Odvirování PC, zrychlení počítače, vzdálená pomoc prostřednictvím služby neslape.cz

Spomalený internet

Máte problém s virem? Vložte sem log z FRST nebo RSIT.

Moderátor: Moderátoři

Pravidla fóra
Pokud chcete pomoc, vložte log z FRST [návod zde] nebo RSIT [návod zde]

Jednotlivé thready budou po vyřešení uzamčeny. Stejně tak ty, které budou nečinné déle než 14 dní. Vizte Pravidlo o zamykání témat. Děkujeme za pochopení.

!NOVINKA!
Nově lze využívat služby vzdálené pomoci, kdy se k vašemu počítači připojí odborník a bližší informace o problému si od vás získá telefonicky! Více na www.neslape.cz
Odpovědět
Zpráva
Autor
Lorax
Návštěvník
Návštěvník
Příspěvky: 67
Registrován: 22 úno 2012 18:18

Spomalený internet

#1 Příspěvek od Lorax »

Dobrý den, prosím o kontrolu logů. Jde především o velmi zasekané přehrávání videí v prohlíčeči. Předem děkuji

Kód: Vybrat vše

Scan result of Farbar Recovery Scan Tool (FRST) (x64) Version: 11.01.2024
Ran by xawie (administrator) on DESKTOP-N4399C5 (13-01-2024 08:39:31)
Running from C:\Users\xawie\Downloads\FRST64.exe
Loaded Profiles: xawie
Platform: Microsoft Windows 11 Home Version 23H2 22631.2861 (X64) Language: Čeština (Česko)
Default browser: Chrome
Boot Mode: Normal

==================== Processes (Whitelisted) =================

(If an entry is included in the fixlist, the process will be closed. The file will not be moved.)

(Advanced Micro Devices Inc. -> Advanced Micro Devices, Inc.) C:\Program Files\AMD\CNext\CNext\RadeonSoftware.exe
(C:\Program Files\AMD\CNext\CNext\AMDRSServ.exe ->) (Advanced Micro Devices Inc. -> Advanced Micro Devices, Inc.) C:\Program Files\AMD\CNext\CNext\amdow.exe
(cmd.exe ->) (Advanced Micro Devices Inc. -> Advanced Micro Devices, Inc.) C:\Program Files\AMD\CNext\CNext\AMDRSServ.exe
(explorer.exe ->) (Google LLC -> Google LLC) C:\Program Files\Google\Chrome\Application\chrome.exe <23>
(explorer.exe ->) (Riot Games, Inc. -> Riot Games, Inc.) C:\Riot Games\Riot Client\RiotClientServices.exe
(Microsoft Windows -> Microsoft Corporation) C:\Windows\System32\cmd.exe
(Microsoft Windows -> Microsoft Corporation) C:\Windows\UUS\Packages\Preview\amd64\MoNotificationUx.exe
(services.exe ->) (Cisco Systems, Inc. -> Cisco Systems, Inc.) C:\Program Files (x86)\Cisco\Cisco AnyConnect Secure Mobility Client\vpnagent.exe
(services.exe ->) (HP Inc. -> HP Inc.) C:\Program Files\HPPrintScanDoctor\HPPrintScanDoctorService.exe
(services.exe ->) (Microsoft Corporation -> Microsoft Corporation) C:\Program Files\Common Files\microsoft shared\ClickToRun\OfficeClickToRun.exe
(services.exe ->) (Microsoft Windows -> Microsoft Corporation) C:\Windows\System32\CredentialEnrollmentManager.exe
(services.exe ->) (Microsoft Windows Publisher -> Microsoft Corporation) C:\ProgramData\Microsoft\Windows Defender\Platform\4.18.23110.3-0\MsMpEng.exe
(services.exe ->) (Microsoft Windows Publisher -> Microsoft Corporation) C:\ProgramData\Microsoft\Windows Defender\Platform\4.18.23110.3-0\NisSrv.exe
(services.exe ->) (OpenVPN Inc. -> The OpenVPN Project) C:\Program Files\OpenVPN\bin\openvpnserv.exe
(sihost.exe ->) (Advanced Micro Devices Inc. -> Advanced Micro Devices, Inc.) C:\Program Files\AMD\CNext\CNext\cncmd.exe
(svchost.exe ->) (Advanced Micro Devices, Inc.) [File not signed] C:\Program Files\AMD\CNext\CNext\CPUMetricsServer.exe
(svchost.exe ->) (Microsoft Corporation -> Microsoft Corporation) C:\Program Files\WindowsApps\Microsoft.GamingApp_2312.1001.18.0_x64__8wekyb3d8bbwe\XboxGameBarWidgets.exe
(svchost.exe ->) (Microsoft Corporation -> Microsoft Corporation) C:\Program Files\WindowsApps\Microsoft.GamingApp_2312.1001.18.0_x64__8wekyb3d8bbwe\XboxPcAppFT.exe
(svchost.exe ->) (Microsoft Corporation -> Microsoft Corporation) C:\Program Files\WindowsApps\Microsoft.XboxGamingOverlay_6.123.11012.0_x64__8wekyb3d8bbwe\GameBar.exe
(svchost.exe ->) (Microsoft Corporation -> Microsoft Corporation) C:\Program Files\WindowsApps\Microsoft.XboxGamingOverlay_6.123.11012.0_x64__8wekyb3d8bbwe\GameBarFTServer.exe
(svchost.exe ->) (Microsoft Windows -> Microsoft Corporation) C:\Windows\System32\dllhost.exe <2>
(svchost.exe ->) (Microsoft Windows -> Microsoft Corporation) C:\Windows\System32\smartscreen.exe
(svchost.exe ->) (Microsoft Windows -> Microsoft Corporation) C:\Windows\System32\wlanext.exe
(svchost.exe ->) (Microsoft Windows -> Microsoft Corporation) C:\Windows\SystemApps\Microsoft.Windows.AppRep.ChxApp_cw5n1h2txyewy\CHXSmartScreen.exe

==================== Registry (Whitelisted) ===================

(If an entry is included in the fixlist, the registry item will be restored to default or removed. The file will not be moved.)

HKLM\...\Run: [AdobeGCInvoker-1.0] => C:\Program Files (x86)\Common Files\Adobe\AdobeGCClient\AGCInvokerUtility.exe [3476960 2022-09-27] (Adobe Inc. -> Adobe Systems, Incorporated)
HKLM\...\Run: [AdobeAAMUpdater-1.0] => C:\Program Files (x86)\Common Files\Adobe\OOBE\PDApp\UWA\UpdaterStartupUtility.exe [509936 2018-04-10] (Adobe Systems Incorporated -> Adobe Systems Incorporated)
HKLM\...\Run: [Riot Vanguard] => C:\Program Files\Riot Vanguard\vgtray.exe [3022640 2023-10-27] (Riot Games, Inc. -> Riot Games, Inc.)
HKLM\...\Run: [XMouseButtonControl] => C:\Program Files\Highresolution Enterprises\X-Mouse Button Control\XMouseButtonControl.exe [1684216 2020-05-13] (Open Source Developer, Phillip Gibbons -> Highresolution Enterprises)
HKLM\...\Run: [CDAServer] => C:\Program Files\Common Files\Common Desktop Agent\CDASrv.exe [464608 2014-09-08] (Samsung Electronics CO., LTD. -> )
HKLM-x32\...\Run: [Adobe CCXProcess] => C:\Program Files (x86)\Adobe\Adobe Creative Cloud Experience\CCXProcess.exe [129288 2021-08-04] (Adobe Inc. -> )
HKLM-x32\...\Run: [ATNSOFT Key Remapper] => C:\Program Files (x86)\ATNSOFT Key Remapper\keyremapper.exe [2177456 2022-02-18] (ATNSOFT -> ATNSOFT)
HKLM-x32\...\Run: [LogMeIn Hamachi Ui] => C:\Program Files (x86)\LogMeIn Hamachi\hamachi-2-ui.exe [7039464 2022-05-18] (LogMeIn, Inc. -> LogMeIn Inc.)
HKLM-x32\...\Run: [RazerCortex] => C:\Program Files (x86)\Razer\Razer Cortex\RazerCortex.exe [543736 2022-12-13] (Razer USA Ltd. -> Razer Inc.)
HKLM-x32\...\Run: [Wondershare Helper Compact.exe] => C:\Program Files (x86)\Common Files\Wondershare\Wondershare Helper Compact\WSHelper.exe [2133728 2017-09-12] (Wondershare Technology Co.,Ltd -> Wondershare)
HKLM-x32\...\Run: [SunJavaUpdateSched] => C:\Program Files (x86)\Common Files\Java\Java Update\jusched.exe [708840 2022-04-26] (Oracle America, Inc. -> Oracle Corporation)
HKLM-x32\...\Run: [Cisco AnyConnect Secure Mobility Agent for Windows] => C:\Program Files (x86)\Cisco\Cisco AnyConnect Secure Mobility Client\vpnui.exe [2044568 2023-04-28] (Cisco Systems, Inc. -> Cisco Systems, Inc.)
HKLM\SOFTWARE\Policies\Microsoft\Windows\WindowsUpdate: Restriction <==== ATTENTION
HKU\S-1-5-19\...\RunOnce: [OneDrive] => C:\Program Files\Microsoft OneDrive\OneDrive.exe [2603944 2023-05-27] (Microsoft Corporation -> Microsoft Corporation)
HKU\S-1-5-20\...\RunOnce: [OneDrive] => C:\Program Files\Microsoft OneDrive\OneDrive.exe [2603944 2023-05-27] (Microsoft Corporation -> Microsoft Corporation)
HKU\S-1-5-21-65323361-3339110103-3339747079-1001\...\Run: [OneDrive] => C:\Program Files\Microsoft OneDrive\OneDrive.exe [2603944 2023-05-27] (Microsoft Corporation -> Microsoft Corporation)
HKU\S-1-5-21-65323361-3339110103-3339747079-1001\...\Run: [Steam] => C:\Program Files (x86)\Steam\steam.exe [4388200 2024-01-13] (Valve Corp. -> Valve Corporation)
HKU\S-1-5-21-65323361-3339110103-3339747079-1001\...\Run: [OpenVPN-GUI] => C:\Program Files\OpenVPN\bin\openvpn-gui.exe [818864 2021-12-15] (OpenVPN Inc. -> )
HKU\S-1-5-21-65323361-3339110103-3339747079-1001\...\Run: [Discord] => C:\Users\xawie\AppData\Local\Discord\Update.exe [1512608 2021-09-21] (Discord Inc. -> GitHub)
HKU\S-1-5-21-65323361-3339110103-3339747079-1001\...\Run: [EpicGamesLauncher] => C:\Program Files (x86)\Epic Games\Launcher\Portal\Binaries\Win64\EpicGamesLauncher.exe [37180368 2023-12-22] (Epic Games Inc. -> Epic Games, Inc.)
HKU\S-1-5-21-65323361-3339110103-3339747079-1001\...\Run: [EEDSpeedLauncher] => rundll32.exe C:\WINDOWS\system32\eed_ec.dll,SpeedLauncher [1848320 2017-07-06] (Microsoft Windows Hardware Compatibility Publisher -> )
HKU\S-1-5-21-65323361-3339110103-3339747079-1001\...\Run: [Synapse3] => C:\Program Files (x86)\Razer\Synapse3\WPFUI\Framework\Razer Synapse 3 Host\Razer Synapse 3.exe [3542536 2022-12-13] (Razer USA Ltd. -> Razer Inc.)
HKU\S-1-5-21-65323361-3339110103-3339747079-1001\...\Run: [CCleaner Smart Cleaning] => C:\Program Files\CCleaner\CCleaner64.exe [44486048 2023-12-05] (PIRIFORM SOFTWARE LIMITED -> Piriform Software Ltd)
HKU\S-1-5-21-65323361-3339110103-3339747079-1001\...\Run: [RiotClient] => C:\Riot Games\Riot Client\RiotClientServices.exe [70918144 2023-12-12] (Riot Games, Inc. -> Riot Games, Inc.)
HKU\S-1-5-21-65323361-3339110103-3339747079-1001\...\Run: [MicrosoftEdgeAutoLaunch_EF26055A53941B8600C4FA645E59D117] => "C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --no-startup-window --win-session-start [3854272 2024-01-11] (Microsoft Corporation -> Microsoft Corporation)
HKU\S-1-5-18\...\Run: [EEDSpeedLauncher] => rundll32.exe C:\WINDOWS\system32\eed_ec.dll,SpeedLauncher [1848320 2017-07-06] (Microsoft Windows Hardware Compatibility Publisher -> )
HKLM\...\Windows x64\Print Processors\ssd6cPC: C:\Windows\System32\spool\prtprocs\x64\ssd6cpc.dll [43520 2017-07-06] (Microsoft Windows Hardware Compatibility Publisher -> Windows (R) Codename Longhorn DDK provider)
HKLM\...\Windows x64\Print Processors\ssy6cPC: C:\Windows\System32\spool\prtprocs\x64\ssy6cpc.dll [43520 2017-07-13] (Microsoft Windows Hardware Compatibility Publisher -> Windows (R) Codename Longhorn DDK provider)
HKLM\...\Print\Monitors\ssd6c Langmon: C:\WINDOWS\system32\ssd6clm.dll [22528 2017-07-06] (Microsoft Windows Hardware Compatibility Publisher -> )
HKLM\...\Print\Monitors\ssy6c Langmon: C:\WINDOWS\system32\ssy6clm.dll [22528 2017-07-13] (Microsoft Windows Hardware Compatibility Publisher -> )
HKLM\Software\Microsoft\Active Setup\Installed Components: [{8A69D345-D564-463c-AFF1-A69D9E530F96}] -> C:\Program Files\Google\Chrome\Application\120.0.6099.217\Installer\chrmstp.exe [2024-01-12] (Google LLC -> Google LLC)
HKLM\Software\Microsoft\Active Setup\Installed Components: [{ECDEB23C-E72D-F54F-081D-D2180DBF1497}] -> reg add HKCU\Software\Microsoft\Windows\CurrentVersion\Run /f /v OPENVPN-GUI /t REG_SZ /d "C:\Program Files\OpenVPN\bin\openvpn-gui.exe"
HKLM\Software\...\Authentication\Credential Providers: [{C885AA15-1764-4293-B82A-0586ADD46B35}] -> 
GroupPolicy: Restriction ? <==== ATTENTION
Policies: C:\ProgramData\NTUSER.pol: Restriction <==== ATTENTION

==================== Scheduled Tasks (Whitelisted) =================

(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)

Task: {9438E614-B5F5-4BCC-A1E2-70B4C506B4CE} - System32\Tasks\AdobeGCInvoker-1.0 => C:\Program Files (x86)\Common Files\Adobe\AdobeGCClient\AGCInvokerUtility.exe [3476960 2022-09-27] (Adobe Inc. -> Adobe Systems, Incorporated)
Task: {588A36CA-97A9-4563-AE04-1CC25C5CC71D} - System32\Tasks\AMDRyzenMasterSDKTask => C:\Program Files\AMD\CNext\CNext\cpumetricsserver.exe [329216 2022-03-09] (Advanced Micro Devices, Inc.) [File not signed]
Task: {3A86A18D-A17F-417F-8100-8D867F36743B} - System32\Tasks\CCleaner Update => C:\Program Files\CCleaner\CCUpdate.exe [714256 2023-12-05] (PIRIFORM SOFTWARE LIMITED -> Piriform Software Ltd)
Task: {8A8D0514-CB31-4B35-8A53-5A4DBED35806} - System32\Tasks\CCleanerCrashReporting => C:\Program Files\CCleaner\CCleanerBugReport.exe [4703648 2023-12-05] (PIRIFORM SOFTWARE LIMITED -> Piriform Software) -> --product 90 --send dumps|report --path "C:\Program Files\CCleaner\LOG" --programpath "C:\Program Files\CCleaner" --guid "1f3eb764-210e-43a4-a711-c2e63ef89756" --version "6.19.10858" --silent
Task: {80CC9D71-E18A-4AAA-B368-DA28E59B8933} - System32\Tasks\CCleanerSkipUAC - xawie => C:\Program Files\CCleaner\CCleaner.exe [37458848 2023-12-05] (PIRIFORM SOFTWARE LIMITED -> Piriform Software Ltd)
Task: {37408D00-90E5-479F-81AA-A7D9066C10DD} - System32\Tasks\CorelUpdateHelperTask-4E87A419AF20C0AF5D579748F10645CB => C:\Program Files (x86)\Corel\CUH\v2\CUH.exe [3827728 2022-10-21] (Corel Corporation -> Corel Corporation)
Task: {9249AE7C-05E2-4A1D-B093-05AAA1147356} - System32\Tasks\CorelUpdateHelperTaskCore => c:\Program Files (x86)\Corel\CUH\v2\CUH.exe [3827728 2022-10-21] (Corel Corporation -> Corel Corporation)
Task: {F848ED3F-380D-4303-A7A5-7033761548C6} - System32\Tasks\GoogleSystem\GoogleUpdater\GoogleUpdaterTaskSystem122.0.6234.0{96AB8147-73F5-4129-A784-56518144BBC9} => C:\Program Files (x86)\Google\GoogleUpdater\122.0.6234.0\updater.exe [4639520 2024-01-08] (Google LLC -> Google LLC) <==== ATTENTION
Task: {482B70F5-7F02-4CF7-B618-12EF0B6675C1} - System32\Tasks\HP\HP Print Scan Doctor\Printer Health Monitor => C:\Program Files\HPPrintScanDoctor\HPPrinterHealthMonitor.exe [60888 2024-01-12] (HP Inc. -> HP Inc.)
Task: {E4780DA3-4EA0-4AFB-8720-2040EC43F920} - System32\Tasks\HP\HP Print Scan Doctor\Printer Health Monitor Logon => C:\Program Files\HPPrintScanDoctor\HPPrinterHealthMonitor.exe [60888 2024-01-12] (HP Inc. -> HP Inc.)
Task: {C29F5148-9A0E-4E0E-8ECA-0D68004FDD4A} - System32\Tasks\Microsoft\Office\Office Automatic Updates 2.0 => C:\Program Files\Common Files\Microsoft Shared\ClickToRun\OfficeC2RClient.exe [28176360 2024-01-05] (Microsoft Corporation -> Microsoft Corporation)
Task: {937D3116-8A0A-4803-9A86-03E5F98493A1} - System32\Tasks\Microsoft\Office\Office ClickToRun Service Monitor => C:\Program Files\Common Files\Microsoft Shared\ClickToRun\OfficeC2RClient.exe [28176360 2024-01-05] (Microsoft Corporation -> Microsoft Corporation)
Task: {0BD7430C-F094-4BF7-86F7-5CD52054B299} - System32\Tasks\Microsoft\Office\Office Feature Updates => C:\Program Files\Microsoft Office\root\Office16\sdxhelper.exe [306632 2024-01-11] (Microsoft Corporation -> Microsoft Corporation)
Task: {4E28383F-9979-4D5A-B1BA-869B45F780DA} - System32\Tasks\Microsoft\Office\Office Feature Updates Logon => C:\Program Files\Microsoft Office\root\Office16\sdxhelper.exe [306632 2024-01-11] (Microsoft Corporation -> Microsoft Corporation)
Task: {E1EAA068-9C18-406E-97AE-C732A8314F1B} - System32\Tasks\Microsoft\Office\Office Performance Monitor => C:\Program Files\Microsoft Office\root\VFS\ProgramFilesCommonX64\Microsoft Shared\Office16\operfmon.exe [169144 2024-01-11] (Microsoft Corporation -> Microsoft Corporation)
Task: {7EA2415C-675E-415D-A433-A32CCC1B149D} - System32\Tasks\Microsoft\Office\Office Serviceability Manager => C:\Program Files\Common Files\Microsoft Shared\ClickToRun\officesvcmgr.exe [4413848 2024-01-05] (Microsoft Corporation -> Microsoft Corporation)
Task: {CCDFC0B8-01A3-4E74-A820-4F13F51D269E} - System32\Tasks\Microsoft\Windows\Mobile Broadband Accounts\MNO Metadata Parser => %SystemRoot%\System32\MbaeParserTask.exe  (No File)
Task: {06DCB861-A372-4362-91D4-C467001994F2} - System32\Tasks\Microsoft\Windows\UpdateOrchestrator\Reboot_AC => %systemroot%\system32\MusNotification.exe  /RunOnAC RebootDialog (No File)
Task: {4ED1FB17-3942-439E-AF43-50CB8FED9536} - System32\Tasks\Microsoft\Windows\UpdateOrchestrator\Reboot_Battery => %systemroot%\system32\MusNotification.exe  /RunOnBattery RebootDialog (No File)
Task: {E0F10DCF-44AD-40E8-9370-FB5DA59F93FB} - System32\Tasks\Microsoft\Windows\UpdateOrchestrator\USO_UxBroker => %systemroot%\system32\MusNotification.exe  (No File)
Task: {69AF7C97-73EA-4CE9-822B-B4446A55D564} - System32\Tasks\ModifyLinkUpdate => C:\Program Files\AMD\CIM\Bin64\InstallManagerApp.exe [1146360 2022-03-10] (Advanced Micro Devices Inc. -> Advanced Micro Devices, Inc.)
Task: {52600C69-7DAC-4E02-BAF2-F5D660AADFA8} - System32\Tasks\OneDrive Per-Machine Standalone Update Task => C:\Program Files\Microsoft OneDrive\OneDriveStandaloneUpdater.exe [4147632 2023-05-27] (Microsoft Corporation -> Microsoft Corporation)
Task: {3405615A-7FB7-41B1-AD48-FC7FBD0763F3} - System32\Tasks\OneDrive Reporting Task-S-1-5-21-65323361-3339110103-3339747079-1001 => C:\Program Files\Microsoft OneDrive\OneDriveStandaloneUpdater.exe [4147632 2023-05-27] (Microsoft Corporation -> Microsoft Corporation)
Task: {9A995544-C1BB-4338-A371-C1CF9763A4E7} - System32\Tasks\PandaCloseProxyStartUp => C:\Users\xawie\AppData\Roaming\Panda\CloseProxy.exe  (No File)
Task: {74518045-4A27-4712-8354-3BC950DF23F5} - System32\Tasks\RazerCortexScheduleClean => C:\Program Files (x86)\Razer\Razer Cortex\RazerCortex.exe [543736 2022-12-13] (Razer USA Ltd. -> Razer Inc.)
Task: {7237D327-9560-4A52-8144-89FEE051E41A} - System32\Tasks\SmartShare => C:\Program Files (x86)\LG Software\LG Smart Share\SmartShareStart.exe [513216 2017-12-12] (LG Electronics Inc. -> LG Electronics Inc.)
Task: {A29DDEE1-806A-4DA1-89CE-93B065CA5B11} - System32\Tasks\StartCN => C:\Program Files\AMD\CNext\CNext\cncmd.exe [56760 2022-11-30] (Advanced Micro Devices Inc. -> Advanced Micro Devices, Inc.)
Task: {958D2EA4-0474-4165-A41A-1C85D8E997E2} - System32\Tasks\StartDVR => C:\Program Files\AMD\CNext\CNext\RSServCmd.exe [291768 2022-11-30] (Advanced Micro Devices Inc. -> Advanced Micro Devices, Inc.)

(If an entry is included in the fixlist, the task (.job) file will be moved. The file which is running by the task will not be moved.)

Task: C:\WINDOWS\Tasks\CCleanerCrashReporting.job => C:\Program Files\CCleaner\CCleanerBugReport.exe

==================== Internet (Whitelisted) ====================

(If an item is included in the fixlist, if it is a registry item it will be removed or restored to default.)

Tcpip\Parameters: [DhcpNameServer] 192.168.1.1
Tcpip\..\Interfaces\{057b60af-9642-4dbc-9121-698e40adede1}: [DhcpNameServer] 1.1.1.1
Tcpip\..\Interfaces\{5f5c4adf-9bd7-4708-b7af-368be1760a3e}: [DhcpNameServer] 192.168.1.1
Tcpip\..\Interfaces\{5f5c4adf-9bd7-4708-b7af-368be1760a3e}: [DhcpDomain] home
Tcpip\..\Interfaces\{a230d696-ea94-4d58-a2d0-3bca64a9b8ae}: [NameServer] 172.17.3.1
Tcpip\..\Interfaces\{e9fc4b02-701e-4af2-8dd7-f1522e29c1fc}: [DhcpNameServer] 192.168.1.1
Tcpip\..\Interfaces\{e9fc4b02-701e-4af2-8dd7-f1522e29c1fc}: [DhcpDomain] home
HKLM\SOFTWARE\Policies\Microsoft\Internet Explorer: Restriction <==== ATTENTION

Edge: 
=======
Edge DefaultProfile: Default
Edge Profile: C:\Users\xawie\AppData\Local\Microsoft\Edge\User Data\Default [2024-01-11]
Edge Extension: (Dokumenty Google offline) - C:\Users\xawie\AppData\Local\Microsoft\Edge\User Data\Default\Extensions\ghbmnnjooekpmoecnnnilnnbdlolhkhi [2023-09-24]
Edge Extension: (Edge relevant text changes) - C:\Users\xawie\AppData\Local\Microsoft\Edge\User Data\Default\Extensions\jmjflgjpcpepeafmmgdpfkogkghcpiha [2023-09-24]

FireFox:
========
FF Plugin: @java.com/DTPlugin,version=11.333.2 -> C:\Program Files\Java\jre1.8.0_333\bin\dtplugin\npDeployJava1.dll [2023-01-12] (Oracle America, Inc. -> Oracle Corporation)
FF Plugin: @java.com/JavaPlugin,version=11.333.2 -> C:\Program Files\Java\jre1.8.0_333\bin\plugin2\npjp2.dll [2023-01-12] (Oracle America, Inc. -> Oracle Corporation)
FF Plugin: @microsoft.com/SharePoint,version=14.0 -> C:\Program Files\Microsoft Office\root\Office16\NPSPWRAP.DLL [2024-01-11] (Microsoft Corporation -> Microsoft Corporation)
FF Plugin: adobe.com/AdobeAAMDetect -> C:\Program Files (x86)\Common Files\Adobe\OOBE\PDApp\CCM\Utilities\npAdobeAAMDetect64.dll [No File]
FF Plugin-x32: @microsoft.com/Lync,version=15.0 -> C:\Program Files\Microsoft Office\root\VFS\ProgramFilesX86\Mozilla Firefox\plugins\npmeetingjoinpluginoc.dll [2024-01-11] (Microsoft Corporation -> Microsoft Corporation)
FF Plugin-x32: @microsoft.com/SharePoint,version=14.0 -> C:\Program Files\Microsoft Office\root\VFS\ProgramFilesX86\Microsoft Office\Office16\NPSPWRAP.DLL [2024-01-11] (Microsoft Corporation -> Microsoft Corporation)

Chrome: 
=======
CHR DefaultProfile: Default
CHR Profile: C:\Users\xawie\AppData\Local\Google\Chrome\User Data\Default [2024-01-13]
CHR Notifications: Default -> hxxps://calendar.google.com; hxxps://mail.google.com; hxxps://meet.google.com
CHR Extension: (MEGA) - C:\Users\xawie\AppData\Local\Google\Chrome\User Data\Default\Extensions\bigefpfhnfcobdlfbedofhhaibnlghod [2024-01-11]
CHR Extension: (Adblock Plus - free ad blocker) - C:\Users\xawie\AppData\Local\Google\Chrome\User Data\Default\Extensions\cfhdojbkjhnklbpkdaibdccddilifddb [2024-01-10]
CHR Extension: (Adblock na Youtube™) - C:\Users\xawie\AppData\Local\Google\Chrome\User Data\Default\Extensions\cmedhionkhpnakcndndgjdbohmhepckk [2024-01-09]
CHR Extension: (Tipli do prohlížeče) - C:\Users\xawie\AppData\Local\Google\Chrome\User Data\Default\Extensions\dbnfnbehhjknomdbfhcobpgpphnlnikp [2022-11-10]
CHR Extension: (AdBlock - nejlepší blokátor reklam) - C:\Users\xawie\AppData\Local\Google\Chrome\User Data\Default\Extensions\gighmmpiobklfepjocnamgkkbiglidom [2024-01-13]
CHR Extension: (TinEye Reverse Image Search) - C:\Users\xawie\AppData\Local\Google\Chrome\User Data\Default\Extensions\haebnnbpedcbhciplfhjjkbafijpncjl [2023-02-20]
CHR Extension: (Picture-in-Picture Extension (by Google)) - C:\Users\xawie\AppData\Local\Google\Chrome\User Data\Default\Extensions\hkgfoiooedgoejojocmhlaklaeopbecg [2022-12-09]
CHR Extension: (Grammarly: Grammar Checker and AI Writing App) - C:\Users\xawie\AppData\Local\Google\Chrome\User Data\Default\Extensions\kbfnbcaeplbcioakkpcpgfkobkghlhen [2024-01-11]
CHR Extension: (Video DownloadHelper) - C:\Users\xawie\AppData\Local\Google\Chrome\User Data\Default\Extensions\lmjnegcaeklhafolokijcfjliaokphfk [2024-01-02]
CHR Extension: (Platby Internetového obchodu Chrome) - C:\Users\xawie\AppData\Local\Google\Chrome\User Data\Default\Extensions\nmmhkkegccagdldgiimedpiccmgmieda [2022-01-03]
CHR Profile: C:\Users\xawie\AppData\Local\Google\Chrome\User Data\Guest Profile [2023-06-02]
CHR Profile: C:\Users\xawie\AppData\Local\Google\Chrome\User Data\Profile 1 [2023-06-02]
CHR Extension: (Prezentace) - C:\Users\xawie\AppData\Local\Google\Chrome\User Data\Profile 1\Extensions\aapocclcgogkmnckokdopfmhonfmgoek [2022-01-04]
CHR Extension: (Dokumenty) - C:\Users\xawie\AppData\Local\Google\Chrome\User Data\Profile 1\Extensions\aohghmighlieiainnegkcijnfilokake [2022-01-04]
CHR Extension: (Disk Google) - C:\Users\xawie\AppData\Local\Google\Chrome\User Data\Profile 1\Extensions\apdfllckaahabafndbhieahigkjlhalf [2022-01-04]
CHR Extension: (YouTube) - C:\Users\xawie\AppData\Local\Google\Chrome\User Data\Profile 1\Extensions\blpcfgokakmgnkcojhhkbfbldkacnbeo [2022-01-04]
CHR Extension: (Adobe Acrobat) - C:\Users\xawie\AppData\Local\Google\Chrome\User Data\Profile 1\Extensions\efaidnbmnnnibpcajpcglclefindmkaj [2022-01-04]
CHR Extension: (Tabulky) - C:\Users\xawie\AppData\Local\Google\Chrome\User Data\Profile 1\Extensions\felcaaldnbdncclmgdcncolpebgiejap [2022-01-04]
CHR Extension: (Dokumenty Google offline) - C:\Users\xawie\AppData\Local\Google\Chrome\User Data\Profile 1\Extensions\ghbmnnjooekpmoecnnnilnnbdlolhkhi [2022-01-04]
CHR Extension: (Platby Internetového obchodu Chrome) - C:\Users\xawie\AppData\Local\Google\Chrome\User Data\Profile 1\Extensions\nmmhkkegccagdldgiimedpiccmgmieda [2022-01-04]
CHR Extension: (Gmail) - C:\Users\xawie\AppData\Local\Google\Chrome\User Data\Profile 1\Extensions\pjkljhegncpnkpknbcohdijeoejaedia [2022-01-04]
CHR Profile: C:\Users\xawie\AppData\Local\Google\Chrome\User Data\Profile 2 [2023-12-18]
CHR Extension: (Dokumenty Google offline) - C:\Users\xawie\AppData\Local\Google\Chrome\User Data\Profile 2\Extensions\ghbmnnjooekpmoecnnnilnnbdlolhkhi [2023-12-18]
CHR Extension: (Platby Internetového obchodu Chrome) - C:\Users\xawie\AppData\Local\Google\Chrome\User Data\Profile 2\Extensions\nmmhkkegccagdldgiimedpiccmgmieda [2023-12-18]
CHR Profile: C:\Users\xawie\AppData\Local\Google\Chrome\User Data\System Profile [2023-06-02]

==================== Services (Whitelisted) ===================

(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)

S4 AGMService; C:\Program Files (x86)\Common Files\Adobe\AdobeGCClient\AGMService.exe [3866592 2022-09-27] (Adobe Inc. -> Adobe Systems, Incorporated)
S4 AGSService; C:\Program Files (x86)\Common Files\Adobe\AdobeGCClient\AGSService.exe [3702240 2022-09-27] (Adobe Inc. -> Adobe Systems, Incorporated)
S2 AsusUpdateCheck; C:\WINDOWS\System32\AsusUpdateCheck.exe [833600 2024-01-13] (ASUSTeK Computer Inc. -> )
S3 CCleanerPerformanceOptimizerService; C:\Program Files\CCleaner\CCleanerPerformanceOptimizerService.exe [1082784 2023-12-05] (PIRIFORM SOFTWARE LIMITED -> Piriform Software Ltd)
R2 ClickToRunSvc; C:\Program Files\Common Files\Microsoft Shared\ClickToRun\OfficeClickToRun.exe [13233632 2024-01-05] (Microsoft Corporation -> Microsoft Corporation)
S4 CortexLauncherService; C:\Program Files (x86)\Razer\Razer Cortex\CortexLauncherService.exe [588200 2022-12-13] (Razer USA Ltd. -> Razer Inc.)
S2 EaseUS UPDATE SERVICE; C:\Program Files (x86)\EaseUS\ENS\ensserver.exe [26512 2022-08-17] (CHENGDU YIWO Tech Development Co., Ltd. -> )
S3 EasyAntiCheat; C:\Program Files (x86)\EasyAntiCheat\EasyAntiCheat.exe [811496 2022-07-10] (EasyAntiCheat Oy -> Epic Games, Inc)
S3 EpicOnlineServices; C:\Program Files (x86)\Epic Games\Epic Online Services\service\EpicOnlineServicesHost.exe [16029456 2022-09-18] (Epic Games Inc. -> Epic Games, Inc.)
S4 FileSyncHelper; C:\Program Files\Microsoft OneDrive\23.096.0507.0001\FileSyncHelper.exe [3444656 2023-05-27] (Microsoft Corporation -> Microsoft Corporation)
S2 FolderSize; C:\Program Files\FolderSize\FolderSizeSvc.exe [163840 2013-02-13] (Brio) [File not signed]
S2 GoogleUpdaterInternalService122.0.6234.0; C:\Program Files (x86)\Google\GoogleUpdater\122.0.6234.0\updater.exe [4639520 2024-01-08] (Google LLC -> Google LLC) <==== ATTENTION
S2 GoogleUpdaterService122.0.6234.0; C:\Program Files (x86)\Google\GoogleUpdater\122.0.6234.0\updater.exe [4639520 2024-01-08] (Google LLC -> Google LLC) <==== ATTENTION
S4 Hamachi2Svc; C:\Program Files (x86)\LogMeIn Hamachi\x64\hamachi-2.exe [3848680 2022-05-18] (LogMeIn, Inc. -> LogMeIn Inc.)
R2 HPPrintScanDoctorService; C:\Program Files\HPPrintScanDoctor\HPPrintScanDoctorService.exe [230360 2024-01-12] (HP Inc. -> HP Inc.)
S4 LMIGuardianSvc; C:\Program Files (x86)\LogMeIn Hamachi\x64\LMIGuardianSvc.exe [419248 2016-05-27] (LogMeIn, Inc. -> LogMeIn, Inc.)
S3 MBAMService; C:\Program Files\Malwarebytes\Anti-Malware\MBAMService.exe [8892256 2023-01-12] (Malwarebytes Inc. -> Malwarebytes)
S4 NativePushService; C:\Users\xawie\AppData\Local\Wondershare\Wondershare NativePush\WsNativePushService.exe [755600 2022-09-17] (Wondershare Technology Group Co.,Ltd -> Wondershare)
S4 OneDrive Updater Service; C:\Program Files\Microsoft OneDrive\23.096.0507.0001\OneDriveUpdaterService.exe [3780000 2023-05-27] (Microsoft Corporation -> Microsoft Corporation)
R2 OpenVPNServiceInteractive; C:\Program Files\OpenVPN\bin\openvpnserv.exe [64176 2021-12-15] (OpenVPN Inc. -> The OpenVPN Project)
S2 PSI_SVC_2; c:\Program Files (x86)\Common Files\Protexis\License Service\PsiService_2.exe [277360 2014-04-30] (Arvato Digital Services Canada Inc -> arvato digital services llc)
S2 PSI_SVC_2_x64; c:\Program Files\Common Files\Protexis\License Service\PsiService_2.exe [337776 2014-04-30] (Arvato Digital Services Canada Inc -> arvato digital services llc)
S2 Razer Game Manager Service; C:\Program Files (x86)\Razer\Razer Services\GMS\GameManagerService.exe [254224 2021-11-16] (Razer USA Ltd. -> Razer Inc)
S2 Razer Game Manager Service 3; C:\Program Files (x86)\Razer\Razer Services\GMS3\GameManagerService3.exe [362760 2022-11-23] (Razer USA Ltd. -> Razer Inc)
S2 Razer Synapse Service; C:\Program Files (x86)\Razer\Synapse3\Service\Razer Synapse Service.exe [300552 2022-12-12] (Razer USA Ltd. -> Razer Inc.)
S3 Rockstar Service; C:\Program Files\Rockstar Games\Launcher\RockstarService.exe [2559896 2022-02-24] (Rockstar Games, Inc. -> Rockstar Games)
S2 RzActionSvc; C:\Program Files (x86)\Razer\Razer Services\Razer Central\RazerCentralService.exe [537912 2022-10-24] (Razer USA Ltd. -> Razer Inc.)
S3 vgc; C:\Program Files\Riot Vanguard\vgc.exe [9572824 2023-10-27] (Riot Games, Inc. -> Riot Games, Inc.)
R3 WdNisSvc; C:\ProgramData\Microsoft\Windows Defender\Platform\4.18.23110.3-0\NisSrv.exe [3174840 2023-12-07] (Microsoft Windows Publisher -> Microsoft Corporation)
R2 WinDefend; C:\ProgramData\Microsoft\Windows Defender\Platform\4.18.23110.3-0\MsMpEng.exe [133592 2023-12-07] (Microsoft Windows Publisher -> Microsoft Corporation)
S2 windowsnetservicehelper.exe; C:\Program Files (x86)\WindowsNetService\daemon\windowsnetservicehelper.exe [59392 2023-02-24] (CloudBees, Inc.) [File not signed]

===================== Drivers (Whitelisted) ===================

(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)

R3 acsock; C:\WINDOWS\system32\DRIVERS\acsock64.sys [310216 2023-04-28] (Microsoft Windows Hardware Compatibility Publisher -> Cisco Systems, Inc.)
R3 amdfendrmgr; C:\WINDOWS\System32\drivers\amdfendrmgr.sys [54720 2022-09-16] (Advanced Micro Devices Inc. -> Advanced Micro Devices, Inc.)
R2 AMDRyzenMasterDriverV19; C:\WINDOWS\system32\AMDRyzenMasterDriver.sys [43336 2022-03-08] (Advanced Micro Devices INC. -> Advanced Micro Devices)
R3 AMDSAFD; C:\WINDOWS\System32\DriverStore\FileRepository\amdsafd.inf_amd64_edd3335a4253bf6d\amdsafd.sys [109520 2021-11-05] (Advanced Micro Devices Inc. -> Advanced Micro Devices)
R3 amdwddmg; C:\WINDOWS\System32\DriverStore\FileRepository\u0390451.inf_amd64_39377efdd62734d1\B390182\amdkmdag.sys [94467928 2023-04-06] (Advanced Micro Devices Inc. -> Advanced Micro Devices, Inc.)
R3 AMDXE; C:\WINDOWS\System32\drivers\amdxe.sys [65168 2021-08-17] (Advanced Micro Devices Inc. -> Advanced Micro Devices, Inc.)
S3 AppleKmdfFilter; C:\WINDOWS\System32\drivers\AppleKmdfFilter.sys [20032 2020-10-09] (WDKTestCert build,132303256403278908 -> Apple Inc.)
S3 AppleLowerFilter; C:\WINDOWS\System32\drivers\AppleLowerFilter.sys [55608 2023-06-27] (Apple Inc. -> Apple Inc.)
S3 BTHMODEM; C:\WINDOWS\System32\drivers\bthmodem.sys [106496 2023-02-04] (Microsoft Corporation) [File not signed]
S3 Hamachi; C:\WINDOWS\System32\drivers\Hamdrv.sys [45680 2022-05-18] (Microsoft Windows Hardware Compatibility Publisher -> LogMeIn Inc.)
S0 MbamElam; C:\WINDOWS\System32\DRIVERS\MbamElam.sys [21480 2023-01-12] (Microsoft Windows Early Launch Anti-malware Publisher -> Malwarebytes)
S3 MBAMSwissArmy; C:\WINDOWS\System32\Drivers\mbamswissarmy.sys [239544 2023-01-12] (Microsoft Windows Hardware Compatibility Publisher -> Malwarebytes)
R3 RzCommon; C:\WINDOWS\System32\drivers\RzCommon.sys [64168 2022-08-18] (Razer USA Ltd. -> Razer Inc)
R3 RzDev_0094; C:\WINDOWS\System32\drivers\RzDev_0094.sys [55376 2021-01-21] (Razer USA Ltd. -> Razer Inc)
R3 tap-tb-0901; C:\WINDOWS\System32\drivers\tap-tb-0901.sys [38656 2023-01-05] (TunnelBear, Inc. -> The OpenVPN Project)
R3 tap0901; C:\WINDOWS\System32\drivers\tap0901.sys [39920 2019-10-23] (Microsoft Windows Hardware Compatibility Publisher -> The OpenVPN Project)
R3 VBAudioVMVAIOMME; C:\WINDOWS\System32\drivers\vbaudio_vmvaio64_win10.sys [71712 2022-03-06] (Vincent Burel -> Windows (R) Win 7 DDK provider)
R1 vgk; C:\Program Files\Riot Vanguard\vgk.sys [21679192 2023-10-27] (Riot Games, Inc. -> Riot Games, Inc.)
S3 vpnva; C:\WINDOWS\System32\drivers\vpnva64-6.sys [74064 2023-04-28] (Cisco Systems, Inc. -> Cisco Systems, Inc.)
S0 WdBoot; C:\WINDOWS\System32\drivers\wd\WdBoot.sys [55856 2023-12-07] (Microsoft Windows Early Launch Anti-malware Publisher -> Microsoft Corporation)
R3 WDC_SAM; C:\WINDOWS\System32\drivers\wdcsam64.sys [35584 2018-02-26] (WDKTestCert wdclab,130885612892544312 -> Western Digital Technologies, Inc.)
U5 WdDevFlt; C:\Windows\System32\Drivers\WdDevFlt.sys [169232 2022-05-07] (Microsoft Windows -> Microsoft Corporation)
R0 WdFilter; C:\WINDOWS\System32\drivers\wd\WdFilter.sys [594304 2023-12-07] (Microsoft Windows -> Microsoft Corporation)
R3 WdNisDrv; C:\WINDOWS\System32\drivers\wd\WdNisDrv.sys [105856 2023-12-07] (Microsoft Windows -> Microsoft Corporation)
R3 wintun; C:\WINDOWS\System32\drivers\wintun.sys [29680 2023-02-24] (Microsoft Windows Hardware Compatibility Publisher -> WireGuard LLC)
S1 fnjpqamg; \??\C:\WINDOWS\system32\drivers\fnjpqamg.sys [X]
S1 WinSetupMon; system32\DRIVERS\WinSetupMon.sys [X]

==================== NetSvcs (Whitelisted) ===================

(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)


==================== One month (created) (Whitelisted) =========

(If an entry is included in the fixlist, the file/folder will be moved.)

2024-01-13 08:39 - 2024-01-13 08:39 - 000032087 _____ C:\Users\xawie\Downloads\FRST.txt
2024-01-13 08:39 - 2024-01-13 08:39 - 000000000 ____D C:\FRST
2024-01-13 08:38 - 2024-01-13 08:38 - 002389504 _____ (Farbar) C:\Users\xawie\Downloads\FRST64.exe
2024-01-13 08:04 - 2024-01-13 08:04 - 000725758 _____ C:\WINDOWS\system32\perfh005.dat
2024-01-13 08:04 - 2024-01-13 08:04 - 000151026 _____ C:\WINDOWS\system32\perfc005.dat
2024-01-13 07:57 - 2024-01-13 07:57 - 000000270 __RSH C:\ProgramData\ntuser.pol
2024-01-12 18:51 - 2024-01-12 18:51 - 000000000 ____D C:\WINDOWS\system32\Tasks\HP
2024-01-11 20:26 - 2024-01-11 20:26 - 000000000 ____D C:\Program Files\Common Files\DESIGNER
2024-01-11 18:53 - 2024-01-11 18:53 - 008791352 _____ (Malwarebytes) C:\Users\xawie\Downloads\adwcleaner_8.4.0.exe
2024-01-11 18:53 - 2024-01-11 18:53 - 002606880 _____ (Malwarebytes) C:\Users\xawie\Downloads\MBSetup.exe
2024-01-10 20:18 - 2024-01-10 20:18 - 000000000 ____D C:\WINDOWS\system32\Tasks\GoogleSystem
2024-01-10 16:18 - 2024-01-10 16:20 - 000000000 ___HD C:\$WinREAgent
2024-01-10 14:55 - 2024-01-12 18:51 - 000000000 ____D C:\Program Files\HPPrintScanDoctor
2024-01-10 14:55 - 2024-01-10 14:58 - 2819051277 _____ C:\Users\xawie\Downloads\Uprchlík CZdabing 1993 Akcni Thriller 1080p.mkv
2024-01-10 14:51 - 2024-01-10 14:53 - 1913033698 _____ C:\Users\xawie\Downloads\Šerifové (1998 Akční-Krimi-Thriller) Cz dabing-partner-23637728.avi
2024-01-09 15:14 - 2024-01-09 15:17 - 124557632 _____ C:\Users\xawie\Downloads\Napoleon.2023.CZ titulky vloženy.avi
2024-01-06 10:28 - 2024-01-06 10:26 - 001661305 _____ C:\Users\xawie\OneDrive - VSB-TUO\Plocha\SCN_0003.pdf
2024-01-05 19:20 - 2024-01-05 19:20 - 000007937 _____ C:\Users\xawie\Downloads\LJDUnuIkk26rHJQiE0Of4.zip
2024-01-05 19:19 - 2024-01-05 19:19 - 000005260 _____ C:\Users\xawie\Downloads\2G73YY0IoaXdcMKB5LXwr (2).zip
2024-01-05 19:16 - 2024-01-05 19:16 - 000004336 _____ C:\Users\xawie\Downloads\jUeMyFtZqDRt2_EnKf3ZN.zip
2024-01-05 19:15 - 2024-01-05 19:15 - 000005260 _____ C:\Users\xawie\Downloads\2G73YY0IoaXdcMKB5LXwr (1).zip
2024-01-05 18:15 - 2024-01-05 18:15 - 000012039 _____ C:\Users\xawie\Downloads\OTUqVep_vaUfELx8ogHAj.zip
2024-01-05 18:14 - 2024-01-05 18:14 - 000001079 _____ C:\Users\xawie\Downloads\0lJZFxDXrlXapBa8GgotT.zip
2024-01-05 18:08 - 2024-01-05 18:08 - 000001983 _____ C:\Users\xawie\Downloads\K0XDzHNTF-nAzzBHXxK9v.zip
2024-01-05 18:04 - 2024-01-05 18:04 - 000001891 _____ C:\Users\xawie\Downloads\EAFIS6d23PT6s-NZZE3HG.zip
2024-01-05 18:03 - 2024-01-05 18:03 - 000005260 _____ C:\Users\xawie\Downloads\2G73YY0IoaXdcMKB5LXwr.zip
2024-01-05 18:00 - 2024-01-05 18:00 - 000000713 _____ C:\Users\xawie\Downloads\xY1hP-EQtP-ibWUqXt-z9.zip
2024-01-04 20:19 - 2024-01-04 20:20 - 1721431836 _____ C:\Users\xawie\Downloads\2023 - Hry o Zivot Balada o ptácích a hadech CZ Titulky - Hunger Games The Ballad of Songbirds and Snakes CzTit - Akcni, Dobrodruzny, Sci-Fi.mkv
2024-01-04 18:22 - 2024-01-04 18:22 - 000002189 _____ C:\Users\xawie\Downloads\ZB79bsPMJ240OaC1wUl0d.zip
2024-01-02 17:44 - 2024-01-02 17:44 - 034421084 _____ C:\Users\xawie\Downloads\wetransfer_image00001-jpeg_2024-01-01_1952.zip
2024-01-01 22:45 - 2024-01-01 22:45 - 000000000 ____D C:\Users\xawie\Downloads\Anno_1800_CZ_v1.36
2023-12-22 20:24 - 2023-12-22 20:24 - 000000000 ____D C:\Users\xawie\AppData\Local\mod.io
2023-12-22 20:24 - 2023-12-22 20:24 - 000000000 ____D C:\Users\Public\mod.io
2023-12-22 17:08 - 2023-12-22 17:09 - 002534890 _____ C:\Users\xawie\Downloads\Anno_1800_CZ_v1.36.zip
2023-12-22 14:56 - 2023-12-22 14:56 - 000001289 _____ C:\Users\xawie\Downloads\UplayR2Unlocker.zip
2023-12-22 14:44 - 2023-12-22 14:44 - 000000325 _____ C:\Users\xawie\OneDrive - VSB-TUO\Plocha\Anno 1800.url
2023-12-22 14:26 - 2023-12-22 14:26 - 003172632 _____ C:\Users\xawie\Downloads\UplayR2Unlocker-v3.0.1.zip
2023-12-19 21:59 - 2023-12-19 14:47 - 069211129 _____ C:\Users\xawie\OneDrive - VSB-TUO\Plocha\Backup_of_vanoce 2017-2023.cdr
2023-12-19 14:47 - 2023-12-19 21:59 - 071017981 _____ C:\Users\xawie\OneDrive - VSB-TUO\Plocha\vanoce 2017-2023.cdr
2023-12-18 15:58 - 2023-12-18 15:58 - 001522749 _____ C:\Users\xawie\Downloads\NakataFujitaTakewakiChapter.pdf
2023-12-18 07:41 - 2024-01-12 23:41 - 000260102 _____ C:\Users\xawie\OneDrive - VSB-TUO\Plocha\Časopisy.xlsx
2023-12-17 10:47 - 2023-12-17 10:47 - 000000000 ____D C:\Users\xawie\AppData\Local\O2
2023-12-16 12:09 - 2023-12-16 12:09 - 001035895 _____ C:\Users\xawie\Downloads\Dialnet-ModelingOfOrganizationalAndTechnologicalSolutionsF-8810199.pdf
2023-12-15 15:15 - 2023-12-15 15:16 - 662610108 _____ C:\Users\xawie\Downloads\Rudolf-(1)-sob-s-cervenym-nosem-(1998).avi
2023-12-15 11:53 - 2023-12-15 11:53 - 002999711 _____ C:\Users\xawie\Downloads\2BE730D6-15C7-47A0-BFF3-E48B71040F96.jpeg

==================== One month (modified) ==================

(If an entry is included in the fixlist, the file/folder will be moved.)

2024-01-13 08:38 - 2022-05-07 06:24 - 000000000 ____D C:\WINDOWS\ServiceState
2024-01-13 08:34 - 2022-01-04 09:22 - 000000000 ____D C:\Users\xawie\AppData\Roaming\uTorrent Web
2024-01-13 08:31 - 2022-05-07 06:24 - 000000000 ____D C:\WINDOWS\SystemTemp
2024-01-13 08:31 - 2022-05-07 06:24 - 000000000 ____D C:\ProgramData\regid.1991-06.com.microsoft
2024-01-13 08:27 - 2022-01-03 21:42 - 000000000 ____D C:\Program Files (x86)\Steam
2024-01-13 08:22 - 2022-01-03 18:54 - 000000000 ____D C:\Users\xawie\AppData\Local\D3DSCache
2024-01-13 08:04 - 2023-02-04 14:23 - 001718028 _____ C:\WINDOWS\system32\PerfStringBackup.INI
2024-01-13 08:04 - 2022-05-07 06:22 - 000000000 ____D C:\WINDOWS\INF
2024-01-13 07:59 - 2022-01-03 21:19 - 000000001 _____ C:\WINDOWS\vgkbootstatus.dat
2024-01-13 07:57 - 2023-02-04 13:54 - 000000006 ____H C:\WINDOWS\Tasks\SA.DAT
2024-01-13 07:57 - 2022-05-07 06:24 - 000000000 ___HD C:\Program Files\WindowsApps
2024-01-13 07:57 - 2022-05-07 06:24 - 000000000 ____D C:\WINDOWS\AppReadiness
2024-01-13 07:57 - 2022-01-03 18:40 - 000872200 _____ C:\WINDOWS\system32\wpbbin.exe
2024-01-13 07:57 - 2022-01-03 18:40 - 000833600 _____ C:\WINDOWS\system32\AsusUpdateCheck.exe
2024-01-13 07:57 - 2022-01-03 18:40 - 000012288 ___SH C:\DumpStack.log.tmp
2024-01-12 23:42 - 2022-05-07 06:17 - 000524288 _____ C:\WINDOWS\system32\config\BBI
2024-01-12 23:41 - 2022-01-26 21:26 - 000000000 ____D C:\Users\xawie\AppData\Roaming\discord
2024-01-12 23:41 - 2022-01-04 14:54 - 000000000 ____D C:\Users\xawie\AppData\Roaming\Microsoft\Excel
2024-01-12 23:17 - 2023-02-04 13:51 - 000000000 ____D C:\WINDOWS\system32\SleepStudy
2024-01-12 23:15 - 2022-01-26 21:26 - 000000000 ____D C:\Users\xawie\AppData\Local\Discord
2024-01-12 21:02 - 2023-02-26 15:43 - 000003336 _____ C:\WINDOWS\system32\Tasks\CorelUpdateHelperTask-4E87A419AF20C0AF5D579748F10645CB
2024-01-12 20:12 - 2020-07-02 18:52 - 000000000 ____D C:\Filmy
2024-01-12 16:33 - 2022-01-03 21:24 - 000000000 ____D C:\Users\xawie\AppData\Roaming\Microsoft\Word
2024-01-12 14:47 - 2023-01-16 15:09 - 000002479 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Microsoft Edge.lnk
2024-01-12 14:46 - 2022-01-03 18:59 - 000918944 ____N (Microsoft Corporation) C:\WINDOWS\system32\MpSigStub.exe
2024-01-12 14:36 - 2022-01-03 21:43 - 000000000 ____D C:\Users\xawie\AppData\Local\Steam
2024-01-11 20:26 - 2022-05-07 06:24 - 000000000 ____D C:\Program Files\Common Files\microsoft shared
2024-01-11 20:25 - 2022-01-03 20:50 - 000000000 ____D C:\Program Files\Microsoft Office
2024-01-10 20:18 - 2022-01-03 19:49 - 000000000 ____D C:\Program Files (x86)\Google
2024-01-10 16:26 - 2022-01-03 18:58 - 000000000 ____D C:\WINDOWS\system32\MRT
2024-01-10 16:23 - 2022-05-07 06:17 - 000000000 ____D C:\WINDOWS\CbsTemp
2024-01-10 16:23 - 2022-01-03 18:58 - 189718008 ____C (Microsoft Corporation) C:\WINDOWS\system32\MRT.exe
2024-01-09 22:39 - 2022-01-03 21:24 - 000000000 ____D C:\Users\xawie\AppData\Roaming\Microsoft\Office
2024-01-09 19:20 - 2022-01-03 18:54 - 000000000 ____D C:\Users\xawie\AppData\Local\Packages
2024-01-09 13:55 - 2023-03-17 13:53 - 000000000 ____D C:\Users\xawie\AppData\Local\Ubisoft Game Launcher
2024-01-07 23:17 - 2023-02-04 12:04 - 000000000 ____D C:\Users\xawie
2024-01-07 16:07 - 2021-07-11 21:23 - 000000000 ____D C:\Users\xawie\AppData\Local\CrashDumps
2024-01-05 18:37 - 2022-05-07 06:24 - 000000000 ____D C:\WINDOWS\LiveKernelReports
2024-01-04 14:53 - 2022-05-07 06:24 - 000000000 ____D C:\WINDOWS\system32\SecurityHealth
2024-01-01 22:59 - 2023-09-29 12:33 - 000000000 ____D C:\WINDOWS\system32\Microsoft-Edge-WebView
2024-01-01 22:59 - 2023-02-04 13:51 - 000635816 _____ C:\WINDOWS\system32\FNTCACHE.DAT
2024-01-01 22:59 - 2022-05-07 06:24 - 000000000 ____D C:\WINDOWS\bcastdvr
2024-01-01 22:47 - 2022-11-24 16:29 - 000000000 ____D C:\Users\xawie\OneDrive - VSB-TUO\Dokumenty\Anno 1800
2024-01-01 21:52 - 2021-05-21 08:07 - 000000000 ____D C:\Users\xawie\AppData\Local\AMD_Common
2023-12-22 14:42 - 2022-01-03 20:53 - 000000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\ArcGIS
2023-12-22 14:36 - 2023-11-24 21:02 - 000000000 ____D C:\Users\xawie\OneDrive - VSB-TUO\Plocha\MC 24.11.2023
2023-12-22 14:26 - 2022-09-10 17:19 - 000000000 ____D C:\Program Files\Epic Games
2023-12-21 15:21 - 2022-01-25 11:55 - 000000000 ____D C:\ProgramData\Samsung
2023-12-19 11:58 - 2022-01-03 20:07 - 000000000 ____D C:\ProgramData\Adobe
2023-12-19 11:58 - 2022-01-03 18:54 - 000000000 ____D C:\Users\xawie\AppData\Roaming\Adobe
2023-12-19 11:58 - 2020-09-09 09:20 - 000000000 ____D C:\Users\xawie\AppData\Local\Adobe
2023-12-16 10:40 - 2023-01-30 15:08 - 000000666 _____ C:\WINDOWS\Tasks\CCleanerCrashReporting.job
2023-12-16 10:40 - 2022-01-03 21:28 - 000000000 ____D C:\Program Files\CCleaner
2023-12-15 21:54 - 2022-01-03 18:54 - 000000000 ____D C:\ProgramData\Packages
2023-12-15 07:56 - 2023-02-04 13:54 - 000003936 _____ C:\WINDOWS\system32\Tasks\CCleaner Update
2023-12-15 07:56 - 2023-02-04 13:54 - 000003378 _____ C:\WINDOWS\system32\Tasks\CCleanerCrashReporting
2023-12-14 16:22 - 2023-02-04 13:54 - 003212800 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\PrintConfig.dll
2023-12-14 16:12 - 2022-05-07 06:24 - 000000000 ____D C:\ProgramData\USOPrivate

==================== Files in the root of some directories ========

2022-01-15 17:28 - 2022-01-15 17:28 - 000000973 _____ () C:\Users\xawie\fade1ccb-c3bb-3801-b3db-5d2eae323206.dat
2023-02-26 08:45 - 2023-03-20 22:03 - 000208896 _____ () C:\Users\xawie\AppData\Roaming\emp.bin
2022-03-06 13:35 - 2023-03-11 23:01 - 000007349 _____ () C:\Users\xawie\AppData\Roaming\VoiceMeeterDefault.xml
2022-08-21 08:38 - 2022-08-21 08:38 - 000005390 _____ () C:\Users\xawie\AppData\Local\9468080671
2020-09-09 20:04 - 2020-09-09 20:04 - 000000000 _____ () C:\Users\xawie\AppData\Local\oobelibMkey.log
2021-05-21 08:14 - 2021-05-21 08:14 - 000007605 _____ () C:\Users\xawie\AppData\Local\Resmon.ResmonCfg
2021-12-12 18:43 - 2021-12-12 18:43 - 000000003 _____ () C:\Users\xawie\AppData\Local\updater.log
2021-12-12 18:43 - 2021-12-12 18:45 - 000000059 _____ () C:\Users\xawie\AppData\Local\UserProducts.xml

==================== SigCheck ============================

(There is no automatic fix for files that do not pass verification.)

==================== End of FRST.txt ========================

Kód: Vybrat vše

Additional scan result of Farbar Recovery Scan Tool (x64) Version: 11.01.2024
Ran by xawie (13-01-2024 08:40:47)
Running from C:\Users\xawie\Downloads
Microsoft Windows 11 Home Version 23H2 22631.2861 (X64) (2023-02-04 13:18:45)
Boot Mode: Normal
==========================================================


==================== Accounts: =============================


(If an entry is included in the fixlist, it will be removed.)

Administrator (S-1-5-21-65323361-3339110103-3339747079-500 - Administrator - Disabled)
DefaultAccount (S-1-5-21-65323361-3339110103-3339747079-503 - Limited - Disabled)
Guest (S-1-5-21-65323361-3339110103-3339747079-501 - Limited - Disabled)
WDAGUtilityAccount (S-1-5-21-65323361-3339110103-3339747079-504 - Limited - Disabled)
xawie (S-1-5-21-65323361-3339110103-3339747079-1001 - Administrator - Enabled) => C:\Users\xawie

==================== Security Center ========================

(If an entry is included in the fixlist, it will be removed.)

AV: Windows Defender (Enabled - Up to date) {D68DDC3A-831F-4fae-9E44-DA132C1ACF46}

==================== Installed Programs ======================

(Only the adware programs with "Hidden" flag could be added to the fixlist to unhide them. The adware programs should be uninstalled manually.)

Adobe Genuine Service (HKLM-x32\...\AdobeGenuineService) (Version: 8.1.0.3 - Adobe Inc.)
Adobe Photoshop 2022 (HKLM-x32\...\PHSP_23_2_1) (Version: 23.2.1.303 - Adobe Inc.)
Advanced Renamer (HKLM\...\Advanced Renamer_is1) (Version: 3.88 - Hulubulu Software)
AMD GPIO2 Driver (HKLM-x32\...\{E9DD399F-21A3-479E-A7DF-D6CF4B2ADBF3}) (Version: 2.2.0.130 - Advanced Micro Devices, Inc.) Hidden
AMD Chipset Software (HKLM-x32\...\AMD_Chipset_IODrivers) (Version: 3.10.08.506 - Advanced Micro Devices, Inc.)
AMD PCI Driver (HKLM-x32\...\{80EC3CEE-2940-42A1-A776-B5D810D39F1E}) (Version: 1.0.0.83 - Advanced Micro Devices, Inc.) Hidden
AMD PSP Driver (HKLM-x32\...\{988F14B8-79A8-475D-BAC7-83F96AD3D821}) (Version: 5.17.0.0 - Advanced Micro Devices, Inc.) Hidden
AMD Ryzen Balanced Driver (HKLM-x32\...\{A171D320-C42C-4F3B-A2D8-C6A09F6788CC}) (Version: 7.0.3.5 - Advanced Micro Devices, Inc.) Hidden
AMD SBxxx SMBus Driver (HKLM-x32\...\{AAE0E27D-C88A-49BA-8715-77ADCD4286A3}) (Version: 5.12.0.38 - Advanced Micro Devices, Inc.) Hidden
AMD Software (HKLM\...\AMD Catalyst Install Manager) (Version: 22.3.1 - Advanced Micro Devices, Inc.)
AMD_Chipset_Drivers (HKLM-x32\...\{aebb22c8-1fcb-4e7d-92ae-98f1012da7a2}) (Version: 3.10.08.506 - Advanced Micro Devices, Inc.) Hidden
Anno 1800 (HKLM-x32\...\Uplay Install 4553) (Version:  - Ubisoft)
ArcGIS Pro (HKLM\...\{E3B1CE52-A1E6-4386-95C4-5AB450EF57BD}) (Version: 2.4.19948 - Environmental Systems Research Institute, Inc.) Hidden
ArcGIS Pro (HKLM\...\ArcGISPro) (Version: 2.4.19948 - Environmental Systems Research Institute, Inc.)
Balíček ovladače systému Windows - Google, Inc. (WinUSB) AndroidUsbDeviceClass  (08/27/2012 7.0.0000.00004) (HKLM\...\BE156A27AFEAEA39D6A7C9D25CFA8DAFAF91756B) (Version: 08/27/2012 7.0.0000.00004 - Google, Inc.)
Balíček ovladače systému Windows - Google, Inc. (WinUSB) AndroidUsbDeviceClass  (08/27/2012 7.0.0000.00004) (HKLM\...\D43FD4059F47ACA9539247D6CF690AAEA503AF2D) (Version: 08/27/2012 7.0.0000.00004 - Google, Inc.)
Balíček ovladače systému Windows - SAMSUNG Electronics Co., Ltd.  (dg_ssudbus) USB  (12/02/2015 2.12.1.0) (HKLM\...\85A33267F12961AF9ED9AE799DEDA5E62BEA236F) (Version: 12/02/2015 2.12.1.0 - SAMSUNG Electronics Co., Ltd. )
Balíček ovladače systému Windows - SAMSUNG Electronics Co., Ltd.  (ssudmdm) Modem  (12/02/2015 2.12.1.0) (HKLM\...\88ED314360B98E6E82E7CC3201FAEB4A9FD291B4) (Version: 12/02/2015 2.12.1.0 - SAMSUNG Electronics Co., Ltd. )
Balíček ovladače systému Windows - SAMSUNG Electronics Co., Ltd.  (WinUSB) AndroidUsbDeviceClass  (12/02/2015 2.12.1.0) (HKLM\...\701281E8283E9E3681220099A9DA5013A5A437AF) (Version: 12/02/2015 2.12.1.0 - SAMSUNG Electronics Co., Ltd. )
Bandicam (HKLM-x32\...\Bandicam) (Version: 7.0.0.2117 - Bandicam.com)
Bandicam MPEG-1 Decoder (HKLM-x32\...\BandiMPEG1) (Version:  - Bandicam.com)
Bonjour (HKLM\...\{6E3610B2-430D-4EB0-81E3-2B57E8B9DE8D}) (Version: 3.0.0.10 - Apple Inc.)
Branding64 (HKLM\...\{2AF42320-5ECF-4BCA-B756-8F3677262D55}) (Version: 1.00.0009 - Advanced Micro Devices, Inc.) Hidden
CameraRaw (HKLM\...\{7EC5A83F-98E7-47B7-96DA-D2AD9C3908F9}) (Version: 16.0 - Adobe)
CCleaner (HKLM\...\CCleaner) (Version: 6.19 - Piriform)
Cisco AnyConnect Secure Mobility Client  (HKLM-x32\...\Cisco AnyConnect Secure Mobility Client) (Version: 4.10.07061 - Cisco Systems, Inc.)
Cisco AnyConnect Secure Mobility Client (HKLM-x32\...\{11E16B39-0FA6-4DF0-9736-73BB638C9924}) (Version: 4.10.07061 - Cisco Systems, Inc.) Hidden
Classic Sticky Notes (HKLM\...\Classic Sticky Notes_is1) (Version: 2.0 - Winaero)
Common Desktop Agent (HKLM\...\{031A0E14-0413-4C97-9772-2639B782F46F}) (Version: 1.62.0 - OEM) Hidden
Corel Graphics - Windows Shell Extension (HKLM\...\_{76E381CE-5AD1-4A02-9CF4-B407B1BE9BE0}) (Version: 24.0.0.293 - Corel Corporation)
Corel Graphics - Windows Shell Extension (HKLM\...\{76E381CE-5AD1-4A02-9CF4-B407B1BE9BE0}) (Version: 24.0.293 - Corel Corporation) Hidden
Corel Graphics - Windows Shell Extension 32 Bit Keys (HKLM\...\{98CFADA3-527D-4A92-9160-EE463FCE95A5}) (Version: 24.0.293 - Corel Corporation) Hidden
Corel Update Manager (HKLM\...\{4BAE1A4E-9E7A-4DEB-93DF-F2EB7539C3E2}) (Version: 2.16.673 - Corel corporation) Hidden
CorelDRAW Graphics Suite (HKLM\...\_{1E4B5F2C-0532-4CDA-AFCD-674E9C37521E}) (Version: 24.2.0.444 - Corel Corporation)
CorelDRAW Graphics Suite 2022 - IPM (x64) (HKLM\...\{C3AA2B13-47FD-4A79-8B12-371D41CEBA58}) (Version: 24.2 - Corel Corporation) Hidden
CorelDRAW Graphics Suite 2022 - IPM Content EN (x64) (HKLM\...\{E4106E1B-D15B-4BC1-94E7-F4D8BB5E4E8F}) (Version: 24.1 - Corel Corporation) Hidden
CorelDRAW Graphics Suite 2022 - Writing Tools (x64) (HKLM\...\{7DCFAD1B-69CB-4394-8EF6-E2ECECDF098C}) (Version: 24.2 -  Corel Corporation) Hidden
Discord (HKU\S-1-5-21-65323361-3339110103-3339747079-1001\...\Discord) (Version: 1.0.9003 - Discord Inc.)
EaseUS Data Recovery Wizard (HKLM\...\EaseUS Data Recovery Wizard_is1) (Version:  - EaseUS)
Epic Games Launcher (HKLM-x32\...\{FAC47927-1A6A-4C6E-AD7D-E9756794A4BC}) (Version: 1.3.23.0 - Epic Games, Inc.)
Epic Games Launcher Prerequisites (x64) (HKLM\...\{F9C5C994-F6B9-4D75-B3E7-AD01B84073E9}) (Version: 1.0.0.0 - Epic Games, Inc.) Hidden
Epic Online Services (HKLM-x32\...\{758842D2-1538-4008-A8E3-66F65A061C52}) (Version: 2.0.33.0 - Epic Games, Inc.)
ffdshow v1.3.4533 [2014-09-29] (HKLM-x32\...\ffdshow_is1) (Version: 1.3.4533.0 - )
FileZilla 3.65.0 (HKLM-x32\...\FileZilla Client) (Version: 3.65.0 - Tim Kosse)
Folder Size (64-bit) (HKLM\...\{F24FF688-7138-4CCF-A83F-71E9FB01170E}) (Version: 2.6 - Brio)
Ghostscript GPL 8.64 (Msi Setup) (HKLM-x32\...\_{06CD45E6-FF5E-4D8E-BC01-B276A90DADF2}) (Version: 8.64 - Corel Corporation)
Ghostscript GPL 8.64 (Msi Setup) (HKLM-x32\...\{06CD45E6-FF5E-4D8E-BC01-B276A90DADF2}) (Version: 8.64 - Corel Corporation) Hidden
Git (HKLM\...\Git_is1) (Version: 2.39.1 - The Git Development Community)
Google Chrome (HKLM-x32\...\Google Chrome) (Version: 120.0.6099.217 - Google LLC)
IntelliJ IDEA Community Edition 2021.3.1 (HKLM-x32\...\IntelliJ IDEA Community Edition 2021.3.1) (Version: 213.6461.79 - JetBrains s.r.o.)
Java 8 Update 333 (64-bit) (HKLM\...\{26A24AE4-039D-4CA4-87B4-2F64180333F0}) (Version: 8.0.3330.2 - Oracle Corporation)
Java SE Development Kit 8 Update 311 (64-bit) (HKLM\...\{64A3A4F4-B792-11D6-A78A-00B0D0180311}) (Version: 8.0.3110.11 - Oracle Corporation)
Java(TM) SE Development Kit 17.0.9 (64-bit) (HKLM\...\{7CD8D9DB-19F2-57B0-8F04-99DA5B3C62D4}) (Version: 17.0.9.0 - Oracle Corporation)
Key Remapper 1.13 (HKLM-x32\...\Key Remapper_is1) (Version: 1.13.0.480 - ATNSOFT)
Kontrola stavu osobního počítače s Windows (HKLM\...\{E496AFB7-CB04-46CF-8FBB-5D665BC8811B}) (Version: 3.3.2110.22002 - Microsoft Corporation)
Launcher Prerequisites (x64) (HKLM-x32\...\{43a03b9c-4770-409c-a999-587b60700b63}) (Version: 1.0.0.0 - Epic Games, Inc.) Hidden
League of Legends (HKU\S-1-5-21-65323361-3339110103-3339747079-1001\...\Riot Game league_of_legends.live) (Version:  - Riot Games, Inc)
LogMeIn Hamachi (HKLM-x32\...\{B49685C9-32FA-4194-A43F-DAF6BD60F2EC}) (Version: 2.3.0.78 - LogMeIn, Inc.) Hidden
LogMeIn Hamachi (HKLM-x32\...\LogMeIn Hamachi) (Version: 2.3.0.78 - LogMeIn, Inc.)
Malwarebytes version 4.5.19.229 (HKLM\...\{35065F43-4BB2-439A-BFF7-0F1014F2E0CD}_is1) (Version: 4.5.19.229 - Malwarebytes)
Microsoft .NET Core Host - 3.1.31 (x64) (HKLM\...\{97ECD882-397F-4825-B7FB-1B9DF76B7DD9}) (Version: 24.124.31813 - Microsoft Corporation) Hidden
Microsoft .NET Core Host FX Resolver - 3.1.31 (x64) (HKLM\...\{4CF84AED-891D-4ECD-93FB-94B58A43F454}) (Version: 24.124.31813 - Microsoft Corporation) Hidden
Microsoft .NET Core Runtime - 3.1.31 (x64) (HKLM\...\{337A821B-2ED5-42BC-8699-238B600CBB73}) (Version: 24.124.31813 - Microsoft Corporation) Hidden
Microsoft 365 Apps pro velké organizace - cs-cz (HKLM\...\O365ProPlusRetail - cs-cz) (Version: 16.0.17029.20140 - Microsoft Corporation)
Microsoft Access database engine 2016 (English) (HKLM\...\{90160000-00D1-0409-1000-0000000FF1CE}) (Version: 16.0.5044.1000 - Microsoft Corporation)
Microsoft Edge (HKLM-x32\...\Microsoft Edge) (Version: 120.0.2210.133 - Microsoft Corporation)
Microsoft Edge WebView2 Runtime (HKLM-x32\...\Microsoft EdgeWebView) (Version: 120.0.2210.121 - Microsoft Corporation)
Microsoft GameInput (HKLM-x32\...\{1F2B6AF3-C260-8666-5950-E3FEDBC851D6}) (Version: 10.1.22621.3036 - Microsoft Corporation)
Microsoft OneDrive (HKLM\...\OneDriveSetup.exe) (Version: 23.096.0507.0001 - Microsoft Corporation)
Microsoft Update Health Tools (HKLM\...\{C6FD611E-7EFE-488C-A0E0-974C09EF6473}) (Version: 5.72.0.0 - Microsoft Corporation)
Microsoft Visual Basic for Applications 7.1 (x64) (HKLM\...\{90120064-0070-0000-0000-4000000FF1CE}) (Version: 7.1.00.00 - Microsoft Corporation) Hidden
Microsoft Visual Basic for Applications 7.1 (x64) English (HKLM\...\{90F60409-7000-11D3-8CFE-0150048383C9}) (Version: 7.1.0.0 - Microsoft Corporation) Hidden
Microsoft Visual C++ 2008 Redistributable - x64 9.0.30729.4148 (HKLM\...\{4B6C7001-C7D6-3710-913E-5BC23FCE91E6}) (Version: 9.0.30729.4148 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.6161 (HKLM-x32\...\{9BE518E6-ECC6-35A9-88E4-87755C07200F}) (Version: 9.0.30729.6161 - Microsoft Corporation)
Microsoft Visual C++ 2010  x64 Redistributable - 10.0.40219 (HKLM\...\{1D8E6291-B0D5-35EC-8441-6616F567A0F7}) (Version: 10.0.40219 - Microsoft Corporation)
Microsoft Visual C++ 2010  x86 Redistributable - 10.0.40219 (HKLM-x32\...\{F0C3E5D1-1ADE-321E-8167-68EF0DE699A5}) (Version: 10.0.40219 - Microsoft Corporation)
Microsoft Visual C++ 2012 Redistributable (x64) - 11.0.61030 (HKLM-x32\...\{ca67548a-5ebe-413a-b50c-4b9ceb6d66c6}) (Version: 11.0.61030.0 - Microsoft Corporation)
Microsoft Visual C++ 2012 Redistributable (x86) - 11.0.61030 (HKLM-x32\...\{650c9b4a-60ec-4e4e-8d8e-32d85ce3b7c5}) (Version: 11.0.61030.0 - Microsoft Corporation)
Microsoft Visual C++ 2012 x64 Additional Runtime - 11.0.61030 (HKLM\...\{37B8F9C7-03FB-3253-8781-2517C99D7C00}) (Version: 11.0.61030 - Microsoft Corporation) Hidden
Microsoft Visual C++ 2012 x64 Minimum Runtime - 11.0.61030 (HKLM\...\{CF2BEA3C-26EA-32F8-AA9B-331F7E34BA97}) (Version: 11.0.61030 - Microsoft Corporation) Hidden
Microsoft Visual C++ 2012 x86 Additional Runtime - 11.0.61030 (HKLM-x32\...\{B175520C-86A2-35A7-8619-86DC379688B9}) (Version: 11.0.61030 - Microsoft Corporation) Hidden
Microsoft Visual C++ 2012 x86 Minimum Runtime - 11.0.61030 (HKLM-x32\...\{BD95A8CD-1D9F-35AD-981A-3E7925026EBB}) (Version: 11.0.61030 - Microsoft Corporation) Hidden
Microsoft Visual C++ 2013 Redistributable (x64) - 12.0.30501 (HKLM-x32\...\{050d4fc8-5d48-4b8f-8972-47c82c46020f}) (Version: 12.0.30501.0 - Microsoft Corporation)
Microsoft Visual C++ 2013 Redistributable (x64) - 12.0.40664 (HKLM-x32\...\{042d26ef-3dbe-4c25-95d3-4c1b11b235a7}) (Version: 12.0.40664.0 - Microsoft Corporation)
Microsoft Visual C++ 2013 Redistributable (x86) - 12.0.30501 (HKLM-x32\...\{f65db027-aff3-4070-886a-0d87064aabb1}) (Version: 12.0.30501.0 - Microsoft Corporation)
Microsoft Visual C++ 2013 Redistributable (x86) - 12.0.40664 (HKLM-x32\...\{9dff3540-fc85-4ed5-ac84-9e3c7fd8bece}) (Version: 12.0.40664.0 - Microsoft Corporation)
Microsoft Visual C++ 2013 x64 Additional Runtime - 12.0.40664 (HKLM\...\{010792BA-551A-3AC0-A7EF-0FAB4156C382}) (Version: 12.0.40664 - Microsoft Corporation) Hidden
Microsoft Visual C++ 2013 x64 Minimum Runtime - 12.0.40664 (HKLM\...\{53CF6934-A98D-3D84-9146-FC4EDF3D5641}) (Version: 12.0.40664 - Microsoft Corporation) Hidden
Microsoft Visual C++ 2013 x86 Additional Runtime - 12.0.40664 (HKLM-x32\...\{D401961D-3A20-3AC7-943B-6139D5BD490A}) (Version: 12.0.40664 - Microsoft Corporation) Hidden
Microsoft Visual C++ 2013 x86 Minimum Runtime - 12.0.40664 (HKLM-x32\...\{8122DAB1-ED4D-3676-BB0A-CA368196543E}) (Version: 12.0.40664 - Microsoft Corporation) Hidden
Microsoft Visual C++ 2015-2022 Redistributable (x64) - 14.36.32532 (HKLM-x32\...\{8bdfe669-9705-4184-9368-db9ce581e0e7}) (Version: 14.36.32532.0 - Microsoft Corporation)
Microsoft Visual C++ 2015-2022 Redistributable (x86) - 14.36.32532 (HKLM-x32\...\{410c0ee1-00bb-41b6-9772-e12c2828b02f}) (Version: 14.36.32532.0 - Microsoft Corporation)
Microsoft Visual C++ 2022 X64 Additional Runtime - 14.36.32532 (HKLM\...\{0025DD72-A959-45B5-A0A3-7EFEB15A8050}) (Version: 14.36.32532 - Microsoft Corporation) Hidden
Microsoft Visual C++ 2022 X64 Minimum Runtime - 14.36.32532 (HKLM\...\{D5D19E2F-7189-42FE-8103-92CD1FA457C2}) (Version: 14.36.32532 - Microsoft Corporation) Hidden
Microsoft Visual C++ 2022 X86 Additional Runtime - 14.36.32532 (HKLM-x32\...\{C2C59CAB-8766-4ABD-A8EF-1151A36C41E5}) (Version: 14.36.32532 - Microsoft Corporation) Hidden
Microsoft Visual C++ 2022 X86 Minimum Runtime - 14.36.32532 (HKLM-x32\...\{73F77E4E-5A17-46E5-A5FC-8A061047725F}) (Version: 14.36.32532 - Microsoft Corporation) Hidden
Microsoft Visual Studio Tools for Applications 2019 (HKLM-x32\...\{1edcd8d2-905a-4e93-bfdf-92ed5601528a}) (Version: 16.0.28801 - Microsoft Corporation)
Microsoft Visual Studio Tools for Applications 2019 x64 Hosting Support (HKLM\...\{9D6CE289-E12C-38BB-9999-E2377EC118B7}) (Version: 16.0.28801 - Microsoft Corporation) Hidden
Microsoft Visual Studio Tools for Applications 2019 x86 Hosting Support (HKLM-x32\...\{7C931D41-F302-3494-868C-320A4F4DD9F9}) (Version: 16.0.28801 - Microsoft Corporation) Hidden
Microsoft Windows Desktop Runtime - 3.1.31 (x64) (HKLM\...\{F3479C10-2CEA-4C17-8C49-5AD92965254D}) (Version: 24.124.31813 - Microsoft Corporation) Hidden
Microsoft Windows Desktop Runtime - 3.1.31 (x64) (HKLM-x32\...\{2c0fd312-a570-439d-8831-42fe66080acc}) (Version: 3.1.31.31813 - Microsoft Corporation)
Neural Filters (HKLM\...\{70F9BD38-D373-4CC8-BF4A-414DE0D0C42F}) (Version: 1.15.0.100 - Adobe)
Notepad++ (64-bit x64) (HKLM\...\Notepad++) (Version: 8.4.8 - Notepad++ Team)
NVIDIA PhysX (HKLM-x32\...\{B455E95A-B804-439F-B533-336B1635AE97}) (Version: 9.14.0702 - NVIDIA Corporation)
Office 16 Click-to-Run Extensibility Component (HKLM\...\{90160000-008C-0000-1000-0000000FF1CE}) (Version: 16.0.17029.20000 - Microsoft Corporation) Hidden
Office 16 Click-to-Run Licensing Component (HKLM\...\{90160000-007E-0000-1000-0000000FF1CE}) (Version: 16.0.17029.20140 - Microsoft Corporation) Hidden
OpenVPN 2.5.5-I602 amd64 (HKLM\...\{ECDEB23C-E72D-F54F-081D-D2180DBF1497}) (Version: 2.5.028 - OpenVPN, Inc.)
Plagius - Plagiarism Detector 2.4.24 (HKLM-x32\...\{4ADC8FAB-C60F-4984-9DC4-823F344F8AF3}_is1) (Version: 2.4.24 - GH Software Ltda.)
Pomocník s instalací Windows 11 (HKLM-x32\...\{115DF11E-4B4C-4EA9-9A79-00DB0C7EF02D}) (Version: 1.4.19041.1401 - Microsoft Corporation)
PotPlayer-64 bit (HKLM\...\PotPlayer64) (Version: 220905 - Kakao Corp.)
Prismarine Web Client (HKU\S-1-5-21-65323361-3339110103-3339747079-1001\...\4e84a268555c87d844c3630e0fe9c1e2) (Version: 1.0 - Google\Chrome)
Razer Cortex (HKLM-x32\...\Razer Cortex_is1) (Version: 10.4.10.0 - Razer Inc.)
Razer Synapse (HKLM-x32\...\Razer Synapse) (Version: 3.7.1209.121307 - Razer Inc.)
Riot Vanguard (HKLM\...\Riot Vanguard) (Version:  - Riot Games, Inc.)
Rockstar Games Launcher (HKLM-x32\...\Rockstar Games Launcher) (Version: 1.0.55.661 - Rockstar Games)
Rockstar Games Social Club (HKLM-x32\...\Rockstar Games Social Club) (Version: 2.0.9.3 - Rockstar Games)
RyzenMasterSDK (HKLM\...\{B526C51D-E228-4AA0-BBBB-42EB7A90631E}) (Version: 1.2.3.5 - Advanced Micro Devices, Inc.) Hidden
Samsung C2620 Series (HKLM-x32\...\Samsung C2620 Series) (Version: 1.14 (18.07.2017) - Samsung Electronics Co., Ltd.)
Samsung C2670 Series (HKLM-x32\...\Samsung C2670 Series) (Version: 1.11 (21.07.2017) - Samsung Electronics Co., Ltd.)
Samsung Easy Printer Manager (HKLM-x32\...\Samsung Easy Printer Manager) (Version: 2.00.01.35 - HP Inc.)
Samsung Printer Diagnostics (HKLM-x32\...\Samsung Printer Diagnostics) (Version: 1.0.0.17 - Samsung Electronics Co., Ltd.)
Samsung Printer Live Update (HKLM-x32\...\Samsung Printer Live Update) (Version: 1.01.00:04(2013-04-22) - Samsung Electronics Co., Ltd.)
Samsung Scan Process Machine (HKLM-x32\...\Samsung Scan Process Machine) (Version: 1.03.05.28 - Samsung Electronics Co., Ltd.) Hidden
SimSync Launcher 0.4.3 (HKU\S-1-5-21-65323361-3339110103-3339747079-1001\...\da313879-5037-5841-a9df-e8fb817718b4) (Version: 0.4.3 - SimSync)
SketchUp Language Pack [cs] (HKLM\...\{ca0041d2-4059-4b49-733d-708944038fd1}) (Version: 22.0.354 - Název společnosti:) Hidden
SketchUp Pro 2022 (HKLM-x32\...\{c631706c-1735-11ec-9621-0242ac130015}) (Version: 22.0.354 - Trimble, Inc.)
SketchUpPro 2022 (HKLM\...\{898ed298-4bc7-f67e-2e5b-6202a980787a}) (Version: 22.0.354.126 - Název společnosti:) Hidden
SmartShare (HKLM-x32\...\{BAB337AE-DD9E-45C3-BED6-0EE4732AEC60}) (Version: 2.3.1712.1201 - LG Electronics Inc.)
Steam (HKLM-x32\...\Steam) (Version: 2.10.91.91 - Valve Corporation)
TAP-Windows 9.24.2 (HKLM\...\TAP-Windows) (Version: 9.24.2 - OpenVPN Technologies, Inc.)
Teams Machine-Wide Installer (HKLM-x32\...\{731F6BAA-A986-45A4-8936-7C3AAAAA760B}) (Version: 1.5.0.30767 - Microsoft Corporation)
TLauncher (HKLM-x32\...\TLauncher) (Version: 2.885 - TLauncher Inc.)
Ubisoft Connect (HKLM-x32\...\Uplay) (Version: 139.2.10843 - Ubisoft)
UXP WebView Support (HKLM-x32\...\UXPW_1_1_0) (Version: 1.1.0 - Adobe Inc.)
VALORANT (HKU\S-1-5-21-65323361-3339110103-3339747079-1001\...\Riot Game valorant.live) (Version:  - Riot Games, Inc)
Vector Magic (HKLM-x32\...\Vector Magic) (Version: 1.15 - Vector Magic, Inc.)
Voicemeeter, The Virtual Mixing Console (HKLM-x32\...\VB:Voicemeeter {17359A74-1236-5467}) (Version:  - VB-Audio Software)
Windows Movie Maker 2022 (HKLM\...\{9CC29C6A-B5FE-497B-8F23-52A2557A92C0}}_is1) (Version:  - VideoWin)
WinHTTrack Website Copier 3.49-2 (x64) (HKLM\...\WinHTTrack Website Copier_is1) (Version: 3.49.2 - HTTrack)
WinRAR 6.11 (64-bit) (HKLM\...\WinRAR archiver) (Version: 6.11.0 - win.rar GmbH)
Wondershare Filmora 12(Build 12.0.9.1382) (HKU\S-1-5-21-65323361-3339110103-3339747079-1001\...\Wondershare Filmora 12_is1) (Version:  - Wondershare Software)
Wondershare Helper Compact 2.6.0 (HKLM-x32\...\{5363CE84-5F09-48A1-8B6C-6BB590FFEDF2}_is1) (Version: 2.6.0 - Wondershare)
Wondershare NativePush(Build 1.0.0.7) (HKU\S-1-5-21-65323361-3339110103-3339747079-1001\...\Wondershare NativePush_is1) (Version:  - )
X-Mouse Button Control 2.19.2 (HKLM-x32\...\X-Mouse Button Control) (Version: 2.19.2 - Highresolution Enterprises)

Packages:
=========
AMD Link -> C:\Program Files\WindowsApps\AdvancedMicroDevicesInc-2.AMDLink_10.23.10015.0_x64__0a9344xs7nr4m [2023-07-17] (Advanced Micro Devices Inc.)
AMD Radeon Software -> C:\Program Files\AMD\CNext\CNext [2024-01-11] (Advanced Micro Devices Inc.) [Startup Task]
Dev Home -> C:\Program Files\WindowsApps\Microsoft.Windows.DevHome_0.900.374.0_x64__8wekyb3d8bbwe [2024-01-11] (Microsoft Corporation)
HP Smart -> C:\Program Files\WindowsApps\AD2F1837.HPPrinterControl_151.2.1091.0_x64__v10z8vjag6ke6 [2024-01-12] (HP Inc.)
Microsoft Family -> C:\Program Files\WindowsApps\MicrosoftCorporationII.MicrosoftFamily_0.2.40.0_x64__8wekyb3d8bbwe [2023-09-15] (Microsoft Corp.)
Microsoft Teams (work or school) -> C:\Program Files\WindowsApps\MSTeams_23320.3021.2567.4799_x64__8wekyb3d8bbwe [2023-12-15] (Microsoft) [Startup Task]
Microsoft.WindowsAppRuntime.CBS -> C:\WINDOWS\SystemApps\Microsoft.WindowsAppRuntime.CBS_8wekyb3d8bbwe [2023-12-14] (Microsoft Corporation)
Minecraft for Windows 10 -> C:\Program Files\WindowsApps\Microsoft.MinecraftUWP_1.20.5101.0_x64__8wekyb3d8bbwe [2023-12-16] (Microsoft Studios)
Minecraft Launcher -> C:\Program Files\WindowsApps\Microsoft.4297127D64EC6_1.7.2.0_x64__8wekyb3d8bbwe [2023-12-21] (Microsoft Studios)
Minecraft: Java Edition -> C:\Program Files\WindowsApps\Microsoft.MinecraftJavaEdition_1.0.5.0_x64__8wekyb3d8bbwe [2023-07-19] (Microsoft Studios)
Samsung Printer Experience -> C:\Program Files\WindowsApps\SAMSUNGELECTRONICSCO.LTD.SamsungPrinterExperience_1.3.15.0_x64__3c1yjt4zspk6g [2022-02-06] (Samsung Electronics Co. Ltd.)
Two Point Campus -> C:\Program Files\WindowsApps\7904SEGAEuropeLtd.TwoPointCampus_10.0.6327.0_x64__zs7esxpzd8d5c [2023-11-21] (SEGA Europe Ltd)
WhatsApp -> C:\Program Files\WindowsApps\5319275A.WhatsAppDesktop_2.2401.3.0_x64__cv1g1gvanyjgm [2024-01-12] (WhatsApp Inc.) [Startup Task]
Windows Feature Experience Pack -> C:\WINDOWS\SystemApps\MicrosoftWindows.Client.FileExp_cw5n1h2txyewy [2023-12-14] (Microsoft Corporation)
WinRAR -> C:\Program Files\WinRAR [2023-01-12] (win.rar GmbH)

==================== Custom CLSID (Whitelisted): ==============

(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)

CustomCLSID: HKU\S-1-5-21-65323361-3339110103-3339747079-1001_Classes\CLSID\{14100442-9664-1407-2647-000000000000}\localserver32 -> C:\Users\xawie\AppData\Local\Wondershare\Wondershare NativePush\WsToastNotification.exe (Wondershare Technology Group Co.,Ltd -> Wondershare)
ShellIconOverlayIdentifiers: [    OneDrive1] -> {BBACC218-34EA-4666-9D7A-C78F2274A524} => C:\Program Files\Microsoft OneDrive\23.096.0507.0001\FileSyncShell64.dll [2023-05-27] (Microsoft Corporation -> Microsoft Corporation)
ShellIconOverlayIdentifiers: [    OneDrive2] -> {5AB7172C-9C11-405C-8DD5-AF20F3606282} => C:\Program Files\Microsoft OneDrive\23.096.0507.0001\FileSyncShell64.dll [2023-05-27] (Microsoft Corporation -> Microsoft Corporation)
ShellIconOverlayIdentifiers: [    OneDrive3] -> {A78ED123-AB77-406B-9962-2A5D9D2F7F30} => C:\Program Files\Microsoft OneDrive\23.096.0507.0001\FileSyncShell64.dll [2023-05-27] (Microsoft Corporation -> Microsoft Corporation)
ShellIconOverlayIdentifiers: [    OneDrive4] -> {F241C880-6982-4CE5-8CF7-7085BA96DA5A} => C:\Program Files\Microsoft OneDrive\23.096.0507.0001\FileSyncShell64.dll [2023-05-27] (Microsoft Corporation -> Microsoft Corporation)
ShellIconOverlayIdentifiers: [    OneDrive5] -> {A0396A93-DC06-4AEF-BEE9-95FFCCAEF20E} => C:\Program Files\Microsoft OneDrive\23.096.0507.0001\FileSyncShell64.dll [2023-05-27] (Microsoft Corporation -> Microsoft Corporation)
ShellIconOverlayIdentifiers: [    OneDrive6] -> {9AA2F32D-362A-42D9-9328-24A483E2CCC3} => C:\Program Files\Microsoft OneDrive\23.096.0507.0001\FileSyncShell64.dll [2023-05-27] (Microsoft Corporation -> Microsoft Corporation)
ShellIconOverlayIdentifiers: [    OneDrive7] -> {C5FF006E-2AE9-408C-B85B-2DFDD5449D9C} => C:\Program Files\Microsoft OneDrive\23.096.0507.0001\FileSyncShell64.dll [2023-05-27] (Microsoft Corporation -> Microsoft Corporation)
ShellIconOverlayIdentifiers: [   AccExtIco1] -> {AB9CF9F8-8A96-4F9D-BF21-CE85714C3A47} => C:\Program Files (x86)\Common Files\Adobe\CoreSyncExtension\CoreSync_x64.dll [2022-01-24] (Adobe Inc. -> )
ShellIconOverlayIdentifiers: [   AccExtIco2] -> {853B7E05-C47D-4985-909A-D0DC5C6D7303} => C:\Program Files (x86)\Common Files\Adobe\CoreSyncExtension\CoreSync_x64.dll [2022-01-24] (Adobe Inc. -> )
ShellIconOverlayIdentifiers: [   AccExtIco3] -> {42D38F2E-98E9-4382-B546-E24E4D6D04BB} => C:\Program Files (x86)\Common Files\Adobe\CoreSyncExtension\CoreSync_x64.dll [2022-01-24] (Adobe Inc. -> )
ShellIconOverlayIdentifiers-x32: [    OneDrive1] -> {BBACC218-34EA-4666-9D7A-C78F2274A524} => C:\Program Files\Microsoft OneDrive\23.096.0507.0001\FileSyncShell64.dll [2023-05-27] (Microsoft Corporation -> Microsoft Corporation)
ShellIconOverlayIdentifiers-x32: [    OneDrive2] -> {5AB7172C-9C11-405C-8DD5-AF20F3606282} => C:\Program Files\Microsoft OneDrive\23.096.0507.0001\FileSyncShell64.dll [2023-05-27] (Microsoft Corporation -> Microsoft Corporation)
ShellIconOverlayIdentifiers-x32: [    OneDrive3] -> {A78ED123-AB77-406B-9962-2A5D9D2F7F30} => C:\Program Files\Microsoft OneDrive\23.096.0507.0001\FileSyncShell64.dll [2023-05-27] (Microsoft Corporation -> Microsoft Corporation)
ShellIconOverlayIdentifiers-x32: [    OneDrive4] -> {F241C880-6982-4CE5-8CF7-7085BA96DA5A} => C:\Program Files\Microsoft OneDrive\23.096.0507.0001\FileSyncShell64.dll [2023-05-27] (Microsoft Corporation -> Microsoft Corporation)
ShellIconOverlayIdentifiers-x32: [    OneDrive5] -> {A0396A93-DC06-4AEF-BEE9-95FFCCAEF20E} => C:\Program Files\Microsoft OneDrive\23.096.0507.0001\FileSyncShell64.dll [2023-05-27] (Microsoft Corporation -> Microsoft Corporation)
ShellIconOverlayIdentifiers-x32: [    OneDrive6] -> {9AA2F32D-362A-42D9-9328-24A483E2CCC3} => C:\Program Files\Microsoft OneDrive\23.096.0507.0001\FileSyncShell64.dll [2023-05-27] (Microsoft Corporation -> Microsoft Corporation)
ShellIconOverlayIdentifiers-x32: [    OneDrive7] -> {C5FF006E-2AE9-408C-B85B-2DFDD5449D9C} => C:\Program Files\Microsoft OneDrive\23.096.0507.0001\FileSyncShell64.dll [2023-05-27] (Microsoft Corporation -> Microsoft Corporation)
ContextMenuHandlers1: [ FileSyncEx] -> {CB3D0F55-BC2C-4C1A-85ED-23ED75B5106B} => C:\Program Files\Microsoft OneDrive\23.096.0507.0001\FileSyncShell64.dll [2023-05-27] (Microsoft Corporation -> Microsoft Corporation)
ContextMenuHandlers1: [AccExt] -> {2A118EB5-5797-4F5E-8B3D-F4ECBA3C98E4} => C:\Program Files (x86)\Common Files\Adobe\CoreSyncExtension\CoreSync_x64.dll [2022-01-24] (Adobe Inc. -> )
ContextMenuHandlers1: [ANotepad++64] -> {B298D29A-A6ED-11DE-BA8C-A68E55D89593} => C:\Program Files\Notepad++\NppShell_06.dll [2022-12-24] (Notepad++ -> )
ContextMenuHandlers3: [MBAMShlExt] -> {57CE581A-0CB6-4266-9CA0-19364C90A0B3} => C:\Program Files\Malwarebytes\Anti-Malware\mbshlext.dll [2023-01-12] (Malwarebytes Inc. -> Malwarebytes)
ContextMenuHandlers4: [ FileSyncEx] -> {CB3D0F55-BC2C-4C1A-85ED-23ED75B5106B} => C:\Program Files\Microsoft OneDrive\23.096.0507.0001\FileSyncShell64.dll [2023-05-27] (Microsoft Corporation -> Microsoft Corporation)
ContextMenuHandlers5: [ FileSyncEx] -> {CB3D0F55-BC2C-4C1A-85ED-23ED75B5106B} => C:\Program Files\Microsoft OneDrive\23.096.0507.0001\FileSyncShell64.dll [2023-05-27] (Microsoft Corporation -> Microsoft Corporation)
ContextMenuHandlers5: [ACE] -> {5E2121EE-0300-11D4-8D3B-444553540000} =>  -> No File
ContextMenuHandlers6: [AccExt] -> {2A118EB5-5797-4F5E-8B3D-F4ECBA3C98E4} => C:\Program Files (x86)\Common Files\Adobe\CoreSyncExtension\CoreSync_x64.dll [2022-01-24] (Adobe Inc. -> )
ContextMenuHandlers6: [MBAMShlExt] -> {57CE581A-0CB6-4266-9CA0-19364C90A0B3} => C:\Program Files\Malwarebytes\Anti-Malware\mbshlext.dll [2023-01-12] (Malwarebytes Inc. -> Malwarebytes)

==================== Codecs (Whitelisted) ====================

(If an entry is included in the fixlist, the registry item will be restored to default or removed. The file will not be moved.)

HKLM\...\Drivers32: [vidc.mjpg] => C:\WINDOWS\system32\bdmjpeg64.dll [75248 2017-01-26] (Bandicam Company -> )
HKLM\...\Drivers32: [vidc.mpeg] => C:\WINDOWS\system32\bdmpegv64.dll [75272 2017-01-26] (Bandicam Company -> )
HKLM\...\Drivers32: [msacm.bdmpeg] => C:\WINDOWS\system32\bdmpega64.acm [75784 2017-01-26] (Bandicam Company -> )
HKLM\...\Drivers32: [VIDC.FFDS] => C:\Windows\SysWOW64\ff_vfw.dll [112640 2014-09-29] () [File not signed]
HKLM\...\Drivers32: [vidc.mjpg] => C:\Windows\SysWOW64\bdmjpeg.dll [71152 2017-01-26] (Bandicam Company -> )
HKLM\...\Drivers32: [vidc.mpeg] => C:\Windows\SysWOW64\bdmpegv.dll [71176 2017-01-26] (Bandicam Company -> )
HKLM\...\Drivers32: [msacm.bdmpeg] => C:\Windows\SysWOW64\bdmpega.acm [71176 2017-01-26] (Bandicam Company -> )

==================== Shortcuts & WMI ========================

(The entries could be listed to be restored or removed.)

ShortcutWithArgument: C:\Users\xawie\AppData\Local\Google\Chrome\User Data\Default\Web Applications\_crx_ahajeklejcjgaiekhphgnhppakflchcb\Prismarine Web Client.lnk -> C:\Program Files\Google\Chrome\Application\chrome_proxy.exe (Google LLC) ->  --profile-directory=Default --app-id=ahajeklejcjgaiekhphgnhppakflchcb
ShortcutWithArgument: C:\Users\xawie\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Aplikace Chrome\Prismarine Web Client.lnk -> C:\Program Files\Google\Chrome\Application\chrome_proxy.exe (Google LLC) ->  --profile-directory=Default --app-id=ahajeklejcjgaiekhphgnhppakflchcb

==================== Loaded Modules (Whitelisted) =============

2022-03-08 10:57 - 2022-03-08 10:57 - 000683520 _____ (Advanced Micro Devices) [File not signed] C:\Program Files\AMD\CNext\CNext\Device.dll
2022-03-08 10:57 - 2022-03-08 10:57 - 000065024 _____ (Advanced Micro Devices) [File not signed] C:\Program Files\AMD\CNext\CNext\Platform.dll
2022-08-21 08:31 - 2023-12-12 14:01 - 000634880 _____ (Microsoft Corporation) [File not signed] C:\WINDOWS\SYSTEM32\gameplatformservices.dll

==================== Alternate Data Streams (Whitelisted) ========

(If an entry is included in the fixlist, only the ADS will be removed.)

AlternateDataStreams: C:\desktop.ini:CachedTiles [488]
AlternateDataStreams: C:\ProgramData\goyslgxe.nnn:7297ACA992 [6874]
AlternateDataStreams: C:\ProgramData\mntemp:8EAD8B3507 [6874]
AlternateDataStreams: C:\ProgramData\Microsoft\Windows\Start Menu\desktop.ini:B1DA6C571C [6874]
AlternateDataStreams: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Access.lnk:A1B76439FE [6874]
AlternateDataStreams: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Adobe Photoshop 2022.lnk:638138415C [6874]
AlternateDataStreams: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\desktop.ini:41964AA945 [6874]
AlternateDataStreams: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Epic Games Launcher.lnk:BE32D07BC5 [6874]
AlternateDataStreams: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Excel.lnk:B96E9B8455 [6874]
AlternateDataStreams: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Malwarebytes.lnk:C5D586BE93 [6874]
AlternateDataStreams: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Notepad++.lnk:159ADC9AA1 [6874]
AlternateDataStreams: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\OneDrive.lnk:4E42ED6D31 [6874]
AlternateDataStreams: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\OneNote.lnk:60EC9648C0 [6874]
AlternateDataStreams: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Outlook.lnk:5465085A2F [6874]
AlternateDataStreams: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\PowerPoint.lnk:1DC1525F34 [6874]
AlternateDataStreams: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Publisher.lnk:104946E0EA [6874]
AlternateDataStreams: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Skype pro firmy.lnk:204831D10F [6874]
AlternateDataStreams: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Word.lnk:7AD7FA8AB1 [6874]

==================== Safe Mode (Whitelisted) ==================

==================== Association (Whitelisted) =================

==================== Internet Explorer (Whitelisted) ==========

SearchScopes: HKU\S-1-5-21-65323361-3339110103-3339747079-1001 -> DefaultScope {0633EE93-D776-472f-A0FF-E1416B8B2E3A} URL = 
BHO: Skype for Business Browser Helper -> {31D09BA0-12F5-4CCE-BE8A-2923E76605DA} -> C:\Program Files\Microsoft Office\root\Office16\OCHelper.dll [2024-01-11] (Microsoft Corporation -> Microsoft Corporation)
BHO: Java(tm) Plug-In SSV Helper -> {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} -> C:\Program Files\Java\jre1.8.0_333\bin\ssv.dll [2023-01-12] (Oracle America, Inc. -> Oracle Corporation)
BHO: Java(tm) Plug-In 2 SSV Helper -> {DBC80044-A445-435b-BC74-9C25C1C588A9} -> C:\Program Files\Java\jre1.8.0_333\bin\jp2ssv.dll [2023-01-12] (Oracle America, Inc. -> Oracle Corporation)
BHO-x32: Skype for Business Browser Helper -> {31D09BA0-12F5-4CCE-BE8A-2923E76605DA} -> C:\Program Files\Microsoft Office\root\VFS\ProgramFilesX86\Microsoft Office\Office16\OCHelper.dll [2024-01-11] (Microsoft Corporation -> Microsoft Corporation)
Handler: mso-minsb-roaming.16 - {83C25742-A9F7-49FB-9138-434302C88D07} - C:\Program Files\Microsoft Office\root\Office16\MSOSB.DLL [2024-01-11] (Microsoft Corporation -> Microsoft Corporation)
Handler-x32: mso-minsb-roaming.16 - {83C25742-A9F7-49FB-9138-434302C88D07} - C:\Program Files\Microsoft Office\root\VFS\ProgramFilesX86\Microsoft Office\Office16\MSOSB.DLL [2024-01-11] (Microsoft Corporation -> Microsoft Corporation)
Handler: mso-minsb.16 - {42089D2D-912D-4018-9087-2B87803E93FB} - C:\Program Files\Microsoft Office\root\Office16\MSOSB.DLL [2024-01-11] (Microsoft Corporation -> Microsoft Corporation)
Handler-x32: mso-minsb.16 - {42089D2D-912D-4018-9087-2B87803E93FB} - C:\Program Files\Microsoft Office\root\VFS\ProgramFilesX86\Microsoft Office\Office16\MSOSB.DLL [2024-01-11] (Microsoft Corporation -> Microsoft Corporation)
Handler: osf-roaming.16 - {42089D2D-912D-4018-9087-2B87803E93FB} - C:\Program Files\Microsoft Office\root\Office16\MSOSB.DLL [2024-01-11] (Microsoft Corporation -> Microsoft Corporation)
Handler-x32: osf-roaming.16 - {42089D2D-912D-4018-9087-2B87803E93FB} - C:\Program Files\Microsoft Office\root\VFS\ProgramFilesX86\Microsoft Office\Office16\MSOSB.DLL [2024-01-11] (Microsoft Corporation -> Microsoft Corporation)
Handler: osf.16 - {5504BE45-A83B-4808-900A-3A5C36E7F77A} - C:\Program Files\Microsoft Office\root\Office16\MSOSB.DLL [2024-01-11] (Microsoft Corporation -> Microsoft Corporation)
Handler-x32: osf.16 - {5504BE45-A83B-4808-900A-3A5C36E7F77A} - C:\Program Files\Microsoft Office\root\VFS\ProgramFilesX86\Microsoft Office\Office16\MSOSB.DLL [2024-01-11] (Microsoft Corporation -> Microsoft Corporation)

(If an entry is included in the fixlist, it will be removed from the registry.)

IE trusted site: HKU\S-1-5-21-65323361-3339110103-3339747079-1001\...\sharepoint.com -> hxxps://vsb-files.sharepoint.com

==================== Hosts content: =========================

(If needed Hosts: directive could be included in the fixlist to reset Hosts.)

2019-12-03 19:18 - 2023-02-24 20:13 - 000000822 _____ C:\WINDOWS\system32\drivers\etc\hosts

==================== Other Areas ===========================

(Currently there is no automatic fix for this section.)

HKLM\System\CurrentControlSet\Control\Session Manager\Environment\\Path -> C:\Program Files\Common Files\Oracle\Java\javapath;C:\Program Files (x86)\NVIDIA Corporation\PhysX\Common;C:\Program Files (x86)\Common Files\Oracle\Java\javapath;C:\ProgramData\Oracle\Java\javapath;%SystemRoot%\system32;%SystemRoot%;%SystemRoot%\System32\Wbem;%SYSTEMROOT%\System32\WindowsPowerShell\v1.0\;%SYSTEMROOT%\System32\OpenSSH\;C:\Program Files\dotnet\;C:\Program Files\Git\cmd
HKU\S-1-5-21-65323361-3339110103-3339747079-1001\Control Panel\Desktop\\Wallpaper -> C:\Users\xawie\OneDrive - VSB-TUO\Obrázky\Eclipse.jpg
DNS Servers: 192.168.1.1
HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Policies\System => (ConsentPromptBehaviorAdmin: 5) (ConsentPromptBehaviorUser: 3) (EnableLUA: 1)
Windows Firewall is enabled.

==================== MSCONFIG/TASK MANAGER disabled items ==

(If an entry is included in the fixlist, it will be removed.)

HKLM\...\StartupApproved\Run: => "AdobeGCInvoker-1.0"
HKLM\...\StartupApproved\Run: => "AdobeAAMUpdater-1.0"
HKLM\...\StartupApproved\Run: => "Logitech Download Assistant"
HKLM\...\StartupApproved\Run: => "XMouseButtonControl"
HKLM\...\StartupApproved\Run32: => "Acrobat Assistant 8.0"
HKLM\...\StartupApproved\Run32: => "Adobe CCXProcess"
HKLM\...\StartupApproved\Run32: => "SunJavaUpdateSched"
HKLM\...\StartupApproved\Run32: => "ATNSOFT Key Remapper"
HKLM\...\StartupApproved\Run32: => "Cisco AnyConnect Secure Mobility Agent for Windows"
HKLM\...\StartupApproved\Run32: => "LogMeIn Hamachi Ui"
HKLM\...\StartupApproved\Run32: => "RazerCortex"
HKLM\...\StartupApproved\Run32: => "Wondershare Helper Compact.exe"
HKLM\...\StartupApproved\Run32: => "TeamsMachineInstaller"
HKU\S-1-5-21-65323361-3339110103-3339747079-1001\...\StartupApproved\Run: => "CCleaner Smart Cleaning"
HKU\S-1-5-21-65323361-3339110103-3339747079-1001\...\StartupApproved\Run: => "utweb"
HKU\S-1-5-21-65323361-3339110103-3339747079-1001\...\StartupApproved\Run: => "OneDrive"
HKU\S-1-5-21-65323361-3339110103-3339747079-1001\...\StartupApproved\Run: => "OpenVPN-GUI"
HKU\S-1-5-21-65323361-3339110103-3339747079-1001\...\StartupApproved\Run: => "Adobe Acrobat Synchronizer"
HKU\S-1-5-21-65323361-3339110103-3339747079-1001\...\StartupApproved\Run: => "Discord"
HKU\S-1-5-21-65323361-3339110103-3339747079-1001\...\StartupApproved\Run: => "EpicGamesLauncher"
HKU\S-1-5-21-65323361-3339110103-3339747079-1001\...\StartupApproved\Run: => "MicrosoftEdgeAutoLaunch_EF26055A53941B8600C4FA645E59D117"
HKU\S-1-5-21-65323361-3339110103-3339747079-1001\...\StartupApproved\Run: => "Synapse3"

==================== FirewallRules (Whitelisted) ================

(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)

FirewallRules: [UDP Query User{15C59290-26A4-46B4-B737-FAEF46A59758}C:\program files (x86)\steam\steamapps\common\astroneer\astro\binaries\win64\astro-win64-shipping.exe] => (Allow) C:\program files (x86)\steam\steamapps\common\astroneer\astro\binaries\win64\astro-win64-shipping.exe (System Era Softworks) [File not signed]
FirewallRules: [TCP Query User{CCE1462E-B62E-4A69-8BCF-AE0AC9086C96}C:\program files (x86)\steam\steamapps\common\astroneer\astro\binaries\win64\astro-win64-shipping.exe] => (Allow) C:\program files (x86)\steam\steamapps\common\astroneer\astro\binaries\win64\astro-win64-shipping.exe (System Era Softworks) [File not signed]
FirewallRules: [UDP Query User{FD84429B-5A9D-49E9-9D55-D42769572029}C:\riot games\riot client\riotclientservices.exe] => (Allow) C:\riot games\riot client\riotclientservices.exe (Riot Games, Inc. -> Riot Games, Inc.)
FirewallRules: [TCP Query User{535E633E-B453-47FB-BE37-A5F12599C60A}C:\riot games\riot client\riotclientservices.exe] => (Allow) C:\riot games\riot client\riotclientservices.exe (Riot Games, Inc. -> Riot Games, Inc.)
FirewallRules: [UDP Query User{E3D7C2E0-1CC0-42CD-AE2C-14B8F43FF7ED}C:\users\xawie\appdata\roaming\.minecraft\runtime\java-runtime-gamma\windows\java-runtime-gamma\bin\javaw.exe] => (Allow) C:\users\xawie\appdata\roaming\.minecraft\runtime\java-runtime-gamma\windows\java-runtime-gamma\bin\javaw.exe
FirewallRules: [TCP Query User{19215C68-4D0E-441A-AE57-D43F942CD737}C:\users\xawie\appdata\roaming\.minecraft\runtime\java-runtime-gamma\windows\java-runtime-gamma\bin\javaw.exe] => (Allow) C:\users\xawie\appdata\roaming\.minecraft\runtime\java-runtime-gamma\windows\java-runtime-gamma\bin\javaw.exe
FirewallRules: [UDP Query User{F2A3C16E-C614-47AB-ADF5-AE02F3E9F660}C:\users\xawie\appdata\roaming\.tlauncher\jvms\jre1.8.0_281\bin\javaw.exe] => (Allow) C:\users\xawie\appdata\roaming\.tlauncher\jvms\jre1.8.0_281\bin\javaw.exe
FirewallRules: [TCP Query User{DF8ACFB9-5A80-4AC5-9D5B-442ADE9CF40B}C:\users\xawie\appdata\roaming\.tlauncher\jvms\jre1.8.0_281\bin\javaw.exe] => (Allow) C:\users\xawie\appdata\roaming\.tlauncher\jvms\jre1.8.0_281\bin\javaw.exe
FirewallRules: [{DDED74BE-85F5-4777-AAD7-7EAD43A9C090}] => (Allow) C:\Program Files (x86)\Steam\steamapps\common\Spacewar\SteamworksExample.exe () [File not signed]
FirewallRules: [{5ACBC5A8-F755-41B1-804D-4F6D97F4F657}] => (Allow) C:\Program Files (x86)\Steam\steamapps\common\Spacewar\SteamworksExample.exe () [File not signed]
FirewallRules: [{7F1FF4AA-38C1-4A1D-AFDD-F604A2263B35}] => (Allow) C:\Users\xawie\AppData\Local\Wondershare\Wondershare NativePush\WsToastNotification.exe (Wondershare Technology Group Co.,Ltd -> Wondershare)
FirewallRules: [{9252EFF5-A1BC-497F-A451-B90713639527}] => (Allow) C:\Program Files (x86)\Steam\steamapps\common\Sea of Thieves\Athena\Binaries\Win64\SoTGame.exe (Microsoft Corporation -> Microsoft Corporation)
FirewallRules: [{0BACACA4-CA40-4EC8-B4B9-83D2E72519E2}] => (Allow) C:\Program Files (x86)\Steam\steamapps\common\Sea of Thieves\Athena\Binaries\Win64\SoTGame.exe (Microsoft Corporation -> Microsoft Corporation)
FirewallRules: [{DF5D6F57-B28A-41EA-A34F-254A8D056F2F}] => (Allow) C:\Program Files\Common Files\Common Desktop Agent\CDASrv.exe (Samsung Electronics CO., LTD. -> )
FirewallRules: [{35E34154-713A-4F15-977C-1A8D8919B1DD}] => (Allow) C:\Program Files (x86)\Samsung\Easy Printer Manager\EPM2Migrator.exe (HP Development Company, L.P.) [File not signed]
FirewallRules: [{8BD816B3-513A-402B-A0FD-2496E29DF242}] => (Allow) C:\Program Files (x86)\Samsung\Easy Printer Manager\EPM2AlertList.exe (HP Development Company, L.P.) [File not signed]
FirewallRules: [{3038B347-715D-4554-B3C7-F0E5B5ADCB2A}] => (Allow) C:\Program Files (x86)\Samsung\Easy Printer Manager\OrderSupplies.exe (HP Development Company, L.P.) [File not signed]
FirewallRules: [{F1F82A8D-7888-4EF7-A76A-E7E1E2496D4E}] => (Allow) C:\Program Files (x86)\Samsung\Easy Printer Manager\EasyPrinterManagerV2.exe (HP Development Company, L.P.) [File not signed]
FirewallRules: [{8BCF12DF-AFAC-4169-B847-B8A981A6E0D7}] => (Allow) C:\Program Files\Common Files\Common Desktop Agent\CDASrv.exe (Samsung Electronics CO., LTD. -> )
FirewallRules: [{A141DC3E-4154-4D6A-B6E5-A156ED51897B}] => (Allow) C:\Program Files\Common Files\Common Desktop Agent\CDASrv.exe (Samsung Electronics CO., LTD. -> )
FirewallRules: [UDP Query User{F036865B-E92B-467A-BD2F-2D561D38427F}C:\program files (x86)\steam\steamapps\common\ranch simulator\ranch_simulator\binaries\win64\ranch_simulator-win64-shipping.exe] => (Allow) C:\program files (x86)\steam\steamapps\common\ranch simulator\ranch_simulator\binaries\win64\ranch_simulator-win64-shipping.exe (Epic Games, Inc.) [File not signed]
FirewallRules: [TCP Query User{A759EEDE-F983-40AB-AA33-2CF0F7B877E6}C:\program files (x86)\steam\steamapps\common\ranch simulator\ranch_simulator\binaries\win64\ranch_simulator-win64-shipping.exe] => (Allow) C:\program files (x86)\steam\steamapps\common\ranch simulator\ranch_simulator\binaries\win64\ranch_simulator-win64-shipping.exe (Epic Games, Inc.) [File not signed]
FirewallRules: [UDP Query User{516E3C66-717A-411C-B31D-F705C394C66B}C:\users\xawie\appdata\roaming\utorrent web\utweb.exe] => (Block) C:\users\xawie\appdata\roaming\utorrent web\utweb.exe => No File
FirewallRules: [TCP Query User{2AA62AB7-B956-47D0-9C8C-9F33DA230417}C:\users\xawie\appdata\roaming\utorrent web\utweb.exe] => (Block) C:\users\xawie\appdata\roaming\utorrent web\utweb.exe => No File
FirewallRules: [UDP Query User{12D8DB8A-F874-4F83-986D-5BA2DC3F7EAA}C:\program files (x86)\epic games\launcher\engine\binaries\win64\epicwebhelper.exe] => (Allow) C:\program files (x86)\epic games\launcher\engine\binaries\win64\epicwebhelper.exe (Epic Games Inc. -> Epic Games, Inc.)
FirewallRules: [TCP Query User{3E50CAC2-7D04-4D63-BAE4-C8EEEDD291C5}C:\program files (x86)\epic games\launcher\engine\binaries\win64\epicwebhelper.exe] => (Allow) C:\program files (x86)\epic games\launcher\engine\binaries\win64\epicwebhelper.exe (Epic Games Inc. -> Epic Games, Inc.)
FirewallRules: [{E62152EC-ECF6-4EB3-89D1-31A8281A456B}] => (Allow) C:\Program Files (x86)\Steam\steamapps\common\Raft\Raft.exe () [File not signed]
FirewallRules: [{5E5E280C-AE00-4F7D-8D4F-768DBA064F3A}] => (Allow) C:\Program Files (x86)\Steam\steamapps\common\Raft\Raft.exe () [File not signed]
FirewallRules: [{13FFFAD2-357B-45ED-B661-41D391D24AE7}] => (Allow) C:\Program Files (x86)\Steam\steamapps\common\Tap Ninja\Tap Ninja.exe () [File not signed]
FirewallRules: [{81F3DB8C-BAE5-469B-9A56-57DF8292B52B}] => (Allow) C:\Program Files (x86)\Steam\steamapps\common\Tap Ninja\Tap Ninja.exe () [File not signed]
FirewallRules: [UDP Query User{0B6538F2-D166-432A-9CF3-C1D7489BBF01}C:\program files (x86)\steam\steamapps\common\vrising\vrising_server\vrisingserver.exe] => (Allow) C:\program files (x86)\steam\steamapps\common\vrising\vrising_server\vrisingserver.exe (Stunlock Studios AB -> )
FirewallRules: [TCP Query User{6AD326EA-88ED-401E-9CA6-C2DD4DCC55EA}C:\program files (x86)\steam\steamapps\common\vrising\vrising_server\vrisingserver.exe] => (Allow) C:\program files (x86)\steam\steamapps\common\vrising\vrising_server\vrisingserver.exe (Stunlock Studios AB -> )
FirewallRules: [{5745FD42-F3A8-4D01-BEF2-6AAC0D252C57}] => (Allow) C:\Program Files (x86)\Steam\steamapps\common\VRising\VRising.exe (Stunlock Studios AB -> )
FirewallRules: [{7D276CD6-68AC-4AE6-A79C-A847B33ABF9C}] => (Allow) C:\Program Files (x86)\Steam\steamapps\common\VRising\VRising.exe (Stunlock Studios AB -> )
FirewallRules: [{F300C0D5-22B1-4583-8E35-D545875E9EC8}] => (Allow) C:\Program Files (x86)\Steam\steamapps\common\Prison Life\Prison Life.exe () [File not signed]
FirewallRules: [{1EAB821E-3DAD-4749-9AE5-055296BC74DC}] => (Allow) C:\Program Files (x86)\Steam\steamapps\common\Prison Life\Prison Life.exe () [File not signed]
FirewallRules: [{E3E00AF9-689C-483A-972C-7B8509A2DD09}] => (Allow) C:\Program Files (x86)\Steam\steamapps\common\Going Medieval\Going Medieval.exe () [File not signed]
FirewallRules: [{2C3E0846-A6A4-45A2-BBDF-ECDA9D48860B}] => (Allow) C:\Program Files (x86)\Steam\steamapps\common\Going Medieval\Going Medieval.exe () [File not signed]
FirewallRules: [UDP Query User{35DF8567-F416-4431-8772-A42830E582DA}C:\program files\jetbrains\intellij idea community edition 2021.3.1\bin\idea64.exe] => (Allow) C:\program files\jetbrains\intellij idea community edition 2021.3.1\bin\idea64.exe (JetBrains s.r.o. -> JetBrains s.r.o.)
FirewallRules: [TCP Query User{140A9549-C0DD-4152-B4ED-A50066054BAC}C:\program files\jetbrains\intellij idea community edition 2021.3.1\bin\idea64.exe] => (Allow) C:\program files\jetbrains\intellij idea community edition 2021.3.1\bin\idea64.exe (JetBrains s.r.o. -> JetBrains s.r.o.)
FirewallRules: [UDP Query User{A619AC9F-3D7D-468D-8F04-7FBCBC395E1F}C:\users\xawie\appdata\roaming\.minecraft\runtime\java-runtime-beta\windows\java-runtime-beta\bin\javaw.exe] => (Allow) C:\users\xawie\appdata\roaming\.minecraft\runtime\java-runtime-beta\windows\java-runtime-beta\bin\javaw.exe
FirewallRules: [TCP Query User{22125393-B8C6-49E3-A75C-A62A6346AF66}C:\users\xawie\appdata\roaming\.minecraft\runtime\java-runtime-beta\windows\java-runtime-beta\bin\javaw.exe] => (Allow) C:\users\xawie\appdata\roaming\.minecraft\runtime\java-runtime-beta\windows\java-runtime-beta\bin\javaw.exe
FirewallRules: [UDP Query User{5CBEDF8D-AF5E-4A35-9015-63C863691425}C:\users\xawie\appdata\roaming\.tlauncher\jvms\jre1.8.0_281\bin\javaw.exe] => (Allow) C:\users\xawie\appdata\roaming\.tlauncher\jvms\jre1.8.0_281\bin\javaw.exe
FirewallRules: [TCP Query User{5EA484AC-EE99-417F-B75D-719ECCA21CCA}C:\users\xawie\appdata\roaming\.tlauncher\jvms\jre1.8.0_281\bin\javaw.exe] => (Allow) C:\users\xawie\appdata\roaming\.tlauncher\jvms\jre1.8.0_281\bin\javaw.exe
FirewallRules: [UDP Query User{0FB50FAA-30B6-4053-9BEF-AE0652333054}C:\program files (x86)\steam\steamapps\common\astroneer\astro\binaries\win64\astro-win64-shipping.exe] => (Allow) C:\program files (x86)\steam\steamapps\common\astroneer\astro\binaries\win64\astro-win64-shipping.exe (System Era Softworks) [File not signed]
FirewallRules: [TCP Query User{C4C5DA4C-3149-484D-A44C-86D4C0792A58}C:\program files (x86)\steam\steamapps\common\astroneer\astro\binaries\win64\astro-win64-shipping.exe] => (Allow) C:\program files (x86)\steam\steamapps\common\astroneer\astro\binaries\win64\astro-win64-shipping.exe (System Era Softworks) [File not signed]
FirewallRules: [{92695108-7F41-4BE7-A261-7F27022CD947}] => (Allow) C:\Program Files (x86)\Steam\steamapps\common\ASTRONEER\Astro.exe (System Era Softworks) [File not signed]
FirewallRules: [{E3981E15-2100-404E-A7B5-C78032D1729E}] => (Allow) C:\Program Files (x86)\Steam\steamapps\common\ASTRONEER\Astro.exe (System Era Softworks) [File not signed]
FirewallRules: [{54F17759-154A-404D-AC5D-863B4327EC78}] => (Allow) C:\Program Files (x86)\Steam\steamapps\common\Battlerite\Battlerite.exe (Stunlock Studios AB -> )
FirewallRules: [{54BDCA50-8542-4255-A1D8-B7BB72304435}] => (Allow) C:\Program Files (x86)\Steam\steamapps\common\Battlerite\Battlerite.exe (Stunlock Studios AB -> )
FirewallRules: [{3D3ABE93-D8BF-483C-B624-6683D8E2C375}] => (Allow) C:\Program Files (x86)\Bonjour\mDNSResponder.exe (Apple Inc. -> Apple Inc.)
FirewallRules: [{029D3C5F-410C-47FF-B6A8-93D5AC88623F}] => (Allow) C:\Program Files (x86)\Bonjour\mDNSResponder.exe (Apple Inc. -> Apple Inc.)
FirewallRules: [{FFF19E10-C334-41CB-A795-DAEADB2666B1}] => (Allow) C:\Program Files\Bonjour\mDNSResponder.exe (Apple Inc. -> Apple Inc.)
FirewallRules: [{A89B0D7E-900D-47E9-ABB0-40337F3EF5DB}] => (Allow) C:\Program Files\Bonjour\mDNSResponder.exe (Apple Inc. -> Apple Inc.)
FirewallRules: [{E3D0044B-FD8D-4B92-A0F3-90B2D49C697F}] => (Allow) C:\Program Files (x86)\LG Software\LG Smart Share\DMR\SmartShareDMR.exe (LG Electronics Inc. -> )
FirewallRules: [{25A2B40E-8C21-4D63-A385-F60BFD4D12F9}] => (Allow) C:\Program Files (x86)\LG Software\LG Smart Share\DMR\SmartShareDMR.exe (LG Electronics Inc. -> )
FirewallRules: [{96271259-284C-400B-90CF-A80A7221A3F1}] => (Allow) C:\Program Files (x86)\LG Software\LG Smart Share\DMS\SmartShareDMS.exe (LG Electronics Inc. -> LG Electronics Inc.)
FirewallRules: [{DFE726D1-6277-4C34-82F8-ABD5BCB7D7C9}] => (Allow) C:\Program Files (x86)\LG Software\LG Smart Share\DMS\SmartShareDMS.exe (LG Electronics Inc. -> LG Electronics Inc.)
FirewallRules: [UDP Query User{C6CFC236-7B75-4D2E-AEB5-BDEFD01DF6F4}C:\riot games\riot client\riotclientservices.exe] => (Allow) C:\riot games\riot client\riotclientservices.exe (Riot Games, Inc. -> Riot Games, Inc.)
FirewallRules: [TCP Query User{3F4E0049-0BC5-45D7-AEDF-28CC041296EA}C:\riot games\riot client\riotclientservices.exe] => (Allow) C:\riot games\riot client\riotclientservices.exe (Riot Games, Inc. -> Riot Games, Inc.)
FirewallRules: [{EDA02964-0101-41FC-A93B-F7B0C959BB74}] => (Allow) C:\Users\xawie\AppData\Roaming\uTorrent Web\utweb.exe => No File
FirewallRules: [{E6882540-A088-487B-B81C-C60C9CE946CF}] => (Allow) C:\Users\xawie\AppData\Roaming\uTorrent Web\utweb.exe => No File
FirewallRules: [{C1A6F89A-0D2E-4AB9-B792-E8CA68D82566}] => (Allow) C:\Program Files (x86)\Steam\bin\cef\cef.win7x64\steamwebhelper.exe (Valve Corp. -> Valve Corporation)
FirewallRules: [{0BE9DA99-BFD6-4432-B7F6-5CD716B27EE1}] => (Allow) C:\Program Files (x86)\Steam\bin\cef\cef.win7x64\steamwebhelper.exe (Valve Corp. -> Valve Corporation)
FirewallRules: [{6209185B-2341-4CD9-8C49-EF2B4459D764}] => (Allow) C:\Program Files (x86)\Steam\Steam.exe (Valve Corp. -> Valve Corporation)
FirewallRules: [{B0845135-0A1A-49BA-9027-D128B6F5B021}] => (Allow) C:\Program Files (x86)\Steam\Steam.exe (Valve Corp. -> Valve Corporation)
FirewallRules: [{EBCA9BDB-6653-415E-AA62-71B0A0AA48BA}] => (Allow) C:\Program Files (x86)\Steam\steamapps\common\Valheim\valheim.exe () [File not signed]
FirewallRules: [{0EC47E85-0D85-4B8E-8DC1-4D28D54471AF}] => (Allow) C:\Program Files (x86)\Steam\steamapps\common\Valheim\valheim.exe () [File not signed]
FirewallRules: [{10EC9740-B230-427C-80D2-F3DD79A5C8B4}] => (Allow) C:\Program Files (x86)\Steam\steamapps\common\WitchIt\WitchIt\Binaries\Win64\PropWitchHuntModule-Win64-Shipping.exe (G=Barrel Roll Games) [File not signed]
FirewallRules: [{7EA1EDFE-D0B7-4A61-8D79-88C99B2ABDB7}] => (Allow) C:\Program Files (x86)\Steam\steamapps\common\WitchIt\WitchIt\Binaries\Win64\PropWitchHuntModule-Win64-Shipping.exe (G=Barrel Roll Games) [File not signed]
FirewallRules: [TCP Query User{60444018-3D06-4A84-B7C4-643F736117CF}C:\riot games\valorant\live\shootergame\binaries\win64\valorant-win64-shipping.exe] => (Allow) C:\riot games\valorant\live\shootergame\binaries\win64\valorant-win64-shipping.exe (Riot Games, Inc. -> Riot Games)
FirewallRules: [UDP Query User{706A1374-6AAA-480C-9E52-3F81A1C1B434}C:\riot games\valorant\live\shootergame\binaries\win64\valorant-win64-shipping.exe] => (Allow) C:\riot games\valorant\live\shootergame\binaries\win64\valorant-win64-shipping.exe (Riot Games, Inc. -> Riot Games)
FirewallRules: [{0F99E97F-70CA-4779-8495-DAB09A55FE9B}] => (Allow) C:\Program Files (x86)\Ubisoft\Ubisoft Game Launcher\games\Anno 1800\Bin\Win64\Anno1800.exe (UBISOFT ENTERTAINMENT INC. -> Ubisoft)
FirewallRules: [{C24B5AEC-5F89-4A25-965B-7B055999371E}] => (Allow) C:\Program Files\Microsoft Office\root\Office16\Lync.exe (Microsoft Corporation -> Microsoft Corporation)
FirewallRules: [{0922E660-1376-4919-A2CA-93FB33394218}] => (Allow) C:\Program Files\Microsoft Office\root\Office16\UcMapi.exe (Microsoft Corporation -> Microsoft Corporation)
FirewallRules: [{F0BCD1A6-D8D1-4C49-8F85-509AAA09FEC1}] => (Allow) C:\Program Files\Microsoft Office\root\Office16\outlook.exe (Microsoft Corporation -> Microsoft Corporation)
FirewallRules: [{71B393C2-B63B-456A-9075-30103ECC0BD7}] => (Allow) C:\Program Files\Microsoft Office\root\Office16\Lync.exe (Microsoft Corporation -> Microsoft Corporation)
FirewallRules: [{50646013-CC5C-4437-8E9B-691617C9C73A}] => (Allow) C:\Program Files\Microsoft Office\root\Office16\UcMapi.exe (Microsoft Corporation -> Microsoft Corporation)
FirewallRules: [TCP Query User{515F41FD-8B79-4E15-AF7B-C12603C4BEC1}C:\users\xawie\appdata\roaming\.minecraft\runtime\java-runtime-gamma\windows\java-runtime-gamma\bin\javaw.exe] => (Allow) C:\users\xawie\appdata\roaming\.minecraft\runtime\java-runtime-gamma\windows\java-runtime-gamma\bin\javaw.exe
FirewallRules: [UDP Query User{14110887-CA1A-4F60-A33F-D5FCAB408657}C:\users\xawie\appdata\roaming\.minecraft\runtime\java-runtime-gamma\windows\java-runtime-gamma\bin\javaw.exe] => (Allow) C:\users\xawie\appdata\roaming\.minecraft\runtime\java-runtime-gamma\windows\java-runtime-gamma\bin\javaw.exe
FirewallRules: [TCP Query User{518CB12F-D3AC-4474-A187-970DF7AE3447}C:\program files\java\jre1.8.0_333\bin\javaw.exe] => (Block) C:\program files\java\jre1.8.0_333\bin\javaw.exe
FirewallRules: [UDP Query User{F4C0DB62-0CD2-4913-BA08-6CD7A05A201E}C:\program files\java\jre1.8.0_333\bin\javaw.exe] => (Block) C:\program files\java\jre1.8.0_333\bin\javaw.exe
FirewallRules: [{5F19ED53-9A29-4466-94C0-6D1B99318FE5}] => (Allow) C:\Program Files\WindowsApps\MicrosoftTeams_23306.3309.2530.1346_x64__8wekyb3d8bbwe\msteams.exe (Microsoft Corporation -> Microsoft Corporation)
FirewallRules: [{38915E7B-F4D1-44A0-ABE9-C9908896CC70}] => (Allow) C:\Program Files\WindowsApps\MicrosoftTeams_23306.3309.2530.1346_x64__8wekyb3d8bbwe\msteams.exe (Microsoft Corporation -> Microsoft Corporation)
FirewallRules: [TCP Query User{FEB82CE9-4AF8-4634-9A8F-DB5AA952B44E}C:\games\medieval dynasty\medieval_dynasty\binaries\win64\medieval_dynasty-win64-shipping.exe] => (Allow) C:\games\medieval dynasty\medieval_dynasty\binaries\win64\medieval_dynasty-win64-shipping.exe (Render Cube, Toplitz Productions) [File not signed]
FirewallRules: [UDP Query User{D13D25CB-A829-4974-B267-C75EA1316145}C:\games\medieval dynasty\medieval_dynasty\binaries\win64\medieval_dynasty-win64-shipping.exe] => (Allow) C:\games\medieval dynasty\medieval_dynasty\binaries\win64\medieval_dynasty-win64-shipping.exe (Render Cube, Toplitz Productions) [File not signed]
FirewallRules: [{1CDCBDDE-4892-407B-A554-65E66894A36D}] => (Allow) C:\Program Files\WindowsApps\Microsoft.SkypeApp_15.110.3218.0_x64__kzf8qxf38zg5c\Skype\Skype.exe (Skype Software Sarl -> Skype Technologies S.A.)
FirewallRules: [{9E7FC212-74E6-40EE-A938-83289C33B10B}] => (Allow) C:\Program Files\WindowsApps\Microsoft.SkypeApp_15.110.3218.0_x64__kzf8qxf38zg5c\Skype\Skype.exe (Skype Software Sarl -> Skype Technologies S.A.)
FirewallRules: [{485BBC75-49CE-4008-A477-B3E4CA4A3A64}] => (Allow) C:\Program Files\WindowsApps\Microsoft.SkypeApp_15.110.3218.0_x64__kzf8qxf38zg5c\Skype\Skype.exe (Skype Software Sarl -> Skype Technologies S.A.)
FirewallRules: [{63DE818A-7714-4E42-8186-F49F078A7B24}] => (Allow) C:\Program Files\WindowsApps\Microsoft.SkypeApp_15.110.3218.0_x64__kzf8qxf38zg5c\Skype\Skype.exe (Skype Software Sarl -> Skype Technologies S.A.)
FirewallRules: [{6A92A72E-2C4F-46D2-9AB1-506F1DFEEBB7}] => (Allow) C:\Program Files\WindowsApps\MSTeams_23320.3021.2567.4799_x64__8wekyb3d8bbwe\ms-teams.exe (Microsoft Corporation -> Microsoft Corporation)
FirewallRules: [{8DB3C146-78AF-47DE-8DD5-B8F0140FA13F}] => (Allow) C:\Program Files\WindowsApps\MSTeams_23320.3021.2567.4799_x64__8wekyb3d8bbwe\ms-teams.exe (Microsoft Corporation -> Microsoft Corporation)
FirewallRules: [{7A14C3CE-FB2A-48E3-B0CA-85301D0B5096}] => (Allow) C:\Program Files (x86)\Microsoft\EdgeWebView\Application\120.0.2210.121\msedgewebview2.exe (Microsoft Corporation -> Microsoft Corporation)
FirewallRules: [{FC3BD861-F195-43A6-BEDC-F28B1A9D024E}] => (Allow) C:\Program Files\Google\Chrome\Application\chrome.exe (Google LLC -> Google LLC)

==================== Restore Points =========================

02-01-2024 13:59:22 Naplánovaný kontrolní bod
10-01-2024 14:42:15 Naplánovaný kontrolní bod

==================== Faulty Device Manager Devices ============

Name: Cisco AnyConnect Secure Mobility Client Virtual Miniport Adapter for Windows x64
Description: Cisco AnyConnect Secure Mobility Client Virtual Miniport Adapter for Windows x64
Class Guid: {4d36e972-e325-11ce-bfc1-08002be10318}
Manufacturer: Cisco Systems
Service: vpnva
Problem: : This device is disabled. (Code 22)
Resolution: In Device Manager, click "Action", and then click "Enable Device". This starts the Enable Device wizard. Follow the instructions.

Name: LogMeIn Hamachi Virtual Ethernet Adapter
Description: LogMeIn Hamachi Virtual Ethernet Adapter
Class Guid: {4d36e972-e325-11ce-bfc1-08002be10318}
Manufacturer: LogMeIn Inc.
Service: Hamachi
Problem: : This device is disabled. (Code 22)
Resolution: In Device Manager, click "Action", and then click "Enable Device". This starts the Enable Device wizard. Follow the instructions.


==================== Event log errors: ========================

Application errors:
==================
Error: (01/13/2024 07:57:50 AM) (Source: Universal Print) (EventID: 1) (User: )
Description: Failed to get auth header with 0x8086000cmcpmanagementservice.dll

Error: (01/13/2024 07:57:50 AM) (Source: Universal Print) (EventID: 1) (User: )
Description: User Interaction Required while trying to get a token silently. ErrorCode: 0xcaa20003, Error: AADSTS50173: The provided grant has expired due to it being revoked, a fresh auth token is needed. The user might have changed or reset their password. The grant was issued on '2023-03-06T19:00:08.5900000Z' and the TokensValidFrom date (before which tokens are not valid) for this user is '2023-12-19T06:47:27.0000000Z'. Trace ID: a450c794-b16c-4211-8b23-06d8b6060f00 Correlation ID: 1e05f020-3d95-4310-b1bd-51a46a674e0a Timestamp: 2024-01-13 06:57:35Zmcpmanagementservice.dll

Error: (01/13/2024 07:57:46 AM) (Source: Universal Print) (EventID: 1) (User: )
Description: Failed to get auth header with 0x8086000cmcpmanagementservice.dll

Error: (01/13/2024 07:57:46 AM) (Source: Universal Print) (EventID: 1) (User: )
Description: User Interaction Required while trying to get a token silently. ErrorCode: 0xcaa20003, Error: AADSTS50173: The provided grant has expired due to it being revoked, a fresh auth token is needed. The user might have changed or reset their password. The grant was issued on '2023-03-06T19:00:08.5900000Z' and the TokensValidFrom date (before which tokens are not valid) for this user is '2023-12-19T06:47:27.0000000Z'. Trace ID: a450c794-b16c-4211-8b23-06d8b6060f00 Correlation ID: 1e05f020-3d95-4310-b1bd-51a46a674e0a Timestamp: 2024-01-13 06:57:35Zmcpmanagementservice.dll

Error: (01/13/2024 07:57:42 AM) (Source: Universal Print) (EventID: 1) (User: )
Description: Failed to get auth header with 0x8086000cmcpmanagementservice.dll

Error: (01/13/2024 07:57:42 AM) (Source: Universal Print) (EventID: 1) (User: )
Description: User Interaction Required while trying to get a token silently. ErrorCode: 0xcaa20003, Error: AADSTS50173: The provided grant has expired due to it being revoked, a fresh auth token is needed. The user might have changed or reset their password. The grant was issued on '2023-03-06T19:00:08.5900000Z' and the TokensValidFrom date (before which tokens are not valid) for this user is '2023-12-19T06:47:27.0000000Z'. Trace ID: a450c794-b16c-4211-8b23-06d8b6060f00 Correlation ID: 1e05f020-3d95-4310-b1bd-51a46a674e0a Timestamp: 2024-01-13 06:57:35Zmcpmanagementservice.dll

Error: (01/13/2024 07:57:38 AM) (Source: Universal Print) (EventID: 1) (User: )
Description: Failed to get auth header with 0x8086000cmcpmanagementservice.dll

Error: (01/13/2024 07:57:38 AM) (Source: Universal Print) (EventID: 1) (User: )
Description: User Interaction Required while trying to get a token silently. ErrorCode: 0xcaa20003, Error: AADSTS50173: The provided grant has expired due to it being revoked, a fresh auth token is needed. The user might have changed or reset their password. The grant was issued on '2023-03-06T19:00:08.5900000Z' and the TokensValidFrom date (before which tokens are not valid) for this user is '2023-12-19T06:47:27.0000000Z'. Trace ID: a450c794-b16c-4211-8b23-06d8b6060f00 Correlation ID: 1e05f020-3d95-4310-b1bd-51a46a674e0a Timestamp: 2024-01-13 06:57:35Zmcpmanagementservice.dll


System errors:
=============
Error: (01/13/2024 08:35:51 AM) (Source: Service Control Manager) (EventID: 7031) (User: )
Description: Služba CredentialEnrollmentManagerUserSvc_3e789 byla nečekaně ukončena. Stalo se to 1 krát. Následující opravná akce bude spuštěna za 10000 milisekund: Restartovat službu.

Error: (01/13/2024 08:35:51 AM) (Source: Service Control Manager) (EventID: 7031) (User: )
Description: Služba Razer Synapse Service byla nečekaně ukončena. Stalo se to 1 krát. Následující opravná akce bude spuštěna za 0 milisekund: Spustit nakonfigurovaný program pro obnovení.

Error: (01/13/2024 08:35:51 AM) (Source: Service Control Manager) (EventID: 7034) (User: )
Description: Služba Razer Game Manager Service 3 byla neočekávaně ukončena. Tento stav nastal již 1krát.

Error: (01/13/2024 08:35:50 AM) (Source: Service Control Manager) (EventID: 7034) (User: )
Description: Služba Razer Central Service byla neočekávaně ukončena. Tento stav nastal již 1krát.

Error: (01/13/2024 08:35:50 AM) (Source: Service Control Manager) (EventID: 7034) (User: )
Description: Služba Steam Client Service byla neočekávaně ukončena. Tento stav nastal již 1krát.

Error: (01/13/2024 08:35:50 AM) (Source: Service Control Manager) (EventID: 7031) (User: )
Description: Služba Microsoft Office Click-to-Run Service byla nečekaně ukončena. Stalo se to 1 krát. Následující opravná akce bude spuštěna za 0 milisekund: Restartovat službu.

Error: (01/13/2024 08:35:50 AM) (Source: Service Control Manager) (EventID: 7034) (User: )
Description: Služba Razer Game Manager byla neočekávaně ukončena. Tento stav nastal již 1krát.

Error: (01/13/2024 08:35:50 AM) (Source: Service Control Manager) (EventID: 7034) (User: )
Description: Služba Windows Net Service Helper byla neočekávaně ukončena. Tento stav nastal již 1krát.


Windows Defender:
================
Date: 2024-01-13 08:31:46
Description: 
Antivirová ochrana v programu Microsoft Defender zjistil malware nebo jiný potenciálně nežádoucí software.
Další informace:
https://go.microsoft.com/fwlink/?linkid=37020&name=PUADlManager:Win32/InstallCore&threatid=311991&enterprise=0
Název: PUADlManager:Win32/InstallCore
Závažnost: Nízké
Kategorie: Potenciálně nežádoucí software
Cesta: file:_E:\Downloads\gbooks_3117670744.exe; file:_E:\Downloads\jdk-13.0.2_windows-x64_bin_3197525509.exe
Původ detekce: Místní počítač
Typ detekce: Konkrétní
Zdroj detekce: Systém
Uživatel: NT AUTHORITY\SYSTEM
Název procesu: Unknown
Verze bezpečnostních informací: AV: 1.403.2065.0, AS: 1.403.2065.0, NIS: 1.403.2065.0
Verze modulu: AM: 1.1.23110.2, NIS: 1.1.23110.2 

Date: 2024-01-13 08:31:29
Description: 
Antivirová ochrana v programu Microsoft Defender zjistil malware nebo jiný potenciálně nežádoucí software.
Další informace:
https://go.microsoft.com/fwlink/?linkid=37020&name=Trojan:Win32/Malgent!MSR&threatid=2147742994&enterprise=0
Název: Trojan:Win32/Malgent!MSR
Závažnost: Vážné
Kategorie: Trojský kůň
Cesta: file:_C:\Windows\Temp\windowsnetservicehelper_update\ServiceUpdate.exe
Původ detekce: Místní počítač
Typ detekce: Konkrétní
Zdroj detekce: Ochrana v reálném čase
Uživatel: 
Název procesu: Unknown
Verze bezpečnostních informací: AV: 1.403.2065.0, AS: 1.403.2065.0, NIS: 1.403.2065.0
Verze modulu: AM: 1.1.23110.2, NIS: 1.1.23110.2 

Date: 2024-01-13 08:31:29
Description: 
Antivirová ochrana v programu Microsoft Defender zjistil malware nebo jiný potenciálně nežádoucí software.
Další informace:
https://go.microsoft.com/fwlink/?linkid=37020&name=Trojan:Win32/Malgent!MSR&threatid=2147742994&enterprise=0
Název: Trojan:Win32/Malgent!MSR
Závažnost: Vážné
Kategorie: Trojský kůň
Cesta: file:_C:\Windows\Temp\windowsnetservicehelper_update\ServiceUpdate.exe
Původ detekce: Místní počítač
Typ detekce: Konkrétní
Zdroj detekce: Ochrana v reálném čase
Uživatel: 
Název procesu: C:\Program Files (x86)\WindowsNetService\node.exe
Verze bezpečnostních informací: AV: 1.403.2065.0, AS: 1.403.2065.0, NIS: 1.403.2065.0
Verze modulu: AM: 1.1.23110.2, NIS: 1.1.23110.2 

Date: 2024-01-13 07:57:40
Description: 
Antivirová ochrana v programu Microsoft Defender zjistil malware nebo jiný potenciálně nežádoucí software.
Další informace:
https://go.microsoft.com/fwlink/?linkid=37020&name=PUADlManager:Win32/InstallCore&threatid=311991&enterprise=0
Název: PUADlManager:Win32/InstallCore
Závažnost: Nízké
Kategorie: Potenciálně nežádoucí software
Cesta: file:_E:\Downloads\gbooks_3117670744.exe; file:_E:\Downloads\jdk-13.0.2_windows-x64_bin_3197525509.exe
Původ detekce: Místní počítač
Typ detekce: Konkrétní
Zdroj detekce: Systém
Uživatel: NT AUTHORITY\SYSTEM
Název procesu: Unknown
Verze bezpečnostních informací: AV: 1.403.2035.0, AS: 1.403.2035.0, NIS: 1.403.2035.0
Verze modulu: AM: 1.1.23110.2, NIS: 1.1.23110.2 

Date: 2024-01-13 07:57:20
Description: 
Antivirová ochrana v programu Microsoft Defender zjistil malware nebo jiný potenciálně nežádoucí software.
Další informace:
https://go.microsoft.com/fwlink/?linkid=37020&name=Trojan:Win32/Malgent!MSR&threatid=2147742994&enterprise=0
Název: Trojan:Win32/Malgent!MSR
Závažnost: Vážné
Kategorie: Trojský kůň
Cesta: file:_C:\Windows\Temp\windowsnetservicehelper_update\ServiceUpdate.exe
Původ detekce: Místní počítač
Typ detekce: Konkrétní
Zdroj detekce: Ochrana v reálném čase
Uživatel: NT AUTHORITY\SYSTEM
Název procesu: Unknown
Verze bezpečnostních informací: AV: 1.403.2035.0, AS: 1.403.2035.0, NIS: 1.403.2035.0
Verze modulu: AM: 1.1.23110.2, NIS: 1.1.23110.2 
Event[0]

Date: 2023-11-25 00:01:29
Description: 
Antivirová ochrana v programu Microsoft Defender narazil na chybu při pokusu o aktualizaci bezpečnostních informací a pokusí se o obnovení na předchozí verzi.
Bezpečnostní informace, které se měly načíst: Aktuální
Kód chyby: 0x80501102
Popis chyby: Došlo k neočekávaným potížím. Nainstalujte všechny dostupné aktualizace a potom opakujte spuštění programu. Informace o instalaci aktualizací naleznete v nápovědě a podpoře. 
Verze bezpečnostních informací: 1.401.1140.0;1.401.1140.0
Verze modulu: 1.1.23100.2009 

Date: 2023-06-25 18:41:54
Description: 
Antivirová ochrana v programu Microsoft Defender narazil na chybu při pokusu o aktualizaci bezpečnostních informací.
Nová verze bezpečnostních informací: 
Předchozí verze bezpečnostních informací: 1.391.1015.0
Zdroj aktualizace: Server Microsoft Update
Typ bezpečnostních informací: Antivirový program
Typ aktualizace: Úplné
Uživatel: NT AUTHORITY\SYSTEM
Aktuální verze modulu: 
Předchozí verze modulu: 1.1.23050.3
Kód chyby: 0x8024402c
Popis chyby: Při zjišťování aktualizací došlo k neočekávaným potížím. Informace o instalaci nebo řešení potíží s aktualizacemi naleznete v nápovědě a podpoře.  

Date: 2023-04-11 14:55:54
Description: 
Antivirová ochrana v programu Microsoft Defender narazil na chybu při pokusu o aktualizaci bezpečnostních informací.
Nová verze bezpečnostních informací: 
Předchozí verze bezpečnostních informací: 1.385.1937.0
Zdroj aktualizace: Centrum společnosti Microsoft pro ochranu před škodlivým softwarem
Typ bezpečnostních informací: Antivirový program
Typ aktualizace: Úplné
Uživatel: NT AUTHORITY\SYSTEM
Aktuální verze modulu: 
Předchozí verze modulu: 1.1.20100.6
Kód chyby: 0x80072ee7
Popis chyby: Nelze rozpoznat název nebo adresu serveru.  

Date: 2023-04-11 14:55:54
Description: 
Antivirová ochrana v programu Microsoft Defender narazil na chybu při pokusu o aktualizaci bezpečnostních informací.
Nová verze bezpečnostních informací: 
Předchozí verze bezpečnostních informací: 1.385.1937.0
Zdroj aktualizace: Centrum společnosti Microsoft pro ochranu před škodlivým softwarem
Typ bezpečnostních informací: Antispywarový program
Typ aktualizace: Úplné
Uživatel: NT AUTHORITY\SYSTEM
Aktuální verze modulu: 
Předchozí verze modulu: 1.1.20100.6
Kód chyby: 0x80072ee7
Popis chyby: Nelze rozpoznat název nebo adresu serveru.  

Date: 2023-04-11 14:55:54
Description: 
Antivirová ochrana v programu Microsoft Defender narazil na chybu při pokusu o aktualizaci bezpečnostních informací.
Nová verze bezpečnostních informací: 
Předchozí verze bezpečnostních informací: 1.385.1937.0
Zdroj aktualizace: Centrum společnosti Microsoft pro ochranu před škodlivým softwarem
Typ bezpečnostních informací: Antivirový program
Typ aktualizace: Úplné
Uživatel: NT AUTHORITY\SYSTEM
Aktuální verze modulu: 
Předchozí verze modulu: 1.1.20100.6
Kód chyby: 0x80072ee7
Popis chyby: Nelze rozpoznat název nebo adresu serveru.  

CodeIntegrity:
===============
Date: 2023-12-04 19:42:55
Description: 
Code Integrity determined that a process (\Device\HarddiskVolume4\ProgramData\Microsoft\Windows Defender\Platform\4.18.23100.2009-0\MsMpEng.exe) attempted to load \Device\HarddiskVolume4\Program Files\Microsoft Office\root\vfs\ProgramFilesCommonX64\Microsoft Shared\Office16\MSOXMLMF.DLL that did not meet the Custom 3 / Antimalware signing level requirements. 


==================== Memory info =========================== 

BIOS: American Megatrends Inc. 1405 11/19/2019
Motherboard: ASUSTeK COMPUTER INC. PRIME X570-P
Processor: AMD Ryzen 5 3600X 6-Core Processor 
Percentage of memory in use: 40%
Total physical RAM: 16295.71 MB
Available physical RAM: 9686.5 MB
Total Virtual: 31143.71 MB
Available Virtual: 22961.47 MB

==================== Drives ================================

Drive c: () (Fixed) (Total:952.53 GB) (Free:110.84 GB) (Model: XPG GAMMIX S11 Pro) NTFS
Drive d: () (Fixed) (Total:931.51 GB) (Free:468.33 GB) (Model: WDC WD1002FAEX-00Y9A0) NTFS
Drive e: (DATA) (Fixed) (Total:1862.89 GB) (Free:78.95 GB) (Model: ST2000LM007-1R8174) NTFS
Drive g: (My Passport) (Fixed) (Total:1862.98 GB) (Free:1555.31 GB) (Model: WD My Passport 2626 USB Device) NTFS

\\?\Volume{32949bee-c318-41cc-832b-b759fab91497}\ (Obnovení) (Fixed) (Total:0.52 GB) (Free:0.1 GB) NTFS
\\?\Volume{07214ae2-c567-47c7-9611-39b3dd9b04b0}\ () (Fixed) (Total:0.71 GB) (Free:0.06 GB) NTFS
\\?\Volume{6805d56e-bd7f-4a4f-9977-5c724f75e684}\ () (Fixed) (Total:0.09 GB) (Free:0.07 GB) FAT32

==================== MBR & Partition Table ====================

==========================================================
Disk: 0 (MBR Code: Windows 7/8/10) (Size: 931.5 GB) (Disk ID: 1DCF2244)
Partition 1: (Not Active) - (Size=931.5 GB) - (Type=07 NTFS)

==========================================================
Disk: 1 (Size: 1863 GB) (Disk ID: 58D266E8)

Partition: GPT.

==========================================================
Disk: 2 (MBR Code: Windows 7/8/10) (Size: 953.9 GB) (Disk ID: 0459F8B3)

Partition: GPT.

==========================================================
Disk: 3 (Size: 1863 GB) (Disk ID: 16F2A91F)

Partition: GPT.

==================== End of Addition.txt =======================
Nahoru
Uživatelský avatar
Rudy
Site Admin
Site Admin
Příspěvky: 118289
Registrován: 30 říj 2003 13:42
Bydliště: Plzeň
Kontaktovat uživatele:
Kontaktovat uživatele Rudy

Re: Spomalený internet

#2 Příspěvek od Rudy »

Zdravím!
Nejprve spusťte tuto utilitu:
Ulozte na plochu AdwCleaner https://malwarebytes.com/adwcleaner/ nebo http://www.bleepingcomputer.com/download/adwcleaner/

ukoncete vsechny programy
odsouhlaste licencni podmiky (EULA) klikem na Souhlasim
kliknete pravym na ikonu AdwCleaneru a vyberte Spustit jako spravce (v pripade Win XP spustte obycejne dvojklikem)
kliknete na Skenovat nyni (Scan now), pote na Cisteni a opravy (Clean and Repair)
po restartu na Vas vyskoci log (pripadne jej najdete v C:\AdwCleaner\Logs\AdwCleaner[Cxx].txt), jehoz obsah zkopirujte do pristi odpovedi
Dotazy a logy vkládejte pouze do vašich threadů. Soukromé zprávy, icq a e-maily neslouží k řešení vašich problémů.

Podpořte, prosím, naše fórum : https://platba.viry.cz/payment/.

Navštivte: Obrázek

e-mail: rudy(zavináč)forum.viry.cz

Varování: Před odvirováním PC si udělejte zálohy svých důležitých dat (pošta, kontakty, dokumenty, fotografie, videa, hudba apod.). Virus mimo svých "viditelných" aktivit může poškodit systém!


Po dořešení vašeho problému bude vlákno zamknuto. Stejně tak tehdy, pokud bude nečinné více než 14dnů. Pokud budete chtít vlákno aktivovat, napište mi na mail uvedený výše.
Nahoru
Lorax
Návštěvník
Návštěvník
Příspěvky: 67
Registrován: 22 úno 2012 18:18

Re: Spomalený internet

#3 Příspěvek od Lorax »

Před FRST jsem již udělal, přikládám log.

Kód: Vybrat vše

# -------------------------------
# Malwarebytes AdwCleaner 8.4.0.0
# -------------------------------
# Build:    08-30-2022
# Database: 2023-07-19.3 (Cloud)
# Support:  https://www.malwarebytes.com/support
#
# -------------------------------
# Mode: Clean
# -------------------------------
# Start:    01-13-2024
# Duration: 00:00:00
# OS:       Windows 11 (Build 22631.2861)
# Cleaned:  0
# Failed:   0


***** [ Services ] *****

No malicious services cleaned.

***** [ Folders ] *****

No malicious folders cleaned.

***** [ Files ] *****

No malicious files cleaned.

***** [ DLL ] *****

No malicious DLLs cleaned.

***** [ WMI ] *****

No malicious WMI cleaned.

***** [ Shortcuts ] *****

No malicious shortcuts cleaned.

***** [ Tasks ] *****

No malicious tasks cleaned.

***** [ Registry ] *****

No malicious registry entries cleaned.

***** [ Chromium (and derivatives) ] *****

No malicious Chromium entries cleaned.

***** [ Chromium URLs ] *****

No malicious Chromium URLs cleaned.

***** [ Firefox (and derivatives) ] *****

No malicious Firefox entries cleaned.

***** [ Firefox URLs ] *****

No malicious Firefox URLs cleaned.

***** [ Hosts File Entries ] *****

No malicious hosts file entries cleaned.

***** [ Preinstalled Software ] *****

No Preinstalled Software cleaned.


*************************

[+] Delete Tracing Keys
[+] Reset Winsock

*************************

AdwCleaner[S00].txt - [1406 octets] - [18/01/2022 12:11:17]
AdwCleaner[S01].txt - [1549 octets] - [11/01/2024 18:54:08]
AdwCleaner[S02].txt - [1610 octets] - [13/01/2024 08:35:01]
AdwCleaner[C02].txt - [1780 octets] - [13/01/2024 08:35:51]
AdwCleaner[S03].txt - [1664 octets] - [13/01/2024 12:01:06]

########## EOF - C:\AdwCleaner\Logs\AdwCleaner[C03].txt ##########
Nahoru
Uživatelský avatar
Rudy
Site Admin
Site Admin
Příspěvky: 118289
Registrován: 30 říj 2003 13:42
Bydliště: Plzeň
Kontaktovat uživatele:
Kontaktovat uživatele Rudy

Re: Spomalený internet

#4 Příspěvek od Rudy »

To ale musíte říci, jinak se tu budeme zbytečně zdržovat. Otevřte poznámkový blok a zkopírujte do něj:
Start

CloseProcesses:
HKLM\SOFTWARE\Policies\Microsoft\Windows\WindowsUpdate: Restriction <==== ATTENTION
HKLM\Software\...\Authentication\Credential Providers: [{C885AA15-1764-4293-B82A-0586ADD46B35}] ->
GroupPolicy: Restriction ? <==== ATTENTION
Policies: C:\ProgramData\NTUSER.pol: Restriction <==== ATTENTION
Task: {F848ED3F-380D-4303-A7A5-7033761548C6} - System32\Tasks\GoogleSystem\GoogleUpdater\GoogleUpdaterTaskSystem122.0.6234.0{96AB8147-73F5-4129-A784-56518144BBC9} => C:\Program Files (x86)\Google\GoogleUpdater\122.0.6234.0\updater.exe [4639520 2024-01-08] (Google LLC -> Google LLC) <==== ATTENTION
Task: {CCDFC0B8-01A3-4E74-A820-4F13F51D269E} - System32\Tasks\Microsoft\Windows\Mobile Broadband Accounts\MNO Metadata Parser => %SystemRoot%\System32\MbaeParserTask.exe (No File)
Task: {06DCB861-A372-4362-91D4-C467001994F2} - System32\Tasks\Microsoft\Windows\UpdateOrchestrator\Reboot_AC => %systemroot%\system32\MusNotification.exe /RunOnAC RebootDialog (No File)
Task: {4ED1FB17-3942-439E-AF43-50CB8FED9536} - System32\Tasks\Microsoft\Windows\UpdateOrchestrator\Reboot_Battery => %systemroot%\system32\MusNotification.exe /RunOnBattery RebootDialog (No File)
Task: {E0F10DCF-44AD-40E8-9370-FB5DA59F93FB} - System32\Tasks\Microsoft\Windows\UpdateOrchestrator\USO_UxBroker => %systemroot%\system32\MusNotification.exe (No File)
Task: {9A995544-C1BB-4338-A371-C1CF9763A4E7} - System32\Tasks\PandaCloseProxyStartUp => C:\Users\xawie\AppData\Roaming\Panda\CloseProxy.exe (No File)
HKLM\SOFTWARE\Policies\Microsoft\Internet Explorer: Restriction <==== ATTENTION
FF Plugin: adobe.com/AdobeAAMDetect -> C:\Program Files (x86)\Common Files\Adobe\OOBE\PDApp\CCM\Utilities\npAdobeAAMDetect64.dll [No File]
ContextMenuHandlers5: [ACE] -> {5E2121EE-0300-11D4-8D3B-444553540000} => -> No File
AlternateDataStreams: C:\desktop.ini:CachedTiles [488]
AlternateDataStreams: C:\ProgramData\goyslgxe.nnn:7297ACA992 [6874]
AlternateDataStreams: C:\ProgramData\mntemp:8EAD8B3507 [6874]
AlternateDataStreams: C:\ProgramData\Microsoft\Windows\Start Menu\desktop.ini:B1DA6C571C [6874]
AlternateDataStreams: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Access.lnk:A1B76439FE [6874]
AlternateDataStreams: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Adobe Photoshop 2022.lnk:638138415C [6874]
AlternateDataStreams: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\desktop.ini:41964AA945 [6874]
AlternateDataStreams: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Epic Games Launcher.lnk:BE32D07BC5 [6874]
AlternateDataStreams: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Excel.lnk:B96E9B8455 [6874]
AlternateDataStreams: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Malwarebytes.lnk:C5D586BE93 [6874]
AlternateDataStreams: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Notepad++.lnk:159ADC9AA1 [6874]
AlternateDataStreams: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\OneDrive.lnk:4E42ED6D31 [6874]
AlternateDataStreams: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\OneNote.lnk:60EC9648C0 [6874]
AlternateDataStreams: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Outlook.lnk:5465085A2F [6874]
AlternateDataStreams: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\PowerPoint.lnk:1DC1525F34 [6874]
AlternateDataStreams: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Publisher.lnk:104946E0EA [6874]
AlternateDataStreams: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Skype pro firmy.lnk:204831D10F [6874]
AlternateDataStreams: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Word.lnk:7AD7FA8AB1 [6874]
SearchScopes: HKU\S-1-5-21-65323361-3339110103-3339747079-1001 -> DefaultScope {0633EE93-D776-472f-A0FF-E1416B8B2E3A} URL =
FirewallRules: [UDP Query User{516E3C66-717A-411C-B31D-F705C394C66B}C:\users\xawie\appdata\roaming\utorrent web\utweb.exe] => (Block) C:\users\xawie\appdata\roaming\utorrent web\utweb.exe => No File
FirewallRules: [TCP Query User{2AA62AB7-B956-47D0-9C8C-9F33DA230417}C:\users\xawie\appdata\roaming\utorrent web\utweb.exe] => (Block) C:\users\xawie\appdata\roaming\utorrent web\utweb.exe => No File
FirewallRules: [{EDA02964-0101-41FC-A93B-F7B0C959BB74}] => (Allow) C:\Users\xawie\AppData\Roaming\uTorrent Web\utweb.exe => No File
FirewallRules: [{E6882540-A088-487B-B81C-C60C9CE946CF}] => (Allow) C:\Users\xawie\AppData\Roaming\uTorrent Web\utweb.exe => No File
C:\Windows\Temp\windowsnetservicehelper_update\ServiceUpdate.exe
E:\Downloads\gbooks_3117670744.exe
E:\Downloads\jdk-13.0.2_windows-x64_bin_3197525509.exe

EmptyTemp:
End
Uložte do C:\Users\xawie\Downloads jako fixlist.txt. Spusťte znovu FRST a klikněte na >Fix<. Po skončení akce se objeví log, který sem zkopírujte.
Dotazy a logy vkládejte pouze do vašich threadů. Soukromé zprávy, icq a e-maily neslouží k řešení vašich problémů.

Podpořte, prosím, naše fórum : https://platba.viry.cz/payment/.

Navštivte: Obrázek

e-mail: rudy(zavináč)forum.viry.cz

Varování: Před odvirováním PC si udělejte zálohy svých důležitých dat (pošta, kontakty, dokumenty, fotografie, videa, hudba apod.). Virus mimo svých "viditelných" aktivit může poškodit systém!


Po dořešení vašeho problému bude vlákno zamknuto. Stejně tak tehdy, pokud bude nečinné více než 14dnů. Pokud budete chtít vlákno aktivovat, napište mi na mail uvedený výše.
Nahoru
Lorax
Návštěvník
Návštěvník
Příspěvky: 67
Registrován: 22 úno 2012 18:18

Re: Spomalený internet

#5 Příspěvek od Lorax »

Kód: Vybrat vše

Fix result of Farbar Recovery Scan Tool (x64) Version: 11.01.2024
Ran by xawie (13-01-2024 16:07:34) Run:1
Running from C:\Users\xawie\Downloads
Loaded Profiles: xawie
Boot Mode: Normal
==============================================

fixlist content:
*****************
Start

CloseProcesses:
HKLM\SOFTWARE\Policies\Microsoft\Windows\WindowsUpdate: Restriction <==== ATTENTION
HKLM\Software\...\Authentication\Credential Providers: [{C885AA15-1764-4293-B82A-0586ADD46B35}] ->
GroupPolicy: Restriction ? <==== ATTENTION
Policies: C:\ProgramData\NTUSER.pol: Restriction <==== ATTENTION
Task: {F848ED3F-380D-4303-A7A5-7033761548C6} - System32\Tasks\GoogleSystem\GoogleUpdater\GoogleUpdaterTaskSystem122.0.6234.0{96AB8147-73F5-4129-A784-56518144BBC9} => C:\Program Files (x86)\Google\GoogleUpdater\122.0.6234.0\updater.exe [4639520 2024-01-08] (Google LLC -> Google LLC) <==== ATTENTION
Task: {CCDFC0B8-01A3-4E74-A820-4F13F51D269E} - System32\Tasks\Microsoft\Windows\Mobile Broadband Accounts\MNO Metadata Parser => %SystemRoot%\System32\MbaeParserTask.exe (No File)
Task: {06DCB861-A372-4362-91D4-C467001994F2} - System32\Tasks\Microsoft\Windows\UpdateOrchestrator\Reboot_AC => %systemroot%\system32\MusNotification.exe /RunOnAC RebootDialog (No File)
Task: {4ED1FB17-3942-439E-AF43-50CB8FED9536} - System32\Tasks\Microsoft\Windows\UpdateOrchestrator\Reboot_Battery => %systemroot%\system32\MusNotification.exe /RunOnBattery RebootDialog (No File)
Task: {E0F10DCF-44AD-40E8-9370-FB5DA59F93FB} - System32\Tasks\Microsoft\Windows\UpdateOrchestrator\USO_UxBroker => %systemroot%\system32\MusNotification.exe (No File)
Task: {9A995544-C1BB-4338-A371-C1CF9763A4E7} - System32\Tasks\PandaCloseProxyStartUp => C:\Users\xawie\AppData\Roaming\Panda\CloseProxy.exe (No File)
HKLM\SOFTWARE\Policies\Microsoft\Internet Explorer: Restriction <==== ATTENTION
FF Plugin: adobe.com/AdobeAAMDetect -> C:\Program Files (x86)\Common Files\Adobe\OOBE\PDApp\CCM\Utilities\npAdobeAAMDetect64.dll [No File]
ContextMenuHandlers5: [ACE] -> {5E2121EE-0300-11D4-8D3B-444553540000} => -> No File
AlternateDataStreams: C:\desktop.ini:CachedTiles [488]
AlternateDataStreams: C:\ProgramData\goyslgxe.nnn:7297ACA992 [6874]
AlternateDataStreams: C:\ProgramData\mntemp:8EAD8B3507 [6874]
AlternateDataStreams: C:\ProgramData\Microsoft\Windows\Start Menu\desktop.ini:B1DA6C571C [6874]
AlternateDataStreams: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Access.lnk:A1B76439FE [6874]
AlternateDataStreams: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Adobe Photoshop 2022.lnk:638138415C [6874]
AlternateDataStreams: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\desktop.ini:41964AA945 [6874]
AlternateDataStreams: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Epic Games Launcher.lnk:BE32D07BC5 [6874]
AlternateDataStreams: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Excel.lnk:B96E9B8455 [6874]
AlternateDataStreams: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Malwarebytes.lnk:C5D586BE93 [6874]
AlternateDataStreams: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Notepad++.lnk:159ADC9AA1 [6874]
AlternateDataStreams: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\OneDrive.lnk:4E42ED6D31 [6874]
AlternateDataStreams: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\OneNote.lnk:60EC9648C0 [6874]
AlternateDataStreams: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Outlook.lnk:5465085A2F [6874]
AlternateDataStreams: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\PowerPoint.lnk:1DC1525F34 [6874]
AlternateDataStreams: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Publisher.lnk:104946E0EA [6874]
AlternateDataStreams: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Skype pro firmy.lnk:204831D10F [6874]
AlternateDataStreams: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Word.lnk:7AD7FA8AB1 [6874]
SearchScopes: HKU\S-1-5-21-65323361-3339110103-3339747079-1001 -> DefaultScope {0633EE93-D776-472f-A0FF-E1416B8B2E3A} URL =
FirewallRules: [UDP Query User{516E3C66-717A-411C-B31D-F705C394C66B}C:\users\xawie\appdata\roaming\utorrent web\utweb.exe] => (Block) C:\users\xawie\appdata\roaming\utorrent web\utweb.exe => No File
FirewallRules: [TCP Query User{2AA62AB7-B956-47D0-9C8C-9F33DA230417}C:\users\xawie\appdata\roaming\utorrent web\utweb.exe] => (Block) C:\users\xawie\appdata\roaming\utorrent web\utweb.exe => No File
FirewallRules: [{EDA02964-0101-41FC-A93B-F7B0C959BB74}] => (Allow) C:\Users\xawie\AppData\Roaming\uTorrent Web\utweb.exe => No File
FirewallRules: [{E6882540-A088-487B-B81C-C60C9CE946CF}] => (Allow) C:\Users\xawie\AppData\Roaming\uTorrent Web\utweb.exe => No File
C:\Windows\Temp\windowsnetservicehelper_update\ServiceUpdate.exe
E:\Downloads\gbooks_3117670744.exe
E:\Downloads\jdk-13.0.2_windows-x64_bin_3197525509.exe

EmptyTemp:
End
*****************

Processes closed successfully.
HKLM\SOFTWARE\Policies\Microsoft\Windows\WindowsUpdate => removed successfully
HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Authentication\Credential Providers\{C885AA15-1764-4293-B82A-0586ADD46B35} => removed successfully

"C:\WINDOWS\system32\GroupPolicy\Machine" folder move:

Could not move "C:\WINDOWS\system32\GroupPolicy\Machine" => Scheduled to move on reboot.

C:\WINDOWS\system32\GroupPolicy\GPT.ini => moved successfully
C:\WINDOWS\SysWOW64\GroupPolicy\GPT.ini => moved successfully
C:\ProgramData\NTUSER.pol => moved successfully
"HKLM\Software\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Logon\{F848ED3F-380D-4303-A7A5-7033761548C6}" => removed successfully
"HKLM\Software\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tasks\{F848ED3F-380D-4303-A7A5-7033761548C6}" => removed successfully
C:\WINDOWS\System32\Tasks\GoogleSystem\GoogleUpdater\GoogleUpdaterTaskSystem122.0.6234.0{96AB8147-73F5-4129-A784-56518144BBC9} => moved successfully
"HKLM\Software\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tree\GoogleSystem\GoogleUpdater\GoogleUpdaterTaskSystem122.0.6234.0{96AB8147-73F5-4129-A784-56518144BBC9}" => removed successfully
"HKLM\Software\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Plain\{CCDFC0B8-01A3-4E74-A820-4F13F51D269E}" => removed successfully
"HKLM\Software\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tasks\{CCDFC0B8-01A3-4E74-A820-4F13F51D269E}" => removed successfully
C:\WINDOWS\System32\Tasks\Microsoft\Windows\Mobile Broadband Accounts\MNO Metadata Parser => moved successfully
"HKLM\Software\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tree\Microsoft\Windows\Mobile Broadband Accounts\MNO Metadata Parser" => removed successfully
"HKLM\Software\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Plain\{06DCB861-A372-4362-91D4-C467001994F2}" => removed successfully
"HKLM\Software\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tasks\{06DCB861-A372-4362-91D4-C467001994F2}" => removed successfully
C:\WINDOWS\System32\Tasks\Microsoft\Windows\UpdateOrchestrator\Reboot_AC => moved successfully
"HKLM\Software\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tree\Microsoft\Windows\UpdateOrchestrator\Reboot_AC" => removed successfully
"HKLM\Software\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Plain\{4ED1FB17-3942-439E-AF43-50CB8FED9536}" => removed successfully
"HKLM\Software\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tasks\{4ED1FB17-3942-439E-AF43-50CB8FED9536}" => removed successfully
C:\WINDOWS\System32\Tasks\Microsoft\Windows\UpdateOrchestrator\Reboot_Battery => moved successfully
"HKLM\Software\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tree\Microsoft\Windows\UpdateOrchestrator\Reboot_Battery" => removed successfully
"HKLM\Software\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Plain\{E0F10DCF-44AD-40E8-9370-FB5DA59F93FB}" => removed successfully
"HKLM\Software\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tasks\{E0F10DCF-44AD-40E8-9370-FB5DA59F93FB}" => removed successfully
C:\WINDOWS\System32\Tasks\Microsoft\Windows\UpdateOrchestrator\USO_UxBroker => moved successfully
"HKLM\Software\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tree\Microsoft\Windows\UpdateOrchestrator\USO_UxBroker" => removed successfully
"HKLM\Software\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Logon\{9A995544-C1BB-4338-A371-C1CF9763A4E7}" => removed successfully
"HKLM\Software\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tasks\{9A995544-C1BB-4338-A371-C1CF9763A4E7}" => removed successfully
C:\WINDOWS\System32\Tasks\PandaCloseProxyStartUp => moved successfully
"HKLM\Software\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tree\PandaCloseProxyStartUp" => removed successfully
HKLM\SOFTWARE\Policies\Microsoft\Internet Explorer => removed successfully
HKLM\Software\MozillaPlugins\adobe.com/AdobeAAMDetect => removed successfully
HKLM\Software\Classes\Directory\Background\ShellEx\ContextMenuHandlers\ACE => removed successfully
HKLM\Software\Classes\CLSID\{5E2121EE-0300-11D4-8D3B-444553540000} => removed successfully
C:\desktop.ini => ":CachedTiles" ADS removed successfully
C:\ProgramData\goyslgxe.nnn => ":7297ACA992" ADS removed successfully
C:\ProgramData\mntemp => ":8EAD8B3507" ADS removed successfully
C:\ProgramData\Microsoft\Windows\Start Menu\desktop.ini => ":B1DA6C571C" ADS removed successfully
C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Access.lnk => ":A1B76439FE" ADS removed successfully
C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Adobe Photoshop 2022.lnk => ":638138415C" ADS removed successfully
C:\ProgramData\Microsoft\Windows\Start Menu\Programs\desktop.ini => ":41964AA945" ADS removed successfully
C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Epic Games Launcher.lnk => ":BE32D07BC5" ADS removed successfully
C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Excel.lnk => ":B96E9B8455" ADS removed successfully
C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Malwarebytes.lnk => ":C5D586BE93" ADS removed successfully
C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Notepad++.lnk => ":159ADC9AA1" ADS removed successfully
C:\ProgramData\Microsoft\Windows\Start Menu\Programs\OneDrive.lnk => ":4E42ED6D31" ADS removed successfully
C:\ProgramData\Microsoft\Windows\Start Menu\Programs\OneNote.lnk => ":60EC9648C0" ADS removed successfully
C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Outlook.lnk => ":5465085A2F" ADS removed successfully
C:\ProgramData\Microsoft\Windows\Start Menu\Programs\PowerPoint.lnk => ":1DC1525F34" ADS removed successfully
C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Publisher.lnk => ":104946E0EA" ADS removed successfully
C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Skype pro firmy.lnk => ":204831D10F" ADS removed successfully
C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Word.lnk => ":7AD7FA8AB1" ADS removed successfully
"HKU\S-1-5-21-65323361-3339110103-3339747079-1001\SOFTWARE\Microsoft\Internet Explorer\SearchScopes\\DefaultScope" => removed successfully
"HKLM\SYSTEM\CurrentControlSet\services\SharedAccess\Parameters\FirewallPolicy\FirewallRules\\UDP Query User{516E3C66-717A-411C-B31D-F705C394C66B}C:\users\xawie\appdata\roaming\utorrent web\utweb.exe" => removed successfully
"HKLM\SYSTEM\CurrentControlSet\services\SharedAccess\Parameters\FirewallPolicy\FirewallRules\\TCP Query User{2AA62AB7-B956-47D0-9C8C-9F33DA230417}C:\users\xawie\appdata\roaming\utorrent web\utweb.exe" => removed successfully
"HKLM\SYSTEM\CurrentControlSet\services\SharedAccess\Parameters\FirewallPolicy\FirewallRules\\{EDA02964-0101-41FC-A93B-F7B0C959BB74}" => removed successfully
"HKLM\SYSTEM\CurrentControlSet\services\SharedAccess\Parameters\FirewallPolicy\FirewallRules\\{E6882540-A088-487B-B81C-C60C9CE946CF}" => removed successfully
"C:\Windows\Temp\windowsnetservicehelper_update\ServiceUpdate.exe" => not found
E:\Downloads\gbooks_3117670744.exe => moved successfully
E:\Downloads\jdk-13.0.2_windows-x64_bin_3197525509.exe => moved successfully

=========== EmptyTemp: ==========

FlushDNS => completed
BITS transfer queue => 1835008 B
DOMStore, IE Recovery, AppCache, Feeds Cache, Thumbcache, IconCache => 374581986 B
Java, Discord, Steam htmlcache, WinHttpAutoProxySvc/winhttp *.cache => 580924656 B
Windows/system/drivers => 12591765 B
Edge => 0 B
Chrome => 892893987 B
Firefox => 0 B
Opera => 0 B

Temp, IE cache, history, cookies, recent:
Default => 0 B
ProgramData => 0 B
Public => 0 B
systemprofile => 0 B
systemprofile32 => 176616 B
LocalService => 184120 B
NetworkService => 215602 B
xawie => 250716067 B

RecycleBin => 6437476 B
EmptyTemp: => 2 GB temporary data Removed.

================================

Result of scheduled files to move (Boot Mode: Normal) (Date&Time: 13-01-2024 16:13:00)

C:\WINDOWS\system32\GroupPolicy\Machine => Could not move

==== End of Fixlog 16:13:00 ====
Nahoru
Uživatelský avatar
Rudy
Site Admin
Site Admin
Příspěvky: 118289
Registrován: 30 říj 2003 13:42
Bydliště: Plzeň
Kontaktovat uživatele:
Kontaktovat uživatele Rudy

Re: Spomalený internet

#6 Příspěvek od Rudy »

Smazáno. Změnilo se něco k lepšímu?
Dotazy a logy vkládejte pouze do vašich threadů. Soukromé zprávy, icq a e-maily neslouží k řešení vašich problémů.

Podpořte, prosím, naše fórum : https://platba.viry.cz/payment/.

Navštivte: Obrázek

e-mail: rudy(zavináč)forum.viry.cz

Varování: Před odvirováním PC si udělejte zálohy svých důležitých dat (pošta, kontakty, dokumenty, fotografie, videa, hudba apod.). Virus mimo svých "viditelných" aktivit může poškodit systém!


Po dořešení vašeho problému bude vlákno zamknuto. Stejně tak tehdy, pokud bude nečinné více než 14dnů. Pokud budete chtít vlákno aktivovat, napište mi na mail uvedený výše.
Nahoru
Lorax
Návštěvník
Návštěvník
Příspěvky: 67
Registrován: 22 úno 2012 18:18

Re: Spomalený internet

#7 Příspěvek od Lorax »

Není to jako dříve, ale poznatelný rozdíl tu je. Děkuji
Nahoru
Uživatelský avatar
Rudy
Site Admin
Site Admin
Příspěvky: 118289
Registrován: 30 říj 2003 13:42
Bydliště: Plzeň
Kontaktovat uživatele:
Kontaktovat uživatele Rudy

Re: Spomalený internet

#8 Příspěvek od Rudy »

Zkuste ještě spustit čištění prohlížečů:

1. Stahnete Zoek.exe https://www.edisk.cz/stahni/21334/zoek.rar_1.3MB.html/ a ulozte jej na plochu

Pokud pouzivate Win Vista ci W7, kliknete na Zoek pravym a dejte Run As Administrator ci Spustit jako spravce
Do okna vlozte skript nize




autoclean;
resethosts;
emptyclsid;
IEdefaults;
FFdefaults;
CHRdefaults;
emptyIEcache;
emptyFFcache;
emptyCHRcache;
emptyalltemp;
emptyflash;
emptyjava;
emptyrecycle.bin;





Nasledne kliknete na Run Script
PC provede opravu, restartuje se a da Vam log, jeho obsah vlozte sem.

a

2. Junkware removal tool: https://www.stahuj.cz/utility_a_ostatni ... oval-tool/
•Ulozte nejlepe na plochu
•Po spusteni se zobrazi licencni podminky, stisknete libovolnou klavesu
•Probehne vytvoreni zalohy a nasledne prohledavani
•Probehne skenovani a pak se objevi log, pripadne bude ulozen v c:\JRT jako JRT.txt, ten sem vlozte.
Dotazy a logy vkládejte pouze do vašich threadů. Soukromé zprávy, icq a e-maily neslouží k řešení vašich problémů.

Podpořte, prosím, naše fórum : https://platba.viry.cz/payment/.

Navštivte: Obrázek

e-mail: rudy(zavináč)forum.viry.cz

Varování: Před odvirováním PC si udělejte zálohy svých důležitých dat (pošta, kontakty, dokumenty, fotografie, videa, hudba apod.). Virus mimo svých "viditelných" aktivit může poškodit systém!


Po dořešení vašeho problému bude vlákno zamknuto. Stejně tak tehdy, pokud bude nečinné více než 14dnů. Pokud budete chtít vlákno aktivovat, napište mi na mail uvedený výše.
Nahoru
Lorax
Návštěvník
Návštěvník
Příspěvky: 67
Registrován: 22 úno 2012 18:18

Re: Spomalený internet

#9 Příspěvek od Lorax »

Zoek log posílám v příloze z důvodu počtu znaků. Junkware removal tool log jsem omylem zavřel a nemohu ho nikde najít, ani podle cesty, kterou píšete. Každopádně nyní vidím výrazné zrychlení.
Přílohy
zoek-results.zip
(75.58 KiB) Staženo 23 x
Nahoru
Uživatelský avatar
Rudy
Site Admin
Site Admin
Příspěvky: 118289
Registrován: 30 říj 2003 13:42
Bydliště: Plzeň
Kontaktovat uživatele:
Kontaktovat uživatele Rudy

Re: Spomalený internet

#10 Příspěvek od Rudy »

Zoek smazal, co mohl. JRT jste zkoušel? Pokud ano, prosím o log. Děkuji
Dotazy a logy vkládejte pouze do vašich threadů. Soukromé zprávy, icq a e-maily neslouží k řešení vašich problémů.

Podpořte, prosím, naše fórum : https://platba.viry.cz/payment/.

Navštivte: Obrázek

e-mail: rudy(zavináč)forum.viry.cz

Varování: Před odvirováním PC si udělejte zálohy svých důležitých dat (pošta, kontakty, dokumenty, fotografie, videa, hudba apod.). Virus mimo svých "viditelných" aktivit může poškodit systém!


Po dořešení vašeho problému bude vlákno zamknuto. Stejně tak tehdy, pokud bude nečinné více než 14dnů. Pokud budete chtít vlákno aktivovat, napište mi na mail uvedený výše.
Nahoru
Lorax
Návštěvník
Návštěvník
Příspěvky: 67
Registrován: 22 úno 2012 18:18

Re: Spomalený internet

#11 Příspěvek od Lorax »

JRT smazal jednu věc, ale omylem jsem log vypnul a už ho nikde nemohu najít, udělal jsem nový a tam už nic nebylo.

Kód: Vybrat vše

~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~
Junkware Removal Tool (JRT) by Malwarebytes
Version: 8.1.4 (07.09.2017)
Operating System: Windows 10 Home x64 
Ran by xawie (Administrator) on 16.01.2024 at 18:48:13,84
~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~




File System: 0 




Registry: 0 





~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~
Scan was completed on 16.01.2024 at 18:49:30,31
End of JRT log
~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~
Nahoru
Uživatelský avatar
Rudy
Site Admin
Site Admin
Příspěvky: 118289
Registrován: 30 říj 2003 13:42
Bydliště: Plzeň
Kontaktovat uživatele:
Kontaktovat uživatele Rudy

Re: Spomalený internet

#12 Příspěvek od Rudy »

OK. Hlavně, že vyčištění prohlížečů pomohlo.
Dotazy a logy vkládejte pouze do vašich threadů. Soukromé zprávy, icq a e-maily neslouží k řešení vašich problémů.

Podpořte, prosím, naše fórum : https://platba.viry.cz/payment/.

Navštivte: Obrázek

e-mail: rudy(zavináč)forum.viry.cz

Varování: Před odvirováním PC si udělejte zálohy svých důležitých dat (pošta, kontakty, dokumenty, fotografie, videa, hudba apod.). Virus mimo svých "viditelných" aktivit může poškodit systém!


Po dořešení vašeho problému bude vlákno zamknuto. Stejně tak tehdy, pokud bude nečinné více než 14dnů. Pokud budete chtít vlákno aktivovat, napište mi na mail uvedený výše.
Nahoru
Odpovědět

Zpět na „Řešení problémů, logy“