VIRY.CZ

Můžu poprosit o kontrolu --- pomalý prohlížeč Chrome


Scan result of Farbar Recovery Scan Tool (FRST) (x64) Version: 19-12-2024 01
Ran by rossu (administrator) on DESKTOP-20BP8MR (Acer Aspire ES1-731G) (21-12-2024 13:45:38)
Running from C:\Users\rossu\Desktop\FRST64 (1).exe
Loaded Profiles: rossu
Platform: Microsoft Windows 11 Home Version 23H2 22631.4602 (X64) Language: Čeština (Česko)
Default browser: Chrome
Boot Mode: Normal

==================== Processes (Whitelisted) =================

(If an entry is included in the fixlist, the process will be closed. The file will not be moved.)

(C:\Program Files\Google\Drive File Stream\101.0.3.0\GoogleDriveFS.exe ->) (Google LLC -> ) C:\Program Files\Google\Drive File Stream\101.0.3.0\crashpad_handler.exe
(C:\Program Files\NVIDIA Corporation\Display.NvContainer\NVDisplay.Container.exe ->) (NVIDIA Corporation -> NVIDIA Corporation) C:\Program Files\NVIDIA Corporation\Display\nvxdsync.exe
(explorer.exe ->) (Google LLC -> Google LLC) C:\Program Files\Google\Chrome\Application\chrome.exe <10>
(explorer.exe ->) (Google LLC -> Google, Inc.) C:\Program Files\Google\Drive File Stream\101.0.3.0\GoogleDriveFS.exe <7>
(RuntimeBroker.exe ->) (Intel(R) pGFX -> Intel Corporation) C:\Windows\System32\igfxEM.exe
(RuntimeBroker.exe ->) (Intel(R) pGFX -> Intel Corporation) C:\Windows\System32\igfxHK.exe
(services.exe ->) (Intel(R) pGFX -> Intel Corporation) C:\Windows\System32\igfxCUIService.exe
(services.exe ->) (Microsoft Corporation -> Microsoft Corporation) C:\Windows\Microsoft.NET\Framework64\v3.0\WPF\PresentationFontCache.exe
(services.exe ->) (Microsoft Windows Publisher -> Microsoft Corporation) C:\ProgramData\Microsoft\Windows Defender\Platform\4.18.24090.11-0\MpDefenderCoreService.exe
(services.exe ->) (Microsoft Windows Publisher -> Microsoft Corporation) C:\ProgramData\Microsoft\Windows Defender\Platform\4.18.24090.11-0\MsMpEng.exe
(services.exe ->) (Microsoft Windows Publisher -> Microsoft Corporation) C:\ProgramData\Microsoft\Windows Defender\Platform\4.18.24090.11-0\NisSrv.exe
(services.exe ->) (NVIDIA Corporation -> NVIDIA Corporation) C:\Program Files\NVIDIA Corporation\Display.NvContainer\NVDisplay.Container.exe
(services.exe ->) (Qualcomm Atheros -> Windows (R) Win 7 DDK provider) C:\Windows\System32\drivers\AdminService.exe
(svchost.exe ->) (Microsoft Corporation -> Microsoft Corporation) C:\Program Files\WindowsApps\Microsoft.MicrosoftStickyNotes_6.1.4.0_x64__8wekyb3d8bbwe\Microsoft.Notes.exe
(svchost.exe ->) (Microsoft Corporation -> Microsoft Corporation) C:\Program Files\WindowsApps\Microsoft.StartExperiencesApp_1.1.200.0_x64__8wekyb3d8bbwe\MicrosoftStartFeedProvider\MicrosoftStartFeedProvider.exe
(svchost.exe ->) (Microsoft Windows -> Microsoft Corporation) C:\Program Files\WindowsApps\MicrosoftWindows.Client.WebExperience_524.30502.30.0_x64__cw5n1h2txyewy\WidgetBoard.exe
(svchost.exe ->) (Microsoft Windows -> Microsoft Corporation) C:\Windows\ImmersiveControlPanel\SystemSettings.exe
(svchost.exe ->) (Microsoft Windows -> Microsoft Corporation) C:\Windows\System32\dllhost.exe
(svchost.exe ->) (Microsoft Windows -> Microsoft Corporation) C:\Windows\System32\LocationNotificationWindows.exe
(svchost.exe ->) (Microsoft Windows -> Microsoft Corporation) C:\Windows\System32\smartscreen.exe
(svchost.exe ->) (Microsoft Windows -> Microsoft Corporation) C:\Windows\UUS\Packages\Preview\amd64\MoUsoCoreWorker.exe

==================== Registry (Whitelisted) ===================

(If an entry is included in the fixlist, the registry item will be restored to default or removed. The file will not be moved.)

HKU\S-1-5-19\...\Run: [GoogleDriveFS] => C:\Program Files\Google\Drive File Stream\101.0.3.0\GoogleDriveFS.exe [61998176 2024-12-11] (Google LLC -> Google, Inc.)
HKU\S-1-5-20\...\Run: [GoogleDriveFS] => C:\Program Files\Google\Drive File Stream\101.0.3.0\GoogleDriveFS.exe [61998176 2024-12-11] (Google LLC -> Google, Inc.)
HKU\S-1-5-21-1982769764-3492556622-4078228296-1000\...\Run: [GoogleDriveFS] => C:\Program Files\Google\Drive File Stream\101.0.3.0\GoogleDriveFS.exe [61998176 2024-12-11] (Google LLC -> Google, Inc.)
HKU\S-1-5-21-1982769764-3492556622-4078228296-1000\...\Run: [qBittorrent] => D:\program\qBittorrent\qbittorrent.exe [36657664 2024-11-17] (The qBittorrent Project) [File not signed]
HKU\S-1-5-18\...\Run: [GoogleDriveFS] => C:\Program Files\Google\Drive File Stream\101.0.3.0\GoogleDriveFS.exe [61998176 2024-12-11] (Google LLC -> Google, Inc.)
HKLM\Software\Microsoft\Active Setup\Installed Components: [{8A69D345-D564-463c-AFF1-A69D9E530F96}] -> C:\Program Files\Google\Chrome\Application\131.0.6778.205\Installer\chrmstp.exe [2024-12-20] (Google LLC -> Google LLC)
BootExecute: autocheck autochk * sdnclean64.exe
GroupPolicy: Restriction ? <==== ATTENTION

==================== Scheduled Tasks (Whitelisted) =================

(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)

Task: {8863E00E-ED58-4F3D-8660-BFDA754B3711} - System32\Tasks\2BrightSparks\SyncBackFree\DESKTOP-20BP8MR-rossu\SyncBackFree dok => D:\program\SyncBackFree\SyncBackFree.exe [152831944 2024-08-26] (2BrightSparks Pte. Ltd. -> 2BrightSparks Pte. Ltd.) -> D:\program\SyncBackFree\-m -sched "dok"
Task: {B0F20476-7FE7-4AE4-9788-5B0FC731F75E} - System32\Tasks\2BrightSparks\SyncBackFree\DESKTOP-20BP8MR-rossu\SyncBackFree dok2 => D:\program\SyncBackFree\SyncBackFree.exe [152831944 2024-08-26] (2BrightSparks Pte. Ltd. -> 2BrightSparks Pte. Ltd.) -> D:\program\SyncBackFree\-m -sched "dok2"
Task: {BE4A4203-A31D-4658-B380-C2D9483C59FB} - System32\Tasks\2BrightSparks\SyncBackFree\DESKTOP-20BP8MR-rossu\SyncBackFree foto => D:\program\SyncBackFree\SyncBackFree.exe [152831944 2024-08-26] (2BrightSparks Pte. Ltd. -> 2BrightSparks Pte. Ltd.) -> D:\program\SyncBackFree\-m -sched "foto"
Task: {0F413C9E-2CC9-4F5B-9814-F743DF6EC762} - System32\Tasks\CCleanerCrashReporting => E:\torrent\CCleaner Professional 6.29.11342 CZ + SK (x64) portable\program\App\CCleaner\CCleanerBugReport.exe -> --product 90 --send dumps|report --path "E:\torrent\CCleaner Professional 6.29.11342 CZ + SK (x64) portable\program\App\CCleaner\LOG" --programpath "E:\torrent\CCleaner Professional 6.29.11342 CZ + SK (x64) portable\program\App\CCleaner" --guid "沤ƶ" --version "6.29.11342" --silent
Task: {A9F8A1F7-33BF-41F7-89EF-5E54141F94B2} - System32\Tasks\Driver Booster SkipUAC (rossu) => "E:\torrent\IObit Driver Booster Pro 12.0.0.356\App\DriverBooster\DriverBooster.exe" /skipuac (No File)
Task: {D025C887-4C9D-4E64-8812-2314E040D9C4} - System32\Tasks\EOSv3 Scheduler onLogOn => C:\Users\rossu\AppData\Local\ESET\ESETOnlineScanner\ESETOnlineScanner.exe [15145336 2024-10-18] (ESET, spol. s r.o. -> ESET)
Task: {BA2A7C66-4307-4A20-A1D4-03032D099453} - System32\Tasks\EOSv3 Scheduler onTime => C:\Users\rossu\AppData\Local\ESET\ESETOnlineScanner\ESETOnlineScanner.exe [15145336 2024-10-18] (ESET, spol. s r.o. -> ESET)
Task: {8B144456-05B4-40AF-9F08-396AB6B6130C} - System32\Tasks\GoogleSystem\GoogleUpdater\GoogleUpdaterTaskSystem129.0.6651.0{00BD69EB-9B74-4946-A1AD-01AEED7C7DE7} => C:\Program Files (x86)\Google\GoogleUpdater\129.0.6651.0\updater.exe [4906600 2024-08-11] (Google LLC -> Google LLC)
Task: {FD038491-A30D-4686-BB6F-6B6DA48AE3BA} - System32\Tasks\GoogleSystem\GoogleUpdater\GoogleUpdaterTaskSystem130.0.6679.0{06594B9B-B0AF-46D7-A639-A3F9AD9461A2} => C:\Program Files (x86)\Google\GoogleUpdater\130.0.6679.0\updater.exe [4884584 2024-08-26] (Google LLC -> Google LLC)
Task: {1C4B02E2-E221-4AD2-AD8C-C4BAFA1B4E56} - System32\Tasks\GoogleSystem\GoogleUpdater\GoogleUpdaterTaskSystem132.0.6833.0{46D7CD13-D769-4EEE-9C42-77EABF3FA9CC} => C:\Program Files (x86)\Google\GoogleUpdater\132.0.6833.0\updater.exe [5591136 2024-11-11] (Google LLC -> Google LLC)
Task: {215BE1DF-4636-4FF3-8075-B9EC28B4C9B1} - System32\Tasks\Launch Adobe CCXProcess => C:\Program Files\Adobe\Adobe Creative Cloud Experience\CCXProcess.exe [194056 2024-07-08] (Adobe Inc. -> Adobe Inc.)
Task: {E0F10DCF-44AD-40E8-9370-FB5DA59F93FB} - System32\Tasks\Microsoft\Windows\UpdateOrchestrator\USO_UxBroker => %systemroot%\system32\MusNotification.exe (No File)
Task: {D8F59FB5-2823-448C-AFF5-A0B18EFBC128} - System32\Tasks\Microsoft\Windows\Windows Defender\Windows Defender Cache Maintenance => C:\ProgramData\Microsoft\Windows Defender\Platform\4.18.24090.11-0\MpCmdRun.exe [1687360 2024-10-16] (Microsoft Windows Publisher -> Microsoft Corporation)
Task: {AA491216-8DAE-4CFA-B1E1-82CF5DCC50FA} - System32\Tasks\Microsoft\Windows\Windows Defender\Windows Defender Cleanup => C:\ProgramData\Microsoft\Windows Defender\Platform\4.18.24090.11-0\MpCmdRun.exe [1687360 2024-10-16] (Microsoft Windows Publisher -> Microsoft Corporation)
Task: {C30F7A47-2A9C-46B3-9FA2-D5F511313DFA} - System32\Tasks\Microsoft\Windows\Windows Defender\Windows Defender Scheduled Scan => C:\ProgramData\Microsoft\Windows Defender\Platform\4.18.24090.11-0\MpCmdRun.exe [1687360 2024-10-16] (Microsoft Windows Publisher -> Microsoft Corporation)
Task: {1EE7D424-D715-44D3-8D1F-EB64B628E72C} - System32\Tasks\Microsoft\Windows\Windows Defender\Windows Defender Verification => C:\ProgramData\Microsoft\Windows Defender\Platform\4.18.24090.11-0\MpCmdRun.exe [1687360 2024-10-16] (Microsoft Windows Publisher -> Microsoft Corporation)
Task: {47AC11F3-BE71-4C48-8C08-B0E138C1D1F6} - System32\Tasks\Trojan Remover => "D:\program\Loaris Trojan Remover\ltr.exe" (No File)

(If an entry is included in the fixlist, the task (.job) file will be moved. The file which is running by the task will not be moved.)

Task: C:\Windows\Tasks\CCleanerCrashReporting.job => E:\torrent\CCleaner Professional 6.29.11342 CZ + SK (x64) portable\program\App\CCleaner\CCleanerBugReport.exe
Task: C:\Windows\Tasks\CreateExplorerShellUnelevatedTask.job => C:\Windows\explorer.exe

==================== Internet (Whitelisted) ====================

(If an item is included in the fixlist, if it is a registry item it will be removed or restored to default.)

Tcpip\Parameters: [DhcpNameServer] 192.168.0.1 0.0.0.0
Tcpip\..\Interfaces\{6dbce492-6c9f-4351-8da0-0b17b0f80c55}: [DhcpNameServer] 192.168.0.1 0.0.0.0
Tcpip\..\Interfaces\{e44ed55f-8c92-4c79-b7b9-fc31d0698e7e}: [DhcpNameServer] 192.168.0.1 0.0.0.0

Edge:
=======
Edge Profile: C:\Users\rossu\AppData\Local\Microsoft\Edge\User Data\Default [2024-11-25]
Edge HomePage: Default -> hxxp://www.seznam.cz/
Edge StartupUrls: Default -> "hxxps://www.seznam.cz/"
Edge Extension: (Překladač Google) - C:\Users\rossu\AppData\Local\Microsoft\Edge\User Data\Default\Extensions\aapbdbdomjkkjkaonfhkkikfgjllcleb [2024-11-17]
Edge Extension: (Seznam Doplněk – Email) - C:\Users\rossu\AppData\Local\Microsoft\Edge\User Data\Default\Extensions\bgjpfhpjcgdppjbgnpnjllokbmcdllig [2024-11-17]
Edge Extension: (Pomocník pro Google Calendar ™) - C:\Users\rossu\AppData\Local\Microsoft\Edge\User Data\Default\Extensions\bmjejnfomomknbjkohfhekplmndpannk [2024-11-17]
Edge Extension: (Plasma Integration) - C:\Users\rossu\AppData\Local\Microsoft\Edge\User Data\Default\Extensions\cimiefiiaegbelhefglklhhakcgmhkai [2024-11-17]
Edge Extension: (Ochrana procházení internetu F-Secure) - C:\Users\rossu\AppData\Local\Microsoft\Edge\User Data\Default\Extensions\cpikpibllpjmpnchjajlibnmmomnnhnm [2024-11-17]
Edge Extension: (AddToAny: Share Anywhere) - C:\Users\rossu\AppData\Local\Microsoft\Edge\User Data\Default\Extensions\ffpgijchhhkhnokafdeklpllijgnbche [2024-11-17]
Edge Extension: (Dokumenty Google offline) - C:\Users\rossu\AppData\Local\Microsoft\Edge\User Data\Default\Extensions\ghbmnnjooekpmoecnnnilnnbdlolhkhi [2024-11-17]
Edge Extension: (DeftPDF) - C:\Users\rossu\AppData\Local\Microsoft\Edge\User Data\Default\Extensions\hghnkoikialmacnjlibfmlnhhihndepb [2024-11-17]
Edge Extension: (Edge relevant text changes) - C:\Users\rossu\AppData\Local\Microsoft\Edge\User Data\Default\Extensions\jmjflgjpcpepeafmmgdpfkogkghcpiha [2024-11-17]
Edge Extension: (Ochrana procházení internetu F-Secure) - C:\Users\rossu\AppData\Local\Microsoft\Edge\User Data\Default\Extensions\jmjjnhpacphpjmnnlnccpfmhkcloaade [2024-11-17]
Edge Extension: (Button for Google Calendar) - C:\Users\rossu\AppData\Local\Microsoft\Edge\User Data\Default\Extensions\lfjnmopldodmmdhddmeacgjnjeakjpki [2024-11-17]
Edge Extension: (Spouštěč aplikací pro Disk (od Googlu)) - C:\Users\rossu\AppData\Local\Microsoft\Edge\User Data\Default\Extensions\lmjegmlicamnimmfhcmpkclmigmmcbeh [2024-11-17]
Edge Extension: (AdBlock - nejlepší blokátor reklam) - C:\Users\rossu\AppData\Local\Microsoft\Edge\User Data\Default\Extensions\ndcileolkflehcjpmjnfbnaibdcgglog [2024-11-23]
Edge Extension: (SearchGPT - ChatGPT for Chrome) - C:\Users\rossu\AppData\Local\Microsoft\Edge\User Data\Default\Extensions\ninecedhhpccjifamhafbdelibdjibgd [2024-11-17]
Edge Extension: (Nástroj na obnovení Chromebooku) - C:\Users\rossu\AppData\Local\Microsoft\Edge\User Data\Default\Extensions\pocpnlppkickgojjlmhdmidojbmbodfm [2024-11-17]

FireFox:
========
FF Plugin-x32: @foxitsoftware.com/Foxit Reader Plugin,version=1.0,application/pdf -> D:\program\Foxit PDF Reader\plugins\npFoxitPDFReaderPlugin.dll [2024-05-23] (FOXIT SOFTWARE INC. -> Foxit Corporation)
FF Plugin-x32: @foxitsoftware.com/Foxit Reader Plugin,version=1.0,application/vnd.cpdf -> D:\program\Foxit PDF Reader\plugins\npFoxitPDFReaderPlugin.dll [2024-05-23] (FOXIT SOFTWARE INC. -> Foxit Corporation)
FF Plugin-x32: @foxitsoftware.com/Foxit Reader Plugin,version=1.0,application/vnd.fdf -> D:\program\Foxit PDF Reader\plugins\npFoxitPDFReaderPlugin.dll [2024-05-23] (FOXIT SOFTWARE INC. -> Foxit Corporation)
FF Plugin-x32: @foxitsoftware.com/Foxit Reader Plugin,version=1.0,application/vnd.xdp -> D:\program\Foxit PDF Reader\plugins\npFoxitPDFReaderPlugin.dll [2024-05-23] (FOXIT SOFTWARE INC. -> Foxit Corporation)
FF Plugin-x32: @foxitsoftware.com/Foxit Reader Plugin,version=1.0,application/vnd.xfdf -> D:\program\Foxit PDF Reader\plugins\npFoxitPDFReaderPlugin.dll [2024-05-23] (FOXIT SOFTWARE INC. -> Foxit Corporation)

Chrome:
=======
CHR DefaultProfile: Default
CHR Profile: C:\Users\rossu\AppData\Local\Google\Chrome\User Data\Default [2024-12-21]
CHR Notifications: Default -> hxxps://www.facebook.com; hxxps://www.holokolo.cz
CHR HomePage: Default -> hxxp://www.seznam.cz/
CHR StartupUrls: Default -> "hxxps://www.seznam.cz/"
CHR Extension: (Překladač Google) - C:\Users\rossu\AppData\Local\Google\Chrome\User Data\Default\Extensions\aapbdbdomjkkjkaonfhkkikfgjllcleb [2024-10-25]
CHR Extension: (Pomocník pro Google Calendar ™) - C:\Users\rossu\AppData\Local\Google\Chrome\User Data\Default\Extensions\bmjejnfomomknbjkohfhekplmndpannk [2024-10-25]
CHR Extension: (Plasma Integration) - C:\Users\rossu\AppData\Local\Google\Chrome\User Data\Default\Extensions\cimiefiiaegbelhefglklhhakcgmhkai [2024-10-25]
CHR Extension: (AddToAny: Share Anywhere) - C:\Users\rossu\AppData\Local\Google\Chrome\User Data\Default\Extensions\ffpgijchhhkhnokafdeklpllijgnbche [2024-10-25]
CHR Extension: (Dokumenty Google offline) - C:\Users\rossu\AppData\Local\Google\Chrome\User Data\Default\Extensions\ghbmnnjooekpmoecnnnilnnbdlolhkhi [2024-12-17]
CHR Extension: (AdBlock - nejlepší blokátor reklam) - C:\Users\rossu\AppData\Local\Google\Chrome\User Data\Default\Extensions\gighmmpiobklfepjocnamgkkbiglidom [2024-12-17]
CHR Extension: (Ochrana procházení internetu F-Secure) - C:\Users\rossu\AppData\Local\Google\Chrome\User Data\Default\Extensions\jmjjnhpacphpjmnnlnccpfmhkcloaade [2024-12-04]
CHR Extension: (Button for Google Calendar) - C:\Users\rossu\AppData\Local\Google\Chrome\User Data\Default\Extensions\lfjnmopldodmmdhddmeacgjnjeakjpki [2024-11-12]
CHR Extension: (Spouštěč aplikací pro Disk (od Googlu)) - C:\Users\rossu\AppData\Local\Google\Chrome\User Data\Default\Extensions\lmjegmlicamnimmfhcmpkclmigmmcbeh [2024-10-20]
CHR Extension: (SearchGPT - ChatGPT for Chrome) - C:\Users\rossu\AppData\Local\Google\Chrome\User Data\Default\Extensions\ninecedhhpccjifamhafbdelibdjibgd [2024-10-25]
CHR Extension: (Platby Internetového obchodu Chrome) - C:\Users\rossu\AppData\Local\Google\Chrome\User Data\Default\Extensions\nmmhkkegccagdldgiimedpiccmgmieda [2024-10-20]
CHR Extension: (Nástroj na obnovení Chromebooku) - C:\Users\rossu\AppData\Local\Google\Chrome\User Data\Default\Extensions\pocpnlppkickgojjlmhdmidojbmbodfm [2024-10-25]
CHR Profile: C:\Users\rossu\AppData\Local\Google\Chrome\User Data\Guest Profile [2024-11-23]
CHR DefaultSearchURL: Guest Profile -> hxxps://duckduckgo.com/?q={searchTerms}
CHR DefaultSearchKeyword: Guest Profile -> duckduckgo.com
CHR DefaultNewTabURL: Guest Profile -> hxxps://duckduckgo.com/chrome_newtab
CHR DefaultSuggestURL: Guest Profile -> hxxps://duckduckgo.com/ac/?q={searchTerms}&type=list
CHR HKU\S-1-5-21-1982769764-3492556622-4078228296-1000\SOFTWARE\Google\Chrome\Extensions\...\Chrome\Extension: [lmjegmlicamnimmfhcmpkclmigmmcbeh]

==================== Services (Whitelisted) ===================

(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)

S4 FoxitReaderUpdateService; C:\Program Files (x86)\Common Files\Foxit\Foxit PDF Reader\FoxitPDFReaderUpdateService.exe [2489328 2024-05-22] (FOXIT SOFTWARE INC. -> Foxit Software Inc.)
R2 MDCoreSvc; C:\ProgramData\Microsoft\Windows Defender\Platform\4.18.24090.11-0\MpDefenderCoreService.exe [1447680 2024-10-16] (Microsoft Windows Publisher -> Microsoft Corporation)
R3 WdNisSvc; C:\ProgramData\Microsoft\Windows Defender\Platform\4.18.24090.11-0\NisSrv.exe [3199672 2024-10-16] (Microsoft Windows Publisher -> Microsoft Corporation)
R2 WinDefend; C:\ProgramData\Microsoft\Windows Defender\Platform\4.18.24090.11-0\MsMpEng.exe [141952 2024-10-16] (Microsoft Windows Publisher -> Microsoft Corporation)
S3 CCleanerPerformanceOptimizerService; "E:\torrent\CCleaner Professional 6.29.11342 CZ + SK (x64) portable\program\App\CCleaner\CCleanerPerformanceOptimizerService.exe" [X]
S3 MBAMService; "D:\program\malwarebites\MBAMService.exe" [X]
S3 MBVpnTunnelService; "D:\program\malwarebites\MBVpnTunnelService.exe" [X]
R2 NVDisplay.ContainerLocalSystem; "C:\Program Files\NVIDIA Corporation\Display.NvContainer\NVDisplay.Container.exe" -s NVDisplay.ContainerLocalSystem -f "C:\ProgramData\NVIDIA\NVDisplay.ContainerLocalSystem.log" -l 3 -d "C:\Program Files\NVIDIA Corporation\Display.NvContainer\plugins\LocalSystem"
S2 SpybotAntiBeaconInterceptor; C:\Program Files (x86)\Safer-Networking Ltd\Spybot Anti-Beacon\x64\Spybot3AntiBeaconService.exe --run [X]
S2 USBSafelyRemoveService; "C:\Users\rossu\Desktop\USB Safely Remove 7.0.5.1320 (x64) portable\App\USBSafelyRemove\USBSRService.exe" [X]

===================== Drivers (Whitelisted) ===================

(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)

S3 BthA2dp; C:\Windows\System32\drivers\BthA2dp.sys [544768 2024-08-29] (Microsoft Corporation) [File not signed]
S3 BthHFEnum; C:\Windows\System32\drivers\bthhfenum.sys [188416 2024-08-28] (Microsoft Corporation) [File not signed]
R2 googledrivefs31626; C:\Program Files\Google\Drive File Stream\Drivers\31626\googledrivefs31626.sys [384096 2024-08-29] (Microsoft Windows Hardware Compatibility Publisher -> Google, Inc.)
R2 mbamchameleon; C:\Windows\System32\Drivers\MbamChameleon.sys [231504 2024-10-20] (Microsoft Windows Hardware Compatibility Publisher -> Malwarebytes)
S0 MbamElam; C:\Windows\System32\DRIVERS\MbamElam.sys [21480 2024-10-20] (Microsoft Windows Early Launch Anti-malware Publisher -> Malwarebytes)
S3 MBAMSwissArmy; C:\Windows\System32\Drivers\mbamswissarmy.sys [239568 2024-10-20] (Microsoft Windows Hardware Compatibility Publisher -> Malwarebytes)
S3 Revoflt; C:\Windows\System32\DRIVERS\revoflt.sys [38400 2021-11-17] (Microsoft Windows Hardware Compatibility Publisher -> VS Revo Group)
S3 rt68cx21; C:\Windows\System32\DriverStore\FileRepository\rt68cx21x64.inf_amd64_fd79c26dfafbe776\rt68cx21x64.sys [831320 2024-09-01] (Realtek Semiconductor Corp. -> Realtek)
S3 rtcx21; C:\Windows\System32\DriverStore\FileRepository\rtcx21x64.inf_amd64_516e5c9b75c49dc2\rtcx21x64.sys [539648 2022-05-06] (Microsoft Windows -> Realtek)
S0 WdBoot; C:\Windows\System32\drivers\wd\WdBoot.sys [22104 2024-10-16] (Microsoft Windows Early Launch Anti-malware Publisher -> Microsoft Corporation)
R0 WdFilter; C:\Windows\System32\drivers\wd\WdFilter.sys [606624 2024-10-16] (Microsoft Windows -> Microsoft Corporation)
R3 WdNisDrv; C:\Windows\System32\drivers\wd\WdNisDrv.sys [105888 2024-10-16] (Microsoft Windows -> Microsoft Corporation)
S4 IObitUnlocker; \??\D:\program\IObit Unlocker\IObitUnlocker.sys [X]
U0 Partizan; system32\drivers\Partizan.sys [X]

==================== NetSvcs (Whitelisted) ===================

(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)


==================== One month (created) (Whitelisted) =========

(If an entry is included in the fixlist, the file/folder will be moved.)

2024-12-21 13:45 - 2024-12-21 13:48 - 000021147 _____ C:\Users\rossu\Desktop\FRST.txt
2024-12-21 13:45 - 2024-12-21 13:45 - 000000000 ____D C:\Users\rossu\Desktop\FRST-OlderVersion
2024-12-21 13:44 - 2024-12-21 13:44 - 000727012 _____ C:\Windows\system32\perfh005.dat
2024-12-21 13:44 - 2024-12-21 13:44 - 000151244 _____ C:\Windows\system32\perfc005.dat
2024-12-21 13:41 - 2024-12-21 13:41 - 000034806 _____ C:\Users\rossu\Downloads\[SkT]CCleaner_Professional_6.31.11415_CZ_ _SK_(x64)_portable.torrent
2024-12-21 13:38 - 2024-12-21 13:40 - 000001413 _____ C:\Users\rossu\Desktop\Rebůt.lnk
2024-12-21 11:20 - 2024-12-21 11:20 - 050423232 _____ C:\Users\rossu\Downloads\miflash_unlock-en-4.5.707.49.zip
2024-12-20 21:47 - 2024-12-20 21:47 - 000027231 _____ C:\Users\rossu\Downloads\(Modern Classical, Industrial, Ambient) Skrol - Dances And Marches For The Orphan Age - 2005, FLAC (image+.cue), lossless [rutracker-2260508].torrent
2024-12-20 19:02 - 2024-12-20 19:02 - 000031716 _____ C:\Users\rossu\Downloads\ops021-121455-technicky-nakres-0.pdf
2024-12-20 18:00 - 2024-12-20 18:02 - 053655000 _____ (K7 Computing Pvt Ltd) C:\Users\rossu\Desktop\K7RansomwareScn.exe
2024-12-20 17:48 - 2024-12-20 17:48 - 000000926 _____ C:\Users\rossu\Downloads\[SkT]IcoFX3_(v.3.9)(2023)(CZ).torrent
2024-12-20 17:40 - 2024-12-20 17:40 - 000015442 _____ C:\Users\rossu\Downloads\[SkT]Special_Ops__Lioness_S02E08_(CZ_EN)[WEB-DL][1080p]_=_CSFD_75%.torrent
2024-12-20 17:36 - 2024-12-20 17:36 - 000017052 _____ C:\Users\rossu\Downloads\(Industrial Rock) Marilyn Manson - One Assassination Under God Chapter 1 - 2024, MP3, 320 kbps [rutracker-6602538].torrent
2024-12-19 17:46 - 2024-12-19 17:46 - 002244741 _____ C:\Users\rossu\Downloads\Brožura Čas Vánoc 2024.pdf
2024-12-19 17:37 - 2024-12-19 17:37 - 000000000 _____ C:\Users\rossu\Desktop\zelí nemecek.txt
2024-12-17 21:32 - 2024-12-17 21:32 - 000022202 _____ C:\Users\rossu\Downloads\[TR24][OF][LDR] The Cure - Songs Of A Lost World + Songs Of A Live World Troxy London MMXXIV - 2024 (Alternative Rock, Pop Rock, [rutracker-6614986].torrent
2024-12-17 21:14 - 2024-12-17 21:14 - 000060912 _____ C:\Users\rossu\Downloads\[SkT]Vlny_(2024)(CZ)_=_CSFD_89%.torrent
2024-12-15 14:43 - 2024-12-15 16:54 - 2314013265 _____ C:\Users\rossu\Downloads\Zápisník alkoholičky (2024).mkv
2024-12-15 10:28 - 2024-12-15 10:28 - 000016747 _____ C:\Users\rossu\Downloads\[SkT]Special_Ops__Lioness_S02E07_(CZ_EN)[WEB-DL][1080p]_=_CSFD_74%.torrent
2024-12-15 10:22 - 2024-12-15 10:23 - 295344856 _____ C:\Users\rossu\Desktop\z5l1y642.exe
2024-12-15 10:10 - 2024-12-15 10:10 - 000000000 ____D C:\Users\rossu\CrossDevice
2024-12-09 20:20 - 2024-12-09 20:20 - 000214258 _____ C:\Users\rossu\Downloads\467259_3D.STEP
2024-12-09 19:55 - 2024-12-09 19:56 - 295037168 _____ C:\Users\rossu\Downloads\2h65k7iv.exe
2024-12-09 18:14 - 2024-12-09 18:14 - 000015738 _____ C:\Users\rossu\Downloads\[SkT]Special_Ops__Lioness_S02E03_(CZ_EN)[WEB-DL][1080p]_=_CSFD_74%.torrent
2024-12-09 18:14 - 2024-12-09 18:14 - 000014704 _____ C:\Users\rossu\Downloads\[SkT]Special_Ops__Lioness_S02E06_(CZ_EN)[WEB-DL][1080p]_=_CSFD_74%.torrent
2024-12-09 18:14 - 2024-12-09 18:14 - 000014055 _____ C:\Users\rossu\Downloads\[SkT]Special_Ops__Lioness_S02E04_(CZ_EN)[WEB-DL][1080p]_=_CSFD_74%.torrent
2024-12-09 18:14 - 2024-12-09 18:14 - 000013718 _____ C:\Users\rossu\Downloads\[SkT]Special_Ops__Lioness_S02E05_(CZ_EN)[WEB-DL][1080p]_=_CSFD_74%.torrent
2024-12-09 18:13 - 2024-12-09 18:13 - 000013897 _____ C:\Users\rossu\Downloads\[SkT]Special_Ops__Lioness_S02E02_(CZ_EN)[WEB-DL][1080p]_=_CSFD_73%.torrent
2024-12-09 18:13 - 2024-12-09 18:13 - 000013066 _____ C:\Users\rossu\Downloads\[SkT]Special_Ops__Lioness_S02E01_(CZ)[WEB-DL][1080p]_=_CSFD_73%.torrent
2024-12-06 18:37 - 2024-12-06 18:37 - 000022902 _____ C:\Users\rossu\Downloads\[SkT]Marie___Mary_(2024)(CZ_EN)[WEB-DL][1080p].torrent
2024-12-06 17:45 - 2024-12-06 17:45 - 000010650 _____ C:\Users\rossu\Downloads\(Rock Gothic Post Punk) The Cure - A Fragile Thing [Single] - 2024, MP3, 320 kbps [rutracker-6609248].torrent
2024-11-23 21:34 - 2024-11-23 21:34 - 000000000 ____D C:\Users\rossu\AppData\Roaming\OpenOffice
2024-11-23 21:33 - 2024-11-23 21:33 - 000000000 ___SD C:\Users\rossu\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\OpenOffice 4.1.15
2024-11-23 21:31 - 2024-11-23 21:32 - 000000000 ____D C:\Program Files (x86)\OpenOffice 4
2024-11-23 21:20 - 2024-11-25 17:20 - 000002444 _____ C:\Windows\system32\Tasks\Trojan Remover
2024-11-23 21:06 - 2024-11-23 21:06 - 000000000 ____D C:\Users\rossu\Documents\Simply Super Software
2024-11-23 18:42 - 2024-11-23 18:42 - 000388608 _____ (Trend Micro Inc.) C:\Users\rossu\Desktop\hijackthis.exe

==================== One month (modified) ==================

(If an entry is included in the fixlist, the file/folder will be moved.)

2024-12-21 13:49 - 2022-05-07 06:24 - 000000000 ____D C:\Windows\SystemTemp
2024-12-21 13:47 - 2024-11-17 10:36 - 000000000 ____D C:\FRST
2024-12-21 13:45 - 2024-11-17 10:32 - 002403840 _____ (Farbar) C:\Users\rossu\Desktop\FRST64 (1).exe
2024-12-21 13:44 - 2024-08-28 19:48 - 001718036 _____ C:\Windows\system32\PerfStringBackup.INI
2024-12-21 13:44 - 2022-05-07 06:22 - 000000000 ____D C:\Windows\INF
2024-12-21 13:43 - 2024-08-29 18:10 - 000000000 ____D C:\Users\rossu\AppData\Roaming\qBittorrent
2024-12-21 13:39 - 2024-08-28 19:55 - 000000180 _____ C:\Windows\system32\{A6D608F0-0BDE-491A-97AE-5C4B05D86E01}.bat
2024-12-21 13:39 - 2024-08-28 19:55 - 000000000 __SHD C:\Users\rossu\IntelGraphicsProfiles
2024-12-21 13:39 - 2024-08-28 19:29 - 000012288 ___SH C:\DumpStack.log.tmp
2024-12-21 13:39 - 2024-08-28 19:29 - 000000006 ____H C:\Windows\Tasks\SA.DAT
2024-12-21 13:38 - 2022-05-07 06:17 - 000786432 _____ C:\Windows\system32\config\BBI
2024-12-21 12:51 - 2024-08-28 19:29 - 000000000 ____D C:\Windows\system32\SleepStudy
2024-12-21 12:50 - 2024-08-28 19:41 - 000000000 ___SD C:\Users\rossu\AppData\Roaming\Microsoft\Credentials
2024-12-21 09:14 - 2024-08-28 19:30 - 000003640 _____ C:\Windows\system32\Tasks\MicrosoftEdgeUpdateTaskMachineUA
2024-12-21 09:14 - 2024-08-28 19:30 - 000003516 _____ C:\Windows\system32\Tasks\MicrosoftEdgeUpdateTaskMachineCore
2024-12-20 18:10 - 2022-05-07 06:24 - 000000000 ____D C:\Windows\AppReadiness
2024-12-20 17:50 - 2022-05-07 06:24 - 000000000 ___HD C:\Program Files\WindowsApps
2024-12-20 17:43 - 2024-08-28 19:30 - 000002274 _____ C:\Users\Public\Desktop\Microsoft Edge.lnk
2024-12-19 19:00 - 2024-09-02 16:11 - 000000000 ____D C:\Users\rossu\AppData\Local\CrashDumps
2024-12-19 18:14 - 2024-10-18 18:34 - 000001382 _____ C:\Users\rossu\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\ESET Online Scanner.lnk
2024-12-19 18:14 - 2024-10-18 18:34 - 000001276 _____ C:\Users\rossu\Desktop\ESET Online Scanner.lnk
2024-12-17 21:21 - 2024-08-28 19:41 - 000000000 ____D C:\Users\rossu\AppData\Local\Packages
2024-12-15 22:21 - 2024-08-28 19:41 - 000000000 ____D C:\Users\rossu
2024-12-15 10:38 - 2024-08-28 19:29 - 000446528 _____ C:\Windows\system32\FNTCACHE.DAT
2024-12-15 10:37 - 2023-10-01 08:01 - 000000000 ____D C:\Windows\system32\Microsoft-Edge-WebView
2024-12-15 10:37 - 2022-05-07 06:24 - 000000000 ___RD C:\Windows\ImmersiveControlPanel
2024-12-15 10:37 - 2022-05-07 06:24 - 000000000 ____D C:\Windows\SysWOW64\setup
2024-12-15 10:37 - 2022-05-07 06:24 - 000000000 ____D C:\Windows\SystemResources
2024-12-15 10:37 - 2022-05-07 06:24 - 000000000 ____D C:\Windows\system32\Sgrm
2024-12-15 10:37 - 2022-05-07 06:24 - 000000000 ____D C:\Windows\system32\setup
2024-12-15 10:37 - 2022-05-07 06:24 - 000000000 ____D C:\Windows\bcastdvr
2024-12-11 20:18 - 2022-05-07 06:17 - 000000000 ____D C:\Windows\CbsTemp
2024-12-11 19:29 - 2024-08-29 18:09 - 000002048 _____ C:\Users\rossu\Desktop\Google Drive.lnk
2024-12-09 23:21 - 2024-08-28 19:43 - 000000000 ____D C:\Users\rossu\AppData\Local\D3DSCache
2024-11-29 22:26 - 2022-05-07 06:24 - 000000000 ___SD C:\Windows\system32\UNP
2024-11-29 22:26 - 2022-05-07 06:24 - 000000000 ____D C:\Windows\SysWOW64\Dism
2024-11-29 22:26 - 2022-05-07 06:24 - 000000000 ____D C:\Windows\system32\WinBioPlugIns
2024-11-29 22:26 - 2022-05-07 06:24 - 000000000 ____D C:\Windows\system32\ShellExperiences
2024-11-29 22:26 - 2022-05-07 06:24 - 000000000 ____D C:\Windows\system32\PerceptionSimulation
2024-11-29 22:26 - 2022-05-07 06:24 - 000000000 ____D C:\Windows\system32\oobe
2024-11-29 22:26 - 2022-05-07 06:24 - 000000000 ____D C:\Windows\system32\HealthAttestationClient
2024-11-29 22:26 - 2022-05-07 06:24 - 000000000 ____D C:\Windows\system32\Dism
2024-11-29 22:26 - 2022-05-07 06:24 - 000000000 ____D C:\Windows\system32\appraiser
2024-11-29 22:25 - 2022-05-07 06:24 - 000000000 ___RD C:\Windows\PrintDialog
2024-11-29 22:25 - 2022-05-07 06:24 - 000000000 ____D C:\Windows\ShellExperiences
2024-11-29 22:25 - 2022-05-07 06:24 - 000000000 ____D C:\Windows\ShellComponents
2024-11-29 20:07 - 2022-05-07 06:25 - 000077312 _____ (Khronos Group) C:\Windows\SysWOW64\opencl.dll
2024-11-29 20:07 - 2022-05-07 06:24 - 000118784 _____ (Khronos Group) C:\Windows\system32\opencl.dll
2024-11-29 20:00 - 2024-08-28 19:31 - 003212800 _____ (Microsoft Corporation) C:\Windows\SysWOW64\PrintConfig.dll
2024-11-25 19:38 - 2024-10-07 15:28 - 000000000 ____D C:\Users\rossu\AppData\Roaming\Microsoft\MMC
2024-11-23 21:23 - 2024-11-04 18:37 - 000000000 ____D C:\Users\rossu\AppData\Roaming\USBSafelyRemove
2024-11-23 20:44 - 2024-11-02 18:04 - 000000972 _____ C:\Windows\Tasks\CCleanerCrashReporting.job
2024-11-23 18:43 - 2024-09-02 15:26 - 000000000 ____D C:\Users\rossu\AppData\Local\VirtualStore
2024-11-23 17:52 - 2024-11-02 18:04 - 000003320 _____ C:\Windows\system32\Tasks\CCleanerCrashReporting
2024-11-23 17:52 - 2024-11-02 17:21 - 000002840 _____ C:\Windows\system32\Tasks\Driver Booster SkipUAC (rossu)

==================== Files in the root of some directories ========

2024-09-08 13:28 - 2024-09-08 13:28 - 000004097 _____ () C:\Users\rossu\AppData\Local\recently-used.xbel

==================== SigCheck ============================

(There is no automatic fix for files that do not pass verification.)

==================== End of FRST.txt ========================

a tady addition

Additional scan result of Farbar Recovery Scan Tool (x64) Version: 19-12-2024 01
Ran by rossu (21-12-2024 13:52:49)
Running from C:\Users\rossu\Desktop
Microsoft Windows 11 Home Version 23H2 22631.4602 (X64) (2024-08-28 18:36:30)
Boot Mode: Normal
==========================================================


==================== Accounts: =============================

(If an entry is included in the fixlist, it will be removed.)

Administrator (S-1-5-21-1982769764-3492556622-4078228296-500 - Administrator - Disabled)
DefaultAccount (S-1-5-21-1982769764-3492556622-4078228296-503 - Limited - Disabled)
Guest (S-1-5-21-1982769764-3492556622-4078228296-501 - Limited - Disabled)
rossu (S-1-5-21-1982769764-3492556622-4078228296-1000 - Administrator - Enabled) => C:\Users\rossu
WDAGUtilityAccount (S-1-5-21-1982769764-3492556622-4078228296-504 - Limited - Disabled)

==================== Security Center ========================

(If an entry is included in the fixlist, it will be removed.)

AV: Windows Defender (Enabled - Up to date) {D68DDC3A-831F-4fae-9E44-DA132C1ACF46}

==================== Installed Programs ======================

(Only the adware programs with "Hidden" flag could be added to the fixlist to unhide them. The adware programs should be uninstalled manually.)

Foxit PDF Reader (HKLM-x32\...\Foxit Reader_is1) (Version: 2024.2.3.25184 - Foxit Software Inc.)
GIMP 2.10.38 (HKU\S-1-5-21-1982769764-3492556622-4078228296-1000\...\GIMP-2_is1) (Version: 2.10.38 - The GIMP Team)
Google Drive (HKLM\...\{6BBAE539-2232-434A-A4E5-9A33560C6283}) (Version: 101.0.3.0 - Google LLC)
Google Chrome (HKLM-x32\...\Google Chrome) (Version: 131.0.6778.205 - Google LLC)
Intel(R) Processor Graphics (HKLM-x32\...\{F0E3AD40-2BBD-4360-9C76-B9AC9A5886EA}) (Version: 20.19.15.4352 - Intel Corporation)
Microsoft .NET Host - 6.0.33 (x64) (HKLM\...\{8584855C-3B2B-4F95-BE1D-CCA5B6DE2815}) (Version: 48.132.18378 - Microsoft Corporation) Hidden
Microsoft .NET Host FX Resolver - 6.0.33 (x64) (HKLM\...\{62A8E894-9FD1-45A0-A4D0-BD9FA854818D}) (Version: 48.132.18378 - Microsoft Corporation) Hidden
Microsoft .NET Runtime - 6.0.33 (x64) (HKLM\...\{07BE9B02-0247-471C-B06F-A3B1A8FA9216}) (Version: 48.132.18378 - Microsoft Corporation) Hidden
Microsoft Edge (HKLM-x32\...\Microsoft Edge) (Version: 131.0.2903.112 - Microsoft Corporation)
Microsoft Edge WebView2 Runtime (HKLM-x32\...\Microsoft EdgeWebView) (Version: 131.0.2903.112 - Microsoft Corporation) Hidden
Microsoft Update Health Tools (HKLM\...\{C6FD611E-7EFE-488C-A0E0-974C09EF6473}) (Version: 5.72.0.0 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x64 9.0.30729.6161 (HKLM\...\{5FCE6D76-F5DC-37AB-B2B8-22AB8CEDB1D4}) (Version: 9.0.30729.6161 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.6161 (HKLM-x32\...\{9BE518E6-ECC6-35A9-88E4-87755C07200F}) (Version: 9.0.30729.6161 - Microsoft Corporation)
Microsoft Visual C++ 2010 x64 Redistributable - 10.0.40219 (HKLM\...\{1D8E6291-B0D5-35EC-8441-6616F567A0F7}) (Version: 10.0.40219 - Microsoft Corporation)
Microsoft Visual C++ 2010 x86 Redistributable - 10.0.40219 (HKLM-x32\...\{F0C3E5D1-1ADE-321E-8167-68EF0DE699A5}) (Version: 10.0.40219 - Microsoft Corporation)
Microsoft Visual C++ 2012 Redistributable (x64) - 11.0.61030 (HKLM-x32\...\{ca67548a-5ebe-413a-b50c-4b9ceb6d66c6}) (Version: 11.0.61030.0 - Microsoft Corporation)
Microsoft Visual C++ 2012 Redistributable (x86) - 11.0.61030 (HKLM-x32\...\{33d1fd90-4274-48a1-9bc1-97e33d9c2d6f}) (Version: 11.0.61030.0 - Microsoft Corporation)
Microsoft Visual C++ 2012 x64 Additional Runtime - 11.0.61030 (HKLM\...\{37B8F9C7-03FB-3253-8781-2517C99D7C00}) (Version: 11.0.61030 - Microsoft Corporation) Hidden
Microsoft Visual C++ 2012 x64 Minimum Runtime - 11.0.61030 (HKLM\...\{CF2BEA3C-26EA-32F8-AA9B-331F7E34BA97}) (Version: 11.0.61030 - Microsoft Corporation) Hidden
Microsoft Visual C++ 2012 x86 Additional Runtime - 11.0.61030 (HKLM-x32\...\{B175520C-86A2-35A7-8619-86DC379688B9}) (Version: 11.0.61030 - Microsoft Corporation) Hidden
Microsoft Visual C++ 2012 x86 Minimum Runtime - 11.0.61030 (HKLM-x32\...\{BD95A8CD-1D9F-35AD-981A-3E7925026EBB}) (Version: 11.0.61030 - Microsoft Corporation) Hidden
Microsoft Visual C++ 2013 Redistributable (x64) - 12.0.40664 (HKLM-x32\...\{042d26ef-3dbe-4c25-95d3-4c1b11b235a7}) (Version: 12.0.40664.0 - Microsoft Corporation)
Microsoft Visual C++ 2013 Redistributable (x86) - 12.0.40664 (HKLM-x32\...\{9dff3540-fc85-4ed5-ac84-9e3c7fd8bece}) (Version: 12.0.40664.0 - Microsoft Corporation)
Microsoft Visual C++ 2013 x64 Additional Runtime - 12.0.40664 (HKLM\...\{010792BA-551A-3AC0-A7EF-0FAB4156C382}) (Version: 12.0.40664 - Microsoft Corporation) Hidden
Microsoft Visual C++ 2013 x64 Minimum Runtime - 12.0.40664 (HKLM\...\{53CF6934-A98D-3D84-9146-FC4EDF3D5641}) (Version: 12.0.40664 - Microsoft Corporation) Hidden
Microsoft Visual C++ 2013 x86 Additional Runtime - 12.0.40664 (HKLM-x32\...\{D401961D-3A20-3AC7-943B-6139D5BD490A}) (Version: 12.0.40664 - Microsoft Corporation) Hidden
Microsoft Visual C++ 2013 x86 Minimum Runtime - 12.0.40664 (HKLM-x32\...\{8122DAB1-ED4D-3676-BB0A-CA368196543E}) (Version: 12.0.40664 - Microsoft Corporation) Hidden
Microsoft Visual C++ 2015-2019 Redistributable (x64) - 14.23.27820 (HKLM-x32\...\{852adda4-4c78-4a38-b583-c0b360a329d6}) (Version: 14.23.27820.0 - Microsoft Corporation)
Microsoft Visual C++ 2015-2019 Redistributable (x86) - 14.23.27820 (HKLM-x32\...\{45231ab4-69fd-486a-859d-7a59fcd11013}) (Version: 14.23.27820.0 - Microsoft Corporation)
Microsoft Visual C++ 2019 X64 Additional Runtime - 14.23.27820 (HKLM\...\{9CA7111B-263D-45DE-B898-61FAD30B3237}) (Version: 14.23.27820 - Microsoft Corporation) Hidden
Microsoft Visual C++ 2019 X64 Minimum Runtime - 14.23.27820 (HKLM\...\{A94EC1B2-932B-49D7-8AF2-4FBD29FF314B}) (Version: 14.23.27820 - Microsoft Corporation) Hidden
Microsoft Visual C++ 2019 X86 Additional Runtime - 14.23.27820 (HKLM-x32\...\{86BE78D9-65A1-4E69-86F8-C1F5281F8553}) (Version: 14.23.27820 - Microsoft Corporation) Hidden
Microsoft Visual C++ 2019 X86 Minimum Runtime - 14.23.27820 (HKLM-x32\...\{00AC3934-26B4-406E-807C-1692AC7329EC}) (Version: 14.23.27820 - Microsoft Corporation) Hidden
Microsoft Windows Desktop Runtime - 6.0.33 (x64) (HKLM\...\{A59F43A6-AADB-42EB-883B-2FE4E3AA3A69}) (Version: 48.132.18374 - Microsoft Corporation) Hidden
Microsoft Windows Desktop Runtime - 6.0.33 (x64) (HKLM-x32\...\{ecb94bc3-963d-412a-b141-8b7c32ef103f}) (Version: 6.0.33.33916 - Microsoft Corporation)
OpenOffice 4.1.15 (HKLM-x32\...\{45B154A5-9E97-452F-94DE-08EBE6BD0D85}) (Version: 4.115.9813 - Apache Software Foundation)
Pomocník s instalací Windows 11 (HKLM-x32\...\{115DF11E-4B4C-4EA9-9A79-00DB0C7EF02D}) (Version: 1.4.19041.3630 - Microsoft Corporation)
qBittorrent (HKLM-x32\...\qBittorrent) (Version: 5.0.2 - The qBittorrent project)
Revo Uninstaller Pro 5.3.0 (HKLM\...\{67579783-0FB7-4F7B-B881-E5BE47C9DBE0}_is1) (Version: 5.3.0 - VS Revo Group, Ltd.)
SyncBackFree (HKLM-x32\...\SyncBackFree_is1) (Version: 11.3.45.0 - 2BrightSparks)
Vulkan Run Time Libraries 1.0.26.0 (HKLM\...\VulkanRT1.0.26.0) (Version: 1.0.26.0 - LunarG, Inc.)
WYSIWYG Web Builder 17 [K] (HKLM\...\{C8835F97-5C58-4CC1-8258-C7F5E9F5371B}_is1) (Version: 17.1.1 - K-Repack)
Zoner Photo Studio X version 19.2303.2.447 (HKLM-x32\...\{0311A37E-1930-4CE3-9CE4-C6DE25589E1B}_is1) (Version: 19.2303.2.447 - )

Packages:
=========
Arc -> C:\Program Files\WindowsApps\TheBrowserCompany.Arc_1.22.0.53689_x64__ttt1ap7aakyb4 [2024-10-05] (The Browser Company of New York)
fre:ac - free audio converter -> C:\Program Files\WindowsApps\17479thefreacproject.freac-freeaudioconverter_1.1.7000.0_x64__b4f9ysynd7xvm [2024-10-28] (the fre:ac project)
Microsoft Family -> C:\Program Files\WindowsApps\MicrosoftCorporationII.MicrosoftFamily_0.2.40.0_x64__8wekyb3d8bbwe [2024-09-02] (Microsoft Corp.)
WinRAR -> D:\program\WinRAR 7.01 CZ (x32x64) portable\App\WinRAR64 [2024-09-07] (win.rar GmbH)

==================== Custom CLSID (Whitelisted): ==============

(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)

CustomCLSID: HKU\S-1-5-21-1982769764-3492556622-4078228296-1000_Classes\CLSID\{087B3AE3-E237-4467-B8DB-5A38AB959AC9}\InprocServer32 -> C:\Program Files (x86)\OpenOffice 4\program\shlxthdl\shlxthdl_x64.dll (Apache Software Foundation) [File not signed]
CustomCLSID: HKU\S-1-5-21-1982769764-3492556622-4078228296-1000_Classes\CLSID\{3B092F0C-7696-40E3-A80F-68D74DA84210}\InprocServer32 -> C:\Program Files (x86)\OpenOffice 4\program\shlxthdl\shlxthdl_x64.dll (Apache Software Foundation) [File not signed]
CustomCLSID: HKU\S-1-5-21-1982769764-3492556622-4078228296-1000_Classes\CLSID\{63542C48-9552-494A-84F7-73AA6A7C99C1}\InprocServer32 -> C:\Program Files (x86)\OpenOffice 4\program\shlxthdl\shlxthdl_x64.dll (Apache Software Foundation) [File not signed]
CustomCLSID: HKU\S-1-5-21-1982769764-3492556622-4078228296-1000_Classes\CLSID\{7BC0E710-5703-45BE-A29D-5D46D8B39262}\InprocServer32 -> C:\Program Files (x86)\OpenOffice 4\program\shlxthdl\ooofilt_x64.dll (Apache Software Foundation) [File not signed]
CustomCLSID: HKU\S-1-5-21-1982769764-3492556622-4078228296-1000_Classes\CLSID\{AE424E85-F6DF-4910-A6A9-438797986431}\InprocServer32 -> C:\Program Files (x86)\OpenOffice 4\program\shlxthdl\propertyhdl_x64.dll (Apache Software Foundation) [File not signed]
CustomCLSID: HKU\S-1-5-21-1982769764-3492556622-4078228296-1000_Classes\CLSID\{C52AF81D-F7A0-4AAB-8E87-F80A60CCD396}\InprocServer32 -> C:\Program Files (x86)\OpenOffice 4\program\shlxthdl\shlxthdl_x64.dll (Apache Software Foundation) [File not signed]
ShellIconOverlayIdentifiers: [ GoogleDriveCloudOverlayIconHandler] -> {A8E52322-8734-481D-A7E2-27B309EF8D56} => C:\Program Files\Google\Drive File Stream\101.0.3.0\drivefsext.dll [2024-12-11] (Google LLC -> Google, Inc.)
ShellIconOverlayIdentifiers: [ GoogleDriveMirrorBlacklistedOverlayIconHandler] -> {51EF1569-67EE-4AD6-9646-E726C3FFC8A2} => C:\Program Files\Google\Drive File Stream\101.0.3.0\drivefsext.dll [2024-12-11] (Google LLC -> Google, Inc.)
ShellIconOverlayIdentifiers: [ GoogleDrivePinnedOverlayIconHandler] -> {CFE8B367-77A7-41D7-9C90-75D16D7DC6B6} => C:\Program Files\Google\Drive File Stream\101.0.3.0\drivefsext.dll [2024-12-11] (Google LLC -> Google, Inc.)
ShellIconOverlayIdentifiers: [ GoogleDriveProgressOverlayIconHandler] -> {C973DA94-CBDF-4E77-81D1-E5B794FBD146} => C:\Program Files\Google\Drive File Stream\101.0.3.0\drivefsext.dll [2024-12-11] (Google LLC -> Google, Inc.)
ShellIconOverlayIdentifiers: [ AccExtIco1] -> {AB9CF9F8-8A96-4F9D-BF21-CE85714C3A47} => C:\Program Files (x86)\Common Files\Adobe\CoreSyncExtension\CoreSync_x64.dll [2024-03-13] (Adobe Inc. -> )
ShellIconOverlayIdentifiers: [ AccExtIco2] -> {853B7E05-C47D-4985-909A-D0DC5C6D7303} => C:\Program Files (x86)\Common Files\Adobe\CoreSyncExtension\CoreSync_x64.dll [2024-03-13] (Adobe Inc. -> )
ShellIconOverlayIdentifiers: [ AccExtIco3] -> {42D38F2E-98E9-4382-B546-E24E4D6D04BB} => C:\Program Files (x86)\Common Files\Adobe\CoreSyncExtension\CoreSync_x64.dll [2024-03-13] (Adobe Inc. -> )
ShellIconOverlayIdentifiers-x32: [ GoogleDriveCloudOverlayIconHandler] -> {A8E52322-8734-481D-A7E2-27B309EF8D56} => C:\Program Files\Google\Drive File Stream\101.0.3.0\drivefsext.dll [2024-12-11] (Google LLC -> Google, Inc.)
ShellIconOverlayIdentifiers-x32: [ GoogleDriveMirrorBlacklistedOverlayIconHandler] -> {51EF1569-67EE-4AD6-9646-E726C3FFC8A2} => C:\Program Files\Google\Drive File Stream\101.0.3.0\drivefsext.dll [2024-12-11] (Google LLC -> Google, Inc.)
ShellIconOverlayIdentifiers-x32: [ GoogleDrivePinnedOverlayIconHandler] -> {CFE8B367-77A7-41D7-9C90-75D16D7DC6B6} => C:\Program Files\Google\Drive File Stream\101.0.3.0\drivefsext.dll [2024-12-11] (Google LLC -> Google, Inc.)
ShellIconOverlayIdentifiers-x32: [ GoogleDriveProgressOverlayIconHandler] -> {C973DA94-CBDF-4E77-81D1-E5B794FBD146} => C:\Program Files\Google\Drive File Stream\101.0.3.0\drivefsext.dll [2024-12-11] (Google LLC -> Google, Inc.)
ContextMenuHandlers1: [AccExt] -> {2A118EB5-5797-4F5E-8B3D-F4ECBA3C98E4} => C:\Program Files (x86)\Common Files\Adobe\CoreSyncExtension\CoreSync_x64.dll [2024-03-13] (Adobe Inc. -> )
ContextMenuHandlers1: [DriveFS 28 or later] -> {EE15C2BD-CECB-49F8-A113-CA1BFC528F5B} => C:\Program Files\Google\Drive File Stream\101.0.3.0\drivefsext.dll [2024-12-11] (Google LLC -> Google, Inc.)
ContextMenuHandlers1: [SDECon32] -> {44176360-2BBF-4EC1-93CE-384B8681A0BC} => -> No File
ContextMenuHandlers1: [SDECon64] -> {44176360-2BBF-4EC1-93CE-384B8681A0BC} => -> No File
ContextMenuHandlers2: [SDECon32] -> {44176360-2BBF-4EC1-93CE-384B8681A0BC} => -> No File
ContextMenuHandlers2: [SDECon64] -> {44176360-2BBF-4EC1-93CE-384B8681A0BC} => -> No File
ContextMenuHandlers4: [DriveFS 28 or later] -> {EE15C2BD-CECB-49F8-A113-CA1BFC528F5B} => C:\Program Files\Google\Drive File Stream\101.0.3.0\drivefsext.dll [2024-12-11] (Google LLC -> Google, Inc.)
ContextMenuHandlers5: [DriveFS 28 or later] -> {EE15C2BD-CECB-49F8-A113-CA1BFC528F5B} => C:\Program Files\Google\Drive File Stream\101.0.3.0\drivefsext.dll [2024-12-11] (Google LLC -> Google, Inc.)
ContextMenuHandlers5: [igfxDTCM] -> {9B5F5829-A529-4B12-814A-E81BCB8D93FC} => C:\Windows\System32\igfxDTCM.dll [2024-09-01] (Microsoft Windows Hardware Compatibility Publisher -> Intel Corporation)
ContextMenuHandlers5: [NvCplDesktopContext] -> {3D1975AF-48C6-4f8e-A182-BE0E08FA86A9} => C:\Windows\system32\nvshext.dll [2016-12-29] (NVIDIA Corporation -> NVIDIA Corporation)
ContextMenuHandlers6: [AccExt] -> {2A118EB5-5797-4F5E-8B3D-F4ECBA3C98E4} => C:\Program Files (x86)\Common Files\Adobe\CoreSyncExtension\CoreSync_x64.dll [2024-03-13] (Adobe Inc. -> )
ContextMenuHandlers6: [RUShellExt] -> {2C5515DC-2A7E-4BFD-B813-CACC2B685EB7} => C:\Program Files\VS Revo Group\Revo Uninstaller Pro\RUExt.dll [2022-04-04] (VS Revo Group Ltd. -> VS Revo Group)
ContextMenuHandlers6: [SDECon32] -> {44176360-2BBF-4EC1-93CE-384B8681A0BC} => -> No File
ContextMenuHandlers6: [SDECon64] -> {44176360-2BBF-4EC1-93CE-384B8681A0BC} => -> No File

==================== Codecs (Whitelisted) ====================

==================== Shortcuts & WMI ========================

(The entries could be listed to be restored or removed.)

Shortcut: C:\Users\rossu\Desktop\Google Drive.lnk -> C:\Program Files\Google\Drive File Stream\launch.bat ()

==================== Loaded Modules (Whitelisted) =============

==================== Alternate Data Streams (Whitelisted) ========

==================== Safe Mode (Whitelisted) ==================

(If an entry is included in the fixlist, it will be removed from the registry. The "AlternateShell" will be restored.)

HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\MBAMService => ""="Service"
HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Network\MBAMService => ""="Service"

==================== Association (Whitelisted) =================

==================== Internet Explorer (Whitelisted) =============

HKLM\Software\Microsoft\Internet Explorer\Main,Local Page =
HKLM\Software\Wow6432Node\Microsoft\Internet Explorer\Main,Local Page =

==================== Hosts content: =========================

(If needed Hosts: directive could be included in the fixlist to reset Hosts.)

2022-05-07 06:24 - 2024-11-18 23:44 - 000000873 _____ C:\Windows\system32\drivers\etc\hosts

==================== Other Areas ===========================

(Currently there is no automatic fix for this section.)

HKLM\System\CurrentControlSet\Control\Session Manager\Environment\\Path -> %SystemRoot%\system32\WBEM;C:\Windows\system32;C:\Windows;C:\Windows\System32\Wbem;C:\Windows\System32\WindowsPowerShell\v1.0\;C:\Windows\System32\OpenSSH\;C:\Program Files\dotnet\;C:\Users\rossu\AppData\Local\Microsoft\WindowsApps
HKU\S-1-5-21-1982769764-3492556622-4078228296-1000\Control Panel\Desktop\\Wallpaper -> c:\users\rossu\pictures\sotu.jpg
DNS Servers: 192.168.0.1
HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Policies\System => (ConsentPromptBehaviorAdmin: 5) (ConsentPromptBehaviorUser: 3) (EnableLUA: 1)
Windows Firewall is enabled.

Network Binding:
=============
Wi-Fi: Qualcomm Atheros AR956x Wireless Network Adapter -> athw10x.sys
Ethernet: Realtek PCIe GbE Family Controller -> rt640x64.sys
Síťové připojení Bluetooth: Bluetooth Device (Personal Area Network) -> bthpan.sys

==================== MSCONFIG/TASK MANAGER disabled items ==

(If an entry is included in the fixlist, it will be removed.)

HKU\S-1-5-21-1982769764-3492556622-4078228296-1000\...\StartupApproved\Run: => "MicrosoftEdgeAutoLaunch_7434B22AF5F101868BBBB0D3FE00BC41"
HKU\S-1-5-21-1982769764-3492556622-4078228296-1000\...\StartupApproved\Run: => "OneDrive"

==================== FirewallRules (Whitelisted) ================

(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)

FirewallRules: [{369ACD29-8B52-417E-B01D-55C7655AC4B8}] => (Allow) C:\Program Files\WindowsApps\TheBrowserCompany.Arc_1.22.0.53689_x64__ttt1ap7aakyb4\Arc.exe (THE BROWSER COMPANY OF NEW YORK INC. -> )
FirewallRules: [{50ABCF62-2743-4E28-BA94-FFC9A8D75E56}] => (Allow) C:\Program Files\WindowsApps\TheBrowserCompany.Arc_1.22.0.53689_x64__ttt1ap7aakyb4\Arc.exe (THE BROWSER COMPANY OF NEW YORK INC. -> )
FirewallRules: [{ECA92C28-48D5-4907-B91F-80846756C2D5}] => (Allow) D:\program\qBittorrent\qbittorrent.exe (The qBittorrent Project) [File not signed]
FirewallRules: [{CD54D6F4-96B5-4C0A-873D-F9AD08F4345D}] => (Allow) D:\program\qBittorrent\qbittorrent.exe (The qBittorrent Project) [File not signed]
FirewallRules: [{8293E142-B6B1-41AD-9A5B-75297D0EE97A}] => (Allow) C:\Program Files\Google\Chrome\Application\chrome.exe (Google LLC -> Google LLC)
FirewallRules: [{6BF84BED-64D7-4C84-AC2E-BAEA1B96F700}] => (Allow) C:\Program Files (x86)\Microsoft\EdgeWebView\Application\131.0.2903.112\msedgewebview2.exe (Microsoft Corporation -> Microsoft Corporation)

==================== Restore Points =========================

04-12-2024 17:25:23 Windows Update
09-12-2024 18:56:19 Windows Update
15-12-2024 10:16:10 Windows Update
19-12-2024 18:28:10 Windows Update
19-12-2024 18:28:38 Windows Update
21-12-2024 11:02:19 před root 9A

==================== Faulty Device Manager Devices ============

==================== Event log errors: ========================

Application errors:
==================
Error: (12/17/2024 09:49:26 PM) (Source: SideBySide) (EventID: 33) (User: )
Description: Generování kontextu aktivace pro D:\program\Zoner Photo Studio X\Zps.exe se nezdařilo.
Závislé sestavení ZpsCOMLib,processorArchitecture="msil",version="1.0.0.0" nelze najít.
Podrobnější diagnostické údaje získáte pomocí programu sxstrace.exe.

Error: (12/17/2024 09:49:26 PM) (Source: SideBySide) (EventID: 33) (User: )
Description: Generování kontextu aktivace pro D:\program\Zoner Photo Studio X\Zps.exe se nezdařilo.
Závislé sestavení ZpsCOMLib,processorArchitecture="msil",version="1.0.0.0" nelze najít.
Podrobnější diagnostické údaje získáte pomocí programu sxstrace.exe.

Error: (12/17/2024 09:49:19 PM) (Source: SideBySide) (EventID: 33) (User: )
Description: Generování kontextu aktivace pro D:\program\Zoner Photo Studio X\Zps.exe se nezdařilo.
Závislé sestavení ZpsCOMLib,processorArchitecture="msil",version="1.0.0.0" nelze najít.
Podrobnější diagnostické údaje získáte pomocí programu sxstrace.exe.

Error: (12/17/2024 09:49:19 PM) (Source: SideBySide) (EventID: 33) (User: )
Description: Generování kontextu aktivace pro D:\program\Zoner Photo Studio X\Zps.exe se nezdařilo.
Závislé sestavení ZpsCOMLib,processorArchitecture="msil",version="1.0.0.0" nelze najít.
Podrobnější diagnostické údaje získáte pomocí programu sxstrace.exe.

Error: (12/09/2024 07:00:08 PM) (Source: SideBySide) (EventID: 33) (User: )
Description: Generování kontextu aktivace pro D:\program\Zoner Photo Studio X\Zps.exe se nezdařilo.
Závislé sestavení ZpsCOMLib,processorArchitecture="msil",version="1.0.0.0" nelze najít.
Podrobnější diagnostické údaje získáte pomocí programu sxstrace.exe.

Error: (12/09/2024 07:00:08 PM) (Source: SideBySide) (EventID: 33) (User: )
Description: Generování kontextu aktivace pro D:\program\Zoner Photo Studio X\Zps.exe se nezdařilo.
Závislé sestavení ZpsCOMLib,processorArchitecture="msil",version="1.0.0.0" nelze najít.
Podrobnější diagnostické údaje získáte pomocí programu sxstrace.exe.

Error: (12/09/2024 07:00:02 PM) (Source: SideBySide) (EventID: 33) (User: )
Description: Generování kontextu aktivace pro D:\program\Zoner Photo Studio X\Zps.exe se nezdařilo.
Závislé sestavení ZpsCOMLib,processorArchitecture="msil",version="1.0.0.0" nelze najít.
Podrobnější diagnostické údaje získáte pomocí programu sxstrace.exe.

Error: (12/09/2024 07:00:02 PM) (Source: SideBySide) (EventID: 33) (User: )
Description: Generování kontextu aktivace pro D:\program\Zoner Photo Studio X\Zps.exe se nezdařilo.
Závislé sestavení ZpsCOMLib,processorArchitecture="msil",version="1.0.0.0" nelze najít.
Podrobnější diagnostické údaje získáte pomocí programu sxstrace.exe.


System errors:
=============
Error: (12/21/2024 01:39:07 PM) (Source: Service Control Manager) (EventID: 7000) (User: )
Description: Služba USBSafelyRemoveService neuspěla při spuštění v důsledku následující chyby:
Systém nemůže nalézt uvedený soubor.

Error: (12/21/2024 10:49:29 AM) (Source: Service Control Manager) (EventID: 7000) (User: )
Description: Služba USBSafelyRemoveService neuspěla při spuštění v důsledku následující chyby:
Systém nemůže nalézt uvedený soubor.

Error: (12/21/2024 09:26:45 AM) (Source: DCOM) (EventID: 10010) (User: DESKTOP-20BP8MR)
Description: Server {A463FCB9-6B1C-4E0D-A80B-A2CA7999E25D} se v daném časovém limitu neregistroval u služby DCOM.

Error: (12/21/2024 09:26:43 AM) (Source: googledrivefs31626) (EventID: 2) (User: )
Description: Mount point was still not assigned after forcing.

Error: (12/21/2024 09:26:43 AM) (Source: Ntfs) (EventID: 55) (User: NT AUTHORITY)
Description: Ve struktuře systému souborů na svazku ?? bylo zjištěno poškození.

Hlavní tabulka souborů (MFT) obsahuje poškozený záznam souboru. Referenční číslo souboru je 0x1000000000000. Název souboru je <nelze určit název souboru>.

Error: (12/21/2024 09:26:43 AM) (Source: googledrivefs31626) (EventID: 2) (User: )
Description: Warning: mount point creation is being forced.

Error: (12/21/2024 09:25:55 AM) (Source: Service Control Manager) (EventID: 7000) (User: )
Description: Služba USBSafelyRemoveService neuspěla při spuštění v důsledku následující chyby:
Systém nemůže nalézt uvedený soubor.

Error: (12/21/2024 09:11:53 AM) (Source: Service Control Manager) (EventID: 7000) (User: )
Description: Služba USBSafelyRemoveService neuspěla při spuštění v důsledku následující chyby:
Systém nemůže nalézt uvedený soubor.


Windows Defender:
================
Date: 2024-12-20 18:15:07
Description:
Prohledávání Antivirová ochrana v programu Microsoft Defender bylo zastaveno před dokončením.
ID prohledávání: {F54572A8-BD6F-4D39-9606-5776E83B5A61}
Typ prohledávání: Antimalwarový program
Parametry prohledávání: Rychlé prohledávání
Uživatel: NT AUTHORITY\SYSTEM

Date: 2024-12-15 15:56:04
Description:
Prohledávání Antivirová ochrana v programu Microsoft Defender bylo zastaveno před dokončením.
ID prohledávání: {EF1444E8-4495-4065-B432-DAB8735BC2BE}
Typ prohledávání: Antimalwarový program
Parametry prohledávání: Rychlé prohledávání
Uživatel: NT AUTHORITY\SYSTEM

Date: 2024-12-09 19:09:53
Description:
Prohledávání Antivirová ochrana v programu Microsoft Defender bylo zastaveno před dokončením.
ID prohledávání: {6BEB5909-10A1-45CC-AAE0-8D5CD1432713}
Typ prohledávání: Antimalwarový program
Parametry prohledávání: Rychlé prohledávání
Uživatel: NT AUTHORITY\SYSTEM

Date: 2024-12-04 18:44:34
Description:
Prohledávání Antivirová ochrana v programu Microsoft Defender bylo zastaveno před dokončením.
ID prohledávání: {7FC9A102-75D2-44D1-8E9C-2A507D6A3658}
Typ prohledávání: Antimalwarový program
Parametry prohledávání: Rychlé prohledávání
Uživatel: NT AUTHORITY\SYSTEM

Date: 2024-11-30 18:56:22
Description:
Antivirová ochrana v programu Microsoft Defender zjistil malware nebo jiný potenciálně nežádoucí software.
Další informace:
https://go.microsoft.com/fwlink/?linkid ... terprise=0
Název: HackTool:Win32/Enumplus
Závažnost: Vysoké
Kategorie: Nástroj
Cesta: file:_F:\pool\non-free\w\windows-binaries\windows-binaries_0.6.10_all.deb
Původ detekce: Místní počítač
Typ detekce: Konkrétní
Zdroj detekce: Ochrana v reálném čase
Uživatel: DESKTOP-20BP8MR\rossu
Název procesu: D:\linux\rufus-4.6.exe
Verze bezpečnostních informací: AV: 1.421.561.0, AS: 1.421.561.0, NIS: 1.421.561.0
Verze modulu: AM: 1.1.24090.11, NIS: 1.1.24090.11
Event[0]

Date: 2024-11-23 21:09:36
Description:
Antivirová ochrana v programu Microsoft Defender narazil na chybu při pokusu o aktualizaci bezpečnostních informací.
Nová verze bezpečnostních informací: 1.421.443.0
Předchozí verze bezpečnostních informací: 1.421.441.0
Zdroj aktualizace: Uživatel
Typ bezpečnostních informací: Antispywarový program
Typ aktualizace: Delta
Uživatel: NT AUTHORITY\SYSTEM
Aktuální verze modulu: 1.1.24090.11
Předchozí verze modulu: 1.1.24090.11
Kód chyby: 0x80501102
Popis chyby: Došlo k neočekávaným potížím. Nainstalujte všechny dostupné aktualizace a potom opakujte spuštění programu. Informace o instalaci aktualizací naleznete v nápovědě a podpoře.

Date: 2024-11-23 21:09:36
Description:
Antivirová ochrana v programu Microsoft Defender narazil na chybu při pokusu o aktualizaci bezpečnostních informací.
Nová verze bezpečnostních informací: 1.421.443.0
Předchozí verze bezpečnostních informací: 1.421.441.0
Zdroj aktualizace: Uživatel
Typ bezpečnostních informací: Antivirový program
Typ aktualizace: Delta
Uživatel: NT AUTHORITY\SYSTEM
Aktuální verze modulu: 1.1.24090.11
Předchozí verze modulu: 1.1.24090.11
Kód chyby: 0x80501102
Popis chyby: Došlo k neočekávaným potížím. Nainstalujte všechny dostupné aktualizace a potom opakujte spuštění programu. Informace o instalaci aktualizací naleznete v nápovědě a podpoře.

Date: 2024-11-23 21:09:29
Description:
Antivirová ochrana v programu Microsoft Defender narazil na chybu při pokusu o aktualizaci bezpečnostních informací.
Nová verze bezpečnostních informací:
Předchozí verze bezpečnostních informací: 1.421.441.0
Zdroj aktualizace: Server Microsoft Update
Typ bezpečnostních informací: Antivirový program
Typ aktualizace: Úplné
Uživatel: NT AUTHORITY\SYSTEM
Aktuální verze modulu:
Předchozí verze modulu: 1.1.24090.11
Kód chyby: 0x80240022
Popis chyby: V daném programu nelze zkontrolovat aktualizace definic.

Date: 2024-11-17 11:14:05
Description:
Antivirová ochrana v programu Microsoft Defender narazil na chybu při pokusu o aktualizaci bezpečnostních informací.
Nová verze bezpečnostních informací: 1.421.334.0
Předchozí verze bezpečnostních informací: 1.421.333.0
Zdroj aktualizace: Uživatel
Typ bezpečnostních informací: Antispywarový program
Typ aktualizace: Delta
Uživatel: NT AUTHORITY\SYSTEM
Aktuální verze modulu: 1.1.24090.11
Předchozí verze modulu: 1.1.24090.11
Kód chyby: 0x80501102
Popis chyby: Došlo k neočekávaným potížím. Nainstalujte všechny dostupné aktualizace a potom opakujte spuštění programu. Informace o instalaci aktualizací naleznete v nápovědě a podpoře.

Date: 2024-11-17 11:14:05
Description:
Antivirová ochrana v programu Microsoft Defender narazil na chybu při pokusu o aktualizaci bezpečnostních informací.
Nová verze bezpečnostních informací: 1.421.334.0
Předchozí verze bezpečnostních informací: 1.421.333.0
Zdroj aktualizace: Uživatel
Typ bezpečnostních informací: Antivirový program
Typ aktualizace: Delta
Uživatel: NT AUTHORITY\SYSTEM
Aktuální verze modulu: 1.1.24090.11
Předchozí verze modulu: 1.1.24090.11
Kód chyby: 0x80501102
Popis chyby: Došlo k neočekávaným potížím. Nainstalujte všechny dostupné aktualizace a potom opakujte spuštění programu. Informace o instalaci aktualizací naleznete v nápovědě a podpoře.

CodeIntegrity:
===============
Date: 2024-10-20 17:22:22
Description:
Windows is unable to verify the image integrity of the file \Device\HarddiskVolume4\Program Files (x86)\Spybot - Search & Destroy 2\SDWSCSvc.exe because file hash could not be found on the system. A recent hardware or software change might have installed a file that is signed incorrectly or damaged, or that might be malicious software from an unknown source.

Date: 2024-10-20 16:19:52
Description:
Code Integrity determined that a process (\Device\HarddiskVolume4\Windows\System32\SecurityHealthService.exe) attempted to load \Device\HarddiskVolume7\program\malwarebites\mbamsi64.dll that did not meet the Windows signing level requirements.

Date: 2024-10-20 16:10:09
Description:
Code Integrity determined that a process (\Device\HarddiskVolume4\Program Files\Google\Chrome\Application\chrome.exe) attempted to load \Device\HarddiskVolume7\program\malwarebites\mbae64.dll that did not meet the Microsoft signing level requirements.


==================== Memory info ===========================

BIOS: Insyde Corp. V1.03 04/20/2015
Motherboard: Acer Tashigi_BA
Processor: Intel(R) Pentium(R) CPU N3700 @ 1.60GHz
Percentage of memory in use: 76%
Total physical RAM: 4009.76 MB
Available physical RAM: 944.68 MB
Total Virtual: 8873.76 MB
Available Virtual: 5027.32 MB

==================== Drives ================================

Drive c: () (Fixed) (Total:445.37 GB) (Free:371.59 GB) (Model: KINGSTON SA400S37480G) NTFS
Drive d: (program) (Fixed) (Total:385.65 GB) (Free:272.29 GB) (Model: ST1000LM024 HN-M101MBB) NTFS
Drive e: (dokument) (Fixed) (Total:545.87 GB) (Free:242.24 GB) (Model: ST1000LM024 HN-M101MBB) NTFS
Drive g: (Google Drive) (Fixed) (Total:15 GB) (Free:13.97 GB) (Model: KINGSTON SA400S37480G) FAT32

\\?\Volume{4b9d5381-3ac7-4771-8439-456dc87e904a}\ () (Fixed) (Total:0 GB) (Free:0 GB)
\\?\Volume{1e7ba619-44e6-4ac7-bb7a-fb93f42a6b0b}\ () (Fixed) (Total:0.8 GB) (Free:0.11 GB) NTFS
\\?\Volume{2f2a4a8d-1a5d-4744-91d4-dddc031369c2}\ () (Fixed) (Total:0 GB) (Free:0 GB)
\\?\Volume{7a5c7e02-fac7-4092-a97b-85151bbf95ed}\ () (Fixed) (Total:0.09 GB) (Free:0.07 GB) FAT32

==================== MBR & Partition Table ====================

==========================================================
Disk: 0 (Size: 447.1 GB) (Disk ID: 0F17B634)

Partition: GPT.

==========================================================
Disk: 1 (Size: 931.5 GB) (Disk ID: 0382F705)

Partition: GPT.

==================== End of Addition.txt =======================

Zdravím!
Otevřte poznámkový blok a zkopírujte do něj:

Start

CloseProcesses:
ContextMenuHandlers1: [SDECon32] -> {44176360-2BBF-4EC1-93CE-384B8681A0BC} => -> No File
ContextMenuHandlers1: [SDECon64] -> {44176360-2BBF-4EC1-93CE-384B8681A0BC} => -> No File
ContextMenuHandlers2: [SDECon32] -> {44176360-2BBF-4EC1-93CE-384B8681A0BC} => -> No File
ContextMenuHandlers2: [SDECon64] -> {44176360-2BBF-4EC1-93CE-384B8681A0BC} => -> No File
ContextMenuHandlers6: [SDECon32] -> {44176360-2BBF-4EC1-93CE-384B8681A0BC} => -> No File
ContextMenuHandlers6: [SDECon64] -> {44176360-2BBF-4EC1-93CE-384B8681A0BC} => -> No File
F:\pool\non-free\w\windows-binaries\windows-binaries_0.6.10_all.deb
GroupPolicy: Restriction ? <==== ATTENTION
Task: {A9F8A1F7-33BF-41F7-89EF-5E54141F94B2} - System32\Tasks\Driver Booster SkipUAC (rossu) => "E:\torrent\IObit Driver Booster Pro 12.0.0.356\App\DriverBooster\DriverBooster.exe" /skipuac (No File)
Task: {8B144456-05B4-40AF-9F08-396AB6B6130C} - System32\Tasks\GoogleSystem\GoogleUpdater\GoogleUpdaterTaskSystem129.0.6651.0{00BD69EB-9B74-4946-A1AD-01AEED7C7DE7} => C:\Program Files (x86)\Google\GoogleUpdater\129.0.6651.0\updater.exe [4906600 2024-08-11] (Google LLC -> Google LLC)
Task: {FD038491-A30D-4686-BB6F-6B6DA48AE3BA} - System32\Tasks\GoogleSystem\GoogleUpdater\GoogleUpdaterTaskSystem130.0.6679.0{06594B9B-B0AF-46D7-A639-A3F9AD9461A2} => C:\Program Files (x86)\Google\GoogleUpdater\130.0.6679.0\updater.exe [4884584 2024-08-26] (Google LLC -> Google LLC)
Task: {1C4B02E2-E221-4AD2-AD8C-C4BAFA1B4E56} - System32\Tasks\GoogleSystem\GoogleUpdater\GoogleUpdaterTaskSystem132.0.6833.0{46D7CD13-D769-4EEE-9C42-77EABF3FA9CC} => C:\Program Files (x86)\Google\GoogleUpdater\132.0.6833.0\updater.exe [5591136 2024-11-11] (Google LLC -> Google LLC)
Task: {E0F10DCF-44AD-40E8-9370-FB5DA59F93FB} - System32\Tasks\Microsoft\Windows\UpdateOrchestrator\USO_UxBroker => %systemroot%\system32\MusNotification.exe (No File)
U0 Partizan; system32\drivers\Partizan.sys [X]
C:\Windows\system32\{A6D608F0-0BDE-491A-97AE-5C4B05D86E01}.bat

EmptyTemp:
End

Uložte na plochu jako fixlist.txt. Spusťte znovu FRST a klikněte na >Fix<. Po skončení akce se objeví log, který sem zkopírujte.

..ok děkuji -tady-

...a vypadá to lepší

Fix result of Farbar Recovery Scan Tool (x64) Version: 19-12-2024 01
Ran by rossu (21-12-2024 17:22:42) Run:1
Running from C:\Users\rossu\Desktop
Loaded Profiles: rossu
Boot Mode: Normal
==============================================

fixlist content:
*****************
Start

CloseProcesses:
ContextMenuHandlers1: [SDECon32] -> {44176360-2BBF-4EC1-93CE-384B8681A0BC} => -> No File
ContextMenuHandlers1: [SDECon64] -> {44176360-2BBF-4EC1-93CE-384B8681A0BC} => -> No File
ContextMenuHandlers2: [SDECon32] -> {44176360-2BBF-4EC1-93CE-384B8681A0BC} => -> No File
ContextMenuHandlers2: [SDECon64] -> {44176360-2BBF-4EC1-93CE-384B8681A0BC} => -> No File
ContextMenuHandlers6: [SDECon32] -> {44176360-2BBF-4EC1-93CE-384B8681A0BC} => -> No File
ContextMenuHandlers6: [SDECon64] -> {44176360-2BBF-4EC1-93CE-384B8681A0BC} => -> No File
F:\pool\non-free\w\windows-binaries\windows-binaries_0.6.10_all.deb
GroupPolicy: Restriction ? <==== ATTENTION
Task: {A9F8A1F7-33BF-41F7-89EF-5E54141F94B2} - System32\Tasks\Driver Booster SkipUAC (rossu) => "E:\torrent\IObit Driver Booster Pro 12.0.0.356\App\DriverBooster\DriverBooster.exe" /skipuac (No File)
Task: {8B144456-05B4-40AF-9F08-396AB6B6130C} - System32\Tasks\GoogleSystem\GoogleUpdater\GoogleUpdaterTaskSystem129.0.6651.0{00BD69EB-9B74-4946-A1AD-01AEED7C7DE7} => C:\Program Files (x86)\Google\GoogleUpdater\129.0.6651.0\updater.exe [4906600 2024-08-11] (Google LLC -> Google LLC)
Task: {FD038491-A30D-4686-BB6F-6B6DA48AE3BA} - System32\Tasks\GoogleSystem\GoogleUpdater\GoogleUpdaterTaskSystem130.0.6679.0{06594B9B-B0AF-46D7-A639-A3F9AD9461A2} => C:\Program Files (x86)\Google\GoogleUpdater\130.0.6679.0\updater.exe [4884584 2024-08-26] (Google LLC -> Google LLC)
Task: {1C4B02E2-E221-4AD2-AD8C-C4BAFA1B4E56} - System32\Tasks\GoogleSystem\GoogleUpdater\GoogleUpdaterTaskSystem132.0.6833.0{46D7CD13-D769-4EEE-9C42-77EABF3FA9CC} => C:\Program Files (x86)\Google\GoogleUpdater\132.0.6833.0\updater.exe [5591136 2024-11-11] (Google LLC -> Google LLC)
Task: {E0F10DCF-44AD-40E8-9370-FB5DA59F93FB} - System32\Tasks\Microsoft\Windows\UpdateOrchestrator\USO_UxBroker => %systemroot%\system32\MusNotification.exe (No File)
U0 Partizan; system32\drivers\Partizan.sys [X]
C:\Windows\system32\{A6D608F0-0BDE-491A-97AE-5C4B05D86E01}.bat

EmptyTemp:
End
*****************

Processes closed successfully.
HKLM\Software\Classes\*\ShellEx\ContextMenuHandlers\SDECon32 => removed successfully
HKLM\Software\Classes\*\ShellEx\ContextMenuHandlers\SDECon64 => removed successfully
HKLM\Software\Classes\Drive\ShellEx\ContextMenuHandlers\SDECon32 => removed successfully
HKLM\Software\Classes\Drive\ShellEx\ContextMenuHandlers\SDECon64 => removed successfully
HKLM\Software\Classes\Folder\ShellEx\ContextMenuHandlers\SDECon32 => removed successfully
HKLM\Software\Classes\Folder\ShellEx\ContextMenuHandlers\SDECon64 => removed successfully
"F:\pool\non-free\w\windows-binaries\windows-binaries_0.6.10_all.deb" => not found

"C:\Windows\system32\GroupPolicy\Machine" Folder move:

C:\Windows\system32\GroupPolicy\Machine => moved successfully
C:\Windows\system32\GroupPolicy\GPT.ini => moved successfully
C:\Windows\SysWOW64\GroupPolicy\GPT.ini => moved successfully
"HKLM\Software\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Plain\{A9F8A1F7-33BF-41F7-89EF-5E54141F94B2}" => removed successfully
"HKLM\Software\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tasks\{A9F8A1F7-33BF-41F7-89EF-5E54141F94B2}" => removed successfully
C:\Windows\System32\Tasks\Driver Booster SkipUAC (rossu) => moved successfully
"HKLM\Software\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tree\Driver Booster SkipUAC (rossu)" => removed successfully
"HKLM\Software\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Logon\{8B144456-05B4-40AF-9F08-396AB6B6130C}" => removed successfully
"HKLM\Software\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tasks\{8B144456-05B4-40AF-9F08-396AB6B6130C}" => removed successfully
C:\Windows\System32\Tasks\GoogleSystem\GoogleUpdater\GoogleUpdaterTaskSystem129.0.6651.0{00BD69EB-9B74-4946-A1AD-01AEED7C7DE7} => moved successfully
"HKLM\Software\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tree\GoogleSystem\GoogleUpdater\GoogleUpdaterTaskSystem129.0.6651.0{00BD69EB-9B74-4946-A1AD-01AEED7C7DE7}" => removed successfully
"HKLM\Software\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Logon\{FD038491-A30D-4686-BB6F-6B6DA48AE3BA}" => removed successfully
"HKLM\Software\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tasks\{FD038491-A30D-4686-BB6F-6B6DA48AE3BA}" => removed successfully
C:\Windows\System32\Tasks\GoogleSystem\GoogleUpdater\GoogleUpdaterTaskSystem130.0.6679.0{06594B9B-B0AF-46D7-A639-A3F9AD9461A2} => moved successfully
"HKLM\Software\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tree\GoogleSystem\GoogleUpdater\GoogleUpdaterTaskSystem130.0.6679.0{06594B9B-B0AF-46D7-A639-A3F9AD9461A2}" => removed successfully
"HKLM\Software\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Logon\{1C4B02E2-E221-4AD2-AD8C-C4BAFA1B4E56}" => removed successfully
"HKLM\Software\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tasks\{1C4B02E2-E221-4AD2-AD8C-C4BAFA1B4E56}" => removed successfully
C:\Windows\System32\Tasks\GoogleSystem\GoogleUpdater\GoogleUpdaterTaskSystem132.0.6833.0{46D7CD13-D769-4EEE-9C42-77EABF3FA9CC} => moved successfully
"HKLM\Software\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tree\GoogleSystem\GoogleUpdater\GoogleUpdaterTaskSystem132.0.6833.0{46D7CD13-D769-4EEE-9C42-77EABF3FA9CC}" => removed successfully
"HKLM\Software\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Plain\{E0F10DCF-44AD-40E8-9370-FB5DA59F93FB}" => removed successfully
"HKLM\Software\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tasks\{E0F10DCF-44AD-40E8-9370-FB5DA59F93FB}" => removed successfully
C:\Windows\System32\Tasks\Microsoft\Windows\UpdateOrchestrator\USO_UxBroker => moved successfully
"HKLM\Software\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tree\Microsoft\Windows\UpdateOrchestrator\USO_UxBroker" => removed successfully
HKLM\System\CurrentControlSet\Services\Partizan => removed successfully
Partizan => service removed successfully
C:\Windows\system32\{A6D608F0-0BDE-491A-97AE-5C4B05D86E01}.bat => moved successfully

=========== EmptyTemp: ==========

FlushDNS => completed
BITS transfer queue => 0 B
DOMStore, IE Recovery, AppCache, Feeds Cache, Thumbcache, IconCache => 15012962 B
Java, Discord, Steam htmlcache, WinHttpAutoProxySvc/winhttp *.cache => 0 B
Windows/system/drivers => 893259 B
Edge => 0 B
Chrome => 45370610 B
Firefox => 0 B
Opera => 0 B

Temp, IE cache, history, cookies, recent:
Default => 0 B
ProgramData => 0 B
Public => 0 B
systemprofile => 0 B
systemprofile32 => 0 B
LocalService => 662290 B
NetworkService => 662290 B
rossu => 1645890 B

RecycleBin => 8105 B
EmptyTemp: => 61.3 MB temporary data Removed.

================================


The system needed a reboot.

==== End of Fixlog 17:23:44 ====

Bylo smazáno. Pokud by to bylo ještě málo, udělejte defragmentaci disku a smažte cache prohlížeče.

Rudy píše: 21 pro 2024 18:43 Bylo smazáno. Pokud by to bylo ještě málo, udělejte defragmentaci disku a smažte cache prohlížeče.

Děkuju moc, vypadá to mnohem lépe...

A přeju pěkné sváteční dny

Veselé Vánoce a PF 2025! Nemáte zač!