Zdravím borci.
Z ničeho nic se mi strašně zpomalil NTB , asi se mi tady něco dostalo zase.. Když mi pomůžete budu rád díky a zasílám logy
Scan result of Farbar Recovery Scan Tool (FRST) (x64) Version: 01.06.2024
Ran by milan (administrator) on LAPTOP-5DQCHNGG (Acer Aspire A315-58) (04-06-2024 08:24:42)
Running from C:\Users\milan\Downloads\FRST64.exe
Loaded Profiles: milan
Platform: Microsoft Windows 11 Home Version 23H2 22631.3593 (X64) Language: Čeština (Česko)
Default browser: Chrome
Boot Mode: Normal
==================== Processes (Whitelisted) =================
(If an entry is included in the fixlist, the process will be closed. The file will not be moved.)
(C:\Program Files (x86)\F-Secure\TOTAL\x64\fshoster64.exe ->) (F-Secure Corporation -> F-Secure Corporation) C:\Program Files (x86)\F-Secure\TOTAL\ui_net6\fsmainui.exe
(C:\Program Files\Acer\Quick Access Service\QASvc.exe ->) (Acer Incorporated -> Acer Incorporated) C:\Program Files\Acer\Quick Access Service\QAAdminAgent.exe
(C:\Program Files\Acer\Quick Access Service\QASvc.exe ->) (Acer Incorporated -> Acer Incorporated) C:\Program Files\Acer\Quick Access Service\QAAgent.exe
(C:\Program Files\Common Files\microsoft shared\ClickToRun\OfficeClickToRun.exe ->) (Microsoft Corporation -> Microsoft Corporation) C:\Program Files\Common Files\microsoft shared\ClickToRun\AppVShNotify.exe
(C:\Program Files\Google\Chrome\Application\chrome.exe ->) (Microsoft Windows -> Microsoft Corporation) C:\Windows\System32\cmd.exe <2>
(C:\Program Files\McAfee\WebAdvisor\servicehost.exe ->) (McAfee, LLC -> McAfee, LLC) C:\Program Files\McAfee\WebAdvisor\uihost.exe
(C:\Program Files\WindowsApps\MicrosoftTeams_24102.2309.2851.4917_x64__8wekyb3d8bbwe\msteams.exe ->) (Microsoft Corporation -> Microsoft Corporation) C:\Program Files (x86)\Microsoft\EdgeWebView\Application\125.0.2535.79\msedgewebview2.exe <12>
(cmd.exe ->) (McAfee, LLC -> McAfee, LLC) C:\Program Files\McAfee\WebAdvisor\browserhost.exe
(cmd.exe ->) (McAfee, LLC -> McAfee, LLC) C:\Program Files\McAfee\wps\1.18.255.1\extnhost\mc-extn-browserhost.exe
(DriverStore\FileRepository\cui_dch.inf_amd64_ea0f2e956b37b3be\igfxCUIServiceN.exe ->) (Intel Corporation -> Intel Corporation) C:\Windows\System32\DriverStore\FileRepository\cui_dch.inf_amd64_ea0f2e956b37b3be\igfxEMN.exe
(explorer.exe ->) (Google LLC -> Google LLC) C:\Program Files\Google\Chrome\Application\chrome.exe <15>
(Microsoft Corporation -> Microsoft Corporation) C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe <5>
(services.exe ->) (Acer Incorporated -> Acer Incorporated) C:\Program Files (x86)\Acer\Care Center\ACCSvc.exe
(services.exe ->) (Acer Incorporated -> Acer Incorporated) C:\Program Files\Acer\Quick Access Service\QASvc.exe
(services.exe ->) (British Cayman Islands Intelligo Technology Inc. Taiwan Branch -> Intelligo Technology Inc.) C:\Windows\System32\DriverStore\FileRepository\igoaudioservice.inf_amd64_5480d357b22325cc\IgoAudioService_x64.exe
(services.exe ->) (F-Secure Corporation -> F-Secure Corporation) C:\Program Files (x86)\F-Secure\TOTAL\FSNifWeb\1715672042\fshoster64.exe
(services.exe ->) (F-Secure Corporation -> F-Secure Corporation) C:\Program Files (x86)\F-Secure\TOTAL\x64\fshoster64.exe <3>
(services.exe ->) (F-Secure Corporation -> F-Secure Corporation) C:\Program Files (x86)\F-Secure\TOTAL\x64\fsvpnservice_64.exe
(services.exe ->) (Intel Corporation -> Intel Corporation) C:\Windows\System32\DriverStore\FileRepository\cui_dch.inf_amd64_ea0f2e956b37b3be\igfxCUIServiceN.exe
(services.exe ->) (Intel Corporation -> Intel Corporation) C:\Windows\System32\DriverStore\FileRepository\iastorvd.inf_amd64_a5ea1b1d8db1527e\RstMwService.exe
(services.exe ->) (Intel Corporation -> Intel Corporation) C:\Windows\System32\DriverStore\FileRepository\igcc_dch.inf_amd64_98ad395a329efc54\OneApp.IGCC.WinService.exe
(services.exe ->) (Intel Corporation -> Intel Corporation) C:\Windows\System32\DriverStore\FileRepository\iigd_dch.inf_amd64_38b23bd92a6775fe\IntelCpHDCPSvc.exe
(services.exe ->) (Intel Corporation -> Intel Corporation) C:\Windows\System32\DriverStore\FileRepository\lms.inf_amd64_fddb643595e0b8d0\LMS.exe
(services.exe ->) (Intel Corporation -> Intel) C:\Windows\System32\DriverStore\FileRepository\intcoed.inf_amd64_0f43cda6a2474b5c\AS\IAS\IntelAudioService.exe
(services.exe ->) (Intel(R) Embedded Subsystems and IP Blocks Group -> Intel Corporation) C:\Windows\System32\DriverStore\FileRepository\dal.inf_amd64_b5484efd38adbe8d\jhi_service.exe
(services.exe ->) (McAfee, LLC -> McAfee, LLC) C:\Program Files\McAfee\WebAdvisor\servicehost.exe
(services.exe ->) (McAfee, LLC -> McAfee, LLC) C:\Program Files\McAfee\wps\1.18.255.1\mc-fw-host.exe <2>
(services.exe ->) (Microsoft Corporation -> Microsoft Corporation) C:\Program Files\Common Files\microsoft shared\ClickToRun\OfficeClickToRun.exe
(services.exe ->) (Microsoft Corporation -> Microsoft Corporation) C:\Windows\Microsoft.NET\Framework64\v3.0\WPF\PresentationFontCache.exe
(services.exe ->) (Microsoft Windows Publisher -> Microsoft Corporation) C:\ProgramData\Microsoft\Windows Defender\Platform\4.18.24050.7-0\MpDefenderCoreService.exe
(services.exe ->) (Microsoft Windows Publisher -> Microsoft Corporation) C:\ProgramData\Microsoft\Windows Defender\Platform\4.18.24050.7-0\MsMpEng.exe
(services.exe ->) (Microsoft Windows Publisher -> Microsoft Corporation) C:\ProgramData\Microsoft\Windows Defender\Platform\4.18.24050.7-0\NisSrv.exe
(services.exe ->) (Realtek Semiconductor Corp. -> Realtek Semiconductor) C:\Windows\System32\DriverStore\FileRepository\realtekservice.inf_amd64_6903f1a9d3b68dab\RtkAudUService64.exe <2>
(services.exe ->) (WithSecure Oyj -> F-Secure Corporation) C:\Program Files (x86)\F-Secure\TOTAL\Ultralight\ulcore\1715597669\fsorsp64.exe
(services.exe ->) (WithSecure Oyj -> WithSecure Corporation) C:\Program Files (x86)\F-Secure\TOTAL\Ultralight\ulcore\1715597669\fshoster64.exe <2>
(services.exe ->) (WithSecure Oyj -> WithSecure Corporation) C:\Program Files (x86)\F-Secure\TOTAL\Ultralight\ulcore\1715597669\fsulprothoster.exe
(svchost.exe ->) (Acer Incorporated -> ) C:\Program Files (x86)\Acer\Care Center\ACCStd.exe
(svchost.exe ->) (Acer Incorporated -> Microsoft) C:\Program Files\Acer\StorPSCTL\StorPSCTL.exe
(svchost.exe ->) (British Cayman Islands Intelligo Technology Inc. Taiwan Branch -> Intelligo Technology Inc.) C:\Windows\System32\DriverStore\FileRepository\igoaudioservice.inf_amd64_5480d357b22325cc\iGoSwServer.exe <2>
(svchost.exe ->) (Intel Corporation -> Intel Corporation) C:\Windows\System32\DriverStore\FileRepository\cui_dch.inf_amd64_ea0f2e956b37b3be\igfxextN.exe
(svchost.exe ->) (Microsoft Corporation -> Microsoft Corporation) C:\Users\milan\AppData\Local\Microsoft\OneDrive\24.103.0521.0002\FileCoAuth.exe
(svchost.exe ->) (Microsoft Windows -> Microsoft Corporation) C:\Program Files\WindowsApps\MicrosoftWindows.Client.WebExperience_524.13200.10.0_x64__cw5n1h2txyewy\Dashboard\WidgetService.exe
(svchost.exe ->) (Microsoft Windows -> Microsoft Corporation) C:\Windows\ImmersiveControlPanel\SystemSettings.exe
(svchost.exe ->) (Microsoft Windows -> Microsoft Corporation) C:\Windows\System32\dllhost.exe <4>
(svchost.exe ->) (Microsoft Windows -> Microsoft Corporation) C:\Windows\System32\smartscreen.exe
(svchost.exe ->) (Microsoft Windows -> Microsoft Corporation) C:\Windows\System32\wlanext.exe
(svchost.exe ->) (Microsoft Windows -> Microsoft Corporation) C:\Windows\System32\WWAHost.exe
(svchost.exe ->) (Microsoft Windows -> Microsoft Corporation) C:\Windows\SystemApps\Microsoft.Windows.AppRep.ChxApp_cw5n1h2txyewy\CHXSmartScreen.exe
(svchost.exe ->) (SweetLabs Inc -> SweetLabs, Inc) C:\Users\milan\AppData\Local\Host App Service\Engine\HostAppServiceUpdater.exe
==================== Registry (Whitelisted) ===================
(If an entry is included in the fixlist, the registry item will be restored to default or removed. The file will not be moved.)
HKLM\...\Run: [RtkAudUService] => C:\Windows\System32\DriverStore\FileRepository\realtekservice.inf_amd64_6903f1a9d3b68dab\RtkAudUService64.exe [1259872 2021-05-19] (Realtek Semiconductor Corp. -> Realtek Semiconductor)
HKU\S-1-5-21-1522692154-720549613-4100842380-1001\...\Run: [MicrosoftEdgeAutoLaunch_EB47026D08FE0D2DEE1F47E11465E666] => "C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --no-startup-window --win-session-start [4136896 2024-05-30] (Microsoft Corporation -> Microsoft Corporation)
HKLM\Software\Microsoft\Active Setup\Installed Components: [{8A69D345-D564-463c-AFF1-A69D9E530F96}] -> C:\Program Files\Google\Chrome\Application\125.0.6422.114\Installer\chrmstp.exe [2024-05-30] (Google LLC -> Google LLC)
==================== Scheduled Tasks (Whitelisted) =================
(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)
Task: {F06FC732-66DF-4A74-9B71-A761D23993F7} - System32\Tasks\ACC => C:\Program Files (x86)\Acer\Care Center\LiveUpdateChecker.exe [3089768 2023-02-03] (Acer Incorporated -> ) -> C:\Program Files (x86)\Acer\Care Center\-auto
Task: {460B4C83-BF11-4192-80FD-25F72D1FDFA8} - System32\Tasks\ACCAgent => C:\Program Files (x86)\Acer\Care Center\LiveUpdateAgent.exe [41832 2023-02-03] (Acer Incorporated -> )
Task: {87BBA08E-4C16-4F5A-9CFC-FDE400299AFA} - System32\Tasks\ACCBackgroundApplication => C:\Program Files (x86)\Acer\Care Center\ACCStd.exe [4956008 2023-02-03] (Acer Incorporated -> )
Task: {ED62D5A4-C53E-4A19-8C52-83D38A63F360} - System32\Tasks\AcerCMUpdateTask2.5.22250 => C:\Program Files (x86)\Acer\Amundsen\2.5.22250\awc.exe [96904 2022-10-13] (Acer Incorporated -> )
Task: {4C524DC0-94B2-48AC-809A-97D46780184C} - System32\Tasks\App Explorer => C:\Users\milan\AppData\Local\Host App Service\Engine\HostAppServiceUpdater.exe [7574560 2023-03-29] (SweetLabs Inc -> SweetLabs, Inc) <==== ATTENTION
Task: {143DF8E1-2620-41F2-950D-8AC6E6578403} - System32\Tasks\CareCenter\MicrosoftEdgeAutoLaunch_EB47026D08FE0D2DEE1F47E11465E666_Reg_HKCURun_S-1-5-21-1522692154-720549613-4100842380-1001 => C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe [4136896 2024-05-30] (Microsoft Corporation -> Microsoft Corporation) -> C:\Program Files (x86)\Microsoft\Edge\Application\--no-startup-window --win-session-start
Task: {5890D53F-75D3-4A58-90E1-705F0C54B8F6} - System32\Tasks\F-Secure\F-Secure Hotfix => C:\Program Files (x86)\F-Secure\TOTAL\x64\fs_hotfix_64.exe [510856 2024-05-28] (F-Secure Corporation -> F-Secure Corporation)
Task: {8B3D35E8-2C19-4649-86B9-568C8FAD0F9E} - System32\Tasks\GoogleSystem\GoogleUpdater\GoogleUpdaterTaskSystem127.0.6490.0{7863E041-B445-4567-908D-89ECC6DA2015} => C:\Program Files (x86)\Google\GoogleUpdater\127.0.6490.0\updater.exe [4785440 2024-05-20] (Google LLC -> Google LLC)
Task: {EFCDAA27-506A-41E3-B3C3-85BE8DA1D2A5} - System32\Tasks\iGoAudioTask => C:\Windows\System32\DriverStore\FileRepository\igoaudioservice.inf_amd64_5480d357b22325cc\iGoSwServer.exe [467344 2022-11-15] (British Cayman Islands Intelligo Technology Inc. Taiwan Branch -> Intelligo Technology Inc.)
Task: {00BE2514-B022-4CCD-B861-04645BF7D690} - System32\Tasks\iGoAudioTaskSession => C:\Windows\System32\DriverStore\FileRepository\igoaudioservice.inf_amd64_5480d357b22325cc\iGoSwServer.exe [467344 2022-11-15] (British Cayman Islands Intelligo Technology Inc. Taiwan Branch -> Intelligo Technology Inc.)
Task: {E6FF01FD-D2B7-46CC-951A-CB0F4EE8917A} - System32\Tasks\McAfee OEM Subscription job => \\?\C:\Program Files\McAfee\wps\SubscriptionJob\mc-oem-subjob.exe [2169512 2024-05-20] (McAfee, LLC -> McAfee, LLC)
Task: {321E56E0-D9F0-41FC-9E9B-80C3AF0B935A} - System32\Tasks\McAfee\WPS\McAfee Anti-tracker notification => 1A62D23B-93C2-468A-B6B0-FFB2A23C1C0D
Task: {5E7350B0-39EC-4C74-90B3-113942171C5F} - System32\Tasks\McAfee\WPS\McAfee Cloud Configuration Check => 1A62D23B-93C2-468A-B6B0-FFB2A23C1C0D
Task: {D3CF9E06-6ED5-432B-9923-921AFE4BE242} - System32\Tasks\McAfee\WPS\McAfee Health Check => C:\Program Files\McAfee\wps\1.18.255.1\sustainability\mc-sustainability.exe [950824 2024-05-21] (McAfee, LLC -> McAfee, LLC)
Task: {2528C8BC-5360-45A1-B7BE-8296FE682031} - System32\Tasks\McAfee\WPS\McAfee Hotfix => C:\Program Files\McAfee\wps\1.18.255.1\dad\mc-dad.exe [2654448 2024-05-21] (McAfee, LLC -> McAfee, LLC)
Task: {432AC888-5F17-41D6-865A-E4904EC3CCCC} - System32\Tasks\McAfee\WPS\McAfee Message Check => 1A62D23B-93C2-468A-B6B0-FFB2A23C1C0D
Task: {14DB256D-5667-4B82-95B0-EC07EFE9F383} - System32\Tasks\McAfee\WPS\McAfee PC Optimizer Task => 1A62D23B-93C2-468A-B6B0-FFB2A23C1C0D
Task: {B121FC72-D2FF-4740-91B0-F0583F527997} - System32\Tasks\McAfee\WPS\McAfee restart of PC => 1A62D23B-93C2-468A-B6B0-FFB2A23C1C0D
Task: {A424B035-4CAA-4405-B3B7-E5C5BBDE7244} - System32\Tasks\McAfee\WPS\McAfee Scheduled AV Scan => 1A62D23B-93C2-468A-B6B0-FFB2A23C1C0D
Task: {FEDAD849-E7AE-4449-8062-39370BDA16C2} - System32\Tasks\McAfee\WPS\McAfee Scheduled Tracker Remover => 1A62D23B-93C2-468A-B6B0-FFB2A23C1C0D
Task: {20CC69E6-3C01-437D-BE57-B33CCEC6CC56} - System32\Tasks\McAfee\wps\McAfee Updater => {81A7CB63-BB07-4DAD-8E72-07B3A9BB08E2} C:\Program Files\McAfee\wps\1.18.255.1\mc-update.exe [3296312 2024-05-21] (McAfee, LLC -> McAfee, LLC)
Task: {D42A8B46-F100-4A31-A5A9-36BB92435749} - System32\Tasks\McAfee\WPS\McAfee Virus Definition Update => 1A62D23B-93C2-468A-B6B0-FFB2A23C1C0D
Task: {9A4D0FEA-0D25-444E-A706-BF91B6D82966} - System32\Tasks\McAfee\WPS\McAfee Windows Notification Token => \\?\C:\Program Files\McAfee\wps\1.18.255.1\mc-wns-client\mc-wns-client.exe [923696 2024-05-21] (McAfee, LLC -> )
Task: {165723CE-CD0A-4CA4-9204-A854A61A02CC} - System32\Tasks\Microsoft\Office\Office Automatic Updates 2.0 => C:\Program Files\Common Files\Microsoft Shared\ClickToRun\OfficeC2RClient.exe [28498912 2024-05-26] (Microsoft Corporation -> Microsoft Corporation)
Task: {86BB7BB2-0E69-44F6-B529-A6EF87203701} - System32\Tasks\Microsoft\Office\Office ClickToRun Service Monitor => C:\Program Files\Common Files\Microsoft Shared\ClickToRun\OfficeC2RClient.exe [28498912 2024-05-26] (Microsoft Corporation -> Microsoft Corporation)
Task: {84F94102-6283-45A1-8517-CDF4EAD187B0} - System32\Tasks\Microsoft\Office\Office Feature Updates => C:\Program Files\Microsoft Office\root\Office16\sdxhelper.exe [309912 2024-06-03] (Microsoft Corporation -> Microsoft Corporation)
Task: {098E9272-DD23-47F2-8EE8-B68C67D346AF} - System32\Tasks\Microsoft\Office\Office Feature Updates Logon => C:\Program Files\Microsoft Office\root\Office16\sdxhelper.exe [309912 2024-06-03] (Microsoft Corporation -> Microsoft Corporation)
Task: {08E553E8-9162-4123-B4B9-8164F0C9F354} - System32\Tasks\Microsoft\Office\Office Performance Monitor => C:\Program Files\Microsoft Office\root\vfs\ProgramFilesCommonX64\Microsoft Shared\OFFICE16\operfmon.exe [169648 2024-06-03] (Microsoft Corporation -> Microsoft Corporation)
Task: {E0F10DCF-44AD-40E8-9370-FB5DA59F93FB} - System32\Tasks\Microsoft\Windows\UpdateOrchestrator\USO_UxBroker => %systemroot%\system32\MusNotification.exe (No File)
Task: {D94A5025-35E5-4C62-A548-313B9EF0459A} - System32\Tasks\Microsoft\Windows\Windows Defender\Windows Defender Cache Maintenance => C:\ProgramData\Microsoft\Windows Defender\Platform\4.18.24050.7-0\MpCmdRun.exe [1678960 2024-05-29] (Microsoft Windows Publisher -> Microsoft Corporation)
Task: {0C22429D-EC10-4089-BB0C-D203A9309A88} - System32\Tasks\Microsoft\Windows\Windows Defender\Windows Defender Cleanup => C:\ProgramData\Microsoft\Windows Defender\Platform\4.18.24050.7-0\MpCmdRun.exe [1678960 2024-05-29] (Microsoft Windows Publisher -> Microsoft Corporation)
Task: {F4FF6915-E6F6-4DD4-9716-8D717BA28150} - System32\Tasks\Microsoft\Windows\Windows Defender\Windows Defender Scheduled Scan => C:\ProgramData\Microsoft\Windows Defender\Platform\4.18.24050.7-0\MpCmdRun.exe [1678960 2024-05-29] (Microsoft Windows Publisher -> Microsoft Corporation)
Task: {208B172B-D273-42F7-BAFD-52DDBD5F686C} - System32\Tasks\Microsoft\Windows\Windows Defender\Windows Defender Verification => C:\ProgramData\Microsoft\Windows Defender\Platform\4.18.24050.7-0\MpCmdRun.exe [1678960 2024-05-29] (Microsoft Windows Publisher -> Microsoft Corporation)
Task: {73633390-BA10-40B7-B83E-CCE7AFC8D365} - System32\Tasks\Oem\AcerJumpstartTask => C:\Program Files (x86)\Acer\Acer Jumpstart\hermes.exe [70792 2022-08-15] (Acer Incorporated -> )
Task: {9CE5D1E6-DE80-404F-9182-30ABDFDF7054} - System32\Tasks\Oem\wlanBrokerTask => C:\Program Files (x86)\Acer\ExpressVPN\wlanBroker.exe [18224 2021-03-22] (Acer Incorporated -> )
Task: {DDA8D141-FF13-4008-B39F-C4825FED4A40} - System32\Tasks\Oem\xvpnHelperTask => C:\Users\milan\AppData\Local\OEM\PromoX\XvpnHelper\XvpnInstaller.exe [70016 2022-10-24] (Acer Incorporated -> )
Task: {052705E9-286A-4007-844F-10B2036FCE05} - System32\Tasks\Quick Access => C:\Program Files\Acer\Quick Access Service\QALauncher.exe [446824 2023-01-17] (Acer Incorporated -> Acer Incorporated)
Task: {011E43A6-20B3-4EEF-B5F4-0C26D8A1AAD8} - System32\Tasks\Software Update Application => C:\ProgramData\OEM\UpgradeTool\ListCheck.exe [461472 2022-12-20] (Acer Incorporated -> Acer Incorporated)
Task: {2572C9E2-16C1-49E9-9F79-89D4350CF6E0} - System32\Tasks\StorPSCTL => C:\Program Files\Acer\StorPSCTL\StorPSCTL.exe [153640 2021-03-29] (Acer Incorporated -> Microsoft)
Task: {E2DC6192-AFC2-4EE4-9167-1B1C522DD67B} - System32\Tasks\UbtFrameworkService => C:\Program Files\Acer\User Experience Improvement Program Service\Framework\TriggerFramework.exe [333152 2022-08-03] (Acer Incorporated -> Acer Incorporated)
Task: {1E1F952D-E6E3-4D80-BFE6-84AB3A0D943B} - System32\Tasks\UEIPInvitation => C:\Program Files\Acer\User Experience Improvement Program Service\Framework\UEIPOOBECheck.exe [2218336 2022-08-03] (Acer Incorporated -> Acer Incorporated)
(If an entry is included in the fixlist, the task (.job) file will be moved. The file which is running by the task will not be moved.)
==================== Internet (Whitelisted) ====================
(If an item is included in the fixlist, if it is a registry item it will be removed or restored to default.)
Tcpip\Parameters: [DhcpNameServer] 62.129.50.20 85.135.32.100
Tcpip\..\Interfaces\{0ff5396e-f223-4b34-9c84-b1f01871c2e9}: [DhcpNameServer] 62.129.50.20 85.135.32.100
Edge:
=======
Edge Profile: C:\Users\milan\AppData\Local\Microsoft\Edge\User Data\Default [2024-06-04]
Edge Extension: (Dokumenty Google offline) - C:\Users\milan\AppData\Local\Microsoft\Edge\User Data\Default\Extensions\ghbmnnjooekpmoecnnnilnnbdlolhkhi [2024-01-21]
Edge Extension: (Edge relevant text changes) - C:\Users\milan\AppData\Local\Microsoft\Edge\User Data\Default\Extensions\jmjflgjpcpepeafmmgdpfkogkghcpiha [2024-02-05]
FireFox:
========
FF Plugin: @microsoft.com/SharePoint,version=14.0 -> C:\Program Files\Microsoft Office\root\Office16\NPSPWRAP.DLL [2024-05-20] (Microsoft Corporation -> Microsoft Corporation)
FF Plugin-x32: @microsoft.com/SharePoint,version=14.0 -> C:\Program Files\Microsoft Office\root\VFS\ProgramFilesX86\Microsoft Office\Office16\NPSPWRAP.DLL [2024-05-20] (Microsoft Corporation -> Microsoft Corporation)
Chrome:
=======
CHR Profile: C:\Users\milan\AppData\Local\Google\Chrome\User Data\Default [2024-06-04]
CHR Extension: (McAfee® WebAdvisor) - C:\Users\milan\AppData\Local\Google\Chrome\User Data\Default\Extensions\fheoggkfdfchfphceeifdbepaooicaho [2024-05-20]
CHR Extension: (Dokumenty Google offline) - C:\Users\milan\AppData\Local\Google\Chrome\User Data\Default\Extensions\ghbmnnjooekpmoecnnnilnnbdlolhkhi [2024-06-03]
CHR Extension: (Platby Internetového obchodu Chrome) - C:\Users\milan\AppData\Local\Google\Chrome\User Data\Default\Extensions\nmmhkkegccagdldgiimedpiccmgmieda [2023-12-14]
CHR HKLM\...\Chrome\Extension: [fheoggkfdfchfphceeifdbepaooicaho]
CHR HKLM-x32\...\Chrome\Extension: [fheoggkfdfchfphceeifdbepaooicaho]
==================== Services (Whitelisted) ===================
(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)
R2 ACCSvc; C:\Program Files (x86)\Acer\Care Center\ACCSvc.exe [259432 2023-02-03] (Acer Incorporated -> Acer Incorporated)
R2 ClickToRunSvc; C:\Program Files\Common Files\Microsoft Shared\ClickToRun\OfficeClickToRun.exe [14012520 2024-05-26] (Microsoft Corporation -> Microsoft Corporation)
R2 fshoster; C:\Program Files (x86)\F-Secure\TOTAL\x64\fshoster64.exe [257416 2024-05-28] (F-Secure Corporation -> F-Secure Corporation)
R2 fsnethoster; C:\Program Files (x86)\F-Secure\TOTAL\x64\fshoster64.exe [257416 2024-05-28] (F-Secure Corporation -> F-Secure Corporation)
R2 fsnifwebhoster; C:\Program Files (x86)\F-Secure\TOTAL\FSNifWeb\1715672042\fshoster64.exe [414600 2024-05-17] (F-Secure Corporation -> F-Secure Corporation)
R2 fsulhoster; C:\Program Files (x86)\F-Secure\TOTAL\Ultralight\ulcore\1715597669\fshoster64.exe [738256 2024-05-21] (WithSecure Oyj -> WithSecure Corporation)
R2 fsulnethoster; C:\Program Files (x86)\F-Secure\TOTAL\Ultralight\ulcore\1715597669\fshoster64.exe [738256 2024-05-21] (WithSecure Oyj -> WithSecure Corporation)
R2 fsulorsp; C:\Program Files (x86)\F-Secure\TOTAL\Ultralight\ulcore\1715597669\fsorsp64.exe [109432 2024-05-21] (WithSecure Oyj -> F-Secure Corporation)
R2 fsulprothoster; C:\Program Files (x86)\F-Secure\TOTAL\Ultralight\ulcore\1715597669\fsulprothoster.exe [738256 2024-05-21] (WithSecure Oyj -> WithSecure Corporation)
R2 fsvpnsvc; C:\Program Files (x86)\F-Secure\TOTAL\x64\fsvpnservice_64.exe [2220936 2024-05-28] (F-Secure Corporation -> F-Secure Corporation)
S2 GoogleUpdaterInternalService127.0.6490.0; C:\Program Files (x86)\Google\GoogleUpdater\127.0.6490.0\updater.exe [4785440 2024-05-20] (Google LLC -> Google LLC)
S2 GoogleUpdaterService127.0.6490.0; C:\Program Files (x86)\Google\GoogleUpdater\127.0.6490.0\updater.exe [4785440 2024-05-20] (Google LLC -> Google LLC)
R2 IgoAudioService; C:\Windows\System32\DriverStore\FileRepository\igoaudioservice.inf_amd64_5480d357b22325cc\IgoAudioService_x64.exe [36512 2022-11-15] (British Cayman Islands Intelligo Technology Inc. Taiwan Branch -> Intelligo Technology Inc.)
R2 IntelAudioService; C:\Windows\System32\DriverStore\FileRepository\intcoed.inf_amd64_0f43cda6a2474b5c\AS\IAS\IntelAudioService.exe [531008 2022-01-26] (Intel Corporation -> Intel)
R2 mc-fw-host; C:\Program Files\McAfee\wps\1.18.255.1\mc-fw-host.exe [2711192 2024-05-21] (McAfee, LLC -> McAfee, LLC)
S3 mc-wps-update; C:\Program Files\McAfee\wps\1.18.255.1\mc-update.exe [3296312 2024-05-21] (McAfee, LLC -> McAfee, LLC)
R2 McAfee WebAdvisor; C:\Program Files\McAfee\WebAdvisor\ServiceHost.exe [879456 2024-05-17] (McAfee, LLC -> McAfee, LLC)
R2 MDCoreSvc; C:\ProgramData\Microsoft\Windows Defender\Platform\4.18.24050.7-0\MpDefenderCoreService.exe [1505416 2024-05-29] (Microsoft Windows Publisher -> Microsoft Corporation)
S3 QALSvc; C:\Program Files\Acer\Quick Access Service\QALSvc.exe [466280 2023-01-17] (Acer Incorporated -> Acer Incorporated)
R3 QASvc; C:\Program Files\Acer\Quick Access Service\QASvc.exe [504680 2023-01-17] (Acer Incorporated -> Acer Incorporated)
S3 UEIPSvc; C:\Program Files\Acer\User Experience Improvement Program Service\Framework\UBTService.exe [337760 2022-08-03] (Acer Incorporated -> Acer Incorporated)
R3 WdNisSvc; C:\ProgramData\Microsoft\Windows Defender\Platform\4.18.24050.7-0\NisSrv.exe [3236728 2024-05-29] (Microsoft Windows Publisher -> Microsoft Corporation)
R2 WinDefend; C:\ProgramData\Microsoft\Windows Defender\Platform\4.18.24050.7-0\MsMpEng.exe [133704 2024-05-29] (Microsoft Windows Publisher -> Microsoft Corporation)
===================== Drivers (Whitelisted) ===================
(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)
R3 AcerAirplaneModeController; C:\Windows\System32\drivers\AcerAirplaneModeController.sys [36800 2022-06-01] (Acer Incorporated -> Acer Incorporated)
R3 F-Secure Gatekeeper; C:\Program Files (x86)\F-Secure\TOTAL\Ultralight\ulcore\1715597669\fsulgk.sys [482480 2024-05-21] (Microsoft Windows Hardware Compatibility Publisher -> WithSecure Corporation)
R0 fse; C:\Windows\System32\drivers\fse.sys [218592 2024-05-26] (Microsoft Windows -> Microsoft Corporation)
S0 fselms; C:\Windows\System32\drivers\fselms.sys [17400 2023-12-25] (Microsoft Windows Early Launch Anti-malware Publisher -> WithSecure Corporation)
R2 fsnif2; C:\Program Files (x86)\F-Secure\TOTAL\Ultralight\nif2\1710924332\nif2s64.sys [186048 2024-05-20] (Microsoft Windows Hardware Compatibility Publisher -> WithSecure Corporation)
R3 fsvpnwintun; C:\Windows\System32\drivers\fsvpnwintun.sys [31256 2023-12-04] (Microsoft Windows Hardware Compatibility Publisher -> F-Secure Corporation)
R3 iaLPSS2_GPIO2_TGL; C:\Windows\System32\DriverStore\FileRepository\ialpss2_gpio2_tgl.inf_amd64_d0e63c4e3754f42f\iaLPSS2_GPIO2_TGL.sys [128152 2020-08-12] (Intel Corporation -> Intel Corporation)
R3 iaLPSS2_I2C_TGL; C:\Windows\System32\DriverStore\FileRepository\ialpss2_i2c_tgl.inf_amd64_ab87bf17a571e523\iaLPSS2_I2C_TGL.sys [197272 2020-08-12] (Intel Corporation -> Intel Corporation)
S3 iaLPSS2_SPI_TGL; C:\Windows\System32\DriverStore\FileRepository\ialpss2_spi_tgl.inf_amd64_b6ea3d48ee329530\iaLPSS2_SPI_TGL.sys [155816 2020-08-12] (Intel Corporation -> Intel Corporation)
S3 iaLPSS2_UART2_TGL; C:\Windows\System32\DriverStore\FileRepository\ialpss2_uart2_tgl.inf_amd64_1a8e964d43720594\iaLPSS2_UART2_TGL.sys [310440 2020-08-12] (Intel Corporation -> Intel Corporation)
R0 iaStorVD; C:\Windows\System32\drivers\iaStorVD.sys [1544912 2021-08-29] (Intel Corporation -> Intel Corporation)
R3 IntcUSB; C:\Windows\System32\DriverStore\FileRepository\intcusb.inf_amd64_2cc98897d8dddf62\IntcUSB.sys [882280 2022-01-26] (Intel Corporation -> Intel(R) Corporation)
R3 IntelGNA; C:\Windows\System32\DriverStore\FileRepository\gna.inf_amd64_689d3d5fefeef458\gna.sys [84880 2020-11-06] (Gaussian Mixture Models and Neural Networks Accelerator -> Intel Corporation)
S0 mfeelam; C:\Windows\System32\DRIVERS\mfeelam.sys [19536 2024-05-21] (Microsoft Windows Early Launch Anti-malware Publisher -> McAfee, LLC)
R0 mfesec; C:\Windows\System32\DRIVERS\mfesec.sys [85304 2024-05-21] (McAfee, LLC -> McAfee, LLC)
R3 MpKslcba1ff90; C:\ProgramData\Microsoft\Windows Defender\Definition Updates\{927CC8FF-F3EF-4219-A54F-DF9B82152D35}\MpKslDrv.sys [271648 2024-06-03] (Microsoft Windows -> Microsoft Corporation)
S3 rtcx21; C:\Windows\System32\DriverStore\FileRepository\rtcx21x64.inf_amd64_516e5c9b75c49dc2\rtcx21x64.sys [539648 2022-05-06] (Microsoft Windows -> Realtek)
S3 vmbusproxy; C:\Windows\system32\drivers\vmbusproxy.sys [94208 2024-05-26] (Microsoft Windows -> )
S0 WdBoot; C:\Windows\System32\drivers\wd\WdBoot.sys [22080 2024-05-29] (Microsoft Windows Early Launch Anti-malware Publisher -> Microsoft Corporation)
R0 WdFilter; C:\Windows\System32\drivers\wd\WdFilter.sys [602520 2024-05-29] (Microsoft Windows -> Microsoft Corporation)
R3 WdNisDrv; C:\Windows\System32\drivers\wd\WdNisDrv.sys [105880 2024-05-29] (Microsoft Windows -> Microsoft Corporation)
==================== NetSvcs (Whitelisted) ===================
(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)
==================== One month (created) (Whitelisted) =========
(If an entry is included in the fixlist, the file/folder will be moved.)
2024-06-04 08:24 - 2024-06-04 08:25 - 000027405 _____ C:\Users\milan\Downloads\FRST.txt
2024-06-04 08:24 - 2024-06-04 08:24 - 000000000 ____D C:\FRST
2024-06-04 08:23 - 2024-06-04 08:24 - 002395136 _____ (Farbar) C:\Users\milan\Downloads\FRST64.exe
2024-06-04 08:23 - 2024-06-04 08:23 - 002093056 _____ (Farbar) C:\Users\milan\Downloads\FRST.exe
2024-06-03 14:07 - 2024-06-03 14:07 - 000000000 ____D C:\Program Files\Common Files\DESIGNER
2024-06-03 10:55 - 2024-06-03 10:55 - 000065514 _____ C:\Users\milan\Downloads\Marek-Pšenica.pdf
2024-06-01 21:02 - 2024-06-01 21:02 - 000007446 _____ C:\Users\milan\AppData\Local\recently-used.xbel
2024-06-01 21:01 - 2024-06-01 21:01 - 000000000 ____D C:\Users\milan\AppData\Local\OneDrive
2024-06-01 19:24 - 2024-06-01 20:11 - 000000000 ____D C:\Users\milan\AppData\Local\gtk-2.0
2024-06-01 18:59 - 2024-06-01 18:59 - 000000000 ____D C:\Users\milan\AppData\Local\fontconfig
2024-06-01 18:58 - 2024-06-01 21:02 - 000000000 ____D C:\Users\milan\AppData\Local\babl-0.1
2024-06-01 18:58 - 2024-06-01 18:58 - 000000950 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Programs\GIMP 2.10.38.lnk
2024-06-01 18:58 - 2024-06-01 18:58 - 000000938 _____ C:\Users\Public\Desktop\GIMP 2.10.38.lnk
2024-06-01 18:58 - 2024-06-01 18:58 - 000000000 ____D C:\Users\milan\AppData\Roaming\GIMP
2024-06-01 18:58 - 2024-06-01 18:58 - 000000000 ____D C:\Users\milan\AppData\Local\GIMP
2024-06-01 18:58 - 2024-06-01 18:58 - 000000000 ____D C:\Users\milan\AppData\Local\gegl-0.4
2024-06-01 18:56 - 2024-06-01 18:58 - 000000000 ____D C:\Program Files\GIMP 2
2024-05-31 12:51 - 2024-05-31 12:51 - 000727012 _____ C:\Windows\system32\perfh005.dat
2024-05-31 12:51 - 2024-05-31 12:51 - 000151244 _____ C:\Windows\system32\perfc005.dat
2024-05-31 09:07 - 2024-05-31 09:07 - 000000000 ____D C:\Users\milan\AppData\Roaming\Microsoft\Office
2024-05-31 09:07 - 2024-05-31 09:07 - 000000000 ____D C:\Users\milan\AppData\Roaming\Microsoft\Excel
2024-05-31 09:07 - 2024-05-31 09:07 - 000000000 ____D C:\Users\milan\AppData\Roaming\Microsoft\AddIns
2024-05-30 07:48 - 2024-05-30 07:48 - 000000000 ____D C:\ProgramData\Mozilla-1de4eec8-1241-4177-a864-e594e8d1fb38
2024-05-27 09:41 - 2024-05-27 09:41 - 000000000 ____D C:\Users\milan\AppData\Local\Backup
2024-05-27 00:31 - 2024-05-27 00:31 - 000000000 ____D C:\Windows\SysWOW64\DDFs
2024-05-27 00:31 - 2024-05-27 00:31 - 000000000 ____D C:\Windows\system32\Microsoft-Edge-WebView
2024-05-27 00:31 - 2024-05-27 00:31 - 000000000 ____D C:\Windows\InboxApps
2024-05-26 23:05 - 2024-05-26 23:05 - 000060462 _____ C:\Windows\SysWOW64\ctac.json
2024-05-26 23:05 - 2024-05-26 23:05 - 000024320 _____ C:\Windows\SysWOW64\IntegratedServicesRegionPolicySet.json
2024-05-26 23:00 - 2024-05-26 23:00 - 000060462 _____ C:\Windows\system32\ctac.json
2024-05-26 23:00 - 2024-05-26 23:00 - 000024320 _____ C:\Windows\system32\IntegratedServicesRegionPolicySet.json
2024-05-24 09:17 - 2024-05-24 09:17 - 000000000 ____H C:\Windows\system32\Drivers\Msft_User_WpdMtpDr_01_11_00.Wdf
2024-05-24 09:16 - 2024-05-24 09:16 - 000000000 ____H C:\Windows\system32\Drivers\Msft_User_WpdFs_01_11_00.Wdf
2024-05-22 08:10 - 2024-05-22 08:10 - 000000000 ____D C:\Program Files\Common Files\DynamicAppDownloader
2024-05-21 22:29 - 2024-05-21 22:29 - 000000000 ____D C:\Windows\system32\Tasks\CareCenter
2024-05-20 17:45 - 2024-05-20 17:45 - 000000000 ____D C:\Users\milan\AppData\Roaming\Microsoft\Network
2024-05-17 10:33 - 2024-05-17 10:33 - 000000000 ____D C:\Windows\system32\Tasks\GoogleSystem
==================== One month (modified) ==================
(If an entry is included in the fixlist, the file/folder will be moved.)
2024-06-04 08:22 - 2022-05-07 07:24 - 000000000 ____D C:\Windows\AppReadiness
2024-06-04 08:22 - 2022-05-07 07:24 - 000000000 ____D C:\ProgramData\regid.1991-06.com.microsoft
2024-06-04 07:55 - 2023-12-14 20:12 - 000000000 ____D C:\Users\milan\AppData\Local\Host App Service
2024-06-04 07:52 - 2023-07-31 10:02 - 000000000 ____D C:\Windows\system32\SleepStudy
2024-06-03 23:16 - 2023-12-14 20:20 - 000000000 ____D C:\Users\milan\AppData\Local\Packages
2024-06-03 23:16 - 2023-12-13 01:47 - 000000000 ____D C:\ProgramData\Packages
2024-06-03 23:16 - 2022-05-07 07:24 - 000000000 ___HD C:\Program Files\WindowsApps
2024-06-03 23:16 - 2022-05-07 07:24 - 000000000 ____D C:\Windows\SystemTemp
2024-06-03 14:06 - 2023-07-31 10:33 - 000000000 ____D C:\Program Files\Microsoft Office
2024-06-03 13:38 - 2023-12-25 15:53 - 000003362 _____ C:\Windows\system32\Tasks\McAfee OEM Subscription job
2024-06-03 10:13 - 2023-12-14 20:20 - 000000000 ____D C:\Users\milan\AppData\Local\D3DSCache
2024-06-03 07:49 - 2024-02-11 13:38 - 000000000 ____D C:\Users\milan\AppData\Local\CrashDumps
2024-06-03 07:32 - 2023-12-14 20:19 - 000000000 __SHD C:\Users\milan\IntelGraphicsProfiles
2024-05-31 21:07 - 2023-07-31 10:02 - 000002440 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Microsoft Edge.lnk
2024-05-31 12:51 - 2023-07-31 10:13 - 001718036 _____ C:\Windows\system32\PerfStringBackup.INI
2024-05-31 12:51 - 2022-05-07 07:22 - 000000000 ____D C:\Windows\INF
2024-05-31 12:50 - 2022-05-07 07:24 - 000000000 ____D C:\Windows\ServiceState
2024-05-30 23:06 - 2023-12-14 20:26 - 000002251 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Google Chrome.lnk
2024-05-30 23:06 - 2023-12-14 20:26 - 000002210 _____ C:\Users\Public\Desktop\Google Chrome.lnk
2024-05-30 07:32 - 2023-12-14 20:21 - 000003588 _____ C:\Windows\system32\Tasks\OneDrive Reporting Task-S-1-5-21-1522692154-720549613-4100842380-1001
2024-05-30 07:32 - 2023-12-14 20:21 - 000003378 _____ C:\Windows\system32\Tasks\OneDrive Standalone Update Task-S-1-5-21-1522692154-720549613-4100842380-1001
2024-05-30 07:32 - 2023-12-14 20:21 - 000002381 _____ C:\Users\milan\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\OneDrive.lnk
2024-05-29 15:11 - 2023-07-31 10:12 - 000003310 _____ C:\Windows\system32\Tasks\iGoAudioTask
2024-05-29 15:11 - 2023-07-31 10:02 - 000012288 ___SH C:\DumpStack.log.tmp
2024-05-29 15:11 - 2023-07-31 10:02 - 000000006 ____H C:\Windows\Tasks\SA.DAT
2024-05-29 15:11 - 2023-07-31 10:02 - 000000000 ___HD C:\Intel
2024-05-29 15:11 - 2022-05-07 07:17 - 000786432 _____ C:\Windows\system32\config\BBI
2024-05-29 15:02 - 2023-07-31 10:02 - 000001623 _____ C:\Windows\system32\config\VSMIDK
2024-05-29 14:48 - 2023-12-14 20:21 - 000000000 ____D C:\Users\milan\AppData\Local\PlaceholderTileLogoFolder
2024-05-29 14:31 - 2023-07-31 11:02 - 000000000 ____D C:\Windows\Panther
2024-05-29 11:26 - 2023-12-25 16:18 - 000002257 _____ C:\Users\Public\Desktop\F-Secure.lnk
2024-05-29 01:56 - 2023-07-31 10:02 - 000000000 ____D C:\Windows\system32\Drivers\wd
2024-05-27 07:36 - 2022-05-07 07:24 - 000000000 ____D C:\ProgramData\USOPrivate
2024-05-27 00:34 - 2023-12-14 20:20 - 000002350 _____ C:\Users\milan\Desktop\Microsoft Edge.lnk
2024-05-27 00:34 - 2023-12-14 20:12 - 000000000 ____D C:\Users\milan\AppData\Roaming\Microsoft\Spelling
2024-05-27 00:32 - 2023-07-31 10:02 - 000474816 _____ C:\Windows\system32\FNTCACHE.DAT
2024-05-27 00:31 - 2022-07-05 17:29 - 000000000 ____D C:\Windows\SysWOW64\cs
2024-05-27 00:31 - 2022-07-05 17:29 - 000000000 ____D C:\Windows\system32\cs
2024-05-27 00:31 - 2022-05-07 07:24 - 000000000 ___SD C:\Windows\SysWOW64\F12
2024-05-27 00:31 - 2022-05-07 07:24 - 000000000 ___SD C:\Windows\SysWOW64\DiagSvcs
2024-05-27 00:31 - 2022-05-07 07:24 - 000000000 ___SD C:\Windows\system32\UNP
2024-05-27 00:31 - 2022-05-07 07:24 - 000000000 ___SD C:\Windows\system32\F12
2024-05-27 00:31 - 2022-05-07 07:24 - 000000000 ___SD C:\Windows\system32\DiagSvcs
2024-05-27 00:31 - 2022-05-07 07:24 - 000000000 ___RD C:\Windows\PrintDialog
2024-05-27 00:31 - 2022-05-07 07:24 - 000000000 ___RD C:\Windows\ImmersiveControlPanel
2024-05-27 00:31 - 2022-05-07 07:24 - 000000000 ____D C:\Windows\WUModels
2024-05-27 00:31 - 2022-05-07 07:24 - 000000000 ____D C:\Windows\UUS
2024-05-27 00:31 - 2022-05-07 07:24 - 000000000 ____D C:\Windows\SysWOW64\WinMetadata
2024-05-27 00:31 - 2022-05-07 07:24 - 000000000 ____D C:\Windows\SysWOW64\vi-VN
2024-05-27 00:31 - 2022-05-07 07:24 - 000000000 ____D C:\Windows\SysWOW64\setup
2024-05-27 00:31 - 2022-05-07 07:24 - 000000000 ____D C:\Windows\SysWOW64\PerceptionSimulation
2024-05-27 00:31 - 2022-05-07 07:24 - 000000000 ____D C:\Windows\SysWOW64\oobe
2024-05-27 00:31 - 2022-05-07 07:24 - 000000000 ____D C:\Windows\SysWOW64\lv-LV
2024-05-27 00:31 - 2022-05-07 07:24 - 000000000 ____D C:\Windows\SysWOW64\lt-LT
2024-05-27 00:31 - 2022-05-07 07:24 - 000000000 ____D C:\Windows\SysWOW64\id-ID
2024-05-27 00:31 - 2022-05-07 07:24 - 000000000 ____D C:\Windows\SysWOW64\gl-ES
2024-05-27 00:31 - 2022-05-07 07:24 - 000000000 ____D C:\Windows\SysWOW64\eu-ES
2024-05-27 00:31 - 2022-05-07 07:24 - 000000000 ____D C:\Windows\SysWOW64\et-EE
2024-05-27 00:31 - 2022-05-07 07:24 - 000000000 ____D C:\Windows\SysWOW64\es-MX
2024-05-27 00:31 - 2022-05-07 07:24 - 000000000 ____D C:\Windows\SysWOW64\Dism
2024-05-27 00:31 - 2022-05-07 07:24 - 000000000 ____D C:\Windows\SysWOW64\ca-ES
2024-05-27 00:31 - 2022-05-07 07:24 - 000000000 ____D C:\Windows\SystemResources
2024-05-27 00:31 - 2022-05-07 07:24 - 000000000 ____D C:\Windows\SystemApps
2024-05-27 00:31 - 2022-05-07 07:24 - 000000000 ____D C:\Windows\system32\WinMetadata
2024-05-27 00:31 - 2022-05-07 07:24 - 000000000 ____D C:\Windows\system32\WinBioPlugIns
2024-05-27 00:31 - 2022-05-07 07:24 - 000000000 ____D C:\Windows\system32\vi-VN
2024-05-27 00:31 - 2022-05-07 07:24 - 000000000 ____D C:\Windows\system32\SystemResetPlatform
2024-05-27 00:31 - 2022-05-07 07:24 - 000000000 ____D C:\Windows\system32\ShellExperiences
2024-05-27 00:31 - 2022-05-07 07:24 - 000000000 ____D C:\Windows\system32\Sgrm
2024-05-27 00:31 - 2022-05-07 07:24 - 000000000 ____D C:\Windows\system32\setup
2024-05-27 00:31 - 2022-05-07 07:24 - 000000000 ____D C:\Windows\system32\SecureBootUpdates
2024-05-27 00:31 - 2022-05-07 07:24 - 000000000 ____D C:\Windows\system32\PerceptionSimulation
2024-05-27 00:31 - 2022-05-07 07:24 - 000000000 ____D C:\Windows\system32\oobe
2024-05-27 00:31 - 2022-05-07 07:24 - 000000000 ____D C:\Windows\system32\migwiz
2024-05-27 00:31 - 2022-05-07 07:24 - 000000000 ____D C:\Windows\system32\lv-LV
2024-05-27 00:31 - 2022-05-07 07:24 - 000000000 ____D C:\Windows\system32\lt-LT
2024-05-27 00:31 - 2022-05-07 07:24 - 000000000 ____D C:\Windows\system32\id-ID
2024-05-27 00:31 - 2022-05-07 07:24 - 000000000 ____D C:\Windows\system32\HealthAttestationClient
2024-05-27 00:31 - 2022-05-07 07:24 - 000000000 ____D C:\Windows\system32\gl-ES
2024-05-27 00:31 - 2022-05-07 07:24 - 000000000 ____D C:\Windows\system32\eu-ES
2024-05-27 00:31 - 2022-05-07 07:24 - 000000000 ____D C:\Windows\system32\et-EE
2024-05-27 00:31 - 2022-05-07 07:24 - 000000000 ____D C:\Windows\system32\es-MX
2024-05-27 00:31 - 2022-05-07 07:24 - 000000000 ____D C:\Windows\system32\Dism
2024-05-27 00:31 - 2022-05-07 07:24 - 000000000 ____D C:\Windows\system32\DDFs
2024-05-27 00:31 - 2022-05-07 07:24 - 000000000 ____D C:\Windows\system32\ca-ES
2024-05-27 00:31 - 2022-05-07 07:24 - 000000000 ____D C:\Windows\system32\appraiser
2024-05-27 00:31 - 2022-05-07 07:24 - 000000000 ____D C:\Windows\ShellExperiences
2024-05-27 00:31 - 2022-05-07 07:24 - 000000000 ____D C:\Windows\ShellComponents
2024-05-27 00:31 - 2022-05-07 07:24 - 000000000 ____D C:\Windows\Provisioning
2024-05-27 00:31 - 2022-05-07 07:24 - 000000000 ____D C:\Windows\PolicyDefinitions
2024-05-27 00:31 - 2022-05-07 07:24 - 000000000 ____D C:\Windows\DiagTrack
2024-05-27 00:31 - 2022-05-07 07:24 - 000000000 ____D C:\Windows\BrowserCore
2024-05-27 00:31 - 2022-05-07 07:24 - 000000000 ____D C:\Windows\bcastdvr
2024-05-27 00:31 - 2022-05-07 07:24 - 000000000 ____D C:\Windows\appcompat
2024-05-27 00:31 - 2022-05-07 07:24 - 000000000 ____D C:\Program Files\Common Files\System
2024-05-27 00:31 - 2022-05-07 07:17 - 000000000 ____D C:\Windows\servicing
2024-05-26 23:20 - 2022-05-07 07:17 - 000000000 ____D C:\Windows\CbsTemp
2024-05-26 23:18 - 2022-05-07 08:10 - 000036864 _____ (Microsoft Corporation) C:\Windows\system32\OEMDefaultAssociations.dll
2024-05-26 23:18 - 2022-05-07 08:10 - 000023775 _____ C:\Windows\system32\OEMDefaultAssociations.xml
2024-05-26 23:18 - 2022-05-07 07:25 - 000209920 _____ (Microsoft Corporation) C:\Windows\SysWOW64\msclmd.dll
2024-05-26 23:18 - 2022-05-07 07:25 - 000077312 _____ (Khronos Group) C:\Windows\SysWOW64\opencl.dll
2024-05-26 23:18 - 2022-05-07 07:24 - 000249856 _____ (Microsoft Corporation) C:\Windows\system32\msclmd.dll
2024-05-26 23:18 - 2022-05-07 07:24 - 000118784 _____ (Khronos Group) C:\Windows\system32\opencl.dll
2024-05-26 23:05 - 2023-07-31 10:04 - 003214336 _____ (Microsoft Corporation) C:\Windows\SysWOW64\PrintConfig.dll
2024-05-26 22:33 - 2023-07-31 10:02 - 000003640 _____ C:\Windows\system32\Tasks\MicrosoftEdgeUpdateTaskMachineUA
2024-05-26 22:33 - 2023-07-31 10:02 - 000003516 _____ C:\Windows\system32\Tasks\MicrosoftEdgeUpdateTaskMachineCore
2024-05-22 23:06 - 2023-12-25 16:17 - 000000000 ____D C:\Program Files\dotnet
2024-05-22 23:06 - 2023-07-31 10:32 - 000000000 ____D C:\ProgramData\Package Cache
2024-05-21 23:11 - 2023-12-25 15:52 - 000085304 _____ (McAfee, LLC) C:\Windows\system32\Drivers\mfesec.sys
2024-05-21 23:11 - 2023-12-25 15:52 - 000019536 _____ (McAfee, LLC) C:\Windows\system32\Drivers\mfeelam.sys
2024-05-21 23:11 - 2022-05-07 07:24 - 000000000 ___HD C:\Windows\ELAMBKUP
2024-05-21 22:24 - 2022-05-07 08:10 - 000000000 ____D C:\Program Files\Windows Photo Viewer
2024-05-21 22:24 - 2022-05-07 08:10 - 000000000 ____D C:\Program Files (x86)\Windows Photo Viewer
2024-05-21 22:24 - 2022-05-07 08:01 - 000000000 ____D C:\Windows\SysWOW64\winrm
2024-05-21 22:24 - 2022-05-07 08:01 - 000000000 ____D C:\Windows\SysWOW64\WCN
2024-05-21 22:24 - 2022-05-07 08:01 - 000000000 ____D C:\Windows\SysWOW64\slmgr
2024-05-21 22:24 - 2022-05-07 08:01 - 000000000 ____D C:\Windows\SysWOW64\Printing_Admin_Scripts
2024-05-21 22:24 - 2022-05-07 08:01 - 000000000 ____D C:\Windows\system32\winrm
2024-05-21 22:24 - 2022-05-07 08:01 - 000000000 ____D C:\Windows\system32\WCN
2024-05-21 22:24 - 2022-05-07 08:01 - 000000000 ____D C:\Windows\system32\slmgr
2024-05-21 22:24 - 2022-05-07 08:01 - 000000000 ____D C:\Windows\system32\Printing_Admin_Scripts
2024-05-21 22:24 - 2022-05-07 07:24 - 000000000 ____D C:\Windows\system32\Sysprep
2024-05-21 22:24 - 2022-05-07 07:24 - 000000000 ____D C:\Windows\OCR
2024-05-21 22:24 - 2022-05-07 07:24 - 000000000 ____D C:\Windows\IME
2024-05-21 22:24 - 2022-05-07 07:24 - 000000000 ____D C:\Program Files\Windows Defender
2024-05-21 22:24 - 2022-05-07 07:24 - 000000000 ____D C:\Program Files (x86)\Windows Defender
2024-05-21 11:28 - 2024-01-21 14:31 - 000000000 ____D C:\Windows\system32\MRT
2024-05-21 11:27 - 2024-01-21 14:30 - 196465576 ____C (Microsoft Corporation) C:\Windows\system32\MRT.exe
2024-05-21 09:08 - 2022-05-07 07:24 - 000000000 ____D C:\Windows\system32\AppLocker
2024-05-20 17:56 - 2022-05-07 07:24 - 000000000 ____D C:\Program Files\Common Files\microsoft shared
2024-05-20 17:55 - 2023-12-25 16:18 - 000000000 ____D C:\Windows\system32\Tasks\F-Secure
2024-05-20 17:45 - 2022-05-07 07:24 - 000000000 ____D C:\Windows\system32\SecurityHealth
2024-05-20 15:01 - 2023-12-14 20:25 - 000000000 ____D C:\Program Files (x86)\Google
2024-05-20 15:01 - 2023-07-31 10:35 - 000000000 ____D C:\ProgramData\McAfee
2024-05-17 10:39 - 2022-05-07 07:17 - 000032768 _____ C:\Windows\system32\config\ELAM
==================== Files in the root of some directories ========
2024-06-01 21:02 - 2024-06-01 21:02 - 000007446 _____ () C:\Users\milan\AppData\Local\recently-used.xbel
==================== SigCheck ============================
(There is no automatic fix for files that do not pass verification.)
==================== End of FRST.txt ========================
Additional scan result of Farbar Recovery Scan Tool (x64) Version: 01.06.2024
Ran by milan (04-06-2024 08:26:29)
Running from C:\Users\milan\Downloads
Microsoft Windows 11 Home Version 23H2 22631.3593 (X64) (2023-12-12 23:46:57)
Boot Mode: Normal
==========================================================
==================== Accounts: =============================
(If an entry is included in the fixlist, it will be removed.)
Administrator (S-1-5-21-1522692154-720549613-4100842380-500 - Administrator - Disabled)
DefaultAccount (S-1-5-21-1522692154-720549613-4100842380-503 - Limited - Disabled)
Guest (S-1-5-21-1522692154-720549613-4100842380-501 - Limited - Disabled)
milan (S-1-5-21-1522692154-720549613-4100842380-1001 - Administrator - Enabled) => C:\Users\milan
WDAGUtilityAccount (S-1-5-21-1522692154-720549613-4100842380-504 - Limited - Disabled)
==================== Security Center ========================
(If an entry is included in the fixlist, it will be removed.)
AV: F-Secure (Disabled - Up to date) {DA5F8466-F00B-8E6B-6CB8-5AE55C9EBDCD}
AV: Windows Defender (Enabled - Up to date) {D68DDC3A-831F-4fae-9E44-DA132C1ACF46}
AV: McAfee (Disabled - Up to date) {0BE13B34-492A-21C0-AE43-C1742279CCB6}
FW: McAfee (Disabled) {33DABA11-0345-2098-851C-6841DCAA8BCD}
==================== Installed Programs ======================
(Only the adware programs with "Hidden" flag could be added to the fixlist to unhide them. The adware programs should be uninstalled manually.)
Acer Configuration Manager (HKLM-x32\...\{83EE3016-BFF3-4249-9DB8-2FC92D6DE9E6}) (Version: 2.5.22250 - Acer)
Acer Jumpstart (HKLM-x32\...\{0C5ED25A-B8D1-4E71-BFCB-6B370A4EA19C}) (Version: 3.5.22220.20 - Acer)
App Explorer (HKU\S-1-5-21-1522692154-720549613-4100842380-1001\...\Host App Service) (Version: 0.273.4.677 - SweetLabs) <==== ATTENTION
Care Center Service (HKLM\...\{AFB52E98-7597-4484-9202-58F0FD3512ED}) (Version: 4.00.3054 - Acer Incorporated)
ExpressVPN (HKLM-x32\...\{5B1D5290-DC0D-43D1-8220-8BB29BDDA0BE}) (Version: 2.5.22300.30 - Acer)
F-Secure (HKLM\...\{EB5A2E16-9F92-4CE0-85B2-0085FEF08034}) (Version: 19.4 - F-Secure Corporation)
GIMP 2.10.38 (HKLM\...\GIMP-2_is1) (Version: 2.10.38 - The GIMP Team)
Google Chrome (HKLM-x32\...\Google Chrome) (Version: 125.0.6422.114 - Google LLC)
McAfee (HKLM\...\McAfee.wps) (Version: 1.18.255.1 - McAfee, LLC)
Microsoft .NET Host - 6.0.28 (x64) (HKLM\...\{CA84969C-64F9-4606-A998-E692A5DA9B9F}) (Version: 48.112.10439 - Microsoft Corporation) Hidden
Microsoft .NET Host FX Resolver - 6.0.28 (x64) (HKLM\...\{7C4254A1-17EE-4840-B9D3-7CA9B34C75CD}) (Version: 48.112.10439 - Microsoft Corporation) Hidden
Microsoft .NET Runtime - 6.0.28 (x64) (HKLM\...\{4BCC5DFD-5D10-4ACC-AAA9-8A1578A9F0C6}) (Version: 48.112.10439 - Microsoft Corporation) Hidden
Microsoft 365 - cs-cz (HKLM\...\O365HomePremRetail - cs-cz) (Version: 16.0.17628.20110 - Microsoft Corporation)
Microsoft Edge (HKLM-x32\...\Microsoft Edge) (Version: 125.0.2535.79 - Microsoft Corporation)
Microsoft Edge WebView2 Runtime (HKLM-x32\...\Microsoft EdgeWebView) (Version: 125.0.2535.79 - Microsoft Corporation)
Microsoft OneDrive (HKU\S-1-5-21-1522692154-720549613-4100842380-1001\...\OneDriveSetup.exe) (Version: 24.103.0521.0002 - Microsoft Corporation)
Microsoft OneNote - cs-cz (HKLM\...\OneNoteFreeRetail - cs-cz) (Version: 16.0.17628.20110 - Microsoft Corporation)
Microsoft Visual C++ 2015-2019 Redistributable (x86) - 14.25.28508 (HKLM-x32\...\{65e650ff-30be-469d-b63a-418d71ea1765}) (Version: 14.25.28508.3 - Microsoft Corporation)
Microsoft Visual C++ 2019 X86 Additional Runtime - 14.25.28508 (HKLM-x32\...\{0FA68574-690B-4B00-89AA-B28946231449}) (Version: 14.25.28508 - Microsoft Corporation) Hidden
Microsoft Visual C++ 2019 X86 Minimum Runtime - 14.25.28508 (HKLM-x32\...\{2BC3BD4D-FABA-4394-93C7-9AC82A263FE2}) (Version: 14.25.28508 - Microsoft Corporation) Hidden
Microsoft Windows Desktop Runtime - 6.0.28 (x64) (HKLM\...\{443A7BE8-E5BE-4514-BDAB-0A872E3E846B}) (Version: 48.112.10435 - Microsoft Corporation) Hidden
Microsoft Windows Desktop Runtime - 6.0.28 (x64) (HKLM-x32\...\{bd3c5800-9256-43b9-97a7-eb349fc38d78}) (Version: 6.0.28.33420 - Microsoft Corporation)
Office 16 Click-to-Run Extensibility Component (HKLM\...\{90160000-008C-0000-1000-0000000FF1CE}) (Version: 16.0.17628.20110 - Microsoft Corporation) Hidden
Office 16 Click-to-Run Licensing Component (HKLM\...\{90160000-007E-0000-1000-0000000FF1CE}) (Version: 16.0.17628.20102 - Microsoft Corporation) Hidden
Quick Access Service (HKLM\...\{AB25551C-74EF-4BAB-9989-891517FCF9FF}) (Version: 3.00.3052 - Acer Incorporated)
Realtek Audio Driver (HKLM-x32\...\{F132AF7F-7BCA-4EDE-8A7C-958108FE7DBC}) (Version: 6.0.9172.1 - Realtek Semiconductor Corp.)
User Experience Improvement Program Service (HKLM\...\{323EA05D-046D-449D-9D7C-89243C957CCE}) (Version: 5.00.3018 - Acer Incorporated)
WebAdvisor od společnosti McAfee (HKLM-x32\...\{35ED3F83-4BDC-4c44-8EC6-6A8301C7413A}) (Version: 4.1.1.898 - McAfee, LLC)
Packages:
=========
Acer Product Registration -> C:\Program Files\WindowsApps\AcerIncorporated.AcerRegistration_2.0.3044.0_x64__48frkmn4z8aw4 [2023-12-28] (Acer Incorporated)
Acer Purified Voice Console -> C:\Program Files\WindowsApps\IntelligoTechnologyInc.AcerPurifiedVoiceConsole_1.0.34.0_x64__zzw691tb7va64 [2024-05-21] (Intelligo Technology Inc.)
AppUp.IntelGraphicsExperience -> C:\Program Files\WindowsApps\AppUp.IntelGraphicsExperience_1.100.5487.0_x64__8j3eq9eme6ctt [2024-05-21] (INTEL CORP) [Startup Task]
Care Center S -> C:\Program Files\WindowsApps\AcerIncorporated.AcerCareCenterS_4.0.3054.0_x64__48frkmn4z8aw4 [2023-12-14] (Acer Incorporated)
Dropbox promotion -> C:\Program Files\WindowsApps\C27EB4BA.DropboxOEM_23.4.24.0_x64__xbfy0k16fey96 [2024-05-28] (Dropbox Inc.)
Evernote -> C:\Program Files\WindowsApps\Evernote.Evernote_10.89.2.0_x64__q4d96b2w5wcc2 [2024-05-29] (Evernote) [Startup Task]
Hearts Deluxe -> C:\Program Files\WindowsApps\26720RandomSaladGamesLLC.HeartsDeluxe_6.13.112.0_x64__kx24dqmazqk8j [2024-05-21] (Random Salad Games LLC)
Intel® Optane™ Memory and Storage Management -> C:\Program Files\WindowsApps\AppUp.IntelOptaneMemoryandStorageManagement_18.1.1041.0_x64__8j3eq9eme6ctt [2024-05-21] (INTEL CORP)
McAfee -> C:\Program Files\McAfee\wps\1.18.255.1 [2024-05-21] ()
Microsoft Defender -> C:\Program Files\WindowsApps\Microsoft.6365217CE6EB4_102.2403.21002.0_x64__8wekyb3d8bbwe [2024-06-03] (Microsoft Corporation) [Startup Task]
Microsoft Family -> C:\Program Files\WindowsApps\MicrosoftCorporationII.MicrosoftFamily_0.1.28.0_x64__8wekyb3d8bbwe [2023-12-14] (Microsoft Corp.)
Microsoft.AV1VideoExtension -> C:\Program Files\WindowsApps\Microsoft.AV1VideoExtension_1.1.61781.0_x64__8wekyb3d8bbwe [2023-12-28] (Microsoft Corporation)
Microsoft.BingSearch -> C:\Program Files\WindowsApps\Microsoft.BingSearch_1.0.91.0_x64__8wekyb3d8bbwe [2024-05-29] (Microsoft Corporation)
Microsoft.D3DMappingLayers -> C:\Program Files\WindowsApps\Microsoft.D3DMappingLayers_1.2404.1.0_x64__8wekyb3d8bbwe [2024-05-21] (Microsoft Corporation)
MicrosoftWindows.CrossDevice -> C:\Program Files\WindowsApps\MicrosoftWindows.CrossDevice_1.24051.39.0_x64__cw5n1h2txyewy [2024-05-31] (Microsoft Windows) [Startup Task]
QuickAccess -> C:\Program Files\WindowsApps\AcerIncorporated.QuickAccess_3.0.3052.0_x64__48frkmn4z8aw4 [2023-12-14] (Acer Incorporated)
Realtek Audio Control -> C:\Program Files\WindowsApps\RealtekSemiconductorCorp.RealtekAudioControl_1.26.250.0_x64__dt26b99r8h8gj [2023-12-14] (Realtek Semiconductor Corp)
Solitaire -> C:\Program Files\WindowsApps\26720RandomSaladGamesLLC.3899848563C1F_1.0.137.0_x64__kx24dqmazqk8j [2024-05-21] (Random Salad Games LLC)
Spades -> C:\Program Files\WindowsApps\26720RandomSaladGamesLLC.Spades_6.1.121.0_x64__kx24dqmazqk8j [2024-05-21] (Random Salad Games LLC)
User Experience Improvement Program V5 -> C:\Program Files\WindowsApps\AcerIncorporated.UserExperienceImprovementProgramV_5.0.3018.0_x64__48frkmn4z8aw4 [2023-12-14] (Acer Incorporated)
WinAppRuntime.Main.1.4 -> C:\Program Files\WindowsApps\MicrosoftCorporationII.WinAppRuntime.Main.1.4_4000.1227.1637.0_x64__8wekyb3d8bbwe [2024-05-22] (Microsoft Corp.)
WinAppRuntime.Singleton -> C:\Program Files\WindowsApps\MicrosoftCorporationII.WinAppRuntime.Singleton_4000.1227.1637.0_x64__8wekyb3d8bbwe [2024-05-22] (Microsoft Corp.)
Windows App Runtime DDLM 4000.1082.2259.0-x6 -> C:\Program Files\WindowsApps\Microsoft.WinAppRuntime.DDLM.4000.1082.2259.0-x6_4000.1082.2259.0_x64__8wekyb3d8bbwe [2024-05-20] (Microsoft Corporation)
Windows App Runtime DDLM 4000.1082.2259.0-x8 -> C:\Program Files\WindowsApps\Microsoft.WinAppRuntime.DDLM.4000.1082.2259.0-x8_4000.1082.2259.0_x86__8wekyb3d8bbwe [2024-05-20] (Microsoft Corporation)
Windows App Runtime DDLM 4000.964.11.0-x6 -> C:\Program Files\WindowsApps\Microsoft.WinAppRuntime.DDLM.4000.964.11.0-x6_4000.964.11.0_x64__8wekyb3d8bbwe [2023-12-25] (Microsoft Corporation)
Windows App Runtime DDLM 4000.964.11.0-x8 -> C:\Program Files\WindowsApps\Microsoft.WinAppRuntime.DDLM.4000.964.11.0-x8_4000.964.11.0_x86__8wekyb3d8bbwe [2023-12-25] (Microsoft Corporation)
Windows Feature Experience Pack -> C:\Windows\SystemApps\MicrosoftWindows.Client.LKG_cw5n1h2txyewy [2024-05-27] (Microsoft Windows)
==================== Custom CLSID (Whitelisted): ==============
(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)
CustomCLSID: HKU\S-1-5-21-1522692154-720549613-4100842380-1001_Classes\CLSID\{446889A0-340F-4CC6-84B2-77A832AE2176}\localserver32 -> C:\Program Files (x86)\F-Secure\TOTAL\x64\fshoster64.exe (F-Secure Corporation -> F-Secure Corporation)
ContextMenuHandlers1: [McCtxMenu] -> {4ADAAC88-E1BD-424F-816D-15E059007938} => C:\Program Files\McAfee\wps\1.18.255.1\mc-ctxmnu.dll [2024-05-21] (McAfee, LLC -> McAfee, LLC)
ContextMenuHandlers6: [McCtxMenu] -> {4ADAAC88-E1BD-424F-816D-15E059007938} => C:\Program Files\McAfee\wps\1.18.255.1\mc-ctxmnu.dll [2024-05-21] (McAfee, LLC -> McAfee, LLC)
==================== Codecs (Whitelisted) ====================
==================== Shortcuts & WMI ========================
==================== Loaded Modules (Whitelisted) =============
==================== Alternate Data Streams (Whitelisted) ========
==================== Safe Mode (Whitelisted) ==================
(If an entry is included in the fixlist, it will be removed from the registry. The "AlternateShell" will be restored.)
HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\mc-fw-host => ""="Service"
HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Network\mc-fw-host => ""="Service"
HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Network\mfetdi2k => ""="Service"
HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Network\mfetdi2k.sys => ""="Driver"
==================== Association (Whitelisted) =================
==================== Internet Explorer (Whitelisted) ==========
BHO-x32: Skype for Business Browser Helper -> {31D09BA0-12F5-4CCE-BE8A-2923E76605DA} -> C:\Program Files\Microsoft Office\root\VFS\ProgramFilesX86\Microsoft Office\Office16\OCHelper.dll [2024-05-20] (Microsoft Corporation -> Microsoft Corporation)
Handler: mso-minsb-roaming.16 - {83C25742-A9F7-49FB-9138-434302C88D07} - C:\Program Files\Microsoft Office\root\Office16\MSOSB.DLL [2024-06-03] (Microsoft Corporation -> Microsoft Corporation)
Handler-x32: mso-minsb-roaming.16 - {83C25742-A9F7-49FB-9138-434302C88D07} - C:\Program Files\Microsoft Office\root\VFS\ProgramFilesX86\Microsoft Office\Office16\MSOSB.DLL [2024-06-03] (Microsoft Corporation -> Microsoft Corporation)
Handler: mso-minsb.16 - {42089D2D-912D-4018-9087-2B87803E93FB} - C:\Program Files\Microsoft Office\root\Office16\MSOSB.DLL [2024-06-03] (Microsoft Corporation -> Microsoft Corporation)
Handler-x32: mso-minsb.16 - {42089D2D-912D-4018-9087-2B87803E93FB} - C:\Program Files\Microsoft Office\root\VFS\ProgramFilesX86\Microsoft Office\Office16\MSOSB.DLL [2024-06-03] (Microsoft Corporation -> Microsoft Corporation)
Handler: osf-roaming.16 - {42089D2D-912D-4018-9087-2B87803E93FB} - C:\Program Files\Microsoft Office\root\Office16\MSOSB.DLL [2024-06-03] (Microsoft Corporation -> Microsoft Corporation)
Handler-x32: osf-roaming.16 - {42089D2D-912D-4018-9087-2B87803E93FB} - C:\Program Files\Microsoft Office\root\VFS\ProgramFilesX86\Microsoft Office\Office16\MSOSB.DLL [2024-06-03] (Microsoft Corporation -> Microsoft Corporation)
Handler: osf.16 - {5504BE45-A83B-4808-900A-3A5C36E7F77A} - C:\Program Files\Microsoft Office\root\Office16\MSOSB.DLL [2024-06-03] (Microsoft Corporation -> Microsoft Corporation)
Handler-x32: osf.16 - {5504BE45-A83B-4808-900A-3A5C36E7F77A} - C:\Program Files\Microsoft Office\root\VFS\ProgramFilesX86\Microsoft Office\Office16\MSOSB.DLL [2024-06-03] (Microsoft Corporation -> Microsoft Corporation)
==================== Hosts content: =========================
(If needed Hosts: directive could be included in the fixlist to reset Hosts.)
2022-05-07 07:24 - 2022-05-07 07:22 - 000000824 _____ C:\Windows\system32\drivers\etc\hosts
==================== Other Areas ===========================
(Currently there is no automatic fix for this section.)
HKU\S-1-5-21-1522692154-720549613-4100842380-1001\Control Panel\Desktop\\Wallpaper -> C:\Windows\web\wallpaper\Acer01.jpg
DNS Servers: 62.129.50.20 - 85.135.32.100
HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Policies\System => (ConsentPromptBehaviorAdmin: 5) (ConsentPromptBehaviorUser: 3) (EnableLUA: 1)
Windows Firewall is enabled.
==================== MSCONFIG/TASK MANAGER disabled items ==
(If an entry is included in the fixlist, it will be removed.)
HKU\S-1-5-21-1522692154-720549613-4100842380-1001\...\StartupApproved\Run: => "CCleaner Smart Cleaning"
==================== FirewallRules (Whitelisted) ================
(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)
FirewallRules: [{DE573B2F-63B8-4CB1-93D4-786F88161C20}] => (Allow) C:\Program Files\Microsoft Office\root\Office16\outlook.exe (Microsoft Corporation -> Microsoft Corporation)
FirewallRules: [{BE4F8E50-78AA-48E4-8E31-A1995065B594}] => (Allow) C:\Program Files\WindowsApps\MicrosoftTeams_24102.2309.2851.4917_x64__8wekyb3d8bbwe\msteams.exe (Microsoft Corporation -> Microsoft Corporation)
FirewallRules: [{232DD7C5-AE2F-4664-A237-3E676C216627}] => (Allow) C:\Program Files\WindowsApps\MicrosoftTeams_24102.2309.2851.4917_x64__8wekyb3d8bbwe\msteams.exe (Microsoft Corporation -> Microsoft Corporation)
FirewallRules: [{150042BD-4CA3-44DC-BF19-A40634A9FA06}] => (Allow) C:\Program Files\Google\Chrome\Application\chrome.exe (Google LLC -> Google LLC)
FirewallRules: [{41DA2652-E44B-447C-9AB7-62DDC61F25B3}] => (Allow) C:\Program Files (x86)\Microsoft\EdgeWebView\Application\125.0.2535.79\msedgewebview2.exe (Microsoft Corporation -> Microsoft Corporation)
FirewallRules: [{28C9B8C6-2EB3-493F-915D-19F0AB0A3F7D}] => (Allow) C:\Program Files\WindowsApps\MicrosoftTeams_24124.2402.2858.5617_x64__8wekyb3d8bbwe\msteams.exe (Microsoft Corporation -> Microsoft Corporation)
FirewallRules: [{F79CB33E-9EE3-493E-9ECA-089D9E72943F}] => (Allow) C:\Program Files\WindowsApps\MicrosoftTeams_24124.2402.2858.5617_x64__8wekyb3d8bbwe\msteams.exe (Microsoft Corporation -> Microsoft Corporation)
==================== Restore Points =========================
ATTENTION: System Restore is disabled (Total:475.67 GB) (Free:427.34 GB) (90%)
==================== Faulty Device Manager Devices ============
==================== Event log errors: ========================
Application errors:
==================
Error: (06/03/2024 07:49:10 AM) (Source: Application Error) (EventID: 1000) (User: LAPTOP-5DQCHNGG)
Description: Název chybující aplikace: AcerRegistrationBackGroundTask.exe, verze: 1.0.0.0, časové razítko: 0x64375ffb
Název chybujícího modulu: KERNELBASE.dll, verze: 10.0.22621.3527, časové razítko: 0xf436709b
Kód výjimky: 0xc000041d
Posun chyby: 0x001498b2
ID chybujícího procesu: 0x0x32b4
Čas spuštění chybující aplikace: 0x0x1dab579bf1f10ad
Cesta k chybující aplikaci: C:\Program Files\WindowsApps\AcerIncorporated.AcerRegistration_2.0.3044.0_x64__48frkmn4z8aw4\DesktopApp\AcerRegistrationBackGroundTask.exe
Cesta k chybujícímu modulu: C:\Windows\System32\KERNELBASE.dll
ID zprávy: ebe1ae43-4d6b-4f57-8d2d-41a5fb103053
Úplný název chybujícího balíčku: AcerIncorporated.AcerRegistration_2.0.3044.0_x64__48frkmn4z8aw4
ID aplikace související s chybujícím balíčkem: Acer.AcerRegistration
Error: (06/03/2024 07:49:07 AM) (Source: Application Error) (EventID: 1000) (User: LAPTOP-5DQCHNGG)
Description: Název chybující aplikace: AcerRegistrationBackGroundTask.exe, verze: 1.0.0.0, časové razítko: 0x64375ffb
Název chybujícího modulu: KERNELBASE.dll, verze: 10.0.22621.3527, časové razítko: 0xf436709b
Kód výjimky: 0xc0020001
Posun chyby: 0x001498b2
ID chybujícího procesu: 0x0x32b4
Čas spuštění chybující aplikace: 0x0x1dab579bf1f10ad
Cesta k chybující aplikaci: C:\Program Files\WindowsApps\AcerIncorporated.AcerRegistration_2.0.3044.0_x64__48frkmn4z8aw4\DesktopApp\AcerRegistrationBackGroundTask.exe
Cesta k chybujícímu modulu: C:\Windows\System32\KERNELBASE.dll
ID zprávy: 38aa5e36-9b42-40ea-80e0-b7a83da7390d
Úplný název chybujícího balíčku: AcerIncorporated.AcerRegistration_2.0.3044.0_x64__48frkmn4z8aw4
ID aplikace související s chybujícím balíčkem: Acer.AcerRegistration
Error: (05/31/2024 09:13:16 AM) (Source: Application Error) (EventID: 1000) (User: LAPTOP-5DQCHNGG)
Description: Název chybující aplikace: iGoSwServer.exe, verze: 100.1.7.7, časové razítko: 0x6368c2f1
Název chybujícího modulu: ucrtbase.dll, verze: 10.0.22621.3593, časové razítko: 0x10c46e71
Kód výjimky: 0xc0000409
Posun chyby: 0x000000000007e008
ID chybujícího procesu: 0x0x197c
Čas spuštění chybující aplikace: 0x0x1dab31ae041d60a
Cesta k chybující aplikaci: C:\Windows\System32\DriverStore\FileRepository\igoaudioservice.inf_amd64_5480d357b22325cc\iGoSwServer.exe
Cesta k chybujícímu modulu: C:\Windows\System32\ucrtbase.dll
ID zprávy: f9a442c0-698b-4c2a-aa9f-5ab552996472
Úplný název chybujícího balíčku:
ID aplikace související s chybujícím balíčkem:
Error: (05/31/2024 09:07:22 AM) (Source: Microsoft Office 16) (EventID: 2011) (User: )
Description: Office Subscription licensing exception: Error Code: 0x305; CorrelationId: {F7902A1C-B1DF-47FB-B541-8D0CF0024693}
Error: (05/31/2024 07:45:54 AM) (Source: Application Error) (EventID: 1000) (User: LAPTOP-5DQCHNGG)
Description: Název chybující aplikace: AcerRegistrationBackGroundTask.exe, verze: 1.0.0.0, časové razítko: 0x64375ffb
Název chybujícího modulu: KERNELBASE.dll, verze: 10.0.22621.3527, časové razítko: 0xf436709b
Kód výjimky: 0xc000041d
Posun chyby: 0x001498b2
ID chybujícího procesu: 0x0x1690
Čas spuštění chybující aplikace: 0x0x1dab31dcc253cd1
Cesta k chybující aplikaci: C:\Program Files\WindowsApps\AcerIncorporated.AcerRegistration_2.0.3044.0_x64__48frkmn4z8aw4\DesktopApp\AcerRegistrationBackGroundTask.exe
Cesta k chybujícímu modulu: C:\Windows\System32\KERNELBASE.dll
ID zprávy: 02e6a856-8e71-49e6-8bfe-c9197576c64d
Úplný název chybujícího balíčku: AcerIncorporated.AcerRegistration_2.0.3044.0_x64__48frkmn4z8aw4
ID aplikace související s chybujícím balíčkem: Acer.AcerRegistration
Error: (05/31/2024 07:45:52 AM) (Source: Application Error) (EventID: 1000) (User: LAPTOP-5DQCHNGG)
Description: Název chybující aplikace: AcerRegistrationBackGroundTask.exe, verze: 1.0.0.0, časové razítko: 0x64375ffb
Název chybujícího modulu: KERNELBASE.dll, verze: 10.0.22621.3527, časové razítko: 0xf436709b
Kód výjimky: 0xc0020001
Posun chyby: 0x001498b2
ID chybujícího procesu: 0x0x1690
Čas spuštění chybující aplikace: 0x0x1dab31dcc253cd1
Cesta k chybující aplikaci: C:\Program Files\WindowsApps\AcerIncorporated.AcerRegistration_2.0.3044.0_x64__48frkmn4z8aw4\DesktopApp\AcerRegistrationBackGroundTask.exe
Cesta k chybujícímu modulu: C:\Windows\System32\KERNELBASE.dll
ID zprávy: 526eb515-4448-4e61-9668-ca22bcb69839
Úplný název chybujícího balíčku: AcerIncorporated.AcerRegistration_2.0.3044.0_x64__48frkmn4z8aw4
ID aplikace související s chybujícím balíčkem: Acer.AcerRegistration
Error: (05/30/2024 09:04:35 PM) (Source: Application Error) (EventID: 1000) (User: LAPTOP-5DQCHNGG)
Description: Název chybující aplikace: iGoSwServer.exe, verze: 100.1.7.7, časové razítko: 0x6368c2f1
Název chybujícího modulu: ucrtbase.dll, verze: 10.0.22621.3593, časové razítko: 0x10c46e71
Kód výjimky: 0xc0000409
Posun chyby: 0x000000000007e008
ID chybujícího procesu: 0x0x1764
Čas spuštění chybující aplikace: 0x0x1dab282b61f54c6
Cesta k chybující aplikaci: C:\Windows\System32\DriverStore\FileRepository\igoaudioservice.inf_amd64_5480d357b22325cc\iGoSwServer.exe
Cesta k chybujícímu modulu: C:\Windows\System32\ucrtbase.dll
ID zprávy: de73459f-eacb-4e83-a16a-19ea28cc77f9
Úplný název chybujícího balíčku:
ID aplikace související s chybujícím balíčkem:
Error: (05/30/2024 07:48:07 AM) (Source: Application Error) (EventID: 1000) (User: LAPTOP-5DQCHNGG)
Description: Název chybující aplikace: iGoSwServer.exe, verze: 100.1.7.7, časové razítko: 0x6368c2f1
Název chybujícího modulu: ucrtbase.dll, verze: 10.0.22621.3593, časové razítko: 0x10c46e71
Kód výjimky: 0xc0000409
Posun chyby: 0x000000000007e008
ID chybujícího procesu: 0x0x3c2c
Čas spuštění chybující aplikace: 0x0x1dab2529a1941ab
Cesta k chybující aplikaci: C:\Windows\System32\DriverStore\FileRepository\igoaudioservice.inf_amd64_5480d357b22325cc\iGoSwServer.exe
Cesta k chybujícímu modulu: C:\Windows\System32\ucrtbase.dll
ID zprávy: 15c2a0c5-8589-4248-b0a4-235dcf2999f5
Úplný název chybujícího balíčku:
ID aplikace související s chybujícím balíčkem:
System errors:
=============
Error: (06/04/2024 08:20:56 AM) (Source: Netwtw10) (EventID: 5005) (User: )
Description: Intel(R) Wi-Fi 6 AX101 : Byla zjištěna vnitřní chyba a došlo k selhání.
5005 - Driver internal error
Error: (06/04/2024 08:20:56 AM) (Source: Netwtw10) (EventID: 5002) (User: )
Description: Intel(R) Wi-Fi 6 AX101 : Bylo zjištěno, že síťový adaptér nepracuje správně.
5002 - uCode SW error (SysAssert, NMI)
Error: (06/04/2024 08:20:53 AM) (Source: Netwtw10) (EventID: 5005) (User: )
Description: Intel(R) Wi-Fi 6 AX101 : Byla zjištěna vnitřní chyba a došlo k selhání.
5005 - Driver internal error
Error: (06/04/2024 08:20:53 AM) (Source: Netwtw10) (EventID: 5007) (User: )
Description: 5007 - TX/CMD timeout (TfdQueue hanged)
Error: (06/04/2024 08:18:47 AM) (Source: Netwtw10) (EventID: 5005) (User: )
Description: Intel(R) Wi-Fi 6 AX101 : Byla zjištěna vnitřní chyba a došlo k selhání.
5005 - Driver internal error
Error: (06/04/2024 08:18:47 AM) (Source: Netwtw10) (EventID: 5002) (User: )
Description: Intel(R) Wi-Fi 6 AX101 : Bylo zjištěno, že síťový adaptér nepracuje správně.
5002 - uCode SW error (SysAssert, NMI)
Error: (06/04/2024 08:18:44 AM) (Source: Netwtw10) (EventID: 5005) (User: )
Description: Intel(R) Wi-Fi 6 AX101 : Byla zjištěna vnitřní chyba a došlo k selhání.
5005 - Driver internal error
Error: (06/04/2024 08:18:44 AM) (Source: Netwtw10) (EventID: 5007) (User: )
Description: 5007 - TX/CMD timeout (TfdQueue hanged)
Windows Defender:
================
Date: 2024-06-03 10:04:11
Description:
Prohledávání Antivirová ochrana v programu Microsoft Defender bylo zastaveno před dokončením.
ID prohledávání: {E5BA2FA3-D9F4-4549-BB01-E166B166C751}
Typ prohledávání: Antimalwarový program
Parametry prohledávání: Rychlé prohledávání
Uživatel: NT AUTHORITY\SYSTEM
Date: 2024-06-02 15:37:43
Description:
Prohledávání Antivirová ochrana v programu Microsoft Defender bylo zastaveno před dokončením.
ID prohledávání: {AE202899-3A4B-4B35-995C-4EB2FB07E780}
Typ prohledávání: Antimalwarový program
Parametry prohledávání: Rychlé prohledávání
Uživatel: NT AUTHORITY\SYSTEM
Date: 2024-06-01 12:19:42
Description:
Prohledávání Antivirová ochrana v programu Microsoft Defender bylo zastaveno před dokončením.
ID prohledávání: {6389282D-6FBE-49EC-BBBE-BD5250118A7B}
Typ prohledávání: Antimalwarový program
Parametry prohledávání: Rychlé prohledávání
Uživatel: NT AUTHORITY\SYSTEM
Date: 2024-05-31 08:05:27
Description:
Prohledávání Antivirová ochrana v programu Microsoft Defender bylo zastaveno před dokončením.
ID prohledávání: {A331A816-B38E-4A24-A4A8-48D9DC754FCF}
Typ prohledávání: Antimalwarový program
Parametry prohledávání: Rychlé prohledávání
Uživatel: NT AUTHORITY\SYSTEM
Date: 2024-05-28 07:04:23
Description:
Prohledávání Antivirová ochrana v programu Microsoft Defender bylo zastaveno před dokončením.
ID prohledávání: {F86FDFC3-26AB-42DF-8CB8-6AD206DAD4B3}
Typ prohledávání: Antimalwarový program
Parametry prohledávání: Rychlé prohledávání
Uživatel: NT AUTHORITY\SYSTEM
Event[0]
Date: 2024-05-20 17:48:54
Description:
Antivirová ochrana v programu Microsoft Defender narazil na chybu při pokusu o aktualizaci bezpečnostních informací.
Nová verze bezpečnostních informací:
Předchozí verze bezpečnostních informací: 1.403.3578.0
Zdroj aktualizace: Server Microsoft Update
Typ bezpečnostních informací: Antivirový program
Typ aktualizace: Úplné
Uživatel: NT AUTHORITY\SYSTEM
Aktuální verze modulu:
Předchozí verze modulu: 1.1.24010.10
Kód chyby: 0x80240016
Popis chyby: Při zjišťování aktualizací došlo k neočekávaným potížím. Informace o instalaci nebo řešení potíží s aktualizacemi naleznete v nápovědě a podpoře.
Date: 2024-05-17 10:35:16
Description:
Antivirová ochrana v programu Microsoft Defender narazil na chybu při pokusu o aktualizaci bezpečnostních informací.
Nová verze bezpečnostních informací:
Předchozí verze bezpečnostních informací: 1.403.3263.0
Zdroj aktualizace: Centrum společnosti Microsoft pro ochranu před škodlivým softwarem
Typ bezpečnostních informací: Antivirový program
Typ aktualizace: Úplné
Uživatel: NT AUTHORITY\SYSTEM
Aktuální verze modulu:
Předchozí verze modulu: 1.1.23110.2
Kód chyby: 0x80072ee7
Popis chyby: Nelze rozpoznat název nebo adresu serveru.
Date: 2024-05-17 10:35:16
Description:
Antivirová ochrana v programu Microsoft Defender narazil na chybu při pokusu o aktualizaci bezpečnostních informací.
Nová verze bezpečnostních informací:
Předchozí verze bezpečnostních informací: 1.403.3263.0
Zdroj aktualizace: Centrum společnosti Microsoft pro ochranu před škodlivým softwarem
Typ bezpečnostních informací: Antispywarový program
Typ aktualizace: Úplné
Uživatel: NT AUTHORITY\SYSTEM
Aktuální verze modulu:
Předchozí verze modulu: 1.1.23110.2
Kód chyby: 0x80072ee7
Popis chyby: Nelze rozpoznat název nebo adresu serveru.
Date: 2024-05-17 10:35:16
Description:
Antivirová ochrana v programu Microsoft Defender narazil na chybu při pokusu o aktualizaci bezpečnostních informací.
Nová verze bezpečnostních informací:
Předchozí verze bezpečnostních informací: 1.403.3263.0
Zdroj aktualizace: Centrum společnosti Microsoft pro ochranu před škodlivým softwarem
Typ bezpečnostních informací: Antivirový program
Typ aktualizace: Úplné
Uživatel: NT AUTHORITY\SYSTEM
Aktuální verze modulu:
Předchozí verze modulu: 1.1.23110.2
Kód chyby: 0x80072ee7
Popis chyby: Nelze rozpoznat název nebo adresu serveru.
Date: 2024-05-17 10:35:16
Description:
Antivirová ochrana v programu Microsoft Defender narazil na chybu při pokusu o aktualizaci bezpečnostních informací.
Nová verze bezpečnostních informací:
Předchozí verze bezpečnostních informací: 1.403.3263.0
Zdroj aktualizace: Centrum společnosti Microsoft pro ochranu před škodlivým softwarem
Typ bezpečnostních informací: Antivirový program
Typ aktualizace: Úplné
Uživatel: NT AUTHORITY\SYSTEM
Aktuální verze modulu:
Předchozí verze modulu: 1.1.23110.2
Kód chyby: 0x80072ee2
Popis chyby: Operace nebyla v požadované době dokončena.
CodeIntegrity:
===============
Date: 2024-06-04 08:23:57
Description:
Windows is unable to verify the image integrity of the file \Device\HarddiskVolume3\Program Files (x86)\F-Secure\TOTAL\Ultralight\ulcore\1715597669\fsamsi64.dll because file hash could not be found on the system. A recent hardware or software change might have installed a file that is signed incorrectly or damaged, or that might be malicious software from an unknown source.
Date: 2024-06-04 08:23:57
Description:
Code Integrity determined that a process (\Device\HarddiskVolume3\Windows\System32\svchost.exe) attempted to load \Device\HarddiskVolume3\Program Files\McAfee\wps\1.18.255.1\mc-sec-plugin-x64.dll that did not meet the Windows signing level requirements.
==================== Memory info ===========================
BIOS: Insyde Corp. V1.34 04/21/2023
Motherboard: TGL Camellia_TL
Processor: 11th Gen Intel(R) Core(TM) i3-1115G4 @ 3.00GHz
Percentage of memory in use: 76%
Total physical RAM: 7971.3 MB
Available physical RAM: 1856.71 MB
Total Virtual: 9699.3 MB
Available Virtual: 2120.66 MB
==================== Drives ================================
Drive c: (Acer) (Fixed) (Total:475.67 GB) (Free:427.34 GB) (Model: NVMe KINGSTON OM8SEP4512Q-AA) NTFS
\\?\Volume{f7a5a8c9-aea1-491b-87cb-1365caa5168a}\ (Recovery) (Fixed) (Total:1 GB) (Free:0.43 GB) NTFS
\\?\Volume{f4bdbb46-65ba-47c3-a643-cc356c83e3b0}\ (ESP) (Fixed) (Total:0.25 GB) (Free:0.19 GB) FAT32
==================== MBR & Partition Table ====================
==================== End of Addition.txt =======================
Odvirování PC, zrychlení počítače, vzdálená pomoc prostřednictvím služby neslape.cz
Velké zpomalení NoteBooku. Děkuji
Moderátor: Moderátoři
Pravidla fóra
Pokud chcete pomoc, vložte log z FRST [návod zde] nebo RSIT [návod zde]
Jednotlivé thready budou po vyřešení uzamčeny. Stejně tak ty, které budou nečinné déle než 14 dní. Vizte Pravidlo o zamykání témat. Děkujeme za pochopení.
!NOVINKA!
Nově lze využívat služby vzdálené pomoci, kdy se k vašemu počítači připojí odborník a bližší informace o problému si od vás získá telefonicky! Více na www.neslape.cz
Ve dnech 5.9. - 7.9.2025 budou někteří z nás na každoročním srazu teamu našeho fóra. V této době se může stát, že budete o něco déle čekat na naší odezvu. Děkujeme a omlouváme se.
Pokud chcete pomoc, vložte log z FRST [návod zde] nebo RSIT [návod zde]
Jednotlivé thready budou po vyřešení uzamčeny. Stejně tak ty, které budou nečinné déle než 14 dní. Vizte Pravidlo o zamykání témat. Děkujeme za pochopení.
!NOVINKA!
Nově lze využívat služby vzdálené pomoci, kdy se k vašemu počítači připojí odborník a bližší informace o problému si od vás získá telefonicky! Více na www.neslape.cz
Ve dnech 5.9. - 7.9.2025 budou někteří z nás na každoročním srazu teamu našeho fóra. V této době se může stát, že budete o něco déle čekat na naší odezvu. Děkujeme a omlouváme se.
-
Rudy
- Site Admin
- Příspěvky: 119487
- Registrován: 30 říj 2003 13:42
- Bydliště: Plzeň
- Kontaktovat uživatele:
Re: Velké zpomalení NoteBooku. Děkuji
Zdravím!
Nejprve spusťte tuto utilitu:
Nejprve spusťte tuto utilitu:
Ulozte na plochu AdwCleaner https://malwarebytes.com/adwcleaner/ nebo http://www.bleepingcomputer.com/download/adwcleaner/
ukoncete vsechny programy
odsouhlaste licencni podmiky (EULA) klikem na Souhlasim
kliknete pravym na ikonu AdwCleaneru a vyberte Spustit jako spravce (v pripade Win XP spustte obycejne dvojklikem)
kliknete na Skenovat nyni (Scan now), pote na Cisteni a opravy (Clean and Repair)
po restartu na Vas vyskoci log (pripadne jej najdete v C:\AdwCleaner\Logs\AdwCleaner[Cxx].txt), jehoz obsah zkopirujte do pristi odpovedi
Dotazy a logy vkládejte pouze do vašich threadů. Soukromé zprávy, icq a e-maily neslouží k řešení vašich problémů.
Podpořte, prosím, naše fórum : https://platba.viry.cz/payment/.
Navštivte:
e-mail: rudy(zavináč)forum.viry.cz
Varování: Před odvirováním PC si udělejte zálohy svých důležitých dat (pošta, kontakty, dokumenty, fotografie, videa, hudba apod.). Virus mimo svých "viditelných" aktivit může poškodit systém!
Po dořešení vašeho problému bude vlákno zamknuto. Stejně tak tehdy, pokud bude nečinné více než 14dnů. Pokud budete chtít vlákno aktivovat, napište mi na mail uvedený výše.
Podpořte, prosím, naše fórum : https://platba.viry.cz/payment/.
Navštivte:
e-mail: rudy(zavináč)forum.viry.cz
Varování: Před odvirováním PC si udělejte zálohy svých důležitých dat (pošta, kontakty, dokumenty, fotografie, videa, hudba apod.). Virus mimo svých "viditelných" aktivit může poškodit systém!
Po dořešení vašeho problému bude vlákno zamknuto. Stejně tak tehdy, pokud bude nečinné více než 14dnů. Pokud budete chtít vlákno aktivovat, napište mi na mail uvedený výše.
Re: Velké zpomalení NoteBooku. Děkuji
Log zde
# -------------------------------
# Malwarebytes AdwCleaner 8.4.2.0
# -------------------------------
# Build: 03-04-2024
# Database: 2024-03-04.1 (Cloud)
# Support: https://www.malwarebytes.com/support
#
# -------------------------------
# Mode: Clean
# -------------------------------
# Start: 06-04-2024
# Duration: 00:00:01
# OS: Windows 11 (Build 22631.3593)
# Cleaned: 11
# Awaiting reboot:1
# Failed: 0
***** [ Services ] *****
No malicious services cleaned.
***** [ Folders ] *****
Deleted C:\Users\Default\AppData\Local\Host App Service
Deleted C:\Users\Public\App Explorer
Needs Reboot C:\Users\milan\AppData\Local\Host App Service
***** [ Files ] *****
Deleted C:\ProgramData\Microsoft\Windows\Start Menu\Programs\App Explorer.lnk
Deleted C:\Users\milan\AppData\Roaming\Microsoft\Internet Explorer\Quick Launch\User Pinned\TaskBar\Booking.com.lnk
***** [ DLL ] *****
No malicious DLLs cleaned.
***** [ WMI ] *****
No malicious WMI cleaned.
***** [ Shortcuts ] *****
No malicious shortcuts cleaned.
***** [ Tasks ] *****
Deleted C:\Windows\System32\Tasks\APP EXPLORER
***** [ Registry ] *****
Deleted HKCU\Software\App Host Service
Deleted HKCU\Software\Host App Service
Deleted HKCU\Software\Microsoft\Windows\CurrentVersion\Uninstall\Host App Service
Deleted HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tasks\{4C524DC0-94B2-48AC-809A-97D46780184C}
Deleted HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tree\App Explorer
***** [ Chromium (and derivatives) ] *****
No malicious Chromium entries cleaned.
***** [ Chromium URLs ] *****
No malicious Chromium URLs cleaned.
***** [ Firefox (and derivatives) ] *****
No malicious Firefox entries cleaned.
***** [ Firefox URLs ] *****
No malicious Firefox URLs cleaned.
***** [ Hosts File Entries ] *****
No malicious hosts file entries cleaned.
***** [ Preinstalled Software ] *****
No Preinstalled Software cleaned.
*************************
[+] Delete Tracing Keys
[+] Reset Winsock
*************************
***** Reboot Required to Complete *****
***** [ Folders ] *****
Cleaning failed C:\Users\milan\AppData\Local\Host App Service
*************************
AdwCleaner[S00].txt - [5106 octets] - [04/06/2024 10:11:32]
########## EOF - C:\AdwCleaner\Logs\AdwCleaner[C00].txt ##########
# -------------------------------
# Malwarebytes AdwCleaner 8.4.2.0
# -------------------------------
# Build: 03-04-2024
# Database: 2024-03-04.1 (Cloud)
# Support: https://www.malwarebytes.com/support
#
# -------------------------------
# Mode: Clean
# -------------------------------
# Start: 06-04-2024
# Duration: 00:00:01
# OS: Windows 11 (Build 22631.3593)
# Cleaned: 11
# Awaiting reboot:1
# Failed: 0
***** [ Services ] *****
No malicious services cleaned.
***** [ Folders ] *****
Deleted C:\Users\Default\AppData\Local\Host App Service
Deleted C:\Users\Public\App Explorer
Needs Reboot C:\Users\milan\AppData\Local\Host App Service
***** [ Files ] *****
Deleted C:\ProgramData\Microsoft\Windows\Start Menu\Programs\App Explorer.lnk
Deleted C:\Users\milan\AppData\Roaming\Microsoft\Internet Explorer\Quick Launch\User Pinned\TaskBar\Booking.com.lnk
***** [ DLL ] *****
No malicious DLLs cleaned.
***** [ WMI ] *****
No malicious WMI cleaned.
***** [ Shortcuts ] *****
No malicious shortcuts cleaned.
***** [ Tasks ] *****
Deleted C:\Windows\System32\Tasks\APP EXPLORER
***** [ Registry ] *****
Deleted HKCU\Software\App Host Service
Deleted HKCU\Software\Host App Service
Deleted HKCU\Software\Microsoft\Windows\CurrentVersion\Uninstall\Host App Service
Deleted HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tasks\{4C524DC0-94B2-48AC-809A-97D46780184C}
Deleted HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tree\App Explorer
***** [ Chromium (and derivatives) ] *****
No malicious Chromium entries cleaned.
***** [ Chromium URLs ] *****
No malicious Chromium URLs cleaned.
***** [ Firefox (and derivatives) ] *****
No malicious Firefox entries cleaned.
***** [ Firefox URLs ] *****
No malicious Firefox URLs cleaned.
***** [ Hosts File Entries ] *****
No malicious hosts file entries cleaned.
***** [ Preinstalled Software ] *****
No Preinstalled Software cleaned.
*************************
[+] Delete Tracing Keys
[+] Reset Winsock
*************************
***** Reboot Required to Complete *****
***** [ Folders ] *****
Cleaning failed C:\Users\milan\AppData\Local\Host App Service
*************************
AdwCleaner[S00].txt - [5106 octets] - [04/06/2024 10:11:32]
########## EOF - C:\AdwCleaner\Logs\AdwCleaner[C00].txt ##########
-
Rudy
- Site Admin
- Příspěvky: 119487
- Registrován: 30 říj 2003 13:42
- Bydliště: Plzeň
- Kontaktovat uživatele:
Re: Velké zpomalení NoteBooku. Děkuji
OK. Dejte nové logy FRST+Addition.
Dotazy a logy vkládejte pouze do vašich threadů. Soukromé zprávy, icq a e-maily neslouží k řešení vašich problémů.
Podpořte, prosím, naše fórum : https://platba.viry.cz/payment/.
Navštivte:
e-mail: rudy(zavináč)forum.viry.cz
Varování: Před odvirováním PC si udělejte zálohy svých důležitých dat (pošta, kontakty, dokumenty, fotografie, videa, hudba apod.). Virus mimo svých "viditelných" aktivit může poškodit systém!
Po dořešení vašeho problému bude vlákno zamknuto. Stejně tak tehdy, pokud bude nečinné více než 14dnů. Pokud budete chtít vlákno aktivovat, napište mi na mail uvedený výše.
Podpořte, prosím, naše fórum : https://platba.viry.cz/payment/.
Navštivte:
e-mail: rudy(zavináč)forum.viry.cz
Varování: Před odvirováním PC si udělejte zálohy svých důležitých dat (pošta, kontakty, dokumenty, fotografie, videa, hudba apod.). Virus mimo svých "viditelných" aktivit může poškodit systém!
Po dořešení vašeho problému bude vlákno zamknuto. Stejně tak tehdy, pokud bude nečinné více než 14dnů. Pokud budete chtít vlákno aktivovat, napište mi na mail uvedený výše.
Re: Velké zpomalení NoteBooku. Děkuji
ok nové logy zasílám.
Scan result of Farbar Recovery Scan Tool (FRST) (x64) Version: 01.06.2024
Ran by milan (administrator) on LAPTOP-5DQCHNGG (Acer Aspire A315-58) (04-06-2024 13:18:22)
Running from C:\Users\milan\Desktop\FRST64.exe
Loaded Profiles: milan
Platform: Microsoft Windows 11 Home Version 23H2 22631.3593 (X64) Language: Čeština (Česko)
Default browser: Chrome
Boot Mode: Normal
==================== Processes (Whitelisted) =================
(If an entry is included in the fixlist, the process will be closed. The file will not be moved.)
(C:\Program Files\Acer\Quick Access Service\QASvc.exe ->) (Acer Incorporated -> Acer Incorporated) C:\Program Files\Acer\Quick Access Service\QAAdminAgent.exe
(C:\Program Files\Acer\Quick Access Service\QASvc.exe ->) (Acer Incorporated -> Acer Incorporated) C:\Program Files\Acer\Quick Access Service\QAAgent.exe
(C:\Program Files\McAfee\WebAdvisor\servicehost.exe ->) (McAfee, LLC -> McAfee, LLC) C:\Program Files\McAfee\WebAdvisor\uihost.exe
(C:\Program Files\WindowsApps\MicrosoftTeams_24124.2402.2858.5617_x64__8wekyb3d8bbwe\msteams.exe ->) (Microsoft Corporation -> Microsoft Corporation) C:\Program Files (x86)\Microsoft\EdgeWebView\Application\125.0.2535.79\msedgewebview2.exe <12>
(DriverStore\FileRepository\cui_dch.inf_amd64_ea0f2e956b37b3be\igfxCUIServiceN.exe ->) (Intel Corporation -> Intel Corporation) C:\Windows\System32\DriverStore\FileRepository\cui_dch.inf_amd64_ea0f2e956b37b3be\igfxEMN.exe
(explorer.exe ->) (Microsoft Corporation -> Microsoft Corporation) C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe <5>
(services.exe ->) (Acer Incorporated -> Acer Incorporated) C:\Program Files (x86)\Acer\Care Center\ACCSvc.exe
(services.exe ->) (Acer Incorporated -> Acer Incorporated) C:\Program Files\Acer\Quick Access Service\QASvc.exe
(services.exe ->) (British Cayman Islands Intelligo Technology Inc. Taiwan Branch -> Intelligo Technology Inc.) C:\Windows\System32\DriverStore\FileRepository\igoaudioservice.inf_amd64_5480d357b22325cc\IgoAudioService_x64.exe
(services.exe ->) (F-Secure Corporation -> F-Secure Corporation) C:\Program Files (x86)\F-Secure\TOTAL\FSNifWeb\1715672042\fshoster64.exe
(services.exe ->) (F-Secure Corporation -> F-Secure Corporation) C:\Program Files (x86)\F-Secure\TOTAL\x64\fshoster64.exe <3>
(services.exe ->) (F-Secure Corporation -> F-Secure Corporation) C:\Program Files (x86)\F-Secure\TOTAL\x64\fsvpnservice_64.exe
(services.exe ->) (Intel Corporation -> Intel Corporation) C:\Windows\System32\DriverStore\FileRepository\cui_dch.inf_amd64_ea0f2e956b37b3be\igfxCUIServiceN.exe
(services.exe ->) (Intel Corporation -> Intel Corporation) C:\Windows\System32\DriverStore\FileRepository\iastorvd.inf_amd64_a5ea1b1d8db1527e\RstMwService.exe
(services.exe ->) (Intel Corporation -> Intel Corporation) C:\Windows\System32\DriverStore\FileRepository\igcc_dch.inf_amd64_98ad395a329efc54\OneApp.IGCC.WinService.exe
(services.exe ->) (Intel Corporation -> Intel Corporation) C:\Windows\System32\DriverStore\FileRepository\iigd_dch.inf_amd64_38b23bd92a6775fe\IntelCpHDCPSvc.exe
(services.exe ->) (Intel Corporation -> Intel Corporation) C:\Windows\System32\DriverStore\FileRepository\lms.inf_amd64_fddb643595e0b8d0\LMS.exe
(services.exe ->) (Intel Corporation -> Intel) C:\Windows\System32\DriverStore\FileRepository\intcoed.inf_amd64_0f43cda6a2474b5c\AS\IAS\IntelAudioService.exe
(services.exe ->) (Intel(R) Embedded Subsystems and IP Blocks Group -> Intel Corporation) C:\Windows\System32\DriverStore\FileRepository\dal.inf_amd64_b5484efd38adbe8d\jhi_service.exe
(services.exe ->) (McAfee, LLC -> McAfee, LLC) C:\Program Files\McAfee\WebAdvisor\servicehost.exe
(services.exe ->) (McAfee, LLC -> McAfee, LLC) C:\Program Files\McAfee\wps\1.18.255.1\mc-fw-host.exe <2>
(services.exe ->) (Microsoft Corporation -> Microsoft Corporation) C:\Program Files\Common Files\microsoft shared\ClickToRun\OfficeClickToRun.exe
(services.exe ->) (Microsoft Corporation -> Microsoft Corporation) C:\Windows\Microsoft.NET\Framework64\v3.0\WPF\PresentationFontCache.exe
(services.exe ->) (Microsoft Windows Publisher -> Microsoft Corporation) C:\ProgramData\Microsoft\Windows Defender\Platform\4.18.24050.7-0\MpDefenderCoreService.exe
(services.exe ->) (Microsoft Windows Publisher -> Microsoft Corporation) C:\ProgramData\Microsoft\Windows Defender\Platform\4.18.24050.7-0\MsMpEng.exe
(services.exe ->) (Microsoft Windows Publisher -> Microsoft Corporation) C:\ProgramData\Microsoft\Windows Defender\Platform\4.18.24050.7-0\NisSrv.exe
(services.exe ->) (Realtek Semiconductor Corp. -> Realtek Semiconductor) C:\Windows\System32\DriverStore\FileRepository\realtekservice.inf_amd64_6903f1a9d3b68dab\RtkAudUService64.exe <2>
(services.exe ->) (WithSecure Oyj -> F-Secure Corporation) C:\Program Files (x86)\F-Secure\TOTAL\Ultralight\ulcore\1715597669\fsorsp64.exe
(services.exe ->) (WithSecure Oyj -> WithSecure Corporation) C:\Program Files (x86)\F-Secure\TOTAL\Ultralight\ulcore\1715597669\fshoster64.exe <2>
(services.exe ->) (WithSecure Oyj -> WithSecure Corporation) C:\Program Files (x86)\F-Secure\TOTAL\Ultralight\ulcore\1715597669\fsulprothoster.exe
(svchost.exe ->) (Acer Incorporated -> ) C:\Program Files (x86)\Acer\Care Center\ACCStd.exe
(svchost.exe ->) (Acer Incorporated -> Microsoft) C:\Program Files\Acer\StorPSCTL\StorPSCTL.exe
(svchost.exe ->) (British Cayman Islands Intelligo Technology Inc. Taiwan Branch -> Intelligo Technology Inc.) C:\Windows\System32\DriverStore\FileRepository\igoaudioservice.inf_amd64_5480d357b22325cc\iGoSwServer.exe <2>
(svchost.exe ->) (Intel Corporation -> Intel Corporation) C:\Windows\System32\DriverStore\FileRepository\cui_dch.inf_amd64_ea0f2e956b37b3be\igfxextN.exe
(svchost.exe ->) (Microsoft Corporation -> Microsoft Corporation) C:\Users\milan\AppData\Local\Microsoft\OneDrive\24.103.0521.0002\FileCoAuth.exe
(svchost.exe ->) (Microsoft Windows -> Microsoft Corporation) C:\Program Files\WindowsApps\MicrosoftWindows.Client.WebExperience_524.13200.10.0_x64__cw5n1h2txyewy\Dashboard\WidgetService.exe
(svchost.exe ->) (Microsoft Windows -> Microsoft Corporation) C:\Windows\ImmersiveControlPanel\SystemSettings.exe
(svchost.exe ->) (Microsoft Windows -> Microsoft Corporation) C:\Windows\System32\dllhost.exe <3>
(svchost.exe ->) (Microsoft Windows -> Microsoft Corporation) C:\Windows\System32\smartscreen.exe
(svchost.exe ->) (Microsoft Windows -> Microsoft Corporation) C:\Windows\System32\wlanext.exe
(svchost.exe ->) (Microsoft Windows -> Microsoft Corporation) C:\Windows\System32\WWAHost.exe
==================== Registry (Whitelisted) ===================
(If an entry is included in the fixlist, the registry item will be restored to default or removed. The file will not be moved.)
HKLM\...\Run: [RtkAudUService] => C:\Windows\System32\DriverStore\FileRepository\realtekservice.inf_amd64_6903f1a9d3b68dab\RtkAudUService64.exe [1259872 2021-05-19] (Realtek Semiconductor Corp. -> Realtek Semiconductor)
HKU\S-1-5-21-1522692154-720549613-4100842380-1001\...\Run: [MicrosoftEdgeAutoLaunch_EB47026D08FE0D2DEE1F47E11465E666] => "C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --no-startup-window --win-session-start [4136896 2024-05-30] (Microsoft Corporation -> Microsoft Corporation)
HKLM\Software\Microsoft\Active Setup\Installed Components: [{8A69D345-D564-463c-AFF1-A69D9E530F96}] -> C:\Program Files\Google\Chrome\Application\125.0.6422.114\Installer\chrmstp.exe [2024-05-30] (Google LLC -> Google LLC)
==================== Scheduled Tasks (Whitelisted) =================
(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)
Task: {F06FC732-66DF-4A74-9B71-A761D23993F7} - System32\Tasks\ACC => C:\Program Files (x86)\Acer\Care Center\LiveUpdateChecker.exe [3089768 2023-02-03] (Acer Incorporated -> ) -> C:\Program Files (x86)\Acer\Care Center\-auto
Task: {460B4C83-BF11-4192-80FD-25F72D1FDFA8} - System32\Tasks\ACCAgent => C:\Program Files (x86)\Acer\Care Center\LiveUpdateAgent.exe [41832 2023-02-03] (Acer Incorporated -> )
Task: {87BBA08E-4C16-4F5A-9CFC-FDE400299AFA} - System32\Tasks\ACCBackgroundApplication => C:\Program Files (x86)\Acer\Care Center\ACCStd.exe [4956008 2023-02-03] (Acer Incorporated -> )
Task: {ED62D5A4-C53E-4A19-8C52-83D38A63F360} - System32\Tasks\AcerCMUpdateTask2.5.22250 => C:\Program Files (x86)\Acer\Amundsen\2.5.22250\awc.exe [96904 2022-10-13] (Acer Incorporated -> )
Task: {143DF8E1-2620-41F2-950D-8AC6E6578403} - System32\Tasks\CareCenter\MicrosoftEdgeAutoLaunch_EB47026D08FE0D2DEE1F47E11465E666_Reg_HKCURun_S-1-5-21-1522692154-720549613-4100842380-1001 => C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe [4136896 2024-05-30] (Microsoft Corporation -> Microsoft Corporation) -> C:\Program Files (x86)\Microsoft\Edge\Application\--no-startup-window --win-session-start
Task: {5890D53F-75D3-4A58-90E1-705F0C54B8F6} - System32\Tasks\F-Secure\F-Secure Hotfix => C:\Program Files (x86)\F-Secure\TOTAL\x64\fs_hotfix_64.exe [510856 2024-05-28] (F-Secure Corporation -> F-Secure Corporation)
Task: {8B3D35E8-2C19-4649-86B9-568C8FAD0F9E} - System32\Tasks\GoogleSystem\GoogleUpdater\GoogleUpdaterTaskSystem127.0.6490.0{7863E041-B445-4567-908D-89ECC6DA2015} => C:\Program Files (x86)\Google\GoogleUpdater\127.0.6490.0\updater.exe [4785440 2024-05-20] (Google LLC -> Google LLC)
Task: {EFCDAA27-506A-41E3-B3C3-85BE8DA1D2A5} - System32\Tasks\iGoAudioTask => C:\Windows\System32\DriverStore\FileRepository\igoaudioservice.inf_amd64_5480d357b22325cc\iGoSwServer.exe [467344 2022-11-15] (British Cayman Islands Intelligo Technology Inc. Taiwan Branch -> Intelligo Technology Inc.)
Task: {00BE2514-B022-4CCD-B861-04645BF7D690} - System32\Tasks\iGoAudioTaskSession => C:\Windows\System32\DriverStore\FileRepository\igoaudioservice.inf_amd64_5480d357b22325cc\iGoSwServer.exe [467344 2022-11-15] (British Cayman Islands Intelligo Technology Inc. Taiwan Branch -> Intelligo Technology Inc.)
Task: {E6FF01FD-D2B7-46CC-951A-CB0F4EE8917A} - System32\Tasks\McAfee OEM Subscription job => \\?\C:\Program Files\McAfee\wps\SubscriptionJob\mc-oem-subjob.exe [2169512 2024-05-20] (McAfee, LLC -> McAfee, LLC)
Task: {321E56E0-D9F0-41FC-9E9B-80C3AF0B935A} - System32\Tasks\McAfee\WPS\McAfee Anti-tracker notification => 1A62D23B-93C2-468A-B6B0-FFB2A23C1C0D
Task: {5E7350B0-39EC-4C74-90B3-113942171C5F} - System32\Tasks\McAfee\WPS\McAfee Cloud Configuration Check => 1A62D23B-93C2-468A-B6B0-FFB2A23C1C0D
Task: {D3CF9E06-6ED5-432B-9923-921AFE4BE242} - System32\Tasks\McAfee\WPS\McAfee Health Check => C:\Program Files\McAfee\wps\1.18.255.1\sustainability\mc-sustainability.exe [950824 2024-05-21] (McAfee, LLC -> McAfee, LLC)
Task: {2528C8BC-5360-45A1-B7BE-8296FE682031} - System32\Tasks\McAfee\WPS\McAfee Hotfix => C:\Program Files\McAfee\wps\1.18.255.1\dad\mc-dad.exe [2654448 2024-05-21] (McAfee, LLC -> McAfee, LLC)
Task: {432AC888-5F17-41D6-865A-E4904EC3CCCC} - System32\Tasks\McAfee\WPS\McAfee Message Check => 1A62D23B-93C2-468A-B6B0-FFB2A23C1C0D
Task: {14DB256D-5667-4B82-95B0-EC07EFE9F383} - System32\Tasks\McAfee\WPS\McAfee PC Optimizer Task => 1A62D23B-93C2-468A-B6B0-FFB2A23C1C0D
Task: {B121FC72-D2FF-4740-91B0-F0583F527997} - System32\Tasks\McAfee\WPS\McAfee restart of PC => 1A62D23B-93C2-468A-B6B0-FFB2A23C1C0D
Task: {A424B035-4CAA-4405-B3B7-E5C5BBDE7244} - System32\Tasks\McAfee\WPS\McAfee Scheduled AV Scan => 1A62D23B-93C2-468A-B6B0-FFB2A23C1C0D
Task: {FEDAD849-E7AE-4449-8062-39370BDA16C2} - System32\Tasks\McAfee\WPS\McAfee Scheduled Tracker Remover => 1A62D23B-93C2-468A-B6B0-FFB2A23C1C0D
Task: {20CC69E6-3C01-437D-BE57-B33CCEC6CC56} - System32\Tasks\McAfee\wps\McAfee Updater => {81A7CB63-BB07-4DAD-8E72-07B3A9BB08E2} C:\Program Files\McAfee\wps\1.18.255.1\mc-update.exe [3296312 2024-05-21] (McAfee, LLC -> McAfee, LLC)
Task: {D42A8B46-F100-4A31-A5A9-36BB92435749} - System32\Tasks\McAfee\WPS\McAfee Virus Definition Update => 1A62D23B-93C2-468A-B6B0-FFB2A23C1C0D
Task: {9A4D0FEA-0D25-444E-A706-BF91B6D82966} - System32\Tasks\McAfee\WPS\McAfee Windows Notification Token => \\?\C:\Program Files\McAfee\wps\1.18.255.1\mc-wns-client\mc-wns-client.exe [923696 2024-05-21] (McAfee, LLC -> )
Task: {165723CE-CD0A-4CA4-9204-A854A61A02CC} - System32\Tasks\Microsoft\Office\Office Automatic Updates 2.0 => C:\Program Files\Common Files\Microsoft Shared\ClickToRun\OfficeC2RClient.exe [28498912 2024-05-26] (Microsoft Corporation -> Microsoft Corporation)
Task: {86BB7BB2-0E69-44F6-B529-A6EF87203701} - System32\Tasks\Microsoft\Office\Office ClickToRun Service Monitor => C:\Program Files\Common Files\Microsoft Shared\ClickToRun\OfficeC2RClient.exe [28498912 2024-05-26] (Microsoft Corporation -> Microsoft Corporation)
Task: {84F94102-6283-45A1-8517-CDF4EAD187B0} - System32\Tasks\Microsoft\Office\Office Feature Updates => C:\Program Files\Microsoft Office\root\Office16\sdxhelper.exe [309912 2024-06-03] (Microsoft Corporation -> Microsoft Corporation)
Task: {098E9272-DD23-47F2-8EE8-B68C67D346AF} - System32\Tasks\Microsoft\Office\Office Feature Updates Logon => C:\Program Files\Microsoft Office\root\Office16\sdxhelper.exe [309912 2024-06-03] (Microsoft Corporation -> Microsoft Corporation)
Task: {08E553E8-9162-4123-B4B9-8164F0C9F354} - System32\Tasks\Microsoft\Office\Office Performance Monitor => C:\Program Files\Microsoft Office\root\vfs\ProgramFilesCommonX64\Microsoft Shared\OFFICE16\operfmon.exe [169648 2024-06-03] (Microsoft Corporation -> Microsoft Corporation)
Task: {E0F10DCF-44AD-40E8-9370-FB5DA59F93FB} - System32\Tasks\Microsoft\Windows\UpdateOrchestrator\USO_UxBroker => %systemroot%\system32\MusNotification.exe (No File)
Task: {D94A5025-35E5-4C62-A548-313B9EF0459A} - System32\Tasks\Microsoft\Windows\Windows Defender\Windows Defender Cache Maintenance => C:\ProgramData\Microsoft\Windows Defender\Platform\4.18.24050.7-0\MpCmdRun.exe [1678960 2024-05-29] (Microsoft Windows Publisher -> Microsoft Corporation)
Task: {0C22429D-EC10-4089-BB0C-D203A9309A88} - System32\Tasks\Microsoft\Windows\Windows Defender\Windows Defender Cleanup => C:\ProgramData\Microsoft\Windows Defender\Platform\4.18.24050.7-0\MpCmdRun.exe [1678960 2024-05-29] (Microsoft Windows Publisher -> Microsoft Corporation)
Task: {F4FF6915-E6F6-4DD4-9716-8D717BA28150} - System32\Tasks\Microsoft\Windows\Windows Defender\Windows Defender Scheduled Scan => C:\ProgramData\Microsoft\Windows Defender\Platform\4.18.24050.7-0\MpCmdRun.exe [1678960 2024-05-29] (Microsoft Windows Publisher -> Microsoft Corporation)
Task: {208B172B-D273-42F7-BAFD-52DDBD5F686C} - System32\Tasks\Microsoft\Windows\Windows Defender\Windows Defender Verification => C:\ProgramData\Microsoft\Windows Defender\Platform\4.18.24050.7-0\MpCmdRun.exe [1678960 2024-05-29] (Microsoft Windows Publisher -> Microsoft Corporation)
Task: {73633390-BA10-40B7-B83E-CCE7AFC8D365} - System32\Tasks\Oem\AcerJumpstartTask => C:\Program Files (x86)\Acer\Acer Jumpstart\hermes.exe [70792 2022-08-15] (Acer Incorporated -> )
Task: {9CE5D1E6-DE80-404F-9182-30ABDFDF7054} - System32\Tasks\Oem\wlanBrokerTask => C:\Program Files (x86)\Acer\ExpressVPN\wlanBroker.exe [18224 2021-03-22] (Acer Incorporated -> )
Task: {DDA8D141-FF13-4008-B39F-C4825FED4A40} - System32\Tasks\Oem\xvpnHelperTask => C:\Users\milan\AppData\Local\OEM\PromoX\XvpnHelper\XvpnInstaller.exe [70016 2022-10-24] (Acer Incorporated -> )
Task: {052705E9-286A-4007-844F-10B2036FCE05} - System32\Tasks\Quick Access => C:\Program Files\Acer\Quick Access Service\QALauncher.exe [446824 2023-01-17] (Acer Incorporated -> Acer Incorporated)
Task: {011E43A6-20B3-4EEF-B5F4-0C26D8A1AAD8} - System32\Tasks\Software Update Application => C:\ProgramData\OEM\UpgradeTool\ListCheck.exe [461472 2022-12-20] (Acer Incorporated -> Acer Incorporated)
Task: {2572C9E2-16C1-49E9-9F79-89D4350CF6E0} - System32\Tasks\StorPSCTL => C:\Program Files\Acer\StorPSCTL\StorPSCTL.exe [153640 2021-03-29] (Acer Incorporated -> Microsoft)
Task: {E2DC6192-AFC2-4EE4-9167-1B1C522DD67B} - System32\Tasks\UbtFrameworkService => C:\Program Files\Acer\User Experience Improvement Program Service\Framework\TriggerFramework.exe [333152 2022-08-03] (Acer Incorporated -> Acer Incorporated)
Task: {1E1F952D-E6E3-4D80-BFE6-84AB3A0D943B} - System32\Tasks\UEIPInvitation => C:\Program Files\Acer\User Experience Improvement Program Service\Framework\UEIPOOBECheck.exe [2218336 2022-08-03] (Acer Incorporated -> Acer Incorporated)
(If an entry is included in the fixlist, the task (.job) file will be moved. The file which is running by the task will not be moved.)
==================== Internet (Whitelisted) ====================
(If an item is included in the fixlist, if it is a registry item it will be removed or restored to default.)
Tcpip\Parameters: [DhcpNameServer] 62.129.50.20 85.135.32.100
Tcpip\..\Interfaces\{0ff5396e-f223-4b34-9c84-b1f01871c2e9}: [DhcpNameServer] 62.129.50.20 85.135.32.100
Edge:
=======
Edge Profile: C:\Users\milan\AppData\Local\Microsoft\Edge\User Data\Default [2024-06-04]
Edge Extension: (Dokumenty Google offline) - C:\Users\milan\AppData\Local\Microsoft\Edge\User Data\Default\Extensions\ghbmnnjooekpmoecnnnilnnbdlolhkhi [2024-01-21]
Edge Extension: (Edge relevant text changes) - C:\Users\milan\AppData\Local\Microsoft\Edge\User Data\Default\Extensions\jmjflgjpcpepeafmmgdpfkogkghcpiha [2024-02-05]
FireFox:
========
FF Plugin: @microsoft.com/SharePoint,version=14.0 -> C:\Program Files\Microsoft Office\root\Office16\NPSPWRAP.DLL [2024-05-20] (Microsoft Corporation -> Microsoft Corporation)
FF Plugin-x32: @microsoft.com/SharePoint,version=14.0 -> C:\Program Files\Microsoft Office\root\VFS\ProgramFilesX86\Microsoft Office\Office16\NPSPWRAP.DLL [2024-05-20] (Microsoft Corporation -> Microsoft Corporation)
Chrome:
=======
CHR Profile: C:\Users\milan\AppData\Local\Google\Chrome\User Data\Default [2024-06-04]
CHR Extension: (McAfee® WebAdvisor) - C:\Users\milan\AppData\Local\Google\Chrome\User Data\Default\Extensions\fheoggkfdfchfphceeifdbepaooicaho [2024-05-20]
CHR Extension: (Dokumenty Google offline) - C:\Users\milan\AppData\Local\Google\Chrome\User Data\Default\Extensions\ghbmnnjooekpmoecnnnilnnbdlolhkhi [2024-06-04]
CHR Extension: (Platby Internetového obchodu Chrome) - C:\Users\milan\AppData\Local\Google\Chrome\User Data\Default\Extensions\nmmhkkegccagdldgiimedpiccmgmieda [2023-12-14]
CHR HKLM\...\Chrome\Extension: [fheoggkfdfchfphceeifdbepaooicaho]
CHR HKLM-x32\...\Chrome\Extension: [fheoggkfdfchfphceeifdbepaooicaho]
==================== Services (Whitelisted) ===================
(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)
R2 ACCSvc; C:\Program Files (x86)\Acer\Care Center\ACCSvc.exe [259432 2023-02-03] (Acer Incorporated -> Acer Incorporated)
R2 ClickToRunSvc; C:\Program Files\Common Files\Microsoft Shared\ClickToRun\OfficeClickToRun.exe [14012520 2024-05-26] (Microsoft Corporation -> Microsoft Corporation)
R2 fshoster; C:\Program Files (x86)\F-Secure\TOTAL\x64\fshoster64.exe [257416 2024-05-28] (F-Secure Corporation -> F-Secure Corporation)
R2 fsnethoster; C:\Program Files (x86)\F-Secure\TOTAL\x64\fshoster64.exe [257416 2024-05-28] (F-Secure Corporation -> F-Secure Corporation)
R2 fsnifwebhoster; C:\Program Files (x86)\F-Secure\TOTAL\FSNifWeb\1715672042\fshoster64.exe [414600 2024-05-17] (F-Secure Corporation -> F-Secure Corporation)
R2 fsulhoster; C:\Program Files (x86)\F-Secure\TOTAL\Ultralight\ulcore\1715597669\fshoster64.exe [738256 2024-05-21] (WithSecure Oyj -> WithSecure Corporation)
R2 fsulnethoster; C:\Program Files (x86)\F-Secure\TOTAL\Ultralight\ulcore\1715597669\fshoster64.exe [738256 2024-05-21] (WithSecure Oyj -> WithSecure Corporation)
R2 fsulorsp; C:\Program Files (x86)\F-Secure\TOTAL\Ultralight\ulcore\1715597669\fsorsp64.exe [109432 2024-05-21] (WithSecure Oyj -> F-Secure Corporation)
R2 fsulprothoster; C:\Program Files (x86)\F-Secure\TOTAL\Ultralight\ulcore\1715597669\fsulprothoster.exe [738256 2024-05-21] (WithSecure Oyj -> WithSecure Corporation)
R2 fsvpnsvc; C:\Program Files (x86)\F-Secure\TOTAL\x64\fsvpnservice_64.exe [2220936 2024-05-28] (F-Secure Corporation -> F-Secure Corporation)
S2 GoogleUpdaterInternalService127.0.6490.0; C:\Program Files (x86)\Google\GoogleUpdater\127.0.6490.0\updater.exe [4785440 2024-05-20] (Google LLC -> Google LLC)
S2 GoogleUpdaterService127.0.6490.0; C:\Program Files (x86)\Google\GoogleUpdater\127.0.6490.0\updater.exe [4785440 2024-05-20] (Google LLC -> Google LLC)
R2 IgoAudioService; C:\Windows\System32\DriverStore\FileRepository\igoaudioservice.inf_amd64_5480d357b22325cc\IgoAudioService_x64.exe [36512 2022-11-15] (British Cayman Islands Intelligo Technology Inc. Taiwan Branch -> Intelligo Technology Inc.)
R2 IntelAudioService; C:\Windows\System32\DriverStore\FileRepository\intcoed.inf_amd64_0f43cda6a2474b5c\AS\IAS\IntelAudioService.exe [531008 2022-01-26] (Intel Corporation -> Intel)
R2 mc-fw-host; C:\Program Files\McAfee\wps\1.18.255.1\mc-fw-host.exe [2711192 2024-05-21] (McAfee, LLC -> McAfee, LLC)
S3 mc-wps-update; C:\Program Files\McAfee\wps\1.18.255.1\mc-update.exe [3296312 2024-05-21] (McAfee, LLC -> McAfee, LLC)
R2 McAfee WebAdvisor; C:\Program Files\McAfee\WebAdvisor\ServiceHost.exe [879456 2024-05-17] (McAfee, LLC -> McAfee, LLC)
R2 MDCoreSvc; C:\ProgramData\Microsoft\Windows Defender\Platform\4.18.24050.7-0\MpDefenderCoreService.exe [1505416 2024-05-29] (Microsoft Windows Publisher -> Microsoft Corporation)
S3 QALSvc; C:\Program Files\Acer\Quick Access Service\QALSvc.exe [466280 2023-01-17] (Acer Incorporated -> Acer Incorporated)
R3 QASvc; C:\Program Files\Acer\Quick Access Service\QASvc.exe [504680 2023-01-17] (Acer Incorporated -> Acer Incorporated)
S3 UEIPSvc; C:\Program Files\Acer\User Experience Improvement Program Service\Framework\UBTService.exe [337760 2022-08-03] (Acer Incorporated -> Acer Incorporated)
R3 WdNisSvc; C:\ProgramData\Microsoft\Windows Defender\Platform\4.18.24050.7-0\NisSrv.exe [3236728 2024-05-29] (Microsoft Windows Publisher -> Microsoft Corporation)
R2 WinDefend; C:\ProgramData\Microsoft\Windows Defender\Platform\4.18.24050.7-0\MsMpEng.exe [133704 2024-05-29] (Microsoft Windows Publisher -> Microsoft Corporation)
===================== Drivers (Whitelisted) ===================
(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)
R3 AcerAirplaneModeController; C:\Windows\System32\drivers\AcerAirplaneModeController.sys [36800 2022-06-01] (Acer Incorporated -> Acer Incorporated)
R3 F-Secure Gatekeeper; C:\Program Files (x86)\F-Secure\TOTAL\Ultralight\ulcore\1715597669\fsulgk.sys [482480 2024-05-21] (Microsoft Windows Hardware Compatibility Publisher -> WithSecure Corporation)
R0 fse; C:\Windows\System32\drivers\fse.sys [218592 2024-05-26] (Microsoft Windows -> Microsoft Corporation)
S0 fselms; C:\Windows\System32\drivers\fselms.sys [17400 2023-12-25] (Microsoft Windows Early Launch Anti-malware Publisher -> WithSecure Corporation)
R2 fsnif2; C:\Program Files (x86)\F-Secure\TOTAL\Ultralight\nif2\1710924332\nif2s64.sys [186048 2024-05-20] (Microsoft Windows Hardware Compatibility Publisher -> WithSecure Corporation)
R3 fsvpnwintun; C:\Windows\System32\drivers\fsvpnwintun.sys [31256 2023-12-04] (Microsoft Windows Hardware Compatibility Publisher -> F-Secure Corporation)
R3 iaLPSS2_GPIO2_TGL; C:\Windows\System32\DriverStore\FileRepository\ialpss2_gpio2_tgl.inf_amd64_d0e63c4e3754f42f\iaLPSS2_GPIO2_TGL.sys [128152 2020-08-12] (Intel Corporation -> Intel Corporation)
R3 iaLPSS2_I2C_TGL; C:\Windows\System32\DriverStore\FileRepository\ialpss2_i2c_tgl.inf_amd64_ab87bf17a571e523\iaLPSS2_I2C_TGL.sys [197272 2020-08-12] (Intel Corporation -> Intel Corporation)
S3 iaLPSS2_SPI_TGL; C:\Windows\System32\DriverStore\FileRepository\ialpss2_spi_tgl.inf_amd64_b6ea3d48ee329530\iaLPSS2_SPI_TGL.sys [155816 2020-08-12] (Intel Corporation -> Intel Corporation)
S3 iaLPSS2_UART2_TGL; C:\Windows\System32\DriverStore\FileRepository\ialpss2_uart2_tgl.inf_amd64_1a8e964d43720594\iaLPSS2_UART2_TGL.sys [310440 2020-08-12] (Intel Corporation -> Intel Corporation)
R0 iaStorVD; C:\Windows\System32\drivers\iaStorVD.sys [1544912 2021-08-29] (Intel Corporation -> Intel Corporation)
R3 IntcUSB; C:\Windows\System32\DriverStore\FileRepository\intcusb.inf_amd64_2cc98897d8dddf62\IntcUSB.sys [882280 2022-01-26] (Intel Corporation -> Intel(R) Corporation)
R3 IntelGNA; C:\Windows\System32\DriverStore\FileRepository\gna.inf_amd64_689d3d5fefeef458\gna.sys [84880 2020-11-06] (Gaussian Mixture Models and Neural Networks Accelerator -> Intel Corporation)
S0 mfeelam; C:\Windows\System32\DRIVERS\mfeelam.sys [19536 2024-05-21] (Microsoft Windows Early Launch Anti-malware Publisher -> McAfee, LLC)
R0 mfesec; C:\Windows\System32\DRIVERS\mfesec.sys [85304 2024-05-21] (McAfee, LLC -> McAfee, LLC)
R3 MpKslbbd9fe76; C:\ProgramData\Microsoft\Windows Defender\Definition Updates\{1CA11CDC-A096-4EC9-91DE-DFAE92C21A2F}\MpKslDrv.sys [271648 2024-06-04] (Microsoft Windows -> Microsoft Corporation)
S3 rtcx21; C:\Windows\System32\DriverStore\FileRepository\rtcx21x64.inf_amd64_516e5c9b75c49dc2\rtcx21x64.sys [539648 2022-05-06] (Microsoft Windows -> Realtek)
S3 vmbusproxy; C:\Windows\system32\drivers\vmbusproxy.sys [94208 2024-05-26] (Microsoft Windows -> )
S0 WdBoot; C:\Windows\System32\drivers\wd\WdBoot.sys [22080 2024-05-29] (Microsoft Windows Early Launch Anti-malware Publisher -> Microsoft Corporation)
R0 WdFilter; C:\Windows\System32\drivers\wd\WdFilter.sys [602520 2024-05-29] (Microsoft Windows -> Microsoft Corporation)
R3 WdNisDrv; C:\Windows\System32\drivers\wd\WdNisDrv.sys [105880 2024-05-29] (Microsoft Windows -> Microsoft Corporation)
==================== NetSvcs (Whitelisted) ===================
(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)
==================== One month (created) (Whitelisted) =========
(If an entry is included in the fixlist, the file/folder will be moved.)
2024-06-04 13:18 - 2024-06-04 13:18 - 000026082 _____ C:\Users\milan\Desktop\FRST.txt
2024-06-04 10:17 - 2024-06-04 10:17 - 000727012 _____ C:\Windows\system32\perfh005.dat
2024-06-04 10:17 - 2024-06-04 10:17 - 000151244 _____ C:\Windows\system32\perfc005.dat
2024-06-04 10:11 - 2024-06-04 10:12 - 000000000 ____D C:\AdwCleaner
2024-06-04 10:09 - 2024-06-04 10:09 - 008790880 _____ (Malwarebytes) C:\Users\milan\Desktop\adwcleaner.exe
2024-06-04 08:24 - 2024-06-04 13:18 - 000000000 ____D C:\FRST
2024-06-04 08:23 - 2024-06-04 08:24 - 002395136 _____ (Farbar) C:\Users\milan\Desktop\FRST64.exe
2024-06-04 08:23 - 2024-06-04 08:23 - 002093056 _____ (Farbar) C:\Users\milan\Downloads\FRST.exe
2024-06-03 14:07 - 2024-06-03 14:07 - 000000000 ____D C:\Program Files\Common Files\DESIGNER
2024-06-03 10:55 - 2024-06-03 10:55 - 000065514 _____ C:\Users\milan\Downloads\Marek-Pšenica.pdf
2024-06-01 21:02 - 2024-06-01 21:02 - 000007446 _____ C:\Users\milan\AppData\Local\recently-used.xbel
2024-06-01 21:01 - 2024-06-01 21:01 - 000000000 ____D C:\Users\milan\AppData\Local\OneDrive
2024-06-01 19:24 - 2024-06-01 20:11 - 000000000 ____D C:\Users\milan\AppData\Local\gtk-2.0
2024-06-01 18:59 - 2024-06-01 18:59 - 000000000 ____D C:\Users\milan\AppData\Local\fontconfig
2024-06-01 18:58 - 2024-06-01 21:02 - 000000000 ____D C:\Users\milan\AppData\Local\babl-0.1
2024-06-01 18:58 - 2024-06-01 18:58 - 000000950 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Programs\GIMP 2.10.38.lnk
2024-06-01 18:58 - 2024-06-01 18:58 - 000000938 _____ C:\Users\Public\Desktop\GIMP 2.10.38.lnk
2024-06-01 18:58 - 2024-06-01 18:58 - 000000000 ____D C:\Users\milan\AppData\Roaming\GIMP
2024-06-01 18:58 - 2024-06-01 18:58 - 000000000 ____D C:\Users\milan\AppData\Local\GIMP
2024-06-01 18:58 - 2024-06-01 18:58 - 000000000 ____D C:\Users\milan\AppData\Local\gegl-0.4
2024-06-01 18:56 - 2024-06-01 18:58 - 000000000 ____D C:\Program Files\GIMP 2
2024-05-31 09:07 - 2024-05-31 09:07 - 000000000 ____D C:\Users\milan\AppData\Roaming\Microsoft\Office
2024-05-31 09:07 - 2024-05-31 09:07 - 000000000 ____D C:\Users\milan\AppData\Roaming\Microsoft\Excel
2024-05-31 09:07 - 2024-05-31 09:07 - 000000000 ____D C:\Users\milan\AppData\Roaming\Microsoft\AddIns
2024-05-30 07:48 - 2024-05-30 07:48 - 000000000 ____D C:\ProgramData\Mozilla-1de4eec8-1241-4177-a864-e594e8d1fb38
2024-05-27 09:41 - 2024-05-27 09:41 - 000000000 ____D C:\Users\milan\AppData\Local\Backup
2024-05-27 00:31 - 2024-05-27 00:31 - 000000000 ____D C:\Windows\SysWOW64\DDFs
2024-05-27 00:31 - 2024-05-27 00:31 - 000000000 ____D C:\Windows\system32\Microsoft-Edge-WebView
2024-05-27 00:31 - 2024-05-27 00:31 - 000000000 ____D C:\Windows\InboxApps
2024-05-26 23:05 - 2024-05-26 23:05 - 000060462 _____ C:\Windows\SysWOW64\ctac.json
2024-05-26 23:05 - 2024-05-26 23:05 - 000024320 _____ C:\Windows\SysWOW64\IntegratedServicesRegionPolicySet.json
2024-05-26 23:00 - 2024-05-26 23:00 - 000060462 _____ C:\Windows\system32\ctac.json
2024-05-26 23:00 - 2024-05-26 23:00 - 000024320 _____ C:\Windows\system32\IntegratedServicesRegionPolicySet.json
2024-05-24 09:17 - 2024-05-24 09:17 - 000000000 ____H C:\Windows\system32\Drivers\Msft_User_WpdMtpDr_01_11_00.Wdf
2024-05-24 09:16 - 2024-05-24 09:16 - 000000000 ____H C:\Windows\system32\Drivers\Msft_User_WpdFs_01_11_00.Wdf
2024-05-22 08:10 - 2024-05-22 08:10 - 000000000 ____D C:\Program Files\Common Files\DynamicAppDownloader
2024-05-21 22:29 - 2024-05-21 22:29 - 000000000 ____D C:\Windows\system32\Tasks\CareCenter
2024-05-20 17:45 - 2024-05-20 17:45 - 000000000 ____D C:\Users\milan\AppData\Roaming\Microsoft\Network
2024-05-17 10:33 - 2024-05-17 10:33 - 000000000 ____D C:\Windows\system32\Tasks\GoogleSystem
==================== One month (modified) ==================
(If an entry is included in the fixlist, the file/folder will be moved.)
2024-06-04 13:16 - 2023-07-31 10:02 - 000000000 ____D C:\Windows\system32\SleepStudy
2024-06-04 13:16 - 2022-05-07 07:24 - 000000000 ___HD C:\Program Files\WindowsApps
2024-06-04 13:16 - 2022-05-07 07:24 - 000000000 ____D C:\Windows\AppReadiness
2024-06-04 13:15 - 2022-05-07 07:24 - 000000000 ____D C:\Windows\SystemTemp
2024-06-04 13:15 - 2022-05-07 07:24 - 000000000 ____D C:\ProgramData\regid.1991-06.com.microsoft
2024-06-04 10:17 - 2023-07-31 10:13 - 001718036 _____ C:\Windows\system32\PerfStringBackup.INI
2024-06-04 10:17 - 2022-05-07 07:22 - 000000000 ____D C:\Windows\INF
2024-06-04 10:15 - 2023-12-14 20:20 - 000000000 ____D C:\Users\milan\AppData\Local\D3DSCache
2024-06-04 10:12 - 2023-12-14 20:19 - 000000000 __SHD C:\Users\milan\IntelGraphicsProfiles
2024-06-04 10:12 - 2023-07-31 10:12 - 000003310 _____ C:\Windows\system32\Tasks\iGoAudioTask
2024-06-04 10:12 - 2023-07-31 10:02 - 000012288 ___SH C:\DumpStack.log.tmp
2024-06-04 10:12 - 2023-07-31 10:02 - 000000006 ____H C:\Windows\Tasks\SA.DAT
2024-06-04 10:12 - 2023-07-31 10:02 - 000000000 ___HD C:\Intel
2024-06-04 10:12 - 2022-05-07 07:24 - 000000000 ____D C:\Windows\ServiceState
2024-06-04 10:12 - 2022-05-07 07:17 - 000786432 _____ C:\Windows\system32\config\BBI
2024-06-04 07:55 - 2023-12-14 20:12 - 000000000 ____D C:\Users\milan\AppData\Local\Host App Service
2024-06-03 23:16 - 2023-12-14 20:20 - 000000000 ____D C:\Users\milan\AppData\Local\Packages
2024-06-03 23:16 - 2023-12-13 01:47 - 000000000 ____D C:\ProgramData\Packages
2024-06-03 14:06 - 2023-07-31 10:33 - 000000000 ____D C:\Program Files\Microsoft Office
2024-06-03 13:38 - 2023-12-25 15:53 - 000003362 _____ C:\Windows\system32\Tasks\McAfee OEM Subscription job
2024-06-03 07:49 - 2024-02-11 13:38 - 000000000 ____D C:\Users\milan\AppData\Local\CrashDumps
2024-05-31 21:07 - 2023-07-31 10:02 - 000002440 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Microsoft Edge.lnk
2024-05-30 23:06 - 2023-12-14 20:26 - 000002251 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Google Chrome.lnk
2024-05-30 23:06 - 2023-12-14 20:26 - 000002210 _____ C:\Users\Public\Desktop\Google Chrome.lnk
2024-05-30 07:32 - 2023-12-14 20:21 - 000003588 _____ C:\Windows\system32\Tasks\OneDrive Reporting Task-S-1-5-21-1522692154-720549613-4100842380-1001
2024-05-30 07:32 - 2023-12-14 20:21 - 000003378 _____ C:\Windows\system32\Tasks\OneDrive Standalone Update Task-S-1-5-21-1522692154-720549613-4100842380-1001
2024-05-30 07:32 - 2023-12-14 20:21 - 000002381 _____ C:\Users\milan\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\OneDrive.lnk
2024-05-29 15:02 - 2023-07-31 10:02 - 000001623 _____ C:\Windows\system32\config\VSMIDK
2024-05-29 14:48 - 2023-12-14 20:21 - 000000000 ____D C:\Users\milan\AppData\Local\PlaceholderTileLogoFolder
2024-05-29 14:31 - 2023-07-31 11:02 - 000000000 ____D C:\Windows\Panther
2024-05-29 11:26 - 2023-12-25 16:18 - 000002257 _____ C:\Users\Public\Desktop\F-Secure.lnk
2024-05-29 01:56 - 2023-07-31 10:02 - 000000000 ____D C:\Windows\system32\Drivers\wd
2024-05-27 07:36 - 2022-05-07 07:24 - 000000000 ____D C:\ProgramData\USOPrivate
2024-05-27 00:34 - 2023-12-14 20:20 - 000002350 _____ C:\Users\milan\Desktop\Microsoft Edge.lnk
2024-05-27 00:34 - 2023-12-14 20:12 - 000000000 ____D C:\Users\milan\AppData\Roaming\Microsoft\Spelling
2024-05-27 00:32 - 2023-07-31 10:02 - 000474816 _____ C:\Windows\system32\FNTCACHE.DAT
2024-05-27 00:31 - 2022-07-05 17:29 - 000000000 ____D C:\Windows\SysWOW64\cs
2024-05-27 00:31 - 2022-07-05 17:29 - 000000000 ____D C:\Windows\system32\cs
2024-05-27 00:31 - 2022-05-07 07:24 - 000000000 ___SD C:\Windows\SysWOW64\F12
2024-05-27 00:31 - 2022-05-07 07:24 - 000000000 ___SD C:\Windows\SysWOW64\DiagSvcs
2024-05-27 00:31 - 2022-05-07 07:24 - 000000000 ___SD C:\Windows\system32\UNP
2024-05-27 00:31 - 2022-05-07 07:24 - 000000000 ___SD C:\Windows\system32\F12
2024-05-27 00:31 - 2022-05-07 07:24 - 000000000 ___SD C:\Windows\system32\DiagSvcs
2024-05-27 00:31 - 2022-05-07 07:24 - 000000000 ___RD C:\Windows\PrintDialog
2024-05-27 00:31 - 2022-05-07 07:24 - 000000000 ___RD C:\Windows\ImmersiveControlPanel
2024-05-27 00:31 - 2022-05-07 07:24 - 000000000 ____D C:\Windows\WUModels
2024-05-27 00:31 - 2022-05-07 07:24 - 000000000 ____D C:\Windows\UUS
2024-05-27 00:31 - 2022-05-07 07:24 - 000000000 ____D C:\Windows\SysWOW64\WinMetadata
2024-05-27 00:31 - 2022-05-07 07:24 - 000000000 ____D C:\Windows\SysWOW64\vi-VN
2024-05-27 00:31 - 2022-05-07 07:24 - 000000000 ____D C:\Windows\SysWOW64\setup
2024-05-27 00:31 - 2022-05-07 07:24 - 000000000 ____D C:\Windows\SysWOW64\PerceptionSimulation
2024-05-27 00:31 - 2022-05-07 07:24 - 000000000 ____D C:\Windows\SysWOW64\oobe
2024-05-27 00:31 - 2022-05-07 07:24 - 000000000 ____D C:\Windows\SysWOW64\lv-LV
2024-05-27 00:31 - 2022-05-07 07:24 - 000000000 ____D C:\Windows\SysWOW64\lt-LT
2024-05-27 00:31 - 2022-05-07 07:24 - 000000000 ____D C:\Windows\SysWOW64\id-ID
2024-05-27 00:31 - 2022-05-07 07:24 - 000000000 ____D C:\Windows\SysWOW64\gl-ES
2024-05-27 00:31 - 2022-05-07 07:24 - 000000000 ____D C:\Windows\SysWOW64\eu-ES
2024-05-27 00:31 - 2022-05-07 07:24 - 000000000 ____D C:\Windows\SysWOW64\et-EE
2024-05-27 00:31 - 2022-05-07 07:24 - 000000000 ____D C:\Windows\SysWOW64\es-MX
2024-05-27 00:31 - 2022-05-07 07:24 - 000000000 ____D C:\Windows\SysWOW64\Dism
2024-05-27 00:31 - 2022-05-07 07:24 - 000000000 ____D C:\Windows\SysWOW64\ca-ES
2024-05-27 00:31 - 2022-05-07 07:24 - 000000000 ____D C:\Windows\SystemResources
2024-05-27 00:31 - 2022-05-07 07:24 - 000000000 ____D C:\Windows\SystemApps
2024-05-27 00:31 - 2022-05-07 07:24 - 000000000 ____D C:\Windows\system32\WinMetadata
2024-05-27 00:31 - 2022-05-07 07:24 - 000000000 ____D C:\Windows\system32\WinBioPlugIns
2024-05-27 00:31 - 2022-05-07 07:24 - 000000000 ____D C:\Windows\system32\vi-VN
2024-05-27 00:31 - 2022-05-07 07:24 - 000000000 ____D C:\Windows\system32\SystemResetPlatform
2024-05-27 00:31 - 2022-05-07 07:24 - 000000000 ____D C:\Windows\system32\ShellExperiences
2024-05-27 00:31 - 2022-05-07 07:24 - 000000000 ____D C:\Windows\system32\Sgrm
2024-05-27 00:31 - 2022-05-07 07:24 - 000000000 ____D C:\Windows\system32\setup
2024-05-27 00:31 - 2022-05-07 07:24 - 000000000 ____D C:\Windows\system32\SecureBootUpdates
2024-05-27 00:31 - 2022-05-07 07:24 - 000000000 ____D C:\Windows\system32\PerceptionSimulation
2024-05-27 00:31 - 2022-05-07 07:24 - 000000000 ____D C:\Windows\system32\oobe
2024-05-27 00:31 - 2022-05-07 07:24 - 000000000 ____D C:\Windows\system32\migwiz
2024-05-27 00:31 - 2022-05-07 07:24 - 000000000 ____D C:\Windows\system32\lv-LV
2024-05-27 00:31 - 2022-05-07 07:24 - 000000000 ____D C:\Windows\system32\lt-LT
2024-05-27 00:31 - 2022-05-07 07:24 - 000000000 ____D C:\Windows\system32\id-ID
2024-05-27 00:31 - 2022-05-07 07:24 - 000000000 ____D C:\Windows\system32\HealthAttestationClient
2024-05-27 00:31 - 2022-05-07 07:24 - 000000000 ____D C:\Windows\system32\gl-ES
2024-05-27 00:31 - 2022-05-07 07:24 - 000000000 ____D C:\Windows\system32\eu-ES
2024-05-27 00:31 - 2022-05-07 07:24 - 000000000 ____D C:\Windows\system32\et-EE
2024-05-27 00:31 - 2022-05-07 07:24 - 000000000 ____D C:\Windows\system32\es-MX
2024-05-27 00:31 - 2022-05-07 07:24 - 000000000 ____D C:\Windows\system32\Dism
2024-05-27 00:31 - 2022-05-07 07:24 - 000000000 ____D C:\Windows\system32\DDFs
2024-05-27 00:31 - 2022-05-07 07:24 - 000000000 ____D C:\Windows\system32\ca-ES
2024-05-27 00:31 - 2022-05-07 07:24 - 000000000 ____D C:\Windows\system32\appraiser
2024-05-27 00:31 - 2022-05-07 07:24 - 000000000 ____D C:\Windows\ShellExperiences
2024-05-27 00:31 - 2022-05-07 07:24 - 000000000 ____D C:\Windows\ShellComponents
2024-05-27 00:31 - 2022-05-07 07:24 - 000000000 ____D C:\Windows\Provisioning
2024-05-27 00:31 - 2022-05-07 07:24 - 000000000 ____D C:\Windows\PolicyDefinitions
2024-05-27 00:31 - 2022-05-07 07:24 - 000000000 ____D C:\Windows\DiagTrack
2024-05-27 00:31 - 2022-05-07 07:24 - 000000000 ____D C:\Windows\BrowserCore
2024-05-27 00:31 - 2022-05-07 07:24 - 000000000 ____D C:\Windows\bcastdvr
2024-05-27 00:31 - 2022-05-07 07:24 - 000000000 ____D C:\Windows\appcompat
2024-05-27 00:31 - 2022-05-07 07:24 - 000000000 ____D C:\Program Files\Common Files\System
2024-05-27 00:31 - 2022-05-07 07:17 - 000000000 ____D C:\Windows\servicing
2024-05-26 23:20 - 2022-05-07 07:17 - 000000000 ____D C:\Windows\CbsTemp
2024-05-26 23:18 - 2022-05-07 08:10 - 000036864 _____ (Microsoft Corporation) C:\Windows\system32\OEMDefaultAssociations.dll
2024-05-26 23:18 - 2022-05-07 08:10 - 000023775 _____ C:\Windows\system32\OEMDefaultAssociations.xml
2024-05-26 23:18 - 2022-05-07 07:25 - 000209920 _____ (Microsoft Corporation) C:\Windows\SysWOW64\msclmd.dll
2024-05-26 23:18 - 2022-05-07 07:25 - 000077312 _____ (Khronos Group) C:\Windows\SysWOW64\opencl.dll
2024-05-26 23:18 - 2022-05-07 07:24 - 000249856 _____ (Microsoft Corporation) C:\Windows\system32\msclmd.dll
2024-05-26 23:18 - 2022-05-07 07:24 - 000118784 _____ (Khronos Group) C:\Windows\system32\opencl.dll
2024-05-26 23:05 - 2023-07-31 10:04 - 003214336 _____ (Microsoft Corporation) C:\Windows\SysWOW64\PrintConfig.dll
2024-05-26 22:33 - 2023-07-31 10:02 - 000003640 _____ C:\Windows\system32\Tasks\MicrosoftEdgeUpdateTaskMachineUA
2024-05-26 22:33 - 2023-07-31 10:02 - 000003516 _____ C:\Windows\system32\Tasks\MicrosoftEdgeUpdateTaskMachineCore
2024-05-22 23:06 - 2023-12-25 16:17 - 000000000 ____D C:\Program Files\dotnet
2024-05-22 23:06 - 2023-07-31 10:32 - 000000000 ____D C:\ProgramData\Package Cache
2024-05-21 23:11 - 2023-12-25 15:52 - 000085304 _____ (McAfee, LLC) C:\Windows\system32\Drivers\mfesec.sys
2024-05-21 23:11 - 2023-12-25 15:52 - 000019536 _____ (McAfee, LLC) C:\Windows\system32\Drivers\mfeelam.sys
2024-05-21 23:11 - 2022-05-07 07:24 - 000000000 ___HD C:\Windows\ELAMBKUP
2024-05-21 22:24 - 2022-05-07 08:10 - 000000000 ____D C:\Program Files\Windows Photo Viewer
2024-05-21 22:24 - 2022-05-07 08:10 - 000000000 ____D C:\Program Files (x86)\Windows Photo Viewer
2024-05-21 22:24 - 2022-05-07 08:01 - 000000000 ____D C:\Windows\SysWOW64\winrm
2024-05-21 22:24 - 2022-05-07 08:01 - 000000000 ____D C:\Windows\SysWOW64\WCN
2024-05-21 22:24 - 2022-05-07 08:01 - 000000000 ____D C:\Windows\SysWOW64\slmgr
2024-05-21 22:24 - 2022-05-07 08:01 - 000000000 ____D C:\Windows\SysWOW64\Printing_Admin_Scripts
2024-05-21 22:24 - 2022-05-07 08:01 - 000000000 ____D C:\Windows\system32\winrm
2024-05-21 22:24 - 2022-05-07 08:01 - 000000000 ____D C:\Windows\system32\WCN
2024-05-21 22:24 - 2022-05-07 08:01 - 000000000 ____D C:\Windows\system32\slmgr
2024-05-21 22:24 - 2022-05-07 08:01 - 000000000 ____D C:\Windows\system32\Printing_Admin_Scripts
2024-05-21 22:24 - 2022-05-07 07:24 - 000000000 ____D C:\Windows\system32\Sysprep
2024-05-21 22:24 - 2022-05-07 07:24 - 000000000 ____D C:\Windows\OCR
2024-05-21 22:24 - 2022-05-07 07:24 - 000000000 ____D C:\Windows\IME
2024-05-21 22:24 - 2022-05-07 07:24 - 000000000 ____D C:\Program Files\Windows Defender
2024-05-21 22:24 - 2022-05-07 07:24 - 000000000 ____D C:\Program Files (x86)\Windows Defender
2024-05-21 11:28 - 2024-01-21 14:31 - 000000000 ____D C:\Windows\system32\MRT
2024-05-21 11:27 - 2024-01-21 14:30 - 196465576 ____C (Microsoft Corporation) C:\Windows\system32\MRT.exe
2024-05-21 09:08 - 2022-05-07 07:24 - 000000000 ____D C:\Windows\system32\AppLocker
2024-05-20 17:56 - 2022-05-07 07:24 - 000000000 ____D C:\Program Files\Common Files\microsoft shared
2024-05-20 17:55 - 2023-12-25 16:18 - 000000000 ____D C:\Windows\system32\Tasks\F-Secure
2024-05-20 17:45 - 2022-05-07 07:24 - 000000000 ____D C:\Windows\system32\SecurityHealth
2024-05-20 15:01 - 2023-12-14 20:25 - 000000000 ____D C:\Program Files (x86)\Google
2024-05-20 15:01 - 2023-07-31 10:35 - 000000000 ____D C:\ProgramData\McAfee
2024-05-17 10:39 - 2022-05-07 07:17 - 000032768 _____ C:\Windows\system32\config\ELAM
==================== Files in the root of some directories ========
2024-06-01 21:02 - 2024-06-01 21:02 - 000007446 _____ () C:\Users\milan\AppData\Local\recently-used.xbel
==================== SigCheck ============================
(There is no automatic fix for files that do not pass verification.)
==================== End of FRST.txt ========================
Additional scan result of Farbar Recovery Scan Tool (x64) Version: 01.06.2024
Ran by milan (04-06-2024 13:19:55)
Running from C:\Users\milan\Desktop
Microsoft Windows 11 Home Version 23H2 22631.3593 (X64) (2023-12-12 23:46:57)
Boot Mode: Normal
==========================================================
==================== Accounts: =============================
(If an entry is included in the fixlist, it will be removed.)
Administrator (S-1-5-21-1522692154-720549613-4100842380-500 - Administrator - Disabled)
DefaultAccount (S-1-5-21-1522692154-720549613-4100842380-503 - Limited - Disabled)
Guest (S-1-5-21-1522692154-720549613-4100842380-501 - Limited - Disabled)
milan (S-1-5-21-1522692154-720549613-4100842380-1001 - Administrator - Enabled) => C:\Users\milan
WDAGUtilityAccount (S-1-5-21-1522692154-720549613-4100842380-504 - Limited - Disabled)
==================== Security Center ========================
(If an entry is included in the fixlist, it will be removed.)
AV: F-Secure (Disabled - Up to date) {DA5F8466-F00B-8E6B-6CB8-5AE55C9EBDCD}
AV: Windows Defender (Enabled - Up to date) {D68DDC3A-831F-4fae-9E44-DA132C1ACF46}
AV: McAfee (Disabled - Up to date) {0BE13B34-492A-21C0-AE43-C1742279CCB6}
FW: McAfee (Disabled) {33DABA11-0345-2098-851C-6841DCAA8BCD}
==================== Installed Programs ======================
(Only the adware programs with "Hidden" flag could be added to the fixlist to unhide them. The adware programs should be uninstalled manually.)
Acer Configuration Manager (HKLM-x32\...\{83EE3016-BFF3-4249-9DB8-2FC92D6DE9E6}) (Version: 2.5.22250 - Acer)
Acer Jumpstart (HKLM-x32\...\{0C5ED25A-B8D1-4E71-BFCB-6B370A4EA19C}) (Version: 3.5.22220.20 - Acer)
Care Center Service (HKLM\...\{AFB52E98-7597-4484-9202-58F0FD3512ED}) (Version: 4.00.3054 - Acer Incorporated)
ExpressVPN (HKLM-x32\...\{5B1D5290-DC0D-43D1-8220-8BB29BDDA0BE}) (Version: 2.5.22300.30 - Acer)
F-Secure (HKLM\...\{EB5A2E16-9F92-4CE0-85B2-0085FEF08034}) (Version: 19.4 - F-Secure Corporation)
GIMP 2.10.38 (HKLM\...\GIMP-2_is1) (Version: 2.10.38 - The GIMP Team)
Google Chrome (HKLM-x32\...\Google Chrome) (Version: 125.0.6422.114 - Google LLC)
McAfee (HKLM\...\McAfee.wps) (Version: 1.18.255.1 - McAfee, LLC)
Microsoft .NET Host - 6.0.28 (x64) (HKLM\...\{CA84969C-64F9-4606-A998-E692A5DA9B9F}) (Version: 48.112.10439 - Microsoft Corporation) Hidden
Microsoft .NET Host FX Resolver - 6.0.28 (x64) (HKLM\...\{7C4254A1-17EE-4840-B9D3-7CA9B34C75CD}) (Version: 48.112.10439 - Microsoft Corporation) Hidden
Microsoft .NET Runtime - 6.0.28 (x64) (HKLM\...\{4BCC5DFD-5D10-4ACC-AAA9-8A1578A9F0C6}) (Version: 48.112.10439 - Microsoft Corporation) Hidden
Microsoft 365 - cs-cz (HKLM\...\O365HomePremRetail - cs-cz) (Version: 16.0.17628.20110 - Microsoft Corporation)
Microsoft Edge (HKLM-x32\...\Microsoft Edge) (Version: 125.0.2535.79 - Microsoft Corporation)
Microsoft Edge WebView2 Runtime (HKLM-x32\...\Microsoft EdgeWebView) (Version: 125.0.2535.79 - Microsoft Corporation)
Microsoft OneDrive (HKU\S-1-5-21-1522692154-720549613-4100842380-1001\...\OneDriveSetup.exe) (Version: 24.103.0521.0002 - Microsoft Corporation)
Microsoft OneNote - cs-cz (HKLM\...\OneNoteFreeRetail - cs-cz) (Version: 16.0.17628.20110 - Microsoft Corporation)
Microsoft Visual C++ 2015-2019 Redistributable (x86) - 14.25.28508 (HKLM-x32\...\{65e650ff-30be-469d-b63a-418d71ea1765}) (Version: 14.25.28508.3 - Microsoft Corporation)
Microsoft Visual C++ 2019 X86 Additional Runtime - 14.25.28508 (HKLM-x32\...\{0FA68574-690B-4B00-89AA-B28946231449}) (Version: 14.25.28508 - Microsoft Corporation) Hidden
Microsoft Visual C++ 2019 X86 Minimum Runtime - 14.25.28508 (HKLM-x32\...\{2BC3BD4D-FABA-4394-93C7-9AC82A263FE2}) (Version: 14.25.28508 - Microsoft Corporation) Hidden
Microsoft Windows Desktop Runtime - 6.0.28 (x64) (HKLM\...\{443A7BE8-E5BE-4514-BDAB-0A872E3E846B}) (Version: 48.112.10435 - Microsoft Corporation) Hidden
Microsoft Windows Desktop Runtime - 6.0.28 (x64) (HKLM-x32\...\{bd3c5800-9256-43b9-97a7-eb349fc38d78}) (Version: 6.0.28.33420 - Microsoft Corporation)
Office 16 Click-to-Run Extensibility Component (HKLM\...\{90160000-008C-0000-1000-0000000FF1CE}) (Version: 16.0.17628.20110 - Microsoft Corporation) Hidden
Office 16 Click-to-Run Licensing Component (HKLM\...\{90160000-007E-0000-1000-0000000FF1CE}) (Version: 16.0.17628.20102 - Microsoft Corporation) Hidden
Quick Access Service (HKLM\...\{AB25551C-74EF-4BAB-9989-891517FCF9FF}) (Version: 3.00.3052 - Acer Incorporated)
Realtek Audio Driver (HKLM-x32\...\{F132AF7F-7BCA-4EDE-8A7C-958108FE7DBC}) (Version: 6.0.9172.1 - Realtek Semiconductor Corp.)
User Experience Improvement Program Service (HKLM\...\{323EA05D-046D-449D-9D7C-89243C957CCE}) (Version: 5.00.3018 - Acer Incorporated)
WebAdvisor od společnosti McAfee (HKLM-x32\...\{35ED3F83-4BDC-4c44-8EC6-6A8301C7413A}) (Version: 4.1.1.898 - McAfee, LLC)
Packages:
=========
Acer Product Registration -> C:\Program Files\WindowsApps\AcerIncorporated.AcerRegistration_2.0.3044.0_x64__48frkmn4z8aw4 [2023-12-28] (Acer Incorporated)
Acer Purified Voice Console -> C:\Program Files\WindowsApps\IntelligoTechnologyInc.AcerPurifiedVoiceConsole_1.0.34.0_x64__zzw691tb7va64 [2024-05-21] (Intelligo Technology Inc.)
AppUp.IntelGraphicsExperience -> C:\Program Files\WindowsApps\AppUp.IntelGraphicsExperience_1.100.5487.0_x64__8j3eq9eme6ctt [2024-05-21] (INTEL CORP) [Startup Task]
Care Center S -> C:\Program Files\WindowsApps\AcerIncorporated.AcerCareCenterS_4.0.3054.0_x64__48frkmn4z8aw4 [2023-12-14] (Acer Incorporated)
Dropbox promotion -> C:\Program Files\WindowsApps\C27EB4BA.DropboxOEM_23.4.24.0_x64__xbfy0k16fey96 [2024-05-28] (Dropbox Inc.)
Evernote -> C:\Program Files\WindowsApps\Evernote.Evernote_10.89.2.0_x64__q4d96b2w5wcc2 [2024-05-29] (Evernote) [Startup Task]
Fotografie -> C:\Program Files\WindowsApps\Microsoft.Windows.Photos_2024.11050.29009.0_x64__8wekyb3d8bbwe [2024-06-04] (Microsoft Corporation) [Startup Task]
Hearts Deluxe -> C:\Program Files\WindowsApps\26720RandomSaladGamesLLC.HeartsDeluxe_6.13.112.0_x64__kx24dqmazqk8j [2024-05-21] (Random Salad Games LLC)
Intel® Optane™ Memory and Storage Management -> C:\Program Files\WindowsApps\AppUp.IntelOptaneMemoryandStorageManagement_18.1.1041.0_x64__8j3eq9eme6ctt [2024-05-21] (INTEL CORP)
McAfee -> C:\Program Files\McAfee\wps\1.18.255.1 [2024-05-21] ()
Microsoft Defender -> C:\Program Files\WindowsApps\Microsoft.6365217CE6EB4_102.2403.21002.0_x64__8wekyb3d8bbwe [2024-06-03] (Microsoft Corporation) [Startup Task]
Microsoft Family -> C:\Program Files\WindowsApps\MicrosoftCorporationII.MicrosoftFamily_0.1.28.0_x64__8wekyb3d8bbwe [2023-12-14] (Microsoft Corp.)
Microsoft.AV1VideoExtension -> C:\Program Files\WindowsApps\Microsoft.AV1VideoExtension_1.1.61781.0_x64__8wekyb3d8bbwe [2023-12-28] (Microsoft Corporation)
Microsoft.BingSearch -> C:\Program Files\WindowsApps\Microsoft.BingSearch_1.0.91.0_x64__8wekyb3d8bbwe [2024-05-29] (Microsoft Corporation)
Microsoft.D3DMappingLayers -> C:\Program Files\WindowsApps\Microsoft.D3DMappingLayers_1.2404.1.0_x64__8wekyb3d8bbwe [2024-05-21] (Microsoft Corporation)
MicrosoftWindows.CrossDevice -> C:\Program Files\WindowsApps\MicrosoftWindows.CrossDevice_1.24051.39.0_x64__cw5n1h2txyewy [2024-05-31] (Microsoft Windows) [Startup Task]
QuickAccess -> C:\Program Files\WindowsApps\AcerIncorporated.QuickAccess_3.0.3052.0_x64__48frkmn4z8aw4 [2023-12-14] (Acer Incorporated)
Realtek Audio Control -> C:\Program Files\WindowsApps\RealtekSemiconductorCorp.RealtekAudioControl_1.26.250.0_x64__dt26b99r8h8gj [2023-12-14] (Realtek Semiconductor Corp)
Solitaire -> C:\Program Files\WindowsApps\26720RandomSaladGamesLLC.3899848563C1F_1.0.137.0_x64__kx24dqmazqk8j [2024-05-21] (Random Salad Games LLC)
Spades -> C:\Program Files\WindowsApps\26720RandomSaladGamesLLC.Spades_6.1.121.0_x64__kx24dqmazqk8j [2024-05-21] (Random Salad Games LLC)
User Experience Improvement Program V5 -> C:\Program Files\WindowsApps\AcerIncorporated.UserExperienceImprovementProgramV_5.0.3018.0_x64__48frkmn4z8aw4 [2023-12-14] (Acer Incorporated)
WinAppRuntime.Main.1.4 -> C:\Program Files\WindowsApps\MicrosoftCorporationII.WinAppRuntime.Main.1.4_4000.1227.1637.0_x64__8wekyb3d8bbwe [2024-05-22] (Microsoft Corp.)
WinAppRuntime.Singleton -> C:\Program Files\WindowsApps\MicrosoftCorporationII.WinAppRuntime.Singleton_4000.1227.1637.0_x64__8wekyb3d8bbwe [2024-05-22] (Microsoft Corp.)
Windows App Runtime DDLM 4000.1082.2259.0-x6 -> C:\Program Files\WindowsApps\Microsoft.WinAppRuntime.DDLM.4000.1082.2259.0-x6_4000.1082.2259.0_x64__8wekyb3d8bbwe [2024-05-20] (Microsoft Corporation)
Windows App Runtime DDLM 4000.1082.2259.0-x8 -> C:\Program Files\WindowsApps\Microsoft.WinAppRuntime.DDLM.4000.1082.2259.0-x8_4000.1082.2259.0_x86__8wekyb3d8bbwe [2024-05-20] (Microsoft Corporation)
Windows App Runtime DDLM 4000.964.11.0-x6 -> C:\Program Files\WindowsApps\Microsoft.WinAppRuntime.DDLM.4000.964.11.0-x6_4000.964.11.0_x64__8wekyb3d8bbwe [2023-12-25] (Microsoft Corporation)
Windows App Runtime DDLM 4000.964.11.0-x8 -> C:\Program Files\WindowsApps\Microsoft.WinAppRuntime.DDLM.4000.964.11.0-x8_4000.964.11.0_x86__8wekyb3d8bbwe [2023-12-25] (Microsoft Corporation)
Windows Feature Experience Pack -> C:\Windows\SystemApps\MicrosoftWindows.Client.LKG_cw5n1h2txyewy [2024-05-27] (Microsoft Windows)
==================== Custom CLSID (Whitelisted): ==============
(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)
CustomCLSID: HKU\S-1-5-21-1522692154-720549613-4100842380-1001_Classes\CLSID\{446889A0-340F-4CC6-84B2-77A832AE2176}\localserver32 -> C:\Program Files (x86)\F-Secure\TOTAL\x64\fshoster64.exe (F-Secure Corporation -> F-Secure Corporation)
ContextMenuHandlers1: [McCtxMenu] -> {4ADAAC88-E1BD-424F-816D-15E059007938} => C:\Program Files\McAfee\wps\1.18.255.1\mc-ctxmnu.dll [2024-05-21] (McAfee, LLC -> McAfee, LLC)
ContextMenuHandlers6: [McCtxMenu] -> {4ADAAC88-E1BD-424F-816D-15E059007938} => C:\Program Files\McAfee\wps\1.18.255.1\mc-ctxmnu.dll [2024-05-21] (McAfee, LLC -> McAfee, LLC)
==================== Codecs (Whitelisted) ====================
==================== Shortcuts & WMI ========================
==================== Loaded Modules (Whitelisted) =============
==================== Alternate Data Streams (Whitelisted) ========
==================== Safe Mode (Whitelisted) ==================
(If an entry is included in the fixlist, it will be removed from the registry. The "AlternateShell" will be restored.)
HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\mc-fw-host => ""="Service"
HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Network\mc-fw-host => ""="Service"
HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Network\mfetdi2k => ""="Service"
HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Network\mfetdi2k.sys => ""="Driver"
==================== Association (Whitelisted) =================
==================== Internet Explorer (Whitelisted) ==========
BHO-x32: Skype for Business Browser Helper -> {31D09BA0-12F5-4CCE-BE8A-2923E76605DA} -> C:\Program Files\Microsoft Office\root\VFS\ProgramFilesX86\Microsoft Office\Office16\OCHelper.dll [2024-05-20] (Microsoft Corporation -> Microsoft Corporation)
Handler: mso-minsb-roaming.16 - {83C25742-A9F7-49FB-9138-434302C88D07} - C:\Program Files\Microsoft Office\root\Office16\MSOSB.DLL [2024-06-03] (Microsoft Corporation -> Microsoft Corporation)
Handler-x32: mso-minsb-roaming.16 - {83C25742-A9F7-49FB-9138-434302C88D07} - C:\Program Files\Microsoft Office\root\VFS\ProgramFilesX86\Microsoft Office\Office16\MSOSB.DLL [2024-06-03] (Microsoft Corporation -> Microsoft Corporation)
Handler: mso-minsb.16 - {42089D2D-912D-4018-9087-2B87803E93FB} - C:\Program Files\Microsoft Office\root\Office16\MSOSB.DLL [2024-06-03] (Microsoft Corporation -> Microsoft Corporation)
Handler-x32: mso-minsb.16 - {42089D2D-912D-4018-9087-2B87803E93FB} - C:\Program Files\Microsoft Office\root\VFS\ProgramFilesX86\Microsoft Office\Office16\MSOSB.DLL [2024-06-03] (Microsoft Corporation -> Microsoft Corporation)
Handler: osf-roaming.16 - {42089D2D-912D-4018-9087-2B87803E93FB} - C:\Program Files\Microsoft Office\root\Office16\MSOSB.DLL [2024-06-03] (Microsoft Corporation -> Microsoft Corporation)
Handler-x32: osf-roaming.16 - {42089D2D-912D-4018-9087-2B87803E93FB} - C:\Program Files\Microsoft Office\root\VFS\ProgramFilesX86\Microsoft Office\Office16\MSOSB.DLL [2024-06-03] (Microsoft Corporation -> Microsoft Corporation)
Handler: osf.16 - {5504BE45-A83B-4808-900A-3A5C36E7F77A} - C:\Program Files\Microsoft Office\root\Office16\MSOSB.DLL [2024-06-03] (Microsoft Corporation -> Microsoft Corporation)
Handler-x32: osf.16 - {5504BE45-A83B-4808-900A-3A5C36E7F77A} - C:\Program Files\Microsoft Office\root\VFS\ProgramFilesX86\Microsoft Office\Office16\MSOSB.DLL [2024-06-03] (Microsoft Corporation -> Microsoft Corporation)
==================== Hosts content: =========================
(If needed Hosts: directive could be included in the fixlist to reset Hosts.)
2022-05-07 07:24 - 2022-05-07 07:22 - 000000824 _____ C:\Windows\system32\drivers\etc\hosts
==================== Other Areas ===========================
(Currently there is no automatic fix for this section.)
HKU\S-1-5-21-1522692154-720549613-4100842380-1001\Control Panel\Desktop\\Wallpaper -> C:\Windows\web\wallpaper\Acer01.jpg
DNS Servers: 62.129.50.20 - 85.135.32.100
HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Policies\System => (ConsentPromptBehaviorAdmin: 5) (ConsentPromptBehaviorUser: 3) (EnableLUA: 1)
Windows Firewall is enabled.
==================== MSCONFIG/TASK MANAGER disabled items ==
(If an entry is included in the fixlist, it will be removed.)
HKU\S-1-5-21-1522692154-720549613-4100842380-1001\...\StartupApproved\Run: => "CCleaner Smart Cleaning"
==================== FirewallRules (Whitelisted) ================
(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)
FirewallRules: [{DE573B2F-63B8-4CB1-93D4-786F88161C20}] => (Allow) C:\Program Files\Microsoft Office\root\Office16\outlook.exe (Microsoft Corporation -> Microsoft Corporation)
FirewallRules: [{150042BD-4CA3-44DC-BF19-A40634A9FA06}] => (Allow) C:\Program Files\Google\Chrome\Application\chrome.exe (Google LLC -> Google LLC)
FirewallRules: [{41DA2652-E44B-447C-9AB7-62DDC61F25B3}] => (Allow) C:\Program Files (x86)\Microsoft\EdgeWebView\Application\125.0.2535.79\msedgewebview2.exe (Microsoft Corporation -> Microsoft Corporation)
FirewallRules: [{28C9B8C6-2EB3-493F-915D-19F0AB0A3F7D}] => (Allow) C:\Program Files\WindowsApps\MicrosoftTeams_24124.2402.2858.5617_x64__8wekyb3d8bbwe\msteams.exe (Microsoft Corporation -> Microsoft Corporation)
FirewallRules: [{F79CB33E-9EE3-493E-9ECA-089D9E72943F}] => (Allow) C:\Program Files\WindowsApps\MicrosoftTeams_24124.2402.2858.5617_x64__8wekyb3d8bbwe\msteams.exe (Microsoft Corporation -> Microsoft Corporation)
==================== Restore Points =========================
ATTENTION: System Restore is disabled (Total:475.67 GB) (Free:426.72 GB) (90%)
==================== Faulty Device Manager Devices ============
==================== Event log errors: ========================
Application errors:
==================
Error: (06/03/2024 07:49:10 AM) (Source: Application Error) (EventID: 1000) (User: LAPTOP-5DQCHNGG)
Description: Název chybující aplikace: AcerRegistrationBackGroundTask.exe, verze: 1.0.0.0, časové razítko: 0x64375ffb
Název chybujícího modulu: KERNELBASE.dll, verze: 10.0.22621.3527, časové razítko: 0xf436709b
Kód výjimky: 0xc000041d
Posun chyby: 0x001498b2
ID chybujícího procesu: 0x0x32b4
Čas spuštění chybující aplikace: 0x0x1dab579bf1f10ad
Cesta k chybující aplikaci: C:\Program Files\WindowsApps\AcerIncorporated.AcerRegistration_2.0.3044.0_x64__48frkmn4z8aw4\DesktopApp\AcerRegistrationBackGroundTask.exe
Cesta k chybujícímu modulu: C:\Windows\System32\KERNELBASE.dll
ID zprávy: ebe1ae43-4d6b-4f57-8d2d-41a5fb103053
Úplný název chybujícího balíčku: AcerIncorporated.AcerRegistration_2.0.3044.0_x64__48frkmn4z8aw4
ID aplikace související s chybujícím balíčkem: Acer.AcerRegistration
Error: (06/03/2024 07:49:07 AM) (Source: Application Error) (EventID: 1000) (User: LAPTOP-5DQCHNGG)
Description: Název chybující aplikace: AcerRegistrationBackGroundTask.exe, verze: 1.0.0.0, časové razítko: 0x64375ffb
Název chybujícího modulu: KERNELBASE.dll, verze: 10.0.22621.3527, časové razítko: 0xf436709b
Kód výjimky: 0xc0020001
Posun chyby: 0x001498b2
ID chybujícího procesu: 0x0x32b4
Čas spuštění chybující aplikace: 0x0x1dab579bf1f10ad
Cesta k chybující aplikaci: C:\Program Files\WindowsApps\AcerIncorporated.AcerRegistration_2.0.3044.0_x64__48frkmn4z8aw4\DesktopApp\AcerRegistrationBackGroundTask.exe
Cesta k chybujícímu modulu: C:\Windows\System32\KERNELBASE.dll
ID zprávy: 38aa5e36-9b42-40ea-80e0-b7a83da7390d
Úplný název chybujícího balíčku: AcerIncorporated.AcerRegistration_2.0.3044.0_x64__48frkmn4z8aw4
ID aplikace související s chybujícím balíčkem: Acer.AcerRegistration
Error: (05/31/2024 09:13:16 AM) (Source: Application Error) (EventID: 1000) (User: LAPTOP-5DQCHNGG)
Description: Název chybující aplikace: iGoSwServer.exe, verze: 100.1.7.7, časové razítko: 0x6368c2f1
Název chybujícího modulu: ucrtbase.dll, verze: 10.0.22621.3593, časové razítko: 0x10c46e71
Kód výjimky: 0xc0000409
Posun chyby: 0x000000000007e008
ID chybujícího procesu: 0x0x197c
Čas spuštění chybující aplikace: 0x0x1dab31ae041d60a
Cesta k chybující aplikaci: C:\Windows\System32\DriverStore\FileRepository\igoaudioservice.inf_amd64_5480d357b22325cc\iGoSwServer.exe
Cesta k chybujícímu modulu: C:\Windows\System32\ucrtbase.dll
ID zprávy: f9a442c0-698b-4c2a-aa9f-5ab552996472
Úplný název chybujícího balíčku:
ID aplikace související s chybujícím balíčkem:
Error: (05/31/2024 09:07:22 AM) (Source: Microsoft Office 16) (EventID: 2011) (User: )
Description: Office Subscription licensing exception: Error Code: 0x305; CorrelationId: {F7902A1C-B1DF-47FB-B541-8D0CF0024693}
Error: (05/31/2024 07:45:54 AM) (Source: Application Error) (EventID: 1000) (User: LAPTOP-5DQCHNGG)
Description: Název chybující aplikace: AcerRegistrationBackGroundTask.exe, verze: 1.0.0.0, časové razítko: 0x64375ffb
Název chybujícího modulu: KERNELBASE.dll, verze: 10.0.22621.3527, časové razítko: 0xf436709b
Kód výjimky: 0xc000041d
Posun chyby: 0x001498b2
ID chybujícího procesu: 0x0x1690
Čas spuštění chybující aplikace: 0x0x1dab31dcc253cd1
Cesta k chybující aplikaci: C:\Program Files\WindowsApps\AcerIncorporated.AcerRegistration_2.0.3044.0_x64__48frkmn4z8aw4\DesktopApp\AcerRegistrationBackGroundTask.exe
Cesta k chybujícímu modulu: C:\Windows\System32\KERNELBASE.dll
ID zprávy: 02e6a856-8e71-49e6-8bfe-c9197576c64d
Úplný název chybujícího balíčku: AcerIncorporated.AcerRegistration_2.0.3044.0_x64__48frkmn4z8aw4
ID aplikace související s chybujícím balíčkem: Acer.AcerRegistration
Error: (05/31/2024 07:45:52 AM) (Source: Application Error) (EventID: 1000) (User: LAPTOP-5DQCHNGG)
Description: Název chybující aplikace: AcerRegistrationBackGroundTask.exe, verze: 1.0.0.0, časové razítko: 0x64375ffb
Název chybujícího modulu: KERNELBASE.dll, verze: 10.0.22621.3527, časové razítko: 0xf436709b
Kód výjimky: 0xc0020001
Posun chyby: 0x001498b2
ID chybujícího procesu: 0x0x1690
Čas spuštění chybující aplikace: 0x0x1dab31dcc253cd1
Cesta k chybující aplikaci: C:\Program Files\WindowsApps\AcerIncorporated.AcerRegistration_2.0.3044.0_x64__48frkmn4z8aw4\DesktopApp\AcerRegistrationBackGroundTask.exe
Cesta k chybujícímu modulu: C:\Windows\System32\KERNELBASE.dll
ID zprávy: 526eb515-4448-4e61-9668-ca22bcb69839
Úplný název chybujícího balíčku: AcerIncorporated.AcerRegistration_2.0.3044.0_x64__48frkmn4z8aw4
ID aplikace související s chybujícím balíčkem: Acer.AcerRegistration
Error: (05/30/2024 09:04:35 PM) (Source: Application Error) (EventID: 1000) (User: LAPTOP-5DQCHNGG)
Description: Název chybující aplikace: iGoSwServer.exe, verze: 100.1.7.7, časové razítko: 0x6368c2f1
Název chybujícího modulu: ucrtbase.dll, verze: 10.0.22621.3593, časové razítko: 0x10c46e71
Kód výjimky: 0xc0000409
Posun chyby: 0x000000000007e008
ID chybujícího procesu: 0x0x1764
Čas spuštění chybující aplikace: 0x0x1dab282b61f54c6
Cesta k chybující aplikaci: C:\Windows\System32\DriverStore\FileRepository\igoaudioservice.inf_amd64_5480d357b22325cc\iGoSwServer.exe
Cesta k chybujícímu modulu: C:\Windows\System32\ucrtbase.dll
ID zprávy: de73459f-eacb-4e83-a16a-19ea28cc77f9
Úplný název chybujícího balíčku:
ID aplikace související s chybujícím balíčkem:
Error: (05/30/2024 07:48:07 AM) (Source: Application Error) (EventID: 1000) (User: LAPTOP-5DQCHNGG)
Description: Název chybující aplikace: iGoSwServer.exe, verze: 100.1.7.7, časové razítko: 0x6368c2f1
Název chybujícího modulu: ucrtbase.dll, verze: 10.0.22621.3593, časové razítko: 0x10c46e71
Kód výjimky: 0xc0000409
Posun chyby: 0x000000000007e008
ID chybujícího procesu: 0x0x3c2c
Čas spuštění chybující aplikace: 0x0x1dab2529a1941ab
Cesta k chybující aplikaci: C:\Windows\System32\DriverStore\FileRepository\igoaudioservice.inf_amd64_5480d357b22325cc\iGoSwServer.exe
Cesta k chybujícímu modulu: C:\Windows\System32\ucrtbase.dll
ID zprávy: 15c2a0c5-8589-4248-b0a4-235dcf2999f5
Úplný název chybujícího balíčku:
ID aplikace související s chybujícím balíčkem:
System errors:
=============
Error: (06/04/2024 11:06:25 AM) (Source: Netwtw10) (EventID: 5005) (User: )
Description: Intel(R) Wi-Fi 6 AX101 : Byla zjištěna vnitřní chyba a došlo k selhání.
5005 - Driver internal error
Error: (06/04/2024 11:06:25 AM) (Source: Netwtw10) (EventID: 5002) (User: )
Description: Intel(R) Wi-Fi 6 AX101 : Bylo zjištěno, že síťový adaptér nepracuje správně.
5002 - uCode SW error (SysAssert, NMI)
Error: (06/04/2024 11:06:22 AM) (Source: Netwtw10) (EventID: 5005) (User: )
Description: Intel(R) Wi-Fi 6 AX101 : Byla zjištěna vnitřní chyba a došlo k selhání.
5005 - Driver internal error
Error: (06/04/2024 11:06:22 AM) (Source: Netwtw10) (EventID: 5007) (User: )
Description: 5007 - TX/CMD timeout (TfdQueue hanged)
Error: (06/04/2024 11:00:42 AM) (Source: Netwtw10) (EventID: 5005) (User: )
Description: Intel(R) Wi-Fi 6 AX101 : Byla zjištěna vnitřní chyba a došlo k selhání.
5005 - Driver internal error
Error: (06/04/2024 11:00:42 AM) (Source: Netwtw10) (EventID: 5002) (User: )
Description: Intel(R) Wi-Fi 6 AX101 : Bylo zjištěno, že síťový adaptér nepracuje správně.
5002 - uCode SW error (SysAssert, NMI)
Error: (06/04/2024 11:00:38 AM) (Source: Netwtw10) (EventID: 5005) (User: )
Description: Intel(R) Wi-Fi 6 AX101 : Byla zjištěna vnitřní chyba a došlo k selhání.
5005 - Driver internal error
Error: (06/04/2024 11:00:38 AM) (Source: Netwtw10) (EventID: 5007) (User: )
Description: 5007 - TX/CMD timeout (TfdQueue hanged)
Windows Defender:
================
Date: 2024-06-04 13:15:58
Description:
Prohledávání Antivirová ochrana v programu Microsoft Defender bylo zastaveno před dokončením.
ID prohledávání: {62E4D788-6A66-4A80-A10C-47654B6B591B}
Typ prohledávání: Antimalwarový program
Parametry prohledávání: Rychlé prohledávání
Uživatel: NT AUTHORITY\SYSTEM
Date: 2024-06-03 10:04:11
Description:
Prohledávání Antivirová ochrana v programu Microsoft Defender bylo zastaveno před dokončením.
ID prohledávání: {E5BA2FA3-D9F4-4549-BB01-E166B166C751}
Typ prohledávání: Antimalwarový program
Parametry prohledávání: Rychlé prohledávání
Uživatel: NT AUTHORITY\SYSTEM
Date: 2024-06-02 15:37:43
Description:
Prohledávání Antivirová ochrana v programu Microsoft Defender bylo zastaveno před dokončením.
ID prohledávání: {AE202899-3A4B-4B35-995C-4EB2FB07E780}
Typ prohledávání: Antimalwarový program
Parametry prohledávání: Rychlé prohledávání
Uživatel: NT AUTHORITY\SYSTEM
Date: 2024-06-01 12:19:42
Description:
Prohledávání Antivirová ochrana v programu Microsoft Defender bylo zastaveno před dokončením.
ID prohledávání: {6389282D-6FBE-49EC-BBBE-BD5250118A7B}
Typ prohledávání: Antimalwarový program
Parametry prohledávání: Rychlé prohledávání
Uživatel: NT AUTHORITY\SYSTEM
Date: 2024-05-31 08:05:27
Description:
Prohledávání Antivirová ochrana v programu Microsoft Defender bylo zastaveno před dokončením.
ID prohledávání: {A331A816-B38E-4A24-A4A8-48D9DC754FCF}
Typ prohledávání: Antimalwarový program
Parametry prohledávání: Rychlé prohledávání
Uživatel: NT AUTHORITY\SYSTEM
Event[0]
Date: 2024-05-20 17:48:54
Description:
Antivirová ochrana v programu Microsoft Defender narazil na chybu při pokusu o aktualizaci bezpečnostních informací.
Nová verze bezpečnostních informací:
Předchozí verze bezpečnostních informací: 1.403.3578.0
Zdroj aktualizace: Server Microsoft Update
Typ bezpečnostních informací: Antivirový program
Typ aktualizace: Úplné
Uživatel: NT AUTHORITY\SYSTEM
Aktuální verze modulu:
Předchozí verze modulu: 1.1.24010.10
Kód chyby: 0x80240016
Popis chyby: Při zjišťování aktualizací došlo k neočekávaným potížím. Informace o instalaci nebo řešení potíží s aktualizacemi naleznete v nápovědě a podpoře.
Date: 2024-05-17 10:35:16
Description:
Antivirová ochrana v programu Microsoft Defender narazil na chybu při pokusu o aktualizaci bezpečnostních informací.
Nová verze bezpečnostních informací:
Předchozí verze bezpečnostních informací: 1.403.3263.0
Zdroj aktualizace: Centrum společnosti Microsoft pro ochranu před škodlivým softwarem
Typ bezpečnostních informací: Antivirový program
Typ aktualizace: Úplné
Uživatel: NT AUTHORITY\SYSTEM
Aktuální verze modulu:
Předchozí verze modulu: 1.1.23110.2
Kód chyby: 0x80072ee7
Popis chyby: Nelze rozpoznat název nebo adresu serveru.
Date: 2024-05-17 10:35:16
Description:
Antivirová ochrana v programu Microsoft Defender narazil na chybu při pokusu o aktualizaci bezpečnostních informací.
Nová verze bezpečnostních informací:
Předchozí verze bezpečnostních informací: 1.403.3263.0
Zdroj aktualizace: Centrum společnosti Microsoft pro ochranu před škodlivým softwarem
Typ bezpečnostních informací: Antispywarový program
Typ aktualizace: Úplné
Uživatel: NT AUTHORITY\SYSTEM
Aktuální verze modulu:
Předchozí verze modulu: 1.1.23110.2
Kód chyby: 0x80072ee7
Popis chyby: Nelze rozpoznat název nebo adresu serveru.
Date: 2024-05-17 10:35:16
Description:
Antivirová ochrana v programu Microsoft Defender narazil na chybu při pokusu o aktualizaci bezpečnostních informací.
Nová verze bezpečnostních informací:
Předchozí verze bezpečnostních informací: 1.403.3263.0
Zdroj aktualizace: Centrum společnosti Microsoft pro ochranu před škodlivým softwarem
Typ bezpečnostních informací: Antivirový program
Typ aktualizace: Úplné
Uživatel: NT AUTHORITY\SYSTEM
Aktuální verze modulu:
Předchozí verze modulu: 1.1.23110.2
Kód chyby: 0x80072ee7
Popis chyby: Nelze rozpoznat název nebo adresu serveru.
Date: 2024-05-17 10:35:16
Description:
Antivirová ochrana v programu Microsoft Defender narazil na chybu při pokusu o aktualizaci bezpečnostních informací.
Nová verze bezpečnostních informací:
Předchozí verze bezpečnostních informací: 1.403.3263.0
Zdroj aktualizace: Centrum společnosti Microsoft pro ochranu před škodlivým softwarem
Typ bezpečnostních informací: Antivirový program
Typ aktualizace: Úplné
Uživatel: NT AUTHORITY\SYSTEM
Aktuální verze modulu:
Předchozí verze modulu: 1.1.23110.2
Kód chyby: 0x80072ee2
Popis chyby: Operace nebyla v požadované době dokončena.
CodeIntegrity:
===============
Date: 2024-06-04 13:17:51
Description:
Windows is unable to verify the image integrity of the file \Device\HarddiskVolume3\Program Files (x86)\F-Secure\TOTAL\Ultralight\ulcore\1715597669\fsamsi64.dll because file hash could not be found on the system. A recent hardware or software change might have installed a file that is signed incorrectly or damaged, or that might be malicious software from an unknown source.
Date: 2024-06-04 13:17:51
Description:
Code Integrity determined that a process (\Device\HarddiskVolume3\Windows\System32\svchost.exe) attempted to load \Device\HarddiskVolume3\Program Files\McAfee\wps\1.18.255.1\mc-sec-plugin-x64.dll that did not meet the Windows signing level requirements.
==================== Memory info ===========================
BIOS: Insyde Corp. V1.34 04/21/2023
Motherboard: TGL Camellia_TL
Processor: 11th Gen Intel(R) Core(TM) i3-1115G4 @ 3.00GHz
Percentage of memory in use: 60%
Total physical RAM: 7971.3 MB
Available physical RAM: 3154.88 MB
Total Virtual: 9635.3 MB
Available Virtual: 3748.65 MB
==================== Drives ================================
Drive c: (Acer) (Fixed) (Total:475.67 GB) (Free:426.72 GB) (Model: NVMe KINGSTON OM8SEP4512Q-AA) NTFS
\\?\Volume{f7a5a8c9-aea1-491b-87cb-1365caa5168a}\ (Recovery) (Fixed) (Total:1 GB) (Free:0.43 GB) NTFS
\\?\Volume{f4bdbb46-65ba-47c3-a643-cc356c83e3b0}\ (ESP) (Fixed) (Total:0.25 GB) (Free:0.19 GB) FAT32
==================== MBR & Partition Table ====================
==================== End of Addition.txt =======================
Scan result of Farbar Recovery Scan Tool (FRST) (x64) Version: 01.06.2024
Ran by milan (administrator) on LAPTOP-5DQCHNGG (Acer Aspire A315-58) (04-06-2024 13:18:22)
Running from C:\Users\milan\Desktop\FRST64.exe
Loaded Profiles: milan
Platform: Microsoft Windows 11 Home Version 23H2 22631.3593 (X64) Language: Čeština (Česko)
Default browser: Chrome
Boot Mode: Normal
==================== Processes (Whitelisted) =================
(If an entry is included in the fixlist, the process will be closed. The file will not be moved.)
(C:\Program Files\Acer\Quick Access Service\QASvc.exe ->) (Acer Incorporated -> Acer Incorporated) C:\Program Files\Acer\Quick Access Service\QAAdminAgent.exe
(C:\Program Files\Acer\Quick Access Service\QASvc.exe ->) (Acer Incorporated -> Acer Incorporated) C:\Program Files\Acer\Quick Access Service\QAAgent.exe
(C:\Program Files\McAfee\WebAdvisor\servicehost.exe ->) (McAfee, LLC -> McAfee, LLC) C:\Program Files\McAfee\WebAdvisor\uihost.exe
(C:\Program Files\WindowsApps\MicrosoftTeams_24124.2402.2858.5617_x64__8wekyb3d8bbwe\msteams.exe ->) (Microsoft Corporation -> Microsoft Corporation) C:\Program Files (x86)\Microsoft\EdgeWebView\Application\125.0.2535.79\msedgewebview2.exe <12>
(DriverStore\FileRepository\cui_dch.inf_amd64_ea0f2e956b37b3be\igfxCUIServiceN.exe ->) (Intel Corporation -> Intel Corporation) C:\Windows\System32\DriverStore\FileRepository\cui_dch.inf_amd64_ea0f2e956b37b3be\igfxEMN.exe
(explorer.exe ->) (Microsoft Corporation -> Microsoft Corporation) C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe <5>
(services.exe ->) (Acer Incorporated -> Acer Incorporated) C:\Program Files (x86)\Acer\Care Center\ACCSvc.exe
(services.exe ->) (Acer Incorporated -> Acer Incorporated) C:\Program Files\Acer\Quick Access Service\QASvc.exe
(services.exe ->) (British Cayman Islands Intelligo Technology Inc. Taiwan Branch -> Intelligo Technology Inc.) C:\Windows\System32\DriverStore\FileRepository\igoaudioservice.inf_amd64_5480d357b22325cc\IgoAudioService_x64.exe
(services.exe ->) (F-Secure Corporation -> F-Secure Corporation) C:\Program Files (x86)\F-Secure\TOTAL\FSNifWeb\1715672042\fshoster64.exe
(services.exe ->) (F-Secure Corporation -> F-Secure Corporation) C:\Program Files (x86)\F-Secure\TOTAL\x64\fshoster64.exe <3>
(services.exe ->) (F-Secure Corporation -> F-Secure Corporation) C:\Program Files (x86)\F-Secure\TOTAL\x64\fsvpnservice_64.exe
(services.exe ->) (Intel Corporation -> Intel Corporation) C:\Windows\System32\DriverStore\FileRepository\cui_dch.inf_amd64_ea0f2e956b37b3be\igfxCUIServiceN.exe
(services.exe ->) (Intel Corporation -> Intel Corporation) C:\Windows\System32\DriverStore\FileRepository\iastorvd.inf_amd64_a5ea1b1d8db1527e\RstMwService.exe
(services.exe ->) (Intel Corporation -> Intel Corporation) C:\Windows\System32\DriverStore\FileRepository\igcc_dch.inf_amd64_98ad395a329efc54\OneApp.IGCC.WinService.exe
(services.exe ->) (Intel Corporation -> Intel Corporation) C:\Windows\System32\DriverStore\FileRepository\iigd_dch.inf_amd64_38b23bd92a6775fe\IntelCpHDCPSvc.exe
(services.exe ->) (Intel Corporation -> Intel Corporation) C:\Windows\System32\DriverStore\FileRepository\lms.inf_amd64_fddb643595e0b8d0\LMS.exe
(services.exe ->) (Intel Corporation -> Intel) C:\Windows\System32\DriverStore\FileRepository\intcoed.inf_amd64_0f43cda6a2474b5c\AS\IAS\IntelAudioService.exe
(services.exe ->) (Intel(R) Embedded Subsystems and IP Blocks Group -> Intel Corporation) C:\Windows\System32\DriverStore\FileRepository\dal.inf_amd64_b5484efd38adbe8d\jhi_service.exe
(services.exe ->) (McAfee, LLC -> McAfee, LLC) C:\Program Files\McAfee\WebAdvisor\servicehost.exe
(services.exe ->) (McAfee, LLC -> McAfee, LLC) C:\Program Files\McAfee\wps\1.18.255.1\mc-fw-host.exe <2>
(services.exe ->) (Microsoft Corporation -> Microsoft Corporation) C:\Program Files\Common Files\microsoft shared\ClickToRun\OfficeClickToRun.exe
(services.exe ->) (Microsoft Corporation -> Microsoft Corporation) C:\Windows\Microsoft.NET\Framework64\v3.0\WPF\PresentationFontCache.exe
(services.exe ->) (Microsoft Windows Publisher -> Microsoft Corporation) C:\ProgramData\Microsoft\Windows Defender\Platform\4.18.24050.7-0\MpDefenderCoreService.exe
(services.exe ->) (Microsoft Windows Publisher -> Microsoft Corporation) C:\ProgramData\Microsoft\Windows Defender\Platform\4.18.24050.7-0\MsMpEng.exe
(services.exe ->) (Microsoft Windows Publisher -> Microsoft Corporation) C:\ProgramData\Microsoft\Windows Defender\Platform\4.18.24050.7-0\NisSrv.exe
(services.exe ->) (Realtek Semiconductor Corp. -> Realtek Semiconductor) C:\Windows\System32\DriverStore\FileRepository\realtekservice.inf_amd64_6903f1a9d3b68dab\RtkAudUService64.exe <2>
(services.exe ->) (WithSecure Oyj -> F-Secure Corporation) C:\Program Files (x86)\F-Secure\TOTAL\Ultralight\ulcore\1715597669\fsorsp64.exe
(services.exe ->) (WithSecure Oyj -> WithSecure Corporation) C:\Program Files (x86)\F-Secure\TOTAL\Ultralight\ulcore\1715597669\fshoster64.exe <2>
(services.exe ->) (WithSecure Oyj -> WithSecure Corporation) C:\Program Files (x86)\F-Secure\TOTAL\Ultralight\ulcore\1715597669\fsulprothoster.exe
(svchost.exe ->) (Acer Incorporated -> ) C:\Program Files (x86)\Acer\Care Center\ACCStd.exe
(svchost.exe ->) (Acer Incorporated -> Microsoft) C:\Program Files\Acer\StorPSCTL\StorPSCTL.exe
(svchost.exe ->) (British Cayman Islands Intelligo Technology Inc. Taiwan Branch -> Intelligo Technology Inc.) C:\Windows\System32\DriverStore\FileRepository\igoaudioservice.inf_amd64_5480d357b22325cc\iGoSwServer.exe <2>
(svchost.exe ->) (Intel Corporation -> Intel Corporation) C:\Windows\System32\DriverStore\FileRepository\cui_dch.inf_amd64_ea0f2e956b37b3be\igfxextN.exe
(svchost.exe ->) (Microsoft Corporation -> Microsoft Corporation) C:\Users\milan\AppData\Local\Microsoft\OneDrive\24.103.0521.0002\FileCoAuth.exe
(svchost.exe ->) (Microsoft Windows -> Microsoft Corporation) C:\Program Files\WindowsApps\MicrosoftWindows.Client.WebExperience_524.13200.10.0_x64__cw5n1h2txyewy\Dashboard\WidgetService.exe
(svchost.exe ->) (Microsoft Windows -> Microsoft Corporation) C:\Windows\ImmersiveControlPanel\SystemSettings.exe
(svchost.exe ->) (Microsoft Windows -> Microsoft Corporation) C:\Windows\System32\dllhost.exe <3>
(svchost.exe ->) (Microsoft Windows -> Microsoft Corporation) C:\Windows\System32\smartscreen.exe
(svchost.exe ->) (Microsoft Windows -> Microsoft Corporation) C:\Windows\System32\wlanext.exe
(svchost.exe ->) (Microsoft Windows -> Microsoft Corporation) C:\Windows\System32\WWAHost.exe
==================== Registry (Whitelisted) ===================
(If an entry is included in the fixlist, the registry item will be restored to default or removed. The file will not be moved.)
HKLM\...\Run: [RtkAudUService] => C:\Windows\System32\DriverStore\FileRepository\realtekservice.inf_amd64_6903f1a9d3b68dab\RtkAudUService64.exe [1259872 2021-05-19] (Realtek Semiconductor Corp. -> Realtek Semiconductor)
HKU\S-1-5-21-1522692154-720549613-4100842380-1001\...\Run: [MicrosoftEdgeAutoLaunch_EB47026D08FE0D2DEE1F47E11465E666] => "C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --no-startup-window --win-session-start [4136896 2024-05-30] (Microsoft Corporation -> Microsoft Corporation)
HKLM\Software\Microsoft\Active Setup\Installed Components: [{8A69D345-D564-463c-AFF1-A69D9E530F96}] -> C:\Program Files\Google\Chrome\Application\125.0.6422.114\Installer\chrmstp.exe [2024-05-30] (Google LLC -> Google LLC)
==================== Scheduled Tasks (Whitelisted) =================
(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)
Task: {F06FC732-66DF-4A74-9B71-A761D23993F7} - System32\Tasks\ACC => C:\Program Files (x86)\Acer\Care Center\LiveUpdateChecker.exe [3089768 2023-02-03] (Acer Incorporated -> ) -> C:\Program Files (x86)\Acer\Care Center\-auto
Task: {460B4C83-BF11-4192-80FD-25F72D1FDFA8} - System32\Tasks\ACCAgent => C:\Program Files (x86)\Acer\Care Center\LiveUpdateAgent.exe [41832 2023-02-03] (Acer Incorporated -> )
Task: {87BBA08E-4C16-4F5A-9CFC-FDE400299AFA} - System32\Tasks\ACCBackgroundApplication => C:\Program Files (x86)\Acer\Care Center\ACCStd.exe [4956008 2023-02-03] (Acer Incorporated -> )
Task: {ED62D5A4-C53E-4A19-8C52-83D38A63F360} - System32\Tasks\AcerCMUpdateTask2.5.22250 => C:\Program Files (x86)\Acer\Amundsen\2.5.22250\awc.exe [96904 2022-10-13] (Acer Incorporated -> )
Task: {143DF8E1-2620-41F2-950D-8AC6E6578403} - System32\Tasks\CareCenter\MicrosoftEdgeAutoLaunch_EB47026D08FE0D2DEE1F47E11465E666_Reg_HKCURun_S-1-5-21-1522692154-720549613-4100842380-1001 => C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe [4136896 2024-05-30] (Microsoft Corporation -> Microsoft Corporation) -> C:\Program Files (x86)\Microsoft\Edge\Application\--no-startup-window --win-session-start
Task: {5890D53F-75D3-4A58-90E1-705F0C54B8F6} - System32\Tasks\F-Secure\F-Secure Hotfix => C:\Program Files (x86)\F-Secure\TOTAL\x64\fs_hotfix_64.exe [510856 2024-05-28] (F-Secure Corporation -> F-Secure Corporation)
Task: {8B3D35E8-2C19-4649-86B9-568C8FAD0F9E} - System32\Tasks\GoogleSystem\GoogleUpdater\GoogleUpdaterTaskSystem127.0.6490.0{7863E041-B445-4567-908D-89ECC6DA2015} => C:\Program Files (x86)\Google\GoogleUpdater\127.0.6490.0\updater.exe [4785440 2024-05-20] (Google LLC -> Google LLC)
Task: {EFCDAA27-506A-41E3-B3C3-85BE8DA1D2A5} - System32\Tasks\iGoAudioTask => C:\Windows\System32\DriverStore\FileRepository\igoaudioservice.inf_amd64_5480d357b22325cc\iGoSwServer.exe [467344 2022-11-15] (British Cayman Islands Intelligo Technology Inc. Taiwan Branch -> Intelligo Technology Inc.)
Task: {00BE2514-B022-4CCD-B861-04645BF7D690} - System32\Tasks\iGoAudioTaskSession => C:\Windows\System32\DriverStore\FileRepository\igoaudioservice.inf_amd64_5480d357b22325cc\iGoSwServer.exe [467344 2022-11-15] (British Cayman Islands Intelligo Technology Inc. Taiwan Branch -> Intelligo Technology Inc.)
Task: {E6FF01FD-D2B7-46CC-951A-CB0F4EE8917A} - System32\Tasks\McAfee OEM Subscription job => \\?\C:\Program Files\McAfee\wps\SubscriptionJob\mc-oem-subjob.exe [2169512 2024-05-20] (McAfee, LLC -> McAfee, LLC)
Task: {321E56E0-D9F0-41FC-9E9B-80C3AF0B935A} - System32\Tasks\McAfee\WPS\McAfee Anti-tracker notification => 1A62D23B-93C2-468A-B6B0-FFB2A23C1C0D
Task: {5E7350B0-39EC-4C74-90B3-113942171C5F} - System32\Tasks\McAfee\WPS\McAfee Cloud Configuration Check => 1A62D23B-93C2-468A-B6B0-FFB2A23C1C0D
Task: {D3CF9E06-6ED5-432B-9923-921AFE4BE242} - System32\Tasks\McAfee\WPS\McAfee Health Check => C:\Program Files\McAfee\wps\1.18.255.1\sustainability\mc-sustainability.exe [950824 2024-05-21] (McAfee, LLC -> McAfee, LLC)
Task: {2528C8BC-5360-45A1-B7BE-8296FE682031} - System32\Tasks\McAfee\WPS\McAfee Hotfix => C:\Program Files\McAfee\wps\1.18.255.1\dad\mc-dad.exe [2654448 2024-05-21] (McAfee, LLC -> McAfee, LLC)
Task: {432AC888-5F17-41D6-865A-E4904EC3CCCC} - System32\Tasks\McAfee\WPS\McAfee Message Check => 1A62D23B-93C2-468A-B6B0-FFB2A23C1C0D
Task: {14DB256D-5667-4B82-95B0-EC07EFE9F383} - System32\Tasks\McAfee\WPS\McAfee PC Optimizer Task => 1A62D23B-93C2-468A-B6B0-FFB2A23C1C0D
Task: {B121FC72-D2FF-4740-91B0-F0583F527997} - System32\Tasks\McAfee\WPS\McAfee restart of PC => 1A62D23B-93C2-468A-B6B0-FFB2A23C1C0D
Task: {A424B035-4CAA-4405-B3B7-E5C5BBDE7244} - System32\Tasks\McAfee\WPS\McAfee Scheduled AV Scan => 1A62D23B-93C2-468A-B6B0-FFB2A23C1C0D
Task: {FEDAD849-E7AE-4449-8062-39370BDA16C2} - System32\Tasks\McAfee\WPS\McAfee Scheduled Tracker Remover => 1A62D23B-93C2-468A-B6B0-FFB2A23C1C0D
Task: {20CC69E6-3C01-437D-BE57-B33CCEC6CC56} - System32\Tasks\McAfee\wps\McAfee Updater => {81A7CB63-BB07-4DAD-8E72-07B3A9BB08E2} C:\Program Files\McAfee\wps\1.18.255.1\mc-update.exe [3296312 2024-05-21] (McAfee, LLC -> McAfee, LLC)
Task: {D42A8B46-F100-4A31-A5A9-36BB92435749} - System32\Tasks\McAfee\WPS\McAfee Virus Definition Update => 1A62D23B-93C2-468A-B6B0-FFB2A23C1C0D
Task: {9A4D0FEA-0D25-444E-A706-BF91B6D82966} - System32\Tasks\McAfee\WPS\McAfee Windows Notification Token => \\?\C:\Program Files\McAfee\wps\1.18.255.1\mc-wns-client\mc-wns-client.exe [923696 2024-05-21] (McAfee, LLC -> )
Task: {165723CE-CD0A-4CA4-9204-A854A61A02CC} - System32\Tasks\Microsoft\Office\Office Automatic Updates 2.0 => C:\Program Files\Common Files\Microsoft Shared\ClickToRun\OfficeC2RClient.exe [28498912 2024-05-26] (Microsoft Corporation -> Microsoft Corporation)
Task: {86BB7BB2-0E69-44F6-B529-A6EF87203701} - System32\Tasks\Microsoft\Office\Office ClickToRun Service Monitor => C:\Program Files\Common Files\Microsoft Shared\ClickToRun\OfficeC2RClient.exe [28498912 2024-05-26] (Microsoft Corporation -> Microsoft Corporation)
Task: {84F94102-6283-45A1-8517-CDF4EAD187B0} - System32\Tasks\Microsoft\Office\Office Feature Updates => C:\Program Files\Microsoft Office\root\Office16\sdxhelper.exe [309912 2024-06-03] (Microsoft Corporation -> Microsoft Corporation)
Task: {098E9272-DD23-47F2-8EE8-B68C67D346AF} - System32\Tasks\Microsoft\Office\Office Feature Updates Logon => C:\Program Files\Microsoft Office\root\Office16\sdxhelper.exe [309912 2024-06-03] (Microsoft Corporation -> Microsoft Corporation)
Task: {08E553E8-9162-4123-B4B9-8164F0C9F354} - System32\Tasks\Microsoft\Office\Office Performance Monitor => C:\Program Files\Microsoft Office\root\vfs\ProgramFilesCommonX64\Microsoft Shared\OFFICE16\operfmon.exe [169648 2024-06-03] (Microsoft Corporation -> Microsoft Corporation)
Task: {E0F10DCF-44AD-40E8-9370-FB5DA59F93FB} - System32\Tasks\Microsoft\Windows\UpdateOrchestrator\USO_UxBroker => %systemroot%\system32\MusNotification.exe (No File)
Task: {D94A5025-35E5-4C62-A548-313B9EF0459A} - System32\Tasks\Microsoft\Windows\Windows Defender\Windows Defender Cache Maintenance => C:\ProgramData\Microsoft\Windows Defender\Platform\4.18.24050.7-0\MpCmdRun.exe [1678960 2024-05-29] (Microsoft Windows Publisher -> Microsoft Corporation)
Task: {0C22429D-EC10-4089-BB0C-D203A9309A88} - System32\Tasks\Microsoft\Windows\Windows Defender\Windows Defender Cleanup => C:\ProgramData\Microsoft\Windows Defender\Platform\4.18.24050.7-0\MpCmdRun.exe [1678960 2024-05-29] (Microsoft Windows Publisher -> Microsoft Corporation)
Task: {F4FF6915-E6F6-4DD4-9716-8D717BA28150} - System32\Tasks\Microsoft\Windows\Windows Defender\Windows Defender Scheduled Scan => C:\ProgramData\Microsoft\Windows Defender\Platform\4.18.24050.7-0\MpCmdRun.exe [1678960 2024-05-29] (Microsoft Windows Publisher -> Microsoft Corporation)
Task: {208B172B-D273-42F7-BAFD-52DDBD5F686C} - System32\Tasks\Microsoft\Windows\Windows Defender\Windows Defender Verification => C:\ProgramData\Microsoft\Windows Defender\Platform\4.18.24050.7-0\MpCmdRun.exe [1678960 2024-05-29] (Microsoft Windows Publisher -> Microsoft Corporation)
Task: {73633390-BA10-40B7-B83E-CCE7AFC8D365} - System32\Tasks\Oem\AcerJumpstartTask => C:\Program Files (x86)\Acer\Acer Jumpstart\hermes.exe [70792 2022-08-15] (Acer Incorporated -> )
Task: {9CE5D1E6-DE80-404F-9182-30ABDFDF7054} - System32\Tasks\Oem\wlanBrokerTask => C:\Program Files (x86)\Acer\ExpressVPN\wlanBroker.exe [18224 2021-03-22] (Acer Incorporated -> )
Task: {DDA8D141-FF13-4008-B39F-C4825FED4A40} - System32\Tasks\Oem\xvpnHelperTask => C:\Users\milan\AppData\Local\OEM\PromoX\XvpnHelper\XvpnInstaller.exe [70016 2022-10-24] (Acer Incorporated -> )
Task: {052705E9-286A-4007-844F-10B2036FCE05} - System32\Tasks\Quick Access => C:\Program Files\Acer\Quick Access Service\QALauncher.exe [446824 2023-01-17] (Acer Incorporated -> Acer Incorporated)
Task: {011E43A6-20B3-4EEF-B5F4-0C26D8A1AAD8} - System32\Tasks\Software Update Application => C:\ProgramData\OEM\UpgradeTool\ListCheck.exe [461472 2022-12-20] (Acer Incorporated -> Acer Incorporated)
Task: {2572C9E2-16C1-49E9-9F79-89D4350CF6E0} - System32\Tasks\StorPSCTL => C:\Program Files\Acer\StorPSCTL\StorPSCTL.exe [153640 2021-03-29] (Acer Incorporated -> Microsoft)
Task: {E2DC6192-AFC2-4EE4-9167-1B1C522DD67B} - System32\Tasks\UbtFrameworkService => C:\Program Files\Acer\User Experience Improvement Program Service\Framework\TriggerFramework.exe [333152 2022-08-03] (Acer Incorporated -> Acer Incorporated)
Task: {1E1F952D-E6E3-4D80-BFE6-84AB3A0D943B} - System32\Tasks\UEIPInvitation => C:\Program Files\Acer\User Experience Improvement Program Service\Framework\UEIPOOBECheck.exe [2218336 2022-08-03] (Acer Incorporated -> Acer Incorporated)
(If an entry is included in the fixlist, the task (.job) file will be moved. The file which is running by the task will not be moved.)
==================== Internet (Whitelisted) ====================
(If an item is included in the fixlist, if it is a registry item it will be removed or restored to default.)
Tcpip\Parameters: [DhcpNameServer] 62.129.50.20 85.135.32.100
Tcpip\..\Interfaces\{0ff5396e-f223-4b34-9c84-b1f01871c2e9}: [DhcpNameServer] 62.129.50.20 85.135.32.100
Edge:
=======
Edge Profile: C:\Users\milan\AppData\Local\Microsoft\Edge\User Data\Default [2024-06-04]
Edge Extension: (Dokumenty Google offline) - C:\Users\milan\AppData\Local\Microsoft\Edge\User Data\Default\Extensions\ghbmnnjooekpmoecnnnilnnbdlolhkhi [2024-01-21]
Edge Extension: (Edge relevant text changes) - C:\Users\milan\AppData\Local\Microsoft\Edge\User Data\Default\Extensions\jmjflgjpcpepeafmmgdpfkogkghcpiha [2024-02-05]
FireFox:
========
FF Plugin: @microsoft.com/SharePoint,version=14.0 -> C:\Program Files\Microsoft Office\root\Office16\NPSPWRAP.DLL [2024-05-20] (Microsoft Corporation -> Microsoft Corporation)
FF Plugin-x32: @microsoft.com/SharePoint,version=14.0 -> C:\Program Files\Microsoft Office\root\VFS\ProgramFilesX86\Microsoft Office\Office16\NPSPWRAP.DLL [2024-05-20] (Microsoft Corporation -> Microsoft Corporation)
Chrome:
=======
CHR Profile: C:\Users\milan\AppData\Local\Google\Chrome\User Data\Default [2024-06-04]
CHR Extension: (McAfee® WebAdvisor) - C:\Users\milan\AppData\Local\Google\Chrome\User Data\Default\Extensions\fheoggkfdfchfphceeifdbepaooicaho [2024-05-20]
CHR Extension: (Dokumenty Google offline) - C:\Users\milan\AppData\Local\Google\Chrome\User Data\Default\Extensions\ghbmnnjooekpmoecnnnilnnbdlolhkhi [2024-06-04]
CHR Extension: (Platby Internetového obchodu Chrome) - C:\Users\milan\AppData\Local\Google\Chrome\User Data\Default\Extensions\nmmhkkegccagdldgiimedpiccmgmieda [2023-12-14]
CHR HKLM\...\Chrome\Extension: [fheoggkfdfchfphceeifdbepaooicaho]
CHR HKLM-x32\...\Chrome\Extension: [fheoggkfdfchfphceeifdbepaooicaho]
==================== Services (Whitelisted) ===================
(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)
R2 ACCSvc; C:\Program Files (x86)\Acer\Care Center\ACCSvc.exe [259432 2023-02-03] (Acer Incorporated -> Acer Incorporated)
R2 ClickToRunSvc; C:\Program Files\Common Files\Microsoft Shared\ClickToRun\OfficeClickToRun.exe [14012520 2024-05-26] (Microsoft Corporation -> Microsoft Corporation)
R2 fshoster; C:\Program Files (x86)\F-Secure\TOTAL\x64\fshoster64.exe [257416 2024-05-28] (F-Secure Corporation -> F-Secure Corporation)
R2 fsnethoster; C:\Program Files (x86)\F-Secure\TOTAL\x64\fshoster64.exe [257416 2024-05-28] (F-Secure Corporation -> F-Secure Corporation)
R2 fsnifwebhoster; C:\Program Files (x86)\F-Secure\TOTAL\FSNifWeb\1715672042\fshoster64.exe [414600 2024-05-17] (F-Secure Corporation -> F-Secure Corporation)
R2 fsulhoster; C:\Program Files (x86)\F-Secure\TOTAL\Ultralight\ulcore\1715597669\fshoster64.exe [738256 2024-05-21] (WithSecure Oyj -> WithSecure Corporation)
R2 fsulnethoster; C:\Program Files (x86)\F-Secure\TOTAL\Ultralight\ulcore\1715597669\fshoster64.exe [738256 2024-05-21] (WithSecure Oyj -> WithSecure Corporation)
R2 fsulorsp; C:\Program Files (x86)\F-Secure\TOTAL\Ultralight\ulcore\1715597669\fsorsp64.exe [109432 2024-05-21] (WithSecure Oyj -> F-Secure Corporation)
R2 fsulprothoster; C:\Program Files (x86)\F-Secure\TOTAL\Ultralight\ulcore\1715597669\fsulprothoster.exe [738256 2024-05-21] (WithSecure Oyj -> WithSecure Corporation)
R2 fsvpnsvc; C:\Program Files (x86)\F-Secure\TOTAL\x64\fsvpnservice_64.exe [2220936 2024-05-28] (F-Secure Corporation -> F-Secure Corporation)
S2 GoogleUpdaterInternalService127.0.6490.0; C:\Program Files (x86)\Google\GoogleUpdater\127.0.6490.0\updater.exe [4785440 2024-05-20] (Google LLC -> Google LLC)
S2 GoogleUpdaterService127.0.6490.0; C:\Program Files (x86)\Google\GoogleUpdater\127.0.6490.0\updater.exe [4785440 2024-05-20] (Google LLC -> Google LLC)
R2 IgoAudioService; C:\Windows\System32\DriverStore\FileRepository\igoaudioservice.inf_amd64_5480d357b22325cc\IgoAudioService_x64.exe [36512 2022-11-15] (British Cayman Islands Intelligo Technology Inc. Taiwan Branch -> Intelligo Technology Inc.)
R2 IntelAudioService; C:\Windows\System32\DriverStore\FileRepository\intcoed.inf_amd64_0f43cda6a2474b5c\AS\IAS\IntelAudioService.exe [531008 2022-01-26] (Intel Corporation -> Intel)
R2 mc-fw-host; C:\Program Files\McAfee\wps\1.18.255.1\mc-fw-host.exe [2711192 2024-05-21] (McAfee, LLC -> McAfee, LLC)
S3 mc-wps-update; C:\Program Files\McAfee\wps\1.18.255.1\mc-update.exe [3296312 2024-05-21] (McAfee, LLC -> McAfee, LLC)
R2 McAfee WebAdvisor; C:\Program Files\McAfee\WebAdvisor\ServiceHost.exe [879456 2024-05-17] (McAfee, LLC -> McAfee, LLC)
R2 MDCoreSvc; C:\ProgramData\Microsoft\Windows Defender\Platform\4.18.24050.7-0\MpDefenderCoreService.exe [1505416 2024-05-29] (Microsoft Windows Publisher -> Microsoft Corporation)
S3 QALSvc; C:\Program Files\Acer\Quick Access Service\QALSvc.exe [466280 2023-01-17] (Acer Incorporated -> Acer Incorporated)
R3 QASvc; C:\Program Files\Acer\Quick Access Service\QASvc.exe [504680 2023-01-17] (Acer Incorporated -> Acer Incorporated)
S3 UEIPSvc; C:\Program Files\Acer\User Experience Improvement Program Service\Framework\UBTService.exe [337760 2022-08-03] (Acer Incorporated -> Acer Incorporated)
R3 WdNisSvc; C:\ProgramData\Microsoft\Windows Defender\Platform\4.18.24050.7-0\NisSrv.exe [3236728 2024-05-29] (Microsoft Windows Publisher -> Microsoft Corporation)
R2 WinDefend; C:\ProgramData\Microsoft\Windows Defender\Platform\4.18.24050.7-0\MsMpEng.exe [133704 2024-05-29] (Microsoft Windows Publisher -> Microsoft Corporation)
===================== Drivers (Whitelisted) ===================
(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)
R3 AcerAirplaneModeController; C:\Windows\System32\drivers\AcerAirplaneModeController.sys [36800 2022-06-01] (Acer Incorporated -> Acer Incorporated)
R3 F-Secure Gatekeeper; C:\Program Files (x86)\F-Secure\TOTAL\Ultralight\ulcore\1715597669\fsulgk.sys [482480 2024-05-21] (Microsoft Windows Hardware Compatibility Publisher -> WithSecure Corporation)
R0 fse; C:\Windows\System32\drivers\fse.sys [218592 2024-05-26] (Microsoft Windows -> Microsoft Corporation)
S0 fselms; C:\Windows\System32\drivers\fselms.sys [17400 2023-12-25] (Microsoft Windows Early Launch Anti-malware Publisher -> WithSecure Corporation)
R2 fsnif2; C:\Program Files (x86)\F-Secure\TOTAL\Ultralight\nif2\1710924332\nif2s64.sys [186048 2024-05-20] (Microsoft Windows Hardware Compatibility Publisher -> WithSecure Corporation)
R3 fsvpnwintun; C:\Windows\System32\drivers\fsvpnwintun.sys [31256 2023-12-04] (Microsoft Windows Hardware Compatibility Publisher -> F-Secure Corporation)
R3 iaLPSS2_GPIO2_TGL; C:\Windows\System32\DriverStore\FileRepository\ialpss2_gpio2_tgl.inf_amd64_d0e63c4e3754f42f\iaLPSS2_GPIO2_TGL.sys [128152 2020-08-12] (Intel Corporation -> Intel Corporation)
R3 iaLPSS2_I2C_TGL; C:\Windows\System32\DriverStore\FileRepository\ialpss2_i2c_tgl.inf_amd64_ab87bf17a571e523\iaLPSS2_I2C_TGL.sys [197272 2020-08-12] (Intel Corporation -> Intel Corporation)
S3 iaLPSS2_SPI_TGL; C:\Windows\System32\DriverStore\FileRepository\ialpss2_spi_tgl.inf_amd64_b6ea3d48ee329530\iaLPSS2_SPI_TGL.sys [155816 2020-08-12] (Intel Corporation -> Intel Corporation)
S3 iaLPSS2_UART2_TGL; C:\Windows\System32\DriverStore\FileRepository\ialpss2_uart2_tgl.inf_amd64_1a8e964d43720594\iaLPSS2_UART2_TGL.sys [310440 2020-08-12] (Intel Corporation -> Intel Corporation)
R0 iaStorVD; C:\Windows\System32\drivers\iaStorVD.sys [1544912 2021-08-29] (Intel Corporation -> Intel Corporation)
R3 IntcUSB; C:\Windows\System32\DriverStore\FileRepository\intcusb.inf_amd64_2cc98897d8dddf62\IntcUSB.sys [882280 2022-01-26] (Intel Corporation -> Intel(R) Corporation)
R3 IntelGNA; C:\Windows\System32\DriverStore\FileRepository\gna.inf_amd64_689d3d5fefeef458\gna.sys [84880 2020-11-06] (Gaussian Mixture Models and Neural Networks Accelerator -> Intel Corporation)
S0 mfeelam; C:\Windows\System32\DRIVERS\mfeelam.sys [19536 2024-05-21] (Microsoft Windows Early Launch Anti-malware Publisher -> McAfee, LLC)
R0 mfesec; C:\Windows\System32\DRIVERS\mfesec.sys [85304 2024-05-21] (McAfee, LLC -> McAfee, LLC)
R3 MpKslbbd9fe76; C:\ProgramData\Microsoft\Windows Defender\Definition Updates\{1CA11CDC-A096-4EC9-91DE-DFAE92C21A2F}\MpKslDrv.sys [271648 2024-06-04] (Microsoft Windows -> Microsoft Corporation)
S3 rtcx21; C:\Windows\System32\DriverStore\FileRepository\rtcx21x64.inf_amd64_516e5c9b75c49dc2\rtcx21x64.sys [539648 2022-05-06] (Microsoft Windows -> Realtek)
S3 vmbusproxy; C:\Windows\system32\drivers\vmbusproxy.sys [94208 2024-05-26] (Microsoft Windows -> )
S0 WdBoot; C:\Windows\System32\drivers\wd\WdBoot.sys [22080 2024-05-29] (Microsoft Windows Early Launch Anti-malware Publisher -> Microsoft Corporation)
R0 WdFilter; C:\Windows\System32\drivers\wd\WdFilter.sys [602520 2024-05-29] (Microsoft Windows -> Microsoft Corporation)
R3 WdNisDrv; C:\Windows\System32\drivers\wd\WdNisDrv.sys [105880 2024-05-29] (Microsoft Windows -> Microsoft Corporation)
==================== NetSvcs (Whitelisted) ===================
(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)
==================== One month (created) (Whitelisted) =========
(If an entry is included in the fixlist, the file/folder will be moved.)
2024-06-04 13:18 - 2024-06-04 13:18 - 000026082 _____ C:\Users\milan\Desktop\FRST.txt
2024-06-04 10:17 - 2024-06-04 10:17 - 000727012 _____ C:\Windows\system32\perfh005.dat
2024-06-04 10:17 - 2024-06-04 10:17 - 000151244 _____ C:\Windows\system32\perfc005.dat
2024-06-04 10:11 - 2024-06-04 10:12 - 000000000 ____D C:\AdwCleaner
2024-06-04 10:09 - 2024-06-04 10:09 - 008790880 _____ (Malwarebytes) C:\Users\milan\Desktop\adwcleaner.exe
2024-06-04 08:24 - 2024-06-04 13:18 - 000000000 ____D C:\FRST
2024-06-04 08:23 - 2024-06-04 08:24 - 002395136 _____ (Farbar) C:\Users\milan\Desktop\FRST64.exe
2024-06-04 08:23 - 2024-06-04 08:23 - 002093056 _____ (Farbar) C:\Users\milan\Downloads\FRST.exe
2024-06-03 14:07 - 2024-06-03 14:07 - 000000000 ____D C:\Program Files\Common Files\DESIGNER
2024-06-03 10:55 - 2024-06-03 10:55 - 000065514 _____ C:\Users\milan\Downloads\Marek-Pšenica.pdf
2024-06-01 21:02 - 2024-06-01 21:02 - 000007446 _____ C:\Users\milan\AppData\Local\recently-used.xbel
2024-06-01 21:01 - 2024-06-01 21:01 - 000000000 ____D C:\Users\milan\AppData\Local\OneDrive
2024-06-01 19:24 - 2024-06-01 20:11 - 000000000 ____D C:\Users\milan\AppData\Local\gtk-2.0
2024-06-01 18:59 - 2024-06-01 18:59 - 000000000 ____D C:\Users\milan\AppData\Local\fontconfig
2024-06-01 18:58 - 2024-06-01 21:02 - 000000000 ____D C:\Users\milan\AppData\Local\babl-0.1
2024-06-01 18:58 - 2024-06-01 18:58 - 000000950 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Programs\GIMP 2.10.38.lnk
2024-06-01 18:58 - 2024-06-01 18:58 - 000000938 _____ C:\Users\Public\Desktop\GIMP 2.10.38.lnk
2024-06-01 18:58 - 2024-06-01 18:58 - 000000000 ____D C:\Users\milan\AppData\Roaming\GIMP
2024-06-01 18:58 - 2024-06-01 18:58 - 000000000 ____D C:\Users\milan\AppData\Local\GIMP
2024-06-01 18:58 - 2024-06-01 18:58 - 000000000 ____D C:\Users\milan\AppData\Local\gegl-0.4
2024-06-01 18:56 - 2024-06-01 18:58 - 000000000 ____D C:\Program Files\GIMP 2
2024-05-31 09:07 - 2024-05-31 09:07 - 000000000 ____D C:\Users\milan\AppData\Roaming\Microsoft\Office
2024-05-31 09:07 - 2024-05-31 09:07 - 000000000 ____D C:\Users\milan\AppData\Roaming\Microsoft\Excel
2024-05-31 09:07 - 2024-05-31 09:07 - 000000000 ____D C:\Users\milan\AppData\Roaming\Microsoft\AddIns
2024-05-30 07:48 - 2024-05-30 07:48 - 000000000 ____D C:\ProgramData\Mozilla-1de4eec8-1241-4177-a864-e594e8d1fb38
2024-05-27 09:41 - 2024-05-27 09:41 - 000000000 ____D C:\Users\milan\AppData\Local\Backup
2024-05-27 00:31 - 2024-05-27 00:31 - 000000000 ____D C:\Windows\SysWOW64\DDFs
2024-05-27 00:31 - 2024-05-27 00:31 - 000000000 ____D C:\Windows\system32\Microsoft-Edge-WebView
2024-05-27 00:31 - 2024-05-27 00:31 - 000000000 ____D C:\Windows\InboxApps
2024-05-26 23:05 - 2024-05-26 23:05 - 000060462 _____ C:\Windows\SysWOW64\ctac.json
2024-05-26 23:05 - 2024-05-26 23:05 - 000024320 _____ C:\Windows\SysWOW64\IntegratedServicesRegionPolicySet.json
2024-05-26 23:00 - 2024-05-26 23:00 - 000060462 _____ C:\Windows\system32\ctac.json
2024-05-26 23:00 - 2024-05-26 23:00 - 000024320 _____ C:\Windows\system32\IntegratedServicesRegionPolicySet.json
2024-05-24 09:17 - 2024-05-24 09:17 - 000000000 ____H C:\Windows\system32\Drivers\Msft_User_WpdMtpDr_01_11_00.Wdf
2024-05-24 09:16 - 2024-05-24 09:16 - 000000000 ____H C:\Windows\system32\Drivers\Msft_User_WpdFs_01_11_00.Wdf
2024-05-22 08:10 - 2024-05-22 08:10 - 000000000 ____D C:\Program Files\Common Files\DynamicAppDownloader
2024-05-21 22:29 - 2024-05-21 22:29 - 000000000 ____D C:\Windows\system32\Tasks\CareCenter
2024-05-20 17:45 - 2024-05-20 17:45 - 000000000 ____D C:\Users\milan\AppData\Roaming\Microsoft\Network
2024-05-17 10:33 - 2024-05-17 10:33 - 000000000 ____D C:\Windows\system32\Tasks\GoogleSystem
==================== One month (modified) ==================
(If an entry is included in the fixlist, the file/folder will be moved.)
2024-06-04 13:16 - 2023-07-31 10:02 - 000000000 ____D C:\Windows\system32\SleepStudy
2024-06-04 13:16 - 2022-05-07 07:24 - 000000000 ___HD C:\Program Files\WindowsApps
2024-06-04 13:16 - 2022-05-07 07:24 - 000000000 ____D C:\Windows\AppReadiness
2024-06-04 13:15 - 2022-05-07 07:24 - 000000000 ____D C:\Windows\SystemTemp
2024-06-04 13:15 - 2022-05-07 07:24 - 000000000 ____D C:\ProgramData\regid.1991-06.com.microsoft
2024-06-04 10:17 - 2023-07-31 10:13 - 001718036 _____ C:\Windows\system32\PerfStringBackup.INI
2024-06-04 10:17 - 2022-05-07 07:22 - 000000000 ____D C:\Windows\INF
2024-06-04 10:15 - 2023-12-14 20:20 - 000000000 ____D C:\Users\milan\AppData\Local\D3DSCache
2024-06-04 10:12 - 2023-12-14 20:19 - 000000000 __SHD C:\Users\milan\IntelGraphicsProfiles
2024-06-04 10:12 - 2023-07-31 10:12 - 000003310 _____ C:\Windows\system32\Tasks\iGoAudioTask
2024-06-04 10:12 - 2023-07-31 10:02 - 000012288 ___SH C:\DumpStack.log.tmp
2024-06-04 10:12 - 2023-07-31 10:02 - 000000006 ____H C:\Windows\Tasks\SA.DAT
2024-06-04 10:12 - 2023-07-31 10:02 - 000000000 ___HD C:\Intel
2024-06-04 10:12 - 2022-05-07 07:24 - 000000000 ____D C:\Windows\ServiceState
2024-06-04 10:12 - 2022-05-07 07:17 - 000786432 _____ C:\Windows\system32\config\BBI
2024-06-04 07:55 - 2023-12-14 20:12 - 000000000 ____D C:\Users\milan\AppData\Local\Host App Service
2024-06-03 23:16 - 2023-12-14 20:20 - 000000000 ____D C:\Users\milan\AppData\Local\Packages
2024-06-03 23:16 - 2023-12-13 01:47 - 000000000 ____D C:\ProgramData\Packages
2024-06-03 14:06 - 2023-07-31 10:33 - 000000000 ____D C:\Program Files\Microsoft Office
2024-06-03 13:38 - 2023-12-25 15:53 - 000003362 _____ C:\Windows\system32\Tasks\McAfee OEM Subscription job
2024-06-03 07:49 - 2024-02-11 13:38 - 000000000 ____D C:\Users\milan\AppData\Local\CrashDumps
2024-05-31 21:07 - 2023-07-31 10:02 - 000002440 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Microsoft Edge.lnk
2024-05-30 23:06 - 2023-12-14 20:26 - 000002251 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Google Chrome.lnk
2024-05-30 23:06 - 2023-12-14 20:26 - 000002210 _____ C:\Users\Public\Desktop\Google Chrome.lnk
2024-05-30 07:32 - 2023-12-14 20:21 - 000003588 _____ C:\Windows\system32\Tasks\OneDrive Reporting Task-S-1-5-21-1522692154-720549613-4100842380-1001
2024-05-30 07:32 - 2023-12-14 20:21 - 000003378 _____ C:\Windows\system32\Tasks\OneDrive Standalone Update Task-S-1-5-21-1522692154-720549613-4100842380-1001
2024-05-30 07:32 - 2023-12-14 20:21 - 000002381 _____ C:\Users\milan\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\OneDrive.lnk
2024-05-29 15:02 - 2023-07-31 10:02 - 000001623 _____ C:\Windows\system32\config\VSMIDK
2024-05-29 14:48 - 2023-12-14 20:21 - 000000000 ____D C:\Users\milan\AppData\Local\PlaceholderTileLogoFolder
2024-05-29 14:31 - 2023-07-31 11:02 - 000000000 ____D C:\Windows\Panther
2024-05-29 11:26 - 2023-12-25 16:18 - 000002257 _____ C:\Users\Public\Desktop\F-Secure.lnk
2024-05-29 01:56 - 2023-07-31 10:02 - 000000000 ____D C:\Windows\system32\Drivers\wd
2024-05-27 07:36 - 2022-05-07 07:24 - 000000000 ____D C:\ProgramData\USOPrivate
2024-05-27 00:34 - 2023-12-14 20:20 - 000002350 _____ C:\Users\milan\Desktop\Microsoft Edge.lnk
2024-05-27 00:34 - 2023-12-14 20:12 - 000000000 ____D C:\Users\milan\AppData\Roaming\Microsoft\Spelling
2024-05-27 00:32 - 2023-07-31 10:02 - 000474816 _____ C:\Windows\system32\FNTCACHE.DAT
2024-05-27 00:31 - 2022-07-05 17:29 - 000000000 ____D C:\Windows\SysWOW64\cs
2024-05-27 00:31 - 2022-07-05 17:29 - 000000000 ____D C:\Windows\system32\cs
2024-05-27 00:31 - 2022-05-07 07:24 - 000000000 ___SD C:\Windows\SysWOW64\F12
2024-05-27 00:31 - 2022-05-07 07:24 - 000000000 ___SD C:\Windows\SysWOW64\DiagSvcs
2024-05-27 00:31 - 2022-05-07 07:24 - 000000000 ___SD C:\Windows\system32\UNP
2024-05-27 00:31 - 2022-05-07 07:24 - 000000000 ___SD C:\Windows\system32\F12
2024-05-27 00:31 - 2022-05-07 07:24 - 000000000 ___SD C:\Windows\system32\DiagSvcs
2024-05-27 00:31 - 2022-05-07 07:24 - 000000000 ___RD C:\Windows\PrintDialog
2024-05-27 00:31 - 2022-05-07 07:24 - 000000000 ___RD C:\Windows\ImmersiveControlPanel
2024-05-27 00:31 - 2022-05-07 07:24 - 000000000 ____D C:\Windows\WUModels
2024-05-27 00:31 - 2022-05-07 07:24 - 000000000 ____D C:\Windows\UUS
2024-05-27 00:31 - 2022-05-07 07:24 - 000000000 ____D C:\Windows\SysWOW64\WinMetadata
2024-05-27 00:31 - 2022-05-07 07:24 - 000000000 ____D C:\Windows\SysWOW64\vi-VN
2024-05-27 00:31 - 2022-05-07 07:24 - 000000000 ____D C:\Windows\SysWOW64\setup
2024-05-27 00:31 - 2022-05-07 07:24 - 000000000 ____D C:\Windows\SysWOW64\PerceptionSimulation
2024-05-27 00:31 - 2022-05-07 07:24 - 000000000 ____D C:\Windows\SysWOW64\oobe
2024-05-27 00:31 - 2022-05-07 07:24 - 000000000 ____D C:\Windows\SysWOW64\lv-LV
2024-05-27 00:31 - 2022-05-07 07:24 - 000000000 ____D C:\Windows\SysWOW64\lt-LT
2024-05-27 00:31 - 2022-05-07 07:24 - 000000000 ____D C:\Windows\SysWOW64\id-ID
2024-05-27 00:31 - 2022-05-07 07:24 - 000000000 ____D C:\Windows\SysWOW64\gl-ES
2024-05-27 00:31 - 2022-05-07 07:24 - 000000000 ____D C:\Windows\SysWOW64\eu-ES
2024-05-27 00:31 - 2022-05-07 07:24 - 000000000 ____D C:\Windows\SysWOW64\et-EE
2024-05-27 00:31 - 2022-05-07 07:24 - 000000000 ____D C:\Windows\SysWOW64\es-MX
2024-05-27 00:31 - 2022-05-07 07:24 - 000000000 ____D C:\Windows\SysWOW64\Dism
2024-05-27 00:31 - 2022-05-07 07:24 - 000000000 ____D C:\Windows\SysWOW64\ca-ES
2024-05-27 00:31 - 2022-05-07 07:24 - 000000000 ____D C:\Windows\SystemResources
2024-05-27 00:31 - 2022-05-07 07:24 - 000000000 ____D C:\Windows\SystemApps
2024-05-27 00:31 - 2022-05-07 07:24 - 000000000 ____D C:\Windows\system32\WinMetadata
2024-05-27 00:31 - 2022-05-07 07:24 - 000000000 ____D C:\Windows\system32\WinBioPlugIns
2024-05-27 00:31 - 2022-05-07 07:24 - 000000000 ____D C:\Windows\system32\vi-VN
2024-05-27 00:31 - 2022-05-07 07:24 - 000000000 ____D C:\Windows\system32\SystemResetPlatform
2024-05-27 00:31 - 2022-05-07 07:24 - 000000000 ____D C:\Windows\system32\ShellExperiences
2024-05-27 00:31 - 2022-05-07 07:24 - 000000000 ____D C:\Windows\system32\Sgrm
2024-05-27 00:31 - 2022-05-07 07:24 - 000000000 ____D C:\Windows\system32\setup
2024-05-27 00:31 - 2022-05-07 07:24 - 000000000 ____D C:\Windows\system32\SecureBootUpdates
2024-05-27 00:31 - 2022-05-07 07:24 - 000000000 ____D C:\Windows\system32\PerceptionSimulation
2024-05-27 00:31 - 2022-05-07 07:24 - 000000000 ____D C:\Windows\system32\oobe
2024-05-27 00:31 - 2022-05-07 07:24 - 000000000 ____D C:\Windows\system32\migwiz
2024-05-27 00:31 - 2022-05-07 07:24 - 000000000 ____D C:\Windows\system32\lv-LV
2024-05-27 00:31 - 2022-05-07 07:24 - 000000000 ____D C:\Windows\system32\lt-LT
2024-05-27 00:31 - 2022-05-07 07:24 - 000000000 ____D C:\Windows\system32\id-ID
2024-05-27 00:31 - 2022-05-07 07:24 - 000000000 ____D C:\Windows\system32\HealthAttestationClient
2024-05-27 00:31 - 2022-05-07 07:24 - 000000000 ____D C:\Windows\system32\gl-ES
2024-05-27 00:31 - 2022-05-07 07:24 - 000000000 ____D C:\Windows\system32\eu-ES
2024-05-27 00:31 - 2022-05-07 07:24 - 000000000 ____D C:\Windows\system32\et-EE
2024-05-27 00:31 - 2022-05-07 07:24 - 000000000 ____D C:\Windows\system32\es-MX
2024-05-27 00:31 - 2022-05-07 07:24 - 000000000 ____D C:\Windows\system32\Dism
2024-05-27 00:31 - 2022-05-07 07:24 - 000000000 ____D C:\Windows\system32\DDFs
2024-05-27 00:31 - 2022-05-07 07:24 - 000000000 ____D C:\Windows\system32\ca-ES
2024-05-27 00:31 - 2022-05-07 07:24 - 000000000 ____D C:\Windows\system32\appraiser
2024-05-27 00:31 - 2022-05-07 07:24 - 000000000 ____D C:\Windows\ShellExperiences
2024-05-27 00:31 - 2022-05-07 07:24 - 000000000 ____D C:\Windows\ShellComponents
2024-05-27 00:31 - 2022-05-07 07:24 - 000000000 ____D C:\Windows\Provisioning
2024-05-27 00:31 - 2022-05-07 07:24 - 000000000 ____D C:\Windows\PolicyDefinitions
2024-05-27 00:31 - 2022-05-07 07:24 - 000000000 ____D C:\Windows\DiagTrack
2024-05-27 00:31 - 2022-05-07 07:24 - 000000000 ____D C:\Windows\BrowserCore
2024-05-27 00:31 - 2022-05-07 07:24 - 000000000 ____D C:\Windows\bcastdvr
2024-05-27 00:31 - 2022-05-07 07:24 - 000000000 ____D C:\Windows\appcompat
2024-05-27 00:31 - 2022-05-07 07:24 - 000000000 ____D C:\Program Files\Common Files\System
2024-05-27 00:31 - 2022-05-07 07:17 - 000000000 ____D C:\Windows\servicing
2024-05-26 23:20 - 2022-05-07 07:17 - 000000000 ____D C:\Windows\CbsTemp
2024-05-26 23:18 - 2022-05-07 08:10 - 000036864 _____ (Microsoft Corporation) C:\Windows\system32\OEMDefaultAssociations.dll
2024-05-26 23:18 - 2022-05-07 08:10 - 000023775 _____ C:\Windows\system32\OEMDefaultAssociations.xml
2024-05-26 23:18 - 2022-05-07 07:25 - 000209920 _____ (Microsoft Corporation) C:\Windows\SysWOW64\msclmd.dll
2024-05-26 23:18 - 2022-05-07 07:25 - 000077312 _____ (Khronos Group) C:\Windows\SysWOW64\opencl.dll
2024-05-26 23:18 - 2022-05-07 07:24 - 000249856 _____ (Microsoft Corporation) C:\Windows\system32\msclmd.dll
2024-05-26 23:18 - 2022-05-07 07:24 - 000118784 _____ (Khronos Group) C:\Windows\system32\opencl.dll
2024-05-26 23:05 - 2023-07-31 10:04 - 003214336 _____ (Microsoft Corporation) C:\Windows\SysWOW64\PrintConfig.dll
2024-05-26 22:33 - 2023-07-31 10:02 - 000003640 _____ C:\Windows\system32\Tasks\MicrosoftEdgeUpdateTaskMachineUA
2024-05-26 22:33 - 2023-07-31 10:02 - 000003516 _____ C:\Windows\system32\Tasks\MicrosoftEdgeUpdateTaskMachineCore
2024-05-22 23:06 - 2023-12-25 16:17 - 000000000 ____D C:\Program Files\dotnet
2024-05-22 23:06 - 2023-07-31 10:32 - 000000000 ____D C:\ProgramData\Package Cache
2024-05-21 23:11 - 2023-12-25 15:52 - 000085304 _____ (McAfee, LLC) C:\Windows\system32\Drivers\mfesec.sys
2024-05-21 23:11 - 2023-12-25 15:52 - 000019536 _____ (McAfee, LLC) C:\Windows\system32\Drivers\mfeelam.sys
2024-05-21 23:11 - 2022-05-07 07:24 - 000000000 ___HD C:\Windows\ELAMBKUP
2024-05-21 22:24 - 2022-05-07 08:10 - 000000000 ____D C:\Program Files\Windows Photo Viewer
2024-05-21 22:24 - 2022-05-07 08:10 - 000000000 ____D C:\Program Files (x86)\Windows Photo Viewer
2024-05-21 22:24 - 2022-05-07 08:01 - 000000000 ____D C:\Windows\SysWOW64\winrm
2024-05-21 22:24 - 2022-05-07 08:01 - 000000000 ____D C:\Windows\SysWOW64\WCN
2024-05-21 22:24 - 2022-05-07 08:01 - 000000000 ____D C:\Windows\SysWOW64\slmgr
2024-05-21 22:24 - 2022-05-07 08:01 - 000000000 ____D C:\Windows\SysWOW64\Printing_Admin_Scripts
2024-05-21 22:24 - 2022-05-07 08:01 - 000000000 ____D C:\Windows\system32\winrm
2024-05-21 22:24 - 2022-05-07 08:01 - 000000000 ____D C:\Windows\system32\WCN
2024-05-21 22:24 - 2022-05-07 08:01 - 000000000 ____D C:\Windows\system32\slmgr
2024-05-21 22:24 - 2022-05-07 08:01 - 000000000 ____D C:\Windows\system32\Printing_Admin_Scripts
2024-05-21 22:24 - 2022-05-07 07:24 - 000000000 ____D C:\Windows\system32\Sysprep
2024-05-21 22:24 - 2022-05-07 07:24 - 000000000 ____D C:\Windows\OCR
2024-05-21 22:24 - 2022-05-07 07:24 - 000000000 ____D C:\Windows\IME
2024-05-21 22:24 - 2022-05-07 07:24 - 000000000 ____D C:\Program Files\Windows Defender
2024-05-21 22:24 - 2022-05-07 07:24 - 000000000 ____D C:\Program Files (x86)\Windows Defender
2024-05-21 11:28 - 2024-01-21 14:31 - 000000000 ____D C:\Windows\system32\MRT
2024-05-21 11:27 - 2024-01-21 14:30 - 196465576 ____C (Microsoft Corporation) C:\Windows\system32\MRT.exe
2024-05-21 09:08 - 2022-05-07 07:24 - 000000000 ____D C:\Windows\system32\AppLocker
2024-05-20 17:56 - 2022-05-07 07:24 - 000000000 ____D C:\Program Files\Common Files\microsoft shared
2024-05-20 17:55 - 2023-12-25 16:18 - 000000000 ____D C:\Windows\system32\Tasks\F-Secure
2024-05-20 17:45 - 2022-05-07 07:24 - 000000000 ____D C:\Windows\system32\SecurityHealth
2024-05-20 15:01 - 2023-12-14 20:25 - 000000000 ____D C:\Program Files (x86)\Google
2024-05-20 15:01 - 2023-07-31 10:35 - 000000000 ____D C:\ProgramData\McAfee
2024-05-17 10:39 - 2022-05-07 07:17 - 000032768 _____ C:\Windows\system32\config\ELAM
==================== Files in the root of some directories ========
2024-06-01 21:02 - 2024-06-01 21:02 - 000007446 _____ () C:\Users\milan\AppData\Local\recently-used.xbel
==================== SigCheck ============================
(There is no automatic fix for files that do not pass verification.)
==================== End of FRST.txt ========================
Additional scan result of Farbar Recovery Scan Tool (x64) Version: 01.06.2024
Ran by milan (04-06-2024 13:19:55)
Running from C:\Users\milan\Desktop
Microsoft Windows 11 Home Version 23H2 22631.3593 (X64) (2023-12-12 23:46:57)
Boot Mode: Normal
==========================================================
==================== Accounts: =============================
(If an entry is included in the fixlist, it will be removed.)
Administrator (S-1-5-21-1522692154-720549613-4100842380-500 - Administrator - Disabled)
DefaultAccount (S-1-5-21-1522692154-720549613-4100842380-503 - Limited - Disabled)
Guest (S-1-5-21-1522692154-720549613-4100842380-501 - Limited - Disabled)
milan (S-1-5-21-1522692154-720549613-4100842380-1001 - Administrator - Enabled) => C:\Users\milan
WDAGUtilityAccount (S-1-5-21-1522692154-720549613-4100842380-504 - Limited - Disabled)
==================== Security Center ========================
(If an entry is included in the fixlist, it will be removed.)
AV: F-Secure (Disabled - Up to date) {DA5F8466-F00B-8E6B-6CB8-5AE55C9EBDCD}
AV: Windows Defender (Enabled - Up to date) {D68DDC3A-831F-4fae-9E44-DA132C1ACF46}
AV: McAfee (Disabled - Up to date) {0BE13B34-492A-21C0-AE43-C1742279CCB6}
FW: McAfee (Disabled) {33DABA11-0345-2098-851C-6841DCAA8BCD}
==================== Installed Programs ======================
(Only the adware programs with "Hidden" flag could be added to the fixlist to unhide them. The adware programs should be uninstalled manually.)
Acer Configuration Manager (HKLM-x32\...\{83EE3016-BFF3-4249-9DB8-2FC92D6DE9E6}) (Version: 2.5.22250 - Acer)
Acer Jumpstart (HKLM-x32\...\{0C5ED25A-B8D1-4E71-BFCB-6B370A4EA19C}) (Version: 3.5.22220.20 - Acer)
Care Center Service (HKLM\...\{AFB52E98-7597-4484-9202-58F0FD3512ED}) (Version: 4.00.3054 - Acer Incorporated)
ExpressVPN (HKLM-x32\...\{5B1D5290-DC0D-43D1-8220-8BB29BDDA0BE}) (Version: 2.5.22300.30 - Acer)
F-Secure (HKLM\...\{EB5A2E16-9F92-4CE0-85B2-0085FEF08034}) (Version: 19.4 - F-Secure Corporation)
GIMP 2.10.38 (HKLM\...\GIMP-2_is1) (Version: 2.10.38 - The GIMP Team)
Google Chrome (HKLM-x32\...\Google Chrome) (Version: 125.0.6422.114 - Google LLC)
McAfee (HKLM\...\McAfee.wps) (Version: 1.18.255.1 - McAfee, LLC)
Microsoft .NET Host - 6.0.28 (x64) (HKLM\...\{CA84969C-64F9-4606-A998-E692A5DA9B9F}) (Version: 48.112.10439 - Microsoft Corporation) Hidden
Microsoft .NET Host FX Resolver - 6.0.28 (x64) (HKLM\...\{7C4254A1-17EE-4840-B9D3-7CA9B34C75CD}) (Version: 48.112.10439 - Microsoft Corporation) Hidden
Microsoft .NET Runtime - 6.0.28 (x64) (HKLM\...\{4BCC5DFD-5D10-4ACC-AAA9-8A1578A9F0C6}) (Version: 48.112.10439 - Microsoft Corporation) Hidden
Microsoft 365 - cs-cz (HKLM\...\O365HomePremRetail - cs-cz) (Version: 16.0.17628.20110 - Microsoft Corporation)
Microsoft Edge (HKLM-x32\...\Microsoft Edge) (Version: 125.0.2535.79 - Microsoft Corporation)
Microsoft Edge WebView2 Runtime (HKLM-x32\...\Microsoft EdgeWebView) (Version: 125.0.2535.79 - Microsoft Corporation)
Microsoft OneDrive (HKU\S-1-5-21-1522692154-720549613-4100842380-1001\...\OneDriveSetup.exe) (Version: 24.103.0521.0002 - Microsoft Corporation)
Microsoft OneNote - cs-cz (HKLM\...\OneNoteFreeRetail - cs-cz) (Version: 16.0.17628.20110 - Microsoft Corporation)
Microsoft Visual C++ 2015-2019 Redistributable (x86) - 14.25.28508 (HKLM-x32\...\{65e650ff-30be-469d-b63a-418d71ea1765}) (Version: 14.25.28508.3 - Microsoft Corporation)
Microsoft Visual C++ 2019 X86 Additional Runtime - 14.25.28508 (HKLM-x32\...\{0FA68574-690B-4B00-89AA-B28946231449}) (Version: 14.25.28508 - Microsoft Corporation) Hidden
Microsoft Visual C++ 2019 X86 Minimum Runtime - 14.25.28508 (HKLM-x32\...\{2BC3BD4D-FABA-4394-93C7-9AC82A263FE2}) (Version: 14.25.28508 - Microsoft Corporation) Hidden
Microsoft Windows Desktop Runtime - 6.0.28 (x64) (HKLM\...\{443A7BE8-E5BE-4514-BDAB-0A872E3E846B}) (Version: 48.112.10435 - Microsoft Corporation) Hidden
Microsoft Windows Desktop Runtime - 6.0.28 (x64) (HKLM-x32\...\{bd3c5800-9256-43b9-97a7-eb349fc38d78}) (Version: 6.0.28.33420 - Microsoft Corporation)
Office 16 Click-to-Run Extensibility Component (HKLM\...\{90160000-008C-0000-1000-0000000FF1CE}) (Version: 16.0.17628.20110 - Microsoft Corporation) Hidden
Office 16 Click-to-Run Licensing Component (HKLM\...\{90160000-007E-0000-1000-0000000FF1CE}) (Version: 16.0.17628.20102 - Microsoft Corporation) Hidden
Quick Access Service (HKLM\...\{AB25551C-74EF-4BAB-9989-891517FCF9FF}) (Version: 3.00.3052 - Acer Incorporated)
Realtek Audio Driver (HKLM-x32\...\{F132AF7F-7BCA-4EDE-8A7C-958108FE7DBC}) (Version: 6.0.9172.1 - Realtek Semiconductor Corp.)
User Experience Improvement Program Service (HKLM\...\{323EA05D-046D-449D-9D7C-89243C957CCE}) (Version: 5.00.3018 - Acer Incorporated)
WebAdvisor od společnosti McAfee (HKLM-x32\...\{35ED3F83-4BDC-4c44-8EC6-6A8301C7413A}) (Version: 4.1.1.898 - McAfee, LLC)
Packages:
=========
Acer Product Registration -> C:\Program Files\WindowsApps\AcerIncorporated.AcerRegistration_2.0.3044.0_x64__48frkmn4z8aw4 [2023-12-28] (Acer Incorporated)
Acer Purified Voice Console -> C:\Program Files\WindowsApps\IntelligoTechnologyInc.AcerPurifiedVoiceConsole_1.0.34.0_x64__zzw691tb7va64 [2024-05-21] (Intelligo Technology Inc.)
AppUp.IntelGraphicsExperience -> C:\Program Files\WindowsApps\AppUp.IntelGraphicsExperience_1.100.5487.0_x64__8j3eq9eme6ctt [2024-05-21] (INTEL CORP) [Startup Task]
Care Center S -> C:\Program Files\WindowsApps\AcerIncorporated.AcerCareCenterS_4.0.3054.0_x64__48frkmn4z8aw4 [2023-12-14] (Acer Incorporated)
Dropbox promotion -> C:\Program Files\WindowsApps\C27EB4BA.DropboxOEM_23.4.24.0_x64__xbfy0k16fey96 [2024-05-28] (Dropbox Inc.)
Evernote -> C:\Program Files\WindowsApps\Evernote.Evernote_10.89.2.0_x64__q4d96b2w5wcc2 [2024-05-29] (Evernote) [Startup Task]
Fotografie -> C:\Program Files\WindowsApps\Microsoft.Windows.Photos_2024.11050.29009.0_x64__8wekyb3d8bbwe [2024-06-04] (Microsoft Corporation) [Startup Task]
Hearts Deluxe -> C:\Program Files\WindowsApps\26720RandomSaladGamesLLC.HeartsDeluxe_6.13.112.0_x64__kx24dqmazqk8j [2024-05-21] (Random Salad Games LLC)
Intel® Optane™ Memory and Storage Management -> C:\Program Files\WindowsApps\AppUp.IntelOptaneMemoryandStorageManagement_18.1.1041.0_x64__8j3eq9eme6ctt [2024-05-21] (INTEL CORP)
McAfee -> C:\Program Files\McAfee\wps\1.18.255.1 [2024-05-21] ()
Microsoft Defender -> C:\Program Files\WindowsApps\Microsoft.6365217CE6EB4_102.2403.21002.0_x64__8wekyb3d8bbwe [2024-06-03] (Microsoft Corporation) [Startup Task]
Microsoft Family -> C:\Program Files\WindowsApps\MicrosoftCorporationII.MicrosoftFamily_0.1.28.0_x64__8wekyb3d8bbwe [2023-12-14] (Microsoft Corp.)
Microsoft.AV1VideoExtension -> C:\Program Files\WindowsApps\Microsoft.AV1VideoExtension_1.1.61781.0_x64__8wekyb3d8bbwe [2023-12-28] (Microsoft Corporation)
Microsoft.BingSearch -> C:\Program Files\WindowsApps\Microsoft.BingSearch_1.0.91.0_x64__8wekyb3d8bbwe [2024-05-29] (Microsoft Corporation)
Microsoft.D3DMappingLayers -> C:\Program Files\WindowsApps\Microsoft.D3DMappingLayers_1.2404.1.0_x64__8wekyb3d8bbwe [2024-05-21] (Microsoft Corporation)
MicrosoftWindows.CrossDevice -> C:\Program Files\WindowsApps\MicrosoftWindows.CrossDevice_1.24051.39.0_x64__cw5n1h2txyewy [2024-05-31] (Microsoft Windows) [Startup Task]
QuickAccess -> C:\Program Files\WindowsApps\AcerIncorporated.QuickAccess_3.0.3052.0_x64__48frkmn4z8aw4 [2023-12-14] (Acer Incorporated)
Realtek Audio Control -> C:\Program Files\WindowsApps\RealtekSemiconductorCorp.RealtekAudioControl_1.26.250.0_x64__dt26b99r8h8gj [2023-12-14] (Realtek Semiconductor Corp)
Solitaire -> C:\Program Files\WindowsApps\26720RandomSaladGamesLLC.3899848563C1F_1.0.137.0_x64__kx24dqmazqk8j [2024-05-21] (Random Salad Games LLC)
Spades -> C:\Program Files\WindowsApps\26720RandomSaladGamesLLC.Spades_6.1.121.0_x64__kx24dqmazqk8j [2024-05-21] (Random Salad Games LLC)
User Experience Improvement Program V5 -> C:\Program Files\WindowsApps\AcerIncorporated.UserExperienceImprovementProgramV_5.0.3018.0_x64__48frkmn4z8aw4 [2023-12-14] (Acer Incorporated)
WinAppRuntime.Main.1.4 -> C:\Program Files\WindowsApps\MicrosoftCorporationII.WinAppRuntime.Main.1.4_4000.1227.1637.0_x64__8wekyb3d8bbwe [2024-05-22] (Microsoft Corp.)
WinAppRuntime.Singleton -> C:\Program Files\WindowsApps\MicrosoftCorporationII.WinAppRuntime.Singleton_4000.1227.1637.0_x64__8wekyb3d8bbwe [2024-05-22] (Microsoft Corp.)
Windows App Runtime DDLM 4000.1082.2259.0-x6 -> C:\Program Files\WindowsApps\Microsoft.WinAppRuntime.DDLM.4000.1082.2259.0-x6_4000.1082.2259.0_x64__8wekyb3d8bbwe [2024-05-20] (Microsoft Corporation)
Windows App Runtime DDLM 4000.1082.2259.0-x8 -> C:\Program Files\WindowsApps\Microsoft.WinAppRuntime.DDLM.4000.1082.2259.0-x8_4000.1082.2259.0_x86__8wekyb3d8bbwe [2024-05-20] (Microsoft Corporation)
Windows App Runtime DDLM 4000.964.11.0-x6 -> C:\Program Files\WindowsApps\Microsoft.WinAppRuntime.DDLM.4000.964.11.0-x6_4000.964.11.0_x64__8wekyb3d8bbwe [2023-12-25] (Microsoft Corporation)
Windows App Runtime DDLM 4000.964.11.0-x8 -> C:\Program Files\WindowsApps\Microsoft.WinAppRuntime.DDLM.4000.964.11.0-x8_4000.964.11.0_x86__8wekyb3d8bbwe [2023-12-25] (Microsoft Corporation)
Windows Feature Experience Pack -> C:\Windows\SystemApps\MicrosoftWindows.Client.LKG_cw5n1h2txyewy [2024-05-27] (Microsoft Windows)
==================== Custom CLSID (Whitelisted): ==============
(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)
CustomCLSID: HKU\S-1-5-21-1522692154-720549613-4100842380-1001_Classes\CLSID\{446889A0-340F-4CC6-84B2-77A832AE2176}\localserver32 -> C:\Program Files (x86)\F-Secure\TOTAL\x64\fshoster64.exe (F-Secure Corporation -> F-Secure Corporation)
ContextMenuHandlers1: [McCtxMenu] -> {4ADAAC88-E1BD-424F-816D-15E059007938} => C:\Program Files\McAfee\wps\1.18.255.1\mc-ctxmnu.dll [2024-05-21] (McAfee, LLC -> McAfee, LLC)
ContextMenuHandlers6: [McCtxMenu] -> {4ADAAC88-E1BD-424F-816D-15E059007938} => C:\Program Files\McAfee\wps\1.18.255.1\mc-ctxmnu.dll [2024-05-21] (McAfee, LLC -> McAfee, LLC)
==================== Codecs (Whitelisted) ====================
==================== Shortcuts & WMI ========================
==================== Loaded Modules (Whitelisted) =============
==================== Alternate Data Streams (Whitelisted) ========
==================== Safe Mode (Whitelisted) ==================
(If an entry is included in the fixlist, it will be removed from the registry. The "AlternateShell" will be restored.)
HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\mc-fw-host => ""="Service"
HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Network\mc-fw-host => ""="Service"
HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Network\mfetdi2k => ""="Service"
HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Network\mfetdi2k.sys => ""="Driver"
==================== Association (Whitelisted) =================
==================== Internet Explorer (Whitelisted) ==========
BHO-x32: Skype for Business Browser Helper -> {31D09BA0-12F5-4CCE-BE8A-2923E76605DA} -> C:\Program Files\Microsoft Office\root\VFS\ProgramFilesX86\Microsoft Office\Office16\OCHelper.dll [2024-05-20] (Microsoft Corporation -> Microsoft Corporation)
Handler: mso-minsb-roaming.16 - {83C25742-A9F7-49FB-9138-434302C88D07} - C:\Program Files\Microsoft Office\root\Office16\MSOSB.DLL [2024-06-03] (Microsoft Corporation -> Microsoft Corporation)
Handler-x32: mso-minsb-roaming.16 - {83C25742-A9F7-49FB-9138-434302C88D07} - C:\Program Files\Microsoft Office\root\VFS\ProgramFilesX86\Microsoft Office\Office16\MSOSB.DLL [2024-06-03] (Microsoft Corporation -> Microsoft Corporation)
Handler: mso-minsb.16 - {42089D2D-912D-4018-9087-2B87803E93FB} - C:\Program Files\Microsoft Office\root\Office16\MSOSB.DLL [2024-06-03] (Microsoft Corporation -> Microsoft Corporation)
Handler-x32: mso-minsb.16 - {42089D2D-912D-4018-9087-2B87803E93FB} - C:\Program Files\Microsoft Office\root\VFS\ProgramFilesX86\Microsoft Office\Office16\MSOSB.DLL [2024-06-03] (Microsoft Corporation -> Microsoft Corporation)
Handler: osf-roaming.16 - {42089D2D-912D-4018-9087-2B87803E93FB} - C:\Program Files\Microsoft Office\root\Office16\MSOSB.DLL [2024-06-03] (Microsoft Corporation -> Microsoft Corporation)
Handler-x32: osf-roaming.16 - {42089D2D-912D-4018-9087-2B87803E93FB} - C:\Program Files\Microsoft Office\root\VFS\ProgramFilesX86\Microsoft Office\Office16\MSOSB.DLL [2024-06-03] (Microsoft Corporation -> Microsoft Corporation)
Handler: osf.16 - {5504BE45-A83B-4808-900A-3A5C36E7F77A} - C:\Program Files\Microsoft Office\root\Office16\MSOSB.DLL [2024-06-03] (Microsoft Corporation -> Microsoft Corporation)
Handler-x32: osf.16 - {5504BE45-A83B-4808-900A-3A5C36E7F77A} - C:\Program Files\Microsoft Office\root\VFS\ProgramFilesX86\Microsoft Office\Office16\MSOSB.DLL [2024-06-03] (Microsoft Corporation -> Microsoft Corporation)
==================== Hosts content: =========================
(If needed Hosts: directive could be included in the fixlist to reset Hosts.)
2022-05-07 07:24 - 2022-05-07 07:22 - 000000824 _____ C:\Windows\system32\drivers\etc\hosts
==================== Other Areas ===========================
(Currently there is no automatic fix for this section.)
HKU\S-1-5-21-1522692154-720549613-4100842380-1001\Control Panel\Desktop\\Wallpaper -> C:\Windows\web\wallpaper\Acer01.jpg
DNS Servers: 62.129.50.20 - 85.135.32.100
HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Policies\System => (ConsentPromptBehaviorAdmin: 5) (ConsentPromptBehaviorUser: 3) (EnableLUA: 1)
Windows Firewall is enabled.
==================== MSCONFIG/TASK MANAGER disabled items ==
(If an entry is included in the fixlist, it will be removed.)
HKU\S-1-5-21-1522692154-720549613-4100842380-1001\...\StartupApproved\Run: => "CCleaner Smart Cleaning"
==================== FirewallRules (Whitelisted) ================
(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)
FirewallRules: [{DE573B2F-63B8-4CB1-93D4-786F88161C20}] => (Allow) C:\Program Files\Microsoft Office\root\Office16\outlook.exe (Microsoft Corporation -> Microsoft Corporation)
FirewallRules: [{150042BD-4CA3-44DC-BF19-A40634A9FA06}] => (Allow) C:\Program Files\Google\Chrome\Application\chrome.exe (Google LLC -> Google LLC)
FirewallRules: [{41DA2652-E44B-447C-9AB7-62DDC61F25B3}] => (Allow) C:\Program Files (x86)\Microsoft\EdgeWebView\Application\125.0.2535.79\msedgewebview2.exe (Microsoft Corporation -> Microsoft Corporation)
FirewallRules: [{28C9B8C6-2EB3-493F-915D-19F0AB0A3F7D}] => (Allow) C:\Program Files\WindowsApps\MicrosoftTeams_24124.2402.2858.5617_x64__8wekyb3d8bbwe\msteams.exe (Microsoft Corporation -> Microsoft Corporation)
FirewallRules: [{F79CB33E-9EE3-493E-9ECA-089D9E72943F}] => (Allow) C:\Program Files\WindowsApps\MicrosoftTeams_24124.2402.2858.5617_x64__8wekyb3d8bbwe\msteams.exe (Microsoft Corporation -> Microsoft Corporation)
==================== Restore Points =========================
ATTENTION: System Restore is disabled (Total:475.67 GB) (Free:426.72 GB) (90%)
==================== Faulty Device Manager Devices ============
==================== Event log errors: ========================
Application errors:
==================
Error: (06/03/2024 07:49:10 AM) (Source: Application Error) (EventID: 1000) (User: LAPTOP-5DQCHNGG)
Description: Název chybující aplikace: AcerRegistrationBackGroundTask.exe, verze: 1.0.0.0, časové razítko: 0x64375ffb
Název chybujícího modulu: KERNELBASE.dll, verze: 10.0.22621.3527, časové razítko: 0xf436709b
Kód výjimky: 0xc000041d
Posun chyby: 0x001498b2
ID chybujícího procesu: 0x0x32b4
Čas spuštění chybující aplikace: 0x0x1dab579bf1f10ad
Cesta k chybující aplikaci: C:\Program Files\WindowsApps\AcerIncorporated.AcerRegistration_2.0.3044.0_x64__48frkmn4z8aw4\DesktopApp\AcerRegistrationBackGroundTask.exe
Cesta k chybujícímu modulu: C:\Windows\System32\KERNELBASE.dll
ID zprávy: ebe1ae43-4d6b-4f57-8d2d-41a5fb103053
Úplný název chybujícího balíčku: AcerIncorporated.AcerRegistration_2.0.3044.0_x64__48frkmn4z8aw4
ID aplikace související s chybujícím balíčkem: Acer.AcerRegistration
Error: (06/03/2024 07:49:07 AM) (Source: Application Error) (EventID: 1000) (User: LAPTOP-5DQCHNGG)
Description: Název chybující aplikace: AcerRegistrationBackGroundTask.exe, verze: 1.0.0.0, časové razítko: 0x64375ffb
Název chybujícího modulu: KERNELBASE.dll, verze: 10.0.22621.3527, časové razítko: 0xf436709b
Kód výjimky: 0xc0020001
Posun chyby: 0x001498b2
ID chybujícího procesu: 0x0x32b4
Čas spuštění chybující aplikace: 0x0x1dab579bf1f10ad
Cesta k chybující aplikaci: C:\Program Files\WindowsApps\AcerIncorporated.AcerRegistration_2.0.3044.0_x64__48frkmn4z8aw4\DesktopApp\AcerRegistrationBackGroundTask.exe
Cesta k chybujícímu modulu: C:\Windows\System32\KERNELBASE.dll
ID zprávy: 38aa5e36-9b42-40ea-80e0-b7a83da7390d
Úplný název chybujícího balíčku: AcerIncorporated.AcerRegistration_2.0.3044.0_x64__48frkmn4z8aw4
ID aplikace související s chybujícím balíčkem: Acer.AcerRegistration
Error: (05/31/2024 09:13:16 AM) (Source: Application Error) (EventID: 1000) (User: LAPTOP-5DQCHNGG)
Description: Název chybující aplikace: iGoSwServer.exe, verze: 100.1.7.7, časové razítko: 0x6368c2f1
Název chybujícího modulu: ucrtbase.dll, verze: 10.0.22621.3593, časové razítko: 0x10c46e71
Kód výjimky: 0xc0000409
Posun chyby: 0x000000000007e008
ID chybujícího procesu: 0x0x197c
Čas spuštění chybující aplikace: 0x0x1dab31ae041d60a
Cesta k chybující aplikaci: C:\Windows\System32\DriverStore\FileRepository\igoaudioservice.inf_amd64_5480d357b22325cc\iGoSwServer.exe
Cesta k chybujícímu modulu: C:\Windows\System32\ucrtbase.dll
ID zprávy: f9a442c0-698b-4c2a-aa9f-5ab552996472
Úplný název chybujícího balíčku:
ID aplikace související s chybujícím balíčkem:
Error: (05/31/2024 09:07:22 AM) (Source: Microsoft Office 16) (EventID: 2011) (User: )
Description: Office Subscription licensing exception: Error Code: 0x305; CorrelationId: {F7902A1C-B1DF-47FB-B541-8D0CF0024693}
Error: (05/31/2024 07:45:54 AM) (Source: Application Error) (EventID: 1000) (User: LAPTOP-5DQCHNGG)
Description: Název chybující aplikace: AcerRegistrationBackGroundTask.exe, verze: 1.0.0.0, časové razítko: 0x64375ffb
Název chybujícího modulu: KERNELBASE.dll, verze: 10.0.22621.3527, časové razítko: 0xf436709b
Kód výjimky: 0xc000041d
Posun chyby: 0x001498b2
ID chybujícího procesu: 0x0x1690
Čas spuštění chybující aplikace: 0x0x1dab31dcc253cd1
Cesta k chybující aplikaci: C:\Program Files\WindowsApps\AcerIncorporated.AcerRegistration_2.0.3044.0_x64__48frkmn4z8aw4\DesktopApp\AcerRegistrationBackGroundTask.exe
Cesta k chybujícímu modulu: C:\Windows\System32\KERNELBASE.dll
ID zprávy: 02e6a856-8e71-49e6-8bfe-c9197576c64d
Úplný název chybujícího balíčku: AcerIncorporated.AcerRegistration_2.0.3044.0_x64__48frkmn4z8aw4
ID aplikace související s chybujícím balíčkem: Acer.AcerRegistration
Error: (05/31/2024 07:45:52 AM) (Source: Application Error) (EventID: 1000) (User: LAPTOP-5DQCHNGG)
Description: Název chybující aplikace: AcerRegistrationBackGroundTask.exe, verze: 1.0.0.0, časové razítko: 0x64375ffb
Název chybujícího modulu: KERNELBASE.dll, verze: 10.0.22621.3527, časové razítko: 0xf436709b
Kód výjimky: 0xc0020001
Posun chyby: 0x001498b2
ID chybujícího procesu: 0x0x1690
Čas spuštění chybující aplikace: 0x0x1dab31dcc253cd1
Cesta k chybující aplikaci: C:\Program Files\WindowsApps\AcerIncorporated.AcerRegistration_2.0.3044.0_x64__48frkmn4z8aw4\DesktopApp\AcerRegistrationBackGroundTask.exe
Cesta k chybujícímu modulu: C:\Windows\System32\KERNELBASE.dll
ID zprávy: 526eb515-4448-4e61-9668-ca22bcb69839
Úplný název chybujícího balíčku: AcerIncorporated.AcerRegistration_2.0.3044.0_x64__48frkmn4z8aw4
ID aplikace související s chybujícím balíčkem: Acer.AcerRegistration
Error: (05/30/2024 09:04:35 PM) (Source: Application Error) (EventID: 1000) (User: LAPTOP-5DQCHNGG)
Description: Název chybující aplikace: iGoSwServer.exe, verze: 100.1.7.7, časové razítko: 0x6368c2f1
Název chybujícího modulu: ucrtbase.dll, verze: 10.0.22621.3593, časové razítko: 0x10c46e71
Kód výjimky: 0xc0000409
Posun chyby: 0x000000000007e008
ID chybujícího procesu: 0x0x1764
Čas spuštění chybující aplikace: 0x0x1dab282b61f54c6
Cesta k chybující aplikaci: C:\Windows\System32\DriverStore\FileRepository\igoaudioservice.inf_amd64_5480d357b22325cc\iGoSwServer.exe
Cesta k chybujícímu modulu: C:\Windows\System32\ucrtbase.dll
ID zprávy: de73459f-eacb-4e83-a16a-19ea28cc77f9
Úplný název chybujícího balíčku:
ID aplikace související s chybujícím balíčkem:
Error: (05/30/2024 07:48:07 AM) (Source: Application Error) (EventID: 1000) (User: LAPTOP-5DQCHNGG)
Description: Název chybující aplikace: iGoSwServer.exe, verze: 100.1.7.7, časové razítko: 0x6368c2f1
Název chybujícího modulu: ucrtbase.dll, verze: 10.0.22621.3593, časové razítko: 0x10c46e71
Kód výjimky: 0xc0000409
Posun chyby: 0x000000000007e008
ID chybujícího procesu: 0x0x3c2c
Čas spuštění chybující aplikace: 0x0x1dab2529a1941ab
Cesta k chybující aplikaci: C:\Windows\System32\DriverStore\FileRepository\igoaudioservice.inf_amd64_5480d357b22325cc\iGoSwServer.exe
Cesta k chybujícímu modulu: C:\Windows\System32\ucrtbase.dll
ID zprávy: 15c2a0c5-8589-4248-b0a4-235dcf2999f5
Úplný název chybujícího balíčku:
ID aplikace související s chybujícím balíčkem:
System errors:
=============
Error: (06/04/2024 11:06:25 AM) (Source: Netwtw10) (EventID: 5005) (User: )
Description: Intel(R) Wi-Fi 6 AX101 : Byla zjištěna vnitřní chyba a došlo k selhání.
5005 - Driver internal error
Error: (06/04/2024 11:06:25 AM) (Source: Netwtw10) (EventID: 5002) (User: )
Description: Intel(R) Wi-Fi 6 AX101 : Bylo zjištěno, že síťový adaptér nepracuje správně.
5002 - uCode SW error (SysAssert, NMI)
Error: (06/04/2024 11:06:22 AM) (Source: Netwtw10) (EventID: 5005) (User: )
Description: Intel(R) Wi-Fi 6 AX101 : Byla zjištěna vnitřní chyba a došlo k selhání.
5005 - Driver internal error
Error: (06/04/2024 11:06:22 AM) (Source: Netwtw10) (EventID: 5007) (User: )
Description: 5007 - TX/CMD timeout (TfdQueue hanged)
Error: (06/04/2024 11:00:42 AM) (Source: Netwtw10) (EventID: 5005) (User: )
Description: Intel(R) Wi-Fi 6 AX101 : Byla zjištěna vnitřní chyba a došlo k selhání.
5005 - Driver internal error
Error: (06/04/2024 11:00:42 AM) (Source: Netwtw10) (EventID: 5002) (User: )
Description: Intel(R) Wi-Fi 6 AX101 : Bylo zjištěno, že síťový adaptér nepracuje správně.
5002 - uCode SW error (SysAssert, NMI)
Error: (06/04/2024 11:00:38 AM) (Source: Netwtw10) (EventID: 5005) (User: )
Description: Intel(R) Wi-Fi 6 AX101 : Byla zjištěna vnitřní chyba a došlo k selhání.
5005 - Driver internal error
Error: (06/04/2024 11:00:38 AM) (Source: Netwtw10) (EventID: 5007) (User: )
Description: 5007 - TX/CMD timeout (TfdQueue hanged)
Windows Defender:
================
Date: 2024-06-04 13:15:58
Description:
Prohledávání Antivirová ochrana v programu Microsoft Defender bylo zastaveno před dokončením.
ID prohledávání: {62E4D788-6A66-4A80-A10C-47654B6B591B}
Typ prohledávání: Antimalwarový program
Parametry prohledávání: Rychlé prohledávání
Uživatel: NT AUTHORITY\SYSTEM
Date: 2024-06-03 10:04:11
Description:
Prohledávání Antivirová ochrana v programu Microsoft Defender bylo zastaveno před dokončením.
ID prohledávání: {E5BA2FA3-D9F4-4549-BB01-E166B166C751}
Typ prohledávání: Antimalwarový program
Parametry prohledávání: Rychlé prohledávání
Uživatel: NT AUTHORITY\SYSTEM
Date: 2024-06-02 15:37:43
Description:
Prohledávání Antivirová ochrana v programu Microsoft Defender bylo zastaveno před dokončením.
ID prohledávání: {AE202899-3A4B-4B35-995C-4EB2FB07E780}
Typ prohledávání: Antimalwarový program
Parametry prohledávání: Rychlé prohledávání
Uživatel: NT AUTHORITY\SYSTEM
Date: 2024-06-01 12:19:42
Description:
Prohledávání Antivirová ochrana v programu Microsoft Defender bylo zastaveno před dokončením.
ID prohledávání: {6389282D-6FBE-49EC-BBBE-BD5250118A7B}
Typ prohledávání: Antimalwarový program
Parametry prohledávání: Rychlé prohledávání
Uživatel: NT AUTHORITY\SYSTEM
Date: 2024-05-31 08:05:27
Description:
Prohledávání Antivirová ochrana v programu Microsoft Defender bylo zastaveno před dokončením.
ID prohledávání: {A331A816-B38E-4A24-A4A8-48D9DC754FCF}
Typ prohledávání: Antimalwarový program
Parametry prohledávání: Rychlé prohledávání
Uživatel: NT AUTHORITY\SYSTEM
Event[0]
Date: 2024-05-20 17:48:54
Description:
Antivirová ochrana v programu Microsoft Defender narazil na chybu při pokusu o aktualizaci bezpečnostních informací.
Nová verze bezpečnostních informací:
Předchozí verze bezpečnostních informací: 1.403.3578.0
Zdroj aktualizace: Server Microsoft Update
Typ bezpečnostních informací: Antivirový program
Typ aktualizace: Úplné
Uživatel: NT AUTHORITY\SYSTEM
Aktuální verze modulu:
Předchozí verze modulu: 1.1.24010.10
Kód chyby: 0x80240016
Popis chyby: Při zjišťování aktualizací došlo k neočekávaným potížím. Informace o instalaci nebo řešení potíží s aktualizacemi naleznete v nápovědě a podpoře.
Date: 2024-05-17 10:35:16
Description:
Antivirová ochrana v programu Microsoft Defender narazil na chybu při pokusu o aktualizaci bezpečnostních informací.
Nová verze bezpečnostních informací:
Předchozí verze bezpečnostních informací: 1.403.3263.0
Zdroj aktualizace: Centrum společnosti Microsoft pro ochranu před škodlivým softwarem
Typ bezpečnostních informací: Antivirový program
Typ aktualizace: Úplné
Uživatel: NT AUTHORITY\SYSTEM
Aktuální verze modulu:
Předchozí verze modulu: 1.1.23110.2
Kód chyby: 0x80072ee7
Popis chyby: Nelze rozpoznat název nebo adresu serveru.
Date: 2024-05-17 10:35:16
Description:
Antivirová ochrana v programu Microsoft Defender narazil na chybu při pokusu o aktualizaci bezpečnostních informací.
Nová verze bezpečnostních informací:
Předchozí verze bezpečnostních informací: 1.403.3263.0
Zdroj aktualizace: Centrum společnosti Microsoft pro ochranu před škodlivým softwarem
Typ bezpečnostních informací: Antispywarový program
Typ aktualizace: Úplné
Uživatel: NT AUTHORITY\SYSTEM
Aktuální verze modulu:
Předchozí verze modulu: 1.1.23110.2
Kód chyby: 0x80072ee7
Popis chyby: Nelze rozpoznat název nebo adresu serveru.
Date: 2024-05-17 10:35:16
Description:
Antivirová ochrana v programu Microsoft Defender narazil na chybu při pokusu o aktualizaci bezpečnostních informací.
Nová verze bezpečnostních informací:
Předchozí verze bezpečnostních informací: 1.403.3263.0
Zdroj aktualizace: Centrum společnosti Microsoft pro ochranu před škodlivým softwarem
Typ bezpečnostních informací: Antivirový program
Typ aktualizace: Úplné
Uživatel: NT AUTHORITY\SYSTEM
Aktuální verze modulu:
Předchozí verze modulu: 1.1.23110.2
Kód chyby: 0x80072ee7
Popis chyby: Nelze rozpoznat název nebo adresu serveru.
Date: 2024-05-17 10:35:16
Description:
Antivirová ochrana v programu Microsoft Defender narazil na chybu při pokusu o aktualizaci bezpečnostních informací.
Nová verze bezpečnostních informací:
Předchozí verze bezpečnostních informací: 1.403.3263.0
Zdroj aktualizace: Centrum společnosti Microsoft pro ochranu před škodlivým softwarem
Typ bezpečnostních informací: Antivirový program
Typ aktualizace: Úplné
Uživatel: NT AUTHORITY\SYSTEM
Aktuální verze modulu:
Předchozí verze modulu: 1.1.23110.2
Kód chyby: 0x80072ee2
Popis chyby: Operace nebyla v požadované době dokončena.
CodeIntegrity:
===============
Date: 2024-06-04 13:17:51
Description:
Windows is unable to verify the image integrity of the file \Device\HarddiskVolume3\Program Files (x86)\F-Secure\TOTAL\Ultralight\ulcore\1715597669\fsamsi64.dll because file hash could not be found on the system. A recent hardware or software change might have installed a file that is signed incorrectly or damaged, or that might be malicious software from an unknown source.
Date: 2024-06-04 13:17:51
Description:
Code Integrity determined that a process (\Device\HarddiskVolume3\Windows\System32\svchost.exe) attempted to load \Device\HarddiskVolume3\Program Files\McAfee\wps\1.18.255.1\mc-sec-plugin-x64.dll that did not meet the Windows signing level requirements.
==================== Memory info ===========================
BIOS: Insyde Corp. V1.34 04/21/2023
Motherboard: TGL Camellia_TL
Processor: 11th Gen Intel(R) Core(TM) i3-1115G4 @ 3.00GHz
Percentage of memory in use: 60%
Total physical RAM: 7971.3 MB
Available physical RAM: 3154.88 MB
Total Virtual: 9635.3 MB
Available Virtual: 3748.65 MB
==================== Drives ================================
Drive c: (Acer) (Fixed) (Total:475.67 GB) (Free:426.72 GB) (Model: NVMe KINGSTON OM8SEP4512Q-AA) NTFS
\\?\Volume{f7a5a8c9-aea1-491b-87cb-1365caa5168a}\ (Recovery) (Fixed) (Total:1 GB) (Free:0.43 GB) NTFS
\\?\Volume{f4bdbb46-65ba-47c3-a643-cc356c83e3b0}\ (ESP) (Fixed) (Total:0.25 GB) (Free:0.19 GB) FAT32
==================== MBR & Partition Table ====================
==================== End of Addition.txt =======================
-
Rudy
- Site Admin
- Příspěvky: 119487
- Registrován: 30 říj 2003 13:42
- Bydliště: Plzeň
- Kontaktovat uživatele:
Re: Velké zpomalení NoteBooku. Děkuji
Otevřte poznámkový blok a zkopírujte do něj:
Uložte na plochu jako fixlist.txt. Spusťte znovu FRST a klikněte na >Fix<. Po skončení akce se objeví log, který sem zkopírujte.Start
CloseProcesses:
Task: {E0F10DCF-44AD-40E8-9370-FB5DA59F93FB} - System32\Tasks\Microsoft\Windows\UpdateOrchestrator\USO_UxBroker => %systemroot%\system32\MusNotification.exe (No File)
Task: {8B3D35E8-2C19-4649-86B9-568C8FAD0F9E} - System32\Tasks\GoogleSystem\GoogleUpdater\GoogleUpdaterTaskSystem127.0.6490.0{7863E041-B445-4567-908D-89ECC6DA2015} => C:\Program Files (x86)\Google\GoogleUpdater\127.0.6490.0\updater.exe [4785440 2024-05-20] (Google LLC -> Google LLC)
EmptyTemp:
End
Dotazy a logy vkládejte pouze do vašich threadů. Soukromé zprávy, icq a e-maily neslouží k řešení vašich problémů.
Podpořte, prosím, naše fórum : https://platba.viry.cz/payment/.
Navštivte:
e-mail: rudy(zavináč)forum.viry.cz
Varování: Před odvirováním PC si udělejte zálohy svých důležitých dat (pošta, kontakty, dokumenty, fotografie, videa, hudba apod.). Virus mimo svých "viditelných" aktivit může poškodit systém!
Po dořešení vašeho problému bude vlákno zamknuto. Stejně tak tehdy, pokud bude nečinné více než 14dnů. Pokud budete chtít vlákno aktivovat, napište mi na mail uvedený výše.
Podpořte, prosím, naše fórum : https://platba.viry.cz/payment/.
Navštivte:
e-mail: rudy(zavináč)forum.viry.cz
Varování: Před odvirováním PC si udělejte zálohy svých důležitých dat (pošta, kontakty, dokumenty, fotografie, videa, hudba apod.). Virus mimo svých "viditelných" aktivit může poškodit systém!
Po dořešení vašeho problému bude vlákno zamknuto. Stejně tak tehdy, pokud bude nečinné více než 14dnů. Pokud budete chtít vlákno aktivovat, napište mi na mail uvedený výše.
Re: Velké zpomalení NoteBooku. Děkuji
Fix result of Farbar Recovery Scan Tool (x64) Version: 04.06.2024
Ran by milan (04-06-2024 14:13:43) Run:1
Running from C:\Users\milan\Desktop
Loaded Profiles: milan
Boot Mode: Normal
==============================================
fixlist content:
*****************
Start
CloseProcesses:
Task: {E0F10DCF-44AD-40E8-9370-FB5DA59F93FB} - System32\Tasks\Microsoft\Windows\UpdateOrchestrator\USO_UxBroker => %systemroot%\system32\MusNotification.exe (No File)
Task: {8B3D35E8-2C19-4649-86B9-568C8FAD0F9E} - System32\Tasks\GoogleSystem\GoogleUpdater\GoogleUpdaterTaskSystem127.0.6490.0{7863E041-B445-4567-908D-89ECC6DA2015} => C:\Program Files (x86)\Google\GoogleUpdater\127.0.6490.0\updater.exe [4785440 2024-05-20] (Google LLC -> Google LLC)
EmptyTemp:
End
*****************
Processes closed successfully.
"HKLM\Software\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Plain\{E0F10DCF-44AD-40E8-9370-FB5DA59F93FB}" => removed successfully
"HKLM\Software\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tasks\{E0F10DCF-44AD-40E8-9370-FB5DA59F93FB}" => removed successfully
C:\Windows\System32\Tasks\Microsoft\Windows\UpdateOrchestrator\USO_UxBroker => moved successfully
"HKLM\Software\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tree\Microsoft\Windows\UpdateOrchestrator\USO_UxBroker" => removed successfully
"HKLM\Software\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Logon\{8B3D35E8-2C19-4649-86B9-568C8FAD0F9E}" => removed successfully
"HKLM\Software\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tasks\{8B3D35E8-2C19-4649-86B9-568C8FAD0F9E}" => removed successfully
C:\Windows\System32\Tasks\GoogleSystem\GoogleUpdater\GoogleUpdaterTaskSystem127.0.6490.0{7863E041-B445-4567-908D-89ECC6DA2015} => moved successfully
"HKLM\Software\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tree\GoogleSystem\GoogleUpdater\GoogleUpdaterTaskSystem127.0.6490.0{7863E041-B445-4567-908D-89ECC6DA2015}" => removed successfully
=========== EmptyTemp: ==========
FlushDNS => completed
BITS transfer queue => 1572864 B
DOMStore, IE Recovery, AppCache, Feeds Cache, Thumbcache, IconCache => 15850167 B
Java, Discord, Steam htmlcache, WinHttpAutoProxySvc/winhttp *.cache => 0 B
Windows/system/drivers => 459452407 B
Edge => 0 B
Chrome => 537940101 B
Firefox => 0 B
Opera => 0 B
Temp, IE cache, history, cookies, recent:
Default => 0 B
ProgramData => 0 B
Public => 0 B
systemprofile => 10508 B
systemprofile32 => 10508 B
LocalService => 677630 B
NetworkService => 681128 B
milan => 313117522 B
RecycleBin => 73978 B
EmptyTemp: => 1.2 GB temporary data Removed.
================================
The system needed a reboot.
==== End of Fixlog 14:14:03 ====
Ran by milan (04-06-2024 14:13:43) Run:1
Running from C:\Users\milan\Desktop
Loaded Profiles: milan
Boot Mode: Normal
==============================================
fixlist content:
*****************
Start
CloseProcesses:
Task: {E0F10DCF-44AD-40E8-9370-FB5DA59F93FB} - System32\Tasks\Microsoft\Windows\UpdateOrchestrator\USO_UxBroker => %systemroot%\system32\MusNotification.exe (No File)
Task: {8B3D35E8-2C19-4649-86B9-568C8FAD0F9E} - System32\Tasks\GoogleSystem\GoogleUpdater\GoogleUpdaterTaskSystem127.0.6490.0{7863E041-B445-4567-908D-89ECC6DA2015} => C:\Program Files (x86)\Google\GoogleUpdater\127.0.6490.0\updater.exe [4785440 2024-05-20] (Google LLC -> Google LLC)
EmptyTemp:
End
*****************
Processes closed successfully.
"HKLM\Software\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Plain\{E0F10DCF-44AD-40E8-9370-FB5DA59F93FB}" => removed successfully
"HKLM\Software\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tasks\{E0F10DCF-44AD-40E8-9370-FB5DA59F93FB}" => removed successfully
C:\Windows\System32\Tasks\Microsoft\Windows\UpdateOrchestrator\USO_UxBroker => moved successfully
"HKLM\Software\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tree\Microsoft\Windows\UpdateOrchestrator\USO_UxBroker" => removed successfully
"HKLM\Software\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Logon\{8B3D35E8-2C19-4649-86B9-568C8FAD0F9E}" => removed successfully
"HKLM\Software\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tasks\{8B3D35E8-2C19-4649-86B9-568C8FAD0F9E}" => removed successfully
C:\Windows\System32\Tasks\GoogleSystem\GoogleUpdater\GoogleUpdaterTaskSystem127.0.6490.0{7863E041-B445-4567-908D-89ECC6DA2015} => moved successfully
"HKLM\Software\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tree\GoogleSystem\GoogleUpdater\GoogleUpdaterTaskSystem127.0.6490.0{7863E041-B445-4567-908D-89ECC6DA2015}" => removed successfully
=========== EmptyTemp: ==========
FlushDNS => completed
BITS transfer queue => 1572864 B
DOMStore, IE Recovery, AppCache, Feeds Cache, Thumbcache, IconCache => 15850167 B
Java, Discord, Steam htmlcache, WinHttpAutoProxySvc/winhttp *.cache => 0 B
Windows/system/drivers => 459452407 B
Edge => 0 B
Chrome => 537940101 B
Firefox => 0 B
Opera => 0 B
Temp, IE cache, history, cookies, recent:
Default => 0 B
ProgramData => 0 B
Public => 0 B
systemprofile => 10508 B
systemprofile32 => 10508 B
LocalService => 677630 B
NetworkService => 681128 B
milan => 313117522 B
RecycleBin => 73978 B
EmptyTemp: => 1.2 GB temporary data Removed.
================================
The system needed a reboot.
==== End of Fixlog 14:14:03 ====
-
Rudy
- Site Admin
- Příspěvky: 119487
- Registrován: 30 říj 2003 13:42
- Bydliště: Plzeň
- Kontaktovat uživatele:
Re: Velké zpomalení NoteBooku. Děkuji
Smazáno. Zrychlil se chod?
Dotazy a logy vkládejte pouze do vašich threadů. Soukromé zprávy, icq a e-maily neslouží k řešení vašich problémů.
Podpořte, prosím, naše fórum : https://platba.viry.cz/payment/.
Navštivte:
e-mail: rudy(zavináč)forum.viry.cz
Varování: Před odvirováním PC si udělejte zálohy svých důležitých dat (pošta, kontakty, dokumenty, fotografie, videa, hudba apod.). Virus mimo svých "viditelných" aktivit může poškodit systém!
Po dořešení vašeho problému bude vlákno zamknuto. Stejně tak tehdy, pokud bude nečinné více než 14dnů. Pokud budete chtít vlákno aktivovat, napište mi na mail uvedený výše.
Podpořte, prosím, naše fórum : https://platba.viry.cz/payment/.
Navštivte:
e-mail: rudy(zavináč)forum.viry.cz
Varování: Před odvirováním PC si udělejte zálohy svých důležitých dat (pošta, kontakty, dokumenty, fotografie, videa, hudba apod.). Virus mimo svých "viditelných" aktivit může poškodit systém!
Po dořešení vašeho problému bude vlákno zamknuto. Stejně tak tehdy, pokud bude nečinné více než 14dnů. Pokud budete chtít vlákno aktivovat, napište mi na mail uvedený výše.
Re: Velké zpomalení NoteBooku. Děkuji
Omlouvám se byl jsem služebně pryč. No každopádně se to o něco zrychlilo ale není to ještě 100% . Nevím co se mi tady zase dostalo, ale pokuď už to víc nejde tak i tak jsem spokojeny a děkuji moc
-
Rudy
- Site Admin
- Příspěvky: 119487
- Registrován: 30 říj 2003 13:42
- Bydliště: Plzeň
- Kontaktovat uživatele:
Re: Velké zpomalení NoteBooku. Děkuji
Můžete ještě zkusit defragmentovat disk.
Dotazy a logy vkládejte pouze do vašich threadů. Soukromé zprávy, icq a e-maily neslouží k řešení vašich problémů.
Podpořte, prosím, naše fórum : https://platba.viry.cz/payment/.
Navštivte:
e-mail: rudy(zavináč)forum.viry.cz
Varování: Před odvirováním PC si udělejte zálohy svých důležitých dat (pošta, kontakty, dokumenty, fotografie, videa, hudba apod.). Virus mimo svých "viditelných" aktivit může poškodit systém!
Po dořešení vašeho problému bude vlákno zamknuto. Stejně tak tehdy, pokud bude nečinné více než 14dnů. Pokud budete chtít vlákno aktivovat, napište mi na mail uvedený výše.
Podpořte, prosím, naše fórum : https://platba.viry.cz/payment/.
Navštivte:
e-mail: rudy(zavináč)forum.viry.cz
Varování: Před odvirováním PC si udělejte zálohy svých důležitých dat (pošta, kontakty, dokumenty, fotografie, videa, hudba apod.). Virus mimo svých "viditelných" aktivit může poškodit systém!
Po dořešení vašeho problému bude vlákno zamknuto. Stejně tak tehdy, pokud bude nečinné více než 14dnů. Pokud budete chtít vlákno aktivovat, napište mi na mail uvedený výše.
Přispějete na provoz fóra?