PC hlasí TROJANa

[Kalashnikow88]

Dobrý den,

prosím o kontrolu logu, notebook hlasí Trojana, vyskakují různá okna.

Scan result of Farbar Recovery Scan Tool (FRST) (x64) Version: 01.01.2024
Ran by troch (administrator) on DESKTOP-0GLAP62 (Dell Inc. Precision 7530) (04-01-2024 08:11:37)
Running from C:\Users\troch\OneDrive\Plocha\FRST64.exe
Loaded Profiles: troch
Platform: Microsoft Windows 11 Pro for Workstations Version 22H2 22621.2861 (X64) Language: Čeština (Česko)
Default browser: Edge
Boot Mode: Normal

==================== Processes (Whitelisted) =================

(If an entry is included in the fixlist, the process will be closed. The file will not be moved.)

(ALPS ALPINE CO., LTD. -> ALPSALPINE CO., LTD.) C:\Windows\System32\DellTPad\ApntEx.exe
(Autodesk, Inc. -> ) C:\Users\troch\AppData\Local\Autodesk\webdeploy\meta\streamer\20231122000000\streamer.exe
(Autodesk, Inc. -> Autodesk) C:\Program Files\Autodesk\Genuine Service\GenuineService.exe
(Autodesk, Inc. -> Autodesk, Inc.) C:\Users\troch\AppData\Roaming\Autodesk\ADPSDK\bin\ADPClientService.exe
(C:\Program Files\Autodesk\AdODIS\V1\Setup\AdskAccessCore.exe ->) (Autodesk, Inc. -> Autodesk, Inc.) C:\Program Files\Autodesk\AdODIS\V1\Setup\ui-launcher\AdskAccessUIHost.exe <4>
(C:\Program Files\Autodesk\AdODIS\V1\Setup\AdskAccessCore.exe ->) (Autodesk, Inc. -> Autodesk, Inc.) C:\Program Files\Autodesk\AdskIdentityManager\1.9.18.0\AdskIdentityManager.exe
(C:\Program Files\Common Files\microsoft shared\ClickToRun\OfficeClickToRun.exe ->) (Microsoft Corporation -> Microsoft Corporation) C:\Program Files\Common Files\microsoft shared\ClickToRun\AppVShNotify.exe
(C:\Program Files\WindowsApps\MicrosoftTeams_23335.205.2559.726_x64__8wekyb3d8bbwe\msteams.exe ->) (Microsoft Corporation -> Microsoft Corporation) C:\Program Files (x86)\Microsoft\EdgeWebView\Application\120.0.2210.77\msedgewebview2.exe <6>
(DellTPad\Apoint.exe ->) (ALPS ALPINE CO., LTD. -> ALPSALPINE CO., LTD.) C:\Windows\System32\DellTPad\ApMsgFwd.exe
(DellTPad\Apoint.exe ->) (ALPS ALPINE CO., LTD. -> ALPSALPINE Co., Ltd.) C:\Windows\System32\DellTPad\hidfind.exe
(DellTPad\Apoint.exe ->) (Microsoft Windows Hardware Compatibility Publisher -> ALPSALPINE Co., Ltd.) C:\Windows\System32\DellTPad\ApRemote.exe
(DellTPad\HidMonitorSvc.exe ->) (Microsoft Windows Hardware Compatibility Publisher -> ALPSALPINE Co., Ltd.) C:\Windows\System32\DellTPad\Apoint.exe
(explorer.exe ->) (Autodesk, Inc. -> Autodesk, Inc.) C:\Program Files\Autodesk\AdODIS\V1\Setup\AdskAccessCore.exe
(explorer.exe ->) (Microsoft Corporation -> Microsoft Corporation) C:\Program Files\Microsoft OneDrive\OneDrive.exe
(Microsoft Corporation -> Microsoft Corporation) C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe <34>
(services.exe ->) (ALPS ALPINE CO., LTD. -> ALPSALPINE Co., Ltd.) C:\Windows\System32\DellTPad\HidMonitorSvc.exe
(services.exe ->) (Autodesk, Inc. -> Autodesk) C:\Program Files (x86)\Common Files\Autodesk Shared\AdskLicensing\13.2.0.9150\AdskLicensingService\AdskLicensingService.exe
(services.exe ->) (Autodesk, Inc. -> Autodesk, Inc.) C:\Program Files\Autodesk\AdODIS\V1\Setup\AdskAccessServiceHost.exe
(services.exe ->) (Flexera Software LLC -> Flexera) C:\Program Files\Common Files\Macrovision Shared\FlexNet Publisher\FNPLicensingService64.exe
(services.exe ->) (Intel Corporation -> Intel Corporation) C:\Windows\System32\DriverStore\FileRepository\dal.inf_amd64_64d7fcfcde9b9c10\jhi_service.exe
(services.exe ->) (Intel Corporation -> Intel Corporation) C:\Windows\System32\DriverStore\FileRepository\dptf_cpu.inf_amd64_c2c5b0e17a28a48f\esif_uf.exe
(services.exe ->) (Intel Corporation -> Intel Corporation) C:\Windows\System32\DriverStore\FileRepository\lms.inf_amd64_981d034327bfbdcc\LMS.exe
(services.exe ->) (Intel Corporation -> Intel Corporation) C:\Windows\System32\DriverStore\FileRepository\mewmiprov.inf_amd64_f3c201b4c28c14d0\WMIRegistrationService.exe
(services.exe ->) (Intel(R) Rapid Storage Technology -> Intel Corporation) C:\Windows\System32\DriverStore\FileRepository\iastorac.inf_amd64_9c788f1d162b1224\RstMwService.exe
(services.exe ->) (Microsoft Corporation -> Microsoft Corporation) C:\Program Files\Common Files\microsoft shared\ClickToRun\OfficeClickToRun.exe
(services.exe ->) (Microsoft Corporation -> Microsoft Corporation) C:\Program Files\Microsoft OneDrive\23.246.1127.0002\FileSyncHelper.exe
(services.exe ->) (Microsoft Windows Publisher -> Microsoft Corporation) C:\ProgramData\Microsoft\Windows Defender\Platform\4.18.23110.3-0\MsMpEng.exe
(services.exe ->) (Microsoft Windows Publisher -> Microsoft Corporation) C:\ProgramData\Microsoft\Windows Defender\Platform\4.18.23110.3-0\NisSrv.exe
(services.exe ->) (NVIDIA Corporation -> NVIDIA Corporation) C:\Windows\System32\DriverStore\FileRepository\nvdm.inf_amd64_1a23b5002e352bab\Display.NvContainer\NVDisplay.Container.exe <2>
(services.exe ->) (NVIDIA Corporation -> NVIDIA Corporation) C:\Windows\System32\DriverStore\FileRepository\nvdm.inf_amd64_1a23b5002e352bab\NVWMI\nvWmi64.exe <2>
(services.exe ->) (Realtek Semiconductor Corp. -> Realtek Semiconductor) C:\Windows\System32\DriverStore\FileRepository\realtekservice.inf_amd64_bc81681eb27bc1ae\RtkAudUService64.exe
(svchost.exe ->) (Microsoft Corporation -> Microsoft Corporation) C:\Program Files\Microsoft OneDrive\23.246.1127.0002\FileCoAuth.exe
(svchost.exe ->) (Microsoft Corporation -> Microsoft Corporation) C:\Program Files\WindowsApps\Microsoft.GamingApp_2312.1001.18.0_x64__8wekyb3d8bbwe\XboxGameBarWidgets.exe
(svchost.exe ->) (Microsoft Corporation -> Microsoft Corporation) C:\Program Files\WindowsApps\Microsoft.GamingApp_2312.1001.18.0_x64__8wekyb3d8bbwe\XboxPcAppFT.exe
(svchost.exe ->) (Microsoft Corporation -> Microsoft Corporation) C:\Program Files\WindowsApps\microsoft.windowscommunicationsapps_16005.14326.21768.0_x64__8wekyb3d8bbwe\HxAccounts.exe
(svchost.exe ->) (Microsoft Corporation -> Microsoft Corporation) C:\Program Files\WindowsApps\microsoft.windowscommunicationsapps_16005.14326.21768.0_x64__8wekyb3d8bbwe\HxOutlook.exe
(svchost.exe ->) (Microsoft Corporation -> Microsoft Corporation) C:\Program Files\WindowsApps\microsoft.windowscommunicationsapps_16005.14326.21768.0_x64__8wekyb3d8bbwe\HxTsr.exe
(svchost.exe ->) (Microsoft Windows -> ) C:\Program Files\WindowsApps\MicrosoftWindows.Client.WebExperience_423.30700.0.0_x64__cw5n1h2txyewy\Dashboard\WidgetService.exe
(svchost.exe ->) (Microsoft Windows -> Microsoft Corporation) C:\Windows\System32\DataExchangeHost.exe
(svchost.exe ->) (Microsoft Windows -> Microsoft Corporation) C:\Windows\System32\dllhost.exe <3>
(svchost.exe ->) (Microsoft Windows -> Microsoft Corporation) C:\Windows\System32\smartscreen.exe
(svchost.exe ->) (Microsoft Windows -> Microsoft Corporation) C:\Windows\System32\wlanext.exe

==================== Registry (Whitelisted) ===================

(If an entry is included in the fixlist, the registry item will be restored to default or removed. The file will not be moved.)

HKLM\...\Run: [Autodesk Access] => C:\Program Files\Autodesk\AdODIS\V1\Setup\AdskAccessCore.exe [18088224 2023-05-02] (Autodesk, Inc. -> Autodesk, Inc.)
HKLM\...\Run: [Logitech Download Assistant] => C:\Windows\system32\rundll32.exe C:\Windows\System32\LogiLDA.dll,LogiFetch [3831808 2021-08-30] (Microsoft Windows Hardware Compatibility Publisher -> Logitech)
HKLM-x32\...\Run: [Autodesk Genuine Service ] => C:\Program Files\Autodesk\Genuine Service\GenuineService.exe [3638792 2023-09-22] (Autodesk, Inc. -> Autodesk)
HKLM\...\RunOnce: [msedge_cleanup_{F3017226-FE2A-4295-8BDF-00C3A9A7E4C5}] => C:\Program Files (x86)\Microsoft\EdgeWebView\Application\120.0.2210.91\Installer\setup.exe [4650448 2023-12-23] (Microsoft Corporation -> Microsoft Corporation)
HKU\S-1-5-21-1976165619-2754625909-3318537033-1001\...\Run: [OneDrive] => C:\Program Files\Microsoft OneDrive\OneDrive.exe [2595344 2023-12-16] (Microsoft Corporation -> Microsoft Corporation)
HKU\S-1-5-21-1976165619-2754625909-3318537033-1001\...\Run: [MicrosoftEdgeAutoLaunch_93E8D0CC6B070E2E756B06901F8096CE] => "C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --no-startup-window --win-session-start [3854376 2023-12-14] (Microsoft Corporation -> Microsoft Corporation)
HKU\S-1-5-21-1976165619-2754625909-3318537033-1001\...\Policies\Explorer: []
HKLM\Software\...\Authentication\Credential Providers: [{C885AA15-1764-4293-B82A-0586ADD46B35}] ->

==================== Scheduled Tasks (Whitelisted) =================

(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)

Task: {87D15303-25A8-4C52-B117-30441DAEB7C5} - System32\Tasks\Microsoft\Office\Office Automatic Updates 2.0 => C:\Program Files\Common Files\Microsoft Shared\ClickToRun\OfficeC2RClient.exe [28175440 2023-12-06] (Microsoft Corporation -> Microsoft Corporation)
Task: {4F21DE69-4ACD-4946-8168-D24ECE696134} - System32\Tasks\Microsoft\Office\Office ClickToRun Service Monitor => C:\Program Files\Common Files\Microsoft Shared\ClickToRun\OfficeC2RClient.exe [28175440 2023-12-06] (Microsoft Corporation -> Microsoft Corporation)
Task: {E264372B-FFCE-456C-863B-43106EBA704E} - System32\Tasks\Microsoft\Office\Office Feature Updates => C:\Program Files\Microsoft Office\root\Office16\sdxhelper.exe [306728 2024-01-03] (Microsoft Corporation -> Microsoft Corporation)
Task: {29F568FA-511E-4A8F-8CF1-02351FFD15E7} - System32\Tasks\Microsoft\Office\Office Feature Updates Logon => C:\Program Files\Microsoft Office\root\Office16\sdxhelper.exe [306728 2024-01-03] (Microsoft Corporation -> Microsoft Corporation)
Task: {69C81D58-9D2A-490E-9F0A-71ED6008C959} - System32\Tasks\Microsoft\Office\Office Performance Monitor => C:\Program Files\Microsoft Office\root\VFS\ProgramFilesCommonX64\Microsoft Shared\Office16\operfmon.exe [169144 2023-12-07] (Microsoft Corporation -> Microsoft Corporation)
Task: {CCDFC0B8-01A3-4E74-A820-4F13F51D269E} - System32\Tasks\Microsoft\Windows\Mobile Broadband Accounts\MNO Metadata Parser => %SystemRoot%\System32\MbaeParserTask.exe (No File)
Task: {A1EFA779-99D2-45E7-8A68-F809FB579662} - System32\Tasks\Microsoft\Windows\UpdateOrchestrator\MusUx_LogonUpdateResults => %systemroot%\system32\MusNotification.exe LogonUpdateResults (No File)
Task: {62350F45-429E-49E0-9F6F-E3A3EE234DD6} - System32\Tasks\Microsoft\Windows\UpdateOrchestrator\Reboot_AC => %systemroot%\system32\MusNotification.exe /RunOnAC ReadyToReboot (No File)
Task: {883D9DF6-994E-4BCB-A805-8B67392AED1F} - System32\Tasks\Microsoft\Windows\UpdateOrchestrator\Reboot_Battery => %systemroot%\system32\MusNotification.exe /RunOnBattery ReadyToReboot (No File)
Task: {E0F10DCF-44AD-40E8-9370-FB5DA59F93FB} - System32\Tasks\Microsoft\Windows\UpdateOrchestrator\USO_UxBroker => %systemroot%\system32\MusNotification.exe (No File)
Task: {8834F8A8-76E5-4A47-B1C0-5F578488A59A} - System32\Tasks\Microsoft\Windows\Windows Defender\Windows Defender Cache Maintenance => C:\ProgramData\Microsoft\Windows Defender\Platform\4.18.23110.3-0\MpCmdRun.exe [1608808 2023-12-09] (Microsoft Windows Publisher -> Microsoft Corporation)
Task: {16D12929-BFBC-4612-8B59-AF932AD34130} - System32\Tasks\Microsoft\Windows\Windows Defender\Windows Defender Cleanup => C:\ProgramData\Microsoft\Windows Defender\Platform\4.18.23110.3-0\MpCmdRun.exe [1608808 2023-12-09] (Microsoft Windows Publisher -> Microsoft Corporation)
Task: {78D13951-D0C0-4329-BFE1-50C408DA765E} - System32\Tasks\Microsoft\Windows\Windows Defender\Windows Defender Scheduled Scan => C:\ProgramData\Microsoft\Windows Defender\Platform\4.18.23110.3-0\MpCmdRun.exe [1608808 2023-12-09] (Microsoft Windows Publisher -> Microsoft Corporation)
Task: {9340D733-1021-4A6E-A75A-3F34D3DCFBAE} - System32\Tasks\Microsoft\Windows\Windows Defender\Windows Defender Verification => C:\ProgramData\Microsoft\Windows Defender\Platform\4.18.23110.3-0\MpCmdRun.exe [1608808 2023-12-09] (Microsoft Windows Publisher -> Microsoft Corporation)
Task: {5B230CFC-DF36-4C54-A43D-C97397F783A0} - System32\Tasks\OneDrive Per-Machine Standalone Update Task => C:\Program Files\Microsoft OneDrive\OneDriveStandaloneUpdater.exe [4130736 2023-12-16] (Microsoft Corporation -> Microsoft Corporation)
Task: {BB2091BA-425A-4507-84E0-6E017A3C753A} - System32\Tasks\OneDrive Reporting Task-S-1-5-21-1976165619-2754625909-3318537033-1001 => C:\Program Files\Microsoft OneDrive\OneDriveStandaloneUpdater.exe [4130736 2023-12-16] (Microsoft Corporation -> Microsoft Corporation)

(If an entry is included in the fixlist, the task (.job) file will be moved. The file which is running by the task will not be moved.)


==================== Internet (Whitelisted) ====================

(If an item is included in the fixlist, if it is a registry item it will be removed or restored to default.)

Tcpip\Parameters: [DhcpNameServer] 10.0.0.138
Tcpip\..\Interfaces\{ce095470-0c81-4811-93cd-73443b0a7105}: [DhcpNameServer] 10.0.0.138
Tcpip\..\Interfaces\{ce095470-0c81-4811-93cd-73443b0a7105}\4527F63686F667960223C243: [DhcpNameServer] 10.0.0.138

Edge:
=======
Edge DefaultProfile: Default
Edge Profile: C:\Users\troch\AppData\Local\Microsoft\Edge\User Data\Default [2024-01-04]
Edge Notifications: Default -> hxxps://porexcosted.co.in
Edge HomePage: Default -> hxxp://www.google.com/
Edge StartupUrls: Default -> "hxxp://www.google.com/"
Edge Extension: (Dokumenty Google offline) - C:\Users\troch\AppData\Local\Microsoft\Edge\User Data\Default\Extensions\ghbmnnjooekpmoecnnnilnnbdlolhkhi [2023-10-05]
Edge Extension: (Edge relevant text changes) - C:\Users\troch\AppData\Local\Microsoft\Edge\User Data\Default\Extensions\jmjflgjpcpepeafmmgdpfkogkghcpiha [2023-09-13]

FireFox:
========
FF Plugin: @microsoft.com/SharePoint,version=14.0 -> C:\Program Files\Microsoft Office\root\Office16\NPSPWRAP.DLL [2023-12-07] (Microsoft Corporation -> Microsoft Corporation)
FF Plugin-x32: @microsoft.com/SharePoint,version=14.0 -> C:\Program Files\Microsoft Office\root\VFS\ProgramFilesX86\Microsoft Office\Office16\NPSPWRAP.DLL [2023-12-07] (Microsoft Corporation -> Microsoft Corporation)

==================== Services (Whitelisted) ===================

(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)

R2 AdskLicensingService; C:\Program Files (x86)\Common Files\Autodesk Shared\AdskLicensing\Current\AdskLicensingService\AdskLicensingService.exe [15772680 2023-06-14] (Autodesk, Inc. -> Autodesk)
R2 ApHidMonitorService; C:\WINDOWS\system32\DellTPad\HidMonitorSvc.exe [894880 2021-05-24] (ALPS ALPINE CO., LTD. -> ALPSALPINE Co., Ltd.)
R2 Autodesk Access Service Host; C:\Program Files\Autodesk\AdODIS\V1\Setup\AdskAccessServiceHost.exe [10539808 2023-05-21] (Autodesk, Inc. -> Autodesk, Inc.)
R2 ClickToRunSvc; C:\Program Files\Common Files\Microsoft Shared\ClickToRun\OfficeClickToRun.exe [13233744 2023-11-24] (Microsoft Corporation -> Microsoft Corporation)
R3 FileSyncHelper; C:\Program Files\Microsoft OneDrive\23.246.1127.0002\FileSyncHelper.exe [3514384 2023-12-16] (Microsoft Corporation -> Microsoft Corporation)
R2 NVWMI; C:\WINDOWS\System32\DriverStore\FileRepository\nvdm.inf_amd64_1a23b5002e352bab\NVWMI\nvWmi64.exe [4512888 2023-10-31] (NVIDIA Corporation -> NVIDIA Corporation)
S3 OneDrive Updater Service; C:\Program Files\Microsoft OneDrive\23.246.1127.0002\OneDriveUpdaterService.exe [3851280 2023-12-16] (Microsoft Corporation -> Microsoft Corporation)
S3 Sense; C:\Program Files\Windows Defender Advanced Threat Protection\MsSense.exe [534592 2023-12-17] (Microsoft Windows Publisher -> Microsoft Corporation)
R3 WdNisSvc; C:\ProgramData\Microsoft\Windows Defender\Platform\4.18.23110.3-0\NisSrv.exe [3174840 2023-12-09] (Microsoft Windows Publisher -> Microsoft Corporation)
R2 WinDefend; C:\ProgramData\Microsoft\Windows Defender\Platform\4.18.23110.3-0\MsMpEng.exe [133592 2023-12-09] (Microsoft Windows Publisher -> Microsoft Corporation)
R2 NVDisplay.ContainerLocalSystem; C:\WINDOWS\System32\DriverStore\FileRepository\nvdm.inf_amd64_1a23b5002e352bab\Display.NvContainer\NVDisplay.Container.exe -s NVDisplay.ContainerLocalSystem -f %ProgramData%\NVIDIA\NVDisplay.ContainerLocalSystem.log -l 3 -d C:\WINDOWS\System32\DriverStore\FileRepository\nvdm.inf_amd64_1a23b5002e352bab\Display.NvContainer\plugins\LocalSystem -r -p 30000 -cfg NVDisplay.ContainerLocalSystem\LocalSystem

===================== Drivers (Whitelisted) ===================

(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)

R3 ApHidfiltrService; C:\WINDOWS\System32\drivers\ApHidfiltrSW.sys [362512 2021-05-24] (WDKTestCert CHT1HTSH3180,132475688214743128 -> ALPSALPINE Co., Ltd.)
S0 WdBoot; C:\WINDOWS\System32\drivers\wd\WdBoot.sys [55856 2023-12-09] (Microsoft Windows Early Launch Anti-malware Publisher -> Microsoft Corporation)
U5 WdDevFlt; C:\Windows\System32\Drivers\WdDevFlt.sys [169232 2022-05-07] (Microsoft Windows -> Microsoft Corporation)
R0 WdFilter; C:\WINDOWS\System32\drivers\wd\WdFilter.sys [594304 2023-12-09] (Microsoft Windows -> Microsoft Corporation)
R3 WdNisDrv; C:\WINDOWS\System32\drivers\wd\WdNisDrv.sys [105856 2023-12-09] (Microsoft Windows -> Microsoft Corporation)
R3 WiMan; C:\WINDOWS\System32\DriverStore\FileRepository\wiman.inf_amd64_f8dbb140e86553d1\WiMan\WiMan.sys [169552 2022-12-20] (Intel Corporation -> Intel Corporation)
S1 WinSetupMon; system32\DRIVERS\WinSetupMon.sys [X]

==================== NetSvcs (Whitelisted) ===================

(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)


==================== One month (created) (Whitelisted) =========

(If an entry is included in the fixlist, the file/folder will be moved.)

2024-01-04 08:11 - 2024-01-04 08:12 - 000017725 _____ C:\Users\troch\OneDrive\Plocha\FRST.txt
2024-01-04 08:11 - 2024-01-04 08:11 - 000000000 ____D C:\FRST
2024-01-04 08:07 - 2024-01-04 08:08 - 002387456 _____ (Farbar) C:\Users\troch\OneDrive\Plocha\FRST64.exe
2024-01-03 15:37 - 2024-01-03 15:37 - 000622184 _____ C:\Users\troch\Downloads\cepicka.stl
2024-01-03 15:37 - 2024-01-03 15:37 - 000205878 _____ C:\Users\troch\Downloads\pistalky HC PB.3mf
2024-01-02 20:02 - 2024-01-02 20:02 - 001545038 _____ C:\Users\troch\Downloads\Vanocni-projekt-20-12-2023min.pptx
2024-01-02 18:15 - 2024-01-02 18:12 - 000507728 _____ C:\Users\troch\Downloads\2928483753.pdf
2024-01-02 14:44 - 2024-01-02 14:44 - 000000000 ____H C:\WINDOWS\system32\Drivers\Msft_User_WpdMtpDr_01_11_00.Wdf
2023-12-29 06:52 - 2023-12-29 06:52 - 000639665 _____ C:\Users\troch\Downloads\Poukaz – A7PTF9IX (2).pdf
2023-12-29 06:49 - 2023-12-29 06:49 - 000639665 _____ C:\Users\troch\Downloads\Poukaz – A7PTF9IX (1).pdf
2023-12-29 06:49 - 2023-12-29 06:49 - 000639020 _____ C:\Users\troch\Downloads\Poukaz – NRRUBSNF (2).pdf
2023-12-29 06:49 - 2023-12-29 06:49 - 000639020 _____ C:\Users\troch\Downloads\Poukaz – NRRUBSNF (1).pdf
2023-12-29 06:47 - 2023-12-29 06:47 - 000641130 _____ C:\Users\troch\Downloads\Poukaz – RYNTJTES (1).pdf
2023-12-29 06:47 - 2023-12-29 06:47 - 000640422 _____ C:\Users\troch\Downloads\Poukaz – TXGJIAJ6 (1).pdf
2023-12-29 06:46 - 2023-12-29 06:46 - 000640422 _____ C:\Users\troch\Downloads\Poukaz – TXGJIAJ6.pdf
2023-12-28 19:50 - 2023-12-29 06:46 - 000641130 _____ C:\Users\troch\Downloads\Poukaz – RYNTJTES.pdf
2023-12-26 17:42 - 2023-12-26 17:42 - 000000000 ____D C:\Users\troch\Downloads\Photos-001 (5)
2023-12-26 17:41 - 2023-12-26 17:41 - 002761344 _____ C:\Users\troch\Downloads\Photos-001 (5).zip
2023-12-22 16:31 - 2023-12-22 16:31 - 005718316 _____ C:\Users\troch\OneDrive\Plocha\whistle_fixed_0.4n_0.15mm_PLA_MINI_6h33m.bgcode
2023-12-21 12:51 - 2023-10-31 00:21 - 001488008 _____ (Khronos Group) C:\WINDOWS\system32\OpenCL.dll
2023-12-21 12:51 - 2023-10-31 00:21 - 001226872 _____ (Khronos Group) C:\WINDOWS\SysWOW64\OpenCL.dll
2023-12-21 12:51 - 2023-10-31 00:21 - 000849088 _____ C:\WINDOWS\system32\vulkaninfo-1-999-0-0-0.exe
2023-12-21 12:51 - 2023-10-31 00:21 - 000849088 _____ C:\WINDOWS\system32\vulkaninfo.exe
2023-12-21 12:51 - 2023-10-31 00:21 - 000713920 _____ C:\WINDOWS\SysWOW64\vulkaninfo-1-999-0-0-0.exe
2023-12-21 12:51 - 2023-10-31 00:21 - 000713920 _____ C:\WINDOWS\SysWOW64\vulkaninfo.exe
2023-12-21 12:51 - 2023-10-31 00:21 - 000653504 _____ C:\WINDOWS\system32\vulkan-1-999-0-0-0.dll
2023-12-21 12:51 - 2023-10-31 00:21 - 000653504 _____ C:\WINDOWS\system32\vulkan-1.dll
2023-12-21 12:51 - 2023-10-31 00:21 - 000637008 _____ C:\WINDOWS\SysWOW64\vulkan-1-999-0-0-0.dll
2023-12-21 12:51 - 2023-10-31 00:21 - 000637008 _____ C:\WINDOWS\SysWOW64\vulkan-1.dll
2023-12-21 12:51 - 2023-10-31 00:18 - 001537544 _____ (NVIDIA Corporation) C:\WINDOWS\system32\NvIFR64.dll
2023-12-21 12:51 - 2023-10-31 00:18 - 001195656 _____ (NVIDIA Corporation) C:\WINDOWS\SysWOW64\NvIFR.dll
2023-12-21 12:51 - 2023-10-31 00:18 - 000934536 _____ (NVIDIA Corporation) C:\WINDOWS\system32\nvml.dll
2023-12-21 12:51 - 2023-10-31 00:18 - 000776312 _____ (NVIDIA Corporation) C:\WINDOWS\system32\nvidia-smi.exe
2023-12-21 12:51 - 2023-10-31 00:18 - 000669320 _____ C:\WINDOWS\system32\nvofapi64.dll
2023-12-21 12:51 - 2023-10-31 00:18 - 000503824 _____ C:\WINDOWS\SysWOW64\nvofapi.dll
2023-12-21 12:51 - 2023-10-31 00:17 - 002167928 _____ (NVIDIA Corporation) C:\WINDOWS\system32\NvFBC64.dll
2023-12-21 12:51 - 2023-10-31 00:17 - 001621624 _____ (NVIDIA Corporation) C:\WINDOWS\SysWOW64\NvFBC.dll
2023-12-21 12:51 - 2023-10-31 00:17 - 000992376 _____ (NVIDIA Corporation) C:\WINDOWS\system32\nvEncodeAPI64.dll
2023-12-21 12:51 - 2023-10-31 00:17 - 000768632 _____ (NVIDIA Corporation) C:\WINDOWS\SysWOW64\nvEncodeAPI.dll
2023-12-21 12:51 - 2023-10-31 00:17 - 000459272 _____ (NVIDIA Corporation) C:\WINDOWS\system32\nvdebugdump.exe
2023-12-21 12:51 - 2023-10-31 00:16 - 014520864 _____ (NVIDIA Corporation) C:\WINDOWS\SysWOW64\nvcuvid.dll
2023-12-21 12:51 - 2023-10-31 00:16 - 012066312 _____ (NVIDIA Corporation) C:\WINDOWS\system32\nvcuvid.dll
2023-12-21 12:51 - 2023-10-31 00:16 - 006190624 _____ (NVIDIA Corporation) C:\WINDOWS\SysWOW64\nvcuda.dll
2023-12-21 12:51 - 2023-10-31 00:16 - 005845640 _____ (NVIDIA Corporation) C:\WINDOWS\system32\nvcpl.dll
2023-12-21 12:51 - 2023-10-31 00:16 - 005550088 _____ (NVIDIA Corporation) C:\WINDOWS\system32\nvcudadebugger.dll
2023-12-21 12:51 - 2023-10-31 00:16 - 003482632 _____ (NVIDIA Corporation) C:\WINDOWS\system32\nvcuda.dll
2023-12-21 12:51 - 2023-10-31 00:16 - 000853640 _____ (NVIDIA Corporation) C:\WINDOWS\system32\MCU.exe
2023-12-21 12:51 - 2023-10-31 00:15 - 006737608 _____ (NVIDIA Corporation) C:\WINDOWS\SysWOW64\nvapi.dll
2023-12-21 12:51 - 2023-10-30 23:42 - 000108077 _____ C:\WINDOWS\system32\nvinfo.pb
2023-12-21 10:53 - 2023-12-21 10:53 - 000693828 _____ C:\WINDOWS\system32\perfh005.dat
2023-12-21 10:53 - 2023-12-21 10:53 - 000143682 _____ C:\WINDOWS\system32\perfc005.dat
2023-12-21 00:32 - 2023-12-21 00:32 - 000000000 ___HD C:\OneDriveTemp
2023-12-20 07:19 - 2023-12-20 07:19 - 000690457 _____ C:\Users\troch\Downloads\Poukaz – A7PTF9IX.pdf
2023-12-20 07:19 - 2023-12-20 07:19 - 000689957 _____ C:\Users\troch\Downloads\Poukaz – NRRUBSNF.pdf
2023-12-20 07:12 - 2023-12-20 07:12 - 000217497 _____ C:\Users\troch\Downloads\eTicket_5579713.pdf
2023-12-18 06:46 - 2023-12-18 06:46 - 000662512 _____ C:\Users\troch\Downloads\priloha_1279572797_0_oznámení o PvN - Radek Troch (1).pdf
2023-12-17 11:00 - 2023-12-17 11:19 - 000484584 _____ C:\Users\troch\Downloads\STITEK POHAR.stl
2023-12-17 10:47 - 2023-12-17 10:50 - 000000000 ___HD C:\$WinREAgent
2023-12-12 20:24 - 2023-12-12 20:24 - 000662512 _____ C:\Users\troch\Downloads\priloha_1279572797_0_oznámení o PvN - Radek Troch.pdf
2023-12-11 19:38 - 2023-12-11 19:38 - 004700643 _____ C:\Users\troch\OneDrive\Plocha\medaile PB 3_0.4n_0.1mm_PLA_MINI_6h49m.bgcode
2023-12-11 19:37 - 2023-12-11 19:37 - 000407284 _____ C:\Users\troch\Downloads\medaile PB 3.stl
2023-12-11 19:31 - 2023-12-11 19:31 - 000405884 _____ C:\Users\troch\Downloads\medaile pb 1.stl
2023-12-11 18:23 - 2023-12-11 18:23 - 004405003 _____ C:\Users\troch\OneDrive\Plocha\Medaile1_0.4n_0.1mm_PLA_MINI_6h36m.bgcode
2023-12-11 18:08 - 2023-12-11 18:08 - 000389784 _____ C:\Users\troch\Downloads\Medaile1.stl
2023-12-11 18:05 - 2023-12-11 18:05 - 000710184 _____ C:\Users\troch\Downloads\Medaile .stl
2023-12-11 17:28 - 2023-12-11 17:28 - 000000000 ____D C:\Users\troch\Downloads\Mini Hockey Stick and Puck - 160811
2023-12-08 18:07 - 2023-12-26 17:40 - 000000000 ____D C:\Users\troch\Downloads\Photos-001 (2)
2023-12-07 21:14 - 2023-12-07 21:14 - 000000000 ____D C:\Program Files\Common Files\DESIGNER
2023-12-07 21:02 - 2023-12-07 21:02 - 000096084 _____ C:\Users\troch\Downloads\5mm.stl
2023-12-07 21:02 - 2023-12-07 21:02 - 000062284 _____ C:\Users\troch\Downloads\4mm.stl
2023-12-07 11:39 - 2023-12-07 11:27 - 001074981 _____ C:\Users\troch\OneDrive\Plocha\3mm_0.4n_0.15mm_PLA_MINI_2h54m.bgcode
2023-12-07 11:04 - 2023-12-07 11:04 - 000085384 _____ C:\Users\troch\Downloads\3mm.stl
2023-12-07 11:04 - 2023-12-07 11:04 - 000064184 _____ C:\Users\troch\Downloads\2mm.stl
2023-12-07 11:04 - 2023-12-07 11:04 - 000047984 _____ C:\Users\troch\Downloads\1mm.stl
2023-12-06 18:21 - 2023-12-06 18:21 - 000600429 _____ C:\Users\troch\Downloads\Troch.pdf
2023-12-06 11:23 - 2023-12-06 11:23 - 000000000 ____D C:\Users\troch\Downloads\Informace o stavu Vaseho pojisteni 3198908217
2023-12-06 09:59 - 2023-12-06 09:12 - 019512765 _____ C:\Users\troch\OneDrive\Plocha\spunt 65,5_0.4n_0.25mm_PLA_MINI_18h43m.bgcode
2023-12-06 09:10 - 2023-12-06 09:08 - 016231181 _____ C:\Users\troch\OneDrive\Plocha\spunt 53_0.4n_0.25mm_PLA_MINI_15h8m.bgcode
2023-12-05 10:44 - 2023-12-05 10:43 - 003387170 _____ C:\Users\troch\OneDrive\Plocha\spunt 53_0.4n_0.25mm_PLA_MINI_2h59m.bgcode
2023-12-05 10:43 - 2023-12-05 10:43 - 004056217 _____ C:\Users\troch\OneDrive\Plocha\spunt 65,5_0.4n_0.25mm_PLA_MINI_3h40m.bgcode
2023-12-05 10:43 - 2023-12-05 10:35 - 007283219 _____ C:\Users\troch\OneDrive\Plocha\spunt 53_0.4n_0.25mm_PLA_MINI_6h48m.bgcode

==================== One month (modified) ==================

(If an entry is included in the fixlist, the file/folder will be moved.)

2024-01-04 08:12 - 2022-05-07 06:24 - 000000000 ____D C:\ProgramData\regid.1991-06.com.microsoft
2024-01-04 08:11 - 2023-06-05 12:51 - 000000000 ____D C:\Users\troch\AppData\Roaming\PrusaSlicer
2024-01-04 08:04 - 2022-05-07 06:24 - 000000000 ___HD C:\Program Files\WindowsApps
2024-01-04 08:04 - 2022-05-07 06:24 - 000000000 ____D C:\WINDOWS\system32\SecurityHealth
2024-01-04 08:04 - 2022-05-07 06:24 - 000000000 ____D C:\WINDOWS\AppReadiness
2024-01-03 16:53 - 2022-05-07 06:24 - 000000000 ____D C:\WINDOWS\SystemTemp
2024-01-03 16:12 - 2023-08-08 15:51 - 000000000 ____D C:\Users\troch\AppData\Roaming\Microsoft\Excel
2024-01-03 15:45 - 2023-08-06 16:12 - 000000000 ____D C:\WINDOWS\system32\SleepStudy
2024-01-03 15:43 - 2022-05-07 06:22 - 000000000 ____D C:\WINDOWS\INF
2024-01-03 15:16 - 2023-06-05 12:15 - 000000000 ____D C:\Users\troch\AppData\Local\Autodesk
2024-01-03 15:04 - 2023-06-01 11:41 - 000000000 ____D C:\Program Files\Microsoft Office
2024-01-02 20:03 - 2023-06-01 11:23 - 000000000 ____D C:\Users\troch\AppData\Local\Packages
2023-12-23 00:02 - 2023-06-01 11:12 - 000002436 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Microsoft Edge.lnk
2023-12-21 12:52 - 2023-06-01 11:24 - 000000000 ____D C:\ProgramData\NVIDIA
2023-12-21 12:52 - 2023-06-01 11:24 - 000000000 ____D C:\Program Files\NVIDIA Corporation
2023-12-21 10:53 - 2023-08-06 16:16 - 001629494 _____ C:\WINDOWS\system32\PerfStringBackup.INI
2023-12-21 10:50 - 2023-06-01 11:23 - 000000000 ____D C:\Users\troch\AppData\Local\D3DSCache
2023-12-21 10:49 - 2022-05-07 06:24 - 000000000 ____D C:\ProgramData\USOPrivate
2023-12-21 00:32 - 2023-07-20 15:33 - 000000000 ____D C:\ProgramData\boost_interprocess
2023-12-21 00:32 - 2023-06-01 11:24 - 000000000 ___RD C:\Users\troch\OneDrive
2023-12-21 00:31 - 2023-08-06 16:18 - 000000006 ____H C:\WINDOWS\Tasks\SA.DAT
2023-12-21 00:31 - 2023-08-06 16:12 - 000455280 _____ C:\WINDOWS\system32\FNTCACHE.DAT
2023-12-21 00:31 - 2023-06-01 11:12 - 000012288 ___SH C:\DumpStack.log.tmp
2023-12-21 00:31 - 2022-05-07 06:24 - 000000000 ____D C:\WINDOWS\ServiceState
2023-12-21 00:30 - 2023-11-07 00:00 - 000000000 ____D C:\WINDOWS\system32\Microsoft-Edge-WebView
2023-12-21 00:30 - 2023-06-02 20:22 - 000000000 ____D C:\Program Files\Microsoft OneDrive
2023-12-21 00:30 - 2022-05-07 11:14 - 000000000 ____D C:\WINDOWS\InboxApps
2023-12-21 00:30 - 2022-05-07 11:14 - 000000000 ____D C:\Program Files\Windows Defender Advanced Threat Protection
2023-12-21 00:30 - 2022-05-07 06:24 - 000000000 ___RD C:\WINDOWS\ImmersiveControlPanel
2023-12-21 00:30 - 2022-05-07 06:24 - 000000000 ____D C:\WINDOWS\UUS
2023-12-21 00:30 - 2022-05-07 06:24 - 000000000 ____D C:\WINDOWS\SysWOW64\WinMetadata
2023-12-21 00:30 - 2022-05-07 06:24 - 000000000 ____D C:\WINDOWS\SysWOW64\Dism
2023-12-21 00:30 - 2022-05-07 06:24 - 000000000 ____D C:\WINDOWS\SystemResources
2023-12-21 00:30 - 2022-05-07 06:24 - 000000000 ____D C:\WINDOWS\system32\WinMetadata
2023-12-21 00:30 - 2022-05-07 06:24 - 000000000 ____D C:\WINDOWS\system32\oobe
2023-12-21 00:30 - 2022-05-07 06:24 - 000000000 ____D C:\WINDOWS\system32\HealthAttestationClient
2023-12-21 00:30 - 2022-05-07 06:24 - 000000000 ____D C:\WINDOWS\system32\Dism
2023-12-21 00:30 - 2022-05-07 06:24 - 000000000 ____D C:\WINDOWS\system32\appraiser
2023-12-21 00:30 - 2022-05-07 06:24 - 000000000 ____D C:\WINDOWS\ShellExperiences
2023-12-21 00:30 - 2022-05-07 06:24 - 000000000 ____D C:\WINDOWS\ShellComponents
2023-12-21 00:30 - 2022-05-07 06:24 - 000000000 ____D C:\WINDOWS\PolicyDefinitions
2023-12-21 00:30 - 2022-05-07 06:24 - 000000000 ____D C:\WINDOWS\bcastdvr
2023-12-21 00:30 - 2022-05-07 06:17 - 000786432 _____ C:\WINDOWS\system32\config\BBI
2023-12-21 00:30 - 2022-05-07 06:17 - 000000000 ____D C:\WINDOWS\servicing
2023-12-21 00:29 - 2023-08-06 16:13 - 000000000 ____D C:\Users\troch
2023-12-17 11:06 - 2022-05-07 06:17 - 000000000 ____D C:\WINDOWS\CbsTemp
2023-12-17 11:01 - 2023-08-06 16:16 - 003212800 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\PrintConfig.dll
2023-12-16 14:31 - 2023-08-06 16:18 - 000003596 _____ C:\WINDOWS\system32\Tasks\OneDrive Reporting Task-S-1-5-21-1976165619-2754625909-3318537033-1001
2023-12-16 14:31 - 2023-08-06 16:18 - 000003194 _____ C:\WINDOWS\system32\Tasks\OneDrive Per-Machine Standalone Update Task
2023-12-16 14:31 - 2023-06-01 11:50 - 000002130 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Programs\OneDrive.lnk
2023-12-09 15:31 - 2023-06-01 11:12 - 000000000 ____D C:\WINDOWS\system32\Drivers\wd
2023-12-07 21:15 - 2022-05-07 06:24 - 000000000 ____D C:\Program Files\Common Files\microsoft shared
2023-12-07 06:53 - 2023-06-21 18:14 - 000000000 ____D C:\Users\troch\AppData\Roaming\Microsoft\Word
2023-12-05 10:46 - 2023-11-22 16:52 - 000000000 ____D C:\Users\troch\OneDrive\Plocha\Pavel nabídky

==================== SigCheck ============================

(There is no automatic fix for files that do not pass verification.)

==================== End of FRST.txt ========================




Additional scan result of Farbar Recovery Scan Tool (x64) Version: 01.01.2024
Ran by troch (04-01-2024 08:13:16)
Running from C:\Users\troch\OneDrive\Plocha
Microsoft Windows 11 Pro for Workstations Version 22H2 22621.2861 (X64) (2023-08-06 15:18:57)
Boot Mode: Normal
==========================================================


==================== Accounts: =============================


(If an entry is included in the fixlist, it will be removed.)

Administrator (S-1-5-21-1976165619-2754625909-3318537033-500 - Administrator - Disabled)
DefaultAccount (S-1-5-21-1976165619-2754625909-3318537033-503 - Limited - Disabled)
Guest (S-1-5-21-1976165619-2754625909-3318537033-501 - Limited - Disabled)
troch (S-1-5-21-1976165619-2754625909-3318537033-1001 - Administrator - Enabled) => C:\Users\troch
WDAGUtilityAccount (S-1-5-21-1976165619-2754625909-3318537033-504 - Limited - Disabled)

==================== Security Center ========================

(If an entry is included in the fixlist, it will be removed.)

AV: Windows Defender (Enabled - Up to date) {D68DDC3A-831F-4fae-9E44-DA132C1ACF46}

==================== Installed Programs ======================

(Only the adware programs with "Hidden" flag could be added to the fixlist to unhide them. The adware programs should be uninstalled manually.)

3D-Tool V16 (HKLM-x32\...\3D-Tool V16) (Version: V16.00 - 3D-Tool GmbH & Co. KG)
AutoCAD Open in Desktop (HKLM\...\{E03EC70C-079C-4B5D-86D1-75759A46ED71}) (Version: 1.0.27.0 - Autodesk)
Autodesk App Manager (HKLM-x32\...\{8ECA94E8-BB0D-4E0C-AD18-817EA930E700}) (Version: 3.4.1 - Autodesk)
Autodesk AutoCAD 2024 – Čeština (Czech) (HKLM\...\{0A931BD6-E930-3242-9C98-038D50791164}) (Version: 24.3.61.0 - Autodesk, Inc.)
Autodesk Fusion 360 (HKU\S-1-5-21-1976165619-2754625909-3318537033-1001\...\73e72ada57b7480280f7a6f4a289729f) (Version: 2.0.17954 - Autodesk, Inc.)
Autodesk Genuine Service (HKLM\...\{E5AB199F-1837-453E-8A48-DC6366310F15}) (Version: 7.3.0.222 - Autodesk)
Autodesk Identity Manager (HKLM\...\Autodesk Identity Manager) (Version: 1.9.18.0 - Autodesk)
Autodesk Interoperability Engine Manager (HKLM\...\{412B8C29-F1BC-3791-A0BA-490A502077FA}) (Version: 1.1.0.28 - Autodesk.com) Hidden
Balíček ovladače systému Windows - Prusa Research s.r.o. Original Prusa CW1 (02/13/2013 1.0.0.0) (HKLM\...\B10CCB939D59F72AA817B257D84328FC4A1DC752) (Version: 02/13/2013 1.0.0.0 - Prusa Research s.r.o.)
Balíček ovladače systému Windows - Prusa Research s.r.o. Original Prusa i3 MK2 (02/13/2013 1.0.0.0) (HKLM\...\E6CFEF5357DD0E2F987E98779FD6603959DA391B) (Version: 02/13/2013 1.0.0.0 - Prusa Research s.r.o.)
Balíček ovladače systému Windows - Prusa Research s.r.o. Original Prusa i3 MK3 Multi Material 2.0 upgrade (02/13/2013 1.0.0.0) (HKLM\...\FA562E43945E7D9CAC76A811E49088FF2255A11A) (Version: 02/13/2013 1.0.0.0 - Prusa Research s.r.o.)
Balíček ovladače systému Windows - Prusa Research s.r.o. Prusa i3 Plus MK3 3D printer (02/13/2013 1.0.0.0) (HKLM\...\890B56493F7CACBCA0E70EA8EBFD9A18BC780C34) (Version: 02/13/2013 1.0.0.0 - Prusa Research s.r.o.)
Balíček ovladače systému Windows - UltiMachine 3D Printer (RAMBo) (02/13/2013 1.0.0.0) (HKLM\...\D77EC126405DC217C7BF7DA6669B51E297D5CF23) (Version: 02/13/2013 1.0.0.0 - UltiMachine)
blender (HKLM\...\{C6318CE0-4C79-469E-9097-6A75C0DD6589}) (Version: 3.5.1 - Blender Foundation)
Česká lokalizace pro Autodesk® Fusion 360 verze V8.2 (HKLM-x32\...\Česká lokalizace pro Autodesk® Fusion 360_is1) (Version: V8.2 - )
Dell Touchpad (HKLM\...\{9F72EF8B-AEC9-4CA5-B483-143980AFD6FD}) (Version: 10.3201.101.216 - ALPSALPINE CO., LTD.)
Glovius (HKLM\...\{85E2D4A1-7567-49A0-9BE1-613BA5031619}) (Version: 6.1.159 - HCL Technologies Ltd.)
Microsoft .NET Host - 6.0.8 (x64) (HKLM\...\{6950FA03-8B88-4675-B685-FB21CA1762CC}) (Version: 48.35.45462 - Microsoft Corporation) Hidden
Microsoft .NET Host FX Resolver - 6.0.8 (x64) (HKLM\...\{3C3CA326-3F1D-43B7-B0AD-CBC06B2DED5A}) (Version: 48.35.45462 - Microsoft Corporation) Hidden
Microsoft .NET Runtime - 6.0.8 (x64) (HKLM\...\{7CEA3ABF-FE24-42AF-ADE6-B4A3EE346743}) (Version: 48.35.45462 - Microsoft Corporation) Hidden
Microsoft ASP.NET Core 6.0.8 - Shared Framework (x64) (HKLM-x32\...\{1182f806-658a-4241-9202-d43e13bf2719}) (Version: 6.0.8.22363 - Microsoft Corporation)
Microsoft ASP.NET Core 6.0.8 Shared Framework (x64) (HKLM\...\{FA97D589-B37E-3B49-A8D2-4764029773FE}) (Version: 6.0.8.22363 - Microsoft Corporation) Hidden
Microsoft Edge (HKLM-x32\...\Microsoft Edge) (Version: 120.0.2210.91 - Microsoft Corporation)
Microsoft Edge WebView2 Runtime (HKLM-x32\...\Microsoft EdgeWebView) (Version: 120.0.2210.91 - Microsoft Corporation)
Microsoft Office 2019 pro studenty a domácnosti - cs-cz (HKLM\...\HomeStudent2019Retail - cs-cz) (Version: 16.0.17029.20108 - Microsoft Corporation)
Microsoft OneDrive (HKLM\...\OneDriveSetup.exe) (Version: 23.246.1127.0002 - Microsoft Corporation)
Microsoft Update Health Tools (HKLM\...\{C6FD611E-7EFE-488C-A0E0-974C09EF6473}) (Version: 5.72.0.0 - Microsoft Corporation)
Microsoft Visual C++ 2012 Redistributable (x64) - 11.0.61030 (HKLM-x32\...\{ca67548a-5ebe-413a-b50c-4b9ceb6d66c6}) (Version: 11.0.61030.0 - Microsoft Corporation)
Microsoft Visual C++ 2012 Redistributable (x86) - 11.0.61030 (HKLM-x32\...\{33d1fd90-4274-48a1-9bc1-97e33d9c2d6f}) (Version: 11.0.61030.0 - Microsoft Corporation)
Microsoft Visual C++ 2012 x64 Additional Runtime - 11.0.61030 (HKLM\...\{37B8F9C7-03FB-3253-8781-2517C99D7C00}) (Version: 11.0.61030 - Microsoft Corporation) Hidden
Microsoft Visual C++ 2012 x64 Minimum Runtime - 11.0.61030 (HKLM\...\{CF2BEA3C-26EA-32F8-AA9B-331F7E34BA97}) (Version: 11.0.61030 - Microsoft Corporation) Hidden
Microsoft Visual C++ 2012 x86 Additional Runtime - 11.0.61030 (HKLM-x32\...\{B175520C-86A2-35A7-8619-86DC379688B9}) (Version: 11.0.61030 - Microsoft Corporation) Hidden
Microsoft Visual C++ 2012 x86 Minimum Runtime - 11.0.61030 (HKLM-x32\...\{BD95A8CD-1D9F-35AD-981A-3E7925026EBB}) (Version: 11.0.61030 - Microsoft Corporation) Hidden
Microsoft Visual C++ 2015-2022 Redistributable (x64) - 14.34.31931 (HKLM-x32\...\{d4cecf3b-b68f-4995-8840-52ea0fab646e}) (Version: 14.34.31931.0 - Microsoft Corporation)
Microsoft Visual C++ 2015-2022 Redistributable (x86) - 14.34.31931 (HKLM-x32\...\{6ba9fb5e-8366-4cc4-bf65-25fe9819b2fc}) (Version: 14.34.31931.0 - Microsoft Corporation)
Microsoft Visual C++ 2022 X64 Additional Runtime - 14.34.31931 (HKLM\...\{EAE242B1-0A26-485A-BFEB-0292EE9F03CB}) (Version: 14.34.31931 - Microsoft Corporation) Hidden
Microsoft Visual C++ 2022 X64 Minimum Runtime - 14.34.31931 (HKLM\...\{CF4C347D-954E-4543-88D2-EC17F07F466F}) (Version: 14.34.31931 - Microsoft Corporation) Hidden
Microsoft Visual C++ 2022 X86 Additional Runtime - 14.34.31931 (HKLM-x32\...\{C2662EFF-06E6-4FD1-9D6D-FDCA91025757}) (Version: 14.34.31931 - Microsoft Corporation) Hidden
Microsoft Visual C++ 2022 X86 Minimum Runtime - 14.34.31931 (HKLM-x32\...\{AB1BDF73-7393-42CE-812D-9A90918814D5}) (Version: 14.34.31931 - Microsoft Corporation) Hidden
Microsoft Windows Desktop Runtime - 6.0.8 (x64) (HKLM\...\{EB3983F9-3D60-456D-A11A-C1366C79AD3E}) (Version: 48.35.45540 - Microsoft Corporation) Hidden
Microsoft Windows Desktop Runtime - 6.0.8 (x64) (HKLM-x32\...\{ca35acb3-b442-44fb-924c-4448120bf689}) (Version: 6.0.8.31518 - Microsoft Corporation)
NVIDIA Ovladače grafiky 536.45 (HKLM\...\{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_Display.Driver) (Version: 536.45 - NVIDIA Corporation)
Office 16 Click-to-Run Extensibility Component (HKLM\...\{90160000-008C-0000-1000-0000000FF1CE}) (Version: 16.0.17029.20000 - Microsoft Corporation) Hidden
Office 16 Click-to-Run Licensing Component (HKLM\...\{90160000-007E-0000-1000-0000000FF1CE}) (Version: 16.0.17029.20068 - Microsoft Corporation) Hidden
PrusaSlicer verze 2.7.0 (HKLM\...\PrusaSlicer_is1) (Version: 2.7.0 - Prusa Research s.r.o.)
Speciální aplikace Autodesk (HKLM-x32\...\{00A2237F-C1A4-4498-8B21-24CA66D8C756}) (Version: 3.4.1 - Autodesk)
Uložit do služby Autodesk Web and Mobile (HKLM\...\{AC9D2EAD-0DA0-4E0B-8672-546F5B1E6E73}) (Version: 3.0.31 - Autodesk)

Packages:
=========
Dev Home -> C:\Program Files\WindowsApps\Microsoft.Windows.DevHome_0.800.344.0_x64__8wekyb3d8bbwe [2023-12-20] (Microsoft Corporation)
Microsoft Teams Play Together -> C:\Program Files\WindowsApps\Microsoft.TeamsXboxGameBarWidget_1.0.22.0_x64__8wekyb3d8bbwe [2023-12-21] (Microsoft Corporation)
Microsoft.WindowsAppRuntime.CBS -> C:\WINDOWS\SystemApps\Microsoft.WindowsAppRuntime.CBS_8wekyb3d8bbwe [2023-12-21] (Microsoft Corporation)
NVIDIA Control Panel -> C:\Program Files\WindowsApps\NVIDIACorp.NVIDIAControlPanel_8.1.964.0_x64__56jybvy8sckqj [2023-08-06] (NVIDIA Corp.)
Solitaire & Casual Games -> C:\Program Files\WindowsApps\Microsoft.MicrosoftSolitaireCollection_4.18.11020.0_x64__8wekyb3d8bbwe [2023-11-20] (Microsoft Studios) [MS Ad]
WhatsApp -> C:\Program Files\WindowsApps\5319275A.WhatsAppDesktop_2.2349.2.0_x64__cv1g1gvanyjgm [2023-12-21] (WhatsApp Inc.) [Startup Task]
Windows Feature Experience Pack -> C:\WINDOWS\SystemApps\MicrosoftWindows.Client.FileExp_cw5n1h2txyewy [2023-12-21] (Microsoft Corporation)

==================== Custom CLSID (Whitelisted): ==============

(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)

CustomCLSID: HKU\S-1-5-21-1976165619-2754625909-3318537033-1001_Classes\CLSID\{169B5B8E-E315-41C7-9574-66FC7E530D10}\localserver32 -> C:\Program Files\Autodesk\AutoCAD 2024\acad.exe (Autodesk, Inc. -> Autodesk, Inc.)
CustomCLSID: HKU\S-1-5-21-1976165619-2754625909-3318537033-1001_Classes\CLSID\{345D3165-3889-4694-AB75-A91A27B217E8}\localserver32 -> C:\Program Files\Autodesk\AutoCAD 2024\acad.exe (Autodesk, Inc. -> Autodesk, Inc.)
CustomCLSID: HKU\S-1-5-21-1976165619-2754625909-3318537033-1001_Classes\CLSID\{8B4929F8-076F-4AEC-AFEE-8928747B7AE3}\localserver32 -> C:\Program Files\Autodesk\AutoCAD 2024\acad.exe (Autodesk, Inc. -> Autodesk, Inc.)
CustomCLSID: HKU\S-1-5-21-1976165619-2754625909-3318537033-1001_Classes\CLSID\{AA46BA8A-9825-40FD-8493-0BA3C4D5CEB5}\localserver32 -> C:\Program Files\Autodesk\AutoCAD 2024\acad.exe (Autodesk, Inc. -> Autodesk, Inc.)
CustomCLSID: HKU\S-1-5-21-1976165619-2754625909-3318537033-1001_Classes\CLSID\{AF18D91C-A699-4578-ADC6-972F3BA007F0}\localserver32 -> C:\Program Files\Autodesk\AutoCAD 2024\acad.exe (Autodesk, Inc. -> Autodesk, Inc.)
CustomCLSID: HKU\S-1-5-21-1976165619-2754625909-3318537033-1001_Classes\CLSID\{C4F0910E-E0B4-4E68-8086-452730C7A26A}\InprocServer32 -> C:\Users\troch\AppData\Local\Autodesk\webdeploy\production\b0c303e70bd97cfdc195adab65922cfeffcb363a\NPreview10.dll (Autodesk, Inc. -> )
CustomCLSID: HKU\S-1-5-21-1976165619-2754625909-3318537033-1001_Classes\CLSID\{E2C40589-DE61-11ce-BAE0-0020AF6D7005}\InprocServer32 -> C:\Program Files\Autodesk\AutoCAD 2024\cs-CZ\acadficn.dll (Autodesk Asia Pte. Ltd. -> Autodesk, Inc.)
CustomCLSID: HKU\S-1-5-21-1976165619-2754625909-3318537033-1001_Classes\CLSID\{FAAFCC88-D74A-427A-88E2-516814949B6F}\localserver32 -> C:\Program Files\Glovius\Glovius\glovius.exe (HCL America Inc. -> HCL Technologies Ltd.)
ShellIconOverlayIdentifiers: [ OneDrive1] -> {BBACC218-34EA-4666-9D7A-C78F2274A524} => C:\Program Files\Microsoft OneDrive\23.246.1127.0002\FileSyncShell64.dll [2023-12-16] (Microsoft Corporation -> Microsoft Corporation)
ShellIconOverlayIdentifiers: [ OneDrive2] -> {5AB7172C-9C11-405C-8DD5-AF20F3606282} => C:\Program Files\Microsoft OneDrive\23.246.1127.0002\FileSyncShell64.dll [2023-12-16] (Microsoft Corporation -> Microsoft Corporation)
ShellIconOverlayIdentifiers: [ OneDrive3] -> {A78ED123-AB77-406B-9962-2A5D9D2F7F30} => C:\Program Files\Microsoft OneDrive\23.246.1127.0002\FileSyncShell64.dll [2023-12-16] (Microsoft Corporation -> Microsoft Corporation)
ShellIconOverlayIdentifiers: [ OneDrive4] -> {F241C880-6982-4CE5-8CF7-7085BA96DA5A} => C:\Program Files\Microsoft OneDrive\23.246.1127.0002\FileSyncShell64.dll [2023-12-16] (Microsoft Corporation -> Microsoft Corporation)
ShellIconOverlayIdentifiers: [ OneDrive5] -> {A0396A93-DC06-4AEF-BEE9-95FFCCAEF20E} => C:\Program Files\Microsoft OneDrive\23.246.1127.0002\FileSyncShell64.dll [2023-12-16] (Microsoft Corporation -> Microsoft Corporation)
ShellIconOverlayIdentifiers: [ OneDrive6] -> {9AA2F32D-362A-42D9-9328-24A483E2CCC3} => C:\Program Files\Microsoft OneDrive\23.246.1127.0002\FileSyncShell64.dll [2023-12-16] (Microsoft Corporation -> Microsoft Corporation)
ShellIconOverlayIdentifiers: [ OneDrive7] -> {C5FF006E-2AE9-408C-B85B-2DFDD5449D9C} => C:\Program Files\Microsoft OneDrive\23.246.1127.0002\FileSyncShell64.dll [2023-12-16] (Microsoft Corporation -> Microsoft Corporation)
ShellIconOverlayIdentifiers: [AutoCAD Digital Signatures Icon Overlay Handler] -> {36A21736-36C2-4C11-8ACB-D4136F2B57BD} => C:\WINDOWS\system32\AcSignIcon.dll [2023-07-20] (Autodesk, Inc. -> Autodesk, Inc.)
ShellIconOverlayIdentifiers-x32: [ OneDrive1] -> {BBACC218-34EA-4666-9D7A-C78F2274A524} => C:\Program Files\Microsoft OneDrive\23.246.1127.0002\FileSyncShell64.dll [2023-12-16] (Microsoft Corporation -> Microsoft Corporation)
ShellIconOverlayIdentifiers-x32: [ OneDrive2] -> {5AB7172C-9C11-405C-8DD5-AF20F3606282} => C:\Program Files\Microsoft OneDrive\23.246.1127.0002\FileSyncShell64.dll [2023-12-16] (Microsoft Corporation -> Microsoft Corporation)
ShellIconOverlayIdentifiers-x32: [ OneDrive3] -> {A78ED123-AB77-406B-9962-2A5D9D2F7F30} => C:\Program Files\Microsoft OneDrive\23.246.1127.0002\FileSyncShell64.dll [2023-12-16] (Microsoft Corporation -> Microsoft Corporation)
ShellIconOverlayIdentifiers-x32: [ OneDrive4] -> {F241C880-6982-4CE5-8CF7-7085BA96DA5A} => C:\Program Files\Microsoft OneDrive\23.246.1127.0002\FileSyncShell64.dll [2023-12-16] (Microsoft Corporation -> Microsoft Corporation)
ShellIconOverlayIdentifiers-x32: [ OneDrive5] -> {A0396A93-DC06-4AEF-BEE9-95FFCCAEF20E} => C:\Program Files\Microsoft OneDrive\23.246.1127.0002\FileSyncShell64.dll [2023-12-16] (Microsoft Corporation -> Microsoft Corporation)
ShellIconOverlayIdentifiers-x32: [ OneDrive6] -> {9AA2F32D-362A-42D9-9328-24A483E2CCC3} => C:\Program Files\Microsoft OneDrive\23.246.1127.0002\FileSyncShell64.dll [2023-12-16] (Microsoft Corporation -> Microsoft Corporation)
ShellIconOverlayIdentifiers-x32: [ OneDrive7] -> {C5FF006E-2AE9-408C-B85B-2DFDD5449D9C} => C:\Program Files\Microsoft OneDrive\23.246.1127.0002\FileSyncShell64.dll [2023-12-16] (Microsoft Corporation -> Microsoft Corporation)
ContextMenuHandlers1: [ FileSyncEx] -> {CB3D0F55-BC2C-4C1A-85ED-23ED75B5106B} => C:\Program Files\Microsoft OneDrive\23.246.1127.0002\FileSyncShell64.dll [2023-12-16] (Microsoft Corporation -> Microsoft Corporation)
ContextMenuHandlers1: [AcShellExtension.AcContextMenuHandler] -> {2E7A2C6C-B938-40a4-BA1C-C7EC982DC202} => C:\Program Files\Common Files\Autodesk Shared\AcShellEx\AcShellExtension.dll [2023-07-20] (Autodesk, Inc. -> Autodesk)
ContextMenuHandlers4: [ FileSyncEx] -> {CB3D0F55-BC2C-4C1A-85ED-23ED75B5106B} => C:\Program Files\Microsoft OneDrive\23.246.1127.0002\FileSyncShell64.dll [2023-12-16] (Microsoft Corporation -> Microsoft Corporation)
ContextMenuHandlers5: [ FileSyncEx] -> {CB3D0F55-BC2C-4C1A-85ED-23ED75B5106B} => C:\Program Files\Microsoft OneDrive\23.246.1127.0002\FileSyncShell64.dll [2023-12-16] (Microsoft Corporation -> Microsoft Corporation)
ContextMenuHandlers5: [NvCplDesktopContext] -> {3D1975AF-48C6-4f8e-A182-BE0E08FA86A9} => C:\WINDOWS\System32\DriverStore\FileRepository\nvdm.inf_amd64_1a23b5002e352bab\nvshext.dll [2023-10-31] (NVIDIA Corporation -> NVIDIA Corporation)

==================== Codecs (Whitelisted) ====================

==================== Shortcuts & WMI ========================

==================== Loaded Modules (Whitelisted) =============

2023-12-21 00:32 - 2023-12-21 00:32 - 000357888 ____N () [File not signed] \\?\C:\Users\troch\AppData\Local\Temp\50ef406a-7e65-4de0-9fd1-6a77f40d54bd.tmp.node
2023-12-21 00:32 - 2023-12-21 00:32 - 000915456 ____N () [File not signed] \\?\C:\Users\troch\AppData\Local\Temp\56358953-0ad5-4e24-bdbc-1de4b686f664.tmp.node

==================== Alternate Data Streams (Whitelisted) ========

==================== Safe Mode (Whitelisted) ==================

==================== Association (Whitelisted) =================

(If an entry is included in the fixlist, the registry item will be restored to default or removed.)

HKU\S-1-5-21-1976165619-2754625909-3318537033-1001\Software\Classes\.scr: AutoCADScriptFile =>

==================== Internet Explorer (Whitelisted) ==========

BHO-x32: Skype for Business Browser Helper -> {31D09BA0-12F5-4CCE-BE8A-2923E76605DA} -> C:\Program Files\Microsoft Office\root\VFS\ProgramFilesX86\Microsoft Office\Office16\OCHelper.dll [2023-12-07] (Microsoft Corporation -> Microsoft Corporation)
Handler: mso-minsb-roaming.16 - {83C25742-A9F7-49FB-9138-434302C88D07} - C:\Program Files\Microsoft Office\root\Office16\MSOSB.DLL [2023-12-07] (Microsoft Corporation -> Microsoft Corporation)
Handler-x32: mso-minsb-roaming.16 - {83C25742-A9F7-49FB-9138-434302C88D07} - C:\Program Files\Microsoft Office\root\VFS\ProgramFilesX86\Microsoft Office\Office16\MSOSB.DLL [2023-12-07] (Microsoft Corporation -> Microsoft Corporation)
Handler: mso-minsb.16 - {42089D2D-912D-4018-9087-2B87803E93FB} - C:\Program Files\Microsoft Office\root\Office16\MSOSB.DLL [2023-12-07] (Microsoft Corporation -> Microsoft Corporation)
Handler-x32: mso-minsb.16 - {42089D2D-912D-4018-9087-2B87803E93FB} - C:\Program Files\Microsoft Office\root\VFS\ProgramFilesX86\Microsoft Office\Office16\MSOSB.DLL [2023-12-07] (Microsoft Corporation -> Microsoft Corporation)
Handler: osf-roaming.16 - {42089D2D-912D-4018-9087-2B87803E93FB} - C:\Program Files\Microsoft Office\root\Office16\MSOSB.DLL [2023-12-07] (Microsoft Corporation -> Microsoft Corporation)
Handler-x32: osf-roaming.16 - {42089D2D-912D-4018-9087-2B87803E93FB} - C:\Program Files\Microsoft Office\root\VFS\ProgramFilesX86\Microsoft Office\Office16\MSOSB.DLL [2023-12-07] (Microsoft Corporation -> Microsoft Corporation)
Handler: osf.16 - {5504BE45-A83B-4808-900A-3A5C36E7F77A} - C:\Program Files\Microsoft Office\root\Office16\MSOSB.DLL [2023-12-07] (Microsoft Corporation -> Microsoft Corporation)
Handler-x32: osf.16 - {5504BE45-A83B-4808-900A-3A5C36E7F77A} - C:\Program Files\Microsoft Office\root\VFS\ProgramFilesX86\Microsoft Office\Office16\MSOSB.DLL [2023-12-07] (Microsoft Corporation -> Microsoft Corporation)

==================== Hosts content: =========================

(If needed Hosts: directive could be included in the fixlist to reset Hosts.)

2019-12-07 10:14 - 2019-12-07 10:12 - 000000824 _____ C:\WINDOWS\system32\drivers\etc\hosts

==================== Other Areas ===========================

(Currently there is no automatic fix for this section.)

HKU\S-1-5-21-1976165619-2754625909-3318537033-1001\Control Panel\Desktop\\Wallpaper -> C:\Windows\web\wallpaper\Windows\img0.jpg
DNS Servers: 10.0.0.138
HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Policies\System => (ConsentPromptBehaviorAdmin: 5) (ConsentPromptBehaviorUser: 3) (EnableLUA: 1)
Windows Firewall is enabled.

==================== MSCONFIG/TASK MANAGER disabled items ==

==================== FirewallRules (Whitelisted) ================

(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)

FirewallRules: [{D73DAAAB-8891-4DC5-B3FE-50A1329128D2}] => (Allow) C:\Program Files\WindowsApps\MicrosoftTeams_23335.205.2559.726_x64__8wekyb3d8bbwe\msteams.exe (Microsoft Corporation -> Microsoft Corporation)
FirewallRules: [{143360FC-D663-4B28-A7A2-CFCBD83E9368}] => (Allow) C:\Program Files\WindowsApps\MicrosoftTeams_23335.205.2559.726_x64__8wekyb3d8bbwe\msteams.exe (Microsoft Corporation -> Microsoft Corporation)
FirewallRules: [{FC3E62C4-D283-41EB-A8FB-0D106E4AC7D5}] => (Allow) C:\Program Files (x86)\Microsoft\EdgeWebView\Application\120.0.2210.77\msedgewebview2.exe (Microsoft Corporation -> Microsoft Corporation)
FirewallRules: [{064A06CF-D0D8-4F6A-9DD7-5ADCF931B5F2}] => (Allow) C:\Program Files\WindowsApps\Microsoft.SkypeApp_15.110.3218.0_x64__kzf8qxf38zg5c\Skype\Skype.exe (Skype Software Sarl -> Skype Technologies S.A.)
FirewallRules: [{FC0BC749-DC21-4DE2-BC01-8A76F9272425}] => (Allow) C:\Program Files\WindowsApps\Microsoft.SkypeApp_15.110.3218.0_x64__kzf8qxf38zg5c\Skype\Skype.exe (Skype Software Sarl -> Skype Technologies S.A.)
FirewallRules: [{1705DD3C-DD05-42A2-8918-2C1EF1E8E9FC}] => (Allow) C:\Program Files\WindowsApps\Microsoft.SkypeApp_15.110.3218.0_x64__kzf8qxf38zg5c\Skype\Skype.exe (Skype Software Sarl -> Skype Technologies S.A.)
FirewallRules: [{7B76EB5E-A26C-4AB6-AF1C-AB71D2D4B333}] => (Allow) C:\Program Files\WindowsApps\Microsoft.SkypeApp_15.110.3218.0_x64__kzf8qxf38zg5c\Skype\Skype.exe (Skype Software Sarl -> Skype Technologies S.A.)
FirewallRules: [{00B84232-73FD-4F41-A7E8-241CEC914C3F}] => (Allow) C:\Program Files (x86)\Microsoft\EdgeWebView\Application\120.0.2210.91\msedgewebview2.exe (Microsoft Corporation -> Microsoft Corporation)

==================== Restore Points =========================

21-12-2023 12:51:05 Windows Update
03-01-2024 15:43:51 Windows Update

==================== Faulty Device Manager Devices ============

Name: Broadcom NFP
Description: Broadcom NFP
Class Guid:
Manufacturer:
Service:
Problem: : The drivers for this device are not installed. (Code 28)
Resolution: To install the drivers for this device, click "Update Driver", which starts the Hardware Update wizard.

Name: Waves Audio Effects Component
Description: Waves Audio Effects Component
Class Guid:
Manufacturer:
Service:
Problem: : The drivers for this device are not installed. (Code 28)
Resolution: To install the drivers for this device, click "Update Driver", which starts the Hardware Update wizard.

Name: Broadcom USH w/touch sensor
Description: Broadcom USH w/touch sensor
Class Guid:
Manufacturer:
Service:
Problem: : The drivers for this device are not installed. (Code 28)
Resolution: To install the drivers for this device, click "Update Driver", which starts the Hardware Update wizard.

Name: Zařízení PCI
Description: Zařízení PCI
Class Guid:
Manufacturer:
Service:
Problem: : The drivers for this device are not installed. (Code 28)
Resolution: To install the drivers for this device, click "Update Driver", which starts the Hardware Update wizard.

Name:
Description:
Class Guid:
Manufacturer:
Service:
Problem: : The drivers for this device are not installed. (Code 28)
Resolution: To install the drivers for this device, click "Update Driver", which starts the Hardware Update wizard.

Name:
Description:
Class Guid:
Manufacturer:
Service:
Problem: : The drivers for this device are not installed. (Code 28)
Resolution: To install the drivers for this device, click "Update Driver", which starts the Hardware Update wizard.


==================== Event log errors: ========================

Application errors:
==================
Error: (12/21/2023 12:32:22 AM) (Source: Microsoft-Windows-AppModel-State) (EventID: 13) (User: DESKTOP-0GLAP62)
Description: C:\Users\troch\AppData\Local\Publishers\8wekyb3d8bbwe\TeamsSharedConfigMicrosoftTeams_8wekyb3d8bbwe-2147024894

Error: (12/21/2023 12:30:36 AM) (Source: VSS) (EventID: 13) (User: )
Description: Informace služby Stínová kopie svazku: Server COM s identifikátorem CLSID {4e14fba2-2e22-11d1-9964-00c04fbbb345} a názvem CEventSystem nelze spustit. [0x8007045b, Probíhá vypnutí systému.]

Error: (12/21/2023 12:30:36 AM) (Source: VSS) (EventID: 8193) (User: )
Description: Chyba služby Stínová kopie svazků: Při volání rutiny CoCreateInstance došlo k neočekávané chybě. hr= 0x8007045b, Probíhá vypnutí systému..

Error: (12/21/2023 12:30:36 AM) (Source: VSS) (EventID: 13) (User: )
Description: Informace služby Stínová kopie svazku: Server COM s identifikátorem CLSID {4e14fba2-2e22-11d1-9964-00c04fbbb345} a názvem CEventSystem nelze spustit. [0x8007045b, Probíhá vypnutí systému.]

Error: (12/20/2023 07:12:47 AM) (Source: Application Hang) (EventID: 1002) (User: NT AUTHORITY)
Description: Verze 10.0.22621.2506 programu SystemSettings.exe ukončila interakci se systémem Windows a byla ukončena. Pokud chcete zjistit, zda jsou k dispozici další informace o problému, zkontrolujte historii problémů v ovládacím panelu Zabezpečení a údržba.

Error: (12/18/2023 10:21:38 AM) (Source: Microsoft-Windows-AppModel-State) (EventID: 13) (User: DESKTOP-0GLAP62)
Description: C:\Users\troch\AppData\Local\Publishers\8wekyb3d8bbwe\TeamsSharedConfigMicrosoftTeams_8wekyb3d8bbwe-2147024894

Error: (12/17/2023 10:44:00 AM) (Source: Application Error) (EventID: 1000) (User: DESKTOP-0GLAP62)
Description: Název chybující aplikace: Widgets.exe, verze: 421.20070.2010.0, časové razítko: 0x654405cc
Název chybujícího modulu: Widgets.exe, verze: 421.20070.2010.0, časové razítko: 0x654405cc
Kód výjimky: 0xc0000005
Posun chyby: 0x0000000000157d7b
ID chybujícího procesu: 0x0x20e4
Čas spuštění chybující aplikace: 0x0x1da1e25b3984786
Cesta k chybující aplikaci: C:\Program Files\WindowsApps\MicrosoftWindows.Client.WebExperience_423.30700.0.0_x64__cw5n1h2txyewy\Dashboard\Widgets.exe
Cesta k chybujícímu modulu: C:\Program Files\WindowsApps\MicrosoftWindows.Client.WebExperience_423.30700.0.0_x64__cw5n1h2txyewy\Dashboard\Widgets.exe
ID zprávy: b19d1965-d1fb-4bd5-ba77-dfcfbb461179
Úplný název chybujícího balíčku: MicrosoftWindows.Client.WebExperience_423.30700.0.0_x64__cw5n1h2txyewy
ID aplikace související s chybujícím balíčkem: Widgets

Error: (12/03/2023 08:40:25 AM) (Source: Microsoft-Windows-AppModel-State) (EventID: 13) (User: DESKTOP-0GLAP62)
Description: C:\Users\troch\AppData\Local\Publishers\8wekyb3d8bbwe\TeamsSharedConfigMicrosoftTeams_8wekyb3d8bbwe-2147024894


System errors:
=============
Error: (01/03/2024 03:10:03 PM) (Source: Ntfs) (EventID: 55) (User: NT AUTHORITY)
Description: Ve struktuře systému souborů na svazku D: bylo zjištěno poškození.

Přesná povaha poškození není známa. Je potřeba zkontrolovat a opravit struktury systému souborů v online režimu.

Error: (01/03/2024 03:10:00 PM) (Source: Service Control Manager) (EventID: 7011) (User: )
Description: Při čekání na odezvu transakce služby WSearch bylo dosaženo časového limitu (30000 ms).

Error: (01/03/2024 03:08:57 PM) (Source: disk) (EventID: 154) (User: )
Description: Vstupně-výstupní operace na adrese logického bloku 0x0 pro disk 1 se nezdařila z důvodu hardwarové chyby (název PDO: \Device\000000f0).

Error: (01/03/2024 03:05:35 PM) (Source: disk) (EventID: 154) (User: )
Description: Vstupně-výstupní operace na adrese logického bloku 0x0 pro disk 1 se nezdařila z důvodu hardwarové chyby (název PDO: \Device\000000f0).

Error: (01/03/2024 03:05:35 PM) (Source: disk) (EventID: 154) (User: )
Description: Vstupně-výstupní operace na adrese logického bloku 0x0 pro disk 1 se nezdařila z důvodu hardwarové chyby (název PDO: \Device\000000f0).

Error: (12/20/2023 07:16:50 AM) (Source: Microsoft-Windows-WindowsUpdateClient) (EventID: 20) (User: NT AUTHORITY)
Description: Instalace se nezdařila: Instalování následující aktualizace se nezdařilo z důvodu chyby (0x80073d02): 9NMPJ99VJBWV-Microsoft.YourPhone.

Error: (12/20/2023 07:14:46 AM) (Source: Microsoft-Windows-WindowsUpdateClient) (EventID: 20) (User: NT AUTHORITY)
Description: Instalace se nezdařila: Instalování následující aktualizace se nezdařilo z důvodu chyby (0x80073d02): 9NKSQGP7F2NH-5319275A.WhatsAppDesktop.

Error: (12/20/2023 07:13:20 AM) (Source: Microsoft-Windows-WindowsUpdateClient) (EventID: 20) (User: NT AUTHORITY)
Description: Instalace se nezdařila: Instalování následující aktualizace se nezdařilo z důvodu chyby (0x80073d02): 9WZDNCRFHVQM-MICROSOFT.WINDOWSCOMMUNICATIONSAPPS.


Windows Defender:
================
Date: 2024-01-03 16:17:42
Description:
Prohledávání Antivirová ochrana v programu Microsoft Defender bylo zastaveno před dokončením.
ID prohledávání: {BC7A4C97-4C06-4EF5-8498-9887B62D37C7}
Typ prohledávání: Antimalwarový program
Parametry prohledávání: Rychlé prohledávání
Uživatel: NT AUTHORITY\SYSTEM

Date: 2024-01-02 16:40:44
Description:
Prohledávání Antivirová ochrana v programu Microsoft Defender bylo zastaveno před dokončením.
ID prohledávání: {B663B74A-ABBC-4DC0-800E-4024D715CC4D}
Typ prohledávání: Antimalwarový program
Parametry prohledávání: Rychlé prohledávání
Uživatel: NT AUTHORITY\SYSTEM

Date: 2023-12-22 16:38:02
Description:
Prohledávání Antivirová ochrana v programu Microsoft Defender bylo zastaveno před dokončením.
ID prohledávání: {55BB0431-974B-4B55-BC43-83650C3F98D8}
Typ prohledávání: Antimalwarový program
Parametry prohledávání: Rychlé prohledávání
Uživatel: NT AUTHORITY\SYSTEM

Date: 2023-12-21 12:51:06
Description:
Prohledávání Antivirová ochrana v programu Microsoft Defender bylo zastaveno před dokončením.
ID prohledávání: {FE426332-3186-40B7-B189-F4172E98E289}
Typ prohledávání: Antimalwarový program
Parametry prohledávání: Rychlé prohledávání
Uživatel: NT AUTHORITY\SYSTEM

Date: 2023-12-12 19:01:03
Description:
Prohledávání Antivirová ochrana v programu Microsoft Defender bylo zastaveno před dokončením.
ID prohledávání: {9F725EBB-5D3A-4C9B-A64F-E9850681FE4B}
Typ prohledávání: Antimalwarový program
Parametry prohledávání: Rychlé prohledávání
Uživatel: NT AUTHORITY\SYSTEM

CodeIntegrity:
===============
Date: 2023-11-24 08:39:27
Description:
Code Integrity determined that a process (\Device\HarddiskVolume3\ProgramData\Microsoft\Windows Defender\Platform\4.18.23100.2009-0\MsMpEng.exe) attempted to load \Device\HarddiskVolume3\Program Files\Microsoft Office\root\vfs\ProgramFilesCommonX64\Microsoft Shared\Office16\MSOXMLMF.DLL that did not meet the Custom 3 / Antimalware signing level requirements.

Date: 2023-10-05 20:19:35
Description:
Code Integrity determined that a process (\Device\HarddiskVolume3\ProgramData\Microsoft\Windows Defender\Platform\4.18.23090.2008-0\MsMpEng.exe) attempted to load \Device\HarddiskVolume3\Program Files\Microsoft Office\root\vfs\ProgramFilesCommonX64\Microsoft Shared\Office16\MSOXMLMF.DLL that did not meet the Custom 3 / Antimalware signing level requirements.

Date: 2023-09-22 16:23:15
Description:
Code Integrity determined that a process (\Device\HarddiskVolume3\ProgramData\Microsoft\Windows Defender\Platform\4.18.23080.2006-0\MsMpEng.exe) attempted to load \Device\HarddiskVolume3\Program Files\Microsoft Office\root\vfs\ProgramFilesCommonX64\Microsoft Shared\Office16\MSOXMLMF.DLL that did not meet the Custom 3 / Antimalware signing level requirements.

Date: 2023-08-10 00:28:00
Description:
Code Integrity determined that a process (\Device\HarddiskVolume3\ProgramData\Microsoft\Windows Defender\Platform\4.18.23070.1004-0\MsMpEng.exe) attempted to load \Device\HarddiskVolume3\Program Files\Microsoft Office\root\vfs\ProgramFilesCommonX64\Microsoft Shared\Office16\MSOXMLMF.DLL that did not meet the Custom 3 / Antimalware signing level requirements.

Date: 2023-08-08 18:42:16
Description:
Code Integrity determined that a process (\Device\HarddiskVolume3\ProgramData\Microsoft\Windows Defender\Platform\4.18.23050.9-0\MsMpEng.exe) attempted to load \Device\HarddiskVolume3\Program Files\Microsoft Office\root\vfs\ProgramFilesCommonX64\Microsoft Shared\Office16\MSOXMLMF.DLL that did not meet the Custom 3 / Antimalware signing level requirements.


==================== Memory info ===========================

BIOS: Dell Inc. 1.8.2 04/26/2019
Motherboard: Dell Inc. 0C1D71
Processor: Intel(R) Xeon(R) E-2186M CPU @ 2.90GHz
Percentage of memory in use: 28%
Total physical RAM: 32600.21 MB
Available physical RAM: 23376.83 MB
Total Virtual: 34648.21 MB
Available Virtual: 22580.68 MB

==================== Drives ================================

Drive c: () (Fixed) (Total:953.08 GB) (Free:859.9 GB) (Model: NVMe PC401 NVMe SK hy) NTFS

\\?\Volume{31776275-5799-4db3-8d4c-78331b8ca0b0}\ () (Fixed) (Total:0.68 GB) (Free:0.07 GB) NTFS
\\?\Volume{8bc3efc1-e7ad-4d97-8568-2f00a833f131}\ () (Fixed) (Total:0.09 GB) (Free:0.07 GB) FAT32

==================== MBR & Partition Table ====================

==========================================================
Disk: 0 (Protective MBR) (Size: 953.9 GB) (Disk ID: 00000000)

Partition: GPT.

==================== End of Addition.txt =======================

[Rudy]

Zdravím!
Spusťte tuto utilitu:

Ulozte na plochu AdwCleaner https://malwarebytes.com/adwcleaner/ nebo http://www.bleepingcomputer.com/download/adwcleaner/

ukoncete vsechny programy
odsouhlaste licencni podmiky (EULA) klikem na Souhlasim
kliknete pravym na ikonu AdwCleaneru a vyberte Spustit jako spravce (v pripade Win XP spustte obycejne dvojklikem)
kliknete na Skenovat nyni (Scan now), pote na Cisteni a opravy (Clean and Repair)
po restartu na Vas vyskoci log (pripadne jej najdete v C:\AdwCleaner\Logs\AdwCleaner[Cxx].txt), jehoz obsah zkopirujte do pristi odpovedi

[Kalashnikow88]

# -------------------------------
# Malwarebytes AdwCleaner 8.4.0.0
# -------------------------------
# Build: 08-30-2022
# Database: 2023-07-19.3 (Cloud)
# Support: https://www.malwarebytes.com/support
#
# -------------------------------
# Mode: Scan
# -------------------------------
# Start: 01-04-2024
# Duration: 00:00:03
# OS: Windows 11 (Build 22621.2861)
# Scanned: 32045
# Detected: 0


***** [ Services ] *****

No malicious services found.

***** [ Folders ] *****

No malicious folders found.

***** [ Files ] *****

No malicious files found.

***** [ DLL ] *****

No malicious DLLs found.

***** [ WMI ] *****

No malicious WMI found.

***** [ Shortcuts ] *****

No malicious shortcuts found.

***** [ Tasks ] *****

No malicious tasks found.

***** [ Registry ] *****

No malicious registry entries found.

***** [ Chromium (and derivatives) ] *****

No malicious Chromium entries found.

***** [ Chromium URLs ] *****

No malicious Chromium URLs found.

***** [ Firefox (and derivatives) ] *****

No malicious Firefox entries found.

***** [ Firefox URLs ] *****

No malicious Firefox URLs found.

***** [ Hosts File Entries ] *****

No malicious hosts file entries found.

***** [ Preinstalled Software ] *****

No Preinstalled Software found.



########## EOF - C:\AdwCleaner\Logs\AdwCleaner[S00].txt ##########





# -------------------------------
# Malwarebytes AdwCleaner 8.4.0.0
# -------------------------------
# Build: 08-30-2022
# Database: 2023-07-19.3 (Cloud)
# Support: https://www.malwarebytes.com/support
#
# -------------------------------
# Mode: Clean
# -------------------------------
# Start: 01-04-2024
# Duration: 00:00:00
# OS: Windows 11 (Build 22621.2861)
# Cleaned: 0
# Failed: 0


***** [ Services ] *****

No malicious services cleaned.

***** [ Folders ] *****

No malicious folders cleaned.

***** [ Files ] *****

No malicious files cleaned.

***** [ DLL ] *****

No malicious DLLs cleaned.

***** [ WMI ] *****

No malicious WMI cleaned.

***** [ Shortcuts ] *****

No malicious shortcuts cleaned.

***** [ Tasks ] *****

No malicious tasks cleaned.

***** [ Registry ] *****

No malicious registry entries cleaned.

***** [ Chromium (and derivatives) ] *****

No malicious Chromium entries cleaned.

***** [ Chromium URLs ] *****

No malicious Chromium URLs cleaned.

***** [ Firefox (and derivatives) ] *****

No malicious Firefox entries cleaned.

***** [ Firefox URLs ] *****

No malicious Firefox URLs cleaned.

***** [ Hosts File Entries ] *****

No malicious hosts file entries cleaned.

***** [ Preinstalled Software ] *****

No Preinstalled Software cleaned.


*************************

[+] Delete Tracing Keys
[+] Reset Winsock

*************************

AdwCleaner[S00].txt - [1420 octets] - [04/01/2024 09:29:00]

########## EOF - C:\AdwCleaner\Logs\AdwCleaner[C00].txt ##########

[Kalashnikow88]

Toto vyskakuje

[Rudy]

ADWC je OK. Otevřte poznámkový blok a zkopírujte do něj:

Start

CloseProcesses:
HKU\S-1-5-21-1976165619-2754625909-3318537033-1001\...\Policies\Explorer: []
HKLM\Software\...\Authentication\Credential Providers: [{C885AA15-1764-4293-B82A-0586ADD46B35}] ->
Task: {CCDFC0B8-01A3-4E74-A820-4F13F51D269E} - System32\Tasks\Microsoft\Windows\Mobile Broadband Accounts\MNO Metadata Parser => %SystemRoot%\System32\MbaeParserTask.exe (No File)
Task: {A1EFA779-99D2-45E7-8A68-F809FB579662} - System32\Tasks\Microsoft\Windows\UpdateOrchestrator\MusUx_LogonUpdateResults => %systemroot%\system32\MusNotification.exe LogonUpdateResults (No File)
Task: {62350F45-429E-49E0-9F6F-E3A3EE234DD6} - System32\Tasks\Microsoft\Windows\UpdateOrchestrator\Reboot_AC => %systemroot%\system32\MusNotification.exe /RunOnAC ReadyToReboot (No File)
Task: {883D9DF6-994E-4BCB-A805-8B67392AED1F} - System32\Tasks\Microsoft\Windows\UpdateOrchestrator\Reboot_Battery => %systemroot%\system32\MusNotification.exe /RunOnBattery ReadyToReboot (No File)
Task: {E0F10DCF-44AD-40E8-9370-FB5DA59F93FB} - System32\Tasks\Microsoft\Windows\UpdateOrchestrator\USO_UxBroker => %systemroot%\system32\MusNotification.exe (No File)
C:\Users\troch\AppData\Local\Temp

EmptyTemp:
End

Uložte do C:\Users\troch\OneDrive\Plocha jako fixlist.txt. Spusťte znovu FRST a klikněte na >Fix<. Po skončení akce se objeví log, který sem zkopírujte.

[Kalashnikow88]

Fix result of Farbar Recovery Scan Tool (x64) Version: 01.01.2024
Ran by troch (04-01-2024 14:03:14) Run:1
Running from C:\Users\troch\OneDrive\Plocha
Loaded Profiles: troch
Boot Mode: Normal
==============================================

fixlist content:
*****************
Start

CloseProcesses:
HKU\S-1-5-21-1976165619-2754625909-3318537033-1001\...\Policies\Explorer: []
HKLM\Software\...\Authentication\Credential Providers: [{C885AA15-1764-4293-B82A-0586ADD46B35}] ->
Task: {CCDFC0B8-01A3-4E74-A820-4F13F51D269E} - System32\Tasks\Microsoft\Windows\Mobile Broadband Accounts\MNO Metadata Parser => %SystemRoot%\System32\MbaeParserTask.exe (No File)
Task: {A1EFA779-99D2-45E7-8A68-F809FB579662} - System32\Tasks\Microsoft\Windows\UpdateOrchestrator\MusUx_LogonUpdateResults => %systemroot%\system32\MusNotification.exe LogonUpdateResults (No File)
Task: {62350F45-429E-49E0-9F6F-E3A3EE234DD6} - System32\Tasks\Microsoft\Windows\UpdateOrchestrator\Reboot_AC => %systemroot%\system32\MusNotification.exe /RunOnAC ReadyToReboot (No File)
Task: {883D9DF6-994E-4BCB-A805-8B67392AED1F} - System32\Tasks\Microsoft\Windows\UpdateOrchestrator\Reboot_Battery => %systemroot%\system32\MusNotification.exe /RunOnBattery ReadyToReboot (No File)
Task: {E0F10DCF-44AD-40E8-9370-FB5DA59F93FB} - System32\Tasks\Microsoft\Windows\UpdateOrchestrator\USO_UxBroker => %systemroot%\system32\MusNotification.exe (No File)
C:\Users\troch\AppData\Local\Temp

EmptyTemp:
End
*****************

Processes closed successfully.
"HKU\S-1-5-21-1976165619-2754625909-3318537033-1001\Software\Microsoft\Windows\CurrentVersion\Policies\Explorer\\" => removed successfully
HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Authentication\Credential Providers\{C885AA15-1764-4293-B82A-0586ADD46B35} => removed successfully
"HKLM\Software\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Plain\{CCDFC0B8-01A3-4E74-A820-4F13F51D269E}" => removed successfully
"HKLM\Software\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tasks\{CCDFC0B8-01A3-4E74-A820-4F13F51D269E}" => removed successfully
C:\WINDOWS\System32\Tasks\Microsoft\Windows\Mobile Broadband Accounts\MNO Metadata Parser => moved successfully
"HKLM\Software\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tree\Microsoft\Windows\Mobile Broadband Accounts\MNO Metadata Parser" => removed successfully
"HKLM\Software\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Logon\{A1EFA779-99D2-45E7-8A68-F809FB579662}" => removed successfully
"HKLM\Software\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tasks\{A1EFA779-99D2-45E7-8A68-F809FB579662}" => removed successfully
C:\WINDOWS\System32\Tasks\Microsoft\Windows\UpdateOrchestrator\MusUx_LogonUpdateResults => moved successfully
"HKLM\Software\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tree\Microsoft\Windows\UpdateOrchestrator\MusUx_LogonUpdateResults" => removed successfully
"HKLM\Software\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Plain\{62350F45-429E-49E0-9F6F-E3A3EE234DD6}" => removed successfully
"HKLM\Software\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tasks\{62350F45-429E-49E0-9F6F-E3A3EE234DD6}" => removed successfully
C:\WINDOWS\System32\Tasks\Microsoft\Windows\UpdateOrchestrator\Reboot_AC => moved successfully
"HKLM\Software\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tree\Microsoft\Windows\UpdateOrchestrator\Reboot_AC" => removed successfully
"HKLM\Software\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Plain\{883D9DF6-994E-4BCB-A805-8B67392AED1F}" => removed successfully
"HKLM\Software\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tasks\{883D9DF6-994E-4BCB-A805-8B67392AED1F}" => removed successfully
C:\WINDOWS\System32\Tasks\Microsoft\Windows\UpdateOrchestrator\Reboot_Battery => moved successfully
"HKLM\Software\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tree\Microsoft\Windows\UpdateOrchestrator\Reboot_Battery" => removed successfully
"HKLM\Software\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Plain\{E0F10DCF-44AD-40E8-9370-FB5DA59F93FB}" => removed successfully
"HKLM\Software\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tasks\{E0F10DCF-44AD-40E8-9370-FB5DA59F93FB}" => removed successfully
C:\WINDOWS\System32\Tasks\Microsoft\Windows\UpdateOrchestrator\USO_UxBroker => moved successfully
"HKLM\Software\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tree\Microsoft\Windows\UpdateOrchestrator\USO_UxBroker" => removed successfully

"C:\Users\troch\AppData\Local\Temp" folder move:

C:\Users\troch\AppData\Local\Temp => moved successfully

=========== EmptyTemp: ==========

FlushDNS => completed
BITS transfer queue => 1310720 B
DOMStore, IE Recovery, AppCache, Feeds Cache, Thumbcache, IconCache => 43169960 B
Java, Discord, Steam htmlcache, WinHttpAutoProxySvc/winhttp *.cache => 0 B
Windows/system/drivers => 7200298 B
Edge => 0 B
Firefox => 0 B
Opera => 0 B

Temp, IE cache, history, cookies, recent:
Default => 0 B
ProgramData => 0 B
Public => 0 B
systemprofile => 0 B
systemprofile32 => 0 B
LocalService => 4250 B
NetworkService => 88568 B
troch => 1277678 B

RecycleBin => 3806110939 B
EmptyTemp: => 3.6 GB temporary data Removed.

================================


The system needed a reboot.

==== End of Fixlog 14:03:19 ====

[Rudy]

Smazáno. Hláška zmizela?

[Kalashnikow88]

vyskakuje stale

[Kalashnikow88]

I jine a podobne hlasky

[Kalashnikow88]

a tato

[Rudy]

OK. Jak se jmenuje ten soubor, od něhož hlášky pochází? Bude vc:\user\win\config. Toto je adresář, já ale potřebuji znát název souboru.

[Kalashnikow88]

Bohuzel se mi nedari do adresare dostat, cesta neexistuje

[JaRon]

Samozrejme v tomto pripade neexistuje cesta, ale ani virus
Doporucujem: nastavit v Edge blokovanie reklam a hlaseni + zmazat cookies