Scan result of Farbar Recovery Scan Tool (FRST) (x64) Version: 01.07.2024
Ran by sern (administrator) on KATANA (Micro-Star International Co., Ltd. Katana 15 B12VFK) (08-07-2024 20:50:13)
Running from D:\Stažené soubory\FRST64.exe
Loaded Profiles: sern
Platform: Microsoft Windows 11 Pro Version 23H2 22631.3737 (X64) Language: Čeština (Česko)
Default browser: Chrome
Boot Mode: Normal
==================== Processes (Whitelisted) =================
(If an entry is included in the fixlist, the process will be closed. The file will not be moved.)
(A225F3B5-240D-4EE9-BCF4-697A07F5E93E -> Micro-Star INT'L CO., LTD.) C:\Program Files\WindowsApps\9426MICRO-STARINTERNATION.MSICenter_2.0.38.0_x64__kzh8wxbdkxb8p\DCv2\DCv2.exe
(A-Volute SAS -> A-Volute) C:\Windows\System32\NhNotifSys.exe
(C:\Program Files (x86)\MSI\MSI Center\MSI_Central_Service.exe ->) (MICRO-STAR INTERNATIONAL CO., LTD. -> Micro-Star Int'l Co., Ltd.) C:\Program Files (x86)\MSI\MSI Center\MSI.CentralServer.exe
(C:\Program Files\Autodesk\AdODIS\V1\Access\AdskAccessCore.exe ->) (Autodesk, Inc. -> Autodesk, Inc.) C:\Program Files\Autodesk\AdODIS\V1\Setup\ui-launcher\AdskAccessUIHost.exe <4>
(C:\Program Files\Autodesk\AdODIS\V1\Access\AdskAccessCore.exe ->) (Autodesk, Inc. -> Autodesk, Inc.) C:\Program Files\Autodesk\AdskIdentityManager\1.11.9.11\AdskIdentityManager.exe
(C:\Program Files\Google\Drive File Stream\92.0.1.0\GoogleDriveFS.exe ->) (Google LLC -> ) C:\Program Files\Google\Drive File Stream\92.0.1.0\crashpad_handler.exe
(C:\Program Files\Google\Drive File Stream\92.0.1.0\GoogleDriveFS.exe ->) (Google LLC -> Google, Inc.) C:\Program Files\Google\Drive File Stream\93.0.1.0\GoogleDriveFS.exe <6>
(C:\Program Files\Google\Drive File Stream\93.0.1.0\GoogleDriveFS.exe ->) (Google LLC -> ) C:\Program Files\Google\Drive File Stream\93.0.1.0\crashpad_handler.exe
(C:\Program Files\NVIDIA Corporation\NvContainer\nvcontainer.exe ->) (NVIDIA Corporation -> NVIDIA Corporation) C:\Program Files\NVIDIA Corporation\NVIDIA GeForce Experience\NVIDIA Share.exe <3>
(C:\Program Files\NVIDIA Corporation\NvContainer\nvcontainer.exe ->) (NVIDIA Corporation -> NVIDIA Corporation) C:\Program Files\NVIDIA Corporation\ShadowPlay\nvsphelper64.exe
(C:\Program Files\WindowsApps\MSTeams_24152.415.2975.367_x64__8wekyb3d8bbwe\ms-teams.exe ->) (Microsoft Corporation -> Microsoft Corporation) C:\Program Files (x86)\Microsoft\EdgeWebView\Application\126.0.2592.87\msedgewebview2.exe <15>
(C:\Users\sern\AppData\Roaming\BitTorrent Web\btweb.exe ->) (BitTorrent Inc -> BitTorrent Inc.) C:\Users\sern\AppData\Roaming\BitTorrent Web\helper\helper.exe
(D:\Program Files (x86)\Steam\steam.exe ->) (Valve Corp. -> Valve Corporation) D:\Program Files (x86)\Steam\bin\cef\cef.win7x64\steamwebhelper.exe <8>
(DriverStore\FileRepository\ipf_cpu.inf_amd64_b25cc008923a9297\ipf_uf.exe ->) (Intel Corporation -> Intel Corporation) C:\Windows\System32\DriverStore\FileRepository\ipf_cpu.inf_amd64_b25cc008923a9297\ipf_helper.exe
(explorer.exe ->) (Autodesk, Inc. -> Autodesk, Inc.) C:\Program Files\Autodesk\AdODIS\V1\Access\AdskAccessCore.exe
(explorer.exe ->) (BitTorrent Inc -> BitTorrent Limited) C:\Users\sern\AppData\Roaming\BitTorrent Web\btweb.exe
(explorer.exe ->) (Google LLC -> Google LLC) C:\Program Files\Google\Chrome\Application\chrome.exe <27>
(explorer.exe ->) (Google LLC -> Google, Inc.) C:\Program Files\Google\Drive File Stream\92.0.1.0\GoogleDriveFS.exe
(explorer.exe ->) (Microsoft Corporation -> Microsoft Corporation) C:\Program Files\Microsoft OneDrive\24.116.0609.0005\Microsoft.SharePoint.exe
(explorer.exe ->) (Microsoft Corporation -> Microsoft Corporation) C:\Program Files\Microsoft OneDrive\OneDrive.exe
(explorer.exe ->) (Valve Corp. -> Valve Corporation) D:\Program Files (x86)\Steam\steam.exe
(Microsoft Corporation -> Microsoft Corporation) C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe <5>
(Microsoft Corporation -> Microsoft Corporation) C:\Program Files\WindowsApps\MSTeams_24152.415.2975.367_x64__8wekyb3d8bbwe\ms-teams.exe
(NVIDIA Corporation -> Node.js) C:\Program Files (x86)\NVIDIA Corporation\NvNode\NVIDIA Web Helper.exe
(PIRIFORM SOFTWARE LIMITED -> Piriform Software Ltd) C:\Program Files\CCleaner\CCleaner64.exe
(services.exe ->) (Autodesk, Inc. -> Autodesk, Inc.) C:\Program Files\Autodesk\AdODIS\V1\Setup\AdskAccessServiceHost.exe
(services.exe ->) (A-Volute SAS -> Nahimic) C:\Windows\System32\NahimicService.exe
(services.exe ->) (CyberLink Corp. -> CyberLink) C:\Program Files\CyberLink\Shared files\RichVideo64.exe
(services.exe ->) (Flexera Software LLC -> Flexera) C:\Program Files\Common Files\Macrovision Shared\FlexNet Publisher\FNPLicensingService64.exe
(services.exe ->) (Intel Corporation -> Intel Corporation) C:\Windows\System32\DriverStore\FileRepository\dal.inf_amd64_af50fdb80983f7bc\jhi_service.exe
(services.exe ->) (Intel Corporation -> Intel Corporation) C:\Windows\System32\DriverStore\FileRepository\iastorvd.inf_amd64_346bd04e375689ec\RstMwService.exe
(services.exe ->) (Intel Corporation -> Intel Corporation) C:\Windows\System32\DriverStore\FileRepository\ipf_cpu.inf_amd64_b25cc008923a9297\ipf_uf.exe
(services.exe ->) (Intel Corporation -> Intel Corporation) C:\Windows\System32\DriverStore\FileRepository\mewmiprov.inf_amd64_d51901c26227fb29\WMIRegistrationService.exe
(services.exe ->) (Intel Corporation -> Intel) C:\Windows\System32\DriverStore\FileRepository\intcoed.inf_amd64_6f0a892deb241071\AS\IAS\IntelAudioService.exe
(services.exe ->) (Microsoft Corporation -> Microsoft Corporation) C:\Program Files\Common Files\microsoft shared\ClickToRun\OfficeClickToRun.exe
(services.exe ->) (Microsoft Windows Hardware Compatibility Publisher -> Intel Corporation) C:\Windows\System32\DriverStore\FileRepository\igcc_dch.inf_amd64_4e93878658043b21\OneApp.IGCC.WinService.exe
(services.exe ->) (Microsoft Windows Hardware Compatibility Publisher -> Intel Corporation) C:\Windows\System32\DriverStore\FileRepository\iigd_dch.inf_amd64_5b1252b3763da959\IntelCpHDCPSvc.exe
(services.exe ->) (Microsoft Windows Publisher -> Microsoft Corporation) C:\ProgramData\Microsoft\Windows Defender\Platform\4.18.24050.7-0\MpDefenderCoreService.exe
(services.exe ->) (Microsoft Windows Publisher -> Microsoft Corporation) C:\ProgramData\Microsoft\Windows Defender\Platform\4.18.24050.7-0\MsMpEng.exe
(services.exe ->) (Microsoft Windows Publisher -> Microsoft Corporation) C:\ProgramData\Microsoft\Windows Defender\Platform\4.18.24050.7-0\NisSrv.exe
(services.exe ->) (Micro-Star International CO., LTD. -> ) C:\Program Files (x86)\MSI\MSI NBFoundation Service\Sendevsvc.exe
(services.exe ->) (Micro-Star International CO., LTD. -> Micro-Star International Co., Ltd.) C:\Program Files (x86)\MSI\MSI NBFoundation Service\MSIAPService.exe
(services.exe ->) (Micro-Star International CO., LTD. -> Micro-Star International Co., Ltd.) C:\Windows\SysWOW64\MSIService.exe
(services.exe ->) (MICRO-STAR INTERNATIONAL CO., LTD. -> Micro-Star Int'l Co., Ltd.) C:\Program Files (x86)\MSI\MSI Center\MSI_Central_Service.exe
(services.exe ->) (MICRO-STAR INTERNATIONAL CO., LTD. -> Micro-Star INT'L CO., LTD.) C:\Program Files (x86)\MSI\MSI Center\Voice Control\VoiceControl_Service.exe
(services.exe ->) (NVIDIA Corporation -> NVIDIA Corporation) C:\Program Files\NVIDIA Corporation\NvContainer\nvcontainer.exe <3>
(services.exe ->) (NVIDIA Corporation -> NVIDIA Corporation) C:\Windows\System32\DriverStore\FileRepository\nvmiig.inf_amd64_7bbded0afca8813b\Display.NvContainer\NVDisplay.Container.exe <2>
(services.exe ->) (Realtek Semiconductor Corp. -> Realtek Semiconductor) C:\Windows\System32\DriverStore\FileRepository\realtekservice.inf_amd64_0def78d8fd7b6e2b\RtkAudUService64.exe <2>
(services.exe ->) (Valve Corp. -> Valve Corporation) C:\Program Files (x86)\Common Files\Steam\steamservice.exe
(svchost.exe ->) (CyberLink Corp. -> CyberLink Corp.) C:\Program Files (x86)\CyberLink\Shared files\PDStyleAgent\PDStyleAgent.exe
(svchost.exe ->) (Microsoft Corporation -> Microsoft Corporation) C:\Program Files\Microsoft OneDrive\24.116.0609.0005\FileCoAuth.exe
(svchost.exe ->) (Microsoft Windows -> Microsoft Corporation) C:\Program Files\WindowsApps\MicrosoftWindows.Client.WebExperience_524.13200.30.0_x64__cw5n1h2txyewy\Dashboard\WidgetService.exe
(svchost.exe ->) (Microsoft Windows -> Microsoft Corporation) C:\Windows\ImmersiveControlPanel\SystemSettings.exe
(svchost.exe ->) (Microsoft Windows -> Microsoft Corporation) C:\Windows\System32\dllhost.exe <2>
(svchost.exe ->) (Microsoft Windows -> Microsoft Corporation) C:\Windows\System32\LocationNotificationWindows.exe
(svchost.exe ->) (Microsoft Windows -> Microsoft Corporation) C:\Windows\System32\smartscreen.exe
(svchost.exe ->) (Microsoft Windows -> Microsoft Corporation) C:\Windows\System32\wlanext.exe
(svchost.exe ->) (Microsoft Windows -> Microsoft Corporation) C:\Windows\SystemApps\Microsoft.Windows.AppRep.ChxApp_cw5n1h2txyewy\CHXSmartScreen.exe
(svchost.exe ->) (Microsoft Windows -> Microsoft Corporation) C:\Windows\UUS\Packages\Preview\amd64\MoUsoCoreWorker.exe
(svchost.exe ->) (Micro-Star International CO., LTD. -> Micro-Star International Co., Ltd.) C:\Program Files (x86)\MSI\MSI NBFoundation Service\OmApSvcBroker.exe
(svchost.exe ->) (MICRO-STAR INTERNATIONAL CO., LTD. -> Micro-Star Int'l Co., Ltd.) C:\Program Files (x86)\MSI\MSI Center\MSI.TerminalServer.exe
(svchost.exe ->) (MICRO-STAR INTERNATIONAL CO., LTD. -> Micro-Star INT'L CO., LTD.) C:\Program Files (x86)\MSI\MSI Center\Voice Control\VoiceControl_Engine.exe
==================== Registry (Whitelisted) ===================
(If an entry is included in the fixlist, the registry item will be restored to default or removed. The file will not be moved.)
HKLM\...\Run: [RtkAudUService] => C:\Windows\System32\DriverStore\FileRepository\realtekservice.inf_amd64_0def78d8fd7b6e2b\RtkAudUService64.exe [1974728 2024-04-08] (Realtek Semiconductor Corp. -> Realtek Semiconductor)
HKLM\...\Run: [Autodesk Access] => C:\Program Files\Autodesk\AdODIS\V1\Access\AdskAccessCore.exe [21229344 2024-04-16] (Autodesk, Inc. -> Autodesk, Inc.)
HKLM-x32\...\Run: [TeamsMachineInstaller] => C:\Program Files (x86)\Teams Installer\Teams.exe [142414712 2023-08-29] (Microsoft Corporation -> Microsoft Corporation)
HKU\S-1-5-19\...\Run: [GoogleDriveFS] => C:\Program Files\Google\Drive File Stream\93.0.1.0\GoogleDriveFS.exe [61643040 2024-07-08] (Google LLC -> Google, Inc.)
HKU\S-1-5-20\...\Run: [GoogleDriveFS] => C:\Program Files\Google\Drive File Stream\93.0.1.0\GoogleDriveFS.exe [61643040 2024-07-08] (Google LLC -> Google, Inc.)
HKU\S-1-5-21-2758214187-3853810005-2688088550-1001\...\Run: [MicrosoftEdgeAutoLaunch_8B5ED86351D1048DC4CB584E025CA08C] => "C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --no-startup-window --win-session-start [3883472 2024-07-01] (Microsoft Corporation -> Microsoft Corporation)
HKU\S-1-5-21-2758214187-3853810005-2688088550-1001\...\Run: [OneDrive] => C:\Program Files\Microsoft OneDrive\OneDrive.exe [4905504 2024-06-30] (Microsoft Corporation -> Microsoft Corporation)
HKU\S-1-5-21-2758214187-3853810005-2688088550-1001\...\Run: [Steam] => D:\Program Files (x86)\Steam\steam.exe [4407656 2024-06-20] (Valve Corp. -> Valve Corporation)
HKU\S-1-5-21-2758214187-3853810005-2688088550-1001\...\Run: [com.squirrel.Teams.Teams] => C:\Users\sern\AppData\Local\Microsoft\Teams\Update.exe [2593856 2024-05-25] (Microsoft 3rd Party Application Component -> Microsoft Corporation)
HKU\S-1-5-21-2758214187-3853810005-2688088550-1001\...\Run: [CCleaner Smart Cleaning] => C:\Program Files\CCleaner\CCleaner64.exe [45629344 2024-06-26] (PIRIFORM SOFTWARE LIMITED -> Piriform Software Ltd)
HKU\S-1-5-21-2758214187-3853810005-2688088550-1001\...\Run: [EPLTarget\P0000000000000000] => C:\Windows\system32\spool\DRIVERS\x64\3\E_YATISBE.EXE /EPT "EPLTarget\P0000000000000000" /M "WF-7710 Series" (No File)
HKU\S-1-5-21-2758214187-3853810005-2688088550-1001\...\Run: [btweb] => C:\Users\sern\AppData\Roaming\BitTorrent Web\btweb.exe [6473736 2023-12-07] (BitTorrent Inc -> BitTorrent Limited)
HKU\S-1-5-21-2758214187-3853810005-2688088550-1001\...\Run: [GoogleDriveFS] => C:\Program Files\Google\Drive File Stream\93.0.1.0\GoogleDriveFS.exe [61643040 2024-07-08] (Google LLC -> Google, Inc.)
HKU\S-1-5-21-2758214187-3853810005-2688088550-1001\...\Run: [Microsoft.Lists] => C:\Program Files\Microsoft OneDrive\24.116.0609.0005\Microsoft.SharePoint.exe [1025552 2024-06-30] (Microsoft Corporation -> Microsoft Corporation)
HKU\S-1-5-18\...\Run: [GoogleDriveFS] => C:\Program Files\Google\Drive File Stream\93.0.1.0\GoogleDriveFS.exe [61643040 2024-07-08] (Google LLC -> Google, Inc.)
HKLM\...\Print\Monitors\EPSON PC-FAX Driver2 64Monitor: C:\Windows\system32\EFXLM16A.DLL [182784 2023-07-20] (SEIKO EPSON CORPORATION) [File not signed]
HKLM\...\Print\Monitors\EPSON WF-7710 Series 64MonitorBE: C:\Windows\system32\E_YLMBSBE.DLL [187392 2018-06-14] (Seiko Epson Corporation) [File not signed]
HKLM\Software\Microsoft\Active Setup\Installed Components: [{8A69D345-D564-463c-AFF1-A69D9E530F96}] -> C:\Program Files\Google\Chrome\Application\126.0.6478.127\Installer\chrmstp.exe [2024-06-27] (Google LLC -> Google LLC)
==================== Scheduled Tasks (Whitelisted) =================
(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)
Task: {03318CC8-B53B-4496-94E0-F112EA80EFD9} - System32\Tasks\CCleaner Update => C:\Program Files\CCleaner\CCUpdate.exe [714256 2024-06-26] (PIRIFORM SOFTWARE LIMITED -> Piriform Software Ltd)
Task: {4AA4161B-8B6E-4BE6-A68C-47C164FA57A6} - System32\Tasks\CCleanerCrashReporting => C:\Program Files\CCleaner\CCleanerBugReport.exe [5074848 2024-06-26] (PIRIFORM SOFTWARE LIMITED -> Gen Digital Inc. All rights reserved.) -> --product 90 --send dumps|report --path "C:\Program Files\CCleaner\LOG" --programpath "C:\Program Files\CCleaner" --guid "74b63197-13d5-47eb-b31a-87269d4372ec" --version "6.25.11131" --silent
Task: {4C2B9EDE-8B58-49BF-BEBA-F0AE818C996A} - System32\Tasks\CCleanerSkipUAC - sern => C:\Program Files\CCleaner\CCleaner.exe [39451552 2024-06-26] (PIRIFORM SOFTWARE LIMITED -> Piriform Software Ltd)
Task: {7CB51A97-69A6-45DF-B459-3D7D2A497D55} - System32\Tasks\CLToast => C:\Program Files (x86)\CyberLink\Shared files\CLToast.exe [2317064 2024-03-14] (CyberLink Corp. -> )
Task: {3693C901-93C8-4957-8D99-2BE75CF53E8F} - System32\Tasks\CLToastRun => C:\Program Files (x86)\CyberLink\Shared files\CLToast.exe [2317064 2024-03-14] (CyberLink Corp. -> )
Task: {0699F10C-283A-4E68-BA0C-43593AD89AEF} - System32\Tasks\GoogleSystem\GoogleUpdater\GoogleUpdaterTaskSystem128.0.6537.0{FDD1E41C-46A5-460B-95C6-D6C0F15C8829} => C:\Program Files (x86)\Google\GoogleUpdater\128.0.6537.0\updater.exe [4623976 2024-06-13] (Google LLC -> Google LLC)
Task: {34E478C6-E683-4786-B91C-6E261C3E8430} - System32\Tasks\Microsoft\Office\Office Automatic Updates 2.0 => C:\Program Files\Common Files\Microsoft Shared\ClickToRun\OfficeC2RClient.exe [28512448 2024-06-26] (Microsoft Corporation -> Microsoft Corporation)
Task: {284AB1A0-D701-446A-98E2-1F56287BFB3F} - System32\Tasks\Microsoft\Office\Office ClickToRun Service Monitor => C:\Program Files\Common Files\Microsoft Shared\ClickToRun\OfficeC2RClient.exe [28512448 2024-06-26] (Microsoft Corporation -> Microsoft Corporation)
Task: {CC4B7EAA-2581-4FBC-A37F-624B1F178B1A} - System32\Tasks\Microsoft\Office\Office Feature Updates => C:\Program Files\Microsoft Office\root\Office16\sdxhelper.exe [309696 2024-06-30] (Microsoft Corporation -> Microsoft Corporation)
Task: {40CE094F-5532-4762-9668-929EA0AA77AE} - System32\Tasks\Microsoft\Office\Office Feature Updates Logon => C:\Program Files\Microsoft Office\root\Office16\sdxhelper.exe [309696 2024-06-30] (Microsoft Corporation -> Microsoft Corporation)
Task: {24524A63-2598-49F1-A258-155C3E5002F3} - System32\Tasks\Microsoft\Office\Office Performance Monitor => C:\Program Files\Microsoft Office\root\vfs\ProgramFilesCommonX64\Microsoft Shared\Office16\operfmon.exe [169408 2024-06-30] (Microsoft Corporation -> Microsoft Corporation)
Task: {307B857D-B82E-45F4-8385-DF01D3A20ACC} - System32\Tasks\Microsoft\Windows\Application Experience\PcaWallpaperAppDetect => C:\Windows\system32\rundll32.exe [73728 2024-05-15] (Microsoft Windows -> Microsoft Corporation) -> %windir%\system32\PcaSvc.dll,PcaWallpaperAppDetect
Task: {E0F10DCF-44AD-40E8-9370-FB5DA59F93FB} - System32\Tasks\Microsoft\Windows\UpdateOrchestrator\USO_UxBroker => %systemroot%\system32\MusNotification.exe (No File)
Task: {3EE6D57E-9C1E-4B1D-8C51-75670F25EC7A} - System32\Tasks\Microsoft\Windows\Windows Defender\Windows Defender Cache Maintenance => C:\ProgramData\Microsoft\Windows Defender\Platform\4.18.24050.7-0\MpCmdRun.exe [1678960 2024-06-05] (Microsoft Windows Publisher -> Microsoft Corporation)
Task: {3291ED3C-AA57-4C47-8489-CF6325885D37} - System32\Tasks\Microsoft\Windows\Windows Defender\Windows Defender Cleanup => C:\ProgramData\Microsoft\Windows Defender\Platform\4.18.24050.7-0\MpCmdRun.exe [1678960 2024-06-05] (Microsoft Windows Publisher -> Microsoft Corporation)
Task: {DD854B25-260C-44D8-917A-2D4B91981010} - System32\Tasks\Microsoft\Windows\Windows Defender\Windows Defender Scheduled Scan => C:\ProgramData\Microsoft\Windows Defender\Platform\4.18.24050.7-0\MpCmdRun.exe [1678960 2024-06-05] (Microsoft Windows Publisher -> Microsoft Corporation)
Task: {9534244F-29A0-4B5B-BBC9-F9BED6E568DE} - System32\Tasks\Microsoft\Windows\Windows Defender\Windows Defender Verification => C:\ProgramData\Microsoft\Windows Defender\Platform\4.18.24050.7-0\MpCmdRun.exe [1678960 2024-06-05] (Microsoft Windows Publisher -> Microsoft Corporation)
Task: {013529CE-49C4-4E90-90BB-39344D53A855} - System32\Tasks\NvDriverUpdateCheckDaily_{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8} => C:\Program Files\NVIDIA Corporation\NvContainer\nvcontainer.exe [1277480 2024-06-11] (NVIDIA Corporation -> NVIDIA Corporation) -> C:\Program Files\NVIDIA Corporation\NvContainer\-d "C:\Program Files\NVIDIA Corporation\NvDriverUpdateCheck" -l 3 -f C:\ProgramData\NVIDIA\NvContainerDriverUpdateCheck.log
Task: {4D42E492-278D-4172-B437-A5E9F2309CE0} - System32\Tasks\NVIDIA GeForce Experience SelfUpdate_{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8} => C:\Program Files\NVIDIA Corporation\NVIDIA GeForce Experience\NVIDIA GeForce Experience.exe [3347496 2024-06-11] (NVIDIA Corporation -> NVIDIA Corporation)
Task: {40D80B2E-7355-4C6F-A9B0-FDC1AD7979F2} - System32\Tasks\NvNodeLauncher_{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8} => C:\Program Files (x86)\NVIDIA Corporation\NvNode\nvnodejslauncher.exe [646696 2024-06-11] (NVIDIA Corporation -> NVIDIA Corporation) -> C:\Program Files (x86)\NVIDIA Corporation\NvNode\--launcher=TaskScheduler
Task: {967F8D7A-F8AB-4F7B-99D2-DB29C1714F1C} - System32\Tasks\NvProfileUpdaterDaily_{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8} => C:\Program Files\NVIDIA Corporation\Update Core\NvProfileUpdater64.exe [908328 2024-06-11] (NVIDIA Corporation -> NVIDIA Corporation)
Task: {1F35071E-526E-4635-AC51-C3F69F012F4E} - System32\Tasks\NvProfileUpdaterOnLogon_{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8} => C:\Program Files\NVIDIA Corporation\Update Core\NvProfileUpdater64.exe [908328 2024-06-11] (NVIDIA Corporation -> NVIDIA Corporation)
Task: {0E11980B-47C5-435B-A2CB-39D015A0C756} - System32\Tasks\NvTmRep_CrashReport1_{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8} => C:\Program Files\NVIDIA Corporation\NvBackend\NvTmRep.exe [1673768 2024-06-11] (NVIDIA Corporation -> NVIDIA Corporation)
Task: {7951DA52-2C18-4076-A1D6-7C8D986CE4EE} - System32\Tasks\NvTmRep_CrashReport2_{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8} => C:\Program Files\NVIDIA Corporation\NvBackend\NvTmRep.exe [1673768 2024-06-11] (NVIDIA Corporation -> NVIDIA Corporation)
Task: {8FEC9E67-35A6-4731-96E0-467980608BCD} - System32\Tasks\NvTmRep_CrashReport3_{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8} => C:\Program Files\NVIDIA Corporation\NvBackend\NvTmRep.exe [1673768 2024-06-11] (NVIDIA Corporation -> NVIDIA Corporation)
Task: {67060935-51A9-4783-ACAC-D972464FA5BE} - System32\Tasks\NvTmRep_CrashReport4_{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8} => C:\Program Files\NVIDIA Corporation\NvBackend\NvTmRep.exe [1673768 2024-06-11] (NVIDIA Corporation -> NVIDIA Corporation)
Task: {12CED94B-BE7B-4274-A5DD-028266067B8F} - System32\Tasks\OmApSvcBroker => C:\Program Files (x86)\MSI\MSI NBFoundation Service\OmApSvcBroker.exe [961584 2024-07-04] (Micro-Star International CO., LTD. -> Micro-Star International Co., Ltd.)
Task: {77027A65-980C-41CE-A790-CCF5E305A3C3} - System32\Tasks\OneDC_Updater => C:\Users\sern\OneDrive\Dokumenty\temp\OneDC_Updater\OneDC_Updater.exe [657552 2023-11-30] (Micro-Star International CO., LTD. -> Micro-Star International Co., Ltd.)
Task: {4101935C-F0C0-4230-A195-A9B39E28EB5A} - System32\Tasks\OneDrive Per-Machine Standalone Update Task => C:\Program Files\Microsoft OneDrive\OneDriveStandaloneUpdater.exe [4209168 2024-06-30] (Microsoft Corporation -> Microsoft Corporation)
Task: {DAAF67D8-5020-4F8F-88E0-02E1ED99E884} - System32\Tasks\OneDrive Reporting Task-S-1-5-21-2758214187-3853810005-2688088550-1001 => C:\Program Files\Microsoft OneDrive\OneDriveStandaloneUpdater.exe [4209168 2024-06-30] (Microsoft Corporation -> Microsoft Corporation)
Task: {1FA099D4-56A8-4B83-9948-D3CCECAC3F12} - System32\Tasks\PowerDirectorStyleAgent => C:\Program Files (x86)\CyberLink\Shared files\PDStyleAgent\PDStyleAgent.exe [97544 2024-03-14] (CyberLink Corp. -> CyberLink Corp.)
(If an entry is included in the fixlist, the task (.job) file will be moved. The file which is running by the task will not be moved.)
Task: C:\Windows\Tasks\CCleanerCrashReporting.job => C:\Program Files\CCleaner\CCleanerBugReport.exe
==================== Internet (Whitelisted) ====================
(If an item is included in the fixlist, if it is a registry item it will be removed or restored to default.)
Hosts: There are more than one entry in Hosts. See Hosts section of Addition.txt
Tcpip\Parameters: [DhcpNameServer] 192.168.0.1
Tcpip\..\Interfaces\{21133100-e4b4-4af2-b642-52f3abb08058}: [DhcpNameServer] 192.168.0.1
Tcpip\..\Interfaces\{21133100-e4b4-4af2-b642-52f3abb08058}: [DhcpDomain] home
Tcpip\..\Interfaces\{21133100-e4b4-4af2-b642-52f3abb08058}\255646D69602130334: [DhcpNameServer] 192.168.147.235
Tcpip\..\Interfaces\{21133100-e4b4-4af2-b642-52f3abb08058}\344475966496: [DhcpNameServer] 10.0.0.1
Tcpip\..\Interfaces\{21133100-e4b4-4af2-b642-52f3abb08058}\7416C61687970207163737A31323334313233343: [DhcpNameServer] 192.168.25.119
Tcpip\..\Interfaces\{21133100-e4b4-4af2-b642-52f3abb08058}\84F44554C41464F45544: [DhcpNameServer] 192.168.100.1
Tcpip\..\Interfaces\{444c531c-8e58-4e4f-8fe9-6ae83fad38d8}: [DhcpNameServer] 192.168.0.1
Tcpip\..\Interfaces\{444c531c-8e58-4e4f-8fe9-6ae83fad38d8}: [DhcpDomain] home
Edge:
=======
Edge Profile: C:\Users\sern\AppData\Local\Microsoft\Edge\User Data\Default [2024-07-08]
Edge Extension: (Dokumenty Google offline) - C:\Users\sern\AppData\Local\Microsoft\Edge\User Data\Default\Extensions\ghbmnnjooekpmoecnnnilnnbdlolhkhi [2024-03-26]
Edge Extension: (Edge relevant text changes) - C:\Users\sern\AppData\Local\Microsoft\Edge\User Data\Default\Extensions\jmjflgjpcpepeafmmgdpfkogkghcpiha [2024-01-24]
FireFox:
========
FF Plugin: @microsoft.com/SharePoint,version=14.0 -> C:\Program Files\Microsoft Office\root\Office16\NPSPWRAP.DLL [2024-04-05] (Microsoft Corporation -> Microsoft Corporation)
FF Plugin: @videolan.org/vlc,version=3.0.16 -> C:\Program Files\VideoLAN\VLC\npvlc.dll [2023-10-30] (VideoLAN -> VideoLAN)
FF Plugin: @videolan.org/vlc,version=3.0.20 -> C:\Program Files\VideoLAN\VLC\npvlc.dll [2023-10-30] (VideoLAN -> VideoLAN)
FF Plugin-x32: @microsoft.com/Lync,version=15.0 -> C:\Program Files\Microsoft Office\root\VFS\ProgramFilesX86\Mozilla Firefox\plugins\npmeetingjoinpluginoc.dll [2024-04-05] (Microsoft Corporation -> Microsoft Corporation)
FF Plugin-x32: @microsoft.com/SharePoint,version=14.0 -> C:\Program Files\Microsoft Office\root\VFS\ProgramFilesX86\Microsoft Office\Office16\NPSPWRAP.DLL [2024-04-05] (Microsoft Corporation -> Microsoft Corporation)
Chrome:
=======
CHR DefaultProfile: Default
CHR Profile: C:\Users\sern\AppData\Local\Google\Chrome\User Data\Default [2024-07-08]
CHR DownloadDir: D:\Stažené soubory
CHR Extension: (Story Space. Anonymous viewer for IG and FB) - C:\Users\sern\AppData\Local\Google\Chrome\User Data\Default\Extensions\cicohiknlppcipjbfpoghjbncojncjgb [2024-05-24]
CHR Extension: (Dokumenty Google offline) - C:\Users\sern\AppData\Local\Google\Chrome\User Data\Default\Extensions\ghbmnnjooekpmoecnnnilnnbdlolhkhi [2024-06-20]
CHR Extension: (AdBlock - nejlepší blokátor reklam) - C:\Users\sern\AppData\Local\Google\Chrome\User Data\Default\Extensions\gighmmpiobklfepjocnamgkkbiglidom [2024-06-27]
CHR Extension: (Spouštěč aplikací pro Disk (od Googlu)) - C:\Users\sern\AppData\Local\Google\Chrome\User Data\Default\Extensions\lmjegmlicamnimmfhcmpkclmigmmcbeh [2024-02-02]
CHR Extension: (Platby Internetového obchodu Chrome) - C:\Users\sern\AppData\Local\Google\Chrome\User Data\Default\Extensions\nmmhkkegccagdldgiimedpiccmgmieda [2023-11-20]
CHR Profile: C:\Users\sern\AppData\Local\Google\Chrome\User Data\Profile 1 [2024-07-05]
CHR Extension: (Překladač Google) - C:\Users\sern\AppData\Local\Google\Chrome\User Data\Profile 1\Extensions\aapbdbdomjkkjkaonfhkkikfgjllcleb [2024-07-04]
CHR Extension: (Adobe Acrobat: PDF edit, convert, sign tools) - C:\Users\sern\AppData\Local\Google\Chrome\User Data\Profile 1\Extensions\efaidnbmnnnibpcajpcglclefindmkaj [2024-07-05]
CHR Extension: (NordVPN - VPN proxy for privacy and security) - C:\Users\sern\AppData\Local\Google\Chrome\User Data\Profile 1\Extensions\fjoaledfpmneenckfbpdfhkmimnjocfa [2024-07-04]
CHR Extension: (Dokumenty Google offline) - C:\Users\sern\AppData\Local\Google\Chrome\User Data\Profile 1\Extensions\ghbmnnjooekpmoecnnnilnnbdlolhkhi [2024-04-17]
CHR Extension: (AdBlock - nejlepší blokátor reklam) - C:\Users\sern\AppData\Local\Google\Chrome\User Data\Profile 1\Extensions\gighmmpiobklfepjocnamgkkbiglidom [2024-07-04]
CHR Extension: (Spouštěč aplikací pro Disk (od Googlu)) - C:\Users\sern\AppData\Local\Google\Chrome\User Data\Profile 1\Extensions\lmjegmlicamnimmfhcmpkclmigmmcbeh [2024-02-02]
CHR Extension: (Platby Internetového obchodu Chrome) - C:\Users\sern\AppData\Local\Google\Chrome\User Data\Profile 1\Extensions\nmmhkkegccagdldgiimedpiccmgmieda [2023-11-25]
CHR Profile: C:\Users\sern\AppData\Local\Google\Chrome\User Data\System Profile [2024-07-08]
CHR HKU\S-1-5-21-2758214187-3853810005-2688088550-1001\SOFTWARE\Google\Chrome\Extensions\...\Chrome\Extension: [efaidnbmnnnibpcajpcglclefindmkaj]
CHR HKU\S-1-5-21-2758214187-3853810005-2688088550-1001\SOFTWARE\Google\Chrome\Extensions\...\Chrome\Extension: [lmjegmlicamnimmfhcmpkclmigmmcbeh]
==================== Services (Whitelisted) ===================
(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)
R2 Autodesk Access Service Host; C:\Program Files\Autodesk\AdODIS\V1\Setup\AdskAccessServiceHost.exe [13272864 2024-04-15] (Autodesk, Inc. -> Autodesk, Inc.)
S3 CCleanerPerformanceOptimizerService; C:\Program Files\CCleaner\CCleanerPerformanceOptimizerService.exe [1085856 2024-06-26] (PIRIFORM SOFTWARE LIMITED -> Piriform Software Ltd)
R2 ClickToRunSvc; C:\Program Files\Common Files\Microsoft Shared\ClickToRun\OfficeClickToRun.exe [14023752 2024-06-21] (Microsoft Corporation -> Microsoft Corporation)
S3 FileSyncHelper; C:\Program Files\Microsoft OneDrive\24.116.0609.0005\FileSyncHelper.exe [3518992 2024-06-30] (Microsoft Corporation -> Microsoft Corporation)
S2 Intel(R) Platform License Manager Service; C:\Windows\System32\DriverStore\FileRepository\iclsclient.inf_amd64_fc84dfa25a6a7727\lib\PlatformLicenseManagerService.exe [741488 2023-12-14] (Intel Corporation -> Intel(R) Corporation)
R2 IntelAudioService; C:\Windows\System32\DriverStore\FileRepository\intcoed.inf_amd64_6f0a892deb241071\AS\IAS\IntelAudioService.exe [530424 2023-08-31] (Intel Corporation -> Intel)
R2 ipfsvc; C:\Windows\System32\DriverStore\FileRepository\ipf_cpu.inf_amd64_b25cc008923a9297\ipf_uf.exe [3002464 2023-10-25] (Intel Corporation -> Intel Corporation)
R2 MDCoreSvc; C:\ProgramData\Microsoft\Windows Defender\Platform\4.18.24050.7-0\MpDefenderCoreService.exe [1505416 2024-06-05] (Microsoft Windows Publisher -> Microsoft Corporation)
R2 Micro Star SCM; C:\Windows\SysWOW64\MSIService.exe [171248 2023-05-11] (Micro-Star International CO., LTD. -> Micro-Star International Co., Ltd.)
R2 MSI Foundation Service; C:\Program Files (x86)\MSI\MSI NBFoundation Service\MSIAPService.exe [100496 2023-11-03] (Micro-Star International CO., LTD. -> Micro-Star International Co., Ltd.)
R2 MSI Sendevsvc; C:\Program Files (x86)\MSI\MSI NBFoundation Service\Sendevsvc.exe [311536 2023-05-11] (Micro-Star International CO., LTD. -> )
R2 MSI_Center_Service; C:\Program Files (x86)\MSI\MSI Center\MSI_Central_Service.exe [149608 2024-01-05] (MICRO-STAR INTERNATIONAL CO., LTD. -> Micro-Star Int'l Co., Ltd.)
R2 MSI_VoiceControl_Service; C:\Program Files (x86)\MSI\MSI Center\Voice Control\VoiceControl_Service.exe [36880 2023-04-27] (MICRO-STAR INTERNATIONAL CO., LTD. -> Micro-Star INT'L CO., LTD.)
R2 NahimicService; C:\Windows\system32\NahimicService.exe [1909512 2023-11-15] (A-Volute SAS -> Nahimic)
R2 NVDisplay.ContainerLocalSystem; C:\Windows\System32\DriverStore\FileRepository\nvmiig.inf_amd64_7bbded0afca8813b\Display.NvContainer\NVDisplay.Container.exe [1274888 2023-11-10] (NVIDIA Corporation -> NVIDIA Corporation)
S3 OneDrive Updater Service; C:\Program Files\Microsoft OneDrive\24.116.0609.0005\OneDriveUpdaterService.exe [3858464 2024-06-30] (Microsoft Corporation -> Microsoft Corporation)
S3 ProtonVPN Service; C:\Program Files\Proton\VPN\v3.2.10\ProtonVPNService.exe [474824 2024-02-01] (Proton AG -> ProtonVPN)
S3 ProtonVPN WireGuard; C:\Program Files\Proton\VPN\v3.2.10\ProtonVPN.WireGuardService.exe [474312 2024-02-01] (Proton AG -> ProtonVPN)
R2 RichVideo64; C:\Program Files\CyberLink\Shared files\RichVideo64.exe [625928 2024-03-14] (CyberLink Corp. -> CyberLink)
S3 Sense; C:\Program Files\Windows Defender Advanced Threat Protection\MsSense.exe [522184 2024-05-15] (Microsoft Windows Publisher -> Microsoft Corporation)
R3 WdNisSvc; C:\ProgramData\Microsoft\Windows Defender\Platform\4.18.24050.7-0\NisSrv.exe [3236728 2024-06-05] (Microsoft Windows Publisher -> Microsoft Corporation)
R2 WinDefend; C:\ProgramData\Microsoft\Windows Defender\Platform\4.18.24050.7-0\MsMpEng.exe [133704 2024-06-05] (Microsoft Windows Publisher -> Microsoft Corporation)
===================== Drivers (Whitelisted) ===================
(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)
R1 googledrivefs31357; C:\Windows\System32\DriverStore\FileRepository\googledrivefs31357.inf_amd64_a8bf31a168cf7d00\googledrivefs31357.sys [384712 2024-02-02] (Microsoft Windows Hardware Compatibility Publisher -> Google, Inc.)
R3 iaLPSS2_GPIO2_ADL; C:\Windows\System32\DriverStore\FileRepository\ialpss2_gpio2_adl.inf_amd64_302e75596cffa74a\iaLPSS2_GPIO2_ADL.sys [150616 2022-10-18] (Intel Corporation -> Intel Corporation)
R3 iaLPSS2_I2C_ADL; C:\Windows\System32\DriverStore\FileRepository\ialpss2_i2c_adl.inf_amd64_e736c048ca307ed2\iaLPSS2_I2C_ADL.sys [220224 2022-10-18] (Intel Corporation -> Intel Corporation)
R0 iaStorVD; C:\Windows\System32\drivers\iaStorVD.sys [1605296 2023-11-19] (Intel Corporation -> Intel Corporation)
S3 IntcUSB; C:\Windows\System32\DriverStore\FileRepository\intcusb.inf_amd64_c2a06a639869c7cd\IntcUSB.sys [923128 2023-08-31] (Intel Corporation -> Intel(R) Corporation)
R3 IntelGNA; C:\Windows\System32\DriverStore\FileRepository\gna.inf_amd64_6f93b7542fd3ead9\gna.sys [88656 2023-09-26] (Intel Corporation -> Intel Corporation)
R3 ipf_acpi; C:\Windows\System32\DriverStore\FileRepository\ipf_acpi.inf_amd64_0bbfb278918dfdd5\ipf_acpi.sys [88160 2023-10-25] (Intel Corporation -> Intel Corporation)
R3 ipf_cpu; C:\Windows\System32\DriverStore\FileRepository\ipf_cpu.inf_amd64_b25cc008923a9297\ipf_cpu.sys [85600 2023-10-25] (Intel Corporation -> Intel Corporation)
R3 ipf_lf; C:\Windows\System32\DriverStore\FileRepository\ipf_cpu.inf_amd64_b25cc008923a9297\ipf_lf.sys [484448 2023-10-25] (Intel Corporation -> Intel Corporation)
R3 MpKsl31c17885; C:\ProgramData\Microsoft\Windows Defender\Definition Updates\{BA3B5A2A-43FA-4C5C-94EB-7719E57B0A73}\MpKslDrv.sys [271648 2024-07-08] (Microsoft Windows -> Microsoft Corporation)
R3 NahimicBTLink; C:\Windows\System32\drivers\NahimicBTLink.sys [86200 2022-08-19] (A-Volute SAS -> Windows (R) Win 7 DDK provider)
R3 Nahimic_Mirroring; C:\Windows\System32\drivers\Nahimic_Mirroring.sys [86224 2022-08-19] (A-Volute SAS -> Windows (R) Win 7 DDK provider)
R3 NvModuleTracker; C:\Windows\System32\DriverStore\FileRepository\nvmoduletracker.inf_amd64_ea6cec41fc5b2a8b\NvModuleTracker.sys [47240 2024-04-03] (NVIDIA Corporation -> NVIDIA Corporation)
R3 nvpcf; C:\Windows\System32\drivers\nvpcf.sys [239256 2023-11-10] (NVIDIA Corporation -> NVIDIA Corporation)
S3 ProtonVPNCallout; C:\Program Files\Proton\VPN\v3.2.10\Resources\ProtonVPN.CalloutDriver.sys [34176 2023-11-20] (Microsoft Windows Hardware Compatibility Publisher -> Proton Technologies AG)
R3 rt68cx21; C:\Windows\System32\DriverStore\FileRepository\rt68cx21x64.inf_amd64_8db01a9992cf3fbb\rt68cx21x64.sys [713152 2022-12-05] (Realtek Semiconductor Corp. -> Realtek)
S3 rtcx21; C:\Windows\System32\DriverStore\FileRepository\rtcx21x64.inf_amd64_516e5c9b75c49dc2\rtcx21x64.sys [539648 2022-05-06] (Microsoft Windows -> Realtek)
S0 WdBoot; C:\Windows\System32\drivers\wd\WdBoot.sys [22080 2024-06-05] (Microsoft Windows Early Launch Anti-malware Publisher -> Microsoft Corporation)
R0 WdFilter; C:\Windows\System32\drivers\wd\WdFilter.sys [602520 2024-06-05] (Microsoft Windows -> Microsoft Corporation)
R3 WdNisDrv; C:\Windows\System32\drivers\wd\WdNisDrv.sys [105880 2024-06-05] (Microsoft Windows -> Microsoft Corporation)
S3 WireGuard; C:\Windows\System32\drivers\wireguard.sys [489368 2024-02-29] (Microsoft Windows Hardware Compatibility Publisher -> WireGuard LLC)
S3 WINIO; \??\C:\Program Files (x86)\MSI\MSI NBFoundation Service\KernCoreLib64.sys [X]
==================== NetSvcs (Whitelisted) ===================
(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)
==================== One month (created) (Whitelisted) =========
(If an entry is included in the fixlist, the file/folder will be moved.)
2024-07-08 20:50 - 2024-07-08 20:50 - 000000000 ____D C:\FRST
2024-07-07 21:40 - 2024-07-07 21:40 - 000728484 _____ C:\Windows\system32\perfh005.dat
2024-07-07 21:40 - 2024-07-07 21:40 - 000151700 _____ C:\Windows\system32\perfc005.dat
2024-07-07 20:37 - 2024-03-26 21:11 - 000059928 _____ (NVIDIA Corporation) C:\Windows\system32\Drivers\nvvad64v.sys
2024-07-07 20:37 - 2024-03-26 19:21 - 000060240 _____ (NVIDIA Corporation) C:\Windows\system32\Drivers\nvvhci.sys
2024-06-30 19:44 - 2024-07-08 15:55 - 000000000 ____D C:\ProgramData\OmApSvcBroker
2024-06-30 19:44 - 2024-06-30 19:44 - 000003658 _____ C:\Windows\system32\Tasks\OneDC_Updater
2024-06-30 19:44 - 2024-06-30 19:44 - 000002974 _____ C:\Windows\system32\Tasks\OmApSvcBroker
2024-06-30 19:44 - 2024-06-30 19:44 - 000000000 ____D C:\Users\sern\OneDrive\Dokumenty\temp
2024-06-12 17:38 - 2024-06-12 17:38 - 000024821 _____ C:\Windows\SysWOW64\IntegratedServicesRegionPolicySet.json
2024-06-12 17:37 - 2024-06-12 17:37 - 000024821 _____ C:\Windows\system32\IntegratedServicesRegionPolicySet.json
2024-06-12 17:29 - 2024-06-12 17:35 - 000000000 ___HD C:\$WinREAgent
==================== One month (modified) ==================
(If an entry is included in the fixlist, the file/folder will be moved.)
2024-07-08 20:46 - 2023-12-31 17:39 - 000000000 ____D C:\Users\sern\AppData\Roaming\BitTorrent Web
2024-07-08 20:12 - 2023-11-21 08:40 - 000000000 ____D C:\ProgramData\Common
2024-07-08 19:58 - 2023-11-20 22:45 - 000000000 ___SD C:\Users\sern\AppData\Roaming\Microsoft\Credentials
2024-07-08 19:35 - 2022-05-07 07:24 - 000000000 ____D C:\Windows\SystemTemp
2024-07-08 19:28 - 2023-11-20 22:39 - 000000000 ____D C:\Windows\system32\SleepStudy
2024-07-08 18:38 - 2022-05-07 07:24 - 000000000 ____D C:\ProgramData\regid.1991-06.com.microsoft
2024-07-08 17:30 - 2023-12-31 17:39 - 000000000 ____D C:\Users\sern\AppData\Local\BitTorrentHelper
2024-07-08 17:05 - 2023-11-20 22:52 - 000000000 ____D C:\Users\sern\AppData\Local\D3DSCache
2024-07-08 16:15 - 2022-05-07 07:24 - 000000000 ____D C:\Windows\AppReadiness
2024-07-08 16:00 - 2023-11-20 22:51 - 000000000 ____D C:\ProgramData\NVIDIA
2024-07-08 15:55 - 2024-02-09 19:36 - 000000000 ____D C:\ProgramData\boost_interprocess
2024-07-08 15:55 - 2024-02-02 13:40 - 000002166 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Google Drive.lnk
2024-07-08 15:55 - 2024-02-02 13:40 - 000002054 _____ C:\Users\sern\OneDrive\Desktop\Google Drive.lnk
2024-07-08 15:55 - 2023-11-21 18:08 - 000000000 ____D C:\Program Files\CCleaner
2024-07-08 15:55 - 2023-11-21 09:13 - 000000000 ____D C:\Users\sern\AppData\Roaming\Microsoft\Teams
2024-07-08 15:55 - 2023-11-20 22:50 - 000000000 ___RD C:\Users\sern\OneDrive
2024-07-07 21:40 - 2023-11-20 22:47 - 001718036 _____ C:\Windows\system32\PerfStringBackup.INI
2024-07-07 21:40 - 2022-05-07 07:22 - 000000000 ____D C:\Windows\INF
2024-07-07 21:35 - 2023-11-22 21:07 - 000000000 ____D C:\Users\sern\AppData\Local\CrashDumps
2024-07-07 21:32 - 2023-11-20 22:41 - 000001623 _____ C:\Windows\system32\config\VSMIDK
2024-07-07 21:32 - 2023-11-20 22:39 - 000012288 ___SH C:\DumpStack.log.tmp
2024-07-07 21:32 - 2023-11-20 22:39 - 000000006 ____H C:\Windows\Tasks\SA.DAT
2024-07-07 21:32 - 2022-05-07 07:24 - 000000000 ____D C:\Windows\ServiceState
2024-07-07 21:32 - 2022-05-07 07:17 - 000786432 _____ C:\Windows\system32\config\BBI
2024-07-07 20:38 - 2023-11-20 22:51 - 000000000 ____D C:\ProgramData\NVIDIA Corporation
2024-07-07 20:37 - 2023-11-22 19:20 - 000003976 _____ C:\Windows\system32\Tasks\NVIDIA GeForce Experience SelfUpdate_{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}
2024-07-07 20:37 - 2023-11-22 19:20 - 000003940 _____ C:\Windows\system32\Tasks\NvNodeLauncher_{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}
2024-07-07 20:37 - 2023-11-22 19:19 - 000004308 _____ C:\Windows\system32\Tasks\NvDriverUpdateCheckDaily_{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}
2024-07-07 20:37 - 2023-11-22 19:19 - 000003894 _____ C:\Windows\system32\Tasks\NvProfileUpdaterDaily_{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}
2024-07-07 20:37 - 2023-11-22 19:19 - 000003858 _____ C:\Windows\system32\Tasks\NvTmRep_CrashReport4_{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}
2024-07-07 20:37 - 2023-11-22 19:19 - 000003858 _____ C:\Windows\system32\Tasks\NvTmRep_CrashReport3_{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}
2024-07-07 20:37 - 2023-11-22 19:19 - 000003858 _____ C:\Windows\system32\Tasks\NvTmRep_CrashReport2_{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}
2024-07-07 20:37 - 2023-11-22 19:19 - 000003858 _____ C:\Windows\system32\Tasks\NvTmRep_CrashReport1_{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}
2024-07-07 20:37 - 2023-11-22 19:19 - 000003654 _____ C:\Windows\system32\Tasks\NvProfileUpdaterOnLogon_{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}
2024-07-07 20:37 - 2023-11-22 19:19 - 000000000 ____D C:\Program Files (x86)\NVIDIA Corporation
2024-07-07 20:37 - 2023-11-20 22:51 - 000000000 ____D C:\Program Files\NVIDIA Corporation
2024-07-07 16:49 - 2022-05-07 07:24 - 000000000 ___HD C:\Program Files\WindowsApps
2024-07-07 16:20 - 2023-11-22 18:17 - 000000000 ____D C:\Program Files\Microsoft OneDrive
2024-07-07 16:20 - 2023-11-21 18:08 - 000000666 _____ C:\Windows\Tasks\CCleanerCrashReporting.job
2024-07-04 16:36 - 2023-11-20 22:40 - 000002436 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Microsoft Edge.lnk
2024-07-03 17:04 - 2023-12-20 11:17 - 000000000 ____D C:\Users\sern\AppData\Roaming\Microsoft\Excel
2024-07-03 09:01 - 2023-12-20 10:57 - 000000000 ____D C:\Users\sern\AppData\Roaming\Microsoft\Word
2024-07-01 15:43 - 2023-11-21 18:08 - 000003936 _____ C:\Windows\system32\Tasks\CCleaner Update
2024-07-01 15:43 - 2023-11-21 18:08 - 000003382 _____ C:\Windows\system32\Tasks\CCleanerCrashReporting
2024-06-30 21:29 - 2023-11-21 09:03 - 000003194 _____ C:\Windows\system32\Tasks\OneDrive Per-Machine Standalone Update Task
2024-06-30 21:29 - 2023-11-21 09:03 - 000002130 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Programs\OneDrive.lnk
2024-06-30 21:29 - 2023-11-20 22:50 - 000003596 _____ C:\Windows\system32\Tasks\OneDrive Reporting Task-S-1-5-21-2758214187-3853810005-2688088550-1001
2024-06-30 19:44 - 2023-11-20 22:48 - 000000000 ____D C:\Program Files (x86)\MSI
2024-06-30 19:29 - 2023-11-21 08:31 - 000000000 ____D C:\Program Files\Microsoft Office
2024-06-27 17:20 - 2023-11-20 22:48 - 000000000 ____D C:\Users\sern\AppData\Local\Packages
2024-06-27 12:41 - 2023-11-20 23:55 - 000002247 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Google Chrome.lnk
2024-06-20 19:55 - 2023-11-20 23:59 - 000000000 ____D C:\ProgramData\Package Cache
2024-06-14 04:37 - 2022-05-07 07:24 - 000000000 ____D C:\ProgramData\USOPrivate
2024-06-14 04:15 - 2023-11-20 22:39 - 000594000 _____ C:\Windows\system32\FNTCACHE.DAT
2024-06-14 04:15 - 2023-11-09 18:12 - 000000000 ____D C:\Windows\system32\Microsoft-Edge-WebView
2024-06-14 04:15 - 2022-05-07 12:14 - 000000000 ____D C:\Windows\InboxApps
2024-06-14 04:15 - 2022-05-07 07:24 - 000000000 ___SD C:\Windows\system32\UNP
2024-06-14 04:15 - 2022-05-07 07:24 - 000000000 ___RD C:\Windows\PrintDialog
2024-06-14 04:15 - 2022-05-07 07:24 - 000000000 ___RD C:\Windows\ImmersiveControlPanel
2024-06-14 04:15 - 2022-05-07 07:24 - 000000000 ____D C:\Windows\UUS
2024-06-14 04:15 - 2022-05-07 07:24 - 000000000 ____D C:\Windows\SysWOW64\WinMetadata
2024-06-14 04:15 - 2022-05-07 07:24 - 000000000 ____D C:\Windows\SysWOW64\setup
2024-06-14 04:15 - 2022-05-07 07:24 - 000000000 ____D C:\Windows\SysWOW64\Dism
2024-06-14 04:15 - 2022-05-07 07:24 - 000000000 ____D C:\Windows\SystemResources
2024-06-14 04:15 - 2022-05-07 07:24 - 000000000 ____D C:\Windows\system32\WinMetadata
2024-06-14 04:15 - 2022-05-07 07:24 - 000000000 ____D C:\Windows\system32\WinBioPlugIns
2024-06-14 04:15 - 2022-05-07 07:24 - 000000000 ____D C:\Windows\system32\ShellExperiences
2024-06-14 04:15 - 2022-05-07 07:24 - 000000000 ____D C:\Windows\system32\Sgrm
2024-06-14 04:15 - 2022-05-07 07:24 - 000000000 ____D C:\Windows\system32\setup
2024-06-14 04:15 - 2022-05-07 07:24 - 000000000 ____D C:\Windows\system32\PerceptionSimulation
2024-06-14 04:15 - 2022-05-07 07:24 - 000000000 ____D C:\Windows\system32\oobe
2024-06-14 04:15 - 2022-05-07 07:24 - 000000000 ____D C:\Windows\system32\migwiz
2024-06-14 04:15 - 2022-05-07 07:24 - 000000000 ____D C:\Windows\system32\Dism
2024-06-14 04:15 - 2022-05-07 07:24 - 000000000 ____D C:\Windows\system32\appraiser
2024-06-14 04:15 - 2022-05-07 07:24 - 000000000 ____D C:\Windows\ShellExperiences
2024-06-14 04:15 - 2022-05-07 07:24 - 000000000 ____D C:\Windows\ShellComponents
2024-06-14 04:15 - 2022-05-07 07:24 - 000000000 ____D C:\Windows\PolicyDefinitions
2024-06-14 04:15 - 2022-05-07 07:24 - 000000000 ____D C:\Windows\BrowserCore
2024-06-14 04:15 - 2022-05-07 07:24 - 000000000 ____D C:\Windows\bcastdvr
2024-06-14 04:15 - 2022-05-07 07:17 - 000000000 ____D C:\Windows\servicing
2024-06-12 17:40 - 2022-05-07 07:17 - 000000000 ____D C:\Windows\CbsTemp
2024-06-12 17:39 - 2022-05-07 12:14 - 000036864 _____ (Microsoft Corporation) C:\Windows\system32\OEMDefaultAssociations.dll
2024-06-12 17:39 - 2022-05-07 12:14 - 000024383 _____ C:\Windows\system32\OEMDefaultAssociations.xml
2024-06-12 17:38 - 2023-11-20 22:43 - 003216384 _____ (Microsoft Corporation) C:\Windows\SysWOW64\PrintConfig.dll
2024-06-12 17:27 - 2023-11-20 22:57 - 000000000 ____D C:\Windows\system32\MRT
2024-06-12 17:22 - 2023-11-20 22:57 - 199048176 ____C (Microsoft Corporation) C:\Windows\system32\MRT.exe
2024-06-11 22:53 - 2023-11-22 19:20 - 002900520 _____ (NVIDIA Corporation) C:\Windows\system32\nvspcap64.dll
2024-06-11 22:52 - 2023-11-22 19:20 - 002231336 _____ (NVIDIA Corporation) C:\Windows\SysWOW64\nvspcap.dll
2024-06-11 22:52 - 2023-11-22 19:20 - 001296936 _____ (NVIDIA Corporation) C:\Windows\system32\NvRtmpStreamer64.dll
2024-06-11 22:24 - 2023-11-22 19:20 - 000086568 _____ C:\Windows\system32\FvSDK_x64.dll
2024-06-11 22:24 - 2023-11-22 19:20 - 000075304 _____ C:\Windows\SysWOW64\FvSDK_x86.dll
2024-06-11 18:31 - 2023-11-22 19:19 - 000001951 _____ C:\Windows\NvContainerRecovery.bat
==================== SigCheck ============================
(There is no automatic fix for files that do not pass verification.)
==================== End of FRST.txt ========================
Odvirování PC, zrychlení počítače, vzdálená pomoc prostřednictvím služby neslape.cz
kontrola logu
Moderátor: Moderátoři
Pravidla fóra
Pokud chcete pomoc, vložte log z FRST [návod zde] nebo RSIT [návod zde]
Jednotlivé thready budou po vyřešení uzamčeny. Stejně tak ty, které budou nečinné déle než 14 dní. Vizte Pravidlo o zamykání témat. Děkujeme za pochopení.
!NOVINKA!
Nově lze využívat služby vzdálené pomoci, kdy se k vašemu počítači připojí odborník a bližší informace o problému si od vás získá telefonicky! Více na www.neslape.cz
Pokud chcete pomoc, vložte log z FRST [návod zde] nebo RSIT [návod zde]
Jednotlivé thready budou po vyřešení uzamčeny. Stejně tak ty, které budou nečinné déle než 14 dní. Vizte Pravidlo o zamykání témat. Děkujeme za pochopení.
!NOVINKA!
Nově lze využívat služby vzdálené pomoci, kdy se k vašemu počítači připojí odborník a bližší informace o problému si od vás získá telefonicky! Více na www.neslape.cz
Re: kontrola logu
Additional scan result of Farbar Recovery Scan Tool (x64) Version: 01.07.2024
Ran by sern (08-07-2024 20:51:53)
Running from D:\Stažené soubory
Microsoft Windows 11 Pro Version 23H2 22631.3737 (X64) (2023-11-20 20:41:27)
Boot Mode: Normal
==========================================================
==================== Accounts: =============================
(If an entry is included in the fixlist, it will be removed.)
Administrator (S-1-5-21-2758214187-3853810005-2688088550-500 - Administrator - Disabled)
DefaultAccount (S-1-5-21-2758214187-3853810005-2688088550-503 - Limited - Disabled)
Guest (S-1-5-21-2758214187-3853810005-2688088550-501 - Limited - Disabled)
sern (S-1-5-21-2758214187-3853810005-2688088550-1001 - Administrator - Enabled) => C:\Users\sern
WDAGUtilityAccount (S-1-5-21-2758214187-3853810005-2688088550-504 - Limited - Disabled)
==================== Security Center ========================
(If an entry is included in the fixlist, it will be removed.)
AV: Windows Defender (Enabled - Up to date) {D68DDC3A-831F-4fae-9E44-DA132C1ACF46}
==================== Installed Programs ======================
(Only the adware programs with "Hidden" flag could be added to the fixlist to unhide them. The adware programs should be uninstalled manually.)
AB Protect - AdvanceCAD 2024 x64 (HKLM\...\{E406239C-DDA8-443B-801F-D4188AD02A2E}) (Version: 24.01.0007 - AB Studio) Hidden
Autodesk Access (HKLM\...\{A3158B3E-5F28-358A-BF1A-9532D8EBC811}) (Version: 2.6.0.118 - Autodesk, Inc.)
Autodesk Identity Manager (HKLM\...\Autodesk Identity Manager) (Version: 1.11.9.11 - Autodesk)
BitTorrent Web (HKU\S-1-5-21-2758214187-3853810005-2688088550-1001\...\btweb) (Version: 1.4.0 - BitTorrent Limited)
CADKON+ 2024 Database - Cz (HKLM\...\{6D06E854-1A36-4736-A7EB-1C9E36D71F85}) (Version: 24.2.0055 - Graitec) Hidden
CADKON+ 2024 Language Pack - Cz (HKLM\...\{6C493A15-CE76-44DC-9513-05A5EA1B695F}) (Version: 24.2.0055 - Graitec) Hidden
CADKON+ 2024 Root Pack (HKLM\...\{08B49DBB-67E7-48FC-A326-CB1D4E0021D9}) (Version: 24.2.0055 - Graitec) Hidden
CADKON+ 2024.2 (HKLM-x32\...\{1121ee7d-5d8a-4c92-8891-b98a82636f2d}) (Version: 24.2.55 - Graitec)
CCleaner (HKLM\...\CCleaner) (Version: 6.25 - Piriform)
CyberLink PowerDirector 365 (HKLM-x32\...\{678184FC-3343-4125-8098-01B6032F8BB2}) (Version: 22.2.2712.0 - CyberLink Corp.)
GalaxyBudsManager (HKLM-x32\...\GalaxyBudsManager) (Version: 2.1.220907.51 - Samsung Electronics Co, Ltd.)
Google Drive (HKLM\...\{6BBAE539-2232-434A-A4E5-9A33560C6283}) (Version: 93.0.1.0 - Google LLC)
Google Chrome (HKLM-x32\...\Google Chrome) (Version: 126.0.6478.127 - Google LLC)
Graitec - Advance CAD 2024 (HKLM\...\{E2402D86-4CC6-415F-BA1C-2EE567CB7D1A}) (Version: 14.0.0.7344 - Graitec) Hidden
GrVfkImport (HKLM\...\{892AE826-080B-4C24-89DE-888FBF883DD1}) (Version: 24.01.0011 - AB Studio) Hidden
Intel(R) Chipset Device Software (HKLM\...\{22987D97-5A46-4BD9-B1A5-2FFE44201081}) (Version: 10.1.19199.8340 - Intel Corporation) Hidden
Intel(R) Chipset Device Software (HKLM-x32\...\{e6ecf35a-b1bb-4e59-9d90-4c98fde2ffa8}) (Version: 10.1.19199.8340 - Intel(R) Corporation)
Lenovo USB Audio (HKLM\...\VID_17EF&PID_3063&MI_00) (Version: 1.31.38.50 - Synaptics Incorporated)
LYNX Trading (HKU\S-1-5-21-2758214187-3853810005-2688088550-1001\...\5556-0007-2700-0000) (Version: latest (10.26.1j) 20240103 15:16:39 - LYNX)
Microsoft .NET Host - 6.0.11 (x64) (HKLM\...\{B92B890A-04F2-4880-BA20-20D4364FB263}) (Version: 48.47.50420 - Microsoft Corporation) Hidden
Microsoft .NET Host FX Resolver - 6.0.11 (x64) (HKLM\...\{5E63E49B-C88C-46C5-855C-A7B07C11CDC8}) (Version: 48.47.50420 - Microsoft Corporation) Hidden
Microsoft .NET Runtime - 6.0.11 (x64) (HKLM\...\{C3DD1448-513A-4DB8-978D-6991562EA63D}) (Version: 48.47.50420 - Microsoft Corporation) Hidden
Microsoft 365 Apps pro velké organizace - cs-cz (HKLM\...\O365ProPlusRetail - cs-cz) (Version: 16.0.17726.20126 - Microsoft Corporation)
Microsoft ASP.NET Core 6.0.8 - Shared Framework (x64) (HKLM-x32\...\{1182f806-658a-4241-9202-d43e13bf2719}) (Version: 6.0.8.22363 - Microsoft Corporation)
Microsoft ASP.NET Core 6.0.8 Shared Framework (x64) (HKLM\...\{FA97D589-B37E-3B49-A8D2-4764029773FE}) (Version: 6.0.8.22363 - Microsoft Corporation) Hidden
Microsoft Edge (HKLM-x32\...\Microsoft Edge) (Version: 126.0.2592.87 - Microsoft Corporation)
Microsoft Edge WebView2 Runtime (HKLM-x32\...\Microsoft EdgeWebView) (Version: 126.0.2592.87 - Microsoft Corporation)
Microsoft OneDrive (HKLM\...\OneDriveSetup.exe) (Version: 24.116.0609.0005 - Microsoft Corporation)
Microsoft Teams classic (HKU\S-1-5-21-2758214187-3853810005-2688088550-1001\...\Teams) (Version: 1.7.00.13456 - Microsoft Corporation)
Microsoft Teams Meeting Add-in for Microsoft Office (HKLM\...\{A7AB73A3-CB10-4AA5-9D38-6AEFFBDE4C91}) (Version: 1.24.14501 - Microsoft)
Microsoft Update Health Tools (HKLM\...\{C6FD611E-7EFE-488C-A0E0-974C09EF6473}) (Version: 5.72.0.0 - Microsoft Corporation)
Microsoft Visual C++ 2005 Redistributable (HKLM-x32\...\{7299052b-02a4-4627-81f2-1818da5d550d}) (Version: 8.0.56336 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x86 9.0.21022 (HKLM-x32\...\{FF66E9F6-83E7-3A3E-AF14-8DE9A809A6A4}) (Version: 9.0.21022 - Microsoft Corporation)
Microsoft Visual C++ 2010 x86 Redistributable - 10.0.40219 (HKLM-x32\...\{F0C3E5D1-1ADE-321E-8167-68EF0DE699A5}) (Version: 10.0.40219 - Microsoft Corporation)
Microsoft Visual C++ 2012 Redistributable (x64) - 11.0.61030 (HKLM-x32\...\{ca67548a-5ebe-413a-b50c-4b9ceb6d66c6}) (Version: 11.0.61030.0 - Microsoft Corporation)
Microsoft Visual C++ 2012 Redistributable (x86) - 11.0.61030 (HKLM-x32\...\{33d1fd90-4274-48a1-9bc1-97e33d9c2d6f}) (Version: 11.0.61030.0 - Microsoft Corporation)
Microsoft Visual C++ 2012 x64 Additional Runtime - 11.0.61030 (HKLM\...\{37B8F9C7-03FB-3253-8781-2517C99D7C00}) (Version: 11.0.61030 - Microsoft Corporation) Hidden
Microsoft Visual C++ 2012 x64 Minimum Runtime - 11.0.61030 (HKLM\...\{CF2BEA3C-26EA-32F8-AA9B-331F7E34BA97}) (Version: 11.0.61030 - Microsoft Corporation) Hidden
Microsoft Visual C++ 2012 x86 Additional Runtime - 11.0.61030 (HKLM-x32\...\{B175520C-86A2-35A7-8619-86DC379688B9}) (Version: 11.0.61030 - Microsoft Corporation) Hidden
Microsoft Visual C++ 2012 x86 Minimum Runtime - 11.0.61030 (HKLM-x32\...\{BD95A8CD-1D9F-35AD-981A-3E7925026EBB}) (Version: 11.0.61030 - Microsoft Corporation) Hidden
Microsoft Visual C++ 2013 Redistributable (x64) - 12.0.30501 (HKLM-x32\...\{050d4fc8-5d48-4b8f-8972-47c82c46020f}) (Version: 12.0.30501.0 - Microsoft Corporation)
Microsoft Visual C++ 2013 Redistributable (x86) - 12.0.30501 (HKLM-x32\...\{f65db027-aff3-4070-886a-0d87064aabb1}) (Version: 12.0.30501.0 - Microsoft Corporation)
Microsoft Visual C++ 2013 x64 Additional Runtime - 12.0.21005 (HKLM\...\{929FBD26-9020-399B-9A7A-751D61F0B942}) (Version: 12.0.21005 - Microsoft Corporation) Hidden
Microsoft Visual C++ 2013 x64 Minimum Runtime - 12.0.21005 (HKLM\...\{A749D8E6-B613-3BE3-8F5F-045C84EBA29B}) (Version: 12.0.21005 - Microsoft Corporation) Hidden
Microsoft Visual C++ 2013 x86 Additional Runtime - 12.0.21005 (HKLM-x32\...\{F8CFEB22-A2E7-3971-9EDA-4B11EDEFC185}) (Version: 12.0.21005 - Microsoft Corporation) Hidden
Microsoft Visual C++ 2013 x86 Minimum Runtime - 12.0.21005 (HKLM-x32\...\{13A4EE12-23EA-3371-91EE-EFB36DDFFF3E}) (Version: 12.0.21005 - Microsoft Corporation) Hidden
Microsoft Visual C++ 2015-2022 Redistributable (x64) - 14.40.33810 (HKLM-x32\...\{5af95fd8-a22e-458f-acee-c61bd787178e}) (Version: 14.40.33810.0 - Microsoft Corporation)
Microsoft Visual C++ 2015-2022 Redistributable (x86) - 14.40.33810 (HKLM-x32\...\{47109d57-d746-4f8b-9618-ed6a17cc922b}) (Version: 14.40.33810.0 - Microsoft Corporation)
Microsoft Visual C++ 2022 X64 Additional Runtime - 14.40.33810 (HKLM\...\{59CED48F-EBFE-480C-8A38-FC079C2BEC0F}) (Version: 14.40.33810 - Microsoft Corporation) Hidden
Microsoft Visual C++ 2022 X64 Minimum Runtime - 14.40.33810 (HKLM\...\{B8B3BB4A-A10D-4F51-91B7-A64FFAC31EA7}) (Version: 14.40.33810 - Microsoft Corporation) Hidden
Microsoft Visual C++ 2022 X86 Additional Runtime - 14.40.33810 (HKLM-x32\...\{5EA6C998-D5AC-4ED9-89C3-9F25B17CCD3D}) (Version: 14.40.33810 - Microsoft Corporation) Hidden
Microsoft Visual C++ 2022 X86 Minimum Runtime - 14.40.33810 (HKLM-x32\...\{0C3457A0-3DCE-4A33-BEF0-9B528C557771}) (Version: 14.40.33810 - Microsoft Corporation) Hidden
Microsoft Windows Desktop Runtime - 6.0.11 (x64) (HKLM\...\{A39D4115-3A27-4245-AE92-3214B8B21932}) (Version: 48.47.50419 - Microsoft Corporation) Hidden
Microsoft Windows Desktop Runtime - 6.0.11 (x64) (HKLM-x32\...\{c4846f79-a633-4ae4-92a3-92fdbeb33da2}) (Version: 6.0.11.31823 - Microsoft Corporation)
MSI Center SDK (HKLM-x32\...\{15289038-41BE-48F8-B8B9-0B1021D3089E}}_is1) (Version: 3.2024.0619.01 - MSI)
MSI NBFoundation Service (HKLM-x32\...\{640EFA76-B899-476B-B2DF-D0CCF11D6083}}_is1) (Version: 2.0.2406.0501 - MSI)
NVIDIA FrameView SDK 1.3.8513.32290073 (HKLM\...\{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_FrameViewSdk) (Version: 1.3.8513.32290073 - NVIDIA Corporation)
NVIDIA GeForce Experience 3.28.0.417 (HKLM\...\{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_Display.GFExperience) (Version: 3.28.0.417 - NVIDIA Corporation)
NVIDIA Ovladač HD audia 1.3.40.14 (HKLM\...\{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_HDAudio.Driver) (Version: 1.3.40.14 - NVIDIA Corporation)
NVIDIA Ovladače grafiky 546.17 (HKLM\...\{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_Display.Driver) (Version: 546.17 - NVIDIA Corporation)
NVIDIA Systémový software PhysX 9.21.0713 (HKLM\...\{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_Display.PhysX) (Version: 9.21.0713 - NVIDIA Corporation)
NVIDIA USBC Driver 1.50.831.832 (HKLM\...\{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_USBC) (Version: 1.50.831.832 - NVIDIA Corporation)
Office 16 Click-to-Run Extensibility Component (HKLM\...\{90160000-008C-0000-1000-0000000FF1CE}) (Version: 16.0.17628.20110 - Microsoft Corporation) Hidden
Office 16 Click-to-Run Licensing Component (HKLM\...\{90160000-007E-0000-1000-0000000FF1CE}) (Version: 16.0.17726.20108 - Microsoft Corporation) Hidden
Proton VPN (HKLM\...\Proton VPN_is1) (Version: 3.2.10 - Proton AG)
Steam (HKLM-x32\...\Steam) (Version: 2.10.91.91 - Valve Corporation)
Teams Machine-Wide Installer (HKLM-x32\...\{731F6BAA-A986-45A4-8936-7C3AAAAA760B}) (Version: 1.6.0.24078 - Microsoft Corporation)
ThinkPad Thunderbolt 3 Dock (HKLM-x32\...\ThinkPad Thunderbolt 3 Dock_is1) (Version: 1.001.9 - Lenovo Group Limited)
Thinkpad USB Ethernet Adapter Driver (HKLM-x32\...\{04201224-2B34-4EE7-862B-B7BBF89DB3AB}) (Version: 10.39.518.2020 - Lenovo)
Uložit do služby Autodesk Web and Mobile (HKLM\...\{AC9D2EAD-0DA0-4E0B-8672-546F5B1E6E73}) (Version: 3.0.31 - Autodesk)
VLC media player (HKLM\...\VLC media player) (Version: 3.0.20 - VideoLAN)
Packages:
=========
Adobe Acrobat Reader -> C:\Program Files\Adobe\Acrobat DC [2024-03-12] ()
AppUp.IntelGraphicsExperience -> C:\Program Files\WindowsApps\AppUp.IntelGraphicsExperience_1.100.5536.0_x64__8j3eq9eme6ctt [2024-06-14] (INTEL CORP) [Startup Task]
Fotografie -> C:\Program Files\WindowsApps\Microsoft.Windows.Photos_2024.11060.20006.0_x64__8wekyb3d8bbwe [2024-06-28] (Microsoft Corporation) [Startup Task]
Microsoft Teams -> C:\Program Files\WindowsApps\MSTeams_24152.415.2975.367_x64__8wekyb3d8bbwe [2024-07-07] (Microsoft) [Startup Task]
Microsoft.BingSearch -> C:\Program Files\WindowsApps\Microsoft.BingSearch_1.0.91.0_x64__8wekyb3d8bbwe [2024-04-10] (Microsoft Corporation)
MicrosoftWindows.CrossDevice -> C:\Program Files\WindowsApps\MicrosoftWindows.CrossDevice_1.24052.57.0_x64__cw5n1h2txyewy [2024-06-18] (Microsoft Windows) [Startup Task]
MSI Center -> C:\Program Files\WindowsApps\9426MICRO-STARINTERNATION.MSICenter_2.0.38.0_x64__kzh8wxbdkxb8p [2024-06-30] (MICRO-STAR INTERNATIONAL CO., LTD) [Startup Task]
MSI Common -> C:\Program Files\WindowsApps\9426MICRO-STARINTERNATION.MSICommon_1.1.5.0_x64__kzh8wxbdkxb8p [2024-03-28] (MICRO-STAR INTERNATIONAL CO., LTD)
Netflix -> C:\Program Files\WindowsApps\4DF9E0F8.Netflix_6.99.5.0_x64__mcm4njqhnhss8 [2024-06-20] (Netflix, Inc.)
NVIDIA Control Panel -> C:\Program Files\WindowsApps\NVIDIACorp.NVIDIAControlPanel_8.1.966.0_x64__56jybvy8sckqj [2024-04-23] (NVIDIA Corp.)
Realtek Audio Control -> C:\Program Files\WindowsApps\RealtekSemiconductorCorp.RealtekAudioControl_1.51.327.0_x64__dt26b99r8h8gj [2024-05-16] (Realtek Semiconductor Corp)
WinAppRuntime.Main.1.5 -> C:\Program Files\WindowsApps\MicrosoftCorporationII.WinAppRuntime.Main.1.5_5001.159.55.0_x64__8wekyb3d8bbwe [2024-06-12] (Microsoft Corp.)
WinAppRuntime.Singleton -> C:\Program Files\WindowsApps\MicrosoftCorporationII.WinAppRuntime.Singleton_5001.159.55.0_x64__8wekyb3d8bbwe [2024-06-12] (Microsoft Corp.)
Windows Feature Experience Pack -> C:\Windows\SystemApps\MicrosoftWindows.Client.LKG_cw5n1h2txyewy [2024-06-14] (Microsoft Windows)
==================== Custom CLSID (Whitelisted): ==============
(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)
CustomCLSID: HKU\S-1-5-21-2758214187-3853810005-2688088550-1001_Classes\CLSID\{000D0E00-0000-0000-C000-000000000046}\localserver32 -> D:\CADKON\2024\ICAD.EXE (GRAITEC INNOVATION SAS -> Graitec)
CustomCLSID: HKU\S-1-5-21-2758214187-3853810005-2688088550-1001_Classes\CLSID\{19A6E644-14E6-4A60-B8D7-DD20610A871D}\InprocServer32 -> C:\Users\sern\AppData\Local\Microsoft\TeamsMeetingAdd-in\1.24.14501\x64\Microsoft.Teams.AddinLoader.dll (Microsoft Corporation -> Microsoft Corporation)
CustomCLSID: HKU\S-1-5-21-2758214187-3853810005-2688088550-1001_Classes\CLSID\{314AC707-0C11-4B4C-8CB1-564B3EE6BE5F}\localserver32 -> D:\CADKON\2024\ICAD.EXE (GRAITEC INNOVATION SAS -> Graitec)
CustomCLSID: HKU\S-1-5-21-2758214187-3853810005-2688088550-1001_Classes\CLSID\{345D3165-3889-4694-AB75-A91A27B217E8}\localserver32 -> C:\Program Files\Autodesk\AutoCAD LT 2024\acadlt.exe => No File
CustomCLSID: HKU\S-1-5-21-2758214187-3853810005-2688088550-1001_Classes\CLSID\{38142727-3008-9161-1521-349515000000}\localserver32 -> "C:\Program Files\Adobe\Acrobat DC\Acrobat\ADNotificationManager.exe" -ToastActivated => No File
CustomCLSID: HKU\S-1-5-21-2758214187-3853810005-2688088550-1001_Classes\CLSID\{50726f74-6f6e-2e56-504e-000000000000}\localserver32 -> C:\Program Files\Proton\VPN\v3.2.10\ProtonVPN.exe (Proton AG -> )
CustomCLSID: HKU\S-1-5-21-2758214187-3853810005-2688088550-1001_Classes\CLSID\{74F5CC00-49A9-11CF-A2F9-444553540000}\InprocServer32 -> C:\Program Files\Autodesk\AutoCAD LT 2024\cs-CZ\acadltficn.dll => No File
CustomCLSID: HKU\S-1-5-21-2758214187-3853810005-2688088550-1001_Classes\CLSID\{d1b22d3d-8585-53a6-acb3-0e803c7e8d2a}\localserver32 -> C:\Users\sern\AppData\Local\Microsoft\Teams\current\Teams.exe (Microsoft Corporation -> Microsoft Corporation)
ShellIconOverlayIdentifiers: [ OneDrive1] -> {BBACC218-34EA-4666-9D7A-C78F2274A524} => C:\Program Files\Microsoft OneDrive\24.116.0609.0005\FileSyncShell64.dll [2024-06-30] (Microsoft Corporation -> Microsoft Corporation)
ShellIconOverlayIdentifiers: [ OneDrive2] -> {5AB7172C-9C11-405C-8DD5-AF20F3606282} => C:\Program Files\Microsoft OneDrive\24.116.0609.0005\FileSyncShell64.dll [2024-06-30] (Microsoft Corporation -> Microsoft Corporation)
ShellIconOverlayIdentifiers: [ OneDrive3] -> {A78ED123-AB77-406B-9962-2A5D9D2F7F30} => C:\Program Files\Microsoft OneDrive\24.116.0609.0005\FileSyncShell64.dll [2024-06-30] (Microsoft Corporation -> Microsoft Corporation)
ShellIconOverlayIdentifiers: [ OneDrive4] -> {F241C880-6982-4CE5-8CF7-7085BA96DA5A} => C:\Program Files\Microsoft OneDrive\24.116.0609.0005\FileSyncShell64.dll [2024-06-30] (Microsoft Corporation -> Microsoft Corporation)
ShellIconOverlayIdentifiers: [ OneDrive5] -> {A0396A93-DC06-4AEF-BEE9-95FFCCAEF20E} => C:\Program Files\Microsoft OneDrive\24.116.0609.0005\FileSyncShell64.dll [2024-06-30] (Microsoft Corporation -> Microsoft Corporation)
ShellIconOverlayIdentifiers: [ OneDrive6] -> {9AA2F32D-362A-42D9-9328-24A483E2CCC3} => C:\Program Files\Microsoft OneDrive\24.116.0609.0005\FileSyncShell64.dll [2024-06-30] (Microsoft Corporation -> Microsoft Corporation)
ShellIconOverlayIdentifiers: [ OneDrive7] -> {C5FF006E-2AE9-408C-B85B-2DFDD5449D9C} => C:\Program Files\Microsoft OneDrive\24.116.0609.0005\FileSyncShell64.dll [2024-06-30] (Microsoft Corporation -> Microsoft Corporation)
ShellIconOverlayIdentifiers: [ GoogleDriveCloudOverlayIconHandler] -> {A8E52322-8734-481D-A7E2-27B309EF8D56} => C:\Program Files\Google\Drive File Stream\93.0.1.0\drivefsext.dll [2024-07-08] (Google LLC -> Google, Inc.)
ShellIconOverlayIdentifiers: [ GoogleDriveMirrorBlacklistedOverlayIconHandler] -> {51EF1569-67EE-4AD6-9646-E726C3FFC8A2} => C:\Program Files\Google\Drive File Stream\93.0.1.0\drivefsext.dll [2024-07-08] (Google LLC -> Google, Inc.)
ShellIconOverlayIdentifiers: [ GoogleDrivePinnedOverlayIconHandler] -> {CFE8B367-77A7-41D7-9C90-75D16D7DC6B6} => C:\Program Files\Google\Drive File Stream\93.0.1.0\drivefsext.dll [2024-07-08] (Google LLC -> Google, Inc.)
ShellIconOverlayIdentifiers: [ GoogleDriveProgressOverlayIconHandler] -> {C973DA94-CBDF-4E77-81D1-E5B794FBD146} => C:\Program Files\Google\Drive File Stream\93.0.1.0\drivefsext.dll [2024-07-08] (Google LLC -> Google, Inc.)
ShellIconOverlayIdentifiers-x32: [ OneDrive1] -> {BBACC218-34EA-4666-9D7A-C78F2274A524} => C:\Program Files\Microsoft OneDrive\24.116.0609.0005\FileSyncShell64.dll [2024-06-30] (Microsoft Corporation -> Microsoft Corporation)
ShellIconOverlayIdentifiers-x32: [ OneDrive2] -> {5AB7172C-9C11-405C-8DD5-AF20F3606282} => C:\Program Files\Microsoft OneDrive\24.116.0609.0005\FileSyncShell64.dll [2024-06-30] (Microsoft Corporation -> Microsoft Corporation)
ShellIconOverlayIdentifiers-x32: [ OneDrive3] -> {A78ED123-AB77-406B-9962-2A5D9D2F7F30} => C:\Program Files\Microsoft OneDrive\24.116.0609.0005\FileSyncShell64.dll [2024-06-30] (Microsoft Corporation -> Microsoft Corporation)
ShellIconOverlayIdentifiers-x32: [ OneDrive4] -> {F241C880-6982-4CE5-8CF7-7085BA96DA5A} => C:\Program Files\Microsoft OneDrive\24.116.0609.0005\FileSyncShell64.dll [2024-06-30] (Microsoft Corporation -> Microsoft Corporation)
ShellIconOverlayIdentifiers-x32: [ OneDrive5] -> {A0396A93-DC06-4AEF-BEE9-95FFCCAEF20E} => C:\Program Files\Microsoft OneDrive\24.116.0609.0005\FileSyncShell64.dll [2024-06-30] (Microsoft Corporation -> Microsoft Corporation)
ShellIconOverlayIdentifiers-x32: [ OneDrive6] -> {9AA2F32D-362A-42D9-9328-24A483E2CCC3} => C:\Program Files\Microsoft OneDrive\24.116.0609.0005\FileSyncShell64.dll [2024-06-30] (Microsoft Corporation -> Microsoft Corporation)
ShellIconOverlayIdentifiers-x32: [ OneDrive7] -> {C5FF006E-2AE9-408C-B85B-2DFDD5449D9C} => C:\Program Files\Microsoft OneDrive\24.116.0609.0005\FileSyncShell64.dll [2024-06-30] (Microsoft Corporation -> Microsoft Corporation)
ContextMenuHandlers1: [ FileSyncEx] -> {CB3D0F55-BC2C-4C1A-85ED-23ED75B5106B} => C:\Program Files\Microsoft OneDrive\24.116.0609.0005\FileSyncShell64.dll [2024-06-30] (Microsoft Corporation -> Microsoft Corporation)
ContextMenuHandlers1: [DriveFS 28 or later] -> {EE15C2BD-CECB-49F8-A113-CA1BFC528F5B} => C:\Program Files\Google\Drive File Stream\93.0.1.0\drivefsext.dll [2024-07-08] (Google LLC -> Google, Inc.)
ContextMenuHandlers4: [ FileSyncEx] -> {CB3D0F55-BC2C-4C1A-85ED-23ED75B5106B} => C:\Program Files\Microsoft OneDrive\24.116.0609.0005\FileSyncShell64.dll [2024-06-30] (Microsoft Corporation -> Microsoft Corporation)
ContextMenuHandlers4: [DriveFS 28 or later] -> {EE15C2BD-CECB-49F8-A113-CA1BFC528F5B} => C:\Program Files\Google\Drive File Stream\93.0.1.0\drivefsext.dll [2024-07-08] (Google LLC -> Google, Inc.)
ContextMenuHandlers5: [ FileSyncEx] -> {CB3D0F55-BC2C-4C1A-85ED-23ED75B5106B} => C:\Program Files\Microsoft OneDrive\24.116.0609.0005\FileSyncShell64.dll [2024-06-30] (Microsoft Corporation -> Microsoft Corporation)
ContextMenuHandlers5: [DriveFS 28 or later] -> {EE15C2BD-CECB-49F8-A113-CA1BFC528F5B} => C:\Program Files\Google\Drive File Stream\93.0.1.0\drivefsext.dll [2024-07-08] (Google LLC -> Google, Inc.)
ContextMenuHandlers5: [NvCplDesktopContext] -> {3D1975AF-48C6-4f8e-A182-BE0E08FA86A9} => C:\Windows\System32\DriverStore\FileRepository\nvmiig.inf_amd64_7bbded0afca8813b\nvshext.dll [2023-11-10] (NVIDIA Corporation -> NVIDIA Corporation)
==================== Codecs (Whitelisted) ====================
==================== Shortcuts & WMI ========================
(The entries could be listed to be restored or removed.)
ShortcutWithArgument: C:\Users\sern\AppData\Roaming\Microsoft\Internet Explorer\Quick Launch\User Pinned\ImplicitAppShortcuts\69639df789022856\stepan - Chrome.lnk -> C:\Program Files\Google\Chrome\Application\chrome.exe (Google LLC) -> --profile-directory="Profile 1"
==================== Loaded Modules (Whitelisted) =============
2024-06-04 16:06 - 2024-03-14 08:59 - 000925184 _____ () [File not signed] \\?\C:\Program Files\Autodesk\AdODIS\V1\Access\ui-plugins\ada\addons\adIPC.node
2024-06-04 16:06 - 2024-04-16 06:11 - 000371712 _____ () [File not signed] \\?\C:\Program Files\Autodesk\AdODIS\V1\Access\ui-plugins\ada\addons\adpUtil.node
2023-12-07 21:27 - 2023-12-07 21:27 - 001490944 _____ () [File not signed] C:\Users\sern\AppData\Roaming\BitTorrent Web\avcodec-58.dll
2023-12-07 21:27 - 2023-12-07 21:27 - 000949248 _____ () [File not signed] C:\Users\sern\AppData\Roaming\BitTorrent Web\avformat-58.dll
2023-12-07 21:27 - 2023-12-07 21:27 - 000635392 _____ () [File not signed] C:\Users\sern\AppData\Roaming\BitTorrent Web\avutil-56.dll
2023-12-07 21:27 - 2023-12-07 21:27 - 000153088 _____ () [File not signed] C:\Users\sern\AppData\Roaming\BitTorrent Web\swresample-3.dll
2023-12-27 13:35 - 2018-06-14 13:14 - 000187392 _____ (Seiko Epson Corporation) [File not signed] C:\Windows\System32\E_YLMBSBE.DLL
2023-07-20 05:02 - 2023-07-20 05:02 - 000182784 _____ (SEIKO EPSON CORPORATION) [File not signed] C:\Windows\System32\EFXLM16A.DLL
2023-12-07 21:27 - 2023-12-07 21:27 - 002554880 _____ (The OpenSSL Project, hxxps://www.openssl.org/) [File not signed] C:\Users\sern\AppData\Roaming\BitTorrent Web\libcrypto-1_1.dll
2023-12-07 21:27 - 2023-12-07 21:27 - 000537600 _____ (The OpenSSL Project, hxxps://www.openssl.org/) [File not signed] C:\Users\sern\AppData\Roaming\BitTorrent Web\libssl-1_1.dll
==================== Alternate Data Streams (Whitelisted) ========
==================== Safe Mode (Whitelisted) ==================
==================== Association (Whitelisted) =================
(If an entry is included in the fixlist, the registry item will be restored to default or removed.)
HKLM\...\.scr: Icad.load.scr => "notepad.exe" "%1" <==== ATTENTION
HKU\S-1-5-21-2758214187-3853810005-2688088550-1001\Software\Classes\.scr: AutoCADLTScriptFile => C:\Windows\system32\notepad.exe "%1"
==================== Internet Explorer (Whitelisted) ==========
BHO: Skype for Business Browser Helper -> {31D09BA0-12F5-4CCE-BE8A-2923E76605DA} -> C:\Program Files\Microsoft Office\root\Office16\OCHelper.dll [2024-04-05] (Microsoft Corporation -> Microsoft Corporation)
BHO-x32: Skype for Business Browser Helper -> {31D09BA0-12F5-4CCE-BE8A-2923E76605DA} -> C:\Program Files\Microsoft Office\root\VFS\ProgramFilesX86\Microsoft Office\Office16\OCHelper.dll [2024-04-05] (Microsoft Corporation -> Microsoft Corporation)
Handler: mso-minsb-roaming.16 - {83C25742-A9F7-49FB-9138-434302C88D07} - C:\Program Files\Microsoft Office\root\Office16\MSOSB.DLL [2024-06-30] (Microsoft Corporation -> Microsoft Corporation)
Handler-x32: mso-minsb-roaming.16 - {83C25742-A9F7-49FB-9138-434302C88D07} - C:\Program Files\Microsoft Office\root\VFS\ProgramFilesX86\Microsoft Office\Office16\MSOSB.DLL [2024-06-30] (Microsoft Corporation -> Microsoft Corporation)
Handler: mso-minsb.16 - {42089D2D-912D-4018-9087-2B87803E93FB} - C:\Program Files\Microsoft Office\root\Office16\MSOSB.DLL [2024-06-30] (Microsoft Corporation -> Microsoft Corporation)
Handler-x32: mso-minsb.16 - {42089D2D-912D-4018-9087-2B87803E93FB} - C:\Program Files\Microsoft Office\root\VFS\ProgramFilesX86\Microsoft Office\Office16\MSOSB.DLL [2024-06-30] (Microsoft Corporation -> Microsoft Corporation)
Handler: osf-roaming.16 - {42089D2D-912D-4018-9087-2B87803E93FB} - C:\Program Files\Microsoft Office\root\Office16\MSOSB.DLL [2024-06-30] (Microsoft Corporation -> Microsoft Corporation)
Handler-x32: osf-roaming.16 - {42089D2D-912D-4018-9087-2B87803E93FB} - C:\Program Files\Microsoft Office\root\VFS\ProgramFilesX86\Microsoft Office\Office16\MSOSB.DLL [2024-06-30] (Microsoft Corporation -> Microsoft Corporation)
Handler: osf.16 - {5504BE45-A83B-4808-900A-3A5C36E7F77A} - C:\Program Files\Microsoft Office\root\Office16\MSOSB.DLL [2024-06-30] (Microsoft Corporation -> Microsoft Corporation)
Handler-x32: osf.16 - {5504BE45-A83B-4808-900A-3A5C36E7F77A} - C:\Program Files\Microsoft Office\root\VFS\ProgramFilesX86\Microsoft Office\Office16\MSOSB.DLL [2024-06-30] (Microsoft Corporation -> Microsoft Corporation)
==================== Hosts content: =========================
(If needed Hosts: directive could be included in the fixlist to reset Hosts.)
2022-05-07 07:24 - 2024-01-30 14:55 - 000003301 _____ C:\Windows\system32\drivers\etc\hosts
109.94.209.70 *.fitgirl-repacks.xyz # Fake FitGirl site
109.94.209.70 fitgirlpack.site # Fake FitGirl site
109.94.209.70 fitgirlrepacks.in # Fake FitGirl site
109.94.209.70 www.fitgirlrepacks.in # Fake FitGirl site
109.94.209.70 fitgirlrepacks.co # Fake FitGirl site
109.94.209.70 fitgirl-repacks.cc # Fake FitGirl site
109.94.209.70 fitgirl-repacks.to # Fake FitGirl site
109.94.209.70 fitgirl-repack.com # Fake FitGirl site
109.94.209.70 fitgirl-repacks.website # Fake FitGirl site
109.94.209.70 www.fitgirlrepacks.co # Fake FitGirl site
109.94.209.70 www.fitgirl-repacks.cc # Fake FitGirl site
109.94.209.70 www.fitgirl-repacks.to # Fake FitGirl site
109.94.209.70 www.fitgirl-repack.com # Fake FitGirl site
109.94.209.70 www.fitgirl-repacks.website # Fake FitGirl site
109.94.209.70 ww9.fitgirl-repacks.xyz # Fake FitGirl site
109.94.209.70 *.fitgirl-repacks.xyz # Fake FitGirl site
109.94.209.70 fitgirl-repacks.xyz # Fake FitGirl site
109.94.209.70 fitgirl-repack.net # Fake FitGirl site
109.94.209.70 www.fitgirl-repack.net # Fake FitGirl site
127.0.0.1 checkhost.local
109.94.209.70 www.fitgirlpack.site # Fake FitGirl site
109.94.209.70 fitgirl-repack.org # Fake FitGirl site
109.94.209.70 www.fitgirl-repack.org # Fake FitGirl site
109.94.209.70 fitgirlrepacks.pro # Fake FitGirl site
109.94.209.70 www.fitgirlrepacks.pro # Fake FitGirl site
109.94.209.70 fitgirlrepack.games # Fake FitGirl site
109.94.209.70 www.fitgirlrepack.games # Fake FitGirl site
109.94.209.70 fitgirl-repacks-site.org # Fake FitGirl site
109.94.209.70 www.fitgirl-repacks-site.org # Fake FitGirl site
109.94.209.70 fitgirls-repacks.com # Fake FitGirl site
2024-05-23 22:51 - 2024-05-23 23:13 - 000000500 _____ C:\Windows\system32\drivers\etc\hosts.ics
==================== Other Areas ===========================
(Currently there is no automatic fix for this section.)
HKU\S-1-5-21-2758214187-3853810005-2688088550-1001\Control Panel\Desktop\\Wallpaper -> c:\windows\web\wallpaper\windows\img0.jpg
DNS Servers: 192.168.0.1
HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Policies\System => (ConsentPromptBehaviorAdmin: 5) (ConsentPromptBehaviorUser: 3) (EnableLUA: 1)
Windows Firewall is enabled.
==================== MSCONFIG/TASK MANAGER disabled items ==
==================== FirewallRules (Whitelisted) ================
(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)
FirewallRules: [{86229055-6BF1-4C6A-A7E8-06022E37ABAB}] => (Allow) D:\Program Files (x86)\Steam\Steam.exe (Valve Corp. -> Valve Corporation)
FirewallRules: [{6C037B84-4FD4-49EA-B5A5-8C2B3C091154}] => (Allow) D:\Program Files (x86)\Steam\Steam.exe (Valve Corp. -> Valve Corporation)
FirewallRules: [{06D5E82A-3F88-4A0E-AEA9-9D420C108C6C}] => (Allow) D:\Program Files (x86)\Steam\bin\cef\cef.win7x64\steamwebhelper.exe (Valve Corp. -> Valve Corporation)
FirewallRules: [{64EC9E69-40BE-4F1B-B704-AF94284959C2}] => (Allow) D:\Program Files (x86)\Steam\bin\cef\cef.win7x64\steamwebhelper.exe (Valve Corp. -> Valve Corporation)
FirewallRules: [{9FF4E215-7BE7-4B3B-A49F-2E79BF1EF400}] => (Allow) C:\Program Files\Microsoft Office\root\Office16\Lync.exe (Microsoft Corporation -> Microsoft Corporation)
FirewallRules: [{27A4B1F0-67FD-4A18-8976-4C99496C96EE}] => (Allow) C:\Program Files\Microsoft Office\root\Office16\UcMapi.exe (Microsoft Corporation -> Microsoft Corporation)
FirewallRules: [{4DB6F32F-67D8-470B-B9FA-42CD1026AA75}] => (Allow) D:\Program Files (x86)\Steam\steamapps\common\Starfield\Starfield.exe (Bethesda Softworks LLC -> Bethesda Softworks)
FirewallRules: [{E59B62F9-A6EE-410F-A6A0-2E3A4840261C}] => (Allow) D:\Program Files (x86)\Steam\steamapps\common\Starfield\Starfield.exe (Bethesda Softworks LLC -> Bethesda Softworks)
FirewallRules: [{6CE6151E-9A91-40F3-B4D6-8ECCBBA24025}] => (Allow) C:\Program Files\NVIDIA Corporation\NvContainer\nvcontainer.exe (NVIDIA Corporation -> NVIDIA Corporation)
FirewallRules: [{28D2F35F-E4C8-41A2-A345-47F48FAC1258}] => (Allow) C:\Program Files\NVIDIA Corporation\NvContainer\nvcontainer.exe (NVIDIA Corporation -> NVIDIA Corporation)
FirewallRules: [TCP Query User{8097781A-072D-452B-9B39-BDBB53D65E1F}E:\steamlibrary\steamapps\common\baldurs gate 3\bin\bg3_dx11.exe] => (Allow) E:\steamlibrary\steamapps\common\baldurs gate 3\bin\bg3_dx11.exe (Larian Studios Games Ltd. -> )
FirewallRules: [UDP Query User{642E0FE9-C62B-481C-A9E2-D6C0C50BD165}E:\steamlibrary\steamapps\common\baldurs gate 3\bin\bg3_dx11.exe] => (Allow) E:\steamlibrary\steamapps\common\baldurs gate 3\bin\bg3_dx11.exe (Larian Studios Games Ltd. -> )
FirewallRules: [TCP Query User{27BBEA0B-9867-49F6-ABDE-2B584AB01909}D:\stažené soubory\anydesk.exe] => (Allow) D:\stažené soubory\anydesk.exe (philandro Software GmbH -> AnyDesk Software GmbH)
FirewallRules: [UDP Query User{C3214CD8-ACA8-49B6-B16A-2AE196941145}D:\stažené soubory\anydesk.exe] => (Allow) D:\stažené soubory\anydesk.exe (philandro Software GmbH -> AnyDesk Software GmbH)
FirewallRules: [TCP Query User{AFCEDC8A-ED57-40DF-A3EA-DAD5A122FBF6}E:\steamlibrary\steamapps\common\baldurs gate 3\bin\bg3_dx11.exe] => (Allow) E:\steamlibrary\steamapps\common\baldurs gate 3\bin\bg3_dx11.exe (Larian Studios Games Ltd. -> )
FirewallRules: [UDP Query User{D23C6C83-183B-44A1-A62E-892D959F6B1E}E:\steamlibrary\steamapps\common\baldurs gate 3\bin\bg3_dx11.exe] => (Allow) E:\steamlibrary\steamapps\common\baldurs gate 3\bin\bg3_dx11.exe (Larian Studios Games Ltd. -> )
FirewallRules: [{742DAE49-A7F6-4638-A188-753263FED5E5}] => (Allow) C:\Program Files (x86)\EPSON Software\Event Manager\EEventManager.exe => No File
FirewallRules: [{A10C0A4D-8FCD-4941-A4D3-3BFA6DE29D2C}] => (Allow) C:\Program Files (x86)\EPSON Software\Event Manager\EEventManager.exe => No File
FirewallRules: [{0252E50E-5353-4FA9-87CE-46C8E98EFA8E}] => (Allow) C:\Users\sern\AppData\Local\Temp\WF-7710\Network\EpsonNetSetup\ENEasyApp.exe => No File
FirewallRules: [{B5305FAD-B6A0-4905-AE82-D66F42D96DB7}] => (Allow) C:\Users\sern\AppData\Local\Temp\WF-7710\Network\EpsonNetSetup\ENEasyApp.exe => No File
FirewallRules: [{A6247405-DF49-4A2B-9CBD-6157CEBAA7EC}] => (Allow) C:\Users\sern\AppData\Roaming\BitTorrent Web\btweb.exe (BitTorrent Inc -> BitTorrent Limited)
FirewallRules: [{4F229F85-7228-4D8B-894A-6DF7D2EBF609}] => (Allow) C:\Users\sern\AppData\Roaming\BitTorrent Web\btweb.exe (BitTorrent Inc -> BitTorrent Limited)
FirewallRules: [TCP Query User{7441A1AB-FE05-42B7-9AA1-EA8E3CA867EF}E:\steamlibrary\steamapps\common\total war rome ii\rome2.exe] => (Allow) E:\steamlibrary\steamapps\common\total war rome ii\rome2.exe (The Creative Assembly Ltd) [File not signed]
FirewallRules: [UDP Query User{2D1C3749-71CB-4FAE-94C8-E8B5EC55AD1D}E:\steamlibrary\steamapps\common\total war rome ii\rome2.exe] => (Allow) E:\steamlibrary\steamapps\common\total war rome ii\rome2.exe (The Creative Assembly Ltd) [File not signed]
FirewallRules: [{55D28337-DC89-4351-B0DB-233DF840ED80}] => (Allow) D:\Program Files (x86)\Steam\steamapps\common\Valheim\valheim.exe () [File not signed]
FirewallRules: [{26858632-D7E4-4B5F-B22E-3C5453FADDAF}] => (Allow) D:\Program Files (x86)\Steam\steamapps\common\Valheim\valheim.exe () [File not signed]
FirewallRules: [TCP Query User{436BD932-537B-49F0-B42E-C1A0C8ADC256}D:\games\warcraft iii - reforged\_retail_\x86_64\warcraft iii.exe] => (Allow) D:\games\warcraft iii - reforged\_retail_\x86_64\warcraft iii.exe => No File
FirewallRules: [UDP Query User{D43692EA-3BBA-4259-965A-5408EB151AB9}D:\games\warcraft iii - reforged\_retail_\x86_64\warcraft iii.exe] => (Allow) D:\games\warcraft iii - reforged\_retail_\x86_64\warcraft iii.exe => No File
FirewallRules: [TCP Query User{5843DE96-AA63-41EF-AA6C-FF712239BF03}E:\steamlibrary\steamapps\common\baldurs gate 3\bin\bg3.exe] => (Allow) E:\steamlibrary\steamapps\common\baldurs gate 3\bin\bg3.exe (Larian Studios Games Ltd. -> )
FirewallRules: [UDP Query User{0BE7A8C3-9411-4A40-8CE5-1D9F068285D9}E:\steamlibrary\steamapps\common\baldurs gate 3\bin\bg3.exe] => (Allow) E:\steamlibrary\steamapps\common\baldurs gate 3\bin\bg3.exe (Larian Studios Games Ltd. -> )
FirewallRules: [{C541978B-C5C2-4259-889F-13E15AC62D67}] => (Allow) D:\Program Files (x86)\Steam\steamapps\common\Citizen Sleeper\Citizen Sleeper.exe () [File not signed]
FirewallRules: [{DFC3CE84-2D4D-42CF-AFC6-EC9C398EE526}] => (Allow) D:\Program Files (x86)\Steam\steamapps\common\Citizen Sleeper\Citizen Sleeper.exe () [File not signed]
FirewallRules: [{0675EFC3-F184-4C16-BFBD-6FC6DEFCEC13}] => (Allow) D:\IQRC_Zbozinek\IQRC_Zbozinek\iqrc.exe (Amicus) [File not signed]
FirewallRules: [{8F5141F0-E356-4C3F-975C-5638CF0699B6}] => (Allow) D:\IQRC_Zbozinek\IQRC_Zbozinek\iqrc.exe (Amicus) [File not signed]
FirewallRules: [{58A43AF5-B85B-421A-AECE-52CBB95C5205}] => (Allow) D:\IQRC_Zbozinek\IQRC_Zbozinek\iqrc.exe (Amicus) [File not signed]
FirewallRules: [{C73E5024-1B65-4B59-B813-37F6B483CA92}] => (Allow) D:\IQRC_Zbozinek\IQRC_Zbozinek\iqrc.exe (Amicus) [File not signed]
FirewallRules: [{1346CB28-0DA8-40DC-A4D2-AE6B7C4A912F}] => (Allow) D:\Program Files (x86)\Steam\steamapps\common\Thronefall\Thronefall.exe () [File not signed]
FirewallRules: [{7D7C41DD-9882-4ACA-8D1B-698E677B537C}] => (Allow) D:\Program Files (x86)\Steam\steamapps\common\Thronefall\Thronefall.exe () [File not signed]
FirewallRules: [TCP Query User{7CA5800E-D80D-430A-8E5B-738C0305F0D0}C:\users\sern\appdata\local\microsoft\teams\current\teams.exe] => (Allow) C:\users\sern\appdata\local\microsoft\teams\current\teams.exe (Microsoft Corporation -> Microsoft Corporation)
FirewallRules: [UDP Query User{C5BFA08A-A9CE-4BF0-8D18-2FD250E4EA28}C:\users\sern\appdata\local\microsoft\teams\current\teams.exe] => (Allow) C:\users\sern\appdata\local\microsoft\teams\current\teams.exe (Microsoft Corporation -> Microsoft Corporation)
FirewallRules: [TCP Query User{8988576A-391D-4F64-BF26-8AAE0E3F17DD}C:\users\sern\appdata\roaming\bittorrent web\btweb.exe] => (Allow) C:\users\sern\appdata\roaming\bittorrent web\btweb.exe (BitTorrent Inc -> BitTorrent Limited)
FirewallRules: [UDP Query User{6A9F2625-1FF6-42C4-A434-619DD01EFE33}C:\users\sern\appdata\roaming\bittorrent web\btweb.exe] => (Allow) C:\users\sern\appdata\roaming\bittorrent web\btweb.exe (BitTorrent Inc -> BitTorrent Limited)
FirewallRules: [TCP Query User{9BA8CE6C-7F7D-46CD-9AF0-214BCDD3C5B6}C:\users\sern\appdata\local\microsoft\teams\current\teams.exe] => (Allow) C:\users\sern\appdata\local\microsoft\teams\current\teams.exe (Microsoft Corporation -> Microsoft Corporation)
FirewallRules: [UDP Query User{24254EFA-CADB-433D-8EB1-81055975A7BF}C:\users\sern\appdata\local\microsoft\teams\current\teams.exe] => (Allow) C:\users\sern\appdata\local\microsoft\teams\current\teams.exe (Microsoft Corporation -> Microsoft Corporation)
FirewallRules: [{B5C4FE50-1F3D-4477-9632-07D72BF3E6CB}] => (Allow) C:\Program Files\TeamViewer\TeamViewer.exe (TeamViewer Germany GmbH -> TeamViewer Germany GmbH)
FirewallRules: [{E49F654B-64FB-4154-8D05-4BB811D5E5F5}] => (Allow) C:\Program Files\TeamViewer\TeamViewer.exe (TeamViewer Germany GmbH -> TeamViewer Germany GmbH)
FirewallRules: [{F37BAF61-EDBB-4358-B6BB-CC71A573DB07}] => (Allow) C:\Program Files\TeamViewer\TeamViewer_Service.exe (TeamViewer Germany GmbH -> TeamViewer Germany GmbH)
FirewallRules: [{E1797D77-6956-435D-BDFB-B5129342268B}] => (Allow) C:\Program Files\TeamViewer\TeamViewer_Service.exe (TeamViewer Germany GmbH -> TeamViewer Germany GmbH)
FirewallRules: [TCP Query User{3346ED86-6111-4527-955B-E29B399319EC}D:\stažené soubory\anydesk (1).exe] => (Allow) D:\stažené soubory\anydesk (1).exe (AnyDesk Software GmbH -> AnyDesk Software GmbH)
FirewallRules: [UDP Query User{BA4FE2C5-9FED-4A25-8453-FE485C7B6DA7}D:\stažené soubory\anydesk (1).exe] => (Allow) D:\stažené soubory\anydesk (1).exe (AnyDesk Software GmbH -> AnyDesk Software GmbH)
FirewallRules: [TCP Query User{F6D11E63-836D-498A-BA41-C801333EEDD7}D:\stažené soubory\anydesk.exe] => (Allow) D:\stažené soubory\anydesk.exe (philandro Software GmbH -> AnyDesk Software GmbH)
FirewallRules: [UDP Query User{B393D556-B760-42EB-8547-165DF5509A70}D:\stažené soubory\anydesk.exe] => (Allow) D:\stažené soubory\anydesk.exe (philandro Software GmbH -> AnyDesk Software GmbH)
FirewallRules: [{878C7FEC-DAE4-4BD1-BB3C-1676DABFBAD9}] => (Allow) D:\Program Files\TeamViewer\TeamViewer.exe => No File
FirewallRules: [{D6D1FCBB-174B-4ABB-BA58-60C7A5C0DF01}] => (Allow) D:\Program Files\TeamViewer\TeamViewer.exe => No File
FirewallRules: [{DC8D3284-97D6-4F4A-A750-AD4C73BAF6C1}] => (Allow) D:\Program Files\TeamViewer\TeamViewer_Service.exe => No File
FirewallRules: [{9DB5B99B-90BC-47BE-B523-F23456D38A77}] => (Allow) D:\Program Files\TeamViewer\TeamViewer_Service.exe => No File
FirewallRules: [{A477061F-B61C-470E-B752-697BD99798F7}] => (Allow) C:\Program Files\Microsoft Office\root\Office16\Lync.exe (Microsoft Corporation -> Microsoft Corporation)
FirewallRules: [{59767377-9CA0-41C4-9D60-5D9676C91D05}] => (Allow) C:\Program Files\Microsoft Office\root\Office16\UcMapi.exe (Microsoft Corporation -> Microsoft Corporation)
FirewallRules: [{8948E1F8-DF4C-4283-85ED-F046C4EB40ED}] => (Allow) D:\Program Files (x86)\AnyDesk\AnyDesk.exe => No File
FirewallRules: [{4099657F-91ED-4D37-9F8E-804B89EDAD9A}] => (Allow) D:\Program Files (x86)\AnyDesk\AnyDesk.exe => No File
FirewallRules: [{588D5FDB-5252-4CDF-93AC-F6B1C7CA2A7B}] => (Allow) D:\Program Files (x86)\AnyDesk\AnyDesk.exe => No File
FirewallRules: [{9E6E852A-3ED0-4337-90AC-E2A2B16825FE}] => (Allow) D:\Program Files (x86)\AnyDesk\AnyDesk.exe => No File
FirewallRules: [{3A60AE09-48BC-4324-B8D5-E93F926EF8EB}] => (Allow) D:\Program Files (x86)\AnyDesk\AnyDesk.exe => No File
FirewallRules: [{A90CB048-749E-4556-A4D0-0ACCDCA0391A}] => (Allow) D:\Program Files (x86)\AnyDesk\AnyDesk.exe => No File
FirewallRules: [{B6760911-CEDC-4EA1-8E38-929DEF0CC122}] => (Allow) C:\Program Files\Google\Chrome\Application\chrome.exe (Google LLC -> Google LLC)
FirewallRules: [{6156591F-C198-47CD-A43B-C7D13120C824}] => (Allow) C:\Program Files\Microsoft Office\root\Office16\outlook.exe (Microsoft Corporation -> Microsoft Corporation)
FirewallRules: [{B280FD17-8A7F-4095-9F62-12390DC4605E}] => (Allow) C:\Program Files (x86)\Microsoft\EdgeWebView\Application\126.0.2592.87\msedgewebview2.exe (Microsoft Corporation -> Microsoft Corporation)
FirewallRules: [{4ADFF502-AFCE-428A-B903-F18B5EA7F7F8}] => (Allow) C:\Program Files\WindowsApps\MSTeams_24152.415.2975.367_x64__8wekyb3d8bbwe\ms-teams.exe (Microsoft Corporation -> Microsoft Corporation)
FirewallRules: [{F7238388-B972-4FEC-A331-4FEAAC1B90BF}] => (Allow) C:\Program Files\WindowsApps\MSTeams_24152.415.2975.367_x64__8wekyb3d8bbwe\ms-teams.exe (Microsoft Corporation -> Microsoft Corporation)
FirewallRules: [{E1EFC77B-16C1-4F4C-9144-AFE298C6A496}] => (Allow) C:\Program Files\NVIDIA Corporation\NvContainer\nvcontainer.exe (NVIDIA Corporation -> NVIDIA Corporation)
FirewallRules: [{0CC8A98E-2C63-45FD-B471-FD5E649FD741}] => (Allow) C:\Program Files\NVIDIA Corporation\NvContainer\nvcontainer.exe (NVIDIA Corporation -> NVIDIA Corporation)
FirewallRules: [{531FA4BD-C702-40F3-A135-4FECB49A86A2}] => (Allow) C:\Program Files\NVIDIA Corporation\NvStreamSrv\nvstreamer.exe (NVIDIA Corporation -> NVIDIA Corporation)
FirewallRules: [{2C9F81B0-C997-47A8-86F9-17C4B647685F}] => (Allow) C:\Program Files\NVIDIA Corporation\NvStreamSrv\nvstreamer.exe (NVIDIA Corporation -> NVIDIA Corporation)
FirewallRules: [{51579FF6-5859-4518-BD98-AD9D6767B4E9}] => (Allow) LPort=32683
FirewallRules: [{EB91FAAF-6F8B-4738-9424-6FD6802F18F3}] => (Allow) LPort=33683
FirewallRules: [{737A1832-A561-46DD-BE47-5D44AA0C15A9}] => (Allow) LPort=26822
==================== Restore Points =========================
ATTENTION: System Restore is disabled (Total:96.8 GB) (Free:5.9 GB) (6%)
==================== Faulty Device Manager Devices ============
==================== Event log errors: ========================
Application errors:
==================
Error: (07/07/2024 09:35:14 PM) (Source: Application Error) (EventID: 1000) (User: KATANA)
Description: Název chybující aplikace: OneDC_Updater.exe, verze: 2.0.2211.3001, časové razítko: 0x656832f7
Název chybujícího modulu: KERNELBASE.dll, verze: 10.0.22621.3733, časové razítko: 0x44653e19
Kód výjimky: 0xc000041d
Posun chyby: 0x000000000005f39c
ID chybujícího procesu: 0x0x33d0
Čas spuštění chybující aplikace: 0x0x1dad0a4c4c57d5c
Cesta k chybující aplikaci: C:\Users\sern\OneDrive\Dokumenty\temp\OneDC_Updater\OneDC_Updater.exe
Cesta k chybujícímu modulu: C:\Windows\System32\KERNELBASE.dll
ID zprávy: d94a71cd-c122-45e1-9a97-bd61c773915e
Úplný název chybujícího balíčku:
ID aplikace související s chybujícím balíčkem:
Error: (07/07/2024 09:35:09 PM) (Source: Application Error) (EventID: 1000) (User: KATANA)
Description: Název chybující aplikace: OneDC_Updater.exe, verze: 2.0.2211.3001, časové razítko: 0x656832f7
Název chybujícího modulu: KERNELBASE.dll, verze: 10.0.22621.3733, časové razítko: 0x44653e19
Kód výjimky: 0xc0020001
Posun chyby: 0x000000000005f39c
ID chybujícího procesu: 0x0x33d0
Čas spuštění chybující aplikace: 0x0x1dad0a4c4c57d5c
Cesta k chybující aplikaci: C:\Users\sern\OneDrive\Dokumenty\temp\OneDC_Updater\OneDC_Updater.exe
Cesta k chybujícímu modulu: C:\Windows\System32\KERNELBASE.dll
ID zprávy: bef24641-586a-4bdb-9f94-d4cab05b38a3
Úplný název chybujícího balíčku:
ID aplikace související s chybujícím balíčkem:
Error: (07/07/2024 04:26:44 PM) (Source: Application Hang) (EventID: 1002) (User: NT AUTHORITY)
Description: Verze 10.0.22621.3672 programu SystemSettings.exe ukončila interakci se systémem Windows a byla ukončena. Pokud chcete zjistit, zda jsou k dispozici další informace o problému, zkontrolujte historii problémů v ovládacím panelu Zabezpečení a údržba.
Error: (07/07/2024 04:22:18 PM) (Source: Microsoft-Windows-Perflib) (EventID: 1023) (User: NT AUTHORITY)
Description: Systém Windows nemůže načíst knihovnu DLL rozšiřitelných čítačů C:\Windows\system32\sysmain.dll (kód chyby Win32 126).
Error: (07/05/2024 07:59:51 AM) (Source: Application Error) (EventID: 1000) (User: KATANA)
Description: Název chybující aplikace: OneDC_Updater.exe, verze: 2.0.2211.3001, časové razítko: 0x656832f7
Název chybujícího modulu: KERNELBASE.dll, verze: 10.0.22621.3733, časové razítko: 0x44653e19
Kód výjimky: 0xc000041d
Posun chyby: 0x000000000005f39c
ID chybujícího procesu: 0x0xb28
Čas spuštění chybující aplikace: 0x0x1dacea0854ef4bd
Cesta k chybující aplikaci: C:\Users\sern\OneDrive\Dokumenty\temp\OneDC_Updater\OneDC_Updater.exe
Cesta k chybujícímu modulu: C:\Windows\System32\KERNELBASE.dll
ID zprávy: 0e712c71-1995-4a50-9f34-0250fe13a824
Úplný název chybujícího balíčku:
ID aplikace související s chybujícím balíčkem:
Error: (07/05/2024 07:59:49 AM) (Source: Application Error) (EventID: 1000) (User: KATANA)
Description: Název chybující aplikace: OneDC_Updater.exe, verze: 2.0.2211.3001, časové razítko: 0x656832f7
Název chybujícího modulu: KERNELBASE.dll, verze: 10.0.22621.3733, časové razítko: 0x44653e19
Kód výjimky: 0xc0020001
Posun chyby: 0x000000000005f39c
ID chybujícího procesu: 0x0xb28
Čas spuštění chybující aplikace: 0x0x1dacea0854ef4bd
Cesta k chybující aplikaci: C:\Users\sern\OneDrive\Dokumenty\temp\OneDC_Updater\OneDC_Updater.exe
Cesta k chybujícímu modulu: C:\Windows\System32\KERNELBASE.dll
ID zprávy: 12acbbc0-e663-4007-8b4c-625a506a2fd8
Úplný název chybujícího balíčku:
ID aplikace související s chybujícím balíčkem:
Error: (06/30/2024 07:45:52 PM) (Source: Microsoft-Windows-Perflib) (EventID: 1023) (User: NT AUTHORITY)
Description: Systém Windows nemůže načíst knihovnu DLL rozšiřitelných čítačů C:\Windows\system32\sysmain.dll (kód chyby Win32 126).
Error: (06/30/2024 07:15:21 PM) (Source: Application Error) (EventID: 1000) (User: KATANA)
Description: Název chybující aplikace: OneDC_Updater.exe, verze: 2.0.2211.3001, časové razítko: 0x656832f7
Název chybujícího modulu: KERNELBASE.dll, verze: 10.0.22621.3733, časové razítko: 0x44653e19
Kód výjimky: 0xc000041d
Posun chyby: 0x000000000005f39c
ID chybujícího procesu: 0x0x27c4
Čas spuštění chybující aplikace: 0x0x1dacb1112c09d85
Cesta k chybující aplikaci: C:\Users\sern\OneDrive\Dokumenty\temp\OneDC_Updater\OneDC_Updater.exe
Cesta k chybujícímu modulu: C:\Windows\System32\KERNELBASE.dll
ID zprávy: c7c5b711-a4b3-4a2a-99b8-3bbba4b1479d
Úplný název chybujícího balíčku:
ID aplikace související s chybujícím balíčkem:
System errors:
=============
Error: (07/08/2024 03:54:35 PM) (Source: Microsoft-Windows-NDIS) (EventID: 10317) (User: )
Description: Na miniportu Microsoft Wi-Fi Direct Virtual Adapter #2, {66e4450a-6374-4118-8edd-be0f623dcc05}, došlo k události 74.
Error: (07/07/2024 09:34:57 PM) (Source: Service Control Manager) (EventID: 7000) (User: )
Description: Služba Služba Aktualizace Google (gupdate) neuspěla při spuštění v důsledku následující chyby:
Služba neodpověděla na řídicí nebo zahajovací požadavek dostatečně včas.
Error: (07/07/2024 09:34:57 PM) (Source: Service Control Manager) (EventID: 7009) (User: )
Description: Při čekání na připojení služby Služba Aktualizace Google (gupdate) bylo dosaženo časového limitu (30000 ms).
Error: (07/07/2024 09:32:18 PM) (Source: DCOM) (EventID: 10010) (User: KATANA)
Description: Server Microsoft.Windows.ContentDeliveryManager_10.0.22621.2506_neutral_neutral_cw5n1h2txyewy!App.AppXryc2qd338f5728r9gzzazav8206ba77s.mca se v daném časovém limitu neregistroval u služby DCOM.
Error: (07/07/2024 08:31:01 PM) (Source: Microsoft-Windows-NDIS) (EventID: 10317) (User: )
Description: Na miniportu Microsoft Wi-Fi Direct Virtual Adapter #2, {66e4450a-6374-4118-8edd-be0f623dcc05}, došlo k události 74.
Error: (07/07/2024 04:23:01 PM) (Source: Service Control Manager) (EventID: 7000) (User: )
Description: Služba Služba Aktualizace Google (gupdate) neuspěla při spuštění v důsledku následující chyby:
Služba neodpověděla na řídicí nebo zahajovací požadavek dostatečně včas.
Error: (07/07/2024 04:23:01 PM) (Source: Service Control Manager) (EventID: 7009) (User: )
Description: Při čekání na připojení služby Služba Aktualizace Google (gupdate) bylo dosaženo časového limitu (30000 ms).
Error: (07/07/2024 04:20:49 PM) (Source: EventLog) (EventID: 6008) (User: )
Description: Předchozí vypnutí systému (8:45:13, 05.07.2024) bylo neočekávané.
Windows Defender:
================
Date: 2024-07-08 16:05:47
Description:
Prohledávání Antivirová ochrana v programu Microsoft Defender bylo zastaveno před dokončením.
ID prohledávání: {B493C609-E6D6-41E7-B70C-E6AFF057986A}
Typ prohledávání: Antimalwarový program
Parametry prohledávání: Rychlé prohledávání
Uživatel: NT AUTHORITY\SYSTEM
Date: 2024-07-05 07:59:37
Description:
Prohledávání Antivirová ochrana v programu Microsoft Defender bylo zastaveno před dokončením.
ID prohledávání: {9E0BF917-7EA7-4A9A-847E-705497B13D49}
Typ prohledávání: Antimalwarový program
Parametry prohledávání: Rychlé prohledávání
Uživatel: NT AUTHORITY\SYSTEM
Date: 2024-07-04 17:00:00
Description:
Prohledávání Antivirová ochrana v programu Microsoft Defender bylo zastaveno před dokončením.
ID prohledávání: {094A6958-A4B0-400F-AC01-5E6A97E02DE6}
Typ prohledávání: Antimalwarový program
Parametry prohledávání: Rychlé prohledávání
Uživatel: NT AUTHORITY\SYSTEM
Date: 2024-07-01 15:38:17
Description:
Prohledávání Antivirová ochrana v programu Microsoft Defender bylo zastaveno před dokončením.
ID prohledávání: {CA2852C3-CD89-4659-880D-287B74AC069D}
Typ prohledávání: Antimalwarový program
Parametry prohledávání: Rychlé prohledávání
Uživatel: NT AUTHORITY\SYSTEM
Date: 2024-06-30 20:01:27
Description:
Prohledávání Antivirová ochrana v programu Microsoft Defender bylo zastaveno před dokončením.
ID prohledávání: {FB38E0AA-D808-4A33-81DB-52EA70FD7A9D}
Typ prohledávání: Antimalwarový program
Parametry prohledávání: Rychlé prohledávání
Uživatel: NT AUTHORITY\SYSTEM
Event[0]
Date: 2024-06-15 20:37:01
Description:
Funkce Ochrana v reálném čase u prohledávání Antivirová ochrana v programu Microsoft Defender zjistila chybu a došlo k jejímu selhání.
Funkce: Při přístupu
Kód chyby: 0x80004005
Popis chyby: Nespecifikovaná chyba
Důvod: Ovladač filtru přeskočil prohledávání položek a je v režimu průchodu. Příčinou může být nízký stav prostředků.
Date: 2024-01-07 04:41:23
Description:
Funkce Ochrana v reálném čase u prohledávání Antivirová ochrana v programu Microsoft Defender zjistila chybu a došlo k jejímu selhání.
Funkce: Při přístupu
Kód chyby: 0x80004005
Popis chyby: Nespecifikovaná chyba
Důvod: Ovladač filtru přeskočil prohledávání položek a je v režimu průchodu. Příčinou může být nízký stav prostředků.
Date: 2024-01-07 02:26:50
Description:
Funkce Ochrana v reálném čase u prohledávání Antivirová ochrana v programu Microsoft Defender zjistila chybu a došlo k jejímu selhání.
Funkce: Při přístupu
Kód chyby: 0x80004005
Popis chyby: Nespecifikovaná chyba
Důvod: Ovladač filtru přeskočil prohledávání položek a je v režimu průchodu. Příčinou může být nízký stav prostředků.
CodeIntegrity:
===============
Date: 2024-07-07 16:50:37
Description:
Code Integrity determined that a process (\Device\HarddiskVolume3\Program Files (x86)\Microsoft\EdgeWebView\Application\126.0.2592.87\msedgewebview2.exe) attempted to load \Device\HarddiskVolume3\Windows\System32\nvspcap64.dll that did not meet the Microsoft signing level requirements.
Date: 2024-05-02 12:45:46
Description:
Code Integrity is unable to verify the image integrity of the file \Device\HarddiskVolume3\Windows\System32\fcon.dll because the set of per-page image hashes could not be found on the system.
Date: 2024-03-30 13:40:36
Description:
Code Integrity determined that a process (\Device\HarddiskVolume3\Program Files (x86)\Microsoft\EdgeWebView\Application\123.0.2420.65\msedgewebview2.exe) attempted to load \Device\HarddiskVolume3\Windows\System32\nvspcap64.dll that did not meet the Microsoft signing level requirements.
==================== Memory info ===========================
BIOS: American Megatrends International, LLC. E1585IMS.311 09/27/2023
Motherboard: Micro-Star International Co., Ltd. MS-1585
Processor: 12th Gen Intel(R) Core(TM) i7-12650H
Percentage of memory in use: 66%
Total physical RAM: 16087.5 MB
Available physical RAM: 5452.88 MB
Total Virtual: 22604.8 MB
Available Virtual: 7557.02 MB
==================== Drives ================================
Drive c: () (Fixed) (Total:96.8 GB) (Free:5.9 GB) (Model: NVMe WD PC SN560 SDDPNQE-1T00-1032) (Protected) NTFS
Drive d: (Nový svazek) (Fixed) (Total:856.21 GB) (Free:616.47 GB) (Model: NVMe WD PC SN560 SDDPNQE-1T00-1032) (Protected) NTFS
Drive e: (ADATA SE760) (Fixed) (Total:238.46 GB) (Free:42.04 GB) (Model: ADATA SE760 SCSI Disk Device) NTFS
Drive g: (Google Drive) (Fixed) (Total:15 GB) (Free:5.61 GB) (Model: NVMe WD PC SN560 SDDPNQE-1T00-1032) FAT32
\\?\Volume{71a4a3a0-dea0-4ead-8c65-89811c074ccc}\ () (Fixed) (Total:0.74 GB) (Free:0.08 GB) NTFS
\\?\Volume{bdbcbe06-a6d5-4494-b408-f34c36c4fca8}\ () (Fixed) (Total:0.09 GB) (Free:0.07 GB) FAT32
==================== MBR & Partition Table ====================
==========================================================
Disk: 0 (Size: 953.9 GB) (Disk ID: 20694DDF)
Partition: GPT.
==========================================================
Disk: 1 (Size: 238.5 GB) (Disk ID: 3DA19019)
Partition: GPT.
==================== End of Addition.txt =======================
Ran by sern (08-07-2024 20:51:53)
Running from D:\Stažené soubory
Microsoft Windows 11 Pro Version 23H2 22631.3737 (X64) (2023-11-20 20:41:27)
Boot Mode: Normal
==========================================================
==================== Accounts: =============================
(If an entry is included in the fixlist, it will be removed.)
Administrator (S-1-5-21-2758214187-3853810005-2688088550-500 - Administrator - Disabled)
DefaultAccount (S-1-5-21-2758214187-3853810005-2688088550-503 - Limited - Disabled)
Guest (S-1-5-21-2758214187-3853810005-2688088550-501 - Limited - Disabled)
sern (S-1-5-21-2758214187-3853810005-2688088550-1001 - Administrator - Enabled) => C:\Users\sern
WDAGUtilityAccount (S-1-5-21-2758214187-3853810005-2688088550-504 - Limited - Disabled)
==================== Security Center ========================
(If an entry is included in the fixlist, it will be removed.)
AV: Windows Defender (Enabled - Up to date) {D68DDC3A-831F-4fae-9E44-DA132C1ACF46}
==================== Installed Programs ======================
(Only the adware programs with "Hidden" flag could be added to the fixlist to unhide them. The adware programs should be uninstalled manually.)
AB Protect - AdvanceCAD 2024 x64 (HKLM\...\{E406239C-DDA8-443B-801F-D4188AD02A2E}) (Version: 24.01.0007 - AB Studio) Hidden
Autodesk Access (HKLM\...\{A3158B3E-5F28-358A-BF1A-9532D8EBC811}) (Version: 2.6.0.118 - Autodesk, Inc.)
Autodesk Identity Manager (HKLM\...\Autodesk Identity Manager) (Version: 1.11.9.11 - Autodesk)
BitTorrent Web (HKU\S-1-5-21-2758214187-3853810005-2688088550-1001\...\btweb) (Version: 1.4.0 - BitTorrent Limited)
CADKON+ 2024 Database - Cz (HKLM\...\{6D06E854-1A36-4736-A7EB-1C9E36D71F85}) (Version: 24.2.0055 - Graitec) Hidden
CADKON+ 2024 Language Pack - Cz (HKLM\...\{6C493A15-CE76-44DC-9513-05A5EA1B695F}) (Version: 24.2.0055 - Graitec) Hidden
CADKON+ 2024 Root Pack (HKLM\...\{08B49DBB-67E7-48FC-A326-CB1D4E0021D9}) (Version: 24.2.0055 - Graitec) Hidden
CADKON+ 2024.2 (HKLM-x32\...\{1121ee7d-5d8a-4c92-8891-b98a82636f2d}) (Version: 24.2.55 - Graitec)
CCleaner (HKLM\...\CCleaner) (Version: 6.25 - Piriform)
CyberLink PowerDirector 365 (HKLM-x32\...\{678184FC-3343-4125-8098-01B6032F8BB2}) (Version: 22.2.2712.0 - CyberLink Corp.)
GalaxyBudsManager (HKLM-x32\...\GalaxyBudsManager) (Version: 2.1.220907.51 - Samsung Electronics Co, Ltd.)
Google Drive (HKLM\...\{6BBAE539-2232-434A-A4E5-9A33560C6283}) (Version: 93.0.1.0 - Google LLC)
Google Chrome (HKLM-x32\...\Google Chrome) (Version: 126.0.6478.127 - Google LLC)
Graitec - Advance CAD 2024 (HKLM\...\{E2402D86-4CC6-415F-BA1C-2EE567CB7D1A}) (Version: 14.0.0.7344 - Graitec) Hidden
GrVfkImport (HKLM\...\{892AE826-080B-4C24-89DE-888FBF883DD1}) (Version: 24.01.0011 - AB Studio) Hidden
Intel(R) Chipset Device Software (HKLM\...\{22987D97-5A46-4BD9-B1A5-2FFE44201081}) (Version: 10.1.19199.8340 - Intel Corporation) Hidden
Intel(R) Chipset Device Software (HKLM-x32\...\{e6ecf35a-b1bb-4e59-9d90-4c98fde2ffa8}) (Version: 10.1.19199.8340 - Intel(R) Corporation)
Lenovo USB Audio (HKLM\...\VID_17EF&PID_3063&MI_00) (Version: 1.31.38.50 - Synaptics Incorporated)
LYNX Trading (HKU\S-1-5-21-2758214187-3853810005-2688088550-1001\...\5556-0007-2700-0000) (Version: latest (10.26.1j) 20240103 15:16:39 - LYNX)
Microsoft .NET Host - 6.0.11 (x64) (HKLM\...\{B92B890A-04F2-4880-BA20-20D4364FB263}) (Version: 48.47.50420 - Microsoft Corporation) Hidden
Microsoft .NET Host FX Resolver - 6.0.11 (x64) (HKLM\...\{5E63E49B-C88C-46C5-855C-A7B07C11CDC8}) (Version: 48.47.50420 - Microsoft Corporation) Hidden
Microsoft .NET Runtime - 6.0.11 (x64) (HKLM\...\{C3DD1448-513A-4DB8-978D-6991562EA63D}) (Version: 48.47.50420 - Microsoft Corporation) Hidden
Microsoft 365 Apps pro velké organizace - cs-cz (HKLM\...\O365ProPlusRetail - cs-cz) (Version: 16.0.17726.20126 - Microsoft Corporation)
Microsoft ASP.NET Core 6.0.8 - Shared Framework (x64) (HKLM-x32\...\{1182f806-658a-4241-9202-d43e13bf2719}) (Version: 6.0.8.22363 - Microsoft Corporation)
Microsoft ASP.NET Core 6.0.8 Shared Framework (x64) (HKLM\...\{FA97D589-B37E-3B49-A8D2-4764029773FE}) (Version: 6.0.8.22363 - Microsoft Corporation) Hidden
Microsoft Edge (HKLM-x32\...\Microsoft Edge) (Version: 126.0.2592.87 - Microsoft Corporation)
Microsoft Edge WebView2 Runtime (HKLM-x32\...\Microsoft EdgeWebView) (Version: 126.0.2592.87 - Microsoft Corporation)
Microsoft OneDrive (HKLM\...\OneDriveSetup.exe) (Version: 24.116.0609.0005 - Microsoft Corporation)
Microsoft Teams classic (HKU\S-1-5-21-2758214187-3853810005-2688088550-1001\...\Teams) (Version: 1.7.00.13456 - Microsoft Corporation)
Microsoft Teams Meeting Add-in for Microsoft Office (HKLM\...\{A7AB73A3-CB10-4AA5-9D38-6AEFFBDE4C91}) (Version: 1.24.14501 - Microsoft)
Microsoft Update Health Tools (HKLM\...\{C6FD611E-7EFE-488C-A0E0-974C09EF6473}) (Version: 5.72.0.0 - Microsoft Corporation)
Microsoft Visual C++ 2005 Redistributable (HKLM-x32\...\{7299052b-02a4-4627-81f2-1818da5d550d}) (Version: 8.0.56336 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x86 9.0.21022 (HKLM-x32\...\{FF66E9F6-83E7-3A3E-AF14-8DE9A809A6A4}) (Version: 9.0.21022 - Microsoft Corporation)
Microsoft Visual C++ 2010 x86 Redistributable - 10.0.40219 (HKLM-x32\...\{F0C3E5D1-1ADE-321E-8167-68EF0DE699A5}) (Version: 10.0.40219 - Microsoft Corporation)
Microsoft Visual C++ 2012 Redistributable (x64) - 11.0.61030 (HKLM-x32\...\{ca67548a-5ebe-413a-b50c-4b9ceb6d66c6}) (Version: 11.0.61030.0 - Microsoft Corporation)
Microsoft Visual C++ 2012 Redistributable (x86) - 11.0.61030 (HKLM-x32\...\{33d1fd90-4274-48a1-9bc1-97e33d9c2d6f}) (Version: 11.0.61030.0 - Microsoft Corporation)
Microsoft Visual C++ 2012 x64 Additional Runtime - 11.0.61030 (HKLM\...\{37B8F9C7-03FB-3253-8781-2517C99D7C00}) (Version: 11.0.61030 - Microsoft Corporation) Hidden
Microsoft Visual C++ 2012 x64 Minimum Runtime - 11.0.61030 (HKLM\...\{CF2BEA3C-26EA-32F8-AA9B-331F7E34BA97}) (Version: 11.0.61030 - Microsoft Corporation) Hidden
Microsoft Visual C++ 2012 x86 Additional Runtime - 11.0.61030 (HKLM-x32\...\{B175520C-86A2-35A7-8619-86DC379688B9}) (Version: 11.0.61030 - Microsoft Corporation) Hidden
Microsoft Visual C++ 2012 x86 Minimum Runtime - 11.0.61030 (HKLM-x32\...\{BD95A8CD-1D9F-35AD-981A-3E7925026EBB}) (Version: 11.0.61030 - Microsoft Corporation) Hidden
Microsoft Visual C++ 2013 Redistributable (x64) - 12.0.30501 (HKLM-x32\...\{050d4fc8-5d48-4b8f-8972-47c82c46020f}) (Version: 12.0.30501.0 - Microsoft Corporation)
Microsoft Visual C++ 2013 Redistributable (x86) - 12.0.30501 (HKLM-x32\...\{f65db027-aff3-4070-886a-0d87064aabb1}) (Version: 12.0.30501.0 - Microsoft Corporation)
Microsoft Visual C++ 2013 x64 Additional Runtime - 12.0.21005 (HKLM\...\{929FBD26-9020-399B-9A7A-751D61F0B942}) (Version: 12.0.21005 - Microsoft Corporation) Hidden
Microsoft Visual C++ 2013 x64 Minimum Runtime - 12.0.21005 (HKLM\...\{A749D8E6-B613-3BE3-8F5F-045C84EBA29B}) (Version: 12.0.21005 - Microsoft Corporation) Hidden
Microsoft Visual C++ 2013 x86 Additional Runtime - 12.0.21005 (HKLM-x32\...\{F8CFEB22-A2E7-3971-9EDA-4B11EDEFC185}) (Version: 12.0.21005 - Microsoft Corporation) Hidden
Microsoft Visual C++ 2013 x86 Minimum Runtime - 12.0.21005 (HKLM-x32\...\{13A4EE12-23EA-3371-91EE-EFB36DDFFF3E}) (Version: 12.0.21005 - Microsoft Corporation) Hidden
Microsoft Visual C++ 2015-2022 Redistributable (x64) - 14.40.33810 (HKLM-x32\...\{5af95fd8-a22e-458f-acee-c61bd787178e}) (Version: 14.40.33810.0 - Microsoft Corporation)
Microsoft Visual C++ 2015-2022 Redistributable (x86) - 14.40.33810 (HKLM-x32\...\{47109d57-d746-4f8b-9618-ed6a17cc922b}) (Version: 14.40.33810.0 - Microsoft Corporation)
Microsoft Visual C++ 2022 X64 Additional Runtime - 14.40.33810 (HKLM\...\{59CED48F-EBFE-480C-8A38-FC079C2BEC0F}) (Version: 14.40.33810 - Microsoft Corporation) Hidden
Microsoft Visual C++ 2022 X64 Minimum Runtime - 14.40.33810 (HKLM\...\{B8B3BB4A-A10D-4F51-91B7-A64FFAC31EA7}) (Version: 14.40.33810 - Microsoft Corporation) Hidden
Microsoft Visual C++ 2022 X86 Additional Runtime - 14.40.33810 (HKLM-x32\...\{5EA6C998-D5AC-4ED9-89C3-9F25B17CCD3D}) (Version: 14.40.33810 - Microsoft Corporation) Hidden
Microsoft Visual C++ 2022 X86 Minimum Runtime - 14.40.33810 (HKLM-x32\...\{0C3457A0-3DCE-4A33-BEF0-9B528C557771}) (Version: 14.40.33810 - Microsoft Corporation) Hidden
Microsoft Windows Desktop Runtime - 6.0.11 (x64) (HKLM\...\{A39D4115-3A27-4245-AE92-3214B8B21932}) (Version: 48.47.50419 - Microsoft Corporation) Hidden
Microsoft Windows Desktop Runtime - 6.0.11 (x64) (HKLM-x32\...\{c4846f79-a633-4ae4-92a3-92fdbeb33da2}) (Version: 6.0.11.31823 - Microsoft Corporation)
MSI Center SDK (HKLM-x32\...\{15289038-41BE-48F8-B8B9-0B1021D3089E}}_is1) (Version: 3.2024.0619.01 - MSI)
MSI NBFoundation Service (HKLM-x32\...\{640EFA76-B899-476B-B2DF-D0CCF11D6083}}_is1) (Version: 2.0.2406.0501 - MSI)
NVIDIA FrameView SDK 1.3.8513.32290073 (HKLM\...\{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_FrameViewSdk) (Version: 1.3.8513.32290073 - NVIDIA Corporation)
NVIDIA GeForce Experience 3.28.0.417 (HKLM\...\{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_Display.GFExperience) (Version: 3.28.0.417 - NVIDIA Corporation)
NVIDIA Ovladač HD audia 1.3.40.14 (HKLM\...\{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_HDAudio.Driver) (Version: 1.3.40.14 - NVIDIA Corporation)
NVIDIA Ovladače grafiky 546.17 (HKLM\...\{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_Display.Driver) (Version: 546.17 - NVIDIA Corporation)
NVIDIA Systémový software PhysX 9.21.0713 (HKLM\...\{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_Display.PhysX) (Version: 9.21.0713 - NVIDIA Corporation)
NVIDIA USBC Driver 1.50.831.832 (HKLM\...\{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_USBC) (Version: 1.50.831.832 - NVIDIA Corporation)
Office 16 Click-to-Run Extensibility Component (HKLM\...\{90160000-008C-0000-1000-0000000FF1CE}) (Version: 16.0.17628.20110 - Microsoft Corporation) Hidden
Office 16 Click-to-Run Licensing Component (HKLM\...\{90160000-007E-0000-1000-0000000FF1CE}) (Version: 16.0.17726.20108 - Microsoft Corporation) Hidden
Proton VPN (HKLM\...\Proton VPN_is1) (Version: 3.2.10 - Proton AG)
Steam (HKLM-x32\...\Steam) (Version: 2.10.91.91 - Valve Corporation)
Teams Machine-Wide Installer (HKLM-x32\...\{731F6BAA-A986-45A4-8936-7C3AAAAA760B}) (Version: 1.6.0.24078 - Microsoft Corporation)
ThinkPad Thunderbolt 3 Dock (HKLM-x32\...\ThinkPad Thunderbolt 3 Dock_is1) (Version: 1.001.9 - Lenovo Group Limited)
Thinkpad USB Ethernet Adapter Driver (HKLM-x32\...\{04201224-2B34-4EE7-862B-B7BBF89DB3AB}) (Version: 10.39.518.2020 - Lenovo)
Uložit do služby Autodesk Web and Mobile (HKLM\...\{AC9D2EAD-0DA0-4E0B-8672-546F5B1E6E73}) (Version: 3.0.31 - Autodesk)
VLC media player (HKLM\...\VLC media player) (Version: 3.0.20 - VideoLAN)
Packages:
=========
Adobe Acrobat Reader -> C:\Program Files\Adobe\Acrobat DC [2024-03-12] ()
AppUp.IntelGraphicsExperience -> C:\Program Files\WindowsApps\AppUp.IntelGraphicsExperience_1.100.5536.0_x64__8j3eq9eme6ctt [2024-06-14] (INTEL CORP) [Startup Task]
Fotografie -> C:\Program Files\WindowsApps\Microsoft.Windows.Photos_2024.11060.20006.0_x64__8wekyb3d8bbwe [2024-06-28] (Microsoft Corporation) [Startup Task]
Microsoft Teams -> C:\Program Files\WindowsApps\MSTeams_24152.415.2975.367_x64__8wekyb3d8bbwe [2024-07-07] (Microsoft) [Startup Task]
Microsoft.BingSearch -> C:\Program Files\WindowsApps\Microsoft.BingSearch_1.0.91.0_x64__8wekyb3d8bbwe [2024-04-10] (Microsoft Corporation)
MicrosoftWindows.CrossDevice -> C:\Program Files\WindowsApps\MicrosoftWindows.CrossDevice_1.24052.57.0_x64__cw5n1h2txyewy [2024-06-18] (Microsoft Windows) [Startup Task]
MSI Center -> C:\Program Files\WindowsApps\9426MICRO-STARINTERNATION.MSICenter_2.0.38.0_x64__kzh8wxbdkxb8p [2024-06-30] (MICRO-STAR INTERNATIONAL CO., LTD) [Startup Task]
MSI Common -> C:\Program Files\WindowsApps\9426MICRO-STARINTERNATION.MSICommon_1.1.5.0_x64__kzh8wxbdkxb8p [2024-03-28] (MICRO-STAR INTERNATIONAL CO., LTD)
Netflix -> C:\Program Files\WindowsApps\4DF9E0F8.Netflix_6.99.5.0_x64__mcm4njqhnhss8 [2024-06-20] (Netflix, Inc.)
NVIDIA Control Panel -> C:\Program Files\WindowsApps\NVIDIACorp.NVIDIAControlPanel_8.1.966.0_x64__56jybvy8sckqj [2024-04-23] (NVIDIA Corp.)
Realtek Audio Control -> C:\Program Files\WindowsApps\RealtekSemiconductorCorp.RealtekAudioControl_1.51.327.0_x64__dt26b99r8h8gj [2024-05-16] (Realtek Semiconductor Corp)
WinAppRuntime.Main.1.5 -> C:\Program Files\WindowsApps\MicrosoftCorporationII.WinAppRuntime.Main.1.5_5001.159.55.0_x64__8wekyb3d8bbwe [2024-06-12] (Microsoft Corp.)
WinAppRuntime.Singleton -> C:\Program Files\WindowsApps\MicrosoftCorporationII.WinAppRuntime.Singleton_5001.159.55.0_x64__8wekyb3d8bbwe [2024-06-12] (Microsoft Corp.)
Windows Feature Experience Pack -> C:\Windows\SystemApps\MicrosoftWindows.Client.LKG_cw5n1h2txyewy [2024-06-14] (Microsoft Windows)
==================== Custom CLSID (Whitelisted): ==============
(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)
CustomCLSID: HKU\S-1-5-21-2758214187-3853810005-2688088550-1001_Classes\CLSID\{000D0E00-0000-0000-C000-000000000046}\localserver32 -> D:\CADKON\2024\ICAD.EXE (GRAITEC INNOVATION SAS -> Graitec)
CustomCLSID: HKU\S-1-5-21-2758214187-3853810005-2688088550-1001_Classes\CLSID\{19A6E644-14E6-4A60-B8D7-DD20610A871D}\InprocServer32 -> C:\Users\sern\AppData\Local\Microsoft\TeamsMeetingAdd-in\1.24.14501\x64\Microsoft.Teams.AddinLoader.dll (Microsoft Corporation -> Microsoft Corporation)
CustomCLSID: HKU\S-1-5-21-2758214187-3853810005-2688088550-1001_Classes\CLSID\{314AC707-0C11-4B4C-8CB1-564B3EE6BE5F}\localserver32 -> D:\CADKON\2024\ICAD.EXE (GRAITEC INNOVATION SAS -> Graitec)
CustomCLSID: HKU\S-1-5-21-2758214187-3853810005-2688088550-1001_Classes\CLSID\{345D3165-3889-4694-AB75-A91A27B217E8}\localserver32 -> C:\Program Files\Autodesk\AutoCAD LT 2024\acadlt.exe => No File
CustomCLSID: HKU\S-1-5-21-2758214187-3853810005-2688088550-1001_Classes\CLSID\{38142727-3008-9161-1521-349515000000}\localserver32 -> "C:\Program Files\Adobe\Acrobat DC\Acrobat\ADNotificationManager.exe" -ToastActivated => No File
CustomCLSID: HKU\S-1-5-21-2758214187-3853810005-2688088550-1001_Classes\CLSID\{50726f74-6f6e-2e56-504e-000000000000}\localserver32 -> C:\Program Files\Proton\VPN\v3.2.10\ProtonVPN.exe (Proton AG -> )
CustomCLSID: HKU\S-1-5-21-2758214187-3853810005-2688088550-1001_Classes\CLSID\{74F5CC00-49A9-11CF-A2F9-444553540000}\InprocServer32 -> C:\Program Files\Autodesk\AutoCAD LT 2024\cs-CZ\acadltficn.dll => No File
CustomCLSID: HKU\S-1-5-21-2758214187-3853810005-2688088550-1001_Classes\CLSID\{d1b22d3d-8585-53a6-acb3-0e803c7e8d2a}\localserver32 -> C:\Users\sern\AppData\Local\Microsoft\Teams\current\Teams.exe (Microsoft Corporation -> Microsoft Corporation)
ShellIconOverlayIdentifiers: [ OneDrive1] -> {BBACC218-34EA-4666-9D7A-C78F2274A524} => C:\Program Files\Microsoft OneDrive\24.116.0609.0005\FileSyncShell64.dll [2024-06-30] (Microsoft Corporation -> Microsoft Corporation)
ShellIconOverlayIdentifiers: [ OneDrive2] -> {5AB7172C-9C11-405C-8DD5-AF20F3606282} => C:\Program Files\Microsoft OneDrive\24.116.0609.0005\FileSyncShell64.dll [2024-06-30] (Microsoft Corporation -> Microsoft Corporation)
ShellIconOverlayIdentifiers: [ OneDrive3] -> {A78ED123-AB77-406B-9962-2A5D9D2F7F30} => C:\Program Files\Microsoft OneDrive\24.116.0609.0005\FileSyncShell64.dll [2024-06-30] (Microsoft Corporation -> Microsoft Corporation)
ShellIconOverlayIdentifiers: [ OneDrive4] -> {F241C880-6982-4CE5-8CF7-7085BA96DA5A} => C:\Program Files\Microsoft OneDrive\24.116.0609.0005\FileSyncShell64.dll [2024-06-30] (Microsoft Corporation -> Microsoft Corporation)
ShellIconOverlayIdentifiers: [ OneDrive5] -> {A0396A93-DC06-4AEF-BEE9-95FFCCAEF20E} => C:\Program Files\Microsoft OneDrive\24.116.0609.0005\FileSyncShell64.dll [2024-06-30] (Microsoft Corporation -> Microsoft Corporation)
ShellIconOverlayIdentifiers: [ OneDrive6] -> {9AA2F32D-362A-42D9-9328-24A483E2CCC3} => C:\Program Files\Microsoft OneDrive\24.116.0609.0005\FileSyncShell64.dll [2024-06-30] (Microsoft Corporation -> Microsoft Corporation)
ShellIconOverlayIdentifiers: [ OneDrive7] -> {C5FF006E-2AE9-408C-B85B-2DFDD5449D9C} => C:\Program Files\Microsoft OneDrive\24.116.0609.0005\FileSyncShell64.dll [2024-06-30] (Microsoft Corporation -> Microsoft Corporation)
ShellIconOverlayIdentifiers: [ GoogleDriveCloudOverlayIconHandler] -> {A8E52322-8734-481D-A7E2-27B309EF8D56} => C:\Program Files\Google\Drive File Stream\93.0.1.0\drivefsext.dll [2024-07-08] (Google LLC -> Google, Inc.)
ShellIconOverlayIdentifiers: [ GoogleDriveMirrorBlacklistedOverlayIconHandler] -> {51EF1569-67EE-4AD6-9646-E726C3FFC8A2} => C:\Program Files\Google\Drive File Stream\93.0.1.0\drivefsext.dll [2024-07-08] (Google LLC -> Google, Inc.)
ShellIconOverlayIdentifiers: [ GoogleDrivePinnedOverlayIconHandler] -> {CFE8B367-77A7-41D7-9C90-75D16D7DC6B6} => C:\Program Files\Google\Drive File Stream\93.0.1.0\drivefsext.dll [2024-07-08] (Google LLC -> Google, Inc.)
ShellIconOverlayIdentifiers: [ GoogleDriveProgressOverlayIconHandler] -> {C973DA94-CBDF-4E77-81D1-E5B794FBD146} => C:\Program Files\Google\Drive File Stream\93.0.1.0\drivefsext.dll [2024-07-08] (Google LLC -> Google, Inc.)
ShellIconOverlayIdentifiers-x32: [ OneDrive1] -> {BBACC218-34EA-4666-9D7A-C78F2274A524} => C:\Program Files\Microsoft OneDrive\24.116.0609.0005\FileSyncShell64.dll [2024-06-30] (Microsoft Corporation -> Microsoft Corporation)
ShellIconOverlayIdentifiers-x32: [ OneDrive2] -> {5AB7172C-9C11-405C-8DD5-AF20F3606282} => C:\Program Files\Microsoft OneDrive\24.116.0609.0005\FileSyncShell64.dll [2024-06-30] (Microsoft Corporation -> Microsoft Corporation)
ShellIconOverlayIdentifiers-x32: [ OneDrive3] -> {A78ED123-AB77-406B-9962-2A5D9D2F7F30} => C:\Program Files\Microsoft OneDrive\24.116.0609.0005\FileSyncShell64.dll [2024-06-30] (Microsoft Corporation -> Microsoft Corporation)
ShellIconOverlayIdentifiers-x32: [ OneDrive4] -> {F241C880-6982-4CE5-8CF7-7085BA96DA5A} => C:\Program Files\Microsoft OneDrive\24.116.0609.0005\FileSyncShell64.dll [2024-06-30] (Microsoft Corporation -> Microsoft Corporation)
ShellIconOverlayIdentifiers-x32: [ OneDrive5] -> {A0396A93-DC06-4AEF-BEE9-95FFCCAEF20E} => C:\Program Files\Microsoft OneDrive\24.116.0609.0005\FileSyncShell64.dll [2024-06-30] (Microsoft Corporation -> Microsoft Corporation)
ShellIconOverlayIdentifiers-x32: [ OneDrive6] -> {9AA2F32D-362A-42D9-9328-24A483E2CCC3} => C:\Program Files\Microsoft OneDrive\24.116.0609.0005\FileSyncShell64.dll [2024-06-30] (Microsoft Corporation -> Microsoft Corporation)
ShellIconOverlayIdentifiers-x32: [ OneDrive7] -> {C5FF006E-2AE9-408C-B85B-2DFDD5449D9C} => C:\Program Files\Microsoft OneDrive\24.116.0609.0005\FileSyncShell64.dll [2024-06-30] (Microsoft Corporation -> Microsoft Corporation)
ContextMenuHandlers1: [ FileSyncEx] -> {CB3D0F55-BC2C-4C1A-85ED-23ED75B5106B} => C:\Program Files\Microsoft OneDrive\24.116.0609.0005\FileSyncShell64.dll [2024-06-30] (Microsoft Corporation -> Microsoft Corporation)
ContextMenuHandlers1: [DriveFS 28 or later] -> {EE15C2BD-CECB-49F8-A113-CA1BFC528F5B} => C:\Program Files\Google\Drive File Stream\93.0.1.0\drivefsext.dll [2024-07-08] (Google LLC -> Google, Inc.)
ContextMenuHandlers4: [ FileSyncEx] -> {CB3D0F55-BC2C-4C1A-85ED-23ED75B5106B} => C:\Program Files\Microsoft OneDrive\24.116.0609.0005\FileSyncShell64.dll [2024-06-30] (Microsoft Corporation -> Microsoft Corporation)
ContextMenuHandlers4: [DriveFS 28 or later] -> {EE15C2BD-CECB-49F8-A113-CA1BFC528F5B} => C:\Program Files\Google\Drive File Stream\93.0.1.0\drivefsext.dll [2024-07-08] (Google LLC -> Google, Inc.)
ContextMenuHandlers5: [ FileSyncEx] -> {CB3D0F55-BC2C-4C1A-85ED-23ED75B5106B} => C:\Program Files\Microsoft OneDrive\24.116.0609.0005\FileSyncShell64.dll [2024-06-30] (Microsoft Corporation -> Microsoft Corporation)
ContextMenuHandlers5: [DriveFS 28 or later] -> {EE15C2BD-CECB-49F8-A113-CA1BFC528F5B} => C:\Program Files\Google\Drive File Stream\93.0.1.0\drivefsext.dll [2024-07-08] (Google LLC -> Google, Inc.)
ContextMenuHandlers5: [NvCplDesktopContext] -> {3D1975AF-48C6-4f8e-A182-BE0E08FA86A9} => C:\Windows\System32\DriverStore\FileRepository\nvmiig.inf_amd64_7bbded0afca8813b\nvshext.dll [2023-11-10] (NVIDIA Corporation -> NVIDIA Corporation)
==================== Codecs (Whitelisted) ====================
==================== Shortcuts & WMI ========================
(The entries could be listed to be restored or removed.)
ShortcutWithArgument: C:\Users\sern\AppData\Roaming\Microsoft\Internet Explorer\Quick Launch\User Pinned\ImplicitAppShortcuts\69639df789022856\stepan - Chrome.lnk -> C:\Program Files\Google\Chrome\Application\chrome.exe (Google LLC) -> --profile-directory="Profile 1"
==================== Loaded Modules (Whitelisted) =============
2024-06-04 16:06 - 2024-03-14 08:59 - 000925184 _____ () [File not signed] \\?\C:\Program Files\Autodesk\AdODIS\V1\Access\ui-plugins\ada\addons\adIPC.node
2024-06-04 16:06 - 2024-04-16 06:11 - 000371712 _____ () [File not signed] \\?\C:\Program Files\Autodesk\AdODIS\V1\Access\ui-plugins\ada\addons\adpUtil.node
2023-12-07 21:27 - 2023-12-07 21:27 - 001490944 _____ () [File not signed] C:\Users\sern\AppData\Roaming\BitTorrent Web\avcodec-58.dll
2023-12-07 21:27 - 2023-12-07 21:27 - 000949248 _____ () [File not signed] C:\Users\sern\AppData\Roaming\BitTorrent Web\avformat-58.dll
2023-12-07 21:27 - 2023-12-07 21:27 - 000635392 _____ () [File not signed] C:\Users\sern\AppData\Roaming\BitTorrent Web\avutil-56.dll
2023-12-07 21:27 - 2023-12-07 21:27 - 000153088 _____ () [File not signed] C:\Users\sern\AppData\Roaming\BitTorrent Web\swresample-3.dll
2023-12-27 13:35 - 2018-06-14 13:14 - 000187392 _____ (Seiko Epson Corporation) [File not signed] C:\Windows\System32\E_YLMBSBE.DLL
2023-07-20 05:02 - 2023-07-20 05:02 - 000182784 _____ (SEIKO EPSON CORPORATION) [File not signed] C:\Windows\System32\EFXLM16A.DLL
2023-12-07 21:27 - 2023-12-07 21:27 - 002554880 _____ (The OpenSSL Project, hxxps://www.openssl.org/) [File not signed] C:\Users\sern\AppData\Roaming\BitTorrent Web\libcrypto-1_1.dll
2023-12-07 21:27 - 2023-12-07 21:27 - 000537600 _____ (The OpenSSL Project, hxxps://www.openssl.org/) [File not signed] C:\Users\sern\AppData\Roaming\BitTorrent Web\libssl-1_1.dll
==================== Alternate Data Streams (Whitelisted) ========
==================== Safe Mode (Whitelisted) ==================
==================== Association (Whitelisted) =================
(If an entry is included in the fixlist, the registry item will be restored to default or removed.)
HKLM\...\.scr: Icad.load.scr => "notepad.exe" "%1" <==== ATTENTION
HKU\S-1-5-21-2758214187-3853810005-2688088550-1001\Software\Classes\.scr: AutoCADLTScriptFile => C:\Windows\system32\notepad.exe "%1"
==================== Internet Explorer (Whitelisted) ==========
BHO: Skype for Business Browser Helper -> {31D09BA0-12F5-4CCE-BE8A-2923E76605DA} -> C:\Program Files\Microsoft Office\root\Office16\OCHelper.dll [2024-04-05] (Microsoft Corporation -> Microsoft Corporation)
BHO-x32: Skype for Business Browser Helper -> {31D09BA0-12F5-4CCE-BE8A-2923E76605DA} -> C:\Program Files\Microsoft Office\root\VFS\ProgramFilesX86\Microsoft Office\Office16\OCHelper.dll [2024-04-05] (Microsoft Corporation -> Microsoft Corporation)
Handler: mso-minsb-roaming.16 - {83C25742-A9F7-49FB-9138-434302C88D07} - C:\Program Files\Microsoft Office\root\Office16\MSOSB.DLL [2024-06-30] (Microsoft Corporation -> Microsoft Corporation)
Handler-x32: mso-minsb-roaming.16 - {83C25742-A9F7-49FB-9138-434302C88D07} - C:\Program Files\Microsoft Office\root\VFS\ProgramFilesX86\Microsoft Office\Office16\MSOSB.DLL [2024-06-30] (Microsoft Corporation -> Microsoft Corporation)
Handler: mso-minsb.16 - {42089D2D-912D-4018-9087-2B87803E93FB} - C:\Program Files\Microsoft Office\root\Office16\MSOSB.DLL [2024-06-30] (Microsoft Corporation -> Microsoft Corporation)
Handler-x32: mso-minsb.16 - {42089D2D-912D-4018-9087-2B87803E93FB} - C:\Program Files\Microsoft Office\root\VFS\ProgramFilesX86\Microsoft Office\Office16\MSOSB.DLL [2024-06-30] (Microsoft Corporation -> Microsoft Corporation)
Handler: osf-roaming.16 - {42089D2D-912D-4018-9087-2B87803E93FB} - C:\Program Files\Microsoft Office\root\Office16\MSOSB.DLL [2024-06-30] (Microsoft Corporation -> Microsoft Corporation)
Handler-x32: osf-roaming.16 - {42089D2D-912D-4018-9087-2B87803E93FB} - C:\Program Files\Microsoft Office\root\VFS\ProgramFilesX86\Microsoft Office\Office16\MSOSB.DLL [2024-06-30] (Microsoft Corporation -> Microsoft Corporation)
Handler: osf.16 - {5504BE45-A83B-4808-900A-3A5C36E7F77A} - C:\Program Files\Microsoft Office\root\Office16\MSOSB.DLL [2024-06-30] (Microsoft Corporation -> Microsoft Corporation)
Handler-x32: osf.16 - {5504BE45-A83B-4808-900A-3A5C36E7F77A} - C:\Program Files\Microsoft Office\root\VFS\ProgramFilesX86\Microsoft Office\Office16\MSOSB.DLL [2024-06-30] (Microsoft Corporation -> Microsoft Corporation)
==================== Hosts content: =========================
(If needed Hosts: directive could be included in the fixlist to reset Hosts.)
2022-05-07 07:24 - 2024-01-30 14:55 - 000003301 _____ C:\Windows\system32\drivers\etc\hosts
109.94.209.70 *.fitgirl-repacks.xyz # Fake FitGirl site
109.94.209.70 fitgirlpack.site # Fake FitGirl site
109.94.209.70 fitgirlrepacks.in # Fake FitGirl site
109.94.209.70 www.fitgirlrepacks.in # Fake FitGirl site
109.94.209.70 fitgirlrepacks.co # Fake FitGirl site
109.94.209.70 fitgirl-repacks.cc # Fake FitGirl site
109.94.209.70 fitgirl-repacks.to # Fake FitGirl site
109.94.209.70 fitgirl-repack.com # Fake FitGirl site
109.94.209.70 fitgirl-repacks.website # Fake FitGirl site
109.94.209.70 www.fitgirlrepacks.co # Fake FitGirl site
109.94.209.70 www.fitgirl-repacks.cc # Fake FitGirl site
109.94.209.70 www.fitgirl-repacks.to # Fake FitGirl site
109.94.209.70 www.fitgirl-repack.com # Fake FitGirl site
109.94.209.70 www.fitgirl-repacks.website # Fake FitGirl site
109.94.209.70 ww9.fitgirl-repacks.xyz # Fake FitGirl site
109.94.209.70 *.fitgirl-repacks.xyz # Fake FitGirl site
109.94.209.70 fitgirl-repacks.xyz # Fake FitGirl site
109.94.209.70 fitgirl-repack.net # Fake FitGirl site
109.94.209.70 www.fitgirl-repack.net # Fake FitGirl site
127.0.0.1 checkhost.local
109.94.209.70 www.fitgirlpack.site # Fake FitGirl site
109.94.209.70 fitgirl-repack.org # Fake FitGirl site
109.94.209.70 www.fitgirl-repack.org # Fake FitGirl site
109.94.209.70 fitgirlrepacks.pro # Fake FitGirl site
109.94.209.70 www.fitgirlrepacks.pro # Fake FitGirl site
109.94.209.70 fitgirlrepack.games # Fake FitGirl site
109.94.209.70 www.fitgirlrepack.games # Fake FitGirl site
109.94.209.70 fitgirl-repacks-site.org # Fake FitGirl site
109.94.209.70 www.fitgirl-repacks-site.org # Fake FitGirl site
109.94.209.70 fitgirls-repacks.com # Fake FitGirl site
2024-05-23 22:51 - 2024-05-23 23:13 - 000000500 _____ C:\Windows\system32\drivers\etc\hosts.ics
==================== Other Areas ===========================
(Currently there is no automatic fix for this section.)
HKU\S-1-5-21-2758214187-3853810005-2688088550-1001\Control Panel\Desktop\\Wallpaper -> c:\windows\web\wallpaper\windows\img0.jpg
DNS Servers: 192.168.0.1
HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Policies\System => (ConsentPromptBehaviorAdmin: 5) (ConsentPromptBehaviorUser: 3) (EnableLUA: 1)
Windows Firewall is enabled.
==================== MSCONFIG/TASK MANAGER disabled items ==
==================== FirewallRules (Whitelisted) ================
(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)
FirewallRules: [{86229055-6BF1-4C6A-A7E8-06022E37ABAB}] => (Allow) D:\Program Files (x86)\Steam\Steam.exe (Valve Corp. -> Valve Corporation)
FirewallRules: [{6C037B84-4FD4-49EA-B5A5-8C2B3C091154}] => (Allow) D:\Program Files (x86)\Steam\Steam.exe (Valve Corp. -> Valve Corporation)
FirewallRules: [{06D5E82A-3F88-4A0E-AEA9-9D420C108C6C}] => (Allow) D:\Program Files (x86)\Steam\bin\cef\cef.win7x64\steamwebhelper.exe (Valve Corp. -> Valve Corporation)
FirewallRules: [{64EC9E69-40BE-4F1B-B704-AF94284959C2}] => (Allow) D:\Program Files (x86)\Steam\bin\cef\cef.win7x64\steamwebhelper.exe (Valve Corp. -> Valve Corporation)
FirewallRules: [{9FF4E215-7BE7-4B3B-A49F-2E79BF1EF400}] => (Allow) C:\Program Files\Microsoft Office\root\Office16\Lync.exe (Microsoft Corporation -> Microsoft Corporation)
FirewallRules: [{27A4B1F0-67FD-4A18-8976-4C99496C96EE}] => (Allow) C:\Program Files\Microsoft Office\root\Office16\UcMapi.exe (Microsoft Corporation -> Microsoft Corporation)
FirewallRules: [{4DB6F32F-67D8-470B-B9FA-42CD1026AA75}] => (Allow) D:\Program Files (x86)\Steam\steamapps\common\Starfield\Starfield.exe (Bethesda Softworks LLC -> Bethesda Softworks)
FirewallRules: [{E59B62F9-A6EE-410F-A6A0-2E3A4840261C}] => (Allow) D:\Program Files (x86)\Steam\steamapps\common\Starfield\Starfield.exe (Bethesda Softworks LLC -> Bethesda Softworks)
FirewallRules: [{6CE6151E-9A91-40F3-B4D6-8ECCBBA24025}] => (Allow) C:\Program Files\NVIDIA Corporation\NvContainer\nvcontainer.exe (NVIDIA Corporation -> NVIDIA Corporation)
FirewallRules: [{28D2F35F-E4C8-41A2-A345-47F48FAC1258}] => (Allow) C:\Program Files\NVIDIA Corporation\NvContainer\nvcontainer.exe (NVIDIA Corporation -> NVIDIA Corporation)
FirewallRules: [TCP Query User{8097781A-072D-452B-9B39-BDBB53D65E1F}E:\steamlibrary\steamapps\common\baldurs gate 3\bin\bg3_dx11.exe] => (Allow) E:\steamlibrary\steamapps\common\baldurs gate 3\bin\bg3_dx11.exe (Larian Studios Games Ltd. -> )
FirewallRules: [UDP Query User{642E0FE9-C62B-481C-A9E2-D6C0C50BD165}E:\steamlibrary\steamapps\common\baldurs gate 3\bin\bg3_dx11.exe] => (Allow) E:\steamlibrary\steamapps\common\baldurs gate 3\bin\bg3_dx11.exe (Larian Studios Games Ltd. -> )
FirewallRules: [TCP Query User{27BBEA0B-9867-49F6-ABDE-2B584AB01909}D:\stažené soubory\anydesk.exe] => (Allow) D:\stažené soubory\anydesk.exe (philandro Software GmbH -> AnyDesk Software GmbH)
FirewallRules: [UDP Query User{C3214CD8-ACA8-49B6-B16A-2AE196941145}D:\stažené soubory\anydesk.exe] => (Allow) D:\stažené soubory\anydesk.exe (philandro Software GmbH -> AnyDesk Software GmbH)
FirewallRules: [TCP Query User{AFCEDC8A-ED57-40DF-A3EA-DAD5A122FBF6}E:\steamlibrary\steamapps\common\baldurs gate 3\bin\bg3_dx11.exe] => (Allow) E:\steamlibrary\steamapps\common\baldurs gate 3\bin\bg3_dx11.exe (Larian Studios Games Ltd. -> )
FirewallRules: [UDP Query User{D23C6C83-183B-44A1-A62E-892D959F6B1E}E:\steamlibrary\steamapps\common\baldurs gate 3\bin\bg3_dx11.exe] => (Allow) E:\steamlibrary\steamapps\common\baldurs gate 3\bin\bg3_dx11.exe (Larian Studios Games Ltd. -> )
FirewallRules: [{742DAE49-A7F6-4638-A188-753263FED5E5}] => (Allow) C:\Program Files (x86)\EPSON Software\Event Manager\EEventManager.exe => No File
FirewallRules: [{A10C0A4D-8FCD-4941-A4D3-3BFA6DE29D2C}] => (Allow) C:\Program Files (x86)\EPSON Software\Event Manager\EEventManager.exe => No File
FirewallRules: [{0252E50E-5353-4FA9-87CE-46C8E98EFA8E}] => (Allow) C:\Users\sern\AppData\Local\Temp\WF-7710\Network\EpsonNetSetup\ENEasyApp.exe => No File
FirewallRules: [{B5305FAD-B6A0-4905-AE82-D66F42D96DB7}] => (Allow) C:\Users\sern\AppData\Local\Temp\WF-7710\Network\EpsonNetSetup\ENEasyApp.exe => No File
FirewallRules: [{A6247405-DF49-4A2B-9CBD-6157CEBAA7EC}] => (Allow) C:\Users\sern\AppData\Roaming\BitTorrent Web\btweb.exe (BitTorrent Inc -> BitTorrent Limited)
FirewallRules: [{4F229F85-7228-4D8B-894A-6DF7D2EBF609}] => (Allow) C:\Users\sern\AppData\Roaming\BitTorrent Web\btweb.exe (BitTorrent Inc -> BitTorrent Limited)
FirewallRules: [TCP Query User{7441A1AB-FE05-42B7-9AA1-EA8E3CA867EF}E:\steamlibrary\steamapps\common\total war rome ii\rome2.exe] => (Allow) E:\steamlibrary\steamapps\common\total war rome ii\rome2.exe (The Creative Assembly Ltd) [File not signed]
FirewallRules: [UDP Query User{2D1C3749-71CB-4FAE-94C8-E8B5EC55AD1D}E:\steamlibrary\steamapps\common\total war rome ii\rome2.exe] => (Allow) E:\steamlibrary\steamapps\common\total war rome ii\rome2.exe (The Creative Assembly Ltd) [File not signed]
FirewallRules: [{55D28337-DC89-4351-B0DB-233DF840ED80}] => (Allow) D:\Program Files (x86)\Steam\steamapps\common\Valheim\valheim.exe () [File not signed]
FirewallRules: [{26858632-D7E4-4B5F-B22E-3C5453FADDAF}] => (Allow) D:\Program Files (x86)\Steam\steamapps\common\Valheim\valheim.exe () [File not signed]
FirewallRules: [TCP Query User{436BD932-537B-49F0-B42E-C1A0C8ADC256}D:\games\warcraft iii - reforged\_retail_\x86_64\warcraft iii.exe] => (Allow) D:\games\warcraft iii - reforged\_retail_\x86_64\warcraft iii.exe => No File
FirewallRules: [UDP Query User{D43692EA-3BBA-4259-965A-5408EB151AB9}D:\games\warcraft iii - reforged\_retail_\x86_64\warcraft iii.exe] => (Allow) D:\games\warcraft iii - reforged\_retail_\x86_64\warcraft iii.exe => No File
FirewallRules: [TCP Query User{5843DE96-AA63-41EF-AA6C-FF712239BF03}E:\steamlibrary\steamapps\common\baldurs gate 3\bin\bg3.exe] => (Allow) E:\steamlibrary\steamapps\common\baldurs gate 3\bin\bg3.exe (Larian Studios Games Ltd. -> )
FirewallRules: [UDP Query User{0BE7A8C3-9411-4A40-8CE5-1D9F068285D9}E:\steamlibrary\steamapps\common\baldurs gate 3\bin\bg3.exe] => (Allow) E:\steamlibrary\steamapps\common\baldurs gate 3\bin\bg3.exe (Larian Studios Games Ltd. -> )
FirewallRules: [{C541978B-C5C2-4259-889F-13E15AC62D67}] => (Allow) D:\Program Files (x86)\Steam\steamapps\common\Citizen Sleeper\Citizen Sleeper.exe () [File not signed]
FirewallRules: [{DFC3CE84-2D4D-42CF-AFC6-EC9C398EE526}] => (Allow) D:\Program Files (x86)\Steam\steamapps\common\Citizen Sleeper\Citizen Sleeper.exe () [File not signed]
FirewallRules: [{0675EFC3-F184-4C16-BFBD-6FC6DEFCEC13}] => (Allow) D:\IQRC_Zbozinek\IQRC_Zbozinek\iqrc.exe (Amicus) [File not signed]
FirewallRules: [{8F5141F0-E356-4C3F-975C-5638CF0699B6}] => (Allow) D:\IQRC_Zbozinek\IQRC_Zbozinek\iqrc.exe (Amicus) [File not signed]
FirewallRules: [{58A43AF5-B85B-421A-AECE-52CBB95C5205}] => (Allow) D:\IQRC_Zbozinek\IQRC_Zbozinek\iqrc.exe (Amicus) [File not signed]
FirewallRules: [{C73E5024-1B65-4B59-B813-37F6B483CA92}] => (Allow) D:\IQRC_Zbozinek\IQRC_Zbozinek\iqrc.exe (Amicus) [File not signed]
FirewallRules: [{1346CB28-0DA8-40DC-A4D2-AE6B7C4A912F}] => (Allow) D:\Program Files (x86)\Steam\steamapps\common\Thronefall\Thronefall.exe () [File not signed]
FirewallRules: [{7D7C41DD-9882-4ACA-8D1B-698E677B537C}] => (Allow) D:\Program Files (x86)\Steam\steamapps\common\Thronefall\Thronefall.exe () [File not signed]
FirewallRules: [TCP Query User{7CA5800E-D80D-430A-8E5B-738C0305F0D0}C:\users\sern\appdata\local\microsoft\teams\current\teams.exe] => (Allow) C:\users\sern\appdata\local\microsoft\teams\current\teams.exe (Microsoft Corporation -> Microsoft Corporation)
FirewallRules: [UDP Query User{C5BFA08A-A9CE-4BF0-8D18-2FD250E4EA28}C:\users\sern\appdata\local\microsoft\teams\current\teams.exe] => (Allow) C:\users\sern\appdata\local\microsoft\teams\current\teams.exe (Microsoft Corporation -> Microsoft Corporation)
FirewallRules: [TCP Query User{8988576A-391D-4F64-BF26-8AAE0E3F17DD}C:\users\sern\appdata\roaming\bittorrent web\btweb.exe] => (Allow) C:\users\sern\appdata\roaming\bittorrent web\btweb.exe (BitTorrent Inc -> BitTorrent Limited)
FirewallRules: [UDP Query User{6A9F2625-1FF6-42C4-A434-619DD01EFE33}C:\users\sern\appdata\roaming\bittorrent web\btweb.exe] => (Allow) C:\users\sern\appdata\roaming\bittorrent web\btweb.exe (BitTorrent Inc -> BitTorrent Limited)
FirewallRules: [TCP Query User{9BA8CE6C-7F7D-46CD-9AF0-214BCDD3C5B6}C:\users\sern\appdata\local\microsoft\teams\current\teams.exe] => (Allow) C:\users\sern\appdata\local\microsoft\teams\current\teams.exe (Microsoft Corporation -> Microsoft Corporation)
FirewallRules: [UDP Query User{24254EFA-CADB-433D-8EB1-81055975A7BF}C:\users\sern\appdata\local\microsoft\teams\current\teams.exe] => (Allow) C:\users\sern\appdata\local\microsoft\teams\current\teams.exe (Microsoft Corporation -> Microsoft Corporation)
FirewallRules: [{B5C4FE50-1F3D-4477-9632-07D72BF3E6CB}] => (Allow) C:\Program Files\TeamViewer\TeamViewer.exe (TeamViewer Germany GmbH -> TeamViewer Germany GmbH)
FirewallRules: [{E49F654B-64FB-4154-8D05-4BB811D5E5F5}] => (Allow) C:\Program Files\TeamViewer\TeamViewer.exe (TeamViewer Germany GmbH -> TeamViewer Germany GmbH)
FirewallRules: [{F37BAF61-EDBB-4358-B6BB-CC71A573DB07}] => (Allow) C:\Program Files\TeamViewer\TeamViewer_Service.exe (TeamViewer Germany GmbH -> TeamViewer Germany GmbH)
FirewallRules: [{E1797D77-6956-435D-BDFB-B5129342268B}] => (Allow) C:\Program Files\TeamViewer\TeamViewer_Service.exe (TeamViewer Germany GmbH -> TeamViewer Germany GmbH)
FirewallRules: [TCP Query User{3346ED86-6111-4527-955B-E29B399319EC}D:\stažené soubory\anydesk (1).exe] => (Allow) D:\stažené soubory\anydesk (1).exe (AnyDesk Software GmbH -> AnyDesk Software GmbH)
FirewallRules: [UDP Query User{BA4FE2C5-9FED-4A25-8453-FE485C7B6DA7}D:\stažené soubory\anydesk (1).exe] => (Allow) D:\stažené soubory\anydesk (1).exe (AnyDesk Software GmbH -> AnyDesk Software GmbH)
FirewallRules: [TCP Query User{F6D11E63-836D-498A-BA41-C801333EEDD7}D:\stažené soubory\anydesk.exe] => (Allow) D:\stažené soubory\anydesk.exe (philandro Software GmbH -> AnyDesk Software GmbH)
FirewallRules: [UDP Query User{B393D556-B760-42EB-8547-165DF5509A70}D:\stažené soubory\anydesk.exe] => (Allow) D:\stažené soubory\anydesk.exe (philandro Software GmbH -> AnyDesk Software GmbH)
FirewallRules: [{878C7FEC-DAE4-4BD1-BB3C-1676DABFBAD9}] => (Allow) D:\Program Files\TeamViewer\TeamViewer.exe => No File
FirewallRules: [{D6D1FCBB-174B-4ABB-BA58-60C7A5C0DF01}] => (Allow) D:\Program Files\TeamViewer\TeamViewer.exe => No File
FirewallRules: [{DC8D3284-97D6-4F4A-A750-AD4C73BAF6C1}] => (Allow) D:\Program Files\TeamViewer\TeamViewer_Service.exe => No File
FirewallRules: [{9DB5B99B-90BC-47BE-B523-F23456D38A77}] => (Allow) D:\Program Files\TeamViewer\TeamViewer_Service.exe => No File
FirewallRules: [{A477061F-B61C-470E-B752-697BD99798F7}] => (Allow) C:\Program Files\Microsoft Office\root\Office16\Lync.exe (Microsoft Corporation -> Microsoft Corporation)
FirewallRules: [{59767377-9CA0-41C4-9D60-5D9676C91D05}] => (Allow) C:\Program Files\Microsoft Office\root\Office16\UcMapi.exe (Microsoft Corporation -> Microsoft Corporation)
FirewallRules: [{8948E1F8-DF4C-4283-85ED-F046C4EB40ED}] => (Allow) D:\Program Files (x86)\AnyDesk\AnyDesk.exe => No File
FirewallRules: [{4099657F-91ED-4D37-9F8E-804B89EDAD9A}] => (Allow) D:\Program Files (x86)\AnyDesk\AnyDesk.exe => No File
FirewallRules: [{588D5FDB-5252-4CDF-93AC-F6B1C7CA2A7B}] => (Allow) D:\Program Files (x86)\AnyDesk\AnyDesk.exe => No File
FirewallRules: [{9E6E852A-3ED0-4337-90AC-E2A2B16825FE}] => (Allow) D:\Program Files (x86)\AnyDesk\AnyDesk.exe => No File
FirewallRules: [{3A60AE09-48BC-4324-B8D5-E93F926EF8EB}] => (Allow) D:\Program Files (x86)\AnyDesk\AnyDesk.exe => No File
FirewallRules: [{A90CB048-749E-4556-A4D0-0ACCDCA0391A}] => (Allow) D:\Program Files (x86)\AnyDesk\AnyDesk.exe => No File
FirewallRules: [{B6760911-CEDC-4EA1-8E38-929DEF0CC122}] => (Allow) C:\Program Files\Google\Chrome\Application\chrome.exe (Google LLC -> Google LLC)
FirewallRules: [{6156591F-C198-47CD-A43B-C7D13120C824}] => (Allow) C:\Program Files\Microsoft Office\root\Office16\outlook.exe (Microsoft Corporation -> Microsoft Corporation)
FirewallRules: [{B280FD17-8A7F-4095-9F62-12390DC4605E}] => (Allow) C:\Program Files (x86)\Microsoft\EdgeWebView\Application\126.0.2592.87\msedgewebview2.exe (Microsoft Corporation -> Microsoft Corporation)
FirewallRules: [{4ADFF502-AFCE-428A-B903-F18B5EA7F7F8}] => (Allow) C:\Program Files\WindowsApps\MSTeams_24152.415.2975.367_x64__8wekyb3d8bbwe\ms-teams.exe (Microsoft Corporation -> Microsoft Corporation)
FirewallRules: [{F7238388-B972-4FEC-A331-4FEAAC1B90BF}] => (Allow) C:\Program Files\WindowsApps\MSTeams_24152.415.2975.367_x64__8wekyb3d8bbwe\ms-teams.exe (Microsoft Corporation -> Microsoft Corporation)
FirewallRules: [{E1EFC77B-16C1-4F4C-9144-AFE298C6A496}] => (Allow) C:\Program Files\NVIDIA Corporation\NvContainer\nvcontainer.exe (NVIDIA Corporation -> NVIDIA Corporation)
FirewallRules: [{0CC8A98E-2C63-45FD-B471-FD5E649FD741}] => (Allow) C:\Program Files\NVIDIA Corporation\NvContainer\nvcontainer.exe (NVIDIA Corporation -> NVIDIA Corporation)
FirewallRules: [{531FA4BD-C702-40F3-A135-4FECB49A86A2}] => (Allow) C:\Program Files\NVIDIA Corporation\NvStreamSrv\nvstreamer.exe (NVIDIA Corporation -> NVIDIA Corporation)
FirewallRules: [{2C9F81B0-C997-47A8-86F9-17C4B647685F}] => (Allow) C:\Program Files\NVIDIA Corporation\NvStreamSrv\nvstreamer.exe (NVIDIA Corporation -> NVIDIA Corporation)
FirewallRules: [{51579FF6-5859-4518-BD98-AD9D6767B4E9}] => (Allow) LPort=32683
FirewallRules: [{EB91FAAF-6F8B-4738-9424-6FD6802F18F3}] => (Allow) LPort=33683
FirewallRules: [{737A1832-A561-46DD-BE47-5D44AA0C15A9}] => (Allow) LPort=26822
==================== Restore Points =========================
ATTENTION: System Restore is disabled (Total:96.8 GB) (Free:5.9 GB) (6%)
==================== Faulty Device Manager Devices ============
==================== Event log errors: ========================
Application errors:
==================
Error: (07/07/2024 09:35:14 PM) (Source: Application Error) (EventID: 1000) (User: KATANA)
Description: Název chybující aplikace: OneDC_Updater.exe, verze: 2.0.2211.3001, časové razítko: 0x656832f7
Název chybujícího modulu: KERNELBASE.dll, verze: 10.0.22621.3733, časové razítko: 0x44653e19
Kód výjimky: 0xc000041d
Posun chyby: 0x000000000005f39c
ID chybujícího procesu: 0x0x33d0
Čas spuštění chybující aplikace: 0x0x1dad0a4c4c57d5c
Cesta k chybující aplikaci: C:\Users\sern\OneDrive\Dokumenty\temp\OneDC_Updater\OneDC_Updater.exe
Cesta k chybujícímu modulu: C:\Windows\System32\KERNELBASE.dll
ID zprávy: d94a71cd-c122-45e1-9a97-bd61c773915e
Úplný název chybujícího balíčku:
ID aplikace související s chybujícím balíčkem:
Error: (07/07/2024 09:35:09 PM) (Source: Application Error) (EventID: 1000) (User: KATANA)
Description: Název chybující aplikace: OneDC_Updater.exe, verze: 2.0.2211.3001, časové razítko: 0x656832f7
Název chybujícího modulu: KERNELBASE.dll, verze: 10.0.22621.3733, časové razítko: 0x44653e19
Kód výjimky: 0xc0020001
Posun chyby: 0x000000000005f39c
ID chybujícího procesu: 0x0x33d0
Čas spuštění chybující aplikace: 0x0x1dad0a4c4c57d5c
Cesta k chybující aplikaci: C:\Users\sern\OneDrive\Dokumenty\temp\OneDC_Updater\OneDC_Updater.exe
Cesta k chybujícímu modulu: C:\Windows\System32\KERNELBASE.dll
ID zprávy: bef24641-586a-4bdb-9f94-d4cab05b38a3
Úplný název chybujícího balíčku:
ID aplikace související s chybujícím balíčkem:
Error: (07/07/2024 04:26:44 PM) (Source: Application Hang) (EventID: 1002) (User: NT AUTHORITY)
Description: Verze 10.0.22621.3672 programu SystemSettings.exe ukončila interakci se systémem Windows a byla ukončena. Pokud chcete zjistit, zda jsou k dispozici další informace o problému, zkontrolujte historii problémů v ovládacím panelu Zabezpečení a údržba.
Error: (07/07/2024 04:22:18 PM) (Source: Microsoft-Windows-Perflib) (EventID: 1023) (User: NT AUTHORITY)
Description: Systém Windows nemůže načíst knihovnu DLL rozšiřitelných čítačů C:\Windows\system32\sysmain.dll (kód chyby Win32 126).
Error: (07/05/2024 07:59:51 AM) (Source: Application Error) (EventID: 1000) (User: KATANA)
Description: Název chybující aplikace: OneDC_Updater.exe, verze: 2.0.2211.3001, časové razítko: 0x656832f7
Název chybujícího modulu: KERNELBASE.dll, verze: 10.0.22621.3733, časové razítko: 0x44653e19
Kód výjimky: 0xc000041d
Posun chyby: 0x000000000005f39c
ID chybujícího procesu: 0x0xb28
Čas spuštění chybující aplikace: 0x0x1dacea0854ef4bd
Cesta k chybující aplikaci: C:\Users\sern\OneDrive\Dokumenty\temp\OneDC_Updater\OneDC_Updater.exe
Cesta k chybujícímu modulu: C:\Windows\System32\KERNELBASE.dll
ID zprávy: 0e712c71-1995-4a50-9f34-0250fe13a824
Úplný název chybujícího balíčku:
ID aplikace související s chybujícím balíčkem:
Error: (07/05/2024 07:59:49 AM) (Source: Application Error) (EventID: 1000) (User: KATANA)
Description: Název chybující aplikace: OneDC_Updater.exe, verze: 2.0.2211.3001, časové razítko: 0x656832f7
Název chybujícího modulu: KERNELBASE.dll, verze: 10.0.22621.3733, časové razítko: 0x44653e19
Kód výjimky: 0xc0020001
Posun chyby: 0x000000000005f39c
ID chybujícího procesu: 0x0xb28
Čas spuštění chybující aplikace: 0x0x1dacea0854ef4bd
Cesta k chybující aplikaci: C:\Users\sern\OneDrive\Dokumenty\temp\OneDC_Updater\OneDC_Updater.exe
Cesta k chybujícímu modulu: C:\Windows\System32\KERNELBASE.dll
ID zprávy: 12acbbc0-e663-4007-8b4c-625a506a2fd8
Úplný název chybujícího balíčku:
ID aplikace související s chybujícím balíčkem:
Error: (06/30/2024 07:45:52 PM) (Source: Microsoft-Windows-Perflib) (EventID: 1023) (User: NT AUTHORITY)
Description: Systém Windows nemůže načíst knihovnu DLL rozšiřitelných čítačů C:\Windows\system32\sysmain.dll (kód chyby Win32 126).
Error: (06/30/2024 07:15:21 PM) (Source: Application Error) (EventID: 1000) (User: KATANA)
Description: Název chybující aplikace: OneDC_Updater.exe, verze: 2.0.2211.3001, časové razítko: 0x656832f7
Název chybujícího modulu: KERNELBASE.dll, verze: 10.0.22621.3733, časové razítko: 0x44653e19
Kód výjimky: 0xc000041d
Posun chyby: 0x000000000005f39c
ID chybujícího procesu: 0x0x27c4
Čas spuštění chybující aplikace: 0x0x1dacb1112c09d85
Cesta k chybující aplikaci: C:\Users\sern\OneDrive\Dokumenty\temp\OneDC_Updater\OneDC_Updater.exe
Cesta k chybujícímu modulu: C:\Windows\System32\KERNELBASE.dll
ID zprávy: c7c5b711-a4b3-4a2a-99b8-3bbba4b1479d
Úplný název chybujícího balíčku:
ID aplikace související s chybujícím balíčkem:
System errors:
=============
Error: (07/08/2024 03:54:35 PM) (Source: Microsoft-Windows-NDIS) (EventID: 10317) (User: )
Description: Na miniportu Microsoft Wi-Fi Direct Virtual Adapter #2, {66e4450a-6374-4118-8edd-be0f623dcc05}, došlo k události 74.
Error: (07/07/2024 09:34:57 PM) (Source: Service Control Manager) (EventID: 7000) (User: )
Description: Služba Služba Aktualizace Google (gupdate) neuspěla při spuštění v důsledku následující chyby:
Služba neodpověděla na řídicí nebo zahajovací požadavek dostatečně včas.
Error: (07/07/2024 09:34:57 PM) (Source: Service Control Manager) (EventID: 7009) (User: )
Description: Při čekání na připojení služby Služba Aktualizace Google (gupdate) bylo dosaženo časového limitu (30000 ms).
Error: (07/07/2024 09:32:18 PM) (Source: DCOM) (EventID: 10010) (User: KATANA)
Description: Server Microsoft.Windows.ContentDeliveryManager_10.0.22621.2506_neutral_neutral_cw5n1h2txyewy!App.AppXryc2qd338f5728r9gzzazav8206ba77s.mca se v daném časovém limitu neregistroval u služby DCOM.
Error: (07/07/2024 08:31:01 PM) (Source: Microsoft-Windows-NDIS) (EventID: 10317) (User: )
Description: Na miniportu Microsoft Wi-Fi Direct Virtual Adapter #2, {66e4450a-6374-4118-8edd-be0f623dcc05}, došlo k události 74.
Error: (07/07/2024 04:23:01 PM) (Source: Service Control Manager) (EventID: 7000) (User: )
Description: Služba Služba Aktualizace Google (gupdate) neuspěla při spuštění v důsledku následující chyby:
Služba neodpověděla na řídicí nebo zahajovací požadavek dostatečně včas.
Error: (07/07/2024 04:23:01 PM) (Source: Service Control Manager) (EventID: 7009) (User: )
Description: Při čekání na připojení služby Služba Aktualizace Google (gupdate) bylo dosaženo časového limitu (30000 ms).
Error: (07/07/2024 04:20:49 PM) (Source: EventLog) (EventID: 6008) (User: )
Description: Předchozí vypnutí systému (8:45:13, 05.07.2024) bylo neočekávané.
Windows Defender:
================
Date: 2024-07-08 16:05:47
Description:
Prohledávání Antivirová ochrana v programu Microsoft Defender bylo zastaveno před dokončením.
ID prohledávání: {B493C609-E6D6-41E7-B70C-E6AFF057986A}
Typ prohledávání: Antimalwarový program
Parametry prohledávání: Rychlé prohledávání
Uživatel: NT AUTHORITY\SYSTEM
Date: 2024-07-05 07:59:37
Description:
Prohledávání Antivirová ochrana v programu Microsoft Defender bylo zastaveno před dokončením.
ID prohledávání: {9E0BF917-7EA7-4A9A-847E-705497B13D49}
Typ prohledávání: Antimalwarový program
Parametry prohledávání: Rychlé prohledávání
Uživatel: NT AUTHORITY\SYSTEM
Date: 2024-07-04 17:00:00
Description:
Prohledávání Antivirová ochrana v programu Microsoft Defender bylo zastaveno před dokončením.
ID prohledávání: {094A6958-A4B0-400F-AC01-5E6A97E02DE6}
Typ prohledávání: Antimalwarový program
Parametry prohledávání: Rychlé prohledávání
Uživatel: NT AUTHORITY\SYSTEM
Date: 2024-07-01 15:38:17
Description:
Prohledávání Antivirová ochrana v programu Microsoft Defender bylo zastaveno před dokončením.
ID prohledávání: {CA2852C3-CD89-4659-880D-287B74AC069D}
Typ prohledávání: Antimalwarový program
Parametry prohledávání: Rychlé prohledávání
Uživatel: NT AUTHORITY\SYSTEM
Date: 2024-06-30 20:01:27
Description:
Prohledávání Antivirová ochrana v programu Microsoft Defender bylo zastaveno před dokončením.
ID prohledávání: {FB38E0AA-D808-4A33-81DB-52EA70FD7A9D}
Typ prohledávání: Antimalwarový program
Parametry prohledávání: Rychlé prohledávání
Uživatel: NT AUTHORITY\SYSTEM
Event[0]
Date: 2024-06-15 20:37:01
Description:
Funkce Ochrana v reálném čase u prohledávání Antivirová ochrana v programu Microsoft Defender zjistila chybu a došlo k jejímu selhání.
Funkce: Při přístupu
Kód chyby: 0x80004005
Popis chyby: Nespecifikovaná chyba
Důvod: Ovladač filtru přeskočil prohledávání položek a je v režimu průchodu. Příčinou může být nízký stav prostředků.
Date: 2024-01-07 04:41:23
Description:
Funkce Ochrana v reálném čase u prohledávání Antivirová ochrana v programu Microsoft Defender zjistila chybu a došlo k jejímu selhání.
Funkce: Při přístupu
Kód chyby: 0x80004005
Popis chyby: Nespecifikovaná chyba
Důvod: Ovladač filtru přeskočil prohledávání položek a je v režimu průchodu. Příčinou může být nízký stav prostředků.
Date: 2024-01-07 02:26:50
Description:
Funkce Ochrana v reálném čase u prohledávání Antivirová ochrana v programu Microsoft Defender zjistila chybu a došlo k jejímu selhání.
Funkce: Při přístupu
Kód chyby: 0x80004005
Popis chyby: Nespecifikovaná chyba
Důvod: Ovladač filtru přeskočil prohledávání položek a je v režimu průchodu. Příčinou může být nízký stav prostředků.
CodeIntegrity:
===============
Date: 2024-07-07 16:50:37
Description:
Code Integrity determined that a process (\Device\HarddiskVolume3\Program Files (x86)\Microsoft\EdgeWebView\Application\126.0.2592.87\msedgewebview2.exe) attempted to load \Device\HarddiskVolume3\Windows\System32\nvspcap64.dll that did not meet the Microsoft signing level requirements.
Date: 2024-05-02 12:45:46
Description:
Code Integrity is unable to verify the image integrity of the file \Device\HarddiskVolume3\Windows\System32\fcon.dll because the set of per-page image hashes could not be found on the system.
Date: 2024-03-30 13:40:36
Description:
Code Integrity determined that a process (\Device\HarddiskVolume3\Program Files (x86)\Microsoft\EdgeWebView\Application\123.0.2420.65\msedgewebview2.exe) attempted to load \Device\HarddiskVolume3\Windows\System32\nvspcap64.dll that did not meet the Microsoft signing level requirements.
==================== Memory info ===========================
BIOS: American Megatrends International, LLC. E1585IMS.311 09/27/2023
Motherboard: Micro-Star International Co., Ltd. MS-1585
Processor: 12th Gen Intel(R) Core(TM) i7-12650H
Percentage of memory in use: 66%
Total physical RAM: 16087.5 MB
Available physical RAM: 5452.88 MB
Total Virtual: 22604.8 MB
Available Virtual: 7557.02 MB
==================== Drives ================================
Drive c: () (Fixed) (Total:96.8 GB) (Free:5.9 GB) (Model: NVMe WD PC SN560 SDDPNQE-1T00-1032) (Protected) NTFS
Drive d: (Nový svazek) (Fixed) (Total:856.21 GB) (Free:616.47 GB) (Model: NVMe WD PC SN560 SDDPNQE-1T00-1032) (Protected) NTFS
Drive e: (ADATA SE760) (Fixed) (Total:238.46 GB) (Free:42.04 GB) (Model: ADATA SE760 SCSI Disk Device) NTFS
Drive g: (Google Drive) (Fixed) (Total:15 GB) (Free:5.61 GB) (Model: NVMe WD PC SN560 SDDPNQE-1T00-1032) FAT32
\\?\Volume{71a4a3a0-dea0-4ead-8c65-89811c074ccc}\ () (Fixed) (Total:0.74 GB) (Free:0.08 GB) NTFS
\\?\Volume{bdbcbe06-a6d5-4494-b408-f34c36c4fca8}\ () (Fixed) (Total:0.09 GB) (Free:0.07 GB) FAT32
==================== MBR & Partition Table ====================
==========================================================
Disk: 0 (Size: 953.9 GB) (Disk ID: 20694DDF)
Partition: GPT.
==========================================================
Disk: 1 (Size: 238.5 GB) (Disk ID: 3DA19019)
Partition: GPT.
==================== End of Addition.txt =======================
Re: kontrola logu
Dobrý den
Prosím o kontrolu logu
Prosím o kontrolu logu
-
Rudy
- Site Admin
- Příspěvky: 119486
- Registrován: 30 říj 2003 13:42
- Bydliště: Plzeň
- Kontaktovat uživatele:
Re: kontrola logu
Zdravím!
Otevřte poznámkový blok a zkopírujte do něj:
Protože provozujete torrenty a chodíte na "péčka", měl byste si pořídit nějaký lepší AV. WinDef je v tomto případě naprosto nedostatečný.
Otevřte poznámkový blok a zkopírujte do něj:
Uložte do D:\Stažené soubory jako fixlist.txt. Spusťte znovu FRST a klikněte na >Fix<. Po skončení akce se objeví log, který sem zkopírujte.Start
CloseProcesses:
CustomCLSID: HKU\S-1-5-21-2758214187-3853810005-2688088550-1001_Classes\CLSID\{345D3165-3889-4694-AB75-A91A27B217E8}\localserver32 -> C:\Program Files\Autodesk\AutoCAD LT 2024\acadlt.exe => No File
CustomCLSID: HKU\S-1-5-21-2758214187-3853810005-2688088550-1001_Classes\CLSID\{38142727-3008-9161-1521-349515000000}\localserver32 -> "C:\Program Files\Adobe\Acrobat DC\Acrobat\ADNotificationManager.exe" -ToastActivated => No File
CustomCLSID: HKU\S-1-5-21-2758214187-3853810005-2688088550-1001_Classes\CLSID\{74F5CC00-49A9-11CF-A2F9-444553540000}\InprocServer32 -> C:\Program Files\Autodesk\AutoCAD LT 2024\cs-CZ\acadltficn.dll => No File
HKLM\...\.scr: Icad.load.scr => "notepad.exe" "%1" <==== ATTENTION
FirewallRules: [{742DAE49-A7F6-4638-A188-753263FED5E5}] => (Allow) C:\Program Files (x86)\EPSON Software\Event Manager\EEventManager.exe => No File
FirewallRules: [{A10C0A4D-8FCD-4941-A4D3-3BFA6DE29D2C}] => (Allow) C:\Program Files (x86)\EPSON Software\Event Manager\EEventManager.exe => No File
FirewallRules: [{0252E50E-5353-4FA9-87CE-46C8E98EFA8E}] => (Allow) C:\Users\sern\AppData\Local\Temp\WF-7710\Network\EpsonNetSetup\ENEasyApp.exe => No File
FirewallRules: [{B5305FAD-B6A0-4905-AE82-D66F42D96DB7}] => (Allow) C:\Users\sern\AppData\Local\Temp\WF-7710\Network\EpsonNetSetup\ENEasyApp.exe => No File
FirewallRules: [TCP Query User{436BD932-537B-49F0-B42E-C1A0C8ADC256}D:\games\warcraft iii - reforged\_retail_\x86_64\warcraft iii.exe] => (Allow) D:\games\warcraft iii - reforged\_retail_\x86_64\warcraft iii.exe => No File
FirewallRules: [UDP Query User{D43692EA-3BBA-4259-965A-5408EB151AB9}D:\games\warcraft iii - reforged\_retail_\x86_64\warcraft iii.exe] => (Allow) D:\games\warcraft iii - reforged\_retail_\x86_64\warcraft iii.exe => No File
FirewallRules: [{878C7FEC-DAE4-4BD1-BB3C-1676DABFBAD9}] => (Allow) D:\Program Files\TeamViewer\TeamViewer.exe => No File
FirewallRules: [{D6D1FCBB-174B-4ABB-BA58-60C7A5C0DF01}] => (Allow) D:\Program Files\TeamViewer\TeamViewer.exe => No File
FirewallRules: [{DC8D3284-97D6-4F4A-A750-AD4C73BAF6C1}] => (Allow) D:\Program Files\TeamViewer\TeamViewer_Service.exe => No File
FirewallRules: [{9DB5B99B-90BC-47BE-B523-F23456D38A77}] => (Allow) D:\Program Files\TeamViewer\TeamViewer_Service.exe => No File
FirewallRules: [{8948E1F8-DF4C-4283-85ED-F046C4EB40ED}] => (Allow) D:\Program Files (x86)\AnyDesk\AnyDesk.exe => No File
FirewallRules: [{4099657F-91ED-4D37-9F8E-804B89EDAD9A}] => (Allow) D:\Program Files (x86)\AnyDesk\AnyDesk.exe => No File
FirewallRules: [{588D5FDB-5252-4CDF-93AC-F6B1C7CA2A7B}] => (Allow) D:\Program Files (x86)\AnyDesk\AnyDesk.exe => No File
FirewallRules: [{9E6E852A-3ED0-4337-90AC-E2A2B16825FE}] => (Allow) D:\Program Files (x86)\AnyDesk\AnyDesk.exe => No File
FirewallRules: [{3A60AE09-48BC-4324-B8D5-E93F926EF8EB}] => (Allow) D:\Program Files (x86)\AnyDesk\AnyDesk.exe => No File
FirewallRules: [{A90CB048-749E-4556-A4D0-0ACCDCA0391A}] => (Allow) D:\Program Files (x86)\AnyDesk\AnyDesk.exe => No File
HKU\S-1-5-21-2758214187-3853810005-2688088550-1001\...\Run: [EPLTarget\P0000000000000000] => C:\Windows\system32\spool\DRIVERS\x64\3\E_YATISBE.EXE /EPT "EPLTarget\P0000000000000000" /M "WF-7710 Series" (No File)
Task: {E0F10DCF-44AD-40E8-9370-FB5DA59F93FB} - System32\Tasks\Microsoft\Windows\UpdateOrchestrator\USO_UxBroker => %systemroot%\system32\MusNotification.exe (No File)
EmptyTemp:
Hosts:
End
Protože provozujete torrenty a chodíte na "péčka", měl byste si pořídit nějaký lepší AV. WinDef je v tomto případě naprosto nedostatečný.
Dotazy a logy vkládejte pouze do vašich threadů. Soukromé zprávy, icq a e-maily neslouží k řešení vašich problémů.
Podpořte, prosím, naše fórum : https://platba.viry.cz/payment/.
Navštivte:
e-mail: rudy(zavináč)forum.viry.cz
Varování: Před odvirováním PC si udělejte zálohy svých důležitých dat (pošta, kontakty, dokumenty, fotografie, videa, hudba apod.). Virus mimo svých "viditelných" aktivit může poškodit systém!
Po dořešení vašeho problému bude vlákno zamknuto. Stejně tak tehdy, pokud bude nečinné více než 14dnů. Pokud budete chtít vlákno aktivovat, napište mi na mail uvedený výše.
Podpořte, prosím, naše fórum : https://platba.viry.cz/payment/.
Navštivte:
e-mail: rudy(zavináč)forum.viry.cz
Varování: Před odvirováním PC si udělejte zálohy svých důležitých dat (pošta, kontakty, dokumenty, fotografie, videa, hudba apod.). Virus mimo svých "viditelných" aktivit může poškodit systém!
Po dořešení vašeho problému bude vlákno zamknuto. Stejně tak tehdy, pokud bude nečinné více než 14dnů. Pokud budete chtít vlákno aktivovat, napište mi na mail uvedený výše.
Re: kontrola logu
Fix result of Farbar Recovery Scan Tool (x64) Version: 13.07.2024
Ran by sern (15-07-2024 14:29:04) Run:1
Running from D:\Stažené soubory
Loaded Profiles: sern
Boot Mode: Normal
==============================================
fixlist content:
*****************
Start
CloseProcesses:
CustomCLSID: HKU\S-1-5-21-2758214187-3853810005-2688088550-1001_Classes\CLSID\{345D3165-3889-4694-AB75-A91A27B217E8}\localserver32 -> C:\Program Files\Autodesk\AutoCAD LT 2024\acadlt.exe => No File
CustomCLSID: HKU\S-1-5-21-2758214187-3853810005-2688088550-1001_Classes\CLSID\{38142727-3008-9161-1521-349515000000}\localserver32 -> "C:\Program Files\Adobe\Acrobat DC\Acrobat\ADNotificationManager.exe" -ToastActivated => No File
CustomCLSID: HKU\S-1-5-21-2758214187-3853810005-2688088550-1001_Classes\CLSID\{74F5CC00-49A9-11CF-A2F9-444553540000}\InprocServer32 -> C:\Program Files\Autodesk\AutoCAD LT 2024\cs-CZ\acadltficn.dll => No File
HKLM\...\.scr: Icad.load.scr => "notepad.exe" "%1" <==== ATTENTION
FirewallRules: [{742DAE49-A7F6-4638-A188-753263FED5E5}] => (Allow) C:\Program Files (x86)\EPSON Software\Event Manager\EEventManager.exe => No File
FirewallRules: [{A10C0A4D-8FCD-4941-A4D3-3BFA6DE29D2C}] => (Allow) C:\Program Files (x86)\EPSON Software\Event Manager\EEventManager.exe => No File
FirewallRules: [{0252E50E-5353-4FA9-87CE-46C8E98EFA8E}] => (Allow) C:\Users\sern\AppData\Local\Temp\WF-7710\Network\EpsonNetSetup\ENEasyApp.exe => No File
FirewallRules: [{B5305FAD-B6A0-4905-AE82-D66F42D96DB7}] => (Allow) C:\Users\sern\AppData\Local\Temp\WF-7710\Network\EpsonNetSetup\ENEasyApp.exe => No File
FirewallRules: [TCP Query User{436BD932-537B-49F0-B42E-C1A0C8ADC256}D:\games\warcraft iii - reforged\_retail_\x86_64\warcraft iii.exe] => (Allow) D:\games\warcraft iii - reforged\_retail_\x86_64\warcraft iii.exe => No File
FirewallRules: [UDP Query User{D43692EA-3BBA-4259-965A-5408EB151AB9}D:\games\warcraft iii - reforged\_retail_\x86_64\warcraft iii.exe] => (Allow) D:\games\warcraft iii - reforged\_retail_\x86_64\warcraft iii.exe => No File
FirewallRules: [{878C7FEC-DAE4-4BD1-BB3C-1676DABFBAD9}] => (Allow) D:\Program Files\TeamViewer\TeamViewer.exe => No File
FirewallRules: [{D6D1FCBB-174B-4ABB-BA58-60C7A5C0DF01}] => (Allow) D:\Program Files\TeamViewer\TeamViewer.exe => No File
FirewallRules: [{DC8D3284-97D6-4F4A-A750-AD4C73BAF6C1}] => (Allow) D:\Program Files\TeamViewer\TeamViewer_Service.exe => No File
FirewallRules: [{9DB5B99B-90BC-47BE-B523-F23456D38A77}] => (Allow) D:\Program Files\TeamViewer\TeamViewer_Service.exe => No File
FirewallRules: [{8948E1F8-DF4C-4283-85ED-F046C4EB40ED}] => (Allow) D:\Program Files (x86)\AnyDesk\AnyDesk.exe => No File
FirewallRules: [{4099657F-91ED-4D37-9F8E-804B89EDAD9A}] => (Allow) D:\Program Files (x86)\AnyDesk\AnyDesk.exe => No File
FirewallRules: [{588D5FDB-5252-4CDF-93AC-F6B1C7CA2A7B}] => (Allow) D:\Program Files (x86)\AnyDesk\AnyDesk.exe => No File
FirewallRules: [{9E6E852A-3ED0-4337-90AC-E2A2B16825FE}] => (Allow) D:\Program Files (x86)\AnyDesk\AnyDesk.exe => No File
FirewallRules: [{3A60AE09-48BC-4324-B8D5-E93F926EF8EB}] => (Allow) D:\Program Files (x86)\AnyDesk\AnyDesk.exe => No File
FirewallRules: [{A90CB048-749E-4556-A4D0-0ACCDCA0391A}] => (Allow) D:\Program Files (x86)\AnyDesk\AnyDesk.exe => No File
HKU\S-1-5-21-2758214187-3853810005-2688088550-1001\...\Run: [EPLTarget\P0000000000000000] => C:\Windows\system32\spool\DRIVERS\x64\3\E_YATISBE.EXE /EPT "EPLTarget\P0000000000000000" /M "WF-7710 Series" (No File)
Task: {E0F10DCF-44AD-40E8-9370-FB5DA59F93FB} - System32\Tasks\Microsoft\Windows\UpdateOrchestrator\USO_UxBroker => %systemroot%\system32\MusNotification.exe (No File)
EmptyTemp:
Hosts:
End
*****************
Processes closed successfully.
HKU\S-1-5-21-2758214187-3853810005-2688088550-1001_Classes\CLSID\{345D3165-3889-4694-AB75-A91A27B217E8} => removed successfully
HKU\S-1-5-21-2758214187-3853810005-2688088550-1001_Classes\CLSID\{38142727-3008-9161-1521-349515000000} => removed successfully
HKU\S-1-5-21-2758214187-3853810005-2688088550-1001_Classes\CLSID\{74F5CC00-49A9-11CF-A2F9-444553540000} => removed successfully
HKLM\Software\Classes\.scr\\"Default"="scrfile" => value restored successfully
"HKLM\SYSTEM\CurrentControlSet\services\SharedAccess\Parameters\FirewallPolicy\FirewallRules\\{742DAE49-A7F6-4638-A188-753263FED5E5}" => removed successfully
"HKLM\SYSTEM\CurrentControlSet\services\SharedAccess\Parameters\FirewallPolicy\FirewallRules\\{A10C0A4D-8FCD-4941-A4D3-3BFA6DE29D2C}" => removed successfully
"HKLM\SYSTEM\CurrentControlSet\services\SharedAccess\Parameters\FirewallPolicy\FirewallRules\\{0252E50E-5353-4FA9-87CE-46C8E98EFA8E}" => removed successfully
"HKLM\SYSTEM\CurrentControlSet\services\SharedAccess\Parameters\FirewallPolicy\FirewallRules\\{B5305FAD-B6A0-4905-AE82-D66F42D96DB7}" => removed successfully
"HKLM\SYSTEM\CurrentControlSet\services\SharedAccess\Parameters\FirewallPolicy\FirewallRules\\TCP Query User{436BD932-537B-49F0-B42E-C1A0C8ADC256}D:\games\warcraft iii - reforged\_retail_\x86_64\warcraft iii.exe" => removed successfully
"HKLM\SYSTEM\CurrentControlSet\services\SharedAccess\Parameters\FirewallPolicy\FirewallRules\\UDP Query User{D43692EA-3BBA-4259-965A-5408EB151AB9}D:\games\warcraft iii - reforged\_retail_\x86_64\warcraft iii.exe" => removed successfully
"HKLM\SYSTEM\CurrentControlSet\services\SharedAccess\Parameters\FirewallPolicy\FirewallRules\\{878C7FEC-DAE4-4BD1-BB3C-1676DABFBAD9}" => removed successfully
"HKLM\SYSTEM\CurrentControlSet\services\SharedAccess\Parameters\FirewallPolicy\FirewallRules\\{D6D1FCBB-174B-4ABB-BA58-60C7A5C0DF01}" => removed successfully
"HKLM\SYSTEM\CurrentControlSet\services\SharedAccess\Parameters\FirewallPolicy\FirewallRules\\{DC8D3284-97D6-4F4A-A750-AD4C73BAF6C1}" => removed successfully
"HKLM\SYSTEM\CurrentControlSet\services\SharedAccess\Parameters\FirewallPolicy\FirewallRules\\{9DB5B99B-90BC-47BE-B523-F23456D38A77}" => removed successfully
"HKLM\SYSTEM\CurrentControlSet\services\SharedAccess\Parameters\FirewallPolicy\FirewallRules\\{8948E1F8-DF4C-4283-85ED-F046C4EB40ED}" => removed successfully
"HKLM\SYSTEM\CurrentControlSet\services\SharedAccess\Parameters\FirewallPolicy\FirewallRules\\{4099657F-91ED-4D37-9F8E-804B89EDAD9A}" => removed successfully
"HKLM\SYSTEM\CurrentControlSet\services\SharedAccess\Parameters\FirewallPolicy\FirewallRules\\{588D5FDB-5252-4CDF-93AC-F6B1C7CA2A7B}" => removed successfully
"HKLM\SYSTEM\CurrentControlSet\services\SharedAccess\Parameters\FirewallPolicy\FirewallRules\\{9E6E852A-3ED0-4337-90AC-E2A2B16825FE}" => removed successfully
"HKLM\SYSTEM\CurrentControlSet\services\SharedAccess\Parameters\FirewallPolicy\FirewallRules\\{3A60AE09-48BC-4324-B8D5-E93F926EF8EB}" => removed successfully
"HKLM\SYSTEM\CurrentControlSet\services\SharedAccess\Parameters\FirewallPolicy\FirewallRules\\{A90CB048-749E-4556-A4D0-0ACCDCA0391A}" => removed successfully
"HKU\S-1-5-21-2758214187-3853810005-2688088550-1001\Software\Microsoft\Windows\CurrentVersion\Run\\EPLTarget\P0000000000000000" => removed successfully
"HKLM\Software\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Plain\{E0F10DCF-44AD-40E8-9370-FB5DA59F93FB}" => removed successfully
"HKLM\Software\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tasks\{E0F10DCF-44AD-40E8-9370-FB5DA59F93FB}" => removed successfully
C:\Windows\System32\Tasks\Microsoft\Windows\UpdateOrchestrator\USO_UxBroker => moved successfully
"HKLM\Software\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tree\Microsoft\Windows\UpdateOrchestrator\USO_UxBroker" => removed successfully
C:\Windows\System32\Drivers\etc\hosts => moved successfully
Hosts restored successfully.
=========== EmptyTemp: ==========
FlushDNS => completed
BITS transfer queue => 1572864 B
DOMStore, IE Recovery, AppCache, Feeds Cache, Thumbcache, IconCache => 96744757 B
Java, Discord, Steam htmlcache, WinHttpAutoProxySvc/winhttp *.cache => 328425085 B
Windows/system/drivers => 11929662 B
Edge => 0 B
Chrome => 1733280044 B
Firefox => 0 B
Opera => 0 B
Temp, IE cache, history, cookies, recent:
Default => 0 B
ProgramData => 0 B
Public => 0 B
systemprofile => 67258880 B
systemprofile32 => 67920028 B
LocalService => 67920028 B
NetworkService => 68114964 B
sern => 203404146 B
RecycleBin => 20621396 B
EmptyTemp: => 2.5 GB temporary data Removed.
================================
The system needed a reboot.
==== End of Fixlog 14:30:01 ====
Ran by sern (15-07-2024 14:29:04) Run:1
Running from D:\Stažené soubory
Loaded Profiles: sern
Boot Mode: Normal
==============================================
fixlist content:
*****************
Start
CloseProcesses:
CustomCLSID: HKU\S-1-5-21-2758214187-3853810005-2688088550-1001_Classes\CLSID\{345D3165-3889-4694-AB75-A91A27B217E8}\localserver32 -> C:\Program Files\Autodesk\AutoCAD LT 2024\acadlt.exe => No File
CustomCLSID: HKU\S-1-5-21-2758214187-3853810005-2688088550-1001_Classes\CLSID\{38142727-3008-9161-1521-349515000000}\localserver32 -> "C:\Program Files\Adobe\Acrobat DC\Acrobat\ADNotificationManager.exe" -ToastActivated => No File
CustomCLSID: HKU\S-1-5-21-2758214187-3853810005-2688088550-1001_Classes\CLSID\{74F5CC00-49A9-11CF-A2F9-444553540000}\InprocServer32 -> C:\Program Files\Autodesk\AutoCAD LT 2024\cs-CZ\acadltficn.dll => No File
HKLM\...\.scr: Icad.load.scr => "notepad.exe" "%1" <==== ATTENTION
FirewallRules: [{742DAE49-A7F6-4638-A188-753263FED5E5}] => (Allow) C:\Program Files (x86)\EPSON Software\Event Manager\EEventManager.exe => No File
FirewallRules: [{A10C0A4D-8FCD-4941-A4D3-3BFA6DE29D2C}] => (Allow) C:\Program Files (x86)\EPSON Software\Event Manager\EEventManager.exe => No File
FirewallRules: [{0252E50E-5353-4FA9-87CE-46C8E98EFA8E}] => (Allow) C:\Users\sern\AppData\Local\Temp\WF-7710\Network\EpsonNetSetup\ENEasyApp.exe => No File
FirewallRules: [{B5305FAD-B6A0-4905-AE82-D66F42D96DB7}] => (Allow) C:\Users\sern\AppData\Local\Temp\WF-7710\Network\EpsonNetSetup\ENEasyApp.exe => No File
FirewallRules: [TCP Query User{436BD932-537B-49F0-B42E-C1A0C8ADC256}D:\games\warcraft iii - reforged\_retail_\x86_64\warcraft iii.exe] => (Allow) D:\games\warcraft iii - reforged\_retail_\x86_64\warcraft iii.exe => No File
FirewallRules: [UDP Query User{D43692EA-3BBA-4259-965A-5408EB151AB9}D:\games\warcraft iii - reforged\_retail_\x86_64\warcraft iii.exe] => (Allow) D:\games\warcraft iii - reforged\_retail_\x86_64\warcraft iii.exe => No File
FirewallRules: [{878C7FEC-DAE4-4BD1-BB3C-1676DABFBAD9}] => (Allow) D:\Program Files\TeamViewer\TeamViewer.exe => No File
FirewallRules: [{D6D1FCBB-174B-4ABB-BA58-60C7A5C0DF01}] => (Allow) D:\Program Files\TeamViewer\TeamViewer.exe => No File
FirewallRules: [{DC8D3284-97D6-4F4A-A750-AD4C73BAF6C1}] => (Allow) D:\Program Files\TeamViewer\TeamViewer_Service.exe => No File
FirewallRules: [{9DB5B99B-90BC-47BE-B523-F23456D38A77}] => (Allow) D:\Program Files\TeamViewer\TeamViewer_Service.exe => No File
FirewallRules: [{8948E1F8-DF4C-4283-85ED-F046C4EB40ED}] => (Allow) D:\Program Files (x86)\AnyDesk\AnyDesk.exe => No File
FirewallRules: [{4099657F-91ED-4D37-9F8E-804B89EDAD9A}] => (Allow) D:\Program Files (x86)\AnyDesk\AnyDesk.exe => No File
FirewallRules: [{588D5FDB-5252-4CDF-93AC-F6B1C7CA2A7B}] => (Allow) D:\Program Files (x86)\AnyDesk\AnyDesk.exe => No File
FirewallRules: [{9E6E852A-3ED0-4337-90AC-E2A2B16825FE}] => (Allow) D:\Program Files (x86)\AnyDesk\AnyDesk.exe => No File
FirewallRules: [{3A60AE09-48BC-4324-B8D5-E93F926EF8EB}] => (Allow) D:\Program Files (x86)\AnyDesk\AnyDesk.exe => No File
FirewallRules: [{A90CB048-749E-4556-A4D0-0ACCDCA0391A}] => (Allow) D:\Program Files (x86)\AnyDesk\AnyDesk.exe => No File
HKU\S-1-5-21-2758214187-3853810005-2688088550-1001\...\Run: [EPLTarget\P0000000000000000] => C:\Windows\system32\spool\DRIVERS\x64\3\E_YATISBE.EXE /EPT "EPLTarget\P0000000000000000" /M "WF-7710 Series" (No File)
Task: {E0F10DCF-44AD-40E8-9370-FB5DA59F93FB} - System32\Tasks\Microsoft\Windows\UpdateOrchestrator\USO_UxBroker => %systemroot%\system32\MusNotification.exe (No File)
EmptyTemp:
Hosts:
End
*****************
Processes closed successfully.
HKU\S-1-5-21-2758214187-3853810005-2688088550-1001_Classes\CLSID\{345D3165-3889-4694-AB75-A91A27B217E8} => removed successfully
HKU\S-1-5-21-2758214187-3853810005-2688088550-1001_Classes\CLSID\{38142727-3008-9161-1521-349515000000} => removed successfully
HKU\S-1-5-21-2758214187-3853810005-2688088550-1001_Classes\CLSID\{74F5CC00-49A9-11CF-A2F9-444553540000} => removed successfully
HKLM\Software\Classes\.scr\\"Default"="scrfile" => value restored successfully
"HKLM\SYSTEM\CurrentControlSet\services\SharedAccess\Parameters\FirewallPolicy\FirewallRules\\{742DAE49-A7F6-4638-A188-753263FED5E5}" => removed successfully
"HKLM\SYSTEM\CurrentControlSet\services\SharedAccess\Parameters\FirewallPolicy\FirewallRules\\{A10C0A4D-8FCD-4941-A4D3-3BFA6DE29D2C}" => removed successfully
"HKLM\SYSTEM\CurrentControlSet\services\SharedAccess\Parameters\FirewallPolicy\FirewallRules\\{0252E50E-5353-4FA9-87CE-46C8E98EFA8E}" => removed successfully
"HKLM\SYSTEM\CurrentControlSet\services\SharedAccess\Parameters\FirewallPolicy\FirewallRules\\{B5305FAD-B6A0-4905-AE82-D66F42D96DB7}" => removed successfully
"HKLM\SYSTEM\CurrentControlSet\services\SharedAccess\Parameters\FirewallPolicy\FirewallRules\\TCP Query User{436BD932-537B-49F0-B42E-C1A0C8ADC256}D:\games\warcraft iii - reforged\_retail_\x86_64\warcraft iii.exe" => removed successfully
"HKLM\SYSTEM\CurrentControlSet\services\SharedAccess\Parameters\FirewallPolicy\FirewallRules\\UDP Query User{D43692EA-3BBA-4259-965A-5408EB151AB9}D:\games\warcraft iii - reforged\_retail_\x86_64\warcraft iii.exe" => removed successfully
"HKLM\SYSTEM\CurrentControlSet\services\SharedAccess\Parameters\FirewallPolicy\FirewallRules\\{878C7FEC-DAE4-4BD1-BB3C-1676DABFBAD9}" => removed successfully
"HKLM\SYSTEM\CurrentControlSet\services\SharedAccess\Parameters\FirewallPolicy\FirewallRules\\{D6D1FCBB-174B-4ABB-BA58-60C7A5C0DF01}" => removed successfully
"HKLM\SYSTEM\CurrentControlSet\services\SharedAccess\Parameters\FirewallPolicy\FirewallRules\\{DC8D3284-97D6-4F4A-A750-AD4C73BAF6C1}" => removed successfully
"HKLM\SYSTEM\CurrentControlSet\services\SharedAccess\Parameters\FirewallPolicy\FirewallRules\\{9DB5B99B-90BC-47BE-B523-F23456D38A77}" => removed successfully
"HKLM\SYSTEM\CurrentControlSet\services\SharedAccess\Parameters\FirewallPolicy\FirewallRules\\{8948E1F8-DF4C-4283-85ED-F046C4EB40ED}" => removed successfully
"HKLM\SYSTEM\CurrentControlSet\services\SharedAccess\Parameters\FirewallPolicy\FirewallRules\\{4099657F-91ED-4D37-9F8E-804B89EDAD9A}" => removed successfully
"HKLM\SYSTEM\CurrentControlSet\services\SharedAccess\Parameters\FirewallPolicy\FirewallRules\\{588D5FDB-5252-4CDF-93AC-F6B1C7CA2A7B}" => removed successfully
"HKLM\SYSTEM\CurrentControlSet\services\SharedAccess\Parameters\FirewallPolicy\FirewallRules\\{9E6E852A-3ED0-4337-90AC-E2A2B16825FE}" => removed successfully
"HKLM\SYSTEM\CurrentControlSet\services\SharedAccess\Parameters\FirewallPolicy\FirewallRules\\{3A60AE09-48BC-4324-B8D5-E93F926EF8EB}" => removed successfully
"HKLM\SYSTEM\CurrentControlSet\services\SharedAccess\Parameters\FirewallPolicy\FirewallRules\\{A90CB048-749E-4556-A4D0-0ACCDCA0391A}" => removed successfully
"HKU\S-1-5-21-2758214187-3853810005-2688088550-1001\Software\Microsoft\Windows\CurrentVersion\Run\\EPLTarget\P0000000000000000" => removed successfully
"HKLM\Software\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Plain\{E0F10DCF-44AD-40E8-9370-FB5DA59F93FB}" => removed successfully
"HKLM\Software\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tasks\{E0F10DCF-44AD-40E8-9370-FB5DA59F93FB}" => removed successfully
C:\Windows\System32\Tasks\Microsoft\Windows\UpdateOrchestrator\USO_UxBroker => moved successfully
"HKLM\Software\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tree\Microsoft\Windows\UpdateOrchestrator\USO_UxBroker" => removed successfully
C:\Windows\System32\Drivers\etc\hosts => moved successfully
Hosts restored successfully.
=========== EmptyTemp: ==========
FlushDNS => completed
BITS transfer queue => 1572864 B
DOMStore, IE Recovery, AppCache, Feeds Cache, Thumbcache, IconCache => 96744757 B
Java, Discord, Steam htmlcache, WinHttpAutoProxySvc/winhttp *.cache => 328425085 B
Windows/system/drivers => 11929662 B
Edge => 0 B
Chrome => 1733280044 B
Firefox => 0 B
Opera => 0 B
Temp, IE cache, history, cookies, recent:
Default => 0 B
ProgramData => 0 B
Public => 0 B
systemprofile => 67258880 B
systemprofile32 => 67920028 B
LocalService => 67920028 B
NetworkService => 68114964 B
sern => 203404146 B
RecycleBin => 20621396 B
EmptyTemp: => 2.5 GB temporary data Removed.
================================
The system needed a reboot.
==== End of Fixlog 14:30:01 ====
-
Rudy
- Site Admin
- Příspěvky: 119486
- Registrován: 30 říj 2003 13:42
- Bydliště: Plzeň
- Kontaktovat uživatele:
Re: kontrola logu
Smazáno. Log by již měl být OK.
Dotazy a logy vkládejte pouze do vašich threadů. Soukromé zprávy, icq a e-maily neslouží k řešení vašich problémů.
Podpořte, prosím, naše fórum : https://platba.viry.cz/payment/.
Navštivte:
e-mail: rudy(zavináč)forum.viry.cz
Varování: Před odvirováním PC si udělejte zálohy svých důležitých dat (pošta, kontakty, dokumenty, fotografie, videa, hudba apod.). Virus mimo svých "viditelných" aktivit může poškodit systém!
Po dořešení vašeho problému bude vlákno zamknuto. Stejně tak tehdy, pokud bude nečinné více než 14dnů. Pokud budete chtít vlákno aktivovat, napište mi na mail uvedený výše.
Podpořte, prosím, naše fórum : https://platba.viry.cz/payment/.
Navštivte:
e-mail: rudy(zavináč)forum.viry.cz
Varování: Před odvirováním PC si udělejte zálohy svých důležitých dat (pošta, kontakty, dokumenty, fotografie, videa, hudba apod.). Virus mimo svých "viditelných" aktivit může poškodit systém!
Po dořešení vašeho problému bude vlákno zamknuto. Stejně tak tehdy, pokud bude nečinné více než 14dnů. Pokud budete chtít vlákno aktivovat, napište mi na mail uvedený výše.
Přispějete na provoz fóra?