Prosím o jednu preventivku, Děkuji

[kodl74]

Additional scan result of Farbar Recovery Scan Tool (x64) Version: 28-08-2023
Ran by kaPL74 (28-08-2023 18:58:37)
Running from C:\Users\kaPL74\Desktop
Microsoft Windows 10 Pro Version 22H2 19045.3324 (X64) (2020-08-23 09:27:51)
Boot Mode: Normal
==========================================================


==================== Accounts: =============================


(If an entry is included in the fixlist, it will be removed.)

Administrator (S-1-5-21-3640345311-2590231575-3648685039-500 - Administrator - Disabled)
DefaultAccount (S-1-5-21-3640345311-2590231575-3648685039-503 - Limited - Disabled)
Guest (S-1-5-21-3640345311-2590231575-3648685039-501 - Limited - Disabled)
kaPL74 (S-1-5-21-3640345311-2590231575-3648685039-1001 - Administrator - Enabled) => C:\Users\kaPL74
WDAGUtilityAccount (S-1-5-21-3640345311-2590231575-3648685039-504 - Limited - Disabled)

==================== Security Center ========================

(If an entry is included in the fixlist, it will be removed.)

AV: ESET Security (Enabled - Up to date) {DF8BEACB-94C9-218A-73AD-A78362A8C516}
AV: ESET Security (Enabled - Up to date) {89B55CC4-3881-78B2-11E2-479AE0371896}
AV: Windows Defender (Disabled - Up to date) {D68DDC3A-831F-4fae-9E44-DA132C1ACF46}
AV: ESET Security (Enabled - Up to date) {885D845F-AF19-0124-FECE-FFF49D00F440}
FW: ESET Firewall (Enabled) {B066057A-E576-007C-D591-56C163D3B33B}
FW: ESET Firewall (Enabled) {E7B06BEE-DEA6-20D2-58F2-0EB69C7B826D}
FW: ESET Firewall (Enabled) {B18EDDE1-72EE-79EA-3ABD-EEAF1EE45FED}

==================== Installed Programs ======================

(Only the adware programs with "Hidden" flag could be added to the fixlist to unhide them. The adware programs should be uninstalled manually.)

Adobe Photoshop 2023 (HKLM-x32\...\PHSP_24_6) (Version: 24.6.0.573 - Adobe Inc.)
AIDA64 (HKU\S-1-5-21-3640345311-2590231575-3648685039-1001\...\{A559093D-FCCB-1B3D-5504-74D07E48A7FB}) (Version: v.6.80.6200- 24.10.2022 Extreme - Libbi)
DeepL (HKU\S-1-5-21-3640345311-2590231575-3648685039-1001\...\https%3a##appdownload.deepl.com#windows#0install#deepl.xml) (Version: - )
Easy Photo Scan (HKLM-x32\...\{99364024-626C-4BE1-89C8-2F207023497B}) (Version: 1.00.0018 - Seiko Epson Corporation)
Epson Easy Photo Print 2 (HKLM-x32\...\{7E0261C4-8495-4365-BE48-647701D8B9BD}) (Version: 2.8.3.0 - Seiko Epson Corporation)
Epson Event Manager (HKLM-x32\...\{3ACC34BD-4B01-49CA-9859-0FDD746BB36E}) (Version: 3.11.0058 - Seiko Epson Corporation)
Epson E-Web Print (HKLM-x32\...\{6BF9F374-EC67-4808-A90C-F127DE6D989D}) (Version: 1.23.0000 - SEIKO EPSON CORPORATION)
EPSON L3150 Series Printer Uninstall (HKLM\...\EPSON L3150 Series) (Version: - Seiko Epson Corporation)
Epson Photo+ (HKLM-x32\...\{1E900386-22F3-43A8-8121-81C5A5512A0C}) (Version: 3.7.3.0 - Seiko Epson Corporation)
Epson Printer Connection Checker (HKLM-x32\...\{DE32F90E-1A29-4D74-BCF1-E7DDB25D713A}) (Version: 3.4.0.0 - Seiko Epson Corporation)
Epson Scan 2 (HKLM-x32\...\Epson Scan 2) (Version: - Seiko Epson Corporation)
EPSON Scan OCR Component (HKLM-x32\...\{563B99D8-8895-4E3E-AE8D-15BE8C05F1C1}) (Version: 3.00.04 - SEIKO EPSON Corp.)
EPSON Scan PDF EXtensions (HKLM-x32\...\{F9956472-6E16-4F83-BF9A-F887EF4A45B7}) (Version: 1.03.02 - SEIKO EPSON Corp.)
Epson ScanSmart (HKLM-x32\...\{D310BDCC-D4B4-4DC1-B9DF-D1D7367CAC4F}) (Version: 3.6.1 - Seiko Epson Corporation)
Epson Software Updater (HKLM-x32\...\{2A369D40-CE23-421A-8173-3C303A0A8355}) (Version: 4.6.6 - Seiko Epson Corporation)
ESET Premium Line Encryption (HKLM\...\{764DBB66-954B-498B-A8F0-5674FF309BAC}) (Version: 2.0.0.29 - ESET) Hidden
ESET Security (HKLM\...\{3B47BDC5-99BF-4F5C-A303-1F0F9DBC74F6}) (Version: 16.2.13.0 - ESET, spol. s r.o.)
Fliqlo Screen Saver (HKLM-x32\...\Fliqlo) (Version: - )
Logitech Options (HKLM\...\LogiOptions) (Version: 9.70.68 - Logitech)
Mafia: Definitive Edition (HKLM-x32\...\1993581340_is1) (Version: 1.0.3 - GOG.com)
Malwarebytes version 4.5.30.269 (HKLM\...\{35065F43-4BB2-439A-BFF7-0F1014F2E0CD}_is1) (Version: 4.5.30.269 - Malwarebytes)
Microsoft .NET Core Host - 3.1.10 (x64) (HKLM\...\{52B42932-15C1-45D4-8904-FC3117EEE69B}) (Version: 24.104.29419 - Microsoft Corporation) Hidden
Microsoft .NET Core Host FX Resolver - 3.1.10 (x64) (HKLM\...\{752B4412-A129-4CB2-AD96-B6D97EAD3090}) (Version: 24.104.29419 - Microsoft Corporation) Hidden
Microsoft .NET Core Runtime - 3.1.10 (x64) (HKLM\...\{396D7BC8-E3C8-4B3E-8C60-D50D94FDF09D}) (Version: 24.104.29419 - Microsoft Corporation) Hidden
Microsoft Edge (HKLM-x32\...\Microsoft Edge) (Version: 116.0.1938.62 - Microsoft Corporation)
Microsoft Edge WebView2 Runtime (HKLM-x32\...\Microsoft EdgeWebView) (Version: 116.0.1938.62 - Microsoft Corporation)
Microsoft Office Professional Plus 2016 - cs-cz (HKLM\...\ProPlusRetail - cs-cz) (Version: 16.0.16626.20170 - Microsoft Corporation)
Microsoft Update Health Tools (HKLM\...\{BB052C53-34CB-42DE-AF41-66FDFCEEC868}) (Version: 3.72.0.0 - Microsoft Corporation)
Microsoft Visual C++ 2005 Redistributable (HKLM-x32\...\{710f4c1c-cc18-4c49-8cbf-51240c89a1a2}) (Version: 8.0.61001 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x64 9.0.30729.17 (HKLM\...\{8220EEFE-38CD-377E-8595-13398D740ACE}) (Version: 9.0.30729 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x64 9.0.30729.4148 (HKLM\...\{4B6C7001-C7D6-3710-913E-5BC23FCE91E6}) (Version: 9.0.30729.4148 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x64 9.0.30729.6161 (HKLM\...\{5FCE6D76-F5DC-37AB-B2B8-22AB8CEDB1D4}) (Version: 9.0.30729.6161 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729 (HKLM-x32\...\{402ED4A1-8F5B-387A-8688-997ABF58B8F2}) (Version: 9.0.30729 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.17 (HKLM-x32\...\{9A25302D-30C0-39D9-BD6F-21E6EC160475}) (Version: 9.0.30729 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.6161 (HKLM-x32\...\{9BE518E6-ECC6-35A9-88E4-87755C07200F}) (Version: 9.0.30729.6161 - Microsoft Corporation)
Microsoft Visual C++ 2010 x64 Redistributable - 10.0.40219 (HKLM\...\{1D8E6291-B0D5-35EC-8441-6616F567A0F7}) (Version: 10.0.40219 - Microsoft Corporation)
Microsoft Visual C++ 2010 x86 Redistributable - 10.0.40219 (HKLM-x32\...\{F0C3E5D1-1ADE-321E-8167-68EF0DE699A5}) (Version: 10.0.40219 - Microsoft Corporation)
Microsoft Visual C++ 2012 Redistributable (x64) - 11.0.61030 (HKLM-x32\...\{ca67548a-5ebe-413a-b50c-4b9ceb6d66c6}) (Version: 11.0.61030.0 - Microsoft Corporation)
Microsoft Visual C++ 2012 Redistributable (x86) - 11.0.61030 (HKLM-x32\...\{33d1fd90-4274-48a1-9bc1-97e33d9c2d6f}) (Version: 11.0.61030.0 - Microsoft Corporation)
Microsoft Visual C++ 2012 x64 Additional Runtime - 11.0.61030 (HKLM\...\{37B8F9C7-03FB-3253-8781-2517C99D7C00}) (Version: 11.0.61030 - Microsoft Corporation) Hidden
Microsoft Visual C++ 2012 x64 Minimum Runtime - 11.0.61030 (HKLM\...\{CF2BEA3C-26EA-32F8-AA9B-331F7E34BA97}) (Version: 11.0.61030 - Microsoft Corporation) Hidden
Microsoft Visual C++ 2012 x86 Additional Runtime - 11.0.61030 (HKLM-x32\...\{B175520C-86A2-35A7-8619-86DC379688B9}) (Version: 11.0.61030 - Microsoft Corporation) Hidden
Microsoft Visual C++ 2012 x86 Minimum Runtime - 11.0.61030 (HKLM-x32\...\{BD95A8CD-1D9F-35AD-981A-3E7925026EBB}) (Version: 11.0.61030 - Microsoft Corporation) Hidden
Microsoft Visual C++ 2013 Redistributable (x64) - 12.0.30501 (HKLM-x32\...\{050d4fc8-5d48-4b8f-8972-47c82c46020f}) (Version: 12.0.30501.0 - Microsoft Corporation)
Microsoft Visual C++ 2013 Redistributable (x64) - 12.0.40660 (HKLM-x32\...\{ef6b00ec-13e1-4c25-9064-b2f383cb8412}) (Version: 12.0.40660.0 - Microsoft Corporation)
Microsoft Visual C++ 2013 Redistributable (x64) - 12.0.40664 (HKLM-x32\...\{042d26ef-3dbe-4c25-95d3-4c1b11b235a7}) (Version: 12.0.40664.0 - Microsoft Corporation)
Microsoft Visual C++ 2013 Redistributable (x86) - 12.0.30501 (HKLM-x32\...\{f65db027-aff3-4070-886a-0d87064aabb1}) (Version: 12.0.30501.0 - Microsoft Corporation)
Microsoft Visual C++ 2013 Redistributable (x86) - 12.0.40660 (HKLM-x32\...\{61087a79-ac85-455c-934d-1fa22cc64f36}) (Version: 12.0.40660.0 - Microsoft Corporation)
Microsoft Visual C++ 2013 Redistributable (x86) - 12.0.40664 (HKLM-x32\...\{9dff3540-fc85-4ed5-ac84-9e3c7fd8bece}) (Version: 12.0.40664.0 - Microsoft Corporation)
Microsoft Visual C++ 2013 x64 Additional Runtime - 12.0.40664 (HKLM\...\{010792BA-551A-3AC0-A7EF-0FAB4156C382}) (Version: 12.0.40664 - Microsoft Corporation) Hidden
Microsoft Visual C++ 2013 x64 Minimum Runtime - 12.0.40664 (HKLM\...\{53CF6934-A98D-3D84-9146-FC4EDF3D5641}) (Version: 12.0.40664 - Microsoft Corporation) Hidden
Microsoft Visual C++ 2013 x86 Additional Runtime - 12.0.40664 (HKLM-x32\...\{D401961D-3A20-3AC7-943B-6139D5BD490A}) (Version: 12.0.40664 - Microsoft Corporation) Hidden
Microsoft Visual C++ 2013 x86 Minimum Runtime - 12.0.40664 (HKLM-x32\...\{8122DAB1-ED4D-3676-BB0A-CA368196543E}) (Version: 12.0.40664 - Microsoft Corporation) Hidden
Microsoft Visual C++ 2015-2019 Redistributable (x64) - 14.22.27821 (HKLM-x32\...\{6361b579-2795-4886-b2a8-53d5239b6452}) (Version: 14.22.27821.0 - Microsoft Corporation)
Microsoft Visual C++ 2015-2019 Redistributable (x64) - 14.23.27820 (HKLM-x32\...\{852adda4-4c78-4a38-b583-c0b360a329d6}) (Version: 14.23.27820.0 - Microsoft Corporation)
Microsoft Visual C++ 2015-2019 Redistributable (x64) - 14.25.28508 (HKLM-x32\...\{6913e92a-b64e-41c9-a5e6-cef39207fe89}) (Version: 14.25.28508.3 - Microsoft Corporation)
Microsoft Visual C++ 2015-2019 Redistributable (x86) - 14.22.27821 (HKLM-x32\...\{5bfc1380-fd35-4b85-9715-7351535d077e}) (Version: 14.22.27821.0 - Microsoft Corporation)
Microsoft Visual C++ 2015-2019 Redistributable (x86) - 14.23.27820 (HKLM-x32\...\{45231ab4-69fd-486a-859d-7a59fcd11013}) (Version: 14.23.27820.0 - Microsoft Corporation)
Microsoft Visual C++ 2015-2022 Redistributable (x64) - 14.31.31103 (HKLM-x32\...\{2aaf1df0-eb13-4099-9992-962bb4e596d1}) (Version: 14.31.31103.0 - Microsoft Corporation)
Microsoft Visual C++ 2015-2022 Redistributable (x64) - 14.32.31326 (HKLM-x32\...\{2d507699-404c-4c8b-a54a-38e352f32cdd}) (Version: 14.32.31326.0 - Microsoft Corporation)
Microsoft Visual C++ 2015-2022 Redistributable (x86) - 14.32.31326 (HKLM-x32\...\{817e21c1-6b3a-4bc1-8c49-67e4e1887b3a}) (Version: 14.32.31326.0 - Microsoft Corporation)
Microsoft Visual C++ 2017 Redistributable (x86) - 14.16.27027 (HKLM-x32\...\{39e28474-b67b-4209-af1b-e9ad0a83d8ca}) (Version: 14.16.27027.1 - Microsoft Corporation)
Microsoft Visual C++ 2022 X64 Additional Runtime - 14.32.31326 (HKLM\...\{38624EB5-356D-4B08-8357-C33D89A5C0C5}) (Version: 14.32.31326 - Microsoft Corporation) Hidden
Microsoft Visual C++ 2022 X64 Minimum Runtime - 14.32.31326 (HKLM\...\{C96241EA-9900-4FE8-85B3-1E238D509DF6}) (Version: 14.32.31326 - Microsoft Corporation) Hidden
Microsoft Visual C++ 2022 X86 Additional Runtime - 14.32.31326 (HKLM-x32\...\{A250E750-DB3F-40C1-8460-8EF77C7582DA}) (Version: 14.32.31326 - Microsoft Corporation) Hidden
Microsoft Visual C++ 2022 X86 Minimum Runtime - 14.32.31326 (HKLM-x32\...\{46E11E7F-01E1-44D0-BB86-C67342D253DD}) (Version: 14.32.31326 - Microsoft Corporation) Hidden
Microsoft Visual Studio 2010 Tools for Office Runtime (x64) (HKLM\...\{7C0242A3-8B66-35D1-9FE0-13B426ACB609}) (Version: 10.0.60729 - Microsoft Corporation) Hidden
Microsoft Visual Studio 2010 Tools for Office Runtime (x64) (HKLM\...\Microsoft Visual Studio 2010 Tools for Office Runtime (x64)) (Version: 10.0.60724 - Microsoft Corporation)
Microsoft Windows Desktop Runtime - 3.1.10 (x64) (HKLM\...\{1D2CBC67-A026-45CA-93FE-089E227882FB}) (Version: 24.104.29419 - Microsoft Corporation) Hidden
Microsoft Windows Desktop Runtime - 3.1.10 (x64) (HKLM-x32\...\{db36836f-11c3-4087-8f9c-daa0086ac619}) (Version: 3.1.10.29419 - Microsoft Corporation)
MozBackup 1.5.1 (HKLM-x32\...\MozBackup) (Version: - Pavel Cvrcek)
Mozilla Firefox (x64 cs) (HKLM\...\Mozilla Firefox 116.0.3 (x64 cs)) (Version: 116.0.3 - Mozilla)
Next Generation Visualisations (HKLM-x32\...\{2E376AD9-5C49-4F7D-A0BA-6A44E8FA5A3B}) (Version: 1.0.0 - Microsoft)
Nexus (HKLM-x32\...\Winstep Xtreme_is1) (Version: - )
NVIDIA FrameView SDK 1.3.8513.32290073 (HKLM\...\{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_FrameViewSdk) (Version: 1.3.8513.32290073 - NVIDIA Corporation)
NVIDIA GeForce Experience 3.27.0.112 (HKLM\...\{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_Display.GFExperience) (Version: 3.27.0.112 - NVIDIA Corporation)
NVIDIA GeForce NOW 2.0.51.114 (HKU\S-1-5-21-3640345311-2590231575-3648685039-1001\...\{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_GeforceNOW) (Version: 2.0.51.114 - NVIDIA Corporation)
NVIDIA Ovladače grafiky 536.99 (HKLM\...\{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_Display.Driver) (Version: 536.99 - NVIDIA Corporation)
NVIDIA Systémový software PhysX 9.21.0713 (HKLM\...\{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_Display.PhysX) (Version: 9.21.0713 - NVIDIA Corporation)
Office 16 Click-to-Run Extensibility Component (HKLM-x32\...\{90160000-008C-0000-0000-0000000FF1CE}) (Version: 16.0.16626.20170 - Microsoft Corporation) Hidden
Office 16 Click-to-Run Extensibility Component 64-bit Registration (HKLM\...\{90160000-00DD-0000-1000-0000000FF1CE}) (Version: 16.0.16626.20118 - Microsoft Corporation) Hidden
Office 16 Click-to-Run Licensing Component (HKLM\...\{90160000-008F-0000-1000-0000000FF1CE}) (Version: 16.0.16626.20170 - Microsoft Corporation) Hidden
Office 16 Click-to-Run Localization Component (HKLM-x32\...\{90160000-008C-0405-0000-0000000FF1CE}) (Version: 16.0.14131.20278 - Microsoft Corporation) Hidden
Opera Stable 101.0.4843.43 (HKU\S-1-5-21-3640345311-2590231575-3648685039-1001\...\Opera 101.0.4843.43) (Version: 101.0.4843.43 - Opera Software)
Origin (HKLM-x32\...\Origin) (Version: 10.5.115.51547 - Electronic Arts, Inc.)
Padbury Clock Screensaver 1.2 (HKLM-x32\...\Padbury Clock Screensaver_is1) (Version: 1.2 - IcoFX Software S.R.L.)
PDF-Viewer (HKLM\...\{A278382D-4F1B-4D47-9885-8523F7261E8D}_is1) (Version: 2.5.317.1 - Tracker Software Products Ltd)
Příručky společnosti EPSON (HKLM-x32\...\{84CECC1B-21EF-41B1-9A91-3E724E5D99D3}) (Version: 1.57.0.0 - Seiko Epson Corporation)
Revo Uninstaller Pro 3.2.1 (HKLM\...\{67579783-0FB7-4F7B-B881-E5BE47C9DBE0}_is1) (Version: 3.2.1 - VS Revo Group, Ltd.)
Samsung NVM Express Driver 3.3.0.2003 (HKLM\...\{89D55DD5-FE94-497B-B5E5-91915D52DBF2}) (Version: 3.3.0.2003 - Samsung Electronics Co., Ltd) Hidden
Skype verze 8.102 (HKLM-x32\...\Skype_is1) (Version: 8.102 - Skype Technologies S.A.)
Steam (HKLM-x32\...\Steam) (Version: 2.10.91.91 - Valve Corporation)
UXP WebView Support (HKLM-x32\...\UXPW_1_1_0) (Version: 1.1.0 - Adobe Inc.)
VLC media player (HKLM\...\VLC media player) (Version: 3.0.18 - VideoLAN)
VSO ConvertXToDVD 7 (HKLM-x32\...\{A021D003-6933-4EA4-B582-F1D0C3E52409}_is1) (Version: 7.0.0.56 - VSO Software)
WinRAR (HKLM-x32\...\WinRAR) (Version: v.6.21 64bit Final CZ - 20.02.2023 - Libbi)

Packages:
=========
Doplněk multimediálního modulu pro aplikaci Fotografie -> C:\Program Files\WindowsApps\Microsoft.Photos.MediaEngineDLC_1.0.0.0_x64__8wekyb3d8bbwe [2020-07-24] (Microsoft Corporation)
Microsoft Advertising SDK for XAML -> C:\Program Files\WindowsApps\Microsoft.Advertising.Xaml_10.1811.1.0_x64__8wekyb3d8bbwe [2020-02-29] (Microsoft Corporation) [MS Ad]
Microsoft Advertising SDK for XAML -> C:\Program Files\WindowsApps\Microsoft.Advertising.Xaml_10.1811.1.0_x86__8wekyb3d8bbwe [2020-02-29] (Microsoft Corporation) [MS Ad]
NVIDIA Control Panel -> C:\Program Files\WindowsApps\NVIDIACorp.NVIDIAControlPanel_8.1.964.0_x64__56jybvy8sckqj [2023-08-13] (NVIDIA Corp.)
Realtek Audio Control -> C:\Program Files\WindowsApps\RealtekSemiconductorCorp.RealtekAudioControl_1.2.175.0_x64__dt26b99r8h8gj [2020-08-23] (Realtek Semiconductor Corp)

==================== Custom CLSID (Whitelisted): ==============

(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)

CustomCLSID: HKU\S-1-5-21-3640345311-2590231575-3648685039-1001_Classes\CLSID\{0B7AD8D3-094A-44DE-A348-83C6C3FA347C}\InprocServer32 -> C:\Users\kaPL74\AppData\Local\Microsoft\Windows Sidebar\Gadgets\Clipboarder.gadget\Release\Clipboarder64.dll => No File
CustomCLSID: HKU\S-1-5-21-3640345311-2590231575-3648685039-1001_Classes\CLSID\{0E7BE950-4ACC-47CB-834B-41A8B96BBFF9}\InprocServer32 -> C:\Users\kaPL74\AppData\Local\Microsoft\Windows Sidebar\Gadgets\Sidebar7.gadget\Release\Sidebar7.64.dll => No File
CustomCLSID: HKU\S-1-5-21-3640345311-2590231575-3648685039-1001_Classes\CLSID\{227C9E8F-71A1-4B23-9076-682A1A8EAAED}\localserver32 -> "c:\program files\macrium\common\reflectmonitor.exe" -ToastActivated => No File
CustomCLSID: HKU\S-1-5-21-3640345311-2590231575-3648685039-1001_Classes\CLSID\{9489FEB2-1925-4D01-B788-6D912C70F7F2}\localserver32 -> C:\Users\kaPL74\AppData\Local\Microsoft\OneDrive\19.232.1124.0008_1\FileCoAuth.exe => No File
CustomCLSID: HKU\S-1-5-21-3640345311-2590231575-3648685039-1001_Classes\CLSID\{b72e6f5e-f6e0-a9eb-461b-6118363bd15c}\localserver32 -> C:\Users\kaPL74\AppData\Local\0install.net\implementations\sha256new_IA5ZAWY5757G2CCVTIIUZMVSBYDGFXZAP22TDTFSS74QEP3GNCDA\DeepL.exe (DeepL SE -> DeepL SE)
ShellIconOverlayIdentifiers: [ AccExtIco1] -> {AB9CF9F8-8A96-4F9D-BF21-CE85714C3A47} => C:\Program Files (x86)\Common Files\Adobe\CoreSyncExtension\CoreSync_x64.dll [2023-06-25] (Adobe Inc. -> )
ShellIconOverlayIdentifiers: [ AccExtIco2] -> {853B7E05-C47D-4985-909A-D0DC5C6D7303} => C:\Program Files (x86)\Common Files\Adobe\CoreSyncExtension\CoreSync_x64.dll [2023-06-25] (Adobe Inc. -> )
ShellIconOverlayIdentifiers: [ AccExtIco3] -> {42D38F2E-98E9-4382-B546-E24E4D6D04BB} => C:\Program Files (x86)\Common Files\Adobe\CoreSyncExtension\CoreSync_x64.dll [2023-06-25] (Adobe Inc. -> )
ShellIconOverlayIdentifiers: [ESD Shell Icon Overlay Identifier] -> {AF106685-9C86-48AF-8524-8F485C459E17} => C:\Program Files\ESET\ESET Secure Data\esdovrly.dll [2022-08-24] (DESlock Limited -> DESlock Limited)
ContextMenuHandlers1: [AccExt] -> {2A118EB5-5797-4F5E-8B3D-F4ECBA3C98E4} => C:\Program Files (x86)\Common Files\Adobe\CoreSyncExtension\CoreSync_x64.dll [2023-06-25] (Adobe Inc. -> )
ContextMenuHandlers1: [ESET Security Shell] -> {B089FE88-FB52-11D3-BDF1-0050DA34150D} => C:\Program Files\ESET\ESET Security\shellExt.dll [2023-08-08] (ESET, spol. s r.o. -> ESET)
ContextMenuHandlers1: [WinRAR] -> {B41DB860-64E4-11D2-9906-E49FADC173CA} => C:\Program Files\WinRAR\rarext.dll [2023-02-16] (win.rar GmbH -> Alexander Roshal)
ContextMenuHandlers1-x32: [WinRAR32] -> {B41DB860-8EE4-11D2-9906-E49FADC173CA} => C:\Program Files\WinRAR\rarext32.dll [2023-02-16] (win.rar GmbH -> Alexander Roshal)
ContextMenuHandlers2: [ESET Security Shell] -> {B089FE88-FB52-11D3-BDF1-0050DA34150D} => C:\Program Files\ESET\ESET Security\shellExt.dll [2023-08-08] (ESET, spol. s r.o. -> ESET)
ContextMenuHandlers5: [NvCplDesktopContext] -> {3D1975AF-48C6-4f8e-A182-BE0E08FA86A9} => C:\WINDOWS\System32\DriverStore\FileRepository\nvmdi.inf_amd64_c885f29e168e777a\nvshext.dll [2023-08-05] (NVIDIA Corporation -> NVIDIA Corporation)
ContextMenuHandlers6: [AccExt] -> {2A118EB5-5797-4F5E-8B3D-F4ECBA3C98E4} => C:\Program Files (x86)\Common Files\Adobe\CoreSyncExtension\CoreSync_x64.dll [2023-06-25] (Adobe Inc. -> )
ContextMenuHandlers6: [ESET Security Shell] -> {B089FE88-FB52-11D3-BDF1-0050DA34150D} => C:\Program Files\ESET\ESET Security\shellExt.dll [2023-08-08] (ESET, spol. s r.o. -> ESET)
ContextMenuHandlers6: [RUShellExt] -> {2C5515DC-2A7E-4BFD-B813-CACC2B685EB7} => C:\Program Files\VS Revo Group\Revo Uninstaller Pro\RUExt.dll [2016-12-15] (VS Revo Group -> VS Revo Group)
ContextMenuHandlers6: [WinRAR] -> {B41DB860-64E4-11D2-9906-E49FADC173CA} => C:\Program Files\WinRAR\rarext.dll [2023-02-16] (win.rar GmbH -> Alexander Roshal)
ContextMenuHandlers6-x32: [WinRAR32] -> {B41DB860-8EE4-11D2-9906-E49FADC173CA} => C:\Program Files\WinRAR\rarext32.dll [2023-02-16] (win.rar GmbH -> Alexander Roshal)

==================== Codecs (Whitelisted) ====================

(If an entry is included in the fixlist, the registry item will be restored to default or removed. The file will not be moved.)

HKLM\...\Drivers32-x32: [vidc.VP60] => C:\WINDOWS\system32\vp6vfw.dll
HKLM\...\Drivers32-x32: [vidc.VP61] => C:\WINDOWS\system32\vp6vfw.dll

==================== Shortcuts & WMI ========================

==================== Loaded Modules (Whitelisted) =============

2022-11-24 14:05 - 2022-08-21 03:44 - 001160192 _____ () [File not signed] [File is in use] C:\Users\kaPL74\AppData\Local\0install.net\implementations\sha256new_WNVUT4A7COIHUPNX3HWQQZD5BU3GEPFRMM3BLVJW4ICRXIJEKBJQ\CefSharp.BrowserSubprocess.Core.dll
2022-11-24 14:05 - 2022-08-19 09:38 - 175591424 _____ () [File not signed] C:\Users\kaPL74\AppData\Local\0install.net\implementations\sha256new_WNVUT4A7COIHUPNX3HWQQZD5BU3GEPFRMM3BLVJW4ICRXIJEKBJQ\libcef.dll
2022-11-24 14:05 - 2022-08-19 08:11 - 000442880 _____ () [File not signed] C:\Users\kaPL74\AppData\Local\0install.net\implementations\sha256new_WNVUT4A7COIHUPNX3HWQQZD5BU3GEPFRMM3BLVJW4ICRXIJEKBJQ\libEGL.dll
2022-11-24 14:05 - 2022-08-19 08:10 - 006480384 _____ () [File not signed] C:\Users\kaPL74\AppData\Local\0install.net\implementations\sha256new_WNVUT4A7COIHUPNX3HWQQZD5BU3GEPFRMM3BLVJW4ICRXIJEKBJQ\libGLESv2.dll
2022-11-24 14:05 - 2022-08-19 08:07 - 004077568 _____ () [File not signed] C:\Users\kaPL74\AppData\Local\0install.net\implementations\sha256new_WNVUT4A7COIHUPNX3HWQQZD5BU3GEPFRMM3BLVJW4ICRXIJEKBJQ\vk_swiftshader.dll
2022-11-24 14:05 - 2022-08-19 08:10 - 000828928 _____ () [File not signed] C:\Users\kaPL74\AppData\Local\0install.net\implementations\sha256new_WNVUT4A7COIHUPNX3HWQQZD5BU3GEPFRMM3BLVJW4ICRXIJEKBJQ\vulkan-1.dll
2020-04-18 10:28 - 2020-04-18 10:28 - 000000000 ____L (Microsoft Corporation) [symlink -> C:\Program Files\Common Files\Microsoft Shared\ClickToRun\AppvIsvSubsystems32.dll] C:\Program Files (x86)\Microsoft Office\Root\Office16\AppVIsvSubsystems32.dll
2020-04-18 10:28 - 2020-04-18 10:28 - 000000000 ____L (Microsoft Corporation) [symlink -> C:\Program Files\Common Files\Microsoft Shared\ClickToRun\C2R32.dll] C:\Program Files (x86)\Microsoft Office\Root\Office16\c2r32.dll
2022-11-24 14:05 - 2022-08-19 08:16 - 001231872 _____ (The Chromium Authors) [File not signed] C:\Users\kaPL74\AppData\Local\0install.net\implementations\sha256new_WNVUT4A7COIHUPNX3HWQQZD5BU3GEPFRMM3BLVJW4ICRXIJEKBJQ\chrome_elf.dll
2022-07-01 18:45 - 2022-07-01 18:45 - 001282048 _____ (The OpenSSL Project, hxxp://www.openssl.org/) [File not signed] C:\Program Files (x86)\Origin\LIBEAY32.dll
2022-07-01 18:45 - 2022-07-01 18:45 - 000279040 _____ (The OpenSSL Project, hxxp://www.openssl.org/) [File not signed] C:\Program Files (x86)\Origin\ssleay32.dll
2022-07-01 18:45 - 2022-07-01 18:45 - 001611264 _____ (The Qt Company Ltd) [File not signed] C:\Program Files (x86)\Origin\platforms\qwindows.dll
2022-09-02 19:09 - 2022-07-01 18:45 - 005487104 _____ (The Qt Company Ltd) [File not signed] C:\Program Files (x86)\Origin\Qt5Core.dll
2022-09-02 19:09 - 2022-07-01 18:45 - 005841920 _____ (The Qt Company Ltd) [File not signed] C:\Program Files (x86)\Origin\Qt5Gui.dll
2022-09-02 19:09 - 2022-07-01 18:45 - 001179136 _____ (The Qt Company Ltd) [File not signed] C:\Program Files (x86)\Origin\Qt5Network.dll
2022-09-02 19:09 - 2022-07-01 18:45 - 000146432 _____ (The Qt Company Ltd) [File not signed] C:\Program Files (x86)\Origin\Qt5WebSockets.dll
2022-09-02 19:09 - 2022-07-01 18:45 - 005089792 _____ (The Qt Company Ltd) [File not signed] C:\Program Files (x86)\Origin\Qt5Widgets.dll
2022-09-02 19:09 - 2022-07-01 18:45 - 000184832 _____ (The Qt Company Ltd) [File not signed] C:\Program Files (x86)\Origin\Qt5Xml.dll
2020-02-29 20:58 - 2017-11-24 18:43 - 000026624 _____ (Winstep Software Technologies) [File not signed] C:\Program Files (x86)\Winstep\WsxMMTimer.dll

==================== Alternate Data Streams (Whitelisted) ========

==================== Safe Mode (Whitelisted) ==================

(If an entry is included in the fixlist, it will be removed from the registry. The "AlternateShell" will be restored.)

HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\amsdk.sys => ""="Driver"
HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\MBAMService => ""="Service"
HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Network\amsdk.sys => ""="Driver"
HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Network\MBAMService => ""="Service"

==================== Association (Whitelisted) =================

==================== Internet Explorer (Whitelisted) ==========

BHO: Skype for Business Browser Helper -> {31D09BA0-12F5-4CCE-BE8A-2923E76605DA} -> C:\Program Files (x86)\Microsoft Office\root\VFS\ProgramFilesX64\Microsoft Office\Office16\OCHelper.dll [2023-08-01] (Microsoft Corporation -> Microsoft Corporation)
BHO: Easy Photo Print -> {9421DD08-935F-4701-A9CA-22DF90AC4EA6} -> C:\Program Files (x86)\Epson Software\Easy Photo Print\EPTBL.dll [2015-07-31] (SEIKO EPSON CORPORATION -> Seiko Epson Corporation)
BHO-x32: E-Web Print -> {201CF130-E29C-4E5C-A73F-CD197DEFA6AE} -> C:\Program Files (x86)\Epson Software\E-Web Print\ewps_tb.dll [2014-11-27] (SEIKO EPSON CORPORATION -> SEIKO EPSON CORPORATION)
BHO-x32: Skype for Business Browser Helper -> {31D09BA0-12F5-4CCE-BE8A-2923E76605DA} -> C:\Program Files (x86)\Microsoft Office\root\Office16\OCHelper.dll [2023-08-01] (Microsoft Corporation -> Microsoft Corporation)
Toolbar: HKLM - Easy Photo Print - {9421DD08-935F-4701-A9CA-22DF90AC4EA6} - C:\Program Files (x86)\Epson Software\Easy Photo Print\EPTBL.dll [2015-07-31] (SEIKO EPSON CORPORATION -> Seiko Epson Corporation)
Toolbar: HKLM-x32 - E-Web Print - {201CF130-E29C-4E5C-A73F-CD197DEFA6AE} - C:\Program Files (x86)\Epson Software\E-Web Print\ewps_tb.dll [2014-11-27] (SEIKO EPSON CORPORATION -> SEIKO EPSON CORPORATION)
Handler-x32: mso-minsb-roaming.16 - {83C25742-A9F7-49FB-9138-434302C88D07} - C:\Program Files (x86)\Microsoft Office\root\Office16\MSOSB.DLL [2023-08-01] (Microsoft Corporation -> Microsoft Corporation)
Handler-x32: mso-minsb.16 - {42089D2D-912D-4018-9087-2B87803E93FB} - C:\Program Files (x86)\Microsoft Office\root\Office16\MSOSB.DLL [2023-08-01] (Microsoft Corporation -> Microsoft Corporation)
Handler-x32: osf-roaming.16 - {42089D2D-912D-4018-9087-2B87803E93FB} - C:\Program Files (x86)\Microsoft Office\root\Office16\MSOSB.DLL [2023-08-01] (Microsoft Corporation -> Microsoft Corporation)
Handler-x32: osf.16 - {5504BE45-A83B-4808-900A-3A5C36E7F77A} - C:\Program Files (x86)\Microsoft Office\root\Office16\MSOSB.DLL [2023-08-01] (Microsoft Corporation -> Microsoft Corporation)

==================== Hosts content: =========================

(If needed Hosts: directive could be included in the fixlist to reset Hosts.)

2019-03-19 06:49 - 2023-05-02 22:04 - 000000841 _____ C:\WINDOWS\system32\drivers\etc\hosts
127.0.0.1 localhost

==================== Other Areas ===========================

(Currently there is no automatic fix for this section.)

HKU\S-1-5-21-3640345311-2590231575-3648685039-1001\Control Panel\Desktop\\Wallpaper -> C:\Users\kaPL74\AppData\Local\Packages\Microsoft.Windows.Photos_8wekyb3d8bbwe\LocalState\PhotosAppBackground\pxfuel2.jpg
DNS Servers: 192.168.100.1
HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Policies\System => (ConsentPromptBehaviorAdmin: 5) (ConsentPromptBehaviorUser: 3) (EnableLUA: 1)
HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\AppHost => (EnableWebContentEvaluation: 1)
Windows Firewall is enabled.

==================== MSCONFIG/TASK MANAGER disabled items ==

(If an entry is included in the fixlist, it will be removed.)

HKLM\...\StartupApproved\Run: => "SecurityHealth"
HKLM\...\StartupApproved\Run: => "AdobeAAMUpdater-1.0"
HKLM\...\StartupApproved\Run: => "Wondershare Helper Compact.exe"
HKLM\...\StartupApproved\Run: => "DisplayTune.exe"
HKLM\...\StartupApproved\Run: => "Logitech Download Assistant"
HKLM\...\StartupApproved\Run: => "EPPCCMON"
HKLM\...\StartupApproved\Run: => "LogiOptions"
HKLM\...\StartupApproved\Run32: => "Wondershare Helper Compact.exe"
HKLM\...\StartupApproved\Run32: => "EEventManager"
HKLM\...\StartupApproved\Run32: => "Adobe CCXProcess"
HKU\S-1-5-21-3640345311-2590231575-3648685039-1001\...\StartupApproved\StartupFolder: => "Poslat do aplikace OneNote.lnk"
HKU\S-1-5-21-3640345311-2590231575-3648685039-1001\...\StartupApproved\Run: => "Steam"
HKU\S-1-5-21-3640345311-2590231575-3648685039-1001\...\StartupApproved\Run: => "CCXProcess"
HKU\S-1-5-21-3640345311-2590231575-3648685039-1001\...\StartupApproved\Run: => "Gaijin.Net Updater"
HKU\S-1-5-21-3640345311-2590231575-3648685039-1001\...\StartupApproved\Run: => "Opera Browser Assistant"
HKU\S-1-5-21-3640345311-2590231575-3648685039-1001\...\StartupApproved\Run: => "Avast_UI"
HKU\S-1-5-21-3640345311-2590231575-3648685039-1001\...\StartupApproved\Run: => "Synapse"
HKU\S-1-5-21-3640345311-2590231575-3648685039-1001\...\StartupApproved\Run: => "StickyPassword"
HKU\S-1-5-21-3640345311-2590231575-3648685039-1001\...\StartupApproved\Run: => "MicrosoftEdgeAutoLaunch_7A1077EE3B991D247C5AEDA2F36CDE89"

==================== FirewallRules (Whitelisted) ================

(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)

FirewallRules: [{B741A4D3-2B14-45FA-B169-FA9045EE0D7A}] => (Allow) C:\Program Files (x86)\Steam\bin\cef\cef.win7x64\steamwebhelper.exe (Valve Corp. -> Valve Corporation)
FirewallRules: [{B0196ADA-A7D6-4B38-8B9D-94E86AC02BEB}] => (Allow) C:\Program Files (x86)\Steam\bin\cef\cef.win7x64\steamwebhelper.exe (Valve Corp. -> Valve Corporation)
FirewallRules: [{831072C7-BAF4-40F6-AB8B-355336447349}] => (Allow) C:\Program Files (x86)\Epson Software\Event Manager\EEventManager.exe (SEIKO EPSON CORPORATION -> Seiko Epson Corporation)
FirewallRules: [{83863D5C-4185-4E37-BFAB-E273A99C823E}] => (Allow) C:\Program Files (x86)\Epson Software\Event Manager\EEventManager.exe (SEIKO EPSON CORPORATION -> Seiko Epson Corporation)
FirewallRules: [{57A952ED-4D02-45BB-844A-6999ACEB261B}] => (Allow) C:\Program Files (x86)\Steam\steamapps\common\Euro Truck Simulator 2\bin\win_x86\eurotrucks2.exe (SCS Software s.r.o. -> SCS Software)
FirewallRules: [{5D4C55C2-E162-43DE-87A5-9C75400F39A2}] => (Allow) C:\Program Files (x86)\Steam\steamapps\common\Euro Truck Simulator 2\bin\win_x86\eurotrucks2.exe (SCS Software s.r.o. -> SCS Software)
FirewallRules: [{D9A94214-C8E8-4230-80EE-5C782497DB7F}] => (Allow) C:\Program Files (x86)\Steam\steamapps\common\Euro Truck Simulator 2\bin\win_x64\eurotrucks2.exe (SCS Software s.r.o. -> SCS Software)
FirewallRules: [{88E16755-3D9B-41FD-B3B8-2D85A857C763}] => (Allow) C:\Program Files (x86)\Steam\steamapps\common\Euro Truck Simulator 2\bin\win_x64\eurotrucks2.exe (SCS Software s.r.o. -> SCS Software)
FirewallRules: [{B4B4FC33-2AD5-442C-8083-B74880E57049}] => (Allow) C:\Program Files (x86)\Microsoft\Skype for Desktop\Skype.exe (Skype Software Sarl -> Skype Technologies S.A.)
FirewallRules: [{FE34723E-2B6D-4FFC-B3AE-B250CEBECB60}] => (Allow) C:\Program Files (x86)\Microsoft\Skype for Desktop\Skype.exe (Skype Software Sarl -> Skype Technologies S.A.)
FirewallRules: [{792FDF47-5350-4D52-8CAE-4521924497EA}] => (Allow) C:\Program Files (x86)\Steam\Steam.exe (Valve Corp. -> Valve Corporation)
FirewallRules: [{91C71BB2-0159-465F-ACCE-610835CDBC98}] => (Allow) C:\Program Files (x86)\Steam\Steam.exe (Valve Corp. -> Valve Corporation)
FirewallRules: [{047C5850-B00E-4B3B-91C7-4F3947BC516E}] => (Allow) C:\Program Files\Mozilla Firefox\firefox.exe (Mozilla Corporation -> Mozilla Corporation)
FirewallRules: [{FC235BF2-8819-4797-9AFF-B03CEB4A2EBD}] => (Allow) LPort=26789
FirewallRules: [{850C34E6-130E-4E08-838B-A1565E6A98F8}] => (Allow) C:\Program Files (x86)\Microsoft Office\root\Office16\Lync.exe (Microsoft Corporation -> Microsoft Corporation)
FirewallRules: [{8ED789BF-3563-4752-9749-3C55E1CA3A96}] => (Allow) C:\Program Files (x86)\Microsoft Office\root\Office16\UcMapi.exe (Microsoft Corporation -> Microsoft Corporation)
FirewallRules: [{11704895-B4EA-404E-9B23-EC284BE4385E}] => (Allow) C:\ProgramData\Logishrd\LogiOptions\Software\Current\LogiOptionsMgr.EXE (Logitech Inc -> Logitech, Inc.)
FirewallRules: [{37994ADD-2FB2-4A8C-BAF0-A917C5E0D057}] => (Allow) C:\Program Files\NVIDIA Corporation\NvContainer\nvcontainer.exe (Nvidia Corporation -> NVIDIA Corporation)
FirewallRules: [{8145253A-D5A5-4ADC-9C55-433FE1969E44}] => (Allow) C:\Program Files\NVIDIA Corporation\NvContainer\nvcontainer.exe (Nvidia Corporation -> NVIDIA Corporation)
FirewallRules: [{8E8071B1-69F5-40D7-BCA9-95DBA0FB64AE}] => (Allow) C:\Program Files\WindowsApps\Microsoft.SkypeApp_15.92.3204.0_x86__kzf8qxf38zg5c\Skype\Skype.exe (Skype Software Sarl -> Skype Technologies S.A.)
FirewallRules: [{D0E134A8-8D1D-4542-B50D-A2CB7251DC8A}] => (Allow) C:\Program Files\WindowsApps\Microsoft.SkypeApp_15.92.3204.0_x86__kzf8qxf38zg5c\Skype\Skype.exe (Skype Software Sarl -> Skype Technologies S.A.)
FirewallRules: [{46DF3F59-BA21-4E0A-B7BD-4A33836634F7}] => (Allow) C:\Program Files\WindowsApps\Microsoft.SkypeApp_15.92.3204.0_x86__kzf8qxf38zg5c\Skype\Skype.exe (Skype Software Sarl -> Skype Technologies S.A.)
FirewallRules: [{D62894F8-90CF-47DC-B3D3-924F281799CE}] => (Allow) C:\Program Files\WindowsApps\Microsoft.SkypeApp_15.92.3204.0_x86__kzf8qxf38zg5c\Skype\Skype.exe (Skype Software Sarl -> Skype Technologies S.A.)
FirewallRules: [{540CAC66-0AB1-4F90-83BA-018870892921}] => (Allow) C:\Program Files (x86)\Steam\steamapps\common\Mafia II Definitive Edition\2KLauncher\LauncherPatcher.exe => No File
FirewallRules: [{9EC3E7EA-AEEF-4200-814C-5CF9ED23D3BA}] => (Allow) C:\Program Files (x86)\Steam\steamapps\common\Mafia II Definitive Edition\2KLauncher\LauncherPatcher.exe => No File
FirewallRules: [{F1B18857-7608-4CCC-A0AE-5160EAA16E4C}] => (Allow) C:\Program Files\NVIDIA Corporation\NvContainer\nvcontainer.exe (Nvidia Corporation -> NVIDIA Corporation)
FirewallRules: [{04744872-CA85-4AA3-9C59-8D3B7649CF99}] => (Allow) C:\Program Files\NVIDIA Corporation\NvContainer\nvcontainer.exe (Nvidia Corporation -> NVIDIA Corporation)
FirewallRules: [{A632E585-5DEF-41E6-AC5D-CA019AF6FD59}] => (Allow) C:\Program Files\NVIDIA Corporation\NvStreamSrv\nvstreamer.exe (Nvidia Corporation -> NVIDIA Corporation)
FirewallRules: [{F5624AB1-6FDE-428C-A2C8-67556C546B07}] => (Allow) C:\Program Files\NVIDIA Corporation\NvStreamSrv\nvstreamer.exe (Nvidia Corporation -> NVIDIA Corporation)
FirewallRules: [{CF790B61-8316-4D8D-9D44-1A4ED8748529}] => (Allow) C:\Program Files (x86)\Steam\steamapps\common\SnowRunner\Sources\Bin\SnowRunner.exe (Focus Entertainment SA -> Focus Home Interactive)
FirewallRules: [{0F22F65D-C172-44A6-BB77-58E305DF596B}] => (Allow) C:\Program Files (x86)\Steam\steamapps\common\SnowRunner\Sources\Bin\SnowRunner.exe (Focus Entertainment SA -> Focus Home Interactive)
FirewallRules: [{11305E5E-627D-427A-A1EE-27C2287F7C1B}] => (Allow) C:\Program Files (x86)\Steam\steamapps\common\American Truck Simulator\bin\win_x64\amtrucks.exe (SCS Software s.r.o. -> SCS Software)
FirewallRules: [{4BBBF2D2-D0DB-4BFC-8439-ADD1E3AFA6AE}] => (Allow) C:\Program Files (x86)\Steam\steamapps\common\American Truck Simulator\bin\win_x64\amtrucks.exe (SCS Software s.r.o. -> SCS Software)
FirewallRules: [{95C75CF9-5DA9-4769-A317-371686D70E53}] => (Allow) C:\Program Files (x86)\Steam\steamapps\common\Euro Truck Simulator 2\bin\win_x64\eurotrucks2.exe (SCS Software s.r.o. -> SCS Software)
FirewallRules: [{5623C2C7-A4EA-4CCB-ABA5-0D789B93D300}] => (Allow) C:\Program Files (x86)\Steam\steamapps\common\Euro Truck Simulator 2\bin\win_x64\eurotrucks2.exe (SCS Software s.r.o. -> SCS Software)
FirewallRules: [{E0607DBB-6EAE-4CD7-9FE8-27EC2DFF5311}] => (Allow) C:\Program Files (x86)\Steam\steamapps\common\Euro Truck Simulator 2\bin\win_x86\eurotrucks2.exe (SCS Software s.r.o. -> SCS Software)
FirewallRules: [{AC89FA5B-0EEB-4C8C-8421-FA5F2085B48A}] => (Allow) C:\Program Files (x86)\Steam\steamapps\common\Euro Truck Simulator 2\bin\win_x86\eurotrucks2.exe (SCS Software s.r.o. -> SCS Software)
FirewallRules: [{11870AEA-1DD4-4E91-83B3-168C4F1E0A1A}] => (Allow) C:\Program Files (x86)\Microsoft Office\root\Office16\outlook.exe (Microsoft Corporation -> Microsoft Corporation)
FirewallRules: [{21D800F8-F238-4689-93AD-33FB9A6B618F}] => (Allow) C:\Program Files (x86)\Microsoft Office\root\Office16\Lync.exe (Microsoft Corporation -> Microsoft Corporation)
FirewallRules: [{7C942AD7-6A01-4818-B06A-3B9CAA993898}] => (Allow) C:\Program Files (x86)\Microsoft Office\root\Office16\UcMapi.exe (Microsoft Corporation -> Microsoft Corporation)
FirewallRules: [{3ADA5FAA-D9DB-4D76-BB6F-C25F0A57F999}] => (Allow) C:\Program Files (x86)\Microsoft\Skype for Desktop\Skype.exe (Skype Software Sarl -> Skype Technologies S.A.)
FirewallRules: [{BCE70800-3A0D-45D2-8730-14D171B5D7CB}] => (Allow) C:\Program Files (x86)\Microsoft\Skype for Desktop\Skype.exe (Skype Software Sarl -> Skype Technologies S.A.)
FirewallRules: [{2DF47F84-C6E3-4023-B69D-5CD33780D8F2}] => (Allow) C:\Program Files (x86)\Microsoft\EdgeWebView\Application\116.0.1938.62\msedgewebview2.exe (Microsoft Corporation -> Microsoft Corporation)

==================== Restore Points =========================

23-08-2023 17:46:05 Naplánovaný kontrolní bod

==================== Faulty Device Manager Devices ============


==================== Event log errors: ========================

Application errors:
==================
Error: (08/21/2023 07:42:11 PM) (Source: SetupARService) (EventID: 0) (User: )
Description: Službu nelze spustit. System.NullReferenceException: Odkaz na objekt není nastaven na instanci objektu.
v SetupAfterRebootService.SetupARService.OnStart(String[] args)
v System.ServiceProcess.ServiceBase.ServiceQueuedMainCallback(Object state)

Error: (08/18/2023 05:56:38 PM) (Source: Application Error) (EventID: 1000) (User: )
Description: Název chybující aplikace: wmiprvse.exe, verze: 10.0.19041.546, časové razítko: 0x5da7ab91
Název chybujícího modulu: unknown, verze: 0.0.0.0, časové razítko: 0x00000000
Kód výjimky: 0x80131623
Posun chyby: 0x00007ffebd6a200f
ID chybujícího procesu: 0x16bc
Čas spuštění chybující aplikace: 0x01d9d1ec921be394
Cesta k chybující aplikaci: C:\WINDOWS\system32\wbem\wmiprvse.exe
Cesta k chybujícímu modulu: unknown
ID zprávy: 41778f69-24f2-49e2-9677-0a1eb278bb54
Úplný název chybujícího balíčku:
ID aplikace související s chybujícím balíčkem:

Error: (08/18/2023 05:56:38 PM) (Source: .NET Runtime) (EventID: 1025) (User: )
Description: Application: wmiprvse.exe
Framework Version: v4.0.30319
Description: The application requested process termination through System.Environment.FailFast(string message).
Message: Byla vyvolána neočekávaná výjimka od poskytovatele:
System.IO.FileLoadException:
File name: 'Microsoft.AppV.AppvClientComConsumer, Version=10.0.0.0, Culture=neutral, PublicKeyToken=31bf3856ad364e35'
at Microsoft.AppV.AppvPublishingServerWMI.AppvPublishingServer.EnumeratePublishingServers()


Stack:
at System.Environment.FailFast(System.String)
at WmiNative.WbemProvider.WmiNative.IWbemServices.CreateInstanceEnumAsync(System.String, Int32, WmiNative.IWbemContext, WmiNative.IWbemObjectSink)

Error: (08/18/2023 05:56:37 PM) (Source: Microsoft Security Client) (EventID: 3002) (User: )
Description: Event-ID 3002

Error: (08/18/2023 05:56:37 PM) (Source: Microsoft Security Client) (EventID: 2002) (User: )
Description: Event-ID 2002

Error: (08/18/2023 05:56:37 PM) (Source: Microsoft Security Client) (EventID: 2003) (User: )
Description: Event-ID 2003

Error: (08/13/2023 08:20:11 PM) (Source: Application Hang) (EventID: 1002) (User: )
Description: Program steamwebhelper.exe verze 8.22.60.19 přestal spolupracovat s Windows a byl ukončen. Pokud chcete zjistit, jestli je k dispozici více informací o tomto problému, vyhledejte historii problému na ovládacím panelu Zabezpečení a údržba.

ID procesu: 35ac

Čas spuštění: 01d9ce03b6c8f95f

Čas ukončení: 4294967295

Cesta k aplikaci: C:\Program Files (x86)\Steam\bin\cef\cef.win7x64\steamwebhelper.exe

ID hlášení: 51425fb9-0b0f-4fb8-8853-555037300d14

Úplný název balíčku s chybou:

ID aplikace relativní podle balíčku s chybou:

Typ zablokování: Top level window is idle

Error: (08/13/2023 07:41:23 PM) (Source: VSS) (EventID: 8193) (User: )
Description: Chyba služby Stínová kopie svazků: Při volání rutiny QueryFullProcessImageNameW došlo k neočekávané chybě. hr= 0x80070006, Neplatný popisovač.
.


Operace:
Spouštění asynchronní operace

Kontext:
Aktuální stav: DoSnapshotSet


System errors:
=============
Error: (08/21/2023 10:04:23 PM) (Source: volsnap) (EventID: 36) (User: )
Description: Stínové kopie svazku C: byly přerušeny, protože z důvodu limitu stanoveného uživatelem se nepodařilo zvětšit úložiště stínové kopie.

Error: (08/21/2023 07:42:16 PM) (Source: BTHUSB) (EventID: 16) (User: )
Description: Vzájemné ověření mezi místním adaptérem Bluetooth a zařízením s adresou adaptéru Bluetooth (08:38:e6:68:63:a8) se nezdařilo.

Error: (08/13/2023 05:24:28 PM) (Source: Service Control Manager) (EventID: 7031) (User: )
Description: Služba NVIDIA LocalSystem Container byla nečekaně ukončena. Stalo se to 1 krát. Následující opravná akce bude spuštěna za 6000 milisekund: Restartovat službu.

Error: (08/13/2023 05:24:28 PM) (Source: Service Control Manager) (EventID: 7023) (User: )
Description: Služba NVIDIA LocalSystem Container byla ukončena s následující chybou:
Obecný spustitelný příkaz vrátil výsledek označující selhání.

Error: (08/09/2023 07:21:30 PM) (Source: BTHUSB) (EventID: 16) (User: )
Description: Vzájemné ověření mezi místním adaptérem Bluetooth a zařízením s adresou adaptéru Bluetooth (08:38:e6:68:63:a8) se nezdařilo.

Error: (08/08/2023 07:38:45 PM) (Source: BTHUSB) (EventID: 16) (User: )
Description: Vzájemné ověření mezi místním adaptérem Bluetooth a zařízením s adresou adaptéru Bluetooth (08:38:e6:68:63:a8) se nezdařilo.

Error: (08/02/2023 06:26:01 PM) (Source: Service Control Manager) (EventID: 7000) (User: )
Description: Služba Steam Client Service neuspěla při spuštění v důsledku následující chyby:
Služba neodpověděla na řídicí nebo zahajovací požadavek dostatečně včas.

Error: (08/02/2023 06:26:01 PM) (Source: Service Control Manager) (EventID: 7009) (User: )
Description: Při čekání na připojení služby Steam Client Service bylo dosaženo časového limitu (30000 ms).


Windows Defender:
================
Date: 2020-12-09 18:49:27
Description:
Antivirová ochrana v programu Microsoft Defender zjistil malware nebo jiný potenciálně nežádoucí software.
Další informace:
https://go.microsoft.com/fwlink/?linkid ... terprise=0
Název: Trojan:Win32/CloudCar_Test_File
Závažnost: Vážné
Kategorie: Trojský kůň
Cesta: file:_C:\Users\kaPL74\Desktop\cloudcar.exe
Původ detekce: Místní počítač
Typ detekce: FastPath
Zdroj detekce: Ochrana v reálném čase
Uživatel: PCKAPL\kaPL74
Název procesu: C:\Windows\explorer.exe
Verze bezpečnostních informací: AV: 1.327.2236.0, AS: 1.327.2236.0, NIS: 1.327.2236.0
Verze modulu: AM: 1.1.17600.5, NIS: 1.1.17600.5

CodeIntegrity:
===============
Date: 2023-08-28 18:06:24
Description:
Code Integrity determined that a process (\Device\HarddiskVolume7\Program Files\ESET\ESET Security\ekrn.exe) attempted to load \Device\HarddiskVolume7\Program Files\ESET\ESET Security\eamsi.dll that did not meet the Custom 3 / Antimalware signing level requirements.


==================== Memory info ===========================

BIOS: American Megatrends Inc. F10 12/14/2018
Motherboard: Gigabyte Technology Co., Ltd. B250M-D3H-CF
Processor: Intel(R) Core(TM) i7-7700K CPU @ 4.20GHz
Percentage of memory in use: 15%
Total physical RAM: 32727.6 MB
Available physical RAM: 27562.56 MB
Total Virtual: 34775.6 MB
Available Virtual: 28074.39 MB

==================== Drives ================================

Drive c: () (Fixed) (Total:930.88 GB) (Free:637.34 GB) (Model: Samsung SSD 970 EVO 1TB) NTFS
Drive d: (SSD disk) (Fixed) (Total:953.85 GB) (Free:656.95 GB) (Model: Verbatim Vi550 S3) NTFS
Drive e: (SSD disk) (Fixed) (Total:953.87 GB) (Free:690.56 GB) (Model: Verbatim Vi550 S3) NTFS

\\?\Volume{b5d0499e-b828-4e1c-9bed-e82b27d3d91a}\ (Obnovení) (Fixed) (Total:0.52 GB) (Free:0.09 GB) NTFS
\\?\Volume{14fdb315-38db-40bd-8c62-8f40fe6f7fce}\ () (Fixed) (Total:0.09 GB) (Free:0.07 GB) FAT32

==================== MBR & Partition Table ====================

==========================================================
Disk: 0 (Protective MBR) (Size: 953.9 GB) (Disk ID: 00000000)

Partition: GPT.

==========================================================
Disk: 1 (MBR Code: Windows 7/8/10) (Size: 953.9 GB) (Disk ID: 246A3A6A)
Partition 1: (Not Active) - (Size=953.9 GB) - (Type=07 NTFS)

==========================================================
Disk: 2 (Protective MBR) (Size: 931.5 GB) (Disk ID: 00000000)

Partition: GPT.

==================== End of Addition.txt =======================

[kodl74]

Scan result of Farbar Recovery Scan Tool (FRST) (x64) Version: 28-08-2023
Ran by kaPL74 (administrator) on KOODL (Gigabyte Technology Co., Ltd. B250M-D3H) (28-08-2023 18:57:39)
Running from C:\Users\kaPL74\Desktop\FRST64.exe
Loaded Profiles: kaPL74
Platform: Microsoft Windows 10 Pro Version 22H2 19045.3324 (X64) Language: Čeština (Česko)
Default browser: Opera
Boot Mode: Normal

==================== Processes (Whitelisted) =================

(If an entry is included in the fixlist, the process will be closed. The file will not be moved.)

(C:\Program Files (x86)\Steam\steam.exe ->) (Valve Corp. -> Valve Corporation) C:\Program Files (x86)\Steam\bin\cef\cef.win7x64\steamwebhelper.exe <6>
(C:\Program Files\ESET\ESET Security\ekrn.exe ->) (ESET, spol. s r.o. -> ESET) C:\Program Files\ESET\ESET Security\eguiProxy.exe
(C:\Users\kaPL74\AppData\Local\0install.net\implementations\sha256new_IA5ZAWY5757G2CCVTIIUZMVSBYDGFXZAP22TDTFSS74QEP3GNCDA\DeepL.exe ->) (The CefSharp Authors) [File not signed] C:\Users\kaPL74\AppData\Local\0install.net\implementations\sha256new_WNVUT4A7COIHUPNX3HWQQZD5BU3GEPFRMM3BLVJW4ICRXIJEKBJQ\CefSharp.BrowserSubprocess.exe <5>
(DeepL SE -> DeepL SE) C:\Users\kaPL74\AppData\Local\0install.net\implementations\sha256new_IA5ZAWY5757G2CCVTIIUZMVSBYDGFXZAP22TDTFSS74QEP3GNCDA\DeepL.exe
(explorer.exe ->) (SEIKO EPSON CORPORATION -> Seiko Epson Corporation) C:\Program Files (x86)\EPSON Software\Download Navigator\EPSDNMON.EXE
(explorer.exe ->) (SEIKO EPSON CORPORATION -> Seiko Epson Corporation) C:\Windows\System32\spool\drivers\x64\3\E_YATIUNE.EXE
(explorer.exe ->) (Skype Software Sarl -> Skype Technologies S.A.) C:\Program Files (x86)\Microsoft\Skype for Desktop\Skype.exe <6>
(explorer.exe ->) (Valve Corp. -> Valve Corporation) C:\Program Files (x86)\Steam\steam.exe
(explorer.exe ->) (Winstep Software Technologies) [File not signed] [File is in use] C:\Program Files (x86)\Winstep\Nexus.exe
(Nvidia Corporation -> Node.js) C:\Program Files (x86)\NVIDIA Corporation\NvNode\NVIDIA Web Helper.exe
(services.exe ->) (Electronic Arts, Inc. -> Electronic Arts) C:\Program Files (x86)\Origin\OriginWebHelperService.exe
(services.exe ->) (ESET, spol. s r.o. -> ESET) C:\Program Files\ESET\ESET Secure Data\dlpsrv.exe
(services.exe ->) (ESET, spol. s r.o. -> ESET) C:\Program Files\ESET\ESET Security\efwd.exe
(services.exe ->) (ESET, spol. s r.o. -> ESET) C:\Program Files\ESET\ESET Security\ekrn.exe
(services.exe ->) (Microsoft Corporation -> Microsoft Corporation) C:\Program Files\Common Files\microsoft shared\ClickToRun\OfficeClickToRun.exe
(services.exe ->) (Nvidia Corporation -> NVIDIA Corporation) C:\Program Files\NVIDIA Corporation\NvContainer\nvcontainer.exe <2>
(services.exe ->) (NVIDIA Corporation -> NVIDIA Corporation) C:\Windows\System32\DriverStore\FileRepository\nvmdi.inf_amd64_c885f29e168e777a\Display.NvContainer\NVDisplay.Container.exe <2>
(services.exe ->) (Realtek Semiconductor Corp. -> Realtek Semiconductor) C:\Windows\System32\RtkAudUService64.exe <2>
(services.exe ->) (SEIKO EPSON CORPORATION -> Seiko Epson Corporation) C:\Windows\System32\escsvc64.exe
(services.exe ->) (Valve Corp. -> Valve Corporation) C:\Program Files (x86)\Common Files\Steam\SteamService.exe
(services.exe ->) (Winstep Software Technologies) [File not signed] C:\Program Files (x86)\Winstep\WsxService.exe
(svchost.exe ->) (Microsoft Corporation -> Microsoft Corporation) C:\Program Files (x86)\Microsoft Office\root\Office16\SDXHelper.exe
(svchost.exe ->) (Microsoft Windows -> Microsoft Corporation) C:\Windows\System32\dllhost.exe <2>
(svchost.exe ->) (Microsoft Windows -> Microsoft Corporation) C:\Windows\System32\MoUsoCoreWorker.exe
(svchost.exe ->) (Microsoft Windows -> Microsoft Corporation) C:\Windows\System32\smartscreen.exe
(svchost.exe ->) (MICRO-STAR INTERNATIONAL CO., LTD. -> MSI) C:\Windows\SysWOW64\muachost.exe

==================== Registry (Whitelisted) ===================

(If an entry is included in the fixlist, the registry item will be restored to default or removed. The file will not be moved.)

HKLM\...\Run: [RtkAudUService] => C:\WINDOWS\System32\RtkAudUService64.exe [856288 2019-10-30] (Realtek Semiconductor Corp. -> Realtek Semiconductor)
HKLM\...\Run: [Logitech Download Assistant] => C:\Windows\system32\rundll32.exe C:\Windows\System32\LogiLDA.dll,LogiFetch [3831808 2021-08-30] (Microsoft Windows Hardware Compatibility Publisher -> Logitech)
HKLM\...\Run: [egui] => C:\Program Files\ESET\ESET Security\ecmds.exe [194704 2023-08-08] (ESET, spol. s r.o. -> ESET)
HKLM\...\Run: [LogiOptions] => C:\Program Files\Logitech\LogiOptions\LogiOptions.exe [1690368 2022-07-22] (Logitech Inc -> Logitech, Inc.)
HKLM\...\Run: [EPPCCMON] => C:\Program Files (x86)\EPSON Software\Epson Printer Connection Checker\EPPCCMON.EXE [455968 2023-05-26] (SEIKO EPSON CORPORATION -> Seiko Epson Corporation)
HKLM-x32\...\Run: [EEventManager] => C:\Program Files (x86)\Epson Software\Event Manager\EEventManager.exe [1318024 2021-04-15] (SEIKO EPSON CORPORATION -> Seiko Epson Corporation)
HKLM-x32\...\Run: [Adobe CCXProcess] => C:\Program Files (x86)\Adobe\Adobe Creative Cloud Experience\CCXProcess.exe [129288 2022-09-03] (Adobe Inc. -> )
HKLM\SOFTWARE\Microsoft\Windows Defender: [DisableAntiSpyware] Restriction <==== ATTENTION
HKLM\SOFTWARE\Microsoft\Windows Defender: [DisableAntiVirus] Restriction <==== ATTENTION
HKLM\Software\Policies\...\system: [DisableAcrylicBackgroundOnLogon] 1
HKU\S-1-5-21-3640345311-2590231575-3648685039-1001\...\Run: [Nexus] => C:\Program Files (x86)\Winstep\Nexus.exe [18025088 2022-07-08] (Winstep Software Technologies) [File not signed] [File is in use]
HKU\S-1-5-21-3640345311-2590231575-3648685039-1001\...\Run: [Skype for Desktop] => C:\Program Files (x86)\Microsoft\Skype for Desktop\Skype.exe [123262392 2023-08-17] (Skype Software Sarl -> Skype Technologies S.A.)
HKU\S-1-5-21-3640345311-2590231575-3648685039-1001\...\Run: [EPSDNMON] => C:\Program Files (x86)\Epson Software\Download Navigator\EPSDNMON.EXE [350032 2022-07-22] (SEIKO EPSON CORPORATION -> Seiko Epson Corporation)
HKU\S-1-5-21-3640345311-2590231575-3648685039-1001\...\Run: [MicrosoftEdgeAutoLaunch_7A1077EE3B991D247C5AEDA2F36CDE89] => "C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --no-startup-window --win-session-start /prefetch:5 [4107728 2023-08-25] (Microsoft Corporation -> Microsoft Corporation)
HKU\S-1-5-21-3640345311-2590231575-3648685039-1001\...\Run: [Opera Browser Assistant] => C:\Users\kaPL74\AppData\Local\Programs\Opera\assistant\browser_assistant.exe [3955608 2023-06-20] (Opera Norway AS -> Opera Software)
HKU\S-1-5-21-3640345311-2590231575-3648685039-1001\...\Run: [EPLTarget\P0000000000000000] => C:\WINDOWS\system32\spool\DRIVERS\x64\3\E_YATIUNE.EXE [416896 2017-09-22] (SEIKO EPSON CORPORATION -> Seiko Epson Corporation)
HKU\S-1-5-21-3640345311-2590231575-3648685039-1001\...\MountPoints2: {62f03951-55dc-11ed-abae-001a7dda7115} - "G:\Setup.exe"
HKU\S-1-5-21-3640345311-2590231575-3648685039-1001\...\MountPoints2: {62f03975-55dc-11ed-abae-001a7dda7115} - "G:\Setup.exe"
HKU\S-1-5-21-3640345311-2590231575-3648685039-1001\...\MountPoints2: {8f688a34-a5f2-11ed-abbf-001a7dda7115} - "G:\HonorSuiteOnlineInstaller.exe"
HKU\S-1-5-21-3640345311-2590231575-3648685039-1001\...\MountPoints2: {b94ff99e-4adc-11ed-abae-001a7dda7115} - "G:\HonorSuiteOnlineInstaller.exe"
HKU\S-1-5-21-3640345311-2590231575-3648685039-1001\...\MountPoints2: {dcb6a104-ffc3-11ed-abca-001a7dda7115} - "G:\HonorSuiteOnlineInstaller.exe"
HKU\S-1-5-21-3640345311-2590231575-3648685039-1001\Control Panel\Desktop\\SCRNSAVE.EXE -> C:\WINDOWS\padbury.scr [2560816 2020-06-06] (ICOFX SOFTWARE SRL -> icofx software srl)
HKLM\...\Print\Monitors\EPSON L3150 Series 64MonitorBE: C:\Windows\system32\E_YLMBUNE.DLL [184832 2017-07-14] (Microsoft Windows Hardware Compatibility Publisher -> Seiko Epson Corporation)
HKLM\Software\Microsoft\Active Setup\Installed Components: [{89B4C1CD-B018-4511-B0A1-5476DBF70820}] -> C:\Windows\System32\Rundll32.exe C:\Windows\System32\mscories.dll,Install
HKLM\Software\Wow6432Node\Microsoft\Active Setup\Installed Components: [{89B4C1CD-B018-4511-B0A1-5476DBF70820}] -> C:\Windows\SysWOW64\Rundll32.exe C:\Windows\SysWOW64\mscories.dll,Install
Startup: C:\Users\kaPL74\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup\DeepL auto-start.lnk [2022-10-30]
ShortcutTarget: DeepL auto-start.lnk -> C:\Users\kaPL74\AppData\Roaming\0install.net\desktop-integration\stubs\1eae01f3cdb5ff0ecf683b15a60a1489573c1188cb34abc205fcf7a924b4e54d\auto-start.exe () [File not signed]
Startup: C:\Users\kaPL74\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup\Poslat do aplikace OneNote.lnk [2020-02-29]
ShortcutTarget: Poslat do aplikace OneNote.lnk -> C:\Program Files (x86)\Microsoft Office\root\Office16\ONENOTEM.EXE (Microsoft Corporation -> Microsoft Corporation)

==================== Scheduled Tasks (Whitelisted) =================

(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)

Task: {11EBFE41-95A5-4E45-8A5C-2D51F45B21AE} - System32\Tasks\EPSON L3150 Series Update {3E87D914-2297-46A8-B3AA-F1E1A0BCFD52} => C:\WINDOWS\system32\spool\DRIVERS\x64\3\E_YTSUNE.EXE [680440 2017-06-07] (SEIKO EPSON CORPORATION -> Seiko Epson Corporation)
Task: {89C341EA-0656-4EC0-B4F9-E727B732C45D} - System32\Tasks\Microsoft\Office\Office Automatic Updates 2.0 => C:\Program Files\Common Files\Microsoft Shared\ClickToRun\OfficeC2RClient.exe [26656848 2023-08-13] (Microsoft Corporation -> Microsoft Corporation)
Task: {6C2A6D03-D289-44FB-BDB4-DDFB013DE41E} - System32\Tasks\Microsoft\Office\Office ClickToRun Service Monitor => C:\Program Files\Common Files\Microsoft Shared\ClickToRun\OfficeC2RClient.exe [26656848 2023-08-13] (Microsoft Corporation -> Microsoft Corporation)
Task: {2B69C065-7875-4178-99E1-0E9E485BB26D} - System32\Tasks\Microsoft\Office\Office Feature Updates => C:\Program Files (x86)\Microsoft Office\root\Office16\sdxhelper.exe [124568 2023-08-13] (Microsoft Corporation -> Microsoft Corporation)
Task: {3C01B7E2-1AE6-49B7-B2C0-0E0468F878E3} - System32\Tasks\Microsoft\Office\Office Feature Updates Logon => C:\Program Files (x86)\Microsoft Office\root\Office16\sdxhelper.exe [124568 2023-08-13] (Microsoft Corporation -> Microsoft Corporation)
Task: {D61E8447-27DB-438D-92E7-E53E2EBCF2E1} - System32\Tasks\Mozilla\Firefox Background Update 308046B0AF4A39CB => C:\Program Files\Mozilla Firefox\firefox.exe [687008 2023-08-18] (Mozilla Corporation -> Mozilla Corporation) -> --MOZ_LOG sync,prependheader,timestamp,append,maxsize:1,Dump:5 --MOZ_LOG_FILE C:\ProgramData\Mozilla-1de4eec8-1241-4177-a864-e594e8d1fb38\updates\308046B0AF4A39CB\backgroundupdate.moz_log --backgroundtask backgroundupdate
Task: {B86F7BF4-99E2-44B8-9B9E-D74D98AB70A9} - System32\Tasks\Mozilla\Firefox Default Browser Agent 308046B0AF4A39CB => C:\Program Files\Mozilla Firefox\default-browser-agent.exe [733088 2023-08-18] (Mozilla Corporation -> Mozilla Foundation)
Task: {CD03A155-5B1A-4F49-871D-3E36C2CBDB17} - System32\Tasks\MSISW_Host => C:\Windows\SysWOW64\muachost.exe [1692840 2015-08-18] (MICRO-STAR INTERNATIONAL CO., LTD. -> MSI)
Task: {2D898E52-EFC9-44B4-8054-224250F44AB1} - System32\Tasks\NvDriverUpdateCheckDaily_{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8} => C:\Program Files\NVIDIA Corporation\NvContainer\nvcontainer.exe [1003128 2022-03-15] (Nvidia Corporation -> NVIDIA Corporation) -> -d "C:\Program Files\NVIDIA Corporation\NvDriverUpdateCheck" -l 3 -f C:\ProgramData\NVIDIA\NvContainerDriverUpdateCheck.log
Task: {8E3CF02C-E3E2-4FA7-A112-F21820D4ADCD} - System32\Tasks\NVIDIA GeForce Experience SelfUpdate_{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8} => C:\Program Files\NVIDIA Corporation\NVIDIA GeForce Experience\NVIDIA GeForce Experience.exe [3342376 2023-01-27] (Nvidia Corporation -> NVIDIA Corporation)
Task: {28F2DC55-2DB9-48F8-AD56-0AD6D446A5E0} - System32\Tasks\NvNodeLauncher_{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8} => C:\Program Files (x86)\NVIDIA Corporation\NvNode\nvnodejslauncher.exe [649784 2023-01-20] (NVIDIA Corporation -> NVIDIA Corporation)
Task: {96F47F2C-456E-4858-B57F-36D43ACDF298} - System32\Tasks\NvProfileUpdaterDaily_{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8} => C:\Program Files\NVIDIA Corporation\Update Core\NvProfileUpdater64.exe [910888 2023-01-20] (NVIDIA Corporation -> NVIDIA Corporation)
Task: {8F38BC56-B775-4D7D-8122-888B38D23D62} - System32\Tasks\NvProfileUpdaterOnLogon_{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8} => C:\Program Files\NVIDIA Corporation\Update Core\NvProfileUpdater64.exe [910888 2023-01-20] (NVIDIA Corporation -> NVIDIA Corporation)
Task: {8D7DA48E-219D-4551-8EFE-F90D2F1D4FD8} - System32\Tasks\NvTmRep_CrashReport1_{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8} => C:\Program Files\NVIDIA Corporation\NvBackend\NvTmRep.exe [1665064 2023-01-20] (NVIDIA Corporation -> NVIDIA Corporation)
Task: {D213477E-D58B-4914-ABD6-A35E4FDE7551} - System32\Tasks\NvTmRep_CrashReport2_{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8} => C:\Program Files\NVIDIA Corporation\NvBackend\NvTmRep.exe [1665064 2023-01-20] (NVIDIA Corporation -> NVIDIA Corporation)
Task: {ED3992CE-30F1-4C24-9DDA-1EE710F2D2CD} - System32\Tasks\NvTmRep_CrashReport3_{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8} => C:\Program Files\NVIDIA Corporation\NvBackend\NvTmRep.exe [1665064 2023-01-20] (NVIDIA Corporation -> NVIDIA Corporation)
Task: {F1D76797-A6FF-4BB2-9A50-3146AEAD2DAD} - System32\Tasks\NvTmRep_CrashReport4_{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8} => C:\Program Files\NVIDIA Corporation\NvBackend\NvTmRep.exe [1665064 2023-01-20] (NVIDIA Corporation -> NVIDIA Corporation)
Task: {23690AA0-E8FB-499C-A3D1-CA71C6DBE921} - System32\Tasks\Opera scheduled assistant Autoupdate 1652869670 => C:\Users\kaPL74\AppData\Local\Programs\Opera\launcher.exe [2730912 2023-08-09] (Opera Norway AS -> Opera Software) -> --scheduledautoupdate --component-name=assistant --component-path="C:\Users\kaPL74\AppData\Local\Programs\Opera\assistant" $(Arg0)
Task: {9917C394-D95A-4821-BC3E-C8C386373F6F} - System32\Tasks\Opera scheduled Autoupdate 1652869668 => C:\Users\kaPL74\AppData\Local\Programs\Opera\launcher.exe [2730912 2023-08-09] (Opera Norway AS -> Opera Software)
Task: {AEB78506-86E7-4488-A9E5-FA196B7F48A7} - System32\Tasks\TrackerAutoUpdate => C:\Program Files\Tracker Software\Update\TrackerUpdate.exe [4487904 2016-04-19] (Tracker Software Products (Canada) Ltd -> Tracker Software Products (Canada) Ltd.)

(If an entry is included in the fixlist, the task (.job) file will be moved. The file which is running by the task will not be moved.)

Task: C:\WINDOWS\Tasks\EPSON L3150 Series Update {3E87D914-2297-46A8-B3AA-F1E1A0BCFD52}.job => C:\WINDOWS\system32\spool\DRIVERS\x64\3\E_YTSUNE.EXE:/EXE:{3E87D914-2297-46A8-B3AA-F1E1A0BCFD52} /F:UpdateWORKGROUP\KOODL$ĊSearches for EPSON software updates, and notifies you when updates are available.If this task is disabled or stopped, your EPSON software will not be automatically kept up to date.Thi
Task: C:\WINDOWS\Tasks\MSISW_Host.job => C:\WINDOWS\SysWOW64\muachost.exe
Task: C:\WINDOWS\Tasks\TrackerAutoUpdate.job => C:\Program Files\Tracker Software\Update\TrackerUpdate.exe-CheckUpdate(Tracker Software Products (Canada) Ltd.Kee

==================== Internet (Whitelisted) ====================

(If an item is included in the fixlist, if it is a registry item it will be removed or restored to default.)

Tcpip\Parameters: [DhcpNameServer] 192.168.100.1
Tcpip\..\Interfaces\{04687598-79ac-424b-a997-68cfe11fc2ae}: [DhcpNameServer] 192.168.100.1

Edge:
=======
Edge DefaultProfile: Default
Edge Profile: C:\Users\kaPL74\AppData\Local\Microsoft\Edge\User Data\Default [2023-07-30]
Edge Extension: (Edge relevant text changes) - C:\Users\kaPL74\AppData\Local\Microsoft\Edge\User Data\Default\Extensions\jmjflgjpcpepeafmmgdpfkogkghcpiha [2023-07-27]

FireFox:
========
FF DefaultProfile: suv7x4pj.default
FF ProfilePath: C:\Users\kaPL74\AppData\Roaming\Mozilla\Firefox\Profiles\suv7x4pj.default [2023-05-02]
FF Homepage: Mozilla\Firefox\Profiles\suv7x4pj.default -> about:home
FF NewTab: Mozilla\Firefox\Profiles\suv7x4pj.default -> about:newtab
FF Notifications: Mozilla\Firefox\Profiles\suv7x4pj.default -> hxxps://www.slevomat.cz
FF Extension: (Blokátor reklam AdGuard) - C:\Users\kaPL74\AppData\Roaming\Mozilla\Firefox\Profiles\suv7x4pj.default\Extensions\adguardadblocker@adguard.com.xpi [2020-01-05]
FF Extension: (Český slovník pro kontrolu pravopisu) - C:\Users\kaPL74\AppData\Roaming\Mozilla\Firefox\Profiles\suv7x4pj.default\Extensions\cs@dictionaries.addons.mozilla.org.xpi [2019-01-05]
FF Extension: (To Google Translate) - C:\Users\kaPL74\AppData\Roaming\Mozilla\Firefox\Profiles\suv7x4pj.default\Extensions\jid1-93WyvpgvxzGATw@jetpack.xpi [2019-12-07]
FF ProfilePath: C:\Users\kaPL74\AppData\Roaming\Mozilla\Firefox\Profiles\bdftw427.default-release [2023-08-28]
FF Homepage: Mozilla\Firefox\Profiles\bdftw427.default-release -> hxxps://www.seznam.cz/
FF NewTab: Mozilla\Firefox\Profiles\bdftw427.default-release -> about:newtab
FF Notifications: Mozilla\Firefox\Profiles\bdftw427.default-release -> hxxps://www.slevomat.cz
FF NewTabOverride: Mozilla\Firefox\Profiles\bdftw427.default-release -> Enabled: wikipedia@search.mozilla.org
FF NewTabOverride: Mozilla\Firefox\Profiles\bdftw427.default-release -> Enabled: google@search.mozilla.org
FF Extension: (Blokátor reklam AdGuard) - C:\Users\kaPL74\AppData\Roaming\Mozilla\Firefox\Profiles\bdftw427.default-release\Extensions\adguardadblocker@adguard.com.xpi [2023-07-19]
FF Extension: (Český slovník pro kontrolu pravopisu) - C:\Users\kaPL74\AppData\Roaming\Mozilla\Firefox\Profiles\bdftw427.default-release\Extensions\cs@dictionaries.addons.mozilla.org.xpi [2021-06-23]
FF Extension: (Firefox Color) - C:\Users\kaPL74\AppData\Roaming\Mozilla\Firefox\Profiles\bdftw427.default-release\Extensions\FirefoxColor@mozilla.com.xpi [2021-11-20]
FF Extension: (To Google Translate) - C:\Users\kaPL74\AppData\Roaming\Mozilla\Firefox\Profiles\bdftw427.default-release\Extensions\jid1-93WyvpgvxzGATw@jetpack.xpi [2022-08-07]
FF HKLM-x32\...\Firefox\Extensions: [e-webprint@epson.com] - C:\Program Files (x86)\Epson Software\E-Web Print\Firefox Add-on
FF Extension: (E-Web Print) - C:\Program Files (x86)\Epson Software\E-Web Print\Firefox Add-on [2020-03-18] [Legacy] [not signed]
FF Plugin: @docu-track.com/PDF-XChange Viewer Plugin,version=1.0,application/pdf -> C:\Program Files\Tracker Software\PDF Viewer\npPDFXCviewNPPlugin.dll [2016-04-19] (Tracker Software Products (Canada) Ltd -> Tracker Software Products (Canada) Ltd.)
FF Plugin: @videolan.org/vlc,version=3.0.8 -> C:\Program Files\VideoLAN\VLC\npvlc.dll [2022-11-08] (VideoLAN -> VideoLAN)
FF Plugin-x32: @docu-track.com/PDF-XChange Viewer Plugin,version=1.0,application/pdf -> C:\Program Files\Tracker Software\PDF Viewer\Win32\npPDFXCviewNPPlugin.dll [2016-04-19] (Tracker Software Products (Canada) Ltd -> Tracker Software Products (Canada) Ltd.)
FF Plugin-x32: @microsoft.com/Lync,version=15.0 -> C:\Program Files (x86)\Microsoft Office\root\VFS\ProgramFilesX86\Mozilla Firefox\plugins\npmeetingjoinpluginoc.dll [2023-08-01] (Microsoft Corporation -> Microsoft Corporation)
FF Plugin-x32: @microsoft.com/SharePoint,version=14.0 -> C:\Program Files (x86)\Microsoft Office\root\Office16\NPSPWRAP.DLL [2023-08-01] (Microsoft Corporation -> Microsoft Corporation)
FF Plugin HKU\S-1-5-21-3640345311-2590231575-3648685039-1001: @docu-track.com/PDF-XChange Viewer Plugin,version=1.0,application/pdf -> C:\Program Files\Tracker Software\PDF Viewer\Win32\npPDFXCviewNPPlugin.dll [2016-04-19] (Tracker Software Products (Canada) Ltd -> Tracker Software Products (Canada) Ltd.)
FF ExtraCheck: C:\Program Files\mozilla firefox\defaults\pref\eset_security_config_overlay.js [2023-08-28]

Opera:
=======
OPR Profile: C:\Users\kaPL74\AppData\Roaming\Opera Software\Opera Stable [2023-08-28]
OPR DownloadDir: C:\Users\kaPL74\Downloads
OPR StartupUrls: Opera Stable -> "hxxps://www.seznam.cz/"
OPR DefaultSearchURL: Opera Stable -> hxxps://www.google.com/search?client=opera&q={s ... utEncoding}
OPR DefaultSearchKeyword: Opera Stable -> g
OPR Extension: (Blokátor reklam AdGuard) - C:\Users\kaPL74\AppData\Roaming\Opera Software\Opera Stable\Extensions\bopfaehpakahokaelnomggbohfbimcia [2023-07-15]
OPR Extension: (Translator) - C:\Users\kaPL74\AppData\Roaming\Opera Software\Opera Stable\Extensions\cnbpedcoekjafichoehopgaaldogogch [2023-06-01]
OPR Extension: (Rich Hints Agent) - C:\Users\kaPL74\AppData\Roaming\Opera Software\Opera Stable\Extensions\enegjkbbakeegngfapepobipndnebkdk [2023-07-11]
OPR Extension: (Opera Wallet) - C:\Users\kaPL74\AppData\Roaming\Opera Software\Opera Stable\Extensions\gojhcdgcpbpfigcaejpfhfegekdgiblk [2023-08-25]
OPR Extension: (Aria) - C:\Users\kaPL74\AppData\Roaming\Opera Software\Opera Stable\Extensions\igpdmclhhlcpoindmhkhillbfhdgoegm [2023-08-21]
OPR Extension: (Amazon Assistant Promotion) - C:\Users\kaPL74\AppData\Roaming\Opera Software\Opera Stable\Extensions\kbmoiomgmchbpihhdpabemajcbjpcijk [2023-05-02]
OPR Extension: (opera-intro) - C:\Users\kaPL74\AppData\Local\Programs\Opera\101.0.4843.33\resources\opera_intro_extension [2023-08-08]

==================== Services (Whitelisted) ===================

(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)

R2 ClickToRunSvc; C:\Program Files\Common Files\Microsoft Shared\ClickToRun\OfficeClickToRun.exe [11878368 2023-08-13] (Microsoft Corporation -> Microsoft Corporation)
R2 dlpsrv; C:\Program Files\ESET\ESET Secure Data\dlpsrv.exe [707864 2022-08-24] (ESET, spol. s r.o. -> ESET)
R2 efwd; C:\Program Files\ESET\ESET Security\efwd.exe [2528888 2023-08-08] (ESET, spol. s r.o. -> ESET)
R2 ekrn; C:\Program Files\ESET\ESET Security\ekrn.exe [3860792 2023-08-08] (ESET, spol. s r.o. -> ESET)
R3 ekrnEpfw; C:\Program Files\ESET\ESET Security\ekrn.exe [3860792 2023-08-08] (ESET, spol. s r.o. -> ESET)
R2 EpsonScanSvc; C:\WINDOWS\system32\EscSvc64.exe [206304 2020-10-02] (SEIKO EPSON CORPORATION -> Seiko Epson Corporation)
S3 MBAMService; C:\Program Files\Malwarebytes\Anti-Malware\MBAMService.exe [9258016 2023-06-07] (Malwarebytes Inc. -> Malwarebytes)
S3 Origin Client Service; C:\Program Files (x86)\Origin\OriginClientService.exe [2579272 2022-08-09] (Electronic Arts, Inc. -> Electronic Arts)
R2 Origin Web Helper Service; C:\Program Files (x86)\Origin\OriginWebHelperService.exe [3497808 2022-08-09] (Electronic Arts, Inc. -> Electronic Arts)
S3 Sense; C:\Program Files\Windows Defender Advanced Threat Protection\MsSense.exe [402200 2023-08-09] (Microsoft Windows Publisher -> Microsoft Corporation)
S2 SetupARService; C:\Program Files (x86)\Realtek\Audio\SetupAfterRebootService.exe [10752 2020-02-29] () [File not signed]
S3 WdNisSvc; C:\ProgramData\Microsoft\Windows Defender\platform\4.18.2009.7-0\NisSrv.exe [2372048 2020-10-24] (Microsoft Windows Publisher -> Microsoft Corporation)
S3 WinDefend; C:\ProgramData\Microsoft\Windows Defender\platform\4.18.2009.7-0\MsMpEng.exe [128376 2020-10-24] (Microsoft Windows Publisher -> Microsoft Corporation)
R2 Winstep Xtreme Service; C:\Program Files (x86)\Winstep\WsxService.exe [777216 2019-10-29] (Winstep Software Technologies) [File not signed]
R2 NVDisplay.ContainerLocalSystem; C:\WINDOWS\System32\DriverStore\FileRepository\nvmdi.inf_amd64_c885f29e168e777a\Display.NvContainer\NVDisplay.Container.exe -s NVDisplay.ContainerLocalSystem -f %ProgramData%\NVIDIA\NVDisplay.ContainerLocalSystem.log -l 3 -d C:\WINDOWS\System32\DriverStore\FileRepository\nvmdi.inf_amd64_c885f29e168e777a\Display.NvContainer\plugins\LocalSystem -r -p 30000 -cfg NVDisplay.ContainerLocalSystem\LocalSystem

===================== Drivers (Whitelisted) ===================

(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)

S3 AppleKmdfFilter; C:\WINDOWS\System32\drivers\AppleKmdfFilter.sys [20032 2020-10-09] (WDKTestCert build,132303256403278908 -> Apple Inc.)
S3 AppleLowerFilter; C:\WINDOWS\System32\drivers\AppleLowerFilter.sys [35976 2020-10-09] (WDKTestCert build,132303256403278908 -> Apple Inc.)
R0 DLMFENC; C:\WINDOWS\System32\DRIVERS\DLMFENC.sys [242168 2022-09-21] (ESET, spol. s r.o. -> ESET, spol. s r.o.)
R0 DLPCRYPT; C:\WINDOWS\System32\DRIVERS\dlpcrypt.sys [121728 2022-08-24] (DESlock Limited -> DESlock Ltd.)
R0 dlpvdisk; C:\WINDOWS\System32\DRIVERS\dlpvdisk.sys [98296 2022-08-24] (DESlock Limited -> DESlock Ltd.)
S3 DroidCam; C:\WINDOWS\System32\drivers\droidcam.sys [32240 2020-04-10] (Microsoft Windows Hardware Compatibility Publisher -> Dev47Apps)
S3 DroidCamVideo; C:\WINDOWS\System32\DriverStore\FileRepository\droidcamvideo.inf_amd64_47e18363cbf3dfe0\droidcamvideo.sys [33784 2021-04-10] (Microsoft Windows Hardware Compatibility Publisher -> Windows (R) Win 7 DDK provider)
R1 eamonm; C:\WINDOWS\System32\DRIVERS\eamonm.sys [208704 2023-07-28] (ESET, spol. s r.o. -> ESET)
R0 edevmon; C:\WINDOWS\System32\DRIVERS\edevmon.sys [118904 2023-07-28] (ESET, spol. s r.o. -> ESET)
S4 edevmonm; C:\WINDOWS\System32\DRIVERS\edevmonm.sys [122560 2023-07-28] (ESET, spol. s r.o. -> ESET)
S0 eelam; C:\WINDOWS\System32\DRIVERS\eelam.sys [16336 2022-08-23] (Microsoft Windows Early Launch Anti-malware Publisher -> ESET)
R1 ehdrv; C:\WINDOWS\system32\DRIVERS\ehdrv.sys [249544 2023-07-28] (ESET, spol. s r.o. -> ESET)
R2 ekbdflt; C:\WINDOWS\system32\DRIVERS\ekbdflt.sys [55424 2023-07-28] (ESET, spol. s r.o. -> ESET)
R1 epfw; C:\WINDOWS\system32\DRIVERS\epfw.sys [81712 2023-07-28] (ESET, spol. s r.o. -> ESET)
R1 epfwwfp; C:\WINDOWS\system32\DRIVERS\epfwwfp.sys [123040 2023-07-28] (ESET, spol. s r.o. -> ESET)
S3 I2cHkBurn; C:\WINDOWS\system32\drivers\I2cHkBurn.sys [41760 2015-07-27] (Feature Integration Technology -> FINTEK Corp.)
S0 MbamElam; C:\WINDOWS\System32\DRIVERS\MbamElam.sys [21480 2023-06-07] (Microsoft Windows Early Launch Anti-malware Publisher -> Malwarebytes)
S3 MBAMSwissArmy; C:\WINDOWS\System32\Drivers\mbamswissarmy.sys [239544 2023-06-07] (Microsoft Windows Hardware Compatibility Publisher -> Malwarebytes)
R3 NvModuleTracker; C:\WINDOWS\System32\DriverStore\FileRepository\nvmoduletracker.inf_amd64_0c1cc60a4b422185\NvModuleTracker.sys [45656 2022-07-14] (Nvidia Corporation -> NVIDIA Corporation)
R0 secnvme; C:\WINDOWS\System32\drivers\secnvme.sys [133944 2020-01-20] (Samsung Electronics Co., Ltd. -> Samsung Electronics Co., Ltd)
R0 VDLPToken2; C:\WINDOWS\System32\DRIVERS\vdlptkn2.sys [135672 2022-08-24] (DESlock Limited -> DESlock Ltd.)
S3 WdBoot; C:\WINDOWS\system32\drivers\wd\WdBoot.sys [48536 2020-10-24] (Microsoft Windows Early Launch Anti-malware Publisher -> Microsoft Corporation)
S3 WDC_SAM; C:\WINDOWS\System32\drivers\wdcsam64.sys [35584 2018-02-26] (WDKTestCert wdclab,130885612892544312 -> Western Digital Technologies, Inc.)
S3 WdFilter; C:\WINDOWS\system32\drivers\wd\WdFilter.sys [428264 2020-10-24] (Microsoft Windows -> Microsoft Corporation)
S3 wdm_usb; C:\WINDOWS\system32\DRIVERS\usb2ser.sys [151184 2016-07-15] (NGO -> MBB)
S3 WdNisDrv; C:\WINDOWS\System32\drivers\wd\WdNisDrv.sys [69864 2020-10-24] (Microsoft Windows -> Microsoft Corporation)
S1 amsdk; \??\C:\WINDOWS\system32\drivers\amsdk.sys [X]

==================== NetSvcs (Whitelisted) ===================

(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)


==================== One month (created) (Whitelisted) =========

(If an entry is included in the fixlist, the file/folder will be moved.)

2023-08-28 18:57 - 2023-08-28 18:58 - 000027813 _____ C:\Users\kaPL74\Desktop\FRST.txt
2023-08-28 18:57 - 2023-08-28 18:57 - 000000000 ____D C:\FRST
2023-08-28 18:55 - 2023-08-28 18:55 - 002382336 _____ (Farbar) C:\Users\kaPL74\Desktop\FRST64.exe
2023-08-28 18:39 - 2023-08-06 12:46 - 000053333 _____ C:\Users\kaPL74\Desktop\Informace k platbě Vašeho pojištění č 4780506899.pdf
2023-08-28 18:37 - 2023-08-28 13:07 - 000083502 _____ C:\Users\kaPL74\Desktop\Roční přehled o pojištění ke smlouvě 4082587062.pdf
2023-08-28 18:37 - 2023-08-28 13:07 - 000050304 _____ C:\Users\kaPL74\Desktop\Informace k platbě Vašeho pojištění č 4082587062.pdf
2023-08-28 12:14 - 2023-08-28 12:14 - 000000000 ____D C:\Users\kaPL74\AppData\Local\DeepL_SE
2023-08-27 19:28 - 2023-08-27 19:28 - 000017656 _____ C:\Users\kaPL74\Downloads\[SkT]_Pappa_Mia!___About_My_Father_(2023)(CZ)[WEBrip][1080p]_=_CSFD_53%.torrent
2023-08-27 19:27 - 2023-08-27 19:27 - 000016803 _____ C:\Users\kaPL74\Downloads\[SkT]Meg_2 _Příkop___Meg_2 _The_Trench_(2023)[WEBRip][1080p]_=_CSFD_55%.torrent
2023-08-27 19:26 - 2023-08-27 19:26 - 000064928 _____ C:\Users\kaPL74\Downloads\[SkT]Meg_2 _Příkop___Meg_2 _The_Trench_(2023)[WEBRip][2160p]_=_CSFD_55%.torrent
2023-08-25 20:57 - 2023-08-25 20:57 - 000033637 _____ C:\Users\kaPL74\Downloads\[SkT]Meg_2 _Příkop___Meg_2 _The_Trench_(2023)[1080p][WEBRip]_=_CSFD_57%.torrent
2023-08-23 16:44 - 2023-08-23 16:44 - 000000000 ____D C:\Users\kaPL74\Desktop\Nová složka
2023-08-21 19:44 - 2023-08-21 19:48 - 166345415 _____ C:\Users\kaPL74\Desktop\Spider-Man-Napric-Paralelnimy-Svety-2023-WEBRip-1080p-CZ-Dab.mkv
2023-08-15 18:58 - 2023-08-15 18:58 - 000039556 _____ C:\Users\kaPL74\Downloads\[SkT]Mezi_živly___Elemental_(2023)(CZ_SK_Titulky)[Webrip]_=_CSFD_78%.torrent
2023-08-14 21:54 - 2023-08-14 21:56 - 023617704 _____ C:\Users\kaPL74\Downloads\BTBB Online QSR 1-21c.pdf
2023-08-14 21:51 - 2023-08-14 21:52 - 008271986 _____ C:\Users\kaPL74\Downloads\Alpha Strike Quick Start Rules 2019-08.pdf
2023-08-14 12:58 - 2023-08-14 12:58 - 000058226 _____ C:\Users\kaPL74\Downloads\[SkT]Mavka _Strážkyně_lesa___Mavka._Lisova_pisňa_(2022)[WebRip][1080p]_=_CSFD_63%.torrent
2023-08-13 20:46 - 2023-08-13 20:46 - 000046236 _____ C:\Users\kaPL74\Downloads\[SkT]Rychle_a_zběsile_10___Fast_X_(2023)(CZ_EN)[WEBRip][1080p]_=_CSFD_57%.torrent
2023-08-13 19:53 - 2023-08-13 19:53 - 004288114 _____ C:\Users\kaPL74\Downloads\Návod k použití CZ.pdf
2023-08-13 17:21 - 2023-08-05 22:55 - 001487472 _____ (Khronos Group) C:\WINDOWS\system32\OpenCL.dll
2023-08-13 17:21 - 2023-08-05 22:55 - 001226864 _____ (Khronos Group) C:\WINDOWS\SysWOW64\OpenCL.dll
2023-08-13 17:21 - 2023-08-05 22:55 - 000849080 _____ C:\WINDOWS\system32\vulkaninfo-1-999-0-0-0.exe
2023-08-13 17:21 - 2023-08-05 22:55 - 000849080 _____ C:\WINDOWS\system32\vulkaninfo.exe
2023-08-13 17:21 - 2023-08-05 22:55 - 000713912 _____ C:\WINDOWS\SysWOW64\vulkaninfo-1-999-0-0-0.exe
2023-08-13 17:21 - 2023-08-05 22:55 - 000713912 _____ C:\WINDOWS\SysWOW64\vulkaninfo.exe
2023-08-13 17:21 - 2023-08-05 22:55 - 000653504 _____ C:\WINDOWS\system32\vulkan-1-999-0-0-0.dll
2023-08-13 17:21 - 2023-08-05 22:55 - 000653504 _____ C:\WINDOWS\system32\vulkan-1.dll
2023-08-13 17:21 - 2023-08-05 22:55 - 000637112 _____ C:\WINDOWS\SysWOW64\vulkan-1-999-0-0-0.dll
2023-08-13 17:21 - 2023-08-05 22:55 - 000637112 _____ C:\WINDOWS\SysWOW64\vulkan-1.dll
2023-08-13 17:20 - 2023-08-05 22:51 - 000920712 _____ (NVIDIA Corporation) C:\WINDOWS\system32\nvml.dll
2023-08-13 17:20 - 2023-08-05 22:51 - 000668792 _____ C:\WINDOWS\system32\nvofapi64.dll
2023-08-13 17:20 - 2023-08-05 22:51 - 000503928 _____ C:\WINDOWS\SysWOW64\nvofapi.dll
2023-08-13 17:20 - 2023-08-05 22:50 - 002167928 _____ (NVIDIA Corporation) C:\WINDOWS\system32\NvFBC64.dll
2023-08-13 17:20 - 2023-08-05 22:50 - 001621616 _____ (NVIDIA Corporation) C:\WINDOWS\SysWOW64\NvFBC.dll
2023-08-13 17:20 - 2023-08-05 22:50 - 001538072 _____ (NVIDIA Corporation) C:\WINDOWS\system32\NvIFR64.dll
2023-08-13 17:20 - 2023-08-05 22:50 - 001195024 _____ (NVIDIA Corporation) C:\WINDOWS\SysWOW64\NvIFR.dll
2023-08-13 17:20 - 2023-08-05 22:50 - 000992376 _____ (NVIDIA Corporation) C:\WINDOWS\system32\nvEncodeAPI64.dll
2023-08-13 17:20 - 2023-08-05 22:50 - 000776328 _____ (NVIDIA Corporation) C:\WINDOWS\system32\nvidia-smi.exe
2023-08-13 17:20 - 2023-08-05 22:50 - 000769160 _____ (NVIDIA Corporation) C:\WINDOWS\SysWOW64\nvEncodeAPI.dll
2023-08-13 17:20 - 2023-08-05 22:49 - 014520856 _____ (NVIDIA Corporation) C:\WINDOWS\SysWOW64\nvcuvid.dll
2023-08-13 17:20 - 2023-08-05 22:49 - 012066952 _____ (NVIDIA Corporation) C:\WINDOWS\system32\nvcuvid.dll
2023-08-13 17:20 - 2023-08-05 22:49 - 006190616 _____ (NVIDIA Corporation) C:\WINDOWS\SysWOW64\nvcuda.dll
2023-08-13 17:20 - 2023-08-05 22:49 - 003483160 _____ (NVIDIA Corporation) C:\WINDOWS\system32\nvcuda.dll
2023-08-13 17:20 - 2023-08-05 22:49 - 000459376 _____ (NVIDIA Corporation) C:\WINDOWS\system32\nvdebugdump.exe
2023-08-13 17:20 - 2023-08-05 22:48 - 005845104 _____ (NVIDIA Corporation) C:\WINDOWS\system32\nvcpl.dll
2023-08-13 17:20 - 2023-08-05 22:48 - 005550728 _____ (NVIDIA Corporation) C:\WINDOWS\system32\nvcudadebugger.dll
2023-08-13 17:20 - 2023-08-05 22:48 - 000853000 _____ (NVIDIA Corporation) C:\WINDOWS\system32\MCU.exe
2023-08-13 17:20 - 2023-08-05 22:46 - 006738136 _____ (NVIDIA Corporation) C:\WINDOWS\SysWOW64\nvapi.dll
2023-08-13 17:20 - 2023-08-05 06:08 - 000108142 _____ C:\WINDOWS\system32\nvinfo.pb
2023-08-09 18:33 - 2023-08-09 18:33 - 000000000 ___HD C:\$WinREAgent
2023-08-09 12:01 - 2023-08-09 19:21 - 000000931 _____ C:\WINDOWS\Tasks\EPSON L3150 Series Update {3E87D914-2297-46A8-B3AA-F1E1A0BCFD52}.job
2023-08-09 12:01 - 2023-08-09 12:01 - 000004126 _____ C:\WINDOWS\system32\Tasks\EPSON L3150 Series Update {3E87D914-2297-46A8-B3AA-F1E1A0BCFD52}

==================== One month (modified) ==================

(If an entry is included in the fixlist, the file/folder will be moved.)

2023-08-28 18:49 - 2020-02-29 23:17 - 000000000 ____D C:\Program Files (x86)\Steam
2023-08-28 18:36 - 2020-02-29 23:49 - 000000000 ___RD C:\Users\kaPL74\Documents\Euro Truck Simulator 2
2023-08-28 18:06 - 2020-03-08 21:47 - 000000000 ____D C:\ProgramData\NVIDIA
2023-08-28 18:06 - 2020-02-29 23:17 - 000000000 ____D C:\Users\kaPL74\AppData\Roaming\Microsoft\Skype for Desktop
2023-08-28 13:33 - 2020-08-23 11:23 - 000000000 ____D C:\WINDOWS\system32\SleepStudy
2023-08-28 13:33 - 2020-02-29 20:58 - 000000000 ____D C:\Users\Public\Documents\Winstep
2023-08-28 13:12 - 2019-12-07 11:14 - 000000000 ____D C:\ProgramData\regid.1991-06.com.microsoft
2023-08-28 12:30 - 2023-02-28 11:24 - 000000000 ____D C:\Users\kaPL74\AppData\Roaming\vlc
2023-08-27 22:57 - 2020-05-26 20:23 - 000000000 ____D C:\Users\kaPL74\AppData\Roaming\uTorrent
2023-08-27 22:48 - 2020-02-29 23:35 - 000000000 ____D C:\Users\kaPL74\Documents\American Truck Simulator
2023-08-27 19:15 - 2020-06-07 13:06 - 000002436 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Microsoft Edge.lnk
2023-08-27 19:15 - 2019-12-07 11:14 - 000000000 ___HD C:\Program Files\WindowsApps
2023-08-27 19:15 - 2019-12-07 11:14 - 000000000 ____D C:\WINDOWS\AppReadiness
2023-08-25 20:37 - 2020-02-29 23:17 - 000000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Skype
2023-08-21 19:49 - 2022-05-11 15:29 - 000713078 _____ C:\WINDOWS\system32\perfh005.dat
2023-08-21 19:49 - 2022-05-11 15:29 - 000143796 _____ C:\WINDOWS\system32\perfc005.dat
2023-08-21 19:49 - 2020-08-23 11:32 - 001683936 _____ C:\WINDOWS\system32\PerfStringBackup.INI
2023-08-21 19:49 - 2019-12-07 11:13 - 000000000 ____D C:\WINDOWS\INF
2023-08-21 19:42 - 2020-08-23 11:27 - 000000006 ____H C:\WINDOWS\Tasks\SA.DAT
2023-08-21 19:42 - 2020-08-23 11:23 - 000008192 ___SH C:\DumpStack.log.tmp
2023-08-21 19:42 - 2020-02-29 19:31 - 000000000 ____D C:\Program Files\Mozilla Firefox
2023-08-21 19:42 - 2019-12-07 11:14 - 000000000 ____D C:\WINDOWS\ServiceState
2023-08-21 19:41 - 2019-12-07 11:03 - 000524288 _____ C:\WINDOWS\system32\config\BBI
2023-08-18 18:41 - 2023-06-07 16:32 - 000000000 ____D C:\Users\kaPL74\AppData\Local\Malwarebytes
2023-08-16 17:06 - 2022-05-18 12:27 - 000004154 _____ C:\WINDOWS\system32\Tasks\Opera scheduled Autoupdate 1652869668
2023-08-16 17:06 - 2022-05-18 12:27 - 000001412 _____ C:\Users\kaPL74\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Prohlížeč Opera.lnk
2023-08-15 21:13 - 2020-03-05 22:59 - 000000000 ____D C:\Users\kaPL74\AppData\Roaming\Microsoft\Windows Photo Viewer
2023-08-14 00:15 - 2023-05-02 22:20 - 000000000 ____D C:\Users\kaPL74\AppData\Roaming\DeepL_SE
2023-08-13 19:42 - 2020-03-01 11:15 - 000000000 ____D C:\Tiskárna EPSON
2023-08-13 19:41 - 2020-03-01 11:07 - 000000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\EPSON Software
2023-08-13 19:41 - 2020-03-01 11:07 - 000000000 ____D C:\Program Files (x86)\EPSON Software
2023-08-13 17:34 - 2020-02-29 23:10 - 000000000 ____D C:\Users\kaPL74\AppData\Local\D3DSCache
2023-08-13 17:24 - 2020-02-29 19:17 - 000000000 ____D C:\Users\kaPL74\AppData\Local\NVIDIA
2023-08-13 16:37 - 2020-02-29 23:19 - 000000000 ____D C:\Users\kaPL74\AppData\Local\Steam
2023-08-13 16:07 - 2020-02-29 20:10 - 000000000 ____D C:\Program Files (x86)\Microsoft Office
2023-08-09 19:21 - 2022-05-08 13:56 - 000446288 _____ C:\WINDOWS\system32\FNTCACHE.DAT
2023-08-09 19:20 - 2019-12-07 16:47 - 000000000 ____D C:\Program Files\Windows Defender Advanced Threat Protection
2023-08-09 19:20 - 2019-12-07 11:14 - 000000000 ____D C:\WINDOWS\SysWOW64\WinMetadata
2023-08-09 19:20 - 2019-12-07 11:14 - 000000000 ____D C:\WINDOWS\SystemResources
2023-08-09 19:20 - 2019-12-07 11:14 - 000000000 ____D C:\WINDOWS\system32\WinMetadata
2023-08-09 19:20 - 2019-12-07 11:14 - 000000000 ____D C:\WINDOWS\system32\setup
2023-08-09 19:20 - 2019-12-07 11:14 - 000000000 ____D C:\WINDOWS\system32\migwiz
2023-08-09 19:20 - 2019-12-07 11:14 - 000000000 ____D C:\WINDOWS\system32\appraiser
2023-08-09 19:20 - 2019-12-07 11:14 - 000000000 ____D C:\WINDOWS\bcastdvr
2023-08-09 19:20 - 2019-12-07 11:14 - 000000000 ____D C:\WINDOWS\appcompat
2023-08-09 18:39 - 2019-12-07 11:03 - 000000000 ____D C:\WINDOWS\CbsTemp
2023-08-09 18:37 - 2020-08-23 11:25 - 003015168 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\PrintConfig.dll
2023-08-09 18:32 - 2020-02-29 21:12 - 000000000 ____D C:\WINDOWS\system32\MRT
2023-08-09 18:30 - 2020-02-29 21:12 - 175983240 ____C (Microsoft Corporation) C:\WINDOWS\system32\MRT.exe
2023-08-09 17:59 - 2020-02-29 21:33 - 000000000 ____D C:\Users\kaPL74\AppData\Local\CrashDumps
2023-08-09 17:54 - 2020-03-13 22:23 - 000000000 ____D C:\Users\kaPL74\AppData\Roaming\Microsoft\Word
2023-08-09 17:53 - 2020-03-13 22:23 - 000000000 ____D C:\Users\kaPL74\AppData\Roaming\Microsoft\Office
2023-08-09 17:24 - 2020-08-23 10:43 - 000000000 ____D C:\Users\kaPL74
2023-08-09 16:59 - 2020-02-29 20:15 - 000000000 ____D C:\Users\kaPL74\AppData\Roaming\Microsoft\Excel
2023-08-05 22:46 - 2020-11-02 10:27 - 007858216 _____ (NVIDIA Corporation) C:\WINDOWS\system32\nvapi64.dll
2023-08-05 14:27 - 2023-07-01 20:10 - 000000000 ____D C:\Users\kaPL74\AppData\Local\ElevatedDiagnostics

==================== Files in the root of some directories ========

2020-03-01 11:59 - 2020-03-01 11:59 - 000007859 _____ () C:\Users\kaPL74\AppData\Roaming\pcouffin.cat
2020-03-01 11:59 - 2020-03-01 11:59 - 000001167 _____ () C:\Users\kaPL74\AppData\Roaming\pcouffin.inf
2020-03-01 11:59 - 2020-03-01 11:59 - 000082816 _____ (VSO Software) C:\Users\kaPL74\AppData\Roaming\pcouffin.sys

==================== SigCheck ============================

(There is no automatic fix for files that do not pass verification.)

==================== End of FRST.txt ========================

[Rudy]

Zdravím!


Otevřte poznámkový blok a zkopírujte do něj:

Start

CloseProcesses:
HKLM\SOFTWARE\Microsoft\Windows Defender: [DisableAntiSpyware] Restriction <==== ATTENTION
HKLM\SOFTWARE\Microsoft\Windows Defender: [DisableAntiVirus] Restriction <==== ATTENTION
HKU\S-1-5-21-3640345311-2590231575-3648685039-1001\...\MountPoints2: {62f03951-55dc-11ed-abae-001a7dda7115} - "G:\Setup.exe"
HKU\S-1-5-21-3640345311-2590231575-3648685039-1001\...\MountPoints2: {62f03975-55dc-11ed-abae-001a7dda7115} - "G:\Setup.exe"
HKU\S-1-5-21-3640345311-2590231575-3648685039-1001\...\MountPoints2: {8f688a34-a5f2-11ed-abbf-001a7dda7115} - "G:\HonorSuiteOnlineInstaller.exe"
HKU\S-1-5-21-3640345311-2590231575-3648685039-1001\...\MountPoints2: {b94ff99e-4adc-11ed-abae-001a7dda7115} - "G:\HonorSuiteOnlineInstaller.exe"
HKU\S-1-5-21-3640345311-2590231575-3648685039-1001\...\MountPoints2: {dcb6a104-ffc3-11ed-abca-001a7dda7115} - "G:\HonorSuiteOnlineInstaller.exe"
C:\DumpStack.log.tmp
CustomCLSID: HKU\S-1-5-21-3640345311-2590231575-3648685039-1001_Classes\CLSID\{0B7AD8D3-094A-44DE-A348-83C6C3FA347C}\InprocServer32 -> C:\Users\kaPL74\AppData\Local\Microsoft\Windows Sidebar\Gadgets\Clipboarder.gadget\Release\Clipboarder64.dll => No File
CustomCLSID: HKU\S-1-5-21-3640345311-2590231575-3648685039-1001_Classes\CLSID\{0E7BE950-4ACC-47CB-834B-41A8B96BBFF9}\InprocServer32 -> C:\Users\kaPL74\AppData\Local\Microsoft\Windows Sidebar\Gadgets\Sidebar7.gadget\Release\Sidebar7.64.dll => No File
CustomCLSID: HKU\S-1-5-21-3640345311-2590231575-3648685039-1001_Classes\CLSID\{227C9E8F-71A1-4B23-9076-682A1A8EAAED}\localserver32 -> "c:\program files\macrium\common\reflectmonitor.exe" -ToastActivated => No File
CustomCLSID: HKU\S-1-5-21-3640345311-2590231575-3648685039-1001_Classes\CLSID\{9489FEB2-1925-4D01-B788-6D912C70F7F2}\localserver32 -> C:\Users\kaPL74\AppData\Local\Microsoft\OneDrive\19.232.1124.0008_1\FileCoAuth.exe => No File
FirewallRules: [{540CAC66-0AB1-4F90-83BA-018870892921}] => (Allow) C:\Program Files (x86)\Steam\steamapps\common\Mafia II Definitive Edition\2KLauncher\LauncherPatcher.exe => No File
FirewallRules: [{9EC3E7EA-AEEF-4200-814C-5CF9ED23D3BA}] => (Allow) C:\Program Files (x86)\Steam\steamapps\common\Mafia II Definitive Edition\2KLauncher\LauncherPatcher.exe => No File
C:\Users\kaPL74\Desktop\cloudcar.exe

EmptyTemp:
End

Uložte na plochu jako fixlist.txt. Spusťte znovu FRST a klikněte na >Fix<. Po skončení akce se objeví log, který sem zkopírujte.

[kodl74]

konečně sem se dostal k PC zde log:

Fix result of Farbar Recovery Scan Tool (x64) Version: 28-08-2023
Ran by kaPL74 (31-08-2023 15:27:01) Run:1
Running from C:\Users\kaPL74\Desktop
Loaded Profiles: kaPL74
Boot Mode: Normal
==============================================

fixlist content:
*****************
Start

CloseProcesses:
HKLM\SOFTWARE\Microsoft\Windows Defender: [DisableAntiSpyware] Restriction <==== ATTENTION
HKLM\SOFTWARE\Microsoft\Windows Defender: [DisableAntiVirus] Restriction <==== ATTENTION
HKU\S-1-5-21-3640345311-2590231575-3648685039-1001\...\MountPoints2: {62f03951-55dc-11ed-abae-001a7dda7115} - "G:\Setup.exe"
HKU\S-1-5-21-3640345311-2590231575-3648685039-1001\...\MountPoints2: {62f03975-55dc-11ed-abae-001a7dda7115} - "G:\Setup.exe"
HKU\S-1-5-21-3640345311-2590231575-3648685039-1001\...\MountPoints2: {8f688a34-a5f2-11ed-abbf-001a7dda7115} - "G:\HonorSuiteOnlineInstaller.exe"
HKU\S-1-5-21-3640345311-2590231575-3648685039-1001\...\MountPoints2: {b94ff99e-4adc-11ed-abae-001a7dda7115} - "G:\HonorSuiteOnlineInstaller.exe"
HKU\S-1-5-21-3640345311-2590231575-3648685039-1001\...\MountPoints2: {dcb6a104-ffc3-11ed-abca-001a7dda7115} - "G:\HonorSuiteOnlineInstaller.exe"
C:\DumpStack.log.tmp
CustomCLSID: HKU\S-1-5-21-3640345311-2590231575-3648685039-1001_Classes\CLSID\{0B7AD8D3-094A-44DE-A348-83C6C3FA347C}\InprocServer32 -> C:\Users\kaPL74\AppData\Local\Microsoft\Windows Sidebar\Gadgets\Clipboarder.gadget\Release\Clipboarder64.dll => No File
CustomCLSID: HKU\S-1-5-21-3640345311-2590231575-3648685039-1001_Classes\CLSID\{0E7BE950-4ACC-47CB-834B-41A8B96BBFF9}\InprocServer32 -> C:\Users\kaPL74\AppData\Local\Microsoft\Windows Sidebar\Gadgets\Sidebar7.gadget\Release\Sidebar7.64.dll => No File
CustomCLSID: HKU\S-1-5-21-3640345311-2590231575-3648685039-1001_Classes\CLSID\{227C9E8F-71A1-4B23-9076-682A1A8EAAED}\localserver32 -> "c:\program files\macrium\common\reflectmonitor.exe" -ToastActivated => No File
CustomCLSID: HKU\S-1-5-21-3640345311-2590231575-3648685039-1001_Classes\CLSID\{9489FEB2-1925-4D01-B788-6D912C70F7F2}\localserver32 -> C:\Users\kaPL74\AppData\Local\Microsoft\OneDrive\19.232.1124.0008_1\FileCoAuth.exe => No File
FirewallRules: [{540CAC66-0AB1-4F90-83BA-018870892921}] => (Allow) C:\Program Files (x86)\Steam\steamapps\common\Mafia II Definitive Edition\2KLauncher\LauncherPatcher.exe => No File
FirewallRules: [{9EC3E7EA-AEEF-4200-814C-5CF9ED23D3BA}] => (Allow) C:\Program Files (x86)\Steam\steamapps\common\Mafia II Definitive Edition\2KLauncher\LauncherPatcher.exe => No File
C:\Users\kaPL74\Desktop\cloudcar.exe

EmptyTemp:
End
*****************

Processes closed successfully.
HKLM\SOFTWARE\Microsoft\Windows Defender\\"DisableAntiSpyware"="0" => value restored successfully
HKLM\SOFTWARE\Microsoft\Windows Defender\\"DisableAntiVirus"="0" => value restored successfully
HKU\S-1-5-21-3640345311-2590231575-3648685039-1001\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\MountPoints2\{62f03951-55dc-11ed-abae-001a7dda7115} => removed successfully
HKU\S-1-5-21-3640345311-2590231575-3648685039-1001\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\MountPoints2\{62f03975-55dc-11ed-abae-001a7dda7115} => removed successfully
HKU\S-1-5-21-3640345311-2590231575-3648685039-1001\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\MountPoints2\{8f688a34-a5f2-11ed-abbf-001a7dda7115} => removed successfully
HKU\S-1-5-21-3640345311-2590231575-3648685039-1001\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\MountPoints2\{b94ff99e-4adc-11ed-abae-001a7dda7115} => removed successfully
HKU\S-1-5-21-3640345311-2590231575-3648685039-1001\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\MountPoints2\{dcb6a104-ffc3-11ed-abca-001a7dda7115} => removed successfully
Could not move "C:\DumpStack.log.tmp" => Scheduled to move on reboot.
HKU\S-1-5-21-3640345311-2590231575-3648685039-1001_Classes\CLSID\{0B7AD8D3-094A-44DE-A348-83C6C3FA347C} => removed successfully
HKU\S-1-5-21-3640345311-2590231575-3648685039-1001_Classes\CLSID\{0E7BE950-4ACC-47CB-834B-41A8B96BBFF9} => removed successfully
HKU\S-1-5-21-3640345311-2590231575-3648685039-1001_Classes\CLSID\{227C9E8F-71A1-4B23-9076-682A1A8EAAED} => removed successfully
HKU\S-1-5-21-3640345311-2590231575-3648685039-1001_Classes\CLSID\{9489FEB2-1925-4D01-B788-6D912C70F7F2} => removed successfully
"HKLM\SYSTEM\CurrentControlSet\services\SharedAccess\Parameters\FirewallPolicy\FirewallRules\\{540CAC66-0AB1-4F90-83BA-018870892921}" => removed successfully
"HKLM\SYSTEM\CurrentControlSet\services\SharedAccess\Parameters\FirewallPolicy\FirewallRules\\{9EC3E7EA-AEEF-4200-814C-5CF9ED23D3BA}" => removed successfully
"C:\Users\kaPL74\Desktop\cloudcar.exe" => not found

=========== EmptyTemp: ==========

FlushDNS => completed
BITS transfer queue => 0 B
DOMStore, IE Recovery, AppCache, Feeds Cache, Thumbcache, IconCache => 1247263316 B
Java, Discord, Steam htmlcache, WinHttpAutoProxySvc/winhttp *.cache => 674594541 B
Windows/system/drivers => 2113978 B
Edge => 0 B
Firefox => 1167737869 B
Opera => 474371012 B

Temp, IE cache, history, cookies, recent:
Default => 0 B
ProgramData => 0 B
Public => 0 B
systemprofile => 0 B
systemprofile32 => 0 B
LocalService => 73896 B
NetworkService => 73896 B
kaPL74 => 10028327 B

RecycleBin => 0 B
EmptyTemp: => 3.3 GB temporary data Removed.

================================

Result of scheduled files to move (Boot Mode: Normal) (Date&Time: 31-08-2023 15:29:28)

C:\DumpStack.log.tmp => Could not move

==== End of Fixlog 15:29:28 ====

[Rudy]

Smazáno, log by již měl být OK.

[kodl74]

Děkuji moc

[Rudy]

Rádo se stalo!