVIDIA Corporation) C:\WINDOWS\system32\nvidia-smi.exe
2024-02-13 15:22 - 2024-02-08 09:19 - 000786960 _____ (NVIDIA Corporation) C:\WINDOWS\SysWOW64\nvEncodeAPI.dll
2024-02-13 15:21 - 2024-02-08 09:18 - 000459272 _____ (NVIDIA Corporation) C:\WINDOWS\system32\nvdebugdump.exe
2024-02-13 15:21 - 2024-02-08 09:17 - 016033312 _____ (NVIDIA Corporation) C:\WINDOWS\SysWOW64\nvcuvid.dll
2024-02-13 15:21 - 2024-02-08 09:17 - 012928648 _____ (NVIDIA Corporation) C:\WINDOWS\system32\nvcuvid.dll
2024-02-13 15:21 - 2024-02-08 09:17 - 006780424 _____ (NVIDIA Corporation) C:\WINDOWS\SysWOW64\nvcuda.dll
2024-02-13 15:21 - 2024-02-08 09:17 - 005909112 _____ (NVIDIA Corporation) C:\WINDOWS\system32\nvcpl.dll
2024-02-13 15:21 - 2024-02-08 09:17 - 005773448 _____ (NVIDIA Corporation) C:\WINDOWS\system32\nvcudadebugger.dll
2024-02-13 15:21 - 2024-02-08 09:17 - 003721232 _____ (NVIDIA Corporation) C:\WINDOWS\system32\nvcuda.dll
2024-02-13 15:21 - 2024-02-08 09:17 - 000853112 _____ (NVIDIA Corporation) C:\WINDOWS\system32\MCU.exe
2024-02-13 15:21 - 2024-02-08 09:15 - 006030992 _____ (NVIDIA Corporation) C:\WINDOWS\SysWOW64\nvapi.dll
2024-02-13 15:21 - 2024-02-07 23:49 - 000120261 _____ C:\WINDOWS\system32\nvinfo.pb
2024-02-13 12:21 - 2024-02-13 12:21 - 000002677 _____ C:\Users\unigl\Desktop\Vzdálená plocha Chrome.lnk
2024-02-13 02:18 - 2024-02-20 04:11 - 000000000 ____D C:\Users\unigl\AppData\Local\ChemTable Software
2024-02-11 14:22 - 2024-02-11 13:29 - 000809496 ____R (Creative Labs Inc.) C:\WINDOWS\SysWOW64\tmp6261.tmp
2024-02-11 13:59 - 2024-02-11 14:22 - 000000000 ____D C:\Users\unigl\OneDrive\Dokumenty\Ubisoft
2024-02-11 13:59 - 2024-02-11 14:22 - 000000000 ____D C:\Users\unigl\AppData\Local\SKIDROW
2024-02-11 13:38 - 2024-02-11 13:29 - 000809496 ____R (Creative Labs Inc.) C:\WINDOWS\SysWOW64\tmp2144.tmp
2024-02-11 13:38 - 2024-02-11 13:29 - 000809496 ____R (Creative Labs Inc.) C:\WINDOWS\SysWOW64\tmp2134.tmp
2024-02-10 23:14 - 2024-02-22 00:13 - 000000000 ____D C:\Users\unigl\Desktop\ISLC v1.0.3.0
2024-02-02 19:25 - 2024-02-02 19:25 - 000000000 ____D C:\Users\unigl\AppData\LocalLow\uTorrent.WebView2
2024-02-02 19:24 - 2024-02-02 19:24 - 000000937 _____ C:\Users\unigl\Desktop\µTorrent.lnk
2024-02-02 14:30 - 2024-02-12 22:48 - 000000000 ___HD C:\Users\unigl\.opera
2024-02-02 14:10 - 2024-02-20 12:33 - 000000000 ____D C:\Users\unigl\.fontconfig
2024-02-02 14:10 - 2024-02-02 14:10 - 000000000 ____D C:\Users\unigl\AppData\Local\converter
2024-02-02 14:09 - 2024-02-02 14:09 - 000012553 _____ C:\ProgramData\sguasgrp.vby
2024-02-02 14:09 - 2024-02-02 14:09 - 000000016 _____ C:\ProgramData\mntemp
2024-02-02 14:09 - 2024-02-02 14:09 - 000000000 ____D C:\Users\unigl\AppData\Local\Movavi
2024-02-02 14:09 - 2024-02-02 14:09 - 000000000 ____D C:\ProgramData\movavi
2024-02-02 14:04 - 2024-02-02 14:04 - 000000000 ____D C:\Program Files (x86)\WondershareUpdate
2024-02-02 14:03 - 2024-02-02 14:07 - 000000000 ____D C:\Users\unigl\AppData\Local\Wondershare
2024-02-02 14:03 - 2024-02-02 14:07 - 000000000 ____D C:\ProgramData\Wondershare
2024-02-02 14:03 - 2024-02-02 14:07 - 000000000 ____D C:\Program Files\Wondershare
2024-02-02 14:03 - 2024-02-02 14:04 - 000000000 ____D C:\Users\unigl\AppData\Roaming\Wondershare
2024-02-02 12:41 - 2024-02-13 02:27 - 000003632 _____ C:\WINDOWS\system32\Tasks\Opera scheduled Autoupdate 1706874079
2024-02-02 12:41 - 2024-02-02 12:41 - 000000000 ____D C:\Users\unigl\AppData\Local\Opera Software
2024-02-02 12:40 - 2024-02-02 12:40 - 000000000 ____D C:\Users\unigl\AppData\Roaming\Opera Software
2024-02-01 23:38 - 2024-02-21 22:32 - 000001911 _____ C:\Users\unigl\Desktop\EA.lnk
2024-02-01 23:33 - 2024-02-01 23:33 - 000001563 _____ C:\Users\unigl\Desktop\Zástupce Plocha (OneDrive - Osobní).lnk
2024-02-01 08:25 - 2024-02-20 12:33 - 000000000 ____D C:\EADesktopDev
2024-02-01 02:50 - 2024-01-18 12:32 - 000121880 _____ (NVIDIA Corporation) C:\WINDOWS\system32\Drivers\nvhda64v.sys
2024-01-29 02:19 - 2024-01-29 02:19 - 000000000 ____D C:\Users\unigl\AppData\Roaming\NVIDIA
2024-01-29 00:04 - 2024-02-21 22:19 - 000000000 ____D C:\Users\unigl\AppData\Local\NVIDIA Corporation
2024-01-29 00:04 - 2024-02-20 12:30 - 000003894 _____ C:\WINDOWS\system32\Tasks\NvProfileUpdaterDaily_{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}
2024-01-29 00:04 - 2024-02-20 12:30 - 000003654 _____ C:\WINDOWS\system32\Tasks\NvProfileUpdaterOnLogon_{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}
2024-01-24 16:41 - 2024-01-24 16:41 - 000019222 _____ C:\WINDOWS\SysWOW64\IntegratedServicesRegionPolicySet.json
2024-01-24 16:40 - 2024-01-24 16:40 - 000019222 _____ C:\WINDOWS\system32\IntegratedServicesRegionPolicySet.json
==================== One month (modified) ==================
(If an entry is included in the fixlist, the file/folder will be moved.)
2024-02-22 12:04 - 2023-10-12 08:30 - 000000000 ____D C:\Program Files (x86)\Google
2024-02-22 12:04 - 2023-09-01 12:24 - 000000000 ____D C:\WINDOWS\SystemTemp
2024-02-22 12:04 - 2023-09-01 12:06 - 000000000 ____D C:\Users\unigl\OneDrive\Dokumenty\Soubory aplikace Outlook
2024-02-22 12:03 - 2023-09-01 12:24 - 000000000 ____D C:\ProgramData\regid.1991-06.com.microsoft
2024-02-22 10:42 - 2023-09-01 12:24 - 000000000 ____D C:\WINDOWS\INF
2024-02-22 10:42 - 2023-09-01 11:55 - 001718876 _____ C:\WINDOWS\system32\PerfStringBackup.INI
2024-02-22 10:35 - 2023-12-10 11:31 - 000000000 ____D C:\ProgramData\NVIDIA
2024-02-22 10:35 - 2023-09-01 12:24 - 000000000 ____D C:\WINDOWS\ServiceState
2024-02-22 10:35 - 2023-09-01 11:54 - 000000006 ____H C:\WINDOWS\Tasks\SA.DAT
2024-02-22 10:35 - 2023-09-01 11:48 - 000000000 ____D C:\ProgramData\Goodix
2024-02-22 10:35 - 2023-09-01 11:47 - 000012288 ___SH C:\DumpStack.log.tmp
2024-02-22 10:34 - 2023-09-01 12:21 - 000524288 _____ C:\WINDOWS\system32\config\BBI
2024-02-22 10:34 - 2019-03-19 05:52 - 000000000 ___HD C:\WINDOWS\system32\GroupPolicy
2024-02-22 10:29 - 2023-09-01 11:47 - 000000000 ____D C:\WINDOWS\system32\SleepStudy
2024-02-22 10:26 - 2023-09-25 07:58 - 000000000 ____D C:\Users\unigl\AppData\LocalLow\Temp
2024-02-22 10:26 - 2023-09-01 14:50 - 000000000 ____D C:\Users\unigl\AppData\Local\CrashDumps
2024-02-22 02:04 - 2023-10-12 08:31 - 000002249 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Google Chrome.lnk
2024-02-22 02:04 - 2023-10-12 08:31 - 000002208 _____ C:\Users\Public\Desktop\Google Chrome.lnk
2024-02-21 22:43 - 2023-09-01 12:31 - 000000000 ____D C:\WINDOWS\Panther
2024-02-21 22:23 - 2023-09-01 12:22 - 000000000 ____D C:\WINDOWS\CbsTemp
2024-02-21 22:19 - 2019-10-04 10:41 - 000000000 ____D C:\Program Files\NVIDIA Corporation
2024-02-21 22:18 - 2023-12-10 11:31 - 000000000 ____D C:\Users\unigl\AppData\Local\NVIDIA
2024-02-21 22:18 - 2023-12-10 11:31 - 000000000 ____D C:\ProgramData\NVIDIA Corporation
2024-02-21 22:18 - 2019-10-04 10:42 - 000000000 ____D C:\Program Files (x86)\NVIDIA Corporation
2024-02-21 18:43 - 2023-09-01 12:00 - 000000000 ____D C:\Users\unigl
2024-02-21 18:15 - 2023-10-27 05:13 - 000000000 ____D C:\WINDOWS\Minidump
2024-02-21 18:15 - 2023-08-30 20:09 - 007814706 ____N C:\WINDOWS\Minidump\022124-10140-01.dmp
2024-02-21 17:23 - 2023-09-13 15:14 - 000000000 ____D C:\Users\unigl\AppData\Roaming\Microsoft\Excel
2024-02-21 15:10 - 2023-09-01 12:24 - 000000000 ___HD C:\Program Files\WindowsApps
2024-02-21 15:10 - 2023-09-01 12:24 - 000000000 ____D C:\WINDOWS\AppReadiness
2024-02-21 15:10 - 2023-09-01 12:04 - 000000000 ____D C:\Users\unigl\AppData\Local\Packages
2024-02-21 14:53 - 2023-09-27 09:56 - 000000000 ____D C:\Users\unigl\AppData\Roaming\uTorrent
2024-02-21 00:56 - 2023-09-01 15:39 - 000000000 ____D C:\ProgramData\Packer
2024-02-20 12:22 - 2019-10-04 11:07 - 000000000 ____D C:\ProgramData\Packages
2024-02-20 12:12 - 2023-12-10 11:41 - 000000000 ____D C:\Users\unigl\AppData\Local\D3DSCache
2024-02-20 08:44 - 2023-09-04 11:36 - 000000000 ____D C:\Users\unigl\AppData\Roaming\Microsoft\Word
2024-02-19 15:27 - 2023-09-04 09:57 - 000003542 _____ C:\WINDOWS\system32\Tasks\Adobe Acrobat Update Task
2024-02-19 14:43 - 2023-09-01 12:24 - 000000000 ____D C:\WINDOWS\LiveKernelReports
2024-02-19 13:28 - 2023-09-01 12:37 - 000000000 ____D C:\Program Files\EA Games
2024-02-19 13:26 - 2023-09-01 12:37 - 000000000 ____D C:\Program Files\Electronic Arts
2024-02-19 13:26 - 2019-10-04 10:34 - 000000000 ____D C:\ProgramData\Package Cache
2024-02-17 14:16 - 2023-09-01 12:05 - 000000000 ____D C:\Users\unigl\AppData\Local\PlaceholderTileLogoFolder
2024-02-17 11:41 - 2023-09-13 20:00 - 002713080 _____ (Microsoft Corporation) C:\WINDOWS\system32\xgameruntime.dll
2024-02-17 11:41 - 2023-09-13 20:00 - 000689656 _____ (Microsoft Corporation) C:\WINDOWS\system32\gameplatformservices.dll
2024-02-17 11:41 - 2023-09-13 20:00 - 000218728 _____ (Microsoft Corporation) C:\WINDOWS\system32\gameconfighelper.dll
2024-02-17 11:41 - 2023-09-13 20:00 - 000202344 _____ (Microsoft Corporation) C:\WINDOWS\system32\gamelaunchhelper.dll
2024-02-17 11:41 - 2023-09-13 20:00 - 000144888 _____ (Microsoft Corporation) C:\WINDOWS\system32\gamingtcuihelpers.dll
2024-02-17 11:41 - 2023-09-13 20:00 - 000095848 _____ (Microsoft Corporation) C:\WINDOWS\system32\xgamehelper.exe
2024-02-17 11:41 - 2023-09-13 20:00 - 000075256 _____ (Microsoft Corporation) C:\WINDOWS\system32\xgamecontrol.exe
2024-02-16 13:37 - 2019-10-04 10:56 - 000000000 ____D C:\Program Files\Microsoft Office
2024-02-16 13:07 - 2023-09-17 07:47 - 000000000 ____D C:\Users\unigl\AppData\Local\Steam
2024-02-16 02:06 - 2023-11-30 17:34 - 000000000 ____D C:\Users\unigl\AppData\Local\ExitLag
2024-02-15 12:36 - 2023-09-04 09:57 - 000002075 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Adobe Acrobat.lnk
2024-02-15 12:36 - 2023-09-04 09:57 - 000002063 _____ C:\Users\Public\Desktop\Adobe Acrobat.lnk
2024-02-15 11:52 - 2023-09-01 12:21 - 000032768 _____ C:\WINDOWS\system32\config\ELAM
2024-02-14 11:14 - 2023-09-01 12:24 - 000000000 ____D C:\ProgramData\USOPrivate
2024-02-14 10:55 - 2023-09-26 22:02 - 000000000 ____D C:\WINDOWS\system32\Microsoft-Edge-WebView
2024-02-14 10:55 - 2023-09-01 12:24 - 000000000 ___RD C:\WINDOWS\ImmersiveControlPanel
2024-02-14 10:55 - 2023-09-01 12:24 - 000000000 ____D C:\WINDOWS\SystemResources
2024-02-14 10:55 - 2023-09-01 12:24 - 000000000 ____D C:\WINDOWS\system32\Sgrm
2024-02-14 10:55 - 2023-09-01 12:24 - 000000000 ____D C:\WINDOWS\bcastdvr
2024-02-14 10:23 - 2023-09-01 12:34 - 000000000 ____D C:\WINDOWS\system32\MRT
2024-02-14 10:21 - 2023-09-01 12:34 - 191155960 ____C (Microsoft Corporation) C:\WINDOWS\system32\MRT.exe
2024-02-14 10:17 - 2023-09-01 11:49 - 003212800 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\PrintConfig.dll
2024-02-13 12:21 - 2023-09-01 12:58 - 000000000 ____D C:\Users\unigl\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Aplikace Chrome
2024-02-11 18:38 - 2023-09-01 12:24 - 000000000 ____D C:\WINDOWS\registration
2024-02-08 09:15 - 2024-01-22 04:55 - 006943344 _____ (NVIDIA Corporation) C:\WINDOWS\system32\nvapi64.dll
2024-02-06 14:13 - 2023-09-01 11:47 - 000333136 _____ C:\WINDOWS\system32\FNTCACHE.DAT
2024-02-06 14:12 - 2023-09-01 17:33 - 000000000 ____D C:\Program Files\Microsoft OneDrive
2024-02-02 16:28 - 2023-09-01 12:06 - 000000000 ___RD C:\Users\unigl\OneDrive
2024-02-01 22:23 - 2023-09-01 11:55 - 000003716 _____ C:\WINDOWS\system32\Tasks\MicrosoftEdgeUpdateTaskMachineUA{19C3585E-E7D3-455E-852F-E553EF928B93}
2024-02-01 22:23 - 2023-09-01 11:55 - 000003592 _____ C:\WINDOWS\system32\Tasks\MicrosoftEdgeUpdateTaskMachineCore{0C9914C2-5F8B-4AC7-9971-8D2D4818A0AB}
2024-02-01 00:58 - 2023-10-12 08:30 - 000003844 _____ C:\WINDOWS\system32\Tasks\GoogleUpdateTaskMachineUA{527DC2E4-1B68-4EF5-A0E0-AF25E9D62FB8}
2024-02-01 00:58 - 2023-10-12 08:30 - 000003720 _____ C:\WINDOWS\system32\Tasks\GoogleUpdateTaskMachineCore{5F370170-0F3C-4C5B-A2E8-95DCBC4EA4D0}
2024-01-29 00:07 - 2023-09-04 09:57 - 000000000 ____D C:\Users\unigl\.ms-ad
2024-01-24 16:45 - 2023-09-01 12:24 - 000000000 ____D C:\WINDOWS\UUS
2024-01-24 16:45 - 2023-09-01 12:24 - 000000000 ____D C:\WINDOWS\SysWOW64\WinMetadata
2024-01-24 16:45 - 2023-09-01 12:24 - 000000000 ____D C:\WINDOWS\SysWOW64\setup
2024-01-24 16:45 - 2023-09-01 12:24 - 000000000 ____D C:\WINDOWS\system32\WinMetadata
2024-01-24 16:45 - 2023-09-01 12:24 - 000000000 ____D C:\WINDOWS\system32\setup
2024-01-24 16:45 - 2023-09-01 12:24 - 000000000 ____D C:\WINDOWS\system32\SecureBootUpdates
2024-01-24 16:45 - 2023-09-01 12:24 - 000000000 ____D C:\WINDOWS\system32\oobe
2024-01-24 16:45 - 2023-09-01 12:24 - 000000000 ____D C:\WINDOWS\system32\appraiser
2024-01-24 16:45 - 2023-09-01 12:24 - 000000000 ____D C:\WINDOWS\ShellComponents
2024-01-24 16:45 - 2023-09-01 12:24 - 000000000 ____D C:\WINDOWS\Provisioning
2024-01-24 16:45 - 2023-09-01 12:24 - 000000000 ____D C:\WINDOWS\BrowserCore
2024-01-23 15:12 - 2023-09-01 12:06 - 000000000 ____D C:\Users\unigl\OneDrive\Dokumenty\Scanned Documents
==================== Files in the root of some directories ========
2023-10-12 21:34 - 2023-11-28 15:57 - 000007627 _____ () C:\Users\unigl\AppData\Local\Resmon.ResmonCfg
==================== SigCheck ============================
(There is no automatic fix for files that do not pass verification.)
==================== End of FRST.txt ========================
Ran by unigl (administrator) on GOGO_PC (Dell Inc. G3 3590) (22-02-2024 12:41:11)
Running from C:\Users\unigl\Desktop\FRST64.exe
Loaded Profiles: unigl
Platform: Microsoft Windows 11 Home Version 23H2 22631.3155 (X64) Language: Čeština (Česko)
Default browser: Chrome
Boot Mode: Normal
==================== Processes (Whitelisted) =================
(If an entry is included in the fixlist, the process will be closed. The file will not be moved.)
(Adobe Inc. -> Adobe Systems Incorporated) C:\Program Files\Adobe\Acrobat DC\Acrobat\AdobeCollabSync.exe <2>
(A-Volute SAS -> A-Volute) C:\Windows\System32\NhNotifSys.exe
(C:\Program Files\Microsoft Office\root\Office16\OUTLOOK.EXE ->) (Microsoft Corporation -> Microsoft Corporation) C:\Program Files\Microsoft Office\root\vfs\ProgramFilesCommonX64\Microsoft Shared\OFFICE16\ai.exe
(DriverStore\FileRepository\dptf_cpu.inf_amd64_c2c5b0e17a28a48f\esif_uf.exe ->) (Intel Corporation -> Intel Corporation) C:\Windows\System32\DriverStore\FileRepository\dptf_cpu.inf_amd64_c2c5b0e17a28a48f\dptf_helper.exe
(explorer.exe ->) (Microsoft Corporation -> Microsoft Corporation) C:\Program Files\Microsoft Office\root\Office16\OUTLOOK.EXE
(Google LLC -> Google LLC) C:\Program Files (x86)\Google\Update\1.3.36.372\GoogleCrashHandler.exe
(Google LLC -> Google LLC) C:\Program Files (x86)\Google\Update\1.3.36.372\GoogleCrashHandler64.exe
(services.exe ->) (Adobe Inc. -> Adobe Inc.) C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\armsvc.exe
(services.exe ->) (A-Volute SAS -> Nahimic) C:\Windows\System32\NahimicService.exe
(services.exe ->) (Electronic Arts, Inc. -> Electronic Arts) C:\Program Files\Electronic Arts\EA Desktop\EA Desktop\EABackgroundService.exe
(services.exe ->) (Flexera Software LLC -> Flexera) C:\Program Files\Common Files\Macrovision Shared\FlexNet Publisher\FNPLicensingService64.exe
(services.exe ->) (Intel Corporation -> Intel Corporation) C:\Windows\System32\DriverStore\FileRepository\dptf_cpu.inf_amd64_c2c5b0e17a28a48f\esif_uf.exe
(services.exe ->) (Intel Corporation -> Intel Corporation) C:\Windows\System32\DriverStore\FileRepository\iastorac.inf_amd64_d6e4236a0f82e7b4\RstMwService.exe
(services.exe ->) (Intel Corporation -> Intel Corporation) C:\Windows\System32\DriverStore\FileRepository\igcc_dch.inf_amd64_9cf4db1a1fd1b22d\OneApp.IGCC.WinService.exe
(services.exe ->) (Intel Corporation -> Intel Corporation) C:\Windows\System32\DriverStore\FileRepository\iigd_dch.inf_amd64_4de65d949492707a\IntelCpHDCPSvc.exe
(services.exe ->) (Intel Corporation -> Intel Corporation) C:\Windows\System32\DriverStore\FileRepository\iigd_dch.inf_amd64_4de65d949492707a\IntelCpHeciSvc.exe
(services.exe ->) (Intel(R) Embedded Subsystems and IP Blocks Group -> Intel Corporation) C:\Windows\System32\DriverStore\FileRepository\dal.inf_amd64_b5484efd38adbe8d\jhi_service.exe
(services.exe ->) (Intel(R) Embedded Subsystems and IP Blocks Group -> Intel Corporation) C:\Windows\System32\DriverStore\FileRepository\lms.inf_amd64_dd349ca1e8d98184\LMS.exe
(services.exe ->) (Microsoft Corporation -> Microsoft Corporation) C:\Program Files\Common Files\microsoft shared\ClickToRun\OfficeClickToRun.exe
(services.exe ->) (Microsoft Corporation -> Microsoft Corporation) C:\Windows\System32\GameInputSvc.exe <2>
(services.exe ->) (Microsoft Corporation -> Microsoft Corporation) C:\Windows\System32\WirelessKB850NotificationService.exe
(services.exe ->) (Microsoft Windows Hardware Compatibility Publisher -> ) C:\Windows\System32\drivers\SessionService.exe
(services.exe ->) (Microsoft Windows Hardware Compatibility Publisher -> Windows (R) Win 7 DDK provider) C:\Windows\System32\drivers\AdminService.exe
(services.exe ->) (Microsoft Windows Publisher -> Microsoft Corporation) C:\ProgramData\Microsoft\Windows Defender\Platform\4.18.23110.3-0\MsMpEng.exe
(services.exe ->) (Microsoft Windows Publisher -> Microsoft Corporation) C:\ProgramData\Microsoft\Windows Defender\Platform\4.18.23110.3-0\NisSrv.exe
(services.exe ->) (NVIDIA Corporation -> NVIDIA Corporation) C:\Windows\System32\DriverStore\FileRepository\nvdmi.inf_amd64_bf6d2a134ab6747a\Display.NvContainer\NVDisplay.Container.exe <2>
(services.exe ->) (Qualcomm Atheros, Inc. -> ) C:\Windows\System32\drivers\QcomWlanSrvx64.exe
(services.exe ->) (Realtek Semiconductor Corp. -> Realtek Semiconductor) C:\Windows\System32\DriverStore\FileRepository\realtekservice.inf_amd64_fdd83e4dd87bcfa1\RtkAudUService64.exe
(services.exe ->) (Smart Sound Technology -> Intel) C:\Windows\System32\cAVS\Intel(R) Audio Service\IntelAudioService.exe
(svchost.exe ->) (Microsoft Corporation -> Microsoft Corporation) C:\Program Files\WindowsApps\Microsoft.GamingApp_2401.1001.10.0_x64__8wekyb3d8bbwe\XboxGameBarWidgets.exe
(svchost.exe ->) (Microsoft Corporation -> Microsoft Corporation) C:\Program Files\WindowsApps\Microsoft.GamingApp_2401.1001.10.0_x64__8wekyb3d8bbwe\XboxPcAppFT.exe
(svchost.exe ->) (Microsoft Corporation -> Microsoft Corporation) C:\Program Files\WindowsApps\Microsoft.XboxGamingOverlay_6.124.1221.0_x64__8wekyb3d8bbwe\GameBar.exe
(svchost.exe ->) (Microsoft Corporation -> Microsoft Corporation) C:\Program Files\WindowsApps\Microsoft.XboxGamingOverlay_6.124.1221.0_x64__8wekyb3d8bbwe\GameBarFTServer.exe
(svchost.exe ->) (Microsoft Windows -> ) C:\Program Files\WindowsApps\MicrosoftWindows.Client.WebExperience_424.1301.140.0_x64__cw5n1h2txyewy\Dashboard\WidgetService.exe
(svchost.exe ->) (Microsoft Windows -> Microsoft Corporation) C:\Windows\ImmersiveControlPanel\SystemSettings.exe
(svchost.exe ->) (Microsoft Windows -> Microsoft Corporation) C:\Windows\System32\DataExchangeHost.exe
(svchost.exe ->) (Microsoft Windows -> Microsoft Corporation) C:\Windows\System32\dllhost.exe
(svchost.exe ->) (Microsoft Windows -> Microsoft Corporation) C:\Windows\System32\smartscreen.exe
(svchost.exe ->) (Microsoft Windows -> Microsoft Corporation) C:\Windows\UUS\Packages\Preview\amd64\MoUsoCoreWorker.exe
(svchost.exe ->) (Microsoft Windows -> Microsoft Corporation) C:\Windows\WinSxS\amd64_microsoft-windows-servicingstack_31bf3856ad364e35_10.0.22621.3073_none_e9771ec042bad855\TiWorker.exe
==================== Registry (Whitelisted) ===================
(If an entry is included in the fixlist, the registry item will be restored to default or removed. The file will not be moved.)
HKLM\...\Run: [RtkAudUService] => C:\Windows\System32\RtkAudUService64.exe [873976 2019-05-02] (Realtek Semiconductor Corp. -> Realtek Semiconductor)
HKLM\Software\Microsoft\Active Setup\Installed Components: [{8A69D345-D564-463c-AFF1-A69D9E530F96}] -> C:\Program Files\Google\Chrome\Application\121.0.6167.187\Installer\chrmstp.exe [2024-02-22] (Google LLC -> Google LLC)
HKLM\Software\...\Authentication\Credential Providers: [{C885AA15-1764-4293-B82A-0586ADD46B35}] ->
==================== Scheduled Tasks (Whitelisted) =================
(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)
Task: {1465500d-a209-4108-842c-089ebad64693} - no filepath. <==== ATTENTION
Task: {2cbbfda8-4b0c-49ac-85a7-8818410a0893} - no filepath. <==== ATTENTION
Task: {2fcca34f-ecc2-44b4-ad7e-3da6176209ba} - no filepath. <==== ATTENTION
Task: {415ff2d6-e7d8-412a-a347-9f908923de20} - no filepath. <==== ATTENTION
Task: {7dd9f761-c13c-4526-8281-99a1c0e60012} - no filepath. <==== ATTENTION
Task: {F1F00F8A-E352-412A-8CA2-E90FA7BB8589} - \Microsoft\Windows\UpdateOrchestrator\USO_UxBroker -> No File <==== ATTENTION
Task: {1FA7DD15-9360-48E6-B508-BAE31EABFA0E} - System32\Tasks\Adobe Acrobat Update Task => C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\AdobeARM.exe [1547208 2024-01-31] (Adobe Inc. -> Adobe Inc.)
Task: {687CB701-A669-4CF8-B70E-80059B603892} - System32\Tasks\GoogleUpdateTaskMachineCore{5F370170-0F3C-4C5B-A2E8-95DCBC4EA4D0} => C:\Program Files (x86)\Google\Update\GoogleUpdate.exe [162080 2023-10-12] (Google LLC -> Google LLC)
Task: {D48CF43E-0C21-48A8-B053-A6822F8C6AB5} - System32\Tasks\GoogleUpdateTaskMachineUA{527DC2E4-1B68-4EF5-A0E0-AF25E9D62FB8} => C:\Program Files (x86)\Google\Update\GoogleUpdate.exe [162080 2023-10-12] (Google LLC -> Google LLC)
Task: {60F4808A-B05C-41DF-A608-9653F850B229} - System32\Tasks\Microsoft\Office\Office Automatic Updates 2.0 => C:\Program Files\Common Files\Microsoft Shared\ClickToRun\OfficeC2RClient.exe [28372672 2024-02-10] (Microsoft Corporation -> Microsoft Corporation)
Task: {C7684857-0539-4910-9574-1E7E8EE5C3FA} - System32\Tasks\Microsoft\Office\Office ClickToRun Service Monitor => C:\Program Files\Common Files\Microsoft Shared\ClickToRun\OfficeC2RClient.exe [28372672 2024-02-10] (Microsoft Corporation -> Microsoft Corporation)
Task: {B7180413-5674-4717-961F-C67F2601760C} - System32\Tasks\Microsoft\Office\Office Feature Updates => C:\Program Files\Microsoft Office\root\Office16\sdxhelper.exe [306328 2024-02-16] (Microsoft Corporation -> Microsoft Corporation)
Task: {0813B751-3A92-4ADF-856B-7AC59E6EEF9E} - System32\Tasks\Microsoft\Office\Office Feature Updates Logon => C:\Program Files\Microsoft Office\root\Office16\sdxhelper.exe [306328 2024-02-16] (Microsoft Corporation -> Microsoft Corporation)
Task: {CE4E6670-4117-4B79-A127-67C4FC676EAE} - System32\Tasks\Microsoft\Office\Office Performance Monitor => C:\Program Files\Microsoft Office\root\VFS\ProgramFilesCommonX64\Microsoft Shared\Office16\operfmon.exe [170128 2024-02-02] (Microsoft Corporation -> Microsoft Corporation)
Task: {45CF73C8-9A94-47C5-8E45-347738A58FC5} - System32\Tasks\Microsoft\Windows\Mobile Broadband Accounts\MNO Metadata Parser => %SystemRoot%\System32\MbaeParserTask.exe (No File)
Task: {7F77C5FC-9809-44DC-B1A7-71E84501BDFE} - System32\Tasks\Microsoft\Windows\Windows Defender\Windows Defender Cache Maintenance => C:\ProgramData\Microsoft\Windows Defender\Platform\4.18.23110.3-0\MpCmdRun.exe [1608808 2023-12-07] (Microsoft Windows Publisher -> Microsoft Corporation)
Task: {1C6D182A-656B-49C8-BCC2-1FC2EBCC5C6A} - System32\Tasks\Microsoft\Windows\Windows Defender\Windows Defender Cleanup => C:\ProgramData\Microsoft\Windows Defender\Platform\4.18.23110.3-0\MpCmdRun.exe [1608808 2023-12-07] (Microsoft Windows Publisher -> Microsoft Corporation)
Task: {2649DECD-8B36-4240-9CF8-9ABAE04548E3} - System32\Tasks\Microsoft\Windows\Windows Defender\Windows Defender Scheduled Scan => C:\ProgramData\Microsoft\Windows Defender\Platform\4.18.23110.3-0\MpCmdRun.exe [1608808 2023-12-07] (Microsoft Windows Publisher -> Microsoft Corporation)
Task: {05ADFD6F-60A7-4A37-8F60-ED2E2C4A61CA} - System32\Tasks\Microsoft\Windows\Windows Defender\Windows Defender Verification => C:\ProgramData\Microsoft\Windows Defender\Platform\4.18.23110.3-0\MpCmdRun.exe [1608808 2023-12-07] (Microsoft Windows Publisher -> Microsoft Corporation)
Task: {8FB98E2B-31C5-49F1-9485-5B71E21857A3} - System32\Tasks\NvProfileUpdaterDaily_{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8} => C:\Program Files\NVIDIA Corporation\Update Core\NvProfileUpdater64.exe [910888 2023-11-02] (NVIDIA Corporation -> NVIDIA Corporation)
Task: {9B6C834C-C817-4BBE-8F08-D63B814969F4} - System32\Tasks\NvProfileUpdaterOnLogon_{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8} => C:\Program Files\NVIDIA Corporation\Update Core\NvProfileUpdater64.exe [910888 2023-11-02] (NVIDIA Corporation -> NVIDIA Corporation)
Task: {DF80E7CC-786E-4671-8ABF-D45F5C27227A} - System32\Tasks\Opera scheduled Autoupdate 1706874079 => C:\Users\unigl\AppData\Local\Programs\Opera\launcher.exe [2350496 2024-01-31] (Opera Norway AS -> Opera Software)
(If an entry is included in the fixlist, the task (.job) file will be moved. The file which is running by the task will not be moved.)
==================== Internet (Whitelisted) ====================
(If an item is included in the fixlist, if it is a registry item it will be removed or restored to default.)
Tcpip\Parameters: [DhcpNameServer] 10.0.0.138
Tcpip\..\Interfaces\{769a924c-b032-4a2c-a940-8b6e91c50654}: [NameServer] 8.8.8.8,8.8.4.4
Tcpip\..\Interfaces\{769a924c-b032-4a2c-a940-8b6e91c50654}: [DhcpNameServer] 10.0.0.138
Tcpip\..\Interfaces\{8ca6bab5-7671-435b-bda0-da848df7c0ce}: [DhcpNameServer] 10.0.0.138
Edge:
=======
Edge Profile: C:\Users\unigl\AppData\Local\Microsoft\Edge\User Data\Default [2024-02-13]
Edge Extension: (Dokumenty Google offline) - C:\Users\unigl\AppData\Local\Microsoft\Edge\User Data\Default\Extensions\ghbmnnjooekpmoecnnnilnnbdlolhkhi [2024-02-03]
Edge Extension: (Edge relevant text changes) - C:\Users\unigl\AppData\Local\Microsoft\Edge\User Data\Default\Extensions\jmjflgjpcpepeafmmgdpfkogkghcpiha [2024-02-10]
FireFox:
========
FF Plugin: @microsoft.com/SharePoint,version=14.0 -> C:\Program Files\Microsoft Office\root\Office16\NPSPWRAP.DLL [2024-02-02] (Microsoft Corporation -> Microsoft Corporation)
FF Plugin: Adobe Acrobat -> C:\Program Files\Adobe\Acrobat DC\Acrobat\Air\nppdf32.dll [2024-02-10] (Adobe Inc. -> Adobe Systems Inc.)
FF Plugin-x32: @microsoft.com/SharePoint,version=14.0 -> C:\Program Files\Microsoft Office\root\VFS\ProgramFilesX86\Microsoft Office\Office16\NPSPWRAP.DLL [2024-02-02] (Microsoft Corporation -> Microsoft Corporation)
Chrome:
=======
CHR DefaultProfile: Default
CHR Profile: C:\Users\unigl\AppData\Local\Google\Chrome\User Data\Default [2024-02-22]
CHR HomePage: Default -> hxxp://www.ask.com/?l=dis&o=41648005cr&gct=hp
CHR StartupUrls: Default -> "hxxp://www.google.com/"
CHR Session Restore: Default -> is enabled.
CHR Extension: (Adobe Acrobat: nástroje pro úpravu, převod a podpis souborů PDF) - C:\Users\unigl\AppData\Local\Google\Chrome\User Data\Default\Extensions\efaidnbmnnnibpcajpcglclefindmkaj [2024-02-01]
CHR Extension: (Dokumenty Google offline) - C:\Users\unigl\AppData\Local\Google\Chrome\User Data\Default\Extensions\ghbmnnjooekpmoecnnnilnnbdlolhkhi [2024-02-20]
CHR Extension: (LastPass: Free Password Manager) - C:\Users\unigl\AppData\Local\Google\Chrome\User Data\Default\Extensions\hdokiejnpimakedhajhdlcegeplioahd [2024-02-20]
CHR Extension: (Chrome Remote Desktop) - C:\Users\unigl\AppData\Local\Google\Chrome\User Data\Default\Extensions\inomeogfingihgjfjlpeplalcfajhgai [2023-09-01]
CHR Extension: (Rozšíření pro webové stránky - WP Screenshot) - C:\Users\unigl\AppData\Local\Google\Chrome\User Data\Default\Extensions\mhnppmochppgeilojkicdoghhgfnaaig [2023-09-01]
CHR Extension: (Úžasný snímek obrazovky a záznam obrazovky) - C:\Users\unigl\AppData\Local\Google\Chrome\User Data\Default\Extensions\nlipoenfbbikpbjkfpfillcgkoblgpmj [2024-02-21]
CHR Extension: (Platby Internetového obchodu Chrome) - C:\Users\unigl\AppData\Local\Google\Chrome\User Data\Default\Extensions\nmmhkkegccagdldgiimedpiccmgmieda [2023-09-01]
CHR Extension: (Snímání obrazovky - Nástroj pro snímání obrazovky) - C:\Users\unigl\AppData\Local\Google\Chrome\User Data\Default\Extensions\pmnphobdokkajkpbkajlaiooipfcpgio [2024-02-02]
CHR Profile: C:\Users\unigl\AppData\Local\Google\Chrome\User Data\Profile 1 [2024-02-22]
CHR Extension: (Adobe Acrobat: nástroje pro úpravu, převod a podpis souborů PDF) - C:\Users\unigl\AppData\Local\Google\Chrome\User Data\Profile 1\Extensions\efaidnbmnnnibpcajpcglclefindmkaj [2024-02-13]
CHR Extension: (Dokumenty Google offline) - C:\Users\unigl\AppData\Local\Google\Chrome\User Data\Profile 1\Extensions\ghbmnnjooekpmoecnnnilnnbdlolhkhi [2023-10-18]
CHR Extension: (Platby Internetového obchodu Chrome) - C:\Users\unigl\AppData\Local\Google\Chrome\User Data\Profile 1\Extensions\nmmhkkegccagdldgiimedpiccmgmieda [2023-09-08]
CHR Profile: C:\Users\unigl\AppData\Local\Google\Chrome\User Data\Profile 2 [2024-02-22]
CHR Extension: (Adobe Acrobat: nástroje pro úpravu, převod a podpis souborů PDF) - C:\Users\unigl\AppData\Local\Google\Chrome\User Data\Profile 2\Extensions\efaidnbmnnnibpcajpcglclefindmkaj [2023-12-14]
CHR Extension: (Dokumenty Google offline) - C:\Users\unigl\AppData\Local\Google\Chrome\User Data\Profile 2\Extensions\ghbmnnjooekpmoecnnnilnnbdlolhkhi [2023-10-18]
CHR Extension: (Platby Internetového obchodu Chrome) - C:\Users\unigl\AppData\Local\Google\Chrome\User Data\Profile 2\Extensions\nmmhkkegccagdldgiimedpiccmgmieda [2023-10-18]
CHR Profile: C:\Users\unigl\AppData\Local\Google\Chrome\User Data\System Profile [2024-02-22]
CHR HKU\S-1-5-21-4206321900-3256822646-2102545685-1001\SOFTWARE\Google\Chrome\Extensions\...\Chrome\Extension: [efaidnbmnnnibpcajpcglclefindmkaj]
CHR HKLM-x32\...\Chrome\Extension: [efaidnbmnnnibpcajpcglclefindmkaj]
Opera:
=======
OPR DefaultProfile: Default
==================== Services (Whitelisted) ===================
(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)
"MpKsla06c1369" => service could not be unlocked. <==== ATTENTION
HKLM\SYSTEM\ControlSet001\Services\MpKsla06c1369 => \??\C:\ProgramData\Microsoft\Windows Defender\Definition Updates\{DE539A92-ED9F-46A6-A2BB-644568167F33}\MpKslDrv.sys <==== ATTENTION (Rootkit!/Locked Service)
R2 AdobeARMservice; C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\armsvc.exe [172992 2024-01-31] (Adobe Inc. -> Adobe Inc.)
S3 chromoting; C:\Program Files (x86)\Google\Chrome Remote Desktop\122.0.6261.0\remoting_host.exe [73504 2024-01-23] (Google LLC -> Google LLC)
R3 ClickToRunSvc; C:\Program Files\Common Files\Microsoft Shared\ClickToRun\OfficeClickToRun.exe [14048768 2024-02-10] (Microsoft Corporation -> Microsoft Corporation)
S3 DraftSight API Service; C:\Program Files\Dassault Systemes\DraftSight\bin\dsHttpApiService.exe [132384 2023-05-11] (DASSAULT SYSTEMES SE -> Dassault Systèmes)
S3 EAAntiCheatService; C:\Program Files\EA\AC\eaanticheat.gameservice.exe [53217096 2024-02-14] (Electronic Arts, Inc. -> Electronic Arts)
R3 EABackgroundService; C:\Program Files\Electronic Arts\EA Desktop\EA Desktop\EABackgroundService.exe [12094568 2024-02-21] (Electronic Arts, Inc. -> Electronic Arts)
R2 NahimicService; C:\WINDOWS\system32\NahimicService.exe [1926840 2022-07-15] (A-Volute SAS -> Nahimic)
R2 NVDisplay.ContainerLocalSystem; C:\WINDOWS\System32\DriverStore\FileRepository\nvdmi.inf_amd64_bf6d2a134ab6747a\Display.NvContainer\NVDisplay.Container.exe [1275528 2024-02-08] (NVIDIA Corporation -> NVIDIA Corporation)
R2 QcomWlanSrv; C:\WINDOWS\System32\drivers\QcomWlanSrvx64.exe [188728 2022-01-23] (Qualcomm Atheros, Inc. -> )
R3 WdNisSvc; C:\ProgramData\Microsoft\Windows Defender\Platform\4.18.23110.3-0\NisSrv.exe [3174840 2023-12-07] (Microsoft Windows Publisher -> Microsoft Corporation)
R2 WinDefend; C:\ProgramData\Microsoft\Windows Defender\Platform\4.18.23110.3-0\MsMpEng.exe [133592 2023-12-07] (Microsoft Windows Publisher -> Microsoft Corporation)
R2 WirelessKB850NotificationService; C:\WINDOWS\System32\WirelessKB850NotificationService.exe [176624 2018-05-14] (Microsoft Corporation -> Microsoft Corporation)
===================== Drivers (Whitelisted) ===================
(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)
R1 Amfilter; C:\WINDOWS\System32\drivers\Amfltx64.sys [12288 2023-05-23] (Microsoft Windows Hardware Compatibility Publisher -> (Standard mouse types))
R3 Amps2prt; C:\WINDOWS\System32\drivers\Amps2x64.sys [21504 2023-05-23] (Microsoft Windows Hardware Compatibility Publisher -> (Standard mouse types))
S3 Amusbprt; C:\WINDOWS\System32\drivers\Amusbx64.sys [17920 2023-05-23] (Microsoft Windows Hardware Compatibility Publisher -> A4Tech Co.,Ltd.)
S3 AWCCDriver; C:\WINDOWS\System32\drivers\AWCCDriver.sys [43496 2023-04-09] (IndiLogic LLC -> Dell Inc.)
S3 DDDriver; C:\WINDOWS\System32\drivers\dddriver64Dcsa.sys [36728 2019-05-21] (Microsoft Windows Hardware Compatibility Publisher -> Dell Inc.)
S3 DellInstrumentation; C:\WINDOWS\System32\drivers\DellInstrumentation.sys [46640 2023-08-29] (Microsoft Windows Hardware Compatibility Publisher -> Dell)
S3 dg_ssudbus; C:\WINDOWS\System32\drivers\ssudbus2.sys [167440 2022-09-30] (Samsung Electronics CO., LTD. -> Samsung Electronics Co., Ltd.)
R3 MpKsleaeb8ecc; C:\ProgramData\Microsoft\Windows Defender\Definition Updates\{E03CE832-C6AC-4A33-98EA-458156B6801A}\MpKslDrv.sys [272664 2024-02-22] (Microsoft Windows -> Microsoft Corporation)
S1 ndextlag; C:\WINDOWS\system32\DRIVERS\ndextlag.sys [59696 2023-03-16] (WHIMSTERS FINANCIAL SOLUTIONS LTD -> Skowsand Tecnologia LTDA)
S3 ScpVBus; C:\WINDOWS\System32\drivers\ScpVBus.sys [39168 2013-05-19] (Bruce James -> Scarlet.Crush Productions)
S3 ssudqcfilter; C:\WINDOWS\System32\drivers\ssudqcfilter.sys [76832 2022-09-30] (Samsung Electronics CO., LTD. -> QUALCOMM Incorporated)
R1 steamxbox; C:\WINDOWS\System32\drivers\steamxbox.sys [278208 2023-02-21] (Valve Corp. -> Valve Corporation)
S0 WdBoot; C:\WINDOWS\System32\drivers\wd\WdBoot.sys [55856 2023-12-07] (Microsoft Windows Early Launch Anti-malware Publisher -> Microsoft Corporation)
R0 WdFilter; C:\WINDOWS\System32\drivers\wd\WdFilter.sys [594304 2023-12-07] (Microsoft Windows -> Microsoft Corporation)
R3 WdNisDrv; C:\WINDOWS\System32\drivers\wd\WdNisDrv.sys [105856 2023-12-07] (Microsoft Windows -> Microsoft Corporation)
S3 WOVAD; C:\WINDOWS\System32\drivers\womic.sys [51192 2022-01-14] (Microsoft Windows Hardware Compatibility Publisher -> Windows (R) Win 7 DDK provider)
S3 DellWAL; \??\C:\Program Files\Dell\DellDataVault\DDDriver64Dcsa.sys [X]
S3 EAAntiCheat; system32\drivers\eaanticheat.sys [X]
==================== NetSvcs (Whitelisted) ===================
(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)
==================== One month (created) (Whitelisted) =========
(If an entry is included in the fixlist, the file/folder will be moved.)
2024-02-22 12:41 - 2024-02-22 12:41 - 000021847 _____ C:\Users\unigl\Desktop\FRST.txt
2024-02-22 12:39 - 2024-02-22 12:39 - 000020438 _____ C:\Users\unigl\Downloads\[SkT]Prince_of_Persia_The_Lost_Crown_2024__Deluxe_Edition_Nintendo_Switch_Emulator_.torrent
2024-02-22 10:42 - 2024-02-22 10:42 - 000728678 _____ C:\WINDOWS\system32\perfh005.dat
2024-02-22 10:42 - 2024-02-22 10:42 - 000151894 _____ C:\WINDOWS\system32\perfc005.dat
2024-02-22 10:35 - 2024-02-22 10:35 - 000000008 _____ C:\ProgramData\ntuser.pol
2024-02-22 10:20 - 2024-02-22 12:41 - 000000000 ____D C:\FRST
2024-02-22 10:19 - 2024-02-22 10:19 - 002386944 _____ (Farbar) C:\Users\unigl\Desktop\FRST64.exe
2024-02-22 02:25 - 2024-02-22 02:25 - 000000000 ____D C:\WINDOWS\pss
2024-02-22 02:18 - 2024-02-22 02:18 - 000000000 ____D C:\Users\unigl\AppData\Local\ElevatedDiagnostics
2024-02-21 15:18 - 2024-02-21 20:59 - 000000000 ____D C:\Users\unigl\OneDrive\Dokumenty\FC 24
2024-02-20 04:17 - 2024-02-20 04:17 - 000000000 ____D C:\Users\unigl\AppData\Local\WayOfTheHunter
2024-02-20 00:30 - 2024-02-20 00:30 - 000000860 _____ C:\Users\Public\Desktop\Way of the Hunter.lnk
2024-02-20 00:30 - 2024-02-20 00:30 - 000000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Way of the Hunter [GOG.com]
2024-02-20 00:29 - 2024-02-20 00:29 - 000000000 ____D C:\ProgramData\GOG.com
2024-02-19 15:22 - 2024-02-19 15:22 - 000000000 ____D C:\Users\unigl\AppData\LocalLow\Messenger
2024-02-19 15:22 - 2024-02-19 15:22 - 000000000 ____D C:\Users\unigl\AppData\Local\Messenger
2024-02-19 14:38 - 2024-02-21 15:19 - 000000000 ____D C:\Program Files\EA
2024-02-19 14:38 - 2024-02-19 14:38 - 000001200 _____ C:\Users\Public\Desktop\EA SPORTS FC 24.lnk
2024-02-19 14:38 - 2024-02-19 14:38 - 000000000 ___HD C:\Program Files\Common Files\EAInstaller
2024-02-19 14:38 - 2024-02-19 14:38 - 000000000 ____D C:\ProgramData\eaanticheat
2024-02-19 13:26 - 2024-02-21 22:22 - 000000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\EA
2024-02-19 13:26 - 2024-02-21 22:22 - 000000000 ____D C:\ProgramData\EA Desktop
2024-02-19 13:26 - 2024-02-19 13:26 - 000000000 ____D C:\Users\unigl\AppData\Local\Electronic Arts
2024-02-19 13:26 - 2024-02-19 13:26 - 000000000 ____D C:\Users\unigl\AppData\Local\EADesktop
2024-02-17 14:23 - 2024-02-17 14:23 - 000000000 ____D C:\Users\unigl\OneDrive\Dokumenty\CPY_SAVES
2024-02-16 13:38 - 2024-02-16 13:38 - 000000000 ____D C:\Program Files\Common Files\DESIGNER
2024-02-16 13:01 - 2024-02-16 13:01 - 000000651 _____ C:\Users\Public\Desktop\Steam.lnk
2024-02-16 13:01 - 2024-02-16 13:01 - 000000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Steam
2024-02-16 10:35 - 2024-02-19 15:26 - 000000000 ____D C:\WINDOWS\system32\Tasks\Meta
2024-02-16 10:34 - 2024-02-16 10:34 - 000000000 ____D C:\Users\unigl\AppData\Local\messenger-updater
2024-02-14 10:14 - 2024-02-14 10:15 - 000000000 ___HD C:\$WinREAgent
2024-02-13 15:22 - 2024-02-08 09:25 - 002095464 _____ C:\WINDOWS\system32\vulkaninfo-1-999-0-0-0.exe
2024-02-13 15:22 - 2024-02-08 09:25 - 002095464 _____ C:\WINDOWS\system32\vulkaninfo.exe
2024-02-13 15:22 - 2024-02-08 09:25 - 001655656 _____ C:\WINDOWS\SysWOW64\vulkaninfo-1-999-0-0-0.exe
2024-02-13 15:22 - 2024-02-08 09:25 - 001655656 _____ C:\WINDOWS\SysWOW64\vulkaninfo.exe
2024-02-13 15:22 - 2024-02-08 09:25 - 001278824 _____ C:\WINDOWS\SysWOW64\vulkan-1-999-0-0-0.dll
2024-02-13 15:22 - 2024-02-08 09:25 - 001278824 _____ C:\WINDOWS\SysWOW64\vulkan-1.dll
2024-02-13 15:22 - 2024-02-08 09:24 - 001487904 _____ (Khronos Group) C:\WINDOWS\system32\OpenCL.dll
2024-02-13 15:22 - 2024-02-08 09:24 - 001434368 _____ C:\WINDOWS\system32\vulkan-1-999-0-0-0.dll
2024-02-13 15:22 - 2024-02-08 09:24 - 001434368 _____ C:\WINDOWS\system32\vulkan-1.dll
2024-02-13 15:22 - 2024-02-08 09:24 - 001226760 _____ (Khronos Group) C:\WINDOWS\SysWOW64\OpenCL.dll
2024-02-13 15:22 - 2024-02-08 09:20 - 001542176 _____ (NVIDIA Corporation) C:\WINDOWS\system32\NvIFR64.dll
2024-02-13 15:22 - 2024-02-08 09:20 - 001199224 _____ (NVIDIA Corporation) C:\WINDOWS\SysWOW64\NvIFR.dll
2024-02-13 15:22 - 2024-02-08 09:20 - 001040920 _____ (NVIDIA Corporation) C:\WINDOWS\system32\nvml.dll
2024-02-13 15:22 - 2024-02-08 09:20 - 000670240 _____ (NVIDIA Corporation) C:\WINDOWS\system32\nvofapi64.dll
2024-02-13 15:22 - 2024-02-08 09:20 - 000505352 _____ (NVIDIA Corporation) C:\WINDOWS\SysWOW64\nvofapi.dll
2024-02-13 15:22 - 2024-02-08 09:19 - 002173984 _____ (NVIDIA Corporation) C:\WINDOWS\system32\NvFBC64.dll
2024-02-13 15:22 - 2024-02-08 09:19 - 001625096 _____ (NVIDIA Corporation) C:\WINDOWS\SysWOW64\NvFBC.dll
2024-02-13 15:22 - 2024-02-08 09:19 - 001024136 _____ (NVIDIA Corporation) C:\WINDOWS\system32\nvEncodeAPI64.dll
2024-02-13 15:22 - 2024-02-08 09:19 - 000842376 _____ (NVIDIA Corporation) C:\WINDOWS\system32\nvidia-smi.exe
2024-02-13 15:22 - 2024-02-08 09:19 - 000786960 _____ (NVIDIA Corporation) C:\WINDOWS\SysWOW64\nvEncodeAPI.dll
2024-02-13 15:21 - 2024-02-08 09:18 - 000459272 _____ (NVIDIA Corporation) C:\WINDOWS\system32\nvdebugdump.exe
2024-02-13 15:21 - 2024-02-08 09:17 - 016033312 _____ (NVIDIA Corporation) C:\WINDOWS\SysWOW64\nvcuvid.dll
2024-02-13 15:21 - 2024-02-08 09:17 - 012928648 _____ (NVIDIA Corporation) C:\WINDOWS\system32\nvcuvid.dll
2024-02-13 15:21 - 2024-02-08 09:17 - 006780424 _____ (NVIDIA Corporation) C:\WINDOWS\SysWOW64\nvcuda.dll
2024-02-13 15:21 - 2024-02-08 09:17 - 005909112 _____ (NVIDIA Corporation) C:\WINDOWS\system32\nvcpl.dll
2024-02-13 15:21 - 2024-02-08 09:17 - 005773448 _____ (NVIDIA Corporation) C:\WINDOWS\system32\nvcudadebugger.dll
2024-02-13 15:21 - 2024-02-08 09:17 - 003721232 _____ (NVIDIA Corporation) C:\WINDOWS\system32\nvcuda.dll
2024-02-13 15:21 - 2024-02-08 09:17 - 000853112 _____ (NVIDIA Corporation) C:\WINDOWS\system32\MCU.exe
2024-02-13 15:21 - 2024-02-08 09:15 - 006030992 _____ (NVIDIA Corporation) C:\WINDOWS\SysWOW64\nvapi.dll
2024-02-13 15:21 - 2024-02-07 23:49 - 000120261 _____ C:\WINDOWS\system32\nvinfo.pb
2024-02-13 12:21 - 2024-02-13 12:21 - 000002677 _____ C:\Users\unigl\Desktop\Vzdálená plocha Chrome.lnk
2024-02-13 02:18 - 2024-02-20 04:11 - 000000000 ____D C:\Users\unigl\AppData\Local\ChemTable Software
2024-02-11 14:22 - 2024-02-11 13:29 - 000809496 ____R (Creative Labs Inc.) C:\WINDOWS\SysWOW64\tmp6261.tmp
2024-02-11 13:59 - 2024-02-11 14:22 - 000000000 ____D C:\Users\unigl\OneDrive\Dokumenty\Ubisoft
2024-02-11 13:59 - 2024-02-11 14:22 - 000000000 ____D C:\Users\unigl\AppData\Local\SKIDROW
2024-02-11 13:38 - 2024-02-11 13:29 - 000809496 ____R (Creative Labs Inc.) C:\WINDOWS\SysWOW64\tmp2144.tmp
2024-02-11 13:38 - 2024-02-11 13:29 - 000809496 ____R (Creative Labs Inc.) C:\WINDOWS\SysWOW64\tmp2134.tmp
2024-02-10 23:14 - 2024-02-22 00:13 - 000000000 ____D C:\Users\unigl\Desktop\ISLC v1.0.3.0
2024-02-02 19:25 - 2024-02-02 19:25 - 000000000 ____D C:\Users\unigl\AppData\LocalLow\uTorrent.WebView2
2024-02-02 19:24 - 2024-02-02 19:24 - 000000937 _____ C:\Users\unigl\Desktop\µTorrent.lnk
2024-02-02 14:30 - 2024-02-12 22:48 - 000000000 ___HD C:\Users\unigl\.opera
2024-02-02 14:10 - 2024-02-20 12:33 - 000000000 ____D C:\Users\unigl\.fontconfig
2024-02-02 14:10 - 2024-02-02 14:10 - 000000000 ____D C:\Users\unigl\AppData\Local\converter
2024-02-02 14:09 - 2024-02-02 14:09 - 000012553 _____ C:\ProgramData\sguasgrp.vby
2024-02-02 14:09 - 2024-02-02 14:09 - 000000016 _____ C:\ProgramData\mntemp
2024-02-02 14:09 - 2024-02-02 14:09 - 000000000 ____D C:\Users\unigl\AppData\Local\Movavi
2024-02-02 14:09 - 2024-02-02 14:09 - 000000000 ____D C:\ProgramData\movavi
2024-02-02 14:04 - 2024-02-02 14:04 - 000000000 ____D C:\Program Files (x86)\WondershareUpdate
2024-02-02 14:03 - 2024-02-02 14:07 - 000000000 ____D C:\Users\unigl\AppData\Local\Wondershare
2024-02-02 14:03 - 2024-02-02 14:07 - 000000000 ____D C:\ProgramData\Wondershare
2024-02-02 14:03 - 2024-02-02 14:07 - 000000000 ____D C:\Program Files\Wondershare
2024-02-02 14:03 - 2024-02-02 14:04 - 000000000 ____D C:\Users\unigl\AppData\Roaming\Wondershare
2024-02-02 12:41 - 2024-02-13 02:27 - 000003632 _____ C:\WINDOWS\system32\Tasks\Opera scheduled Autoupdate 1706874079
2024-02-02 12:41 - 2024-02-02 12:41 - 000000000 ____D C:\Users\unigl\AppData\Local\Opera Software
2024-02-02 12:40 - 2024-02-02 12:40 - 000000000 ____D C:\Users\unigl\AppData\Roaming\Opera Software
2024-02-01 23:38 - 2024-02-21 22:32 - 000001911 _____ C:\Users\unigl\Desktop\EA.lnk
2024-02-01 23:33 - 2024-02-01 23:33 - 000001563 _____ C:\Users\unigl\Desktop\Zástupce Plocha (OneDrive - Osobní).lnk
2024-02-01 08:25 - 2024-02-20 12:33 - 000000000 ____D C:\EADesktopDev
2024-02-01 02:50 - 2024-01-18 12:32 - 000121880 _____ (NVIDIA Corporation) C:\WINDOWS\system32\Drivers\nvhda64v.sys
2024-01-29 02:19 - 2024-01-29 02:19 - 000000000 ____D C:\Users\unigl\AppData\Roaming\NVIDIA
2024-01-29 00:04 - 2024-02-21 22:19 - 000000000 ____D C:\Users\unigl\AppData\Local\NVIDIA Corporation
2024-01-29 00:04 - 2024-02-20 12:30 - 000003894 _____ C:\WINDOWS\system32\Tasks\NvProfileUpdaterDaily_{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}
2024-01-29 00:04 - 2024-02-20 12:30 - 000003654 _____ C:\WINDOWS\system32\Tasks\NvProfileUpdaterOnLogon_{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}
2024-01-24 16:41 - 2024-01-24 16:41 - 000019222 _____ C:\WINDOWS\SysWOW64\IntegratedServicesRegionPolicySet.json
2024-01-24 16:40 - 2024-01-24 16:40 - 000019222 _____ C:\WINDOWS\system32\IntegratedServicesRegionPolicySet.json
==================== One month (modified) ==================
(If an entry is included in the fixlist, the file/folder will be moved.)
2024-02-22 12:04 - 2023-10-12 08:30 - 000000000 ____D C:\Program Files (x86)\Google
2024-02-22 12:04 - 2023-09-01 12:24 - 000000000 ____D C:\WINDOWS\SystemTemp
2024-02-22 12:04 - 2023-09-01 12:06 - 000000000 ____D C:\Users\unigl\OneDrive\Dokumenty\Soubory aplikace Outlook
2024-02-22 12:03 - 2023-09-01 12:24 - 000000000 ____D C:\ProgramData\regid.1991-06.com.microsoft
2024-02-22 10:42 - 2023-09-01 12:24 - 000000000 ____D C:\WINDOWS\INF
2024-02-22 10:42 - 2023-09-01 11:55 - 001718876 _____ C:\WINDOWS\system32\PerfStringBackup.INI
2024-02-22 10:35 - 2023-12-10 11:31 - 000000000 ____D C:\ProgramData\NVIDIA
2024-02-22 10:35 - 2023-09-01 12:24 - 000000000 ____D C:\WINDOWS\ServiceState
2024-02-22 10:35 - 2023-09-01 11:54 - 000000006 ____H C:\WINDOWS\Tasks\SA.DAT
2024-02-22 10:35 - 2023-09-01 11:48 - 000000000 ____D C:\ProgramData\Goodix
2024-02-22 10:35 - 2023-09-01 11:47 - 000012288 ___SH C:\DumpStack.log.tmp
2024-02-22 10:34 - 2023-09-01 12:21 - 000524288 _____ C:\WINDOWS\system32\config\BBI
2024-02-22 10:34 - 2019-03-19 05:52 - 000000000 ___HD C:\WINDOWS\system32\GroupPolicy
2024-02-22 10:29 - 2023-09-01 11:47 - 000000000 ____D C:\WINDOWS\system32\SleepStudy
2024-02-22 10:26 - 2023-09-25 07:58 - 000000000 ____D C:\Users\unigl\AppData\LocalLow\Temp
2024-02-22 10:26 - 2023-09-01 14:50 - 000000000 ____D C:\Users\unigl\AppData\Local\CrashDumps
2024-02-22 02:04 - 2023-10-12 08:31 - 000002249 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Google Chrome.lnk
2024-02-22 02:04 - 2023-10-12 08:31 - 000002208 _____ C:\Users\Public\Desktop\Google Chrome.lnk
2024-02-21 22:43 - 2023-09-01 12:31 - 000000000 ____D C:\WINDOWS\Panther
2024-02-21 22:23 - 2023-09-01 12:22 - 000000000 ____D C:\WINDOWS\CbsTemp
2024-02-21 22:19 - 2019-10-04 10:41 - 000000000 ____D C:\Program Files\NVIDIA Corporation
2024-02-21 22:18 - 2023-12-10 11:31 - 000000000 ____D C:\Users\unigl\AppData\Local\NVIDIA
2024-02-21 22:18 - 2023-12-10 11:31 - 000000000 ____D C:\ProgramData\NVIDIA Corporation
2024-02-21 22:18 - 2019-10-04 10:42 - 000000000 ____D C:\Program Files (x86)\NVIDIA Corporation
2024-02-21 18:43 - 2023-09-01 12:00 - 000000000 ____D C:\Users\unigl
2024-02-21 18:15 - 2023-10-27 05:13 - 000000000 ____D C:\WINDOWS\Minidump
2024-02-21 18:15 - 2023-08-30 20:09 - 007814706 ____N C:\WINDOWS\Minidump\022124-10140-01.dmp
2024-02-21 17:23 - 2023-09-13 15:14 - 000000000 ____D C:\Users\unigl\AppData\Roaming\Microsoft\Excel
2024-02-21 15:10 - 2023-09-01 12:24 - 000000000 ___HD C:\Program Files\WindowsApps
2024-02-21 15:10 - 2023-09-01 12:24 - 000000000 ____D C:\WINDOWS\AppReadiness
2024-02-21 15:10 - 2023-09-01 12:04 - 000000000 ____D C:\Users\unigl\AppData\Local\Packages
2024-02-21 14:53 - 2023-09-27 09:56 - 000000000 ____D C:\Users\unigl\AppData\Roaming\uTorrent
2024-02-21 00:56 - 2023-09-01 15:39 - 000000000 ____D C:\ProgramData\Packer
2024-02-20 12:22 - 2019-10-04 11:07 - 000000000 ____D C:\ProgramData\Packages
2024-02-20 12:12 - 2023-12-10 11:41 - 000000000 ____D C:\Users\unigl\AppData\Local\D3DSCache
2024-02-20 08:44 - 2023-09-04 11:36 - 000000000 ____D C:\Users\unigl\AppData\Roaming\Microsoft\Word
2024-02-19 15:27 - 2023-09-04 09:57 - 000003542 _____ C:\WINDOWS\system32\Tasks\Adobe Acrobat Update Task
2024-02-19 14:43 - 2023-09-01 12:24 - 000000000 ____D C:\WINDOWS\LiveKernelReports
2024-02-19 13:28 - 2023-09-01 12:37 - 000000000 ____D C:\Program Files\EA Games
2024-02-19 13:26 - 2023-09-01 12:37 - 000000000 ____D C:\Program Files\Electronic Arts
2024-02-19 13:26 - 2019-10-04 10:34 - 000000000 ____D C:\ProgramData\Package Cache
2024-02-17 14:16 - 2023-09-01 12:05 - 000000000 ____D C:\Users\unigl\AppData\Local\PlaceholderTileLogoFolder
2024-02-17 11:41 - 2023-09-13 20:00 - 002713080 _____ (Microsoft Corporation) C:\WINDOWS\system32\xgameruntime.dll
2024-02-17 11:41 - 2023-09-13 20:00 - 000689656 _____ (Microsoft Corporation) C:\WINDOWS\system32\gameplatformservices.dll
2024-02-17 11:41 - 2023-09-13 20:00 - 000218728 _____ (Microsoft Corporation) C:\WINDOWS\system32\gameconfighelper.dll
2024-02-17 11:41 - 2023-09-13 20:00 - 000202344 _____ (Microsoft Corporation) C:\WINDOWS\system32\gamelaunchhelper.dll
2024-02-17 11:41 - 2023-09-13 20:00 - 000144888 _____ (Microsoft Corporation) C:\WINDOWS\system32\gamingtcuihelpers.dll
2024-02-17 11:41 - 2023-09-13 20:00 - 000095848 _____ (Microsoft Corporation) C:\WINDOWS\system32\xgamehelper.exe
2024-02-17 11:41 - 2023-09-13 20:00 - 000075256 _____ (Microsoft Corporation) C:\WINDOWS\system32\xgamecontrol.exe
2024-02-16 13:37 - 2019-10-04 10:56 - 000000000 ____D C:\Program Files\Microsoft Office
2024-02-16 13:07 - 2023-09-17 07:47 - 000000000 ____D C:\Users\unigl\AppData\Local\Steam
2024-02-16 02:06 - 2023-11-30 17:34 - 000000000 ____D C:\Users\unigl\AppData\Local\ExitLag
2024-02-15 12:36 - 2023-09-04 09:57 - 000002075 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Adobe Acrobat.lnk
2024-02-15 12:36 - 2023-09-04 09:57 - 000002063 _____ C:\Users\Public\Desktop\Adobe Acrobat.lnk
2024-02-15 11:52 - 2023-09-01 12:21 - 000032768 _____ C:\WINDOWS\system32\config\ELAM
2024-02-14 11:14 - 2023-09-01 12:24 - 000000000 ____D C:\ProgramData\USOPrivate
2024-02-14 10:55 - 2023-09-26 22:02 - 000000000 ____D C:\WINDOWS\system32\Microsoft-Edge-WebView
2024-02-14 10:55 - 2023-09-01 12:24 - 000000000 ___RD C:\WINDOWS\ImmersiveControlPanel
2024-02-14 10:55 - 2023-09-01 12:24 - 000000000 ____D C:\WINDOWS\SystemResources
2024-02-14 10:55 - 2023-09-01 12:24 - 000000000 ____D C:\WINDOWS\system32\Sgrm
2024-02-14 10:55 - 2023-09-01 12:24 - 000000000 ____D C:\WINDOWS\bcastdvr
2024-02-14 10:23 - 2023-09-01 12:34 - 000000000 ____D C:\WINDOWS\system32\MRT
2024-02-14 10:21 - 2023-09-01 12:34 - 191155960 ____C (Microsoft Corporation) C:\WINDOWS\system32\MRT.exe
2024-02-14 10:17 - 2023-09-01 11:49 - 003212800 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\PrintConfig.dll
2024-02-13 12:21 - 2023-09-01 12:58 - 000000000 ____D C:\Users\unigl\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Aplikace Chrome
2024-02-11 18:38 - 2023-09-01 12:24 - 000000000 ____D C:\WINDOWS\registration
2024-02-08 09:15 - 2024-01-22 04:55 - 006943344 _____ (NVIDIA Corporation) C:\WINDOWS\system32\nvapi64.dll
2024-02-06 14:13 - 2023-09-01 11:47 - 000333136 _____ C:\WINDOWS\system32\FNTCACHE.DAT
2024-02-06 14:12 - 2023-09-01 17:33 - 000000000 ____D C:\Program Files\Microsoft OneDrive
2024-02-02 16:28 - 2023-09-01 12:06 - 000000000 ___RD C:\Users\unigl\OneDrive
2024-02-01 22:23 - 2023-09-01 11:55 - 000003716 _____ C:\WINDOWS\system32\Tasks\MicrosoftEdgeUpdateTaskMachineUA{19C3585E-E7D3-455E-852F-E553EF928B93}
2024-02-01 22:23 - 2023-09-01 11:55 - 000003592 _____ C:\WINDOWS\system32\Tasks\MicrosoftEdgeUpdateTaskMachineCore{0C9914C2-5F8B-4AC7-9971-8D2D4818A0AB}
2024-02-01 00:58 - 2023-10-12 08:30 - 000003844 _____ C:\WINDOWS\system32\Tasks\GoogleUpdateTaskMachineUA{527DC2E4-1B68-4EF5-A0E0-AF25E9D62FB8}
2024-02-01 00:58 - 2023-10-12 08:30 - 000003720 _____ C:\WINDOWS\system32\Tasks\GoogleUpdateTaskMachineCore{5F370170-0F3C-4C5B-A2E8-95DCBC4EA4D0}
2024-01-29 00:07 - 2023-09-04 09:57 - 000000000 ____D C:\Users\unigl\.ms-ad
2024-01-24 16:45 - 2023-09-01 12:24 - 000000000 ____D C:\WINDOWS\UUS
2024-01-24 16:45 - 2023-09-01 12:24 - 000000000 ____D C:\WINDOWS\SysWOW64\WinMetadata
2024-01-24 16:45 - 2023-09-01 12:24 - 000000000 ____D C:\WINDOWS\SysWOW64\setup
2024-01-24 16:45 - 2023-09-01 12:24 - 000000000 ____D C:\WINDOWS\system32\WinMetadata
2024-01-24 16:45 - 2023-09-01 12:24 - 000000000 ____D C:\WINDOWS\system32\setup
2024-01-24 16:45 - 2023-09-01 12:24 - 000000000 ____D C:\WINDOWS\system32\SecureBootUpdates
2024-01-24 16:45 - 2023-09-01 12:24 - 000000000 ____D C:\WINDOWS\system32\oobe
2024-01-24 16:45 - 2023-09-01 12:24 - 000000000 ____D C:\WINDOWS\system32\appraiser
2024-01-24 16:45 - 2023-09-01 12:24 - 000000000 ____D C:\WINDOWS\ShellComponents
2024-01-24 16:45 - 2023-09-01 12:24 - 000000000 ____D C:\WINDOWS\Provisioning
2024-01-24 16:45 - 2023-09-01 12:24 - 000000000 ____D C:\WINDOWS\BrowserCore
2024-01-23 15:12 - 2023-09-01 12:06 - 000000000 ____D C:\Users\unigl\OneDrive\Dokumenty\Scanned Documents
==================== Files in the root of some directories ========
2023-10-12 21:34 - 2023-11-28 15:57 - 000007627 _____ () C:\Users\unigl\AppData\Local\Resmon.ResmonCfg
==================== SigCheck ============================
(There is no automatic fix for files that do not pass verification.)
==================== End of FRST.txt ========================
-
Rudy
- Site Admin
- Příspěvky: 118275
- Registrován: 30 říj 2003 13:42
- Bydliště: Plzeň
- Kontaktovat uživatele:
Re: Prosím o kontrolu a opravení chyb
Otevřte poznámkový blok a zkopírujte do něj:
Uložte na plochu jako fixlist.txt. Spusťte znovu FRST a klikněte na >Fix<. Po skončení akce se objeví log, který sem zkopírujte.Start
CloseProcesses:
HKLM\Software\...\Authentication\Credential Providers: [{C885AA15-1764-4293-B82A-0586ADD46B35}] ->
Task: {1465500d-a209-4108-842c-089ebad64693} - no filepath. <==== ATTENTION
Task: {2cbbfda8-4b0c-49ac-85a7-8818410a0893} - no filepath. <==== ATTENTION
Task: {2fcca34f-ecc2-44b4-ad7e-3da6176209ba} - no filepath. <==== ATTENTION
Task: {415ff2d6-e7d8-412a-a347-9f908923de20} - no filepath. <==== ATTENTION
Task: {7dd9f761-c13c-4526-8281-99a1c0e60012} - no filepath. <==== ATTENTION
Task: {F1F00F8A-E352-412A-8CA2-E90FA7BB8589} - \Microsoft\Windows\UpdateOrchestrator\USO_UxBroker -> No File <==== ATTENTION
Task: {45CF73C8-9A94-47C5-8E45-347738A58FC5} - System32\Tasks\Microsoft\Windows\Mobile Broadband Accounts\MNO Metadata Parser => %SystemRoot%\System32\MbaeParserTask.exe (No File)
"MpKsla06c1369" => service could not be unlocked. <==== ATTENTION
HKLM\SYSTEM\ControlSet001\Services\MpKsla06c1369 => \??\C:\ProgramData\Microsoft\Windows Defender\Definition Updates\{DE539A92-ED9F-46A6-A2BB-644568167F33}\MpKslDrv.sys <==== ATTENTION (Rootkit!/Locked Service)
C:\WINDOWS\SysWOW64\tmp6261.tmp
C:\WINDOWS\SysWOW64\tmp2144.tmp
C:\WINDOWS\SysWOW64\tmp2134.tmp
C:\DumpStack.log.tmp
C:\WINDOWS\system32\Tasks\GoogleUpdateTaskMachineUA{527DC2E4-1B68-4EF5-A0E0-AF25E9D62FB8}
C:\WINDOWS\system32\Tasks\GoogleUpdateTaskMachineCore{5F370170-0F3C-4C5B-A2E8-95DCBC4EA4D0}
CustomCLSID: HKU\S-1-5-21-4206321900-3256822646-2102545685-1001_Classes\CLSID\{14100442-9664-1407-2647-000000000000}\localserver32 -> no filepath
CustomCLSID: HKU\S-1-5-21-4206321900-3256822646-2102545685-1001_Classes\CLSID\{D5C4136A-93E5-4678-A6F8-0B2D9BB10999}\localserver32 -> C:\WINDOWS\System32\RunDll32.exe "C:\Program Files\Reg Organizer\Notifications.dll",Activate -ToastActivated => No File
FirewallRules: [TCP Query User{51CDC24E-452D-47FA-94BF-00F64A645AFB}D:\games\soundwire server\soundwireserver.exe] => (Allow) D:\games\soundwire server\soundwireserver.exe => No File
FirewallRules: [UDP Query User{F8C3E1D3-727D-4BD8-A0CF-02312FCA2F09}D:\games\soundwire server\soundwireserver.exe] => (Allow) D:\games\soundwire server\soundwireserver.exe => No File
FirewallRules: [{5EBCD5BC-C762-42ED-B215-34696687DEF9}] => (Allow) c:\program files (x86)\exitlag\exitlag.exe => No File
FirewallRules: [{58BF604B-106D-4EFA-8AB8-26E05B1AD4C8}] => (Allow) c:\program files (x86)\exitlag\exitlag.exe => No File
FirewallRules: [{EDE85C07-4932-4521-AAA9-62C520344A95}] => (Allow) C:\Program Files (x86)\Microsoft\EdgeWebView\Application\121.0.2277.128\msedgewebview2.exe => No File
EmptyTemp:
End
Dotazy a logy vkládejte pouze do vašich threadů. Soukromé zprávy, icq a e-maily neslouží k řešení vašich problémů.
Podpořte, prosím, naše fórum : https://platba.viry.cz/payment/.
Navštivte:
e-mail: rudy(zavináč)forum.viry.cz
Varování: Před odvirováním PC si udělejte zálohy svých důležitých dat (pošta, kontakty, dokumenty, fotografie, videa, hudba apod.). Virus mimo svých "viditelných" aktivit může poškodit systém!
Po dořešení vašeho problému bude vlákno zamknuto. Stejně tak tehdy, pokud bude nečinné více než 14dnů. Pokud budete chtít vlákno aktivovat, napište mi na mail uvedený výše.
Podpořte, prosím, naše fórum : https://platba.viry.cz/payment/.
Navštivte:
e-mail: rudy(zavináč)forum.viry.cz
Varování: Před odvirováním PC si udělejte zálohy svých důležitých dat (pošta, kontakty, dokumenty, fotografie, videa, hudba apod.). Virus mimo svých "viditelných" aktivit může poškodit systém!
Po dořešení vašeho problému bude vlákno zamknuto. Stejně tak tehdy, pokud bude nečinné více než 14dnů. Pokud budete chtít vlákno aktivovat, napište mi na mail uvedený výše.
Re: Prosím o kontrolu a opravení chyb
Fix result of Farbar Recovery Scan Tool (x64) Version: 23.02.2024
Ran by unigl (24-02-2024 13:19:46) Run:1
Running from C:\Users\unigl\Desktop
Loaded Profiles: unigl
Boot Mode: Normal
==============================================
fixlist content:
*****************
Start
CloseProcesses:
HKLM\Software\...\Authentication\Credential Providers: [{C885AA15-1764-4293-B82A-0586ADD46B35}] ->
Task: {1465500d-a209-4108-842c-089ebad64693} - no filepath. <==== ATTENTION
Task: {2cbbfda8-4b0c-49ac-85a7-8818410a0893} - no filepath. <==== ATTENTION
Task: {2fcca34f-ecc2-44b4-ad7e-3da6176209ba} - no filepath. <==== ATTENTION
Task: {415ff2d6-e7d8-412a-a347-9f908923de20} - no filepath. <==== ATTENTION
Task: {7dd9f761-c13c-4526-8281-99a1c0e60012} - no filepath. <==== ATTENTION
Task: {F1F00F8A-E352-412A-8CA2-E90FA7BB8589} - \Microsoft\Windows\UpdateOrchestrator\USO_UxBroker -> No File <==== ATTENTION
Task: {45CF73C8-9A94-47C5-8E45-347738A58FC5} - System32\Tasks\Microsoft\Windows\Mobile Broadband Accounts\MNO Metadata Parser => %SystemRoot%\System32\MbaeParserTask.exe (No File)
"MpKsla06c1369" => service could not be unlocked. <==== ATTENTION
HKLM\SYSTEM\ControlSet001\Services\MpKsla06c1369 => \??\C:\ProgramData\Microsoft\Windows Defender\Definition Updates\{DE539A92-ED9F-46A6-A2BB-644568167F33}\MpKslDrv.sys <==== ATTENTION (Rootkit!/Locked Service)
C:\WINDOWS\SysWOW64\tmp6261.tmp
C:\WINDOWS\SysWOW64\tmp2144.tmp
C:\WINDOWS\SysWOW64\tmp2134.tmp
C:\DumpStack.log.tmp
C:\WINDOWS\system32\Tasks\GoogleUpdateTaskMachineUA{527DC2E4-1B68-4EF5-A0E0-AF25E9D62FB8}
C:\WINDOWS\system32\Tasks\GoogleUpdateTaskMachineCore{5F370170-0F3C-4C5B-A2E8-95DCBC4EA4D0}
CustomCLSID: HKU\S-1-5-21-4206321900-3256822646-2102545685-1001_Classes\CLSID\{14100442-9664-1407-2647-000000000000}\localserver32 -> no filepath
CustomCLSID: HKU\S-1-5-21-4206321900-3256822646-2102545685-1001_Classes\CLSID\{D5C4136A-93E5-4678-A6F8-0B2D9BB10999}\localserver32 -> C:\WINDOWS\System32\RunDll32.exe "C:\Program Files\Reg Organizer\Notifications.dll",Activate -ToastActivated => No File
FirewallRules: [TCP Query User{51CDC24E-452D-47FA-94BF-00F64A645AFB}D:\games\soundwire server\soundwireserver.exe] => (Allow) D:\games\soundwire server\soundwireserver.exe => No File
FirewallRules: [UDP Query User{F8C3E1D3-727D-4BD8-A0CF-02312FCA2F09}D:\games\soundwire server\soundwireserver.exe] => (Allow) D:\games\soundwire server\soundwireserver.exe => No File
FirewallRules: [{5EBCD5BC-C762-42ED-B215-34696687DEF9}] => (Allow) c:\program files (x86)\exitlag\exitlag.exe => No File
FirewallRules: [{58BF604B-106D-4EFA-8AB8-26E05B1AD4C8}] => (Allow) c:\program files (x86)\exitlag\exitlag.exe => No File
FirewallRules: [{EDE85C07-4932-4521-AAA9-62C520344A95}] => (Allow) C:\Program Files (x86)\Microsoft\EdgeWebView\Application\121.0.2277.128\msedgewebview2.exe => No File
EmptyTemp:
End
*****************
Processes closed successfully.
HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Authentication\Credential Providers\{C885AA15-1764-4293-B82A-0586ADD46B35} => removed successfully
"HKLM\Software\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tasks\{1465500d-a209-4108-842c-089ebad64693}" => removed successfully
"HKLM\Software\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tasks\{2cbbfda8-4b0c-49ac-85a7-8818410a0893}" => removed successfully
"HKLM\Software\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tasks\{2fcca34f-ecc2-44b4-ad7e-3da6176209ba}" => removed successfully
"HKLM\Software\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tasks\{415ff2d6-e7d8-412a-a347-9f908923de20}" => removed successfully
"HKLM\Software\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tasks\{7dd9f761-c13c-4526-8281-99a1c0e60012}" => removed successfully
"HKLM\Software\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Plain\{F1F00F8A-E352-412A-8CA2-E90FA7BB8589}" => removed successfully
"HKLM\Software\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tasks\{F1F00F8A-E352-412A-8CA2-E90FA7BB8589}" => removed successfully
"HKLM\Software\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tree\Microsoft\Windows\UpdateOrchestrator\USO_UxBroker" => removed successfully
"HKLM\Software\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Plain\{45CF73C8-9A94-47C5-8E45-347738A58FC5}" => removed successfully
"HKLM\Software\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tasks\{45CF73C8-9A94-47C5-8E45-347738A58FC5}" => removed successfully
C:\WINDOWS\System32\Tasks\Microsoft\Windows\Mobile Broadband Accounts\MNO Metadata Parser => moved successfully
"HKLM\Software\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tree\Microsoft\Windows\Mobile Broadband Accounts\MNO Metadata Parser" => removed successfully
"MpKsla06c1369" => service could not be unlocked. <==== ATTENTION => Error: No automatic fix found for this entry.
HKLM\SYSTEM\ControlSet001\Services\MpKsla06c1369 => \??\C:\ProgramData\Microsoft\Windows Defender\Definition Updates\{DE539A92-ED9F-46A6-A2BB-644568167F33}\MpKslDrv.sys <==== ATTENTION (Rootkit!/Locked Service) => Error: No automatic fix found for this entry.
C:\WINDOWS\SysWOW64\tmp6261.tmp => moved successfully
C:\WINDOWS\SysWOW64\tmp2144.tmp => moved successfully
C:\WINDOWS\SysWOW64\tmp2134.tmp => moved successfully
Could not move "C:\DumpStack.log.tmp" => Scheduled to move on reboot.
C:\WINDOWS\system32\Tasks\GoogleUpdateTaskMachineUA{527DC2E4-1B68-4EF5-A0E0-AF25E9D62FB8} => moved successfully
C:\WINDOWS\system32\Tasks\GoogleUpdateTaskMachineCore{5F370170-0F3C-4C5B-A2E8-95DCBC4EA4D0} => moved successfully
HKU\S-1-5-21-4206321900-3256822646-2102545685-1001_Classes\CLSID\{14100442-9664-1407-2647-000000000000} => removed successfully
HKU\S-1-5-21-4206321900-3256822646-2102545685-1001_Classes\CLSID\{D5C4136A-93E5-4678-A6F8-0B2D9BB10999} => removed successfully
"HKLM\SYSTEM\CurrentControlSet\services\SharedAccess\Parameters\FirewallPolicy\FirewallRules\\TCP Query User{51CDC24E-452D-47FA-94BF-00F64A645AFB}D:\games\soundwire server\soundwireserver.exe" => removed successfully
"HKLM\SYSTEM\CurrentControlSet\services\SharedAccess\Parameters\FirewallPolicy\FirewallRules\\UDP Query User{F8C3E1D3-727D-4BD8-A0CF-02312FCA2F09}D:\games\soundwire server\soundwireserver.exe" => removed successfully
"HKLM\SYSTEM\CurrentControlSet\services\SharedAccess\Parameters\FirewallPolicy\FirewallRules\\{5EBCD5BC-C762-42ED-B215-34696687DEF9}" => not found
"HKLM\SYSTEM\CurrentControlSet\services\SharedAccess\Parameters\FirewallPolicy\FirewallRules\\{58BF604B-106D-4EFA-8AB8-26E05B1AD4C8}" => not found
"HKLM\SYSTEM\CurrentControlSet\services\SharedAccess\Parameters\FirewallPolicy\FirewallRules\\{EDE85C07-4932-4521-AAA9-62C520344A95}" => removed successfully
=========== EmptyTemp: ==========
FlushDNS => completed
BITS transfer queue => 786432 B
DOMStore, IE Recovery, AppCache, Feeds Cache, Thumbcache, IconCache => 10547073 B
Java, Discord, Steam htmlcache, WinHttpAutoProxySvc/winhttp *.cache => 778 B
Windows/system/drivers => 8449611 B
Edge => 0 B
Chrome => 978052341 B
Firefox => 0 B
Opera => 0 B
Temp, IE cache, history, cookies, recent:
Default => 0 B
ProgramData => 0 B
Public => 0 B
systemprofile => 0 B
systemprofile32 => 0 B
LocalService => 0 B
NetworkService => 1166 B
unigl => 1555431916 B
RecycleBin => 0 B
EmptyTemp: => 2.4 GB temporary data Removed.
================================
Result of scheduled files to move (Boot Mode: Normal) (Date&Time: 24-02-2024 13:22:05)
C:\DumpStack.log.tmp => Could not move
==== End of Fixlog 13:22:05 ====
Ran by unigl (24-02-2024 13:19:46) Run:1
Running from C:\Users\unigl\Desktop
Loaded Profiles: unigl
Boot Mode: Normal
==============================================
fixlist content:
*****************
Start
CloseProcesses:
HKLM\Software\...\Authentication\Credential Providers: [{C885AA15-1764-4293-B82A-0586ADD46B35}] ->
Task: {1465500d-a209-4108-842c-089ebad64693} - no filepath. <==== ATTENTION
Task: {2cbbfda8-4b0c-49ac-85a7-8818410a0893} - no filepath. <==== ATTENTION
Task: {2fcca34f-ecc2-44b4-ad7e-3da6176209ba} - no filepath. <==== ATTENTION
Task: {415ff2d6-e7d8-412a-a347-9f908923de20} - no filepath. <==== ATTENTION
Task: {7dd9f761-c13c-4526-8281-99a1c0e60012} - no filepath. <==== ATTENTION
Task: {F1F00F8A-E352-412A-8CA2-E90FA7BB8589} - \Microsoft\Windows\UpdateOrchestrator\USO_UxBroker -> No File <==== ATTENTION
Task: {45CF73C8-9A94-47C5-8E45-347738A58FC5} - System32\Tasks\Microsoft\Windows\Mobile Broadband Accounts\MNO Metadata Parser => %SystemRoot%\System32\MbaeParserTask.exe (No File)
"MpKsla06c1369" => service could not be unlocked. <==== ATTENTION
HKLM\SYSTEM\ControlSet001\Services\MpKsla06c1369 => \??\C:\ProgramData\Microsoft\Windows Defender\Definition Updates\{DE539A92-ED9F-46A6-A2BB-644568167F33}\MpKslDrv.sys <==== ATTENTION (Rootkit!/Locked Service)
C:\WINDOWS\SysWOW64\tmp6261.tmp
C:\WINDOWS\SysWOW64\tmp2144.tmp
C:\WINDOWS\SysWOW64\tmp2134.tmp
C:\DumpStack.log.tmp
C:\WINDOWS\system32\Tasks\GoogleUpdateTaskMachineUA{527DC2E4-1B68-4EF5-A0E0-AF25E9D62FB8}
C:\WINDOWS\system32\Tasks\GoogleUpdateTaskMachineCore{5F370170-0F3C-4C5B-A2E8-95DCBC4EA4D0}
CustomCLSID: HKU\S-1-5-21-4206321900-3256822646-2102545685-1001_Classes\CLSID\{14100442-9664-1407-2647-000000000000}\localserver32 -> no filepath
CustomCLSID: HKU\S-1-5-21-4206321900-3256822646-2102545685-1001_Classes\CLSID\{D5C4136A-93E5-4678-A6F8-0B2D9BB10999}\localserver32 -> C:\WINDOWS\System32\RunDll32.exe "C:\Program Files\Reg Organizer\Notifications.dll",Activate -ToastActivated => No File
FirewallRules: [TCP Query User{51CDC24E-452D-47FA-94BF-00F64A645AFB}D:\games\soundwire server\soundwireserver.exe] => (Allow) D:\games\soundwire server\soundwireserver.exe => No File
FirewallRules: [UDP Query User{F8C3E1D3-727D-4BD8-A0CF-02312FCA2F09}D:\games\soundwire server\soundwireserver.exe] => (Allow) D:\games\soundwire server\soundwireserver.exe => No File
FirewallRules: [{5EBCD5BC-C762-42ED-B215-34696687DEF9}] => (Allow) c:\program files (x86)\exitlag\exitlag.exe => No File
FirewallRules: [{58BF604B-106D-4EFA-8AB8-26E05B1AD4C8}] => (Allow) c:\program files (x86)\exitlag\exitlag.exe => No File
FirewallRules: [{EDE85C07-4932-4521-AAA9-62C520344A95}] => (Allow) C:\Program Files (x86)\Microsoft\EdgeWebView\Application\121.0.2277.128\msedgewebview2.exe => No File
EmptyTemp:
End
*****************
Processes closed successfully.
HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Authentication\Credential Providers\{C885AA15-1764-4293-B82A-0586ADD46B35} => removed successfully
"HKLM\Software\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tasks\{1465500d-a209-4108-842c-089ebad64693}" => removed successfully
"HKLM\Software\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tasks\{2cbbfda8-4b0c-49ac-85a7-8818410a0893}" => removed successfully
"HKLM\Software\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tasks\{2fcca34f-ecc2-44b4-ad7e-3da6176209ba}" => removed successfully
"HKLM\Software\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tasks\{415ff2d6-e7d8-412a-a347-9f908923de20}" => removed successfully
"HKLM\Software\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tasks\{7dd9f761-c13c-4526-8281-99a1c0e60012}" => removed successfully
"HKLM\Software\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Plain\{F1F00F8A-E352-412A-8CA2-E90FA7BB8589}" => removed successfully
"HKLM\Software\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tasks\{F1F00F8A-E352-412A-8CA2-E90FA7BB8589}" => removed successfully
"HKLM\Software\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tree\Microsoft\Windows\UpdateOrchestrator\USO_UxBroker" => removed successfully
"HKLM\Software\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Plain\{45CF73C8-9A94-47C5-8E45-347738A58FC5}" => removed successfully
"HKLM\Software\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tasks\{45CF73C8-9A94-47C5-8E45-347738A58FC5}" => removed successfully
C:\WINDOWS\System32\Tasks\Microsoft\Windows\Mobile Broadband Accounts\MNO Metadata Parser => moved successfully
"HKLM\Software\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tree\Microsoft\Windows\Mobile Broadband Accounts\MNO Metadata Parser" => removed successfully
"MpKsla06c1369" => service could not be unlocked. <==== ATTENTION => Error: No automatic fix found for this entry.
HKLM\SYSTEM\ControlSet001\Services\MpKsla06c1369 => \??\C:\ProgramData\Microsoft\Windows Defender\Definition Updates\{DE539A92-ED9F-46A6-A2BB-644568167F33}\MpKslDrv.sys <==== ATTENTION (Rootkit!/Locked Service) => Error: No automatic fix found for this entry.
C:\WINDOWS\SysWOW64\tmp6261.tmp => moved successfully
C:\WINDOWS\SysWOW64\tmp2144.tmp => moved successfully
C:\WINDOWS\SysWOW64\tmp2134.tmp => moved successfully
Could not move "C:\DumpStack.log.tmp" => Scheduled to move on reboot.
C:\WINDOWS\system32\Tasks\GoogleUpdateTaskMachineUA{527DC2E4-1B68-4EF5-A0E0-AF25E9D62FB8} => moved successfully
C:\WINDOWS\system32\Tasks\GoogleUpdateTaskMachineCore{5F370170-0F3C-4C5B-A2E8-95DCBC4EA4D0} => moved successfully
HKU\S-1-5-21-4206321900-3256822646-2102545685-1001_Classes\CLSID\{14100442-9664-1407-2647-000000000000} => removed successfully
HKU\S-1-5-21-4206321900-3256822646-2102545685-1001_Classes\CLSID\{D5C4136A-93E5-4678-A6F8-0B2D9BB10999} => removed successfully
"HKLM\SYSTEM\CurrentControlSet\services\SharedAccess\Parameters\FirewallPolicy\FirewallRules\\TCP Query User{51CDC24E-452D-47FA-94BF-00F64A645AFB}D:\games\soundwire server\soundwireserver.exe" => removed successfully
"HKLM\SYSTEM\CurrentControlSet\services\SharedAccess\Parameters\FirewallPolicy\FirewallRules\\UDP Query User{F8C3E1D3-727D-4BD8-A0CF-02312FCA2F09}D:\games\soundwire server\soundwireserver.exe" => removed successfully
"HKLM\SYSTEM\CurrentControlSet\services\SharedAccess\Parameters\FirewallPolicy\FirewallRules\\{5EBCD5BC-C762-42ED-B215-34696687DEF9}" => not found
"HKLM\SYSTEM\CurrentControlSet\services\SharedAccess\Parameters\FirewallPolicy\FirewallRules\\{58BF604B-106D-4EFA-8AB8-26E05B1AD4C8}" => not found
"HKLM\SYSTEM\CurrentControlSet\services\SharedAccess\Parameters\FirewallPolicy\FirewallRules\\{EDE85C07-4932-4521-AAA9-62C520344A95}" => removed successfully
=========== EmptyTemp: ==========
FlushDNS => completed
BITS transfer queue => 786432 B
DOMStore, IE Recovery, AppCache, Feeds Cache, Thumbcache, IconCache => 10547073 B
Java, Discord, Steam htmlcache, WinHttpAutoProxySvc/winhttp *.cache => 778 B
Windows/system/drivers => 8449611 B
Edge => 0 B
Chrome => 978052341 B
Firefox => 0 B
Opera => 0 B
Temp, IE cache, history, cookies, recent:
Default => 0 B
ProgramData => 0 B
Public => 0 B
systemprofile => 0 B
systemprofile32 => 0 B
LocalService => 0 B
NetworkService => 1166 B
unigl => 1555431916 B
RecycleBin => 0 B
EmptyTemp: => 2.4 GB temporary data Removed.
================================
Result of scheduled files to move (Boot Mode: Normal) (Date&Time: 24-02-2024 13:22:05)
C:\DumpStack.log.tmp => Could not move
==== End of Fixlog 13:22:05 ====
-
Rudy
- Site Admin
- Příspěvky: 118275
- Registrován: 30 říj 2003 13:42
- Bydliště: Plzeň
- Kontaktovat uživatele:
Re: Prosím o kontrolu a opravení chyb
Bylo smazáno. Pokud se chyby, které jste měl (nic konkrétního jste o nuich neřekl) opravily, je to z mé strany vše.
Dotazy a logy vkládejte pouze do vašich threadů. Soukromé zprávy, icq a e-maily neslouží k řešení vašich problémů.
Podpořte, prosím, naše fórum : https://platba.viry.cz/payment/.
Navštivte:
e-mail: rudy(zavináč)forum.viry.cz
Varování: Před odvirováním PC si udělejte zálohy svých důležitých dat (pošta, kontakty, dokumenty, fotografie, videa, hudba apod.). Virus mimo svých "viditelných" aktivit může poškodit systém!
Po dořešení vašeho problému bude vlákno zamknuto. Stejně tak tehdy, pokud bude nečinné více než 14dnů. Pokud budete chtít vlákno aktivovat, napište mi na mail uvedený výše.
Podpořte, prosím, naše fórum : https://platba.viry.cz/payment/.
Navštivte:
e-mail: rudy(zavináč)forum.viry.cz
Varování: Před odvirováním PC si udělejte zálohy svých důležitých dat (pošta, kontakty, dokumenty, fotografie, videa, hudba apod.). Virus mimo svých "viditelných" aktivit může poškodit systém!
Po dořešení vašeho problému bude vlákno zamknuto. Stejně tak tehdy, pokud bude nečinné více než 14dnů. Pokud budete chtít vlákno aktivovat, napište mi na mail uvedený výše.
Přispějete na provoz fóra?