VIRY.CZ

Dobrý den,

Scan result of Farbar Recovery Scan Tool (FRST) (x64) Version: 22-08.2024
Ran by PC (administrator) on DESKTOP-3CTVH0E (04-09-2024 11:01:18)
Running from C:\Users\PC\Desktop\FRST64.exe
Loaded Profiles: PC
Platform: Microsoft Windows 10 Home Version 22H2 19045.4780 (X64) Language: Čeština (Česko)
Default browser not detected!
Boot Mode: Normal

==================== Processes (Whitelisted) =================

(If an entry is included in the fixlist, the process will be closed. The file will not be moved.)

(Learsy) [File not signed] C:\Program Files (x86)\MuralPix\MpAgent.exe
(Microsoft Windows Publisher -> Microsoft Corporation) C:\Windows\System32\WerFaultSecure.exe
(services.exe ->) (Adobe Inc. -> Adobe Inc.) C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\armsvc.exe
(services.exe ->) (Intel Corporation - Embedded Subsystems and IP Blocks Group -> Intel Corporation) C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\DAL\jhi_service.exe
(services.exe ->) (Intel Corporation - Embedded Subsystems and IP Blocks Group -> Intel Corporation) C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\LMS\LMS.exe
(services.exe ->) (Malwarebytes Corporation -> Malwarebytes) C:\ProgramData\MB3Install\MBAMIService.exe
(services.exe ->) (Microsoft Windows Publisher -> Microsoft Corporation) C:\ProgramData\Microsoft\Windows Defender\Platform\4.18.24070.5-0\MpDefenderCoreService.exe
(services.exe ->) (Microsoft Windows Publisher -> Microsoft Corporation) C:\ProgramData\Microsoft\Windows Defender\Platform\4.18.24070.5-0\MsMpEng.exe
(services.exe ->) (Microsoft Windows Publisher -> Microsoft Corporation) C:\ProgramData\Microsoft\Windows Defender\Platform\4.18.24070.5-0\NisSrv.exe
(services.exe ->) (NVIDIA Corporation -> NVIDIA Corporation) C:\Windows\System32\DriverStore\FileRepository\nv_dispig.inf_amd64_7e5fd280efaa5445\Display.NvContainer\NVDisplay.Container.exe <2>
(svchost.exe ->) (Microsoft Windows -> Microsoft Corporation) C:\Windows\System32\dllhost.exe
(svchost.exe ->) (Microsoft Windows -> Microsoft Corporation) C:\Windows\System32\MoUsoCoreWorker.exe
(svchost.exe ->) (Microsoft Windows -> Microsoft Corporation) C:\Windows\System32\smartscreen.exe
(svchost.exe ->) (SOKNO S.R.L. -> ) C:\Program Files (x86)\SpeedFan\speedfan.exe

==================== Registry (Whitelisted) ===================

(If an entry is included in the fixlist, the registry item will be restored to default or removed. The file will not be moved.)

HKLM\...\Run: [ISCT Tray] => C:\Program Files\Intel\Intel(R) Smart Connect Technology Agent\iSCTsysTray8.exe [5860656 2014-06-18] (Intel CASE -> Intel Corporation)
HKLM\...\Run: [Cmaudio8788] => C:\Windows\syswow64\RunDll32.exe C:\Windows\Syswow64\cmicnfgp.dll,CMICtrlWnd [13463552 2021-03-23] (C-Media Corporation) [File not signed]
HKLM\...\Run: [Cmaudio8788GX] => C:\Windows\syswow64\HsMgr.exe [200704 2021-03-23] () [File not signed]
HKLM\...\Run: [Cmaudio8788GX64] => C:\Windows\system\HsMgr64.exe [282112 2021-03-23] () [File not signed]
HKLM\...\Run: [Start WingMan Profiler] => C:\Program Files\Logitech\Gaming Software\LWEMon.exe [190536 2010-06-14] (Logitech -> Logitech Inc.)
HKLM-x32\...\Run: [MuralPixAgent] => C:\Program Files (x86)\MuralPix\MpAgent.exe [102400 2006-12-30] (Learsy) [File not signed]
HKLM-x32\...\Run: [Fujitsu Mouse LX960] => C:\Program Files (x86)\Fujitsu Mouse LX960\DriverAP4.exe [1719808 2019-10-08] (Fujitsu) [File not signed]
HKU\S-1-5-21-1091510603-4126540304-2273175986-1001\...\Run: [Steam] => D:\Steam\steam.exe [4407656 2024-07-17] (Valve Corp. -> Valve Corporation)
HKU\S-1-5-21-1091510603-4126540304-2273175986-1001\...\RunOnce: [Application Restart #1] => C:\Program Files\BraveSoftware\Brave-Browser\Application\brave.exe [2617368 2024-08-14] (Brave Software, Inc. -> Brave Software, Inc.)
HKU\S-1-5-21-1091510603-4126540304-2273175986-1001\...\RunOnce: [Application Restart #0] => C:\Program Files\BraveSoftware\Brave-Browser\Application\brave.exe [2617368 2024-08-14] (Brave Software, Inc. -> Brave Software, Inc.)
HKU\S-1-5-21-1091510603-4126540304-2273175986-1001\Control Panel\Desktop\\SCRNSAVE.EXE -> C:\Windows\SysWOW64\MuralPix.scr [106496 2006-12-30] (Learsy) [File not signed]
HKLM\Software\Microsoft\Active Setup\Installed Components: [{AFE6A462-C574-4B8A-AF43-4CC60DF4563B}] -> C:\Program Files\BraveSoftware\Brave-Browser\Application\127.1.68.141\Installer\chrmstp.exe [2024-08-20] (Brave Software, Inc. -> Brave Software, Inc.)
Startup: C:\Users\PC\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup\Speedfan Startup.lnk [2021-03-28]
ShortcutTarget: Speedfan Startup.lnk -> C:\Windows\System32\schtasks.exe (Microsoft Windows -> Microsoft Corporation)

==================== Scheduled Tasks (Whitelisted) =================

(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)

Task: {537375AC-3BCB-4DA8-A137-9C2F221B2AB4} - \CCleanerSkipUAC -> No File <==== ATTENTION
Task: {994B6BEA-B45A-4E3E-AC38-DCDD1E0C54B5} - \CCleanerSkipUAC -> No File <==== ATTENTION
Task: {E3590E26-3B39-4010-BD33-9996CF06378F} - \CCleanerSkipUAC -> No File <==== ATTENTION
Task: {FE55186A-E615-431B-BBBD-8261504D717C} - \CCleanerSkipUAC -> No File <==== ATTENTION
Task: {8107BE7E-84F7-4D6D-8F47-B9073A84B3DC} - System32\Tasks\Adobe Acrobat Update Task => C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\AdobeARM.exe [1563080 2024-07-31] (Adobe Inc. -> Adobe Inc.)
Task: {6764ACC0-D2FF-4FC5-B863-AFD2E4ACC7C4} - System32\Tasks\BraveSoftwareUpdateTaskMachineUA => C:\Program Files (x86)\BraveSoftware\Update\BraveUpdate.exe [162400 2021-03-24] (Brave Software, Inc. -> BraveSoftware Inc.)
Task: {21D76381-CEE4-4F2C-8999-295917A6CE29} - System32\Tasks\CCleaner Update => C:\Program Files\CCleaner\CCUpdate.exe (No File)
Task: {893FCD3D-C20C-43FE-BA86-9F5996DAE08C} - System32\Tasks\CCleaner Update => C:\Program Files\CCleaner\CCUpdate.exe (No File)
Task: {4873346E-F994-4239-A549-83D54B68F55B} - System32\Tasks\Microsoft\Windows\Windows Defender\Windows Defender Cache Maintenance => C:\ProgramData\Microsoft\Windows Defender\Platform\4.18.24070.5-0\MpCmdRun.exe [1687320 2024-08-08] (Microsoft Windows Publisher -> Microsoft Corporation)
Task: {A520474B-6BB9-44AD-A65E-1CC65A9DF36E} - System32\Tasks\Microsoft\Windows\Windows Defender\Windows Defender Cleanup => C:\ProgramData\Microsoft\Windows Defender\Platform\4.18.24070.5-0\MpCmdRun.exe [1687320 2024-08-08] (Microsoft Windows Publisher -> Microsoft Corporation)
Task: {B47AA19F-B158-45DC-AD65-21703CB17C75} - System32\Tasks\Microsoft\Windows\Windows Defender\Windows Defender Scheduled Scan => C:\ProgramData\Microsoft\Windows Defender\Platform\4.18.24070.5-0\MpCmdRun.exe [1687320 2024-08-08] (Microsoft Windows Publisher -> Microsoft Corporation)
Task: {D1561A16-7899-4673-8D46-83E598AF2162} - System32\Tasks\Microsoft\Windows\Windows Defender\Windows Defender Verification => C:\ProgramData\Microsoft\Windows Defender\Platform\4.18.24070.5-0\MpCmdRun.exe [1687320 2024-08-08] (Microsoft Windows Publisher -> Microsoft Corporation)
Task: {70DC0CDE-E0DF-45EF-A0A4-8C0BBBEC3A49} - System32\Tasks\Mozilla\Firefox Default Browser Agent 9388B6559483FD17 => C:\Mozilla Firefox\default-browser-agent.exe [34376 2024-09-04] (Mozilla Corporation -> Mozilla Foundation)
Task: {AADDFD4F-EBA0-472A-85F3-3120A8C81380} - System32\Tasks\OneDrive Standalone Update Task-S-1-5-21-1091510603-4126540304-2273175986-500 => %localappdata%\Microsoft\OneDrive\OneDriveStandaloneUpdater.exe (No File)
Task: {1D270147-DD55-4E70-9FBD-5177E19A1EE4} - System32\Tasks\Speedfan Startup => C:\Program Files (x86)\SpeedFan\speedfan.exe [8166536 2016-06-29] (SOKNO S.R.L. -> ) -> /c start "Speedfan Startup" "C:\Program Files (x86)\SpeedFan\speedfan.exe"

(If an entry is included in the fixlist, the task (.job) file will be moved. The file which is running by the task will not be moved.)


==================== Internet (Whitelisted) ====================

(If an item is included in the fixlist, if it is a registry item it will be removed or restored to default.)

Tcpip\Parameters: [DhcpNameServer] 192.168.5.1 172.21.1.1 172.21.1.2
Tcpip\..\Interfaces\{154e81dd-97c9-424e-bd8c-4ca78f603f95}: [DhcpNameServer] 192.168.5.1 172.21.1.1 172.21.1.2
Tcpip\..\Interfaces\{154e81dd-97c9-424e-bd8c-4ca78f603f95}: [DhcpDomain] lan

Edge:
=======
Edge Profile: C:\Users\PC\AppData\Local\Microsoft\Edge\User Data\Default [2024-09-04]

FireFox:
========
FF DefaultProfile: cmv64535.default-1617030860948
FF ProfilePath: C:\Users\PC\AppData\Roaming\Mozilla\Firefox\Profiles\c5xkfvmc.default-1616169207305 [2024-09-04]
FF ProfilePath: C:\Users\PC\AppData\Roaming\Mozilla\Firefox\Profiles\16rhk66j.default-1483610832811 [2024-09-04]
FF ProfilePath: C:\Users\PC\AppData\Roaming\Mozilla\Firefox\Profiles\cmv64535.default-1617030860948 [2024-09-04]
FF Homepage: Mozilla\Firefox\Profiles\cmv64535.default-1617030860948 -> hxxp://www.templ.net/cesky/patrick_barta_a_kontakt.php
FF Session Restore: Mozilla\Firefox\Profiles\cmv64535.default-1617030860948 -> is enabled.
FF Extension: (Dark Reader) - C:\Users\PC\AppData\Roaming\Mozilla\Firefox\Profiles\cmv64535.default-1617030860948\Extensions\addon@darkreader.org.xpi [2024-08-28]
FF Extension: (uBlock Origin) - C:\Users\PC\AppData\Roaming\Mozilla\Firefox\Profiles\cmv64535.default-1617030860948\Extensions\uBlock0@raymondhill.net.xpi [2024-08-01]
FF Extension: (Dark space - The best dynamic theme) - C:\Users\PC\AppData\Roaming\Mozilla\Firefox\Profiles\cmv64535.default-1617030860948\Extensions\{22b0eca1-8c02-4c0d-a5d7-6604ddd9836e}.xpi [2024-01-26]
FF Extension: (Galaxy Space Theme) - C:\Users\PC\AppData\Roaming\Mozilla\Firefox\Profiles\cmv64535.default-1617030860948\Extensions\{5eae7880-dab2-4337-bc53-e4b58db7aec4}.xpi [2022-12-19]
FF Extension: (This is a sunrise) - C:\Users\PC\AppData\Roaming\Mozilla\Firefox\Profiles\cmv64535.default-1617030860948\Extensions\{8295aeba-205d-4a8a-8155-c0f8f0f959a1}.xpi [2022-11-26]
FF Extension: (Fractal Senzune Alphacoder) - C:\Users\PC\AppData\Roaming\Mozilla\Firefox\Profiles\cmv64535.default-1617030860948\Extensions\{ceefc8d7-d251-4762-bfcd-35cdeb3c52cd}.xpi [2023-03-08]
FF Extension: (Northern Lake FT by MaDonna) - C:\Users\PC\AppData\Roaming\Mozilla\Firefox\Profiles\cmv64535.default-1617030860948\Extensions\{fcebb804-5eb9-43d9-a12a-30f6ca1b9b1b}.xpi [2021-06-02]
FF Plugin: @videolan.org/vlc,version=3.0.11 -> C:\Program Files\VideoLAN\VLC\npvlc.dll [2020-06-04] (VideoLAN -> VideoLAN)
FF Plugin: Adobe Acrobat -> C:\Program Files\Adobe\Acrobat DC\Acrobat\Air\nppdf32.dll [2024-08-23] (Adobe Inc. -> Adobe Systems Inc.)
FF Plugin-x32: @intel-webapi.intel.com/Intel WebAPI ipt;version=4.0.68 -> C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\IPT\npIntelWebAPIIPT.dll [2015-04-21] (Intel(R) Identity Protection Technology Software -> Intel Corporation)
FF Plugin-x32: @intel-webapi.intel.com/Intel WebAPI updater -> C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\IPT\npIntelWebAPIUpdater.dll [2015-04-21] (Intel(R) Identity Protection Technology Software -> Intel Corporation)
StartMenuInternet: Firefox-9388B6559483FD17 - C:\Mozilla Firefox\firefox.exe

Brave:
=======
BRA DefaultProfile: Default
BRA Profile: C:\Users\PC\AppData\Local\BraveSoftware\Brave-Browser\User Data\Default [2024-09-04]
BRA DefaultSearchKeyword: Default -> :g
BRA Extension: (DuckDuckGo) - C:\Users\PC\AppData\Local\BraveSoftware\Brave-Browser\User Data\Default\Extensions\bkdgflcldnnnapblkhphbgpggdiikppg [2024-07-27]
BRA Extension: (Dark Reader) - C:\Users\PC\AppData\Local\BraveSoftware\Brave-Browser\User Data\Default\Extensions\eimadpbcbfnmbkopoojfekhnkhdbieeh [2024-09-03]
BRA Profile: C:\Users\PC\AppData\Local\BraveSoftware\Brave-Browser\User Data\Guest Profile [2024-09-04]
BRA Extension: (Brave Ad Block Updater (Brave Ad Block First Party Filters (plaintext))) - C:\Users\PC\AppData\Local\BraveSoftware\Brave-Browser\User Data\adcocjohghhfpidemphmcmlmhnfgikei [2024-08-31]
BRA Extension: (Brave Local Data Files Updater) - C:\Users\PC\AppData\Local\BraveSoftware\Brave-Browser\User Data\afalakplffnnnlkncjhbmahjfjhmlkal [2024-09-03]
BRA Extension: (Brave NTP background images) - C:\Users\PC\AppData\Local\BraveSoftware\Brave-Browser\User Data\aoojcmojmmcbpfgoecoadbdpnagfchel [2024-01-31]
BRA Extension: (Brave Ad Block Updater (Fanboy's Mobile Notifications (plaintext))) - C:\Users\PC\AppData\Local\BraveSoftware\Brave-Browser\User Data\bfpgedeaaibpoidldhjcknekahbikncb [2024-09-04]
BRA Extension: (Wallet Data Files Updater) - C:\Users\PC\AppData\Local\BraveSoftware\Brave-Browser\User Data\BraveWallet [2024-01-30]
BRA Extension: (Brave Ad Block Updater (EasyList Cookie (plaintext))) - C:\Users\PC\AppData\Local\BraveSoftware\Brave-Browser\User Data\cdbbhgbmjhfnhnmgeddbliobbofkgdhe [2024-09-04]
BRA Extension: (Brave Ad Block Updater (Default)) - C:\Users\PC\AppData\Local\BraveSoftware\Brave-Browser\User Data\cffkpbalmllkdoenhmdmpbkajipdjfam [2023-08-04]
BRA Extension: (Brave NTP sponsored images) - C:\Users\PC\AppData\Local\BraveSoftware\Brave-Browser\User Data\efkihffiamafhbhefjaljejgdpkelpal [2024-09-04]
BRA Extension: (Brave Ad Block Updater (Regional Catalog)) - C:\Users\PC\AppData\Local\BraveSoftware\Brave-Browser\User Data\gkboaolpopklhgplhaaiboijnklogmbc [2024-08-11]
BRA Extension: (Brave Ads Resources) - C:\Users\PC\AppData\Local\BraveSoftware\Brave-Browser\User Data\iejekkikpddbbockoldagmfcdbffomfc [2024-08-29]
BRA Extension: (Brave Ad Block Updater (Brave Ad Block Updater (plaintext))) - C:\Users\PC\AppData\Local\BraveSoftware\Brave-Browser\User Data\iodkpdagapdfkphljnddpjlldadblomo [2024-09-04]
BRA Extension: (Brave SpeedReader Updater) - C:\Users\PC\AppData\Local\BraveSoftware\Brave-Browser\User Data\jicbkmdloagakknpihibphagfckhjdih [2022-03-10]
BRA Extension: (Brave Ad Block Updater (Resources)) - C:\Users\PC\AppData\Local\BraveSoftware\Brave-Browser\User Data\mfddibmblmbccpadfndgakiopmmhebop [2024-08-28]
BRA Extension: (Brave Ad Block Updater (EasyList Czech and Slovak (plaintext))) - C:\Users\PC\AppData\Local\BraveSoftware\Brave-Browser\User Data\oegebjahecghlckbhkmojgnpcgdeajdi [2024-08-30]
BRA Extension: (Brave Ad Block Updater (CZE, SVK: EasyList Czech and Slovak)) - C:\Users\PC\AppData\Local\BraveSoftware\Brave-Browser\User Data\omkkefoeihpbpebhhbhmjekpnegokpbj [2023-04-15]
BRA Extension: (Brave HTTPS Everywhere Updater) - C:\Users\PC\AppData\Local\BraveSoftware\Brave-Browser\User Data\oofiananboodjbbmdelgdommihjbkfag [2023-10-26]

==================== Services (Whitelisted) ===================

(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)

R2 AdobeARMservice; C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\armsvc.exe [172992 2024-07-31] (Adobe Inc. -> Adobe Inc.)
S3 brave; C:\Program Files (x86)\BraveSoftware\Update\BraveUpdate.exe [162400 2021-03-24] (Brave Software, Inc. -> BraveSoftware Inc.)
S3 BraveElevationService; C:\Program Files\BraveSoftware\Brave-Browser\Application\127.1.68.141\elevation_service.exe [2575896 2024-08-14] (Brave Software, Inc. -> Brave Software, Inc.)
S3 bravem; C:\Program Files (x86)\BraveSoftware\Update\BraveUpdate.exe [162400 2021-03-24] (Brave Software, Inc. -> BraveSoftware Inc.)
S3 Intel(R) Security Assist; C:\Program Files (x86)\Intel\Intel(R) Security Assist\isa.exe [335872 2015-05-19] (Intel Corporation) [File not signed]
S2 isaHelperSvc; C:\Program Files (x86)\Intel\Intel(R) Security Assist\isaHelperService.exe [7680 2015-05-19] () [File not signed]
S3 ISCTAgent; C:\Program Files\Intel\Intel(R) Smart Connect Technology Agent\iSCTAgent.exe [209712 2014-06-18] (Intel CASE -> )
R2 MBAMIService; C:\ProgramData\MB3Install\MBAMIService.exe [231120 2019-06-26] (Malwarebytes Corporation -> Malwarebytes)
S3 MBAMService; C:\Program Files\Malwarebytes\Anti-Malware\MBAMService.exe [8901528 2024-07-11] (Malwarebytes Inc. -> Malwarebytes)
S3 MBVpnTunnelService; C:\Program Files\Malwarebytes\Anti-Malware\MBVpnTunnelService.exe [3073888 2024-07-11] (Malwarebytes Inc. -> Malwarebytes)
R2 MDCoreSvc; C:\ProgramData\Microsoft\Windows Defender\Platform\4.18.24070.5-0\MpDefenderCoreService.exe [1427024 2024-08-08] (Microsoft Windows Publisher -> Microsoft Corporation)
S3 PrintNotify; C:\Windows\system32\spool\drivers\x64\3\PrintConfig.dll [3596288 2021-03-24] (Microsoft Corporation) [File not signed]
R3 WdNisSvc; C:\ProgramData\Microsoft\Windows Defender\Platform\4.18.24070.5-0\NisSrv.exe [3199648 2024-08-08] (Microsoft Windows Publisher -> Microsoft Corporation)
R2 WinDefend; C:\ProgramData\Microsoft\Windows Defender\Platform\4.18.24070.5-0\MsMpEng.exe [133704 2024-08-08] (Microsoft Windows Publisher -> Microsoft Corporation)
R2 NVDisplay.ContainerLocalSystem; C:\Windows\System32\DriverStore\FileRepository\nv_dispig.inf_amd64_7e5fd280efaa5445\Display.NvContainer\NVDisplay.Container.exe -s NVDisplay.ContainerLocalSystem -f %ProgramData%\NVIDIA\NVDisplay.ContainerLocalSystem.log -l 3 -d C:\Windows\System32\DriverStore\FileRepository\nv_dispig.inf_amd64_7e5fd280efaa5445\Display.NvContainer\plugins\LocalSystem -r -p 30000 -cfg NVDisplay.ContainerLocalSystem\LocalSystem

===================== Drivers (Whitelisted) ===================

(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)

S3 BthA2dp; C:\Windows\System32\drivers\BthA2dp.sys [279040 2021-09-15] (Microsoft Corporation) [File not signed]
S3 BthHFEnum; C:\Windows\System32\drivers\bthhfenum.sys [154112 2021-10-13] (Microsoft Corporation) [File not signed]
R3 cmudaxp; C:\Windows\system32\drivers\cmudaxp.sys [2735616 2021-03-23] (C-MEDIA ELECTRONICS INC. -> C-Media Inc)
S0 MbamElam; C:\Windows\System32\DRIVERS\MbamElam.sys [21480 2023-07-02] (Microsoft Windows Early Launch Anti-malware Publisher -> Malwarebytes)
S3 MBAMSwissArmy; C:\Windows\System32\Drivers\mbamswissarmy.sys [239576 2024-02-03] (Microsoft Windows Hardware Compatibility Publisher -> Malwarebytes)
S3 MZ_USBAUDIO; C:\Windows\system32\drivers\mz_usbaudio.sys [144896 2013-05-14] (DandM Holdings Inc. -> D&M Holdings Inc.)
R2 speedfan; C:\Windows\SysWOW64\speedfan.sys [28664 2012-12-29] (SOKNO S.R.L. -> Almico Software)
R1 steamxbox; C:\Windows\System32\drivers\steamxbox.sys [278208 2023-02-21] (Valve Corp. -> Valve Corporation)
S0 WdBoot; C:\Windows\System32\drivers\wd\WdBoot.sys [22080 2024-08-08] (Microsoft Windows Early Launch Anti-malware Publisher -> Microsoft Corporation)
R0 WdFilter; C:\Windows\System32\drivers\wd\WdFilter.sys [602504 2024-08-08] (Microsoft Windows -> Microsoft Corporation)
R3 WdNisDrv; C:\Windows\System32\drivers\wd\WdNisDrv.sys [105864 2024-08-08] (Microsoft Windows -> Microsoft Corporation)

==================== NetSvcs (Whitelisted) ===================

(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)


==================== One month (created) (Whitelisted) =========

(If an entry is included in the fixlist, the file/folder will be moved.)

2024-09-04 11:01 - 2024-09-04 11:01 - 000019186 _____ C:\Users\PC\Desktop\FRST.txt
2024-09-04 10:27 - 2024-09-04 10:27 - 002397184 _____ (Farbar) C:\Users\PC\Desktop\FRST64.exe
2024-09-04 01:12 - 2024-09-04 08:31 - 000000000 ____D C:\Mozilla Firefox
2024-08-21 11:59 - 2024-09-02 21:16 - 000000000 ____D C:\Users\PC\Documents\MOVIES
2024-08-14 01:37 - 2024-08-14 01:37 - 000000000 ___HD C:\$WinREAgent
2024-08-08 14:13 - 2024-08-08 14:13 - 000000000 ____D C:\Users\PC\Documents\GOMPlayer

==================== One month (modified) ==================

(If an entry is included in the fixlist, the file/folder will be moved.)

2024-09-04 11:01 - 2021-12-27 09:49 - 000000000 ____D C:\FRST
2024-09-04 11:00 - 2023-07-02 07:06 - 000000000 ____D C:\Users\PC\AppData\Local\Malwarebytes
2024-09-04 11:00 - 2021-03-24 21:23 - 000000000 ____D C:\Users\PC\AppData\Local\CrashDumps
2024-09-04 11:00 - 2021-03-24 21:19 - 000000000 ____D C:\Users\PC\AppData\Roaming\uTorrent
2024-09-04 10:48 - 2019-12-07 11:14 - 000000000 ____D C:\ProgramData\regid.1991-06.com.microsoft
2024-09-04 10:45 - 2022-02-20 14:30 - 000000000 ____D C:\ProgramData\Mozilla-1de4eec8-1241-4177-a864-e594e8d1fb38
2024-09-04 10:43 - 2021-03-24 12:34 - 000000000 ____D C:\Users\PC\AppData\Local\D3DSCache
2024-09-04 10:39 - 2024-04-05 08:57 - 000003936 _____ C:\Windows\system32\Tasks\CCleaner Update
2024-09-04 10:23 - 2021-03-24 12:19 - 000000000 ____D C:\Program Files (x86)\SpeedFan
2024-09-04 10:19 - 2021-03-24 09:57 - 000000000 ____D C:\ProgramData\NVIDIA
2024-09-04 08:15 - 2020-09-27 07:50 - 000000000 ____D C:\Windows\system32\SleepStudy
2024-09-04 07:50 - 2019-12-07 11:14 - 000000000 ____D C:\Windows\AppReadiness
2024-09-04 07:50 - 2019-12-07 11:14 - 000000000 ____D C:\Program Files\WindowsApps
2024-09-03 18:25 - 2021-03-23 16:56 - 001693820 _____ C:\Windows\system32\PerfStringBackup.INI
2024-09-03 18:25 - 2019-12-07 16:41 - 000716932 _____ C:\Windows\system32\perfh005.dat
2024-09-03 18:25 - 2019-12-07 16:41 - 000145110 _____ C:\Windows\system32\perfc005.dat
2024-09-03 18:25 - 2019-12-07 11:13 - 000000000 ____D C:\Windows\INF
2024-09-03 18:21 - 2020-09-27 09:51 - 000000006 ____H C:\Windows\Tasks\SA.DAT
2024-09-03 18:21 - 2020-09-27 07:50 - 000008192 ___SH C:\DumpStack.log.tmp
2024-09-03 05:11 - 2019-12-07 11:03 - 000786432 _____ C:\Windows\system32\config\BBI
2024-08-27 11:33 - 2021-03-29 13:34 - 000000000 ____D C:\Users\PC\AppData\Roaming\Vortex
2024-08-27 07:06 - 2022-10-11 19:40 - 000002073 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Adobe Acrobat.lnk
2024-08-27 07:06 - 2021-03-24 09:55 - 000004562 _____ C:\Windows\system32\Tasks\Adobe Acrobat Update Task
2024-08-20 10:32 - 2021-03-24 12:12 - 000002364 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Brave.lnk
2024-08-18 15:09 - 2021-03-24 09:35 - 000000000 ____D C:\Users\PC\AppData\Roaming\vlc
2024-08-16 21:19 - 2024-01-17 16:30 - 000000000 ____D C:\Users\PC\AppData\Roaming\foobar2000-v2
2024-08-14 02:26 - 2020-09-27 07:50 - 000457552 _____ C:\Windows\system32\FNTCACHE.DAT
2024-08-14 02:24 - 2019-12-07 11:14 - 000000000 ___RD C:\Windows\ImmersiveControlPanel
2024-08-14 02:24 - 2019-12-07 11:14 - 000000000 ____D C:\Windows\SysWOW64\WinMetadata
2024-08-14 02:24 - 2019-12-07 11:14 - 000000000 ____D C:\Windows\SysWOW64\setup
2024-08-14 02:24 - 2019-12-07 11:14 - 000000000 ____D C:\Windows\SysWOW64\Dism
2024-08-14 02:24 - 2019-12-07 11:14 - 000000000 ____D C:\Windows\SystemResources
2024-08-14 02:24 - 2019-12-07 11:14 - 000000000 ____D C:\Windows\system32\WinMetadata
2024-08-14 02:24 - 2019-12-07 11:14 - 000000000 ____D C:\Windows\system32\setup
2024-08-14 02:24 - 2019-12-07 11:14 - 000000000 ____D C:\Windows\system32\SecureBootUpdates
2024-08-14 02:24 - 2019-12-07 11:14 - 000000000 ____D C:\Windows\system32\oobe
2024-08-14 02:24 - 2019-12-07 11:14 - 000000000 ____D C:\Windows\system32\Dism
2024-08-14 02:24 - 2019-12-07 11:14 - 000000000 ____D C:\Windows\schemas
2024-08-14 02:24 - 2019-12-07 11:14 - 000000000 ____D C:\Windows\ShellExperiences
2024-08-14 02:24 - 2019-12-07 11:14 - 000000000 ____D C:\Windows\Provisioning
2024-08-14 02:24 - 2019-12-07 11:14 - 000000000 ____D C:\Windows\bcastdvr
2024-08-14 01:53 - 2019-12-07 11:03 - 000000000 ____D C:\Windows\CbsTemp
2024-08-14 01:35 - 2021-03-24 09:31 - 000000000 ____D C:\Windows\system32\MRT
2024-08-14 01:33 - 2021-03-24 09:31 - 197093640 ____C (Microsoft Corporation) C:\Windows\system32\MRT.exe
2024-08-09 14:37 - 2023-08-17 10:05 - 000000000 ____D C:\Users\PC\AppData\Local\vortex-updater
2024-08-08 06:50 - 2020-09-27 09:51 - 000000000 ____D C:\Windows\system32\Drivers\wd

==================== Files in the root of some directories ========

2021-03-24 09:36 - 2021-03-24 09:36 - 000000600 _____ () C:\Users\PC\AppData\Roaming\winscp.rnd
2021-03-25 17:30 - 2021-03-25 17:31 - 000007597 _____ () C:\Users\PC\AppData\Local\resmon.resmoncfg

==================== SigCheck ============================

(There is no automatic fix for files that do not pass verification.)

==================== End of FRST.txt ========================

Zdravím!
Přidejte ještě log Addition. Je v souboru addition.txt na ploše.

Additional scan result of Farbar Recovery Scan Tool (x64) Version: 22-08.2024
Ran by PC (04-09-2024 11:02:17)
Running from C:\Users\PC\Desktop
Microsoft Windows 10 Home Version 22H2 19045.4780 (X64) (2021-03-23 14:52:24)
Boot Mode: Normal
==========================================================


==================== Accounts: =============================


(If an entry is included in the fixlist, it will be removed.)

Administrator (S-1-5-21-1091510603-4126540304-2273175986-500 - Administrator - Disabled)
DefaultAccount (S-1-5-21-1091510603-4126540304-2273175986-503 - Limited - Disabled)
Guest (S-1-5-21-1091510603-4126540304-2273175986-501 - Limited - Disabled)
PC (S-1-5-21-1091510603-4126540304-2273175986-1001 - Administrator - Enabled) => C:\Users\PC
WDAGUtilityAccount (S-1-5-21-1091510603-4126540304-2273175986-504 - Limited - Disabled)

==================== Security Center ========================

(If an entry is included in the fixlist, it will be removed.)

AV: Windows Defender (Enabled - Up to date) {D68DDC3A-831F-4fae-9E44-DA132C1ACF46}

==================== Installed Programs ======================

(Only the adware programs with "Hidden" flag could be added to the fixlist to unhide them. The adware programs should be uninstalled manually.)

µTorrent (HKLM-x32\...\uTorrent) (Version: 2.2.1 - )
Adobe Acrobat (64-bit) (HKLM\...\{AC76BA86-1029-1033-7760-BC15014EA700}) (Version: 24.003.20054 - Adobe)
Adobe Refresh Manager (HKLM-x32\...\{AC76BA86-0804-1033-1959-018244601078}) (Version: 1.8.0 - Adobe Systems Incorporated) Hidden
Altap Salamander 4.0 (x86) (HKLM-x32\...\Altap Salamander 4.0 (x86)) (Version: 4.0 - ALTAP)
Ashampoo Burning Studio 6 FREE v.6.84 (HKLM-x32\...\{91B33C97-3ED1-03EA-A67B-244AA4D7B559}_is1) (Version: 6.8.4 - Ashampoo GmbH & Co. KG)
ASUS Xonar Essence ST Audio (HKLM-x32\...\{71B53BA8-4BE3-49AF-BC3E-07F392008788}) (Version: - ASUSTeK Computer Inc.)
Brave (HKLM-x32\...\BraveSoftware Brave-Browser) (Version: 127.1.68.141 - Autoři prohlížeče Brave)
CCleaner Update Helper (HKLM-x32\...\{E4EAC0E2-A80B-479F-BA45-DCDA595C9A93}) (Version: 1.8.1691.6 - Piriform Software) Hidden
CDisplayEx 1.10.33 (HKLM\...\CDisplayEx_is1) (Version: - Progdigy Software S.A.R.L.)
Easy Audio Extractor v. 1.0 (HKLM-x32\...\Easy Audio Extractor_is1) (Version: - Video-Easy.com)
Fallout 4 - Čeština (HKLM-x32\...\{128B0EF8-7109-4709-A619-57607BE524BB}) (Version: 1.0.1 - prekladyher.eu)
foobar2000 v2.1.1 (x64) (HKLM\...\foobar2000 (x64)) (Version: 2.1.1 - Peter Pawlowski)
GOM Player (HKLM-x32\...\GOM Player) (Version: 2.3.64.5328 - GOM & Company)
Google Update Helper (HKLM-x32\...\{A92DAB39-4E2C-4304-9AB6-BC44E68B55E2}) (Version: 1.3.101.0 - Google LLC) Hidden
Intel(R) Chipset Device Software (HKLM\...\{B685D0AD-42A8-4A39-9BFE-8C063FA9AF29}) (Version: 10.1.1.8 - Intel Corporation) Hidden
Intel(R) Management Engine Components (HKLM\...\{1CEAC85D-2590-4760-800F-8DE5E91F3700}) (Version: 11.0.0.1156 - Intel Corporation)
Intel(R) Management Engine Components (HKLM\...\{5D1BFBB8-4923-4388-9559-C86F5D9E2740}) (Version: 1.0.0.0 - Intel Corporation) Hidden
Intel(R) Management Engine Components (HKLM\...\{B434599E-E35F-4612-9803-A2FB7A8E066B}) (Version: 11.0.0.1156 - Intel Corporation) Hidden
Intel(R) ME UninstallLegacy (HKLM\...\{ECA145AF-55D0-42BA-870F-4213F0198A46}) (Version: 1.0.1.0 - Intel Corporation) Hidden
Intel(R) Smart Connect Technology (HKLM\...\{F46EF80D-07F0-4E56-B9B3-8EDB759B52D8}) (Version: 5.0.10.2850 - Intel Corporation)
Intel® Chipset Device Software (HKLM-x32\...\{c6cff78a-cccb-49d5-be68-ae0ec5f0d48a}) (Version: 10.1.1.8 - Intel(R) Corporation) Hidden
Intel® Security Assist (HKLM-x32\...\{4B230374-6475-4A73-BA6E-41015E9C5013}) (Version: 1.0.0.532 - Intel Corporation)
Intel® Trusted Connect Service Client (HKLM\...\{7D84E343-A23D-451C-B123-0195B2D903A6}) (Version: 1.42.17.0 - Intel Corporation) Hidden
Kontrola stavu osobního počítače s Windows (HKLM\...\{D1F15F7A-707A-42BD-BE6B-3380616F796D}) (Version: 3.6.2204.08001 - Microsoft Corporation)
LibreOffice 7.0.1.2 (HKLM\...\{B98796CE-B0AD-498E-81E4-986FA3BB20B9}) (Version: 7.0.1.2 - The Document Foundation)
Logitech Gaming Software 5.10 (HKLM\...\{1444D2EE-C7AD-44A8-844F-2634B49353D1}) (Version: 5.10.127 - Logitech)
Malwarebytes version 5.1.6.117 (HKLM\...\{35065F43-4BB2-439A-BFF7-0F1014F2E0CD}_is1) (Version: 5.1.6.117 - Malwarebytes)
Microsoft .NET Host - 6.0.6 (x64) (HKLM\...\{F48FB46C-3334-47AA-98ED-D5A47DED33F1}) (Version: 48.27.42327 - Microsoft Corporation) Hidden
Microsoft .NET Host FX Resolver - 6.0.6 (x64) (HKLM\...\{089493D9-430B-4210-8A47-8F611288F461}) (Version: 48.27.42327 - Microsoft Corporation) Hidden
Microsoft .NET Runtime - 6.0.6 (x64) (HKLM\...\{00478901-CD97-4A20-8FF3-3276865A2B44}) (Version: 48.27.42327 - Microsoft Corporation) Hidden
Microsoft Update Health Tools (HKLM\...\{1FC1A6C2-576E-489A-9B4A-92D21F542136}) (Version: 3.74.0.0 - Microsoft Corporation)
Microsoft Visual C++ 2005 Redistributable (x64) (HKLM\...\{6ce5bae9-d3ca-4b99-891a-1dc6c118a5fc}) (Version: 8.0.59192 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x64 9.0.30729 (HKLM\...\{14297226-E0A0-3781-8911-E9D529552663}) (Version: 9.0.30729 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x64 9.0.30729.6161 (HKLM\...\{5FCE6D76-F5DC-37AB-B2B8-22AB8CEDB1D4}) (Version: 9.0.30729.6161 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.6161 (HKLM-x32\...\{9BE518E6-ECC6-35A9-88E4-87755C07200F}) (Version: 9.0.30729.6161 - Microsoft Corporation)
Microsoft Visual C++ 2010 x64 Redistributable - 10.0.40219 (HKLM\...\{1D8E6291-B0D5-35EC-8441-6616F567A0F7}) (Version: 10.0.40219 - Microsoft Corporation)
Microsoft Visual C++ 2010 x86 Redistributable - 10.0.40219 (HKLM-x32\...\{F0C3E5D1-1ADE-321E-8167-68EF0DE699A5}) (Version: 10.0.40219 - Microsoft Corporation)
Microsoft Visual C++ 2012 Redistributable (x64) - 11.0.61030 (HKLM-x32\...\{ca67548a-5ebe-413a-b50c-4b9ceb6d66c6}) (Version: 11.0.61030.0 - Microsoft Corporation)
Microsoft Visual C++ 2012 Redistributable (x86) - 11.0.61030 (HKLM-x32\...\{33d1fd90-4274-48a1-9bc1-97e33d9c2d6f}) (Version: 11.0.61030.0 - Microsoft Corporation)
Microsoft Visual C++ 2012 x64 Additional Runtime - 11.0.61030 (HKLM\...\{37B8F9C7-03FB-3253-8781-2517C99D7C00}) (Version: 11.0.61030 - Microsoft Corporation) Hidden
Microsoft Visual C++ 2012 x64 Minimum Runtime - 11.0.61030 (HKLM\...\{CF2BEA3C-26EA-32F8-AA9B-331F7E34BA97}) (Version: 11.0.61030 - Microsoft Corporation) Hidden
Microsoft Visual C++ 2012 x86 Additional Runtime - 11.0.61030 (HKLM-x32\...\{B175520C-86A2-35A7-8619-86DC379688B9}) (Version: 11.0.61030 - Microsoft Corporation) Hidden
Microsoft Visual C++ 2012 x86 Minimum Runtime - 11.0.61030 (HKLM-x32\...\{BD95A8CD-1D9F-35AD-981A-3E7925026EBB}) (Version: 11.0.61030 - Microsoft Corporation) Hidden
Microsoft Visual C++ 2013 Redistributable (x64) - 12.0.30501 (HKLM-x32\...\{050d4fc8-5d48-4b8f-8972-47c82c46020f}) (Version: 12.0.30501.0 - Microsoft Corporation)
Microsoft Visual C++ 2013 Redistributable (x64) - 12.0.40664 (HKLM-x32\...\{659502b7-dea8-4adc-99c4-64f141a83c2d}) (Version: 12.0.40664.0 - Microsoft Corporation)
Microsoft Visual C++ 2013 Redistributable (x86) - 12.0.30501 (HKLM-x32\...\{f65db027-aff3-4070-886a-0d87064aabb1}) (Version: 12.0.30501.0 - Microsoft Corporation)
Microsoft Visual C++ 2013 x64 Additional Runtime - 12.0.40664 (HKLM\...\{010792BA-551A-3AC0-A7EF-0FAB4156C382}) (Version: 12.0.40664 - Microsoft Corporation) Hidden
Microsoft Visual C++ 2013 x64 Minimum Runtime - 12.0.40664 (HKLM\...\{53CF6934-A98D-3D84-9146-FC4EDF3D5641}) (Version: 12.0.40664 - Microsoft Corporation) Hidden
Microsoft Visual C++ 2013 x86 Additional Runtime - 12.0.21005 (HKLM-x32\...\{F8CFEB22-A2E7-3971-9EDA-4B11EDEFC185}) (Version: 12.0.21005 - Microsoft Corporation) Hidden
Microsoft Visual C++ 2013 x86 Minimum Runtime - 12.0.21005 (HKLM-x32\...\{13A4EE12-23EA-3371-91EE-EFB36DDFFF3E}) (Version: 12.0.21005 - Microsoft Corporation) Hidden
Microsoft Visual C++ 2015-2019 Redistributable (x64) - 14.29.30133 (HKLM-x32\...\{295d1583-fdb9-414b-a4c8-da539362a26b}) (Version: 14.29.30133.0 - Microsoft Corporation)
Microsoft Visual C++ 2015-2019 Redistributable (x86) - 14.29.30133 (HKLM-x32\...\{38b2c744-ad08-4d5b-91a2-3fb6f739ff3e}) (Version: 14.29.30133.0 - Microsoft Corporation)
Microsoft Visual C++ 2019 X64 Additional Runtime - 14.29.30133 (HKLM\...\{E699E009-1C3C-4E50-9B57-2B39F0954C7F}) (Version: 14.29.30133 - Microsoft Corporation) Hidden
Microsoft Visual C++ 2019 X64 Minimum Runtime - 14.29.30133 (HKLM\...\{6CD9E9ED-906D-4196-8DC3-F987D2F6615F}) (Version: 14.29.30133 - Microsoft Corporation) Hidden
Microsoft Visual C++ 2019 X86 Additional Runtime - 14.29.30133 (HKLM-x32\...\{42667D2E-B054-46C1-9D46-2EE1332C14C1}) (Version: 14.29.30133 - Microsoft Corporation) Hidden
Microsoft Visual C++ 2019 X86 Minimum Runtime - 14.29.30133 (HKLM-x32\...\{EC9807DE-B577-47B1-A024-0251805ACF24}) (Version: 14.29.30133 - Microsoft Corporation) Hidden
Microsoft Windows Desktop Runtime - 6.0.6 (x64) (HKLM\...\{B9E46F95-AC34-4943-AFE2-B72EFD56C6C0}) (Version: 48.27.42342 - Microsoft Corporation) Hidden
Microsoft Windows Desktop Runtime - 6.0.6 (x64) (HKLM-x32\...\{aad3b888-fde2-48c0-95c2-2f7a729283fb}) (Version: 6.0.6.31318 - Microsoft Corporation)
Mozilla Firefox (x64 cs) (HKU\S-1-5-21-1091510603-4126540304-2273175986-1001\...\Mozilla Firefox 130.0 (x64 cs)) (Version: 130.0 - Mozilla)
Mozilla Firefox 87.0 (x64 cs) (HKLM\...\Mozilla Firefox 87.0 (x64 cs)) (Version: 87.0 - Mozilla)
Mozilla Maintenance Service (HKLM\...\MozillaMaintenanceService) (Version: 87.0 - Mozilla)
MpcStar 7.0 (HKLM-x32\...\MpcStar) (Version: 7.0 - www.mpcstar.com)
MuralPix 1.07 (HKLM-x32\...\MuralPix) (Version: - )
NVIDIA Ovladače grafiky 536.23 (HKLM\...\{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_Display.Driver) (Version: 536.23 - NVIDIA Corporation)
OpenAL (HKLM-x32\...\OpenAL) (Version: - )
Panzer Corps 2 (HKLM-x32\...\1698452155_is1) (Version: 1.02.01.01 - GOG.com)
Panzer Corps 2 Bonus scenarios (HKLM-x32\...\1545797396_is1) (Version: 1.02.01.01 - GOG.com)
SpeedFan (remove only) (HKLM-x32\...\SpeedFan) (Version: - )
Steam (HKLM-x32\...\Steam) (Version: 2.10.91.91 - Valve Corporation)
Total Commander 64-bit (Remove or Repair) (HKLM\...\Totalcmd64) (Version: 10.52 - Ghisler Software GmbH)
UninstallFujitsu Mouse LX960 (HKLM-x32\...\{FE95C175-92E0-45E7-B771-6C82CD64B2AE}}_is1) (Version: - Fujitsu Mouse LX960)
Update for Windows 10 for x64-based Systems (KB5001716) (HKLM\...\{85C69797-7336-4E83-8D97-32A7C8465A3B}) (Version: 8.94.0.0 - Microsoft Corporation)
USB Audio (HKLM\...\{B500C5BD-165A-4F93-ADAB-BA9E3C071B6C}) (Version: 2.0.1 - Marantz)
VLC media player (HKLM\...\VLC media player) (Version: 3.0.11 - VideoLAN)
Vortex (HKLM\...\57979c68-f490-55b8-8fed-8b017a5af2fe) (Version: 1.9.3 - Black Tree Gaming Ltd.)
Winamp (HKLM-x32\...\Winamp) (Version: 5.66 - Nullsoft, Inc)
WinArchiver (HKLM\...\WinArchiver) (Version: 5.7 - Power Software Ltd)
WinRAR 6.11 (64-bit) (HKLM\...\WinRAR archiver) (Version: 6.11.0 - win.rar GmbH)
Wooky 3.0.2.2 (HKU\S-1-5-21-1091510603-4126540304-2273175986-1001\...\Wooky) (Version: 3.0.2.2 - Mobilbonus, s.r.o.)

Packages:
=========

7-Zip File Manager (Unofficial) -> C:\Program Files\WindowsApps\HaukeGtze.7-ZipFileManagerUnofficial_1.2201.1.0_x64__6bk20wvc8rfx2 [2024-01-18] (Hauke Hasselberg)
Adobe Acrobat Reader -> C:\Program Files\Adobe\Acrobat DC [2024-06-14] ()
Hidden City: Hidden Object Adventure -> C:\Program Files\WindowsApps\828B5831.HiddenCityMysteryofShadows_1.74.7400.0_x64__ytsefhwckbdv6 [2024-08-18] (G5 Entertainment AB)
Microsoft Mahjong -> C:\Program Files\WindowsApps\Microsoft.MicrosoftMahjong_4.5.5170.0_x64__8wekyb3d8bbwe [2024-05-25] (Microsoft Studios)
Microsoft Treasure Hunt -> C:\Program Files\WindowsApps\Microsoft.MicrosoftTreasureHunt_2.5.7092.0_x86__8wekyb3d8bbwe [2024-07-16] (Microsoft Studios)
NVIDIA Control Panel -> C:\Program Files\WindowsApps\NVIDIACorp.NVIDIAControlPanel_8.1.966.0_x64__56jybvy8sckqj [2024-04-24] (NVIDIA Corp.)
RAR Opener -> C:\Program Files\WindowsApps\DeviceDoctor.RAROpener_1.3.48.0_x64__mkdtfchztkfbm [2024-06-10] (Tiny Opener)
Rozšíření pro video MPEG-2 -> C:\Program Files\WindowsApps\Microsoft.MPEG2VideoExtension_1.0.61931.0_x64__8wekyb3d8bbwe [2024-01-18] (Microsoft Corporation)
Vyhledávání na webu z Microsoft Bingu -> C:\Program Files\WindowsApps\Microsoft.BingSearch_1.0.95.0_x64__8wekyb3d8bbwe [2024-07-23] (Microsoft Corporation)

==================== Custom CLSID (Whitelisted): ==============

(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)

CustomCLSID: HKU\S-1-5-21-1091510603-4126540304-2273175986-1001_Classes\CLSID\{38142727-3008-9161-1521-349515000000}\localserver32 -> C:\Program Files\Adobe\Acrobat DC\Acrobat\ADNotificationManager.exe (Adobe Inc. -> Adobe)
CustomCLSID: HKU\S-1-5-21-1091510603-4126540304-2273175986-1001_Classes\CLSID\{4F2B02E3-DC31-489F-9FC8-B87598E9BCFC}\InprocServer32 -> C:\Mozilla Firefox\notificationserver.dll (Mozilla Corporation -> Mozilla Foundation)
CustomCLSID: HKU\S-1-5-21-1091510603-4126540304-2273175986-1001_Classes\CLSID\{820D63D5-8CFF-46DE-86AF-4997DEDD6DB5}\localserver32 -> C:\Windows\system32\igfxEM.exe (Intel Corporation - pGFX -> Intel Corporation)
CustomCLSID: HKU\S-1-5-21-1091510603-4126540304-2273175986-1001_Classes\CLSID\{C78B614F-F3EA-11D2-94A1-00E0292A01E3}\InprocServer32 -> C:\Program Files (x86)\Altap Salamander\utils\salextx64.dll (Fine spol. s r.o. -> ALTAP)
ContextMenuHandlers1: [ANotepad++64] -> {B298D29A-A6ED-11DE-BA8C-A68E55D89593} => C:\Program Files\Notepad++\NppShell_06.dll [2021-07-16] (Notepad++ -> )
ContextMenuHandlers1: [WinArchiver] -> {A6630968-27DC-8DB8-9BCE-E12B3198A9B1} => C:\Program Files\WinArchiver\WASHELL.DLL [2024-04-14] (Power Software Limited -> Power Software Ltd)
ContextMenuHandlers1: [WinRAR] -> {B41DB860-64E4-11D2-9906-E49FADC173CA} => C:\Program Files\WinRAR\rarext.dll [2022-03-03] (win.rar GmbH -> Alexander Roshal)
ContextMenuHandlers1-x32: [WinRAR32] -> {B41DB860-8EE4-11D2-9906-E49FADC173CA} => C:\Program Files\WinRAR\rarext32.dll [2022-03-03] (win.rar GmbH -> Alexander Roshal)
ContextMenuHandlers3: [MBAMShlExt] -> {57CE581A-0CB6-4266-9CA0-19364C90A0B3} => C:\Program Files\Malwarebytes\Anti-Malware\mbshlext.dll [2023-07-02] (Malwarebytes Inc. -> Malwarebytes)
ContextMenuHandlers4: [WinArchiver] -> {A6630968-27DC-8DB8-9BCE-E12B3198A9B1} => C:\Program Files\WinArchiver\WASHELL.DLL [2024-04-14] (Power Software Limited -> Power Software Ltd)
ContextMenuHandlers5: [igfxDTCM] -> {9B5F5829-A529-4B12-814A-E81BCB8D93FC} => C:\Windows\system32\igfxDTCM.dll [2015-07-30] (Microsoft Windows Hardware Compatibility Publisher -> Intel Corporation)
ContextMenuHandlers5: [NvCplDesktopContext] -> {3D1975AF-48C6-4f8e-A182-BE0E08FA86A9} => C:\Windows\System32\DriverStore\FileRepository\nv_dispig.inf_amd64_7e5fd280efaa5445\nvshext.dll [2023-06-21] (NVIDIA Corporation -> NVIDIA Corporation)
ContextMenuHandlers6: [MBAMShlExt] -> {57CE581A-0CB6-4266-9CA0-19364C90A0B3} => C:\Program Files\Malwarebytes\Anti-Malware\mbshlext.dll [2023-07-02] (Malwarebytes Inc. -> Malwarebytes)
ContextMenuHandlers6: [WinArchiver] -> {A6630968-27DC-8DB8-9BCE-E12B3198A9B1} => C:\Program Files\WinArchiver\WASHELL.DLL [2024-04-14] (Power Software Limited -> Power Software Ltd)
ContextMenuHandlers6: [WinRAR] -> {B41DB860-64E4-11D2-9906-E49FADC173CA} => C:\Program Files\WinRAR\rarext.dll [2022-03-03] (win.rar GmbH -> Alexander Roshal)
ContextMenuHandlers6-x32: [WinRAR32] -> {B41DB860-8EE4-11D2-9906-E49FADC173CA} => C:\Program Files\WinRAR\rarext32.dll [2022-03-03] (win.rar GmbH -> Alexander Roshal)
ContextMenuHandlers4_S-1-5-21-1091510603-4126540304-2273175986-1001: [Fb2kShellExt] -> {511D48AF-9E45-4CB8-8F02-9C1BE4BC3CF8} => -> No File

==================== Codecs (Whitelisted) ====================

(If an entry is included in the fixlist, the registry item will be restored to default or removed. The file will not be moved.)

HKLM\...\Drivers32-x32: [VIDC.FFDS] => ff_vfw.dll
HKLM\...\Drivers32: [vidc.tscc] => C:\Program Files (x86)\MpcStar\Codecs\tscc\tsccvid.dll [102400 2008-07-08] (TechSmith Corporation) [File not signed]

==================== Shortcuts & WMI ========================

(The entries could be listed to be restored or removed.)

ShortcutWithArgument: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Your Software Deals.lnk -> C:\ProgramData\Ashampoo\YourDeals.exe () -> hxxp://linktarget.ashampoo.com/linktarget/?target=marketplace&edition=eid=13472&utm_medium=desktop&x-pos=Metro

==================== Loaded Modules (Whitelisted) =============

2005-01-10 11:03 - 2004-05-10 14:40 - 000147456 _____ () [File not signed] C:\Program Files (x86)\MuralPix\MpImage.dll
2024-08-14 02:34 - 2024-09-04 10:23 - 000192512 _____ () [File not signed] C:\Users\PC\AppData\Local\Temp\sfamcc00001.dll
2024-08-14 02:34 - 2024-09-04 10:23 - 000158720 _____ () [File not signed] C:\Users\PC\AppData\Local\Temp\sfareca00001.dll
2005-03-16 21:17 - 2006-12-30 16:45 - 000535552 _____ (Learsy) [File not signed] C:\Program Files (x86)\MuralPix\MpApi.dll
2005-04-09 21:24 - 2006-12-30 16:47 - 000106496 _____ (Learsy) [File not signed] C:\Windows\SysWOW64\MuralPix.scr
2015-05-22 01:59 - 2015-05-22 01:59 - 001202688 _____ (The OpenSSL Project, hxxp://www.openssl.org/) [File not signed] C:\Program Files (x86)\Intel\iCLS Client\LIBEAY32.dll
2015-05-22 01:59 - 2015-05-22 01:59 - 000306688 _____ (The OpenSSL Project, hxxp://www.openssl.org/) [File not signed] C:\Program Files (x86)\Intel\iCLS Client\ssleay32.dll

==================== Alternate Data Streams (Whitelisted) ========

==================== Safe Mode (Whitelisted) ==================

(If an entry is included in the fixlist, it will be removed from the registry. The "AlternateShell" will be restored.)

HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\MBAMService => ""="Service"
HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Network\MBAMService => ""="Service"

==================== Association (Whitelisted) =================

==================== Internet Explorer (Whitelisted) =============


==================== Hosts content: =========================

(If needed Hosts: directive could be included in the fixlist to reset Hosts.)

2019-12-07 11:14 - 2022-11-29 20:08 - 000000828 _____ C:\Windows\system32\drivers\etc\hosts

==================== Other Areas ===========================

(Currently there is no automatic fix for this section.)

HKLM\System\CurrentControlSet\Control\Session Manager\Environment\\Path -> C:\Program Files (x86)\Intel\iCLS Client\;C:\Program Files\Intel\iCLS Client\;C:\Windows\system32;C:\Windows;C:\Windows\System32\Wbem;C:\Windows\System32\WindowsPowerShell\v1.0\;C:\Windows\System32\OpenSSH\;C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\DAL;C:\Program Files\Intel\Intel(R) Management Engine Components\DAL;C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\IPT;C:\Program Files\Intel\Intel(R) Management Engine Components\IPT;C:\Program Files\dotnet\
HKU\S-1-5-21-1091510603-4126540304-2273175986-1001\Control Panel\Desktop\\Wallpaper -> C:\foto1\infierno_hell_red_background_1321x932_desktop_1321x932_hd-wallpaper-169171.jpg
DNS Servers: 192.168.5.1 - 172.21.1.1
HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Policies\System => (ConsentPromptBehaviorAdmin: 5) (ConsentPromptBehaviorUser: 3) (EnableLUA: 1)
Windows Firewall is enabled.

Network Binding:
=============
Ethernet: Broadcom NetLink (TM) Gigabit Ethernet -> k57nd60a.sys

steamxboxndi: Steam Xbox Controller Enhanced Features Driver

==================== MSCONFIG/TASK MANAGER disabled items ==

(If an entry is included in the fixlist, it will be removed.)

HKLM\...\StartupApproved\Run: => "SecurityHealth"
HKLM\...\StartupApproved\Run: => "ISCT Tray"
HKLM\...\StartupApproved\Run: => "Cmaudio8788"
HKLM\...\StartupApproved\Run: => "Start WingMan Profiler"
HKLM\...\StartupApproved\Run32: => "Fujitsu Mouse LX960"
HKU\S-1-5-21-1091510603-4126540304-2273175986-1001\...\StartupApproved\Run: => "OneDrive"
HKU\S-1-5-21-1091510603-4126540304-2273175986-1001\...\StartupApproved\Run: => "Steam"
HKU\S-1-5-21-1091510603-4126540304-2273175986-1001\...\StartupApproved\Run: => "CCleaner Smart Cleaning"

==================== FirewallRules (Whitelisted) ================

(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)

FirewallRules: [{1B38B56F-40FA-445E-A85F-A19EDC28BC0D}] => (Allow) C:\Program Files\WindowsApps\Microsoft.SkypeApp_15.68.96.0_x86__kzf8qxf38zg5c\Skype\Skype.exe (Skype Software Sarl -> Skype Technologies S.A.)
FirewallRules: [{7EFDB021-F8CA-4192-BB38-BAD2560F818F}] => (Allow) C:\Program Files\WindowsApps\Microsoft.SkypeApp_15.68.96.0_x86__kzf8qxf38zg5c\Skype\Skype.exe (Skype Software Sarl -> Skype Technologies S.A.)
FirewallRules: [{FAB62E66-85BA-48F1-B647-9DA88CEAA711}] => (Allow) C:\Program Files\WindowsApps\Microsoft.SkypeApp_15.68.96.0_x86__kzf8qxf38zg5c\Skype\Skype.exe (Skype Software Sarl -> Skype Technologies S.A.)
FirewallRules: [{EA034265-458D-4C38-B6FB-DEA5FD5CDEE8}] => (Allow) C:\Program Files\WindowsApps\Microsoft.SkypeApp_15.68.96.0_x86__kzf8qxf38zg5c\Skype\Skype.exe (Skype Software Sarl -> Skype Technologies S.A.)
FirewallRules: [{E6AA9AA5-9D34-4A16-BB9A-CD7BCF591160}] => (Allow) D:\Steam\Steam.exe (Valve Corp. -> Valve Corporation)
FirewallRules: [{86C8FDBC-3C48-4227-A827-A3E40126E6D8}] => (Allow) D:\Steam\Steam.exe (Valve Corp. -> Valve Corporation)
FirewallRules: [{9BED10CE-BC62-4E7A-BA7F-31B3C26574C2}] => (Allow) D:\Steam\bin\cef\cef.win7x64\steamwebhelper.exe (Valve Corp. -> Valve Corporation)
FirewallRules: [{286814D8-B567-46CB-979C-F75E7CF505E1}] => (Allow) D:\Steam\bin\cef\cef.win7x64\steamwebhelper.exe (Valve Corp. -> Valve Corporation)
FirewallRules: [{344689AA-FCEF-4FDE-B2ED-91FBBB141AD4}] => (Allow) C:\Program Files (x86)\uTorrent\uTorrent.exe (BitTorrent Inc -> BitTorrent, Inc.)
FirewallRules: [{6122EF37-CDFD-460A-95C2-CCA56BE1007B}] => (Allow) C:\Program Files (x86)\uTorrent\uTorrent.exe (BitTorrent Inc -> BitTorrent, Inc.)
FirewallRules: [{41BA48C4-2FD8-4098-9313-5C1E761D4810}] => (Allow) C:\Mozilla Firefox\firefox.exe (Mozilla Corporation -> Mozilla Corporation)
FirewallRules: [{D3709EB1-28E6-4601-BB3B-D726507856E4}] => (Allow) C:\Mozilla Firefox\firefox.exe (Mozilla Corporation -> Mozilla Corporation)
FirewallRules: [{7D665E76-7152-4C21-B0EA-E2405AAC03AC}] => (Block) D:\Steam\steamapps\common\Fallout 4\Fallout4.exe (Bethesda Softworks) [File not signed]
FirewallRules: [{1F8A86D2-9C65-427C-9FCE-98794E0F0E90}] => (Allow) C:\Program Files (x86)\Winamp\winamp.exe (Nullsoft Inc. -> Nullsoft, Inc.)
FirewallRules: [{A1CAE3BA-67CD-4E85-91FC-409334F4D6D4}] => (Allow) C:\Program Files (x86)\Winamp\winamp.exe (Nullsoft Inc. -> Nullsoft, Inc.)
FirewallRules: [{7189F30F-F1F6-4535-A7E4-4DA4F3C4E3F4}] => (Allow) D:\Steam\steamapps\common\Fallout 4\Fallout4Launcher.exe (Bethesda Softworks) [File not signed]
FirewallRules: [{8DF363F0-78F8-48F6-BD39-211B85F2F33D}] => (Allow) D:\Steam\steamapps\common\Fallout 4\Fallout4Launcher.exe (Bethesda Softworks) [File not signed]
FirewallRules: [{40642B31-D916-4F00-8157-9965E5D35737}] => (Allow) D:\Steam\steamapps\common\Xenonauts\Xenonauts.exe () [File not signed]
FirewallRules: [{CDB3D726-A12A-46C2-8152-A7286E671071}] => (Allow) D:\Steam\steamapps\common\Xenonauts\Xenonauts.exe () [File not signed]
FirewallRules: [{E974110C-73CB-47F8-A2B8-61400BB352A1}] => (Allow) D:\Steam\steamapps\common\Project CARS 2\pCARS2.exe (Slightly Mad Studios Ltd) [File not signed]
FirewallRules: [{295B1D99-D292-417A-BA5B-FEC52C9E18BB}] => (Allow) D:\Steam\steamapps\common\Project CARS 2\pCARS2.exe (Slightly Mad Studios Ltd) [File not signed]
FirewallRules: [TCP Query User{866C3C38-49B6-4EB7-8D7F-1926F0E2C9C1}C:\program files\videolan\vlc\vlc.exe] => (Allow) C:\program files\videolan\vlc\vlc.exe (VideoLAN -> VideoLAN)
FirewallRules: [UDP Query User{16B0A46E-1501-481F-A303-C986C7B678D5}C:\program files\videolan\vlc\vlc.exe] => (Allow) C:\program files\videolan\vlc\vlc.exe (VideoLAN -> VideoLAN)
FirewallRules: [{B124C52C-7809-4B52-908C-359C4E45B268}] => (Allow) D:\Steam\steamapps\common\DarkestDungeon\_windows\Darkest.exe () [File not signed]
FirewallRules: [{C8EED2A0-7674-48FD-B33D-330121CE893C}] => (Allow) D:\Steam\steamapps\common\DarkestDungeon\_windows\Darkest.exe () [File not signed]
FirewallRules: [{CD0617C8-D2C0-4CAE-8E1A-E32503F0A076}] => (Allow) D:\Steam\steamapps\common\IL-2 Sturmovik Cliffs of Dover Blitz\Launcher64.exe (Team Fusion Simulations Ltd. -> 1C:SoftClub)
FirewallRules: [{761D1E59-EB82-4EA6-89BF-E5FF661AC0A2}] => (Allow) D:\Steam\steamapps\common\IL-2 Sturmovik Cliffs of Dover Blitz\Launcher64.exe (Team Fusion Simulations Ltd. -> 1C:SoftClub)
FirewallRules: [{314D97EE-35A3-49F5-B05D-5594478B02A0}] => (Allow) D:\Steam\steamapps\common\IL-2 Sturmovik Battle of Stalingrad\bin\game\Il-2.exe (1s Game Studios -> 1C-777 Limited)
FirewallRules: [{EABE4FDE-C836-4A17-890C-562F6A60C4E2}] => (Allow) D:\Steam\steamapps\common\IL-2 Sturmovik Battle of Stalingrad\bin\game\Il-2.exe (1s Game Studios -> 1C-777 Limited)
FirewallRules: [{FBB8CDA8-D229-41BC-B9F7-73A3ED068465}] => (Allow) C:\Program Files\BraveSoftware\Brave-Browser\Application\brave.exe (Brave Software, Inc. -> Brave Software, Inc.)

==================== Restore Points =========================

14-08-2024 01:38:23 Instalační služba modulů systému Windows
22-08-2024 10:27:10 Naplánovaný kontrolní bod
31-08-2024 10:16:22 Naplánovaný kontrolní bod

==================== Faulty Device Manager Devices ============


==================== Event log errors: ========================

Application errors:
==================
Error: (09/04/2024 11:01:16 AM) (Source: Application Error) (EventID: 1000) (User: )
Description: Název chybující aplikace: MBAMService.exe, verze: 3.2.0.1306, časové razítko: 0x666a202a
Název chybujícího modulu: mbae-api-na.dll_unloaded, verze: 1.13.4.585, časové razítko: 0x65a15425
Kód výjimky: 0xc0000005
Posun chyby: 0x0000000000038d72
ID chybujícího procesu: 0x854
Čas spuštění chybující aplikace: 0x01dafea3cd57cf01
Cesta k chybující aplikaci: C:\Program Files\Malwarebytes\Anti-Malware\MBAMService.exe
Cesta k chybujícímu modulu: mbae-api-na.dll
ID zprávy: bef4d4b7-dcaf-4f61-9f32-e602afd1b830
Úplný název chybujícího balíčku:
ID aplikace související s chybujícím balíčkem:

Error: (09/04/2024 11:00:55 AM) (Source: Application Error) (EventID: 1000) (User: )
Description: Název chybující aplikace: uTorrent.exe, verze: 2.2.1.25203, časové razítko: 0x4da658c2
Název chybujícího modulu: GDI32.dll, verze: 10.0.19041.4474, časové razítko: 0xd3b202c2
Kód výjimky: 0xc000041d
Posun chyby: 0x00005e17
ID chybujícího procesu: 0x154c
Čas spuštění chybující aplikace: 0x01dafea8c162daba
Cesta k chybující aplikaci: C:\Program Files (x86)\uTorrent\uTorrent.exe
Cesta k chybujícímu modulu: C:\Windows\System32\GDI32.dll
ID zprávy: cb774c11-8216-4f78-bee6-8f1270a1f2ee
Úplný název chybujícího balíčku:
ID aplikace související s chybujícím balíčkem:

Error: (09/04/2024 03:44:44 AM) (Source: Firefox Default Browser Agent) (EventID: 5) (User: )
Description: Event-ID 5

Error: (09/03/2024 06:21:20 PM) (Source: MBAMIService) (EventID: 0) (User: )
Description: Event-ID 0

Error: (09/03/2024 06:21:20 PM) (Source: MBAMIService) (EventID: 0) (User: )
Description: Event-ID 0

Error: (09/02/2024 06:22:40 PM) (Source: MBAMIService) (EventID: 0) (User: )
Description: Event-ID 0

Error: (09/02/2024 06:22:40 PM) (Source: MBAMIService) (EventID: 0) (User: )
Description: Event-ID 0

Error: (09/02/2024 04:05:04 AM) (Source: MBAMIService) (EventID: 0) (User: )
Description: Event-ID 0


System errors:
=============
Error: (09/04/2024 10:47:57 AM) (Source: Service Control Manager) (EventID: 7034) (User: )
Description: Služba CCleaner Performance Optimizer Service byla neočekávaně ukončena. Tento stav nastal již 1krát.

Error: (09/04/2024 10:44:58 AM) (Source: DCOM) (EventID: 10000) (User: DESKTOP-3CTVH0E)
Description: Nelze spustit server DCOM: {0358B920-0AC7-461F-98F4-58E32CD89148}. Došlo k chybě:
2147942767
při provádění příkazu:
C:\Windows\system32\DllHost.exe /Processid:{3EB3C877-1F16-487C-9050-104DBCD66683}

Error: (09/04/2024 10:22:10 AM) (Source: Service Control Manager) (EventID: 7034) (User: )
Description: Služba Intel(R) Security Assist byla neočekávaně ukončena. Tento stav nastal již 1krát.

Error: (09/04/2024 07:50:32 AM) (Source: Microsoft-Windows-WindowsUpdateClient) (EventID: 20) (User: NT AUTHORITY)
Description: Instalace se nezdařila: Instalování následující aktualizace se nezdařilo z důvodu chyby (0x80073d02): 9NMPJ99VJBWV-Microsoft.YourPhone.

Error: (09/04/2024 07:50:18 AM) (Source: Microsoft-Windows-WindowsUpdateClient) (EventID: 20) (User: NT AUTHORITY)
Description: Instalace se nezdařila: Instalování následující aktualizace se nezdařilo z důvodu chyby (0x800706d9): 9WZDNCRFHVJL-MICROSOFT.OFFICE.ONENOTE.

Error: (09/04/2024 06:00:01 AM) (Source: Microsoft-Windows-TPM-WMI) (EventID: 1796) (User: NT AUTHORITY)
Description: The Secure Boot update failed to update a Secure Boot variable with error -2147020471. For more information, please see https://go.microsoft.com/fwlink/?linkid=2169931

Error: (09/03/2024 06:24:19 PM) (Source: Microsoft-Windows-TPM-WMI) (EventID: 1796) (User: NT AUTHORITY)
Description: The Secure Boot update failed to update a Secure Boot variable with error -2147020471. For more information, please see https://go.microsoft.com/fwlink/?linkid=2169931

Error: (09/03/2024 06:21:20 PM) (Source: Microsoft-Windows-TPM-WMI) (EventID: 1796) (User: NT AUTHORITY)
Description: The Secure Boot update failed to update a Secure Boot variable with error -2147020471. For more information, please see https://go.microsoft.com/fwlink/?linkid=2169931


Windows Defender:
================
Date: 2024-09-04 08:26:19
Description:
Prohledávání Antivirová ochrana v programu Microsoft Defender bylo zastaveno před dokončením.
ID prohledávání: {3980DDFB-8D65-45DA-B6E5-650A785F467A}
Typ prohledávání: Antimalwarový program
Parametry prohledávání: Rychlé prohledávání
Uživatel: NT AUTHORITY\SYSTEM

Date: 2024-09-01 10:25:36
Description:
Prohledávání Antivirová ochrana v programu Microsoft Defender bylo zastaveno před dokončením.
ID prohledávání: {2FD2EF5C-FE94-408A-B62F-A227DBB8C219}
Typ prohledávání: Antimalwarový program
Parametry prohledávání: Rychlé prohledávání
Uživatel: NT AUTHORITY\SYSTEM

Date: 2024-08-31 08:14:43
Description:
Prohledávání Antivirová ochrana v programu Microsoft Defender bylo zastaveno před dokončením.
ID prohledávání: {DD59883C-5927-4406-9682-73D00B9D1D1D}
Typ prohledávání: Antimalwarový program
Parametry prohledávání: Rychlé prohledávání
Uživatel: NT AUTHORITY\SYSTEM

Date: 2024-08-29 07:33:43
Description:
Prohledávání Antivirová ochrana v programu Microsoft Defender bylo zastaveno před dokončením.
ID prohledávání: {155048F6-77EE-4011-A746-52A949AD7736}
Typ prohledávání: Antimalwarový program
Parametry prohledávání: Rychlé prohledávání
Uživatel: NT AUTHORITY\SYSTEM

Date: 2024-08-28 08:20:32
Description:
Prohledávání Antivirová ochrana v programu Microsoft Defender bylo zastaveno před dokončením.
ID prohledávání: {8964E7B7-7D45-4430-9655-1ADB06625583}
Typ prohledávání: Antimalwarový program
Parametry prohledávání: Rychlé prohledávání
Uživatel: NT AUTHORITY\SYSTEM
Event[0]:

Date: 2024-01-18 09:17:10
Description:
Antivirová ochrana v programu Microsoft Defender narazil na chybu při pokusu o aktualizaci bezpečnostních informací a pokusí se o obnovení na předchozí verzi.
Bezpečnostní informace, které se měly načíst: Aktuální
Kód chyby: 0x80070003
Popis chyby: Systém nemůže nalézt uvedenou cestu.
Verze bezpečnostních informací: 0.0.0.0;0.0.0.0
Verze modulu: 0.0.0.0

Date: 2024-01-10 06:32:23
Description:
Antivirová ochrana v programu Microsoft Defender narazil na chybu při pokusu o aktualizaci bezpečnostních informací.
Nová verze bezpečnostních informací: 1.403.1918.0
Předchozí verze bezpečnostních informací: 1.403.1884.0
Zdroj aktualizace: Uživatel
Typ bezpečnostních informací: Antispywarový program
Typ aktualizace: Delta
Uživatel: NT AUTHORITY\SYSTEM
Aktuální verze modulu: 1.1.23110.2
Předchozí verze modulu: 1.1.23110.2
Kód chyby: 0x80501102
Popis chyby: Došlo k neočekávaným potížím. Nainstalujte všechny dostupné aktualizace a potom opakujte spuštění programu. Informace o instalaci aktualizací naleznete v nápovědě a podpoře.

Date: 2024-01-10 06:32:23
Description:
Antivirová ochrana v programu Microsoft Defender narazil na chybu při pokusu o aktualizaci bezpečnostních informací.
Nová verze bezpečnostních informací: 1.403.1918.0
Předchozí verze bezpečnostních informací: 1.403.1884.0
Zdroj aktualizace: Uživatel
Typ bezpečnostních informací: Antivirový program
Typ aktualizace: Delta
Uživatel: NT AUTHORITY\SYSTEM
Aktuální verze modulu: 1.1.23110.2
Předchozí verze modulu: 1.1.23110.2
Kód chyby: 0x80501102
Popis chyby: Došlo k neočekávaným potížím. Nainstalujte všechny dostupné aktualizace a potom opakujte spuštění programu. Informace o instalaci aktualizací naleznete v nápovědě a podpoře.

Date: 2023-11-04 19:40:33
Description:
Antivirová ochrana v programu Microsoft Defender narazil na chybu při pokusu o aktualizaci bezpečnostních informací a pokusí se o obnovení na předchozí verzi.
Bezpečnostní informace, které se měly načíst: Aktuální
Kód chyby: 0x80501102
Popis chyby: Došlo k neočekávaným potížím. Nainstalujte všechny dostupné aktualizace a potom opakujte spuštění programu. Informace o instalaci aktualizací naleznete v nápovědě a podpoře.
Verze bezpečnostních informací: 1.401.79.0;1.401.79.0
Verze modulu: 1.1.23100.2009

Date: 2023-10-21 17:06:38
Description:
Antivirová ochrana v programu Microsoft Defender narazil na chybu při pokusu o aktualizaci bezpečnostních informací a pokusí se o obnovení na předchozí verzi.
Bezpečnostní informace, které se měly načíst: Aktuální
Kód chyby: 0x80501102
Popis chyby: Došlo k neočekávaným potížím. Nainstalujte všechny dostupné aktualizace a potom opakujte spuštění programu. Informace o instalaci aktualizací naleznete v nápovědě a podpoře.
Verze bezpečnostních informací: 1.399.1037.0;1.399.1037.0
Verze modulu: 1.1.23090.2007

CodeIntegrity:
===============
Date: 2024-09-04 11:01:20
Description:
Code Integrity is unable to verify the image integrity of the file \Device\HarddiskVolume5\Windows\System32\fcon.dll because the set of per-page image hashes could not be found on the system.

Date: 2024-09-04 11:01:16
Description:
Code Integrity is unable to verify the image integrity of the file \Device\HarddiskVolume5\Windows\System32\aepic.dll because the set of per-page image hashes could not be found on the system.

Date: 2024-05-24 17:20:56
Description:
Code Integrity determined that a process (\Device\HarddiskVolume5\Mozilla Firefox\firefox.exe) attempted to load \Device\HarddiskVolume5\Program Files\Malwarebytes\Anti-Malware\mbae64.dll that did not meet the Microsoft signing level requirements.


==================== Memory info ===========================

BIOS: American Megatrends Inc. P2.80 07/01/2013
Motherboard: ASRock Z77 Extreme6
Processor: Intel(R) Core(TM) i5-3450 CPU @ 3.10GHz
Percentage of memory in use: 23%
Total physical RAM: 16268.1 MB
Available physical RAM: 12372.19 MB
Total Virtual: 18700.1 MB
Available Virtual: 14320.4 MB

==================== Drives ================================

Drive c: () (Fixed) (Total:232.28 GB) (Free:17.45 GB) (Model: WDC WD2500HHTZ-04N21V0) NTFS
Drive d: (ROCOR GYM) (Fixed) (Total:931.5 GB) (Free:14.01 GB) (Model: WDC WD10EZEX-08WN4A0) NTFS
Drive h: () (Fixed) (Total:465.76 GB) (Free:23.78 GB) (Model: ST500LM0 12 HN-M500MB USB Device) NTFS

\\?\Volume{de8f403c-78c6-4da3-98dd-7c65f59081c4}\ () (Fixed) (Total:0.49 GB) (Free:0.08 GB) NTFS
\\?\Volume{f65d7f54-4dcf-4e60-95b6-df53b1a403eb}\ () (Fixed) (Total:0.09 GB) (Free:0.07 GB) FAT32

==================== MBR & Partition Table ====================

==========================================================
Disk: 0 (Protective MBR) (Size: 931.5 GB) (Disk ID: 00000000)

Partition: GPT.

==========================================================
Disk: 1 (Size: 232.9 GB) (Disk ID: 0BA592B7)

Partition: GPT.

==========================================================
Disk: 2 (Size: 465.8 GB) (Disk ID: A345F4C7)
Partition 1: (Not Active) - (Size=465.8 GB) - (Type=07 NTFS)

==================== End of Addition.txt =======================

OK. Otevřte poznámkový blok a zkopírujte do něj:

Start

CloseProcesses::
ContextMenuHandlers4_S-1-5-21-1091510603-4126540304-2273175986-1001: [Fb2kShellExt] -> {511D48AF-9E45-4CB8-8F02-9C1BE4BC3CF8} => -> No File
Task: {537375AC-3BCB-4DA8-A137-9C2F221B2AB4} - \CCleanerSkipUAC -> No File <==== ATTENTION
Task: {994B6BEA-B45A-4E3E-AC38-DCDD1E0C54B5} - \CCleanerSkipUAC -> No File <==== ATTENTION
Task: {E3590E26-3B39-4010-BD33-9996CF06378F} - \CCleanerSkipUAC -> No File <==== ATTENTION
Task: {FE55186A-E615-431B-BBBD-8261504D717C} - \CCleanerSkipUAC -> No File <==== ATTENTION
Task: {21D76381-CEE4-4F2C-8999-295917A6CE29} - System32\Tasks\CCleaner Update => C:\Program Files\CCleaner\CCUpdate.exe (No File)
Task: {893FCD3D-C20C-43FE-BA86-9F5996DAE08C} - System32\Tasks\CCleaner Update => C:\Program Files\CCleaner\CCUpdate.exe (No File)
Task: {AADDFD4F-EBA0-472A-85F3-3120A8C81380} - System32\Tasks\OneDrive Standalone Update Task-S-1-5-21-1091510603-4126540304-2273175986-500 => %localappdata%\Microsoft\OneDrive\OneDriveStandaloneUpdater.exe (No File)
C:\DumpStack.log.tmp

EmptyTemp:
End

Uložte na plochu jako fixlist.txt. Spusťte znovu FRST a klikněte na >Fix<. Po skončení akce se objeví log, který sem zkopírujte.

Fix result of Farbar Recovery Scan Tool (x64) Version: 22-08.2024
Ran by PC (04-09-2024 13:46:14) Run:7
Running from C:\Users\PC\Desktop
Loaded Profiles: PC
Boot Mode: Normal
==============================================

fixlist content:
*****************
Start

CloseProcesses::
ContextMenuHandlers4_S-1-5-21-1091510603-4126540304-2273175986-1001: [Fb2kShellExt] -> {511D48AF-9E45-4CB8-8F02-9C1BE4BC3CF8} => -> No File
Task: {537375AC-3BCB-4DA8-A137-9C2F221B2AB4} - \CCleanerSkipUAC -> No File <==== ATTENTION
Task: {994B6BEA-B45A-4E3E-AC38-DCDD1E0C54B5} - \CCleanerSkipUAC -> No File <==== ATTENTION
Task: {E3590E26-3B39-4010-BD33-9996CF06378F} - \CCleanerSkipUAC -> No File <==== ATTENTION
Task: {FE55186A-E615-431B-BBBD-8261504D717C} - \CCleanerSkipUAC -> No File <==== ATTENTION
Task: {21D76381-CEE4-4F2C-8999-295917A6CE29} - System32\Tasks\CCleaner Update => C:\Program Files\CCleaner\CCUpdate.exe (No File)
Task: {893FCD3D-C20C-43FE-BA86-9F5996DAE08C} - System32\Tasks\CCleaner Update => C:\Program Files\CCleaner\CCUpdate.exe (No File)
Task: {AADDFD4F-EBA0-472A-85F3-3120A8C81380} - System32\Tasks\OneDrive Standalone Update Task-S-1-5-21-1091510603-4126540304-2273175986-500 => %localappdata%\Microsoft\OneDrive\OneDriveStandaloneUpdater.exe (No File)
C:\DumpStack.log.tmp

EmptyTemp:
End
*****************

Processes closed successfully.
HKU\S-1-5-21-1091510603-4126540304-2273175986-1001\Software\Classes\Directory\ShellEx\ContextMenuHandlers\Fb2kShellExt => removed successfully
"HKLM\Software\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Plain\{537375AC-3BCB-4DA8-A137-9C2F221B2AB4}" => removed successfully
"HKLM\Software\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tasks\{537375AC-3BCB-4DA8-A137-9C2F221B2AB4}" => removed successfully
"HKLM\Software\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tree\CCleanerSkipUAC" => not found
"HKLM\Software\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Plain\{994B6BEA-B45A-4E3E-AC38-DCDD1E0C54B5}" => removed successfully
"HKLM\Software\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tasks\{994B6BEA-B45A-4E3E-AC38-DCDD1E0C54B5}" => removed successfully
"HKLM\Software\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tree\CCleanerSkipUAC" => not found
"HKLM\Software\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Plain\{E3590E26-3B39-4010-BD33-9996CF06378F}" => removed successfully
"HKLM\Software\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tasks\{E3590E26-3B39-4010-BD33-9996CF06378F}" => removed successfully
"HKLM\Software\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tree\CCleanerSkipUAC" => not found
"HKLM\Software\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Plain\{FE55186A-E615-431B-BBBD-8261504D717C}" => removed successfully
"HKLM\Software\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tasks\{FE55186A-E615-431B-BBBD-8261504D717C}" => removed successfully
"HKLM\Software\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tree\CCleanerSkipUAC" => not found
"HKLM\Software\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Boot\{21D76381-CEE4-4F2C-8999-295917A6CE29}" => removed successfully
"HKLM\Software\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tasks\{21D76381-CEE4-4F2C-8999-295917A6CE29}" => removed successfully
C:\Windows\System32\Tasks\CCleaner Update => moved successfully
"HKLM\Software\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tree\CCleaner Update" => not found
"HKLM\Software\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Boot\{893FCD3D-C20C-43FE-BA86-9F5996DAE08C}" => removed successfully
"HKLM\Software\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tasks\{893FCD3D-C20C-43FE-BA86-9F5996DAE08C}" => removed successfully
"C:\Windows\System32\Tasks\CCleaner Update" => not found
"HKLM\Software\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tree\CCleaner Update" => not found
"HKLM\Software\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Plain\{AADDFD4F-EBA0-472A-85F3-3120A8C81380}" => removed successfully
"HKLM\Software\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tasks\{AADDFD4F-EBA0-472A-85F3-3120A8C81380}" => removed successfully
C:\Windows\System32\Tasks\OneDrive Standalone Update Task-S-1-5-21-1091510603-4126540304-2273175986-500 => moved successfully
"HKLM\Software\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tree\OneDrive Standalone Update Task-S-1-5-21-1091510603-4126540304-2273175986-500" => removed successfully
Could not move "C:\DumpStack.log.tmp" => Scheduled to move on reboot.

=========== EmptyTemp: ==========

FlushDNS => completed
BITS transfer queue => 1310720 B
DOMStore, IE Recovery, AppCache, Feeds Cache, Thumbcache, IconCache => 11635754 B
Java, Discord, Steam htmlcache, WinHttpAutoProxySvc/winhttp *.cache => 250476779 B
Windows/system/drivers => 72249281 B
Edge => 0 B
Brave => 50159246 B
Firefox => 44730693 B
Opera => 0 B

Temp, IE cache, history, cookies, recent:
Default => 0 B
ProgramData => 0 B
Public => 0 B
systemprofile => 20 B
systemprofile32 => 20 B
LocalService => 20 B
NetworkService => 5946252 B
PC => 27320225 B

RecycleBin => 0 B
EmptyTemp: => 442.3 MB temporary data Removed.

================================

Result of scheduled files to move (Boot Mode: Normal) (Date&Time: 04-09-2024 13:50:00)

C:\DumpStack.log.tmp => Could not move

==== End of Fixlog 13:50:00 ====

Smazáno. Nastala nějaká změna?

jo, vypadá to dobře po tom restartování to bylo ok, po dalším a pak po dalším taky

je to ok, tak díky moc!

Rádo se stalo!