Odvirování PC, zrychlení počítače, vzdálená pomoc prostřednictvím služby neslape.cz

Samovolný pohyb myši a samovolné otvírání prohlížeče

Máte problém s virem? Vložte sem log z FRST nebo RSIT.

Moderátor: Moderátoři

Pravidla fóra
Pokud chcete pomoc, vložte log z FRST [návod zde] nebo RSIT [návod zde]

Jednotlivé thready budou po vyřešení uzamčeny. Stejně tak ty, které budou nečinné déle než 14 dní. Vizte Pravidlo o zamykání témat. Děkujeme za pochopení.

!NOVINKA!
Nově lze využívat služby vzdálené pomoci, kdy se k vašemu počítači připojí odborník a bližší informace o problému si od vás získá telefonicky! Více na www.neslape.cz
Odpovědět
Zpráva
Autor
jasanek
Návštěvník
Návštěvník
Příspěvky: 144
Registrován: 04 zář 2006 14:43

Samovolný pohyb myši a samovolné otvírání prohlížeče

#1 Příspěvek od jasanek »

Scan result of Farbar Recovery Scan Tool (FRST) (x64) Version: 10.03.2024
Ran by Boss (administrator) on KACKA (10-03-2024 18:19:06)
Running from C:\Users\Boss\Desktop\FRST64.exe
Loaded Profiles: Boss
Platform: Microsoft Windows 10 Pro Version 22H2 19045.4046 (X64) Language: Čeština (Česko)
Default browser: FF
Boot Mode: Normal

==================== Processes (Whitelisted) =================

(If an entry is included in the fixlist, the process will be closed. The file will not be moved.)

(C:\Program Files (x86)\Common Files\Java\Java Update\jusched.exe ->) (Oracle America, Inc. -> Oracle Corporation) C:\Program Files (x86)\Common Files\Java\Java Update\jucheck.exe
(C:\Program Files (x86)\Steam\steam.exe ->) (Valve Corp. -> Valve Corporation) C:\Program Files (x86)\Steam\bin\cef\cef.win7x64\steamwebhelper.exe <7>
(C:\Program Files\AMD\CNext\CNext\AMDRSServ.exe ->) (Advanced Micro Devices Inc. -> Advanced Micro Devices, Inc.) C:\Program Files\AMD\CNext\CNext\amdow.exe
(C:\Program Files\AMD\CNext\CNext\AMDRSServ.exe ->) (Advanced Micro Devices Inc. -> Advanced Micro Devices, Inc.) C:\Program Files\AMD\CNext\CNext\AMDRSSrcExt.exe
(C:\Program Files\AMD\CNext\CNext\RadeonSoftware.exe ->) (Advanced Micro Devices Inc. -> Advanced Micro Devices, Inc.) C:\Program Files\AMD\CNext\CNext\cncmd.exe
(C:\Program Files\Common Files\microsoft shared\ClickToRun\OfficeClickToRun.exe ->) (Microsoft Corporation -> Microsoft Corporation) C:\Program Files\Common Files\microsoft shared\ClickToRun\AppVShNotify.exe
(C:\Program Files\WindowsApps\MSTeams_24004.1309.2689.2246_x64__8wekyb3d8bbwe\ms-teams.exe ->) (Microsoft Corporation -> Microsoft Corporation) C:\Program Files (x86)\Microsoft\EdgeWebView\Application\122.0.2365.80\msedgewebview2.exe <6>
(cmd.exe ->) (Advanced Micro Devices Inc. -> Advanced Micro Devices, Inc.) C:\Program Files\AMD\CNext\CNext\AMDRSServ.exe
(conhost.exe ->) (Advanced Micro Devices Inc. -> Advanced Micro Devices, Inc.) C:\Program Files\AMD\CNext\CNext\RadeonSoftware.exe
(DriverStore\FileRepository\u0392064.inf_amd64_f5afb73c644105f0\B392017\atiesrxx.exe ->) (Advanced Micro Devices Inc. -> AMD) C:\Windows\System32\DriverStore\FileRepository\u0392064.inf_amd64_f5afb73c644105f0\B392017\atieclxx.exe
(explorer.exe ->) (3369D7DB-FC10-4DBB-A701-31D053DEF758 -> The NW.js Community) C:\Program Files\WindowsApps\63685TenBrowser.TenBrowser_1.7.78.0_neutral__q4wt7ke8hpbsc\VFS\AppData\TenBrowser\TenBrowser.exe <8>
(explorer.exe ->) (Ivaylo Beltchev -> IvoSoft) [File not signed] C:\Program Files\Classic Shell\ClassicStartMenu.exe
(explorer.exe ->) (Scarlet.Crush Productions) [File not signed] C:\Program Files\Nefarius Software Solutions\ScpToolkit\ScpTrayApp.exe
(explorer.exe ->) (Valve Corp. -> Valve Corporation) C:\Program Files (x86)\Steam\steam.exe
(Google LLC -> Google LLC) C:\Program Files (x86)\Google\Update\1.3.36.372\GoogleCrashHandler.exe
(Google LLC -> Google LLC) C:\Program Files (x86)\Google\Update\1.3.36.372\GoogleCrashHandler64.exe
(Microsoft Corporation -> Microsoft Corporation) C:\Program Files\WindowsApps\MSTeams_24004.1309.2689.2246_x64__8wekyb3d8bbwe\ms-teams.exe
(Microsoft Windows -> Microsoft Corporation) C:\Windows\System32\cmd.exe
(Oracle America, Inc. -> Oracle Corporation) C:\Program Files (x86)\Common Files\Java\Java Update\jusched.exe
(services.exe ->) (Advanced Micro Devices Inc. -> AMD) C:\Windows\System32\DriverStore\FileRepository\u0392064.inf_amd64_f5afb73c644105f0\B392017\atiesrxx.exe
(services.exe ->) (Microsoft Corporation -> Microsoft Corporation) C:\Program Files\Common Files\microsoft shared\ClickToRun\OfficeClickToRun.exe
(services.exe ->) (Microsoft Corporation) [File not signed] C:\Program Files (x86)\Common Files\Microsoft Shared\VS7DEBUG\mdm.exe
(services.exe ->) (Microsoft Windows Hardware Compatibility Publisher -> Advanced Micro Devices, Inc.) C:\Windows\System32\amdfendrsr.exe
(services.exe ->) (Microsoft Windows Publisher -> Microsoft Corporation) C:\ProgramData\Microsoft\Windows Defender\Platform\4.18.24010.12-0\MsMpEng.exe
(services.exe ->) (Microsoft Windows Publisher -> Microsoft Corporation) C:\ProgramData\Microsoft\Windows Defender\Platform\4.18.24010.12-0\NisSrv.exe
(services.exe ->) (Scarlet.Crush Productions) [File not signed] [File is in use] C:\Program Files\Nefarius Software Solutions\ScpToolkit\ScpService.exe
(services.exe ->) (Valve Corp. -> Valve Corporation) C:\Program Files (x86)\Common Files\Steam\steamservice.exe
(svchost.exe ->) (Microsoft Windows -> Microsoft Corporation) C:\Windows\System32\dllhost.exe <3>
(svchost.exe ->) (Microsoft Windows -> Microsoft Corporation) C:\Windows\System32\MoUsoCoreWorker.exe
(svchost.exe ->) (Microsoft Windows -> Microsoft Corporation) C:\Windows\System32\smartscreen.exe

==================== Registry (Whitelisted) ===================

(If an entry is included in the fixlist, the registry item will be restored to default or removed. The file will not be moved.)

HKLM\...\Run: [Classic Start Menu] => C:\Program Files\Classic Shell\ClassicStartMenu.exe [163640 2018-07-15] (Ivaylo Beltchev -> IvoSoft) [File not signed]
HKLM-x32\...\Run: [SunJavaUpdateSched] => C:\Program Files (x86)\Common Files\Java\Java Update\jusched.exe [739448 2023-03-17] (Oracle America, Inc. -> Oracle Corporation)
HKLM-x32\...\Run: [TeamsMachineInstaller] => C:\Program Files (x86)\Teams Installer\Teams.exe [138214768 2022-11-03] (Microsoft Corporation -> Microsoft Corporation)
HKLM\...\RunOnce: [Delete Cached Update Binary] => C:\Windows\system32\cmd.exe /q /c del /q "C:\Program Files\Microsoft OneDrive\Update\OneDriveSetup.exe" (No File)
HKLM\...\RunOnce: [Delete Cached Standalone Update Binary] => C:\Windows\system32\cmd.exe /q /c del /q "C:\Program Files\Microsoft OneDrive\StandaloneUpdater\OneDriveSetup.exe" [66220968 2024-03-10] (Microsoft Corporation -> Microsoft Corporation)
HKU\S-1-5-21-4194677476-3627657768-3988829947-1001\...\Run: [OneDrive] => C:\Program Files\Microsoft OneDrive\OneDrive.exe [2598928 2024-03-10] (Microsoft Corporation -> Microsoft Corporation)
HKU\S-1-5-21-4194677476-3627657768-3988829947-1001\...\Run: [MicrosoftEdgeAutoLaunch_B14DBBE1EF03929244E921C90BE13BF3] => "C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --no-startup-window --win-session-start [4060608 2024-03-07] (Microsoft Corporation -> Microsoft Corporation)
HKU\S-1-5-21-4194677476-3627657768-3988829947-1001\...\Run: [AMDNoiseSuppression] => "C:\Windows\system32\AMD\ANR\AMDNoiseSuppression.exe" (No File)
HKU\S-1-5-21-4194677476-3627657768-3988829947-1001\...\Run: [com.squirrel.Teams.Teams] => C:\Users\Boss\AppData\Local\Microsoft\Teams\Update.exe [2613704 2024-03-10] (Microsoft Corporation -> Microsoft Corporation)
HKU\S-1-5-21-4194677476-3627657768-3988829947-1001\...\Run: [Steam] => C:\Program Files (x86)\Steam\steam.exe [4388712 2024-02-29] (Valve Corp. -> Valve Corporation)
HKU\S-1-5-21-4194677476-3627657768-3988829947-1001\...\MountPoints2: {560a23a1-0ce9-11ee-8d96-107b447c800e} - "F:\HiSuiteDownLoader.exe"
HKLM\Software\Microsoft\Active Setup\Installed Components: [{8A69D345-D564-463c-AFF1-A69D9E530F96}] -> C:\Program Files\Google\Chrome\Application\122.0.6261.112\Installer\chrmstp.exe [2024-03-10] (Google LLC -> Google LLC)
Startup: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Startup\ScpToolkit Tray Notifications.lnk [2023-11-16]
ShortcutTarget: ScpToolkit Tray Notifications.lnk -> C:\Program Files\Nefarius Software Solutions\ScpToolkit\ScpTrayApp.exe (Scarlet.Crush Productions) [File not signed]
GroupPolicy: Restriction ? <==== ATTENTION
Policies: C:\ProgramData\NTUSER.pol: Restriction <==== ATTENTION
HKLM\SOFTWARE\Policies\Mozilla\Firefox: Restriction <==== ATTENTION

==================== Scheduled Tasks (Whitelisted) =================

(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)

Task: {4A8F6895-275D-411C-8DE7-F2E4E1F6455B} - System32\Tasks\AMDInstallLauncher => C:\Program Files\AMD\CIM\Bin64\InstallManagerApp.exe [1024440 2023-05-12] (Advanced Micro Devices Inc. -> Advanced Micro Devices, Inc.)
Task: {0191411E-5E15-4461-AAA1-F78A6AA41DAC} - System32\Tasks\AMDLinkUpdate => C:\Program Files\AMD\CIM\Bin64\InstallManagerApp.exe [1024440 2023-05-12] (Advanced Micro Devices Inc. -> Advanced Micro Devices, Inc.)
Task: {D8D4AE93-6C2B-4AEC-8A70-CA52B75704E7} - System32\Tasks\GoogleUpdateTaskMachineCore{90BD869D-AEFD-4B37-97E2-E09EF29912CC} => C:\Program Files (x86)\Google\Update\GoogleUpdate.exe [162072 2023-05-23] (Google LLC -> Google LLC)
Task: {57D7A0C9-C9C3-415B-94BD-20C722858903} - System32\Tasks\GoogleUpdateTaskMachineUA{C8824E64-E38E-482D-98E3-556E7BDC451D} => C:\Program Files (x86)\Google\Update\GoogleUpdate.exe [162072 2023-05-23] (Google LLC -> Google LLC)
Task: {F47AA8C2-369F-48BF-A8B2-4805FCE6D29E} - System32\Tasks\Microsoft\Office\Office Automatic Updates 2.0 => C:\Program Files\Common Files\Microsoft Shared\ClickToRun\OfficeC2RClient.exe [28491856 2024-03-10] (Microsoft Corporation -> Microsoft Corporation)
Task: {9A418831-81E3-413B-B532-E16F0AEFA1B2} - System32\Tasks\Microsoft\Office\Office ClickToRun Service Monitor => C:\Program Files\Common Files\Microsoft Shared\ClickToRun\OfficeC2RClient.exe [28491856 2024-03-10] (Microsoft Corporation -> Microsoft Corporation)
Task: {E2F8FB0D-1AEF-44E1-AC68-4115778E6A4B} - System32\Tasks\Microsoft\Office\Office Feature Updates => C:\Program Files\Microsoft Office\root\Office16\sdxhelper.exe [309320 2024-03-10] (Microsoft Corporation -> Microsoft Corporation)
Task: {864F3A59-9063-4D91-9E83-6B60F4764706} - System32\Tasks\Microsoft\Office\Office Feature Updates Logon => C:\Program Files\Microsoft Office\root\Office16\sdxhelper.exe [309320 2024-03-10] (Microsoft Corporation -> Microsoft Corporation)
Task: {0C27CB30-0792-4BD1-85E9-424ADF68C7D9} - System32\Tasks\Microsoft\Office\Office Performance Monitor => C:\Program Files\Microsoft Office\root\VFS\ProgramFilesCommonX64\Microsoft Shared\Office16\operfmon.exe [170024 2024-03-10] (Microsoft Corporation -> Microsoft Corporation)
Task: {96EAC646-4CBC-47B5-9834-43DD7B8BCC3B} - System32\Tasks\Microsoft\Windows\Windows Defender\Windows Defender Cache Maintenance => C:\ProgramData\Microsoft\Windows Defender\Platform\4.18.24010.12-0\MpCmdRun.exe [1646000 2024-02-29] (Microsoft Windows Publisher -> Microsoft Corporation)
Task: {B90388C9-CF94-4650-892F-08CF0FF408BD} - System32\Tasks\Microsoft\Windows\Windows Defender\Windows Defender Cleanup => C:\ProgramData\Microsoft\Windows Defender\Platform\4.18.24010.12-0\MpCmdRun.exe [1646000 2024-02-29] (Microsoft Windows Publisher -> Microsoft Corporation)
Task: {5BD5AA28-D015-43EC-B115-7E89C43D922A} - System32\Tasks\Microsoft\Windows\Windows Defender\Windows Defender Scheduled Scan => C:\ProgramData\Microsoft\Windows Defender\Platform\4.18.24010.12-0\MpCmdRun.exe [1646000 2024-02-29] (Microsoft Windows Publisher -> Microsoft Corporation)
Task: {B6DED1D1-3AEB-4FD8-8CF7-6A577A66B9DB} - System32\Tasks\Microsoft\Windows\Windows Defender\Windows Defender Verification => C:\ProgramData\Microsoft\Windows Defender\Platform\4.18.24010.12-0\MpCmdRun.exe [1646000 2024-02-29] (Microsoft Windows Publisher -> Microsoft Corporation)
Task: {CB5C9A94-1D11-4198-B84D-717C42035532} - System32\Tasks\ModifyLinkUpdate => C:\Program Files\AMD\CIM\Bin64\InstallManagerApp.exe [1024440 2023-05-12] (Advanced Micro Devices Inc. -> Advanced Micro Devices, Inc.)
Task: {D02BC8F4-4DB1-4744-BB50-8E20F43811A3} - System32\Tasks\Mozilla\Firefox Background Update 308046B0AF4A39CB => C:\Program Files\Mozilla Firefox\firefox.exe [671136 2024-02-24] (Mozilla Corporation -> Mozilla Corporation) -> --MOZ_LOG sync,prependheader,timestamp,append,maxsize:1,Dump:5 --MOZ_LOG_FILE C:\ProgramData\Mozilla-1de4eec8-1241-4177-a864-e594e8d1fb38\updates\308046B0AF4A39CB\backgroundupdate.moz_log --backgroundtask backgroundupdate
Task: {563A8251-AD39-433F-A7C7-AC7C2AA1B402} - System32\Tasks\Mozilla\Firefox Default Browser Agent 308046B0AF4A39CB => C:\Program Files\Mozilla Firefox\default-browser-agent.exe [34720 2024-02-24] (Mozilla Corporation -> Mozilla Foundation)
Task: {20615B0A-257E-4FB6-9EF1-87BFEBACCBFE} - System32\Tasks\OneDrive Per-Machine Standalone Update Task => C:\Program Files\Microsoft OneDrive\OneDriveStandaloneUpdater.exe [4206512 2024-03-10] (Microsoft Corporation -> Microsoft Corporation)
Task: {D1100223-0CF2-4641-A2AB-7B402662D20F} - System32\Tasks\OneDrive Reporting Task-S-1-5-21-4194677476-3627657768-3988829947-1001 => C:\Program Files\Microsoft OneDrive\OneDriveStandaloneUpdater.exe [4206512 2024-03-10] (Microsoft Corporation -> Microsoft Corporation)
Task: {58A22B38-D1DD-451C-932F-4539AF07AC81} - System32\Tasks\Opera scheduled Autoupdate 1685954649 => C:\Users\Boss\AppData\Local\Programs\Opera\launcher.exe --scheduledautoupdate $(Arg0) (No File)
Task: {217A2C3A-2339-4A5C-84E7-76358C50F2FE} - System32\Tasks\Opera scheduled Autoupdate 1701959593 => C:\Users\Boss\AppData\Local\Programs\Opera\launcher.exe --scheduledautoupdate $(Arg0) (No File)
Task: {914A219D-7963-4543-9885-1F16CF4AF0BA} - System32\Tasks\StartCN => C:\Program Files\AMD\CNext\CNext\cncmd.exe [59832 2023-05-12] (Advanced Micro Devices Inc. -> Advanced Micro Devices, Inc.)
Task: {4EC054BD-ADF2-4CA5-A888-591C366F8B6F} - System32\Tasks\StartDVR => C:\Program Files\AMD\CNext\CNext\RSServCmd.exe [291768 2023-05-12] (Advanced Micro Devices Inc. -> Advanced Micro Devices, Inc.)
Task: {02776A18-1449-41A4-85BD-EA589F8FC419} - System32\Tasks\updater => C:\Program Files\Nefarius Software Solutions\ScpToolkit\ScpUpdater.exe [464384 2016-01-10] (Nefarius Software Solutions) [File not signed]

(If an entry is included in the fixlist, the task (.job) file will be moved. The file which is running by the task will not be moved.)

Task: C:\Windows\Tasks\CreateExplorerShellUnelevatedTask.job => C:\Windows\explorer.exe

==================== Internet (Whitelisted) ====================

(If an item is included in the fixlist, if it is a registry item it will be removed or restored to default.)

Tcpip\Parameters: [DhcpNameServer] 192.168.2.1
Tcpip\..\Interfaces\{2c1f5d8d-c472-4be5-bf65-1aa1ea30054c}: [DhcpNameServer] 192.168.2.1

Edge:
=======
Edge DefaultProfile: Default
Edge Profile: C:\Users\Boss\AppData\Local\Microsoft\Edge\User Data\Default [2024-02-27]
Edge Extension: (Dokumenty Google offline) - C:\Users\Boss\AppData\Local\Microsoft\Edge\User Data\Default\Extensions\ghbmnnjooekpmoecnnnilnnbdlolhkhi [2023-09-09]
Edge Extension: (Edge relevant text changes) - C:\Users\Boss\AppData\Local\Microsoft\Edge\User Data\Default\Extensions\jmjflgjpcpepeafmmgdpfkogkghcpiha [2024-02-24]

FireFox:
========
FF DefaultProfile: 5og8wrwc.default
FF ProfilePath: C:\Users\Boss\AppData\Roaming\Mozilla\Firefox\Profiles\5og8wrwc.default [2023-09-10]
FF ProfilePath: C:\Users\Boss\AppData\Roaming\Mozilla\Firefox\Profiles\wl6337xl.default-release [2024-02-06]
FF Plugin: @microsoft.com/SharePoint,version=14.0 -> C:\Program Files\Microsoft Office\root\Office16\NPSPWRAP.DLL [2024-02-05] (Microsoft Corporation -> Microsoft Corporation)
FF Plugin: @videolan.org/vlc,version=3.0.18 -> C:\Program Files\VideoLAN\VLC\npvlc.dll [2023-10-30] (VideoLAN -> VideoLAN)
FF Plugin: @videolan.org/vlc,version=3.0.20 -> C:\Program Files\VideoLAN\VLC\npvlc.dll [2023-10-30] (VideoLAN -> VideoLAN)
FF Plugin-x32: @java.com/DTPlugin,version=11.371.2 -> C:\Program Files (x86)\Java\jre-1.8\bin\dtplugin\npDeployJava1.dll [2023-03-17] (Oracle America, Inc. -> Oracle Corporation)
FF Plugin-x32: @java.com/JavaPlugin,version=11.371.2 -> C:\Program Files (x86)\Java\jre-1.8\bin\plugin2\npjp2.dll [2023-03-17] (Oracle America, Inc. -> Oracle Corporation)
FF Plugin-x32: @microsoft.com/SharePoint,version=14.0 -> C:\Program Files\Microsoft Office\root\VFS\ProgramFilesX86\Microsoft Office\Office16\NPSPWRAP.DLL [2024-02-05] (Microsoft Corporation -> Microsoft Corporation)

Chrome:
=======
CHR DefaultProfile: Default
CHR Profile: C:\Users\Boss\AppData\Local\Google\Chrome\User Data\Default [2024-03-10]
CHR Notifications: Default -> hxxps://mail.google.com; hxxps://www.filehorse.com; hxxps://www.youtube.com
CHR Session Restore: Default -> is enabled.
CHR Extension: (Dokumenty Google offline) - C:\Users\Boss\AppData\Local\Google\Chrome\User Data\Default\Extensions\ghbmnnjooekpmoecnnnilnnbdlolhkhi [2024-02-27]
CHR Extension: (Platby Internetového obchodu Chrome) - C:\Users\Boss\AppData\Local\Google\Chrome\User Data\Default\Extensions\nmmhkkegccagdldgiimedpiccmgmieda [2023-05-23]
CHR Profile: C:\Users\Boss\AppData\Local\Google\Chrome\User Data\Guest Profile [2024-01-27]
CHR Profile: C:\Users\Boss\AppData\Local\Google\Chrome\User Data\Profile 1 [2024-03-10]
CHR Extension: (Dokumenty Google offline) - C:\Users\Boss\AppData\Local\Google\Chrome\User Data\Profile 1\Extensions\ghbmnnjooekpmoecnnnilnnbdlolhkhi [2024-03-10]
CHR Extension: (Platby Internetového obchodu Chrome) - C:\Users\Boss\AppData\Local\Google\Chrome\User Data\Profile 1\Extensions\nmmhkkegccagdldgiimedpiccmgmieda [2023-09-16]
CHR Profile: C:\Users\Boss\AppData\Local\Google\Chrome\User Data\Profile 2 [2024-02-27]
CHR Extension: (Dokumenty Google offline) - C:\Users\Boss\AppData\Local\Google\Chrome\User Data\Profile 2\Extensions\ghbmnnjooekpmoecnnnilnnbdlolhkhi [2024-02-27]
CHR Extension: (Platby Internetového obchodu Chrome) - C:\Users\Boss\AppData\Local\Google\Chrome\User Data\Profile 2\Extensions\nmmhkkegccagdldgiimedpiccmgmieda [2023-10-13]
CHR Profile: C:\Users\Boss\AppData\Local\Google\Chrome\User Data\System Profile [2024-03-10]

Opera:
=======
OPR DefaultProfile: Default

==================== Services (Whitelisted) ===================

(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)

R2 ClickToRunSvc; C:\Program Files\Common Files\Microsoft Shared\ClickToRun\OfficeClickToRun.exe [14097992 2024-03-10] (Microsoft Corporation -> Microsoft Corporation)
R2 Ds3Service; C:\Program Files\Nefarius Software Solutions\ScpToolkit\ScpService.exe [389632 2016-01-10] (Scarlet.Crush Productions) [File not signed] [File is in use] <==== ATTENTION
S3 FileSyncHelper; C:\Program Files\Microsoft OneDrive\24.025.0204.0003\FileSyncHelper.exe [3516848 2024-03-10] (Microsoft Corporation -> Microsoft Corporation)
R2 MDM; C:\Program Files (x86)\Common Files\Microsoft Shared\VS7DEBUG\mdm.exe [335872 2006-10-26] (Microsoft Corporation) [File not signed]
S3 OneDrive Updater Service; C:\Program Files\Microsoft OneDrive\24.025.0204.0003\OneDriveUpdaterService.exe [3853744 2024-03-10] (Microsoft Corporation -> Microsoft Corporation)
S3 Sense; C:\Program Files\Windows Defender Advanced Threat Protection\MsSense.exe [534472 2023-12-15] (Microsoft Windows Publisher -> Microsoft Corporation)
S3 updater; C:\Program Files\Nefarius Software Solutions\ScpToolkit\ScpUpdater.exe [464384 2016-01-10] (Nefarius Software Solutions) [File not signed]
R3 WdNisSvc; C:\ProgramData\Microsoft\Windows Defender\Platform\4.18.24010.12-0\NisSrv.exe [3191256 2024-02-29] (Microsoft Windows Publisher -> Microsoft Corporation)
R2 WinDefend; C:\ProgramData\Microsoft\Windows Defender\Platform\4.18.24010.12-0\MsMpEng.exe [133576 2024-02-29] (Microsoft Windows Publisher -> Microsoft Corporation)

===================== Drivers (Whitelisted) ===================

(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)

R3 amdfendrmgr; C:\Windows\System32\drivers\amdfendrmgr.sys [25560 2023-04-12] (Microsoft Windows Hardware Compatibility Publisher -> Advanced Micro Devices, Inc.)
R3 AMDSAFD; C:\Windows\System32\DriverStore\FileRepository\amdsafd.inf_amd64_1a1a381a2c0e293c\amdsafd.sys [113056 2022-08-25] (Advanced Micro Devices Inc. -> Advanced Micro Devices)
R3 AmdTools64; C:\Windows\System32\drivers\AmdTools64.sys [77240 2022-07-18] (Advanced Micro Devices Inc. -> AMD)
R3 amdwddmg; C:\Windows\System32\DriverStore\FileRepository\u0392064.inf_amd64_f5afb73c644105f0\B392017\amdkmdag.sys [100296072 2023-05-23] (Advanced Micro Devices Inc. -> Advanced Micro Devices, Inc.)
R3 AMDXE; C:\Windows\System32\drivers\amdxe.sys [59920 2022-05-31] (Advanced Micro Devices Inc. -> Advanced Micro Devices, Inc.)
S3 libusbK; C:\Windows\System32\drivers\libusbK.sys [47200 2023-11-16] (Travis Lee Robinson -> hxxp://libusb-win32.sourceforge.net)
R3 MTsensor; C:\Windows\system32\DRIVERS\ASACPI.sys [17280 2023-05-23] (ASUSTeK Computer Inc. -> )
R3 ScpVBus; C:\Windows\System32\drivers\ScpVBus.sys [39168 2013-05-19] (Bruce James -> Scarlet.Crush Productions)
S0 WdBoot; C:\Windows\System32\drivers\wd\WdBoot.sys [21040 2024-02-29] (Microsoft Windows Early Launch Anti-malware Publisher -> Microsoft Corporation)
R0 WdFilter; C:\Windows\System32\drivers\wd\WdFilter.sys [608648 2024-02-29] (Microsoft Windows -> Microsoft Corporation)
R3 WdNisDrv; C:\Windows\System32\drivers\wd\WdNisDrv.sys [105752 2024-02-29] (Microsoft Windows -> Microsoft Corporation)
S4 NVHDA; \SystemRoot\system32\drivers\nvhda64v.sys [X]

==================== NetSvcs (Whitelisted) ===================

(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)


==================== One month (created) (Whitelisted) =========

(If an entry is included in the fixlist, the file/folder will be moved.)

2024-03-10 18:19 - 2024-03-10 18:20 - 000021465 _____ C:\Users\Boss\Desktop\FRST.txt
2024-03-10 18:17 - 2024-03-10 18:19 - 000000000 ____D C:\FRST
2024-03-10 18:15 - 2024-03-10 18:15 - 002390016 _____ (Farbar) C:\Users\Boss\Desktop\FRST64.exe
2024-03-10 17:40 - 2024-03-10 17:40 - 000000000 ____D C:\Program Files\Common Files\DESIGNER
2024-02-24 22:04 - 2024-02-24 23:37 - 000000000 ____D C:\Users\Boss\Desktop\Chlapec
2024-02-24 16:43 - 2024-02-24 16:53 - 000000000 ____D C:\Users\Boss\AppData\Roaming\Microsoft\PowerPoint
2024-02-16 21:11 - 2024-02-16 21:11 - 000019697 _____ C:\Windows\SysWOW64\IntegratedServicesRegionPolicySet.json
2024-02-16 21:10 - 2024-02-16 21:10 - 000019697 _____ C:\Windows\system32\IntegratedServicesRegionPolicySet.json
2024-02-16 21:01 - 2024-02-16 21:01 - 000000000 ___HD C:\$WinREAgent

==================== One month (modified) ==================

(If an entry is included in the fixlist, the file/folder will be moved.)

2024-03-10 18:16 - 2023-05-23 13:03 - 000000000 ____D C:\Program Files (x86)\Google
2024-03-10 18:16 - 2022-09-08 04:11 - 000000000 ____D C:\Windows\SystemTemp
2024-03-10 18:12 - 2021-05-22 23:09 - 000000000 ____D C:\Windows\system32\SleepStudy
2024-03-10 18:08 - 2023-12-28 19:04 - 000000000 ____D C:\Program Files (x86)\Steam
2024-03-10 17:53 - 2019-12-07 10:14 - 000000000 ___HD C:\Program Files\WindowsApps
2024-03-10 17:53 - 2019-12-07 10:14 - 000000000 ____D C:\Windows\AppReadiness
2024-03-10 17:52 - 2019-12-07 10:14 - 000000000 ____D C:\ProgramData\regid.1991-06.com.microsoft
2024-03-10 17:45 - 2023-05-23 13:02 - 000000000 ____D C:\Users\Boss\AppData\Local\D3DSCache
2024-03-10 17:43 - 2023-10-30 20:23 - 000002398 _____ C:\Users\Boss\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Microsoft Teams classic.lnk
2024-03-10 17:43 - 2023-10-30 20:22 - 000000000 ____D C:\Users\Boss\AppData\Roaming\Microsoft\Teams
2024-03-10 17:43 - 2023-10-30 20:22 - 000000000 ____D C:\Users\Boss\AppData\Local\SquirrelTemp
2024-03-10 17:40 - 2023-12-17 18:06 - 000000000 ____D C:\Program Files\Microsoft Office
2024-03-10 17:34 - 2021-05-22 23:09 - 000002436 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Microsoft Edge.lnk
2024-03-10 17:31 - 2023-05-23 12:53 - 000000000 ____D C:\Users\Boss\AppData\Local\AMD_Common
2024-03-10 17:28 - 2023-12-18 20:05 - 000000000 ____D C:\Program Files\Microsoft OneDrive
2024-03-10 17:28 - 2023-12-17 17:55 - 000003194 _____ C:\Windows\system32\Tasks\OneDrive Per-Machine Standalone Update Task
2024-03-10 17:28 - 2023-12-17 17:55 - 000002130 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Programs\OneDrive.lnk
2024-03-10 17:28 - 2023-05-23 12:47 - 000003596 _____ C:\Windows\system32\Tasks\OneDrive Reporting Task-S-1-5-21-4194677476-3627657768-3988829947-1001
2024-03-10 17:28 - 2021-05-22 23:09 - 000003640 _____ C:\Windows\system32\Tasks\MicrosoftEdgeUpdateTaskMachineUA
2024-03-10 17:28 - 2021-05-22 23:09 - 000003516 _____ C:\Windows\system32\Tasks\MicrosoftEdgeUpdateTaskMachineCore
2024-03-10 17:27 - 2023-05-23 13:04 - 000002247 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Google Chrome.lnk
2024-03-10 17:27 - 2023-05-23 13:04 - 000002206 _____ C:\Users\Public\Desktop\Google Chrome.lnk
2024-03-10 17:25 - 2023-06-05 09:11 - 000003096 _____ C:\Windows\system32\Tasks\AMDInstallLauncher
2024-03-10 17:25 - 2023-06-05 09:11 - 000003088 _____ C:\Windows\system32\Tasks\AMDLinkUpdate
2024-02-29 20:52 - 2023-05-23 13:07 - 000000000 ____D C:\Users\Boss\AppData\Local\ClassicShell
2024-02-29 18:09 - 2021-05-22 23:09 - 000000000 ____D C:\Windows\system32\Drivers\wd
2024-02-27 17:02 - 2023-06-05 09:34 - 000000000 ____D C:\Users\Boss\AppData\Roaming\Microsoft\Word
2024-02-27 17:02 - 2023-06-05 09:34 - 000000000 ____D C:\Users\Boss\AppData\Roaming\Microsoft\Excel
2024-02-27 16:50 - 2023-09-16 18:09 - 000000000 ____D C:\Users\Boss\AppData\Local\CrashDumps
2024-02-25 22:39 - 2023-05-23 12:49 - 001605602 _____ C:\Windows\system32\PerfStringBackup.INI
2024-02-25 22:39 - 2019-12-07 15:43 - 000682184 _____ C:\Windows\system32\perfh005.dat
2024-02-25 22:39 - 2019-12-07 15:43 - 000137000 _____ C:\Windows\system32\perfc005.dat
2024-02-25 22:39 - 2019-12-07 10:13 - 000000000 ____D C:\Windows\INF
2024-02-25 14:12 - 2024-01-13 17:40 - 000000000 ____D C:\Program Files\Mozilla Firefox
2024-02-25 14:12 - 2023-09-09 13:16 - 000000000 ____D C:\Program Files (x86)\Mozilla Maintenance Service
2024-02-25 14:12 - 2021-05-22 23:09 - 000454096 _____ C:\Windows\system32\FNTCACHE.DAT
2024-02-25 14:12 - 2021-05-22 23:09 - 000008192 ___SH C:\DumpStack.log.tmp
2024-02-25 14:12 - 2021-05-22 23:09 - 000000006 ____H C:\Windows\Tasks\SA.DAT
2024-02-25 00:31 - 2023-05-23 12:57 - 000065536 _____ C:\Windows\system32\spu_storage.bin
2024-02-25 00:31 - 2019-12-07 10:03 - 000262144 _____ C:\Windows\system32\config\BBI
2024-02-25 00:30 - 2019-12-07 15:47 - 000000000 ___SD C:\Windows\system32\AppV
2024-02-25 00:30 - 2019-12-07 10:14 - 000000000 ___RD C:\Windows\ImmersiveControlPanel
2024-02-25 00:30 - 2019-12-07 10:14 - 000000000 ____D C:\Windows\SysWOW64\WinMetadata
2024-02-25 00:30 - 2019-12-07 10:14 - 000000000 ____D C:\Windows\SysWOW64\setup
2024-02-25 00:30 - 2019-12-07 10:14 - 000000000 ____D C:\Windows\SystemResources
2024-02-25 00:30 - 2019-12-07 10:14 - 000000000 ____D C:\Windows\system32\WinMetadata
2024-02-25 00:30 - 2019-12-07 10:14 - 000000000 ____D C:\Windows\system32\setup
2024-02-25 00:30 - 2019-12-07 10:14 - 000000000 ____D C:\Windows\system32\SecureBootUpdates
2024-02-25 00:30 - 2019-12-07 10:14 - 000000000 ____D C:\Windows\system32\oobe
2024-02-25 00:30 - 2019-12-07 10:14 - 000000000 ____D C:\Windows\system32\migwiz
2024-02-25 00:30 - 2019-12-07 10:14 - 000000000 ____D C:\Windows\system32\appraiser
2024-02-25 00:30 - 2019-12-07 10:14 - 000000000 ____D C:\Windows\ShellComponents
2024-02-25 00:30 - 2019-12-07 10:14 - 000000000 ____D C:\Windows\bcastdvr
2024-02-24 15:20 - 2023-09-10 12:20 - 000001005 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Firefox.lnk
2024-02-16 21:16 - 2019-12-07 10:03 - 000000000 ____D C:\Windows\CbsTemp
2024-02-16 21:10 - 2021-05-22 23:13 - 003016192 _____ (Microsoft Corporation) C:\Windows\SysWOW64\PrintConfig.dll
2024-02-16 21:00 - 2023-05-23 13:01 - 000000000 ____D C:\Windows\system32\MRT
2024-02-16 20:58 - 2023-05-23 13:00 - 191155960 ____C (Microsoft Corporation) C:\Windows\system32\MRT.exe
2024-02-16 20:23 - 2019-12-07 10:03 - 000032768 _____ C:\Windows\system32\config\ELAM
2024-02-11 16:16 - 2021-05-22 23:12 - 000000000 ____D C:\Users\Boss\AppData\Local\Packages

==================== Files in the root of some directories ========

2023-11-15 16:58 - 2023-11-15 16:58 - 010571443 _____ () C:\Program Files (x86)\SCP-DS-Driver-Package-1.2.0.160.7z
2023-06-02 10:04 - 2023-06-02 10:04 - 000000001 _____ () C:\Users\Boss\AppData\Local\llftool.4.40.agreement

==================== SigCheck ============================

(There is no automatic fix for files that do not pass verification.)

==================== End of FRST.txt ========================
Nahoru
jasanek
Návštěvník
Návštěvník
Příspěvky: 144
Registrován: 04 zář 2006 14:43

Re: Samovolný pohyb myši a samovolné otvírání prohlížeče

#2 Příspěvek od jasanek »

Additional scan result of Farbar Recovery Scan Tool (x64) Version: 10.03.2024
Ran by Boss (10-03-2024 18:20:59)
Running from C:\Users\Boss\Desktop
Microsoft Windows 10 Pro Version 22H2 19045.4046 (X64) (2021-05-22 22:11:45)
Boot Mode: Normal
==========================================================


==================== Accounts: =============================


(If an entry is included in the fixlist, it will be removed.)

Administrator (S-1-5-21-4194677476-3627657768-3988829947-500 - Administrator - Disabled)
Boss (S-1-5-21-4194677476-3627657768-3988829947-1001 - Administrator - Enabled) => C:\Users\Boss
DefaultAccount (S-1-5-21-4194677476-3627657768-3988829947-503 - Limited - Disabled)
Guest (S-1-5-21-4194677476-3627657768-3988829947-501 - Limited - Enabled)
WDAGUtilityAccount (S-1-5-21-4194677476-3627657768-3988829947-504 - Limited - Disabled)

==================== Security Center ========================

(If an entry is included in the fixlist, it will be removed.)

AV: Windows Defender (Enabled - Up to date) {D68DDC3A-831F-4fae-9E44-DA132C1ACF46}

==================== Installed Programs ======================

(Only the adware programs with "Hidden" flag could be added to the fixlist to unhide them. The adware programs should be uninstalled manually.)

AMD Chipset Software (HKLM-x32\...\AMD_Chipset_IODrivers) (Version: 5.05.16.529 - Advanced Micro Devices, Inc.)
AMD SBxxx SMBus Driver (HKLM-x32\...\{AAE0E27D-C88A-49BA-8715-77ADCD4286A3}) (Version: 5.12.0.38 - Advanced Micro Devices, Inc.) Hidden
AMD Software (HKLM\...\AMD Catalyst Install Manager) (Version: 23.5.1 - Advanced Micro Devices, Inc.)
AMD_Chipset_Drivers (HKLM-x32\...\{fa489a41-09bb-480e-95ff-0856f05112eb}) (Version: 5.05.16.529 - Advanced Micro Devices, Inc.) Hidden
Bandizip (HKLM\...\Bandizip) (Version: 7.30 - Bandisoft.com)
Branding64 (HKLM\...\{2A677A6A-43E8-4FE3-A273-07B0E27DADAE}) (Version: 1.00.0008 - Advanced Micro Devices, Inc.) Hidden
Classic Shell (HKLM\...\{CABCE573-0A86-42FA-A52A-C7EA61D5BE08}) (Version: 4.3.1 - IvoSoft)
CPUID CPU-Z 2.05 (HKLM\...\CPUID CPU-Z_is1) (Version: 2.05 - CPUID, Inc.)
Crash Bandicoot N Sane Trilogy (HKLM-x32\...\Crash Bandicoot N Sane Trilogy_is1) (Version: - )
Geeks3D FurMark 1.34.0.0 (HKLM-x32\...\{2397CAD4-2263-4CD0-96BE-E43A980B9C9A}_is1) (Version: 1.34.0.0 - Geeks3D)
Google Chrome (HKLM-x32\...\Google Chrome) (Version: 122.0.6261.112 - Google LLC)
Hard Disk Low Level Format Tool 4.40 (HKLM-x32\...\Hard Disk Low Level Format Tool_is1) (Version: - HDDGURU)
Java 8 Update 371 (HKLM-x32\...\{71124AE4-039E-4CA4-87B4-2F32180371F0}) (Version: 8.0.3710.11 - Oracle Corporation)
Microsoft Edge (HKLM-x32\...\Microsoft Edge) (Version: 122.0.2365.80 - Microsoft Corporation)
Microsoft Edge WebView2 Runtime (HKLM-x32\...\Microsoft EdgeWebView) (Version: 122.0.2365.80 - Microsoft Corporation)
Microsoft Office Professional Plus 2021 - cs-cz (HKLM\...\ProPlus2021Retail - cs-cz) (Version: 16.0.17328.20162 - Microsoft Corporation)
Microsoft OneDrive (HKLM\...\OneDriveSetup.exe) (Version: 24.025.0204.0003 - Microsoft Corporation)
Microsoft OneDrive (HKU\.DEFAULT\...\OneDriveSetup.exe) (Version: 18.151.0729.0013 - Microsoft Corporation)
Microsoft Teams classic (HKU\S-1-5-21-4194677476-3627657768-3988829947-1001\...\Teams) (Version: 1.7.00.6058 - Microsoft Corporation)
Microsoft Teams Meeting Add-in for Microsoft Office (HKLM\...\{A7AB73A3-CB10-4AA5-9D38-6AEFFBDE4C91}) (Version: 1.23.35502 - Microsoft)
Microsoft Update Health Tools (HKLM\...\{1FC1A6C2-576E-489A-9B4A-92D21F542136}) (Version: 3.74.0.0 - Microsoft Corporation)
Microsoft Visual C++ 2005 Redistributable (HKLM-x32\...\{710f4c1c-cc18-4c49-8cbf-51240c89a1a2}) (Version: 8.0.61001 - Microsoft Corporation)
Microsoft Visual C++ 2005 Redistributable (x64) (HKLM\...\{ad8a2fa1-06e7-4b0d-927d-6e54b3d31028}) (Version: 8.0.61000 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x64 9.0.30729.6161 (HKLM\...\{5FCE6D76-F5DC-37AB-B2B8-22AB8CEDB1D4}) (Version: 9.0.30729.6161 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.6161 (HKLM-x32\...\{9BE518E6-ECC6-35A9-88E4-87755C07200F}) (Version: 9.0.30729.6161 - Microsoft Corporation)
Microsoft Visual C++ 2010 x64 Redistributable - 10.0.40219 (HKLM\...\{1D8E6291-B0D5-35EC-8441-6616F567A0F7}) (Version: 10.0.40219 - Microsoft Corporation)
Microsoft Visual C++ 2010 x86 Redistributable - 10.0.40219 (HKLM-x32\...\{F0C3E5D1-1ADE-321E-8167-68EF0DE699A5}) (Version: 10.0.40219 - Microsoft Corporation)
Microsoft Visual C++ 2012 Redistributable (x64) - 11.0.61030 (HKLM-x32\...\{ca67548a-5ebe-413a-b50c-4b9ceb6d66c6}) (Version: 11.0.61030.0 - Microsoft Corporation)
Microsoft Visual C++ 2012 Redistributable (x86) - 11.0.61030 (HKLM-x32\...\{33d1fd90-4274-48a1-9bc1-97e33d9c2d6f}) (Version: 11.0.61030.0 - Microsoft Corporation)
Microsoft Visual C++ 2012 x64 Additional Runtime - 11.0.61030 (HKLM\...\{37B8F9C7-03FB-3253-8781-2517C99D7C00}) (Version: 11.0.61030 - Microsoft Corporation) Hidden
Microsoft Visual C++ 2012 x64 Minimum Runtime - 11.0.61030 (HKLM\...\{CF2BEA3C-26EA-32F8-AA9B-331F7E34BA97}) (Version: 11.0.61030 - Microsoft Corporation) Hidden
Microsoft Visual C++ 2012 x86 Additional Runtime - 11.0.61030 (HKLM-x32\...\{B175520C-86A2-35A7-8619-86DC379688B9}) (Version: 11.0.61030 - Microsoft Corporation) Hidden
Microsoft Visual C++ 2012 x86 Minimum Runtime - 11.0.61030 (HKLM-x32\...\{BD95A8CD-1D9F-35AD-981A-3E7925026EBB}) (Version: 11.0.61030 - Microsoft Corporation) Hidden
Microsoft Visual C++ 2013 Redistributable (x64) - 12.0.40664 (HKLM-x32\...\{042d26ef-3dbe-4c25-95d3-4c1b11b235a7}) (Version: 12.0.40664.0 - Microsoft Corporation)
Microsoft Visual C++ 2013 Redistributable (x86) - 12.0.40664 (HKLM-x32\...\{9dff3540-fc85-4ed5-ac84-9e3c7fd8bece}) (Version: 12.0.40664.0 - Microsoft Corporation)
Microsoft Visual C++ 2013 x64 Additional Runtime - 12.0.40664 (HKLM\...\{010792BA-551A-3AC0-A7EF-0FAB4156C382}) (Version: 12.0.40664 - Microsoft Corporation) Hidden
Microsoft Visual C++ 2013 x64 Minimum Runtime - 12.0.40664 (HKLM\...\{53CF6934-A98D-3D84-9146-FC4EDF3D5641}) (Version: 12.0.40664 - Microsoft Corporation) Hidden
Microsoft Visual C++ 2013 x86 Additional Runtime - 12.0.40664 (HKLM-x32\...\{D401961D-3A20-3AC7-943B-6139D5BD490A}) (Version: 12.0.40664 - Microsoft Corporation) Hidden
Microsoft Visual C++ 2013 x86 Minimum Runtime - 12.0.40664 (HKLM-x32\...\{8122DAB1-ED4D-3676-BB0A-CA368196543E}) (Version: 12.0.40664 - Microsoft Corporation) Hidden
Microsoft Visual C++ 2015-2022 Redistributable (x64) - 14.34.31931 (HKLM-x32\...\{d4cecf3b-b68f-4995-8840-52ea0fab646e}) (Version: 14.34.31931.0 - Microsoft Corporation)
Microsoft Visual C++ 2015-2022 Redistributable (x86) - 14.34.31931 (HKLM-x32\...\{6ba9fb5e-8366-4cc4-bf65-25fe9819b2fc}) (Version: 14.34.31931.0 - Microsoft Corporation)
Microsoft Visual C++ 2022 X64 Additional Runtime - 14.34.31931 (HKLM\...\{EAE242B1-0A26-485A-BFEB-0292EE9F03CB}) (Version: 14.34.31931 - Microsoft Corporation) Hidden
Microsoft Visual C++ 2022 X64 Minimum Runtime - 14.34.31931 (HKLM\...\{CF4C347D-954E-4543-88D2-EC17F07F466F}) (Version: 14.34.31931 - Microsoft Corporation) Hidden
Microsoft Visual C++ 2022 X86 Additional Runtime - 14.34.31931 (HKLM-x32\...\{C2662EFF-06E6-4FD1-9D6D-FDCA91025757}) (Version: 14.34.31931 - Microsoft Corporation) Hidden
Microsoft Visual C++ 2022 X86 Minimum Runtime - 14.34.31931 (HKLM-x32\...\{AB1BDF73-7393-42CE-812D-9A90918814D5}) (Version: 14.34.31931 - Microsoft Corporation) Hidden
Minecraft - ElAmigos verze 1.17.1 (HKLM-x32\...\{64E20254-DB52-4EC0-97E4-93B7C7B2DEDA}_is1) (Version: 1.17.1 - Mojang)
Mozilla Firefox (x64 cs) (HKLM\...\Mozilla Firefox 122.0.1 (x64 cs)) (Version: 122.0.1 - Mozilla)
Mozilla Maintenance Service (HKLM\...\MozillaMaintenanceService) (Version: 117.0 - Mozilla)
Mozilla Thunderbird (x64 cs) (HKLM\...\Mozilla Thunderbird 115.6.1 (x64 cs)) (Version: 115.6.1 - Mozilla)
NVIDIA PhysX (HKLM-x32\...\{3F5C371F-8EA2-4F25-9D3D-D0B4526E3AEA}) (Version: 9.10.0513 - NVIDIA Corporation)
Office 16 Click-to-Run Extensibility Component (HKLM\...\{90160000-008C-0000-1000-0000000FF1CE}) (Version: 16.0.17328.20142 - Microsoft Corporation) Hidden
Office 16 Click-to-Run Licensing Component (HKLM\...\{90160000-007E-0000-1000-0000000FF1CE}) (Version: 16.0.17328.20108 - Microsoft Corporation) Hidden
Restaurace Medvěda Míši (HKLM-x32\...\Restaurace Medvěda Míši) (Version: - )
Roblox Player for Boss (HKU\S-1-5-21-4194677476-3627657768-3988829947-1001\...\roblox-player) (Version: - Roblox Corporation)
ScpToolkit (HKLM\...\{AC052048-9828-45E3-872B-04CE30A3B58B}) (Version: 1.6.238.16010 - Nefarius Software Solutions)
Steam (HKLM-x32\...\Steam) (Version: 2.10.91.91 - Valve Corporation)
Teams Machine-Wide Installer (HKLM-x32\...\{731F6BAA-A986-45A4-8936-7C3AAAAA760B}) (Version: 1.5.0.30767 - Microsoft Corporation)
TechPowerUp GPU-Z (HKLM-x32\...\{8B0F211E-5846-4FB2-B0B9-4EB31546FDF9}}_is1) (Version: 2.53.0 - TechPowerUp)
The Sims 4 Dream Home Decorator (HKLM-x32\...\The Sims 4 Dream Home Decorator_is1) (Version: - )
Total Commander 64-bit (Remove or Repair) (HKLM\...\Totalcmd64) (Version: 10.52 - Ghisler Software GmbH)
Update for Windows 10 for x64-based Systems (KB5001716) (HKLM\...\{7B63012A-4AC6-40C6-B6AF-B24A84359DD5}) (Version: 8.93.0.0 - Microsoft Corporation)
VLC media player (HKLM\...\VLC media player) (Version: 3.0.20 - VideoLAN)

Chrome apps:
============
Disk Google (HKU\S-1-5-21-4194677476-3627657768-3988829947-1001\...\14040518e68da604e0144e2394ec3629) (Version: 1.0 - Google\Chrome)
Dokumenty (HKU\S-1-5-21-4194677476-3627657768-3988829947-1001\...\5604d365b698317cfe78bd7252ba23a9) (Version: 1.0 - Google\Chrome)
Gmail (HKU\S-1-5-21-4194677476-3627657768-3988829947-1001\...\0f4b2c1235e193c7b4070d2c1e994383) (Version: 1.0 - Google\Chrome)
Prezentace (HKU\S-1-5-21-4194677476-3627657768-3988829947-1001\...\734fd7ca719aac2d9dc9726cb395a5f1) (Version: 1.0 - Google\Chrome)
Tabulky (HKU\S-1-5-21-4194677476-3627657768-3988829947-1001\...\4d170e5c6f7baaf9d052d1ec2a07f6ab) (Version: 1.0 - Google\Chrome)
YouTube (HKU\S-1-5-21-4194677476-3627657768-3988829947-1001\...\a6cf77c1e8f5d0232d8f60134c0adbdb) (Version: 1.0 - Google\Chrome)

Packages:
=========

Doplněk multimediálního modulu pro aplikaci Fotografie -> C:\Program Files\WindowsApps\Microsoft.Photos.MediaEngineDLC_1.0.0.0_x64__8wekyb3d8bbwe [2023-07-17] (Microsoft Corporation)
Microsoft Teams (work or school) -> C:\Program Files\WindowsApps\MSTeams_24004.1309.2689.2246_x64__8wekyb3d8bbwe [2024-03-10] (Microsoft) [Startup Task]
NVIDIA Control Panel -> C:\Program Files\WindowsApps\NVIDIACorp.NVIDIAControlPanel_8.1.964.0_x64__56jybvy8sckqj [2023-06-01] (NVIDIA Corp.)
Solitaire & Casual Games -> C:\Program Files\WindowsApps\Microsoft.MicrosoftSolitaireCollection_4.19.1262.0_x64__8wekyb3d8bbwe [2024-02-06] (Microsoft Studios) [MS Ad]
TenBrowser -> C:\Program Files\WindowsApps\63685TenBrowser.TenBrowser_1.7.78.0_neutral__q4wt7ke8hpbsc [2023-11-09] (TenBrowser) [Startup Task]
Windows Package Manager Source (platform) -> C:\Program Files\WindowsApps\Microsoft.Winget.Platform.Source_2023.516.1956.874_neutral__8wekyb3d8bbwe [2023-10-30] (Microsoft Corporation)

==================== Custom CLSID (Whitelisted): ==============

(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)

CustomCLSID: HKU\S-1-5-21-4194677476-3627657768-3988829947-1001_Classes\CLSID\{19A6E644-14E6-4A60-B8D7-DD20610A871D}\InprocServer32 -> C:\Users\Boss\AppData\Local\Microsoft\TeamsMeetingAddin\1.0.24022.3\x64\Microsoft.Teams.AddinLoader.dll (Microsoft Corporation -> Microsoft Corporation)
CustomCLSID: HKU\S-1-5-21-4194677476-3627657768-3988829947-1001_Classes\CLSID\{5B69A6B4-393B-459C-8EBB-214237A9E7AC}\InprocServer32 -> C:\Program Files\Bandizip\bdzshl.x64.dll (Bandisoft -> Bandisoft International Inc.)
CustomCLSID: HKU\S-1-5-21-4194677476-3627657768-3988829947-1001_Classes\CLSID\{d1b22d3d-8585-53a6-acb3-0e803c7e8d2a}\localserver32 -> C:\Users\Boss\AppData\Local\Microsoft\Teams\current\Teams.exe (Microsoft Corporation -> Microsoft Corporation)
ShellIconOverlayIdentifiers: [ OneDrive1] -> {BBACC218-34EA-4666-9D7A-C78F2274A524} => C:\Program Files\Microsoft OneDrive\24.025.0204.0003\FileSyncShell64.dll [2024-03-10] (Microsoft Corporation -> Microsoft Corporation)
ShellIconOverlayIdentifiers: [ OneDrive2] -> {5AB7172C-9C11-405C-8DD5-AF20F3606282} => C:\Program Files\Microsoft OneDrive\24.025.0204.0003\FileSyncShell64.dll [2024-03-10] (Microsoft Corporation -> Microsoft Corporation)
ShellIconOverlayIdentifiers: [ OneDrive3] -> {A78ED123-AB77-406B-9962-2A5D9D2F7F30} => C:\Program Files\Microsoft OneDrive\24.025.0204.0003\FileSyncShell64.dll [2024-03-10] (Microsoft Corporation -> Microsoft Corporation)
ShellIconOverlayIdentifiers: [ OneDrive4] -> {F241C880-6982-4CE5-8CF7-7085BA96DA5A} => C:\Program Files\Microsoft OneDrive\24.025.0204.0003\FileSyncShell64.dll [2024-03-10] (Microsoft Corporation -> Microsoft Corporation)
ShellIconOverlayIdentifiers: [ OneDrive5] -> {A0396A93-DC06-4AEF-BEE9-95FFCCAEF20E} => C:\Program Files\Microsoft OneDrive\24.025.0204.0003\FileSyncShell64.dll [2024-03-10] (Microsoft Corporation -> Microsoft Corporation)
ShellIconOverlayIdentifiers: [ OneDrive6] -> {9AA2F32D-362A-42D9-9328-24A483E2CCC3} => C:\Program Files\Microsoft OneDrive\24.025.0204.0003\FileSyncShell64.dll [2024-03-10] (Microsoft Corporation -> Microsoft Corporation)
ShellIconOverlayIdentifiers: [ OneDrive7] -> {C5FF006E-2AE9-408C-B85B-2DFDD5449D9C} => C:\Program Files\Microsoft OneDrive\24.025.0204.0003\FileSyncShell64.dll [2024-03-10] (Microsoft Corporation -> Microsoft Corporation)
ShellIconOverlayIdentifiers: [ShareOverlay] -> {594D4122-1F87-41E2-96C7-825FB4796516} => C:\Program Files\Classic Shell\ClassicExplorer64.dll [2018-07-15] (Ivaylo Beltchev -> IvoSoft) [File not signed]
ShellIconOverlayIdentifiers-x32: [ OneDrive1] -> {BBACC218-34EA-4666-9D7A-C78F2274A524} => C:\Program Files\Microsoft OneDrive\24.025.0204.0003\FileSyncShell64.dll [2024-03-10] (Microsoft Corporation -> Microsoft Corporation)
ShellIconOverlayIdentifiers-x32: [ OneDrive2] -> {5AB7172C-9C11-405C-8DD5-AF20F3606282} => C:\Program Files\Microsoft OneDrive\24.025.0204.0003\FileSyncShell64.dll [2024-03-10] (Microsoft Corporation -> Microsoft Corporation)
ShellIconOverlayIdentifiers-x32: [ OneDrive3] -> {A78ED123-AB77-406B-9962-2A5D9D2F7F30} => C:\Program Files\Microsoft OneDrive\24.025.0204.0003\FileSyncShell64.dll [2024-03-10] (Microsoft Corporation -> Microsoft Corporation)
ShellIconOverlayIdentifiers-x32: [ OneDrive4] -> {F241C880-6982-4CE5-8CF7-7085BA96DA5A} => C:\Program Files\Microsoft OneDrive\24.025.0204.0003\FileSyncShell64.dll [2024-03-10] (Microsoft Corporation -> Microsoft Corporation)
ShellIconOverlayIdentifiers-x32: [ OneDrive5] -> {A0396A93-DC06-4AEF-BEE9-95FFCCAEF20E} => C:\Program Files\Microsoft OneDrive\24.025.0204.0003\FileSyncShell64.dll [2024-03-10] (Microsoft Corporation -> Microsoft Corporation)
ShellIconOverlayIdentifiers-x32: [ OneDrive6] -> {9AA2F32D-362A-42D9-9328-24A483E2CCC3} => C:\Program Files\Microsoft OneDrive\24.025.0204.0003\FileSyncShell64.dll [2024-03-10] (Microsoft Corporation -> Microsoft Corporation)
ShellIconOverlayIdentifiers-x32: [ OneDrive7] -> {C5FF006E-2AE9-408C-B85B-2DFDD5449D9C} => C:\Program Files\Microsoft OneDrive\24.025.0204.0003\FileSyncShell64.dll [2024-03-10] (Microsoft Corporation -> Microsoft Corporation)
ShellIconOverlayIdentifiers-x32: [ShareOverlay] -> {594D4122-1F87-41E2-96C7-825FB4796516} => C:\Program Files\Classic Shell\ClassicExplorer64.dll [2018-07-15] (Ivaylo Beltchev -> IvoSoft) [File not signed]
ContextMenuHandlers1: [ FileSyncEx] -> {CB3D0F55-BC2C-4C1A-85ED-23ED75B5106B} => C:\Program Files\Microsoft OneDrive\24.025.0204.0003\FileSyncShell64.dll [2024-03-10] (Microsoft Corporation -> Microsoft Corporation)
ContextMenuHandlers1: [AABdzCtx] -> {5B69A6B4-393B-459C-8EBB-214237A9E7AC} => C:\Program Files\Bandizip\bdzshl.x64.dll [2023-01-19] (Bandisoft -> Bandisoft International Inc.)
ContextMenuHandlers2: [AABdzCtx] -> {5B69A6B4-393B-459C-8EBB-214237A9E7AC} => C:\Program Files\Bandizip\bdzshl.x64.dll [2023-01-19] (Bandisoft -> Bandisoft International Inc.)
ContextMenuHandlers4: [ FileSyncEx] -> {CB3D0F55-BC2C-4C1A-85ED-23ED75B5106B} => C:\Program Files\Microsoft OneDrive\24.025.0204.0003\FileSyncShell64.dll [2024-03-10] (Microsoft Corporation -> Microsoft Corporation)
ContextMenuHandlers4: [AABdzCtx] -> {5B69A6B4-393B-459C-8EBB-214237A9E7AC} => C:\Program Files\Bandizip\bdzshl.x64.dll [2023-01-19] (Bandisoft -> Bandisoft International Inc.)
ContextMenuHandlers5: [ FileSyncEx] -> {CB3D0F55-BC2C-4C1A-85ED-23ED75B5106B} => C:\Program Files\Microsoft OneDrive\24.025.0204.0003\FileSyncShell64.dll [2024-03-10] (Microsoft Corporation -> Microsoft Corporation)
ContextMenuHandlers5: [AABdzCtx] -> {5B69A6B4-393B-459C-8EBB-214237A9E7AC} => C:\Program Files\Bandizip\bdzshl.x64.dll [2023-01-19] (Bandisoft -> Bandisoft International Inc.)
ContextMenuHandlers5: [NvCplDesktopContext] -> {3D1975AF-48C6-4f8e-A182-BE0E08FA86A9} => C:\Windows\System32\DriverStore\FileRepository\nvgbdig.inf_amd64_82eb686a406694a3\nvshext.dll [2023-05-25] (NVIDIA Corporation -> NVIDIA Corporation)
ContextMenuHandlers6: [StartMenuExt] -> {E595F05F-903F-4318-8B0A-7F633B520D2B} => C:\Windows\system32\StartMenuHelper64.dll [2018-07-15] (Ivaylo Beltchev -> IvoSoft) [File not signed]
ContextMenuHandlers1_.DEFAULT: [ FileSyncEx] -> {CB3D0F55-BC2C-4C1A-85ED-23ED75B5106B} => C:\Program Files\Microsoft OneDrive\24.025.0204.0003\FileSyncShell64.dll [2024-03-10] (Microsoft Corporation -> Microsoft Corporation)
ContextMenuHandlers4_.DEFAULT: [ FileSyncEx] -> {CB3D0F55-BC2C-4C1A-85ED-23ED75B5106B} => C:\Program Files\Microsoft OneDrive\24.025.0204.0003\FileSyncShell64.dll [2024-03-10] (Microsoft Corporation -> Microsoft Corporation)
ContextMenuHandlers5_.DEFAULT: [ FileSyncEx] -> {CB3D0F55-BC2C-4C1A-85ED-23ED75B5106B} => C:\Program Files\Microsoft OneDrive\24.025.0204.0003\FileSyncShell64.dll [2024-03-10] (Microsoft Corporation -> Microsoft Corporation)
ContextMenuHandlers1_S-1-5-21-4194677476-3627657768-3988829947-1001: [AABdzCtx] -> {5B69A6B4-393B-459C-8EBB-214237A9E7AC} => C:\Program Files\Bandizip\bdzshl.x64.dll [2023-01-19] (Bandisoft -> Bandisoft International Inc.)
ContextMenuHandlers2_S-1-5-21-4194677476-3627657768-3988829947-1001: [AABdzCtx] -> {5B69A6B4-393B-459C-8EBB-214237A9E7AC} => C:\Program Files\Bandizip\bdzshl.x64.dll [2023-01-19] (Bandisoft -> Bandisoft International Inc.)
ContextMenuHandlers4_S-1-5-21-4194677476-3627657768-3988829947-1001: [AABdzCtx] -> {5B69A6B4-393B-459C-8EBB-214237A9E7AC} => C:\Program Files\Bandizip\bdzshl.x64.dll [2023-01-19] (Bandisoft -> Bandisoft International Inc.)
ContextMenuHandlers5_S-1-5-21-4194677476-3627657768-3988829947-1001: [AABdzCtx] -> {5B69A6B4-393B-459C-8EBB-214237A9E7AC} => C:\Program Files\Bandizip\bdzshl.x64.dll [2023-01-19] (Bandisoft -> Bandisoft International Inc.)

==================== Codecs (Whitelisted) ====================

==================== Shortcuts & WMI ========================

(The entries could be listed to be restored or removed.)

Shortcut: C:\Users\Boss\Desktop\Minecraft.lnk -> C:\Users\Boss\AppData\Roaming\.minecraft\start.bat ()
Shortcut: C:\Users\Boss\Desktop\Hry\Minecraft.lnk -> C:\Users\Boss\AppData\Roaming\.minecraft\start.bat ()
ShortcutWithArgument: C:\Users\Boss\Desktop\Satoru (Satoru Gojo) - Chrome.lnk -> C:\Program Files\Google\Chrome\Application\chrome.exe (Google LLC) -> --profile-directory="Default"
ShortcutWithArgument: C:\Users\Boss\Desktop\YouTube.lnk -> C:\Program Files\Google\Chrome\Application\chrome_proxy.exe (Google LLC) -> --profile-directory=Default --app-id=agimnkijcaahngcdmfeangaknmldooml
ShortcutWithArgument: C:\Users\Boss\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Aplikace Chrome\Disk Google.lnk -> C:\Program Files\Google\Chrome\Application\chrome_proxy.exe (Google LLC) -> --profile-directory="Profile 1" --app-id=aghbiahbpaijignceidepookljebhfak
ShortcutWithArgument: C:\Users\Boss\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Aplikace Chrome\Dokumenty.lnk -> C:\Program Files\Google\Chrome\Application\chrome_proxy.exe (Google LLC) -> --profile-directory="Profile 1" --app-id=mpnpojknpmmopombnjdcgaaiekajbnjb
ShortcutWithArgument: C:\Users\Boss\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Aplikace Chrome\Gmail.lnk -> C:\Program Files\Google\Chrome\Application\chrome_proxy.exe (Google LLC) -> --profile-directory="Profile 1" --app-id=fmgjjmmmlfnkbppncabfkddbjimcfncm
ShortcutWithArgument: C:\Users\Boss\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Aplikace Chrome\Prezentace.lnk -> C:\Program Files\Google\Chrome\Application\chrome_proxy.exe (Google LLC) -> --profile-directory="Profile 1" --app-id=kefjledonklijopmnomlcbpllchaibag
ShortcutWithArgument: C:\Users\Boss\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Aplikace Chrome\Tabulky.lnk -> C:\Program Files\Google\Chrome\Application\chrome_proxy.exe (Google LLC) -> --profile-directory="Profile 1" --app-id=fhihpiojkbmbpdjeoajapmgkhlnakfjf
ShortcutWithArgument: C:\Users\Boss\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Aplikace Chrome\YouTube.lnk -> C:\Program Files\Google\Chrome\Application\chrome_proxy.exe (Google LLC) -> --profile-directory=Default --app-id=agimnkijcaahngcdmfeangaknmldooml
ShortcutWithArgument: C:\Users\Boss\AppData\Roaming\Microsoft\Internet Explorer\Quick Launch\User Pinned\TaskBar\YouTube.lnk -> C:\Program Files\Google\Chrome\Application\chrome_proxy.exe (Google LLC) -> --profile-directory=Default --app-id=agimnkijcaahngcdmfeangaknmldooml
ShortcutWithArgument: C:\Users\Boss\AppData\Roaming\Microsoft\Internet Explorer\Quick Launch\User Pinned\ImplicitAppShortcuts\9501e18d7c2ab92e\Max (Maxim) - Chrome.lnk -> C:\Program Files\Google\Chrome\Application\chrome.exe (Google LLC) -> --profile-directory="Profile 2"

==================== Loaded Modules (Whitelisted) =============

2014-05-02 11:52 - 2014-05-02 11:52 - 000599040 _____ () [File not signed] [File is in use] C:\Program Files\Nefarius Software Solutions\ScpToolkit\irrKlang\amd64\irrKlang.NET4.dll
2014-05-02 06:55 - 2014-05-02 06:55 - 000185344 _____ () [File not signed] C:\Program Files\Nefarius Software Solutions\ScpToolkit\irrKlang\amd64\ikpflac.dll
2014-05-02 06:05 - 2014-05-02 06:05 - 000173056 _____ () [File not signed] C:\Program Files\Nefarius Software Solutions\ScpToolkit\irrKlang\amd64\ikpmp3.dll
2015-08-28 20:16 - 2015-08-28 20:16 - 003496448 _____ (akeo.ie) [File not signed] C:\Program Files\Nefarius Software Solutions\ScpToolkit\libwdi\amd64\libwdi.dll
2024-02-27 16:10 - 2024-02-27 16:10 - 000356864 _____ (Benjamin Höglinger) [File not signed] C:\Windows\assembly\NativeImages_v4.0.30319_64\Libarius\d1f80afa7d5d94c93b9d7116f180ed4b\Libarius.ni.dll
2018-07-15 12:15 - 2018-07-15 12:15 - 000885560 _____ (Ivaylo Beltchev -> IvoSoft) [File not signed] C:\Program Files\Classic Shell\ClassicExplorer64.dll
2018-07-15 12:15 - 2018-07-15 12:15 - 003664696 _____ (Ivaylo Beltchev -> IvoSoft) [File not signed] C:\Program Files\Classic Shell\ClassicStartMenuDLL.dll
2018-07-15 12:15 - 2018-07-15 12:15 - 000291128 _____ (Ivaylo Beltchev -> IvoSoft) [File not signed] C:\Windows\system32\StartMenuHelper64.dll
2003-03-18 21:23 - 2003-03-18 21:23 - 000024576 _____ (Microsoft Corporation) [File not signed] C:\Program Files (x86)\Common Files\Microsoft Shared\VS7DEBUG\1029\mdmui.dll
2006-10-26 12:40 - 2006-10-26 12:40 - 000192512 _____ (Microsoft Corporation) [File not signed] C:\Program Files (x86)\Common Files\Microsoft Shared\VS7DEBUG\msdbg2.dll
2024-02-27 16:09 - 2024-02-27 16:09 - 000978432 _____ (The Apache Software Foundation) [File not signed] C:\Windows\assembly\NativeImages_v4.0.30319_64\log4net\38f78ad8f1b3ce12b81fe03103ae7d69\log4net.ni.dll

==================== Alternate Data Streams (Whitelisted) ========

==================== Safe Mode (Whitelisted) ==================

(If an entry is included in the fixlist, it will be removed from the registry. The "AlternateShell" will be restored.)

HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Network\AppXSVC => ""="Service"
HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Network\camsvc => ""="Service"
HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Network\MSIServer => ""="Service"

==================== Association (Whitelisted) =================

==================== Internet Explorer (Whitelisted) ==========

BHO: ExplorerBHO Class -> {449D0D6E-2412-4E61-B68F-1CB625CD9E52} -> C:\Program Files\Classic Shell\ClassicExplorer64.dll [2018-07-15] (Ivaylo Beltchev -> IvoSoft) [File not signed]
BHO: ClassicIEBHO Class -> {EA801577-E6AD-4BD5-8F71-4BE0154331A4} -> C:\Program Files\Classic Shell\ClassicIEDLL_64.dll [2018-07-15] (Ivaylo Beltchev -> IvoSoft) [File not signed]
BHO-x32: Skype for Business Browser Helper -> {31D09BA0-12F5-4CCE-BE8A-2923E76605DA} -> C:\Program Files\Microsoft Office\root\VFS\ProgramFilesX86\Microsoft Office\Office16\OCHelper.dll [2024-02-05] (Microsoft Corporation -> Microsoft Corporation)
BHO-x32: ExplorerBHO Class -> {449D0D6E-2412-4E61-B68F-1CB625CD9E52} -> C:\Program Files\Classic Shell\ClassicExplorer32.dll [2018-07-15] (Ivaylo Beltchev -> IvoSoft) [File not signed]
BHO-x32: Java(tm) Plug-In SSV Helper -> {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} -> C:\Program Files (x86)\Java\jre-1.8\bin\ssv.dll [2023-03-17] (Oracle America, Inc. -> Oracle Corporation)
BHO-x32: Java(tm) Plug-In 2 SSV Helper -> {DBC80044-A445-435b-BC74-9C25C1C588A9} -> C:\Program Files (x86)\Java\jre-1.8\bin\jp2ssv.dll [2023-03-17] (Oracle America, Inc. -> Oracle Corporation)
BHO-x32: ClassicIEBHO Class -> {EA801577-E6AD-4BD5-8F71-4BE0154331A4} -> C:\Program Files\Classic Shell\ClassicIEDLL_32.dll [2018-07-15] (Ivaylo Beltchev -> IvoSoft) [File not signed]
Toolbar: HKLM - Classic Explorer Bar - {553891B7-A0D5-4526-BE18-D3CE461D6310} - C:\Program Files\Classic Shell\ClassicExplorer64.dll [2018-07-15] (Ivaylo Beltchev -> IvoSoft) [File not signed]
Toolbar: HKLM-x32 - Classic Explorer Bar - {553891B7-A0D5-4526-BE18-D3CE461D6310} - C:\Program Files\Classic Shell\ClassicExplorer32.dll [2018-07-15] (Ivaylo Beltchev -> IvoSoft) [File not signed]
Handler: mso-minsb-roaming.16 - {83C25742-A9F7-49FB-9138-434302C88D07} - C:\Program Files\Microsoft Office\root\Office16\MSOSB.DLL [2024-03-10] (Microsoft Corporation -> Microsoft Corporation)
Handler-x32: mso-minsb-roaming.16 - {83C25742-A9F7-49FB-9138-434302C88D07} - C:\Program Files\Microsoft Office\root\VFS\ProgramFilesX86\Microsoft Office\Office16\MSOSB.DLL [2024-03-10] (Microsoft Corporation -> Microsoft Corporation)
Handler: mso-minsb.16 - {42089D2D-912D-4018-9087-2B87803E93FB} - C:\Program Files\Microsoft Office\root\Office16\MSOSB.DLL [2024-03-10] (Microsoft Corporation -> Microsoft Corporation)
Handler-x32: mso-minsb.16 - {42089D2D-912D-4018-9087-2B87803E93FB} - C:\Program Files\Microsoft Office\root\VFS\ProgramFilesX86\Microsoft Office\Office16\MSOSB.DLL [2024-03-10] (Microsoft Corporation -> Microsoft Corporation)
Handler: osf-roaming.16 - {42089D2D-912D-4018-9087-2B87803E93FB} - C:\Program Files\Microsoft Office\root\Office16\MSOSB.DLL [2024-03-10] (Microsoft Corporation -> Microsoft Corporation)
Handler-x32: osf-roaming.16 - {42089D2D-912D-4018-9087-2B87803E93FB} - C:\Program Files\Microsoft Office\root\VFS\ProgramFilesX86\Microsoft Office\Office16\MSOSB.DLL [2024-03-10] (Microsoft Corporation -> Microsoft Corporation)
Handler: osf.16 - {5504BE45-A83B-4808-900A-3A5C36E7F77A} - C:\Program Files\Microsoft Office\root\Office16\MSOSB.DLL [2024-03-10] (Microsoft Corporation -> Microsoft Corporation)
Handler-x32: osf.16 - {5504BE45-A83B-4808-900A-3A5C36E7F77A} - C:\Program Files\Microsoft Office\root\VFS\ProgramFilesX86\Microsoft Office\Office16\MSOSB.DLL [2024-03-10] (Microsoft Corporation -> Microsoft Corporation)

==================== Hosts content: =========================

(If needed Hosts: directive could be included in the fixlist to reset Hosts.)

2019-12-07 10:14 - 2019-12-07 10:12 - 000000824 _____ C:\Windows\system32\drivers\etc\hosts

==================== Other Areas ===========================

(Currently there is no automatic fix for this section.)

HKLM\System\CurrentControlSet\Control\Session Manager\Environment\\Path -> C:\Program Files (x86)\NVIDIA Corporation\PhysX\Common;C:\Program Files (x86)\Common Files\Oracle\Java\javapath;%SystemRoot%\system32;%SystemRoot%;%SystemRoot%\System32\Wbem;%SYSTEMROOT%\System32\WindowsPowerShell\v1.0\;%SYSTEMROOT%\System32\OpenSSH\;C:\Program Files\Bandizip\
HKU\S-1-5-21-4194677476-3627657768-3988829947-1001\Control Panel\Desktop\\Wallpaper -> C:\Users\Boss\Desktop\Jujutsu kaisen\f75750c4cff421ad52938bd684aaa060.jpg
DNS Servers: 192.168.2.1
HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Policies\System => (ConsentPromptBehaviorAdmin: 5) (ConsentPromptBehaviorUser: 3) (EnableLUA: 1)
Windows Firewall is enabled.

==================== MSCONFIG/TASK MANAGER disabled items ==

(If an entry is included in the fixlist, it will be removed.)

HKU\S-1-5-21-4194677476-3627657768-3988829947-1001\...\StartupApproved\Run: => "OneDrive"
HKU\S-1-5-21-4194677476-3627657768-3988829947-1001\...\StartupApproved\Run: => "MicrosoftEdgeAutoLaunch_B14DBBE1EF03929244E921C90BE13BF3"
HKU\S-1-5-21-4194677476-3627657768-3988829947-1001\...\StartupApproved\Run: => "Opera Stable"
HKU\S-1-5-21-4194677476-3627657768-3988829947-1001\...\StartupApproved\Run: => "com.squirrel.Teams.Teams"

==================== FirewallRules (Whitelisted) ================

(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)

FirewallRules: [{FDCF403C-C615-4CD3-9E89-E12E62E24B2D}] => (Allow) C:\Program Files (x86)\Microsoft Office\root\Office16\Lync.exe => No File
FirewallRules: [{7DE588F6-1A59-46DC-87C9-D96A0053EC1A}] => (Allow) C:\Program Files (x86)\Microsoft Office\root\Office16\UcMapi.exe => No File
FirewallRules: [TCP Query User{97E70A10-E636-4EEA-B63D-743FC36EF6C3}D:\games\crash bandicoot n sane trilogy\crashbandicootnsanetrilogy.exe] => (Allow) D:\games\crash bandicoot n sane trilogy\crashbandicootnsanetrilogy.exe (Activision Publishing Inc -> ) [File not signed]
FirewallRules: [UDP Query User{9C64D3D0-5331-4A55-ADC3-D76A0E3F8CAD}D:\games\crash bandicoot n sane trilogy\crashbandicootnsanetrilogy.exe] => (Allow) D:\games\crash bandicoot n sane trilogy\crashbandicootnsanetrilogy.exe (Activision Publishing Inc -> ) [File not signed]
FirewallRules: [TCP Query User{DA1CCEC8-71BB-43C7-B906-38302F9D8CD8}C:\users\boss\appdata\roaming\.tlauncher\jvms\jre1.8.0_281\bin\javaw.exe] => (Allow) C:\users\boss\appdata\roaming\.tlauncher\jvms\jre1.8.0_281\bin\javaw.exe
FirewallRules: [UDP Query User{BE9715FE-DDE2-49C4-8CC5-8FADB9065532}C:\users\boss\appdata\roaming\.tlauncher\jvms\jre1.8.0_281\bin\javaw.exe] => (Allow) C:\users\boss\appdata\roaming\.tlauncher\jvms\jre1.8.0_281\bin\javaw.exe
FirewallRules: [TCP Query User{40FDD4C0-39DA-4D8B-AD76-6B3B7B673D9C}D:\games\far cry - primal\bin\fcprimal.exe] => (Allow) D:\games\far cry - primal\bin\fcprimal.exe (UBISOFT ENTERTAINMENT INC. -> Ubisoft Entertainment)
FirewallRules: [UDP Query User{6DB4C53E-09E6-45C4-8ACA-A00BAD58AA25}D:\games\far cry - primal\bin\fcprimal.exe] => (Allow) D:\games\far cry - primal\bin\fcprimal.exe (UBISOFT ENTERTAINMENT INC. -> Ubisoft Entertainment)
FirewallRules: [{D5127A7B-3872-4C1B-844B-B7DCDB29CBE0}] => (Allow) C:\Users\Boss\AppData\Local\Programs\Opera\99.0.4788.24\opera.exe => No File
FirewallRules: [TCP Query User{ED55C08E-BAF8-4C9A-AC82-D2E02037A619}D:\games\the sims 4 dream home decorator\game\bin\ts4_x64.exe] => (Allow) D:\games\the sims 4 dream home decorator\game\bin\ts4_x64.exe (Electronic Arts Inc.) [File not signed]
FirewallRules: [UDP Query User{B22CF530-752D-44B0-9C93-4ABFA2A89F23}D:\games\the sims 4 dream home decorator\game\bin\ts4_x64.exe] => (Allow) D:\games\the sims 4 dream home decorator\game\bin\ts4_x64.exe (Electronic Arts Inc.) [File not signed]
FirewallRules: [TCP Query User{C5266588-0301-4A43-B32C-741A95B353BA}C:\users\boss\appdata\roaming\.minecraft\runtime\java-runtime-gamma\windows\java-runtime-gamma\bin\javaw.exe] => (Allow) C:\users\boss\appdata\roaming\.minecraft\runtime\java-runtime-gamma\windows\java-runtime-gamma\bin\javaw.exe
FirewallRules: [UDP Query User{5923D673-8782-4D2D-954E-59CB1827B276}C:\users\boss\appdata\roaming\.minecraft\runtime\java-runtime-gamma\windows\java-runtime-gamma\bin\javaw.exe] => (Allow) C:\users\boss\appdata\roaming\.minecraft\runtime\java-runtime-gamma\windows\java-runtime-gamma\bin\javaw.exe
FirewallRules: [TCP Query User{48065DF4-DED4-45DF-BD70-B10979DCC075}C:\users\boss\appdata\roaming\.minecraft\runtime\java-runtime-alpha\windows\java-runtime-alpha\bin\javaw.exe] => (Allow) C:\users\boss\appdata\roaming\.minecraft\runtime\java-runtime-alpha\windows\java-runtime-alpha\bin\javaw.exe
FirewallRules: [UDP Query User{0D2580F1-3460-4326-9E60-10F84F31B3CC}C:\users\boss\appdata\roaming\.minecraft\runtime\java-runtime-alpha\windows\java-runtime-alpha\bin\javaw.exe] => (Allow) C:\users\boss\appdata\roaming\.minecraft\runtime\java-runtime-alpha\windows\java-runtime-alpha\bin\javaw.exe
FirewallRules: [{0E1E5068-EA78-4262-9A9D-C810FFE39FDC}] => (Allow) C:\Program Files\Mozilla Thunderbird\thunderbird.exe (Mozilla Corporation -> Mozilla Corporation)
FirewallRules: [{6F101244-CAE5-4A14-86B2-2DA4203DCFF3}] => (Allow) C:\Program Files\Mozilla Thunderbird\thunderbird.exe (Mozilla Corporation -> Mozilla Corporation)
FirewallRules: [{4DA7D1C4-D2A6-4C2C-9EC0-4648F781E5EC}] => (Allow) C:\Program Files\Mozilla Thunderbird\thunderbird.exe (Mozilla Corporation -> Mozilla Corporation)
FirewallRules: [{6533A1E3-8392-4B34-9AE9-3676A99E3422}] => (Allow) C:\Program Files\Mozilla Thunderbird\thunderbird.exe (Mozilla Corporation -> Mozilla Corporation)
FirewallRules: [{8EDD8B67-799F-4AC5-9A8D-9C0ADDF17C0C}] => (Allow) C:\Program Files\Mozilla Firefox\firefox.exe (Mozilla Corporation -> Mozilla Corporation)
FirewallRules: [{4B56E729-8644-4D60-A2A3-AA3EF1A31BB8}] => (Allow) C:\Program Files\Mozilla Firefox\firefox.exe (Mozilla Corporation -> Mozilla Corporation)
FirewallRules: [TCP Query User{75ED434E-A429-444A-B699-A41242B0D5D3}C:\program files\mozilla firefox\firefox.exe] => (Allow) C:\program files\mozilla firefox\firefox.exe (Mozilla Corporation -> Mozilla Corporation)
FirewallRules: [UDP Query User{8D48C654-5712-4421-8AE4-C5EF95AB264C}C:\program files\mozilla firefox\firefox.exe] => (Allow) C:\program files\mozilla firefox\firefox.exe (Mozilla Corporation -> Mozilla Corporation)
FirewallRules: [TCP Query User{217DF551-01F1-47B1-91B3-E837134228DB}C:\program files\totalcmd\totalcmd64.exe] => (Allow) C:\program files\totalcmd\totalcmd64.exe (Ghisler Software GmbH -> Ghisler Software GmbH)
FirewallRules: [UDP Query User{65E5CB20-4084-4375-A2A6-A677903929DB}C:\program files\totalcmd\totalcmd64.exe] => (Allow) C:\program files\totalcmd\totalcmd64.exe (Ghisler Software GmbH -> Ghisler Software GmbH)
FirewallRules: [{D6E2CECF-9D7D-4916-84E8-B1E83B5596A2}] => (Allow) C:\Users\Boss\AppData\Local\Programs\Opera\105.0.4970.34\opera.exe => No File
FirewallRules: [{52A0B7EE-7704-4FDC-BF91-C92ADC45AC55}] => (Allow) C:\Users\Boss\AppData\Local\Programs\Opera\105.0.4970.48\opera.exe => No File
FirewallRules: [{6BF6D402-E33C-44A3-A37F-6330F6BF1533}] => (Allow) C:\Program Files\Microsoft Office\root\Office16\outlook.exe (Microsoft Corporation -> Microsoft Corporation)
FirewallRules: [{8C1B382A-FD16-4580-AEE6-63128C040C81}] => (Allow) C:\Program Files (x86)\Steam\Steam.exe (Valve Corp. -> Valve Corporation)
FirewallRules: [{F839EB32-1A45-44F6-94A9-444D5A6BBE2A}] => (Allow) C:\Program Files (x86)\Steam\Steam.exe (Valve Corp. -> Valve Corporation)
FirewallRules: [{FAD2A8FA-80E9-4AF4-A55B-4E2C35B0B54A}] => (Allow) C:\Program Files (x86)\Steam\bin\cef\cef.win7x64\steamwebhelper.exe (Valve Corp. -> Valve Corporation)
FirewallRules: [{7426F4BE-7CC6-4E92-9FA3-1814E4304337}] => (Allow) C:\Program Files (x86)\Steam\bin\cef\cef.win7x64\steamwebhelper.exe (Valve Corp. -> Valve Corporation)
FirewallRules: [{A43448EC-2647-4646-8202-275852D2AE51}] => (Allow) C:\Program Files (x86)\Steam\steamapps\common\Mafia II Definitive Edition\2KLauncher\LauncherPatcher.exe (Take-Two Interactive Software, Inc. -> Take-Two Interactive Software, Inc.)
FirewallRules: [{F33B70FF-EC9A-4365-932F-DC25470DDA01}] => (Allow) C:\Program Files (x86)\Steam\steamapps\common\Mafia II Definitive Edition\2KLauncher\LauncherPatcher.exe (Take-Two Interactive Software, Inc. -> Take-Two Interactive Software, Inc.)
FirewallRules: [TCP Query User{82490FE6-C72D-44E6-BBF9-4011CABF2027}C:\users\boss\appdata\roaming\.tlauncher\jvms\jre1.8.0_281\bin\javaw.exe] => (Allow) C:\users\boss\appdata\roaming\.tlauncher\jvms\jre1.8.0_281\bin\javaw.exe
FirewallRules: [UDP Query User{0434B749-A487-446E-B6E7-692035DFA8FC}C:\users\boss\appdata\roaming\.tlauncher\jvms\jre1.8.0_281\bin\javaw.exe] => (Allow) C:\users\boss\appdata\roaming\.tlauncher\jvms\jre1.8.0_281\bin\javaw.exe
FirewallRules: [TCP Query User{23A93CA6-723C-47B7-8EB8-BDC623B02694}C:\users\boss\appdata\roaming\.minecraft\runtime\java-runtime-gamma\windows\java-runtime-gamma\bin\javaw.exe] => (Allow) C:\users\boss\appdata\roaming\.minecraft\runtime\java-runtime-gamma\windows\java-runtime-gamma\bin\javaw.exe
FirewallRules: [UDP Query User{643D7DC9-BEA6-4FF8-9811-619D5B7F438C}C:\users\boss\appdata\roaming\.minecraft\runtime\java-runtime-gamma\windows\java-runtime-gamma\bin\javaw.exe] => (Allow) C:\users\boss\appdata\roaming\.minecraft\runtime\java-runtime-gamma\windows\java-runtime-gamma\bin\javaw.exe
FirewallRules: [{CF087331-87A5-42A9-9EBD-8564B314139B}] => (Allow) C:\Program Files\WindowsApps\MSTeams_24004.1307.2669.7070_x64__8wekyb3d8bbwe\ms-teams.exe (Microsoft Corporation -> Microsoft Corporation)
FirewallRules: [{6B013272-AC72-4E6F-8748-370CD266FA48}] => (Allow) C:\Program Files\WindowsApps\MSTeams_24004.1307.2669.7070_x64__8wekyb3d8bbwe\ms-teams.exe (Microsoft Corporation -> Microsoft Corporation)
FirewallRules: [{D2112656-86DF-462B-A0B6-EA43305B0697}] => (Allow) C:\Program Files\WindowsApps\Microsoft.SkypeApp_15.113.3210.0_x64__kzf8qxf38zg5c\Skype\Skype.exe (Skype Software Sarl -> Skype Technologies S.A.)
FirewallRules: [{C0BB5EF5-8A1C-4ED3-BDB8-CF83A481FB26}] => (Allow) C:\Program Files\WindowsApps\Microsoft.SkypeApp_15.113.3210.0_x64__kzf8qxf38zg5c\Skype\Skype.exe (Skype Software Sarl -> Skype Technologies S.A.)
FirewallRules: [{29885E6F-91D4-4197-94FE-EC0992CCE2B7}] => (Allow) C:\Program Files\WindowsApps\Microsoft.SkypeApp_15.113.3210.0_x64__kzf8qxf38zg5c\Skype\Skype.exe (Skype Software Sarl -> Skype Technologies S.A.)
FirewallRules: [{20F19FF1-C9F2-44AE-8B17-8FFDCC0EC663}] => (Allow) C:\Program Files\WindowsApps\Microsoft.SkypeApp_15.113.3210.0_x64__kzf8qxf38zg5c\Skype\Skype.exe (Skype Software Sarl -> Skype Technologies S.A.)
FirewallRules: [{9C1485C6-CCA5-4758-9B4D-979276BFD97D}] => (Allow) C:\Program Files\WindowsApps\MSTeams_24004.1309.2689.2246_x64__8wekyb3d8bbwe\ms-teams.exe (Microsoft Corporation -> Microsoft Corporation)
FirewallRules: [{6403BB23-B2CA-45CA-A206-C85EAEBA2F59}] => (Allow) C:\Program Files\WindowsApps\MSTeams_24004.1309.2689.2246_x64__8wekyb3d8bbwe\ms-teams.exe (Microsoft Corporation -> Microsoft Corporation)
FirewallRules: [{BDF135AC-A728-4D5F-90EC-CB1AA104CB8B}] => (Allow) C:\Program Files\Google\Chrome\Application\chrome.exe (Google LLC -> Google LLC)
FirewallRules: [{198020FD-2AE3-4723-80D7-6309443C9B8E}] => (Allow) C:\Program Files (x86)\Microsoft\EdgeWebView\Application\122.0.2365.80\msedgewebview2.exe (Microsoft Corporation -> Microsoft Corporation)

==================== Restore Points =========================

10-03-2024 18:07:53 Naplánovaný kontrolní bod

==================== Faulty Device Manager Devices ============


==================== Event log errors: ========================

Application errors:
==================
Error: (03/10/2024 05:52:28 PM) (Source: Microsoft-Windows-Defrag) (EventID: 264) (User: )
Description: Optimalizátor úložiště nemohl dokončit opakovat operaci trim na DATA (E:), protože: Požadovaná operace není podporována hardwarem, který zálohuje svazek. (0x8900002A)

Error: (03/10/2024 05:52:25 PM) (Source: Microsoft-Windows-Defrag) (EventID: 264) (User: )
Description: Optimalizátor úložiště nemohl dokončit opakovat operaci trim na HRY (D:), protože: Požadovaná operace není podporována hardwarem, který zálohuje svazek. (0x8900002A)

Error: (03/10/2024 05:27:35 PM) (Source: Firefox Default Browser Agent) (EventID: 2) (User: )
Description: Event-ID 2

Error: (02/29/2024 06:24:26 PM) (Source: Microsoft-Windows-Defrag) (EventID: 264) (User: )
Description: Optimalizátor úložiště nemohl dokončit opakovat operaci trim na DATA (E:), protože: Požadovaná operace není podporována hardwarem, který zálohuje svazek. (0x8900002A)

Error: (02/29/2024 06:24:24 PM) (Source: Microsoft-Windows-Defrag) (EventID: 264) (User: )
Description: Optimalizátor úložiště nemohl dokončit opakovat operaci trim na HRY (D:), protože: Požadovaná operace není podporována hardwarem, který zálohuje svazek. (0x8900002A)

Error: (02/29/2024 06:11:05 PM) (Source: Firefox Default Browser Agent) (EventID: 2) (User: )
Description: Event-ID 2

Error: (02/27/2024 04:50:25 PM) (Source: Application Error) (EventID: 1000) (User: )
Description: Název chybující aplikace: Teams.exe, verze: 1.7.0.3653, časové razítko: 0x63f7d881
Název chybujícího modulu: Teams.exe, verze: 1.7.0.3653, časové razítko: 0x63f7d881
Kód výjimky: 0xc0000005
Posun chyby: 0x0000000003359742
ID chybujícího procesu: 0x2a04
Čas spuštění chybující aplikace: 0x01da69930eb3f0bd
Cesta k chybující aplikaci: C:\Users\Boss\AppData\Local\Microsoft\Teams\current\Teams.exe
Cesta k chybujícímu modulu: C:\Users\Boss\AppData\Local\Microsoft\Teams\current\Teams.exe
ID zprávy: 29966bfa-24aa-4de4-8fc9-ce6aca319506
Úplný název chybujícího balíčku:
ID aplikace související s chybujícím balíčkem:

Error: (02/24/2024 03:13:25 PM) (Source: Microsoft-Windows-Defrag) (EventID: 264) (User: )
Description: Optimalizátor úložiště nemohl dokončit opakovat operaci trim na DATA (E:), protože: Požadovaná operace není podporována hardwarem, který zálohuje svazek. (0x8900002A)


System errors:
=============
Error: (03/10/2024 05:26:22 PM) (Source: volsnap) (EventID: 36) (User: )
Description: Stínové kopie svazku C: byly přerušeny, protože z důvodu limitu stanoveného uživatelem se nepodařilo zvětšit úložiště stínové kopie.

Error: (03/10/2024 05:24:39 PM) (Source: Tcpip) (EventID: 4199) (User: )
Description: Systém zjistil konflikt IP adresy 0.0.0.0 se systémem,
jehož síťová hardwarová adresa je 00-12-42-2E-3B-87. Síťové operace v systému mohou
být přerušeny.

Error: (02/29/2024 07:07:41 PM) (Source: Service Control Manager) (EventID: 7000) (User: )
Description: Služba Steam Client Service neuspěla při spuštění v důsledku následující chyby:
Služba neodpověděla na řídicí nebo zahajovací požadavek dostatečně včas.

Error: (02/29/2024 07:07:41 PM) (Source: Service Control Manager) (EventID: 7009) (User: )
Description: Při čekání na připojení služby Steam Client Service bylo dosaženo časového limitu (30000 ms).

Error: (02/27/2024 05:58:32 PM) (Source: Tcpip) (EventID: 4199) (User: )
Description: Systém zjistil konflikt IP adresy 0.0.0.0 se systémem,
jehož síťová hardwarová adresa je 00-12-42-2E-3B-87. Síťové operace v systému mohou
být přerušeny.

Error: (02/24/2024 03:07:11 PM) (Source: volsnap) (EventID: 36) (User: )
Description: Stínové kopie svazku C: byly přerušeny, protože z důvodu limitu stanoveného uživatelem se nepodařilo zvětšit úložiště stínové kopie.

Error: (02/16/2024 08:24:27 PM) (Source: Service Control Manager) (EventID: 7023) (User: )
Description: Služba Mozilla Maintenance Service byla ukončena s následující chybou:
Nesprávná funkce.

Error: (02/11/2024 02:59:01 PM) (Source: Service Control Manager) (EventID: 7023) (User: )
Description: Služba Mozilla Maintenance Service byla ukončena s následující chybou:
Nesprávná funkce.


Windows Defender:
================
Date: 2024-03-10 17:55:42
Description:
Prohledávání Antivirová ochrana v programu Microsoft Defender bylo zastaveno před dokončením.
ID prohledávání: {D731898D-72A3-419A-89D2-156BD5B26543}
Typ prohledávání: Antimalwarový program
Parametry prohledávání: Rychlé prohledávání
Uživatel: NT AUTHORITY\SYSTEM

Date: 2024-02-27 16:09:05
Description:
Prohledávání Antivirová ochrana v programu Microsoft Defender bylo zastaveno před dokončením.
ID prohledávání: {0884A038-9968-4C5B-BAA9-051E154F08BC}
Typ prohledávání: Antimalwarový program
Parametry prohledávání: Rychlé prohledávání
Uživatel: NT AUTHORITY\SYSTEM

Date: 2024-02-11 15:07:25
Description:
Prohledávání Antivirová ochrana v programu Microsoft Defender bylo zastaveno před dokončením.
ID prohledávání: {CBFC6906-C46B-4DB4-A77F-86D26BC6D95F}
Typ prohledávání: Antimalwarový program
Parametry prohledávání: Rychlé prohledávání
Uživatel: NT AUTHORITY\SYSTEM

Date: 2024-02-08 15:16:28
Description:
Prohledávání Antivirová ochrana v programu Microsoft Defender bylo zastaveno před dokončením.
ID prohledávání: {1E566F3F-0468-47AE-BBA2-1E5237BB82B9}
Typ prohledávání: Antimalwarový program
Parametry prohledávání: Rychlé prohledávání
Uživatel: NT AUTHORITY\SYSTEM

Date: 2024-02-07 18:44:49
Description:
Prohledávání Antivirová ochrana v programu Microsoft Defender bylo zastaveno před dokončením.
ID prohledávání: {32750352-7DB1-40FD-AC7B-D7F6B8AA0423}
Typ prohledávání: Antimalwarový program
Parametry prohledávání: Rychlé prohledávání
Uživatel: NT AUTHORITY\SYSTEM
Event[0]:

Date: 2023-06-02 11:06:27
Description:
Funkce Ochrana v reálném čase u prohledávání Antivirová ochrana v programu Microsoft Defender zjistila chybu a došlo k jejímu selhání.
Funkce: Při přístupu
Kód chyby: 0x8007043c
Popis chyby: Tuto službu nelze spustit v nouzovém režimu.
Důvod: Antimalwarové bezpečnostní informace přestaly z neznámých důvodů fungovat. V některých případech se tento problém dá vyřešit restartováním služby.

CodeIntegrity:
===============
Date: 2023-11-19 17:37:49
Description:
Code Integrity determined that a process (\Device\HarddiskVolume2\ProgramData\Microsoft\Windows Defender\Platform\4.18.23100.2009-0\MsMpEng.exe) attempted to load \Device\HarddiskVolume2\Program Files\Common Files\microsoft shared\OFFICE12\MSOXMLMF.DLL that did not meet the Custom 3 / Antimalware signing level requirements.

Date: 2023-11-01 14:38:35
Description:
Code Integrity determined that a process (\Device\HarddiskVolume2\ProgramData\Microsoft\Windows Defender\Platform\4.18.23090.2008-0\MsMpEng.exe) attempted to load \Device\HarddiskVolume2\Program Files\Common Files\microsoft shared\OFFICE12\MSOXMLMF.DLL that did not meet the Custom 3 / Antimalware signing level requirements.

Date: 2023-10-30 18:40:44
Description:
Code Integrity determined that a process (\Device\HarddiskVolume2\Windows\System32\svchost.exe) attempted to load \Device\HarddiskVolume2\Program Files\Avast Software\Avast\aswAMSI.dll that did not meet the Windows signing level requirements.


==================== Memory info ===========================

BIOS: American Megatrends Inc. 0502 03/04/2017
Motherboard: ASUSTeK Computer INC. M5A78L-M LE/USB3
Processor: AMD FX(tm)-6300 Six-Core Processor
Percentage of memory in use: 44%
Total physical RAM: 8174.11 MB
Available physical RAM: 4561.25 MB
Total Virtual: 14062.11 MB
Available Virtual: 5728.86 MB

==================== Drives ================================

Drive c: () (Fixed) (Total:237.9 GB) (Free:9.25 GB) (Model: Apacer AS350 256GB ATA Device) NTFS
Drive d: (HRY) (Fixed) (Total:886.45 GB) (Free:685.34 GB) (Model: WDC WD20EZRZ-00Z5HB0 ATA Device) NTFS
Drive e: (DATA) (Fixed) (Total:976.56 GB) (Free:976.43 GB) (Model: WDC WD20EZRZ-00Z5HB0 ATA Device) NTFS

\\?\Volume{38d0b591-0000-0000-0000-100000000000}\ (Rezervováno systémem) (Fixed) (Total:0.05 GB) (Free:0.02 GB) NTFS
\\?\Volume{38d0b591-0000-0000-0000-107d3b000000}\ () (Fixed) (Total:0.52 GB) (Free:0.08 GB) NTFS

==================== MBR & Partition Table ====================

==========================================================
Disk: 0 (MBR Code: Windows 7/8/10) (Size: 238.5 GB) (Disk ID: 38D0B591)
Partition 1: (Active) - (Size=50 MB) - (Type=07 NTFS)
Partition 2: (Not Active) - (Size=237.9 GB) - (Type=07 NTFS)
Partition 3: (Not Active) - (Size=531 MB) - (Type=27)

==========================================================
Disk: 1 (MBR Code: Windows 7/8/10) (Size: 1863 GB) (Disk ID: 6E0FA70F)
Partition 1: (Not Active) - (Size=886.5 GB) - (Type=07 NTFS)
Partition 2: (Not Active) - (Size=976.6 GB) - (Type=07 NTFS)

==================== End of Addition.txt =======================
Nahoru
jasanek
Návštěvník
Návštěvník
Příspěvky: 144
Registrován: 04 zář 2006 14:43

Re: Samovolný pohyb myši a samovolné otvírání prohlížeče

#3 Příspěvek od jasanek »

Dobrý den,

prosím o radu, samovolně se mi pohybuje myš, otvírá mi složky, prohlížeč a chodí do nastavení chromu nebo vyhledává nějaké odkazy. Viz. příloha.

Děkuji za odpověď.
Přílohy
problem.png
problem.png (59.58 KiB) Zobrazeno 323 x
Nahoru
Uživatelský avatar
Rudy
Site Admin
Site Admin
Příspěvky: 118275
Registrován: 30 říj 2003 13:42
Bydliště: Plzeň
Kontaktovat uživatele:
Kontaktovat uživatele Rudy

Re: Samovolný pohyb myši a samovolné otvírání prohlížeče

#4 Příspěvek od Rudy »

Zdravím!
Spusťte tuto utilitu
Ulozte na plochu AdwCleaner https://malwarebytes.com/adwcleaner/ nebo http://www.bleepingcomputer.com/download/adwcleaner/

ukoncete vsechny programy
odsouhlaste licencni podmiky (EULA) klikem na Souhlasim
kliknete pravym na ikonu AdwCleaneru a vyberte Spustit jako spravce (v pripade Win XP spustte obycejne dvojklikem)
kliknete na Skenovat nyni (Scan now), pote na Cisteni a opravy (Clean and Repair)
po restartu na Vas vyskoci log (pripadne jej najdete v C:\AdwCleaner\Logs\AdwCleaner[Cxx].txt), jehoz obsah zkopirujte do pristi odpovedi

Můžete ji spustit i v nouz. režimu, pokud by to nešlo jinak.
Dotazy a logy vkládejte pouze do vašich threadů. Soukromé zprávy, icq a e-maily neslouží k řešení vašich problémů.

Podpořte, prosím, naše fórum : https://platba.viry.cz/payment/.

Navštivte: Obrázek

e-mail: rudy(zavináč)forum.viry.cz

Varování: Před odvirováním PC si udělejte zálohy svých důležitých dat (pošta, kontakty, dokumenty, fotografie, videa, hudba apod.). Virus mimo svých "viditelných" aktivit může poškodit systém!


Po dořešení vašeho problému bude vlákno zamknuto. Stejně tak tehdy, pokud bude nečinné více než 14dnů. Pokud budete chtít vlákno aktivovat, napište mi na mail uvedený výše.
Nahoru
jasanek
Návštěvník
Návštěvník
Příspěvky: 144
Registrován: 04 zář 2006 14:43

Re: Samovolný pohyb myši a samovolné otvírání prohlížeče

#5 Příspěvek od jasanek »

# -------------------------------
# Malwarebytes AdwCleaner 8.4.2.0
# -------------------------------
# Build: 03-04-2024
# Database: 2024-03-04.1 (Cloud)
# Support: https://www.malwarebytes.com/support
#
# -------------------------------
# Mode: Scan
# -------------------------------
# Start: 03-10-2024
# Duration: 00:00:10
# OS: Windows 10 (Build 19045.4046)
# Scanned: 32104
# Detected: 0


***** [ Services ] *****

No malicious services found.

***** [ Folders ] *****

No malicious folders found.

***** [ Files ] *****

No malicious files found.

***** [ DLL ] *****

No malicious DLLs found.

***** [ WMI ] *****

No malicious WMI found.

***** [ Shortcuts ] *****

No malicious shortcuts found.

***** [ Tasks ] *****

No malicious tasks found.

***** [ Registry ] *****

No malicious registry entries found.

***** [ Chromium (and derivatives) ] *****

No malicious Chromium entries found.

***** [ Chromium URLs ] *****

No malicious Chromium URLs found.

***** [ Firefox (and derivatives) ] *****

No malicious Firefox entries found.

***** [ Firefox URLs ] *****

No malicious Firefox URLs found.

***** [ Hosts File Entries ] *****

No malicious hosts file entries found.

***** [ Preinstalled Software ] *****

No Preinstalled Software found.


AdwCleaner[S00].txt - [1431 octets] - [10/03/2024 20:33:51]
AdwCleaner[C00].txt - [1601 octets] - [10/03/2024 20:34:31]

########## EOF - C:\AdwCleaner\Logs\AdwCleaner[S01].txt ##########
Nahoru
Uživatelský avatar
Rudy
Site Admin
Site Admin
Příspěvky: 118275
Registrován: 30 říj 2003 13:42
Bydliště: Plzeň
Kontaktovat uživatele:
Kontaktovat uživatele Rudy

Re: Samovolný pohyb myši a samovolné otvírání prohlížeče

#6 Příspěvek od Rudy »

Toto je OK. Otevřte poznámkový blok a zkopírujte do něj:
Start

CloseProcesses:
FirewallRules: [{FDCF403C-C615-4CD3-9E89-E12E62E24B2D}] => (Allow) C:\Program Files (x86)\Microsoft Office\root\Office16\Lync.exe => No File
FirewallRules: [{7DE588F6-1A59-46DC-87C9-D96A0053EC1A}] => (Allow) C:\Program Files (x86)\Microsoft Office\root\Office16\UcMapi.exe => No File
FirewallRules: [{D5127A7B-3872-4C1B-844B-B7DCDB29CBE0}] => (Allow) C:\Users\Boss\AppData\Local\Programs\Opera\99.0.4788.24\opera.exe => No File
FirewallRules: [{D6E2CECF-9D7D-4916-84E8-B1E83B5596A2}] => (Allow) C:\Users\Boss\AppData\Local\Programs\Opera\105.0.4970.34\opera.exe => No File
FirewallRules: [{52A0B7EE-7704-4FDC-BF91-C92ADC45AC55}] => (Allow) C:\Users\Boss\AppData\Local\Programs\Opera\105.0.4970.48\opera.exe => No File
HKLM\...\RunOnce: [Delete Cached Update Binary] => C:\Windows\system32\cmd.exe /q /c del /q "C:\Program Files\Microsoft OneDrive\Update\OneDriveSetup.exe" (No File)
HKU\S-1-5-21-4194677476-3627657768-3988829947-1001\...\Run: [AMDNoiseSuppression] => "C:\Windows\system32\AMD\ANR\AMDNoiseSuppression.exe" (No File)
HKU\S-1-5-21-4194677476-3627657768-3988829947-1001\...\MountPoints2: {560a23a1-0ce9-11ee-8d96-107b447c800e} - "F:\HiSuiteDownLoader.exe"
GroupPolicy: Restriction ? <==== ATTENTION
Policies: C:\ProgramData\NTUSER.pol: Restriction <==== ATTENTION
HKLM\SOFTWARE\Policies\Mozilla\Firefox: Restriction <==== ATTENTION
Task: {D8D4AE93-6C2B-4AEC-8A70-CA52B75704E7} - System32\Tasks\GoogleUpdateTaskMachineCore{90BD869D-AEFD-4B37-97E2-E09EF29912CC} => C:\Program Files (x86)\Google\Update\GoogleUpdate.exe [162072 2023-05-23] (Google LLC -> Google LLC)
Task: {57D7A0C9-C9C3-415B-94BD-20C722858903} - System32\Tasks\GoogleUpdateTaskMachineUA{C8824E64-E38E-482D-98E3-556E7BDC451D} => C:\Program Files (x86)\Google\Update\GoogleUpdate.exe [162072 2023-05-23] (Google LLC -> Google LLC)
Task: {58A22B38-D1DD-451C-932F-4539AF07AC81} - System32\Tasks\Opera scheduled Autoupdate 1685954649 => C:\Users\Boss\AppData\Local\Programs\Opera\launcher.exe --scheduledautoupdate $(Arg0) (No File)
Task: {217A2C3A-2339-4A5C-84E7-76358C50F2FE} - System32\Tasks\Opera scheduled Autoupdate 1701959593 => C:\Users\Boss\AppData\Local\Programs\Opera\launcher.exe --scheduledautoupdate $(Arg0) (No File)
R2 Ds3Service; C:\Program Files\Nefarius Software Solutions\ScpToolkit\ScpService.exe [389632 2016-01-10] (Scarlet.Crush Productions) [File not signed] [File is in use] <==== ATTENTION

EmptyTemp:
End
Uložte na plochu jako fixlist.txt. Spusťte znovu FRST a klikněte na >Fix<. Po skončení akce se objeví log, který sem zkopírujte.
Dotazy a logy vkládejte pouze do vašich threadů. Soukromé zprávy, icq a e-maily neslouží k řešení vašich problémů.

Podpořte, prosím, naše fórum : https://platba.viry.cz/payment/.

Navštivte: Obrázek

e-mail: rudy(zavináč)forum.viry.cz

Varování: Před odvirováním PC si udělejte zálohy svých důležitých dat (pošta, kontakty, dokumenty, fotografie, videa, hudba apod.). Virus mimo svých "viditelných" aktivit může poškodit systém!


Po dořešení vašeho problému bude vlákno zamknuto. Stejně tak tehdy, pokud bude nečinné více než 14dnů. Pokud budete chtít vlákno aktivovat, napište mi na mail uvedený výše.
Nahoru
jasanek
Návštěvník
Návštěvník
Příspěvky: 144
Registrován: 04 zář 2006 14:43

Re: Samovolný pohyb myši a samovolné otvírání prohlížeče

#7 Příspěvek od jasanek »

Fix result of Farbar Recovery Scan Tool (x64) Version: 11.03.2024
Ran by Boss (11-03-2024 18:08:09) Run:1
Running from C:\Users\Boss\Desktop
Loaded Profiles: Boss
Boot Mode: Normal
==============================================

fixlist content:
*****************
Start

CloseProcesses:
FirewallRules: [{FDCF403C-C615-4CD3-9E89-E12E62E24B2D}] => (Allow) C:\Program Files (x86)\Microsoft Office\root\Office16\Lync.exe => No File
FirewallRules: [{7DE588F6-1A59-46DC-87C9-D96A0053EC1A}] => (Allow) C:\Program Files (x86)\Microsoft Office\root\Office16\UcMapi.exe => No File
FirewallRules: [{D5127A7B-3872-4C1B-844B-B7DCDB29CBE0}] => (Allow) C:\Users\Boss\AppData\Local\Programs\Opera\99.0.4788.24\opera.exe => No File
FirewallRules: [{D6E2CECF-9D7D-4916-84E8-B1E83B5596A2}] => (Allow) C:\Users\Boss\AppData\Local\Programs\Opera\105.0.4970.34\opera.exe => No File
FirewallRules: [{52A0B7EE-7704-4FDC-BF91-C92ADC45AC55}] => (Allow) C:\Users\Boss\AppData\Local\Programs\Opera\105.0.4970.48\opera.exe => No File
HKLM\...\RunOnce: [Delete Cached Update Binary] => C:\Windows\system32\cmd.exe /q /c del /q "C:\Program Files\Microsoft OneDrive\Update\OneDriveSetup.exe" (No File)
HKU\S-1-5-21-4194677476-3627657768-3988829947-1001\...\Run: [AMDNoiseSuppression] => "C:\Windows\system32\AMD\ANR\AMDNoiseSuppression.exe" (No File)
HKU\S-1-5-21-4194677476-3627657768-3988829947-1001\...\MountPoints2: {560a23a1-0ce9-11ee-8d96-107b447c800e} - "F:\HiSuiteDownLoader.exe"
GroupPolicy: Restriction ? <==== ATTENTION
Policies: C:\ProgramData\NTUSER.pol: Restriction <==== ATTENTION
HKLM\SOFTWARE\Policies\Mozilla\Firefox: Restriction <==== ATTENTION
Task: {D8D4AE93-6C2B-4AEC-8A70-CA52B75704E7} - System32\Tasks\GoogleUpdateTaskMachineCore{90BD869D-AEFD-4B37-97E2-E09EF29912CC} => C:\Program Files (x86)\Google\Update\GoogleUpdate.exe [162072 2023-05-23] (Google LLC -> Google LLC)
Task: {57D7A0C9-C9C3-415B-94BD-20C722858903} - System32\Tasks\GoogleUpdateTaskMachineUA{C8824E64-E38E-482D-98E3-556E7BDC451D} => C:\Program Files (x86)\Google\Update\GoogleUpdate.exe [162072 2023-05-23] (Google LLC -> Google LLC)
Task: {58A22B38-D1DD-451C-932F-4539AF07AC81} - System32\Tasks\Opera scheduled Autoupdate 1685954649 => C:\Users\Boss\AppData\Local\Programs\Opera\launcher.exe --scheduledautoupdate $(Arg0) (No File)
Task: {217A2C3A-2339-4A5C-84E7-76358C50F2FE} - System32\Tasks\Opera scheduled Autoupdate 1701959593 => C:\Users\Boss\AppData\Local\Programs\Opera\launcher.exe --scheduledautoupdate $(Arg0) (No File)
R2 Ds3Service; C:\Program Files\Nefarius Software Solutions\ScpToolkit\ScpService.exe [389632 2016-01-10] (Scarlet.Crush Productions) [File not signed] [File is in use] <==== ATTENTION

EmptyTemp:
End
*****************

Processes closed successfully.
"HKLM\SYSTEM\CurrentControlSet\services\SharedAccess\Parameters\FirewallPolicy\FirewallRules\\{FDCF403C-C615-4CD3-9E89-E12E62E24B2D}" => removed successfully
"HKLM\SYSTEM\CurrentControlSet\services\SharedAccess\Parameters\FirewallPolicy\FirewallRules\\{7DE588F6-1A59-46DC-87C9-D96A0053EC1A}" => removed successfully
"HKLM\SYSTEM\CurrentControlSet\services\SharedAccess\Parameters\FirewallPolicy\FirewallRules\\{D5127A7B-3872-4C1B-844B-B7DCDB29CBE0}" => removed successfully
"HKLM\SYSTEM\CurrentControlSet\services\SharedAccess\Parameters\FirewallPolicy\FirewallRules\\{D6E2CECF-9D7D-4916-84E8-B1E83B5596A2}" => removed successfully
"HKLM\SYSTEM\CurrentControlSet\services\SharedAccess\Parameters\FirewallPolicy\FirewallRules\\{52A0B7EE-7704-4FDC-BF91-C92ADC45AC55}" => removed successfully
"HKLM\Software\Microsoft\Windows\CurrentVersion\RunOnce\\Delete Cached Update Binary" => not found
"HKU\S-1-5-21-4194677476-3627657768-3988829947-1001\Software\Microsoft\Windows\CurrentVersion\Run\\AMDNoiseSuppression" => removed successfully
HKU\S-1-5-21-4194677476-3627657768-3988829947-1001\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\MountPoints2\{560a23a1-0ce9-11ee-8d96-107b447c800e} => removed successfully

"C:\Windows\system32\GroupPolicy\Machine" folder move:

C:\Windows\system32\GroupPolicy\Machine => moved successfully
C:\Windows\system32\GroupPolicy\GPT.ini => moved successfully
C:\ProgramData\NTUSER.pol => moved successfully
HKLM\SOFTWARE\Policies\Mozilla => removed successfully
"HKLM\Software\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Logon\{D8D4AE93-6C2B-4AEC-8A70-CA52B75704E7}" => removed successfully
"HKLM\Software\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tasks\{D8D4AE93-6C2B-4AEC-8A70-CA52B75704E7}" => removed successfully
C:\Windows\System32\Tasks\GoogleUpdateTaskMachineCore{90BD869D-AEFD-4B37-97E2-E09EF29912CC} => moved successfully
"HKLM\Software\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tree\GoogleUpdateTaskMachineCore{90BD869D-AEFD-4B37-97E2-E09EF29912CC}" => removed successfully
"HKLM\Software\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Plain\{57D7A0C9-C9C3-415B-94BD-20C722858903}" => removed successfully
"HKLM\Software\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tasks\{57D7A0C9-C9C3-415B-94BD-20C722858903}" => removed successfully
C:\Windows\System32\Tasks\GoogleUpdateTaskMachineUA{C8824E64-E38E-482D-98E3-556E7BDC451D} => moved successfully
"HKLM\Software\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tree\GoogleUpdateTaskMachineUA{C8824E64-E38E-482D-98E3-556E7BDC451D}" => removed successfully
"HKLM\Software\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Logon\{58A22B38-D1DD-451C-932F-4539AF07AC81}" => removed successfully
"HKLM\Software\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tasks\{58A22B38-D1DD-451C-932F-4539AF07AC81}" => removed successfully
C:\Windows\System32\Tasks\Opera scheduled Autoupdate 1685954649 => moved successfully
"HKLM\Software\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tree\Opera scheduled Autoupdate 1685954649" => removed successfully
"HKLM\Software\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Logon\{217A2C3A-2339-4A5C-84E7-76358C50F2FE}" => removed successfully
"HKLM\Software\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tasks\{217A2C3A-2339-4A5C-84E7-76358C50F2FE}" => removed successfully
C:\Windows\System32\Tasks\Opera scheduled Autoupdate 1701959593 => moved successfully
"HKLM\Software\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tree\Opera scheduled Autoupdate 1701959593" => removed successfully
HKLM\System\CurrentControlSet\Services\Ds3Service => removed successfully
Ds3Service => service removed successfully

=========== EmptyTemp: ==========

FlushDNS => completed
BITS transfer queue => 1310720 B
DOMStore, IE Recovery, AppCache, Feeds Cache, Thumbcache, IconCache => 102566817 B
Java, Discord, Steam htmlcache, WinHttpAutoProxySvc/winhttp *.cache => 60339949 B
Windows/system/drivers => 10953406 B
Edge => 0 B
Chrome => 1132534025 B
Firefox => 491473291 B
Opera => 6740854 B

Temp, IE cache, history, cookies, recent:
Default => 0 B
ProgramData => 0 B
Public => 0 B
systemprofile => 229875 B
systemprofile32 => 230434 B
LocalService => 356164 B
NetworkService => 458028 B
Boss => 17850376 B

RecycleBin => 0 B
EmptyTemp: => 1.7 GB temporary data Removed.

================================


The system needed a reboot.

==== End of Fixlog 18:09:42 ====
Nahoru
Uživatelský avatar
Rudy
Site Admin
Site Admin
Příspěvky: 118275
Registrován: 30 říj 2003 13:42
Bydliště: Plzeň
Kontaktovat uživatele:
Kontaktovat uživatele Rudy

Re: Samovolný pohyb myši a samovolné otvírání prohlížeče

#8 Příspěvek od Rudy »

Smazáno. Nastala nějaká změna?
Dotazy a logy vkládejte pouze do vašich threadů. Soukromé zprávy, icq a e-maily neslouží k řešení vašich problémů.

Podpořte, prosím, naše fórum : https://platba.viry.cz/payment/.

Navštivte: Obrázek

e-mail: rudy(zavináč)forum.viry.cz

Varování: Před odvirováním PC si udělejte zálohy svých důležitých dat (pošta, kontakty, dokumenty, fotografie, videa, hudba apod.). Virus mimo svých "viditelných" aktivit může poškodit systém!


Po dořešení vašeho problému bude vlákno zamknuto. Stejně tak tehdy, pokud bude nečinné více než 14dnů. Pokud budete chtít vlákno aktivovat, napište mi na mail uvedený výše.
Nahoru
jasanek
Návštěvník
Návštěvník
Příspěvky: 144
Registrován: 04 zář 2006 14:43

Re: Samovolný pohyb myši a samovolné otvírání prohlížeče

#9 Příspěvek od jasanek »

Dobrý den, jednou se opakoval stejný problém, a to při psaní prezentace do školy se mi do ní samovolně smazal obrázek a místo něj se vložil internetový odkaz.
Nahoru
Uživatelský avatar
Rudy
Site Admin
Site Admin
Příspěvky: 118275
Registrován: 30 říj 2003 13:42
Bydliště: Plzeň
Kontaktovat uživatele:
Kontaktovat uživatele Rudy

Re: Samovolný pohyb myši a samovolné otvírání prohlížeče

#10 Příspěvek od Rudy »

Nevím, co tím chcete říci. Jednou? Kdy? Nyní? Jde mi o to, zda zmizel samovolný pohyb myši a to otevírání prohlížeče. To tu řešíme.
Dotazy a logy vkládejte pouze do vašich threadů. Soukromé zprávy, icq a e-maily neslouží k řešení vašich problémů.

Podpořte, prosím, naše fórum : https://platba.viry.cz/payment/.

Navštivte: Obrázek

e-mail: rudy(zavináč)forum.viry.cz

Varování: Před odvirováním PC si udělejte zálohy svých důležitých dat (pošta, kontakty, dokumenty, fotografie, videa, hudba apod.). Virus mimo svých "viditelných" aktivit může poškodit systém!


Po dořešení vašeho problému bude vlákno zamknuto. Stejně tak tehdy, pokud bude nečinné více než 14dnů. Pokud budete chtít vlákno aktivovat, napište mi na mail uvedený výše.
Nahoru
jasanek
Návštěvník
Návštěvník
Příspěvky: 144
Registrován: 04 zář 2006 14:43

Re: Samovolný pohyb myši a samovolné otvírání prohlížeče

#11 Příspěvek od jasanek »

Ano samovolný pohyb myši, otevření prohlížeče a vyhledávání na googlu se objevilo poprvé po aplikování fixu a před chvílí znovu.
Nahoru
Uživatelský avatar
Rudy
Site Admin
Site Admin
Příspěvky: 118275
Registrován: 30 říj 2003 13:42
Bydliště: Plzeň
Kontaktovat uživatele:
Kontaktovat uživatele Rudy

Re: Samovolný pohyb myši a samovolné otvírání prohlížeče

#12 Příspěvek od Rudy »

OK. Dejte nové logy FRST+Addition.
Dotazy a logy vkládejte pouze do vašich threadů. Soukromé zprávy, icq a e-maily neslouží k řešení vašich problémů.

Podpořte, prosím, naše fórum : https://platba.viry.cz/payment/.

Navštivte: Obrázek

e-mail: rudy(zavináč)forum.viry.cz

Varování: Před odvirováním PC si udělejte zálohy svých důležitých dat (pošta, kontakty, dokumenty, fotografie, videa, hudba apod.). Virus mimo svých "viditelných" aktivit může poškodit systém!


Po dořešení vašeho problému bude vlákno zamknuto. Stejně tak tehdy, pokud bude nečinné více než 14dnů. Pokud budete chtít vlákno aktivovat, napište mi na mail uvedený výše.
Nahoru
jasanek
Návštěvník
Návštěvník
Příspěvky: 144
Registrován: 04 zář 2006 14:43

Re: Samovolný pohyb myši a samovolné otvírání prohlížeče

#13 Příspěvek od jasanek »

Additional scan result of Farbar Recovery Scan Tool (x64) Version: 12.03.2024
Ran by Boss (13-03-2024 17:36:43)
Running from C:\Users\Boss\Desktop
Microsoft Windows 10 Pro Version 22H2 19045.4046 (X64) (2021-05-22 22:11:45)
Boot Mode: Normal
==========================================================


==================== Accounts: =============================


(If an entry is included in the fixlist, it will be removed.)

Administrator (S-1-5-21-4194677476-3627657768-3988829947-500 - Administrator - Disabled)
Boss (S-1-5-21-4194677476-3627657768-3988829947-1001 - Administrator - Enabled) => C:\Users\Boss
DefaultAccount (S-1-5-21-4194677476-3627657768-3988829947-503 - Limited - Disabled)
Guest (S-1-5-21-4194677476-3627657768-3988829947-501 - Limited - Enabled)
WDAGUtilityAccount (S-1-5-21-4194677476-3627657768-3988829947-504 - Limited - Disabled)

==================== Security Center ========================

(If an entry is included in the fixlist, it will be removed.)

AV: Windows Defender (Enabled - Up to date) {D68DDC3A-831F-4fae-9E44-DA132C1ACF46}

==================== Installed Programs ======================

(Only the adware programs with "Hidden" flag could be added to the fixlist to unhide them. The adware programs should be uninstalled manually.)

AMD Chipset Software (HKLM-x32\...\AMD_Chipset_IODrivers) (Version: 5.05.16.529 - Advanced Micro Devices, Inc.)
AMD SBxxx SMBus Driver (HKLM-x32\...\{AAE0E27D-C88A-49BA-8715-77ADCD4286A3}) (Version: 5.12.0.38 - Advanced Micro Devices, Inc.) Hidden
AMD Software (HKLM\...\AMD Catalyst Install Manager) (Version: 23.5.1 - Advanced Micro Devices, Inc.)
AMD_Chipset_Drivers (HKLM-x32\...\{fa489a41-09bb-480e-95ff-0856f05112eb}) (Version: 5.05.16.529 - Advanced Micro Devices, Inc.) Hidden
Bandizip (HKLM\...\Bandizip) (Version: 7.30 - Bandisoft.com)
Branding64 (HKLM\...\{2A677A6A-43E8-4FE3-A273-07B0E27DADAE}) (Version: 1.00.0008 - Advanced Micro Devices, Inc.) Hidden
Classic Shell (HKLM\...\{CABCE573-0A86-42FA-A52A-C7EA61D5BE08}) (Version: 4.3.1 - IvoSoft)
CPUID CPU-Z 2.05 (HKLM\...\CPUID CPU-Z_is1) (Version: 2.05 - CPUID, Inc.)
Crash Bandicoot N Sane Trilogy (HKLM-x32\...\Crash Bandicoot N Sane Trilogy_is1) (Version: - )
Geeks3D FurMark 1.34.0.0 (HKLM-x32\...\{2397CAD4-2263-4CD0-96BE-E43A980B9C9A}_is1) (Version: 1.34.0.0 - Geeks3D)
Google Chrome (HKLM-x32\...\Google Chrome) (Version: 122.0.6261.128 - Google LLC)
Hard Disk Low Level Format Tool 4.40 (HKLM-x32\...\Hard Disk Low Level Format Tool_is1) (Version: - HDDGURU)
Java 8 Update 371 (HKLM-x32\...\{71124AE4-039E-4CA4-87B4-2F32180371F0}) (Version: 8.0.3710.11 - Oracle Corporation)
Microsoft Edge (HKLM-x32\...\Microsoft Edge) (Version: 122.0.2365.80 - Microsoft Corporation)
Microsoft Edge WebView2 Runtime (HKLM-x32\...\Microsoft EdgeWebView) (Version: 122.0.2365.80 - Microsoft Corporation)
Microsoft Office Professional Plus 2021 - cs-cz (HKLM\...\ProPlus2021Retail - cs-cz) (Version: 16.0.17328.20162 - Microsoft Corporation)
Microsoft OneDrive (HKLM\...\OneDriveSetup.exe) (Version: 24.025.0204.0003 - Microsoft Corporation)
Microsoft OneDrive (HKU\.DEFAULT\...\OneDriveSetup.exe) (Version: 18.151.0729.0013 - Microsoft Corporation)
Microsoft Teams classic (HKU\S-1-5-21-4194677476-3627657768-3988829947-1001\...\Teams) (Version: 1.7.00.6058 - Microsoft Corporation)
Microsoft Teams Meeting Add-in for Microsoft Office (HKLM\...\{A7AB73A3-CB10-4AA5-9D38-6AEFFBDE4C91}) (Version: 1.23.35502 - Microsoft)
Microsoft Update Health Tools (HKLM\...\{1FC1A6C2-576E-489A-9B4A-92D21F542136}) (Version: 3.74.0.0 - Microsoft Corporation)
Microsoft Visual C++ 2005 Redistributable (HKLM-x32\...\{710f4c1c-cc18-4c49-8cbf-51240c89a1a2}) (Version: 8.0.61001 - Microsoft Corporation)
Microsoft Visual C++ 2005 Redistributable (x64) (HKLM\...\{ad8a2fa1-06e7-4b0d-927d-6e54b3d31028}) (Version: 8.0.61000 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x64 9.0.30729.6161 (HKLM\...\{5FCE6D76-F5DC-37AB-B2B8-22AB8CEDB1D4}) (Version: 9.0.30729.6161 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.6161 (HKLM-x32\...\{9BE518E6-ECC6-35A9-88E4-87755C07200F}) (Version: 9.0.30729.6161 - Microsoft Corporation)
Microsoft Visual C++ 2010 x64 Redistributable - 10.0.40219 (HKLM\...\{1D8E6291-B0D5-35EC-8441-6616F567A0F7}) (Version: 10.0.40219 - Microsoft Corporation)
Microsoft Visual C++ 2010 x86 Redistributable - 10.0.40219 (HKLM-x32\...\{F0C3E5D1-1ADE-321E-8167-68EF0DE699A5}) (Version: 10.0.40219 - Microsoft Corporation)
Microsoft Visual C++ 2012 Redistributable (x64) - 11.0.61030 (HKLM-x32\...\{ca67548a-5ebe-413a-b50c-4b9ceb6d66c6}) (Version: 11.0.61030.0 - Microsoft Corporation)
Microsoft Visual C++ 2012 Redistributable (x86) - 11.0.61030 (HKLM-x32\...\{33d1fd90-4274-48a1-9bc1-97e33d9c2d6f}) (Version: 11.0.61030.0 - Microsoft Corporation)
Microsoft Visual C++ 2012 x64 Additional Runtime - 11.0.61030 (HKLM\...\{37B8F9C7-03FB-3253-8781-2517C99D7C00}) (Version: 11.0.61030 - Microsoft Corporation) Hidden
Microsoft Visual C++ 2012 x64 Minimum Runtime - 11.0.61030 (HKLM\...\{CF2BEA3C-26EA-32F8-AA9B-331F7E34BA97}) (Version: 11.0.61030 - Microsoft Corporation) Hidden
Microsoft Visual C++ 2012 x86 Additional Runtime - 11.0.61030 (HKLM-x32\...\{B175520C-86A2-35A7-8619-86DC379688B9}) (Version: 11.0.61030 - Microsoft Corporation) Hidden
Microsoft Visual C++ 2012 x86 Minimum Runtime - 11.0.61030 (HKLM-x32\...\{BD95A8CD-1D9F-35AD-981A-3E7925026EBB}) (Version: 11.0.61030 - Microsoft Corporation) Hidden
Microsoft Visual C++ 2013 Redistributable (x64) - 12.0.40664 (HKLM-x32\...\{042d26ef-3dbe-4c25-95d3-4c1b11b235a7}) (Version: 12.0.40664.0 - Microsoft Corporation)
Microsoft Visual C++ 2013 Redistributable (x86) - 12.0.40664 (HKLM-x32\...\{9dff3540-fc85-4ed5-ac84-9e3c7fd8bece}) (Version: 12.0.40664.0 - Microsoft Corporation)
Microsoft Visual C++ 2013 x64 Additional Runtime - 12.0.40664 (HKLM\...\{010792BA-551A-3AC0-A7EF-0FAB4156C382}) (Version: 12.0.40664 - Microsoft Corporation) Hidden
Microsoft Visual C++ 2013 x64 Minimum Runtime - 12.0.40664 (HKLM\...\{53CF6934-A98D-3D84-9146-FC4EDF3D5641}) (Version: 12.0.40664 - Microsoft Corporation) Hidden
Microsoft Visual C++ 2013 x86 Additional Runtime - 12.0.40664 (HKLM-x32\...\{D401961D-3A20-3AC7-943B-6139D5BD490A}) (Version: 12.0.40664 - Microsoft Corporation) Hidden
Microsoft Visual C++ 2013 x86 Minimum Runtime - 12.0.40664 (HKLM-x32\...\{8122DAB1-ED4D-3676-BB0A-CA368196543E}) (Version: 12.0.40664 - Microsoft Corporation) Hidden
Microsoft Visual C++ 2015-2022 Redistributable (x64) - 14.34.31931 (HKLM-x32\...\{d4cecf3b-b68f-4995-8840-52ea0fab646e}) (Version: 14.34.31931.0 - Microsoft Corporation)
Microsoft Visual C++ 2015-2022 Redistributable (x86) - 14.34.31931 (HKLM-x32\...\{6ba9fb5e-8366-4cc4-bf65-25fe9819b2fc}) (Version: 14.34.31931.0 - Microsoft Corporation)
Microsoft Visual C++ 2022 X64 Additional Runtime - 14.34.31931 (HKLM\...\{EAE242B1-0A26-485A-BFEB-0292EE9F03CB}) (Version: 14.34.31931 - Microsoft Corporation) Hidden
Microsoft Visual C++ 2022 X64 Minimum Runtime - 14.34.31931 (HKLM\...\{CF4C347D-954E-4543-88D2-EC17F07F466F}) (Version: 14.34.31931 - Microsoft Corporation) Hidden
Microsoft Visual C++ 2022 X86 Additional Runtime - 14.34.31931 (HKLM-x32\...\{C2662EFF-06E6-4FD1-9D6D-FDCA91025757}) (Version: 14.34.31931 - Microsoft Corporation) Hidden
Microsoft Visual C++ 2022 X86 Minimum Runtime - 14.34.31931 (HKLM-x32\...\{AB1BDF73-7393-42CE-812D-9A90918814D5}) (Version: 14.34.31931 - Microsoft Corporation) Hidden
Minecraft - ElAmigos verze 1.17.1 (HKLM-x32\...\{64E20254-DB52-4EC0-97E4-93B7C7B2DEDA}_is1) (Version: 1.17.1 - Mojang)
Mozilla Firefox (x64 cs) (HKLM\...\Mozilla Firefox 122.0.1 (x64 cs)) (Version: 122.0.1 - Mozilla)
Mozilla Maintenance Service (HKLM\...\MozillaMaintenanceService) (Version: 117.0 - Mozilla)
Mozilla Thunderbird (x64 cs) (HKLM\...\Mozilla Thunderbird 115.6.1 (x64 cs)) (Version: 115.6.1 - Mozilla)
NVIDIA PhysX (HKLM-x32\...\{3F5C371F-8EA2-4F25-9D3D-D0B4526E3AEA}) (Version: 9.10.0513 - NVIDIA Corporation)
Office 16 Click-to-Run Extensibility Component (HKLM\...\{90160000-008C-0000-1000-0000000FF1CE}) (Version: 16.0.17328.20142 - Microsoft Corporation) Hidden
Office 16 Click-to-Run Licensing Component (HKLM\...\{90160000-007E-0000-1000-0000000FF1CE}) (Version: 16.0.17328.20108 - Microsoft Corporation) Hidden
Restaurace Medvěda Míši (HKLM-x32\...\Restaurace Medvěda Míši) (Version: - )
Roblox Player for Boss (HKU\S-1-5-21-4194677476-3627657768-3988829947-1001\...\roblox-player) (Version: - Roblox Corporation)
ScpToolkit (HKLM\...\{AC052048-9828-45E3-872B-04CE30A3B58B}) (Version: 1.6.238.16010 - Nefarius Software Solutions)
Steam (HKLM-x32\...\Steam) (Version: 2.10.91.91 - Valve Corporation)
Teams Machine-Wide Installer (HKLM-x32\...\{731F6BAA-A986-45A4-8936-7C3AAAAA760B}) (Version: 1.5.0.30767 - Microsoft Corporation)
TechPowerUp GPU-Z (HKLM-x32\...\{8B0F211E-5846-4FB2-B0B9-4EB31546FDF9}}_is1) (Version: 2.53.0 - TechPowerUp)
The Sims 4 Dream Home Decorator (HKLM-x32\...\The Sims 4 Dream Home Decorator_is1) (Version: - )
Total Commander 64-bit (Remove or Repair) (HKLM\...\Totalcmd64) (Version: 10.52 - Ghisler Software GmbH)
Update for Windows 10 for x64-based Systems (KB5001716) (HKLM\...\{B9A7A138-BFD5-4C73-A269-F78CCA28150E}) (Version: 8.94.0.0 - Microsoft Corporation)
VLC media player (HKLM\...\VLC media player) (Version: 3.0.20 - VideoLAN)

Chrome apps:
============
Disk Google (HKU\S-1-5-21-4194677476-3627657768-3988829947-1001\...\14040518e68da604e0144e2394ec3629) (Version: 1.0 - Google\Chrome)
Dokumenty (HKU\S-1-5-21-4194677476-3627657768-3988829947-1001\...\5604d365b698317cfe78bd7252ba23a9) (Version: 1.0 - Google\Chrome)
Gmail (HKU\S-1-5-21-4194677476-3627657768-3988829947-1001\...\0f4b2c1235e193c7b4070d2c1e994383) (Version: 1.0 - Google\Chrome)
Prezentace (HKU\S-1-5-21-4194677476-3627657768-3988829947-1001\...\734fd7ca719aac2d9dc9726cb395a5f1) (Version: 1.0 - Google\Chrome)
Tabulky (HKU\S-1-5-21-4194677476-3627657768-3988829947-1001\...\4d170e5c6f7baaf9d052d1ec2a07f6ab) (Version: 1.0 - Google\Chrome)
YouTube (HKU\S-1-5-21-4194677476-3627657768-3988829947-1001\...\a6cf77c1e8f5d0232d8f60134c0adbdb) (Version: 1.0 - Google\Chrome)

Packages:
=========

Doplněk multimediálního modulu pro aplikaci Fotografie -> C:\Program Files\WindowsApps\Microsoft.Photos.MediaEngineDLC_1.0.0.0_x64__8wekyb3d8bbwe [2023-07-17] (Microsoft Corporation)
Microsoft Teams (work or school) -> C:\Program Files\WindowsApps\MSTeams_24033.811.2738.2546_x64__8wekyb3d8bbwe [2024-03-12] (Microsoft) [Startup Task]
NVIDIA Control Panel -> C:\Program Files\WindowsApps\NVIDIACorp.NVIDIAControlPanel_8.1.964.0_x64__56jybvy8sckqj [2023-06-01] (NVIDIA Corp.)
Solitaire & Casual Games -> C:\Program Files\WindowsApps\Microsoft.MicrosoftSolitaireCollection_4.19.1262.0_x64__8wekyb3d8bbwe [2024-02-06] (Microsoft Studios) [MS Ad]
TenBrowser -> C:\Program Files\WindowsApps\63685TenBrowser.TenBrowser_1.7.78.0_neutral__q4wt7ke8hpbsc [2023-11-09] (TenBrowser) [Startup Task]
Windows Package Manager Source (platform) -> C:\Program Files\WindowsApps\Microsoft.Winget.Platform.Source_2023.516.1956.874_neutral__8wekyb3d8bbwe [2023-10-30] (Microsoft Corporation)

==================== Custom CLSID (Whitelisted): ==============

(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)

CustomCLSID: HKU\S-1-5-21-4194677476-3627657768-3988829947-1001_Classes\CLSID\{19A6E644-14E6-4A60-B8D7-DD20610A871D}\InprocServer32 -> C:\Users\Boss\AppData\Local\Microsoft\TeamsMeetingAddin\1.0.24022.3\x64\Microsoft.Teams.AddinLoader.dll (Microsoft Corporation -> Microsoft Corporation)
CustomCLSID: HKU\S-1-5-21-4194677476-3627657768-3988829947-1001_Classes\CLSID\{5B69A6B4-393B-459C-8EBB-214237A9E7AC}\InprocServer32 -> C:\Program Files\Bandizip\bdzshl.x64.dll (Bandisoft -> Bandisoft International Inc.)
CustomCLSID: HKU\S-1-5-21-4194677476-3627657768-3988829947-1001_Classes\CLSID\{d1b22d3d-8585-53a6-acb3-0e803c7e8d2a}\localserver32 -> C:\Users\Boss\AppData\Local\Microsoft\Teams\current\Teams.exe (Microsoft Corporation -> Microsoft Corporation)
ShellIconOverlayIdentifiers: [ OneDrive1] -> {BBACC218-34EA-4666-9D7A-C78F2274A524} => C:\Program Files\Microsoft OneDrive\24.025.0204.0003\FileSyncShell64.dll [2024-03-10] (Microsoft Corporation -> Microsoft Corporation)
ShellIconOverlayIdentifiers: [ OneDrive2] -> {5AB7172C-9C11-405C-8DD5-AF20F3606282} => C:\Program Files\Microsoft OneDrive\24.025.0204.0003\FileSyncShell64.dll [2024-03-10] (Microsoft Corporation -> Microsoft Corporation)
ShellIconOverlayIdentifiers: [ OneDrive3] -> {A78ED123-AB77-406B-9962-2A5D9D2F7F30} => C:\Program Files\Microsoft OneDrive\24.025.0204.0003\FileSyncShell64.dll [2024-03-10] (Microsoft Corporation -> Microsoft Corporation)
ShellIconOverlayIdentifiers: [ OneDrive4] -> {F241C880-6982-4CE5-8CF7-7085BA96DA5A} => C:\Program Files\Microsoft OneDrive\24.025.0204.0003\FileSyncShell64.dll [2024-03-10] (Microsoft Corporation -> Microsoft Corporation)
ShellIconOverlayIdentifiers: [ OneDrive5] -> {A0396A93-DC06-4AEF-BEE9-95FFCCAEF20E} => C:\Program Files\Microsoft OneDrive\24.025.0204.0003\FileSyncShell64.dll [2024-03-10] (Microsoft Corporation -> Microsoft Corporation)
ShellIconOverlayIdentifiers: [ OneDrive6] -> {9AA2F32D-362A-42D9-9328-24A483E2CCC3} => C:\Program Files\Microsoft OneDrive\24.025.0204.0003\FileSyncShell64.dll [2024-03-10] (Microsoft Corporation -> Microsoft Corporation)
ShellIconOverlayIdentifiers: [ OneDrive7] -> {C5FF006E-2AE9-408C-B85B-2DFDD5449D9C} => C:\Program Files\Microsoft OneDrive\24.025.0204.0003\FileSyncShell64.dll [2024-03-10] (Microsoft Corporation -> Microsoft Corporation)
ShellIconOverlayIdentifiers: [ShareOverlay] -> {594D4122-1F87-41E2-96C7-825FB4796516} => C:\Program Files\Classic Shell\ClassicExplorer64.dll [2018-07-15] (Ivaylo Beltchev -> IvoSoft) [File not signed]
ShellIconOverlayIdentifiers-x32: [ OneDrive1] -> {BBACC218-34EA-4666-9D7A-C78F2274A524} => C:\Program Files\Microsoft OneDrive\24.025.0204.0003\FileSyncShell64.dll [2024-03-10] (Microsoft Corporation -> Microsoft Corporation)
ShellIconOverlayIdentifiers-x32: [ OneDrive2] -> {5AB7172C-9C11-405C-8DD5-AF20F3606282} => C:\Program Files\Microsoft OneDrive\24.025.0204.0003\FileSyncShell64.dll [2024-03-10] (Microsoft Corporation -> Microsoft Corporation)
ShellIconOverlayIdentifiers-x32: [ OneDrive3] -> {A78ED123-AB77-406B-9962-2A5D9D2F7F30} => C:\Program Files\Microsoft OneDrive\24.025.0204.0003\FileSyncShell64.dll [2024-03-10] (Microsoft Corporation -> Microsoft Corporation)
ShellIconOverlayIdentifiers-x32: [ OneDrive4] -> {F241C880-6982-4CE5-8CF7-7085BA96DA5A} => C:\Program Files\Microsoft OneDrive\24.025.0204.0003\FileSyncShell64.dll [2024-03-10] (Microsoft Corporation -> Microsoft Corporation)
ShellIconOverlayIdentifiers-x32: [ OneDrive5] -> {A0396A93-DC06-4AEF-BEE9-95FFCCAEF20E} => C:\Program Files\Microsoft OneDrive\24.025.0204.0003\FileSyncShell64.dll [2024-03-10] (Microsoft Corporation -> Microsoft Corporation)
ShellIconOverlayIdentifiers-x32: [ OneDrive6] -> {9AA2F32D-362A-42D9-9328-24A483E2CCC3} => C:\Program Files\Microsoft OneDrive\24.025.0204.0003\FileSyncShell64.dll [2024-03-10] (Microsoft Corporation -> Microsoft Corporation)
ShellIconOverlayIdentifiers-x32: [ OneDrive7] -> {C5FF006E-2AE9-408C-B85B-2DFDD5449D9C} => C:\Program Files\Microsoft OneDrive\24.025.0204.0003\FileSyncShell64.dll [2024-03-10] (Microsoft Corporation -> Microsoft Corporation)
ShellIconOverlayIdentifiers-x32: [ShareOverlay] -> {594D4122-1F87-41E2-96C7-825FB4796516} => C:\Program Files\Classic Shell\ClassicExplorer64.dll [2018-07-15] (Ivaylo Beltchev -> IvoSoft) [File not signed]
ContextMenuHandlers1: [ FileSyncEx] -> {CB3D0F55-BC2C-4C1A-85ED-23ED75B5106B} => C:\Program Files\Microsoft OneDrive\24.025.0204.0003\FileSyncShell64.dll [2024-03-10] (Microsoft Corporation -> Microsoft Corporation)
ContextMenuHandlers1: [AABdzCtx] -> {5B69A6B4-393B-459C-8EBB-214237A9E7AC} => C:\Program Files\Bandizip\bdzshl.x64.dll [2023-01-19] (Bandisoft -> Bandisoft International Inc.)
ContextMenuHandlers2: [AABdzCtx] -> {5B69A6B4-393B-459C-8EBB-214237A9E7AC} => C:\Program Files\Bandizip\bdzshl.x64.dll [2023-01-19] (Bandisoft -> Bandisoft International Inc.)
ContextMenuHandlers4: [ FileSyncEx] -> {CB3D0F55-BC2C-4C1A-85ED-23ED75B5106B} => C:\Program Files\Microsoft OneDrive\24.025.0204.0003\FileSyncShell64.dll [2024-03-10] (Microsoft Corporation -> Microsoft Corporation)
ContextMenuHandlers4: [AABdzCtx] -> {5B69A6B4-393B-459C-8EBB-214237A9E7AC} => C:\Program Files\Bandizip\bdzshl.x64.dll [2023-01-19] (Bandisoft -> Bandisoft International Inc.)
ContextMenuHandlers5: [ FileSyncEx] -> {CB3D0F55-BC2C-4C1A-85ED-23ED75B5106B} => C:\Program Files\Microsoft OneDrive\24.025.0204.0003\FileSyncShell64.dll [2024-03-10] (Microsoft Corporation -> Microsoft Corporation)
ContextMenuHandlers5: [AABdzCtx] -> {5B69A6B4-393B-459C-8EBB-214237A9E7AC} => C:\Program Files\Bandizip\bdzshl.x64.dll [2023-01-19] (Bandisoft -> Bandisoft International Inc.)
ContextMenuHandlers5: [NvCplDesktopContext] -> {3D1975AF-48C6-4f8e-A182-BE0E08FA86A9} => C:\Windows\System32\DriverStore\FileRepository\nvgbdig.inf_amd64_82eb686a406694a3\nvshext.dll [2023-05-25] (NVIDIA Corporation -> NVIDIA Corporation)
ContextMenuHandlers6: [StartMenuExt] -> {E595F05F-903F-4318-8B0A-7F633B520D2B} => C:\Windows\system32\StartMenuHelper64.dll [2018-07-15] (Ivaylo Beltchev -> IvoSoft) [File not signed]
ContextMenuHandlers1_.DEFAULT: [ FileSyncEx] -> {CB3D0F55-BC2C-4C1A-85ED-23ED75B5106B} => C:\Program Files\Microsoft OneDrive\24.025.0204.0003\FileSyncShell64.dll [2024-03-10] (Microsoft Corporation -> Microsoft Corporation)
ContextMenuHandlers4_.DEFAULT: [ FileSyncEx] -> {CB3D0F55-BC2C-4C1A-85ED-23ED75B5106B} => C:\Program Files\Microsoft OneDrive\24.025.0204.0003\FileSyncShell64.dll [2024-03-10] (Microsoft Corporation -> Microsoft Corporation)
ContextMenuHandlers5_.DEFAULT: [ FileSyncEx] -> {CB3D0F55-BC2C-4C1A-85ED-23ED75B5106B} => C:\Program Files\Microsoft OneDrive\24.025.0204.0003\FileSyncShell64.dll [2024-03-10] (Microsoft Corporation -> Microsoft Corporation)
ContextMenuHandlers1_S-1-5-21-4194677476-3627657768-3988829947-1001: [AABdzCtx] -> {5B69A6B4-393B-459C-8EBB-214237A9E7AC} => C:\Program Files\Bandizip\bdzshl.x64.dll [2023-01-19] (Bandisoft -> Bandisoft International Inc.)
ContextMenuHandlers2_S-1-5-21-4194677476-3627657768-3988829947-1001: [AABdzCtx] -> {5B69A6B4-393B-459C-8EBB-214237A9E7AC} => C:\Program Files\Bandizip\bdzshl.x64.dll [2023-01-19] (Bandisoft -> Bandisoft International Inc.)
ContextMenuHandlers4_S-1-5-21-4194677476-3627657768-3988829947-1001: [AABdzCtx] -> {5B69A6B4-393B-459C-8EBB-214237A9E7AC} => C:\Program Files\Bandizip\bdzshl.x64.dll [2023-01-19] (Bandisoft -> Bandisoft International Inc.)
ContextMenuHandlers5_S-1-5-21-4194677476-3627657768-3988829947-1001: [AABdzCtx] -> {5B69A6B4-393B-459C-8EBB-214237A9E7AC} => C:\Program Files\Bandizip\bdzshl.x64.dll [2023-01-19] (Bandisoft -> Bandisoft International Inc.)

==================== Codecs (Whitelisted) ====================

==================== Shortcuts & WMI ========================

(The entries could be listed to be restored or removed.)

Shortcut: C:\Users\Boss\Desktop\Minecraft.lnk -> C:\Users\Boss\AppData\Roaming\.minecraft\start.bat ()
Shortcut: C:\Users\Boss\Desktop\Hry\Minecraft.lnk -> C:\Users\Boss\AppData\Roaming\.minecraft\start.bat ()
ShortcutWithArgument: C:\Users\Boss\Desktop\Microsoft Edge.lnk -> C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe (Microsoft Corporation) -> --profile-directory="Default"
ShortcutWithArgument: C:\Users\Boss\Desktop\Satoru (Satoru Gojo) - Chrome.lnk -> C:\Program Files\Google\Chrome\Application\chrome.exe (Google LLC) -> --profile-directory="Default"
ShortcutWithArgument: C:\Users\Boss\Desktop\YouTube.lnk -> C:\Program Files\Google\Chrome\Application\chrome_proxy.exe (Google LLC) -> --profile-directory=Default --app-id=agimnkijcaahngcdmfeangaknmldooml
ShortcutWithArgument: C:\Users\Boss\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Aplikace Chrome\Disk Google.lnk -> C:\Program Files\Google\Chrome\Application\chrome_proxy.exe (Google LLC) -> --profile-directory="Profile 1" --app-id=aghbiahbpaijignceidepookljebhfak
ShortcutWithArgument: C:\Users\Boss\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Aplikace Chrome\Dokumenty.lnk -> C:\Program Files\Google\Chrome\Application\chrome_proxy.exe (Google LLC) -> --profile-directory="Profile 1" --app-id=mpnpojknpmmopombnjdcgaaiekajbnjb
ShortcutWithArgument: C:\Users\Boss\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Aplikace Chrome\Gmail.lnk -> C:\Program Files\Google\Chrome\Application\chrome_proxy.exe (Google LLC) -> --profile-directory="Profile 1" --app-id=fmgjjmmmlfnkbppncabfkddbjimcfncm
ShortcutWithArgument: C:\Users\Boss\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Aplikace Chrome\Prezentace.lnk -> C:\Program Files\Google\Chrome\Application\chrome_proxy.exe (Google LLC) -> --profile-directory="Profile 1" --app-id=kefjledonklijopmnomlcbpllchaibag
ShortcutWithArgument: C:\Users\Boss\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Aplikace Chrome\Tabulky.lnk -> C:\Program Files\Google\Chrome\Application\chrome_proxy.exe (Google LLC) -> --profile-directory="Profile 1" --app-id=fhihpiojkbmbpdjeoajapmgkhlnakfjf
ShortcutWithArgument: C:\Users\Boss\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Aplikace Chrome\YouTube.lnk -> C:\Program Files\Google\Chrome\Application\chrome_proxy.exe (Google LLC) -> --profile-directory=Default --app-id=agimnkijcaahngcdmfeangaknmldooml
ShortcutWithArgument: C:\Users\Boss\AppData\Roaming\Microsoft\Internet Explorer\Quick Launch\User Pinned\TaskBar\YouTube.lnk -> C:\Program Files\Google\Chrome\Application\chrome_proxy.exe (Google LLC) -> --profile-directory=Default --app-id=agimnkijcaahngcdmfeangaknmldooml
ShortcutWithArgument: C:\Users\Boss\AppData\Roaming\Microsoft\Internet Explorer\Quick Launch\User Pinned\ImplicitAppShortcuts\9501e18d7c2ab92e\Max (Maxim) - Chrome.lnk -> C:\Program Files\Google\Chrome\Application\chrome.exe (Google LLC) -> --profile-directory="Profile 2"

==================== Loaded Modules (Whitelisted) =============

2024-02-27 16:10 - 2024-02-27 16:10 - 000356864 _____ (Benjamin Höglinger) [File not signed] C:\Windows\assembly\NativeImages_v4.0.30319_64\Libarius\d1f80afa7d5d94c93b9d7116f180ed4b\Libarius.ni.dll
2018-07-15 12:15 - 2018-07-15 12:15 - 003664696 _____ (Ivaylo Beltchev -> IvoSoft) [File not signed] C:\Program Files\Classic Shell\ClassicStartMenuDLL.dll
2018-07-15 12:15 - 2018-07-15 12:15 - 000291128 _____ (Ivaylo Beltchev -> IvoSoft) [File not signed] C:\Windows\system32\StartMenuHelper64.dll
2003-03-18 21:23 - 2003-03-18 21:23 - 000024576 _____ (Microsoft Corporation) [File not signed] C:\Program Files (x86)\Common Files\Microsoft Shared\VS7DEBUG\1029\mdmui.dll
2006-10-26 12:40 - 2006-10-26 12:40 - 000192512 _____ (Microsoft Corporation) [File not signed] C:\Program Files (x86)\Common Files\Microsoft Shared\VS7DEBUG\msdbg2.dll
2023-12-17 18:08 - 2023-12-17 18:08 - 000000000 ____L (Microsoft Corporation) [symlink -> C:\Program Files\Common Files\Microsoft Shared\ClickToRun\AppvIsvSubsystems64.dll] C:\Program Files\Microsoft Office\Root\Office16\AppVIsvSubsystems64.dll
2023-12-17 18:08 - 2023-12-17 18:08 - 000000000 ____L (Microsoft Corporation) [symlink -> C:\Program Files\Common Files\Microsoft Shared\ClickToRun\C2R64.dll] C:\Program Files\Microsoft Office\Root\Office16\c2r64.dll
2024-02-27 16:09 - 2024-02-27 16:09 - 000978432 _____ (The Apache Software Foundation) [File not signed] C:\Windows\assembly\NativeImages_v4.0.30319_64\log4net\38f78ad8f1b3ce12b81fe03103ae7d69\log4net.ni.dll

==================== Alternate Data Streams (Whitelisted) ========

==================== Safe Mode (Whitelisted) ==================

(If an entry is included in the fixlist, it will be removed from the registry. The "AlternateShell" will be restored.)

HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Network\AppXSVC => ""="Service"
HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Network\camsvc => ""="Service"
HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Network\MSIServer => ""="Service"

==================== Association (Whitelisted) =================

==================== Internet Explorer (Whitelisted) ==========

SearchScopes: HKU\S-1-5-21-4194677476-3627657768-3988829947-1001 -> DefaultScope {0633EE93-D776-472f-A0FF-E1416B8B2E3A} URL =
BHO: ExplorerBHO Class -> {449D0D6E-2412-4E61-B68F-1CB625CD9E52} -> C:\Program Files\Classic Shell\ClassicExplorer64.dll [2018-07-15] (Ivaylo Beltchev -> IvoSoft) [File not signed]
BHO: ClassicIEBHO Class -> {EA801577-E6AD-4BD5-8F71-4BE0154331A4} -> C:\Program Files\Classic Shell\ClassicIEDLL_64.dll [2018-07-15] (Ivaylo Beltchev -> IvoSoft) [File not signed]
BHO-x32: Skype for Business Browser Helper -> {31D09BA0-12F5-4CCE-BE8A-2923E76605DA} -> C:\Program Files\Microsoft Office\root\VFS\ProgramFilesX86\Microsoft Office\Office16\OCHelper.dll [2024-02-05] (Microsoft Corporation -> Microsoft Corporation)
BHO-x32: ExplorerBHO Class -> {449D0D6E-2412-4E61-B68F-1CB625CD9E52} -> C:\Program Files\Classic Shell\ClassicExplorer32.dll [2018-07-15] (Ivaylo Beltchev -> IvoSoft) [File not signed]
BHO-x32: Java(tm) Plug-In SSV Helper -> {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} -> C:\Program Files (x86)\Java\jre-1.8\bin\ssv.dll [2023-03-17] (Oracle America, Inc. -> Oracle Corporation)
BHO-x32: Java(tm) Plug-In 2 SSV Helper -> {DBC80044-A445-435b-BC74-9C25C1C588A9} -> C:\Program Files (x86)\Java\jre-1.8\bin\jp2ssv.dll [2023-03-17] (Oracle America, Inc. -> Oracle Corporation)
BHO-x32: ClassicIEBHO Class -> {EA801577-E6AD-4BD5-8F71-4BE0154331A4} -> C:\Program Files\Classic Shell\ClassicIEDLL_32.dll [2018-07-15] (Ivaylo Beltchev -> IvoSoft) [File not signed]
Toolbar: HKLM - Classic Explorer Bar - {553891B7-A0D5-4526-BE18-D3CE461D6310} - C:\Program Files\Classic Shell\ClassicExplorer64.dll [2018-07-15] (Ivaylo Beltchev -> IvoSoft) [File not signed]
Toolbar: HKLM-x32 - Classic Explorer Bar - {553891B7-A0D5-4526-BE18-D3CE461D6310} - C:\Program Files\Classic Shell\ClassicExplorer32.dll [2018-07-15] (Ivaylo Beltchev -> IvoSoft) [File not signed]
Handler: mso-minsb-roaming.16 - {83C25742-A9F7-49FB-9138-434302C88D07} - C:\Program Files\Microsoft Office\root\Office16\MSOSB.DLL [2024-03-10] (Microsoft Corporation -> Microsoft Corporation)
Handler-x32: mso-minsb-roaming.16 - {83C25742-A9F7-49FB-9138-434302C88D07} - C:\Program Files\Microsoft Office\root\VFS\ProgramFilesX86\Microsoft Office\Office16\MSOSB.DLL [2024-03-10] (Microsoft Corporation -> Microsoft Corporation)
Handler: mso-minsb.16 - {42089D2D-912D-4018-9087-2B87803E93FB} - C:\Program Files\Microsoft Office\root\Office16\MSOSB.DLL [2024-03-10] (Microsoft Corporation -> Microsoft Corporation)
Handler-x32: mso-minsb.16 - {42089D2D-912D-4018-9087-2B87803E93FB} - C:\Program Files\Microsoft Office\root\VFS\ProgramFilesX86\Microsoft Office\Office16\MSOSB.DLL [2024-03-10] (Microsoft Corporation -> Microsoft Corporation)
Handler: osf-roaming.16 - {42089D2D-912D-4018-9087-2B87803E93FB} - C:\Program Files\Microsoft Office\root\Office16\MSOSB.DLL [2024-03-10] (Microsoft Corporation -> Microsoft Corporation)
Handler-x32: osf-roaming.16 - {42089D2D-912D-4018-9087-2B87803E93FB} - C:\Program Files\Microsoft Office\root\VFS\ProgramFilesX86\Microsoft Office\Office16\MSOSB.DLL [2024-03-10] (Microsoft Corporation -> Microsoft Corporation)
Handler: osf.16 - {5504BE45-A83B-4808-900A-3A5C36E7F77A} - C:\Program Files\Microsoft Office\root\Office16\MSOSB.DLL [2024-03-10] (Microsoft Corporation -> Microsoft Corporation)
Handler-x32: osf.16 - {5504BE45-A83B-4808-900A-3A5C36E7F77A} - C:\Program Files\Microsoft Office\root\VFS\ProgramFilesX86\Microsoft Office\Office16\MSOSB.DLL [2024-03-10] (Microsoft Corporation -> Microsoft Corporation)

(If an entry is included in the fixlist, it will be removed from the registry.)

IE trusted site: HKU\S-1-5-21-4194677476-3627657768-3988829947-1001\...\sharepoint.com -> hxxps://zsdolnihbity-files.sharepoint.com

==================== Hosts content: =========================

(If needed Hosts: directive could be included in the fixlist to reset Hosts.)

2019-12-07 10:14 - 2019-12-07 10:12 - 000000824 _____ C:\Windows\system32\drivers\etc\hosts

==================== Other Areas ===========================

(Currently there is no automatic fix for this section.)

HKLM\System\CurrentControlSet\Control\Session Manager\Environment\\Path -> C:\Program Files (x86)\NVIDIA Corporation\PhysX\Common;C:\Program Files (x86)\Common Files\Oracle\Java\javapath;%SystemRoot%\system32;%SystemRoot%;%SystemRoot%\System32\Wbem;%SYSTEMROOT%\System32\WindowsPowerShell\v1.0\;%SYSTEMROOT%\System32\OpenSSH\;C:\Program Files\Bandizip\
HKU\S-1-5-21-4194677476-3627657768-3988829947-1001\Control Panel\Desktop\\Wallpaper -> C:\Users\Boss\Desktop\Jujutsu kaisen\f75750c4cff421ad52938bd684aaa060.jpg
DNS Servers: 192.168.2.1
HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Policies\System => (ConsentPromptBehaviorAdmin: 5) (ConsentPromptBehaviorUser: 3) (EnableLUA: 1)
Windows Firewall is enabled.

==================== MSCONFIG/TASK MANAGER disabled items ==

(If an entry is included in the fixlist, it will be removed.)

HKU\S-1-5-21-4194677476-3627657768-3988829947-1001\...\StartupApproved\Run: => "OneDrive"
HKU\S-1-5-21-4194677476-3627657768-3988829947-1001\...\StartupApproved\Run: => "MicrosoftEdgeAutoLaunch_B14DBBE1EF03929244E921C90BE13BF3"
HKU\S-1-5-21-4194677476-3627657768-3988829947-1001\...\StartupApproved\Run: => "Opera Stable"
HKU\S-1-5-21-4194677476-3627657768-3988829947-1001\...\StartupApproved\Run: => "com.squirrel.Teams.Teams"

==================== FirewallRules (Whitelisted) ================

(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)

FirewallRules: [TCP Query User{97E70A10-E636-4EEA-B63D-743FC36EF6C3}D:\games\crash bandicoot n sane trilogy\crashbandicootnsanetrilogy.exe] => (Allow) D:\games\crash bandicoot n sane trilogy\crashbandicootnsanetrilogy.exe (Activision Publishing Inc -> ) [File not signed]
FirewallRules: [UDP Query User{9C64D3D0-5331-4A55-ADC3-D76A0E3F8CAD}D:\games\crash bandicoot n sane trilogy\crashbandicootnsanetrilogy.exe] => (Allow) D:\games\crash bandicoot n sane trilogy\crashbandicootnsanetrilogy.exe (Activision Publishing Inc -> ) [File not signed]
FirewallRules: [TCP Query User{DA1CCEC8-71BB-43C7-B906-38302F9D8CD8}C:\users\boss\appdata\roaming\.tlauncher\jvms\jre1.8.0_281\bin\javaw.exe] => (Allow) C:\users\boss\appdata\roaming\.tlauncher\jvms\jre1.8.0_281\bin\javaw.exe
FirewallRules: [UDP Query User{BE9715FE-DDE2-49C4-8CC5-8FADB9065532}C:\users\boss\appdata\roaming\.tlauncher\jvms\jre1.8.0_281\bin\javaw.exe] => (Allow) C:\users\boss\appdata\roaming\.tlauncher\jvms\jre1.8.0_281\bin\javaw.exe
FirewallRules: [TCP Query User{40FDD4C0-39DA-4D8B-AD76-6B3B7B673D9C}D:\games\far cry - primal\bin\fcprimal.exe] => (Allow) D:\games\far cry - primal\bin\fcprimal.exe (UBISOFT ENTERTAINMENT INC. -> Ubisoft Entertainment)
FirewallRules: [UDP Query User{6DB4C53E-09E6-45C4-8ACA-A00BAD58AA25}D:\games\far cry - primal\bin\fcprimal.exe] => (Allow) D:\games\far cry - primal\bin\fcprimal.exe (UBISOFT ENTERTAINMENT INC. -> Ubisoft Entertainment)
FirewallRules: [TCP Query User{ED55C08E-BAF8-4C9A-AC82-D2E02037A619}D:\games\the sims 4 dream home decorator\game\bin\ts4_x64.exe] => (Allow) D:\games\the sims 4 dream home decorator\game\bin\ts4_x64.exe (Electronic Arts Inc.) [File not signed]
FirewallRules: [UDP Query User{B22CF530-752D-44B0-9C93-4ABFA2A89F23}D:\games\the sims 4 dream home decorator\game\bin\ts4_x64.exe] => (Allow) D:\games\the sims 4 dream home decorator\game\bin\ts4_x64.exe (Electronic Arts Inc.) [File not signed]
FirewallRules: [TCP Query User{C5266588-0301-4A43-B32C-741A95B353BA}C:\users\boss\appdata\roaming\.minecraft\runtime\java-runtime-gamma\windows\java-runtime-gamma\bin\javaw.exe] => (Allow) C:\users\boss\appdata\roaming\.minecraft\runtime\java-runtime-gamma\windows\java-runtime-gamma\bin\javaw.exe
FirewallRules: [UDP Query User{5923D673-8782-4D2D-954E-59CB1827B276}C:\users\boss\appdata\roaming\.minecraft\runtime\java-runtime-gamma\windows\java-runtime-gamma\bin\javaw.exe] => (Allow) C:\users\boss\appdata\roaming\.minecraft\runtime\java-runtime-gamma\windows\java-runtime-gamma\bin\javaw.exe
FirewallRules: [TCP Query User{48065DF4-DED4-45DF-BD70-B10979DCC075}C:\users\boss\appdata\roaming\.minecraft\runtime\java-runtime-alpha\windows\java-runtime-alpha\bin\javaw.exe] => (Allow) C:\users\boss\appdata\roaming\.minecraft\runtime\java-runtime-alpha\windows\java-runtime-alpha\bin\javaw.exe
FirewallRules: [UDP Query User{0D2580F1-3460-4326-9E60-10F84F31B3CC}C:\users\boss\appdata\roaming\.minecraft\runtime\java-runtime-alpha\windows\java-runtime-alpha\bin\javaw.exe] => (Allow) C:\users\boss\appdata\roaming\.minecraft\runtime\java-runtime-alpha\windows\java-runtime-alpha\bin\javaw.exe
FirewallRules: [{0E1E5068-EA78-4262-9A9D-C810FFE39FDC}] => (Allow) C:\Program Files\Mozilla Thunderbird\thunderbird.exe (Mozilla Corporation -> Mozilla Corporation)
FirewallRules: [{6F101244-CAE5-4A14-86B2-2DA4203DCFF3}] => (Allow) C:\Program Files\Mozilla Thunderbird\thunderbird.exe (Mozilla Corporation -> Mozilla Corporation)
FirewallRules: [{4DA7D1C4-D2A6-4C2C-9EC0-4648F781E5EC}] => (Allow) C:\Program Files\Mozilla Thunderbird\thunderbird.exe (Mozilla Corporation -> Mozilla Corporation)
FirewallRules: [{6533A1E3-8392-4B34-9AE9-3676A99E3422}] => (Allow) C:\Program Files\Mozilla Thunderbird\thunderbird.exe (Mozilla Corporation -> Mozilla Corporation)
FirewallRules: [{8EDD8B67-799F-4AC5-9A8D-9C0ADDF17C0C}] => (Allow) C:\Program Files\Mozilla Firefox\firefox.exe (Mozilla Corporation -> Mozilla Corporation)
FirewallRules: [{4B56E729-8644-4D60-A2A3-AA3EF1A31BB8}] => (Allow) C:\Program Files\Mozilla Firefox\firefox.exe (Mozilla Corporation -> Mozilla Corporation)
FirewallRules: [TCP Query User{75ED434E-A429-444A-B699-A41242B0D5D3}C:\program files\mozilla firefox\firefox.exe] => (Allow) C:\program files\mozilla firefox\firefox.exe (Mozilla Corporation -> Mozilla Corporation)
FirewallRules: [UDP Query User{8D48C654-5712-4421-8AE4-C5EF95AB264C}C:\program files\mozilla firefox\firefox.exe] => (Allow) C:\program files\mozilla firefox\firefox.exe (Mozilla Corporation -> Mozilla Corporation)
FirewallRules: [TCP Query User{217DF551-01F1-47B1-91B3-E837134228DB}C:\program files\totalcmd\totalcmd64.exe] => (Allow) C:\program files\totalcmd\totalcmd64.exe (Ghisler Software GmbH -> Ghisler Software GmbH)
FirewallRules: [UDP Query User{65E5CB20-4084-4375-A2A6-A677903929DB}C:\program files\totalcmd\totalcmd64.exe] => (Allow) C:\program files\totalcmd\totalcmd64.exe (Ghisler Software GmbH -> Ghisler Software GmbH)
FirewallRules: [{6BF6D402-E33C-44A3-A37F-6330F6BF1533}] => (Allow) C:\Program Files\Microsoft Office\root\Office16\outlook.exe (Microsoft Corporation -> Microsoft Corporation)
FirewallRules: [{8C1B382A-FD16-4580-AEE6-63128C040C81}] => (Allow) C:\Program Files (x86)\Steam\Steam.exe (Valve Corp. -> Valve Corporation)
FirewallRules: [{F839EB32-1A45-44F6-94A9-444D5A6BBE2A}] => (Allow) C:\Program Files (x86)\Steam\Steam.exe (Valve Corp. -> Valve Corporation)
FirewallRules: [{FAD2A8FA-80E9-4AF4-A55B-4E2C35B0B54A}] => (Allow) C:\Program Files (x86)\Steam\bin\cef\cef.win7x64\steamwebhelper.exe (Valve Corp. -> Valve Corporation)
FirewallRules: [{7426F4BE-7CC6-4E92-9FA3-1814E4304337}] => (Allow) C:\Program Files (x86)\Steam\bin\cef\cef.win7x64\steamwebhelper.exe (Valve Corp. -> Valve Corporation)
FirewallRules: [{A43448EC-2647-4646-8202-275852D2AE51}] => (Allow) C:\Program Files (x86)\Steam\steamapps\common\Mafia II Definitive Edition\2KLauncher\LauncherPatcher.exe (Take-Two Interactive Software, Inc. -> Take-Two Interactive Software, Inc.)
FirewallRules: [{F33B70FF-EC9A-4365-932F-DC25470DDA01}] => (Allow) C:\Program Files (x86)\Steam\steamapps\common\Mafia II Definitive Edition\2KLauncher\LauncherPatcher.exe (Take-Two Interactive Software, Inc. -> Take-Two Interactive Software, Inc.)
FirewallRules: [TCP Query User{82490FE6-C72D-44E6-BBF9-4011CABF2027}C:\users\boss\appdata\roaming\.tlauncher\jvms\jre1.8.0_281\bin\javaw.exe] => (Allow) C:\users\boss\appdata\roaming\.tlauncher\jvms\jre1.8.0_281\bin\javaw.exe
FirewallRules: [UDP Query User{0434B749-A487-446E-B6E7-692035DFA8FC}C:\users\boss\appdata\roaming\.tlauncher\jvms\jre1.8.0_281\bin\javaw.exe] => (Allow) C:\users\boss\appdata\roaming\.tlauncher\jvms\jre1.8.0_281\bin\javaw.exe
FirewallRules: [TCP Query User{23A93CA6-723C-47B7-8EB8-BDC623B02694}C:\users\boss\appdata\roaming\.minecraft\runtime\java-runtime-gamma\windows\java-runtime-gamma\bin\javaw.exe] => (Allow) C:\users\boss\appdata\roaming\.minecraft\runtime\java-runtime-gamma\windows\java-runtime-gamma\bin\javaw.exe
FirewallRules: [UDP Query User{643D7DC9-BEA6-4FF8-9811-619D5B7F438C}C:\users\boss\appdata\roaming\.minecraft\runtime\java-runtime-gamma\windows\java-runtime-gamma\bin\javaw.exe] => (Allow) C:\users\boss\appdata\roaming\.minecraft\runtime\java-runtime-gamma\windows\java-runtime-gamma\bin\javaw.exe
FirewallRules: [{D2112656-86DF-462B-A0B6-EA43305B0697}] => (Allow) C:\Program Files\WindowsApps\Microsoft.SkypeApp_15.113.3210.0_x64__kzf8qxf38zg5c\Skype\Skype.exe (Skype Software Sarl -> Skype Technologies S.A.)
FirewallRules: [{C0BB5EF5-8A1C-4ED3-BDB8-CF83A481FB26}] => (Allow) C:\Program Files\WindowsApps\Microsoft.SkypeApp_15.113.3210.0_x64__kzf8qxf38zg5c\Skype\Skype.exe (Skype Software Sarl -> Skype Technologies S.A.)
FirewallRules: [{29885E6F-91D4-4197-94FE-EC0992CCE2B7}] => (Allow) C:\Program Files\WindowsApps\Microsoft.SkypeApp_15.113.3210.0_x64__kzf8qxf38zg5c\Skype\Skype.exe (Skype Software Sarl -> Skype Technologies S.A.)
FirewallRules: [{20F19FF1-C9F2-44AE-8B17-8FFDCC0EC663}] => (Allow) C:\Program Files\WindowsApps\Microsoft.SkypeApp_15.113.3210.0_x64__kzf8qxf38zg5c\Skype\Skype.exe (Skype Software Sarl -> Skype Technologies S.A.)
FirewallRules: [{198020FD-2AE3-4723-80D7-6309443C9B8E}] => (Allow) C:\Program Files (x86)\Microsoft\EdgeWebView\Application\122.0.2365.80\msedgewebview2.exe (Microsoft Corporation -> Microsoft Corporation)
FirewallRules: [TCP Query User{21AE39FC-4E66-4BAB-AA1E-6410A6364B8C}C:\users\boss\appdata\roaming\.tlauncher\starter\jre_default\jre-17.0.9-windows-x64\bin\java.exe] => (Allow) C:\users\boss\appdata\roaming\.tlauncher\starter\jre_default\jre-17.0.9-windows-x64\bin\java.exe
FirewallRules: [UDP Query User{3E45AA19-187B-4399-A380-F9A16C0E1B6C}C:\users\boss\appdata\roaming\.tlauncher\starter\jre_default\jre-17.0.9-windows-x64\bin\java.exe] => (Allow) C:\users\boss\appdata\roaming\.tlauncher\starter\jre_default\jre-17.0.9-windows-x64\bin\java.exe
FirewallRules: [{A8C6F5B2-1BBB-4882-AFF1-96382EAE96F1}] => (Allow) C:\Program Files (x86)\360\Total Security\360TsLiveUpd.exe => No File
FirewallRules: [{CAF2281A-C86E-4E64-A88A-2FB8DB7CA80F}] => (Allow) C:\Program Files (x86)\360\Total Security\360TsLiveUpd.exe => No File
FirewallRules: [{61A91740-8229-436B-A045-7F809FA94A6E}] => (Allow) C:\Program Files\WindowsApps\MSTeams_24033.811.2738.2546_x64__8wekyb3d8bbwe\ms-teams.exe (Microsoft Corporation -> Microsoft Corporation)
FirewallRules: [{5CF7FC2B-CF0C-4E72-AAB3-C0809CD025D1}] => (Allow) C:\Program Files\WindowsApps\MSTeams_24033.811.2738.2546_x64__8wekyb3d8bbwe\ms-teams.exe (Microsoft Corporation -> Microsoft Corporation)
FirewallRules: [TCP Query User{C0560BB6-8E26-428A-8EB9-8C91F5E8C2B6}D:\games\the sims 4 dream home decorator\game\bin\ts4_x64.exe] => (Allow) D:\games\the sims 4 dream home decorator\game\bin\ts4_x64.exe (Electronic Arts Inc.) [File not signed]
FirewallRules: [UDP Query User{B3B492CE-C8C5-4EDB-842C-CDC10D59ED62}D:\games\the sims 4 dream home decorator\game\bin\ts4_x64.exe] => (Allow) D:\games\the sims 4 dream home decorator\game\bin\ts4_x64.exe (Electronic Arts Inc.) [File not signed]
FirewallRules: [{10EFBDF5-1F75-46EC-85E9-A85C476F5030}] => (Allow) C:\Program Files\Google\Chrome\Application\chrome.exe (Google LLC -> Google LLC)

==================== Restore Points =========================


==================== Faulty Device Manager Devices ============


==================== Event log errors: ========================

Application errors:
==================
Error: (03/13/2024 05:34:00 PM) (Source: SecurityCenter) (EventID: 17) (User: )
Description: Centru zabezpečení se nepodařilo ověřit volajícího s chybou %1.

Error: (03/13/2024 05:12:23 PM) (Source: Microsoft-Windows-PerfNet) (EventID: 2004) (User: KACKA)
Description: Nelze otevřít objekt výkonu služby serveru. Vrácený kód stavu představují první čtyři bajty (DWORD) datové části.

Error: (03/13/2024 04:21:23 PM) (Source: Firefox Default Browser Agent) (EventID: 2) (User: )
Description: Event-ID 2

Error: (03/13/2024 04:19:10 PM) (Source: SecurityCenter) (EventID: 17) (User: )
Description: Centru zabezpečení se nepodařilo ověřit volajícího s chybou %1.

Error: (03/12/2024 08:14:49 PM) (Source: SecurityCenter) (EventID: 16) (User: )
Description: Při aktualizaci stavu na SECURITY_PRODUCT_STATE_ON došlo k chybě.

Error: (03/12/2024 08:14:49 PM) (Source: SecurityCenter) (EventID: 17) (User: )
Description: Centru zabezpečení se nepodařilo ověřit volajícího s chybou %1.

Error: (03/12/2024 05:42:54 PM) (Source: Firefox Default Browser Agent) (EventID: 2) (User: )
Description: Event-ID 2

Error: (03/12/2024 05:42:00 PM) (Source: Microsoft-Windows-PerfNet) (EventID: 2004) (User: KACKA)
Description: Nelze otevřít objekt výkonu služby serveru. Vrácený kód stavu představují první čtyři bajty (DWORD) datové části.


System errors:
=============
Error: (03/13/2024 05:21:48 PM) (Source: volsnap) (EventID: 25) (User: )
Description: Stínové kopie svazku C: byly smazány, protože úložiště stínové kopie nebylo možné včas zvětšit. Zvažte možnost snížení vstupně-výstupního zatížení systému nebo zvolte svazek úložiště stínové kopie, pro který není vytvářena stínová kopie.

Error: (03/13/2024 05:12:51 PM) (Source: DCOM) (EventID: 10010) (User: KACKA)
Description: Server Windows.Gaming.GameBar.PresenceServer.Internal.PresenceWriter se v daném časovém limitu neregistroval u služby DCOM.

Error: (03/13/2024 04:56:42 PM) (Source: DCOM) (EventID: 10010) (User: KACKA)
Description: Server Windows.Gaming.GameBar.PresenceServer.Internal.PresenceWriter se v daném časovém limitu neregistroval u služby DCOM.

Error: (03/13/2024 04:52:00 PM) (Source: DCOM) (EventID: 10010) (User: KACKA)
Description: Server Windows.Gaming.GameBar.PresenceServer.Internal.PresenceWriter se v daném časovém limitu neregistroval u služby DCOM.

Error: (03/13/2024 04:47:48 PM) (Source: DCOM) (EventID: 10010) (User: KACKA)
Description: Server Windows.Gaming.GameBar.PresenceServer.Internal.PresenceWriter se v daném časovém limitu neregistroval u služby DCOM.

Error: (03/12/2024 08:16:14 PM) (Source: DCOM) (EventID: 10010) (User: KACKA)
Description: Server Windows.Gaming.GameBar.PresenceServer.Internal.PresenceWriter se v daném časovém limitu neregistroval u služby DCOM.

Error: (03/12/2024 08:14:34 PM) (Source: Service Control Manager) (EventID: 7006) (User: )
Description: Volání ScRegSetValueExW skončilo neúspěšné pro Description s touto chybou:
Přístup byl odepřen.

Error: (03/12/2024 08:12:27 PM) (Source: DCOM) (EventID: 10010) (User: KACKA)
Description: Server Windows.Gaming.GameBar.PresenceServer.Internal.PresenceWriter se v daném časovém limitu neregistroval u služby DCOM.


Windows Defender:
================
Date: 2024-03-10 18:53:20
Description:
Prohledávání Antivirová ochrana v programu Microsoft Defender bylo zastaveno před dokončením.
ID prohledávání: {BA477C24-883D-408B-8CF0-AD84E917119E}
Typ prohledávání: Antimalwarový program
Parametry prohledávání: Rychlé prohledávání
Uživatel: NT AUTHORITY\SYSTEM

Date: 2024-03-10 17:55:42
Description:
Prohledávání Antivirová ochrana v programu Microsoft Defender bylo zastaveno před dokončením.
ID prohledávání: {D731898D-72A3-419A-89D2-156BD5B26543}
Typ prohledávání: Antimalwarový program
Parametry prohledávání: Rychlé prohledávání
Uživatel: NT AUTHORITY\SYSTEM

Date: 2024-02-27 16:09:05
Description:
Prohledávání Antivirová ochrana v programu Microsoft Defender bylo zastaveno před dokončením.
ID prohledávání: {0884A038-9968-4C5B-BAA9-051E154F08BC}
Typ prohledávání: Antimalwarový program
Parametry prohledávání: Rychlé prohledávání
Uživatel: NT AUTHORITY\SYSTEM

Date: 2024-02-11 15:07:25
Description:
Prohledávání Antivirová ochrana v programu Microsoft Defender bylo zastaveno před dokončením.
ID prohledávání: {CBFC6906-C46B-4DB4-A77F-86D26BC6D95F}
Typ prohledávání: Antimalwarový program
Parametry prohledávání: Rychlé prohledávání
Uživatel: NT AUTHORITY\SYSTEM

Date: 2024-02-08 15:16:28
Description:
Prohledávání Antivirová ochrana v programu Microsoft Defender bylo zastaveno před dokončením.
ID prohledávání: {1E566F3F-0468-47AE-BBA2-1E5237BB82B9}
Typ prohledávání: Antimalwarový program
Parametry prohledávání: Rychlé prohledávání
Uživatel: NT AUTHORITY\SYSTEM
Event[0]:

Date: 2023-06-02 11:06:27
Description:
Funkce Ochrana v reálném čase u prohledávání Antivirová ochrana v programu Microsoft Defender zjistila chybu a došlo k jejímu selhání.
Funkce: Při přístupu
Kód chyby: 0x8007043c
Popis chyby: Tuto službu nelze spustit v nouzovém režimu.
Důvod: Antimalwarové bezpečnostní informace přestaly z neznámých důvodů fungovat. V některých případech se tento problém dá vyřešit restartováním služby.

CodeIntegrity:
===============
Date: 2024-03-13 17:34:00
Description:
Code Integrity determined that a process (\Device\HarddiskVolume2\Program Files (x86)\360\Total Security\safemon\WscReg.exe) attempted to load \Device\HarddiskVolume2\Program Files (x86)\360\Total Security\360Base.dll that did not meet the Custom 3 / Antimalware signing level requirements.

Date: 2024-03-13 16:46:09
Description:
Code Integrity determined that a process (\Device\HarddiskVolume2\Program Files\Google\Chrome\Application\chrome.exe) attempted to load \Device\HarddiskVolume2\Program Files (x86)\360\Total Security\safemon\chromesafe64.dll that did not meet the Microsoft signing level requirements.


==================== Memory info ===========================

BIOS: American Megatrends Inc. 0502 03/04/2017
Motherboard: ASUSTeK Computer INC. M5A78L-M LE/USB3
Processor: AMD FX(tm)-6300 Six-Core Processor
Percentage of memory in use: 48%
Total physical RAM: 8174.11 MB
Available physical RAM: 4209.17 MB
Total Virtual: 14062.11 MB
Available Virtual: 5986.38 MB

==================== Drives ================================

Drive c: () (Fixed) (Total:237.9 GB) (Free:9.97 GB) (Model: Apacer AS350 256GB ATA Device) NTFS
Drive d: (HRY) (Fixed) (Total:886.45 GB) (Free:685.34 GB) (Model: WDC WD20EZRZ-00Z5HB0 ATA Device) NTFS
Drive e: (DATA) (Fixed) (Total:976.56 GB) (Free:976.43 GB) (Model: WDC WD20EZRZ-00Z5HB0 ATA Device) NTFS

\\?\Volume{38d0b591-0000-0000-0000-100000000000}\ (Rezervováno systémem) (Fixed) (Total:0.05 GB) (Free:0.02 GB) NTFS
\\?\Volume{38d0b591-0000-0000-0000-107d3b000000}\ () (Fixed) (Total:0.52 GB) (Free:0.08 GB) NTFS

==================== MBR & Partition Table ====================

==========================================================
Disk: 0 (MBR Code: Windows 7/8/10) (Size: 238.5 GB) (Disk ID: 38D0B591)
Partition 1: (Active) - (Size=50 MB) - (Type=07 NTFS)
Partition 2: (Not Active) - (Size=237.9 GB) - (Type=07 NTFS)
Partition 3: (Not Active) - (Size=531 MB) - (Type=27)

==========================================================
Disk: 1 (MBR Code: Windows 7/8/10) (Size: 1863 GB) (Disk ID: 6E0FA70F)
Partition 1: (Not Active) - (Size=886.5 GB) - (Type=07 NTFS)
Partition 2: (Not Active) - (Size=976.6 GB) - (Type=07 NTFS)

==================== End of Addition.txt =======================
Nahoru
jasanek
Návštěvník
Návštěvník
Příspěvky: 144
Registrován: 04 zář 2006 14:43

Re: Samovolný pohyb myši a samovolné otvírání prohlížeče

#14 Příspěvek od jasanek »

Scan result of Farbar Recovery Scan Tool (FRST) (x64) Version: 12.03.2024
Ran by Boss (administrator) on KACKA (13-03-2024 17:34:24)
Running from C:\Users\Boss\Desktop\FRST64.exe
Loaded Profiles: Boss
Platform: Microsoft Windows 10 Pro Version 22H2 19045.4046 (X64) Language: Čeština (Česko)
Default browser: FF
Boot Mode: Normal

==================== Processes (Whitelisted) =================

(If an entry is included in the fixlist, the process will be closed. The file will not be moved.)

(Advanced Micro Devices Inc. -> Advanced Micro Devices, Inc.) C:\Program Files\AMD\CNext\CNext\RadeonSoftware.exe
(C:\Program Files (x86)\Google\Update\GoogleUpdate.exe ->) (Google LLC -> Google LLC) C:\Program Files (x86)\Google\Update\1.3.36.372\GoogleCrashHandler.exe
(C:\Program Files (x86)\Google\Update\GoogleUpdate.exe ->) (Google LLC -> Google LLC) C:\Program Files (x86)\Google\Update\1.3.36.372\GoogleCrashHandler64.exe
(C:\Program Files (x86)\Steam\steam.exe ->) (Valve Corp. -> Valve Corporation) C:\Program Files (x86)\Steam\bin\cef\cef.win7x64\steamwebhelper.exe <7>
(C:\Program Files\AMD\CNext\CNext\AMDRSServ.exe ->) (Advanced Micro Devices Inc. -> Advanced Micro Devices, Inc.) C:\Program Files\AMD\CNext\CNext\amdow.exe
(C:\Program Files\AMD\CNext\CNext\AMDRSServ.exe ->) (Advanced Micro Devices Inc. -> Advanced Micro Devices, Inc.) C:\Program Files\AMD\CNext\CNext\AMDRSSrcExt.exe
(C:\Program Files\AMD\CNext\CNext\RadeonSoftware.exe ->) (Advanced Micro Devices Inc. -> Advanced Micro Devices, Inc.) C:\Program Files\AMD\CNext\CNext\cncmd.exe
(cmd.exe ->) (Advanced Micro Devices Inc. -> Advanced Micro Devices, Inc.) C:\Program Files\AMD\CNext\CNext\AMDRSServ.exe
(DriverStore\FileRepository\u0392064.inf_amd64_f5afb73c644105f0\B392017\atiesrxx.exe ->) (Advanced Micro Devices Inc. -> AMD) C:\Windows\System32\DriverStore\FileRepository\u0392064.inf_amd64_f5afb73c644105f0\B392017\atieclxx.exe
(explorer.exe ->) (3369D7DB-FC10-4DBB-A701-31D053DEF758 -> The NW.js Community) C:\Program Files\WindowsApps\63685TenBrowser.TenBrowser_1.7.78.0_neutral__q4wt7ke8hpbsc\VFS\AppData\TenBrowser\TenBrowser.exe <8>
(explorer.exe ->) (Ivaylo Beltchev -> IvoSoft) [File not signed] C:\Program Files\Classic Shell\ClassicStartMenu.exe
(explorer.exe ->) (Scarlet.Crush Productions) [File not signed] C:\Program Files\Nefarius Software Solutions\ScpToolkit\ScpTrayApp.exe
(explorer.exe ->) (Valve Corp. -> Valve Corporation) C:\Program Files (x86)\Steam\steam.exe
(Google LLC -> Google LLC) C:\Program Files (x86)\Google\Update\GoogleUpdate.exe
(Microsoft Windows -> Microsoft Corporation) C:\Windows\System32\cmd.exe
(Microsoft Windows -> Microsoft Corporation) C:\Windows\System32\MusNotifyIcon.exe
(Mozilla Corporation -> Mozilla Corporation) C:\Program Files\Mozilla Firefox\firefox.exe
(services.exe ->) (Advanced Micro Devices Inc. -> AMD) C:\Windows\System32\DriverStore\FileRepository\u0392064.inf_amd64_f5afb73c644105f0\B392017\atiesrxx.exe
(services.exe ->) (Microsoft Corporation -> Microsoft Corporation) C:\Program Files\Common Files\microsoft shared\ClickToRun\OfficeClickToRun.exe
(services.exe ->) (Microsoft Corporation) [File not signed] C:\Program Files (x86)\Common Files\Microsoft Shared\VS7DEBUG\mdm.exe
(services.exe ->) (Microsoft Windows Hardware Compatibility Publisher -> Advanced Micro Devices, Inc.) C:\Windows\System32\amdfendrsr.exe
(services.exe ->) (Microsoft Windows Publisher -> Microsoft Corporation) C:\ProgramData\Microsoft\Windows Defender\Platform\4.18.24010.12-0\MsMpEng.exe
(services.exe ->) (Microsoft Windows Publisher -> Microsoft Corporation) C:\ProgramData\Microsoft\Windows Defender\Platform\4.18.24010.12-0\NisSrv.exe
(services.exe ->) (Valve Corp. -> Valve Corporation) C:\Program Files (x86)\Common Files\Steam\steamservice.exe
(svchost.exe ->) (Microsoft Corporation -> Microsoft Corporation) C:\Program Files\Microsoft Office\root\Office16\SDXHelper.exe
(svchost.exe ->) (Microsoft Windows -> Microsoft Corporation) C:\Windows\System32\dllhost.exe <2>
(svchost.exe ->) (Microsoft Windows -> Microsoft Corporation) C:\Windows\System32\smartscreen.exe
(svchost.exe ->) (Microsoft Windows -> Microsoft Corporation) C:\Windows\SysWOW64\wbem\WmiPrvSE.exe

==================== Registry (Whitelisted) ===================

(If an entry is included in the fixlist, the registry item will be restored to default or removed. The file will not be moved.)

HKLM\...\Run: [Classic Start Menu] => C:\Program Files\Classic Shell\ClassicStartMenu.exe [163640 2018-07-15] (Ivaylo Beltchev -> IvoSoft) [File not signed]
HKLM-x32\...\Run: [TeamsMachineInstaller] => C:\Program Files (x86)\Teams Installer\Teams.exe [138214768 2022-11-03] (Microsoft Corporation -> Microsoft Corporation)
HKLM-x32\...\RunOnce: [360safeuninst_1f0fb7c2d13cc0c07ff2ca40747bc03e] => C:\Users\Boss\AppData\Local\Temp\1f0fb7c2d13cc0c07ff2ca40747bc03e_remove360.bat [642 2024-03-13] () [File not signed] <==== ATTENTION
HKU\S-1-5-21-4194677476-3627657768-3988829947-1001\...\Run: [MicrosoftEdgeAutoLaunch_B14DBBE1EF03929244E921C90BE13BF3] => "C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --no-startup-window --win-session-start [4060608 2024-03-07] (Microsoft Corporation -> Microsoft Corporation)
HKU\S-1-5-21-4194677476-3627657768-3988829947-1001\...\Run: [com.squirrel.Teams.Teams] => C:\Users\Boss\AppData\Local\Microsoft\Teams\Update.exe [2613704 2024-03-11] (Microsoft Corporation -> Microsoft Corporation)
HKU\S-1-5-21-4194677476-3627657768-3988829947-1001\...\Run: [Steam] => C:\Program Files (x86)\Steam\steam.exe [4384104 2024-03-06] (Valve Corp. -> Valve Corporation)
HKU\S-1-5-21-4194677476-3627657768-3988829947-1001\...\Policies\Explorer: [NoLowDiskSpaceChecks] 1
HKLM\Software\Microsoft\Active Setup\Installed Components: [{8A69D345-D564-463c-AFF1-A69D9E530F96}] -> C:\Program Files\Google\Chrome\Application\122.0.6261.128\Installer\chrmstp.exe [2024-03-13] (Google LLC -> Google LLC)
Startup: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Startup\ScpToolkit Tray Notifications.lnk [2023-11-16]
ShortcutTarget: ScpToolkit Tray Notifications.lnk -> C:\Program Files\Nefarius Software Solutions\ScpToolkit\ScpTrayApp.exe (Scarlet.Crush Productions) [File not signed]

==================== Scheduled Tasks (Whitelisted) =================

(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)

Task: {A586464B-1C0B-4C6B-B41F-2326CF3589FB} - System32\Tasks\AMDInstallLauncher => C:\Program Files\AMD\CIM\Bin64\InstallManagerApp.exe [1024440 2023-05-12] (Advanced Micro Devices Inc. -> Advanced Micro Devices, Inc.)
Task: {5E34B909-9A52-4865-BDBD-B897AA89CF92} - System32\Tasks\AMDLinkUpdate => C:\Program Files\AMD\CIM\Bin64\InstallManagerApp.exe [1024440 2023-05-12] (Advanced Micro Devices Inc. -> Advanced Micro Devices, Inc.)
Task: {F47AA8C2-369F-48BF-A8B2-4805FCE6D29E} - System32\Tasks\Microsoft\Office\Office Automatic Updates 2.0 => C:\Program Files\Common Files\Microsoft Shared\ClickToRun\OfficeC2RClient.exe [28491856 2024-03-10] (Microsoft Corporation -> Microsoft Corporation)
Task: {9A418831-81E3-413B-B532-E16F0AEFA1B2} - System32\Tasks\Microsoft\Office\Office ClickToRun Service Monitor => C:\Program Files\Common Files\Microsoft Shared\ClickToRun\OfficeC2RClient.exe [28491856 2024-03-10] (Microsoft Corporation -> Microsoft Corporation)
Task: {E2F8FB0D-1AEF-44E1-AC68-4115778E6A4B} - System32\Tasks\Microsoft\Office\Office Feature Updates => C:\Program Files\Microsoft Office\root\Office16\sdxhelper.exe [309320 2024-03-10] (Microsoft Corporation -> Microsoft Corporation)
Task: {864F3A59-9063-4D91-9E83-6B60F4764706} - System32\Tasks\Microsoft\Office\Office Feature Updates Logon => C:\Program Files\Microsoft Office\root\Office16\sdxhelper.exe [309320 2024-03-10] (Microsoft Corporation -> Microsoft Corporation)
Task: {0C27CB30-0792-4BD1-85E9-424ADF68C7D9} - System32\Tasks\Microsoft\Office\Office Performance Monitor => C:\Program Files\Microsoft Office\root\VFS\ProgramFilesCommonX64\Microsoft Shared\Office16\operfmon.exe [170024 2024-03-10] (Microsoft Corporation -> Microsoft Corporation)
Task: {CB5C9A94-1D11-4198-B84D-717C42035532} - System32\Tasks\ModifyLinkUpdate => C:\Program Files\AMD\CIM\Bin64\InstallManagerApp.exe [1024440 2023-05-12] (Advanced Micro Devices Inc. -> Advanced Micro Devices, Inc.)
Task: {D02BC8F4-4DB1-4744-BB50-8E20F43811A3} - System32\Tasks\Mozilla\Firefox Background Update 308046B0AF4A39CB => C:\Program Files\Mozilla Firefox\firefox.exe [671136 2024-02-24] (Mozilla Corporation -> Mozilla Corporation) -> --MOZ_LOG sync,prependheader,timestamp,append,maxsize:1,Dump:5 --MOZ_LOG_FILE C:\ProgramData\Mozilla-1de4eec8-1241-4177-a864-e594e8d1fb38\updates\308046B0AF4A39CB\backgroundupdate.moz_log --backgroundtask backgroundupdate
Task: {563A8251-AD39-433F-A7C7-AC7C2AA1B402} - System32\Tasks\Mozilla\Firefox Default Browser Agent 308046B0AF4A39CB => C:\Program Files\Mozilla Firefox\default-browser-agent.exe [34720 2024-02-24] (Mozilla Corporation -> Mozilla Foundation)
Task: {20615B0A-257E-4FB6-9EF1-87BFEBACCBFE} - System32\Tasks\OneDrive Per-Machine Standalone Update Task => C:\Program Files\Microsoft OneDrive\OneDriveStandaloneUpdater.exe [4206512 2024-03-10] (Microsoft Corporation -> Microsoft Corporation)
Task: {D1100223-0CF2-4641-A2AB-7B402662D20F} - System32\Tasks\OneDrive Reporting Task-S-1-5-21-4194677476-3627657768-3988829947-1001 => C:\Program Files\Microsoft OneDrive\OneDriveStandaloneUpdater.exe [4206512 2024-03-10] (Microsoft Corporation -> Microsoft Corporation)
Task: {914A219D-7963-4543-9885-1F16CF4AF0BA} - System32\Tasks\StartCN => C:\Program Files\AMD\CNext\CNext\cncmd.exe [59832 2023-05-12] (Advanced Micro Devices Inc. -> Advanced Micro Devices, Inc.)
Task: {4EC054BD-ADF2-4CA5-A888-591C366F8B6F} - System32\Tasks\StartDVR => C:\Program Files\AMD\CNext\CNext\RSServCmd.exe [291768 2023-05-12] (Advanced Micro Devices Inc. -> Advanced Micro Devices, Inc.)
Task: {02776A18-1449-41A4-85BD-EA589F8FC419} - System32\Tasks\updater => C:\Program Files\Nefarius Software Solutions\ScpToolkit\ScpUpdater.exe [464384 2016-01-10] (Nefarius Software Solutions) [File not signed]

(If an entry is included in the fixlist, the task (.job) file will be moved. The file which is running by the task will not be moved.)


==================== Internet (Whitelisted) ====================

(If an item is included in the fixlist, if it is a registry item it will be removed or restored to default.)

Tcpip\Parameters: [DhcpNameServer] 192.168.2.1
Tcpip\..\Interfaces\{2c1f5d8d-c472-4be5-bf65-1aa1ea30054c}: [DhcpNameServer] 192.168.2.1
HKLM\SOFTWARE\Policies\Microsoft\Internet Explorer: Restriction <==== ATTENTION

Edge:
=======
Edge DefaultProfile: Default
Edge Profile: C:\Users\Boss\AppData\Local\Microsoft\Edge\User Data\Default [2024-03-12]
Edge Extension: (Dokumenty Google offline) - C:\Users\Boss\AppData\Local\Microsoft\Edge\User Data\Default\Extensions\ghbmnnjooekpmoecnnnilnnbdlolhkhi [2024-03-11]
Edge Extension: (Edge relevant text changes) - C:\Users\Boss\AppData\Local\Microsoft\Edge\User Data\Default\Extensions\jmjflgjpcpepeafmmgdpfkogkghcpiha [2024-02-24]

FireFox:
========
FF DefaultProfile: 5og8wrwc.default
FF ProfilePath: C:\Users\Boss\AppData\Roaming\Mozilla\Firefox\Profiles\5og8wrwc.default [2024-03-11]
FF ProfilePath: C:\Users\Boss\AppData\Roaming\Mozilla\Firefox\Profiles\wl6337xl.default-release [2024-03-13]
FF Plugin: @microsoft.com/SharePoint,version=14.0 -> C:\Program Files\Microsoft Office\root\Office16\NPSPWRAP.DLL [2024-02-05] (Microsoft Corporation -> Microsoft Corporation)
FF Plugin: @videolan.org/vlc,version=3.0.18 -> C:\Program Files\VideoLAN\VLC\npvlc.dll [2023-10-30] (VideoLAN -> VideoLAN)
FF Plugin: @videolan.org/vlc,version=3.0.20 -> C:\Program Files\VideoLAN\VLC\npvlc.dll [2023-10-30] (VideoLAN -> VideoLAN)
FF Plugin-x32: @java.com/DTPlugin,version=11.371.2 -> C:\Program Files (x86)\Java\jre-1.8\bin\dtplugin\npDeployJava1.dll [2023-03-17] (Oracle America, Inc. -> Oracle Corporation)
FF Plugin-x32: @java.com/JavaPlugin,version=11.371.2 -> C:\Program Files (x86)\Java\jre-1.8\bin\plugin2\npjp2.dll [2023-03-17] (Oracle America, Inc. -> Oracle Corporation)
FF Plugin-x32: @microsoft.com/SharePoint,version=14.0 -> C:\Program Files\Microsoft Office\root\VFS\ProgramFilesX86\Microsoft Office\Office16\NPSPWRAP.DLL [2024-02-05] (Microsoft Corporation -> Microsoft Corporation)

Chrome:
=======
CHR DefaultProfile: Default
CHR Profile: C:\Users\Boss\AppData\Local\Google\Chrome\User Data\Default [2024-03-13]
CHR Notifications: Default -> hxxps://mail.google.com; hxxps://www.filehorse.com; hxxps://www.youtube.com
CHR Extension: (Dokumenty Google offline) - C:\Users\Boss\AppData\Local\Google\Chrome\User Data\Default\Extensions\ghbmnnjooekpmoecnnnilnnbdlolhkhi [2024-02-27]
CHR Extension: (Platby Internetového obchodu Chrome) - C:\Users\Boss\AppData\Local\Google\Chrome\User Data\Default\Extensions\nmmhkkegccagdldgiimedpiccmgmieda [2023-05-23]
CHR Profile: C:\Users\Boss\AppData\Local\Google\Chrome\User Data\Guest Profile [2024-03-11]
CHR Profile: C:\Users\Boss\AppData\Local\Google\Chrome\User Data\Profile 1 [2024-03-11]
CHR Extension: (Dokumenty Google offline) - C:\Users\Boss\AppData\Local\Google\Chrome\User Data\Profile 1\Extensions\ghbmnnjooekpmoecnnnilnnbdlolhkhi [2024-03-10]
CHR Extension: (Platby Internetového obchodu Chrome) - C:\Users\Boss\AppData\Local\Google\Chrome\User Data\Profile 1\Extensions\nmmhkkegccagdldgiimedpiccmgmieda [2023-09-16]
CHR Profile: C:\Users\Boss\AppData\Local\Google\Chrome\User Data\Profile 2 [2024-03-11]
CHR Extension: (Dokumenty Google offline) - C:\Users\Boss\AppData\Local\Google\Chrome\User Data\Profile 2\Extensions\ghbmnnjooekpmoecnnnilnnbdlolhkhi [2024-02-27]
CHR Extension: (Platby Internetového obchodu Chrome) - C:\Users\Boss\AppData\Local\Google\Chrome\User Data\Profile 2\Extensions\nmmhkkegccagdldgiimedpiccmgmieda [2023-10-13]
CHR Profile: C:\Users\Boss\AppData\Local\Google\Chrome\User Data\System Profile [2024-03-13]

Opera:
=======
OPR DefaultProfile: Default

==================== Services (Whitelisted) ===================

(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)

R2 ClickToRunSvc; C:\Program Files\Common Files\Microsoft Shared\ClickToRun\OfficeClickToRun.exe [14097992 2024-03-10] (Microsoft Corporation -> Microsoft Corporation)
S3 FileSyncHelper; C:\Program Files\Microsoft OneDrive\24.025.0204.0003\FileSyncHelper.exe [3516848 2024-03-10] (Microsoft Corporation -> Microsoft Corporation)
R2 MDM; C:\Program Files (x86)\Common Files\Microsoft Shared\VS7DEBUG\mdm.exe [335872 2006-10-26] (Microsoft Corporation) [File not signed]
S3 OneDrive Updater Service; C:\Program Files\Microsoft OneDrive\24.025.0204.0003\OneDriveUpdaterService.exe [3853744 2024-03-10] (Microsoft Corporation -> Microsoft Corporation)
S3 Sense; C:\Program Files\Windows Defender Advanced Threat Protection\MsSense.exe [534472 2023-12-15] (Microsoft Windows Publisher -> Microsoft Corporation)
R3 WdNisSvc; C:\ProgramData\Microsoft\Windows Defender\Platform\4.18.24010.12-0\NisSrv.exe [3191256 2024-02-29] (Microsoft Windows Publisher -> Microsoft Corporation)
R2 WinDefend; C:\ProgramData\Microsoft\Windows Defender\Platform\4.18.24010.12-0\MsMpEng.exe [133576 2024-02-29] (Microsoft Windows Publisher -> Microsoft Corporation)
S4 QHActiveDefense; "C:\Program Files (x86)\360\Total Security\safemon\QHActiveDefense.exe" [X]
S4 QHProtected; "C:\Program Files (x86)\360\Total Security\safemon\WscReg.exe" [X]

===================== Drivers (Whitelisted) ===================

(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)

R3 360AvFlt; C:\Windows\SysWOW64\DRIVERS\360AvFlt.sys [100592 2023-12-21] (Microsoft Windows Hardware Compatibility Publisher -> 360.cn)
R3 360netmon; C:\Windows\System32\DRIVERS\360netmon.sys [96424 2023-03-15] (Qihoo 360 Software (Beijing) Company Limited -> 360.cn)
R3 amdfendrmgr; C:\Windows\System32\drivers\amdfendrmgr.sys [25560 2023-04-12] (Microsoft Windows Hardware Compatibility Publisher -> Advanced Micro Devices, Inc.)
R3 AMDSAFD; C:\Windows\System32\DriverStore\FileRepository\amdsafd.inf_amd64_1a1a381a2c0e293c\amdsafd.sys [113056 2022-08-25] (Advanced Micro Devices Inc. -> Advanced Micro Devices)
R3 AmdTools64; C:\Windows\System32\drivers\AmdTools64.sys [77240 2022-07-18] (Advanced Micro Devices Inc. -> AMD)
R3 amdwddmg; C:\Windows\System32\DriverStore\FileRepository\u0392064.inf_amd64_f5afb73c644105f0\B392017\amdkmdag.sys [100296072 2023-05-23] (Advanced Micro Devices Inc. -> Advanced Micro Devices, Inc.)
R3 AMDXE; C:\Windows\System32\drivers\amdxe.sys [59920 2022-05-31] (Advanced Micro Devices Inc. -> Advanced Micro Devices, Inc.)
S3 libusbK; C:\Windows\System32\drivers\libusbK.sys [47200 2023-11-16] (Travis Lee Robinson -> hxxp://libusb-win32.sourceforge.net)
R3 MTsensor; C:\Windows\system32\DRIVERS\ASACPI.sys [17280 2023-05-23] (ASUSTeK Computer Inc. -> )
R3 ScpVBus; C:\Windows\System32\drivers\ScpVBus.sys [39168 2013-05-19] (Bruce James -> Scarlet.Crush Productions)
R0 WdBoot; C:\Windows\System32\drivers\wd\WdBoot.sys [21040 2024-02-29] (Microsoft Windows Early Launch Anti-malware Publisher -> Microsoft Corporation)
R0 WdFilter; C:\Windows\System32\drivers\wd\WdFilter.sys [608648 2024-02-29] (Microsoft Windows -> Microsoft Corporation)
R3 WdNisDrv; C:\Windows\System32\drivers\wd\WdNisDrv.sys [105752 2024-02-29] (Microsoft Windows -> Microsoft Corporation)
R3 360Box64; system32\DRIVERS\360Box64.sys [X]
S4 NVHDA; \SystemRoot\system32\drivers\nvhda64v.sys [X]

==================== NetSvcs (Whitelisted) ===================

(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)


==================== One month (created) (Whitelisted) =========

(If an entry is included in the fixlist, the file/folder will be moved.)

2024-03-13 16:47 - 2024-03-13 16:47 - 000000000 ___HD C:\$WinREAgent
2024-03-12 22:38 - 2024-03-12 22:40 - 000000000 ____D C:\Users\Boss\Desktop\Nová složka (2)
2024-03-12 21:46 - 2024-03-12 21:47 - 000000000 ____D C:\Windows\Tasks\360Disabled
2024-03-12 20:16 - 2024-03-13 17:32 - 000000000 ____D C:\ProgramData\360Quarant
2024-03-12 20:14 - 2024-02-01 06:14 - 000349928 _____ (360.cn) C:\Windows\system32\Drivers\360Box64.sys.951
2024-03-12 20:14 - 2023-12-21 05:38 - 000553712 _____ (360.cn) C:\Windows\system32\Drivers\360FsFlt.sys.675
2024-03-12 20:14 - 2023-12-21 05:38 - 000100592 _____ (360.cn) C:\Windows\system32\Drivers\360AvFlt.sys.000
2024-03-12 20:14 - 2023-03-15 09:02 - 000096424 ____N (360.cn) C:\Windows\system32\Drivers\360netmon.sys
2024-03-12 20:13 - 2024-03-12 20:13 - 000000000 ____D C:\Program Files (x86)\360
2024-03-11 20:54 - 2024-03-11 20:54 - 000259224 _____ C:\Users\Boss\Downloads\aircraft-sales-item.webp
2024-03-11 20:47 - 2024-03-11 20:47 - 000088476 _____ C:\Users\Boss\Downloads\letadlo-cestovani.jpeg
2024-03-11 20:47 - 2024-03-11 20:47 - 000080090 _____ C:\Users\Boss\Downloads\image.webp
2024-03-11 20:47 - 2024-03-11 20:47 - 000070770 _____ C:\Users\Boss\Downloads\letadla.webp
2024-03-11 20:39 - 2024-03-11 20:39 - 000161735 _____ C:\Users\Boss\Downloads\dánsko.jpeg
2024-03-11 20:26 - 2024-03-11 20:26 - 001645116 _____ C:\Users\Boss\Downloads\ee2a8173dc4f6253bebe62bb07c6b10e.jpeg
2024-03-11 20:26 - 2024-03-11 20:26 - 000090756 _____ C:\Users\Boss\Downloads\shutterstock_445892848_1200x.webp
2024-03-11 20:25 - 2024-03-11 20:25 - 000024746 _____ C:\Users\Boss\Downloads\2koru.webp
2024-03-11 20:14 - 2024-03-11 20:14 - 000462712 _____ C:\Users\Boss\Downloads\newFile.avif
2024-03-11 20:11 - 2024-03-11 20:11 - 000075324 _____ C:\Users\Boss\Downloads\Image-1-Amtraks-Airo-Passenger-Train-1.webp
2024-03-11 20:11 - 2024-03-11 20:11 - 000040861 _____ C:\Users\Boss\Downloads\high-speed-train-motion-railway-station-sunset-generative-ai_527096-24567.avif
2024-03-11 19:51 - 2024-03-11 21:20 - 011960210 _____ C:\Users\Boss\Desktop\Traveling.pptx
2024-03-11 18:49 - 2024-03-11 18:49 - 000138929 _____ C:\Users\Boss\Downloads\1967-Chevrolet-Impala-Supernatural-Cropped.avif
2024-03-11 18:49 - 2024-03-11 18:49 - 000079354 _____ C:\Users\Boss\Downloads\Supernatural-Jensen-Ackles-Dean-Winchester-with-Impala.avif
2024-03-11 18:49 - 2024-03-11 18:49 - 000059364 _____ C:\Users\Boss\Downloads\Supernatural.webp
2024-03-11 18:48 - 2024-03-11 18:48 - 000087098 _____ C:\Users\Boss\Downloads\wp2353934.webp
2024-03-11 18:11 - 2024-03-11 18:11 - 000000008 _____ C:\ProgramData\ntuser.pol
2024-03-11 18:08 - 2024-03-13 17:32 - 000000000 ____D C:\Users\Boss\Desktop\FRST-OlderVersion
2024-03-11 18:08 - 2024-03-11 18:09 - 000007324 _____ C:\Users\Boss\Desktop\Fixlog.txt
2024-03-10 20:33 - 2024-03-10 20:34 - 000000000 ____D C:\AdwCleaner
2024-03-10 20:32 - 2024-03-10 20:32 - 008790880 _____ (Malwarebytes) C:\Users\Boss\Desktop\adwcleaner.exe
2024-03-10 18:20 - 2024-03-10 18:22 - 000049729 _____ C:\Users\Boss\Desktop\Addition.txt
2024-03-10 18:19 - 2024-03-13 17:35 - 000018069 _____ C:\Users\Boss\Desktop\FRST.txt
2024-03-10 18:17 - 2024-03-13 17:34 - 000000000 ____D C:\FRST
2024-03-10 18:15 - 2024-03-13 17:32 - 002390528 _____ (Farbar) C:\Users\Boss\Desktop\FRST64.exe
2024-03-10 17:40 - 2024-03-10 17:40 - 000000000 ____D C:\Program Files\Common Files\DESIGNER
2024-02-24 22:04 - 2024-02-24 23:37 - 000000000 ____D C:\Users\Boss\Desktop\Chlapec
2024-02-24 16:43 - 2024-03-11 21:20 - 000000000 ____D C:\Users\Boss\AppData\Roaming\Microsoft\PowerPoint
2024-02-16 21:11 - 2024-02-16 21:11 - 000019697 _____ C:\Windows\SysWOW64\IntegratedServicesRegionPolicySet.json
2024-02-16 21:10 - 2024-02-16 21:10 - 000019697 _____ C:\Windows\system32\IntegratedServicesRegionPolicySet.json

==================== One month (modified) ==================

(If an entry is included in the fixlist, the file/folder will be moved.)

2024-03-13 17:34 - 2023-09-09 13:18 - 000000000 ____D C:\ProgramData\Mozilla-1de4eec8-1241-4177-a864-e594e8d1fb38
2024-03-13 17:34 - 2019-12-07 10:14 - 000000000 ___HD C:\Windows\ELAMBKUP
2024-03-13 17:33 - 2019-12-07 10:14 - 000000000 ___RD C:\Windows\ImmersiveControlPanel
2024-03-13 17:31 - 2023-05-23 13:07 - 000000000 ____D C:\Users\Boss\AppData\Local\ClassicShell
2024-03-13 17:29 - 2019-12-07 10:03 - 000000000 ____D C:\Windows\CbsTemp
2024-03-13 17:20 - 2023-12-28 19:04 - 000000000 ____D C:\Program Files (x86)\Steam
2024-03-13 17:17 - 2019-12-07 10:14 - 000000000 ____D C:\ProgramData\regid.1991-06.com.microsoft
2024-03-13 16:56 - 2023-06-02 12:58 - 000000000 ____D C:\Users\Boss\AppData\Roaming\.minecraft
2024-03-13 16:52 - 2023-06-02 13:00 - 000000000 ____D C:\Users\Boss\AppData\Roaming\.tlauncher
2024-03-13 16:50 - 2023-05-23 13:03 - 000000000 ____D C:\Program Files (x86)\Google
2024-03-13 16:50 - 2022-09-08 04:11 - 000000000 ____D C:\Windows\SystemTemp
2024-03-13 16:49 - 2023-05-23 13:04 - 000002247 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Google Chrome.lnk
2024-03-13 16:49 - 2023-05-23 13:04 - 000002206 _____ C:\Users\Public\Desktop\Google Chrome.lnk
2024-03-13 16:32 - 2023-05-23 13:01 - 000000000 ____D C:\Windows\system32\MRT
2024-03-13 16:29 - 2023-05-23 13:00 - 190470136 ____C (Microsoft Corporation) C:\Windows\system32\MRT.exe
2024-03-13 16:19 - 2019-12-07 10:14 - 000000000 ____D C:\Windows\LiveKernelReports
2024-03-13 16:19 - 2019-12-07 10:13 - 000000000 ____D C:\Windows\INF
2024-03-13 16:18 - 2023-06-05 09:11 - 000003096 _____ C:\Windows\system32\Tasks\AMDInstallLauncher
2024-03-13 16:18 - 2023-06-05 09:11 - 000003088 _____ C:\Windows\system32\Tasks\AMDLinkUpdate
2024-03-12 23:07 - 2021-05-22 23:09 - 000000000 ____D C:\Windows\system32\SleepStudy
2024-03-12 22:40 - 2023-06-11 16:08 - 000000000 ____D C:\Users\Boss\Desktop\obrásky
2024-03-12 22:39 - 2023-05-24 14:43 - 000000000 ____D C:\Users\Boss\AppData\Roaming\vlc
2024-03-12 22:32 - 2019-12-07 10:14 - 000000000 ___HD C:\Program Files\WindowsApps
2024-03-12 22:32 - 2019-12-07 10:14 - 000000000 ____D C:\Windows\AppReadiness
2024-03-12 20:14 - 2023-05-23 13:02 - 000000000 ____D C:\Users\Boss\AppData\Local\D3DSCache
2024-03-12 18:35 - 2023-10-28 13:19 - 000000000 ____D C:\Users\Boss\Desktop\Mafia fail
2024-03-11 21:25 - 2021-05-22 23:12 - 000000000 ____D C:\Users\Boss
2024-03-11 21:24 - 2021-05-22 23:12 - 000002444 _____ C:\Users\Boss\Desktop\Microsoft Edge.lnk
2024-03-11 21:22 - 2021-05-22 23:12 - 000000000 ____D C:\Users\Boss\AppData\Local\ConnectedDevicesPlatform
2024-03-11 21:21 - 2023-10-30 20:22 - 000000000 ____D C:\Users\Boss\AppData\Roaming\Microsoft\Teams
2024-03-11 21:21 - 2023-10-30 20:22 - 000000000 ____D C:\Users\Boss\AppData\Local\SquirrelTemp
2024-03-11 19:51 - 2023-06-05 09:34 - 000000000 ____D C:\Users\Boss\AppData\Roaming\Microsoft\Office
2024-03-11 19:17 - 2023-06-05 09:34 - 000000000 ____D C:\Users\Boss\AppData\Roaming\Microsoft\UProof
2024-03-11 18:26 - 2023-10-30 20:23 - 000002398 _____ C:\Users\Boss\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Microsoft Teams classic.lnk
2024-03-11 18:15 - 2023-10-06 13:42 - 000000000 ____D C:\Program Files\RUXIM
2024-03-11 18:15 - 2023-05-23 12:49 - 001605602 _____ C:\Windows\system32\PerfStringBackup.INI
2024-03-11 18:15 - 2019-12-07 15:43 - 000682184 _____ C:\Windows\system32\perfh005.dat
2024-03-11 18:15 - 2019-12-07 15:43 - 000137000 _____ C:\Windows\system32\perfc005.dat
2024-03-11 18:11 - 2023-12-18 20:05 - 000000000 ____D C:\Program Files\Microsoft OneDrive
2024-03-11 18:11 - 2021-05-22 23:09 - 000008192 ___SH C:\DumpStack.log.tmp
2024-03-11 18:11 - 2021-05-22 23:09 - 000000006 ____H C:\Windows\Tasks\SA.DAT
2024-03-11 18:10 - 2023-05-23 12:57 - 000065536 _____ C:\Windows\system32\spu_storage.bin
2024-03-11 18:10 - 2019-12-07 10:03 - 000262144 _____ C:\Windows\system32\config\BBI
2024-03-11 18:09 - 2023-06-20 12:15 - 000000000 ____D C:\Users\Boss\AppData\LocalLow\Temp
2024-03-11 18:08 - 2019-12-07 10:14 - 000000000 ___HD C:\Windows\system32\GroupPolicy
2024-03-10 17:40 - 2023-12-17 18:06 - 000000000 ____D C:\Program Files\Microsoft Office
2024-03-10 17:34 - 2021-05-22 23:09 - 000002436 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Microsoft Edge.lnk
2024-03-10 17:31 - 2023-05-23 12:53 - 000000000 ____D C:\Users\Boss\AppData\Local\AMD_Common
2024-03-10 17:28 - 2023-12-17 17:55 - 000003194 _____ C:\Windows\system32\Tasks\OneDrive Per-Machine Standalone Update Task
2024-03-10 17:28 - 2023-12-17 17:55 - 000002130 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Programs\OneDrive.lnk
2024-03-10 17:28 - 2023-05-23 12:47 - 000003596 _____ C:\Windows\system32\Tasks\OneDrive Reporting Task-S-1-5-21-4194677476-3627657768-3988829947-1001
2024-03-10 17:28 - 2021-05-22 23:09 - 000003640 _____ C:\Windows\system32\Tasks\MicrosoftEdgeUpdateTaskMachineUA
2024-03-10 17:28 - 2021-05-22 23:09 - 000003516 _____ C:\Windows\system32\Tasks\MicrosoftEdgeUpdateTaskMachineCore
2024-02-29 18:09 - 2021-05-22 23:09 - 000000000 ____D C:\Windows\system32\Drivers\wd
2024-02-27 17:02 - 2023-06-05 09:34 - 000000000 ____D C:\Users\Boss\AppData\Roaming\Microsoft\Word
2024-02-27 17:02 - 2023-06-05 09:34 - 000000000 ____D C:\Users\Boss\AppData\Roaming\Microsoft\Excel
2024-02-27 16:50 - 2023-09-16 18:09 - 000000000 ____D C:\Users\Boss\AppData\Local\CrashDumps
2024-02-25 14:12 - 2024-01-13 17:40 - 000000000 ____D C:\Program Files\Mozilla Firefox
2024-02-25 14:12 - 2023-09-09 13:16 - 000000000 ____D C:\Program Files (x86)\Mozilla Maintenance Service
2024-02-25 14:12 - 2021-05-22 23:09 - 000454096 _____ C:\Windows\system32\FNTCACHE.DAT
2024-02-25 00:30 - 2019-12-07 15:47 - 000000000 ___SD C:\Windows\system32\AppV
2024-02-25 00:30 - 2019-12-07 10:14 - 000000000 ____D C:\Windows\SysWOW64\WinMetadata
2024-02-25 00:30 - 2019-12-07 10:14 - 000000000 ____D C:\Windows\SysWOW64\setup
2024-02-25 00:30 - 2019-12-07 10:14 - 000000000 ____D C:\Windows\SystemResources
2024-02-25 00:30 - 2019-12-07 10:14 - 000000000 ____D C:\Windows\system32\WinMetadata
2024-02-25 00:30 - 2019-12-07 10:14 - 000000000 ____D C:\Windows\system32\setup
2024-02-25 00:30 - 2019-12-07 10:14 - 000000000 ____D C:\Windows\system32\SecureBootUpdates
2024-02-25 00:30 - 2019-12-07 10:14 - 000000000 ____D C:\Windows\system32\oobe
2024-02-25 00:30 - 2019-12-07 10:14 - 000000000 ____D C:\Windows\system32\migwiz
2024-02-25 00:30 - 2019-12-07 10:14 - 000000000 ____D C:\Windows\system32\appraiser
2024-02-25 00:30 - 2019-12-07 10:14 - 000000000 ____D C:\Windows\ShellComponents
2024-02-25 00:30 - 2019-12-07 10:14 - 000000000 ____D C:\Windows\bcastdvr
2024-02-24 15:20 - 2023-09-10 12:20 - 000001005 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Firefox.lnk
2024-02-16 21:10 - 2021-05-22 23:13 - 003016192 _____ (Microsoft Corporation) C:\Windows\SysWOW64\PrintConfig.dll
2024-02-16 20:23 - 2019-12-07 10:03 - 000032768 _____ C:\Windows\system32\config\ELAM

==================== Files in the root of some directories ========

2023-11-15 16:58 - 2023-11-15 16:58 - 010571443 _____ () C:\Program Files (x86)\SCP-DS-Driver-Package-1.2.0.160.7z
2023-06-02 10:04 - 2023-06-02 10:04 - 000000001 _____ () C:\Users\Boss\AppData\Local\llftool.4.40.agreement

==================== SigCheck ============================

(There is no automatic fix for files that do not pass verification.)

==================== End of FRST.txt ========================
Nahoru
Uživatelský avatar
Rudy
Site Admin
Site Admin
Příspěvky: 118275
Registrován: 30 říj 2003 13:42
Bydliště: Plzeň
Kontaktovat uživatele:
Kontaktovat uživatele Rudy

Re: Samovolný pohyb myši a samovolné otvírání prohlížeče

#15 Příspěvek od Rudy »

Zkuste smazat tento soubor: C:\Users\Boss\AppData\Local\Microsoft\Teams\Update.exe .
Dotazy a logy vkládejte pouze do vašich threadů. Soukromé zprávy, icq a e-maily neslouží k řešení vašich problémů.

Podpořte, prosím, naše fórum : https://platba.viry.cz/payment/.

Navštivte: Obrázek

e-mail: rudy(zavináč)forum.viry.cz

Varování: Před odvirováním PC si udělejte zálohy svých důležitých dat (pošta, kontakty, dokumenty, fotografie, videa, hudba apod.). Virus mimo svých "viditelných" aktivit může poškodit systém!


Po dořešení vašeho problému bude vlákno zamknuto. Stejně tak tehdy, pokud bude nečinné více než 14dnů. Pokud budete chtít vlákno aktivovat, napište mi na mail uvedený výše.
Nahoru
Odpovědět

Zpět na „Řešení problémů, logy“