Prosím o kontrolu logu - vyskakování o zavirovaném PC

[paolov]

Prosím o kontrolu logu vyskakovací oznámení , že je PC zavirován, že je tam trojský kůň. Děkuji.
Scan result of Farbar Recovery Scan Tool (FRST) (x64) Version: 09-09-2024
Ran by MKMP (administrator) on RODINKAA (ASUSTeK COMPUTER INC. Vivobook_ASUSLaptop M1502IA_M1502IA) (12-09-2024 18:27:22)
Running from C:\Users\MKMP\Downloads\FRST64.exe
Loaded Profiles: MKMP
Platform: Microsoft Windows 11 Home Version 23H2 22631.4169 (X64) Language: Čeština (Česko)
Default browser: FF
Boot Mode: Normal

==================== Processes (Whitelisted) =================

(If an entry is included in the fixlist, the process will be closed. The file will not be moved.)

(0A0B0503-04C2-4CCF-9BC2-4F164DC80FEE -> Advanced Micro Devices, Inc.) C:\Program Files\WindowsApps\AdvancedMicroDevicesInc-2.AMDRadeonSoftware_10.22.20073.0_x64__0a9344xs7nr4m\radeonsoftware\AMDRSServ.exe
(0A0B0503-04C2-4CCF-9BC2-4F164DC80FEE -> Advanced Micro Devices, Inc.) C:\Program Files\WindowsApps\AdvancedMicroDevicesInc-2.AMDRadeonSoftware_10.22.20073.0_x64__0a9344xs7nr4m\radeonsoftware\RadeonSoftware.exe
(ASUSTeK COMPUTER INC. -> ASUSTeK COMPUTER INC.) C:\Windows\System32\DriverStore\FileRepository\asussci2.inf_amd64_dce8906ce88264fa\ASUSOptimization\AsusOSD.exe
(C:\Program Files\TeamViewer\TeamViewer.exe ->) (Microsoft Corporation -> Microsoft Corporation) C:\Program Files (x86)\Microsoft\EdgeWebView\Application\128.0.2739.67\msedgewebview2.exe <19>
(C:\Program Files\TeamViewer\TeamViewer.exe ->) (TeamViewer Germany GmbH -> ) C:\Program Files\TeamViewer\crashpad_handler.exe <2>
(C:\Program Files\TeamViewer\TeamViewer_Service.exe ->) (TeamViewer Germany GmbH -> TeamViewer Germany GmbH) C:\Program Files\TeamViewer\TeamViewer.exe
(C:\Program Files\TeamViewer\TeamViewer_Service.exe ->) (TeamViewer Germany GmbH -> TeamViewer Germany GmbH) C:\Program Files\TeamViewer\tv_w32.exe
(C:\Program Files\TeamViewer\TeamViewer_Service.exe ->) (TeamViewer Germany GmbH -> TeamViewer Germany GmbH) C:\Program Files\TeamViewer\tv_x64.exe
(C:\Program Files\WindowsApps\AdvancedMicroDevicesInc-2.AMDRadeonSoftware_10.22.20073.0_x64__0a9344xs7nr4m\radeonsoftware\AMDRSServ.exe ->) (0A0B0503-04C2-4CCF-9BC2-4F164DC80FEE -> Advanced Micro Devices, Inc.) C:\Program Files\WindowsApps\AdvancedMicroDevicesInc-2.AMDRadeonSoftware_10.22.20073.0_x64__0a9344xs7nr4m\radeonsoftware\AMDRSSrcExt.exe
(C:\Program Files\WindowsApps\AdvancedMicroDevicesInc-2.AMDRadeonSoftware_10.22.20073.0_x64__0a9344xs7nr4m\radeonsoftware\RadeonSoftware.exe ->) (0A0B0503-04C2-4CCF-9BC2-4F164DC80FEE -> Advanced Micro Devices, Inc.) C:\Program Files\WindowsApps\AdvancedMicroDevicesInc-2.AMDRadeonSoftware_10.22.20073.0_x64__0a9344xs7nr4m\radeonsoftware\cncmd.exe
(DriverStore\FileRepository\asussci2.inf_amd64_dce8906ce88264fa\ASUSOptimization\AsusOptimization.exe ->) (ASUSTeK COMPUTER INC. -> ASUSTeK COMPUTER INC.) C:\Windows\System32\DriverStore\FileRepository\asussci2.inf_amd64_dce8906ce88264fa\ASUSOptimization\AsusOptimizationStartupTask.exe
(DriverStore\FileRepository\asussci2.inf_amd64_dce8906ce88264fa\ASUSOptimization\AsusOptimization.exe ->) (ASUSTeK COMPUTER INC. -> ASUSTeK COMPUTER INC.) C:\Windows\System32\DriverStore\FileRepository\asussci2.inf_amd64_dce8906ce88264fa\ASUSOptimization\AsusWiFiSmartConnect.exe
(DriverStore\FileRepository\asussci2.inf_amd64_dce8906ce88264fa\ASUSSoftwareManager\AsusSoftwareManager.exe ->) (ASUSTeK COMPUTER INC. -> ) C:\Windows\System32\DriverStore\FileRepository\asussci2.inf_amd64_dce8906ce88264fa\ASUSSoftwareManager\AsusSupportService.exe
(DriverStore\FileRepository\asussci2.inf_amd64_dce8906ce88264fa\ASUSSoftwareManager\AsusSoftwareManager.exe ->) (ASUSTeK COMPUTER INC. -> ASUSTeK COMPUTER INC.​) C:\Windows\System32\DriverStore\FileRepository\asussci2.inf_amd64_dce8906ce88264fa\ASUSSoftwareManager\AsusSoftwareManagerAgent.exe
(DriverStore\FileRepository\u0390792.inf_amd64_c7c1ce20b2f1c813\B390782\atiesrxx.exe ->) (Advanced Micro Devices Inc. -> AMD) C:\Windows\System32\DriverStore\FileRepository\u0390792.inf_amd64_c7c1ce20b2f1c813\B390782\atieclxx.exe
(explorer.exe ->) (Microsoft Corporation -> Microsoft Corporation) C:\Program Files\Microsoft Office\root\Office16\ONENOTEM.EXE
(Microsoft Corporation -> Microsoft Corporation) C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe <7>
(Microsoft Corporation -> Microsoft Corporation) C:\Program Files\WindowsApps\MSTeams_24215.1007.3082.1590_x64__8wekyb3d8bbwe\ms-teams.exe
(Microsoft Windows -> Microsoft Corporation) C:\Program Files\WindowsApps\MicrosoftWindows.CrossDevice_1.24081.55.0_x64__cw5n1h2txyewy\CrossDeviceService.exe
(Mozilla Corporation -> Mozilla Corporation) C:\Program Files\Mozilla Firefox\firefox.exe <63>
(services.exe ->) (Adobe Inc. -> Adobe Inc.) C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\armsvc.exe
(services.exe ->) (Advanced Micro Devices Inc. -> Advanced Micro Devices, Inc.) C:\Windows\System32\amdfendrsr.exe
(services.exe ->) (Advanced Micro Devices Inc. -> AMD) C:\Windows\System32\DriverStore\FileRepository\u0390792.inf_amd64_c7c1ce20b2f1c813\B390782\atiesrxx.exe
(services.exe ->) (ASUSTeK COMPUTER INC. -> ASUSTeK COMPUTER INC.) C:\Windows\System32\DriverStore\FileRepository\asussci2.inf_amd64_dce8906ce88264fa\AsusAppService\AsusAppService.exe
(services.exe ->) (ASUSTeK COMPUTER INC. -> ASUSTeK COMPUTER INC.) C:\Windows\System32\DriverStore\FileRepository\asussci2.inf_amd64_dce8906ce88264fa\ASUSOptimization\AsusOptimization.exe
(services.exe ->) (ASUSTeK COMPUTER INC. -> ASUSTeK COMPUTER INC.) C:\Windows\System32\DriverStore\FileRepository\asussci2.inf_amd64_dce8906ce88264fa\ASUSSoftwareManager\AsusSoftwareManager.exe
(services.exe ->) (ASUSTeK COMPUTER INC. -> ASUSTeK COMPUTER INC.) C:\Windows\System32\DriverStore\FileRepository\asussci2.inf_amd64_dce8906ce88264fa\ASUSSwitch\AsusSwitch.exe
(services.exe ->) (ASUSTeK COMPUTER INC. -> ASUSTeK COMPUTER INC.) C:\Windows\System32\DriverStore\FileRepository\asussci2.inf_amd64_dce8906ce88264fa\ASUSSystemAnalysis\AsusSystemAnalysis.exe <2>
(services.exe ->) (ASUSTeK COMPUTER INC. -> ASUSTek COMPUTER INC.) C:\Windows\System32\DriverStore\FileRepository\asussci2.inf_amd64_dce8906ce88264fa\ASUSSystemDiagnosis\AsusSystemDiagnosis.exe
(services.exe ->) (DTS, Inc. -> DTS Inc.) C:\Windows\System32\DTS\PC\APO4x\DtsApo4Service.exe
(services.exe ->) (Microsoft Corporation -> Microsoft Corporation) C:\Program Files\Common Files\microsoft shared\ClickToRun\OfficeClickToRun.exe
(services.exe ->) (Microsoft Windows Hardware Compatibility Publisher -> ASUSTek COMPUTER INC.) C:\Windows\System32\DriverStore\FileRepository\asusnumpadfilter.inf_amd64_4b75f58caa254b78\AsusNumPadService.exe
(services.exe ->) (Microsoft Windows Publisher -> Microsoft Corporation) C:\ProgramData\Microsoft\Windows Defender\Platform\4.18.24070.5-0\MpDefenderCoreService.exe
(services.exe ->) (Microsoft Windows Publisher -> Microsoft Corporation) C:\ProgramData\Microsoft\Windows Defender\Platform\4.18.24070.5-0\MsMpEng.exe
(services.exe ->) (Microsoft Windows Publisher -> Microsoft Corporation) C:\ProgramData\Microsoft\Windows Defender\Platform\4.18.24070.5-0\NisSrv.exe
(services.exe ->) (TeamViewer Germany GmbH -> TeamViewer Germany GmbH) C:\Program Files\TeamViewer\TeamViewer_Service.exe
(svchost.exe ->) (Microsoft Corporation -> Microsoft Corporation) C:\Program Files\Microsoft Office\root\Office16\SDXHelper.exe
(svchost.exe ->) (Microsoft Corporation -> Microsoft Corporation) C:\Program Files\WindowsApps\Microsoft.WidgetsPlatformRuntime_1.4.0.0_x64__8wekyb3d8bbwe\WidgetService\WidgetService.exe
(svchost.exe ->) (Microsoft Corporation -> Microsoft Corporation) C:\Users\MKMP\AppData\Local\Microsoft\OneDrive\24.166.0818.0003\FileCoAuth.exe
(svchost.exe ->) (Microsoft Windows -> Microsoft Corporation) C:\Windows\System32\dllhost.exe <2>
(svchost.exe ->) (Microsoft Windows -> Microsoft Corporation) C:\Windows\System32\smartscreen.exe
(svchost.exe ->) (Microsoft Windows -> Microsoft Corporation) C:\Windows\System32\wlanext.exe
(svchost.exe ->) (Microsoft Windows -> Microsoft Corporation) C:\Windows\SysWOW64\wbem\WmiPrvSE.exe <2>
(svchost.exe ->) (Microsoft Windows -> Microsoft Corporation) C:\Windows\UUS\Packages\Preview\amd64\MoUsoCoreWorker.exe
(svchost.exe ->) (Realtek Semiconductor Corp. -> Realtek Semiconductor) C:\Windows\System32\DriverStore\FileRepository\realtekservice.inf_amd64_be03f2dca68bf962\RtkAudUService64.exe <3>

==================== Registry (Whitelisted) ===================

(If an entry is included in the fixlist, the registry item will be restored to default or removed. The file will not be moved.)

HKU\S-1-5-21-4038819242-1580343200-2903088957-1001\...\Run: [Steam] => C:\Program Files (x86)\Steam\steam.exe [4407656 2024-07-17] (Valve Corp. -> Valve Corporation)
HKU\S-1-5-21-4038819242-1580343200-2903088957-1001\...\Run: [Mozilla-Firefox-308046B0AF4A39CB] => "C:\Program Files\Mozilla Firefox\firefox.exe" -os-autostart [672328 2024-09-05] (Mozilla Corporation -> Mozilla Corporation)
HKU\S-1-5-21-4038819242-1580343200-2903088957-1001\...\Run: [MicrosoftEdgeAutoLaunch_484EB2388B0391A2E6BDF3636ED4FFA5] => "C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --no-startup-window --win-session-start [3741256 2024-09-05] (Microsoft Corporation -> Microsoft Corporation)
HKLM\Software\Microsoft\Active Setup\Installed Components: [{8A69D345-D564-463c-AFF1-A69D9E530F96}] -> C:\Program Files\Google\Chrome\Application\128.0.6613.121\Installer\chrmstp.exe [2024-09-11] (Google LLC -> Google LLC)
Startup: C:\Users\MKMP\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup\Poslat do aplikace OneNote.lnk [2023-03-23]
ShortcutTarget: Poslat do aplikace OneNote.lnk -> C:\Program Files\Microsoft Office\root\Office16\ONENOTEM.EXE (Microsoft Corporation -> Microsoft Corporation)

==================== Scheduled Tasks (Whitelisted) =================

(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)

Task: {1DFE6A77-FE45-4F4A-BF54-3EA4996E843D} - System32\Tasks\Adobe Acrobat Update Task => C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\AdobeARM.exe [1563080 2024-07-31] (Adobe Inc. -> Adobe Inc.)
Task: {F19C3D0D-5A94-4B2C-9D97-250836F37A4B} - System32\Tasks\ASUS Optimization 36D18D69AFC3 => C:\WINDOWS\System32\DriverStore\FileRepository\asussci2.inf_amd64_dce8906ce88264fa\ASUSOptimization\AsusHotkey.exe [325608 2024-08-12] (ASUSTeK COMPUTER INC. -> ASUSTeK COMPUTER INC.)
Task: {1B063AD3-0C9F-4355-8FEF-569ED22900E0} - System32\Tasks\ASUS Update Checker 2.0 => C:\WINDOWS\System32\DriverStore\FileRepository\asussci2.inf_amd64_dce8906ce88264fa\ASUSSoftwareManager\AsusUpdateChecker.exe [793552 2024-08-12] (ASUSTeK COMPUTER INC. -> ASUSTeK COMPUTER INC.)
Task: {A2538B8D-AC26-4ACE-B6F2-191CD9D953F0} - System32\Tasks\AsusSystemAnalysis_754F3273-0563-4F20-B12F-826510B07474 => C:\WINDOWS\System32\DriverStore\FileRepository\asussci2.inf_amd64_dce8906ce88264fa\ASUSSystemAnalysis\AsusSystemAnalysis.exe [5006312 2024-08-12] (ASUSTeK COMPUTER INC. -> ASUSTeK COMPUTER INC.)
Task: {96821F42-AE07-4197-BE15-D2934C3D2A51} - System32\Tasks\CreateExplorerShellUnelevatedTask => C:\Windows\explorer.exe [5583864 2024-09-11] (Microsoft Windows -> Microsoft Corporation)
Task: {E7CCA89E-745D-486C-B848-16FBD730CF26} - System32\Tasks\GoogleSystem\GoogleUpdater\GoogleUpdaterTaskSystem130.0.6679.0{1D95C4E0-E48B-45DB-85BB-1D51E2E86A48} => C:\Program Files (x86)\Google\GoogleUpdater\130.0.6679.0\updater.exe [4884584 2024-08-26] (Google LLC -> Google LLC)
Task: {0E7D2652-C9E3-40D9-8466-2AC2F76ADA09} - System32\Tasks\Microsoft\Office\Office Automatic Updates 2.0 => C:\Program Files\Common Files\Microsoft Shared\ClickToRun\OfficeC2RClient.exe [28605656 2024-08-25] (Microsoft Corporation -> Microsoft Corporation)
Task: {409D92DE-0F3A-4CE6-8696-3CB5E0562BEB} - System32\Tasks\Microsoft\Office\Office ClickToRun Service Monitor => C:\Program Files\Common Files\Microsoft Shared\ClickToRun\OfficeC2RClient.exe [28605656 2024-08-25] (Microsoft Corporation -> Microsoft Corporation)
Task: {8DBC533A-3292-4904-A964-AEC3C37FA887} - System32\Tasks\Microsoft\Office\Office Feature Updates => C:\Program Files\Microsoft Office\root\Office16\sdxhelper.exe [312520 2024-08-28] (Microsoft Corporation -> Microsoft Corporation)
Task: {0D65EEBC-D255-4E08-9D60-354E5471221E} - System32\Tasks\Microsoft\Office\Office Feature Updates Logon => C:\Program Files\Microsoft Office\root\Office16\sdxhelper.exe [312520 2024-08-28] (Microsoft Corporation -> Microsoft Corporation)
Task: {C4908E8E-9678-4EA2-97C6-06194CB06735} - System32\Tasks\Microsoft\Office\Office Performance Monitor => C:\Program Files\Microsoft Office\root\vfs\ProgramFilesCommonX64\Microsoft Shared\OFFICE16\operfmon.exe [187024 2024-08-28] (Microsoft Corporation -> Microsoft Corporation)
Task: {91E258EF-D3E6-4931-8A82-CBC9916B36F0} - System32\Tasks\Microsoft\Windows\Windows Defender\Windows Defender Cache Maintenance => C:\ProgramData\Microsoft\Windows Defender\Platform\4.18.24070.5-0\MpCmdRun.exe [1687320 2024-08-08] (Microsoft Windows Publisher -> Microsoft Corporation)
Task: {3C15B3B6-C210-431A-A379-250D227747E5} - System32\Tasks\Microsoft\Windows\Windows Defender\Windows Defender Cleanup => C:\ProgramData\Microsoft\Windows Defender\Platform\4.18.24070.5-0\MpCmdRun.exe [1687320 2024-08-08] (Microsoft Windows Publisher -> Microsoft Corporation)
Task: {DB2F1423-FDD1-4810-8B02-CB86DFB385A1} - System32\Tasks\Microsoft\Windows\Windows Defender\Windows Defender Scheduled Scan => C:\ProgramData\Microsoft\Windows Defender\Platform\4.18.24070.5-0\MpCmdRun.exe [1687320 2024-08-08] (Microsoft Windows Publisher -> Microsoft Corporation)
Task: {ECC3FACB-F8BE-4E10-BE0A-BA0DD60459CF} - System32\Tasks\Microsoft\Windows\Windows Defender\Windows Defender Verification => C:\ProgramData\Microsoft\Windows Defender\Platform\4.18.24070.5-0\MpCmdRun.exe [1687320 2024-08-08] (Microsoft Windows Publisher -> Microsoft Corporation)
Task: {0CBAB405-2E3B-46AD-8DB6-E1F942377D72} - System32\Tasks\Mozilla\Firefox Background Update 308046B0AF4A39CB => C:\Program Files\Mozilla Firefox\firefox.exe [672328 2024-09-05] (Mozilla Corporation -> Mozilla Corporation) -> C:\ProgramData\Mozilla-1de4eec8-1241-4177-a864-e594e8d1fb38\updates\308046B0AF4A39CB\--MOZ_LOG sync,prependheader,timestamp,append,maxsize:1,Dump:5 --MOZ_LOG_FILE C:\ProgramData\Mozilla-1de4eec8-1241-4177-a864-e594e8d1fb38\updates\308046B0AF4A39CB\backgroundupdate.moz_log --backgroundtask background (the data entry has 6 more characters).
Task: {1DDC5340-B44A-4541-8852-3CC36FEB5EB3} - System32\Tasks\Mozilla\Firefox Background Update S-1-5-21-4038819242-1580343200-2903088957-1001 308046B0AF4A39CB => C:\Program Files\Mozilla Firefox\firefox.exe [672328 2024-09-05] (Mozilla Corporation -> Mozilla Corporation) -> C:\ProgramData\Mozilla-1de4eec8-1241-4177-a864-e594e8d1fb38\updates\308046B0AF4A39CB\--MOZ_LOG sync,prependheader,timestamp,append,maxsize:1,Dump:5 --MOZ_LOG_FILE C:\ProgramData\Mozilla-1de4eec8-1241-4177-a864-e594e8d1fb38\updates\308046B0AF4A39CB\backgroundupdate.moz_log --backgroundtask background (the data entry has 6 more characters).
Task: {0BF5282D-1271-4D38-8C76-C3DF775A60C7} - System32\Tasks\Mozilla\Firefox Default Browser Agent 308046B0AF4A39CB => C:\Program Files\Mozilla Firefox\default-browser-agent.exe [34376 2024-09-05] (Mozilla Corporation -> Mozilla Foundation)
Task: {9D3C0BB5-B761-4A43-8ABA-96104885234E} - System32\Tasks\RtkAudUService64_BG => C:\WINDOWS\System32\DriverStore\FileRepository\realtekservice.inf_amd64_be03f2dca68bf962\RtkAudUService64.exe [3498472 2022-05-26] (Realtek Semiconductor Corp. -> Realtek Semiconductor)

(If an entry is included in the fixlist, the task (.job) file will be moved. The file which is running by the task will not be moved.)


==================== Internet (Whitelisted) ====================

(If an item is included in the fixlist, if it is a registry item it will be removed or restored to default.)

Tcpip\Parameters: [DhcpNameServer] 192.168.0.1
Tcpip\..\Interfaces\{3d3b711c-1b40-4ec8-b58a-e6134344297e}: [DhcpNameServer] 10.66.16.1 10.8.60.1 10.8.60.2
Tcpip\..\Interfaces\{af5b0e20-9efa-47ff-9eab-78cd9da06c0c}: [DhcpNameServer] 192.168.0.1
Tcpip\..\Interfaces\{af5b0e20-9efa-47ff-9eab-78cd9da06c0c}\05F6B6F6A656: [DhcpNameServer] 192.168.2.1
Tcpip\..\Interfaces\{af5b0e20-9efa-47ff-9eab-78cd9da06c0c}\255646D696029345: [DhcpNameServer] 192.168.22.159
Tcpip\..\Interfaces\{af5b0e20-9efa-47ff-9eab-78cd9da06c0c}\4505D2C496E6B6F554531344F55374F5548545: [DhcpNameServer] 192.168.0.1
Tcpip\..\Interfaces\{af5b0e20-9efa-47ff-9eab-78cd9da06c0c}\4505D2C496E6B6F554531344F5548545: [DhcpNameServer] 192.168.0.1
Tcpip\..\Interfaces\{af5b0e20-9efa-47ff-9eab-78cd9da06c0c}\4505D2C496E6B6F57457563747F554531344: [DhcpNameServer] 192.168.0.1

Edge:
=======
Edge Profile: C:\Users\MKMP\AppData\Local\Microsoft\Edge\User Data\Default [2024-09-12]
Edge Extension: (Dokumenty Google offline) - C:\Users\MKMP\AppData\Local\Microsoft\Edge\User Data\Default\Extensions\ghbmnnjooekpmoecnnnilnnbdlolhkhi [2024-08-30]
Edge Extension: (Edge relevant text changes) - C:\Users\MKMP\AppData\Local\Microsoft\Edge\User Data\Default\Extensions\jmjflgjpcpepeafmmgdpfkogkghcpiha [2024-02-02]

FireFox:
========
FF DefaultProfile: jz177wlj.default
FF ProfilePath: C:\Users\MKMP\AppData\Roaming\Mozilla\Firefox\Profiles\jz177wlj.default [2024-08-06]
FF ProfilePath: C:\Users\MKMP\AppData\Roaming\Mozilla\Firefox\Profiles\4yz218gd.default-release-1722853215691 [2024-09-12]
FF Homepage: Mozilla\Firefox\Profiles\4yz218gd.default-release-1722853215691 -> www.seznam.cz
FF Session Restore: Mozilla\Firefox\Profiles\4yz218gd.default-release-1722853215691 -> is enabled.
FF Notifications: Mozilla\Firefox\Profiles\4yz218gd.default-release-1722853215691 -> hxxps://qltuh.free-tl-100-c.buzz
FF Extension: (To Google Translate) - C:\Users\MKMP\AppData\Roaming\Mozilla\Firefox\Profiles\4yz218gd.default-release-1722853215691\Extensions\jid1-93WyvpgvxzGATw@jetpack.xpi [2024-08-05]
FF Extension: (uBlock Origin) - C:\Users\MKMP\AppData\Roaming\Mozilla\Firefox\Profiles\4yz218gd.default-release-1722853215691\Extensions\uBlock0@raymondhill.net.xpi [2024-08-05]
FF Extension: (ImTranslator: Překladač, Slovník, Hlas) - C:\Users\MKMP\AppData\Roaming\Mozilla\Firefox\Profiles\4yz218gd.default-release-1722853215691\Extensions\{9AA46F4F-4DC7-4c06-97AF-5035170634FE}.xpi [2024-08-05]
FF Extension: (Deer In Forest Green) - C:\Users\MKMP\AppData\Roaming\Mozilla\Firefox\Profiles\4yz218gd.default-release-1722853215691\Extensions\{ab3e9b9e-d9b0-48e4-9ba9-895d3bbdac8c}.xpi [2024-08-06]
FF Extension: (Running Foxes by MaDonna) - C:\Users\MKMP\AppData\Roaming\Mozilla\Firefox\Profiles\4yz218gd.default-release-1722853215691\Extensions\{dfb93b31-21ba-46fc-977d-46300ce0a76b}.xpi [2024-08-05]
FF Plugin: @java.com/DTPlugin,version=11.421.2 -> C:\Program Files\Java\jre1.8.0_421\bin\dtplugin\npDeployJava1.dll [2024-06-05] (Oracle America, Inc. -> Oracle Corporation)
FF Plugin: @java.com/JavaPlugin,version=11.421.2 -> C:\Program Files\Java\jre1.8.0_421\bin\plugin2\npjp2.dll [2024-06-05] (Oracle America, Inc. -> Oracle Corporation)
FF Plugin: @microsoft.com/SharePoint,version=14.0 -> C:\Program Files\Microsoft Office\root\Office16\NPSPWRAP.DLL [2024-04-04] (Microsoft Corporation -> Microsoft Corporation)
FF Plugin: @videolan.org/vlc,version=3.0.18 -> C:\Program Files\VideoLAN\VLC\npvlc.dll [2023-10-30] (VideoLAN -> VideoLAN)
FF Plugin: @videolan.org/vlc,version=3.0.20 -> C:\Program Files\VideoLAN\VLC\npvlc.dll [2023-10-30] (VideoLAN -> VideoLAN)
FF Plugin: Adobe Acrobat -> C:\Program Files\Adobe\Acrobat DC\Acrobat\Air\nppdf32.dll [2024-08-23] (Adobe Inc. -> Adobe Systems Inc.)
FF Plugin-x32: @microsoft.com/SharePoint,version=14.0 -> C:\Program Files\Microsoft Office\root\VFS\ProgramFilesX86\Microsoft Office\Office16\NPSPWRAP.DLL [2024-04-04] (Microsoft Corporation -> Microsoft Corporation)

Chrome:
=======
CHR Profile: C:\Users\MKMP\AppData\Local\Google\Chrome\User Data\Default [2024-08-16]
CHR Extension: (Stahovač Obrázků - Uložte fotografie a obrázky) - C:\Users\MKMP\AppData\Local\Google\Chrome\User Data\Default\Extensions\daeljdgmllhgmbdkpgnaojldjkdgkbjg [2023-10-05]
CHR Extension: (Adobe Acrobat: PDF edit, convert, sign tools) - C:\Users\MKMP\AppData\Local\Google\Chrome\User Data\Default\Extensions\efaidnbmnnnibpcajpcglclefindmkaj [2024-08-15]
CHR Extension: (Dokumenty Google offline) - C:\Users\MKMP\AppData\Local\Google\Chrome\User Data\Default\Extensions\ghbmnnjooekpmoecnnnilnnbdlolhkhi [2023-10-05]
CHR Extension: (Platby Internetového obchodu Chrome) - C:\Users\MKMP\AppData\Local\Google\Chrome\User Data\Default\Extensions\nmmhkkegccagdldgiimedpiccmgmieda [2023-10-05]
CHR HKU\S-1-5-21-4038819242-1580343200-2903088957-1001\SOFTWARE\Google\Chrome\Extensions\...\Chrome\Extension: [efaidnbmnnnibpcajpcglclefindmkaj]
CHR HKLM-x32\...\Chrome\Extension: [efaidnbmnnnibpcajpcglclefindmkaj]

==================== Services (Whitelisted) ===================

(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)

R2 AdobeARMservice; C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\armsvc.exe [172992 2024-07-31] (Adobe Inc. -> Adobe Inc.)
R2 AsusAppService; C:\WINDOWS\System32\DriverStore\FileRepository\asussci2.inf_amd64_dce8906ce88264fa\AsusAppService\AsusAppService.exe [1176016 2024-08-12] (ASUSTeK COMPUTER INC. -> ASUSTeK COMPUTER INC.)
R2 AsusNumPadService; C:\WINDOWS\System32\DriverStore\FileRepository\asusnumpadfilter.inf_amd64_4b75f58caa254b78\AsusNumPadService.exe [246160 2022-01-05] (Microsoft Windows Hardware Compatibility Publisher -> ASUSTek COMPUTER INC.)
R2 ASUSOptimization; C:\WINDOWS\System32\DriverStore\FileRepository\asussci2.inf_amd64_dce8906ce88264fa\ASUSOptimization\AsusOptimization.exe [571880 2024-08-12] (ASUSTeK COMPUTER INC. -> ASUSTeK COMPUTER INC.)
R2 ASUSSoftwareManager; C:\WINDOWS\System32\DriverStore\FileRepository\asussci2.inf_amd64_dce8906ce88264fa\ASUSSoftwareManager\AsusSoftwareManager.exe [1381728 2024-08-12] (ASUSTeK COMPUTER INC. -> ASUSTeK COMPUTER INC.)
R2 ASUSSwitch; C:\WINDOWS\System32\DriverStore\FileRepository\asussci2.inf_amd64_dce8906ce88264fa\ASUSSwitch\AsusSwitch.exe [650704 2024-08-12] (ASUSTeK COMPUTER INC. -> ASUSTeK COMPUTER INC.)
R2 ASUSSystemAnalysis; C:\WINDOWS\System32\DriverStore\FileRepository\asussci2.inf_amd64_dce8906ce88264fa\ASUSSystemAnalysis\AsusSystemAnalysis.exe [5006312 2024-08-12] (ASUSTeK COMPUTER INC. -> ASUSTeK COMPUTER INC.)
R2 ASUSSystemDiagnosis; C:\WINDOWS\System32\DriverStore\FileRepository\asussci2.inf_amd64_dce8906ce88264fa\ASUSSystemDiagnosis\AsusSystemDiagnosis.exe [894312 2024-08-12] (ASUSTeK COMPUTER INC. -> ASUSTek COMPUTER INC.)
R2 ClickToRunSvc; C:\Program Files\Common Files\Microsoft Shared\ClickToRun\OfficeClickToRun.exe [14042624 2024-08-25] (Microsoft Corporation -> Microsoft Corporation)
R2 DtsApo4Service; C:\WINDOWS\System32\DTS\PC\APO4x\DtsApo4Service.exe [434000 2023-02-22] (DTS, Inc. -> DTS Inc.)
S3 LibreOfficeMaintenance; C:\Program Files\LibreOffice\program\update_service.exe [123320 2024-06-04] (The Document Foundation -> The Document Foundation)
R2 MDCoreSvc; C:\ProgramData\Microsoft\Windows Defender\Platform\4.18.24070.5-0\MpDefenderCoreService.exe [1427024 2024-08-08] (Microsoft Windows Publisher -> Microsoft Corporation)
S3 NGS; C:\ProgramData\Nexon\NGS\NGService.exe [3189352 2023-03-19] (NEXON Korea Corporation. -> NEXON Korea Corporation)
R2 TeamViewer; C:\Program Files\TeamViewer\TeamViewer_Service.exe [22442808 2024-09-03] (TeamViewer Germany GmbH -> TeamViewer Germany GmbH)
R3 WdNisSvc; C:\ProgramData\Microsoft\Windows Defender\Platform\4.18.24070.5-0\NisSrv.exe [3199648 2024-08-08] (Microsoft Windows Publisher -> Microsoft Corporation)
R2 WinDefend; C:\ProgramData\Microsoft\Windows Defender\Platform\4.18.24070.5-0\MsMpEng.exe [133704 2024-08-08] (Microsoft Windows Publisher -> Microsoft Corporation)

===================== Drivers (Whitelisted) ===================

(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)

R3 amdfendrmgr; C:\WINDOWS\System32\drivers\amdfendrmgr.sys [54704 2023-02-20] (Advanced Micro Devices Inc. -> Advanced Micro Devices, Inc.)
R3 amdwddmg; C:\WINDOWS\System32\DriverStore\FileRepository\u0390792.inf_amd64_c7c1ce20b2f1c813\B390782\amdkmdag.sys [94637408 2023-04-25] (Advanced Micro Devices Inc. -> Advanced Micro Devices, Inc.)
S3 AsusNumpadPTP; C:\WINDOWS\System32\DriverStore\FileRepository\asusnumpadfilter.inf_amd64_4b75f58caa254b78\AsusNUMPADFilter.sys [200680 2022-01-05] (ASUSTeK COMPUTER INC. -> Human Interface Tech.)
R3 AsusPTPDrv; C:\WINDOWS\System32\DriverStore\FileRepository\asusptpfilter.inf_amd64_93fc123351137141\AsusPTPFilter.sys [155568 2023-01-05] (ASUSTeK COMPUTER INC. -> ASUSTek COMPUTER INC.)
R3 AsusSAIO; C:\WINDOWS\System32\DriverStore\FileRepository\asussci2.inf_amd64_dce8906ce88264fa\ASUSSystemAnalysis\AsusSAIO.sys [49312 2024-08-12] (ASUSTeK COMPUTER INC. -> ASUSTeK COMPUTER INC.)
R1 ATKWMIACPIIO; C:\WINDOWS\System32\DriverStore\FileRepository\asussci2.inf_amd64_dce8906ce88264fa\ASUSOptimization\AsusWmiAcpi.sys [49064 2024-08-12] (ASUSTeK COMPUTER INC. -> ASUSTeK COMPUTER INC.)
S3 BTHMODEM; C:\WINDOWS\System32\drivers\bthmodem.sys [106496 2022-05-07] (Microsoft Corporation) [File not signed]
R2 IDMWFP; C:\WINDOWS\system32\DRIVERS\idmwfp.sys [171512 2023-02-15] (Microsoft Windows Hardware Compatibility Publisher -> Tonec Inc.)
S3 MpKsl61f523c8; C:\WINDOWS\system32\MpEngineStore\MpKslDrv.sys [222464 2023-09-26] (Microsoft Windows -> Microsoft Corporation)
R3 MTKBTFilterX64; C:\WINDOWS\System32\DriverStore\FileRepository\mtkbtfilter.inf_amd64_4e18fe2e122d5d00\mtkbtfilterx.sys [326768 2024-04-28] (Microsoft Windows Hardware Compatibility Publisher -> MediaTek Inc.)
R3 mtkwlex; C:\WINDOWS\System32\DriverStore\FileRepository\mtkwl6ex.inf_amd64_f698a1260525f27b\mtkwl6ex.sys [1461912 2024-05-06] (MEDIATEK INC. -> MediaTek Inc.)
R3 SteamStreamingMicrophone; C:\WINDOWS\system32\drivers\SteamStreamingMicrophone.sys [40736 2020-06-01] (Valve Corp. -> )
R3 SteamStreamingSpeakers; C:\WINDOWS\system32\drivers\SteamStreamingSpeakers.sys [40736 2020-06-01] (Valve Corp. -> )
S3 tapnordvpn; C:\WINDOWS\System32\drivers\tapnordvpn.sys [44896 2020-06-09] (TEFINCOM S.A. -> The OpenVPN Project)
S3 usbrndis6; C:\WINDOWS\System32\drivers\usb80236.sys [57344 2022-05-07] (Microsoft Corporation) [File not signed]
S0 WdBoot; C:\WINDOWS\System32\drivers\wd\WdBoot.sys [22080 2024-08-08] (Microsoft Windows Early Launch Anti-malware Publisher -> Microsoft Corporation)
R0 WdFilter; C:\WINDOWS\System32\drivers\wd\WdFilter.sys [602504 2024-08-08] (Microsoft Windows -> Microsoft Corporation)
R3 WdNisDrv; C:\WINDOWS\System32\drivers\wd\WdNisDrv.sys [105864 2024-08-08] (Microsoft Windows -> Microsoft Corporation)
S3 NDivert; \SystemRoot\System32\drivers\NDivert.sys [X]
S1 WinSetupMon; system32\DRIVERS\WinSetupMon.sys [X]

==================== NetSvcs (Whitelisted) ===================

(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)


==================== One month (created) (Whitelisted) =========

(If an entry is included in the fixlist, the file/folder will be moved.)

2024-09-12 18:27 - 2024-09-12 18:28 - 000027389 _____ C:\Users\MKMP\Downloads\FRST.txt
2024-09-12 18:27 - 2024-09-12 18:27 - 000000000 ____D C:\Users\MKMP\Downloads\FRST-OlderVersion
2024-09-11 18:31 - 2024-09-11 18:31 - 000692356 _____ C:\WINDOWS\system32\perfh005.dat
2024-09-11 18:31 - 2024-09-11 18:31 - 000143226 _____ C:\WINDOWS\system32\perfc005.dat
2024-09-10 16:43 - 2024-09-10 16:43 - 001100658 _____ C:\Users\MKMP\Downloads\Chit_Chat_1_slovnicek.pdf
2024-09-09 19:49 - 2024-09-09 19:49 - 000072009 _____ C:\Users\MKMP\Downloads\42413-1.zip
2024-09-06 21:22 - 2024-09-06 21:36 - 1994408028 _____ C:\Users\MKMP\Downloads\Toto je náš svet, Tohle je náš svět (Captain Fantastic) (2016) CZ.mkv
2024-09-05 21:13 - 2024-05-06 19:30 - 000552152 _____ (MediaTek Inc.) C:\WINDOWS\system32\mtkihvx.dll
2024-09-05 20:14 - 2024-09-11 18:26 - 000000000 ____D C:\Program Files\Mozilla Firefox
2024-09-03 16:44 - 2024-09-03 16:44 - 006839728 _____ C:\Users\MKMP\Downloads\Five Nights at Freddys .tgz
2024-09-02 19:07 - 2024-09-02 19:07 - 000000000 ___HD C:\OneDriveTemp
2024-09-02 19:06 - 2024-09-02 19:06 - 000003592 _____ C:\WINDOWS\system32\Tasks\OneDrive Reporting Task-S-1-5-21-4038819242-1580343200-2903088957-1002
2024-09-02 19:06 - 2024-09-02 19:06 - 000003366 _____ C:\WINDOWS\system32\Tasks\OneDrive Standalone Update Task-S-1-5-21-4038819242-1580343200-2903088957-1002
2024-09-01 00:26 - 2024-09-01 11:45 - 000000000 ____D C:\Users\MKMP\AppData\Roaming\FileZilla
2024-09-01 00:26 - 2024-09-01 00:40 - 000000000 ____D C:\Users\MKMP\AppData\Local\FileZilla
2024-09-01 00:25 - 2024-09-01 00:25 - 000000000 ____D C:\Program Files\FileZilla FTP Client
2024-09-01 00:20 - 2024-09-02 18:19 - 000000000 ____D C:\Users\MKMP\AppData\Local\filezilla-server-gui
2024-09-01 00:19 - 2024-09-02 18:20 - 000000000 ____D C:\Program Files\FileZilla Server
2024-09-01 00:19 - 2024-09-01 00:51 - 000000000 ____D C:\ProgramData\filezilla-server
2024-08-31 22:41 - 2024-09-08 15:05 - 000000000 ____D C:\Vjeci
2024-08-28 19:02 - 2024-08-28 19:02 - 000000000 ____D C:\Program Files\Common Files\DESIGNER
2024-08-16 21:48 - 2024-08-16 21:48 - 006339378 _____ C:\Users\MKMP\Downloads\Olešnice-Aerobik+sjezd kár-video.zip
2024-08-16 21:46 - 2024-08-16 21:46 - 008866619 _____ C:\Users\MKMP\Downloads\Olešnice-areál-foto-1.zip
2024-08-16 21:45 - 2024-08-16 21:45 - 008866619 _____ C:\Users\MKMP\Downloads\Olešnice-areál-foto.zip

==================== One month (modified) ==================

(If an entry is included in the fixlist, the file/folder will be moved.)

2024-09-12 18:27 - 2024-08-06 12:41 - 000000000 ____D C:\FRST
2024-09-12 18:27 - 2024-08-06 12:40 - 002397696 _____ (Farbar) C:\Users\MKMP\Downloads\FRST64.exe
2024-09-12 18:25 - 2022-12-20 22:23 - 000003752 _____ C:\WINDOWS\system32\Tasks\AsusSystemAnalysis_754F3273-0563-4F20-B12F-826510B07474
2024-09-12 18:20 - 2023-03-17 21:53 - 000000000 ____D C:\Program Files (x86)\Steam
2024-09-12 18:18 - 2022-12-20 22:20 - 000000000 ____D C:\WINDOWS\system32\SleepStudy
2024-09-12 18:18 - 2022-05-07 07:24 - 000000000 ____D C:\ProgramData\regid.1991-06.com.microsoft
2024-09-12 17:12 - 2022-05-07 07:24 - 000000000 ___HD C:\Program Files\WindowsApps
2024-09-12 17:12 - 2022-05-07 07:24 - 000000000 ____D C:\WINDOWS\AppReadiness
2024-09-11 21:05 - 2023-01-14 14:03 - 000000000 ____D C:\Program Files (x86)\FastShare
2024-09-11 18:43 - 2022-05-07 07:24 - 000000000 ____D C:\WINDOWS\SystemTemp
2024-09-11 18:42 - 2022-05-07 07:24 - 000000000 ____D C:\ProgramData\USOPrivate
2024-09-11 18:31 - 2022-12-20 22:24 - 001629494 _____ C:\WINDOWS\system32\PerfStringBackup.INI
2024-09-11 18:31 - 2022-05-07 07:22 - 000000000 ____D C:\WINDOWS\INF
2024-09-11 18:27 - 2023-02-28 23:55 - 000000000 ____D C:\Program Files\TeamViewer
2024-09-11 18:27 - 2022-12-20 22:23 - 000000006 ____H C:\WINDOWS\Tasks\SA.DAT
2024-09-11 18:27 - 2022-12-20 22:20 - 000001607 _____ C:\WINDOWS\system32\config\VSMIDK
2024-09-11 18:27 - 2022-05-07 07:24 - 000000000 ____D C:\WINDOWS\ServiceState
2024-09-11 18:27 - 2022-05-07 07:17 - 001310720 _____ C:\WINDOWS\system32\config\BBI
2024-09-11 18:27 - 2021-10-04 23:52 - 000012288 ___SH C:\DumpStack.log.tmp
2024-09-11 18:26 - 2022-12-20 22:20 - 000646488 _____ C:\WINDOWS\system32\FNTCACHE.DAT
2024-09-11 18:26 - 2022-12-20 20:20 - 000000000 ____D C:\Program Files (x86)\Mozilla Maintenance Service
2024-09-11 18:25 - 2023-09-30 12:44 - 000000000 ____D C:\WINDOWS\system32\Microsoft-Edge-WebView
2024-09-11 18:25 - 2022-05-07 07:24 - 000000000 ____D C:\WINDOWS\SystemResources
2024-09-11 18:25 - 2022-05-07 07:24 - 000000000 ____D C:\WINDOWS\bcastdvr
2024-09-11 18:07 - 2022-12-20 20:23 - 000000000 ____D C:\WINDOWS\system32\MRT
2024-09-11 18:06 - 2022-12-20 20:23 - 199688632 ____C (Microsoft Corporation) C:\WINDOWS\system32\MRT.exe
2024-09-11 18:05 - 2022-05-07 07:17 - 000000000 ____D C:\WINDOWS\CbsTemp
2024-09-11 09:55 - 2023-10-05 19:30 - 000002249 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Google Chrome.lnk
2024-09-10 12:02 - 2022-12-20 20:14 - 000000000 ____D C:\Users\MKMP\AppData\Local\D3DSCache
2024-09-09 07:25 - 2022-12-20 22:23 - 000003640 _____ C:\WINDOWS\system32\Tasks\MicrosoftEdgeUpdateTaskMachineUA
2024-09-09 07:25 - 2022-12-20 22:23 - 000003516 _____ C:\WINDOWS\system32\Tasks\MicrosoftEdgeUpdateTaskMachineCore
2024-09-08 20:58 - 2022-12-29 20:24 - 000000000 ____D C:\Users\MKMP\AppData\Roaming\vlc
2024-09-08 11:48 - 2022-12-20 22:23 - 000003592 _____ C:\WINDOWS\system32\Tasks\OneDrive Reporting Task-S-1-5-21-4038819242-1580343200-2903088957-1001
2024-09-08 11:48 - 2022-12-20 22:23 - 000003364 _____ C:\WINDOWS\system32\Tasks\OneDrive Standalone Update Task-S-1-5-21-4038819242-1580343200-2903088957-1001
2024-09-08 11:48 - 2022-12-20 20:15 - 000002420 _____ C:\Users\MKMP\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\OneDrive.lnk
2024-09-07 12:12 - 2022-12-20 20:14 - 000000000 ____D C:\Users\MKMP\AppData\Local\Packages
2024-09-07 10:53 - 2021-10-04 23:52 - 000002440 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Microsoft Edge.lnk
2024-09-06 21:16 - 2022-12-20 20:15 - 000000000 ____D C:\Users\MKMP\AppData\Local\PlaceholderTileLogoFolder
2024-09-06 21:16 - 2021-10-04 23:54 - 000000000 ____D C:\ProgramData\Packages
2024-09-06 13:04 - 2024-06-11 13:49 - 000001436 _____ C:\Users\MKMP\Desktop\Roblox Player.lnk
2024-09-06 13:04 - 2023-01-21 13:37 - 000000000 ____D C:\Users\MKMP\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Roblox
2024-09-06 13:03 - 2023-06-20 13:11 - 000000000 ____D C:\Users\MKMP\AppData\Local\CrashDumps
2024-09-05 22:01 - 2022-12-20 22:23 - 000000000 ____D C:\WINDOWS\system32\Tasks\Mozilla
2024-09-05 22:01 - 2022-12-20 20:20 - 000001007 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Firefox.lnk
2024-09-05 21:12 - 2023-04-06 22:41 - 000000000 ____D C:\Users\MKMP\AppData\Local\JDownloader 2.0
2024-09-05 21:09 - 2023-03-17 22:15 - 000000000 ____D C:\Users\MKMP\Desktop\věci
2024-09-02 21:06 - 2022-05-07 07:24 - 000000000 ___RD C:\WINDOWS\PrintDialog
2024-09-02 19:04 - 2022-06-28 07:31 - 000000000 __RHD C:\Users\Public\AccountPictures
2024-09-02 19:04 - 2022-05-07 07:24 - 000000000 ___RD C:\WINDOWS\ImmersiveControlPanel
2024-08-31 23:37 - 2023-05-18 08:20 - 000000000 ____D C:\Users\MKMP\AppData\Roaming\HandBrake
2024-08-31 23:28 - 2022-12-29 21:30 - 000000000 ____D C:\Users\MKMP\AppData\Roaming\avidemux
2024-08-29 17:31 - 2024-02-16 15:25 - 000284224 _____ (Microsoft Corporation) C:\WINDOWS\system32\gamingservicesproxy_4.dll
2024-08-29 17:31 - 2023-02-24 23:03 - 002799144 _____ (Microsoft Corporation) C:\WINDOWS\system32\xgameruntime.dll
2024-08-29 17:31 - 2023-02-24 23:03 - 000783912 _____ (Microsoft Corporation) C:\WINDOWS\system32\gameplatformservices.dll
2024-08-29 17:31 - 2023-02-24 23:03 - 000243240 _____ (Microsoft Corporation) C:\WINDOWS\system32\gameconfighelper.dll
2024-08-29 17:31 - 2023-02-24 23:03 - 000210360 _____ (Microsoft Corporation) C:\WINDOWS\system32\gamelaunchhelper.dll
2024-08-29 17:31 - 2023-02-24 23:03 - 000149032 _____ (Microsoft Corporation) C:\WINDOWS\system32\gamingtcuihelpers.dll
2024-08-29 17:31 - 2023-02-24 23:03 - 000124344 _____ (Microsoft Corporation) C:\WINDOWS\system32\xgamehelper.exe
2024-08-29 17:31 - 2023-02-24 23:03 - 000075192 _____ (Microsoft Corporation) C:\WINDOWS\system32\xgamecontrol.exe
2024-08-28 19:42 - 2023-01-14 14:10 - 000002075 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Adobe Acrobat.lnk
2024-08-28 19:42 - 2022-12-20 23:46 - 000004562 _____ C:\WINDOWS\system32\Tasks\Adobe Acrobat Update Task
2024-08-28 19:02 - 2021-10-04 23:54 - 000000000 ____D C:\Program Files\Microsoft Office
2024-08-27 21:50 - 2022-05-07 07:24 - 000000000 ___SD C:\WINDOWS\SysWOW64\F12
2024-08-27 21:50 - 2022-05-07 07:24 - 000000000 ___SD C:\WINDOWS\system32\F12
2024-08-27 21:50 - 2022-05-07 07:24 - 000000000 ____D C:\WINDOWS\WUModels
2024-08-27 21:50 - 2022-05-07 07:24 - 000000000 ____D C:\WINDOWS\SysWOW64\Dism
2024-08-27 21:50 - 2022-05-07 07:24 - 000000000 ____D C:\WINDOWS\system32\oobe
2024-08-27 21:50 - 2022-05-07 07:24 - 000000000 ____D C:\WINDOWS\system32\HealthAttestationClient
2024-08-27 21:50 - 2022-05-07 07:24 - 000000000 ____D C:\WINDOWS\system32\Dism
2024-08-27 21:50 - 2022-05-07 07:24 - 000000000 ____D C:\WINDOWS\ShellExperiences
2024-08-27 21:50 - 2022-05-07 07:24 - 000000000 ____D C:\WINDOWS\Provisioning
2024-08-27 20:53 - 2022-12-20 22:23 - 003212800 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\PrintConfig.dll
2024-08-24 21:03 - 2023-02-21 20:30 - 000000000 ____D C:\Users\MKMP\AppData\Local\Plex Media Server
2024-08-20 11:35 - 2024-05-08 12:20 - 000000000 ____D C:\Users\MKMP\Documents\Euro Truck Simulator 2
2024-08-17 12:48 - 2023-05-18 08:17 - 000000000 ____D C:\Program Files\HandBrake
2024-08-17 11:03 - 2022-12-20 22:23 - 000004122 _____ C:\WINDOWS\system32\Tasks\ASUS Update Checker 2.0
2024-08-17 11:03 - 2022-12-20 22:23 - 000003756 _____ C:\WINDOWS\system32\Tasks\ASUS Optimization 36D18D69AFC3
2024-08-15 11:44 - 2022-05-07 07:24 - 000000000 ____D C:\WINDOWS\system32\Sgrm
2024-08-15 11:44 - 2022-05-07 07:24 - 000000000 ____D C:\WINDOWS\system32\SecureBootUpdates
2024-08-15 11:44 - 2022-05-07 07:24 - 000000000 ____D C:\WINDOWS\schemas
2024-08-15 11:27 - 2022-05-07 07:25 - 000209920 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\msclmd.dll
2024-08-15 11:27 - 2022-05-07 07:24 - 000249856 _____ (Microsoft Corporation) C:\WINDOWS\system32\msclmd.dll
2024-08-13 21:51 - 2022-12-20 22:12 - 000000000 ____D C:\Users\MKMP

==================== SigCheck ============================

(There is no automatic fix for files that do not pass verification.)

==================== End of FRST.txt ========================

[paolov]

Additional scan result of Farbar Recovery Scan Tool (x64) Version: 09-09-2024
Ran by MKMP (12-09-2024 18:28:53)
Running from C:\Users\MKMP\Downloads
Microsoft Windows 11 Home Version 23H2 22631.4169 (X64) (2022-12-20 20:23:44)
Boot Mode: Normal
==========================================================


==================== Accounts: =============================


(If an entry is included in the fixlist, it will be removed.)

Administrator (S-1-5-21-4038819242-1580343200-2903088957-500 - Administrator - Disabled)
DefaultAccount (S-1-5-21-4038819242-1580343200-2903088957-503 - Limited - Disabled)
Guest (S-1-5-21-4038819242-1580343200-2903088957-501 - Limited - Enabled)
MKMP (S-1-5-21-4038819242-1580343200-2903088957-1001 - Administrator - Enabled) => C:\Users\MKMP
WDAGUtilityAccount (S-1-5-21-4038819242-1580343200-2903088957-504 - Limited - Disabled)

==================== Security Center ========================

(If an entry is included in the fixlist, it will be removed.)

AV: ESET Security (Enabled - Up to date) {DF8BEACB-94C9-218A-73AD-A78362A8C516}
AV: Windows Defender (Enabled - Up to date) {D68DDC3A-831F-4fae-9E44-DA132C1ACF46}
FW: ESET Firewall (Enabled) {E7B06BEE-DEA6-20D2-58F2-0EB69C7B826D}

==================== Installed Programs ======================

(Only the adware programs with "Hidden" flag could be added to the fixlist to unhide them. The adware programs should be uninstalled manually.)

7-Zip 22.01 (x64) (HKLM\...\7-Zip) (Version: 22.01 - Igor Pavlov)
7-Zip 23.00 (x64 edition) (HKLM\...\{23170F69-40C1-2702-2300-000001000000}) (Version: 23.00.00.0 - Igor Pavlov)
Adobe Acrobat (64-bit) (HKLM\...\{AC76BA86-1029-1033-7760-BC15014EA700}) (Version: 24.003.20054 - Adobe)
Adobe Refresh Manager (HKLM-x32\...\{AC76BA86-0804-1033-1959-018244601078}) (Version: 1.8.0 - Adobe Systems Incorporated) Hidden
Avidemux VC++ 64bits (HKU\S-1-5-21-4038819242-1580343200-2903088957-1001\...\{286c56c5-c9ac-4996-91d9-86eecce02cf0}) (Version: 2.8.1 - Mean)
Bandicam MPEG-1 Decoder (HKLM-x32\...\BandiMPEG1) (Version: - Bandicam.com)
ClipGrab 3.9.10 (HKLM-x32\...\{8A1033B0-EF33-4FB5-97A1-C47A7DCDD7E6}_is1) (Version: - The ClipGrab Project)
FastShare.cz verze 2.4.0 (HKLM-x32\...\FastShare.cz_is1) (Version: 2.4.0 - )
FastStone Image Viewer 7.8 (HKLM-x32\...\FastStone Image Viewer) (Version: 7.8 - FastStone Corporation)
FreeCAD 0.21.1 (HKLM\...\FreeCAD0211) (Version: 0.21.1 - FreeCAD Team)
FreeCommander XE Build 880 32-bit (HKLM-x32\...\{D3C705DC-9743-4FEF-8358-E1AC9FA69C73}_is1) (Version: 2023.0.0.880 - Marek Jasinski)
Google Chrome (HKLM-x32\...\Google Chrome) (Version: 128.0.6613.121 - Google LLC)
HandBrake 1.8.2 (HKLM-x32\...\HandBrake) (Version: 1.8.2 - )
Java 8 Update 421 (64-bit) (HKLM\...\{77924AE4-039E-4CA4-87B4-2F64180421F0}) (Version: 8.0.4210.9 - Oracle Corporation)
JDownloader 2 (HKLM-x32\...\jdownloader2) (Version: 2.0.1 - AppWork GmbH)
LibreOffice 24.2.4.2 (HKLM\...\{BE0AECC8-40F8-4DA2-B888-C4101391FA14}) (Version: 24.2.4.2 - The Document Foundation)
Microsoft .NET Host - 6.0.10 (x86) (HKLM-x32\...\{3B28977C-9163-48A5-A08C-C01327E18AE2}) (Version: 48.43.48869 - Microsoft Corporation) Hidden
Microsoft .NET Host - 6.0.16 (x64) (HKLM\...\{1D0AC7F1-2B34-44AF-91F6-88757D768DA7}) (Version: 48.67.58427 - Microsoft Corporation) Hidden
Microsoft .NET Host - 8.0.7 (x64) (HKLM\...\{E424D6A6-FA28-41E2-8356-B59519A84BB0}) (Version: 64.28.16731 - Microsoft Corporation) Hidden
Microsoft .NET Host FX Resolver - 6.0.10 (x86) (HKLM-x32\...\{EBD44C5E-F1AF-4955-AEDF-F15D06384A9C}) (Version: 48.43.48869 - Microsoft Corporation) Hidden
Microsoft .NET Host FX Resolver - 6.0.16 (x64) (HKLM\...\{B8537ACA-B210-4DF5-B928-E41CEB76723D}) (Version: 48.67.58427 - Microsoft Corporation) Hidden
Microsoft .NET Host FX Resolver - 8.0.7 (x64) (HKLM\...\{3E3E3302-0CAD-4D0D-B6C0-206B30773468}) (Version: 64.28.16731 - Microsoft Corporation) Hidden
Microsoft .NET Runtime - 6.0.10 (x86) (HKLM-x32\...\{98CA5A6B-4ECC-4E6D-BF18-6B20CBB6E5F4}) (Version: 48.43.48869 - Microsoft Corporation) Hidden
Microsoft .NET Runtime - 6.0.16 (x64) (HKLM\...\{C71E93D2-B8B4-4858-B2A1-4C967DBC1C5F}) (Version: 48.67.58427 - Microsoft Corporation) Hidden
Microsoft .NET Runtime - 8.0.7 (x64) (HKLM\...\{CA4FE2DB-2E1C-453B-B8C9-960AB929E5B4}) (Version: 64.28.16731 - Microsoft Corporation) Hidden
Microsoft Edge (HKLM-x32\...\Microsoft Edge) (Version: 128.0.2739.67 - Microsoft Corporation)
Microsoft Edge WebView2 Runtime (HKLM-x32\...\Microsoft EdgeWebView) (Version: 128.0.2739.67 - Microsoft Corporation)
Microsoft GameInput (HKLM-x32\...\{1F2B6AF3-C260-8666-5950-E3FEDBC851D6}) (Version: 10.1.22621.3036 - Microsoft Corporation)
Microsoft OneDrive (HKU\S-1-5-21-4038819242-1580343200-2903088957-1001\...\OneDriveSetup.exe) (Version: 24.166.0818.0003 - Microsoft Corporation)
Microsoft OneNote - cs-cz (HKLM\...\OneNoteFreeRetail - cs-cz) (Version: 16.0.17928.20114 - Microsoft Corporation)
Microsoft Teams Meeting Add-in for Microsoft Office (HKLM\...\{A7AB73A3-CB10-4AA5-9D38-6AEFFBDE4C91}) (Version: 1.24.19202 - Microsoft)
Microsoft Update Health Tools (HKLM\...\{C6FD611E-7EFE-488C-A0E0-974C09EF6473}) (Version: 5.72.0.0 - Microsoft Corporation)
Microsoft Visual C++ 2010 x86 Redistributable - 10.0.30319 (HKLM-x32\...\{196BB40D-1578-3D01-B289-BEFC77A11A1E}) (Version: 10.0.30319 - Microsoft Corporation)
Microsoft Visual C++ 2013 Redistributable (x64) - 12.0.30501 (HKLM-x32\...\{050d4fc8-5d48-4b8f-8972-47c82c46020f}) (Version: 12.0.30501.0 - Microsoft Corporation)
Microsoft Visual C++ 2013 Redistributable (x86) - 12.0.30501 (HKLM-x32\...\{f65db027-aff3-4070-886a-0d87064aabb1}) (Version: 12.0.30501.0 - Microsoft Corporation)
Microsoft Visual C++ 2013 x64 Additional Runtime - 12.0.21005 (HKLM\...\{929FBD26-9020-399B-9A7A-751D61F0B942}) (Version: 12.0.21005 - Microsoft Corporation) Hidden
Microsoft Visual C++ 2013 x64 Minimum Runtime - 12.0.21005 (HKLM\...\{A749D8E6-B613-3BE3-8F5F-045C84EBA29B}) (Version: 12.0.21005 - Microsoft Corporation) Hidden
Microsoft Visual C++ 2013 x86 Additional Runtime - 12.0.21005 (HKLM-x32\...\{F8CFEB22-A2E7-3971-9EDA-4B11EDEFC185}) (Version: 12.0.21005 - Microsoft Corporation) Hidden
Microsoft Visual C++ 2013 x86 Minimum Runtime - 12.0.21005 (HKLM-x32\...\{13A4EE12-23EA-3371-91EE-EFB36DDFFF3E}) (Version: 12.0.21005 - Microsoft Corporation) Hidden
Microsoft Visual C++ 2015-2022 Redistributable (x64) - 14.31.31103 (HKLM-x32\...\{2aaf1df0-eb13-4099-9992-962bb4e596d1}) (Version: 14.31.31103.0 - Microsoft Corporation)
Microsoft Visual C++ 2015-2022 Redistributable (x86) - 14.31.31103 (HKLM-x32\...\{41d7b770-418a-43b7-95a5-f925fff05789}) (Version: 14.31.31103.0 - Microsoft Corporation)
Microsoft Visual C++ 2022 X64 Additional Runtime - 14.31.31103 (HKLM\...\{A977984B-9244-49E3-BD24-43F0A8009667}) (Version: 14.31.31103 - Microsoft Corporation) Hidden
Microsoft Visual C++ 2022 X64 Minimum Runtime - 14.31.31103 (HKLM\...\{A181A302-3F6D-4BAD-97A8-A426A6499D78}) (Version: 14.31.31103 - Microsoft Corporation) Hidden
Microsoft Visual C++ 2022 X86 Additional Runtime - 14.31.31103 (HKLM-x32\...\{5720EC03-F26F-40B7-980C-50B5D420B5DE}) (Version: 14.31.31103 - Microsoft Corporation) Hidden
Microsoft Visual C++ 2022 X86 Minimum Runtime - 14.31.31103 (HKLM-x32\...\{799E3FFF-705C-461F-B400-6DE27398B3E5}) (Version: 14.31.31103 - Microsoft Corporation) Hidden
Microsoft Windows Desktop Runtime - 6.0.10 (x86) (HKLM-x32\...\{0F3E4057-E2BB-4114-A646-F143DB5CE4C9}) (Version: 48.43.48870 - Microsoft Corporation) Hidden
Microsoft Windows Desktop Runtime - 6.0.10 (x86) (HKLM-x32\...\{9dd24b73-88e0-4f0f-882a-500e00d2bdef}) (Version: 6.0.10.31726 - Microsoft Corporation)
Microsoft Windows Desktop Runtime - 6.0.16 (x64) (HKLM\...\{805626FF-2BC9-4567-A71E-A76A470D000A}) (Version: 48.67.58484 - Microsoft Corporation) Hidden
Microsoft Windows Desktop Runtime - 6.0.16 (x64) (HKLM-x32\...\{8d173101-98c1-4e92-97c6-47c6840745a7}) (Version: 6.0.16.32327 - Microsoft Corporation)
Microsoft Windows Desktop Runtime - 8.0.7 (x64) (HKLM\...\{F6FBF64F-D459-4F03-BF3B-C0A36A0596A2}) (Version: 64.28.16739 - Microsoft Corporation) Hidden
Microsoft Windows Desktop Runtime - 8.0.7 (x64) (HKLM-x32\...\{754bcfb5-42ac-4c12-8f12-b818943a1365}) (Version: 8.0.7.33814 - Microsoft Corporation)
Mozilla Firefox (x64 cs) (HKLM\...\Mozilla Firefox 130.0 (x64 cs)) (Version: 130.0 - Mozilla)
Mozilla Maintenance Service (HKLM\...\MozillaMaintenanceService) (Version: 108.0.1 - Mozilla)
Office 16 Click-to-Run Extensibility Component (HKLM\...\{90160000-008C-0000-1000-0000000FF1CE}) (Version: 16.0.17928.20018 - Microsoft Corporation) Hidden
Office 16 Click-to-Run Licensing Component (HKLM\...\{90160000-007E-0000-1000-0000000FF1CE}) (Version: 16.0.17928.20114 - Microsoft Corporation) Hidden
PotPlayer-64 bit (HKLM\...\PotPlayer64) (Version: 230407 - Kakao Corp.)
Roblox Player for MKMP (HKU\S-1-5-21-4038819242-1580343200-2903088957-1001\...\roblox-player) (Version: - Roblox Corporation)
Roblox Studio for MKMP (HKU\S-1-5-21-4038819242-1580343200-2903088957-1001\...\roblox-studio) (Version: - Roblox Corporation)
Steam (HKLM-x32\...\Steam) (Version: 2.10.91.91 - Valve Corporation)
TeamViewer (HKLM\...\TeamViewer) (Version: 15.57.5 - TeamViewer)
TechPowerUp GPU-Z (HKLM-x32\...\{8B0F211E-5846-4FB2-B0B9-4EB31546FDF9}}_is1) (Version: 2.52.0 - TechPowerUp)
TomTom MyDrive Connect 4.4.0.5040 (HKLM-x32\...\MyDriveConnect) (Version: 4.4.0.5040 - TomTom)
VLC media player (HKLM\...\VLC media player) (Version: 3.0.20 - VideoLAN)

Packages:
=========

Adobe Acrobat Reader -> C:\Program Files\Adobe\Acrobat DC [2024-09-02] ()
AMD Radeon Software -> C:\Program Files\WindowsApps\AdvancedMicroDevicesInc-2.AMDRadeonSoftware_10.22.20073.0_x64__0a9344xs7nr4m [2024-09-02] (Advanced Micro Devices Inc.) [Startup Task]
B9ECED6F.ScreenPadMaster -> C:\Program Files\WindowsApps\B9ECED6F.ScreenPadMaster_3.1.42.0_x64__qmba6cd70vzyy [2024-09-03] (ASUSTeK COMPUTER INC.)
DTS Audio Processing -> C:\Program Files\WindowsApps\DTSInc.DTSAudioProcessing_1.10.15.0_x64__t5j2fzbtdg37r [2024-09-02] (DTS, Inc.)
Fotografie -> C:\Program Files\WindowsApps\Microsoft.Windows.Photos_2024.11070.31001.0_x64__8wekyb3d8bbwe [2024-09-02] (Microsoft Corporation) [Startup Task]
Microsoft Family -> C:\Program Files\WindowsApps\MicrosoftCorporationII.MicrosoftFamily_0.2.40.0_x64__8wekyb3d8bbwe [2024-09-02] (Microsoft Corp.)
Microsoft Teams -> C:\Program Files\WindowsApps\MSTeams_24215.1007.3082.1590_x64__8wekyb3d8bbwe [2024-09-08] (Microsoft) [Startup Task]
Microsoft.BingSearch -> C:\Program Files\WindowsApps\Microsoft.BingSearch_1.0.95.0_x64__8wekyb3d8bbwe [2024-09-05] (Microsoft Corporation)
MicrosoftWindows.CrossDevice -> C:\Program Files\WindowsApps\MicrosoftWindows.CrossDevice_1.24081.55.0_x64__cw5n1h2txyewy [2024-09-06] (Microsoft Windows) [Startup Task]
MyASUS -> C:\Program Files\WindowsApps\B9ECED6F.ASUSPCAssistant_4.0.20.0_x64__qmba6cd70vzyy [2024-09-05] (ASUSTeK COMPUTER INC.)
Pinf Hry Launcher -> C:\Program Files\WindowsApps\46073OndrejVrbel-Pinf.12054DCD93C3F_2.1.10.0_x64__2sn797kv5pvgt [2023-01-20] (Ondrej Vrábel - Pinf)
Příslušenství pro Xbox -> C:\Program Files\WindowsApps\Microsoft.XboxDevices_2406.2405.7001.0_x64__8wekyb3d8bbwe [2024-05-17] (Microsoft Corporation)
Realtek Audio Control -> C:\Program Files\WindowsApps\RealtekSemiconductorCorp.RealtekAudioControl_1.36.273.0_x64__dt26b99r8h8gj [2024-09-02] (Realtek Semiconductor Corp)
Widgets Platform Runtime -> C:\Program Files\WindowsApps\Microsoft.WidgetsPlatformRuntime_1.4.0.0_x64__8wekyb3d8bbwe [2024-09-06] (Microsoft Corporation)
WinAppRuntime.Main.1.5 -> C:\Program Files\WindowsApps\MicrosoftCorporationII.WinAppRuntime.Main.1.5_5001.214.1843.0_x64__8wekyb3d8bbwe [2024-08-15] (Microsoft Corp.)
WinAppRuntime.Singleton -> C:\Program Files\WindowsApps\MicrosoftCorporationII.WinAppRuntime.Singleton_6000.242.101.0_x64__8wekyb3d8bbwe [2024-09-07] (Microsoft Corp.)
Windows Feature Experience Pack -> C:\WINDOWS\SystemApps\LKG\MicrosoftWindows.LKG.AccountsService_cw5n1h2txyewy [2024-09-11] (Microsoft Windows)
Windows Feature Experience Pack -> C:\WINDOWS\SystemApps\LKG\MicrosoftWindows.LKG.DesktopSpotlight_cw5n1h2txyewy [2024-09-11] (Microsoft Windows)
Windows Feature Experience Pack -> C:\WINDOWS\SystemApps\LKG\MicrosoftWindows.LKG.IrisService_cw5n1h2txyewy [2024-09-11] (Microsoft Windows)

==================== Custom CLSID (Whitelisted): ==============

(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)

CustomCLSID: HKU\S-1-5-21-4038819242-1580343200-2903088957-1001_Classes\CLSID\{19A6E644-14E6-4A60-B8D7-DD20610A871D}\InprocServer32 -> C:\Users\MKMP\AppData\Local\Microsoft\TeamsMeetingAdd-in\1.24.19202\x64\Microsoft.Teams.AddinLoader.dll (Microsoft Corporation -> Microsoft Corporation)
CustomCLSID: HKU\S-1-5-21-4038819242-1580343200-2903088957-1001_Classes\CLSID\{1a46400f-4c81-802a-c2c1-1e9a687a9340}\localserver32 -> C:\Program Files\HandBrake\HandBrake.exe (HandBrake Team) [File not signed]
CustomCLSID: HKU\S-1-5-21-4038819242-1580343200-2903088957-1001_Classes\CLSID\{38142727-3008-9161-1521-349515000000}\localserver32 -> C:\Program Files\Adobe\Acrobat DC\Acrobat\ADNotificationManager.exe (Adobe Inc. -> Adobe)
CustomCLSID: HKU\S-1-5-21-4038819242-1580343200-2903088957-1001_Classes\CLSID\{92a10339-c580-dfd8-94c3-030311ba18f4}\localserver32 -> C:\ProgramData\ASUS\AsusSurvey\AsusSurvey.exe (ASUSTeK COMPUTER INC. -> ASUSTeK COMPUTER INC.)
ContextMenuHandlers1: [7-Zip] -> {23170F69-40C1-278A-1000-000100020000} => C:\Program Files\7-Zip\7-zip.dll [2023-05-07] (Igor Pavlov) [File not signed]
ContextMenuHandlers4: [7-Zip] -> {23170F69-40C1-278A-1000-000100020000} => C:\Program Files\7-Zip\7-zip.dll [2023-05-07] (Igor Pavlov) [File not signed]
ContextMenuHandlers6: [7-Zip] -> {23170F69-40C1-278A-1000-000100020000} => C:\Program Files\7-Zip\7-zip.dll [2023-05-07] (Igor Pavlov) [File not signed]

==================== Codecs (Whitelisted) ====================

(If an entry is included in the fixlist, the registry item will be restored to default or removed. The file will not be moved.)

HKLM\...\Drivers32: [vidc.mjpg] => C:\WINDOWS\system32\bdmjpeg64.dll [75248 2017-01-26] (Bandicam Company -> )
HKLM\...\Drivers32: [vidc.mpeg] => C:\WINDOWS\system32\bdmpegv64.dll [75272 2017-01-26] (Bandicam Company -> )
HKLM\...\Drivers32: [msacm.bdmpeg] => C:\WINDOWS\system32\bdmpega64.acm [75784 2017-01-26] (Bandicam Company -> )
HKLM\...\Drivers32: [vidc.mjpg] => C:\Windows\SysWOW64\bdmjpeg.dll [71152 2017-01-26] (Bandicam Company -> )
HKLM\...\Drivers32: [vidc.mpeg] => C:\Windows\SysWOW64\bdmpegv.dll [71176 2017-01-26] (Bandicam Company -> )
HKLM\...\Drivers32: [msacm.bdmpeg] => C:\Windows\SysWOW64\bdmpega.acm [71176 2017-01-26] (Bandicam Company -> )

==================== Shortcuts & WMI ========================

==================== Loaded Modules (Whitelisted) =============

2021-10-04 23:55 - 2021-10-04 23:55 - 000000000 ____L (Microsoft Corporation) [symlink -> C:\Program Files\Common Files\Microsoft Shared\ClickToRun\AppvIsvSubsystems64.dll] C:\Program Files\Microsoft Office\root\Office16\AppVIsvSubsystems64.dll
2021-10-04 23:55 - 2021-10-04 23:55 - 000000000 ____L (Microsoft Corporation) [symlink -> C:\Program Files\Common Files\Microsoft Shared\ClickToRun\C2R64.dll] C:\Program Files\Microsoft Office\root\Office16\c2r64.dll

==================== Alternate Data Streams (Whitelisted) ========

==================== Safe Mode (Whitelisted) ==================

==================== Association (Whitelisted) =================

==================== Internet Explorer (Whitelisted) =============

HKLM\Software\Microsoft\Internet Explorer\Main,Start Page = about:blank
HKLM\Software\Wow6432Node\Microsoft\Internet Explorer\Main,Start Page = about:blank
HKU\S-1-5-21-4038819242-1580343200-2903088957-1001\Software\Microsoft\Internet Explorer\Main,Start Page = about:blank
BHO: Java(tm) Plug-In SSV Helper -> {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} -> C:\Program Files\Java\jre1.8.0_421\bin\ssv.dll [2024-06-05] (Oracle America, Inc. -> Oracle Corporation)
BHO: Java(tm) Plug-In 2 SSV Helper -> {DBC80044-A445-435b-BC74-9C25C1C588A9} -> C:\Program Files\Java\jre1.8.0_421\bin\jp2ssv.dll [2024-06-05] (Oracle America, Inc. -> Oracle Corporation)
BHO-x32: Skype for Business Browser Helper -> {31D09BA0-12F5-4CCE-BE8A-2923E76605DA} -> C:\Program Files\Microsoft Office\root\VFS\ProgramFilesX86\Microsoft Office\Office16\OCHelper.dll [2024-08-28] (Microsoft Corporation -> Microsoft Corporation)
Handler: mso-minsb-roaming.16 - {83C25742-A9F7-49FB-9138-434302C88D07} - C:\Program Files\Microsoft Office\root\Office16\MSOSB.DLL [2024-08-28] (Microsoft Corporation -> Microsoft Corporation)
Handler-x32: mso-minsb-roaming.16 - {83C25742-A9F7-49FB-9138-434302C88D07} - C:\Program Files\Microsoft Office\root\VFS\ProgramFilesX86\Microsoft Office\Office16\MSOSB.DLL [2024-08-28] (Microsoft Corporation -> Microsoft Corporation)
Handler: mso-minsb.16 - {42089D2D-912D-4018-9087-2B87803E93FB} - C:\Program Files\Microsoft Office\root\Office16\MSOSB.DLL [2024-08-28] (Microsoft Corporation -> Microsoft Corporation)
Handler-x32: mso-minsb.16 - {42089D2D-912D-4018-9087-2B87803E93FB} - C:\Program Files\Microsoft Office\root\VFS\ProgramFilesX86\Microsoft Office\Office16\MSOSB.DLL [2024-08-28] (Microsoft Corporation -> Microsoft Corporation)
Handler: osf-roaming.16 - {42089D2D-912D-4018-9087-2B87803E93FB} - C:\Program Files\Microsoft Office\root\Office16\MSOSB.DLL [2024-08-28] (Microsoft Corporation -> Microsoft Corporation)
Handler-x32: osf-roaming.16 - {42089D2D-912D-4018-9087-2B87803E93FB} - C:\Program Files\Microsoft Office\root\VFS\ProgramFilesX86\Microsoft Office\Office16\MSOSB.DLL [2024-08-28] (Microsoft Corporation -> Microsoft Corporation)
Handler: osf.16 - {5504BE45-A83B-4808-900A-3A5C36E7F77A} - C:\Program Files\Microsoft Office\root\Office16\MSOSB.DLL [2024-08-28] (Microsoft Corporation -> Microsoft Corporation)
Handler-x32: osf.16 - {5504BE45-A83B-4808-900A-3A5C36E7F77A} - C:\Program Files\Microsoft Office\root\VFS\ProgramFilesX86\Microsoft Office\Office16\MSOSB.DLL [2024-08-28] (Microsoft Corporation -> Microsoft Corporation)

==================== Hosts content: =========================

(If needed Hosts: directive could be included in the fixlist to reset Hosts.)

2021-06-05 14:08 - 2021-06-05 14:08 - 000000824 _____ C:\WINDOWS\system32\drivers\etc\hosts

2024-02-23 22:32 - 2024-05-24 01:07 - 000000438 _____ C:\WINDOWS\system32\drivers\etc\hosts.ics

==================== Other Areas ===========================

(Currently there is no automatic fix for this section.)

HKLM\System\CurrentControlSet\Control\Session Manager\Environment\\Path -> C:\Program Files (x86)\Common Files\Oracle\Java\java8path;C:\Program Files (x86)\Common Files\Oracle\Java\javapath;%SystemRoot%\system32;%SystemRoot%;%SystemRoot%\System32\Wbem;%SYSTEMROOT%\System32\WindowsPowerShell\v1.0\;%SYSTEMROOT%\System32\OpenSSH\;C:\Program Files\dotnet\
HKU\S-1-5-21-4038819242-1580343200-2903088957-1001\Control Panel\Desktop\\Wallpaper -> C:\Users\MKMP\AppData\Local\Packages\Microsoft.Windows.Photos_8wekyb3d8bbwe\LocalState\PhotosAppBackground\IMG_20240215_194753.jpg
DNS Servers: 192.168.0.1
HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Policies\System => (ConsentPromptBehaviorAdmin: 5) (ConsentPromptBehaviorUser: 3) (EnableLUA: 1)
Windows Firewall is enabled.

Network Binding:
=============
Připojení k místní síti: TeamViewer VPN Adapter -> teamviewervpn.sys
Síťové připojení Bluetooth: Bluetooth Device (Personal Area Network) -> bthpan.sys
Wi-Fi: MediaTek Wi-Fi 6 MT7921 Wireless LAN Card -> mtkwl6ex.sys

==================== MSCONFIG/TASK MANAGER disabled items ==

==================== FirewallRules (Whitelisted) ================

(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)

FirewallRules: [{1794F238-5AD4-4AFA-8597-4950F25382EF}] => (Allow) C:\Program Files (x86)\Steam\steam.exe (Valve Corp. -> Valve Corporation)
FirewallRules: [{EF293EB7-EE74-45B4-8B84-926B2DF89277}] => (Allow) C:\Program Files (x86)\Steam\steam.exe (Valve Corp. -> Valve Corporation)
FirewallRules: [{AC13D2CD-1C7B-42E4-AE0A-91576117FFCE}] => (Allow) C:\Program Files (x86)\Steam\bin\cef\cef.win7x64\steamwebhelper.exe (Valve Corp. -> Valve Corporation)
FirewallRules: [{E4639AC3-92AE-4B84-8165-DBC509597DC8}] => (Allow) C:\Program Files (x86)\Steam\bin\cef\cef.win7x64\steamwebhelper.exe (Valve Corp. -> Valve Corporation)
FirewallRules: [{CD6517B3-D9D1-451A-B138-776555DEFEC0}] => (Allow) C:\Program Files\TeamViewer\TeamViewer.exe (TeamViewer Germany GmbH -> TeamViewer Germany GmbH)
FirewallRules: [{50FDA415-8349-4720-9F44-895AC17D71DB}] => (Allow) C:\Program Files\TeamViewer\TeamViewer.exe (TeamViewer Germany GmbH -> TeamViewer Germany GmbH)
FirewallRules: [{DA61F0E2-E9A4-4C0A-A6CA-DFEF3FD0B067}] => (Allow) C:\Program Files\TeamViewer\TeamViewer_Service.exe (TeamViewer Germany GmbH -> TeamViewer Germany GmbH)
FirewallRules: [{FE427888-F655-4619-972C-7B28536228AE}] => (Allow) C:\Program Files\TeamViewer\TeamViewer_Service.exe (TeamViewer Germany GmbH -> TeamViewer Germany GmbH)
FirewallRules: [{A1A88CE5-E90E-47DD-BFA9-FA45DF19BA07}] => (Allow) C:\Program Files\Mozilla Firefox\firefox.exe (Mozilla Corporation -> Mozilla Corporation)
FirewallRules: [{87A43D90-731E-4D41-A129-1A71340C0D87}] => (Allow) C:\Program Files\Mozilla Firefox\firefox.exe (Mozilla Corporation -> Mozilla Corporation)
FirewallRules: [{1EEDDA5E-A86E-40D0-AD0A-DF75EED244A0}] => (Allow) C:\Program Files\WindowsApps\MSTeams_24215.1007.3082.1590_x64__8wekyb3d8bbwe\ms-teams.exe (Microsoft Corporation -> Microsoft Corporation)
FirewallRules: [{DC6C3ECF-E950-4A62-90F9-774AB8C56521}] => (Allow) C:\Program Files\WindowsApps\MSTeams_24215.1007.3082.1590_x64__8wekyb3d8bbwe\ms-teams.exe (Microsoft Corporation -> Microsoft Corporation)
FirewallRules: [{822BEFF1-EAA7-45C1-B76A-2A0C849B1D29}] => (Allow) C:\Program Files (x86)\Microsoft\EdgeWebView\Application\128.0.2739.67\msedgewebview2.exe (Microsoft Corporation -> Microsoft Corporation)
FirewallRules: [{CF304A0D-2D2C-4C90-9471-9EAE15ABE6B9}] => (Allow) C:\Program Files\Google\Chrome\Application\chrome.exe (Google LLC -> Google LLC)

==================== Restore Points =========================

06-09-2024 21:03:52 Windows Update
10-09-2024 12:07:24 Windows Update

==================== Faulty Device Manager Devices ============


==================== Event log errors: ========================

Application errors:
==================
Error: (09/12/2024 05:36:37 PM) (Source: Microsoft-Windows-Perflib) (EventID: 1023) (User: NT AUTHORITY)
Description: Systém Windows nemůže načíst knihovnu DLL rozšiřitelných čítačů C:\WINDOWS\system32\sysmain.dll (kód chyby Win32 126).

Error: (09/11/2024 08:27:55 PM) (Source: CertEnroll) (EventID: 86) (User: NT AUTHORITY)
Description: Inicializace registrace certifikátu SCEP pro WORKGROUP\RODINKAA$ přes https://AMD-KeyId-52fb59e29aa83a962fb9e ... s/Aik/scep se nepovedla:

GetCACaps
GetCACaps: Not Found
{"Message":"The authority \"amd-keyid-52fb59e29aa83a962fb9eef0fe5b4811de6b751e.microsoftaik.azure.net\" does not exist."}
HTTP/1.1 404 Not Found
Date: Wed, 11 Sep 2024 18:27:54 GMT
Content-Length: 121
Content-Type: application/json; charset=utf-8
X-Content-Type-Options: nosniff
Strict-Transport-Security: max-age=31536000;includeSubDomains
x-ms-request-id: 23b951d8-710e-4c67-ab42-877cac061acd

Metoda: GET(375ms)
Fáze: GetCACaps
Nenalezeno (404) 0x80190194 (-2145844844 HTTP_E_STATUS_NOT_FOUND)

Error: (09/11/2024 06:27:54 PM) (Source: CertEnroll) (EventID: 86) (User: NT AUTHORITY)
Description: Inicializace registrace certifikátu SCEP pro WORKGROUP\RODINKAA$ přes https://AMD-KeyId-52fb59e29aa83a962fb9e ... s/Aik/scep se nepovedla:

GetCACaps

Metoda: GET(3047ms)
Fáze: GetCACaps
Spojení se serverem nebylo navázáno. 0x80072efd (WinHttp: 12029 ERROR_WINHTTP_CANNOT_CONNECT)

Error: (09/11/2024 06:27:51 PM) (Source: CertEnroll) (EventID: 86) (User: NT AUTHORITY)
Description: Inicializace registrace certifikátu SCEP pro Místní systém přes https://AMD-KeyId-52fb59e29aa83a962fb9e ... s/Aik/scep se nepovedla:

GetCACaps

Metoda: GET(141ms)
Fáze: GetCACaps
Nelze rozpoznat název nebo adresu serveru. 0x80072ee7 (WinHttp: 12007 ERROR_WINHTTP_NAME_NOT_RESOLVED)

Error: (09/11/2024 06:26:55 PM) (Source: CertEnroll) (EventID: 86) (User: NT AUTHORITY)
Description: Inicializace registrace certifikátu SCEP pro WORKGROUP\RODINKAA$ přes https://AMD-KeyId-52fb59e29aa83a962fb9e ... s/Aik/scep se nepovedla:

GetCACaps
GetCACaps: Not Found
{"Message":"The authority \"amd-keyid-52fb59e29aa83a962fb9eef0fe5b4811de6b751e.microsoftaik.azure.net\" does not exist."}
HTTP/1.1 404 Not Found
Date: Wed, 11 Sep 2024 16:26:55 GMT
Content-Length: 121
Content-Type: application/json; charset=utf-8
X-Content-Type-Options: nosniff
Strict-Transport-Security: max-age=31536000;includeSubDomains
x-ms-request-id: ce29080a-b5ca-45d0-86a1-628a8e55a70b

Metoda: GET(672ms)
Fáze: GetCACaps
Nenalezeno (404) 0x80190194 (-2145844844 HTTP_E_STATUS_NOT_FOUND)

Error: (09/11/2024 06:26:53 PM) (Source: CertEnroll) (EventID: 86) (User: NT AUTHORITY)
Description: Inicializace registrace certifikátu SCEP pro Místní systém přes https://AMD-KeyId-52fb59e29aa83a962fb9e ... s/Aik/scep se nepovedla:

GetCACaps

Metoda: GET(188ms)
Fáze: GetCACaps
Nelze rozpoznat název nebo adresu serveru. 0x80072ee7 (WinHttp: 12007 ERROR_WINHTTP_NAME_NOT_RESOLVED)

Error: (09/11/2024 05:29:32 PM) (Source: Microsoft-Windows-Perflib) (EventID: 1023) (User: NT AUTHORITY)
Description: Systém Windows nemůže načíst knihovnu DLL rozšiřitelných čítačů C:\WINDOWS\system32\sysmain.dll (kód chyby Win32 126).

Error: (09/10/2024 04:51:07 PM) (Source: Microsoft-Windows-Perflib) (EventID: 1023) (User: NT AUTHORITY)
Description: Systém Windows nemůže načíst knihovnu DLL rozšiřitelných čítačů C:\WINDOWS\system32\sysmain.dll (kód chyby Win32 126).


System errors:
=============
Error: (09/12/2024 05:12:23 PM) (Source: Microsoft-Windows-WindowsUpdateClient) (EventID: 20) (User: NT AUTHORITY)
Description: Instalace se nezdařila: Instalování následující aktualizace se nezdařilo z důvodu chyby (0x80073d02): 9NMPJ99VJBWV-Microsoft.YourPhone.

Error: (09/12/2024 05:12:23 PM) (Source: Microsoft-Windows-WindowsUpdateClient) (EventID: 20) (User: NT AUTHORITY)
Description: Instalace se nezdařila: Instalování následující aktualizace se nezdařilo z důvodu chyby (0x80073d02): 9NTXGKQ8P7N0-MicrosoftWindows.CrossDevice.

Error: (09/12/2024 04:50:09 PM) (Source: Microsoft-Windows-WindowsUpdateClient) (EventID: 20) (User: NT AUTHORITY)
Description: Instalace se nezdařila: Instalování následující aktualizace se nezdařilo z důvodu chyby (0x80073d02): 9NMPJ99VJBWV-Microsoft.YourPhone.

Error: (09/12/2024 04:50:09 PM) (Source: Microsoft-Windows-WindowsUpdateClient) (EventID: 20) (User: NT AUTHORITY)
Description: Instalace se nezdařila: Instalování následující aktualizace se nezdařilo z důvodu chyby (0x80073d02): 9NTXGKQ8P7N0-MicrosoftWindows.CrossDevice.

Error: (09/12/2024 03:22:24 PM) (Source: Microsoft-Windows-WindowsUpdateClient) (EventID: 20) (User: NT AUTHORITY)
Description: Instalace se nezdařila: Instalování následující aktualizace se nezdařilo z důvodu chyby (0x80073d02): 9NMPJ99VJBWV-Microsoft.YourPhone.

Error: (09/12/2024 03:22:24 PM) (Source: Microsoft-Windows-WindowsUpdateClient) (EventID: 20) (User: NT AUTHORITY)
Description: Instalace se nezdařila: Instalování následující aktualizace se nezdařilo z důvodu chyby (0x80073d02): 9NTXGKQ8P7N0-MicrosoftWindows.CrossDevice.

Error: (09/12/2024 02:51:14 PM) (Source: Microsoft-Windows-WindowsUpdateClient) (EventID: 20) (User: NT AUTHORITY)
Description: Instalace se nezdařila: Instalování následující aktualizace se nezdařilo z důvodu chyby (0x80073d02): 9NMPJ99VJBWV-Microsoft.YourPhone.

Error: (09/12/2024 02:51:13 PM) (Source: Microsoft-Windows-WindowsUpdateClient) (EventID: 20) (User: NT AUTHORITY)
Description: Instalace se nezdařila: Instalování následující aktualizace se nezdařilo z důvodu chyby (0x80073d02): 9NTXGKQ8P7N0-MicrosoftWindows.CrossDevice.


Windows Defender:
================
Date: 2024-09-10 18:17:52
Description:
Prohledávání Antivirová ochrana v programu Microsoft Defender bylo zastaveno před dokončením.
ID prohledávání: {3F1EF1A0-FC99-4567-90F5-8248B862CCF3}
Typ prohledávání: Antimalwarový program
Parametry prohledávání: Rychlé prohledávání
Uživatel: NT AUTHORITY\SYSTEM

Date: 2024-09-09 19:02:04
Description:
Prohledávání Antivirová ochrana v programu Microsoft Defender bylo zastaveno před dokončením.
ID prohledávání: {1A095F34-4CA4-4B83-AEAA-C2CBE1D9B680}
Typ prohledávání: Antimalwarový program
Parametry prohledávání: Rychlé prohledávání
Uživatel: NT AUTHORITY\SYSTEM

Date: 2024-09-08 11:26:12
Description:
Prohledávání Antivirová ochrana v programu Microsoft Defender bylo zastaveno před dokončením.
ID prohledávání: {DDB47F75-BE0F-45BF-A533-7A76D541C915}
Typ prohledávání: Antimalwarový program
Parametry prohledávání: Rychlé prohledávání
Uživatel: NT AUTHORITY\SYSTEM

Date: 2024-09-07 12:10:34
Description:
Prohledávání Antivirová ochrana v programu Microsoft Defender bylo zastaveno před dokončením.
ID prohledávání: {4FEDC91B-7339-4160-9B81-C1E0B5A60CB6}
Typ prohledávání: Antimalwarový program
Parametry prohledávání: Rychlé prohledávání
Uživatel: NT AUTHORITY\SYSTEM

Date: 2024-09-05 18:18:48
Description:
Prohledávání Antivirová ochrana v programu Microsoft Defender bylo zastaveno před dokončením.
ID prohledávání: {565C25F2-914F-4312-AB2B-838EAD6DC5DE}
Typ prohledávání: Antimalwarový program
Parametry prohledávání: Rychlé prohledávání
Uživatel: NT AUTHORITY\SYSTEM
Event[0]

Date: 2024-07-21 15:33:38
Description:
Antivirová ochrana v programu Microsoft Defender narazil na chybu při pokusu o aktualizaci bezpečnostních informací.
Nová verze bezpečnostních informací:
Předchozí verze bezpečnostních informací: 1.415.102.0
Zdroj aktualizace: Centrum společnosti Microsoft pro ochranu před škodlivým softwarem
Typ bezpečnostních informací: Antivirový program
Typ aktualizace: Úplné
Uživatel: NT AUTHORITY\SYSTEM
Aktuální verze modulu:
Předchozí verze modulu: 1.1.24060.5
Kód chyby: 0x80072ee7
Popis chyby: Nelze rozpoznat název nebo adresu serveru.

Date: 2024-07-21 15:33:38
Description:
Antivirová ochrana v programu Microsoft Defender narazil na chybu při pokusu o aktualizaci bezpečnostních informací.
Nová verze bezpečnostních informací:
Předchozí verze bezpečnostních informací: 1.415.102.0
Zdroj aktualizace: Centrum společnosti Microsoft pro ochranu před škodlivým softwarem
Typ bezpečnostních informací: Antispywarový program
Typ aktualizace: Úplné
Uživatel: NT AUTHORITY\SYSTEM
Aktuální verze modulu:
Předchozí verze modulu: 1.1.24060.5
Kód chyby: 0x80072ee7
Popis chyby: Nelze rozpoznat název nebo adresu serveru.

Date: 2024-07-21 15:33:38
Description:
Antivirová ochrana v programu Microsoft Defender narazil na chybu při pokusu o aktualizaci bezpečnostních informací.
Nová verze bezpečnostních informací:
Předchozí verze bezpečnostních informací: 1.415.102.0
Zdroj aktualizace: Centrum společnosti Microsoft pro ochranu před škodlivým softwarem
Typ bezpečnostních informací: Antivirový program
Typ aktualizace: Úplné
Uživatel: NT AUTHORITY\SYSTEM
Aktuální verze modulu:
Předchozí verze modulu: 1.1.24060.5
Kód chyby: 0x80072ee7
Popis chyby: Nelze rozpoznat název nebo adresu serveru.

Date: 2024-07-21 15:33:38
Description:
Antivirová ochrana v programu Microsoft Defender narazil na chybu při pokusu o aktualizaci bezpečnostních informací.
Nová verze bezpečnostních informací:
Předchozí verze bezpečnostních informací: 1.415.102.0
Zdroj aktualizace: Centrum společnosti Microsoft pro ochranu před škodlivým softwarem
Typ bezpečnostních informací: Antivirový program
Typ aktualizace: Úplné
Uživatel: NT AUTHORITY\SYSTEM
Aktuální verze modulu:
Předchozí verze modulu: 1.1.24060.5
Kód chyby: 0x80072ee7
Popis chyby: Nelze rozpoznat název nebo adresu serveru.

Date: 2024-07-21 15:33:38
Description:
Antivirová ochrana v programu Microsoft Defender narazil na chybu při pokusu o aktualizaci bezpečnostních informací.
Nová verze bezpečnostních informací:
Předchozí verze bezpečnostních informací: 1.415.102.0
Zdroj aktualizace: Centrum společnosti Microsoft pro ochranu před škodlivým softwarem
Typ bezpečnostních informací: Antispywarový program
Typ aktualizace: Úplné
Uživatel: NT AUTHORITY\SYSTEM
Aktuální verze modulu:
Předchozí verze modulu: 1.1.24060.5
Kód chyby: 0x80072ee7
Popis chyby: Nelze rozpoznat název nebo adresu serveru.

CodeIntegrity:
===============
Date: 2024-05-03 17:14:37
Description:
Code Integrity is unable to verify the image integrity of the file \Device\HarddiskVolume3\Windows\System32\fcon.dll because the set of per-page image hashes could not be found on the system.

Date: 2024-01-02 17:49:14
Description:
Code Integrity determined that a process (\Device\HarddiskVolume3\Windows\System32\svchost.exe) attempted to load \Device\HarddiskVolume3\Program Files\ESET\ESET Security\eamsi.dll that did not meet the Windows signing level requirements.


==================== Memory info ===========================

BIOS: American Megatrends Inc. M1502IA.312 06/05/2023
Motherboard: ASUSTeK COMPUTER INC. M1502IA
Processor: AMD Ryzen 7 4800H with Radeon Graphics
Percentage of memory in use: 95%
Total physical RAM: 7596.55 MB
Available physical RAM: 362.86 MB
Total Virtual: 20752.99 MB
Available Virtual: 3240.42 MB

==================== Drives ================================

Drive c: (OS) (Fixed) (Total:475.4 GB) (Free:263.57 GB) (Model: INTEL SSDPEKNU512GZ) NTFS

\\?\Volume{5ecc9faf-513d-4666-b487-138f6ec781ea}\ (RECOVERY) (Fixed) (Total:1.07 GB) (Free:0.31 GB) NTFS
\\?\Volume{dc30b742-20d5-459d-b28c-f81f1712a637}\ (MYASUS) (Fixed) (Total:0.19 GB) (Free:0.12 GB) FAT32
\\?\Volume{dfbfa005-90e0-44d0-bc67-16b00b11804f}\ (SYSTEM) (Fixed) (Total:0.25 GB) (Free:0.19 GB) FAT32

==================== MBR & Partition Table ====================

==========================================================
Disk: 0 (Size: 476.9 GB) (Disk ID: 70621DBC)

Partition: GPT.

==================== End of Addition.txt =======================

[Rudy]

Zdravím!
Nejprve spusťte tuto utilitu:¨¨

Ulozte na plochu AdwCleaner https://malwarebytes.com/adwcleaner/ nebo http://www.bleepingcomputer.com/download/adwcleaner/

ukoncete vsechny programy
odsouhlaste licencni podmiky (EULA) klikem na Souhlasim
kliknete pravym na ikonu AdwCleaneru a vyberte Spustit jako spravce (v pripade Win XP spustte obycejne dvojklikem)
kliknete na Skenovat nyni (Scan now), pote na Cisteni a opravy (Clean and Repair)
po restartu na Vas vyskoci log (pripadne jej najdete v C:\AdwCleaner\Logs\AdwCleaner[Cxx].txt), jehoz obsah zkopirujte do pristi odpovedi

[paolov]

# -------------------------------
# Malwarebytes AdwCleaner 8.4.2.0
# -------------------------------
# Build: 03-04-2024
# Database: 2024-03-04.1 (Cloud)
# Support: https://www.malwarebytes.com/support
#
# -------------------------------
# Mode: Scan
# -------------------------------
# Start: 09-12-2024
# Duration: 00:00:07
# OS: Windows 11 (Build 22631.4169)
# Scanned: 32107
# Detected: 0


***** [ Services ] *****

No malicious services found.

***** [ Folders ] *****

No malicious folders found.

***** [ Files ] *****

No malicious files found.

***** [ DLL ] *****

No malicious DLLs found.

***** [ WMI ] *****

No malicious WMI found.

***** [ Shortcuts ] *****

No malicious shortcuts found.

***** [ Tasks ] *****

No malicious tasks found.

***** [ Registry ] *****

No malicious registry entries found.

***** [ Chromium (and derivatives) ] *****

No malicious Chromium entries found.

***** [ Chromium URLs ] *****

No malicious Chromium URLs found.

***** [ Firefox (and derivatives) ] *****

No malicious Firefox entries found.

***** [ Firefox URLs ] *****

No malicious Firefox URLs found.

***** [ Hosts File Entries ] *****

No malicious hosts file entries found.

***** [ Preinstalled Software ] *****

No Preinstalled Software found.


AdwCleaner[S00].txt - [1420 octets] - [12/09/2024 19:38:07]

########## EOF - C:\AdwCleaner\Logs\AdwCleaner[S01].txt ##########

[Rudy]

OK, tady je to v pořádku.
Otevřte poznámkový blok a zkopírujte do něj:

Start

CloseProcesses:
C:\DumpStack.log.tmp

EmptyTemp:
End

Uložte do C:\Users\MKMP\Downloads jako fixlist.txt. Spusťte znovu FRST a klikněte na >Fix<. Po skončení akce se objeví log, který sem zkopírujte.

[paolov]

Fix result of Farbar Recovery Scan Tool (x64) Version: 09-09-2024
Ran by MKMP (12-09-2024 20:32:51) Run:2
Running from C:\Users\MKMP\Downloads
Loaded Profiles: MKMP
Boot Mode: Normal
==============================================

fixlist content:
*****************
Start

CloseProcesses:
C:\DumpStack.log.tmp

EmptyTemp:
End
*****************

Processes closed successfully.
Could not move "C:\DumpStack.log.tmp" => Scheduled to move on reboot.

=========== EmptyTemp: ==========

FlushDNS => completed
BITS transfer queue => 0 B
DOMStore, IE Recovery, AppCache, Feeds Cache, Thumbcache, IconCache => 27425366 B
Java, Discord, Steam htmlcache, WinHttpAutoProxySvc/winhttp *.cache => 411132533 B
Windows/system/drivers => 67623520 B
Edge => 0 B
Chrome => 7125428 B
Firefox => 1360637951 B
Opera => 0 B

Temp, IE cache, history, cookies, recent:
Default => 0 B
ProgramData => 0 B
Public => 0 B
systemprofile => 0 B
systemprofile32 => 0 B
LocalService => 23058 B
NetworkService => 59228 B
MKMP => 1628516676 B

RecycleBin => 1118380273 B
EmptyTemp: => 4.3 GB temporary data Removed.

================================

Result of scheduled files to move (Boot Mode: Normal) (Date&Time: 12-09-2024 20:34:44)

C:\DumpStack.log.tmp => Could not move

==== End of Fixlog 20:34:44 ====

[Rudy]

OK. Nastala nějaká změna?

[paolov]

Tak zatím nic nevyskakuje. Uvidíme dále.

[Rudy]

OK. Dejte vědět.