Dobrý den,
prosím o kontrolu logu. Antivir zjistil škodlivé příkazové řádky a nemaže je.
Scan result of Farbar Recovery Scan Tool (FRST) (x64) Version: 24-10-2025
Ran by PF (administrator) on DESKTOP-KGQ0GUC (ASUS System Product Name) (24-10-2025 20:46:55)
Running from C:\Users\PF\Downloads\FRST64.exe
Loaded Profiles: PF
Platform: Microsoft Windows 11 Pro Version 24H2 26100.6899 (X64) Language: Čeština (Česko)
Default browser: Chrome
Boot Mode: Normal
==================== Processes (Whitelisted) =================
(If an entry is included in the fixlist, the process will be closed. The file will not be moved.)
(C:\Program Files (x86)\ASUS\ArmouryDevice\asus_framework.exe ->) (ASUSTeK COMPUTER INC. -> ) C:\Program Files (x86)\ASUS\ArmouryDevice\dll\SwAgent\ArmourySwAgent.exe
(C:\Program Files (x86)\ASUS\ArmouryDevice\dll\ArmourySocketServer\ArmourySocketServer.exe ->) (ASUSTeK COMPUTER INC. -> ASUS) C:\Program Files (x86)\ASUS\ArmouryDevice\dll\ArmourySocketServer\ArmouryHtmlDebugServer.exe
(C:\Program Files (x86)\LightingService\LightingService.exe ->) (ASUSTeK COMPUTER INC. -> ) C:\Program Files\ASUS\AacAmbientHal\AacAmbientLighting.exe
(C:\Program Files (x86)\Steam\steam.exe ->) (Valve Corp. -> Valve Corporation) C:\Program Files (x86)\Steam\bin\cef\cef.win7x64\steamwebhelper.exe <7>
(C:\Program Files\ASUS\ARMOURY CRATE Lite Service\ArmouryCrate.Service.exe ->) (ASUSTeK COMPUTER INC. -> ASUSTeK COMPUTER INC.) C:\Program Files\ASUS\ARMOURY CRATE Lite Service\ArmouryCrate.UserSessionHelper.exe
(C:\Program Files\Bitdefender Agent\ProductAgentService.exe ->) (Bitdefender SRL -> Bitdefender) C:\Program Files\Bitdefender Agent\27.1.1.14\DiscoverySrv.exe
(C:\Program Files\Bitdefender\Bitdefender Security App\bdservicehost.exe ->) (Bitdefender SRL -> Bitdefender) C:\Program Files\Bitdefender\Bitdefender Security App\bdagent.exe
(C:\Program Files\Bitdefender\Bitdefender Security App\bdservicehost.exe ->) (Bitdefender SRL -> Bitdefender) C:\Program Files\Bitdefender\Bitdefender Security App\seccenter.exe
(C:\Program Files\Bitdefender\Bitdefender Security\bdservicehost.exe ->) (Bitdefender SRL -> Bitdefender) C:\Program Files\Bitdefender\Bitdefender Security\bdntwrk.exe
(C:\Program Files\Bitdefender\Bitdefender Security\bdservicehost.exe ->) (S.C. BITDEFENDER S.R.L. -> Bitdefender) C:\Program Files\Bitdefender\Bitdefender Security\wsccommunicator.exe
(C:\Program Files\Malwarebytes\Anti-Malware\MBAMService.exe ->) (Malwarebytes Inc -> Malwarebytes) C:\Program Files\Malwarebytes\Anti-Malware\Malwarebytes.exe
(DriverStore\FileRepository\u0400644.inf_amd64_9691c8ee1bbfcbb7\B399690\atiesrxx.exe ->) (Advanced Micro Devices Inc. -> AMD) C:\Windows\System32\DriverStore\FileRepository\u0400644.inf_amd64_9691c8ee1bbfcbb7\B399690\atieclxx.exe
(explorer.exe ->) (Ghisler Software GmbH -> Ghisler Software GmbH) C:\Program Files\totalcmd\TOTALCMD64.EXE
(explorer.exe ->) (Google LLC -> Google LLC) C:\Program Files\Google\Chrome\Application\chrome.exe <14>
(explorer.exe ->) (Microsoft Corporation -> ) C:\Program Files\WindowsApps\Microsoft.ScreenSketch_11.2508.29.0_x64__8wekyb3d8bbwe\SnippingTool\SnippingTool.exe
(explorer.exe ->) (Microsoft Corporation -> Microsoft Corporation) C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe <10>
(explorer.exe ->) (Valve Corp. -> Valve Corporation) C:\Program Files (x86)\Steam\steam.exe
(Gen Digital Inc. -> Gen Digital Inc.) C:\Program Files\CCleaner\CCleaner64.exe
(Microsoft Corporation -> Microsoft Corporation) C:\Users\PF\AppData\Local\Microsoft\OneDrive\25.184.0921.0004\OneDrive.Sync.Service.exe
(Microsoft Windows -> Microsoft Corporation) C:\Windows\UUS\amd64\MoNotificationUx.exe
(services.exe ->) (Advanced Micro Devices Inc. -> AMD) C:\Windows\System32\DriverStore\FileRepository\u0400644.inf_amd64_9691c8ee1bbfcbb7\B399690\atiesrxx.exe
(services.exe ->) (ASUSTeK COMPUTER INC. -> ASUS Inc.) C:\Program Files (x86)\ASUS\GameSDK Service\GameSDK.exe
(services.exe ->) (ASUSTeK COMPUTER INC. -> Asustek Computer Inc.) C:\Program Files (x86)\ASUS\AsusCertService\AsusCertService.exe
(services.exe ->) (ASUSTeK COMPUTER INC. -> ASUSTeK Computer Inc.) C:\Program Files (x86)\ASUS\AsusFanControlService\2.03.43\AsusFanControlService.exe
(services.exe ->) (ASUSTeK COMPUTER INC. -> ASUSTeK Computer Inc.) C:\Program Files (x86)\ASUS\AXSP\4.03.12\atkexComSvc.exe
(services.exe ->) (ASUSTeK COMPUTER INC. -> ASUSTek Computer Inc.) C:\Program Files (x86)\LightingService\LightingService.exe
(services.exe ->) (ASUSTeK COMPUTER INC. -> ASUSTeK COMPUTER INC.) C:\Program Files\ASUS\ARMOURY CRATE Lite Service\ArmouryCrate.Service.exe
(services.exe ->) (ASUSTeK COMPUTER INC. -> ASUSTek COMPUTER INC.) C:\Program Files\ASUS\ROG Live Service\ROGLiveService.exe
(services.exe ->) (Bitdefender SRL -> Bitdefender) C:\Program Files\Bitdefender Agent\ProductAgentService.exe
(services.exe ->) (Bitdefender SRL -> Bitdefender) C:\Program Files\Bitdefender Agent\redline\bdredline.exe
(services.exe ->) (Bitdefender SRL -> Bitdefender) C:\Program Files\Bitdefender\Bitdefender Security App\bdservicehost.exe
(services.exe ->) (Bitdefender SRL -> Bitdefender) C:\Program Files\Bitdefender\Bitdefender Security App\Safepay\bdservicehost.exe
(services.exe ->) (Bitdefender SRL -> Bitdefender) C:\Program Files\Bitdefender\Bitdefender Security\bdservicehost.exe <3>
(services.exe ->) (Bitdefender SRL -> Bitdefender) C:\Program Files\Bitdefender\Bitdefender Security\updatesrv.exe
(services.exe ->) (Bitdefender SRL -> Bitdefender) C:\Program Files\Common Files\Bitdefender\SetupInformation\Bitdefender RedLine\bdredline.exe
(services.exe ->) (DTS, Inc. -> DTS Inc.) C:\Windows\System32\DTS\PC\APO4x\DtsApo4Service.exe
(services.exe ->) (Gen Digital Inc. -> Gen Digital Inc.) C:\Program Files\CCleaner\CCleanerPerformanceOptimizerService.exe
(services.exe ->) (Malwarebytes Inc -> Malwarebytes) C:\Program Files\Malwarebytes\Anti-Malware\MBAMService.exe
(services.exe ->) (Microsoft Windows -> Microsoft Corporation) C:\Windows\System32\vds.exe
(services.exe ->) (Microsoft Windows Hardware Compatibility Publisher -> Advanced Micro Devices, Inc.) C:\Windows\System32\amdfendrsr.exe
(services.exe ->) (NVIDIA Corporation -> NVIDIA Corporation) C:\Program Files\NVIDIA Corporation\NvContainer\nvcontainer.exe <3>
(services.exe ->) (NVIDIA Corporation -> NVIDIA Corporation) C:\Windows\System32\DriverStore\FileRepository\nv_dispi.inf_amd64_9d15b9aa9e1c885b\Display.NvContainer\NVDisplay.Container.exe <2>
(services.exe ->) (Realtek Semiconductor Corp. -> Realtek Semiconductor) C:\Windows\System32\DriverStore\FileRepository\realtekservice.inf_amd64_2d0366e4f3ea0eab\RtkAudUService64.exe <2>
(services.exe ->) (Valve Corp. -> Valve Corporation) C:\Program Files (x86)\Common Files\Steam\steamservice.exe
(svchost.exe ->) (ASUSTeK COMPUTER INC. -> ) C:\Program Files\ASUS\KINGSTON_Aac_DRAM\AacKingstonDramHal_x64.exe
(svchost.exe ->) (ASUSTeK COMPUTER INC. -> ) C:\Program Files\ASUS\KINGSTON_Aac_DRAM\AacKingstonDramHal_x86.exe
(svchost.exe ->) (ASUSTeK COMPUTER INC. -> ASUS) C:\Program Files (x86)\ASUS\ArmouryDevice\dll\AcPowerNotification\AcPowerNotification.exe
(svchost.exe ->) (ASUSTeK COMPUTER INC. -> ASUS) C:\Program Files (x86)\ASUS\ArmouryDevice\dll\ArmourySocketServer\ArmourySocketServer.exe
(svchost.exe ->) (ASUSTeK COMPUTER INC. -> ASUS) C:\Program Files (x86)\ASUS\ArmouryDevice\dll\MBLedSDK\NoiseCancelingEngine.exe
(svchost.exe ->) (ASUSTeK COMPUTER INC. -> ASUSTek Compputer Inc.) C:\Program Files\ASUS\AacMB\Aac3572MbHal_x86.exe <2>
(svchost.exe ->) (ASUSTeK COMPUTER INC. -> ASUSTeK COMPUTER INC.) C:\Program Files (x86)\ASUS\ArmouryDevice\asus_framework.exe <11>
(svchost.exe ->) (ASUSTeK COMPUTER INC. -> ASUSTeK Computer Inc.) C:\Program Files\ASUS\AacExtCard\extensionCardHal_x86.exe
(svchost.exe ->) (ASUSTeK COMPUTER INC. -> ASUSTeK Computer Inc.) C:\Program Files\ASUS\ASUS_Aac_DRAM\Aac3572DramHal_x86.exe
(svchost.exe ->) (Microsoft Corporation -> ) C:\Program Files\WindowsApps\Microsoft.Edge.GameAssist_1.0.3590.0_x64__8wekyb3d8bbwe\EdgeGameAssist.exe
(svchost.exe ->) (Microsoft Corporation -> Microsoft Corporation) C:\Program Files\WindowsApps\Microsoft.GamingApp_2510.1001.55.0_x64__8wekyb3d8bbwe\XboxGameBarWidgets.exe
(svchost.exe ->) (Microsoft Corporation -> Microsoft Corporation) C:\Program Files\WindowsApps\Microsoft.GamingApp_2510.1001.55.0_x64__8wekyb3d8bbwe\XboxPcAppFT.exe
(svchost.exe ->) (Microsoft Corporation -> Microsoft Corporation) C:\Program Files\WindowsApps\Microsoft.StartExperiencesApp_1.151.0.0_x64__8wekyb3d8bbwe\MicrosoftStartFeedProvider\MicrosoftStartFeedProvider.exe
(svchost.exe ->) (Microsoft Corporation -> Microsoft Corporation) C:\Program Files\WindowsApps\Microsoft.XboxGamingOverlay_7.325.10021.0_x64__8wekyb3d8bbwe\GameBar.exe
(svchost.exe ->) (Microsoft Corporation -> Microsoft Corporation) C:\Program Files\WindowsApps\Microsoft.XboxGamingOverlay_7.325.10021.0_x64__8wekyb3d8bbwe\GameBarFTServer.exe
(svchost.exe ->) (Microsoft Windows -> Microsoft Corporation) C:\Windows\System32\dllhost.exe
(svchost.exe ->) (Microsoft Windows -> Microsoft Corporation) C:\Windows\System32\NgcIso.exe
(svchost.exe ->) (Microsoft Windows -> Microsoft Corporation) C:\Windows\System32\smartscreen.exe
(svchost.exe ->) (Microsoft Windows -> Microsoft Corporation) C:\Windows\SystemApps\Microsoft.Windows.AppRep.ChxApp_cw5n1h2txyewy\CHXSmartScreen.exe
(svchost.exe ->) (Microsoft Windows -> Microsoft Corporation) C:\Windows\SysWOW64\wbem\WmiPrvSE.exe
==================== Registry (Whitelisted) ===================
(If an entry is included in the fixlist, the registry item will be restored to default or removed. The file will not be moved.)
HKLM\...\Run: [RtkAudUService] => C:\WINDOWS\System32\DriverStore\FileRepository\realtekservice.inf_amd64_2d0366e4f3ea0eab\RtkAudUService64.exe [1629080 2024-09-06] (Realtek Semiconductor Corp. -> Realtek Semiconductor)
HKLM\...\Run: [Bdagent] => C:\Program Files\Bitdefender\Bitdefender Security App\bdagent.exe [1088288 2025-09-17] (Bitdefender SRL -> Bitdefender)
HKLM-x32\...\Run: [Adobe CCXProcess] => C:\Program Files (x86)\Adobe\Adobe Creative Cloud Experience\CCXProcess.exe [129288 2021-08-04] (Adobe Inc. -> )
HKLM\SOFTWARE\Microsoft\Windows Defender: [DisableAntiSpyware] Restriction <==== ATTENTION
HKLM\SOFTWARE\Microsoft\Windows Defender: [DisableAntiVirus] Restriction <==== ATTENTION
HKU\S-1-5-21-4128302332-195506509-195615000-1001\...\Run: [Steam] => C:\Program Files (x86)\Steam\steam.exe [4699288 2025-10-03] (Valve Corp. -> Valve Corporation)
HKU\S-1-5-21-4128302332-195506509-195615000-1001\...\Run: [CCleaner Smart Cleaning] => C:\Program Files\CCleaner\CCleaner64.exe [45741280 2025-07-18] (Gen Digital Inc. -> Gen Digital Inc.)
HKU\S-1-5-21-4128302332-195506509-195615000-1001\...\Run: [Discord] => C:\Users\PF\AppData\Local\Discord\Update.exe [1516408 2025-03-24] (Discord Inc. -> Discord Inc.)
HKU\S-1-5-21-4128302332-195506509-195615000-1001\...\Run: [MicrosoftEdgeAutoLaunch_A0CD5F1BA373F03936A23064FB273571] => "C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --no-startup-window --win-session-start [4265032 2025-10-20] (Microsoft Corporation -> Microsoft Corporation)
HKU\S-1-5-21-4128302332-195506509-195615000-1001\...\Run: [GarminExpress] => C:\Program Files (x86)\Garmin\Express\express.exe [29011792 2025-08-08] (Garmin International, Inc. -> Garmin Ltd. or its subsidiaries)
HKLM\...\Print\Monitors\HP E111 Status Monitor: C:\WINDOWS\system32\hpinkstsE111LM.dll [393352 2017-04-14] (Hewlett Packard -> HP Inc.)
HKLM\Software\Microsoft\Active Setup\Installed Components: [{49210152-871f-4ffa-961d-a172abcbc09d}] -> C:\Program Files\Google\Chrome\Application\PlatformExperienceHelper\platform_experience_helper.exe [2025-10-20] (Google LLC -> Google LLC)
HKLM\Software\Microsoft\Active Setup\Installed Components: [{8A69D345-D564-463c-AFF1-A69D9E530F96}] -> C:\Program Files\Google\Chrome\Application\141.0.7390.108\Installer\chrmstp.exe [2025-10-18] (Google LLC -> Google LLC)
==================== Scheduled Tasks (Whitelisted) =================
(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)
Task: {A982059A-23EA-438B-8B35-E1AF72E7BFDF} - System32\Tasks\ASUS\AcPowerNotification => C:\Program Files (x86)\ASUS\ArmouryDevice\dll\AcPowerNotification\AcPowerNotification.exe [398176 2024-10-30] (ASUSTeK COMPUTER INC. -> ASUS)
Task: {83C6086D-0BAF-45AE-8084-67CD3B716C6F} - System32\Tasks\ASUS\ArmourySocketServer => C:\Program Files (x86)\ASUS\ArmouryDevice\dll\ArmourySocketServer\ArmourySocketServer.exe [1779544 2024-10-30] (ASUSTeK COMPUTER INC. -> ASUS)
Task: {CBDEDDF0-37F4-4514-8302-A50AF150E83B} - System32\Tasks\ASUS\ASUSUpdateTaskMachineCore1db003a215a1f47 => C:\Program Files (x86)\ASUS\Update\AsusUpdate.exe [249192 2024-09-06] (ASUSTeK COMPUTER INC. -> ASUSTeK Computer Inc.)
Task: {57C1EDDD-FFEE-4BBE-811E-DF3360E7FCC3} - System32\Tasks\ASUS\ASUSUpdateTaskMachineUA => C:\Program Files (x86)\ASUS\Update\AsusUpdate.exe [249192 2024-09-06] (ASUSTeK COMPUTER INC. -> ASUSTeK Computer Inc.)
Task: {BEC8A36D-84BF-47CC-B81B-4939753FDEAD} - System32\Tasks\ASUS\Framework Service => C:\Program Files (x86)\ASUS\ArmouryDevice\asus_framework.exe [152109928 2024-08-13] (ASUSTeK COMPUTER INC. -> ASUSTeK COMPUTER INC.)
Task: {EF4F0FB0-2BB5-447B-B69A-F409169A0072} - System32\Tasks\ASUS\NoiseCancelingEngine => C:\Program Files (x86)\ASUS\ArmouryDevice\dll\MBLedSDK\NoiseCancelingEngine.exe [1261928 2024-04-09] (ASUSTeK COMPUTER INC. -> ASUS)
Task: {AE2DAFAF-A1A2-4781-8B4C-1EF8015EA871} - System32\Tasks\ASUS\P508PowerAgent_sdk => C:\Program Files (x86)\ASUS\ArmouryDevice\dll\ShareFromArmouryIII\Mouse\ROG STRIX CARRY\P508PowerAgent.exe (No File)
Task: {F252F138-C517-4574-8AB5-C40B31060CD6} - System32\Tasks\Bitdefender Agent WatchDog_65D6944A0EF74FDAB96E31112AD39864 => C:\Program Files\Bitdefender Agent\27.1.1.14\WatchDog.exe [1168792 2025-06-04] (Bitdefender SRL -> Bitdefender) -> C:\Program Files\Bitdefender Agent\27.1.1.14\repair
Task: {9247B0F5-05C3-4933-91FA-3337A2456AB7} - System32\Tasks\CCleaner Update => C:\Program Files\CCleaner\CCUpdate.exe [3480504 2025-07-18] (Gen Digital Inc. -> Gen Digital Inc.)
Task: {29C88F84-B167-418C-8C8C-A1E4A8DE1499} - System32\Tasks\CCleanerCrashReporting => C:\Program Files\CCleaner\CCleanerBugReport.exe [6140640 2025-07-18] (Gen Digital Inc. -> Gen Digital Inc.) -> --product 90 --send dumps|report --path "C:\Program Files\CCleaner\LOG" --programpath "C:\Program Files\CCleaner" --guid "4ca89b58-38cb-4996-aff2-2424f292af4b" --version "6.38.0.11537" --silent
Task: {4365F1BE-A23F-43EF-ABC2-771EEB48C175} - System32\Tasks\CCleanerSkipUAC - PF => C:\Program Files\CCleaner\CCleaner.exe [39575776 2025-07-18] (Gen Digital Inc. -> Gen Digital Inc.)
Task: {17DCEBD5-8C8C-42E2-9216-BE80F0EEB994} - System32\Tasks\GarminUpdaterTask => C:\Program Files (x86)\Garmin\Express SelfUpdater\ExpressSelfUpdater.exe [31056 2025-08-08] (Garmin International, Inc. -> )
Task: {9BA43F69-2149-46E7-9B72-7CA15FDE0AAF} - System32\Tasks\GoogleSystem\GoogleUpdater\GoogleUpdaterTaskSystem142.0.7416.0{80E59E05-AD5A-4717-9904-FF55D99A0921} => C:\Program Files (x86)\Google\GoogleUpdater\142.0.7416.0\updater.exe [6863512 2025-09-15] (Google LLC -> Google LLC)
Task: {077BA067-7C15-40F0-B22E-C9DC2A54B4A2} - System32\Tasks\Microsoft\Windows\Location\Notifications => %windir%\System32\LocationNotificationWindows.exe (No File)
Task: {27CE9D59-9D48-4D29-99BC-64657AEBA494} - System32\Tasks\Microsoft\Windows\Security\Pwdless\IntelligentPwdlessTask => {8702A841-D5CA-47C3-812D-9CEDC304C200}
Task: {F3E6E7ED-A196-4E44-8803-55FAB3AD4E29} - System32\Tasks\Microsoft\Windows\UpdateOrchestrator\USO_UxBroker => %systemroot%\system32\MusNotification.exe (No File)
Task: {ED75C8B0-0E09-4005-9929-FD16115A9E0D} - System32\Tasks\NVIDIA App SelfUpdate_{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8} => C:\Program Files\NVIDIA Corporation\NVIDIA App\CEF\NVIDIA App.exe [3323936 2025-08-24] (NVIDIA Corporation -> NVIDIA Corporation)
Task: {0ACBE0E6-0F9D-4CEC-A040-ECECC8F4284C} - System32\Tasks\OneDrive Startup Task-S-1-5-21-4128302332-195506509-195615000-1001 => C:\Users\PF\AppData\Local\Microsoft\OneDrive\25.184.0921.0004\OneDriveLauncher.exe [725880 2025-10-20] (Microsoft Corporation -> Microsoft Corporation)
Task: {A2FF0B8B-C782-4A91-AD95-3C0176156139} - System32\Tasks\Opera scheduled assistant Autoupdate 1733851398 => C:\Users\PF\AppData\Local\Programs\Opera\autoupdate\opera_autoupdate.exe -> --scheduledtask --productiscomponent --bypasslauncher --installdir="C:\Users\PF\AppData\Local\Programs\Opera\assistant" --producttype=assistant $(Arg0)
Task: {F55514BD-254E-4EEE-8229-56D891B70C0B} - System32\Tasks\Opera scheduled Autoupdate 1733851398 => C:\Users\PF\AppData\Local\Programs\Opera\autoupdate\opera_autoupdate.exe --scheduledtask --bypasslauncher $(Arg0) (No File)
(If an entry is included in the fixlist, the task (.job) file will be moved. The file which is running by the task will not be moved.)
Task: C:\WINDOWS\Tasks\CCleanerCrashReporting.job => C:\Program Files\CCleaner\CCleanerBugReport.exe
==================== Internet (Whitelisted) ====================
(If an item is included in the fixlist, if it is a registry item it will be removed or restored to default.)
Tcpip\Parameters: [DhcpNameServer] 192.168.1.1
Tcpip\..\Interfaces\{70c52ebf-0f0e-4719-9910-626912d7b779}: [DhcpNameServer] 192.168.1.1
Tcpip\..\Interfaces\{70c52ebf-0f0e-4719-9910-626912d7b779}: [DhcpDomain] home
Edge:
=======
Edge DefaultProfile: Default
Edge Profile: C:\Users\PF\AppData\Local\Microsoft\Edge\User Data\Default [2025-10-24]
Edge Extension: (Dokumenty Google offline) - C:\Users\PF\AppData\Local\Microsoft\Edge\User Data\Default\Extensions\ghbmnnjooekpmoecnnnilnnbdlolhkhi [2025-09-26]
Edge Extension: (Adblock Plus - free ad blocker) - C:\Users\PF\AppData\Local\Microsoft\Edge\User Data\Default\Extensions\gmgoamodcdcjnbaobigkjelfplakmdhh [2025-10-22]
Edge Extension: (Edge relevant text changes) - C:\Users\PF\AppData\Local\Microsoft\Edge\User Data\Default\Extensions\jmjflgjpcpepeafmmgdpfkogkghcpiha [2024-09-06]
Chrome:
=======
CHR Profile: C:\Users\PF\AppData\Local\Google\Chrome\User Data\Default [2025-10-24]
CHR Extension: (Dokumenty Google offline) - C:\Users\PF\AppData\Local\Google\Chrome\User Data\Default\Extensions\ghbmnnjooekpmoecnnnilnnbdlolhkhi [2025-10-24]
CHR Extension: (AdBlock - nejlepší blokátor reklam) - C:\Users\PF\AppData\Local\Google\Chrome\User Data\Default\Extensions\gighmmpiobklfepjocnamgkkbiglidom [2025-10-23]
CHR Extension: (Platby Internetového obchodu Chrome) - C:\Users\PF\AppData\Local\Google\Chrome\User Data\Default\Extensions\nmmhkkegccagdldgiimedpiccmgmieda [2025-03-16]
==================== Services (Whitelisted) ===================
(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)
R2 ArmouryCrateService; C:\Program Files\ASUS\ARMOURY CRATE Lite Service\ArmouryCrate.Service.exe [404440 2025-02-22] (ASUSTeK COMPUTER INC. -> ASUSTeK COMPUTER INC.)
R2 asComSvc; C:\Program Files (x86)\ASUS\AXSP\4.03.12\atkexComSvc.exe [908648 2024-11-12] (ASUSTeK COMPUTER INC. -> ASUSTeK Computer Inc.)
S2 asus; C:\Program Files (x86)\ASUS\Update\AsusUpdate.exe [249192 2024-09-06] (ASUSTeK COMPUTER INC. -> ASUSTeK Computer Inc.)
R2 AsusCertService; C:\Program Files (x86)\ASUS\AsusCertService\AsusCertService.exe [503144 2024-09-25] (ASUSTeK COMPUTER INC. -> Asustek Computer Inc.)
R2 AsusFanControlService; C:\Program Files (x86)\ASUS\AsusFanControlService\2.03.43\AsusFanControlService.exe [1854312 2024-11-12] (ASUSTeK COMPUTER INC. -> ASUSTeK Computer Inc.)
S3 asusm; C:\Program Files (x86)\ASUS\Update\AsusUpdate.exe [249192 2024-09-06] (ASUSTeK COMPUTER INC. -> ASUSTeK Computer Inc.)
S2 AsusUpdateCheck; C:\WINDOWS\System32\AsusUpdateCheck.exe [845256 2025-10-24] (ASUSTeK Computer Inc. -> )
R2 BDAppSrv; C:\Program Files\Bitdefender\Bitdefender Security App\bdservicehost.exe [851704 2025-09-17] (Bitdefender SRL -> Bitdefender)
R2 BDAuxSrv; C:\Program Files\Bitdefender\Bitdefender Security\bdservicehost.exe [852216 2025-09-17] (Bitdefender SRL -> Bitdefender)
R2 BDProtSrv; C:\Program Files\Bitdefender\Bitdefender Security\bdservicehost.exe [852216 2025-09-17] (Bitdefender SRL -> Bitdefender)
R2 bdredline; C:\Program Files\Common Files\Bitdefender\SetupInformation\Bitdefender RedLine\bdredline.exe [2966184 2023-07-20] (Bitdefender SRL -> Bitdefender)
R2 bdredline_agent; C:\Program Files\Bitdefender Agent\redline\bdredline.exe [2577184 2023-07-20] (Bitdefender SRL -> Bitdefender)
R2 BDSafepaySrv; C:\Program Files\Bitdefender\Bitdefender Security App\Safepay\bdservicehost.exe [852216 2025-09-17] (Bitdefender SRL -> Bitdefender)
S3 BEService; C:\Program Files (x86)\Common Files\BattlEye\BEService.exe [18663720 2024-09-07] (BattlEye Innovations e.K. -> )
R3 CCleanerPerformanceOptimizerService; C:\Program Files\CCleaner\CCleanerPerformanceOptimizerService.exe [1080544 2025-07-18] (Gen Digital Inc. -> Gen Digital Inc.)
R2 DtsApo4Service; C:\WINDOWS\System32\DTS\PC\APO4x\DtsApo4Service.exe [243432 2024-09-06] (DTS, Inc. -> DTS Inc.)
R2 GameSDK Service; C:\Program Files (x86)\ASUS\GameSDK Service\GameSDK.exe [397544 2022-05-31] (ASUSTeK COMPUTER INC. -> ASUS Inc.)
R2 LightingService; C:\Program Files (x86)\LightingService\LightingService.exe [4955496 2024-08-08] (ASUSTeK COMPUTER INC. -> ASUSTek Computer Inc.)
R2 MBAMService; C:\Program Files\Malwarebytes\Anti-Malware\MBAMService.exe [9608720 2025-09-04] (Malwarebytes Inc -> Malwarebytes)
S3 MBVpnTunnelService; C:\Program Files\Malwarebytes\Anti-Malware\MBVpnTunnelService.exe [2788304 2025-03-29] (Malwarebytes Inc. -> Malwarebytes)
S3 MDCoreSvc; C:\ProgramData\Microsoft\Windows Defender\Platform\4.18.24080.9-0\MpDefenderCoreService.exe [1431160 2024-09-17] (Microsoft Windows Publisher -> Microsoft Corporation)
R2 NVDisplay.ContainerLocalSystem; C:\WINDOWS\System32\DriverStore\FileRepository\nv_dispi.inf_amd64_9d15b9aa9e1c885b\Display.NvContainer\NVDisplay.Container.exe [1275016 2025-03-15] (NVIDIA Corporation -> NVIDIA Corporation)
R2 ProductAgentService; C:\Program Files\Bitdefender Agent\ProductAgentService.exe [764808 2025-06-04] (Bitdefender SRL -> Bitdefender)
S3 Rockstar Service; C:\Program Files\Rockstar Games\Launcher\RockstarService.exe [7682024 2025-01-19] (Rockstar Games, Inc. -> Rockstar Games)
R2 ROG Live Service; C:\Program Files\ASUS\ROG Live Service\ROGLiveService.exe [2125352 2024-11-22] (ASUSTeK COMPUTER INC. -> ASUSTek COMPUTER INC.)
S3 Sense; C:\Program Files\Windows Defender Advanced Threat Protection\MsSense.exe [803064 2025-10-15] (Microsoft Windows Publisher -> Microsoft Corporation)
R2 UPDATESRV; C:\Program Files\Bitdefender\Bitdefender Security\updatesrv.exe [291288 2025-09-17] (Bitdefender SRL -> Bitdefender)
R2 VSSERV; C:\Program Files\Bitdefender\Bitdefender Security\bdservicehost.exe [852216 2025-09-17] (Bitdefender SRL -> Bitdefender)
S3 WdNisSvc; C:\ProgramData\Microsoft\Windows Defender\Platform\4.18.24080.9-0\NisSrv.exe [3199656 2024-09-17] (Microsoft Windows Publisher -> Microsoft Corporation)
S3 WinDefend; C:\ProgramData\Microsoft\Windows Defender\Platform\4.18.24080.9-0\MsMpEng.exe [133704 2024-09-17] (Microsoft Windows Publisher -> Microsoft Corporation)
===================== Drivers (Whitelisted) ===================
(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)
R3 amdfendrmgr; C:\WINDOWS\System32\drivers\amdfendrmgr.sys [56504 2024-02-27] (Advanced Micro Devices Inc. -> Advanced Micro Devices, Inc.)
R3 amdgpio3; C:\WINDOWS\System32\drivers\amdgpio3.sys [27920 2024-03-26] (ASMedia Technology Inc. -> Advanced Micro Devices, Inc)
R3 amduw23g; C:\WINDOWS\System32\DriverStore\FileRepository\u0400644.inf_amd64_9691c8ee1bbfcbb7\B399690\amdkmdag.sys [100084632 2024-02-27] (Advanced Micro Devices Inc. -> Advanced Micro Devices, Inc.)
R1 Asusgio3; C:\Windows\system32\drivers\AsIO3.sys [58936 2024-09-24] (ASUSTeK COMPUTER INC. -> Asustek Computer Inc.)
R1 atc; C:\WINDOWS\System32\DRIVERS\atc.sys [8502336 2025-08-18] (Microsoft Windows Hardware Compatibility Publisher -> Bitdefender S.R.L. Bucharest, ROMANIA)
R3 AtcExt; C:\WINDOWS\System32\drivers\AtcExt.sys [27192 2025-08-13] (Microsoft Windows Hardware Compatibility Publisher -> Bitdefender S.R.L. Bucharest, ROMANIA)
R2 BdDci4; C:\WINDOWS\system32\DRIVERS\bddci4.sys [1371176 2025-09-17] (Microsoft Windows Hardware Compatibility Publisher -> Bitdefender)
S0 bdelam; C:\WINDOWS\System32\drivers\bdelam.sys [24568 2023-05-07] (Microsoft Windows Early Launch Anti-malware Publisher -> Bitdefender)
S3 bdprivmon; C:\WINDOWS\system32\DRIVERS\bdprivmon.sys [49200 2025-09-17] (Microsoft Windows Hardware Compatibility Publisher -> Bitdefender SRL)
S3 bduefiscan; C:\WINDOWS\system32\DRIVERS\bduefiscan.sys [53808 2025-08-13] (Microsoft Windows Hardware Compatibility Publisher -> Bitdefender)
S3 BthA2dp; C:\WINDOWS\System32\drivers\BthA2dp.sys [573440 2025-02-14] (Microsoft Corporation) [File not signed]
S3 BthHFEnum; C:\WINDOWS\System32\drivers\bthhfenum.sys [204800 2025-02-14] (Microsoft Corporation) [File not signed]
S3 BTHMODEM; C:\WINDOWS\System32\drivers\bthmodem.sys [110592 2025-02-14] (Microsoft Corporation) [File not signed]
R3 cpuz158; C:\WINDOWS\temp\cpuz158\cpuz158_x64.sys [44592 2025-10-24] (Microsoft Windows Hardware Compatibility Publisher -> CPUID) <==== ATTENTION
R1 CTIAIO; C:\Windows\system32\drivers\CtiAIo64.sys [34920 2024-09-06] (Microsoft Windows Hardware Compatibility Publisher -> Creative Technology Innovation Co., LTd.)
R1 Gemma; C:\WINDOWS\System32\DRIVERS\gemma.sys [1793112 2025-08-13] (Microsoft Windows Hardware Compatibility Publisher -> BitDefender S.R.L. Bucharest, ROMANIA)
S3 Ignisv2; C:\WINDOWS\system32\DRIVERS\ignisv2.sys [849968 2025-09-17] (Microsoft Windows Hardware Compatibility Publisher -> Bitdefender)
R4 IOMap; C:\WINDOWS\system32\drivers\IOMap64.sys [54888 2024-09-07] (ASUSTeK COMPUTER INC. -> ASUSTeK Computer Inc.)
R2 mbamchameleon; C:\WINDOWS\System32\Drivers\MbamChameleon.sys [234072 2025-10-24] (Microsoft Windows Hardware Compatibility Publisher -> Malwarebytes)
S0 MbamElam; C:\WINDOWS\System32\DRIVERS\MbamElam.sys [22120 2025-03-29] (Microsoft Windows Early Launch Anti-malware Publisher -> Malwarebytes)
R3 MBAMSwissArmy; C:\WINDOWS\System32\Drivers\mbamswissarmy.sys [244800 2025-10-05] (Microsoft Windows Hardware Compatibility Publisher -> Malwarebytes)
R1 MSIO; C:\Windows\system32\drivers\MsIo64.sys [19672 2023-12-10] (Microsoft Windows Hardware Compatibility Publisher -> MICSYS Technology Co., LTd)
R3 rt25cx21; C:\WINDOWS\System32\DriverStore\FileRepository\rt25cx21x64.inf_amd64_8e61b4ea25373168\rt25cx21x64.sys [887776 2024-10-21] (Realtek Semiconductor Corp. -> Realtek)
R2 trufos; C:\WINDOWS\System32\DRIVERS\trufos.sys [630312 2025-08-13] (Microsoft Windows Hardware Compatibility Publisher -> Bitdefender)
R0 vlflt; C:\WINDOWS\System32\DRIVERS\vlflt.sys [1445960 2025-07-07] (Microsoft Windows Hardware Compatibility Publisher -> Bitdefender)
S3 WdBoot; C:\WINDOWS\system32\drivers\wd\WdBoot.sys [22080 2024-09-17] (Microsoft Windows Early Launch Anti-malware Publisher -> Microsoft Corporation)
S3 WdFilter; C:\WINDOWS\system32\drivers\wd\WdFilter.sys [602392 2024-09-17] (Microsoft Windows -> Microsoft Corporation)
S3 WdNisDrv; C:\WINDOWS\System32\drivers\wd\WdNisDrv.sys [105864 2024-09-17] (Microsoft Windows -> Microsoft Corporation)
S3 usbscan; \SystemRoot\System32\DriverStore\FileRepository\sti.inf_amd64_971c769b103df369\usbscan.sys [X]
==================== NetSvcs (Whitelisted) ===================
(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)
==================== One month (created) (Whitelisted) =========
(If an entry is included in the fixlist, the file/folder will be moved.)
2025-10-24 20:46 - 2025-10-24 20:47 - 000028047 _____ C:\Users\PF\Downloads\FRST.txt
2025-10-24 20:46 - 2025-10-24 20:46 - 002443264 _____ (Farbar) C:\Users\PF\Downloads\FRST64.exe
2025-10-24 20:37 - 2025-10-24 20:38 - 000000000 ____D C:\Users\PF\AppData\LocalLow\IGDump
2025-10-23 19:11 - 2025-10-23 21:18 - 2700247067 _____ C:\Users\PF\Downloads\Yellowstone S02E05 HD CZ dabing.mkv
2025-10-18 20:34 - 2025-10-24 20:35 - 000000000 ____D C:\WINDOWS\CbsTemp
2025-10-18 12:47 - 2025-10-18 12:49 - 000000000 ____D C:\WINDOWS\system32\Tasks\GoogleUserPEH
2025-10-15 20:31 - 2025-10-15 20:31 - 003392169 _____ C:\Users\PF\Downloads\promods-def-v276 (1).scs
2025-10-15 17:40 - 2025-10-15 17:40 - 000035125 _____ C:\WINDOWS\SysWOW64\IntegratedServicesRegionPolicySet.json
2025-10-15 17:40 - 2025-10-15 17:40 - 000035125 _____ C:\WINDOWS\system32\IntegratedServicesRegionPolicySet.json
2025-10-14 19:16 - 2025-10-14 19:17 - 2726015168 _____ C:\Users\PF\Downloads\Yellowstone+S02E04+CZdab.mkv
2025-10-12 20:31 - 2025-10-12 20:31 - 109187637 _____ C:\Users\PF\Downloads\fhm4_17-18_logos.rar
2025-10-12 20:22 - 2025-10-12 20:22 - 000000223 _____ C:\Users\PF\Desktop\Franchise Hockey Manager 11.url
2025-10-12 20:21 - 2025-10-12 20:21 - 784144248 _____ C:\Users\PF\Downloads\Yellowstone+S02E03+-+Pach+zoufalství+(2019)+western+czdab.mkv
2025-10-11 13:32 - 2025-10-11 13:32 - 000000000 ____D C:\Users\PF\Downloads\promods-tgs-v141.7z
2025-10-11 10:55 - 2025-10-11 13:08 - 2789472069 _____ C:\Users\PF\Downloads\Yellowstone S02E02 CZ Dab.mkv
2025-10-09 17:55 - 2025-10-09 17:55 - 236385500 _____ C:\Users\PF\Downloads\promods-tgs-v141.7z.003
2025-10-09 17:45 - 2025-10-09 17:45 - 262144000 _____ C:\Users\PF\Downloads\promods-tgs-v141.7z.002
2025-10-09 17:25 - 2025-10-09 17:36 - 262144000 _____ C:\Users\PF\Downloads\promods-tgs-v141.7z.001
2025-10-09 17:07 - 2025-10-09 17:07 - 266339955 _____ C:\Users\PF\Downloads\promods-tcp-v156.7z
2025-10-09 16:59 - 2025-10-09 17:00 - 197232432 _____ C:\Users\PF\Downloads\promods-me-v276.7z
2025-10-09 16:50 - 2025-10-09 16:50 - 002340445 _____ C:\Users\PF\Downloads\promods-cap-v156.7z
2025-10-07 17:44 - 2025-10-07 17:44 - 000000000 ____D C:\Users\PF\AppData\Roaming\Pro Cycling Manager 2017
2025-10-07 17:32 - 2025-10-07 17:32 - 005273389 _____ C:\Users\PF\Documents\ProCyclist_1.cdb
2025-10-07 17:21 - 2025-10-07 17:21 - 005272969 _____ C:\Users\PF\Documents\ProCyclist_2.cdb
2025-10-07 16:38 - 2025-10-07 17:26 - 000000000 ____D C:\Users\PF\AppData\Local\Deployment
2025-10-05 13:31 - 2025-10-05 13:31 - 003392169 _____ C:\Users\PF\Downloads\promods-def-v276.scs
==================== One month (modified) ==================
(If an entry is included in the fixlist, the file/folder will be moved.)
2025-10-24 20:47 - 2024-11-12 22:39 - 000000000 ____D C:\FRST
2025-10-24 20:45 - 2025-03-29 14:50 - 000000000 ____D C:\Users\PF\AppData\Local\Malwarebytes
2025-10-24 20:45 - 2024-09-07 13:17 - 000000000 ____D C:\Program Files (x86)\Steam
2025-10-24 20:43 - 2024-04-01 09:26 - 000000000 ____D C:\ProgramData\regid.1991-06.com.microsoft
2025-10-24 20:40 - 2025-08-17 09:47 - 000000000 ____D C:\Users\PF\AppData\Roaming\utorrent
2025-10-24 20:40 - 2025-02-26 18:42 - 000000000 ____D C:\WINDOWS\Minidump
2025-10-24 20:40 - 2025-02-14 17:34 - 000000000 ___DC C:\WINDOWS\Panther
2025-10-24 20:40 - 2024-12-10 19:30 - 000000000 ____D C:\Users\PF\AppData\Local\CrashDumps
2025-10-24 20:40 - 2024-04-01 09:26 - 000000000 ____D C:\WINDOWS\LiveKernelReports
2025-10-24 20:39 - 2025-02-14 20:03 - 000003382 _____ C:\WINDOWS\system32\Tasks\CCleanerCrashReporting
2025-10-24 20:39 - 2024-09-07 14:27 - 000000670 _____ C:\WINDOWS\Tasks\CCleanerCrashReporting.job
2025-10-24 20:39 - 2024-09-07 14:27 - 000000000 ____D C:\Program Files\CCleaner
2025-10-24 20:38 - 2024-04-01 09:26 - 000000000 ____D C:\WINDOWS\SystemTemp
2025-10-24 20:35 - 2025-02-14 20:02 - 000050808 _____ C:\WINDOWS\system32\5E37410B-D6F1-471D-AE27-563CEAC0D6B2
2025-10-24 20:35 - 2024-09-06 12:37 - 000000000 ____D C:\Users\PF\AppData\Roaming\asus_framework
2025-10-24 20:34 - 2025-02-14 20:03 - 000000006 ____H C:\WINDOWS\Tasks\SA.DAT
2025-10-24 20:34 - 2024-09-06 16:41 - 000901328 _____ () C:\WINDOWS\system32\wpbbin.exe
2025-10-24 20:34 - 2024-09-06 16:41 - 000845256 _____ C:\WINDOWS\system32\AsusUpdateCheck.exe
2025-10-24 20:34 - 2024-09-06 16:41 - 000012288 ___SH C:\DumpStack.log.tmp
2025-10-24 20:34 - 2024-09-06 10:52 - 000000000 ____D C:\ProgramData\NVIDIA
2025-10-24 20:34 - 2024-04-01 09:26 - 000000000 ____D C:\WINDOWS\AppReadiness
2025-10-24 20:34 - 2024-04-01 09:21 - 000524288 _____ C:\WINDOWS\system32\config\BBI
2025-10-24 17:14 - 2025-04-27 13:26 - 000000000 ____D C:\Users\PF\AppData\Roaming\vlc
2025-10-24 11:24 - 2024-09-06 10:52 - 000000000 ____D C:\Program Files\ASUS
2025-10-24 10:22 - 2024-04-01 09:26 - 000000000 ___HD C:\Program Files\WindowsApps
2025-10-23 20:18 - 2024-09-06 16:43 - 000000000 ____D C:\Users\PF\AppData\Local\D3DSCache
2025-10-22 17:26 - 2024-09-06 16:41 - 000002436 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Microsoft Edge.lnk
2025-10-22 17:26 - 2024-09-06 16:41 - 000002274 _____ C:\Users\Public\Desktop\Microsoft Edge.lnk
2025-10-22 17:24 - 2024-04-01 09:21 - 000065536 _____ C:\WINDOWS\system32\config\ELAM
2025-10-20 19:37 - 2025-02-18 17:03 - 000003558 _____ C:\WINDOWS\system32\Tasks\OneDrive Startup Task-S-1-5-21-4128302332-195506509-195615000-1001
2025-10-20 19:37 - 2025-02-14 20:03 - 000003584 _____ C:\WINDOWS\system32\Tasks\OneDrive Reporting Task-S-1-5-21-4128302332-195506509-195615000-1001
2025-10-20 19:37 - 2025-02-14 20:03 - 000003370 _____ C:\WINDOWS\system32\Tasks\OneDrive Standalone Update Task-S-1-5-21-4128302332-195506509-195615000-1001
2025-10-20 19:37 - 2024-09-06 16:45 - 000002370 _____ C:\Users\PF\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\OneDrive.lnk
2025-10-18 20:32 - 2025-02-14 20:00 - 000000000 ____D C:\WINDOWS\system32\SleepStudy
2025-10-18 17:37 - 2025-03-16 12:12 - 000002247 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Google Chrome.lnk
2025-10-18 17:37 - 2025-03-16 12:12 - 000002206 _____ C:\Users\Public\Desktop\Google Chrome.lnk
2025-10-15 20:50 - 2025-02-14 20:00 - 000001623 _____ C:\WINDOWS\system32\config\VSMIDK
2025-10-15 20:50 - 2024-04-01 09:24 - 000000000 ____D C:\WINDOWS\INF
2025-10-15 20:48 - 2025-02-14 20:00 - 000324192 _____ C:\WINDOWS\system32\FNTCACHE.DAT
2025-10-15 20:48 - 2024-04-01 18:31 - 000000000 ____D C:\Program Files\Windows Defender Advanced Threat Protection
2025-10-15 20:48 - 2024-04-01 18:30 - 000000000 ____D C:\WINDOWS\system32\Microsoft-Edge-WebView
2025-10-15 20:48 - 2024-04-01 09:26 - 000000000 ___RD C:\WINDOWS\ImmersiveControlPanel
2025-10-15 20:48 - 2024-04-01 09:26 - 000000000 ____D C:\WINDOWS\UUS
2025-10-15 20:48 - 2024-04-01 09:26 - 000000000 ____D C:\WINDOWS\SysWOW64\WinMetadata
2025-10-15 20:48 - 2024-04-01 09:26 - 000000000 ____D C:\WINDOWS\SysWOW64\setup
2025-10-15 20:48 - 2024-04-01 09:26 - 000000000 ____D C:\WINDOWS\SysWOW64\Dism
2025-10-15 20:48 - 2024-04-01 09:26 - 000000000 ____D C:\WINDOWS\SystemResources
2025-10-15 20:48 - 2024-04-01 09:26 - 000000000 ____D C:\WINDOWS\system32\WinMetadata
2025-10-15 20:48 - 2024-04-01 09:26 - 000000000 ____D C:\WINDOWS\system32\setup
2025-10-15 20:48 - 2024-04-01 09:26 - 000000000 ____D C:\WINDOWS\system32\SecureBootUpdates
2025-10-15 20:48 - 2024-04-01 09:26 - 000000000 ____D C:\WINDOWS\system32\oobe
2025-10-15 20:48 - 2024-04-01 09:26 - 000000000 ____D C:\WINDOWS\system32\migwiz
2025-10-15 20:48 - 2024-04-01 09:26 - 000000000 ____D C:\WINDOWS\system32\HealthAttestationClient
2025-10-15 20:48 - 2024-04-01 09:26 - 000000000 ____D C:\WINDOWS\system32\Dism
2025-10-15 20:48 - 2024-04-01 09:26 - 000000000 ____D C:\WINDOWS\system32\appraiser
2025-10-15 20:48 - 2024-04-01 09:26 - 000000000 ____D C:\WINDOWS\ShellExperiences
2025-10-15 20:48 - 2024-04-01 09:26 - 000000000 ____D C:\WINDOWS\ShellComponents
2025-10-15 20:48 - 2024-04-01 09:26 - 000000000 ____D C:\WINDOWS\Provisioning
2025-10-15 20:48 - 2024-04-01 09:26 - 000000000 ____D C:\WINDOWS\PolicyDefinitions
2025-10-15 20:48 - 2024-04-01 09:26 - 000000000 ____D C:\WINDOWS\BrowserCore
2025-10-15 20:48 - 2024-04-01 09:26 - 000000000 ____D C:\WINDOWS\bcastdvr
2025-10-15 20:48 - 2024-04-01 09:21 - 000000000 ____D C:\WINDOWS\servicing
2025-10-15 20:47 - 2024-04-01 09:26 - 000000000 ____D C:\ProgramData\USOPrivate
2025-10-15 20:30 - 2024-09-17 19:35 - 000000000 ____D C:\Users\PF\Documents\Euro Truck Simulator 2
2025-10-15 20:06 - 2024-09-06 11:05 - 000000000 ____D C:\WINDOWS\system32\MRT
2025-10-15 20:05 - 2024-09-06 11:05 - 214534944 ____C (Microsoft Corporation) C:\WINDOWS\system32\MRT.exe
2025-10-15 17:40 - 2025-02-14 20:03 - 003276800 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\PrintConfig.dll
2025-10-13 20:39 - 2024-09-30 18:49 - 000000000 ____D C:\Users\PF\AppData\Roaming\Pro Cycling Manager 2023
2025-10-12 20:22 - 2024-09-07 13:38 - 000000000 ____D C:\Users\PF\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Steam
2025-10-12 20:20 - 2025-02-14 20:03 - 000003640 _____ C:\WINDOWS\system32\Tasks\MicrosoftEdgeUpdateTaskMachineUA
2025-10-12 20:20 - 2025-02-14 20:03 - 000003514 _____ C:\WINDOWS\system32\Tasks\MicrosoftEdgeUpdateTaskMachineCore
2025-10-12 11:17 - 2025-02-14 18:05 - 000000000 ____D C:\Users\PF
2025-10-11 14:48 - 2024-09-07 16:56 - 000000000 ____D C:\Users\PF\Documents\American Truck Simulator
2025-10-10 21:32 - 2024-09-26 19:21 - 000000000 ____D C:\Users\PF\AppData\Roaming\WeMod
2025-10-05 19:37 - 2025-03-29 14:50 - 000244800 _____ (Malwarebytes) C:\WINDOWS\system32\Drivers\mbamswissarmy.sys
2025-10-03 20:54 - 2024-09-26 19:21 - 000002184 _____ C:\Users\PF\Desktop\WeMod.lnk
2025-10-03 20:54 - 2024-09-26 19:21 - 000000000 ____D C:\Users\PF\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\WeMod
2025-10-03 20:54 - 2024-09-26 19:21 - 000000000 ____D C:\Users\PF\AppData\Local\WeMod
2025-10-03 20:54 - 2024-09-26 19:21 - 000000000 ____D C:\Users\PF\AppData\Local\SquirrelTemp
2025-10-02 16:58 - 2025-02-22 09:12 - 000000000 ____D C:\EHM soupiska
2025-10-01 17:00 - 2024-09-26 16:32 - 000000000 ____D C:\Users\PF\AppData\Roaming\XnViewMP
2025-09-28 19:33 - 2025-04-01 15:31 - 000003834 _____ C:\WINDOWS\system32\Tasks\NVIDIA App SelfUpdate_{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}
2025-09-28 19:33 - 2025-04-01 15:31 - 000001430 _____ C:\Users\Public\Desktop\NVIDIA App.lnk
2025-09-28 19:33 - 2024-09-12 20:22 - 000000000 ____D C:\Program Files (x86)\NVIDIA Corporation
2025-09-28 19:33 - 2024-09-06 12:30 - 000000000 ____D C:\Users\PF\AppData\Local\NVIDIA Corporation
2025-09-28 15:40 - 2024-11-05 19:03 - 000000000 ____D C:\Users\PF\AppData\Roaming\discord
2025-09-28 14:57 - 2025-03-31 20:00 - 000000000 ____D C:\Users\PF\AppData\Local\Discord
2025-09-28 14:56 - 2024-11-05 19:03 - 000002228 _____ C:\Users\PF\Desktop\Discord.lnk
2025-09-27 09:02 - 2024-11-05 19:16 - 000000000 ____D C:\Games
2025-09-27 09:02 - 2024-11-05 19:15 - 000000000 ____D C:\Users\PF\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Wargaming.net
2025-09-26 16:42 - 2025-02-14 20:03 - 000004210 _____ C:\WINDOWS\system32\Tasks\CCleaner Update
==================== Files in the root of some directories ========
2023-12-14 20:14 - 2023-12-14 20:14 - 000000272 _____ () C:\ProgramData\fontcacheev1.dat
2025-05-20 18:10 - 2025-05-20 18:10 - 000001536 _____ () C:\Users\PF\AppData\Local\recently-used.xbel
==================== SigCheck ============================
(There is no automatic fix for files that do not pass verification.)
==================== End of FRST.txt ========================
Additional scan result of Farbar Recovery Scan Tool (x64) Version: 24-10-2025
Ran by PF (24-10-2025 20:48:07)
Running from C:\Users\PF\Downloads
Microsoft Windows 11 Pro Version 24H2 26100.6899 (X64) (2025-02-15 06:56:46)
Boot Mode: Normal
==========================================================
==================== Accounts: =============================
(If an entry is included in the fixlist, it will be removed.)
Administrator (S-1-5-21-4128302332-195506509-195615000-500 - Administrator - Disabled)
DefaultAccount (S-1-5-21-4128302332-195506509-195615000-503 - Limited - Disabled)
Guest (S-1-5-21-4128302332-195506509-195615000-501 - Limited - Disabled)
PF (S-1-5-21-4128302332-195506509-195615000-1001 - Administrator - Enabled) => C:\Users\PF
WDAGUtilityAccount (S-1-5-21-4128302332-195506509-195615000-504 - Limited - Disabled)
==================== Security Center ========================
(If an entry is included in the fixlist, it will be removed.)
AV: Bitdefender Antivirus (Enabled - Up to date) {0F59B032-EA77-E3A8-2382-74A4346E5522}
AV: Windows Defender (Disabled - Up to date) {D68DDC3A-831F-4fae-9E44-DA132C1ACF46}
==================== Installed Programs ======================
(Only the adware programs with "Hidden" flag could be added to the fixlist to unhide them. The adware programs should be uninstalled manually.)
Adobe Photoshop 2023 (HKLM-x32\...\PHSP_24_2) (Version: 24.2.0.315 - Adobe Inc.)
AMD GPIO2 Driver (HKLM-x32\...\{E9DD399F-21A3-479E-A7DF-D6CF4B2ADBF3}) (Version: 2.2.0.133 - Advanced Micro Devices, Inc.) Hidden
AMD Chipset Software (HKLM-x32\...\AMD_Chipset_IODrivers) (Version: 6.06.11.2153 - Advanced Micro Devices, Inc.)
AMD PPM Provisioning File Driver (HKLM-x32\...\{3665A5DE-D07C-46D7-9207-713E8E9FEF32}) (Version: 8.0.0.32 - Advanced Micro Devices, Inc.) Hidden
AMD PSP Driver (HKLM-x32\...\{988F14B8-79A8-475D-BAC7-83F96AD3D821}) (Version: 5.28.0.0 - Advanced Micro Devices, Inc.) Hidden
AMD SBxxx SMBus Driver (HKLM-x32\...\{AAE0E27D-C88A-49BA-8715-77ADCD4286A3}) (Version: 5.12.0.44 - Advanced Micro Devices, Inc.) Hidden
AMD_Chipset_Drivers (HKLM-x32\...\{f738e81d-6f36-4eae-83b9-c4a2d7d7a868}) (Version: 6.06.11.2153 - Advanced Micro Devices, Inc.) Hidden
AniMe Matrix MB EN (HKLM\...\{399B6DA7-B609-426E-95F8-B9A83FB7D06E}) (Version: 1.0.1 - ASUS)
ANT Drivers Installer x64 (HKLM\...\{69444F98-CC1E-4795-8F8A-60BE6AF51F0F}) (Version: 2.3.4 - Garmin Ltd or its subsidiaries) Hidden
ARMOURY CRATE Lite Service (HKLM\...\{EF3944FF-2501-4568-B15C-5701E726719E}) (Version: 5.9.14 - ASUS)
ASUS AIOFan HAL (HKLM\...\{EAE80DED-1A39-41C5-9F60-87CC947F6454}) (Version: 1.3.3.1 - ASUSTek COMPUTER INC.) Hidden
ASUS AIOFan HAL (HKLM-x32\...\{aaf11245-1248-47ad-9203-e7573aa8e596}) (Version: 1.3.3.1 - ASUSTek COMPUTER INC.) Hidden
ASUS Ambient HAL (HKLM\...\{49D5558A-B837-4930-AB87-8855AEF52283}) (Version: 3.4.0.0 - ASUSTeK COMPUTER INC.) Hidden
ASUS Ambient HAL (HKLM-x32\...\{8d854dcd-ab31-4eb2-af67-e1f77a71c262}) (Version: 3.4.0.0 - ASUSTeK COMPUTER INC.) Hidden
ASUS AURA Extension Card HAL (HKLM\...\{237E1CAC-1708-4940-AC34-DF15C079AB70}) (Version: 1.1.0.20 - ASUSTeK COMPUTER INC.) Hidden
ASUS AURA Extension Card HAL (HKLM-x32\...\{49c4358d-054e-4cf1-9ec1-dca3487f304a}) (Version: 1.1.0.20 - ASUSTeK COMPUTER INC.) Hidden
ASUS AURA Motherboard HAL (HKLM\...\{359B9A9D-A289-4962-BCE2-13EBFD50D532}) (Version: 1.5.0.1 - ASUSTeK COMPUTER INC.) Hidden
ASUS AURA Motherboard HAL (HKLM-x32\...\{2d085e57-a3d6-425f-a8d9-493bfb3649c4}) (Version: 1.5.0.1 - ASUSTeK COMPUTER INC.) Hidden
ASUS Aura SDK (HKLM\...\{CF8E6E00-9C03-4440-81C0-21FACB921A6B}) (Version: 3.04.46 - ASUSTek COMPUTER INC.) Hidden
ASUS AURA VGA Component (HKLM\...\{71BB96A6-EAC4-45AE-A17D-D3ED43FF1D14}) (Version: 0.0.7.0 - ASUSTek COMPUTER INC. ) Hidden
ASUS AURA VGA Component (HKLM-x32\...\{20fc0fa3-6bf2-47fd-8cc7-09088f59b129}) (Version: 0.0.7.0 - ASUSTek COMPUTER INC. ) Hidden
ASUS Framework Service (HKLM-x32\...\{339A6383-7862-46DA-8A9D-E84180EF9424}) (Version: 4.2.0.4 - ASUSTeK Computer Inc.)
ASUS Motherboard (HKLM-x32\...\{93795eb8-bd86-4d4d-ab27-ff80f9467b37}) (Version: 4.02.32 - ASUSTek Computer Inc.)
ASUS Update Helper (HKLM-x32\...\{A92DAB39-4E2C-4304-9AB6-BC44E68B55E2}) (Version: 1.3.107.141 - ASUSTeK Computer Inc.) Hidden
AURA DRAM Component (HKLM\...\{B6B3BA9B-2FA3-4B3A-9C3A-0945B89E725C}) (Version: 1.1.27 - ASUS) Hidden
AURA DRAM Component (HKLM-x32\...\{9983b059-3dd9-449a-80e6-bcb45c840bdf}) (Version: 1.1.27 - ASUS) Hidden
AURA lighting effect add-on (HKLM-x32\...\{1E2EA04B-FCA7-457E-B6F4-F33E1858E859}) (Version: 0.0.44 - ASUSTek COMPUTER INC.)
AURA lighting effect add-on x64 (HKLM\...\{C5A4A164-4428-4931-B728-96EEF0FA3C44}) (Version: 0.0.44 - ASUSTek COMPUTER INC.)
AURA Service (HKLM-x32\...\{56EEEF7D-0AE3-401A-898B-581719D005AE}) (Version: 3.07.54 - ASUSTeK Computer Inc.) Hidden
AURA Service (HKLM-x32\...\{5a78a7d3-44e9-4462-8796-3746f1c62cb8}) (Version: 3.07.54 - ASUSTeK Computer Inc.)
Balíček ovladače systému Windows - Dynastream Innovations, Inc. ANT LibUSB Drivers (04/11/2012 1.2.40.201) (HKLM\...\F9D2A789F9CFF8CEC36B544F53877C80F1F73C46) (Version: 04/11/2012 1.2.40.201 - Dynastream Innovations, Inc.)
Balíček ovladače systému Windows - Garmin (grmnusb) GARMIN Devices (04/19/2012 2.3.1.0) (HKLM\...\98157A226B40B173301B0F53C8E98C47805D5152) (Version: 04/19/2012 2.3.1.0 - Garmin)
Balíček ovladače systému Windows - Silicon Labs Software (DSI_SiUSBXp_3_1) USB (02/06/2007 3.1) (HKLM\...\D1506E0025B5A3F9EB8270FE81C1EEDD9388B8A2) (Version: 02/06/2007 3.1 - Silicon Labs Software)
Bitdefender Agent (HKLM\...\Bitdefender Agent) (Version: 27.1.1.14 - Bitdefender)
Bitdefender Antivirus Free (HKLM\...\Bitdefender) (Version: 27.0.41.194 - Bitdefender)
CCleaner (HKLM\...\CCleaner) (Version: 6.38 - Piriform)
Discord (HKU\S-1-5-21-4128302332-195506509-195615000-1001\...\Discord) (Version: 1.0.9187 - Discord Inc.)
ENE RGB HAL (HKLM\...\{E050E98C-5524-4AFB-9E53-97700BEF2C02}) (Version: 1.1.52.0 - Ene Tech.) Hidden
ENE RGB HAL (HKLM-x32\...\{46a2a5f2-1607-498b-b6a3-194f88547c16}) (Version: 1.1.52.0 - Ene Tech.) Hidden
ENE_EHD_M2_HAL (HKLM\...\{37A48B7F-D4EA-4863-844E-A284E2AA3C5D}) (Version: 1.0.13.0 - ENE TECHNOLOGY INC.) Hidden
ENE_EHD_M2_HAL (HKLM-x32\...\{0d380ad9-daa5-4680-ada2-dc3ed9207e16}) (Version: 1.0.13.0 - ENE TECHNOLOGY INC.) Hidden
Epic Games Launcher Prerequisites (x64) (HKLM\...\{E81CA011-E9A8-42B8-A4C0-11F66BE56D6C}) (Version: 1.0.0.0 - Epic Games, Inc.) Hidden
GameSDK Service (HKLM-x32\...\{021d69c3-d686-4a94-8fb5-fd1ee782fb14}) (Version: 1.0.5.0 - ASUSTek COMPUTER INC.)
GameSDK Service (HKLM-x32\...\{7160DA8D-3F25-4F6E-ABC8-F693551D82FA}) (Version: 1.0.5.0 - ASUSTek COMPUTER INC.) Hidden
Garmin Express (HKLM-x32\...\{12CACC17-D22C-4653-8311-2124C9941D24}) (Version: 7.26.0.0 - Garmin Ltd or its subsidiaries) Hidden
Garmin Express (HKLM-x32\...\{a4c38753-e8fc-4f0a-bdfe-91860a26bcf9}) (Version: 7.26.0.0 - Garmin Ltd or its subsidiaries)
GIMP 2.10.38-1 (HKLM\...\GIMP-2_is1) (Version: 2.10.38 - The GIMP Team)
Google Chrome (HKLM-x32\...\Google Chrome) (Version: 141.0.7390.108 - Google LLC)
Kingston AURA DRAM Component (HKLM\...\{965CDF5F-901C-476F-B3A8-7396701B1129}) (Version: 1.1.36 - KINGSTON COMPONENTS INC.) Hidden
Kingston AURA DRAM Component (HKLM-x32\...\{afab10dc-c1d5-45c1-ad91-fe33af8ac488}) (Version: 1.1.36 - KINGSTON COMPONENTS INC.) Hidden
Launcher Prerequisites (x64) (HKLM-x32\...\{60e762c3-a30e-4a24-ac32-35fc9aa84805}) (Version: 1.0.0.0 - Epic Games, Inc.) Hidden
Malwarebytes version 5.4.1.215 (HKLM\...\{35065F43-4BB2-439A-BFF7-0F1014F2E0CD}_is1) (Version: 5.4.1.215 - Malwarebytes)
MediaMonkey 5 (HKLM-x32\...\MediaMonkey 5_is1) (Version: 5 - Ventis Media Inc.)
Microsoft .NET Host - 6.0.16 (x64) (HKLM\...\{1D0AC7F1-2B34-44AF-91F6-88757D768DA7}) (Version: 48.67.58427 - Microsoft Corporation) Hidden
Microsoft .NET Host - 8.0.12 (x64) (HKLM\...\{C4C6E39D-48AE-426C-960C-46ED3447DDEB}) (Version: 64.48.26165 - Microsoft Corporation) Hidden
Microsoft .NET Host FX Resolver - 6.0.16 (x64) (HKLM\...\{B8537ACA-B210-4DF5-B928-E41CEB76723D}) (Version: 48.67.58427 - Microsoft Corporation) Hidden
Microsoft .NET Host FX Resolver - 8.0.12 (x64) (HKLM\...\{C9C872D5-3CA9-4E0E-AF90-1B85325F9243}) (Version: 64.48.26165 - Microsoft Corporation) Hidden
Microsoft .NET Runtime - 6.0.16 (x64) (HKLM\...\{C71E93D2-B8B4-4858-B2A1-4C967DBC1C5F}) (Version: 48.67.58427 - Microsoft Corporation) Hidden
Microsoft .NET Runtime - 6.0.16 (x64) (HKLM-x32\...\{2a8d0f2b-911b-4b58-8252-46b29e7a4590}) (Version: 6.0.16.32323 - Microsoft Corporation)
Microsoft .NET Runtime - 8.0.12 (x64) (HKLM\...\{1E606649-7E56-452F-8AC4-495C70D1E341}) (Version: 64.48.26165 - Microsoft Corporation) Hidden
Microsoft Edge (HKLM-x32\...\Microsoft Edge) (Version: 141.0.3537.92 - Microsoft Corporation)
Microsoft Edge WebView2 Runtime (HKLM-x32\...\Microsoft EdgeWebView) (Version: 141.0.3537.92 - Microsoft Corporation) Hidden
Microsoft OneDrive (HKU\S-1-5-21-4128302332-195506509-195615000-1001\...\OneDriveSetup.exe) (Version: 25.184.0921.0004 - Microsoft Corporation)
Microsoft Teams Meeting Add-in for Microsoft Office (HKLM\...\{A7AB73A3-CB10-4AA5-9D38-6AEFFBDE4C91}) (Version: 1.24.25702 - Microsoft)
Microsoft Update Health Tools (HKLM\...\{C6FD611E-7EFE-488C-A0E0-974C09EF6473}) (Version: 5.72.0.0 - Microsoft Corporation)
Microsoft Visual C++ 2005 Redistributable (HKLM-x32\...\{710f4c1c-cc18-4c49-8cbf-51240c89a1a2}) (Version: 8.0.61001 - Microsoft Corporation)
Microsoft Visual C++ 2005 Redistributable (x64) (HKLM\...\{ad8a2fa1-06e7-4b0d-927d-6e54b3d31028}) (Version: 8.0.61000 - Microsoft Corporation)
Microsoft Visual C++ 2010 x64 Redistributable - 10.0.40219 (HKLM\...\{1D8E6291-B0D5-35EC-8441-6616F567A0F7}) (Version: 10.0.40219 - Microsoft Corporation)
Microsoft Visual C++ 2010 x86 Redistributable - 10.0.40219 (HKLM-x32\...\{F0C3E5D1-1ADE-321E-8167-68EF0DE699A5}) (Version: 10.0.40219 - Microsoft Corporation)
Microsoft Visual C++ 2012 Redistributable (x64) - 11.0.61030 (HKLM-x32\...\{ca67548a-5ebe-413a-b50c-4b9ceb6d66c6}) (Version: 11.0.61030.0 - Microsoft Corporation)
Microsoft Visual C++ 2012 Redistributable (x86) - 11.0.61030 (HKLM-x32\...\{33d1fd90-4274-48a1-9bc1-97e33d9c2d6f}) (Version: 11.0.61030.0 - Microsoft Corporation)
Microsoft Visual C++ 2012 x64 Additional Runtime - 11.0.61030 (HKLM\...\{37B8F9C7-03FB-3253-8781-2517C99D7C00}) (Version: 11.0.61030 - Microsoft Corporation) Hidden
Microsoft Visual C++ 2012 x64 Minimum Runtime - 11.0.61030 (HKLM\...\{CF2BEA3C-26EA-32F8-AA9B-331F7E34BA97}) (Version: 11.0.61030 - Microsoft Corporation) Hidden
Microsoft Visual C++ 2012 x86 Additional Runtime - 11.0.61030 (HKLM-x32\...\{B175520C-86A2-35A7-8619-86DC379688B9}) (Version: 11.0.61030 - Microsoft Corporation) Hidden
Microsoft Visual C++ 2012 x86 Minimum Runtime - 11.0.61030 (HKLM-x32\...\{BD95A8CD-1D9F-35AD-981A-3E7925026EBB}) (Version: 11.0.61030 - Microsoft Corporation) Hidden
Microsoft Visual C++ 2013 Redistributable (x64) - 12.0.30501 (HKLM-x32\...\{050d4fc8-5d48-4b8f-8972-47c82c46020f}) (Version: 12.0.30501.0 - Microsoft Corporation)
Microsoft Visual C++ 2013 Redistributable (x64) - 12.0.40664 (HKLM-x32\...\{042d26ef-3dbe-4c25-95d3-4c1b11b235a7}) (Version: 12.0.40664.0 - Microsoft Corporation)
Microsoft Visual C++ 2013 Redistributable (x86) - 12.0.30501 (HKLM-x32\...\{f65db027-aff3-4070-886a-0d87064aabb1}) (Version: 12.0.30501.0 - Microsoft Corporation)
Microsoft Visual C++ 2013 Redistributable (x86) - 12.0.40664 (HKLM-x32\...\{9dff3540-fc85-4ed5-ac84-9e3c7fd8bece}) (Version: 12.0.40664.0 - Microsoft Corporation)
Microsoft Visual C++ 2013 x64 Additional Runtime - 12.0.40664 (HKLM\...\{010792BA-551A-3AC0-A7EF-0FAB4156C382}) (Version: 12.0.40664 - Microsoft Corporation) Hidden
Microsoft Visual C++ 2013 x64 Minimum Runtime - 12.0.40664 (HKLM\...\{53CF6934-A98D-3D84-9146-FC4EDF3D5641}) (Version: 12.0.40664 - Microsoft Corporation) Hidden
Microsoft Visual C++ 2013 x86 Additional Runtime - 12.0.40664 (HKLM-x32\...\{D401961D-3A20-3AC7-943B-6139D5BD490A}) (Version: 12.0.40664 - Microsoft Corporation) Hidden
Microsoft Visual C++ 2013 x86 Minimum Runtime - 12.0.40664 (HKLM-x32\...\{8122DAB1-ED4D-3676-BB0A-CA368196543E}) (Version: 12.0.40664 - Microsoft Corporation) Hidden
Microsoft Visual C++ 2015-2022 Redistributable (x64) - 14.44.35211 (HKLM-x32\...\{d8bbe9f9-7c5b-42c6-b715-9ee898a2e515}) (Version: 14.44.35211.0 - Microsoft Corporation)
Microsoft Visual C++ 2015-2022 Redistributable (x86) - 14.44.35211 (HKLM-x32\...\{0b5169e3-39da-4313-808e-1f9c0407f3bf}) (Version: 14.44.35211.0 - Microsoft Corporation)
Microsoft Visual C++ 2022 X64 Additional Runtime - 14.44.35211 (HKLM\...\{86AB2CC9-08BD-4643-B0F9-F82D006D72FF}) (Version: 14.44.35211 - Microsoft Corporation) Hidden
Microsoft Visual C++ 2022 X64 Minimum Runtime - 14.44.35211 (HKLM\...\{43B0D101-A022-48F4-9D04-BA404CEB1D53}) (Version: 14.44.35211 - Microsoft Corporation) Hidden
Microsoft Visual C++ 2022 X86 Additional Runtime - 14.44.35211 (HKLM-x32\...\{C18FB403-1E88-43C8-AD8A-CED50F23DE8B}) (Version: 14.44.35211 - Microsoft Corporation) Hidden
Microsoft Visual C++ 2022 X86 Minimum Runtime - 14.44.35211 (HKLM-x32\...\{922480B5-CAEB-4B1B-AAA4-9716EFDCE26B}) (Version: 14.44.35211 - Microsoft Corporation) Hidden
Microsoft Windows Desktop Runtime - 8.0.12 (x64) (HKLM\...\{71CD19D6-C448-4B5D-9A38-018741753290}) (Version: 64.48.26178 - Microsoft Corporation) Hidden
Microsoft Windows Desktop Runtime - 8.0.12 (x64) (HKLM-x32\...\{aafaa0cc-b975-4ffa-ba33-8690e64683c4}) (Version: 8.0.12.34404 - Microsoft Corporation)
NVIDIA App 11.0.5.245 (HKLM\...\{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_Display.NvApp) (Version: 11.0.5.245 - NVIDIA Corporation)
NVIDIA FrameView SDK 1.5.11504.36206172 (HKLM\...\{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_FrameViewSdk) (Version: 1.5.11504.36206172 - NVIDIA Corporation)
NVIDIA Ovladač HD audia 1.4.3.2 (HKLM\...\{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_HDAudio.Driver) (Version: 1.4.3.2 - NVIDIA Corporation)
NVIDIA Ovladače grafiky 572.83 (HKLM\...\{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_Display.Driver) (Version: 572.83 - NVIDIA Corporation)
NVIDIA Systémový software PhysX 9.23.1019 (HKLM\...\{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_Display.PhysX) (Version: 9.23.1019 - NVIDIA Corporation)
Paradox Launcher v2 (HKLM\...\{037127A0-71F6-4225-8051-C864AC4B66EF}) (Version: 2.4.0 - Paradox Interactive) Hidden
Paradox Launcher v2 (HKU\S-1-5-21-4128302332-195506509-195615000-1001\...\{08b7d3d2-192e-4a0a-a849-23bc8881dfb7}) (Version: 1.0.0.0 - Paradox Interactive)
Paradox Launcher v2 (HKU\S-1-5-21-4128302332-195506509-195615000-1001\...\{fbc6fc79-66e8-4119-8274-8b19b2b06859}) (Version: 1.0.0.0 - Paradox Interactive)
Patriot Viper DRAM RGB (HKLM\...\{1F9C282E-CCB4-4D8E-A5CB-7B74DFCD8C95}) (Version: 1.0.9.8 - Patriot Memory) Hidden
Patriot Viper DRAM RGB (HKLM-x32\...\{55993b50-5bec-47c8-8b2b-1aecad927e48}) (Version: 1.0.9.8 - Patriot Memory) Hidden
Patriot Viper M2 SSD RGB (HKLM\...\{8B4C0A3D-C135-4E1F-98D8-3926494B4D61}) (Version: 1.1.0.3 - Patriot Memory) Hidden
Patriot Viper M2 SSD RGB (HKLM-x32\...\{6e0eff60-c502-43bb-8f56-360ca07e73d9}) (Version: 1.1.0.3 - Patriot Memory) Hidden
PCM Fast Editor (HKU\S-1-5-21-4128302332-195506509-195615000-1001\...\b4e96ac10814a05a) (Version: 3.6.0.0 - PCM Fast Editor)
Promontory_GPIO Driver (HKLM-x32\...\{B5512BCC-F4CD-4159-86A4-B2AD7D38FFA9}) (Version: 3.0.1.0 - Advanced Micro Devices, Inc.) Hidden
Realtek Audio Driver (HKLM-x32\...\{F132AF7F-7BCA-4EDE-8A7C-958108FE7DBC}) (Version: 6.0.9448.1 - Realtek Semiconductor Corp.)
Realtek Ethernet Controller Driver (HKLM-x32\...\{8833FFB6-5B0C-4764-81AA-06DFEED9A476}) (Version: 11.19.0704.2024 - Realtek)
Rockstar Games Launcher (HKLM-x32\...\Rockstar Games Launcher) (Version: 1.0.100.2288_S01_RC6 - Rockstar Games)
Rockstar Games SDK (HKLM-x32\...\Rockstar Games Social Club) (Version: 2.4.0.18 - Rockstar Games)
ROG FAN XPERT 4 (HKLM-x32\...\{2dfe216d-3481-4684-ad4d-2566bd7cfe4f}) (Version: 4.02.04 - ASUSTek Computer Inc.)
ROG Live Service (HKLM\...\{2D87BFB6-C184-4A59-9BBE-3E20CE797631}) (Version: 2.4.26.0 - ASUSTek COMPUTER INC.)
ROGFontInstaller (HKLM\...\{605108C1-153E-43D8-8A67-7CE326B00ECA}) (Version: 1.0.0 - ASUS)
Sid Meiers Civilization VI (HKLM-x32\...\Sid Meiers Civilization VI_is1) (Version: 0.0.0 - DODI-Repacks)
Steam (HKLM-x32\...\Steam) (Version: 2.10.91.91 - Valve Corporation)
Total Commander 64-bit (Remove or Repair) (HKLM\...\Totalcmd64) (Version: 11.03 - Ghisler Software GmbH)
Universal Holtek RGB DRAM (HKLM\...\{826388E4-E31F-4514-948B-3BB954FB3EAF}) (Version: 1.0.0.7 - PD) Hidden
Universal Holtek RGB DRAM (HKLM-x32\...\{9a732423-e2f4-47d0-87ab-ef745c7dba69}) (Version: 1.0.0.7 - PD) Hidden
UXP WebView Support (HKLM-x32\...\UXPW_1_1_0) (Version: 1.1.0 - Adobe Inc.)
VGA (HKLM-x32\...\{0f87ebb7-aabb-43e5-9c5d-28744f517468}) (Version: 3.01.05 - ASUSTek Computer Inc.)
VLC media player (HKLM\...\VLC media player) (Version: 3.0.21 - VideoLAN)
Wargaming.net Game Center (HKU\S-1-5-21-4128302332-195506509-195615000-1001\...\Wargaming.net Game Center) (Version: 25.4.0.7 - Wargaming.net)
WD_BLACK AN1500 (HKLM\...\{085E2365-0A70-4230-B664-02D5E4FE7E9C}) (Version: 1.0.14.0 - ENE TECHNOLOGY INC.) Hidden
WD_BLACK AN1500 (HKLM-x32\...\{e42c5874-37b0-4977-9e8d-70bf006e1f76}) (Version: 1.0.14.0 - ENE TECHNOLOGY INC.) Hidden
WeMod (HKU\S-1-5-21-4128302332-195506509-195615000-1001\...\WeMod) (Version: 11.6.0 - WeMod)
WinRAR 7.01 (64-bit) (HKLM\...\WinRAR archiver) (Version: 7.01.0 - win.rar GmbH)
XnView MP (x64) (HKLM\...\XnView MP (x64)_is1) (Version: 1.8.0.0 - Pierre-e Gougelet)
Packages:
=========
@{MicrosoftWindows.55182690.Taskbar_1000.26100.3775.0_x64__cw5n1h2txyewy?ms-resource://MicrosoftWindows.55182690.Taskbar/Resources/ProductPkgDisplayName} -> C:\WINDOWS\SystemApps\SxS\MicrosoftWindows.55182690.Taskbar_cw5n1h2txyewy [2025-06-13] ()
Armoury Crate -> C:\Program Files\ASUS\AacAmbientHal [2024-09-06] (Sparse Package)
Armoury Crate -> C:\Program Files\WindowsApps\B9ECED6F.ArmouryCrate_6.3.4.0_x64__qmba6cd70vzyy [2025-09-13] (ASUSTeK COMPUTER INC.)
Balíček prostředí funkcí systému Windows -> C:\WINDOWS\SystemApps\SxS\MicrosoftWindows.58683691.InpApp_cw5n1h2txyewy [2025-10-15] (Microsoft Windows)
Bitdefender CL Contextual Menu -> C:\Program Files\Bitdefender\Bitdefender Security App [2025-10-24] (Bitdefender)
DTS Audio Processing -> C:\Program Files\WindowsApps\DTSInc.DTSAudioProcessing_1.10.15.0_x64__t5j2fzbtdg37r [2024-09-06] (DTS, Inc.)
Malwarebytes Anti-Malware -> C:\Program Files\Malwarebytes\Anti-Malware [2025-10-18] ()
NVIDIA Control Panel -> C:\Program Files\WindowsApps\NVIDIACorp.NVIDIAControlPanel_8.1.968.0_x64__56jybvy8sckqj [2025-06-11] (NVIDIA Corp.)
Realtek Audio Control -> C:\Program Files\WindowsApps\RealtekSemiconductorCorp.RealtekAudioControl_1.40.287.0_x64__dt26b99r8h8gj [2025-01-12] (Realtek Semiconductor Corp)
WinRAR -> C:\Program Files\WinRAR [2024-09-26] (win.rar GmbH)
==================== Custom CLSID (Whitelisted): ==============
(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)
CustomCLSID: HKU\S-1-5-21-4128302332-195506509-195615000-1001_Classes\CLSID\{47E6DCAF-41F8-441C-BD0E-A50D5FE6C4D1}\localserver32 -> C:\Users\PF\AppData\Local\Microsoft\OneDrive\25.184.0921.0004\OneDrive.Sync.Service.exe (Microsoft Corporation -> Microsoft Corporation)
CustomCLSID: HKU\S-1-5-21-4128302332-195506509-195615000-1001_Classes\CLSID\{917E8742-AA3B-7318-FA12-10485FB322A2}\localserver32 -> C:\Users\PF\AppData\Local\Microsoft\OneDrive\25.184.0921.0004\OneDrive.Sync.Service.exe (Microsoft Corporation -> Microsoft Corporation)
CustomCLSID: HKU\S-1-5-21-4128302332-195506509-195615000-1001_Classes\CLSID\{DFF20505-B08F-455B-AD70-4FBD055088E0}\localserver32 -> C:\Program Files\Google\Chrome\Application\PlatformExperienceHelper\platform_experience_helper.exe (Google LLC -> Google LLC)
CustomCLSID: HKU\S-1-5-21-4128302332-195506509-195615000-1001_Classes\CLSID\{e8f730f9-11df-438b-8df9-9fc76d2ca62d}\InprocServer32 -> C:\WINDOWS\system32\dfshim.dll (Microsoft Windows -> Microsoft Corporation)
ShellIconOverlayIdentifiers: [ AccExtIco1] -> {AB9CF9F8-8A96-4F9D-BF21-CE85714C3A47} => C:\Program Files (x86)\Common Files\Adobe\CoreSyncExtension\CoreSync_x64.dll [2023-01-11] (Adobe Inc. -> )
ShellIconOverlayIdentifiers: [ AccExtIco2] -> {853B7E05-C47D-4985-909A-D0DC5C6D7303} => C:\Program Files (x86)\Common Files\Adobe\CoreSyncExtension\CoreSync_x64.dll [2023-01-11] (Adobe Inc. -> )
ShellIconOverlayIdentifiers: [ AccExtIco3] -> {42D38F2E-98E9-4382-B546-E24E4D6D04BB} => C:\Program Files (x86)\Common Files\Adobe\CoreSyncExtension\CoreSync_x64.dll [2023-01-11] (Adobe Inc. -> )
ContextMenuHandlers1: [AccExt] -> {2A118EB5-5797-4F5E-8B3D-F4ECBA3C98E4} => C:\Program Files (x86)\Common Files\Adobe\CoreSyncExtension\CoreSync_x64.dll [2023-01-11] (Adobe Inc. -> )
ContextMenuHandlers3: [MBAMShlExt] -> {57CE581A-0CB6-4266-9CA0-19364C90A0B3} => C:\Program Files\Malwarebytes\Anti-Malware\mbshlext.dll [2025-10-18] (Malwarebytes Inc -> Malwarebytes)
ContextMenuHandlers5: [NvCplDesktopContext] -> {3D1975AF-48C6-4f8e-A182-BE0E08FA86A9} => C:\WINDOWS\System32\DriverStore\FileRepository\nv_dispi.inf_amd64_9d15b9aa9e1c885b\nvshext.dll [2025-03-15] (NVIDIA Corporation -> NVIDIA Corporation)
ContextMenuHandlers6: [AccExt] -> {2A118EB5-5797-4F5E-8B3D-F4ECBA3C98E4} => C:\Program Files (x86)\Common Files\Adobe\CoreSyncExtension\CoreSync_x64.dll [2023-01-11] (Adobe Inc. -> )
ContextMenuHandlers6: [MBAMShlExt] -> {57CE581A-0CB6-4266-9CA0-19364C90A0B3} => C:\Program Files\Malwarebytes\Anti-Malware\mbshlext.dll [2025-10-18] (Malwarebytes Inc -> Malwarebytes)
==================== Codecs (Whitelisted) ====================
(If an entry is included in the fixlist, the registry item will be restored to default or removed. The file will not be moved.)
HKLM\...\Drivers32: [MidisrvTransferComplete] => 0
==================== Shortcuts & WMI ========================
==================== Loaded Modules (Whitelisted) =============
2024-09-06 10:54 - 2024-07-03 16:49 - 000346112 _____ () [File not signed] \\?\C:\Program Files (x86)\ASUS\ArmouryDevice\resources\app.asar.unpacked\node_modules\@img\sharp-win32-ia32\lib\sharp-win32-ia32.node
2024-09-06 10:54 - 2024-08-13 15:58 - 000449536 _____ () [File not signed] \\?\C:\Program Files (x86)\ASUS\ArmouryDevice\resources\app.asar.unpacked\node_modules\ac_node_addon\build\Release\ac_node_addon.node
2025-04-01 15:31 - 2025-09-28 19:33 - 000000000 ___JL (NVIDIA Corporation) [symlink -> C:\Program Files\NVIDIA Corporation\NVIDIA App\MessageBus\NvMessageBusBroadcast.dll] C:\Program Files\NVIDIA Corporation\NvContainer\plugins\LocalSystem\NvMessageBusBroadcast.dll
==================== Alternate Data Streams (Whitelisted) ========
(If an entry is included in the fixlist, only the ADS will be removed.)
AlternateDataStreams: C:\WINDOWS\system32\Drivers\IOMap64.sys-old:BDU [1]
==================== Safe Mode (Whitelisted) ==================
(If an entry is included in the fixlist, it will be removed from the registry. The "AlternateShell" will be restored.)
HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\MBAMService => ""="Service"
HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Network\MBAMService => ""="Service"
==================== Association (Whitelisted) =================
==================== Internet Explorer (Whitelisted) =============
HKLM\Software\Microsoft\Internet Explorer\Main,Start Page = about:blank
HKU\S-1-5-21-4128302332-195506509-195615000-1001\Software\Microsoft\Internet Explorer\Main,Start Page = about:blank
==================== Hosts content: =========================
(If needed Hosts: directive could be included in the fixlist to reset Hosts.)
2022-05-07 07:24 - 2022-05-07 07:22 - 000000824 _____ C:\WINDOWS\system32\drivers\etc\hosts
==================== Network ===========================
(Currently there is no automatic fix for this section.)
DNS Servers: 192.168.1.1
Windows Firewall is enabled.
Network Binding:
=============
Ethernet: Realtek Gaming 2.5GbE Family Controller -> rt25cx21x64.sys
==================== Other Areas ===========================
(Currently there is no automatic fix for this section.)
HKU\S-1-5-21-4128302332-195506509-195615000-1001\Control Panel\Desktop\\Wallpaper -> C:\Users\PF\AppData\Local\Packages\MicrosoftWindows.Client.CBS_cw5n1h2txyewy\LocalCache\Microsoft\IrisService\6249864642006272456\134057928911189025.jpg
HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Policies\System => (ConsentPromptBehaviorAdmin: 5) (ConsentPromptBehaviorUser: 3) (EnableLUA: 1)
HKLM\SOFTWARE\Microsoft\Windows Defender\Features => (TamperProtection: 1) (TamperProtectionSource: 5)
HKLM\SOFTWARE\Microsoft\Windows Defender\Real-Time Protection => (DpaDisabled: 0)
==================== MSCONFIG/TASK MANAGER disabled items ==
(If an entry is included in the fixlist, it will be removed.)
HKLM\...\StartupApproved\Run: => "SecurityHealth"
HKLM\...\StartupApproved\Run32: => "Adobe CCXProcess"
HKU\S-1-5-21-4128302332-195506509-195615000-1001\...\StartupApproved\Run: => "OneDrive"
HKU\S-1-5-21-4128302332-195506509-195615000-1001\...\StartupApproved\Run: => "CCleaner Smart Cleaning"
HKU\S-1-5-21-4128302332-195506509-195615000-1001\...\StartupApproved\Run: => "Discord"
HKU\S-1-5-21-4128302332-195506509-195615000-1001\...\StartupApproved\Run: => "GarminExpress"
==================== FirewallRules (Whitelisted) ================
(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)
FirewallRules: [{D6C36929-F6FE-4252-87D1-DC3A5115D97C}] => (Allow) C:\Program Files (x86)\Steam\steamapps\common\KingdomComeDeliverance2\Bin\Win64MasterMasterSteamPGO\KingdomCome.exe (Warhorse Studios sro) [File not signed]
FirewallRules: [{984C40A3-75D6-43A7-ABBC-BB27827AAE5E}] => (Allow) C:\Program Files (x86)\Steam\steamapps\common\KingdomComeDeliverance2\Bin\Win64MasterMasterSteamPGO\KingdomCome.exe (Warhorse Studios sro) [File not signed]
FirewallRules: [UDP Query User{E3C17DF8-6069-4230-B13F-0A1E763FD21F}C:\program files (x86)\steam\steamapps\common\red dead redemption 2\rdr2.exe] => (Allow) C:\program files (x86)\steam\steamapps\common\red dead redemption 2\rdr2.exe (Rockstar Games, Inc. -> Rockstar Games)
FirewallRules: [TCP Query User{A632772F-EDDF-4C3C-858C-749CA7AA4D78}C:\program files (x86)\steam\steamapps\common\red dead redemption 2\rdr2.exe] => (Allow) C:\program files (x86)\steam\steamapps\common\red dead redemption 2\rdr2.exe (Rockstar Games, Inc. -> Rockstar Games)
FirewallRules: [{D6FD6E02-54E3-478A-88C2-D1309317A41C}] => (Allow) C:\Program Files (x86)\Steam\steamapps\common\Red Dead Redemption 2\PlayRDR2.exe (Rockstar Games, Inc. -> Rockstar Games)
FirewallRules: [{25887152-856E-4EF8-8E79-66C17895A311}] => (Allow) C:\Program Files (x86)\Steam\steamapps\common\Red Dead Redemption 2\PlayRDR2.exe (Rockstar Games, Inc. -> Rockstar Games)
FirewallRules: [{57EB2D09-5971-482C-A75F-D4C792E81F39}] => (Allow) C:\Program Files (x86)\ASUS\ArmouryDevice\dll\ArmourySocketServer\ArmouryHtmlDebugServer.exe (ASUSTeK COMPUTER INC. -> ASUS)
FirewallRules: [{1979123E-73FB-422E-9F6A-AA041872C45D}] => (Allow) C:\Program Files (x86)\ASUS\ArmouryDevice\dll\ArmourySocketServer\ArmourySocketServer.exe (ASUSTeK COMPUTER INC. -> ASUS)
FirewallRules: [{3E8E29E5-6BF4-4126-B22C-257B5AFC380B}] => (Allow) C:\Program Files (x86)\ASUS\ArmouryDevice\asus_framework.exe (ASUSTeK COMPUTER INC. -> ASUSTeK COMPUTER INC.)
FirewallRules: [{2E1F4C58-6882-4B5F-A1F2-1234700D37F5}] => (Allow) C:\Program Files\ASUS\ROG Live Service\ROGLiveService.exe (ASUSTeK COMPUTER INC. -> ASUSTek COMPUTER INC.)
FirewallRules: [{7373F272-6585-470E-B716-D4D66EBD9A33}] => (Allow) C:\Program Files\ASUS\ROG Live Service\ROGLiveService.exe (ASUSTeK COMPUTER INC. -> ASUSTek COMPUTER INC.)
FirewallRules: [{87A85880-791D-4BF4-8516-AEF910AB4FA0}] => (Allow) C:\Users\PF\AppData\Local\Programs\Opera\opera.exe => No File
FirewallRules: [{0635BD4C-B5AB-48F5-BF1C-9DB5D0371D4C}] => (Allow) C:\Program Files (x86)\Steam\steamapps\common\Manor Lords\ManorLords.exe (Epic Games, Inc.) [File not signed]
FirewallRules: [{D63D66F8-E131-4062-8EE0-A3786EBFCA0B}] => (Allow) C:\Program Files (x86)\Steam\steamapps\common\Manor Lords\ManorLords.exe (Epic Games, Inc.) [File not signed]
FirewallRules: [{71D96FD8-CB2C-435A-BE13-EEFC9E453EF0}] => (Allow) C:\Program Files\WindowsApps\MicrosoftTeams_24295.401.3195.9406_x64__8wekyb3d8bbwe\msteams.exe (Microsoft Corporation -> Microsoft Corporation)
FirewallRules: [{7A1B2571-B421-415A-954E-F0B792F0FB53}] => (Allow) C:\Program Files\WindowsApps\MicrosoftTeams_24295.401.3195.9406_x64__8wekyb3d8bbwe\msteams.exe (Microsoft Corporation -> Microsoft Corporation)
FirewallRules: [UDP Query User{65E3AF2E-D79F-4763-A3C1-21283DA39061}C:\games\world_of_tanks_eu\win64\worldoftanks.exe] => (Allow) C:\games\world_of_tanks_eu\win64\worldoftanks.exe => No File
FirewallRules: [TCP Query User{980249A4-00E1-4382-A3D2-5A20CDF625E5}C:\games\world_of_tanks_eu\win64\worldoftanks.exe] => (Allow) C:\games\world_of_tanks_eu\win64\worldoftanks.exe => No File
FirewallRules: [UDP Query User{82D5AFBA-9C57-44CE-B22F-C454BB5D09B8}C:\programdata\wargaming.net\gamecenter\wgc.exe] => (Allow) C:\programdata\wargaming.net\gamecenter\wgc.exe (Wargaming Group Limited -> Wargaming.net)
FirewallRules: [TCP Query User{D90BB98D-CF6B-42BC-B97F-05B3E1826EC2}C:\programdata\wargaming.net\gamecenter\wgc.exe] => (Allow) C:\programdata\wargaming.net\gamecenter\wgc.exe (Wargaming Group Limited -> Wargaming.net)
FirewallRules: [UDP Query User{CDDDA608-5EDB-4220-AA7B-62621774671F}C:\program files (x86)\mediamonkey 5\mediamonkeyengine.exe] => (Allow) C:\program files (x86)\mediamonkey 5\mediamonkeyengine.exe (Ventis Media, Inc. -> Ventis Media Inc.)
FirewallRules: [TCP Query User{FDB85482-3AF6-49E1-BBAB-6DD5B2E69774}C:\program files (x86)\mediamonkey 5\mediamonkeyengine.exe] => (Allow) C:\program files (x86)\mediamonkey 5\mediamonkeyengine.exe (Ventis Media, Inc. -> Ventis Media Inc.)
FirewallRules: [{67B70CD6-CF5B-426F-824F-A1DB479D8B97}] => (Allow) C:\Program Files (x86)\Steam\steamapps\common\Pro Cycling Manager 2023\PCM64.exe (Cyanide SAS -> Cyanide)
FirewallRules: [{031134FE-A485-4CF5-8DA9-6F0E28CE290C}] => (Allow) C:\Program Files (x86)\Steam\steamapps\common\Pro Cycling Manager 2023\PCM64.exe (Cyanide SAS -> Cyanide)
FirewallRules: [{2F62165E-6E64-4EAE-8749-1972D05C1456}] => (Allow) C:\Program Files (x86)\Steam\steamapps\common\Medieval Dynasty\Medieval_Dynasty.exe (Epic Games, Inc.) [File not signed]
FirewallRules: [{2E710ACC-7D45-4FE4-8C57-AADD9F34DE9B}] => (Allow) C:\Program Files (x86)\Steam\steamapps\common\Medieval Dynasty\Medieval_Dynasty.exe (Epic Games, Inc.) [File not signed]
FirewallRules: [{504C5E70-6E32-48FC-948A-5D66355953BD}] => (Allow) C:\Program Files (x86)\Steam\steamapps\common\Panzer Corps 2\Launcher.exe (Slitherine Software UK Ltd. -> Slitherine Ltd.)
FirewallRules: [{D85B7E60-5437-4359-84ED-5B72E1AC6BD2}] => (Allow) C:\Program Files (x86)\Steam\steamapps\common\Panzer Corps 2\Launcher.exe (Slitherine Software UK Ltd. -> Slitherine Ltd.)
FirewallRules: [{45EA564F-0DA0-487B-B4D3-5441E59E8A48}] => (Allow) C:\Program Files (x86)\Steam\steamapps\common\Crusader Kings III\launcher\dowser.exe => No File
FirewallRules: [{B1451EE0-39B2-4632-9910-1825DFDFB24A}] => (Allow) C:\Program Files (x86)\Steam\steamapps\common\Crusader Kings III\launcher\dowser.exe => No File
FirewallRules: [{5CC3E867-12F5-429B-B330-49DF70DDC263}] => (Allow) C:\Program Files (x86)\Steam\steamapps\common\Eastside Hockey Manager\ehm.exe (Sports Interactive) [File not signed]
FirewallRules: [{AA65E7D4-14EA-4B51-8C27-E367C4C9E6A4}] => (Allow) C:\Program Files (x86)\Steam\steamapps\common\Eastside Hockey Manager\ehm.exe (Sports Interactive) [File not signed]
FirewallRules: [{8A16D8DB-D1BD-4796-BA68-63CCD972825C}] => (Allow) C:\Program Files (x86)\Steam\steamapps\common\Euro Truck Simulator 2\bin\win_x86\eurotrucks2.exe => No File
FirewallRules: [{4CBA6787-97AA-4F8A-88BA-952FFA88B545}] => (Allow) C:\Program Files (x86)\Steam\steamapps\common\Euro Truck Simulator 2\bin\win_x86\eurotrucks2.exe => No File
FirewallRules: [{2BAFB6C1-6E19-4A05-881D-384BA9942971}] => (Allow) C:\Program Files (x86)\Steam\steamapps\common\Euro Truck Simulator 2\bin\win_x64\eurotrucks2.exe (SCS Software s.r.o. -> SCS Software)
FirewallRules: [{14C17243-D203-48F2-854F-D0DD48A78A2E}] => (Allow) C:\Program Files (x86)\Steam\steamapps\common\Euro Truck Simulator 2\bin\win_x64\eurotrucks2.exe (SCS Software s.r.o. -> SCS Software)
FirewallRules: [{11EE5557-9081-41DB-A5CB-23489462EEF5}] => (Allow) C:\Program Files (x86)\Steam\steamapps\common\American Truck Simulator\bin\win_x64\amtrucks.exe (SCS Software s.r.o. -> SCS Software)
FirewallRules: [{C38C8582-3677-4065-8E88-3E1575C4FF4E}] => (Allow) C:\Program Files (x86)\Steam\steamapps\common\American Truck Simulator\bin\win_x64\amtrucks.exe (SCS Software s.r.o. -> SCS Software)
FirewallRules: [{4DE163A8-DD86-4E0B-AAB1-E60FA0044BCE}] => (Allow) C:\Program Files (x86)\Steam\steamapps\common\SovietRepublic\SETUPAPPLICATION SOVIET.exe (3DIVISION) [File not signed]
FirewallRules: [{DD8F66DF-52CF-42F2-968F-3D87A907D5C6}] => (Allow) C:\Program Files (x86)\Steam\steamapps\common\SovietRepublic\SETUPAPPLICATION SOVIET.exe (3DIVISION) [File not signed]
FirewallRules: [{5DDF0042-3BD7-4132-8DAC-7B8DA641F7B9}] => (Allow) C:\Program Files (x86)\Steam\bin\cef\cef.win7x64\steamwebhelper.exe (Valve Corp. -> Valve Corporation)
FirewallRules: [{5A60B0A1-F1F7-453E-BF1B-8892DF04A0DD}] => (Allow) C:\Program Files (x86)\Steam\bin\cef\cef.win7x64\steamwebhelper.exe (Valve Corp. -> Valve Corporation)
FirewallRules: [{C91FCBCB-B0A4-4D06-B7CF-86425C79DFB2}] => (Allow) C:\Program Files (x86)\Steam\Steam.exe (Valve Corp. -> Valve Corporation)
FirewallRules: [{50367795-FC51-42F5-94CC-2CDF3249C474}] => (Allow) C:\Program Files (x86)\Steam\Steam.exe (Valve Corp. -> Valve Corporation)
FirewallRules: [{B1A76D68-6BE5-4FE4-AF61-C0C0AA9E3EF8}] => (Allow) C:\Program Files\Bitdefender\Bitdefender Security\bdntwrk.exe (Bitdefender SRL -> Bitdefender)
FirewallRules: [{D758CF11-C373-4CAC-B584-BCA849FBBBEE}] => (Allow) C:\Users\PF\AppData\Local\Packages\B9ECED6F.ArmouryCrate_qmba6cd70vzyy\LocalState\GridUpdateFile\ASUSGCDriverUpdateClient.exe (ASUSTeK COMPUTER INC. -> ASUSTeK Computer Inc.)
FirewallRules: [{EA991BF6-88A3-4AB8-8A40-233B8BC6BECE}] => (Allow) C:\program files\asus\aacambienthal\aacambientlighting.exe (ASUSTeK COMPUTER INC. -> )
FirewallRules: [{A504A328-C504-4703-A478-4C21312922BB}] => (Allow) C:\Program Files\ASUS\AacAmbientHal\AacAmbientLighting.exe (ASUSTeK COMPUTER INC. -> )
FirewallRules: [TCP Query User{53384861-CD30-4DB7-BCE8-FE1FCF92B7FD}C:\program files\videolan\vlc\vlc.exe] => (Block) C:\program files\videolan\vlc\vlc.exe (VideoLAN -> VideoLAN)
FirewallRules: [UDP Query User{7F44CEFA-9551-4D75-83B9-7A976EB18313}C:\program files\videolan\vlc\vlc.exe] => (Block) C:\program files\videolan\vlc\vlc.exe (VideoLAN -> VideoLAN)
FirewallRules: [TCP Query User{1C8E7410-BA09-4FAC-BFF1-62A76176936E}C:\users\pf\appdata\local\wemod\app-10.16.0\wemod.exe] => (Block) C:\users\pf\appdata\local\wemod\app-10.16.0\wemod.exe => No File
FirewallRules: [UDP Query User{8B8EB390-3E45-4042-A96A-F2E6B6A1B739}C:\users\pf\appdata\local\wemod\app-10.16.0\wemod.exe] => (Block) C:\users\pf\appdata\local\wemod\app-10.16.0\wemod.exe => No File
FirewallRules: [TCP Query User{F1C86033-95EA-4CF5-8086-A42877815B66}C:\program files (x86)\steam\steamapps\common\medieval dynasty\medieval_dynasty\binaries\win64\medieval_dynasty-win64-shipping.exe] => (Allow) C:\program files (x86)\steam\steamapps\common\medieval dynasty\medieval_dynasty\binaries\win64\medieval_dynasty-win64-shipping.exe (Render Cube, Toplitz Productions) [File not signed]
FirewallRules: [UDP Query User{D0EDC899-FD22-4A8D-944A-1FF03936408D}C:\program files (x86)\steam\steamapps\common\medieval dynasty\medieval_dynasty\binaries\win64\medieval_dynasty-win64-shipping.exe] => (Allow) C:\program files (x86)\steam\steamapps\common\medieval dynasty\medieval_dynasty\binaries\win64\medieval_dynasty-win64-shipping.exe (Render Cube, Toplitz Productions) [File not signed]
FirewallRules: [{55B5F319-97E4-41B6-80F7-B5614A3668BF}] => (Allow) C:\Program Files (x86)\Steam\steamapps\common\Sengoku Dynasty\SengokuDynasty.exe (Epic Games, Inc.) [File not signed]
FirewallRules: [{315A2CD0-05E0-4A06-8EE1-3E609F32B2BB}] => (Allow) C:\Program Files (x86)\Steam\steamapps\common\Sengoku Dynasty\SengokuDynasty.exe (Epic Games, Inc.) [File not signed]
FirewallRules: [TCP Query User{D9FB20ED-E6F1-4D4E-8826-0F36B195F847}C:\program files (x86)\steam\steamapps\common\sengoku dynasty\sengokudynasty\binaries\win64\sengokudynasty-win64-shipping.exe] => (Allow) C:\program files (x86)\steam\steamapps\common\sengoku dynasty\sengokudynasty\binaries\win64\sengokudynasty-win64-shipping.exe (Epic Games, Inc.) [File not signed]
FirewallRules: [UDP Query User{90B7D90F-5D2B-41D6-A3FE-AFB43C8ABEBE}C:\program files (x86)\steam\steamapps\common\sengoku dynasty\sengokudynasty\binaries\win64\sengokudynasty-win64-shipping.exe] => (Allow) C:\program files (x86)\steam\steamapps\common\sengoku dynasty\sengokudynasty\binaries\win64\sengokudynasty-win64-shipping.exe (Epic Games, Inc.) [File not signed]
FirewallRules: [TCP Query User{5FAF7DBC-B815-44B1-B86B-D825F2484C4D}C:\program files\epic games\sidmeierscivilizationvi\base\binaries\win64eos\civilizationvi.exe] => (Allow) C:\program files\epic games\sidmeierscivilizationvi\base\binaries\win64eos\civilizationvi.exe => No File
FirewallRules: [UDP Query User{E8355F29-34A6-49B8-A65C-71D57256E6B1}C:\program files\epic games\sidmeierscivilizationvi\base\binaries\win64eos\civilizationvi.exe] => (Allow) C:\program files\epic games\sidmeierscivilizationvi\base\binaries\win64eos\civilizationvi.exe => No File
FirewallRules: [TCP Query User{903C969E-C71A-4B4E-9D73-4D1E44500E1E}C:\users\pf\appdata\roaming\utorrent\utorrent.exe] => (Allow) C:\users\pf\appdata\roaming\utorrent\utorrent.exe => No File
FirewallRules: [UDP Query User{D480083E-69E8-4B41-BB27-D0D48BFADD1E}C:\users\pf\appdata\roaming\utorrent\utorrent.exe] => (Allow) C:\users\pf\appdata\roaming\utorrent\utorrent.exe => No File
FirewallRules: [TCP Query User{2C50C7C8-4DBA-4FBC-B38E-BFA81D366788}C:\users\pf\downloads\sid.meiers.civilization.vi.v1.0.12.31.all.dlc\sid.meiers.civilization.vi.v1.0.12.31.all.dlc\game\launchpad\launchpad.exe] => (Allow) C:\users\pf\downloads\sid.meiers.civilization.vi.v1.0.12.31.all.dlc\sid.meiers.civilization.vi.v1.0.12.31.all.dlc\game\launchpad\launchpad.exe => No File
FirewallRules: [UDP Query User{158E490A-B4BA-491C-90D3-36531CE4CC51}C:\users\pf\downloads\sid.meiers.civilization.vi.v1.0.12.31.all.dlc\sid.meiers.civilization.vi.v1.0.12.31.all.dlc\game\launchpad\launchpad.exe] => (Allow) C:\users\pf\downloads\sid.meiers.civilization.vi.v1.0.12.31.all.dlc\sid.meiers.civilization.vi.v1.0.12.31.all.dlc\game\launchpad\launchpad.exe => No File
FirewallRules: [TCP Query User{D9133B11-F28A-43DF-BDB9-01B4D1D30D19}C:\users\pf\downloads\sid.meiers.civilization.vi.v1.0.12.31.all.dlc\sid.meiers.civilization.vi.v1.0.12.31.all.dlc\game\base\binaries\win64steam\civilizationvi_dx12.exe] => (Allow) C:\users\pf\downloads\sid.meiers.civilization.vi.v1.0.12.31.all.dlc\sid.meiers.civilization.vi.v1.0.12.31.all.dlc\game\base\binaries\win64steam\civilizationvi_dx12.exe => No File
FirewallRules: [UDP Query User{68FEDBA4-8179-40CC-80B0-E44B88963A6E}C:\users\pf\downloads\sid.meiers.civilization.vi.v1.0.12.31.all.dlc\sid.meiers.civilization.vi.v1.0.12.31.all.dlc\game\base\binaries\win64steam\civilizationvi_dx12.exe] => (Allow) C:\users\pf\downloads\sid.meiers.civilization.vi.v1.0.12.31.all.dlc\sid.meiers.civilization.vi.v1.0.12.31.all.dlc\game\base\binaries\win64steam\civilizationvi_dx12.exe => No File
FirewallRules: [TCP Query User{933EF013-B127-4CEF-BB55-D6BE97B8C3B9}C:\games\sid.meiers.civilization.vi.v1.0.12.31.all.dlc\game\base\binaries\win64steam\civilizationvi_dx12.exe] => (Allow) C:\games\sid.meiers.civilization.vi.v1.0.12.31.all.dlc\game\base\binaries\win64steam\civilizationvi_dx12.exe => No File
FirewallRules: [UDP Query User{576E0718-3876-460E-A990-248C71AD49B5}C:\games\sid.meiers.civilization.vi.v1.0.12.31.all.dlc\game\base\binaries\win64steam\civilizationvi_dx12.exe] => (Allow) C:\games\sid.meiers.civilization.vi.v1.0.12.31.all.dlc\game\base\binaries\win64steam\civilizationvi_dx12.exe => No File
FirewallRules: [TCP Query User{FA9A8370-F1E2-47F4-97FA-28E57CB2D378}C:\program files (x86)\dodi-repacks\sid meiers civilization vi\base\binaries\win64steam\civilizationvi.exe] => (Allow) C:\program files (x86)\dodi-repacks\sid meiers civilization vi\base\binaries\win64steam\civilizationvi.exe (Firaxis Games) [File not signed]
FirewallRules: [UDP Query User{2116A10C-56BD-4847-A9A3-F521110E83E1}C:\program files (x86)\dodi-repacks\sid meiers civilization vi\base\binaries\win64steam\civilizationvi.exe] => (Allow) C:\program files (x86)\dodi-repacks\sid meiers civilization vi\base\binaries\win64steam\civilizationvi.exe (Firaxis Games) [File not signed]
FirewallRules: [TCP Query User{F57A0A10-F406-467D-83F9-75E59DA11637}C:\users\pf\appdata\local\wemod\app-11.6.0\wemod.exe] => (Block) C:\users\pf\appdata\local\wemod\app-11.6.0\wemod.exe (WeMod LLC -> WeMod)
FirewallRules: [UDP Query User{C1DAD7DF-A6A6-4685-BA56-AC3ADA606D0F}C:\users\pf\appdata\local\wemod\app-11.6.0\wemod.exe] => (Block) C:\users\pf\appdata\local\wemod\app-11.6.0\wemod.exe (WeMod LLC -> WeMod)
FirewallRules: [{775A3C8E-BB46-4F34-BB06-2078B1AB2E9C}] => (Allow) C:\Program Files (x86)\Steam\steamapps\common\Franchise Hockey Manager 11\fhm11.exe (Out of the Park Developments GmbH -> Out of the Park Developments)
FirewallRules: [{7E256304-8929-487E-B0C3-C443AFD5966D}] => (Allow) C:\Program Files (x86)\Steam\steamapps\common\Franchise Hockey Manager 11\fhm11.exe (Out of the Park Developments GmbH -> Out of the Park Developments)
FirewallRules: [{1421A975-47C7-4333-991F-2083FBAA936F}] => (Allow) C:\Program Files\Google\Chrome\Application\chrome.exe (Google LLC -> Google LLC)
==================== Restore Points =========================
18-10-2025 19:25:52 Windows Update
21-10-2025 19:53:15 Windows Update
21-10-2025 19:53:15 Windows Update
==================== Faulty Device Manager Devices ============
==================== Event log errors: ========================
Application errors:
==================
Error: (10/24/2025 08:35:24 PM) (Source: Microsoft-Windows-Perflib) (EventID: 1023) (User: NT AUTHORITY)
Description: Systém Windows nemůže načíst knihovnu DLL rozšiřitelných čítačů C:\WINDOWS\system32\sysmain.dll (kód chyby Win32 126).
Error: (10/24/2025 08:34:18 PM) (Source: Application Error) (EventID: 1000) (User: DESKTOP-KGQ0GUC)
Description: Název chybující aplikace: ArmourySocketServer.exe, verze: 0.1.20.18, časové razítko: 0x6721a440
Název chybujícího modulu: ArmourySocketServer.exe, verze: 0.1.20.18, časové razítko: 0x6721a440
Kód výjimky: 0xc0000409
Posun chyby: 0x00000000001201d1
ID chybujícího procesu: 0x2854
Čas spuštění chybující aplikace: 0x1dc44bf4274e44f
Cesta k chybující aplikaci: C:\Program Files (x86)\ASUS\ArmouryDevice\dll\ArmourySocketServer\ArmourySocketServer.exe
Cesta k chybujícímu modulu: C:\Program Files (x86)\ASUS\ArmouryDevice\dll\ArmourySocketServer\ArmourySocketServer.exe
ID sestavy: a73ee7cd-915c-4717-abce-959eb4ced154
Celý název chybujícího balíčku:
ID chybující aplikace relativní vzhledem k balíčku:
Error: (10/23/2025 09:18:29 PM) (Source: VSS) (EventID: 8193) (User: )
Description: Chyba služby Stínová kopie svazků: Při volání rutiny CoCreateInstance došlo k neočekávané chybě. hr= 0x8007045b, Probíhá vypnutí systému..
Error: (10/23/2025 09:18:29 PM) (Source: VSS) (EventID: 13) (User: )
Description: Informace služby Stínová kopie svazku: Server COM s identifikátorem CLSID {4e14fba2-2e22-11d1-9964-00c04fbbb345} a názvem CEventSystem nelze spustit. [0x8007045b, Probíhá vypnutí systému.]
Error: (10/23/2025 09:18:29 PM) (Source: VSS) (EventID: 8193) (User: )
Description: Chyba služby Stínová kopie svazků: Při volání rutiny CoCreateInstance došlo k neočekávané chybě. hr= 0x8007045b, Probíhá vypnutí systému..
Error: (10/23/2025 09:18:29 PM) (Source: VSS) (EventID: 13) (User: )
Description: Informace služby Stínová kopie svazku: Server COM s identifikátorem CLSID {4e14fba2-2e22-11d1-9964-00c04fbbb345} a názvem CEventSystem nelze spustit. [0x8007045b, Probíhá vypnutí systému.]
Error: (10/23/2025 10:58:23 AM) (Source: VSS) (EventID: 8193) (User: )
Description: Chyba služby Stínová kopie svazků: Při volání rutiny CoCreateInstance došlo k neočekávané chybě. hr= 0x8007045b, Probíhá vypnutí systému..
Error: (10/23/2025 10:58:23 AM) (Source: VSS) (EventID: 13) (User: )
Description: Informace služby Stínová kopie svazku: Server COM s identifikátorem CLSID {4e14fba2-2e22-11d1-9964-00c04fbbb345} a názvem CEventSystem nelze spustit. [0x8007045b, Probíhá vypnutí systému.]
System errors:
=============
Error: (10/24/2025 08:34:21 PM) (Source: DCOM) (EventID: 10010) (User: DESKTOP-KGQ0GUC)
Description: Server Microsoft.AAD.BrokerPlugin_1000.19580.1000.2_neutral_neutral_cw5n1h2txyewy!Windows.Security.Authentication.Web.Core.BackgroundGetTokenTask.ClassId.WebAccountProvider se v daném časovém limitu neregistroval u služby DCOM.
Error: (10/24/2025 08:34:20 PM) (Source: DCOM) (EventID: 10010) (User: DESKTOP-KGQ0GUC)
Description: Server Microsoft.AAD.BrokerPlugin_1000.19580.1000.2_neutral_neutral_cw5n1h2txyewy!Windows.Security.Authentication.Web.Core.BackgroundGetTokenTask.ClassId.WebAccountProvider se v daném časovém limitu neregistroval u služby DCOM.
Error: (10/23/2025 09:02:48 PM) (Source: Microsoft-Windows-WindowsUpdateClient) (EventID: 20) (User: NT AUTHORITY)
Description: Instalace se nezdařila: Instalování následující aktualizace se nezdařilo z důvodu chyby (0x80246007): Aktualizace pro Windows Security platform – KB5007651 (verze 10.0.29429.1000).
Error: (10/22/2025 07:55:30 PM) (Source: Microsoft-Windows-WindowsUpdateClient) (EventID: 20) (User: NT AUTHORITY)
Description: Instalace se nezdařila: Instalování následující aktualizace se nezdařilo z důvodu chyby (0x80073d02): 9MSSGKG348SP-MicrosoftWindows.Client.WebExperience.
Error: (10/21/2025 09:07:29 PM) (Source: Microsoft-Windows-WindowsUpdateClient) (EventID: 20) (User: NT AUTHORITY)
Description: Instalace se nezdařila: Instalování následující aktualizace se nezdařilo z důvodu chyby (0x80246007): Aktualizace pro Windows Security platform – KB5007651 (verze 10.0.29429.1000).
Error: (10/21/2025 07:53:35 PM) (Source: Microsoft-Windows-WindowsUpdateClient) (EventID: 20) (User: NT AUTHORITY)
Description: Instalace se nezdařila: Instalování následující aktualizace se nezdařilo z důvodu chyby (0x80073d02): 9NMPJ99VJBWV-Microsoft.YourPhone.
Error: (10/19/2025 01:00:53 PM) (Source: DCOM) (EventID: 10010) (User: DESKTOP-KGQ0GUC)
Description: Server {FD06603A-2BDF-4BB1-B7DF-5DC68F353601} se v daném časovém limitu neregistroval u služby DCOM.
Error: (10/19/2025 01:00:53 PM) (Source: DCOM) (EventID: 10010) (User: DESKTOP-KGQ0GUC)
Description: Server {FD06603A-2BDF-4BB1-B7DF-5DC68F353601} se v daném časovém limitu neregistroval u služby DCOM.
CodeIntegrity:
===============
Date: 2025-10-24 20:37:28
Description:
Code Integrity determined that a process (\Device\HarddiskVolume3\Windows\System32\svchost.exe) attempted to load \Device\HarddiskVolume3\Program Files\Bitdefender\Bitdefender Security\bdamsi\dlls_267059357120000000\antimalware_provider64.dll that did not meet the Windows signing level requirements.
==================== Memory info ===========================
BIOS: American Megatrends Inc. 1811 10/07/2023
Motherboard: ASUSTeK COMPUTER INC. TUF GAMING B650M-E
Processor: AMD Ryzen 5 7600 6-Core Processor
Percentage of memory in use: 29%
Total physical RAM: 31962.62 MB
Available physical RAM: 22531.76 MB
Total Virtual: 36570.62 MB
Available Virtual: 20695.99 MB
==================== Drives ================================
Drive c: () (Fixed) (Total:930.7 GB) (Free:281.85 GB) (Model: Lexar SSD NM710 1TB) NTFS
\\?\Volume{8e9a52dd-c2b3-4862-921b-c6575b6bb6fc}\ () (Fixed) (Total:0.7 GB) (Free:0.08 GB) NTFS
\\?\Volume{ba5fbc33-b5dd-4468-b9fb-349269ef43b8}\ (Bitdefender Virtual Disk) (Fixed) (Total:0.03 GB) (Free:0.02 GB) NTFS
\\?\Volume{66ea86f7-c1d4-448b-add0-88414f6b20cc}\ () (Fixed) (Total:0.09 GB) (Free:0.06 GB) FAT32
==================== MBR & Partition Table ====================
==========================================================
Disk: 0 (Protective MBR) (Size: 931.5 GB) (Disk ID: 00000000)
Partition: GPT.
==========================================================
Disk: 1 (Protective MBR) (Size: 32 MB) (Disk ID: 00000000)
Partition: GPT.
==================== End of Addition.txt =======================
Děkuji
Odvirování PC, zrychlení počítače, vzdálená pomoc prostřednictvím služby neslape.cz
Kontrola logu
Moderátor: Moderátoři
Pravidla fóra
Pokud chcete pomoc, vložte log z FRST [návod zde] nebo RSIT [návod zde]
Jednotlivé thready budou po vyřešení uzamčeny. Stejně tak ty, které budou nečinné déle než 14 dní. Vizte Pravidlo o zamykání témat. Děkujeme za pochopení.
!NOVINKA!
Nově lze využívat služby vzdálené pomoci, kdy se k vašemu počítači připojí odborník a bližší informace o problému si od vás získá telefonicky! Více na www.neslape.cz
Pokud chcete pomoc, vložte log z FRST [návod zde] nebo RSIT [návod zde]
Jednotlivé thready budou po vyřešení uzamčeny. Stejně tak ty, které budou nečinné déle než 14 dní. Vizte Pravidlo o zamykání témat. Děkujeme za pochopení.
!NOVINKA!
Nově lze využívat služby vzdálené pomoci, kdy se k vašemu počítači připojí odborník a bližší informace o problému si od vás získá telefonicky! Více na www.neslape.cz
Kontrola logu
- Přílohy
-
- Snímek obrazovky 2025-10-24 204402.png (35.99 KiB) Zobrazeno 465 x
-
Rudy
- Site Admin
- Příspěvky: 119610
- Registrován: 30 říj 2003 13:42
- Bydliště: Plzeň
- Kontaktovat uživatele:
Re: Kontrola logu
Zdravím!
Jaký antivir vám toto hlásí? Myslím, že je to nějaký nesmysl. Viz: https://support-microsoft-com.translate ... _tr_pto=sc .
Jaký antivir vám toto hlásí? Myslím, že je to nějaký nesmysl. Viz: https://support-microsoft-com.translate ... _tr_pto=sc .
Dotazy a logy vkládejte pouze do vašich threadů. Soukromé zprávy, icq a e-maily neslouží k řešení vašich problémů.
Podpořte, prosím, naše fórum : https://platba.viry.cz/payment/.
Navštivte:
e-mail: rudy(zavináč)forum.viry.cz
Varování: Před odvirováním PC si udělejte zálohy svých důležitých dat (pošta, kontakty, dokumenty, fotografie, videa, hudba apod.). Virus mimo svých "viditelných" aktivit může poškodit systém!
Po dořešení vašeho problému bude vlákno zamknuto. Stejně tak tehdy, pokud bude nečinné více než 14dnů. Pokud budete chtít vlákno aktivovat, napište mi na mail uvedený výše.
Podpořte, prosím, naše fórum : https://platba.viry.cz/payment/.
Navštivte:
e-mail: rudy(zavináč)forum.viry.cz
Varování: Před odvirováním PC si udělejte zálohy svých důležitých dat (pošta, kontakty, dokumenty, fotografie, videa, hudba apod.). Virus mimo svých "viditelných" aktivit může poškodit systém!
Po dořešení vašeho problému bude vlákno zamknuto. Stejně tak tehdy, pokud bude nečinné více než 14dnů. Pokud budete chtít vlákno aktivovat, napište mi na mail uvedený výše.
Re: Kontrola logu
Je tam antivir Bitdefender.
A dnes po zapnutí PC to hlásí znovu.
A dnes po zapnutí PC to hlásí znovu.
-
Rudy
- Site Admin
- Příspěvky: 119610
- Registrován: 30 říj 2003 13:42
- Bydliště: Plzeň
- Kontaktovat uživatele:
Re: Kontrola logu
Podle mne je to nějaká ptákovina, nicméně můžeme provést vyčištění. Otevřte poznámkový blok a zkopírujte do něj:
Uložte do C:\Users\PF\Downloads jako fixlist.txt. Spusťte znovu FRST a klikněte na >Fix<. Po skončení akce se objeví log, který sem zkopírujte.Start
CloseProcesses:
HKLM\SOFTWARE\Microsoft\Windows Defender: [DisableAntiSpyware] Restriction <==== ATTENTION
HKLM\SOFTWARE\Microsoft\Windows Defender: [DisableAntiVirus] Restriction <==== ATTENTION
Task: {077BA067-7C15-40F0-B22E-C9DC2A54B4A2} - System32\Tasks\Microsoft\Windows\Location\Notifications => %windir%\System32\LocationNotificationWindows.exe (No File)
Task: {F3E6E7ED-A196-4E44-8803-55FAB3AD4E29} - System32\Tasks\Microsoft\Windows\UpdateOrchestrator\USO_UxBroker => %systemroot%\system32\MusNotification.exe (No File)
Task: {F55514BD-254E-4EEE-8229-56D891B70C0B} - System32\Tasks\Opera scheduled Autoupdate 1733851398 => C:\Users\PF\AppData\Local\Programs\Opera\autoupdate\opera_autoupdate.exe --scheduledtask --bypasslauncher $(Arg0) (No File)
R3 cpuz158; C:\WINDOWS\temp\cpuz158\cpuz158_x64.sys [44592 2025-10-24] (Microsoft Windows Hardware Compatibility Publisher -> CPUID) <==== ATTENTION
C:\WINDOWS\system32\5E37410B-D6F1-471D-AE27-563CEAC0D6B2
AlternateDataStreams: C:\WINDOWS\system32\Drivers\IOMap64.sys-old:BDU [1]
FirewallRules: [{87A85880-791D-4BF4-8516-AEF910AB4FA0}] => (Allow) C:\Users\PF\AppData\Local\Programs\Opera\opera.exe => No File
FirewallRules: [UDP Query User{65E3AF2E-D79F-4763-A3C1-21283DA39061}C:\games\world_of_tanks_eu\win64\worldoftanks.exe] => (Allow) C:\games\world_of_tanks_eu\win64\worldoftanks.exe => No File
FirewallRules: [TCP Query User{980249A4-00E1-4382-A3D2-5A20CDF625E5}C:\games\world_of_tanks_eu\win64\worldoftanks.exe] => (Allow) C:\games\world_of_tanks_eu\win64\worldoftanks.exe => No File
FirewallRules: [{45EA564F-0DA0-487B-B4D3-5441E59E8A48}] => (Allow) C:\Program Files (x86)\Steam\steamapps\common\Crusader Kings III\launcher\dowser.exe => No File
FirewallRules: [{B1451EE0-39B2-4632-9910-1825DFDFB24A}] => (Allow) C:\Program Files (x86)\Steam\steamapps\common\Crusader Kings III\launcher\dowser.exe => No File
FirewallRules: [{8A16D8DB-D1BD-4796-BA68-63CCD972825C}] => (Allow) C:\Program Files (x86)\Steam\steamapps\common\Euro Truck Simulator 2\bin\win_x86\eurotrucks2.exe => No File
FirewallRules: [{4CBA6787-97AA-4F8A-88BA-952FFA88B545}] => (Allow) C:\Program Files (x86)\Steam\steamapps\common\Euro Truck Simulator 2\bin\win_x86\eurotrucks2.exe => No File
FirewallRules: [TCP Query User{1C8E7410-BA09-4FAC-BFF1-62A76176936E}C:\users\pf\appdata\local\wemod\app-10.16.0\wemod.exe] => (Block) C:\users\pf\appdata\local\wemod\app-10.16.0\wemod.exe => No File
FirewallRules: [UDP Query User{8B8EB390-3E45-4042-A96A-F2E6B6A1B739}C:\users\pf\appdata\local\wemod\app-10.16.0\wemod.exe] => (Block) C:\users\pf\appdata\local\wemod\app-10.16.0\wemod.exe => No File
FirewallRules: [TCP Query User{5FAF7DBC-B815-44B1-B86B-D825F2484C4D}C:\program files\epic games\sidmeierscivilizationvi\base\binaries\win64eos\civilizationvi.exe] => (Allow) C:\program files\epic games\sidmeierscivilizationvi\base\binaries\win64eos\civilizationvi.exe => No File
FirewallRules: [UDP Query User{E8355F29-34A6-49B8-A65C-71D57256E6B1}C:\program files\epic games\sidmeierscivilizationvi\base\binaries\win64eos\civilizationvi.exe] => (Allow) C:\program files\epic games\sidmeierscivilizationvi\base\binaries\win64eos\civilizationvi.exe => No File
FirewallRules: [TCP Query User{903C969E-C71A-4B4E-9D73-4D1E44500E1E}C:\users\pf\appdata\roaming\utorrent\utorrent.exe] => (Allow) C:\users\pf\appdata\roaming\utorrent\utorrent.exe => No File
FirewallRules: [UDP Query User{D480083E-69E8-4B41-BB27-D0D48BFADD1E}C:\users\pf\appdata\roaming\utorrent\utorrent.exe] => (Allow) C:\users\pf\appdata\roaming\utorrent\utorrent.exe => No File
FirewallRules: [TCP Query User{2C50C7C8-4DBA-4FBC-B38E-BFA81D366788}C:\users\pf\downloads\sid.meiers.civilization.vi.v1.0.12.31.all.dlc\sid.meiers.civilization.vi.v1.0.12.31.all.dlc\game\launchpad\launchpad.exe] => (Allow) C:\users\pf\downloads\sid.meiers.civilization.vi.v1.0.12.31.all.dlc\sid.meiers.civilization.vi.v1.0.12.31.all.dlc\game\launchpad\launchpad.exe => No File
FirewallRules: [UDP Query User{158E490A-B4BA-491C-90D3-36531CE4CC51}C:\users\pf\downloads\sid.meiers.civilization.vi.v1.0.12.31.all.dlc\sid.meiers.civilization.vi.v1.0.12.31.all.dlc\game\launchpad\launchpad.exe] => (Allow) C:\users\pf\downloads\sid.meiers.civilization.vi.v1.0.12.31.all.dlc\sid.meiers.civilization.vi.v1.0.12.31.all.dlc\game\launchpad\launchpad.exe => No File
FirewallRules: [TCP Query User{D9133B11-F28A-43DF-BDB9-01B4D1D30D19}C:\users\pf\downloads\sid.meiers.civilization.vi.v1.0.12.31.all.dlc\sid.meiers.civilization.vi.v1.0.12.31.all.dlc\game\base\binaries\win64steam\civilizationvi_dx12.exe] => (Allow) C:\users\pf\downloads\sid.meiers.civilization.vi.v1.0.12.31.all.dlc\sid.meiers.civilization.vi.v1.0.12.31.all.dlc\game\base\binaries\win64steam\civilizationvi_dx12.exe => No File
FirewallRules: [UDP Query User{68FEDBA4-8179-40CC-80B0-E44B88963A6E}C:\users\pf\downloads\sid.meiers.civilization.vi.v1.0.12.31.all.dlc\sid.meiers.civilization.vi.v1.0.12.31.all.dlc\game\base\binaries\win64steam\civilizationvi_dx12.exe] => (Allow) C:\users\pf\downloads\sid.meiers.civilization.vi.v1.0.12.31.all.dlc\sid.meiers.civilization.vi.v1.0.12.31.all.dlc\game\base\binaries\win64steam\civilizationvi_dx12.exe => No File
FirewallRules: [TCP Query User{933EF013-B127-4CEF-BB55-D6BE97B8C3B9}C:\games\sid.meiers.civilization.vi.v1.0.12.31.all.dlc\game\base\binaries\win64steam\civilizationvi_dx12.exe] => (Allow) C:\games\sid.meiers.civilization.vi.v1.0.12.31.all.dlc\game\base\binaries\win64steam\civilizationvi_dx12.exe => No File
FirewallRules: [UDP Query User{576E0718-3876-460E-A990-248C71AD49B5}C:\games\sid.meiers.civilization.vi.v1.0.12.31.all.dlc\game\base\binaries\win64steam\civilizationvi_dx12.exe] => (Allow) C:\games\sid.meiers.civilization.vi.v1.0.12.31.all.dlc\game\base\binaries\win64steam\civilizationvi_dx12.exe => No File
EmptyTemp:
End
Dotazy a logy vkládejte pouze do vašich threadů. Soukromé zprávy, icq a e-maily neslouží k řešení vašich problémů.
Podpořte, prosím, naše fórum : https://platba.viry.cz/payment/.
Navštivte:
e-mail: rudy(zavináč)forum.viry.cz
Varování: Před odvirováním PC si udělejte zálohy svých důležitých dat (pošta, kontakty, dokumenty, fotografie, videa, hudba apod.). Virus mimo svých "viditelných" aktivit může poškodit systém!
Po dořešení vašeho problému bude vlákno zamknuto. Stejně tak tehdy, pokud bude nečinné více než 14dnů. Pokud budete chtít vlákno aktivovat, napište mi na mail uvedený výše.
Podpořte, prosím, naše fórum : https://platba.viry.cz/payment/.
Navštivte:
e-mail: rudy(zavináč)forum.viry.cz
Varování: Před odvirováním PC si udělejte zálohy svých důležitých dat (pošta, kontakty, dokumenty, fotografie, videa, hudba apod.). Virus mimo svých "viditelných" aktivit může poškodit systém!
Po dořešení vašeho problému bude vlákno zamknuto. Stejně tak tehdy, pokud bude nečinné více než 14dnů. Pokud budete chtít vlákno aktivovat, napište mi na mail uvedený výše.
Re: Kontrola logu
Fix result of Farbar Recovery Scan Tool (x64) Version: 24-10-2025
Ran by PF (25-10-2025 12:17:16) Run:2
Running from C:\Users\PF\Downloads
Loaded Profiles: PF
Boot Mode: Normal
==============================================
fixlist content:
*****************
Start
CloseProcesses:
HKLM\SOFTWARE\Microsoft\Windows Defender: [DisableAntiSpyware] Restriction <==== ATTENTION
HKLM\SOFTWARE\Microsoft\Windows Defender: [DisableAntiVirus] Restriction <==== ATTENTION
Task: {077BA067-7C15-40F0-B22E-C9DC2A54B4A2} - System32\Tasks\Microsoft\Windows\Location\Notifications => %windir%\System32\LocationNotificationWindows.exe (No File)
Task: {F3E6E7ED-A196-4E44-8803-55FAB3AD4E29} - System32\Tasks\Microsoft\Windows\UpdateOrchestrator\USO_UxBroker => %systemroot%\system32\MusNotification.exe (No File)
Task: {F55514BD-254E-4EEE-8229-56D891B70C0B} - System32\Tasks\Opera scheduled Autoupdate 1733851398 => C:\Users\PF\AppData\Local\Programs\Opera\autoupdate\opera_autoupdate.exe --scheduledtask --bypasslauncher $(Arg0) (No File)
R3 cpuz158; C:\WINDOWS\temp\cpuz158\cpuz158_x64.sys [44592 2025-10-24] (Microsoft Windows Hardware Compatibility Publisher -> CPUID) <==== ATTENTION
C:\WINDOWS\system32\5E37410B-D6F1-471D-AE27-563CEAC0D6B2
AlternateDataStreams: C:\WINDOWS\system32\Drivers\IOMap64.sys-old:BDU [1]
FirewallRules: [{87A85880-791D-4BF4-8516-AEF910AB4FA0}] => (Allow) C:\Users\PF\AppData\Local\Programs\Opera\opera.exe => No File
FirewallRules: [UDP Query User{65E3AF2E-D79F-4763-A3C1-21283DA39061}C:\games\world_of_tanks_eu\win64\worldoftanks.exe] => (Allow) C:\games\world_of_tanks_eu\win64\worldoftanks.exe => No File
FirewallRules: [TCP Query User{980249A4-00E1-4382-A3D2-5A20CDF625E5}C:\games\world_of_tanks_eu\win64\worldoftanks.exe] => (Allow) C:\games\world_of_tanks_eu\win64\worldoftanks.exe => No File
FirewallRules: [{45EA564F-0DA0-487B-B4D3-5441E59E8A48}] => (Allow) C:\Program Files (x86)\Steam\steamapps\common\Crusader Kings III\launcher\dowser.exe => No File
FirewallRules: [{B1451EE0-39B2-4632-9910-1825DFDFB24A}] => (Allow) C:\Program Files (x86)\Steam\steamapps\common\Crusader Kings III\launcher\dowser.exe => No File
FirewallRules: [{8A16D8DB-D1BD-4796-BA68-63CCD972825C}] => (Allow) C:\Program Files (x86)\Steam\steamapps\common\Euro Truck Simulator 2\bin\win_x86\eurotrucks2.exe => No File
FirewallRules: [{4CBA6787-97AA-4F8A-88BA-952FFA88B545}] => (Allow) C:\Program Files (x86)\Steam\steamapps\common\Euro Truck Simulator 2\bin\win_x86\eurotrucks2.exe => No File
FirewallRules: [TCP Query User{1C8E7410-BA09-4FAC-BFF1-62A76176936E}C:\users\pf\appdata\local\wemod\app-10.16.0\wemod.exe] => (Block) C:\users\pf\appdata\local\wemod\app-10.16.0\wemod.exe => No File
FirewallRules: [UDP Query User{8B8EB390-3E45-4042-A96A-F2E6B6A1B739}C:\users\pf\appdata\local\wemod\app-10.16.0\wemod.exe] => (Block) C:\users\pf\appdata\local\wemod\app-10.16.0\wemod.exe => No File
FirewallRules: [TCP Query User{5FAF7DBC-B815-44B1-B86B-D825F2484C4D}C:\program files\epic games\sidmeierscivilizationvi\base\binaries\win64eos\civilizationvi.exe] => (Allow) C:\program files\epic games\sidmeierscivilizationvi\base\binaries\win64eos\civilizationvi.exe => No File
FirewallRules: [UDP Query User{E8355F29-34A6-49B8-A65C-71D57256E6B1}C:\program files\epic games\sidmeierscivilizationvi\base\binaries\win64eos\civilizationvi.exe] => (Allow) C:\program files\epic games\sidmeierscivilizationvi\base\binaries\win64eos\civilizationvi.exe => No File
FirewallRules: [TCP Query User{903C969E-C71A-4B4E-9D73-4D1E44500E1E}C:\users\pf\appdata\roaming\utorrent\utorrent.exe] => (Allow) C:\users\pf\appdata\roaming\utorrent\utorrent.exe => No File
FirewallRules: [UDP Query User{D480083E-69E8-4B41-BB27-D0D48BFADD1E}C:\users\pf\appdata\roaming\utorrent\utorrent.exe] => (Allow) C:\users\pf\appdata\roaming\utorrent\utorrent.exe => No File
FirewallRules: [TCP Query User{2C50C7C8-4DBA-4FBC-B38E-BFA81D366788}C:\users\pf\downloads\sid.meiers.civilization.vi.v1.0.12.31.all.dlc\sid.meiers.civilization.vi.v1.0.12.31.all.dlc\game\launchpad\launchpad.exe] => (Allow) C:\users\pf\downloads\sid.meiers.civilization.vi.v1.0.12.31.all.dlc\sid.meiers.civilization.vi.v1.0.12.31.all.dlc\game\launchpad\launchpad.exe => No File
FirewallRules: [UDP Query User{158E490A-B4BA-491C-90D3-36531CE4CC51}C:\users\pf\downloads\sid.meiers.civilization.vi.v1.0.12.31.all.dlc\sid.meiers.civilization.vi.v1.0.12.31.all.dlc\game\launchpad\launchpad.exe] => (Allow) C:\users\pf\downloads\sid.meiers.civilization.vi.v1.0.12.31.all.dlc\sid.meiers.civilization.vi.v1.0.12.31.all.dlc\game\launchpad\launchpad.exe => No File
FirewallRules: [TCP Query User{D9133B11-F28A-43DF-BDB9-01B4D1D30D19}C:\users\pf\downloads\sid.meiers.civilization.vi.v1.0.12.31.all.dlc\sid.meiers.civilization.vi.v1.0.12.31.all.dlc\game\base\binaries\win64steam\civilizationvi_dx12.exe] => (Allow) C:\users\pf\downloads\sid.meiers.civilization.vi.v1.0.12.31.all.dlc\sid.meiers.civilization.vi.v1.0.12.31.all.dlc\game\base\binaries\win64steam\civilizationvi_dx12.exe => No File
FirewallRules: [UDP Query User{68FEDBA4-8179-40CC-80B0-E44B88963A6E}C:\users\pf\downloads\sid.meiers.civilization.vi.v1.0.12.31.all.dlc\sid.meiers.civilization.vi.v1.0.12.31.all.dlc\game\base\binaries\win64steam\civilizationvi_dx12.exe] => (Allow) C:\users\pf\downloads\sid.meiers.civilization.vi.v1.0.12.31.all.dlc\sid.meiers.civilization.vi.v1.0.12.31.all.dlc\game\base\binaries\win64steam\civilizationvi_dx12.exe => No File
FirewallRules: [TCP Query User{933EF013-B127-4CEF-BB55-D6BE97B8C3B9}C:\games\sid.meiers.civilization.vi.v1.0.12.31.all.dlc\game\base\binaries\win64steam\civilizationvi_dx12.exe] => (Allow) C:\games\sid.meiers.civilization.vi.v1.0.12.31.all.dlc\game\base\binaries\win64steam\civilizationvi_dx12.exe => No File
FirewallRules: [UDP Query User{576E0718-3876-460E-A990-248C71AD49B5}C:\games\sid.meiers.civilization.vi.v1.0.12.31.all.dlc\game\base\binaries\win64steam\civilizationvi_dx12.exe] => (Allow) C:\games\sid.meiers.civilization.vi.v1.0.12.31.all.dlc\game\base\binaries\win64steam\civilizationvi_dx12.exe => No File
EmptyTemp:
End
*****************
Processes closed successfully.
HKLM\SOFTWARE\Microsoft\Windows Defender\\"DisableAntiSpyware"="0" => value restored successfully
HKLM\SOFTWARE\Microsoft\Windows Defender\\"DisableAntiVirus"="0" => value restored successfully
"HKLM\Software\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Plain\{077BA067-7C15-40F0-B22E-C9DC2A54B4A2}" => removed successfully
"HKLM\Software\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tasks\{077BA067-7C15-40F0-B22E-C9DC2A54B4A2}" => removed successfully
C:\WINDOWS\System32\Tasks\Microsoft\Windows\Location\Notifications => moved successfully
"HKLM\Software\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tree\Microsoft\Windows\Location\Notifications" => removed successfully
"HKLM\Software\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Plain\{F3E6E7ED-A196-4E44-8803-55FAB3AD4E29}" => removed successfully
"HKLM\Software\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tasks\{F3E6E7ED-A196-4E44-8803-55FAB3AD4E29}" => removed successfully
C:\WINDOWS\System32\Tasks\Microsoft\Windows\UpdateOrchestrator\USO_UxBroker => moved successfully
"HKLM\Software\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tree\Microsoft\Windows\UpdateOrchestrator\USO_UxBroker" => removed successfully
"HKLM\Software\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Logon\{F55514BD-254E-4EEE-8229-56D891B70C0B}" => removed successfully
"HKLM\Software\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tasks\{F55514BD-254E-4EEE-8229-56D891B70C0B}" => removed successfully
C:\WINDOWS\System32\Tasks\Opera scheduled Autoupdate 1733851398 => moved successfully
"HKLM\Software\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tree\Opera scheduled Autoupdate 1733851398" => removed successfully
cpuz158 => Service stopped successfully.
HKLM\System\CurrentControlSet\Services\cpuz158 => removed successfully
cpuz158 => service removed successfully
Could not move "C:\WINDOWS\system32\5E37410B-D6F1-471D-AE27-563CEAC0D6B2" => Scheduled to move on reboot.
C:\WINDOWS\system32\Drivers\IOMap64.sys-old => ":BDU" ADS removed successfully
"HKLM\SYSTEM\CurrentControlSet\services\SharedAccess\Parameters\FirewallPolicy\FirewallRules\\{87A85880-791D-4BF4-8516-AEF910AB4FA0}" => removed successfully
"HKLM\SYSTEM\CurrentControlSet\services\SharedAccess\Parameters\FirewallPolicy\FirewallRules\\UDP Query User{65E3AF2E-D79F-4763-A3C1-21283DA39061}C:\games\world_of_tanks_eu\win64\worldoftanks.exe" => removed successfully
"HKLM\SYSTEM\CurrentControlSet\services\SharedAccess\Parameters\FirewallPolicy\FirewallRules\\TCP Query User{980249A4-00E1-4382-A3D2-5A20CDF625E5}C:\games\world_of_tanks_eu\win64\worldoftanks.exe" => removed successfully
"HKLM\SYSTEM\CurrentControlSet\services\SharedAccess\Parameters\FirewallPolicy\FirewallRules\\{45EA564F-0DA0-487B-B4D3-5441E59E8A48}" => removed successfully
"HKLM\SYSTEM\CurrentControlSet\services\SharedAccess\Parameters\FirewallPolicy\FirewallRules\\{B1451EE0-39B2-4632-9910-1825DFDFB24A}" => removed successfully
"HKLM\SYSTEM\CurrentControlSet\services\SharedAccess\Parameters\FirewallPolicy\FirewallRules\\{8A16D8DB-D1BD-4796-BA68-63CCD972825C}" => removed successfully
"HKLM\SYSTEM\CurrentControlSet\services\SharedAccess\Parameters\FirewallPolicy\FirewallRules\\{4CBA6787-97AA-4F8A-88BA-952FFA88B545}" => removed successfully
"HKLM\SYSTEM\CurrentControlSet\services\SharedAccess\Parameters\FirewallPolicy\FirewallRules\\TCP Query User{1C8E7410-BA09-4FAC-BFF1-62A76176936E}C:\users\pf\appdata\local\wemod\app-10.16.0\wemod.exe" => removed successfully
"HKLM\SYSTEM\CurrentControlSet\services\SharedAccess\Parameters\FirewallPolicy\FirewallRules\\UDP Query User{8B8EB390-3E45-4042-A96A-F2E6B6A1B739}C:\users\pf\appdata\local\wemod\app-10.16.0\wemod.exe" => removed successfully
"HKLM\SYSTEM\CurrentControlSet\services\SharedAccess\Parameters\FirewallPolicy\FirewallRules\\TCP Query User{5FAF7DBC-B815-44B1-B86B-D825F2484C4D}C:\program files\epic games\sidmeierscivilizationvi\base\binaries\win64eos\civilizationvi.exe" => removed successfully
"HKLM\SYSTEM\CurrentControlSet\services\SharedAccess\Parameters\FirewallPolicy\FirewallRules\\UDP Query User{E8355F29-34A6-49B8-A65C-71D57256E6B1}C:\program files\epic games\sidmeierscivilizationvi\base\binaries\win64eos\civilizationvi.exe" => removed successfully
"HKLM\SYSTEM\CurrentControlSet\services\SharedAccess\Parameters\FirewallPolicy\FirewallRules\\TCP Query User{903C969E-C71A-4B4E-9D73-4D1E44500E1E}C:\users\pf\appdata\roaming\utorrent\utorrent.exe" => removed successfully
"HKLM\SYSTEM\CurrentControlSet\services\SharedAccess\Parameters\FirewallPolicy\FirewallRules\\UDP Query User{D480083E-69E8-4B41-BB27-D0D48BFADD1E}C:\users\pf\appdata\roaming\utorrent\utorrent.exe" => removed successfully
"HKLM\SYSTEM\CurrentControlSet\services\SharedAccess\Parameters\FirewallPolicy\FirewallRules\\TCP Query User{2C50C7C8-4DBA-4FBC-B38E-BFA81D366788}C:\users\pf\downloads\sid.meiers.civilization.vi.v1.0.12.31.all.dlc\sid.meiers.civilization.vi.v1.0.12.31.all.dlc\game\launchpad\launchpad.exe" => removed successfully
"HKLM\SYSTEM\CurrentControlSet\services\SharedAccess\Parameters\FirewallPolicy\FirewallRules\\UDP Query User{158E490A-B4BA-491C-90D3-36531CE4CC51}C:\users\pf\downloads\sid.meiers.civilization.vi.v1.0.12.31.all.dlc\sid.meiers.civilization.vi.v1.0.12.31.all.dlc\game\launchpad\launchpad.exe" => removed successfully
"HKLM\SYSTEM\CurrentControlSet\services\SharedAccess\Parameters\FirewallPolicy\FirewallRules\\TCP Query User{D9133B11-F28A-43DF-BDB9-01B4D1D30D19}C:\users\pf\downloads\sid.meiers.civilization.vi.v1.0.12.31.all.dlc\sid.meiers.civilization.vi.v1.0.12.31.all.dlc\game\base\binaries\win64steam\civilizationvi_dx12.exe" => removed successfully
"HKLM\SYSTEM\CurrentControlSet\services\SharedAccess\Parameters\FirewallPolicy\FirewallRules\\UDP Query User{68FEDBA4-8179-40CC-80B0-E44B88963A6E}C:\users\pf\downloads\sid.meiers.civilization.vi.v1.0.12.31.all.dlc\sid.meiers.civilization.vi.v1.0.12.31.all.dlc\game\base\binaries\win64steam\civilizationvi_dx12.exe" => removed successfully
"HKLM\SYSTEM\CurrentControlSet\services\SharedAccess\Parameters\FirewallPolicy\FirewallRules\\TCP Query User{933EF013-B127-4CEF-BB55-D6BE97B8C3B9}C:\games\sid.meiers.civilization.vi.v1.0.12.31.all.dlc\game\base\binaries\win64steam\civilizationvi_dx12.exe" => removed successfully
"HKLM\SYSTEM\CurrentControlSet\services\SharedAccess\Parameters\FirewallPolicy\FirewallRules\\UDP Query User{576E0718-3876-460E-A990-248C71AD49B5}C:\games\sid.meiers.civilization.vi.v1.0.12.31.all.dlc\game\base\binaries\win64steam\civilizationvi_dx12.exe" => removed successfully
=========== EmptyTemp: ==========
FlushDNS => completed
BITS transfer queue => 1310720 B
DOMStore, IE Recovery, AppCache, Feeds Cache, Thumbcache, IconCache => 9495574 B
Java, Discord, Steam htmlcache, WinHttpAutoProxySvc/winhttp *.cache => 846947695 B
Windows/system/drivers => 1526624 B
Edge => 0 B
Chrome => 90362719 B
Firefox => 0 B
Opera => 0 B
Temp, IE cache, history, cookies, recent:
Default => 0 B
ProgramData => 0 B
Public => 0 B
systemprofile => 0 B
systemprofile32 => 0 B
LocalService => 4054 B
NetworkService => 4054 B
PF => 2292568 B
RecycleBin => 0 B
EmptyTemp: => 907.8 MB temporary data Removed.
================================
Result of scheduled files to move (Boot Mode: Normal) (Date&Time: 25-10-2025 12:18:08)
C:\WINDOWS\system32\5E37410B-D6F1-471D-AE27-563CEAC0D6B2 => Is moved successfully
==== End of Fixlog 12:18:08 ====
Ran by PF (25-10-2025 12:17:16) Run:2
Running from C:\Users\PF\Downloads
Loaded Profiles: PF
Boot Mode: Normal
==============================================
fixlist content:
*****************
Start
CloseProcesses:
HKLM\SOFTWARE\Microsoft\Windows Defender: [DisableAntiSpyware] Restriction <==== ATTENTION
HKLM\SOFTWARE\Microsoft\Windows Defender: [DisableAntiVirus] Restriction <==== ATTENTION
Task: {077BA067-7C15-40F0-B22E-C9DC2A54B4A2} - System32\Tasks\Microsoft\Windows\Location\Notifications => %windir%\System32\LocationNotificationWindows.exe (No File)
Task: {F3E6E7ED-A196-4E44-8803-55FAB3AD4E29} - System32\Tasks\Microsoft\Windows\UpdateOrchestrator\USO_UxBroker => %systemroot%\system32\MusNotification.exe (No File)
Task: {F55514BD-254E-4EEE-8229-56D891B70C0B} - System32\Tasks\Opera scheduled Autoupdate 1733851398 => C:\Users\PF\AppData\Local\Programs\Opera\autoupdate\opera_autoupdate.exe --scheduledtask --bypasslauncher $(Arg0) (No File)
R3 cpuz158; C:\WINDOWS\temp\cpuz158\cpuz158_x64.sys [44592 2025-10-24] (Microsoft Windows Hardware Compatibility Publisher -> CPUID) <==== ATTENTION
C:\WINDOWS\system32\5E37410B-D6F1-471D-AE27-563CEAC0D6B2
AlternateDataStreams: C:\WINDOWS\system32\Drivers\IOMap64.sys-old:BDU [1]
FirewallRules: [{87A85880-791D-4BF4-8516-AEF910AB4FA0}] => (Allow) C:\Users\PF\AppData\Local\Programs\Opera\opera.exe => No File
FirewallRules: [UDP Query User{65E3AF2E-D79F-4763-A3C1-21283DA39061}C:\games\world_of_tanks_eu\win64\worldoftanks.exe] => (Allow) C:\games\world_of_tanks_eu\win64\worldoftanks.exe => No File
FirewallRules: [TCP Query User{980249A4-00E1-4382-A3D2-5A20CDF625E5}C:\games\world_of_tanks_eu\win64\worldoftanks.exe] => (Allow) C:\games\world_of_tanks_eu\win64\worldoftanks.exe => No File
FirewallRules: [{45EA564F-0DA0-487B-B4D3-5441E59E8A48}] => (Allow) C:\Program Files (x86)\Steam\steamapps\common\Crusader Kings III\launcher\dowser.exe => No File
FirewallRules: [{B1451EE0-39B2-4632-9910-1825DFDFB24A}] => (Allow) C:\Program Files (x86)\Steam\steamapps\common\Crusader Kings III\launcher\dowser.exe => No File
FirewallRules: [{8A16D8DB-D1BD-4796-BA68-63CCD972825C}] => (Allow) C:\Program Files (x86)\Steam\steamapps\common\Euro Truck Simulator 2\bin\win_x86\eurotrucks2.exe => No File
FirewallRules: [{4CBA6787-97AA-4F8A-88BA-952FFA88B545}] => (Allow) C:\Program Files (x86)\Steam\steamapps\common\Euro Truck Simulator 2\bin\win_x86\eurotrucks2.exe => No File
FirewallRules: [TCP Query User{1C8E7410-BA09-4FAC-BFF1-62A76176936E}C:\users\pf\appdata\local\wemod\app-10.16.0\wemod.exe] => (Block) C:\users\pf\appdata\local\wemod\app-10.16.0\wemod.exe => No File
FirewallRules: [UDP Query User{8B8EB390-3E45-4042-A96A-F2E6B6A1B739}C:\users\pf\appdata\local\wemod\app-10.16.0\wemod.exe] => (Block) C:\users\pf\appdata\local\wemod\app-10.16.0\wemod.exe => No File
FirewallRules: [TCP Query User{5FAF7DBC-B815-44B1-B86B-D825F2484C4D}C:\program files\epic games\sidmeierscivilizationvi\base\binaries\win64eos\civilizationvi.exe] => (Allow) C:\program files\epic games\sidmeierscivilizationvi\base\binaries\win64eos\civilizationvi.exe => No File
FirewallRules: [UDP Query User{E8355F29-34A6-49B8-A65C-71D57256E6B1}C:\program files\epic games\sidmeierscivilizationvi\base\binaries\win64eos\civilizationvi.exe] => (Allow) C:\program files\epic games\sidmeierscivilizationvi\base\binaries\win64eos\civilizationvi.exe => No File
FirewallRules: [TCP Query User{903C969E-C71A-4B4E-9D73-4D1E44500E1E}C:\users\pf\appdata\roaming\utorrent\utorrent.exe] => (Allow) C:\users\pf\appdata\roaming\utorrent\utorrent.exe => No File
FirewallRules: [UDP Query User{D480083E-69E8-4B41-BB27-D0D48BFADD1E}C:\users\pf\appdata\roaming\utorrent\utorrent.exe] => (Allow) C:\users\pf\appdata\roaming\utorrent\utorrent.exe => No File
FirewallRules: [TCP Query User{2C50C7C8-4DBA-4FBC-B38E-BFA81D366788}C:\users\pf\downloads\sid.meiers.civilization.vi.v1.0.12.31.all.dlc\sid.meiers.civilization.vi.v1.0.12.31.all.dlc\game\launchpad\launchpad.exe] => (Allow) C:\users\pf\downloads\sid.meiers.civilization.vi.v1.0.12.31.all.dlc\sid.meiers.civilization.vi.v1.0.12.31.all.dlc\game\launchpad\launchpad.exe => No File
FirewallRules: [UDP Query User{158E490A-B4BA-491C-90D3-36531CE4CC51}C:\users\pf\downloads\sid.meiers.civilization.vi.v1.0.12.31.all.dlc\sid.meiers.civilization.vi.v1.0.12.31.all.dlc\game\launchpad\launchpad.exe] => (Allow) C:\users\pf\downloads\sid.meiers.civilization.vi.v1.0.12.31.all.dlc\sid.meiers.civilization.vi.v1.0.12.31.all.dlc\game\launchpad\launchpad.exe => No File
FirewallRules: [TCP Query User{D9133B11-F28A-43DF-BDB9-01B4D1D30D19}C:\users\pf\downloads\sid.meiers.civilization.vi.v1.0.12.31.all.dlc\sid.meiers.civilization.vi.v1.0.12.31.all.dlc\game\base\binaries\win64steam\civilizationvi_dx12.exe] => (Allow) C:\users\pf\downloads\sid.meiers.civilization.vi.v1.0.12.31.all.dlc\sid.meiers.civilization.vi.v1.0.12.31.all.dlc\game\base\binaries\win64steam\civilizationvi_dx12.exe => No File
FirewallRules: [UDP Query User{68FEDBA4-8179-40CC-80B0-E44B88963A6E}C:\users\pf\downloads\sid.meiers.civilization.vi.v1.0.12.31.all.dlc\sid.meiers.civilization.vi.v1.0.12.31.all.dlc\game\base\binaries\win64steam\civilizationvi_dx12.exe] => (Allow) C:\users\pf\downloads\sid.meiers.civilization.vi.v1.0.12.31.all.dlc\sid.meiers.civilization.vi.v1.0.12.31.all.dlc\game\base\binaries\win64steam\civilizationvi_dx12.exe => No File
FirewallRules: [TCP Query User{933EF013-B127-4CEF-BB55-D6BE97B8C3B9}C:\games\sid.meiers.civilization.vi.v1.0.12.31.all.dlc\game\base\binaries\win64steam\civilizationvi_dx12.exe] => (Allow) C:\games\sid.meiers.civilization.vi.v1.0.12.31.all.dlc\game\base\binaries\win64steam\civilizationvi_dx12.exe => No File
FirewallRules: [UDP Query User{576E0718-3876-460E-A990-248C71AD49B5}C:\games\sid.meiers.civilization.vi.v1.0.12.31.all.dlc\game\base\binaries\win64steam\civilizationvi_dx12.exe] => (Allow) C:\games\sid.meiers.civilization.vi.v1.0.12.31.all.dlc\game\base\binaries\win64steam\civilizationvi_dx12.exe => No File
EmptyTemp:
End
*****************
Processes closed successfully.
HKLM\SOFTWARE\Microsoft\Windows Defender\\"DisableAntiSpyware"="0" => value restored successfully
HKLM\SOFTWARE\Microsoft\Windows Defender\\"DisableAntiVirus"="0" => value restored successfully
"HKLM\Software\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Plain\{077BA067-7C15-40F0-B22E-C9DC2A54B4A2}" => removed successfully
"HKLM\Software\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tasks\{077BA067-7C15-40F0-B22E-C9DC2A54B4A2}" => removed successfully
C:\WINDOWS\System32\Tasks\Microsoft\Windows\Location\Notifications => moved successfully
"HKLM\Software\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tree\Microsoft\Windows\Location\Notifications" => removed successfully
"HKLM\Software\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Plain\{F3E6E7ED-A196-4E44-8803-55FAB3AD4E29}" => removed successfully
"HKLM\Software\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tasks\{F3E6E7ED-A196-4E44-8803-55FAB3AD4E29}" => removed successfully
C:\WINDOWS\System32\Tasks\Microsoft\Windows\UpdateOrchestrator\USO_UxBroker => moved successfully
"HKLM\Software\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tree\Microsoft\Windows\UpdateOrchestrator\USO_UxBroker" => removed successfully
"HKLM\Software\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Logon\{F55514BD-254E-4EEE-8229-56D891B70C0B}" => removed successfully
"HKLM\Software\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tasks\{F55514BD-254E-4EEE-8229-56D891B70C0B}" => removed successfully
C:\WINDOWS\System32\Tasks\Opera scheduled Autoupdate 1733851398 => moved successfully
"HKLM\Software\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tree\Opera scheduled Autoupdate 1733851398" => removed successfully
cpuz158 => Service stopped successfully.
HKLM\System\CurrentControlSet\Services\cpuz158 => removed successfully
cpuz158 => service removed successfully
Could not move "C:\WINDOWS\system32\5E37410B-D6F1-471D-AE27-563CEAC0D6B2" => Scheduled to move on reboot.
C:\WINDOWS\system32\Drivers\IOMap64.sys-old => ":BDU" ADS removed successfully
"HKLM\SYSTEM\CurrentControlSet\services\SharedAccess\Parameters\FirewallPolicy\FirewallRules\\{87A85880-791D-4BF4-8516-AEF910AB4FA0}" => removed successfully
"HKLM\SYSTEM\CurrentControlSet\services\SharedAccess\Parameters\FirewallPolicy\FirewallRules\\UDP Query User{65E3AF2E-D79F-4763-A3C1-21283DA39061}C:\games\world_of_tanks_eu\win64\worldoftanks.exe" => removed successfully
"HKLM\SYSTEM\CurrentControlSet\services\SharedAccess\Parameters\FirewallPolicy\FirewallRules\\TCP Query User{980249A4-00E1-4382-A3D2-5A20CDF625E5}C:\games\world_of_tanks_eu\win64\worldoftanks.exe" => removed successfully
"HKLM\SYSTEM\CurrentControlSet\services\SharedAccess\Parameters\FirewallPolicy\FirewallRules\\{45EA564F-0DA0-487B-B4D3-5441E59E8A48}" => removed successfully
"HKLM\SYSTEM\CurrentControlSet\services\SharedAccess\Parameters\FirewallPolicy\FirewallRules\\{B1451EE0-39B2-4632-9910-1825DFDFB24A}" => removed successfully
"HKLM\SYSTEM\CurrentControlSet\services\SharedAccess\Parameters\FirewallPolicy\FirewallRules\\{8A16D8DB-D1BD-4796-BA68-63CCD972825C}" => removed successfully
"HKLM\SYSTEM\CurrentControlSet\services\SharedAccess\Parameters\FirewallPolicy\FirewallRules\\{4CBA6787-97AA-4F8A-88BA-952FFA88B545}" => removed successfully
"HKLM\SYSTEM\CurrentControlSet\services\SharedAccess\Parameters\FirewallPolicy\FirewallRules\\TCP Query User{1C8E7410-BA09-4FAC-BFF1-62A76176936E}C:\users\pf\appdata\local\wemod\app-10.16.0\wemod.exe" => removed successfully
"HKLM\SYSTEM\CurrentControlSet\services\SharedAccess\Parameters\FirewallPolicy\FirewallRules\\UDP Query User{8B8EB390-3E45-4042-A96A-F2E6B6A1B739}C:\users\pf\appdata\local\wemod\app-10.16.0\wemod.exe" => removed successfully
"HKLM\SYSTEM\CurrentControlSet\services\SharedAccess\Parameters\FirewallPolicy\FirewallRules\\TCP Query User{5FAF7DBC-B815-44B1-B86B-D825F2484C4D}C:\program files\epic games\sidmeierscivilizationvi\base\binaries\win64eos\civilizationvi.exe" => removed successfully
"HKLM\SYSTEM\CurrentControlSet\services\SharedAccess\Parameters\FirewallPolicy\FirewallRules\\UDP Query User{E8355F29-34A6-49B8-A65C-71D57256E6B1}C:\program files\epic games\sidmeierscivilizationvi\base\binaries\win64eos\civilizationvi.exe" => removed successfully
"HKLM\SYSTEM\CurrentControlSet\services\SharedAccess\Parameters\FirewallPolicy\FirewallRules\\TCP Query User{903C969E-C71A-4B4E-9D73-4D1E44500E1E}C:\users\pf\appdata\roaming\utorrent\utorrent.exe" => removed successfully
"HKLM\SYSTEM\CurrentControlSet\services\SharedAccess\Parameters\FirewallPolicy\FirewallRules\\UDP Query User{D480083E-69E8-4B41-BB27-D0D48BFADD1E}C:\users\pf\appdata\roaming\utorrent\utorrent.exe" => removed successfully
"HKLM\SYSTEM\CurrentControlSet\services\SharedAccess\Parameters\FirewallPolicy\FirewallRules\\TCP Query User{2C50C7C8-4DBA-4FBC-B38E-BFA81D366788}C:\users\pf\downloads\sid.meiers.civilization.vi.v1.0.12.31.all.dlc\sid.meiers.civilization.vi.v1.0.12.31.all.dlc\game\launchpad\launchpad.exe" => removed successfully
"HKLM\SYSTEM\CurrentControlSet\services\SharedAccess\Parameters\FirewallPolicy\FirewallRules\\UDP Query User{158E490A-B4BA-491C-90D3-36531CE4CC51}C:\users\pf\downloads\sid.meiers.civilization.vi.v1.0.12.31.all.dlc\sid.meiers.civilization.vi.v1.0.12.31.all.dlc\game\launchpad\launchpad.exe" => removed successfully
"HKLM\SYSTEM\CurrentControlSet\services\SharedAccess\Parameters\FirewallPolicy\FirewallRules\\TCP Query User{D9133B11-F28A-43DF-BDB9-01B4D1D30D19}C:\users\pf\downloads\sid.meiers.civilization.vi.v1.0.12.31.all.dlc\sid.meiers.civilization.vi.v1.0.12.31.all.dlc\game\base\binaries\win64steam\civilizationvi_dx12.exe" => removed successfully
"HKLM\SYSTEM\CurrentControlSet\services\SharedAccess\Parameters\FirewallPolicy\FirewallRules\\UDP Query User{68FEDBA4-8179-40CC-80B0-E44B88963A6E}C:\users\pf\downloads\sid.meiers.civilization.vi.v1.0.12.31.all.dlc\sid.meiers.civilization.vi.v1.0.12.31.all.dlc\game\base\binaries\win64steam\civilizationvi_dx12.exe" => removed successfully
"HKLM\SYSTEM\CurrentControlSet\services\SharedAccess\Parameters\FirewallPolicy\FirewallRules\\TCP Query User{933EF013-B127-4CEF-BB55-D6BE97B8C3B9}C:\games\sid.meiers.civilization.vi.v1.0.12.31.all.dlc\game\base\binaries\win64steam\civilizationvi_dx12.exe" => removed successfully
"HKLM\SYSTEM\CurrentControlSet\services\SharedAccess\Parameters\FirewallPolicy\FirewallRules\\UDP Query User{576E0718-3876-460E-A990-248C71AD49B5}C:\games\sid.meiers.civilization.vi.v1.0.12.31.all.dlc\game\base\binaries\win64steam\civilizationvi_dx12.exe" => removed successfully
=========== EmptyTemp: ==========
FlushDNS => completed
BITS transfer queue => 1310720 B
DOMStore, IE Recovery, AppCache, Feeds Cache, Thumbcache, IconCache => 9495574 B
Java, Discord, Steam htmlcache, WinHttpAutoProxySvc/winhttp *.cache => 846947695 B
Windows/system/drivers => 1526624 B
Edge => 0 B
Chrome => 90362719 B
Firefox => 0 B
Opera => 0 B
Temp, IE cache, history, cookies, recent:
Default => 0 B
ProgramData => 0 B
Public => 0 B
systemprofile => 0 B
systemprofile32 => 0 B
LocalService => 4054 B
NetworkService => 4054 B
PF => 2292568 B
RecycleBin => 0 B
EmptyTemp: => 907.8 MB temporary data Removed.
================================
Result of scheduled files to move (Boot Mode: Normal) (Date&Time: 25-10-2025 12:18:08)
C:\WINDOWS\system32\5E37410B-D6F1-471D-AE27-563CEAC0D6B2 => Is moved successfully
==== End of Fixlog 12:18:08 ====
-
Rudy
- Site Admin
- Příspěvky: 119610
- Registrován: 30 říj 2003 13:42
- Bydliště: Plzeň
- Kontaktovat uživatele:
Re: Kontrola logu
Smazáno. Nastala nějaká změna?
Dotazy a logy vkládejte pouze do vašich threadů. Soukromé zprávy, icq a e-maily neslouží k řešení vašich problémů.
Podpořte, prosím, naše fórum : https://platba.viry.cz/payment/.
Navštivte:
e-mail: rudy(zavináč)forum.viry.cz
Varování: Před odvirováním PC si udělejte zálohy svých důležitých dat (pošta, kontakty, dokumenty, fotografie, videa, hudba apod.). Virus mimo svých "viditelných" aktivit může poškodit systém!
Po dořešení vašeho problému bude vlákno zamknuto. Stejně tak tehdy, pokud bude nečinné více než 14dnů. Pokud budete chtít vlákno aktivovat, napište mi na mail uvedený výše.
Podpořte, prosím, naše fórum : https://platba.viry.cz/payment/.
Navštivte:
e-mail: rudy(zavináč)forum.viry.cz
Varování: Před odvirováním PC si udělejte zálohy svých důležitých dat (pošta, kontakty, dokumenty, fotografie, videa, hudba apod.). Virus mimo svých "viditelných" aktivit může poškodit systém!
Po dořešení vašeho problému bude vlákno zamknuto. Stejně tak tehdy, pokud bude nečinné více než 14dnů. Pokud budete chtít vlákno aktivovat, napište mi na mail uvedený výše.
Re: Kontrola logu
Bohužel antivir tuto hlášku hlásí znovu
- Přílohy
-
- Snímek obrazovky 2025-10-26 075831.png (25.64 KiB) Zobrazeno 397 x
-
Rudy
- Site Admin
- Příspěvky: 119610
- Registrován: 30 říj 2003 13:42
- Bydliště: Plzeň
- Kontaktovat uživatele:
Re: Kontrola logu
Stále si myslím, že je to celé nějaká ptákovina (www.james008.net patří našemu kolegovi). Přesto vyčistětete prohlížeče těmito utilitami:
1. Stahnete Zoek.exe https://sdilej.cz/29519076/zoek.rar a ulozte jej na plochu
Pokud pouzivate Win Vista ci W7, kliknete na Zoek pravym a dejte Run As Administrator ci Spustit jako spravce
Do okna vlozte skript nize
Nasledne kliknete na Run Script
PC provede opravu, restartuje se a da Vam log, jeho obsah vlozte sem.
a po něm
2. Junkware removal tool: https://www.stahuj.cz/utility_a_ostatni ... oval-tool/
•Ulozte nejlepe na plochu
•Po spusteni se zobrazi licencni podminky, stisknete libovolnou klavesu
•Probehne vytvoreni zalohy a nasledne prohledavani
•Probehne skenovani a pak se objevi log, pripadne bude ulozen v c:\JRT jako JRT.txt, ten sem vlozte.
1. Stahnete Zoek.exe https://sdilej.cz/29519076/zoek.rar a ulozte jej na plochu
Pokud pouzivate Win Vista ci W7, kliknete na Zoek pravym a dejte Run As Administrator ci Spustit jako spravce
Do okna vlozte skript nize
autoclean;
resethosts;
emptyclsid;
IEdefaults;
FFdefaults;
CHRdefaults;
emptyIEcache;
emptyFFcache;
emptyCHRcache;
emptyalltemp;
emptyflash;
emptyjava;
emptyrecycle.bin;
Nasledne kliknete na Run Script
PC provede opravu, restartuje se a da Vam log, jeho obsah vlozte sem.
a po něm
2. Junkware removal tool: https://www.stahuj.cz/utility_a_ostatni ... oval-tool/
•Ulozte nejlepe na plochu
•Po spusteni se zobrazi licencni podminky, stisknete libovolnou klavesu
•Probehne vytvoreni zalohy a nasledne prohledavani
•Probehne skenovani a pak se objevi log, pripadne bude ulozen v c:\JRT jako JRT.txt, ten sem vlozte.
Dotazy a logy vkládejte pouze do vašich threadů. Soukromé zprávy, icq a e-maily neslouží k řešení vašich problémů.
Podpořte, prosím, naše fórum : https://platba.viry.cz/payment/.
Navštivte:
e-mail: rudy(zavináč)forum.viry.cz
Varování: Před odvirováním PC si udělejte zálohy svých důležitých dat (pošta, kontakty, dokumenty, fotografie, videa, hudba apod.). Virus mimo svých "viditelných" aktivit může poškodit systém!
Po dořešení vašeho problému bude vlákno zamknuto. Stejně tak tehdy, pokud bude nečinné více než 14dnů. Pokud budete chtít vlákno aktivovat, napište mi na mail uvedený výše.
Podpořte, prosím, naše fórum : https://platba.viry.cz/payment/.
Navštivte:
e-mail: rudy(zavináč)forum.viry.cz
Varování: Před odvirováním PC si udělejte zálohy svých důležitých dat (pošta, kontakty, dokumenty, fotografie, videa, hudba apod.). Virus mimo svých "viditelných" aktivit může poškodit systém!
Po dořešení vašeho problému bude vlákno zamknuto. Stejně tak tehdy, pokud bude nečinné více než 14dnů. Pokud budete chtít vlákno aktivovat, napište mi na mail uvedený výše.
Re: Kontrola logu
~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~
Junkware Removal Tool (JRT) by Malwarebytes
Version: 8.1.4 (07.09.2017)
Operating System: Windows 10 Enterprise x64
Ran by PF (Administrator) on 26.10.2025 at 14:51:20,23
~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~
File System: 2
Successfully deleted: C:\Users\PF\AppData\Local\out of the park developments (Folder)
Successfully deleted: C:\Users\PF\AppData\Roaming\out of the park developments (Folder)
Registry: 2
Successfully deleted: HKLM\Software\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{1FD49718-1D00-4B19-AF5F-070AF6D5D54C} (Registry Key)
Successfully deleted: HKLM\Software\Wow6432Node\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{1FD49718-1D00-4B19-AF5F-070AF6D5D54C} (Registry Key)
~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~
Scan was completed on 26.10.2025 at 14:53:56,06
End of JRT log
~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~
Junkware Removal Tool (JRT) by Malwarebytes
Version: 8.1.4 (07.09.2017)
Operating System: Windows 10 Enterprise x64
Ran by PF (Administrator) on 26.10.2025 at 14:51:20,23
~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~
File System: 2
Successfully deleted: C:\Users\PF\AppData\Local\out of the park developments (Folder)
Successfully deleted: C:\Users\PF\AppData\Roaming\out of the park developments (Folder)
Registry: 2
Successfully deleted: HKLM\Software\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{1FD49718-1D00-4B19-AF5F-070AF6D5D54C} (Registry Key)
Successfully deleted: HKLM\Software\Wow6432Node\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{1FD49718-1D00-4B19-AF5F-070AF6D5D54C} (Registry Key)
~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~
Scan was completed on 26.10.2025 at 14:53:56,06
End of JRT log
~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~
- Přílohy
-
- zoek-results.rar
- (44.28 KiB) Staženo 9 x
-
Rudy
- Site Admin
- Příspěvky: 119610
- Registrován: 30 říj 2003 13:42
- Bydliště: Plzeň
- Kontaktovat uživatele:
Re: Kontrola logu
Utility smazaly co měly. Nastala nyní změna?
Dotazy a logy vkládejte pouze do vašich threadů. Soukromé zprávy, icq a e-maily neslouží k řešení vašich problémů.
Podpořte, prosím, naše fórum : https://platba.viry.cz/payment/.
Navštivte:
e-mail: rudy(zavináč)forum.viry.cz
Varování: Před odvirováním PC si udělejte zálohy svých důležitých dat (pošta, kontakty, dokumenty, fotografie, videa, hudba apod.). Virus mimo svých "viditelných" aktivit může poškodit systém!
Po dořešení vašeho problému bude vlákno zamknuto. Stejně tak tehdy, pokud bude nečinné více než 14dnů. Pokud budete chtít vlákno aktivovat, napište mi na mail uvedený výše.
Podpořte, prosím, naše fórum : https://platba.viry.cz/payment/.
Navštivte:
e-mail: rudy(zavináč)forum.viry.cz
Varování: Před odvirováním PC si udělejte zálohy svých důležitých dat (pošta, kontakty, dokumenty, fotografie, videa, hudba apod.). Virus mimo svých "viditelných" aktivit může poškodit systém!
Po dořešení vašeho problému bude vlákno zamknuto. Stejně tak tehdy, pokud bude nečinné více než 14dnů. Pokud budete chtít vlákno aktivovat, napište mi na mail uvedený výše.
Re: Kontrola logu
Žádna změna. Zkusím si vyhledat co s tím. Asi máte pravdu,že je to nějaka blbůstka,
Re: Kontrola logu
Akvyskakuje iba jame008, tak ho daj do vynimiek
Ak vyskakuje este nieco vloz obrazok
Ak vyskakuje este nieco vloz obrazok
FRST |ADWCleaner |MBAM |CCleaner |AVPTool
V prípade spokojnosti je možné podporiť fórum https://platba.viry.cz/payment/
V prípade spokojnosti je možné podporiť fórum https://platba.viry.cz/payment/
Re: Kontrola logu
jen james008.net
Přispějete na provoz fóra?