Odvirování PC, zrychlení počítače, vzdálená pomoc prostřednictvím služby neslape.cz

Prosba o preventivní kontrolu

Nemáte v tuto chvíli žádný problém s pc a chcete se jen ujistit, že je vše v pořádku?
Vložte log z FRST nebo RSIT.

Moderátor: Moderátoři

Pravidla fóra
Pokud chcete pomoc, vložte log z FRST [návod zde] nebo RSIT [návod zde]

Jednotlivé thready budou po vyřešení uzamčeny. Stejně tak ty, které budou nečinné déle než 14 dní. Vizte Pravidlo o zamykání témat. Děkujeme za pochopení.

!NOVINKA!
Nově lze využívat služby vzdálené pomoci, kdy se k vašemu počítači připojí odborník a bližší informace o problému si od vás získá telefonicky! Více na www.neslape.cz
Odpovědět
Zpráva
Autor
Zemos
Návštěvník
Návštěvník
Příspěvky: 78
Registrován: 15 bře 2015 13:17

Prosba o preventivní kontrolu

#1 Příspěvek od Zemos »

Dobrý večer,
s PC není nějaký větší problém, ale při otevření prohlížeče trvá delší načítání stránek a internet v PC je pomalejší. (na telefonu a jiném PC jede v pohodě)

Scan result of Farbar Recovery Scan Tool (FRST) (x64) Version: 14-04-2023
Ran by Petr (administrator) on DESKTOP-1BAQ5EU (Acer Aspire A515-51) (14-04-2023 23:05:02)
Running from C:\Users\Petr\Downloads\FRST64 (1).exe
Loaded Profiles: Petr
Platform: Microsoft Windows 10 Home Version 22H2 19045.2728 (X64) Language: Čeština (Česko)
Default browser: Chrome
Boot Mode: Normal

==================== Processes (Whitelisted) =================

(If an entry is included in the fixlist, the process will be closed. The file will not be moved.)

(C:\Program Files (x86)\Common Files\Java\Java Update\jusched.exe ->) (Oracle America, Inc. -> Oracle Corporation) C:\Program Files (x86)\Common Files\Java\Java Update\jucheck.exe
(C:\Program Files (x86)\Epic Games\Launcher\Portal\Binaries\Win64\EpicGamesLauncher.exe ->) (Epic Games Inc. -> Epic Games, Inc.) C:\Program Files (x86)\Epic Games\Launcher\Engine\Binaries\Win64\EpicWebHelper.exe <7>
(C:\Program Files\Common Files\microsoft shared\ClickToRun\OfficeClickToRun.exe ->) (Microsoft Corporation -> Microsoft Corporation) C:\Program Files\Common Files\microsoft shared\ClickToRun\AppVShNotify.exe
(C:\Program Files\Malwarebytes\Anti-Malware\MBAMService.exe ->) (Malwarebytes Inc. -> Malwarebytes) C:\Program Files\Malwarebytes\Anti-Malware\mbamtray.exe
(C:\ProgramData\Microsoft\Windows Defender\Platform\4.18.2303.8-0\MsMpEng.exe ->) (Microsoft Windows Publisher -> Microsoft Corporation) C:\ProgramData\Microsoft\Windows Defender\Platform\4.18.2303.8-0\MpCopyAccelerator.exe
(Discord Inc. -> Discord Inc.) C:\Users\Petr\AppData\Local\Discord\app-1.0.9012\Discord.exe <6>
(DriverStore\FileRepository\igdlh64.inf_amd64_4b34c18659561116\igfxCUIService.exe ->) (Intel(R) pGFX -> Intel Corporation) C:\Windows\System32\DriverStore\FileRepository\igdlh64.inf_amd64_4b34c18659561116\igfxEM.exe
(Epic Games Inc. -> Epic Games, Inc.) C:\Program Files (x86)\Epic Games\Launcher\Portal\Binaries\Win64\EpicGamesLauncher.exe
(explorer.exe ->) (Google LLC -> Google LLC) C:\Program Files\Google\Chrome\Application\chrome.exe <72>
(explorer.exe ->) (Microsoft Windows -> Microsoft Corporation) C:\Windows\System32\rundll32.exe
(explorer.exe ->) (Realtek Semiconductor Corp. -> Realtek Semiconductor) C:\Program Files\Realtek\Audio\HDA\RAVBg64.exe
(explorer.exe ->) (Realtek Semiconductor Corp. -> Realtek Semiconductor) C:\Program Files\Realtek\Audio\HDA\RAVCpl64.exe
(explorer.exe ->) (Spotify AB -> Spotify Ltd) C:\Users\Petr\AppData\Roaming\Spotify\Spotify.exe <6>
(Google LLC -> Google LLC) C:\Program Files (x86)\Google\Update\1.3.36.202\GoogleCrashHandler.exe
(Google LLC -> Google LLC) C:\Program Files (x86)\Google\Update\1.3.36.202\GoogleCrashHandler64.exe
(Microsoft Corporation -> Microsoft Corporation) C:\Program Files\Microsoft OneDrive\23.066.0326.0005\Microsoft.SharePoint.exe
(Microsoft Windows -> Microsoft Corporation) C:\Windows\System32\MusNotifyIcon.exe
(Oracle America, Inc. -> Oracle Corporation) C:\Program Files (x86)\Common Files\Java\Java Update\jusched.exe
(PIRIFORM SOFTWARE LIMITED -> Piriform Software Ltd) C:\Program Files\CCleaner\CCleaner64.exe
(services.exe ->) (Intel Corporation -> Intel Corporation) C:\Windows\System32\DriverStore\FileRepository\iaahcic.inf_amd64_3de4831720bb2934\RstMwService.exe
(services.exe ->) (Intel Corporation -> Intel Corporation) C:\Windows\System32\DriverStore\FileRepository\mewmiprov.inf_amd64_cad1db73e8c782a6\WMIRegistrationService.exe
(services.exe ->) (Intel(R) Embedded Subsystems and IP Blocks Group -> Intel Corporation) C:\Windows\System32\DriverStore\FileRepository\dal.inf_amd64_b5484efd38adbe8d\jhi_service.exe
(services.exe ->) (Intel(R) pGFX -> Intel Corporation) C:\Windows\System32\DriverStore\FileRepository\igdlh64.inf_amd64_4b34c18659561116\igfxCUIService.exe
(services.exe ->) (Intel(R) pGFX -> Intel Corporation) C:\Windows\System32\DriverStore\FileRepository\igdlh64.inf_amd64_4b34c18659561116\IntelCpHDCPSvc.exe
(services.exe ->) (Intel(R) pGFX -> Intel Corporation) C:\Windows\System32\DriverStore\FileRepository\igdlh64.inf_amd64_4b34c18659561116\IntelCpHeciSvc.exe
(services.exe ->) (Malwarebytes Inc. -> Malwarebytes) C:\Program Files\Malwarebytes\Anti-Malware\MBAMService.exe
(services.exe ->) (Microsoft Corporation -> ) C:\Program Files\WindowsApps\Microsoft.GamingServices_10.75.13001.0_x64__8wekyb3d8bbwe\gamingservices.exe
(services.exe ->) (Microsoft Corporation -> ) C:\Program Files\WindowsApps\Microsoft.GamingServices_10.75.13001.0_x64__8wekyb3d8bbwe\gamingservicesnet.exe
(services.exe ->) (Microsoft Corporation -> Microsoft Corporation) C:\Program Files (x86)\Microsoft GameInput\x64\gameinputsvc.exe <2>
(services.exe ->) (Microsoft Corporation -> Microsoft Corporation) C:\Program Files\Common Files\microsoft shared\ClickToRun\OfficeClickToRun.exe
(services.exe ->) (Microsoft Corporation -> Microsoft Corporation) C:\Windows\Microsoft.NET\Framework64\v3.0\WPF\PresentationFontCache.exe
(services.exe ->) (Microsoft Windows Hardware Compatibility Publisher -> Windows (R) Win 7 DDK provider) C:\Windows\System32\drivers\AdminService.exe
(services.exe ->) (Microsoft Windows Publisher -> Microsoft Corporation) C:\ProgramData\Microsoft\Windows Defender\Platform\4.18.2303.8-0\MsMpEng.exe
(services.exe ->) (Microsoft Windows Publisher -> Microsoft Corporation) C:\ProgramData\Microsoft\Windows Defender\Platform\4.18.2303.8-0\NisSrv.exe
(services.exe ->) (Qualcomm Atheros -> Qualcomm Technologies Inc.) C:\Windows\System32\drivers\QcomWlanSrvx64.exe
(services.exe ->) (Smart Sound Technology -> Intel) C:\Windows\System32\cAVS\Intel(R) Audio Service\IntelAudioService.exe
(svchost.exe ->) (Microsoft Corporation -> ) C:\Program Files\WindowsApps\Microsoft.XboxGamingOverlay_5.823.3261.0_x64__8wekyb3d8bbwe\GameBar.exe
(svchost.exe ->) (Microsoft Corporation -> ) C:\Program Files\WindowsApps\Microsoft.XboxGamingOverlay_5.823.3261.0_x64__8wekyb3d8bbwe\GameBarFTServer.exe
(svchost.exe ->) (Microsoft Windows -> Microsoft Corporation) C:\Windows\ImmersiveControlPanel\SystemSettings.exe
(svchost.exe ->) (Microsoft Windows -> Microsoft Corporation) C:\Windows\System32\dllhost.exe <2>
(svchost.exe ->) (Microsoft Windows -> Microsoft Corporation) C:\Windows\System32\MoUsoCoreWorker.exe
(svchost.exe ->) (Microsoft Windows -> Microsoft Corporation) C:\Windows\System32\smartscreen.exe

==================== Registry (Whitelisted) ===================

(If an entry is included in the fixlist, the registry item will be restored to default or removed. The file will not be moved.)

HKLM\...\Run: [RTHDVCPL] => C:\Program Files\Realtek\Audio\HDA\RAVCpl64.exe [19677472 2020-03-06] (Realtek Semiconductor Corp. -> Realtek Semiconductor)
HKLM\...\Run: [RtHDVBg_ASC] => C:\Program Files\Realtek\Audio\HDA\RAVBg64.exe [3617568 2020-03-06] (Realtek Semiconductor Corp. -> Realtek Semiconductor)
HKLM\...\Run: [RtHDVBg_CTPreset] => C:\Program Files\Realtek\Audio\HDA\RAVBg64.exe [3617568 2020-03-06] (Realtek Semiconductor Corp. -> Realtek Semiconductor)
HKLM-x32\...\Run: [SunJavaUpdateSched] => C:\Program Files (x86)\Common Files\Java\Java Update\jusched.exe [711288 2022-09-15] (Oracle America, Inc. -> Oracle Corporation)
HKLM-x32\...\Run: [TeamsMachineUninstallerLocalAppData] => C:\Users\Petr\AppData\Local\Microsoft\Teams\Update.exe [2585920 2022-11-26] (Microsoft 3rd Party Application Component -> Microsoft Corporation)
HKLM-x32\...\Run: [TeamsMachineUninstallerProgramData] => %ProgramData%\Microsoft\Teams\Update.exe --uninstall --msiUninstall --source=default (No File)
HKLM\...\RunOnce: [Delete Cached Update Binary] => C:\WINDOWS\system32\cmd.exe /q /c del /q "C:\Program Files\Microsoft OneDrive\Update\OneDriveSetup.exe" (No File)
HKLM\...\RunOnce: [Delete Cached Standalone Update Binary] => C:\WINDOWS\system32\cmd.exe /q /c del /q "C:\Program Files\Microsoft OneDrive\StandaloneUpdater\OneDriveSetup.exe" (No File)
HKLM\SOFTWARE\Policies\Microsoft\Windows\WindowsUpdate: Restriction <==== ATTENTION
HKU\S-1-5-21-3530969050-2372270893-3854167380-1001\...\Run: [OneDrive] => C:\Program Files\Microsoft OneDrive\OneDrive.exe [2631048 2023-04-14] (Microsoft Corporation -> Microsoft Corporation)
HKU\S-1-5-21-3530969050-2372270893-3854167380-1001\...\Run: [com.squirrel.Teams.Teams] => C:\Users\Petr\AppData\Local\Microsoft\Teams\Update.exe [2585920 2022-11-26] (Microsoft 3rd Party Application Component -> Microsoft Corporation)
HKU\S-1-5-21-3530969050-2372270893-3854167380-1001\...\Run: [CCleaner Smart Cleaning] => C:\Program Files\CCleaner\CCleaner64.exe [39159608 2023-03-07] (PIRIFORM SOFTWARE LIMITED -> Piriform Software Ltd)
HKU\S-1-5-21-3530969050-2372270893-3854167380-1001\...\Run: [Spotify] => C:\Users\Petr\AppData\Roaming\Spotify\Spotify.exe [20434296 2023-04-11] (Spotify AB -> Spotify Ltd)
HKU\S-1-5-21-3530969050-2372270893-3854167380-1001\...\Run: [Steam] => D:\steam\steam.exe [4253032 2023-02-14] (Valve Corp. -> Valve Corporation)
HKU\S-1-5-21-3530969050-2372270893-3854167380-1001\...\Run: [Discord] => C:\Users\Petr\AppData\Local\Discord\Update.exe [1525016 2022-12-09] (Discord Inc. -> GitHub)
HKU\S-1-5-21-3530969050-2372270893-3854167380-1001\...\Run: [EpicGamesLauncher] => C:\Program Files (x86)\Epic Games\Launcher\Portal\Binaries\Win64\EpicGamesLauncher.exe [37131216 2023-03-29] (Epic Games Inc. -> Epic Games, Inc.)
HKU\S-1-5-21-3530969050-2372270893-3854167380-1001\...\Policies\Explorer: [NoLowDiskSpaceChecks] 1
HKLM\Software\Microsoft\Active Setup\Installed Components: [{8A69D345-D564-463c-AFF1-A69D9E530F96}] -> C:\Program Files\Google\Chrome\Application\112.0.5615.49\Installer\chrmstp.exe [2023-04-05] (Google LLC -> Google LLC)
GroupPolicy: Restriction ? <==== ATTENTION
Policies: C:\ProgramData\NTUSER.pol: Restriction <==== ATTENTION

==================== Scheduled Tasks (Whitelisted) ============

(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)

Task: {05C16292-9E23-4921-9CB0-B7DE2B34A23C} - System32\Tasks\RtHDVBg_ASC => C:\Program Files\Realtek\Audio\HDA\RAVBg64.exe [3617568 2020-03-06] (Realtek Semiconductor Corp. -> Realtek Semiconductor)
Task: {1303F716-E4F6-4BCD-8BE1-D58289BFF25B} - System32\Tasks\Microsoft\Office\Office Performance Monitor => C:\Program Files\Microsoft Office\root\VFS\ProgramFilesCommonX64\Microsoft Shared\Office16\operfmon.exe [168840 2023-04-14] (Microsoft Corporation -> Microsoft Corporation)
Task: {22B5555B-A270-4FB0-BE80-E16859EBE10C} - System32\Tasks\CCleanerCrashReporting => C:\Program Files\CCleaner\CCleanerBugReport.exe [4703544 2023-03-07] (PIRIFORM SOFTWARE LIMITED -> Piriform Software) -> --product 90 --send dumps|report --path "C:\Program Files\CCleaner\LOG" --programpath "C:\Program Files\CCleaner" --configpath "C:\Program Files\CCleaner\Setup" --guid "fc89cfbf-5b9d-46a6-9de8-ce21ebf636d4" --version "6.10.10347" --silent
Task: {236DDBA3-AA68-4539-A9F9-6417ED920A99} - System32\Tasks\RTKCPL => C:\Program Files\Realtek\Audio\HDA\RAVBg64.exe [3617568 2020-03-06] (Realtek Semiconductor Corp. -> Realtek Semiconductor)
Task: {63A5EAAE-EB7A-4911-9A50-10D1F1F4CA14} - System32\Tasks\GoogleUpdateTaskMachineUA{80424E2F-DC36-45C8-8775-E52CB2786E76} => C:\Program Files (x86)\Google\Update\GoogleUpdate.exe [171480 2022-10-21] (Google LLC -> Google LLC)
Task: {68FA1095-BB39-43BF-B85B-656FE2FD03E9} - System32\Tasks\Microsoft\Office\Office Feature Updates Logon => C:\Program Files\Microsoft Office\root\Office16\sdxhelper.exe [144264 2023-04-14] (Microsoft Corporation -> Microsoft Corporation)
Task: {80084446-280A-42F4-A59A-04ACB4525B5D} - System32\Tasks\Microsoft\Windows\Windows Defender\Windows Defender Scheduled Scan => C:\ProgramData\Microsoft\Windows Defender\Platform\4.18.2303.8-0\MpCmdRun.exe [1645864 2023-04-13] (Microsoft Windows Publisher -> Microsoft Corporation)
Task: {8869EE3D-5703-4949-82FC-E1E4E3840FA2} - System32\Tasks\Microsoft\Office\Office ClickToRun Service Monitor => C:\Program Files\Common Files\Microsoft Shared\ClickToRun\OfficeC2RClient.exe [26409896 2023-04-11] (Microsoft Corporation -> Microsoft Corporation)
Task: {8BA58C72-838D-430D-BEF8-B7B0E16FEA63} - System32\Tasks\OneDrive Per-Machine Standalone Update Task => C:\Program Files\Microsoft OneDrive\OneDriveStandaloneUpdater.exe [4196728 2023-04-14] (Microsoft Corporation -> Microsoft Corporation)
Task: {A4301357-055E-473C-990B-4283041CE710} - System32\Tasks\Microsoft\Office\Office Feature Updates => C:\Program Files\Microsoft Office\root\Office16\sdxhelper.exe [144264 2023-04-14] (Microsoft Corporation -> Microsoft Corporation)
Task: {A9BDFD0C-6FC6-49FE-B535-7F27616D6F29} - System32\Tasks\GoogleUpdateTaskMachineCore{3B68CDC8-7166-4E82-B9DB-32AFB55B4715} => C:\Program Files (x86)\Google\Update\GoogleUpdate.exe [171480 2022-10-21] (Google LLC -> Google LLC)
Task: {B068ADF0-4517-4166-9AC4-271E83F04170} - System32\Tasks\Microsoft\Office\Office Subscription Maintenance => C:\Program Files\Microsoft Office\root\vfs\ProgramFilesCommonx64\Microsoft Shared\Office16\OLicenseHeartbeat.exe [995824 2023-04-14] (Microsoft Corporation -> Microsoft Corporation)
Task: {B2A3D5E8-315F-442A-B780-CFEA08D9D153} - System32\Tasks\Microsoft\Office\Office Automatic Updates 2.0 => C:\Program Files\Common Files\Microsoft Shared\ClickToRun\OfficeC2RClient.exe [26409896 2023-04-11] (Microsoft Corporation -> Microsoft Corporation)
Task: {C9EF2684-6CA8-44DB-A22E-91BD4F06978A} - System32\Tasks\Microsoft\Windows\Windows Defender\Windows Defender Verification => C:\ProgramData\Microsoft\Windows Defender\Platform\4.18.2303.8-0\MpCmdRun.exe [1645864 2023-04-13] (Microsoft Windows Publisher -> Microsoft Corporation)
Task: {E2283F98-4262-4AD3-B551-0EEEBF4BE6DF} - System32\Tasks\CCleanerSkipUAC - Petr => C:\Program Files\CCleaner\CCleaner.exe [33038648 2023-03-07] (PIRIFORM SOFTWARE LIMITED -> Piriform Software Ltd)
Task: {E5D44A9F-1E1B-4E44-8744-A4F6F8C68BFB} - System32\Tasks\Microsoft\Windows\Windows Defender\Windows Defender Cache Maintenance => C:\ProgramData\Microsoft\Windows Defender\Platform\4.18.2303.8-0\MpCmdRun.exe [1645864 2023-04-13] (Microsoft Windows Publisher -> Microsoft Corporation)
Task: {E6D991A8-01BD-44DA-8A0B-E10E70951062} - System32\Tasks\OneDrive Reporting Task-S-1-5-21-3530969050-2372270893-3854167380-1001 => C:\Program Files\Microsoft OneDrive\OneDriveStandaloneUpdater.exe [4196728 2023-04-14] (Microsoft Corporation -> Microsoft Corporation)
Task: {ED0AF8F2-4FB9-4127-BA05-7B86002AAABE} - System32\Tasks\CCleaner Update => C:\Program Files\CCleaner\CCUpdate.exe [714256 2023-03-07] (PIRIFORM SOFTWARE LIMITED -> Piriform Software Ltd)
Task: {F7832656-FC4B-46E3-B100-6A69C8B6A8DF} - System32\Tasks\Microsoft\Windows\Windows Defender\Windows Defender Cleanup => C:\ProgramData\Microsoft\Windows Defender\Platform\4.18.2303.8-0\MpCmdRun.exe [1645864 2023-04-13] (Microsoft Windows Publisher -> Microsoft Corporation)

(If an entry is included in the fixlist, the task (.job) file will be moved. The file which is running by the task will not be moved.)

Task: C:\WINDOWS\Tasks\CCleanerCrashReporting.job => C:\Program Files\CCleaner\CCleanerBugReport.exe

==================== Internet (Whitelisted) ====================

(If an item is included in the fixlist, if it is a registry item it will be removed or restored to default.)

Tcpip\Parameters: [DhcpNameServer] 192.168.31.1
Tcpip\..\Interfaces\{084b3ecf-bd7b-4d68-a506-ccf67c42b42c}: [DhcpNameServer] 192.168.31.1
Tcpip\..\Interfaces\{443571c0-20bc-43ed-b2f9-caf383bf0861}: [DhcpNameServer] 192.168.31.1

Edge:
=======
Edge DefaultProfile: Default
Edge Profile: C:\Users\Petr\AppData\Local\Microsoft\Edge\User Data\Default [2023-03-02]
Edge Extension: (Malwarebytes Browser Guard) - C:\Users\Petr\AppData\Local\Microsoft\Edge\User Data\Default\Extensions\bojobppfploabceghnmlahpoonbcbacn [2023-03-02]
Edge HKLM\...\Edge\Extension: [bojobppfploabceghnmlahpoonbcbacn]
Edge HKLM-x32\...\Edge\Extension: [bojobppfploabceghnmlahpoonbcbacn]

FireFox:
========
FF Plugin: @java.com/DTPlugin,version=11.351.2 -> C:\Program Files\Java\jre1.8.0_351\bin\dtplugin\npDeployJava1.dll [2022-11-19] (Oracle America, Inc. -> Oracle Corporation)
FF Plugin: @java.com/JavaPlugin,version=11.351.2 -> C:\Program Files\Java\jre1.8.0_351\bin\plugin2\npjp2.dll [2022-11-19] (Oracle America, Inc. -> Oracle Corporation)
FF Plugin: @microsoft.com/SharePoint,version=14.0 -> C:\Program Files\Microsoft Office\root\Office16\NPSPWRAP.DLL [2022-11-01] (Microsoft Corporation -> Microsoft Corporation)
FF Plugin-x32: @microsoft.com/Lync,version=15.0 -> C:\Program Files\Microsoft Office\root\VFS\ProgramFilesX86\Mozilla Firefox\plugins\npmeetingjoinpluginoc.dll [2022-11-01] (Microsoft Corporation -> Microsoft Corporation)
FF Plugin-x32: @microsoft.com/SharePoint,version=14.0 -> C:\Program Files\Microsoft Office\root\VFS\ProgramFilesX86\Microsoft Office\Office16\NPSPWRAP.DLL [2022-11-01] (Microsoft Corporation -> Microsoft Corporation)

Chrome:
=======
CHR DefaultProfile: Default
CHR Profile: C:\Users\Petr\AppData\Local\Google\Chrome\User Data\Default [2023-04-14]
CHR Extension: (Dokumenty Google offline) - C:\Users\Petr\AppData\Local\Google\Chrome\User Data\Default\Extensions\ghbmnnjooekpmoecnnnilnnbdlolhkhi [2023-04-11]
CHR Extension: (AdBlock - nejlepší blokátor reklam) - C:\Users\Petr\AppData\Local\Google\Chrome\User Data\Default\Extensions\gighmmpiobklfepjocnamgkkbiglidom [2023-02-22]
CHR Extension: (Platby Internetového obchodu Chrome) - C:\Users\Petr\AppData\Local\Google\Chrome\User Data\Default\Extensions\nmmhkkegccagdldgiimedpiccmgmieda [2022-10-21]
CHR Extension: (Hlídač Shopů) - C:\Users\Petr\AppData\Local\Google\Chrome\User Data\Default\Extensions\plmlonggbfebcjelncogcnclagkmkikk [2023-03-25]
CHR Profile: C:\Users\Petr\AppData\Local\Google\Chrome\User Data\Guest Profile [2023-04-14]
CHR Profile: C:\Users\Petr\AppData\Local\Google\Chrome\User Data\Profile 1 [2023-04-14]
CHR NewTab: Profile 1 -> Not-active:"chrome-extension://laookkfknpbbblfpciffpaejjkokdgca/dashboard.html"
CHR Extension: (Bulk Media Downloader) - C:\Users\Petr\AppData\Local\Google\Chrome\User Data\Profile 1\Extensions\ehfdcgbfcboceiclmjaofdannmjdeaoi [2023-02-09]
CHR Extension: (Dokumenty Google offline) - C:\Users\Petr\AppData\Local\Google\Chrome\User Data\Profile 1\Extensions\ghbmnnjooekpmoecnnnilnnbdlolhkhi [2023-04-13]
CHR Extension: (AdBlock - nejlepší blokátor reklam) - C:\Users\Petr\AppData\Local\Google\Chrome\User Data\Profile 1\Extensions\gighmmpiobklfepjocnamgkkbiglidom [2023-02-26]
CHR Extension: (Malwarebytes Browser Guard) - C:\Users\Petr\AppData\Local\Google\Chrome\User Data\Profile 1\Extensions\ihcjicgdanjaechkgeegckofjjedodee [2023-04-13]
CHR Extension: (Chrome Remote Desktop) - C:\Users\Petr\AppData\Local\Google\Chrome\User Data\Profile 1\Extensions\inomeogfingihgjfjlpeplalcfajhgai [2022-12-11]
CHR Extension: (Turbo Download Manager (Classic)) - C:\Users\Petr\AppData\Local\Google\Chrome\User Data\Profile 1\Extensions\kemfccojgjoilhfmcblgimbggikekjip [2023-02-09]
CHR Extension: (Momentum) - C:\Users\Petr\AppData\Local\Google\Chrome\User Data\Profile 1\Extensions\laookkfknpbbblfpciffpaejjkokdgca [2023-04-13]
CHR Extension: (Aliexpress SuperStar česky, Historie cen a koruny) - C:\Users\Petr\AppData\Local\Google\Chrome\User Data\Profile 1\Extensions\mceplokdebjaneacdmhgacicphdkenab [2022-12-19]
CHR Extension: (MetaMask) - C:\Users\Petr\AppData\Local\Google\Chrome\User Data\Profile 1\Extensions\nkbihfbeogaeaoehlefnkodbefgpgknn [2023-04-13]
CHR Extension: (Platby Internetového obchodu Chrome) - C:\Users\Petr\AppData\Local\Google\Chrome\User Data\Profile 1\Extensions\nmmhkkegccagdldgiimedpiccmgmieda [2022-10-28]
CHR Profile: C:\Users\Petr\AppData\Local\Google\Chrome\User Data\System Profile [2023-04-14]
CHR HKLM\...\Chrome\Extension: [ihcjicgdanjaechkgeegckofjjedodee]
CHR HKLM-x32\...\Chrome\Extension: [ihcjicgdanjaechkgeegckofjjedodee]

==================== Services (Whitelisted) ===================

(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)

S3 CCleanerPerformanceOptimizerService; C:\Program Files\CCleaner\CCleanerPerformanceOptimizerService.exe [1072440 2023-03-07] (PIRIFORM SOFTWARE LIMITED -> Piriform Software Ltd)
R2 ClickToRunSvc; C:\Program Files\Common Files\Microsoft Shared\ClickToRun\OfficeClickToRun.exe [12634544 2023-04-11] (Microsoft Corporation -> Microsoft Corporation)
S3 EpicOnlineServices; C:\Program Files (x86)\Epic Games\Epic Online Services\service\EpicOnlineServicesHost.exe [934352 2023-02-10] (Epic Games Inc. -> Epic Games, Inc.)
S3 FileSyncHelper; C:\Program Files\Microsoft OneDrive\23.066.0326.0005\FileSyncHelper.exe [3420040 2023-04-14] (Microsoft Corporation -> Microsoft Corporation)
R2 GamingServices; C:\Program Files\WindowsApps\Microsoft.GamingServices_10.75.13001.0_x64__8wekyb3d8bbwe\GamingServices.exe [75216 2023-03-18] (Microsoft Corporation -> )
R2 GamingServicesNet; C:\Program Files\WindowsApps\Microsoft.GamingServices_10.75.13001.0_x64__8wekyb3d8bbwe\GamingServicesNet.exe [75216 2023-03-18] (Microsoft Corporation -> )
S3 LxssManagerUser; C:\WINDOWS\system32\lxss\wslclient.dll [393216 2023-02-17] (Microsoft Windows -> Microsoft Corporation)
R2 MBAMService; C:\Program Files\Malwarebytes\Anti-Malware\MBAMService.exe [9098608 2023-04-13] (Malwarebytes Inc. -> Malwarebytes)
S3 OneDrive Updater Service; C:\Program Files\Microsoft OneDrive\23.066.0326.0005\OneDriveUpdaterService.exe [3805576 2023-04-14] (Microsoft Corporation -> Microsoft Corporation)
R3 WdNisSvc; C:\ProgramData\Microsoft\Windows Defender\Platform\4.18.2303.8-0\NisSrv.exe [3228400 2023-04-13] (Microsoft Windows Publisher -> Microsoft Corporation)
R2 WinDefend; C:\ProgramData\Microsoft\Windows Defender\Platform\4.18.2303.8-0\MsMpEng.exe [133536 2023-04-13] (Microsoft Windows Publisher -> Microsoft Corporation)

===================== Drivers (Whitelisted) ===================

(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)

R3 AcerAirplaneModeController; C:\WINDOWS\System32\drivers\AcerAirplaneModeController.sys [30168 2020-05-12] (Acer Incorporated -> Acer Incorporated)
S3 BrSerIb; C:\WINDOWS\System32\drivers\BrSerIb.sys [95344 2013-11-21] (Brother Industries, Ltd. -> Brother Industries Ltd.)
S3 BrUsbSIb; C:\WINDOWS\System32\drivers\BrUsbSIb.sys [21872 2013-11-21] (Brother Industries, Ltd. -> Brother Industries Ltd.)
S3 LMDriver; C:\WINDOWS\System32\drivers\LMDriver.sys [31032 2017-10-20] (Acer Incorporated -> Acer Incorporated)
R2 MBAMChameleon; C:\WINDOWS\System32\Drivers\MbamChameleon.sys [223176 2023-04-13] (Microsoft Windows Hardware Compatibility Publisher -> Malwarebytes)
S0 MbamElam; C:\WINDOWS\System32\DRIVERS\MbamElam.sys [21480 2023-02-04] (Microsoft Windows Early Launch Anti-malware Publisher -> Malwarebytes)
R3 MBAMSwissArmy; C:\WINDOWS\System32\Drivers\mbamswissarmy.sys [239544 2023-02-04] (Microsoft Windows Hardware Compatibility Publisher -> Malwarebytes)
R3 MpKsl4f69acae; C:\ProgramData\Microsoft\Windows Defender\Definition Updates\{9A9E2153-F414-4132-A6E6-F08946D41DD7}\MpKslDrv.sys [211208 2023-04-14] (Microsoft Windows -> Microsoft Corporation)
S3 qcfilter; C:\WINDOWS\system32\DRIVERS\qcusbfilter.sys [40448 2014-05-23] (QUALCOMM Incorporated) [File not signed]
S3 RadioShim; C:\WINDOWS\System32\drivers\RadioShim.sys [25400 2017-10-20] (Acer Incorporated -> Acer Incorporated)
U5 RegDeleteEx; C:\WINDOWS\system32\drivers\RegDeleteEx.sys [24920 2022-12-11] (NoVirusThanks Company Srl -> NoVirusThanks Company Srl)
S3 VBoxUSB; C:\WINDOWS\System32\Drivers\VBoxUSB.sys [177752 2022-10-10] (Oracle Corporation -> Oracle Corporation)
S0 WdBoot; C:\WINDOWS\System32\drivers\wd\WdBoot.sys [49600 2023-04-13] (Microsoft Windows Early Launch Anti-malware Publisher -> Microsoft Corporation)
R0 WdFilter; C:\WINDOWS\System32\drivers\wd\WdFilter.sys [497920 2023-04-13] (Microsoft Windows -> Microsoft Corporation)
R3 WdNisDrv; C:\WINDOWS\System32\drivers\wd\WdNisDrv.sys [99608 2023-04-13] (Microsoft Windows -> Microsoft Corporation)
U0 Partizan; system32\drivers\Partizan.sys [X]

==================== NetSvcs (Whitelisted) ===================

(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)


==================== One month (created) (Whitelisted) =========

(If an entry is included in the fixlist, the file/folder will be moved.)

2023-04-14 23:10 - 2023-04-14 23:10 - 000164301 _____ C:\Users\Petr\Downloads\potvrzeni_sjednani.zip
2023-04-14 23:03 - 2023-04-14 23:03 - 002380288 _____ (Farbar) C:\Users\Petr\Downloads\FRST64 (1).exe
2023-04-13 14:35 - 2023-04-13 14:35 - 000000000 ___HD C:\$WinREAgent
2023-04-12 22:09 - 2023-04-12 22:09 - 000159959 _____ C:\Users\Petr\Downloads\informace_pro_zajemce_o_pojisteni.pdf
2023-04-12 22:08 - 2023-04-12 22:08 - 000080618 _____ C:\Users\Petr\Downloads\zakladni_informace_o_produktu_IPID.pdf
2023-03-29 18:20 - 2023-03-29 18:20 - 000000000 ____D C:\Program Files\Epic Games
2023-03-29 18:12 - 2023-03-29 18:12 - 000000000 ____D C:\Users\Petr\AppData\Local\NVIDIA Corporation
2023-03-29 18:05 - 2023-03-29 18:12 - 000000000 ____D C:\Users\Petr\AppData\Local\UnrealEngine
2023-03-29 18:05 - 2023-03-29 18:05 - 000000000 ____D C:\Users\Petr\AppData\Local\UnrealEngineLauncher
2023-03-29 18:05 - 2023-03-29 18:05 - 000000000 ____D C:\Users\Petr\AppData\Local\EpicGamesLauncher
2023-03-29 18:05 - 2023-03-29 18:05 - 000000000 ____D C:\Users\Petr\AppData\Local\Epic Games
2023-03-29 18:03 - 2023-03-29 18:12 - 000000000 ____D C:\ProgramData\Epic
2023-03-29 18:03 - 2023-03-29 18:04 - 000000000 ____D C:\Program Files (x86)\Epic Games
2023-03-29 18:03 - 2023-03-29 18:03 - 000001258 _____ C:\Users\Public\Desktop\Epic Games Launcher.lnk
2023-03-29 18:02 - 2023-03-29 18:03 - 161464320 _____ C:\Users\Petr\Downloads\EpicInstaller-14.6.2-fortnite.msi
2023-03-18 04:29 - 2023-03-18 04:29 - 000147456 _____ C:\Users\Petr\Downloads\catchme.exe
2023-03-18 04:14 - 2023-03-18 02:15 - 000000098 _____ C:\WINDOWS\system32\Drivers\etc\hosts.old
2023-03-18 04:10 - 2023-03-18 04:19 - 000000252 _____ C:\WINDOWS\ntbtlog.txt
2023-03-18 04:10 - 2023-03-18 04:10 - 000380928 _____ C:\Users\Petr\Downloads\3dijn8ub.exe
2023-03-18 04:04 - 2023-03-18 04:06 - 000000000 ____D C:\Users\Petr\AppData\Local\UnHackMe
2023-03-18 04:03 - 2023-03-18 04:28 - 000000000 ____D C:\Program Files (x86)\UnHackMe
2023-03-18 04:03 - 2023-03-18 04:06 - 000000000 ____D C:\Users\Public\Documents\RegRunInfo
2023-03-18 04:02 - 2023-03-18 04:02 - 045664319 _____ C:\Users\Petr\Downloads\unhackme.zip
2023-03-18 04:01 - 2023-03-18 04:01 - 002496143 _____ C:\Users\Petr\Downloads\IceSword.exe
2023-03-18 04:01 - 2023-03-18 04:01 - 000000000 ____D C:\Users\Petr\Downloads\Nová složka
2023-03-18 04:00 - 2007-07-10 17:26 - 000000000 ____D C:\Users\Petr\Downloads\IceSword122en
2023-03-18 03:59 - 2023-03-18 03:59 - 002205157 _____ C:\Users\Petr\Downloads\IceSword122en.zip
2023-03-18 03:58 - 2023-03-18 03:58 - 001805240 _____ ( ) C:\Users\Petr\Downloads\icesword-1.22-installer_YUeU-p1.exe
2023-03-18 03:57 - 2023-03-18 03:59 - 002205157 _____ C:\Users\Petr\Downloads\icesword-1.22-installer.exe
2023-03-18 03:38 - 2023-03-18 03:41 - 000000000 ____D C:\Users\Petr\AppData\Local\NPE
2023-03-18 03:38 - 2023-03-18 03:38 - 016995528 _____ (NortonLifeLock Inc.) C:\Users\Petr\Downloads\NPE.exe
2023-03-18 03:38 - 2023-03-18 03:38 - 000000000 ____D C:\ProgramData\Norton
2023-03-18 03:15 - 2023-03-18 03:15 - 000000000 ____D C:\Program Files (x86)\Windows Kits
2023-03-18 03:15 - 2023-03-18 03:15 - 000000000 ____D C:\Program Files (x86)\Microsoft GameInput
2023-03-18 02:14 - 2023-03-18 02:14 - 000000000 ____D C:\_OTL
2023-03-18 02:12 - 2023-03-18 02:12 - 000602112 _____ (OldTimer Tools) C:\Users\Petr\Downloads\OTL.exe

==================== One month (modified) ==================

(If an entry is included in the fixlist, the file/folder will be moved.)

2023-04-14 23:06 - 2023-02-04 02:44 - 000024565 _____ C:\Users\Petr\Downloads\FRST.txt
2023-04-14 23:06 - 2023-02-04 02:44 - 000000000 ____D C:\FRST
2023-04-14 22:43 - 2022-10-21 20:20 - 000000000 ____D C:\Program Files (x86)\Google
2023-04-14 22:41 - 2022-10-20 23:09 - 000000000 ____D C:\ProgramData\regid.1991-06.com.microsoft
2023-04-14 22:25 - 2022-12-27 17:50 - 000000000 ____D C:\Users\Petr\AppData\Local\Discord
2023-04-14 21:45 - 2022-12-01 23:25 - 000000000 ____D C:\Users\Petr\AppData\Local\Spotify
2023-04-14 21:29 - 2022-10-27 20:37 - 000000000 ____D C:\Program Files\Microsoft Office
2023-04-14 21:20 - 2022-10-28 02:12 - 000000000 ____D C:\Program Files\CCleaner
2023-04-14 21:20 - 2022-10-27 22:59 - 000000000 ____D C:\Program Files\Microsoft OneDrive
2023-04-14 21:20 - 2022-10-27 20:48 - 000003194 _____ C:\WINDOWS\system32\Tasks\OneDrive Per-Machine Standalone Update Task
2023-04-14 21:20 - 2022-10-27 20:48 - 000002130 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Programs\OneDrive.lnk
2023-04-14 21:20 - 2022-10-20 22:44 - 000003596 _____ C:\WINDOWS\system32\Tasks\OneDrive Reporting Task-S-1-5-21-3530969050-2372270893-3854167380-1001
2023-04-14 21:17 - 2022-12-01 23:24 - 000000000 ____D C:\Users\Petr\AppData\Roaming\Spotify
2023-04-14 21:17 - 2022-10-20 22:21 - 000000000 ____D C:\WINDOWS\system32\SleepStudy
2023-04-13 14:49 - 2022-10-20 23:05 - 000000000 ____D C:\WINDOWS\CbsTemp
2023-04-13 14:35 - 2022-10-20 22:43 - 000000000 ____D C:\Users\Petr\AppData\Local\D3DSCache
2023-04-13 14:33 - 2022-10-20 22:56 - 000000000 ____D C:\WINDOWS\system32\MRT
2023-04-13 14:32 - 2022-10-20 23:09 - 000000000 ___HD C:\Program Files\WindowsApps
2023-04-13 14:32 - 2022-10-20 23:09 - 000000000 ____D C:\WINDOWS\AppReadiness
2023-04-13 14:30 - 2022-10-20 22:56 - 156112424 ____C (Microsoft Corporation) C:\WINDOWS\system32\MRT.exe
2023-04-13 14:25 - 2022-11-19 16:44 - 000000000 ____D C:\Users\Petr\AppData\Roaming\discord
2023-04-13 14:25 - 2022-10-20 22:24 - 000000000 ____D C:\WINDOWS\system32\Drivers\wd
2023-04-13 14:24 - 2018-08-07 10:59 - 000000000 __SHD C:\Users\Petr\IntelGraphicsProfiles
2023-04-12 19:36 - 2022-10-20 22:24 - 000002274 _____ C:\Users\Public\Desktop\Microsoft Edge.lnk
2023-04-12 19:36 - 2020-08-29 04:00 - 000002436 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Microsoft Edge.lnk
2023-04-11 21:38 - 2022-12-27 17:50 - 000002226 _____ C:\Users\Petr\Desktop\Discord.lnk
2023-04-11 19:38 - 2022-10-21 20:20 - 000003844 _____ C:\WINDOWS\system32\Tasks\GoogleUpdateTaskMachineUA{80424E2F-DC36-45C8-8775-E52CB2786E76}
2023-04-11 19:38 - 2022-10-21 20:20 - 000003720 _____ C:\WINDOWS\system32\Tasks\GoogleUpdateTaskMachineCore{3B68CDC8-7166-4E82-B9DB-32AFB55B4715}
2023-04-11 19:29 - 2022-10-20 22:24 - 000003640 _____ C:\WINDOWS\system32\Tasks\MicrosoftEdgeUpdateTaskMachineUA
2023-04-11 19:29 - 2022-10-20 22:24 - 000003516 _____ C:\WINDOWS\system32\Tasks\MicrosoftEdgeUpdateTaskMachineCore
2023-04-05 23:26 - 2022-10-21 20:21 - 000002247 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Google Chrome.lnk
2023-04-05 23:26 - 2022-10-21 20:21 - 000002206 _____ C:\Users\Public\Desktop\Google Chrome.lnk
2023-03-29 18:11 - 2022-10-28 00:52 - 000000000 ____D C:\ProgramData\Package Cache
2023-03-29 18:03 - 2018-09-29 16:23 - 000001270 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Epic Games Launcher.lnk
2023-03-25 18:16 - 2022-10-20 23:09 - 000000000 ____D C:\WINDOWS\system32\NDF
2023-03-25 18:12 - 2022-10-28 02:12 - 000004210 _____ C:\WINDOWS\system32\Tasks\CCleaner Update
2023-03-18 05:33 - 2022-10-20 22:27 - 000000000 ____D C:\Users\Petr
2023-03-18 04:33 - 2022-10-20 23:11 - 000718024 _____ C:\WINDOWS\system32\perfh005.dat
2023-03-18 04:33 - 2022-10-20 23:11 - 000145166 _____ C:\WINDOWS\system32\perfc005.dat
2023-03-18 04:33 - 2022-10-20 23:08 - 000000000 ____D C:\WINDOWS\INF
2023-03-18 04:33 - 2022-10-20 22:37 - 001693140 _____ C:\WINDOWS\system32\PerfStringBackup.INI
2023-03-18 04:26 - 2022-12-04 21:25 - 000001527 _____ C:\WINDOWS\system32\config\VSMIDK
2023-03-18 04:26 - 2022-10-20 22:24 - 000000006 ____H C:\WINDOWS\Tasks\SA.DAT
2023-03-18 04:26 - 2020-10-17 02:13 - 000008192 ___SH C:\DumpStack.log.tmp
2023-03-18 03:47 - 2022-10-20 23:05 - 000524288 _____ C:\WINDOWS\system32\config\BBI
2023-03-18 03:15 - 2022-11-12 03:03 - 000000000 ___SD C:\WINDOWS\system32\lxss
2023-03-18 03:15 - 2022-10-28 02:12 - 000000760 _____ C:\WINDOWS\Tasks\CCleanerCrashReporting.job
2023-03-18 03:15 - 2022-10-20 23:09 - 000000000 ___RD C:\WINDOWS\ImmersiveControlPanel
2023-03-18 03:15 - 2022-10-20 23:09 - 000000000 ____D C:\WINDOWS\SystemResources
2023-03-18 03:15 - 2022-10-20 23:09 - 000000000 ____D C:\WINDOWS\system32\oobe
2023-03-18 03:15 - 2022-10-20 23:09 - 000000000 ____D C:\WINDOWS\bcastdvr
2023-03-18 03:15 - 2022-10-20 22:21 - 000441560 _____ C:\WINDOWS\system32\FNTCACHE.DAT
2023-03-18 02:38 - 2022-10-20 22:26 - 003015680 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\PrintConfig.dll
2023-03-18 02:04 - 2022-10-28 02:12 - 000003476 _____ C:\WINDOWS\system32\Tasks\CCleanerCrashReporting
2023-03-18 01:57 - 2022-11-19 17:12 - 002786768 _____ (Microsoft Corporation) C:\WINDOWS\system32\xgameruntime.dll
2023-03-18 01:57 - 2022-11-19 17:12 - 000476624 _____ (Microsoft Corporation) C:\WINDOWS\system32\gameplatformservices.dll
2023-03-18 01:57 - 2022-11-19 17:12 - 000243200 _____ (Microsoft Corporation) C:\WINDOWS\system32\gamingservicesproxy.dll
2023-03-18 01:57 - 2022-11-19 17:12 - 000202192 _____ (Microsoft Corporation) C:\WINDOWS\system32\gameconfighelper.dll
2023-03-18 01:57 - 2022-11-19 17:12 - 000165328 _____ (Microsoft Corporation) C:\WINDOWS\system32\gamelaunchhelper.dll
2023-03-18 01:57 - 2022-11-19 17:12 - 000131072 _____ (Microsoft Corporation) C:\WINDOWS\system32\gamingtcuihelpers.dll
2023-03-18 01:57 - 2022-11-19 17:12 - 000079352 _____ (Microsoft Corporation) C:\WINDOWS\system32\xgamehelper.exe
2023-03-18 01:57 - 2022-11-19 17:12 - 000062928 _____ (Microsoft Corporation) C:\WINDOWS\system32\xgamecontrol.exe
2023-03-18 01:57 - 2022-10-20 22:41 - 000000000 ____D C:\Users\Petr\AppData\Local\Packages

==================== Files in the root of some directories ========

2020-10-07 12:39 - 2020-10-07 12:40 - 000050741 _____ () C:\Users\Petr\ntuserdirect_MyManager.dat
2022-12-27 17:54 - 2022-12-31 20:33 - 000000128 _____ () C:\Users\Petr\AppData\Roaming\winscp.rnd

==================== SigCheck ============================

(There is no automatic fix for files that do not pass verification.)

==================== End of FRST.txt ========================


----------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------

Additional scan result of Farbar Recovery Scan Tool (x64) Version: 14-04-2023
Ran by Petr (14-04-2023 23:12:25)
Running from C:\Users\Petr\Downloads
Microsoft Windows 10 Home Version 22H2 19045.2728 (X64) (2022-10-20 20:41:18)
Boot Mode: Normal
==========================================================


==================== Accounts: =============================


(If an entry is included in the fixlist, it will be removed.)

Administrator (S-1-5-21-3530969050-2372270893-3854167380-500 - Administrator - Disabled)
DefaultAccount (S-1-5-21-3530969050-2372270893-3854167380-503 - Limited - Disabled)
defaultuser0 (S-1-5-21-3530969050-2372270893-3854167380-1000 - Limited - Disabled)
Guest (S-1-5-21-3530969050-2372270893-3854167380-501 - Limited - Disabled)
Petr (S-1-5-21-3530969050-2372270893-3854167380-1001 - Administrator - Enabled) => C:\Users\Petr
WDAGUtilityAccount (S-1-5-21-3530969050-2372270893-3854167380-504 - Limited - Disabled)

==================== Security Center ========================

(If an entry is included in the fixlist, it will be removed.)

AV: Windows Defender (Enabled - Up to date) {D68DDC3A-831F-4fae-9E44-DA132C1ACF46}

==================== Installed Programs ======================

(Only the adware programs with "Hidden" flag could be added to the fixlist to unhide them. The adware programs should be uninstalled manually.)

CCleaner (HKLM\...\CCleaner) (Version: 6.10 - Piriform)
Discord (HKU\S-1-5-21-3530969050-2372270893-3854167380-1001\...\Discord) (Version: 1.0.9008 - Discord Inc.)
Epic Games Launcher (HKLM-x32\...\{C027033D-F5BC-4556-B302-84E6EC6BD4D4}) (Version: 1.3.67.0 - Epic Games, Inc.)
Epic Games Launcher Prerequisites (x64) (HKLM\...\{F9C5C994-F6B9-4D75-B3E7-AD01B84073E9}) (Version: 1.0.0.0 - Epic Games, Inc.) Hidden
Epic Online Services (HKLM-x32\...\{4757C19B-4CE3-418C-91D2-E15E938091FB}) (Version: 2.0.39.0 - Epic Games, Inc.)
Google Chrome (HKLM-x32\...\Google Chrome) (Version: 112.0.5615.49 - Google LLC)
Intel® Hardware Accelerated Execution Manager (HKLM\...\HAXM) (Version: 7.6.5 - Intel Corporation)
Java 8 Update 351 (64-bit) (HKLM\...\{26A24AE4-039D-4CA4-87B4-2F64180351F0}) (Version: 8.0.3510.10 - Oracle Corporation)
Kontrola stavu osobního počítače s Windows (HKLM\...\{D1F15F7A-707A-42BD-BE6B-3380616F796D}) (Version: 3.6.2204.08001 - Microsoft Corporation)
Launcher Prerequisites (x64) (HKLM-x32\...\{43a03b9c-4770-409c-a999-587b60700b63}) (Version: 1.0.0.0 - Epic Games, Inc.) Hidden
Malwarebytes version 4.5.26.259 (HKLM\...\{35065F43-4BB2-439A-BFF7-0F1014F2E0CD}_is1) (Version: 4.5.26.259 - Malwarebytes)
Microsoft 365 Apps pro velké organizace - cs-cz (HKLM\...\O365ProPlusRetail - cs-cz) (Version: 16.0.16130.20332 - Microsoft Corporation)
Microsoft Edge (HKLM-x32\...\Microsoft Edge) (Version: 112.0.1722.39 - Microsoft Corporation)
Microsoft Edge WebView2 Runtime (HKLM-x32\...\Microsoft EdgeWebView) (Version: 112.0.1722.39 - Microsoft Corporation)
Microsoft GameInput (HKLM-x32\...\{1F2B6AF3-C260-8666-5950-E3FEDBC851D6}) (Version: 10.1.22621.3036 - Microsoft Corporation)
Microsoft OneDrive (HKLM\...\OneDriveSetup.exe) (Version: 23.066.0326.0005 - Microsoft Corporation)
Microsoft Update Health Tools (HKLM\...\{89581302-705F-42C5-99B0-E368A845DAD5}) (Version: 3.70.0.0 - Microsoft Corporation)
Microsoft Visual C++ 2010 x64 Redistributable - 10.0.40219 (HKLM\...\{1D8E6291-B0D5-35EC-8441-6616F567A0F7}) (Version: 10.0.40219 - Microsoft Corporation)
Microsoft Visual C++ 2010 x86 Redistributable - 10.0.40219 (HKLM-x32\...\{F0C3E5D1-1ADE-321E-8167-68EF0DE699A5}) (Version: 10.0.40219 - Microsoft Corporation)
Microsoft Visual C++ 2015-2019 Redistributable (x86) - 14.27.29016 (HKLM-x32\...\{1aaa01ad-3069-4288-9c6f-37a140a8f6c7}) (Version: 14.27.29016.0 - Microsoft Corporation)
Microsoft Visual C++ 2019 X86 Additional Runtime - 14.27.29016 (HKLM-x32\...\{5CD4E357-9ED6-42AC-B654-F1FC21DD60C9}) (Version: 14.27.29016 - Microsoft Corporation) Hidden
Microsoft Visual C++ 2019 X86 Minimum Runtime - 14.27.29016 (HKLM-x32\...\{E2C131AD-D30F-4D67-ACE9-B3D485E84DA8}) (Version: 14.27.29016 - Microsoft Corporation) Hidden
Notepad++ (64-bit x64) (HKLM\...\Notepad++) (Version: 8.4.7 - Notepad++ Team)
Office 16 Click-to-Run Extensibility Component (HKLM\...\{90160000-008C-0000-1000-0000000FF1CE}) (Version: 16.0.16130.20218 - Microsoft Corporation) Hidden
Office 16 Click-to-Run Licensing Component (HKLM\...\{90160000-007E-0000-1000-0000000FF1CE}) (Version: 16.0.16227.20204 - Microsoft Corporation) Hidden
Realtek High Definition Audio Driver (HKLM-x32\...\{F132AF7F-7BCA-4EDE-8A7C-958108FE7DBC}) (Version: 6.0.8907.1 - Realtek Semiconductor Corp.)
Spotify (HKU\S-1-5-21-3530969050-2372270893-3854167380-1001\...\Spotify) (Version: 1.2.8.923.g4f94bf0d - Spotify AB)
Steam (HKLM-x32\...\Steam) (Version: 2.10.91.91 - Valve Corporation)
TLauncher (HKLM-x32\...\TLauncher) (Version: 2.86 - TLauncher Inc.)
Windows Subsystem for Linux Update (HKLM\...\{F8474A47-8B5D-4466-ACE3-78EAB3BF21A8}) (Version: 5.10.102.1 - Microsoft Corporation)
WinRAR 6.11 (64-bit) (HKLM\...\WinRAR archiver) (Version: 6.11.0 - win.rar GmbH)
WinSCP 5.21.6 (HKLM-x32\...\winscp3_is1) (Version: 5.21.6 - Martin Prikryl)

Packages:
=========
Minecraft Launcher -> C:\Program Files\WindowsApps\Microsoft.4297127D64EC6_1.2.4.0_x64__8wekyb3d8bbwe [2023-03-22] (Microsoft Studios)
Solitaire & Casual Games -> C:\Program Files\WindowsApps\Microsoft.MicrosoftSolitaireCollection_4.16.3140.0_x64__8wekyb3d8bbwe [2023-03-22] (Microsoft Studios) [MS Ad]
Terminál Windows Preview -> C:\Program Files\WindowsApps\Microsoft.WindowsTerminalPreview_1.17.10234.0_x64__8wekyb3d8bbwe [2023-01-27] (Microsoft Corporation) [Startup Task]
Windows Package Manager Source (winget) -> C:\Program Files\WindowsApps\Microsoft.Winget.Source_2022.1204.1918.76_neutral__8wekyb3d8bbwe [2022-12-04] (Microsoft Corporation)

==================== Custom CLSID (Whitelisted): ==============

(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)

CustomCLSID: HKU\S-1-5-21-3530969050-2372270893-3854167380-1001_Classes\CLSID\{d1b22d3d-8585-53a6-acb3-0e803c7e8d2a}\localserver32 -> "C:\Users\Petr\AppData\Local\Microsoft\Teams\current\Teams.exe" --toast => No File
ShellIconOverlayIdentifiers: [ OneDrive1] -> {BBACC218-34EA-4666-9D7A-C78F2274A524} => C:\Program Files\Microsoft OneDrive\23.066.0326.0005\FileSyncShell64.dll [2023-04-14] (Microsoft Corporation -> Microsoft Corporation)
ShellIconOverlayIdentifiers: [ OneDrive2] -> {5AB7172C-9C11-405C-8DD5-AF20F3606282} => C:\Program Files\Microsoft OneDrive\23.066.0326.0005\FileSyncShell64.dll [2023-04-14] (Microsoft Corporation -> Microsoft Corporation)
ShellIconOverlayIdentifiers: [ OneDrive3] -> {A78ED123-AB77-406B-9962-2A5D9D2F7F30} => C:\Program Files\Microsoft OneDrive\23.066.0326.0005\FileSyncShell64.dll [2023-04-14] (Microsoft Corporation -> Microsoft Corporation)
ShellIconOverlayIdentifiers: [ OneDrive4] -> {F241C880-6982-4CE5-8CF7-7085BA96DA5A} => C:\Program Files\Microsoft OneDrive\23.066.0326.0005\FileSyncShell64.dll [2023-04-14] (Microsoft Corporation -> Microsoft Corporation)
ShellIconOverlayIdentifiers: [ OneDrive5] -> {A0396A93-DC06-4AEF-BEE9-95FFCCAEF20E} => C:\Program Files\Microsoft OneDrive\23.066.0326.0005\FileSyncShell64.dll [2023-04-14] (Microsoft Corporation -> Microsoft Corporation)
ShellIconOverlayIdentifiers: [ OneDrive6] -> {9AA2F32D-362A-42D9-9328-24A483E2CCC3} => C:\Program Files\Microsoft OneDrive\23.066.0326.0005\FileSyncShell64.dll [2023-04-14] (Microsoft Corporation -> Microsoft Corporation)
ShellIconOverlayIdentifiers: [ OneDrive7] -> {C5FF006E-2AE9-408C-B85B-2DFDD5449D9C} => C:\Program Files\Microsoft OneDrive\23.066.0326.0005\FileSyncShell64.dll [2023-04-14] (Microsoft Corporation -> Microsoft Corporation)
ShellIconOverlayIdentifiers-x32: [ OneDrive1] -> {BBACC218-34EA-4666-9D7A-C78F2274A524} => C:\Program Files\Microsoft OneDrive\23.066.0326.0005\FileSyncShell64.dll [2023-04-14] (Microsoft Corporation -> Microsoft Corporation)
ShellIconOverlayIdentifiers-x32: [ OneDrive2] -> {5AB7172C-9C11-405C-8DD5-AF20F3606282} => C:\Program Files\Microsoft OneDrive\23.066.0326.0005\FileSyncShell64.dll [2023-04-14] (Microsoft Corporation -> Microsoft Corporation)
ShellIconOverlayIdentifiers-x32: [ OneDrive3] -> {A78ED123-AB77-406B-9962-2A5D9D2F7F30} => C:\Program Files\Microsoft OneDrive\23.066.0326.0005\FileSyncShell64.dll [2023-04-14] (Microsoft Corporation -> Microsoft Corporation)
ShellIconOverlayIdentifiers-x32: [ OneDrive4] -> {F241C880-6982-4CE5-8CF7-7085BA96DA5A} => C:\Program Files\Microsoft OneDrive\23.066.0326.0005\FileSyncShell64.dll [2023-04-14] (Microsoft Corporation -> Microsoft Corporation)
ShellIconOverlayIdentifiers-x32: [ OneDrive5] -> {A0396A93-DC06-4AEF-BEE9-95FFCCAEF20E} => C:\Program Files\Microsoft OneDrive\23.066.0326.0005\FileSyncShell64.dll [2023-04-14] (Microsoft Corporation -> Microsoft Corporation)
ShellIconOverlayIdentifiers-x32: [ OneDrive6] -> {9AA2F32D-362A-42D9-9328-24A483E2CCC3} => C:\Program Files\Microsoft OneDrive\23.066.0326.0005\FileSyncShell64.dll [2023-04-14] (Microsoft Corporation -> Microsoft Corporation)
ShellIconOverlayIdentifiers-x32: [ OneDrive7] -> {C5FF006E-2AE9-408C-B85B-2DFDD5449D9C} => C:\Program Files\Microsoft OneDrive\23.066.0326.0005\FileSyncShell64.dll [2023-04-14] (Microsoft Corporation -> Microsoft Corporation)
ContextMenuHandlers1: [ FileSyncEx] -> {CB3D0F55-BC2C-4C1A-85ED-23ED75B5106B} => C:\Program Files\Microsoft OneDrive\23.066.0326.0005\FileSyncShell64.dll [2023-04-14] (Microsoft Corporation -> Microsoft Corporation)
ContextMenuHandlers1: [ANotepad++64] -> {B298D29A-A6ED-11DE-BA8C-A68E55D89593} => C:\Program Files\Notepad++\NppShell_06.dll [2022-11-08] (Notepad++ -> )
ContextMenuHandlers1: [WinRAR] -> {B41DB860-64E4-11D2-9906-E49FADC173CA} => D:\winrar\rarext.dll [2022-03-03] (win.rar GmbH -> Alexander Roshal)
ContextMenuHandlers1-x32: [WinRAR32] -> {B41DB860-8EE4-11D2-9906-E49FADC173CA} => D:\winrar\rarext32.dll [2022-03-03] (win.rar GmbH -> Alexander Roshal)
ContextMenuHandlers3: [MBAMShlExt] -> {57CE581A-0CB6-4266-9CA0-19364C90A0B3} => C:\Program Files\Malwarebytes\Anti-Malware\mbshlext.dll [2023-03-07] (Malwarebytes Inc. -> Malwarebytes)
ContextMenuHandlers4: [ FileSyncEx] -> {CB3D0F55-BC2C-4C1A-85ED-23ED75B5106B} => C:\Program Files\Microsoft OneDrive\23.066.0326.0005\FileSyncShell64.dll [2023-04-14] (Microsoft Corporation -> Microsoft Corporation)
ContextMenuHandlers5: [ FileSyncEx] -> {CB3D0F55-BC2C-4C1A-85ED-23ED75B5106B} => C:\Program Files\Microsoft OneDrive\23.066.0326.0005\FileSyncShell64.dll [2023-04-14] (Microsoft Corporation -> Microsoft Corporation)
ContextMenuHandlers5: [igfxcui] -> {3AB1675A-CCFF-11D2-8B20-00A0C93CB1F4} => -> No File
ContextMenuHandlers5: [igfxDTCM] -> {9B5F5829-A529-4B12-814A-E81BCB8D93FC} => C:\WINDOWS\System32\DriverStore\FileRepository\igdlh64.inf_amd64_4b34c18659561116\igfxDTCM.dll [2019-02-23] (Microsoft Windows Hardware Compatibility Publisher -> Intel Corporation)
ContextMenuHandlers6: [MBAMShlExt] -> {57CE581A-0CB6-4266-9CA0-19364C90A0B3} => C:\Program Files\Malwarebytes\Anti-Malware\mbshlext.dll [2023-03-07] (Malwarebytes Inc. -> Malwarebytes)
ContextMenuHandlers6: [WinRAR] -> {B41DB860-64E4-11D2-9906-E49FADC173CA} => D:\winrar\rarext.dll [2022-03-03] (win.rar GmbH -> Alexander Roshal)
ContextMenuHandlers6-x32: [WinRAR32] -> {B41DB860-8EE4-11D2-9906-E49FADC173CA} => D:\winrar\rarext32.dll [2022-03-03] (win.rar GmbH -> Alexander Roshal)

==================== Codecs (Whitelisted) ====================

==================== Shortcuts & WMI ========================

(The entries could be listed to be restored or removed.)

Shortcut: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\ADB & Fastboot++.lnk -> C:\Program Files (x86)\ADB and Fastboot++\OpenCMD.bat (No File)
Shortcut: C:\Users\Public\Desktop\ADB & Fastboot++.lnk -> C:\Program Files (x86)\ADB and Fastboot++\OpenCMD.bat (No File)
Shortcut: C:\Users\Public\Desktop\Toolkit.lnk -> C:\Program Files (x86)\ADB and Fastboot++\Toolkit.bat (No File)
ShortcutWithArgument: C:\Users\Petr\Desktop\Petr (Osoba 1) - Chrome.lnk -> C:\Program Files\Google\Chrome\Application\chrome.exe (Google LLC) -> --profile-directory="Default"

==================== Loaded Modules (Whitelisted) =============

==================== Alternate Data Streams (Whitelisted) ========

==================== Safe Mode (Whitelisted) ==================

(If an entry is included in the fixlist, it will be removed from the registry. The "AlternateShell" will be restored.)

HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\MBAMService => ""="Service"
HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Network\MBAMService => ""="Service"

==================== Association (Whitelisted) =================

==================== Internet Explorer (Whitelisted) ==========

SearchScopes: HKLM -> DefaultScope value is missing
SearchScopes: HKLM-x32 -> DefaultScope {0633EE93-D776-472f-A0FF-E1416B8B2E3A} URL =
BHO: Skype for Business Browser Helper -> {31D09BA0-12F5-4CCE-BE8A-2923E76605DA} -> C:\Program Files\Microsoft Office\root\Office16\OCHelper.dll [2023-02-01] (Microsoft Corporation -> Microsoft Corporation)
BHO: Java(tm) Plug-In SSV Helper -> {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} -> C:\Program Files\Java\jre1.8.0_351\bin\ssv.dll [2022-11-19] (Oracle America, Inc. -> Oracle Corporation)
BHO: Java(tm) Plug-In 2 SSV Helper -> {DBC80044-A445-435b-BC74-9C25C1C588A9} -> C:\Program Files\Java\jre1.8.0_351\bin\jp2ssv.dll [2022-11-19] (Oracle America, Inc. -> Oracle Corporation)
BHO-x32: Skype for Business Browser Helper -> {31D09BA0-12F5-4CCE-BE8A-2923E76605DA} -> C:\Program Files\Microsoft Office\root\VFS\ProgramFilesX86\Microsoft Office\Office16\OCHelper.dll [2023-03-03] (Microsoft Corporation -> Microsoft Corporation)
Handler: mso-minsb-roaming.16 - {83C25742-A9F7-49FB-9138-434302C88D07} - C:\Program Files\Microsoft Office\root\Office16\MSOSB.DLL [2023-04-14] (Microsoft Corporation -> Microsoft Corporation)
Handler-x32: mso-minsb-roaming.16 - {83C25742-A9F7-49FB-9138-434302C88D07} - C:\Program Files\Microsoft Office\root\VFS\ProgramFilesX86\Microsoft Office\Office16\MSOSB.DLL [2023-04-14] (Microsoft Corporation -> Microsoft Corporation)
Handler: mso-minsb.16 - {42089D2D-912D-4018-9087-2B87803E93FB} - C:\Program Files\Microsoft Office\root\Office16\MSOSB.DLL [2023-04-14] (Microsoft Corporation -> Microsoft Corporation)
Handler-x32: mso-minsb.16 - {42089D2D-912D-4018-9087-2B87803E93FB} - C:\Program Files\Microsoft Office\root\VFS\ProgramFilesX86\Microsoft Office\Office16\MSOSB.DLL [2023-04-14] (Microsoft Corporation -> Microsoft Corporation)
Handler: osf-roaming.16 - {42089D2D-912D-4018-9087-2B87803E93FB} - C:\Program Files\Microsoft Office\root\Office16\MSOSB.DLL [2023-04-14] (Microsoft Corporation -> Microsoft Corporation)
Handler-x32: osf-roaming.16 - {42089D2D-912D-4018-9087-2B87803E93FB} - C:\Program Files\Microsoft Office\root\VFS\ProgramFilesX86\Microsoft Office\Office16\MSOSB.DLL [2023-04-14] (Microsoft Corporation -> Microsoft Corporation)
Handler: osf.16 - {5504BE45-A83B-4808-900A-3A5C36E7F77A} - C:\Program Files\Microsoft Office\root\Office16\MSOSB.DLL [2023-04-14] (Microsoft Corporation -> Microsoft Corporation)
Handler-x32: osf.16 - {5504BE45-A83B-4808-900A-3A5C36E7F77A} - C:\Program Files\Microsoft Office\root\VFS\ProgramFilesX86\Microsoft Office\Office16\MSOSB.DLL [2023-04-14] (Microsoft Corporation -> Microsoft Corporation)

(If an entry is included in the fixlist, it will be removed from the registry.)

IE trusted site: HKU\S-1-5-21-3530969050-2372270893-3854167380-1001\...\sharepoint.com -> hxxps://olphschool-files.sharepoint.com

==================== Hosts content: =========================

(If needed Hosts: directive could be included in the fixlist to reset Hosts.)

2022-10-20 23:09 - 2023-03-18 04:28 - 000000005 _____ C:\WINDOWS\system32\drivers\etc\hosts

2022-12-04 21:30 - 2022-12-04 21:30 - 000000441 _____ C:\WINDOWS\system32\drivers\etc\hosts.ics
172.21.48.1 DESKTOP-1BAQ5EU.mshome.net # 2027 12 5 3 19 30 47 604

==================== Other Areas ===========================

(Currently there is no automatic fix for this section.)

HKLM\System\CurrentControlSet\Control\Session Manager\Environment\\Path -> C:\Program Files (x86)\Common Files\Oracle\Java\javapath;C:\WINDOWS\system32;C:\WINDOWS;C:\WINDOWS\System32\Wbem;C:\WINDOWS\System32\WindowsPowerShell\v1.0\;C:\WINDOWS\System32\OpenSSH\;C:\Users\Petr\AppData\Local\Microsoft\WindowsApps;C:\adb;C:\pltool;C:\Program Files (x86)\ADB and Fastboot++;
HKU\S-1-5-21-3530969050-2372270893-3854167380-1001\Control Panel\Desktop\\Wallpaper -> C:\Users\Petr\Desktop\72081322_149251539656589_3146703180914491392_o.jpg
DNS Servers: 192.168.31.1
HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Policies\System => (ConsentPromptBehaviorAdmin: 5) (ConsentPromptBehaviorUser: 3) (EnableLUA: 1)
Windows Firewall is enabled.

==================== MSCONFIG/TASK MANAGER disabled items ==

(If an entry is included in the fixlist, it will be removed.)

HKU\S-1-5-21-3530969050-2372270893-3854167380-1001\...\StartupApproved\Run: => "OneDrive"
HKU\S-1-5-21-3530969050-2372270893-3854167380-1001\...\StartupApproved\Run: => "com.squirrel.Teams.Teams"
HKU\S-1-5-21-3530969050-2372270893-3854167380-1001\...\StartupApproved\Run: => "Steam"

==================== FirewallRules (Whitelisted) ================

(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)

FirewallRules: [TCP Query User{28A88EC3-4D7F-4452-9BFD-878011B9BA62}C:\users\petr\appdata\roaming\spotify\spotify.exe] => (Allow) C:\users\petr\appdata\roaming\spotify\spotify.exe (Spotify AB -> Spotify Ltd)
FirewallRules: [UDP Query User{9DF10D7E-4BE2-407A-A5C7-FCBDEB65467B}C:\users\petr\appdata\roaming\spotify\spotify.exe] => (Allow) C:\users\petr\appdata\roaming\spotify\spotify.exe (Spotify AB -> Spotify Ltd)
FirewallRules: [TCP Query User{43E21E59-5081-4C0A-A53B-0509F2757BD9}C:\users\petr\appdata\roaming\spotify\spotify.exe] => (Allow) C:\users\petr\appdata\roaming\spotify\spotify.exe (Spotify AB -> Spotify Ltd)
FirewallRules: [UDP Query User{A5158004-C286-45F6-8968-915F56CA6D53}C:\users\petr\appdata\roaming\spotify\spotify.exe] => (Allow) C:\users\petr\appdata\roaming\spotify\spotify.exe (Spotify AB -> Spotify Ltd)
FirewallRules: [TCP Query User{838BEBC1-E348-420A-A0F8-BBB7743A50E2}C:\program files (x86)\epic games\launcher\engine\binaries\win64\epicwebhelper.exe] => (Allow) C:\program files (x86)\epic games\launcher\engine\binaries\win64\epicwebhelper.exe (Epic Games Inc. -> Epic Games, Inc.)
FirewallRules: [UDP Query User{1E84E632-FFAF-4436-9056-DA9B94C9990B}C:\program files (x86)\epic games\launcher\engine\binaries\win64\epicwebhelper.exe] => (Allow) C:\program files (x86)\epic games\launcher\engine\binaries\win64\epicwebhelper.exe (Epic Games Inc. -> Epic Games, Inc.)
FirewallRules: [{F7BDCA49-3E38-41D9-9E98-97D1B641A3DB}] => (Allow) C:\Program Files\WindowsApps\Microsoft.SkypeApp_15.96.3207.0_x64__kzf8qxf38zg5c\Skype\Skype.exe (Skype Software Sarl -> )
FirewallRules: [{98ED6028-1206-46A6-9BA2-2F73CCC68FFE}] => (Allow) C:\Program Files\WindowsApps\Microsoft.SkypeApp_15.96.3207.0_x64__kzf8qxf38zg5c\Skype\Skype.exe (Skype Software Sarl -> )
FirewallRules: [{83AB1B24-A16B-4F21-BCBF-D3731AE13551}] => (Allow) C:\Program Files\WindowsApps\Microsoft.SkypeApp_15.96.3207.0_x64__kzf8qxf38zg5c\Skype\Skype.exe (Skype Software Sarl -> )
FirewallRules: [{21682F02-07D7-4485-B30D-13D557F49206}] => (Allow) C:\Program Files\WindowsApps\Microsoft.SkypeApp_15.96.3207.0_x64__kzf8qxf38zg5c\Skype\Skype.exe (Skype Software Sarl -> )
FirewallRules: [{11AF93FE-5A54-4A91-B00B-0F50555A62C5}] => (Allow) C:\Program Files\Google\Chrome\Application\chrome.exe (Google LLC -> Google LLC)
FirewallRules: [{80865D32-5975-4358-86C5-4C987DD09324}] => (Allow) C:\Program Files\Microsoft Office\root\Office16\outlook.exe (Microsoft Corporation -> Microsoft Corporation)
FirewallRules: [{D337C1D8-D219-4543-BFA8-3DECFD6351CA}] => (Allow) C:\Program Files\Microsoft Office\root\Office16\Lync.exe (Microsoft Corporation -> Microsoft Corporation)
FirewallRules: [{A807769F-00E7-4339-A048-10B877FD7D77}] => (Allow) C:\Program Files\Microsoft Office\root\Office16\Lync.exe (Microsoft Corporation -> Microsoft Corporation)
FirewallRules: [{FEE0931F-1496-49ED-85FC-C1D6BF46AA3F}] => (Allow) C:\Program Files\Microsoft Office\root\Office16\UcMapi.exe (Microsoft Corporation -> Microsoft Corporation)
FirewallRules: [{0948B9F7-EEEA-4DF7-A5D2-C896C74CF8AC}] => (Allow) C:\Program Files\Microsoft Office\root\Office16\UcMapi.exe (Microsoft Corporation -> Microsoft Corporation)
FirewallRules: [{CE9FDF17-C58C-410D-AF43-18C9C4376785}] => (Allow) C:\Program Files (x86)\Microsoft\EdgeWebView\Application\112.0.1722.39\msedgewebview2.exe (Microsoft Corporation -> Microsoft Corporation)

==================== Restore Points =========================

29-03-2023 18:03:54 Nainstalováno rozhraní DirectX
13-04-2023 14:35:32 Instalační služba modulů systému Windows
13-04-2023 14:37:17 Instalační služba modulů systému Windows

==================== Faulty Device Manager Devices ============

Name: Detection Verification
Description: Detection Verification
Class Guid:
Manufacturer:
Service:
Problem: : The drivers for this device are not installed. (Code 28)
Resolution: To install the drivers for this device, click "Update Driver", which starts the Hardware Update wizard.


==================== Event log errors: ========================

Application errors:
==================
Error: (04/13/2023 02:37:18 PM) (Source: Microsoft-Windows-CAPI2) (EventID: 513) (User: )
Description: Služba Šifrování selhala při volání OnIdentity() v objektu System Writer.

Details:
AddLegacyDriverFiles: Unable to back up image of binary Spyware Terminator Driver Filter.

System Error:
Systém nemůže nalézt uvedený soubor.
.

Error: (04/13/2023 02:35:35 PM) (Source: Microsoft-Windows-CAPI2) (EventID: 513) (User: )
Description: Služba Šifrování selhala při volání OnIdentity() v objektu System Writer.

Details:
AddLegacyDriverFiles: Unable to back up image of binary Spyware Terminator Driver Filter.

System Error:
Systém nemůže nalézt uvedený soubor.
.

Error: (04/05/2023 06:26:55 PM) (Source: Application Hang) (EventID: 1002) (User: )
Description: Program PhoneExperienceHost.exe verze 1.23012.167.0 přestal spolupracovat s Windows a byl ukončen. Pokud chcete zjistit, jestli je k dispozici více informací o tomto problému, vyhledejte historii problému na ovládacím panelu Zabezpečení a údržba.

ID procesu: 32e0

Čas spuštění: 01d967db02e80f7b

Čas ukončení: 4294967295

Cesta k aplikaci: C:\Program Files\WindowsApps\Microsoft.YourPhone_1.23012.167.0_x64__8wekyb3d8bbwe\PhoneExperienceHost.exe

ID hlášení: 3bb91088-b4e7-43bd-872e-b4add9f3becd

Úplný název balíčku s chybou: Microsoft.YourPhone_1.23012.167.0_x64__8wekyb3d8bbwe

ID aplikace relativní podle balíčku s chybou: App

Typ zablokování: Quiesce

Error: (03/29/2023 06:03:59 PM) (Source: Microsoft-Windows-CAPI2) (EventID: 513) (User: )
Description: Služba Šifrování selhala při volání OnIdentity() v objektu System Writer.

Details:
AddLegacyDriverFiles: Unable to back up image of binary Spyware Terminator Driver Filter.

System Error:
Systém nemůže nalézt uvedený soubor.
.

Error: (03/18/2023 03:47:09 AM) (Source: VSS) (EventID: 8193) (User: )
Description: Chyba služby Stínová kopie svazků: Při volání rutiny CoCreateInstance došlo k neočekávané chybě. hr= 0x8007045b, Probíhá vypnutí systému.
.

Error: (03/18/2023 03:47:09 AM) (Source: VSS) (EventID: 13) (User: )
Description: Informace služby Stínová kopie svazku: Server COM s identifikátorem CLSID {4e14fba2-2e22-11d1-9964-00c04fbbb345} a názvem CEventSystem nelze spustit. [0x8007045b, Probíhá vypnutí systému.
]

Error: (03/18/2023 03:42:02 AM) (Source: VSS) (EventID: 8193) (User: )
Description: Chyba služby Stínová kopie svazků: Při volání rutiny CoCreateInstance došlo k neočekávané chybě. hr= 0x8007045b, Probíhá vypnutí systému.
.

Error: (03/18/2023 03:42:02 AM) (Source: VSS) (EventID: 13) (User: )
Description: Informace služby Stínová kopie svazku: Server COM s identifikátorem CLSID {4e14fba2-2e22-11d1-9964-00c04fbbb345} a názvem CEventSystem nelze spustit. [0x8007045b, Probíhá vypnutí systému.
]


System errors:
=============
Error: (04/12/2023 10:54:09 PM) (Source: DCOM) (EventID: 10010) (User: DESKTOP-1BAQ5EU)
Description: Server {AB8902B4-09CA-4BB6-B78D-A8F59079A8D5} se v daném časovém limitu neregistroval u služby DCOM.

Error: (04/12/2023 10:54:09 PM) (Source: DCOM) (EventID: 10010) (User: DESKTOP-1BAQ5EU)
Description: Server {AB8902B4-09CA-4BB6-B78D-A8F59079A8D5} se v daném časovém limitu neregistroval u služby DCOM.

Error: (04/12/2023 10:54:08 PM) (Source: DCOM) (EventID: 10010) (User: DESKTOP-1BAQ5EU)
Description: Server {AB8902B4-09CA-4BB6-B78D-A8F59079A8D5} se v daném časovém limitu neregistroval u služby DCOM.

Error: (04/12/2023 10:54:08 PM) (Source: DCOM) (EventID: 10010) (User: DESKTOP-1BAQ5EU)
Description: Server {AB8902B4-09CA-4BB6-B78D-A8F59079A8D5} se v daném časovém limitu neregistroval u služby DCOM.

Error: (04/12/2023 10:54:08 PM) (Source: DCOM) (EventID: 10010) (User: DESKTOP-1BAQ5EU)
Description: Server {AB8902B4-09CA-4BB6-B78D-A8F59079A8D5} se v daném časovém limitu neregistroval u služby DCOM.

Error: (04/12/2023 10:54:08 PM) (Source: DCOM) (EventID: 10010) (User: DESKTOP-1BAQ5EU)
Description: Server {AB8902B4-09CA-4BB6-B78D-A8F59079A8D5} se v daném časovém limitu neregistroval u služby DCOM.

Error: (04/12/2023 10:54:08 PM) (Source: DCOM) (EventID: 10010) (User: DESKTOP-1BAQ5EU)
Description: Server {AB8902B4-09CA-4BB6-B78D-A8F59079A8D5} se v daném časovém limitu neregistroval u služby DCOM.

Error: (04/12/2023 10:54:08 PM) (Source: DCOM) (EventID: 10010) (User: DESKTOP-1BAQ5EU)
Description: Server {AB8902B4-09CA-4BB6-B78D-A8F59079A8D5} se v daném časovém limitu neregistroval u služby DCOM.


Windows Defender:
================
Date: 2023-04-14 23:12:04
Description:
Antivirová ochrana v programu Microsoft Defender zjistil malware nebo jiný potenciálně nežádoucí software.
Další informace:
https://go.microsoft.com/fwlink/?linkid ... terprise=0
Název: HackTool:Win32/Gmer
Závažnost: Vysoké
Kategorie: Nástroj
Cesta: file:_C:\Users\Petr\Downloads\3dijn8ub.exe
Původ detekce: Místní počítač
Typ detekce: Konkrétní
Zdroj detekce: Ochrana v reálném čase
Uživatel: DESKTOP-1BAQ5EU\Petr
Název procesu: C:\Users\Petr\Downloads\FRST64 (1).exe
Verze bezpečnostních informací: AV: 1.387.968.0, AS: 1.387.968.0, NIS: 1.387.968.0
Verze modulu: AM: 1.1.20200.4, NIS: 1.1.20200.4

Date: 2023-04-13 14:35:36
Description:
Prohledávání Antivirová ochrana v programu Microsoft Defender bylo zastaveno před dokončením.
ID prohledávání: {36F6AC02-0660-4D0E-860B-BE69D367D97F}
Typ prohledávání: Antimalwarový program
Parametry prohledávání: Rychlé prohledávání
Uživatel: NT AUTHORITY\SYSTEM

Date: 2023-04-05 20:40:57
Description:
Prohledávání Antivirová ochrana v programu Microsoft Defender bylo zastaveno před dokončením.
ID prohledávání: {02F8D360-397C-4051-B69E-6A9C57F88CEE}
Typ prohledávání: Antimalwarový program
Parametry prohledávání: Rychlé prohledávání
Uživatel: NT AUTHORITY\SYSTEM

Date: 2023-04-05 19:57:52
Description:
Prohledávání Antivirová ochrana v programu Microsoft Defender bylo zastaveno před dokončením.
ID prohledávání: {73C735AA-096E-4EF9-811F-7AB36F55B9E8}
Typ prohledávání: Antimalwarový program
Parametry prohledávání: Rychlé prohledávání
Uživatel: NT AUTHORITY\SYSTEM

Date: 2023-04-05 19:18:18
Description:
Prohledávání Antivirová ochrana v programu Microsoft Defender bylo zastaveno před dokončením.
ID prohledávání: {8FF95D2A-59B3-4705-817E-41254328E857}
Typ prohledávání: Antimalwarový program
Parametry prohledávání: Rychlé prohledávání
Uživatel: NT AUTHORITY\SYSTEM

CodeIntegrity:
===============
Date: 2023-04-13 14:35:37
Description:
Code Integrity determined that a process (\Device\HarddiskVolume6\ProgramData\Microsoft\Windows Defender\Platform\4.18.2303.8-0\MsMpEng.exe) attempted to load \Device\HarddiskVolume6\Program Files\Microsoft Office\root\vfs\ProgramFilesCommonX64\Microsoft Shared\OFFICE16\MSOXMLMF.DLL that did not meet the Custom 3 / Antimalware signing level requirements.

Date: 2023-04-05 18:28:17
Description:
Code Integrity determined that a process (\Device\HarddiskVolume6\ProgramData\Microsoft\Windows Defender\Platform\4.18.2302.7-0\MsMpEng.exe) attempted to load \Device\HarddiskVolume6\Program Files\Microsoft Office\root\vfs\ProgramFilesCommonX64\Microsoft Shared\OFFICE16\MSOXMLMF.DLL that did not meet the Custom 3 / Antimalware signing level requirements.

Date: 2023-03-19 17:51:57
Description:
Code Integrity determined that a process (\Device\HarddiskVolume6\ProgramData\Microsoft\Windows Defender\Platform\4.18.2301.6-0\MsMpEng.exe) attempted to load \Device\HarddiskVolume6\Program Files\Microsoft Office\root\vfs\ProgramFilesCommonX64\Microsoft Shared\OFFICE16\MSOXMLMF.DLL that did not meet the Custom 3 / Antimalware signing level requirements.

Date: 2023-02-19 13:23:38
Description:
Code Integrity determined that a process (\Device\HarddiskVolume6\Program Files\Google\Chrome\Application\chrome.exe) attempted to load \Device\HarddiskVolume6\Program Files\Malwarebytes\Anti-Malware\mbae64.dll that did not meet the Microsoft signing level requirements.


==================== Memory info ===========================

BIOS: Insyde Corp. V2.02 01/03/2019
Motherboard: KBL Charmander_KL
Processor: Intel(R) Core(TM) i5-8250U CPU @ 1.60GHz
Percentage of memory in use: 93%
Total physical RAM: 8067.6 MB
Available physical RAM: 545.68 MB
Total Virtual: 13443.6 MB
Available Virtual: 2444.73 MB

==================== Drives ================================

Drive c: () (Fixed) (Total:231.75 GB) (Free:71.7 GB) (Model: WDC WDS250G2B0B-00YS70) NTFS
Drive d: (Nový svazek) (Fixed) (Total:931.01 GB) (Free:899.04 GB) (Model: WDC WD10SPZX-21Z10T0) NTFS

\\?\Volume{56ef905f-6532-47a9-ab14-e865b1ea6fe0}\ (Obnovení) (Fixed) (Total:0.49 GB) (Free:0.47 GB) NTFS
\\?\Volume{b4862920-2841-450b-8335-e4f0185c8b25}\ () (Fixed) (Total:0.53 GB) (Free:0.08 GB) NTFS
\\?\Volume{9e9cdc99-12e4-4675-bd90-c9e45a54424b}\ () (Fixed) (Total:0.5 GB) (Free:0.49 GB) FAT32
\\?\Volume{90784aba-de4d-44f6-9279-f9f9693be6e5}\ () (Fixed) (Total:0.09 GB) (Free:0.06 GB) FAT32

==================== MBR & Partition Table ====================

==========================================================
Disk: 0 (Protective MBR) (Size: 931.5 GB) (Disk ID: 00000000)

Partition: GPT.

==========================================================
Disk: 1 (Size: 232.9 GB) (Disk ID: 464FED47)

Partition: GPT.

==================== End of Addition.txt =======================

Uživatelský avatar
Rudy
Site Admin
Site Admin
Příspěvky: 118200
Registrován: 30 říj 2003 13:42
Bydliště: Plzeň
Kontaktovat uživatele:

Re: Prosba o preventivní kontrolu

#2 Příspěvek od Rudy »

Zdravím!
Otevřte poznámkový blok a zkopírujte do něj:
Start

CloseProcesses:
HKLM-x32\...\Run: [SunJavaUpdateSched] => C:\Program Files (x86)\Common Files\Java\Java Update\jusched.exe [711288 2022-09-15] (Oracle America, Inc. -> Oracle Corporation)
HKLM\SOFTWARE\Policies\Microsoft\Windows\WindowsUpdate: Restriction <==== ATTENTION
GroupPolicy: Restriction ? <==== ATTENTION
Policies: C:\ProgramData\NTUSER.pol: Restriction <==== ATTENTION
Task: {63A5EAAE-EB7A-4911-9A50-10D1F1F4CA14} - System32\Tasks\GoogleUpdateTaskMachineUA{80424E2F-DC36-45C8-8775-E52CB2786E76} => C:\Program Files (x86)\Google\Update\GoogleUpdate.exe [171480 2022-10-21] (Google LLC -> Google LLC)
Task: {A9BDFD0C-6FC6-49FE-B535-7F27616D6F29} - System32\Tasks\GoogleUpdateTaskMachineCore{3B68CDC8-7166-4E82-B9DB-32AFB55B4715} => C:\Program Files (x86)\Google\Update\GoogleUpdate.exe [171480 2022-10-21] (Google LLC -> Google LLC)
U0 Partizan; system32\drivers\Partizan.sys [X]
C:\WINDOWS\system32\Tasks\GoogleUpdateTaskMachineUA{80424E2F-DC36-45C8-8775-E52CB2786E76}
C:\WINDOWS\system32\Tasks\GoogleUpdateTaskMachineCore{3B68CDC8-7166-4E82-B9DB-32AFB55B4715}
C:\DumpStack.log.tmp
CustomCLSID: HKU\S-1-5-21-3530969050-2372270893-3854167380-1001_Classes\CLSID\{d1b22d3d-8585-53a6-acb3-0e803c7e8d2a}\localserver32 -> "C:\Users\Petr\AppData\Local\Microsoft\Teams\current\Teams.exe" --toast => No File
ContextMenuHandlers5: [igfxcui] -> {3AB1675A-CCFF-11D2-8B20-00A0C93CB1F4} => -> No File
Shortcut: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\ADB & Fastboot++.lnk -> C:\Program Files (x86)\ADB and Fastboot++\OpenCMD.bat (No File)
Shortcut: C:\Users\Public\Desktop\ADB & Fastboot++.lnk -> C:\Program Files (x86)\ADB and Fastboot++\OpenCMD.bat (No File)
Shortcut: C:\Users\Public\Desktop\Toolkit.lnk -> C:\Program Files (x86)\ADB and Fastboot++\Toolkit.bat (No File)
C:\Users\Petr\Downloads\3dijn8ub.exe

EmptyTemp:
End
Uložte do C:\Users\Petr\Downloads jako fixlist.txt. Spusťte znovu FRST a klikněte na >Fix<. Po skončení akce se objeví log, který sem zkopírujte.
Dotazy a logy vkládejte pouze do vašich threadů. Soukromé zprávy, icq a e-maily neslouží k řešení vašich problémů.

Podpořte, prosím, naše fórum : https://platba.viry.cz/payment/.

Navštivte: Obrázek

e-mail: rudy(zavináč)forum.viry.cz

Varování:
Před odvirováním PC si udělejte zálohy svých důležitých dat (pošta, kontakty, dokumenty, fotografie, videa, hudba apod.). Virus mimo svých "viditelných" aktivit může poškodit systém!


Po dořešení vašeho problému bude vlákno zamknuto. Stejně tak tehdy, pokud bude nečinné více než 14dnů. Pokud budete chtít vlákno aktivovat, napište mi na mail uvedený výše.

Zemos
Návštěvník
Návštěvník
Příspěvky: 78
Registrován: 15 bře 2015 13:17

Re: Prosba o preventivní kontrolu

#3 Příspěvek od Zemos »

Fix result of Farbar Recovery Scan Tool (x64) Version: 29-04-2023
Ran by Petr (29-04-2023 20:30:28) Run:1
Running from C:\Users\Petr\Downloads
Loaded Profiles: Petr
Boot Mode: Normal
==============================================

fixlist content:
*****************
Start

CloseProcesses:
HKLM-x32\...\Run: [SunJavaUpdateSched] => C:\Program Files (x86)\Common Files\Java\Java Update\jusched.exe [711288 2022-09-15] (Oracle America, Inc. -> Oracle Corporation)
HKLM\SOFTWARE\Policies\Microsoft\Windows\WindowsUpdate: Restriction <==== ATTENTION
GroupPolicy: Restriction ? <==== ATTENTION
Policies: C:\ProgramData\NTUSER.pol: Restriction <==== ATTENTION
Task: {63A5EAAE-EB7A-4911-9A50-10D1F1F4CA14} - System32\Tasks\GoogleUpdateTaskMachineUA{80424E2F-DC36-45C8-8775-E52CB2786E76} => C:\Program Files (x86)\Google\Update\GoogleUpdate.exe [171480 2022-10-21] (Google LLC -> Google LLC)
Task: {A9BDFD0C-6FC6-49FE-B535-7F27616D6F29} - System32\Tasks\GoogleUpdateTaskMachineCore{3B68CDC8-7166-4E82-B9DB-32AFB55B4715} => C:\Program Files (x86)\Google\Update\GoogleUpdate.exe [171480 2022-10-21] (Google LLC -> Google LLC)
U0 Partizan; system32\drivers\Partizan.sys [X]
C:\WINDOWS\system32\Tasks\GoogleUpdateTaskMachineUA{80424E2F-DC36-45C8-8775-E52CB2786E76}
C:\WINDOWS\system32\Tasks\GoogleUpdateTaskMachineCore{3B68CDC8-7166-4E82-B9DB-32AFB55B4715}
C:\DumpStack.log.tmp
CustomCLSID: HKU\S-1-5-21-3530969050-2372270893-3854167380-1001_Classes\CLSID\{d1b22d3d-8585-53a6-acb3-0e803c7e8d2a}\localserver32 -> "C:\Users\Petr\AppData\Local\Microsoft\Teams\current\Teams.exe" --toast => No File
ContextMenuHandlers5: [igfxcui] -> {3AB1675A-CCFF-11D2-8B20-00A0C93CB1F4} => -> No File
Shortcut: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\ADB & Fastboot++.lnk -> C:\Program Files (x86)\ADB and Fastboot++\OpenCMD.bat (No File)
Shortcut: C:\Users\Public\Desktop\ADB & Fastboot++.lnk -> C:\Program Files (x86)\ADB and Fastboot++\OpenCMD.bat (No File)
Shortcut: C:\Users\Public\Desktop\Toolkit.lnk -> C:\Program Files (x86)\ADB and Fastboot++\Toolkit.bat (No File)
C:\Users\Petr\Downloads\3dijn8ub.exe

EmptyTemp:
End
*****************

Processes closed successfully.
"HKLM\Software\WOW6432Node\Microsoft\Windows\CurrentVersion\Run\\SunJavaUpdateSched" => removed successfully
HKLM\SOFTWARE\Policies\Microsoft\Windows\WindowsUpdate => removed successfully
C:\WINDOWS\system32\GroupPolicy\Machine => moved successfully
C:\WINDOWS\system32\GroupPolicy\GPT.ini => moved successfully
C:\WINDOWS\SysWOW64\GroupPolicy\GPT.ini => moved successfully
C:\ProgramData\NTUSER.pol => moved successfully
"HKLM\Software\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Plain\{63A5EAAE-EB7A-4911-9A50-10D1F1F4CA14}" => removed successfully
"HKLM\Software\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tasks\{63A5EAAE-EB7A-4911-9A50-10D1F1F4CA14}" => removed successfully
C:\WINDOWS\System32\Tasks\GoogleUpdateTaskMachineUA{80424E2F-DC36-45C8-8775-E52CB2786E76} => moved successfully
"HKLM\Software\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tree\GoogleUpdateTaskMachineUA{80424E2F-DC36-45C8-8775-E52CB2786E76}" => removed successfully
"HKLM\Software\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Logon\{A9BDFD0C-6FC6-49FE-B535-7F27616D6F29}" => removed successfully
"HKLM\Software\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tasks\{A9BDFD0C-6FC6-49FE-B535-7F27616D6F29}" => removed successfully
C:\WINDOWS\System32\Tasks\GoogleUpdateTaskMachineCore{3B68CDC8-7166-4E82-B9DB-32AFB55B4715} => moved successfully
"HKLM\Software\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tree\GoogleUpdateTaskMachineCore{3B68CDC8-7166-4E82-B9DB-32AFB55B4715}" => removed successfully
HKLM\System\CurrentControlSet\Services\Partizan => removed successfully
Partizan => service removed successfully
"C:\WINDOWS\system32\Tasks\GoogleUpdateTaskMachineUA{80424E2F-DC36-45C8-8775-E52CB2786E76}" => not found
"C:\WINDOWS\system32\Tasks\GoogleUpdateTaskMachineCore{3B68CDC8-7166-4E82-B9DB-32AFB55B4715}" => not found
Could not move "C:\DumpStack.log.tmp" => Scheduled to move on reboot.
HKU\S-1-5-21-3530969050-2372270893-3854167380-1001_Classes\CLSID\{d1b22d3d-8585-53a6-acb3-0e803c7e8d2a} => removed successfully
HKLM\Software\Classes\Directory\Background\ShellEx\ContextMenuHandlers\igfxcui => removed successfully
C:\ProgramData\Microsoft\Windows\Start Menu\Programs\ADB & Fastboot++.lnk => moved successfully
C:\Users\Public\Desktop\ADB & Fastboot++.lnk => moved successfully
C:\Users\Public\Desktop\Toolkit.lnk => moved successfully
"C:\Users\Petr\Downloads\3dijn8ub.exe" => not found

=========== EmptyTemp: ==========

FlushDNS => completed
BITS transfer queue => 1310720 B
DOMStore, IE Recovery, AppCache, Feeds Cache, Thumbcache, IconCache => 23429055 B
Java, Discord, Steam htmlcache, WinHttpAutoProxySvc/winhttp *.cache => 705348380 B
Windows/system/drivers => 68833460 B
Edge => 0 B
Chrome => 1138048980 B
Firefox => 0 B
Opera => 0 B

Temp, IE cache, history, cookies, recent:
Default => 0 B
ProgramData => 0 B
Public => 0 B
systemprofile => 145509 B
systemprofile32 => 145888 B
LocalService => 192642 B
NetworkService => 272692 B
Petr => 35667368 B

RecycleBin => 0 B
EmptyTemp: => 1.8 GB temporary data Removed.

================================

Result of scheduled files to move (Boot Mode: Normal) (Date&Time: 29-04-2023 20:32:17)

C:\DumpStack.log.tmp => Could not move

==== End of Fixlog 20:32:17 ====

Uživatelský avatar
JaRon
Moderátor
Moderátor
Příspěvky: 15198
Registrován: 29 bře 2005 13:39
Bydliště: BB-SK

Re: Prosba o preventivní kontrolu

#4 Příspěvek od JaRon »

Vloz aktualne logy FRST
FRST |ADWCleaner |MBAM |CCleaner |AVPTool

V prípade spokojnosti je možné podporiť fórum
https://platba.viry.cz/payment/

Zemos
Návštěvník
Návštěvník
Příspěvky: 78
Registrován: 15 bře 2015 13:17

Re: Prosba o preventivní kontrolu

#5 Příspěvek od Zemos »

Scan result of Farbar Recovery Scan Tool (FRST) (x64) Version: 08-05-2023
Ran by Petr (administrator) on DESKTOP-1BAQ5EU (Acer Aspire A515-51) (09-05-2023 14:36:19)
Running from C:\Users\Petr\Downloads\FRST64.exe
Loaded Profiles: Petr
Platform: Microsoft Windows 10 Home Version 22H2 19045.2846 (X64) Language: Čeština (Česko)
Default browser: Chrome
Boot Mode: Normal

==================== Processes (Whitelisted) =================

(If an entry is included in the fixlist, the process will be closed. The file will not be moved.)

(C:\Program Files (x86)\Google\Update\GoogleUpdate.exe ->) (Google LLC -> Google LLC) C:\Program Files (x86)\Google\Update\1.3.36.212\GoogleCrashHandler.exe
(C:\Program Files (x86)\Google\Update\GoogleUpdate.exe ->) (Google LLC -> Google LLC) C:\Program Files (x86)\Google\Update\1.3.36.212\GoogleCrashHandler64.exe
(C:\Program Files\Malwarebytes\Anti-Malware\MBAMService.exe ->) (Malwarebytes Inc. -> Malwarebytes) C:\Program Files\Malwarebytes\Anti-Malware\mbamtray.exe
(C:\ProgramData\Microsoft\Windows Defender\Platform\4.18.2304.8-0\MsMpEng.exe ->) (Microsoft Windows Publisher -> Microsoft Corporation) C:\ProgramData\Microsoft\Windows Defender\Platform\4.18.2304.8-0\MpCmdRun.exe <2>
(DriverStore\FileRepository\igdlh64.inf_amd64_4b34c18659561116\igfxCUIService.exe ->) (Intel(R) pGFX -> Intel Corporation) C:\Windows\System32\DriverStore\FileRepository\igdlh64.inf_amd64_4b34c18659561116\igfxEM.exe
(explorer.exe ->) (Google LLC -> Google LLC) C:\Program Files\Google\Chrome\Application\chrome.exe <16>
(explorer.exe ->) (Microsoft Windows -> Microsoft Corporation) C:\Windows\System32\rundll32.exe
(explorer.exe ->) (Realtek Semiconductor Corp. -> Realtek Semiconductor) C:\Program Files\Realtek\Audio\HDA\RAVBg64.exe
(explorer.exe ->) (Realtek Semiconductor Corp. -> Realtek Semiconductor) C:\Program Files\Realtek\Audio\HDA\RAVCpl64.exe
(explorer.exe ->) (Spotify AB -> Spotify Ltd) C:\Users\Petr\AppData\Roaming\Spotify\Spotify.exe <6>
(Google LLC -> Google LLC) C:\Program Files (x86)\Google\Update\GoogleUpdate.exe
(Microsoft Corporation -> Microsoft Corporation) C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe <7>
(Microsoft Windows -> Microsoft Corporation) C:\Windows\System32\MusNotifyIcon.exe
(PIRIFORM SOFTWARE LIMITED -> Piriform Software Ltd) C:\Program Files\CCleaner\CCleaner64.exe
(services.exe ->) (Intel Corporation -> Intel Corporation) C:\Windows\System32\DriverStore\FileRepository\iaahcic.inf_amd64_3de4831720bb2934\RstMwService.exe
(services.exe ->) (Intel Corporation -> Intel Corporation) C:\Windows\System32\DriverStore\FileRepository\mewmiprov.inf_amd64_cad1db73e8c782a6\WMIRegistrationService.exe
(services.exe ->) (Intel(R) Embedded Subsystems and IP Blocks Group -> Intel Corporation) C:\Windows\System32\DriverStore\FileRepository\dal.inf_amd64_b5484efd38adbe8d\jhi_service.exe
(services.exe ->) (Intel(R) pGFX -> Intel Corporation) C:\Windows\System32\DriverStore\FileRepository\igdlh64.inf_amd64_4b34c18659561116\igfxCUIService.exe
(services.exe ->) (Intel(R) pGFX -> Intel Corporation) C:\Windows\System32\DriverStore\FileRepository\igdlh64.inf_amd64_4b34c18659561116\IntelCpHDCPSvc.exe
(services.exe ->) (Intel(R) pGFX -> Intel Corporation) C:\Windows\System32\DriverStore\FileRepository\igdlh64.inf_amd64_4b34c18659561116\IntelCpHeciSvc.exe
(services.exe ->) (Malwarebytes Inc. -> Malwarebytes) C:\Program Files\Malwarebytes\Anti-Malware\MBAMService.exe
(services.exe ->) (Microsoft Corporation -> Microsoft Corporation) C:\Program Files (x86)\Microsoft GameInput\x64\gameinputsvc.exe <2>
(services.exe ->) (Microsoft Corporation -> Microsoft Corporation) C:\Program Files\Common Files\microsoft shared\ClickToRun\OfficeClickToRun.exe
(services.exe ->) (Microsoft Corporation -> Microsoft Corporation) C:\Program Files\WindowsApps\Microsoft.GamingServices_11.76.5001.0_x64__8wekyb3d8bbwe\gamingservices.exe
(services.exe ->) (Microsoft Corporation -> Microsoft Corporation) C:\Program Files\WindowsApps\Microsoft.GamingServices_11.76.5001.0_x64__8wekyb3d8bbwe\gamingservicesnet.exe
(services.exe ->) (Microsoft Corporation -> Microsoft Corporation) C:\Windows\Microsoft.NET\Framework64\v3.0\WPF\PresentationFontCache.exe
(services.exe ->) (Microsoft Windows Hardware Compatibility Publisher -> Windows (R) Win 7 DDK provider) C:\Windows\System32\drivers\AdminService.exe
(services.exe ->) (Microsoft Windows Publisher -> Microsoft Corporation) C:\ProgramData\Microsoft\Windows Defender\Platform\4.18.2304.8-0\MsMpEng.exe
(services.exe ->) (Microsoft Windows Publisher -> Microsoft Corporation) C:\ProgramData\Microsoft\Windows Defender\Platform\4.18.2304.8-0\NisSrv.exe
(services.exe ->) (Qualcomm Atheros -> Qualcomm Technologies Inc.) C:\Windows\System32\drivers\QcomWlanSrvx64.exe
(services.exe ->) (Smart Sound Technology -> Intel) C:\Windows\System32\cAVS\Intel(R) Audio Service\IntelAudioService.exe
(svchost.exe ->) (Microsoft Corporation -> ) C:\Program Files\WindowsApps\Microsoft.BingWeather_4.53.51253.0_x64__8wekyb3d8bbwe\Microsoft.Msn.Weather.exe
(svchost.exe ->) (Microsoft Corporation -> Microsoft Corporation) C:\Program Files\WindowsApps\Microsoft.WindowsCalculator_11.2210.0.0_x64__8wekyb3d8bbwe\CalculatorApp.exe
(svchost.exe ->) (Microsoft Corporation -> Microsoft Corporation) C:\Program Files\WindowsApps\microsoft.windowscommunicationsapps_16005.14326.21422.0_x64__8wekyb3d8bbwe\HxTsr.exe
(svchost.exe ->) (Microsoft Corporation -> Microsoft Corporation) C:\Program Files\WindowsApps\Microsoft.XboxGamingOverlay_5.823.3261.0_x64__8wekyb3d8bbwe\GameBar.exe
(svchost.exe ->) (Microsoft Corporation -> Microsoft Corporation) C:\Program Files\WindowsApps\Microsoft.XboxGamingOverlay_5.823.3261.0_x64__8wekyb3d8bbwe\GameBarFTServer.exe
(svchost.exe ->) (Microsoft Windows -> Microsoft Corporation) C:\Windows\ImmersiveControlPanel\SystemSettings.exe
(svchost.exe ->) (Microsoft Windows -> Microsoft Corporation) C:\Windows\System32\dllhost.exe <3>
(svchost.exe ->) (Microsoft Windows -> Microsoft Corporation) C:\Windows\System32\MoUsoCoreWorker.exe
(svchost.exe ->) (Microsoft Windows -> Microsoft Corporation) C:\Windows\SysWOW64\dllhost.exe

==================== Registry (Whitelisted) ===================

(If an entry is included in the fixlist, the registry item will be restored to default or removed. The file will not be moved.)

HKLM\...\Run: [RTHDVCPL] => C:\Program Files\Realtek\Audio\HDA\RAVCpl64.exe [19677472 2020-03-06] (Realtek Semiconductor Corp. -> Realtek Semiconductor)
HKLM\...\Run: [RtHDVBg_ASC] => C:\Program Files\Realtek\Audio\HDA\RAVBg64.exe [3617568 2020-03-06] (Realtek Semiconductor Corp. -> Realtek Semiconductor)
HKLM\...\Run: [RtHDVBg_CTPreset] => C:\Program Files\Realtek\Audio\HDA\RAVBg64.exe [3617568 2020-03-06] (Realtek Semiconductor Corp. -> Realtek Semiconductor)
HKLM-x32\...\Run: [TeamsMachineUninstallerLocalAppData] => C:\Users\Petr\AppData\Local\Microsoft\Teams\Update.exe [2585920 2022-11-26] (Microsoft 3rd Party Application Component -> Microsoft Corporation)
HKLM-x32\...\Run: [TeamsMachineUninstallerProgramData] => %ProgramData%\Microsoft\Teams\Update.exe --uninstall --msiUninstall --source=default (No File)
HKLM\...\RunOnce: [Delete Cached Update Binary] => C:\WINDOWS\system32\cmd.exe /q /c del /q "C:\Program Files\Microsoft OneDrive\Update\OneDriveSetup.exe" (No File)
HKLM\...\RunOnce: [Delete Cached Standalone Update Binary] => C:\WINDOWS\system32\cmd.exe /q /c del /q "C:\Program Files\Microsoft OneDrive\StandaloneUpdater\OneDriveSetup.exe" (No File)
HKU\S-1-5-21-3530969050-2372270893-3854167380-1001\...\Run: [OneDrive] => C:\Program Files\Microsoft OneDrive\OneDrive.exe [2602360 2023-05-06] (Microsoft Corporation -> Microsoft Corporation)
HKU\S-1-5-21-3530969050-2372270893-3854167380-1001\...\Run: [com.squirrel.Teams.Teams] => C:\Users\Petr\AppData\Local\Microsoft\Teams\Update.exe [2585920 2022-11-26] (Microsoft 3rd Party Application Component -> Microsoft Corporation)
HKU\S-1-5-21-3530969050-2372270893-3854167380-1001\...\Run: [CCleaner Smart Cleaning] => C:\Program Files\CCleaner\CCleaner64.exe [40412984 2023-04-26] (PIRIFORM SOFTWARE LIMITED -> Piriform Software Ltd)
HKU\S-1-5-21-3530969050-2372270893-3854167380-1001\...\Run: [Spotify] => C:\Users\Petr\AppData\Roaming\Spotify\Spotify.exe [20475768 2023-04-29] (Spotify AB -> Spotify Ltd)
HKU\S-1-5-21-3530969050-2372270893-3854167380-1001\...\Run: [Steam] => D:\steam\steam.exe [4253032 2023-02-14] (Valve Corp. -> Valve Corporation)
HKU\S-1-5-21-3530969050-2372270893-3854167380-1001\...\Run: [Discord] => C:\Users\Petr\AppData\Local\Discord\Update.exe [1525016 2022-12-09] (Discord Inc. -> GitHub)
HKU\S-1-5-21-3530969050-2372270893-3854167380-1001\...\Run: [EpicGamesLauncher] => C:\Program Files (x86)\Epic Games\Launcher\Portal\Binaries\Win64\EpicGamesLauncher.exe [37123024 2023-05-04] (Epic Games Inc. -> Epic Games, Inc.)
HKU\S-1-5-21-3530969050-2372270893-3854167380-1001\...\Run: [MicrosoftEdgeAutoLaunch_88D36A2D9DF9AF2106D8CF7538FE64F2] => "C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --no-startup-window --win-session-start /prefetch:5 [4152224 2023-05-05] (Microsoft Corporation -> Microsoft Corporation)
HKU\S-1-5-21-3530969050-2372270893-3854167380-1001\...\Policies\Explorer: [NoLowDiskSpaceChecks] 1
HKLM\Software\Microsoft\Active Setup\Installed Components: [{8A69D345-D564-463c-AFF1-A69D9E530F96}] -> C:\Program Files\Google\Chrome\Application\112.0.5615.140\Installer\chrmstp.exe [2023-05-09] (Google LLC -> Google LLC)

==================== Scheduled Tasks (Whitelisted) ============

(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)

Task: {05C16292-9E23-4921-9CB0-B7DE2B34A23C} - System32\Tasks\RtHDVBg_ASC => C:\Program Files\Realtek\Audio\HDA\RAVBg64.exe [3617568 2020-03-06] (Realtek Semiconductor Corp. -> Realtek Semiconductor)
Task: {0EA4FFF3-64A9-421B-B956-D1A8B603470A} - System32\Tasks\CCleaner Update => C:\Program Files\CCleaner\CCUpdate.exe [714256 2023-04-26] (PIRIFORM SOFTWARE LIMITED -> Piriform Software Ltd)
Task: {1FED4295-3C2A-4754-A054-0B603A0D7DB0} - System32\Tasks\Microsoft\Windows\Windows Defender\Windows Defender Cleanup => C:\ProgramData\Microsoft\Windows Defender\Platform\4.18.2304.8-0\MpCmdRun.exe [1650024 2023-05-04] (Microsoft Windows Publisher -> Microsoft Corporation)
Task: {236DDBA3-AA68-4539-A9F9-6417ED920A99} - System32\Tasks\RTKCPL => C:\Program Files\Realtek\Audio\HDA\RAVBg64.exe [3617568 2020-03-06] (Realtek Semiconductor Corp. -> Realtek Semiconductor)
Task: {25CCB1DE-586E-43FB-BAFA-25085B3AD43F} - System32\Tasks\Microsoft\Windows\Windows Defender\Windows Defender Cache Maintenance => C:\ProgramData\Microsoft\Windows Defender\Platform\4.18.2304.8-0\MpCmdRun.exe [1650024 2023-05-04] (Microsoft Windows Publisher -> Microsoft Corporation)
Task: {2BF307EF-F0E1-40FD-9015-6C2BF3AD32F5} - System32\Tasks\Microsoft\Windows\Windows Defender\Windows Defender Verification => C:\ProgramData\Microsoft\Windows Defender\Platform\4.18.2304.8-0\MpCmdRun.exe [1650024 2023-05-04] (Microsoft Windows Publisher -> Microsoft Corporation)
Task: {44FC47AD-4DC5-49FC-858B-5E93A28D7A2B} - System32\Tasks\Microsoft\Office\Office Feature Updates Logon => C:\Program Files\Microsoft Office\root\Office16\sdxhelper.exe [157664 2023-05-02] (Microsoft Corporation -> Microsoft Corporation)
Task: {6946D15E-398F-4C17-A332-EE552EFD256D} - System32\Tasks\OneDrive Per-Machine Standalone Update Task => C:\Program Files\Microsoft OneDrive\OneDriveStandaloneUpdater.exe [4196784 2023-05-06] (Microsoft Corporation -> Microsoft Corporation)
Task: {7403D0E4-7115-45FE-A617-78691F0B3ACB} - System32\Tasks\Microsoft\Office\Office ClickToRun Service Monitor => C:\Program Files\Common Files\Microsoft Shared\ClickToRun\OfficeC2RClient.exe [26513320 2023-05-02] (Microsoft Corporation -> Microsoft Corporation)
Task: {7A6BC5E5-53D7-4904-A6C7-3715C5F2451E} - System32\Tasks\Microsoft\Office\Office Performance Monitor => C:\Program Files\Microsoft Office\root\VFS\ProgramFilesCommonX64\Microsoft Shared\Office16\operfmon.exe [190816 2023-05-02] (Microsoft Corporation -> Microsoft Corporation)
Task: {B068ADF0-4517-4166-9AC4-271E83F04170} - System32\Tasks\Microsoft\Office\Office Subscription Maintenance => C:\Program Files\Microsoft Office\root\vfs\ProgramFilesCommonx64\Microsoft Shared\Office16\OLicenseHeartbeat.exe [964552 2023-05-02] (Microsoft Corporation -> Microsoft Corporation)
Task: {B4469C6D-0F46-475A-B548-D1F0B01912DD} - System32\Tasks\CCleanerCrashReporting => C:\Program Files\CCleaner\CCleanerBugReport.exe [4703544 2023-04-26] (PIRIFORM SOFTWARE LIMITED -> Piriform Software) -> --product 90 --send dumps|report --path "C:\Program Files\CCleaner\LOG" --programpath "C:\Program Files\CCleaner" --configpath "C:\Program Files\CCleaner\Setup" --guid "fc89cfbf-5b9d-46a6-9de8-ce21ebf636d4" --version "6.11.10455" --silent
Task: {E2283F98-4262-4AD3-B551-0EEEBF4BE6DF} - System32\Tasks\CCleanerSkipUAC - Petr => C:\Program Files\CCleaner\CCleaner.exe [34159416 2023-04-26] (PIRIFORM SOFTWARE LIMITED -> Piriform Software Ltd)
Task: {E6D991A8-01BD-44DA-8A0B-E10E70951062} - System32\Tasks\OneDrive Reporting Task-S-1-5-21-3530969050-2372270893-3854167380-1001 => C:\Program Files\Microsoft OneDrive\OneDriveStandaloneUpdater.exe [4196784 2023-05-06] (Microsoft Corporation -> Microsoft Corporation)
Task: {E770D8CA-58BD-4B9E-84B3-578960E46C5C} - System32\Tasks\Microsoft\Office\Office Automatic Updates 2.0 => C:\Program Files\Common Files\Microsoft Shared\ClickToRun\OfficeC2RClient.exe [26513320 2023-05-02] (Microsoft Corporation -> Microsoft Corporation)
Task: {ECF375FD-29BA-4363-8BFF-1BE7E9A46F2A} - System32\Tasks\Microsoft\Office\Office Feature Updates => C:\Program Files\Microsoft Office\root\Office16\sdxhelper.exe [157664 2023-05-02] (Microsoft Corporation -> Microsoft Corporation)
Task: {FA0CD947-BBB8-48CB-A12A-F0ACC57B15FB} - System32\Tasks\Microsoft\Windows\Windows Defender\Windows Defender Scheduled Scan => C:\ProgramData\Microsoft\Windows Defender\Platform\4.18.2304.8-0\MpCmdRun.exe [1650024 2023-05-04] (Microsoft Windows Publisher -> Microsoft Corporation)

(If an entry is included in the fixlist, the task (.job) file will be moved. The file which is running by the task will not be moved.)

Task: C:\WINDOWS\Tasks\CCleanerCrashReporting.job => C:\Program Files\CCleaner\CCleanerBugReport.exe

==================== Internet (Whitelisted) ====================

(If an item is included in the fixlist, if it is a registry item it will be removed or restored to default.)

Tcpip\Parameters: [DhcpNameServer] 192.168.31.1
Tcpip\..\Interfaces\{084b3ecf-bd7b-4d68-a506-ccf67c42b42c}: [DhcpNameServer] 192.168.31.1
Tcpip\..\Interfaces\{443571c0-20bc-43ed-b2f9-caf383bf0861}: [DhcpNameServer] 192.168.31.1

Edge:
=======
Edge DefaultProfile: Default
Edge Profile: C:\Users\Petr\AppData\Local\Microsoft\Edge\User Data\Default [2023-05-09]
Edge Extension: (Malwarebytes Browser Guard) - C:\Users\Petr\AppData\Local\Microsoft\Edge\User Data\Default\Extensions\bojobppfploabceghnmlahpoonbcbacn [2023-05-08]
Edge HKLM\...\Edge\Extension: [bojobppfploabceghnmlahpoonbcbacn]
Edge HKLM-x32\...\Edge\Extension: [bojobppfploabceghnmlahpoonbcbacn]

FireFox:
========
FF Plugin: @java.com/DTPlugin,version=11.351.2 -> C:\Program Files\Java\jre1.8.0_351\bin\dtplugin\npDeployJava1.dll [2022-11-19] (Oracle America, Inc. -> Oracle Corporation)
FF Plugin: @java.com/JavaPlugin,version=11.351.2 -> C:\Program Files\Java\jre1.8.0_351\bin\plugin2\npjp2.dll [2022-11-19] (Oracle America, Inc. -> Oracle Corporation)
FF Plugin: @microsoft.com/SharePoint,version=14.0 -> C:\Program Files\Microsoft Office\root\Office16\NPSPWRAP.DLL [2022-11-01] (Microsoft Corporation -> Microsoft Corporation)
FF Plugin-x32: @microsoft.com/Lync,version=15.0 -> C:\Program Files\Microsoft Office\root\VFS\ProgramFilesX86\Mozilla Firefox\plugins\npmeetingjoinpluginoc.dll [2022-11-01] (Microsoft Corporation -> Microsoft Corporation)
FF Plugin-x32: @microsoft.com/SharePoint,version=14.0 -> C:\Program Files\Microsoft Office\root\VFS\ProgramFilesX86\Microsoft Office\Office16\NPSPWRAP.DLL [2022-11-01] (Microsoft Corporation -> Microsoft Corporation)

Chrome:
=======
CHR DefaultProfile: Default
CHR Profile: C:\Users\Petr\AppData\Local\Google\Chrome\User Data\Default [2023-05-09]
CHR Extension: (Dokumenty Google offline) - C:\Users\Petr\AppData\Local\Google\Chrome\User Data\Default\Extensions\ghbmnnjooekpmoecnnnilnnbdlolhkhi [2023-04-26]
CHR Extension: (AdBlock - nejlepší blokátor reklam) - C:\Users\Petr\AppData\Local\Google\Chrome\User Data\Default\Extensions\gighmmpiobklfepjocnamgkkbiglidom [2023-05-02]
CHR Extension: (Platby Internetového obchodu Chrome) - C:\Users\Petr\AppData\Local\Google\Chrome\User Data\Default\Extensions\nmmhkkegccagdldgiimedpiccmgmieda [2022-10-21]
CHR Extension: (Hlídač Shopů) - C:\Users\Petr\AppData\Local\Google\Chrome\User Data\Default\Extensions\plmlonggbfebcjelncogcnclagkmkikk [2023-03-25]
CHR Profile: C:\Users\Petr\AppData\Local\Google\Chrome\User Data\Guest Profile [2023-05-08]
CHR Profile: C:\Users\Petr\AppData\Local\Google\Chrome\User Data\Profile 1 [2023-05-01]
CHR NewTab: Profile 1 -> Not-active:"chrome-extension://laookkfknpbbblfpciffpaejjkokdgca/dashboard.html"
CHR Extension: (Bulk Media Downloader) - C:\Users\Petr\AppData\Local\Google\Chrome\User Data\Profile 1\Extensions\ehfdcgbfcboceiclmjaofdannmjdeaoi [2023-02-09]
CHR Extension: (Dokumenty Google offline) - C:\Users\Petr\AppData\Local\Google\Chrome\User Data\Profile 1\Extensions\ghbmnnjooekpmoecnnnilnnbdlolhkhi [2023-04-27]
CHR Extension: (AdBlock - nejlepší blokátor reklam) - C:\Users\Petr\AppData\Local\Google\Chrome\User Data\Profile 1\Extensions\gighmmpiobklfepjocnamgkkbiglidom [2023-04-27]
CHR Extension: (Malwarebytes Browser Guard) - C:\Users\Petr\AppData\Local\Google\Chrome\User Data\Profile 1\Extensions\ihcjicgdanjaechkgeegckofjjedodee [2023-04-13]
CHR Extension: (Chrome Remote Desktop) - C:\Users\Petr\AppData\Local\Google\Chrome\User Data\Profile 1\Extensions\inomeogfingihgjfjlpeplalcfajhgai [2022-12-11]
CHR Extension: (Turbo Download Manager (Classic)) - C:\Users\Petr\AppData\Local\Google\Chrome\User Data\Profile 1\Extensions\kemfccojgjoilhfmcblgimbggikekjip [2023-02-09]
CHR Extension: (Momentum) - C:\Users\Petr\AppData\Local\Google\Chrome\User Data\Profile 1\Extensions\laookkfknpbbblfpciffpaejjkokdgca [2023-04-27]
CHR Extension: (Aliexpress SuperStar česky, Historie cen a koruny) - C:\Users\Petr\AppData\Local\Google\Chrome\User Data\Profile 1\Extensions\mceplokdebjaneacdmhgacicphdkenab [2022-12-19]
CHR Extension: (MetaMask) - C:\Users\Petr\AppData\Local\Google\Chrome\User Data\Profile 1\Extensions\nkbihfbeogaeaoehlefnkodbefgpgknn [2023-04-16]
CHR Extension: (Platby Internetového obchodu Chrome) - C:\Users\Petr\AppData\Local\Google\Chrome\User Data\Profile 1\Extensions\nmmhkkegccagdldgiimedpiccmgmieda [2022-10-28]
CHR Profile: C:\Users\Petr\AppData\Local\Google\Chrome\User Data\System Profile [2023-05-05]
CHR HKLM\...\Chrome\Extension: [ihcjicgdanjaechkgeegckofjjedodee]
CHR HKLM-x32\...\Chrome\Extension: [ihcjicgdanjaechkgeegckofjjedodee]

==================== Services (Whitelisted) ===================

(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)

S3 CCleanerPerformanceOptimizerService; C:\Program Files\CCleaner\CCleanerPerformanceOptimizerService.exe [1063736 2023-04-26] (PIRIFORM SOFTWARE LIMITED -> Piriform Software Ltd)
R2 ClickToRunSvc; C:\Program Files\Common Files\Microsoft Shared\ClickToRun\OfficeClickToRun.exe [11749288 2023-05-02] (Microsoft Corporation -> Microsoft Corporation)
S3 EpicOnlineServices; C:\Program Files (x86)\Epic Games\Epic Online Services\service\EpicOnlineServicesHost.exe [934352 2023-02-10] (Epic Games Inc. -> Epic Games, Inc.)
S3 FileSyncHelper; C:\Program Files\Microsoft OneDrive\23.081.0416.0001\FileSyncHelper.exe [3445120 2023-05-06] (Microsoft Corporation -> Microsoft Corporation)
S3 LxssManagerUser; C:\WINDOWS\system32\lxss\wslclient.dll [393216 2023-04-13] (Microsoft Windows -> Microsoft Corporation)
R2 MBAMService; C:\Program Files\Malwarebytes\Anti-Malware\MBAMService.exe [9245528 2023-05-08] (Malwarebytes Inc. -> Malwarebytes)
S3 OneDrive Updater Service; C:\Program Files\Microsoft OneDrive\23.081.0416.0001\OneDriveUpdaterService.exe [3781512 2023-05-06] (Microsoft Corporation -> Microsoft Corporation)
R3 WdNisSvc; C:\ProgramData\Microsoft\Windows Defender\Platform\4.18.2304.8-0\NisSrv.exe [3216064 2023-05-04] (Microsoft Windows Publisher -> Microsoft Corporation)
R2 WinDefend; C:\ProgramData\Microsoft\Windows Defender\Platform\4.18.2304.8-0\MsMpEng.exe [133544 2023-05-04] (Microsoft Windows Publisher -> Microsoft Corporation)

===================== Drivers (Whitelisted) ===================

(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)

R3 AcerAirplaneModeController; C:\WINDOWS\System32\drivers\AcerAirplaneModeController.sys [30168 2020-05-12] (Acer Incorporated -> Acer Incorporated)
S3 BrSerIb; C:\WINDOWS\System32\drivers\BrSerIb.sys [95344 2013-11-21] (Brother Industries, Ltd. -> Brother Industries Ltd.)
S3 BrUsbSIb; C:\WINDOWS\System32\drivers\BrUsbSIb.sys [21872 2013-11-21] (Brother Industries, Ltd. -> Brother Industries Ltd.)
S3 LMDriver; C:\WINDOWS\System32\drivers\LMDriver.sys [31032 2017-10-20] (Acer Incorporated -> Acer Incorporated)
R2 MBAMChameleon; C:\WINDOWS\System32\Drivers\MbamChameleon.sys [223176 2023-05-08] (Microsoft Windows Hardware Compatibility Publisher -> Malwarebytes)
S0 MbamElam; C:\WINDOWS\System32\DRIVERS\MbamElam.sys [21480 2023-02-04] (Microsoft Windows Early Launch Anti-malware Publisher -> Malwarebytes)
R3 MBAMSwissArmy; C:\WINDOWS\System32\Drivers\mbamswissarmy.sys [239544 2023-02-04] (Microsoft Windows Hardware Compatibility Publisher -> Malwarebytes)
R3 MpKsl9ab58b4d; C:\ProgramData\Microsoft\Windows Defender\Definition Updates\{DB742412-4474-48F0-886A-D7EEFA177D5A}\MpKslDrv.sys [212264 2023-05-09] (Microsoft Windows -> Microsoft Corporation)
S3 qcfilter; C:\WINDOWS\system32\DRIVERS\qcusbfilter.sys [40448 2014-05-23] (QUALCOMM Incorporated) [File not signed]
S3 RadioShim; C:\WINDOWS\System32\drivers\RadioShim.sys [25400 2017-10-20] (Acer Incorporated -> Acer Incorporated)
U5 RegDeleteEx; C:\WINDOWS\system32\drivers\RegDeleteEx.sys [24920 2022-12-11] (NoVirusThanks Company Srl -> NoVirusThanks Company Srl)
S3 VBoxUSB; C:\WINDOWS\System32\Drivers\VBoxUSB.sys [177752 2022-10-10] (Oracle Corporation -> Oracle Corporation)
S0 WdBoot; C:\WINDOWS\System32\drivers\wd\WdBoot.sys [49616 2023-05-04] (Microsoft Windows Early Launch Anti-malware Publisher -> Microsoft Corporation)
R0 WdFilter; C:\WINDOWS\System32\drivers\wd\WdFilter.sys [498944 2023-05-04] (Microsoft Windows -> Microsoft Corporation)
R3 WdNisDrv; C:\WINDOWS\System32\drivers\wd\WdNisDrv.sys [99608 2023-05-04] (Microsoft Windows -> Microsoft Corporation)

==================== NetSvcs (Whitelisted) ===================

(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)


==================== One month (created) (Whitelisted) =========

(If an entry is included in the fixlist, the file/folder will be moved.)

2023-05-08 22:16 - 2023-05-08 22:17 - 000000000 ____D C:\Users\Petr\AppData\Local\Malwarebytes
2023-04-30 12:29 - 2023-04-30 12:29 - 000001345 _____ C:\Users\Petr\Downloads\Přiznání k DPFO vz. 28, 2022 řádné EP - Lenka Krejcarová.xml
2023-04-30 01:31 - 2023-04-30 01:31 - 000006673 _____ C:\Users\Petr\Downloads\model.bbmodel
2023-04-30 01:26 - 2023-04-30 01:55 - 000039912 _____ C:\Users\Petr\Documents\resource pack.zip
2023-04-30 01:18 - 2023-04-30 01:18 - 000092931 _____ C:\Users\Petr\Downloads\devil-girl-blockbench.zip
2023-04-30 01:04 - 2023-04-30 01:05 - 001638773 _____ C:\Users\Petr\Downloads\Model-Engine-Demo-R3.1.7.jar
2023-04-30 01:02 - 2023-04-30 01:03 - 014468939 _____ C:\Users\Petr\Downloads\MythicMobs-5.2.6.jar
2023-04-30 00:40 - 2023-04-30 00:40 - 000902425 _____ C:\Users\Petr\Downloads\HolographicDisplays.jar
2023-04-30 00:14 - 2023-04-30 00:14 - 007389211 _____ C:\Users\Petr\Downloads\AuthMe-5.6.0-beta2.jar
2023-04-30 00:04 - 2023-01-29 00:21 - 000001085 _____ C:\Users\Petr\Desktop\.htaccess1
2023-04-29 23:36 - 2023-04-29 23:37 - 005652796 _____ C:\Users\Petr\Downloads\Nameless-2.0.3.zip
2023-04-29 22:34 - 2023-04-29 22:35 - 013444238 _____ C:\Users\Petr\Downloads\nameless-deps-dist (2).zip
2023-04-29 22:18 - 2023-04-29 22:18 - 000507811 _____ C:\Users\Petr\Downloads\Minetrax-1.0.7-alpha (2).jar
2023-04-29 22:08 - 2023-04-29 21:00 - 000001254 _____ C:\Users\Petr\Documents\.htaccess
2023-04-29 21:41 - 2023-04-29 21:41 - 000271797 _____ C:\Users\Petr\Downloads\Blue-Stats-Minecraft-master.zip
2023-04-29 21:33 - 2023-04-29 21:33 - 000033032 _____ C:\Users\Petr\Downloads\Minecraft-web-template-main.zip
2023-04-29 21:29 - 2023-04-29 21:30 - 033190102 _____ C:\Users\Petr\Downloads\Multipage-Minecraft-Website-master.zip
2023-04-29 21:02 - 2023-04-29 21:02 - 000000000 ____D C:\Users\Petr\Downloads\herocraft-webcms-master
2023-04-29 21:00 - 2023-04-29 21:14 - 000000535 _____ C:\Users\Petr\Desktop\index.php
2023-04-29 20:51 - 2023-04-29 20:51 - 006304117 _____ C:\Users\Petr\Downloads\herocraft-webcms-master.zip
2023-04-29 20:47 - 2023-04-29 20:47 - 003042396 _____ C:\Users\Petr\Downloads\EssentialsX-2.20.0-dev+58-84fd45b.jar
2023-04-29 20:32 - 2023-04-29 20:32 - 000000008 _____ C:\ProgramData\ntuser.pol
2023-04-29 20:30 - 2023-05-09 14:36 - 000000000 ____D C:\Users\Petr\Downloads\FRST-OlderVersion
2023-04-29 20:30 - 2023-04-29 20:32 - 000005518 _____ C:\Users\Petr\Downloads\Fixlog.txt
2023-04-27 19:07 - 2023-04-27 19:08 - 003677569 _____ C:\Users\Petr\Downloads\AdvancedMobs-1.4.4.jar
2023-04-27 18:52 - 2023-04-27 18:52 - 003951929 _____ C:\Users\Petr\Downloads\ViaVersion-4.6.2.jar
2023-04-27 18:51 - 2023-04-27 18:51 - 000893081 _____ C:\Users\Petr\Downloads\ViaBackwards-4.6.1.jar
2023-04-27 18:43 - 2023-04-27 18:43 - 003679223 _____ C:\Users\Petr\Downloads\Citizens.jar
2023-04-27 18:43 - 2023-04-27 18:43 - 000272259 _____ C:\Users\Petr\Downloads\Vault.jar
2023-04-27 18:43 - 2023-04-27 18:43 - 000080410 _____ C:\Users\Petr\Downloads\CommandNPC Reloaded v0.96.jar
2023-04-26 22:02 - 2023-04-26 22:02 - 000082516 _____ C:\Users\Petr\Downloads\CommandNPC-1.9.1.jar
2023-04-26 21:23 - 2023-04-26 21:26 - 000013239 _____ C:\Users\Petr\Documents\Maly.yml
2023-04-26 21:04 - 2023-04-26 21:04 - 002749310 _____ C:\Users\Petr\Downloads\SkinsRestorer.jar
2023-04-26 21:00 - 2018-03-24 17:37 - 000023547 _____ C:\Users\Petr\Documents\Velky.yml
2023-04-26 20:02 - 2023-04-26 20:03 - 000929541 _____ C:\Users\Petr\Downloads\PlaceholderAPI-2.11.3.jar
2023-04-26 20:00 - 2023-04-26 20:00 - 003778171 _____ C:\Users\Petr\Downloads\DeluxeMenus-1.13.7-Release.jar
2023-04-26 20:00 - 2023-04-26 20:00 - 000550533 _____ C:\Users\Petr\Downloads\CrazyCrates+Paper+1.11.14.3.jar
2023-04-26 19:45 - 2023-04-26 19:46 - 003042389 _____ C:\Users\Petr\Downloads\EssentialsX-2.20.0-dev+56-fd49b70.jar
2023-04-26 19:45 - 2023-04-26 19:46 - 000018135 _____ C:\Users\Petr\Downloads\EssentialsXSpawn-2.20.0-dev+56-fd49b70.jar
2023-04-26 19:45 - 2023-04-26 19:45 - 000017787 _____ C:\Users\Petr\Downloads\EssentialsXChat-2.20.0-dev+56-fd49b70.jar
2023-04-22 03:18 - 2023-04-22 03:18 - 000000985 _____ C:\Users\Petr\Desktop\Puran File Recovery.lnk
2023-04-22 03:18 - 2023-04-22 03:18 - 000000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Puran File Recovery
2023-04-22 03:18 - 2023-04-22 03:18 - 000000000 ____D C:\Program Files\Puran File Recovery
2023-04-22 03:17 - 2023-04-22 03:17 - 013781416 _____ C:\Users\Petr\Downloads\puran-file-recovery.exe
2023-04-22 02:48 - 2023-04-22 02:35 - 000002404 _____ C:\Users\Petr\Documents\.env
2023-04-22 00:44 - 2023-04-29 23:03 - 000000128 _____ C:\Users\Petr\AppData\Local\PUTTY.RND
2023-04-22 00:43 - 2023-04-22 00:43 - 003705856 _____ C:\Users\Petr\Downloads\putty-64bit-0.78-installer.msi
2023-04-22 00:43 - 2023-04-22 00:43 - 001647912 _____ (Simon Tatham) C:\Users\Petr\Downloads\putty.exe
2023-04-22 00:27 - 2023-04-22 00:27 - 000506864 _____ C:\Users\Petr\Downloads\Minetrax-1.0.5-alpha.jar
2023-04-22 00:23 - 2023-04-22 00:23 - 000507811 _____ C:\Users\Petr\Downloads\Minetrax-1.0.7-alpha (1).jar
2023-04-21 23:54 - 2023-04-21 23:55 - 050121601 _____ C:\Users\Petr\Downloads\minetrax-main.zip
2023-04-21 23:53 - 2023-04-21 23:53 - 000507811 _____ C:\Users\Petr\Downloads\Minetrax-1.0.7-alpha.jar
2023-04-21 23:46 - 2023-04-21 23:46 - 000515778 _____ C:\Users\Petr\Downloads\Minecraft-2.rar
2023-04-21 23:22 - 2023-04-22 02:16 - 000000000 ____D C:\Users\Petr\Desktop\testdisk-7.2-WIP
2023-04-21 23:22 - 2023-04-21 23:22 - 027348445 _____ C:\Users\Petr\Downloads\testdisk-7.2-WIP.win64.zip
2023-04-21 23:20 - 2023-04-21 23:20 - 000000000 ____D C:\Program Files (x86)\Tenorshare
2023-04-21 23:19 - 2023-04-21 23:19 - 002329352 _____ (Tenorshare Co., Ltd.) C:\Users\Petr\Downloads\tenorshare-4ddig-for-windows.exe
2023-04-21 22:37 - 2023-04-21 22:37 - 000001699 _____ C:\Users\Public\Desktop\Recuva.lnk
2023-04-21 22:37 - 2023-04-21 22:37 - 000000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Recuva
2023-04-21 22:36 - 2023-04-21 22:36 - 011897288 _____ (Piriform Software Ltd) C:\Users\Petr\Downloads\rcsetup153 (1).exe
2023-04-16 20:46 - 2023-04-16 20:46 - 000946246 _____ C:\Users\Petr\Downloads\Jobs5.1.2.2.jar
2023-04-16 20:46 - 2023-04-16 20:46 - 000789827 _____ C:\Users\Petr\Downloads\CMILib1.2.5.3.jar
2023-04-16 20:42 - 2023-04-16 20:42 - 000012162 _____ C:\Users\Petr\Downloads\ChestLock.jar
2023-04-16 20:41 - 2023-04-16 20:42 - 004665139 _____ C:\Users\Petr\Downloads\EssentialsXDiscord-2.19.7.jar
2023-04-16 20:41 - 2023-04-16 20:41 - 000027011 _____ C:\Users\Petr\Downloads\EssentialsXChat-2.19.7.jar
2023-04-16 20:41 - 2023-04-16 20:41 - 000018119 _____ C:\Users\Petr\Downloads\EssentialsXSpawn-2.19.7.jar
2023-04-16 20:06 - 2023-04-16 20:06 - 002967611 _____ C:\Users\Petr\Downloads\EssentialsX-2.19.7.jar
2023-04-16 17:16 - 2023-04-16 17:16 - 048047071 _____ C:\Users\Petr\Downloads\server (3).jar
2023-04-16 17:03 - 2023-04-16 17:05 - 024579431 _____ C:\Users\Petr\Downloads\client.jar
2023-04-16 17:03 - 2023-04-16 17:03 - 047569659 _____ C:\Users\Petr\Downloads\server (2).jar
2023-04-16 17:00 - 2023-04-16 17:00 - 048047203 _____ C:\Users\Petr\Downloads\server (1).jar
2023-04-16 16:56 - 2023-04-16 16:56 - 048047071 _____ C:\Users\Petr\Downloads\server.jar
2023-04-15 00:25 - 2023-04-15 00:25 - 000000354 _____ C:\Users\Petr\Desktop\Fortnite.url
2023-04-14 23:42 - 2023-04-14 23:42 - 000126739 _____ C:\Users\Petr\Downloads\trvale-nasledky-simplea-12-2022_16709378291901.pdf
2023-04-14 23:41 - 2023-04-14 23:41 - 000172218 _____ C:\Users\Petr\Downloads\simplea-aktualni-smlouva-a4-web-muz-202212-28_16726618889974.pdf
2023-04-14 23:10 - 2023-04-14 23:10 - 000164301 _____ C:\Users\Petr\Downloads\potvrzeni_sjednani.zip
2023-04-13 14:35 - 2023-04-13 14:35 - 000000000 ___HD C:\$WinREAgent
2023-04-12 22:09 - 2023-04-12 22:09 - 000159959 _____ C:\Users\Petr\Downloads\informace_pro_zajemce_o_pojisteni.pdf
2023-04-12 22:08 - 2023-04-12 22:08 - 000080618 _____ C:\Users\Petr\Downloads\zakladni_informace_o_produktu_IPID.pdf

==================== One month (modified) ==================

(If an entry is included in the fixlist, the file/folder will be moved.)

2023-05-09 14:37 - 2023-02-04 02:44 - 000023465 _____ C:\Users\Petr\Downloads\FRST.txt
2023-05-09 14:37 - 2022-10-21 20:20 - 000000000 ____D C:\Program Files (x86)\Google
2023-05-09 14:36 - 2023-02-04 02:44 - 000000000 ____D C:\FRST
2023-05-09 14:36 - 2023-02-04 02:43 - 002382848 _____ (Farbar) C:\Users\Petr\Downloads\FRST64.exe
2023-05-09 14:24 - 2022-10-20 22:21 - 000000000 ____D C:\WINDOWS\system32\SleepStudy
2023-05-09 14:05 - 2022-10-20 23:09 - 000000000 ____D C:\ProgramData\regid.1991-06.com.microsoft
2023-05-09 14:03 - 2022-12-01 23:24 - 000000000 ____D C:\Users\Petr\AppData\Roaming\Spotify
2023-05-09 14:00 - 2022-10-28 02:12 - 000000000 ____D C:\Program Files\CCleaner
2023-05-09 02:23 - 2022-10-21 20:21 - 000002247 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Google Chrome.lnk
2023-05-09 02:23 - 2022-10-21 20:21 - 000002206 _____ C:\Users\Public\Desktop\Google Chrome.lnk
2023-05-09 01:11 - 2022-12-01 23:25 - 000000000 ____D C:\Users\Petr\AppData\Local\Spotify
2023-05-09 00:58 - 2022-10-20 23:09 - 000000000 ___HD C:\Program Files\WindowsApps
2023-05-09 00:58 - 2022-10-20 23:09 - 000000000 ____D C:\WINDOWS\AppReadiness
2023-05-08 20:18 - 2022-10-20 22:24 - 000002274 _____ C:\Users\Public\Desktop\Microsoft Edge.lnk
2023-05-08 20:18 - 2020-08-29 04:00 - 000002436 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Microsoft Edge.lnk
2023-05-08 20:14 - 2022-11-19 16:44 - 000000000 ____D C:\Users\Petr\AppData\Roaming\discord
2023-05-07 15:06 - 2022-12-27 17:50 - 000000000 ____D C:\Users\Petr\AppData\Local\Discord
2023-05-07 11:34 - 2022-10-20 23:06 - 000000000 ____D C:\Program Files\Microsoft Update Health Tools
2023-05-07 11:34 - 2022-10-20 22:43 - 000000000 ____D C:\Users\Petr\AppData\Local\D3DSCache
2023-05-06 17:33 - 2022-10-27 22:59 - 000000000 ____D C:\Program Files\Microsoft OneDrive
2023-05-06 17:33 - 2022-10-27 20:48 - 000003194 _____ C:\WINDOWS\system32\Tasks\OneDrive Per-Machine Standalone Update Task
2023-05-06 17:33 - 2022-10-27 20:48 - 000002130 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Programs\OneDrive.lnk
2023-05-06 17:33 - 2022-10-20 22:44 - 000003596 _____ C:\WINDOWS\system32\Tasks\OneDrive Reporting Task-S-1-5-21-3530969050-2372270893-3854167380-1001
2023-05-05 00:12 - 2022-10-20 23:11 - 000718024 _____ C:\WINDOWS\system32\perfh005.dat
2023-05-05 00:12 - 2022-10-20 23:11 - 000145166 _____ C:\WINDOWS\system32\perfc005.dat
2023-05-05 00:12 - 2022-10-20 23:08 - 000000000 ____D C:\WINDOWS\INF
2023-05-05 00:12 - 2022-10-20 22:37 - 001693140 _____ C:\WINDOWS\system32\PerfStringBackup.INI
2023-05-05 00:05 - 2018-08-07 10:59 - 000000000 __SHD C:\Users\Petr\IntelGraphicsProfiles
2023-05-04 19:04 - 2022-10-20 23:05 - 000524288 _____ C:\WINDOWS\system32\config\BBI
2023-05-04 19:04 - 2022-10-20 22:24 - 000000006 ____H C:\WINDOWS\Tasks\SA.DAT
2023-05-04 19:04 - 2020-10-17 02:13 - 000008192 ___SH C:\DumpStack.log.tmp
2023-05-04 19:02 - 2022-10-20 23:09 - 000000000 ___RD C:\WINDOWS\PrintDialog
2023-05-04 19:02 - 2022-10-20 23:09 - 000000000 ___RD C:\WINDOWS\ImmersiveControlPanel
2023-05-04 18:52 - 2022-12-04 21:25 - 000001527 _____ C:\WINDOWS\system32\config\VSMIDK
2023-05-04 18:37 - 2022-10-20 22:24 - 000000000 ____D C:\WINDOWS\system32\Drivers\wd
2023-05-04 18:35 - 2022-10-27 20:37 - 000000000 ____D C:\Program Files\Microsoft Office
2023-05-04 18:27 - 2022-12-27 17:50 - 000002226 _____ C:\Users\Petr\Desktop\Discord.lnk
2023-05-04 18:25 - 2022-10-28 02:12 - 000000760 _____ C:\WINDOWS\Tasks\CCleanerCrashReporting.job
2023-05-04 18:24 - 2022-10-20 23:05 - 000000000 ____D C:\WINDOWS\CbsTemp
2023-05-02 16:07 - 2022-10-28 02:12 - 000003936 _____ C:\WINDOWS\system32\Tasks\CCleaner Update
2023-05-02 16:07 - 2022-10-28 02:12 - 000003476 _____ C:\WINDOWS\system32\Tasks\CCleanerCrashReporting
2023-05-01 18:49 - 2022-11-19 17:16 - 000000000 ____D C:\Users\Petr\AppData\Roaming\.tlauncher
2023-05-01 18:49 - 2022-10-20 22:45 - 000000000 ____D C:\Users\Petr\AppData\Local\PlaceholderTileLogoFolder
2023-05-01 18:49 - 2022-10-20 22:41 - 000000000 ____D C:\Users\Petr\AppData\Local\Packages
2023-04-30 01:52 - 2022-11-19 17:14 - 000000000 ____D C:\Users\Petr\AppData\Roaming\.minecraft
2023-04-29 20:47 - 2022-12-27 17:54 - 000000128 _____ C:\Users\Petr\AppData\Roaming\winscp.rnd
2023-04-29 20:30 - 2022-10-20 23:09 - 000000000 ___HD C:\WINDOWS\system32\GroupPolicy
2023-04-29 20:30 - 2022-10-20 23:09 - 000000000 ____D C:\WINDOWS\SysWOW64\GroupPolicy
2023-04-29 20:30 - 2018-08-08 11:53 - 000000000 ____D C:\Users\Petr\AppData\LocalLow\Temp
2023-04-22 06:11 - 2022-10-15 07:38 - 000000000 ____D C:\Users\Petr\Desktop\miflash
2023-04-21 23:12 - 2022-12-19 23:03 - 000000000 ____D C:\Program Files\Recuva
2023-04-15 03:46 - 2022-11-12 03:03 - 000000000 ___SD C:\WINDOWS\system32\lxss
2023-04-15 03:46 - 2022-10-20 23:09 - 000000000 ____D C:\WINDOWS\SysWOW64\WinMetadata
2023-04-15 03:46 - 2022-10-20 23:09 - 000000000 ____D C:\WINDOWS\SysWOW64\Dism
2023-04-15 03:46 - 2022-10-20 23:09 - 000000000 ____D C:\WINDOWS\SystemResources
2023-04-15 03:46 - 2022-10-20 23:09 - 000000000 ____D C:\WINDOWS\system32\WinMetadata
2023-04-15 03:46 - 2022-10-20 23:09 - 000000000 ____D C:\WINDOWS\system32\oobe
2023-04-15 03:46 - 2022-10-20 23:09 - 000000000 ____D C:\WINDOWS\system32\es-MX
2023-04-15 03:46 - 2022-10-20 23:09 - 000000000 ____D C:\WINDOWS\system32\Dism
2023-04-15 03:46 - 2022-10-20 23:09 - 000000000 ____D C:\WINDOWS\system32\DDFs
2023-04-15 03:46 - 2022-10-20 23:09 - 000000000 ____D C:\WINDOWS\PolicyDefinitions
2023-04-15 03:46 - 2022-10-20 23:09 - 000000000 ____D C:\WINDOWS\bcastdvr
2023-04-15 03:46 - 2022-10-20 22:21 - 000441560 _____ C:\WINDOWS\system32\FNTCACHE.DAT
2023-04-15 01:23 - 2022-11-19 17:12 - 002790904 _____ (Microsoft Corporation) C:\WINDOWS\system32\xgameruntime.dll
2023-04-15 01:23 - 2022-11-19 17:12 - 000247248 _____ (Microsoft Corporation) C:\WINDOWS\system32\gamingservicesproxy.dll
2023-04-15 01:23 - 2022-11-19 17:12 - 000131072 _____ (Microsoft Corporation) C:\WINDOWS\system32\gamingtcuihelpers.dll
2023-04-15 01:23 - 2022-11-19 17:12 - 000079352 _____ (Microsoft Corporation) C:\WINDOWS\system32\xgamehelper.exe
2023-04-15 01:23 - 2022-11-19 17:12 - 000062968 _____ (Microsoft Corporation) C:\WINDOWS\system32\xgamecontrol.exe
2023-04-15 01:22 - 2022-11-19 17:12 - 000484856 _____ (Microsoft Corporation) C:\WINDOWS\system32\gameplatformservices.dll
2023-04-15 01:22 - 2022-11-19 17:12 - 000202232 _____ (Microsoft Corporation) C:\WINDOWS\system32\gameconfighelper.dll
2023-04-15 01:22 - 2022-11-19 17:12 - 000165368 _____ (Microsoft Corporation) C:\WINDOWS\system32\gamelaunchhelper.dll
2023-04-14 23:16 - 2023-02-04 02:45 - 000031605 _____ C:\Users\Petr\Downloads\Addition.txt
2023-04-13 14:45 - 2022-10-20 22:26 - 003015680 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\PrintConfig.dll
2023-04-13 14:33 - 2022-10-20 22:56 - 000000000 ____D C:\WINDOWS\system32\MRT
2023-04-13 14:30 - 2022-10-20 22:56 - 156112424 ____C (Microsoft Corporation) C:\WINDOWS\system32\MRT.exe
2023-04-11 19:29 - 2022-10-20 22:24 - 000003640 _____ C:\WINDOWS\system32\Tasks\MicrosoftEdgeUpdateTaskMachineUA
2023-04-11 19:29 - 2022-10-20 22:24 - 000003516 _____ C:\WINDOWS\system32\Tasks\MicrosoftEdgeUpdateTaskMachineCore

==================== Files in the root of some directories ========

2020-10-07 12:39 - 2020-10-07 12:40 - 000050741 _____ () C:\Users\Petr\ntuserdirect_MyManager.dat
2022-12-27 17:54 - 2023-04-29 20:47 - 000000128 _____ () C:\Users\Petr\AppData\Roaming\winscp.rnd
2023-04-22 00:44 - 2023-04-29 23:03 - 000000128 _____ () C:\Users\Petr\AppData\Local\PUTTY.RND

==================== SigCheck ============================

(There is no automatic fix for files that do not pass verification.)

==================== End of FRST.txt ========================

-------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------
Additional scan result of Farbar Recovery Scan Tool (x64) Version: 08-05-2023
Ran by Petr (09-05-2023 14:37:53)
Running from C:\Users\Petr\Downloads
Microsoft Windows 10 Home Version 22H2 19045.2846 (X64) (2022-10-20 20:41:18)
Boot Mode: Normal
==========================================================


==================== Accounts: =============================


(If an entry is included in the fixlist, it will be removed.)

Administrator (S-1-5-21-3530969050-2372270893-3854167380-500 - Administrator - Disabled)
DefaultAccount (S-1-5-21-3530969050-2372270893-3854167380-503 - Limited - Disabled)
defaultuser0 (S-1-5-21-3530969050-2372270893-3854167380-1000 - Limited - Disabled)
Guest (S-1-5-21-3530969050-2372270893-3854167380-501 - Limited - Disabled)
Petr (S-1-5-21-3530969050-2372270893-3854167380-1001 - Administrator - Enabled) => C:\Users\Petr
WDAGUtilityAccount (S-1-5-21-3530969050-2372270893-3854167380-504 - Limited - Disabled)

==================== Security Center ========================

(If an entry is included in the fixlist, it will be removed.)

AV: Windows Defender (Enabled - Up to date) {D68DDC3A-831F-4fae-9E44-DA132C1ACF46}

==================== Installed Programs ======================

(Only the adware programs with "Hidden" flag could be added to the fixlist to unhide them. The adware programs should be uninstalled manually.)

CCleaner (HKLM\...\CCleaner) (Version: 6.11 - Piriform)
Discord (HKU\S-1-5-21-3530969050-2372270893-3854167380-1001\...\Discord) (Version: 1.0.9008 - Discord Inc.)
Epic Games Launcher (HKLM-x32\...\{C027033D-F5BC-4556-B302-84E6EC6BD4D4}) (Version: 1.3.67.0 - Epic Games, Inc.)
Epic Games Launcher Prerequisites (x64) (HKLM\...\{F9C5C994-F6B9-4D75-B3E7-AD01B84073E9}) (Version: 1.0.0.0 - Epic Games, Inc.) Hidden
Epic Online Services (HKLM-x32\...\{4757C19B-4CE3-418C-91D2-E15E938091FB}) (Version: 2.0.39.0 - Epic Games, Inc.)
Google Chrome (HKLM-x32\...\Google Chrome) (Version: 112.0.5615.140 - Google LLC)
Intel® Hardware Accelerated Execution Manager (HKLM\...\HAXM) (Version: 7.6.5 - Intel Corporation)
Java 8 Update 351 (64-bit) (HKLM\...\{26A24AE4-039D-4CA4-87B4-2F64180351F0}) (Version: 8.0.3510.10 - Oracle Corporation)
Kontrola stavu osobního počítače s Windows (HKLM\...\{D1F15F7A-707A-42BD-BE6B-3380616F796D}) (Version: 3.6.2204.08001 - Microsoft Corporation)
Launcher Prerequisites (x64) (HKLM-x32\...\{43a03b9c-4770-409c-a999-587b60700b63}) (Version: 1.0.0.0 - Epic Games, Inc.) Hidden
Malwarebytes version 4.5.27.262 (HKLM\...\{35065F43-4BB2-439A-BFF7-0F1014F2E0CD}_is1) (Version: 4.5.27.262 - Malwarebytes)
Microsoft 365 Apps pro velké organizace - cs-cz (HKLM\...\O365ProPlusRetail - cs-cz) (Version: 16.0.16327.20214 - Microsoft Corporation)
Microsoft Edge (HKLM-x32\...\Microsoft Edge) (Version: 113.0.1774.35 - Microsoft Corporation)
Microsoft Edge WebView2 Runtime (HKLM-x32\...\Microsoft EdgeWebView) (Version: 113.0.1774.35 - Microsoft Corporation)
Microsoft GameInput (HKLM-x32\...\{1F2B6AF3-C260-8666-5950-E3FEDBC851D6}) (Version: 10.1.22621.3036 - Microsoft Corporation)
Microsoft OneDrive (HKLM\...\OneDriveSetup.exe) (Version: 23.081.0416.0001 - Microsoft Corporation)
Microsoft Update Health Tools (HKLM\...\{BB052C53-34CB-42DE-AF41-66FDFCEEC868}) (Version: 3.72.0.0 - Microsoft Corporation)
Microsoft Visual C++ 2010 x64 Redistributable - 10.0.40219 (HKLM\...\{1D8E6291-B0D5-35EC-8441-6616F567A0F7}) (Version: 10.0.40219 - Microsoft Corporation)
Microsoft Visual C++ 2010 x86 Redistributable - 10.0.40219 (HKLM-x32\...\{F0C3E5D1-1ADE-321E-8167-68EF0DE699A5}) (Version: 10.0.40219 - Microsoft Corporation)
Microsoft Visual C++ 2015-2019 Redistributable (x86) - 14.27.29016 (HKLM-x32\...\{1aaa01ad-3069-4288-9c6f-37a140a8f6c7}) (Version: 14.27.29016.0 - Microsoft Corporation)
Microsoft Visual C++ 2019 X86 Additional Runtime - 14.27.29016 (HKLM-x32\...\{5CD4E357-9ED6-42AC-B654-F1FC21DD60C9}) (Version: 14.27.29016 - Microsoft Corporation) Hidden
Microsoft Visual C++ 2019 X86 Minimum Runtime - 14.27.29016 (HKLM-x32\...\{E2C131AD-D30F-4D67-ACE9-B3D485E84DA8}) (Version: 14.27.29016 - Microsoft Corporation) Hidden
Notepad++ (64-bit x64) (HKLM\...\Notepad++) (Version: 8.4.7 - Notepad++ Team)
Office 16 Click-to-Run Extensibility Component (HKLM\...\{90160000-008C-0000-1000-0000000FF1CE}) (Version: 16.0.16130.20218 - Microsoft Corporation) Hidden
Office 16 Click-to-Run Licensing Component (HKLM\...\{90160000-007E-0000-1000-0000000FF1CE}) (Version: 16.0.16327.20200 - Microsoft Corporation) Hidden
Puran File Recovery 1.1 (HKLM\...\Puran File Recovery_is1) (Version: - Puran Software)
Realtek High Definition Audio Driver (HKLM-x32\...\{F132AF7F-7BCA-4EDE-8A7C-958108FE7DBC}) (Version: 6.0.8907.1 - Realtek Semiconductor Corp.)
Recuva (HKLM\...\Recuva) (Version: 1.53 - Piriform)
Spotify (HKU\S-1-5-21-3530969050-2372270893-3854167380-1001\...\Spotify) (Version: 1.2.10.760.g52970952 - Spotify AB)
Steam (HKLM-x32\...\Steam) (Version: 2.10.91.91 - Valve Corporation)
TLauncher (HKLM-x32\...\TLauncher) (Version: 2.86 - TLauncher Inc.)
Windows Subsystem for Linux Update (HKLM\...\{F8474A47-8B5D-4466-ACE3-78EAB3BF21A8}) (Version: 5.10.102.1 - Microsoft Corporation)
WinRAR 6.11 (64-bit) (HKLM\...\WinRAR archiver) (Version: 6.11.0 - win.rar GmbH)
WinSCP 5.21.6 (HKLM-x32\...\winscp3_is1) (Version: 5.21.6 - Martin Prikryl)

Packages:
=========
Lexmark Printer Home -> C:\Program Files\WindowsApps\58539F3C.LexmarkPrinterHome_3.0.73.0_neutral__xyj5e99tmxdva [2023-05-01] (Lexmark International, Inc.)
Minecraft Launcher -> C:\Program Files\WindowsApps\Microsoft.4297127D64EC6_1.2.4.0_x64__8wekyb3d8bbwe [2023-03-22] (Microsoft Studios)
Solitaire & Casual Games -> C:\Program Files\WindowsApps\Microsoft.MicrosoftSolitaireCollection_4.16.3140.0_x64__8wekyb3d8bbwe [2023-03-22] (Microsoft Studios) [MS Ad]
Terminál Windows Preview -> C:\Program Files\WindowsApps\Microsoft.WindowsTerminalPreview_1.17.10234.0_x64__8wekyb3d8bbwe [2023-01-27] (Microsoft Corporation) [Startup Task]
Windows Package Manager Source (winget) -> C:\Program Files\WindowsApps\Microsoft.Winget.Source_2022.1204.1918.76_neutral__8wekyb3d8bbwe [2022-12-04] (Microsoft Corporation)

==================== Custom CLSID (Whitelisted): ==============

(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)

ShellIconOverlayIdentifiers: [ OneDrive1] -> {BBACC218-34EA-4666-9D7A-C78F2274A524} => C:\Program Files\Microsoft OneDrive\23.081.0416.0001\FileSyncShell64.dll [2023-05-06] (Microsoft Corporation -> Microsoft Corporation)
ShellIconOverlayIdentifiers: [ OneDrive2] -> {5AB7172C-9C11-405C-8DD5-AF20F3606282} => C:\Program Files\Microsoft OneDrive\23.081.0416.0001\FileSyncShell64.dll [2023-05-06] (Microsoft Corporation -> Microsoft Corporation)
ShellIconOverlayIdentifiers: [ OneDrive3] -> {A78ED123-AB77-406B-9962-2A5D9D2F7F30} => C:\Program Files\Microsoft OneDrive\23.081.0416.0001\FileSyncShell64.dll [2023-05-06] (Microsoft Corporation -> Microsoft Corporation)
ShellIconOverlayIdentifiers: [ OneDrive4] -> {F241C880-6982-4CE5-8CF7-7085BA96DA5A} => C:\Program Files\Microsoft OneDrive\23.081.0416.0001\FileSyncShell64.dll [2023-05-06] (Microsoft Corporation -> Microsoft Corporation)
ShellIconOverlayIdentifiers: [ OneDrive5] -> {A0396A93-DC06-4AEF-BEE9-95FFCCAEF20E} => C:\Program Files\Microsoft OneDrive\23.081.0416.0001\FileSyncShell64.dll [2023-05-06] (Microsoft Corporation -> Microsoft Corporation)
ShellIconOverlayIdentifiers: [ OneDrive6] -> {9AA2F32D-362A-42D9-9328-24A483E2CCC3} => C:\Program Files\Microsoft OneDrive\23.081.0416.0001\FileSyncShell64.dll [2023-05-06] (Microsoft Corporation -> Microsoft Corporation)
ShellIconOverlayIdentifiers: [ OneDrive7] -> {C5FF006E-2AE9-408C-B85B-2DFDD5449D9C} => C:\Program Files\Microsoft OneDrive\23.081.0416.0001\FileSyncShell64.dll [2023-05-06] (Microsoft Corporation -> Microsoft Corporation)
ShellIconOverlayIdentifiers-x32: [ OneDrive1] -> {BBACC218-34EA-4666-9D7A-C78F2274A524} => C:\Program Files\Microsoft OneDrive\23.081.0416.0001\FileSyncShell64.dll [2023-05-06] (Microsoft Corporation -> Microsoft Corporation)
ShellIconOverlayIdentifiers-x32: [ OneDrive2] -> {5AB7172C-9C11-405C-8DD5-AF20F3606282} => C:\Program Files\Microsoft OneDrive\23.081.0416.0001\FileSyncShell64.dll [2023-05-06] (Microsoft Corporation -> Microsoft Corporation)
ShellIconOverlayIdentifiers-x32: [ OneDrive3] -> {A78ED123-AB77-406B-9962-2A5D9D2F7F30} => C:\Program Files\Microsoft OneDrive\23.081.0416.0001\FileSyncShell64.dll [2023-05-06] (Microsoft Corporation -> Microsoft Corporation)
ShellIconOverlayIdentifiers-x32: [ OneDrive4] -> {F241C880-6982-4CE5-8CF7-7085BA96DA5A} => C:\Program Files\Microsoft OneDrive\23.081.0416.0001\FileSyncShell64.dll [2023-05-06] (Microsoft Corporation -> Microsoft Corporation)
ShellIconOverlayIdentifiers-x32: [ OneDrive5] -> {A0396A93-DC06-4AEF-BEE9-95FFCCAEF20E} => C:\Program Files\Microsoft OneDrive\23.081.0416.0001\FileSyncShell64.dll [2023-05-06] (Microsoft Corporation -> Microsoft Corporation)
ShellIconOverlayIdentifiers-x32: [ OneDrive6] -> {9AA2F32D-362A-42D9-9328-24A483E2CCC3} => C:\Program Files\Microsoft OneDrive\23.081.0416.0001\FileSyncShell64.dll [2023-05-06] (Microsoft Corporation -> Microsoft Corporation)
ShellIconOverlayIdentifiers-x32: [ OneDrive7] -> {C5FF006E-2AE9-408C-B85B-2DFDD5449D9C} => C:\Program Files\Microsoft OneDrive\23.081.0416.0001\FileSyncShell64.dll [2023-05-06] (Microsoft Corporation -> Microsoft Corporation)
ContextMenuHandlers1: [ FileSyncEx] -> {CB3D0F55-BC2C-4C1A-85ED-23ED75B5106B} => C:\Program Files\Microsoft OneDrive\23.081.0416.0001\FileSyncShell64.dll [2023-05-06] (Microsoft Corporation -> Microsoft Corporation)
ContextMenuHandlers1: [ANotepad++64] -> {B298D29A-A6ED-11DE-BA8C-A68E55D89593} => C:\Program Files\Notepad++\NppShell_06.dll [2022-11-08] (Notepad++ -> )
ContextMenuHandlers1: [WinRAR] -> {B41DB860-64E4-11D2-9906-E49FADC173CA} => D:\winrar\rarext.dll [2022-03-03] (win.rar GmbH -> Alexander Roshal)
ContextMenuHandlers1-x32: [WinRAR32] -> {B41DB860-8EE4-11D2-9906-E49FADC173CA} => D:\winrar\rarext32.dll [2022-03-03] (win.rar GmbH -> Alexander Roshal)
ContextMenuHandlers3: [MBAMShlExt] -> {57CE581A-0CB6-4266-9CA0-19364C90A0B3} => C:\Program Files\Malwarebytes\Anti-Malware\mbshlext.dll [2023-03-07] (Malwarebytes Inc. -> Malwarebytes)
ContextMenuHandlers4: [ FileSyncEx] -> {CB3D0F55-BC2C-4C1A-85ED-23ED75B5106B} => C:\Program Files\Microsoft OneDrive\23.081.0416.0001\FileSyncShell64.dll [2023-05-06] (Microsoft Corporation -> Microsoft Corporation)
ContextMenuHandlers4: [RecuvaShellExt] -> {435E5DF5-2510-463C-B223-BDA47006D002} => C:\Program Files\Recuva\RecuvaShell64.dll [2022-06-15] (Piriform Software Ltd -> Piriform Software Ltd)
ContextMenuHandlers5: [ FileSyncEx] -> {CB3D0F55-BC2C-4C1A-85ED-23ED75B5106B} => C:\Program Files\Microsoft OneDrive\23.081.0416.0001\FileSyncShell64.dll [2023-05-06] (Microsoft Corporation -> Microsoft Corporation)
ContextMenuHandlers5: [igfxDTCM] -> {9B5F5829-A529-4B12-814A-E81BCB8D93FC} => C:\WINDOWS\System32\DriverStore\FileRepository\igdlh64.inf_amd64_4b34c18659561116\igfxDTCM.dll [2019-02-23] (Microsoft Windows Hardware Compatibility Publisher -> Intel Corporation)
ContextMenuHandlers6: [MBAMShlExt] -> {57CE581A-0CB6-4266-9CA0-19364C90A0B3} => C:\Program Files\Malwarebytes\Anti-Malware\mbshlext.dll [2023-03-07] (Malwarebytes Inc. -> Malwarebytes)
ContextMenuHandlers6: [RecuvaShellExt] -> {435E5DF5-2510-463C-B223-BDA47006D002} => C:\Program Files\Recuva\RecuvaShell64.dll [2022-06-15] (Piriform Software Ltd -> Piriform Software Ltd)
ContextMenuHandlers6: [WinRAR] -> {B41DB860-64E4-11D2-9906-E49FADC173CA} => D:\winrar\rarext.dll [2022-03-03] (win.rar GmbH -> Alexander Roshal)
ContextMenuHandlers6-x32: [WinRAR32] -> {B41DB860-8EE4-11D2-9906-E49FADC173CA} => D:\winrar\rarext32.dll [2022-03-03] (win.rar GmbH -> Alexander Roshal)

==================== Codecs (Whitelisted) ====================

==================== Shortcuts & WMI ========================

(The entries could be listed to be restored or removed.)

ShortcutWithArgument: C:\Users\Petr\Desktop\Petr (Osoba 1) - Chrome.lnk -> C:\Program Files\Google\Chrome\Application\chrome.exe (Google LLC) -> --profile-directory="Default"

==================== Loaded Modules (Whitelisted) =============

==================== Alternate Data Streams (Whitelisted) ========

==================== Safe Mode (Whitelisted) ==================

(If an entry is included in the fixlist, it will be removed from the registry. The "AlternateShell" will be restored.)

HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\MBAMService => ""="Service"
HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Network\MBAMService => ""="Service"

==================== Association (Whitelisted) =================

==================== Internet Explorer (Whitelisted) ==========

SearchScopes: HKLM -> DefaultScope value is missing
SearchScopes: HKLM-x32 -> DefaultScope {0633EE93-D776-472f-A0FF-E1416B8B2E3A} URL =
BHO: Skype for Business Browser Helper -> {31D09BA0-12F5-4CCE-BE8A-2923E76605DA} -> C:\Program Files\Microsoft Office\root\Office16\OCHelper.dll [2023-02-01] (Microsoft Corporation -> Microsoft Corporation)
BHO: Java(tm) Plug-In SSV Helper -> {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} -> C:\Program Files\Java\jre1.8.0_351\bin\ssv.dll [2022-11-19] (Oracle America, Inc. -> Oracle Corporation)
BHO: Java(tm) Plug-In 2 SSV Helper -> {DBC80044-A445-435b-BC74-9C25C1C588A9} -> C:\Program Files\Java\jre1.8.0_351\bin\jp2ssv.dll [2022-11-19] (Oracle America, Inc. -> Oracle Corporation)
BHO-x32: Skype for Business Browser Helper -> {31D09BA0-12F5-4CCE-BE8A-2923E76605DA} -> C:\Program Files\Microsoft Office\root\VFS\ProgramFilesX86\Microsoft Office\Office16\OCHelper.dll [2023-03-03] (Microsoft Corporation -> Microsoft Corporation)
Handler: mso-minsb-roaming.16 - {83C25742-A9F7-49FB-9138-434302C88D07} - C:\Program Files\Microsoft Office\root\Office16\MSOSB.DLL [2023-05-02] (Microsoft Corporation -> Microsoft Corporation)
Handler-x32: mso-minsb-roaming.16 - {83C25742-A9F7-49FB-9138-434302C88D07} - C:\Program Files\Microsoft Office\root\VFS\ProgramFilesX86\Microsoft Office\Office16\MSOSB.DLL [2023-05-02] (Microsoft Corporation -> Microsoft Corporation)
Handler: mso-minsb.16 - {42089D2D-912D-4018-9087-2B87803E93FB} - C:\Program Files\Microsoft Office\root\Office16\MSOSB.DLL [2023-05-02] (Microsoft Corporation -> Microsoft Corporation)
Handler-x32: mso-minsb.16 - {42089D2D-912D-4018-9087-2B87803E93FB} - C:\Program Files\Microsoft Office\root\VFS\ProgramFilesX86\Microsoft Office\Office16\MSOSB.DLL [2023-05-02] (Microsoft Corporation -> Microsoft Corporation)
Handler: osf-roaming.16 - {42089D2D-912D-4018-9087-2B87803E93FB} - C:\Program Files\Microsoft Office\root\Office16\MSOSB.DLL [2023-05-02] (Microsoft Corporation -> Microsoft Corporation)
Handler-x32: osf-roaming.16 - {42089D2D-912D-4018-9087-2B87803E93FB} - C:\Program Files\Microsoft Office\root\VFS\ProgramFilesX86\Microsoft Office\Office16\MSOSB.DLL [2023-05-02] (Microsoft Corporation -> Microsoft Corporation)
Handler: osf.16 - {5504BE45-A83B-4808-900A-3A5C36E7F77A} - C:\Program Files\Microsoft Office\root\Office16\MSOSB.DLL [2023-05-02] (Microsoft Corporation -> Microsoft Corporation)
Handler-x32: osf.16 - {5504BE45-A83B-4808-900A-3A5C36E7F77A} - C:\Program Files\Microsoft Office\root\VFS\ProgramFilesX86\Microsoft Office\Office16\MSOSB.DLL [2023-05-02] (Microsoft Corporation -> Microsoft Corporation)

(If an entry is included in the fixlist, it will be removed from the registry.)

IE trusted site: HKU\S-1-5-21-3530969050-2372270893-3854167380-1001\...\sharepoint.com -> hxxps://olphschool-files.sharepoint.com

==================== Hosts content: =========================

(If needed Hosts: directive could be included in the fixlist to reset Hosts.)

2022-10-20 23:09 - 2023-03-18 04:28 - 000000005 _____ C:\WINDOWS\system32\drivers\etc\hosts

2022-12-04 21:30 - 2022-12-04 21:30 - 000000441 _____ C:\WINDOWS\system32\drivers\etc\hosts.ics
172.21.48.1 DESKTOP-1BAQ5EU.mshome.net # 2027 12 5 3 19 30 47 604

==================== Other Areas ===========================

(Currently there is no automatic fix for this section.)

HKLM\System\CurrentControlSet\Control\Session Manager\Environment\\Path -> C:\Program Files (x86)\Common Files\Oracle\Java\javapath;C:\WINDOWS\system32;C:\WINDOWS;C:\WINDOWS\System32\Wbem;C:\WINDOWS\System32\WindowsPowerShell\v1.0\;C:\WINDOWS\System32\OpenSSH\;C:\Users\Petr\AppData\Local\Microsoft\WindowsApps;C:\adb;C:\pltool;C:\Program Files (x86)\ADB and Fastboot++;
HKU\S-1-5-21-3530969050-2372270893-3854167380-1001\Control Panel\Desktop\\Wallpaper -> C:\Users\Petr\Desktop\72081322_149251539656589_3146703180914491392_o.jpg
DNS Servers: 192.168.31.1
HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Policies\System => (ConsentPromptBehaviorAdmin: 5) (ConsentPromptBehaviorUser: 3) (EnableLUA: 1)
Windows Firewall is enabled.

==================== MSCONFIG/TASK MANAGER disabled items ==

(If an entry is included in the fixlist, it will be removed.)

HKU\S-1-5-21-3530969050-2372270893-3854167380-1001\...\StartupApproved\Run: => "OneDrive"
HKU\S-1-5-21-3530969050-2372270893-3854167380-1001\...\StartupApproved\Run: => "com.squirrel.Teams.Teams"
HKU\S-1-5-21-3530969050-2372270893-3854167380-1001\...\StartupApproved\Run: => "Steam"

==================== FirewallRules (Whitelisted) ================

(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)

FirewallRules: [TCP Query User{28A88EC3-4D7F-4452-9BFD-878011B9BA62}C:\users\petr\appdata\roaming\spotify\spotify.exe] => (Allow) C:\users\petr\appdata\roaming\spotify\spotify.exe (Spotify AB -> Spotify Ltd)
FirewallRules: [UDP Query User{9DF10D7E-4BE2-407A-A5C7-FCBDEB65467B}C:\users\petr\appdata\roaming\spotify\spotify.exe] => (Allow) C:\users\petr\appdata\roaming\spotify\spotify.exe (Spotify AB -> Spotify Ltd)
FirewallRules: [TCP Query User{43E21E59-5081-4C0A-A53B-0509F2757BD9}C:\users\petr\appdata\roaming\spotify\spotify.exe] => (Allow) C:\users\petr\appdata\roaming\spotify\spotify.exe (Spotify AB -> Spotify Ltd)
FirewallRules: [UDP Query User{A5158004-C286-45F6-8968-915F56CA6D53}C:\users\petr\appdata\roaming\spotify\spotify.exe] => (Allow) C:\users\petr\appdata\roaming\spotify\spotify.exe (Spotify AB -> Spotify Ltd)
FirewallRules: [TCP Query User{838BEBC1-E348-420A-A0F8-BBB7743A50E2}C:\program files (x86)\epic games\launcher\engine\binaries\win64\epicwebhelper.exe] => (Allow) C:\program files (x86)\epic games\launcher\engine\binaries\win64\epicwebhelper.exe (Epic Games Inc. -> Epic Games, Inc.)
FirewallRules: [UDP Query User{1E84E632-FFAF-4436-9056-DA9B94C9990B}C:\program files (x86)\epic games\launcher\engine\binaries\win64\epicwebhelper.exe] => (Allow) C:\program files (x86)\epic games\launcher\engine\binaries\win64\epicwebhelper.exe (Epic Games Inc. -> Epic Games, Inc.)
FirewallRules: [{D337C1D8-D219-4543-BFA8-3DECFD6351CA}] => (Allow) C:\Program Files\Microsoft Office\root\Office16\Lync.exe (Microsoft Corporation -> Microsoft Corporation)
FirewallRules: [{FEE0931F-1496-49ED-85FC-C1D6BF46AA3F}] => (Allow) C:\Program Files\Microsoft Office\root\Office16\UcMapi.exe (Microsoft Corporation -> Microsoft Corporation)
FirewallRules: [TCP Query User{811D99F8-94F0-4443-ACD3-82CA4B621AB4}C:\users\petr\appdata\local\packages\microsoft.4297127d64ec6_8wekyb3d8bbwe\localcache\local\runtime\java-runtime-gamma\windows-x64\java-runtime-gamma\bin\javaw.exe] => (Allow) C:\users\petr\appdata\local\packages\microsoft.4297127d64ec6_8wekyb3d8bbwe\localcache\local\runtime\java-runtime-gamma\windows-x64\java-runtime-gamma\bin\javaw.exe
FirewallRules: [UDP Query User{393E4C72-CBFC-478C-9249-A43087EF086D}C:\users\petr\appdata\local\packages\microsoft.4297127d64ec6_8wekyb3d8bbwe\localcache\local\runtime\java-runtime-gamma\windows-x64\java-runtime-gamma\bin\javaw.exe] => (Allow) C:\users\petr\appdata\local\packages\microsoft.4297127d64ec6_8wekyb3d8bbwe\localcache\local\runtime\java-runtime-gamma\windows-x64\java-runtime-gamma\bin\javaw.exe
FirewallRules: [TCP Query User{4DDE7877-9B89-4904-A121-CAD8ECA48241}C:\users\petr\appdata\local\packages\microsoft.4297127d64ec6_8wekyb3d8bbwe\localcache\local\runtime\java-runtime-gamma\windows-x64\java-runtime-gamma\bin\javaw.exe] => (Allow) C:\users\petr\appdata\local\packages\microsoft.4297127d64ec6_8wekyb3d8bbwe\localcache\local\runtime\java-runtime-gamma\windows-x64\java-runtime-gamma\bin\javaw.exe
FirewallRules: [UDP Query User{CC455AE2-639C-4E8D-93A4-CDCE91E6CD7E}C:\users\petr\appdata\local\packages\microsoft.4297127d64ec6_8wekyb3d8bbwe\localcache\local\runtime\java-runtime-gamma\windows-x64\java-runtime-gamma\bin\javaw.exe] => (Allow) C:\users\petr\appdata\local\packages\microsoft.4297127d64ec6_8wekyb3d8bbwe\localcache\local\runtime\java-runtime-gamma\windows-x64\java-runtime-gamma\bin\javaw.exe
FirewallRules: [TCP Query User{091B929F-4A69-4A49-88AC-1D3B11D70F7E}C:\users\petr\appdata\roaming\.tlauncher\jvms\jre1.8.0_281\bin\javaw.exe] => (Allow) C:\users\petr\appdata\roaming\.tlauncher\jvms\jre1.8.0_281\bin\javaw.exe
FirewallRules: [UDP Query User{FC14A3E6-A01D-40D2-812A-3BB03EBDE45C}C:\users\petr\appdata\roaming\.tlauncher\jvms\jre1.8.0_281\bin\javaw.exe] => (Allow) C:\users\petr\appdata\roaming\.tlauncher\jvms\jre1.8.0_281\bin\javaw.exe
FirewallRules: [TCP Query User{A6026BA1-1FAA-4F2E-A344-6C26E8249E88}C:\users\petr\appdata\roaming\.minecraft\runtime\java-runtime-gamma\windows\java-runtime-gamma\bin\javaw.exe] => (Allow) C:\users\petr\appdata\roaming\.minecraft\runtime\java-runtime-gamma\windows\java-runtime-gamma\bin\javaw.exe
FirewallRules: [UDP Query User{D86C59E9-6C54-4F1A-8AF3-BABCDFCD8B32}C:\users\petr\appdata\roaming\.minecraft\runtime\java-runtime-gamma\windows\java-runtime-gamma\bin\javaw.exe] => (Allow) C:\users\petr\appdata\roaming\.minecraft\runtime\java-runtime-gamma\windows\java-runtime-gamma\bin\javaw.exe
FirewallRules: [{4233DEC9-B699-48E2-82C3-844E3C6F9409}] => (Allow) C:\Users\Petr\Downloads\tenorshare-4ddig-for-windows.exe (Tenorshare Co., Ltd. -> Tenorshare Co., Ltd.)
FirewallRules: [{F2EC0FC0-1216-41E9-B366-7357835FD89B}] => (Allow) C:\Users\Petr\Downloads\tenorshare-4ddig-for-windows.exe (Tenorshare Co., Ltd. -> Tenorshare Co., Ltd.)
FirewallRules: [TCP Query User{277EC340-69A5-4EDD-821F-AF1BB4402D28}C:\users\petr\appdata\local\packages\microsoft.4297127d64ec6_8wekyb3d8bbwe\localcache\local\runtime\java-runtime-alpha\windows-x64\java-runtime-alpha\bin\javaw.exe] => (Allow) C:\users\petr\appdata\local\packages\microsoft.4297127d64ec6_8wekyb3d8bbwe\localcache\local\runtime\java-runtime-alpha\windows-x64\java-runtime-alpha\bin\javaw.exe
FirewallRules: [UDP Query User{8CAA9911-238E-4D60-88D5-921B2FBC29A8}C:\users\petr\appdata\local\packages\microsoft.4297127d64ec6_8wekyb3d8bbwe\localcache\local\runtime\java-runtime-alpha\windows-x64\java-runtime-alpha\bin\javaw.exe] => (Allow) C:\users\petr\appdata\local\packages\microsoft.4297127d64ec6_8wekyb3d8bbwe\localcache\local\runtime\java-runtime-alpha\windows-x64\java-runtime-alpha\bin\javaw.exe
FirewallRules: [{D0A813BD-A545-4DB3-BC78-7F747065565D}] => (Allow) C:\Program Files\WindowsApps\Microsoft.SkypeApp_15.97.3204.0_x64__kzf8qxf38zg5c\Skype\Skype.exe (Skype Software Sarl -> Skype Technologies S.A.)
FirewallRules: [{60A25B9D-53BF-45A8-95F9-0CF792257DF9}] => (Allow) C:\Program Files\WindowsApps\Microsoft.SkypeApp_15.97.3204.0_x64__kzf8qxf38zg5c\Skype\Skype.exe (Skype Software Sarl -> Skype Technologies S.A.)
FirewallRules: [{31F2A87C-FDF2-4407-9290-DE1B94B1F30B}] => (Allow) C:\Program Files\WindowsApps\Microsoft.SkypeApp_15.97.3204.0_x64__kzf8qxf38zg5c\Skype\Skype.exe (Skype Software Sarl -> Skype Technologies S.A.)
FirewallRules: [{1F3EAA05-A7AC-48C4-84DF-E58451AFFADD}] => (Allow) C:\Program Files\WindowsApps\Microsoft.SkypeApp_15.97.3204.0_x64__kzf8qxf38zg5c\Skype\Skype.exe (Skype Software Sarl -> Skype Technologies S.A.)
FirewallRules: [{118BD986-4BA8-4006-BA82-7B414551CF69}] => (Allow) C:\Program Files\Microsoft Office\root\Office16\outlook.exe (Microsoft Corporation -> Microsoft Corporation)
FirewallRules: [{28E86974-BBBA-4D5D-BA2C-324C1E4B8200}] => (Allow) C:\Program Files\Microsoft Office\root\Office16\Lync.exe (Microsoft Corporation -> Microsoft Corporation)
FirewallRules: [{FB5C7FB7-B86D-46A5-9681-D74B350D5B77}] => (Allow) C:\Program Files\Microsoft Office\root\Office16\UcMapi.exe (Microsoft Corporation -> Microsoft Corporation)
FirewallRules: [{C3DD2B1D-2546-48B3-B102-86185F87BE78}] => (Allow) C:\Program Files (x86)\Microsoft\EdgeWebView\Application\113.0.1774.35\msedgewebview2.exe (Microsoft Corporation -> Microsoft Corporation)
FirewallRules: [{69BFC80B-A455-46B1-AC2B-5BA70117566C}] => (Allow) C:\Program Files\Google\Chrome\Application\chrome.exe (Google LLC -> Google LLC)

==================== Restore Points =========================

02-05-2023 03:54:57 Naplánovaný kontrolní bod
04-05-2023 18:23:22 Instalační služba modulů systému Windows

==================== Faulty Device Manager Devices ============

Name: Detection Verification
Description: Detection Verification
Class Guid:
Manufacturer:
Service:
Problem: : The drivers for this device are not installed. (Code 28)
Resolution: To install the drivers for this device, click "Update Driver", which starts the Hardware Update wizard.


==================== Event log errors: ========================

Application errors:
==================
Error: (05/04/2023 06:25:39 PM) (Source: VSS) (EventID: 13) (User: )
Description: Informace služby Stínová kopie svazku: Server COM s identifikátorem CLSID {4e14fba2-2e22-11d1-9964-00c04fbbb345} a názvem CEventSystem nelze spustit. [0x8007045b, Probíhá vypnutí systému.
]

Error: (05/04/2023 06:25:39 PM) (Source: VSS) (EventID: 8193) (User: )
Description: Chyba služby Stínová kopie svazků: Při volání rutiny CoCreateInstance došlo k neočekávané chybě. hr= 0x8007045b, Probíhá vypnutí systému.
.

Error: (05/04/2023 06:25:39 PM) (Source: VSS) (EventID: 13) (User: )
Description: Informace služby Stínová kopie svazku: Server COM s identifikátorem CLSID {4e14fba2-2e22-11d1-9964-00c04fbbb345} a názvem CEventSystem nelze spustit. [0x8007045b, Probíhá vypnutí systému.
]

Error: (04/22/2023 02:48:04 AM) (Source: ESENT) (EventID: 428) (User: )
Description: SearchIndexer (9104,D,0) Windows: Databázový stroj odmítá operace aktualizace kvůli nedostatku místa na disku s protokolem.

Error: (04/22/2023 02:46:19 AM) (Source: ESENT) (EventID: 482) (User: )
Description: SearchIndexer (9104,D,22) Windows: Pokus o zápis do souboru C:\ProgramData\Microsoft\Search\Data\Applications\Windows\edbres00002.jrs na posunu 0 (0x0000000000000000) o 1048576 (0x00100000) bajtů po 0.000 sekundách selhal. Došlo k systémové chybě 112 (0x00000070): Na disku není dost místa. . Operace zápisu selže a dojde k chybě -1808 (0xfffff8f0). Pokud s tím budou dál problémy, může být soubor poškozený a budete ho možná muset obnovit z předchozí zálohy.

Error: (04/22/2023 02:45:13 AM) (Source: ESENT) (EventID: 482) (User: )
Description: SearchIndexer (9104,D,23) Windows: Pokus o zápis do souboru C:\ProgramData\Microsoft\Search\Data\Applications\Windows\edbres00002.jrs na posunu 0 (0x0000000000000000) o 1048576 (0x00100000) bajtů po 0.000 sekundách selhal. Došlo k systémové chybě 112 (0x00000070): Na disku není dost místa. . Operace zápisu selže a dojde k chybě -1808 (0xfffff8f0). Pokud s tím budou dál problémy, může být soubor poškozený a budete ho možná muset obnovit z předchozí zálohy.

Error: (04/22/2023 02:45:12 AM) (Source: ESENT) (EventID: 482) (User: )
Description: SearchIndexer (9104,D,22) Windows: Pokus o zápis do souboru C:\ProgramData\Microsoft\Search\Data\Applications\Windows\edbres00002.jrs na posunu 0 (0x0000000000000000) o 1048576 (0x00100000) bajtů po 0.000 sekundách selhal. Došlo k systémové chybě 112 (0x00000070): Na disku není dost místa. . Operace zápisu selže a dojde k chybě -1808 (0xfffff8f0). Pokud s tím budou dál problémy, může být soubor poškozený a budete ho možná muset obnovit z předchozí zálohy.

Error: (04/22/2023 02:45:11 AM) (Source: ESENT) (EventID: 482) (User: )
Description: SearchIndexer (9104,D,22) Windows: Pokus o zápis do souboru C:\ProgramData\Microsoft\Search\Data\Applications\Windows\edbres00002.jrs na posunu 0 (0x0000000000000000) o 1048576 (0x00100000) bajtů po 0.000 sekundách selhal. Došlo k systémové chybě 112 (0x00000070): Na disku není dost místa. . Operace zápisu selže a dojde k chybě -1808 (0xfffff8f0). Pokud s tím budou dál problémy, může být soubor poškozený a budete ho možná muset obnovit z předchozí zálohy.


System errors:
=============
Error: (05/05/2023 12:06:11 AM) (Source: DCOM) (EventID: 10010) (User: DESKTOP-1BAQ5EU)
Description: Server {283EDD52-69B2-473D-BEB6-2C0B4C01FD73} se v daném časovém limitu neregistroval u služby DCOM.

Error: (05/04/2023 07:04:47 PM) (Source: DCOM) (EventID: 10010) (User: DESKTOP-1BAQ5EU)
Description: Server {D63B10C5-BB46-4990-A94F-E40B9D520160} se v daném časovém limitu neregistroval u služby DCOM.

Error: (05/04/2023 07:04:30 PM) (Source: Service Control Manager) (EventID: 7000) (User: )
Description: Služba IntelHaxm neuspěla při spuštění v důsledku následující chyby:
Zařízení připojené k systému nefunguje.

Error: (05/04/2023 07:04:30 PM) (Source: IntelHaxm) (EventID: 3) (User: )
Description: Event-ID 3

Error: (05/04/2023 07:04:30 PM) (Source: IntelHaxm) (EventID: 6) (User: )
Description: Event-ID 6

Error: (05/04/2023 06:52:43 PM) (Source: Service Control Manager) (EventID: 7000) (User: )
Description: Služba IntelHaxm neuspěla při spuštění v důsledku následující chyby:
Zařízení připojené k systému nefunguje.

Error: (05/04/2023 06:52:43 PM) (Source: IntelHaxm) (EventID: 3) (User: )
Description: Event-ID 3

Error: (05/04/2023 06:52:43 PM) (Source: IntelHaxm) (EventID: 6) (User: )
Description: Event-ID 6


Windows Defender:
================
Date: 2023-05-09 00:57:39
Description:
Prohledávání Antivirová ochrana v programu Microsoft Defender bylo zastaveno před dokončením.
ID prohledávání: {D63A2518-EE54-4324-8ADB-7A137A907E57}
Typ prohledávání: Antimalwarový program
Parametry prohledávání: Rychlé prohledávání
Uživatel: NT AUTHORITY\SYSTEM

Date: 2023-05-07 11:36:36
Description:
Prohledávání Antivirová ochrana v programu Microsoft Defender bylo zastaveno před dokončením.
ID prohledávání: {4507A600-BE73-4105-BB00-C72C84AE9751}
Typ prohledávání: Antimalwarový program
Parametry prohledávání: Rychlé prohledávání
Uživatel: NT AUTHORITY\SYSTEM

Date: 2023-05-02 16:25:46
Description:
Prohledávání Antivirová ochrana v programu Microsoft Defender bylo zastaveno před dokončením.
ID prohledávání: {A16D64E7-9B32-45CF-899C-CCD75BE48A5A}
Typ prohledávání: Antimalwarový program
Parametry prohledávání: Rychlé prohledávání
Uživatel: NT AUTHORITY\SYSTEM

Date: 2023-05-02 02:58:47
Description:
Prohledávání Antivirová ochrana v programu Microsoft Defender bylo zastaveno před dokončením.
ID prohledávání: {49FD9D8C-5229-4E5B-95AA-102E69DF20F3}
Typ prohledávání: Antimalwarový program
Parametry prohledávání: Rychlé prohledávání
Uživatel: NT AUTHORITY\SYSTEM

Date: 2023-04-29 22:43:15
Description:
Prohledávání Antivirová ochrana v programu Microsoft Defender bylo zastaveno před dokončením.
ID prohledávání: {F96CAC0D-E243-4FEE-A4DA-7147C821C354}
Typ prohledávání: Antimalwarový program
Parametry prohledávání: Rychlé prohledávání
Uživatel: NT AUTHORITY\SYSTEM

CodeIntegrity:
===============
Date: 2023-05-09 14:04:58
Description:
Code Integrity determined that a process (\Device\HarddiskVolume6\ProgramData\Microsoft\Windows Defender\Platform\4.18.2304.8-0\MsMpEng.exe) attempted to load \Device\HarddiskVolume6\Windows\System32\DriverStore\FileRepository\igdlh64.inf_amd64_4b34c18659561116\igd10iumd64.dll that did not meet the Custom 3 / Antimalware signing level requirements.

Date: 2023-05-07 11:34:08
Description:
Code Integrity determined that a process (\Device\HarddiskVolume6\ProgramData\Microsoft\Windows Defender\Platform\4.18.2304.8-0\MsMpEng.exe) attempted to load \Device\HarddiskVolume6\Program Files\Microsoft Office\root\vfs\ProgramFilesCommonX64\Microsoft Shared\OFFICE16\MSOXMLMF.DLL that did not meet the Custom 3 / Antimalware signing level requirements.


==================== Memory info ===========================

BIOS: Insyde Corp. V2.02 01/03/2019
Motherboard: KBL Charmander_KL
Processor: Intel(R) Core(TM) i5-8250U CPU @ 1.60GHz
Percentage of memory in use: 61%
Total physical RAM: 8067.6 MB
Available physical RAM: 3086.68 MB
Total Virtual: 13187.6 MB
Available Virtual: 6774.99 MB

==================== Drives ================================

Drive c: () (Fixed) (Total:231.75 GB) (Free:70.39 GB) (Model: WDC WDS250G2B0B-00YS70) NTFS
Drive d: (Nový svazek) (Fixed) (Total:931.01 GB) (Free:899.04 GB) (Model: WDC WD10SPZX-21Z10T0) NTFS

\\?\Volume{56ef905f-6532-47a9-ab14-e865b1ea6fe0}\ (Obnovení) (Fixed) (Total:0.49 GB) (Free:0.47 GB) NTFS
\\?\Volume{b4862920-2841-450b-8335-e4f0185c8b25}\ () (Fixed) (Total:0.53 GB) (Free:0.08 GB) NTFS
\\?\Volume{9e9cdc99-12e4-4675-bd90-c9e45a54424b}\ () (Fixed) (Total:0.5 GB) (Free:0.49 GB) FAT32
\\?\Volume{90784aba-de4d-44f6-9279-f9f9693be6e5}\ () (Fixed) (Total:0.09 GB) (Free:0.06 GB) FAT32

==================== MBR & Partition Table ====================

==========================================================
Disk: 0 (Protective MBR) (Size: 931.5 GB) (Disk ID: 00000000)

Partition: GPT.

==========================================================
Disk: 1 (Size: 232.9 GB) (Disk ID: 464FED47)

Partition: GPT.

==================== End of Addition.txt =======================

Uživatelský avatar
JaRon
Moderátor
Moderátor
Příspěvky: 15198
Registrován: 29 bře 2005 13:39
Bydliště: BB-SK

Re: Prosba o preventivní kontrolu

#6 Příspěvek od JaRon »

Logy su OK
FRST |ADWCleaner |MBAM |CCleaner |AVPTool

V prípade spokojnosti je možné podporiť fórum
https://platba.viry.cz/payment/

Odpovědět