Odvirování PC, zrychlení počítače, vzdálená pomoc prostřednictvím služby neslape.cz

prosim o kontolu

Máte problém s virem? Vložte sem log z FRST nebo RSIT.

Moderátor: Moderátoři

Pravidla fóra
Pokud chcete pomoc, vložte log z FRST [návod zde] nebo RSIT [návod zde]

Jednotlivé thready budou po vyřešení uzamčeny. Stejně tak ty, které budou nečinné déle než 14 dní. Vizte Pravidlo o zamykání témat. Děkujeme za pochopení.

!NOVINKA!
Nově lze využívat služby vzdálené pomoci, kdy se k vašemu počítači připojí odborník a bližší informace o problému si od vás získá telefonicky! Více na www.neslape.cz
Zamčeno
Zpráva
Autor
Petkoor1
Návštěvník
Návštěvník
Příspěvky: 4
Registrován: 13 bře 2023 21:26

prosim o kontolu

#1 Příspěvek od Petkoor1 »

spomaleny notebook
Scan result of Farbar Recovery Scan Tool (FRST) (x64) Version: 12-03-2023
Ran by orave (administrator) on DESKTOP-BJE2FMV (Dell Inc. Inspiron 15-3567) (13-03-2023 20:55:38)
Running from C:\Users\orave\Downloads
Loaded Profiles: orave
Platform: Microsoft Windows 10 Home Version 21H2 19044.2486 (X64) Language: Slovenčina (Slovensko)
Default browser not detected!
Boot Mode: Normal

==================== Processes (Whitelisted) =================

(If an entry is included in the fixlist, the process will be closed. The file will not be moved.)

(Autodesk, Inc. -> Autodesk) C:\Users\orave\AppData\Local\Programs\Autodesk\Genuine Service\GenuineService.exe
(Autodesk, Inc. -> Autodesk, Inc.) C:\Program Files (x86)\Autodesk\Autodesk Desktop App\AutodeskDesktopApp.exe
(C:\Program Files (x86)\Autodesk\Autodesk Desktop App\AutodeskDesktopApp.exe ->) (Autodesk, Inc. -> Autodesk) C:\Program Files (x86)\Autodesk\Autodesk Desktop App\AcWebBrowser\AcWebBrowser.exe <2>
(C:\Program Files (x86)\Google\Update\GoogleUpdate.exe ->) (Google LLC -> Google LLC) C:\Program Files (x86)\Google\Update\Install\{7991E8D7-53DA-4C4E-B09E-042025AE118B}\111.0.5563.65_chrome_installer.exe
(C:\Program Files (x86)\Google\Update\Install\{7991E8D7-53DA-4C4E-B09E-042025AE118B}\111.0.5563.65_chrome_installer.exe ->) (Google LLC -> Google LLC) C:\Program Files (x86)\Google\Update\Install\{7991E8D7-53DA-4C4E-B09E-042025AE118B}\CR_872B7.tmp\setup.exe <2>
(C:\Program Files\Google\Chrome\Application\chrome.exe ->) (Google LLC -> Google) C:\Users\orave\AppData\Local\Google\Chrome\User Data\SwReporter\107.294.200\software_reporter_tool.exe <4>
(C:\Program Files\Realtek\Audio\HDA\RtkAudioService64.exe ->) (Realtek Semiconductor Corp. -> Realtek Semiconductor) C:\Program Files\Realtek\Audio\HDA\RAVBg64.exe <2>
(C:\Program Files\Rivet Networks\SmartByte\RAPSService.exe ->) (Rivet Networks LLC -> Rivet Networks LLC) C:\Program Files\Rivet Networks\SmartByte\RAPS.exe
(C:\Program Files\Synaptics\SynTP\SynTPEnhService.exe ->) (Synaptics Incorporated -> Synaptics Incorporated) C:\Program Files\Synaptics\SynTP\SynTPEnh.exe
(C:\ProgramData\Microsoft\Windows Defender\Platform\4.18.2301.6-0\MsMpEng.exe ->) (Microsoft Windows Publisher -> Microsoft Corporation) C:\ProgramData\Microsoft\Windows Defender\Platform\4.18.2301.6-0\MpCopyAccelerator.exe
(DriverStore\FileRepository\cui_dch.inf_amd64_7208949846a9b9dc\igfxCUIService.exe ->) (Intel Corporation -> Intel Corporation) C:\Windows\System32\DriverStore\FileRepository\cui_dch.inf_amd64_7208949846a9b9dc\igfxEM.exe
(DriverStore\FileRepository\u0373239.inf_amd64_f252104aa26b8a69\B371260\atiesrxx.exe ->) (Advanced Micro Devices Inc. -> AMD) C:\Windows\System32\DriverStore\FileRepository\u0373239.inf_amd64_f252104aa26b8a69\B371260\atieclxx.exe
(explorer.exe ->) (Dell Inc.) [File not signed] C:\Program Files\Dell\QuickSet\quickset.exe
(explorer.exe ->) (Google LLC -> Google LLC) C:\Program Files\Google\Chrome\Application\chrome.exe <9>
(explorer.exe ->) (Microsoft Corporation) C:\Program Files\WindowsApps\Microsoft.549981C3F5F10_4.2204.13303.0_x64__8wekyb3d8bbwe\Win32Bridge.Server.exe
(explorer.exe ->) (Realtek Semiconductor Corp. -> Realtek Semiconductor) C:\Program Files\Realtek\Audio\HDA\RtkNGUI64.exe
(explorer.exe ->) (Waves Inc -> Waves Audio Ltd.) C:\Program Files\Waves\MaxxAudio\WavesSvc64.exe
(Google LLC -> Google LLC) C:\Program Files (x86)\Google\Update\1.3.36.152\GoogleCrashHandler.exe <2>
(Google LLC -> Google LLC) C:\Program Files (x86)\Google\Update\1.3.36.152\GoogleCrashHandler64.exe <2>
(Intel(R) Rapid Storage Technology -> Intel Corporation) C:\Program Files\Intel\Intel(R) Rapid Storage Technology\IAStorIcon.exe
(Intel\DPTF\esif_uf.exe ->) (Intel Corporation -> Intel Corporation) C:\Windows\System32\Intel\DPTF\dptf_helper.exe
(services.exe ->) (Advanced Micro Devices Inc. -> AMD) C:\Windows\System32\DriverStore\FileRepository\u0373239.inf_amd64_f252104aa26b8a69\B371260\atiesrxx.exe
(services.exe ->) (Autodesk, Inc. -> Autodesk Inc.) C:\Program Files (x86)\Autodesk\Autodesk Desktop App\AdAppMgrSvc.exe
(services.exe ->) (Autodesk, Inc. -> Autodesk) C:\Program Files (x86)\Common Files\Autodesk Shared\AdskLicensing\10.1.0.3194\AdskLicensingService\AdskLicensingService.exe
(services.exe ->) (Dell Inc -> Dell INC.) C:\Program Files\Dell\SARemediation\agent\DellSupportAssistRemedationService.exe
(services.exe ->) (Dell Inc -> Dell Products, LP.) C:\Program Files (x86)\Dell Digital Delivery\DeliveryService.exe
(services.exe ->) (Dell Inc. -> Dell Inc.) C:\Program Files (x86)\Dell\SupportAssistAgent\bin\SupportAssistAgent.exe
(services.exe ->) (Flexera Software LLC -> Flexera) C:\Program Files (x86)\Common Files\Macrovision Shared\FlexNet Publisher\FNPLicensingService.exe
(services.exe ->) (Intel Corporation -> Intel Corporation) C:\Windows\System32\DriverStore\FileRepository\cui_dch.inf_amd64_7208949846a9b9dc\igfxCUIService.exe
(services.exe ->) (Intel Corporation -> Intel Corporation) C:\Windows\System32\DriverStore\FileRepository\igcc_dch.inf_amd64_9cf4db1a1fd1b22d\OneApp.IGCC.WinService.exe
(services.exe ->) (Intel Corporation -> Intel Corporation) C:\Windows\System32\DriverStore\FileRepository\iigd_dch.inf_amd64_4de65d949492707a\IntelCpHDCPSvc.exe
(services.exe ->) (Intel Corporation -> Intel Corporation) C:\Windows\System32\DriverStore\FileRepository\iigd_dch.inf_amd64_4de65d949492707a\IntelCpHeciSvc.exe
(services.exe ->) (Intel Corporation -> Intel Corporation) C:\Windows\System32\DriverStore\FileRepository\mewmiprov.inf_amd64_cad1db73e8c782a6\WMIRegistrationService.exe
(services.exe ->) (Intel Corporation -> Intel Corporation) C:\Windows\System32\Intel\DPTF\esif_uf.exe
(services.exe ->) (Intel(R) Corporation -> Intel Corporation) C:\Program Files\Intel\IntelSGXPSW\bin\x64\Release\aesm_service.exe
(services.exe ->) (Intel(R) Embedded Subsystems and IP Blocks Group -> Intel Corporation) C:\Windows\System32\DriverStore\FileRepository\dal.inf_amd64_b5484efd38adbe8d\jhi_service.exe
(services.exe ->) (Intel(R) Rapid Storage Technology -> Intel Corporation) C:\Program Files\Intel\Intel(R) Rapid Storage Technology\IAStorDataMgrSvc.exe
(services.exe ->) (Lespeed Technology Co., Ltd -> WiseCleaner.com) C:\Program Files (x86)\Wise\Wise Care 365\BootTime.exe
(services.exe ->) (McAfee, LLC -> McAfee, LLC) C:\Program Files\mcafee\WebAdvisor\servicehost.exe
(services.exe ->) (Microsoft Corporation -> Microsoft Corporation) C:\Program Files\Common Files\microsoft shared\ClickToRun\OfficeClickToRun.exe
(services.exe ->) (Microsoft Corporation -> Microsoft Corporation) C:\Windows\Microsoft.NET\Framework64\v3.0\WPF\PresentationFontCache.exe
(services.exe ->) (Microsoft Windows Hardware Compatibility Publisher -> Advanced Micro Devices, Inc.) C:\Windows\System32\amdfendrsr.exe
(services.exe ->) (Microsoft Windows Publisher -> Microsoft Corporation) C:\ProgramData\Microsoft\Windows Defender\Platform\4.18.2301.6-0\MsMpEng.exe
(services.exe ->) (Microsoft Windows Publisher -> Microsoft Corporation) C:\ProgramData\Microsoft\Windows Defender\Platform\4.18.2301.6-0\NisSrv.exe
(services.exe ->) (Qualcomm Atheros -> Windows (R) Win 7 DDK provider) C:\Windows\System32\drivers\AdminService.exe
(services.exe ->) (Realtek Semiconductor Corp. -> Realtek Semiconductor) C:\Program Files\Realtek\Audio\HDA\RtkAudioService64.exe
(services.exe ->) (Rivet Networks LLC -> Rivet Networks) C:\Program Files\Rivet Networks\SmartByte\SmartByteAnalyticsService.exe
(services.exe ->) (Rivet Networks LLC -> Rivet Networks) C:\Program Files\Rivet Networks\SmartByte\SmartByteNetworkService.exe
(services.exe ->) (Rivet Networks LLC -> Rivet Networks, LLC.) C:\Program Files\Rivet Networks\SmartByte\RAPSService.exe
(services.exe ->) (Synaptics Incorporated -> Synaptics Incorporated) C:\Program Files\Synaptics\SynTP\SynTPEnhService.exe
(services.exe ->) (Techporch Incorporated -> Dell Inc.) C:\Program Files\Dell\DellDataVault\DellDataVault.exe
(services.exe ->) (Techporch Incorporated -> Dell Inc.) C:\Program Files\Dell\DellDataVault\DellDataVaultWiz.exe
(services.exe ->) (Waves Inc -> Waves Audio Ltd.) C:\Program Files\Waves\MaxxAudio\WavesSysSvc64.exe
(svchost.exe ->) (Google LLC -> Google LLC) C:\Program Files (x86)\Google\Update\GoogleUpdate.exe <5>
(svchost.exe ->) (Lespeed Technology Co., Ltd -> WiseCleaner.com) C:\Program Files (x86)\Wise\Wise Care 365\WiseTray.exe
(svchost.exe ->) (Lespeed Technology Co., Ltd -> wisecleaner.com) C:\Program Files (x86)\Wise\Wise Care 365\WiseTurbo.exe
(svchost.exe ->) (Microsoft Corporation -> Microsoft Corporation) C:\Program Files (x86)\Microsoft\EdgeUpdate\MicrosoftEdgeUpdate.exe <4>
(svchost.exe ->) (Microsoft Corporation -> Microsoft Corporation) C:\Program Files\Common Files\microsoft shared\ClickToRun\OfficeC2RClient.exe <2>
(svchost.exe ->) (Microsoft Corporation -> Microsoft Corporation) C:\Users\orave\AppData\Local\Microsoft\OneDrive\OneDriveStandaloneUpdater.exe <2>
(svchost.exe ->) (Microsoft Windows -> Microsoft Corporation) C:\Windows\ImmersiveControlPanel\SystemSettings.exe
(svchost.exe ->) (Microsoft Windows -> Microsoft Corporation) C:\Windows\System32\DeviceCensus.exe
(svchost.exe ->) (Microsoft Windows -> Microsoft Corporation) C:\Windows\System32\dllhost.exe <3>
(svchost.exe ->) (Microsoft Windows -> Microsoft Corporation) C:\Windows\System32\MoUsoCoreWorker.exe
(svchost.exe ->) (Microsoft Windows -> Microsoft Corporation) C:\Windows\System32\MusNotification.exe
(svchost.exe ->) (Opera Norway AS -> Opera Software) C:\Users\orave\AppData\Local\Programs\Opera\launcher.exe <2>
(Synaptics Incorporated -> Synaptics Incorporated) C:\Program Files\Synaptics\SynTP\SynTPHelper.exe

==================== Registry (Whitelisted) ===================

(If an entry is included in the fixlist, the registry item will be restored to default or removed. The file will not be moved.)

HKLM\...\Run: [RTHDVCPL] => C:\Program Files\Realtek\Audio\HDA\RtkNGUI64.exe [11102816 2021-01-22] (Realtek Semiconductor Corp. -> Realtek Semiconductor)
HKLM\...\Run: [QuickSet] => c:\Program Files\Dell\QuickSet\QuickSet.exe [3910656 2017-05-03] (Dell Inc.) [File not signed]
HKLM\...\Run: [IAStorIcon] => C:\Program Files\Intel\Intel(R) Rapid Storage Technology\IAStorIcon.exe [320056 2019-08-13] (Intel(R) Rapid Storage Technology -> Intel Corporation)
HKLM\...\Run: [] => [X]
HKLM\...\Run: [WavesSvc] => C:\Program Files\Waves\MaxxAudio\WavesSvc64.exe [940976 2016-11-19] (Waves Inc -> Waves Audio Ltd.)
HKLM\...\Run: [RtHDVBg_PushButton] => C:\Program Files\Realtek\Audio\HDA\RAVBg64.exe [3618096 2021-01-22] (Realtek Semiconductor Corp. -> Realtek Semiconductor)
HKLM-x32\...\Run: [] => [X]
HKLM-x32\...\Run: [e79d569ba77562f0d4316e586835f0a2] => C:\Program Files\Intel\iCLS Client\\.. [0 ] () <==== ATTENTION [zero byte? (Error=123)]
HKLM-x32\...\Run: [Autodesk Desktop App] => C:\Program Files (x86)\Autodesk\Autodesk Desktop App\AutodeskDesktopApp.exe [589840 2022-07-13] (Autodesk, Inc. -> Autodesk, Inc.)
HKLM-x32\...\Run: [Autodesk Genuine Service ] => C:\Users\orave\AppData\Local\Programs\Autodesk\Genuine Service\GenuineService.exe [1077864 2020-01-02] (Autodesk, Inc. -> Autodesk)
HKU\S-1-5-21-2839459338-1313788641-3629757714-1001\...\Run: [] => [X]
HKU\S-1-5-21-2839459338-1313788641-3629757714-1001\...\Run: [e79d569ba77562f0d4316e586835f0a2] => C:\Program Files\Intel\iCLS Client\\.. [0 ] () <==== ATTENTION [zero byte? (Error=123)]
HKU\S-1-5-21-2839459338-1313788641-3629757714-1001\...\Policies\Explorer: []
HKU\S-1-5-21-2839459338-1313788641-3629757714-1001\...\Policies\Explorer: [NoLowDiskSpaceChecks] 1
HKLM\Software\...\AppCompatFlags\Custom\1602.exe: [{b7082f5b-b3cc-44ac-a030-69ef3e35225d}.sdb] -> GOG.com Anno 1602
HKLM\Software\...\AppCompatFlags\Custom\1602Edit.exe: [{b7082f5b-b3cc-44ac-a030-69ef3e35225d}.sdb] -> GOG.com Anno 1602
HKLM\Software\...\AppCompatFlags\Custom\7k.exe: [{50ccf586-6cea-4070-8a01-2dd031f6098e}.sdb] -> GOG.com Seven Kingdoms
HKLM\Software\...\AppCompatFlags\InstalledSDB\{50ccf586-6cea-4070-8a01-2dd031f6098e}: [DatabasePath] -> C:\WINDOWS\AppPatch\CustomSDB\{50ccf586-6cea-4070-8a01-2dd031f6098e}.sdb [2012-12-31]
HKLM\Software\...\AppCompatFlags\InstalledSDB\{b7082f5b-b3cc-44ac-a030-69ef3e35225d}: [DatabasePath] -> C:\WINDOWS\AppPatch\CustomSDB\{b7082f5b-b3cc-44ac-a030-69ef3e35225d}.sdb [2015-07-28]
HKLM\Software\Microsoft\Active Setup\Installed Components: [{8A69D345-D564-463c-AFF1-A69D9E530F96}] -> C:\Program Files\Google\Chrome\Application\109.0.5414.120\Installer\chrmstp.exe [2023-02-11] (Google LLC -> Google LLC)
HKLM\SOFTWARE\Policies\Mozilla\Firefox: Restriction <==== ATTENTION

==================== Scheduled Tasks (Whitelisted) ============

(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)

Task: {0772AA2B-E723-43B7-BB2B-95A20D800A78} - System32\Tasks\Microsoft\Office\Office Automatic Updates 2.0 => C:\Program Files\Common Files\Microsoft Shared\ClickToRun\OfficeC2RClient.exe [26294704 2023-03-10] (Microsoft Corporation -> Microsoft Corporation)
Task: {0C518199-F01B-42CF-9CB7-16710B002812} - \Microsoft\Windows\EnterpriseMgmt\MDMMaintenenceTask -> No File <==== ATTENTION
Task: {0E5C5313-DE18-4B84-AA84-0FE3C9A33395} - System32\Tasks\RtHDVBg_PushButton => C:\Program Files\Realtek\Audio\HDA\RAVBg64.exe [3618096 2021-01-22] (Realtek Semiconductor Corp. -> Realtek Semiconductor)
Task: {18C400D4-8CA7-47AC-B726-391DBAFD17E0} - System32\Tasks\Microsoft\Office\Office ClickToRun Service Monitor => C:\Program Files\Common Files\Microsoft Shared\ClickToRun\OfficeC2RClient.exe [26294704 2023-03-10] (Microsoft Corporation -> Microsoft Corporation)
Task: {1960F02C-8081-446E-A5BA-D4603FD8C8B1} - \Microsoft\Windows\UpdateOrchestrator\Policy Install -> No File <==== ATTENTION
Task: {1B503796-5F7A-41D9-9C9D-7DBA30B72808} - System32\Tasks\PCDoctorBackgroundMonitorTask => C:\Program Files\Dell\SupportAssist\uaclauncher.exe [1131992 2017-09-14] (Dell Inc. -> PC-Doctor, Inc.)
Task: {231B322D-0D72-4E00-B651-CF0DEF3AE018} - System32\Tasks\Microsoft\Windows\WaaSMedic\MaintenanceWork => {72566E27-1ABB-4EB3-B4F0-EB431CB1CB32}
Task: {2CB7FBF3-7A97-4CF3-A9D9-04A9F7D02FFB} - System32\Tasks\AMDInstallLauncher => C:\Program Files\AMD\CIM\Bin64\InstallManagerApp.exe [1714648 2021-09-02] (Advanced Micro Devices Inc. -> Advanced Micro Devices, Inc.)
Task: {2EEFEEAE-72B3-4A5E-9011-F8AD7EB0E4F4} - \Microsoft\Windows\UpdateOrchestrator\USO_UxBroker_Display -> No File <==== ATTENTION
Task: {3E6720EC-C96D-41E9-8BF6-7A8D26755206} - System32\Tasks\Microsoft\Windows\Windows Defender\Windows Defender Verification => C:\ProgramData\Microsoft\Windows Defender\Platform\4.18.2301.6-0\MpCmdRun.exe [1592184 2023-03-10] (Microsoft Windows Publisher -> Microsoft Corporation)
Task: {41602FA1-CDEF-4E6A-9BB2-982A6FE35839} - System32\Tasks\Opera scheduled Autoupdate 1657048958 => C:\Users\orave\AppData\Local\Programs\Opera\launcher.exe [2518008 2022-07-05] (Opera Norway AS -> Opera Software)
Task: {486C12EA-0CA4-4108-9C4D-B6D5225AEF41} - System32\Tasks\Dell SupportAssistAgent AutoUpdate => C:\Program Files (x86)\Dell\SupportAssistAgent\bin\SupportAssist.exe [41944 2017-04-25] (Dell Inc. -> Dell Inc.)
Task: {4B6926D3-D490-4D93-82CE-D109F1D1BC80} - \Microsoft\Windows\WindowsUpdate\sih -> No File <==== ATTENTION
Task: {5948B97C-26F9-4305-99AA-BF42887C4DC4} - System32\Tasks\GoogleUpdateTaskMachineUA => C:\Program Files (x86)\Google\Update\GoogleUpdate.exe [156232 2021-08-20] (Google LLC -> Google LLC)
Task: {5D9DF6CC-EF79-46C2-8D24-F371250A04F4} - System32\Tasks\SmartByte Telemetry => C:\Program Files\Rivet Networks\SmartByte\SmartByteTelemetry.exe [96520 2021-08-13] (Rivet Networks LLC -> DELL)
Task: {63653774-C97D-4FCB-A6AD-3AEAD1E8F540} - System32\Tasks\Microsoft\Windows\Windows Defender\Windows Defender Cache Maintenance => C:\ProgramData\Microsoft\Windows Defender\Platform\4.18.2301.6-0\MpCmdRun.exe [1592184 2023-03-10] (Microsoft Windows Publisher -> Microsoft Corporation)
Task: {67DD6F44-47F4-42B8-AC39-025D26075115} - System32\Tasks\Microsoft\Office\Office Feature Updates Logon => C:\Program Files (x86)\Microsoft Office\root\Office16\sdxhelper.exe [114656 2023-03-10] (Microsoft Corporation -> Microsoft Corporation)
Task: {7072963F-3763-4E9F-A1F5-DE9703BAE827} - \Microsoft\Windows\Shell\FamilySafetyMonitorToastTask -> No File <==== ATTENTION
Task: {85612FE3-87C2-4449-8CC8-C92A92166063} - \Microsoft\Windows\UpdateOrchestrator\USO_UxBroker_ReadyToReboot -> No File <==== ATTENTION
Task: {86383015-9AED-42F2-B7B2-D7041DDF11DC} - System32\Tasks\Microsoft\Office\Office Feature Updates => C:\Program Files (x86)\Microsoft Office\root\Office16\sdxhelper.exe [114656 2023-03-10] (Microsoft Corporation -> Microsoft Corporation)
Task: {872F971A-9457-4450-9E9E-A4B08F8A474E} - System32\Tasks\Intel PTT EK Recertification => C:\WINDOWS\System32\DriverStore\FileRepository\iclsclient.inf_amd64_76523213b78d9046\lib\IntelPTTEKRecertification.exe [818008 2021-09-15] (Intel Corporation -> Intel(R) Corporation)
Task: {8C55523F-8DA0-4352-A8B3-74FC935F8F9D} - System32\Tasks\Microsoft\Windows\Windows Defender\Windows Defender Scheduled Scan => C:\ProgramData\Microsoft\Windows Defender\Platform\4.18.2301.6-0\MpCmdRun.exe [1592184 2023-03-10] (Microsoft Windows Publisher -> Microsoft Corporation)
Task: {9432995C-F0BC-4B57-AB74-EA12A671A547} - System32\Tasks\PCDDataUploadTask => C:\Program Files\Dell\SupportAssist\uaclauncher.exe [1131992 2017-09-14] (Dell Inc. -> PC-Doctor, Inc.)
Task: {9B966314-729A-4B7A-9863-1F203114749D} - System32\Tasks\GoogleUpdateTaskMachineCore => C:\Program Files (x86)\Google\Update\GoogleUpdate.exe [156232 2021-08-20] (Google LLC -> Google LLC)
Task: {A383AF2C-976B-432D-A78F-534C1ADF72C5} - System32\Tasks\Opera scheduled Autoupdate 1657175813 => C:\Users\orave\AppData\Local\Programs\Opera\launcher.exe [2518008 2022-07-05] (Opera Norway AS -> Opera Software)
Task: {ABCFAB97-9A6D-474A-AE87-91C0F2BE3AC2} - \Microsoft\Windows\UpdateOrchestrator\Maintenance Install -> No File <==== ATTENTION
Task: {BA9843E5-6030-4F55-946F-4B997A1526F3} - System32\Tasks\Wise Care 365.job => C:\Program Files (x86)\Wise\Wise Care 365\WiseTray.exe [8536824 2022-10-17] (Lespeed Technology Co., Ltd -> WiseCleaner.com)
Task: {C1C9B720-9479-4DD4-A545-18F0DDED33A2} - \Microsoft\Windows\UpdateOrchestrator\Combined Scan Download Install -> No File <==== ATTENTION
Task: {CC27E0FC-2CEE-49F6-97DC-663B47B86320} - System32\Tasks\StartCN => C:\Program Files\AMD\CNext\CNext\cncmd.exe [61112 2019-08-19] (Advanced Micro Devices, Inc. -> Advanced Micro Devices, Inc.)
Task: {D5A94481-1B41-4278-A80A-E9E98C684004} - System32\Tasks\SystemToolsDailyTest => C:\Program Files\Dell\SupportAssist\uaclauncher.exe [1131992 2017-09-14] (Dell Inc. -> PC-Doctor, Inc.)
Task: {DC3FE325-7605-4A6D-BB00-9ED56593C139} - System32\Tasks\PCDEventLauncherTask => C:\Program Files\Dell\SupportAssist\sessionchecker.exe [435672 2017-09-14] (Dell Inc. -> PC-Doctor, Inc.)
Task: {DD2C1E2D-40A4-483B-BC28-4E5813F71A7D} - System32\Tasks\Microsoft\Windows\Windows Defender\Windows Defender Cleanup => C:\ProgramData\Microsoft\Windows Defender\Platform\4.18.2301.6-0\MpCmdRun.exe [1592184 2023-03-10] (Microsoft Windows Publisher -> Microsoft Corporation)
Task: {E70CDB3C-7C4C-42A9-AA06-871B283AAEE1} - System32\Tasks\ModifyLinkUpdate => C:\Program Files\AMD\CIM\Bin64\InstallManagerApp.exe [1714648 2021-09-02] (Advanced Micro Devices Inc. -> Advanced Micro Devices, Inc.)
Task: {F8A10523-0B81-4B12-AA6B-1DEE9E85E590} - System32\Tasks\Wise Turbo Checker.job => C:\Program Files (x86)\Wise\Wise Care 365\WiseTurbo.exe [9054968 2022-02-28] (Lespeed Technology Co., Ltd -> wisecleaner.com)
Task: {FB55FC8F-A5EA-40F1-BD34-F1D0876894B8} - System32\Tasks\StartDVR => C:\Program Files\AMD\CNext\CNext\RSServCmd.exe [68280 2019-08-19] (Advanced Micro Devices, Inc. -> Advanced Micro Devices, Inc.)

(If an entry is included in the fixlist, the task (.job) file will be moved. The file which is running by the task will not be moved.)


==================== Internet (Whitelisted) ====================

(If an item is included in the fixlist, if it is a registry item it will be removed or restored to default.)

HKLM\SOFTWARE\Policies\Microsoft\Windows\CurrentVersion\Internet Settings\Zones\3: <==== ATTENTION (Restriction - Zones)
Tcpip\Parameters: [DhcpNameServer] 192.168.2.1
Tcpip\..\Interfaces\{0fe3dbaf-b9d2-4cfe-a16b-8a395c8e4ae8}: [DhcpNameServer] 172.2.1.171
Tcpip\..\Interfaces\{dbb80c8d-e230-400e-b3d1-ea61eef93a31}: [DhcpNameServer] 192.168.2.1

Edge:
=======
Edge Profile: C:\Users\orave\AppData\Local\Microsoft\Edge\User Data\Default [2023-03-05]
Edge Extension: (Edge relevant text changes) - C:\Users\orave\AppData\Local\Microsoft\Edge\User Data\Default\Extensions\jmjflgjpcpepeafmmgdpfkogkghcpiha [2023-02-09]

FireFox:
========
FF Plugin-x32: @microsoft.com/SharePoint,version=14.0 -> C:\Program Files (x86)\Microsoft Office\root\Office16\NPSPWRAP.DLL [2022-11-12] (Microsoft Corporation -> Microsoft Corporation)
FF Plugin-x32: @videolan.org/vlc,version=3.0.16 -> C:\progamy\VLC\npvlc.dll [2021-06-18] (VideoLAN -> VideoLAN)

Chrome:
=======
CHR Profile: C:\Users\orave\AppData\Local\Google\Chrome\User Data\Default [2023-03-13]
CHR Extension: (Platby Internetového obchodu Chrome) - C:\Users\orave\AppData\Local\Google\Chrome\User Data\Default\Extensions\nmmhkkegccagdldgiimedpiccmgmieda [2021-08-20]

==================== Services (Whitelisted) ===================

(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)

R2 AdAppMgrSvc; C:\Program Files (x86)\Autodesk\Autodesk Desktop App\AdAppMgrSvc.exe [1166352 2022-07-13] (Autodesk, Inc. -> Autodesk Inc.)
R2 AdskLicensingService; C:\Program Files (x86)\Common Files\Autodesk Shared\AdskLicensing\Current\AdskLicensingService\AdskLicensingService.exe [16930616 2019-12-18] (Autodesk, Inc. -> Autodesk)
R2 ClickToRunSvc; C:\Program Files\Common Files\Microsoft Shared\ClickToRun\OfficeClickToRun.exe [12512256 2023-03-10] (Microsoft Corporation -> Microsoft Corporation)
R2 Dell SupportAssist Remediation; C:\Program Files\Dell\SARemediation\agent\DellSupportAssistRemedationService.exe [21400 2022-03-23] (Dell Inc -> Dell INC.)
S2 DellClientManagementService; C:\Program Files (x86)\Dell\UpdateService\ServiceShell.exe [35976 2018-11-12] (Dell Inc -> )
R2 DellDataVault; C:\Program Files\Dell\DellDataVault\DellDataVault.exe [2572024 2017-04-11] (Techporch Incorporated -> Dell Inc.)
R2 DellDataVaultWiz; C:\Program Files\Dell\DellDataVault\DellDataVaultWiz.exe [202488 2017-04-11] (Techporch Incorporated -> Dell Inc.)
R2 McAfee WebAdvisor; C:\Program Files\McAfee\WebAdvisor\ServiceHost.exe [971504 2021-09-21] (McAfee, LLC -> McAfee, LLC)
R2 RAPSService; C:\Program Files\Rivet Networks\SmartByte\RAPSService.exe [66296 2021-08-13] (Rivet Networks LLC -> Rivet Networks, LLC.)
S3 RNDBWM; C:\Program Files\Rivet Networks\SmartByte\RNDBWMService.exe [66296 2021-08-13] (Rivet Networks LLC -> Rivet Networks, LLC.)
R2 SmartByte Analytics Service; C:\Program Files\Rivet Networks\SmartByte\SmartByteAnalyticsService.exe [1633040 2021-08-13] (Rivet Networks LLC -> Rivet Networks)
R2 SmartByte Network Service x64; C:\Program Files\Rivet Networks\SmartByte\SmartByteNetworkService.exe [2390800 2021-08-13] (Rivet Networks LLC -> Rivet Networks)
R2 SupportAssistAgent; C:\Program Files (x86)\Dell\SupportAssistAgent\bin\SupportAssistAgent.exe [32728 2017-04-25] (Dell Inc. -> Dell Inc.)
R3 WdNisSvc; C:\ProgramData\Microsoft\Windows Defender\Platform\4.18.2301.6-0\NisSrv.exe [3191256 2023-03-10] (Microsoft Windows Publisher -> Microsoft Corporation)
R2 WinDefend; C:\ProgramData\Microsoft\Windows Defender\Platform\4.18.2301.6-0\MsMpEng.exe [133576 2023-03-10] (Microsoft Windows Publisher -> Microsoft Corporation)
R2 WiseBootAssistant; C:\Program Files (x86)\Wise\Wise Care 365\BootTime.exe [658224 2021-08-26] (Lespeed Technology Co., Ltd -> WiseCleaner.com)

===================== Drivers (Whitelisted) ===================

(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)

R3 AMDSAFD; C:\WINDOWS\System32\DriverStore\FileRepository\amdsafd.inf_amd64_8e2568524f674315\amdsafd.sys [100768 2021-03-29] (Microsoft Windows Hardware Compatibility Publisher -> Advanced Micro Devices)
R3 AMDXE; C:\WINDOWS\System32\drivers\amdxe.sys [62056 2020-07-27] (Advanced Micro Devices, Inc. -> Advanced Micro Devices, Inc.)
R3 DDDriver; C:\WINDOWS\system32\drivers\DDDriver64Dcsa.sys [32960 2017-04-11] (Techporch Incorporated -> Dell Inc.)
R3 DellProf; C:\WINDOWS\system32\drivers\DellProf.sys [32568 2017-04-11] (Techporch Incorporated -> Dell Computer Corporation)
S3 dg_ssudbus; C:\WINDOWS\System32\drivers\ssudbus2.sys [160376 2021-10-08] (Samsung Electronics Co., Ltd. -> Samsung Electronics Co., Ltd.)
R2 DpmLiteDrv; c:\Program Files\Dell\QuickSet\DpmLiteDrv64.sys [15080 2014-10-15] (Wistron Corporation -> Wistron Corp.)
S3 dtlitescsibus; C:\WINDOWS\System32\drivers\dtlitescsibus.sys [42256 2019-09-06] (AVB Disc Soft, SIA -> Disc Soft Ltd)
S3 dtliteusbbus; C:\WINDOWS\System32\drivers\dtliteusbbus.sys [59360 2019-09-06] (AVB Disc Soft, SIA -> Disc Soft Ltd)
S3 dtsoftbus01; C:\WINDOWS\System32\drivers\dtsoftbus01.sys [271424 2020-01-08] (DT Soft Ltd -> DT Soft Ltd)
S3 dtultrascsibus; C:\WINDOWS\System32\drivers\dtultrascsibus.sys [42256 2021-03-26] (AVB Disc Soft, SIA -> Disc Soft Ltd)
R3 MpKsl948a9e8e; C:\ProgramData\Microsoft\Windows Defender\Definition Updates\{D1D244CD-FB73-414D-930A-706EAAB8134C}\MpKslDrv.sys [214280 2023-03-10] (Microsoft Windows -> Microsoft Corporation)
S3 MpKsld7e0859c; C:\ProgramData\Microsoft\Windows Defender\Definition Updates\{D1D244CD-FB73-414D-930A-706EAAB8134C}\MpKslDrv.sys [214280 2023-03-10] (Microsoft Windows -> Microsoft Corporation)
R3 SmbCoSvc; C:\WINDOWS\system32\DRIVERS\SmbCo10X64.sys [166032 2021-08-13] (Intel Corporation -> Rivet Networks, LLC.)
S0 WdBoot; C:\WINDOWS\System32\drivers\wd\WdBoot.sys [49576 2023-03-10] (Microsoft Windows Early Launch Anti-malware Publisher -> Microsoft Corporation)
S3 WDC_SAM; C:\WINDOWS\System32\drivers\wdcsam64.sys [35584 2018-02-26] (WDKTestCert wdclab,130885612892544312 -> Western Digital Technologies, Inc.)
R0 WdFilter; C:\WINDOWS\System32\drivers\wd\WdFilter.sys [473336 2023-03-10] (Microsoft Windows -> Microsoft Corporation)
R3 WdNisDrv; C:\WINDOWS\System32\drivers\wd\WdNisDrv.sys [99576 2023-03-10] (Microsoft Windows -> Microsoft Corporation)
S3 WiseHDInfo; C:\WINDOWS\WiseHDInfo64.dll [33864 2023-02-08] (Beijing Lang Xingda Network Technology Co., Ltd -> wisecleaner.com)

==================== NetSvcs (Whitelisted) ===================

(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)


==================== One month (created) (Whitelisted) =========

(If an entry is included in the fixlist, the file/folder will be moved.)

2023-03-13 20:55 - 2023-03-13 21:01 - 000027138 _____ C:\Users\orave\Downloads\FRST.txt
2023-03-13 20:53 - 2023-03-13 20:58 - 000000000 ____D C:\FRST
2023-03-13 20:52 - 2023-03-13 20:53 - 002378752 _____ (Farbar) C:\Users\orave\Downloads\FRST64.exe
2023-03-10 18:58 - 2023-03-10 18:59 - 000353792 _____ C:\WINDOWS\system32\FNTCACHE.DAT
2023-03-10 18:58 - 2023-03-10 18:58 - 848201981 _____ C:\WINDOWS\MEMORY.DMP
2023-03-10 18:58 - 2023-03-10 18:58 - 000000000 _____ C:\WINDOWS\Minidump\031023-96234-01.dmp
2023-03-10 18:42 - 2023-03-10 18:42 - 000000000 ___HD C:\$WinREAgent
2023-03-10 18:38 - 2023-03-13 20:56 - 000000000 ___HD C:\Users\orave\Downloads\.opera
2023-03-05 07:59 - 2023-03-05 07:59 - 000003800 _____ C:\WINDOWS\system32\Tasks\Wise Turbo Checker.job
2023-03-05 07:59 - 2023-03-05 07:59 - 000003636 _____ C:\WINDOWS\system32\Tasks\Wise Care 365.job
2023-02-11 13:03 - 2023-02-11 13:05 - 000000444 _____ C:\WINDOWS\system32\Drivers\etc\hosts.ics

==================== One month (modified) ==================

(If an entry is included in the fixlist, the file/folder will be moved.)

2023-03-13 20:58 - 2019-12-07 10:14 - 000000000 ____D C:\ProgramData\regid.1991-06.com.microsoft
2023-03-13 20:56 - 2022-07-06 20:22 - 000000000 ___HD C:\Users\orave\.opera
2023-03-13 20:54 - 2021-08-20 10:12 - 000000000 ____D C:\Program Files (x86)\Google
2023-03-13 20:50 - 2022-10-07 19:03 - 000003126 _____ C:\WINDOWS\system32\Tasks\AMDInstallLauncher
2023-03-10 23:33 - 2021-08-20 09:59 - 000000000 ____D C:\Users\orave\AppData\Local\D3DSCache
2023-03-10 23:31 - 2019-12-07 10:13 - 000000000 ____D C:\WINDOWS\INF
2023-03-10 23:22 - 2021-08-20 10:04 - 000000000 ___RD C:\Users\orave\OneDrive
2023-03-10 23:21 - 2022-07-07 07:38 - 000000000 ____D C:\Users\orave\AppData\Local\CrashDumps
2023-03-10 23:19 - 2023-02-08 13:14 - 000000000 ____D C:\Users\orave\AppData\Roaming\Wise Care 365
2023-03-10 23:18 - 2021-08-20 09:59 - 000000000 __SHD C:\Users\orave\IntelGraphicsProfiles
2023-03-10 23:08 - 2021-08-20 09:52 - 000000000 ____D C:\Users\orave
2023-03-10 23:05 - 2017-08-09 11:29 - 000000000 ____D C:\Program Files (x86)\Microsoft Office
2023-03-10 22:58 - 2021-08-19 22:53 - 000000000 ____D C:\Intel
2023-03-10 22:58 - 2021-08-19 22:48 - 000000006 ____H C:\WINDOWS\Tasks\SA.DAT
2023-03-10 22:58 - 2021-08-19 22:47 - 000008192 ___SH C:\DumpStack.log.tmp
2023-03-10 22:58 - 2021-08-19 22:47 - 000000000 ____D C:\WINDOWS\system32\SleepStudy
2023-03-10 22:58 - 2019-12-07 10:14 - 000000000 ____D C:\WINDOWS\ServiceState
2023-03-10 18:58 - 2022-01-18 18:38 - 000000000 ____D C:\WINDOWS\Minidump
2023-03-10 18:41 - 2021-08-19 22:48 - 000000000 ____D C:\WINDOWS\system32\Drivers\wd
2023-03-10 18:38 - 2021-08-19 22:51 - 000003632 _____ C:\WINDOWS\system32\Tasks\MicrosoftEdgeUpdateTaskMachineUA
2023-03-10 18:38 - 2021-08-19 22:51 - 000003508 _____ C:\WINDOWS\system32\Tasks\MicrosoftEdgeUpdateTaskMachineCore
2023-03-10 18:36 - 2022-05-04 22:21 - 000002373 _____ C:\Users\orave\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\OneDrive.lnk
2023-03-10 18:36 - 2021-12-31 10:56 - 000003592 _____ C:\WINDOWS\system32\Tasks\OneDrive Reporting Task-S-1-5-21-2839459338-1313788641-3629757714-1001
2023-03-10 18:36 - 2021-08-20 10:04 - 000003380 _____ C:\WINDOWS\system32\Tasks\OneDrive Standalone Update Task-S-1-5-21-2839459338-1313788641-3629757714-1001
2023-03-05 07:36 - 2021-08-20 10:18 - 000000000 ____D C:\Filmy
2023-03-05 07:36 - 2021-08-20 08:43 - 000005986 _____ C:\WINDOWS\system32\PerfStringBackup.INI
2023-03-03 09:39 - 2021-08-26 18:27 - 000000000 ____D C:\Users\orave\AppData\Roaming\vlc
2023-02-11 21:36 - 2019-12-07 10:14 - 000000000 ____D C:\WINDOWS\LiveKernelReports
2023-02-11 16:54 - 2019-12-07 10:14 - 000000000 ___HD C:\Program Files\WindowsApps
2023-02-11 16:54 - 2019-12-07 10:14 - 000000000 ____D C:\WINDOWS\AppReadiness
2023-02-11 12:24 - 2021-08-20 10:14 - 000002261 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Google Chrome.lnk
2023-02-11 12:24 - 2021-08-20 10:14 - 000002220 _____ C:\Users\Public\Desktop\Google Chrome.lnk
2023-02-11 12:20 - 2021-08-19 22:53 - 000002446 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Microsoft Edge.lnk

==================== SigCheck ============================

(There is no automatic fix for files that do not pass verification.)

==================== End of FRST.txt ========================
Additional scan result of Farbar Recovery Scan Tool (x64) Version: 12-03-2023
Ran by orave (13-03-2023 21:07:39)
Running from C:\Users\orave\Downloads
Microsoft Windows 10 Home Version 21H2 19044.2486 (X64) (2021-08-20 07:57:50)
Boot Mode: Normal
==========================================================


==================== Accounts: =============================


(If an entry is included in the fixlist, it will be removed.)

Administrator (S-1-5-21-2839459338-1313788641-3629757714-500 - Administrator - Disabled)
DefaultAccount (S-1-5-21-2839459338-1313788641-3629757714-503 - Limited - Disabled)
Guest (S-1-5-21-2839459338-1313788641-3629757714-501 - Limited - Disabled)
orave (S-1-5-21-2839459338-1313788641-3629757714-1001 - Administrator - Enabled) => C:\Users\orave
WDAGUtilityAccount (S-1-5-21-2839459338-1313788641-3629757714-504 - Limited - Disabled)

==================== Security Center ========================

(If an entry is included in the fixlist, it will be removed.)

AV: Windows Defender (Enabled - Up to date) {D68DDC3A-831F-4fae-9E44-DA132C1ACF46}
AS: Windows Defender (Enabled - Up to date) {D68DDC3A-831F-4fae-9E44-DA132C1ACF46}
AS: McAfee VirusScan (Disabled - Up to date) {30AC4D1E-F45E-3AA6-6448-D23DAB3B5501}

==================== Installed Programs ======================

(Only the adware programs with "Hidden" flag could be added to the fixlist to unhide them. The adware programs should be uninstalled manually.)

AMD Settings - Branding (HKLM\...\{332F6F5E-567E-4D7B-8288-2ADA89A8DFB7}) (Version: 1.00.0000 - Advanced Micro Devices, Inc.) Hidden
AMD Software (HKLM\...\AMD Catalyst Install Manager) (Version: 21.09.04.04 - Advanced Micro Devices, Inc.)
Anno 1602 - Creation of a New World (HKLM-x32\...\1438168222_is1) (Version: 2.0.0.6 - GOG.com)
AutoCAD 2021 – Čeština (Czech) (HKLM\...\{28B89EEF-4101-0405-2102-CF3F3A09B77D}) (Version: 24.0.47.0 - Autodesk) Hidden
AutoCAD 2021 - English (HKLM\...\{28B89EEF-4101-0409-2102-CF3F3A09B77D}) (Version: 24.0.47.0 - Autodesk) Hidden
Autodesk App Manager 2020-2021 (HKLM-x32\...\{DB92FEA7-F78C-469E-B138-E2303220F0C4}) (Version: 3.1.0 - Autodesk)
Autodesk AutoCAD 2021 - English (HKLM\...\AutoCAD 2021 - English) (Version: 24.0.47.0 - Autodesk)
Autodesk AutoCAD 2021 Language Pack – Čeština (Czech) (HKLM\...\AutoCAD 2021 – Čeština (Czech)) (Version: 24.0.47.0 - Autodesk)
Autodesk Desktop App (HKLM-x32\...\Autodesk Desktop App) (Version: 8.5.0.17 - Autodesk)
Autodesk Featured Apps 2020-2021 (HKLM-x32\...\{2CBD494D-0A3E-4CB3-AFB3-8CE1734613B0}) (Version: 3.1.0 - Autodesk)
Autodesk Genuine Service (HKLM-x32\...\{54A00624-3EF9-49A2-92A9-7244EADD0212}) (Version: 3.2.18 - Autodesk)
Autodesk Material Library 2021 (HKLM-x32\...\{6774FD60-7D4B-4D57-BE56-2702A07C9701}) (Version: 19.1.22.0 - Autodesk)
Autodesk Material Library Base Resolution Image Library 2021 (HKLM-x32\...\{6EFAD582-86C1-4AB2-97C5-2070D0B90E08}) (Version: 19.1.22.0 - Autodesk)
Autodesk Save to Web and Mobile (HKLM\...\{A9005AC0-4AD8-4E84-B1F7-EE38BB6BCC2D}) (Version: 3.0.26 - Autodesk)
Autodesk Single Sign On Component (HKLM\...\{951BB060-1350-4C93-BD83-D966C51D4005}) (Version: 11.2.0.1802 - Autodesk)
Call of Duty - World at War verze 1.7 (HKLM-x32\...\{2126C3DC-16F3-4BFE-96D0-44441D85EB7E}_is1) (Version: 1.7 - tomi2k9)
Crash Bandicoot Collection 2016 (HKLM-x32\...\Crash Bandicoot Collection 2016) (Version: - )
Dell Digital Delivery (HKLM-x32\...\{7294961D-6EC1-4418-9017-0180A0C78A91}) (Version: 3.2.1006.0 - Dell Products, LP)
Dell SupportAssist (HKLM\...\PC-Doctor for Windows) (Version: 2.0.6875.668 - Dell)
Dell SupportAssist OS Recovery Plugin for Dell Update (HKLM\...\{08E7C8D5-F2B5-4F09-B0EA-F28913BEFDB0}) (Version: 5.5.1.16143 - Dell Inc.) Hidden
Dell SupportAssist OS Recovery Plugin for Dell Update (HKLM-x32\...\{2a8bafd6-22ae-4d0e-87a4-686b2a4a2ab0}) (Version: 5.5.1.16143 - Dell Inc.)
Dell SupportAssist Remediation (HKLM\...\{7CA33C94-C7F2-4E31-8F9D-09D03FE0319C}) (Version: 5.5.2.16157 - Dell Inc.) Hidden
Dell SupportAssist Remediation (HKLM-x32\...\{85c0b416-3065-407c-9fd8-a1e41780153a}) (Version: 5.5.2.16157 - Dell Inc.)
Dell SupportAssistAgent (HKLM-x32\...\{A10101BE-714B-42EE-B88B-5D3725B61425}) (Version: 1.4.2.2 - Dell)
Dell Touchpad (HKLM\...\SynTPDeinstKey) (Version: 19.2.17.70 - Synaptics Incorporated)
Dell Update (HKLM-x32\...\{5EBBC1DA-975F-44A0-B438-F325BCD45577}) (Version: 3.0.1 - Dell Inc.)
Dell WLAN and Bluetooth Client Installation (HKLM-x32\...\{28006915-2739-4EBE-B5E8-49B25D32EB33}) (Version: 10.0 - Dell Inc.)
Disney's Hercules Action Game (HKLM-x32\...\1117508714_is1) (Version: 1.0 - GOG.com)
Drakensang Online (HKLM-x32\...\Drakensang Online) (Version: - )
GOG.com Seven Kingdoms (HKLM\...\{50ccf586-6cea-4070-8a01-2dd031f6098e}.sdb) (Version: - )
Google Chrome (HKLM-x32\...\Google Chrome) (Version: 109.0.5414.120 - Google LLC)
GTA San Andreas (HKLM-x32\...\{D417C96A-FCC7-4590-A1BB-FAF73F5BC98E}) (Version: 1.00.00001 - Rockstar Games)
Heroes of Might and Magic 2 Gold (HKLM-x32\...\1207658785_is1) (Version: 1.01 (2.1) - GOG.com)
Intel(R) Dynamic Platform and Thermal Framework (HKLM-x32\...\{654EE65D-FAA4-4EA6-8C07-DC94E6A304D4}) (Version: 8.3.10209.6897 - Intel Corporation)
Intel(R) HID Event Filter (HKLM-x32\...\3FB06EEC-013D-4366-9918-71B97DFB84EB) (Version: 1.1.0.317 - Intel Corporation)
Intel(R) Chipset Device Software (HKLM\...\{81520FC5-3518-40E9-9803-70CE8A801D07}) (Version: 10.1.1.38 - Intel Corporation) Hidden
Intel(R) Management Engine Components (HKLM\...\{09DAB6B6-FBEF-4AC5-AE93-BFF01A0B796D}) (Version: 1.0.0.0 - Intel Corporation) Hidden
Intel(R) Management Engine Components (HKLM\...\{1CEAC85D-2590-4760-800F-8DE5E91F3700}) (Version: 1846.12.0.1177 - Intel Corporation)
Intel(R) Management Engine Components (HKLM\...\{B557A9A1-D64B-43D7-B598-F7BAAE897CF3}) (Version: 1.0.0.0 - Intel Corporation) Hidden
Intel(R) Management Engine Driver (HKLM\...\{3479FCE3-F7D2-4980-819A-767941440932}) (Version: 1.0.0.0 - Intel Corporation) Hidden
Intel(R) Rapid Storage Technology (HKLM\...\{409CB30E-E457-4008-9B1A-ED1B9EA21140}) (Version: 16.8.3.1004 - Intel Corporation)
Intel(R) Rapid Storage Technology (HKLM\...\{41FDC0C7-CCD6-4E38-AECE-2AA14A197702}) (Version: 16.8.3.1004 - Intel Corporation) Hidden
Intel(R) Trusted Connect Service Client x64 (HKLM\...\{C9552825-7BF2-4344-BA91-D3CD46F4C442}) (Version: 1.50.638.1 - Intel Corporation) Hidden
Intel(R) Trusted Connect Service Client x86 (HKLM-x32\...\{C9552825-7BF2-4344-BA91-D3CD46F4C441}) (Version: 1.50.638.1 - Intel Corporation) Hidden
Intel(R) Trusted Connect Services Client (HKLM-x32\...\{99ee3c29-c7cd-450f-8db9-d43cc49de1c7}) (Version: 1.50.638.1 - Intel Corporation) Hidden
Intel® Chipset Device Software (HKLM-x32\...\{bb0592a7-5772-4736-9d55-2402740085db}) (Version: 10.1.1.38 - Intel(R) Corporation) Hidden
Intel® Software Guard Extensions Platform Software (HKLM\...\{06F94C28-DE1D-485F-AD91-333ACEB3F52D}) (Version: 1.6.100.32677 - Intel Corporation)
Jurassic War version 1.05E (HKLM-x32\...\{A0BCAA75-2898-4AD3-B3A4-27C86CA875D5}_is1) (Version: 1.05E - )
Magic ISO Maker v5.5 (build 0281) (HKLM-x32\...\Magic ISO Maker v5.5 (build 0281)) (Version: - )
Maxx Audio Installer (x64) (HKLM\...\{307032B2-6AF2-46D7-B933-62438DEB2B9A}) (Version: 2.7.8942.2 - Waves Audio Ltd.) Hidden
Microsoft 365 - cs-cz (HKLM\...\O365HomePremRetail - cs-cz) (Version: 16.0.16130.20218 - Microsoft Corporation)
Microsoft Edge (HKLM-x32\...\Microsoft Edge) (Version: 110.0.1587.41 - Microsoft Corporation)
Microsoft Edge WebView2 Runtime (HKLM-x32\...\Microsoft EdgeWebView) (Version: 109.0.1518.78 - Microsoft Corporation)
Microsoft OneDrive (HKU\.DEFAULT\...\OneDriveSetup.exe) (Version: 18.151.0729.0013 - Microsoft Corporation)
Microsoft OneDrive (HKU\S-1-5-21-2839459338-1313788641-3629757714-1001\...\OneDriveSetup.exe) (Version: 23.043.0226.0001 - Microsoft Corporation)
Microsoft Update Health Tools (HKLM\...\{89581302-705F-42C5-99B0-E368A845DAD5}) (Version: 3.70.0.0 - Microsoft Corporation)
Microsoft VC++ redistributables repacked. (HKLM\...\{B81577B2-3AD0-4AFD-A19C-87F673C09D0C}) (Version: 12.0.0.0 - Intel Corporation) Hidden
Microsoft VC++ redistributables repacked. (HKLM-x32\...\{62678770-F459-4903-83E3-A2968F6CC242}) (Version: 12.0.0.0 - Intel Corporation) Hidden
Microsoft Visual C++ 2005 Redistributable (x64) (HKLM\...\{ad8a2fa1-06e7-4b0d-927d-6e54b3d31028}) (Version: 8.0.61000 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.17 (HKLM-x32\...\{9A25302D-30C0-39D9-BD6F-21E6EC160475}) (Version: 9.0.30729 - Microsoft Corporation)
Microsoft Visual C++ 2012 Redistributable (x64) - 11.0.61030 (HKLM-x32\...\{ca67548a-5ebe-413a-b50c-4b9ceb6d66c6}) (Version: 11.0.61030.0 - Microsoft Corporation)
Microsoft Visual C++ 2012 Redistributable (x86) - 11.0.60610 (HKLM-x32\...\{95716cce-fc71-413f-8ad5-56c2892d4b3a}) (Version: 11.0.60610.1 - Microsoft Corporation)
Microsoft Visual C++ 2012 Redistributable (x86) - 11.0.61030 (HKLM-x32\...\{33d1fd90-4274-48a1-9bc1-97e33d9c2d6f}) (Version: 11.0.61030.0 - Microsoft Corporation)
Microsoft Visual C++ 2012 x64 Additional Runtime - 11.0.61030 (HKLM\...\{37B8F9C7-03FB-3253-8781-2517C99D7C00}) (Version: 11.0.61030 - Microsoft Corporation) Hidden
Microsoft Visual C++ 2012 x64 Minimum Runtime - 11.0.61030 (HKLM\...\{CF2BEA3C-26EA-32F8-AA9B-331F7E34BA97}) (Version: 11.0.61030 - Microsoft Corporation) Hidden
Microsoft Visual C++ 2012 x86 Additional Runtime - 11.0.61030 (HKLM-x32\...\{B175520C-86A2-35A7-8619-86DC379688B9}) (Version: 11.0.61030 - Microsoft Corporation) Hidden
Microsoft Visual C++ 2012 x86 Minimum Runtime - 11.0.61030 (HKLM-x32\...\{BD95A8CD-1D9F-35AD-981A-3E7925026EBB}) (Version: 11.0.61030 - Microsoft Corporation) Hidden
Microsoft Visual C++ 2013 Redistributable (x64) - 12.0.30501 (HKLM-x32\...\{050d4fc8-5d48-4b8f-8972-47c82c46020f}) (Version: 12.0.30501.0 - Microsoft Corporation)
Microsoft Visual C++ 2013 x64 Additional Runtime - 12.0.21005 (HKLM\...\{929FBD26-9020-399B-9A7A-751D61F0B942}) (Version: 12.0.21005 - Microsoft Corporation) Hidden
Microsoft Visual C++ 2013 x64 Minimum Runtime - 12.0.21005 (HKLM\...\{A749D8E6-B613-3BE3-8F5F-045C84EBA29B}) (Version: 12.0.21005 - Microsoft Corporation) Hidden
Microsoft Visual C++ 2015-2019 Redistributable (x64) - 14.25.28508 (HKLM-x32\...\{6913e92a-b64e-41c9-a5e6-cef39207fe89}) (Version: 14.25.28508.3 - Microsoft Corporation)
Microsoft Visual C++ 2015-2019 Redistributable (x86) - 14.24.28127 (HKLM-x32\...\{e31cb1a4-76b5-46a5-a084-3fa419e82201}) (Version: 14.24.28127.4 - Microsoft Corporation)
Microsoft Visual C++ 2019 X64 Additional Runtime - 14.25.28508 (HKLM\...\{7D0B74C2-C3F8-4AF1-940F-CD79AB4B2DCE}) (Version: 14.25.28508 - Microsoft Corporation) Hidden
Microsoft Visual C++ 2019 X64 Minimum Runtime - 14.25.28508 (HKLM\...\{EEA66967-97E2-4561-A999-5C22E3CDE428}) (Version: 14.25.28508 - Microsoft Corporation) Hidden
Microsoft Visual C++ 2019 X86 Additional Runtime - 14.24.28127 (HKLM-x32\...\{EAC73207-74BD-4B13-AACF-8C0E751FA4E8}) (Version: 14.24.28127 - Microsoft Corporation) Hidden
Microsoft Visual C++ 2019 X86 Minimum Runtime - 14.24.28127 (HKLM-x32\...\{2E72FA1F-BADB-4337-B8AE-F7C17EC57D1D}) (Version: 14.24.28127 - Microsoft Corporation) Hidden
nanoCAD 5.0 (HKLM-x32\...\{6D4250F7-DB33-4530-A9BD-A9D66BA34586}) (Version: 5.0.2520.2000 - Nanosoft)
OEM Application Profile (HKLM-x32\...\{12C2AEB0-ED60-4CCF-DD83-C65BC7CCFB50}) (Version: 1.00.0000 - Advanced Micro Devices, Inc.)
OEM Application Profile (HKLM-x32\...\{B4B7FD8F-06FC-E277-4F29-8F75F8281D8F}) (Version: 1.00.0000 - Advanced Micro Devices, Inc.)
Office 16 Click-to-Run Extensibility Component (HKLM-x32\...\{90160000-008C-0000-0000-0000000FF1CE}) (Version: 16.0.16130.20218 - Microsoft Corporation) Hidden
Office 16 Click-to-Run Extensibility Component 64-bit Registration (HKLM\...\{90160000-00DD-0000-1000-0000000FF1CE}) (Version: 16.0.16130.20218 - Microsoft Corporation) Hidden
Office 16 Click-to-Run Licensing Component (HKLM\...\{90160000-008F-0000-1000-0000000FF1CE}) (Version: 16.0.16130.20218 - Microsoft Corporation) Hidden
Office 16 Click-to-Run Localization Component (HKLM-x32\...\{90160000-008C-0405-0000-0000000FF1CE}) (Version: 16.0.12527.22021 - Microsoft Corporation) Hidden
Prince of Persia The Forgotten Sands™ (HKLM-x32\...\{EAEAAF8C-8E86-4CAC-AC08-1A33EDCA34AC}) (Version: 1.0 - Ubisoft)
Qualcomm 11ac Wireless LAN&Bluetooth Installer (HKLM-x32\...\{E7086B15-806E-4519-A876-DBA9FDDE9A13}) (Version: 11.0.0.10454 - Qualcomm)
QuickSet64 (HKLM\...\{87CF757E-C1F1-4D22-865C-00C6950B5258}) (Version: 11.1.40 - Dell Inc.)
Realtek Audio Driver (HKLM-x32\...\{F132AF7F-7BCA-4EDE-8A7C-958108FE7DBC}) (Version: 6.0.9107.1 - Realtek Semiconductor Corp.)
Realtek Card Reader (HKLM-x32\...\{5BC2B5AB-80DE-4E83-B8CF-426902051D0A}) (Version: 10.0.18362.31252 - Realtek Semiconductor Corp.)
Rome - Total War Anthology (HKLM-x32\...\InstallShield_{29BA43D8-07F9-4D78-A682-91BAAA98A302}) (Version: 1.00.0000 - CD Projekt)
Seven Kingdoms - Ancient Adversaries (HKLM-x32\...\GOGPACKSEVENKINGDOMSAA_is1) (Version: 2.0.0.5 - GOG.com)
Seven Kingdoms II HD (HKLM-x32\...\1207658723_is1) (Version: 2.10E - GOG.com)
SmartByte Drivers and Services (HKLM\...\{A0CDAD3D-0329-4E3E-8DC1-30E333D6564D}) (Version: 3.1.995 - Meno vašej spoločnosti)
Spellcross CZ verze 1.07 (HKLM-x32\...\{7492527E-BE25-4F34-B560-5EB2EB457C96}_is1) (Version: 1.07 - )
Ubisoft Game Launcher (HKLM-x32\...\{888F1505-C2B3-4FDE-835D-36353EBD4754}) (Version: 1.0.0.0 - UBISOFT)
Update for Windows 10 for x64-based Systems (KB5001716) (HKLM\...\{82BD0A1C-815F-487F-9AE7-CE73DA413CFF}) (Version: 4.91.0.0 - Microsoft Corporation)
VLC media player (HKLM-x32\...\VLC media player) (Version: 3.0.16 - VideoLAN)
Vulkan Run Time Libraries 1.0.33.0 (HKLM\...\VulkanRT1.0.33.0) (Version: 1.0.33.0 - LunarG, Inc.)
Vulkan Run Time Libraries 1.0.39.1 (HKLM\...\VulkanRT1.0.39.1) (Version: 1.0.39.1 - LunarG, Inc.)
Vulkan Run Time Libraries 1.0.65.1 (HKLM\...\VulkanRT1.0.65.1) (Version: 1.0.65.1 - LunarG, Inc.) Hidden
Warcraft III (HKLM-x32\...\Warcraft III) (Version: - )
Warcraft III: All Products (HKU\S-1-5-21-2839459338-1313788641-3629757714-1001\...\Warcraft III) (Version: - )
Windows Kontrola stavu počítača (HKLM\...\{8D6B9DC1-A437-41E0-8DF1-9F37748394AE}) (Version: 3.6.2204.08001 - Microsoft Corporation)
WinRAR 6.02 (64-bit) (HKLM\...\WinRAR archiver) (Version: 6.02.0 - win.rar GmbH)
Wise Care 365 6.4.4 (HKLM-x32\...\Wise Care 365_is1) (Version: 6.4.4 - WiseCleaner.com, Inc.)

Packages:
=========
AMD Radeon Software -> C:\Program Files\WindowsApps\AdvancedMicroDevicesInc-2.AMDRadeonSoftware_10.21.10044.0_x64__0a9344xs7nr4m [2022-07-27] (Advanced Micro Devices Inc.) [Startup Task]
Cool File Viewer -> C:\Program Files\WindowsApps\20815shootingapp.AirFileViewer_1.5.2.0_x86__xcg28tkrsnqww [2023-02-08] (Cool File Viewer)
Dell Customer Connect -> C:\Program Files\WindowsApps\DellInc.DellCustomerConnect_5.4.1.0_x64__htrsf667h5kn2 [2022-11-22] (Dell Inc)
Dell Product Registration -> C:\Program Files\WindowsApps\dellinc.dellproductregistration_3.4.6.0_x64__htrsf667h5kn2 [2021-08-20] (Dell Inc)
Dropbox promotion -> C:\Program Files\WindowsApps\C27EB4BA.DropboxOEM_23.4.5.0_x64__xbfy0k16fey96 [2022-12-29] (Dropbox Inc.)
Media Suite Essentials for Dell -> C:\Program Files\WindowsApps\db6ea5db.mediasuiteessentialsfordell_2.6.4028.0_x86__mcezb6ze687jp [2021-08-20] (CYBERLINK CORPORATION.)
Netflix -> C:\Program Files\WindowsApps\4DF9E0F8.Netflix_6.98.1805.0_x64__mcm4njqhnhss8 [2022-02-15] (Netflix, Inc.)
Ovládacie centrum pre grafiku Intel® -> C:\Program Files\WindowsApps\AppUp.IntelGraphicsExperience_1.100.4478.0_x64__8j3eq9eme6ctt [2023-02-08] (INTEL CORP) [Startup Task]
Power Media Player for Dell -> C:\Program Files\WindowsApps\DB6EA5DB.PowerMediaPlayerforDell_14.2.4925.0_x86__mcezb6ze687jp [2022-08-13] (CYBERLINK CORPORATION.)
Power2Go for Dell -> C:\Program Files\WindowsApps\db6ea5db.power2gofordell_11.0.3920.0_x86__mcezb6ze687jp [2021-08-20] (CYBERLINK CORPORATION.) [Startup Task]
PowerDirector for Dell -> C:\Program Files\WindowsApps\db6ea5db.powerdirectorfordell_15.0.4409.0_x64__mcezb6ze687jp [2021-08-20] (CYBERLINK CORPORATION.)
SmartByte -> C:\Program Files\WindowsApps\RivetNetworks.SmartByte_3.1.1001.0_x64__rh07ty8m5nkag [2021-10-30] (Rivet Networks LLC)
Solitaire & Casual Games -> C:\Program Files\WindowsApps\Microsoft.MicrosoftSolitaireCollection_4.15.12020.0_x64__8wekyb3d8bbwe [2022-12-23] (Microsoft Studios) [MS Ad]
SupportAssist Driver Update -> C:\Program Files\WindowsApps\DriverToaster_1.5.0.0_x86__rqs2nt378nwsp [2022-02-08] (Dell Inc.)
Translator -> C:\Program Files\WindowsApps\Microsoft.BingTranslator_5.6.0.0_x64__8wekyb3d8bbwe [2021-08-20] (Microsoft Corporation)

==================== Custom CLSID (Whitelisted): ==============

(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)

CustomCLSID: HKU\S-1-5-21-2839459338-1313788641-3629757714-1001_Classes\CLSID\{345D3165-3889-4694-AB75-A91A27B217E8}\localserver32 -> C:\progamy\autocad\AutoCAD 2021\acad.exe (Autodesk, Inc. -> Autodesk, Inc.) [File not signed]
CustomCLSID: HKU\S-1-5-21-2839459338-1313788641-3629757714-1001_Classes\CLSID\{8B4929F8-076F-4AEC-AFEE-8928747B7AE3}\localserver32 -> C:\progamy\autocad\AutoCAD 2021\acad.exe (Autodesk, Inc. -> Autodesk, Inc.) [File not signed]
CustomCLSID: HKU\S-1-5-21-2839459338-1313788641-3629757714-1001_Classes\CLSID\{a9872fee-5a55-4ecb-9b0f-b06fedcf14d1}\localserver32 -> C:\Program Files\Waves\MaxxAudio\MaxxAudioPro.exe (Waves Inc -> Waves Audio Ltd)
CustomCLSID: HKU\S-1-5-21-2839459338-1313788641-3629757714-1001_Classes\CLSID\{E2C40589-DE61-11ce-BAE0-0020AF6D7005}\InprocServer32 -> C:\progamy\autocad\AutoCAD 2021\en-US\acadficn.dll (Autodesk, Inc. -> Autodesk, Inc.)
ShellIconOverlayIdentifiers: [AutoCAD Digital Signatures Icon Overlay Handler] -> {36A21736-36C2-4C11-8ACB-D4136F2B57BD} => C:\WINDOWS\system32\AcSignIcon.dll [2020-01-22] (Autodesk, Inc. -> Autodesk, Inc.)
ContextMenuHandlers1: [AcShellExtension.AcContextMenuHandler] -> {2E7A2C6C-B938-40a4-BA1C-C7EC982DC202} => C:\Program Files\Common Files\Autodesk Shared\AcShellEx\AcShellExtension.dll [2020-01-22] (Autodesk, Inc. -> Autodesk)
ContextMenuHandlers1: [MagicISO] -> {DB85C504-C730-49DD-BEC1-7B39C6103B7A} => C:\Program Files (x86)\MagicISO\misosh64.dll [2008-05-22] (MagicISO, Inc.) [File not signed]
ContextMenuHandlers1: [WinRAR] -> {B41DB860-64E4-11D2-9906-E49FADC173CA} => C:\progamy\win rar\rarext.dll [2021-06-11] (win.rar GmbH -> Alexander Roshal)
ContextMenuHandlers1-x32: [WinRAR32] -> {B41DB860-8EE4-11D2-9906-E49FADC173CA} => C:\progamy\win rar\rarext32.dll [2021-06-11] (win.rar GmbH -> Alexander Roshal)
ContextMenuHandlers4: [MagicISO] -> {DB85C504-C730-49DD-BEC1-7B39C6103B7A} => C:\Program Files (x86)\MagicISO\misosh64.dll [2008-05-22] (MagicISO, Inc.) [File not signed]
ContextMenuHandlers5: [ACE] -> {5E2121EE-0300-11D4-8D3B-444553540000} => C:\WINDOWS\System32\atiacm64.dll [2021-11-03] (Advanced Micro Devices Inc. -> Advanced Micro Devices, Inc.)
ContextMenuHandlers6: [MagicISO] -> {DB85C504-C730-49DD-BEC1-7B39C6103B7A} => C:\Program Files (x86)\MagicISO\misosh64.dll [2008-05-22] (MagicISO, Inc.) [File not signed]
ContextMenuHandlers6: [WinRAR] -> {B41DB860-64E4-11D2-9906-E49FADC173CA} => C:\progamy\win rar\rarext.dll [2021-06-11] (win.rar GmbH -> Alexander Roshal)
ContextMenuHandlers6-x32: [WinRAR32] -> {B41DB860-8EE4-11D2-9906-E49FADC173CA} => C:\progamy\win rar\rarext32.dll [2021-06-11] (win.rar GmbH -> Alexander Roshal)

==================== Codecs (Whitelisted) ====================

==================== Shortcuts & WMI ========================

==================== Loaded Modules (Whitelisted) =============

2017-04-25 12:10 - 2017-04-25 12:10 - 000010240 _____ (Dell Inc.) [File not signed] [File is in use] C:\Program Files (x86)\Dell\SupportAssistAgent\bin\ChatServer.dll
2017-05-03 16:20 - 2017-05-03 16:20 - 000086016 _____ (Dell Inc.) [File not signed] C:\Program Files\Dell\QuickSet\dadkeyb.dll
2017-04-25 12:10 - 2017-04-25 12:10 - 000315392 _____ (The Apache Software Foundation) [File not signed] [File is in use] C:\Program Files (x86)\Dell\SupportAssistAgent\bin\log4net.dll

==================== Alternate Data Streams (Whitelisted) ========

==================== Safe Mode (Whitelisted) ==================

==================== Association (Whitelisted) =================

(If an entry is included in the fixlist, the registry item will be restored to default or removed.)

HKU\S-1-5-21-2839459338-1313788641-3629757714-1001\Software\Classes\.scr: AutoCADScriptFile => C:\WINDOWS\system32\notepad.exe "%1"

==================== Internet Explorer (Whitelisted) ==========

HKLM\Software\Microsoft\Internet Explorer\Main,Start Page = about:blank
HKLM\Software\Wow6432Node\Microsoft\Internet Explorer\Main,Start Page = about:blank
HKU\S-1-5-21-2839459338-1313788641-3629757714-1001\Software\Microsoft\Internet Explorer\Main,Start Page = about:blank
HKU\S-1-5-21-2839459338-1313788641-3629757714-1001\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = hxxp://dell17win10.msn.com/?pc=DCTE
SearchScopes: HKU\S-1-5-21-2839459338-1313788641-3629757714-1001 -> DefaultScope {75A9A6D9-DCBC-40EE-AF97-515CE717860A} URL =
SearchScopes: HKU\S-1-5-21-2839459338-1313788641-3629757714-1001 -> {75A9A6D9-DCBC-40EE-AF97-515CE717860A} URL =
BHO: Skype for Business Browser Helper -> {31D09BA0-12F5-4CCE-BE8A-2923E76605DA} -> C:\Program Files (x86)\Microsoft Office\root\VFS\ProgramFilesX64\Microsoft Office\Office16\OCHelper.dll [2023-02-08] (Microsoft Corporation -> Microsoft Corporation)
Handler-x32: mso-minsb-roaming.16 - {83C25742-A9F7-49FB-9138-434302C88D07} - C:\Program Files (x86)\Microsoft Office\root\Office16\MSOSB.DLL [2023-03-10] (Microsoft Corporation -> Microsoft Corporation)
Handler-x32: mso-minsb.16 - {42089D2D-912D-4018-9087-2B87803E93FB} - C:\Program Files (x86)\Microsoft Office\root\Office16\MSOSB.DLL [2023-03-10] (Microsoft Corporation -> Microsoft Corporation)
Handler-x32: osf-roaming.16 - {42089D2D-912D-4018-9087-2B87803E93FB} - C:\Program Files (x86)\Microsoft Office\root\Office16\MSOSB.DLL [2023-03-10] (Microsoft Corporation -> Microsoft Corporation)
Handler-x32: osf.16 - {5504BE45-A83B-4808-900A-3A5C36E7F77A} - C:\Program Files (x86)\Microsoft Office\root\Office16\MSOSB.DLL [2023-03-10] (Microsoft Corporation -> Microsoft Corporation)

==================== Hosts content: =========================

(If needed Hosts: directive could be included in the fixlist to reset Hosts.)

2017-03-18 22:03 - 2017-03-18 22:01 - 000000824 _____ C:\WINDOWS\system32\drivers\etc\hosts

2023-02-11 13:03 - 2023-02-11 13:05 - 000000444 _____ C:\WINDOWS\system32\drivers\etc\hosts.ics

==================== Other Areas ===========================

(Currently there is no automatic fix for this section.)

HKLM\System\CurrentControlSet\Control\Session Manager\Environment\\Path -> C:\Program Files\Intel\iCLS Client\;%SystemRoot%\system32;%SystemRoot%;%SystemRoot%\System32\Wbem;%SYSTEMROOT%\System32\WindowsPowerShell\v1.0\;%SYSTEMROOT%\System32\OpenSSH\;C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\DAL;C:\Program Files\Intel\Intel(R) Management Engine Components\DAL
HKU\S-1-5-21-2839459338-1313788641-3629757714-1001\Control Panel\Desktop\\Wallpaper -> C:\WINDOWS\web\wallpaper\Windows\img0.jpg
DNS Servers: 192.168.2.1
HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Policies\System => (ConsentPromptBehaviorAdmin: 5) (ConsentPromptBehaviorUser: 3) (EnableLUA: 1)
Windows Firewall is enabled.

==================== MSCONFIG/TASK MANAGER disabled items ==

(If an entry is included in the fixlist, it will be removed.)

HKLM\...\StartupApproved\Run: => "WindowsDefender"
HKLM\...\StartupApproved\Run32: => "e79d569ba77562f0d4316e586835f0a2"
HKU\S-1-5-21-2839459338-1313788641-3629757714-1001\...\StartupApproved\Run: => "e79d569ba77562f0d4316e586835f0a2"

==================== FirewallRules (Whitelisted) ================

(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)

FirewallRules: [{471B1C8E-F2FD-46F9-B7BA-1FC0A5622BB5}] => (Allow) C:\Program Files (x86)\Microsoft Office\root\Office16\outlook.exe (Microsoft Corporation -> Microsoft Corporation)
FirewallRules: [{A7557C87-7A2F-410D-8606-DD7E404A2E26}] => (Allow) C:\Hry\princ z perzie\Prince of Persia The Forgotten Sands\Prince of Persia.exe (UBISOFT ENTERTAINMENT INC. -> ) [File not signed]
FirewallRules: [{C43FF57B-779C-4D46-A6EC-CA6382ED1522}] => (Allow) C:\Hry\princ z perzie\Prince of Persia The Forgotten Sands\Prince of Persia.exe (UBISOFT ENTERTAINMENT INC. -> ) [File not signed]
FirewallRules: [{D4A704B1-F805-4E60-91E3-7295BAC66F95}] => (Allow) C:\Hry\princ z perzie\Prince of Persia The Forgotten Sands\GameSettings.exe (UBISOFT ENTERTAINMENT INC. -> Ubisoft)
FirewallRules: [{D7F2DD60-E8E2-4901-972F-7AA5B7F05376}] => (Allow) C:\Hry\princ z perzie\Prince of Persia The Forgotten Sands\GameSettings.exe (UBISOFT ENTERTAINMENT INC. -> Ubisoft)
FirewallRules: [{DF2947D2-D8D9-4FBA-84CE-21D70998487C}] => (Allow) C:\Hry\princ z perzie\Prince of Persia The Forgotten Sands\gu.exe (UBISOFT ENTERTAINMENT INC. -> Ubisoft) [File not signed]
FirewallRules: [{47FC0FCB-51F0-4718-A473-4B7E47277BA1}] => (Allow) C:\Hry\princ z perzie\Prince of Persia The Forgotten Sands\gu.exe (UBISOFT ENTERTAINMENT INC. -> Ubisoft) [File not signed]
FirewallRules: [{6E784B39-7546-4905-93DD-C56089B26760}] => (Allow) C:\Hry\princ z perzie\Prince of Persia The Forgotten Sands\UPlayBrowser.exe (UBISOFT ENTERTAINMENT INC. -> Ubisoft Entertainment)
FirewallRules: [{69A89285-EEC1-4478-AF8A-9FA8E3C7B488}] => (Allow) C:\Hry\princ z perzie\Prince of Persia The Forgotten Sands\UPlayBrowser.exe (UBISOFT ENTERTAINMENT INC. -> Ubisoft Entertainment)
FirewallRules: [{5F297BE9-13CC-43A0-9A8C-F897904EF6A8}] => (Allow) C:\Program Files (x86)\Ubisoft\Ubisoft Game Launcher\UbisoftGameLauncher.exe (Ubisoft Massive -> Ubisoft)
FirewallRules: [{79581602-3BA2-47BA-BB81-CE8A0B9A0D90}] => (Allow) C:\Program Files (x86)\Ubisoft\Ubisoft Game Launcher\UbisoftGameLauncher.exe (Ubisoft Massive -> Ubisoft)
FirewallRules: [TCP Query User{78A257E3-1F92-43D4-91F8-1F704045CE8E}C:\hry\call of duty 5\call of duty - world at war\codwaw.exe] => (Block) C:\hry\call of duty 5\call of duty - world at war\codwaw.exe (Activision Blizzard, Inc.) [File not signed]
FirewallRules: [UDP Query User{64C9BF8B-F1F7-4D32-A7E2-CEB2F98A9900}C:\hry\call of duty 5\call of duty - world at war\codwaw.exe] => (Block) C:\hry\call of duty 5\call of duty - world at war\codwaw.exe (Activision Blizzard, Inc.) [File not signed]
FirewallRules: [{9C42A23A-C4FF-4200-8205-4AB57AE787EB}] => (Allow) C:\Program Files (x86)\Microsoft\EdgeWebView\Application\109.0.1518.78\msedgewebview2.exe (Microsoft Corporation -> Microsoft Corporation)
FirewallRules: [{B64F549B-23DE-4789-A593-9FA4CE67414B}] => (Allow) C:\Program Files\WindowsApps\Microsoft.SkypeApp_15.93.3404.0_x86__kzf8qxf38zg5c\Skype\Skype.exe (Skype Software Sarl -> Skype Technologies S.A.)
FirewallRules: [{379A54BB-FD28-4DB4-B566-502388668B43}] => (Allow) C:\Program Files\WindowsApps\Microsoft.SkypeApp_15.93.3404.0_x86__kzf8qxf38zg5c\Skype\Skype.exe (Skype Software Sarl -> Skype Technologies S.A.)
FirewallRules: [{49FDCCD8-2F31-42BE-A33B-70CE5C919497}] => (Allow) C:\Program Files\WindowsApps\Microsoft.SkypeApp_15.93.3404.0_x86__kzf8qxf38zg5c\Skype\Skype.exe (Skype Software Sarl -> Skype Technologies S.A.)
FirewallRules: [{7A47047D-5B73-4D07-932D-D8A27B4C1DD3}] => (Allow) C:\Program Files\WindowsApps\Microsoft.SkypeApp_15.93.3404.0_x86__kzf8qxf38zg5c\Skype\Skype.exe (Skype Software Sarl -> Skype Technologies S.A.)
FirewallRules: [{01A124CD-3F09-41CD-B7D5-B31C3EB9A8C3}] => (Allow) C:\Program Files\Google\Chrome\Application\chrome.exe (Google LLC -> Google LLC)

==================== Restore Points =========================


==================== Faulty Device Manager Devices ============


==================== Event log errors: ========================

Application errors:
==================
Error: (03/13/2023 08:49:09 PM) (Source: DPTF) (EventID: 256) (User: )
Description: Intel(R) Dynamic Platform and Thermal Framework : ESIF(8.3.10209.6897) TYPE: ERROR MODULE: DPTF TIME 251530751 ms

DPTF Build Version: 8.3.10209.6897
DPTF Build Date: Aug 21 2018 21:44:24
Source File: ..\..\..\..\Sources\Policies\ConfigTdpPolicy\ConfigTdpPolicy.cpp @ line 155
Executing Function: ConfigTdpPolicy::onBindDomain
Message: ConfigTdp not supported.
Participant: TCPU [0]
Domain: PKG [0]
Policy: ConfigTDP Policy [0]

Error: (03/13/2023 08:49:09 PM) (Source: DPTF) (EventID: 256) (User: )
Description: Intel(R) Dynamic Platform and Thermal Framework : ESIF(8.3.10209.6897) TYPE: ERROR MODULE: DPTF TIME 251530746 ms

DPTF Build Version: 8.3.10209.6897
DPTF Build Date: Aug 21 2018 21:44:24
Source File: ..\..\..\..\Sources\Policies\ConfigTdpPolicy\ConfigTdpPolicy.cpp @ line 342
Executing Function: ConfigTdpPolicy::synchronizeConfigTdpPlatformSettings
Message: ConfigTdp not supported.
Policy: ConfigTDP Policy [0]

Error: (03/10/2023 11:21:14 PM) (Source: Application Error) (EventID: 1000) (User: )
Description: Názov chybujúcej aplikácie: Radeonsoftware.exe, verzia: 10.1.2.1862, časová značka: 0x62de417f
Názov chybujúceho modulu: Radeonsoftware.exe, verzia: 10.1.2.1862, časová značka: 0x62de417f
Kód výnimky: 0xc0000005
Odstup chyby: 0x000000000015b630
Identifikácia chybujúceho procesu: 0x1908
Čas spustenia chybujúcej aplikácie: 0x01d9539e9dafb46d
Cesta chybujúcej aplikácie: C:\Program Files\WindowsApps\AdvancedMicroDevicesInc-2.AMDRadeonSoftware_10.21.10044.0_x64__0a9344xs7nr4m\radeonsoftware\Radeonsoftware.exe
Cesta chybujúceho modulu: C:\Program Files\WindowsApps\AdvancedMicroDevicesInc-2.AMDRadeonSoftware_10.21.10044.0_x64__0a9344xs7nr4m\radeonsoftware\Radeonsoftware.exe
Identifikácia hlásenia: cfe6d257-26b8-4a0a-9c53-345685cb6b85
Celé meno chybujúceho balíka: AdvancedMicroDevicesInc-2.AMDRadeonSoftware_10.21.10044.0_x64__0a9344xs7nr4m
Identifikácia chybujúcej aplikácie vzhľadom na balík: AMDRadeonsoftwareUWP

Error: (03/10/2023 11:20:14 PM) (Source: Application Hang) (EventID: 1002) (User: )
Description: The program explorer.exe version 10.0.19041.2486 stopped interacting with Windows and was closed. To see if more information about the problem is available, check the problem history in the Security and Maintenance control panel.

Process ID: 2128

Start Time: 01d9539e41dfbbb0

Termination Time: 0

Application Path: C:\Windows\explorer.exe

Report Id: 2ff8daa5-e650-42f0-ba36-b910e8898bdb

Faulting package full name:

Faulting package-relative application ID:

Hang type: Cross-process

Error: (03/10/2023 11:18:08 PM) (Source: DPTF) (EventID: 256) (User: )
Description: Intel(R) Dynamic Platform and Thermal Framework : ESIF(8.3.10209.6897) TYPE: ERROR MODULE: DPTF TIME 1270145 ms

DPTF Build Version: 8.3.10209.6897
DPTF Build Date: Aug 21 2018 21:44:24
Source File: ..\..\..\..\Sources\Policies\ConfigTdpPolicy\ConfigTdpPolicy.cpp @ line 155
Executing Function: ConfigTdpPolicy::onBindDomain
Message: ConfigTdp not supported.
Participant: TCPU [0]
Domain: PKG [0]
Policy: ConfigTDP Policy [0]

Error: (03/10/2023 11:18:08 PM) (Source: DPTF) (EventID: 256) (User: )
Description: Intel(R) Dynamic Platform and Thermal Framework : ESIF(8.3.10209.6897) TYPE: ERROR MODULE: DPTF TIME 1269838 ms

DPTF Build Version: 8.3.10209.6897
DPTF Build Date: Aug 21 2018 21:44:24
Source File: ..\..\..\..\Sources\Policies\ConfigTdpPolicy\ConfigTdpPolicy.cpp @ line 342
Executing Function: ConfigTdpPolicy::synchronizeConfigTdpPlatformSettings
Message: ConfigTdp not supported.
Policy: ConfigTDP Policy [0]

Error: (03/10/2023 11:02:04 PM) (Source: Application Error) (EventID: 1000) (User: )
Description: Názov chybujúcej aplikácie: Radeonsoftware.exe, verzia: 10.1.2.1862, časová značka: 0x62de417f
Názov chybujúceho modulu: Radeonsoftware.exe, verzia: 10.1.2.1862, časová značka: 0x62de417f
Kód výnimky: 0xc0000005
Odstup chyby: 0x000000000015b630
Identifikácia chybujúceho procesu: 0x23fc
Čas spustenia chybujúcej aplikácie: 0x01d9539beff2c2ee
Cesta chybujúcej aplikácie: C:\Program Files\WindowsApps\AdvancedMicroDevicesInc-2.AMDRadeonSoftware_10.21.10044.0_x64__0a9344xs7nr4m\radeonsoftware\Radeonsoftware.exe
Cesta chybujúceho modulu: C:\Program Files\WindowsApps\AdvancedMicroDevicesInc-2.AMDRadeonSoftware_10.21.10044.0_x64__0a9344xs7nr4m\radeonsoftware\Radeonsoftware.exe
Identifikácia hlásenia: 8b6c619e-4463-4f28-8368-53d5c27fdb36
Celé meno chybujúceho balíka: AdvancedMicroDevicesInc-2.AMDRadeonSoftware_10.21.10044.0_x64__0a9344xs7nr4m
Identifikácia chybujúcej aplikácie vzhľadom na balík: AMDRadeonsoftwareUWP

Error: (03/10/2023 11:01:24 PM) (Source: SideBySide) (EventID: 59) (User: )
Description: Activation context generation failed for "C:\Program Files (x86)\Dell\UpdateService\ServiceShell.exe".Error in manifest or policy file "C:\Program Files (x86)\Dell\UpdateService\ServiceShell.exe.Config" on line 12.
Invalid Xml syntax.


System errors:
=============
Error: (03/10/2023 11:01:24 PM) (Source: Service Control Manager) (EventID: 7000) (User: )
Description: Spustenie služby Dell Client Management Service zlyhalo kvôli nasledujúcej chybe:
The application has failed to start because its side-by-side configuration is incorrect. Please see the application event log or use the command-line sxstrace.exe tool for more detail.

Error: (03/10/2023 10:58:06 PM) (Source: Service Control Manager) (EventID: 7000) (User: )
Description: Spustenie služby LMS zlyhalo kvôli nasledujúcej chybe:
The system cannot find the file specified.

Error: (03/10/2023 10:57:34 PM) (Source: volmgr) (EventID: 161) (User: )
Description: Dump file creation failed due to error during dump creation.

Error: (03/10/2023 10:58:03 PM) (Source: EventLog) (EventID: 6008) (User: )
Description: The previous system shutdown at 20:48:52 on ‎10. ‎3. ‎2023 was unexpected.

Error: (03/10/2023 09:00:38 PM) (Source: Service Control Manager) (EventID: 7022) (User: )
Description: Služba Windows Search sa pri spustení zablokovala.

Error: (03/10/2023 08:57:50 PM) (Source: Service Control Manager) (EventID: 7022) (User: )
Description: Služba Update Orchestrator Service sa pri spustení zablokovala.

Error: (03/10/2023 08:55:43 PM) (Source: Service Control Manager) (EventID: 7000) (User: )
Description: Spustenie služby Dell SupportAssist Agent zlyhalo kvôli nasledujúcej chybe:
The service did not respond to the start or control request in a timely fashion.

Error: (03/10/2023 08:55:43 PM) (Source: Service Control Manager) (EventID: 7009) (User: )
Description: Počas čakania na pripojenie služby Dell SupportAssist Agent bol dosiahnutý časový limit (30000 ms).


Windows Defender:
================
Date: 2023-03-03 09:20:59
Description:
Microsoft Defender Antivirus scan has been stopped before completion.
Scan Type: Antimalware
Scan Parameters: Quick Scan

Date: 2023-02-11 19:44:44
Description:
Microsoft Defender Antivirus scan has been stopped before completion.
Scan Type: Antimalware
Scan Parameters: Quick Scan

Date: 2023-02-11 19:37:24
Description:
Microsoft Defender Antivirus scan has been stopped before completion.
Scan Type: Antimalware
Scan Parameters: Quick Scan

Date: 2023-02-08 16:02:10
Description:
Microsoft Defender Antivirus scan has been stopped before completion.
Scan Type: Antimalware
Scan Parameters: Quick Scan

Date: 2023-02-08 11:43:02
Description:
Microsoft Defender Antivirus scan has been stopped before completion.
Scan Type: Antimalware
Scan Parameters: Quick Scan
Event[0]:

Date: 2023-03-13 21:06:37
Description:
Microsoft Defender Antivirus has encountered an error trying to update security intelligence.
New security intelligence Version:
Previous security intelligence Version: 1.383.1738.0
Update Source: Microsoft Malware Protection Center
Security intelligence Type: AntiVirus
Update Type: Full
Current Engine Version:
Previous Engine Version: 1.1.20000.2
Error code: 0x8050a003
Error description: Tento balík neobsahuje aktuálne súbory definícií pre tento program. Ďalšie informácie nájdete v Pomoci a technickej podpore.

Date: 2023-03-13 21:06:37
Description:
Microsoft Defender Antivirus has encountered an error trying to update security intelligence.
New security intelligence Version:
Previous security intelligence Version: 1.383.1738.0
Update Source: Microsoft Malware Protection Center
Security intelligence Type: AntiSpyware
Update Type: Full
Current Engine Version:
Previous Engine Version: 1.1.20000.2
Error code: 0x8050a003
Error description: Tento balík neobsahuje aktuálne súbory definícií pre tento program. Ďalšie informácie nájdete v Pomoci a technickej podpore.

Date: 2023-03-13 21:06:37
Description:
Microsoft Defender Antivirus has encountered an error trying to update security intelligence.
New security intelligence Version:
Previous security intelligence Version: 1.383.1738.0
Update Source: Microsoft Malware Protection Center
Security intelligence Type: AntiVirus
Update Type: Full
Current Engine Version:
Previous Engine Version: 1.1.20000.2
Error code: 0x8050a003
Error description: Tento balík neobsahuje aktuálne súbory definícií pre tento program. Ďalšie informácie nájdete v Pomoci a technickej podpore.

Date: 2023-03-13 21:05:15
Description:
Microsoft Defender Antivirus has encountered an error trying to update security intelligence.
New security intelligence Version:
Previous security intelligence Version: 1.383.1509.0
Update Source: Microsoft Update Server
Security intelligence Type: AntiVirus
Update Type: Full
Current Engine Version:
Previous Engine Version: 1.1.20000.2
Error code: 0x80070102
Error description: The wait operation timed out.

Date: 2023-03-13 21:05:15
Description:
Microsoft Defender Antivirus has encountered an error trying to update security intelligence.
New security intelligence Version:
Previous security intelligence Version: 1.383.1509.0
Update Source: Microsoft Update Server
Security intelligence Type: AntiVirus
Update Type: Full
Current Engine Version:
Previous Engine Version: 1.1.20000.2
Error code: 0x80070102
Error description: The wait operation timed out.

CodeIntegrity:
===============
Date: 2023-02-09 12:56:17
Description:
Code Integrity determined that a process (\Device\HarddiskVolume3\ProgramData\Microsoft\Windows Defender\Platform\4.18.2211.5-0\MsMpEng.exe) attempted to load \Device\HarddiskVolume3\Program Files (x86)\Microsoft Office\root\VFS\ProgramFilesCommonX64\Microsoft Shared\OFFICE16\MSOXMLMF.DLL that did not meet the Custom 3 / Antimalware signing level requirements.

Date: 2023-02-09 10:34:35
Description:
Code Integrity is unable to verify the image integrity of the file \Device\HarddiskVolume3\Windows\System32\aepic.dll because the set of per-page image hashes could not be found on the system.

Date: 2023-02-08 20:30:08
Description:
Code Integrity determined that a process (\Device\HarddiskVolume3\ProgramData\Microsoft\Windows Defender\Platform\4.18.2211.5-0\MsMpEng.exe) attempted to load \Device\HarddiskVolume3\Windows\System32\DriverStore\FileRepository\iigd_dch.inf_amd64_4de65d949492707a\igd10iumd64.dll that did not meet the Custom 3 / Antimalware signing level requirements.


==================== Memory info ===========================

BIOS: Dell Inc. 2.18.0 12/15/2021
Motherboard: Dell Inc. 0JTTXY
Processor: Intel(R) Core(TM) i3-6006U CPU @ 2.00GHz
Percentage of memory in use: 92%
Total physical RAM: 3961.82 MB
Available physical RAM: 299.94 MB
Total Virtual: 7801.82 MB
Available Virtual: 3458.97 MB

==================== Drives ================================

Drive c: (OS) (Fixed) (Total:916.61 GB) (Free:81.94 GB) (Model: ST1000LM035-1RK172) NTFS

\\?\Volume{272a04cc-f698-49db-9c11-d4ce5b0f3600}\ () (Fixed) (Total:0.79 GB) (Free:0.33 GB) NTFS
\\?\Volume{c5e481d6-6489-4ee6-842b-4d7ab5485d7a}\ (Image) (Fixed) (Total:12.33 GB) (Free:0.14 GB) NTFS
\\?\Volume{f094355e-8333-4449-a8bd-39f1777c42ab}\ (DELLSUPPORT) (Fixed) (Total:1.17 GB) (Free:0.33 GB) NTFS
\\?\Volume{18a9fd8b-361b-4b62-8bd4-0b861dbc0160}\ (ESP) (Fixed) (Total:0.48 GB) (Free:0.42 GB) FAT32

==================== MBR & Partition Table ====================

==========================================================
Disk: 0 (Size: 931.5 GB) (Disk ID: E648B2F0)

Partition: GPT.

==================== End of Addition.txt =======================

Uživatelský avatar
Rudy
Site Admin
Site Admin
Příspěvky: 118199
Registrován: 30 říj 2003 13:42
Bydliště: Plzeň
Kontaktovat uživatele:

Re: prosim o kontolu

#2 Příspěvek od Rudy »

Zdravím!
Otevřte poznámkový blok a zkopírujte do něj:
Start

CloseProcesses:
HKLM\...\Run: [] => [X]
HKLM-x32\...\Run: [] => [X]
HKU\S-1-5-21-2839459338-1313788641-3629757714-1001\...\Run: [] => [X]
HKU\S-1-5-21-2839459338-1313788641-3629757714-1001\...\Run: [e79d569ba77562f0d4316e586835f0a2] => C:\Program Files\Intel\iCLS Client\\.. [0 ] () <==== ATTENTION [zero byte? (Error=123)]
HKLM\SOFTWARE\Policies\Mozilla\Firefox: Restriction <==== ATTENTION
Task: {0C518199-F01B-42CF-9CB7-16710B002812} - \Microsoft\Windows\EnterpriseMgmt\MDMMaintenenceTask -> No File <==== ATTENTION
Task: {1960F02C-8081-446E-A5BA-D4603FD8C8B1} - \Microsoft\Windows\UpdateOrchestrator\Policy Install -> No File <==== ATTENTION
Task: {2EEFEEAE-72B3-4A5E-9011-F8AD7EB0E4F4} - \Microsoft\Windows\UpdateOrchestrator\USO_UxBroker_Display -> No File <==== ATTENTION
Task: {4B6926D3-D490-4D93-82CE-D109F1D1BC80} - \Microsoft\Windows\WindowsUpdate\sih -> No File <==== ATTENTION
Task: {7072963F-3763-4E9F-A1F5-DE9703BAE827} - \Microsoft\Windows\Shell\FamilySafetyMonitorToastTask -> No File <==== ATTENTION
Task: {85612FE3-87C2-4449-8CC8-C92A92166063} - \Microsoft\Windows\UpdateOrchestrator\USO_UxBroker_ReadyToReboot -> No File <==== ATTENTION
Task: {ABCFAB97-9A6D-474A-AE87-91C0F2BE3AC2} - \Microsoft\Windows\UpdateOrchestrator\Maintenance Install -> No File <==== ATTENTION
Task: {C1C9B720-9479-4DD4-A545-18F0DDED33A2} - \Microsoft\Windows\UpdateOrchestrator\Combined Scan Download Install -> No File <==== ATTENTION
HKLM\SOFTWARE\Policies\Microsoft\Windows\CurrentVersion\Internet Settings\Zones\3: <==== ATTENTION (Restriction - Zones)
Task: {9B966314-729A-4B7A-9863-1F203114749D} - System32\Tasks\GoogleUpdateTaskMachineCore => C:\Program Files (x86)\Google\Update\GoogleUpdate.exe [156232 2021-08-20] (Google LLC -> Google LLC)
Task: {5948B97C-26F9-4305-99AA-BF42887C4DC4} - System32\Tasks\GoogleUpdateTaskMachineUA => C:\Program Files (x86)\Google\Update\GoogleUpdate.exe [156232 2021-08-20] (Google LLC -> Google LLC)
SearchScopes: HKU\S-1-5-21-2839459338-1313788641-3629757714-1001 -> DefaultScope {75A9A6D9-DCBC-40EE-AF97-515CE717860A} URL =
SearchScopes: HKU\S-1-5-21-2839459338-1313788641-3629757714-1001 -> {75A9A6D9-DCBC-40EE-AF97-515CE717860A} URL =

EmptyTemp:
End
Uložte do C:\Users\orave\Downloads jako fixlist.txt. Spusťte znovu FRST a klikněte na >Fix<. Po skončení akce se objeví log, který sem zkopírujte.
Dotazy a logy vkládejte pouze do vašich threadů. Soukromé zprávy, icq a e-maily neslouží k řešení vašich problémů.

Podpořte, prosím, naše fórum : https://platba.viry.cz/payment/.

Navštivte: Obrázek

e-mail: rudy(zavináč)forum.viry.cz

Varování:
Před odvirováním PC si udělejte zálohy svých důležitých dat (pošta, kontakty, dokumenty, fotografie, videa, hudba apod.). Virus mimo svých "viditelných" aktivit může poškodit systém!


Po dořešení vašeho problému bude vlákno zamknuto. Stejně tak tehdy, pokud bude nečinné více než 14dnů. Pokud budete chtít vlákno aktivovat, napište mi na mail uvedený výše.

Petkoor1
Návštěvník
Návštěvník
Příspěvky: 4
Registrován: 13 bře 2023 21:26

Re: prosim o kontolu

#3 Příspěvek od Petkoor1 »

Scan result of Farbar Recovery Scan Tool (FRST) (x64) Version: 12-03-2023
Ran by orave (administrator) on DESKTOP-BJE2FMV (Dell Inc. Inspiron 15-3567) (14-03-2023 00:44:14)
Running from C:\Users\orave\Downloads
Loaded Profiles: orave
Platform: Microsoft Windows 10 Home Version 21H2 19044.2486 (X64) Language: Slovenčina (Slovensko)
Default browser not detected!
Boot Mode: Normal

==================== Processes (Whitelisted) =================

(If an entry is included in the fixlist, the process will be closed. The file will not be moved.)

(Advanced Micro Devices Inc.) C:\Program Files\WindowsApps\AdvancedMicroDevicesInc-2.AMDRadeonSoftware_10.21.10044.0_x64__0a9344xs7nr4m\radeonsoftware\cncmd.exe
(Advanced Micro Devices Inc.) C:\Program Files\WindowsApps\AdvancedMicroDevicesInc-2.AMDRadeonSoftware_10.21.10044.0_x64__0a9344xs7nr4m\radeonsoftware\RadeonSoftware.exe
(Autodesk, Inc. -> Autodesk) C:\Users\orave\AppData\Local\Programs\Autodesk\Genuine Service\GenuineService.exe
(Autodesk, Inc. -> Autodesk, Inc.) C:\Program Files (x86)\Autodesk\Autodesk Desktop App\AutodeskDesktopApp.exe
(C:\Program Files\Realtek\Audio\HDA\RtkAudioService64.exe ->) (Realtek Semiconductor Corp. -> Realtek Semiconductor) C:\Program Files\Realtek\Audio\HDA\RAVBg64.exe <2>
(C:\Program Files\Rivet Networks\SmartByte\RAPSService.exe ->) (Rivet Networks LLC -> Rivet Networks LLC) C:\Program Files\Rivet Networks\SmartByte\RAPS.exe
(C:\Program Files\Synaptics\SynTP\SynTPEnhService.exe ->) (Synaptics Incorporated -> Synaptics Incorporated) C:\Program Files\Synaptics\SynTP\SynTPEnh.exe
(DriverStore\FileRepository\cui_dch.inf_amd64_7208949846a9b9dc\igfxCUIService.exe ->) (Intel Corporation -> Intel Corporation) C:\Windows\System32\DriverStore\FileRepository\cui_dch.inf_amd64_7208949846a9b9dc\igfxEM.exe
(DriverStore\FileRepository\u0373239.inf_amd64_f252104aa26b8a69\B371260\atiesrxx.exe ->) (Advanced Micro Devices Inc. -> AMD) C:\Windows\System32\DriverStore\FileRepository\u0373239.inf_amd64_f252104aa26b8a69\B371260\atieclxx.exe
(explorer.exe ->) (Dell Inc.) [File not signed] C:\Program Files\Dell\QuickSet\quickset.exe
(explorer.exe ->) (Intel(R) Rapid Storage Technology -> Intel Corporation) C:\Program Files\Intel\Intel(R) Rapid Storage Technology\IAStorIconLaunch.exe
(explorer.exe ->) (Realtek Semiconductor Corp. -> Realtek Semiconductor) C:\Program Files\Realtek\Audio\HDA\RtkNGUI64.exe
(explorer.exe ->) (Waves Inc -> Waves Audio Ltd.) C:\Program Files\Waves\MaxxAudio\WavesSvc64.exe
(Intel\DPTF\esif_uf.exe ->) (Intel Corporation -> Intel Corporation) C:\Windows\System32\Intel\DPTF\dptf_helper.exe
(Microsoft Corporation) C:\Program Files\WindowsApps\Microsoft.549981C3F5F10_4.2204.13303.0_x64__8wekyb3d8bbwe\Win32Bridge.Server.exe
(services.exe ->) (Advanced Micro Devices Inc. -> AMD) C:\Windows\System32\DriverStore\FileRepository\u0373239.inf_amd64_f252104aa26b8a69\B371260\atiesrxx.exe
(services.exe ->) (Autodesk, Inc. -> Autodesk Inc.) C:\Program Files (x86)\Autodesk\Autodesk Desktop App\AdAppMgrSvc.exe
(services.exe ->) (Autodesk, Inc. -> Autodesk) C:\Program Files (x86)\Common Files\Autodesk Shared\AdskLicensing\10.1.0.3194\AdskLicensingService\AdskLicensingService.exe
(services.exe ->) (Flexera Software LLC -> Flexera) C:\Program Files (x86)\Common Files\Macrovision Shared\FlexNet Publisher\FNPLicensingService.exe
(services.exe ->) (Intel Corporation -> Intel Corporation) C:\Windows\System32\DriverStore\FileRepository\cui_dch.inf_amd64_7208949846a9b9dc\igfxCUIService.exe
(services.exe ->) (Intel Corporation -> Intel Corporation) C:\Windows\System32\DriverStore\FileRepository\igcc_dch.inf_amd64_9cf4db1a1fd1b22d\OneApp.IGCC.WinService.exe
(services.exe ->) (Intel Corporation -> Intel Corporation) C:\Windows\System32\DriverStore\FileRepository\iigd_dch.inf_amd64_4de65d949492707a\IntelCpHDCPSvc.exe
(services.exe ->) (Intel Corporation -> Intel Corporation) C:\Windows\System32\DriverStore\FileRepository\iigd_dch.inf_amd64_4de65d949492707a\IntelCpHeciSvc.exe
(services.exe ->) (Intel Corporation -> Intel Corporation) C:\Windows\System32\DriverStore\FileRepository\mewmiprov.inf_amd64_cad1db73e8c782a6\WMIRegistrationService.exe
(services.exe ->) (Intel Corporation -> Intel Corporation) C:\Windows\System32\Intel\DPTF\esif_uf.exe
(services.exe ->) (Intel(R) Corporation -> Intel Corporation) C:\Program Files\Intel\IntelSGXPSW\bin\x64\Release\aesm_service.exe
(services.exe ->) (Intel(R) Embedded Subsystems and IP Blocks Group -> Intel Corporation) C:\Windows\System32\DriverStore\FileRepository\dal.inf_amd64_b5484efd38adbe8d\jhi_service.exe
(services.exe ->) (Lespeed Technology Co., Ltd -> WiseCleaner.com) C:\Program Files (x86)\Wise\Wise Care 365\BootTime.exe
(services.exe ->) (Microsoft Corporation -> Microsoft Corporation) C:\Program Files\Common Files\microsoft shared\ClickToRun\OfficeClickToRun.exe
(services.exe ->) (Microsoft Corporation -> Microsoft Corporation) C:\Windows\Microsoft.NET\Framework64\v3.0\WPF\PresentationFontCache.exe
(services.exe ->) (Microsoft Windows Hardware Compatibility Publisher -> Advanced Micro Devices, Inc.) C:\Windows\System32\amdfendrsr.exe
(services.exe ->) (Microsoft Windows Publisher -> Microsoft Corporation) C:\ProgramData\Microsoft\Windows Defender\Platform\4.18.2301.6-0\MsMpEng.exe
(services.exe ->) (Microsoft Windows Publisher -> Microsoft Corporation) C:\ProgramData\Microsoft\Windows Defender\Platform\4.18.2301.6-0\NisSrv.exe
(services.exe ->) (Qualcomm Atheros -> Windows (R) Win 7 DDK provider) C:\Windows\System32\drivers\AdminService.exe
(services.exe ->) (Realtek Semiconductor Corp. -> Realtek Semiconductor) C:\Program Files\Realtek\Audio\HDA\RtkAudioService64.exe
(services.exe ->) (Rivet Networks LLC -> Rivet Networks) C:\Program Files\Rivet Networks\SmartByte\SmartByteAnalyticsService.exe
(services.exe ->) (Rivet Networks LLC -> Rivet Networks) C:\Program Files\Rivet Networks\SmartByte\SmartByteNetworkService.exe
(services.exe ->) (Rivet Networks LLC -> Rivet Networks, LLC.) C:\Program Files\Rivet Networks\SmartByte\RAPSService.exe
(services.exe ->) (Synaptics Incorporated -> Synaptics Incorporated) C:\Program Files\Synaptics\SynTP\SynTPEnhService.exe
(services.exe ->) (Waves Inc -> Waves Audio Ltd.) C:\Program Files\Waves\MaxxAudio\WavesSysSvc64.exe
(svchost.exe ->) (Lespeed Technology Co., Ltd -> WiseCleaner.com) C:\Program Files (x86)\Wise\Wise Care 365\WiseTray.exe
(svchost.exe ->) (Microsoft Corporation -> Microsoft Corporation) C:\Program Files (x86)\Microsoft\EdgeUpdate\MicrosoftEdgeUpdate.exe
(svchost.exe ->) (Microsoft Corporation) C:\Program Files\WindowsApps\Microsoft.549981C3F5F10_4.2204.13303.0_x64__8wekyb3d8bbwe\Cortana.exe
(svchost.exe ->) (Microsoft Windows -> Microsoft Corporation) C:\Windows\System32\dllhost.exe
(svchost.exe ->) (Microsoft Windows -> Microsoft Corporation) C:\Windows\System32\dxgiadaptercache.exe
(svchost.exe ->) (Microsoft Windows -> Microsoft Corporation) C:\Windows\System32\MoUsoCoreWorker.exe
(svchost.exe ->) (Microsoft Windows -> Microsoft Corporation) C:\Windows\System32\smartscreen.exe
(svchost.exe ->) (Microsoft Windows -> Microsoft Corporation) C:\Windows\System32\WWAHost.exe
(svchost.exe ->) (Microsoft Windows -> Microsoft Corporation) C:\Windows\WinSxS\amd64_microsoft-windows-servicingstack_31bf3856ad364e35_10.0.19041.2300_none_7e14edbc7c88b7d5\TiWorker.exe
(Synaptics Incorporated -> Synaptics Incorporated) C:\Program Files\Synaptics\SynTP\SynTPHelper.exe

==================== Registry (Whitelisted) ===================

(If an entry is included in the fixlist, the registry item will be restored to default or removed. The file will not be moved.)

HKLM\...\Run: [RTHDVCPL] => C:\Program Files\Realtek\Audio\HDA\RtkNGUI64.exe [11102816 2021-01-22] (Realtek Semiconductor Corp. -> Realtek Semiconductor)
HKLM\...\Run: [QuickSet] => c:\Program Files\Dell\QuickSet\QuickSet.exe [3910656 2017-05-03] (Dell Inc.) [File not signed]
HKLM\...\Run: [IAStorIcon] => C:\Program Files\Intel\Intel(R) Rapid Storage Technology\IAStorIcon.exe [320056 2019-08-13] (Intel(R) Rapid Storage Technology -> Intel Corporation)
HKLM\...\Run: [WavesSvc] => C:\Program Files\Waves\MaxxAudio\WavesSvc64.exe [940976 2016-11-19] (Waves Inc -> Waves Audio Ltd.)
HKLM\...\Run: [RtHDVBg_PushButton] => C:\Program Files\Realtek\Audio\HDA\RAVBg64.exe [3618096 2021-01-22] (Realtek Semiconductor Corp. -> Realtek Semiconductor)
HKLM-x32\...\Run: [e79d569ba77562f0d4316e586835f0a2] => C:\Program Files\Intel\iCLS Client\\.. [0 ] () <==== ATTENTION [zero byte? (Error=123)]
HKLM-x32\...\Run: [Autodesk Desktop App] => C:\Program Files (x86)\Autodesk\Autodesk Desktop App\AutodeskDesktopApp.exe [589840 2022-07-13] (Autodesk, Inc. -> Autodesk, Inc.)
HKLM-x32\...\Run: [Autodesk Genuine Service ] => C:\Users\orave\AppData\Local\Programs\Autodesk\Genuine Service\GenuineService.exe [1077864 2020-01-02] (Autodesk, Inc. -> Autodesk)
HKU\S-1-5-21-2839459338-1313788641-3629757714-1001\...\Policies\Explorer: []
HKU\S-1-5-21-2839459338-1313788641-3629757714-1001\...\Policies\Explorer: [NoLowDiskSpaceChecks] 1
HKLM\Software\...\AppCompatFlags\Custom\1602.exe: [{b7082f5b-b3cc-44ac-a030-69ef3e35225d}.sdb] -> GOG.com Anno 1602
HKLM\Software\...\AppCompatFlags\Custom\1602Edit.exe: [{b7082f5b-b3cc-44ac-a030-69ef3e35225d}.sdb] -> GOG.com Anno 1602
HKLM\Software\...\AppCompatFlags\Custom\7k.exe: [{50ccf586-6cea-4070-8a01-2dd031f6098e}.sdb] -> GOG.com Seven Kingdoms
HKLM\Software\...\AppCompatFlags\InstalledSDB\{50ccf586-6cea-4070-8a01-2dd031f6098e}: [DatabasePath] -> C:\WINDOWS\AppPatch\CustomSDB\{50ccf586-6cea-4070-8a01-2dd031f6098e}.sdb [2012-12-31]
HKLM\Software\...\AppCompatFlags\InstalledSDB\{b7082f5b-b3cc-44ac-a030-69ef3e35225d}: [DatabasePath] -> C:\WINDOWS\AppPatch\CustomSDB\{b7082f5b-b3cc-44ac-a030-69ef3e35225d}.sdb [2015-07-28]
HKLM\Software\Microsoft\Active Setup\Installed Components: [{8A69D345-D564-463c-AFF1-A69D9E530F96}] -> C:\Program Files\Google\Chrome\Application\111.0.5563.65\Installer\chrmstp.exe [2023-03-13] (Google LLC -> Google LLC)

==================== Scheduled Tasks (Whitelisted) ============

(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)

Task: {0772AA2B-E723-43B7-BB2B-95A20D800A78} - System32\Tasks\Microsoft\Office\Office Automatic Updates 2.0 => C:\Program Files\Common Files\Microsoft Shared\ClickToRun\OfficeC2RClient.exe [26294704 2023-03-10] (Microsoft Corporation -> Microsoft Corporation)
Task: {0E5C5313-DE18-4B84-AA84-0FE3C9A33395} - System32\Tasks\RtHDVBg_PushButton => C:\Program Files\Realtek\Audio\HDA\RAVBg64.exe [3618096 2021-01-22] (Realtek Semiconductor Corp. -> Realtek Semiconductor)
Task: {18C400D4-8CA7-47AC-B726-391DBAFD17E0} - System32\Tasks\Microsoft\Office\Office ClickToRun Service Monitor => C:\Program Files\Common Files\Microsoft Shared\ClickToRun\OfficeC2RClient.exe [26294704 2023-03-10] (Microsoft Corporation -> Microsoft Corporation)
Task: {1B503796-5F7A-41D9-9C9D-7DBA30B72808} - System32\Tasks\PCDoctorBackgroundMonitorTask => C:\Program Files\Dell\SupportAssist\uaclauncher.exe [1131992 2017-09-14] (Dell Inc. -> PC-Doctor, Inc.)
Task: {231B322D-0D72-4E00-B651-CF0DEF3AE018} - System32\Tasks\Microsoft\Windows\WaaSMedic\MaintenanceWork => {72566E27-1ABB-4EB3-B4F0-EB431CB1CB32}
Task: {3E6720EC-C96D-41E9-8BF6-7A8D26755206} - System32\Tasks\Microsoft\Windows\Windows Defender\Windows Defender Verification => C:\ProgramData\Microsoft\Windows Defender\Platform\4.18.2301.6-0\MpCmdRun.exe [1592184 2023-03-10] (Microsoft Windows Publisher -> Microsoft Corporation)
Task: {41602FA1-CDEF-4E6A-9BB2-982A6FE35839} - System32\Tasks\Opera scheduled Autoupdate 1657048958 => C:\Users\orave\AppData\Local\Programs\Opera\launcher.exe [2518008 2022-07-05] (Opera Norway AS -> Opera Software)
Task: {486C12EA-0CA4-4108-9C4D-B6D5225AEF41} - System32\Tasks\Dell SupportAssistAgent AutoUpdate => C:\Program Files (x86)\Dell\SupportAssistAgent\bin\SupportAssist.exe [41944 2017-04-25] (Dell Inc. -> Dell Inc.)
Task: {5D9DF6CC-EF79-46C2-8D24-F371250A04F4} - System32\Tasks\SmartByte Telemetry => C:\Program Files\Rivet Networks\SmartByte\SmartByteTelemetry.exe [96520 2021-08-13] (Rivet Networks LLC -> DELL)
Task: {63653774-C97D-4FCB-A6AD-3AEAD1E8F540} - System32\Tasks\Microsoft\Windows\Windows Defender\Windows Defender Cache Maintenance => C:\ProgramData\Microsoft\Windows Defender\Platform\4.18.2301.6-0\MpCmdRun.exe [1592184 2023-03-10] (Microsoft Windows Publisher -> Microsoft Corporation)
Task: {67DD6F44-47F4-42B8-AC39-025D26075115} - System32\Tasks\Microsoft\Office\Office Feature Updates Logon => C:\Program Files (x86)\Microsoft Office\root\Office16\sdxhelper.exe [114656 2023-03-10] (Microsoft Corporation -> Microsoft Corporation)
Task: {86383015-9AED-42F2-B7B2-D7041DDF11DC} - System32\Tasks\Microsoft\Office\Office Feature Updates => C:\Program Files (x86)\Microsoft Office\root\Office16\sdxhelper.exe [114656 2023-03-10] (Microsoft Corporation -> Microsoft Corporation)
Task: {872F971A-9457-4450-9E9E-A4B08F8A474E} - System32\Tasks\Intel PTT EK Recertification => C:\WINDOWS\System32\DriverStore\FileRepository\iclsclient.inf_amd64_76523213b78d9046\lib\IntelPTTEKRecertification.exe [818008 2021-09-15] (Intel Corporation -> Intel(R) Corporation)
Task: {8C55523F-8DA0-4352-A8B3-74FC935F8F9D} - System32\Tasks\Microsoft\Windows\Windows Defender\Windows Defender Scheduled Scan => C:\ProgramData\Microsoft\Windows Defender\Platform\4.18.2301.6-0\MpCmdRun.exe [1592184 2023-03-10] (Microsoft Windows Publisher -> Microsoft Corporation)
Task: {9432995C-F0BC-4B57-AB74-EA12A671A547} - System32\Tasks\PCDDataUploadTask => C:\Program Files\Dell\SupportAssist\uaclauncher.exe [1131992 2017-09-14] (Dell Inc. -> PC-Doctor, Inc.)
Task: {A383AF2C-976B-432D-A78F-534C1ADF72C5} - System32\Tasks\Opera scheduled Autoupdate 1657175813 => C:\Users\orave\AppData\Local\Programs\Opera\launcher.exe [2518008 2022-07-05] (Opera Norway AS -> Opera Software)
Task: {BA9843E5-6030-4F55-946F-4B997A1526F3} - System32\Tasks\Wise Care 365.job => C:\Program Files (x86)\Wise\Wise Care 365\WiseTray.exe [8536824 2022-10-17] (Lespeed Technology Co., Ltd -> WiseCleaner.com)
Task: {CC27E0FC-2CEE-49F6-97DC-663B47B86320} - System32\Tasks\StartCN => C:\Program Files\AMD\CNext\CNext\cncmd.exe [61112 2019-08-19] (Advanced Micro Devices, Inc. -> Advanced Micro Devices, Inc.)
Task: {D5A94481-1B41-4278-A80A-E9E98C684004} - System32\Tasks\SystemToolsDailyTest => C:\Program Files\Dell\SupportAssist\uaclauncher.exe [1131992 2017-09-14] (Dell Inc. -> PC-Doctor, Inc.)
Task: {DC3FE325-7605-4A6D-BB00-9ED56593C139} - System32\Tasks\PCDEventLauncherTask => C:\Program Files\Dell\SupportAssist\sessionchecker.exe [435672 2017-09-14] (Dell Inc. -> PC-Doctor, Inc.)
Task: {DD2C1E2D-40A4-483B-BC28-4E5813F71A7D} - System32\Tasks\Microsoft\Windows\Windows Defender\Windows Defender Cleanup => C:\ProgramData\Microsoft\Windows Defender\Platform\4.18.2301.6-0\MpCmdRun.exe [1592184 2023-03-10] (Microsoft Windows Publisher -> Microsoft Corporation)
Task: {E1577B7A-B5D3-44EA-B955-70867A86A0C5} - System32\Tasks\AMDInstallLauncher => C:\Program Files\AMD\CIM\Bin64\InstallManagerApp.exe [1714648 2021-09-02] (Advanced Micro Devices Inc. -> Advanced Micro Devices, Inc.)
Task: {E70CDB3C-7C4C-42A9-AA06-871B283AAEE1} - System32\Tasks\ModifyLinkUpdate => C:\Program Files\AMD\CIM\Bin64\InstallManagerApp.exe [1714648 2021-09-02] (Advanced Micro Devices Inc. -> Advanced Micro Devices, Inc.)
Task: {F8A10523-0B81-4B12-AA6B-1DEE9E85E590} - System32\Tasks\Wise Turbo Checker.job => C:\Program Files (x86)\Wise\Wise Care 365\WiseTurbo.exe [9054968 2022-02-28] (Lespeed Technology Co., Ltd -> wisecleaner.com)
Task: {FB55FC8F-A5EA-40F1-BD34-F1D0876894B8} - System32\Tasks\StartDVR => C:\Program Files\AMD\CNext\CNext\RSServCmd.exe [68280 2019-08-19] (Advanced Micro Devices, Inc. -> Advanced Micro Devices, Inc.)

(If an entry is included in the fixlist, the task (.job) file will be moved. The file which is running by the task will not be moved.)


==================== Internet (Whitelisted) ====================

(If an item is included in the fixlist, if it is a registry item it will be removed or restored to default.)

Tcpip\Parameters: [DhcpNameServer] 192.168.2.1
Tcpip\..\Interfaces\{0fe3dbaf-b9d2-4cfe-a16b-8a395c8e4ae8}: [DhcpNameServer] 172.2.1.171
Tcpip\..\Interfaces\{dbb80c8d-e230-400e-b3d1-ea61eef93a31}: [DhcpNameServer] 192.168.2.1

Edge:
=======
Edge Profile: C:\Users\orave\AppData\Local\Microsoft\Edge\User Data\Default [2023-03-05]
Edge Extension: (Edge relevant text changes) - C:\Users\orave\AppData\Local\Microsoft\Edge\User Data\Default\Extensions\jmjflgjpcpepeafmmgdpfkogkghcpiha [2023-02-09]

FireFox:
========
FF Plugin-x32: @microsoft.com/SharePoint,version=14.0 -> C:\Program Files (x86)\Microsoft Office\root\Office16\NPSPWRAP.DLL [2022-11-12] (Microsoft Corporation -> Microsoft Corporation)
FF Plugin-x32: @videolan.org/vlc,version=3.0.16 -> C:\progamy\VLC\npvlc.dll [2021-06-18] (VideoLAN -> VideoLAN)

Chrome:
=======
CHR Profile: C:\Users\orave\AppData\Local\Google\Chrome\User Data\Default [2023-03-14]
CHR Extension: (Platby Internetového obchodu Chrome) - C:\Users\orave\AppData\Local\Google\Chrome\User Data\Default\Extensions\nmmhkkegccagdldgiimedpiccmgmieda [2021-08-20]

==================== Services (Whitelisted) ===================

(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)

"MpKsld7e0859c" => service could not be unlocked. <==== ATTENTION
HKLM\SYSTEM\ControlSet001\Services\MpKsld7e0859c => \??\C:\ProgramData\Microsoft\Windows Defender\Definition Updates\{D1D244CD-FB73-414D-930A-706EAAB8134C}\MpKslDrv.sys <==== ATTENTION (Rootkit!/Locked Service)

R2 AdAppMgrSvc; C:\Program Files (x86)\Autodesk\Autodesk Desktop App\AdAppMgrSvc.exe [1166352 2022-07-13] (Autodesk, Inc. -> Autodesk Inc.)
R2 AdskLicensingService; C:\Program Files (x86)\Common Files\Autodesk Shared\AdskLicensing\Current\AdskLicensingService\AdskLicensingService.exe [16930616 2019-12-18] (Autodesk, Inc. -> Autodesk)
R2 ClickToRunSvc; C:\Program Files\Common Files\Microsoft Shared\ClickToRun\OfficeClickToRun.exe [12512256 2023-03-10] (Microsoft Corporation -> Microsoft Corporation)
R2 Dell SupportAssist Remediation; C:\Program Files\Dell\SARemediation\agent\DellSupportAssistRemedationService.exe [21400 2022-03-23] (Dell Inc -> Dell INC.)
S2 DellClientManagementService; C:\Program Files (x86)\Dell\UpdateService\ServiceShell.exe [35976 2018-11-12] (Dell Inc -> )
R2 DellDataVault; C:\Program Files\Dell\DellDataVault\DellDataVault.exe [2572024 2017-04-11] (Techporch Incorporated -> Dell Inc.)
R2 DellDataVaultWiz; C:\Program Files\Dell\DellDataVault\DellDataVaultWiz.exe [202488 2017-04-11] (Techporch Incorporated -> Dell Inc.)
R2 McAfee WebAdvisor; C:\Program Files\McAfee\WebAdvisor\ServiceHost.exe [971504 2021-09-21] (McAfee, LLC -> McAfee, LLC)
R2 RAPSService; C:\Program Files\Rivet Networks\SmartByte\RAPSService.exe [66296 2021-08-13] (Rivet Networks LLC -> Rivet Networks, LLC.)
S3 RNDBWM; C:\Program Files\Rivet Networks\SmartByte\RNDBWMService.exe [66296 2021-08-13] (Rivet Networks LLC -> Rivet Networks, LLC.)
R2 SmartByte Analytics Service; C:\Program Files\Rivet Networks\SmartByte\SmartByteAnalyticsService.exe [1633040 2021-08-13] (Rivet Networks LLC -> Rivet Networks)
R2 SmartByte Network Service x64; C:\Program Files\Rivet Networks\SmartByte\SmartByteNetworkService.exe [2390800 2021-08-13] (Rivet Networks LLC -> Rivet Networks)
R2 SupportAssistAgent; C:\Program Files (x86)\Dell\SupportAssistAgent\bin\SupportAssistAgent.exe [32728 2017-04-25] (Dell Inc. -> Dell Inc.)
R3 WdNisSvc; C:\ProgramData\Microsoft\Windows Defender\Platform\4.18.2301.6-0\NisSrv.exe [3191256 2023-03-10] (Microsoft Windows Publisher -> Microsoft Corporation)
R2 WinDefend; C:\ProgramData\Microsoft\Windows Defender\Platform\4.18.2301.6-0\MsMpEng.exe [133576 2023-03-10] (Microsoft Windows Publisher -> Microsoft Corporation)
R2 WiseBootAssistant; C:\Program Files (x86)\Wise\Wise Care 365\BootTime.exe [658224 2021-08-26] (Lespeed Technology Co., Ltd -> WiseCleaner.com)

===================== Drivers (Whitelisted) ===================

(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)

R3 AMDSAFD; C:\WINDOWS\System32\DriverStore\FileRepository\amdsafd.inf_amd64_8e2568524f674315\amdsafd.sys [100768 2021-03-29] (Microsoft Windows Hardware Compatibility Publisher -> Advanced Micro Devices)
R3 AMDXE; C:\WINDOWS\System32\drivers\amdxe.sys [62056 2020-07-27] (Advanced Micro Devices, Inc. -> Advanced Micro Devices, Inc.)
R3 DDDriver; C:\WINDOWS\system32\drivers\DDDriver64Dcsa.sys [32960 2017-04-11] (Techporch Incorporated -> Dell Inc.)
R3 DellProf; C:\WINDOWS\system32\drivers\DellProf.sys [32568 2017-04-11] (Techporch Incorporated -> Dell Computer Corporation)
S3 dg_ssudbus; C:\WINDOWS\System32\drivers\ssudbus2.sys [160376 2021-10-08] (Samsung Electronics Co., Ltd. -> Samsung Electronics Co., Ltd.)
R2 DpmLiteDrv; c:\Program Files\Dell\QuickSet\DpmLiteDrv64.sys [15080 2014-10-15] (Wistron Corporation -> Wistron Corp.)
S3 dtlitescsibus; C:\WINDOWS\System32\drivers\dtlitescsibus.sys [42256 2019-09-06] (AVB Disc Soft, SIA -> Disc Soft Ltd)
S3 dtliteusbbus; C:\WINDOWS\System32\drivers\dtliteusbbus.sys [59360 2019-09-06] (AVB Disc Soft, SIA -> Disc Soft Ltd)
S3 dtsoftbus01; C:\WINDOWS\System32\drivers\dtsoftbus01.sys [271424 2020-01-08] (DT Soft Ltd -> DT Soft Ltd)
S3 dtultrascsibus; C:\WINDOWS\System32\drivers\dtultrascsibus.sys [42256 2021-03-26] (AVB Disc Soft, SIA -> Disc Soft Ltd)
S3 MpKslb004c67d; C:\ProgramData\Microsoft\Windows Defender\Definition Updates\{DB7CBDFF-A89C-4CBC-B053-68AC99ADB099}\MpKslDrv.sys [214280 2023-03-13] (Microsoft Windows -> Microsoft Corporation)
R3 MpKsld83868ba; C:\ProgramData\Microsoft\Windows Defender\Definition Updates\{DB7CBDFF-A89C-4CBC-B053-68AC99ADB099}\MpKslDrv.sys [214280 2023-03-13] (Microsoft Windows -> Microsoft Corporation)
R3 SmbCoSvc; C:\WINDOWS\system32\DRIVERS\SmbCo10X64.sys [166032 2021-08-13] (Intel Corporation -> Rivet Networks, LLC.)
S0 WdBoot; C:\WINDOWS\System32\drivers\wd\WdBoot.sys [49576 2023-03-10] (Microsoft Windows Early Launch Anti-malware Publisher -> Microsoft Corporation)
S3 WDC_SAM; C:\WINDOWS\System32\drivers\wdcsam64.sys [35584 2018-02-26] (WDKTestCert wdclab,130885612892544312 -> Western Digital Technologies, Inc.)
R0 WdFilter; C:\WINDOWS\System32\drivers\wd\WdFilter.sys [473336 2023-03-10] (Microsoft Windows -> Microsoft Corporation)
R3 WdNisDrv; C:\WINDOWS\System32\drivers\wd\WdNisDrv.sys [99576 2023-03-10] (Microsoft Windows -> Microsoft Corporation)
S3 WiseHDInfo; C:\WINDOWS\WiseHDInfo64.dll [33864 2023-02-08] (Beijing Lang Xingda Network Technology Co., Ltd -> wisecleaner.com)

==================== NetSvcs (Whitelisted) ===================

(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)


==================== One month (created) (Whitelisted) =========

(If an entry is included in the fixlist, the file/folder will be moved.)

2023-03-14 00:44 - 2023-03-14 00:47 - 000023249 _____ C:\Users\orave\Downloads\FRST.txt
2023-03-14 00:38 - 2023-03-14 00:39 - 000008708 _____ C:\Users\orave\Downloads\Fixlog.txt
2023-03-13 21:09 - 2023-03-13 21:09 - 000000000 ___HD C:\$WinREAgent
2023-03-13 20:53 - 2023-03-14 00:46 - 000000000 ____D C:\FRST
2023-03-13 20:52 - 2023-03-13 20:53 - 002378752 _____ (Farbar) C:\Users\orave\Downloads\FRST64.exe
2023-03-10 18:58 - 2023-03-10 18:59 - 000353792 _____ C:\WINDOWS\system32\FNTCACHE.DAT
2023-03-10 18:58 - 2023-03-10 18:58 - 848201981 _____ C:\WINDOWS\MEMORY.DMP
2023-03-10 18:58 - 2023-03-10 18:58 - 000000000 _____ C:\WINDOWS\Minidump\031023-96234-01.dmp
2023-03-10 18:38 - 2023-03-14 00:47 - 000000000 ___HD C:\Users\orave\Downloads\.opera
2023-03-05 07:59 - 2023-03-05 07:59 - 000003800 _____ C:\WINDOWS\system32\Tasks\Wise Turbo Checker.job
2023-03-05 07:59 - 2023-03-05 07:59 - 000003636 _____ C:\WINDOWS\system32\Tasks\Wise Care 365.job

==================== One month (modified) ==================

(If an entry is included in the fixlist, the file/folder will be moved.)

2023-03-14 00:47 - 2022-07-06 20:22 - 000000000 ___HD C:\Users\orave\.opera
2023-03-14 00:45 - 2022-07-07 07:38 - 000000000 ____D C:\Users\orave\AppData\Local\CrashDumps
2023-03-14 00:45 - 2021-08-20 10:12 - 000000000 ____D C:\Program Files (x86)\Google
2023-03-14 00:45 - 2021-08-20 10:04 - 000000000 ___RD C:\Users\orave\OneDrive
2023-03-14 00:43 - 2023-02-08 13:14 - 000000000 ____D C:\Users\orave\AppData\Roaming\Wise Care 365
2023-03-14 00:43 - 2022-10-07 19:03 - 000003126 _____ C:\WINDOWS\system32\Tasks\AMDInstallLauncher
2023-03-14 00:43 - 2019-12-07 10:14 - 000000000 ____D C:\ProgramData\regid.1991-06.com.microsoft
2023-03-14 00:42 - 2021-08-20 09:59 - 000000000 __SHD C:\Users\orave\IntelGraphicsProfiles
2023-03-14 00:41 - 2021-08-19 22:53 - 000000000 ____D C:\Intel
2023-03-14 00:41 - 2021-08-19 22:48 - 000000006 ____H C:\WINDOWS\Tasks\SA.DAT
2023-03-14 00:41 - 2021-08-19 22:47 - 000008192 ___SH C:\DumpStack.log.tmp
2023-03-14 00:41 - 2019-12-07 10:14 - 000000000 ____D C:\WINDOWS\ServiceState
2023-03-14 00:40 - 2019-12-07 10:03 - 000786432 _____ C:\WINDOWS\system32\config\BBI
2023-03-14 00:32 - 2021-08-19 22:47 - 000000000 ____D C:\WINDOWS\system32\SleepStudy
2023-03-13 22:16 - 2021-08-20 10:14 - 000002261 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Google Chrome.lnk
2023-03-13 22:16 - 2021-08-20 10:14 - 000002220 _____ C:\Users\Public\Desktop\Google Chrome.lnk
2023-03-13 21:37 - 2019-12-07 10:14 - 000000000 ___HD C:\Program Files\WindowsApps
2023-03-13 21:37 - 2019-12-07 10:14 - 000000000 ____D C:\WINDOWS\AppReadiness
2023-03-13 21:36 - 2021-08-19 22:53 - 000002446 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Microsoft Edge.lnk
2023-03-10 23:33 - 2021-08-20 09:59 - 000000000 ____D C:\Users\orave\AppData\Local\D3DSCache
2023-03-10 23:31 - 2019-12-07 10:13 - 000000000 ____D C:\WINDOWS\INF
2023-03-10 23:08 - 2021-08-20 09:52 - 000000000 ____D C:\Users\orave
2023-03-10 23:05 - 2017-08-09 11:29 - 000000000 ____D C:\Program Files (x86)\Microsoft Office
2023-03-10 18:58 - 2022-01-18 18:38 - 000000000 ____D C:\WINDOWS\Minidump
2023-03-10 18:41 - 2021-08-19 22:48 - 000000000 ____D C:\WINDOWS\system32\Drivers\wd
2023-03-10 18:38 - 2021-08-19 22:51 - 000003632 _____ C:\WINDOWS\system32\Tasks\MicrosoftEdgeUpdateTaskMachineUA
2023-03-10 18:38 - 2021-08-19 22:51 - 000003508 _____ C:\WINDOWS\system32\Tasks\MicrosoftEdgeUpdateTaskMachineCore
2023-03-10 18:36 - 2022-05-04 22:21 - 000002373 _____ C:\Users\orave\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\OneDrive.lnk
2023-03-10 18:36 - 2021-12-31 10:56 - 000003592 _____ C:\WINDOWS\system32\Tasks\OneDrive Reporting Task-S-1-5-21-2839459338-1313788641-3629757714-1001
2023-03-10 18:36 - 2021-08-20 10:04 - 000003380 _____ C:\WINDOWS\system32\Tasks\OneDrive Standalone Update Task-S-1-5-21-2839459338-1313788641-3629757714-1001
2023-03-05 07:36 - 2021-08-20 10:18 - 000000000 ____D C:\Filmy
2023-03-05 07:36 - 2021-08-20 08:43 - 000005986 _____ C:\WINDOWS\system32\PerfStringBackup.INI
2023-03-03 09:39 - 2021-08-26 18:27 - 000000000 ____D C:\Users\orave\AppData\Roaming\vlc

==================== SigCheck ============================

(There is no automatic fix for files that do not pass verification.)

==================== End of FRST.txt ========================
Additional scan result of Farbar Recovery Scan Tool (x64) Version: 12-03-2023
Ran by orave (14-03-2023 00:51:10)
Running from C:\Users\orave\Downloads
Microsoft Windows 10 Home Version 21H2 19044.2486 (X64) (2021-08-20 07:57:50)
Boot Mode: Normal
==========================================================


==================== Accounts: =============================


(If an entry is included in the fixlist, it will be removed.)

Administrator (S-1-5-21-2839459338-1313788641-3629757714-500 - Administrator - Disabled)
DefaultAccount (S-1-5-21-2839459338-1313788641-3629757714-503 - Limited - Disabled)
Guest (S-1-5-21-2839459338-1313788641-3629757714-501 - Limited - Disabled)
orave (S-1-5-21-2839459338-1313788641-3629757714-1001 - Administrator - Enabled) => C:\Users\orave
WDAGUtilityAccount (S-1-5-21-2839459338-1313788641-3629757714-504 - Limited - Disabled)

==================== Security Center ========================

(If an entry is included in the fixlist, it will be removed.)

AV: Windows Defender (Enabled - Up to date) {D68DDC3A-831F-4fae-9E44-DA132C1ACF46}
AS: Windows Defender (Enabled - Up to date) {D68DDC3A-831F-4fae-9E44-DA132C1ACF46}
AS: McAfee VirusScan (Disabled - Up to date) {30AC4D1E-F45E-3AA6-6448-D23DAB3B5501}

==================== Installed Programs ======================

(Only the adware programs with "Hidden" flag could be added to the fixlist to unhide them. The adware programs should be uninstalled manually.)

AMD Settings - Branding (HKLM\...\{332F6F5E-567E-4D7B-8288-2ADA89A8DFB7}) (Version: 1.00.0000 - Advanced Micro Devices, Inc.) Hidden
AMD Software (HKLM\...\AMD Catalyst Install Manager) (Version: 21.09.04.04 - Advanced Micro Devices, Inc.)
Anno 1602 - Creation of a New World (HKLM-x32\...\1438168222_is1) (Version: 2.0.0.6 - GOG.com)
AutoCAD 2021 – Čeština (Czech) (HKLM\...\{28B89EEF-4101-0405-2102-CF3F3A09B77D}) (Version: 24.0.47.0 - Autodesk) Hidden
AutoCAD 2021 - English (HKLM\...\{28B89EEF-4101-0409-2102-CF3F3A09B77D}) (Version: 24.0.47.0 - Autodesk) Hidden
Autodesk App Manager 2020-2021 (HKLM-x32\...\{DB92FEA7-F78C-469E-B138-E2303220F0C4}) (Version: 3.1.0 - Autodesk)
Autodesk AutoCAD 2021 - English (HKLM\...\AutoCAD 2021 - English) (Version: 24.0.47.0 - Autodesk)
Autodesk AutoCAD 2021 Language Pack – Čeština (Czech) (HKLM\...\AutoCAD 2021 – Čeština (Czech)) (Version: 24.0.47.0 - Autodesk)
Autodesk Desktop App (HKLM-x32\...\Autodesk Desktop App) (Version: 8.5.0.17 - Autodesk)
Autodesk Featured Apps 2020-2021 (HKLM-x32\...\{2CBD494D-0A3E-4CB3-AFB3-8CE1734613B0}) (Version: 3.1.0 - Autodesk)
Autodesk Genuine Service (HKLM-x32\...\{54A00624-3EF9-49A2-92A9-7244EADD0212}) (Version: 3.2.18 - Autodesk)
Autodesk Material Library 2021 (HKLM-x32\...\{6774FD60-7D4B-4D57-BE56-2702A07C9701}) (Version: 19.1.22.0 - Autodesk)
Autodesk Material Library Base Resolution Image Library 2021 (HKLM-x32\...\{6EFAD582-86C1-4AB2-97C5-2070D0B90E08}) (Version: 19.1.22.0 - Autodesk)
Autodesk Save to Web and Mobile (HKLM\...\{A9005AC0-4AD8-4E84-B1F7-EE38BB6BCC2D}) (Version: 3.0.26 - Autodesk)
Autodesk Single Sign On Component (HKLM\...\{951BB060-1350-4C93-BD83-D966C51D4005}) (Version: 11.2.0.1802 - Autodesk)
Call of Duty - World at War verze 1.7 (HKLM-x32\...\{2126C3DC-16F3-4BFE-96D0-44441D85EB7E}_is1) (Version: 1.7 - tomi2k9)
Crash Bandicoot Collection 2016 (HKLM-x32\...\Crash Bandicoot Collection 2016) (Version: - )
Dell Digital Delivery (HKLM-x32\...\{7294961D-6EC1-4418-9017-0180A0C78A91}) (Version: 3.2.1006.0 - Dell Products, LP)
Dell SupportAssist (HKLM\...\PC-Doctor for Windows) (Version: 2.0.6875.668 - Dell)
Dell SupportAssist OS Recovery Plugin for Dell Update (HKLM\...\{08E7C8D5-F2B5-4F09-B0EA-F28913BEFDB0}) (Version: 5.5.1.16143 - Dell Inc.) Hidden
Dell SupportAssist OS Recovery Plugin for Dell Update (HKLM-x32\...\{2a8bafd6-22ae-4d0e-87a4-686b2a4a2ab0}) (Version: 5.5.1.16143 - Dell Inc.)
Dell SupportAssist Remediation (HKLM\...\{7CA33C94-C7F2-4E31-8F9D-09D03FE0319C}) (Version: 5.5.2.16157 - Dell Inc.) Hidden
Dell SupportAssist Remediation (HKLM-x32\...\{85c0b416-3065-407c-9fd8-a1e41780153a}) (Version: 5.5.2.16157 - Dell Inc.)
Dell SupportAssistAgent (HKLM-x32\...\{A10101BE-714B-42EE-B88B-5D3725B61425}) (Version: 1.4.2.2 - Dell)
Dell Touchpad (HKLM\...\SynTPDeinstKey) (Version: 19.2.17.70 - Synaptics Incorporated)
Dell Update (HKLM-x32\...\{5EBBC1DA-975F-44A0-B438-F325BCD45577}) (Version: 3.0.1 - Dell Inc.)
Dell WLAN and Bluetooth Client Installation (HKLM-x32\...\{28006915-2739-4EBE-B5E8-49B25D32EB33}) (Version: 10.0 - Dell Inc.)
Disney's Hercules Action Game (HKLM-x32\...\1117508714_is1) (Version: 1.0 - GOG.com)
Drakensang Online (HKLM-x32\...\Drakensang Online) (Version: - )
GOG.com Seven Kingdoms (HKLM\...\{50ccf586-6cea-4070-8a01-2dd031f6098e}.sdb) (Version: - )
Google Chrome (HKLM-x32\...\Google Chrome) (Version: 111.0.5563.65 - Google LLC)
GTA San Andreas (HKLM-x32\...\{D417C96A-FCC7-4590-A1BB-FAF73F5BC98E}) (Version: 1.00.00001 - Rockstar Games)
Heroes of Might and Magic 2 Gold (HKLM-x32\...\1207658785_is1) (Version: 1.01 (2.1) - GOG.com)
Intel(R) Dynamic Platform and Thermal Framework (HKLM-x32\...\{654EE65D-FAA4-4EA6-8C07-DC94E6A304D4}) (Version: 8.3.10209.6897 - Intel Corporation)
Intel(R) HID Event Filter (HKLM-x32\...\3FB06EEC-013D-4366-9918-71B97DFB84EB) (Version: 1.1.0.317 - Intel Corporation)
Intel(R) Chipset Device Software (HKLM\...\{81520FC5-3518-40E9-9803-70CE8A801D07}) (Version: 10.1.1.38 - Intel Corporation) Hidden
Intel(R) Management Engine Components (HKLM\...\{09DAB6B6-FBEF-4AC5-AE93-BFF01A0B796D}) (Version: 1.0.0.0 - Intel Corporation) Hidden
Intel(R) Management Engine Components (HKLM\...\{1CEAC85D-2590-4760-800F-8DE5E91F3700}) (Version: 1846.12.0.1177 - Intel Corporation)
Intel(R) Management Engine Components (HKLM\...\{B557A9A1-D64B-43D7-B598-F7BAAE897CF3}) (Version: 1.0.0.0 - Intel Corporation) Hidden
Intel(R) Management Engine Driver (HKLM\...\{3479FCE3-F7D2-4980-819A-767941440932}) (Version: 1.0.0.0 - Intel Corporation) Hidden
Intel(R) Rapid Storage Technology (HKLM\...\{409CB30E-E457-4008-9B1A-ED1B9EA21140}) (Version: 16.8.3.1004 - Intel Corporation)
Intel(R) Rapid Storage Technology (HKLM\...\{41FDC0C7-CCD6-4E38-AECE-2AA14A197702}) (Version: 16.8.3.1004 - Intel Corporation) Hidden
Intel(R) Trusted Connect Service Client x64 (HKLM\...\{C9552825-7BF2-4344-BA91-D3CD46F4C442}) (Version: 1.50.638.1 - Intel Corporation) Hidden
Intel(R) Trusted Connect Service Client x86 (HKLM-x32\...\{C9552825-7BF2-4344-BA91-D3CD46F4C441}) (Version: 1.50.638.1 - Intel Corporation) Hidden
Intel(R) Trusted Connect Services Client (HKLM-x32\...\{99ee3c29-c7cd-450f-8db9-d43cc49de1c7}) (Version: 1.50.638.1 - Intel Corporation) Hidden
Intel® Chipset Device Software (HKLM-x32\...\{bb0592a7-5772-4736-9d55-2402740085db}) (Version: 10.1.1.38 - Intel(R) Corporation) Hidden
Intel® Software Guard Extensions Platform Software (HKLM\...\{06F94C28-DE1D-485F-AD91-333ACEB3F52D}) (Version: 1.6.100.32677 - Intel Corporation)
Jurassic War version 1.05E (HKLM-x32\...\{A0BCAA75-2898-4AD3-B3A4-27C86CA875D5}_is1) (Version: 1.05E - )
Magic ISO Maker v5.5 (build 0281) (HKLM-x32\...\Magic ISO Maker v5.5 (build 0281)) (Version: - )
Maxx Audio Installer (x64) (HKLM\...\{307032B2-6AF2-46D7-B933-62438DEB2B9A}) (Version: 2.7.8942.2 - Waves Audio Ltd.) Hidden
Microsoft 365 - cs-cz (HKLM\...\O365HomePremRetail - cs-cz) (Version: 16.0.16130.20218 - Microsoft Corporation)
Microsoft Edge (HKLM-x32\...\Microsoft Edge) (Version: 110.0.1587.69 - Microsoft Corporation)
Microsoft Edge WebView2 Runtime (HKLM-x32\...\Microsoft EdgeWebView) (Version: 109.0.1518.78 - Microsoft Corporation)
Microsoft OneDrive (HKU\.DEFAULT\...\OneDriveSetup.exe) (Version: 18.151.0729.0013 - Microsoft Corporation)
Microsoft OneDrive (HKU\S-1-5-21-2839459338-1313788641-3629757714-1001\...\OneDriveSetup.exe) (Version: 23.043.0226.0001 - Microsoft Corporation)
Microsoft Update Health Tools (HKLM\...\{89581302-705F-42C5-99B0-E368A845DAD5}) (Version: 3.70.0.0 - Microsoft Corporation)
Microsoft VC++ redistributables repacked. (HKLM\...\{B81577B2-3AD0-4AFD-A19C-87F673C09D0C}) (Version: 12.0.0.0 - Intel Corporation) Hidden
Microsoft VC++ redistributables repacked. (HKLM-x32\...\{62678770-F459-4903-83E3-A2968F6CC242}) (Version: 12.0.0.0 - Intel Corporation) Hidden
Microsoft Visual C++ 2005 Redistributable (x64) (HKLM\...\{ad8a2fa1-06e7-4b0d-927d-6e54b3d31028}) (Version: 8.0.61000 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.17 (HKLM-x32\...\{9A25302D-30C0-39D9-BD6F-21E6EC160475}) (Version: 9.0.30729 - Microsoft Corporation)
Microsoft Visual C++ 2012 Redistributable (x64) - 11.0.61030 (HKLM-x32\...\{ca67548a-5ebe-413a-b50c-4b9ceb6d66c6}) (Version: 11.0.61030.0 - Microsoft Corporation)
Microsoft Visual C++ 2012 Redistributable (x86) - 11.0.60610 (HKLM-x32\...\{95716cce-fc71-413f-8ad5-56c2892d4b3a}) (Version: 11.0.60610.1 - Microsoft Corporation)
Microsoft Visual C++ 2012 Redistributable (x86) - 11.0.61030 (HKLM-x32\...\{33d1fd90-4274-48a1-9bc1-97e33d9c2d6f}) (Version: 11.0.61030.0 - Microsoft Corporation)
Microsoft Visual C++ 2012 x64 Additional Runtime - 11.0.61030 (HKLM\...\{37B8F9C7-03FB-3253-8781-2517C99D7C00}) (Version: 11.0.61030 - Microsoft Corporation) Hidden
Microsoft Visual C++ 2012 x64 Minimum Runtime - 11.0.61030 (HKLM\...\{CF2BEA3C-26EA-32F8-AA9B-331F7E34BA97}) (Version: 11.0.61030 - Microsoft Corporation) Hidden
Microsoft Visual C++ 2012 x86 Additional Runtime - 11.0.61030 (HKLM-x32\...\{B175520C-86A2-35A7-8619-86DC379688B9}) (Version: 11.0.61030 - Microsoft Corporation) Hidden
Microsoft Visual C++ 2012 x86 Minimum Runtime - 11.0.61030 (HKLM-x32\...\{BD95A8CD-1D9F-35AD-981A-3E7925026EBB}) (Version: 11.0.61030 - Microsoft Corporation) Hidden
Microsoft Visual C++ 2013 Redistributable (x64) - 12.0.30501 (HKLM-x32\...\{050d4fc8-5d48-4b8f-8972-47c82c46020f}) (Version: 12.0.30501.0 - Microsoft Corporation)
Microsoft Visual C++ 2013 x64 Additional Runtime - 12.0.21005 (HKLM\...\{929FBD26-9020-399B-9A7A-751D61F0B942}) (Version: 12.0.21005 - Microsoft Corporation) Hidden
Microsoft Visual C++ 2013 x64 Minimum Runtime - 12.0.21005 (HKLM\...\{A749D8E6-B613-3BE3-8F5F-045C84EBA29B}) (Version: 12.0.21005 - Microsoft Corporation) Hidden
Microsoft Visual C++ 2015-2019 Redistributable (x64) - 14.25.28508 (HKLM-x32\...\{6913e92a-b64e-41c9-a5e6-cef39207fe89}) (Version: 14.25.28508.3 - Microsoft Corporation)
Microsoft Visual C++ 2015-2019 Redistributable (x86) - 14.24.28127 (HKLM-x32\...\{e31cb1a4-76b5-46a5-a084-3fa419e82201}) (Version: 14.24.28127.4 - Microsoft Corporation)
Microsoft Visual C++ 2019 X64 Additional Runtime - 14.25.28508 (HKLM\...\{7D0B74C2-C3F8-4AF1-940F-CD79AB4B2DCE}) (Version: 14.25.28508 - Microsoft Corporation) Hidden
Microsoft Visual C++ 2019 X64 Minimum Runtime - 14.25.28508 (HKLM\...\{EEA66967-97E2-4561-A999-5C22E3CDE428}) (Version: 14.25.28508 - Microsoft Corporation) Hidden
Microsoft Visual C++ 2019 X86 Additional Runtime - 14.24.28127 (HKLM-x32\...\{EAC73207-74BD-4B13-AACF-8C0E751FA4E8}) (Version: 14.24.28127 - Microsoft Corporation) Hidden
Microsoft Visual C++ 2019 X86 Minimum Runtime - 14.24.28127 (HKLM-x32\...\{2E72FA1F-BADB-4337-B8AE-F7C17EC57D1D}) (Version: 14.24.28127 - Microsoft Corporation) Hidden
nanoCAD 5.0 (HKLM-x32\...\{6D4250F7-DB33-4530-A9BD-A9D66BA34586}) (Version: 5.0.2520.2000 - Nanosoft)
OEM Application Profile (HKLM-x32\...\{12C2AEB0-ED60-4CCF-DD83-C65BC7CCFB50}) (Version: 1.00.0000 - Advanced Micro Devices, Inc.)
OEM Application Profile (HKLM-x32\...\{B4B7FD8F-06FC-E277-4F29-8F75F8281D8F}) (Version: 1.00.0000 - Advanced Micro Devices, Inc.)
Office 16 Click-to-Run Extensibility Component (HKLM-x32\...\{90160000-008C-0000-0000-0000000FF1CE}) (Version: 16.0.16130.20218 - Microsoft Corporation) Hidden
Office 16 Click-to-Run Extensibility Component 64-bit Registration (HKLM\...\{90160000-00DD-0000-1000-0000000FF1CE}) (Version: 16.0.16130.20218 - Microsoft Corporation) Hidden
Office 16 Click-to-Run Licensing Component (HKLM\...\{90160000-008F-0000-1000-0000000FF1CE}) (Version: 16.0.16130.20218 - Microsoft Corporation) Hidden
Office 16 Click-to-Run Localization Component (HKLM-x32\...\{90160000-008C-0405-0000-0000000FF1CE}) (Version: 16.0.12527.22021 - Microsoft Corporation) Hidden
Prince of Persia The Forgotten Sands™ (HKLM-x32\...\{EAEAAF8C-8E86-4CAC-AC08-1A33EDCA34AC}) (Version: 1.0 - Ubisoft)
Qualcomm 11ac Wireless LAN&Bluetooth Installer (HKLM-x32\...\{E7086B15-806E-4519-A876-DBA9FDDE9A13}) (Version: 11.0.0.10454 - Qualcomm)
QuickSet64 (HKLM\...\{87CF757E-C1F1-4D22-865C-00C6950B5258}) (Version: 11.1.40 - Dell Inc.)
Realtek Audio Driver (HKLM-x32\...\{F132AF7F-7BCA-4EDE-8A7C-958108FE7DBC}) (Version: 6.0.9107.1 - Realtek Semiconductor Corp.)
Realtek Card Reader (HKLM-x32\...\{5BC2B5AB-80DE-4E83-B8CF-426902051D0A}) (Version: 10.0.18362.31252 - Realtek Semiconductor Corp.)
Rome - Total War Anthology (HKLM-x32\...\InstallShield_{29BA43D8-07F9-4D78-A682-91BAAA98A302}) (Version: 1.00.0000 - CD Projekt)
Seven Kingdoms - Ancient Adversaries (HKLM-x32\...\GOGPACKSEVENKINGDOMSAA_is1) (Version: 2.0.0.5 - GOG.com)
Seven Kingdoms II HD (HKLM-x32\...\1207658723_is1) (Version: 2.10E - GOG.com)
SmartByte Drivers and Services (HKLM\...\{A0CDAD3D-0329-4E3E-8DC1-30E333D6564D}) (Version: 3.1.995 - Meno vašej spoločnosti)
Spellcross CZ verze 1.07 (HKLM-x32\...\{7492527E-BE25-4F34-B560-5EB2EB457C96}_is1) (Version: 1.07 - )
Ubisoft Game Launcher (HKLM-x32\...\{888F1505-C2B3-4FDE-835D-36353EBD4754}) (Version: 1.0.0.0 - UBISOFT)
Update for Windows 10 for x64-based Systems (KB5001716) (HKLM\...\{82BD0A1C-815F-487F-9AE7-CE73DA413CFF}) (Version: 4.91.0.0 - Microsoft Corporation)
VLC media player (HKLM-x32\...\VLC media player) (Version: 3.0.16 - VideoLAN)
Vulkan Run Time Libraries 1.0.33.0 (HKLM\...\VulkanRT1.0.33.0) (Version: 1.0.33.0 - LunarG, Inc.)
Vulkan Run Time Libraries 1.0.39.1 (HKLM\...\VulkanRT1.0.39.1) (Version: 1.0.39.1 - LunarG, Inc.)
Vulkan Run Time Libraries 1.0.65.1 (HKLM\...\VulkanRT1.0.65.1) (Version: 1.0.65.1 - LunarG, Inc.) Hidden
Warcraft III (HKLM-x32\...\Warcraft III) (Version: - )
Warcraft III: All Products (HKU\S-1-5-21-2839459338-1313788641-3629757714-1001\...\Warcraft III) (Version: - )
Windows Kontrola stavu počítača (HKLM\...\{8D6B9DC1-A437-41E0-8DF1-9F37748394AE}) (Version: 3.6.2204.08001 - Microsoft Corporation)
WinRAR 6.02 (64-bit) (HKLM\...\WinRAR archiver) (Version: 6.02.0 - win.rar GmbH)
Wise Care 365 6.4.4 (HKLM-x32\...\Wise Care 365_is1) (Version: 6.4.4 - WiseCleaner.com, Inc.)

Packages:
=========
AMD Radeon Software -> C:\Program Files\WindowsApps\AdvancedMicroDevicesInc-2.AMDRadeonSoftware_10.21.10044.0_x64__0a9344xs7nr4m [2022-07-27] (Advanced Micro Devices Inc.) [Startup Task]
Cool File Viewer -> C:\Program Files\WindowsApps\20815shootingapp.AirFileViewer_1.5.2.0_x86__xcg28tkrsnqww [2023-02-08] (Cool File Viewer)
Dell Customer Connect -> C:\Program Files\WindowsApps\DellInc.DellCustomerConnect_5.4.1.0_x64__htrsf667h5kn2 [2022-11-22] (Dell Inc)
Dell Product Registration -> C:\Program Files\WindowsApps\dellinc.dellproductregistration_3.4.6.0_x64__htrsf667h5kn2 [2021-08-20] (Dell Inc)
Dropbox promotion -> C:\Program Files\WindowsApps\C27EB4BA.DropboxOEM_23.4.5.0_x64__xbfy0k16fey96 [2022-12-29] (Dropbox Inc.)
Media Suite Essentials for Dell -> C:\Program Files\WindowsApps\db6ea5db.mediasuiteessentialsfordell_2.6.4028.0_x86__mcezb6ze687jp [2021-08-20] (CYBERLINK CORPORATION.)
Netflix -> C:\Program Files\WindowsApps\4DF9E0F8.Netflix_6.98.1805.0_x64__mcm4njqhnhss8 [2022-02-15] (Netflix, Inc.)
Ovládacie centrum pre grafiku Intel® -> C:\Program Files\WindowsApps\AppUp.IntelGraphicsExperience_1.100.4478.0_x64__8j3eq9eme6ctt [2023-02-08] (INTEL CORP) [Startup Task]
Power Media Player for Dell -> C:\Program Files\WindowsApps\DB6EA5DB.PowerMediaPlayerforDell_14.2.4925.0_x86__mcezb6ze687jp [2022-08-13] (CYBERLINK CORPORATION.)
Power2Go for Dell -> C:\Program Files\WindowsApps\db6ea5db.power2gofordell_11.0.3920.0_x86__mcezb6ze687jp [2021-08-20] (CYBERLINK CORPORATION.) [Startup Task]
PowerDirector for Dell -> C:\Program Files\WindowsApps\db6ea5db.powerdirectorfordell_15.0.4409.0_x64__mcezb6ze687jp [2021-08-20] (CYBERLINK CORPORATION.)
SmartByte -> C:\Program Files\WindowsApps\RivetNetworks.SmartByte_3.1.1001.0_x64__rh07ty8m5nkag [2021-10-30] (Rivet Networks LLC)
Solitaire & Casual Games -> C:\Program Files\WindowsApps\Microsoft.MicrosoftSolitaireCollection_4.15.12020.0_x64__8wekyb3d8bbwe [2022-12-23] (Microsoft Studios) [MS Ad]
SupportAssist Driver Update -> C:\Program Files\WindowsApps\DriverToaster_1.5.0.0_x86__rqs2nt378nwsp [2022-02-08] (Dell Inc.)
Translator -> C:\Program Files\WindowsApps\Microsoft.BingTranslator_5.6.0.0_x64__8wekyb3d8bbwe [2021-08-20] (Microsoft Corporation)

==================== Custom CLSID (Whitelisted): ==============

(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)

CustomCLSID: HKU\S-1-5-21-2839459338-1313788641-3629757714-1001_Classes\CLSID\{345D3165-3889-4694-AB75-A91A27B217E8}\localserver32 -> C:\progamy\autocad\AutoCAD 2021\acad.exe (Autodesk, Inc. -> Autodesk, Inc.) [File not signed]
CustomCLSID: HKU\S-1-5-21-2839459338-1313788641-3629757714-1001_Classes\CLSID\{8B4929F8-076F-4AEC-AFEE-8928747B7AE3}\localserver32 -> C:\progamy\autocad\AutoCAD 2021\acad.exe (Autodesk, Inc. -> Autodesk, Inc.) [File not signed]
CustomCLSID: HKU\S-1-5-21-2839459338-1313788641-3629757714-1001_Classes\CLSID\{a9872fee-5a55-4ecb-9b0f-b06fedcf14d1}\localserver32 -> C:\Program Files\Waves\MaxxAudio\MaxxAudioPro.exe (Waves Inc -> Waves Audio Ltd)
CustomCLSID: HKU\S-1-5-21-2839459338-1313788641-3629757714-1001_Classes\CLSID\{E2C40589-DE61-11ce-BAE0-0020AF6D7005}\InprocServer32 -> C:\progamy\autocad\AutoCAD 2021\en-US\acadficn.dll (Autodesk, Inc. -> Autodesk, Inc.)
ShellIconOverlayIdentifiers: [AutoCAD Digital Signatures Icon Overlay Handler] -> {36A21736-36C2-4C11-8ACB-D4136F2B57BD} => C:\WINDOWS\system32\AcSignIcon.dll [2020-01-22] (Autodesk, Inc. -> Autodesk, Inc.)
ContextMenuHandlers1: [AcShellExtension.AcContextMenuHandler] -> {2E7A2C6C-B938-40a4-BA1C-C7EC982DC202} => C:\Program Files\Common Files\Autodesk Shared\AcShellEx\AcShellExtension.dll [2020-01-22] (Autodesk, Inc. -> Autodesk)
ContextMenuHandlers1: [MagicISO] -> {DB85C504-C730-49DD-BEC1-7B39C6103B7A} => C:\Program Files (x86)\MagicISO\misosh64.dll [2008-05-22] (MagicISO, Inc.) [File not signed]
ContextMenuHandlers1: [WinRAR] -> {B41DB860-64E4-11D2-9906-E49FADC173CA} => C:\progamy\win rar\rarext.dll [2021-06-11] (win.rar GmbH -> Alexander Roshal)
ContextMenuHandlers1-x32: [WinRAR32] -> {B41DB860-8EE4-11D2-9906-E49FADC173CA} => C:\progamy\win rar\rarext32.dll [2021-06-11] (win.rar GmbH -> Alexander Roshal)
ContextMenuHandlers4: [MagicISO] -> {DB85C504-C730-49DD-BEC1-7B39C6103B7A} => C:\Program Files (x86)\MagicISO\misosh64.dll [2008-05-22] (MagicISO, Inc.) [File not signed]
ContextMenuHandlers5: [ACE] -> {5E2121EE-0300-11D4-8D3B-444553540000} => C:\WINDOWS\System32\atiacm64.dll [2021-11-03] (Advanced Micro Devices Inc. -> Advanced Micro Devices, Inc.)
ContextMenuHandlers6: [MagicISO] -> {DB85C504-C730-49DD-BEC1-7B39C6103B7A} => C:\Program Files (x86)\MagicISO\misosh64.dll [2008-05-22] (MagicISO, Inc.) [File not signed]
ContextMenuHandlers6: [WinRAR] -> {B41DB860-64E4-11D2-9906-E49FADC173CA} => C:\progamy\win rar\rarext.dll [2021-06-11] (win.rar GmbH -> Alexander Roshal)
ContextMenuHandlers6-x32: [WinRAR32] -> {B41DB860-8EE4-11D2-9906-E49FADC173CA} => C:\progamy\win rar\rarext32.dll [2021-06-11] (win.rar GmbH -> Alexander Roshal)

==================== Codecs (Whitelisted) ====================

==================== Shortcuts & WMI ========================

==================== Loaded Modules (Whitelisted) =============

2022-12-29 18:42 - 2022-12-29 18:42 - 035946496 _____ () [File not signed] C:\Program Files\WindowsApps\C27EB4BA.DropboxOEM_23.4.5.0_x64__xbfy0k16fey96\DropboxUniversal.dll
2018-12-16 14:00 - 2018-12-16 14:08 - 001123840 _____ () [File not signed] C:\Program Files\WindowsApps\C27EB4BA.DropboxOEM_23.4.5.0_x64__xbfy0k16fey96\e_sqlite3.dll
2017-04-25 12:10 - 2017-04-25 12:10 - 000010240 _____ (Dell Inc.) [File not signed] [File is in use] C:\Program Files (x86)\Dell\SupportAssistAgent\bin\ChatServer.dll
2017-05-03 16:20 - 2017-05-03 16:20 - 000086016 _____ (Dell Inc.) [File not signed] C:\Program Files\Dell\QuickSet\dadkeyb.dll
2017-04-25 12:10 - 2017-04-25 12:10 - 000315392 _____ (The Apache Software Foundation) [File not signed] [File is in use] C:\Program Files (x86)\Dell\SupportAssistAgent\bin\log4net.dll

==================== Alternate Data Streams (Whitelisted) ========

==================== Safe Mode (Whitelisted) ==================

==================== Association (Whitelisted) =================

(If an entry is included in the fixlist, the registry item will be restored to default or removed.)

HKU\S-1-5-21-2839459338-1313788641-3629757714-1001\Software\Classes\.scr: AutoCADScriptFile => C:\WINDOWS\system32\notepad.exe "%1"

==================== Internet Explorer (Whitelisted) ==========

HKLM\Software\Microsoft\Internet Explorer\Main,Start Page = about:blank
HKLM\Software\Wow6432Node\Microsoft\Internet Explorer\Main,Start Page = about:blank
HKU\S-1-5-21-2839459338-1313788641-3629757714-1001\Software\Microsoft\Internet Explorer\Main,Start Page = about:blank
HKU\S-1-5-21-2839459338-1313788641-3629757714-1001\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = hxxp://dell17win10.msn.com/?pc=DCTE
BHO: Skype for Business Browser Helper -> {31D09BA0-12F5-4CCE-BE8A-2923E76605DA} -> C:\Program Files (x86)\Microsoft Office\root\VFS\ProgramFilesX64\Microsoft Office\Office16\OCHelper.dll [2023-02-08] (Microsoft Corporation -> Microsoft Corporation)
Handler-x32: mso-minsb-roaming.16 - {83C25742-A9F7-49FB-9138-434302C88D07} - C:\Program Files (x86)\Microsoft Office\root\Office16\MSOSB.DLL [2023-03-10] (Microsoft Corporation -> Microsoft Corporation)
Handler-x32: mso-minsb.16 - {42089D2D-912D-4018-9087-2B87803E93FB} - C:\Program Files (x86)\Microsoft Office\root\Office16\MSOSB.DLL [2023-03-10] (Microsoft Corporation -> Microsoft Corporation)
Handler-x32: osf-roaming.16 - {42089D2D-912D-4018-9087-2B87803E93FB} - C:\Program Files (x86)\Microsoft Office\root\Office16\MSOSB.DLL [2023-03-10] (Microsoft Corporation -> Microsoft Corporation)
Handler-x32: osf.16 - {5504BE45-A83B-4808-900A-3A5C36E7F77A} - C:\Program Files (x86)\Microsoft Office\root\Office16\MSOSB.DLL [2023-03-10] (Microsoft Corporation -> Microsoft Corporation)

==================== Hosts content: =========================

(If needed Hosts: directive could be included in the fixlist to reset Hosts.)

2017-03-18 22:03 - 2017-03-18 22:01 - 000000824 _____ C:\WINDOWS\system32\drivers\etc\hosts

2023-02-11 13:03 - 2023-02-11 13:05 - 000000444 _____ C:\WINDOWS\system32\drivers\etc\hosts.ics

==================== Other Areas ===========================

(Currently there is no automatic fix for this section.)

HKLM\System\CurrentControlSet\Control\Session Manager\Environment\\Path -> C:\Program Files\Intel\iCLS Client\;%SystemRoot%\system32;%SystemRoot%;%SystemRoot%\System32\Wbem;%SYSTEMROOT%\System32\WindowsPowerShell\v1.0\;%SYSTEMROOT%\System32\OpenSSH\;C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\DAL;C:\Program Files\Intel\Intel(R) Management Engine Components\DAL
HKU\S-1-5-21-2839459338-1313788641-3629757714-1001\Control Panel\Desktop\\Wallpaper -> C:\WINDOWS\web\wallpaper\Windows\img0.jpg
DNS Servers: 192.168.2.1
HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Policies\System => (ConsentPromptBehaviorAdmin: 5) (ConsentPromptBehaviorUser: 3) (EnableLUA: 1)
Windows Firewall is enabled.

==================== MSCONFIG/TASK MANAGER disabled items ==

(If an entry is included in the fixlist, it will be removed.)

HKLM\...\StartupApproved\Run: => "WindowsDefender"
HKLM\...\StartupApproved\Run32: => "e79d569ba77562f0d4316e586835f0a2"
HKU\S-1-5-21-2839459338-1313788641-3629757714-1001\...\StartupApproved\Run: => "e79d569ba77562f0d4316e586835f0a2"

==================== FirewallRules (Whitelisted) ================

(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)

FirewallRules: [{471B1C8E-F2FD-46F9-B7BA-1FC0A5622BB5}] => (Allow) C:\Program Files (x86)\Microsoft Office\root\Office16\outlook.exe (Microsoft Corporation -> Microsoft Corporation)
FirewallRules: [{A7557C87-7A2F-410D-8606-DD7E404A2E26}] => (Allow) C:\Hry\princ z perzie\Prince of Persia The Forgotten Sands\Prince of Persia.exe (UBISOFT ENTERTAINMENT INC. -> ) [File not signed]
FirewallRules: [{C43FF57B-779C-4D46-A6EC-CA6382ED1522}] => (Allow) C:\Hry\princ z perzie\Prince of Persia The Forgotten Sands\Prince of Persia.exe (UBISOFT ENTERTAINMENT INC. -> ) [File not signed]
FirewallRules: [{D4A704B1-F805-4E60-91E3-7295BAC66F95}] => (Allow) C:\Hry\princ z perzie\Prince of Persia The Forgotten Sands\GameSettings.exe (UBISOFT ENTERTAINMENT INC. -> Ubisoft)
FirewallRules: [{D7F2DD60-E8E2-4901-972F-7AA5B7F05376}] => (Allow) C:\Hry\princ z perzie\Prince of Persia The Forgotten Sands\GameSettings.exe (UBISOFT ENTERTAINMENT INC. -> Ubisoft)
FirewallRules: [{DF2947D2-D8D9-4FBA-84CE-21D70998487C}] => (Allow) C:\Hry\princ z perzie\Prince of Persia The Forgotten Sands\gu.exe (UBISOFT ENTERTAINMENT INC. -> Ubisoft) [File not signed]
FirewallRules: [{47FC0FCB-51F0-4718-A473-4B7E47277BA1}] => (Allow) C:\Hry\princ z perzie\Prince of Persia The Forgotten Sands\gu.exe (UBISOFT ENTERTAINMENT INC. -> Ubisoft) [File not signed]
FirewallRules: [{6E784B39-7546-4905-93DD-C56089B26760}] => (Allow) C:\Hry\princ z perzie\Prince of Persia The Forgotten Sands\UPlayBrowser.exe (UBISOFT ENTERTAINMENT INC. -> Ubisoft Entertainment)
FirewallRules: [{69A89285-EEC1-4478-AF8A-9FA8E3C7B488}] => (Allow) C:\Hry\princ z perzie\Prince of Persia The Forgotten Sands\UPlayBrowser.exe (UBISOFT ENTERTAINMENT INC. -> Ubisoft Entertainment)
FirewallRules: [{5F297BE9-13CC-43A0-9A8C-F897904EF6A8}] => (Allow) C:\Program Files (x86)\Ubisoft\Ubisoft Game Launcher\UbisoftGameLauncher.exe (Ubisoft Massive -> Ubisoft)
FirewallRules: [{79581602-3BA2-47BA-BB81-CE8A0B9A0D90}] => (Allow) C:\Program Files (x86)\Ubisoft\Ubisoft Game Launcher\UbisoftGameLauncher.exe (Ubisoft Massive -> Ubisoft)
FirewallRules: [TCP Query User{78A257E3-1F92-43D4-91F8-1F704045CE8E}C:\hry\call of duty 5\call of duty - world at war\codwaw.exe] => (Block) C:\hry\call of duty 5\call of duty - world at war\codwaw.exe (Activision Blizzard, Inc.) [File not signed]
FirewallRules: [UDP Query User{64C9BF8B-F1F7-4D32-A7E2-CEB2F98A9900}C:\hry\call of duty 5\call of duty - world at war\codwaw.exe] => (Block) C:\hry\call of duty 5\call of duty - world at war\codwaw.exe (Activision Blizzard, Inc.) [File not signed]
FirewallRules: [{9C42A23A-C4FF-4200-8205-4AB57AE787EB}] => (Allow) C:\Program Files (x86)\Microsoft\EdgeWebView\Application\109.0.1518.78\msedgewebview2.exe (Microsoft Corporation -> Microsoft Corporation)
FirewallRules: [{B64F549B-23DE-4789-A593-9FA4CE67414B}] => (Allow) C:\Program Files\WindowsApps\Microsoft.SkypeApp_15.93.3404.0_x86__kzf8qxf38zg5c\Skype\Skype.exe (Skype Software Sarl -> Skype Technologies S.A.)
FirewallRules: [{379A54BB-FD28-4DB4-B566-502388668B43}] => (Allow) C:\Program Files\WindowsApps\Microsoft.SkypeApp_15.93.3404.0_x86__kzf8qxf38zg5c\Skype\Skype.exe (Skype Software Sarl -> Skype Technologies S.A.)
FirewallRules: [{49FDCCD8-2F31-42BE-A33B-70CE5C919497}] => (Allow) C:\Program Files\WindowsApps\Microsoft.SkypeApp_15.93.3404.0_x86__kzf8qxf38zg5c\Skype\Skype.exe (Skype Software Sarl -> Skype Technologies S.A.)
FirewallRules: [{7A47047D-5B73-4D07-932D-D8A27B4C1DD3}] => (Allow) C:\Program Files\WindowsApps\Microsoft.SkypeApp_15.93.3404.0_x86__kzf8qxf38zg5c\Skype\Skype.exe (Skype Software Sarl -> Skype Technologies S.A.)
FirewallRules: [{30C1ABBA-001C-4153-BB61-92EEE8B276C0}] => (Allow) C:\Program Files\Google\Chrome\Application\chrome.exe (Google LLC -> Google LLC)

==================== Restore Points =========================


==================== Faulty Device Manager Devices ============


==================== Event log errors: ========================

Application errors:
==================
Error: (03/14/2023 12:45:10 AM) (Source: Application Error) (EventID: 1000) (User: )
Description: Názov chybujúcej aplikácie: ADPClientService.exe, verzia: 4.1.16.0, časová značka: 0x61ee7d78
Názov chybujúceho modulu: ucrtbase.dll, verzia: 10.0.19041.789, časová značka: 0x82dc99a2
Kód výnimky: 0xc0000005
Odstup chyby: 0x0004dc0b
Identifikácia chybujúceho procesu: 0xed4
Čas spustenia chybujúcej aplikácie: 0x01d95605c0f2f415
Cesta chybujúcej aplikácie: C:\Program Files (x86)\Autodesk\Autodesk Desktop App\ADPClientService.exe
Cesta chybujúceho modulu: C:\WINDOWS\System32\ucrtbase.dll
Identifikácia hlásenia: 7449b499-7309-43b7-b9c7-0ada9a6b93a7
Celé meno chybujúceho balíka:
Identifikácia chybujúcej aplikácie vzhľadom na balík:

Error: (03/14/2023 12:44:49 AM) (Source: SideBySide) (EventID: 59) (User: )
Description: Activation context generation failed for "C:\Program Files (x86)\Dell\UpdateService\ServiceShell.exe".Error in manifest or policy file "C:\Program Files (x86)\Dell\UpdateService\ServiceShell.exe.Config" on line 12.
Invalid Xml syntax.

Error: (03/14/2023 12:44:17 AM) (Source: Application Error) (EventID: 1000) (User: )
Description: Názov chybujúcej aplikácie: Radeonsoftware.exe, verzia: 10.1.2.1862, časová značka: 0x62de417f
Názov chybujúceho modulu: Radeonsoftware.exe, verzia: 10.1.2.1862, časová značka: 0x62de417f
Kód výnimky: 0xc0000005
Odstup chyby: 0x000000000015b630
Identifikácia chybujúceho procesu: 0xd9c
Čas spustenia chybujúcej aplikácie: 0x01d95605b6f833c3
Cesta chybujúcej aplikácie: C:\Program Files\WindowsApps\AdvancedMicroDevicesInc-2.AMDRadeonSoftware_10.21.10044.0_x64__0a9344xs7nr4m\radeonsoftware\Radeonsoftware.exe
Cesta chybujúceho modulu: C:\Program Files\WindowsApps\AdvancedMicroDevicesInc-2.AMDRadeonSoftware_10.21.10044.0_x64__0a9344xs7nr4m\radeonsoftware\Radeonsoftware.exe
Identifikácia hlásenia: d314fb1a-d7c8-46da-bf5c-b11894aa0637
Celé meno chybujúceho balíka: AdvancedMicroDevicesInc-2.AMDRadeonSoftware_10.21.10044.0_x64__0a9344xs7nr4m
Identifikácia chybujúcej aplikácie vzhľadom na balík: AMDRadeonsoftwareUWP

Error: (03/13/2023 08:49:09 PM) (Source: DPTF) (EventID: 256) (User: )
Description: Intel(R) Dynamic Platform and Thermal Framework : ESIF(8.3.10209.6897) TYPE: ERROR MODULE: DPTF TIME 251530751 ms

DPTF Build Version: 8.3.10209.6897
DPTF Build Date: Aug 21 2018 21:44:24
Source File: ..\..\..\..\Sources\Policies\ConfigTdpPolicy\ConfigTdpPolicy.cpp @ line 155
Executing Function: ConfigTdpPolicy::onBindDomain
Message: ConfigTdp not supported.
Participant: TCPU [0]
Domain: PKG [0]
Policy: ConfigTDP Policy [0]

Error: (03/13/2023 08:49:09 PM) (Source: DPTF) (EventID: 256) (User: )
Description: Intel(R) Dynamic Platform and Thermal Framework : ESIF(8.3.10209.6897) TYPE: ERROR MODULE: DPTF TIME 251530746 ms

DPTF Build Version: 8.3.10209.6897
DPTF Build Date: Aug 21 2018 21:44:24
Source File: ..\..\..\..\Sources\Policies\ConfigTdpPolicy\ConfigTdpPolicy.cpp @ line 342
Executing Function: ConfigTdpPolicy::synchronizeConfigTdpPlatformSettings
Message: ConfigTdp not supported.
Policy: ConfigTDP Policy [0]

Error: (03/10/2023 11:21:14 PM) (Source: Application Error) (EventID: 1000) (User: )
Description: Názov chybujúcej aplikácie: Radeonsoftware.exe, verzia: 10.1.2.1862, časová značka: 0x62de417f
Názov chybujúceho modulu: Radeonsoftware.exe, verzia: 10.1.2.1862, časová značka: 0x62de417f
Kód výnimky: 0xc0000005
Odstup chyby: 0x000000000015b630
Identifikácia chybujúceho procesu: 0x1908
Čas spustenia chybujúcej aplikácie: 0x01d9539e9dafb46d
Cesta chybujúcej aplikácie: C:\Program Files\WindowsApps\AdvancedMicroDevicesInc-2.AMDRadeonSoftware_10.21.10044.0_x64__0a9344xs7nr4m\radeonsoftware\Radeonsoftware.exe
Cesta chybujúceho modulu: C:\Program Files\WindowsApps\AdvancedMicroDevicesInc-2.AMDRadeonSoftware_10.21.10044.0_x64__0a9344xs7nr4m\radeonsoftware\Radeonsoftware.exe
Identifikácia hlásenia: cfe6d257-26b8-4a0a-9c53-345685cb6b85
Celé meno chybujúceho balíka: AdvancedMicroDevicesInc-2.AMDRadeonSoftware_10.21.10044.0_x64__0a9344xs7nr4m
Identifikácia chybujúcej aplikácie vzhľadom na balík: AMDRadeonsoftwareUWP

Error: (03/10/2023 11:20:14 PM) (Source: Application Hang) (EventID: 1002) (User: )
Description: The program explorer.exe version 10.0.19041.2486 stopped interacting with Windows and was closed. To see if more information about the problem is available, check the problem history in the Security and Maintenance control panel.

Process ID: 2128

Start Time: 01d9539e41dfbbb0

Termination Time: 0

Application Path: C:\Windows\explorer.exe

Report Id: 2ff8daa5-e650-42f0-ba36-b910e8898bdb

Faulting package full name:

Faulting package-relative application ID:

Hang type: Cross-process

Error: (03/10/2023 11:18:08 PM) (Source: DPTF) (EventID: 256) (User: )
Description: Intel(R) Dynamic Platform and Thermal Framework : ESIF(8.3.10209.6897) TYPE: ERROR MODULE: DPTF TIME 1270145 ms

DPTF Build Version: 8.3.10209.6897
DPTF Build Date: Aug 21 2018 21:44:24
Source File: ..\..\..\..\Sources\Policies\ConfigTdpPolicy\ConfigTdpPolicy.cpp @ line 155
Executing Function: ConfigTdpPolicy::onBindDomain
Message: ConfigTdp not supported.
Participant: TCPU [0]
Domain: PKG [0]
Policy: ConfigTDP Policy [0]


System errors:
=============
Error: (03/14/2023 12:44:49 AM) (Source: Service Control Manager) (EventID: 7000) (User: )
Description: Spustenie služby Dell Client Management Service zlyhalo kvôli nasledujúcej chybe:
The application has failed to start because its side-by-side configuration is incorrect. Please see the application event log or use the command-line sxstrace.exe tool for more detail.

Error: (03/14/2023 12:41:54 AM) (Source: Service Control Manager) (EventID: 7000) (User: )
Description: Spustenie služby LMS zlyhalo kvôli nasledujúcej chybe:
The system cannot find the file specified.

Error: (03/14/2023 12:38:41 AM) (Source: Service Control Manager) (EventID: 7031) (User: )
Description: Služba Služba Microsoft Office Klikni a spusť sa neočakávane ukončila. Služba sa týmto spôsobom ukončila už 1 krát. O 0 ms bude vykonaná nasledujúca opravná akcia: Reštartovať službu.

Error: (03/14/2023 12:38:41 AM) (Source: Service Control Manager) (EventID: 7031) (User: )
Description: Služba Windows Search sa neočakávane ukončila. Služba sa týmto spôsobom ukončila už 1 krát. O 30000 ms bude vykonaná nasledujúca opravná akcia: Reštartovať službu.

Error: (03/14/2023 12:38:41 AM) (Source: Service Control Manager) (EventID: 7034) (User: )
Description: Služba Rivet AP Selector Service sa neočakávane ukončila. Služba sa týmto spôsobom ukončila už 1-krát.

Error: (03/14/2023 12:38:41 AM) (Source: Service Control Manager) (EventID: 7031) (User: )
Description: Služba ##ID_STRING86## sa neočakávane ukončila. Služba sa týmto spôsobom ukončila už 1 krát. O 300 ms bude vykonaná nasledujúca opravná akcia: Reštartovať službu.

Error: (03/14/2023 12:38:41 AM) (Source: Service Control Manager) (EventID: 7034) (User: )
Description: Služba Intel(R) Graphics Command Center Service sa neočakávane ukončila. Služba sa týmto spôsobom ukončila už 1-krát.

Error: (03/14/2023 12:38:41 AM) (Source: Service Control Manager) (EventID: 7031) (User: )
Description: Služba Windows Presentation Foundation Font Cache 3.0.0.0 sa neočakávane ukončila. Služba sa týmto spôsobom ukončila už 1 krát. O 0 ms bude vykonaná nasledujúca opravná akcia: Reštartovať službu.


Windows Defender:
================
Date: 2023-03-03 09:20:59
Description:
Microsoft Defender Antivirus scan has been stopped before completion.
Scan Type: Antimalware
Scan Parameters: Quick Scan

Date: 2023-02-11 19:44:44
Description:
Microsoft Defender Antivirus scan has been stopped before completion.
Scan Type: Antimalware
Scan Parameters: Quick Scan

Date: 2023-02-11 19:37:24
Description:
Microsoft Defender Antivirus scan has been stopped before completion.
Scan Type: Antimalware
Scan Parameters: Quick Scan

Date: 2023-02-08 16:02:10
Description:
Microsoft Defender Antivirus scan has been stopped before completion.
Scan Type: Antimalware
Scan Parameters: Quick Scan

Date: 2023-02-08 11:43:02
Description:
Microsoft Defender Antivirus scan has been stopped before completion.
Scan Type: Antimalware
Scan Parameters: Quick Scan
Event[0]:

Date: 2023-03-13 21:06:37
Description:
Microsoft Defender Antivirus has encountered an error trying to update security intelligence.
New security intelligence Version:
Previous security intelligence Version: 1.383.1738.0
Update Source: Microsoft Malware Protection Center
Security intelligence Type: AntiVirus
Update Type: Full
Current Engine Version:
Previous Engine Version: 1.1.20000.2
Error code: 0x8050a003
Error description: Tento balík neobsahuje aktuálne súbory definícií pre tento program. Ďalšie informácie nájdete v Pomoci a technickej podpore.

Date: 2023-03-13 21:06:37
Description:
Microsoft Defender Antivirus has encountered an error trying to update security intelligence.
New security intelligence Version:
Previous security intelligence Version: 1.383.1738.0
Update Source: Microsoft Malware Protection Center
Security intelligence Type: AntiSpyware
Update Type: Full
Current Engine Version:
Previous Engine Version: 1.1.20000.2
Error code: 0x8050a003
Error description: Tento balík neobsahuje aktuálne súbory definícií pre tento program. Ďalšie informácie nájdete v Pomoci a technickej podpore.

Date: 2023-03-13 21:06:37
Description:
Microsoft Defender Antivirus has encountered an error trying to update security intelligence.
New security intelligence Version:
Previous security intelligence Version: 1.383.1738.0
Update Source: Microsoft Malware Protection Center
Security intelligence Type: AntiVirus
Update Type: Full
Current Engine Version:
Previous Engine Version: 1.1.20000.2
Error code: 0x8050a003
Error description: Tento balík neobsahuje aktuálne súbory definícií pre tento program. Ďalšie informácie nájdete v Pomoci a technickej podpore.

Date: 2023-03-13 21:05:15
Description:
Microsoft Defender Antivirus has encountered an error trying to update security intelligence.
New security intelligence Version:
Previous security intelligence Version: 1.383.1509.0
Update Source: Microsoft Update Server
Security intelligence Type: AntiVirus
Update Type: Full
Current Engine Version:
Previous Engine Version: 1.1.20000.2
Error code: 0x80070102
Error description: The wait operation timed out.

Date: 2023-03-13 21:05:15
Description:
Microsoft Defender Antivirus has encountered an error trying to update security intelligence.
New security intelligence Version:
Previous security intelligence Version: 1.383.1509.0
Update Source: Microsoft Update Server
Security intelligence Type: AntiVirus
Update Type: Full
Current Engine Version:
Previous Engine Version: 1.1.20000.2
Error code: 0x80070102
Error description: The wait operation timed out.

CodeIntegrity:
===============
Date: 2023-02-09 12:56:17
Description:
Code Integrity determined that a process (\Device\HarddiskVolume3\ProgramData\Microsoft\Windows Defender\Platform\4.18.2211.5-0\MsMpEng.exe) attempted to load \Device\HarddiskVolume3\Program Files (x86)\Microsoft Office\root\VFS\ProgramFilesCommonX64\Microsoft Shared\OFFICE16\MSOXMLMF.DLL that did not meet the Custom 3 / Antimalware signing level requirements.

Date: 2023-02-09 10:34:35
Description:
Code Integrity is unable to verify the image integrity of the file \Device\HarddiskVolume3\Windows\System32\aepic.dll because the set of per-page image hashes could not be found on the system.

Date: 2023-02-08 20:30:08
Description:
Code Integrity determined that a process (\Device\HarddiskVolume3\ProgramData\Microsoft\Windows Defender\Platform\4.18.2211.5-0\MsMpEng.exe) attempted to load \Device\HarddiskVolume3\Windows\System32\DriverStore\FileRepository\iigd_dch.inf_amd64_4de65d949492707a\igd10iumd64.dll that did not meet the Custom 3 / Antimalware signing level requirements.


==================== Memory info ===========================

BIOS: Dell Inc. 2.18.0 12/15/2021
Motherboard: Dell Inc. 0JTTXY
Processor: Intel(R) Core(TM) i3-6006U CPU @ 2.00GHz
Percentage of memory in use: 79%
Total physical RAM: 3961.82 MB
Available physical RAM: 819.61 MB
Total Virtual: 7801.82 MB
Available Virtual: 4421.97 MB

==================== Drives ================================

Drive c: (OS) (Fixed) (Total:916.61 GB) (Free:84.26 GB) (Model: ST1000LM035-1RK172) NTFS

\\?\Volume{272a04cc-f698-49db-9c11-d4ce5b0f3600}\ () (Fixed) (Total:0.79 GB) (Free:0.33 GB) NTFS
\\?\Volume{c5e481d6-6489-4ee6-842b-4d7ab5485d7a}\ (Image) (Fixed) (Total:12.33 GB) (Free:0.14 GB) NTFS
\\?\Volume{f094355e-8333-4449-a8bd-39f1777c42ab}\ (DELLSUPPORT) (Fixed) (Total:1.17 GB) (Free:0.33 GB) NTFS
\\?\Volume{18a9fd8b-361b-4b62-8bd4-0b861dbc0160}\ (ESP) (Fixed) (Total:0.48 GB) (Free:0.42 GB) FAT32

==================== MBR & Partition Table ====================

==========================================================
Disk: 0 (Size: 931.5 GB) (Disk ID: E648B2F0)

Partition: GPT.

==================== End of Addition.txt =======================

Uživatelský avatar
Rudy
Site Admin
Site Admin
Příspěvky: 118199
Registrován: 30 říj 2003 13:42
Bydliště: Plzeň
Kontaktovat uživatele:

Re: prosim o kontolu

#4 Příspěvek od Rudy »

Potřebuji vidět obsah souboru fixlog.txt. Měl by být v C:\Users\orave\Downloads. Děkuji.
Dotazy a logy vkládejte pouze do vašich threadů. Soukromé zprávy, icq a e-maily neslouží k řešení vašich problémů.

Podpořte, prosím, naše fórum : https://platba.viry.cz/payment/.

Navštivte: Obrázek

e-mail: rudy(zavináč)forum.viry.cz

Varování:
Před odvirováním PC si udělejte zálohy svých důležitých dat (pošta, kontakty, dokumenty, fotografie, videa, hudba apod.). Virus mimo svých "viditelných" aktivit může poškodit systém!


Po dořešení vašeho problému bude vlákno zamknuto. Stejně tak tehdy, pokud bude nečinné více než 14dnů. Pokud budete chtít vlákno aktivovat, napište mi na mail uvedený výše.

Petkoor1
Návštěvník
Návštěvník
Příspěvky: 4
Registrován: 13 bře 2023 21:26

Re: prosim o kontolu

#5 Příspěvek od Petkoor1 »

Fix result of Farbar Recovery Scan Tool (x64) Version: 12-03-2023
Ran by orave (14-03-2023 00:38:31) Run:1
Running from C:\Users\orave\Downloads
Loaded Profiles: orave
Boot Mode: Normal
==============================================

fixlist content:
*****************
CloseProcesses:
HKLM\...\Run: [] => [X]
HKLM-x32\...\Run: [] => [X]
HKU\S-1-5-21-2839459338-1313788641-3629757714-1001\...\Run: [] => [X]
HKU\S-1-5-21-2839459338-1313788641-3629757714-1001\...\Run: [e79d569ba77562f0d4316e586835f0a2] => C:\Program Files\Intel\iCLS Client\\.. [0 ] () <==== ATTENTION [zero byte? (Error=123)]
HKLM\SOFTWARE\Policies\Mozilla\Firefox: Restriction <==== ATTENTION
Task: {0C518199-F01B-42CF-9CB7-16710B002812} - \Microsoft\Windows\EnterpriseMgmt\MDMMaintenenceTask -> No File <==== ATTENTION
Task: {1960F02C-8081-446E-A5BA-D4603FD8C8B1} - \Microsoft\Windows\UpdateOrchestrator\Policy Install -> No File <==== ATTENTION
Task: {2EEFEEAE-72B3-4A5E-9011-F8AD7EB0E4F4} - \Microsoft\Windows\UpdateOrchestrator\USO_UxBroker_Display -> No File <==== ATTENTION
Task: {4B6926D3-D490-4D93-82CE-D109F1D1BC80} - \Microsoft\Windows\WindowsUpdate\sih -> No File <==== ATTENTION
Task: {7072963F-3763-4E9F-A1F5-DE9703BAE827} - \Microsoft\Windows\Shell\FamilySafetyMonitorToastTask -> No File <==== ATTENTION
Task: {85612FE3-87C2-4449-8CC8-C92A92166063} - \Microsoft\Windows\UpdateOrchestrator\USO_UxBroker_ReadyToReboot -> No File <==== ATTENTION
Task: {ABCFAB97-9A6D-474A-AE87-91C0F2BE3AC2} - \Microsoft\Windows\UpdateOrchestrator\Maintenance Install -> No File <==== ATTENTION
Task: {C1C9B720-9479-4DD4-A545-18F0DDED33A2} - \Microsoft\Windows\UpdateOrchestrator\Combined Scan Download Install -> No File <==== ATTENTION
HKLM\SOFTWARE\Policies\Microsoft\Windows\CurrentVersion\Internet Settings\Zones\3: <==== ATTENTION (Restriction - Zones)
Task: {9B966314-729A-4B7A-9863-1F203114749D} - System32\Tasks\GoogleUpdateTaskMachineCore => C:\Program Files (x86)\Google\Update\GoogleUpdate.exe [156232 2021-08-20] (Google LLC -> Google LLC)
Task: {5948B97C-26F9-4305-99AA-BF42887C4DC4} - System32\Tasks\GoogleUpdateTaskMachineUA => C:\Program Files (x86)\Google\Update\GoogleUpdate.exe [156232 2021-08-20] (Google LLC -> Google LLC)
SearchScopes: HKU\S-1-5-21-2839459338-1313788641-3629757714-1001 -> DefaultScope {75A9A6D9-DCBC-40EE-AF97-515CE717860A} URL =
SearchScopes: HKU\S-1-5-21-2839459338-1313788641-3629757714-1001 -> {75A9A6D9-DCBC-40EE-AF97-515CE717860A} URL =

EmptyTemp:
End
*****************

Processes closed successfully.
"HKLM\Software\Microsoft\Windows\CurrentVersion\Run\\" => removed successfully
"HKLM\Software\WOW6432Node\Microsoft\Windows\CurrentVersion\Run\\" => removed successfully
"HKU\S-1-5-21-2839459338-1313788641-3629757714-1001\Software\Microsoft\Windows\CurrentVersion\Run\\" => removed successfully
"HKU\S-1-5-21-2839459338-1313788641-3629757714-1001\Software\Microsoft\Windows\CurrentVersion\Run\\e79d569ba77562f0d4316e586835f0a2" => removed successfully
HKLM\SOFTWARE\Policies\Mozilla => removed successfully
"HKLM\Software\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Logon\{0C518199-F01B-42CF-9CB7-16710B002812}" => removed successfully
"HKLM\Software\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tasks\{0C518199-F01B-42CF-9CB7-16710B002812}" => removed successfully
"HKLM\Software\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tree\Microsoft\Windows\EnterpriseMgmt\MDMMaintenenceTask" => not found
"HKLM\Software\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Plain\{1960F02C-8081-446E-A5BA-D4603FD8C8B1}" => removed successfully
"HKLM\Software\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tasks\{1960F02C-8081-446E-A5BA-D4603FD8C8B1}" => removed successfully
"HKLM\Software\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tree\Microsoft\Windows\UpdateOrchestrator\Policy Install" => removed successfully
"HKLM\Software\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Plain\{2EEFEEAE-72B3-4A5E-9011-F8AD7EB0E4F4}" => removed successfully
"HKLM\Software\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tasks\{2EEFEEAE-72B3-4A5E-9011-F8AD7EB0E4F4}" => removed successfully
"HKLM\Software\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tree\Microsoft\Windows\UpdateOrchestrator\USO_UxBroker_Display" => removed successfully
"HKLM\Software\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Plain\{4B6926D3-D490-4D93-82CE-D109F1D1BC80}" => removed successfully
"HKLM\Software\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tasks\{4B6926D3-D490-4D93-82CE-D109F1D1BC80}" => removed successfully
"HKLM\Software\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tree\Microsoft\Windows\WindowsUpdate\sih" => removed successfully
"HKLM\Software\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Plain\{7072963F-3763-4E9F-A1F5-DE9703BAE827}" => removed successfully
"HKLM\Software\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tasks\{7072963F-3763-4E9F-A1F5-DE9703BAE827}" => removed successfully
"HKLM\Software\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tree\Microsoft\Windows\Shell\FamilySafetyMonitorToastTask" => removed successfully
"HKLM\Software\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Plain\{85612FE3-87C2-4449-8CC8-C92A92166063}" => removed successfully
"HKLM\Software\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tasks\{85612FE3-87C2-4449-8CC8-C92A92166063}" => removed successfully
"HKLM\Software\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tree\Microsoft\Windows\UpdateOrchestrator\USO_UxBroker_ReadyToReboot" => removed successfully
"HKLM\Software\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Plain\{ABCFAB97-9A6D-474A-AE87-91C0F2BE3AC2}" => removed successfully
"HKLM\Software\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tasks\{ABCFAB97-9A6D-474A-AE87-91C0F2BE3AC2}" => removed successfully
"HKLM\Software\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tree\Microsoft\Windows\UpdateOrchestrator\Maintenance Install" => removed successfully
"HKLM\Software\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Plain\{C1C9B720-9479-4DD4-A545-18F0DDED33A2}" => removed successfully
"HKLM\Software\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tasks\{C1C9B720-9479-4DD4-A545-18F0DDED33A2}" => removed successfully
"HKLM\Software\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tree\Microsoft\Windows\UpdateOrchestrator\Combined Scan Download Install" => removed successfully
HKLM\SOFTWARE\Policies\Microsoft\Windows\CurrentVersion\Internet Settings\Zones\3 => removed successfully
"HKLM\Software\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Logon\{9B966314-729A-4B7A-9863-1F203114749D}" => removed successfully
"HKLM\Software\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tasks\{9B966314-729A-4B7A-9863-1F203114749D}" => removed successfully
C:\WINDOWS\System32\Tasks\GoogleUpdateTaskMachineCore => moved successfully
"HKLM\Software\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tree\GoogleUpdateTaskMachineCore" => removed successfully
"HKLM\Software\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Plain\{5948B97C-26F9-4305-99AA-BF42887C4DC4}" => removed successfully
"HKLM\Software\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tasks\{5948B97C-26F9-4305-99AA-BF42887C4DC4}" => removed successfully
C:\WINDOWS\System32\Tasks\GoogleUpdateTaskMachineUA => moved successfully
"HKLM\Software\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tree\GoogleUpdateTaskMachineUA" => removed successfully
"HKU\S-1-5-21-2839459338-1313788641-3629757714-1001\SOFTWARE\Microsoft\Internet Explorer\SearchScopes\\DefaultScope" => removed successfully
HKU\S-1-5-21-2839459338-1313788641-3629757714-1001\SOFTWARE\Microsoft\Internet Explorer\SearchScopes\{75A9A6D9-DCBC-40EE-AF97-515CE717860A} => removed successfully

=========== EmptyTemp: ==========

FlushDNS => completed
BITS transfer queue => 0 B
DOMStore, IE Recovery, AppCache, Feeds Cache, Thumbcache, IconCache => 65623226 B
Java, Discord, Steam htmlcache, WinHttpAutoProxySvc/winhttp *.cache => 0 B
Windows/system/drivers => 247820150 B
Edge => 0 B
Chrome => 355877945 B
Firefox => 0 B
Opera => 0 B

Temp, IE cache, history, cookies, recent:
Default => 6656 B
ProgramData => 6656 B
Public => 6656 B
systemprofile => 21091581 B
systemprofile32 => 21091581 B
LocalService => 21091581 B
NetworkService => 511718528 B
orave => 573227832 B

RecycleBin => 0 B
EmptyTemp: => 1.7 GB temporary data Removed.

================================


The system needed a reboot.

==== End of Fixlog 00:39:57 ====

Uživatelský avatar
Rudy
Site Admin
Site Admin
Příspěvky: 118199
Registrován: 30 říj 2003 13:42
Bydliště: Plzeň
Kontaktovat uživatele:

Re: prosim o kontolu

#6 Příspěvek od Rudy »

Smazáno. Zrychlil se chod PC?
Dotazy a logy vkládejte pouze do vašich threadů. Soukromé zprávy, icq a e-maily neslouží k řešení vašich problémů.

Podpořte, prosím, naše fórum : https://platba.viry.cz/payment/.

Navštivte: Obrázek

e-mail: rudy(zavináč)forum.viry.cz

Varování:
Před odvirováním PC si udělejte zálohy svých důležitých dat (pošta, kontakty, dokumenty, fotografie, videa, hudba apod.). Virus mimo svých "viditelných" aktivit může poškodit systém!


Po dořešení vašeho problému bude vlákno zamknuto. Stejně tak tehdy, pokud bude nečinné více než 14dnů. Pokud budete chtít vlákno aktivovat, napište mi na mail uvedený výše.

Petkoor1
Návštěvník
Návštěvník
Příspěvky: 4
Registrován: 13 bře 2023 21:26

Re: prosim o kontolu

#7 Příspěvek od Petkoor1 »

ano dakujem pekne

Uživatelský avatar
Rudy
Site Admin
Site Admin
Příspěvky: 118199
Registrován: 30 říj 2003 13:42
Bydliště: Plzeň
Kontaktovat uživatele:

Re: prosim o kontolu

#8 Příspěvek od Rudy »

Nemáte zač! :)
Dotazy a logy vkládejte pouze do vašich threadů. Soukromé zprávy, icq a e-maily neslouží k řešení vašich problémů.

Podpořte, prosím, naše fórum : https://platba.viry.cz/payment/.

Navštivte: Obrázek

e-mail: rudy(zavináč)forum.viry.cz

Varování:
Před odvirováním PC si udělejte zálohy svých důležitých dat (pošta, kontakty, dokumenty, fotografie, videa, hudba apod.). Virus mimo svých "viditelných" aktivit může poškodit systém!


Po dořešení vašeho problému bude vlákno zamknuto. Stejně tak tehdy, pokud bude nečinné více než 14dnů. Pokud budete chtít vlákno aktivovat, napište mi na mail uvedený výše.

Zamčeno