Prosím o preventivní kontrolu

Zpráva

goffy1985 · #1 Příspěvek od **goffy1985** » 03 dub 2023 15:38

Zdravím,

zase po nějaké době prosím o mrknutí, v jakým je pc stavu.

Dííky

Scan result of Farbar Recovery Scan Tool (FRST) (x64) Version: 03-04-2023
Ran by Zdeněk (administrator) on DESKTOP-QJEFONI (Micro-Star International Co., Ltd. MS-7B51) (03-04-2023 16:35:37)
Running from C:\Users\Zdeněk\Desktop
Loaded Profiles: Zdeněk
Platform: Microsoft Windows 10 Enterprise Version 22H2 19045.2728 (X64) Language: Čeština (Česko)
Default browser: Chrome
Boot Mode: Normal

==================== Processes (Whitelisted) =================

(If an entry is included in the fixlist, the process will be closed. The file will not be moved.)

(C:\Program Files\NVIDIA Corporation\NvContainer\nvcontainer.exe ->) (Nvidia Corporation -> NVIDIA Corporation) C:\Program Files\NVIDIA Corporation\NVIDIA GeForce Experience\NVIDIA Share.exe <3>
(C:\Program Files\NVIDIA Corporation\NvContainer\nvcontainer.exe ->) (NVIDIA Corporation -> NVIDIA Corporation) C:\Program Files\NVIDIA Corporation\ShadowPlay\nvsphelper64.exe
(explorer.exe ->) (Google LLC -> Google LLC) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe <11>
(Nvidia Corporation -> Node.js) C:\Program Files (x86)\NVIDIA Corporation\NvNode\NVIDIA Web Helper.exe
(services.exe ->) (Adobe Inc. -> Adobe Inc.) C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\armsvc.exe
(services.exe ->) (Even Balance, Inc. -> ) C:\Windows\SysWOW64\PnkBstrA.exe
(services.exe ->) (Even Balance, Inc. -> ) C:\Windows\SysWOW64\PnkBstrB.exe
(services.exe ->) (Intel Corporation -> Intel Corporation) C:\Windows\System32\DriverStore\FileRepository\iaahcic.inf_amd64_3de4831720bb2934\RstMwService.exe
(services.exe ->) (Intel Corporation -> Intel Corporation) C:\Windows\System32\DriverStore\FileRepository\lms.inf_amd64_fddb643595e0b8d0\LMS.exe
(services.exe ->) (Intel Corporation -> Intel Corporation) C:\Windows\System32\DriverStore\FileRepository\mewmiprov.inf_amd64_cad1db73e8c782a6\WMIRegistrationService.exe
(services.exe ->) (Intel Corporation) [File not signed] C:\Windows\System32\IPROSetMonitor.exe
(services.exe ->) (Intel(R) Embedded Subsystems and IP Blocks Group -> Intel Corporation) C:\Windows\System32\DriverStore\FileRepository\dal.inf_amd64_b5484efd38adbe8d\jhi_service.exe
(services.exe ->) (Microsoft Windows -> Microsoft Corporation) C:\Program Files\Microsoft Update Health Tools\uhssvc.exe
(services.exe ->) (Microsoft Windows Publisher -> Microsoft Corporation) C:\ProgramData\Microsoft\Windows Defender\Platform\4.18.2302.7-0\MsMpEng.exe
(services.exe ->) (Microsoft Windows Publisher -> Microsoft Corporation) C:\ProgramData\Microsoft\Windows Defender\Platform\4.18.2302.7-0\NisSrv.exe
(services.exe ->) (Nvidia Corporation -> NVIDIA Corporation) C:\Program Files\NVIDIA Corporation\NvContainer\nvcontainer.exe <3>
(services.exe ->) (NVIDIA Corporation -> NVIDIA Corporation) C:\Windows\System32\DriverStore\FileRepository\nv_dispi.inf_amd64_d1bd230cd08e7436\Display.NvContainer\NVDisplay.Container.exe <2>
(services.exe ->) (Realtek Semiconductor Corp. -> Realtek Semiconductor) C:\Windows\System32\DriverStore\FileRepository\realtekservice.inf_amd64_550508a90a3c9a47\RtkAudUService64.exe <2>
(svchost.exe ->) (ESET, spol. s r.o. -> ESET) C:\Users\Zdeněk\AppData\Local\ESET\ESETOnlineScanner\ESETOnlineScanner.exe
(svchost.exe ->) (Google Inc -> Google Inc.) C:\Program Files (x86)\Google\Update\GoogleUpdate.exe
(svchost.exe ->) (Microsoft Corporation -> Microsoft Corporation) C:\Program Files (x86)\Microsoft\EdgeUpdate\MicrosoftEdgeUpdate.exe
(svchost.exe ->) (Microsoft Windows -> Microsoft Corporation) C:\Windows\ImmersiveControlPanel\SystemSettings.exe
(svchost.exe ->) (Microsoft Windows -> Microsoft Corporation) C:\Windows\System32\MoUsoCoreWorker.exe
(svchost.exe ->) (Microsoft Windows -> Microsoft Corporation) C:\Windows\System32\rundll32.exe
(svchost.exe ->) (Microsoft Windows -> Microsoft Corporation) C:\Windows\System32\smartscreen.exe
(svchost.exe ->) (Microsoft Windows -> Microsoft Corporation) C:\Windows\WinSxS\amd64_microsoft-windows-servicingstack_31bf3856ad364e35_10.0.19041.2664_none_7dfa24947c9c0a36\TiWorker.exe

==================== Registry (Whitelisted) ===================

(If an entry is included in the fixlist, the registry item will be restored to default or removed. The file will not be moved.)

HKLM\...\Run: [RtkAudUService] => C:\WINDOWS\System32\DriverStore\FileRepository\realtekservice.inf_amd64_550508a90a3c9a47\RtkAudUService64.exe [1618320 2022-11-16] (Realtek Semiconductor Corp. -> Realtek Semiconductor)
HKLM\Software\Policies\...\system: [EnableSmartScreen] 0
HKU\S-1-5-21-1331974727-954974268-3080333680-1001\...\Run: [DAEMON Tools Lite Automount] => C:\Program Files\DAEMON Tools Lite\DTAgent.exe [731240 2018-12-17] (AVB Disc Soft, SIA -> Disc Soft Ltd)
HKU\S-1-5-21-1331974727-954974268-3080333680-1001\...\Run: [CCleaner Smart Cleaning] => C:\Program Files\CCleaner\CCleaner64.exe [39159608 2023-03-07] (PIRIFORM SOFTWARE LIMITED -> Piriform Software Ltd)
HKLM\Software\Microsoft\Active Setup\Installed Components: [{8A69D345-D564-463c-AFF1-A69D9E530F96}] -> C:\Program Files (x86)\Google\Chrome\Application\111.0.5563.147\Installer\chrmstp.exe [2023-04-01] (Google LLC -> Google LLC)

==================== Scheduled Tasks (Whitelisted) ============

(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)

Task: {05B0AC1A-B8B8-4FB2-9FB3-ECDB7C4DC503} - System32\Tasks\Intel PTT EK Recertification => C:\WINDOWS\System32\DriverStore\FileRepository\iclsclient.inf_amd64_76523213b78d9046\lib\IntelPTTEKRecertification.exe [818008 2021-09-15] (Intel Corporation -> Intel(R) Corporation)
Task: {0703D934-C775-4D52-B750-341AFB22314C} - System32\Tasks\Adobe Acrobat Update Task => C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\AdobeARM.exe [1560056 2023-02-01] (Adobe Inc. -> Adobe Inc.)
Task: {072C0A25-5E5D-4729-B91A-C246E973ACB1} - System32\Tasks\Microsoft\Office\Office 15 Subscription Heartbeat => C:\Program Files\Common Files\Microsoft Shared\Office16\OLicenseHeartbeat.exe [316632 2015-07-31] (Microsoft Corporation -> Microsoft Corporation)
Task: {078E7E45-034C-4045-AE0C-EE06F3E9EBF5} - System32\Tasks\GoogleUpdateTaskMachineCore{23E7D226-17CF-44BB-83CB-87DF596D8FFC} => C:\Program Files (x86)\Google\Update\GoogleUpdate.exe [152216 2018-12-31] (Google Inc -> Google Inc.)
Task: {261DAE17-60DC-4AB4-BF26-A51AFF116080} - System32\Tasks\Microsoft\Windows\Windows Defender\Windows Defender Cleanup => C:\ProgramData\Microsoft\Windows Defender\Platform\4.18.2302.7-0\MpCmdRun.exe [1645904 2023-03-28] (Microsoft Windows Publisher -> Microsoft Corporation)
Task: {29E0AAC5-FAE0-4FCB-9B20-C8ABE2B23AE8} - System32\Tasks\NVIDIA GeForce Experience SelfUpdate_{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8} => C:\Program Files\NVIDIA Corporation\NVIDIA GeForce Experience\NVIDIA GeForce Experience.exe [3342376 2023-01-27] (Nvidia Corporation -> NVIDIA Corporation)
Task: {3B66A0E5-30CE-4277-981F-4E4FFED18137} - System32\Tasks\NvTmRep_CrashReport3_{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8} => C:\Program Files\NVIDIA Corporation\NvBackend\NvTmRep.exe [1665064 2023-01-20] (NVIDIA Corporation -> NVIDIA Corporation)
Task: {639ED7D5-E3C2-42A7-B6C1-767404B22750} - System32\Tasks\NvTmRep_CrashReport2_{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8} => C:\Program Files\NVIDIA Corporation\NvBackend\NvTmRep.exe [1665064 2023-01-20] (NVIDIA Corporation -> NVIDIA Corporation)
Task: {80E2F3C2-A198-4882-848B-10EDF54D4E2C} - System32\Tasks\NvDriverUpdateCheckDaily_{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8} => C:\Program Files\NVIDIA Corporation\NvContainer\nvcontainer.exe [1003128 2022-03-15] (Nvidia Corporation -> NVIDIA Corporation) -> -d "C:\Program Files\NVIDIA Corporation\NvDriverUpdateCheck" -l 3 -f C:\ProgramData\NVIDIA\NvContainerDriverUpdateCheck.log
Task: {8FBE081C-22B1-48F3-ADFE-8E91E6E84225} - System32\Tasks\EOSv3 Scheduler onLogOn => C:\Users\Zdeněk\AppData\Local\ESET\ESETOnlineScanner\ESETOnlineScanner.exe [21737944 2022-12-21] (ESET, spol. s r.o. -> ESET)
Task: {9D6E6CA2-9EF0-4478-828F-CAB6A66A5C12} - System32\Tasks\CCleaner Update => C:\Program Files\CCleaner\CCUpdate.exe [714256 2023-03-07] (PIRIFORM SOFTWARE LIMITED -> Piriform Software Ltd)
Task: {9E41D728-76D7-4204-B02A-5304C27AD03E} - System32\Tasks\CCleanerCrashReporting => C:\Program Files\CCleaner\CCleanerBugReport.exe [4703544 2023-03-07] (PIRIFORM SOFTWARE LIMITED -> Piriform Software) -> --product 90 --send dumps|report --path "C:\Program Files\CCleaner\LOG" --programpath "C:\Program Files\CCleaner" --configpath "C:\Program Files\CCleaner\Setup" --guid "62d36be7-20f4-43d1-8f01-9e5a078a490b" --version "6.10.10347" --silent
Task: {A7C47109-00D9-4B26-BB73-47E4E90C5A3C} - System32\Tasks\GoogleUpdateTaskMachineUA{69AF34C8-F2B8-4091-BE78-FFFD2D44F33A} => C:\Program Files (x86)\Google\Update\GoogleUpdate.exe [152216 2018-12-31] (Google Inc -> Google Inc.)
Task: {AB1D6259-3B4D-4E76-86CC-08C52A1D2022} - System32\Tasks\EOSv3 Scheduler onTime => C:\Users\Zdeněk\AppData\Local\ESET\ESETOnlineScanner\ESETOnlineScanner.exe [21737944 2022-12-21] (ESET, spol. s r.o. -> ESET)
Task: {ACDA1021-C2A3-4666-A671-645F0FC072D9} - System32\Tasks\NvProfileUpdaterDaily_{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8} => C:\Program Files\NVIDIA Corporation\Update Core\NvProfileUpdater64.exe [910888 2023-01-20] (NVIDIA Corporation -> NVIDIA Corporation)
Task: {B626028F-8E51-4764-8B16-D7230AC0ADEA} - System32\Tasks\Microsoft\Windows\Windows Defender\Windows Defender Verification => C:\ProgramData\Microsoft\Windows Defender\Platform\4.18.2302.7-0\MpCmdRun.exe [1645904 2023-03-28] (Microsoft Windows Publisher -> Microsoft Corporation)
Task: {B6290D37-19C0-4576-9726-D67A5A60FE35} - System32\Tasks\NvNodeLauncher_{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8} => C:\Program Files (x86)\NVIDIA Corporation\NvNode\nvnodejslauncher.exe [649784 2023-01-20] (NVIDIA Corporation -> NVIDIA Corporation)
Task: {B9D55709-3124-40BA-A0D3-F906548F7F8A} - System32\Tasks\CCleanerSkipUAC - Zdeněk => C:\Program Files\CCleaner\CCleaner.exe [33038648 2023-03-07] (PIRIFORM SOFTWARE LIMITED -> Piriform Software Ltd)
Task: {DE8EADD0-1DD6-4EFD-8BF5-E3AD979DD6FC} - System32\Tasks\NvTmRep_CrashReport1_{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8} => C:\Program Files\NVIDIA Corporation\NvBackend\NvTmRep.exe [1665064 2023-01-20] (NVIDIA Corporation -> NVIDIA Corporation)
Task: {E5A7A569-2FF8-4A95-AE1F-73D1CD5C8A89} - System32\Tasks\NvProfileUpdaterOnLogon_{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8} => C:\Program Files\NVIDIA Corporation\Update Core\NvProfileUpdater64.exe [910888 2023-01-20] (NVIDIA Corporation -> NVIDIA Corporation)
Task: {EA35B478-A086-48C6-909B-883D1D22214C} - System32\Tasks\NvTmRep_CrashReport4_{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8} => C:\Program Files\NVIDIA Corporation\NvBackend\NvTmRep.exe [1665064 2023-01-20] (NVIDIA Corporation -> NVIDIA Corporation)
Task: {FD16FD2A-F7FA-405A-BD8D-D1386C2D0FBB} - System32\Tasks\Microsoft\Windows\Windows Defender\Windows Defender Scheduled Scan => C:\ProgramData\Microsoft\Windows Defender\Platform\4.18.2302.7-0\MpCmdRun.exe [1645904 2023-03-28] (Microsoft Windows Publisher -> Microsoft Corporation)
Task: {FF553DEB-FA18-44EE-B58A-6913F36AB790} - System32\Tasks\Microsoft\Windows\Windows Defender\Windows Defender Cache Maintenance => C:\ProgramData\Microsoft\Windows Defender\Platform\4.18.2302.7-0\MpCmdRun.exe [1645904 2023-03-28] (Microsoft Windows Publisher -> Microsoft Corporation)

(If an entry is included in the fixlist, the task (.job) file will be moved. The file which is running by the task will not be moved.)

Task: C:\WINDOWS\Tasks\CCleanerCrashReporting.job => C:\Program Files\CCleaner\CCleanerBugReport.exe
Task: C:\WINDOWS\Tasks\Intel PTT EK Recertification.job => C:\WINDOWS\System32\DriverStore\FileRepository\iclsclient.inf_amd64_76523213b78d9046\lib\IntelPTTEKRecertification.exe

==================== Internet (Whitelisted) ====================

(If an item is included in the fixlist, if it is a registry item it will be removed or restored to default.)

Hosts: There are more than one entry in Hosts. See Hosts section of Addition.txt
Tcpip\Parameters: [DhcpNameServer] 192.168.0.1 0.0.0.0
Tcpip\..\Interfaces\{fc72edb7-76ca-4e03-bf5a-d95e557f6625}: [DhcpNameServer] 192.168.0.1 0.0.0.0

Edge:
=======
Edge Profile: C:\Users\Zdeněk\AppData\Local\Microsoft\Edge\User Data\Default [2022-11-03]

FireFox:
========
FF Plugin: @microsoft.com/SharePoint,version=14.0 -> C:\PROGRA~1\MICROS~1\Office16\NPSPWRAP.DLL [2015-07-31] (Microsoft Corporation -> Microsoft Corporation)
FF Plugin-x32: @esn/esnlaunch,version=2.3.0 -> C:\Program Files (x86)\Battlelog Web Plugins\2.3.0\npesnlaunch.dll [2013-09-16] (ESN Social Software AB) [File not signed]
FF Plugin-x32: @microsoft.com/SharePoint,version=14.0 -> C:\PROGRA~2\MICROS~2\Office16\NPSPWRAP.DLL [2015-07-31] (Microsoft Corporation -> Microsoft Corporation)
FF Plugin-x32: Adobe Reader -> C:\Program Files (x86)\Adobe\Acrobat Reader DC\Reader\AIR\nppdf32.dll [2023-03-21] (Adobe Inc. -> Adobe Systems Inc.)

Chrome:
=======
CHR Profile: C:\Users\Zdeněk\AppData\Local\Google\Chrome\User Data\Default [2023-04-03]
CHR DownloadDir: C:\Users\Zdeněk\Desktop
CHR Extension: (Dokumenty Google offline) - C:\Users\Zdeněk\AppData\Local\Google\Chrome\User Data\Default\Extensions\ghbmnnjooekpmoecnnnilnnbdlolhkhi [2023-03-13]
CHR Extension: (AdBlock - nejlepší blokátor reklam) - C:\Users\Zdeněk\AppData\Local\Google\Chrome\User Data\Default\Extensions\gighmmpiobklfepjocnamgkkbiglidom [2023-02-23]
CHR Extension: (Platby Internetového obchodu Chrome) - C:\Users\Zdeněk\AppData\Local\Google\Chrome\User Data\Default\Extensions\nmmhkkegccagdldgiimedpiccmgmieda [2021-01-29]
CHR HKLM\...\Chrome\Extension: [iikflkcanblccfahdhdonehdalibjnif]
CHR HKLM-x32\...\Chrome\Extension: [iikflkcanblccfahdhdonehdalibjnif]

==================== Services (Whitelisted) ===================

(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)

R2 AdobeARMservice; C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\armsvc.exe [173040 2023-02-01] (Adobe Inc. -> Adobe Inc.)
S3 Disc Soft Lite Bus Service; C:\Program Files\DAEMON Tools Lite\DiscSoftBusServiceLite.exe [3644008 2018-12-17] (AVB Disc Soft, SIA -> Disc Soft Ltd)
R2 Intel(R) PROSet Monitoring Service; C:\Windows\system32\IProsetMonitor.exe [505856 2018-05-02] (Intel Corporation) [File not signed]
R2 PnkBstrA; C:\Windows\SysWOW64\PnkBstrA.exe [66872 2020-02-22] (Even Balance, Inc. -> )
R2 PnkBstrB; C:\Windows\SysWOW64\PnkBstrB.exe [107832 2020-02-22] (Even Balance, Inc. -> )
S3 Sense; C:\Program Files\Windows Defender Advanced Threat Protection\MsSense.exe [226976 2023-03-28] (Microsoft Windows Publisher -> Microsoft Corporation)
R3 WdNisSvc; C:\ProgramData\Microsoft\Windows Defender\Platform\4.18.2302.7-0\NisSrv.exe [3224328 2023-03-28] (Microsoft Windows Publisher -> Microsoft Corporation)
R2 WinDefend; C:\ProgramData\Microsoft\Windows Defender\Platform\4.18.2302.7-0\MsMpEng.exe [133544 2023-03-28] (Microsoft Windows Publisher -> Microsoft Corporation)
R2 NVDisplay.ContainerLocalSystem; C:\WINDOWS\System32\DriverStore\FileRepository\nv_dispi.inf_amd64_d1bd230cd08e7436\Display.NvContainer\NVDisplay.Container.exe -s NVDisplay.ContainerLocalSystem -f %ProgramData%\NVIDIA\NVDisplay.ContainerLocalSystem.log -l 3 -d C:\WINDOWS\System32\DriverStore\FileRepository\nv_dispi.inf_amd64_d1bd230cd08e7436\Display.NvContainer\plugins\LocalSystem -r -p 30000 -cfg NVDisplay.ContainerLocalSystem\LocalSystem

===================== Drivers (Whitelisted) ===================

(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)

R3 AmUStor; C:\WINDOWS\system32\drivers\AmUStorU.sys [135296 2022-07-05] (Alcorlink Corp. -> )
S3 BthA2dp; C:\WINDOWS\System32\drivers\BthA2dp.sys [279040 2019-12-07] (Microsoft Corporation) [File not signed]
S3 BthHFEnum; C:\WINDOWS\System32\drivers\bthhfenum.sys [144896 2019-12-07] (Microsoft Corporation) [File not signed]
R3 dtlitescsibus; C:\WINDOWS\System32\drivers\dtlitescsibus.sys [30264 2019-01-02] (Disc Soft Ltd -> Disc Soft Ltd)
R3 dtliteusbbus; C:\WINDOWS\System32\drivers\dtliteusbbus.sys [47672 2019-01-02] (Disc Soft Ltd -> Disc Soft Ltd)
R3 e1dexpress; C:\WINDOWS\System32\DriverStore\FileRepository\e1d.inf_amd64_e64afe811c7e4662\e1d.sys [607400 2022-07-05] (Intel Corporation -> Intel Corporation)
S3 MpKsl0d4d46b4; C:\WINDOWS\system32\MpEngineStore\MpKslDrv.sys [211208 2023-04-03] (Microsoft Windows -> Microsoft Corporation)
R3 NvModuleTracker; C:\WINDOWS\System32\DriverStore\FileRepository\nvmoduletracker.inf_amd64_0c1cc60a4b422185\NvModuleTracker.sys [45656 2022-07-14] (Nvidia Corporation -> NVIDIA Corporation)
S3 ssudmdm; C:\WINDOWS\system32\DRIVERS\ssudmdm.sys [167280 2020-11-11] (Samsung Electronics Co., Ltd. -> Samsung Electronics Co., Ltd.)
S0 WdBoot; C:\WINDOWS\System32\drivers\wd\WdBoot.sys [49608 2023-03-28] (Microsoft Windows Early Launch Anti-malware Publisher -> Microsoft Corporation)
R0 WdFilter; C:\WINDOWS\System32\drivers\wd\WdFilter.sys [495896 2023-03-28] (Microsoft Windows -> Microsoft Corporation)
R3 WdNisDrv; C:\WINDOWS\System32\drivers\wd\WdNisDrv.sys [99624 2023-03-28] (Microsoft Windows -> Microsoft Corporation)
S3 AppleLowerFilter; \SystemRoot\System32\drivers\AppleLowerFilter.sys [X]

==================== NetSvcs (Whitelisted) ===================

(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)

==================== One month (created) (Whitelisted) =========

(If an entry is included in the fixlist, the file/folder will be moved.)

2023-04-03 16:35 - 2023-04-03 16:36 - 000017719 _____ C:\Users\Zdeněk\Desktop\FRST.txt
2023-04-03 16:35 - 2023-04-03 16:35 - 002379776 _____ (Farbar) C:\Users\Zdeněk\Desktop\FRST64.exe
2023-04-03 16:35 - 2023-04-03 16:35 - 000000000 ____D C:\FRST
2023-04-02 16:44 - 2023-04-03 16:36 - 000000000 ____D C:\WINDOWS\system32\MpEngineStore
2023-03-28 16:33 - 2023-03-28 16:33 - 000000000 ___HD C:\$WinREAgent
2023-03-13 10:17 - 2023-03-13 10:18 - 000000000 ____D C:\AdwCleaner

==================== One month (modified) ==================

(If an entry is included in the fixlist, the file/folder will be moved.)

2023-04-03 16:34 - 2018-12-31 10:30 - 000000000 ____D C:\ProgramData\NVIDIA
2023-04-03 16:33 - 2023-02-21 17:27 - 000001379 _____ C:\Users\Zdeněk\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\ESET Online Scanner.lnk
2023-04-03 16:33 - 2022-12-21 17:06 - 000003862 _____ C:\WINDOWS\system32\Tasks\EOSv3 Scheduler onLogOn
2023-04-03 16:33 - 2022-12-21 17:06 - 000003420 _____ C:\WINDOWS\system32\Tasks\EOSv3 Scheduler onTime
2023-04-03 16:33 - 2020-01-06 13:06 - 000000000 ____D C:\Program Files\CCleaner
2023-04-03 16:33 - 2018-12-31 10:26 - 000000000 ____D C:\Program Files (x86)\Google
2023-04-01 17:51 - 2019-12-07 11:14 - 000000000 ___HD C:\Program Files\WindowsApps
2023-04-01 17:51 - 2019-12-07 11:14 - 000000000 ____D C:\WINDOWS\AppReadiness
2023-04-01 17:46 - 2020-09-03 20:03 - 000002436 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Microsoft Edge.lnk
2023-04-01 17:46 - 2019-12-07 11:14 - 000000000 ____D C:\ProgramData\regid.1991-06.com.microsoft
2023-04-01 17:40 - 2022-01-26 17:38 - 001693136 _____ C:\WINDOWS\system32\PerfStringBackup.INI
2023-04-01 17:40 - 2019-12-07 16:43 - 000716762 _____ C:\WINDOWS\system32\perfh005.dat
2023-04-01 17:40 - 2019-12-07 16:43 - 000144940 _____ C:\WINDOWS\system32\perfc005.dat
2023-04-01 17:40 - 2019-12-07 11:13 - 000000000 ____D C:\WINDOWS\INF
2023-04-01 17:40 - 2018-12-31 10:26 - 000002301 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Google Chrome.lnk
2023-04-01 17:39 - 2022-01-26 17:33 - 000003640 _____ C:\WINDOWS\system32\Tasks\MicrosoftEdgeUpdateTaskMachineUA
2023-04-01 17:39 - 2022-01-26 17:33 - 000003516 _____ C:\WINDOWS\system32\Tasks\MicrosoftEdgeUpdateTaskMachineCore
2023-04-01 17:33 - 2022-01-26 17:33 - 000000006 ____H C:\WINDOWS\Tasks\SA.DAT
2023-04-01 17:33 - 2022-01-26 17:29 - 000008192 ___SH C:\DumpStack.log.tmp
2023-03-28 18:26 - 2022-09-30 12:55 - 000000760 _____ C:\WINDOWS\Tasks\CCleanerCrashReporting.job
2023-03-28 18:26 - 2022-01-26 17:29 - 000276720 _____ C:\WINDOWS\system32\FNTCACHE.DAT
2023-03-28 18:26 - 2019-12-07 11:03 - 000524288 _____ C:\WINDOWS\system32\config\BBI
2023-03-28 18:25 - 2019-12-07 16:47 - 000000000 ____D C:\Program Files\Windows Defender Advanced Threat Protection
2023-03-28 18:25 - 2019-12-07 11:14 - 000000000 ___RD C:\WINDOWS\ImmersiveControlPanel
2023-03-28 18:25 - 2019-12-07 11:14 - 000000000 ____D C:\WINDOWS\SystemResources
2023-03-28 18:25 - 2019-12-07 11:14 - 000000000 ____D C:\WINDOWS\system32\oobe
2023-03-28 18:25 - 2019-12-07 11:14 - 000000000 ____D C:\WINDOWS\PolicyDefinitions
2023-03-28 18:25 - 2019-12-07 11:14 - 000000000 ____D C:\WINDOWS\bcastdvr
2023-03-28 18:24 - 2022-01-26 17:29 - 000000000 ____D C:\WINDOWS\system32\SleepStudy
2023-03-28 16:49 - 2019-12-07 11:03 - 000000000 ____D C:\WINDOWS\CbsTemp
2023-03-28 16:46 - 2022-01-26 17:33 - 003015680 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\PrintConfig.dll
2023-03-28 16:41 - 2018-12-31 10:01 - 000000000 ____D C:\WINDOWS\system32\Drivers\wd
2023-03-28 16:37 - 2022-01-26 17:33 - 000004562 _____ C:\WINDOWS\system32\Tasks\Adobe Acrobat Update Task
2023-03-28 16:36 - 2022-10-17 16:11 - 000002136 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Acrobat Reader.lnk
2023-03-28 16:32 - 2019-01-02 10:07 - 000000000 ____D C:\WINDOWS\system32\MRT
2023-03-28 16:31 - 2019-01-02 10:07 - 153620824 ____C (Microsoft Corporation) C:\WINDOWS\system32\MRT.exe
2023-03-21 16:53 - 2022-09-30 12:55 - 000003474 _____ C:\WINDOWS\system32\Tasks\CCleanerCrashReporting
2023-03-21 16:53 - 2022-01-26 17:33 - 000003936 _____ C:\WINDOWS\system32\Tasks\CCleaner Update
2023-03-21 16:53 - 2019-08-15 18:26 - 000000000 ____D C:\Users\Zdeněk\AppData\Local\CrashDumps
2023-03-13 10:24 - 2021-11-07 12:25 - 000000000 ____D C:\Users\Zdeněk\AppData\Local\Webshare
2023-03-13 10:20 - 2023-02-06 18:00 - 000001831 _____ C:\Users\Zdeněk\Desktop\Webshare klient.lnk
2023-03-13 10:18 - 2022-07-05 11:36 - 000000000 ____D C:\Users\Zdeněk\AppData\Roaming\IObit
2023-03-06 17:27 - 2019-01-02 11:27 - 000000000 ____D C:\Users\Zdeněk\AppData\Roaming\vlc

==================== Files in the root of some directories ========

2021-03-28 10:28 - 2021-05-07 16:54 - 000012288 _____ () C:\Users\Zdeněk\AppData\Roaming\emp.bin
2022-05-22 07:59 - 2022-11-03 08:37 - 000003584 _____ () C:\Users\Zdeněk\AppData\Local\DCBC2A71-70D8-4DAN-EHR8-E0D61DEA3FDF.ini
2020-09-17 16:27 - 2020-09-17 16:27 - 000000000 ___SH () C:\Users\Zdeněk\AppData\Local\LumaEmu
2019-09-02 17:38 - 2020-02-18 07:21 - 000007613 _____ () C:\Users\Zdeněk\AppData\Local\resmon.resmoncfg

==================== SigCheck ============================

(There is no automatic fix for files that do not pass verification.)

==================== End of FRST.txt ========================

Additional scan result of Farbar Recovery Scan Tool (x64) Version: 03-04-2023
Ran by Zdeněk (03-04-2023 16:36:35)
Running from C:\Users\Zdeněk\Desktop
Microsoft Windows 10 Enterprise Version 22H2 19045.2728 (X64) (2022-01-26 15:33:56)
Boot Mode: Normal
==========================================================

==================== Accounts: =============================

(If an entry is included in the fixlist, it will be removed.)

Administrator (S-1-5-21-1331974727-954974268-3080333680-500 - Administrator - Disabled)
DefaultAccount (S-1-5-21-1331974727-954974268-3080333680-503 - Limited - Disabled)
Guest (S-1-5-21-1331974727-954974268-3080333680-501 - Limited - Disabled)
WDAGUtilityAccount (S-1-5-21-1331974727-954974268-3080333680-504 - Limited - Disabled)
Zdeněk (S-1-5-21-1331974727-954974268-3080333680-1001 - Administrator - Enabled) => C:\Users\Zdeněk

==================== Security Center ========================

(If an entry is included in the fixlist, it will be removed.)

AV: Windows Defender (Enabled - Up to date) {D68DDC3A-831F-4fae-9E44-DA132C1ACF46}
AS: Windows Defender (Enabled - Up to date) {D68DDC3A-831F-4fae-9E44-DA132C1ACF46}

==================== Installed Programs ======================

(Only the adware programs with "Hidden" flag could be added to the fixlist to unhide them. The adware programs should be uninstalled manually.)

Adobe Acrobat Reader - Czech (HKLM-x32\...\{AC76BA86-7AD7-1029-7B44-AC0F074E4100}) (Version: 23.001.20093 - Adobe Systems Incorporated)
Adobe Refresh Manager (HKLM-x32\...\{AC76BA86-0804-1033-1959-018244601042}) (Version: 1.8.0 - Adobe Systems Incorporated) Hidden
Assassins Creed III Remastered v.1.0 (HKLM-x32\...\Assassins Creed III Remastered_is1) (Version: - )
Assassins Creed Syndicate Gold Edition MULTi16 - ElAmigos verze 1.50 (HKLM-x32\...\{82D665BB-75EF-4B38-A7C5-7D687101F9C6}_is1) (Version: 1.50 - UBISoft)
Battlefield 4™ (HKLM-x32\...\{ABADE36E-EC37-413B-8179-B432AD3FACE7}) (Version: 1.0.0.0 - Electronic Arts)
Battlefield™ V (HKLM-x32\...\{e26b382f-e945-4f70-9318-121b683f1d61}) (Version: 1.0.59.24655 - Electronic Arts)
Battlelog Web Plugins (HKLM-x32\...\Battlelog Web Plugins) (Version: 2.3.0 - EA Digital Illusions CE AB)
Call of Juarez: Gunslinger (HKLM-x32\...\2015389384_is1) (Version: 1.0.5 - GOG.com)
Call of Juarez® Gunslinger Czech (HKLM-x32\...\{C68D6AF3-D89B-4FA2-A13F-034758AB42BD}_is1) (Version: - )
CCleaner (HKLM\...\CCleaner) (Version: 6.10 - Piriform)
Cities: Skylines - ČEŠTINA (HKU\S-1-5-21-1331974727-954974268-3080333680-1001\...\Cities: Skylines - ČEŠTINA) (Version: - )
DAEMON Tools Lite (HKLM\...\DAEMON Tools Lite) (Version: 10.9.0.0677 - Disc Soft Ltd)
Days Gone (HKU\S-1-5-21-1331974727-954974268-3080333680-1001\...\FLT_Days Gone) (Version: - )
Detroit - Become Human version 0.0.0 (HKLM-x32\...\Detroit - Become Human_is1) (Version: 0.0.0 - Quantic Dream)
Dying Light: The Following – Enhanced Edition (HKLM-x32\...\1448452156_is1) (Version: 1.45.0 - GOG.com)
Far Cry 6 (HKLM-x32\...\{F5F27FBA-E8DD-4D10-A765-A4488EE2184E}_dixen18_is1) (Version: - dixen18)
FastShare.cz verze 2.3.1 (HKLM-x32\...\FastShare.cz_is1) (Version: 2.3.1 - )
Google Chrome (HKLM-x32\...\Google Chrome) (Version: 111.0.5563.147 - Google LLC)
Homefront The Revolution (HKLM-x32\...\Homefront The Revolution_is1) (Version: - )
Intel(R) Chipset Device Software (HKLM\...\{631C57C3-B765-4327-822A-057C34D691CC}) (Version: 10.1.17695.8086 - Intel Corporation) Hidden
Intel(R) Management Engine Components (HKLM\...\{1CEAC85D-2590-4760-800F-8DE5E91F3700}) (Version: 1828.12.0.1151 - Intel Corporation)
Intel(R) Management Engine Components (HKLM\...\{7C5D4C02-C5B3-4A31-BF22-74402E12538D}) (Version: 1.0.0.0 - Intel Corporation) Hidden
Intel(R) Management Engine Components (HKLM\...\{B4233E49-2109-4346-B994-57E7AFFA5755}) (Version: 1.0.0.0 - Intel Corporation) Hidden
Intel(R) Management Engine Driver (HKLM\...\{856F34DE-C785-4EAA-9E3E-752FA7E19701}) (Version: 1.0.0.0 - Intel Corporation) Hidden
Intel(R) Network Connections 23.2.0.1006 (HKLM\...\{2B165F54-F534-4856-BA99-C796B94B7983}) (Version: 23.2.0.1006 - Intel) Hidden
Intel(R) Network Connections 23.2.0.1006 (HKLM\...\PROSetDX) (Version: 23.2.0.1006 - Intel)
Intel(R) Trusted Connect Service Client x64 (HKLM\...\{C9552825-7BF2-4344-BA91-D3CD46F4C442}) (Version: 1.50.369.0 - Intel Corporation) Hidden
Intel(R) Trusted Connect Service Client x86 (HKLM-x32\...\{C9552825-7BF2-4344-BA91-D3CD46F4C441}) (Version: 1.50.369.0 - Intel Corporation) Hidden
Intel(R) Trusted Connect Services Client (HKLM-x32\...\{aa81bdf2-96a6-4400-a596-c7d1916ce9f7}) (Version: 1.50.369.0 - Intel Corporation) Hidden
Intel® Chipset Device Software (HKLM-x32\...\{eb0d4a41-3065-42b0-a868-c60d42d3ea98}) (Version: 10.1.17695.8086 - Intel(R) Corporation) Hidden
IrfanView 4.53 (64-bit) (HKLM\...\IrfanView64) (Version: 4.53 - Irfan Skiljan)
Microsoft Access MUI (Czech) 2016 (HKLM\...\{90160000-0015-0405-1000-0000000FF1CE}) (Version: 16.0.4266.1001 - Microsoft Corporation) Hidden
Microsoft DCF MUI (Czech) 2016 (HKLM\...\{90160000-0090-0405-1000-0000000FF1CE}) (Version: 16.0.4266.1001 - Microsoft Corporation) Hidden
Microsoft Edge (HKLM-x32\...\Microsoft Edge) (Version: 111.0.1661.62 - Microsoft Corporation)
Microsoft Edge WebView2 Runtime (HKLM-x32\...\Microsoft EdgeWebView) (Version: 111.0.1661.62 - Microsoft Corporation)
Microsoft Excel MUI (Czech) 2016 (HKLM\...\{90160000-0016-0405-1000-0000000FF1CE}) (Version: 16.0.4266.1001 - Microsoft Corporation) Hidden
Microsoft Groove MUI (Czech) 2016 (HKLM\...\{90160000-00BA-0405-1000-0000000FF1CE}) (Version: 16.0.4266.1001 - Microsoft Corporation) Hidden
Microsoft InfoPath MUI (Czech) 2016 (HKLM\...\{90160000-0044-0405-1000-0000000FF1CE}) (Version: 16.0.4266.1001 - Microsoft Corporation) Hidden
Microsoft Office 32-bit Components 2016 (HKLM\...\{90160000-00C1-0000-1000-0000000FF1CE}) (Version: 16.0.4266.1001 - Microsoft Corporation) Hidden
Microsoft Office Korrekturhilfen 2016 – Deutsch (HKLM\...\{90160000-001F-0407-1000-0000000FF1CE}) (Version: 16.0.4266.1001 - Microsoft Corporation) Hidden
Microsoft Office OSM MUI (Czech) 2016 (HKLM\...\{90160000-00E1-0405-1000-0000000FF1CE}) (Version: 16.0.4266.1001 - Microsoft Corporation) Hidden
Microsoft Office OSM UX MUI (Czech) 2016 (HKLM\...\{90160000-00E2-0405-1000-0000000FF1CE}) (Version: 16.0.4266.1001 - Microsoft Corporation) Hidden
Microsoft Office Professional Plus 2016 (HKLM\...\{90160000-0011-0000-1000-0000000FF1CE}) (Version: 16.0.4266.1001 - Microsoft Corporation) Hidden
Microsoft Office Professional Plus 2016 (HKLM\...\Office16.PROPLUS) (Version: 16.0.4266.1001 - Microsoft Corporation)
Microsoft Office Proofing (Czech) 2016 (HKLM\...\{90160000-002C-0405-1000-0000000FF1CE}) (Version: 16.0.4266.1001 - Microsoft Corporation) Hidden
Microsoft Office Proofing Tools 2016 - English (HKLM\...\{90160000-001F-0409-1000-0000000FF1CE}) (Version: 16.0.4266.1001 - Microsoft Corporation) Hidden
Microsoft Office Shared 32-bit MUI (Czech) 2016 (HKLM\...\{90160000-00C1-0405-1000-0000000FF1CE}) (Version: 16.0.4266.1001 - Microsoft Corporation) Hidden
Microsoft Office Shared MUI (Czech) 2016 (HKLM\...\{90160000-006E-0405-1000-0000000FF1CE}) (Version: 16.0.4266.1001 - Microsoft Corporation) Hidden
Microsoft OneNote MUI (Czech) 2016 (HKLM\...\{90160000-00A1-0405-1000-0000000FF1CE}) (Version: 16.0.4266.1001 - Microsoft Corporation) Hidden
Microsoft Outlook MUI (Czech) 2016 (HKLM\...\{90160000-001A-0405-1000-0000000FF1CE}) (Version: 16.0.4266.1001 - Microsoft Corporation) Hidden
Microsoft PowerPoint MUI (Czech) 2016 (HKLM\...\{90160000-0018-0405-1000-0000000FF1CE}) (Version: 16.0.4266.1001 - Microsoft Corporation) Hidden
Microsoft Publisher MUI (Czech) 2016 (HKLM\...\{90160000-0019-0405-1000-0000000FF1CE}) (Version: 16.0.4266.1001 - Microsoft Corporation) Hidden
Microsoft Skype for Business MUI (Czech) 2016 (HKLM\...\{90160000-012B-0405-1000-0000000FF1CE}) (Version: 16.0.4266.1001 - Microsoft Corporation) Hidden
Microsoft Update Health Tools (HKLM\...\{89581302-705F-42C5-99B0-E368A845DAD5}) (Version: 3.70.0.0 - Microsoft Corporation)
Microsoft VC++ redistributables repacked. (HKLM\...\{086F0A5E-ED95-4036-BB82-07DA166C1259}) (Version: 12.0.0.0 - Intel Corporation) Hidden
Microsoft VC++ redistributables repacked. (HKLM-x32\...\{AF1E3E65-2563-4A08-A66B-CC2B1A127E63}) (Version: 12.0.0.0 - Intel Corporation) Hidden
Microsoft Visual C++ 2005 Redistributable (HKLM-x32\...\{710f4c1c-cc18-4c49-8cbf-51240c89a1a2}) (Version: 8.0.61187 - Microsoft Corporation)
Microsoft Visual C++ 2005 Redistributable (HKLM-x32\...\{7299052b-02a4-4627-81f2-1818da5d550d}) (Version: 8.0.56336 - Microsoft Corporation)
Microsoft Visual C++ 2005 Redistributable (x64) (HKLM\...\{ad8a2fa1-06e7-4b0d-927d-6e54b3d31028}) (Version: 8.0.61186 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x64 9.0.30729.7523 (HKLM\...\{5FCE6D76-F5DC-37AB-B2B8-22AB8CEDB1D4}) (Version: 9.0.30729.7523 - Microsoft Corporation)
Microsoft Visual C++ 2010 x64 Redistributable - 10.0.40219 (HKLM\...\{1D8E6291-B0D5-35EC-8441-6616F567A0F7}) (Version: 10.0.40219 - Microsoft Corporation)
Microsoft Visual C++ 2010 x86 Redistributable - 10.0.40219 (HKLM-x32\...\{F0C3E5D1-1ADE-321E-8167-68EF0DE699A5}) (Version: 10.0.40219 - Microsoft Corporation)
Microsoft Visual C++ 2012 Redistributable (x64) - 11.0.60610 (HKLM-x32\...\{a1909659-0a08-4554-8af1-2175904903a1}) (Version: 11.0.60610.1 - Microsoft Corporation)
Microsoft Visual C++ 2012 Redistributable (x64) - 11.0.61030 (HKLM-x32\...\{ca67548a-5ebe-413a-b50c-4b9ceb6d66c6}) (Version: 11.0.61030.0 - Microsoft Corporation)
Microsoft Visual C++ 2012 Redistributable (x86) - 11.0.60610 (HKLM-x32\...\{95716cce-fc71-413f-8ad5-56c2892d4b3a}) (Version: 11.0.60610.1 - Microsoft Corporation)
Microsoft Visual C++ 2012 Redistributable (x86) - 11.0.61030 (HKLM-x32\...\{33d1fd90-4274-48a1-9bc1-97e33d9c2d6f}) (Version: 11.0.61030.0 - Microsoft Corporation)
Microsoft Visual C++ 2012 x64 Additional Runtime - 11.0.61135 (HKLM\...\{37B8F9C7-03FB-3253-8781-2517C99D7C00}) (Version: 11.0.61135 - Microsoft Corporation)
Microsoft Visual C++ 2012 x64 Minimum Runtime - 11.0.61135 (HKLM\...\{CF2BEA3C-26EA-32F8-AA9B-331F7E34BA97}) (Version: 11.0.61135 - Microsoft Corporation)
Microsoft Visual C++ 2012 x86 Additional Runtime - 11.0.61030 (HKLM-x32\...\{B175520C-86A2-35A7-8619-86DC379688B9}) (Version: 11.0.61030 - Microsoft Corporation) Hidden
Microsoft Visual C++ 2012 x86 Minimum Runtime - 11.0.61030 (HKLM-x32\...\{BD95A8CD-1D9F-35AD-981A-3E7925026EBB}) (Version: 11.0.61030 - Microsoft Corporation) Hidden
Microsoft Visual C++ 2013 Redistributable (x64) - 12.0.30501 (HKLM-x32\...\{050d4fc8-5d48-4b8f-8972-47c82c46020f}) (Version: 12.0.30501.0 - Microsoft Corporation)
Microsoft Visual C++ 2013 Redistributable (x86) - 12.0.30501 (HKLM-x32\...\{f65db027-aff3-4070-886a-0d87064aabb1}) (Version: 12.0.30501.0 - Microsoft Corporation)
Microsoft Visual C++ 2013 x64 Additional Runtime - 12.0.40660 (HKLM\...\{5740BD44-B58D-321A-AFC0-6D3D4556DD6C}) (Version: 12.0.40660 - Microsoft Corporation)
Microsoft Visual C++ 2013 x64 Minimum Runtime - 12.0.40660 (HKLM\...\{CB0836EC-B072-368D-82B2-D3470BF95707}) (Version: 12.0.40660 - Microsoft Corporation)
Microsoft Visual C++ 2013 x86 Additional Runtime - 12.0.21005 (HKLM-x32\...\{F8CFEB22-A2E7-3971-9EDA-4B11EDEFC185}) (Version: 12.0.21005 - Microsoft Corporation) Hidden
Microsoft Visual C++ 2013 x86 Minimum Runtime - 12.0.21005 (HKLM-x32\...\{13A4EE12-23EA-3371-91EE-EFB36DDFFF3E}) (Version: 12.0.21005 - Microsoft Corporation) Hidden
Microsoft Visual C++ 2015 Redistributable (x64) - 14.0.24210 (HKLM-x32\...\{f144e08f-9cbe-4f09-9a8c-f2b858b7ee7f}) (Version: 14.0.24210.0 - Microsoft Corporation)
Microsoft Visual C++ 2015-2019 Redistributable (x64) - 14.22.27821 (HKLM-x32\...\{6361b579-2795-4886-b2a8-53d5239b6452}) (Version: 14.22.27821.0 - Microsoft Corporation)
Microsoft Visual C++ 2015-2019 Redistributable (x64) - 14.28.29334 (HKLM-x32\...\{a9cfe9c7-e54f-46cd-9c5c-542ff8e3e8c4}) (Version: 14.28.29334.0 - Microsoft Corporation)
Microsoft Visual C++ 2015-2019 Redistributable (x86) - 14.28.29334 (HKLM-x32\...\{b2d0f752-adc5-496e-8f70-8669de01f746}) (Version: 14.28.29334.0 - Microsoft Corporation)
Microsoft Visual C++ 2017 Redistributable (x86) - 14.13.26020 (HKLM-x32\...\{5c045b7f-e561-4794-91f8-c6cda0893107}) (Version: 14.13.26020.0 - Microsoft Corporation)
Microsoft Visual C++ 2019 X64 Additional Runtime - 14.28.29334 (HKLM\...\{2E11EF4E-901F-4B2D-B68E-3DB2A566C857}) (Version: 14.28.29334 - Microsoft Corporation) Hidden
Microsoft Visual C++ 2019 X64 Minimum Runtime - 14.28.29334 (HKLM\...\{8A3F7D5B-422D-49D9-84F7-8DC1B7782967}) (Version: 14.28.29334 - Microsoft Corporation) Hidden
Microsoft Visual C++ 2019 X86 Additional Runtime - 14.28.29334 (HKLM-x32\...\{14C49FC8-3E9B-4F29-8526-26629B5CF30B}) (Version: 14.28.29334 - Microsoft Corporation) Hidden
Microsoft Visual C++ 2019 X86 Minimum Runtime - 14.28.29334 (HKLM-x32\...\{0D01A812-82A1-481F-8546-8E28E976F8DF}) (Version: 14.28.29334 - Microsoft Corporation) Hidden
Microsoft Word MUI (Czech) 2016 (HKLM\...\{90160000-001B-0405-1000-0000000FF1CE}) (Version: 16.0.4266.1001 - Microsoft Corporation) Hidden
Nástroje kontroly pravopisu pro Microsoft Office 2016 – čeština (HKLM\...\{90160000-001F-0405-1000-0000000FF1CE}) (Version: 16.0.4266.1001 - Microsoft Corporation) Hidden
Nástroje korektúry balíka Microsoft Office 2016 - slovenčina (HKLM\...\{90160000-001F-041B-1000-0000000FF1CE}) (Version: 16.0.4266.1001 - Microsoft Corporation) Hidden
NVIDIA FrameView SDK 1.3.8513.32290073 (HKLM\...\{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_FrameViewSdk) (Version: 1.3.8513.32290073 - NVIDIA Corporation)
NVIDIA GeForce Experience 3.27.0.112 (HKLM\...\{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_Display.GFExperience) (Version: 3.27.0.112 - NVIDIA Corporation)
NVIDIA Ovladač HD audia 1.3.39.16 (HKLM\...\{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_HDAudio.Driver) (Version: 1.3.39.16 - NVIDIA Corporation)
NVIDIA Ovladače grafiky 528.24 (HKLM\...\{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_Display.Driver) (Version: 528.24 - NVIDIA Corporation)
NVIDIA Systémový software PhysX 9.21.0713 (HKLM\...\{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_Display.PhysX) (Version: 9.21.0713 - NVIDIA Corporation)
PunkBuster Services (HKLM-x32\...\PunkBusterSvc) (Version: 0.986 - Even Balance, Inc.)
Realtek High Definition Audio Driver (HKLM-x32\...\{F132AF7F-7BCA-4EDE-8A7C-958108FE7DBC}) (Version: 6.0.9071.1 - Realtek Semiconductor Corp.)
Resident Evil 3 (HKLM-x32\...\{0AB12428-E09F-4BD2-8FC2-3721F6B0BDAA}) (Version: 1.0.0 - CAPCOM)
Rockstar Games Social Club (HKLM-x32\...\{08B3869E-D282-424C-9AFC-870E04A4BA14}) (Version: 1.00.0000 - Rockstar Games)
Tropico 6 (HKLM-x32\...\Tropico 6_is1) (Version: - )
Two Point Hospital Speedy Recovery (HKLM-x32\...\FLT_TPH) (Version: - )
Ubisoft Game Launcher (HKLM-x32\...\{888F1505-C2B3-4FDE-835D-36353EBD4754}) (Version: 1.0.0.0 - UBISOFT)
VLC media player (HKLM-x32\...\VLC media player) (Version: 3.0.5 - VideoLAN)
Webshare klient (HKLM-x32\...\Webshare klient) (Version: - )
WinRAR 5.70 (64-bit) (HKLM\...\WinRAR archiver) (Version: 5.70.0 - win.rar GmbH)

Packages:
=========
Microsoft Advertising SDK for XAML -> C:\Program Files\WindowsApps\Microsoft.Advertising.Xaml_10.1811.1.0_x64__8wekyb3d8bbwe [2022-01-26] (Microsoft Corporation) [MS Ad]
Microsoft Advertising SDK for XAML -> C:\Program Files\WindowsApps\Microsoft.Advertising.Xaml_10.1811.1.0_x86__8wekyb3d8bbwe [2022-01-26] (Microsoft Corporation) [MS Ad]
NVIDIA Control Panel -> C:\Program Files\WindowsApps\NVIDIACorp.NVIDIAControlPanel_8.1.964.0_x64__56jybvy8sckqj [2023-03-21] (NVIDIA Corp.)
Realtek Audio Control -> C:\Program Files\WindowsApps\RealtekSemiconductorCorp.RealtekAudioControl_1.29.256.0_x64__dt26b99r8h8gj [2021-12-11] (Realtek Semiconductor Corp)

==================== Custom CLSID (Whitelisted): ==============

(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)

ContextMenuHandlers1: [WinRAR] -> {B41DB860-64E4-11D2-9906-E49FADC173CA} => C:\Program Files\WinRAR\rarext.dll [2019-02-24] (win.rar GmbH -> Alexander Roshal)
ContextMenuHandlers1-x32: [WinRAR32] -> {B41DB860-8EE4-11D2-9906-E49FADC173CA} => C:\Program Files\WinRAR\rarext32.dll [2019-02-24] (win.rar GmbH -> Alexander Roshal)
ContextMenuHandlers2: [DaemonShellExtDriveLite] -> {C06369D6-E77D-4626-9656-1256312BD576} => C:\Program Files\DAEMON Tools Lite\DTShl64.dll [2018-12-17] (AVB Disc Soft, SIA -> Disc Soft Ltd)
ContextMenuHandlers3: [DaemonShellExtImageLite] -> {1D1B5D7B-0FC9-452E-902C-12BACD4FBC20} => C:\Program Files\DAEMON Tools Lite\DTShl64.dll [2018-12-17] (AVB Disc Soft, SIA -> Disc Soft Ltd)
ContextMenuHandlers5: [NvCplDesktopContext] -> {3D1975AF-48C6-4f8e-A182-BE0E08FA86A9} => C:\WINDOWS\System32\DriverStore\FileRepository\nv_dispi.inf_amd64_d1bd230cd08e7436\nvshext.dll [2023-01-18] (NVIDIA Corporation -> NVIDIA Corporation)
ContextMenuHandlers6: [WinRAR] -> {B41DB860-64E4-11D2-9906-E49FADC173CA} => C:\Program Files\WinRAR\rarext.dll [2019-02-24] (win.rar GmbH -> Alexander Roshal)
ContextMenuHandlers6-x32: [WinRAR32] -> {B41DB860-8EE4-11D2-9906-E49FADC173CA} => C:\Program Files\WinRAR\rarext32.dll [2019-02-24] (win.rar GmbH -> Alexander Roshal)

==================== Codecs (Whitelisted) ====================

==================== Shortcuts & WMI ========================

==================== Loaded Modules (Whitelisted) =============

2018-05-02 12:10 - 2018-05-02 12:10 - 000419328 ____R () [File not signed] C:\Program Files\Intel\Wired Networking\NCS2\Agent\AdapterAgnt.DLL
2018-05-02 12:08 - 2018-05-02 12:08 - 001620480 ____R (Intel(R) Corporation) [File not signed] C:\Program Files\Intel\Wired Networking\NCS2\Agent\CoreAgnt.dll
2018-05-02 12:09 - 2018-05-02 12:09 - 000411136 _____ (Intel(R) Corporation) [File not signed] C:\Program Files\Intel\Wired Networking\NCS2\Agent\Rule.DLL
2018-05-02 12:10 - 2018-05-02 12:10 - 000902144 ____R (Intel(R) Corporation) [File not signed] C:\Program Files\Intel\Wired Networking\NCS2\Agent\VlanAgent.dll
2018-05-03 12:30 - 2018-05-03 12:30 - 000349696 _____ (Intel(R) Corporation) [File not signed] C:\Windows\system32\NCS2Setp.dll
2018-05-02 12:07 - 2018-05-02 12:07 - 004749824 _____ (Intel(R) Corporation) [File not signed] C:\WINDOWS\SYSTEM32\NcsColib.dll

==================== Alternate Data Streams (Whitelisted) ========

==================== Safe Mode (Whitelisted) ==================

==================== Association (Whitelisted) =================

==================== Internet Explorer (Whitelisted) ==========

BHO-x32: Microsoft OneDrive for Business Browser Helper -> {D0498E0A-45B7-42AE-A9AA-ABA463DBD3BF} -> C:\Program Files (x86)\Microsoft Office\Office16\GROOVEEX.DLL [2015-07-31] (Microsoft Corporation -> Microsoft Corporation)
Handler: mso-minsb.16 - {3459B272-CC19-4448-86C9-DDC3B4B2FAD3} - C:\Program Files\Microsoft Office\Office16\MSOSB.DLL [2015-07-31] (Microsoft Corporation -> Microsoft Corporation)
Handler-x32: mso-minsb.16 - {3459B272-CC19-4448-86C9-DDC3B4B2FAD3} - C:\Program Files (x86)\Microsoft Office\Office16\MSOSB.DLL [2015-07-31] (Microsoft Corporation -> Microsoft Corporation)
Handler: osf.16 - {5504BE45-A83B-4808-900A-3A5C36E7F77A} - C:\Program Files\Microsoft Office\Office16\MSOSB.DLL [2015-07-31] (Microsoft Corporation -> Microsoft Corporation)
Handler-x32: osf.16 - {5504BE45-A83B-4808-900A-3A5C36E7F77A} - C:\Program Files (x86)\Microsoft Office\Office16\MSOSB.DLL [2015-07-31] (Microsoft Corporation -> Microsoft Corporation)

==================== Hosts content: =========================

(If needed Hosts: directive could be included in the fixlist to reset Hosts.)

2018-09-15 09:31 - 2022-08-31 17:14 - 000002281 _____ C:\WINDOWS\system32\drivers\etc\hosts
127.0.0.1 localhost
109.94.209.70 *.fitgirl-repacks.xyz # Fake FitGirl site
109.94.209.70 www.fitgirl-repack.net # Fake FitGirl site
109.94.209.70 fitgirlrepacks.in # Fake FitGirl site
109.94.209.70 www.fitgirlrepacks.in # Fake FitGirl site
109.94.209.70 fitgirlrepacks.co # Fake FitGirl site
109.94.209.70 fitgirl-repacks.cc # Fake FitGirl site
109.94.209.70 fitgirl-repacks.to # Fake FitGirl site
109.94.209.70 fitgirl-repack.com # Fake FitGirl site
109.94.209.70 fitgirl-repacks.website # Fake FitGirl site
109.94.209.70 fitgirlrepack.games # Fake FitGirl site
109.94.209.70 www.fitgirlrepacks.co # Fake FitGirl site
109.94.209.70 www.fitgirl-repacks.cc # Fake FitGirl site
109.94.209.70 www.fitgirl-repacks.to # Fake FitGirl site
109.94.209.70 www.fitgirl-repack.com # Fake FitGirl site
109.94.209.70 www.fitgirl-repacks.website # Fake FitGirl site
109.94.209.70 ww9.fitgirl-repacks.xyz # Fake FitGirl site
109.94.209.70 www.fitgirlrepack.games # Fake FitGirl site
109.94.209.70 *.fitgirl-repacks.xyz # Fake FitGirl site
109.94.209.70 fitgirl-repacks.xyz # Fake FitGirl site
109.94.209.70 fitgirl-repack.net # Fake FitGirl site

==================== Other Areas ===========================

(Currently there is no automatic fix for this section.)

HKLM\System\CurrentControlSet\Control\Session Manager\Environment\\Path -> C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\iCLS\;C:\Program Files\Intel\Intel(R) Management Engine Components\iCLS\;C:\Windows\system32;C:\Windows;C:\Windows\System32\Wbem;C:\Windows\System32\WindowsPowerShell\v1.0\;C:\Windows\System32\OpenSSH\;C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\DAL;C:\Program Files\Intel\Intel(R) Management Engine Components\DAL;C:\Program Files (x86)\NVIDIA Corporation\PhysX\Common;C:\WINDOWS\system32;C:\WINDOWS;C:\WINDOWS\System32\Wbem;C:\WINDOWS\System32\WindowsPowerShell\v1.0\;C:\WINDOWS\System32\OpenSSH\;C:\Program Files\NVIDIA Corporation\NVIDIA NvDLISR
HKU\S-1-5-21-1331974727-954974268-3080333680-1001\Control Panel\Desktop\\Wallpaper -> C:\Users\Zdeněk\Desktop\Island-Beach-2560x1600.jpg
DNS Servers: 192.168.0.1
HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Policies\System => (ConsentPromptBehaviorAdmin: 0) (ConsentPromptBehaviorUser: 3) (EnableLUA: 1)
HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer => (SmartScreenEnabled: Off)
Windows Firewall is enabled.

==================== MSCONFIG/TASK MANAGER disabled items ==

(If an entry is included in the fixlist, it will be removed.)

HKLM\...\StartupApproved\Run: => "Acronis Scheduler2 Service"
HKLM\...\StartupApproved\Run: => "Reflect UI"
HKLM\...\StartupApproved\Run32: => "Dropbox"
HKLM\...\StartupApproved\Run32: => "AcronisTibMounterMonitor"
HKLM\...\StartupApproved\Run32: => "TrueImageMonitor.exe"
HKLM\...\StartupApproved\Run32: => "Adobe ARM"
HKU\S-1-5-21-1331974727-954974268-3080333680-1001\...\StartupApproved\Run: => "DAEMON Tools Lite Automount"
HKU\S-1-5-21-1331974727-954974268-3080333680-1001\...\StartupApproved\Run: => "SpyEmergency"
HKU\S-1-5-21-1331974727-954974268-3080333680-1001\...\StartupApproved\Run: => "Steam"
HKU\S-1-5-21-1331974727-954974268-3080333680-1001\...\StartupApproved\Run: => "CCleaner Smart Cleaning"

==================== FirewallRules (Whitelisted) ================

(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)

FirewallRules: [UDP Query User{7AA757EF-0D7D-4820-A1A1-A10097F39949}E:\medal of honor - allied assault war chest\mohaa.exe] => (Block) E:\medal of honor - allied assault war chest\mohaa.exe => No File
FirewallRules: [TCP Query User{14BC9007-9A43-49B6-BA9C-0A5F6546ACEA}E:\medal of honor - allied assault war chest\mohaa.exe] => (Block) E:\medal of honor - allied assault war chest\mohaa.exe => No File
FirewallRules: [UDP Query User{06E845EA-6E73-40E3-9362-E7D43C20EBD4}E:\dying light\dyinglightgame.exe] => (Block) E:\dying light\dyinglightgame.exe (Techland S.A. -> Techland)
FirewallRules: [TCP Query User{6EA0FF99-EF89-47BF-925F-4078A4A681B5}E:\dying light\dyinglightgame.exe] => (Block) E:\dying light\dyinglightgame.exe (Techland S.A. -> Techland)
FirewallRules: [UDP Query User{7CBB64D1-AA70-4089-A687-E73A4FCDCDF5}E:\battlefield 4\bf4.exe] => (Block) E:\battlefield 4\bf4.exe (EA Digital Illusions CE AB) [File not signed]
FirewallRules: [TCP Query User{97AB3944-084F-475B-81E6-73FF8CE32D28}E:\battlefield 4\bf4.exe] => (Block) E:\battlefield 4\bf4.exe (EA Digital Illusions CE AB) [File not signed]
FirewallRules: [{319288B8-A402-4EA4-AB61-785F757D2032}] => (Allow) E:\bat5\bfv.exe (EA Digital Illusions CE AB) [File not signed]
FirewallRules: [{B8258F12-8A50-406B-8329-5A9766834FCF}] => (Allow) E:\bat5\bfv.exe (EA Digital Illusions CE AB) [File not signed]
FirewallRules: [{332C831A-FB35-4672-A20F-02BAD06ABCED}] => (Allow) E:\bat5\bfvTrial.exe (Electronic Arts, Inc. -> EA Digital Illusions CE AB)
FirewallRules: [{260BDF5E-650D-4814-A876-CBC270BE2D71}] => (Allow) E:\bat5\bfvTrial.exe (Electronic Arts, Inc. -> EA Digital Illusions CE AB)
FirewallRules: [UDP Query User{6AA52CE5-A2D6-4FA1-A1B2-8AA7C6AD47CF}E:\sniper ghost warrior contracts 2\win_x64\sgwcontracts2.exe] => (Block) E:\sniper ghost warrior contracts 2\win_x64\sgwcontracts2.exe => No File
FirewallRules: [TCP Query User{6C64E323-ACF8-4F05-99F3-219B8A115C66}E:\sniper ghost warrior contracts 2\win_x64\sgwcontracts2.exe] => (Block) E:\sniper ghost warrior contracts 2\win_x64\sgwcontracts2.exe => No File
FirewallRules: [UDP Query User{395850B5-9877-48D9-B060-64DB276EFEC5}E:\zombie army 4 - dead war\bin\za4_vulkan.exe] => (Block) E:\zombie army 4 - dead war\bin\za4_vulkan.exe (Rebellion) [File not signed]
FirewallRules: [TCP Query User{7D0485EA-4CDB-4B76-BEC8-A4C8760CA989}E:\zombie army 4 - dead war\bin\za4_vulkan.exe] => (Block) E:\zombie army 4 - dead war\bin\za4_vulkan.exe (Rebellion) [File not signed]
FirewallRules: [{33BB5E7F-25F5-4FD7-82ED-76B71C7EBDFA}] => (Allow) C:\Program Files\DAEMON Tools Lite\DiscSoftBusServiceLite.exe (AVB Disc Soft, SIA -> Disc Soft Ltd)
FirewallRules: [{7FCF5C76-9A6D-4069-B621-A7D1BDCEA307}] => (Allow) C:\Program Files (x86)\Ubisoft\Ubisoft Game Launcher\UbisoftGameLauncher.exe (Ubisoft Entertainment Sweden AB -> Ubisoft)
FirewallRules: [{D2AF486E-A044-4178-AB72-7FF55A986497}] => (Allow) C:\Program Files (x86)\Ubisoft\Ubisoft Game Launcher\UbisoftGameLauncher.exe (Ubisoft Entertainment Sweden AB -> Ubisoft)
FirewallRules: [{A3575A06-EAF6-4286-AF10-94578C24E506}] => (Allow) C:\Windows\SysWOW64\PnkBstrA.exe (Even Balance, Inc. -> )
FirewallRules: [{1BF384D8-526F-452B-A1FA-E5E3F5790F51}] => (Allow) C:\Windows\SysWOW64\PnkBstrA.exe (Even Balance, Inc. -> )
FirewallRules: [{0E87C132-6E00-424A-875F-238124344F21}] => (Allow) C:\Windows\SysWOW64\PnkBstrB.exe (Even Balance, Inc. -> )
FirewallRules: [{9FA06D24-1024-4F68-909B-4591364E0305}] => (Allow) C:\Windows\SysWOW64\PnkBstrB.exe (Even Balance, Inc. -> )
FirewallRules: [TCP Query User{FEF10CD6-FE40-4F3E-93F7-067A946DE69D}E:\age of empires iv dll\reliccardinal.exe] => (Block) E:\age of empires iv dll\reliccardinal.exe (RELIC ENTERTAINMENT, INC. -> Relic Entertainment)
FirewallRules: [UDP Query User{9BF562F1-4EFE-4E17-9A66-009CCD915410}E:\age of empires iv dll\reliccardinal.exe] => (Block) E:\age of empires iv dll\reliccardinal.exe (RELIC ENTERTAINMENT, INC. -> Relic Entertainment)
FirewallRules: [{28248242-44FC-40E9-BE66-816B3469C8BC}] => (Allow) C:\Program Files\NVIDIA Corporation\NvContainer\nvcontainer.exe (Nvidia Corporation -> NVIDIA Corporation)
FirewallRules: [{87F89E12-A7D7-4D94-8528-52EF84FE29A4}] => (Allow) C:\Program Files\NVIDIA Corporation\NvContainer\nvcontainer.exe (Nvidia Corporation -> NVIDIA Corporation)
FirewallRules: [TCP Query User{76B0B1DA-8E51-400C-BCFD-5C4A4CC1845C}E:\far cry 6\bin\farcry6.exe] => (Allow) E:\far cry 6\bin\farcry6.exe (UBISOFT ENTERTAINMENT INC. -> Ubisoft Entertainment) [File not signed]
FirewallRules: [UDP Query User{52B3BC95-292D-421A-99FE-278547A52DDF}E:\far cry 6\bin\farcry6.exe] => (Allow) E:\far cry 6\bin\farcry6.exe (UBISOFT ENTERTAINMENT INC. -> Ubisoft Entertainment) [File not signed]
FirewallRules: [TCP Query User{E6EDC9B1-DFC7-4601-9736-3FA5B654F617}E:\saints row\sr5\saintsrow.exe] => (Block) E:\saints row\sr5\saintsrow.exe => No File
FirewallRules: [UDP Query User{078434D5-DB48-4068-988A-53E8DC5BEEF0}E:\saints row\sr5\saintsrow.exe] => (Block) E:\saints row\sr5\saintsrow.exe => No File
FirewallRules: [TCP Query User{A823B3DF-F8B8-4627-AF06-620CCD05C1D9}E:\saints row\sr5\saintsrow_vulkan.exe] => (Block) E:\saints row\sr5\saintsrow_vulkan.exe => No File
FirewallRules: [UDP Query User{BFC6D131-1269-40CD-9C5F-25993EAE12C8}E:\saints row\sr5\saintsrow_vulkan.exe] => (Block) E:\saints row\sr5\saintsrow_vulkan.exe => No File
FirewallRules: [TCP Query User{531D47CB-819A-43A5-8AFB-8A3B5447FA3A}E:\saints row\sr5\saintsrow_dx12.exe] => (Block) E:\saints row\sr5\saintsrow_dx12.exe => No File
FirewallRules: [UDP Query User{AD65B834-6518-431B-AE67-6190E6466E6E}E:\saints row\sr5\saintsrow_dx12.exe] => (Block) E:\saints row\sr5\saintsrow_dx12.exe => No File
FirewallRules: [TCP Query User{07EAA3C0-4B71-4F1C-90FB-7513C97AFC16}E:\battlefield 4\bf4_x86.exe] => (Block) E:\battlefield 4\bf4_x86.exe (EA Digital Illusions CE AB) [File not signed]
FirewallRules: [UDP Query User{794F81EF-FCAC-423D-800A-9C644C7699C4}E:\battlefield 4\bf4_x86.exe] => (Block) E:\battlefield 4\bf4_x86.exe (EA Digital Illusions CE AB) [File not signed]
FirewallRules: [{DDFB181B-42E2-4FC4-8437-E357BC790E87}] => (Allow) C:\Program Files\NVIDIA Corporation\NvContainer\nvcontainer.exe (Nvidia Corporation -> NVIDIA Corporation)
FirewallRules: [{BE9BB2D0-38BF-4B44-8616-4BB6D049A4BF}] => (Allow) C:\Program Files\NVIDIA Corporation\NvContainer\nvcontainer.exe (Nvidia Corporation -> NVIDIA Corporation)
FirewallRules: [{125A7B3E-D5C0-4028-A47E-CA8CD0DE0916}] => (Allow) C:\Program Files\NVIDIA Corporation\NvStreamSrv\nvstreamer.exe (Nvidia Corporation -> NVIDIA Corporation)
FirewallRules: [{BDFAAE9D-4AD3-42F6-AA86-6A1399FA2C52}] => (Allow) C:\Program Files\NVIDIA Corporation\NvStreamSrv\nvstreamer.exe (Nvidia Corporation -> NVIDIA Corporation)
FirewallRules: [TCP Query User{7DA971EC-E092-40AE-A02D-A10FC037B975}E:\assassins creed iii remastered\aciii.exe] => (Block) E:\assassins creed iii remastered\aciii.exe (Ubisoft Entertainment -> )
FirewallRules: [UDP Query User{16055DB7-9BFE-4A45-B5E6-8F0CEF3308EA}E:\assassins creed iii remastered\aciii.exe] => (Block) E:\assassins creed iii remastered\aciii.exe (Ubisoft Entertainment -> )
FirewallRules: [TCP Query User{607E3CF2-0426-4A4F-A721-46E5CA965CA4}E:\homefront the revolution\bin64\homefront2_release.exe] => (Block) E:\homefront the revolution\bin64\homefront2_release.exe (Dambuster Studios) [File not signed]
FirewallRules: [UDP Query User{10F49AF4-C9AC-4722-83A0-3C35C3E27C53}E:\homefront the revolution\bin64\homefront2_release.exe] => (Block) E:\homefront the revolution\bin64\homefront2_release.exe (Dambuster Studios) [File not signed]
FirewallRules: [TCP Query User{B2827811-6C0A-484C-9CB0-52204E50D4F8}E:\planet zoo\planetzoo.exe] => (Block) E:\planet zoo\planetzoo.exe => No File
FirewallRules: [UDP Query User{73283E38-9CAB-4538-A325-1E5B060D0432}E:\planet zoo\planetzoo.exe] => (Block) E:\planet zoo\planetzoo.exe => No File
FirewallRules: [{E282FE9C-C2E0-4351-A46E-D015459E08D3}] => (Allow) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe (Google LLC -> Google LLC)
FirewallRules: [{8ADD7F40-AC17-4AE1-9FFE-391C89005776}] => (Allow) C:\Program Files (x86)\Microsoft\EdgeWebView\Application\111.0.1661.62\msedgewebview2.exe (Microsoft Corporation -> Microsoft Corporation)

==================== Restore Points =========================

28-03-2023 16:32:52 Instalační služba modulů systému Windows
28-03-2023 16:34:14 Windows Zálohování
28-03-2023 16:38:03 Instalační služba modulů systému Windows
03-04-2023 16:36:54 Windows Zálohování

==================== Faulty Device Manager Devices ============

==================== Event log errors: ========================

Application errors:
==================
Error: (03/28/2023 05:06:01 PM) (Source: Microsoft-Windows-Defrag) (EventID: 264) (User: )
Description: Optimalizátor úložiště nemohl dokončit opakovat operaci trim na Záloha (D:), protože: Požadovaná operace není podporována hardwarem, který zálohuje svazek. (0x8900002A)

Error: (03/28/2023 04:45:00 PM) (Source: Windows Backup) (EventID: 4104) (User: )
Description: Zálohování nebylo úspěšné. Chyba: Operace nebyla úspěšně dokončena, protože soubor obsahuje virus nebo potenciálně nežádoucí software. (0x800700E1).

Error: (03/21/2023 04:53:55 PM) (Source: Application Error) (EventID: 1000) (User: )
Description: Název chybující aplikace: explorer.exe, verze: 10.0.19041.2546, časové razítko: 0x8ddd4305
Název chybujícího modulu: unknown, verze: 0.0.0.0, časové razítko: 0x00000000
Kód výjimky: 0xc0000005
Posun chyby: 0x72a277d0
ID chybujícího procesu: 0x734
Čas spuštění chybující aplikace: 0x01d95c04f5843da2
Cesta k chybující aplikaci: C:\WINDOWS\SysWOW64\explorer.exe
Cesta k chybujícímu modulu: unknown
ID zprávy: c828ce36-65d7-4545-ab8d-9fa7e1de63ed
Úplný název chybujícího balíčku:
ID aplikace související s chybujícím balíčkem:

Error: (03/13/2023 10:20:26 AM) (Source: Application Hang) (EventID: 1002) (User: )
Description: Program Webshare klient.exe verze 8.6.2.4 přestal spolupracovat s Windows a byl ukončen. Pokud chcete zjistit, jestli je k dispozici více informací o tomto problému, vyhledejte historii problému na ovládacím panelu Zabezpečení a údržba.

ID procesu: 12d0

Čas spuštění: 01d9558485bd5768

Čas ukončení: 4294967295

Cesta k aplikaci: C:\Program Files\Webshare klient\Webshare klient.exe

ID hlášení: 2177af85-f5f8-4547-ad7e-c17edd9b6fc6

Úplný název balíčku s chybou:

ID aplikace relativní podle balíčku s chybou:

Typ zablokování: Top level window is idle

Error: (03/02/2023 05:04:24 PM) (Source: Application Error) (EventID: 1000) (User: )
Description: Název chybující aplikace: explorer.exe, verze: 10.0.19041.2546, časové razítko: 0x8ddd4305
Název chybujícího modulu: unknown, verze: 0.0.0.0, časové razítko: 0x00000000
Kód výjimky: 0xc0000005
Posun chyby: 0x731877d0
ID chybujícího procesu: 0x18c4
Čas spuštění chybující aplikace: 0x01d94d1846c1855e
Cesta k chybující aplikaci: C:\WINDOWS\SysWOW64\explorer.exe
Cesta k chybujícímu modulu: unknown
ID zprávy: a64ce298-2faa-48a6-b74b-07646b885796
Úplný název chybujícího balíčku:
ID aplikace související s chybujícím balíčkem:

Error: (02/15/2023 04:14:58 PM) (Source: Microsoft-Windows-Defrag) (EventID: 264) (User: )
Description: Optimalizátor úložiště nemohl dokončit opakovat operaci trim na Záloha (D:), protože: Požadovaná operace není podporována hardwarem, který zálohuje svazek. (0x8900002A)

Error: (02/15/2023 04:05:31 PM) (Source: Application Error) (EventID: 1000) (User: )
Description: Název chybující aplikace: ACS.exe, verze: 0.0.0.0, časové razítko: 0x57b2e43b
Název chybujícího modulu: ACS.exe, verze: 0.0.0.0, časové razítko: 0x57b2e43b
Kód výjimky: 0xc0000005
Posun chyby: 0x00000000023259e2
ID chybujícího procesu: 0x1418
Čas spuštění chybující aplikace: 0x01d94139be771c4a
Cesta k chybující aplikaci: E:\Assassins Creed Syndicate\ACS.exe
Cesta k chybujícímu modulu: E:\Assassins Creed Syndicate\ACS.exe
ID zprávy: fc2dad4a-1818-4180-a7c4-46f64c0d2482
Úplný název chybujícího balíčku:
ID aplikace související s chybujícím balíčkem:

Error: (02/14/2023 05:58:26 PM) (Source: SecurityCenter) (EventID: 17) (User: )
Description: Centru zabezpečení se nepodařilo ověřit volajícího s chybou %1.

System errors:
=============
Error: (03/28/2023 04:44:53 PM) (Source: Microsoft-Windows-FilterManager) (EventID: 3) (User: NT AUTHORITY)
Description: Připojení správce filtrů ke svazku \Device\HarddiskVolume83 se nezdařilo. Tento svazek nebude až do restartování k dispozici pro filtrování. Konečný stav: 0xc03a001c.

Error: (03/28/2023 04:44:53 PM) (Source: Microsoft-Windows-FilterManager) (EventID: 3) (User: NT AUTHORITY)
Description: Připojení správce filtrů ke svazku \Device\HarddiskVolume83 se nezdařilo. Tento svazek nebude až do restartování k dispozici pro filtrování. Konečný stav: 0xc03a001c.

Error: (03/28/2023 04:40:45 PM) (Source: Microsoft-Windows-FilterManager) (EventID: 3) (User: NT AUTHORITY)
Description: Připojení správce filtrů ke svazku \Device\HarddiskVolume81 se nezdařilo. Tento svazek nebude až do restartování k dispozici pro filtrování. Konečný stav: 0xc03a001c.

Error: (03/28/2023 04:40:45 PM) (Source: Microsoft-Windows-FilterManager) (EventID: 3) (User: NT AUTHORITY)
Description: Připojení správce filtrů ke svazku \Device\HarddiskVolume81 se nezdařilo. Tento svazek nebude až do restartování k dispozici pro filtrování. Konečný stav: 0xc03a001c.

Error: (03/28/2023 04:40:25 PM) (Source: Microsoft-Windows-FilterManager) (EventID: 3) (User: NT AUTHORITY)
Description: Připojení správce filtrů ke svazku \Device\HarddiskVolume70 se nezdařilo. Tento svazek nebude až do restartování k dispozici pro filtrování. Konečný stav: 0xc03a001c.

Error: (03/28/2023 04:40:25 PM) (Source: Microsoft-Windows-FilterManager) (EventID: 3) (User: NT AUTHORITY)
Description: Připojení správce filtrů ke svazku \Device\HarddiskVolume70 se nezdařilo. Tento svazek nebude až do restartování k dispozici pro filtrování. Konečný stav: 0xc03a001c.

Error: (03/28/2023 04:40:25 PM) (Source: Microsoft-Windows-FilterManager) (EventID: 3) (User: NT AUTHORITY)
Description: Připojení správce filtrů ke svazku \Device\HarddiskVolume70 se nezdařilo. Tento svazek nebude až do restartování k dispozici pro filtrování. Konečný stav: 0xc03a001c.

Error: (03/28/2023 04:40:25 PM) (Source: Microsoft-Windows-FilterManager) (EventID: 3) (User: NT AUTHORITY)
Description: Připojení správce filtrů ke svazku \Device\HarddiskVolume70 se nezdařilo. Tento svazek nebude až do restartování k dispozici pro filtrování. Konečný stav: 0xc03a001c.

Windows Defender:
================
Date: 2023-04-03 16:37:24
Description:
Antivirová ochrana v programu Microsoft Defender zjistil malware nebo jiný potenciálně nežádoucí software.
Další informace:
https://go.microsoft.com/fwlink/?linkid ... terprise=0
Název: Trojan:Win32/Wacatac.B!ml
Závažnost: Vážné
Kategorie: Trojský kůň
Cesta: file:_\Device\HarddiskVolumeShadowCopy14\Users\Zdeněk\AppData\Roaming\Microsoft\Windows\Templates\Torrant.exe
Původ detekce: Neznámý
Typ detekce: Konkrétní
Zdroj detekce: Ochrana v reálném čase
Uživatel: NT AUTHORITY\SYSTEM
Název procesu: C:\Windows\System32\svchost.exe
Verze bezpečnostních informací: AV: 1.385.1937.0, AS: 1.385.1937.0, NIS: 1.385.1937.0
Verze modulu: AM: 1.1.20100.6, NIS: 1.1.20100.6

Date: 2023-04-01 17:51:23
Description:
Prohledávání Antivirová ochrana v programu Microsoft Defender bylo zastaveno před dokončením.
ID prohledávání: {19E44C29-BE43-48F7-A5A4-4A8E617FA683}
Typ prohledávání: Antimalwarový program
Parametry prohledávání: Rychlé prohledávání
Uživatel: NT AUTHORITY\SYSTEM

Date: 2023-03-28 18:25:03
Description:
Prohledávání Antivirová ochrana v programu Microsoft Defender bylo zastaveno před dokončením.
ID prohledávání: {1D47B6DF-E69D-4F2D-A07E-733830A24B57}
Typ prohledávání: Antimalwarový program
Parametry prohledávání: Rychlé prohledávání
Uživatel: DESKTOP-QJEFONI\Zdeněk

Date: 2023-03-28 16:39:39
Description:
Antivirová ochrana v programu Microsoft Defender zjistil malware nebo jiný potenciálně nežádoucí software.
Další informace:
https://go.microsoft.com/fwlink/?linkid ... terprise=0
Název: Trojan:Win32/Wacatac.B!ml
Závažnost: Vážné
Kategorie: Trojský kůň
Cesta: file:_\Device\HarddiskVolumeShadowCopy21\Users\Zdeněk\AppData\Roaming\Microsoft\Windows\Templates\Torrant.exe
Původ detekce: Neznámý
Typ detekce: Konkrétní
Zdroj detekce: Ochrana v reálném čase
Uživatel: NT AUTHORITY\SYSTEM
Název procesu: C:\Windows\System32\svchost.exe
Verze bezpečnostních informací: AV: 1.385.883.0, AS: 1.385.883.0, NIS: 1.385.883.0
Verze modulu: AM: 1.1.20100.6, NIS: 1.1.20100.6

Date: 2023-01-31 17:17:25
Description:
Prohledávání Antivirová ochrana v programu Microsoft Defender bylo zastaveno před dokončením.
ID prohledávání: {4FA7CB91-8E3B-4FAD-BF05-B28856992D47}
Typ prohledávání: Antimalwarový program
Parametry prohledávání: Rychlé prohledávání
Uživatel: NT AUTHORITY\SYSTEM
Event[0]:

Date: 2022-11-21 04:15:25
Description:
Antivirová ochrana v programu Microsoft Defender narazil na chybu při pokusu o aktualizaci bezpečnostních informací.
Nová verze bezpečnostních informací:
Předchozí verze bezpečnostních informací: 1.379.184.0
Zdroj aktualizace: Server Microsoft Update
Typ bezpečnostních informací: Antivirový program
Typ aktualizace: Úplné
Uživatel: NT AUTHORITY\SYSTEM
Aktuální verze modulu:
Předchozí verze modulu: 1.1.19800.4
Kód chyby: 0x80246007
Popis chyby: Při zjišťování aktualizací došlo k neočekávaným potížím. Informace o instalaci nebo řešení potíží s aktualizacemi naleznete v nápovědě a podpoře.

Date: 2022-11-21 04:15:21
Description:
Antivirová ochrana v programu Microsoft Defender narazil na chybu při pokusu o aktualizaci bezpečnostních informací.
Nová verze bezpečnostních informací: 1.379.684.0
Předchozí verze bezpečnostních informací: 1.379.184.0
Zdroj aktualizace: Uživatel
Typ bezpečnostních informací: Antispywarový program
Typ aktualizace: Delta
Uživatel: NT AUTHORITY\SYSTEM
Aktuální verze modulu: 1.1.19800.4
Předchozí verze modulu: 1.1.19800.4
Kód chyby: 0x800705aa
Popis chyby: K dokončení požadované služby není k dispozici dostatek prostředků.

Date: 2022-11-21 04:15:21
Description:
Antivirová ochrana v programu Microsoft Defender narazil na chybu při pokusu o aktualizaci bezpečnostních informací.
Nová verze bezpečnostních informací: 1.379.684.0
Předchozí verze bezpečnostních informací: 1.379.184.0
Zdroj aktualizace: Uživatel
Typ bezpečnostních informací: Antivirový program
Typ aktualizace: Delta
Uživatel: NT AUTHORITY\SYSTEM
Aktuální verze modulu: 1.1.19800.4
Předchozí verze modulu: 1.1.19800.4
Kód chyby: 0x800705aa
Popis chyby: K dokončení požadované služby není k dispozici dostatek prostředků.

CodeIntegrity:
===============
Date: 2023-04-01 17:50:55
Description:
Code Integrity determined that a process (\Device\HarddiskVolume7\ProgramData\Microsoft\Windows Defender\Platform\4.18.2302.7-0\MsMpEng.exe) attempted to load \Device\HarddiskVolume7\Program Files\Common Files\microsoft shared\OFFICE16\MSOXMLMF.DLL that did not meet the Custom 3 / Antimalware signing level requirements.

Date: 2023-02-23 14:59:53
Description:
Code Integrity determined that a process (\Device\HarddiskVolume7\ProgramData\Microsoft\Windows Defender\Platform\4.18.2301.6-0\MsMpEng.exe) attempted to load \Device\HarddiskVolume7\Program Files\Common Files\microsoft shared\OFFICE16\MSOXMLMF.DLL that did not meet the Custom 3 / Antimalware signing level requirements.

Date: 2023-02-13 17:14:20
Description:
Code Integrity determined that a process (\Device\HarddiskVolume7\Program Files (x86)\Google\Chrome\Application\chrome.exe) attempted to load \Device\HarddiskVolume7\Program Files\Malwarebytes\Anti-Malware\mbae64.dll that did not meet the Microsoft signing level requirements.

==================== Memory info ===========================

BIOS: American Megatrends Inc. 1.10 08/22/2018
Motherboard: Micro-Star International Co., Ltd. MPG Z390 GAMING PLUS (MS-7B51)
Processor: Intel(R) Core(TM) i5-9600K CPU @ 3.70GHz
Percentage of memory in use: 30%
Total physical RAM: 16323.55 MB
Available physical RAM: 11301.34 MB
Total Virtual: 26563.55 MB
Available Virtual: 19294.63 MB

==================== Drives ================================

Drive c: () (Fixed) (Total:222.97 GB) (Free:156.53 GB) (Model: KINGSTON SA400S37240G) NTFS
Drive d: (Záloha) (Fixed) (Total:931.51 GB) (Free:327.01 GB) (Model: WDC WD10EZEX-22MFCA0) NTFS
Drive e: (Games) (Fixed) (Total:931.5 GB) (Free:105.23 GB) (Model: SAMSUNG HD642JJ) NTFS

\\?\Volume{d3e16997-6aa7-4d89-a675-b825a91508da}\ (Obnovení) (Fixed) (Total:0.49 GB) (Free:0.03 GB) NTFS
\\?\Volume{e6a644e5-e696-4aa9-b80d-d1faf7634f2d}\ () (Fixed) (Total:0.09 GB) (Free:0.07 GB) FAT32

==================== MBR & Partition Table ====================

==========================================================
Disk: 0 (Protective MBR) (Size: 931.5 GB) (Disk ID: 00000000)

Partition: GPT.

==========================================================
Disk: 1 (MBR Code: Windows 7/8/10) (Size: 931.5 GB) (Disk ID: 75A66AF1)
Partition 1: (Not Active) - (Size=931.5 GB) - (Type=07 NTFS)

==========================================================
Disk: 2 (Protective MBR) (Size: 223.6 GB) (Disk ID: 00000000)

Partition: GPT.

==================== End of Addition.txt =======================

#2 Příspěvek od **JaRon** » 04 dub 2023 09:59

ahoj,
prescanuj s NPE https://support.norton.com/sp/static/ex ... i41OC4wLjA

goffy1985 · #3 Příspěvek od **goffy1985** » 04 dub 2023 15:23

: a.jpg (27.54 KiB) Zobrazeno 628 x

#4 Příspěvek od **JaRon** » 04 dub 2023 15:50

To si Norton nevybral spravne

Users\Zdeněk\AppData\Roaming\Microsoft\Windows\Templates\Torrant.exe
Subor ak existuje otestuj na www.virustotal.com

goffy1985 · #5 Příspěvek od **goffy1985** » 04 dub 2023 15:56

Aspoň to zkusil

Nenašel jsem jej

#6 Příspěvek od **JaRon** » 04 dub 2023 16:05

Okrem uvedeneho suboru nic zavazne nevidim
Preventivne mozes prescanovat s Adwcleanerom

goffy1985 · #7 Příspěvek od **goffy1985** » 19 dub 2023 05:50

cleaner taky nic nenašel...myslel jsem, že to bude horší

tím pádem velké díky

#8 Příspěvek od **JaRon** » 19 dub 2023 06:06

zamalicko

VIRY.CZ

Prosím o preventivní kontrolu

Prosím o preventivní kontrolu

Re: Prosím o preventivní kontrolu

Re: Prosím o preventivní kontrolu

Re: Prosím o preventivní kontrolu

Re: Prosím o preventivní kontrolu

Re: Prosím o preventivní kontrolu

Re: Prosím o preventivní kontrolu

Re: Prosím o preventivní kontrolu