VIRY.CZ

Pomáháme v boji s počítačovou havěti!
https://forum.viry.cz:443/

kontrola logu

https://forum.viry.cz:443/viewtopic.php?t=159693

Stránka 1 z 1

kontrola logu

Napsal: 08 črc 2024 19:53
od Buranek
Scan result of Farbar Recovery Scan Tool (FRST) (x64) Version: 01.07.2024
Ran by sern (administrator) on KATANA (Micro-Star International Co., Ltd. Katana 15 B12VFK) (08-07-2024 20:50:13)
Running from D:\Stažené soubory\FRST64.exe
Loaded Profiles: sern
Platform: Microsoft Windows 11 Pro Version 23H2 22631.3737 (X64) Language: Čeština (Česko)
Default browser: Chrome
Boot Mode: Normal

==================== Processes (Whitelisted) =================

(If an entry is included in the fixlist, the process will be closed. The file will not be moved.)

(A225F3B5-240D-4EE9-BCF4-697A07F5E93E -> Micro-Star INT'L CO., LTD.) C:\Program Files\WindowsApps\9426MICRO-STARINTERNATION.MSICenter_2.0.38.0_x64__kzh8wxbdkxb8p\DCv2\DCv2.exe
(A-Volute SAS -> A-Volute) C:\Windows\System32\NhNotifSys.exe
(C:\Program Files (x86)\MSI\MSI Center\MSI_Central_Service.exe ->) (MICRO-STAR INTERNATIONAL CO., LTD. -> Micro-Star Int'l Co., Ltd.) C:\Program Files (x86)\MSI\MSI Center\MSI.CentralServer.exe
(C:\Program Files\Autodesk\AdODIS\V1\Access\AdskAccessCore.exe ->) (Autodesk, Inc. -> Autodesk, Inc.) C:\Program Files\Autodesk\AdODIS\V1\Setup\ui-launcher\AdskAccessUIHost.exe <4>
(C:\Program Files\Autodesk\AdODIS\V1\Access\AdskAccessCore.exe ->) (Autodesk, Inc. -> Autodesk, Inc.) C:\Program Files\Autodesk\AdskIdentityManager\1.11.9.11\AdskIdentityManager.exe
(C:\Program Files\Google\Drive File Stream\92.0.1.0\GoogleDriveFS.exe ->) (Google LLC -> ) C:\Program Files\Google\Drive File Stream\92.0.1.0\crashpad_handler.exe
(C:\Program Files\Google\Drive File Stream\92.0.1.0\GoogleDriveFS.exe ->) (Google LLC -> Google, Inc.) C:\Program Files\Google\Drive File Stream\93.0.1.0\GoogleDriveFS.exe <6>
(C:\Program Files\Google\Drive File Stream\93.0.1.0\GoogleDriveFS.exe ->) (Google LLC -> ) C:\Program Files\Google\Drive File Stream\93.0.1.0\crashpad_handler.exe
(C:\Program Files\NVIDIA Corporation\NvContainer\nvcontainer.exe ->) (NVIDIA Corporation -> NVIDIA Corporation) C:\Program Files\NVIDIA Corporation\NVIDIA GeForce Experience\NVIDIA Share.exe <3>
(C:\Program Files\NVIDIA Corporation\NvContainer\nvcontainer.exe ->) (NVIDIA Corporation -> NVIDIA Corporation) C:\Program Files\NVIDIA Corporation\ShadowPlay\nvsphelper64.exe
(C:\Program Files\WindowsApps\MSTeams_24152.415.2975.367_x64__8wekyb3d8bbwe\ms-teams.exe ->) (Microsoft Corporation -> Microsoft Corporation) C:\Program Files (x86)\Microsoft\EdgeWebView\Application\126.0.2592.87\msedgewebview2.exe <15>
(C:\Users\sern\AppData\Roaming\BitTorrent Web\btweb.exe ->) (BitTorrent Inc -> BitTorrent Inc.) C:\Users\sern\AppData\Roaming\BitTorrent Web\helper\helper.exe
(D:\Program Files (x86)\Steam\steam.exe ->) (Valve Corp. -> Valve Corporation) D:\Program Files (x86)\Steam\bin\cef\cef.win7x64\steamwebhelper.exe <8>
(DriverStore\FileRepository\ipf_cpu.inf_amd64_b25cc008923a9297\ipf_uf.exe ->) (Intel Corporation -> Intel Corporation) C:\Windows\System32\DriverStore\FileRepository\ipf_cpu.inf_amd64_b25cc008923a9297\ipf_helper.exe
(explorer.exe ->) (Autodesk, Inc. -> Autodesk, Inc.) C:\Program Files\Autodesk\AdODIS\V1\Access\AdskAccessCore.exe
(explorer.exe ->) (BitTorrent Inc -> BitTorrent Limited) C:\Users\sern\AppData\Roaming\BitTorrent Web\btweb.exe
(explorer.exe ->) (Google LLC -> Google LLC) C:\Program Files\Google\Chrome\Application\chrome.exe <27>
(explorer.exe ->) (Google LLC -> Google, Inc.) C:\Program Files\Google\Drive File Stream\92.0.1.0\GoogleDriveFS.exe
(explorer.exe ->) (Microsoft Corporation -> Microsoft Corporation) C:\Program Files\Microsoft OneDrive\24.116.0609.0005\Microsoft.SharePoint.exe
(explorer.exe ->) (Microsoft Corporation -> Microsoft Corporation) C:\Program Files\Microsoft OneDrive\OneDrive.exe
(explorer.exe ->) (Valve Corp. -> Valve Corporation) D:\Program Files (x86)\Steam\steam.exe
(Microsoft Corporation -> Microsoft Corporation) C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe <5>
(Microsoft Corporation -> Microsoft Corporation) C:\Program Files\WindowsApps\MSTeams_24152.415.2975.367_x64__8wekyb3d8bbwe\ms-teams.exe
(NVIDIA Corporation -> Node.js) C:\Program Files (x86)\NVIDIA Corporation\NvNode\NVIDIA Web Helper.exe
(PIRIFORM SOFTWARE LIMITED -> Piriform Software Ltd) C:\Program Files\CCleaner\CCleaner64.exe
(services.exe ->) (Autodesk, Inc. -> Autodesk, Inc.) C:\Program Files\Autodesk\AdODIS\V1\Setup\AdskAccessServiceHost.exe
(services.exe ->) (A-Volute SAS -> Nahimic) C:\Windows\System32\NahimicService.exe
(services.exe ->) (CyberLink Corp. -> CyberLink) C:\Program Files\CyberLink\Shared files\RichVideo64.exe
(services.exe ->) (Flexera Software LLC -> Flexera) C:\Program Files\Common Files\Macrovision Shared\FlexNet Publisher\FNPLicensingService64.exe
(services.exe ->) (Intel Corporation -> Intel Corporation) C:\Windows\System32\DriverStore\FileRepository\dal.inf_amd64_af50fdb80983f7bc\jhi_service.exe
(services.exe ->) (Intel Corporation -> Intel Corporation) C:\Windows\System32\DriverStore\FileRepository\iastorvd.inf_amd64_346bd04e375689ec\RstMwService.exe
(services.exe ->) (Intel Corporation -> Intel Corporation) C:\Windows\System32\DriverStore\FileRepository\ipf_cpu.inf_amd64_b25cc008923a9297\ipf_uf.exe
(services.exe ->) (Intel Corporation -> Intel Corporation) C:\Windows\System32\DriverStore\FileRepository\mewmiprov.inf_amd64_d51901c26227fb29\WMIRegistrationService.exe
(services.exe ->) (Intel Corporation -> Intel) C:\Windows\System32\DriverStore\FileRepository\intcoed.inf_amd64_6f0a892deb241071\AS\IAS\IntelAudioService.exe
(services.exe ->) (Microsoft Corporation -> Microsoft Corporation) C:\Program Files\Common Files\microsoft shared\ClickToRun\OfficeClickToRun.exe
(services.exe ->) (Microsoft Windows Hardware Compatibility Publisher -> Intel Corporation) C:\Windows\System32\DriverStore\FileRepository\igcc_dch.inf_amd64_4e93878658043b21\OneApp.IGCC.WinService.exe
(services.exe ->) (Microsoft Windows Hardware Compatibility Publisher -> Intel Corporation) C:\Windows\System32\DriverStore\FileRepository\iigd_dch.inf_amd64_5b1252b3763da959\IntelCpHDCPSvc.exe
(services.exe ->) (Microsoft Windows Publisher -> Microsoft Corporation) C:\ProgramData\Microsoft\Windows Defender\Platform\4.18.24050.7-0\MpDefenderCoreService.exe
(services.exe ->) (Microsoft Windows Publisher -> Microsoft Corporation) C:\ProgramData\Microsoft\Windows Defender\Platform\4.18.24050.7-0\MsMpEng.exe
(services.exe ->) (Microsoft Windows Publisher -> Microsoft Corporation) C:\ProgramData\Microsoft\Windows Defender\Platform\4.18.24050.7-0\NisSrv.exe
(services.exe ->) (Micro-Star International CO., LTD. -> ) C:\Program Files (x86)\MSI\MSI NBFoundation Service\Sendevsvc.exe
(services.exe ->) (Micro-Star International CO., LTD. -> Micro-Star International Co., Ltd.) C:\Program Files (x86)\MSI\MSI NBFoundation Service\MSIAPService.exe
(services.exe ->) (Micro-Star International CO., LTD. -> Micro-Star International Co., Ltd.) C:\Windows\SysWOW64\MSIService.exe
(services.exe ->) (MICRO-STAR INTERNATIONAL CO., LTD. -> Micro-Star Int'l Co., Ltd.) C:\Program Files (x86)\MSI\MSI Center\MSI_Central_Service.exe
(services.exe ->) (MICRO-STAR INTERNATIONAL CO., LTD. -> Micro-Star INT'L CO., LTD.) C:\Program Files (x86)\MSI\MSI Center\Voice Control\VoiceControl_Service.exe
(services.exe ->) (NVIDIA Corporation -> NVIDIA Corporation) C:\Program Files\NVIDIA Corporation\NvContainer\nvcontainer.exe <3>
(services.exe ->) (NVIDIA Corporation -> NVIDIA Corporation) C:\Windows\System32\DriverStore\FileRepository\nvmiig.inf_amd64_7bbded0afca8813b\Display.NvContainer\NVDisplay.Container.exe <2>
(services.exe ->) (Realtek Semiconductor Corp. -> Realtek Semiconductor) C:\Windows\System32\DriverStore\FileRepository\realtekservice.inf_amd64_0def78d8fd7b6e2b\RtkAudUService64.exe <2>
(services.exe ->) (Valve Corp. -> Valve Corporation) C:\Program Files (x86)\Common Files\Steam\steamservice.exe
(svchost.exe ->) (CyberLink Corp. -> CyberLink Corp.) C:\Program Files (x86)\CyberLink\Shared files\PDStyleAgent\PDStyleAgent.exe
(svchost.exe ->) (Microsoft Corporation -> Microsoft Corporation) C:\Program Files\Microsoft OneDrive\24.116.0609.0005\FileCoAuth.exe
(svchost.exe ->) (Microsoft Windows -> Microsoft Corporation) C:\Program Files\WindowsApps\MicrosoftWindows.Client.WebExperience_524.13200.30.0_x64__cw5n1h2txyewy\Dashboard\WidgetService.exe
(svchost.exe ->) (Microsoft Windows -> Microsoft Corporation) C:\Windows\ImmersiveControlPanel\SystemSettings.exe
(svchost.exe ->) (Microsoft Windows -> Microsoft Corporation) C:\Windows\System32\dllhost.exe <2>
(svchost.exe ->) (Microsoft Windows -> Microsoft Corporation) C:\Windows\System32\LocationNotificationWindows.exe
(svchost.exe ->) (Microsoft Windows -> Microsoft Corporation) C:\Windows\System32\smartscreen.exe
(svchost.exe ->) (Microsoft Windows -> Microsoft Corporation) C:\Windows\System32\wlanext.exe
(svchost.exe ->) (Microsoft Windows -> Microsoft Corporation) C:\Windows\SystemApps\Microsoft.Windows.AppRep.ChxApp_cw5n1h2txyewy\CHXSmartScreen.exe
(svchost.exe ->) (Microsoft Windows -> Microsoft Corporation) C:\Windows\UUS\Packages\Preview\amd64\MoUsoCoreWorker.exe
(svchost.exe ->) (Micro-Star International CO., LTD. -> Micro-Star International Co., Ltd.) C:\Program Files (x86)\MSI\MSI NBFoundation Service\OmApSvcBroker.exe
(svchost.exe ->) (MICRO-STAR INTERNATIONAL CO., LTD. -> Micro-Star Int'l Co., Ltd.) C:\Program Files (x86)\MSI\MSI Center\MSI.TerminalServer.exe
(svchost.exe ->) (MICRO-STAR INTERNATIONAL CO., LTD. -> Micro-Star INT'L CO., LTD.) C:\Program Files (x86)\MSI\MSI Center\Voice Control\VoiceControl_Engine.exe

==================== Registry (Whitelisted) ===================

(If an entry is included in the fixlist, the registry item will be restored to default or removed. The file will not be moved.)

HKLM\...\Run: [RtkAudUService] => C:\Windows\System32\DriverStore\FileRepository\realtekservice.inf_amd64_0def78d8fd7b6e2b\RtkAudUService64.exe [1974728 2024-04-08] (Realtek Semiconductor Corp. -> Realtek Semiconductor)
HKLM\...\Run: [Autodesk Access] => C:\Program Files\Autodesk\AdODIS\V1\Access\AdskAccessCore.exe [21229344 2024-04-16] (Autodesk, Inc. -> Autodesk, Inc.)
HKLM-x32\...\Run: [TeamsMachineInstaller] => C:\Program Files (x86)\Teams Installer\Teams.exe [142414712 2023-08-29] (Microsoft Corporation -> Microsoft Corporation)
HKU\S-1-5-19\...\Run: [GoogleDriveFS] => C:\Program Files\Google\Drive File Stream\93.0.1.0\GoogleDriveFS.exe [61643040 2024-07-08] (Google LLC -> Google, Inc.)
HKU\S-1-5-20\...\Run: [GoogleDriveFS] => C:\Program Files\Google\Drive File Stream\93.0.1.0\GoogleDriveFS.exe [61643040 2024-07-08] (Google LLC -> Google, Inc.)
HKU\S-1-5-21-2758214187-3853810005-2688088550-1001\...\Run: [MicrosoftEdgeAutoLaunch_8B5ED86351D1048DC4CB584E025CA08C] => "C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --no-startup-window --win-session-start [3883472 2024-07-01] (Microsoft Corporation -> Microsoft Corporation)
HKU\S-1-5-21-2758214187-3853810005-2688088550-1001\...\Run: [OneDrive] => C:\Program Files\Microsoft OneDrive\OneDrive.exe [4905504 2024-06-30] (Microsoft Corporation -> Microsoft Corporation)
HKU\S-1-5-21-2758214187-3853810005-2688088550-1001\...\Run: [Steam] => D:\Program Files (x86)\Steam\steam.exe [4407656 2024-06-20] (Valve Corp. -> Valve Corporation)
HKU\S-1-5-21-2758214187-3853810005-2688088550-1001\...\Run: [com.squirrel.Teams.Teams] => C:\Users\sern\AppData\Local\Microsoft\Teams\Update.exe [2593856 2024-05-25] (Microsoft 3rd Party Application Component -> Microsoft Corporation)
HKU\S-1-5-21-2758214187-3853810005-2688088550-1001\...\Run: [CCleaner Smart Cleaning] => C:\Program Files\CCleaner\CCleaner64.exe [45629344 2024-06-26] (PIRIFORM SOFTWARE LIMITED -> Piriform Software Ltd)
HKU\S-1-5-21-2758214187-3853810005-2688088550-1001\...\Run: [EPLTarget\P0000000000000000] => C:\Windows\system32\spool\DRIVERS\x64\3\E_YATISBE.EXE /EPT "EPLTarget\P0000000000000000" /M "WF-7710 Series" (No File)
HKU\S-1-5-21-2758214187-3853810005-2688088550-1001\...\Run: [btweb] => C:\Users\sern\AppData\Roaming\BitTorrent Web\btweb.exe [6473736 2023-12-07] (BitTorrent Inc -> BitTorrent Limited)
HKU\S-1-5-21-2758214187-3853810005-2688088550-1001\...\Run: [GoogleDriveFS] => C:\Program Files\Google\Drive File Stream\93.0.1.0\GoogleDriveFS.exe [61643040 2024-07-08] (Google LLC -> Google, Inc.)
HKU\S-1-5-21-2758214187-3853810005-2688088550-1001\...\Run: [Microsoft.Lists] => C:\Program Files\Microsoft OneDrive\24.116.0609.0005\Microsoft.SharePoint.exe [1025552 2024-06-30] (Microsoft Corporation -> Microsoft Corporation)
HKU\S-1-5-18\...\Run: [GoogleDriveFS] => C:\Program Files\Google\Drive File Stream\93.0.1.0\GoogleDriveFS.exe [61643040 2024-07-08] (Google LLC -> Google, Inc.)
HKLM\...\Print\Monitors\EPSON PC-FAX Driver2 64Monitor: C:\Windows\system32\EFXLM16A.DLL [182784 2023-07-20] (SEIKO EPSON CORPORATION) [File not signed]
HKLM\...\Print\Monitors\EPSON WF-7710 Series 64MonitorBE: C:\Windows\system32\E_YLMBSBE.DLL [187392 2018-06-14] (Seiko Epson Corporation) [File not signed]
HKLM\Software\Microsoft\Active Setup\Installed Components: [{8A69D345-D564-463c-AFF1-A69D9E530F96}] -> C:\Program Files\Google\Chrome\Application\126.0.6478.127\Installer\chrmstp.exe [2024-06-27] (Google LLC -> Google LLC)

==================== Scheduled Tasks (Whitelisted) =================

(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)

Task: {03318CC8-B53B-4496-94E0-F112EA80EFD9} - System32\Tasks\CCleaner Update => C:\Program Files\CCleaner\CCUpdate.exe [714256 2024-06-26] (PIRIFORM SOFTWARE LIMITED -> Piriform Software Ltd)
Task: {4AA4161B-8B6E-4BE6-A68C-47C164FA57A6} - System32\Tasks\CCleanerCrashReporting => C:\Program Files\CCleaner\CCleanerBugReport.exe [5074848 2024-06-26] (PIRIFORM SOFTWARE LIMITED -> Gen Digital Inc. All rights reserved.) -> --product 90 --send dumps|report --path "C:\Program Files\CCleaner\LOG" --programpath "C:\Program Files\CCleaner" --guid "74b63197-13d5-47eb-b31a-87269d4372ec" --version "6.25.11131" --silent
Task: {4C2B9EDE-8B58-49BF-BEBA-F0AE818C996A} - System32\Tasks\CCleanerSkipUAC - sern => C:\Program Files\CCleaner\CCleaner.exe [39451552 2024-06-26] (PIRIFORM SOFTWARE LIMITED -> Piriform Software Ltd)
Task: {7CB51A97-69A6-45DF-B459-3D7D2A497D55} - System32\Tasks\CLToast => C:\Program Files (x86)\CyberLink\Shared files\CLToast.exe [2317064 2024-03-14] (CyberLink Corp. -> )
Task: {3693C901-93C8-4957-8D99-2BE75CF53E8F} - System32\Tasks\CLToastRun => C:\Program Files (x86)\CyberLink\Shared files\CLToast.exe [2317064 2024-03-14] (CyberLink Corp. -> )
Task: {0699F10C-283A-4E68-BA0C-43593AD89AEF} - System32\Tasks\GoogleSystem\GoogleUpdater\GoogleUpdaterTaskSystem128.0.6537.0{FDD1E41C-46A5-460B-95C6-D6C0F15C8829} => C:\Program Files (x86)\Google\GoogleUpdater\128.0.6537.0\updater.exe [4623976 2024-06-13] (Google LLC -> Google LLC)
Task: {34E478C6-E683-4786-B91C-6E261C3E8430} - System32\Tasks\Microsoft\Office\Office Automatic Updates 2.0 => C:\Program Files\Common Files\Microsoft Shared\ClickToRun\OfficeC2RClient.exe [28512448 2024-06-26] (Microsoft Corporation -> Microsoft Corporation)
Task: {284AB1A0-D701-446A-98E2-1F56287BFB3F} - System32\Tasks\Microsoft\Office\Office ClickToRun Service Monitor => C:\Program Files\Common Files\Microsoft Shared\ClickToRun\OfficeC2RClient.exe [28512448 2024-06-26] (Microsoft Corporation -> Microsoft Corporation)
Task: {CC4B7EAA-2581-4FBC-A37F-624B1F178B1A} - System32\Tasks\Microsoft\Office\Office Feature Updates => C:\Program Files\Microsoft Office\root\Office16\sdxhelper.exe [309696 2024-06-30] (Microsoft Corporation -> Microsoft Corporation)
Task: {40CE094F-5532-4762-9668-929EA0AA77AE} - System32\Tasks\Microsoft\Office\Office Feature Updates Logon => C:\Program Files\Microsoft Office\root\Office16\sdxhelper.exe [309696 2024-06-30] (Microsoft Corporation -> Microsoft Corporation)
Task: {24524A63-2598-49F1-A258-155C3E5002F3} - System32\Tasks\Microsoft\Office\Office Performance Monitor => C:\Program Files\Microsoft Office\root\vfs\ProgramFilesCommonX64\Microsoft Shared\Office16\operfmon.exe [169408 2024-06-30] (Microsoft Corporation -> Microsoft Corporation)
Task: {307B857D-B82E-45F4-8385-DF01D3A20ACC} - System32\Tasks\Microsoft\Windows\Application Experience\PcaWallpaperAppDetect => C:\Windows\system32\rundll32.exe [73728 2024-05-15] (Microsoft Windows -> Microsoft Corporation) -> %windir%\system32\PcaSvc.dll,PcaWallpaperAppDetect
Task: {E0F10DCF-44AD-40E8-9370-FB5DA59F93FB} - System32\Tasks\Microsoft\Windows\UpdateOrchestrator\USO_UxBroker => %systemroot%\system32\MusNotification.exe (No File)
Task: {3EE6D57E-9C1E-4B1D-8C51-75670F25EC7A} - System32\Tasks\Microsoft\Windows\Windows Defender\Windows Defender Cache Maintenance => C:\ProgramData\Microsoft\Windows Defender\Platform\4.18.24050.7-0\MpCmdRun.exe [1678960 2024-06-05] (Microsoft Windows Publisher -> Microsoft Corporation)
Task: {3291ED3C-AA57-4C47-8489-CF6325885D37} - System32\Tasks\Microsoft\Windows\Windows Defender\Windows Defender Cleanup => C:\ProgramData\Microsoft\Windows Defender\Platform\4.18.24050.7-0\MpCmdRun.exe [1678960 2024-06-05] (Microsoft Windows Publisher -> Microsoft Corporation)
Task: {DD854B25-260C-44D8-917A-2D4B91981010} - System32\Tasks\Microsoft\Windows\Windows Defender\Windows Defender Scheduled Scan => C:\ProgramData\Microsoft\Windows Defender\Platform\4.18.24050.7-0\MpCmdRun.exe [1678960 2024-06-05] (Microsoft Windows Publisher -> Microsoft Corporation)
Task: {9534244F-29A0-4B5B-BBC9-F9BED6E568DE} - System32\Tasks\Microsoft\Windows\Windows Defender\Windows Defender Verification => C:\ProgramData\Microsoft\Windows Defender\Platform\4.18.24050.7-0\MpCmdRun.exe [1678960 2024-06-05] (Microsoft Windows Publisher -> Microsoft Corporation)
Task: {013529CE-49C4-4E90-90BB-39344D53A855} - System32\Tasks\NvDriverUpdateCheckDaily_{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8} => C:\Program Files\NVIDIA Corporation\NvContainer\nvcontainer.exe [1277480 2024-06-11] (NVIDIA Corporation -> NVIDIA Corporation) -> C:\Program Files\NVIDIA Corporation\NvContainer\-d "C:\Program Files\NVIDIA Corporation\NvDriverUpdateCheck" -l 3 -f C:\ProgramData\NVIDIA\NvContainerDriverUpdateCheck.log
Task: {4D42E492-278D-4172-B437-A5E9F2309CE0} - System32\Tasks\NVIDIA GeForce Experience SelfUpdate_{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8} => C:\Program Files\NVIDIA Corporation\NVIDIA GeForce Experience\NVIDIA GeForce Experience.exe [3347496 2024-06-11] (NVIDIA Corporation -> NVIDIA Corporation)
Task: {40D80B2E-7355-4C6F-A9B0-FDC1AD7979F2} - System32\Tasks\NvNodeLauncher_{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8} => C:\Program Files (x86)\NVIDIA Corporation\NvNode\nvnodejslauncher.exe [646696 2024-06-11] (NVIDIA Corporation -> NVIDIA Corporation) -> C:\Program Files (x86)\NVIDIA Corporation\NvNode\--launcher=TaskScheduler
Task: {967F8D7A-F8AB-4F7B-99D2-DB29C1714F1C} - System32\Tasks\NvProfileUpdaterDaily_{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8} => C:\Program Files\NVIDIA Corporation\Update Core\NvProfileUpdater64.exe [908328 2024-06-11] (NVIDIA Corporation -> NVIDIA Corporation)
Task: {1F35071E-526E-4635-AC51-C3F69F012F4E} - System32\Tasks\NvProfileUpdaterOnLogon_{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8} => C:\Program Files\NVIDIA Corporation\Update Core\NvProfileUpdater64.exe [908328 2024-06-11] (NVIDIA Corporation -> NVIDIA Corporation)
Task: {0E11980B-47C5-435B-A2CB-39D015A0C756} - System32\Tasks\NvTmRep_CrashReport1_{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8} => C:\Program Files\NVIDIA Corporation\NvBackend\NvTmRep.exe [1673768 2024-06-11] (NVIDIA Corporation -> NVIDIA Corporation)
Task: {7951DA52-2C18-4076-A1D6-7C8D986CE4EE} - System32\Tasks\NvTmRep_CrashReport2_{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8} => C:\Program Files\NVIDIA Corporation\NvBackend\NvTmRep.exe [1673768 2024-06-11] (NVIDIA Corporation -> NVIDIA Corporation)
Task: {8FEC9E67-35A6-4731-96E0-467980608BCD} - System32\Tasks\NvTmRep_CrashReport3_{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8} => C:\Program Files\NVIDIA Corporation\NvBackend\NvTmRep.exe [1673768 2024-06-11] (NVIDIA Corporation -> NVIDIA Corporation)
Task: {67060935-51A9-4783-ACAC-D972464FA5BE} - System32\Tasks\NvTmRep_CrashReport4_{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8} => C:\Program Files\NVIDIA Corporation\NvBackend\NvTmRep.exe [1673768 2024-06-11] (NVIDIA Corporation -> NVIDIA Corporation)
Task: {12CED94B-BE7B-4274-A5DD-028266067B8F} - System32\Tasks\OmApSvcBroker => C:\Program Files (x86)\MSI\MSI NBFoundation Service\OmApSvcBroker.exe [961584 2024-07-04] (Micro-Star International CO., LTD. -> Micro-Star International Co., Ltd.)
Task: {77027A65-980C-41CE-A790-CCF5E305A3C3} - System32\Tasks\OneDC_Updater => C:\Users\sern\OneDrive\Dokumenty\temp\OneDC_Updater\OneDC_Updater.exe [657552 2023-11-30] (Micro-Star International CO., LTD. -> Micro-Star International Co., Ltd.)
Task: {4101935C-F0C0-4230-A195-A9B39E28EB5A} - System32\Tasks\OneDrive Per-Machine Standalone Update Task => C:\Program Files\Microsoft OneDrive\OneDriveStandaloneUpdater.exe [4209168 2024-06-30] (Microsoft Corporation -> Microsoft Corporation)
Task: {DAAF67D8-5020-4F8F-88E0-02E1ED99E884} - System32\Tasks\OneDrive Reporting Task-S-1-5-21-2758214187-3853810005-2688088550-1001 => C:\Program Files\Microsoft OneDrive\OneDriveStandaloneUpdater.exe [4209168 2024-06-30] (Microsoft Corporation -> Microsoft Corporation)
Task: {1FA099D4-56A8-4B83-9948-D3CCECAC3F12} - System32\Tasks\PowerDirectorStyleAgent => C:\Program Files (x86)\CyberLink\Shared files\PDStyleAgent\PDStyleAgent.exe [97544 2024-03-14] (CyberLink Corp. -> CyberLink Corp.)

(If an entry is included in the fixlist, the task (.job) file will be moved. The file which is running by the task will not be moved.)

Task: C:\Windows\Tasks\CCleanerCrashReporting.job => C:\Program Files\CCleaner\CCleanerBugReport.exe

==================== Internet (Whitelisted) ====================

(If an item is included in the fixlist, if it is a registry item it will be removed or restored to default.)

Hosts: There are more than one entry in Hosts. See Hosts section of Addition.txt
Tcpip\Parameters: [DhcpNameServer] 192.168.0.1
Tcpip\..\Interfaces\{21133100-e4b4-4af2-b642-52f3abb08058}: [DhcpNameServer] 192.168.0.1
Tcpip\..\Interfaces\{21133100-e4b4-4af2-b642-52f3abb08058}: [DhcpDomain] home
Tcpip\..\Interfaces\{21133100-e4b4-4af2-b642-52f3abb08058}\255646D69602130334: [DhcpNameServer] 192.168.147.235
Tcpip\..\Interfaces\{21133100-e4b4-4af2-b642-52f3abb08058}\344475966496: [DhcpNameServer] 10.0.0.1
Tcpip\..\Interfaces\{21133100-e4b4-4af2-b642-52f3abb08058}\7416C61687970207163737A31323334313233343: [DhcpNameServer] 192.168.25.119
Tcpip\..\Interfaces\{21133100-e4b4-4af2-b642-52f3abb08058}\84F44554C41464F45544: [DhcpNameServer] 192.168.100.1
Tcpip\..\Interfaces\{444c531c-8e58-4e4f-8fe9-6ae83fad38d8}: [DhcpNameServer] 192.168.0.1
Tcpip\..\Interfaces\{444c531c-8e58-4e4f-8fe9-6ae83fad38d8}: [DhcpDomain] home

Edge:
=======
Edge Profile: C:\Users\sern\AppData\Local\Microsoft\Edge\User Data\Default [2024-07-08]
Edge Extension: (Dokumenty Google offline) - C:\Users\sern\AppData\Local\Microsoft\Edge\User Data\Default\Extensions\ghbmnnjooekpmoecnnnilnnbdlolhkhi [2024-03-26]
Edge Extension: (Edge relevant text changes) - C:\Users\sern\AppData\Local\Microsoft\Edge\User Data\Default\Extensions\jmjflgjpcpepeafmmgdpfkogkghcpiha [2024-01-24]

FireFox:
========
FF Plugin: @microsoft.com/SharePoint,version=14.0 -> C:\Program Files\Microsoft Office\root\Office16\NPSPWRAP.DLL [2024-04-05] (Microsoft Corporation -> Microsoft Corporation)
FF Plugin: @videolan.org/vlc,version=3.0.16 -> C:\Program Files\VideoLAN\VLC\npvlc.dll [2023-10-30] (VideoLAN -> VideoLAN)
FF Plugin: @videolan.org/vlc,version=3.0.20 -> C:\Program Files\VideoLAN\VLC\npvlc.dll [2023-10-30] (VideoLAN -> VideoLAN)
FF Plugin-x32: @microsoft.com/Lync,version=15.0 -> C:\Program Files\Microsoft Office\root\VFS\ProgramFilesX86\Mozilla Firefox\plugins\npmeetingjoinpluginoc.dll [2024-04-05] (Microsoft Corporation -> Microsoft Corporation)
FF Plugin-x32: @microsoft.com/SharePoint,version=14.0 -> C:\Program Files\Microsoft Office\root\VFS\ProgramFilesX86\Microsoft Office\Office16\NPSPWRAP.DLL [2024-04-05] (Microsoft Corporation -> Microsoft Corporation)

Chrome:
=======
CHR DefaultProfile: Default
CHR Profile: C:\Users\sern\AppData\Local\Google\Chrome\User Data\Default [2024-07-08]
CHR DownloadDir: D:\Stažené soubory
CHR Extension: (Story Space. Anonymous viewer for IG and FB) - C:\Users\sern\AppData\Local\Google\Chrome\User Data\Default\Extensions\cicohiknlppcipjbfpoghjbncojncjgb [2024-05-24]
CHR Extension: (Dokumenty Google offline) - C:\Users\sern\AppData\Local\Google\Chrome\User Data\Default\Extensions\ghbmnnjooekpmoecnnnilnnbdlolhkhi [2024-06-20]
CHR Extension: (AdBlock - nejlepší blokátor reklam) - C:\Users\sern\AppData\Local\Google\Chrome\User Data\Default\Extensions\gighmmpiobklfepjocnamgkkbiglidom [2024-06-27]
CHR Extension: (Spouštěč aplikací pro Disk (od Googlu)) - C:\Users\sern\AppData\Local\Google\Chrome\User Data\Default\Extensions\lmjegmlicamnimmfhcmpkclmigmmcbeh [2024-02-02]
CHR Extension: (Platby Internetového obchodu Chrome) - C:\Users\sern\AppData\Local\Google\Chrome\User Data\Default\Extensions\nmmhkkegccagdldgiimedpiccmgmieda [2023-11-20]
CHR Profile: C:\Users\sern\AppData\Local\Google\Chrome\User Data\Profile 1 [2024-07-05]
CHR Extension: (Překladač Google) - C:\Users\sern\AppData\Local\Google\Chrome\User Data\Profile 1\Extensions\aapbdbdomjkkjkaonfhkkikfgjllcleb [2024-07-04]
CHR Extension: (Adobe Acrobat: PDF edit, convert, sign tools) - C:\Users\sern\AppData\Local\Google\Chrome\User Data\Profile 1\Extensions\efaidnbmnnnibpcajpcglclefindmkaj [2024-07-05]
CHR Extension: (NordVPN - VPN proxy for privacy and security) - C:\Users\sern\AppData\Local\Google\Chrome\User Data\Profile 1\Extensions\fjoaledfpmneenckfbpdfhkmimnjocfa [2024-07-04]
CHR Extension: (Dokumenty Google offline) - C:\Users\sern\AppData\Local\Google\Chrome\User Data\Profile 1\Extensions\ghbmnnjooekpmoecnnnilnnbdlolhkhi [2024-04-17]
CHR Extension: (AdBlock - nejlepší blokátor reklam) - C:\Users\sern\AppData\Local\Google\Chrome\User Data\Profile 1\Extensions\gighmmpiobklfepjocnamgkkbiglidom [2024-07-04]
CHR Extension: (Spouštěč aplikací pro Disk (od Googlu)) - C:\Users\sern\AppData\Local\Google\Chrome\User Data\Profile 1\Extensions\lmjegmlicamnimmfhcmpkclmigmmcbeh [2024-02-02]
CHR Extension: (Platby Internetového obchodu Chrome) - C:\Users\sern\AppData\Local\Google\Chrome\User Data\Profile 1\Extensions\nmmhkkegccagdldgiimedpiccmgmieda [2023-11-25]
CHR Profile: C:\Users\sern\AppData\Local\Google\Chrome\User Data\System Profile [2024-07-08]
CHR HKU\S-1-5-21-2758214187-3853810005-2688088550-1001\SOFTWARE\Google\Chrome\Extensions\...\Chrome\Extension: [efaidnbmnnnibpcajpcglclefindmkaj]
CHR HKU\S-1-5-21-2758214187-3853810005-2688088550-1001\SOFTWARE\Google\Chrome\Extensions\...\Chrome\Extension: [lmjegmlicamnimmfhcmpkclmigmmcbeh]

==================== Services (Whitelisted) ===================

(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)

R2 Autodesk Access Service Host; C:\Program Files\Autodesk\AdODIS\V1\Setup\AdskAccessServiceHost.exe [13272864 2024-04-15] (Autodesk, Inc. -> Autodesk, Inc.)
S3 CCleanerPerformanceOptimizerService; C:\Program Files\CCleaner\CCleanerPerformanceOptimizerService.exe [1085856 2024-06-26] (PIRIFORM SOFTWARE LIMITED -> Piriform Software Ltd)
R2 ClickToRunSvc; C:\Program Files\Common Files\Microsoft Shared\ClickToRun\OfficeClickToRun.exe [14023752 2024-06-21] (Microsoft Corporation -> Microsoft Corporation)
S3 FileSyncHelper; C:\Program Files\Microsoft OneDrive\24.116.0609.0005\FileSyncHelper.exe [3518992 2024-06-30] (Microsoft Corporation -> Microsoft Corporation)
S2 Intel(R) Platform License Manager Service; C:\Windows\System32\DriverStore\FileRepository\iclsclient.inf_amd64_fc84dfa25a6a7727\lib\PlatformLicenseManagerService.exe [741488 2023-12-14] (Intel Corporation -> Intel(R) Corporation)
R2 IntelAudioService; C:\Windows\System32\DriverStore\FileRepository\intcoed.inf_amd64_6f0a892deb241071\AS\IAS\IntelAudioService.exe [530424 2023-08-31] (Intel Corporation -> Intel)
R2 ipfsvc; C:\Windows\System32\DriverStore\FileRepository\ipf_cpu.inf_amd64_b25cc008923a9297\ipf_uf.exe [3002464 2023-10-25] (Intel Corporation -> Intel Corporation)
R2 MDCoreSvc; C:\ProgramData\Microsoft\Windows Defender\Platform\4.18.24050.7-0\MpDefenderCoreService.exe [1505416 2024-06-05] (Microsoft Windows Publisher -> Microsoft Corporation)
R2 Micro Star SCM; C:\Windows\SysWOW64\MSIService.exe [171248 2023-05-11] (Micro-Star International CO., LTD. -> Micro-Star International Co., Ltd.)
R2 MSI Foundation Service; C:\Program Files (x86)\MSI\MSI NBFoundation Service\MSIAPService.exe [100496 2023-11-03] (Micro-Star International CO., LTD. -> Micro-Star International Co., Ltd.)
R2 MSI Sendevsvc; C:\Program Files (x86)\MSI\MSI NBFoundation Service\Sendevsvc.exe [311536 2023-05-11] (Micro-Star International CO., LTD. -> )
R2 MSI_Center_Service; C:\Program Files (x86)\MSI\MSI Center\MSI_Central_Service.exe [149608 2024-01-05] (MICRO-STAR INTERNATIONAL CO., LTD. -> Micro-Star Int'l Co., Ltd.)
R2 MSI_VoiceControl_Service; C:\Program Files (x86)\MSI\MSI Center\Voice Control\VoiceControl_Service.exe [36880 2023-04-27] (MICRO-STAR INTERNATIONAL CO., LTD. -> Micro-Star INT'L CO., LTD.)
R2 NahimicService; C:\Windows\system32\NahimicService.exe [1909512 2023-11-15] (A-Volute SAS -> Nahimic)
R2 NVDisplay.ContainerLocalSystem; C:\Windows\System32\DriverStore\FileRepository\nvmiig.inf_amd64_7bbded0afca8813b\Display.NvContainer\NVDisplay.Container.exe [1274888 2023-11-10] (NVIDIA Corporation -> NVIDIA Corporation)
S3 OneDrive Updater Service; C:\Program Files\Microsoft OneDrive\24.116.0609.0005\OneDriveUpdaterService.exe [3858464 2024-06-30] (Microsoft Corporation -> Microsoft Corporation)
S3 ProtonVPN Service; C:\Program Files\Proton\VPN\v3.2.10\ProtonVPNService.exe [474824 2024-02-01] (Proton AG -> ProtonVPN)
S3 ProtonVPN WireGuard; C:\Program Files\Proton\VPN\v3.2.10\ProtonVPN.WireGuardService.exe [474312 2024-02-01] (Proton AG -> ProtonVPN)
R2 RichVideo64; C:\Program Files\CyberLink\Shared files\RichVideo64.exe [625928 2024-03-14] (CyberLink Corp. -> CyberLink)
S3 Sense; C:\Program Files\Windows Defender Advanced Threat Protection\MsSense.exe [522184 2024-05-15] (Microsoft Windows Publisher -> Microsoft Corporation)
R3 WdNisSvc; C:\ProgramData\Microsoft\Windows Defender\Platform\4.18.24050.7-0\NisSrv.exe [3236728 2024-06-05] (Microsoft Windows Publisher -> Microsoft Corporation)
R2 WinDefend; C:\ProgramData\Microsoft\Windows Defender\Platform\4.18.24050.7-0\MsMpEng.exe [133704 2024-06-05] (Microsoft Windows Publisher -> Microsoft Corporation)

===================== Drivers (Whitelisted) ===================

(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)

R1 googledrivefs31357; C:\Windows\System32\DriverStore\FileRepository\googledrivefs31357.inf_amd64_a8bf31a168cf7d00\googledrivefs31357.sys [384712 2024-02-02] (Microsoft Windows Hardware Compatibility Publisher -> Google, Inc.)
R3 iaLPSS2_GPIO2_ADL; C:\Windows\System32\DriverStore\FileRepository\ialpss2_gpio2_adl.inf_amd64_302e75596cffa74a\iaLPSS2_GPIO2_ADL.sys [150616 2022-10-18] (Intel Corporation -> Intel Corporation)
R3 iaLPSS2_I2C_ADL; C:\Windows\System32\DriverStore\FileRepository\ialpss2_i2c_adl.inf_amd64_e736c048ca307ed2\iaLPSS2_I2C_ADL.sys [220224 2022-10-18] (Intel Corporation -> Intel Corporation)
R0 iaStorVD; C:\Windows\System32\drivers\iaStorVD.sys [1605296 2023-11-19] (Intel Corporation -> Intel Corporation)
S3 IntcUSB; C:\Windows\System32\DriverStore\FileRepository\intcusb.inf_amd64_c2a06a639869c7cd\IntcUSB.sys [923128 2023-08-31] (Intel Corporation -> Intel(R) Corporation)
R3 IntelGNA; C:\Windows\System32\DriverStore\FileRepository\gna.inf_amd64_6f93b7542fd3ead9\gna.sys [88656 2023-09-26] (Intel Corporation -> Intel Corporation)
R3 ipf_acpi; C:\Windows\System32\DriverStore\FileRepository\ipf_acpi.inf_amd64_0bbfb278918dfdd5\ipf_acpi.sys [88160 2023-10-25] (Intel Corporation -> Intel Corporation)
R3 ipf_cpu; C:\Windows\System32\DriverStore\FileRepository\ipf_cpu.inf_amd64_b25cc008923a9297\ipf_cpu.sys [85600 2023-10-25] (Intel Corporation -> Intel Corporation)
R3 ipf_lf; C:\Windows\System32\DriverStore\FileRepository\ipf_cpu.inf_amd64_b25cc008923a9297\ipf_lf.sys [484448 2023-10-25] (Intel Corporation -> Intel Corporation)
R3 MpKsl31c17885; C:\ProgramData\Microsoft\Windows Defender\Definition Updates\{BA3B5A2A-43FA-4C5C-94EB-7719E57B0A73}\MpKslDrv.sys [271648 2024-07-08] (Microsoft Windows -> Microsoft Corporation)
R3 NahimicBTLink; C:\Windows\System32\drivers\NahimicBTLink.sys [86200 2022-08-19] (A-Volute SAS -> Windows (R) Win 7 DDK provider)
R3 Nahimic_Mirroring; C:\Windows\System32\drivers\Nahimic_Mirroring.sys [86224 2022-08-19] (A-Volute SAS -> Windows (R) Win 7 DDK provider)
R3 NvModuleTracker; C:\Windows\System32\DriverStore\FileRepository\nvmoduletracker.inf_amd64_ea6cec41fc5b2a8b\NvModuleTracker.sys [47240 2024-04-03] (NVIDIA Corporation -> NVIDIA Corporation)
R3 nvpcf; C:\Windows\System32\drivers\nvpcf.sys [239256 2023-11-10] (NVIDIA Corporation -> NVIDIA Corporation)
S3 ProtonVPNCallout; C:\Program Files\Proton\VPN\v3.2.10\Resources\ProtonVPN.CalloutDriver.sys [34176 2023-11-20] (Microsoft Windows Hardware Compatibility Publisher -> Proton Technologies AG)
R3 rt68cx21; C:\Windows\System32\DriverStore\FileRepository\rt68cx21x64.inf_amd64_8db01a9992cf3fbb\rt68cx21x64.sys [713152 2022-12-05] (Realtek Semiconductor Corp. -> Realtek)
S3 rtcx21; C:\Windows\System32\DriverStore\FileRepository\rtcx21x64.inf_amd64_516e5c9b75c49dc2\rtcx21x64.sys [539648 2022-05-06] (Microsoft Windows -> Realtek)
S0 WdBoot; C:\Windows\System32\drivers\wd\WdBoot.sys [22080 2024-06-05] (Microsoft Windows Early Launch Anti-malware Publisher -> Microsoft Corporation)
R0 WdFilter; C:\Windows\System32\drivers\wd\WdFilter.sys [602520 2024-06-05] (Microsoft Windows -> Microsoft Corporation)
R3 WdNisDrv; C:\Windows\System32\drivers\wd\WdNisDrv.sys [105880 2024-06-05] (Microsoft Windows -> Microsoft Corporation)
S3 WireGuard; C:\Windows\System32\drivers\wireguard.sys [489368 2024-02-29] (Microsoft Windows Hardware Compatibility Publisher -> WireGuard LLC)
S3 WINIO; \??\C:\Program Files (x86)\MSI\MSI NBFoundation Service\KernCoreLib64.sys [X]

==================== NetSvcs (Whitelisted) ===================

(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)


==================== One month (created) (Whitelisted) =========

(If an entry is included in the fixlist, the file/folder will be moved.)

2024-07-08 20:50 - 2024-07-08 20:50 - 000000000 ____D C:\FRST
2024-07-07 21:40 - 2024-07-07 21:40 - 000728484 _____ C:\Windows\system32\perfh005.dat
2024-07-07 21:40 - 2024-07-07 21:40 - 000151700 _____ C:\Windows\system32\perfc005.dat
2024-07-07 20:37 - 2024-03-26 21:11 - 000059928 _____ (NVIDIA Corporation) C:\Windows\system32\Drivers\nvvad64v.sys
2024-07-07 20:37 - 2024-03-26 19:21 - 000060240 _____ (NVIDIA Corporation) C:\Windows\system32\Drivers\nvvhci.sys
2024-06-30 19:44 - 2024-07-08 15:55 - 000000000 ____D C:\ProgramData\OmApSvcBroker
2024-06-30 19:44 - 2024-06-30 19:44 - 000003658 _____ C:\Windows\system32\Tasks\OneDC_Updater
2024-06-30 19:44 - 2024-06-30 19:44 - 000002974 _____ C:\Windows\system32\Tasks\OmApSvcBroker
2024-06-30 19:44 - 2024-06-30 19:44 - 000000000 ____D C:\Users\sern\OneDrive\Dokumenty\temp
2024-06-12 17:38 - 2024-06-12 17:38 - 000024821 _____ C:\Windows\SysWOW64\IntegratedServicesRegionPolicySet.json
2024-06-12 17:37 - 2024-06-12 17:37 - 000024821 _____ C:\Windows\system32\IntegratedServicesRegionPolicySet.json
2024-06-12 17:29 - 2024-06-12 17:35 - 000000000 ___HD C:\$WinREAgent

==================== One month (modified) ==================

(If an entry is included in the fixlist, the file/folder will be moved.)

2024-07-08 20:46 - 2023-12-31 17:39 - 000000000 ____D C:\Users\sern\AppData\Roaming\BitTorrent Web
2024-07-08 20:12 - 2023-11-21 08:40 - 000000000 ____D C:\ProgramData\Common
2024-07-08 19:58 - 2023-11-20 22:45 - 000000000 ___SD C:\Users\sern\AppData\Roaming\Microsoft\Credentials
2024-07-08 19:35 - 2022-05-07 07:24 - 000000000 ____D C:\Windows\SystemTemp
2024-07-08 19:28 - 2023-11-20 22:39 - 000000000 ____D C:\Windows\system32\SleepStudy
2024-07-08 18:38 - 2022-05-07 07:24 - 000000000 ____D C:\ProgramData\regid.1991-06.com.microsoft
2024-07-08 17:30 - 2023-12-31 17:39 - 000000000 ____D C:\Users\sern\AppData\Local\BitTorrentHelper
2024-07-08 17:05 - 2023-11-20 22:52 - 000000000 ____D C:\Users\sern\AppData\Local\D3DSCache
2024-07-08 16:15 - 2022-05-07 07:24 - 000000000 ____D C:\Windows\AppReadiness
2024-07-08 16:00 - 2023-11-20 22:51 - 000000000 ____D C:\ProgramData\NVIDIA
2024-07-08 15:55 - 2024-02-09 19:36 - 000000000 ____D C:\ProgramData\boost_interprocess
2024-07-08 15:55 - 2024-02-02 13:40 - 000002166 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Google Drive.lnk
2024-07-08 15:55 - 2024-02-02 13:40 - 000002054 _____ C:\Users\sern\OneDrive\Desktop\Google Drive.lnk
2024-07-08 15:55 - 2023-11-21 18:08 - 000000000 ____D C:\Program Files\CCleaner
2024-07-08 15:55 - 2023-11-21 09:13 - 000000000 ____D C:\Users\sern\AppData\Roaming\Microsoft\Teams
2024-07-08 15:55 - 2023-11-20 22:50 - 000000000 ___RD C:\Users\sern\OneDrive
2024-07-07 21:40 - 2023-11-20 22:47 - 001718036 _____ C:\Windows\system32\PerfStringBackup.INI
2024-07-07 21:40 - 2022-05-07 07:22 - 000000000 ____D C:\Windows\INF
2024-07-07 21:35 - 2023-11-22 21:07 - 000000000 ____D C:\Users\sern\AppData\Local\CrashDumps
2024-07-07 21:32 - 2023-11-20 22:41 - 000001623 _____ C:\Windows\system32\config\VSMIDK
2024-07-07 21:32 - 2023-11-20 22:39 - 000012288 ___SH C:\DumpStack.log.tmp
2024-07-07 21:32 - 2023-11-20 22:39 - 000000006 ____H C:\Windows\Tasks\SA.DAT
2024-07-07 21:32 - 2022-05-07 07:24 - 000000000 ____D C:\Windows\ServiceState
2024-07-07 21:32 - 2022-05-07 07:17 - 000786432 _____ C:\Windows\system32\config\BBI
2024-07-07 20:38 - 2023-11-20 22:51 - 000000000 ____D C:\ProgramData\NVIDIA Corporation
2024-07-07 20:37 - 2023-11-22 19:20 - 000003976 _____ C:\Windows\system32\Tasks\NVIDIA GeForce Experience SelfUpdate_{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}
2024-07-07 20:37 - 2023-11-22 19:20 - 000003940 _____ C:\Windows\system32\Tasks\NvNodeLauncher_{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}
2024-07-07 20:37 - 2023-11-22 19:19 - 000004308 _____ C:\Windows\system32\Tasks\NvDriverUpdateCheckDaily_{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}
2024-07-07 20:37 - 2023-11-22 19:19 - 000003894 _____ C:\Windows\system32\Tasks\NvProfileUpdaterDaily_{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}
2024-07-07 20:37 - 2023-11-22 19:19 - 000003858 _____ C:\Windows\system32\Tasks\NvTmRep_CrashReport4_{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}
2024-07-07 20:37 - 2023-11-22 19:19 - 000003858 _____ C:\Windows\system32\Tasks\NvTmRep_CrashReport3_{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}
2024-07-07 20:37 - 2023-11-22 19:19 - 000003858 _____ C:\Windows\system32\Tasks\NvTmRep_CrashReport2_{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}
2024-07-07 20:37 - 2023-11-22 19:19 - 000003858 _____ C:\Windows\system32\Tasks\NvTmRep_CrashReport1_{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}
2024-07-07 20:37 - 2023-11-22 19:19 - 000003654 _____ C:\Windows\system32\Tasks\NvProfileUpdaterOnLogon_{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}
2024-07-07 20:37 - 2023-11-22 19:19 - 000000000 ____D C:\Program Files (x86)\NVIDIA Corporation
2024-07-07 20:37 - 2023-11-20 22:51 - 000000000 ____D C:\Program Files\NVIDIA Corporation
2024-07-07 16:49 - 2022-05-07 07:24 - 000000000 ___HD C:\Program Files\WindowsApps
2024-07-07 16:20 - 2023-11-22 18:17 - 000000000 ____D C:\Program Files\Microsoft OneDrive
2024-07-07 16:20 - 2023-11-21 18:08 - 000000666 _____ C:\Windows\Tasks\CCleanerCrashReporting.job
2024-07-04 16:36 - 2023-11-20 22:40 - 000002436 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Microsoft Edge.lnk
2024-07-03 17:04 - 2023-12-20 11:17 - 000000000 ____D C:\Users\sern\AppData\Roaming\Microsoft\Excel
2024-07-03 09:01 - 2023-12-20 10:57 - 000000000 ____D C:\Users\sern\AppData\Roaming\Microsoft\Word
2024-07-01 15:43 - 2023-11-21 18:08 - 000003936 _____ C:\Windows\system32\Tasks\CCleaner Update
2024-07-01 15:43 - 2023-11-21 18:08 - 000003382 _____ C:\Windows\system32\Tasks\CCleanerCrashReporting
2024-06-30 21:29 - 2023-11-21 09:03 - 000003194 _____ C:\Windows\system32\Tasks\OneDrive Per-Machine Standalone Update Task
2024-06-30 21:29 - 2023-11-21 09:03 - 000002130 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Programs\OneDrive.lnk
2024-06-30 21:29 - 2023-11-20 22:50 - 000003596 _____ C:\Windows\system32\Tasks\OneDrive Reporting Task-S-1-5-21-2758214187-3853810005-2688088550-1001
2024-06-30 19:44 - 2023-11-20 22:48 - 000000000 ____D C:\Program Files (x86)\MSI
2024-06-30 19:29 - 2023-11-21 08:31 - 000000000 ____D C:\Program Files\Microsoft Office
2024-06-27 17:20 - 2023-11-20 22:48 - 000000000 ____D C:\Users\sern\AppData\Local\Packages
2024-06-27 12:41 - 2023-11-20 23:55 - 000002247 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Google Chrome.lnk
2024-06-20 19:55 - 2023-11-20 23:59 - 000000000 ____D C:\ProgramData\Package Cache
2024-06-14 04:37 - 2022-05-07 07:24 - 000000000 ____D C:\ProgramData\USOPrivate
2024-06-14 04:15 - 2023-11-20 22:39 - 000594000 _____ C:\Windows\system32\FNTCACHE.DAT
2024-06-14 04:15 - 2023-11-09 18:12 - 000000000 ____D C:\Windows\system32\Microsoft-Edge-WebView
2024-06-14 04:15 - 2022-05-07 12:14 - 000000000 ____D C:\Windows\InboxApps
2024-06-14 04:15 - 2022-05-07 07:24 - 000000000 ___SD C:\Windows\system32\UNP
2024-06-14 04:15 - 2022-05-07 07:24 - 000000000 ___RD C:\Windows\PrintDialog
2024-06-14 04:15 - 2022-05-07 07:24 - 000000000 ___RD C:\Windows\ImmersiveControlPanel
2024-06-14 04:15 - 2022-05-07 07:24 - 000000000 ____D C:\Windows\UUS
2024-06-14 04:15 - 2022-05-07 07:24 - 000000000 ____D C:\Windows\SysWOW64\WinMetadata
2024-06-14 04:15 - 2022-05-07 07:24 - 000000000 ____D C:\Windows\SysWOW64\setup
2024-06-14 04:15 - 2022-05-07 07:24 - 000000000 ____D C:\Windows\SysWOW64\Dism
2024-06-14 04:15 - 2022-05-07 07:24 - 000000000 ____D C:\Windows\SystemResources
2024-06-14 04:15 - 2022-05-07 07:24 - 000000000 ____D C:\Windows\system32\WinMetadata
2024-06-14 04:15 - 2022-05-07 07:24 - 000000000 ____D C:\Windows\system32\WinBioPlugIns
2024-06-14 04:15 - 2022-05-07 07:24 - 000000000 ____D C:\Windows\system32\ShellExperiences
2024-06-14 04:15 - 2022-05-07 07:24 - 000000000 ____D C:\Windows\system32\Sgrm
2024-06-14 04:15 - 2022-05-07 07:24 - 000000000 ____D C:\Windows\system32\setup
2024-06-14 04:15 - 2022-05-07 07:24 - 000000000 ____D C:\Windows\system32\PerceptionSimulation
2024-06-14 04:15 - 2022-05-07 07:24 - 000000000 ____D C:\Windows\system32\oobe
2024-06-14 04:15 - 2022-05-07 07:24 - 000000000 ____D C:\Windows\system32\migwiz
2024-06-14 04:15 - 2022-05-07 07:24 - 000000000 ____D C:\Windows\system32\Dism
2024-06-14 04:15 - 2022-05-07 07:24 - 000000000 ____D C:\Windows\system32\appraiser
2024-06-14 04:15 - 2022-05-07 07:24 - 000000000 ____D C:\Windows\ShellExperiences
2024-06-14 04:15 - 2022-05-07 07:24 - 000000000 ____D C:\Windows\ShellComponents
2024-06-14 04:15 - 2022-05-07 07:24 - 000000000 ____D C:\Windows\PolicyDefinitions
2024-06-14 04:15 - 2022-05-07 07:24 - 000000000 ____D C:\Windows\BrowserCore
2024-06-14 04:15 - 2022-05-07 07:24 - 000000000 ____D C:\Windows\bcastdvr
2024-06-14 04:15 - 2022-05-07 07:17 - 000000000 ____D C:\Windows\servicing
2024-06-12 17:40 - 2022-05-07 07:17 - 000000000 ____D C:\Windows\CbsTemp
2024-06-12 17:39 - 2022-05-07 12:14 - 000036864 _____ (Microsoft Corporation) C:\Windows\system32\OEMDefaultAssociations.dll
2024-06-12 17:39 - 2022-05-07 12:14 - 000024383 _____ C:\Windows\system32\OEMDefaultAssociations.xml
2024-06-12 17:38 - 2023-11-20 22:43 - 003216384 _____ (Microsoft Corporation) C:\Windows\SysWOW64\PrintConfig.dll
2024-06-12 17:27 - 2023-11-20 22:57 - 000000000 ____D C:\Windows\system32\MRT
2024-06-12 17:22 - 2023-11-20 22:57 - 199048176 ____C (Microsoft Corporation) C:\Windows\system32\MRT.exe
2024-06-11 22:53 - 2023-11-22 19:20 - 002900520 _____ (NVIDIA Corporation) C:\Windows\system32\nvspcap64.dll
2024-06-11 22:52 - 2023-11-22 19:20 - 002231336 _____ (NVIDIA Corporation) C:\Windows\SysWOW64\nvspcap.dll
2024-06-11 22:52 - 2023-11-22 19:20 - 001296936 _____ (NVIDIA Corporation) C:\Windows\system32\NvRtmpStreamer64.dll
2024-06-11 22:24 - 2023-11-22 19:20 - 000086568 _____ C:\Windows\system32\FvSDK_x64.dll
2024-06-11 22:24 - 2023-11-22 19:20 - 000075304 _____ C:\Windows\SysWOW64\FvSDK_x86.dll
2024-06-11 18:31 - 2023-11-22 19:19 - 000001951 _____ C:\Windows\NvContainerRecovery.bat

==================== SigCheck ============================

(There is no automatic fix for files that do not pass verification.)

==================== End of FRST.txt ========================

Re: kontrola logu

Napsal: 08 črc 2024 19:53
od Buranek
Additional scan result of Farbar Recovery Scan Tool (x64) Version: 01.07.2024
Ran by sern (08-07-2024 20:51:53)
Running from D:\Stažené soubory
Microsoft Windows 11 Pro Version 23H2 22631.3737 (X64) (2023-11-20 20:41:27)
Boot Mode: Normal
==========================================================


==================== Accounts: =============================


(If an entry is included in the fixlist, it will be removed.)

Administrator (S-1-5-21-2758214187-3853810005-2688088550-500 - Administrator - Disabled)
DefaultAccount (S-1-5-21-2758214187-3853810005-2688088550-503 - Limited - Disabled)
Guest (S-1-5-21-2758214187-3853810005-2688088550-501 - Limited - Disabled)
sern (S-1-5-21-2758214187-3853810005-2688088550-1001 - Administrator - Enabled) => C:\Users\sern
WDAGUtilityAccount (S-1-5-21-2758214187-3853810005-2688088550-504 - Limited - Disabled)

==================== Security Center ========================

(If an entry is included in the fixlist, it will be removed.)

AV: Windows Defender (Enabled - Up to date) {D68DDC3A-831F-4fae-9E44-DA132C1ACF46}

==================== Installed Programs ======================

(Only the adware programs with "Hidden" flag could be added to the fixlist to unhide them. The adware programs should be uninstalled manually.)

AB Protect - AdvanceCAD 2024 x64 (HKLM\...\{E406239C-DDA8-443B-801F-D4188AD02A2E}) (Version: 24.01.0007 - AB Studio) Hidden
Autodesk Access (HKLM\...\{A3158B3E-5F28-358A-BF1A-9532D8EBC811}) (Version: 2.6.0.118 - Autodesk, Inc.)
Autodesk Identity Manager (HKLM\...\Autodesk Identity Manager) (Version: 1.11.9.11 - Autodesk)
BitTorrent Web (HKU\S-1-5-21-2758214187-3853810005-2688088550-1001\...\btweb) (Version: 1.4.0 - BitTorrent Limited)
CADKON+ 2024 Database - Cz (HKLM\...\{6D06E854-1A36-4736-A7EB-1C9E36D71F85}) (Version: 24.2.0055 - Graitec) Hidden
CADKON+ 2024 Language Pack - Cz (HKLM\...\{6C493A15-CE76-44DC-9513-05A5EA1B695F}) (Version: 24.2.0055 - Graitec) Hidden
CADKON+ 2024 Root Pack (HKLM\...\{08B49DBB-67E7-48FC-A326-CB1D4E0021D9}) (Version: 24.2.0055 - Graitec) Hidden
CADKON+ 2024.2 (HKLM-x32\...\{1121ee7d-5d8a-4c92-8891-b98a82636f2d}) (Version: 24.2.55 - Graitec)
CCleaner (HKLM\...\CCleaner) (Version: 6.25 - Piriform)
CyberLink PowerDirector 365 (HKLM-x32\...\{678184FC-3343-4125-8098-01B6032F8BB2}) (Version: 22.2.2712.0 - CyberLink Corp.)
GalaxyBudsManager (HKLM-x32\...\GalaxyBudsManager) (Version: 2.1.220907.51 - Samsung Electronics Co, Ltd.)
Google Drive (HKLM\...\{6BBAE539-2232-434A-A4E5-9A33560C6283}) (Version: 93.0.1.0 - Google LLC)
Google Chrome (HKLM-x32\...\Google Chrome) (Version: 126.0.6478.127 - Google LLC)
Graitec - Advance CAD 2024 (HKLM\...\{E2402D86-4CC6-415F-BA1C-2EE567CB7D1A}) (Version: 14.0.0.7344 - Graitec) Hidden
GrVfkImport (HKLM\...\{892AE826-080B-4C24-89DE-888FBF883DD1}) (Version: 24.01.0011 - AB Studio) Hidden
Intel(R) Chipset Device Software (HKLM\...\{22987D97-5A46-4BD9-B1A5-2FFE44201081}) (Version: 10.1.19199.8340 - Intel Corporation) Hidden
Intel(R) Chipset Device Software (HKLM-x32\...\{e6ecf35a-b1bb-4e59-9d90-4c98fde2ffa8}) (Version: 10.1.19199.8340 - Intel(R) Corporation)
Lenovo USB Audio (HKLM\...\VID_17EF&PID_3063&MI_00) (Version: 1.31.38.50 - Synaptics Incorporated)
LYNX Trading (HKU\S-1-5-21-2758214187-3853810005-2688088550-1001\...\5556-0007-2700-0000) (Version: latest (10.26.1j) 20240103 15:16:39 - LYNX)
Microsoft .NET Host - 6.0.11 (x64) (HKLM\...\{B92B890A-04F2-4880-BA20-20D4364FB263}) (Version: 48.47.50420 - Microsoft Corporation) Hidden
Microsoft .NET Host FX Resolver - 6.0.11 (x64) (HKLM\...\{5E63E49B-C88C-46C5-855C-A7B07C11CDC8}) (Version: 48.47.50420 - Microsoft Corporation) Hidden
Microsoft .NET Runtime - 6.0.11 (x64) (HKLM\...\{C3DD1448-513A-4DB8-978D-6991562EA63D}) (Version: 48.47.50420 - Microsoft Corporation) Hidden
Microsoft 365 Apps pro velké organizace - cs-cz (HKLM\...\O365ProPlusRetail - cs-cz) (Version: 16.0.17726.20126 - Microsoft Corporation)
Microsoft ASP.NET Core 6.0.8 - Shared Framework (x64) (HKLM-x32\...\{1182f806-658a-4241-9202-d43e13bf2719}) (Version: 6.0.8.22363 - Microsoft Corporation)
Microsoft ASP.NET Core 6.0.8 Shared Framework (x64) (HKLM\...\{FA97D589-B37E-3B49-A8D2-4764029773FE}) (Version: 6.0.8.22363 - Microsoft Corporation) Hidden
Microsoft Edge (HKLM-x32\...\Microsoft Edge) (Version: 126.0.2592.87 - Microsoft Corporation)
Microsoft Edge WebView2 Runtime (HKLM-x32\...\Microsoft EdgeWebView) (Version: 126.0.2592.87 - Microsoft Corporation)
Microsoft OneDrive (HKLM\...\OneDriveSetup.exe) (Version: 24.116.0609.0005 - Microsoft Corporation)
Microsoft Teams classic (HKU\S-1-5-21-2758214187-3853810005-2688088550-1001\...\Teams) (Version: 1.7.00.13456 - Microsoft Corporation)
Microsoft Teams Meeting Add-in for Microsoft Office (HKLM\...\{A7AB73A3-CB10-4AA5-9D38-6AEFFBDE4C91}) (Version: 1.24.14501 - Microsoft)
Microsoft Update Health Tools (HKLM\...\{C6FD611E-7EFE-488C-A0E0-974C09EF6473}) (Version: 5.72.0.0 - Microsoft Corporation)
Microsoft Visual C++ 2005 Redistributable (HKLM-x32\...\{7299052b-02a4-4627-81f2-1818da5d550d}) (Version: 8.0.56336 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x86 9.0.21022 (HKLM-x32\...\{FF66E9F6-83E7-3A3E-AF14-8DE9A809A6A4}) (Version: 9.0.21022 - Microsoft Corporation)
Microsoft Visual C++ 2010 x86 Redistributable - 10.0.40219 (HKLM-x32\...\{F0C3E5D1-1ADE-321E-8167-68EF0DE699A5}) (Version: 10.0.40219 - Microsoft Corporation)
Microsoft Visual C++ 2012 Redistributable (x64) - 11.0.61030 (HKLM-x32\...\{ca67548a-5ebe-413a-b50c-4b9ceb6d66c6}) (Version: 11.0.61030.0 - Microsoft Corporation)
Microsoft Visual C++ 2012 Redistributable (x86) - 11.0.61030 (HKLM-x32\...\{33d1fd90-4274-48a1-9bc1-97e33d9c2d6f}) (Version: 11.0.61030.0 - Microsoft Corporation)
Microsoft Visual C++ 2012 x64 Additional Runtime - 11.0.61030 (HKLM\...\{37B8F9C7-03FB-3253-8781-2517C99D7C00}) (Version: 11.0.61030 - Microsoft Corporation) Hidden
Microsoft Visual C++ 2012 x64 Minimum Runtime - 11.0.61030 (HKLM\...\{CF2BEA3C-26EA-32F8-AA9B-331F7E34BA97}) (Version: 11.0.61030 - Microsoft Corporation) Hidden
Microsoft Visual C++ 2012 x86 Additional Runtime - 11.0.61030 (HKLM-x32\...\{B175520C-86A2-35A7-8619-86DC379688B9}) (Version: 11.0.61030 - Microsoft Corporation) Hidden
Microsoft Visual C++ 2012 x86 Minimum Runtime - 11.0.61030 (HKLM-x32\...\{BD95A8CD-1D9F-35AD-981A-3E7925026EBB}) (Version: 11.0.61030 - Microsoft Corporation) Hidden
Microsoft Visual C++ 2013 Redistributable (x64) - 12.0.30501 (HKLM-x32\...\{050d4fc8-5d48-4b8f-8972-47c82c46020f}) (Version: 12.0.30501.0 - Microsoft Corporation)
Microsoft Visual C++ 2013 Redistributable (x86) - 12.0.30501 (HKLM-x32\...\{f65db027-aff3-4070-886a-0d87064aabb1}) (Version: 12.0.30501.0 - Microsoft Corporation)
Microsoft Visual C++ 2013 x64 Additional Runtime - 12.0.21005 (HKLM\...\{929FBD26-9020-399B-9A7A-751D61F0B942}) (Version: 12.0.21005 - Microsoft Corporation) Hidden
Microsoft Visual C++ 2013 x64 Minimum Runtime - 12.0.21005 (HKLM\...\{A749D8E6-B613-3BE3-8F5F-045C84EBA29B}) (Version: 12.0.21005 - Microsoft Corporation) Hidden
Microsoft Visual C++ 2013 x86 Additional Runtime - 12.0.21005 (HKLM-x32\...\{F8CFEB22-A2E7-3971-9EDA-4B11EDEFC185}) (Version: 12.0.21005 - Microsoft Corporation) Hidden
Microsoft Visual C++ 2013 x86 Minimum Runtime - 12.0.21005 (HKLM-x32\...\{13A4EE12-23EA-3371-91EE-EFB36DDFFF3E}) (Version: 12.0.21005 - Microsoft Corporation) Hidden
Microsoft Visual C++ 2015-2022 Redistributable (x64) - 14.40.33810 (HKLM-x32\...\{5af95fd8-a22e-458f-acee-c61bd787178e}) (Version: 14.40.33810.0 - Microsoft Corporation)
Microsoft Visual C++ 2015-2022 Redistributable (x86) - 14.40.33810 (HKLM-x32\...\{47109d57-d746-4f8b-9618-ed6a17cc922b}) (Version: 14.40.33810.0 - Microsoft Corporation)
Microsoft Visual C++ 2022 X64 Additional Runtime - 14.40.33810 (HKLM\...\{59CED48F-EBFE-480C-8A38-FC079C2BEC0F}) (Version: 14.40.33810 - Microsoft Corporation) Hidden
Microsoft Visual C++ 2022 X64 Minimum Runtime - 14.40.33810 (HKLM\...\{B8B3BB4A-A10D-4F51-91B7-A64FFAC31EA7}) (Version: 14.40.33810 - Microsoft Corporation) Hidden
Microsoft Visual C++ 2022 X86 Additional Runtime - 14.40.33810 (HKLM-x32\...\{5EA6C998-D5AC-4ED9-89C3-9F25B17CCD3D}) (Version: 14.40.33810 - Microsoft Corporation) Hidden
Microsoft Visual C++ 2022 X86 Minimum Runtime - 14.40.33810 (HKLM-x32\...\{0C3457A0-3DCE-4A33-BEF0-9B528C557771}) (Version: 14.40.33810 - Microsoft Corporation) Hidden
Microsoft Windows Desktop Runtime - 6.0.11 (x64) (HKLM\...\{A39D4115-3A27-4245-AE92-3214B8B21932}) (Version: 48.47.50419 - Microsoft Corporation) Hidden
Microsoft Windows Desktop Runtime - 6.0.11 (x64) (HKLM-x32\...\{c4846f79-a633-4ae4-92a3-92fdbeb33da2}) (Version: 6.0.11.31823 - Microsoft Corporation)
MSI Center SDK (HKLM-x32\...\{15289038-41BE-48F8-B8B9-0B1021D3089E}}_is1) (Version: 3.2024.0619.01 - MSI)
MSI NBFoundation Service (HKLM-x32\...\{640EFA76-B899-476B-B2DF-D0CCF11D6083}}_is1) (Version: 2.0.2406.0501 - MSI)
NVIDIA FrameView SDK 1.3.8513.32290073 (HKLM\...\{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_FrameViewSdk) (Version: 1.3.8513.32290073 - NVIDIA Corporation)
NVIDIA GeForce Experience 3.28.0.417 (HKLM\...\{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_Display.GFExperience) (Version: 3.28.0.417 - NVIDIA Corporation)
NVIDIA Ovladač HD audia 1.3.40.14 (HKLM\...\{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_HDAudio.Driver) (Version: 1.3.40.14 - NVIDIA Corporation)
NVIDIA Ovladače grafiky 546.17 (HKLM\...\{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_Display.Driver) (Version: 546.17 - NVIDIA Corporation)
NVIDIA Systémový software PhysX 9.21.0713 (HKLM\...\{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_Display.PhysX) (Version: 9.21.0713 - NVIDIA Corporation)
NVIDIA USBC Driver 1.50.831.832 (HKLM\...\{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_USBC) (Version: 1.50.831.832 - NVIDIA Corporation)
Office 16 Click-to-Run Extensibility Component (HKLM\...\{90160000-008C-0000-1000-0000000FF1CE}) (Version: 16.0.17628.20110 - Microsoft Corporation) Hidden
Office 16 Click-to-Run Licensing Component (HKLM\...\{90160000-007E-0000-1000-0000000FF1CE}) (Version: 16.0.17726.20108 - Microsoft Corporation) Hidden
Proton VPN (HKLM\...\Proton VPN_is1) (Version: 3.2.10 - Proton AG)
Steam (HKLM-x32\...\Steam) (Version: 2.10.91.91 - Valve Corporation)
Teams Machine-Wide Installer (HKLM-x32\...\{731F6BAA-A986-45A4-8936-7C3AAAAA760B}) (Version: 1.6.0.24078 - Microsoft Corporation)
ThinkPad Thunderbolt 3 Dock (HKLM-x32\...\ThinkPad Thunderbolt 3 Dock_is1) (Version: 1.001.9 - Lenovo Group Limited)
Thinkpad USB Ethernet Adapter Driver (HKLM-x32\...\{04201224-2B34-4EE7-862B-B7BBF89DB3AB}) (Version: 10.39.518.2020 - Lenovo)
Uložit do služby Autodesk Web and Mobile (HKLM\...\{AC9D2EAD-0DA0-4E0B-8672-546F5B1E6E73}) (Version: 3.0.31 - Autodesk)
VLC media player (HKLM\...\VLC media player) (Version: 3.0.20 - VideoLAN)

Packages:
=========

Adobe Acrobat Reader -> C:\Program Files\Adobe\Acrobat DC [2024-03-12] ()
AppUp.IntelGraphicsExperience -> C:\Program Files\WindowsApps\AppUp.IntelGraphicsExperience_1.100.5536.0_x64__8j3eq9eme6ctt [2024-06-14] (INTEL CORP) [Startup Task]
Fotografie -> C:\Program Files\WindowsApps\Microsoft.Windows.Photos_2024.11060.20006.0_x64__8wekyb3d8bbwe [2024-06-28] (Microsoft Corporation) [Startup Task]
Microsoft Teams -> C:\Program Files\WindowsApps\MSTeams_24152.415.2975.367_x64__8wekyb3d8bbwe [2024-07-07] (Microsoft) [Startup Task]
Microsoft.BingSearch -> C:\Program Files\WindowsApps\Microsoft.BingSearch_1.0.91.0_x64__8wekyb3d8bbwe [2024-04-10] (Microsoft Corporation)
MicrosoftWindows.CrossDevice -> C:\Program Files\WindowsApps\MicrosoftWindows.CrossDevice_1.24052.57.0_x64__cw5n1h2txyewy [2024-06-18] (Microsoft Windows) [Startup Task]
MSI Center -> C:\Program Files\WindowsApps\9426MICRO-STARINTERNATION.MSICenter_2.0.38.0_x64__kzh8wxbdkxb8p [2024-06-30] (MICRO-STAR INTERNATIONAL CO., LTD) [Startup Task]
MSI Common -> C:\Program Files\WindowsApps\9426MICRO-STARINTERNATION.MSICommon_1.1.5.0_x64__kzh8wxbdkxb8p [2024-03-28] (MICRO-STAR INTERNATIONAL CO., LTD)
Netflix -> C:\Program Files\WindowsApps\4DF9E0F8.Netflix_6.99.5.0_x64__mcm4njqhnhss8 [2024-06-20] (Netflix, Inc.)
NVIDIA Control Panel -> C:\Program Files\WindowsApps\NVIDIACorp.NVIDIAControlPanel_8.1.966.0_x64__56jybvy8sckqj [2024-04-23] (NVIDIA Corp.)
Realtek Audio Control -> C:\Program Files\WindowsApps\RealtekSemiconductorCorp.RealtekAudioControl_1.51.327.0_x64__dt26b99r8h8gj [2024-05-16] (Realtek Semiconductor Corp)
WinAppRuntime.Main.1.5 -> C:\Program Files\WindowsApps\MicrosoftCorporationII.WinAppRuntime.Main.1.5_5001.159.55.0_x64__8wekyb3d8bbwe [2024-06-12] (Microsoft Corp.)
WinAppRuntime.Singleton -> C:\Program Files\WindowsApps\MicrosoftCorporationII.WinAppRuntime.Singleton_5001.159.55.0_x64__8wekyb3d8bbwe [2024-06-12] (Microsoft Corp.)
Windows Feature Experience Pack -> C:\Windows\SystemApps\MicrosoftWindows.Client.LKG_cw5n1h2txyewy [2024-06-14] (Microsoft Windows)

==================== Custom CLSID (Whitelisted): ==============

(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)

CustomCLSID: HKU\S-1-5-21-2758214187-3853810005-2688088550-1001_Classes\CLSID\{000D0E00-0000-0000-C000-000000000046}\localserver32 -> D:\CADKON\2024\ICAD.EXE (GRAITEC INNOVATION SAS -> Graitec)
CustomCLSID: HKU\S-1-5-21-2758214187-3853810005-2688088550-1001_Classes\CLSID\{19A6E644-14E6-4A60-B8D7-DD20610A871D}\InprocServer32 -> C:\Users\sern\AppData\Local\Microsoft\TeamsMeetingAdd-in\1.24.14501\x64\Microsoft.Teams.AddinLoader.dll (Microsoft Corporation -> Microsoft Corporation)
CustomCLSID: HKU\S-1-5-21-2758214187-3853810005-2688088550-1001_Classes\CLSID\{314AC707-0C11-4B4C-8CB1-564B3EE6BE5F}\localserver32 -> D:\CADKON\2024\ICAD.EXE (GRAITEC INNOVATION SAS -> Graitec)
CustomCLSID: HKU\S-1-5-21-2758214187-3853810005-2688088550-1001_Classes\CLSID\{345D3165-3889-4694-AB75-A91A27B217E8}\localserver32 -> C:\Program Files\Autodesk\AutoCAD LT 2024\acadlt.exe => No File
CustomCLSID: HKU\S-1-5-21-2758214187-3853810005-2688088550-1001_Classes\CLSID\{38142727-3008-9161-1521-349515000000}\localserver32 -> "C:\Program Files\Adobe\Acrobat DC\Acrobat\ADNotificationManager.exe" -ToastActivated => No File
CustomCLSID: HKU\S-1-5-21-2758214187-3853810005-2688088550-1001_Classes\CLSID\{50726f74-6f6e-2e56-504e-000000000000}\localserver32 -> C:\Program Files\Proton\VPN\v3.2.10\ProtonVPN.exe (Proton AG -> )
CustomCLSID: HKU\S-1-5-21-2758214187-3853810005-2688088550-1001_Classes\CLSID\{74F5CC00-49A9-11CF-A2F9-444553540000}\InprocServer32 -> C:\Program Files\Autodesk\AutoCAD LT 2024\cs-CZ\acadltficn.dll => No File
CustomCLSID: HKU\S-1-5-21-2758214187-3853810005-2688088550-1001_Classes\CLSID\{d1b22d3d-8585-53a6-acb3-0e803c7e8d2a}\localserver32 -> C:\Users\sern\AppData\Local\Microsoft\Teams\current\Teams.exe (Microsoft Corporation -> Microsoft Corporation)
ShellIconOverlayIdentifiers: [ OneDrive1] -> {BBACC218-34EA-4666-9D7A-C78F2274A524} => C:\Program Files\Microsoft OneDrive\24.116.0609.0005\FileSyncShell64.dll [2024-06-30] (Microsoft Corporation -> Microsoft Corporation)
ShellIconOverlayIdentifiers: [ OneDrive2] -> {5AB7172C-9C11-405C-8DD5-AF20F3606282} => C:\Program Files\Microsoft OneDrive\24.116.0609.0005\FileSyncShell64.dll [2024-06-30] (Microsoft Corporation -> Microsoft Corporation)
ShellIconOverlayIdentifiers: [ OneDrive3] -> {A78ED123-AB77-406B-9962-2A5D9D2F7F30} => C:\Program Files\Microsoft OneDrive\24.116.0609.0005\FileSyncShell64.dll [2024-06-30] (Microsoft Corporation -> Microsoft Corporation)
ShellIconOverlayIdentifiers: [ OneDrive4] -> {F241C880-6982-4CE5-8CF7-7085BA96DA5A} => C:\Program Files\Microsoft OneDrive\24.116.0609.0005\FileSyncShell64.dll [2024-06-30] (Microsoft Corporation -> Microsoft Corporation)
ShellIconOverlayIdentifiers: [ OneDrive5] -> {A0396A93-DC06-4AEF-BEE9-95FFCCAEF20E} => C:\Program Files\Microsoft OneDrive\24.116.0609.0005\FileSyncShell64.dll [2024-06-30] (Microsoft Corporation -> Microsoft Corporation)
ShellIconOverlayIdentifiers: [ OneDrive6] -> {9AA2F32D-362A-42D9-9328-24A483E2CCC3} => C:\Program Files\Microsoft OneDrive\24.116.0609.0005\FileSyncShell64.dll [2024-06-30] (Microsoft Corporation -> Microsoft Corporation)
ShellIconOverlayIdentifiers: [ OneDrive7] -> {C5FF006E-2AE9-408C-B85B-2DFDD5449D9C} => C:\Program Files\Microsoft OneDrive\24.116.0609.0005\FileSyncShell64.dll [2024-06-30] (Microsoft Corporation -> Microsoft Corporation)
ShellIconOverlayIdentifiers: [ GoogleDriveCloudOverlayIconHandler] -> {A8E52322-8734-481D-A7E2-27B309EF8D56} => C:\Program Files\Google\Drive File Stream\93.0.1.0\drivefsext.dll [2024-07-08] (Google LLC -> Google, Inc.)
ShellIconOverlayIdentifiers: [ GoogleDriveMirrorBlacklistedOverlayIconHandler] -> {51EF1569-67EE-4AD6-9646-E726C3FFC8A2} => C:\Program Files\Google\Drive File Stream\93.0.1.0\drivefsext.dll [2024-07-08] (Google LLC -> Google, Inc.)
ShellIconOverlayIdentifiers: [ GoogleDrivePinnedOverlayIconHandler] -> {CFE8B367-77A7-41D7-9C90-75D16D7DC6B6} => C:\Program Files\Google\Drive File Stream\93.0.1.0\drivefsext.dll [2024-07-08] (Google LLC -> Google, Inc.)
ShellIconOverlayIdentifiers: [ GoogleDriveProgressOverlayIconHandler] -> {C973DA94-CBDF-4E77-81D1-E5B794FBD146} => C:\Program Files\Google\Drive File Stream\93.0.1.0\drivefsext.dll [2024-07-08] (Google LLC -> Google, Inc.)
ShellIconOverlayIdentifiers-x32: [ OneDrive1] -> {BBACC218-34EA-4666-9D7A-C78F2274A524} => C:\Program Files\Microsoft OneDrive\24.116.0609.0005\FileSyncShell64.dll [2024-06-30] (Microsoft Corporation -> Microsoft Corporation)
ShellIconOverlayIdentifiers-x32: [ OneDrive2] -> {5AB7172C-9C11-405C-8DD5-AF20F3606282} => C:\Program Files\Microsoft OneDrive\24.116.0609.0005\FileSyncShell64.dll [2024-06-30] (Microsoft Corporation -> Microsoft Corporation)
ShellIconOverlayIdentifiers-x32: [ OneDrive3] -> {A78ED123-AB77-406B-9962-2A5D9D2F7F30} => C:\Program Files\Microsoft OneDrive\24.116.0609.0005\FileSyncShell64.dll [2024-06-30] (Microsoft Corporation -> Microsoft Corporation)
ShellIconOverlayIdentifiers-x32: [ OneDrive4] -> {F241C880-6982-4CE5-8CF7-7085BA96DA5A} => C:\Program Files\Microsoft OneDrive\24.116.0609.0005\FileSyncShell64.dll [2024-06-30] (Microsoft Corporation -> Microsoft Corporation)
ShellIconOverlayIdentifiers-x32: [ OneDrive5] -> {A0396A93-DC06-4AEF-BEE9-95FFCCAEF20E} => C:\Program Files\Microsoft OneDrive\24.116.0609.0005\FileSyncShell64.dll [2024-06-30] (Microsoft Corporation -> Microsoft Corporation)
ShellIconOverlayIdentifiers-x32: [ OneDrive6] -> {9AA2F32D-362A-42D9-9328-24A483E2CCC3} => C:\Program Files\Microsoft OneDrive\24.116.0609.0005\FileSyncShell64.dll [2024-06-30] (Microsoft Corporation -> Microsoft Corporation)
ShellIconOverlayIdentifiers-x32: [ OneDrive7] -> {C5FF006E-2AE9-408C-B85B-2DFDD5449D9C} => C:\Program Files\Microsoft OneDrive\24.116.0609.0005\FileSyncShell64.dll [2024-06-30] (Microsoft Corporation -> Microsoft Corporation)
ContextMenuHandlers1: [ FileSyncEx] -> {CB3D0F55-BC2C-4C1A-85ED-23ED75B5106B} => C:\Program Files\Microsoft OneDrive\24.116.0609.0005\FileSyncShell64.dll [2024-06-30] (Microsoft Corporation -> Microsoft Corporation)
ContextMenuHandlers1: [DriveFS 28 or later] -> {EE15C2BD-CECB-49F8-A113-CA1BFC528F5B} => C:\Program Files\Google\Drive File Stream\93.0.1.0\drivefsext.dll [2024-07-08] (Google LLC -> Google, Inc.)
ContextMenuHandlers4: [ FileSyncEx] -> {CB3D0F55-BC2C-4C1A-85ED-23ED75B5106B} => C:\Program Files\Microsoft OneDrive\24.116.0609.0005\FileSyncShell64.dll [2024-06-30] (Microsoft Corporation -> Microsoft Corporation)
ContextMenuHandlers4: [DriveFS 28 or later] -> {EE15C2BD-CECB-49F8-A113-CA1BFC528F5B} => C:\Program Files\Google\Drive File Stream\93.0.1.0\drivefsext.dll [2024-07-08] (Google LLC -> Google, Inc.)
ContextMenuHandlers5: [ FileSyncEx] -> {CB3D0F55-BC2C-4C1A-85ED-23ED75B5106B} => C:\Program Files\Microsoft OneDrive\24.116.0609.0005\FileSyncShell64.dll [2024-06-30] (Microsoft Corporation -> Microsoft Corporation)
ContextMenuHandlers5: [DriveFS 28 or later] -> {EE15C2BD-CECB-49F8-A113-CA1BFC528F5B} => C:\Program Files\Google\Drive File Stream\93.0.1.0\drivefsext.dll [2024-07-08] (Google LLC -> Google, Inc.)
ContextMenuHandlers5: [NvCplDesktopContext] -> {3D1975AF-48C6-4f8e-A182-BE0E08FA86A9} => C:\Windows\System32\DriverStore\FileRepository\nvmiig.inf_amd64_7bbded0afca8813b\nvshext.dll [2023-11-10] (NVIDIA Corporation -> NVIDIA Corporation)

==================== Codecs (Whitelisted) ====================

==================== Shortcuts & WMI ========================

(The entries could be listed to be restored or removed.)

ShortcutWithArgument: C:\Users\sern\AppData\Roaming\Microsoft\Internet Explorer\Quick Launch\User Pinned\ImplicitAppShortcuts\69639df789022856\stepan - Chrome.lnk -> C:\Program Files\Google\Chrome\Application\chrome.exe (Google LLC) -> --profile-directory="Profile 1"

==================== Loaded Modules (Whitelisted) =============

2024-06-04 16:06 - 2024-03-14 08:59 - 000925184 _____ () [File not signed] \\?\C:\Program Files\Autodesk\AdODIS\V1\Access\ui-plugins\ada\addons\adIPC.node
2024-06-04 16:06 - 2024-04-16 06:11 - 000371712 _____ () [File not signed] \\?\C:\Program Files\Autodesk\AdODIS\V1\Access\ui-plugins\ada\addons\adpUtil.node
2023-12-07 21:27 - 2023-12-07 21:27 - 001490944 _____ () [File not signed] C:\Users\sern\AppData\Roaming\BitTorrent Web\avcodec-58.dll
2023-12-07 21:27 - 2023-12-07 21:27 - 000949248 _____ () [File not signed] C:\Users\sern\AppData\Roaming\BitTorrent Web\avformat-58.dll
2023-12-07 21:27 - 2023-12-07 21:27 - 000635392 _____ () [File not signed] C:\Users\sern\AppData\Roaming\BitTorrent Web\avutil-56.dll
2023-12-07 21:27 - 2023-12-07 21:27 - 000153088 _____ () [File not signed] C:\Users\sern\AppData\Roaming\BitTorrent Web\swresample-3.dll
2023-12-27 13:35 - 2018-06-14 13:14 - 000187392 _____ (Seiko Epson Corporation) [File not signed] C:\Windows\System32\E_YLMBSBE.DLL
2023-07-20 05:02 - 2023-07-20 05:02 - 000182784 _____ (SEIKO EPSON CORPORATION) [File not signed] C:\Windows\System32\EFXLM16A.DLL
2023-12-07 21:27 - 2023-12-07 21:27 - 002554880 _____ (The OpenSSL Project, hxxps://www.openssl.org/) [File not signed] C:\Users\sern\AppData\Roaming\BitTorrent Web\libcrypto-1_1.dll
2023-12-07 21:27 - 2023-12-07 21:27 - 000537600 _____ (The OpenSSL Project, hxxps://www.openssl.org/) [File not signed] C:\Users\sern\AppData\Roaming\BitTorrent Web\libssl-1_1.dll

==================== Alternate Data Streams (Whitelisted) ========

==================== Safe Mode (Whitelisted) ==================

==================== Association (Whitelisted) =================

(If an entry is included in the fixlist, the registry item will be restored to default or removed.)

HKLM\...\.scr: Icad.load.scr => "notepad.exe" "%1" <==== ATTENTION
HKU\S-1-5-21-2758214187-3853810005-2688088550-1001\Software\Classes\.scr: AutoCADLTScriptFile => C:\Windows\system32\notepad.exe "%1"

==================== Internet Explorer (Whitelisted) ==========

BHO: Skype for Business Browser Helper -> {31D09BA0-12F5-4CCE-BE8A-2923E76605DA} -> C:\Program Files\Microsoft Office\root\Office16\OCHelper.dll [2024-04-05] (Microsoft Corporation -> Microsoft Corporation)
BHO-x32: Skype for Business Browser Helper -> {31D09BA0-12F5-4CCE-BE8A-2923E76605DA} -> C:\Program Files\Microsoft Office\root\VFS\ProgramFilesX86\Microsoft Office\Office16\OCHelper.dll [2024-04-05] (Microsoft Corporation -> Microsoft Corporation)
Handler: mso-minsb-roaming.16 - {83C25742-A9F7-49FB-9138-434302C88D07} - C:\Program Files\Microsoft Office\root\Office16\MSOSB.DLL [2024-06-30] (Microsoft Corporation -> Microsoft Corporation)
Handler-x32: mso-minsb-roaming.16 - {83C25742-A9F7-49FB-9138-434302C88D07} - C:\Program Files\Microsoft Office\root\VFS\ProgramFilesX86\Microsoft Office\Office16\MSOSB.DLL [2024-06-30] (Microsoft Corporation -> Microsoft Corporation)
Handler: mso-minsb.16 - {42089D2D-912D-4018-9087-2B87803E93FB} - C:\Program Files\Microsoft Office\root\Office16\MSOSB.DLL [2024-06-30] (Microsoft Corporation -> Microsoft Corporation)
Handler-x32: mso-minsb.16 - {42089D2D-912D-4018-9087-2B87803E93FB} - C:\Program Files\Microsoft Office\root\VFS\ProgramFilesX86\Microsoft Office\Office16\MSOSB.DLL [2024-06-30] (Microsoft Corporation -> Microsoft Corporation)
Handler: osf-roaming.16 - {42089D2D-912D-4018-9087-2B87803E93FB} - C:\Program Files\Microsoft Office\root\Office16\MSOSB.DLL [2024-06-30] (Microsoft Corporation -> Microsoft Corporation)
Handler-x32: osf-roaming.16 - {42089D2D-912D-4018-9087-2B87803E93FB} - C:\Program Files\Microsoft Office\root\VFS\ProgramFilesX86\Microsoft Office\Office16\MSOSB.DLL [2024-06-30] (Microsoft Corporation -> Microsoft Corporation)
Handler: osf.16 - {5504BE45-A83B-4808-900A-3A5C36E7F77A} - C:\Program Files\Microsoft Office\root\Office16\MSOSB.DLL [2024-06-30] (Microsoft Corporation -> Microsoft Corporation)
Handler-x32: osf.16 - {5504BE45-A83B-4808-900A-3A5C36E7F77A} - C:\Program Files\Microsoft Office\root\VFS\ProgramFilesX86\Microsoft Office\Office16\MSOSB.DLL [2024-06-30] (Microsoft Corporation -> Microsoft Corporation)

==================== Hosts content: =========================

(If needed Hosts: directive could be included in the fixlist to reset Hosts.)

2022-05-07 07:24 - 2024-01-30 14:55 - 000003301 _____ C:\Windows\system32\drivers\etc\hosts
109.94.209.70 *.fitgirl-repacks.xyz # Fake FitGirl site
109.94.209.70 fitgirlpack.site # Fake FitGirl site
109.94.209.70 fitgirlrepacks.in # Fake FitGirl site
109.94.209.70 www.fitgirlrepacks.in # Fake FitGirl site
109.94.209.70 fitgirlrepacks.co # Fake FitGirl site
109.94.209.70 fitgirl-repacks.cc # Fake FitGirl site
109.94.209.70 fitgirl-repacks.to # Fake FitGirl site
109.94.209.70 fitgirl-repack.com # Fake FitGirl site
109.94.209.70 fitgirl-repacks.website # Fake FitGirl site
109.94.209.70 www.fitgirlrepacks.co # Fake FitGirl site
109.94.209.70 www.fitgirl-repacks.cc # Fake FitGirl site
109.94.209.70 www.fitgirl-repacks.to # Fake FitGirl site
109.94.209.70 www.fitgirl-repack.com # Fake FitGirl site
109.94.209.70 www.fitgirl-repacks.website # Fake FitGirl site
109.94.209.70 ww9.fitgirl-repacks.xyz # Fake FitGirl site
109.94.209.70 *.fitgirl-repacks.xyz # Fake FitGirl site
109.94.209.70 fitgirl-repacks.xyz # Fake FitGirl site
109.94.209.70 fitgirl-repack.net # Fake FitGirl site
109.94.209.70 www.fitgirl-repack.net # Fake FitGirl site
127.0.0.1 checkhost.local
109.94.209.70 www.fitgirlpack.site # Fake FitGirl site
109.94.209.70 fitgirl-repack.org # Fake FitGirl site
109.94.209.70 www.fitgirl-repack.org # Fake FitGirl site
109.94.209.70 fitgirlrepacks.pro # Fake FitGirl site
109.94.209.70 www.fitgirlrepacks.pro # Fake FitGirl site
109.94.209.70 fitgirlrepack.games # Fake FitGirl site
109.94.209.70 www.fitgirlrepack.games # Fake FitGirl site
109.94.209.70 fitgirl-repacks-site.org # Fake FitGirl site
109.94.209.70 www.fitgirl-repacks-site.org # Fake FitGirl site
109.94.209.70 fitgirls-repacks.com # Fake FitGirl site

2024-05-23 22:51 - 2024-05-23 23:13 - 000000500 _____ C:\Windows\system32\drivers\etc\hosts.ics

==================== Other Areas ===========================

(Currently there is no automatic fix for this section.)

HKU\S-1-5-21-2758214187-3853810005-2688088550-1001\Control Panel\Desktop\\Wallpaper -> c:\windows\web\wallpaper\windows\img0.jpg
DNS Servers: 192.168.0.1
HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Policies\System => (ConsentPromptBehaviorAdmin: 5) (ConsentPromptBehaviorUser: 3) (EnableLUA: 1)
Windows Firewall is enabled.

==================== MSCONFIG/TASK MANAGER disabled items ==

==================== FirewallRules (Whitelisted) ================

(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)

FirewallRules: [{86229055-6BF1-4C6A-A7E8-06022E37ABAB}] => (Allow) D:\Program Files (x86)\Steam\Steam.exe (Valve Corp. -> Valve Corporation)
FirewallRules: [{6C037B84-4FD4-49EA-B5A5-8C2B3C091154}] => (Allow) D:\Program Files (x86)\Steam\Steam.exe (Valve Corp. -> Valve Corporation)
FirewallRules: [{06D5E82A-3F88-4A0E-AEA9-9D420C108C6C}] => (Allow) D:\Program Files (x86)\Steam\bin\cef\cef.win7x64\steamwebhelper.exe (Valve Corp. -> Valve Corporation)
FirewallRules: [{64EC9E69-40BE-4F1B-B704-AF94284959C2}] => (Allow) D:\Program Files (x86)\Steam\bin\cef\cef.win7x64\steamwebhelper.exe (Valve Corp. -> Valve Corporation)
FirewallRules: [{9FF4E215-7BE7-4B3B-A49F-2E79BF1EF400}] => (Allow) C:\Program Files\Microsoft Office\root\Office16\Lync.exe (Microsoft Corporation -> Microsoft Corporation)
FirewallRules: [{27A4B1F0-67FD-4A18-8976-4C99496C96EE}] => (Allow) C:\Program Files\Microsoft Office\root\Office16\UcMapi.exe (Microsoft Corporation -> Microsoft Corporation)
FirewallRules: [{4DB6F32F-67D8-470B-B9FA-42CD1026AA75}] => (Allow) D:\Program Files (x86)\Steam\steamapps\common\Starfield\Starfield.exe (Bethesda Softworks LLC -> Bethesda Softworks)
FirewallRules: [{E59B62F9-A6EE-410F-A6A0-2E3A4840261C}] => (Allow) D:\Program Files (x86)\Steam\steamapps\common\Starfield\Starfield.exe (Bethesda Softworks LLC -> Bethesda Softworks)
FirewallRules: [{6CE6151E-9A91-40F3-B4D6-8ECCBBA24025}] => (Allow) C:\Program Files\NVIDIA Corporation\NvContainer\nvcontainer.exe (NVIDIA Corporation -> NVIDIA Corporation)
FirewallRules: [{28D2F35F-E4C8-41A2-A345-47F48FAC1258}] => (Allow) C:\Program Files\NVIDIA Corporation\NvContainer\nvcontainer.exe (NVIDIA Corporation -> NVIDIA Corporation)
FirewallRules: [TCP Query User{8097781A-072D-452B-9B39-BDBB53D65E1F}E:\steamlibrary\steamapps\common\baldurs gate 3\bin\bg3_dx11.exe] => (Allow) E:\steamlibrary\steamapps\common\baldurs gate 3\bin\bg3_dx11.exe (Larian Studios Games Ltd. -> )
FirewallRules: [UDP Query User{642E0FE9-C62B-481C-A9E2-D6C0C50BD165}E:\steamlibrary\steamapps\common\baldurs gate 3\bin\bg3_dx11.exe] => (Allow) E:\steamlibrary\steamapps\common\baldurs gate 3\bin\bg3_dx11.exe (Larian Studios Games Ltd. -> )
FirewallRules: [TCP Query User{27BBEA0B-9867-49F6-ABDE-2B584AB01909}D:\stažené soubory\anydesk.exe] => (Allow) D:\stažené soubory\anydesk.exe (philandro Software GmbH -> AnyDesk Software GmbH)
FirewallRules: [UDP Query User{C3214CD8-ACA8-49B6-B16A-2AE196941145}D:\stažené soubory\anydesk.exe] => (Allow) D:\stažené soubory\anydesk.exe (philandro Software GmbH -> AnyDesk Software GmbH)
FirewallRules: [TCP Query User{AFCEDC8A-ED57-40DF-A3EA-DAD5A122FBF6}E:\steamlibrary\steamapps\common\baldurs gate 3\bin\bg3_dx11.exe] => (Allow) E:\steamlibrary\steamapps\common\baldurs gate 3\bin\bg3_dx11.exe (Larian Studios Games Ltd. -> )
FirewallRules: [UDP Query User{D23C6C83-183B-44A1-A62E-892D959F6B1E}E:\steamlibrary\steamapps\common\baldurs gate 3\bin\bg3_dx11.exe] => (Allow) E:\steamlibrary\steamapps\common\baldurs gate 3\bin\bg3_dx11.exe (Larian Studios Games Ltd. -> )
FirewallRules: [{742DAE49-A7F6-4638-A188-753263FED5E5}] => (Allow) C:\Program Files (x86)\EPSON Software\Event Manager\EEventManager.exe => No File
FirewallRules: [{A10C0A4D-8FCD-4941-A4D3-3BFA6DE29D2C}] => (Allow) C:\Program Files (x86)\EPSON Software\Event Manager\EEventManager.exe => No File
FirewallRules: [{0252E50E-5353-4FA9-87CE-46C8E98EFA8E}] => (Allow) C:\Users\sern\AppData\Local\Temp\WF-7710\Network\EpsonNetSetup\ENEasyApp.exe => No File
FirewallRules: [{B5305FAD-B6A0-4905-AE82-D66F42D96DB7}] => (Allow) C:\Users\sern\AppData\Local\Temp\WF-7710\Network\EpsonNetSetup\ENEasyApp.exe => No File
FirewallRules: [{A6247405-DF49-4A2B-9CBD-6157CEBAA7EC}] => (Allow) C:\Users\sern\AppData\Roaming\BitTorrent Web\btweb.exe (BitTorrent Inc -> BitTorrent Limited)
FirewallRules: [{4F229F85-7228-4D8B-894A-6DF7D2EBF609}] => (Allow) C:\Users\sern\AppData\Roaming\BitTorrent Web\btweb.exe (BitTorrent Inc -> BitTorrent Limited)
FirewallRules: [TCP Query User{7441A1AB-FE05-42B7-9AA1-EA8E3CA867EF}E:\steamlibrary\steamapps\common\total war rome ii\rome2.exe] => (Allow) E:\steamlibrary\steamapps\common\total war rome ii\rome2.exe (The Creative Assembly Ltd) [File not signed]
FirewallRules: [UDP Query User{2D1C3749-71CB-4FAE-94C8-E8B5EC55AD1D}E:\steamlibrary\steamapps\common\total war rome ii\rome2.exe] => (Allow) E:\steamlibrary\steamapps\common\total war rome ii\rome2.exe (The Creative Assembly Ltd) [File not signed]
FirewallRules: [{55D28337-DC89-4351-B0DB-233DF840ED80}] => (Allow) D:\Program Files (x86)\Steam\steamapps\common\Valheim\valheim.exe () [File not signed]
FirewallRules: [{26858632-D7E4-4B5F-B22E-3C5453FADDAF}] => (Allow) D:\Program Files (x86)\Steam\steamapps\common\Valheim\valheim.exe () [File not signed]
FirewallRules: [TCP Query User{436BD932-537B-49F0-B42E-C1A0C8ADC256}D:\games\warcraft iii - reforged\_retail_\x86_64\warcraft iii.exe] => (Allow) D:\games\warcraft iii - reforged\_retail_\x86_64\warcraft iii.exe => No File
FirewallRules: [UDP Query User{D43692EA-3BBA-4259-965A-5408EB151AB9}D:\games\warcraft iii - reforged\_retail_\x86_64\warcraft iii.exe] => (Allow) D:\games\warcraft iii - reforged\_retail_\x86_64\warcraft iii.exe => No File
FirewallRules: [TCP Query User{5843DE96-AA63-41EF-AA6C-FF712239BF03}E:\steamlibrary\steamapps\common\baldurs gate 3\bin\bg3.exe] => (Allow) E:\steamlibrary\steamapps\common\baldurs gate 3\bin\bg3.exe (Larian Studios Games Ltd. -> )
FirewallRules: [UDP Query User{0BE7A8C3-9411-4A40-8CE5-1D9F068285D9}E:\steamlibrary\steamapps\common\baldurs gate 3\bin\bg3.exe] => (Allow) E:\steamlibrary\steamapps\common\baldurs gate 3\bin\bg3.exe (Larian Studios Games Ltd. -> )
FirewallRules: [{C541978B-C5C2-4259-889F-13E15AC62D67}] => (Allow) D:\Program Files (x86)\Steam\steamapps\common\Citizen Sleeper\Citizen Sleeper.exe () [File not signed]
FirewallRules: [{DFC3CE84-2D4D-42CF-AFC6-EC9C398EE526}] => (Allow) D:\Program Files (x86)\Steam\steamapps\common\Citizen Sleeper\Citizen Sleeper.exe () [File not signed]
FirewallRules: [{0675EFC3-F184-4C16-BFBD-6FC6DEFCEC13}] => (Allow) D:\IQRC_Zbozinek\IQRC_Zbozinek\iqrc.exe (Amicus) [File not signed]
FirewallRules: [{8F5141F0-E356-4C3F-975C-5638CF0699B6}] => (Allow) D:\IQRC_Zbozinek\IQRC_Zbozinek\iqrc.exe (Amicus) [File not signed]
FirewallRules: [{58A43AF5-B85B-421A-AECE-52CBB95C5205}] => (Allow) D:\IQRC_Zbozinek\IQRC_Zbozinek\iqrc.exe (Amicus) [File not signed]
FirewallRules: [{C73E5024-1B65-4B59-B813-37F6B483CA92}] => (Allow) D:\IQRC_Zbozinek\IQRC_Zbozinek\iqrc.exe (Amicus) [File not signed]
FirewallRules: [{1346CB28-0DA8-40DC-A4D2-AE6B7C4A912F}] => (Allow) D:\Program Files (x86)\Steam\steamapps\common\Thronefall\Thronefall.exe () [File not signed]
FirewallRules: [{7D7C41DD-9882-4ACA-8D1B-698E677B537C}] => (Allow) D:\Program Files (x86)\Steam\steamapps\common\Thronefall\Thronefall.exe () [File not signed]
FirewallRules: [TCP Query User{7CA5800E-D80D-430A-8E5B-738C0305F0D0}C:\users\sern\appdata\local\microsoft\teams\current\teams.exe] => (Allow) C:\users\sern\appdata\local\microsoft\teams\current\teams.exe (Microsoft Corporation -> Microsoft Corporation)
FirewallRules: [UDP Query User{C5BFA08A-A9CE-4BF0-8D18-2FD250E4EA28}C:\users\sern\appdata\local\microsoft\teams\current\teams.exe] => (Allow) C:\users\sern\appdata\local\microsoft\teams\current\teams.exe (Microsoft Corporation -> Microsoft Corporation)
FirewallRules: [TCP Query User{8988576A-391D-4F64-BF26-8AAE0E3F17DD}C:\users\sern\appdata\roaming\bittorrent web\btweb.exe] => (Allow) C:\users\sern\appdata\roaming\bittorrent web\btweb.exe (BitTorrent Inc -> BitTorrent Limited)
FirewallRules: [UDP Query User{6A9F2625-1FF6-42C4-A434-619DD01EFE33}C:\users\sern\appdata\roaming\bittorrent web\btweb.exe] => (Allow) C:\users\sern\appdata\roaming\bittorrent web\btweb.exe (BitTorrent Inc -> BitTorrent Limited)
FirewallRules: [TCP Query User{9BA8CE6C-7F7D-46CD-9AF0-214BCDD3C5B6}C:\users\sern\appdata\local\microsoft\teams\current\teams.exe] => (Allow) C:\users\sern\appdata\local\microsoft\teams\current\teams.exe (Microsoft Corporation -> Microsoft Corporation)
FirewallRules: [UDP Query User{24254EFA-CADB-433D-8EB1-81055975A7BF}C:\users\sern\appdata\local\microsoft\teams\current\teams.exe] => (Allow) C:\users\sern\appdata\local\microsoft\teams\current\teams.exe (Microsoft Corporation -> Microsoft Corporation)
FirewallRules: [{B5C4FE50-1F3D-4477-9632-07D72BF3E6CB}] => (Allow) C:\Program Files\TeamViewer\TeamViewer.exe (TeamViewer Germany GmbH -> TeamViewer Germany GmbH)
FirewallRules: [{E49F654B-64FB-4154-8D05-4BB811D5E5F5}] => (Allow) C:\Program Files\TeamViewer\TeamViewer.exe (TeamViewer Germany GmbH -> TeamViewer Germany GmbH)
FirewallRules: [{F37BAF61-EDBB-4358-B6BB-CC71A573DB07}] => (Allow) C:\Program Files\TeamViewer\TeamViewer_Service.exe (TeamViewer Germany GmbH -> TeamViewer Germany GmbH)
FirewallRules: [{E1797D77-6956-435D-BDFB-B5129342268B}] => (Allow) C:\Program Files\TeamViewer\TeamViewer_Service.exe (TeamViewer Germany GmbH -> TeamViewer Germany GmbH)
FirewallRules: [TCP Query User{3346ED86-6111-4527-955B-E29B399319EC}D:\stažené soubory\anydesk (1).exe] => (Allow) D:\stažené soubory\anydesk (1).exe (AnyDesk Software GmbH -> AnyDesk Software GmbH)
FirewallRules: [UDP Query User{BA4FE2C5-9FED-4A25-8453-FE485C7B6DA7}D:\stažené soubory\anydesk (1).exe] => (Allow) D:\stažené soubory\anydesk (1).exe (AnyDesk Software GmbH -> AnyDesk Software GmbH)
FirewallRules: [TCP Query User{F6D11E63-836D-498A-BA41-C801333EEDD7}D:\stažené soubory\anydesk.exe] => (Allow) D:\stažené soubory\anydesk.exe (philandro Software GmbH -> AnyDesk Software GmbH)
FirewallRules: [UDP Query User{B393D556-B760-42EB-8547-165DF5509A70}D:\stažené soubory\anydesk.exe] => (Allow) D:\stažené soubory\anydesk.exe (philandro Software GmbH -> AnyDesk Software GmbH)
FirewallRules: [{878C7FEC-DAE4-4BD1-BB3C-1676DABFBAD9}] => (Allow) D:\Program Files\TeamViewer\TeamViewer.exe => No File
FirewallRules: [{D6D1FCBB-174B-4ABB-BA58-60C7A5C0DF01}] => (Allow) D:\Program Files\TeamViewer\TeamViewer.exe => No File
FirewallRules: [{DC8D3284-97D6-4F4A-A750-AD4C73BAF6C1}] => (Allow) D:\Program Files\TeamViewer\TeamViewer_Service.exe => No File
FirewallRules: [{9DB5B99B-90BC-47BE-B523-F23456D38A77}] => (Allow) D:\Program Files\TeamViewer\TeamViewer_Service.exe => No File
FirewallRules: [{A477061F-B61C-470E-B752-697BD99798F7}] => (Allow) C:\Program Files\Microsoft Office\root\Office16\Lync.exe (Microsoft Corporation -> Microsoft Corporation)
FirewallRules: [{59767377-9CA0-41C4-9D60-5D9676C91D05}] => (Allow) C:\Program Files\Microsoft Office\root\Office16\UcMapi.exe (Microsoft Corporation -> Microsoft Corporation)
FirewallRules: [{8948E1F8-DF4C-4283-85ED-F046C4EB40ED}] => (Allow) D:\Program Files (x86)\AnyDesk\AnyDesk.exe => No File
FirewallRules: [{4099657F-91ED-4D37-9F8E-804B89EDAD9A}] => (Allow) D:\Program Files (x86)\AnyDesk\AnyDesk.exe => No File
FirewallRules: [{588D5FDB-5252-4CDF-93AC-F6B1C7CA2A7B}] => (Allow) D:\Program Files (x86)\AnyDesk\AnyDesk.exe => No File
FirewallRules: [{9E6E852A-3ED0-4337-90AC-E2A2B16825FE}] => (Allow) D:\Program Files (x86)\AnyDesk\AnyDesk.exe => No File
FirewallRules: [{3A60AE09-48BC-4324-B8D5-E93F926EF8EB}] => (Allow) D:\Program Files (x86)\AnyDesk\AnyDesk.exe => No File
FirewallRules: [{A90CB048-749E-4556-A4D0-0ACCDCA0391A}] => (Allow) D:\Program Files (x86)\AnyDesk\AnyDesk.exe => No File
FirewallRules: [{B6760911-CEDC-4EA1-8E38-929DEF0CC122}] => (Allow) C:\Program Files\Google\Chrome\Application\chrome.exe (Google LLC -> Google LLC)
FirewallRules: [{6156591F-C198-47CD-A43B-C7D13120C824}] => (Allow) C:\Program Files\Microsoft Office\root\Office16\outlook.exe (Microsoft Corporation -> Microsoft Corporation)
FirewallRules: [{B280FD17-8A7F-4095-9F62-12390DC4605E}] => (Allow) C:\Program Files (x86)\Microsoft\EdgeWebView\Application\126.0.2592.87\msedgewebview2.exe (Microsoft Corporation -> Microsoft Corporation)
FirewallRules: [{4ADFF502-AFCE-428A-B903-F18B5EA7F7F8}] => (Allow) C:\Program Files\WindowsApps\MSTeams_24152.415.2975.367_x64__8wekyb3d8bbwe\ms-teams.exe (Microsoft Corporation -> Microsoft Corporation)
FirewallRules: [{F7238388-B972-4FEC-A331-4FEAAC1B90BF}] => (Allow) C:\Program Files\WindowsApps\MSTeams_24152.415.2975.367_x64__8wekyb3d8bbwe\ms-teams.exe (Microsoft Corporation -> Microsoft Corporation)
FirewallRules: [{E1EFC77B-16C1-4F4C-9144-AFE298C6A496}] => (Allow) C:\Program Files\NVIDIA Corporation\NvContainer\nvcontainer.exe (NVIDIA Corporation -> NVIDIA Corporation)
FirewallRules: [{0CC8A98E-2C63-45FD-B471-FD5E649FD741}] => (Allow) C:\Program Files\NVIDIA Corporation\NvContainer\nvcontainer.exe (NVIDIA Corporation -> NVIDIA Corporation)
FirewallRules: [{531FA4BD-C702-40F3-A135-4FECB49A86A2}] => (Allow) C:\Program Files\NVIDIA Corporation\NvStreamSrv\nvstreamer.exe (NVIDIA Corporation -> NVIDIA Corporation)
FirewallRules: [{2C9F81B0-C997-47A8-86F9-17C4B647685F}] => (Allow) C:\Program Files\NVIDIA Corporation\NvStreamSrv\nvstreamer.exe (NVIDIA Corporation -> NVIDIA Corporation)
FirewallRules: [{51579FF6-5859-4518-BD98-AD9D6767B4E9}] => (Allow) LPort=32683
FirewallRules: [{EB91FAAF-6F8B-4738-9424-6FD6802F18F3}] => (Allow) LPort=33683
FirewallRules: [{737A1832-A561-46DD-BE47-5D44AA0C15A9}] => (Allow) LPort=26822

==================== Restore Points =========================

ATTENTION: System Restore is disabled (Total:96.8 GB) (Free:5.9 GB) (6%)

==================== Faulty Device Manager Devices ============


==================== Event log errors: ========================

Application errors:
==================
Error: (07/07/2024 09:35:14 PM) (Source: Application Error) (EventID: 1000) (User: KATANA)
Description: Název chybující aplikace: OneDC_Updater.exe, verze: 2.0.2211.3001, časové razítko: 0x656832f7
Název chybujícího modulu: KERNELBASE.dll, verze: 10.0.22621.3733, časové razítko: 0x44653e19
Kód výjimky: 0xc000041d
Posun chyby: 0x000000000005f39c
ID chybujícího procesu: 0x0x33d0
Čas spuštění chybující aplikace: 0x0x1dad0a4c4c57d5c
Cesta k chybující aplikaci: C:\Users\sern\OneDrive\Dokumenty\temp\OneDC_Updater\OneDC_Updater.exe
Cesta k chybujícímu modulu: C:\Windows\System32\KERNELBASE.dll
ID zprávy: d94a71cd-c122-45e1-9a97-bd61c773915e
Úplný název chybujícího balíčku:
ID aplikace související s chybujícím balíčkem:

Error: (07/07/2024 09:35:09 PM) (Source: Application Error) (EventID: 1000) (User: KATANA)
Description: Název chybující aplikace: OneDC_Updater.exe, verze: 2.0.2211.3001, časové razítko: 0x656832f7
Název chybujícího modulu: KERNELBASE.dll, verze: 10.0.22621.3733, časové razítko: 0x44653e19
Kód výjimky: 0xc0020001
Posun chyby: 0x000000000005f39c
ID chybujícího procesu: 0x0x33d0
Čas spuštění chybující aplikace: 0x0x1dad0a4c4c57d5c
Cesta k chybující aplikaci: C:\Users\sern\OneDrive\Dokumenty\temp\OneDC_Updater\OneDC_Updater.exe
Cesta k chybujícímu modulu: C:\Windows\System32\KERNELBASE.dll
ID zprávy: bef24641-586a-4bdb-9f94-d4cab05b38a3
Úplný název chybujícího balíčku:
ID aplikace související s chybujícím balíčkem:

Error: (07/07/2024 04:26:44 PM) (Source: Application Hang) (EventID: 1002) (User: NT AUTHORITY)
Description: Verze 10.0.22621.3672 programu SystemSettings.exe ukončila interakci se systémem Windows a byla ukončena. Pokud chcete zjistit, zda jsou k dispozici další informace o problému, zkontrolujte historii problémů v ovládacím panelu Zabezpečení a údržba.

Error: (07/07/2024 04:22:18 PM) (Source: Microsoft-Windows-Perflib) (EventID: 1023) (User: NT AUTHORITY)
Description: Systém Windows nemůže načíst knihovnu DLL rozšiřitelných čítačů C:\Windows\system32\sysmain.dll (kód chyby Win32 126).

Error: (07/05/2024 07:59:51 AM) (Source: Application Error) (EventID: 1000) (User: KATANA)
Description: Název chybující aplikace: OneDC_Updater.exe, verze: 2.0.2211.3001, časové razítko: 0x656832f7
Název chybujícího modulu: KERNELBASE.dll, verze: 10.0.22621.3733, časové razítko: 0x44653e19
Kód výjimky: 0xc000041d
Posun chyby: 0x000000000005f39c
ID chybujícího procesu: 0x0xb28
Čas spuštění chybující aplikace: 0x0x1dacea0854ef4bd
Cesta k chybující aplikaci: C:\Users\sern\OneDrive\Dokumenty\temp\OneDC_Updater\OneDC_Updater.exe
Cesta k chybujícímu modulu: C:\Windows\System32\KERNELBASE.dll
ID zprávy: 0e712c71-1995-4a50-9f34-0250fe13a824
Úplný název chybujícího balíčku:
ID aplikace související s chybujícím balíčkem:

Error: (07/05/2024 07:59:49 AM) (Source: Application Error) (EventID: 1000) (User: KATANA)
Description: Název chybující aplikace: OneDC_Updater.exe, verze: 2.0.2211.3001, časové razítko: 0x656832f7
Název chybujícího modulu: KERNELBASE.dll, verze: 10.0.22621.3733, časové razítko: 0x44653e19
Kód výjimky: 0xc0020001
Posun chyby: 0x000000000005f39c
ID chybujícího procesu: 0x0xb28
Čas spuštění chybující aplikace: 0x0x1dacea0854ef4bd
Cesta k chybující aplikaci: C:\Users\sern\OneDrive\Dokumenty\temp\OneDC_Updater\OneDC_Updater.exe
Cesta k chybujícímu modulu: C:\Windows\System32\KERNELBASE.dll
ID zprávy: 12acbbc0-e663-4007-8b4c-625a506a2fd8
Úplný název chybujícího balíčku:
ID aplikace související s chybujícím balíčkem:

Error: (06/30/2024 07:45:52 PM) (Source: Microsoft-Windows-Perflib) (EventID: 1023) (User: NT AUTHORITY)
Description: Systém Windows nemůže načíst knihovnu DLL rozšiřitelných čítačů C:\Windows\system32\sysmain.dll (kód chyby Win32 126).

Error: (06/30/2024 07:15:21 PM) (Source: Application Error) (EventID: 1000) (User: KATANA)
Description: Název chybující aplikace: OneDC_Updater.exe, verze: 2.0.2211.3001, časové razítko: 0x656832f7
Název chybujícího modulu: KERNELBASE.dll, verze: 10.0.22621.3733, časové razítko: 0x44653e19
Kód výjimky: 0xc000041d
Posun chyby: 0x000000000005f39c
ID chybujícího procesu: 0x0x27c4
Čas spuštění chybující aplikace: 0x0x1dacb1112c09d85
Cesta k chybující aplikaci: C:\Users\sern\OneDrive\Dokumenty\temp\OneDC_Updater\OneDC_Updater.exe
Cesta k chybujícímu modulu: C:\Windows\System32\KERNELBASE.dll
ID zprávy: c7c5b711-a4b3-4a2a-99b8-3bbba4b1479d
Úplný název chybujícího balíčku:
ID aplikace související s chybujícím balíčkem:


System errors:
=============
Error: (07/08/2024 03:54:35 PM) (Source: Microsoft-Windows-NDIS) (EventID: 10317) (User: )
Description: Na miniportu Microsoft Wi-Fi Direct Virtual Adapter #2, {66e4450a-6374-4118-8edd-be0f623dcc05}, došlo k události 74.

Error: (07/07/2024 09:34:57 PM) (Source: Service Control Manager) (EventID: 7000) (User: )
Description: Služba Služba Aktualizace Google (gupdate) neuspěla při spuštění v důsledku následující chyby:
Služba neodpověděla na řídicí nebo zahajovací požadavek dostatečně včas.

Error: (07/07/2024 09:34:57 PM) (Source: Service Control Manager) (EventID: 7009) (User: )
Description: Při čekání na připojení služby Služba Aktualizace Google (gupdate) bylo dosaženo časového limitu (30000 ms).

Error: (07/07/2024 09:32:18 PM) (Source: DCOM) (EventID: 10010) (User: KATANA)
Description: Server Microsoft.Windows.ContentDeliveryManager_10.0.22621.2506_neutral_neutral_cw5n1h2txyewy!App.AppXryc2qd338f5728r9gzzazav8206ba77s.mca se v daném časovém limitu neregistroval u služby DCOM.

Error: (07/07/2024 08:31:01 PM) (Source: Microsoft-Windows-NDIS) (EventID: 10317) (User: )
Description: Na miniportu Microsoft Wi-Fi Direct Virtual Adapter #2, {66e4450a-6374-4118-8edd-be0f623dcc05}, došlo k události 74.

Error: (07/07/2024 04:23:01 PM) (Source: Service Control Manager) (EventID: 7000) (User: )
Description: Služba Služba Aktualizace Google (gupdate) neuspěla při spuštění v důsledku následující chyby:
Služba neodpověděla na řídicí nebo zahajovací požadavek dostatečně včas.

Error: (07/07/2024 04:23:01 PM) (Source: Service Control Manager) (EventID: 7009) (User: )
Description: Při čekání na připojení služby Služba Aktualizace Google (gupdate) bylo dosaženo časového limitu (30000 ms).

Error: (07/07/2024 04:20:49 PM) (Source: EventLog) (EventID: 6008) (User: )
Description: Předchozí vypnutí systému (8:45:13, ‎05.‎07.‎2024) bylo neočekávané.


Windows Defender:
================
Date: 2024-07-08 16:05:47
Description:
Prohledávání Antivirová ochrana v programu Microsoft Defender bylo zastaveno před dokončením.
ID prohledávání: {B493C609-E6D6-41E7-B70C-E6AFF057986A}
Typ prohledávání: Antimalwarový program
Parametry prohledávání: Rychlé prohledávání
Uživatel: NT AUTHORITY\SYSTEM

Date: 2024-07-05 07:59:37
Description:
Prohledávání Antivirová ochrana v programu Microsoft Defender bylo zastaveno před dokončením.
ID prohledávání: {9E0BF917-7EA7-4A9A-847E-705497B13D49}
Typ prohledávání: Antimalwarový program
Parametry prohledávání: Rychlé prohledávání
Uživatel: NT AUTHORITY\SYSTEM

Date: 2024-07-04 17:00:00
Description:
Prohledávání Antivirová ochrana v programu Microsoft Defender bylo zastaveno před dokončením.
ID prohledávání: {094A6958-A4B0-400F-AC01-5E6A97E02DE6}
Typ prohledávání: Antimalwarový program
Parametry prohledávání: Rychlé prohledávání
Uživatel: NT AUTHORITY\SYSTEM

Date: 2024-07-01 15:38:17
Description:
Prohledávání Antivirová ochrana v programu Microsoft Defender bylo zastaveno před dokončením.
ID prohledávání: {CA2852C3-CD89-4659-880D-287B74AC069D}
Typ prohledávání: Antimalwarový program
Parametry prohledávání: Rychlé prohledávání
Uživatel: NT AUTHORITY\SYSTEM

Date: 2024-06-30 20:01:27
Description:
Prohledávání Antivirová ochrana v programu Microsoft Defender bylo zastaveno před dokončením.
ID prohledávání: {FB38E0AA-D808-4A33-81DB-52EA70FD7A9D}
Typ prohledávání: Antimalwarový program
Parametry prohledávání: Rychlé prohledávání
Uživatel: NT AUTHORITY\SYSTEM
Event[0]

Date: 2024-06-15 20:37:01
Description:
Funkce Ochrana v reálném čase u prohledávání Antivirová ochrana v programu Microsoft Defender zjistila chybu a došlo k jejímu selhání.
Funkce: Při přístupu
Kód chyby: 0x80004005
Popis chyby: Nespecifikovaná chyba
Důvod: Ovladač filtru přeskočil prohledávání položek a je v režimu průchodu. Příčinou může být nízký stav prostředků.

Date: 2024-01-07 04:41:23
Description:
Funkce Ochrana v reálném čase u prohledávání Antivirová ochrana v programu Microsoft Defender zjistila chybu a došlo k jejímu selhání.
Funkce: Při přístupu
Kód chyby: 0x80004005
Popis chyby: Nespecifikovaná chyba
Důvod: Ovladač filtru přeskočil prohledávání položek a je v režimu průchodu. Příčinou může být nízký stav prostředků.

Date: 2024-01-07 02:26:50
Description:
Funkce Ochrana v reálném čase u prohledávání Antivirová ochrana v programu Microsoft Defender zjistila chybu a došlo k jejímu selhání.
Funkce: Při přístupu
Kód chyby: 0x80004005
Popis chyby: Nespecifikovaná chyba
Důvod: Ovladač filtru přeskočil prohledávání položek a je v režimu průchodu. Příčinou může být nízký stav prostředků.

CodeIntegrity:
===============
Date: 2024-07-07 16:50:37
Description:
Code Integrity determined that a process (\Device\HarddiskVolume3\Program Files (x86)\Microsoft\EdgeWebView\Application\126.0.2592.87\msedgewebview2.exe) attempted to load \Device\HarddiskVolume3\Windows\System32\nvspcap64.dll that did not meet the Microsoft signing level requirements.

Date: 2024-05-02 12:45:46
Description:
Code Integrity is unable to verify the image integrity of the file \Device\HarddiskVolume3\Windows\System32\fcon.dll because the set of per-page image hashes could not be found on the system.

Date: 2024-03-30 13:40:36
Description:
Code Integrity determined that a process (\Device\HarddiskVolume3\Program Files (x86)\Microsoft\EdgeWebView\Application\123.0.2420.65\msedgewebview2.exe) attempted to load \Device\HarddiskVolume3\Windows\System32\nvspcap64.dll that did not meet the Microsoft signing level requirements.


==================== Memory info ===========================

BIOS: American Megatrends International, LLC. E1585IMS.311 09/27/2023
Motherboard: Micro-Star International Co., Ltd. MS-1585
Processor: 12th Gen Intel(R) Core(TM) i7-12650H
Percentage of memory in use: 66%
Total physical RAM: 16087.5 MB
Available physical RAM: 5452.88 MB
Total Virtual: 22604.8 MB
Available Virtual: 7557.02 MB

==================== Drives ================================

Drive c: () (Fixed) (Total:96.8 GB) (Free:5.9 GB) (Model: NVMe WD PC SN560 SDDPNQE-1T00-1032) (Protected) NTFS
Drive d: (Nový svazek) (Fixed) (Total:856.21 GB) (Free:616.47 GB) (Model: NVMe WD PC SN560 SDDPNQE-1T00-1032) (Protected) NTFS
Drive e: (ADATA SE760) (Fixed) (Total:238.46 GB) (Free:42.04 GB) (Model: ADATA SE760 SCSI Disk Device) NTFS
Drive g: (Google Drive) (Fixed) (Total:15 GB) (Free:5.61 GB) (Model: NVMe WD PC SN560 SDDPNQE-1T00-1032) FAT32

\\?\Volume{71a4a3a0-dea0-4ead-8c65-89811c074ccc}\ () (Fixed) (Total:0.74 GB) (Free:0.08 GB) NTFS
\\?\Volume{bdbcbe06-a6d5-4494-b408-f34c36c4fca8}\ () (Fixed) (Total:0.09 GB) (Free:0.07 GB) FAT32

==================== MBR & Partition Table ====================

==========================================================
Disk: 0 (Size: 953.9 GB) (Disk ID: 20694DDF)

Partition: GPT.

==========================================================
Disk: 1 (Size: 238.5 GB) (Disk ID: 3DA19019)

Partition: GPT.

==================== End of Addition.txt =======================

Re: kontrola logu

Napsal: 08 črc 2024 19:53
od Buranek
Dobrý den

Prosím o kontrolu logu

Re: kontrola logu

Napsal: 08 črc 2024 20:55
od Rudy
Zdravím!
Otevřte poznámkový blok a zkopírujte do něj:
Start

CloseProcesses:
CustomCLSID: HKU\S-1-5-21-2758214187-3853810005-2688088550-1001_Classes\CLSID\{345D3165-3889-4694-AB75-A91A27B217E8}\localserver32 -> C:\Program Files\Autodesk\AutoCAD LT 2024\acadlt.exe => No File
CustomCLSID: HKU\S-1-5-21-2758214187-3853810005-2688088550-1001_Classes\CLSID\{38142727-3008-9161-1521-349515000000}\localserver32 -> "C:\Program Files\Adobe\Acrobat DC\Acrobat\ADNotificationManager.exe" -ToastActivated => No File
CustomCLSID: HKU\S-1-5-21-2758214187-3853810005-2688088550-1001_Classes\CLSID\{74F5CC00-49A9-11CF-A2F9-444553540000}\InprocServer32 -> C:\Program Files\Autodesk\AutoCAD LT 2024\cs-CZ\acadltficn.dll => No File
HKLM\...\.scr: Icad.load.scr => "notepad.exe" "%1" <==== ATTENTION
FirewallRules: [{742DAE49-A7F6-4638-A188-753263FED5E5}] => (Allow) C:\Program Files (x86)\EPSON Software\Event Manager\EEventManager.exe => No File
FirewallRules: [{A10C0A4D-8FCD-4941-A4D3-3BFA6DE29D2C}] => (Allow) C:\Program Files (x86)\EPSON Software\Event Manager\EEventManager.exe => No File
FirewallRules: [{0252E50E-5353-4FA9-87CE-46C8E98EFA8E}] => (Allow) C:\Users\sern\AppData\Local\Temp\WF-7710\Network\EpsonNetSetup\ENEasyApp.exe => No File
FirewallRules: [{B5305FAD-B6A0-4905-AE82-D66F42D96DB7}] => (Allow) C:\Users\sern\AppData\Local\Temp\WF-7710\Network\EpsonNetSetup\ENEasyApp.exe => No File
FirewallRules: [TCP Query User{436BD932-537B-49F0-B42E-C1A0C8ADC256}D:\games\warcraft iii - reforged\_retail_\x86_64\warcraft iii.exe] => (Allow) D:\games\warcraft iii - reforged\_retail_\x86_64\warcraft iii.exe => No File
FirewallRules: [UDP Query User{D43692EA-3BBA-4259-965A-5408EB151AB9}D:\games\warcraft iii - reforged\_retail_\x86_64\warcraft iii.exe] => (Allow) D:\games\warcraft iii - reforged\_retail_\x86_64\warcraft iii.exe => No File
FirewallRules: [{878C7FEC-DAE4-4BD1-BB3C-1676DABFBAD9}] => (Allow) D:\Program Files\TeamViewer\TeamViewer.exe => No File
FirewallRules: [{D6D1FCBB-174B-4ABB-BA58-60C7A5C0DF01}] => (Allow) D:\Program Files\TeamViewer\TeamViewer.exe => No File
FirewallRules: [{DC8D3284-97D6-4F4A-A750-AD4C73BAF6C1}] => (Allow) D:\Program Files\TeamViewer\TeamViewer_Service.exe => No File
FirewallRules: [{9DB5B99B-90BC-47BE-B523-F23456D38A77}] => (Allow) D:\Program Files\TeamViewer\TeamViewer_Service.exe => No File
FirewallRules: [{8948E1F8-DF4C-4283-85ED-F046C4EB40ED}] => (Allow) D:\Program Files (x86)\AnyDesk\AnyDesk.exe => No File
FirewallRules: [{4099657F-91ED-4D37-9F8E-804B89EDAD9A}] => (Allow) D:\Program Files (x86)\AnyDesk\AnyDesk.exe => No File
FirewallRules: [{588D5FDB-5252-4CDF-93AC-F6B1C7CA2A7B}] => (Allow) D:\Program Files (x86)\AnyDesk\AnyDesk.exe => No File
FirewallRules: [{9E6E852A-3ED0-4337-90AC-E2A2B16825FE}] => (Allow) D:\Program Files (x86)\AnyDesk\AnyDesk.exe => No File
FirewallRules: [{3A60AE09-48BC-4324-B8D5-E93F926EF8EB}] => (Allow) D:\Program Files (x86)\AnyDesk\AnyDesk.exe => No File
FirewallRules: [{A90CB048-749E-4556-A4D0-0ACCDCA0391A}] => (Allow) D:\Program Files (x86)\AnyDesk\AnyDesk.exe => No File
HKU\S-1-5-21-2758214187-3853810005-2688088550-1001\...\Run: [EPLTarget\P0000000000000000] => C:\Windows\system32\spool\DRIVERS\x64\3\E_YATISBE.EXE /EPT "EPLTarget\P0000000000000000" /M "WF-7710 Series" (No File)
Task: {E0F10DCF-44AD-40E8-9370-FB5DA59F93FB} - System32\Tasks\Microsoft\Windows\UpdateOrchestrator\USO_UxBroker => %systemroot%\system32\MusNotification.exe (No File)


EmptyTemp:
Hosts:
End
Uložte do D:\Stažené soubory jako fixlist.txt. Spusťte znovu FRST a klikněte na >Fix<. Po skončení akce se objeví log, který sem zkopírujte.

Protože provozujete torrenty a chodíte na "péčka", měl byste si pořídit nějaký lepší AV. WinDef je v tomto případě naprosto nedostatečný.

Re: kontrola logu

Napsal: 15 črc 2024 13:34
od Buranek
Fix result of Farbar Recovery Scan Tool (x64) Version: 13.07.2024
Ran by sern (15-07-2024 14:29:04) Run:1
Running from D:\Stažené soubory
Loaded Profiles: sern
Boot Mode: Normal
==============================================

fixlist content:
*****************
Start

CloseProcesses:
CustomCLSID: HKU\S-1-5-21-2758214187-3853810005-2688088550-1001_Classes\CLSID\{345D3165-3889-4694-AB75-A91A27B217E8}\localserver32 -> C:\Program Files\Autodesk\AutoCAD LT 2024\acadlt.exe => No File
CustomCLSID: HKU\S-1-5-21-2758214187-3853810005-2688088550-1001_Classes\CLSID\{38142727-3008-9161-1521-349515000000}\localserver32 -> "C:\Program Files\Adobe\Acrobat DC\Acrobat\ADNotificationManager.exe" -ToastActivated => No File
CustomCLSID: HKU\S-1-5-21-2758214187-3853810005-2688088550-1001_Classes\CLSID\{74F5CC00-49A9-11CF-A2F9-444553540000}\InprocServer32 -> C:\Program Files\Autodesk\AutoCAD LT 2024\cs-CZ\acadltficn.dll => No File
HKLM\...\.scr: Icad.load.scr => "notepad.exe" "%1" <==== ATTENTION
FirewallRules: [{742DAE49-A7F6-4638-A188-753263FED5E5}] => (Allow) C:\Program Files (x86)\EPSON Software\Event Manager\EEventManager.exe => No File
FirewallRules: [{A10C0A4D-8FCD-4941-A4D3-3BFA6DE29D2C}] => (Allow) C:\Program Files (x86)\EPSON Software\Event Manager\EEventManager.exe => No File
FirewallRules: [{0252E50E-5353-4FA9-87CE-46C8E98EFA8E}] => (Allow) C:\Users\sern\AppData\Local\Temp\WF-7710\Network\EpsonNetSetup\ENEasyApp.exe => No File
FirewallRules: [{B5305FAD-B6A0-4905-AE82-D66F42D96DB7}] => (Allow) C:\Users\sern\AppData\Local\Temp\WF-7710\Network\EpsonNetSetup\ENEasyApp.exe => No File
FirewallRules: [TCP Query User{436BD932-537B-49F0-B42E-C1A0C8ADC256}D:\games\warcraft iii - reforged\_retail_\x86_64\warcraft iii.exe] => (Allow) D:\games\warcraft iii - reforged\_retail_\x86_64\warcraft iii.exe => No File
FirewallRules: [UDP Query User{D43692EA-3BBA-4259-965A-5408EB151AB9}D:\games\warcraft iii - reforged\_retail_\x86_64\warcraft iii.exe] => (Allow) D:\games\warcraft iii - reforged\_retail_\x86_64\warcraft iii.exe => No File
FirewallRules: [{878C7FEC-DAE4-4BD1-BB3C-1676DABFBAD9}] => (Allow) D:\Program Files\TeamViewer\TeamViewer.exe => No File
FirewallRules: [{D6D1FCBB-174B-4ABB-BA58-60C7A5C0DF01}] => (Allow) D:\Program Files\TeamViewer\TeamViewer.exe => No File
FirewallRules: [{DC8D3284-97D6-4F4A-A750-AD4C73BAF6C1}] => (Allow) D:\Program Files\TeamViewer\TeamViewer_Service.exe => No File
FirewallRules: [{9DB5B99B-90BC-47BE-B523-F23456D38A77}] => (Allow) D:\Program Files\TeamViewer\TeamViewer_Service.exe => No File
FirewallRules: [{8948E1F8-DF4C-4283-85ED-F046C4EB40ED}] => (Allow) D:\Program Files (x86)\AnyDesk\AnyDesk.exe => No File
FirewallRules: [{4099657F-91ED-4D37-9F8E-804B89EDAD9A}] => (Allow) D:\Program Files (x86)\AnyDesk\AnyDesk.exe => No File
FirewallRules: [{588D5FDB-5252-4CDF-93AC-F6B1C7CA2A7B}] => (Allow) D:\Program Files (x86)\AnyDesk\AnyDesk.exe => No File
FirewallRules: [{9E6E852A-3ED0-4337-90AC-E2A2B16825FE}] => (Allow) D:\Program Files (x86)\AnyDesk\AnyDesk.exe => No File
FirewallRules: [{3A60AE09-48BC-4324-B8D5-E93F926EF8EB}] => (Allow) D:\Program Files (x86)\AnyDesk\AnyDesk.exe => No File
FirewallRules: [{A90CB048-749E-4556-A4D0-0ACCDCA0391A}] => (Allow) D:\Program Files (x86)\AnyDesk\AnyDesk.exe => No File
HKU\S-1-5-21-2758214187-3853810005-2688088550-1001\...\Run: [EPLTarget\P0000000000000000] => C:\Windows\system32\spool\DRIVERS\x64\3\E_YATISBE.EXE /EPT "EPLTarget\P0000000000000000" /M "WF-7710 Series" (No File)
Task: {E0F10DCF-44AD-40E8-9370-FB5DA59F93FB} - System32\Tasks\Microsoft\Windows\UpdateOrchestrator\USO_UxBroker => %systemroot%\system32\MusNotification.exe (No File)


EmptyTemp:
Hosts:
End
*****************

Processes closed successfully.
HKU\S-1-5-21-2758214187-3853810005-2688088550-1001_Classes\CLSID\{345D3165-3889-4694-AB75-A91A27B217E8} => removed successfully
HKU\S-1-5-21-2758214187-3853810005-2688088550-1001_Classes\CLSID\{38142727-3008-9161-1521-349515000000} => removed successfully
HKU\S-1-5-21-2758214187-3853810005-2688088550-1001_Classes\CLSID\{74F5CC00-49A9-11CF-A2F9-444553540000} => removed successfully
HKLM\Software\Classes\.scr\\"Default"="scrfile" => value restored successfully
"HKLM\SYSTEM\CurrentControlSet\services\SharedAccess\Parameters\FirewallPolicy\FirewallRules\\{742DAE49-A7F6-4638-A188-753263FED5E5}" => removed successfully
"HKLM\SYSTEM\CurrentControlSet\services\SharedAccess\Parameters\FirewallPolicy\FirewallRules\\{A10C0A4D-8FCD-4941-A4D3-3BFA6DE29D2C}" => removed successfully
"HKLM\SYSTEM\CurrentControlSet\services\SharedAccess\Parameters\FirewallPolicy\FirewallRules\\{0252E50E-5353-4FA9-87CE-46C8E98EFA8E}" => removed successfully
"HKLM\SYSTEM\CurrentControlSet\services\SharedAccess\Parameters\FirewallPolicy\FirewallRules\\{B5305FAD-B6A0-4905-AE82-D66F42D96DB7}" => removed successfully
"HKLM\SYSTEM\CurrentControlSet\services\SharedAccess\Parameters\FirewallPolicy\FirewallRules\\TCP Query User{436BD932-537B-49F0-B42E-C1A0C8ADC256}D:\games\warcraft iii - reforged\_retail_\x86_64\warcraft iii.exe" => removed successfully
"HKLM\SYSTEM\CurrentControlSet\services\SharedAccess\Parameters\FirewallPolicy\FirewallRules\\UDP Query User{D43692EA-3BBA-4259-965A-5408EB151AB9}D:\games\warcraft iii - reforged\_retail_\x86_64\warcraft iii.exe" => removed successfully
"HKLM\SYSTEM\CurrentControlSet\services\SharedAccess\Parameters\FirewallPolicy\FirewallRules\\{878C7FEC-DAE4-4BD1-BB3C-1676DABFBAD9}" => removed successfully
"HKLM\SYSTEM\CurrentControlSet\services\SharedAccess\Parameters\FirewallPolicy\FirewallRules\\{D6D1FCBB-174B-4ABB-BA58-60C7A5C0DF01}" => removed successfully
"HKLM\SYSTEM\CurrentControlSet\services\SharedAccess\Parameters\FirewallPolicy\FirewallRules\\{DC8D3284-97D6-4F4A-A750-AD4C73BAF6C1}" => removed successfully
"HKLM\SYSTEM\CurrentControlSet\services\SharedAccess\Parameters\FirewallPolicy\FirewallRules\\{9DB5B99B-90BC-47BE-B523-F23456D38A77}" => removed successfully
"HKLM\SYSTEM\CurrentControlSet\services\SharedAccess\Parameters\FirewallPolicy\FirewallRules\\{8948E1F8-DF4C-4283-85ED-F046C4EB40ED}" => removed successfully
"HKLM\SYSTEM\CurrentControlSet\services\SharedAccess\Parameters\FirewallPolicy\FirewallRules\\{4099657F-91ED-4D37-9F8E-804B89EDAD9A}" => removed successfully
"HKLM\SYSTEM\CurrentControlSet\services\SharedAccess\Parameters\FirewallPolicy\FirewallRules\\{588D5FDB-5252-4CDF-93AC-F6B1C7CA2A7B}" => removed successfully
"HKLM\SYSTEM\CurrentControlSet\services\SharedAccess\Parameters\FirewallPolicy\FirewallRules\\{9E6E852A-3ED0-4337-90AC-E2A2B16825FE}" => removed successfully
"HKLM\SYSTEM\CurrentControlSet\services\SharedAccess\Parameters\FirewallPolicy\FirewallRules\\{3A60AE09-48BC-4324-B8D5-E93F926EF8EB}" => removed successfully
"HKLM\SYSTEM\CurrentControlSet\services\SharedAccess\Parameters\FirewallPolicy\FirewallRules\\{A90CB048-749E-4556-A4D0-0ACCDCA0391A}" => removed successfully
"HKU\S-1-5-21-2758214187-3853810005-2688088550-1001\Software\Microsoft\Windows\CurrentVersion\Run\\EPLTarget\P0000000000000000" => removed successfully
"HKLM\Software\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Plain\{E0F10DCF-44AD-40E8-9370-FB5DA59F93FB}" => removed successfully
"HKLM\Software\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tasks\{E0F10DCF-44AD-40E8-9370-FB5DA59F93FB}" => removed successfully
C:\Windows\System32\Tasks\Microsoft\Windows\UpdateOrchestrator\USO_UxBroker => moved successfully
"HKLM\Software\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tree\Microsoft\Windows\UpdateOrchestrator\USO_UxBroker" => removed successfully
C:\Windows\System32\Drivers\etc\hosts => moved successfully
Hosts restored successfully.

=========== EmptyTemp: ==========

FlushDNS => completed
BITS transfer queue => 1572864 B
DOMStore, IE Recovery, AppCache, Feeds Cache, Thumbcache, IconCache => 96744757 B
Java, Discord, Steam htmlcache, WinHttpAutoProxySvc/winhttp *.cache => 328425085 B
Windows/system/drivers => 11929662 B
Edge => 0 B
Chrome => 1733280044 B
Firefox => 0 B
Opera => 0 B

Temp, IE cache, history, cookies, recent:
Default => 0 B
ProgramData => 0 B
Public => 0 B
systemprofile => 67258880 B
systemprofile32 => 67920028 B
LocalService => 67920028 B
NetworkService => 68114964 B
sern => 203404146 B

RecycleBin => 20621396 B
EmptyTemp: => 2.5 GB temporary data Removed.

================================


The system needed a reboot.

==== End of Fixlog 14:30:01 ====

Re: kontrola logu

Napsal: 15 črc 2024 13:50
od Rudy
Smazáno. Log by již měl být OK.
Všechny časy jsou v UTC+01:00
Stránka 1 z 1

Založeno na phpBB® Forum Software © phpBB Limited

Český překlad – phpBB.cz