Odvirování PC, zrychlení počítače, vzdálená pomoc prostřednictvím služby neslape.cz

Prosím o kontrolu logu

Máte problém s virem? Vložte sem log z FRST nebo RSIT.

Moderátor: Moderátoři

Pravidla fóra
Pokud chcete pomoc, vložte log z FRST [návod zde] nebo RSIT [návod zde]

Jednotlivé thready budou po vyřešení uzamčeny. Stejně tak ty, které budou nečinné déle než 14 dní. Vizte Pravidlo o zamykání témat. Děkujeme za pochopení.

!NOVINKA!
Nově lze využívat služby vzdálené pomoci, kdy se k vašemu počítači připojí odborník a bližší informace o problému si od vás získá telefonicky! Více na www.neslape.cz
Zamčeno
Zpráva
Autor
Mortiz696
Návštěvník
Návštěvník
Příspěvky: 76
Registrován: 29 led 2014 19:24

Prosím o kontrolu logu

#1 Příspěvek od Mortiz696 »

Dnes jsem otevřel pochybný email neměl žádnou přílohu. Nainstaloval jsem ihned eset a ten ted opakovaně vyskakuje hláška zablokován útok ARP Cache Poisoing zařízení (192.168.1.10) nicméně když jsem šel do routeru zobrazuje se mi tato ip jako má televize a při skenu nalezl Čas;Skener;Typ objektu;Objekt;Detekce;Akce;Uživatel;Informace;Hash;První výskyt
27.03.2024 16:14:34;HTTP filtr;soubor;https://jootizud.net/pfe/current/tag.mi ... ed.Agent.L podezřelá aplikace;přerušeno spojení;ZALMAN-PC\petrs;Tato událost nastala při pokusu o přístup na web aplikací: C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe (A3C06B947549921D60D59917575DF5EE5DFC472A).;C3C68A1B3FEC1DE7F1DD9AD78CE9BA8CB6CA2286;


Scan result of Farbar Recovery Scan Tool (FRST) (x64) Version: 25.03.2024
Ran by petrs (administrator) on ZALMAN-PC (Micro-Star International Co., Ltd. MS-7B93) (27-03-2024 15:44:18)
Running from C:\Users\petrs\Desktop\FRST64.exe
Loaded Profiles: petrs
Platform: Microsoft Windows 11 Home Version 23H2 22631.3296 (X64) Language: Čeština (Česko)
Default browser: Edge
Boot Mode: Normal

==================== Processes (Whitelisted) =================

(If an entry is included in the fixlist, the process will be closed. The file will not be moved.)

(A-Volute SAS -> A-Volute) C:\Windows\System32\NhNotifSys.exe
(C:\Program Files (x86)\Common Files\Java\Java Update\jusched.exe ->) (Oracle America, Inc. -> Oracle Corporation) C:\Program Files (x86)\Common Files\Java\Java Update\jucheck.exe
(C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe ->) (Microsoft Windows -> Microsoft Corporation) C:\Windows\System32\cmd.exe <2>
(C:\Program Files (x86)\Sticky Password\stpass.exe ->) (Lamantine Software a.s. -> Lamantine Software a.s.) C:\Program Files (x86)\Sticky Password\spUIAManager.exe
(C:\Program Files\ESET\ESET Security\ekrn.exe ->) (ESET, spol. s r.o. -> ESET) C:\Program Files\ESET\ESET Security\egui.exe
(C:\Program Files\ESET\ESET Security\ekrn.exe ->) (ESET, spol. s r.o. -> ESET) C:\Program Files\ESET\ESET Security\eguiProxy.exe
(C:\Program Files\ESET\ESET Security\ekrn.exe ->) (ESET, spol. s r.o. -> ESET) C:\Program Files\ESET\ESET Security\eOppFrame.exe
(C:\Program Files\LogiOptionsPlus\logioptionsplus_agent.exe ->) (Logitech Inc -> Logitech, Inc.) C:\Program Files\LogiOptionsPlus\logioptionsplus_appbroker.exe
(C:\Program Files\LogiOptionsPlus\logioptionsplus_updater.exe ->) (Logitech Inc -> Logitech, Inc.) C:\Program Files\LogiOptionsPlus\logioptionsplus_agent.exe
(C:\Program Files\NVIDIA Corporation\NvContainer\nvcontainer.exe ->) (NVIDIA Corporation -> NVIDIA Corporation) C:\Program Files\NVIDIA Corporation\NVIDIA GeForce Experience\NVIDIA Share.exe <3>
(C:\Program Files\NVIDIA Corporation\NvContainer\nvcontainer.exe ->) (NVIDIA Corporation -> NVIDIA Corporation) C:\Program Files\NVIDIA Corporation\ShadowPlay\nvsphelper64.exe
(C:\Program Files\WindowsApps\MicrosoftTeams_24060.3102.2733.5911_x64__8wekyb3d8bbwe\msteams.exe ->) (Microsoft Corporation -> Microsoft Corporation) C:\Program Files (x86)\Microsoft\EdgeWebView\Application\122.0.2365.92\msedgewebview2.exe <12>
(cmd.exe ->) (ESET, spol. s r.o. -> ESET) C:\Program Files\ESET\ESET Security\BrowserPrivacyAndSecurity.exe
(cmd.exe ->) (Lamantine Software a.s. -> Lamantine Software a.s.) C:\Program Files (x86)\Sticky Password\spNMHost.exe
(explorer.exe ->) (Lamantine Software a.s. -> Lamantine Software a.s.) C:\Program Files (x86)\Sticky Password\stpass.exe
(Microsoft Corporation -> Microsoft Corporation) C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe <16>
(NVIDIA Corporation -> Node.js) C:\Program Files (x86)\NVIDIA Corporation\NvNode\NVIDIA Web Helper.exe
(Oracle America, Inc. -> Oracle Corporation) C:\Program Files (x86)\Common Files\Java\Java Update\jusched.exe
(services.exe ->) (Adobe Inc. -> Adobe Inc.) C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\armsvc.exe
(services.exe ->) (AVB Disc Soft, SIA -> Disc Soft FZE LLC) C:\Program Files\DAEMON Tools Lite\DiscSoftBusServiceLite.exe
(services.exe ->) (A-Volute SAS -> Nahimic) C:\Windows\System32\NahimicService.exe
(services.exe ->) (ESET, spol. s r.o. -> ESET) C:\Program Files\ESET\ESET Security\efwd.exe
(services.exe ->) (ESET, spol. s r.o. -> ESET) C:\Program Files\ESET\ESET Security\ekrn.exe
(services.exe ->) (HP Inc. -> HP Inc.) C:\Program Files\HPPrintScanDoctor\HPPrintScanDoctorService.exe
(services.exe ->) (Logitech Inc -> Logitech, Inc.) C:\Program Files\LogiOptionsPlus\logioptionsplus_updater.exe
(services.exe ->) (Microsoft Corporation -> Microsoft Corporation) C:\Program Files\Common Files\microsoft shared\ClickToRun\OfficeClickToRun.exe
(services.exe ->) (ND_Apps -> Intel Corporation) C:\Windows\System32\IPROSetMonitor.exe
(services.exe ->) (NVIDIA Corporation -> NVIDIA Corporation) C:\Program Files\NVIDIA Corporation\NvContainer\nvcontainer.exe <3>
(services.exe ->) (NVIDIA Corporation -> NVIDIA Corporation) C:\Windows\System32\DriverStore\FileRepository\nvmdi.inf_amd64_04ffae6d80cb7adc\Display.NvContainer\NVDisplay.Container.exe <2>
(services.exe ->) (Realtek Semiconductor Corp. -> Realtek Semiconductor) C:\Windows\System32\DriverStore\FileRepository\realtekservice.inf_amd64_5349479f7c9fe8a6\RtkAudUService64.exe <2>
(svchost.exe ->) (453637B3-4E12-4CDF-B0D3-2A3C863BF6EF -> ) C:\Program Files\WindowsApps\SpotifyAB.SpotifyMusic_1.233.1042.0_x64__zpdnekdrzrea0\SpotifyWidgetProvider.exe
(svchost.exe ->) (Microsoft Corporation -> Microsoft Corporation) C:\Program Files\Microsoft Office\root\Office16\SDXHelper.exe
(svchost.exe ->) (Microsoft Windows -> ) C:\Program Files\WindowsApps\MicrosoftWindows.Client.WebExperience_424.1301.310.0_x64__cw5n1h2txyewy\Dashboard\WidgetService.exe
(svchost.exe ->) (Microsoft Windows -> Microsoft Corporation) C:\Windows\System32\dllhost.exe <2>
(svchost.exe ->) (Microsoft Windows -> Microsoft Corporation) C:\Windows\System32\smartscreen.exe
(svchost.exe ->) (Microsoft Windows -> Microsoft Corporation) C:\Windows\System32\wlanext.exe

==================== Registry (Whitelisted) ===================

(If an entry is included in the fixlist, the registry item will be restored to default or removed. The file will not be moved.)

HKLM\...\Run: [Logitech Download Assistant] => C:\Windows\system32\rundll32.exe C:\Windows\System32\LogiLDA.dll,LogiFetch [3951024 2019-10-11] (Microsoft Windows Hardware Compatibility Publisher -> Logitech, Inc.)
HKLM\...\Run: [RtkAudUService] => C:\Windows\System32\DriverStore\FileRepository\realtekservice.inf_amd64_5349479f7c9fe8a6\RtkAudUService64.exe [1951632 2023-12-20] (Realtek Semiconductor Corp. -> Realtek Semiconductor)
HKLM\...\Run: [egui] => C:\Program Files\ESET\ESET Security\ecmds.exe [196016 2024-03-25] (ESET, spol. s r.o. -> ESET)
HKLM-x32\...\Run: [SunJavaUpdateSched] => C:\Program Files (x86)\Common Files\Java\Java Update\jusched.exe [739448 2023-03-17] (Oracle America, Inc. -> Oracle Corporation)
HKLM\SOFTWARE\Microsoft\Windows Defender: [DisableAntiSpyware] Restriction <==== ATTENTION
HKLM\SOFTWARE\Microsoft\Windows Defender: [DisableAntiVirus] Restriction <==== ATTENTION
HKU\S-1-5-21-2785552240-912787919-3056475977-1001\...\Run: [OneDrive] => C:\Program Files\Microsoft OneDrive\OneDrive.exe [3306504 2024-03-26] (Microsoft Corporation -> Microsoft Corporation)
HKU\S-1-5-21-2785552240-912787919-3056475977-1001\...\Run: [StickyPassword] => C:\Program Files (x86)\Sticky Password\stpass.exe [72104 2023-12-18] (Lamantine Software a.s. -> Lamantine Software a.s.)
HKU\S-1-5-21-2785552240-912787919-3056475977-1001\...\Run: [MicrosoftEdgeAutoLaunch_C8232F012CA43EDA63AF8D019F227CEA] => "C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --no-startup-window --win-session-start [4060712 2024-03-14] (Microsoft Corporation -> Microsoft Corporation)
HKU\S-1-5-21-2785552240-912787919-3056475977-1001\...\Run: [GalaxyClient] => [X]
HKU\S-1-5-21-2785552240-912787919-3056475977-1001\...\Run: [DAEMON Tools Lite Automount] => C:\Program Files\DAEMON Tools Lite\DTAgent.exe [482128 2023-10-11] (AVB Disc Soft, SIA -> Disc Soft FZE LLC)

==================== Scheduled Tasks (Whitelisted) =================

(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)

Task: {399B43F5-1228-4711-AB4C-129BC36CDA2C} - System32\Tasks\Adobe Acrobat Update Task => C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\AdobeARM.exe [1547208 2024-01-31] (Adobe Inc. -> Adobe Inc.)
Task: {14EEFDE1-83F4-42B5-9F79-A98B61DC1A29} - System32\Tasks\CCleaner Update => C:\Program Files\CCleaner\CCUpdate.exe [714256 2023-10-10] (PIRIFORM SOFTWARE LIMITED -> Piriform Software Ltd)
Task: {DD64EFEC-3053-48B3-B723-5750FCB60292} - System32\Tasks\CCleanerCrashReporting => C:\Program Files\CCleaner\CCleanerBugReport.exe [4703648 2023-10-10] (PIRIFORM SOFTWARE LIMITED -> Piriform Software) -> --product 90 --send dumps|report --path "C:\Program Files\CCleaner\LOG" --programpath "C:\Program Files\CCleaner" --configpath "C:\Program Files\CCleaner\Setup" --guid "17ef4122-613d-4c33-aeff-6851f77dacdc" --version "6.17.10746" --silent
Task: {B2F56437-8C34-467D-9118-010D0C3F63D2} - System32\Tasks\CCleanerSkipUAC - petrs => C:\Program Files\CCleaner\CCleaner.exe [35664800 2023-10-10] (PIRIFORM SOFTWARE LIMITED -> Piriform Software Ltd)
Task: {F2A18D04-40CB-4948-A4E6-2C188D3D3A25} - System32\Tasks\GarminUpdaterTask => C:\Program Files (x86)\Garmin\Express SelfUpdater\ExpressSelfUpdater.exe [31008 2023-08-28] (Garmin International, Inc. -> )
Task: {9B1F60EF-5E7F-4CC9-B744-85F80873659D} - System32\Tasks\HP\HP Print Scan Doctor\Printer Health Monitor => C:\Program Files\HPPrintScanDoctor\HPPrinterHealthMonitor.exe [64464 2024-03-08] (HP Inc. -> HP Inc.)
Task: {C8EFF6FD-9206-4C41-A73A-C28FF3F660DE} - System32\Tasks\HP\HP Print Scan Doctor\Printer Health Monitor Logon => C:\Program Files\HPPrintScanDoctor\HPPrinterHealthMonitor.exe [64464 2024-03-08] (HP Inc. -> HP Inc.)
Task: {63A08CFA-7515-407A-B831-D1D1EBB87F96} - System32\Tasks\Microsoft\Office\Office Automatic Updates 2.0 => C:\Program Files\Common Files\Microsoft Shared\ClickToRun\OfficeC2RClient.exe [28491744 2024-03-07] (Microsoft Corporation -> Microsoft Corporation)
Task: {9BC130E2-FF6F-492F-BFF0-6270A7F06418} - System32\Tasks\Microsoft\Office\Office ClickToRun Service Monitor => C:\Program Files\Common Files\Microsoft Shared\ClickToRun\OfficeC2RClient.exe [28491744 2024-03-07] (Microsoft Corporation -> Microsoft Corporation)
Task: {E0B79C08-79BB-46A8-9855-A88FFD95C568} - System32\Tasks\Microsoft\Office\Office Feature Updates => C:\Program Files\Microsoft Office\root\Office16\sdxhelper.exe [309184 2024-03-19] (Microsoft Corporation -> Microsoft Corporation)
Task: {15636897-284F-4CD3-93DE-843B4536F239} - System32\Tasks\Microsoft\Office\Office Feature Updates Logon => C:\Program Files\Microsoft Office\root\Office16\sdxhelper.exe [309184 2024-03-19] (Microsoft Corporation -> Microsoft Corporation)
Task: {9530E009-2B61-4644-B69C-F754B8CC191C} - System32\Tasks\Microsoft\Office\Office Performance Monitor => C:\Program Files\Microsoft Office\root\vfs\ProgramFilesCommonX64\Microsoft Shared\Office16\operfmon.exe [170136 2024-03-19] (Microsoft Corporation -> Microsoft Corporation)
Task: {E0F10DCF-44AD-40E8-9370-FB5DA59F93FB} - System32\Tasks\Microsoft\Windows\UpdateOrchestrator\USO_UxBroker => %systemroot%\system32\MusNotification.exe (No File)
Task: {662472C2-6CCA-4CBB-91AB-2A0BEE3A412F} - System32\Tasks\Mozilla\Firefox Background Update 308046B0AF4A39CB => C:\Program Files\Mozilla Firefox\firefox.exe [671648 2024-02-18] (Mozilla Corporation -> Mozilla Corporation) -> C:\ProgramData\Mozilla-1de4eec8-1241-4177-a864-e594e8d1fb38\updates\308046B0AF4A39CB\--MOZ_LOG sync,prependheader,timestamp,append,maxsize:1,Dump:5 --MOZ_LOG_FILE C:\ProgramData\Mozilla-1de4eec8-1241-4177-a864-e594e8d1fb38\updates\308046B0AF4A39CB\backgroundupdate.moz_log --backgroundtask background (the data entry has 6 more characters).
Task: {648AC316-16F7-4EF3-A0B5-0E576869DC1C} - System32\Tasks\Mozilla\Firefox Default Browser Agent 308046B0AF4A39CB => C:\Program Files\Mozilla Firefox\default-browser-agent.exe [34720 2024-02-18] (Mozilla Corporation -> Mozilla Foundation)
Task: {B5DB29EA-E21F-476A-9A75-64EFAC04A25B} - System32\Tasks\NvDriverUpdateCheckDaily_{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8} => C:\Program Files\NVIDIA Corporation\NvContainer\nvcontainer.exe [1005096 2023-11-02] (NVIDIA Corporation -> NVIDIA Corporation) -> C:\Program Files\NVIDIA Corporation\NvContainer\-d "C:\Program Files\NVIDIA Corporation\NvDriverUpdateCheck" -l 3 -f C:\ProgramData\NVIDIA\NvContainerDriverUpdateCheck.log
Task: {A3A1D2A0-F5B4-4098-AED7-D929EB2B0080} - System32\Tasks\NVIDIA GeForce Experience SelfUpdate_{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8} => C:\Program Files\NVIDIA Corporation\NVIDIA GeForce Experience\NVIDIA GeForce Experience.exe [3345448 2023-11-02] (NVIDIA Corporation -> NVIDIA Corporation)
Task: {03F4E411-B084-4494-B0A8-A3A41917110D} - System32\Tasks\NvNodeLauncher_{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8} => C:\Program Files (x86)\NVIDIA Corporation\NvNode\nvnodejslauncher.exe [649256 2023-11-02] (NVIDIA Corporation -> NVIDIA Corporation) -> C:\Program Files (x86)\NVIDIA Corporation\NvNode\--launcher=TaskScheduler
Task: {91BA0E52-6B58-4C1A-8031-44ACE5CA6AD9} - System32\Tasks\NvProfileUpdaterDaily_{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8} => C:\Program Files\NVIDIA Corporation\Update Core\NvProfileUpdater64.exe [910888 2023-11-02] (NVIDIA Corporation -> NVIDIA Corporation)
Task: {2F69E5F6-22E8-466A-AE63-B06ED5AAB17B} - System32\Tasks\NvProfileUpdaterOnLogon_{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8} => C:\Program Files\NVIDIA Corporation\Update Core\NvProfileUpdater64.exe [910888 2023-11-02] (NVIDIA Corporation -> NVIDIA Corporation)
Task: {D8B8B94C-E059-4B26-BCE0-8C6A7ECFB245} - System32\Tasks\NvTmRep_CrashReport1_{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8} => C:\Program Files\NVIDIA Corporation\NvBackend\NvTmRep.exe [1665064 2023-11-02] (NVIDIA Corporation -> NVIDIA Corporation)
Task: {04417C82-AEB0-49FB-9CA1-E9DD3839DDAA} - System32\Tasks\NvTmRep_CrashReport2_{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8} => C:\Program Files\NVIDIA Corporation\NvBackend\NvTmRep.exe [1665064 2023-11-02] (NVIDIA Corporation -> NVIDIA Corporation)
Task: {BB336857-72A4-4BC7-855D-C26FF16E0F21} - System32\Tasks\NvTmRep_CrashReport3_{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8} => C:\Program Files\NVIDIA Corporation\NvBackend\NvTmRep.exe [1665064 2023-11-02] (NVIDIA Corporation -> NVIDIA Corporation)
Task: {F92BCC29-8EA7-4146-8E85-EE15F428560F} - System32\Tasks\NvTmRep_CrashReport4_{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8} => C:\Program Files\NVIDIA Corporation\NvBackend\NvTmRep.exe [1665064 2023-11-02] (NVIDIA Corporation -> NVIDIA Corporation)
Task: {86D74176-E9A1-4792-9DF9-65DF22201D67} - System32\Tasks\OneDrive Per-Machine Standalone Update Task => C:\Program Files\Microsoft OneDrive\OneDriveStandaloneUpdater.exe [4206096 2024-03-26] (Microsoft Corporation -> Microsoft Corporation)
Task: {26998442-F9D7-4310-81AB-DA99388D4B84} - System32\Tasks\OneDrive Reporting Task-S-1-5-21-2785552240-912787919-3056475977-1001 => C:\Program Files\Microsoft OneDrive\OneDriveStandaloneUpdater.exe [4206096 2024-03-26] (Microsoft Corporation -> Microsoft Corporation)

(If an entry is included in the fixlist, the task (.job) file will be moved. The file which is running by the task will not be moved.)

Task: C:\Windows\Tasks\CCleanerCrashReporting.job => C:\Program Files\CCleaner\CCleanerBugReport.exe

==================== Internet (Whitelisted) ====================

(If an item is included in the fixlist, if it is a registry item it will be removed or restored to default.)

Tcpip\Parameters: [DhcpNameServer] 192.168.1.1
Tcpip\..\Interfaces\{35a168d9-1984-429c-9a8a-e56395f3eb51}: [DhcpNameServer] 192.168.1.1
Tcpip\..\Interfaces\{de550de4-89a9-46b5-bdc1-069d2be646cf}: [DhcpNameServer] 192.168.1.1

Edge:
=======
Edge DefaultProfile: Default
Edge Profile: C:\Users\petrs\AppData\Local\Microsoft\Edge\User Data\Default [2024-03-27]
Edge HomePage: Default -> hxxp://www.seznam.cz/
Edge StartupUrls: Default -> "hxxp://www.seznam.cz/"
Edge Extension: (Dokumenty Google offline) - C:\Users\petrs\AppData\Local\Microsoft\Edge\User Data\Default\Extensions\ghbmnnjooekpmoecnnnilnnbdlolhkhi [2024-03-08]
Edge Extension: (Popup Blocker (strict)) - C:\Users\petrs\AppData\Local\Microsoft\Edge\User Data\Default\Extensions\ijhfkkgjgpcplfeajghagkcebakjcpge [2024-03-10]
Edge Extension: (Sticky Password - správce hesel) - C:\Users\petrs\AppData\Local\Microsoft\Edge\User Data\Default\Extensions\jbipmfkjgjhibkepepeneigpkfeikikp [2024-02-28]
Edge Extension: (Edge relevant text changes) - C:\Users\petrs\AppData\Local\Microsoft\Edge\User Data\Default\Extensions\jmjflgjpcpepeafmmgdpfkogkghcpiha [2024-01-24]
Edge Extension: (ESET Browser Privacy & Security) - C:\Users\petrs\AppData\Local\Microsoft\Edge\User Data\Default\Extensions\nkapkmklnmidbbgjaipbgpcnbomnaakc [2024-03-27]
Edge Extension: (Hlídač Shopů) - C:\Users\petrs\AppData\Local\Microsoft\Edge\User Data\Default\Extensions\plmlonggbfebcjelncogcnclagkmkikk [2023-11-17]
Edge HKLM-x32\...\Edge\Extension: [nkapkmklnmidbbgjaipbgpcnbomnaakc]

FireFox:
========
FF DefaultProfile: gdl9l20v.default
FF ProfilePath: C:\Users\petrs\AppData\Roaming\Mozilla\Firefox\Profiles\gdl9l20v.default [2023-05-04]
FF ProfilePath: C:\Users\petrs\AppData\Roaming\Mozilla\Firefox\Profiles\7wzm0yq2.default-release [2024-03-27]
FF Extension: (Sticky Password - správce hesel) - C:\Users\petrs\AppData\Roaming\Mozilla\Firefox\Profiles\7wzm0yq2.default-release\Extensions\{ecb80162-dfbd-4d91-a8da-17b35ba4707a}.xpi [2023-05-04]
FF Plugin: @java.com/DTPlugin,version=11.371.2 -> C:\Program Files\Java\jre-1.8\bin\dtplugin\npDeployJava1.dll [2023-03-17] (Oracle America, Inc. -> Oracle Corporation)
FF Plugin: @java.com/JavaPlugin,version=11.371.2 -> C:\Program Files\Java\jre-1.8\bin\plugin2\npjp2.dll [2023-03-17] (Oracle America, Inc. -> Oracle Corporation)
FF Plugin: @microsoft.com/SharePoint,version=14.0 -> C:\Program Files\Microsoft Office\root\Office16\NPSPWRAP.DLL [2024-01-31] (Microsoft Corporation -> Microsoft Corporation)
FF Plugin: @videolan.org/vlc,version=3.0.18 -> C:\Program Files\VideoLAN\VLC\npvlc.dll [2022-11-08] (VideoLAN -> VideoLAN)
FF Plugin: Adobe Acrobat -> C:\Program Files\Adobe\Acrobat DC\Acrobat\Air\nppdf32.dll [2024-03-18] (Adobe Inc. -> Adobe Systems Inc.)
FF Plugin-x32: @microsoft.com/SharePoint,version=14.0 -> C:\Program Files\Microsoft Office\root\VFS\ProgramFilesX86\Microsoft Office\Office16\NPSPWRAP.DLL [2024-01-31] (Microsoft Corporation -> Microsoft Corporation)
FF ExtraCheck: C:\Program Files\mozilla firefox\defaults\pref\eset_security_config_overlay.js [2024-03-27]

==================== Services (Whitelisted) ===================

(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)

R2 AdobeARMservice; C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\armsvc.exe [172992 2024-01-31] (Adobe Inc. -> Adobe Inc.)
R2 ClickToRunSvc; C:\Program Files\Common Files\Microsoft Shared\ClickToRun\OfficeClickToRun.exe [14097992 2024-03-07] (Microsoft Corporation -> Microsoft Corporation)
R3 Disc Soft Lite Bus Service; C:\Program Files\DAEMON Tools Lite\DiscSoftBusServiceLite.exe [4973904 2023-10-11] (AVB Disc Soft, SIA -> Disc Soft FZE LLC)
S3 EasyAntiCheat; C:\Program Files (x86)\EasyAntiCheat\EasyAntiCheat.exe [1136552 2023-08-22] (EasyAntiCheat Oy -> Epic Games, Inc)
S3 EasyAntiCheat_EOS; C:\Program Files (x86)\EasyAntiCheat_EOS\EasyAntiCheat_EOS.exe [943528 2023-11-26] (EasyAntiCheat Oy -> Epic Games, Inc.)
R2 efwd; C:\Program Files\ESET\ESET Security\efwd.exe [5584248 2024-03-25] (ESET, spol. s r.o. -> ESET)
R2 ekrn; C:\Program Files\ESET\ESET Security\ekrn.exe [3903416 2024-03-25] (ESET, spol. s r.o. -> ESET)
R3 ekrnEpfw; C:\Program Files\ESET\ESET Security\ekrn.exe [3903416 2024-03-25] (ESET, spol. s r.o. -> ESET)
S3 EpicOnlineServices; C:\Program Files (x86)\Epic Games\Epic Online Services\service\EpicOnlineServicesHost.exe [375248 2023-12-26] (Epic Games Inc. -> Epic Games, Inc.)
S3 FileSyncHelper; C:\Program Files\Microsoft OneDrive\24.050.0310.0001\FileSyncHelper.exe [3511312 2024-03-26] (Microsoft Corporation -> Microsoft Corporation)
S3 GalaxyClientService; E:\Hry\GOG Galaxy\GalaxyClientService.exe [2348000 2023-04-13] (GOG sp. z o.o -> GOG.com)
S3 GalaxyCommunication; C:\ProgramData\GOG.com\Galaxy\redists\GalaxyCommunication.exe [7178720 2023-04-13] (GOG sp. z o.o -> GOG.com)
R2 HPPrintScanDoctorService; C:\Program Files\HPPrintScanDoctor\HPPrintScanDoctorService.exe [234968 2024-03-08] (HP Inc. -> HP Inc.)
R2 NahimicService; C:\Windows\system32\NahimicService.exe [1909416 2024-01-01] (A-Volute SAS -> Nahimic)
S3 OneDrive Updater Service; C:\Program Files\Microsoft OneDrive\24.050.0310.0001\OneDriveUpdaterService.exe [3851296 2024-03-26] (Microsoft Corporation -> Microsoft Corporation)
R2 OptionsPlusUpdaterService; C:\Program Files\LogiOptionsPlus\logioptionsplus_updater.exe [18545408 2024-03-06] (Logitech Inc -> Logitech, Inc.)
S3 WdNisSvc; C:\ProgramData\Microsoft\Windows Defender\Platform\4.18.24020.7-0\NisSrv.exe [3191272 2024-03-12] (Microsoft Windows Publisher -> Microsoft Corporation)
S3 WinDefend; C:\ProgramData\Microsoft\Windows Defender\Platform\4.18.24020.7-0\MsMpEng.exe [133688 2024-03-12] (Microsoft Windows Publisher -> Microsoft Corporation)
R2 NVDisplay.ContainerLocalSystem; C:\Windows\System32\DriverStore\FileRepository\nvmdi.inf_amd64_04ffae6d80cb7adc\Display.NvContainer\NVDisplay.Container.exe -s NVDisplay.ContainerLocalSystem -f %ProgramData%\NVIDIA\NVDisplay.ContainerLocalSystem.log -l 3 -d C:\Windows\System32\DriverStore\FileRepository\nvmdi.inf_amd64_04ffae6d80cb7adc\Display.NvContainer\plugins\LocalSystem -r -p 30000 -cfg NVDisplay.ContainerLocalSystem\LocalSystem

===================== Drivers (Whitelisted) ===================

(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)

S3 dg_ssudbus; C:\Windows\system32\DRIVERS\ssudbus2.sys [167440 2022-09-30] (Samsung Electronics CO., LTD. -> Samsung Electronics Co., Ltd.)
R3 dtlitescsibus; C:\Windows\System32\drivers\dtlitescsibus.sys [42256 2023-10-11] (AVB Disc Soft, SIA -> Disc Soft Ltd)
R3 dtliteusbbus; C:\Windows\System32\drivers\dtliteusbbus.sys [63696 2023-10-11] (AVB Disc Soft, SIA -> Disc Soft Ltd)
R1 eamonm; C:\Windows\System32\DRIVERS\eamonm.sys [218432 2024-03-25] (ESET, spol. s r.o. -> ESET)
R0 edevmon; C:\Windows\System32\DRIVERS\edevmon.sys [121304 2024-03-25] (ESET, spol. s r.o. -> ESET)
S0 eelam; C:\Windows\System32\DRIVERS\eelam.sys [16336 2024-03-21] (Microsoft Windows Early Launch Anti-malware Publisher -> ESET)
R1 ehdrv; C:\Windows\system32\DRIVERS\ehdrv.sys [259752 2024-03-25] (ESET, spol. s r.o. -> ESET)
S2 ekbdflt; C:\Windows\system32\DRIVERS\ekbdflt.sys [57832 2024-03-25] (ESET, spol. s r.o. -> ESET)
R1 epfw; C:\Windows\system32\DRIVERS\epfw.sys [84120 2024-03-25] (ESET, spol. s r.o. -> ESET)
R1 epfwwfp; C:\Windows\system32\DRIVERS\epfwwfp.sys [125952 2024-03-25] (ESET, spol. s r.o. -> ESET)
R3 Nahimic_Mirroring; C:\Windows\System32\drivers\Nahimic_Mirroring.sys [86224 2022-08-19] (A-Volute SAS -> Windows (R) Win 7 DDK provider)
R3 NvModuleTracker; C:\Windows\System32\DriverStore\FileRepository\nvmoduletracker.inf_amd64_0c1cc60a4b422185\NvModuleTracker.sys [45656 2022-07-14] (Nvidia Corporation -> NVIDIA Corporation)
S3 ssudmdm; C:\Windows\system32\DRIVERS\ssudmdm.sys [174112 2022-09-30] (Samsung Electronics CO., LTD. -> Samsung Electronics Co., Ltd.)
R3 WdBoot; C:\Windows\system32\drivers\wd\WdBoot.sys [20928 2024-03-12] (Microsoft Windows Early Launch Anti-malware Publisher -> Microsoft Corporation)
U5 WdDevFlt; C:\Windows\System32\Drivers\WdDevFlt.sys [169232 2022-05-07] (Microsoft Windows -> Microsoft Corporation)
S3 WdFilter; C:\Windows\system32\drivers\wd\WdFilter.sys [603416 2024-03-12] (Microsoft Windows -> Microsoft Corporation)
S3 WdNisDrv; C:\Windows\System32\drivers\wd\WdNisDrv.sys [105752 2024-03-12] (Microsoft Windows -> Microsoft Corporation)

==================== NetSvcs (Whitelisted) ===================

(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)


==================== One month (created) (Whitelisted) =========

(If an entry is included in the fixlist, the file/folder will be moved.)

2024-03-27 15:44 - 2024-03-27 15:44 - 000023935 _____ C:\Users\petrs\Desktop\FRST.txt
2024-03-27 15:43 - 2024-03-27 15:44 - 000000000 ____D C:\FRST
2024-03-27 15:42 - 2024-03-27 15:43 - 002391552 _____ (Farbar) C:\Users\petrs\Desktop\FRST64.exe
2024-03-27 15:09 - 2024-03-27 15:09 - 000002016 _____ C:\Users\Public\Desktop\ESET Zabezpečené bankovnictví a prohlížení webu.lnk
2024-03-27 15:07 - 2024-03-27 15:07 - 000000000 ____D C:\Users\petrs\AppData\Local\ESET
2024-03-27 15:06 - 2024-03-27 15:06 - 000000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\ESET
2024-03-27 15:06 - 2024-03-27 15:06 - 000000000 ____D C:\ProgramData\ESET
2024-03-27 15:06 - 2024-03-27 15:06 - 000000000 ____D C:\Program Files\ESET
2024-03-27 11:01 - 2024-03-27 11:01 - 000000000 ___HD C:\OneDriveTemp
2024-03-25 19:28 - 2024-03-25 19:30 - 1455116713 _____ C:\Users\petrs\Downloads\[Erai-raws] Ore dake Level Up na Ken - 11 [1080p][Multiple Subtitle][9A1B5F9A].mkv
2024-03-25 19:28 - 2024-03-25 19:29 - 1443718225 _____ C:\Users\petrs\Downloads\[SubsPlease] Nozomanu Fushi no Boukensha - 12 (1080p) [8E8A3480].mkv
2024-03-25 19:28 - 2024-03-25 19:28 - 000031910 _____ C:\Users\petrs\Downloads\[SubsPlease] Nozomanu Fushi no Boukensha - 12 (720p) [732D5AD4].ass
2024-03-25 19:27 - 2024-03-25 19:27 - 000022908 _____ C:\Users\petrs\Downloads\[Erai-raws] Ore dake Level Up na Ken - 11 [720p][Multiple Subtitle][5BF36326].ass
2024-03-25 18:17 - 2024-03-25 18:17 - 000725758 _____ C:\Windows\system32\perfh005.dat
2024-03-25 18:17 - 2024-03-25 18:17 - 000151026 _____ C:\Windows\system32\perfc005.dat
2024-03-25 13:27 - 2024-03-25 13:27 - 000259752 _____ (ESET) C:\Windows\system32\Drivers\ehdrv.sys
2024-03-25 13:27 - 2024-03-25 13:27 - 000218432 _____ (ESET) C:\Windows\system32\Drivers\eamonm.sys
2024-03-25 13:27 - 2024-03-25 13:27 - 000125952 _____ (ESET) C:\Windows\system32\Drivers\epfwwfp.sys
2024-03-25 13:27 - 2024-03-25 13:27 - 000121304 _____ (ESET) C:\Windows\system32\Drivers\edevmon.sys
2024-03-25 13:27 - 2024-03-25 13:27 - 000084120 _____ (ESET) C:\Windows\system32\Drivers\epfw.sys
2024-03-25 13:27 - 2024-03-25 13:27 - 000057832 _____ (ESET) C:\Windows\system32\Drivers\ekbdflt.sys
2024-03-17 23:25 - 2024-03-17 23:29 - 1634514431 _____ C:\Users\petrs\Downloads\[SubsPlease] Shangri-La Frontier - 19 (1080p) [7F0307E9].mkv
2024-03-17 23:25 - 2024-03-17 23:29 - 1543821013 _____ C:\Users\petrs\Downloads\[SubsPlease] Shangri-La Frontier - 22 (1080p) [841BED2C].mkv
2024-03-17 23:25 - 2024-03-17 23:29 - 1537764566 _____ C:\Users\petrs\Downloads\[SubsPlease] Shangri-La Frontier - 20 (1080p) [AF8AE360].mkv
2024-03-17 23:25 - 2024-03-17 23:27 - 1441065815 _____ C:\Users\petrs\Downloads\[SubsPlease] Shangri-La Frontier - 23 (1080p) [ECD81383].mkv
2024-03-17 23:25 - 2024-03-17 23:27 - 1439089554 _____ C:\Users\petrs\Downloads\[SubsPlease] Shangri-La Frontier - 21 (1080p) [4EA64D0E].mkv
2024-03-17 23:25 - 2024-03-17 23:25 - 000041949 _____ C:\Users\petrs\Downloads\[subsplease] Shangri-La Frontier_ Kusoge Hunter, Kamige ni Idoman to su - 21 [BRZK].ass
2024-03-17 23:25 - 2024-03-17 23:25 - 000038818 _____ C:\Users\petrs\Downloads\[subsplease] Shangri-La Frontier_ Kusoge Hunter, Kamige ni Idoman to su - 20 [BRZK].ass
2024-03-17 23:25 - 2024-03-17 23:25 - 000038361 _____ C:\Users\petrs\Downloads\[Subsplease] Shangri-La Frontier_ Kusoge Hunter, Kamige ni Idoman to su - 22 [BRZK].ass
2024-03-17 23:24 - 2024-03-17 23:24 - 000043781 _____ C:\Users\petrs\Downloads\[subsplease] Shangri-La Frontier_ Kusoge Hunter, Kamige ni Idoman to su - 19 [BRZK].ass
2024-03-17 12:19 - 2024-03-17 12:21 - 1472280553 _____ C:\Users\petrs\Downloads\[Erai-raws] Ore dake Level Up na Ken - 10 [1080p][Multiple Subtitle][A9FB951C].mkv
2024-03-17 12:19 - 2024-03-17 12:21 - 1446510149 _____ C:\Users\petrs\Downloads\[SubsPlease] Nozomanu Fushi no Boukensha - 11 (1080p) [5EB1F3AB].mkv
2024-03-17 12:19 - 2024-03-17 12:19 - 000032894 _____ C:\Users\petrs\Downloads\[Erai-raws] Ore dake Level Up na Ken - 10 [720p][Multiple Subtitle][C628981E].ass
2024-03-17 12:18 - 2024-03-17 12:18 - 000032480 _____ C:\Users\petrs\Downloads\[SubsPlease] Nozomanu Fushi no Boukensha - 11 (720p) [9DC5A493].ass
2024-03-13 10:18 - 2024-03-13 10:18 - 000020023 _____ C:\Windows\SysWOW64\IntegratedServicesRegionPolicySet.json
2024-03-13 10:18 - 2024-03-13 10:18 - 000020023 _____ C:\Windows\system32\IntegratedServicesRegionPolicySet.json
2024-03-13 10:15 - 2024-03-13 10:16 - 000000000 ___HD C:\$WinREAgent
2024-03-10 08:54 - 2024-03-10 08:56 - 1473031609 _____ C:\Users\petrs\Downloads\[Erai-raws] Ore dake Level Up na Ken - 09 [1080p][Multiple Subtitle][2948F80F].mkv
2024-03-10 08:54 - 2024-03-10 08:54 - 000034556 _____ C:\Users\petrs\Downloads\[Erai-raws] Ore dake Level Up na Ken - 09 [720p][Multiple Subtitle][1B63B228].ass
2024-03-09 14:36 - 2024-03-09 14:38 - 1446313464 _____ C:\Users\petrs\Downloads\[SubsPlease] Nozomanu Fushi no Boukensha - 10v2 (1080p) [E2851279].mkv
2024-03-09 14:36 - 2024-03-09 14:36 - 000034901 _____ C:\Users\petrs\Downloads\[SubsPlease] Nozomanu Fushi no Boukensha - 10v2 (720p) [1A67B818].ass
2024-03-07 13:02 - 2024-03-07 13:02 - 001059500 _____ C:\Users\petrs\Downloads\Faktura_objednávka ES01651_dobropis.pdf
2024-03-07 12:39 - 2024-03-07 12:42 - 000239316 _____ C:\Users\petrs\Downloads\Formulář pro odstoupení od kupní smlouvy.pdf
2024-03-07 09:30 - 2024-03-07 09:30 - 000000000 ____D C:\Program Files\Common Files\DESIGNER
2024-03-07 09:23 - 2024-03-07 09:23 - 000000859 _____ C:\Users\Public\Desktop\Logi Options+.lnk
2024-03-07 09:23 - 2024-03-07 09:23 - 000000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Logi
2024-03-07 09:23 - 2024-03-07 09:23 - 000000000 ____D C:\Program Files\LogiOptionsPlus
2024-03-03 10:09 - 2024-03-03 10:11 - 1473157029 _____ C:\Users\petrs\Downloads\[Erai-raws] Ore dake Level Up na Ken - 08 [1080p][Multiple Subtitle][58CC8C8A].mkv
2024-03-03 10:09 - 2024-03-03 10:09 - 000031871 _____ C:\Users\petrs\Downloads\[Erai-raws] Ore dake Level Up na Ken - 08 [720p][Multiple Subtitle][C7393F9D].ass
2024-03-02 17:32 - 2024-03-02 17:34 - 001221812 ____H C:\Users\petrs\Downloads\.52ea00a70119d22fae99c0401353f27ed9fcf95b.parts
2024-03-02 17:32 - 2024-03-02 17:32 - 000000000 ____D C:\Users\petrs\Downloads\Hello World and Another World (2019) [1080p]
2024-03-02 17:29 - 2024-03-02 17:30 - 1445409432 _____ C:\Users\petrs\Downloads\[SubsPlease] Nozomanu Fushi no Boukensha - 09 (1080p) [8579C6AE].mkv
2024-03-02 17:29 - 2024-03-02 17:29 - 000086728 _____ C:\Users\petrs\Downloads\[EMBER _ AnimeKayo] Hello World - 01 [WOSUBS].ass
2024-03-02 17:28 - 2024-03-02 17:28 - 000034164 _____ C:\Users\petrs\Downloads\[SubsPlease] Nozomanu Fushi no Boukensha - 09 (720p) [97AD02E8].ass

==================== One month (modified) ==================

(If an entry is included in the fixlist, the file/folder will be moved.)

2024-03-27 15:33 - 2022-05-07 06:24 - 000000000 ____D C:\Windows\AppReadiness
2024-03-27 15:10 - 2023-04-14 20:06 - 000000000 ____D C:\Users\petrs\AppData\Local\Packages
2024-03-27 15:10 - 2023-04-14 19:25 - 000000000 ____D C:\ProgramData\Packages
2024-03-27 15:10 - 2022-05-07 06:24 - 000000000 ___HD C:\Program Files\WindowsApps
2024-03-27 15:08 - 2022-05-07 06:24 - 000000000 ____D C:\ProgramData\regid.1991-06.com.microsoft
2024-03-27 15:07 - 2023-04-14 20:06 - 000000000 ____D C:\Users\petrs\AppData\Local\D3DSCache
2024-03-27 15:07 - 2022-05-07 06:24 - 000000000 ____D C:\Windows\SystemTemp
2024-03-27 15:07 - 2022-05-07 06:22 - 000000000 ____D C:\Windows\INF
2024-03-27 15:06 - 2022-05-07 06:24 - 000000000 ___HD C:\Windows\ELAMBKUP
2024-03-27 15:05 - 2023-10-21 19:18 - 000000000 ____D C:\Windows\Minidump
2024-03-27 15:05 - 2023-07-10 20:28 - 000000000 ____D C:\Users\petrs\AppData\Roaming\discord
2024-03-27 15:04 - 2023-10-19 19:56 - 000000000 ____D C:\Program Files\CCleaner
2024-03-27 14:55 - 2023-04-22 08:54 - 000000000 ____D C:\Users\petrs\Documents\Sticky Passwords
2024-03-27 13:21 - 2023-04-22 08:29 - 000000000 ____D C:\Users\petrs\AppData\Local\LogiOptionsPlus
2024-03-27 12:26 - 2023-04-14 19:29 - 000000000 ____D C:\ProgramData\NVIDIA
2024-03-27 12:26 - 2023-04-14 19:23 - 000000000 ____D C:\Windows\system32\SleepStudy
2024-03-27 11:01 - 2023-04-14 20:08 - 000000000 ___RD C:\Users\petrs\OneDrive
2024-03-26 08:16 - 2023-04-27 20:05 - 000000000 ____D C:\Users\petrs\AppData\Roaming\vlc
2024-03-26 08:15 - 2023-04-23 10:06 - 000000000 ____D C:\Program Files\Microsoft OneDrive
2024-03-26 08:15 - 2023-04-22 09:31 - 000003194 _____ C:\Windows\system32\Tasks\OneDrive Per-Machine Standalone Update Task
2024-03-26 08:15 - 2023-04-22 09:31 - 000002130 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Programs\OneDrive.lnk
2024-03-26 08:15 - 2023-04-14 20:08 - 000003592 _____ C:\Windows\system32\Tasks\OneDrive Reporting Task-S-1-5-21-2785552240-912787919-3056475977-1001
2024-03-25 22:16 - 2023-04-27 19:43 - 000000000 ____D C:\Users\petrs\AppData\Roaming\qBittorrent
2024-03-25 21:18 - 2023-04-14 19:24 - 000003640 _____ C:\Windows\system32\Tasks\MicrosoftEdgeUpdateTaskMachineUA
2024-03-25 21:18 - 2023-04-14 19:24 - 000003516 _____ C:\Windows\system32\Tasks\MicrosoftEdgeUpdateTaskMachineCore
2024-03-25 21:17 - 2023-04-22 09:35 - 000000000 ____D C:\Users\petrs\AppData\Roaming\Microsoft\Word
2024-03-25 20:44 - 2023-10-25 15:13 - 000000000 ____D C:\Users\petrs\AppData\Roaming\Microsoft\Excel
2024-03-25 18:17 - 2023-04-14 19:38 - 001718036 _____ C:\Windows\system32\PerfStringBackup.INI
2024-03-25 18:10 - 2023-04-14 19:25 - 000001607 _____ C:\Windows\system32\config\VSMIDK
2024-03-25 18:10 - 2023-04-14 19:23 - 000012288 ___SH C:\DumpStack.log.tmp
2024-03-25 18:10 - 2023-04-14 19:23 - 000000006 ____H C:\Windows\Tasks\SA.DAT
2024-03-25 18:10 - 2022-05-07 06:24 - 000000000 ____D C:\Windows\ServiceState
2024-03-21 12:45 - 2023-07-10 20:28 - 000000000 ____D C:\Users\petrs\AppData\Local\Discord
2024-03-20 20:24 - 2023-06-24 20:00 - 000004562 _____ C:\Windows\system32\Tasks\Adobe Acrobat Update Task
2024-03-20 20:24 - 2023-06-24 19:59 - 000002073 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Adobe Acrobat.lnk
2024-03-20 20:24 - 2023-06-24 19:59 - 000002061 _____ C:\Users\Public\Desktop\Adobe Acrobat.lnk
2024-03-19 19:28 - 2023-07-10 20:28 - 000002227 _____ C:\Users\petrs\Desktop\Discord.lnk
2024-03-19 14:34 - 2023-04-22 09:28 - 000000000 ____D C:\Program Files\Microsoft Office
2024-03-18 01:09 - 2023-04-14 20:01 - 000000000 ____D C:\Users\petrs
2024-03-17 19:15 - 2023-06-24 20:15 - 000000000 ____D C:\Users\petrs\AppData\Roaming\com.adobe.dunamis
2024-03-17 11:23 - 2024-02-16 15:23 - 000263680 _____ (Microsoft Corporation) C:\Windows\system32\gamingservicesproxy_4.dll
2024-03-17 11:23 - 2023-05-06 20:20 - 002709096 _____ (Microsoft Corporation) C:\Windows\system32\xgameruntime.dll
2024-03-17 11:23 - 2023-05-06 20:20 - 000706152 _____ (Microsoft Corporation) C:\Windows\system32\gameplatformservices.dll
2024-03-17 11:23 - 2023-05-06 20:20 - 000218728 _____ (Microsoft Corporation) C:\Windows\system32\gameconfighelper.dll
2024-03-17 11:23 - 2023-05-06 20:20 - 000206440 _____ (Microsoft Corporation) C:\Windows\system32\gamelaunchhelper.dll
2024-03-17 11:23 - 2023-05-06 20:20 - 000145000 _____ (Microsoft Corporation) C:\Windows\system32\gamingtcuihelpers.dll
2024-03-17 11:23 - 2023-05-06 20:20 - 000108136 _____ (Microsoft Corporation) C:\Windows\system32\xgamehelper.exe
2024-03-17 11:23 - 2023-05-06 20:20 - 000075368 _____ (Microsoft Corporation) C:\Windows\system32\xgamecontrol.exe
2024-03-17 11:21 - 2023-04-14 19:24 - 000002436 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Microsoft Edge.lnk
2024-03-17 11:21 - 2023-04-14 19:24 - 000002274 _____ C:\Users\Public\Desktop\Microsoft Edge.lnk
2024-03-13 14:48 - 2022-05-07 06:24 - 000000000 ____D C:\ProgramData\USOPrivate
2024-03-13 14:33 - 2023-04-14 19:23 - 000350632 _____ C:\Windows\system32\FNTCACHE.DAT
2024-03-13 14:32 - 2024-02-01 16:15 - 000000000 ____D C:\Windows\en-GB
2024-03-13 14:32 - 2023-10-11 20:58 - 000000000 ____D C:\Windows\system32\Microsoft-Edge-WebView
2024-03-13 14:32 - 2022-05-07 06:24 - 000000000 ___RD C:\Windows\ImmersiveControlPanel
2024-03-13 14:32 - 2022-05-07 06:24 - 000000000 ____D C:\Windows\SysWOW64\Dism
2024-03-13 14:32 - 2022-05-07 06:24 - 000000000 ____D C:\Windows\SystemResources
2024-03-13 14:32 - 2022-05-07 06:24 - 000000000 ____D C:\Windows\system32\oobe
2024-03-13 14:32 - 2022-05-07 06:24 - 000000000 ____D C:\Windows\system32\appraiser
2024-03-13 14:32 - 2022-05-07 06:24 - 000000000 ____D C:\Windows\ShellExperiences
2024-03-13 14:32 - 2022-05-07 06:24 - 000000000 ____D C:\Windows\ShellComponents
2024-03-13 14:32 - 2022-05-07 06:24 - 000000000 ____D C:\Windows\bcastdvr
2024-03-13 14:32 - 2022-05-07 06:17 - 000524288 _____ C:\Windows\system32\config\BBI
2024-03-13 14:32 - 2022-05-07 06:17 - 000000000 ____D C:\Windows\servicing
2024-03-13 11:22 - 2023-05-10 15:32 - 000000000 ____D C:\Windows\system32\MRT
2024-03-13 11:21 - 2023-04-22 11:07 - 190470136 ____C (Microsoft Corporation) C:\Windows\system32\MRT.exe
2024-03-13 10:20 - 2022-05-07 06:17 - 000000000 ____D C:\Windows\CbsTemp
2024-03-13 10:18 - 2023-04-14 19:25 - 003213824 _____ (Microsoft Corporation) C:\Windows\SysWOW64\PrintConfig.dll
2024-03-12 23:46 - 2023-04-14 19:23 - 000000000 ____D C:\Windows\system32\Drivers\wd
2024-03-08 13:36 - 2023-04-24 13:08 - 000000000 ____D C:\Windows\system32\Tasks\HP
2024-03-08 13:36 - 2023-04-24 13:08 - 000000000 ____D C:\Program Files\HPPrintScanDoctor

==================== SigCheck ============================

(There is no automatic fix for files that do not pass verification.)

==================== End of FRST.txt ========================


Additional scan result of Farbar Recovery Scan Tool (x64) Version: 25.03.2024
Ran by petrs (27-03-2024 15:45:29)
Running from C:\Users\petrs\Desktop
Microsoft Windows 11 Home Version 23H2 22631.3296 (X64) (2023-04-14 18:25:38)
Boot Mode: Normal
==========================================================


==================== Accounts: =============================


(If an entry is included in the fixlist, it will be removed.)

Administrator (S-1-5-21-2785552240-912787919-3056475977-500 - Administrator - Disabled)
DefaultAccount (S-1-5-21-2785552240-912787919-3056475977-503 - Limited - Disabled)
Guest (S-1-5-21-2785552240-912787919-3056475977-501 - Limited - Disabled)
petrs (S-1-5-21-2785552240-912787919-3056475977-1001 - Administrator - Enabled) => C:\Users\petrs
WDAGUtilityAccount (S-1-5-21-2785552240-912787919-3056475977-504 - Limited - Disabled)

==================== Security Center ========================

(If an entry is included in the fixlist, it will be removed.)

AV: Windows Defender (Disabled - Up to date) {D68DDC3A-831F-4fae-9E44-DA132C1ACF46}
AV: ESET Security (Enabled - Up to date) {26E0861C-6FB9-CEF9-E4F0-531986211ACE}
FW: ESET Firewall (Enabled) {1EDB0739-25D6-CFA1-CFAF-FA2C78F25DB5}

==================== Installed Programs ======================

(Only the adware programs with "Hidden" flag could be added to the fixlist to unhide them. The adware programs should be uninstalled manually.)

Adobe Acrobat (64-bit) (HKLM\...\{AC76BA86-1029-1033-7760-BC15014EA700}) (Version: 24.001.20615 - Adobe)
Adobe Refresh Manager (HKLM-x32\...\{AC76BA86-0804-1033-1959-018244601067}) (Version: 1.8.0 - Adobe Systems Incorporated) Hidden
Aegisub 3.2.2 (HKLM\...\{24BC8B57-716C-444F-B46B-A3349B9164C5}_is1) (Version: 3.2.2 - Aegisub Team)
AMD GPIO2 Driver (HKLM-x32\...\{E9DD399F-21A3-479E-A7DF-D6CF4B2ADBF3}) (Version: 2.2.0.130 - Advanced Micro Devices, Inc.) Hidden
AMD Chipset Software (HKLM-x32\...\AMD_Chipset_IODrivers) (Version: 5.01.29.2026 - Advanced Micro Devices, Inc.)
AMD PCI Driver (HKLM-x32\...\{80EC3CEE-2940-42A1-A776-B5D810D39F1E}) (Version: 1.0.0.90 - Advanced Micro Devices, Inc.) Hidden
AMD Ryzen Balanced Driver (HKLM-x32\...\{A171D320-C42C-4F3B-A2D8-C6A09F6788CC}) (Version: 8.0.0.13 - Advanced Micro Devices, Inc.) Hidden
AMD SBxxx SMBus Driver (HKLM-x32\...\{AAE0E27D-C88A-49BA-8715-77ADCD4286A3}) (Version: 5.12.0.38 - Advanced Micro Devices, Inc.) Hidden
AMD_Chipset_Drivers (HKLM-x32\...\{8de7ed70-e784-45ea-951c-088ea579e49a}) (Version: 5.01.29.2026 - Advanced Micro Devices, Inc.) Hidden
ANT Drivers Installer x64 (HKLM\...\{2D6E4C69-7E20-4EF0-938E-9C4887D6C8BB}) (Version: 2.3.4 - Garmin Ltd or its subsidiaries) Hidden
Balíček ovladače systému Windows - Dynastream Innovations, Inc. ANT LibUSB Drivers (04/11/2012 1.2.40.201) (HKLM\...\F9D2A789F9CFF8CEC36B544F53877C80F1F73C46) (Version: 04/11/2012 1.2.40.201 - Dynastream Innovations, Inc.)
Balíček ovladače systému Windows - Garmin (grmnusb) GARMIN Devices (04/19/2012 2.3.1.0) (HKLM\...\98157A226B40B173301B0F53C8E98C47805D5152) (Version: 04/19/2012 2.3.1.0 - Garmin)
Balíček ovladače systému Windows - Silicon Labs Software (DSI_SiUSBXp_3_1) USB (02/06/2007 3.1) (HKLM\...\D1506E0025B5A3F9EB8270FE81C1EEDD9388B8A2) (Version: 02/06/2007 3.1 - Silicon Labs Software)
CCleaner (HKLM\...\CCleaner) (Version: 6.17 - Piriform)
DAEMON Tools Lite (HKLM\...\DAEMON Tools Lite) (Version: 11.2.0.2105 - Disc Soft Ltd)
Discord (HKU\S-1-5-21-2785552240-912787919-3056475977-1001\...\Discord) (Version: 1.0.9013 - Discord Inc.)
Documentation Manager (HKLM\...\{30EDBBE7-D455-4B19-B6EC-EF0F4934ABFE}) (Version: 22.180.0.4 - Intel Corporation) Hidden
Elevated Installer (HKLM-x32\...\{A154BCFF-4EEF-4136-AAD0-98FB2FC765B5}) (Version: 7.18.1.0 - Garmin Ltd or its subsidiaries) Hidden
Epic Games Launcher (HKLM-x32\...\{C027033D-F5BC-4556-B302-84E6EC6BD4D4}) (Version: 1.3.67.0 - Epic Games, Inc.)
Epic Online Services (HKLM-x32\...\{4757C19B-4CE3-418C-91D2-E15E938091FB}) (Version: 2.0.39.0 - Epic Games, Inc.)
ESET Security (HKLM\...\{46FD9D9F-B21B-4A16-A0EE-29054278C714}) (Version: 17.1.9.0 - ESET, spol. s r.o.)
Fallout 4 v.1.10.163.0.1 (HKLM-x32\...\Fallout 4_is1) (Version: - )
Garmin Express (HKLM-x32\...\{0029982a-8785-49de-8510-2f4cc7385907}) (Version: 7.18.1.0 - Garmin Ltd or its subsidiaries)
Garmin Express (HKLM-x32\...\{E4FDC1CC-D41D-4ABE-B0A9-D63A375BD45B}) (Version: 7.18.1.0 - Garmin Ltd or its subsidiaries) Hidden
GOG GALAXY (HKLM-x32\...\{7258BA11-600C-430E-A759-27E2C691A335}_is1) (Version: 2.0.62.26 - GOG.com)
Intel(R) Network Connections 26.2.0.1 (HKLM\...\{AC44C09E-6D45-4F0F-8749-C3DF69A55FDE}) (Version: 26.2.0.1 - Intel) Hidden
Intel(R) Network Connections 26.2.0.1 (HKLM\...\PROSetDX) (Version: 26.2.0.1 - Intel)
Intel(R) Wireless Bluetooth(R) (HKLM-x32\...\{00000180-0220-1029-84C8-B8D95FA3C8C3}) (Version: 22.180.0.2 - Intel Corporation)
Intel® Software Installer (HKLM-x32\...\{6c1d0e1a-8811-4048-902c-f970d54b83f4}) (Version: 22.180.0.4 - Intel Corporation) Hidden
Java 8 Update 371 (64-bit) (HKLM\...\{71124AE4-039E-4CA4-87B4-2F64180371F0}) (Version: 8.0.3710.11 - Oracle Corporation)
Launcher Prerequisites (x64) (HKLM-x32\...\{43a03b9c-4770-409c-a999-587b60700b63}) (Version: 1.0.0.0 - Epic Games, Inc.) Hidden
Logi Options+ (HKLM\...\{850cdc16-85df-4052-b06e-4e3e9e83c5c6}) (Version: 1.66.531337 - Logitech)
Medieval Dynasty (HKLM-x32\...\1224667888_is1) (Version: 1.5.2.2 - GOG.com)
Metro Exodus - Sam's Story (HKLM-x32\...\1414471894_is1) (Version: 3.0.7.24 - GOG.com)
Metro Exodus - The Two Colonels (HKLM-x32\...\2063590233_is1) (Version: 3.0.7.24 - GOG.com)
Metro Exodus (HKLM-x32\...\1407287452_is1) (Version: 3.0.7.24 - GOG.com)
Microsoft Edge (HKLM-x32\...\Microsoft Edge) (Version: 122.0.2365.92 - Microsoft Corporation)
Microsoft Edge WebView2 Runtime (HKLM-x32\...\Microsoft EdgeWebView) (Version: 122.0.2365.92 - Microsoft Corporation)
Microsoft GameInput (HKLM-x32\...\{1F2B6AF3-C260-8666-5950-E3FEDBC851D6}) (Version: 10.1.22621.3036 - Microsoft Corporation)
Microsoft Office pro studenty a domácnosti 2021 - cs-cz (HKLM\...\HomeStudent2021Retail - cs-cz) (Version: 16.0.17328.20184 - Microsoft Corporation)
Microsoft OneDrive (HKLM\...\OneDriveSetup.exe) (Version: 24.050.0310.0001 - Microsoft Corporation)
Microsoft Update Health Tools (HKLM\...\{C6FD611E-7EFE-488C-A0E0-974C09EF6473}) (Version: 5.72.0.0 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.6161 (HKLM-x32\...\{9BE518E6-ECC6-35A9-88E4-87755C07200F}) (Version: 9.0.30729.6161 - Microsoft Corporation)
Microsoft Visual C++ 2010 x64 Redistributable - 10.0.40219 (HKLM\...\{1D8E6291-B0D5-35EC-8441-6616F567A0F7}) (Version: 10.0.40219 - Microsoft Corporation)
Microsoft Visual C++ 2010 x86 Redistributable - 10.0.40219 (HKLM-x32\...\{F0C3E5D1-1ADE-321E-8167-68EF0DE699A5}) (Version: 10.0.40219 - Microsoft Corporation)
Microsoft Visual C++ 2012 Redistributable (x64) - 11.0.61030 (HKLM-x32\...\{ca67548a-5ebe-413a-b50c-4b9ceb6d66c6}) (Version: 11.0.61030.0 - Microsoft Corporation)
Microsoft Visual C++ 2012 x64 Additional Runtime - 11.0.61030 (HKLM\...\{37B8F9C7-03FB-3253-8781-2517C99D7C00}) (Version: 11.0.61030 - Microsoft Corporation) Hidden
Microsoft Visual C++ 2012 x64 Minimum Runtime - 11.0.61030 (HKLM\...\{CF2BEA3C-26EA-32F8-AA9B-331F7E34BA97}) (Version: 11.0.61030 - Microsoft Corporation) Hidden
Microsoft Visual C++ 2013 Redistributable (x64) - 12.0.21005 (HKLM-x32\...\{7f51bdb9-ee21-49ee-94d6-90afc321780e}) (Version: 12.0.21005.1 - Microsoft Corporation)
Microsoft Visual C++ 2013 x64 Additional Runtime - 12.0.21005 (HKLM\...\{929FBD26-9020-399B-9A7A-751D61F0B942}) (Version: 12.0.21005 - Microsoft Corporation) Hidden
Microsoft Visual C++ 2013 x64 Minimum Runtime - 12.0.21005 (HKLM\...\{A749D8E6-B613-3BE3-8F5F-045C84EBA29B}) (Version: 12.0.21005 - Microsoft Corporation) Hidden
Microsoft Visual C++ 2015-2022 Redistributable (x64) - 14.36.32532 (HKLM-x32\...\{8bdfe669-9705-4184-9368-db9ce581e0e7}) (Version: 14.36.32532.0 - Microsoft Corporation)
Microsoft Visual C++ 2015-2022 Redistributable (x86) - 14.36.32532 (HKLM-x32\...\{410c0ee1-00bb-41b6-9772-e12c2828b02f}) (Version: 14.36.32532.0 - Microsoft Corporation)
Microsoft Visual C++ 2022 X64 Additional Runtime - 14.36.32532 (HKLM\...\{0025DD72-A959-45B5-A0A3-7EFEB15A8050}) (Version: 14.36.32532 - Microsoft Corporation) Hidden
Microsoft Visual C++ 2022 X64 Minimum Runtime - 14.36.32532 (HKLM\...\{D5D19E2F-7189-42FE-8103-92CD1FA457C2}) (Version: 14.36.32532 - Microsoft Corporation) Hidden
Microsoft Visual C++ 2022 X86 Additional Runtime - 14.36.32532 (HKLM-x32\...\{C2C59CAB-8766-4ABD-A8EF-1151A36C41E5}) (Version: 14.36.32532 - Microsoft Corporation) Hidden
Microsoft Visual C++ 2022 X86 Minimum Runtime - 14.36.32532 (HKLM-x32\...\{73F77E4E-5A17-46E5-A5FC-8A061047725F}) (Version: 14.36.32532 - Microsoft Corporation) Hidden
Mozilla Firefox (x64 cs) (HKLM\...\Mozilla Firefox 122.0 (x64 cs)) (Version: 122.0 - Mozilla)
Mozilla Maintenance Service (HKLM\...\MozillaMaintenanceService) (Version: 112.0.2 - Mozilla)
Northgard verze 3.2.8.34322 (HKLM\...\{6E63E6E3-B8E8-4D19-8FD2-E644C2CDBA37}_is1) (Version: 3.2.8.34322 - Threadt)
NVIDIA FrameView SDK 1.3.8513.32290073 (HKLM\...\{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_FrameViewSdk) (Version: 1.3.8513.32290073 - NVIDIA Corporation)
NVIDIA GeForce Experience 3.27.0.120 (HKLM\...\{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_Display.GFExperience) (Version: 3.27.0.120 - NVIDIA Corporation)
NVIDIA Ovladač HD audia 1.3.40.14 (HKLM\...\{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_HDAudio.Driver) (Version: 1.3.40.14 - NVIDIA Corporation)
NVIDIA Ovladače grafiky 536.23 (HKLM\...\{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_Display.Driver) (Version: 536.23 - NVIDIA Corporation)
NVIDIA Systémový software PhysX 9.21.0713 (HKLM\...\{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_Display.PhysX) (Version: 9.21.0713 - NVIDIA Corporation)
NVIDIA USBC Driver 1.50.831.832 (HKLM\...\{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_USBC) (Version: 1.50.831.832 - NVIDIA Corporation)
Office 16 Click-to-Run Extensibility Component (HKLM\...\{90160000-008C-0000-1000-0000000FF1CE}) (Version: 16.0.17328.20142 - Microsoft Corporation) Hidden
Office 16 Click-to-Run Licensing Component (HKLM\...\{90160000-007E-0000-1000-0000000FF1CE}) (Version: 16.0.17328.20108 - Microsoft Corporation) Hidden
qBittorrent (HKLM-x32\...\qBittorrent) (Version: 4.6.3 - The qBittorrent project)
Realtek Audio Driver (HKLM-x32\...\{F132AF7F-7BCA-4EDE-8A7C-958108FE7DBC}) (Version: 6.0.9492.1 - Realtek Semiconductor Corp.)
Steam (HKLM-x32\...\Steam) (Version: 2.10.91.91 - Valve Corporation)
Sticky Password 8.8.4.1676 (HKLM-x32\...\Sticky Password_is1) (Version: 8.8.4.1676 - Lamantine Software)
UE4 Prerequisites (x64) (HKLM\...\{36EAD5CF-44EF-4FCF-8BE1-D96C4835D7A4}) (Version: 1.0.11.0 - Epic Games, Inc.) Hidden
UE4 Prerequisites (x64) (HKLM-x32\...\{2890ae6b-90e9-448d-b3e6-97e43c21e2fd}) (Version: 1.0.13.0 - Epic Games, Inc.) Hidden
VLC media player (HKLM\...\VLC media player) (Version: 3.0.18 - VideoLAN)
WinRAR 6.21 (64-bit) (HKLM\...\WinRAR archiver) (Version: 6.21.0 - win.rar GmbH)

Packages:
=========

Adobe Acrobat Reader -> C:\Program Files\Adobe\Acrobat DC [2024-03-17] ()
Dev Home -> C:\Program Files\WindowsApps\Microsoft.Windows.DevHome_0.1200.442.0_x64__8wekyb3d8bbwe [2024-03-20] (Microsoft Corporation)
ESET Context Menu -> C:\Program Files\ESET\ESET Security [2024-03-27] (Sparse Package)
ESPN -> C:\Program Files\WindowsApps\22364Disney.ESPNBetaPWA_16.0.1.0_neutral__6rarf9sa4v8jt [2024-03-13] (Disney)
HP Smart -> C:\Program Files\WindowsApps\AD2F1837.HPPrinterControl_152.1.1099.0_x64__v10z8vjag6ke6 [2024-03-08] (HP Inc.)
Microsoft Family -> C:\Program Files\WindowsApps\MicrosoftCorporationII.MicrosoftFamily_0.2.40.0_x64__8wekyb3d8bbwe [2023-09-14] (Microsoft Corp.)
Microsoft Teams Play Together -> C:\Program Files\WindowsApps\Microsoft.TeamsXboxGameBarWidget_1.2402.801.0_x64__8wekyb3d8bbwe [2024-02-22] (Microsoft Corporation)
Microsoft.WindowsAppRuntime.CBS -> C:\Windows\SystemApps\Microsoft.WindowsAppRuntime.CBS_8wekyb3d8bbwe [2024-03-13] (Microsoft Corporation)
MicrosoftWindows.CrossDevice -> C:\Program Files\WindowsApps\MicrosoftWindows.CrossDevice_1.24022.90.0_x64__cw5n1h2txyewy [2024-03-27] (Microsoft Windows) [Startup Task]
Minecraft Launcher -> C:\Program Files\WindowsApps\Microsoft.4297127D64EC6_1.7.2.0_x64__8wekyb3d8bbwe [2023-12-21] (Microsoft Studios)
NVIDIA Control Panel -> C:\Program Files\WindowsApps\NVIDIACorp.NVIDIAControlPanel_8.1.965.0_x64__56jybvy8sckqj [2024-03-25] (NVIDIA Corp.)
Spotify Music -> C:\Program Files\WindowsApps\SpotifyAB.SpotifyMusic_1.233.1042.0_x64__zpdnekdrzrea0 [2024-03-26] (Spotify AB) [Startup Task]
Windows Feature Experience Pack -> C:\Windows\SystemApps\MicrosoftWindows.Client.FileExp_cw5n1h2txyewy [2024-03-13] (Microsoft Corporation)
WinRAR -> C:\Program Files\WinRAR [2023-04-22] (win.rar GmbH)

==================== Custom CLSID (Whitelisted): ==============

(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)

CustomCLSID: HKU\S-1-5-21-2785552240-912787919-3056475977-1001_Classes\CLSID\{38142727-3008-9161-1521-349515000000}\localserver32 -> C:\Program Files\Adobe\Acrobat DC\Acrobat\ADNotificationManager.exe (Adobe Inc. -> Adobe)
ShellIconOverlayIdentifiers: [ OneDrive1] -> {BBACC218-34EA-4666-9D7A-C78F2274A524} => C:\Program Files\Microsoft OneDrive\24.050.0310.0001\FileSyncShell64.dll [2024-03-26] (Microsoft Corporation -> Microsoft Corporation)
ShellIconOverlayIdentifiers: [ OneDrive2] -> {5AB7172C-9C11-405C-8DD5-AF20F3606282} => C:\Program Files\Microsoft OneDrive\24.050.0310.0001\FileSyncShell64.dll [2024-03-26] (Microsoft Corporation -> Microsoft Corporation)
ShellIconOverlayIdentifiers: [ OneDrive3] -> {A78ED123-AB77-406B-9962-2A5D9D2F7F30} => C:\Program Files\Microsoft OneDrive\24.050.0310.0001\FileSyncShell64.dll [2024-03-26] (Microsoft Corporation -> Microsoft Corporation)
ShellIconOverlayIdentifiers: [ OneDrive4] -> {F241C880-6982-4CE5-8CF7-7085BA96DA5A} => C:\Program Files\Microsoft OneDrive\24.050.0310.0001\FileSyncShell64.dll [2024-03-26] (Microsoft Corporation -> Microsoft Corporation)
ShellIconOverlayIdentifiers: [ OneDrive5] -> {A0396A93-DC06-4AEF-BEE9-95FFCCAEF20E} => C:\Program Files\Microsoft OneDrive\24.050.0310.0001\FileSyncShell64.dll [2024-03-26] (Microsoft Corporation -> Microsoft Corporation)
ShellIconOverlayIdentifiers: [ OneDrive6] -> {9AA2F32D-362A-42D9-9328-24A483E2CCC3} => C:\Program Files\Microsoft OneDrive\24.050.0310.0001\FileSyncShell64.dll [2024-03-26] (Microsoft Corporation -> Microsoft Corporation)
ShellIconOverlayIdentifiers: [ OneDrive7] -> {C5FF006E-2AE9-408C-B85B-2DFDD5449D9C} => C:\Program Files\Microsoft OneDrive\24.050.0310.0001\FileSyncShell64.dll [2024-03-26] (Microsoft Corporation -> Microsoft Corporation)
ShellIconOverlayIdentifiers-x32: [ OneDrive1] -> {BBACC218-34EA-4666-9D7A-C78F2274A524} => C:\Program Files\Microsoft OneDrive\24.050.0310.0001\FileSyncShell64.dll [2024-03-26] (Microsoft Corporation -> Microsoft Corporation)
ShellIconOverlayIdentifiers-x32: [ OneDrive2] -> {5AB7172C-9C11-405C-8DD5-AF20F3606282} => C:\Program Files\Microsoft OneDrive\24.050.0310.0001\FileSyncShell64.dll [2024-03-26] (Microsoft Corporation -> Microsoft Corporation)
ShellIconOverlayIdentifiers-x32: [ OneDrive3] -> {A78ED123-AB77-406B-9962-2A5D9D2F7F30} => C:\Program Files\Microsoft OneDrive\24.050.0310.0001\FileSyncShell64.dll [2024-03-26] (Microsoft Corporation -> Microsoft Corporation)
ShellIconOverlayIdentifiers-x32: [ OneDrive4] -> {F241C880-6982-4CE5-8CF7-7085BA96DA5A} => C:\Program Files\Microsoft OneDrive\24.050.0310.0001\FileSyncShell64.dll [2024-03-26] (Microsoft Corporation -> Microsoft Corporation)
ShellIconOverlayIdentifiers-x32: [ OneDrive5] -> {A0396A93-DC06-4AEF-BEE9-95FFCCAEF20E} => C:\Program Files\Microsoft OneDrive\24.050.0310.0001\FileSyncShell64.dll [2024-03-26] (Microsoft Corporation -> Microsoft Corporation)
ShellIconOverlayIdentifiers-x32: [ OneDrive6] -> {9AA2F32D-362A-42D9-9328-24A483E2CCC3} => C:\Program Files\Microsoft OneDrive\24.050.0310.0001\FileSyncShell64.dll [2024-03-26] (Microsoft Corporation -> Microsoft Corporation)
ShellIconOverlayIdentifiers-x32: [ OneDrive7] -> {C5FF006E-2AE9-408C-B85B-2DFDD5449D9C} => C:\Program Files\Microsoft OneDrive\24.050.0310.0001\FileSyncShell64.dll [2024-03-26] (Microsoft Corporation -> Microsoft Corporation)
ContextMenuHandlers1: [ FileSyncEx] -> {CB3D0F55-BC2C-4C1A-85ED-23ED75B5106B} => C:\Program Files\Microsoft OneDrive\24.050.0310.0001\FileSyncShell64.dll [2024-03-26] (Microsoft Corporation -> Microsoft Corporation)
ContextMenuHandlers1: [ESET Security Shell] -> {B089FE88-FB52-11D3-BDF1-0050DA34150D} => C:\Program Files\ESET\ESET Security\shellExt.dll [2024-03-25] (ESET, spol. s r.o. -> ESET)
ContextMenuHandlers2: [DaemonShellExtDriveLite] -> {C06369D6-E77D-4626-9656-1256312BD576} => C:\Program Files\DAEMON Tools Lite\dtshl64.dll [2023-10-11] (AVB Disc Soft, SIA -> Disc Soft FZE LLC)
ContextMenuHandlers2: [ESET Security Shell] -> {B089FE88-FB52-11D3-BDF1-0050DA34150D} => C:\Program Files\ESET\ESET Security\shellExt.dll [2024-03-25] (ESET, spol. s r.o. -> ESET)
ContextMenuHandlers3: [DaemonShellExtImageLite] -> {1D1B5D7B-0FC9-452E-902C-12BACD4FBC20} => C:\Program Files\DAEMON Tools Lite\dtshl64.dll [2023-10-11] (AVB Disc Soft, SIA -> Disc Soft FZE LLC)
ContextMenuHandlers4: [ FileSyncEx] -> {CB3D0F55-BC2C-4C1A-85ED-23ED75B5106B} => C:\Program Files\Microsoft OneDrive\24.050.0310.0001\FileSyncShell64.dll [2024-03-26] (Microsoft Corporation -> Microsoft Corporation)
ContextMenuHandlers5: [ FileSyncEx] -> {CB3D0F55-BC2C-4C1A-85ED-23ED75B5106B} => C:\Program Files\Microsoft OneDrive\24.050.0310.0001\FileSyncShell64.dll [2024-03-26] (Microsoft Corporation -> Microsoft Corporation)
ContextMenuHandlers5: [NvCplDesktopContext] -> {3D1975AF-48C6-4f8e-A182-BE0E08FA86A9} => C:\Windows\System32\DriverStore\FileRepository\nvmdi.inf_amd64_04ffae6d80cb7adc\nvshext.dll [2023-06-09] (NVIDIA Corporation -> NVIDIA Corporation)
ContextMenuHandlers6: [ESET Security Shell] -> {B089FE88-FB52-11D3-BDF1-0050DA34150D} => C:\Program Files\ESET\ESET Security\shellExt.dll [2024-03-25] (ESET, spol. s r.o. -> ESET)

==================== Codecs (Whitelisted) ====================

==================== Shortcuts & WMI ========================

(The entries could be listed to be restored or removed.)

Shortcut: C:\Users\petrs\Desktop\НастройкиFallout 4.lnk -> E:\Hry\Fallout 4\Fallout4Launcher.exe (Bethesda Softworks) <==== Cyrillic

==================== Loaded Modules (Whitelisted) =============

2024-03-27 15:06 - 2024-03-27 15:06 - 005855744 _____ (ESET, spol. s r.o. -> ESET) [File not signed] C:\Program Files\ESET\ESET Security\Modules\em045_64\1087\em045_64.dll
2023-04-22 09:28 - 2023-04-22 09:28 - 000000000 ____L (Microsoft Corporation) [symlink -> C:\Program Files\Common Files\Microsoft Shared\ClickToRun\AppvIsvSubsystems64.dll] C:\Program Files\Microsoft Office\Root\Office16\AppVIsvSubsystems64.dll
2023-04-22 09:28 - 2023-04-22 09:28 - 000000000 ____L (Microsoft Corporation) [symlink -> C:\Program Files\Common Files\Microsoft Shared\ClickToRun\C2R64.dll] C:\Program Files\Microsoft Office\Root\Office16\c2r64.dll

==================== Alternate Data Streams (Whitelisted) ========

==================== Safe Mode (Whitelisted) ==================

==================== Association (Whitelisted) =================

==================== Internet Explorer (Whitelisted) ==========

BHO: Java(tm) Plug-In SSV Helper -> {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} -> C:\Program Files\Java\jre-1.8\bin\ssv.dll [2023-03-17] (Oracle America, Inc. -> Oracle Corporation)
BHO: Java(tm) Plug-In 2 SSV Helper -> {DBC80044-A445-435b-BC74-9C25C1C588A9} -> C:\Program Files\Java\jre-1.8\bin\jp2ssv.dll [2023-03-17] (Oracle America, Inc. -> Oracle Corporation)
BHO-x32: Skype for Business Browser Helper -> {31D09BA0-12F5-4CCE-BE8A-2923E76605DA} -> C:\Program Files\Microsoft Office\root\VFS\ProgramFilesX86\Microsoft Office\Office16\OCHelper.dll [2024-01-31] (Microsoft Corporation -> Microsoft Corporation)
Handler: mso-minsb-roaming.16 - {83C25742-A9F7-49FB-9138-434302C88D07} - C:\Program Files\Microsoft Office\root\Office16\MSOSB.DLL [2024-03-07] (Microsoft Corporation -> Microsoft Corporation)
Handler-x32: mso-minsb-roaming.16 - {83C25742-A9F7-49FB-9138-434302C88D07} - C:\Program Files\Microsoft Office\root\VFS\ProgramFilesX86\Microsoft Office\Office16\MSOSB.DLL [2024-03-07] (Microsoft Corporation -> Microsoft Corporation)
Handler: mso-minsb.16 - {42089D2D-912D-4018-9087-2B87803E93FB} - C:\Program Files\Microsoft Office\root\Office16\MSOSB.DLL [2024-03-07] (Microsoft Corporation -> Microsoft Corporation)
Handler-x32: mso-minsb.16 - {42089D2D-912D-4018-9087-2B87803E93FB} - C:\Program Files\Microsoft Office\root\VFS\ProgramFilesX86\Microsoft Office\Office16\MSOSB.DLL [2024-03-07] (Microsoft Corporation -> Microsoft Corporation)
Handler: osf-roaming.16 - {42089D2D-912D-4018-9087-2B87803E93FB} - C:\Program Files\Microsoft Office\root\Office16\MSOSB.DLL [2024-03-07] (Microsoft Corporation -> Microsoft Corporation)
Handler-x32: osf-roaming.16 - {42089D2D-912D-4018-9087-2B87803E93FB} - C:\Program Files\Microsoft Office\root\VFS\ProgramFilesX86\Microsoft Office\Office16\MSOSB.DLL [2024-03-07] (Microsoft Corporation -> Microsoft Corporation)
Handler: osf.16 - {5504BE45-A83B-4808-900A-3A5C36E7F77A} - C:\Program Files\Microsoft Office\root\Office16\MSOSB.DLL [2024-03-07] (Microsoft Corporation -> Microsoft Corporation)
Handler-x32: osf.16 - {5504BE45-A83B-4808-900A-3A5C36E7F77A} - C:\Program Files\Microsoft Office\root\VFS\ProgramFilesX86\Microsoft Office\Office16\MSOSB.DLL [2024-03-07] (Microsoft Corporation -> Microsoft Corporation)

==================== Hosts content: =========================

(If needed Hosts: directive could be included in the fixlist to reset Hosts.)

2022-05-07 06:24 - 2022-05-07 06:22 - 000000824 _____ C:\Windows\system32\drivers\etc\hosts

==================== Other Areas ===========================

(Currently there is no automatic fix for this section.)

HKLM\System\CurrentControlSet\Control\Session Manager\Environment\\Path -> C:\Program Files (x86)\Common Files\Oracle\Java\javapath;C:\Windows\system32;C:\Windows;C:\Windows\System32\Wbem;C:\Windows\System32\WindowsPowerShell\v1.0\;C:\Windows\System32\OpenSSH\;C:\Program Files\NVIDIA Corporation\NVIDIA NvDLISR;C:\Program Files (x86)\NVIDIA Corporation\PhysX\Common
HKU\S-1-5-21-2785552240-912787919-3056475977-1001\Control Panel\Desktop\\Wallpaper -> D:\Všechny rodinné fotky nemazat !!!\Stanovnice 2008 Léto\Stanovnice VII 08 029.jpg
DNS Servers: 192.168.1.1
HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Policies\System => (ConsentPromptBehaviorAdmin: 5) (ConsentPromptBehaviorUser: 3) (EnableLUA: 1)
Windows Firewall is enabled.

==================== MSCONFIG/TASK MANAGER disabled items ==

==================== FirewallRules (Whitelisted) ================

(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)

FirewallRules: [{6CB0B561-0592-4BDD-B619-C8E3E07EF0B2}] => (Allow) C:\Program Files\LogiOptionsPlus\logioptionsplus_agent.exe (Logitech Inc -> Logitech, Inc.)
FirewallRules: [{61BF0263-F05F-46B4-82EB-E034471D1499}] => (Allow) C:\Program Files\NVIDIA Corporation\NvContainer\nvcontainer.exe (NVIDIA Corporation -> NVIDIA Corporation)
FirewallRules: [{F9731812-D9FF-4110-916A-A7A3544E5CF7}] => (Allow) C:\Program Files\NVIDIA Corporation\NvContainer\nvcontainer.exe (NVIDIA Corporation -> NVIDIA Corporation)
FirewallRules: [{1F59F503-46C1-46D2-8CD3-21C1BFF0452E}] => (Allow) C:\Program Files\Mozilla Firefox\firefox.exe (Mozilla Corporation -> Mozilla Corporation)
FirewallRules: [{791FB0FB-49C8-4DD7-9262-3225200D8D76}] => (Allow) C:\Program Files\Mozilla Firefox\firefox.exe (Mozilla Corporation -> Mozilla Corporation)
FirewallRules: [{0026DF3C-A56E-4976-AB96-623922E24110}] => (Allow) E:\Hry\Steam.exe (Valve Corp. -> Valve Corporation)
FirewallRules: [{8D0C5721-3482-4F65-9865-040F76573A61}] => (Allow) E:\Hry\Steam.exe (Valve Corp. -> Valve Corporation)
FirewallRules: [{07BFE2C2-E517-440D-8BDE-23B5C89599A2}] => (Allow) E:\Hry\bin\cef\cef.win7x64\steamwebhelper.exe (Valve Corp. -> Valve Corporation)
FirewallRules: [{C2A2E3C9-3903-4197-9DA0-0FAD0BF3207F}] => (Allow) E:\Hry\bin\cef\cef.win7x64\steamwebhelper.exe (Valve Corp. -> Valve Corporation)
FirewallRules: [{7568F6F9-8484-41E4-9520-91264DE98029}] => (Allow) E:\Hry\steamapps\common\Hogwarts Legacy\HogwartsLegacy.exe (Warner Bros. Interactive) [File not signed]
FirewallRules: [{7E3DBE9D-BAE8-4684-B64F-AED4E5DC4DAB}] => (Allow) E:\Hry\steamapps\common\Hogwarts Legacy\HogwartsLegacy.exe (Warner Bros. Interactive) [File not signed]
FirewallRules: [{16823495-B5F8-4CC7-A7DA-745790937911}] => (Allow) E:\Hry\steamapps\common\VRChat\launch.exe () [File not signed]
FirewallRules: [{65EC1B8C-8BA9-4A74-8041-ED68689A1C08}] => (Allow) E:\Hry\steamapps\common\VRChat\launch.exe () [File not signed]
FirewallRules: [TCP Query User{11F9593C-1625-4C08-B581-7088DC39C9AA}C:\program files\qbittorrent\qbittorrent.exe] => (Block) C:\program files\qbittorrent\qbittorrent.exe (The qBittorrent Project) [File not signed]
FirewallRules: [UDP Query User{C3DF1A79-951C-4DC2-A8E2-B65F0082CB7C}C:\program files\qbittorrent\qbittorrent.exe] => (Block) C:\program files\qbittorrent\qbittorrent.exe (The qBittorrent Project) [File not signed]
FirewallRules: [TCP Query User{8FAF17B1-78CC-4D89-8EBB-D9CFA076458B}E:\hry\epic games\launcher\engine\binaries\win64\epicwebhelper.exe] => (Allow) E:\hry\epic games\launcher\engine\binaries\win64\epicwebhelper.exe (Epic Games Inc. -> Epic Games, Inc.)
FirewallRules: [UDP Query User{55E199DE-CCEC-4588-80A6-B668E569F5FD}E:\hry\epic games\launcher\engine\binaries\win64\epicwebhelper.exe] => (Allow) E:\hry\epic games\launcher\engine\binaries\win64\epicwebhelper.exe (Epic Games Inc. -> Epic Games, Inc.)
FirewallRules: [{9F9F1179-26C7-47F8-8144-E72ECF52E1C4}] => (Allow) C:\Program Files\DAEMON Tools Lite\DiscSoftBusServiceLite.exe (AVB Disc Soft, SIA -> Disc Soft FZE LLC)
FirewallRules: [{5A9F8DF5-3C82-48DB-94E3-C5892CD675A3}] => (Allow) C:\Program Files\DAEMON Tools Lite\DiscSoftBusServiceLite.exe (AVB Disc Soft, SIA -> Disc Soft FZE LLC)
FirewallRules: [TCP Query User{36FC7988-02DF-4B1A-8004-9E58126B1BF0}C:\users\petrs\appdata\local\packages\microsoft.4297127d64ec6_8wekyb3d8bbwe\localcache\local\runtime\java-runtime-gamma\windows-x64\java-runtime-gamma\bin\javaw.exe] => (Allow) C:\users\petrs\appdata\local\packages\microsoft.4297127d64ec6_8wekyb3d8bbwe\localcache\local\runtime\java-runtime-gamma\windows-x64\java-runtime-gamma\bin\javaw.exe
FirewallRules: [UDP Query User{1AE7DD89-F5AF-42F4-9261-2407562E1C4E}C:\users\petrs\appdata\local\packages\microsoft.4297127d64ec6_8wekyb3d8bbwe\localcache\local\runtime\java-runtime-gamma\windows-x64\java-runtime-gamma\bin\javaw.exe] => (Allow) C:\users\petrs\appdata\local\packages\microsoft.4297127d64ec6_8wekyb3d8bbwe\localcache\local\runtime\java-runtime-gamma\windows-x64\java-runtime-gamma\bin\javaw.exe
FirewallRules: [{B5FAA428-A6A5-457E-B7D3-91CD6A7421B9}] => (Allow) C:\Program Files\NVIDIA Corporation\NvContainer\nvcontainer.exe (NVIDIA Corporation -> NVIDIA Corporation)
FirewallRules: [{4EA6C1E4-3D86-4C5F-8826-960E94001B64}] => (Allow) C:\Program Files\NVIDIA Corporation\NvContainer\nvcontainer.exe (NVIDIA Corporation -> NVIDIA Corporation)
FirewallRules: [{4E5A36F7-DB24-48EF-974E-786496C25D2D}] => (Allow) C:\Program Files\NVIDIA Corporation\NvStreamSrv\nvstreamer.exe (NVIDIA Corporation -> NVIDIA Corporation)
FirewallRules: [{B3708D0F-88E0-4A06-9A4E-C34B7AA77CC6}] => (Allow) C:\Program Files\NVIDIA Corporation\NvStreamSrv\nvstreamer.exe (NVIDIA Corporation -> NVIDIA Corporation)
FirewallRules: [{8C028B2F-6CA0-43FC-90A1-B077890DB941}] => (Allow) E:\Hry\steamapps\common\Poppy Playtime - Multiplayer\Playtime_Multiplayer.exe (EasyAntiCheat Oy -> Epic Games, Inc.)
FirewallRules: [{14EB1F0D-D709-447F-AFEA-3DFB9DE8C7D8}] => (Allow) E:\Hry\steamapps\common\Poppy Playtime - Multiplayer\Playtime_Multiplayer.exe (EasyAntiCheat Oy -> Epic Games, Inc.)
FirewallRules: [TCP Query User{39099541-348F-4A81-AB48-E6463C8595CB}E:\hry\steamapps\common\poppy playtime - multiplayer\playtime_multiplayer\binaries\win64\playtime_multiplayer-win64-shipping.exe] => (Allow) E:\hry\steamapps\common\poppy playtime - multiplayer\playtime_multiplayer\binaries\win64\playtime_multiplayer-win64-shipping.exe (Epic Games, Inc.) [File not signed]
FirewallRules: [UDP Query User{170B4B36-F066-464E-A87B-77152AAD1D65}E:\hry\steamapps\common\poppy playtime - multiplayer\playtime_multiplayer\binaries\win64\playtime_multiplayer-win64-shipping.exe] => (Allow) E:\hry\steamapps\common\poppy playtime - multiplayer\playtime_multiplayer\binaries\win64\playtime_multiplayer-win64-shipping.exe (Epic Games, Inc.) [File not signed]
FirewallRules: [{5BDB27A2-3FBF-4A89-B5A0-FB719085ED1F}] => (Allow) E:\Hry\steamapps\common\AreYouReadyForValveIndex\compatapp.exe (Valve -> )
FirewallRules: [{576BF63F-5185-46B9-A64F-8ED0A8058634}] => (Allow) E:\Hry\steamapps\common\AreYouReadyForValveIndex\compatapp.exe (Valve -> )
FirewallRules: [{37FF988B-AEAD-4FF7-AAA3-4F80109B6265}] => (Allow) C:\Program Files (x86)\Sticky Password\stpass.exe (Lamantine Software a.s. -> Lamantine Software a.s.)
FirewallRules: [{03C1901D-BC4E-4A29-BD3C-3B49F071F705}] => (Allow) C:\Program Files (x86)\Sticky Password\stpass.exe (Lamantine Software a.s. -> Lamantine Software a.s.)
FirewallRules: [{01913BD6-F5FD-473D-8472-00ED116DF64E}] => (Allow) E:\Hry\steamapps\common\Palworld\Palworld.exe (Epic Games, Inc.) [File not signed]
FirewallRules: [{E8DD902F-C4E2-4213-A417-F3FB61BF1E6C}] => (Allow) E:\Hry\steamapps\common\Palworld\Palworld.exe (Epic Games, Inc.) [File not signed]
FirewallRules: [{B7D17A44-A388-4C87-94F0-BAA02D25495F}] => (Allow) C:\Program Files\LogiOptionsPlus\logioptionsplus_agent.exe (Logitech Inc -> Logitech, Inc.)
FirewallRules: [{6BF4BB4A-2728-458F-9511-BAE85BA9A629}] => (Allow) C:\Program Files\qBittorrent\qbittorrent.exe (The qBittorrent Project) [File not signed]
FirewallRules: [{D466CB32-501C-4F87-BE9E-3398D44603C7}] => (Allow) C:\Program Files\qBittorrent\qbittorrent.exe (The qBittorrent Project) [File not signed]
FirewallRules: [{4BDA6956-6C89-4C22-8350-407A1599E75A}] => (Allow) C:\Program Files (x86)\Microsoft\EdgeWebView\Application\122.0.2365.92\msedgewebview2.exe (Microsoft Corporation -> Microsoft Corporation)
FirewallRules: [{EF4B2994-DE1F-4A50-981D-B5B5A32A95F1}] => (Allow) C:\Program Files\WindowsApps\MicrosoftTeams_24060.3102.2733.5911_x64__8wekyb3d8bbwe\msteams.exe (Microsoft Corporation -> Microsoft Corporation)
FirewallRules: [{D14BAB15-B22D-44B4-B783-7F3951C93A2A}] => (Allow) C:\Program Files\WindowsApps\MicrosoftTeams_24060.3102.2733.5911_x64__8wekyb3d8bbwe\msteams.exe (Microsoft Corporation -> Microsoft Corporation)
FirewallRules: [{74C3FA3B-6D44-45D2-8AF9-53191D30FDAB}] => (Allow) C:\Program Files\WindowsApps\SpotifyAB.SpotifyMusic_1.233.1042.0_x64__zpdnekdrzrea0\Spotify.exe (453637B3-4E12-4CDF-B0D3-2A3C863BF6EF -> Spotify Ltd)
FirewallRules: [{3E0AF9CC-6371-40B2-B876-A998C8695B43}] => (Allow) C:\Program Files\WindowsApps\SpotifyAB.SpotifyMusic_1.233.1042.0_x64__zpdnekdrzrea0\Spotify.exe (453637B3-4E12-4CDF-B0D3-2A3C863BF6EF -> Spotify Ltd)
FirewallRules: [{EFC12E27-E3AC-4443-8130-4825CDFA0B9C}] => (Allow) C:\Program Files\WindowsApps\SpotifyAB.SpotifyMusic_1.233.1042.0_x64__zpdnekdrzrea0\Spotify.exe (453637B3-4E12-4CDF-B0D3-2A3C863BF6EF -> Spotify Ltd)
FirewallRules: [{8BEFFD99-5131-4B8B-A405-E679477FDCE4}] => (Allow) C:\Program Files\WindowsApps\SpotifyAB.SpotifyMusic_1.233.1042.0_x64__zpdnekdrzrea0\Spotify.exe (453637B3-4E12-4CDF-B0D3-2A3C863BF6EF -> Spotify Ltd)
FirewallRules: [{BBAA3A03-4AF7-4DA0-9200-15CE44886608}] => (Allow) C:\Program Files\WindowsApps\SpotifyAB.SpotifyMusic_1.233.1042.0_x64__zpdnekdrzrea0\Spotify.exe (453637B3-4E12-4CDF-B0D3-2A3C863BF6EF -> Spotify Ltd)
FirewallRules: [{133A1A31-1ADB-4008-B414-E8ACE8990D0B}] => (Allow) C:\Program Files\WindowsApps\SpotifyAB.SpotifyMusic_1.233.1042.0_x64__zpdnekdrzrea0\Spotify.exe (453637B3-4E12-4CDF-B0D3-2A3C863BF6EF -> Spotify Ltd)
FirewallRules: [{755FD29A-3361-45E5-BF66-C0805414D15A}] => (Allow) C:\Program Files\WindowsApps\SpotifyAB.SpotifyMusic_1.233.1042.0_x64__zpdnekdrzrea0\Spotify.exe (453637B3-4E12-4CDF-B0D3-2A3C863BF6EF -> Spotify Ltd)
FirewallRules: [{B372E5DD-3D78-49F0-A5BB-4567C6282AF9}] => (Allow) C:\Program Files\WindowsApps\SpotifyAB.SpotifyMusic_1.233.1042.0_x64__zpdnekdrzrea0\Spotify.exe (453637B3-4E12-4CDF-B0D3-2A3C863BF6EF -> Spotify Ltd)
FirewallRules: [{2E0D6DD9-20B5-460F-9D52-1DE6382C9C15}] => (Allow) C:\Program Files\WindowsApps\SpotifyAB.SpotifyMusic_1.233.1042.0_x64__zpdnekdrzrea0\Spotify.exe (453637B3-4E12-4CDF-B0D3-2A3C863BF6EF -> Spotify Ltd)
FirewallRules: [{5943667F-B38C-46D9-B807-9973C1B63E1A}] => (Allow) C:\Program Files\WindowsApps\SpotifyAB.SpotifyMusic_1.233.1042.0_x64__zpdnekdrzrea0\Spotify.exe (453637B3-4E12-4CDF-B0D3-2A3C863BF6EF -> Spotify Ltd)

==================== Restore Points =========================

20-03-2024 18:38:26 Windows Update
25-03-2024 18:25:40 Windows Update
25-03-2024 18:25:40 Windows Update
25-03-2024 18:25:41 Windows Update

==================== Faulty Device Manager Devices ============


==================== Event log errors: ========================

Application errors:
==================
Error: (03/27/2024 03:10:23 PM) (Source: Microsoft Security Client) (EventID: 3002) (User: )
Description: Event-ID 3002

Error: (03/27/2024 03:10:23 PM) (Source: Microsoft Security Client) (EventID: 2002) (User: )
Description: Event-ID 2002

Error: (03/27/2024 03:10:23 PM) (Source: Microsoft Security Client) (EventID: 2003) (User: )
Description: Event-ID 2003


System errors:
=============
Error: (03/26/2024 11:04:56 AM) (Source: Microsoft-Windows-WindowsUpdateClient) (EventID: 20) (User: NT AUTHORITY)
Description: Instalace se nezdařila: Instalování následující aktualizace se nezdařilo z důvodu chyby (0x80073d02): 9NMPJ99VJBWV-Microsoft.YourPhone.

Error: (03/26/2024 11:04:48 AM) (Source: Microsoft-Windows-WindowsUpdateClient) (EventID: 20) (User: NT AUTHORITY)
Description: Instalace se nezdařila: Instalování následující aktualizace se nezdařilo z důvodu chyby (0x80073d02): 9MV0B5HZVK9Z-Microsoft.GamingApp.

Error: (03/25/2024 06:26:14 PM) (Source: Microsoft-Windows-WindowsUpdateClient) (EventID: 20) (User: NT AUTHORITY)
Description: Instalace se nezdařila: Instalování následující aktualizace se nezdařilo z důvodu chyby (0x80073d02): 9NCBCSZSJRSB-SpotifyAB.SpotifyMusic.

Error: (03/25/2024 06:10:24 PM) (Source: Service Control Manager) (EventID: 7034) (User: )
Description: Služba GameInput Service byla neočekávaně ukončena. Tento stav nastal již 6krát.

Error: (03/25/2024 06:10:24 PM) (Source: Service Control Manager) (EventID: 7023) (User: )
Description: Služba GameInput Service byla ukončena s následující chybou:
Složený soubor GameInput Service byl vytvořen s novější verzi úložného prostoru.

Error: (03/25/2024 06:10:23 PM) (Source: Service Control Manager) (EventID: 7031) (User: )
Description: Služba GameInput Service byla nečekaně ukončena. Stalo se to 5 krát. Následující opravná akce bude spuštěna za 1000 milisekund: Restartovat službu.

Error: (03/25/2024 06:10:23 PM) (Source: Service Control Manager) (EventID: 7023) (User: )
Description: Služba GameInput Service byla ukončena s následující chybou:
Složený soubor GameInput Service byl vytvořen s novější verzi úložného prostoru.

Error: (03/25/2024 06:10:22 PM) (Source: Service Control Manager) (EventID: 7031) (User: )
Description: Služba GameInput Service byla nečekaně ukončena. Stalo se to 4 krát. Následující opravná akce bude spuštěna za 1000 milisekund: Restartovat službu.


Windows Defender:
================
Date: 2024-03-27 11:49:12
Description:
Prohledávání Antivirová ochrana v programu Microsoft Defender bylo zastaveno před dokončením.
ID prohledávání: {065A7352-698C-42A3-B0D6-0EB3AA01C6A8}
Typ prohledávání: Antimalwarový program
Parametry prohledávání: Rychlé prohledávání
Uživatel: NT AUTHORITY\SYSTEM

Date: 2024-03-26 11:04:25
Description:
Prohledávání Antivirová ochrana v programu Microsoft Defender bylo zastaveno před dokončením.
ID prohledávání: {05952EFA-7104-4861-9F9A-ED72BFCC57E6}
Typ prohledávání: Antimalwarový program
Parametry prohledávání: Rychlé prohledávání
Uživatel: NT AUTHORITY\SYSTEM

Date: 2024-03-19 14:42:11
Description:
Prohledávání Antivirová ochrana v programu Microsoft Defender bylo zastaveno před dokončením.
ID prohledávání: {967023EF-3810-4877-8EF7-3378CD26B578}
Typ prohledávání: Antimalwarový program
Parametry prohledávání: Rychlé prohledávání
Uživatel: NT AUTHORITY\SYSTEM

Date: 2024-03-18 09:22:45
Description:
Prohledávání Antivirová ochrana v programu Microsoft Defender bylo zastaveno před dokončením.
ID prohledávání: {3B22F4A7-74BB-4F2D-B5A0-388E15E0B88D}
Typ prohledávání: Antimalwarový program
Parametry prohledávání: Rychlé prohledávání
Uživatel: NT AUTHORITY\SYSTEM

Date: 2024-03-17 14:40:34
Description:
Prohledávání Antivirová ochrana v programu Microsoft Defender bylo zastaveno před dokončením.
ID prohledávání: {8F131DA7-2EBB-4FDF-BE68-C8309F699900}
Typ prohledávání: Antimalwarový program
Parametry prohledávání: Rychlé prohledávání
Uživatel: NT AUTHORITY\SYSTEM
Event[0]

Date: 2023-04-22 09:27:33
Description:
Antivirová ochrana v programu Microsoft Defender narazil na chybu při pokusu o aktualizaci bezpečnostních informací.
Nová verze bezpečnostních informací:
Předchozí verze bezpečnostních informací: 1.321.69.0
Zdroj aktualizace: Centrum společnosti Microsoft pro ochranu před škodlivým softwarem
Typ bezpečnostních informací: Antivirový program
Typ aktualizace: Úplné
Uživatel: NT AUTHORITY\NETWORK SERVICE
Aktuální verze modulu:
Předchozí verze modulu: 1.1.17300.4
Kód chyby: 0x80072ee7
Popis chyby: Nelze rozpoznat název nebo adresu serveru.

Date: 2023-04-22 09:27:33
Description:
Antivirová ochrana v programu Microsoft Defender narazil na chybu při pokusu o aktualizaci bezpečnostních informací.
Nová verze bezpečnostních informací:
Předchozí verze bezpečnostních informací: 1.321.69.0
Zdroj aktualizace: Centrum společnosti Microsoft pro ochranu před škodlivým softwarem
Typ bezpečnostních informací: Antispywarový program
Typ aktualizace: Úplné
Uživatel: NT AUTHORITY\NETWORK SERVICE
Aktuální verze modulu:
Předchozí verze modulu: 1.1.17300.4
Kód chyby: 0x80072ee7
Popis chyby: Nelze rozpoznat název nebo adresu serveru.

Date: 2023-04-22 09:27:33
Description:
Antivirová ochrana v programu Microsoft Defender narazil na chybu při pokusu o aktualizaci bezpečnostních informací.
Nová verze bezpečnostních informací:
Předchozí verze bezpečnostních informací: 1.321.69.0
Zdroj aktualizace: Centrum společnosti Microsoft pro ochranu před škodlivým softwarem
Typ bezpečnostních informací: Antivirový program
Typ aktualizace: Úplné
Uživatel: NT AUTHORITY\NETWORK SERVICE
Aktuální verze modulu:
Předchozí verze modulu: 1.1.17300.4
Kód chyby: 0x80072ee7
Popis chyby: Nelze rozpoznat název nebo adresu serveru.

Date: 2023-04-22 09:27:33
Description:
Antivirová ochrana v programu Microsoft Defender narazil na chybu při pokusu o aktualizaci bezpečnostních informací.
Nová verze bezpečnostních informací:
Předchozí verze bezpečnostních informací: 1.321.69.0
Zdroj aktualizace: Centrum společnosti Microsoft pro ochranu před škodlivým softwarem
Typ bezpečnostních informací: Antivirový program
Typ aktualizace: Úplné
Uživatel: NT AUTHORITY\NETWORK SERVICE
Aktuální verze modulu:
Předchozí verze modulu: 1.1.17300.4
Kód chyby: 0x80072ee7
Popis chyby: Nelze rozpoznat název nebo adresu serveru.

Date: 2023-04-22 09:27:33
Description:
Antivirová ochrana v programu Microsoft Defender narazil na chybu při pokusu o aktualizaci bezpečnostních informací.
Nová verze bezpečnostních informací:
Předchozí verze bezpečnostních informací: 1.321.69.0
Zdroj aktualizace: Centrum společnosti Microsoft pro ochranu před škodlivým softwarem
Typ bezpečnostních informací: Antispywarový program
Typ aktualizace: Úplné
Uživatel: NT AUTHORITY\NETWORK SERVICE
Aktuální verze modulu:
Předchozí verze modulu: 1.1.17300.4
Kód chyby: 0x80072ee7
Popis chyby: Nelze rozpoznat název nebo adresu serveru.

CodeIntegrity:
===============
Date: 2024-03-27 15:10:05
Description:
Code Integrity determined that a process (\Device\HarddiskVolume4\Windows\System32\SecurityHealthService.exe) attempted to load \Device\HarddiskVolume4\Program Files\ESET\ESET Security\eamsi.dll that did not meet the Windows signing level requirements.

Date: 2024-03-27 15:09:36
Description:
Code Integrity determined that a process (\Device\HarddiskVolume4\ProgramData\Microsoft\Windows Defender\Platform\4.18.24020.7-0\MsMpEng.exe) attempted to load \Device\HarddiskVolume4\Program Files\ESET\ESET Security\eamsi.dll that did not meet the Custom 3 / Antimalware signing level requirements.

Date: 2024-03-27 15:09:31
Description:
Code Integrity determined that a process (\Device\HarddiskVolume4\Program Files\ESET\ESET Security\ekrn.exe) attempted to load \Device\HarddiskVolume4\Program Files\ESET\ESET Security\eamsi.dll that did not meet the Custom 3 / Antimalware signing level requirements.

Date: 2024-02-18 16:15:37
Description:
Code Integrity is unable to verify the image integrity of the file \Device\HarddiskVolume4\Windows\System32\fcon.dll because the set of per-page image hashes could not be found on the system.

Date: 2023-12-04 18:08:08
Description:
Code Integrity determined that a process (\Device\HarddiskVolume4\ProgramData\Microsoft\Windows Defender\Platform\4.18.23100.2009-0\MsMpEng.exe) attempted to load \Device\HarddiskVolume4\Program Files\Microsoft Office\root\vfs\ProgramFilesCommonX64\Microsoft Shared\Office16\MSOXMLMF.DLL that did not meet the Custom 3 / Antimalware signing level requirements.


==================== Memory info ===========================

BIOS: American Megatrends International, LLC. 1.I0 03/01/2023
Motherboard: Micro-Star International Co., Ltd. MPG X570 GAMING PRO CARBON WIFI (MS-7B93)
Processor: AMD Ryzen 9 3900X 12-Core Processor
Percentage of memory in use: 38%
Total physical RAM: 16303.47 MB
Available physical RAM: 10054.13 MB
Total Virtual: 26543.47 MB
Available Virtual: 18137.3 MB

==================== Drives ================================

Drive c: () (Fixed) (Total:930.79 GB) (Free:691.53 GB) (Model: Samsung SSD 990 PRO 1TB) NTFS
Drive d: (Místní disk) (Fixed) (Total:1863 GB) (Free:1102.47 GB) (Model: HGST HUS722T2TALA604) NTFS
Drive e: (Místní disk E) (Fixed) (Total:465.65 GB) (Free:221.43 GB) (Model: Samsung SSD 970 EVO Plus 500GB) NTFS

\\?\Volume{e26e90c5-7abc-48fe-a1d0-cdb7280b4b78}\ () (Fixed) (Total:0.61 GB) (Free:0.08 GB) NTFS
\\?\Volume{aed9f27e-b2dc-40a4-a67e-a9c26c3a08fc}\ () (Fixed) (Total:0.09 GB) (Free:0.07 GB) FAT32

==================== MBR & Partition Table ====================

==========================================================
Disk: 0 (Protective MBR) (Size: 1863 GB) (Disk ID: 00000000)

Partition: GPT.

==========================================================
Disk: 1 (Size: 465.8 GB) (Disk ID: 1F09C536)

Partition: GPT.

==========================================================
Disk: 2 (Protective MBR) (Size: 931.5 GB) (Disk ID: 00000000)

Partition: GPT.

==================== End of Addition.txt =======================
Naposledy upravil(a) Mortiz696 dne 27 bře 2024 16:57, celkem upraveno 1 x.
Nahoru
Mortiz696
Návštěvník
Návštěvník
Příspěvky: 76
Registrován: 29 led 2014 19:24

Re: Prosím o kontrolu logu

#2 Příspěvek od Mortiz696 »

Přikládám nový FRST po zásahu esetu
Scan result of Farbar Recovery Scan Tool (FRST) (x64) Version: 25.03.2024
Ran by petrs (administrator) on ZALMAN-PC (Micro-Star International Co., Ltd. MS-7B93) (27-03-2024 16:28:21)
Running from C:\Users\petrs\Desktop\FRST64.exe
Loaded Profiles: petrs
Platform: Microsoft Windows 11 Home Version 23H2 22631.3296 (X64) Language: Čeština (Česko)
Default browser: Edge
Boot Mode: Normal

==================== Processes (Whitelisted) =================

(If an entry is included in the fixlist, the process will be closed. The file will not be moved.)

(A-Volute SAS -> A-Volute) C:\Windows\System32\NhNotifSys.exe
(C:\Program Files (x86)\Common Files\Java\Java Update\jusched.exe ->) (Oracle America, Inc. -> Oracle Corporation) C:\Program Files (x86)\Common Files\Java\Java Update\jucheck.exe
(C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe ->) (Microsoft Corporation -> Microsoft Corporation) C:\Program Files (x86)\Microsoft\Edge\Application\122.0.2365.92\identity_helper.exe
(C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe ->) (Microsoft Windows -> Microsoft Corporation) C:\Windows\System32\cmd.exe
(C:\Program Files (x86)\Sticky Password\stpass.exe ->) (Lamantine Software a.s. -> Lamantine Software a.s.) C:\Program Files (x86)\Sticky Password\spUIAManager.exe
(C:\Program Files\ESET\ESET Security\ekrn.exe ->) (ESET, spol. s r.o. -> ESET) C:\Program Files\ESET\ESET Security\egui.exe
(C:\Program Files\ESET\ESET Security\ekrn.exe ->) (ESET, spol. s r.o. -> ESET) C:\Program Files\ESET\ESET Security\eguiProxy.exe
(C:\Program Files\ESET\ESET Security\ekrn.exe ->) (ESET, spol. s r.o. -> ESET) C:\Program Files\ESET\ESET Security\eOppFrame.exe
(C:\Program Files\LogiOptionsPlus\logioptionsplus_agent.exe ->) (Logitech Inc -> Logitech, Inc.) C:\Program Files\LogiOptionsPlus\logioptionsplus_appbroker.exe
(C:\Program Files\LogiOptionsPlus\logioptionsplus_updater.exe ->) (Logitech Inc -> Logitech, Inc.) C:\Program Files\LogiOptionsPlus\logioptionsplus_agent.exe
(C:\Program Files\NVIDIA Corporation\NvContainer\nvcontainer.exe ->) (Microsoft Windows -> Microsoft Corporation) C:\Windows\System32\rundll32.exe
(C:\Program Files\NVIDIA Corporation\NvContainer\nvcontainer.exe ->) (NVIDIA Corporation -> NVIDIA Corporation) C:\Program Files\NVIDIA Corporation\NVIDIA GeForce Experience\NVIDIA Share.exe <3>
(C:\Program Files\NVIDIA Corporation\NvContainer\nvcontainer.exe ->) (NVIDIA Corporation -> NVIDIA Corporation) C:\Program Files\NVIDIA Corporation\ShadowPlay\nvsphelper64.exe
(C:\Program Files\WindowsApps\MicrosoftTeams_24060.3102.2733.5911_x64__8wekyb3d8bbwe\msteams.exe ->) (Microsoft Corporation -> Microsoft Corporation) C:\Program Files (x86)\Microsoft\EdgeWebView\Application\122.0.2365.92\msedgewebview2.exe <12>
(cmd.exe ->) (ESET, spol. s r.o. -> ESET) C:\Program Files\ESET\ESET Security\BrowserPrivacyAndSecurity.exe
(explorer.exe ->) (Lamantine Software a.s. -> Lamantine Software a.s.) C:\Program Files (x86)\Sticky Password\stpass.exe
(explorer.exe ->) (Microsoft Corporation -> Microsoft Corporation) C:\Program Files\Microsoft OneDrive\OneDrive.exe
(Check Point Software Technologies Ltd. -> Check Point Software Technologies Ltd.) C:\Program Files (x86)\CheckPoint\ZANG\UI\UI_Main.exe
(Check Point Software Technologies Ltd. -> CheckPoint Software Technologies Ltd.) C:\Program Files (x86)\CheckPoint\Update\1.3.99.0\ZoneAlarmCrashHandler.exe
(Check Point Software Technologies Ltd. -> CheckPoint Software Technologies Ltd.) C:\Program Files (x86)\CheckPoint\Update\1.3.99.0\ZoneAlarmCrashHandler64.exe
(Microsoft Corporation -> Microsoft Corporation) C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe <7>
(Microsoft Corporation -> Microsoft Corporation) C:\Program Files\Microsoft OneDrive\24.050.0310.0001\Microsoft.SharePoint.exe
(NVIDIA Corporation -> Node.js) C:\Program Files (x86)\NVIDIA Corporation\NvNode\NVIDIA Web Helper.exe
(Oracle America, Inc. -> Oracle Corporation) C:\Program Files (x86)\Common Files\Java\Java Update\jusched.exe
(services.exe ->) (Adobe Inc. -> Adobe Inc.) C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\armsvc.exe
(services.exe ->) (AVB Disc Soft, SIA -> Disc Soft FZE LLC) C:\Program Files\DAEMON Tools Lite\DiscSoftBusServiceLite.exe
(services.exe ->) (A-Volute SAS -> Nahimic) C:\Windows\System32\NahimicService.exe
(services.exe ->) (ESET, spol. s r.o. -> ESET) C:\Program Files\ESET\ESET Security\efwd.exe
(services.exe ->) (ESET, spol. s r.o. -> ESET) C:\Program Files\ESET\ESET Security\ekrn.exe
(services.exe ->) (HP Inc. -> HP Inc.) C:\Program Files\HPPrintScanDoctor\HPPrintScanDoctorService.exe
(services.exe ->) (Check Point Software Technologies Ltd. -> ) C:\Program Files (x86)\CheckPoint\Endpoint Security\TPCommon\Cipolla\SBACipollaSrvHost.exe
(services.exe ->) (Check Point Software Technologies Ltd. -> Check Point Software Technologies Ltd.) C:\Program Files (x86)\CheckPoint\Endpoint Security\AntiBot\epab_svc.exe
(services.exe ->) (Check Point Software Technologies Ltd. -> Check Point Software Technologies Ltd.) C:\Program Files (x86)\CheckPoint\Endpoint Security\EFR\EFRService.exe
(services.exe ->) (Check Point Software Technologies Ltd. -> Check Point Software Technologies Ltd.) C:\Program Files (x86)\CheckPoint\Endpoint Security\Threat Emulation\TESvc.exe
(services.exe ->) (Check Point Software Technologies Ltd. -> Check Point Software Technologies Ltd.) C:\Program Files (x86)\CheckPoint\ZANG\AR\AR_Service.exe
(services.exe ->) (Check Point Software Technologies Ltd. -> Check Point Software Technologies Ltd.) C:\Program Files (x86)\CheckPoint\ZANG\AV\ZA_WSC.exe
(services.exe ->) (Check Point Software Technologies Ltd. -> Check Point Software Technologies Ltd.) C:\Program Files (x86)\CheckPoint\ZANG\AV\ZANG_AV.exe
(services.exe ->) (Check Point Software Technologies Ltd. -> Check Point Software Technologies Ltd.) C:\Program Files (x86)\CheckPoint\ZANG\Firewall\ZANG_DAF.exe
(services.exe ->) (Check Point Software Technologies Ltd. -> Check Point Software Technologies Ltd.) C:\Program Files (x86)\CheckPoint\ZANG\MgrSvc\ZANG_MgrSvc.exe
(services.exe ->) (Check Point Software Technologies Ltd. -> Check Point Software Technologies Ltd.) C:\Windows\SysWOW64\Zonelabs\vsmon.exe
(services.exe ->) (Logitech Inc -> Logitech, Inc.) C:\Program Files\LogiOptionsPlus\logioptionsplus_updater.exe
(services.exe ->) (Microsoft Corporation -> Microsoft Corporation) C:\Program Files\Common Files\microsoft shared\ClickToRun\OfficeClickToRun.exe
(services.exe ->) (ND_Apps -> Intel Corporation) C:\Windows\System32\IPROSetMonitor.exe
(services.exe ->) (NVIDIA Corporation -> NVIDIA Corporation) C:\Program Files\NVIDIA Corporation\NvContainer\nvcontainer.exe <3>
(services.exe ->) (NVIDIA Corporation -> NVIDIA Corporation) C:\Windows\System32\DriverStore\FileRepository\nvmdi.inf_amd64_04ffae6d80cb7adc\Display.NvContainer\NVDisplay.Container.exe <2>
(services.exe ->) (Realtek Semiconductor Corp. -> Realtek Semiconductor) C:\Windows\System32\DriverStore\FileRepository\realtekservice.inf_amd64_5349479f7c9fe8a6\RtkAudUService64.exe <2>
(sihost.exe ->) (Microsoft Windows -> Microsoft Corporation) C:\Program Files\WindowsApps\MicrosoftWindows.CrossDevice_1.24022.90.0_x64__cw5n1h2txyewy\CrossDeviceService.exe
(svchost.exe ->) (453637B3-4E12-4CDF-B0D3-2A3C863BF6EF -> ) C:\Program Files\WindowsApps\SpotifyAB.SpotifyMusic_1.233.1042.0_x64__zpdnekdrzrea0\SpotifyWidgetProvider.exe
(svchost.exe ->) (Microsoft Corporation -> Microsoft Corporation) C:\Program Files\Microsoft Office\root\Office16\SDXHelper.exe
(svchost.exe ->) (Microsoft Windows -> ) C:\Program Files\WindowsApps\MicrosoftWindows.Client.WebExperience_424.1301.310.0_x64__cw5n1h2txyewy\Dashboard\WidgetService.exe
(svchost.exe ->) (Microsoft Windows -> Microsoft Corporation) C:\Windows\System32\dllhost.exe <2>
(svchost.exe ->) (Microsoft Windows -> Microsoft Corporation) C:\Windows\System32\smartscreen.exe
(svchost.exe ->) (Microsoft Windows -> Microsoft Corporation) C:\Windows\System32\wlanext.exe
(svchost.exe ->) (Microsoft Windows -> Microsoft Corporation) C:\Windows\SysWOW64\wbem\WmiPrvSE.exe
(svchost.exe ->) (Microsoft Windows -> Microsoft Corporation) C:\Windows\UUS\Packages\Preview\amd64\MoUsoCoreWorker.exe

==================== Registry (Whitelisted) ===================

(If an entry is included in the fixlist, the registry item will be restored to default or removed. The file will not be moved.)

HKLM\...\Run: [Logitech Download Assistant] => C:\Windows\system32\rundll32.exe C:\Windows\System32\LogiLDA.dll,LogiFetch [3951024 2019-10-11] (Microsoft Windows Hardware Compatibility Publisher -> Logitech, Inc.)
HKLM\...\Run: [RtkAudUService] => C:\Windows\System32\DriverStore\FileRepository\realtekservice.inf_amd64_5349479f7c9fe8a6\RtkAudUService64.exe [1951632 2023-12-20] (Realtek Semiconductor Corp. -> Realtek Semiconductor)
HKLM\...\Run: [egui] => C:\Program Files\ESET\ESET Security\ecmds.exe [196016 2024-03-25] (ESET, spol. s r.o. -> ESET)
HKLM-x32\...\Run: [SunJavaUpdateSched] => C:\Program Files (x86)\Common Files\Java\Java Update\jusched.exe [739448 2023-03-17] (Oracle America, Inc. -> Oracle Corporation)
HKLM-x32\...\Run: [ZANG] => C:\Program Files (x86)\CheckPoint\ZANG\UI\UI_Main.exe [817200 2024-02-09] (Check Point Software Technologies Ltd. -> Check Point Software Technologies Ltd.)
HKLM\SOFTWARE\Microsoft\Windows Defender: [DisableAntiSpyware] Restriction <==== ATTENTION
HKLM\SOFTWARE\Microsoft\Windows Defender: [DisableAntiVirus] Restriction <==== ATTENTION
HKU\S-1-5-21-2785552240-912787919-3056475977-1001\...\Run: [OneDrive] => C:\Program Files\Microsoft OneDrive\OneDrive.exe [3306504 2024-03-26] (Microsoft Corporation -> Microsoft Corporation)
HKU\S-1-5-21-2785552240-912787919-3056475977-1001\...\Run: [StickyPassword] => C:\Program Files (x86)\Sticky Password\stpass.exe [72104 2023-12-18] (Lamantine Software a.s. -> Lamantine Software a.s.)
HKU\S-1-5-21-2785552240-912787919-3056475977-1001\...\Run: [MicrosoftEdgeAutoLaunch_C8232F012CA43EDA63AF8D019F227CEA] => "C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --no-startup-window --win-session-start [4060712 2024-03-14] (Microsoft Corporation -> Microsoft Corporation)
HKU\S-1-5-21-2785552240-912787919-3056475977-1001\...\Run: [GalaxyClient] => [X]
HKU\S-1-5-21-2785552240-912787919-3056475977-1001\...\Run: [DAEMON Tools Lite Automount] => C:\Program Files\DAEMON Tools Lite\DTAgent.exe [482128 2023-10-11] (AVB Disc Soft, SIA -> Disc Soft FZE LLC)
HKLM\SOFTWARE\Policies\Mozilla\Firefox: Restriction <==== ATTENTION
HKLM\SOFTWARE\Policies\Google: Restriction <==== ATTENTION
HKLM\SOFTWARE\Policies\Microsoft\Edge: Restriction <==== ATTENTION

==================== Scheduled Tasks (Whitelisted) =================

(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)

Task: {399B43F5-1228-4711-AB4C-129BC36CDA2C} - System32\Tasks\Adobe Acrobat Update Task => C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\AdobeARM.exe [1547208 2024-01-31] (Adobe Inc. -> Adobe Inc.)
Task: {14EEFDE1-83F4-42B5-9F79-A98B61DC1A29} - System32\Tasks\CCleaner Update => C:\Program Files\CCleaner\CCUpdate.exe [714256 2023-10-10] (PIRIFORM SOFTWARE LIMITED -> Piriform Software Ltd)
Task: {DD64EFEC-3053-48B3-B723-5750FCB60292} - System32\Tasks\CCleanerCrashReporting => C:\Program Files\CCleaner\CCleanerBugReport.exe [4703648 2023-10-10] (PIRIFORM SOFTWARE LIMITED -> Piriform Software) -> --product 90 --send dumps|report --path "C:\Program Files\CCleaner\LOG" --programpath "C:\Program Files\CCleaner" --configpath "C:\Program Files\CCleaner\Setup" --guid "17ef4122-613d-4c33-aeff-6851f77dacdc" --version "6.17.10746" --silent
Task: {B2F56437-8C34-467D-9118-010D0C3F63D2} - System32\Tasks\CCleanerSkipUAC - petrs => C:\Program Files\CCleaner\CCleaner.exe [35664800 2023-10-10] (PIRIFORM SOFTWARE LIMITED -> Piriform Software Ltd)
Task: {F2A18D04-40CB-4948-A4E6-2C188D3D3A25} - System32\Tasks\GarminUpdaterTask => C:\Program Files (x86)\Garmin\Express SelfUpdater\ExpressSelfUpdater.exe [31008 2023-08-28] (Garmin International, Inc. -> )
Task: {9B1F60EF-5E7F-4CC9-B744-85F80873659D} - System32\Tasks\HP\HP Print Scan Doctor\Printer Health Monitor => C:\Program Files\HPPrintScanDoctor\HPPrinterHealthMonitor.exe [64464 2024-03-08] (HP Inc. -> HP Inc.)
Task: {C8EFF6FD-9206-4C41-A73A-C28FF3F660DE} - System32\Tasks\HP\HP Print Scan Doctor\Printer Health Monitor Logon => C:\Program Files\HPPrintScanDoctor\HPPrinterHealthMonitor.exe [64464 2024-03-08] (HP Inc. -> HP Inc.)
Task: {71659383-6915-4B96-8DC5-524D169430FE} - System32\Tasks\CheckPointUpdateTaskMachineCore => C:\Program Files (x86)\CheckPoint\Update\ZoneAlarmUpdate.exe [169056 2024-03-27] (Check Point Software Technologies Ltd. -> CheckPoint Software Technologies Ltd.)
Task: {DC3099CB-0267-4D3E-9347-654AD332953E} - System32\Tasks\CheckPointUpdateTaskMachineUA => C:\Program Files (x86)\CheckPoint\Update\ZoneAlarmUpdate.exe [169056 2024-03-27] (Check Point Software Technologies Ltd. -> CheckPoint Software Technologies Ltd.)
Task: {63A08CFA-7515-407A-B831-D1D1EBB87F96} - System32\Tasks\Microsoft\Office\Office Automatic Updates 2.0 => C:\Program Files\Common Files\Microsoft Shared\ClickToRun\OfficeC2RClient.exe [28491744 2024-03-07] (Microsoft Corporation -> Microsoft Corporation)
Task: {9BC130E2-FF6F-492F-BFF0-6270A7F06418} - System32\Tasks\Microsoft\Office\Office ClickToRun Service Monitor => C:\Program Files\Common Files\Microsoft Shared\ClickToRun\OfficeC2RClient.exe [28491744 2024-03-07] (Microsoft Corporation -> Microsoft Corporation)
Task: {E0B79C08-79BB-46A8-9855-A88FFD95C568} - System32\Tasks\Microsoft\Office\Office Feature Updates => C:\Program Files\Microsoft Office\root\Office16\sdxhelper.exe [309184 2024-03-19] (Microsoft Corporation -> Microsoft Corporation)
Task: {15636897-284F-4CD3-93DE-843B4536F239} - System32\Tasks\Microsoft\Office\Office Feature Updates Logon => C:\Program Files\Microsoft Office\root\Office16\sdxhelper.exe [309184 2024-03-19] (Microsoft Corporation -> Microsoft Corporation)
Task: {9530E009-2B61-4644-B69C-F754B8CC191C} - System32\Tasks\Microsoft\Office\Office Performance Monitor => C:\Program Files\Microsoft Office\root\vfs\ProgramFilesCommonX64\Microsoft Shared\Office16\operfmon.exe [170136 2024-03-19] (Microsoft Corporation -> Microsoft Corporation)
Task: {E0F10DCF-44AD-40E8-9370-FB5DA59F93FB} - System32\Tasks\Microsoft\Windows\UpdateOrchestrator\USO_UxBroker => %systemroot%\system32\MusNotification.exe (No File)
Task: {662472C2-6CCA-4CBB-91AB-2A0BEE3A412F} - System32\Tasks\Mozilla\Firefox Background Update 308046B0AF4A39CB => C:\Program Files\Mozilla Firefox\firefox.exe [671648 2024-02-18] (Mozilla Corporation -> Mozilla Corporation) -> C:\ProgramData\Mozilla-1de4eec8-1241-4177-a864-e594e8d1fb38\updates\308046B0AF4A39CB\--MOZ_LOG sync,prependheader,timestamp,append,maxsize:1,Dump:5 --MOZ_LOG_FILE C:\ProgramData\Mozilla-1de4eec8-1241-4177-a864-e594e8d1fb38\updates\308046B0AF4A39CB\backgroundupdate.moz_log --backgroundtask background (the data entry has 6 more characters).
Task: {648AC316-16F7-4EF3-A0B5-0E576869DC1C} - System32\Tasks\Mozilla\Firefox Default Browser Agent 308046B0AF4A39CB => C:\Program Files\Mozilla Firefox\default-browser-agent.exe [34720 2024-02-18] (Mozilla Corporation -> Mozilla Foundation)
Task: {B5DB29EA-E21F-476A-9A75-64EFAC04A25B} - System32\Tasks\NvDriverUpdateCheckDaily_{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8} => C:\Program Files\NVIDIA Corporation\NvContainer\nvcontainer.exe [1005096 2023-11-02] (NVIDIA Corporation -> NVIDIA Corporation) -> C:\Program Files\NVIDIA Corporation\NvContainer\-d "C:\Program Files\NVIDIA Corporation\NvDriverUpdateCheck" -l 3 -f C:\ProgramData\NVIDIA\NvContainerDriverUpdateCheck.log
Task: {A3A1D2A0-F5B4-4098-AED7-D929EB2B0080} - System32\Tasks\NVIDIA GeForce Experience SelfUpdate_{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8} => C:\Program Files\NVIDIA Corporation\NVIDIA GeForce Experience\NVIDIA GeForce Experience.exe [3345448 2023-11-02] (NVIDIA Corporation -> NVIDIA Corporation)
Task: {03F4E411-B084-4494-B0A8-A3A41917110D} - System32\Tasks\NvNodeLauncher_{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8} => C:\Program Files (x86)\NVIDIA Corporation\NvNode\nvnodejslauncher.exe [649256 2023-11-02] (NVIDIA Corporation -> NVIDIA Corporation) -> C:\Program Files (x86)\NVIDIA Corporation\NvNode\--launcher=TaskScheduler
Task: {91BA0E52-6B58-4C1A-8031-44ACE5CA6AD9} - System32\Tasks\NvProfileUpdaterDaily_{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8} => C:\Program Files\NVIDIA Corporation\Update Core\NvProfileUpdater64.exe [910888 2023-11-02] (NVIDIA Corporation -> NVIDIA Corporation)
Task: {2F69E5F6-22E8-466A-AE63-B06ED5AAB17B} - System32\Tasks\NvProfileUpdaterOnLogon_{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8} => C:\Program Files\NVIDIA Corporation\Update Core\NvProfileUpdater64.exe [910888 2023-11-02] (NVIDIA Corporation -> NVIDIA Corporation)
Task: {D8B8B94C-E059-4B26-BCE0-8C6A7ECFB245} - System32\Tasks\NvTmRep_CrashReport1_{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8} => C:\Program Files\NVIDIA Corporation\NvBackend\NvTmRep.exe [1665064 2023-11-02] (NVIDIA Corporation -> NVIDIA Corporation)
Task: {04417C82-AEB0-49FB-9CA1-E9DD3839DDAA} - System32\Tasks\NvTmRep_CrashReport2_{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8} => C:\Program Files\NVIDIA Corporation\NvBackend\NvTmRep.exe [1665064 2023-11-02] (NVIDIA Corporation -> NVIDIA Corporation)
Task: {BB336857-72A4-4BC7-855D-C26FF16E0F21} - System32\Tasks\NvTmRep_CrashReport3_{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8} => C:\Program Files\NVIDIA Corporation\NvBackend\NvTmRep.exe [1665064 2023-11-02] (NVIDIA Corporation -> NVIDIA Corporation)
Task: {F92BCC29-8EA7-4146-8E85-EE15F428560F} - System32\Tasks\NvTmRep_CrashReport4_{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8} => C:\Program Files\NVIDIA Corporation\NvBackend\NvTmRep.exe [1665064 2023-11-02] (NVIDIA Corporation -> NVIDIA Corporation)
Task: {86D74176-E9A1-4792-9DF9-65DF22201D67} - System32\Tasks\OneDrive Per-Machine Standalone Update Task => C:\Program Files\Microsoft OneDrive\OneDriveStandaloneUpdater.exe [4206096 2024-03-26] (Microsoft Corporation -> Microsoft Corporation)
Task: {26998442-F9D7-4310-81AB-DA99388D4B84} - System32\Tasks\OneDrive Reporting Task-S-1-5-21-2785552240-912787919-3056475977-1001 => C:\Program Files\Microsoft OneDrive\OneDriveStandaloneUpdater.exe [4206096 2024-03-26] (Microsoft Corporation -> Microsoft Corporation)

(If an entry is included in the fixlist, the task (.job) file will be moved. The file which is running by the task will not be moved.)

Task: C:\Windows\Tasks\CCleanerCrashReporting.job => C:\Program Files\CCleaner\CCleanerBugReport.exe

==================== Internet (Whitelisted) ====================

(If an item is included in the fixlist, if it is a registry item it will be removed or restored to default.)

Tcpip\Parameters: [DhcpNameServer] 192.168.1.1
Tcpip\..\Interfaces\{35a168d9-1984-429c-9a8a-e56395f3eb51}: [DhcpNameServer] 192.168.1.1
Tcpip\..\Interfaces\{de550de4-89a9-46b5-bdc1-069d2be646cf}: [DhcpNameServer] 192.168.1.1
HKLM\SOFTWARE\Policies\Microsoft\Internet Explorer: Restriction <==== ATTENTION

Edge:
=======
Edge DefaultProfile: Default
Edge Profile: C:\Users\petrs\AppData\Local\Microsoft\Edge\User Data\Default [2024-03-27]
Edge HomePage: Default -> hxxp://www.seznam.cz/
Edge StartupUrls: Default -> "hxxp://www.seznam.cz/"
Edge Extension: (Dokumenty Google offline) - C:\Users\petrs\AppData\Local\Microsoft\Edge\User Data\Default\Extensions\ghbmnnjooekpmoecnnnilnnbdlolhkhi [2024-03-08]
Edge Extension: (Popup Blocker (strict)) - C:\Users\petrs\AppData\Local\Microsoft\Edge\User Data\Default\Extensions\ijhfkkgjgpcplfeajghagkcebakjcpge [2024-03-10]
Edge Extension: (Sticky Password - správce hesel) - C:\Users\petrs\AppData\Local\Microsoft\Edge\User Data\Default\Extensions\jbipmfkjgjhibkepepeneigpkfeikikp [2024-02-28]
Edge Extension: (Edge relevant text changes) - C:\Users\petrs\AppData\Local\Microsoft\Edge\User Data\Default\Extensions\jmjflgjpcpepeafmmgdpfkogkghcpiha [2024-01-24]
Edge Extension: (ESET Browser Privacy & Security) - C:\Users\petrs\AppData\Local\Microsoft\Edge\User Data\Default\Extensions\nkapkmklnmidbbgjaipbgpcnbomnaakc [2024-03-27]
Edge Extension: (Hlídač Shopů) - C:\Users\petrs\AppData\Local\Microsoft\Edge\User Data\Default\Extensions\plmlonggbfebcjelncogcnclagkmkikk [2023-11-17]
Edge HKLM-x32\...\Edge\Extension: [nkapkmklnmidbbgjaipbgpcnbomnaakc]

FireFox:
========
FF DefaultProfile: gdl9l20v.default
FF ProfilePath: C:\Users\petrs\AppData\Roaming\Mozilla\Firefox\Profiles\gdl9l20v.default [2023-05-04]
FF ProfilePath: C:\Users\petrs\AppData\Roaming\Mozilla\Firefox\Profiles\7wzm0yq2.default-release [2024-03-27]
FF Extension: (Sticky Password - správce hesel) - C:\Users\petrs\AppData\Roaming\Mozilla\Firefox\Profiles\7wzm0yq2.default-release\Extensions\{ecb80162-dfbd-4d91-a8da-17b35ba4707a}.xpi [2023-05-04]
FF Plugin: @java.com/DTPlugin,version=11.371.2 -> C:\Program Files\Java\jre-1.8\bin\dtplugin\npDeployJava1.dll [2023-03-17] (Oracle America, Inc. -> Oracle Corporation)
FF Plugin: @java.com/JavaPlugin,version=11.371.2 -> C:\Program Files\Java\jre-1.8\bin\plugin2\npjp2.dll [2023-03-17] (Oracle America, Inc. -> Oracle Corporation)
FF Plugin: @microsoft.com/SharePoint,version=14.0 -> C:\Program Files\Microsoft Office\root\Office16\NPSPWRAP.DLL [2024-01-31] (Microsoft Corporation -> Microsoft Corporation)
FF Plugin: @videolan.org/vlc,version=3.0.18 -> C:\Program Files\VideoLAN\VLC\npvlc.dll [2022-11-08] (VideoLAN -> VideoLAN)
FF Plugin: Adobe Acrobat -> C:\Program Files\Adobe\Acrobat DC\Acrobat\Air\nppdf32.dll [2024-03-18] (Adobe Inc. -> Adobe Systems Inc.)
FF Plugin-x32: @microsoft.com/SharePoint,version=14.0 -> C:\Program Files\Microsoft Office\root\VFS\ProgramFilesX86\Microsoft Office\Office16\NPSPWRAP.DLL [2024-01-31] (Microsoft Corporation -> Microsoft Corporation)
FF Plugin-x32: @tools.google.com/CheckPoint Update;version=3 -> C:\Program Files (x86)\CheckPoint\Update\1.3.99.0\npZoneAlarmUpdate3.dll [2024-03-27] (Check Point Software Technologies Ltd. -> CheckPoint Software Technologies Ltd.)
FF Plugin-x32: @tools.google.com/CheckPoint Update;version=9 -> C:\Program Files (x86)\CheckPoint\Update\1.3.99.0\npZoneAlarmUpdate3.dll [2024-03-27] (Check Point Software Technologies Ltd. -> CheckPoint Software Technologies Ltd.)
FF ExtraCheck: C:\Program Files\mozilla firefox\defaults\pref\eset_security_config_overlay.js [2024-03-27]

==================== Services (Whitelisted) ===================

(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)

R2 AdobeARMservice; C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\armsvc.exe [172992 2024-01-31] (Adobe Inc. -> Adobe Inc.)
R2 AR_Service; C:\Program Files (x86)\CheckPoint\ZANG\AR\AR_Service.exe [23088 2024-02-09] (Check Point Software Technologies Ltd. -> Check Point Software Technologies Ltd.)
R2 ClickToRunSvc; C:\Program Files\Common Files\Microsoft Shared\ClickToRun\OfficeClickToRun.exe [14097992 2024-03-07] (Microsoft Corporation -> Microsoft Corporation)
R2 CPEFR; C:\Program Files (x86)\CheckPoint\Endpoint Security\EFR\EFRService.exe [3567552 2024-02-20] (Check Point Software Technologies Ltd. -> Check Point Software Technologies Ltd.)
R2 CpSbaCipolla; C:\Program Files (x86)\CheckPoint\Endpoint Security\TPCommon\Cipolla\SBACipollaSrvHost.exe [35128 2024-02-20] (Check Point Software Technologies Ltd. -> )
R2 CpSbaUpdater; C:\Program Files (x86)\CheckPoint\Endpoint Security\TPCommon\Cipolla\SBACipollaSrvHost.exe [35128 2024-02-20] (Check Point Software Technologies Ltd. -> )
R3 Disc Soft Lite Bus Service; C:\Program Files\DAEMON Tools Lite\DiscSoftBusServiceLite.exe [4973904 2023-10-11] (AVB Disc Soft, SIA -> Disc Soft FZE LLC)
S3 EasyAntiCheat; C:\Program Files (x86)\EasyAntiCheat\EasyAntiCheat.exe [1136552 2023-08-22] (EasyAntiCheat Oy -> Epic Games, Inc)
S3 EasyAntiCheat_EOS; C:\Program Files (x86)\EasyAntiCheat_EOS\EasyAntiCheat_EOS.exe [943528 2023-11-26] (EasyAntiCheat Oy -> Epic Games, Inc.)
R2 efwd; C:\Program Files\ESET\ESET Security\efwd.exe [5584248 2024-03-25] (ESET, spol. s r.o. -> ESET)
R2 ekrn; C:\Program Files\ESET\ESET Security\ekrn.exe [3903416 2024-03-25] (ESET, spol. s r.o. -> ESET)
R3 ekrnEpfw; C:\Program Files\ESET\ESET Security\ekrn.exe [3903416 2024-03-25] (ESET, spol. s r.o. -> ESET)
R2 EpabService; C:\Program Files (x86)\CheckPoint\Endpoint Security\AntiBot\epab_svc.exe [518592 2023-02-05] (Check Point Software Technologies Ltd. -> Check Point Software Technologies Ltd.)
S3 EpicOnlineServices; C:\Program Files (x86)\Epic Games\Epic Online Services\service\EpicOnlineServicesHost.exe [375248 2023-12-26] (Epic Games Inc. -> Epic Games, Inc.)
S3 FileSyncHelper; C:\Program Files\Microsoft OneDrive\24.050.0310.0001\FileSyncHelper.exe [3511312 2024-03-26] (Microsoft Corporation -> Microsoft Corporation)
S3 GalaxyClientService; E:\Hry\GOG Galaxy\GalaxyClientService.exe [2348000 2023-04-13] (GOG sp. z o.o -> GOG.com)
S3 GalaxyCommunication; C:\ProgramData\GOG.com\Galaxy\redists\GalaxyCommunication.exe [7178720 2023-04-13] (GOG sp. z o.o -> GOG.com)
R2 HPPrintScanDoctorService; C:\Program Files\HPPrintScanDoctor\HPPrintScanDoctorService.exe [234968 2024-03-08] (HP Inc. -> HP Inc.)
R2 NahimicService; C:\Windows\system32\NahimicService.exe [1909416 2024-01-01] (A-Volute SAS -> Nahimic)
S3 OneDrive Updater Service; C:\Program Files\Microsoft OneDrive\24.050.0310.0001\OneDriveUpdaterService.exe [3851296 2024-03-26] (Microsoft Corporation -> Microsoft Corporation)
R2 OptionsPlusUpdaterService; C:\Program Files\LogiOptionsPlus\logioptionsplus_updater.exe [18545408 2024-03-06] (Logitech Inc -> Logitech, Inc.)
R2 TESvc; C:\Program Files (x86)\CheckPoint\Endpoint Security\Threat Emulation\TESvc.exe [141760 2023-02-20] (Check Point Software Technologies Ltd. -> Check Point Software Technologies Ltd.)
R2 vsmon; C:\Windows\SysWOW64\Zonelabs\vsmon.exe [3506184 2023-09-28] (Check Point Software Technologies Ltd. -> Check Point Software Technologies Ltd.)
S3 WdNisSvc; C:\ProgramData\Microsoft\Windows Defender\Platform\4.18.24020.7-0\NisSrv.exe [3191272 2024-03-12] (Microsoft Windows Publisher -> Microsoft Corporation)
S3 WinDefend; C:\ProgramData\Microsoft\Windows Defender\Platform\4.18.24020.7-0\MsMpEng.exe [133688 2024-03-12] (Microsoft Windows Publisher -> Microsoft Corporation)
R2 ZANG_AV; C:\Program Files (x86)\CheckPoint\ZANG\AV\ZANG_AV.exe [25648 2024-02-09] (Check Point Software Technologies Ltd. -> Check Point Software Technologies Ltd.)
R2 ZANG_DAF; C:\Program Files (x86)\CheckPoint\ZANG\Firewall\ZANG_DAF.exe [849968 2024-02-20] (Check Point Software Technologies Ltd. -> Check Point Software Technologies Ltd.)
R2 ZANG_MgrSvc; C:\Program Files (x86)\CheckPoint\ZANG\MgrSvc\ZANG_MgrSvc.exe [25136 2024-02-09] (Check Point Software Technologies Ltd. -> Check Point Software Technologies Ltd.)
R2 ZA_WSC; C:\Program Files (x86)\CheckPoint\ZANG\AV\ZA_WSC.exe [828960 2024-02-06] (Check Point Software Technologies Ltd. -> Check Point Software Technologies Ltd.)
S2 zus; C:\Program Files (x86)\CheckPoint\Update\ZoneAlarmUpdate.exe [169056 2024-03-27] (Check Point Software Technologies Ltd. -> CheckPoint Software Technologies Ltd.)
S3 zusm; C:\Program Files (x86)\CheckPoint\Update\ZoneAlarmUpdate.exe [169056 2024-03-27] (Check Point Software Technologies Ltd. -> CheckPoint Software Technologies Ltd.)
R2 NVDisplay.ContainerLocalSystem; C:\Windows\System32\DriverStore\FileRepository\nvmdi.inf_amd64_04ffae6d80cb7adc\Display.NvContainer\NVDisplay.Container.exe -s NVDisplay.ContainerLocalSystem -f %ProgramData%\NVIDIA\NVDisplay.ContainerLocalSystem.log -l 3 -d C:\Windows\System32\DriverStore\FileRepository\nvmdi.inf_amd64_04ffae6d80cb7adc\Display.NvContainer\plugins\LocalSystem -r -p 30000 -cfg NVDisplay.ContainerLocalSystem\LocalSystem

===================== Drivers (Whitelisted) ===================

(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)

R2 cpbak; C:\Windows\System32\DRIVERS\cpbak.sys [78816 2022-11-28] (Microsoft Windows Hardware Compatibility Publisher -> Check Point Software Technologies)
R2 cpdevmon; C:\Program Files (x86)\CheckPoint\Endpoint Security\EFR\cpdevmon64.sys [27104 2024-02-20] (Microsoft Windows Hardware Compatibility Publisher -> Check Point Software Technologies)
R0 cpdhnypt; C:\Windows\System32\DRIVERS\cpdhnypt.sys [27136 2023-02-17] (Microsoft Windows Hardware Compatibility Publisher -> Check Point Software Technologies)
R0 cpdiskflt; C:\Windows\System32\DRIVERS\cpdiskflt.sys [21968 2023-02-17] (Microsoft Windows Hardware Compatibility Publisher -> Check Point Software Technologies)
R1 CPEPMon; C:\Windows\System32\DRIVERS\CPEPMon.sys [167936 2023-10-29] (Microsoft Windows Hardware Compatibility Publisher -> Check Point Software Technologies)
R1 cposfw; C:\Windows\System32\DRIVERS\cposfw.sys [118880 2024-02-09] (Microsoft Windows Hardware Compatibility Publisher -> Check Point Software Technologies)
S3 dg_ssudbus; C:\Windows\system32\DRIVERS\ssudbus2.sys [167440 2022-09-30] (Samsung Electronics CO., LTD. -> Samsung Electronics Co., Ltd.)
R3 dtlitescsibus; C:\Windows\System32\drivers\dtlitescsibus.sys [42256 2023-10-11] (AVB Disc Soft, SIA -> Disc Soft Ltd)
R3 dtliteusbbus; C:\Windows\System32\drivers\dtliteusbbus.sys [63696 2023-10-11] (AVB Disc Soft, SIA -> Disc Soft Ltd)
R1 eamonm; C:\Windows\System32\DRIVERS\eamonm.sys [218432 2024-03-25] (ESET, spol. s r.o. -> ESET)
R0 edevmon; C:\Windows\System32\DRIVERS\edevmon.sys [121304 2024-03-25] (ESET, spol. s r.o. -> ESET)
S0 eelam; C:\Windows\System32\DRIVERS\eelam.sys [16336 2024-03-21] (Microsoft Windows Early Launch Anti-malware Publisher -> ESET)
R1 ehdrv; C:\Windows\system32\DRIVERS\ehdrv.sys [259752 2024-03-25] (ESET, spol. s r.o. -> ESET)
R2 ekbdflt; C:\Windows\system32\DRIVERS\ekbdflt.sys [57832 2024-03-25] (ESET, spol. s r.o. -> ESET)
S0 epelam; C:\Windows\System32\drivers\epelam.sys [18912 2022-01-03] (Microsoft Windows Early Launch Anti-malware Publisher -> Check Point Software Technologies)
R1 epfw; C:\Windows\system32\DRIVERS\epfw.sys [84120 2024-03-25] (ESET, spol. s r.o. -> ESET)
R1 epfwwfp; C:\Windows\system32\DRIVERS\epfwwfp.sys [125952 2024-03-25] (ESET, spol. s r.o. -> ESET)
R3 epklibproxy; C:\Windows\System32\drivers\epklibproxy.sys [29648 2022-11-17] (Microsoft Windows Hardware Compatibility Publisher -> Check Point Software Technologies Ltd.)
R1 epnetflt; C:\Windows\system32\drivers\epnetflt.sys [195544 2023-03-02] (Microsoft Windows Hardware Compatibility Publisher -> Check Point Software Technologies)
R1 epregflt; C:\Windows\system32\drivers\epregflt.sys [133416 2020-12-02] (Check Point Software Technologies Ltd. -> Check Point Software Technologies)
R1 IntelTDT; C:\Windows\System32\Drivers\IntelTDT.sys [93496 2024-02-20] (Check Point Software Technologies Ltd. -> Windows (R) Win 7 DDK provider)
R2 ISWKL; C:\Program Files (x86)\CheckPoint\Endpoint Security\Endpoint Common\bin\ISWKL.sys [50128 2022-06-21] (Microsoft Windows Hardware Compatibility Publisher -> Check Point Software Technologies Ltd.)
R3 Nahimic_Mirroring; C:\Windows\System32\drivers\Nahimic_Mirroring.sys [86224 2022-08-19] (A-Volute SAS -> Windows (R) Win 7 DDK provider)
R3 NvModuleTracker; C:\Windows\System32\DriverStore\FileRepository\nvmoduletracker.inf_amd64_0c1cc60a4b422185\NvModuleTracker.sys [45656 2022-07-14] (Nvidia Corporation -> NVIDIA Corporation)
S3 ssudmdm; C:\Windows\system32\DRIVERS\ssudmdm.sys [174112 2022-09-30] (Samsung Electronics CO., LTD. -> Samsung Electronics Co., Ltd.)
R1 vsdatant; C:\Windows\system32\DRIVERS\vsdatant.sys [681072 2022-11-17] (Check Point Software Technologies Ltd. -> Check Point Software Technologies Ltd.)
S3 WdBoot; C:\Windows\system32\drivers\wd\WdBoot.sys [20928 2024-03-12] (Microsoft Windows Early Launch Anti-malware Publisher -> Microsoft Corporation)
U5 WdDevFlt; C:\Windows\System32\Drivers\WdDevFlt.sys [169232 2022-05-07] (Microsoft Windows -> Microsoft Corporation)
S3 WdFilter; C:\Windows\system32\drivers\wd\WdFilter.sys [603416 2024-03-12] (Microsoft Windows -> Microsoft Corporation)
S3 WdNisDrv; C:\Windows\System32\drivers\wd\WdNisDrv.sys [105752 2024-03-12] (Microsoft Windows -> Microsoft Corporation)

==================== NetSvcs (Whitelisted) ===================

(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)


==================== One month (created) (Whitelisted) =========

(If an entry is included in the fixlist, the file/folder will be moved.)

2024-03-27 16:19 - 2024-03-27 16:19 - 000725758 _____ C:\Windows\system32\perfh005.dat
2024-03-27 16:19 - 2024-03-27 16:19 - 000151026 _____ C:\Windows\system32\perfc005.dat
2024-03-27 16:12 - 2024-03-27 16:12 - 000012288 _____ C:\Windows\system32\Drivers\vsparam.reg
2024-03-27 16:12 - 2024-03-27 16:12 - 000008192 _____ C:\Windows\system32\Drivers\vsflt.reg
2024-03-27 16:10 - 2024-03-27 16:27 - 000000000 ____D C:\Windows\Internet Logs
2024-03-27 16:10 - 2024-03-27 16:12 - 000012288 _____ C:\Windows\system32\Drivers\vsndis.reg
2024-03-27 16:10 - 2024-03-27 16:11 - 000000000 ____D C:\Windows\SysWOW64\Zonelabs
2024-03-27 16:10 - 2024-03-27 16:10 - 000001273 _____ C:\Users\Public\Desktop\ZoneAlarm.lnk
2024-03-27 16:10 - 2024-03-27 16:10 - 000000604 _____ C:\Windows\system32\Drivers\DisconnectedPolicy.xml
2024-03-27 16:10 - 2024-03-27 16:10 - 000000000 ____H C:\Windows\system32\Drivers\Msft_Kernel_cpdiskflt_01011.Wdf
2024-03-27 16:10 - 2024-03-27 16:10 - 000000000 ____H C:\Windows\system32\Drivers\Msft_Kernel_cpdhnypt_01011.Wdf
2024-03-27 16:10 - 2024-03-27 16:10 - 000000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\ZoneAlarm
2024-03-27 16:10 - 2024-02-20 14:12 - 000093496 _____ (Windows (R) Win 7 DDK provider) C:\Windows\system32\Drivers\IntelTDT.sys
2024-03-27 16:10 - 2023-02-02 18:23 - 000260968 _____ C:\Windows\system32\Drivers\vsconfig.xml
2024-03-27 16:09 - 2024-03-27 16:10 - 000000000 ____D C:\ProgramData\CheckPoint
2024-03-27 16:09 - 2024-03-27 16:10 - 000000000 ____D C:\Program Files (x86)\CheckPoint
2024-03-27 16:09 - 2024-03-27 16:09 - 001133424 _____ (CheckPoint Software Technologies Ltd.) C:\Users\petrs\Downloads\ZoneAlarmNGSetup_ZANG_FW_FR_AR8ZNP.exe
2024-03-27 16:09 - 2024-03-27 16:09 - 000003462 _____ C:\Windows\system32\Tasks\CheckPointUpdateTaskMachineUA
2024-03-27 16:09 - 2024-03-27 16:09 - 000003338 _____ C:\Windows\system32\Tasks\CheckPointUpdateTaskMachineCore
2024-03-27 16:09 - 2024-03-27 16:09 - 000000000 ____D C:\Users\petrs\AppData\Local\CheckPoint
2024-03-27 15:45 - 2024-03-27 15:46 - 000044507 _____ C:\Users\petrs\Desktop\Addition.txt
2024-03-27 15:44 - 2024-03-27 16:28 - 000032795 _____ C:\Users\petrs\Desktop\FRST.txt
2024-03-27 15:43 - 2024-03-27 16:28 - 000000000 ____D C:\FRST
2024-03-27 15:42 - 2024-03-27 15:43 - 002391552 _____ (Farbar) C:\Users\petrs\Desktop\FRST64.exe
2024-03-27 15:09 - 2024-03-27 15:09 - 000002016 _____ C:\Users\Public\Desktop\ESET Zabezpečené bankovnictví a prohlížení webu.lnk
2024-03-27 15:07 - 2024-03-27 15:07 - 000000000 ____D C:\Users\petrs\AppData\Local\ESET
2024-03-27 15:06 - 2024-03-27 15:06 - 000000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\ESET
2024-03-27 15:06 - 2024-03-27 15:06 - 000000000 ____D C:\ProgramData\ESET
2024-03-27 15:06 - 2024-03-27 15:06 - 000000000 ____D C:\Program Files\ESET
2024-03-27 11:01 - 2024-03-27 11:01 - 000000000 ___HD C:\OneDriveTemp
2024-03-25 19:28 - 2024-03-25 19:30 - 1455116713 _____ C:\Users\petrs\Downloads\[Erai-raws] Ore dake Level Up na Ken - 11 [1080p][Multiple Subtitle][9A1B5F9A].mkv
2024-03-25 19:28 - 2024-03-25 19:29 - 1443718225 _____ C:\Users\petrs\Downloads\[SubsPlease] Nozomanu Fushi no Boukensha - 12 (1080p) [8E8A3480].mkv
2024-03-25 19:28 - 2024-03-25 19:28 - 000031910 _____ C:\Users\petrs\Downloads\[SubsPlease] Nozomanu Fushi no Boukensha - 12 (720p) [732D5AD4].ass
2024-03-25 19:27 - 2024-03-25 19:27 - 000022908 _____ C:\Users\petrs\Downloads\[Erai-raws] Ore dake Level Up na Ken - 11 [720p][Multiple Subtitle][5BF36326].ass
2024-03-25 13:27 - 2024-03-25 13:27 - 000259752 _____ (ESET) C:\Windows\system32\Drivers\ehdrv.sys
2024-03-25 13:27 - 2024-03-25 13:27 - 000218432 _____ (ESET) C:\Windows\system32\Drivers\eamonm.sys
2024-03-25 13:27 - 2024-03-25 13:27 - 000125952 _____ (ESET) C:\Windows\system32\Drivers\epfwwfp.sys
2024-03-25 13:27 - 2024-03-25 13:27 - 000121304 _____ (ESET) C:\Windows\system32\Drivers\edevmon.sys
2024-03-25 13:27 - 2024-03-25 13:27 - 000084120 _____ (ESET) C:\Windows\system32\Drivers\epfw.sys
2024-03-25 13:27 - 2024-03-25 13:27 - 000057832 _____ (ESET) C:\Windows\system32\Drivers\ekbdflt.sys
2024-03-17 23:25 - 2024-03-17 23:29 - 1634514431 _____ C:\Users\petrs\Downloads\[SubsPlease] Shangri-La Frontier - 19 (1080p) [7F0307E9].mkv
2024-03-17 23:25 - 2024-03-17 23:29 - 1543821013 _____ C:\Users\petrs\Downloads\[SubsPlease] Shangri-La Frontier - 22 (1080p) [841BED2C].mkv
2024-03-17 23:25 - 2024-03-17 23:29 - 1537764566 _____ C:\Users\petrs\Downloads\[SubsPlease] Shangri-La Frontier - 20 (1080p) [AF8AE360].mkv
2024-03-17 23:25 - 2024-03-17 23:27 - 1441065815 _____ C:\Users\petrs\Downloads\[SubsPlease] Shangri-La Frontier - 23 (1080p) [ECD81383].mkv
2024-03-17 23:25 - 2024-03-17 23:27 - 1439089554 _____ C:\Users\petrs\Downloads\[SubsPlease] Shangri-La Frontier - 21 (1080p) [4EA64D0E].mkv
2024-03-17 23:25 - 2024-03-17 23:25 - 000041949 _____ C:\Users\petrs\Downloads\[subsplease] Shangri-La Frontier_ Kusoge Hunter, Kamige ni Idoman to su - 21 [BRZK].ass
2024-03-17 23:25 - 2024-03-17 23:25 - 000038818 _____ C:\Users\petrs\Downloads\[subsplease] Shangri-La Frontier_ Kusoge Hunter, Kamige ni Idoman to su - 20 [BRZK].ass
2024-03-17 23:25 - 2024-03-17 23:25 - 000038361 _____ C:\Users\petrs\Downloads\[Subsplease] Shangri-La Frontier_ Kusoge Hunter, Kamige ni Idoman to su - 22 [BRZK].ass
2024-03-17 23:24 - 2024-03-17 23:24 - 000043781 _____ C:\Users\petrs\Downloads\[subsplease] Shangri-La Frontier_ Kusoge Hunter, Kamige ni Idoman to su - 19 [BRZK].ass
2024-03-17 12:19 - 2024-03-17 12:21 - 1472280553 _____ C:\Users\petrs\Downloads\[Erai-raws] Ore dake Level Up na Ken - 10 [1080p][Multiple Subtitle][A9FB951C].mkv
2024-03-17 12:19 - 2024-03-17 12:21 - 1446510149 _____ C:\Users\petrs\Downloads\[SubsPlease] Nozomanu Fushi no Boukensha - 11 (1080p) [5EB1F3AB].mkv
2024-03-17 12:19 - 2024-03-17 12:19 - 000032894 _____ C:\Users\petrs\Downloads\[Erai-raws] Ore dake Level Up na Ken - 10 [720p][Multiple Subtitle][C628981E].ass
2024-03-17 12:18 - 2024-03-17 12:18 - 000032480 _____ C:\Users\petrs\Downloads\[SubsPlease] Nozomanu Fushi no Boukensha - 11 (720p) [9DC5A493].ass
2024-03-13 10:18 - 2024-03-13 10:18 - 000020023 _____ C:\Windows\SysWOW64\IntegratedServicesRegionPolicySet.json
2024-03-13 10:18 - 2024-03-13 10:18 - 000020023 _____ C:\Windows\system32\IntegratedServicesRegionPolicySet.json
2024-03-13 10:15 - 2024-03-13 10:16 - 000000000 ___HD C:\$WinREAgent
2024-03-10 08:54 - 2024-03-10 08:56 - 1473031609 _____ C:\Users\petrs\Downloads\[Erai-raws] Ore dake Level Up na Ken - 09 [1080p][Multiple Subtitle][2948F80F].mkv
2024-03-10 08:54 - 2024-03-10 08:54 - 000034556 _____ C:\Users\petrs\Downloads\[Erai-raws] Ore dake Level Up na Ken - 09 [720p][Multiple Subtitle][1B63B228].ass
2024-03-09 14:36 - 2024-03-09 14:38 - 1446313464 _____ C:\Users\petrs\Downloads\[SubsPlease] Nozomanu Fushi no Boukensha - 10v2 (1080p) [E2851279].mkv
2024-03-09 14:36 - 2024-03-09 14:36 - 000034901 _____ C:\Users\petrs\Downloads\[SubsPlease] Nozomanu Fushi no Boukensha - 10v2 (720p) [1A67B818].ass
2024-03-07 13:02 - 2024-03-07 13:02 - 001059500 _____ C:\Users\petrs\Downloads\Faktura_objednávka ES01651_dobropis.pdf
2024-03-07 12:39 - 2024-03-07 12:42 - 000239316 _____ C:\Users\petrs\Downloads\Formulář pro odstoupení od kupní smlouvy.pdf
2024-03-07 09:30 - 2024-03-07 09:30 - 000000000 ____D C:\Program Files\Common Files\DESIGNER
2024-03-07 09:23 - 2024-03-07 09:23 - 000000859 _____ C:\Users\Public\Desktop\Logi Options+.lnk
2024-03-07 09:23 - 2024-03-07 09:23 - 000000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Logi
2024-03-07 09:23 - 2024-03-07 09:23 - 000000000 ____D C:\Program Files\LogiOptionsPlus
2024-03-03 10:09 - 2024-03-03 10:11 - 1473157029 _____ C:\Users\petrs\Downloads\[Erai-raws] Ore dake Level Up na Ken - 08 [1080p][Multiple Subtitle][58CC8C8A].mkv
2024-03-03 10:09 - 2024-03-03 10:09 - 000031871 _____ C:\Users\petrs\Downloads\[Erai-raws] Ore dake Level Up na Ken - 08 [720p][Multiple Subtitle][C7393F9D].ass
2024-03-02 17:32 - 2024-03-02 17:34 - 001221812 ____H C:\Users\petrs\Downloads\.52ea00a70119d22fae99c0401353f27ed9fcf95b.parts
2024-03-02 17:32 - 2024-03-02 17:32 - 000000000 ____D C:\Users\petrs\Downloads\Hello World and Another World (2019) [1080p]
2024-03-02 17:29 - 2024-03-02 17:30 - 1445409432 _____ C:\Users\petrs\Downloads\[SubsPlease] Nozomanu Fushi no Boukensha - 09 (1080p) [8579C6AE].mkv
2024-03-02 17:29 - 2024-03-02 17:29 - 000086728 _____ C:\Users\petrs\Downloads\[EMBER _ AnimeKayo] Hello World - 01 [WOSUBS].ass
2024-03-02 17:28 - 2024-03-02 17:28 - 000034164 _____ C:\Users\petrs\Downloads\[SubsPlease] Nozomanu Fushi no Boukensha - 09 (720p) [97AD02E8].ass

==================== One month (modified) ==================

(If an entry is included in the fixlist, the file/folder will be moved.)

2024-03-27 16:21 - 2022-05-07 06:24 - 000000000 ____D C:\ProgramData\regid.1991-06.com.microsoft
2024-03-27 16:19 - 2023-04-14 19:38 - 001718036 _____ C:\Windows\system32\PerfStringBackup.INI
2024-03-27 16:19 - 2022-05-07 06:22 - 000000000 ____D C:\Windows\INF
2024-03-27 16:15 - 2023-04-14 20:06 - 000000000 ____D C:\Users\petrs\AppData\Local\D3DSCache
2024-03-27 16:14 - 2022-05-07 06:24 - 000000000 ____D C:\Windows\SystemTemp
2024-03-27 16:13 - 2023-04-22 08:54 - 000000000 ____D C:\Users\petrs\Documents\Sticky Passwords
2024-03-27 16:13 - 2023-04-22 08:33 - 000000000 ____D C:\Users\petrs\AppData\Local\VirtualStore
2024-03-27 16:13 - 2023-04-22 08:29 - 000000000 ____D C:\Users\petrs\AppData\Local\LogiOptionsPlus
2024-03-27 16:13 - 2023-04-14 20:08 - 000000000 ___RD C:\Users\petrs\OneDrive
2024-03-27 16:13 - 2023-04-14 20:06 - 000000000 ____D C:\Users\petrs\AppData\Local\Packages
2024-03-27 16:13 - 2023-04-14 20:01 - 000000000 ____D C:\Users\petrs
2024-03-27 16:13 - 2023-04-14 19:25 - 000000000 ____D C:\ProgramData\Packages
2024-03-27 16:13 - 2023-04-14 19:23 - 000000000 ____D C:\Windows\system32\SleepStudy
2024-03-27 16:13 - 2022-05-07 06:24 - 000000000 ___HD C:\Program Files\WindowsApps
2024-03-27 16:13 - 2022-05-07 06:24 - 000000000 ____D C:\Windows\AppReadiness
2024-03-27 16:12 - 2023-04-23 10:06 - 000000000 ____D C:\Program Files\Microsoft OneDrive
2024-03-27 16:12 - 2023-04-14 19:29 - 000000000 ____D C:\ProgramData\NVIDIA
2024-03-27 16:12 - 2023-04-14 19:25 - 000001607 _____ C:\Windows\system32\config\VSMIDK
2024-03-27 16:12 - 2023-04-14 19:23 - 000012288 ___SH C:\DumpStack.log.tmp
2024-03-27 16:12 - 2023-04-14 19:23 - 000000006 ____H C:\Windows\Tasks\SA.DAT
2024-03-27 16:12 - 2022-05-07 06:24 - 000000000 ____D C:\Windows\ServiceState
2024-03-27 16:10 - 2023-04-22 08:29 - 000000000 ____D C:\ProgramData\Package Cache
2024-03-27 15:06 - 2022-05-07 06:24 - 000000000 ___HD C:\Windows\ELAMBKUP
2024-03-27 15:05 - 2023-10-21 19:18 - 000000000 ____D C:\Windows\Minidump
2024-03-27 15:05 - 2023-07-10 20:28 - 000000000 ____D C:\Users\petrs\AppData\Roaming\discord
2024-03-27 15:04 - 2023-10-19 19:56 - 000000000 ____D C:\Program Files\CCleaner
2024-03-26 08:16 - 2023-04-27 20:05 - 000000000 ____D C:\Users\petrs\AppData\Roaming\vlc
2024-03-26 08:15 - 2023-04-22 09:31 - 000003194 _____ C:\Windows\system32\Tasks\OneDrive Per-Machine Standalone Update Task
2024-03-26 08:15 - 2023-04-22 09:31 - 000002130 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Programs\OneDrive.lnk
2024-03-26 08:15 - 2023-04-14 20:08 - 000003592 _____ C:\Windows\system32\Tasks\OneDrive Reporting Task-S-1-5-21-2785552240-912787919-3056475977-1001
2024-03-25 22:16 - 2023-04-27 19:43 - 000000000 ____D C:\Users\petrs\AppData\Roaming\qBittorrent
2024-03-25 21:18 - 2023-04-14 19:24 - 000003640 _____ C:\Windows\system32\Tasks\MicrosoftEdgeUpdateTaskMachineUA
2024-03-25 21:18 - 2023-04-14 19:24 - 000003516 _____ C:\Windows\system32\Tasks\MicrosoftEdgeUpdateTaskMachineCore
2024-03-25 21:17 - 2023-04-22 09:35 - 000000000 ____D C:\Users\petrs\AppData\Roaming\Microsoft\Word
2024-03-25 20:44 - 2023-10-25 15:13 - 000000000 ____D C:\Users\petrs\AppData\Roaming\Microsoft\Excel
2024-03-21 12:45 - 2023-07-10 20:28 - 000000000 ____D C:\Users\petrs\AppData\Local\Discord
2024-03-20 20:24 - 2023-06-24 20:00 - 000004562 _____ C:\Windows\system32\Tasks\Adobe Acrobat Update Task
2024-03-20 20:24 - 2023-06-24 19:59 - 000002073 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Adobe Acrobat.lnk
2024-03-20 20:24 - 2023-06-24 19:59 - 000002061 _____ C:\Users\Public\Desktop\Adobe Acrobat.lnk
2024-03-19 19:28 - 2023-07-10 20:28 - 000002227 _____ C:\Users\petrs\Desktop\Discord.lnk
2024-03-19 14:34 - 2023-04-22 09:28 - 000000000 ____D C:\Program Files\Microsoft Office
2024-03-17 19:15 - 2023-06-24 20:15 - 000000000 ____D C:\Users\petrs\AppData\Roaming\com.adobe.dunamis
2024-03-17 11:23 - 2024-02-16 15:23 - 000263680 _____ (Microsoft Corporation) C:\Windows\system32\gamingservicesproxy_4.dll
2024-03-17 11:23 - 2023-05-06 20:20 - 002709096 _____ (Microsoft Corporation) C:\Windows\system32\xgameruntime.dll
2024-03-17 11:23 - 2023-05-06 20:20 - 000706152 _____ (Microsoft Corporation) C:\Windows\system32\gameplatformservices.dll
2024-03-17 11:23 - 2023-05-06 20:20 - 000218728 _____ (Microsoft Corporation) C:\Windows\system32\gameconfighelper.dll
2024-03-17 11:23 - 2023-05-06 20:20 - 000206440 _____ (Microsoft Corporation) C:\Windows\system32\gamelaunchhelper.dll
2024-03-17 11:23 - 2023-05-06 20:20 - 000145000 _____ (Microsoft Corporation) C:\Windows\system32\gamingtcuihelpers.dll
2024-03-17 11:23 - 2023-05-06 20:20 - 000108136 _____ (Microsoft Corporation) C:\Windows\system32\xgamehelper.exe
2024-03-17 11:23 - 2023-05-06 20:20 - 000075368 _____ (Microsoft Corporation) C:\Windows\system32\xgamecontrol.exe
2024-03-17 11:21 - 2023-04-14 19:24 - 000002436 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Microsoft Edge.lnk
2024-03-17 11:21 - 2023-04-14 19:24 - 000002274 _____ C:\Users\Public\Desktop\Microsoft Edge.lnk
2024-03-13 14:48 - 2022-05-07 06:24 - 000000000 ____D C:\ProgramData\USOPrivate
2024-03-13 14:33 - 2023-04-14 19:23 - 000350632 _____ C:\Windows\system32\FNTCACHE.DAT
2024-03-13 14:32 - 2024-02-01 16:15 - 000000000 ____D C:\Windows\en-GB
2024-03-13 14:32 - 2023-10-11 20:58 - 000000000 ____D C:\Windows\system32\Microsoft-Edge-WebView
2024-03-13 14:32 - 2022-05-07 06:24 - 000000000 ___RD C:\Windows\ImmersiveControlPanel
2024-03-13 14:32 - 2022-05-07 06:24 - 000000000 ____D C:\Windows\SysWOW64\Dism
2024-03-13 14:32 - 2022-05-07 06:24 - 000000000 ____D C:\Windows\SystemResources
2024-03-13 14:32 - 2022-05-07 06:24 - 000000000 ____D C:\Windows\system32\oobe
2024-03-13 14:32 - 2022-05-07 06:24 - 000000000 ____D C:\Windows\system32\appraiser
2024-03-13 14:32 - 2022-05-07 06:24 - 000000000 ____D C:\Windows\ShellExperiences
2024-03-13 14:32 - 2022-05-07 06:24 - 000000000 ____D C:\Windows\ShellComponents
2024-03-13 14:32 - 2022-05-07 06:24 - 000000000 ____D C:\Windows\bcastdvr
2024-03-13 14:32 - 2022-05-07 06:17 - 000524288 _____ C:\Windows\system32\config\BBI
2024-03-13 14:32 - 2022-05-07 06:17 - 000000000 ____D C:\Windows\servicing
2024-03-13 11:22 - 2023-05-10 15:32 - 000000000 ____D C:\Windows\system32\MRT
2024-03-13 11:21 - 2023-04-22 11:07 - 190470136 ____C (Microsoft Corporation) C:\Windows\system32\MRT.exe
2024-03-13 10:20 - 2022-05-07 06:17 - 000000000 ____D C:\Windows\CbsTemp
2024-03-13 10:18 - 2023-04-14 19:25 - 003213824 _____ (Microsoft Corporation) C:\Windows\SysWOW64\PrintConfig.dll
2024-03-12 23:46 - 2023-04-14 19:23 - 000000000 ____D C:\Windows\system32\Drivers\wd
2024-03-08 13:36 - 2023-04-24 13:08 - 000000000 ____D C:\Windows\system32\Tasks\HP
2024-03-08 13:36 - 2023-04-24 13:08 - 000000000 ____D C:\Program Files\HPPrintScanDoctor

==================== SigCheck ============================

(There is no automatic fix for files that do not pass verification.)

==================== End of FRST.txt ========================

Additional scan result of Farbar Recovery Scan Tool (x64) Version: 25.03.2024
Ran by petrs (27-03-2024 16:29:44)
Running from C:\Users\petrs\Desktop
Microsoft Windows 11 Home Version 23H2 22631.3296 (X64) (2023-04-14 18:25:38)
Boot Mode: Normal
==========================================================


==================== Accounts: =============================


(If an entry is included in the fixlist, it will be removed.)

Administrator (S-1-5-21-2785552240-912787919-3056475977-500 - Administrator - Disabled)
DefaultAccount (S-1-5-21-2785552240-912787919-3056475977-503 - Limited - Disabled)
Guest (S-1-5-21-2785552240-912787919-3056475977-501 - Limited - Disabled)
petrs (S-1-5-21-2785552240-912787919-3056475977-1001 - Administrator - Enabled) => C:\Users\petrs
WDAGUtilityAccount (S-1-5-21-2785552240-912787919-3056475977-504 - Limited - Disabled)

==================== Security Center ========================

(If an entry is included in the fixlist, it will be removed.)

AV: ZoneAlarm NextGen (Disabled - Up to date) {5E1A3CFB-A963-5D99-A23F-7BA03B432F37}
AV: Windows Defender (Disabled - Up to date) {D68DDC3A-831F-4fae-9E44-DA132C1ACF46}
AV: ESET Security (Enabled - Up to date) {26E0861C-6FB9-CEF9-E4F0-531986211ACE}
FW: ZoneAlarm NextGen Firewall (Enabled) {319A450A-F6AA-7392-36CD-10C9B542E56D}
FW: ESET Firewall (Enabled) {1EDB0739-25D6-CFA1-CFAF-FA2C78F25DB5}

==================== Installed Programs ======================

(Only the adware programs with "Hidden" flag could be added to the fixlist to unhide them. The adware programs should be uninstalled manually.)

Adobe Acrobat (64-bit) (HKLM\...\{AC76BA86-1029-1033-7760-BC15014EA700}) (Version: 24.001.20615 - Adobe)
Adobe Refresh Manager (HKLM-x32\...\{AC76BA86-0804-1033-1959-018244601067}) (Version: 1.8.0 - Adobe Systems Incorporated) Hidden
Aegisub 3.2.2 (HKLM\...\{24BC8B57-716C-444F-B46B-A3349B9164C5}_is1) (Version: 3.2.2 - Aegisub Team)
AMD GPIO2 Driver (HKLM-x32\...\{E9DD399F-21A3-479E-A7DF-D6CF4B2ADBF3}) (Version: 2.2.0.130 - Advanced Micro Devices, Inc.) Hidden
AMD Chipset Software (HKLM-x32\...\AMD_Chipset_IODrivers) (Version: 5.01.29.2026 - Advanced Micro Devices, Inc.)
AMD PCI Driver (HKLM-x32\...\{80EC3CEE-2940-42A1-A776-B5D810D39F1E}) (Version: 1.0.0.90 - Advanced Micro Devices, Inc.) Hidden
AMD Ryzen Balanced Driver (HKLM-x32\...\{A171D320-C42C-4F3B-A2D8-C6A09F6788CC}) (Version: 8.0.0.13 - Advanced Micro Devices, Inc.) Hidden
AMD SBxxx SMBus Driver (HKLM-x32\...\{AAE0E27D-C88A-49BA-8715-77ADCD4286A3}) (Version: 5.12.0.38 - Advanced Micro Devices, Inc.) Hidden
AMD_Chipset_Drivers (HKLM-x32\...\{8de7ed70-e784-45ea-951c-088ea579e49a}) (Version: 5.01.29.2026 - Advanced Micro Devices, Inc.) Hidden
ANT Drivers Installer x64 (HKLM\...\{2D6E4C69-7E20-4EF0-938E-9C4887D6C8BB}) (Version: 2.3.4 - Garmin Ltd or its subsidiaries) Hidden
Balíček ovladače systému Windows - Dynastream Innovations, Inc. ANT LibUSB Drivers (04/11/2012 1.2.40.201) (HKLM\...\F9D2A789F9CFF8CEC36B544F53877C80F1F73C46) (Version: 04/11/2012 1.2.40.201 - Dynastream Innovations, Inc.)
Balíček ovladače systému Windows - Garmin (grmnusb) GARMIN Devices (04/19/2012 2.3.1.0) (HKLM\...\98157A226B40B173301B0F53C8E98C47805D5152) (Version: 04/19/2012 2.3.1.0 - Garmin)
Balíček ovladače systému Windows - Silicon Labs Software (DSI_SiUSBXp_3_1) USB (02/06/2007 3.1) (HKLM\...\D1506E0025B5A3F9EB8270FE81C1EEDD9388B8A2) (Version: 02/06/2007 3.1 - Silicon Labs Software)
CCleaner (HKLM\...\CCleaner) (Version: 6.17 - Piriform)
DAEMON Tools Lite (HKLM\...\DAEMON Tools Lite) (Version: 11.2.0.2105 - Disc Soft Ltd)
Discord (HKU\S-1-5-21-2785552240-912787919-3056475977-1001\...\Discord) (Version: 1.0.9013 - Discord Inc.)
Documentation Manager (HKLM\...\{30EDBBE7-D455-4B19-B6EC-EF0F4934ABFE}) (Version: 22.180.0.4 - Intel Corporation) Hidden
Elevated Installer (HKLM-x32\...\{A154BCFF-4EEF-4136-AAD0-98FB2FC765B5}) (Version: 7.18.1.0 - Garmin Ltd or its subsidiaries) Hidden
Epic Games Launcher (HKLM-x32\...\{C027033D-F5BC-4556-B302-84E6EC6BD4D4}) (Version: 1.3.67.0 - Epic Games, Inc.)
Epic Online Services (HKLM-x32\...\{4757C19B-4CE3-418C-91D2-E15E938091FB}) (Version: 2.0.39.0 - Epic Games, Inc.)
ESET Security (HKLM\...\{46FD9D9F-B21B-4A16-A0EE-29054278C714}) (Version: 17.1.9.0 - ESET, spol. s r.o.)
Fallout 4 v.1.10.163.0.1 (HKLM-x32\...\Fallout 4_is1) (Version: - )
Garmin Express (HKLM-x32\...\{0029982a-8785-49de-8510-2f4cc7385907}) (Version: 7.18.1.0 - Garmin Ltd or its subsidiaries)
Garmin Express (HKLM-x32\...\{E4FDC1CC-D41D-4ABE-B0A9-D63A375BD45B}) (Version: 7.18.1.0 - Garmin Ltd or its subsidiaries) Hidden
GOG GALAXY (HKLM-x32\...\{7258BA11-600C-430E-A759-27E2C691A335}_is1) (Version: 2.0.62.26 - GOG.com)
Check Point Early Launch Anti-Malware driver (HKLM-x32\...\{C08A1E50-6748-470E-8F9E-09CADEED73B1}) (Version: 8.68.63.1 - Check Point Software Technologies Ltd.) Hidden
Check Point SBA (HKLM\...\{2F60D5B1-CDEC-48A9-8D4B-4141C7DAAC23}) (Version: 86.72.603 - Check Point Software Technologies Ltd.) Hidden
Intel(R) Network Connections 26.2.0.1 (HKLM\...\{AC44C09E-6D45-4F0F-8749-C3DF69A55FDE}) (Version: 26.2.0.1 - Intel) Hidden
Intel(R) Network Connections 26.2.0.1 (HKLM\...\PROSetDX) (Version: 26.2.0.1 - Intel)
Intel(R) Wireless Bluetooth(R) (HKLM-x32\...\{00000180-0220-1029-84C8-B8D95FA3C8C3}) (Version: 22.180.0.2 - Intel Corporation)
Intel® Software Installer (HKLM-x32\...\{6c1d0e1a-8811-4048-902c-f970d54b83f4}) (Version: 22.180.0.4 - Intel Corporation) Hidden
Java 8 Update 371 (64-bit) (HKLM\...\{71124AE4-039E-4CA4-87B4-2F64180371F0}) (Version: 8.0.3710.11 - Oracle Corporation)
Launcher Prerequisites (x64) (HKLM-x32\...\{43a03b9c-4770-409c-a999-587b60700b63}) (Version: 1.0.0.0 - Epic Games, Inc.) Hidden
Logi Options+ (HKLM\...\{850cdc16-85df-4052-b06e-4e3e9e83c5c6}) (Version: 1.66.531337 - Logitech)
Medieval Dynasty (HKLM-x32\...\1224667888_is1) (Version: 1.5.2.2 - GOG.com)
Metro Exodus - Sam's Story (HKLM-x32\...\1414471894_is1) (Version: 3.0.7.24 - GOG.com)
Metro Exodus - The Two Colonels (HKLM-x32\...\2063590233_is1) (Version: 3.0.7.24 - GOG.com)
Metro Exodus (HKLM-x32\...\1407287452_is1) (Version: 3.0.7.24 - GOG.com)
Microsoft Edge (HKLM-x32\...\Microsoft Edge) (Version: 122.0.2365.92 - Microsoft Corporation)
Microsoft Edge WebView2 Runtime (HKLM-x32\...\Microsoft EdgeWebView) (Version: 122.0.2365.92 - Microsoft Corporation)
Microsoft GameInput (HKLM-x32\...\{1F2B6AF3-C260-8666-5950-E3FEDBC851D6}) (Version: 10.1.22621.3036 - Microsoft Corporation)
Microsoft Office pro studenty a domácnosti 2021 - cs-cz (HKLM\...\HomeStudent2021Retail - cs-cz) (Version: 16.0.17328.20184 - Microsoft Corporation)
Microsoft OneDrive (HKLM\...\OneDriveSetup.exe) (Version: 24.050.0310.0001 - Microsoft Corporation)
Microsoft Update Health Tools (HKLM\...\{C6FD611E-7EFE-488C-A0E0-974C09EF6473}) (Version: 5.72.0.0 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.6161 (HKLM-x32\...\{9BE518E6-ECC6-35A9-88E4-87755C07200F}) (Version: 9.0.30729.6161 - Microsoft Corporation)
Microsoft Visual C++ 2010 x64 Redistributable - 10.0.40219 (HKLM\...\{1D8E6291-B0D5-35EC-8441-6616F567A0F7}) (Version: 10.0.40219 - Microsoft Corporation)
Microsoft Visual C++ 2010 x86 Redistributable - 10.0.40219 (HKLM-x32\...\{F0C3E5D1-1ADE-321E-8167-68EF0DE699A5}) (Version: 10.0.40219 - Microsoft Corporation)
Microsoft Visual C++ 2012 Redistributable (x64) - 11.0.61030 (HKLM-x32\...\{ca67548a-5ebe-413a-b50c-4b9ceb6d66c6}) (Version: 11.0.61030.0 - Microsoft Corporation)
Microsoft Visual C++ 2012 Redistributable (x86) - 11.0.61030 (HKLM-x32\...\{33d1fd90-4274-48a1-9bc1-97e33d9c2d6f}) (Version: 11.0.61030.0 - Microsoft Corporation)
Microsoft Visual C++ 2012 x64 Additional Runtime - 11.0.61030 (HKLM\...\{37B8F9C7-03FB-3253-8781-2517C99D7C00}) (Version: 11.0.61030 - Microsoft Corporation) Hidden
Microsoft Visual C++ 2012 x64 Minimum Runtime - 11.0.61030 (HKLM\...\{CF2BEA3C-26EA-32F8-AA9B-331F7E34BA97}) (Version: 11.0.61030 - Microsoft Corporation) Hidden
Microsoft Visual C++ 2012 x86 Additional Runtime - 11.0.61030 (HKLM-x32\...\{B175520C-86A2-35A7-8619-86DC379688B9}) (Version: 11.0.61030 - Microsoft Corporation) Hidden
Microsoft Visual C++ 2012 x86 Minimum Runtime - 11.0.61030 (HKLM-x32\...\{BD95A8CD-1D9F-35AD-981A-3E7925026EBB}) (Version: 11.0.61030 - Microsoft Corporation) Hidden
Microsoft Visual C++ 2013 Redistributable (x86) - 12.0.30501 (HKLM-x32\...\{f65db027-aff3-4070-886a-0d87064aabb1}) (Version: 12.0.30501.0 - Microsoft Corporation)
Microsoft Visual C++ 2013 x86 Additional Runtime - 12.0.21005 (HKLM-x32\...\{F8CFEB22-A2E7-3971-9EDA-4B11EDEFC185}) (Version: 12.0.21005 - Microsoft Corporation) Hidden
Microsoft Visual C++ 2013 x86 Minimum Runtime - 12.0.21005 (HKLM-x32\...\{13A4EE12-23EA-3371-91EE-EFB36DDFFF3E}) (Version: 12.0.21005 - Microsoft Corporation) Hidden
Microsoft Visual C++ 2015-2022 Redistributable (x64) - 14.36.32532 (HKLM-x32\...\{8bdfe669-9705-4184-9368-db9ce581e0e7}) (Version: 14.36.32532.0 - Microsoft Corporation)
Microsoft Visual C++ 2015-2022 Redistributable (x86) - 14.36.32532 (HKLM-x32\...\{410c0ee1-00bb-41b6-9772-e12c2828b02f}) (Version: 14.36.32532.0 - Microsoft Corporation)
Microsoft Visual C++ 2022 X64 Additional Runtime - 14.36.32532 (HKLM\...\{0025DD72-A959-45B5-A0A3-7EFEB15A8050}) (Version: 14.36.32532 - Microsoft Corporation) Hidden
Microsoft Visual C++ 2022 X64 Minimum Runtime - 14.36.32532 (HKLM\...\{D5D19E2F-7189-42FE-8103-92CD1FA457C2}) (Version: 14.36.32532 - Microsoft Corporation) Hidden
Microsoft Visual C++ 2022 X86 Additional Runtime - 14.36.32532 (HKLM-x32\...\{C2C59CAB-8766-4ABD-A8EF-1151A36C41E5}) (Version: 14.36.32532 - Microsoft Corporation) Hidden
Microsoft Visual C++ 2022 X86 Minimum Runtime - 14.36.32532 (HKLM-x32\...\{73F77E4E-5A17-46E5-A5FC-8A061047725F}) (Version: 14.36.32532 - Microsoft Corporation) Hidden
Mozilla Firefox (x64 cs) (HKLM\...\Mozilla Firefox 122.0 (x64 cs)) (Version: 122.0 - Mozilla)
Mozilla Maintenance Service (HKLM\...\MozillaMaintenanceService) (Version: 112.0.2 - Mozilla)
Northgard verze 3.2.8.34322 (HKLM\...\{6E63E6E3-B8E8-4D19-8FD2-E644C2CDBA37}_is1) (Version: 3.2.8.34322 - Threadt)
NVIDIA FrameView SDK 1.3.8513.32290073 (HKLM\...\{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_FrameViewSdk) (Version: 1.3.8513.32290073 - NVIDIA Corporation)
NVIDIA GeForce Experience 3.27.0.120 (HKLM\...\{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_Display.GFExperience) (Version: 3.27.0.120 - NVIDIA Corporation)
NVIDIA Ovladač HD audia 1.3.40.14 (HKLM\...\{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_HDAudio.Driver) (Version: 1.3.40.14 - NVIDIA Corporation)
NVIDIA Ovladače grafiky 536.23 (HKLM\...\{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_Display.Driver) (Version: 536.23 - NVIDIA Corporation)
NVIDIA Systémový software PhysX 9.21.0713 (HKLM\...\{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_Display.PhysX) (Version: 9.21.0713 - NVIDIA Corporation)
NVIDIA USBC Driver 1.50.831.832 (HKLM\...\{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_USBC) (Version: 1.50.831.832 - NVIDIA Corporation)
Office 16 Click-to-Run Extensibility Component (HKLM\...\{90160000-008C-0000-1000-0000000FF1CE}) (Version: 16.0.17328.20142 - Microsoft Corporation) Hidden
Office 16 Click-to-Run Licensing Component (HKLM\...\{90160000-007E-0000-1000-0000000FF1CE}) (Version: 16.0.17328.20108 - Microsoft Corporation) Hidden
qBittorrent (HKLM-x32\...\qBittorrent) (Version: 4.6.3 - The qBittorrent project)
Realtek Audio Driver (HKLM-x32\...\{F132AF7F-7BCA-4EDE-8A7C-958108FE7DBC}) (Version: 6.0.9492.1 - Realtek Semiconductor Corp.)
Steam (HKLM-x32\...\Steam) (Version: 2.10.91.91 - Valve Corporation)
Sticky Password 8.8.4.1676 (HKLM-x32\...\Sticky Password_is1) (Version: 8.8.4.1676 - Lamantine Software)
UE4 Prerequisites (x64) (HKLM\...\{36EAD5CF-44EF-4FCF-8BE1-D96C4835D7A4}) (Version: 1.0.11.0 - Epic Games, Inc.) Hidden
UE4 Prerequisites (x64) (HKLM-x32\...\{2890ae6b-90e9-448d-b3e6-97e43c21e2fd}) (Version: 1.0.13.0 - Epic Games, Inc.) Hidden
VLC media player (HKLM\...\VLC media player) (Version: 3.0.18 - VideoLAN)
WinRAR 6.21 (64-bit) (HKLM\...\WinRAR archiver) (Version: 6.21.0 - win.rar GmbH)
ZoneAlarm Update Helper (HKLM-x32\...\{A92DAB39-4E2C-4304-9AB6-BC44E68B55E2}) (Version: 1.3.99.0 - Check Point Software Ltd.) Hidden

Packages:
=========

Adobe Acrobat Reader -> C:\Program Files\Adobe\Acrobat DC [2024-03-17] ()
Dev Home -> C:\Program Files\WindowsApps\Microsoft.Windows.DevHome_0.1200.442.0_x64__8wekyb3d8bbwe [2024-03-20] (Microsoft Corporation)
ESET Context Menu -> C:\Program Files\ESET\ESET Security [2024-03-27] (Sparse Package)
ESPN -> C:\Program Files\WindowsApps\22364Disney.ESPNBetaPWA_16.0.1.0_neutral__6rarf9sa4v8jt [2024-03-13] (Disney)
HP Smart -> C:\Program Files\WindowsApps\AD2F1837.HPPrinterControl_152.1.1099.0_x64__v10z8vjag6ke6 [2024-03-08] (HP Inc.)
Microsoft Family -> C:\Program Files\WindowsApps\MicrosoftCorporationII.MicrosoftFamily_0.2.40.0_x64__8wekyb3d8bbwe [2023-09-14] (Microsoft Corp.)
Microsoft Teams Play Together -> C:\Program Files\WindowsApps\Microsoft.TeamsXboxGameBarWidget_1.2402.801.0_x64__8wekyb3d8bbwe [2024-02-22] (Microsoft Corporation)
Microsoft.WindowsAppRuntime.CBS -> C:\Windows\SystemApps\Microsoft.WindowsAppRuntime.CBS_8wekyb3d8bbwe [2024-03-13] (Microsoft Corporation)
MicrosoftWindows.CrossDevice -> C:\Program Files\WindowsApps\MicrosoftWindows.CrossDevice_1.24022.90.0_x64__cw5n1h2txyewy [2024-03-27] (Microsoft Windows) [Startup Task]
Minecraft Launcher -> C:\Program Files\WindowsApps\Microsoft.4297127D64EC6_1.7.2.0_x64__8wekyb3d8bbwe [2023-12-21] (Microsoft Studios)
NVIDIA Control Panel -> C:\Program Files\WindowsApps\NVIDIACorp.NVIDIAControlPanel_8.1.965.0_x64__56jybvy8sckqj [2024-03-25] (NVIDIA Corp.)
Spotify Music -> C:\Program Files\WindowsApps\SpotifyAB.SpotifyMusic_1.233.1042.0_x64__zpdnekdrzrea0 [2024-03-26] (Spotify AB) [Startup Task]
Windows Feature Experience Pack -> C:\Windows\SystemApps\MicrosoftWindows.Client.FileExp_cw5n1h2txyewy [2024-03-13] (Microsoft Corporation)
WinRAR -> C:\Program Files\WinRAR [2023-04-22] (win.rar GmbH)

==================== Custom CLSID (Whitelisted): ==============

(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)

CustomCLSID: HKU\S-1-5-21-2785552240-912787919-3056475977-1001_Classes\CLSID\{38142727-3008-9161-1521-349515000000}\localserver32 -> C:\Program Files\Adobe\Acrobat DC\Acrobat\ADNotificationManager.exe (Adobe Inc. -> Adobe)
ShellIconOverlayIdentifiers: [ OneDrive1] -> {BBACC218-34EA-4666-9D7A-C78F2274A524} => C:\Program Files\Microsoft OneDrive\24.050.0310.0001\FileSyncShell64.dll [2024-03-26] (Microsoft Corporation -> Microsoft Corporation)
ShellIconOverlayIdentifiers: [ OneDrive2] -> {5AB7172C-9C11-405C-8DD5-AF20F3606282} => C:\Program Files\Microsoft OneDrive\24.050.0310.0001\FileSyncShell64.dll [2024-03-26] (Microsoft Corporation -> Microsoft Corporation)
ShellIconOverlayIdentifiers: [ OneDrive3] -> {A78ED123-AB77-406B-9962-2A5D9D2F7F30} => C:\Program Files\Microsoft OneDrive\24.050.0310.0001\FileSyncShell64.dll [2024-03-26] (Microsoft Corporation -> Microsoft Corporation)
ShellIconOverlayIdentifiers: [ OneDrive4] -> {F241C880-6982-4CE5-8CF7-7085BA96DA5A} => C:\Program Files\Microsoft OneDrive\24.050.0310.0001\FileSyncShell64.dll [2024-03-26] (Microsoft Corporation -> Microsoft Corporation)
ShellIconOverlayIdentifiers: [ OneDrive5] -> {A0396A93-DC06-4AEF-BEE9-95FFCCAEF20E} => C:\Program Files\Microsoft OneDrive\24.050.0310.0001\FileSyncShell64.dll [2024-03-26] (Microsoft Corporation -> Microsoft Corporation)
ShellIconOverlayIdentifiers: [ OneDrive6] -> {9AA2F32D-362A-42D9-9328-24A483E2CCC3} => C:\Program Files\Microsoft OneDrive\24.050.0310.0001\FileSyncShell64.dll [2024-03-26] (Microsoft Corporation -> Microsoft Corporation)
ShellIconOverlayIdentifiers: [ OneDrive7] -> {C5FF006E-2AE9-408C-B85B-2DFDD5449D9C} => C:\Program Files\Microsoft OneDrive\24.050.0310.0001\FileSyncShell64.dll [2024-03-26] (Microsoft Corporation -> Microsoft Corporation)
ShellIconOverlayIdentifiers-x32: [ OneDrive1] -> {BBACC218-34EA-4666-9D7A-C78F2274A524} => C:\Program Files\Microsoft OneDrive\24.050.0310.0001\FileSyncShell64.dll [2024-03-26] (Microsoft Corporation -> Microsoft Corporation)
ShellIconOverlayIdentifiers-x32: [ OneDrive2] -> {5AB7172C-9C11-405C-8DD5-AF20F3606282} => C:\Program Files\Microsoft OneDrive\24.050.0310.0001\FileSyncShell64.dll [2024-03-26] (Microsoft Corporation -> Microsoft Corporation)
ShellIconOverlayIdentifiers-x32: [ OneDrive3] -> {A78ED123-AB77-406B-9962-2A5D9D2F7F30} => C:\Program Files\Microsoft OneDrive\24.050.0310.0001\FileSyncShell64.dll [2024-03-26] (Microsoft Corporation -> Microsoft Corporation)
ShellIconOverlayIdentifiers-x32: [ OneDrive4] -> {F241C880-6982-4CE5-8CF7-7085BA96DA5A} => C:\Program Files\Microsoft OneDrive\24.050.0310.0001\FileSyncShell64.dll [2024-03-26] (Microsoft Corporation -> Microsoft Corporation)
ShellIconOverlayIdentifiers-x32: [ OneDrive5] -> {A0396A93-DC06-4AEF-BEE9-95FFCCAEF20E} => C:\Program Files\Microsoft OneDrive\24.050.0310.0001\FileSyncShell64.dll [2024-03-26] (Microsoft Corporation -> Microsoft Corporation)
ShellIconOverlayIdentifiers-x32: [ OneDrive6] -> {9AA2F32D-362A-42D9-9328-24A483E2CCC3} => C:\Program Files\Microsoft OneDrive\24.050.0310.0001\FileSyncShell64.dll [2024-03-26] (Microsoft Corporation -> Microsoft Corporation)
ShellIconOverlayIdentifiers-x32: [ OneDrive7] -> {C5FF006E-2AE9-408C-B85B-2DFDD5449D9C} => C:\Program Files\Microsoft OneDrive\24.050.0310.0001\FileSyncShell64.dll [2024-03-26] (Microsoft Corporation -> Microsoft Corporation)
ContextMenuHandlers1: [ FileSyncEx] -> {CB3D0F55-BC2C-4C1A-85ED-23ED75B5106B} => C:\Program Files\Microsoft OneDrive\24.050.0310.0001\FileSyncShell64.dll [2024-03-26] (Microsoft Corporation -> Microsoft Corporation)
ContextMenuHandlers1: [ESET Security Shell] -> {B089FE88-FB52-11D3-BDF1-0050DA34150D} => C:\Program Files\ESET\ESET Security\shellExt.dll [2024-03-25] (ESET, spol. s r.o. -> ESET)
ContextMenuHandlers1: [ZANGShExt] -> {3c97ffb1-30b1-42f2-8d2d-f843f72bf986} => C:\Program Files (x86)\CheckPoint\ZANG\Common\ZANGShExt.dll [2024-02-20] (Check Point Software Technologies Ltd. -> Check Point Software Technologies Ltd.)
ContextMenuHandlers2: [DaemonShellExtDriveLite] -> {C06369D6-E77D-4626-9656-1256312BD576} => C:\Program Files\DAEMON Tools Lite\dtshl64.dll [2023-10-11] (AVB Disc Soft, SIA -> Disc Soft FZE LLC)
ContextMenuHandlers2: [ESET Security Shell] -> {B089FE88-FB52-11D3-BDF1-0050DA34150D} => C:\Program Files\ESET\ESET Security\shellExt.dll [2024-03-25] (ESET, spol. s r.o. -> ESET)
ContextMenuHandlers3: [DaemonShellExtImageLite] -> {1D1B5D7B-0FC9-452E-902C-12BACD4FBC20} => C:\Program Files\DAEMON Tools Lite\dtshl64.dll [2023-10-11] (AVB Disc Soft, SIA -> Disc Soft FZE LLC)
ContextMenuHandlers4: [ FileSyncEx] -> {CB3D0F55-BC2C-4C1A-85ED-23ED75B5106B} => C:\Program Files\Microsoft OneDrive\24.050.0310.0001\FileSyncShell64.dll [2024-03-26] (Microsoft Corporation -> Microsoft Corporation)
ContextMenuHandlers5: [ FileSyncEx] -> {CB3D0F55-BC2C-4C1A-85ED-23ED75B5106B} => C:\Program Files\Microsoft OneDrive\24.050.0310.0001\FileSyncShell64.dll [2024-03-26] (Microsoft Corporation -> Microsoft Corporation)
ContextMenuHandlers5: [NvCplDesktopContext] -> {3D1975AF-48C6-4f8e-A182-BE0E08FA86A9} => C:\Windows\System32\DriverStore\FileRepository\nvmdi.inf_amd64_04ffae6d80cb7adc\nvshext.dll [2023-06-09] (NVIDIA Corporation -> NVIDIA Corporation)
ContextMenuHandlers6: [ESET Security Shell] -> {B089FE88-FB52-11D3-BDF1-0050DA34150D} => C:\Program Files\ESET\ESET Security\shellExt.dll [2024-03-25] (ESET, spol. s r.o. -> ESET)
ContextMenuHandlers6: [ZANGShExt] -> {3c97ffb1-30b1-42f2-8d2d-f843f72bf986} => C:\Program Files (x86)\CheckPoint\ZANG\Common\ZANGShExt.dll [2024-02-20] (Check Point Software Technologies Ltd. -> Check Point Software Technologies Ltd.)

==================== Codecs (Whitelisted) ====================

==================== Shortcuts & WMI ========================

(The entries could be listed to be restored or removed.)

Shortcut: C:\Users\petrs\Desktop\НастройкиFallout 4.lnk -> E:\Hry\Fallout 4\Fallout4Launcher.exe (Bethesda Softworks) <==== Cyrillic

==================== Loaded Modules (Whitelisted) =============

2024-03-27 15:06 - 2024-03-27 15:06 - 005855744 _____ (ESET, spol. s r.o. -> ESET) [File not signed] C:\Program Files\ESET\ESET Security\Modules\em045_64\1087\em045_64.dll
2023-04-22 09:28 - 2023-04-22 09:28 - 000000000 ____L (Microsoft Corporation) [symlink -> C:\Program Files\Common Files\Microsoft Shared\ClickToRun\AppvIsvSubsystems64.dll] C:\Program Files\Microsoft Office\Root\Office16\AppVIsvSubsystems64.dll
2023-04-22 09:28 - 2023-04-22 09:28 - 000000000 ____L (Microsoft Corporation) [symlink -> C:\Program Files\Common Files\Microsoft Shared\ClickToRun\C2R64.dll] C:\Program Files\Microsoft Office\Root\Office16\c2r64.dll
2023-01-29 14:46 - 2023-01-29 14:46 - 001156608 _____ (Robert Simpson, et al.) [File not signed] C:\Program Files (x86)\CheckPoint\Endpoint Security\TPCommon\SQLite\SQLite.Interop.dll
2024-02-20 17:52 - 2024-02-20 17:52 - 001156608 _____ (Robert Simpson, et al.) [File not signed] C:\Program Files (x86)\CheckPoint\ZANG\Common\x86\SQLite.Interop.dll
2024-02-09 19:52 - 2024-02-09 19:52 - 001156608 _____ (Robert Simpson, et al.) [File not signed] C:\Program Files (x86)\CheckPoint\ZANG\UI\x86\SQLite.Interop.dll

==================== Alternate Data Streams (Whitelisted) ========

==================== Safe Mode (Whitelisted) ==================

==================== Association (Whitelisted) =================

==================== Internet Explorer (Whitelisted) ==========

BHO: Java(tm) Plug-In SSV Helper -> {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} -> C:\Program Files\Java\jre-1.8\bin\ssv.dll [2023-03-17] (Oracle America, Inc. -> Oracle Corporation)
BHO: Java(tm) Plug-In 2 SSV Helper -> {DBC80044-A445-435b-BC74-9C25C1C588A9} -> C:\Program Files\Java\jre-1.8\bin\jp2ssv.dll [2023-03-17] (Oracle America, Inc. -> Oracle Corporation)
BHO-x32: Skype for Business Browser Helper -> {31D09BA0-12F5-4CCE-BE8A-2923E76605DA} -> C:\Program Files\Microsoft Office\root\VFS\ProgramFilesX86\Microsoft Office\Office16\OCHelper.dll [2024-01-31] (Microsoft Corporation -> Microsoft Corporation)
Handler: mso-minsb-roaming.16 - {83C25742-A9F7-49FB-9138-434302C88D07} - C:\Program Files\Microsoft Office\root\Office16\MSOSB.DLL [2024-03-07] (Microsoft Corporation -> Microsoft Corporation)
Handler-x32: mso-minsb-roaming.16 - {83C25742-A9F7-49FB-9138-434302C88D07} - C:\Program Files\Microsoft Office\root\VFS\ProgramFilesX86\Microsoft Office\Office16\MSOSB.DLL [2024-03-07] (Microsoft Corporation -> Microsoft Corporation)
Handler: mso-minsb.16 - {42089D2D-912D-4018-9087-2B87803E93FB} - C:\Program Files\Microsoft Office\root\Office16\MSOSB.DLL [2024-03-07] (Microsoft Corporation -> Microsoft Corporation)
Handler-x32: mso-minsb.16 - {42089D2D-912D-4018-9087-2B87803E93FB} - C:\Program Files\Microsoft Office\root\VFS\ProgramFilesX86\Microsoft Office\Office16\MSOSB.DLL [2024-03-07] (Microsoft Corporation -> Microsoft Corporation)
Handler: osf-roaming.16 - {42089D2D-912D-4018-9087-2B87803E93FB} - C:\Program Files\Microsoft Office\root\Office16\MSOSB.DLL [2024-03-07] (Microsoft Corporation -> Microsoft Corporation)
Handler-x32: osf-roaming.16 - {42089D2D-912D-4018-9087-2B87803E93FB} - C:\Program Files\Microsoft Office\root\VFS\ProgramFilesX86\Microsoft Office\Office16\MSOSB.DLL [2024-03-07] (Microsoft Corporation -> Microsoft Corporation)
Handler: osf.16 - {5504BE45-A83B-4808-900A-3A5C36E7F77A} - C:\Program Files\Microsoft Office\root\Office16\MSOSB.DLL [2024-03-07] (Microsoft Corporation -> Microsoft Corporation)
Handler-x32: osf.16 - {5504BE45-A83B-4808-900A-3A5C36E7F77A} - C:\Program Files\Microsoft Office\root\VFS\ProgramFilesX86\Microsoft Office\Office16\MSOSB.DLL [2024-03-07] (Microsoft Corporation -> Microsoft Corporation)

==================== Hosts content: =========================

(If needed Hosts: directive could be included in the fixlist to reset Hosts.)

2022-05-07 06:24 - 2022-05-07 06:22 - 000000824 _____ C:\Windows\system32\drivers\etc\hosts

==================== Other Areas ===========================

(Currently there is no automatic fix for this section.)

HKLM\System\CurrentControlSet\Control\Session Manager\Environment\\Path -> C:\Program Files (x86)\Common Files\Oracle\Java\javapath;C:\Windows\system32;C:\Windows;C:\Windows\System32\Wbem;C:\Windows\System32\WindowsPowerShell\v1.0\;C:\Windows\System32\OpenSSH\;C:\Program Files\NVIDIA Corporation\NVIDIA NvDLISR;C:\Program Files (x86)\NVIDIA Corporation\PhysX\Common
HKU\S-1-5-21-2785552240-912787919-3056475977-1001\Control Panel\Desktop\\Wallpaper -> D:\Všechny rodinné fotky nemazat !!!\Stanovnice 2008 Léto\Stanovnice VII 08 029.jpg
DNS Servers: 192.168.1.1
HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Policies\System => (ConsentPromptBehaviorAdmin: 5) (ConsentPromptBehaviorUser: 3) (EnableLUA: 1)
Windows Firewall is disabled.

==================== MSCONFIG/TASK MANAGER disabled items ==

==================== FirewallRules (Whitelisted) ================

(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)

FirewallRules: [{6CB0B561-0592-4BDD-B619-C8E3E07EF0B2}] => (Allow) C:\Program Files\LogiOptionsPlus\logioptionsplus_agent.exe (Logitech Inc -> Logitech, Inc.)
FirewallRules: [{61BF0263-F05F-46B4-82EB-E034471D1499}] => (Allow) C:\Program Files\NVIDIA Corporation\NvContainer\nvcontainer.exe (NVIDIA Corporation -> NVIDIA Corporation)
FirewallRules: [{F9731812-D9FF-4110-916A-A7A3544E5CF7}] => (Allow) C:\Program Files\NVIDIA Corporation\NvContainer\nvcontainer.exe (NVIDIA Corporation -> NVIDIA Corporation)
FirewallRules: [{1F59F503-46C1-46D2-8CD3-21C1BFF0452E}] => (Allow) C:\Program Files\Mozilla Firefox\firefox.exe (Mozilla Corporation -> Mozilla Corporation)
FirewallRules: [{791FB0FB-49C8-4DD7-9262-3225200D8D76}] => (Allow) C:\Program Files\Mozilla Firefox\firefox.exe (Mozilla Corporation -> Mozilla Corporation)
FirewallRules: [{0026DF3C-A56E-4976-AB96-623922E24110}] => (Allow) E:\Hry\Steam.exe (Valve Corp. -> Valve Corporation)
FirewallRules: [{8D0C5721-3482-4F65-9865-040F76573A61}] => (Allow) E:\Hry\Steam.exe (Valve Corp. -> Valve Corporation)
FirewallRules: [{07BFE2C2-E517-440D-8BDE-23B5C89599A2}] => (Allow) E:\Hry\bin\cef\cef.win7x64\steamwebhelper.exe (Valve Corp. -> Valve Corporation)
FirewallRules: [{C2A2E3C9-3903-4197-9DA0-0FAD0BF3207F}] => (Allow) E:\Hry\bin\cef\cef.win7x64\steamwebhelper.exe (Valve Corp. -> Valve Corporation)
FirewallRules: [{7568F6F9-8484-41E4-9520-91264DE98029}] => (Allow) E:\Hry\steamapps\common\Hogwarts Legacy\HogwartsLegacy.exe (Warner Bros. Interactive) [File not signed]
FirewallRules: [{7E3DBE9D-BAE8-4684-B64F-AED4E5DC4DAB}] => (Allow) E:\Hry\steamapps\common\Hogwarts Legacy\HogwartsLegacy.exe (Warner Bros. Interactive) [File not signed]
FirewallRules: [{16823495-B5F8-4CC7-A7DA-745790937911}] => (Allow) E:\Hry\steamapps\common\VRChat\launch.exe () [File not signed]
FirewallRules: [{65EC1B8C-8BA9-4A74-8041-ED68689A1C08}] => (Allow) E:\Hry\steamapps\common\VRChat\launch.exe () [File not signed]
FirewallRules: [TCP Query User{11F9593C-1625-4C08-B581-7088DC39C9AA}C:\program files\qbittorrent\qbittorrent.exe] => (Block) C:\program files\qbittorrent\qbittorrent.exe (The qBittorrent Project) [File not signed]
FirewallRules: [UDP Query User{C3DF1A79-951C-4DC2-A8E2-B65F0082CB7C}C:\program files\qbittorrent\qbittorrent.exe] => (Block) C:\program files\qbittorrent\qbittorrent.exe (The qBittorrent Project) [File not signed]
FirewallRules: [TCP Query User{8FAF17B1-78CC-4D89-8EBB-D9CFA076458B}E:\hry\epic games\launcher\engine\binaries\win64\epicwebhelper.exe] => (Allow) E:\hry\epic games\launcher\engine\binaries\win64\epicwebhelper.exe (Epic Games Inc. -> Epic Games, Inc.)
FirewallRules: [UDP Query User{55E199DE-CCEC-4588-80A6-B668E569F5FD}E:\hry\epic games\launcher\engine\binaries\win64\epicwebhelper.exe] => (Allow) E:\hry\epic games\launcher\engine\binaries\win64\epicwebhelper.exe (Epic Games Inc. -> Epic Games, Inc.)
FirewallRules: [{9F9F1179-26C7-47F8-8144-E72ECF52E1C4}] => (Allow) C:\Program Files\DAEMON Tools Lite\DiscSoftBusServiceLite.exe (AVB Disc Soft, SIA -> Disc Soft FZE LLC)
FirewallRules: [{5A9F8DF5-3C82-48DB-94E3-C5892CD675A3}] => (Allow) C:\Program Files\DAEMON Tools Lite\DiscSoftBusServiceLite.exe (AVB Disc Soft, SIA -> Disc Soft FZE LLC)
FirewallRules: [TCP Query User{36FC7988-02DF-4B1A-8004-9E58126B1BF0}C:\users\petrs\appdata\local\packages\microsoft.4297127d64ec6_8wekyb3d8bbwe\localcache\local\runtime\java-runtime-gamma\windows-x64\java-runtime-gamma\bin\javaw.exe] => (Allow) C:\users\petrs\appdata\local\packages\microsoft.4297127d64ec6_8wekyb3d8bbwe\localcache\local\runtime\java-runtime-gamma\windows-x64\java-runtime-gamma\bin\javaw.exe
FirewallRules: [UDP Query User{1AE7DD89-F5AF-42F4-9261-2407562E1C4E}C:\users\petrs\appdata\local\packages\microsoft.4297127d64ec6_8wekyb3d8bbwe\localcache\local\runtime\java-runtime-gamma\windows-x64\java-runtime-gamma\bin\javaw.exe] => (Allow) C:\users\petrs\appdata\local\packages\microsoft.4297127d64ec6_8wekyb3d8bbwe\localcache\local\runtime\java-runtime-gamma\windows-x64\java-runtime-gamma\bin\javaw.exe
FirewallRules: [{B5FAA428-A6A5-457E-B7D3-91CD6A7421B9}] => (Allow) C:\Program Files\NVIDIA Corporation\NvContainer\nvcontainer.exe (NVIDIA Corporation -> NVIDIA Corporation)
FirewallRules: [{4EA6C1E4-3D86-4C5F-8826-960E94001B64}] => (Allow) C:\Program Files\NVIDIA Corporation\NvContainer\nvcontainer.exe (NVIDIA Corporation -> NVIDIA Corporation)
FirewallRules: [{4E5A36F7-DB24-48EF-974E-786496C25D2D}] => (Allow) C:\Program Files\NVIDIA Corporation\NvStreamSrv\nvstreamer.exe (NVIDIA Corporation -> NVIDIA Corporation)
FirewallRules: [{B3708D0F-88E0-4A06-9A4E-C34B7AA77CC6}] => (Allow) C:\Program Files\NVIDIA Corporation\NvStreamSrv\nvstreamer.exe (NVIDIA Corporation -> NVIDIA Corporation)
FirewallRules: [{8C028B2F-6CA0-43FC-90A1-B077890DB941}] => (Allow) E:\Hry\steamapps\common\Poppy Playtime - Multiplayer\Playtime_Multiplayer.exe (EasyAntiCheat Oy -> Epic Games, Inc.)
FirewallRules: [{14EB1F0D-D709-447F-AFEA-3DFB9DE8C7D8}] => (Allow) E:\Hry\steamapps\common\Poppy Playtime - Multiplayer\Playtime_Multiplayer.exe (EasyAntiCheat Oy -> Epic Games, Inc.)
FirewallRules: [TCP Query User{39099541-348F-4A81-AB48-E6463C8595CB}E:\hry\steamapps\common\poppy playtime - multiplayer\playtime_multiplayer\binaries\win64\playtime_multiplayer-win64-shipping.exe] => (Allow) E:\hry\steamapps\common\poppy playtime - multiplayer\playtime_multiplayer\binaries\win64\playtime_multiplayer-win64-shipping.exe (Epic Games, Inc.) [File not signed]
FirewallRules: [UDP Query User{170B4B36-F066-464E-A87B-77152AAD1D65}E:\hry\steamapps\common\poppy playtime - multiplayer\playtime_multiplayer\binaries\win64\playtime_multiplayer-win64-shipping.exe] => (Allow) E:\hry\steamapps\common\poppy playtime - multiplayer\playtime_multiplayer\binaries\win64\playtime_multiplayer-win64-shipping.exe (Epic Games, Inc.) [File not signed]
FirewallRules: [{5BDB27A2-3FBF-4A89-B5A0-FB719085ED1F}] => (Allow) E:\Hry\steamapps\common\AreYouReadyForValveIndex\compatapp.exe (Valve -> )
FirewallRules: [{576BF63F-5185-46B9-A64F-8ED0A8058634}] => (Allow) E:\Hry\steamapps\common\AreYouReadyForValveIndex\compatapp.exe (Valve -> )
FirewallRules: [{37FF988B-AEAD-4FF7-AAA3-4F80109B6265}] => (Allow) C:\Program Files (x86)\Sticky Password\stpass.exe (Lamantine Software a.s. -> Lamantine Software a.s.)
FirewallRules: [{03C1901D-BC4E-4A29-BD3C-3B49F071F705}] => (Allow) C:\Program Files (x86)\Sticky Password\stpass.exe (Lamantine Software a.s. -> Lamantine Software a.s.)
FirewallRules: [{01913BD6-F5FD-473D-8472-00ED116DF64E}] => (Allow) E:\Hry\steamapps\common\Palworld\Palworld.exe (Epic Games, Inc.) [File not signed]
FirewallRules: [{E8DD902F-C4E2-4213-A417-F3FB61BF1E6C}] => (Allow) E:\Hry\steamapps\common\Palworld\Palworld.exe (Epic Games, Inc.) [File not signed]
FirewallRules: [{B7D17A44-A388-4C87-94F0-BAA02D25495F}] => (Allow) C:\Program Files\LogiOptionsPlus\logioptionsplus_agent.exe (Logitech Inc -> Logitech, Inc.)
FirewallRules: [{6BF4BB4A-2728-458F-9511-BAE85BA9A629}] => (Allow) C:\Program Files\qBittorrent\qbittorrent.exe (The qBittorrent Project) [File not signed]
FirewallRules: [{D466CB32-501C-4F87-BE9E-3398D44603C7}] => (Allow) C:\Program Files\qBittorrent\qbittorrent.exe (The qBittorrent Project) [File not signed]
FirewallRules: [{4BDA6956-6C89-4C22-8350-407A1599E75A}] => (Allow) C:\Program Files (x86)\Microsoft\EdgeWebView\Application\122.0.2365.92\msedgewebview2.exe (Microsoft Corporation -> Microsoft Corporation)
FirewallRules: [{EF4B2994-DE1F-4A50-981D-B5B5A32A95F1}] => (Allow) C:\Program Files\WindowsApps\MicrosoftTeams_24060.3102.2733.5911_x64__8wekyb3d8bbwe\msteams.exe (Microsoft Corporation -> Microsoft Corporation)
FirewallRules: [{D14BAB15-B22D-44B4-B783-7F3951C93A2A}] => (Allow) C:\Program Files\WindowsApps\MicrosoftTeams_24060.3102.2733.5911_x64__8wekyb3d8bbwe\msteams.exe (Microsoft Corporation -> Microsoft Corporation)
FirewallRules: [{74C3FA3B-6D44-45D2-8AF9-53191D30FDAB}] => (Allow) C:\Program Files\WindowsApps\SpotifyAB.SpotifyMusic_1.233.1042.0_x64__zpdnekdrzrea0\Spotify.exe (453637B3-4E12-4CDF-B0D3-2A3C863BF6EF -> Spotify Ltd)
FirewallRules: [{3E0AF9CC-6371-40B2-B876-A998C8695B43}] => (Allow) C:\Program Files\WindowsApps\SpotifyAB.SpotifyMusic_1.233.1042.0_x64__zpdnekdrzrea0\Spotify.exe (453637B3-4E12-4CDF-B0D3-2A3C863BF6EF -> Spotify Ltd)
FirewallRules: [{EFC12E27-E3AC-4443-8130-4825CDFA0B9C}] => (Allow) C:\Program Files\WindowsApps\SpotifyAB.SpotifyMusic_1.233.1042.0_x64__zpdnekdrzrea0\Spotify.exe (453637B3-4E12-4CDF-B0D3-2A3C863BF6EF -> Spotify Ltd)
FirewallRules: [{8BEFFD99-5131-4B8B-A405-E679477FDCE4}] => (Allow) C:\Program Files\WindowsApps\SpotifyAB.SpotifyMusic_1.233.1042.0_x64__zpdnekdrzrea0\Spotify.exe (453637B3-4E12-4CDF-B0D3-2A3C863BF6EF -> Spotify Ltd)
FirewallRules: [{BBAA3A03-4AF7-4DA0-9200-15CE44886608}] => (Allow) C:\Program Files\WindowsApps\SpotifyAB.SpotifyMusic_1.233.1042.0_x64__zpdnekdrzrea0\Spotify.exe (453637B3-4E12-4CDF-B0D3-2A3C863BF6EF -> Spotify Ltd)
FirewallRules: [{133A1A31-1ADB-4008-B414-E8ACE8990D0B}] => (Allow) C:\Program Files\WindowsApps\SpotifyAB.SpotifyMusic_1.233.1042.0_x64__zpdnekdrzrea0\Spotify.exe (453637B3-4E12-4CDF-B0D3-2A3C863BF6EF -> Spotify Ltd)
FirewallRules: [{755FD29A-3361-45E5-BF66-C0805414D15A}] => (Allow) C:\Program Files\WindowsApps\SpotifyAB.SpotifyMusic_1.233.1042.0_x64__zpdnekdrzrea0\Spotify.exe (453637B3-4E12-4CDF-B0D3-2A3C863BF6EF -> Spotify Ltd)
FirewallRules: [{B372E5DD-3D78-49F0-A5BB-4567C6282AF9}] => (Allow) C:\Program Files\WindowsApps\SpotifyAB.SpotifyMusic_1.233.1042.0_x64__zpdnekdrzrea0\Spotify.exe (453637B3-4E12-4CDF-B0D3-2A3C863BF6EF -> Spotify Ltd)
FirewallRules: [{2E0D6DD9-20B5-460F-9D52-1DE6382C9C15}] => (Allow) C:\Program Files\WindowsApps\SpotifyAB.SpotifyMusic_1.233.1042.0_x64__zpdnekdrzrea0\Spotify.exe (453637B3-4E12-4CDF-B0D3-2A3C863BF6EF -> Spotify Ltd)
FirewallRules: [{5943667F-B38C-46D9-B807-9973C1B63E1A}] => (Allow) C:\Program Files\WindowsApps\SpotifyAB.SpotifyMusic_1.233.1042.0_x64__zpdnekdrzrea0\Spotify.exe (453637B3-4E12-4CDF-B0D3-2A3C863BF6EF -> Spotify Ltd)

==================== Restore Points =========================

20-03-2024 18:38:26 Windows Update
25-03-2024 18:25:40 Windows Update
25-03-2024 18:25:40 Windows Update
25-03-2024 18:25:41 Windows Update
27-03-2024 16:10:20 Microsoft Visual C++ 2012 Redistributable (x86) - 11.0.61030

==================== Faulty Device Manager Devices ============


==================== Event log errors: ========================

Application errors:
==================
Error: (03/27/2024 04:12:55 PM) (Source: CertEnroll) (EventID: 86) (User: NT AUTHORITY)
Description: Inicializace registrace certifikátu SCEP pro WORKGROUP\ZALMAN-PC$ přes https://AMD-KeyId-907d65e9b562315997dd5 ... s/Aik/scep se nepovedla:

GetCACaps
GetCACaps: Not Found
{"Message":"The authority \"amd-keyid-907d65e9b562315997dd5ad086b2b7598957b92c.microsoftaik.azure.net\" does not exist."}
HTTP/1.1 404 Not Found
Date: Wed, 27 Mar 2024 15:12:56 GMT
Content-Length: 121
Content-Type: application/json; charset=utf-8
X-Content-Type-Options: nosniff
Strict-Transport-Security: max-age=31536000;includeSubDomains
x-ms-request-id: 5f7c1d1b-1e40-488f-907f-d67a08d79e33

Metoda: GET(281ms)
Fáze: GetCACaps
Nenalezeno (404) 0x80190194 (-2145844844 HTTP_E_STATUS_NOT_FOUND)

Error: (03/27/2024 04:12:55 PM) (Source: CertEnroll) (EventID: 86) (User: NT AUTHORITY)
Description: Inicializace registrace certifikátu SCEP pro Místní systém přes https://AMD-KeyId-907d65e9b562315997dd5 ... s/Aik/scep se nepovedla:

GetCACaps
GetCACaps: Not Found
{"Message":"The authority \"amd-keyid-907d65e9b562315997dd5ad086b2b7598957b92c.microsoftaik.azure.net\" does not exist."}
HTTP/1.1 404 Not Found
Date: Wed, 27 Mar 2024 15:12:55 GMT
Content-Length: 121
Content-Type: application/json; charset=utf-8
X-Content-Type-Options: nosniff
Strict-Transport-Security: max-age=31536000;includeSubDomains
x-ms-request-id: 61f7ed85-562c-4c13-841f-225405559aec

Metoda: GET(422ms)
Fáze: GetCACaps
Nenalezeno (404) 0x80190194 (-2145844844 HTTP_E_STATUS_NOT_FOUND)

Error: (03/27/2024 03:10:23 PM) (Source: Microsoft Security Client) (EventID: 3002) (User: )
Description: Event-ID 3002

Error: (03/27/2024 03:10:23 PM) (Source: Microsoft Security Client) (EventID: 2002) (User: )
Description: Event-ID 2002

Error: (03/27/2024 03:10:23 PM) (Source: Microsoft Security Client) (EventID: 2003) (User: )
Description: Event-ID 2003


System errors:
=============
Error: (03/27/2024 04:12:57 PM) (Source: Service Control Manager) (EventID: 7034) (User: )
Description: Služba GameInput Service byla neočekávaně ukončena. Tento stav nastal již 6krát.

Error: (03/27/2024 04:12:57 PM) (Source: Service Control Manager) (EventID: 7023) (User: )
Description: Služba GameInput Service byla ukončena s následující chybou:
Složený soubor GameInput Service byl vytvořen s novější verzi úložného prostoru.

Error: (03/27/2024 04:12:56 PM) (Source: Service Control Manager) (EventID: 7031) (User: )
Description: Služba GameInput Service byla nečekaně ukončena. Stalo se to 5 krát. Následující opravná akce bude spuštěna za 1000 milisekund: Restartovat službu.

Error: (03/27/2024 04:12:56 PM) (Source: Service Control Manager) (EventID: 7023) (User: )
Description: Služba GameInput Service byla ukončena s následující chybou:
Složený soubor GameInput Service byl vytvořen s novější verzi úložného prostoru.

Error: (03/27/2024 04:12:55 PM) (Source: Service Control Manager) (EventID: 7031) (User: )
Description: Služba GameInput Service byla nečekaně ukončena. Stalo se to 4 krát. Následující opravná akce bude spuštěna za 1000 milisekund: Restartovat službu.

Error: (03/27/2024 04:12:55 PM) (Source: Service Control Manager) (EventID: 7023) (User: )
Description: Služba GameInput Service byla ukončena s následující chybou:
Složený soubor GameInput Service byl vytvořen s novější verzi úložného prostoru.

Error: (03/27/2024 04:12:54 PM) (Source: Service Control Manager) (EventID: 7031) (User: )
Description: Služba GameInput Service byla nečekaně ukončena. Stalo se to 3 krát. Následující opravná akce bude spuštěna za 1000 milisekund: Restartovat službu.

Error: (03/27/2024 04:12:54 PM) (Source: Service Control Manager) (EventID: 7023) (User: )
Description: Služba GameInput Service byla ukončena s následující chybou:
Složený soubor GameInput Service byl vytvořen s novější verzi úložného prostoru.


Windows Defender:
================
Date: 2024-03-27 11:49:12
Description:
Prohledávání Antivirová ochrana v programu Microsoft Defender bylo zastaveno před dokončením.
ID prohledávání: {065A7352-698C-42A3-B0D6-0EB3AA01C6A8}
Typ prohledávání: Antimalwarový program
Parametry prohledávání: Rychlé prohledávání
Uživatel: NT AUTHORITY\SYSTEM

Date: 2024-03-26 11:04:25
Description:
Prohledávání Antivirová ochrana v programu Microsoft Defender bylo zastaveno před dokončením.
ID prohledávání: {05952EFA-7104-4861-9F9A-ED72BFCC57E6}
Typ prohledávání: Antimalwarový program
Parametry prohledávání: Rychlé prohledávání
Uživatel: NT AUTHORITY\SYSTEM

Date: 2024-03-19 14:42:11
Description:
Prohledávání Antivirová ochrana v programu Microsoft Defender bylo zastaveno před dokončením.
ID prohledávání: {967023EF-3810-4877-8EF7-3378CD26B578}
Typ prohledávání: Antimalwarový program
Parametry prohledávání: Rychlé prohledávání
Uživatel: NT AUTHORITY\SYSTEM

Date: 2024-03-18 09:22:45
Description:
Prohledávání Antivirová ochrana v programu Microsoft Defender bylo zastaveno před dokončením.
ID prohledávání: {3B22F4A7-74BB-4F2D-B5A0-388E15E0B88D}
Typ prohledávání: Antimalwarový program
Parametry prohledávání: Rychlé prohledávání
Uživatel: NT AUTHORITY\SYSTEM

Date: 2024-03-17 14:40:34
Description:
Prohledávání Antivirová ochrana v programu Microsoft Defender bylo zastaveno před dokončením.
ID prohledávání: {8F131DA7-2EBB-4FDF-BE68-C8309F699900}
Typ prohledávání: Antimalwarový program
Parametry prohledávání: Rychlé prohledávání
Uživatel: NT AUTHORITY\SYSTEM
Event[0]

Date: 2023-04-22 09:27:33
Description:
Antivirová ochrana v programu Microsoft Defender narazil na chybu při pokusu o aktualizaci bezpečnostních informací.
Nová verze bezpečnostních informací:
Předchozí verze bezpečnostních informací: 1.321.69.0
Zdroj aktualizace: Centrum společnosti Microsoft pro ochranu před škodlivým softwarem
Typ bezpečnostních informací: Antivirový program
Typ aktualizace: Úplné
Uživatel: NT AUTHORITY\NETWORK SERVICE
Aktuální verze modulu:
Předchozí verze modulu: 1.1.17300.4
Kód chyby: 0x80072ee7
Popis chyby: Nelze rozpoznat název nebo adresu serveru.

Date: 2023-04-22 09:27:33
Description:
Antivirová ochrana v programu Microsoft Defender narazil na chybu při pokusu o aktualizaci bezpečnostních informací.
Nová verze bezpečnostních informací:
Předchozí verze bezpečnostních informací: 1.321.69.0
Zdroj aktualizace: Centrum společnosti Microsoft pro ochranu před škodlivým softwarem
Typ bezpečnostních informací: Antispywarový program
Typ aktualizace: Úplné
Uživatel: NT AUTHORITY\NETWORK SERVICE
Aktuální verze modulu:
Předchozí verze modulu: 1.1.17300.4
Kód chyby: 0x80072ee7
Popis chyby: Nelze rozpoznat název nebo adresu serveru.

Date: 2023-04-22 09:27:33
Description:
Antivirová ochrana v programu Microsoft Defender narazil na chybu při pokusu o aktualizaci bezpečnostních informací.
Nová verze bezpečnostních informací:
Předchozí verze bezpečnostních informací: 1.321.69.0
Zdroj aktualizace: Centrum společnosti Microsoft pro ochranu před škodlivým softwarem
Typ bezpečnostních informací: Antivirový program
Typ aktualizace: Úplné
Uživatel: NT AUTHORITY\NETWORK SERVICE
Aktuální verze modulu:
Předchozí verze modulu: 1.1.17300.4
Kód chyby: 0x80072ee7
Popis chyby: Nelze rozpoznat název nebo adresu serveru.

Date: 2023-04-22 09:27:33
Description:
Antivirová ochrana v programu Microsoft Defender narazil na chybu při pokusu o aktualizaci bezpečnostních informací.
Nová verze bezpečnostních informací:
Předchozí verze bezpečnostních informací: 1.321.69.0
Zdroj aktualizace: Centrum společnosti Microsoft pro ochranu před škodlivým softwarem
Typ bezpečnostních informací: Antivirový program
Typ aktualizace: Úplné
Uživatel: NT AUTHORITY\NETWORK SERVICE
Aktuální verze modulu:
Předchozí verze modulu: 1.1.17300.4
Kód chyby: 0x80072ee7
Popis chyby: Nelze rozpoznat název nebo adresu serveru.

Date: 2023-04-22 09:27:33
Description:
Antivirová ochrana v programu Microsoft Defender narazil na chybu při pokusu o aktualizaci bezpečnostních informací.
Nová verze bezpečnostních informací:
Předchozí verze bezpečnostních informací: 1.321.69.0
Zdroj aktualizace: Centrum společnosti Microsoft pro ochranu před škodlivým softwarem
Typ bezpečnostních informací: Antispywarový program
Typ aktualizace: Úplné
Uživatel: NT AUTHORITY\NETWORK SERVICE
Aktuální verze modulu:
Předchozí verze modulu: 1.1.17300.4
Kód chyby: 0x80072ee7
Popis chyby: Nelze rozpoznat název nebo adresu serveru.

CodeIntegrity:
===============
Date: 2024-03-27 16:23:10
Description:
Code Integrity determined that a process (\Device\HarddiskVolume4\Windows\System32\SecurityHealthService.exe) attempted to load \Device\HarddiskVolume4\Program Files\ESET\ESET Security\eamsi.dll that did not meet the Windows signing level requirements.

Date: 2024-03-27 16:23:10
Description:
Code Integrity determined that a process (\Device\HarddiskVolume4\Windows\System32\SecurityHealthService.exe) attempted to load \Device\HarddiskVolume4\Program Files (x86)\CheckPoint\Endpoint Security\EFR\CP_AmsiProvider64.dll that did not meet the Windows signing level requirements.


==================== Memory info ===========================

BIOS: American Megatrends International, LLC. 1.I0 03/01/2023
Motherboard: Micro-Star International Co., Ltd. MPG X570 GAMING PRO CARBON WIFI (MS-7B93)
Processor: AMD Ryzen 9 3900X 12-Core Processor
Percentage of memory in use: 40%
Total physical RAM: 16303.47 MB
Available physical RAM: 9652.7 MB
Total Virtual: 17327.47 MB
Available Virtual: 8403.06 MB

==================== Drives ================================

Drive c: () (Fixed) (Total:930.79 GB) (Free:697.62 GB) (Model: Samsung SSD 990 PRO 1TB) NTFS
Drive d: (Místní disk) (Fixed) (Total:1863 GB) (Free:1102.47 GB) (Model: HGST HUS722T2TALA604) NTFS
Drive e: (Místní disk E) (Fixed) (Total:465.65 GB) (Free:221.43 GB) (Model: Samsung SSD 970 EVO Plus 500GB) NTFS

\\?\Volume{e26e90c5-7abc-48fe-a1d0-cdb7280b4b78}\ () (Fixed) (Total:0.61 GB) (Free:0.08 GB) NTFS
\\?\Volume{aed9f27e-b2dc-40a4-a67e-a9c26c3a08fc}\ () (Fixed) (Total:0.09 GB) (Free:0.07 GB) FAT32

==================== MBR & Partition Table ====================

==========================================================
Disk: 0 (Protective MBR) (Size: 1863 GB) (Disk ID: 00000000)

Partition: GPT.

==========================================================
Disk: 1 (Size: 465.8 GB) (Disk ID: 1F09C536)

Partition: GPT.

==========================================================
Disk: 2 (Protective MBR) (Size: 931.5 GB) (Disk ID: 00000000)

Partition: GPT.

==================== End of Addition.txt =======================
Nahoru
Uživatelský avatar
Rudy
Site Admin
Site Admin
Příspěvky: 118275
Registrován: 30 říj 2003 13:42
Bydliště: Plzeň
Kontaktovat uživatele:
Kontaktovat uživatele Rudy

Re: Prosím o kontrolu logu

#3 Příspěvek od Rudy »

Zdravím!
Otevřte poznámkový blok a zkopírujte do něj:
Start

CloseProcesses:
HKLM-x32\...\Run: [SunJavaUpdateSched] => C:\Program Files (x86)\Common Files\Java\Java Update\jusched.exe [739448 2023-03-17] (Oracle America, Inc. -> Oracle Corporation)
HKLM\SOFTWARE\Microsoft\Windows Defender: [DisableAntiSpyware] Restriction <==== ATTENTION
HKLM\SOFTWARE\Microsoft\Windows Defender: [DisableAntiVirus] Restriction <==== ATTENTION
HKLM\SOFTWARE\Policies\Mozilla\Firefox: Restriction <==== ATTENTION
HKLM\SOFTWARE\Policies\Google: Restriction <==== ATTENTION
HKLM\SOFTWARE\Policies\Microsoft\Edge: Restriction <==== ATTENTION
Task: {E0F10DCF-44AD-40E8-9370-FB5DA59F93FB} - System32\Tasks\Microsoft\Windows\UpdateOrchestrator\USO_UxBroker => %systemroot%\system32\MusNotification.exe (No File)

EmptyTemp:
End
Uložte na plochu jako fixlist.txt. Spusťte znovu FRST a klikněte na >Fix<. Po skončení akce se objeví log, který sem zkopírujte.
Dotazy a logy vkládejte pouze do vašich threadů. Soukromé zprávy, icq a e-maily neslouží k řešení vašich problémů.

Podpořte, prosím, naše fórum : https://platba.viry.cz/payment/.

Navštivte: Obrázek

e-mail: rudy(zavináč)forum.viry.cz

Varování: Před odvirováním PC si udělejte zálohy svých důležitých dat (pošta, kontakty, dokumenty, fotografie, videa, hudba apod.). Virus mimo svých "viditelných" aktivit může poškodit systém!


Po dořešení vašeho problému bude vlákno zamknuto. Stejně tak tehdy, pokud bude nečinné více než 14dnů. Pokud budete chtít vlákno aktivovat, napište mi na mail uvedený výše.
Nahoru
Mortiz696
Návštěvník
Návštěvník
Příspěvky: 76
Registrován: 29 led 2014 19:24

Re: Prosím o kontrolu logu

#4 Příspěvek od Mortiz696 »

Provedeno přikládám fixlog a nový FRST

Fix result of Farbar Recovery Scan Tool (x64) Version: 25.03.2024
Ran by petrs (27-03-2024 17:05:39) Run:1
Running from C:\Users\petrs\Desktop
Loaded Profiles: petrs
Boot Mode: Normal
==============================================

fixlist content:
*****************
Start

CloseProcesses:
HKLM-x32\...\Run: [SunJavaUpdateSched] => C:\Program Files (x86)\Common Files\Java\Java Update\jusched.exe [739448 2023-03-17] (Oracle America, Inc. -> Oracle Corporation)
HKLM\SOFTWARE\Microsoft\Windows Defender: [DisableAntiSpyware] Restriction <==== ATTENTION
HKLM\SOFTWARE\Microsoft\Windows Defender: [DisableAntiVirus] Restriction <==== ATTENTION
HKLM\SOFTWARE\Policies\Mozilla\Firefox: Restriction <==== ATTENTION
HKLM\SOFTWARE\Policies\Google: Restriction <==== ATTENTION
HKLM\SOFTWARE\Policies\Microsoft\Edge: Restriction <==== ATTENTION
Task: {E0F10DCF-44AD-40E8-9370-FB5DA59F93FB} - System32\Tasks\Microsoft\Windows\UpdateOrchestrator\USO_UxBroker => %systemroot%\system32\MusNotification.exe (No File)

EmptyTemp:
End
*****************

Processes closed successfully.
"HKLM\Software\WOW6432Node\Microsoft\Windows\CurrentVersion\Run\\SunJavaUpdateSched" => removed successfully
HKLM\SOFTWARE\Microsoft\Windows Defender\\"DisableAntiSpyware"="0" => value restored successfully
HKLM\SOFTWARE\Microsoft\Windows Defender\\"DisableAntiVirus"="0" => value restored successfully
HKLM\SOFTWARE\Policies\Mozilla => removed successfully
HKLM\SOFTWARE\Policies\Google => removed successfully
HKLM\SOFTWARE\Policies\Microsoft\Edge => removed successfully
"HKLM\Software\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Plain\{E0F10DCF-44AD-40E8-9370-FB5DA59F93FB}" => removed successfully
"HKLM\Software\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tasks\{E0F10DCF-44AD-40E8-9370-FB5DA59F93FB}" => removed successfully
C:\Windows\System32\Tasks\Microsoft\Windows\UpdateOrchestrator\USO_UxBroker => moved successfully
"HKLM\Software\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tree\Microsoft\Windows\UpdateOrchestrator\USO_UxBroker" => removed successfully

=========== EmptyTemp: ==========

FlushDNS => completed
BITS transfer queue => 1835008 B
DOMStore, IE Recovery, AppCache, Feeds Cache, Thumbcache, IconCache => 9488018 B
Java, Discord, Steam htmlcache, WinHttpAutoProxySvc/winhttp *.cache => 790297103 B
Windows/system/drivers => 2676492 B
Edge => 0 B
Firefox => 16732855 B
Opera => 0 B

Temp, IE cache, history, cookies, recent:
Default => 0 B
ProgramData => 0 B
Public => 0 B
systemprofile => 308452 B
systemprofile32 => 308452 B
LocalService => 325480 B
NetworkService => 326646 B
petrs => 257207148 B

RecycleBin => 0 B
EmptyTemp: => 1 GB temporary data Removed.

================================


The system needed a reboot.

==== End of Fixlog 17:05:49 ====

Scan result of Farbar Recovery Scan Tool (FRST) (x64) Version: 25.03.2024
Ran by petrs (administrator) on ZALMAN-PC (Micro-Star International Co., Ltd. MS-7B93) (27-03-2024 17:09:06)
Running from C:\Users\petrs\Desktop\FRST64.exe
Loaded Profiles: petrs
Platform: Microsoft Windows 11 Home Version 23H2 22631.3296 (X64) Language: Čeština (Česko)
Default browser: Edge
Boot Mode: Normal

==================== Processes (Whitelisted) =================

(If an entry is included in the fixlist, the process will be closed. The file will not be moved.)

(A-Volute SAS -> A-Volute) C:\Windows\System32\NhNotifSys.exe
(C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe ->) (Microsoft Windows -> Microsoft Corporation) C:\Windows\System32\cmd.exe <2>
(C:\Program Files (x86)\Sticky Password\stpass.exe ->) (Lamantine Software a.s. -> Lamantine Software a.s.) C:\Program Files (x86)\Sticky Password\spUIAManager.exe
(C:\Program Files\ESET\ESET Security\ekrn.exe ->) (ESET, spol. s r.o. -> ESET) C:\Program Files\ESET\ESET Security\eguiProxy.exe
(C:\Program Files\ESET\ESET Security\ekrn.exe ->) (ESET, spol. s r.o. -> ESET) C:\Program Files\ESET\ESET Security\eOppFrame.exe
(C:\Program Files\LogiOptionsPlus\logioptionsplus_agent.exe ->) (Logitech Inc -> Logitech, Inc.) C:\Program Files\LogiOptionsPlus\logioptionsplus_appbroker.exe
(C:\Program Files\LogiOptionsPlus\logioptionsplus_updater.exe ->) (Logitech Inc -> Logitech, Inc.) C:\Program Files\LogiOptionsPlus\logioptionsplus_agent.exe
(C:\Program Files\NVIDIA Corporation\NvContainer\nvcontainer.exe ->) (Microsoft Windows -> Microsoft Corporation) C:\Windows\System32\rundll32.exe
(C:\Program Files\NVIDIA Corporation\NvContainer\nvcontainer.exe ->) (NVIDIA Corporation -> NVIDIA Corporation) C:\Program Files\NVIDIA Corporation\NVIDIA GeForce Experience\NVIDIA Share.exe <3>
(C:\Program Files\NVIDIA Corporation\NvContainer\nvcontainer.exe ->) (NVIDIA Corporation -> NVIDIA Corporation) C:\Program Files\NVIDIA Corporation\ShadowPlay\nvsphelper64.exe
(C:\Program Files\WindowsApps\MicrosoftTeams_24060.3102.2733.5911_x64__8wekyb3d8bbwe\msteams.exe ->) (Microsoft Corporation -> Microsoft Corporation) C:\Program Files (x86)\Microsoft\EdgeWebView\Application\122.0.2365.92\msedgewebview2.exe <12>
(cmd.exe ->) (ESET, spol. s r.o. -> ESET) C:\Program Files\ESET\ESET Security\BrowserPrivacyAndSecurity.exe
(cmd.exe ->) (Lamantine Software a.s. -> Lamantine Software a.s.) C:\Program Files (x86)\Sticky Password\spNMHost.exe
(explorer.exe ->) (Lamantine Software a.s. -> Lamantine Software a.s.) C:\Program Files (x86)\Sticky Password\stpass.exe
(explorer.exe ->) (Microsoft Corporation -> Microsoft Corporation) C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe <13>
(explorer.exe ->) (Microsoft Corporation -> Microsoft Corporation) C:\Program Files\Microsoft OneDrive\OneDrive.exe
(Check Point Software Technologies Ltd. -> Check Point Software Technologies Ltd.) C:\Program Files (x86)\CheckPoint\ZANG\UI\UI_Main.exe
(Check Point Software Technologies Ltd. -> CheckPoint Software Technologies Ltd.) C:\Program Files (x86)\CheckPoint\Update\1.3.99.0\ZoneAlarmCrashHandler.exe
(Check Point Software Technologies Ltd. -> CheckPoint Software Technologies Ltd.) C:\Program Files (x86)\CheckPoint\Update\1.3.99.0\ZoneAlarmCrashHandler64.exe
(NVIDIA Corporation -> Node.js) C:\Program Files (x86)\NVIDIA Corporation\NvNode\NVIDIA Web Helper.exe
(services.exe ->) (Adobe Inc. -> Adobe Inc.) C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\armsvc.exe
(services.exe ->) (AVB Disc Soft, SIA -> Disc Soft FZE LLC) C:\Program Files\DAEMON Tools Lite\DiscSoftBusServiceLite.exe
(services.exe ->) (A-Volute SAS -> Nahimic) C:\Windows\System32\NahimicService.exe
(services.exe ->) (ESET, spol. s r.o. -> ESET) C:\Program Files\ESET\ESET Security\efwd.exe
(services.exe ->) (ESET, spol. s r.o. -> ESET) C:\Program Files\ESET\ESET Security\ekrn.exe
(services.exe ->) (HP Inc. -> HP Inc.) C:\Program Files\HPPrintScanDoctor\HPPrintScanDoctorService.exe
(services.exe ->) (Check Point Software Technologies Ltd. -> ) C:\Program Files (x86)\CheckPoint\Endpoint Security\TPCommon\Cipolla\SBACipollaSrvHost.exe
(services.exe ->) (Check Point Software Technologies Ltd. -> Check Point Software Technologies Ltd.) C:\Program Files (x86)\CheckPoint\Endpoint Security\AntiBot\epab_svc.exe
(services.exe ->) (Check Point Software Technologies Ltd. -> Check Point Software Technologies Ltd.) C:\Program Files (x86)\CheckPoint\Endpoint Security\EFR\EFRService.exe
(services.exe ->) (Check Point Software Technologies Ltd. -> Check Point Software Technologies Ltd.) C:\Program Files (x86)\CheckPoint\Endpoint Security\Threat Emulation\TESvc.exe
(services.exe ->) (Check Point Software Technologies Ltd. -> Check Point Software Technologies Ltd.) C:\Program Files (x86)\CheckPoint\ZANG\AR\AR_Service.exe
(services.exe ->) (Check Point Software Technologies Ltd. -> Check Point Software Technologies Ltd.) C:\Program Files (x86)\CheckPoint\ZANG\AV\ZA_WSC.exe
(services.exe ->) (Check Point Software Technologies Ltd. -> Check Point Software Technologies Ltd.) C:\Program Files (x86)\CheckPoint\ZANG\AV\ZANG_AV.exe
(services.exe ->) (Check Point Software Technologies Ltd. -> Check Point Software Technologies Ltd.) C:\Program Files (x86)\CheckPoint\ZANG\Firewall\ZANG_DAF.exe
(services.exe ->) (Check Point Software Technologies Ltd. -> Check Point Software Technologies Ltd.) C:\Program Files (x86)\CheckPoint\ZANG\MgrSvc\ZANG_MgrSvc.exe
(services.exe ->) (Check Point Software Technologies Ltd. -> Check Point Software Technologies Ltd.) C:\Windows\SysWOW64\Zonelabs\vsmon.exe
(services.exe ->) (Logitech Inc -> Logitech, Inc.) C:\Program Files\LogiOptionsPlus\logioptionsplus_updater.exe
(services.exe ->) (Microsoft Corporation -> Microsoft Corporation) C:\Program Files\Common Files\microsoft shared\ClickToRun\OfficeClickToRun.exe
(services.exe ->) (ND_Apps -> Intel Corporation) C:\Windows\System32\IPROSetMonitor.exe
(services.exe ->) (NVIDIA Corporation -> NVIDIA Corporation) C:\Program Files\NVIDIA Corporation\NvContainer\nvcontainer.exe <3>
(services.exe ->) (NVIDIA Corporation -> NVIDIA Corporation) C:\Windows\System32\DriverStore\FileRepository\nvmdi.inf_amd64_04ffae6d80cb7adc\Display.NvContainer\NVDisplay.Container.exe <2>
(services.exe ->) (Realtek Semiconductor Corp. -> Realtek Semiconductor) C:\Windows\System32\DriverStore\FileRepository\realtekservice.inf_amd64_5349479f7c9fe8a6\RtkAudUService64.exe <2>
(sihost.exe ->) (Microsoft Windows -> Microsoft Corporation) C:\Program Files\WindowsApps\MicrosoftWindows.CrossDevice_1.24022.90.0_x64__cw5n1h2txyewy\CrossDeviceService.exe
(svchost.exe ->) (Microsoft Windows -> ) C:\Program Files\WindowsApps\MicrosoftWindows.Client.WebExperience_424.1301.310.0_x64__cw5n1h2txyewy\Dashboard\WidgetService.exe
(svchost.exe ->) (Microsoft Windows -> Microsoft Corporation) C:\Windows\System32\dllhost.exe <2>
(svchost.exe ->) (Microsoft Windows -> Microsoft Corporation) C:\Windows\System32\smartscreen.exe
(svchost.exe ->) (Microsoft Windows -> Microsoft Corporation) C:\Windows\System32\wlanext.exe
(svchost.exe ->) (Microsoft Windows -> Microsoft Corporation) C:\Windows\SysWOW64\wbem\WmiPrvSE.exe
(svchost.exe ->) (Microsoft Windows -> Microsoft Corporation) C:\Windows\UUS\Packages\Preview\amd64\MoUsoCoreWorker.exe

==================== Registry (Whitelisted) ===================

(If an entry is included in the fixlist, the registry item will be restored to default or removed. The file will not be moved.)

HKLM\...\Run: [Logitech Download Assistant] => C:\Windows\system32\rundll32.exe C:\Windows\System32\LogiLDA.dll,LogiFetch [3951024 2019-10-11] (Microsoft Windows Hardware Compatibility Publisher -> Logitech, Inc.)
HKLM\...\Run: [RtkAudUService] => C:\Windows\System32\DriverStore\FileRepository\realtekservice.inf_amd64_5349479f7c9fe8a6\RtkAudUService64.exe [1951632 2023-12-20] (Realtek Semiconductor Corp. -> Realtek Semiconductor)
HKLM\...\Run: [egui] => C:\Program Files\ESET\ESET Security\ecmds.exe [196016 2024-03-25] (ESET, spol. s r.o. -> ESET)
HKLM-x32\...\Run: [ZANG] => C:\Program Files (x86)\CheckPoint\ZANG\UI\UI_Main.exe [817200 2024-02-09] (Check Point Software Technologies Ltd. -> Check Point Software Technologies Ltd.)
HKU\S-1-5-21-2785552240-912787919-3056475977-1001\...\Run: [OneDrive] => C:\Program Files\Microsoft OneDrive\OneDrive.exe [3306504 2024-03-26] (Microsoft Corporation -> Microsoft Corporation)
HKU\S-1-5-21-2785552240-912787919-3056475977-1001\...\Run: [StickyPassword] => C:\Program Files (x86)\Sticky Password\stpass.exe [72104 2023-12-18] (Lamantine Software a.s. -> Lamantine Software a.s.)
HKU\S-1-5-21-2785552240-912787919-3056475977-1001\...\Run: [MicrosoftEdgeAutoLaunch_C8232F012CA43EDA63AF8D019F227CEA] => "C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --no-startup-window --win-session-start [4060712 2024-03-14] (Microsoft Corporation -> Microsoft Corporation)
HKU\S-1-5-21-2785552240-912787919-3056475977-1001\...\Run: [GalaxyClient] => [X]
HKU\S-1-5-21-2785552240-912787919-3056475977-1001\...\Run: [DAEMON Tools Lite Automount] => C:\Program Files\DAEMON Tools Lite\DTAgent.exe [482128 2023-10-11] (AVB Disc Soft, SIA -> Disc Soft FZE LLC)
HKLM\SOFTWARE\Policies\Mozilla\Firefox: Restriction <==== ATTENTION
HKLM\SOFTWARE\Policies\Google: Restriction <==== ATTENTION
HKLM\SOFTWARE\Policies\Microsoft\Edge: Restriction <==== ATTENTION

==================== Scheduled Tasks (Whitelisted) =================

(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)

Task: {399B43F5-1228-4711-AB4C-129BC36CDA2C} - System32\Tasks\Adobe Acrobat Update Task => C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\AdobeARM.exe [1547208 2024-01-31] (Adobe Inc. -> Adobe Inc.)
Task: {14EEFDE1-83F4-42B5-9F79-A98B61DC1A29} - System32\Tasks\CCleaner Update => C:\Program Files\CCleaner\CCUpdate.exe [714256 2023-10-10] (PIRIFORM SOFTWARE LIMITED -> Piriform Software Ltd)
Task: {DD64EFEC-3053-48B3-B723-5750FCB60292} - System32\Tasks\CCleanerCrashReporting => C:\Program Files\CCleaner\CCleanerBugReport.exe [4703648 2023-10-10] (PIRIFORM SOFTWARE LIMITED -> Piriform Software) -> --product 90 --send dumps|report --path "C:\Program Files\CCleaner\LOG" --programpath "C:\Program Files\CCleaner" --configpath "C:\Program Files\CCleaner\Setup" --guid "17ef4122-613d-4c33-aeff-6851f77dacdc" --version "6.17.10746" --silent
Task: {B2F56437-8C34-467D-9118-010D0C3F63D2} - System32\Tasks\CCleanerSkipUAC - petrs => C:\Program Files\CCleaner\CCleaner.exe [35664800 2023-10-10] (PIRIFORM SOFTWARE LIMITED -> Piriform Software Ltd)
Task: {F2A18D04-40CB-4948-A4E6-2C188D3D3A25} - System32\Tasks\GarminUpdaterTask => C:\Program Files (x86)\Garmin\Express SelfUpdater\ExpressSelfUpdater.exe [31008 2023-08-28] (Garmin International, Inc. -> )
Task: {9B1F60EF-5E7F-4CC9-B744-85F80873659D} - System32\Tasks\HP\HP Print Scan Doctor\Printer Health Monitor => C:\Program Files\HPPrintScanDoctor\HPPrinterHealthMonitor.exe [64464 2024-03-08] (HP Inc. -> HP Inc.)
Task: {C8EFF6FD-9206-4C41-A73A-C28FF3F660DE} - System32\Tasks\HP\HP Print Scan Doctor\Printer Health Monitor Logon => C:\Program Files\HPPrintScanDoctor\HPPrinterHealthMonitor.exe [64464 2024-03-08] (HP Inc. -> HP Inc.)
Task: {71659383-6915-4B96-8DC5-524D169430FE} - System32\Tasks\CheckPointUpdateTaskMachineCore => C:\Program Files (x86)\CheckPoint\Update\ZoneAlarmUpdate.exe [169056 2024-03-27] (Check Point Software Technologies Ltd. -> CheckPoint Software Technologies Ltd.)
Task: {DC3099CB-0267-4D3E-9347-654AD332953E} - System32\Tasks\CheckPointUpdateTaskMachineUA => C:\Program Files (x86)\CheckPoint\Update\ZoneAlarmUpdate.exe [169056 2024-03-27] (Check Point Software Technologies Ltd. -> CheckPoint Software Technologies Ltd.)
Task: {63A08CFA-7515-407A-B831-D1D1EBB87F96} - System32\Tasks\Microsoft\Office\Office Automatic Updates 2.0 => C:\Program Files\Common Files\Microsoft Shared\ClickToRun\OfficeC2RClient.exe [28491744 2024-03-07] (Microsoft Corporation -> Microsoft Corporation)
Task: {9BC130E2-FF6F-492F-BFF0-6270A7F06418} - System32\Tasks\Microsoft\Office\Office ClickToRun Service Monitor => C:\Program Files\Common Files\Microsoft Shared\ClickToRun\OfficeC2RClient.exe [28491744 2024-03-07] (Microsoft Corporation -> Microsoft Corporation)
Task: {E0B79C08-79BB-46A8-9855-A88FFD95C568} - System32\Tasks\Microsoft\Office\Office Feature Updates => C:\Program Files\Microsoft Office\root\Office16\sdxhelper.exe [309184 2024-03-19] (Microsoft Corporation -> Microsoft Corporation)
Task: {15636897-284F-4CD3-93DE-843B4536F239} - System32\Tasks\Microsoft\Office\Office Feature Updates Logon => C:\Program Files\Microsoft Office\root\Office16\sdxhelper.exe [309184 2024-03-19] (Microsoft Corporation -> Microsoft Corporation)
Task: {9530E009-2B61-4644-B69C-F754B8CC191C} - System32\Tasks\Microsoft\Office\Office Performance Monitor => C:\Program Files\Microsoft Office\root\vfs\ProgramFilesCommonX64\Microsoft Shared\Office16\operfmon.exe [170136 2024-03-19] (Microsoft Corporation -> Microsoft Corporation)
Task: {662472C2-6CCA-4CBB-91AB-2A0BEE3A412F} - System32\Tasks\Mozilla\Firefox Background Update 308046B0AF4A39CB => C:\Program Files\Mozilla Firefox\firefox.exe [671648 2024-02-18] (Mozilla Corporation -> Mozilla Corporation) -> C:\ProgramData\Mozilla-1de4eec8-1241-4177-a864-e594e8d1fb38\updates\308046B0AF4A39CB\--MOZ_LOG sync,prependheader,timestamp,append,maxsize:1,Dump:5 --MOZ_LOG_FILE C:\ProgramData\Mozilla-1de4eec8-1241-4177-a864-e594e8d1fb38\updates\308046B0AF4A39CB\backgroundupdate.moz_log --backgroundtask background (the data entry has 6 more characters).
Task: {648AC316-16F7-4EF3-A0B5-0E576869DC1C} - System32\Tasks\Mozilla\Firefox Default Browser Agent 308046B0AF4A39CB => C:\Program Files\Mozilla Firefox\default-browser-agent.exe [34720 2024-02-18] (Mozilla Corporation -> Mozilla Foundation)
Task: {B5DB29EA-E21F-476A-9A75-64EFAC04A25B} - System32\Tasks\NvDriverUpdateCheckDaily_{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8} => C:\Program Files\NVIDIA Corporation\NvContainer\nvcontainer.exe [1005096 2023-11-02] (NVIDIA Corporation -> NVIDIA Corporation) -> C:\Program Files\NVIDIA Corporation\NvContainer\-d "C:\Program Files\NVIDIA Corporation\NvDriverUpdateCheck" -l 3 -f C:\ProgramData\NVIDIA\NvContainerDriverUpdateCheck.log
Task: {A3A1D2A0-F5B4-4098-AED7-D929EB2B0080} - System32\Tasks\NVIDIA GeForce Experience SelfUpdate_{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8} => C:\Program Files\NVIDIA Corporation\NVIDIA GeForce Experience\NVIDIA GeForce Experience.exe [3345448 2023-11-02] (NVIDIA Corporation -> NVIDIA Corporation)
Task: {03F4E411-B084-4494-B0A8-A3A41917110D} - System32\Tasks\NvNodeLauncher_{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8} => C:\Program Files (x86)\NVIDIA Corporation\NvNode\nvnodejslauncher.exe [649256 2023-11-02] (NVIDIA Corporation -> NVIDIA Corporation) -> C:\Program Files (x86)\NVIDIA Corporation\NvNode\--launcher=TaskScheduler
Task: {91BA0E52-6B58-4C1A-8031-44ACE5CA6AD9} - System32\Tasks\NvProfileUpdaterDaily_{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8} => C:\Program Files\NVIDIA Corporation\Update Core\NvProfileUpdater64.exe [910888 2023-11-02] (NVIDIA Corporation -> NVIDIA Corporation)
Task: {2F69E5F6-22E8-466A-AE63-B06ED5AAB17B} - System32\Tasks\NvProfileUpdaterOnLogon_{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8} => C:\Program Files\NVIDIA Corporation\Update Core\NvProfileUpdater64.exe [910888 2023-11-02] (NVIDIA Corporation -> NVIDIA Corporation)
Task: {D8B8B94C-E059-4B26-BCE0-8C6A7ECFB245} - System32\Tasks\NvTmRep_CrashReport1_{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8} => C:\Program Files\NVIDIA Corporation\NvBackend\NvTmRep.exe [1665064 2023-11-02] (NVIDIA Corporation -> NVIDIA Corporation)
Task: {04417C82-AEB0-49FB-9CA1-E9DD3839DDAA} - System32\Tasks\NvTmRep_CrashReport2_{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8} => C:\Program Files\NVIDIA Corporation\NvBackend\NvTmRep.exe [1665064 2023-11-02] (NVIDIA Corporation -> NVIDIA Corporation)
Task: {BB336857-72A4-4BC7-855D-C26FF16E0F21} - System32\Tasks\NvTmRep_CrashReport3_{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8} => C:\Program Files\NVIDIA Corporation\NvBackend\NvTmRep.exe [1665064 2023-11-02] (NVIDIA Corporation -> NVIDIA Corporation)
Task: {F92BCC29-8EA7-4146-8E85-EE15F428560F} - System32\Tasks\NvTmRep_CrashReport4_{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8} => C:\Program Files\NVIDIA Corporation\NvBackend\NvTmRep.exe [1665064 2023-11-02] (NVIDIA Corporation -> NVIDIA Corporation)
Task: {86D74176-E9A1-4792-9DF9-65DF22201D67} - System32\Tasks\OneDrive Per-Machine Standalone Update Task => C:\Program Files\Microsoft OneDrive\OneDriveStandaloneUpdater.exe [4206096 2024-03-26] (Microsoft Corporation -> Microsoft Corporation)
Task: {26998442-F9D7-4310-81AB-DA99388D4B84} - System32\Tasks\OneDrive Reporting Task-S-1-5-21-2785552240-912787919-3056475977-1001 => C:\Program Files\Microsoft OneDrive\OneDriveStandaloneUpdater.exe [4206096 2024-03-26] (Microsoft Corporation -> Microsoft Corporation)

(If an entry is included in the fixlist, the task (.job) file will be moved. The file which is running by the task will not be moved.)

Task: C:\Windows\Tasks\CCleanerCrashReporting.job => C:\Program Files\CCleaner\CCleanerBugReport.exe

==================== Internet (Whitelisted) ====================

(If an item is included in the fixlist, if it is a registry item it will be removed or restored to default.)

Tcpip\Parameters: [DhcpNameServer] 192.168.1.1
Tcpip\..\Interfaces\{35a168d9-1984-429c-9a8a-e56395f3eb51}: [DhcpNameServer] 192.168.1.1
Tcpip\..\Interfaces\{de550de4-89a9-46b5-bdc1-069d2be646cf}: [DhcpNameServer] 192.168.1.1
HKLM\SOFTWARE\Policies\Microsoft\Internet Explorer: Restriction <==== ATTENTION

Edge:
=======
Edge DefaultProfile: Default
Edge Profile: C:\Users\petrs\AppData\Local\Microsoft\Edge\User Data\Default [2024-03-27]
Edge HomePage: Default -> hxxp://www.seznam.cz/
Edge StartupUrls: Default -> "hxxp://www.seznam.cz/"
Edge Extension: (Dokumenty Google offline) - C:\Users\petrs\AppData\Local\Microsoft\Edge\User Data\Default\Extensions\ghbmnnjooekpmoecnnnilnnbdlolhkhi [2024-03-08]
Edge Extension: (Popup Blocker (strict)) - C:\Users\petrs\AppData\Local\Microsoft\Edge\User Data\Default\Extensions\ijhfkkgjgpcplfeajghagkcebakjcpge [2024-03-10]
Edge Extension: (Sticky Password - správce hesel) - C:\Users\petrs\AppData\Local\Microsoft\Edge\User Data\Default\Extensions\jbipmfkjgjhibkepepeneigpkfeikikp [2024-02-28]
Edge Extension: (Edge relevant text changes) - C:\Users\petrs\AppData\Local\Microsoft\Edge\User Data\Default\Extensions\jmjflgjpcpepeafmmgdpfkogkghcpiha [2024-01-24]
Edge Extension: (ESET Browser Privacy & Security) - C:\Users\petrs\AppData\Local\Microsoft\Edge\User Data\Default\Extensions\nkapkmklnmidbbgjaipbgpcnbomnaakc [2024-03-27]
Edge Extension: (Hlídač Shopů) - C:\Users\petrs\AppData\Local\Microsoft\Edge\User Data\Default\Extensions\plmlonggbfebcjelncogcnclagkmkikk [2023-11-17]
Edge HKLM-x32\...\Edge\Extension: [nkapkmklnmidbbgjaipbgpcnbomnaakc]

FireFox:
========
FF DefaultProfile: gdl9l20v.default
FF ProfilePath: C:\Users\petrs\AppData\Roaming\Mozilla\Firefox\Profiles\gdl9l20v.default [2024-03-27]
FF ProfilePath: C:\Users\petrs\AppData\Roaming\Mozilla\Firefox\Profiles\7wzm0yq2.default-release [2024-03-27]
FF Extension: (Sticky Password - správce hesel) - C:\Users\petrs\AppData\Roaming\Mozilla\Firefox\Profiles\7wzm0yq2.default-release\Extensions\{ecb80162-dfbd-4d91-a8da-17b35ba4707a}.xpi [2023-05-04]
FF Plugin: @java.com/DTPlugin,version=11.371.2 -> C:\Program Files\Java\jre-1.8\bin\dtplugin\npDeployJava1.dll [2023-03-17] (Oracle America, Inc. -> Oracle Corporation)
FF Plugin: @java.com/JavaPlugin,version=11.371.2 -> C:\Program Files\Java\jre-1.8\bin\plugin2\npjp2.dll [2023-03-17] (Oracle America, Inc. -> Oracle Corporation)
FF Plugin: @microsoft.com/SharePoint,version=14.0 -> C:\Program Files\Microsoft Office\root\Office16\NPSPWRAP.DLL [2024-01-31] (Microsoft Corporation -> Microsoft Corporation)
FF Plugin: @videolan.org/vlc,version=3.0.18 -> C:\Program Files\VideoLAN\VLC\npvlc.dll [2022-11-08] (VideoLAN -> VideoLAN)
FF Plugin: Adobe Acrobat -> C:\Program Files\Adobe\Acrobat DC\Acrobat\Air\nppdf32.dll [2024-03-18] (Adobe Inc. -> Adobe Systems Inc.)
FF Plugin-x32: @microsoft.com/SharePoint,version=14.0 -> C:\Program Files\Microsoft Office\root\VFS\ProgramFilesX86\Microsoft Office\Office16\NPSPWRAP.DLL [2024-01-31] (Microsoft Corporation -> Microsoft Corporation)
FF Plugin-x32: @tools.google.com/CheckPoint Update;version=3 -> C:\Program Files (x86)\CheckPoint\Update\1.3.99.0\npZoneAlarmUpdate3.dll [2024-03-27] (Check Point Software Technologies Ltd. -> CheckPoint Software Technologies Ltd.)
FF Plugin-x32: @tools.google.com/CheckPoint Update;version=9 -> C:\Program Files (x86)\CheckPoint\Update\1.3.99.0\npZoneAlarmUpdate3.dll [2024-03-27] (Check Point Software Technologies Ltd. -> CheckPoint Software Technologies Ltd.)
FF ExtraCheck: C:\Program Files\mozilla firefox\defaults\pref\eset_security_config_overlay.js [2024-03-27]

==================== Services (Whitelisted) ===================

(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)

R2 AdobeARMservice; C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\armsvc.exe [172992 2024-01-31] (Adobe Inc. -> Adobe Inc.)
R2 AR_Service; C:\Program Files (x86)\CheckPoint\ZANG\AR\AR_Service.exe [23088 2024-02-09] (Check Point Software Technologies Ltd. -> Check Point Software Technologies Ltd.)
R2 ClickToRunSvc; C:\Program Files\Common Files\Microsoft Shared\ClickToRun\OfficeClickToRun.exe [14097992 2024-03-07] (Microsoft Corporation -> Microsoft Corporation)
R2 CPEFR; C:\Program Files (x86)\CheckPoint\Endpoint Security\EFR\EFRService.exe [3567552 2024-02-20] (Check Point Software Technologies Ltd. -> Check Point Software Technologies Ltd.)
R2 CpSbaCipolla; C:\Program Files (x86)\CheckPoint\Endpoint Security\TPCommon\Cipolla\SBACipollaSrvHost.exe [35128 2024-02-20] (Check Point Software Technologies Ltd. -> )
R2 CpSbaUpdater; C:\Program Files (x86)\CheckPoint\Endpoint Security\TPCommon\Cipolla\SBACipollaSrvHost.exe [35128 2024-02-20] (Check Point Software Technologies Ltd. -> )
R3 Disc Soft Lite Bus Service; C:\Program Files\DAEMON Tools Lite\DiscSoftBusServiceLite.exe [4973904 2023-10-11] (AVB Disc Soft, SIA -> Disc Soft FZE LLC)
S3 EasyAntiCheat; C:\Program Files (x86)\EasyAntiCheat\EasyAntiCheat.exe [1136552 2023-08-22] (EasyAntiCheat Oy -> Epic Games, Inc)
S3 EasyAntiCheat_EOS; C:\Program Files (x86)\EasyAntiCheat_EOS\EasyAntiCheat_EOS.exe [943528 2023-11-26] (EasyAntiCheat Oy -> Epic Games, Inc.)
R2 efwd; C:\Program Files\ESET\ESET Security\efwd.exe [5584248 2024-03-25] (ESET, spol. s r.o. -> ESET)
R2 ekrn; C:\Program Files\ESET\ESET Security\ekrn.exe [3903416 2024-03-25] (ESET, spol. s r.o. -> ESET)
R3 ekrnEpfw; C:\Program Files\ESET\ESET Security\ekrn.exe [3903416 2024-03-25] (ESET, spol. s r.o. -> ESET)
R2 EpabService; C:\Program Files (x86)\CheckPoint\Endpoint Security\AntiBot\epab_svc.exe [518592 2023-02-05] (Check Point Software Technologies Ltd. -> Check Point Software Technologies Ltd.)
S3 EpicOnlineServices; C:\Program Files (x86)\Epic Games\Epic Online Services\service\EpicOnlineServicesHost.exe [375248 2023-12-26] (Epic Games Inc. -> Epic Games, Inc.)
S3 FileSyncHelper; C:\Program Files\Microsoft OneDrive\24.050.0310.0001\FileSyncHelper.exe [3511312 2024-03-26] (Microsoft Corporation -> Microsoft Corporation)
S3 GalaxyClientService; E:\Hry\GOG Galaxy\GalaxyClientService.exe [2348000 2023-04-13] (GOG sp. z o.o -> GOG.com)
S3 GalaxyCommunication; C:\ProgramData\GOG.com\Galaxy\redists\GalaxyCommunication.exe [7178720 2023-04-13] (GOG sp. z o.o -> GOG.com)
R2 HPPrintScanDoctorService; C:\Program Files\HPPrintScanDoctor\HPPrintScanDoctorService.exe [234968 2024-03-08] (HP Inc. -> HP Inc.)
R2 NahimicService; C:\Windows\system32\NahimicService.exe [1909416 2024-01-01] (A-Volute SAS -> Nahimic)
S3 OneDrive Updater Service; C:\Program Files\Microsoft OneDrive\24.050.0310.0001\OneDriveUpdaterService.exe [3851296 2024-03-26] (Microsoft Corporation -> Microsoft Corporation)
R2 OptionsPlusUpdaterService; C:\Program Files\LogiOptionsPlus\logioptionsplus_updater.exe [18545408 2024-03-06] (Logitech Inc -> Logitech, Inc.)
R2 TESvc; C:\Program Files (x86)\CheckPoint\Endpoint Security\Threat Emulation\TESvc.exe [141760 2023-02-20] (Check Point Software Technologies Ltd. -> Check Point Software Technologies Ltd.)
R2 vsmon; C:\Windows\SysWOW64\Zonelabs\vsmon.exe [3506184 2023-09-28] (Check Point Software Technologies Ltd. -> Check Point Software Technologies Ltd.)
S3 WdNisSvc; C:\ProgramData\Microsoft\Windows Defender\Platform\4.18.24020.7-0\NisSrv.exe [3191272 2024-03-12] (Microsoft Windows Publisher -> Microsoft Corporation)
S3 WinDefend; C:\ProgramData\Microsoft\Windows Defender\Platform\4.18.24020.7-0\MsMpEng.exe [133688 2024-03-12] (Microsoft Windows Publisher -> Microsoft Corporation)
R2 ZANG_AV; C:\Program Files (x86)\CheckPoint\ZANG\AV\ZANG_AV.exe [25648 2024-02-09] (Check Point Software Technologies Ltd. -> Check Point Software Technologies Ltd.)
R2 ZANG_DAF; C:\Program Files (x86)\CheckPoint\ZANG\Firewall\ZANG_DAF.exe [849968 2024-02-20] (Check Point Software Technologies Ltd. -> Check Point Software Technologies Ltd.)
R2 ZANG_MgrSvc; C:\Program Files (x86)\CheckPoint\ZANG\MgrSvc\ZANG_MgrSvc.exe [25136 2024-02-09] (Check Point Software Technologies Ltd. -> Check Point Software Technologies Ltd.)
R2 ZA_WSC; C:\Program Files (x86)\CheckPoint\ZANG\AV\ZA_WSC.exe [828960 2024-02-06] (Check Point Software Technologies Ltd. -> Check Point Software Technologies Ltd.)
S2 zus; C:\Program Files (x86)\CheckPoint\Update\ZoneAlarmUpdate.exe [169056 2024-03-27] (Check Point Software Technologies Ltd. -> CheckPoint Software Technologies Ltd.)
S3 zusm; C:\Program Files (x86)\CheckPoint\Update\ZoneAlarmUpdate.exe [169056 2024-03-27] (Check Point Software Technologies Ltd. -> CheckPoint Software Technologies Ltd.)
R2 NVDisplay.ContainerLocalSystem; C:\Windows\System32\DriverStore\FileRepository\nvmdi.inf_amd64_04ffae6d80cb7adc\Display.NvContainer\NVDisplay.Container.exe -s NVDisplay.ContainerLocalSystem -f %ProgramData%\NVIDIA\NVDisplay.ContainerLocalSystem.log -l 3 -d C:\Windows\System32\DriverStore\FileRepository\nvmdi.inf_amd64_04ffae6d80cb7adc\Display.NvContainer\plugins\LocalSystem -r -p 30000 -cfg NVDisplay.ContainerLocalSystem\LocalSystem

===================== Drivers (Whitelisted) ===================

(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)

R2 cpbak; C:\Windows\System32\DRIVERS\cpbak.sys [78816 2022-11-28] (Microsoft Windows Hardware Compatibility Publisher -> Check Point Software Technologies)
R2 cpdevmon; C:\Program Files (x86)\CheckPoint\Endpoint Security\EFR\cpdevmon64.sys [27104 2024-02-20] (Microsoft Windows Hardware Compatibility Publisher -> Check Point Software Technologies)
R0 cpdhnypt; C:\Windows\System32\DRIVERS\cpdhnypt.sys [27136 2023-02-17] (Microsoft Windows Hardware Compatibility Publisher -> Check Point Software Technologies)
R0 cpdiskflt; C:\Windows\System32\DRIVERS\cpdiskflt.sys [21968 2023-02-17] (Microsoft Windows Hardware Compatibility Publisher -> Check Point Software Technologies)
R1 CPEPMon; C:\Windows\System32\DRIVERS\CPEPMon.sys [167936 2023-10-29] (Microsoft Windows Hardware Compatibility Publisher -> Check Point Software Technologies)
R1 cposfw; C:\Windows\System32\DRIVERS\cposfw.sys [118880 2024-02-09] (Microsoft Windows Hardware Compatibility Publisher -> Check Point Software Technologies)
S3 dg_ssudbus; C:\Windows\system32\DRIVERS\ssudbus2.sys [167440 2022-09-30] (Samsung Electronics CO., LTD. -> Samsung Electronics Co., Ltd.)
R3 dtlitescsibus; C:\Windows\System32\drivers\dtlitescsibus.sys [42256 2023-10-11] (AVB Disc Soft, SIA -> Disc Soft Ltd)
R3 dtliteusbbus; C:\Windows\System32\drivers\dtliteusbbus.sys [63696 2023-10-11] (AVB Disc Soft, SIA -> Disc Soft Ltd)
R1 eamonm; C:\Windows\System32\DRIVERS\eamonm.sys [218432 2024-03-25] (ESET, spol. s r.o. -> ESET)
R0 edevmon; C:\Windows\System32\DRIVERS\edevmon.sys [121304 2024-03-25] (ESET, spol. s r.o. -> ESET)
S0 eelam; C:\Windows\System32\DRIVERS\eelam.sys [16336 2024-03-21] (Microsoft Windows Early Launch Anti-malware Publisher -> ESET)
R1 ehdrv; C:\Windows\system32\DRIVERS\ehdrv.sys [259752 2024-03-25] (ESET, spol. s r.o. -> ESET)
R2 ekbdflt; C:\Windows\system32\DRIVERS\ekbdflt.sys [57832 2024-03-25] (ESET, spol. s r.o. -> ESET)
S0 epelam; C:\Windows\System32\drivers\epelam.sys [18912 2022-01-03] (Microsoft Windows Early Launch Anti-malware Publisher -> Check Point Software Technologies)
R1 epfw; C:\Windows\system32\DRIVERS\epfw.sys [84120 2024-03-25] (ESET, spol. s r.o. -> ESET)
R1 epfwwfp; C:\Windows\system32\DRIVERS\epfwwfp.sys [125952 2024-03-25] (ESET, spol. s r.o. -> ESET)
R3 epklibproxy; C:\Windows\System32\drivers\epklibproxy.sys [29648 2022-11-17] (Microsoft Windows Hardware Compatibility Publisher -> Check Point Software Technologies Ltd.)
R1 epnetflt; C:\Windows\system32\drivers\epnetflt.sys [195544 2023-03-02] (Microsoft Windows Hardware Compatibility Publisher -> Check Point Software Technologies)
R1 epregflt; C:\Windows\system32\drivers\epregflt.sys [133416 2020-12-02] (Check Point Software Technologies Ltd. -> Check Point Software Technologies)
R1 IntelTDT; C:\Windows\System32\Drivers\IntelTDT.sys [93496 2024-02-20] (Check Point Software Technologies Ltd. -> Windows (R) Win 7 DDK provider)
R2 ISWKL; C:\Program Files (x86)\CheckPoint\Endpoint Security\Endpoint Common\bin\ISWKL.sys [50128 2022-06-21] (Microsoft Windows Hardware Compatibility Publisher -> Check Point Software Technologies Ltd.)
R3 Nahimic_Mirroring; C:\Windows\System32\drivers\Nahimic_Mirroring.sys [86224 2022-08-19] (A-Volute SAS -> Windows (R) Win 7 DDK provider)
R3 NvModuleTracker; C:\Windows\System32\DriverStore\FileRepository\nvmoduletracker.inf_amd64_0c1cc60a4b422185\NvModuleTracker.sys [45656 2022-07-14] (Nvidia Corporation -> NVIDIA Corporation)
S3 ssudmdm; C:\Windows\system32\DRIVERS\ssudmdm.sys [174112 2022-09-30] (Samsung Electronics CO., LTD. -> Samsung Electronics Co., Ltd.)
R1 vsdatant; C:\Windows\system32\DRIVERS\vsdatant.sys [681072 2022-11-17] (Check Point Software Technologies Ltd. -> Check Point Software Technologies Ltd.)
S3 WdBoot; C:\Windows\system32\drivers\wd\WdBoot.sys [20928 2024-03-12] (Microsoft Windows Early Launch Anti-malware Publisher -> Microsoft Corporation)
U5 WdDevFlt; C:\Windows\System32\Drivers\WdDevFlt.sys [169232 2022-05-07] (Microsoft Windows -> Microsoft Corporation)
S3 WdFilter; C:\Windows\system32\drivers\wd\WdFilter.sys [603416 2024-03-12] (Microsoft Windows -> Microsoft Corporation)
S3 WdNisDrv; C:\Windows\System32\drivers\wd\WdNisDrv.sys [105752 2024-03-12] (Microsoft Windows -> Microsoft Corporation)

==================== NetSvcs (Whitelisted) ===================

(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)


==================== One month (created) (Whitelisted) =========

(If an entry is included in the fixlist, the file/folder will be moved.)

2024-03-27 17:05 - 2024-03-27 17:05 - 000002851 _____ C:\Users\petrs\Desktop\Fixlog.txt
2024-03-27 16:53 - 2024-03-27 16:53 - 000725758 _____ C:\Windows\system32\perfh005.dat
2024-03-27 16:53 - 2024-03-27 16:53 - 000151026 _____ C:\Windows\system32\perfc005.dat
2024-03-27 16:12 - 2024-03-27 17:06 - 000012288 _____ C:\Windows\system32\Drivers\vsparam.reg
2024-03-27 16:12 - 2024-03-27 17:06 - 000008192 _____ C:\Windows\system32\Drivers\vsflt.reg
2024-03-27 16:10 - 2024-03-27 17:06 - 000012288 _____ C:\Windows\system32\Drivers\vsndis.reg
2024-03-27 16:10 - 2024-03-27 17:03 - 000000000 ____D C:\Windows\Internet Logs
2024-03-27 16:10 - 2024-03-27 16:11 - 000000000 ____D C:\Windows\SysWOW64\Zonelabs
2024-03-27 16:10 - 2024-03-27 16:10 - 000001273 _____ C:\Users\Public\Desktop\ZoneAlarm.lnk
2024-03-27 16:10 - 2024-03-27 16:10 - 000000604 _____ C:\Windows\system32\Drivers\DisconnectedPolicy.xml
2024-03-27 16:10 - 2024-03-27 16:10 - 000000000 ____H C:\Windows\system32\Drivers\Msft_Kernel_cpdiskflt_01011.Wdf
2024-03-27 16:10 - 2024-03-27 16:10 - 000000000 ____H C:\Windows\system32\Drivers\Msft_Kernel_cpdhnypt_01011.Wdf
2024-03-27 16:10 - 2024-03-27 16:10 - 000000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\ZoneAlarm
2024-03-27 16:10 - 2024-02-20 14:12 - 000093496 _____ (Windows (R) Win 7 DDK provider) C:\Windows\system32\Drivers\IntelTDT.sys
2024-03-27 16:10 - 2023-02-02 18:23 - 000260968 _____ C:\Windows\system32\Drivers\vsconfig.xml
2024-03-27 16:09 - 2024-03-27 16:10 - 000000000 ____D C:\ProgramData\CheckPoint
2024-03-27 16:09 - 2024-03-27 16:10 - 000000000 ____D C:\Program Files (x86)\CheckPoint
2024-03-27 16:09 - 2024-03-27 16:09 - 001133424 _____ (CheckPoint Software Technologies Ltd.) C:\Users\petrs\Downloads\ZoneAlarmNGSetup_ZANG_FW_FR_AR8ZNP.exe
2024-03-27 16:09 - 2024-03-27 16:09 - 000003462 _____ C:\Windows\system32\Tasks\CheckPointUpdateTaskMachineUA
2024-03-27 16:09 - 2024-03-27 16:09 - 000003338 _____ C:\Windows\system32\Tasks\CheckPointUpdateTaskMachineCore
2024-03-27 16:09 - 2024-03-27 16:09 - 000000000 ____D C:\Users\petrs\AppData\Local\CheckPoint
2024-03-27 15:45 - 2024-03-27 16:30 - 000047340 _____ C:\Users\petrs\Desktop\Addition.txt
2024-03-27 15:44 - 2024-03-27 17:09 - 000031368 _____ C:\Users\petrs\Desktop\FRST.txt
2024-03-27 15:43 - 2024-03-27 17:09 - 000000000 ____D C:\FRST
2024-03-27 15:42 - 2024-03-27 15:43 - 002391552 _____ (Farbar) C:\Users\petrs\Desktop\FRST64.exe
2024-03-27 15:09 - 2024-03-27 15:09 - 000002016 _____ C:\Users\Public\Desktop\ESET Zabezpečené bankovnictví a prohlížení webu.lnk
2024-03-27 15:07 - 2024-03-27 15:07 - 000000000 ____D C:\Users\petrs\AppData\Local\ESET
2024-03-27 15:06 - 2024-03-27 15:06 - 000000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\ESET
2024-03-27 15:06 - 2024-03-27 15:06 - 000000000 ____D C:\ProgramData\ESET
2024-03-27 15:06 - 2024-03-27 15:06 - 000000000 ____D C:\Program Files\ESET
2024-03-27 11:01 - 2024-03-27 11:01 - 000000000 ___HD C:\OneDriveTemp
2024-03-25 19:28 - 2024-03-25 19:30 - 1455116713 _____ C:\Users\petrs\Downloads\[Erai-raws] Ore dake Level Up na Ken - 11 [1080p][Multiple Subtitle][9A1B5F9A].mkv
2024-03-25 19:28 - 2024-03-25 19:29 - 1443718225 _____ C:\Users\petrs\Downloads\[SubsPlease] Nozomanu Fushi no Boukensha - 12 (1080p) [8E8A3480].mkv
2024-03-25 19:28 - 2024-03-25 19:28 - 000031910 _____ C:\Users\petrs\Downloads\[SubsPlease] Nozomanu Fushi no Boukensha - 12 (720p) [732D5AD4].ass
2024-03-25 19:27 - 2024-03-25 19:27 - 000022908 _____ C:\Users\petrs\Downloads\[Erai-raws] Ore dake Level Up na Ken - 11 [720p][Multiple Subtitle][5BF36326].ass
2024-03-25 13:27 - 2024-03-25 13:27 - 000259752 _____ (ESET) C:\Windows\system32\Drivers\ehdrv.sys
2024-03-25 13:27 - 2024-03-25 13:27 - 000218432 _____ (ESET) C:\Windows\system32\Drivers\eamonm.sys
2024-03-25 13:27 - 2024-03-25 13:27 - 000125952 _____ (ESET) C:\Windows\system32\Drivers\epfwwfp.sys
2024-03-25 13:27 - 2024-03-25 13:27 - 000121304 _____ (ESET) C:\Windows\system32\Drivers\edevmon.sys
2024-03-25 13:27 - 2024-03-25 13:27 - 000084120 _____ (ESET) C:\Windows\system32\Drivers\epfw.sys
2024-03-25 13:27 - 2024-03-25 13:27 - 000057832 _____ (ESET) C:\Windows\system32\Drivers\ekbdflt.sys
2024-03-17 23:25 - 2024-03-17 23:29 - 1634514431 _____ C:\Users\petrs\Downloads\[SubsPlease] Shangri-La Frontier - 19 (1080p) [7F0307E9].mkv
2024-03-17 23:25 - 2024-03-17 23:29 - 1543821013 _____ C:\Users\petrs\Downloads\[SubsPlease] Shangri-La Frontier - 22 (1080p) [841BED2C].mkv
2024-03-17 23:25 - 2024-03-17 23:29 - 1537764566 _____ C:\Users\petrs\Downloads\[SubsPlease] Shangri-La Frontier - 20 (1080p) [AF8AE360].mkv
2024-03-17 23:25 - 2024-03-17 23:27 - 1441065815 _____ C:\Users\petrs\Downloads\[SubsPlease] Shangri-La Frontier - 23 (1080p) [ECD81383].mkv
2024-03-17 23:25 - 2024-03-17 23:27 - 1439089554 _____ C:\Users\petrs\Downloads\[SubsPlease] Shangri-La Frontier - 21 (1080p) [4EA64D0E].mkv
2024-03-17 23:25 - 2024-03-17 23:25 - 000041949 _____ C:\Users\petrs\Downloads\[subsplease] Shangri-La Frontier_ Kusoge Hunter, Kamige ni Idoman to su - 21 [BRZK].ass
2024-03-17 23:25 - 2024-03-17 23:25 - 000038818 _____ C:\Users\petrs\Downloads\[subsplease] Shangri-La Frontier_ Kusoge Hunter, Kamige ni Idoman to su - 20 [BRZK].ass
2024-03-17 23:25 - 2024-03-17 23:25 - 000038361 _____ C:\Users\petrs\Downloads\[Subsplease] Shangri-La Frontier_ Kusoge Hunter, Kamige ni Idoman to su - 22 [BRZK].ass
2024-03-17 23:24 - 2024-03-17 23:24 - 000043781 _____ C:\Users\petrs\Downloads\[subsplease] Shangri-La Frontier_ Kusoge Hunter, Kamige ni Idoman to su - 19 [BRZK].ass
2024-03-17 12:19 - 2024-03-17 12:21 - 1472280553 _____ C:\Users\petrs\Downloads\[Erai-raws] Ore dake Level Up na Ken - 10 [1080p][Multiple Subtitle][A9FB951C].mkv
2024-03-17 12:19 - 2024-03-17 12:21 - 1446510149 _____ C:\Users\petrs\Downloads\[SubsPlease] Nozomanu Fushi no Boukensha - 11 (1080p) [5EB1F3AB].mkv
2024-03-17 12:19 - 2024-03-17 12:19 - 000032894 _____ C:\Users\petrs\Downloads\[Erai-raws] Ore dake Level Up na Ken - 10 [720p][Multiple Subtitle][C628981E].ass
2024-03-17 12:18 - 2024-03-17 12:18 - 000032480 _____ C:\Users\petrs\Downloads\[SubsPlease] Nozomanu Fushi no Boukensha - 11 (720p) [9DC5A493].ass
2024-03-13 10:18 - 2024-03-13 10:18 - 000020023 _____ C:\Windows\SysWOW64\IntegratedServicesRegionPolicySet.json
2024-03-13 10:18 - 2024-03-13 10:18 - 000020023 _____ C:\Windows\system32\IntegratedServicesRegionPolicySet.json
2024-03-13 10:15 - 2024-03-13 10:16 - 000000000 ___HD C:\$WinREAgent
2024-03-10 08:54 - 2024-03-10 08:56 - 1473031609 _____ C:\Users\petrs\Downloads\[Erai-raws] Ore dake Level Up na Ken - 09 [1080p][Multiple Subtitle][2948F80F].mkv
2024-03-10 08:54 - 2024-03-10 08:54 - 000034556 _____ C:\Users\petrs\Downloads\[Erai-raws] Ore dake Level Up na Ken - 09 [720p][Multiple Subtitle][1B63B228].ass
2024-03-09 14:36 - 2024-03-09 14:38 - 1446313464 _____ C:\Users\petrs\Downloads\[SubsPlease] Nozomanu Fushi no Boukensha - 10v2 (1080p) [E2851279].mkv
2024-03-09 14:36 - 2024-03-09 14:36 - 000034901 _____ C:\Users\petrs\Downloads\[SubsPlease] Nozomanu Fushi no Boukensha - 10v2 (720p) [1A67B818].ass
2024-03-07 13:02 - 2024-03-07 13:02 - 001059500 _____ C:\Users\petrs\Downloads\Faktura_objednávka ES01651_dobropis.pdf
2024-03-07 12:39 - 2024-03-07 12:42 - 000239316 _____ C:\Users\petrs\Downloads\Formulář pro odstoupení od kupní smlouvy.pdf
2024-03-07 09:30 - 2024-03-07 09:30 - 000000000 ____D C:\Program Files\Common Files\DESIGNER
2024-03-07 09:23 - 2024-03-07 09:23 - 000000859 _____ C:\Users\Public\Desktop\Logi Options+.lnk
2024-03-07 09:23 - 2024-03-07 09:23 - 000000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Logi
2024-03-07 09:23 - 2024-03-07 09:23 - 000000000 ____D C:\Program Files\LogiOptionsPlus
2024-03-03 10:09 - 2024-03-03 10:11 - 1473157029 _____ C:\Users\petrs\Downloads\[Erai-raws] Ore dake Level Up na Ken - 08 [1080p][Multiple Subtitle][58CC8C8A].mkv
2024-03-03 10:09 - 2024-03-03 10:09 - 000031871 _____ C:\Users\petrs\Downloads\[Erai-raws] Ore dake Level Up na Ken - 08 [720p][Multiple Subtitle][C7393F9D].ass
2024-03-02 17:32 - 2024-03-02 17:34 - 001221812 ____H C:\Users\petrs\Downloads\.52ea00a70119d22fae99c0401353f27ed9fcf95b.parts
2024-03-02 17:32 - 2024-03-02 17:32 - 000000000 ____D C:\Users\petrs\Downloads\Hello World and Another World (2019) [1080p]
2024-03-02 17:29 - 2024-03-02 17:30 - 1445409432 _____ C:\Users\petrs\Downloads\[SubsPlease] Nozomanu Fushi no Boukensha - 09 (1080p) [8579C6AE].mkv
2024-03-02 17:29 - 2024-03-02 17:29 - 000086728 _____ C:\Users\petrs\Downloads\[EMBER _ AnimeKayo] Hello World - 01 [WOSUBS].ass
2024-03-02 17:28 - 2024-03-02 17:28 - 000034164 _____ C:\Users\petrs\Downloads\[SubsPlease] Nozomanu Fushi no Boukensha - 09 (720p) [97AD02E8].ass

==================== One month (modified) ==================

(If an entry is included in the fixlist, the file/folder will be moved.)

2024-03-27 17:07 - 2023-04-22 08:29 - 000000000 ____D C:\Users\petrs\AppData\Local\LogiOptionsPlus
2024-03-27 17:07 - 2023-04-14 20:08 - 000000000 ___RD C:\Users\petrs\OneDrive
2024-03-27 17:07 - 2023-04-14 20:06 - 000000000 ____D C:\Users\petrs\AppData\Local\Packages
2024-03-27 17:07 - 2023-04-14 19:25 - 000000000 ____D C:\ProgramData\Packages
2024-03-27 17:07 - 2022-05-07 06:24 - 000000000 ___HD C:\Program Files\WindowsApps
2024-03-27 17:07 - 2022-05-07 06:24 - 000000000 ____D C:\Windows\AppReadiness
2024-03-27 17:06 - 2023-04-14 20:01 - 000000000 ____D C:\Users\petrs
2024-03-27 17:06 - 2023-04-14 19:29 - 000000000 ____D C:\ProgramData\NVIDIA
2024-03-27 17:06 - 2023-04-14 19:23 - 000012288 ___SH C:\DumpStack.log.tmp
2024-03-27 17:06 - 2023-04-14 19:23 - 000000006 ____H C:\Windows\Tasks\SA.DAT
2024-03-27 17:06 - 2022-05-07 06:24 - 000000000 ____D C:\Windows\ServiceState
2024-03-27 17:06 - 2022-05-07 06:24 - 000000000 ____D C:\ProgramData\regid.1991-06.com.microsoft
2024-03-27 17:06 - 2022-05-07 06:17 - 000524288 _____ C:\Windows\system32\config\BBI
2024-03-27 16:53 - 2023-04-14 19:38 - 001718036 _____ C:\Windows\system32\PerfStringBackup.INI
2024-03-27 16:53 - 2022-05-07 06:22 - 000000000 ____D C:\Windows\INF
2024-03-27 16:46 - 2023-04-14 19:23 - 000000000 ____D C:\Windows\system32\SleepStudy
2024-03-27 16:15 - 2023-04-14 20:06 - 000000000 ____D C:\Users\petrs\AppData\Local\D3DSCache
2024-03-27 16:14 - 2022-05-07 06:24 - 000000000 ____D C:\Windows\SystemTemp
2024-03-27 16:13 - 2023-04-22 08:54 - 000000000 ____D C:\Users\petrs\Documents\Sticky Passwords
2024-03-27 16:13 - 2023-04-22 08:33 - 000000000 ____D C:\Users\petrs\AppData\Local\VirtualStore
2024-03-27 16:12 - 2023-04-23 10:06 - 000000000 ____D C:\Program Files\Microsoft OneDrive
2024-03-27 16:12 - 2023-04-14 19:25 - 000001607 _____ C:\Windows\system32\config\VSMIDK
2024-03-27 16:10 - 2023-04-22 08:29 - 000000000 ____D C:\ProgramData\Package Cache
2024-03-27 15:06 - 2022-05-07 06:24 - 000000000 ___HD C:\Windows\ELAMBKUP
2024-03-27 15:05 - 2023-10-21 19:18 - 000000000 ____D C:\Windows\Minidump
2024-03-27 15:05 - 2023-07-10 20:28 - 000000000 ____D C:\Users\petrs\AppData\Roaming\discord
2024-03-27 15:04 - 2023-10-19 19:56 - 000000000 ____D C:\Program Files\CCleaner
2024-03-26 08:16 - 2023-04-27 20:05 - 000000000 ____D C:\Users\petrs\AppData\Roaming\vlc
2024-03-26 08:15 - 2023-04-22 09:31 - 000003194 _____ C:\Windows\system32\Tasks\OneDrive Per-Machine Standalone Update Task
2024-03-26 08:15 - 2023-04-22 09:31 - 000002130 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Programs\OneDrive.lnk
2024-03-26 08:15 - 2023-04-14 20:08 - 000003592 _____ C:\Windows\system32\Tasks\OneDrive Reporting Task-S-1-5-21-2785552240-912787919-3056475977-1001
2024-03-25 22:16 - 2023-04-27 19:43 - 000000000 ____D C:\Users\petrs\AppData\Roaming\qBittorrent
2024-03-25 21:18 - 2023-04-14 19:24 - 000003640 _____ C:\Windows\system32\Tasks\MicrosoftEdgeUpdateTaskMachineUA
2024-03-25 21:18 - 2023-04-14 19:24 - 000003516 _____ C:\Windows\system32\Tasks\MicrosoftEdgeUpdateTaskMachineCore
2024-03-25 21:17 - 2023-04-22 09:35 - 000000000 ____D C:\Users\petrs\AppData\Roaming\Microsoft\Word
2024-03-25 20:44 - 2023-10-25 15:13 - 000000000 ____D C:\Users\petrs\AppData\Roaming\Microsoft\Excel
2024-03-21 12:45 - 2023-07-10 20:28 - 000000000 ____D C:\Users\petrs\AppData\Local\Discord
2024-03-20 20:24 - 2023-06-24 20:00 - 000004562 _____ C:\Windows\system32\Tasks\Adobe Acrobat Update Task
2024-03-20 20:24 - 2023-06-24 19:59 - 000002073 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Adobe Acrobat.lnk
2024-03-20 20:24 - 2023-06-24 19:59 - 000002061 _____ C:\Users\Public\Desktop\Adobe Acrobat.lnk
2024-03-19 19:28 - 2023-07-10 20:28 - 000002227 _____ C:\Users\petrs\Desktop\Discord.lnk
2024-03-19 14:34 - 2023-04-22 09:28 - 000000000 ____D C:\Program Files\Microsoft Office
2024-03-17 19:15 - 2023-06-24 20:15 - 000000000 ____D C:\Users\petrs\AppData\Roaming\com.adobe.dunamis
2024-03-17 11:23 - 2024-02-16 15:23 - 000263680 _____ (Microsoft Corporation) C:\Windows\system32\gamingservicesproxy_4.dll
2024-03-17 11:23 - 2023-05-06 20:20 - 002709096 _____ (Microsoft Corporation) C:\Windows\system32\xgameruntime.dll
2024-03-17 11:23 - 2023-05-06 20:20 - 000706152 _____ (Microsoft Corporation) C:\Windows\system32\gameplatformservices.dll
2024-03-17 11:23 - 2023-05-06 20:20 - 000218728 _____ (Microsoft Corporation) C:\Windows\system32\gameconfighelper.dll
2024-03-17 11:23 - 2023-05-06 20:20 - 000206440 _____ (Microsoft Corporation) C:\Windows\system32\gamelaunchhelper.dll
2024-03-17 11:23 - 2023-05-06 20:20 - 000145000 _____ (Microsoft Corporation) C:\Windows\system32\gamingtcuihelpers.dll
2024-03-17 11:23 - 2023-05-06 20:20 - 000108136 _____ (Microsoft Corporation) C:\Windows\system32\xgamehelper.exe
2024-03-17 11:23 - 2023-05-06 20:20 - 000075368 _____ (Microsoft Corporation) C:\Windows\system32\xgamecontrol.exe
2024-03-17 11:21 - 2023-04-14 19:24 - 000002436 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Microsoft Edge.lnk
2024-03-17 11:21 - 2023-04-14 19:24 - 000002274 _____ C:\Users\Public\Desktop\Microsoft Edge.lnk
2024-03-13 14:48 - 2022-05-07 06:24 - 000000000 ____D C:\ProgramData\USOPrivate
2024-03-13 14:33 - 2023-04-14 19:23 - 000350632 _____ C:\Windows\system32\FNTCACHE.DAT
2024-03-13 14:32 - 2024-02-01 16:15 - 000000000 ____D C:\Windows\en-GB
2024-03-13 14:32 - 2023-10-11 20:58 - 000000000 ____D C:\Windows\system32\Microsoft-Edge-WebView
2024-03-13 14:32 - 2022-05-07 06:24 - 000000000 ___RD C:\Windows\ImmersiveControlPanel
2024-03-13 14:32 - 2022-05-07 06:24 - 000000000 ____D C:\Windows\SysWOW64\Dism
2024-03-13 14:32 - 2022-05-07 06:24 - 000000000 ____D C:\Windows\SystemResources
2024-03-13 14:32 - 2022-05-07 06:24 - 000000000 ____D C:\Windows\system32\oobe
2024-03-13 14:32 - 2022-05-07 06:24 - 000000000 ____D C:\Windows\system32\appraiser
2024-03-13 14:32 - 2022-05-07 06:24 - 000000000 ____D C:\Windows\ShellExperiences
2024-03-13 14:32 - 2022-05-07 06:24 - 000000000 ____D C:\Windows\ShellComponents
2024-03-13 14:32 - 2022-05-07 06:24 - 000000000 ____D C:\Windows\bcastdvr
2024-03-13 14:32 - 2022-05-07 06:17 - 000000000 ____D C:\Windows\servicing
2024-03-13 11:22 - 2023-05-10 15:32 - 000000000 ____D C:\Windows\system32\MRT
2024-03-13 11:21 - 2023-04-22 11:07 - 190470136 ____C (Microsoft Corporation) C:\Windows\system32\MRT.exe
2024-03-13 10:20 - 2022-05-07 06:17 - 000000000 ____D C:\Windows\CbsTemp
2024-03-13 10:18 - 2023-04-14 19:25 - 003213824 _____ (Microsoft Corporation) C:\Windows\SysWOW64\PrintConfig.dll
2024-03-12 23:46 - 2023-04-14 19:23 - 000000000 ____D C:\Windows\system32\Drivers\wd
2024-03-08 13:36 - 2023-04-24 13:08 - 000000000 ____D C:\Windows\system32\Tasks\HP
2024-03-08 13:36 - 2023-04-24 13:08 - 000000000 ____D C:\Program Files\HPPrintScanDoctor

==================== SigCheck ============================

(There is no automatic fix for files that do not pass verification.)

==================== End of FRST.txt ========================

Additional scan result of Farbar Recovery Scan Tool (x64) Version: 25.03.2024
Ran by petrs (27-03-2024 17:10:31)
Running from C:\Users\petrs\Desktop
Microsoft Windows 11 Home Version 23H2 22631.3296 (X64) (2023-04-14 18:25:38)
Boot Mode: Normal
==========================================================


==================== Accounts: =============================


(If an entry is included in the fixlist, it will be removed.)

Administrator (S-1-5-21-2785552240-912787919-3056475977-500 - Administrator - Disabled)
DefaultAccount (S-1-5-21-2785552240-912787919-3056475977-503 - Limited - Disabled)
Guest (S-1-5-21-2785552240-912787919-3056475977-501 - Limited - Disabled)
petrs (S-1-5-21-2785552240-912787919-3056475977-1001 - Administrator - Enabled) => C:\Users\petrs
WDAGUtilityAccount (S-1-5-21-2785552240-912787919-3056475977-504 - Limited - Disabled)

==================== Security Center ========================

(If an entry is included in the fixlist, it will be removed.)

AV: ZoneAlarm NextGen (Disabled - Up to date) {5E1A3CFB-A963-5D99-A23F-7BA03B432F37}
AV: Windows Defender (Disabled - Up to date) {D68DDC3A-831F-4fae-9E44-DA132C1ACF46}
AV: ESET Security (Enabled - Up to date) {26E0861C-6FB9-CEF9-E4F0-531986211ACE}
FW: ZoneAlarm NextGen Firewall (Enabled) {319A450A-F6AA-7392-36CD-10C9B542E56D}
FW: ESET Firewall (Enabled) {1EDB0739-25D6-CFA1-CFAF-FA2C78F25DB5}

==================== Installed Programs ======================

(Only the adware programs with "Hidden" flag could be added to the fixlist to unhide them. The adware programs should be uninstalled manually.)

Adobe Acrobat (64-bit) (HKLM\...\{AC76BA86-1029-1033-7760-BC15014EA700}) (Version: 24.001.20615 - Adobe)
Adobe Refresh Manager (HKLM-x32\...\{AC76BA86-0804-1033-1959-018244601067}) (Version: 1.8.0 - Adobe Systems Incorporated) Hidden
Aegisub 3.2.2 (HKLM\...\{24BC8B57-716C-444F-B46B-A3349B9164C5}_is1) (Version: 3.2.2 - Aegisub Team)
AMD GPIO2 Driver (HKLM-x32\...\{E9DD399F-21A3-479E-A7DF-D6CF4B2ADBF3}) (Version: 2.2.0.130 - Advanced Micro Devices, Inc.) Hidden
AMD Chipset Software (HKLM-x32\...\AMD_Chipset_IODrivers) (Version: 5.01.29.2026 - Advanced Micro Devices, Inc.)
AMD PCI Driver (HKLM-x32\...\{80EC3CEE-2940-42A1-A776-B5D810D39F1E}) (Version: 1.0.0.90 - Advanced Micro Devices, Inc.) Hidden
AMD Ryzen Balanced Driver (HKLM-x32\...\{A171D320-C42C-4F3B-A2D8-C6A09F6788CC}) (Version: 8.0.0.13 - Advanced Micro Devices, Inc.) Hidden
AMD SBxxx SMBus Driver (HKLM-x32\...\{AAE0E27D-C88A-49BA-8715-77ADCD4286A3}) (Version: 5.12.0.38 - Advanced Micro Devices, Inc.) Hidden
AMD_Chipset_Drivers (HKLM-x32\...\{8de7ed70-e784-45ea-951c-088ea579e49a}) (Version: 5.01.29.2026 - Advanced Micro Devices, Inc.) Hidden
ANT Drivers Installer x64 (HKLM\...\{2D6E4C69-7E20-4EF0-938E-9C4887D6C8BB}) (Version: 2.3.4 - Garmin Ltd or its subsidiaries) Hidden
Balíček ovladače systému Windows - Dynastream Innovations, Inc. ANT LibUSB Drivers (04/11/2012 1.2.40.201) (HKLM\...\F9D2A789F9CFF8CEC36B544F53877C80F1F73C46) (Version: 04/11/2012 1.2.40.201 - Dynastream Innovations, Inc.)
Balíček ovladače systému Windows - Garmin (grmnusb) GARMIN Devices (04/19/2012 2.3.1.0) (HKLM\...\98157A226B40B173301B0F53C8E98C47805D5152) (Version: 04/19/2012 2.3.1.0 - Garmin)
Balíček ovladače systému Windows - Silicon Labs Software (DSI_SiUSBXp_3_1) USB (02/06/2007 3.1) (HKLM\...\D1506E0025B5A3F9EB8270FE81C1EEDD9388B8A2) (Version: 02/06/2007 3.1 - Silicon Labs Software)
CCleaner (HKLM\...\CCleaner) (Version: 6.17 - Piriform)
DAEMON Tools Lite (HKLM\...\DAEMON Tools Lite) (Version: 11.2.0.2105 - Disc Soft Ltd)
Discord (HKU\S-1-5-21-2785552240-912787919-3056475977-1001\...\Discord) (Version: 1.0.9013 - Discord Inc.)
Documentation Manager (HKLM\...\{30EDBBE7-D455-4B19-B6EC-EF0F4934ABFE}) (Version: 22.180.0.4 - Intel Corporation) Hidden
Elevated Installer (HKLM-x32\...\{A154BCFF-4EEF-4136-AAD0-98FB2FC765B5}) (Version: 7.18.1.0 - Garmin Ltd or its subsidiaries) Hidden
Epic Games Launcher (HKLM-x32\...\{C027033D-F5BC-4556-B302-84E6EC6BD4D4}) (Version: 1.3.67.0 - Epic Games, Inc.)
Epic Online Services (HKLM-x32\...\{4757C19B-4CE3-418C-91D2-E15E938091FB}) (Version: 2.0.39.0 - Epic Games, Inc.)
ESET Security (HKLM\...\{46FD9D9F-B21B-4A16-A0EE-29054278C714}) (Version: 17.1.9.0 - ESET, spol. s r.o.)
Fallout 4 v.1.10.163.0.1 (HKLM-x32\...\Fallout 4_is1) (Version: - )
Garmin Express (HKLM-x32\...\{0029982a-8785-49de-8510-2f4cc7385907}) (Version: 7.18.1.0 - Garmin Ltd or its subsidiaries)
Garmin Express (HKLM-x32\...\{E4FDC1CC-D41D-4ABE-B0A9-D63A375BD45B}) (Version: 7.18.1.0 - Garmin Ltd or its subsidiaries) Hidden
GOG GALAXY (HKLM-x32\...\{7258BA11-600C-430E-A759-27E2C691A335}_is1) (Version: 2.0.62.26 - GOG.com)
Check Point Early Launch Anti-Malware driver (HKLM-x32\...\{C08A1E50-6748-470E-8F9E-09CADEED73B1}) (Version: 8.68.63.1 - Check Point Software Technologies Ltd.) Hidden
Check Point SBA (HKLM\...\{2F60D5B1-CDEC-48A9-8D4B-4141C7DAAC23}) (Version: 86.72.603 - Check Point Software Technologies Ltd.) Hidden
Intel(R) Network Connections 26.2.0.1 (HKLM\...\{AC44C09E-6D45-4F0F-8749-C3DF69A55FDE}) (Version: 26.2.0.1 - Intel) Hidden
Intel(R) Network Connections 26.2.0.1 (HKLM\...\PROSetDX) (Version: 26.2.0.1 - Intel)
Intel(R) Wireless Bluetooth(R) (HKLM-x32\...\{00000180-0220-1029-84C8-B8D95FA3C8C3}) (Version: 22.180.0.2 - Intel Corporation)
Intel® Software Installer (HKLM-x32\...\{6c1d0e1a-8811-4048-902c-f970d54b83f4}) (Version: 22.180.0.4 - Intel Corporation) Hidden
Java 8 Update 371 (64-bit) (HKLM\...\{71124AE4-039E-4CA4-87B4-2F64180371F0}) (Version: 8.0.3710.11 - Oracle Corporation)
Launcher Prerequisites (x64) (HKLM-x32\...\{43a03b9c-4770-409c-a999-587b60700b63}) (Version: 1.0.0.0 - Epic Games, Inc.) Hidden
Logi Options+ (HKLM\...\{850cdc16-85df-4052-b06e-4e3e9e83c5c6}) (Version: 1.66.531337 - Logitech)
Medieval Dynasty (HKLM-x32\...\1224667888_is1) (Version: 1.5.2.2 - GOG.com)
Metro Exodus - Sam's Story (HKLM-x32\...\1414471894_is1) (Version: 3.0.7.24 - GOG.com)
Metro Exodus - The Two Colonels (HKLM-x32\...\2063590233_is1) (Version: 3.0.7.24 - GOG.com)
Metro Exodus (HKLM-x32\...\1407287452_is1) (Version: 3.0.7.24 - GOG.com)
Microsoft Edge (HKLM-x32\...\Microsoft Edge) (Version: 122.0.2365.92 - Microsoft Corporation)
Microsoft Edge WebView2 Runtime (HKLM-x32\...\Microsoft EdgeWebView) (Version: 122.0.2365.92 - Microsoft Corporation)
Microsoft GameInput (HKLM-x32\...\{1F2B6AF3-C260-8666-5950-E3FEDBC851D6}) (Version: 10.1.22621.3036 - Microsoft Corporation)
Microsoft Office pro studenty a domácnosti 2021 - cs-cz (HKLM\...\HomeStudent2021Retail - cs-cz) (Version: 16.0.17328.20184 - Microsoft Corporation)
Microsoft OneDrive (HKLM\...\OneDriveSetup.exe) (Version: 24.050.0310.0001 - Microsoft Corporation)
Microsoft Update Health Tools (HKLM\...\{C6FD611E-7EFE-488C-A0E0-974C09EF6473}) (Version: 5.72.0.0 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.6161 (HKLM-x32\...\{9BE518E6-ECC6-35A9-88E4-87755C07200F}) (Version: 9.0.30729.6161 - Microsoft Corporation)
Microsoft Visual C++ 2010 x64 Redistributable - 10.0.40219 (HKLM\...\{1D8E6291-B0D5-35EC-8441-6616F567A0F7}) (Version: 10.0.40219 - Microsoft Corporation)
Microsoft Visual C++ 2010 x86 Redistributable - 10.0.40219 (HKLM-x32\...\{F0C3E5D1-1ADE-321E-8167-68EF0DE699A5}) (Version: 10.0.40219 - Microsoft Corporation)
Microsoft Visual C++ 2012 Redistributable (x64) - 11.0.61030 (HKLM-x32\...\{ca67548a-5ebe-413a-b50c-4b9ceb6d66c6}) (Version: 11.0.61030.0 - Microsoft Corporation)
Microsoft Visual C++ 2012 Redistributable (x86) - 11.0.61030 (HKLM-x32\...\{33d1fd90-4274-48a1-9bc1-97e33d9c2d6f}) (Version: 11.0.61030.0 - Microsoft Corporation)
Microsoft Visual C++ 2012 x64 Additional Runtime - 11.0.61030 (HKLM\...\{37B8F9C7-03FB-3253-8781-2517C99D7C00}) (Version: 11.0.61030 - Microsoft Corporation) Hidden
Microsoft Visual C++ 2012 x64 Minimum Runtime - 11.0.61030 (HKLM\...\{CF2BEA3C-26EA-32F8-AA9B-331F7E34BA97}) (Version: 11.0.61030 - Microsoft Corporation) Hidden
Microsoft Visual C++ 2012 x86 Additional Runtime - 11.0.61030 (HKLM-x32\...\{B175520C-86A2-35A7-8619-86DC379688B9}) (Version: 11.0.61030 - Microsoft Corporation) Hidden
Microsoft Visual C++ 2012 x86 Minimum Runtime - 11.0.61030 (HKLM-x32\...\{BD95A8CD-1D9F-35AD-981A-3E7925026EBB}) (Version: 11.0.61030 - Microsoft Corporation) Hidden
Microsoft Visual C++ 2013 Redistributable (x86) - 12.0.30501 (HKLM-x32\...\{f65db027-aff3-4070-886a-0d87064aabb1}) (Version: 12.0.30501.0 - Microsoft Corporation)
Microsoft Visual C++ 2013 x86 Additional Runtime - 12.0.21005 (HKLM-x32\...\{F8CFEB22-A2E7-3971-9EDA-4B11EDEFC185}) (Version: 12.0.21005 - Microsoft Corporation) Hidden
Microsoft Visual C++ 2013 x86 Minimum Runtime - 12.0.21005 (HKLM-x32\...\{13A4EE12-23EA-3371-91EE-EFB36DDFFF3E}) (Version: 12.0.21005 - Microsoft Corporation) Hidden
Microsoft Visual C++ 2015-2022 Redistributable (x64) - 14.36.32532 (HKLM-x32\...\{8bdfe669-9705-4184-9368-db9ce581e0e7}) (Version: 14.36.32532.0 - Microsoft Corporation)
Microsoft Visual C++ 2015-2022 Redistributable (x86) - 14.36.32532 (HKLM-x32\...\{410c0ee1-00bb-41b6-9772-e12c2828b02f}) (Version: 14.36.32532.0 - Microsoft Corporation)
Microsoft Visual C++ 2022 X64 Additional Runtime - 14.36.32532 (HKLM\...\{0025DD72-A959-45B5-A0A3-7EFEB15A8050}) (Version: 14.36.32532 - Microsoft Corporation) Hidden
Microsoft Visual C++ 2022 X64 Minimum Runtime - 14.36.32532 (HKLM\...\{D5D19E2F-7189-42FE-8103-92CD1FA457C2}) (Version: 14.36.32532 - Microsoft Corporation) Hidden
Microsoft Visual C++ 2022 X86 Additional Runtime - 14.36.32532 (HKLM-x32\...\{C2C59CAB-8766-4ABD-A8EF-1151A36C41E5}) (Version: 14.36.32532 - Microsoft Corporation) Hidden
Microsoft Visual C++ 2022 X86 Minimum Runtime - 14.36.32532 (HKLM-x32\...\{73F77E4E-5A17-46E5-A5FC-8A061047725F}) (Version: 14.36.32532 - Microsoft Corporation) Hidden
Mozilla Firefox (x64 cs) (HKLM\...\Mozilla Firefox 122.0 (x64 cs)) (Version: 122.0 - Mozilla)
Mozilla Maintenance Service (HKLM\...\MozillaMaintenanceService) (Version: 112.0.2 - Mozilla)
Northgard verze 3.2.8.34322 (HKLM\...\{6E63E6E3-B8E8-4D19-8FD2-E644C2CDBA37}_is1) (Version: 3.2.8.34322 - Threadt)
NVIDIA FrameView SDK 1.3.8513.32290073 (HKLM\...\{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_FrameViewSdk) (Version: 1.3.8513.32290073 - NVIDIA Corporation)
NVIDIA GeForce Experience 3.27.0.120 (HKLM\...\{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_Display.GFExperience) (Version: 3.27.0.120 - NVIDIA Corporation)
NVIDIA Ovladač HD audia 1.3.40.14 (HKLM\...\{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_HDAudio.Driver) (Version: 1.3.40.14 - NVIDIA Corporation)
NVIDIA Ovladače grafiky 536.23 (HKLM\...\{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_Display.Driver) (Version: 536.23 - NVIDIA Corporation)
NVIDIA Systémový software PhysX 9.21.0713 (HKLM\...\{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_Display.PhysX) (Version: 9.21.0713 - NVIDIA Corporation)
NVIDIA USBC Driver 1.50.831.832 (HKLM\...\{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_USBC) (Version: 1.50.831.832 - NVIDIA Corporation)
Office 16 Click-to-Run Extensibility Component (HKLM\...\{90160000-008C-0000-1000-0000000FF1CE}) (Version: 16.0.17328.20142 - Microsoft Corporation) Hidden
Office 16 Click-to-Run Licensing Component (HKLM\...\{90160000-007E-0000-1000-0000000FF1CE}) (Version: 16.0.17328.20108 - Microsoft Corporation) Hidden
qBittorrent (HKLM-x32\...\qBittorrent) (Version: 4.6.3 - The qBittorrent project)
Realtek Audio Driver (HKLM-x32\...\{F132AF7F-7BCA-4EDE-8A7C-958108FE7DBC}) (Version: 6.0.9492.1 - Realtek Semiconductor Corp.)
Steam (HKLM-x32\...\Steam) (Version: 2.10.91.91 - Valve Corporation)
Sticky Password 8.8.4.1676 (HKLM-x32\...\Sticky Password_is1) (Version: 8.8.4.1676 - Lamantine Software)
UE4 Prerequisites (x64) (HKLM\...\{36EAD5CF-44EF-4FCF-8BE1-D96C4835D7A4}) (Version: 1.0.11.0 - Epic Games, Inc.) Hidden
UE4 Prerequisites (x64) (HKLM-x32\...\{2890ae6b-90e9-448d-b3e6-97e43c21e2fd}) (Version: 1.0.13.0 - Epic Games, Inc.) Hidden
VLC media player (HKLM\...\VLC media player) (Version: 3.0.18 - VideoLAN)
WinRAR 6.21 (64-bit) (HKLM\...\WinRAR archiver) (Version: 6.21.0 - win.rar GmbH)
ZoneAlarm Update Helper (HKLM-x32\...\{A92DAB39-4E2C-4304-9AB6-BC44E68B55E2}) (Version: 1.3.99.0 - Check Point Software Ltd.) Hidden

Packages:
=========

Adobe Acrobat Reader -> C:\Program Files\Adobe\Acrobat DC [2024-03-17] ()
Dev Home -> C:\Program Files\WindowsApps\Microsoft.Windows.DevHome_0.1200.442.0_x64__8wekyb3d8bbwe [2024-03-20] (Microsoft Corporation)
ESET Context Menu -> C:\Program Files\ESET\ESET Security [2024-03-27] (Sparse Package)
ESPN -> C:\Program Files\WindowsApps\22364Disney.ESPNBetaPWA_16.0.1.0_neutral__6rarf9sa4v8jt [2024-03-13] (Disney)
HP Smart -> C:\Program Files\WindowsApps\AD2F1837.HPPrinterControl_152.1.1099.0_x64__v10z8vjag6ke6 [2024-03-08] (HP Inc.)
Microsoft Family -> C:\Program Files\WindowsApps\MicrosoftCorporationII.MicrosoftFamily_0.2.40.0_x64__8wekyb3d8bbwe [2023-09-14] (Microsoft Corp.)
Microsoft Teams Play Together -> C:\Program Files\WindowsApps\Microsoft.TeamsXboxGameBarWidget_1.2402.801.0_x64__8wekyb3d8bbwe [2024-02-22] (Microsoft Corporation)
Microsoft.WindowsAppRuntime.CBS -> C:\Windows\SystemApps\Microsoft.WindowsAppRuntime.CBS_8wekyb3d8bbwe [2024-03-13] (Microsoft Corporation)
MicrosoftWindows.CrossDevice -> C:\Program Files\WindowsApps\MicrosoftWindows.CrossDevice_1.24022.90.0_x64__cw5n1h2txyewy [2024-03-27] (Microsoft Windows) [Startup Task]
Minecraft Launcher -> C:\Program Files\WindowsApps\Microsoft.4297127D64EC6_1.7.2.0_x64__8wekyb3d8bbwe [2023-12-21] (Microsoft Studios)
NVIDIA Control Panel -> C:\Program Files\WindowsApps\NVIDIACorp.NVIDIAControlPanel_8.1.965.0_x64__56jybvy8sckqj [2024-03-25] (NVIDIA Corp.)
Spotify Music -> C:\Program Files\WindowsApps\SpotifyAB.SpotifyMusic_1.233.1042.0_x64__zpdnekdrzrea0 [2024-03-26] (Spotify AB) [Startup Task]
Windows Feature Experience Pack -> C:\Windows\SystemApps\MicrosoftWindows.Client.FileExp_cw5n1h2txyewy [2024-03-13] (Microsoft Corporation)
WinRAR -> C:\Program Files\WinRAR [2023-04-22] (win.rar GmbH)

==================== Custom CLSID (Whitelisted): ==============

(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)

CustomCLSID: HKU\S-1-5-21-2785552240-912787919-3056475977-1001_Classes\CLSID\{38142727-3008-9161-1521-349515000000}\localserver32 -> C:\Program Files\Adobe\Acrobat DC\Acrobat\ADNotificationManager.exe (Adobe Inc. -> Adobe)
ShellIconOverlayIdentifiers: [ OneDrive1] -> {BBACC218-34EA-4666-9D7A-C78F2274A524} => C:\Program Files\Microsoft OneDrive\24.050.0310.0001\FileSyncShell64.dll [2024-03-26] (Microsoft Corporation -> Microsoft Corporation)
ShellIconOverlayIdentifiers: [ OneDrive2] -> {5AB7172C-9C11-405C-8DD5-AF20F3606282} => C:\Program Files\Microsoft OneDrive\24.050.0310.0001\FileSyncShell64.dll [2024-03-26] (Microsoft Corporation -> Microsoft Corporation)
ShellIconOverlayIdentifiers: [ OneDrive3] -> {A78ED123-AB77-406B-9962-2A5D9D2F7F30} => C:\Program Files\Microsoft OneDrive\24.050.0310.0001\FileSyncShell64.dll [2024-03-26] (Microsoft Corporation -> Microsoft Corporation)
ShellIconOverlayIdentifiers: [ OneDrive4] -> {F241C880-6982-4CE5-8CF7-7085BA96DA5A} => C:\Program Files\Microsoft OneDrive\24.050.0310.0001\FileSyncShell64.dll [2024-03-26] (Microsoft Corporation -> Microsoft Corporation)
ShellIconOverlayIdentifiers: [ OneDrive5] -> {A0396A93-DC06-4AEF-BEE9-95FFCCAEF20E} => C:\Program Files\Microsoft OneDrive\24.050.0310.0001\FileSyncShell64.dll [2024-03-26] (Microsoft Corporation -> Microsoft Corporation)
ShellIconOverlayIdentifiers: [ OneDrive6] -> {9AA2F32D-362A-42D9-9328-24A483E2CCC3} => C:\Program Files\Microsoft OneDrive\24.050.0310.0001\FileSyncShell64.dll [2024-03-26] (Microsoft Corporation -> Microsoft Corporation)
ShellIconOverlayIdentifiers: [ OneDrive7] -> {C5FF006E-2AE9-408C-B85B-2DFDD5449D9C} => C:\Program Files\Microsoft OneDrive\24.050.0310.0001\FileSyncShell64.dll [2024-03-26] (Microsoft Corporation -> Microsoft Corporation)
ShellIconOverlayIdentifiers-x32: [ OneDrive1] -> {BBACC218-34EA-4666-9D7A-C78F2274A524} => C:\Program Files\Microsoft OneDrive\24.050.0310.0001\FileSyncShell64.dll [2024-03-26] (Microsoft Corporation -> Microsoft Corporation)
ShellIconOverlayIdentifiers-x32: [ OneDrive2] -> {5AB7172C-9C11-405C-8DD5-AF20F3606282} => C:\Program Files\Microsoft OneDrive\24.050.0310.0001\FileSyncShell64.dll [2024-03-26] (Microsoft Corporation -> Microsoft Corporation)
ShellIconOverlayIdentifiers-x32: [ OneDrive3] -> {A78ED123-AB77-406B-9962-2A5D9D2F7F30} => C:\Program Files\Microsoft OneDrive\24.050.0310.0001\FileSyncShell64.dll [2024-03-26] (Microsoft Corporation -> Microsoft Corporation)
ShellIconOverlayIdentifiers-x32: [ OneDrive4] -> {F241C880-6982-4CE5-8CF7-7085BA96DA5A} => C:\Program Files\Microsoft OneDrive\24.050.0310.0001\FileSyncShell64.dll [2024-03-26] (Microsoft Corporation -> Microsoft Corporation)
ShellIconOverlayIdentifiers-x32: [ OneDrive5] -> {A0396A93-DC06-4AEF-BEE9-95FFCCAEF20E} => C:\Program Files\Microsoft OneDrive\24.050.0310.0001\FileSyncShell64.dll [2024-03-26] (Microsoft Corporation -> Microsoft Corporation)
ShellIconOverlayIdentifiers-x32: [ OneDrive6] -> {9AA2F32D-362A-42D9-9328-24A483E2CCC3} => C:\Program Files\Microsoft OneDrive\24.050.0310.0001\FileSyncShell64.dll [2024-03-26] (Microsoft Corporation -> Microsoft Corporation)
ShellIconOverlayIdentifiers-x32: [ OneDrive7] -> {C5FF006E-2AE9-408C-B85B-2DFDD5449D9C} => C:\Program Files\Microsoft OneDrive\24.050.0310.0001\FileSyncShell64.dll [2024-03-26] (Microsoft Corporation -> Microsoft Corporation)
ContextMenuHandlers1: [ FileSyncEx] -> {CB3D0F55-BC2C-4C1A-85ED-23ED75B5106B} => C:\Program Files\Microsoft OneDrive\24.050.0310.0001\FileSyncShell64.dll [2024-03-26] (Microsoft Corporation -> Microsoft Corporation)
ContextMenuHandlers1: [ESET Security Shell] -> {B089FE88-FB52-11D3-BDF1-0050DA34150D} => C:\Program Files\ESET\ESET Security\shellExt.dll [2024-03-25] (ESET, spol. s r.o. -> ESET)
ContextMenuHandlers1: [ZANGShExt] -> {3c97ffb1-30b1-42f2-8d2d-f843f72bf986} => C:\Program Files (x86)\CheckPoint\ZANG\Common\ZANGShExt.dll [2024-02-20] (Check Point Software Technologies Ltd. -> Check Point Software Technologies Ltd.)
ContextMenuHandlers2: [DaemonShellExtDriveLite] -> {C06369D6-E77D-4626-9656-1256312BD576} => C:\Program Files\DAEMON Tools Lite\dtshl64.dll [2023-10-11] (AVB Disc Soft, SIA -> Disc Soft FZE LLC)
ContextMenuHandlers2: [ESET Security Shell] -> {B089FE88-FB52-11D3-BDF1-0050DA34150D} => C:\Program Files\ESET\ESET Security\shellExt.dll [2024-03-25] (ESET, spol. s r.o. -> ESET)
ContextMenuHandlers3: [DaemonShellExtImageLite] -> {1D1B5D7B-0FC9-452E-902C-12BACD4FBC20} => C:\Program Files\DAEMON Tools Lite\dtshl64.dll [2023-10-11] (AVB Disc Soft, SIA -> Disc Soft FZE LLC)
ContextMenuHandlers4: [ FileSyncEx] -> {CB3D0F55-BC2C-4C1A-85ED-23ED75B5106B} => C:\Program Files\Microsoft OneDrive\24.050.0310.0001\FileSyncShell64.dll [2024-03-26] (Microsoft Corporation -> Microsoft Corporation)
ContextMenuHandlers5: [ FileSyncEx] -> {CB3D0F55-BC2C-4C1A-85ED-23ED75B5106B} => C:\Program Files\Microsoft OneDrive\24.050.0310.0001\FileSyncShell64.dll [2024-03-26] (Microsoft Corporation -> Microsoft Corporation)
ContextMenuHandlers5: [NvCplDesktopContext] -> {3D1975AF-48C6-4f8e-A182-BE0E08FA86A9} => C:\Windows\System32\DriverStore\FileRepository\nvmdi.inf_amd64_04ffae6d80cb7adc\nvshext.dll [2023-06-09] (NVIDIA Corporation -> NVIDIA Corporation)
ContextMenuHandlers6: [ESET Security Shell] -> {B089FE88-FB52-11D3-BDF1-0050DA34150D} => C:\Program Files\ESET\ESET Security\shellExt.dll [2024-03-25] (ESET, spol. s r.o. -> ESET)
ContextMenuHandlers6: [ZANGShExt] -> {3c97ffb1-30b1-42f2-8d2d-f843f72bf986} => C:\Program Files (x86)\CheckPoint\ZANG\Common\ZANGShExt.dll [2024-02-20] (Check Point Software Technologies Ltd. -> Check Point Software Technologies Ltd.)

==================== Codecs (Whitelisted) ====================

==================== Shortcuts & WMI ========================

(The entries could be listed to be restored or removed.)

Shortcut: C:\Users\petrs\Desktop\НастройкиFallout 4.lnk -> E:\Hry\Fallout 4\Fallout4Launcher.exe (Bethesda Softworks) <==== Cyrillic

==================== Loaded Modules (Whitelisted) =============

2024-03-27 15:06 - 2024-03-27 15:06 - 005855744 _____ (ESET, spol. s r.o. -> ESET) [File not signed] C:\Program Files\ESET\ESET Security\Modules\em045_64\1087\em045_64.dll
2023-01-29 14:46 - 2023-01-29 14:46 - 001156608 _____ (Robert Simpson, et al.) [File not signed] C:\Program Files (x86)\CheckPoint\Endpoint Security\TPCommon\SQLite\SQLite.Interop.dll
2024-02-20 17:52 - 2024-02-20 17:52 - 001156608 _____ (Robert Simpson, et al.) [File not signed] C:\Program Files (x86)\CheckPoint\ZANG\Common\x86\SQLite.Interop.dll
2024-02-09 19:52 - 2024-02-09 19:52 - 001156608 _____ (Robert Simpson, et al.) [File not signed] C:\Program Files (x86)\CheckPoint\ZANG\UI\x86\SQLite.Interop.dll

==================== Alternate Data Streams (Whitelisted) ========

==================== Safe Mode (Whitelisted) ==================

==================== Association (Whitelisted) =================

==================== Internet Explorer (Whitelisted) ==========

BHO: Java(tm) Plug-In SSV Helper -> {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} -> C:\Program Files\Java\jre-1.8\bin\ssv.dll [2023-03-17] (Oracle America, Inc. -> Oracle Corporation)
BHO: Java(tm) Plug-In 2 SSV Helper -> {DBC80044-A445-435b-BC74-9C25C1C588A9} -> C:\Program Files\Java\jre-1.8\bin\jp2ssv.dll [2023-03-17] (Oracle America, Inc. -> Oracle Corporation)
BHO-x32: Skype for Business Browser Helper -> {31D09BA0-12F5-4CCE-BE8A-2923E76605DA} -> C:\Program Files\Microsoft Office\root\VFS\ProgramFilesX86\Microsoft Office\Office16\OCHelper.dll [2024-01-31] (Microsoft Corporation -> Microsoft Corporation)
Handler: mso-minsb-roaming.16 - {83C25742-A9F7-49FB-9138-434302C88D07} - C:\Program Files\Microsoft Office\root\Office16\MSOSB.DLL [2024-03-07] (Microsoft Corporation -> Microsoft Corporation)
Handler-x32: mso-minsb-roaming.16 - {83C25742-A9F7-49FB-9138-434302C88D07} - C:\Program Files\Microsoft Office\root\VFS\ProgramFilesX86\Microsoft Office\Office16\MSOSB.DLL [2024-03-07] (Microsoft Corporation -> Microsoft Corporation)
Handler: mso-minsb.16 - {42089D2D-912D-4018-9087-2B87803E93FB} - C:\Program Files\Microsoft Office\root\Office16\MSOSB.DLL [2024-03-07] (Microsoft Corporation -> Microsoft Corporation)
Handler-x32: mso-minsb.16 - {42089D2D-912D-4018-9087-2B87803E93FB} - C:\Program Files\Microsoft Office\root\VFS\ProgramFilesX86\Microsoft Office\Office16\MSOSB.DLL [2024-03-07] (Microsoft Corporation -> Microsoft Corporation)
Handler: osf-roaming.16 - {42089D2D-912D-4018-9087-2B87803E93FB} - C:\Program Files\Microsoft Office\root\Office16\MSOSB.DLL [2024-03-07] (Microsoft Corporation -> Microsoft Corporation)
Handler-x32: osf-roaming.16 - {42089D2D-912D-4018-9087-2B87803E93FB} - C:\Program Files\Microsoft Office\root\VFS\ProgramFilesX86\Microsoft Office\Office16\MSOSB.DLL [2024-03-07] (Microsoft Corporation -> Microsoft Corporation)
Handler: osf.16 - {5504BE45-A83B-4808-900A-3A5C36E7F77A} - C:\Program Files\Microsoft Office\root\Office16\MSOSB.DLL [2024-03-07] (Microsoft Corporation -> Microsoft Corporation)
Handler-x32: osf.16 - {5504BE45-A83B-4808-900A-3A5C36E7F77A} - C:\Program Files\Microsoft Office\root\VFS\ProgramFilesX86\Microsoft Office\Office16\MSOSB.DLL [2024-03-07] (Microsoft Corporation -> Microsoft Corporation)

==================== Hosts content: =========================

(If needed Hosts: directive could be included in the fixlist to reset Hosts.)

2022-05-07 06:24 - 2022-05-07 06:22 - 000000824 _____ C:\Windows\system32\drivers\etc\hosts

==================== Other Areas ===========================

(Currently there is no automatic fix for this section.)

HKLM\System\CurrentControlSet\Control\Session Manager\Environment\\Path -> C:\Program Files (x86)\Common Files\Oracle\Java\javapath;C:\Windows\system32;C:\Windows;C:\Windows\System32\Wbem;C:\Windows\System32\WindowsPowerShell\v1.0\;C:\Windows\System32\OpenSSH\;C:\Program Files\NVIDIA Corporation\NVIDIA NvDLISR;C:\Program Files (x86)\NVIDIA Corporation\PhysX\Common
HKU\S-1-5-21-2785552240-912787919-3056475977-1001\Control Panel\Desktop\\Wallpaper -> D:\Všechny rodinné fotky nemazat !!!\Stanovnice 2008 Léto\Stanovnice VII 08 029.jpg
DNS Servers: 192.168.1.1
HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Policies\System => (ConsentPromptBehaviorAdmin: 5) (ConsentPromptBehaviorUser: 3) (EnableLUA: 1)
Windows Firewall is disabled.

==================== MSCONFIG/TASK MANAGER disabled items ==

==================== FirewallRules (Whitelisted) ================

(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)

FirewallRules: [{6CB0B561-0592-4BDD-B619-C8E3E07EF0B2}] => (Allow) C:\Program Files\LogiOptionsPlus\logioptionsplus_agent.exe (Logitech Inc -> Logitech, Inc.)
FirewallRules: [{61BF0263-F05F-46B4-82EB-E034471D1499}] => (Allow) C:\Program Files\NVIDIA Corporation\NvContainer\nvcontainer.exe (NVIDIA Corporation -> NVIDIA Corporation)
FirewallRules: [{F9731812-D9FF-4110-916A-A7A3544E5CF7}] => (Allow) C:\Program Files\NVIDIA Corporation\NvContainer\nvcontainer.exe (NVIDIA Corporation -> NVIDIA Corporation)
FirewallRules: [{1F59F503-46C1-46D2-8CD3-21C1BFF0452E}] => (Allow) C:\Program Files\Mozilla Firefox\firefox.exe (Mozilla Corporation -> Mozilla Corporation)
FirewallRules: [{791FB0FB-49C8-4DD7-9262-3225200D8D76}] => (Allow) C:\Program Files\Mozilla Firefox\firefox.exe (Mozilla Corporation -> Mozilla Corporation)
FirewallRules: [{0026DF3C-A56E-4976-AB96-623922E24110}] => (Allow) E:\Hry\Steam.exe (Valve Corp. -> Valve Corporation)
FirewallRules: [{8D0C5721-3482-4F65-9865-040F76573A61}] => (Allow) E:\Hry\Steam.exe (Valve Corp. -> Valve Corporation)
FirewallRules: [{07BFE2C2-E517-440D-8BDE-23B5C89599A2}] => (Allow) E:\Hry\bin\cef\cef.win7x64\steamwebhelper.exe (Valve Corp. -> Valve Corporation)
FirewallRules: [{C2A2E3C9-3903-4197-9DA0-0FAD0BF3207F}] => (Allow) E:\Hry\bin\cef\cef.win7x64\steamwebhelper.exe (Valve Corp. -> Valve Corporation)
FirewallRules: [{7568F6F9-8484-41E4-9520-91264DE98029}] => (Allow) E:\Hry\steamapps\common\Hogwarts Legacy\HogwartsLegacy.exe (Warner Bros. Interactive) [File not signed]
FirewallRules: [{7E3DBE9D-BAE8-4684-B64F-AED4E5DC4DAB}] => (Allow) E:\Hry\steamapps\common\Hogwarts Legacy\HogwartsLegacy.exe (Warner Bros. Interactive) [File not signed]
FirewallRules: [{16823495-B5F8-4CC7-A7DA-745790937911}] => (Allow) E:\Hry\steamapps\common\VRChat\launch.exe () [File not signed]
FirewallRules: [{65EC1B8C-8BA9-4A74-8041-ED68689A1C08}] => (Allow) E:\Hry\steamapps\common\VRChat\launch.exe () [File not signed]
FirewallRules: [TCP Query User{11F9593C-1625-4C08-B581-7088DC39C9AA}C:\program files\qbittorrent\qbittorrent.exe] => (Block) C:\program files\qbittorrent\qbittorrent.exe (The qBittorrent Project) [File not signed]
FirewallRules: [UDP Query User{C3DF1A79-951C-4DC2-A8E2-B65F0082CB7C}C:\program files\qbittorrent\qbittorrent.exe] => (Block) C:\program files\qbittorrent\qbittorrent.exe (The qBittorrent Project) [File not signed]
FirewallRules: [TCP Query User{8FAF17B1-78CC-4D89-8EBB-D9CFA076458B}E:\hry\epic games\launcher\engine\binaries\win64\epicwebhelper.exe] => (Allow) E:\hry\epic games\launcher\engine\binaries\win64\epicwebhelper.exe (Epic Games Inc. -> Epic Games, Inc.)
FirewallRules: [UDP Query User{55E199DE-CCEC-4588-80A6-B668E569F5FD}E:\hry\epic games\launcher\engine\binaries\win64\epicwebhelper.exe] => (Allow) E:\hry\epic games\launcher\engine\binaries\win64\epicwebhelper.exe (Epic Games Inc. -> Epic Games, Inc.)
FirewallRules: [{9F9F1179-26C7-47F8-8144-E72ECF52E1C4}] => (Allow) C:\Program Files\DAEMON Tools Lite\DiscSoftBusServiceLite.exe (AVB Disc Soft, SIA -> Disc Soft FZE LLC)
FirewallRules: [{5A9F8DF5-3C82-48DB-94E3-C5892CD675A3}] => (Allow) C:\Program Files\DAEMON Tools Lite\DiscSoftBusServiceLite.exe (AVB Disc Soft, SIA -> Disc Soft FZE LLC)
FirewallRules: [TCP Query User{36FC7988-02DF-4B1A-8004-9E58126B1BF0}C:\users\petrs\appdata\local\packages\microsoft.4297127d64ec6_8wekyb3d8bbwe\localcache\local\runtime\java-runtime-gamma\windows-x64\java-runtime-gamma\bin\javaw.exe] => (Allow) C:\users\petrs\appdata\local\packages\microsoft.4297127d64ec6_8wekyb3d8bbwe\localcache\local\runtime\java-runtime-gamma\windows-x64\java-runtime-gamma\bin\javaw.exe
FirewallRules: [UDP Query User{1AE7DD89-F5AF-42F4-9261-2407562E1C4E}C:\users\petrs\appdata\local\packages\microsoft.4297127d64ec6_8wekyb3d8bbwe\localcache\local\runtime\java-runtime-gamma\windows-x64\java-runtime-gamma\bin\javaw.exe] => (Allow) C:\users\petrs\appdata\local\packages\microsoft.4297127d64ec6_8wekyb3d8bbwe\localcache\local\runtime\java-runtime-gamma\windows-x64\java-runtime-gamma\bin\javaw.exe
FirewallRules: [{B5FAA428-A6A5-457E-B7D3-91CD6A7421B9}] => (Allow) C:\Program Files\NVIDIA Corporation\NvContainer\nvcontainer.exe (NVIDIA Corporation -> NVIDIA Corporation)
FirewallRules: [{4EA6C1E4-3D86-4C5F-8826-960E94001B64}] => (Allow) C:\Program Files\NVIDIA Corporation\NvContainer\nvcontainer.exe (NVIDIA Corporation -> NVIDIA Corporation)
FirewallRules: [{4E5A36F7-DB24-48EF-974E-786496C25D2D}] => (Allow) C:\Program Files\NVIDIA Corporation\NvStreamSrv\nvstreamer.exe (NVIDIA Corporation -> NVIDIA Corporation)
FirewallRules: [{B3708D0F-88E0-4A06-9A4E-C34B7AA77CC6}] => (Allow) C:\Program Files\NVIDIA Corporation\NvStreamSrv\nvstreamer.exe (NVIDIA Corporation -> NVIDIA Corporation)
FirewallRules: [{8C028B2F-6CA0-43FC-90A1-B077890DB941}] => (Allow) E:\Hry\steamapps\common\Poppy Playtime - Multiplayer\Playtime_Multiplayer.exe (EasyAntiCheat Oy -> Epic Games, Inc.)
FirewallRules: [{14EB1F0D-D709-447F-AFEA-3DFB9DE8C7D8}] => (Allow) E:\Hry\steamapps\common\Poppy Playtime - Multiplayer\Playtime_Multiplayer.exe (EasyAntiCheat Oy -> Epic Games, Inc.)
FirewallRules: [TCP Query User{39099541-348F-4A81-AB48-E6463C8595CB}E:\hry\steamapps\common\poppy playtime - multiplayer\playtime_multiplayer\binaries\win64\playtime_multiplayer-win64-shipping.exe] => (Allow) E:\hry\steamapps\common\poppy playtime - multiplayer\playtime_multiplayer\binaries\win64\playtime_multiplayer-win64-shipping.exe (Epic Games, Inc.) [File not signed]
FirewallRules: [UDP Query User{170B4B36-F066-464E-A87B-77152AAD1D65}E:\hry\steamapps\common\poppy playtime - multiplayer\playtime_multiplayer\binaries\win64\playtime_multiplayer-win64-shipping.exe] => (Allow) E:\hry\steamapps\common\poppy playtime - multiplayer\playtime_multiplayer\binaries\win64\playtime_multiplayer-win64-shipping.exe (Epic Games, Inc.) [File not signed]
FirewallRules: [{5BDB27A2-3FBF-4A89-B5A0-FB719085ED1F}] => (Allow) E:\Hry\steamapps\common\AreYouReadyForValveIndex\compatapp.exe (Valve -> )
FirewallRules: [{576BF63F-5185-46B9-A64F-8ED0A8058634}] => (Allow) E:\Hry\steamapps\common\AreYouReadyForValveIndex\compatapp.exe (Valve -> )
FirewallRules: [{37FF988B-AEAD-4FF7-AAA3-4F80109B6265}] => (Allow) C:\Program Files (x86)\Sticky Password\stpass.exe (Lamantine Software a.s. -> Lamantine Software a.s.)
FirewallRules: [{03C1901D-BC4E-4A29-BD3C-3B49F071F705}] => (Allow) C:\Program Files (x86)\Sticky Password\stpass.exe (Lamantine Software a.s. -> Lamantine Software a.s.)
FirewallRules: [{01913BD6-F5FD-473D-8472-00ED116DF64E}] => (Allow) E:\Hry\steamapps\common\Palworld\Palworld.exe (Epic Games, Inc.) [File not signed]
FirewallRules: [{E8DD902F-C4E2-4213-A417-F3FB61BF1E6C}] => (Allow) E:\Hry\steamapps\common\Palworld\Palworld.exe (Epic Games, Inc.) [File not signed]
FirewallRules: [{B7D17A44-A388-4C87-94F0-BAA02D25495F}] => (Allow) C:\Program Files\LogiOptionsPlus\logioptionsplus_agent.exe (Logitech Inc -> Logitech, Inc.)
FirewallRules: [{6BF4BB4A-2728-458F-9511-BAE85BA9A629}] => (Allow) C:\Program Files\qBittorrent\qbittorrent.exe (The qBittorrent Project) [File not signed]
FirewallRules: [{D466CB32-501C-4F87-BE9E-3398D44603C7}] => (Allow) C:\Program Files\qBittorrent\qbittorrent.exe (The qBittorrent Project) [File not signed]
FirewallRules: [{4BDA6956-6C89-4C22-8350-407A1599E75A}] => (Allow) C:\Program Files (x86)\Microsoft\EdgeWebView\Application\122.0.2365.92\msedgewebview2.exe (Microsoft Corporation -> Microsoft Corporation)
FirewallRules: [{EF4B2994-DE1F-4A50-981D-B5B5A32A95F1}] => (Allow) C:\Program Files\WindowsApps\MicrosoftTeams_24060.3102.2733.5911_x64__8wekyb3d8bbwe\msteams.exe (Microsoft Corporation -> Microsoft Corporation)
FirewallRules: [{D14BAB15-B22D-44B4-B783-7F3951C93A2A}] => (Allow) C:\Program Files\WindowsApps\MicrosoftTeams_24060.3102.2733.5911_x64__8wekyb3d8bbwe\msteams.exe (Microsoft Corporation -> Microsoft Corporation)
FirewallRules: [{74C3FA3B-6D44-45D2-8AF9-53191D30FDAB}] => (Allow) C:\Program Files\WindowsApps\SpotifyAB.SpotifyMusic_1.233.1042.0_x64__zpdnekdrzrea0\Spotify.exe (453637B3-4E12-4CDF-B0D3-2A3C863BF6EF -> Spotify Ltd)
FirewallRules: [{3E0AF9CC-6371-40B2-B876-A998C8695B43}] => (Allow) C:\Program Files\WindowsApps\SpotifyAB.SpotifyMusic_1.233.1042.0_x64__zpdnekdrzrea0\Spotify.exe (453637B3-4E12-4CDF-B0D3-2A3C863BF6EF -> Spotify Ltd)
FirewallRules: [{EFC12E27-E3AC-4443-8130-4825CDFA0B9C}] => (Allow) C:\Program Files\WindowsApps\SpotifyAB.SpotifyMusic_1.233.1042.0_x64__zpdnekdrzrea0\Spotify.exe (453637B3-4E12-4CDF-B0D3-2A3C863BF6EF -> Spotify Ltd)
FirewallRules: [{8BEFFD99-5131-4B8B-A405-E679477FDCE4}] => (Allow) C:\Program Files\WindowsApps\SpotifyAB.SpotifyMusic_1.233.1042.0_x64__zpdnekdrzrea0\Spotify.exe (453637B3-4E12-4CDF-B0D3-2A3C863BF6EF -> Spotify Ltd)
FirewallRules: [{BBAA3A03-4AF7-4DA0-9200-15CE44886608}] => (Allow) C:\Program Files\WindowsApps\SpotifyAB.SpotifyMusic_1.233.1042.0_x64__zpdnekdrzrea0\Spotify.exe (453637B3-4E12-4CDF-B0D3-2A3C863BF6EF -> Spotify Ltd)
FirewallRules: [{133A1A31-1ADB-4008-B414-E8ACE8990D0B}] => (Allow) C:\Program Files\WindowsApps\SpotifyAB.SpotifyMusic_1.233.1042.0_x64__zpdnekdrzrea0\Spotify.exe (453637B3-4E12-4CDF-B0D3-2A3C863BF6EF -> Spotify Ltd)
FirewallRules: [{755FD29A-3361-45E5-BF66-C0805414D15A}] => (Allow) C:\Program Files\WindowsApps\SpotifyAB.SpotifyMusic_1.233.1042.0_x64__zpdnekdrzrea0\Spotify.exe (453637B3-4E12-4CDF-B0D3-2A3C863BF6EF -> Spotify Ltd)
FirewallRules: [{B372E5DD-3D78-49F0-A5BB-4567C6282AF9}] => (Allow) C:\Program Files\WindowsApps\SpotifyAB.SpotifyMusic_1.233.1042.0_x64__zpdnekdrzrea0\Spotify.exe (453637B3-4E12-4CDF-B0D3-2A3C863BF6EF -> Spotify Ltd)
FirewallRules: [{2E0D6DD9-20B5-460F-9D52-1DE6382C9C15}] => (Allow) C:\Program Files\WindowsApps\SpotifyAB.SpotifyMusic_1.233.1042.0_x64__zpdnekdrzrea0\Spotify.exe (453637B3-4E12-4CDF-B0D3-2A3C863BF6EF -> Spotify Ltd)
FirewallRules: [{5943667F-B38C-46D9-B807-9973C1B63E1A}] => (Allow) C:\Program Files\WindowsApps\SpotifyAB.SpotifyMusic_1.233.1042.0_x64__zpdnekdrzrea0\Spotify.exe (453637B3-4E12-4CDF-B0D3-2A3C863BF6EF -> Spotify Ltd)

==================== Restore Points =========================

20-03-2024 18:38:26 Windows Update
25-03-2024 18:25:40 Windows Update
25-03-2024 18:25:40 Windows Update
25-03-2024 18:25:41 Windows Update
27-03-2024 16:10:20 Microsoft Visual C++ 2012 Redistributable (x86) - 11.0.61030

==================== Faulty Device Manager Devices ============


==================== Event log errors: ========================

Application errors:
==================
Error: (03/27/2024 05:07:10 PM) (Source: CertEnroll) (EventID: 86) (User: NT AUTHORITY)
Description: Inicializace registrace certifikátu SCEP pro WORKGROUP\ZALMAN-PC$ přes https://AMD-KeyId-907d65e9b562315997dd5 ... s/Aik/scep se nepovedla:

GetCACaps

Metoda: GET(21719ms)
Fáze: GetCACaps
Operace nebyla v požadované době dokončena. 0x80072ee2 (WinHttp: 12002 ERROR_WINHTTP_TIMEOUT)

Error: (03/27/2024 05:06:48 PM) (Source: CertEnroll) (EventID: 86) (User: NT AUTHORITY)
Description: Inicializace registrace certifikátu SCEP pro Místní systém přes https://AMD-KeyId-907d65e9b562315997dd5 ... s/Aik/scep se nepovedla:

GetCACaps
GetCACaps: Not Found
{"Message":"The authority \"amd-keyid-907d65e9b562315997dd5ad086b2b7598957b92c.microsoftaik.azure.net\" does not exist."}
HTTP/1.1 404 Not Found
Date: Wed, 27 Mar 2024 16:06:49 GMT
Content-Length: 121
Content-Type: application/json; charset=utf-8
X-Content-Type-Options: nosniff
Strict-Transport-Security: max-age=31536000;includeSubDomains
x-ms-request-id: d6ef3789-5400-4151-ade9-e72477714465

Metoda: GET(344ms)
Fáze: GetCACaps
Nenalezeno (404) 0x80190194 (-2145844844 HTTP_E_STATUS_NOT_FOUND)

Error: (03/27/2024 04:46:55 PM) (Source: CertEnroll) (EventID: 86) (User: NT AUTHORITY)
Description: Inicializace registrace certifikátu SCEP pro WORKGROUP\ZALMAN-PC$ přes https://AMD-KeyId-907d65e9b562315997dd5 ... s/Aik/scep se nepovedla:

GetCACaps
GetCACaps: Not Found
{"Message":"The authority \"amd-keyid-907d65e9b562315997dd5ad086b2b7598957b92c.microsoftaik.azure.net\" does not exist."}
HTTP/1.1 404 Not Found
Date: Wed, 27 Mar 2024 15:46:55 GMT
Content-Length: 121
Content-Type: application/json; charset=utf-8
X-Content-Type-Options: nosniff
Strict-Transport-Security: max-age=31536000;includeSubDomains
x-ms-request-id: 0aec89c6-8d97-4b44-a7c1-706af2995e92

Metoda: GET(297ms)
Fáze: GetCACaps
Nenalezeno (404) 0x80190194 (-2145844844 HTTP_E_STATUS_NOT_FOUND)

Error: (03/27/2024 04:46:55 PM) (Source: CertEnroll) (EventID: 86) (User: NT AUTHORITY)
Description: Inicializace registrace certifikátu SCEP pro Místní systém přes https://AMD-KeyId-907d65e9b562315997dd5 ... s/Aik/scep se nepovedla:

GetCACaps
GetCACaps: Not Found
{"Message":"The authority \"amd-keyid-907d65e9b562315997dd5ad086b2b7598957b92c.microsoftaik.azure.net\" does not exist."}
HTTP/1.1 404 Not Found
Date: Wed, 27 Mar 2024 15:46:55 GMT
Content-Length: 121
Content-Type: application/json; charset=utf-8
X-Content-Type-Options: nosniff
Strict-Transport-Security: max-age=31536000;includeSubDomains
x-ms-request-id: e7c297b0-15fc-4f2b-9337-2ec3482053ec

Metoda: GET(375ms)
Fáze: GetCACaps
Nenalezeno (404) 0x80190194 (-2145844844 HTTP_E_STATUS_NOT_FOUND)

Error: (03/27/2024 04:44:46 PM) (Source: Microsoft Security Client) (EventID: 3002) (User: )
Description: Event-ID 3002

Error: (03/27/2024 04:44:46 PM) (Source: Microsoft Security Client) (EventID: 2002) (User: )
Description: Event-ID 2002

Error: (03/27/2024 04:44:46 PM) (Source: Microsoft Security Client) (EventID: 2003) (User: )
Description: Event-ID 2003

Error: (03/27/2024 04:12:55 PM) (Source: CertEnroll) (EventID: 86) (User: NT AUTHORITY)
Description: Inicializace registrace certifikátu SCEP pro WORKGROUP\ZALMAN-PC$ přes https://AMD-KeyId-907d65e9b562315997dd5 ... s/Aik/scep se nepovedla:

GetCACaps
GetCACaps: Not Found
{"Message":"The authority \"amd-keyid-907d65e9b562315997dd5ad086b2b7598957b92c.microsoftaik.azure.net\" does not exist."}
HTTP/1.1 404 Not Found
Date: Wed, 27 Mar 2024 15:12:56 GMT
Content-Length: 121
Content-Type: application/json; charset=utf-8
X-Content-Type-Options: nosniff
Strict-Transport-Security: max-age=31536000;includeSubDomains
x-ms-request-id: 5f7c1d1b-1e40-488f-907f-d67a08d79e33

Metoda: GET(281ms)
Fáze: GetCACaps
Nenalezeno (404) 0x80190194 (-2145844844 HTTP_E_STATUS_NOT_FOUND)


System errors:
=============
Error: (03/27/2024 05:06:50 PM) (Source: Service Control Manager) (EventID: 7034) (User: )
Description: Služba GameInput Service byla neočekávaně ukončena. Tento stav nastal již 6krát.

Error: (03/27/2024 05:06:50 PM) (Source: Service Control Manager) (EventID: 7023) (User: )
Description: Služba GameInput Service byla ukončena s následující chybou:
Složený soubor GameInput Service byl vytvořen s novější verzi úložného prostoru.

Error: (03/27/2024 05:06:49 PM) (Source: Service Control Manager) (EventID: 7031) (User: )
Description: Služba GameInput Service byla nečekaně ukončena. Stalo se to 5 krát. Následující opravná akce bude spuštěna za 1000 milisekund: Restartovat službu.

Error: (03/27/2024 05:06:49 PM) (Source: Service Control Manager) (EventID: 7023) (User: )
Description: Služba GameInput Service byla ukončena s následující chybou:
Složený soubor GameInput Service byl vytvořen s novější verzi úložného prostoru.

Error: (03/27/2024 05:06:48 PM) (Source: Service Control Manager) (EventID: 7031) (User: )
Description: Služba GameInput Service byla nečekaně ukončena. Stalo se to 4 krát. Následující opravná akce bude spuštěna za 1000 milisekund: Restartovat službu.

Error: (03/27/2024 05:06:48 PM) (Source: Service Control Manager) (EventID: 7023) (User: )
Description: Služba GameInput Service byla ukončena s následující chybou:
Složený soubor GameInput Service byl vytvořen s novější verzi úložného prostoru.

Error: (03/27/2024 05:06:47 PM) (Source: Service Control Manager) (EventID: 7031) (User: )
Description: Služba GameInput Service byla nečekaně ukončena. Stalo se to 3 krát. Následující opravná akce bude spuštěna za 1000 milisekund: Restartovat službu.

Error: (03/27/2024 05:06:47 PM) (Source: Service Control Manager) (EventID: 7023) (User: )
Description: Služba GameInput Service byla ukončena s následující chybou:
Složený soubor GameInput Service byl vytvořen s novější verzi úložného prostoru.


Windows Defender:
================
Date: 2024-03-27 11:49:12
Description:
Prohledávání Antivirová ochrana v programu Microsoft Defender bylo zastaveno před dokončením.
ID prohledávání: {065A7352-698C-42A3-B0D6-0EB3AA01C6A8}
Typ prohledávání: Antimalwarový program
Parametry prohledávání: Rychlé prohledávání
Uživatel: NT AUTHORITY\SYSTEM

Date: 2024-03-26 11:04:25
Description:
Prohledávání Antivirová ochrana v programu Microsoft Defender bylo zastaveno před dokončením.
ID prohledávání: {05952EFA-7104-4861-9F9A-ED72BFCC57E6}
Typ prohledávání: Antimalwarový program
Parametry prohledávání: Rychlé prohledávání
Uživatel: NT AUTHORITY\SYSTEM

Date: 2024-03-19 14:42:11
Description:
Prohledávání Antivirová ochrana v programu Microsoft Defender bylo zastaveno před dokončením.
ID prohledávání: {967023EF-3810-4877-8EF7-3378CD26B578}
Typ prohledávání: Antimalwarový program
Parametry prohledávání: Rychlé prohledávání
Uživatel: NT AUTHORITY\SYSTEM

Date: 2024-03-18 09:22:45
Description:
Prohledávání Antivirová ochrana v programu Microsoft Defender bylo zastaveno před dokončením.
ID prohledávání: {3B22F4A7-74BB-4F2D-B5A0-388E15E0B88D}
Typ prohledávání: Antimalwarový program
Parametry prohledávání: Rychlé prohledávání
Uživatel: NT AUTHORITY\SYSTEM

Date: 2024-03-17 14:40:34
Description:
Prohledávání Antivirová ochrana v programu Microsoft Defender bylo zastaveno před dokončením.
ID prohledávání: {8F131DA7-2EBB-4FDF-BE68-C8309F699900}
Typ prohledávání: Antimalwarový program
Parametry prohledávání: Rychlé prohledávání
Uživatel: NT AUTHORITY\SYSTEM
Event[0]

Date: 2023-04-22 09:27:33
Description:
Antivirová ochrana v programu Microsoft Defender narazil na chybu při pokusu o aktualizaci bezpečnostních informací.
Nová verze bezpečnostních informací:
Předchozí verze bezpečnostních informací: 1.321.69.0
Zdroj aktualizace: Centrum společnosti Microsoft pro ochranu před škodlivým softwarem
Typ bezpečnostních informací: Antivirový program
Typ aktualizace: Úplné
Uživatel: NT AUTHORITY\NETWORK SERVICE
Aktuální verze modulu:
Předchozí verze modulu: 1.1.17300.4
Kód chyby: 0x80072ee7
Popis chyby: Nelze rozpoznat název nebo adresu serveru.

Date: 2023-04-22 09:27:33
Description:
Antivirová ochrana v programu Microsoft Defender narazil na chybu při pokusu o aktualizaci bezpečnostních informací.
Nová verze bezpečnostních informací:
Předchozí verze bezpečnostních informací: 1.321.69.0
Zdroj aktualizace: Centrum společnosti Microsoft pro ochranu před škodlivým softwarem
Typ bezpečnostních informací: Antispywarový program
Typ aktualizace: Úplné
Uživatel: NT AUTHORITY\NETWORK SERVICE
Aktuální verze modulu:
Předchozí verze modulu: 1.1.17300.4
Kód chyby: 0x80072ee7
Popis chyby: Nelze rozpoznat název nebo adresu serveru.

Date: 2023-04-22 09:27:33
Description:
Antivirová ochrana v programu Microsoft Defender narazil na chybu při pokusu o aktualizaci bezpečnostních informací.
Nová verze bezpečnostních informací:
Předchozí verze bezpečnostních informací: 1.321.69.0
Zdroj aktualizace: Centrum společnosti Microsoft pro ochranu před škodlivým softwarem
Typ bezpečnostních informací: Antivirový program
Typ aktualizace: Úplné
Uživatel: NT AUTHORITY\NETWORK SERVICE
Aktuální verze modulu:
Předchozí verze modulu: 1.1.17300.4
Kód chyby: 0x80072ee7
Popis chyby: Nelze rozpoznat název nebo adresu serveru.

Date: 2023-04-22 09:27:33
Description:
Antivirová ochrana v programu Microsoft Defender narazil na chybu při pokusu o aktualizaci bezpečnostních informací.
Nová verze bezpečnostních informací:
Předchozí verze bezpečnostních informací: 1.321.69.0
Zdroj aktualizace: Centrum společnosti Microsoft pro ochranu před škodlivým softwarem
Typ bezpečnostních informací: Antivirový program
Typ aktualizace: Úplné
Uživatel: NT AUTHORITY\NETWORK SERVICE
Aktuální verze modulu:
Předchozí verze modulu: 1.1.17300.4
Kód chyby: 0x80072ee7
Popis chyby: Nelze rozpoznat název nebo adresu serveru.

Date: 2023-04-22 09:27:33
Description:
Antivirová ochrana v programu Microsoft Defender narazil na chybu při pokusu o aktualizaci bezpečnostních informací.
Nová verze bezpečnostních informací:
Předchozí verze bezpečnostních informací: 1.321.69.0
Zdroj aktualizace: Centrum společnosti Microsoft pro ochranu před škodlivým softwarem
Typ bezpečnostních informací: Antispywarový program
Typ aktualizace: Úplné
Uživatel: NT AUTHORITY\NETWORK SERVICE
Aktuální verze modulu:
Předchozí verze modulu: 1.1.17300.4
Kód chyby: 0x80072ee7
Popis chyby: Nelze rozpoznat název nebo adresu serveru.

CodeIntegrity:
===============
Date: 2024-03-27 17:10:01
Description:
Code Integrity determined that a process (\Device\HarddiskVolume4\Program Files\ESET\ESET Security\ekrn.exe) attempted to load \Device\HarddiskVolume4\Program Files\ESET\ESET Security\eamsi.dll that did not meet the Custom 3 / Antimalware signing level requirements.


==================== Memory info ===========================

BIOS: American Megatrends International, LLC. 1.I0 03/01/2023
Motherboard: Micro-Star International Co., Ltd. MPG X570 GAMING PRO CARBON WIFI (MS-7B93)
Processor: AMD Ryzen 9 3900X 12-Core Processor
Percentage of memory in use: 41%
Total physical RAM: 16303.47 MB
Available physical RAM: 9591.56 MB
Total Virtual: 17327.47 MB
Available Virtual: 8409.52 MB

==================== Drives ================================

Drive c: () (Fixed) (Total:930.79 GB) (Free:697.89 GB) (Model: Samsung SSD 990 PRO 1TB) NTFS
Drive d: (Místní disk) (Fixed) (Total:1863 GB) (Free:1102.47 GB) (Model: HGST HUS722T2TALA604) NTFS
Drive e: (Místní disk E) (Fixed) (Total:465.65 GB) (Free:221.43 GB) (Model: Samsung SSD 970 EVO Plus 500GB) NTFS

\\?\Volume{e26e90c5-7abc-48fe-a1d0-cdb7280b4b78}\ () (Fixed) (Total:0.61 GB) (Free:0.08 GB) NTFS
\\?\Volume{aed9f27e-b2dc-40a4-a67e-a9c26c3a08fc}\ () (Fixed) (Total:0.09 GB) (Free:0.07 GB) FAT32

==================== MBR & Partition Table ====================

==========================================================
Disk: 0 (Protective MBR) (Size: 1863 GB) (Disk ID: 00000000)

Partition: GPT.

==========================================================
Disk: 1 (Size: 465.8 GB) (Disk ID: 1F09C536)

Partition: GPT.

==========================================================
Disk: 2 (Protective MBR) (Size: 931.5 GB) (Disk ID: 00000000)

Partition: GPT.

==================== End of Addition.txt =======================
Nahoru
Uživatelský avatar
Rudy
Site Admin
Site Admin
Příspěvky: 118275
Registrován: 30 říj 2003 13:42
Bydliště: Plzeň
Kontaktovat uživatele:
Kontaktovat uživatele Rudy

Re: Prosím o kontrolu logu

#5 Příspěvek od Rudy »

Potřebuji vidět obsaah souboru fixlog.txt. Je na ploše. Děkuji.
Dotazy a logy vkládejte pouze do vašich threadů. Soukromé zprávy, icq a e-maily neslouží k řešení vašich problémů.

Podpořte, prosím, naše fórum : https://platba.viry.cz/payment/.

Navštivte: Obrázek

e-mail: rudy(zavináč)forum.viry.cz

Varování: Před odvirováním PC si udělejte zálohy svých důležitých dat (pošta, kontakty, dokumenty, fotografie, videa, hudba apod.). Virus mimo svých "viditelných" aktivit může poškodit systém!


Po dořešení vašeho problému bude vlákno zamknuto. Stejně tak tehdy, pokud bude nečinné více než 14dnů. Pokud budete chtít vlákno aktivovat, napište mi na mail uvedený výše.
Nahoru
Mortiz696
Návštěvník
Návštěvník
Příspěvky: 76
Registrován: 29 led 2014 19:24

Re: Prosím o kontrolu logu

#6 Příspěvek od Mortiz696 »

Fix result of Farbar Recovery Scan Tool (x64) Version: 25.03.2024
Ran by petrs (27-03-2024 17:05:39) Run:1
Running from C:\Users\petrs\Desktop
Loaded Profiles: petrs
Boot Mode: Normal
==============================================

fixlist content:
*****************
Start

CloseProcesses:
HKLM-x32\...\Run: [SunJavaUpdateSched] => C:\Program Files (x86)\Common Files\Java\Java Update\jusched.exe [739448 2023-03-17] (Oracle America, Inc. -> Oracle Corporation)
HKLM\SOFTWARE\Microsoft\Windows Defender: [DisableAntiSpyware] Restriction <==== ATTENTION
HKLM\SOFTWARE\Microsoft\Windows Defender: [DisableAntiVirus] Restriction <==== ATTENTION
HKLM\SOFTWARE\Policies\Mozilla\Firefox: Restriction <==== ATTENTION
HKLM\SOFTWARE\Policies\Google: Restriction <==== ATTENTION
HKLM\SOFTWARE\Policies\Microsoft\Edge: Restriction <==== ATTENTION
Task: {E0F10DCF-44AD-40E8-9370-FB5DA59F93FB} - System32\Tasks\Microsoft\Windows\UpdateOrchestrator\USO_UxBroker => %systemroot%\system32\MusNotification.exe (No File)

EmptyTemp:
End
*****************

Processes closed successfully.
"HKLM\Software\WOW6432Node\Microsoft\Windows\CurrentVersion\Run\\SunJavaUpdateSched" => removed successfully
HKLM\SOFTWARE\Microsoft\Windows Defender\\"DisableAntiSpyware"="0" => value restored successfully
HKLM\SOFTWARE\Microsoft\Windows Defender\\"DisableAntiVirus"="0" => value restored successfully
HKLM\SOFTWARE\Policies\Mozilla => removed successfully
HKLM\SOFTWARE\Policies\Google => removed successfully
HKLM\SOFTWARE\Policies\Microsoft\Edge => removed successfully
"HKLM\Software\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Plain\{E0F10DCF-44AD-40E8-9370-FB5DA59F93FB}" => removed successfully
"HKLM\Software\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tasks\{E0F10DCF-44AD-40E8-9370-FB5DA59F93FB}" => removed successfully
C:\Windows\System32\Tasks\Microsoft\Windows\UpdateOrchestrator\USO_UxBroker => moved successfully
"HKLM\Software\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tree\Microsoft\Windows\UpdateOrchestrator\USO_UxBroker" => removed successfully

=========== EmptyTemp: ==========

FlushDNS => completed
BITS transfer queue => 1835008 B
DOMStore, IE Recovery, AppCache, Feeds Cache, Thumbcache, IconCache => 9488018 B
Java, Discord, Steam htmlcache, WinHttpAutoProxySvc/winhttp *.cache => 790297103 B
Windows/system/drivers => 2676492 B
Edge => 0 B
Firefox => 16732855 B
Opera => 0 B

Temp, IE cache, history, cookies, recent:
Default => 0 B
ProgramData => 0 B
Public => 0 B
systemprofile => 308452 B
systemprofile32 => 308452 B
LocalService => 325480 B
NetworkService => 326646 B
petrs => 257207148 B

RecycleBin => 0 B
EmptyTemp: => 1 GB temporary data Removed.

================================


The system needed a reboot.

==== End of Fixlog 17:05:49 ====
Nahoru
Uživatelský avatar
Rudy
Site Admin
Site Admin
Příspěvky: 118275
Registrován: 30 říj 2003 13:42
Bydliště: Plzeň
Kontaktovat uživatele:
Kontaktovat uživatele Rudy

Re: Prosím o kontrolu logu

#7 Příspěvek od Rudy »

Vše smazáno, log by již měl být OK. Jak to vypadá nyní?
Dotazy a logy vkládejte pouze do vašich threadů. Soukromé zprávy, icq a e-maily neslouží k řešení vašich problémů.

Podpořte, prosím, naše fórum : https://platba.viry.cz/payment/.

Navštivte: Obrázek

e-mail: rudy(zavináč)forum.viry.cz

Varování: Před odvirováním PC si udělejte zálohy svých důležitých dat (pošta, kontakty, dokumenty, fotografie, videa, hudba apod.). Virus mimo svých "viditelných" aktivit může poškodit systém!


Po dořešení vašeho problému bude vlákno zamknuto. Stejně tak tehdy, pokud bude nečinné více než 14dnů. Pokud budete chtít vlákno aktivovat, napište mi na mail uvedený výše.
Nahoru
Mortiz696
Návštěvník
Návštěvník
Příspěvky: 76
Registrován: 29 led 2014 19:24

Re: Prosím o kontrolu logu

#8 Příspěvek od Mortiz696 »

V pořádku můžete lock děkuji
Nahoru
Uživatelský avatar
Rudy
Site Admin
Site Admin
Příspěvky: 118275
Registrován: 30 říj 2003 13:42
Bydliště: Plzeň
Kontaktovat uživatele:
Kontaktovat uživatele Rudy

Re: Prosím o kontrolu logu

#9 Příspěvek od Rudy »

OK a nemáte zač! :)
Dotazy a logy vkládejte pouze do vašich threadů. Soukromé zprávy, icq a e-maily neslouží k řešení vašich problémů.

Podpořte, prosím, naše fórum : https://platba.viry.cz/payment/.

Navštivte: Obrázek

e-mail: rudy(zavináč)forum.viry.cz

Varování: Před odvirováním PC si udělejte zálohy svých důležitých dat (pošta, kontakty, dokumenty, fotografie, videa, hudba apod.). Virus mimo svých "viditelných" aktivit může poškodit systém!


Po dořešení vašeho problému bude vlákno zamknuto. Stejně tak tehdy, pokud bude nečinné více než 14dnů. Pokud budete chtít vlákno aktivovat, napište mi na mail uvedený výše.
Nahoru
Zamčeno

Zpět na „Řešení problémů, logy“