Youtube vyžaduje captcha

[pepezdepa]

Dobrý den,

v posledních týdnech jsem zaznamenal problémy s Youtube, které jsem do té doby neměl. Hlavně na stránkách s odkazem na Youtube video se mi často ukazuje tento nápis:

"Naše systémy zjistily, že vaše počítačová síť je zdrojem neobvyklého provozu. Účelem této stránky je zkontrolovat, zda požadavky odesíláte skutečně vy, a ne robot."

Není to setrvalý stav. Některé dny se problém neobjeví vůbec, jindy přetrvává i půl dne, obvykle hlavně ve večerních hodinách. Nutno dodat, že přímo na stránkách Youtube mi jedou videa bez potíží, i když i zde se objevil jednou či dvakrát tento problém. Také se mi už dvakrát na mé telce s Androidem stalo, že jsem se nemohl do Youtube připojit a nepomohlo ani vypnutí, ani restart. Projel jsem tedy počítače antivirákem Norton 360, ale žádné breberky mi to nenašlo.

Tento problém se objevuje na obou mých PC i mobilu napojeném na Wi-Fi bez rozdílu na použitý browser. Pokud zapnu VPN, potíže zmizí. Prosím o radu, jak postupovat dál. Děkuji.

Additional scan result of Farbar Recovery Scan Tool (x64) Version: 11.03.2024
Ran by Tomík (12-03-2024 08:49:27)
Running from C:\Users\Tomík\OneDrive\Plocha
Microsoft Windows 10 Home Version 22H2 19045.4046 (X64) (2023-09-14 13:55:40)
Boot Mode: Normal
==========================================================


==================== Accounts: =============================


(If an entry is included in the fixlist, it will be removed.)

Administrator (S-1-5-21-164412472-2611241565-492249232-500 - Administrator - Disabled)
DefaultAccount (S-1-5-21-164412472-2611241565-492249232-503 - Limited - Disabled)
Guest (S-1-5-21-164412472-2611241565-492249232-501 - Limited - Disabled)
Tomík (S-1-5-21-164412472-2611241565-492249232-1001 - Administrator - Enabled) => C:\Users\Tomík
WDAGUtilityAccount (S-1-5-21-164412472-2611241565-492249232-504 - Limited - Disabled)

==================== Security Center ========================

(If an entry is included in the fixlist, it will be removed.)

AV: Windows Defender (Disabled - Up to date) {D68DDC3A-831F-4fae-9E44-DA132C1ACF46}
AV: Norton 360 (Enabled - Up to date) {AECE2126-F4E7-6909-11F2-1B69D1FBCBD0}
FW: Norton 360 (Enabled) {96F5A003-BE88-6851-3AAD-B25C2F288CAB}

==================== Installed Programs ======================

(Only the adware programs with "Hidden" flag could be added to the fixlist to unhide them. The adware programs should be uninstalled manually.)

7-Zip 23.01 (x64) (HKLM\...\7-Zip) (Version: 23.01 - Igor Pavlov)
AC: Valhalla CZ v2.0 (HKLM-x32\...\AC: Valhalla CZ) (Version: 2.0 - Squiee)
AIDA64 Extreme v6.90 (HKLM-x32\...\AIDA64 Extreme_is1) (Version: 6.90 - FinalWire Ltd.)
AMD GPIO2 Driver (HKLM-x32\...\{E9DD399F-21A3-479E-A7DF-D6CF4B2ADBF3}) (Version: 2.2.0.130 - Advanced Micro Devices, Inc.) Hidden
AMD Chipset Software (HKLM-x32\...\AMD_Chipset_IODrivers) (Version: 5.01.29.2026 - Advanced Micro Devices, Inc.)
AMD PPM Provisioning File Driver (HKLM-x32\...\{3665A5DE-D07C-46D7-9207-713E8E9FEF32}) (Version: 8.0.0.18 - Advanced Micro Devices, Inc.) Hidden
AMD PSP Driver (HKLM-x32\...\{988F14B8-79A8-475D-BAC7-83F96AD3D821}) (Version: 5.22.0.0 - Advanced Micro Devices, Inc.) Hidden
AMD Ryzen Master (HKLM\...\{02247819-03CD-414E-AC8D-FD518BFBA445}) (Version: 2.11.2.2659 - Advanced Micro Devices, Inc.) Hidden
AMD Ryzen Master (HKLM\...\AMD Ryzen Master) (Version: 2.11.2.2659 - Advanced Micro Devices, Inc.)
AMD SBxxx SMBus Driver (HKLM-x32\...\{AAE0E27D-C88A-49BA-8715-77ADCD4286A3}) (Version: 5.12.0.38 - Advanced Micro Devices, Inc.) Hidden
AMD_Chipset_Drivers (HKLM-x32\...\{8de7ed70-e784-45ea-951c-088ea579e49a}) (Version: 5.01.29.2026 - Advanced Micro Devices, Inc.) Hidden
Aplikace NVIDIA 10.0.0.499 (HKLM\...\{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_Display.NvApp) (Version: 10.0.0.499 - NVIDIA Corporation)
AppLogLibSetup (HKLM-x32\...\{52FB0C8F-DF05-4C61-AEB6-18C55F8C385F}) (Version: 1.0.3.0 - Brother Industries Ltd.) Hidden
Assassin's Creed Valhalla (HKLM-x32\...\Uplay Install 13504) (Version: - Ubisoft)
Battle.net (HKLM-x32\...\Battle.net) (Version: - Blizzard Entertainment)
Brave (HKLM-x32\...\BraveSoftware Brave-Browser) (Version: 122.1.63.169 - Autoři prohlížeče Brave)
BrLauncher (HKLM-x32\...\{42D26B47-887C-45FC-BCAE-0BE485C5C0BB}) (Version: 2.0.11.0 - Brother Industries Ltd.) Hidden
BrLogRx (HKLM-x32\...\{190861E7-09C5-42D8-BB4B-0AFB234BCFC1}) (Version: 1.0.3.1 - Brother Industries Ltd.) Hidden
Brother iPrint&Scan (HKLM-x32\...\{7093f2e2-41d5-47f1-a1ea-781ab3ff33ec}) (Version: 11.0.3.4 - Brother Industries, Ltd.)
Brother iPrint&Scan (HKLM-x32\...\{DBA3C538-7D37-4A8B-92F0-8D1620A59360}) (Version: 11.0.3.4 - Brother Industries, Ltd.) Hidden
Brother Port Driver (HKLM-x32\...\{6CEC6409-A328-44E2-A6CA-69A60699740E}) (Version: 1.0.14.1 - Brother Industries Ltd.) Hidden
Brother Printer Driver (HKLM-x32\...\{D9164C2E-91BA-4D5D-B49A-604BB0A127FE}) (Version: 1.9.0.0 - Brother Industries Ltd.) Hidden
Brother Scanner Driver (HKLM-x32\...\{45E4523F-2842-410D-90C6-6D19974B8E57}) (Version: 1.0.28.1 - Brother Industries Ltd.) Hidden
BrSupportTools (HKLM-x32\...\{32F47565-84B1-42CC-B09A-4CDDD9A32F94}) (Version: 1.0.20.0 - Brother Industries Ltd.) Hidden
Classic Shell (HKLM\...\{CABCE573-0A86-42FA-A52A-C7EA61D5BE08}) (Version: 4.3.1 - IvoSoft)
ControlCenter4 (HKLM-x32\...\{9091B952-8719-49C3-9CC7-6E20EC61081F}) (Version: 4.6.6.1 - Brother Industries, Ltd.) Hidden
ControlCenter4 CSDK (HKLM-x32\...\{FD8A9511-BFC9-43B5-BB75-9CEC0EA03CF0}) (Version: 4.6.1.1 - Brother Industries, Ltd.) Hidden
CPUID CPU-Z 2.07 (HKLM\...\CPUID CPU-Z_is1) (Version: 2.07 - CPUID, Inc.)
Crucial Storage Executive (HKU\S-1-5-21-164412472-2611241565-492249232-1001\...\Crucial Storage Executive 9.09.092023.03) (Version: 9.09.092023.03 - Crucial)
CrystalDiskInfo 9.1.1 (HKLM\...\CrystalDiskInfo_is1) (Version: 9.1.1 - Crystal Dew World)
Diablo II + Lord of Destruction (CZ Dabing + Texty) (HKLM-x32\...\FPD_D2+LOD_is1) (Version: 1.0 - Fénix ProDabing)
Dual-Core Optimizer (HKLM-x32\...\{9FD6F1A8-5550-46AF-8509-271DF0E768B5}) (Version: 1.1.4.0169 - AMD)
EA app (HKLM\...\{C2622085-ABD2-49E5-8AB9-D3D6A642C091}) (Version: 13.140.0.5653 - Electronic Arts) Hidden
EA app (HKLM-x32\...\{a7151cd1-211b-4578-8af5-f4c6016a3e54}) (Version: 13.140.0.5653 - Electronic Arts)
Epic Games Launcher (HKLM-x32\...\{AEB35C6C-B6D4-4AA0-8452-DE699737B5F6}) (Version: 1.3.82.0 - Epic Games, Inc.)
Epic Online Services (HKLM-x32\...\{35905844-0610-427D-86A0-2103FABE3D4D}) (Version: 2.0.42.0 - Epic Games, Inc.)
Fallout 4 - Čeština (HKLM-x32\...\{42505231-68D1-4F96-92B8-20248DE22F10}) (Version: 1.0.3 - prekladyher.eu)
Fallout 76 - čeština (HKLM-x32\...\{9F153C9C-19DB-4906-B2E3-DAB3B69B3215}_is1) (Version: 2024-01-30 - Naprogramuji.eu)
Geeks3D FurMark 1.36.0.0 (HKLM-x32\...\{2397CAD4-2263-4CD0-96BE-E43A980B9C9A}_is1) (Version: 1.36.0.0 - Geeks3D)
GOG GALAXY (HKLM-x32\...\{7258BA11-600C-430E-A759-27E2C691A335}_is1) (Version: 2.0.73.27 - GOG.com)
Google Chrome (HKLM\...\{37A0D46D-9BFE-352E-8B00-9ED6C296E9A5}) (Version: 122.0.6261.112 - Google LLC)
HD Tune 2.55 (HKLM-x32\...\HD Tune_is1) (Version: - EFD Software)
HowToGuide (HKLM-x32\...\{36580EEB-4EDF-4880-BBD4-097E2C645ECD}) (Version: 1.0.1.0 - Brother Industries Ltd.) Hidden
HttpToUsbBridge (HKLM-x32\...\{A92EB32D-F0D1-45D8-A071-262D1229D400}) (Version: 2.0.33.1 - Brother Industries Ltd.)
HWiNFO64 Version 7.64 (HKLM\...\HWiNFO64_is1) (Version: 7.64 - Martin Malik, REALiX s.r.o.)
Icecream Ebook Reader 6 verze 6.42 (HKLM-x32\...\{67C22DDD-238A-4587-AC0E-2802AE70CB42}_is1) (Version: 6.42 - Icecream Apps)
ICQ (verze 23.2.0.48119) (HKU\S-1-5-21-164412472-2611241565-492249232-1001\...\icq.desktop) (Version: 23.2.0.48119 - Mail.ru LLC)
KMPlayer (remove only) (HKLM-x32\...\The KMPlayer) (Version: 4.2.3.6 - PandoraTV)
Kodi (HKU\S-1-5-21-164412472-2611241565-492249232-1001\...\Kodi) (Version: 20.2.0.0 - XBMC Foundation)
Launcher Prerequisites (x64) (HKLM-x32\...\{43a03b9c-4770-409c-a999-587b60700b63}) (Version: 1.0.0.0 - Epic Games, Inc.) Hidden
LOOT verze 0.22.3 (HKLM\...\{BF634210-A0D4-443F-A657-0DCE38040374}_is1) (Version: 0.22.3 - LOOT Team)
Microsoft .NET 6.0 Templates 6.0.418 (x64) (HKLM\...\{21A0BE16-B3C9-49AD-8248-D1483F46E318}) (Version: 24.7.34549 - Microsoft Corporation) Hidden
Microsoft .NET AppHost Pack - 6.0.26 (x64) (HKLM\...\{3B7BBBE3-9BDC-4F17-AFD9-0175520FD76E}) (Version: 48.104.7000 - Microsoft Corporation) Hidden
Microsoft .NET AppHost Pack - 6.0.26 (x64_arm) (HKLM\...\{5A480FE9-389E-43B5-8760-74A21CFE7BFB}) (Version: 48.104.7000 - Microsoft Corporation) Hidden
Microsoft .NET AppHost Pack - 6.0.26 (x64_arm64) (HKLM\...\{17F5F7DB-6429-4DAB-B427-E964853AF4B0}) (Version: 48.104.7000 - Microsoft Corporation) Hidden
Microsoft .NET AppHost Pack - 6.0.26 (x64_x86) (HKLM\...\{381A6531-6B67-4F82-881C-02A5A6DB0A64}) (Version: 48.104.7000 - Microsoft Corporation) Hidden
Microsoft .NET Core Host - 3.1.32 (x86) (HKLM-x32\...\{3C73457A-1A33-4DE0-B6C2-6FBA877E1FCF}) (Version: 24.192.31915 - Microsoft Corporation) Hidden
Microsoft .NET Core Host FX Resolver - 3.1.32 (x86) (HKLM-x32\...\{CE1A992F-4571-423D-9CAE-1184E8F29471}) (Version: 24.192.31915 - Microsoft Corporation) Hidden
Microsoft .NET Core Runtime - 3.1.32 (x86) (HKLM-x32\...\{841FE4B1-2C3F-4304-A686-6DF41B4CC1A1}) (Version: 24.192.31915 - Microsoft Corporation) Hidden
Microsoft .NET Host - 6.0.26 (x64) (HKLM\...\{87EBA554-A002-4EF4-A612-4FFD06092B5B}) (Version: 48.104.7000 - Microsoft Corporation) Hidden
Microsoft .NET Host - 7.0.14 (x64) (HKLM\...\{9C80B2AB-2F2D-45B3-A287-DDA827E3A561}) (Version: 56.56.4026 - Microsoft Corporation) Hidden
Microsoft .NET Host FX Resolver - 6.0.11 (x64) (HKLM\...\{5E63E49B-C88C-46C5-855C-A7B07C11CDC8}) (Version: 48.47.50420 - Microsoft Corporation) Hidden
Microsoft .NET Host FX Resolver - 6.0.26 (x64) (HKLM\...\{D81A418F-966D-4069-B3E8-5EE4843CA862}) (Version: 48.104.7000 - Microsoft Corporation) Hidden
Microsoft .NET Host FX Resolver - 7.0.14 (x64) (HKLM\...\{D8110067-D041-4061-84F4-DAB281E54EAC}) (Version: 56.56.4026 - Microsoft Corporation) Hidden
Microsoft .NET Runtime - 6.0.11 (x64) (HKLM\...\{C3DD1448-513A-4DB8-978D-6991562EA63D}) (Version: 48.47.50420 - Microsoft Corporation) Hidden
Microsoft .NET Runtime - 6.0.26 (x64) (HKLM\...\{1A02C1B1-05BB-49F7-9DFF-99A66C6877FC}) (Version: 48.104.7000 - Microsoft Corporation) Hidden
Microsoft .NET Runtime - 7.0.14 (x64) (HKLM\...\{9C583D0D-D10B-4E33-A3A8-CD07B6DB9E2D}) (Version: 56.56.4026 - Microsoft Corporation) Hidden
Microsoft .NET SDK 6.0.418 (x64) (HKLM-x32\...\{4912adcb-6fee-4197-8fcd-aafcdce2acd3}) (Version: 6.4.1823.60533 - Microsoft Corporation)
Microsoft .NET Standard Targeting Pack - 2.1.0 (x64) (HKLM\...\{A7036CFB-B403-4598-85FF-D397ABB88173}) (Version: 24.0.28113 - Microsoft Corporation) Hidden
Microsoft .NET Targeting Pack - 6.0.26 (x64) (HKLM\...\{0973B714-6575-497F-97E2-6B1D24D7086E}) (Version: 48.104.7000 - Microsoft Corporation) Hidden
Microsoft .NET Toolset 6.0.418 (x64) (HKLM\...\{5D07A29E-64DA-4A44-9586-219CCFEFA8E0}) (Version: 24.7.34549 - Microsoft Corporation) Hidden
Microsoft ASP.NET Core 3.1.32 - Shared Framework (x86) (HKLM-x32\...\{b52191c1-a9c0-4b34-9a4e-930c2dd8a540}) (Version: 3.1.32.22566 - Microsoft Corporation)
Microsoft ASP.NET Core 3.1.32 Shared Framework (x86) (HKLM-x32\...\{C2C8E71E-42CF-3CFE-8CFB-F8F96670C190}) (Version: 3.1.32.22566 - Microsoft Corporation) Hidden
Microsoft ASP.NET Core 6.0.26 - Shared Framework (x64) (HKLM-x32\...\{fc672bf5-721d-4dd3-98e9-c9ffcf762507}) (Version: 6.0.26.23605 - Microsoft Corporation)
Microsoft ASP.NET Core 6.0.26 - Shared Framework (x86) (HKLM-x32\...\{d1e22c7c-6a8f-4b35-9be8-80044cb3a07a}) (Version: 6.0.26.23605 - Microsoft Corporation)
Microsoft ASP.NET Core 6.0.26 Shared Framework (x64) (HKLM\...\{ED755FBF-3CAE-3206-A32D-16E67F7CC9A3}) (Version: 6.0.26.23605 - Microsoft Corporation) Hidden
Microsoft ASP.NET Core 6.0.26 Shared Framework (x86) (HKLM-x32\...\{72808BB7-C9C4-3F36-A477-61BE5AAB1807}) (Version: 6.0.26.23605 - Microsoft Corporation) Hidden
Microsoft ASP.NET Core 6.0.26 Targeting Pack (x64) (HKLM\...\{764E0466-4783-3C09-9218-D220E568EF0E}) (Version: 6.0.26.23605 - Microsoft Corporation) Hidden
Microsoft ASP.NET Core 7.0.15 - Shared Framework (x64) (HKLM-x32\...\{c0cf774f-6ded-4667-8bb8-a3b3ea6972fd}) (Version: 7.0.15.23601 - Microsoft Corporation)
Microsoft ASP.NET Core 7.0.15 - Shared Framework (x86) (HKLM-x32\...\{d0563f99-4c02-40c5-bc45-6016586d59f3}) (Version: 7.0.15.23601 - Microsoft Corporation)
Microsoft ASP.NET Core 7.0.15 Shared Framework (x64) (HKLM\...\{AC104996-78D2-334C-830D-63B5B1BF994A}) (Version: 7.0.15.23601 - Microsoft Corporation) Hidden
Microsoft ASP.NET Core 7.0.15 Shared Framework (x86) (HKLM-x32\...\{ED9A8889-1C43-369A-8FEC-606818093273}) (Version: 7.0.15.23601 - Microsoft Corporation) Hidden
Microsoft Edge (HKLM-x32\...\Microsoft Edge) (Version: 122.0.2365.80 - Microsoft Corporation)
Microsoft Edge WebView2 Runtime (HKLM-x32\...\Microsoft EdgeWebView) (Version: 122.0.2365.80 - Microsoft Corporation)
Microsoft Office Professional Plus 2019 - cs-cz (HKLM\...\ProPlus2019Retail - cs-cz) (Version: 16.0.17328.20162 - Microsoft Corporation)
Microsoft OneDrive (HKLM\...\OneDriveSetup.exe) (Version: 24.025.0204.0003 - Microsoft Corporation)
Microsoft Update Health Tools (HKLM\...\{1FC1A6C2-576E-489A-9B4A-92D21F542136}) (Version: 3.74.0.0 - Microsoft Corporation)
Microsoft Visual C++ 2005 Redistributable (HKLM-x32\...\{7299052b-02a4-4627-81f2-1818da5d550d}) (Version: 8.0.56336 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x64 9.0.30729.17 (HKLM\...\{8220EEFE-38CD-377E-8595-13398D740ACE}) (Version: 9.0.30729 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x64 9.0.30729.6161 (HKLM\...\{5FCE6D76-F5DC-37AB-B2B8-22AB8CEDB1D4}) (Version: 9.0.30729.6161 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x86 9.0.21022 (HKLM-x32\...\{FF66E9F6-83E7-3A3E-AF14-8DE9A809A6A4}) (Version: 9.0.21022 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.17 (HKLM-x32\...\{9A25302D-30C0-39D9-BD6F-21E6EC160475}) (Version: 9.0.30729 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.6161 (HKLM-x32\...\{9BE518E6-ECC6-35A9-88E4-87755C07200F}) (Version: 9.0.30729.6161 - Microsoft Corporation)
Microsoft Visual C++ 2010 x64 Redistributable - 10.0.40219 (HKLM\...\{1D8E6291-B0D5-35EC-8441-6616F567A0F7}) (Version: 10.0.40219 - Microsoft Corporation)
Microsoft Visual C++ 2010 x86 Redistributable - 10.0.40219 (HKLM-x32\...\{F0C3E5D1-1ADE-321E-8167-68EF0DE699A5}) (Version: 10.0.40219 - Microsoft Corporation)
Microsoft Visual C++ 2012 Redistributable (x64) - 11.0.61030 (HKLM-x32\...\{ca67548a-5ebe-413a-b50c-4b9ceb6d66c6}) (Version: 11.0.61030.0 - Microsoft Corporation)
Microsoft Visual C++ 2012 Redistributable (x86) - 11.0.61030 (HKLM-x32\...\{33d1fd90-4274-48a1-9bc1-97e33d9c2d6f}) (Version: 11.0.61030.0 - Microsoft Corporation)
Microsoft Visual C++ 2012 x64 Additional Runtime - 11.0.61030 (HKLM\...\{37B8F9C7-03FB-3253-8781-2517C99D7C00}) (Version: 11.0.61030 - Microsoft Corporation) Hidden
Microsoft Visual C++ 2012 x64 Minimum Runtime - 11.0.61030 (HKLM\...\{CF2BEA3C-26EA-32F8-AA9B-331F7E34BA97}) (Version: 11.0.61030 - Microsoft Corporation) Hidden
Microsoft Visual C++ 2012 x86 Additional Runtime - 11.0.61030 (HKLM-x32\...\{B175520C-86A2-35A7-8619-86DC379688B9}) (Version: 11.0.61030 - Microsoft Corporation) Hidden
Microsoft Visual C++ 2012 x86 Minimum Runtime - 11.0.61030 (HKLM-x32\...\{BD95A8CD-1D9F-35AD-981A-3E7925026EBB}) (Version: 11.0.61030 - Microsoft Corporation) Hidden
Microsoft Visual C++ 2013 Redistributable (x64) - 12.0.30501 (HKLM-x32\...\{050d4fc8-5d48-4b8f-8972-47c82c46020f}) (Version: 12.0.30501.0 - Microsoft Corporation)
Microsoft Visual C++ 2013 Redistributable (x64) - 12.0.40664 (HKLM-x32\...\{042d26ef-3dbe-4c25-95d3-4c1b11b235a7}) (Version: 12.0.40664.0 - Microsoft Corporation)
Microsoft Visual C++ 2013 Redistributable (x86) - 12.0.30501 (HKLM-x32\...\{f65db027-aff3-4070-886a-0d87064aabb1}) (Version: 12.0.30501.0 - Microsoft Corporation)
Microsoft Visual C++ 2013 Redistributable (x86) - 12.0.40664 (HKLM-x32\...\{9dff3540-fc85-4ed5-ac84-9e3c7fd8bece}) (Version: 12.0.40664.0 - Microsoft Corporation)
Microsoft Visual C++ 2013 x64 Additional Runtime - 12.0.40664 (HKLM\...\{010792BA-551A-3AC0-A7EF-0FAB4156C382}) (Version: 12.0.40664 - Microsoft Corporation) Hidden
Microsoft Visual C++ 2013 x64 Minimum Runtime - 12.0.40664 (HKLM\...\{53CF6934-A98D-3D84-9146-FC4EDF3D5641}) (Version: 12.0.40664 - Microsoft Corporation) Hidden
Microsoft Visual C++ 2013 x86 Additional Runtime - 12.0.40664 (HKLM-x32\...\{D401961D-3A20-3AC7-943B-6139D5BD490A}) (Version: 12.0.40664 - Microsoft Corporation) Hidden
Microsoft Visual C++ 2013 x86 Minimum Runtime - 12.0.40664 (HKLM-x32\...\{8122DAB1-ED4D-3676-BB0A-CA368196543E}) (Version: 12.0.40664 - Microsoft Corporation) Hidden
Microsoft Visual C++ 2015-2022 Redistributable (x64) - 14.38.33135 (HKLM-x32\...\{c649ede4-f16a-4486-a117-dcc2f2a35165}) (Version: 14.38.33135.0 - Microsoft Corporation)
Microsoft Visual C++ 2015-2022 Redistributable (x86) - 14.38.33135 (HKLM-x32\...\{46c3b171-c15c-4137-8e1d-67eeb2985b44}) (Version: 14.38.33135.0 - Microsoft Corporation)
Microsoft Visual C++ 2022 X64 Additional Runtime - 14.38.33135 (HKLM\...\{19AFE054-CA83-45D5-A9DB-4108EF4BD391}) (Version: 14.38.33135 - Microsoft Corporation) Hidden
Microsoft Visual C++ 2022 X64 Minimum Runtime - 14.38.33135 (HKLM\...\{AA0C8AB5-7297-4D46-A0D9-08096FE59E46}) (Version: 14.38.33135 - Microsoft Corporation) Hidden
Microsoft Visual C++ 2022 X86 Additional Runtime - 14.38.33135 (HKLM-x32\...\{9C19C103-7DB1-44D1-A039-2C076A633A38}) (Version: 14.38.33135 - Microsoft Corporation) Hidden
Microsoft Visual C++ 2022 X86 Minimum Runtime - 14.38.33135 (HKLM-x32\...\{286DC39B-5FB7-4AFF-9DD4-22DB47664CD7}) (Version: 14.38.33135 - Microsoft Corporation) Hidden
Microsoft Windows Desktop Runtime - 3.1.32 (x86) (HKLM-x32\...\{25D5B94A-E3CD-44E8-9C3A-FE320B7B38FC}) (Version: 24.192.31915 - Microsoft Corporation) Hidden
Microsoft Windows Desktop Runtime - 3.1.32 (x86) (HKLM-x32\...\{4f894285-fd43-43ac-8669-33e8b7c0a97d}) (Version: 3.1.32.31915 - Microsoft Corporation)
Microsoft Windows Desktop Runtime - 6.0.11 (x64) (HKLM\...\{A39D4115-3A27-4245-AE92-3214B8B21932}) (Version: 48.47.50419 - Microsoft Corporation) Hidden
Microsoft Windows Desktop Runtime - 6.0.11 (x64) (HKLM-x32\...\{c4846f79-a633-4ae4-92a3-92fdbeb33da2}) (Version: 6.0.11.31823 - Microsoft Corporation)
Microsoft Windows Desktop Runtime - 6.0.26 (x64) (HKLM\...\{1F0EB53C-BE30-436A-BC54-FA364227A870}) (Version: 48.104.6996 - Microsoft Corporation) Hidden
Microsoft Windows Desktop Runtime - 7.0.14 (x64) (HKLM\...\{33ED69D3-7E88-4885-9875-6C0711368017}) (Version: 56.56.4039 - Microsoft Corporation) Hidden
Microsoft Windows Desktop Runtime - 7.0.14 (x64) (HKLM-x32\...\{7f2c8be3-7757-4594-aead-09a5112e7725}) (Version: 7.0.14.33020 - Microsoft Corporation)
Microsoft Windows Desktop Targeting Pack - 6.0.26 (x64) (HKLM\...\{4E61286A-B95A-4FCC-85AA-D4C7A9AEB5EF}) (Version: 48.104.6996 - Microsoft Corporation) Hidden
Microsoft.NET.Sdk.Android.Manifest-6.0.300 (HKLM\...\{F4E591C2-810D-4D36-B4F9-DC55103019D1}) (Version: 128.75.16384 - Microsoft Corporation) Hidden
Microsoft.NET.Sdk.iOS.Manifest-6.0.300 (HKLM\...\{BBA9C60D-75E7-44EE-922D-069AA85C8EC1}) (Version: 125.191.42208 - Microsoft Corporation) Hidden
Microsoft.NET.Sdk.MacCatalyst.Manifest-6.0.300 (HKLM\...\{FEB76EC8-02F4-46E6-8031-BE403766D13A}) (Version: 125.191.42208 - Microsoft Corporation) Hidden
Microsoft.NET.Sdk.macOS.Manifest-6.0.300 (HKLM\...\{F590F859-2F6A-4559-9D09-A8FC442AF16B}) (Version: 100.255.42208 - Microsoft Corporation) Hidden
Microsoft.NET.Sdk.Maui.Manifest-6.0.300 (HKLM\...\{C2863251-07E7-44A0-B2F8-4C4E2AF08937}) (Version: 24.78.0 - Microsoft Corporation) Hidden
Microsoft.NET.Sdk.tvOS.Manifest-6.0.300 (HKLM\...\{69B1631F-5F98-4C6C-B757-46B0ECC8EDBB}) (Version: 125.191.42208 - Microsoft Corporation) Hidden
Microsoft.NET.Workload.Emscripten.Manifest (x64) (HKLM\...\{901396D0-D47F-4FCE-B247-8C45C97527EA}) (Version: 48.104.6994 - Microsoft Corporation) Hidden
Microsoft.NET.Workload.Mono.Toolchain.Manifest (HKLM\...\{DBB48387-294D-4179-81CB-B06A97F8CD8E}) (Version: 48.3.40665 - Microsoft Corporation) Hidden
MSI Afterburner 4.6.5 (HKLM-x32\...\Afterburner) (Version: 4.6.5 - MSI Co., LTD)
NetworkRepairTool (HKLM-x32\...\{86E68F57-FAFE-4052-BDD4-3B90C38236AE}) (Version: 1.2.16.0 - Brother Industries, Ltd.) Hidden
Norton 360 (HKLM-x32\...\NGC) (Version: 22.24.1.6 - NortonLifeLock Inc)
Norton Private Browser (HKLM-x32\...\Norton Private Browser) (Version: 122.0.24263.96 - Autoři prohlížeče Norton Private Browser)
Norton Update Helper (HKLM-x32\...\{469D3039-E8BB-40CB-9989-158443EEA4EB}) (Version: 1.8.1649.5 - Norton LifeLock) Hidden
NVIDIA FrameView SDK 1.4.9615.33661400 (HKLM\...\{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_FrameViewSdk) (Version: 1.4.9615.33661400 - NVIDIA Corporation)
NVIDIA Ovladače grafiky 551.76 (HKLM\...\{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_Display.Driver) (Version: 551.76 - NVIDIA Corporation)
NVIDIA PhysX (HKLM-x32\...\{46ED2B64-85C7-4E1F-920C-A555B21F2E4C}) (Version: 9.11.1111 - NVIDIA Corporation)
Office 16 Click-to-Run Extensibility Component (HKLM\...\{90160000-008C-0000-1000-0000000FF1CE}) (Version: 16.0.17328.20142 - Microsoft Corporation) Hidden
Office 16 Click-to-Run Licensing Component (HKLM\...\{90160000-007E-0000-1000-0000000FF1CE}) (Version: 16.0.17328.20108 - Microsoft Corporation) Hidden
PowerToys (Preview) (HKLM\...\{9F91B32D-DA23-4A11-9009-A77801495BB5}) (Version: 0.79.0 - Microsoft Corporation) Hidden
PowerToys (Preview) x64 (HKU\S-1-5-21-164412472-2611241565-492249232-1001\...\{7daba033-e540-4d47-aa5c-fd6a1f245d2d}) (Version: 0.79.0 - Microsoft Corporation)
Prismatik (unofficial) 64bit (remove only) (HKLM-x32\...\{ABD88CE7-1FFA-416C-96CA-CCC6F2B34236}_is1) (Version: 5.11.2.31 - Patrick Siegler)
Promontory_GPIO Driver (HKLM-x32\...\{B5512BCC-F4CD-4159-86A4-B2AD7D38FFA9}) (Version: 3.0.0.0 - Advanced Micro Devices, Inc.) Hidden
qBittorrent (HKLM-x32\...\qBittorrent) (Version: 4.5.5 - The qBittorrent project)
Realtek Ethernet Controller Driver (HKLM-x32\...\{8833FFB6-5B0C-4764-81AA-06DFEED9A476}) (Version: 10.64.316.2023 - Realtek)
Realtek USB Audio (HKLM-x32\...\{0A46A65D-89AC-464C-8026-3CD44960BD04}) (Version: 6.3.9600.2353 - Realtek Semiconductor Corp.)
Red Dead Redemption 2 (HKLM-x32\...\Red Dead Redemption 2) (Version: 1.0.1491.18 - Rockstar Games)
REDlauncher (HKU\S-1-5-21-164412472-2611241565-492249232-1001\...\{7258BA11-600C-430E-A759-27E2C691A335}-REDlauncher_is1) (Version: - CD Projekt RED)
Return to Monkey Island (HKLM-x32\...\1436760537_is1) (Version: 1.5 (550721) - GOG.com)
Revo Uninstaller 2.4.5 (HKLM\...\{A28DBDA2-3CC7-4ADC-8BFE-66D7743C6C97}_is1) (Version: 2.4.5 - VS Revo Group, Ltd.)
RivaTuner Statistics Server 7.3.4 (HKLM-x32\...\RTSS) (Version: 7.3.4 - Unwinder)
Rockstar Games Launcher (HKLM-x32\...\Rockstar Games Launcher) (Version: 1.0.83.1767 - Rockstar Games)
Rockstar Games Social Club (HKLM-x32\...\Rockstar Games Social Club) (Version: 2.2.6.9 - Rockstar Games)
ScannerUtilityInstaller (HKLM-x32\...\{D94DD953-F38C-4220-A17C-9217106510A6}) (Version: 1.20.0.1 - Brother) Hidden
SoftwareUpdateNotification (HKLM-x32\...\{3D1AD910-B82B-4635-B1C3-0CEF9F6F3D34}) (Version: 1.0.21.0 - Brother Industries, Ltd.) Hidden
STAR WARS Jedi - Fallen Order™ (HKLM-x32\...\{D00A89F1-2D8C-4589-B1D1-73A6544E3B1F}) (Version: 1.0.10.0 - Electronic Arts, Inc.)
StatusMonitor (HKLM-x32\...\{9CE041EA-9991-4A5E-BA7E-D568D47C6735}) (Version: 1.37.1.0 - Brother Industries, Ltd.) Hidden
Steam (HKLM-x32\...\Steam) (Version: 2.10.91.91 - Valve Corporation)
TechPowerUp GPU-Z (HKLM-x32\...\{8B0F211E-5846-4FB2-B0B9-4EB31546FDF9}}_is1) (Version: 2.55.0 - TechPowerUp)
Total Commander (Remove or Repair) (HKLM-x32\...\Totalcmd) (Version: 11.03 - Ghisler Software GmbH)
Total Commander 64-bit (Remove or Repair) (HKLM\...\Totalcmd64) (Version: 11.03 - Ghisler Software GmbH)
Ubisoft Connect (HKLM-x32\...\Uplay) (Version: 38.2 - Ubisoft)
UE4 Prerequisites (x64) (HKLM\...\{36EAD5CF-44EF-4FCF-8BE1-D96C4835D7A4}) (Version: 1.0.11.0 - Epic Games, Inc.) Hidden
UE4 Prerequisites (x64) (HKLM-x32\...\{2890ae6b-90e9-448d-b3e6-97e43c21e2fd}) (Version: 1.0.13.0 - Epic Games, Inc.) Hidden
Update for Windows 10 for x64-based Systems (KB5001716) (HKLM\...\{7B63012A-4AC6-40C6-B6AF-B24A84359DD5}) (Version: 8.93.0.0 - Microsoft Corporation)
UsbRepairTool (HKLM-x32\...\{F8762A81-32B5-4144-9F3C-9274F515A651}) (Version: 1.4.0.0 - Brother Industries, Ltd.) Hidden
Vortex (HKLM\...\57979c68-f490-55b8-8fed-8b017a5af2fe) (Version: 1.9.12 - Black Tree Gaming Ltd.)
Wasteland 3 (HKLM-x32\...\2057748185_is1) (Version: J224-1.6.9.420.309496 - GOG.com)
Wasteland 3 Colorado Survival Gear DLC (HKLM-x32\...\1540875525_is1) (Version: J224-1.6.9.420.309496 - GOG.com)
Wasteland 3: Cult of the Holy Detonation (HKLM-x32\...\1770944488_is1) (Version: J224-1.6.9.420.309496 - GOG.com)
Wasteland 3: The Battle of Steeltown (HKLM-x32\...\2003177495_is1) (Version: J224-1.6.9.420.309496 - GOG.com)
Webshare klient (HKLM-x32\...\Webshare klient) (Version: - )
WinRAR 6.24 (64-bit) (HKLM\...\WinRAR archiver) (Version: 6.24.0 - win.rar GmbH)

Chrome apps:
============
Disk Google (HKU\S-1-5-21-164412472-2611241565-492249232-1001\...\2f55cd8fe639ea837c8afa14ee207710) (Version: 1.0 - Google\Chrome)
Dokumenty (HKU\S-1-5-21-164412472-2611241565-492249232-1001\...\d6dea9102ec8b846b05b411c8dfa7cfb) (Version: 1.0 - Google\Chrome)
Gmail (HKU\S-1-5-21-164412472-2611241565-492249232-1001\...\792209dd23c923b718430e98c7ab1215) (Version: 1.0 - Google\Chrome)
Prezentace (HKU\S-1-5-21-164412472-2611241565-492249232-1001\...\5b33da3b56930b7a7292a5738de34fd7) (Version: 1.0 - Google\Chrome)
Tabulky (HKU\S-1-5-21-164412472-2611241565-492249232-1001\...\7e8f9646e10dc7de847715872be12244) (Version: 1.0 - Google\Chrome)
YouTube (HKU\S-1-5-21-164412472-2611241565-492249232-1001\...\69b912e11ed5aacfc2f8b9d9db7c29e2) (Version: 1.0 - Google\Chrome)

Packages:
=========

NVIDIA Control Panel -> C:\Program Files\WindowsApps\NVIDIACorp.NVIDIAControlPanel_8.1.964.0_x64__56jybvy8sckqj [2024-03-06] (NVIDIA Corp.)
Realtek Audio Control -> C:\Program Files\WindowsApps\RealtekSemiconductorCorp.RealtekAudioControl_1.41.290.0_x64__dt26b99r8h8gj [2023-09-16] (Realtek Semiconductor Corp)
Solitaire & Casual Games -> C:\Program Files\WindowsApps\Microsoft.MicrosoftSolitaireCollection_4.19.1262.0_x64__8wekyb3d8bbwe [2024-02-12] (Microsoft Studios) [MS Ad]
Spotify Music -> C:\Program Files\WindowsApps\SpotifyAB.SpotifyMusic_1.232.997.0_x64__zpdnekdrzrea0 [2024-03-02] (Spotify AB) [Startup Task]
WhatsApp -> C:\Program Files\WindowsApps\5319275A.WhatsAppDesktop_2.2409.8.0_x64__cv1g1gvanyjgm [2024-03-07] (WhatsApp Inc.) [Startup Task]

==================== Custom CLSID (Whitelisted): ==============

(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)

CustomCLSID: HKU\S-1-5-21-164412472-2611241565-492249232-1001_Classes\CLSID\{0440049F-D1DC-4E46-B27B-98393D79486B}\InprocServer32 -> C:\Users\Tomík\AppData\Local\PowerToys\WinUI3Apps\PowerToys.PowerRenameExt.dll (Microsoft Corporation -> Microsoft Corporation)
CustomCLSID: HKU\S-1-5-21-164412472-2611241565-492249232-1001_Classes\CLSID\{10144713-1526-46C9-88DA-1FB52807A9FF}\InprocServer32 -> C:\Users\Tomík\AppData\Local\PowerToys\PowerToys.SvgThumbnailProviderCpp.dll (Microsoft Corporation -> Microsoft Corporation)
CustomCLSID: HKU\S-1-5-21-164412472-2611241565-492249232-1001_Classes\CLSID\{33570349-bcd1-d94f-26a0-3c5b865d24ac}\localserver32 -> C:\Program Files (x86)\Steam\steamapps\common\Boom 3D\Boom3D.exe (Global Delight Technologies Private Limited -> )
CustomCLSID: HKU\S-1-5-21-164412472-2611241565-492249232-1001_Classes\CLSID\{36c235a3-d5cf-1110-703f-50acb864cf61}\localserver32 -> C:\Users\Tomík\AppData\Local\PowerToys\PowerToys.PowerLauncher.exe (Microsoft Corporation -> Microsoft Corporation)
CustomCLSID: HKU\S-1-5-21-164412472-2611241565-492249232-1001_Classes\CLSID\{51B4D7E5-7568-4234-B4BB-47FB3C016A69}\InprocServer32 -> C:\Users\Tomík\AppData\Local\PowerToys\PowerToys.ImageResizerExt.dll (Microsoft Corporation -> Microsoft Corporation)
CustomCLSID: HKU\S-1-5-21-164412472-2611241565-492249232-1001_Classes\CLSID\{60789D87-9C3C-44AF-B18C-3DE2C2820ED3}\InprocServer32 -> C:\Users\Tomík\AppData\Local\PowerToys\PowerToys.MarkdownPreviewHandlerCpp.dll (Microsoft Corporation -> Microsoft Corporation)
CustomCLSID: HKU\S-1-5-21-164412472-2611241565-492249232-1001_Classes\CLSID\{729B72CD-B72E-4FE9-BCBF-E954B33FE699}\InprocServer32 -> C:\Users\Tomík\AppData\Local\PowerToys\PowerToys.QoiPreviewHandlerCpp.dll (Microsoft Corporation -> Microsoft Corporation)
CustomCLSID: HKU\S-1-5-21-164412472-2611241565-492249232-1001_Classes\CLSID\{77257004-6F25-4521-B602-50ECC6EC62A6}\InprocServer32 -> C:\Users\Tomík\AppData\Local\PowerToys\PowerToys.StlThumbnailProviderCpp.dll (Microsoft Corporation -> Microsoft Corporation)
CustomCLSID: HKU\S-1-5-21-164412472-2611241565-492249232-1001_Classes\CLSID\{84D68575-E186-46AD-B0CB-BAEB45EE29C0}\InprocServer32 -> C:\Users\Tomík\AppData\Local\PowerToys\WinUI3Apps\PowerToys.FileLocksmithExt.dll (Microsoft Corporation -> Microsoft Corporation)
CustomCLSID: HKU\S-1-5-21-164412472-2611241565-492249232-1001_Classes\CLSID\{A0257634-8812-4CE8-AF11-FA69ACAEAFAE}\InprocServer32 -> C:\Users\Tomík\AppData\Local\PowerToys\PowerToys.GcodePreviewHandlerCpp.dll (Microsoft Corporation -> Microsoft Corporation)
CustomCLSID: HKU\S-1-5-21-164412472-2611241565-492249232-1001_Classes\CLSID\{AD856B15-D25E-4008-AFB7-AFAA55586188}\InprocServer32 -> C:\Users\Tomík\AppData\Local\PowerToys\PowerToys.QoiThumbnailProviderCpp.dll (Microsoft Corporation -> Microsoft Corporation)
CustomCLSID: HKU\S-1-5-21-164412472-2611241565-492249232-1001_Classes\CLSID\{D8034CFA-F34B-41FE-AD45-62FCBB52A6DA}\InprocServer32 -> C:\Users\Tomík\AppData\Local\PowerToys\PowerToys.MonacoPreviewHandlerCpp.dll (Microsoft Corporation -> Microsoft Corporation)
CustomCLSID: HKU\S-1-5-21-164412472-2611241565-492249232-1001_Classes\CLSID\{DD5CACDA-7C2E-4997-A62A-04A597B58F76}\localserver32 -> C:\Users\Tomík\AppData\Local\PowerToys\PowerToys.exe (Microsoft Corporation -> Microsoft Corporation)
CustomCLSID: HKU\S-1-5-21-164412472-2611241565-492249232-1001_Classes\CLSID\{F2847CBE-CD03-4C83-A359-1A8052C1B9D5}\InprocServer32 -> C:\Users\Tomík\AppData\Local\PowerToys\PowerToys.GcodeThumbnailProviderCpp.dll (Microsoft Corporation -> Microsoft Corporation)
CustomCLSID: HKU\S-1-5-21-164412472-2611241565-492249232-1001_Classes\CLSID\{FCDD4EED-41AA-492F-8A84-31A1546226E0}\InprocServer32 -> C:\Users\Tomík\AppData\Local\PowerToys\PowerToys.SvgPreviewHandlerCpp.dll (Microsoft Corporation -> Microsoft Corporation)
ShellIconOverlayIdentifiers: [ OneDrive1] -> {BBACC218-34EA-4666-9D7A-C78F2274A524} => C:\Program Files\Microsoft OneDrive\24.025.0204.0003\FileSyncShell64.dll [2024-03-07] (Microsoft Corporation -> Microsoft Corporation)
ShellIconOverlayIdentifiers: [ OneDrive2] -> {5AB7172C-9C11-405C-8DD5-AF20F3606282} => C:\Program Files\Microsoft OneDrive\24.025.0204.0003\FileSyncShell64.dll [2024-03-07] (Microsoft Corporation -> Microsoft Corporation)
ShellIconOverlayIdentifiers: [ OneDrive3] -> {A78ED123-AB77-406B-9962-2A5D9D2F7F30} => C:\Program Files\Microsoft OneDrive\24.025.0204.0003\FileSyncShell64.dll [2024-03-07] (Microsoft Corporation -> Microsoft Corporation)
ShellIconOverlayIdentifiers: [ OneDrive4] -> {F241C880-6982-4CE5-8CF7-7085BA96DA5A} => C:\Program Files\Microsoft OneDrive\24.025.0204.0003\FileSyncShell64.dll [2024-03-07] (Microsoft Corporation -> Microsoft Corporation)
ShellIconOverlayIdentifiers: [ OneDrive5] -> {A0396A93-DC06-4AEF-BEE9-95FFCCAEF20E} => C:\Program Files\Microsoft OneDrive\24.025.0204.0003\FileSyncShell64.dll [2024-03-07] (Microsoft Corporation -> Microsoft Corporation)
ShellIconOverlayIdentifiers: [ OneDrive6] -> {9AA2F32D-362A-42D9-9328-24A483E2CCC3} => C:\Program Files\Microsoft OneDrive\24.025.0204.0003\FileSyncShell64.dll [2024-03-07] (Microsoft Corporation -> Microsoft Corporation)
ShellIconOverlayIdentifiers: [ OneDrive7] -> {C5FF006E-2AE9-408C-B85B-2DFDD5449D9C} => C:\Program Files\Microsoft OneDrive\24.025.0204.0003\FileSyncShell64.dll [2024-03-07] (Microsoft Corporation -> Microsoft Corporation)
ShellIconOverlayIdentifiers: [ OverlayExcluded] -> {4433A54A-1AC8-432F-90FC-85F045CF383C} => C:\Program Files\Norton Security\Engine\22.24.1.6\buShell.dll [2024-02-03] (NortonLifeLock Inc. -> NortonLifeLock Inc.)
ShellIconOverlayIdentifiers: [ OverlayPending] -> {F17C0B1E-EF8E-4AD4-8E1B-7D7E8CB23225} => C:\Program Files\Norton Security\Engine\22.24.1.6\buShell.dll [2024-02-03] (NortonLifeLock Inc. -> NortonLifeLock Inc.)
ShellIconOverlayIdentifiers: [ OverlayProtected] -> {476D0EA3-80F9-48B5-B70B-05E677C9C148} => C:\Program Files\Norton Security\Engine\22.24.1.6\buShell.dll [2024-02-03] (NortonLifeLock Inc. -> NortonLifeLock Inc.)
ShellIconOverlayIdentifiers: [ShareOverlay] -> {594D4122-1F87-41E2-96C7-825FB4796516} => C:\Program Files\Classic Shell\ClassicExplorer64.dll [2018-07-15] (Ivaylo Beltchev -> IvoSoft) [File not signed]
ShellIconOverlayIdentifiers-x32: [ OneDrive1] -> {BBACC218-34EA-4666-9D7A-C78F2274A524} => C:\Program Files\Microsoft OneDrive\24.025.0204.0003\FileSyncShell64.dll [2024-03-07] (Microsoft Corporation -> Microsoft Corporation)
ShellIconOverlayIdentifiers-x32: [ OneDrive2] -> {5AB7172C-9C11-405C-8DD5-AF20F3606282} => C:\Program Files\Microsoft OneDrive\24.025.0204.0003\FileSyncShell64.dll [2024-03-07] (Microsoft Corporation -> Microsoft Corporation)
ShellIconOverlayIdentifiers-x32: [ OneDrive3] -> {A78ED123-AB77-406B-9962-2A5D9D2F7F30} => C:\Program Files\Microsoft OneDrive\24.025.0204.0003\FileSyncShell64.dll [2024-03-07] (Microsoft Corporation -> Microsoft Corporation)
ShellIconOverlayIdentifiers-x32: [ OneDrive4] -> {F241C880-6982-4CE5-8CF7-7085BA96DA5A} => C:\Program Files\Microsoft OneDrive\24.025.0204.0003\FileSyncShell64.dll [2024-03-07] (Microsoft Corporation -> Microsoft Corporation)
ShellIconOverlayIdentifiers-x32: [ OneDrive5] -> {A0396A93-DC06-4AEF-BEE9-95FFCCAEF20E} => C:\Program Files\Microsoft OneDrive\24.025.0204.0003\FileSyncShell64.dll [2024-03-07] (Microsoft Corporation -> Microsoft Corporation)
ShellIconOverlayIdentifiers-x32: [ OneDrive6] -> {9AA2F32D-362A-42D9-9328-24A483E2CCC3} => C:\Program Files\Microsoft OneDrive\24.025.0204.0003\FileSyncShell64.dll [2024-03-07] (Microsoft Corporation -> Microsoft Corporation)
ShellIconOverlayIdentifiers-x32: [ OneDrive7] -> {C5FF006E-2AE9-408C-B85B-2DFDD5449D9C} => C:\Program Files\Microsoft OneDrive\24.025.0204.0003\FileSyncShell64.dll [2024-03-07] (Microsoft Corporation -> Microsoft Corporation)
ShellIconOverlayIdentifiers-x32: [ OverlayExcluded] -> {4433A54A-1AC8-432F-90FC-85F045CF383C} => C:\Program Files\Norton Security\Engine\22.24.1.6\buShell.dll [2024-02-03] (NortonLifeLock Inc. -> NortonLifeLock Inc.)
ShellIconOverlayIdentifiers-x32: [ OverlayPending] -> {F17C0B1E-EF8E-4AD4-8E1B-7D7E8CB23225} => C:\Program Files\Norton Security\Engine\22.24.1.6\buShell.dll [2024-02-03] (NortonLifeLock Inc. -> NortonLifeLock Inc.)
ShellIconOverlayIdentifiers-x32: [ OverlayProtected] -> {476D0EA3-80F9-48B5-B70B-05E677C9C148} => C:\Program Files\Norton Security\Engine\22.24.1.6\buShell.dll [2024-02-03] (NortonLifeLock Inc. -> NortonLifeLock Inc.)
ShellIconOverlayIdentifiers-x32: [ShareOverlay] -> {594D4122-1F87-41E2-96C7-825FB4796516} => C:\Program Files\Classic Shell\ClassicExplorer64.dll [2018-07-15] (Ivaylo Beltchev -> IvoSoft) [File not signed]
ContextMenuHandlers1: [ FileSyncEx] -> {CB3D0F55-BC2C-4C1A-85ED-23ED75B5106B} => C:\Program Files\Microsoft OneDrive\24.025.0204.0003\FileSyncShell64.dll [2024-03-07] (Microsoft Corporation -> Microsoft Corporation)
ContextMenuHandlers1: [7-Zip] -> {23170F69-40C1-278A-1000-000100020000} => C:\Program Files\7-Zip\7-zip.dll [2023-06-20] (Igor Pavlov) [File not signed]
ContextMenuHandlers1: [BUContextMenu] -> {F7CAA2A1-67A2-44BB-B20F-202FD8EB1DAB} => C:\Program Files\Norton Security\Engine\22.24.1.6\buShell.dll [2024-02-03] (NortonLifeLock Inc. -> NortonLifeLock Inc.)
ContextMenuHandlers1: [NortonLifeLock.Norton.Antivirus.IEContextMenu] -> {FAD61B3D-699D-49B2-BE16-7F82CB4C59CA} => C:\Program Files\Norton Security\Engine\22.24.1.6\NavShExt.dll [2024-02-03] (NortonLifeLock Inc. -> NortonLifeLock Inc.)
ContextMenuHandlers1: [WinRAR] -> {B41DB860-64E4-11D2-9906-E49FADC173CA} => C:\Program Files\WinRAR\rarext.dll [2023-10-03] (win.rar GmbH -> Alexander Roshal)
ContextMenuHandlers1-x32: [WinRAR32] -> {B41DB860-8EE4-11D2-9906-E49FADC173CA} => C:\Program Files\WinRAR\rarext32.dll [2023-10-03] (win.rar GmbH -> Alexander Roshal)
ContextMenuHandlers2: [NortonLifeLock.Norton.Antivirus.IEContextMenu] -> {FAD61B3D-699D-49B2-BE16-7F82CB4C59CA} => C:\Program Files\Norton Security\Engine\22.24.1.6\NavShExt.dll [2024-02-03] (NortonLifeLock Inc. -> NortonLifeLock Inc.)
ContextMenuHandlers4: [ FileSyncEx] -> {CB3D0F55-BC2C-4C1A-85ED-23ED75B5106B} => C:\Program Files\Microsoft OneDrive\24.025.0204.0003\FileSyncShell64.dll [2024-03-07] (Microsoft Corporation -> Microsoft Corporation)
ContextMenuHandlers4: [7-Zip] -> {23170F69-40C1-278A-1000-000100020000} => C:\Program Files\7-Zip\7-zip.dll [2023-06-20] (Igor Pavlov) [File not signed]
ContextMenuHandlers5: [ FileSyncEx] -> {CB3D0F55-BC2C-4C1A-85ED-23ED75B5106B} => C:\Program Files\Microsoft OneDrive\24.025.0204.0003\FileSyncShell64.dll [2024-03-07] (Microsoft Corporation -> Microsoft Corporation)
ContextMenuHandlers5: [NvCplDesktopContext] -> {3D1975AF-48C6-4f8e-A182-BE0E08FA86A9} => C:\Windows\System32\DriverStore\FileRepository\nv_dispi.inf_amd64_618b150331c5f4ad\nvshext.dll [2024-03-02] (NVIDIA Corporation -> NVIDIA Corporation)
ContextMenuHandlers6: [7-Zip] -> {23170F69-40C1-278A-1000-000100020000} => C:\Program Files\7-Zip\7-zip.dll [2023-06-20] (Igor Pavlov) [File not signed]
ContextMenuHandlers6: [BUContextMenu] -> {F7CAA2A1-67A2-44BB-B20F-202FD8EB1DAB} => C:\Program Files\Norton Security\Engine\22.24.1.6\buShell.dll [2024-02-03] (NortonLifeLock Inc. -> NortonLifeLock Inc.)
ContextMenuHandlers6: [NortonLifeLock.Norton.Antivirus.IEContextMenu] -> {FAD61B3D-699D-49B2-BE16-7F82CB4C59CA} => C:\Program Files\Norton Security\Engine\22.24.1.6\NavShExt.dll [2024-02-03] (NortonLifeLock Inc. -> NortonLifeLock Inc.)
ContextMenuHandlers6: [StartMenuExt] -> {E595F05F-903F-4318-8B0A-7F633B520D2B} => C:\Windows\system32\StartMenuHelper64.dll [2018-07-15] (Ivaylo Beltchev -> IvoSoft) [File not signed]
ContextMenuHandlers6: [WinRAR] -> {B41DB860-64E4-11D2-9906-E49FADC173CA} => C:\Program Files\WinRAR\rarext.dll [2023-10-03] (win.rar GmbH -> Alexander Roshal)
ContextMenuHandlers6-x32: [WinRAR32] -> {B41DB860-8EE4-11D2-9906-E49FADC173CA} => C:\Program Files\WinRAR\rarext32.dll [2023-10-03] (win.rar GmbH -> Alexander Roshal)
ContextMenuHandlers2_S-1-5-21-164412472-2611241565-492249232-1001: [FileLocksmithExt] -> {84D68575-E186-46AD-B0CB-BAEB45EE29C0} => C:\Users\Tomík\AppData\Local\PowerToys\WinUI3Apps\PowerToys.FileLocksmithExt.dll [2024-03-03] (Microsoft Corporation -> Microsoft Corporation)
ContextMenuHandlers3_S-1-5-21-164412472-2611241565-492249232-1001: [FileLocksmithExt] -> {84D68575-E186-46AD-B0CB-BAEB45EE29C0} => C:\Users\Tomík\AppData\Local\PowerToys\WinUI3Apps\PowerToys.FileLocksmithExt.dll [2024-03-03] (Microsoft Corporation -> Microsoft Corporation)
ContextMenuHandlers3_S-1-5-21-164412472-2611241565-492249232-1001: [PowerRenameExt] -> {0440049F-D1DC-4E46-B27B-98393D79486B} => C:\Users\Tomík\AppData\Local\PowerToys\WinUI3Apps\PowerToys.PowerRenameExt.dll [2024-03-03] (Microsoft Corporation -> Microsoft Corporation)
ContextMenuHandlers5_S-1-5-21-164412472-2611241565-492249232-1001: [PowerRenameExt] -> {0440049F-D1DC-4E46-B27B-98393D79486B} => C:\Users\Tomík\AppData\Local\PowerToys\WinUI3Apps\PowerToys.PowerRenameExt.dll [2024-03-03] (Microsoft Corporation -> Microsoft Corporation)

==================== Codecs (Whitelisted) ====================

(If an entry is included in the fixlist, the registry item will be restored to default or removed. The file will not be moved.)

HKLM\...\Drivers32: [VIDC.RTV1] => C:\Windows\system32\rtvcvfw64.dll [246272 2012-09-28] () [File not signed]
HKLM\...\Drivers32: [VIDC.RTV1] => C:\Windows\SysWOW64\rtvcvfw32.dll [247296 2012-09-28] () [File not signed]
HKLM\...\Drivers32-x32: [vidc.XVID] => xvidvfw.dll
HKLM\...\Drivers32-x32: [VIDC.VP80] => vp8vfw.dll

==================== Shortcuts & WMI ========================

(The entries could be listed to be restored or removed.)

ShortcutWithArgument: C:\Users\Tomík\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Aplikace Chrome\Disk Google.lnk -> C:\Program Files\Google\Chrome\Application\chrome_proxy.exe (Google LLC) -> --profile-directory=Default --app-id=aghbiahbpaijignceidepookljebhfak
ShortcutWithArgument: C:\Users\Tomík\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Aplikace Chrome\Dokumenty.lnk -> C:\Program Files\Google\Chrome\Application\chrome_proxy.exe (Google LLC) -> --profile-directory=Default --app-id=mpnpojknpmmopombnjdcgaaiekajbnjb
ShortcutWithArgument: C:\Users\Tomík\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Aplikace Chrome\Gmail.lnk -> C:\Program Files\Google\Chrome\Application\chrome_proxy.exe (Google LLC) -> --profile-directory=Default --app-id=fmgjjmmmlfnkbppncabfkddbjimcfncm
ShortcutWithArgument: C:\Users\Tomík\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Aplikace Chrome\Prezentace.lnk -> C:\Program Files\Google\Chrome\Application\chrome_proxy.exe (Google LLC) -> --profile-directory=Default --app-id=kefjledonklijopmnomlcbpllchaibag
ShortcutWithArgument: C:\Users\Tomík\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Aplikace Chrome\Tabulky.lnk -> C:\Program Files\Google\Chrome\Application\chrome_proxy.exe (Google LLC) -> --profile-directory=Default --app-id=fhihpiojkbmbpdjeoajapmgkhlnakfjf
ShortcutWithArgument: C:\Users\Tomík\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Aplikace Chrome\YouTube.lnk -> C:\Program Files\Google\Chrome\Application\chrome_proxy.exe (Google LLC) -> --profile-directory=Default --app-id=agimnkijcaahngcdmfeangaknmldooml

==================== Loaded Modules (Whitelisted) =============

2023-12-29 21:18 - 2023-12-29 21:18 - 000071168 _____ () [File not signed] [File is in use] C:\Program Files (x86)\Steam\steamapps\common\Boom 3D\Audio.dll
2023-12-29 21:18 - 2023-12-29 21:18 - 000158208 _____ () [File not signed] [File is in use] C:\Program Files (x86)\Steam\steamapps\common\Boom 3D\Foundation.Api.dll
2023-12-29 21:18 - 2023-12-29 21:18 - 000091136 _____ () [File not signed] [File is in use] C:\Program Files (x86)\Steam\steamapps\common\Boom 3D\Foundation.Core.dll
2023-12-29 21:18 - 2023-12-29 21:18 - 000082432 _____ () [File not signed] [File is in use] C:\Program Files (x86)\Steam\steamapps\common\Boom 3D\Loc.dll
2016-11-25 09:18 - 2016-11-25 09:18 - 000139264 _____ () [File not signed] C:\Program Files (x86)\Brother\BrUtilities\BrLogAPI.dll
2023-07-20 11:21 - 2023-07-20 11:21 - 000543744 _____ () [File not signed] C:\Program Files (x86)\Browny02\BrMonitor.dll
2023-05-24 09:04 - 2023-05-24 09:04 - 001874944 _____ () [File not signed] C:\Program Files (x86)\Browny02\Brother\BrStMonWRes.dll
2023-02-22 09:09 - 2023-02-22 09:09 - 000147456 _____ () [File not signed] C:\Program Files (x86)\Browny02\Brother\zlibwapi.dll
2022-12-01 14:53 - 2022-12-01 14:53 - 000020480 _____ () [File not signed] C:\Program Files (x86)\Browny02\OfferingService.dll
2017-04-05 08:53 - 2019-07-26 07:53 - 000137728 _____ () [File not signed] C:\Program Files (x86)\ControlCenter4\BrCcAssoc.dll
2017-01-27 14:39 - 2017-08-18 10:23 - 000087552 _____ () [File not signed] C:\Program Files (x86)\ControlCenter4\BrCcDlgRc.dll
2017-01-27 14:39 - 2017-08-18 10:23 - 017974784 _____ () [File not signed] C:\Program Files (x86)\ControlCenter4\BrCcGrImg.dll
2017-01-27 14:33 - 2018-04-27 08:16 - 000090112 _____ () [File not signed] C:\Program Files (x86)\ControlCenter4\BrCcLCze.dll
2017-04-05 08:53 - 2019-07-26 07:54 - 000440832 _____ () [File not signed] C:\Program Files (x86)\ControlCenter4\Track.dll
2023-04-02 23:48 - 2023-04-02 23:48 - 000232960 _____ () [File not signed] C:\Program Files (x86)\MSI Afterburner\RTCore.dll
2023-04-02 23:48 - 2023-04-02 23:48 - 000059392 _____ () [File not signed] C:\Program Files (x86)\MSI Afterburner\RTFC.dll
2023-04-02 23:49 - 2023-04-02 23:49 - 000699904 _____ () [File not signed] C:\Program Files (x86)\MSI Afterburner\RTHAL.dll
2023-04-02 23:48 - 2023-04-02 23:48 - 000074240 _____ () [File not signed] C:\Program Files (x86)\MSI Afterburner\RTMUI.dll
2023-04-02 23:48 - 2023-04-02 23:48 - 000371712 _____ () [File not signed] C:\Program Files (x86)\MSI Afterburner\RTUI.dll
2023-03-14 16:57 - 2023-03-14 16:57 - 000058368 _____ () [File not signed] C:\Program Files (x86)\RivaTuner Statistics Server\RTFC.dll
2023-03-14 16:57 - 2023-03-14 16:57 - 000074240 _____ () [File not signed] C:\Program Files (x86)\RivaTuner Statistics Server\RTMUI.dll
2023-03-14 16:57 - 2023-03-14 16:57 - 000368640 _____ () [File not signed] C:\Program Files (x86)\RivaTuner Statistics Server\RTUI.dll
2023-12-29 21:18 - 2023-12-29 21:18 - 001570816 _____ () [File not signed] C:\Program Files (x86)\Steam\steamapps\common\Boom 3D\e_sqlite3.DLL
2023-12-29 21:18 - 2023-12-29 21:18 - 000108544 _____ () [File not signed] C:\Program Files (x86)\Steam\steamapps\common\Boom 3D\SteamHelper.dll
2024-02-28 08:54 - 2024-02-28 08:54 - 196495872 _____ () [File not signed] C:\Program Files\Electronic Arts\EA Desktop\EA Desktop\libcef.dll
2024-02-28 08:54 - 2024-02-28 08:54 - 000473088 _____ () [File not signed] C:\Program Files\Electronic Arts\EA Desktop\EA Desktop\libEGL.DLL
2024-02-28 08:54 - 2024-02-28 08:54 - 007472640 _____ () [File not signed] C:\Program Files\Electronic Arts\EA Desktop\EA Desktop\libGLESv2.dll
2024-02-28 08:54 - 2024-02-28 08:54 - 004950528 _____ () [File not signed] C:\Program Files\Electronic Arts\EA Desktop\EA Desktop\vk_swiftshader.dll
2023-12-29 21:18 - 2023-12-29 21:18 - 000036352 _____ (Aqi Tech Tips) [File not signed] [File is in use] C:\Program Files (x86)\Steam\steamapps\common\Boom 3D\ATT.HtmlTextBlock.dll
2016-04-12 09:07 - 2016-04-12 09:07 - 000067584 _____ (Brother Industries, Ltd.) [File not signed] C:\Program Files (x86)\Brother\AppLogLib\BrBFLogI.dll
2023-12-29 21:18 - 2023-12-29 21:18 - 000159232 _____ (Countly) [File not signed] [File is in use] C:\Program Files (x86)\Steam\steamapps\common\Boom 3D\Countly.dll
2023-12-29 21:18 - 2023-12-29 21:18 - 000418816 _____ (Global Delight Technologies Pvt. Ltd.) [File not signed] C:\Program Files (x86)\Steam\steamapps\common\Boom 3D\BoomEngine.dll
2023-12-29 21:18 - 2023-12-29 21:18 - 000006656 _____ (Global Delight) [File not signed] [File is in use] C:\Program Files (x86)\Steam\steamapps\common\Boom 3D\GlobalDelight.Common.dll
2023-12-29 21:18 - 2023-12-29 21:18 - 000011264 _____ (Global Delight) [File not signed] [File is in use] C:\Program Files (x86)\Steam\steamapps\common\Boom 3D\GlobalDelight.Logger.dll
2023-12-29 21:18 - 2023-12-29 21:18 - 000225280 _____ (gsscoder;nemec;ericnewton76;moh-hassan) [File not signed] [File is in use] C:\Program Files (x86)\Steam\steamapps\common\Boom 3D\CommandLine.dll
2024-01-29 14:16 - 2023-06-20 09:00 - 000101376 _____ (Igor Pavlov) [File not signed] C:\Program Files\7-Zip\7-zip.dll
2018-07-15 12:15 - 2018-07-15 12:15 - 000885560 _____ (Ivaylo Beltchev -> IvoSoft) [File not signed] C:\Program Files\Classic Shell\ClassicExplorer64.dll
2018-07-15 12:15 - 2018-07-15 12:15 - 003664696 _____ (Ivaylo Beltchev -> IvoSoft) [File not signed] C:\Program Files\Classic Shell\ClassicStartMenuDLL.dll
2018-07-15 12:15 - 2018-07-15 12:15 - 000291128 _____ (Ivaylo Beltchev -> IvoSoft) [File not signed] C:\Windows\system32\StartMenuHelper64.dll
2023-12-29 21:18 - 2023-12-29 21:18 - 000101376 _____ (Krueger Systems, Inc.) [File not signed] [File is in use] C:\Program Files (x86)\Steam\steamapps\common\Boom 3D\SQLite-net.dll
2023-12-29 21:18 - 2023-12-29 21:18 - 000179200 _____ (Mark Heath) [File not signed] [File is in use] C:\Program Files (x86)\Steam\steamapps\common\Boom 3D\NAudio.Wasapi.dll
2023-09-14 18:46 - 2023-09-14 18:46 - 000000000 ____L (Microsoft Corporation) [symlink -> C:\Program Files\Common Files\Microsoft Shared\ClickToRun\AppvIsvSubsystems64.dll] C:\Program Files\Microsoft Office\Root\Office16\AppVIsvSubsystems64.dll
2023-09-14 18:46 - 2023-09-14 18:46 - 000000000 ____L (Microsoft Corporation) [symlink -> C:\Program Files\Common Files\Microsoft Shared\ClickToRun\C2R64.dll] C:\Program Files\Microsoft Office\Root\Office16\c2r64.dll
2023-12-29 21:18 - 2023-12-29 21:18 - 000138752 _____ (Ninject Project Contributors) [File not signed] [File is in use] C:\Program Files (x86)\Steam\steamapps\common\Boom 3D\Ninject.dll
2024-02-23 07:12 - 2024-02-23 07:12 - 000000000 ____L (NVIDIA Corporation) [symlink -> C:\Program Files\NVIDIA Corporation\NVIDIA App\CEF\PlugIns\NVIDIA App\MessageBusRouter.dll] C:\Program Files\NVIDIA Corporation\NVIDIA App\CEF\PlugIns\NVIDIA Overlay\MessageBusRouter.dll
2024-02-23 07:12 - 2024-02-23 07:12 - 000000000 ____L (NVIDIA Corporation) [symlink -> C:\Program Files\NVIDIA Corporation\NVIDIA App\MessageBus\NvMessageBusBroadcast.dll] C:\Program Files\NVIDIA Corporation\NvContainer\plugins\LocalSystem\NvMessageBusBroadcast.dll
2023-12-29 21:18 - 2023-12-29 21:18 - 000128000 _____ (Serilog Contributors) [File not signed] [File is in use] C:\Program Files (x86)\Steam\steamapps\common\Boom 3D\Serilog.dll
2023-12-29 21:18 - 2023-12-29 21:18 - 000031232 _____ (Serilog Contributors) [File not signed] [File is in use] C:\Program Files (x86)\Steam\steamapps\common\Boom 3D\Serilog.Sinks.File.dll
2023-12-29 21:18 - 2023-12-29 21:18 - 000006144 _____ (SourceGear) [File not signed] [File is in use] C:\Program Files (x86)\Steam\steamapps\common\Boom 3D\SQLitePCLRaw.batteries_v2.dll
2023-12-29 21:18 - 2023-12-29 21:18 - 000046592 _____ (SourceGear) [File not signed] [File is in use] C:\Program Files (x86)\Steam\steamapps\common\Boom 3D\SQLitePCLRaw.core.dll
2023-12-29 21:18 - 2023-12-29 21:18 - 000005632 _____ (SourceGear) [File not signed] [File is in use] C:\Program Files (x86)\Steam\steamapps\common\Boom 3D\SQLitePCLRaw.nativelibrary.dll
2023-12-29 21:18 - 2023-12-29 21:18 - 000057344 _____ (SourceGear) [File not signed] [File is in use] C:\Program Files (x86)\Steam\steamapps\common\Boom 3D\SQLitePCLRaw.provider.dynamic_cdecl.dll
2024-02-28 08:54 - 2024-02-28 08:54 - 001416192 _____ (The Chromium Authors) [File not signed] C:\Program Files\Electronic Arts\EA Desktop\EA Desktop\chrome_elf.dll
2023-09-15 09:50 - 2022-01-08 12:17 - 003394560 _____ (The OpenSSL Project, hxxp://www.openssl.org/) [File not signed] C:\Program Files\Prismatik\libcrypto-1_1-x64.dll
2023-09-15 09:50 - 2022-01-08 12:17 - 000679424 _____ (The OpenSSL Project, hxxp://www.openssl.org/) [File not signed] C:\Program Files\Prismatik\libssl-1_1-x64.dll
2024-02-28 08:54 - 2024-02-28 08:54 - 002849280 _____ (The OpenSSL Project, hxxps://www.openssl.org/) [File not signed] C:\Program Files\Electronic Arts\EA Desktop\EA Desktop\libcrypto-1_1-x64.dll
2024-02-28 08:54 - 2024-02-28 08:54 - 000685056 _____ (The OpenSSL Project, hxxps://www.openssl.org/) [File not signed] C:\Program Files\Electronic Arts\EA Desktop\EA Desktop\libssl-1_1-x64.dll
2024-02-28 08:54 - 2024-02-28 08:54 - 000046592 _____ (The Qt Company Ltd.) [File not signed] C:\Program Files\Electronic Arts\EA Desktop\EA Desktop\bearer\qgenericbearer.dll
2024-02-28 08:54 - 2024-02-28 08:54 - 000031744 _____ (The Qt Company Ltd.) [File not signed] C:\Program Files\Electronic Arts\EA Desktop\EA Desktop\imageformats\qgif.dll
2024-02-28 08:54 - 2024-02-28 08:54 - 000039936 _____ (The Qt Company Ltd.) [File not signed] C:\Program Files\Electronic Arts\EA Desktop\EA Desktop\imageformats\qicns.dll
2024-02-28 08:54 - 2024-02-28 08:54 - 000031232 _____ (The Qt Company Ltd.) [File not signed] C:\Program Files\Electronic Arts\EA Desktop\EA Desktop\imageformats\qico.dll
2024-02-28 08:54 - 2024-02-28 08:54 - 000415232 _____ (The Qt Company Ltd.) [File not signed] C:\Program Files\Electronic Arts\EA Desktop\EA Desktop\imageformats\qjpeg.dll
2024-02-28 08:54 - 2024-02-28 08:54 - 000025600 _____ (The Qt Company Ltd.) [File not signed] C:\Program Files\Electronic Arts\EA Desktop\EA Desktop\imageformats\qsvg.dll
2024-02-28 08:54 - 2024-02-28 08:54 - 000025088 _____ (The Qt Company Ltd.) [File not signed] C:\Program Files\Electronic Arts\EA Desktop\EA Desktop\imageformats\qtga.dll
2024-02-28 08:54 - 2024-02-28 08:54 - 000380416 _____ (The Qt Company Ltd.) [File not signed] C:\Program Files\Electronic Arts\EA Desktop\EA Desktop\imageformats\qtiff.dll
2024-02-28 08:54 - 2024-02-28 08:54 - 000023552 _____ (The Qt Company Ltd.) [File not signed] C:\Program Files\Electronic Arts\EA Desktop\EA Desktop\imageformats\qwbmp.dll
2024-02-28 08:54 - 2024-02-28 08:54 - 000532992 _____ (The Qt Company Ltd.) [File not signed] C:\Program Files\Electronic Arts\EA Desktop\EA Desktop\imageformats\qwebp.dll
2024-02-28 08:54 - 2024-02-28 08:54 - 001455616 _____ (The Qt Company Ltd.) [File not signed] C:\Program Files\Electronic Arts\EA Desktop\EA Desktop\platforms\qwindows.dll
2024-02-28 08:54 - 2024-02-28 08:54 - 000227328 _____ (The Qt Company Ltd.) [File not signed] C:\Program Files\Electronic Arts\EA Desktop\EA Desktop\Qt\labs\platform\qtlabsplatformplugin.dll
2024-02-28 08:54 - 2024-02-28 08:54 - 006270976 _____ (The Qt Company Ltd.) [File not signed] C:\Program Files\Electronic Arts\EA Desktop\EA Desktop\Qt5Core.dll
2024-02-28 08:54 - 2024-02-28 08:54 - 006947328 _____ (The Qt Company Ltd.) [File not signed] C:\Program Files\Electronic Arts\EA Desktop\EA Desktop\Qt5Gui.dll
2024-02-28 08:54 - 2024-02-28 08:54 - 001389568 _____ (The Qt Company Ltd.) [File not signed] C:\Program Files\Electronic Arts\EA Desktop\EA Desktop\Qt5Network.dll
2024-02-28 08:54 - 2024-02-28 08:54 - 003798528 _____ (The Qt Company Ltd.) [File not signed] C:\Program Files\Electronic Arts\EA Desktop\EA Desktop\Qt5Qml.dll
2024-02-28 08:54 - 2024-02-28 08:54 - 000440832 _____ (The Qt Company Ltd.) [File not signed] C:\Program Files\Electronic Arts\EA Desktop\EA Desktop\Qt5QmlModels.dll
2024-02-28 08:54 - 2024-02-28 08:54 - 000054784 _____ (The Qt Company Ltd.) [File not signed] C:\Program Files\Electronic Arts\EA Desktop\EA Desktop\Qt5QmlWorkerScript.dll
2024-02-28 08:54 - 2024-02-28 08:54 - 004254720 _____ (The Qt Company Ltd.) [File not signed] C:\Program Files\Electronic Arts\EA Desktop\EA Desktop\Qt5Quick.dll
2024-02-28 08:54 - 2024-02-28 08:54 - 000171520 _____ (The Qt Company Ltd.) [File not signed] C:\Program Files\Electronic Arts\EA Desktop\EA Desktop\Qt5QuickControls2.dll
2024-02-28 08:54 - 2024-02-28 08:54 - 000222208 _____ (The Qt Company Ltd.) [File not signed] C:\Program Files\Electronic Arts\EA Desktop\EA Desktop\Qt5QuickShapes.dll
2024-02-28 08:54 - 2024-02-28 08:54 - 001128960 _____ (The Qt Company Ltd.) [File not signed] C:\Program Files\Electronic Arts\EA Desktop\EA Desktop\Qt5QuickTemplates2.dll
2024-02-28 08:54 - 2024-02-28 08:54 - 000334848 _____ (The Qt Company Ltd.) [File not signed] C:\Program Files\Electronic Arts\EA Desktop\EA Desktop\Qt5Svg.dll
2024-02-28 08:54 - 2024-02-28 08:54 - 000133120 _____ (The Qt Company Ltd.) [File not signed] C:\Program Files\Electronic Arts\EA Desktop\EA Desktop\Qt5WebChannel.dll
2024-02-28 08:54 - 2024-02-28 08:54 - 000157184 _____ (The Qt Company Ltd.) [File not signed] C:\Program Files\Electronic Arts\EA Desktop\EA Desktop\Qt5WebSockets.dll
2024-02-28 08:54 - 2024-02-28 08:54 - 005611520 _____ (The Qt Company Ltd.) [File not signed] C:\Program Files\Electronic Arts\EA Desktop\EA Desktop\Qt5Widgets.dll
2024-02-28 08:54 - 2024-02-28 08:54 - 000463360 _____ (The Qt Company Ltd.) [File not signed] C:\Program Files\Electronic Arts\EA Desktop\EA Desktop\Qt5WinExtras.dll
2024-02-28 08:54 - 2024-02-28 08:54 - 000210432 _____ (The Qt Company Ltd.) [File not signed] C:\Program Files\Electronic Arts\EA Desktop\EA Desktop\Qt5Xml.dll
2024-02-28 08:54 - 2024-02-28 08:54 - 000056832 _____ (The Qt Company Ltd.) [File not signed] C:\Program Files\Electronic Arts\EA Desktop\EA Desktop\QtGraphicalEffects\private\qtgraphicaleffectsprivate.dll
2024-02-28 08:54 - 2024-02-28 08:54 - 000059392 _____ (The Qt Company Ltd.) [File not signed] C:\Program Files\Electronic Arts\EA Desktop\EA Desktop\QtGraphicalEffects\qtgraphicaleffectsplugin.dll
2024-02-28 08:54 - 2024-02-28 08:54 - 000018432 _____ (The Qt Company Ltd.) [File not signed] C:\Program Files\Electronic Arts\EA Desktop\EA Desktop\QtQuick.2\qtquick2plugin.dll
2024-02-28 08:54 - 2024-02-28 08:54 - 000294400 _____ (The Qt Company Ltd.) [File not signed] C:\Program Files\Electronic Arts\EA Desktop\EA Desktop\QtQuick\Controls.2\qtquickcontrols2plugin.dll
2024-02-28 08:54 - 2024-02-28 08:54 - 000106496 _____ (The Qt Company Ltd.) [File not signed] C:\Program Files\Electronic Arts\EA Desktop\EA Desktop\QtQuick\Layouts\qquicklayoutsplugin.dll
2024-02-28 08:54 - 2024-02-28 08:54 - 000017920 _____ (The Qt Company Ltd.) [File not signed] C:\Program Files\Electronic Arts\EA Desktop\EA Desktop\QtQuick\Shapes\qmlshapesplugin.dll
2024-02-28 08:54 - 2024-02-28 08:54 - 000325120 _____ (The Qt Company Ltd.) [File not signed] C:\Program Files\Electronic Arts\EA Desktop\EA Desktop\QtQuick\Templates.2\qtquicktemplates2plugin.dll
2024-02-28 08:54 - 2024-02-28 08:54 - 000045568 _____ (The Qt Company Ltd.) [File not signed] C:\Program Files\Electronic Arts\EA Desktop\EA Desktop\QtQuick\Window.2\windowplugin.dll
2024-02-28 08:54 - 2024-02-28 08:54 - 000135680 _____ (The Qt Company Ltd.) [File not signed] C:\Program Files\Electronic Arts\EA Desktop\EA Desktop\styles\qwindowsvistastyle.dll
2023-09-15 09:50 - 2022-01-08 12:17 - 000257536 _____ (Un4seen Developments) [File not signed] C:\Program Files\Prismatik\bass.dll
2023-09-15 09:50 - 2022-01-08 12:17 - 000027136 _____ (Un4seen Developments) [File not signed] C:\Program Files\Prismatik\BASSWASAPI.dll

==================== Alternate Data Streams (Whitelisted) ========

==================== Safe Mode (Whitelisted) ==================

(If an entry is included in the fixlist, it will be removed from the registry. The "AlternateShell" will be restored.)

HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Network\AppXSVC => ""="Service"
HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Network\camsvc => ""="Service"
HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Network\MSIServer => ""="Service"

==================== Association (Whitelisted) =================

(If an entry is included in the fixlist, the registry item will be restored to default or removed.)

HKU\S-1-5-21-164412472-2611241565-492249232-1001\Software\Classes\regfile: <==== ATTENTION
HKU\S-1-5-21-164412472-2611241565-492249232-1001\Software\Classes\.reg: => <==== ATTENTION
HKU\S-1-5-21-164412472-2611241565-492249232-1001\Software\Classes\.bat: => <==== ATTENTION
HKU\S-1-5-21-164412472-2611241565-492249232-1001\Software\Classes\.cmd: => <==== ATTENTION

==================== Internet Explorer (Whitelisted) ==========

BHO: Skype for Business Browser Helper -> {31D09BA0-12F5-4CCE-BE8A-2923E76605DA} -> C:\Program Files\Microsoft Office\root\Office16\OCHelper.dll [2024-03-08] (Microsoft Corporation -> Microsoft Corporation)
BHO: ExplorerBHO Class -> {449D0D6E-2412-4E61-B68F-1CB625CD9E52} -> C:\Program Files\Classic Shell\ClassicExplorer64.dll [2018-07-15] (Ivaylo Beltchev -> IvoSoft) [File not signed]
BHO: Norton Password Manager -> {602ADB0E-4AFF-4217-8AA1-95DAC4DFA408} -> C:\Program Files\Norton Security\Engine\22.24.1.6\coIEPlg.dll [2024-02-03] (NortonLifeLock Inc. -> NortonLifeLock Inc.)
BHO: ClassicIEBHO Class -> {EA801577-E6AD-4BD5-8F71-4BE0154331A4} -> C:\Program Files\Classic Shell\ClassicIEDLL_64.dll [2018-07-15] (Ivaylo Beltchev -> IvoSoft) [File not signed]
BHO-x32: Skype for Business Browser Helper -> {31D09BA0-12F5-4CCE-BE8A-2923E76605DA} -> C:\Program Files\Microsoft Office\root\VFS\ProgramFilesX86\Microsoft Office\Office16\OCHelper.dll [2024-02-03] (Microsoft Corporation -> Microsoft Corporation)
BHO-x32: ExplorerBHO Class -> {449D0D6E-2412-4E61-B68F-1CB625CD9E52} -> C:\Program Files\Classic Shell\ClassicExplorer32.dll [2018-07-15] (Ivaylo Beltchev -> IvoSoft) [File not signed]
BHO-x32: Norton Password Manager -> {602ADB0E-4AFF-4217-8AA1-95DAC4DFA408} -> C:\Program Files\Norton Security\Engine32\22.24.1.6\coIEPlg.dll [2024-02-03] (NortonLifeLock Inc. -> NortonLifeLock Inc.)
BHO-x32: ClassicIEBHO Class -> {EA801577-E6AD-4BD5-8F71-4BE0154331A4} -> C:\Program Files\Classic Shell\ClassicIEDLL_32.dll [2018-07-15] (Ivaylo Beltchev -> IvoSoft) [File not signed]
Toolbar: HKLM - Classic Explorer Bar - {553891B7-A0D5-4526-BE18-D3CE461D6310} - C:\Program Files\Classic Shell\ClassicExplorer64.dll [2018-07-15] (Ivaylo Beltchev -> IvoSoft) [File not signed]
Toolbar: HKLM - Norton Toolbar - {7FEBEFE3-6B19-4349-98D2-FFB09D4B49CA} - C:\Program Files\Norton Security\Engine\22.24.1.6\coIEPlg.dll [2024-02-03] (NortonLifeLock Inc. -> NortonLifeLock Inc.)
Toolbar: HKLM-x32 - Classic Explorer Bar - {553891B7-A0D5-4526-BE18-D3CE461D6310} - C:\Program Files\Classic Shell\ClassicExplorer32.dll [2018-07-15] (Ivaylo Beltchev -> IvoSoft) [File not signed]
Toolbar: HKLM-x32 - Norton Toolbar - {7FEBEFE3-6B19-4349-98D2-FFB09D4B49CA} - C:\Program Files\Norton Security\Engine32\22.24.1.6\coIEPlg.dll [2024-02-03] (NortonLifeLock Inc. -> NortonLifeLock Inc.)
Handler: mso-minsb-roaming.16 - {83C25742-A9F7-49FB-9138-434302C88D07} - C:\Program Files\Microsoft Office\root\Office16\MSOSB.DLL [2024-03-08] (Microsoft Corporation -> Microsoft Corporation)
Handler-x32: mso-minsb-roaming.16 - {83C25742-A9F7-49FB-9138-434302C88D07} - C:\Program Files\Microsoft Office\root\VFS\ProgramFilesX86\Microsoft Office\Office16\MSOSB.DLL [2024-03-08] (Microsoft Corporation -> Microsoft Corporation)
Handler: mso-minsb.16 - {42089D2D-912D-4018-9087-2B87803E93FB} - C:\Program Files\Microsoft Office\root\Office16\MSOSB.DLL [2024-03-08] (Microsoft Corporation -> Microsoft Corporation)
Handler-x32: mso-minsb.16 - {42089D2D-912D-4018-9087-2B87803E93FB} - C:\Program Files\Microsoft Office\root\VFS\ProgramFilesX86\Microsoft Office\Office16\MSOSB.DLL [2024-03-08] (Microsoft Corporation -> Microsoft Corporation)
Handler: osf-roaming.16 - {42089D2D-912D-4018-9087-2B87803E93FB} - C:\Program Files\Microsoft Office\root\Office16\MSOSB.DLL [2024-03-08] (Microsoft Corporation -> Microsoft Corporation)
Handler-x32: osf-roaming.16 - {42089D2D-912D-4018-9087-2B87803E93FB} - C:\Program Files\Microsoft Office\root\VFS\ProgramFilesX86\Microsoft Office\Office16\MSOSB.DLL [2024-03-08] (Microsoft Corporation -> Microsoft Corporation)
Handler: osf.16 - {5504BE45-A83B-4808-900A-3A5C36E7F77A} - C:\Program Files\Microsoft Office\root\Office16\MSOSB.DLL [2024-03-08] (Microsoft Corporation -> Microsoft Corporation)
Handler-x32: osf.16 - {5504BE45-A83B-4808-900A-3A5C36E7F77A} - C:\Program Files\Microsoft Office\root\VFS\ProgramFilesX86\Microsoft Office\Office16\MSOSB.DLL [2024-03-08] (Microsoft Corporation -> Microsoft Corporation)

==================== Other Areas ===========================

(Currently there is no automatic fix for this section.)

HKU\S-1-5-21-164412472-2611241565-492249232-1001\Control Panel\Desktop\\Wallpaper -> C:\Users\Tomík\AppData\Roaming\Microsoft\Windows\Themes\TranscodedWallpaper
DNS Servers: 192.168.0.1
HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Policies\System => (ConsentPromptBehaviorAdmin: 5) (ConsentPromptBehaviorUser: 3) (EnableLUA: 1)
Windows Firewall is enabled.

==================== MSCONFIG/TASK MANAGER disabled items ==

==================== FirewallRules (Whitelisted) ================

(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)

FirewallRules: [{1A876E61-3810-4CE3-A614-75DA596E641E}] => (Allow) C:\Program Files (x86)\Steam\Steam.exe (Valve Corp. -> Valve Corporation)
FirewallRules: [{3571E9E1-646F-4EBE-BE09-67DE3D256071}] => (Allow) C:\Program Files (x86)\Steam\Steam.exe (Valve Corp. -> Valve Corporation)
FirewallRules: [{0BA13BF4-F721-4BD4-8BCD-CCAE5786CE7D}] => (Allow) C:\Program Files (x86)\Steam\bin\cef\cef.win7x64\steamwebhelper.exe (Valve Corp. -> Valve Corporation)
FirewallRules: [{B6DB5255-A5D7-43DB-B48F-3980CFCA1594}] => (Allow) C:\Program Files (x86)\Steam\bin\cef\cef.win7x64\steamwebhelper.exe (Valve Corp. -> Valve Corporation)
FirewallRules: [TCP Query User{521C9A87-02C9-456E-BFBF-598D0E0222DA}F:\steamlibrary\steamapps\common\cyberpunk 2077\bin\x64\cyberpunk2077.exe] => (Allow) F:\steamlibrary\steamapps\common\cyberpunk 2077\bin\x64\cyberpunk2077.exe => No File
FirewallRules: [UDP Query User{C7934D5B-5574-4447-8525-BBA81EF9EB78}F:\steamlibrary\steamapps\common\cyberpunk 2077\bin\x64\cyberpunk2077.exe] => (Allow) F:\steamlibrary\steamapps\common\cyberpunk 2077\bin\x64\cyberpunk2077.exe => No File
FirewallRules: [{FDA7052E-3D6E-4265-86BE-3023E129A9E6}] => (Allow) F:\SteamLibrary\steamapps\common\Horizon Zero Dawn\HorizonZeroDawn.exe () [File not signed]
FirewallRules: [{3DBBDCFE-755A-4951-AE98-BCF1A9C366C0}] => (Allow) F:\SteamLibrary\steamapps\common\Horizon Zero Dawn\HorizonZeroDawn.exe () [File not signed]
FirewallRules: [{006622D2-95E0-48CF-B2BF-027210682B41}] => (Allow) C:\Program Files\Microsoft Office\root\Office16\outlook.exe (Microsoft Corporation -> Microsoft Corporation)
FirewallRules: [{74F4AF3C-C20D-45B3-8120-DCB295E43C5D}] => (Allow) C:\Program Files\Microsoft Office\root\Office16\Lync.exe (Microsoft Corporation -> Microsoft Corporation)
FirewallRules: [{C40BA7E7-68E2-42D3-96EF-746E6EB16EB4}] => (Allow) C:\Program Files\Microsoft Office\root\Office16\Lync.exe (Microsoft Corporation -> Microsoft Corporation)
FirewallRules: [{D1AE041D-C798-4742-9D26-40ED70A8BF21}] => (Allow) C:\Program Files\Microsoft Office\root\Office16\UcMapi.exe (Microsoft Corporation -> Microsoft Corporation)
FirewallRules: [{2CECC074-7111-4509-83EB-A654705C7D49}] => (Allow) C:\Program Files\Microsoft Office\root\Office16\UcMapi.exe (Microsoft Corporation -> Microsoft Corporation)
FirewallRules: [{4E3FF1FD-6C87-4A92-9E30-ACD4DF1CDC15}] => (Allow) F:\SteamLibrary\steamapps\common\KingdomComeDeliverance\Bin\Win64\KingdomCome.exe (Warhorse Studios sro) [File not signed]
FirewallRules: [{F9F7F075-529B-43B9-8717-F78A2A20A194}] => (Allow) F:\SteamLibrary\steamapps\common\KingdomComeDeliverance\Bin\Win64\KingdomCome.exe (Warhorse Studios sro) [File not signed]
FirewallRules: [{0076CAD8-0471-4105-9F4F-98C0F15F1D31}] => (Allow) F:\SteamLibrary\steamapps\common\The Witcher 3\REDprelauncher.exe (GOG sp. z o.o -> GOG.com)
FirewallRules: [{993A3A08-A85C-4300-983E-E9AAD7FCA46D}] => (Allow) F:\SteamLibrary\steamapps\common\The Witcher 3\REDprelauncher.exe (GOG sp. z o.o -> GOG.com)
FirewallRules: [{DEFD5EC5-E198-40F6-A16E-19505ED79607}] => (Allow) C:\Program Files (x86)\Steam\steamapps\common\Starfield\Starfield.exe => No File
FirewallRules: [{C44C6D32-1AE7-4D06-A2FA-B779608B204A}] => (Allow) C:\Program Files (x86)\Steam\steamapps\common\Starfield\Starfield.exe => No File
FirewallRules: [{F10893D0-C1BF-4B63-91DB-9D4E37084C09}] => (Allow) C:\Program Files (x86)\Steam\steamapps\common\Total War WARHAMMER III\launcher\launcher.exe (The Creative Assembly Ltd -> Creative Assembly Ltd)
FirewallRules: [{BB780F66-1EF4-44DC-99E8-606324F1E8BA}] => (Allow) C:\Program Files (x86)\Steam\steamapps\common\Total War WARHAMMER III\launcher\launcher.exe (The Creative Assembly Ltd -> Creative Assembly Ltd)
FirewallRules: [TCP Query User{E2B1492B-0086-4207-82F1-5B808D5CD7C4}C:\program files (x86)\steam\steamapps\common\total war warhammer iii\warhammer3.exe] => (Allow) C:\program files (x86)\steam\steamapps\common\total war warhammer iii\warhammer3.exe (The Creative Assembly Ltd -> The Creative Assembly Ltd)
FirewallRules: [UDP Query User{AD1DB39A-9869-4597-A0D2-D4B7171BEA42}C:\program files (x86)\steam\steamapps\common\total war warhammer iii\warhammer3.exe] => (Allow) C:\program files (x86)\steam\steamapps\common\total war warhammer iii\warhammer3.exe (The Creative Assembly Ltd -> The Creative Assembly Ltd)
FirewallRules: [TCP Query User{ABA38F8D-587E-4B3E-AC99-E6F57E185272}F:\steamlibrary\steamapps\common\baldurs gate 3\bin\bg3_dx11.exe] => (Allow) F:\steamlibrary\steamapps\common\baldurs gate 3\bin\bg3_dx11.exe => No File
FirewallRules: [UDP Query User{C9394611-552B-488C-B4D5-E611B28271C1}F:\steamlibrary\steamapps\common\baldurs gate 3\bin\bg3_dx11.exe] => (Allow) F:\steamlibrary\steamapps\common\baldurs gate 3\bin\bg3_dx11.exe => No File
FirewallRules: [{2BF55A4F-8674-46E3-95F5-5ED58A142E7D}] => (Allow) C:\Program Files\qBittorrent\qbittorrent.exe (The qBittorrent Project) [File not signed]
FirewallRules: [{3948D5F1-4B4C-451D-91F4-A71008B0D6EF}] => (Allow) C:\Program Files\qBittorrent\qbittorrent.exe (The qBittorrent Project) [File not signed]
FirewallRules: [{502C3D62-AA73-4C7F-817D-3C2D2629E5BD}] => (Allow) F:\SteamLibrary\steamapps\common\Assassins Creed Odyssey\ACOdyssey.exe (UBISOFT ENTERTAINMENT INC. -> )
FirewallRules: [{96E07636-4926-497E-92D5-00E67BFB3A98}] => (Allow) F:\SteamLibrary\steamapps\common\Assassins Creed Odyssey\ACOdyssey.exe (UBISOFT ENTERTAINMENT INC. -> )
FirewallRules: [{CDFDA1F1-6E08-453A-B392-620DDAAB34DB}] => (Allow) C:\Program Files (x86)\Steam\steamapps\common\Boom 3D\Boom3D.exe (Global Delight Technologies Private Limited -> )
FirewallRules: [{D14EDB68-4B02-40B6-BCCD-89FBC5DFBA6E}] => (Allow) C:\Program Files (x86)\Steam\steamapps\common\Boom 3D\Boom3D.exe (Global Delight Technologies Private Limited -> )
FirewallRules: [{41E3E41E-7F2A-4B3B-B91F-7C2B25B4E440}] => (Allow) F:\Jedi Fallen Order\SwGame\Binaries\Win64\starwarsjedifallenorder.exe (Respawn Entertainment) [File not signed]
FirewallRules: [{1718A530-8A70-4B2F-841C-B01A13792B80}] => (Allow) F:\Jedi Fallen Order\SwGame\Binaries\Win64\starwarsjedifallenorder.exe (Respawn Entertainment) [File not signed]
FirewallRules: [{C701F013-4A7D-43C4-93C6-C7647E52BBAE}] => (Allow) F:\SteamLibrary\steamapps\common\DEATHLOOP\Deathloop.exe (Arkane Studios) [File not signed]
FirewallRules: [{85C20C2F-72D5-4B46-8D6F-0F327BDAE18C}] => (Allow) F:\SteamLibrary\steamapps\common\DEATHLOOP\Deathloop.exe (Arkane Studios) [File not signed]
FirewallRules: [{6C13E54A-74AF-443E-B4CD-712995506A0A}] => (Allow) C:\Program Files\Rockstar Games\Red Dead Redemption 2\RDR2.exe => No File
FirewallRules: [{1CC3380D-9E69-499F-BED5-7219A4CBCFAF}] => (Allow) C:\Program Files\Rockstar Games\Red Dead Redemption 2\RDR2.exe => No File
FirewallRules: [{B18238D6-EFD5-4E1C-925B-7951D830FA39}] => (Allow) F:\SteamLibrary\steamapps\common\Shadow Warrior 2\ShadowWarrior2.exe (Flying Wild Hog) [File not signed]
FirewallRules: [{803AC193-BAB1-414B-BAD0-DD63064A2064}] => (Allow) F:\SteamLibrary\steamapps\common\Shadow Warrior 2\ShadowWarrior2.exe (Flying Wild Hog) [File not signed]
FirewallRules: [{2C5874D7-481D-4D9A-BD2E-51D563309F14}] => (Allow) C:\Program Files (x86)\Steam\steamapps\common\DEATH STRANDING DIRECTORS CUT\ds.exe => No File
FirewallRules: [{B887F157-DAE5-41D6-A1DF-E5C7941FF180}] => (Allow) C:\Program Files (x86)\Steam\steamapps\common\DEATH STRANDING DIRECTORS CUT\ds.exe => No File
FirewallRules: [{9ED85085-9F83-42BC-882C-85EC19DD6BC9}] => (Allow) F:\SteamLibrary\steamapps\common\Disco Elysium\disco.exe () [File not signed]
FirewallRules: [{17795EE2-0A8E-45B5-B940-7C5C68ED2C03}] => (Allow) F:\SteamLibrary\steamapps\common\Disco Elysium\disco.exe () [File not signed]
FirewallRules: [{4683C034-E669-4DE7-9042-63BC0AB3F76A}] => (Allow) C:\Program Files (x86)\Browny02\Brother\BrPrintFinishNotice\BrPrintFinishNotice.exe (Brother Industries, Ltd. -> )
FirewallRules: [{FC19C7FA-D4A8-43C6-B7A3-A37F4E621660}] => (Allow) C:\Program Files (x86)\Browny02\Brother\BrPrintFinishNotice\BrPrintFinishNotice.exe (Brother Industries, Ltd. -> )
FirewallRules: [{ED476375-6CC4-4662-ADC2-3A212E1606BC}] => (Allow) F:\SteamLibrary\steamapps\common\Diablo IV\Diablo IV.exe (Blizzard Entertainment, Inc. -> Blizzard Entertainment)
FirewallRules: [{2508FBFC-FF1F-47E5-9DBB-311788483A94}] => (Allow) F:\SteamLibrary\steamapps\common\Diablo IV\Diablo IV.exe (Blizzard Entertainment, Inc. -> Blizzard Entertainment)
FirewallRules: [{7CC53BA8-0C61-48F6-8E63-D09DE0AE4FF1}] => (Allow) F:\SteamLibrary\steamapps\common\No Man's Sky\Binaries\NMS.exe (Hello Games) [File not signed]
FirewallRules: [{9748CB15-D066-44B5-BDA9-996C1E58251F}] => (Allow) F:\SteamLibrary\steamapps\common\No Man's Sky\Binaries\NMS.exe (Hello Games) [File not signed]
FirewallRules: [{8BE1C82C-6261-40C3-A84F-D80B070FDA86}] => (Allow) C:\Program Files (x86)\Steam\steamapps\common\Cyberpunk 2077\REDprelauncher.exe (GOG sp. z o.o -> GOG.com)
FirewallRules: [{140CC6A4-1E1D-477E-B37B-6F52407C2E00}] => (Allow) C:\Program Files (x86)\Steam\steamapps\common\Cyberpunk 2077\REDprelauncher.exe (GOG sp. z o.o -> GOG.com)
FirewallRules: [{003BAFFB-37CD-4D95-99CD-892FC7DACA66}] => (Allow) E:\SteamLibrary\steamapps\common\BLACKHOLE\BH.exe (FiolaSoft Studio) [File not signed]
FirewallRules: [{3C81387D-BA23-4C42-B454-13B9262F2DC3}] => (Allow) E:\SteamLibrary\steamapps\common\BLACKHOLE\BH.exe (FiolaSoft Studio) [File not signed]
FirewallRules: [{0B28EAAF-8CA7-4BC2-B207-F7725CAA5E20}] => (Allow) E:\SteamLibrary\steamapps\common\Fallout76\Fallout76.exe (Bethesda Softworks) [File not signed]
FirewallRules: [{446BB21E-13EE-4A06-859D-D397802CADBB}] => (Allow) E:\SteamLibrary\steamapps\common\Fallout76\Fallout76.exe (Bethesda Softworks) [File not signed]
FirewallRules: [{209F26D2-40E4-4C62-B69C-A90222A32266}] => (Allow) E:\SteamLibrary\steamapps\common\Sid Meier's Civilization V\LaunchPad\LaunchPad.exe () [File not signed]
FirewallRules: [{753AA2B2-D40F-44FF-9175-D2922D59F283}] => (Allow) E:\SteamLibrary\steamapps\common\Sid Meier's Civilization V\LaunchPad\LaunchPad.exe () [File not signed]
FirewallRules: [{8762D41F-D445-4762-839E-450E35E3D7EB}] => (Allow) E:\SteamLibrary\steamapps\common\Dishonored\Binaries\Win32\Dishonored.exe => No File
FirewallRules: [{9F09329B-738E-48BF-A127-A5E5D98430B9}] => (Allow) E:\SteamLibrary\steamapps\common\Dishonored\Binaries\Win32\Dishonored.exe => No File
FirewallRules: [{94DE6657-AB26-46FF-988B-164CC90430B0}] => (Allow) E:\SteamLibrary\steamapps\common\Metro Last Light\MetroLL.exe => No File
FirewallRules: [{6426E443-5759-497F-924A-F1D71E1728B3}] => (Allow) E:\SteamLibrary\steamapps\common\Metro Last Light\MetroLL.exe => No File
FirewallRules: [{943816E5-B686-4C27-868B-9949DB5917A7}] => (Allow) C:\Program Files (x86)\Steam\steamapps\common\Baldurs Gate 3\Launcher\LariLauncher.exe (Larian Studios Games Ltd. -> LariLauncher)
FirewallRules: [{046D365B-46D6-4E25-8640-2BADCA5B306C}] => (Allow) C:\Program Files (x86)\Steam\steamapps\common\Baldurs Gate 3\Launcher\LariLauncher.exe (Larian Studios Games Ltd. -> LariLauncher)
FirewallRules: [{8DD21800-A93C-449D-ABA3-5BC70C6A6DF4}] => (Allow) C:\Program Files (x86)\Norton\Browser\Application\NortonBrowser.exe (NortonLifeLock Inc. -> NortonLifeLock Inc)
FirewallRules: [{182540E5-8722-442B-91DA-6853571A079F}] => (Allow) E:\SteamLibrary\steamapps\common\Skyrim Special Edition\SkyrimSELauncher.exe (Bethesda Softworks) [File not signed]
FirewallRules: [{07C054B9-68C3-497B-A2BA-AD02C40D5D51}] => (Allow) E:\SteamLibrary\steamapps\common\Skyrim Special Edition\SkyrimSELauncher.exe (Bethesda Softworks) [File not signed]
FirewallRules: [{15927282-894C-4FEA-8B24-DF27DEC4A1A3}] => (Allow) E:\SteamLibrary\steamapps\common\Fallout 4\Fallout4Launcher.exe (Bethesda Softworks) [File not signed]
FirewallRules: [{EE6F400F-A7AE-4AE9-B2CE-EB8671740D30}] => (Allow) E:\SteamLibrary\steamapps\common\Fallout 4\Fallout4Launcher.exe (Bethesda Softworks) [File not signed]
FirewallRules: [{0CE500C0-D013-4732-A596-302DE1AB2733}] => (Allow) C:\Program Files\WindowsApps\Microsoft.SkypeApp_15.113.3210.0_x64__kzf8qxf38zg5c\Skype\Skype.exe (Skype Software Sarl -> Skype Technologies S.A.)
FirewallRules: [{0E2B6175-5A55-4260-9442-74A28EFC80F2}] => (Allow) C:\Program Files\WindowsApps\Microsoft.SkypeApp_15.113.3210.0_x64__kzf8qxf38zg5c\Skype\Skype.exe (Skype Software Sarl -> Skype Technologies S.A.)
FirewallRules: [{5B672F9B-1FC1-4592-9739-F1B91181587A}] => (Allow) C:\Program Files\WindowsApps\Microsoft.SkypeApp_15.113.3210.0_x64__kzf8qxf38zg5c\Skype\Skype.exe (Skype Software Sarl -> Skype Technologies S.A.)
FirewallRules: [{B959FF2F-F060-4169-A88C-673536BDB00D}] => (Allow) C:\Program Files\WindowsApps\Microsoft.SkypeApp_15.113.3210.0_x64__kzf8qxf38zg5c\Skype\Skype.exe (Skype Software Sarl -> Skype Technologies S.A.)
FirewallRules: [{C8335FC2-1597-40CF-82D6-2AD56D6D5B2B}] => (Allow) LPort=54950
FirewallRules: [{A1CA0C74-F02E-4CF4-B9D5-8E0764EF3CB1}] => (Allow) LPort=54955
FirewallRules: [{3E054C0A-73B2-438F-9D25-ACFA9CF3634D}] => (Allow) F:\SteamLibrary\steamapps\common\Dishonored\Binaries\Win32\Dishonored.exe (ZeniMax Media Inc.) [File not signed]
FirewallRules: [{1E34D0A2-4235-45CF-B17D-27C58403E286}] => (Allow) F:\SteamLibrary\steamapps\common\Dishonored\Binaries\Win32\Dishonored.exe (ZeniMax Media Inc.) [File not signed]
FirewallRules: [{EC8E11CA-90A3-4EE6-A367-BBB6881D65AE}] => (Allow) F:\SteamLibrary\steamapps\common\Starfield\Starfield.exe (Bethesda Softworks LLC -> Bethesda Softworks)
FirewallRules: [{64E96936-B02B-456B-B14A-30CF4D99D01A}] => (Allow) F:\SteamLibrary\steamapps\common\Starfield\Starfield.exe (Bethesda Softworks LLC -> Bethesda Softworks)
FirewallRules: [{ADA0CCE7-1403-4A71-A77A-7D7F56DC96E7}] => (Allow) E:\Assassin's Creed Valhalla\ACValhalla_Plus.exe (UBISOFT ENTERTAINMENT INC. -> )
FirewallRules: [{A841238B-10BA-454D-9520-17DFF8580E6F}] => (Allow) C:\Program Files\WindowsApps\SpotifyAB.SpotifyMusic_1.232.997.0_x64__zpdnekdrzrea0\Spotify.exe (453637B3-4E12-4CDF-B0D3-2A3C863BF6EF -> Spotify Ltd)
FirewallRules: [{46659D1D-0E25-4A3C-AF11-739CDFE5DD1C}] => (Allow) C:\Program Files\WindowsApps\SpotifyAB.SpotifyMusic_1.232.997.0_x64__zpdnekdrzrea0\Spotify.exe (453637B3-4E12-4CDF-B0D3-2A3C863BF6EF -> Spotify Ltd)
FirewallRules: [{FC89FF31-4097-4D42-ACD1-1A5912035A33}] => (Allow) C:\Program Files\WindowsApps\SpotifyAB.SpotifyMusic_1.232.997.0_x64__zpdnekdrzrea0\Spotify.exe (453637B3-4E12-4CDF-B0D3-2A3C863BF6EF -> Spotify Ltd)
FirewallRules: [{07C5FCA2-F426-4F25-B98F-ED9899B363C1}] => (Allow) C:\Program Files\WindowsApps\SpotifyAB.SpotifyMusic_1.232.997.0_x64__zpdnekdrzrea0\Spotify.exe (453637B3-4E12-4CDF-B0D3-2A3C863BF6EF -> Spotify Ltd)
FirewallRules: [{02E856F4-B21F-48EB-9FD5-6B7C20AD0E33}] => (Allow) C:\Program Files\WindowsApps\SpotifyAB.SpotifyMusic_1.232.997.0_x64__zpdnekdrzrea0\Spotify.exe (453637B3-4E12-4CDF-B0D3-2A3C863BF6EF -> Spotify Ltd)
FirewallRules: [{E35DB9F8-B8B5-40FF-BEB0-BA562E0DACDF}] => (Allow) C:\Program Files\WindowsApps\SpotifyAB.SpotifyMusic_1.232.997.0_x64__zpdnekdrzrea0\Spotify.exe (453637B3-4E12-4CDF-B0D3-2A3C863BF6EF -> Spotify Ltd)
FirewallRules: [{6E76DFF2-BB8E-4AA8-A6CA-B39D2272320A}] => (Allow) C:\Program Files\WindowsApps\SpotifyAB.SpotifyMusic_1.232.997.0_x64__zpdnekdrzrea0\Spotify.exe (453637B3-4E12-4CDF-B0D3-2A3C863BF6EF -> Spotify Ltd)
FirewallRules: [{8578BE9E-4380-4630-A5E0-9BF47AD77BC1}] => (Allow) C:\Program Files\WindowsApps\SpotifyAB.SpotifyMusic_1.232.997.0_x64__zpdnekdrzrea0\Spotify.exe (453637B3-4E12-4CDF-B0D3-2A3C863BF6EF -> Spotify Ltd)
FirewallRules: [{380B0156-9DDB-4D79-B962-F4F8FE519876}] => (Allow) C:\Program Files\WindowsApps\SpotifyAB.SpotifyMusic_1.232.997.0_x64__zpdnekdrzrea0\Spotify.exe (453637B3-4E12-4CDF-B0D3-2A3C863BF6EF -> Spotify Ltd)
FirewallRules: [{4D2F80D4-DCE8-42CC-9FA1-D0B87E6EEDD0}] => (Allow) C:\Program Files\WindowsApps\SpotifyAB.SpotifyMusic_1.232.997.0_x64__zpdnekdrzrea0\Spotify.exe (453637B3-4E12-4CDF-B0D3-2A3C863BF6EF -> Spotify Ltd)
FirewallRules: [{DCD5A2C6-8626-40E5-A970-9626B2FAC739}] => (Allow) C:\Program Files\BraveSoftware\Brave-Browser\Application\brave.exe (Brave Software, Inc. -> Brave Software, Inc.)
FirewallRules: [{0A27B21B-63C2-4F51-A817-9D0D100DA9E1}] => (Allow) C:\Program Files\Google\Chrome\Application\chrome.exe (Google LLC -> Google LLC)
FirewallRules: [{9B581064-03A0-4426-B1A5-CAD230A203CA}] => (Allow) C:\Program Files (x86)\Norton\Browser\Application\NortonBrowser.exe (NortonLifeLock Inc. -> NortonLifeLock Inc)
FirewallRules: [{49A8E2FC-4939-4F00-BC52-C112C34AD7E9}] => (Allow) F:\SteamLibrary\steamapps\common\Assassins Creed Origins\ACOrigins.exe (UBISOFT ENTERTAINMENT INC. -> )
FirewallRules: [{C747AB47-C83E-48FE-9D70-DEDF3698151B}] => (Allow) F:\SteamLibrary\steamapps\common\Assassins Creed Origins\ACOrigins.exe (UBISOFT ENTERTAINMENT INC. -> )
FirewallRules: [{BDEE4D0B-F727-4EE0-A15B-BF209456FB40}] => (Allow) C:\Program Files (x86)\Microsoft\EdgeWebView\Application\122.0.2365.80\msedgewebview2.exe (Microsoft Corporation -> Microsoft Corporation)
FirewallRules: [{615ACB0B-68D9-4E72-AF76-AF9A4DF9DF2D}] => (Allow) C:\Program Files\Electronic Arts\EA Desktop\EA Desktop\EABackgroundService.exe (Electronic Arts, Inc. -> Electronic Arts)
FirewallRules: [{9C1C0249-1466-45A1-A517-A4586AEBA161}] => (Allow) C:\Program Files\Electronic Arts\EA Desktop\EA Desktop\EABackgroundService.exe (Electronic Arts, Inc. -> Electronic Arts)
FirewallRules: [{5284FB7B-46DF-4F4F-B184-16E23D4088E5}] => (Allow) C:\Program Files\Electronic Arts\EA Desktop\EA Desktop\EAConnect_microsoft.exe (Electronic Arts, Inc. -> Electronic Arts)
FirewallRules: [{180BF028-275F-4C2E-8C41-F884DD436D7B}] => (Allow) C:\Program Files\Electronic Arts\EA Desktop\EA Desktop\EAConnect_microsoft.exe (Electronic Arts, Inc. -> Electronic Arts)
FirewallRules: [{809F42D6-8A19-4049-9CB1-4F339ACBAD99}] => (Allow) C:\Program Files\Electronic Arts\EA Desktop\EA Desktop\EADesktop.exe (Electronic Arts, Inc. -> Electronic Arts)
FirewallRules: [{A3B69225-A1C4-4CD6-B988-173B071ADA66}] => (Allow) C:\Program Files\Electronic Arts\EA Desktop\EA Desktop\EADesktop.exe (Electronic Arts, Inc. -> Electronic Arts)
FirewallRules: [{126E90B2-2298-4548-B549-2020FE0C2D1E}] => (Allow) C:\Program Files\Electronic Arts\EA Desktop\EA Desktop\EAGEP.exe (Electronic Arts, Inc. -> Electronic Arts)
FirewallRules: [{D3E18171-4431-4865-BA52-A44A990EE240}] => (Allow) C:\Program Files\Electronic Arts\EA Desktop\EA Desktop\EAGEP.exe (Electronic Arts, Inc. -> Electronic Arts)
FirewallRules: [{4A60AA50-C345-4AAA-9D6A-63112E97AB9B}] => (Allow) C:\Program Files\Electronic Arts\EA Desktop\EA Desktop\EALocalHostSvc.exe (Electronic Arts, Inc. -> Electronic Arts)
FirewallRules: [{FCC96E26-1D4D-4759-848B-97F1BBE89829}] => (Allow) C:\Program Files\Electronic Arts\EA Desktop\EA Desktop\EALocalHostSvc.exe (Electronic Arts, Inc. -> Electronic Arts)
FirewallRules: [{301F1478-443F-4C94-AAFB-837F1AEE8FEC}] => (Allow) C:\Program Files\Electronic Arts\EA Desktop\EA Desktop\EALaunchHelper.exe (Electronic Arts, Inc. -> Electronic Arts)

==================== Restore Points =========================

08-03-2024 11:54:34 Naplánovaný kontrolní bod
11-03-2024 18:02:37 AdwCleaner_BeforeCleaning_11/03/2024_18:02:37

==================== Faulty Device Manager Devices ============

Name: Základní grafický adaptér Microsoft
Description: Základní grafický adaptér Microsoft
Class Guid: {4d36e968-e325-11ce-bfc1-08002be10318}
Manufacturer: (Standardní typy zobrazovacích jednotek)
Service: BasicDisplay
Problem: : This device is not working properly because Windows cannot load the drivers required for this device. (Code 31)
Resolution: Update the driver


==================== Event log errors: ========================

Application errors:
==================
Error: (03/11/2024 09:12:12 PM) (Source: WorkflowAppControl) (EventID: 32767) (User: )
Description: Wait Workflow Commands request from device.

Error: (03/11/2024 09:12:12 PM) (Source: WorkflowAppControl) (EventID: 32767) (User: )
Description: Start Broadcast Receiver Server...

Error: (03/11/2024 09:12:12 PM) (Source: WorkflowAppControl) (EventID: 32767) (User: )
Description: Start Server...

Error: (03/11/2024 09:12:12 PM) (Source: WorkflowAppControl) (EventID: 32767) (User: )
Description: Start Server...

Error: (03/11/2024 09:12:12 PM) (Source: WorkflowAppControl) (EventID: 32767) (User: )
Description: Host.AddressList[1]: 192.168.0.172

Error: (03/11/2024 09:12:12 PM) (Source: WorkflowAppControl) (EventID: 32767) (User: )
Description: Host.AddressList[0]: fe80:ee50:b966:1bbf%4

Error: (03/11/2024 09:12:12 PM) (Source: WorkflowAppControl) (EventID: 32767) (User: )
Description: Host.AddressList.Length: 2

Error: (03/11/2024 09:12:12 PM) (Source: WorkflowAppControl) (EventID: 32767) (User: )
Description: Hodnota nemůže být NULL.
Název parametru: ipString


System errors:
=============
Error: (03/12/2024 06:49:30 AM) (Source: BTHUSB) (EventID: 17) (User: )
Description: Místní adaptér Bluetooth selhal. Důvod selhaní nebylo možno určit a adaptér nebude používán. Ovladač vysílače byl vyjmut z paměti.

Error: (03/11/2024 09:12:11 PM) (Source: Microsoft-Windows-DNS-Client) (EventID: 1012) (User: NT AUTHORITY)
Description: Při pokusu o načtení souboru místních hostitelů došlo k chybě.

Error: (03/11/2024 09:11:24 PM) (Source: Microsoft-Windows-WLAN-AutoConfig) (EventID: 10003) (User: NT AUTHORITY)
Description: Rozšiřující modul sítě WLAN byl neočekávaně ukončen.

Cesta k modulu: C:\Windows\system32\mtkihvx.dll

Error: (03/11/2024 09:11:24 PM) (Source: Microsoft-Windows-WLAN-AutoConfig) (EventID: 10003) (User: NT AUTHORITY)
Description: Rozšiřující modul sítě WLAN byl neočekávaně ukončen.

Cesta k modulu: C:\Windows\system32\mtkihvx.dll

Error: (03/11/2024 09:11:23 PM) (Source: Microsoft-Windows-WLAN-AutoConfig) (EventID: 10003) (User: NT AUTHORITY)
Description: Rozšiřující modul sítě WLAN byl neočekávaně ukončen.

Cesta k modulu: C:\Windows\system32\mtkihvx.dll

Error: (03/11/2024 08:40:32 PM) (Source: Microsoft-Windows-DNS-Client) (EventID: 1012) (User: NT AUTHORITY)
Description: Při pokusu o načtení souboru místních hostitelů došlo k chybě.

Error: (03/11/2024 08:38:48 PM) (Source: Microsoft-Windows-DNS-Client) (EventID: 1012) (User: NT AUTHORITY)
Description: Při pokusu o načtení souboru místních hostitelů došlo k chybě.

Error: (03/11/2024 08:11:39 PM) (Source: Service Control Manager) (EventID: 7034) (User: )
Description: Služba Steam Client Service byla neočekávaně ukončena. Tento stav nastal již 1krát.


Windows Defender:
================
Date: 2023-09-15 17:49:36
Description:
Prohledávání Antivirová ochrana v programu Microsoft Defender bylo zastaveno před dokončením.
ID prohledávání: {1D3C3F82-17AF-44E3-B6E8-8D941678B3AD}
Typ prohledávání: Antimalwarový program
Parametry prohledávání: Rychlé prohledávání
Uživatel: NT AUTHORITY\SYSTEM

Date: 2023-09-15 17:13:59
Description:
Prohledávání Antivirová ochrana v programu Microsoft Defender bylo zastaveno před dokončením.
ID prohledávání: {9FCB75CC-DBDD-4756-BEFA-FA5A0B041EA5}
Typ prohledávání: Antimalwarový program
Parametry prohledávání: Rychlé prohledávání
Uživatel: NT AUTHORITY\SYSTEM

Date: 2023-09-15 17:00:30
Description:
Prohledávání Antivirová ochrana v programu Microsoft Defender bylo zastaveno před dokončením.
ID prohledávání: {D6A6F614-103F-43CA-8DA9-CB16E7B47777}
Typ prohledávání: Antimalwarový program
Parametry prohledávání: Rychlé prohledávání
Uživatel: NT AUTHORITY\SYSTEM

Date: 2023-09-15 16:44:00
Description:
Prohledávání Antivirová ochrana v programu Microsoft Defender bylo zastaveno před dokončením.
ID prohledávání: {24B4576D-D6D5-44C5-ACC8-0E3BF7A2D161}
Typ prohledávání: Antimalwarový program
Parametry prohledávání: Rychlé prohledávání
Uživatel: NT AUTHORITY\SYSTEM
Event[0]:

Date: 2023-09-14 20:56:15
Description:
Funkce Ochrana v reálném čase u prohledávání Antivirová ochrana v programu Microsoft Defender zjistila chybu a došlo k jejímu selhání.
Funkce: Při přístupu
Kód chyby: 0x8007043c
Popis chyby: Tuto službu nelze spustit v nouzovém režimu.
Důvod: Antimalwarové bezpečnostní informace přestaly z neznámých důvodů fungovat. V některých případech se tento problém dá vyřešit restartováním služby.

Date: 2023-09-14 20:53:08
Description:
Funkce Ochrana v reálném čase u prohledávání Antivirová ochrana v programu Microsoft Defender zjistila chybu a došlo k jejímu selhání.
Funkce: Při přístupu
Kód chyby: 0x8007043c
Popis chyby: Tuto službu nelze spustit v nouzovém režimu.
Důvod: Antimalwarové bezpečnostní informace přestaly z neznámých důvodů fungovat. V některých případech se tento problém dá vyřešit restartováním služby.

Date: 2023-09-14 20:51:00
Description:
Funkce Ochrana v reálném čase u prohledávání Antivirová ochrana v programu Microsoft Defender zjistila chybu a došlo k jejímu selhání.
Funkce: Při přístupu
Kód chyby: 0x8007043c
Popis chyby: Tuto službu nelze spustit v nouzovém režimu.
Důvod: Antimalwarové bezpečnostní informace přestaly z neznámých důvodů fungovat. V některých případech se tento problém dá vyřešit restartováním služby.

Date: 2023-09-14 20:19:36
Description:
Funkce Ochrana v reálném čase u prohledávání Antivirová ochrana v programu Microsoft Defender zjistila chybu a došlo k jejímu selhání.
Funkce: Při přístupu
Kód chyby: 0x8007043c
Popis chyby: Tuto službu nelze spustit v nouzovém režimu.
Důvod: Antimalwarové bezpečnostní informace přestaly z neznámých důvodů fungovat. V některých případech se tento problém dá vyřešit restartováním služby.

CodeIntegrity:
===============
Date: 2024-03-12 06:52:02
Description:
Code Integrity determined that a process (\Device\HarddiskVolume3\Windows\System32\svchost.exe) attempted to load \Device\HarddiskVolume3\Program Files\Norton Security\Engine\22.24.1.6\symamsi.dll that did not meet the Windows signing level requirements.


==================== Memory info ===========================

BIOS: American Megatrends International, LLC. 1.70 08/10/2023
Motherboard: Micro-Star International Co., Ltd. MAG B650 TOMAHAWK WIFI (MS-7D75)
Processor: AMD Ryzen 5 7600 6-Core Processor
Percentage of memory in use: 44%
Total physical RAM: 31904.49 MB
Available physical RAM: 17741.68 MB
Total Virtual: 42656.49 MB
Available Virtual: 19091.79 MB

==================== Drives ================================

Drive c: () (Fixed) (Total:953.23 GB) (Free:440.83 GB) (Model: KINGSTON SKC3000S1024G) NTFS
Drive e: (Herní disk_2) (Fixed) (Total:1863 GB) (Free:798.83 GB) (Model: CT2000MX500SSD1) NTFS
Drive f: (Herní disk) (Fixed) (Total:931.51 GB) (Free:149.39 GB) (Model: CT1000MX500SSD1) NTFS
Drive g: (NOVÝ) (Fixed) (Total:1863 GB) (Free:519.84 GB) (Model: TOSHIBA HDWD120) NTFS

\\?\Volume{f08c05ec-85f2-4832-a81c-ba9a823519ba}\ () (Fixed) (Total:0.09 GB) (Free:0.07 GB) FAT32

==================== MBR & Partition Table ====================

==========================================================
Disk: 0 (Protective MBR) (Size: 1863 GB) (Disk ID: 00000000)

Partition: GPT.

==========================================================
Disk: 1 (MBR Code: Windows 7/8/10) (Size: 931.5 GB) (Disk ID: B9FCB599)
Partition 1: (Active) - (Size=931.5 GB) - (Type=07 NTFS)

==========================================================
Disk: 2 (Protective MBR) (Size: 1863 GB) (Disk ID: 00000000)

Partition: GPT.

==========================================================
Disk: 3 (Protective MBR) (Size: 953.9 GB) (Disk ID: 00000000)

Partition: GPT.

==================== End of Addition.txt =======================

[Rudy]

Zdravím!
Tady je to napsáno správně - počítačová síť. Většinou píší "počítač", což nemusí být pravda.Druhá srtrana registruje IP routeru vašeho poskytovatele. Abychom věděli, že to není váš PC dejte logy FRST+Addition: https://forum.viry.cz/viewtopic.php?f=13&t=154679 . Podíváme se na to.

[pepezdepa]

Dal jsem do prvního příspěvku, jelikož jsem si mezitím přečetl, že bych měl udělat nějaký log a vašeho příspěvku jsem si všiml až když jsem log přidal. Snad to neva.

[Rudy]

OK, nevadí. Teď spusťte tuto utilitu:

Ulozte na plochu AdwCleaner https://malwarebytes.com/adwcleaner/ nebo http://www.bleepingcomputer.com/download/adwcleaner/

ukoncete vsechny programy
odsouhlaste licencni podmiky (EULA) klikem na Souhlasim
kliknete pravym na ikonu AdwCleaneru a vyberte Spustit jako spravce (v pripade Win XP spustte obycejne dvojklikem)
kliknete na Skenovat nyni (Scan now), pote na Cisteni a opravy (Clean and Repair)
po restartu na Vas vyskoci log (pripadne jej najdete v C:\AdwCleaner\Logs\AdwCleaner[Cxx].txt), jehoz obsah zkopirujte do pristi odpovedi

[pepezdepa]

Žádný restart to po mně nechtělo. Doufám, že jsem to udělal správně.

# -------------------------------
# Malwarebytes AdwCleaner 8.4.2.0
# -------------------------------
# Build: 03-04-2024
# Database: 2024-03-04.1 (Cloud)
# Support: https://www.malwarebytes.com/support
#
# -------------------------------
# Mode: Clean
# -------------------------------
# Start: 03-12-2024
# Duration: 00:00:00
# OS: Windows 10 (Build 19045.4046)
# Cleaned: 0
# Failed: 0


***** [ Services ] *****

No malicious services cleaned.

***** [ Folders ] *****

No malicious folders cleaned.

***** [ Files ] *****

No malicious files cleaned.

***** [ DLL ] *****

No malicious DLLs cleaned.

***** [ WMI ] *****

No malicious WMI cleaned.

***** [ Shortcuts ] *****

No malicious shortcuts cleaned.

***** [ Tasks ] *****

No malicious tasks cleaned.

***** [ Registry ] *****

No malicious registry entries cleaned.

***** [ Chromium (and derivatives) ] *****

No malicious Chromium entries cleaned.

***** [ Chromium URLs ] *****

No malicious Chromium URLs cleaned.

***** [ Firefox (and derivatives) ] *****

No malicious Firefox entries cleaned.

***** [ Firefox URLs ] *****

No malicious Firefox URLs cleaned.

***** [ Hosts File Entries ] *****

No malicious hosts file entries cleaned.

***** [ Preinstalled Software ] *****

No Preinstalled Software cleaned.


*************************

[+] Delete Tracing Keys
[+] Reset Winsock

*************************

AdwCleaner[S00].txt - [1538 octets] - [11/03/2024 18:01:44]
AdwCleaner[C00].txt - [1719 octets] - [11/03/2024 18:02:44]
AdwCleaner[S01].txt - [1610 octets] - [11/03/2024 18:06:30]
AdwCleaner[C01].txt - [1780 octets] - [11/03/2024 18:07:48]
AdwCleaner[S02].txt - [1664 octets] - [11/03/2024 20:10:19]
AdwCleaner[S03].txt - [1725 octets] - [11/03/2024 20:11:23]
AdwCleaner[C03].txt - [1915 octets] - [11/03/2024 20:11:39]
AdwCleaner[S04].txt - [1847 octets] - [11/03/2024 20:59:10]
AdwCleaner[S05].txt - [1908 octets] - [12/03/2024 12:58:55]

########## EOF - C:\AdwCleaner\Logs\AdwCleaner[C05].txt ##########

[Rudy]

Správně. Protože nic nebylo nalezeno, restart nebyl třeba.Toto je OK. Otevřte poznámkový blok a zkopírujte do něj:

Start

CloseProcesses:
HKU\S-1-5-21-164412472-2611241565-492249232-1001\Software\Classes\regfile: <==== ATTENTION
HKU\S-1-5-21-164412472-2611241565-492249232-1001\Software\Classes\.reg: => <==== ATTENTION
HKU\S-1-5-21-164412472-2611241565-492249232-1001\Software\Classes\.bat: => <==== ATTENTION
HKU\S-1-5-21-164412472-2611241565-492249232-1001\Software\Classes\.cmd: => <==== ATTENTION
FirewallRules: [TCP Query User{521C9A87-02C9-456E-BFBF-598D0E0222DA}F:\steamlibrary\steamapps\common\cyberpunk 2077\bin\x64\cyberpunk2077.exe] => (Allow) F:\steamlibrary\steamapps\common\cyberpunk 2077\bin\x64\cyberpunk2077.exe => No File
FirewallRules: [UDP Query User{C7934D5B-5574-4447-8525-BBA81EF9EB78}F:\steamlibrary\steamapps\common\cyberpunk 2077\bin\x64\cyberpunk2077.exe] => (Allow) F:\steamlibrary\steamapps\common\cyberpunk 2077\bin\x64\cyberpunk2077.exe => No File
FirewallRules: [{DEFD5EC5-E198-40F6-A16E-19505ED79607}] => (Allow) C:\Program Files (x86)\Steam\steamapps\common\Starfield\Starfield.exe => No File
FirewallRules: [{C44C6D32-1AE7-4D06-A2FA-B779608B204A}] => (Allow) C:\Program Files (x86)\Steam\steamapps\common\Starfield\Starfield.exe => No File
FirewallRules: [TCP Query User{ABA38F8D-587E-4B3E-AC99-E6F57E185272}F:\steamlibrary\steamapps\common\baldurs gate 3\bin\bg3_dx11.exe] => (Allow) F:\steamlibrary\steamapps\common\baldurs gate 3\bin\bg3_dx11.exe => No File
FirewallRules: [UDP Query User{C9394611-552B-488C-B4D5-E611B28271C1}F:\steamlibrary\steamapps\common\baldurs gate 3\bin\bg3_dx11.exe] => (Allow) F:\steamlibrary\steamapps\common\baldurs gate 3\bin\bg3_dx11.exe => No File
FirewallRules: [{6C13E54A-74AF-443E-B4CD-712995506A0A}] => (Allow) C:\Program Files\Rockstar Games\Red Dead Redemption 2\RDR2.exe => No File
FirewallRules: [{1CC3380D-9E69-499F-BED5-7219A4CBCFAF}] => (Allow) C:\Program Files\Rockstar Games\Red Dead Redemption 2\RDR2.exe => No File
FirewallRules: [{2C5874D7-481D-4D9A-BD2E-51D563309F14}] => (Allow) C:\Program Files (x86)\Steam\steamapps\common\DEATH STRANDING DIRECTORS CUT\ds.exe => No File
FirewallRules: [{B887F157-DAE5-41D6-A1DF-E5C7941FF180}] => (Allow) C:\Program Files (x86)\Steam\steamapps\common\DEATH STRANDING DIRECTORS CUT\ds.exe => No File
FirewallRules: [{8762D41F-D445-4762-839E-450E35E3D7EB}] => (Allow) E:\SteamLibrary\steamapps\common\Dishonored\Binaries\Win32\Dishonored.exe => No File
FirewallRules: [{9F09329B-738E-48BF-A127-A5E5D98430B9}] => (Allow) E:\SteamLibrary\steamapps\common\Dishonored\Binaries\Win32\Dishonored.exe => No File
FirewallRules: [{94DE6657-AB26-46FF-988B-164CC90430B0}] => (Allow) E:\SteamLibrary\steamapps\common\Metro Last Light\MetroLL.exe => No File
FirewallRules: [{6426E443-5759-497F-924A-F1D71E1728B3}] => (Allow) E:\SteamLibrary\steamapps\common\Metro Last Light\MetroLL.exe => No File
HKLM-x32\...\RunOnce: [usbfltrb] => [X]
HKLM\SOFTWARE\Microsoft\Windows Defender: [DisableAntiSpyware] Restriction <==== ATTENTION
HKLM\SOFTWARE\Microsoft\Windows Defender: [DisableAntiVirus] Restriction <==== ATTENTION
HKU\S-1-5-21-164412472-2611241565-492249232-1001\...\Run: [G-Menu] => C:\G-Menu\G-Menu.exe --openAsHidden (No File)
HKU\S-1-5-21-164412472-2611241565-492249232-1001\...\Run: [GalaxyClient] => [X]
Startup: C:\Users\Tomík\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup\DDM2.0.lnk [2023-10-31]
ShortcutTarget: DDM2.0.lnk -> C:\Program Files\Dell\Dell Display Manager 2\DDM.exe (No File)
Task: {0FCFBEFF-DCC5-4EB6-B699-EB7735825196} - System32\Tasks\GoogleUpdateTaskMachineCore{02364DD3-D51A-47F9-96A6-3905C0B33A3A} => C:\Program Files (x86)\Google\Update\GoogleUpdate.exe [156232 2023-09-14] (Google LLC -> Google LLC)
Task: {8FCB2FB4-19E9-4E13-BAE4-DA5B7E50A4B5} - System32\Tasks\GoogleUpdateTaskMachineUA{88FEB7AF-F2D6-4AEF-9914-A5EF229D0D76} => C:\Program Files (x86)\Google\Update\GoogleUpdate.exe [156232 2023-09-14] (Google LLC -> Google LLC)
Task: {D884780C-EB50-4887-9ADA-1920B5EDF697} - System32\Tasks\{2B3E483C-6661-4E04-8FF4-C7FCE7D864AE} => C:\Program Files (x86)\east-tec Eraser\etEraser.exe (No File)
Task: {7E37EC71-CA5F-409E-800C-0E2DF7364246} - System32\Tasks\{2B3E483C-6661-4E04-8FF4-C7FCE7D864BE} => C:\Program Files (x86)\east-tec Eraser\etUpdateMonitor.exe (No File)
S3 HWiNFO_187; C:\Users\TOMK~1\AppData\Local\Temp\HWiNFO64A_187.SYS [56912 2024-03-07] (Microsoft Windows Hardware Compatibility Publisher -> REALiX(tm)) <==== ATTENTION
C:\DumpStack.log.tmp

EmptyTemp:
End

Uložte do C:\Users\Tomík\OneDrive\Plocha jako fixlist.txt. Spusťte znovu FRST a klikněte na >Fix<. Po skončení akce se objeví log, který sem zkopírujte.

[pepezdepa]

Fix result of Farbar Recovery Scan Tool (x64) Version: 11.03.2024
Ran by Tomík (12-03-2024 14:32:25) Run:1
Running from C:\Users\Tomík\OneDrive\Plocha
Loaded Profiles: Tomík
Boot Mode: Normal
==============================================

fixlist content:
*****************
Start

CloseProcesses:
HKU\S-1-5-21-164412472-2611241565-492249232-1001\Software\Classes\regfile: <==== ATTENTION
HKU\S-1-5-21-164412472-2611241565-492249232-1001\Software\Classes\.reg: => <==== ATTENTION
HKU\S-1-5-21-164412472-2611241565-492249232-1001\Software\Classes\.bat: => <==== ATTENTION
HKU\S-1-5-21-164412472-2611241565-492249232-1001\Software\Classes\.cmd: => <==== ATTENTION
FirewallRules: [TCP Query User{521C9A87-02C9-456E-BFBF-598D0E0222DA}F:\steamlibrary\steamapps\common\cyberpunk 2077\bin\x64\cyberpunk2077.exe] => (Allow) F:\steamlibrary\steamapps\common\cyberpunk 2077\bin\x64\cyberpunk2077.exe => No File
FirewallRules: [UDP Query User{C7934D5B-5574-4447-8525-BBA81EF9EB78}F:\steamlibrary\steamapps\common\cyberpunk 2077\bin\x64\cyberpunk2077.exe] => (Allow) F:\steamlibrary\steamapps\common\cyberpunk 2077\bin\x64\cyberpunk2077.exe => No File
FirewallRules: [{DEFD5EC5-E198-40F6-A16E-19505ED79607}] => (Allow) C:\Program Files (x86)\Steam\steamapps\common\Starfield\Starfield.exe => No File
FirewallRules: [{C44C6D32-1AE7-4D06-A2FA-B779608B204A}] => (Allow) C:\Program Files (x86)\Steam\steamapps\common\Starfield\Starfield.exe => No File
FirewallRules: [TCP Query User{ABA38F8D-587E-4B3E-AC99-E6F57E185272}F:\steamlibrary\steamapps\common\baldurs gate 3\bin\bg3_dx11.exe] => (Allow) F:\steamlibrary\steamapps\common\baldurs gate 3\bin\bg3_dx11.exe => No File
FirewallRules: [UDP Query User{C9394611-552B-488C-B4D5-E611B28271C1}F:\steamlibrary\steamapps\common\baldurs gate 3\bin\bg3_dx11.exe] => (Allow) F:\steamlibrary\steamapps\common\baldurs gate 3\bin\bg3_dx11.exe => No File
FirewallRules: [{6C13E54A-74AF-443E-B4CD-712995506A0A}] => (Allow) C:\Program Files\Rockstar Games\Red Dead Redemption 2\RDR2.exe => No File
FirewallRules: [{1CC3380D-9E69-499F-BED5-7219A4CBCFAF}] => (Allow) C:\Program Files\Rockstar Games\Red Dead Redemption 2\RDR2.exe => No File
FirewallRules: [{2C5874D7-481D-4D9A-BD2E-51D563309F14}] => (Allow) C:\Program Files (x86)\Steam\steamapps\common\DEATH STRANDING DIRECTORS CUT\ds.exe => No File
FirewallRules: [{B887F157-DAE5-41D6-A1DF-E5C7941FF180}] => (Allow) C:\Program Files (x86)\Steam\steamapps\common\DEATH STRANDING DIRECTORS CUT\ds.exe => No File
FirewallRules: [{8762D41F-D445-4762-839E-450E35E3D7EB}] => (Allow) E:\SteamLibrary\steamapps\common\Dishonored\Binaries\Win32\Dishonored.exe => No File
FirewallRules: [{9F09329B-738E-48BF-A127-A5E5D98430B9}] => (Allow) E:\SteamLibrary\steamapps\common\Dishonored\Binaries\Win32\Dishonored.exe => No File
FirewallRules: [{94DE6657-AB26-46FF-988B-164CC90430B0}] => (Allow) E:\SteamLibrary\steamapps\common\Metro Last Light\MetroLL.exe => No File
FirewallRules: [{6426E443-5759-497F-924A-F1D71E1728B3}] => (Allow) E:\SteamLibrary\steamapps\common\Metro Last Light\MetroLL.exe => No File
HKLM-x32\...\RunOnce: [usbfltrb] => [X]
HKLM\SOFTWARE\Microsoft\Windows Defender: [DisableAntiSpyware] Restriction <==== ATTENTION
HKLM\SOFTWARE\Microsoft\Windows Defender: [DisableAntiVirus] Restriction <==== ATTENTION
HKU\S-1-5-21-164412472-2611241565-492249232-1001\...\Run: [G-Menu] => C:\G-Menu\G-Menu.exe --openAsHidden (No File)
HKU\S-1-5-21-164412472-2611241565-492249232-1001\...\Run: [GalaxyClient] => [X]
Startup: C:\Users\Tomík\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup\DDM2.0.lnk [2023-10-31]
ShortcutTarget: DDM2.0.lnk -> C:\Program Files\Dell\Dell Display Manager 2\DDM.exe (No File)
Task: {0FCFBEFF-DCC5-4EB6-B699-EB7735825196} - System32\Tasks\GoogleUpdateTaskMachineCore{02364DD3-D51A-47F9-96A6-3905C0B33A3A} => C:\Program Files (x86)\Google\Update\GoogleUpdate.exe [156232 2023-09-14] (Google LLC -> Google LLC)
Task: {8FCB2FB4-19E9-4E13-BAE4-DA5B7E50A4B5} - System32\Tasks\GoogleUpdateTaskMachineUA{88FEB7AF-F2D6-4AEF-9914-A5EF229D0D76} => C:\Program Files (x86)\Google\Update\GoogleUpdate.exe [156232 2023-09-14] (Google LLC -> Google LLC)
Task: {D884780C-EB50-4887-9ADA-1920B5EDF697} - System32\Tasks\{2B3E483C-6661-4E04-8FF4-C7FCE7D864AE} => C:\Program Files (x86)\east-tec Eraser\etEraser.exe (No File)
Task: {7E37EC71-CA5F-409E-800C-0E2DF7364246} - System32\Tasks\{2B3E483C-6661-4E04-8FF4-C7FCE7D864BE} => C:\Program Files (x86)\east-tec Eraser\etUpdateMonitor.exe (No File)
S3 HWiNFO_187; C:\Users\TOMK~1\AppData\Local\Temp\HWiNFO64A_187.SYS [56912 2024-03-07] (Microsoft Windows Hardware Compatibility Publisher -> REALiX(tm)) <==== ATTENTION
C:\DumpStack.log.tmp

EmptyTemp:
End
*****************

Processes closed successfully.
HKU\S-1-5-21-164412472-2611241565-492249232-1001\Software\Classes\regfile => removed successfully
HKU\S-1-5-21-164412472-2611241565-492249232-1001\Software\Classes\.reg => removed successfully
HKU\S-1-5-21-164412472-2611241565-492249232-1001\Software\Classes\.bat => removed successfully
HKU\S-1-5-21-164412472-2611241565-492249232-1001\Software\Classes\.cmd => removed successfully
"HKLM\SYSTEM\CurrentControlSet\services\SharedAccess\Parameters\FirewallPolicy\FirewallRules\\TCP Query User{521C9A87-02C9-456E-BFBF-598D0E0222DA}F:\steamlibrary\steamapps\common\cyberpunk 2077\bin\x64\cyberpunk2077.exe" => removed successfully
"HKLM\SYSTEM\CurrentControlSet\services\SharedAccess\Parameters\FirewallPolicy\FirewallRules\\UDP Query User{C7934D5B-5574-4447-8525-BBA81EF9EB78}F:\steamlibrary\steamapps\common\cyberpunk 2077\bin\x64\cyberpunk2077.exe" => removed successfully
"HKLM\SYSTEM\CurrentControlSet\services\SharedAccess\Parameters\FirewallPolicy\FirewallRules\\{DEFD5EC5-E198-40F6-A16E-19505ED79607}" => removed successfully
"HKLM\SYSTEM\CurrentControlSet\services\SharedAccess\Parameters\FirewallPolicy\FirewallRules\\{C44C6D32-1AE7-4D06-A2FA-B779608B204A}" => removed successfully
"HKLM\SYSTEM\CurrentControlSet\services\SharedAccess\Parameters\FirewallPolicy\FirewallRules\\TCP Query User{ABA38F8D-587E-4B3E-AC99-E6F57E185272}F:\steamlibrary\steamapps\common\baldurs gate 3\bin\bg3_dx11.exe" => removed successfully
"HKLM\SYSTEM\CurrentControlSet\services\SharedAccess\Parameters\FirewallPolicy\FirewallRules\\UDP Query User{C9394611-552B-488C-B4D5-E611B28271C1}F:\steamlibrary\steamapps\common\baldurs gate 3\bin\bg3_dx11.exe" => removed successfully
"HKLM\SYSTEM\CurrentControlSet\services\SharedAccess\Parameters\FirewallPolicy\FirewallRules\\{6C13E54A-74AF-443E-B4CD-712995506A0A}" => removed successfully
"HKLM\SYSTEM\CurrentControlSet\services\SharedAccess\Parameters\FirewallPolicy\FirewallRules\\{1CC3380D-9E69-499F-BED5-7219A4CBCFAF}" => removed successfully
"HKLM\SYSTEM\CurrentControlSet\services\SharedAccess\Parameters\FirewallPolicy\FirewallRules\\{2C5874D7-481D-4D9A-BD2E-51D563309F14}" => removed successfully
"HKLM\SYSTEM\CurrentControlSet\services\SharedAccess\Parameters\FirewallPolicy\FirewallRules\\{B887F157-DAE5-41D6-A1DF-E5C7941FF180}" => removed successfully
"HKLM\SYSTEM\CurrentControlSet\services\SharedAccess\Parameters\FirewallPolicy\FirewallRules\\{8762D41F-D445-4762-839E-450E35E3D7EB}" => removed successfully
"HKLM\SYSTEM\CurrentControlSet\services\SharedAccess\Parameters\FirewallPolicy\FirewallRules\\{9F09329B-738E-48BF-A127-A5E5D98430B9}" => removed successfully
"HKLM\SYSTEM\CurrentControlSet\services\SharedAccess\Parameters\FirewallPolicy\FirewallRules\\{94DE6657-AB26-46FF-988B-164CC90430B0}" => removed successfully
"HKLM\SYSTEM\CurrentControlSet\services\SharedAccess\Parameters\FirewallPolicy\FirewallRules\\{6426E443-5759-497F-924A-F1D71E1728B3}" => removed successfully
"HKLM\Software\WOW6432Node\Microsoft\Windows\CurrentVersion\RunOnce\\usbfltrb" => removed successfully
HKLM\SOFTWARE\Microsoft\Windows Defender\\"DisableAntiSpyware"="0" => value restored successfully
HKLM\SOFTWARE\Microsoft\Windows Defender\\"DisableAntiVirus"="0" => value restored successfully
"HKU\S-1-5-21-164412472-2611241565-492249232-1001\Software\Microsoft\Windows\CurrentVersion\Run\\G-Menu" => removed successfully
"HKU\S-1-5-21-164412472-2611241565-492249232-1001\Software\Microsoft\Windows\CurrentVersion\Run\\GalaxyClient" => removed successfully
C:\Users\Tomík\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup\DDM2.0.lnk => moved successfully
"C:\Program Files\Dell\Dell Display Manager 2\DDM.exe" => not found
"HKLM\Software\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Logon\{0FCFBEFF-DCC5-4EB6-B699-EB7735825196}" => removed successfully
"HKLM\Software\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tasks\{0FCFBEFF-DCC5-4EB6-B699-EB7735825196}" => removed successfully
C:\Windows\System32\Tasks\GoogleUpdateTaskMachineCore{02364DD3-D51A-47F9-96A6-3905C0B33A3A} => moved successfully
"HKLM\Software\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tree\GoogleUpdateTaskMachineCore{02364DD3-D51A-47F9-96A6-3905C0B33A3A}" => removed successfully
"HKLM\Software\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Plain\{8FCB2FB4-19E9-4E13-BAE4-DA5B7E50A4B5}" => removed successfully
"HKLM\Software\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tasks\{8FCB2FB4-19E9-4E13-BAE4-DA5B7E50A4B5}" => removed successfully
C:\Windows\System32\Tasks\GoogleUpdateTaskMachineUA{88FEB7AF-F2D6-4AEF-9914-A5EF229D0D76} => moved successfully
"HKLM\Software\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tree\GoogleUpdateTaskMachineUA{88FEB7AF-F2D6-4AEF-9914-A5EF229D0D76}" => removed successfully
"HKLM\Software\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Plain\{D884780C-EB50-4887-9ADA-1920B5EDF697}" => removed successfully
"HKLM\Software\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tasks\{D884780C-EB50-4887-9ADA-1920B5EDF697}" => removed successfully
C:\Windows\System32\Tasks\{2B3E483C-6661-4E04-8FF4-C7FCE7D864AE} => moved successfully
"HKLM\Software\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tree\{2B3E483C-6661-4E04-8FF4-C7FCE7D864AE}" => removed successfully
"HKLM\Software\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Plain\{7E37EC71-CA5F-409E-800C-0E2DF7364246}" => removed successfully
"HKLM\Software\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tasks\{7E37EC71-CA5F-409E-800C-0E2DF7364246}" => removed successfully
C:\Windows\System32\Tasks\{2B3E483C-6661-4E04-8FF4-C7FCE7D864BE} => moved successfully
"HKLM\Software\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tree\{2B3E483C-6661-4E04-8FF4-C7FCE7D864BE}" => removed successfully
HKLM\System\CurrentControlSet\Services\HWiNFO_187 => removed successfully
HWiNFO_187 => service removed successfully
Could not move "C:\DumpStack.log.tmp" => Scheduled to move on reboot.

=========== EmptyTemp: ==========

FlushDNS => completed
BITS transfer queue => 1310720 B
DOMStore, IE Recovery, AppCache, Feeds Cache, Thumbcache, IconCache => 79273646 B
Java, Discord, Steam htmlcache, WinHttpAutoProxySvc/winhttp *.cache => 511273698 B
Windows/system/drivers => 9590668 B
Edge => 0 B
Chrome => 1294097631 B
Brave => 43995106 B
Firefox => 128659121 B
Opera => 0 B

Temp, IE cache, history, cookies, recent:
Default => 0 B
ProgramData => 0 B
Public => 0 B
systemprofile => 537857 B
systemprofile32 => 537857 B
LocalService => 945943 B
NetworkService => 952021 B
Tomík => 69169894 B

RecycleBin => 0 B
EmptyTemp: => 2 GB temporary data Removed.

================================

Result of scheduled files to move (Boot Mode: Normal) (Date&Time: 12-03-2024 14:34:09)

C:\DumpStack.log.tmp => Could not move

==== End of Fixlog 14:34:09 ====

[Rudy]

Smazáno. Nastala nějaká změna?

[pepezdepa]

Problém se dnes vůbec neobjevil, ale on se projevuje jen některé dny, a to třeba jen pár hodin, typicky hlavně odpoledne a večer.

Takže počítač je bez virů? A nemohl by být zavirovaný třeba router? Já jsem ho sice hned po objevení problému nastavil zpátky do továrního nastavení a změnil přístupové heslo na Wi-Fi, ale stejně to nepomohlo. Pomohla výměna routera za starší pomalejší model, ovšem včera už ani tohle nezabralo. Proto jsem pojal podezření, že by problém mohl být v počítači.

[Rudy]

Váš PC pravděpodobně není původcem tohoto problému, i když jsem tam našel několik zbytků čehosi, co nemuselo být tak úplně v pořádku. Bylo to nefunkční a vše jsem smazal. Problém může způsobovat kterýkoliv PC zapojený do sítě vašeho poskytovatele připojení k internetu

[pepezdepa]

To je možné? Jsem myslel, že IP adresu má každý vlastní.

A mohl bych vás ještě poprosit o kontrolu logu z druhého PC, jen pro jistotu?

[Rudy]

To je opravdu možné, neboť Youtube (a všechny další) registrují pouze IP hraničního směrovače (routeru) a vše co je za ním, nevidí (ve většině případů). Ovšem ví, že z této IP jde větší datový provoz, než je obvyklé. A z toho vyplývá, že v té síti, která se skrývá za routerem, je cosi, co problém způsobude. Obává se DDoS útoku. Proto požaduje Captcha. Tu vaší konkrétní IP nevidí. Píšu o tom ve své první odpovědi. Jakýkoliv další PV si samozřejmě můžet dát zkontrolovat.

[pepezdepa]

Aha, tak to by asi vysvětlovalo, proč s tím nemám problémy pořád, ale jen někdy. Tak já tedy ještě jednou zneužiju vaši dobrotu a přidávám pro všechny případy ještě log z druhého počítače. Zároveň jsem ho posléze proskenoval i tím Adwcleanerem, jehož log rovněž připojuji.

Additional scan result of Farbar Recovery Scan Tool (x64) Version: 11.03.2024
Ran by Tradice (12-03-2024 19:50:22)
Running from C:\Users\Tradi\Desktop
Microsoft Windows 10 Home Version 22H2 19045.4046 (X64) (2021-03-27 14:39:10)
Boot Mode: Normal
==========================================================


==================== Accounts: =============================


(If an entry is included in the fixlist, it will be removed.)

Administrator (S-1-5-21-1923603369-2117772092-1647322974-500 - Administrator - Disabled)
DefaultAccount (S-1-5-21-1923603369-2117772092-1647322974-503 - Limited - Disabled)
Guest (S-1-5-21-1923603369-2117772092-1647322974-501 - Limited - Disabled)
Tradice (S-1-5-21-1923603369-2117772092-1647322974-1002 - Administrator - Enabled) => C:\Users\Tradi
WDAGUtilityAccount (S-1-5-21-1923603369-2117772092-1647322974-504 - Limited - Disabled)

==================== Security Center ========================

(If an entry is included in the fixlist, it will be removed.)

AV: Windows Defender (Disabled - Up to date) {D68DDC3A-831F-4fae-9E44-DA132C1ACF46}
AV: Kaspersky Internet Security (Disabled - Out of date) {4F76F112-43EB-40E8-11D8-F7BD1853EA23}
AV: Norton 360 (Enabled - Up to date) {AECE2126-F4E7-6909-11F2-1B69D1FBCBD0}
FW: Norton 360 (Enabled) {96F5A003-BE88-6851-3AAD-B25C2F288CAB}
FW: Kaspersky Internet Security (Disabled) {774D7037-0984-41B0-3A87-5E88E680AD58}

==================== Installed Programs ======================

(Only the adware programs with "Hidden" flag could be added to the fixlist to unhide them. The adware programs should be uninstalled manually.)

64 Bit HP CIO Components Installer (HKLM\...\{FF21C3E6-97FD-474F-9518-8DCBE94C2854}) (Version: 7.2.8 - Hewlett-Packard) Hidden
Avast Secure Browser (HKLM-x32\...\Avast Secure Browser) (Version: 121.0.23992.186 - Autoři prohlížeče Avast Secure Browser)
Avast Update Helper (HKLM-x32\...\{19C3AB22-3718-4E4D-B203-242F5001565B}) (Version: 1.8.1579.3 - AVAST Software) Hidden
Classic Shell (HKLM\...\{CABCE573-0A86-42FA-A52A-C7EA61D5BE08}) (Version: 4.3.1 - IvoSoft)
CPUID HWMonitor 1.51 (HKLM\...\CPUID HWMonitor_is1) (Version: 1.51 - CPUID, Inc.)
DocuVieware TWAIN Web Connector 2 (HTTPS) (HKLM-x32\...\{786BD4C5-9C0D-461F-A635-0886E6E5DC3D}) (Version: 15.0.0.0 - ORPALIS)
Foxit PDF Reader (HKLM-x32\...\Foxit Reader_is1) (Version: 11.1.0.52543 - Foxit Software Inc.)
HD Tune Pro 5.75 (HKLM-x32\...\HD Tune Pro_is1) (Version: - EFD Software)
HP Update (HKLM-x32\...\{912D30CF-F39E-4B31-AD9A-123C6B794EE2}) (Version: 5.005.002.002 - Hewlett-Packard)
Intel(R) Processor Graphics (HKLM-x32\...\{F0E3AD40-2BBD-4360-9C76-B9AC9A5886EA}) (Version: 20.19.15.4624 - Intel Corporation)
Kodi (HKU\S-1-5-21-1923603369-2117772092-1647322974-1002\...\Kodi) (Version: 20.4.0.0 - XBMC Foundation)
Kontrola stavu osobního počítače s Windows (HKLM\...\{D1F15F7A-707A-42BD-BE6B-3380616F796D}) (Version: 3.6.2204.08001 - Microsoft Corporation)
Microsoft Edge (HKLM-x32\...\Microsoft Edge) (Version: 122.0.2365.80 - Microsoft Corporation)
Microsoft Edge WebView2 Runtime (HKLM-x32\...\Microsoft EdgeWebView) (Version: 122.0.2365.80 - Microsoft Corporation)
Microsoft Excel 2016 - cs-cz (HKLM\...\ExcelRetail - cs-cz) (Version: 16.0.17328.20162 - Microsoft Corporation)
Microsoft Office Professional Plus 2016 - cs-cz (HKLM\...\ProplusRetail - cs-cz) (Version: 16.0.17328.20162 - Microsoft Corporation)
Microsoft OneDrive (HKU\S-1-5-21-1923603369-2117772092-1647322974-1002\...\OneDriveSetup.exe) (Version: 24.025.0204.0003 - Microsoft Corporation)
Microsoft Update Health Tools (HKLM\...\{1FC1A6C2-576E-489A-9B4A-92D21F542136}) (Version: 3.74.0.0 - Microsoft Corporation)
Microsoft Visual C++ 2015-2022 Redistributable (x64) - 14.38.33135 (HKLM-x32\...\{c649ede4-f16a-4486-a117-dcc2f2a35165}) (Version: 14.38.33135.0 - Microsoft Corporation)
Microsoft Visual C++ 2022 X64 Additional Runtime - 14.38.33135 (HKLM\...\{19AFE054-CA83-45D5-A9DB-4108EF4BD391}) (Version: 14.38.33135 - Microsoft Corporation) Hidden
Microsoft Visual C++ 2022 X64 Minimum Runtime - 14.38.33135 (HKLM\...\{AA0C8AB5-7297-4D46-A0D9-08096FE59E46}) (Version: 14.38.33135 - Microsoft Corporation) Hidden
Norton 360 (HKLM-x32\...\NGC) (Version: 22.24.2.6 - NortonLifeLock Inc)
Office 16 Click-to-Run Extensibility Component (HKLM\...\{90160000-008C-0000-1000-0000000FF1CE}) (Version: 16.0.17328.20142 - Microsoft Corporation) Hidden
Office 16 Click-to-Run Licensing Component (HKLM\...\{90160000-007E-0000-1000-0000000FF1CE}) (Version: 16.0.17328.20108 - Microsoft Corporation) Hidden
Office 16 Click-to-Run Localization Component (HKLM\...\{90160000-008C-0405-1000-0000000FF1CE}) (Version: 16.0.14131.20278 - Microsoft Corporation) Hidden
PaperScan 3 Free Edition (HKLM-x32\...\{9D946ECD-23F9-4CDD-9E2C-502926C94E93}) (Version: 3.0.118 - ORPALIS)
Realtek High Definition Audio Driver (HKLM-x32\...\{F132AF7F-7BCA-4EDE-8A7C-958108FE7DBC}) (Version: 6.0.1.7200 - Realtek Semiconductor Corp.)
Update for Windows 10 for x64-based Systems (KB5001716) (HKLM\...\{B9A7A138-BFD5-4C73-A269-F78CCA28150E}) (Version: 8.94.0.0 - Microsoft Corporation)

Packages:
=========

Doplněk multimediálního modulu pro aplikaci Fotografie -> C:\Program Files\WindowsApps\Microsoft.Photos.MediaEngineDLC_1.0.0.0_x64__8wekyb3d8bbwe [2022-05-12] (Microsoft Corporation)
Solitaire & Casual Games -> C:\Program Files\WindowsApps\Microsoft.MicrosoftSolitaireCollection_4.19.1262.0_x64__8wekyb3d8bbwe [2024-02-08] (Microsoft Studios) [MS Ad]

==================== Custom CLSID (Whitelisted): ==============

(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)

ShellIconOverlayIdentifiers: [ OverlayExcluded] -> {4433A54A-1AC8-432F-90FC-85F045CF383C} => C:\Program Files\Norton Security\Engine\22.24.2.6\buShell.dll [2024-03-04] (NortonLifeLock Inc. -> Gen Digital Inc.)
ShellIconOverlayIdentifiers: [ OverlayPending] -> {F17C0B1E-EF8E-4AD4-8E1B-7D7E8CB23225} => C:\Program Files\Norton Security\Engine\22.24.2.6\buShell.dll [2024-03-04] (NortonLifeLock Inc. -> Gen Digital Inc.)
ShellIconOverlayIdentifiers: [ OverlayProtected] -> {476D0EA3-80F9-48B5-B70B-05E677C9C148} => C:\Program Files\Norton Security\Engine\22.24.2.6\buShell.dll [2024-03-04] (NortonLifeLock Inc. -> Gen Digital Inc.)
ShellIconOverlayIdentifiers: [ShareOverlay] -> {594D4122-1F87-41E2-96C7-825FB4796516} => C:\Program Files\Classic Shell\ClassicExplorer64.dll [2018-07-15] (Ivaylo Beltchev -> IvoSoft) [File not signed]
ShellIconOverlayIdentifiers-x32: [ OverlayExcluded] -> {4433A54A-1AC8-432F-90FC-85F045CF383C} => C:\Program Files\Norton Security\Engine\22.24.2.6\buShell.dll [2024-03-04] (NortonLifeLock Inc. -> Gen Digital Inc.)
ShellIconOverlayIdentifiers-x32: [ OverlayPending] -> {F17C0B1E-EF8E-4AD4-8E1B-7D7E8CB23225} => C:\Program Files\Norton Security\Engine\22.24.2.6\buShell.dll [2024-03-04] (NortonLifeLock Inc. -> Gen Digital Inc.)
ShellIconOverlayIdentifiers-x32: [ OverlayProtected] -> {476D0EA3-80F9-48B5-B70B-05E677C9C148} => C:\Program Files\Norton Security\Engine\22.24.2.6\buShell.dll [2024-03-04] (NortonLifeLock Inc. -> Gen Digital Inc.)
ShellIconOverlayIdentifiers-x32: [ShareOverlay] -> {594D4122-1F87-41E2-96C7-825FB4796516} => C:\Program Files\Classic Shell\ClassicExplorer64.dll [2018-07-15] (Ivaylo Beltchev -> IvoSoft) [File not signed]
ContextMenuHandlers1: [BUContextMenu] -> {F7CAA2A1-67A2-44BB-B20F-202FD8EB1DAB} => C:\Program Files\Norton Security\Engine\22.24.2.6\buShell.dll [2024-03-04] (NortonLifeLock Inc. -> Gen Digital Inc.)
ContextMenuHandlers1: [NortonLifeLock.Norton.Antivirus.IEContextMenu] -> {FAD61B3D-699D-49B2-BE16-7F82CB4C59CA} => C:\Program Files\Norton Security\Engine\22.24.2.6\NavShExt.dll [2024-03-04] (NortonLifeLock Inc. -> Gen Digital Inc.)
ContextMenuHandlers2: [NortonLifeLock.Norton.Antivirus.IEContextMenu] -> {FAD61B3D-699D-49B2-BE16-7F82CB4C59CA} => C:\Program Files\Norton Security\Engine\22.24.2.6\NavShExt.dll [2024-03-04] (NortonLifeLock Inc. -> Gen Digital Inc.)
ContextMenuHandlers5: [igfxcui] -> {3AB1675A-CCFF-11D2-8B20-00A0C93CB1F4} => -> No File
ContextMenuHandlers5: [igfxDTCM] -> {9B5F5829-A529-4B12-814A-E81BCB8D93FC} => C:\WINDOWS\system32\igfxDTCM.dll [2017-03-17] (Microsoft Windows Hardware Compatibility Publisher -> Intel Corporation)
ContextMenuHandlers6: [BUContextMenu] -> {F7CAA2A1-67A2-44BB-B20F-202FD8EB1DAB} => C:\Program Files\Norton Security\Engine\22.24.2.6\buShell.dll [2024-03-04] (NortonLifeLock Inc. -> Gen Digital Inc.)
ContextMenuHandlers6: [NortonLifeLock.Norton.Antivirus.IEContextMenu] -> {FAD61B3D-699D-49B2-BE16-7F82CB4C59CA} => C:\Program Files\Norton Security\Engine\22.24.2.6\NavShExt.dll [2024-03-04] (NortonLifeLock Inc. -> Gen Digital Inc.)
ContextMenuHandlers6: [StartMenuExt] -> {E595F05F-903F-4318-8B0A-7F633B520D2B} => C:\WINDOWS\System32\StartMenuHelper64.dll [2018-07-15] (Ivaylo Beltchev -> IvoSoft) [File not signed]

==================== Codecs (Whitelisted) ====================

==================== Shortcuts & WMI ========================

==================== Loaded Modules (Whitelisted) =============

2018-07-15 12:15 - 2018-07-15 12:15 - 000885560 _____ (Ivaylo Beltchev -> IvoSoft) [File not signed] C:\Program Files\Classic Shell\ClassicExplorer64.dll
2018-07-15 12:15 - 2018-07-15 12:15 - 003664696 _____ (Ivaylo Beltchev -> IvoSoft) [File not signed] C:\Program Files\Classic Shell\ClassicStartMenuDLL.dll
2018-07-15 12:15 - 2018-07-15 12:15 - 000291128 _____ (Ivaylo Beltchev -> IvoSoft) [File not signed] C:\WINDOWS\System32\StartMenuHelper64.dll

==================== Alternate Data Streams (Whitelisted) ========

==================== Safe Mode (Whitelisted) ==================

==================== Association (Whitelisted) =================

==================== Internet Explorer (Whitelisted) ==========

BHO: ExplorerBHO Class -> {449D0D6E-2412-4E61-B68F-1CB625CD9E52} -> C:\Program Files\Classic Shell\ClassicExplorer64.dll [2018-07-15] (Ivaylo Beltchev -> IvoSoft) [File not signed]
BHO: Norton Password Manager -> {602ADB0E-4AFF-4217-8AA1-95DAC4DFA408} -> C:\Program Files\Norton Security\Engine\22.24.2.6\coIEPlg.dll [2024-03-04] (NortonLifeLock Inc. -> Gen Digital Inc.)
BHO: ClassicIEBHO Class -> {EA801577-E6AD-4BD5-8F71-4BE0154331A4} -> C:\Program Files\Classic Shell\ClassicIEDLL_64.dll [2018-07-15] (Ivaylo Beltchev -> IvoSoft) [File not signed]
BHO-x32: Skype for Business Browser Helper -> {31D09BA0-12F5-4CCE-BE8A-2923E76605DA} -> C:\Program Files\Microsoft Office\root\VFS\ProgramFilesX86\Microsoft Office\Office16\OCHelper.dll [2024-02-02] (Microsoft Corporation -> Microsoft Corporation)
BHO-x32: ExplorerBHO Class -> {449D0D6E-2412-4E61-B68F-1CB625CD9E52} -> C:\Program Files\Classic Shell\ClassicExplorer32.dll [2018-07-15] (Ivaylo Beltchev -> IvoSoft) [File not signed]
BHO-x32: Norton Password Manager -> {602ADB0E-4AFF-4217-8AA1-95DAC4DFA408} -> C:\Program Files\Norton Security\Engine32\22.24.2.6\coIEPlg.dll [2024-03-04] (NortonLifeLock Inc. -> Gen Digital Inc.)
BHO-x32: ClassicIEBHO Class -> {EA801577-E6AD-4BD5-8F71-4BE0154331A4} -> C:\Program Files\Classic Shell\ClassicIEDLL_32.dll [2018-07-15] (Ivaylo Beltchev -> IvoSoft) [File not signed]
Toolbar: HKLM - Classic Explorer Bar - {553891B7-A0D5-4526-BE18-D3CE461D6310} - C:\Program Files\Classic Shell\ClassicExplorer64.dll [2018-07-15] (Ivaylo Beltchev -> IvoSoft) [File not signed]
Toolbar: HKLM - Norton Toolbar - {7FEBEFE3-6B19-4349-98D2-FFB09D4B49CA} - C:\Program Files\Norton Security\Engine\22.24.2.6\coIEPlg.dll [2024-03-04] (NortonLifeLock Inc. -> Gen Digital Inc.)
Toolbar: HKLM-x32 - Classic Explorer Bar - {553891B7-A0D5-4526-BE18-D3CE461D6310} - C:\Program Files\Classic Shell\ClassicExplorer32.dll [2018-07-15] (Ivaylo Beltchev -> IvoSoft) [File not signed]
Toolbar: HKLM-x32 - Norton Toolbar - {7FEBEFE3-6B19-4349-98D2-FFB09D4B49CA} - C:\Program Files\Norton Security\Engine32\22.24.2.6\coIEPlg.dll [2024-03-04] (NortonLifeLock Inc. -> Gen Digital Inc.)
Handler: mso-minsb-roaming.16 - {83C25742-A9F7-49FB-9138-434302C88D07} - C:\Program Files\Microsoft Office\root\Office16\MSOSB.DLL [2024-03-08] (Microsoft Corporation -> Microsoft Corporation)
Handler-x32: mso-minsb-roaming.16 - {83C25742-A9F7-49FB-9138-434302C88D07} - C:\Program Files\Microsoft Office\root\VFS\ProgramFilesX86\Microsoft Office\Office16\MSOSB.DLL [2024-03-08] (Microsoft Corporation -> Microsoft Corporation)
Handler: mso-minsb.16 - {42089D2D-912D-4018-9087-2B87803E93FB} - C:\Program Files\Microsoft Office\root\Office16\MSOSB.DLL [2024-03-08] (Microsoft Corporation -> Microsoft Corporation)
Handler-x32: mso-minsb.16 - {42089D2D-912D-4018-9087-2B87803E93FB} - C:\Program Files\Microsoft Office\root\VFS\ProgramFilesX86\Microsoft Office\Office16\MSOSB.DLL [2024-03-08] (Microsoft Corporation -> Microsoft Corporation)
Handler: osf-roaming.16 - {42089D2D-912D-4018-9087-2B87803E93FB} - C:\Program Files\Microsoft Office\root\Office16\MSOSB.DLL [2024-03-08] (Microsoft Corporation -> Microsoft Corporation)
Handler-x32: osf-roaming.16 - {42089D2D-912D-4018-9087-2B87803E93FB} - C:\Program Files\Microsoft Office\root\VFS\ProgramFilesX86\Microsoft Office\Office16\MSOSB.DLL [2024-03-08] (Microsoft Corporation -> Microsoft Corporation)
Handler: osf.16 - {5504BE45-A83B-4808-900A-3A5C36E7F77A} - C:\Program Files\Microsoft Office\root\Office16\MSOSB.DLL [2024-03-08] (Microsoft Corporation -> Microsoft Corporation)
Handler-x32: osf.16 - {5504BE45-A83B-4808-900A-3A5C36E7F77A} - C:\Program Files\Microsoft Office\root\VFS\ProgramFilesX86\Microsoft Office\Office16\MSOSB.DLL [2024-03-08] (Microsoft Corporation -> Microsoft Corporation)

==================== Hosts content: =========================

(If needed Hosts: directive could be included in the fixlist to reset Hosts.)

2019-03-19 05:49 - 2019-03-19 05:49 - 000000824 ____N C:\WINDOWS\system32\drivers\etc\hosts

==================== Other Areas ===========================

(Currently there is no automatic fix for this section.)

HKU\S-1-5-21-1923603369-2117772092-1647322974-1002\Control Panel\Desktop\\Wallpaper -> C:\Windows\web\wallpaper\Windows\img0.jpg
DNS Servers: 192.168.0.1
HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Policies\System => (ConsentPromptBehaviorAdmin: 5) (ConsentPromptBehaviorUser: 3) (EnableLUA: 1)
Windows Firewall is enabled.

==================== MSCONFIG/TASK MANAGER disabled items ==

==================== FirewallRules (Whitelisted) ================

(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)

FirewallRules: [UDP Query User{188F4CD3-E864-4A20-A0DA-AE65354CF871}C:\windows\temp\files\bin\kmss.exe] => (Allow) C:\windows\temp\files\bin\kmss.exe => No File
FirewallRules: [TCP Query User{B3A8092D-1EEC-46CF-BC38-7F82727ABF9E}C:\windows\temp\files\bin\kmss.exe] => (Allow) C:\windows\temp\files\bin\kmss.exe => No File
FirewallRules: [{4C7D4AFD-D803-44C6-836C-99DF07C4798F}] => (Allow) C:\HP\Diagnostics\PSDR\HPDiagnosticCoreUI.exe (HP Inc. -> HP Development Company, L.P.)
FirewallRules: [{2A6113D6-A9F4-45DC-8548-858987F8E22F}] => (Allow) C:\HP\Diagnostics\PSDR\HPDiagnosticCoreUI.exe (HP Inc. -> HP Development Company, L.P.)
FirewallRules: [{29C83E97-712D-4539-9E76-4915A805AD09}] => (Allow) C:\Program Files (x86)\AVAST Software\Browser\Application\AvastBrowser.exe (Avast Software s.r.o. -> AVAST Software)
FirewallRules: [{2F5CDFF9-7B00-4E99-998C-F7761F5D13E4}] => (Allow) C:\Program Files\WindowsApps\Microsoft.SkypeApp_15.113.3210.0_x64__kzf8qxf38zg5c\Skype\Skype.exe (Skype Software Sarl -> Skype Technologies S.A.)
FirewallRules: [{0300FD26-388D-4C86-AC44-097EFC63DC9E}] => (Allow) C:\Program Files\WindowsApps\Microsoft.SkypeApp_15.113.3210.0_x64__kzf8qxf38zg5c\Skype\Skype.exe (Skype Software Sarl -> Skype Technologies S.A.)
FirewallRules: [{5F47255F-CC79-4D85-893F-1E011C03ACFE}] => (Allow) C:\Program Files\WindowsApps\Microsoft.SkypeApp_15.113.3210.0_x64__kzf8qxf38zg5c\Skype\Skype.exe (Skype Software Sarl -> Skype Technologies S.A.)
FirewallRules: [{7D74E078-D014-4779-B99D-1BCC40C16992}] => (Allow) C:\Program Files\WindowsApps\Microsoft.SkypeApp_15.113.3210.0_x64__kzf8qxf38zg5c\Skype\Skype.exe (Skype Software Sarl -> Skype Technologies S.A.)
FirewallRules: [{73F16F9C-F22C-451A-9208-6A9358AEC9A3}] => (Allow) C:\Program Files (x86)\Microsoft\EdgeWebView\Application\122.0.2365.80\msedgewebview2.exe (Microsoft Corporation -> Microsoft Corporation)

==================== Restore Points =========================

ATTENTION: System Restore is disabled (Total:110.72 GB) (Free:62.15 GB) (56%)

==================== Faulty Device Manager Devices ============


==================== Event log errors: ========================

Application errors:
==================
Error: (03/03/2024 08:52:58 AM) (Source: Application Hang) (EventID: 1002) (User: )
Description: Program explorer.exe verze 10.0.19041.4046 přestal spolupracovat s Windows a byl ukončen. Pokud chcete zjistit, jestli je k dispozici více informací o tomto problému, vyhledejte historii problému na ovládacím panelu Zabezpečení a údržba.

ID procesu: 1d78

Čas spuštění: 01da6d3fc21cc5a7

Čas ukončení: 0

Cesta k aplikaci: C:\Windows\explorer.exe

ID hlášení: 9a7179ce-80f9-4d02-92e8-3a3312152190

Úplný název balíčku s chybou:

ID aplikace relativní podle balíčku s chybou:

Typ zablokování: Unknown

Error: (03/03/2024 08:52:36 AM) (Source: Application Hang) (EventID: 1002) (User: )
Description: Program explorer.exe verze 10.0.19041.4046 přestal spolupracovat s Windows a byl ukončen. Pokud chcete zjistit, jestli je k dispozici více informací o tomto problému, vyhledejte historii problému na ovládacím panelu Zabezpečení a údržba.

ID procesu: 32b0

Čas spuštění: 01da6d3fac723b0b

Čas ukončení: 0

Cesta k aplikaci: C:\Windows\explorer.exe

ID hlášení: 3884432b-21a3-48fc-97fe-654df8a409c9

Úplný název balíčku s chybou:

ID aplikace relativní podle balíčku s chybou:

Typ zablokování: Unknown

Error: (03/03/2024 08:52:00 AM) (Source: Application Hang) (EventID: 1002) (User: )
Description: Program explorer.exe verze 10.0.19041.4046 přestal spolupracovat s Windows a byl ukončen. Pokud chcete zjistit, jestli je k dispozici více informací o tomto problému, vyhledejte historii problému na ovládacím panelu Zabezpečení a údržba.

ID procesu: 6a0

Čas spuštění: 01da6d3ef9ecbfa2

Čas ukončení: 0

Cesta k aplikaci: C:\Windows\explorer.exe

ID hlášení: 7f7c643d-109d-444a-ac4b-9d1214aa3184

Úplný název balíčku s chybou:

ID aplikace relativní podle balíčku s chybou:

Typ zablokování: Unknown

Error: (03/03/2024 08:47:00 AM) (Source: Application Hang) (EventID: 1002) (User: )
Description: Program explorer.exe verze 10.0.19041.4046 přestal spolupracovat s Windows a byl ukončen. Pokud chcete zjistit, jestli je k dispozici více informací o tomto problému, vyhledejte historii problému na ovládacím panelu Zabezpečení a údržba.

ID procesu: 1424

Čas spuštění: 01da6d3edfa5f80f

Čas ukončení: 0

Cesta k aplikaci: C:\Windows\explorer.exe

ID hlášení: 99d6891c-5807-44c4-8b2f-01a34a1deb54

Úplný název balíčku s chybou:

ID aplikace relativní podle balíčku s chybou:

Typ zablokování: Unknown

Error: (12/15/2023 08:13:29 AM) (Source: Application Hang) (EventID: 1002) (User: )
Description: Program explorer.exe verze 10.0.19041.3758 přestal spolupracovat s Windows a byl ukončen. Pokud chcete zjistit, jestli je k dispozici více informací o tomto problému, vyhledejte historii problému na ovládacím panelu Zabezpečení a údržba.

ID procesu: 2b18

Čas spuštění: 01da2f262ad3fd43

Čas ukončení: 0

Cesta k aplikaci: C:\Windows\explorer.exe

ID hlášení: 0a616d8f-2c66-4739-aa17-36a0b912e1f2

Úplný název balíčku s chybou:

ID aplikace relativní podle balíčku s chybou:

Typ zablokování: Unknown

Error: (12/15/2023 08:13:13 AM) (Source: Application Hang) (EventID: 1002) (User: )
Description: Program explorer.exe verze 10.0.19041.3758 přestal spolupracovat s Windows a byl ukončen. Pokud chcete zjistit, jestli je k dispozici více informací o tomto problému, vyhledejte historii problému na ovládacím panelu Zabezpečení a údržba.

ID procesu: 1e64

Čas spuštění: 01da2f261240af3b

Čas ukončení: 0

Cesta k aplikaci: C:\Windows\explorer.exe

ID hlášení: 7cf76394-e8ee-4298-a867-0403db083118

Úplný název balíčku s chybou:

ID aplikace relativní podle balíčku s chybou:

Typ zablokování: Unknown

Error: (08/05/2023 08:09:09 AM) (Source: Application Error) (EventID: 1000) (User: )
Description: Název chybující aplikace: NortonSecurity.exe, verze: 17.2.3.65, časové razítko: 0x61f2cd8e
Název chybujícího modulu: ntdll.dll, verze: 10.0.19041.3155, časové razítko: 0x5212ece5
Kód výjimky: 0xc000000d
Posun chyby: 0x00000000001123f4
ID chybujícího procesu: 0xc4c
Čas spuštění chybující aplikace: 0x01d9c43e826eb9a3
Cesta k chybující aplikaci: C:\Program Files\Norton Security\Engine\22.23.6.5\NortonSecurity.exe
Cesta k chybujícímu modulu: C:\WINDOWS\SYSTEM32\ntdll.dll
ID zprávy: b0c9baeb-1640-4b98-8175-d68d086b6332
Úplný název chybujícího balíčku:
ID aplikace související s chybujícím balíčkem:

Error: (07/13/2023 08:49:33 AM) (Source: Application Error) (EventID: 1000) (User: )
Description: Název chybující aplikace: wuauclt.exe, verze: 10.0.19041.3031, časové razítko: 0x35946a52
Název chybujícího modulu: KERNELBASE.dll, verze: 10.0.19041.3086, časové razítko: 0xe1ac3f79
Kód výjimky: 0xc0000409
Posun chyby: 0x000000000012d8b2
ID chybujícího procesu: 0x241c
Čas spuštění chybující aplikace: 0x01d9b55e4e83e070
Cesta k chybující aplikaci: C:\WINDOWS\system32\wuauclt.exe
Cesta k chybujícímu modulu: C:\WINDOWS\System32\KERNELBASE.dll
ID zprávy: 2487cec8-eb20-4a5f-a123-60d6babaa96e
Úplný název chybujícího balíčku:
ID aplikace související s chybujícím balíčkem:


System errors:
=============
Error: (03/08/2024 08:28:53 AM) (Source: EventLog) (EventID: 6008) (User: )
Description: Předchozí vypnutí systému (23:06:27, ‎07.‎03.‎2024) bylo neočekávané.

Error: (03/06/2024 08:28:45 AM) (Source: DCOM) (EventID: 10010) (User: DESKTOP-2Q63KIV)
Description: Server {5F7F3F7B-1177-4D4B-B1DB-BC6F671B8F25} se v daném časovém limitu neregistroval u služby DCOM.

Error: (03/05/2024 07:36:39 AM) (Source: EventLog) (EventID: 6008) (User: )
Description: Předchozí vypnutí systému (22:58:36, ‎04.‎03.‎2024) bylo neočekávané.

Error: (03/02/2024 01:46:36 PM) (Source: Microsoft-Windows-WindowsUpdateClient) (EventID: 20) (User: NT AUTHORITY)
Description: Instalace se nezdařila: Instalování následující aktualizace se nezdařilo z důvodu chyby (0x80073d02): 9NMPJ99VJBWV-Microsoft.YourPhone.

Error: (03/02/2024 09:14:09 AM) (Source: DCOM) (EventID: 10010) (User: DESKTOP-2Q63KIV)
Description: Server {FD06603A-2BDF-4BB1-B7DF-5DC68F353601} se v daném časovém limitu neregistroval u služby DCOM.

Error: (02/24/2024 02:54:11 PM) (Source: EventLog) (EventID: 6008) (User: )
Description: Předchozí vypnutí systému (12:31:54, ‎24.‎02.‎2024) bylo neočekávané.

Error: (02/23/2024 01:59:17 PM) (Source: EventLog) (EventID: 6008) (User: )
Description: Předchozí vypnutí systému (12:34:18, ‎23.‎02.‎2024) bylo neočekávané.

Error: (02/20/2024 08:33:55 AM) (Source: Microsoft-Windows-WindowsUpdateClient) (EventID: 20) (User: NT AUTHORITY)
Description: Instalace se nezdařila: Instalování následující aktualizace se nezdařilo z důvodu chyby (0x80073d02): 9NMPJ99VJBWV-Microsoft.YourPhone.


Windows Defender:
================
Date: 2022-03-17 15:09:24
Description:
Prohledávání Antivirová ochrana v programu Microsoft Defender bylo zastaveno před dokončením.
ID prohledávání: {03B7C605-9148-48FF-A097-FF0B13D2715E}
Typ prohledávání: Antimalwarový program
Parametry prohledávání: Rychlé prohledávání
Uživatel: NT AUTHORITY\SYSTEM

Date: 2022-03-17 09:26:19
Description:
Prohledávání Antivirová ochrana v programu Microsoft Defender bylo zastaveno před dokončením.
ID prohledávání: {64E76666-8112-48A5-9063-FDBD6B70AEB7}
Typ prohledávání: Antimalwarový program
Parametry prohledávání: Rychlé prohledávání
Uživatel: NT AUTHORITY\SYSTEM

Date: 2022-03-15 13:59:01
Description:
Prohledávání Antivirová ochrana v programu Microsoft Defender bylo zastaveno před dokončením.
ID prohledávání: {1643A8D5-194A-4624-A49C-F0EC2B771246}
Typ prohledávání: Antimalwarový program
Parametry prohledávání: Rychlé prohledávání
Uživatel: NT AUTHORITY\SYSTEM

Date: 2021-12-21 09:51:14
Description:
Prohledávání Antivirová ochrana v programu Microsoft Defender bylo zastaveno před dokončením.
ID prohledávání: {2887E489-F854-4E15-9527-8E66C369BFA2}
Typ prohledávání: Antimalwarový program
Parametry prohledávání: Rychlé prohledávání
Uživatel: NT AUTHORITY\SYSTEM

Date: 2021-12-20 11:21:29
Description:
Prohledávání Antivirová ochrana v programu Microsoft Defender bylo zastaveno před dokončením.
ID prohledávání: {B71A5AE0-BACB-4652-86DC-D6AED7D72963}
Typ prohledávání: Antimalwarový program
Parametry prohledávání: Rychlé prohledávání
Uživatel: NT AUTHORITY\SYSTEM
Event[0]:

Date: 2022-01-26 12:46:36
Description:
Antivirová ochrana v programu Microsoft Defender narazil na chybu při pokusu o aktualizaci bezpečnostních informací.
Nová verze bezpečnostních informací:
Předchozí verze bezpečnostních informací: 1.355.723.0
Zdroj aktualizace: Server Microsoft Update
Typ bezpečnostních informací: Antivirový program
Typ aktualizace: Úplné
Uživatel: NT AUTHORITY\SYSTEM
Aktuální verze modulu:
Předchozí verze modulu: 1.1.18800.4
Kód chyby: 0x8024001e
Popis chyby: Při zjišťování aktualizací došlo k neočekávaným potížím. Informace o instalaci nebo řešení potíží s aktualizacemi naleznete v nápovědě a podpoře.

CodeIntegrity:
===============
Date: 2024-03-12 17:53:09
Description:
Code Integrity determined that a process (\Device\HarddiskVolume2\Windows\System32\svchost.exe) attempted to load \Device\HarddiskVolume2\Program Files\Norton Security\Engine\22.24.2.6\symamsi.dll that did not meet the Windows signing level requirements.

Date: 2024-03-12 08:45:24
Description:
Code Integrity determined that a process (\Device\HarddiskVolume2\Windows\System32\SIHClient.exe) attempted to load \Device\HarddiskVolume2\Program Files\Norton Security\Engine\22.24.2.6\symamsi.dll that did not meet the Windows signing level requirements.


==================== Memory info ===========================

BIOS: American Megatrends Inc. FG 10/14/2014
Motherboard: Gigabyte Technology Co., Ltd. B85-HD3
Processor: Intel(R) Core(TM) i5-4590 CPU @ 3.30GHz
Percentage of memory in use: 27%
Total physical RAM: 16264.81 MB
Available physical RAM: 11762.06 MB
Total Virtual: 18696.81 MB
Available Virtual: 13801.59 MB

==================== Drives ================================

Drive c: () (Fixed) (Total:110.72 GB) (Free:62.15 GB) (Model: Patriot Burst) NTFS

\\?\Volume{a57ec2a4-0000-0000-0000-100000000000}\ (Rezervováno systémem) (Fixed) (Total:0.57 GB) (Free:0.15 GB) NTFS
\\?\Volume{a57ec2a4-0000-0000-0000-50d21b000000}\ () (Fixed) (Total:0.5 GB) (Free:0.08 GB) NTFS

==================== MBR & Partition Table ====================

==========================================================
Disk: 0 (MBR Code: Windows 7/8/10) (Size: 111.8 GB) (Disk ID: A57EC2A4)
Partition 1: (Active) - (Size=579 MB) - (Type=07 NTFS)
Partition 2: (Not Active) - (Size=110.7 GB) - (Type=07 NTFS)
Partition 3: (Not Active) - (Size=514 MB) - (Type=27)

==================== End of Addition.txt =======================

Scan result of Farbar Recovery Scan Tool (FRST) (x64) Version: 11.03.2024
Ran by Tradice (administrator) on DESKTOP-2Q63KIV (Gigabyte Technology Co., Ltd. B85-HD3) (12-03-2024 19:48:56)
Running from C:\Users\Tradi\Desktop\FRST64.exe
Loaded Profiles: Tradice
Platform: Microsoft Windows 10 Home Version 22H2 19045.4046 (X64) Language: Čeština (Česko)
Default browser: Edge
Boot Mode: Normal

==================== Processes (Whitelisted) =================

(If an entry is included in the fixlist, the process will be closed. The file will not be moved.)

(A-Volute SAS -> A-Volute) C:\Windows\System32\NhNotifSys.exe
(explorer.exe ->) (Avast Software s.r.o. -> AVAST Software) C:\Program Files (x86)\AVAST Software\Browser\Application\AvastBrowser.exe <11>
(explorer.exe ->) (CPUID -> CPUID) C:\Program Files\CPUID\HWMonitor\HWMonitor.exe
(explorer.exe ->) (Ivaylo Beltchev -> IvoSoft) [File not signed] C:\Program Files\Classic Shell\ClassicStartMenu.exe
(explorer.exe ->) (Microsoft Corporation -> Microsoft Corporation) C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe <7>
(explorer.exe ->) (ORPALIS S.A.S.U -> ORPALIS) C:\Program Files (x86)\ORPALIS\DocuVieware TWAIN Web Connector 2 (HTTPS)\DocuViewareTWAINServiceHTTPS.exe
(explorer.exe ->) (Realtek Semiconductor Corp -> Realtek Semiconductor) C:\Program Files\Realtek\Audio\HDA\RAVCpl64.exe
(Hewlett-Packard Company -> Hewlett-Packard) C:\Program Files (x86)\HP\HP Software Update\hpwuschd2.exe
(Intel(R) pGFX -> ) C:\Windows\System32\igfxTray.exe
(Intel(R) pGFX -> Intel Corporation) C:\Windows\System32\igfxEM.exe
(Intel(R) pGFX -> Intel Corporation) C:\Windows\System32\igfxHK.exe
(services.exe ->) (A-Volute SAS -> Nahimic) C:\Windows\System32\NahimicService.exe
(services.exe ->) (FOXIT SOFTWARE INC. -> Foxit Software Inc.) C:\Program Files (x86)\Foxit Software\Foxit PDF Reader\FoxitPDFReaderUpdateService.exe
(services.exe ->) (Intel(R) pGFX -> Intel Corporation) C:\Windows\System32\igfxCUIService.exe
(services.exe ->) (Microsoft Corporation -> Microsoft Corporation) C:\Program Files\Common Files\microsoft shared\ClickToRun\OfficeClickToRun.exe
(services.exe ->) (Microsoft Corporation -> Microsoft Corporation) C:\Windows\Microsoft.NET\Framework64\v3.0\WPF\PresentationFontCache.exe
(services.exe ->) (NortonLifeLock Inc. -> NortonLifelock Inc.) C:\Program Files\Norton Security\Engine\22.24.2.6\NortonSecurity.exe <2>
(services.exe ->) (NortonLifeLock Inc. -> NortonLifeLock Inc.) C:\Program Files\Norton Security\Engine\22.24.2.6\nsWscSvc.exe
(svchost.exe ->) (Microsoft Corporation -> Microsoft Corporation) C:\Users\Tradi\AppData\Local\Microsoft\OneDrive\24.025.0204.0003\FileCoAuth.exe
(svchost.exe ->) (Microsoft Windows -> Microsoft Corporation) C:\Windows\System32\dllhost.exe <3>
(svchost.exe ->) (Microsoft Windows -> Microsoft Corporation) C:\Windows\System32\MoUsoCoreWorker.exe
(svchost.exe ->) (Microsoft Windows -> Microsoft Corporation) C:\Windows\System32\smartscreen.exe

==================== Registry (Whitelisted) ===================

(If an entry is included in the fixlist, the registry item will be restored to default or removed. The file will not be moved.)

HKLM\...\Run: [Classic Start Menu] => C:\Program Files\Classic Shell\ClassicStartMenu.exe [163640 2018-07-15] (Ivaylo Beltchev -> IvoSoft) [File not signed]
HKLM\...\Run: [DocuVieware TWAIN Service] => C:\Program Files (x86)\ORPALIS\DocuVieware TWAIN Web Connector 2 (HTTPS)\DocuViewareTWAINServiceHTTPS.exe [22958712 2020-07-24] (ORPALIS S.A.S.U -> ORPALIS)
HKLM\...\Run: [RTHDVCPL] => C:\Program Files\Realtek\Audio\HDA\RAVCpl64.exe [13671792 2014-03-14] (Realtek Semiconductor Corp -> Realtek Semiconductor)
HKLM-x32\...\Run: [DocuVieware TWAIN Service] => C:\Program Files (x86)\ORPALIS\DocuVieware TWAIN Web Connector 2 (HTTPS)\DocuViewareTWAINServiceHTTPS.exe [22958712 2020-07-24] (ORPALIS S.A.S.U -> ORPALIS)
HKLM-x32\...\Run: [HP Software Update] => C:\Program Files (x86)\HP\HP Software Update\HPWuSchd2.exe [96056 2013-05-30] (Hewlett-Packard Company -> Hewlett-Packard)
HKLM-x32\...\Run: [] => [X]
HKLM\SOFTWARE\Microsoft\Windows Defender: [DisableAntiSpyware] Restriction <==== ATTENTION
HKLM\SOFTWARE\Microsoft\Windows Defender: [DisableAntiVirus] Restriction <==== ATTENTION
HKU\S-1-5-21-1923603369-2117772092-1647322974-1002\...\Run: [MicrosoftEdgeAutoLaunch_634E488E45D1D47E5E0ABA6F30E8B054] => "C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --no-startup-window --win-session-start [4060608 2024-03-07] (Microsoft Corporation -> Microsoft Corporation)
HKLM\...\Windows x64\Print Processors\hpzppw71: C:\Windows\System32\spool\prtprocs\x64\hpzppw71.dll [230400 2009-07-14] (Microsoft Windows -> Hewlett-Packard Corporation)
HKLM\...\Windows x64\Print Processors\TSKPPR: C:\Windows\System32\spool\prtprocs\x64\TSKppr.dll [92160 2020-09-16] (KONICA MINOLTA, INC. -> Monotype Imaging Inc.)
HKLM\...\Print\Monitors\Language monitor: C:\WINDOWS\system32\TSKMON.DLL [60928 2020-09-16] (KONICA MINOLTA, INC. -> Monotype Imaging Inc.)
HKLM\...\Print\Monitors\LIDIL hpzllw71: C:\WINDOWS\system32\hpzllw71.dll [53248 2009-07-14] (Microsoft Windows -> Hewlett-Packard Corporation)
HKLM\Software\Microsoft\Active Setup\Installed Components: [{A8504530-742B-42BC-895D-2BAD6406F698}] -> C:\Program Files (x86)\AVAST Software\Browser\Application\121.0.23992.186\Installer\chrmstp.exe [2024-02-21] (Avast Software s.r.o. -> AVAST Software)
HKLM\SOFTWARE\Policies\Mozilla\Firefox: Restriction <==== ATTENTION

==================== Scheduled Tasks (Whitelisted) =================

(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)

Task: {4EDD3E1E-53FA-4F5B-BF5F-EEBD6E726EB2} - System32\Tasks\Avast Secure Browser Heartbeat Task (Hourly) => C:\Program Files (x86)\AVAST Software\Browser\Application\AvastBrowser.exe [3117856 2024-02-16] (Avast Software s.r.o. -> AVAST Software)
Task: {2FC53D96-DA17-4D65-B4D7-73E4A534E399} - System32\Tasks\Avast Secure Browser Heartbeat Task (Logon) => C:\Program Files (x86)\AVAST Software\Browser\Application\AvastBrowser.exe [3117856 2024-02-16] (Avast Software s.r.o. -> AVAST Software)
Task: {70CB8A1B-9EB2-4DA7-987D-FE9CE084B100} - System32\Tasks\AvastBrowserProtectS-1-5-21-1923603369-2117772092-1647322974-1002 => C:\Program Files (x86)\AVAST Software\Browser\Application\AvastBrowserProtect.exe [1658776 2023-09-06] (Avast Software s.r.o. -> Avast Software) <==== ATTENTION
Task: {AA7204FD-329D-44A3-B354-E038B5A92B5E} - System32\Tasks\AvastUpdateTaskMachineCore => C:\Program Files (x86)\AVAST Software\Browser\Update\AvastBrowserUpdate.exe [191120 2022-12-13] (Avast Software s.r.o. -> AVAST Software)
Task: {434857E3-8CDA-4BA2-A427-2920CEFE8C9B} - System32\Tasks\AvastUpdateTaskMachineUA => C:\Program Files (x86)\AVAST Software\Browser\Update\AvastBrowserUpdate.exe [191120 2022-12-13] (Avast Software s.r.o. -> AVAST Software)
Task: {F014EBA5-DD1E-4E31-A5F9-CBCC30A5E4AD} - System32\Tasks\Microsoft\Office\Office Automatic Updates 2.0 => C:\Program Files\Common Files\Microsoft Shared\ClickToRun\OfficeC2RClient.exe [28491856 2024-03-08] (Microsoft Corporation -> Microsoft Corporation)
Task: {B4941955-E401-4E61-9F91-BFC763F42560} - System32\Tasks\Microsoft\Office\Office ClickToRun Service Monitor => C:\Program Files\Common Files\Microsoft Shared\ClickToRun\OfficeC2RClient.exe [28491856 2024-03-08] (Microsoft Corporation -> Microsoft Corporation)
Task: {005716BD-F320-4E04-ACCD-3E5256630748} - System32\Tasks\Microsoft\Office\Office Feature Updates => C:\Program Files\Microsoft Office\root\Office16\sdxhelper.exe [309320 2024-03-08] (Microsoft Corporation -> Microsoft Corporation)
Task: {37F776C8-38CE-4BB5-AD5F-576FAB86BF4C} - System32\Tasks\Microsoft\Office\Office Feature Updates Logon => C:\Program Files\Microsoft Office\root\Office16\sdxhelper.exe [309320 2024-03-08] (Microsoft Corporation -> Microsoft Corporation)
Task: {029278B0-8001-461C-A15B-7DDDCA695946} - System32\Tasks\Microsoft\Office\Office Performance Monitor => C:\Program Files\Microsoft Office\root\VFS\ProgramFilesCommonX64\Microsoft Shared\Office16\operfmon.exe [170024 2024-03-08] (Microsoft Corporation -> Microsoft Corporation)
Task: {59E0C654-F729-4F53-9C83-060577E0FCA6} - System32\Tasks\Norton 360\Norton 360 Autofix => C:\Program Files\Norton Security\Engine\22.24.2.6\SymErr.exe [379024 2024-03-04] (NortonLifeLock Inc. -> Gen Digital Inc.)
Task: {10F8DDC6-7DEC-49F3-9150-F1EF0BA68DE6} - System32\Tasks\Norton 360\Norton 360 Error Analyzer => C:\Program Files\Norton Security\Engine\22.24.2.6\SymErr.exe [379024 2024-03-04] (NortonLifeLock Inc. -> Gen Digital Inc.)
Task: {C4AE15FD-2688-437C-B285-DA7E701B8132} - System32\Tasks\Norton 360\Norton 360 Error Processor => C:\Program Files\Norton Security\Engine\22.24.2.6\SymErr.exe [379024 2024-03-04] (NortonLifeLock Inc. -> Gen Digital Inc.)
Task: {A90E6D94-11DF-40C7-ACBB-E4326E6D26F3} - System32\Tasks\Norton WSC Integration => C:\Program Files\Norton Security\Engine\22.24.2.6\WSCStub.exe [646520 2024-03-04] (NortonLifeLock Inc. -> NortonLifeLock Inc.)
Task: {7F5DE592-A593-4923-9374-7D9B3FDEF640} - System32\Tasks\Remediation\AntimalwareMigrationTask => C:\Program Files\Common Files\AV\Norton 360\Upgrade.exe [2353000 2024-03-04] (NortonLifeLock Inc. -> NortonLifeLock Inc.)

(If an entry is included in the fixlist, the task (.job) file will be moved. The file which is running by the task will not be moved.)


==================== Internet (Whitelisted) ====================

(If an item is included in the fixlist, if it is a registry item it will be removed or restored to default.)

Tcpip\Parameters: [DhcpNameServer] 192.168.0.1
Tcpip\..\Interfaces\{15ae8713-fd1d-4cbb-a6fd-4ee89e679d12}: [DhcpNameServer] 192.168.0.1
Tcpip\..\Interfaces\{2e641f15-7670-438f-9bc5-8c57832ee775}: [DhcpNameServer] 192.168.0.1

Edge:
=======
Edge DefaultProfile: Default
Edge Profile: C:\Users\Tradi\AppData\Local\Microsoft\Edge\User Data\Default [2024-03-12]
Edge DownloadDir: Default -> C:\Users\Tradi\Downloads
Edge Notifications: Default -> hxxps://www.facebook.com
Edge Extension: (Norton Safe Web) - C:\Users\Tradi\AppData\Local\Microsoft\Edge\User Data\Default\Extensions\bdaafgjhhjkdplpffldcncdignokfkbo [2023-12-21]
Edge Extension: (Dokumenty Google offline) - C:\Users\Tradi\AppData\Local\Microsoft\Edge\User Data\Default\Extensions\ghbmnnjooekpmoecnnnilnnbdlolhkhi [2024-03-07]
Edge Extension: (Edge relevant text changes) - C:\Users\Tradi\AppData\Local\Microsoft\Edge\User Data\Default\Extensions\jmjflgjpcpepeafmmgdpfkogkghcpiha [2024-02-03]

FireFox:
========
FF Plugin: @microsoft.com/SharePoint,version=14.0 -> C:\Program Files\Microsoft Office\root\Office16\NPSPWRAP.DLL [2024-02-02] (Microsoft Corporation -> Microsoft Corporation)
FF Plugin-x32: @foxitsoftware.com/Foxit Reader Plugin,version=1.0,application/pdf -> C:\Program Files (x86)\Foxit Software\Foxit PDF Reader\plugins\npFoxitPDFReaderPlugin.dll [2021-09-27] (FOXIT SOFTWARE INC. -> Foxit Corporation)
FF Plugin-x32: @foxitsoftware.com/Foxit Reader Plugin,version=1.0,application/vnd.cpdf -> C:\Program Files (x86)\Foxit Software\Foxit PDF Reader\plugins\npFoxitPDFReaderPlugin.dll [2021-09-27] (FOXIT SOFTWARE INC. -> Foxit Corporation)
FF Plugin-x32: @foxitsoftware.com/Foxit Reader Plugin,version=1.0,application/vnd.fdf -> C:\Program Files (x86)\Foxit Software\Foxit PDF Reader\plugins\npFoxitPDFReaderPlugin.dll [2021-09-27] (FOXIT SOFTWARE INC. -> Foxit Corporation)
FF Plugin-x32: @foxitsoftware.com/Foxit Reader Plugin,version=1.0,application/vnd.xdp -> C:\Program Files (x86)\Foxit Software\Foxit PDF Reader\plugins\npFoxitPDFReaderPlugin.dll [2021-09-27] (FOXIT SOFTWARE INC. -> Foxit Corporation)
FF Plugin-x32: @foxitsoftware.com/Foxit Reader Plugin,version=1.0,application/vnd.xfdf -> C:\Program Files (x86)\Foxit Software\Foxit PDF Reader\plugins\npFoxitPDFReaderPlugin.dll [2021-09-27] (FOXIT SOFTWARE INC. -> Foxit Corporation)
FF Plugin-x32: @microsoft.com/SharePoint,version=14.0 -> C:\Program Files\Microsoft Office\root\VFS\ProgramFilesX86\Microsoft Office\Office16\NPSPWRAP.DLL [2024-02-02] (Microsoft Corporation -> Microsoft Corporation)
FF Plugin-x32: @update.avastbrowser.com/Avast Browser;version=3 -> C:\Program Files (x86)\AVAST Software\Browser\Update\1.8.1579.3\npAvastBrowserUpdate3.dll [2022-12-13] (Avast Software s.r.o. -> AVAST Software)
FF Plugin-x32: @update.avastbrowser.com/Avast Browser;version=9 -> C:\Program Files (x86)\AVAST Software\Browser\Update\1.8.1579.3\npAvastBrowserUpdate3.dll [2022-12-13] (Avast Software s.r.o. -> AVAST Software)

==================== Services (Whitelisted) ===================

(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)

S2 avast; C:\Program Files (x86)\AVAST Software\Browser\Update\AvastBrowserUpdate.exe [191120 2022-12-13] (Avast Software s.r.o. -> AVAST Software)
S3 avastm; C:\Program Files (x86)\AVAST Software\Browser\Update\AvastBrowserUpdate.exe [191120 2022-12-13] (Avast Software s.r.o. -> AVAST Software)
S3 AvastSecureBrowserElevationService; C:\Program Files (x86)\AVAST Software\Browser\Application\121.0.23992.186\elevation_service.exe [1832224 2024-02-16] (Avast Software s.r.o. -> AVAST Software)
R2 ClickToRunSvc; C:\Program Files\Common Files\Microsoft Shared\ClickToRun\OfficeClickToRun.exe [14097992 2024-03-08] (Microsoft Corporation -> Microsoft Corporation)
R2 FoxitReaderUpdateService; C:\Program Files (x86)\Foxit Software\Foxit PDF Reader\FoxitPDFReaderUpdateService.exe [2363000 2021-09-24] (FOXIT SOFTWARE INC. -> Foxit Software Inc.)
R2 NahimicService; C:\WINDOWS\system32\NahimicService.exe [1888424 2021-10-08] (A-Volute SAS -> Nahimic)
S2 Net Driver HPZ12; C:\Windows\System32\HPZinw12.dll [71680 2010-08-06] (Hewlett-Packard) [File not signed]
R2 NortonSecurity; C:\Program Files\Norton Security\Engine\22.24.2.6\NortonSecurity.exe [344888 2024-03-04] (NortonLifeLock Inc. -> NortonLifelock Inc.)
R2 nsWscSvc; C:\Program Files\Norton Security\Engine\22.24.2.6\nsWscSvc.exe [1059176 2024-03-04] (NortonLifeLock Inc. -> NortonLifeLock Inc.)
S2 Pml Driver HPZ12; C:\Windows\System32\HPZipm12.dll [89600 2010-08-06] (Hewlett-Packard) [File not signed]
S3 WdNisSvc; C:\ProgramData\Microsoft\Windows Defender\Platform\4.18.2202.4-0\NisSrv.exe [3046608 2022-03-15] (Microsoft Windows Publisher -> Microsoft Corporation)
S3 WinDefend; C:\ProgramData\Microsoft\Windows Defender\Platform\4.18.2202.4-0\MsMpEng.exe [132504 2022-03-15] (Microsoft Windows Publisher -> Microsoft Corporation)

===================== Drivers (Whitelisted) ===================

(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)

R1 BHDrvx64; C:\Program Files\Norton Security\NortonData\22.22.2.10\Definitions\BASHDefs\20240311.001\BHDrvx64.sys [1706512 2023-09-26] (Microsoft Windows Hardware Compatibility Publisher -> Broadcom)
S3 BthA2dp; C:\WINDOWS\System32\drivers\BthA2dp.sys [279040 2019-12-07] (Microsoft Corporation) [File not signed]
S3 BthHFEnum; C:\WINDOWS\System32\drivers\bthhfenum.sys [144896 2019-12-07] (Microsoft Corporation) [File not signed]
R1 ccSet_NGC; C:\WINDOWS\System32\drivers\NGCx64\1618020.006\ccSetx64.sys [198288 2024-03-04] (Microsoft Windows Hardware Compatibility Publisher -> Broadcom)
R3 cpuz157; C:\WINDOWS\temp\cpuz157\cpuz157_x64.sys [43568 2024-03-10] (Microsoft Windows Hardware Compatibility Publisher -> CPUID) <==== ATTENTION
R1 eeCtrl; C:\Program Files (x86)\Common Files\Symantec Shared\EENGINE\eeCtrl64.sys [527864 2022-09-21] (Microsoft Windows Hardware Compatibility Publisher -> Broadcom)
R3 EraserUtilRebootDrv; C:\Program Files (x86)\Common Files\Symantec Shared\EENGINE\EraserUtilRebootDrv.sys [159720 2024-02-14] (Microsoft Windows Hardware Compatibility Publisher -> Broadcom)
R1 IDSVia64; C:\Program Files\Norton Security\NortonData\22.22.2.10\Definitions\IPSDefs\20240311.064\IDSvia64.sys [1554400 2023-10-19] (Microsoft Windows Hardware Compatibility Publisher -> Broadcom)
S3 Nahimic_Mirroring; C:\WINDOWS\System32\drivers\Nahimic_Mirroring.sys [85616 2021-08-13] (A-Volute -> Windows (R) Win 7 DDK provider)
S3 nsvst_NGC; C:\WINDOWS\System32\drivers\NGCx64\1618020.006\nsvst.sys [57120 2024-03-04] (NortonLifeLock Inc. -> NortonLifeLock Inc.)
R3 SRTSP; C:\WINDOWS\System32\drivers\NGCx64\1618020.006\SRTSP64.SYS [960640 2024-03-04] (Microsoft Windows Hardware Compatibility Publisher -> Broadcom)
R1 SRTSPX; C:\WINDOWS\System32\drivers\NGCx64\1618020.006\SRTSPX64.SYS [52864 2024-03-04] (Microsoft Windows Hardware Compatibility Publisher -> Broadcom)
R0 SymEFASI; C:\WINDOWS\System32\drivers\NGCx64\1618020.006\SYMEFASI64.SYS [2180248 2024-03-04] (Microsoft Windows Hardware Compatibility Publisher -> Broadcom)
S0 SymELAM; C:\WINDOWS\System32\drivers\NGCx64\1618020.006\SymELAM.sys [36016 2024-03-04] (Microsoft Windows Early Launch Anti-malware Publisher -> Broadcom)
R3 SymEvent; C:\WINDOWS\system32\Drivers\SYMEVENT64x86.SYS [100320 2022-05-20] (Microsoft Windows Hardware Compatibility Publisher -> Broadcom)
R3 SymEvnt; C:\Program Files\Norton Security\NortonData\22.22.2.10\SymPlatform\SymEvnt.sys [934912 2024-02-02] (Microsoft Windows Hardware Compatibility Publisher -> Broadcom)
R1 SymIRON; C:\WINDOWS\System32\drivers\NGCx64\1618020.006\Ironx64.SYS [306872 2024-03-04] (Microsoft Windows Hardware Compatibility Publisher -> Broadcom)
R1 SymNetS; C:\WINDOWS\System32\drivers\NGCx64\1618020.006\symnets.sys [492720 2024-03-04] (Microsoft Windows Hardware Compatibility Publisher -> Broadcom)
S3 usbscan; C:\WINDOWS\System32\drivers\usbscan.sys [49664 2022-07-15] (Microsoft Corporation) [File not signed]
S3 WdBoot; C:\WINDOWS\system32\drivers\wd\WdBoot.sys [49600 2022-03-15] (Microsoft Windows Early Launch Anti-malware Publisher -> Microsoft Corporation)
S3 WdFilter; C:\WINDOWS\system32\drivers\wd\WdFilter.sys [439544 2022-03-15] (Microsoft Windows -> Microsoft Corporation)
S3 WdNisDrv; C:\WINDOWS\System32\drivers\wd\WdNisDrv.sys [90360 2022-03-15] (Microsoft Windows -> Microsoft Corporation)
R1 wpCtrlDrv_NGC; C:\WINDOWS\System32\drivers\NGCx64\1618020.006\wpCtrlDrv.sys [1016792 2024-03-04] (NortonLifeLock Inc. -> NortonLifeLock Inc.)

==================== NetSvcs (Whitelisted) ===================

(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)


==================== One month (created) (Whitelisted) =========

(If an entry is included in the fixlist, the file/folder will be moved.)

2024-03-12 19:48 - 2024-03-12 19:49 - 000018651 _____ C:\Users\Tradi\Desktop\FRST.txt
2024-03-12 19:48 - 2024-03-12 19:49 - 000000000 ____D C:\FRST
2024-03-12 19:47 - 2024-03-12 19:47 - 002390528 _____ (Farbar) C:\Users\Tradi\Desktop\FRST64.exe
2024-03-12 17:40 - 2024-03-12 17:40 - 000000000 ____D C:\WINDOWS\system32\Tasks\Remediation
2024-03-10 15:05 - 2024-03-12 17:10 - 000000000 ____D C:\WINDOWS\system32\Tasks\Norton 360
2024-03-10 15:05 - 2024-03-10 21:35 - 000000000 ___RD C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Norton Security
2024-03-10 15:05 - 2024-03-10 15:05 - 000003374 _____ C:\WINDOWS\system32\Tasks\Norton WSC Integration
2024-03-08 08:52 - 2024-03-08 08:52 - 000000000 ____D C:\Program Files\Common Files\DESIGNER
2024-03-03 16:29 - 2024-03-03 16:29 - 109336944 _____ (AO Kaspersky Lab) C:\Users\Tradi\Downloads\KVRT.exe
2024-03-03 16:29 - 2024-03-03 16:29 - 000000000 ____D C:\KVRT2020_Data
2024-02-16 17:08 - 2024-02-16 17:08 - 000000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Kodi
2024-02-16 17:07 - 2024-02-16 17:07 - 082016143 _____ (XBMC Foundation) C:\Users\Tradi\Downloads\kodi-20.4-Nexus-x64.exe
2024-02-15 11:35 - 2024-02-15 11:35 - 000189044 _____ C:\Users\Tradi\Downloads\Paní Bajgarová ceník RESTART.pdf
2024-02-14 09:35 - 2024-02-14 09:35 - 000000000 ___HD C:\$WinREAgent
2024-02-14 09:33 - 2024-02-14 09:34 - 000000000 ____D C:\WINDOWS\LastGood.Tmp
2024-02-14 09:16 - 2024-02-14 09:16 - 000019697 _____ C:\WINDOWS\SysWOW64\IntegratedServicesRegionPolicySet.json
2024-02-14 09:15 - 2024-02-14 09:15 - 000019697 _____ C:\WINDOWS\system32\IntegratedServicesRegionPolicySet.json

==================== One month (modified) ==================

(If an entry is included in the fixlist, the file/folder will be moved.)

2024-03-12 19:45 - 2022-03-23 15:31 - 000000000 ____D C:\Users\Tradi\AppData\Local\Norton
2024-03-12 19:24 - 2020-09-13 10:03 - 000000000 ____D C:\Users\Tradi\AppData\Local\ClassicShell
2024-03-12 19:20 - 2019-12-07 10:14 - 000000000 ____D C:\ProgramData\regid.1991-06.com.microsoft
2024-03-12 18:06 - 2021-03-27 15:33 - 000000000 ____D C:\WINDOWS\system32\SleepStudy
2024-03-12 14:45 - 2022-07-25 13:07 - 000000000 ____D C:\Users\Tradi\AppData\Roaming\Kodi
2024-03-12 14:24 - 2020-09-11 11:01 - 000000180 _____ C:\WINDOWS\system32\{A6D608F0-0BDE-491A-97AE-5C4B05D86E01}.bat
2024-03-12 12:25 - 2022-08-22 13:19 - 000000000 ____D C:\Users\Tradi\AppData\LocalLow\Norton
2024-03-12 10:19 - 2023-10-05 07:13 - 000000000 ____D C:\Program Files\RUXIM
2024-03-12 08:56 - 2019-12-07 10:14 - 000000000 ____D C:\WINDOWS\AppReadiness
2024-03-10 21:35 - 2022-03-17 20:16 - 000002397 _____ C:\Users\Public\Desktop\Norton Security.lnk
2024-03-10 15:32 - 2022-01-26 12:49 - 000000000 ____D C:\Program Files\Common Files\AV
2024-03-10 15:05 - 2022-03-17 20:15 - 000000000 ____D C:\WINDOWS\system32\Drivers\NGCx64
2024-03-09 18:26 - 2019-12-07 10:14 - 000000000 ___HD C:\Program Files\WindowsApps
2024-03-09 18:23 - 2020-09-20 13:49 - 000002436 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Microsoft Edge.lnk
2024-03-09 18:23 - 2020-09-20 13:49 - 000002274 _____ C:\Users\Public\Desktop\Microsoft Edge.lnk
2024-03-08 08:51 - 2020-09-13 09:47 - 000000000 ____D C:\Program Files\Microsoft Office
2024-03-08 08:33 - 2021-03-27 15:41 - 001693136 _____ C:\WINDOWS\system32\PerfStringBackup.INI
2024-03-08 08:33 - 2019-12-07 15:41 - 000716602 _____ C:\WINDOWS\system32\perfh005.dat
2024-03-08 08:33 - 2019-12-07 15:41 - 000144780 _____ C:\WINDOWS\system32\perfc005.dat
2024-03-08 08:33 - 2019-12-07 10:13 - 000000000 ____D C:\WINDOWS\INF
2024-03-08 08:28 - 2021-03-27 15:38 - 000000006 ____H C:\WINDOWS\Tasks\SA.DAT
2024-03-08 08:28 - 2021-03-27 15:33 - 000008192 ___SH C:\DumpStack.log.tmp
2024-03-06 08:19 - 2021-12-11 13:47 - 000003592 _____ C:\WINDOWS\system32\Tasks\OneDrive Reporting Task-S-1-5-21-1923603369-2117772092-1647322974-1002
2024-03-06 08:19 - 2021-03-27 15:38 - 000003640 _____ C:\WINDOWS\system32\Tasks\MicrosoftEdgeUpdateTaskMachineUA
2024-03-06 08:19 - 2021-03-27 15:38 - 000003516 _____ C:\WINDOWS\system32\Tasks\MicrosoftEdgeUpdateTaskMachineCore
2024-03-06 08:19 - 2021-03-27 15:38 - 000003384 _____ C:\WINDOWS\system32\Tasks\OneDrive Standalone Update Task-S-1-5-21-1923603369-2117772092-1647322974-1002
2024-03-06 08:19 - 2021-03-27 15:09 - 000002381 _____ C:\Users\Tradi\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\OneDrive.lnk
2024-03-05 07:39 - 2019-12-07 10:03 - 000032768 _____ C:\WINDOWS\system32\config\ELAM
2024-03-04 14:41 - 2019-12-07 10:14 - 000000000 ____D C:\WINDOWS\system32\NDF
2024-03-03 16:26 - 2022-07-25 13:07 - 000000000 ____D C:\ProgramData\Package Cache
2024-02-27 10:44 - 2020-09-13 09:52 - 000000000 ____D C:\Users\Tradi\AppData\Roaming\Microsoft\Word
2024-02-24 08:56 - 2022-08-24 07:10 - 000000166 _____ C:\Users\Tradi\Desktop\DEKA.txt
2024-02-21 20:30 - 2021-12-24 07:20 - 000002498 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Avast Secure Browser.lnk
2024-02-21 20:30 - 2021-12-24 07:20 - 000002463 _____ C:\Users\Public\Desktop\Avast Secure Browser.lnk
2024-02-17 09:44 - 2021-09-30 16:45 - 000000000 ____D C:\Users\Tradi\AppData\Roaming\HpUpdate
2024-02-17 08:22 - 2020-09-11 11:10 - 000000000 ____D C:\Users\Tradi\AppData\Local\Packages
2024-02-17 08:22 - 2019-12-07 10:14 - 000000000 ___RD C:\WINDOWS\ImmersiveControlPanel
2024-02-16 17:08 - 2022-07-25 13:07 - 000000000 ____D C:\Program Files\Kodi
2024-02-15 23:04 - 2021-03-27 15:09 - 000000000 ____D C:\Users\Tradi
2024-02-14 09:34 - 2020-09-11 11:01 - 000000200 _____ C:\WINDOWS\system32\{EC94D02F-D200-4428-9531-05AF7F9799CB}.bat
2024-02-14 09:24 - 2021-03-27 15:33 - 000288000 _____ C:\WINDOWS\system32\FNTCACHE.DAT
2024-02-14 09:24 - 2019-12-07 10:03 - 000786432 _____ C:\WINDOWS\system32\config\BBI
2024-02-14 09:23 - 2019-12-07 10:14 - 000000000 ____D C:\WINDOWS\SysWOW64\WinMetadata
2024-02-14 09:23 - 2019-12-07 10:14 - 000000000 ____D C:\WINDOWS\SysWOW64\setup
2024-02-14 09:23 - 2019-12-07 10:14 - 000000000 ____D C:\WINDOWS\SystemResources
2024-02-14 09:23 - 2019-12-07 10:14 - 000000000 ____D C:\WINDOWS\system32\WinMetadata
2024-02-14 09:23 - 2019-12-07 10:14 - 000000000 ____D C:\WINDOWS\system32\setup
2024-02-14 09:23 - 2019-12-07 10:14 - 000000000 ____D C:\WINDOWS\system32\SecureBootUpdates
2024-02-14 09:23 - 2019-12-07 10:14 - 000000000 ____D C:\WINDOWS\system32\oobe
2024-02-14 09:23 - 2019-12-07 10:14 - 000000000 ____D C:\WINDOWS\system32\migwiz
2024-02-14 09:23 - 2019-12-07 10:14 - 000000000 ____D C:\WINDOWS\system32\appraiser
2024-02-14 09:23 - 2019-12-07 10:14 - 000000000 ____D C:\WINDOWS\ShellComponents
2024-02-14 09:23 - 2019-12-07 10:14 - 000000000 ____D C:\WINDOWS\bcastdvr
2024-02-14 09:19 - 2019-12-07 10:03 - 000000000 ____D C:\WINDOWS\CbsTemp
2024-02-14 09:15 - 2021-03-27 15:35 - 003016192 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\PrintConfig.dll
2024-02-14 09:02 - 2020-09-13 08:33 - 191155960 ____C (Microsoft Corporation) C:\WINDOWS\system32\MRT.exe
2024-02-14 09:02 - 2020-09-13 08:33 - 000000000 ____D C:\WINDOWS\system32\MRT

==================== SigCheck ============================

(There is no automatic fix for files that do not pass verification.)

==================== End of FRST.txt ========================

# -------------------------------
# Malwarebytes AdwCleaner 8.4.2.0
# -------------------------------
# Build: 03-04-2024
# Database: 2024-03-04.1 (Cloud)
# Support: https://www.malwarebytes.com/support
#
# -------------------------------
# Mode: Clean
# -------------------------------
# Start: 03-12-2024
# Duration: 00:00:00
# OS: Windows 10 (Build 19045.4046)
# Cleaned: 0
# Failed: 0


***** [ Services ] *****

No malicious services cleaned.

***** [ Folders ] *****

No malicious folders cleaned.

***** [ Files ] *****

No malicious files cleaned.

***** [ DLL ] *****

No malicious DLLs cleaned.

***** [ WMI ] *****

No malicious WMI cleaned.

***** [ Shortcuts ] *****

No malicious shortcuts cleaned.

***** [ Tasks ] *****

No malicious tasks cleaned.

***** [ Registry ] *****

No malicious registry entries cleaned.

***** [ Chromium (and derivatives) ] *****

No malicious Chromium entries cleaned.

***** [ Chromium URLs ] *****

No malicious Chromium URLs cleaned.

***** [ Firefox (and derivatives) ] *****

No malicious Firefox entries cleaned.

***** [ Firefox URLs ] *****

No malicious Firefox URLs cleaned.

***** [ Hosts File Entries ] *****

No malicious hosts file entries cleaned.

***** [ Preinstalled Software ] *****

No Preinstalled Software cleaned.


*************************

[+] Delete Tracing Keys
[+] Reset Winsock

*************************

AdwCleaner[S00].txt - [1420 octets] - [12/03/2024 19:55:49]

########## EOF - C:\AdwCleaner\Logs\AdwCleaner[C00].txt ##########

[Rudy]

ADW je OK. Otevřte poznámkový blok a zkopírujte do něj:

Start

CloseProcesses:
ContextMenuHandlers5: [igfxcui] -> {3AB1675A-CCFF-11D2-8B20-00A0C93CB1F4} => -> No File
Toolbar: HKLM - Classic Explorer Bar - {553891B7-A0D5-4526-BE18-D3CE461D6310} - C:\Program Files\Classic Shell\ClassicExplorer64.dll [2018-07-15] (Ivaylo Beltchev -> IvoSoft) [File not signed]
Toolbar: HKLM-x32 - Classic Explorer Bar - {553891B7-A0D5-4526-BE18-D3CE461D6310} - C:\Program Files\Classic Shell\ClassicExplorer32.dll [2018-07-15] (Ivaylo Beltchev -> IvoSoft) [File not signed]
FirewallRules: [UDP Query User{188F4CD3-E864-4A20-A0DA-AE65354CF871}C:\windows\temp\files\bin\kmss.exe] => (Allow) C:\windows\temp\files\bin\kmss.exe => No File
FirewallRules: [TCP Query User{B3A8092D-1EEC-46CF-BC38-7F82727ABF9E}C:\windows\temp\files\bin\kmss.exe] => (Allow) C:\windows\temp\files\bin\kmss.exe => No File
HKLM-x32\...\Run: [] => [X]
HKLM\SOFTWARE\Microsoft\Windows Defender: [DisableAntiSpyware] Restriction <==== ATTENTION
HKLM\SOFTWARE\Microsoft\Windows Defender: [DisableAntiVirus] Restriction <==== ATTENTION
HKLM\SOFTWARE\Policies\Mozilla\Firefox: Restriction <==== ATTENTION
R3 cpuz157; C:\WINDOWS\temp\cpuz157\cpuz157_x64.sys [43568 2024-03-10] (Microsoft Windows Hardware Compatibility Publisher -> CPUID) <==== ATTENTION
C:\DumpStack.log.tmp
C:\WINDOWS\system32\{A6D608F0-0BDE-491A-97AE-5C4B05D86E01}.bat
C:\WINDOWS\system32\{EC94D02F-D200-4428-9531-05AF7F9799CB}.bat

EmptyTemp:
End

Uložte na plochu jako fixlist.txt. Spusťte znovu FRST a klikněte na >Fix<. Po skončení akce se objeví log, který sem zkopírujte.

[pepezdepa]

Fix result of Farbar Recovery Scan Tool (x64) Version: 11.03.2024
Ran by Tradice (12-03-2024 21:10:27) Run:1
Running from C:\Users\Tradi\Desktop
Loaded Profiles: Tradice
Boot Mode: Normal
==============================================

fixlist content:
*****************
Start

CloseProcesses:
ContextMenuHandlers5: [igfxcui] -> {3AB1675A-CCFF-11D2-8B20-00A0C93CB1F4} => -> No File
Toolbar: HKLM - Classic Explorer Bar - {553891B7-A0D5-4526-BE18-D3CE461D6310} - C:\Program Files\Classic Shell\ClassicExplorer64.dll [2018-07-15] (Ivaylo Beltchev -> IvoSoft) [File not signed]
Toolbar: HKLM-x32 - Classic Explorer Bar - {553891B7-A0D5-4526-BE18-D3CE461D6310} - C:\Program Files\Classic Shell\ClassicExplorer32.dll [2018-07-15] (Ivaylo Beltchev -> IvoSoft) [File not signed]
FirewallRules: [UDP Query User{188F4CD3-E864-4A20-A0DA-AE65354CF871}C:\windows\temp\files\bin\kmss.exe] => (Allow) C:\windows\temp\files\bin\kmss.exe => No File
FirewallRules: [TCP Query User{B3A8092D-1EEC-46CF-BC38-7F82727ABF9E}C:\windows\temp\files\bin\kmss.exe] => (Allow) C:\windows\temp\files\bin\kmss.exe => No File
HKLM-x32\...\Run: [] => [X]
HKLM\SOFTWARE\Microsoft\Windows Defender: [DisableAntiSpyware] Restriction <==== ATTENTION
HKLM\SOFTWARE\Microsoft\Windows Defender: [DisableAntiVirus] Restriction <==== ATTENTION
HKLM\SOFTWARE\Policies\Mozilla\Firefox: Restriction <==== ATTENTION
R3 cpuz157; C:\WINDOWS\temp\cpuz157\cpuz157_x64.sys [43568 2024-03-10] (Microsoft Windows Hardware Compatibility Publisher -> CPUID) <==== ATTENTION
C:\DumpStack.log.tmp
C:\WINDOWS\system32\{A6D608F0-0BDE-491A-97AE-5C4B05D86E01}.bat
C:\WINDOWS\system32\{EC94D02F-D200-4428-9531-05AF7F9799CB}.bat

EmptyTemp:
End
*****************

Processes closed successfully.
HKLM\Software\Classes\Directory\Background\ShellEx\ContextMenuHandlers\igfxcui => removed successfully
"HKLM\SOFTWARE\Microsoft\Internet Explorer\Toolbar\\{553891B7-A0D5-4526-BE18-D3CE461D6310}" => removed successfully
HKLM\Software\Classes\CLSID\{553891B7-A0D5-4526-BE18-D3CE461D6310} => removed successfully
"HKLM\SOFTWARE\Wow6432Node\Microsoft\Internet Explorer\Toolbar\\{553891B7-A0D5-4526-BE18-D3CE461D6310}" => removed successfully
HKLM\Software\Wow6432Node\Classes\CLSID\{553891B7-A0D5-4526-BE18-D3CE461D6310} => removed successfully
"HKLM\SYSTEM\CurrentControlSet\services\SharedAccess\Parameters\FirewallPolicy\FirewallRules\\UDP Query User{188F4CD3-E864-4A20-A0DA-AE65354CF871}C:\windows\temp\files\bin\kmss.exe" => removed successfully
"HKLM\SYSTEM\CurrentControlSet\services\SharedAccess\Parameters\FirewallPolicy\FirewallRules\\TCP Query User{B3A8092D-1EEC-46CF-BC38-7F82727ABF9E}C:\windows\temp\files\bin\kmss.exe" => removed successfully
"HKLM\Software\WOW6432Node\Microsoft\Windows\CurrentVersion\Run\\" => removed successfully
HKLM\SOFTWARE\Microsoft\Windows Defender\\"DisableAntiSpyware"="0" => value restored successfully
HKLM\SOFTWARE\Microsoft\Windows Defender\\"DisableAntiVirus"="0" => value restored successfully
HKLM\SOFTWARE\Policies\Mozilla => removed successfully
cpuz157 => Service stopped successfully.
HKLM\System\CurrentControlSet\Services\cpuz157 => removed successfully
cpuz157 => service removed successfully
Could not move "C:\DumpStack.log.tmp" => Scheduled to move on reboot.
C:\WINDOWS\system32\{A6D608F0-0BDE-491A-97AE-5C4B05D86E01}.bat => moved successfully
C:\WINDOWS\system32\{EC94D02F-D200-4428-9531-05AF7F9799CB}.bat => moved successfully

=========== EmptyTemp: ==========

FlushDNS => completed
BITS transfer queue => 1310720 B
DOMStore, IE Recovery, AppCache, Feeds Cache, Thumbcache, IconCache => 90934908 B
Java, Discord, Steam htmlcache, WinHttpAutoProxySvc/winhttp *.cache => 0 B
Windows/system/drivers => 10779340 B
Edge => 0 B
Firefox => 0 B
Opera => 0 B

Temp, IE cache, history, cookies, recent:
Default => 0 B
ProgramData => 0 B
Public => 0 B
systemprofile => 0 B
systemprofile32 => 0 B
LocalService => 1017428 B
NetworkService => 1428088 B
defaultuser0 => 1435256 B
Tradi => 48608886 B

RecycleBin => 0 B
EmptyTemp: => 148.3 MB temporary data Removed.

================================

Result of scheduled files to move (Boot Mode: Normal) (Date&Time: 12-03-2024 21:11:14)

C:\DumpStack.log.tmp => Could not move

==== End of Fixlog 21:11:14 ====