Odvirování PC, zrychlení počítače, vzdálená pomoc prostřednictvím služby neslape.cz

Prevence

Nemáte v tuto chvíli žádný problém s pc a chcete se jen ujistit, že je vše v pořádku?
Vložte log z FRST nebo RSIT.

Moderátor: Moderátoři

Pravidla fóra
Pokud chcete pomoc, vložte log z FRST [návod zde] nebo RSIT [návod zde]

Jednotlivé thready budou po vyřešení uzamčeny. Stejně tak ty, které budou nečinné déle než 14 dní. Vizte Pravidlo o zamykání témat. Děkujeme za pochopení.

!NOVINKA!
Nově lze využívat služby vzdálené pomoci, kdy se k vašemu počítači připojí odborník a bližší informace o problému si od vás získá telefonicky! Více na www.neslape.cz
Zamčeno
Zpráva
Autor
Uživatelský avatar
PredyP
Vzorný návštěvník
Vzorný návštěvník
Příspěvky: 1264
Registrován: 24 kvě 2007 21:52
Bydliště: Východ Čech

Prevence

#1 Příspěvek od PredyP »

Prosim o kontrolu. Děkuji :worship:
Scan result of Farbar Recovery Scan Tool (FRST) (x64) Version: 27-02-2026
Ran by prede (administrator) on PETR-889BKJ4 (MSI MS-7623) (01-03-2026 21:16:50)
Running from C:\Users\prede\Desktop\FRST64.exe
Loaded Profiles: prede & DefaultAppPool
Platform: Microsoft Windows 10 Pro Version 22H2 19045.6937 (X64) Language: Čeština (Česko)
Default browser: Edge
Boot Mode: Normal

==================== Processes (Whitelisted) =================

(If an entry is included in the fixlist, the process will be closed. The file will not be moved.)

(C:\Program Files (x86)\Steam\steam.exe ->) (Valve Corp. -> Valve Corporation) C:\Program Files (x86)\Steam\bin\cef\cef.win64\steamwebhelper.exe <8>
(C:\Program Files\ESET\ESET Security\ekrn.exe ->) (ESET, spol. s r.o. -> ESET) C:\Program Files\ESET\ESET Security\eguiProxy.exe
(C:\Program Files\ESET\ESET Security\ekrn.exe ->) (ESET, spol. s r.o. -> ESET) C:\Program Files\ESET\ESET Security\eOppFrame.exe
(C:\Program Files\ESET\ESET Security\ekrn.exe ->) (ESET, spol. s r.o. -> ESET) C:\Program Files\ESET\ESET Security\eServiceHost.exe <2>
(C:\Program Files\TeamViewer\TeamViewer_Service.exe ->) (TeamViewer Germany GmbH -> ) C:\Program Files\TeamViewer\crashpad_handler.exe
(C:\Program Files\WindowsApps\Microsoft.GamingServices_34.110.25001.0_x64__8wekyb3d8bbwe\gamingservices.exe ->) (Microsoft Corporation -> Microsoft Corporation) C:\Windows\System32\xgamehelper.exe
(explorer.exe ->) (Valve Corp. -> Valve Corporation) C:\Program Files (x86)\Steam\steam.exe
(Microsoft Corporation -> Microsoft Corporation) C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe <11>
(Microsoft Corporation -> Microsoft Corporation) C:\Program Files\Microsoft OneDrive\26.017.0126.0002\OneDrive.Sync.Service.exe
(services.exe ->) (Adobe Inc. -> Adobe Inc.) C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\armsvc.exe
(services.exe ->) (ESET, spol. s r.o. -> ESET) C:\Program Files\ESET\ESET Secure Data\dlpsrv.exe
(services.exe ->) (ESET, spol. s r.o. -> ESET) C:\Program Files\ESET\ESET Security\efwd.exe
(services.exe ->) (ESET, spol. s r.o. -> ESET) C:\Program Files\ESET\ESET Security\ekrn.exe
(services.exe ->) (Microsoft Corporation -> Microsoft Corporation) C:\Program Files\Common Files\microsoft shared\ClickToRun\OfficeClickToRun.exe
(services.exe ->) (Microsoft Corporation -> Microsoft Corporation) C:\Windows\System32\GameInputSvc.exe <2>
(services.exe ->) (Microsoft Corporation -> Windows (R) Win 7 DDK provider) C:\Program Files\Microsoft GameInput\x64\GameInputRedistService.exe
(services.exe ->) (NVIDIA Corporation -> NVIDIA Corporation) C:\Program Files\NVIDIA Corporation\NvContainer\nvcontainer.exe <3>
(services.exe ->) (NVIDIA Corporation -> NVIDIA Corporation) C:\Windows\System32\DriverStore\FileRepository\nv_dispi.inf_amd64_6548260a81e093a0\Display.NvContainer\NVDisplay.Container.exe <2>
(services.exe ->) (TeamViewer Germany GmbH -> TeamViewer Germany GmbH) C:\Program Files\TeamViewer\TeamViewer_Service.exe
(services.exe ->) (Valve Corp. -> Valve Corporation) C:\Program Files (x86)\Common Files\Steam\steamservice.exe
(svchost.exe ->) (Microsoft Windows -> Microsoft Corporation) C:\Windows\System32\dllhost.exe <3>
(svchost.exe ->) (Microsoft Windows -> Microsoft Corporation) C:\Windows\System32\inetsrv\w3wp.exe
(svchost.exe ->) (Microsoft Windows -> Microsoft Corporation) C:\Windows\System32\MoUsoCoreWorker.exe
(svchost.exe ->) (Microsoft Windows -> Microsoft Corporation) C:\Windows\System32\smartscreen.exe

==================== Registry (Whitelisted) ===================

(If an entry is included in the fixlist, the registry item will be restored to default or removed. The file will not be moved.)

HKLM\...\Run: [egui] => C:\Program Files\ESET\ESET Security\ecmds.exe [285616 2025-11-27] (ESET, spol. s r.o. -> ESET)
HKLM\SOFTWARE\Microsoft\Windows Defender: [DisableAntiSpyware] Restriction <==== ATTENTION
HKLM\SOFTWARE\Microsoft\Windows Defender: [DisableAntiVirus] Restriction <==== ATTENTION
HKLM\SYSTEM\...\Terminal Server: [fDenyTSConnections] = 0 <==== ATTENTION
HKU\S-1-5-21-2179922001-838655488-4161023053-1001\...\Run: [Steam] => C:\Program Files (x86)\Steam\steam.exe [5760152 2026-01-21] (Valve Corp. -> Valve Corporation)
HKU\S-1-5-21-2179922001-838655488-4161023053-1001\...\Run: [Adobe Acrobat Synchronizer] => C:\Program Files\Adobe\Acrobat DC\Acrobat\AdobeCollabSync.exe [41732568 2026-02-17] (Adobe Inc. -> Adobe Systems Incorporated)
HKU\S-1-5-21-2179922001-838655488-4161023053-1001\...\Run: [Microsoft.Lists] => C:\Program Files\Microsoft OneDrive\26.017.0126.0002\OneDrive.Sync.Service.exe [957800 2026-02-26] (Microsoft Corporation -> Microsoft Corporation)
HKU\S-1-5-21-2179922001-838655488-4161023053-1001\...\Run: [CCleaner Smart Cleaning] => C:\Program Files\CCleaner\CCleaner64.exe [45988576 2025-08-14] (Gen Digital Inc. -> Gen Digital Inc.)
HKU\S-1-5-21-2179922001-838655488-4161023053-1001\...\Run: [MicrosoftEdgeAutoLaunch_8D8358F69C65887A7652BC79253FD377] => "C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --no-startup-window --win-session-start [4342352 2026-02-26] (Microsoft Corporation -> Microsoft Corporation)
HKU\S-1-5-21-2179922001-838655488-4161023053-1001\Control Panel\Desktop\\SCRNSAVE.EXE -> C:\Windows\system32\ssText3d.scr [224768 2025-04-12] (Microsoft Windows -> Microsoft Corporation)
HKU\S-1-5-82-3006700770-424185619-1745488364-794895919-4004696415\...\RunOnce: [OneDrive] => C:\Program Files\Microsoft OneDrive\OneDrive.exe [4745616 2026-02-26] (Microsoft Corporation -> Microsoft Corporation)
HKLM\...\Windows x64\Print Processors\Canon MG2200 series Print Processor: C:\Windows\System32\spool\prtprocs\x64\CNMPDB6.DLL [30208 2012-03-26] (Microsoft Windows Hardware Compatibility Publisher -> CANON INC.)
HKLM\...\Print\Monitors\Canon BJ Language Monitor MG2200 series: C:\Windows\system32\CNMLMB6.DLL [389120 2012-03-26] (Microsoft Windows Hardware Compatibility Publisher -> CANON INC.)
GroupPolicy: Restriction ? <==== ATTENTION
Policies: C:\ProgramData\NTUSER.pol: Restriction <==== ATTENTION
HKLM\SOFTWARE\Policies\Google: Restriction <==== ATTENTION
HKLM\SOFTWARE\Policies\Microsoft\Edge: Restriction <==== ATTENTION

==================== Scheduled Tasks (Whitelisted) =================

(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)

Task: {D0ACDA24-2A3F-4BBC-9B10-6478510F41F9} - System32\Tasks\Adobe Acrobat Update Task => C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\AdobeARM.exe [1612800 2026-01-23] (Adobe Inc. -> Adobe Inc.)
Task: {2FE60F05-075C-42CB-A836-02024A764E26} - System32\Tasks\CCleaner Update => C:\Program Files\CCleaner\CCUpdate.exe [3480504 2025-08-14] (Gen Digital Inc. -> Gen Digital Inc.)
Task: {FE5D9F56-C03C-4D41-B674-B14533AA9D5D} - System32\Tasks\CCleanerCrashReporting => C:\Program Files\CCleaner\CCleanerBugReport.exe [6140640 2025-08-14] (Gen Digital Inc. -> Gen Digital Inc.) -> --product 90 --send dumps|report --path "C:\Program Files\CCleaner\LOG" --programpath "C:\Program Files\CCleaner" --guid "19ebd387-b337-48e1-aa59-40943dc1862e" --version "6.39.0.11548" --silent
Task: {C9733612-1F13-4F77-A472-9E65AA8274CF} - System32\Tasks\CCleanerSkipUAC - prede => C:\Program Files\CCleaner\CCleaner.exe [39822560 2025-08-14] (Gen Digital Inc. -> Gen Digital Inc.)
Task: {71237F3E-6FCE-480E-955D-67206F154629} - System32\Tasks\Microsoft\Office\Office Actions Server => C:\Program Files\Microsoft Office\root\vfs\ProgramFilesCommonX64\Microsoft Shared\Office16\ActionsServer\ActionsServer.exe [16258944 2026-02-22] (Microsoft Corporation -> Microsoft Corporation)
Task: {C045B332-7552-476C-B7D4-3DC392328526} - System32\Tasks\Microsoft\Office\Office Automatic Updates 2.0 => C:\Program Files\Common Files\Microsoft Shared\ClickToRun\OfficeC2RClient.exe [28625808 2026-02-14] (Microsoft Corporation -> Microsoft Corporation)
Task: {D40A5554-B69D-4BA3-A6D4-7EB90E5D103B} - System32\Tasks\Microsoft\Office\Office Background Push Maintenance => C:\Program Files\Microsoft Office\root\vfs\ProgramFilesCommonx64\Microsoft Shared\Office16\opushutil.exe [73560 2026-02-22] (Microsoft Corporation -> Microsoft Corporation)
Task: {9A912B5B-36ED-4EAA-A739-F798239C9D4D} - System32\Tasks\Microsoft\Office\Office ClickToRun Service Monitor => C:\Program Files\Common Files\Microsoft Shared\ClickToRun\OfficeC2RClient.exe [28625808 2026-02-14] (Microsoft Corporation -> Microsoft Corporation)
Task: {237C4B53-6028-4166-8503-27212B5E9D62} - System32\Tasks\Microsoft\Office\Office Feature Updates => C:\Program Files\Microsoft Office\root\Office16\sdxhelper.exe [310128 2026-02-22] (Microsoft Corporation -> Microsoft Corporation)
Task: {0097E831-ADD4-4C73-92E2-E616121E0E1C} - System32\Tasks\Microsoft\Office\Office Feature Updates Logon => C:\Program Files\Microsoft Office\root\Office16\sdxhelper.exe [310128 2026-02-22] (Microsoft Corporation -> Microsoft Corporation)
Task: {42444CE6-FD16-49A0-8EB9-06E76310D435} - System32\Tasks\Microsoft\Office\Office Performance Monitor => C:\Program Files\Microsoft Office\root\vfs\ProgramFilesCommonX64\Microsoft Shared\Office16\operfmon.exe [1346840 2026-02-22] (Microsoft Corporation -> Microsoft Corporation)
Task: {A3E5CFAE-8E05-4AEA-BF96-095D9AC4635D} - System32\Tasks\Microsoft\Office\Office Startup Maintenance => C:\Program Files\Microsoft Office\root\vfs\ProgramFilesCommonX64\Microsoft Shared\Office16\ActionsServer\ActionsServer.exe [16258944 2026-02-22] (Microsoft Corporation -> Microsoft Corporation)
Task: {4531E3C1-747A-405B-95DB-C89BE84AE727} - System32\Tasks\NVIDIA App SelfUpdate_{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8} => C:\Program Files\NVIDIA Corporation\NVIDIA App\CEF\NVIDIA App.exe [3324528 2025-10-15] (NVIDIA Corporation -> NVIDIA Corporation)
Task: {8F594775-B3A7-4161-9281-BD52BD64C7A6} - System32\Tasks\OneDrive Per-Machine Standalone Update Task => C:\Program Files\Microsoft OneDrive\OneDriveStandaloneUpdater.exe [4393320 2026-02-26] (Microsoft Corporation -> Microsoft Corporation)
Task: {2D62B624-DA8A-487D-BCE7-A21931AF3FBD} - System32\Tasks\OneDrive Reporting Task-S-1-5-21-2179922001-838655488-4161023053-1001 => C:\Program Files\Microsoft OneDrive\OneDriveStandaloneUpdater.exe [4393320 2026-02-26] (Microsoft Corporation -> Microsoft Corporation)
Task: {92A8B0CF-5BAD-4A32-BEF7-4455A64C1D3C} - System32\Tasks\OneDrive Startup Task-S-1-5-21-2179922001-838655488-4161023053-1001 => C:\Program Files\Microsoft OneDrive\26.017.0126.0002\OneDriveLauncher.exe [746384 2026-02-26] (Microsoft Corporation -> Microsoft Corporation)

(If an entry is included in the fixlist, the task (.job) file will be moved. The file which is running by the task will not be moved.)

Task: C:\Windows\Tasks\CCleanerCrashReporting.job => C:\Program Files\CCleaner\CCleanerBugReport.exe

==================== Internet (Whitelisted) ====================

(If an item is included in the fixlist, if it is a registry item it will be removed or restored to default.)

Tcpip\Parameters: [DhcpNameServer] 85.132.179.206 188.75.176.2
Tcpip\..\Interfaces\{0198a5ad-70cd-46c8-af09-cc06047ce8be}: [DhcpNameServer] 85.132.179.206 188.75.176.2

FireFox:
========
FF Plugin: @microsoft.com/SharePoint,version=14.0 -> C:\Program Files\Microsoft Office\root\Office16\NPSPWRAP.DLL [2026-01-23] (Microsoft Corporation -> Microsoft Corporation)
FF Plugin: Adobe Acrobat -> C:\Program Files\Adobe\Acrobat DC\Acrobat\Air\nppdf32.dll [2026-02-17] (Adobe Inc. -> Adobe Systems Inc.)
FF Plugin-x32: @microsoft.com/Lync,version=15.0 -> C:\Program Files\Microsoft Office\root\VFS\ProgramFilesX86\Mozilla Firefox\plugins\npmeetingjoinpluginoc.dll [2026-02-15] (Microsoft Corporation -> Microsoft Corporation)
FF Plugin-x32: @microsoft.com/SharePoint,version=14.0 -> C:\Program Files\Microsoft Office\root\VFS\ProgramFilesX86\Microsoft Office\Office16\NPSPWRAP.DLL [2025-12-07] (Microsoft Corporation -> Microsoft Corporation)

Edge:
=======
Edge DefaultProfile: Default
Edge Profile: C:\Users\prede\AppData\Local\Microsoft\Edge\User Data\Default [2026-03-01]
Error reading preferences. Please check "Secure Preferences" file for possible corruption. <==== ATTENTION
Edge Extension: (No Name) - C:\Users\prede\AppData\Local\Microsoft\Edge\User Data\Default\Extensions\ghbmnnjooekpmoecnnnilnnbdlolhkhi [2026-03-01] [UpdateUrl:0] <==== ATTENTION
Edge Extension: (No Name) - C:\Users\prede\AppData\Local\Microsoft\Edge\User Data\Default\Extensions\inomeogfingihgjfjlpeplalcfajhgai [2025-04-12] [UpdateUrl:0] <==== ATTENTION
Edge Extension: (No Name) - C:\Users\prede\AppData\Local\Microsoft\Edge\User Data\Default\Extensions\jmjflgjpcpepeafmmgdpfkogkghcpiha [2025-04-12] [UpdateUrl:0] <==== ATTENTION
Edge HKLM-x32\...\Edge\Extension: [nkapkmklnmidbbgjaipbgpcnbomnaakc]

==================== Services (Whitelisted) ===================

(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)

HKLM\SYSTEM\ControlSet001\Services\vdrv1000 => C:\Windows\System32\drivers\vdrv1000.sys [226080 2012-12-06] (H und H Software GmbH -> H+H Software GmbH) <==== ATTENTION (Rootkit!/Locked Service)

R2 AdobeARMservice; C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\armsvc.exe [180216 2026-01-23] (Adobe Inc. -> Adobe Inc.)
S3 CCleanerPerformanceOptimizerService; C:\Program Files\CCleaner\CCleanerPerformanceOptimizerService.exe [1080544 2025-08-14] (Gen Digital Inc. -> Gen Digital Inc.)
R2 ClickToRunSvc; C:\Program Files\Common Files\Microsoft Shared\ClickToRun\OfficeClickToRun.exe [13235088 2026-02-14] (Microsoft Corporation -> Microsoft Corporation)
R2 dlpsrv; C:\Program Files\ESET\ESET Secure Data\dlpsrv.exe [770528 2025-02-12] (ESET, spol. s r.o. -> ESET)
R2 efwd; C:\Program Files\ESET\ESET Security\efwd.exe [5543856 2025-11-27] (ESET, spol. s r.o. -> ESET)
R2 ekrn; C:\Program Files\ESET\ESET Security\ekrn.exe [4980040 2025-11-27] (ESET, spol. s r.o. -> ESET)
R3 ekrnEpfw; C:\Program Files\ESET\ESET Security\ekrn.exe [4980040 2025-11-27] (ESET, spol. s r.o. -> ESET)
S3 FileSyncHelper; C:\Program Files\Microsoft OneDrive\26.017.0126.0002\FileSyncHelper.exe [3618152 2026-02-26] (Microsoft Corporation -> Microsoft Corporation)
R3 GameInputRedistService; C:\Program Files\Microsoft GameInput\x64\GameInputRedistService.exe [302504 2026-02-11] (Microsoft Corporation -> Windows (R) Win 7 DDK provider)
R2 NVDisplay.ContainerLocalSystem; C:\Windows\System32\DriverStore\FileRepository\nv_dispi.inf_amd64_6548260a81e093a0\Display.NvContainer\NVDisplay.Container.exe [1275624 2026-01-21] (NVIDIA Corporation -> NVIDIA Corporation)
S3 OneDrive Updater Service; C:\Program Files\Microsoft OneDrive\26.017.0126.0002\OneDriveUpdaterService.exe [3912552 2026-02-26] (Microsoft Corporation -> Microsoft Corporation)
S3 Sense; C:\Program Files\Windows Defender Advanced Threat Protection\MsSense.exe [803080 2025-11-13] (Microsoft Windows Publisher -> Microsoft Corporation)
R2 TeamViewer; C:\Program Files\TeamViewer\TeamViewer_Service.exe [26113384 2026-02-18] (TeamViewer Germany GmbH -> TeamViewer Germany GmbH)
S3 WdNisSvc; C:\Program Files\Windows Defender\NisSrv.exe [3004048 2019-12-07] (Microsoft Windows Publisher -> Microsoft Corporation)
S3 WinDefend; C:\Program Files\Windows Defender\MsMpEng.exe [103384 2019-12-07] (Microsoft Windows Publisher -> Microsoft Corporation)

===================== Drivers (Whitelisted) ===================

(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)

S3 BthA2dp; C:\Windows\System32\drivers\BthA2dp.sys [279040 2019-12-07] (Microsoft Corporation) [File not signed]
S3 BthHFEnum; C:\Windows\System32\drivers\bthhfenum.sys [144896 2019-12-07] (Microsoft Corporation) [File not signed]
S3 BTHMODEM; C:\Windows\System32\drivers\bthmodem.sys [76800 2019-12-07] (Microsoft Corporation) [File not signed]
R0 DLMFENC; C:\Windows\System32\DRIVERS\DLMFENC.sys [193912 2025-02-28] (ESET, spol. s r.o. -> ESET, spol. s r.o.)
R0 DLPCRYPT; C:\Windows\System32\DRIVERS\dlpcrypt.sys [121728 2022-08-24] (DESlock Limited -> DESlock Ltd.)
R0 dlpvdisk; C:\Windows\System32\DRIVERS\dlpvdisk.sys [127320 2025-02-28] (ESET, spol. s r.o. -> ESET, spol. s r.o.)
R1 eamonm; C:\Windows\System32\DRIVERS\eamonm.sys [232928 2025-11-04] (ESET, spol. s r.o. -> ESET)
R0 edevmon; C:\Windows\System32\DRIVERS\edevmon.sys [139904 2025-11-04] (Microsoft Windows Hardware Compatibility Publisher -> ESET)
S0 eelam; C:\Windows\System32\DRIVERS\eelam.sys [17840 2025-11-27] (Microsoft Windows Early Launch Anti-malware Publisher -> ESET)
R1 ehdrv; C:\Windows\system32\DRIVERS\ehdrv.sys [273768 2025-11-04] (ESET, spol. s r.o. -> ESET)
R2 ekbdflt; C:\Windows\system32\DRIVERS\ekbdflt.sys [57368 2025-11-04] (ESET, spol. s r.o. -> ESET)
R1 epfw; C:\Windows\system32\DRIVERS\epfw.sys [86800 2025-11-04] (ESET, spol. s r.o. -> ESET)
R1 epfwwfp; C:\Windows\system32\DRIVERS\epfwwfp.sys [126552 2025-11-04] (ESET, spol. s r.o. -> ESET)
R3 vcd10bus; C:\Windows\System32\drivers\vcd10bus.sys [40464 2008-06-17] (H und H Software GmbH -> H+H Software GmbH)
R0 VDLPToken2; C:\Windows\System32\DRIVERS\vdlptkn2.sys [157256 2025-02-12] (ESET, spol. s r.o. -> ESET, spol. s r.o.)
S5 vdrv1000; C:\Windows\System32\Drivers\vdrv1000.sys [226080 2012-12-06] (H und H Software GmbH -> H+H Software GmbH)
S3 WdBoot; C:\Windows\system32\drivers\WdBoot.sys [46688 2019-12-07] (Microsoft Windows Early Launch Anti-malware Publisher -> Microsoft Corporation)
S3 WdFilter; C:\Windows\system32\drivers\WdFilter.sys [350136 2019-12-07] (Microsoft Windows -> Microsoft Corporation)
S3 WdNisDrv; C:\Windows\System32\Drivers\WdNisDrv.sys [54200 2019-12-07] (Microsoft Windows -> Microsoft Corporation)
S3 HH10Help.sys; \??\C:\Windows\system32\drivers\HH10Help.sys [X]
S5 vdrv1000; <==== ATTENTION: Locked Service

==================== NetSvcs (Whitelisted) ===================

(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)


==================== One month (created) (Whitelisted) =========

(If an entry is included in the fixlist, the file/folder will be moved.)

2026-03-01 21:16 - 2026-03-01 21:17 - 000018212 _____ C:\Users\prede\Desktop\FRST.txt
2026-03-01 21:13 - 2026-03-01 21:17 - 000000000 ____D C:\FRST
2026-03-01 21:13 - 2026-03-01 21:13 - 002445312 _____ (Farbar) C:\Users\prede\Desktop\FRST64.exe
2026-03-01 09:09 - 2026-03-01 09:09 - 000000000 ____D C:\Program Files\Microsoft GameInput
2026-03-01 09:08 - 2026-03-01 09:07 - 000452984 _____ (Microsoft Corporation) C:\Windows\system32\gamingservicesproxy_d.dll.0
2026-02-26 15:37 - 2026-03-01 21:10 - 000000000 ____D C:\XboxGames
2026-02-26 15:37 - 2026-02-26 15:37 - 000000028 ____H C:\.GamingRoot
2026-02-26 15:37 - 2026-02-26 15:36 - 000878968 _____ (Microsoft Corporation) C:\Windows\system32\gameplatformservices.dll.0
2026-02-24 19:13 - 2026-02-24 19:13 - 000000000 ____D C:\Users\UMFD-0.Font Driver Host.002
2026-02-24 19:13 - 2026-02-24 19:13 - 000000000 ____D C:\Users\TEMP.Font Driver Host.002
2026-02-22 12:41 - 2026-02-22 12:41 - 000000000 ____D C:\Program Files\Common Files\DESIGNER
2026-02-16 19:28 - 2026-02-16 19:28 - 000000000 ____D C:\Windows\LastGood.Tmp
2026-01-31 08:31 - 2026-01-21 11:37 - 002402704 _____ C:\Windows\system32\vulkaninfo-1-999-0-0-0.exe
2026-01-31 08:31 - 2026-01-21 11:37 - 002402704 _____ C:\Windows\system32\vulkaninfo.exe
2026-01-31 08:31 - 2026-01-21 11:37 - 001908104 _____ C:\Windows\SysWOW64\vulkaninfo-1-999-0-0-0.exe
2026-01-31 08:31 - 2026-01-21 11:37 - 001908104 _____ C:\Windows\SysWOW64\vulkaninfo.exe
2026-01-31 08:31 - 2026-01-21 11:37 - 001581968 _____ C:\Windows\system32\vulkan-1-999-0-0-0.dll
2026-01-31 08:31 - 2026-01-21 11:37 - 001581968 _____ C:\Windows\system32\vulkan-1.dll
2026-01-31 08:31 - 2026-01-21 11:37 - 001395592 _____ C:\Windows\SysWOW64\vulkan-1-999-0-0-0.dll
2026-01-31 08:31 - 2026-01-21 11:37 - 001395592 _____ C:\Windows\SysWOW64\vulkan-1.dll
2026-01-31 08:31 - 2026-01-21 11:37 - 000478440 _____ (Khronos Group) C:\Windows\system32\OpenCL.dll
2026-01-31 08:31 - 2026-01-21 11:37 - 000375016 _____ (Khronos Group) C:\Windows\SysWOW64\OpenCL.dll
2026-01-31 08:31 - 2026-01-21 11:33 - 001572584 _____ (NVIDIA Corporation) C:\Windows\system32\NvIFR64.dll
2026-01-31 08:31 - 2026-01-21 11:33 - 001322216 _____ (NVIDIA Corporation) C:\Windows\system32\nvml.dll
2026-01-31 08:31 - 2026-01-21 11:33 - 001223400 _____ (NVIDIA Corporation) C:\Windows\SysWOW64\NvIFR.dll
2026-01-31 08:31 - 2026-01-21 11:33 - 000675048 _____ (NVIDIA Corporation) C:\Windows\system32\nvofapi64.dll
2026-01-31 08:31 - 2026-01-21 11:33 - 000509160 _____ (NVIDIA Corporation) C:\Windows\SysWOW64\nvofapi.dll
2026-01-31 08:31 - 2026-01-21 11:32 - 026358504 _____ C:\Windows\system32\nvidia-pcc.exe
2026-01-31 08:31 - 2026-01-21 11:32 - 002317544 _____ (NVIDIA Corporation) C:\Windows\system32\NvFBC64.dll
2026-01-31 08:31 - 2026-01-21 11:32 - 001715944 _____ (NVIDIA Corporation) C:\Windows\SysWOW64\NvFBC.dll
2026-01-31 08:31 - 2026-01-21 11:32 - 001612520 _____ (NVIDIA Corporation) C:\Windows\system32\nvidia-smi.exe
2026-01-31 08:31 - 2026-01-21 11:32 - 000468712 _____ (NVIDIA Corporation) C:\Windows\system32\nvdebugdump.exe
2026-01-31 08:31 - 2026-01-21 11:31 - 024676584 _____ (NVIDIA Corporation) C:\Windows\system32\nvcuvid.dll
2026-01-31 08:31 - 2026-01-21 11:31 - 021714152 _____ (NVIDIA Corporation) C:\Windows\SysWOW64\nvcuvid.dll
2026-01-31 08:31 - 2026-01-21 11:31 - 007683304 _____ (NVIDIA Corporation) C:\Windows\SysWOW64\nvcuda.dll
2026-01-31 08:31 - 2026-01-21 11:31 - 005918952 _____ (NVIDIA Corporation) C:\Windows\system32\nvcpl.dll
2026-01-31 08:31 - 2026-01-21 11:31 - 005469928 _____ (NVIDIA Corporation) C:\Windows\system32\nvcudadebugger.dll
2026-01-31 08:31 - 2026-01-21 11:31 - 004175080 _____ (NVIDIA Corporation) C:\Windows\system32\nvcuda.dll
2026-01-31 08:31 - 2026-01-21 11:30 - 005627096 _____ (NVIDIA Corporation) C:\Windows\system32\nvapi64.dll
2026-01-31 08:31 - 2026-01-21 11:30 - 004925184 _____ (NVIDIA Corporation) C:\Windows\SysWOW64\nvapi.dll
2026-01-31 08:30 - 2026-01-21 11:31 - 000853736 _____ (NVIDIA Corporation) C:\Windows\system32\MCU.exe
2026-01-31 08:30 - 2026-01-20 17:41 - 000149117 _____ C:\Windows\system32\nvinfo.pb
2026-01-31 08:27 - 2026-01-31 08:27 - 000000000 ____D C:\Users\UMFD-0.Font Driver Host.001
2026-01-31 08:27 - 2026-01-31 08:27 - 000000000 ____D C:\Users\TEMP.Font Driver Host.001

==================== One month (modified) ==================

(If an entry is included in the fixlist, the file/folder will be moved.)

2026-03-01 21:17 - 2025-04-12 09:52 - 000000000 ____D C:\Program Files (x86)\Steam
2026-03-01 21:11 - 2025-07-06 06:54 - 000000000 ____D C:\Users\prede\AppData\Local\CrashDumps
2026-03-01 21:10 - 2025-04-12 08:25 - 000000000 ____D C:\Users\prede\AppData\Local\Packages
2026-03-01 21:10 - 2019-12-07 10:14 - 000000000 ___HD C:\Program Files\WindowsApps
2026-03-01 21:10 - 2019-12-07 10:14 - 000000000 ____D C:\Windows\AppReadiness
2026-03-01 21:03 - 2019-12-07 10:14 - 000000000 ____D C:\ProgramData\regid.1991-06.com.microsoft
2026-03-01 20:55 - 2026-01-15 17:41 - 000003384 _____ C:\Windows\system32\Tasks\CCleanerCrashReporting
2026-03-01 20:55 - 2026-01-15 17:41 - 000000670 _____ C:\Windows\Tasks\CCleanerCrashReporting.job
2026-03-01 20:55 - 2025-08-02 12:06 - 000000000 ____D C:\Program Files\CCleaner
2026-03-01 20:54 - 2025-04-12 07:56 - 000000000 ____D C:\Windows\system32\SleepStudy
2026-03-01 15:59 - 2023-12-04 03:52 - 000000000 ____D C:\Windows\SystemTemp
2026-03-01 09:31 - 2025-04-12 08:25 - 000000000 ____D C:\ProgramData\Packages
2026-03-01 09:08 - 2019-12-07 10:13 - 000000000 ____D C:\Windows\INF
2026-03-01 08:18 - 2025-04-12 07:57 - 000002443 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Microsoft Edge.lnk
2026-03-01 08:11 - 2025-04-12 07:57 - 000003640 _____ C:\Windows\system32\Tasks\MicrosoftEdgeUpdateTaskMachineUA
2026-03-01 08:11 - 2025-04-12 07:57 - 000003514 _____ C:\Windows\system32\Tasks\MicrosoftEdgeUpdateTaskMachineCore
2026-02-26 20:18 - 2025-08-02 12:28 - 000000000 ____D C:\ProgramData\NVIDIA
2026-02-26 15:58 - 2025-04-12 08:10 - 001771612 _____ C:\Windows\system32\PerfStringBackup.INI
2026-02-26 15:58 - 2019-12-07 15:43 - 000747592 _____ C:\Windows\system32\perfh005.dat
2026-02-26 15:58 - 2019-12-07 15:43 - 000154930 _____ C:\Windows\system32\perfc005.dat
2026-02-26 15:54 - 2025-04-13 13:39 - 000000000 ____D C:\Program Files\Microsoft OneDrive
2026-02-26 15:54 - 2025-04-12 09:55 - 000000000 ____D C:\Program Files\TeamViewer
2026-02-26 15:54 - 2025-04-12 07:56 - 000000006 ____H C:\Windows\Tasks\SA.DAT
2026-02-26 15:54 - 2024-12-14 18:51 - 000008192 ___SH C:\DumpStack.log.tmp
2026-02-26 15:54 - 2019-12-07 10:03 - 001048576 _____ C:\Windows\system32\config\BBI
2026-02-26 15:37 - 2025-04-12 19:12 - 000000000 ____D C:\Users\prede\AppData\Local\PlaceholderTileLogoFolder
2026-02-26 14:51 - 2025-04-13 13:39 - 000003546 _____ C:\Windows\system32\Tasks\OneDrive Startup Task-S-1-5-21-2179922001-838655488-4161023053-1001
2026-02-26 14:51 - 2025-04-12 12:04 - 000003194 _____ C:\Windows\system32\Tasks\OneDrive Per-Machine Standalone Update Task
2026-02-26 14:51 - 2025-04-12 12:04 - 000001990 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Programs\OneDrive.lnk
2026-02-26 14:51 - 2025-04-12 10:21 - 000004562 _____ C:\Windows\system32\Tasks\Adobe Acrobat Update Task
2026-02-26 14:51 - 2025-04-12 08:28 - 000003592 _____ C:\Windows\system32\Tasks\OneDrive Reporting Task-S-1-5-21-2179922001-838655488-4161023053-1001
2026-02-23 19:20 - 2025-04-12 11:53 - 000000000 ____D C:\Program Files\Microsoft Office
2026-02-19 15:35 - 2025-04-12 10:21 - 000002040 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Adobe Acrobat.lnk
2026-02-17 20:15 - 2025-04-12 09:55 - 000000000 ____D C:\Users\prede\AppData\Local\Steam
2026-02-17 20:14 - 2025-08-02 12:29 - 000000000 ____D C:\Users\prede\AppData\Local\NVIDIA
2026-02-16 19:28 - 2025-08-02 12:28 - 000000000 ____D C:\Windows\system32\Drivers\NVIDIA Corporation
2026-02-15 16:58 - 2025-04-12 07:56 - 000440320 _____ C:\Windows\system32\FNTCACHE.DAT
2026-02-15 16:57 - 2019-12-07 10:14 - 000000000 ____D C:\Windows\SysWOW64\setup
2026-02-15 16:57 - 2019-12-07 10:14 - 000000000 ____D C:\Windows\SystemResources
2026-02-15 16:57 - 2019-12-07 10:14 - 000000000 ____D C:\Windows\system32\setup
2026-02-15 16:57 - 2019-12-07 10:14 - 000000000 ____D C:\Windows\system32\SecureBootUpdates
2026-02-15 16:57 - 2019-12-07 10:14 - 000000000 ____D C:\Windows\bcastdvr
2026-02-15 16:55 - 2019-12-07 10:03 - 000000000 ____D C:\Windows\CbsTemp
2026-02-15 16:50 - 2025-04-12 07:59 - 003016192 _____ (Microsoft Corporation) C:\Windows\SysWOW64\PrintConfig.dll
2026-02-15 16:35 - 2025-04-12 17:22 - 000000000 ____D C:\ProgramData\Package Cache
2026-02-15 16:16 - 2025-04-12 10:56 - 000000000 ____D C:\Windows\system32\MRT
2026-02-15 16:10 - 2025-04-12 10:56 - 221154392 ____C (Microsoft Corporation) C:\Windows\system32\MRT.exe

==================== SigCheck ============================

(There is no automatic fix for files that do not pass verification.)

==================== End of FRST.txt ========================
Additional scan result of Farbar Recovery Scan Tool (x64) Version: 27-02-2026
Ran by prede (01-03-2026 21:18:47)
Running from C:\Users\prede\Desktop
Microsoft Windows 10 Pro Version 22H2 19045.6937 (X64) (2025-04-12 07:06:06)
Boot Mode: Normal
==========================================================


==================== Accounts: =============================

(If an entry is included in the fixlist, it will be removed.)

Administrator (S-1-5-21-2179922001-838655488-4161023053-500 - Administrators - Disabled)
DefaultAccount (S-1-5-21-2179922001-838655488-4161023053-503 - Limited - Disabled)
Guest (S-1-5-21-2179922001-838655488-4161023053-501 - Limited - Disabled)
prede (S-1-5-21-2179922001-838655488-4161023053-1001 - Administrators - Enabled) => C:\Users\prede
WDAGUtilityAccount (S-1-5-21-2179922001-838655488-4161023053-504 - Limited - Disabled)

==================== Security Center ========================

(If an entry is included in the fixlist, it will be removed.)

AV: Windows Defender (Disabled - Up to date) {D68DDC3A-831F-4fae-9E44-DA132C1ACF46}
AV: ESET Security (Enabled - Up to date) {26E0861C-6FB9-CEF9-E4F0-531986211ACE}
FW: ESET Firewall (Enabled) {1EDB0739-25D6-CFA1-CFAF-FA2C78F25DB5}

==================== Installed Programs ======================

(Only the adware programs with "Hidden" flag could be added to the fixlist to unhide them. The adware programs should be uninstalled manually.)

Adobe Acrobat (64-bit) (HKLM\...\{AC76BA86-1029-1033-7760-BC15014EA700}) (Version: 25.001.21223 - Adobe)
Adobe Refresh Manager (HKLM-x32\...\{AC76BA86-0804-1033-1959-018244601149}) (Version: 1.8.0 - Adobe Systems Incorporated) Hidden
AIDA64 Extreme v7.70 (HKLM-x32\...\AIDA64 Extreme_is1) (Version: 7.70 - FinalWire Ltd.)
Canon IJ Scan Utility (HKLM-x32\...\Canon_IJ_Scan_Utility) (Version: - ‪Canon Inc.‬)
Canon MG2200 series MP Drivers (HKLM\...\{1199FAD5-9546-44f3-81CF-FFDB8040B7BF}_Canon_MG2200_series) (Version: 1.01 - Canon Inc.)
CCleaner (HKLM\...\CCleaner) (Version: 6.39 - Piriform)
ESET Secure Data (HKLM\...\{FFD0ED33-BC12-422F-85B2-DB0EA628F253}) (Version: 2.1.8.0 - ESET, spol. s r.o.) Hidden
ESET Security (HKLM\...\{19FDE898-2447-4358-86AD-D7D1926CF8B8}) (Version: 19.0.14.0 - ESET, spol. s r.o.)
Microsoft 365 Apps pro firmy - cs-cz (HKLM\...\O365BusinessRetail - cs-cz) (Version: 16.0.19628.20214 - Microsoft Corporation)
Microsoft Edge (HKLM-x32\...\Microsoft Edge) (Version: 145.0.3800.82 - Microsoft Corporation)
Microsoft Edge WebView2 Runtime (HKLM-x32\...\Microsoft EdgeWebView) (Version: 145.0.3800.82 - Microsoft Corporation) Hidden
Microsoft GameInput (HKLM\...\{9F5D508B-EA43-4FA2-B0B6-8158A389442B}) (Version: 3.2.138.0 - Microsoft Corporation)
Microsoft OneDrive (HKLM\...\OneDriveSetup.exe) (Version: 26.017.0126.0002 - Microsoft Corporation)
Microsoft Update Health Tools (HKLM\...\{1FC1A6C2-576E-489A-9B4A-92D21F542136}) (Version: 3.74.0.0 - Microsoft Corporation)
Microsoft Visual C++ 2005 Redistributable (x64) (HKLM\...\{ad8a2fa1-06e7-4b0d-927d-6e54b3d31028}) (Version: 8.0.61000 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x64 9.0.30729.4148 (HKLM\...\{4B6C7001-C7D6-3710-913E-5BC23FCE91E6}) (Version: 9.0.30729.4148 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.6161 (HKLM-x32\...\{9BE518E6-ECC6-35A9-88E4-87755C07200F}) (Version: 9.0.30729.6161 - Microsoft Corporation)
Microsoft Visual C++ 2015-2022 Redistributable (x64) - 14.44.35211 (HKLM-x32\...\{d8bbe9f9-7c5b-42c6-b715-9ee898a2e515}) (Version: 14.44.35211.0 - Microsoft Corporation)
Microsoft Visual C++ 2015-2022 Redistributable (x86) - 14.44.35211 (HKLM-x32\...\{0b5169e3-39da-4313-808e-1f9c0407f3bf}) (Version: 14.44.35211.0 - Microsoft Corporation)
Microsoft Visual C++ 2022 X64 Additional Runtime - 14.44.35211 (HKLM\...\{86AB2CC9-08BD-4643-B0F9-F82D006D72FF}) (Version: 14.44.35211 - Microsoft Corporation) Hidden
Microsoft Visual C++ 2022 X64 Minimum Runtime - 14.44.35211 (HKLM\...\{43B0D101-A022-48F4-9D04-BA404CEB1D53}) (Version: 14.44.35211 - Microsoft Corporation) Hidden
Microsoft Visual C++ 2022 X86 Additional Runtime - 14.44.35211 (HKLM-x32\...\{C18FB403-1E88-43C8-AD8A-CED50F23DE8B}) (Version: 14.44.35211 - Microsoft Corporation) Hidden
Microsoft Visual C++ 2022 X86 Minimum Runtime - 14.44.35211 (HKLM-x32\...\{922480B5-CAEB-4B1B-AAA4-9716EFDCE26B}) (Version: 14.44.35211 - Microsoft Corporation) Hidden
NVIDIA App 11.0.5.420 (HKLM\...\{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_Display.NvApp) (Version: 11.0.5.420 - NVIDIA Corporation)
NVIDIA FrameView SDK 1.5.11504.36206172 (HKLM\...\{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_FrameViewSdk) (Version: 1.5.11504.36206172 - NVIDIA Corporation)
NVIDIA Ovladač HD audia 1.4.5.0 (HKLM\...\{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_HDAudio.Driver) (Version: 1.4.5.0 - NVIDIA Corporation)
NVIDIA Ovladače grafiky 582.28 (HKLM\...\{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_Display.Driver) (Version: 582.28 - NVIDIA Corporation)
NVIDIA Systémový software PhysX 9.23.1019 (HKLM\...\{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_Display.PhysX) (Version: 9.23.1019 - NVIDIA Corporation)
Office 16 Click-to-Run Extensibility Component (HKLM\...\{90160000-008C-0000-1000-0000000FF1CE}) (Version: 16.0.19628.20214 - Microsoft Corporation) Hidden
Office 16 Click-to-Run Licensing Component (HKLM\...\{90160000-007E-0000-1000-0000000FF1CE}) (Version: 16.0.19029.20208 - Microsoft Corporation) Hidden
Steam (HKLM-x32\...\Steam) (Version: 2.10.91.91 - Valve Corporation)
TeamViewer (HKLM\...\TeamViewer) (Version: 15.75.4 - TeamViewer)
Update for x64-based Windows Systems (KB5001716) (HKLM\...\{B8D93870-98D1-4980-AFCA-E26563CDFB79}) (Version: 8.94.0.0 - Microsoft Corporation)
WinRAR 7.01 (64-bit) (HKLM\...\WinRAR archiver) (Version: 7.01.0 - win.rar GmbH)

Packages:
=========
Ace DVD Player -> C:\Program Files\WindowsApps\22858LISAppStudio.AceDVDPlayer_2.6.1.0_x64__jph5be7mh3xc4 [2026-02-15] (LISApp Studio)
Local AI Manager for Microsoft 365 -> C:\Program Files\Microsoft Office\root\vfs\ProgramFilesCommonx64\Microsoft Shared\Office16\AI [2026-02-23] ()
Microsoft.Office.ActionsServer -> C:\Program Files\Microsoft Office\root\vfs\ProgramFilesCommonx64\Microsoft Shared\Office16\ActionsServer [2026-02-23] ()
NVIDIA Control Panel -> C:\Program Files\WindowsApps\NVIDIACorp.NVIDIAControlPanel_8.1.969.0_x64__56jybvy8sckqj [2025-11-06] (NVIDIA Corp.)
OfficePushNotificationsUtility -> C:\Program Files\Microsoft Office\root\vfs\ProgramFilesCommonx64\Microsoft Shared\Office16 [2026-02-23] ()
WinAppRuntime.Main.1.8 -> C:\Program Files\WindowsApps\MicrosoftCorporationII.WinAppRuntime.Main.1.8_8000.770.947.0_x64__8wekyb3d8bbwe [2026-03-01] (Microsoft Corp.)
WinAppRuntime.Singleton -> C:\Program Files\WindowsApps\MicrosoftCorporationII.WinAppRuntime.Singleton_8000.770.947.0_x64__8wekyb3d8bbwe [2026-03-01] (Microsoft Corp.)
YouTube Music -> C:\Program Files\WindowsApps\music.youtube.com-5929F88E_1.0.0.0_neutral__vezhnr0wkvrcy [2025-04-13] (music.youtube.com)

==================== Custom CLSID (Whitelisted): ==============

(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)

CustomCLSID: HKU\S-1-5-21-2179922001-838655488-4161023053-1001_Classes\CLSID\{13357088-9834-0409-1600-134951500000}\localserver32 -> C:\Program Files\Adobe\Acrobat DC\Acrobat\ADNotificationManager.exe (Adobe Inc. -> Adobe)
CustomCLSID: HKU\S-1-5-21-2179922001-838655488-4161023053-1001_Classes\CLSID\{38142727-3008-9161-1521-349515000000}\localserver32 -> C:\Program Files\Adobe\Acrobat DC\Acrobat\ADNotificationManager.exe (Adobe Inc. -> Adobe)
CustomCLSID: HKU\S-1-5-21-2179922001-838655488-4161023053-1001_Classes\CLSID\{6e1f4e4d-65f7-4c83-be2e-9e6683cda268}\localserver32 -> C:\Program Files\ESET\ESET Security\egui.exe (ESET, spol. s r.o. -> ESET)
ShellIconOverlayIdentifiers: [ OneDrive1] -> {BBACC218-34EA-4666-9D7A-C78F2274A524} => C:\Program Files\Microsoft OneDrive\26.017.0126.0002\FileSyncShell64.dll [2026-02-26] (Microsoft Corporation -> Microsoft Corporation)
ShellIconOverlayIdentifiers: [ OneDrive2] -> {5AB7172C-9C11-405C-8DD5-AF20F3606282} => C:\Program Files\Microsoft OneDrive\26.017.0126.0002\FileSyncShell64.dll [2026-02-26] (Microsoft Corporation -> Microsoft Corporation)
ShellIconOverlayIdentifiers: [ OneDrive3] -> {A78ED123-AB77-406B-9962-2A5D9D2F7F30} => C:\Program Files\Microsoft OneDrive\26.017.0126.0002\FileSyncShell64.dll [2026-02-26] (Microsoft Corporation -> Microsoft Corporation)
ShellIconOverlayIdentifiers: [ OneDrive4] -> {F241C880-6982-4CE5-8CF7-7085BA96DA5A} => C:\Program Files\Microsoft OneDrive\26.017.0126.0002\FileSyncShell64.dll [2026-02-26] (Microsoft Corporation -> Microsoft Corporation)
ShellIconOverlayIdentifiers: [ OneDrive5] -> {A0396A93-DC06-4AEF-BEE9-95FFCCAEF20E} => C:\Program Files\Microsoft OneDrive\26.017.0126.0002\FileSyncShell64.dll [2026-02-26] (Microsoft Corporation -> Microsoft Corporation)
ShellIconOverlayIdentifiers: [ OneDrive6] -> {9AA2F32D-362A-42D9-9328-24A483E2CCC3} => C:\Program Files\Microsoft OneDrive\26.017.0126.0002\FileSyncShell64.dll [2026-02-26] (Microsoft Corporation -> Microsoft Corporation)
ShellIconOverlayIdentifiers: [ OneDrive7] -> {C5FF006E-2AE9-408C-B85B-2DFDD5449D9C} => C:\Program Files\Microsoft OneDrive\26.017.0126.0002\FileSyncShell64.dll [2026-02-26] (Microsoft Corporation -> Microsoft Corporation)
ShellIconOverlayIdentifiers: [ESD Shell Icon Overlay Identifier] -> {AF106685-9C86-48AF-8524-8F485C459E17} => C:\Program Files\ESET\ESET Secure Data\esdovrly.dll [2025-02-12] (ESET, spol. s r.o. -> DESlock Limited)
ShellIconOverlayIdentifiers-x32: [ OneDrive1] -> {BBACC218-34EA-4666-9D7A-C78F2274A524} => C:\Program Files\Microsoft OneDrive\26.017.0126.0002\FileSyncShell64.dll [2026-02-26] (Microsoft Corporation -> Microsoft Corporation)
ShellIconOverlayIdentifiers-x32: [ OneDrive2] -> {5AB7172C-9C11-405C-8DD5-AF20F3606282} => C:\Program Files\Microsoft OneDrive\26.017.0126.0002\FileSyncShell64.dll [2026-02-26] (Microsoft Corporation -> Microsoft Corporation)
ShellIconOverlayIdentifiers-x32: [ OneDrive3] -> {A78ED123-AB77-406B-9962-2A5D9D2F7F30} => C:\Program Files\Microsoft OneDrive\26.017.0126.0002\FileSyncShell64.dll [2026-02-26] (Microsoft Corporation -> Microsoft Corporation)
ShellIconOverlayIdentifiers-x32: [ OneDrive4] -> {F241C880-6982-4CE5-8CF7-7085BA96DA5A} => C:\Program Files\Microsoft OneDrive\26.017.0126.0002\FileSyncShell64.dll [2026-02-26] (Microsoft Corporation -> Microsoft Corporation)
ShellIconOverlayIdentifiers-x32: [ OneDrive5] -> {A0396A93-DC06-4AEF-BEE9-95FFCCAEF20E} => C:\Program Files\Microsoft OneDrive\26.017.0126.0002\FileSyncShell64.dll [2026-02-26] (Microsoft Corporation -> Microsoft Corporation)
ShellIconOverlayIdentifiers-x32: [ OneDrive6] -> {9AA2F32D-362A-42D9-9328-24A483E2CCC3} => C:\Program Files\Microsoft OneDrive\26.017.0126.0002\FileSyncShell64.dll [2026-02-26] (Microsoft Corporation -> Microsoft Corporation)
ShellIconOverlayIdentifiers-x32: [ OneDrive7] -> {C5FF006E-2AE9-408C-B85B-2DFDD5449D9C} => C:\Program Files\Microsoft OneDrive\26.017.0126.0002\FileSyncShell64.dll [2026-02-26] (Microsoft Corporation -> Microsoft Corporation)
ContextMenuHandlers1: [ FileSyncEx] -> {CB3D0F55-BC2C-4C1A-85ED-23ED75B5106B} => C:\Program Files\Microsoft OneDrive\26.017.0126.0002\FileSyncShell64.dll [2026-02-26] (Microsoft Corporation -> Microsoft Corporation)
ContextMenuHandlers1: [Adobe.Acrobat.ContextMenu] -> {A6595CD1-BF77-430A-A452-18696685F7C7} => C:\Program Files\Adobe\Acrobat DC\Acrobat Elements\ContextMenuShim64.dll [2026-02-17] (Adobe Inc. -> Adobe Systems Inc.)
ContextMenuHandlers1: [ESET Security Shell] -> {B089FE88-FB52-11D3-BDF1-0050DA34150D} => C:\Program Files\ESET\ESET Security\shellExt.dll [2025-11-27] (ESET, spol. s r.o. -> ESET)
ContextMenuHandlers1: [WinRAR] -> {B41DB860-64E4-11D2-9906-E49FADC173CA} => C:\Program Files\WinRAR\rarext.dll [2024-05-12] (win.rar GmbH -> Alexander Roshal)
ContextMenuHandlers1-x32: [WinRAR32] -> {B41DB860-8EE4-11D2-9906-E49FADC173CA} => C:\Program Files\WinRAR\rarext32.dll [2024-05-12] (win.rar GmbH -> Alexander Roshal)
ContextMenuHandlers2: [ESET Security Shell] -> {B089FE88-FB52-11D3-BDF1-0050DA34150D} => C:\Program Files\ESET\ESET Security\shellExt.dll [2025-11-27] (ESET, spol. s r.o. -> ESET)
ContextMenuHandlers4: [ FileSyncEx] -> {CB3D0F55-BC2C-4C1A-85ED-23ED75B5106B} => C:\Program Files\Microsoft OneDrive\26.017.0126.0002\FileSyncShell64.dll [2026-02-26] (Microsoft Corporation -> Microsoft Corporation)
ContextMenuHandlers5: [ FileSyncEx] -> {CB3D0F55-BC2C-4C1A-85ED-23ED75B5106B} => C:\Program Files\Microsoft OneDrive\26.017.0126.0002\FileSyncShell64.dll [2026-02-26] (Microsoft Corporation -> Microsoft Corporation)
ContextMenuHandlers5: [NvCplDesktopContext] -> {3D1975AF-48C6-4f8e-A182-BE0E08FA86A9} => C:\Windows\System32\DriverStore\FileRepository\nv_dispi.inf_amd64_6548260a81e093a0\nvshext.dll [2026-01-21] (NVIDIA Corporation -> NVIDIA Corporation)
ContextMenuHandlers6: [ESET Security Shell] -> {B089FE88-FB52-11D3-BDF1-0050DA34150D} => C:\Program Files\ESET\ESET Security\shellExt.dll [2025-11-27] (ESET, spol. s r.o. -> ESET)
ContextMenuHandlers6: [WinRAR] -> {B41DB860-64E4-11D2-9906-E49FADC173CA} => C:\Program Files\WinRAR\rarext.dll [2024-05-12] (win.rar GmbH -> Alexander Roshal)
ContextMenuHandlers6-x32: [WinRAR32] -> {B41DB860-8EE4-11D2-9906-E49FADC173CA} => C:\Program Files\WinRAR\rarext32.dll [2024-05-12] (win.rar GmbH -> Alexander Roshal)

==================== Codecs (Whitelisted) ====================

==================== Shortcuts & WMI ========================

==================== Loaded Modules (Whitelisted) =============

2025-08-02 12:16 - 2025-11-10 20:35 - 000000000 ____L (NVIDIA Corporation) [symlink -> C:\Program Files\NVIDIA Corporation\NVIDIA App\MessageBus\NvMessageBusBroadcast.dll] C:\Program Files\NVIDIA Corporation\NvContainer\plugins\LocalSystem\NvMessageBusBroadcast.dll

==================== Alternate Data Streams (Whitelisted) ========

==================== Safe Mode (Whitelisted) ==================

==================== Association (Whitelisted) =================

==================== Internet Explorer (Whitelisted) =============

BHO: Skype for Business Browser Helper -> {31D09BA0-12F5-4CCE-BE8A-2923E76605DA} -> C:\Program Files\Microsoft Office\root\Office16\OCHelper.dll [2026-02-15] (Microsoft Corporation -> Microsoft Corporation)
BHO-x32: Skype for Business Browser Helper -> {31D09BA0-12F5-4CCE-BE8A-2923E76605DA} -> C:\Program Files\Microsoft Office\root\VFS\ProgramFilesX86\Microsoft Office\Office16\OCHelper.dll [2026-02-15] (Microsoft Corporation -> Microsoft Corporation)
Handler: mso-minsb-roaming.16 - {83C25742-A9F7-49FB-9138-434302C88D07} - C:\Program Files\Microsoft Office\root\Office16\MSOSB.DLL [2026-02-22] (Microsoft Corporation -> Microsoft Corporation)
Handler-x32: mso-minsb-roaming.16 - {83C25742-A9F7-49FB-9138-434302C88D07} - C:\Program Files\Microsoft Office\root\VFS\ProgramFilesX86\Microsoft Office\Office16\MSOSB.DLL [2026-02-22] (Microsoft Corporation -> Microsoft Corporation)
Handler: mso-minsb.16 - {42089D2D-912D-4018-9087-2B87803E93FB} - C:\Program Files\Microsoft Office\root\Office16\MSOSB.DLL [2026-02-22] (Microsoft Corporation -> Microsoft Corporation)
Handler-x32: mso-minsb.16 - {42089D2D-912D-4018-9087-2B87803E93FB} - C:\Program Files\Microsoft Office\root\VFS\ProgramFilesX86\Microsoft Office\Office16\MSOSB.DLL [2026-02-22] (Microsoft Corporation -> Microsoft Corporation)
Handler: osf-roaming.16 - {42089D2D-912D-4018-9087-2B87803E93FB} - C:\Program Files\Microsoft Office\root\Office16\MSOSB.DLL [2026-02-22] (Microsoft Corporation -> Microsoft Corporation)
Handler-x32: osf-roaming.16 - {42089D2D-912D-4018-9087-2B87803E93FB} - C:\Program Files\Microsoft Office\root\VFS\ProgramFilesX86\Microsoft Office\Office16\MSOSB.DLL [2026-02-22] (Microsoft Corporation -> Microsoft Corporation)
Handler: osf.16 - {5504BE45-A83B-4808-900A-3A5C36E7F77A} - C:\Program Files\Microsoft Office\root\Office16\MSOSB.DLL [2026-02-22] (Microsoft Corporation -> Microsoft Corporation)
Handler-x32: osf.16 - {5504BE45-A83B-4808-900A-3A5C36E7F77A} - C:\Program Files\Microsoft Office\root\VFS\ProgramFilesX86\Microsoft Office\Office16\MSOSB.DLL [2026-02-22] (Microsoft Corporation -> Microsoft Corporation)

(If an entry is included in the fixlist, it will be removed from the registry.)

IE trusted site: HKU\S-1-5-21-2179922001-838655488-4161023053-1001\...\sharepoint.com -> hxxps://kbagrafitec-files.sharepoint.com

==================== Hosts content: =========================

(If needed Hosts: directive could be included in the fixlist to reset Hosts.)

2019-12-07 10:14 - 2019-12-07 10:12 - 000000824 _____ C:\Windows\system32\drivers\etc\hosts

==================== Network ===========================

(Currently there is no automatic fix for this section.)

DNS Servers: 85.132.179.206 - 188.75.176.2
Windows Firewall is enabled.

Network Binding:
=============
Pulice: Qualcomm Atheros AR8131 PCI-E Gigabit Ethernet Controller (NDIS 6.30) -> L1C63x64.sys

==================== Other Areas ===========================

(Currently there is no automatic fix for this section.)

HKU\S-1-5-21-2179922001-838655488-4161023053-1001\Control Panel\Desktop\\Wallpaper -> D:\Petr\Dokumenty\pexels-baskincreativeco-1766838.jpg
HKU\S-1-5-82-3006700770-424185619-1745488364-794895919-4004696415\Control Panel\Desktop\\Wallpaper -> C:\Windows\Web\Wallpaper\Windows\img0.jpg
HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Policies\System => (ConsentPromptBehaviorAdmin: 5) (ConsentPromptBehaviorUser: 3) (EnableLUA: 1)
HKLM\SOFTWARE\Microsoft\Windows Defender\Features => (TamperProtection: 0) (TamperProtectionSource: )
HKLM\SOFTWARE\Microsoft\Windows Defender\Real-Time Protection => (DpaDisabled: 0)


==================== MSCONFIG/TASK MANAGER disabled items ==

(If an entry is included in the fixlist, it will be removed.)

HKU\S-1-5-21-2179922001-838655488-4161023053-1001\...\StartupApproved\Run: => "Adobe Acrobat Synchronizer"
HKU\S-1-5-21-2179922001-838655488-4161023053-1001\...\StartupApproved\Run: => "Microsoft.Lists"
HKU\S-1-5-21-2179922001-838655488-4161023053-1001\...\StartupApproved\Run: => "CCleaner Smart Cleaning"

==================== FirewallRules (Whitelisted) ================

(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)

FirewallRules: [{D6D69D60-D674-42B8-8E1C-12BE34C7FCE8}] => (Allow) C:\Program Files (x86)\Steam\Steam.exe (Valve Corp. -> Valve Corporation)
FirewallRules: [{B5C72208-F6DE-48BF-A70D-121E78704B3A}] => (Allow) C:\Program Files (x86)\Steam\Steam.exe (Valve Corp. -> Valve Corporation)
FirewallRules: [{E6E37415-CA38-4D2C-AFB4-2A58E4DF95E0}] => (Allow) C:\Program Files\Microsoft Office\root\Office16\Lync.exe (Microsoft Corporation -> Microsoft Corporation)
FirewallRules: [{2D0C50C1-4F91-4635-BB94-8A3CA4291D1F}] => (Allow) C:\Program Files\Microsoft Office\root\Office16\UcMapi.exe (Microsoft Corporation -> Microsoft Corporation)
FirewallRules: [{010719F5-278C-455D-8368-66457A692A3B}] => (Allow) C:\Program Files\TeamViewer\TeamViewer.exe (TeamViewer Germany GmbH -> TeamViewer Germany GmbH)
FirewallRules: [{03A1F552-DF89-4403-96A0-C7D577047B99}] => (Allow) C:\Program Files\TeamViewer\TeamViewer.exe (TeamViewer Germany GmbH -> TeamViewer Germany GmbH)
FirewallRules: [{F7F78D94-98C4-4974-B2C1-8708EFCD629A}] => (Allow) C:\Program Files\TeamViewer\TeamViewer_Service.exe (TeamViewer Germany GmbH -> TeamViewer Germany GmbH)
FirewallRules: [{51BE5EDB-07FA-444A-B2C7-3A5D422020BB}] => (Allow) C:\Program Files\TeamViewer\TeamViewer_Service.exe (TeamViewer Germany GmbH -> TeamViewer Germany GmbH)
FirewallRules: [{2220B5E1-5A9F-4817-B369-DE6D7F182DDA}] => (Allow) C:\Program Files\Microsoft Office\root\Office16\Lync.exe (Microsoft Corporation -> Microsoft Corporation)
FirewallRules: [{59292B15-C435-4961-A474-F6DEB2C5EEF1}] => (Allow) C:\Program Files\Microsoft Office\root\Office16\UcMapi.exe (Microsoft Corporation -> Microsoft Corporation)
FirewallRules: [{A2F89DDA-9801-41AC-8DFB-AF49301D1BF6}] => (Allow) C:\Program Files\Microsoft Office\root\Office16\outlook.exe (Microsoft Corporation -> Microsoft Corporation)
FirewallRules: [{655A56A3-DB26-44C7-9D97-2ECF7C629448}] => (Allow) C:\Program Files (x86)\Steam\bin\cef\cef.win64\steamwebhelper.exe (Valve Corp. -> Valve Corporation)
FirewallRules: [{25AF1FEA-22DD-49DA-AC13-58D9A7887871}] => (Allow) C:\Program Files (x86)\Steam\bin\cef\cef.win64\steamwebhelper.exe (Valve Corp. -> Valve Corporation)
FirewallRules: [{FBA1101F-A8B5-43DC-9682-878FE7160A7A}] => (Allow) C:\Program Files\TeamViewer\TeamViewer.exe (TeamViewer Germany GmbH -> TeamViewer Germany GmbH)
FirewallRules: [{A038F57A-BEC4-4863-A18B-4B737DDDDD6C}] => (Allow) C:\Program Files\TeamViewer\TeamViewer.exe (TeamViewer Germany GmbH -> TeamViewer Germany GmbH)
FirewallRules: [{8F2CC129-3B46-4D0B-999D-FCA190F07379}] => (Allow) C:\Program Files\TeamViewer\TeamViewer_Service.exe (TeamViewer Germany GmbH -> TeamViewer Germany GmbH)
FirewallRules: [{5D97B267-53A7-45B5-A573-F9F4828411E3}] => (Allow) C:\Program Files\TeamViewer\TeamViewer_Service.exe (TeamViewer Germany GmbH -> TeamViewer Germany GmbH)

==================== Restore Points =========================

16-02-2026 18:25:53 Microsoft Visual C++ 2015-2022 Redistributable (x64) - 14.44.35211
16-02-2026 18:26:20 Microsoft Visual C++ 2015-2022 Redistributable (x86) - 14.44.35211
22-02-2026 12:39:58 Microsoft Visual C++ 2015-2022 Redistributable (x64) - 14.44.35211
22-02-2026 12:40:20 Microsoft Visual C++ 2015-2022 Redistributable (x86) - 14.44.35211
23-02-2026 19:21:06 Microsoft Visual C++ 2015-2022 Redistributable (x64) - 14.44.35211
23-02-2026 19:21:27 Microsoft Visual C++ 2015-2022 Redistributable (x86) - 14.44.35211

==================== Faulty Device Manager Devices ============

==================== Event log errors: ========================

Application errors:
==================
Error: (03/01/2026 09:05:26 PM) (Source: Application Error) (EventID: 1000) (User: )
Description: Název chybující aplikace: _Game_UWP_x86.exe, verze: 0.0.0.0, časové razítko: 0x693968ae
Název chybujícího modulu: _Game_UWP_x86.exe, verze: 0.0.0.0, časové razítko: 0x693968ae
Kód výjimky: 0xc0000005
Posun chyby: 0x0013ef4a
ID chybujícího procesu: 0x4540
Čas spuštění chybující aplikace: 0x01dca9b6b9eb7735
Cesta k chybující aplikaci: C:\Program Files\WindowsApps\A278AB0D.MarchofEmpires_9.3.0.0_x86__h6adky7gbf63m\_Game_UWP_x86.exe
Cesta k chybujícímu modulu: C:\Program Files\WindowsApps\A278AB0D.MarchofEmpires_9.3.0.0_x86__h6adky7gbf63m\_Game_UWP_x86.exe
ID zprávy: bb532376-9aec-4a6f-9b56-0d31ae03a220
Úplný název chybujícího balíčku: A278AB0D.MarchofEmpires_9.3.0.0_x86__h6adky7gbf63m
ID aplikace související s chybujícím balíčkem: App

Error: (03/01/2026 09:04:55 PM) (Source: Application Error) (EventID: 1000) (User: )
Description: Název chybující aplikace: _Game_UWP_x86.exe, verze: 0.0.0.0, časové razítko: 0x693968ae
Název chybujícího modulu: _Game_UWP_x86.exe, verze: 0.0.0.0, časové razítko: 0x693968ae
Kód výjimky: 0xc0000005
Posun chyby: 0x0013ef4a
ID chybujícího procesu: 0x19bc
Čas spuštění chybující aplikace: 0x01dca9b6a3999721
Cesta k chybující aplikaci: C:\Program Files\WindowsApps\A278AB0D.MarchofEmpires_9.3.0.0_x86__h6adky7gbf63m\_Game_UWP_x86.exe
Cesta k chybujícímu modulu: C:\Program Files\WindowsApps\A278AB0D.MarchofEmpires_9.3.0.0_x86__h6adky7gbf63m\_Game_UWP_x86.exe
ID zprávy: 7f8faada-36d4-4d7f-9a36-384212f25ae9
Úplný název chybujícího balíčku: A278AB0D.MarchofEmpires_9.3.0.0_x86__h6adky7gbf63m
ID aplikace související s chybujícím balíčkem: App

Error: (03/01/2026 12:01:05 PM) (Source: Microsoft-Windows-Defrag) (EventID: 264) (User: )
Description: Optimalizátor úložiště nemohl dokončit opakovat operaci trim na Uložiště 1 (E:), protože: Požadovaná operace není podporována hardwarem, který zálohuje svazek. (0x8900002A)

Error: (03/01/2026 12:01:03 PM) (Source: Microsoft-Windows-Defrag) (EventID: 264) (User: )
Description: Optimalizátor úložiště nemohl dokončit opakovat operaci trim na Rezervováno systémem, protože: Požadovaná operace není podporována hardwarem, který zálohuje svazek. (0x8900002A)

Error: (03/01/2026 12:01:02 PM) (Source: Microsoft-Windows-Defrag) (EventID: 264) (User: )
Description: Optimalizátor úložiště nemohl dokončit opakovat operaci trim na Uložiště (D:), protože: Požadovaná operace není podporována hardwarem, který zálohuje svazek. (0x8900002A)

Error: (03/01/2026 09:13:50 AM) (Source: Application Error) (EventID: 1000) (User: )
Description: Název chybující aplikace: _Game_UWP_x86.exe, verze: 0.0.0.0, časové razítko: 0x693968ae
Název chybujícího modulu: _Game_UWP_x86.exe, verze: 0.0.0.0, časové razítko: 0x693968ae
Kód výjimky: 0xc0000005
Posun chyby: 0x0013ef4a
ID chybujícího procesu: 0x1128
Čas spuštění chybující aplikace: 0x01dca9534c8eb513
Cesta k chybující aplikaci: C:\Program Files\WindowsApps\A278AB0D.MarchofEmpires_9.3.0.0_x86__h6adky7gbf63m\_Game_UWP_x86.exe
Cesta k chybujícímu modulu: C:\Program Files\WindowsApps\A278AB0D.MarchofEmpires_9.3.0.0_x86__h6adky7gbf63m\_Game_UWP_x86.exe
ID zprávy: 4939c262-3e95-42d8-8b89-91faaed2d99a
Úplný název chybujícího balíčku: A278AB0D.MarchofEmpires_9.3.0.0_x86__h6adky7gbf63m
ID aplikace související s chybujícím balíčkem: App

Error: (02/26/2026 03:56:11 PM) (Source: Application Error) (EventID: 1000) (User: )
Description: Název chybující aplikace: svchost.exe, verze: 10.0.19041.5794, časové razítko: 0x11bd0919
Název chybujícího modulu: ntdll.dll, verze: 10.0.19041.6926, časové razítko: 0x125948eb
Kód výjimky: 0xc0000005
Posun chyby: 0x0000000000032da7
ID chybujícího procesu: 0x211c
Čas spuštění chybující aplikace: 0x01dca72fe3958c39
Cesta k chybující aplikaci: C:\Windows\System32\svchost.exe
Cesta k chybujícímu modulu: C:\Windows\SYSTEM32\ntdll.dll
ID zprávy: 9f8845b6-da7e-4ddf-9794-e9e8ca944c17
Úplný název chybujícího balíčku:
ID aplikace související s chybujícím balíčkem:

Error: (02/26/2026 03:56:03 PM) (Source: Application Error) (EventID: 1000) (User: )
Description: Název chybující aplikace: svchost.exe, verze: 10.0.19041.5794, časové razítko: 0x11bd0919
Název chybujícího modulu: installservice.dll_unloaded, verze: 10.0.19041.6280, časové razítko: 0xf3a83ec9
Kód výjimky: 0xc0000005
Posun chyby: 0x000000000002e5b4
ID chybujícího procesu: 0x211c
Čas spuštění chybující aplikace: 0x01dca72fe3958c39
Cesta k chybující aplikaci: C:\Windows\System32\svchost.exe
Cesta k chybujícímu modulu: installservice.dll
ID zprávy: 4ba4cc45-3080-45cd-8792-f94e0a77656e
Úplný název chybujícího balíčku:
ID aplikace související s chybujícím balíčkem:


System errors:
=============
Error: (03/01/2026 09:13:35 AM) (Source: DCOM) (EventID: 10010) (User: PETR-889BKJ4)
Description: Server Windows.Gaming.GameBar.PresenceServer.Internal.PresenceWriter se v daném časovém limitu neregistroval u služby DCOM.

Error: (03/01/2026 09:08:42 AM) (Source: DCOM) (EventID: 10010) (User: PETR-889BKJ4)
Description: Server Windows.Gaming.GameBar.PresenceServer.Internal.PresenceWriter se v daném časovém limitu neregistroval u služby DCOM.

Error: (03/01/2026 09:08:12 AM) (Source: DCOM) (EventID: 10005) (User: NT AUTHORITY)
Description: Služba DCOM zjistila chybu 87 při pokusu o spuštění služby GamingServices s argumenty Není k dispozici za účelem spuštění serveru:
{D529741A-1BF1-4D1E-9976-35089622E758}

Error: (03/01/2026 09:08:12 AM) (Source: DCOM) (EventID: 10005) (User: NT AUTHORITY)
Description: Služba DCOM zjistila chybu 87 při pokusu o spuštění služby GamingServices s argumenty Není k dispozici za účelem spuštění serveru:
{3E8C9ABE-9226-4609-BF5B-60288A391DEE}

Error: (03/01/2026 09:08:11 AM) (Source: DCOM) (EventID: 10005) (User: NT AUTHORITY)
Description: Služba DCOM zjistila chybu 87 při pokusu o spuštění služby GamingServices s argumenty Není k dispozici za účelem spuštění serveru:
{506E0B02-79C0-444C-B657-DDB69CD339FF}

Error: (03/01/2026 09:08:11 AM) (Source: DCOM) (EventID: 10005) (User: NT AUTHORITY)
Description: Služba DCOM zjistila chybu 87 při pokusu o spuštění služby GamingServices s argumenty Není k dispozici za účelem spuštění serveru:
{D529741A-1BF1-4D1E-9976-35089622E758}

Error: (03/01/2026 09:08:11 AM) (Source: DCOM) (EventID: 10005) (User: NT AUTHORITY)
Description: Služba DCOM zjistila chybu 87 při pokusu o spuštění služby GamingServices s argumenty Není k dispozici za účelem spuštění serveru:
{3E8C9ABE-9226-4609-BF5B-60288A391DEE}

Error: (03/01/2026 09:08:11 AM) (Source: DCOM) (EventID: 10005) (User: NT AUTHORITY)
Description: Služba DCOM zjistila chybu 87 při pokusu o spuštění služby GamingServices s argumenty Není k dispozici za účelem spuštění serveru:
{D529741A-1BF1-4D1E-9976-35089622E758}


CodeIntegrity:
===============
Date: 2026-03-01 21:10:08
Description:
Code Integrity determined that a process (\Device\HarddiskVolume2\Windows\System32\svchost.exe) attempted to load \Device\HarddiskVolume2\Program Files\ESET\ESET Security\eamsi.dll that did not meet the Windows signing level requirements.

Date: 2026-03-01 19:10:33
Description:
Code Integrity determined that a process (\Device\HarddiskVolume2\Program Files\ESET\ESET Security\ekrn.exe) attempted to load \Device\HarddiskVolume2\Program Files\ESET\ESET Security\eamsi.dll that did not meet the Custom 3 / Antimalware signing level requirements.


==================== Memory info ===========================

BIOS: American Megatrends Inc. V1.3 11/15/2010
Motherboard: MSI 760GM-P33 (MS-7623)
Processor: AMD Phenom(tm) II X6 1055T Processor
Percentage of memory in use: 54%
Total physical RAM: 8191.18 MB
Available physical RAM: 3719.25 MB
Total Virtual: 9471.18 MB
Available Virtual: 3827.16 MB

==================== Drives ================================

Drive c: (Windows) (Fixed) (Total:930.97 GB) (Free:839.3 GB) (Model: CT1000BX500SSD1 ATA Device) NTFS
Drive d: (Uložiště) (Fixed) (Total:1863.01 GB) (Free:749.14 GB) (Model: ST2000DM001-1ER164 ATA Device) NTFS ==>[system with boot components (obtained from drive)]
Drive e: (Uložiště 1) (Fixed) (Total:931.46 GB) (Free:926.15 GB) (Model: ST1000DM003-1SB10C ATA Device) NTFS

\\?\Volume{9b0c9b0c-0000-0000-0000-100000000000}\ (Rezervováno systémem) (Fixed) (Total:0.05 GB) (Free:0.02 GB) NTFS
\\?\Volume{d76c7187-0000-0000-0000-80bee8000000}\ () (Fixed) (Total:0.53 GB) (Free:0.08 GB) NTFS

==================== MBR & Partition Table ====================

==========================================================
Disk: 0 (MBR Code: Windows 7/8/10) (Size: 1863 GB) (Disk ID: F8F2D247)
Partition 1: (Active) - (Size=1863 GB) - (Type=07 NTFS)

==========================================================
Disk: 1 (MBR Code: Windows 7/8/10) (Size: 931.5 GB) (Disk ID: D76C7187)
Partition 1: (Not Active) - (Size=931 GB) - (Type=07 NTFS)
Partition 2: (Not Active) - (Size=547 MB) - (Type=27)

==========================================================
Disk: 2 (MBR Code: Windows 7/8/10) (Size: 931.5 GB) (Disk ID: 9B0C9B0C)
Partition 1: (Active) - (Size=50 MB) - (Type=07 NTFS)
Partition 2: (Not Active) - (Size=931.5 GB) - (Type=07 NTFS)

==================== End of Addition.txt =======================
Nahoru
Uživatelský avatar
JaRon
Moderátor
Moderátor
Příspěvky: 15826
Registrován: 29 bře 2005 13:39
Bydliště: BB-SK

Re: Prevence

#2 Příspěvek od JaRon »

Ahoj,
pouzi fixlist.txt s obsahom:


Start

CloseProcesses:

HKLM\SOFTWARE\Microsoft\Windows Defender: [DisableAntiSpyware] Restriction <==== ATTENTION
HKLM\SOFTWARE\Microsoft\Windows Defender: [DisableAntiVirus] Restriction <==== ATTENTION
HKLM\SYSTEM\...\Terminal Server: [fDenyTSConnections] = 0 <==== ATTENTION

HKLM\SOFTWARE\Policies\Google: Restriction <==== ATTENTION
HKLM\SOFTWARE\Policies\Microsoft\Edge: Restriction <==== ATTENTION

Error reading preferences. Please check "Secure Preferences" file for possible corruption. <==== ATTENTION
Edge Extension: (No Name) - C:\Users\prede\AppData\Local\Microsoft\Edge\User Data\Default\Extensions\ghbmnnjooekpmoecnnnilnnbdlolhkhi [2026-03-01] [UpdateUrl:0] <==== ATTENTION
Edge Extension: (No Name) - C:\Users\prede\AppData\Local\Microsoft\Edge\User Data\Default\Extensions\inomeogfingihgjfjlpeplalcfajhgai [2025-04-12] [UpdateUrl:0] <==== ATTENTION
Edge Extension: (No Name) - C:\Users\prede\AppData\Local\Microsoft\Edge\User Data\Default\Extensions\jmjflgjpcpepeafmmgdpfkogkghcpiha [2025-04-12] [UpdateUrl:0] <==== ATTENTION

S3 HH10Help.sys; \??\C:\Windows\system32\drivers\HH10Help.sys [X]
S5 vdrv1000; <==== ATTENTION: Locked Service


EmptyTemp:

End
FRST |ADWCleaner |MBAM |CCleaner |AVPTool

V prípade spokojnosti je možné podporiť fórum https://platba.viry.cz/payment/
Nahoru
Uživatelský avatar
PredyP
Vzorný návštěvník
Vzorný návštěvník
Příspěvky: 1264
Registrován: 24 kvě 2007 21:52
Bydliště: Východ Čech

Re: Prevence

#3 Příspěvek od PredyP »

Fix result of Farbar Recovery Scan Tool (x64) Version: 27-02-2026
Ran by prede (02-03-2026 15:25:32) Run:1
Running from C:\Users\prede\Desktop
Loaded Profiles: prede
Boot Mode: Normal
==============================================

fixlist content:
*****************
Start

CloseProcesses:

HKLM\SOFTWARE\Microsoft\Windows Defender: [DisableAntiSpyware] Restriction <==== ATTENTION
HKLM\SOFTWARE\Microsoft\Windows Defender: [DisableAntiVirus] Restriction <==== ATTENTION
HKLM\SYSTEM\...\Terminal Server: [fDenyTSConnections] = 0 <==== ATTENTION

HKLM\SOFTWARE\Policies\Google: Restriction <==== ATTENTION
HKLM\SOFTWARE\Policies\Microsoft\Edge: Restriction <==== ATTENTION

Error reading preferences. Please check "Secure Preferences" file for possible corruption. <==== ATTENTION
Edge Extension: (No Name) - C:\Users\prede\AppData\Local\Microsoft\Edge\User Data\Default\Extensions\ghbmnnjooekpmoecnnnilnnbdlolhkhi [2026-03-01] [UpdateUrl:0] <==== ATTENTION
Edge Extension: (No Name) - C:\Users\prede\AppData\Local\Microsoft\Edge\User Data\Default\Extensions\inomeogfingihgjfjlpeplalcfajhgai [2025-04-12] [UpdateUrl:0] <==== ATTENTION
Edge Extension: (No Name) - C:\Users\prede\AppData\Local\Microsoft\Edge\User Data\Default\Extensions\jmjflgjpcpepeafmmgdpfkogkghcpiha [2025-04-12] [UpdateUrl:0] <==== ATTENTION

S3 HH10Help.sys; \??\C:\Windows\system32\drivers\HH10Help.sys [X]
S5 vdrv1000; <==== ATTENTION: Locked Service


EmptyTemp:

End
*****************

Processes closed successfully.
HKLM\SOFTWARE\Microsoft\Windows Defender\\"DisableAntiSpyware"="0" => value restored successfully
HKLM\SOFTWARE\Microsoft\Windows Defender\\"DisableAntiVirus"="0" => value restored successfully
HKLM\SYSTEM\CurrentControlSet\Control\Terminal Server\\"fDenyTSConnections"="1" => value restored successfully
HKLM\SOFTWARE\Policies\Google => removed successfully
HKLM\SOFTWARE\Policies\Microsoft\Edge => removed successfully
Error reading preferences. Please check "Secure Preferences" file for possible corruption. <==== ATTENTION => Error: No automatic fix found for this entry.
Edge Extension: (No Name) - C:\Users\prede\AppData\Local\Microsoft\Edge\User Data\Default\Extensions\ghbmnnjooekpmoecnnnilnnbdlolhkhi [2026-03-01] [UpdateUrl:0] <==== ATTENTION => Error: No automatic fix found for this entry.
Edge Extension: (No Name) - C:\Users\prede\AppData\Local\Microsoft\Edge\User Data\Default\Extensions\inomeogfingihgjfjlpeplalcfajhgai [2025-04-12] [UpdateUrl:0] <==== ATTENTION => Error: No automatic fix found for this entry.
Edge Extension: (No Name) - C:\Users\prede\AppData\Local\Microsoft\Edge\User Data\Default\Extensions\jmjflgjpcpepeafmmgdpfkogkghcpiha [2025-04-12] [UpdateUrl:0] <==== ATTENTION => Error: No automatic fix found for this entry.
HKLM\System\CurrentControlSet\Services\HH10Help.sys => removed successfully
HH10Help.sys => service removed successfully
"HKLM\System\CurrentControlSet\Services\vdrv1000" => removed successfully
vdrv1000 => service removed successfully

=========== EmptyTemp: ==========

FlushDNS => completed
BITS transfer queue => 1572864 B
DOMStore, IE Recovery, AppCache, Feeds Cache, Thumbcache, IconCache => 8651537 B
Java, Discord, Steam htmlcache, WinHttpAutoProxySvc/winhttp *.cache => 520511532 B
Windows/system/drivers => 6582051 B
Edge => 14253044 B
Firefox => 0 B
Opera => 0 B

Local\Temp, Local\*.tmp, LocalLow\Temp, Roaming\Temp, Roaming\*.tmp , IE cache, history, cookies, recent:
Default => 0 B
ProgramData => 0 B
Public => 0 B
systemprofile => 94132363 B
systemprofile32 => 0 B
LocalService => 11334 B
NetworkService => 0 B
prede => 7140517 B
DefaultAppPool => 0 B

RecycleBin => 59489 B
EmptyTemp: => 622.7 MB temporary data Removed.

================================


The system needed a reboot.

==== End of Fixlog 15:27:29 ====
Nahoru
Uživatelský avatar
JaRon
Moderátor
Moderátor
Příspěvky: 15826
Registrován: 29 bře 2005 13:39
Bydliště: BB-SK

Re: Prevence

#4 Příspěvek od JaRon »

Vycisti este s JRT - bod 2
https://forum.viry.cz/viewtopic.php?p=1 ... e#p1560052
FRST |ADWCleaner |MBAM |CCleaner |AVPTool

V prípade spokojnosti je možné podporiť fórum https://platba.viry.cz/payment/
Nahoru
Uživatelský avatar
PredyP
Vzorný návštěvník
Vzorný návštěvník
Příspěvky: 1264
Registrován: 24 kvě 2007 21:52
Bydliště: Východ Čech

Re: Prevence

#5 Příspěvek od PredyP »

~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~
Junkware Removal Tool (JRT) by Malwarebytes
Version: 8.1.4 (07.09.2017)
Operating System: Windows 10 Enterprise x64
Ran by prede (Administrator) on 02.03.2026 at 19:42:48,17
~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~




File System: 1

Successfully deleted: C:\Windows\wininit.ini (File)



Registry: 2

Successfully deleted: HKLM\Software\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{1FD49718-1D00-4B19-AF5F-070AF6D5D54C} (Registry Key)
Successfully deleted: HKLM\Software\Wow6432Node\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{1FD49718-1D00-4B19-AF5F-070AF6D5D54C} (Registry Key)




~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~
Scan was completed on 02.03.2026 at 19:44:41,52
End of JRT log
~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~
Nahoru
Uživatelský avatar
JaRon
Moderátor
Moderátor
Příspěvky: 15826
Registrován: 29 bře 2005 13:39
Bydliště: BB-SK

Re: Prevence

#6 Příspěvek od JaRon »

Ak nie su problemy, tak hotovo :James008:
FRST |ADWCleaner |MBAM |CCleaner |AVPTool

V prípade spokojnosti je možné podporiť fórum https://platba.viry.cz/payment/
Nahoru
Uživatelský avatar
PredyP
Vzorný návštěvník
Vzorný návštěvník
Příspěvky: 1264
Registrován: 24 kvě 2007 21:52
Bydliště: Východ Čech

Re: Prevence

#7 Příspěvek od PredyP »

Moc děkuji :worship: :worship: :worship:
Nahoru
Uživatelský avatar
JaRon
Moderátor
Moderátor
Příspěvky: 15826
Registrován: 29 bře 2005 13:39
Bydliště: BB-SK

Re: Prevence

#8 Příspěvek od JaRon »

Rado sa stalo :)
FRST |ADWCleaner |MBAM |CCleaner |AVPTool

V prípade spokojnosti je možné podporiť fórum https://platba.viry.cz/payment/
Nahoru
Zamčeno

Zpět na „Preventivní kontroly logů“