Prosím o kontrolu logu, na PC se nedá pracovat
Napsal: 21 led 2023 14:53
Dorbý den, prosím o kontrolu logu. PC je neskutečně zpomalené. Rozjíždí se velmi dlouho, vypíná se dlouho a když kliknu třeba na prohlížeč, otevírá se velmi dlouho. Aktualizace mi to dělá stále dokola a nejde aktualizovat.
Přikládám log z FRST a také log Addition.
Scan result of Farbar Recovery Scan Tool (FRST) (x64) Version: 20-01-2023
Ran by Luděk (administrator) on DESKTOP-MDPI0UB (Gigabyte Technology Co., Ltd. GA-870A-USB3) (21-01-2023 14:32:25)
Running from C:\Users\Luděk\Desktop
Loaded Profiles: Luděk
Platform: Microsoft Windows 10 Home Version 21H1 19043.2006 (X64) Language: Čeština (Česko)
Default browser: Opera
Boot Mode: Normal
==================== Processes (Whitelisted) =================
(If an entry is included in the fixlist, the process will be closed. The file will not be moved.)
() [File not signed] C:\Program Files (x86)\Gaming Keyboard\Monitor.EXE
(Advanced Micro Devices, Inc. -> Advanced Micro Devices Inc.) C:\Program Files (x86)\ATI Technologies\ATI.ACE\Core-Static\MOM.exe
(atiesrxx.exe ->) (Microsoft Windows Hardware Compatibility Publisher -> AMD) C:\Windows\System32\atieclxx.exe
(C:\Program Files (x86)\ATI Technologies\ATI.ACE\Core-Static\MOM.exe ->) (Advanced Micro Devices, Inc. -> Advanced Micro Devices Inc.) C:\Program Files (x86)\ATI Technologies\ATI.ACE\Core-Static\CCC.exe
(C:\Program Files (x86)\Gaming Keyboard\Monitor.EXE ->) () [File not signed] C:\Program Files (x86)\Gaming Keyboard\OSD.exe
(C:\Program Files (x86)\Google\Update\GoogleUpdate.exe ->) (Google LLC -> Google LLC) C:\Program Files (x86)\Google\Update\1.3.36.152\GoogleCrashHandler.exe
(C:\Program Files (x86)\Google\Update\GoogleUpdate.exe ->) (Google LLC -> Google LLC) C:\Program Files (x86)\Google\Update\1.3.36.152\GoogleCrashHandler64.exe
(C:\Program Files\RogueKiller\RogueKillerSvc.exe ->) (ADLICE (ASCOET JULIEN) -> ) C:\Program Files\RogueKiller\RogueKiller64.exe
(C:\ProgramData\Microsoft\Windows Defender\Platform\4.18.2211.5-0\MsMpEng.exe ->) (Microsoft Windows Publisher -> Microsoft Corporation) C:\ProgramData\Microsoft\Windows Defender\Platform\4.18.2211.5-0\MpCopyAccelerator.exe
(C:\Users\Luděk\AppData\Local\Programs\Opera\launcher.exe ->) (Opera Norway AS -> Opera Software) C:\Users\Luděk\AppData\Local\Programs\Opera\94.0.4606.65\opera_autoupdate.exe
(C:\Users\Luděk\AppData\Local\Programs\Opera\launcher.exe ->) (Opera Norway AS -> Opera Software) C:\Users\Luděk\AppData\Local\Programs\Opera\assistant\assistant_installer.exe
(C:\Users\Luděk\AppData\Local\Programs\Opera\opera.exe ->) (Opera Norway AS -> Opera Software) C:\Users\Luděk\AppData\Local\Programs\Opera\94.0.4606.65\opera_crashreporter.exe
(C:\Windows\WinSxS\amd64_microsoft-windows-servicingstack_31bf3856ad364e35_10.0.19041.2300_none_7e14edbc7c88b7d5\TiWorker.exe ->) (Microsoft Windows -> Microsoft Corporation) C:\Windows\System32\SrTasks.exe
(explorer.exe ->) (Microsoft Windows -> Microsoft Corporation) C:\Windows\System32\rundll32.exe
(Hewlett-Packard Company -> Hewlett-Packard) C:\Program Files (x86)\HP\HP Software Update\hpwuschd2.exe
(Opera Norway AS -> Opera Software) C:\Users\Luděk\AppData\Local\Programs\Opera\opera.exe <14>
(PIRIFORM SOFTWARE LIMITED -> Piriform Software Ltd) C:\Program Files\CCleaner\CCleaner64.exe
(services.exe ->) (ADLICE (ASCOET JULIEN) -> ) C:\Program Files\RogueKiller\RogueKillerSvc.exe
(services.exe ->) (Adobe Inc. -> Adobe Inc.) C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\armsvc.exe
(services.exe ->) (Advanced Micro Devices, Inc. -> Advanced Micro Devices, Inc.) C:\Program Files\ATI Technologies\ATI.ACE\Fuel\Fuel.Service.exe
(services.exe ->) (Microsoft Windows Hardware Compatibility Publisher -> AMD) C:\Windows\System32\atiesrxx.exe
(services.exe ->) (Microsoft Windows Publisher -> Microsoft Corporation) C:\ProgramData\Microsoft\Windows Defender\Platform\4.18.2211.5-0\MsMpEng.exe
(services.exe ->) (Microsoft Windows Publisher -> Microsoft Corporation) C:\ProgramData\Microsoft\Windows Defender\Platform\4.18.2211.5-0\NisSrv.exe
(svchost.exe ->) (Adobe Inc. -> Adobe Inc.) C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\AdobeARM.exe
(svchost.exe ->) (Google Inc -> Google LLC) C:\Program Files (x86)\Google\Update\GoogleUpdate.exe <2>
(svchost.exe ->) (Hewlett Packard -> Hewlett-Packard Co.) C:\Program Files\HP\HP Deskjet 6520 series\Bin\HPNetworkCommunicatorCom.exe
(svchost.exe ->) (Microsoft Corporation -> Microsoft Corporation) C:\Program Files (x86)\Microsoft\EdgeUpdate\MicrosoftEdgeUpdate.exe
(svchost.exe ->) (Microsoft Corporation) C:\Program Files\WindowsApps\Microsoft.549981C3F5F10_4.2204.13303.0_x64__8wekyb3d8bbwe\Cortana.exe
(svchost.exe ->) (Microsoft Corporation) C:\Program Files\WindowsApps\microsoft.windowscommunicationsapps_16005.14326.21238.0_x64__8wekyb3d8bbwe\HxTsr.exe
(svchost.exe ->) (Microsoft Corporation) C:\Program Files\WindowsApps\Microsoft.YourPhone_1.22102.229.0_x64__8wekyb3d8bbwe\PhoneExperienceHost.exe
(svchost.exe ->) (Microsoft Windows -> Microsoft Corporation) C:\Windows\System32\CompatTelRunner.exe <2>
(svchost.exe ->) (Microsoft Windows -> Microsoft Corporation) C:\Windows\System32\MoUsoCoreWorker.exe
(svchost.exe ->) (Microsoft Windows -> Microsoft Corporation) C:\Windows\System32\smartscreen.exe
(svchost.exe ->) (Microsoft Windows -> Microsoft Corporation) C:\Windows\WinSxS\amd64_microsoft-windows-servicingstack_31bf3856ad364e35_10.0.19041.2300_none_7e14edbc7c88b7d5\TiWorker.exe <2>
(svchost.exe ->) (Opera Norway AS -> Opera Software) C:\Users\Luděk\AppData\Local\Programs\Opera\launcher.exe <2>
(svchost.exe ->) (Zemana D.O.O. Sarajevo -> Zemana Ltd.) C:\Program Files (x86)\Zemana\AntiMalware\AntiMalware.exe
==================== Registry (Whitelisted) ===================
(If an entry is included in the fixlist, the registry item will be restored to default or removed. The file will not be moved.)
HKLM-x32\...\Run: [Gaming Keyboard] => C:\Program Files (x86)\Gaming Keyboard\Monitor.exe [479232 2014-01-16] () [File not signed]
HKLM-x32\...\Run: [HP Software Update] => C:\Program Files (x86)\Hp\HP Software Update\HPWuSchd2.exe [96056 2013-05-30] (Hewlett-Packard Company -> Hewlett-Packard)
HKLM-x32\...\Run: [StartCCC] => C:\Program Files (x86)\ATI Technologies\ATI.ACE\Core-Static\amd64\CLIStart.exe [767176 2015-11-04] (Advanced Micro Devices, Inc. -> Advanced Micro Devices, Inc.)
HKU\S-1-5-21-2413350920-2034389097-1973294252-1001\...\Run: [CCleaner Smart Cleaning] => C:\Program Files\CCleaner\CCleaner64.exe [38935376 2023-01-11] (PIRIFORM SOFTWARE LIMITED -> Piriform Software Ltd)
HKU\S-1-5-21-2413350920-2034389097-1973294252-1001\...\Run: [Opera Browser Assistant] => C:\Users\Luděk\AppData\Local\Programs\Opera\assistant\browser_assistant.exe [3916232 2022-12-20] (Opera Norway AS -> Opera Software)
HKLM\...\Print\Monitors\HP BA11 Status Monitor: C:\WINDOWS\system32\hpinkstsBA11LM.dll [331664 2012-06-12] (Hewlett Packard -> Hewlett-Packard Co.)
HKLM\...\Print\Monitors\HP Discovery Port Monitor (HP Deskjet 6520 series): C:\WINDOWS\system32\HPDiscoPMBA11.dll [741480 2012-10-17] (Hewlett Packard -> Hewlett-Packard Co.)
HKLM\Software\Microsoft\Active Setup\Installed Components: [{8A69D345-D564-463c-AFF1-A69D9E530F96}] -> C:\Program Files (x86)\Google\Chrome\Application\108.0.5359.125\Installer\chrmstp.exe [2022-12-30] (Google LLC -> Google LLC)
Startup: C:\Users\Luděk\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup\Sledovat výstrahy inkoustu - HP Deskjet 6520 series (Síť).lnk [2023-01-21]
ShortcutAndArgument: Sledovat výstrahy inkoustu - HP Deskjet 6520 series (Síť).lnk -> C:\WINDOWS\system32\RunDll32.exe => "C:\Program Files\HP\HP Deskjet 6520 series\bin\HPStatusBL.dll",RunDLLEntry SERIALNUMBER=TH471581W505XR;CONNECTION=NW;MONITOR=1;
GroupPolicy: Restriction ? <==== ATTENTION
Policies: C:\ProgramData\NTUSER.pol: Restriction <==== ATTENTION
==================== Scheduled Tasks (Whitelisted) ============
(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)
Task: {21D6A383-D9C9-499C-A1D7-74EA2BC7E151} - System32\Tasks\Microsoft\Windows\WaaSMedic\MaintenanceWork => {72566E27-1ABB-4EB3-B4F0-EB431CB1CB32}
Task: {3A317811-E71B-4B17-A94B-9C7AAB7693FC} - System32\Tasks\Opera scheduled Autoupdate 1583253510 => C:\Users\Luděk\AppData\Local\Programs\Opera\launcher.exe [2607560 2023-01-12] (Opera Norway AS -> Opera Software)
Task: {5636E68E-BB34-4B4B-B9BA-A3DF5C9CB00C} - System32\Tasks\GoogleUpdateTaskMachineCore => C:\Program Files (x86)\Google\Update\GoogleUpdate.exe [156456 2019-05-10] (Google Inc -> Google LLC)
Task: {658ADD59-68A2-43AE-92DF-718BB06D244F} - System32\Tasks\CCleanerCrashReporting => C:\Program Files\CCleaner\CCleanerBugReport.exe [4713808 2023-01-11] (PIRIFORM SOFTWARE LIMITED -> Piriform Software) -> --product 90 --send dumps|report --path "C:\Program Files\CCleaner\LOG" --programpath "C:\Program Files\CCleaner" --configpath "C:\Program Files\CCleaner\Setup" --guid "6b0ecaf3-2418-4d46-b829-99fc295db756" --version "6.08.10255" --silent
Task: {73E3E88F-61AF-4C21-8668-C24B2AA30A79} - System32\Tasks\CCleanerSkipUAC - Luděk => C:\Program Files\CCleaner\CCleaner.exe [32617808 2023-01-11] (PIRIFORM SOFTWARE LIMITED -> Piriform Software Ltd)
Task: {77BCCDCB-B4B4-461C-BD21-5736D651F60A} - System32\Tasks\Opera scheduled assistant Autoupdate 1583253520 => C:\Users\Luděk\AppData\Local\Programs\Opera\launcher.exe [2607560 2023-01-12] (Opera Norway AS -> Opera Software) -> --scheduledautoupdate --component-name=assistant --component-path="C:\Users\Luděk\AppData\Local\Programs\Opera\assistant" $(Arg0)
Task: {7FBA95E5-099B-4641-8452-8D482376E5F5} - System32\Tasks\Microsoft\Windows\Windows Defender\Windows Defender Scheduled Scan => C:\ProgramData\Microsoft\Windows Defender\Platform\4.18.2211.5-0\MpCmdRun.exe [1592184 2022-12-10] (Microsoft Windows Publisher -> Microsoft Corporation)
Task: {82D9270E-812D-4CAB-88C6-A94DED53BCEE} - System32\Tasks\CCleaner Update => C:\Program Files\CCleaner\CCUpdate.exe [684976 2023-01-11] (Piriform Software Ltd -> Piriform)
Task: {8AD88554-63A0-42CF-9F34-3343D30BEB41} - System32\Tasks\Adobe Acrobat Update Task => C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\AdobeARM.exe [1552376 2022-09-26] (Adobe Inc. -> Adobe Inc.)
Task: {8DE385A3-7D74-41C0-9699-03E0890764FF} - System32\Tasks\Microsoft\Windows\Windows Defender\Windows Defender Verification => C:\ProgramData\Microsoft\Windows Defender\Platform\4.18.2211.5-0\MpCmdRun.exe [1592184 2022-12-10] (Microsoft Windows Publisher -> Microsoft Corporation)
Task: {A38ACD60-65D2-4B25-A5D7-A8E11E43975B} - System32\Tasks\Microsoft\Windows\Windows Defender\Windows Defender Cleanup => C:\ProgramData\Microsoft\Windows Defender\Platform\4.18.2211.5-0\MpCmdRun.exe [1592184 2022-12-10] (Microsoft Windows Publisher -> Microsoft Corporation)
Task: {A49CA059-BAF8-4CFC-843A-FBC69EA485DD} - System32\Tasks\AMHelper => C:\Program Files (x86)\Zemana\AntiMalware\AntiMalware.exe [682008 2021-03-30] (Zemana D.O.O. Sarajevo -> Zemana Ltd.)
Task: {BBE6AED4-F3CC-4532-BB8C-13BC37399D16} - System32\Tasks\Adobe Flash Player PPAPI Notifier => C:\WINDOWS\SysWOW64\Macromed\Flash\FlashUtil32_29_0_0_171_pepper.exe [1367552 2018-05-25] (Adobe Systems Incorporated -> Adobe Systems Incorporated)
Task: {C8E19F86-A5C3-4D40-B45B-6BE0E2494CE8} - System32\Tasks\Microsoft\Windows\Windows Defender\Windows Defender Cache Maintenance => C:\ProgramData\Microsoft\Windows Defender\Platform\4.18.2211.5-0\MpCmdRun.exe [1592184 2022-12-10] (Microsoft Windows Publisher -> Microsoft Corporation)
Task: {E2A846E3-F6FE-437B-9081-97DBF4CD4751} - System32\Tasks\GoogleUpdateTaskMachineUA => C:\Program Files (x86)\Google\Update\GoogleUpdate.exe [156456 2019-05-10] (Google Inc -> Google LLC)
Task: {EC7BC4ED-D860-4E92-9ED4-0D029ADE70BE} - System32\Tasks\Adobe Flash Player NPAPI Notifier => C:\WINDOWS\SysWOW64\Macromed\Flash\FlashUtil32_32_0_0_344_Plugin.exe [1458232 2020-04-07] (Adobe Inc. -> Adobe)
(If an entry is included in the fixlist, the task (.job) file will be moved. The file which is running by the task will not be moved.)
Task: C:\WINDOWS\Tasks\CCleanerCrashReporting.job => C:\Program Files\CCleaner\CCleanerBugReport.exe
Task: C:\WINDOWS\Tasks\CreateExplorerShellUnelevatedTask.job => C:\WINDOWS\explorer.exe
==================== Internet (Whitelisted) ====================
(If an item is included in the fixlist, if it is a registry item it will be removed or restored to default.)
Tcpip\Parameters: [DhcpNameServer] 192.168.2.1
Tcpip\..\Interfaces\{1f481996-2dc3-45c7-8a54-51b444d3aca5}: [DhcpNameServer] 192.168.2.1
Edge:
=======
Edge DefaultProfile: Default
Edge Profile: C:\Users\Luděk\AppData\Local\Microsoft\Edge\User Data\Default [2023-01-15]
Edge Extension: (Ochrana Kaspersky) - C:\Users\Luděk\AppData\Local\Microsoft\Edge\User Data\Default\Extensions\ahkjpbeeocnddjkakilopmfdlnjdpcdm [2022-10-06]
FireFox:
========
FF DefaultProfile: 9a5fzjqm.default
FF ProfilePath: C:\Users\Luděk\AppData\Roaming\Mozilla\Firefox\Profiles\9a5fzjqm.default [2023-01-15]
FF Homepage: Mozilla\Firefox\Profiles\9a5fzjqm.default -> about:home
FF NewTab: Mozilla\Firefox\Profiles\9a5fzjqm.default -> about:newtab
FF Extension: (Vývojové sestavení Adblock Plus) - C:\Users\Luděk\AppData\Roaming\Mozilla\Firefox\Profiles\9a5fzjqm.default\Extensions\{d10d0bf8-f5b5-c8b4-a8b2-2b9879e08c5d}.xpi [2018-12-07]
FF Plugin: @adobe.com/FlashPlayer -> C:\WINDOWS\system32\Macromed\Flash\NPSWF64_32_0_0_344.dll [2020-04-07] (Adobe Inc. -> )
FF Plugin: Adobe Acrobat -> C:\Program Files\Adobe\Acrobat DC\Acrobat\Air\nppdf32.dll [2022-12-24] (Adobe Inc. -> Adobe Systems Inc.)
FF Plugin-x32: @adobe.com/FlashPlayer -> C:\WINDOWS\SysWOW64\Macromed\Flash\NPSWF32_32_0_0_344.dll [2020-04-07] (Adobe Inc. -> )
FF Plugin HKU\S-1-5-21-2413350920-2034389097-1973294252-1001: @updates.epicbrowser.com/Epic Privacy Browser Installer;version=3 -> C:\Users\Luděk\AppData\Local\Epic Privacy Browser\Installer\1.3.27.13\npEpicUpdate3.dll [2018-04-01] (Google Inc (TEST) -> Epic Privacy Browser) [File not signed]
FF Plugin HKU\S-1-5-21-2413350920-2034389097-1973294252-1001: @updates.epicbrowser.com/Epic Privacy Browser Installer;version=9 -> C:\Users\Luděk\AppData\Local\Epic Privacy Browser\Installer\1.3.27.13\npEpicUpdate3.dll [2018-04-01] (Google Inc (TEST) -> Epic Privacy Browser) [File not signed]
Chrome:
=======
CHR Profile: C:\Users\Luděk\AppData\Local\Google\Chrome\User Data\Default [2023-01-15]
CHR Extension: (Prezentace) - C:\Users\Luděk\AppData\Local\Google\Chrome\User Data\Default\Extensions\aapocclcgogkmnckokdopfmhonfmgoek [2021-12-12]
CHR Extension: (Ochrana Kaspersky) - C:\Users\Luděk\AppData\Local\Google\Chrome\User Data\Default\Extensions\ahkjpbeeocnddjkakilopmfdlnjdpcdm [2022-01-30]
CHR Extension: (YouTube) - C:\Users\Luděk\AppData\Local\Google\Chrome\User Data\Default\Extensions\blpcfgokakmgnkcojhhkbfbldkacnbeo [2021-12-12]
CHR Extension: (Platby Internetového obchodu Chrome) - C:\Users\Luděk\AppData\Local\Google\Chrome\User Data\Default\Extensions\nmmhkkegccagdldgiimedpiccmgmieda [2021-12-12]
CHR Extension: (Gmail) - C:\Users\Luděk\AppData\Local\Google\Chrome\User Data\Default\Extensions\pjkljhegncpnkpknbcohdijeoejaedia [2021-12-12]
Opera:
=======
OPR Profile: C:\Users\Luděk\AppData\Roaming\Opera Software\Opera Stable [2023-01-21]
OPR DefaultSuggestURL: Opera Stable -> hxxps://www.google.com/complete/search?client=o ... utEncoding}
OPR Extension: (Rich Hints Agent) - C:\Users\Luděk\AppData\Roaming\Opera Software\Opera Stable\Extensions\enegjkbbakeegngfapepobipndnebkdk [2022-10-29]
OPR Extension: (Opera Wallet) - C:\Users\Luděk\AppData\Roaming\Opera Software\Opera Stable\Extensions\gojhcdgcpbpfigcaejpfhfegekdgiblk [2022-12-31]
OPR Extension: (Amazon Assistant Promotion) - C:\Users\Luděk\AppData\Roaming\Opera Software\Opera Stable\Extensions\kbmoiomgmchbpihhdpabemajcbjpcijk [2021-11-15]
==================== Services (Whitelisted) ===================
(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)
R2 AdobeARMservice; C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\armsvc.exe [173040 2022-09-26] (Adobe Inc. -> Adobe Inc.)
R2 AMD FUEL Service; C:\Program Files\ATI Technologies\ATI.ACE\Fuel\Fuel.Service.exe [351944 2015-11-04] (Advanced Micro Devices, Inc. -> Advanced Micro Devices, Inc.)
S3 CCleanerPerformanceOptimizerService; C:\Program Files\CCleaner\CCleanerPerformanceOptimizerService.exe [1003344 2023-01-11] (PIRIFORM SOFTWARE LIMITED -> Piriform Software Ltd)
S2 MBAMService; C:\Program Files\Malwarebytes\Anti-Malware\MBAMService.exe [7848632 2021-11-10] (Malwarebytes Inc -> Malwarebytes)
R2 rkrtservice; C:\Program Files\RogueKiller\RogueKillerSvc.exe [14204760 2021-11-09] (ADLICE (ASCOET JULIEN) -> )
R3 WdNisSvc; C:\ProgramData\Microsoft\Windows Defender\Platform\4.18.2211.5-0\NisSrv.exe [3191264 2022-12-10] (Microsoft Windows Publisher -> Microsoft Corporation)
R2 WinDefend; C:\ProgramData\Microsoft\Windows Defender\Platform\4.18.2211.5-0\MsMpEng.exe [133592 2022-12-10] (Microsoft Windows Publisher -> Microsoft Corporation)
===================== Drivers (Whitelisted) ===================
(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)
R1 amsdk; C:\WINDOWS\system32\drivers\amsdk.sys [232792 2021-11-15] (Zemana D.O.O. Sarajevo -> Copyright 2018.)
R2 AODDriver4.3; C:\Program Files\ATI Technologies\ATI.ACE\Fuel\amd64\AODDriver2.sys [59616 2014-02-11] (Advanced Micro Devices, Inc. -> Advanced Micro Devices)
S3 BthA2dp; C:\WINDOWS\System32\drivers\BthA2dp.sys [279040 2019-12-07] (Microsoft Corporation) [File not signed]
S3 BthHFEnum; C:\WINDOWS\System32\drivers\bthhfenum.sys [144896 2019-12-07] (Microsoft Corporation) [File not signed]
S3 MBAMSwissArmy; C:\WINDOWS\System32\Drivers\mbamswissarmy.sys [248992 2021-08-01] (Malwarebytes Inc -> Malwarebytes)
U3 TrueSight; C:\Windows\System32\drivers\truesight.sys [38032 2023-01-21] (Adlice -> )
S0 WdBoot; C:\WINDOWS\System32\drivers\wd\WdBoot.sys [49568 2022-12-10] (Microsoft Windows Early Launch Anti-malware Publisher -> Microsoft Corporation)
R0 WdFilter; C:\WINDOWS\System32\drivers\wd\WdFilter.sys [473376 2022-12-10] (Microsoft Windows -> Microsoft Corporation)
R3 WdNisDrv; C:\WINDOWS\System32\drivers\wd\WdNisDrv.sys [99616 2022-12-10] (Microsoft Windows -> Microsoft Corporation)
S3 MpKsl19a5ed25; \??\C:\ProgramData\Microsoft\Windows Defender\Definition Updates\{99AAD720-ECA6-4755-A1B0-96E8D710F741}\MpKslDrv.sys [X]
==================== NetSvcs (Whitelisted) ===================
(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)
==================== One month (created) (Whitelisted) =========
(If an entry is included in the fixlist, the file/folder will be moved.)
2023-01-21 14:32 - 2023-01-21 14:37 - 000018773 _____ C:\Users\Luděk\Desktop\FRST.txt
2023-01-21 14:29 - 2023-01-21 14:36 - 000000000 ____D C:\FRST
2023-01-21 14:27 - 2023-01-21 14:28 - 002376704 _____ (Farbar) C:\Users\Luděk\Desktop\FRST64.exe
2023-01-21 11:35 - 2023-01-21 11:35 - 000000000 ___HD C:\$WinREAgent
2022-12-31 17:00 - 2022-12-31 17:01 - 000513411 _____ C:\Users\Luděk\Desktop\ratiborice.jpeg
2022-12-31 16:58 - 2022-12-31 16:58 - 000579424 _____ C:\Users\Luděk\Desktop\opocno.jpeg
2022-12-30 18:29 - 2023-01-21 11:30 - 000038032 _____ C:\WINDOWS\system32\Drivers\truesight.sys
2022-12-25 10:05 - 2022-12-25 10:05 - 000004460 _____ C:\WINDOWS\system32\Tasks\Opera scheduled assistant Autoupdate 1583253520
==================== One month (modified) ==================
(If an entry is included in the fixlist, the file/folder will be moved.)
2023-01-21 14:39 - 2021-11-15 20:32 - 000173539 _____ C:\WINDOWS\ZAM.krnl.trace
2023-01-21 14:36 - 2016-03-13 10:38 - 000000000 ____D C:\Program Files (x86)\Google
2023-01-21 14:23 - 2017-10-26 11:40 - 000000000 ____D C:\Program Files\CCleaner
2023-01-21 12:43 - 2019-12-07 10:14 - 000000000 ____D C:\ProgramData\regid.1991-06.com.microsoft
2023-01-21 12:29 - 2019-12-07 10:03 - 000000000 ____D C:\WINDOWS\CbsTemp
2023-01-21 11:38 - 2020-09-12 13:45 - 000000000 ____D C:\Users\Luděk
2023-01-21 11:29 - 2020-09-12 14:20 - 000000006 ____H C:\WINDOWS\Tasks\SA.DAT
2023-01-21 11:29 - 2020-09-12 13:39 - 000008192 ___SH C:\DumpStack.log.tmp
2023-01-21 11:29 - 2020-09-12 13:39 - 000000000 ____D C:\WINDOWS\system32\SleepStudy
2023-01-21 11:12 - 2019-12-07 10:14 - 000000000 ____D C:\WINDOWS\AppReadiness
2023-01-21 11:08 - 2022-11-08 11:16 - 000000760 _____ C:\WINDOWS\Tasks\CCleanerCrashReporting.job
2023-01-21 10:50 - 2021-09-20 14:47 - 000000270 __RSH C:\ProgramData\ntuser.pol
2023-01-21 10:37 - 2021-09-20 14:51 - 000000000 ____D C:\Users\Luděk\AppData\Local\Rufus
2023-01-21 10:18 - 2020-06-14 16:29 - 000002436 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Microsoft Edge.lnk
2023-01-21 10:18 - 2020-06-14 16:29 - 000002274 _____ C:\Users\Public\Desktop\Microsoft Edge.lnk
2023-01-21 10:17 - 2020-09-12 14:20 - 000004206 _____ C:\WINDOWS\system32\Tasks\Opera scheduled Autoupdate 1583253510
2023-01-21 10:16 - 2020-03-03 17:38 - 000001461 _____ C:\Users\Luděk\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Prohlížeč Opera.lnk
2023-01-20 18:36 - 2022-11-08 11:16 - 000003476 _____ C:\WINDOWS\system32\Tasks\CCleanerCrashReporting
2023-01-20 18:36 - 2020-09-12 14:20 - 000003936 _____ C:\WINDOWS\system32\Tasks\CCleaner Update
2023-01-15 11:11 - 2018-08-04 21:53 - 000000000 ____D C:\Users\Luděk\AppData\Local\CrashDumps
2023-01-15 10:28 - 2021-07-31 14:09 - 000000000 ____D C:\Users\Luděk\Documents\Životopis
2023-01-15 10:25 - 2019-12-07 10:14 - 000000000 ___HD C:\Program Files\WindowsApps
2023-01-15 10:20 - 2016-03-07 17:25 - 000000000 ____D C:\WINDOWS\system32\MRT
2023-01-15 09:40 - 2016-03-07 17:25 - 150199536 ____C (Microsoft Corporation) C:\WINDOWS\system32\MRT.exe
2023-01-14 21:08 - 2020-09-12 14:20 - 000004562 _____ C:\WINDOWS\system32\Tasks\Adobe Acrobat Update Task
2023-01-14 21:05 - 2022-10-19 18:02 - 000002073 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Adobe Acrobat.lnk
2023-01-14 21:05 - 2022-10-19 18:02 - 000002061 _____ C:\Users\Public\Desktop\Adobe Acrobat.lnk
2023-01-13 19:00 - 2020-09-12 14:20 - 000003640 _____ C:\WINDOWS\system32\Tasks\MicrosoftEdgeUpdateTaskMachineUA
2023-01-13 19:00 - 2020-09-12 14:20 - 000003516 _____ C:\WINDOWS\system32\Tasks\MicrosoftEdgeUpdateTaskMachineCore
2022-12-31 17:00 - 2017-04-13 08:41 - 000000000 ___RD C:\Users\Luděk\Documents\Scanned Documents
2022-12-31 15:55 - 2022-08-09 10:25 - 000032099 _____ C:\Users\Luděk\Desktop\OpenRailsLog.txt
2022-12-31 15:53 - 2016-11-12 14:35 - 000000000 ____D C:\Users\Luděk\AppData\Roaming\Open Rails
2022-12-31 15:23 - 2019-12-07 10:14 - 000000000 ____D C:\WINDOWS\LiveKernelReports
2022-12-31 15:11 - 2022-10-11 16:49 - 000000000 ____D C:\OpenRails_CZSK
2022-12-30 18:28 - 2019-12-07 10:03 - 000524288 _____ C:\WINDOWS\system32\config\BBI
2022-12-30 11:44 - 2022-01-14 17:30 - 000003592 _____ C:\WINDOWS\system32\Tasks\OneDrive Reporting Task-S-1-5-21-2413350920-2034389097-1973294252-1001
2022-12-30 11:44 - 2021-05-15 15:13 - 000002381 _____ C:\Users\Luděk\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\OneDrive.lnk
2022-12-30 11:44 - 2020-09-12 14:20 - 000003380 _____ C:\WINDOWS\system32\Tasks\OneDrive Standalone Update Task-S-1-5-21-2413350920-2034389097-1973294252-1001
2022-12-30 11:44 - 2019-05-10 16:18 - 000002301 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Google Chrome.lnk
2022-12-30 11:44 - 2019-05-10 16:18 - 000002260 _____ C:\Users\Public\Desktop\Google Chrome.lnk
==================== Files in the root of some directories ========
2022-08-09 10:25 - 2022-08-09 10:25 - 000000025 _____ () C:\Users\Luděk\AppData\Roaming\alsoft.ini
==================== SigCheck ============================
(There is no automatic fix for files that do not pass verification.)
==================== End of FRST.txt ========================
Additional scan result of Farbar Recovery Scan Tool (x64) Version: 20-01-2023
Ran by Luděk (21-01-2023 14:41:33)
Running from C:\Users\Luděk\Desktop
Microsoft Windows 10 Home Version 21H1 19043.2006 (X64) (2020-09-12 13:21:31)
Boot Mode: Normal
==========================================================
==================== Accounts: =============================
(If an entry is included in the fixlist, it will be removed.)
Administrator (S-1-5-21-2413350920-2034389097-1973294252-500 - Administrator - Disabled)
DefaultAccount (S-1-5-21-2413350920-2034389097-1973294252-503 - Limited - Disabled)
Guest (S-1-5-21-2413350920-2034389097-1973294252-501 - Limited - Disabled)
Luděk (S-1-5-21-2413350920-2034389097-1973294252-1001 - Administrator - Enabled) => C:\Users\Luděk
WDAGUtilityAccount (S-1-5-21-2413350920-2034389097-1973294252-504 - Limited - Disabled)
==================== Security Center ========================
(If an entry is included in the fixlist, it will be removed.)
AV: Windows Defender (Enabled - Up to date) {D68DDC3A-831F-4fae-9E44-DA132C1ACF46}
AV: Kaspersky Internet Security (Enabled - Up to date) {4F76F112-43EB-40E8-11D8-F7BD1853EA23}
FW: Kaspersky Internet Security (Disabled) {774D7037-0984-41B0-3A87-5E88E680AD58}
==================== Installed Programs ======================
(Only the adware programs with "Hidden" flag could be added to the fixlist to unhide them. The adware programs should be uninstalled manually.)
7-Zip 15.13 (x64) (HKLM\...\7-Zip) (Version: 15.13 - Igor Pavlov)
Adobe Acrobat (64-bit) (HKLM\...\{AC76BA86-1029-1033-7760-BC15014EA700}) (Version: 22.003.20310 - Adobe)
Adobe Flash Player 29 PPAPI (HKLM-x32\...\Adobe Flash Player PPAPI) (Version: 29.0.0.171 - Adobe Systems Incorporated)
Adobe Flash Player 32 NPAPI (HKLM-x32\...\Adobe Flash Player NPAPI) (Version: 32.0.0.344 - Adobe)
Adobe Refresh Manager (HKLM-x32\...\{AC76BA86-0804-1033-1959-018244601032}) (Version: 1.8.0 - Adobe Systems Incorporated) Hidden
AMD Catalyst Control Center (HKLM-x32\...\WUCCCApp) (Version: 1.00.0000 - AMD)
Ashampoo Burning Studio 6 FREE v.6.84 (HKLM-x32\...\{91B33C97-3ED1-03EA-A67B-244AA4D7B559}_is1) (Version: 6.8.4 - Ashampoo GmbH & Co. KG)
aTube Catcher verze 3.8 (HKLM-x32\...\{D43B360E-722D-421B-BC77-20B9E0F8B6CD}_is1) (Version: 3.8 - DsNET Corp)
AVI MP4 Converter v6.1 build 1595 (HKLM-x32\...\{7599513E-F863-4189-B9B4-0CE17CAC0733}_is1) (Version: - Hoo Technologies)
BomberFUN V1.02 (HKLM-x32\...\BomberFUN V1.02) (Version: - )
Catalyst Control Center - Branding (HKLM-x32\...\{11087D24-567D-7D88-69C6-D7A08B5F4C47}) (Version: 1.00.0000 - Advanced Micro Devices, Inc.) Hidden
CCleaner (HKLM\...\CCleaner) (Version: 6.08 - Piriform)
ConBuilder (HKLM-x32\...\ConBuilder) (Version: 2.03.0002 - WeiRuan)
CrystalDiskInfo 8.17.8 (HKLM\...\CrystalDiskInfo_is1) (Version: 8.17.8 - Crystal Dew World)
Defraggler (HKLM\...\Defraggler) (Version: 2.22 - Piriform)
Dolní Kounice v2.1 (HKLM-x32\...\{B997EA27-ADE2-47BC-B4A9-A9187FD8A49E}) (Version: 2.1 - Dyk, Vačice, Bajou)
Epic Privacy Browser (HKU\S-1-5-21-2413350920-2034389097-1973294252-1001\...\Epic Privacy Browser) (Version: 80.0.3987.87 - Epic)
Farming Simulator 15 (HKLM-x32\...\FarmingSimulator2015CZ_is1) (Version: 1.4.0.0 - GIANTS Software)
FlatOut2 (HKLM-x32\...\{D4006E71-FF32-44FF-AD5A-B5EE4389B825}_is1) (Version: 1.0 - US - ACTION, s.r.o.)
Gaming Keyboard Driver (HKLM-x32\...\{4860EC50-3BEE-4AD4-9A52-D1D7CF92C592}) (Version: 1.0 - )
Google Chrome (HKLM-x32\...\Google Chrome) (Version: 108.0.5359.125 - Google LLC)
HP Deskjet 6520 series Nápověda (HKLM-x32\...\{CB98887B-0D5D-482A-8039-102F60DAA960}) (Version: 28.0.0 - Hewlett Packard)
HP Update (HKLM-x32\...\{912D30CF-F39E-4B31-AD9A-123C6B794EE2}) (Version: 5.005.002.002 - Hewlett-Packard)
Kontrola stavu osobního počítače s Windows (HKLM\...\{D1F15F7A-707A-42BD-BE6B-3380616F796D}) (Version: 3.6.2204.08001 - Microsoft Corporation)
LibreOffice 5.1 Help Pack (Czech) (HKLM\...\{CF75D6E3-00A3-4BB1-815C-0BBB999324CF}) (Version: 5.1.1.3 - The Document Foundation)
LibreOffice 5.1.1.3 (HKLM\...\{407B69E0-F7D7-45E2-AC19-96134B0294A2}) (Version: 5.1.1.3 - The Document Foundation)
Microsoft .NET Host - 5.0.10 (x86) (HKLM-x32\...\{EEC610D2-6934-4567-A658-092A1429A21A}) (Version: 40.40.30412 - Microsoft Corporation) Hidden
Microsoft .NET Host FX Resolver - 5.0.10 (x86) (HKLM-x32\...\{29F55E7D-9FB8-4F1D-A233-1F5995CB0FF5}) (Version: 40.40.30412 - Microsoft Corporation) Hidden
Microsoft .NET Runtime - 5.0.10 (x86) (HKLM-x32\...\{17675144-2D5B-4BA3-AF21-A65F7D824149}) (Version: 40.40.30412 - Microsoft Corporation) Hidden
Microsoft Edge (HKLM-x32\...\Microsoft Edge) (Version: 109.0.1518.55 - Microsoft Corporation)
Microsoft Edge WebView2 Runtime (HKLM-x32\...\Microsoft EdgeWebView) (Version: 109.0.1518.52 - Microsoft Corporation)
Microsoft OneDrive (HKU\S-1-5-21-2413350920-2034389097-1973294252-1001\...\OneDriveSetup.exe) (Version: 22.238.1114.0002 - Microsoft Corporation)
Microsoft Update Health Tools (HKLM\...\{7B1FCD52-8F6B-4F12-A143-361EA39F5E7C}) (Version: 3.67.0.0 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x64 9.0.30729.6161 (HKLM\...\{5FCE6D76-F5DC-37AB-B2B8-22AB8CEDB1D4}) (Version: 9.0.30729.6161 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.6161 (HKLM-x32\...\{9BE518E6-ECC6-35A9-88E4-87755C07200F}) (Version: 9.0.30729.6161 - Microsoft Corporation)
Microsoft Visual C++ 2010 x64 Redistributable - 10.0.40219 (HKLM\...\{1D8E6291-B0D5-35EC-8441-6616F567A0F7}) (Version: 10.0.40219 - Microsoft Corporation)
Microsoft Visual C++ 2010 x86 Redistributable - 10.0.40219 (HKLM-x32\...\{F0C3E5D1-1ADE-321E-8167-68EF0DE699A5}) (Version: 10.0.40219 - Microsoft Corporation)
Microsoft Visual C++ 2012 Redistributable (x64) - 11.0.50727 (HKLM-x32\...\{15134cb0-b767-4960-a911-f2d16ae54797}) (Version: 11.0.50727.1 - Microsoft Corporation)
Microsoft Visual C++ 2012 Redistributable (x86) - 11.0.50727 (HKLM-x32\...\{22154f09-719a-4619-bb71-5b3356999fbf}) (Version: 11.0.50727.1 - Microsoft Corporation)
Microsoft Visual C++ 2012 x64 Additional Runtime - 11.0.50727 (HKLM\...\{AC53FC8B-EE18-3F9C-9B59-60937D0B182C}) (Version: 11.0.50727 - Microsoft Corporation) Hidden
Microsoft Visual C++ 2012 x64 Minimum Runtime - 11.0.50727 (HKLM\...\{A2CB1ACB-94A2-32BA-A15E-7D80319F7589}) (Version: 11.0.50727 - Microsoft Corporation) Hidden
Microsoft Visual C++ 2012 x86 Additional Runtime - 11.0.50727 (HKLM-x32\...\{FDB30193-FDA0-3DAA-ACCA-A75EEFE53607}) (Version: 11.0.50727 - Microsoft Corporation) Hidden
Microsoft Visual C++ 2012 x86 Minimum Runtime - 11.0.50727 (HKLM-x32\...\{2F73A7B2-E50E-39A6-9ABC-EF89E4C62E36}) (Version: 11.0.50727 - Microsoft Corporation) Hidden
Microsoft Visual C++ 2015 Redistributable (x64) - 14.0.24215 (HKLM-x32\...\{d992c12e-cab2-426f-bde3-fb8c53950b0d}) (Version: 14.0.24215.1 - Microsoft Corporation)
Microsoft Visual C++ 2015 Redistributable (x86) - 14.0.24215 (HKLM-x32\...\{e2803110-78b3-4664-a479-3611a381656a}) (Version: 14.0.24215.1 - Microsoft Corporation)
Microsoft Visual C++ 2015 x86 Additional Runtime - 14.0.24215 (HKLM-x32\...\{69BCE4AC-9572-3271-A2FB-9423BDA36A43}) (Version: 14.0.24215 - Microsoft Corporation) Hidden
Microsoft Visual C++ 2015 x86 Minimum Runtime - 14.0.24215 (HKLM-x32\...\{BBF2AC74-720C-3CB3-8291-5E34039232FA}) (Version: 14.0.24215 - Microsoft Corporation) Hidden
Microsoft Visual C++ 2017 Redistributable (x64) - 14.16.27027 (HKLM-x32\...\{fd9b6070-d13e-45dc-819b-41806bf45b6b}) (Version: 14.16.27027.1 - Microsoft Corporation)
Microsoft Visual C++ 2017 X64 Additional Runtime - 14.16.27024 (HKLM\...\{9D29FC96-9EEE-4253-943F-96B3BBFDD0B6}) (Version: 14.16.27024 - Microsoft Corporation) Hidden
Microsoft Visual C++ 2017 X64 Minimum Runtime - 14.16.27024 (HKLM\...\{F1B0FB3A-E0EA-47A6-9383-3650655403B0}) (Version: 14.16.27024 - Microsoft Corporation) Hidden
Microsoft Windows Desktop Runtime - 5.0.10 (x86) (HKLM-x32\...\{DCE5198A-7449-4F9F-A630-C8363759D0FB}) (Version: 40.40.30418 - Microsoft Corporation) Hidden
Microsoft XNA Framework Redistributable 3.1 (HKLM-x32\...\{19BFDA5D-1FE2-4F25-97F9-1A79DD04EE20}) (Version: 3.1.10527.0 - Microsoft Corporation)
MKVToolNix 51.0.0 (64-bit) (HKLM-x32\...\MKVToolNix) (Version: 51.0.0 - Moritz Bunkus)
Mozilla Firefox 64.0.2 (x64 cs) (HKLM\...\Mozilla Firefox 64.0.2 (x64 cs)) (Version: 64.0.2 - Mozilla)
Mozilla Maintenance Service (HKLM\...\MozillaMaintenanceService) (Version: 63.0.3 - Mozilla)
NVIDIA PhysX (HKLM-x32\...\{3F5C371F-8EA2-4F25-9D3D-D0B4526E3AEA}) (Version: 9.10.0513 - NVIDIA Corporation)
Open Rails 1.4 (HKLM-x32\...\{94E15E08-869D-4B69-B8D7-8C82075CB51C} ; Generat~67F3DAC8_is1) (Version: 1.4 - Open Rails Project)
Opera Stable 94.0.4606.65 (HKU\S-1-5-21-2413350920-2034389097-1973294252-1001\...\Opera 94.0.4606.65) (Version: 94.0.4606.65 - Opera Software)
Recuva (HKLM\...\Recuva) (Version: 1.53 - Piriform)
RogueKiller version 15.1.3.0 (HKLM\...\8B3D7924-ED89-486B-8322-E8594065D5CB_is1) (Version: 15.1.3.0 - Adlice Software)
SMPlayer 16.4.0 (x64) (HKLM\...\SMPlayer) (Version: 16.4.0 - Ricardo Villalba)
Sophos Virus Removal Tool (HKLM-x32\...\{B829E117-D072-41EA-9606-9826A38D34C1}) (Version: 2.9.0 - Sophos Limited)
Steam (HKLM-x32\...\Steam) (Version: 2.10.91.91 - Valve Corporation)
Trať Bratislava-Brno-Praha pro MSTS verze BP95.20-T13OR/21.03.2 (HKLM-x32\...\Trať Bratislava-Brno-Praha pro MSTS_is1) (Version: - Zbyněk Šemora)
Update for Windows 10 for x64-based Systems (KB5001716) (HKLM\...\{C22F49B1-0F67-47DC-A490-E8B4B6558EA9}) (Version: 8.91.0.0 - Microsoft Corporation)
Visual Studio 2012 x64 Redistributables (HKLM\...\{8C775E70-A791-4DA8-BCC3-6AB7136F4484}) (Version: 14.0.0.1 - AVG Technologies)
Visual Studio 2012 x86 Redistributables (HKLM-x32\...\{98EFF19A-30AB-4E4B-B943-F06B1C63EBF8}) (Version: 14.0.0.1 - AVG Technologies CZ, s.r.o.)
Vivaldi (HKU\S-1-5-21-2413350920-2034389097-1973294252-1001\...\Vivaldi) (Version: 2.9.1705.41 - Vivaldi Technologies AS.)
Základní software zařízení HP Deskjet 6520 series (HKLM\...\{E0365A88-9BCE-4E15-98C5-21F454C7479F}) (Version: 28.0.1315.0 - Hewlett-Packard Co.)
Zemana AntiMalware verze 3.2.28 (HKLM-x32\...\{4E1F3677-C72E-4F7D-B66E-85467B1A289E}_is1) (Version: 3.2.28 - Zemana)
Packages:
=========
Autodesk SketchBook -> C:\Program Files\WindowsApps\89006A2E.AutodeskSketchBook_5.1.0.0_x64__tf1gferkr813w [2019-11-08] (Autodesk Inc.)
Candy Crush Soda Saga -> C:\Program Files\WindowsApps\king.com.CandyCrushSodaSaga_1.233.300.0_x64__kgqvnymyfvs32 [2022-12-29] (king.com)
HP Smart -> C:\Program Files\WindowsApps\AD2F1837.HPPrinterControl_141.2.441.0_x64__v10z8vjag6ke6 [2022-12-10] (HP Inc.)
Microsoft Advertising SDK for XAML -> C:\Program Files\WindowsApps\Microsoft.Advertising.Xaml_10.1811.1.0_x64__8wekyb3d8bbwe [2019-02-12] (Microsoft Corporation) [MS Ad]
Microsoft Advertising SDK for XAML -> C:\Program Files\WindowsApps\Microsoft.Advertising.Xaml_10.1811.1.0_x86__8wekyb3d8bbwe [2019-02-12] (Microsoft Corporation) [MS Ad]
Solitaire & Casual Games -> C:\Program Files\WindowsApps\Microsoft.MicrosoftSolitaireCollection_4.15.12020.0_x64__8wekyb3d8bbwe [2022-12-10] (Microsoft Studios) [MS Ad]
Spotify Music -> C:\Program Files\WindowsApps\SpotifyAB.SpotifyMusic_1.200.1165.0_x86__zpdnekdrzrea0 [2022-12-10] (Spotify AB) [Startup Task]
Twitter -> C:\Program Files\WindowsApps\9E2F88E3.TWITTER_7.0.1.0_neutral__wgeqdkkx372wm [2021-06-16] (Twitter Inc.)
==================== Custom CLSID (Whitelisted): ==============
(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)
CustomCLSID: HKU\S-1-5-21-2413350920-2034389097-1973294252-1001_Classes\CLSID\{BCA9D37C-CA60-4160-9115-97A00F24702D}\localserver32 -> C:\Users\Luděk\AppData\Local\Vivaldi\Application\2.9.1705.41\notification_helper.exe (Vivaldi Technologies AS -> Vivaldi Technologies AS)
ContextMenuHandlers1: [2.0 Zemana AntiMalware] -> {6ABB1C11-E261-4CEA-BBB5-3836225689DD} => C:\Program Files (x86)\Zemana\AntiMalware\AM_ShellExt64.dll [2021-03-30] (Zemana D.O.O. Sarajevo -> Advanced Malware Protection. Copyright 2019.)
ContextMenuHandlers1: [7-Zip] -> {23170F69-40C1-278A-1000-000100020000} => C:\Program Files\7-Zip\7-zip.dll [2015-12-31] (Igor Pavlov) [File not signed]
ContextMenuHandlers1: [DefragglerShellExtension] -> {4380C993-0C43-4E02-9A7A-0D40B6EA7590} => C:\Program Files\Defraggler\DefragglerShell64.dll [2018-05-02] (Piriform Ltd -> Piriform Ltd)
ContextMenuHandlers3: [MBAMShlExt] -> {57CE581A-0CB6-4266-9CA0-19364C90A0B3} => -> No File
ContextMenuHandlers4: [7-Zip] -> {23170F69-40C1-278A-1000-000100020000} => C:\Program Files\7-Zip\7-zip.dll [2015-12-31] (Igor Pavlov) [File not signed]
ContextMenuHandlers4: [RecuvaShellExt] -> {435E5DF5-2510-463C-B223-BDA47006D002} => C:\Program Files\Recuva\RecuvaShell64.dll [2016-06-06] (Piriform Ltd -> Piriform Ltd)
ContextMenuHandlers5: [ACE] -> {5E2121EE-0300-11D4-8D3B-444553540000} => C:\Program Files (x86)\ATI Technologies\ATI.ACE\Core-Static\atiacm64.dll [2015-11-04] (Advanced Micro Devices, Inc. -> Advanced Micro Devices, Inc.)
ContextMenuHandlers6: [2.0 Zemana AntiMalware] -> {6ABB1C11-E261-4CEA-BBB5-3836225689DD} => C:\Program Files (x86)\Zemana\AntiMalware\AM_ShellExt64.dll [2021-03-30] (Zemana D.O.O. Sarajevo -> Advanced Malware Protection. Copyright 2019.)
ContextMenuHandlers6: [7-Zip] -> {23170F69-40C1-278A-1000-000100020000} => C:\Program Files\7-Zip\7-zip.dll [2015-12-31] (Igor Pavlov) [File not signed]
ContextMenuHandlers6: [DefragglerShellExtension] -> {4380C993-0C43-4E02-9A7A-0D40B6EA7590} => C:\Program Files\Defraggler\DefragglerShell64.dll [2018-05-02] (Piriform Ltd -> Piriform Ltd)
ContextMenuHandlers6: [MBAMShlExt] -> {57CE581A-0CB6-4266-9CA0-19364C90A0B3} => -> No File
ContextMenuHandlers6: [RecuvaShellExt] -> {435E5DF5-2510-463C-B223-BDA47006D002} => C:\Program Files\Recuva\RecuvaShell64.dll [2016-06-06] (Piriform Ltd -> Piriform Ltd)
==================== Codecs (Whitelisted) ====================
(If an entry is included in the fixlist, the registry item will be restored to default or removed. The file will not be moved.)
HKLM\...\Drivers32: [VIDC.FMVC] => C:\Windows\SysWOW64\fmcodec.dll [77824 2008-08-18] (Fox Magic Software) [File not signed]
==================== Shortcuts & WMI ========================
==================== Loaded Modules (Whitelisted) =============
2016-08-28 18:36 - 2014-01-10 15:01 - 000061440 _____ () [File not signed] C:\Program Files (x86)\Gaming Keyboard\hiddriver.dll
2016-08-28 18:36 - 2014-06-23 08:58 - 000057344 _____ () [File not signed] C:\Program Files (x86)\Gaming Keyboard\lan.dll
2014-02-11 05:08 - 2014-02-11 05:08 - 000817152 _____ () [File not signed] C:\Program Files\ATI Technologies\ATI.ACE\Fuel\Device.dll
2015-11-04 15:43 - 2015-11-04 15:43 - 000214528 _____ () [File not signed] C:\Program Files\ATI Technologies\ATI.ACE\Fuel\Fuel.Container.PerformanceTuning.dll
2015-11-04 15:43 - 2015-11-04 15:43 - 000102400 _____ () [File not signed] C:\Program Files\ATI Technologies\ATI.ACE\Fuel\Fuel.Proxy.Native.dll
2014-02-11 05:08 - 2014-02-11 05:08 - 003650560 _____ () [File not signed] C:\Program Files\ATI Technologies\ATI.ACE\Fuel\Platform.dll
==================== Alternate Data Streams (Whitelisted) ========
(If an entry is included in the fixlist, only the ADS will be removed.)
AlternateDataStreams: C:\Users\Luděk\Desktop\opocno.jpeg:3or4kl4x13tuuug3Byamue2s4b [97]
AlternateDataStreams: C:\Users\Luděk\Desktop\opocno.jpeg:{4c8cc155-6c1e-11d1-8e41-00c04fb9386d} [0]
AlternateDataStreams: C:\Users\Luděk\Desktop\ratiborice.jpeg:3or4kl4x13tuuug3Byamue2s4b [97]
AlternateDataStreams: C:\Users\Luděk\Desktop\ratiborice.jpeg:{4c8cc155-6c1e-11d1-8e41-00c04fb9386d} [0]
==================== Safe Mode (Whitelisted) ==================
(If an entry is included in the fixlist, it will be removed from the registry. The "AlternateShell" will be restored.)
HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\amsdk.sys => ""="Driver"
HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\MBAMService => ""="Service"
HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Network\amsdk.sys => ""="Driver"
HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Network\MBAMService => ""="Service"
==================== Association (Whitelisted) =================
==================== Internet Explorer (Whitelisted) ==========
==================== Hosts content: =========================
(If needed Hosts: directive could be included in the fixlist to reset Hosts.)
2015-10-30 08:24 - 2021-11-15 15:40 - 000000841 _____ C:\WINDOWS\system32\drivers\etc\hosts
127.0.0.1 localhost
==================== Other Areas ===========================
(Currently there is no automatic fix for this section.)
HKLM\System\CurrentControlSet\Control\Session Manager\Environment\\Path -> C:\Program Files (x86)\NVIDIA Corporation\PhysX\Common;%SystemRoot%\system32;%SystemRoot%;%SystemRoot%\System32\Wbem;%SYSTEMROOT%\System32\WindowsPowerShell\v1.0\;C:\Program Files (x86)\ATI Technologies\ATI.ACE\Core-Static;%SYSTEMROOT%\System32\OpenSSH\;C:\Program Files (x86)\dotnet\
HKU\S-1-5-21-2413350920-2034389097-1973294252-1001\Control Panel\Desktop\\Wallpaper -> c:\users\luděk\desktop\23405690_10155784424993349_3093559559454387695_o.jpg
DNS Servers: 192.168.2.1
HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Policies\System => (ConsentPromptBehaviorAdmin: 5) (ConsentPromptBehaviorUser: 3) (EnableLUA: 1)
HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer => (SmartScreenEnabled: Warn)
Windows Firewall is enabled.
==================== MSCONFIG/TASK MANAGER disabled items ==
(If an entry is included in the fixlist, it will be removed.)
HKU\S-1-5-21-2413350920-2034389097-1973294252-1001\...\StartupApproved\Run: => "Steam"
==================== FirewallRules (Whitelisted) ================
(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)
FirewallRules: [{7ABA0ABF-410C-4443-BFFD-C3AD37E0E53C}] => (Allow) C:\Program Files (x86)\Steam\steamapps\common\RailWorks\RailWorks.exe () [File not signed]
FirewallRules: [{CDD8E730-DEE0-4241-9E1B-7CDF2EF2A75D}] => (Allow) C:\Program Files (x86)\Steam\steamapps\common\RailWorks\RailWorks.exe () [File not signed]
FirewallRules: [{5C6661D2-A8BF-474C-8071-1CA5D81D937D}] => (Allow) C:\Program Files (x86)\Steam\Steam.exe (Valve Corp. -> Valve Corporation)
FirewallRules: [{8315A6EE-10C1-4756-B662-684C7C8C61B1}] => (Allow) C:\Program Files (x86)\Steam\Steam.exe (Valve Corp. -> Valve Corporation)
FirewallRules: [UDP Query User{15F6940B-8956-4508-9026-1635FF597393}C:\program files\hp\hp deskjet 6520 series\bin\hpnetworkcommunicator.exe] => (Block) C:\program files\hp\hp deskjet 6520 series\bin\hpnetworkcommunicator.exe (Hewlett Packard -> Hewlett-Packard Co.)
FirewallRules: [TCP Query User{0587E1A2-CD53-4846-A0ED-932212A520D5}C:\program files\hp\hp deskjet 6520 series\bin\hpnetworkcommunicator.exe] => (Block) C:\program files\hp\hp deskjet 6520 series\bin\hpnetworkcommunicator.exe (Hewlett Packard -> Hewlett-Packard Co.)
FirewallRules: [UDP Query User{6769A318-1795-4A62-B2AF-2E4E2DCCF199}C:\program files\hp\hp deskjet 6520 series\bin\hpnetworkcommunicatorcom.exe] => (Block) C:\program files\hp\hp deskjet 6520 series\bin\hpnetworkcommunicatorcom.exe (Hewlett Packard -> Hewlett-Packard Co.)
FirewallRules: [TCP Query User{A4CE6DE5-D5CE-4C63-AC4E-B04EDC316D0E}C:\program files\hp\hp deskjet 6520 series\bin\hpnetworkcommunicatorcom.exe] => (Block) C:\program files\hp\hp deskjet 6520 series\bin\hpnetworkcommunicatorcom.exe (Hewlett Packard -> Hewlett-Packard Co.)
FirewallRules: [UDP Query User{5B4D5438-B92D-4902-A212-D7A6FBD6E979}C:\program files\hp\hp deskjet 6520 series\bin\hpnetworkcommunicatorcom.exe] => (Allow) C:\program files\hp\hp deskjet 6520 series\bin\hpnetworkcommunicatorcom.exe (Hewlett Packard -> Hewlett-Packard Co.)
FirewallRules: [TCP Query User{27F63A43-C233-4699-A3DE-D9DA052DC1D8}C:\program files\hp\hp deskjet 6520 series\bin\hpnetworkcommunicatorcom.exe] => (Allow) C:\program files\hp\hp deskjet 6520 series\bin\hpnetworkcommunicatorcom.exe (Hewlett Packard -> Hewlett-Packard Co.)
FirewallRules: [UDP Query User{584CC4F1-36B3-4E0B-950D-A6450CE09DF5}C:\program files\hp\hp deskjet 6520 series\bin\hpnetworkcommunicator.exe] => (Allow) C:\program files\hp\hp deskjet 6520 series\bin\hpnetworkcommunicator.exe (Hewlett Packard -> Hewlett-Packard Co.)
FirewallRules: [TCP Query User{38800719-7A9A-4CF3-8FB0-59FFABD3A30D}C:\program files\hp\hp deskjet 6520 series\bin\hpnetworkcommunicator.exe] => (Allow) C:\program files\hp\hp deskjet 6520 series\bin\hpnetworkcommunicator.exe (Hewlett Packard -> Hewlett-Packard Co.)
FirewallRules: [{426C08BD-211C-46D5-AC20-9559816DC8C3}] => (Allow) C:\Program Files (x86)\Steam\bin\cef\cef.win7x64\steamwebhelper.exe (Valve Corp. -> Valve Corporation)
FirewallRules: [{7BD95FC3-D0FE-44D6-BD7A-AE0984B6C69A}] => (Allow) C:\Program Files (x86)\Steam\bin\cef\cef.win7x64\steamwebhelper.exe (Valve Corp. -> Valve Corporation)
FirewallRules: [{DD64A906-5282-4944-9764-DC8AFD732483}] => (Allow) C:\Program Files\Mozilla Firefox\firefox.exe (Mozilla Corporation -> Mozilla Corporation)
FirewallRules: [{241AF613-6422-4F70-BB99-5A269BD7F73F}] => (Allow) C:\Program Files\Mozilla Firefox\firefox.exe (Mozilla Corporation -> Mozilla Corporation)
FirewallRules: [{4C387352-FDC8-4944-BCDD-181FC6FADF22}] => (Allow) C:\Program Files (x86)\Steam\steamapps\common\OMSI 2\Omsi.exe (MR-Software) [File not signed]
FirewallRules: [{48D88520-5094-4192-9F62-0D5E2B037BF4}] => (Allow) C:\Program Files (x86)\Steam\steamapps\common\OMSI 2\Omsi.exe (MR-Software) [File not signed]
FirewallRules: [{8A2BEFAB-3AF2-4B8F-A1F6-16B877795CD3}] => (Allow) C:\Program Files (x86)\Steam\steamapps\common\RailWorks\RailWorks64.exe () [File not signed]
FirewallRules: [{081441BF-23BF-4705-864B-7AF0FB551E3B}] => (Allow) C:\Program Files (x86)\Steam\steamapps\common\RailWorks\RailWorks64.exe () [File not signed]
FirewallRules: [{59734E27-FF46-4D5B-AAF7-2140B7053E6E}] => (Allow) C:\Program Files (x86)\Steam\steamapps\common\Spintires\SpinTires.exe (Oovee Ltd.) [File not signed]
FirewallRules: [{031BADA1-78FC-400D-B655-3C1F577ED47E}] => (Allow) C:\Program Files (x86)\Steam\steamapps\common\Spintires\SpinTires.exe (Oovee Ltd.) [File not signed]
FirewallRules: [{78ABEC01-D2C1-4AAA-AE13-92284106D4AF}] => (Allow) C:\Program Files (x86)\Steam\steamapps\common\OMSI 2\Launcher.exe () [File not signed]
FirewallRules: [{1069A213-6C57-4D31-BC22-B3DA47D699D3}] => (Allow) C:\Program Files (x86)\Steam\steamapps\common\OMSI 2\Launcher.exe () [File not signed]
FirewallRules: [TCP Query User{89733AC4-56D4-4C4D-8CB6-2ACF47255A88}C:\users\luděk\appdata\local\programs\opera\opera.exe] => (Block) C:\users\luděk\appdata\local\programs\opera\opera.exe (Opera Norway AS -> Opera Software)
FirewallRules: [UDP Query User{DCD664F8-6CFB-4F6C-95B2-E67391D95F39}C:\users\luděk\appdata\local\programs\opera\opera.exe] => (Block) C:\users\luděk\appdata\local\programs\opera\opera.exe (Opera Norway AS -> Opera Software)
FirewallRules: [TCP Query User{1AD45766-C04E-4E05-BEB7-70A3552ED9A7}C:\maszyna_2\aria2c.exe] => (Allow) C:\maszyna_2\aria2c.exe () [File not signed]
FirewallRules: [UDP Query User{175187BB-50A1-41FE-ABA2-1C61894B1066}C:\maszyna_2\aria2c.exe] => (Allow) C:\maszyna_2\aria2c.exe () [File not signed]
FirewallRules: [{A9E0D998-661A-404D-890C-657FF92CB0FA}] => (Allow) C:\Program Files (x86)\Steam\steamapps\common\Euro Truck Simulator 2\bin\win_x64\eurotrucks2.exe (SCS Software s.r.o. -> SCS Software)
FirewallRules: [{EF27614A-8DB5-4781-8FAA-20E195FB0ED5}] => (Allow) C:\Program Files (x86)\Steam\steamapps\common\Euro Truck Simulator 2\bin\win_x64\eurotrucks2.exe (SCS Software s.r.o. -> SCS Software)
FirewallRules: [{FD11E358-628C-452B-8D2E-78C4F2C0F49C}] => (Allow) C:\Program Files (x86)\Steam\steamapps\common\Euro Truck Simulator 2\bin\win_x86\eurotrucks2.exe (SCS Software s.r.o. -> SCS Software)
FirewallRules: [{3B9051B5-BF44-4A74-89E7-2341625BA091}] => (Allow) C:\Program Files (x86)\Steam\steamapps\common\Euro Truck Simulator 2\bin\win_x86\eurotrucks2.exe (SCS Software s.r.o. -> SCS Software)
FirewallRules: [{A7B26027-6882-41EF-9CF7-C11DF8120399}] => (Allow) C:\Program Files\WindowsApps\SpotifyAB.SpotifyMusic_1.200.1165.0_x86__zpdnekdrzrea0\Spotify.exe (Spotify AB -> Spotify Ltd)
FirewallRules: [{916F50C1-0986-4A08-9109-1D5AFAA1ACDF}] => (Allow) C:\Program Files\WindowsApps\SpotifyAB.SpotifyMusic_1.200.1165.0_x86__zpdnekdrzrea0\Spotify.exe (Spotify AB -> Spotify Ltd)
FirewallRules: [{D33D6519-64D2-486F-A622-5A4335197CA5}] => (Allow) C:\Program Files\WindowsApps\SpotifyAB.SpotifyMusic_1.200.1165.0_x86__zpdnekdrzrea0\Spotify.exe (Spotify AB -> Spotify Ltd)
FirewallRules: [{7D229DC7-3EB8-4ED1-82A2-623FCD47345D}] => (Allow) C:\Program Files\WindowsApps\SpotifyAB.SpotifyMusic_1.200.1165.0_x86__zpdnekdrzrea0\Spotify.exe (Spotify AB -> Spotify Ltd)
FirewallRules: [{1BCFA279-C6BB-49E5-AE43-4AC2EC5DC220}] => (Allow) C:\Program Files\WindowsApps\SpotifyAB.SpotifyMusic_1.200.1165.0_x86__zpdnekdrzrea0\Spotify.exe (Spotify AB -> Spotify Ltd)
FirewallRules: [{E9B57F1F-A585-460F-B922-BC007DBD3748}] => (Allow) C:\Program Files\WindowsApps\SpotifyAB.SpotifyMusic_1.200.1165.0_x86__zpdnekdrzrea0\Spotify.exe (Spotify AB -> Spotify Ltd)
FirewallRules: [{FBEB9B83-AF74-4DE4-810C-CB884355E95C}] => (Allow) C:\Program Files\WindowsApps\SpotifyAB.SpotifyMusic_1.200.1165.0_x86__zpdnekdrzrea0\Spotify.exe (Spotify AB -> Spotify Ltd)
FirewallRules: [{036B8F25-4C87-45DF-A497-71A6BA234BCE}] => (Allow) C:\Program Files\WindowsApps\SpotifyAB.SpotifyMusic_1.200.1165.0_x86__zpdnekdrzrea0\Spotify.exe (Spotify AB -> Spotify Ltd)
FirewallRules: [{4B4984E7-7CCD-490E-9E0A-AB3A85A81461}] => (Allow) C:\Program Files\WindowsApps\Microsoft.SkypeApp_15.92.3204.0_x86__kzf8qxf38zg5c\Skype\Skype.exe (Skype Software Sarl -> Skype Technologies S.A.)
FirewallRules: [{E5E99D23-0CFA-4D14-9C07-4C73CD2ACADB}] => (Allow) C:\Program Files\WindowsApps\Microsoft.SkypeApp_15.92.3204.0_x86__kzf8qxf38zg5c\Skype\Skype.exe (Skype Software Sarl -> Skype Technologies S.A.)
FirewallRules: [{56A0CFAB-1205-44A0-9737-BB62D73E786E}] => (Allow) C:\Program Files\WindowsApps\Microsoft.SkypeApp_15.92.3204.0_x86__kzf8qxf38zg5c\Skype\Skype.exe (Skype Software Sarl -> Skype Technologies S.A.)
FirewallRules: [{0C4F53E0-037C-4900-88E6-B92B9290C3D1}] => (Allow) C:\Program Files\WindowsApps\Microsoft.SkypeApp_15.92.3204.0_x86__kzf8qxf38zg5c\Skype\Skype.exe (Skype Software Sarl -> Skype Technologies S.A.)
FirewallRules: [{A97D6038-C299-4285-9358-3FC61846AA33}] => (Allow) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe (Google LLC -> Google LLC)
FirewallRules: [TCP Query User{E7652214-B165-43D1-B61C-8253CDE8FBE4}C:\users\luděk\appdata\local\programs\opera\opera.exe] => (Block) C:\users\luděk\appdata\local\programs\opera\opera.exe (Opera Norway AS -> Opera Software)
FirewallRules: [UDP Query User{A93F5D6F-EF6B-40BA-ABBB-C5FE3D3E727F}C:\users\luděk\appdata\local\programs\opera\opera.exe] => (Block) C:\users\luděk\appdata\local\programs\opera\opera.exe (Opera Norway AS -> Opera Software)
FirewallRules: [{B2AC809F-4080-4CA5-B613-02114F0DF270}] => (Allow) C:\Program Files (x86)\Microsoft\EdgeWebView\Application\109.0.1518.52\msedgewebview2.exe (Microsoft Corporation -> Microsoft Corporation)
==================== Restore Points =========================
01-01-2023 10:09:45 Instalační služba modulů systému Windows
02-01-2023 18:54:27 Instalační služba modulů systému Windows
21-01-2023 10:25:00 Instalační služba modulů systému Windows
21-01-2023 11:18:09 Instalační služba modulů systému Windows
21-01-2023 11:36:28 Instalační služba modulů systému Windows
==================== Faulty Device Manager Devices ============
==================== Event log errors: ========================
Application errors:
==================
Error: (01/21/2023 10:20:13 AM) (Source: Application Hang) (EventID: 1002) (User: )
Description: Program SearchApp.exe verze 10.0.19041.1949 přestal spolupracovat s Windows a byl ukončen. Pokud chcete zjistit, jestli je k dispozici více informací o tomto problému, vyhledejte historii problému na ovládacím panelu Zabezpečení a údržba.
ID procesu: 9350
Čas spuštění: 01d92d76246158fe
Čas ukončení: 4294967295
Cesta k aplikaci: C:\Windows\SystemApps\Microsoft.Windows.Search_cw5n1h2txyewy\SearchApp.exe
ID hlášení: 28e7435c-193c-4f83-989e-5d2b7bbd453f
Úplný název balíčku s chybou: Microsoft.Windows.Search_1.14.7.19041_neutral_neutral_cw5n1h2txyewy
ID aplikace relativní podle balíčku s chybou: ShellFeedsUI
Typ zablokování: Quiesce
Error: (01/21/2023 09:55:41 AM) (Source: Application Hang) (EventID: 1002) (User: )
Description: Program XboxGameBarSpotify.exe verze 0.0.0.0 přestal spolupracovat s Windows a byl ukončen. Pokud chcete zjistit, jestli je k dispozici více informací o tomto problému, vyhledejte historii problému na ovládacím panelu Zabezpečení a údržba.
ID procesu: c80
Čas spuštění: 01d92d75ebd4f39d
Čas ukončení: 4294967295
Cesta k aplikaci: C:\Program Files\WindowsApps\SpotifyAB.SpotifyMusic_1.200.1165.0_x86__zpdnekdrzrea0\XboxGameBarSpotify.exe
ID hlášení: e32220d6-0bf5-430a-ac09-7ffceb4e73e3
Úplný název balíčku s chybou: SpotifyAB.SpotifyMusic_1.200.1165.0_x86__zpdnekdrzrea0
ID aplikace relativní podle balíčku s chybou: Widget
Typ zablokování: Cross-thread
Error: (01/15/2023 09:53:24 AM) (Source: Application Hang) (EventID: 1002) (User: )
Description: Program opera.exe verze 94.0.4606.38 přestal spolupracovat s Windows a byl ukončen. Pokud chcete zjistit, jestli je k dispozici více informací o tomto problému, vyhledejte historii problému na ovládacím panelu Zabezpečení a údržba.
ID procesu: 6f68
Čas spuštění: 01d928bccd45b221
Čas ukončení: 60000
Cesta k aplikaci: C:\Users\Luděk\AppData\Local\Programs\Opera\opera.exe
ID hlášení: 45a33d4b-a82a-4e19-9f8d-8d44f1ed3665
Úplný název balíčku s chybou:
ID aplikace relativní podle balíčku s chybou:
Typ zablokování: Cross-thread
Error: (01/14/2023 09:18:49 PM) (Source: Application Error) (EventID: 1000) (User: )
Description: Název chybující aplikace: wuauclt.exe, verze: 10.0.19041.1949, časové razítko: 0x17884906
Název chybujícího modulu: ntdll.dll, verze: 10.0.19041.1949, časové razítko: 0xfe96c48e
Kód výjimky: 0xc0000005
Posun chyby: 0x0000000000063466
ID chybujícího procesu: 0x1c4
Čas spuštění chybující aplikace: 0x01d91eb6d5a05952
Cesta k chybující aplikaci: C:\WINDOWS\system32\wuauclt.exe
Cesta k chybujícímu modulu: C:\WINDOWS\SYSTEM32\ntdll.dll
ID zprávy: 0a6fbdbd-197d-4e5b-befb-04f141ea053d
Úplný název chybujícího balíčku:
ID aplikace související s chybujícím balíčkem:
Error: (01/01/2023 05:27:19 PM) (Source: Application Error) (EventID: 1000) (User: )
Description: Název chybující aplikace: wuauclt.exe, verze: 10.0.19041.1949, časové razítko: 0x17884906
Název chybujícího modulu: ntdll.dll, verze: 10.0.19041.1949, časové razítko: 0xfe96c48e
Kód výjimky: 0xc0000005
Posun chyby: 0x0000000000063466
ID chybujícího procesu: 0x8a4
Čas spuštění chybující aplikace: 0x01d91dc0b59e7108
Cesta k chybující aplikaci: C:\WINDOWS\system32\wuauclt.exe
Cesta k chybujícímu modulu: C:\WINDOWS\SYSTEM32\ntdll.dll
ID zprávy: 7ac5ea44-7862-4b62-86c0-0d012210f7cf
Úplný název chybujícího balíčku:
ID aplikace související s chybujícím balíčkem:
Error: (12/31/2022 06:29:28 PM) (Source: Application Hang) (EventID: 1002) (User: )
Description: Program Microsoft.Photos.exe verze 2022.30120.12006.0 přestal spolupracovat s Windows a byl ukončen. Pokud chcete zjistit, jestli je k dispozici více informací o tomto problému, vyhledejte historii problému na ovládacím panelu Zabezpečení a údržba.
ID procesu: 138
Čas spuštění: 01d91d3d56284513
Čas ukončení: 4294967295
Cesta k aplikaci: C:\Program Files\WindowsApps\Microsoft.Windows.Photos_2022.30120.12006.0_x64__8wekyb3d8bbwe\Microsoft.Photos.exe
ID hlášení: 7cd03b0b-c7d8-4984-8b20-53b8b9a1500d
Úplný název balíčku s chybou: Microsoft.Windows.Photos_2022.30120.12006.0_x64__8wekyb3d8bbwe
ID aplikace relativní podle balíčku s chybou: App
Typ zablokování: Quiesce
Error: (12/31/2022 04:09:23 PM) (Source: Application Hang) (EventID: 1002) (User: )
Description: Program SearchApp.exe verze 10.0.19041.1949 přestal spolupracovat s Windows a byl ukončen. Pokud chcete zjistit, jestli je k dispozici více informací o tomto problému, vyhledejte historii problému na ovládacím panelu Zabezpečení a údržba.
ID procesu: 5d8
Čas spuštění: 01d91d1f1612135e
Čas ukončení: 4294967295
Cesta k aplikaci: C:\Windows\SystemApps\Microsoft.Windows.Search_cw5n1h2txyewy\SearchApp.exe
ID hlášení: 901ca01e-1693-452f-bece-ad5e9998ba8a
Úplný název balíčku s chybou: Microsoft.Windows.Search_1.14.7.19041_neutral_neutral_cw5n1h2txyewy
ID aplikace relativní podle balíčku s chybou: ShellFeedsUI
Typ zablokování: Quiesce
Error: (12/31/2022 03:15:53 PM) (Source: Microsoft-Windows-PerfNet) (EventID: 2004) (User: DESKTOP-MDPI0UB)
Description: Nelze otevřít objekt výkonu služby serveru. Vrácený kód stavu představují první čtyři bajty (DWORD) datové části.
System errors:
=============
Error: (01/21/2023 11:49:25 AM) (Source: DCOM) (EventID: 10010) (User: DESKTOP-MDPI0UB)
Description: Server {AB8902B4-09CA-4BB6-B78D-A8F59079A8D5} se v daném časovém limitu neregistroval u služby DCOM.
Error: (01/21/2023 11:49:25 AM) (Source: DCOM) (EventID: 10010) (User: DESKTOP-MDPI0UB)
Description: Server {AB8902B4-09CA-4BB6-B78D-A8F59079A8D5} se v daném časovém limitu neregistroval u služby DCOM.
Error: (01/21/2023 11:49:24 AM) (Source: DCOM) (EventID: 10010) (User: DESKTOP-MDPI0UB)
Description: Server {AB8902B4-09CA-4BB6-B78D-A8F59079A8D5} se v daném časovém limitu neregistroval u služby DCOM.
Error: (01/21/2023 11:49:24 AM) (Source: DCOM) (EventID: 10010) (User: DESKTOP-MDPI0UB)
Description: Server {AB8902B4-09CA-4BB6-B78D-A8F59079A8D5} se v daném časovém limitu neregistroval u služby DCOM.
Error: (01/21/2023 11:49:24 AM) (Source: DCOM) (EventID: 10010) (User: DESKTOP-MDPI0UB)
Description: Server {AB8902B4-09CA-4BB6-B78D-A8F59079A8D5} se v daném časovém limitu neregistroval u služby DCOM.
Error: (01/21/2023 11:49:24 AM) (Source: DCOM) (EventID: 10010) (User: DESKTOP-MDPI0UB)
Description: Server {AB8902B4-09CA-4BB6-B78D-A8F59079A8D5} se v daném časovém limitu neregistroval u služby DCOM.
Error: (01/21/2023 11:49:23 AM) (Source: DCOM) (EventID: 10010) (User: DESKTOP-MDPI0UB)
Description: Server {AB8902B4-09CA-4BB6-B78D-A8F59079A8D5} se v daném časovém limitu neregistroval u služby DCOM.
Error: (01/21/2023 11:49:23 AM) (Source: DCOM) (EventID: 10010) (User: DESKTOP-MDPI0UB)
Description: Server {AB8902B4-09CA-4BB6-B78D-A8F59079A8D5} se v daném časovém limitu neregistroval u služby DCOM.
Windows Defender:
================
Date: 2023-01-21 14:40:41
Description:
Antivirová ochrana v programu Microsoft Defender zjistil malware nebo jiný potenciálně nežádoucí software.
Další informace:
https://go.microsoft.com/fwlink/?linkid ... terprise=0
Název: PUABundler:Win32/PiriformBundler
Závažnost: Nízké
Kategorie: Potenciálně nežádoucí software
Cesta: containerfile:_C:\Users\Luděk\Desktop\ccsetup563.exe; containerfile:_C:\Users\Luděk\Desktop\dfsetup222.exe; file:_C:\Users\Luděk\Desktop\ccsetup563.exe; file:_C:\Users\Luděk\Desktop\ccsetup563.exe->(nsis-instdata); file:_C:\Users\Luděk\Desktop\dfsetup222.exe; file:_C:\Users\Luděk\Desktop\dfsetup222.exe->(nsis-instdata)
Původ detekce: Místní počítač
Typ detekce: Konkrétní
Zdroj detekce: Ochrana v reálném čase
Uživatel:
Název procesu: C:\Users\Luděk\Desktop\FRST64.exe
Verze bezpečnostních informací: AV: 1.381.2497.0, AS: 1.381.2497.0, NIS: 1.381.2497.0
Verze modulu: AM: 1.1.19900.2, NIS: 1.1.19900.2
Date: 2023-01-21 09:52:57
Description:
Antivirová ochrana v programu Microsoft Defender zjistil malware nebo jiný potenciálně nežádoucí software.
Další informace:
https://go.microsoft.com/fwlink/?linkid ... terprise=0
Název: PUABundler:Win32/PiriformBundler
Závažnost: Nízké
Kategorie: Potenciálně nežádoucí software
Cesta: file:_C:\Users\Luděk\Desktop\ccsetup563.exe; file:_C:\Users\Luděk\Desktop\dfsetup222.exe
Původ detekce: Místní počítač
Typ detekce: FastPath
Zdroj detekce: Ochrana v reálném čase
Uživatel: DESKTOP-MDPI0UB\Luděk
Název procesu: C:\Windows\explorer.exe
Verze bezpečnostních informací: AV: 1.381.1467.0, AS: 1.381.1467.0, NIS: 1.381.1467.0
Verze modulu: AM: 1.1.19900.2, NIS: 1.1.19900.2
Date: 2023-01-20 18:13:09
Description:
Antivirová ochrana v programu Microsoft Defender zjistil malware nebo jiný potenciálně nežádoucí software.
Další informace:
https://go.microsoft.com/fwlink/?linkid ... terprise=0
Název: PUABundler:Win32/PiriformBundler
Závažnost: Nízké
Kategorie: Potenciálně nežádoucí software
Cesta: file:_C:\Users\Luděk\Desktop\ccsetup563.exe; file:_C:\Users\Luděk\Desktop\dfsetup222.exe
Původ detekce: Místní počítač
Typ detekce: FastPath
Zdroj detekce: Ochrana v reálném čase
Uživatel: DESKTOP-MDPI0UB\Luděk
Název procesu: C:\Windows\explorer.exe
Verze bezpečnostních informací: AV: 1.381.1467.0, AS: 1.381.1467.0, NIS: 1.381.1467.0
Verze modulu: AM: 1.1.19900.2, NIS: 1.1.19900.2
Date: 2023-01-20 18:13:03
Description:
Antivirová ochrana v programu Microsoft Defender zjistil malware nebo jiný potenciálně nežádoucí software.
Další informace:
https://go.microsoft.com/fwlink/?linkid ... terprise=0
Název: PUABundler:Win32/PiriformBundler
Závažnost: Nízké
Kategorie: Potenciálně nežádoucí software
Cesta: file:_C:\Users\Luděk\Desktop\ccsetup563.exe
Původ detekce: Místní počítač
Typ detekce: FastPath
Zdroj detekce: Ochrana v reálném čase
Uživatel: DESKTOP-MDPI0UB\Luděk
Název procesu: C:\Windows\explorer.exe
Verze bezpečnostních informací: AV: 1.381.1467.0, AS: 1.381.1467.0, NIS: 1.381.1467.0
Verze modulu: AM: 1.1.19900.2, NIS: 1.1.19900.2
Date: 2022-12-30 12:33:44
Description:
Antivirová ochrana v programu Microsoft Defender zjistil malware nebo jiný potenciálně nežádoucí software.
Další informace:
https://go.microsoft.com/fwlink/?linkid ... terprise=0
Název: PUABundler:Win32/PiriformBundler
Závažnost: Nízké
Kategorie: Potenciálně nežádoucí software
Cesta: containerfile:_C:\Users\Luděk\Desktop\ccsetup563.exe; containerfile:_C:\Users\Luděk\Desktop\dfsetup222.exe; file:_C:\Users\Luděk\Desktop\ccsetup563.exe; file:_C:\Users\Luděk\Desktop\ccsetup563.exe->(nsis-instdata); file:_C:\Users\Luděk\Desktop\dfsetup222.exe; file:_C:\Users\Luděk\Desktop\dfsetup222.exe->(nsis-instdata)
Původ detekce: Místní počítač
Typ detekce: Konkrétní
Zdroj detekce: Ochrana v reálném čase
Uživatel:
Název procesu: C:\Windows\explorer.exe
Verze bezpečnostních informací: AV: 1.381.1377.0, AS: 1.381.1377.0, NIS: 1.381.1377.0
Verze modulu: AM: 1.1.19900.2, NIS: 1.1.19900.2
Event[0]:
Date: 2023-01-21 12:46:47
Description:
Antivirová ochrana v programu Microsoft Defender narazil na chybu při pokusu o aktualizaci bezpečnostních informací.
Nová verze bezpečnostních informací:
Předchozí verze bezpečnostních informací: 1.381.1467.0
Zdroj aktualizace: Centrum společnosti Microsoft pro ochranu před škodlivým softwarem
Typ bezpečnostních informací: Antivirový program
Typ aktualizace: Úplné
Uživatel: NT AUTHORITY\NETWORK SERVICE
Aktuální verze modulu:
Předchozí verze modulu: 1.1.19900.2
Kód chyby: 0x80070020
Popis chyby: Proces nemá přístup k souboru, neboť jej právě využívá jiný proces.
Date: 2023-01-21 12:46:47
Description:
Antivirová ochrana v programu Microsoft Defender narazil na chybu při pokusu o aktualizaci bezpečnostních informací.
Nová verze bezpečnostních informací:
Předchozí verze bezpečnostních informací: 1.381.1467.0
Zdroj aktualizace: Centrum společnosti Microsoft pro ochranu před škodlivým softwarem
Typ bezpečnostních informací: Antispywarový program
Typ aktualizace: Úplné
Uživatel: NT AUTHORITY\NETWORK SERVICE
Aktuální verze modulu:
Předchozí verze modulu: 1.1.19900.2
Kód chyby: 0x80070020
Popis chyby: Proces nemá přístup k souboru, neboť jej právě využívá jiný proces.
Date: 2023-01-21 12:46:47
Description:
Antivirová ochrana v programu Microsoft Defender narazil na chybu při pokusu o aktualizaci bezpečnostních informací.
Nová verze bezpečnostních informací:
Předchozí verze bezpečnostních informací: 1.381.1467.0
Zdroj aktualizace: Centrum společnosti Microsoft pro ochranu před škodlivým softwarem
Typ bezpečnostních informací: Antivirový program
Typ aktualizace: Úplné
Uživatel: NT AUTHORITY\NETWORK SERVICE
Aktuální verze modulu:
Předchozí verze modulu: 1.1.19900.2
Kód chyby: 0x80070020
Popis chyby: Proces nemá přístup k souboru, neboť jej právě využívá jiný proces.
Date: 2023-01-21 12:44:30
Description:
Antivirová ochrana v programu Microsoft Defender narazil na chybu při pokusu o aktualizaci bezpečnostních informací.
Nová verze bezpečnostních informací:
Předchozí verze bezpečnostních informací: 1.381.1467.0
Zdroj aktualizace: Server Microsoft Update
Typ bezpečnostních informací: Antivirový program
Typ aktualizace: Úplné
Uživatel: NT AUTHORITY\SYSTEM
Aktuální verze modulu:
Předchozí verze modulu: 1.1.19900.2
Kód chyby: 0x80070102
Popis chyby: Vypršel časový limit operace čekání.
Date: 2023-01-21 12:44:30
Description:
Antivirová ochrana v programu Microsoft Defender narazil na chybu při pokusu o aktualizaci bezpečnostních informací.
Nová verze bezpečnostních informací:
Předchozí verze bezpečnostních informací: 1.381.1467.0
Zdroj aktualizace: Server Microsoft Update
Typ bezpečnostních informací: Antivirový program
Typ aktualizace: Úplné
Uživatel: NT AUTHORITY\SYSTEM
Aktuální verze modulu:
Předchozí verze modulu: 1.1.19900.2
Kód chyby: 0x80070102
Popis chyby: Vypršel časový limit operace čekání.
CodeIntegrity:
===============
Date: 2023-01-21 11:29:55
Description:
Code Integrity determined that a process (\Device\HarddiskVolume2\Windows\System32\services.exe) attempted to load \Device\HarddiskVolume2\Program Files\Malwarebytes\Anti-Malware\MBAMService.exe that did not meet the Custom 3 / Antimalware signing level requirements.
Date: 2022-12-10 15:10:56
Description:
Code Integrity determined that a process (\Device\HarddiskVolume2\Windows\System32\svchost.exe) attempted to load \Device\HarddiskVolume2\Program Files (x86)\Kaspersky Lab\Kaspersky Internet Security 21.3\x64\antimalware_provider.dll that did not meet the Windows signing level requirements.
==================== Memory info ===========================
BIOS: Award Software International, Inc. F4 03/09/2011
Motherboard: Gigabyte Technology Co., Ltd. GA-870A-USB3
Processor: AMD Phenom(tm) II X4 955 Processor
Percentage of memory in use: 81%
Total physical RAM: 4093.55 MB
Available physical RAM: 765.45 MB
Total Virtual: 7037.55 MB
Available Virtual: 2818.98 MB
==================== Drives ================================
Drive c: () (Fixed) (Total:930.52 GB) (Free:604.98 GB) (Model: WDC WD10EALX-759BA1 ATA Device) NTFS
\\?\Volume{0008e4fc-0000-0000-0000-100000000000}\ (Rezervováno systémem) (Fixed) (Total:0.49 GB) (Free:0.45 GB) NTFS
\\?\Volume{0008e4fc-0000-0000-0000-d0c0e8000000}\ () (Fixed) (Total:0.5 GB) (Free:0.08 GB) NTFS
==================== MBR & Partition Table ====================
==========================================================
Disk: 0 (MBR Code: Windows 7/8/10) (Size: 931.5 GB) (Disk ID: 0008E4FC)
Partition 1: (Active) - (Size=500 MB) - (Type=07 NTFS)
Partition 2: (Not Active) - (Size=930.5 GB) - (Type=07 NTFS)
Partition 3: (Not Active) - (Size=510 MB) - (Type=27)
==================== End of Addition.txt =======================
Přikládám log z FRST a také log Addition.
Scan result of Farbar Recovery Scan Tool (FRST) (x64) Version: 20-01-2023
Ran by Luděk (administrator) on DESKTOP-MDPI0UB (Gigabyte Technology Co., Ltd. GA-870A-USB3) (21-01-2023 14:32:25)
Running from C:\Users\Luděk\Desktop
Loaded Profiles: Luděk
Platform: Microsoft Windows 10 Home Version 21H1 19043.2006 (X64) Language: Čeština (Česko)
Default browser: Opera
Boot Mode: Normal
==================== Processes (Whitelisted) =================
(If an entry is included in the fixlist, the process will be closed. The file will not be moved.)
() [File not signed] C:\Program Files (x86)\Gaming Keyboard\Monitor.EXE
(Advanced Micro Devices, Inc. -> Advanced Micro Devices Inc.) C:\Program Files (x86)\ATI Technologies\ATI.ACE\Core-Static\MOM.exe
(atiesrxx.exe ->) (Microsoft Windows Hardware Compatibility Publisher -> AMD) C:\Windows\System32\atieclxx.exe
(C:\Program Files (x86)\ATI Technologies\ATI.ACE\Core-Static\MOM.exe ->) (Advanced Micro Devices, Inc. -> Advanced Micro Devices Inc.) C:\Program Files (x86)\ATI Technologies\ATI.ACE\Core-Static\CCC.exe
(C:\Program Files (x86)\Gaming Keyboard\Monitor.EXE ->) () [File not signed] C:\Program Files (x86)\Gaming Keyboard\OSD.exe
(C:\Program Files (x86)\Google\Update\GoogleUpdate.exe ->) (Google LLC -> Google LLC) C:\Program Files (x86)\Google\Update\1.3.36.152\GoogleCrashHandler.exe
(C:\Program Files (x86)\Google\Update\GoogleUpdate.exe ->) (Google LLC -> Google LLC) C:\Program Files (x86)\Google\Update\1.3.36.152\GoogleCrashHandler64.exe
(C:\Program Files\RogueKiller\RogueKillerSvc.exe ->) (ADLICE (ASCOET JULIEN) -> ) C:\Program Files\RogueKiller\RogueKiller64.exe
(C:\ProgramData\Microsoft\Windows Defender\Platform\4.18.2211.5-0\MsMpEng.exe ->) (Microsoft Windows Publisher -> Microsoft Corporation) C:\ProgramData\Microsoft\Windows Defender\Platform\4.18.2211.5-0\MpCopyAccelerator.exe
(C:\Users\Luděk\AppData\Local\Programs\Opera\launcher.exe ->) (Opera Norway AS -> Opera Software) C:\Users\Luděk\AppData\Local\Programs\Opera\94.0.4606.65\opera_autoupdate.exe
(C:\Users\Luděk\AppData\Local\Programs\Opera\launcher.exe ->) (Opera Norway AS -> Opera Software) C:\Users\Luděk\AppData\Local\Programs\Opera\assistant\assistant_installer.exe
(C:\Users\Luděk\AppData\Local\Programs\Opera\opera.exe ->) (Opera Norway AS -> Opera Software) C:\Users\Luděk\AppData\Local\Programs\Opera\94.0.4606.65\opera_crashreporter.exe
(C:\Windows\WinSxS\amd64_microsoft-windows-servicingstack_31bf3856ad364e35_10.0.19041.2300_none_7e14edbc7c88b7d5\TiWorker.exe ->) (Microsoft Windows -> Microsoft Corporation) C:\Windows\System32\SrTasks.exe
(explorer.exe ->) (Microsoft Windows -> Microsoft Corporation) C:\Windows\System32\rundll32.exe
(Hewlett-Packard Company -> Hewlett-Packard) C:\Program Files (x86)\HP\HP Software Update\hpwuschd2.exe
(Opera Norway AS -> Opera Software) C:\Users\Luděk\AppData\Local\Programs\Opera\opera.exe <14>
(PIRIFORM SOFTWARE LIMITED -> Piriform Software Ltd) C:\Program Files\CCleaner\CCleaner64.exe
(services.exe ->) (ADLICE (ASCOET JULIEN) -> ) C:\Program Files\RogueKiller\RogueKillerSvc.exe
(services.exe ->) (Adobe Inc. -> Adobe Inc.) C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\armsvc.exe
(services.exe ->) (Advanced Micro Devices, Inc. -> Advanced Micro Devices, Inc.) C:\Program Files\ATI Technologies\ATI.ACE\Fuel\Fuel.Service.exe
(services.exe ->) (Microsoft Windows Hardware Compatibility Publisher -> AMD) C:\Windows\System32\atiesrxx.exe
(services.exe ->) (Microsoft Windows Publisher -> Microsoft Corporation) C:\ProgramData\Microsoft\Windows Defender\Platform\4.18.2211.5-0\MsMpEng.exe
(services.exe ->) (Microsoft Windows Publisher -> Microsoft Corporation) C:\ProgramData\Microsoft\Windows Defender\Platform\4.18.2211.5-0\NisSrv.exe
(svchost.exe ->) (Adobe Inc. -> Adobe Inc.) C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\AdobeARM.exe
(svchost.exe ->) (Google Inc -> Google LLC) C:\Program Files (x86)\Google\Update\GoogleUpdate.exe <2>
(svchost.exe ->) (Hewlett Packard -> Hewlett-Packard Co.) C:\Program Files\HP\HP Deskjet 6520 series\Bin\HPNetworkCommunicatorCom.exe
(svchost.exe ->) (Microsoft Corporation -> Microsoft Corporation) C:\Program Files (x86)\Microsoft\EdgeUpdate\MicrosoftEdgeUpdate.exe
(svchost.exe ->) (Microsoft Corporation) C:\Program Files\WindowsApps\Microsoft.549981C3F5F10_4.2204.13303.0_x64__8wekyb3d8bbwe\Cortana.exe
(svchost.exe ->) (Microsoft Corporation) C:\Program Files\WindowsApps\microsoft.windowscommunicationsapps_16005.14326.21238.0_x64__8wekyb3d8bbwe\HxTsr.exe
(svchost.exe ->) (Microsoft Corporation) C:\Program Files\WindowsApps\Microsoft.YourPhone_1.22102.229.0_x64__8wekyb3d8bbwe\PhoneExperienceHost.exe
(svchost.exe ->) (Microsoft Windows -> Microsoft Corporation) C:\Windows\System32\CompatTelRunner.exe <2>
(svchost.exe ->) (Microsoft Windows -> Microsoft Corporation) C:\Windows\System32\MoUsoCoreWorker.exe
(svchost.exe ->) (Microsoft Windows -> Microsoft Corporation) C:\Windows\System32\smartscreen.exe
(svchost.exe ->) (Microsoft Windows -> Microsoft Corporation) C:\Windows\WinSxS\amd64_microsoft-windows-servicingstack_31bf3856ad364e35_10.0.19041.2300_none_7e14edbc7c88b7d5\TiWorker.exe <2>
(svchost.exe ->) (Opera Norway AS -> Opera Software) C:\Users\Luděk\AppData\Local\Programs\Opera\launcher.exe <2>
(svchost.exe ->) (Zemana D.O.O. Sarajevo -> Zemana Ltd.) C:\Program Files (x86)\Zemana\AntiMalware\AntiMalware.exe
==================== Registry (Whitelisted) ===================
(If an entry is included in the fixlist, the registry item will be restored to default or removed. The file will not be moved.)
HKLM-x32\...\Run: [Gaming Keyboard] => C:\Program Files (x86)\Gaming Keyboard\Monitor.exe [479232 2014-01-16] () [File not signed]
HKLM-x32\...\Run: [HP Software Update] => C:\Program Files (x86)\Hp\HP Software Update\HPWuSchd2.exe [96056 2013-05-30] (Hewlett-Packard Company -> Hewlett-Packard)
HKLM-x32\...\Run: [StartCCC] => C:\Program Files (x86)\ATI Technologies\ATI.ACE\Core-Static\amd64\CLIStart.exe [767176 2015-11-04] (Advanced Micro Devices, Inc. -> Advanced Micro Devices, Inc.)
HKU\S-1-5-21-2413350920-2034389097-1973294252-1001\...\Run: [CCleaner Smart Cleaning] => C:\Program Files\CCleaner\CCleaner64.exe [38935376 2023-01-11] (PIRIFORM SOFTWARE LIMITED -> Piriform Software Ltd)
HKU\S-1-5-21-2413350920-2034389097-1973294252-1001\...\Run: [Opera Browser Assistant] => C:\Users\Luděk\AppData\Local\Programs\Opera\assistant\browser_assistant.exe [3916232 2022-12-20] (Opera Norway AS -> Opera Software)
HKLM\...\Print\Monitors\HP BA11 Status Monitor: C:\WINDOWS\system32\hpinkstsBA11LM.dll [331664 2012-06-12] (Hewlett Packard -> Hewlett-Packard Co.)
HKLM\...\Print\Monitors\HP Discovery Port Monitor (HP Deskjet 6520 series): C:\WINDOWS\system32\HPDiscoPMBA11.dll [741480 2012-10-17] (Hewlett Packard -> Hewlett-Packard Co.)
HKLM\Software\Microsoft\Active Setup\Installed Components: [{8A69D345-D564-463c-AFF1-A69D9E530F96}] -> C:\Program Files (x86)\Google\Chrome\Application\108.0.5359.125\Installer\chrmstp.exe [2022-12-30] (Google LLC -> Google LLC)
Startup: C:\Users\Luděk\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup\Sledovat výstrahy inkoustu - HP Deskjet 6520 series (Síť).lnk [2023-01-21]
ShortcutAndArgument: Sledovat výstrahy inkoustu - HP Deskjet 6520 series (Síť).lnk -> C:\WINDOWS\system32\RunDll32.exe => "C:\Program Files\HP\HP Deskjet 6520 series\bin\HPStatusBL.dll",RunDLLEntry SERIALNUMBER=TH471581W505XR;CONNECTION=NW;MONITOR=1;
GroupPolicy: Restriction ? <==== ATTENTION
Policies: C:\ProgramData\NTUSER.pol: Restriction <==== ATTENTION
==================== Scheduled Tasks (Whitelisted) ============
(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)
Task: {21D6A383-D9C9-499C-A1D7-74EA2BC7E151} - System32\Tasks\Microsoft\Windows\WaaSMedic\MaintenanceWork => {72566E27-1ABB-4EB3-B4F0-EB431CB1CB32}
Task: {3A317811-E71B-4B17-A94B-9C7AAB7693FC} - System32\Tasks\Opera scheduled Autoupdate 1583253510 => C:\Users\Luděk\AppData\Local\Programs\Opera\launcher.exe [2607560 2023-01-12] (Opera Norway AS -> Opera Software)
Task: {5636E68E-BB34-4B4B-B9BA-A3DF5C9CB00C} - System32\Tasks\GoogleUpdateTaskMachineCore => C:\Program Files (x86)\Google\Update\GoogleUpdate.exe [156456 2019-05-10] (Google Inc -> Google LLC)
Task: {658ADD59-68A2-43AE-92DF-718BB06D244F} - System32\Tasks\CCleanerCrashReporting => C:\Program Files\CCleaner\CCleanerBugReport.exe [4713808 2023-01-11] (PIRIFORM SOFTWARE LIMITED -> Piriform Software) -> --product 90 --send dumps|report --path "C:\Program Files\CCleaner\LOG" --programpath "C:\Program Files\CCleaner" --configpath "C:\Program Files\CCleaner\Setup" --guid "6b0ecaf3-2418-4d46-b829-99fc295db756" --version "6.08.10255" --silent
Task: {73E3E88F-61AF-4C21-8668-C24B2AA30A79} - System32\Tasks\CCleanerSkipUAC - Luděk => C:\Program Files\CCleaner\CCleaner.exe [32617808 2023-01-11] (PIRIFORM SOFTWARE LIMITED -> Piriform Software Ltd)
Task: {77BCCDCB-B4B4-461C-BD21-5736D651F60A} - System32\Tasks\Opera scheduled assistant Autoupdate 1583253520 => C:\Users\Luděk\AppData\Local\Programs\Opera\launcher.exe [2607560 2023-01-12] (Opera Norway AS -> Opera Software) -> --scheduledautoupdate --component-name=assistant --component-path="C:\Users\Luděk\AppData\Local\Programs\Opera\assistant" $(Arg0)
Task: {7FBA95E5-099B-4641-8452-8D482376E5F5} - System32\Tasks\Microsoft\Windows\Windows Defender\Windows Defender Scheduled Scan => C:\ProgramData\Microsoft\Windows Defender\Platform\4.18.2211.5-0\MpCmdRun.exe [1592184 2022-12-10] (Microsoft Windows Publisher -> Microsoft Corporation)
Task: {82D9270E-812D-4CAB-88C6-A94DED53BCEE} - System32\Tasks\CCleaner Update => C:\Program Files\CCleaner\CCUpdate.exe [684976 2023-01-11] (Piriform Software Ltd -> Piriform)
Task: {8AD88554-63A0-42CF-9F34-3343D30BEB41} - System32\Tasks\Adobe Acrobat Update Task => C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\AdobeARM.exe [1552376 2022-09-26] (Adobe Inc. -> Adobe Inc.)
Task: {8DE385A3-7D74-41C0-9699-03E0890764FF} - System32\Tasks\Microsoft\Windows\Windows Defender\Windows Defender Verification => C:\ProgramData\Microsoft\Windows Defender\Platform\4.18.2211.5-0\MpCmdRun.exe [1592184 2022-12-10] (Microsoft Windows Publisher -> Microsoft Corporation)
Task: {A38ACD60-65D2-4B25-A5D7-A8E11E43975B} - System32\Tasks\Microsoft\Windows\Windows Defender\Windows Defender Cleanup => C:\ProgramData\Microsoft\Windows Defender\Platform\4.18.2211.5-0\MpCmdRun.exe [1592184 2022-12-10] (Microsoft Windows Publisher -> Microsoft Corporation)
Task: {A49CA059-BAF8-4CFC-843A-FBC69EA485DD} - System32\Tasks\AMHelper => C:\Program Files (x86)\Zemana\AntiMalware\AntiMalware.exe [682008 2021-03-30] (Zemana D.O.O. Sarajevo -> Zemana Ltd.)
Task: {BBE6AED4-F3CC-4532-BB8C-13BC37399D16} - System32\Tasks\Adobe Flash Player PPAPI Notifier => C:\WINDOWS\SysWOW64\Macromed\Flash\FlashUtil32_29_0_0_171_pepper.exe [1367552 2018-05-25] (Adobe Systems Incorporated -> Adobe Systems Incorporated)
Task: {C8E19F86-A5C3-4D40-B45B-6BE0E2494CE8} - System32\Tasks\Microsoft\Windows\Windows Defender\Windows Defender Cache Maintenance => C:\ProgramData\Microsoft\Windows Defender\Platform\4.18.2211.5-0\MpCmdRun.exe [1592184 2022-12-10] (Microsoft Windows Publisher -> Microsoft Corporation)
Task: {E2A846E3-F6FE-437B-9081-97DBF4CD4751} - System32\Tasks\GoogleUpdateTaskMachineUA => C:\Program Files (x86)\Google\Update\GoogleUpdate.exe [156456 2019-05-10] (Google Inc -> Google LLC)
Task: {EC7BC4ED-D860-4E92-9ED4-0D029ADE70BE} - System32\Tasks\Adobe Flash Player NPAPI Notifier => C:\WINDOWS\SysWOW64\Macromed\Flash\FlashUtil32_32_0_0_344_Plugin.exe [1458232 2020-04-07] (Adobe Inc. -> Adobe)
(If an entry is included in the fixlist, the task (.job) file will be moved. The file which is running by the task will not be moved.)
Task: C:\WINDOWS\Tasks\CCleanerCrashReporting.job => C:\Program Files\CCleaner\CCleanerBugReport.exe
Task: C:\WINDOWS\Tasks\CreateExplorerShellUnelevatedTask.job => C:\WINDOWS\explorer.exe
==================== Internet (Whitelisted) ====================
(If an item is included in the fixlist, if it is a registry item it will be removed or restored to default.)
Tcpip\Parameters: [DhcpNameServer] 192.168.2.1
Tcpip\..\Interfaces\{1f481996-2dc3-45c7-8a54-51b444d3aca5}: [DhcpNameServer] 192.168.2.1
Edge:
=======
Edge DefaultProfile: Default
Edge Profile: C:\Users\Luděk\AppData\Local\Microsoft\Edge\User Data\Default [2023-01-15]
Edge Extension: (Ochrana Kaspersky) - C:\Users\Luděk\AppData\Local\Microsoft\Edge\User Data\Default\Extensions\ahkjpbeeocnddjkakilopmfdlnjdpcdm [2022-10-06]
FireFox:
========
FF DefaultProfile: 9a5fzjqm.default
FF ProfilePath: C:\Users\Luděk\AppData\Roaming\Mozilla\Firefox\Profiles\9a5fzjqm.default [2023-01-15]
FF Homepage: Mozilla\Firefox\Profiles\9a5fzjqm.default -> about:home
FF NewTab: Mozilla\Firefox\Profiles\9a5fzjqm.default -> about:newtab
FF Extension: (Vývojové sestavení Adblock Plus) - C:\Users\Luděk\AppData\Roaming\Mozilla\Firefox\Profiles\9a5fzjqm.default\Extensions\{d10d0bf8-f5b5-c8b4-a8b2-2b9879e08c5d}.xpi [2018-12-07]
FF Plugin: @adobe.com/FlashPlayer -> C:\WINDOWS\system32\Macromed\Flash\NPSWF64_32_0_0_344.dll [2020-04-07] (Adobe Inc. -> )
FF Plugin: Adobe Acrobat -> C:\Program Files\Adobe\Acrobat DC\Acrobat\Air\nppdf32.dll [2022-12-24] (Adobe Inc. -> Adobe Systems Inc.)
FF Plugin-x32: @adobe.com/FlashPlayer -> C:\WINDOWS\SysWOW64\Macromed\Flash\NPSWF32_32_0_0_344.dll [2020-04-07] (Adobe Inc. -> )
FF Plugin HKU\S-1-5-21-2413350920-2034389097-1973294252-1001: @updates.epicbrowser.com/Epic Privacy Browser Installer;version=3 -> C:\Users\Luděk\AppData\Local\Epic Privacy Browser\Installer\1.3.27.13\npEpicUpdate3.dll [2018-04-01] (Google Inc (TEST) -> Epic Privacy Browser) [File not signed]
FF Plugin HKU\S-1-5-21-2413350920-2034389097-1973294252-1001: @updates.epicbrowser.com/Epic Privacy Browser Installer;version=9 -> C:\Users\Luděk\AppData\Local\Epic Privacy Browser\Installer\1.3.27.13\npEpicUpdate3.dll [2018-04-01] (Google Inc (TEST) -> Epic Privacy Browser) [File not signed]
Chrome:
=======
CHR Profile: C:\Users\Luděk\AppData\Local\Google\Chrome\User Data\Default [2023-01-15]
CHR Extension: (Prezentace) - C:\Users\Luděk\AppData\Local\Google\Chrome\User Data\Default\Extensions\aapocclcgogkmnckokdopfmhonfmgoek [2021-12-12]
CHR Extension: (Ochrana Kaspersky) - C:\Users\Luděk\AppData\Local\Google\Chrome\User Data\Default\Extensions\ahkjpbeeocnddjkakilopmfdlnjdpcdm [2022-01-30]
CHR Extension: (YouTube) - C:\Users\Luděk\AppData\Local\Google\Chrome\User Data\Default\Extensions\blpcfgokakmgnkcojhhkbfbldkacnbeo [2021-12-12]
CHR Extension: (Platby Internetového obchodu Chrome) - C:\Users\Luděk\AppData\Local\Google\Chrome\User Data\Default\Extensions\nmmhkkegccagdldgiimedpiccmgmieda [2021-12-12]
CHR Extension: (Gmail) - C:\Users\Luděk\AppData\Local\Google\Chrome\User Data\Default\Extensions\pjkljhegncpnkpknbcohdijeoejaedia [2021-12-12]
Opera:
=======
OPR Profile: C:\Users\Luděk\AppData\Roaming\Opera Software\Opera Stable [2023-01-21]
OPR DefaultSuggestURL: Opera Stable -> hxxps://www.google.com/complete/search?client=o ... utEncoding}
OPR Extension: (Rich Hints Agent) - C:\Users\Luděk\AppData\Roaming\Opera Software\Opera Stable\Extensions\enegjkbbakeegngfapepobipndnebkdk [2022-10-29]
OPR Extension: (Opera Wallet) - C:\Users\Luděk\AppData\Roaming\Opera Software\Opera Stable\Extensions\gojhcdgcpbpfigcaejpfhfegekdgiblk [2022-12-31]
OPR Extension: (Amazon Assistant Promotion) - C:\Users\Luděk\AppData\Roaming\Opera Software\Opera Stable\Extensions\kbmoiomgmchbpihhdpabemajcbjpcijk [2021-11-15]
==================== Services (Whitelisted) ===================
(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)
R2 AdobeARMservice; C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\armsvc.exe [173040 2022-09-26] (Adobe Inc. -> Adobe Inc.)
R2 AMD FUEL Service; C:\Program Files\ATI Technologies\ATI.ACE\Fuel\Fuel.Service.exe [351944 2015-11-04] (Advanced Micro Devices, Inc. -> Advanced Micro Devices, Inc.)
S3 CCleanerPerformanceOptimizerService; C:\Program Files\CCleaner\CCleanerPerformanceOptimizerService.exe [1003344 2023-01-11] (PIRIFORM SOFTWARE LIMITED -> Piriform Software Ltd)
S2 MBAMService; C:\Program Files\Malwarebytes\Anti-Malware\MBAMService.exe [7848632 2021-11-10] (Malwarebytes Inc -> Malwarebytes)
R2 rkrtservice; C:\Program Files\RogueKiller\RogueKillerSvc.exe [14204760 2021-11-09] (ADLICE (ASCOET JULIEN) -> )
R3 WdNisSvc; C:\ProgramData\Microsoft\Windows Defender\Platform\4.18.2211.5-0\NisSrv.exe [3191264 2022-12-10] (Microsoft Windows Publisher -> Microsoft Corporation)
R2 WinDefend; C:\ProgramData\Microsoft\Windows Defender\Platform\4.18.2211.5-0\MsMpEng.exe [133592 2022-12-10] (Microsoft Windows Publisher -> Microsoft Corporation)
===================== Drivers (Whitelisted) ===================
(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)
R1 amsdk; C:\WINDOWS\system32\drivers\amsdk.sys [232792 2021-11-15] (Zemana D.O.O. Sarajevo -> Copyright 2018.)
R2 AODDriver4.3; C:\Program Files\ATI Technologies\ATI.ACE\Fuel\amd64\AODDriver2.sys [59616 2014-02-11] (Advanced Micro Devices, Inc. -> Advanced Micro Devices)
S3 BthA2dp; C:\WINDOWS\System32\drivers\BthA2dp.sys [279040 2019-12-07] (Microsoft Corporation) [File not signed]
S3 BthHFEnum; C:\WINDOWS\System32\drivers\bthhfenum.sys [144896 2019-12-07] (Microsoft Corporation) [File not signed]
S3 MBAMSwissArmy; C:\WINDOWS\System32\Drivers\mbamswissarmy.sys [248992 2021-08-01] (Malwarebytes Inc -> Malwarebytes)
U3 TrueSight; C:\Windows\System32\drivers\truesight.sys [38032 2023-01-21] (Adlice -> )
S0 WdBoot; C:\WINDOWS\System32\drivers\wd\WdBoot.sys [49568 2022-12-10] (Microsoft Windows Early Launch Anti-malware Publisher -> Microsoft Corporation)
R0 WdFilter; C:\WINDOWS\System32\drivers\wd\WdFilter.sys [473376 2022-12-10] (Microsoft Windows -> Microsoft Corporation)
R3 WdNisDrv; C:\WINDOWS\System32\drivers\wd\WdNisDrv.sys [99616 2022-12-10] (Microsoft Windows -> Microsoft Corporation)
S3 MpKsl19a5ed25; \??\C:\ProgramData\Microsoft\Windows Defender\Definition Updates\{99AAD720-ECA6-4755-A1B0-96E8D710F741}\MpKslDrv.sys [X]
==================== NetSvcs (Whitelisted) ===================
(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)
==================== One month (created) (Whitelisted) =========
(If an entry is included in the fixlist, the file/folder will be moved.)
2023-01-21 14:32 - 2023-01-21 14:37 - 000018773 _____ C:\Users\Luděk\Desktop\FRST.txt
2023-01-21 14:29 - 2023-01-21 14:36 - 000000000 ____D C:\FRST
2023-01-21 14:27 - 2023-01-21 14:28 - 002376704 _____ (Farbar) C:\Users\Luděk\Desktop\FRST64.exe
2023-01-21 11:35 - 2023-01-21 11:35 - 000000000 ___HD C:\$WinREAgent
2022-12-31 17:00 - 2022-12-31 17:01 - 000513411 _____ C:\Users\Luděk\Desktop\ratiborice.jpeg
2022-12-31 16:58 - 2022-12-31 16:58 - 000579424 _____ C:\Users\Luděk\Desktop\opocno.jpeg
2022-12-30 18:29 - 2023-01-21 11:30 - 000038032 _____ C:\WINDOWS\system32\Drivers\truesight.sys
2022-12-25 10:05 - 2022-12-25 10:05 - 000004460 _____ C:\WINDOWS\system32\Tasks\Opera scheduled assistant Autoupdate 1583253520
==================== One month (modified) ==================
(If an entry is included in the fixlist, the file/folder will be moved.)
2023-01-21 14:39 - 2021-11-15 20:32 - 000173539 _____ C:\WINDOWS\ZAM.krnl.trace
2023-01-21 14:36 - 2016-03-13 10:38 - 000000000 ____D C:\Program Files (x86)\Google
2023-01-21 14:23 - 2017-10-26 11:40 - 000000000 ____D C:\Program Files\CCleaner
2023-01-21 12:43 - 2019-12-07 10:14 - 000000000 ____D C:\ProgramData\regid.1991-06.com.microsoft
2023-01-21 12:29 - 2019-12-07 10:03 - 000000000 ____D C:\WINDOWS\CbsTemp
2023-01-21 11:38 - 2020-09-12 13:45 - 000000000 ____D C:\Users\Luděk
2023-01-21 11:29 - 2020-09-12 14:20 - 000000006 ____H C:\WINDOWS\Tasks\SA.DAT
2023-01-21 11:29 - 2020-09-12 13:39 - 000008192 ___SH C:\DumpStack.log.tmp
2023-01-21 11:29 - 2020-09-12 13:39 - 000000000 ____D C:\WINDOWS\system32\SleepStudy
2023-01-21 11:12 - 2019-12-07 10:14 - 000000000 ____D C:\WINDOWS\AppReadiness
2023-01-21 11:08 - 2022-11-08 11:16 - 000000760 _____ C:\WINDOWS\Tasks\CCleanerCrashReporting.job
2023-01-21 10:50 - 2021-09-20 14:47 - 000000270 __RSH C:\ProgramData\ntuser.pol
2023-01-21 10:37 - 2021-09-20 14:51 - 000000000 ____D C:\Users\Luděk\AppData\Local\Rufus
2023-01-21 10:18 - 2020-06-14 16:29 - 000002436 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Microsoft Edge.lnk
2023-01-21 10:18 - 2020-06-14 16:29 - 000002274 _____ C:\Users\Public\Desktop\Microsoft Edge.lnk
2023-01-21 10:17 - 2020-09-12 14:20 - 000004206 _____ C:\WINDOWS\system32\Tasks\Opera scheduled Autoupdate 1583253510
2023-01-21 10:16 - 2020-03-03 17:38 - 000001461 _____ C:\Users\Luděk\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Prohlížeč Opera.lnk
2023-01-20 18:36 - 2022-11-08 11:16 - 000003476 _____ C:\WINDOWS\system32\Tasks\CCleanerCrashReporting
2023-01-20 18:36 - 2020-09-12 14:20 - 000003936 _____ C:\WINDOWS\system32\Tasks\CCleaner Update
2023-01-15 11:11 - 2018-08-04 21:53 - 000000000 ____D C:\Users\Luděk\AppData\Local\CrashDumps
2023-01-15 10:28 - 2021-07-31 14:09 - 000000000 ____D C:\Users\Luděk\Documents\Životopis
2023-01-15 10:25 - 2019-12-07 10:14 - 000000000 ___HD C:\Program Files\WindowsApps
2023-01-15 10:20 - 2016-03-07 17:25 - 000000000 ____D C:\WINDOWS\system32\MRT
2023-01-15 09:40 - 2016-03-07 17:25 - 150199536 ____C (Microsoft Corporation) C:\WINDOWS\system32\MRT.exe
2023-01-14 21:08 - 2020-09-12 14:20 - 000004562 _____ C:\WINDOWS\system32\Tasks\Adobe Acrobat Update Task
2023-01-14 21:05 - 2022-10-19 18:02 - 000002073 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Adobe Acrobat.lnk
2023-01-14 21:05 - 2022-10-19 18:02 - 000002061 _____ C:\Users\Public\Desktop\Adobe Acrobat.lnk
2023-01-13 19:00 - 2020-09-12 14:20 - 000003640 _____ C:\WINDOWS\system32\Tasks\MicrosoftEdgeUpdateTaskMachineUA
2023-01-13 19:00 - 2020-09-12 14:20 - 000003516 _____ C:\WINDOWS\system32\Tasks\MicrosoftEdgeUpdateTaskMachineCore
2022-12-31 17:00 - 2017-04-13 08:41 - 000000000 ___RD C:\Users\Luděk\Documents\Scanned Documents
2022-12-31 15:55 - 2022-08-09 10:25 - 000032099 _____ C:\Users\Luděk\Desktop\OpenRailsLog.txt
2022-12-31 15:53 - 2016-11-12 14:35 - 000000000 ____D C:\Users\Luděk\AppData\Roaming\Open Rails
2022-12-31 15:23 - 2019-12-07 10:14 - 000000000 ____D C:\WINDOWS\LiveKernelReports
2022-12-31 15:11 - 2022-10-11 16:49 - 000000000 ____D C:\OpenRails_CZSK
2022-12-30 18:28 - 2019-12-07 10:03 - 000524288 _____ C:\WINDOWS\system32\config\BBI
2022-12-30 11:44 - 2022-01-14 17:30 - 000003592 _____ C:\WINDOWS\system32\Tasks\OneDrive Reporting Task-S-1-5-21-2413350920-2034389097-1973294252-1001
2022-12-30 11:44 - 2021-05-15 15:13 - 000002381 _____ C:\Users\Luděk\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\OneDrive.lnk
2022-12-30 11:44 - 2020-09-12 14:20 - 000003380 _____ C:\WINDOWS\system32\Tasks\OneDrive Standalone Update Task-S-1-5-21-2413350920-2034389097-1973294252-1001
2022-12-30 11:44 - 2019-05-10 16:18 - 000002301 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Google Chrome.lnk
2022-12-30 11:44 - 2019-05-10 16:18 - 000002260 _____ C:\Users\Public\Desktop\Google Chrome.lnk
==================== Files in the root of some directories ========
2022-08-09 10:25 - 2022-08-09 10:25 - 000000025 _____ () C:\Users\Luděk\AppData\Roaming\alsoft.ini
==================== SigCheck ============================
(There is no automatic fix for files that do not pass verification.)
==================== End of FRST.txt ========================
Additional scan result of Farbar Recovery Scan Tool (x64) Version: 20-01-2023
Ran by Luděk (21-01-2023 14:41:33)
Running from C:\Users\Luděk\Desktop
Microsoft Windows 10 Home Version 21H1 19043.2006 (X64) (2020-09-12 13:21:31)
Boot Mode: Normal
==========================================================
==================== Accounts: =============================
(If an entry is included in the fixlist, it will be removed.)
Administrator (S-1-5-21-2413350920-2034389097-1973294252-500 - Administrator - Disabled)
DefaultAccount (S-1-5-21-2413350920-2034389097-1973294252-503 - Limited - Disabled)
Guest (S-1-5-21-2413350920-2034389097-1973294252-501 - Limited - Disabled)
Luděk (S-1-5-21-2413350920-2034389097-1973294252-1001 - Administrator - Enabled) => C:\Users\Luděk
WDAGUtilityAccount (S-1-5-21-2413350920-2034389097-1973294252-504 - Limited - Disabled)
==================== Security Center ========================
(If an entry is included in the fixlist, it will be removed.)
AV: Windows Defender (Enabled - Up to date) {D68DDC3A-831F-4fae-9E44-DA132C1ACF46}
AV: Kaspersky Internet Security (Enabled - Up to date) {4F76F112-43EB-40E8-11D8-F7BD1853EA23}
FW: Kaspersky Internet Security (Disabled) {774D7037-0984-41B0-3A87-5E88E680AD58}
==================== Installed Programs ======================
(Only the adware programs with "Hidden" flag could be added to the fixlist to unhide them. The adware programs should be uninstalled manually.)
7-Zip 15.13 (x64) (HKLM\...\7-Zip) (Version: 15.13 - Igor Pavlov)
Adobe Acrobat (64-bit) (HKLM\...\{AC76BA86-1029-1033-7760-BC15014EA700}) (Version: 22.003.20310 - Adobe)
Adobe Flash Player 29 PPAPI (HKLM-x32\...\Adobe Flash Player PPAPI) (Version: 29.0.0.171 - Adobe Systems Incorporated)
Adobe Flash Player 32 NPAPI (HKLM-x32\...\Adobe Flash Player NPAPI) (Version: 32.0.0.344 - Adobe)
Adobe Refresh Manager (HKLM-x32\...\{AC76BA86-0804-1033-1959-018244601032}) (Version: 1.8.0 - Adobe Systems Incorporated) Hidden
AMD Catalyst Control Center (HKLM-x32\...\WUCCCApp) (Version: 1.00.0000 - AMD)
Ashampoo Burning Studio 6 FREE v.6.84 (HKLM-x32\...\{91B33C97-3ED1-03EA-A67B-244AA4D7B559}_is1) (Version: 6.8.4 - Ashampoo GmbH & Co. KG)
aTube Catcher verze 3.8 (HKLM-x32\...\{D43B360E-722D-421B-BC77-20B9E0F8B6CD}_is1) (Version: 3.8 - DsNET Corp)
AVI MP4 Converter v6.1 build 1595 (HKLM-x32\...\{7599513E-F863-4189-B9B4-0CE17CAC0733}_is1) (Version: - Hoo Technologies)
BomberFUN V1.02 (HKLM-x32\...\BomberFUN V1.02) (Version: - )
Catalyst Control Center - Branding (HKLM-x32\...\{11087D24-567D-7D88-69C6-D7A08B5F4C47}) (Version: 1.00.0000 - Advanced Micro Devices, Inc.) Hidden
CCleaner (HKLM\...\CCleaner) (Version: 6.08 - Piriform)
ConBuilder (HKLM-x32\...\ConBuilder) (Version: 2.03.0002 - WeiRuan)
CrystalDiskInfo 8.17.8 (HKLM\...\CrystalDiskInfo_is1) (Version: 8.17.8 - Crystal Dew World)
Defraggler (HKLM\...\Defraggler) (Version: 2.22 - Piriform)
Dolní Kounice v2.1 (HKLM-x32\...\{B997EA27-ADE2-47BC-B4A9-A9187FD8A49E}) (Version: 2.1 - Dyk, Vačice, Bajou)
Epic Privacy Browser (HKU\S-1-5-21-2413350920-2034389097-1973294252-1001\...\Epic Privacy Browser) (Version: 80.0.3987.87 - Epic)
Farming Simulator 15 (HKLM-x32\...\FarmingSimulator2015CZ_is1) (Version: 1.4.0.0 - GIANTS Software)
FlatOut2 (HKLM-x32\...\{D4006E71-FF32-44FF-AD5A-B5EE4389B825}_is1) (Version: 1.0 - US - ACTION, s.r.o.)
Gaming Keyboard Driver (HKLM-x32\...\{4860EC50-3BEE-4AD4-9A52-D1D7CF92C592}) (Version: 1.0 - )
Google Chrome (HKLM-x32\...\Google Chrome) (Version: 108.0.5359.125 - Google LLC)
HP Deskjet 6520 series Nápověda (HKLM-x32\...\{CB98887B-0D5D-482A-8039-102F60DAA960}) (Version: 28.0.0 - Hewlett Packard)
HP Update (HKLM-x32\...\{912D30CF-F39E-4B31-AD9A-123C6B794EE2}) (Version: 5.005.002.002 - Hewlett-Packard)
Kontrola stavu osobního počítače s Windows (HKLM\...\{D1F15F7A-707A-42BD-BE6B-3380616F796D}) (Version: 3.6.2204.08001 - Microsoft Corporation)
LibreOffice 5.1 Help Pack (Czech) (HKLM\...\{CF75D6E3-00A3-4BB1-815C-0BBB999324CF}) (Version: 5.1.1.3 - The Document Foundation)
LibreOffice 5.1.1.3 (HKLM\...\{407B69E0-F7D7-45E2-AC19-96134B0294A2}) (Version: 5.1.1.3 - The Document Foundation)
Microsoft .NET Host - 5.0.10 (x86) (HKLM-x32\...\{EEC610D2-6934-4567-A658-092A1429A21A}) (Version: 40.40.30412 - Microsoft Corporation) Hidden
Microsoft .NET Host FX Resolver - 5.0.10 (x86) (HKLM-x32\...\{29F55E7D-9FB8-4F1D-A233-1F5995CB0FF5}) (Version: 40.40.30412 - Microsoft Corporation) Hidden
Microsoft .NET Runtime - 5.0.10 (x86) (HKLM-x32\...\{17675144-2D5B-4BA3-AF21-A65F7D824149}) (Version: 40.40.30412 - Microsoft Corporation) Hidden
Microsoft Edge (HKLM-x32\...\Microsoft Edge) (Version: 109.0.1518.55 - Microsoft Corporation)
Microsoft Edge WebView2 Runtime (HKLM-x32\...\Microsoft EdgeWebView) (Version: 109.0.1518.52 - Microsoft Corporation)
Microsoft OneDrive (HKU\S-1-5-21-2413350920-2034389097-1973294252-1001\...\OneDriveSetup.exe) (Version: 22.238.1114.0002 - Microsoft Corporation)
Microsoft Update Health Tools (HKLM\...\{7B1FCD52-8F6B-4F12-A143-361EA39F5E7C}) (Version: 3.67.0.0 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x64 9.0.30729.6161 (HKLM\...\{5FCE6D76-F5DC-37AB-B2B8-22AB8CEDB1D4}) (Version: 9.0.30729.6161 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.6161 (HKLM-x32\...\{9BE518E6-ECC6-35A9-88E4-87755C07200F}) (Version: 9.0.30729.6161 - Microsoft Corporation)
Microsoft Visual C++ 2010 x64 Redistributable - 10.0.40219 (HKLM\...\{1D8E6291-B0D5-35EC-8441-6616F567A0F7}) (Version: 10.0.40219 - Microsoft Corporation)
Microsoft Visual C++ 2010 x86 Redistributable - 10.0.40219 (HKLM-x32\...\{F0C3E5D1-1ADE-321E-8167-68EF0DE699A5}) (Version: 10.0.40219 - Microsoft Corporation)
Microsoft Visual C++ 2012 Redistributable (x64) - 11.0.50727 (HKLM-x32\...\{15134cb0-b767-4960-a911-f2d16ae54797}) (Version: 11.0.50727.1 - Microsoft Corporation)
Microsoft Visual C++ 2012 Redistributable (x86) - 11.0.50727 (HKLM-x32\...\{22154f09-719a-4619-bb71-5b3356999fbf}) (Version: 11.0.50727.1 - Microsoft Corporation)
Microsoft Visual C++ 2012 x64 Additional Runtime - 11.0.50727 (HKLM\...\{AC53FC8B-EE18-3F9C-9B59-60937D0B182C}) (Version: 11.0.50727 - Microsoft Corporation) Hidden
Microsoft Visual C++ 2012 x64 Minimum Runtime - 11.0.50727 (HKLM\...\{A2CB1ACB-94A2-32BA-A15E-7D80319F7589}) (Version: 11.0.50727 - Microsoft Corporation) Hidden
Microsoft Visual C++ 2012 x86 Additional Runtime - 11.0.50727 (HKLM-x32\...\{FDB30193-FDA0-3DAA-ACCA-A75EEFE53607}) (Version: 11.0.50727 - Microsoft Corporation) Hidden
Microsoft Visual C++ 2012 x86 Minimum Runtime - 11.0.50727 (HKLM-x32\...\{2F73A7B2-E50E-39A6-9ABC-EF89E4C62E36}) (Version: 11.0.50727 - Microsoft Corporation) Hidden
Microsoft Visual C++ 2015 Redistributable (x64) - 14.0.24215 (HKLM-x32\...\{d992c12e-cab2-426f-bde3-fb8c53950b0d}) (Version: 14.0.24215.1 - Microsoft Corporation)
Microsoft Visual C++ 2015 Redistributable (x86) - 14.0.24215 (HKLM-x32\...\{e2803110-78b3-4664-a479-3611a381656a}) (Version: 14.0.24215.1 - Microsoft Corporation)
Microsoft Visual C++ 2015 x86 Additional Runtime - 14.0.24215 (HKLM-x32\...\{69BCE4AC-9572-3271-A2FB-9423BDA36A43}) (Version: 14.0.24215 - Microsoft Corporation) Hidden
Microsoft Visual C++ 2015 x86 Minimum Runtime - 14.0.24215 (HKLM-x32\...\{BBF2AC74-720C-3CB3-8291-5E34039232FA}) (Version: 14.0.24215 - Microsoft Corporation) Hidden
Microsoft Visual C++ 2017 Redistributable (x64) - 14.16.27027 (HKLM-x32\...\{fd9b6070-d13e-45dc-819b-41806bf45b6b}) (Version: 14.16.27027.1 - Microsoft Corporation)
Microsoft Visual C++ 2017 X64 Additional Runtime - 14.16.27024 (HKLM\...\{9D29FC96-9EEE-4253-943F-96B3BBFDD0B6}) (Version: 14.16.27024 - Microsoft Corporation) Hidden
Microsoft Visual C++ 2017 X64 Minimum Runtime - 14.16.27024 (HKLM\...\{F1B0FB3A-E0EA-47A6-9383-3650655403B0}) (Version: 14.16.27024 - Microsoft Corporation) Hidden
Microsoft Windows Desktop Runtime - 5.0.10 (x86) (HKLM-x32\...\{DCE5198A-7449-4F9F-A630-C8363759D0FB}) (Version: 40.40.30418 - Microsoft Corporation) Hidden
Microsoft XNA Framework Redistributable 3.1 (HKLM-x32\...\{19BFDA5D-1FE2-4F25-97F9-1A79DD04EE20}) (Version: 3.1.10527.0 - Microsoft Corporation)
MKVToolNix 51.0.0 (64-bit) (HKLM-x32\...\MKVToolNix) (Version: 51.0.0 - Moritz Bunkus)
Mozilla Firefox 64.0.2 (x64 cs) (HKLM\...\Mozilla Firefox 64.0.2 (x64 cs)) (Version: 64.0.2 - Mozilla)
Mozilla Maintenance Service (HKLM\...\MozillaMaintenanceService) (Version: 63.0.3 - Mozilla)
NVIDIA PhysX (HKLM-x32\...\{3F5C371F-8EA2-4F25-9D3D-D0B4526E3AEA}) (Version: 9.10.0513 - NVIDIA Corporation)
Open Rails 1.4 (HKLM-x32\...\{94E15E08-869D-4B69-B8D7-8C82075CB51C} ; Generat~67F3DAC8_is1) (Version: 1.4 - Open Rails Project)
Opera Stable 94.0.4606.65 (HKU\S-1-5-21-2413350920-2034389097-1973294252-1001\...\Opera 94.0.4606.65) (Version: 94.0.4606.65 - Opera Software)
Recuva (HKLM\...\Recuva) (Version: 1.53 - Piriform)
RogueKiller version 15.1.3.0 (HKLM\...\8B3D7924-ED89-486B-8322-E8594065D5CB_is1) (Version: 15.1.3.0 - Adlice Software)
SMPlayer 16.4.0 (x64) (HKLM\...\SMPlayer) (Version: 16.4.0 - Ricardo Villalba)
Sophos Virus Removal Tool (HKLM-x32\...\{B829E117-D072-41EA-9606-9826A38D34C1}) (Version: 2.9.0 - Sophos Limited)
Steam (HKLM-x32\...\Steam) (Version: 2.10.91.91 - Valve Corporation)
Trať Bratislava-Brno-Praha pro MSTS verze BP95.20-T13OR/21.03.2 (HKLM-x32\...\Trať Bratislava-Brno-Praha pro MSTS_is1) (Version: - Zbyněk Šemora)
Update for Windows 10 for x64-based Systems (KB5001716) (HKLM\...\{C22F49B1-0F67-47DC-A490-E8B4B6558EA9}) (Version: 8.91.0.0 - Microsoft Corporation)
Visual Studio 2012 x64 Redistributables (HKLM\...\{8C775E70-A791-4DA8-BCC3-6AB7136F4484}) (Version: 14.0.0.1 - AVG Technologies)
Visual Studio 2012 x86 Redistributables (HKLM-x32\...\{98EFF19A-30AB-4E4B-B943-F06B1C63EBF8}) (Version: 14.0.0.1 - AVG Technologies CZ, s.r.o.)
Vivaldi (HKU\S-1-5-21-2413350920-2034389097-1973294252-1001\...\Vivaldi) (Version: 2.9.1705.41 - Vivaldi Technologies AS.)
Základní software zařízení HP Deskjet 6520 series (HKLM\...\{E0365A88-9BCE-4E15-98C5-21F454C7479F}) (Version: 28.0.1315.0 - Hewlett-Packard Co.)
Zemana AntiMalware verze 3.2.28 (HKLM-x32\...\{4E1F3677-C72E-4F7D-B66E-85467B1A289E}_is1) (Version: 3.2.28 - Zemana)
Packages:
=========
Autodesk SketchBook -> C:\Program Files\WindowsApps\89006A2E.AutodeskSketchBook_5.1.0.0_x64__tf1gferkr813w [2019-11-08] (Autodesk Inc.)
Candy Crush Soda Saga -> C:\Program Files\WindowsApps\king.com.CandyCrushSodaSaga_1.233.300.0_x64__kgqvnymyfvs32 [2022-12-29] (king.com)
HP Smart -> C:\Program Files\WindowsApps\AD2F1837.HPPrinterControl_141.2.441.0_x64__v10z8vjag6ke6 [2022-12-10] (HP Inc.)
Microsoft Advertising SDK for XAML -> C:\Program Files\WindowsApps\Microsoft.Advertising.Xaml_10.1811.1.0_x64__8wekyb3d8bbwe [2019-02-12] (Microsoft Corporation) [MS Ad]
Microsoft Advertising SDK for XAML -> C:\Program Files\WindowsApps\Microsoft.Advertising.Xaml_10.1811.1.0_x86__8wekyb3d8bbwe [2019-02-12] (Microsoft Corporation) [MS Ad]
Solitaire & Casual Games -> C:\Program Files\WindowsApps\Microsoft.MicrosoftSolitaireCollection_4.15.12020.0_x64__8wekyb3d8bbwe [2022-12-10] (Microsoft Studios) [MS Ad]
Spotify Music -> C:\Program Files\WindowsApps\SpotifyAB.SpotifyMusic_1.200.1165.0_x86__zpdnekdrzrea0 [2022-12-10] (Spotify AB) [Startup Task]
Twitter -> C:\Program Files\WindowsApps\9E2F88E3.TWITTER_7.0.1.0_neutral__wgeqdkkx372wm [2021-06-16] (Twitter Inc.)
==================== Custom CLSID (Whitelisted): ==============
(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)
CustomCLSID: HKU\S-1-5-21-2413350920-2034389097-1973294252-1001_Classes\CLSID\{BCA9D37C-CA60-4160-9115-97A00F24702D}\localserver32 -> C:\Users\Luděk\AppData\Local\Vivaldi\Application\2.9.1705.41\notification_helper.exe (Vivaldi Technologies AS -> Vivaldi Technologies AS)
ContextMenuHandlers1: [2.0 Zemana AntiMalware] -> {6ABB1C11-E261-4CEA-BBB5-3836225689DD} => C:\Program Files (x86)\Zemana\AntiMalware\AM_ShellExt64.dll [2021-03-30] (Zemana D.O.O. Sarajevo -> Advanced Malware Protection. Copyright 2019.)
ContextMenuHandlers1: [7-Zip] -> {23170F69-40C1-278A-1000-000100020000} => C:\Program Files\7-Zip\7-zip.dll [2015-12-31] (Igor Pavlov) [File not signed]
ContextMenuHandlers1: [DefragglerShellExtension] -> {4380C993-0C43-4E02-9A7A-0D40B6EA7590} => C:\Program Files\Defraggler\DefragglerShell64.dll [2018-05-02] (Piriform Ltd -> Piriform Ltd)
ContextMenuHandlers3: [MBAMShlExt] -> {57CE581A-0CB6-4266-9CA0-19364C90A0B3} => -> No File
ContextMenuHandlers4: [7-Zip] -> {23170F69-40C1-278A-1000-000100020000} => C:\Program Files\7-Zip\7-zip.dll [2015-12-31] (Igor Pavlov) [File not signed]
ContextMenuHandlers4: [RecuvaShellExt] -> {435E5DF5-2510-463C-B223-BDA47006D002} => C:\Program Files\Recuva\RecuvaShell64.dll [2016-06-06] (Piriform Ltd -> Piriform Ltd)
ContextMenuHandlers5: [ACE] -> {5E2121EE-0300-11D4-8D3B-444553540000} => C:\Program Files (x86)\ATI Technologies\ATI.ACE\Core-Static\atiacm64.dll [2015-11-04] (Advanced Micro Devices, Inc. -> Advanced Micro Devices, Inc.)
ContextMenuHandlers6: [2.0 Zemana AntiMalware] -> {6ABB1C11-E261-4CEA-BBB5-3836225689DD} => C:\Program Files (x86)\Zemana\AntiMalware\AM_ShellExt64.dll [2021-03-30] (Zemana D.O.O. Sarajevo -> Advanced Malware Protection. Copyright 2019.)
ContextMenuHandlers6: [7-Zip] -> {23170F69-40C1-278A-1000-000100020000} => C:\Program Files\7-Zip\7-zip.dll [2015-12-31] (Igor Pavlov) [File not signed]
ContextMenuHandlers6: [DefragglerShellExtension] -> {4380C993-0C43-4E02-9A7A-0D40B6EA7590} => C:\Program Files\Defraggler\DefragglerShell64.dll [2018-05-02] (Piriform Ltd -> Piriform Ltd)
ContextMenuHandlers6: [MBAMShlExt] -> {57CE581A-0CB6-4266-9CA0-19364C90A0B3} => -> No File
ContextMenuHandlers6: [RecuvaShellExt] -> {435E5DF5-2510-463C-B223-BDA47006D002} => C:\Program Files\Recuva\RecuvaShell64.dll [2016-06-06] (Piriform Ltd -> Piriform Ltd)
==================== Codecs (Whitelisted) ====================
(If an entry is included in the fixlist, the registry item will be restored to default or removed. The file will not be moved.)
HKLM\...\Drivers32: [VIDC.FMVC] => C:\Windows\SysWOW64\fmcodec.dll [77824 2008-08-18] (Fox Magic Software) [File not signed]
==================== Shortcuts & WMI ========================
==================== Loaded Modules (Whitelisted) =============
2016-08-28 18:36 - 2014-01-10 15:01 - 000061440 _____ () [File not signed] C:\Program Files (x86)\Gaming Keyboard\hiddriver.dll
2016-08-28 18:36 - 2014-06-23 08:58 - 000057344 _____ () [File not signed] C:\Program Files (x86)\Gaming Keyboard\lan.dll
2014-02-11 05:08 - 2014-02-11 05:08 - 000817152 _____ () [File not signed] C:\Program Files\ATI Technologies\ATI.ACE\Fuel\Device.dll
2015-11-04 15:43 - 2015-11-04 15:43 - 000214528 _____ () [File not signed] C:\Program Files\ATI Technologies\ATI.ACE\Fuel\Fuel.Container.PerformanceTuning.dll
2015-11-04 15:43 - 2015-11-04 15:43 - 000102400 _____ () [File not signed] C:\Program Files\ATI Technologies\ATI.ACE\Fuel\Fuel.Proxy.Native.dll
2014-02-11 05:08 - 2014-02-11 05:08 - 003650560 _____ () [File not signed] C:\Program Files\ATI Technologies\ATI.ACE\Fuel\Platform.dll
==================== Alternate Data Streams (Whitelisted) ========
(If an entry is included in the fixlist, only the ADS will be removed.)
AlternateDataStreams: C:\Users\Luděk\Desktop\opocno.jpeg:3or4kl4x13tuuug3Byamue2s4b [97]
AlternateDataStreams: C:\Users\Luděk\Desktop\opocno.jpeg:{4c8cc155-6c1e-11d1-8e41-00c04fb9386d} [0]
AlternateDataStreams: C:\Users\Luděk\Desktop\ratiborice.jpeg:3or4kl4x13tuuug3Byamue2s4b [97]
AlternateDataStreams: C:\Users\Luděk\Desktop\ratiborice.jpeg:{4c8cc155-6c1e-11d1-8e41-00c04fb9386d} [0]
==================== Safe Mode (Whitelisted) ==================
(If an entry is included in the fixlist, it will be removed from the registry. The "AlternateShell" will be restored.)
HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\amsdk.sys => ""="Driver"
HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\MBAMService => ""="Service"
HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Network\amsdk.sys => ""="Driver"
HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Network\MBAMService => ""="Service"
==================== Association (Whitelisted) =================
==================== Internet Explorer (Whitelisted) ==========
==================== Hosts content: =========================
(If needed Hosts: directive could be included in the fixlist to reset Hosts.)
2015-10-30 08:24 - 2021-11-15 15:40 - 000000841 _____ C:\WINDOWS\system32\drivers\etc\hosts
127.0.0.1 localhost
==================== Other Areas ===========================
(Currently there is no automatic fix for this section.)
HKLM\System\CurrentControlSet\Control\Session Manager\Environment\\Path -> C:\Program Files (x86)\NVIDIA Corporation\PhysX\Common;%SystemRoot%\system32;%SystemRoot%;%SystemRoot%\System32\Wbem;%SYSTEMROOT%\System32\WindowsPowerShell\v1.0\;C:\Program Files (x86)\ATI Technologies\ATI.ACE\Core-Static;%SYSTEMROOT%\System32\OpenSSH\;C:\Program Files (x86)\dotnet\
HKU\S-1-5-21-2413350920-2034389097-1973294252-1001\Control Panel\Desktop\\Wallpaper -> c:\users\luděk\desktop\23405690_10155784424993349_3093559559454387695_o.jpg
DNS Servers: 192.168.2.1
HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Policies\System => (ConsentPromptBehaviorAdmin: 5) (ConsentPromptBehaviorUser: 3) (EnableLUA: 1)
HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer => (SmartScreenEnabled: Warn)
Windows Firewall is enabled.
==================== MSCONFIG/TASK MANAGER disabled items ==
(If an entry is included in the fixlist, it will be removed.)
HKU\S-1-5-21-2413350920-2034389097-1973294252-1001\...\StartupApproved\Run: => "Steam"
==================== FirewallRules (Whitelisted) ================
(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)
FirewallRules: [{7ABA0ABF-410C-4443-BFFD-C3AD37E0E53C}] => (Allow) C:\Program Files (x86)\Steam\steamapps\common\RailWorks\RailWorks.exe () [File not signed]
FirewallRules: [{CDD8E730-DEE0-4241-9E1B-7CDF2EF2A75D}] => (Allow) C:\Program Files (x86)\Steam\steamapps\common\RailWorks\RailWorks.exe () [File not signed]
FirewallRules: [{5C6661D2-A8BF-474C-8071-1CA5D81D937D}] => (Allow) C:\Program Files (x86)\Steam\Steam.exe (Valve Corp. -> Valve Corporation)
FirewallRules: [{8315A6EE-10C1-4756-B662-684C7C8C61B1}] => (Allow) C:\Program Files (x86)\Steam\Steam.exe (Valve Corp. -> Valve Corporation)
FirewallRules: [UDP Query User{15F6940B-8956-4508-9026-1635FF597393}C:\program files\hp\hp deskjet 6520 series\bin\hpnetworkcommunicator.exe] => (Block) C:\program files\hp\hp deskjet 6520 series\bin\hpnetworkcommunicator.exe (Hewlett Packard -> Hewlett-Packard Co.)
FirewallRules: [TCP Query User{0587E1A2-CD53-4846-A0ED-932212A520D5}C:\program files\hp\hp deskjet 6520 series\bin\hpnetworkcommunicator.exe] => (Block) C:\program files\hp\hp deskjet 6520 series\bin\hpnetworkcommunicator.exe (Hewlett Packard -> Hewlett-Packard Co.)
FirewallRules: [UDP Query User{6769A318-1795-4A62-B2AF-2E4E2DCCF199}C:\program files\hp\hp deskjet 6520 series\bin\hpnetworkcommunicatorcom.exe] => (Block) C:\program files\hp\hp deskjet 6520 series\bin\hpnetworkcommunicatorcom.exe (Hewlett Packard -> Hewlett-Packard Co.)
FirewallRules: [TCP Query User{A4CE6DE5-D5CE-4C63-AC4E-B04EDC316D0E}C:\program files\hp\hp deskjet 6520 series\bin\hpnetworkcommunicatorcom.exe] => (Block) C:\program files\hp\hp deskjet 6520 series\bin\hpnetworkcommunicatorcom.exe (Hewlett Packard -> Hewlett-Packard Co.)
FirewallRules: [UDP Query User{5B4D5438-B92D-4902-A212-D7A6FBD6E979}C:\program files\hp\hp deskjet 6520 series\bin\hpnetworkcommunicatorcom.exe] => (Allow) C:\program files\hp\hp deskjet 6520 series\bin\hpnetworkcommunicatorcom.exe (Hewlett Packard -> Hewlett-Packard Co.)
FirewallRules: [TCP Query User{27F63A43-C233-4699-A3DE-D9DA052DC1D8}C:\program files\hp\hp deskjet 6520 series\bin\hpnetworkcommunicatorcom.exe] => (Allow) C:\program files\hp\hp deskjet 6520 series\bin\hpnetworkcommunicatorcom.exe (Hewlett Packard -> Hewlett-Packard Co.)
FirewallRules: [UDP Query User{584CC4F1-36B3-4E0B-950D-A6450CE09DF5}C:\program files\hp\hp deskjet 6520 series\bin\hpnetworkcommunicator.exe] => (Allow) C:\program files\hp\hp deskjet 6520 series\bin\hpnetworkcommunicator.exe (Hewlett Packard -> Hewlett-Packard Co.)
FirewallRules: [TCP Query User{38800719-7A9A-4CF3-8FB0-59FFABD3A30D}C:\program files\hp\hp deskjet 6520 series\bin\hpnetworkcommunicator.exe] => (Allow) C:\program files\hp\hp deskjet 6520 series\bin\hpnetworkcommunicator.exe (Hewlett Packard -> Hewlett-Packard Co.)
FirewallRules: [{426C08BD-211C-46D5-AC20-9559816DC8C3}] => (Allow) C:\Program Files (x86)\Steam\bin\cef\cef.win7x64\steamwebhelper.exe (Valve Corp. -> Valve Corporation)
FirewallRules: [{7BD95FC3-D0FE-44D6-BD7A-AE0984B6C69A}] => (Allow) C:\Program Files (x86)\Steam\bin\cef\cef.win7x64\steamwebhelper.exe (Valve Corp. -> Valve Corporation)
FirewallRules: [{DD64A906-5282-4944-9764-DC8AFD732483}] => (Allow) C:\Program Files\Mozilla Firefox\firefox.exe (Mozilla Corporation -> Mozilla Corporation)
FirewallRules: [{241AF613-6422-4F70-BB99-5A269BD7F73F}] => (Allow) C:\Program Files\Mozilla Firefox\firefox.exe (Mozilla Corporation -> Mozilla Corporation)
FirewallRules: [{4C387352-FDC8-4944-BCDD-181FC6FADF22}] => (Allow) C:\Program Files (x86)\Steam\steamapps\common\OMSI 2\Omsi.exe (MR-Software) [File not signed]
FirewallRules: [{48D88520-5094-4192-9F62-0D5E2B037BF4}] => (Allow) C:\Program Files (x86)\Steam\steamapps\common\OMSI 2\Omsi.exe (MR-Software) [File not signed]
FirewallRules: [{8A2BEFAB-3AF2-4B8F-A1F6-16B877795CD3}] => (Allow) C:\Program Files (x86)\Steam\steamapps\common\RailWorks\RailWorks64.exe () [File not signed]
FirewallRules: [{081441BF-23BF-4705-864B-7AF0FB551E3B}] => (Allow) C:\Program Files (x86)\Steam\steamapps\common\RailWorks\RailWorks64.exe () [File not signed]
FirewallRules: [{59734E27-FF46-4D5B-AAF7-2140B7053E6E}] => (Allow) C:\Program Files (x86)\Steam\steamapps\common\Spintires\SpinTires.exe (Oovee Ltd.) [File not signed]
FirewallRules: [{031BADA1-78FC-400D-B655-3C1F577ED47E}] => (Allow) C:\Program Files (x86)\Steam\steamapps\common\Spintires\SpinTires.exe (Oovee Ltd.) [File not signed]
FirewallRules: [{78ABEC01-D2C1-4AAA-AE13-92284106D4AF}] => (Allow) C:\Program Files (x86)\Steam\steamapps\common\OMSI 2\Launcher.exe () [File not signed]
FirewallRules: [{1069A213-6C57-4D31-BC22-B3DA47D699D3}] => (Allow) C:\Program Files (x86)\Steam\steamapps\common\OMSI 2\Launcher.exe () [File not signed]
FirewallRules: [TCP Query User{89733AC4-56D4-4C4D-8CB6-2ACF47255A88}C:\users\luděk\appdata\local\programs\opera\opera.exe] => (Block) C:\users\luděk\appdata\local\programs\opera\opera.exe (Opera Norway AS -> Opera Software)
FirewallRules: [UDP Query User{DCD664F8-6CFB-4F6C-95B2-E67391D95F39}C:\users\luděk\appdata\local\programs\opera\opera.exe] => (Block) C:\users\luděk\appdata\local\programs\opera\opera.exe (Opera Norway AS -> Opera Software)
FirewallRules: [TCP Query User{1AD45766-C04E-4E05-BEB7-70A3552ED9A7}C:\maszyna_2\aria2c.exe] => (Allow) C:\maszyna_2\aria2c.exe () [File not signed]
FirewallRules: [UDP Query User{175187BB-50A1-41FE-ABA2-1C61894B1066}C:\maszyna_2\aria2c.exe] => (Allow) C:\maszyna_2\aria2c.exe () [File not signed]
FirewallRules: [{A9E0D998-661A-404D-890C-657FF92CB0FA}] => (Allow) C:\Program Files (x86)\Steam\steamapps\common\Euro Truck Simulator 2\bin\win_x64\eurotrucks2.exe (SCS Software s.r.o. -> SCS Software)
FirewallRules: [{EF27614A-8DB5-4781-8FAA-20E195FB0ED5}] => (Allow) C:\Program Files (x86)\Steam\steamapps\common\Euro Truck Simulator 2\bin\win_x64\eurotrucks2.exe (SCS Software s.r.o. -> SCS Software)
FirewallRules: [{FD11E358-628C-452B-8D2E-78C4F2C0F49C}] => (Allow) C:\Program Files (x86)\Steam\steamapps\common\Euro Truck Simulator 2\bin\win_x86\eurotrucks2.exe (SCS Software s.r.o. -> SCS Software)
FirewallRules: [{3B9051B5-BF44-4A74-89E7-2341625BA091}] => (Allow) C:\Program Files (x86)\Steam\steamapps\common\Euro Truck Simulator 2\bin\win_x86\eurotrucks2.exe (SCS Software s.r.o. -> SCS Software)
FirewallRules: [{A7B26027-6882-41EF-9CF7-C11DF8120399}] => (Allow) C:\Program Files\WindowsApps\SpotifyAB.SpotifyMusic_1.200.1165.0_x86__zpdnekdrzrea0\Spotify.exe (Spotify AB -> Spotify Ltd)
FirewallRules: [{916F50C1-0986-4A08-9109-1D5AFAA1ACDF}] => (Allow) C:\Program Files\WindowsApps\SpotifyAB.SpotifyMusic_1.200.1165.0_x86__zpdnekdrzrea0\Spotify.exe (Spotify AB -> Spotify Ltd)
FirewallRules: [{D33D6519-64D2-486F-A622-5A4335197CA5}] => (Allow) C:\Program Files\WindowsApps\SpotifyAB.SpotifyMusic_1.200.1165.0_x86__zpdnekdrzrea0\Spotify.exe (Spotify AB -> Spotify Ltd)
FirewallRules: [{7D229DC7-3EB8-4ED1-82A2-623FCD47345D}] => (Allow) C:\Program Files\WindowsApps\SpotifyAB.SpotifyMusic_1.200.1165.0_x86__zpdnekdrzrea0\Spotify.exe (Spotify AB -> Spotify Ltd)
FirewallRules: [{1BCFA279-C6BB-49E5-AE43-4AC2EC5DC220}] => (Allow) C:\Program Files\WindowsApps\SpotifyAB.SpotifyMusic_1.200.1165.0_x86__zpdnekdrzrea0\Spotify.exe (Spotify AB -> Spotify Ltd)
FirewallRules: [{E9B57F1F-A585-460F-B922-BC007DBD3748}] => (Allow) C:\Program Files\WindowsApps\SpotifyAB.SpotifyMusic_1.200.1165.0_x86__zpdnekdrzrea0\Spotify.exe (Spotify AB -> Spotify Ltd)
FirewallRules: [{FBEB9B83-AF74-4DE4-810C-CB884355E95C}] => (Allow) C:\Program Files\WindowsApps\SpotifyAB.SpotifyMusic_1.200.1165.0_x86__zpdnekdrzrea0\Spotify.exe (Spotify AB -> Spotify Ltd)
FirewallRules: [{036B8F25-4C87-45DF-A497-71A6BA234BCE}] => (Allow) C:\Program Files\WindowsApps\SpotifyAB.SpotifyMusic_1.200.1165.0_x86__zpdnekdrzrea0\Spotify.exe (Spotify AB -> Spotify Ltd)
FirewallRules: [{4B4984E7-7CCD-490E-9E0A-AB3A85A81461}] => (Allow) C:\Program Files\WindowsApps\Microsoft.SkypeApp_15.92.3204.0_x86__kzf8qxf38zg5c\Skype\Skype.exe (Skype Software Sarl -> Skype Technologies S.A.)
FirewallRules: [{E5E99D23-0CFA-4D14-9C07-4C73CD2ACADB}] => (Allow) C:\Program Files\WindowsApps\Microsoft.SkypeApp_15.92.3204.0_x86__kzf8qxf38zg5c\Skype\Skype.exe (Skype Software Sarl -> Skype Technologies S.A.)
FirewallRules: [{56A0CFAB-1205-44A0-9737-BB62D73E786E}] => (Allow) C:\Program Files\WindowsApps\Microsoft.SkypeApp_15.92.3204.0_x86__kzf8qxf38zg5c\Skype\Skype.exe (Skype Software Sarl -> Skype Technologies S.A.)
FirewallRules: [{0C4F53E0-037C-4900-88E6-B92B9290C3D1}] => (Allow) C:\Program Files\WindowsApps\Microsoft.SkypeApp_15.92.3204.0_x86__kzf8qxf38zg5c\Skype\Skype.exe (Skype Software Sarl -> Skype Technologies S.A.)
FirewallRules: [{A97D6038-C299-4285-9358-3FC61846AA33}] => (Allow) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe (Google LLC -> Google LLC)
FirewallRules: [TCP Query User{E7652214-B165-43D1-B61C-8253CDE8FBE4}C:\users\luděk\appdata\local\programs\opera\opera.exe] => (Block) C:\users\luděk\appdata\local\programs\opera\opera.exe (Opera Norway AS -> Opera Software)
FirewallRules: [UDP Query User{A93F5D6F-EF6B-40BA-ABBB-C5FE3D3E727F}C:\users\luděk\appdata\local\programs\opera\opera.exe] => (Block) C:\users\luděk\appdata\local\programs\opera\opera.exe (Opera Norway AS -> Opera Software)
FirewallRules: [{B2AC809F-4080-4CA5-B613-02114F0DF270}] => (Allow) C:\Program Files (x86)\Microsoft\EdgeWebView\Application\109.0.1518.52\msedgewebview2.exe (Microsoft Corporation -> Microsoft Corporation)
==================== Restore Points =========================
01-01-2023 10:09:45 Instalační služba modulů systému Windows
02-01-2023 18:54:27 Instalační služba modulů systému Windows
21-01-2023 10:25:00 Instalační služba modulů systému Windows
21-01-2023 11:18:09 Instalační služba modulů systému Windows
21-01-2023 11:36:28 Instalační služba modulů systému Windows
==================== Faulty Device Manager Devices ============
==================== Event log errors: ========================
Application errors:
==================
Error: (01/21/2023 10:20:13 AM) (Source: Application Hang) (EventID: 1002) (User: )
Description: Program SearchApp.exe verze 10.0.19041.1949 přestal spolupracovat s Windows a byl ukončen. Pokud chcete zjistit, jestli je k dispozici více informací o tomto problému, vyhledejte historii problému na ovládacím panelu Zabezpečení a údržba.
ID procesu: 9350
Čas spuštění: 01d92d76246158fe
Čas ukončení: 4294967295
Cesta k aplikaci: C:\Windows\SystemApps\Microsoft.Windows.Search_cw5n1h2txyewy\SearchApp.exe
ID hlášení: 28e7435c-193c-4f83-989e-5d2b7bbd453f
Úplný název balíčku s chybou: Microsoft.Windows.Search_1.14.7.19041_neutral_neutral_cw5n1h2txyewy
ID aplikace relativní podle balíčku s chybou: ShellFeedsUI
Typ zablokování: Quiesce
Error: (01/21/2023 09:55:41 AM) (Source: Application Hang) (EventID: 1002) (User: )
Description: Program XboxGameBarSpotify.exe verze 0.0.0.0 přestal spolupracovat s Windows a byl ukončen. Pokud chcete zjistit, jestli je k dispozici více informací o tomto problému, vyhledejte historii problému na ovládacím panelu Zabezpečení a údržba.
ID procesu: c80
Čas spuštění: 01d92d75ebd4f39d
Čas ukončení: 4294967295
Cesta k aplikaci: C:\Program Files\WindowsApps\SpotifyAB.SpotifyMusic_1.200.1165.0_x86__zpdnekdrzrea0\XboxGameBarSpotify.exe
ID hlášení: e32220d6-0bf5-430a-ac09-7ffceb4e73e3
Úplný název balíčku s chybou: SpotifyAB.SpotifyMusic_1.200.1165.0_x86__zpdnekdrzrea0
ID aplikace relativní podle balíčku s chybou: Widget
Typ zablokování: Cross-thread
Error: (01/15/2023 09:53:24 AM) (Source: Application Hang) (EventID: 1002) (User: )
Description: Program opera.exe verze 94.0.4606.38 přestal spolupracovat s Windows a byl ukončen. Pokud chcete zjistit, jestli je k dispozici více informací o tomto problému, vyhledejte historii problému na ovládacím panelu Zabezpečení a údržba.
ID procesu: 6f68
Čas spuštění: 01d928bccd45b221
Čas ukončení: 60000
Cesta k aplikaci: C:\Users\Luděk\AppData\Local\Programs\Opera\opera.exe
ID hlášení: 45a33d4b-a82a-4e19-9f8d-8d44f1ed3665
Úplný název balíčku s chybou:
ID aplikace relativní podle balíčku s chybou:
Typ zablokování: Cross-thread
Error: (01/14/2023 09:18:49 PM) (Source: Application Error) (EventID: 1000) (User: )
Description: Název chybující aplikace: wuauclt.exe, verze: 10.0.19041.1949, časové razítko: 0x17884906
Název chybujícího modulu: ntdll.dll, verze: 10.0.19041.1949, časové razítko: 0xfe96c48e
Kód výjimky: 0xc0000005
Posun chyby: 0x0000000000063466
ID chybujícího procesu: 0x1c4
Čas spuštění chybující aplikace: 0x01d91eb6d5a05952
Cesta k chybující aplikaci: C:\WINDOWS\system32\wuauclt.exe
Cesta k chybujícímu modulu: C:\WINDOWS\SYSTEM32\ntdll.dll
ID zprávy: 0a6fbdbd-197d-4e5b-befb-04f141ea053d
Úplný název chybujícího balíčku:
ID aplikace související s chybujícím balíčkem:
Error: (01/01/2023 05:27:19 PM) (Source: Application Error) (EventID: 1000) (User: )
Description: Název chybující aplikace: wuauclt.exe, verze: 10.0.19041.1949, časové razítko: 0x17884906
Název chybujícího modulu: ntdll.dll, verze: 10.0.19041.1949, časové razítko: 0xfe96c48e
Kód výjimky: 0xc0000005
Posun chyby: 0x0000000000063466
ID chybujícího procesu: 0x8a4
Čas spuštění chybující aplikace: 0x01d91dc0b59e7108
Cesta k chybující aplikaci: C:\WINDOWS\system32\wuauclt.exe
Cesta k chybujícímu modulu: C:\WINDOWS\SYSTEM32\ntdll.dll
ID zprávy: 7ac5ea44-7862-4b62-86c0-0d012210f7cf
Úplný název chybujícího balíčku:
ID aplikace související s chybujícím balíčkem:
Error: (12/31/2022 06:29:28 PM) (Source: Application Hang) (EventID: 1002) (User: )
Description: Program Microsoft.Photos.exe verze 2022.30120.12006.0 přestal spolupracovat s Windows a byl ukončen. Pokud chcete zjistit, jestli je k dispozici více informací o tomto problému, vyhledejte historii problému na ovládacím panelu Zabezpečení a údržba.
ID procesu: 138
Čas spuštění: 01d91d3d56284513
Čas ukončení: 4294967295
Cesta k aplikaci: C:\Program Files\WindowsApps\Microsoft.Windows.Photos_2022.30120.12006.0_x64__8wekyb3d8bbwe\Microsoft.Photos.exe
ID hlášení: 7cd03b0b-c7d8-4984-8b20-53b8b9a1500d
Úplný název balíčku s chybou: Microsoft.Windows.Photos_2022.30120.12006.0_x64__8wekyb3d8bbwe
ID aplikace relativní podle balíčku s chybou: App
Typ zablokování: Quiesce
Error: (12/31/2022 04:09:23 PM) (Source: Application Hang) (EventID: 1002) (User: )
Description: Program SearchApp.exe verze 10.0.19041.1949 přestal spolupracovat s Windows a byl ukončen. Pokud chcete zjistit, jestli je k dispozici více informací o tomto problému, vyhledejte historii problému na ovládacím panelu Zabezpečení a údržba.
ID procesu: 5d8
Čas spuštění: 01d91d1f1612135e
Čas ukončení: 4294967295
Cesta k aplikaci: C:\Windows\SystemApps\Microsoft.Windows.Search_cw5n1h2txyewy\SearchApp.exe
ID hlášení: 901ca01e-1693-452f-bece-ad5e9998ba8a
Úplný název balíčku s chybou: Microsoft.Windows.Search_1.14.7.19041_neutral_neutral_cw5n1h2txyewy
ID aplikace relativní podle balíčku s chybou: ShellFeedsUI
Typ zablokování: Quiesce
Error: (12/31/2022 03:15:53 PM) (Source: Microsoft-Windows-PerfNet) (EventID: 2004) (User: DESKTOP-MDPI0UB)
Description: Nelze otevřít objekt výkonu služby serveru. Vrácený kód stavu představují první čtyři bajty (DWORD) datové části.
System errors:
=============
Error: (01/21/2023 11:49:25 AM) (Source: DCOM) (EventID: 10010) (User: DESKTOP-MDPI0UB)
Description: Server {AB8902B4-09CA-4BB6-B78D-A8F59079A8D5} se v daném časovém limitu neregistroval u služby DCOM.
Error: (01/21/2023 11:49:25 AM) (Source: DCOM) (EventID: 10010) (User: DESKTOP-MDPI0UB)
Description: Server {AB8902B4-09CA-4BB6-B78D-A8F59079A8D5} se v daném časovém limitu neregistroval u služby DCOM.
Error: (01/21/2023 11:49:24 AM) (Source: DCOM) (EventID: 10010) (User: DESKTOP-MDPI0UB)
Description: Server {AB8902B4-09CA-4BB6-B78D-A8F59079A8D5} se v daném časovém limitu neregistroval u služby DCOM.
Error: (01/21/2023 11:49:24 AM) (Source: DCOM) (EventID: 10010) (User: DESKTOP-MDPI0UB)
Description: Server {AB8902B4-09CA-4BB6-B78D-A8F59079A8D5} se v daném časovém limitu neregistroval u služby DCOM.
Error: (01/21/2023 11:49:24 AM) (Source: DCOM) (EventID: 10010) (User: DESKTOP-MDPI0UB)
Description: Server {AB8902B4-09CA-4BB6-B78D-A8F59079A8D5} se v daném časovém limitu neregistroval u služby DCOM.
Error: (01/21/2023 11:49:24 AM) (Source: DCOM) (EventID: 10010) (User: DESKTOP-MDPI0UB)
Description: Server {AB8902B4-09CA-4BB6-B78D-A8F59079A8D5} se v daném časovém limitu neregistroval u služby DCOM.
Error: (01/21/2023 11:49:23 AM) (Source: DCOM) (EventID: 10010) (User: DESKTOP-MDPI0UB)
Description: Server {AB8902B4-09CA-4BB6-B78D-A8F59079A8D5} se v daném časovém limitu neregistroval u služby DCOM.
Error: (01/21/2023 11:49:23 AM) (Source: DCOM) (EventID: 10010) (User: DESKTOP-MDPI0UB)
Description: Server {AB8902B4-09CA-4BB6-B78D-A8F59079A8D5} se v daném časovém limitu neregistroval u služby DCOM.
Windows Defender:
================
Date: 2023-01-21 14:40:41
Description:
Antivirová ochrana v programu Microsoft Defender zjistil malware nebo jiný potenciálně nežádoucí software.
Další informace:
https://go.microsoft.com/fwlink/?linkid ... terprise=0
Název: PUABundler:Win32/PiriformBundler
Závažnost: Nízké
Kategorie: Potenciálně nežádoucí software
Cesta: containerfile:_C:\Users\Luděk\Desktop\ccsetup563.exe; containerfile:_C:\Users\Luděk\Desktop\dfsetup222.exe; file:_C:\Users\Luděk\Desktop\ccsetup563.exe; file:_C:\Users\Luděk\Desktop\ccsetup563.exe->(nsis-instdata); file:_C:\Users\Luděk\Desktop\dfsetup222.exe; file:_C:\Users\Luděk\Desktop\dfsetup222.exe->(nsis-instdata)
Původ detekce: Místní počítač
Typ detekce: Konkrétní
Zdroj detekce: Ochrana v reálném čase
Uživatel:
Název procesu: C:\Users\Luděk\Desktop\FRST64.exe
Verze bezpečnostních informací: AV: 1.381.2497.0, AS: 1.381.2497.0, NIS: 1.381.2497.0
Verze modulu: AM: 1.1.19900.2, NIS: 1.1.19900.2
Date: 2023-01-21 09:52:57
Description:
Antivirová ochrana v programu Microsoft Defender zjistil malware nebo jiný potenciálně nežádoucí software.
Další informace:
https://go.microsoft.com/fwlink/?linkid ... terprise=0
Název: PUABundler:Win32/PiriformBundler
Závažnost: Nízké
Kategorie: Potenciálně nežádoucí software
Cesta: file:_C:\Users\Luděk\Desktop\ccsetup563.exe; file:_C:\Users\Luděk\Desktop\dfsetup222.exe
Původ detekce: Místní počítač
Typ detekce: FastPath
Zdroj detekce: Ochrana v reálném čase
Uživatel: DESKTOP-MDPI0UB\Luděk
Název procesu: C:\Windows\explorer.exe
Verze bezpečnostních informací: AV: 1.381.1467.0, AS: 1.381.1467.0, NIS: 1.381.1467.0
Verze modulu: AM: 1.1.19900.2, NIS: 1.1.19900.2
Date: 2023-01-20 18:13:09
Description:
Antivirová ochrana v programu Microsoft Defender zjistil malware nebo jiný potenciálně nežádoucí software.
Další informace:
https://go.microsoft.com/fwlink/?linkid ... terprise=0
Název: PUABundler:Win32/PiriformBundler
Závažnost: Nízké
Kategorie: Potenciálně nežádoucí software
Cesta: file:_C:\Users\Luděk\Desktop\ccsetup563.exe; file:_C:\Users\Luděk\Desktop\dfsetup222.exe
Původ detekce: Místní počítač
Typ detekce: FastPath
Zdroj detekce: Ochrana v reálném čase
Uživatel: DESKTOP-MDPI0UB\Luděk
Název procesu: C:\Windows\explorer.exe
Verze bezpečnostních informací: AV: 1.381.1467.0, AS: 1.381.1467.0, NIS: 1.381.1467.0
Verze modulu: AM: 1.1.19900.2, NIS: 1.1.19900.2
Date: 2023-01-20 18:13:03
Description:
Antivirová ochrana v programu Microsoft Defender zjistil malware nebo jiný potenciálně nežádoucí software.
Další informace:
https://go.microsoft.com/fwlink/?linkid ... terprise=0
Název: PUABundler:Win32/PiriformBundler
Závažnost: Nízké
Kategorie: Potenciálně nežádoucí software
Cesta: file:_C:\Users\Luděk\Desktop\ccsetup563.exe
Původ detekce: Místní počítač
Typ detekce: FastPath
Zdroj detekce: Ochrana v reálném čase
Uživatel: DESKTOP-MDPI0UB\Luděk
Název procesu: C:\Windows\explorer.exe
Verze bezpečnostních informací: AV: 1.381.1467.0, AS: 1.381.1467.0, NIS: 1.381.1467.0
Verze modulu: AM: 1.1.19900.2, NIS: 1.1.19900.2
Date: 2022-12-30 12:33:44
Description:
Antivirová ochrana v programu Microsoft Defender zjistil malware nebo jiný potenciálně nežádoucí software.
Další informace:
https://go.microsoft.com/fwlink/?linkid ... terprise=0
Název: PUABundler:Win32/PiriformBundler
Závažnost: Nízké
Kategorie: Potenciálně nežádoucí software
Cesta: containerfile:_C:\Users\Luděk\Desktop\ccsetup563.exe; containerfile:_C:\Users\Luděk\Desktop\dfsetup222.exe; file:_C:\Users\Luděk\Desktop\ccsetup563.exe; file:_C:\Users\Luděk\Desktop\ccsetup563.exe->(nsis-instdata); file:_C:\Users\Luděk\Desktop\dfsetup222.exe; file:_C:\Users\Luděk\Desktop\dfsetup222.exe->(nsis-instdata)
Původ detekce: Místní počítač
Typ detekce: Konkrétní
Zdroj detekce: Ochrana v reálném čase
Uživatel:
Název procesu: C:\Windows\explorer.exe
Verze bezpečnostních informací: AV: 1.381.1377.0, AS: 1.381.1377.0, NIS: 1.381.1377.0
Verze modulu: AM: 1.1.19900.2, NIS: 1.1.19900.2
Event[0]:
Date: 2023-01-21 12:46:47
Description:
Antivirová ochrana v programu Microsoft Defender narazil na chybu při pokusu o aktualizaci bezpečnostních informací.
Nová verze bezpečnostních informací:
Předchozí verze bezpečnostních informací: 1.381.1467.0
Zdroj aktualizace: Centrum společnosti Microsoft pro ochranu před škodlivým softwarem
Typ bezpečnostních informací: Antivirový program
Typ aktualizace: Úplné
Uživatel: NT AUTHORITY\NETWORK SERVICE
Aktuální verze modulu:
Předchozí verze modulu: 1.1.19900.2
Kód chyby: 0x80070020
Popis chyby: Proces nemá přístup k souboru, neboť jej právě využívá jiný proces.
Date: 2023-01-21 12:46:47
Description:
Antivirová ochrana v programu Microsoft Defender narazil na chybu při pokusu o aktualizaci bezpečnostních informací.
Nová verze bezpečnostních informací:
Předchozí verze bezpečnostních informací: 1.381.1467.0
Zdroj aktualizace: Centrum společnosti Microsoft pro ochranu před škodlivým softwarem
Typ bezpečnostních informací: Antispywarový program
Typ aktualizace: Úplné
Uživatel: NT AUTHORITY\NETWORK SERVICE
Aktuální verze modulu:
Předchozí verze modulu: 1.1.19900.2
Kód chyby: 0x80070020
Popis chyby: Proces nemá přístup k souboru, neboť jej právě využívá jiný proces.
Date: 2023-01-21 12:46:47
Description:
Antivirová ochrana v programu Microsoft Defender narazil na chybu při pokusu o aktualizaci bezpečnostních informací.
Nová verze bezpečnostních informací:
Předchozí verze bezpečnostních informací: 1.381.1467.0
Zdroj aktualizace: Centrum společnosti Microsoft pro ochranu před škodlivým softwarem
Typ bezpečnostních informací: Antivirový program
Typ aktualizace: Úplné
Uživatel: NT AUTHORITY\NETWORK SERVICE
Aktuální verze modulu:
Předchozí verze modulu: 1.1.19900.2
Kód chyby: 0x80070020
Popis chyby: Proces nemá přístup k souboru, neboť jej právě využívá jiný proces.
Date: 2023-01-21 12:44:30
Description:
Antivirová ochrana v programu Microsoft Defender narazil na chybu při pokusu o aktualizaci bezpečnostních informací.
Nová verze bezpečnostních informací:
Předchozí verze bezpečnostních informací: 1.381.1467.0
Zdroj aktualizace: Server Microsoft Update
Typ bezpečnostních informací: Antivirový program
Typ aktualizace: Úplné
Uživatel: NT AUTHORITY\SYSTEM
Aktuální verze modulu:
Předchozí verze modulu: 1.1.19900.2
Kód chyby: 0x80070102
Popis chyby: Vypršel časový limit operace čekání.
Date: 2023-01-21 12:44:30
Description:
Antivirová ochrana v programu Microsoft Defender narazil na chybu při pokusu o aktualizaci bezpečnostních informací.
Nová verze bezpečnostních informací:
Předchozí verze bezpečnostních informací: 1.381.1467.0
Zdroj aktualizace: Server Microsoft Update
Typ bezpečnostních informací: Antivirový program
Typ aktualizace: Úplné
Uživatel: NT AUTHORITY\SYSTEM
Aktuální verze modulu:
Předchozí verze modulu: 1.1.19900.2
Kód chyby: 0x80070102
Popis chyby: Vypršel časový limit operace čekání.
CodeIntegrity:
===============
Date: 2023-01-21 11:29:55
Description:
Code Integrity determined that a process (\Device\HarddiskVolume2\Windows\System32\services.exe) attempted to load \Device\HarddiskVolume2\Program Files\Malwarebytes\Anti-Malware\MBAMService.exe that did not meet the Custom 3 / Antimalware signing level requirements.
Date: 2022-12-10 15:10:56
Description:
Code Integrity determined that a process (\Device\HarddiskVolume2\Windows\System32\svchost.exe) attempted to load \Device\HarddiskVolume2\Program Files (x86)\Kaspersky Lab\Kaspersky Internet Security 21.3\x64\antimalware_provider.dll that did not meet the Windows signing level requirements.
==================== Memory info ===========================
BIOS: Award Software International, Inc. F4 03/09/2011
Motherboard: Gigabyte Technology Co., Ltd. GA-870A-USB3
Processor: AMD Phenom(tm) II X4 955 Processor
Percentage of memory in use: 81%
Total physical RAM: 4093.55 MB
Available physical RAM: 765.45 MB
Total Virtual: 7037.55 MB
Available Virtual: 2818.98 MB
==================== Drives ================================
Drive c: () (Fixed) (Total:930.52 GB) (Free:604.98 GB) (Model: WDC WD10EALX-759BA1 ATA Device) NTFS
\\?\Volume{0008e4fc-0000-0000-0000-100000000000}\ (Rezervováno systémem) (Fixed) (Total:0.49 GB) (Free:0.45 GB) NTFS
\\?\Volume{0008e4fc-0000-0000-0000-d0c0e8000000}\ () (Fixed) (Total:0.5 GB) (Free:0.08 GB) NTFS
==================== MBR & Partition Table ====================
==========================================================
Disk: 0 (MBR Code: Windows 7/8/10) (Size: 931.5 GB) (Disk ID: 0008E4FC)
Partition 1: (Active) - (Size=500 MB) - (Type=07 NTFS)
Partition 2: (Not Active) - (Size=930.5 GB) - (Type=07 NTFS)
Partition 3: (Not Active) - (Size=510 MB) - (Type=27)
==================== End of Addition.txt =======================