Nelze spustit windows defender Vyřešeno

[PARKR]

Zdravím , po včerejší údržbě/čistění v sekci HiJackThis na mne skáče neustále okno ohledně antiviru . Nevím co s tím .Může některý z rádců pomoci ? Děkuji
Prosím o delete duplicitního tématu . Protože po restartu PC se chybová hláška objevila zase . žádný antivir jinak nemám nainstalovaný .

[Reklama]

[jaro3]

Psal si že je vše OK..

Stáhni si Security Check by screen317 z některého odkazu
http://www.bleepingcomputer.com/download/securitycheck/
https://www.bleepingcomputer.com/downlo ... ritycheck/

http://screen317.spywareinfoforum.org/SecurityCheck.exe
http://screen317.changelog.fr/SecurityCheck.exe

ulož si ho na plochu, poklepej na něj a postupuj podle instrukcí v černém okně. Potom se automaticky otevře pozn. Blok, bude mít název checkup.txt. Jeho obsah sem prosím zkopíruj.

Vypni antivir i firewall.
Prosím stáhni příslušnou verzi programu pro Tvůj systém 32-bit/64-bit FarbarRecovery Scan Tool (FrSt)
32bit.:
http://www.bleepingcomputer.com/downloa ... ool/dl/81/
64bit.:
http://www.bleepingcomputer.com/downloa ... ool/dl/82/
další odkaz:
http://www.bleepingcomputer.com/downloa ... scan-tool/
a ulož jej na plochu. ,pak spusť FrSt.
Potvrď způsob užití.
Neměň žádné z výchozích nastavení a klikni na položku „Scan“ („Skenovat“) .Když je skenování dokončeno, ukážou se dva logy = FRST.txt a Addition.txt a uloží se na ploše.Prosím zkopíruj sem celý jejich obsah.

[PARKR]

Stahl jsem program SecurityCheck , ale po spuštění vyhodí tuto hlášku .

stáhl jsem odtud snad nevadí https://www.majorgeeks.com/files/details/securitycheck_f5a9.html

[jaro3]

Tak security check vynech a udělej rovnou FRST.

[PARKR]

SecurityCheck by glax24 & Severnyj v.1.4.0.54 [06.12.21]
WebSite: http://www.safezone.cc
DateLog: 19.12.2023 20:30:19
Path starting: C:\Users\Roman\AppData\Local\Temp\SecurityCheck\SecurityCheck.exe
Log directory: C:\SecurityCheck\
IsAdmin: True
User: Roman
VersionXML: 10.78is-10.11.2023
___________________________________________________________________________

Windows 10(6.3.19045) (x64) Professional Release: 2009 Lang: 0405
Installation date OS: 28.11.2023 17:33:13
LicenseStatus: Windows(R), Professional edition Volume activation will expire : 230237 minutes
LicenseStatus: Office 16, Office16ProPlusVL_KMS_Client edition Volume activation will expire : 230237 minutes
Boot Mode: Normal
Default Browser: C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
SystemDrive: C: FS: [NTFS] Capacity: [110.9 Gb] Used: [80 Gb] Free: [30.9 Gb]
------------------------------- [ Windows ] -------------------------------
User Account Control enabled (Level 3)
Never check for updates
Centrum zabezpečení (wscsvc) - The service is running
Vzdálený registr (RemoteRegistry) - The service has stopped
SSDP Discovery (SSDPSRV) - The service is running
Vzdálená plocha (TermService) - The service has stopped
Vzdálená správa systému Windows (WS-Management) (WinRM) - The service has stopped
------------------------------- [ HotFix ] --------------------------------
HotFix KB5031356 Warning! Download Update
---------------------------- [ Antivirus_WMI ] ----------------------------
Windows Defender (disabled)
--------------------------- [ FirewallWindows ] ---------------------------
Firewall v programu Windows Defender (mpssvc) - The service is running
Disabled the public profile of Windows Firewall
Disabled the standard profile for Windows Firewall
--------------------------- [ AntiSpyware_WMI ] ---------------------------
Windows Defender (enabled and up to date)
---------------------- [ AntiVirusFirewallInstall ] -----------------------
Malwarebytes version 4.6.5.293 v.4.6.5.293 Warning! Download Update
--------------------------- [ OtherUtilities ] ----------------------------
AMD Software v.23.8.2 Warning! Download Update
LibreOffice 5.4.7.2 v.5.4.7.2 Warning! Download Update
Steam v.2.10.91.91
------------------------------- [ Backup ] --------------------------------
Google Drive v.85.0.26.0 [+]
Microsoft OneDrive v.23.246.1127.0002 [+]
------------------------------ [ ArchAndFM ] ------------------------------
7-Zip 21.07 (x64) v.21.07 Warning! Download Update
Uninstall old version and install new one.
WinRAR 5.90 (64-bit) v.5.90.0 Warning! Download Update
7-Zip 22.00 (x64 edition) v.22.00.00.0 Warning! Download Update
Uninstall old version and install new one.
WinRAR 5.50 64bit CZ Full verze 5.50 v.5.50 Warning! Download Update
---------------------------- [ ProxyAndVPNs ] -----------------------------
Kaspersky Secure Connection v.18.0.0.405
-------------------------------- [ Media ] --------------------------------
VLC media player v.3.0.16 Warning! Download Update
--------------------------- [ AdobeProduction ] ---------------------------
Adobe Shockwave Player 12.2 v.12.2.2.172 Warning! This software is no longer supported. Please uninstall it.
------------------------------- [ Browser ] -------------------------------
Mozilla Firefox 72.0.2 (x64 cs) v.72.0.2 Warning! Download Update
Google Chrome v.120.0.6099.110 [+]
Microsoft Edge v.120.0.2210.77 [+]
Opera Stable 105.0.4970.48 v.105.0.4970.48 [+]
Opera Stable 70.0.3728.133 v.70.0.3728.133 Warning! Download Update
------------------ [ AntivirusFirewallProcessServices ] -------------------
Malwarebytes Service (MBAMService) - The service has stopped
Služba Antivirová ochrana v programu Microsoft Defender (WinDefend) - The service has stopped
Služba kontroly sítě v Antivirové ochraně v programu Microsoft Defender (WdNisSvc) - The service has stopped
---------------------------- [ UnwantedApps ] -----------------------------
CCleaner v.6.19 Warning! Suspected demo version of anti-spyware, driver updater or optimizer. If this program is not familiar to you it is recommended to uninstall it and execute PC scanning using Malwarebytes Anti-Malware. Possible you became a victim of fraud or social engineering. Computer experts no longer recommend this program.
Wise Care 365 4.81 v.4.81 Warning! Suspected demo version of anti-spyware, driver updater or optimizer. If this program is not familiar to you it is recommended to uninstall it and execute PC scanning using Malwarebytes Anti-Malware. Possible you became a victim of fraud or social engineering. Computer experts no longer recommend this program.
Wise Game Booster 1.39 v.1.39 Warning! Suspected demo version of anti-spyware, driver updater or optimizer. If this program is not familiar to you it is recommended to uninstall it and execute PC scanning using Malwarebytes Anti-Malware. Possible you became a victim of fraud or social engineering. Computer experts no longer recommend this program.
Wise Memory Optimizer 3.5.2 v.3.5.2 Warning! Suspected demo version of anti-spyware, driver updater or optimizer. If this program is not familiar to you it is recommended to uninstall it and execute PC scanning using Malwarebytes Anti-Malware. Possible you became a victim of fraud or social engineering. Computer experts no longer recommend this program.
YTD Video Downloader Pro 4.1 v.4.1 Warning! Suspected Adware! If this program is not familiar to you it is recommended to uninstall it and execute PC scanning using Malwarebytes Anti-Malware and Malwarebytes AdwCleaner. Before uninstallation and scanning it is necessary to consult in the forum where cure is provided for you!!!
DriverGenius v.1.0.0 Warning! Suspected demo version of anti-spyware, driver updater or optimizer. If this program is not familiar to you it is recommended to uninstall it and execute PC scanning using Malwarebytes Anti-Malware. Possible you became a victim of fraud or social engineering. Computer experts no longer recommend this program.
UmmyVideoDownloader v.1.10.3.1 Warning! Suspected Adware! If this program is not familiar to you it is recommended to uninstall it and execute PC scanning using Malwarebytes Anti-Malware and Malwarebytes AdwCleaner. Before uninstallation and scanning it is necessary to consult in the forum where cure is provided for you!!!
----------------------------- [ End of Log ] ------------------------------

[PARKR]

Scan result of Farbar Recovery Scan Tool (FRST) (x64) Version: 18-12-2023
Ran by Roman (administrator) on ROMAN (MSI MS-7971) (19-12-2023 20:41:21)
Running from C:\Users\Roman\Desktop\FRST64 (1).exe
Loaded Profiles: Roman
Platform: Microsoft Windows 10 Pro Version 22H2 19045.3803 (X64) Language: Čeština (Česko)
Default browser: Edge
Boot Mode: Normal

==================== Processes (Whitelisted) =================

(If an entry is included in the fixlist, the process will be closed. The file will not be moved.)

(AVB Disc Soft, SIA -> Disc Soft FZE LLC) C:\Program Files\DAEMON Tools Lite\DTShellHlp.exe
(C:\Program Files\Opera\opera.exe ->) (Opera Norway AS -> Opera Software) C:\Program Files\Opera\105.0.4970.48\opera_crashreporter.exe
(DriverStore\FileRepository\u0397033.inf_amd64_bf2b1fc18ba7195d\B396953\atiesrxx.exe ->) (Advanced Micro Devices Inc. -> AMD) C:\Windows\System32\DriverStore\FileRepository\u0397033.inf_amd64_bf2b1fc18ba7195d\B396953\atieclxx.exe
(Google LLC -> Google LLC) C:\Program Files (x86)\Google\Update\1.3.36.352\GoogleCrashHandler.exe
(Google LLC -> Google LLC) C:\Program Files (x86)\Google\Update\1.3.36.352\GoogleCrashHandler64.exe
(Microsoft Corporation -> Microsoft Corporation) C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe <5>
(Opera Norway AS -> Opera Software) C:\Program Files\Opera\opera.exe <28>
(services.exe ->) (Advanced Micro Devices Inc. -> AMD) C:\Windows\System32\DriverStore\FileRepository\u0397033.inf_amd64_bf2b1fc18ba7195d\B396953\atiesrxx.exe
(services.exe ->) (AVB Disc Soft, SIA -> Disc Soft FZE LLC) C:\Program Files\DAEMON Tools Lite\DiscSoftBusServiceLite.exe
(services.exe ->) (Even Balance, Inc. -> ) C:\Windows\System32\PnkBstrA.exe
(services.exe ->) (Chickadee Digital, LLC -> Chickadee Digital LLC) C:\Program Files (x86)\OneBrowser\Update\OBUpdateService.exe
(services.exe ->) (Lespeed Technology Ltd. -> WiseCleaner.com) C:\Program Files (x86)\Wise\Wise Care 365\BootTime.exe
(services.exe ->) (Microsoft Corporation -> Microsoft Corporation) C:\Program Files\Common Files\microsoft shared\ClickToRun\OfficeClickToRun.exe
(services.exe ->) (Microsoft Windows Hardware Compatibility Publisher -> Advanced Micro Devices, Inc.) C:\Windows\System32\amdfendrsr.exe
(svchost.exe ->) (24803D75-212C-471A-BC57-9EF86AB91435 -> ) C:\Program Files\WindowsApps\5319275A.WhatsAppDesktop_2.2349.2.0_x64__cv1g1gvanyjgm\WhatsApp.exe
(svchost.exe ->) (Microsoft Corporation -> Microsoft Corporation) C:\Users\Roman\AppData\Local\Microsoft\OneDrive\23.246.1127.0002\FileCoAuth.exe
(svchost.exe ->) (Microsoft Windows -> Microsoft Corporation) C:\Windows\ImmersiveControlPanel\SystemSettings.exe
(svchost.exe ->) (Microsoft Windows -> Microsoft Corporation) C:\Windows\System32\dllhost.exe <2>
(svchost.exe ->) (Microsoft Windows -> Microsoft Corporation) C:\Windows\System32\smartscreen.exe

==================== Registry (Whitelisted) ===================

(If an entry is included in the fixlist, the registry item will be restored to default or removed. The file will not be moved.)

HKLM\SOFTWARE\Microsoft\Windows Defender: [DisableAntiSpyware] Restriction <==== ATTENTION
HKLM\SOFTWARE\Microsoft\Windows Defender: [DisableAntiVirus] Restriction <==== ATTENTION
HKLM\SOFTWARE\Policies\Microsoft\Windows Defender: Restriction <==== ATTENTION
HKLM\SOFTWARE\Policies\Microsoft\Windows\WindowsUpdate: Restriction <==== ATTENTION
HKU\S-1-5-19\...\Run: [GoogleDriveFS] => C:\Program Files\Google\Drive File Stream\85.0.26.0\GoogleDriveFS.exe [58654496 2023-12-18] (Google LLC -> Google, Inc.)
HKU\S-1-5-20\...\Run: [GoogleDriveFS] => C:\Program Files\Google\Drive File Stream\85.0.26.0\GoogleDriveFS.exe [58654496 2023-12-18] (Google LLC -> Google, Inc.)
HKU\S-1-5-21-3164086441-1288322857-271608641-1001\...\Run: [MicrosoftEdgeAutoLaunch_66D161819F0EAC1A9819F518A968ED0B] => "C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --no-startup-window --win-session-start [3854376 2023-12-14] (Microsoft Corporation -> Microsoft Corporation)
HKU\S-1-5-21-3164086441-1288322857-271608641-1001\...\Run: [CCleaner Smart Cleaning] => C:\Program Files\CCleaner\CCleaner64.exe [44486048 2023-12-05] (PIRIFORM SOFTWARE LIMITED -> Piriform Software Ltd)
HKU\S-1-5-21-3164086441-1288322857-271608641-1001\...\Policies\Explorer: [NoLowDiskSpaceChecks] 1
HKU\S-1-5-21-3164086441-1288322857-271608641-1001\...\Policies\Explorer: []
HKU\S-1-5-21-3164086441-1288322857-271608641-1001\...\MountPoints2: {fd953d6f-8e13-11ee-9142-4ccc6a6d0ec0} - "F:\setup.exe"
HKU\S-1-5-21-3164086441-1288322857-271608641-1001\Control Panel\Desktop\\SCRNSAVE.EXE -> C:\Windows\system32\scrnsave.scr [39936 2019-12-07] (Microsoft Windows -> Microsoft Corporation)
HKU\S-1-5-18\...\Run: [GoogleDriveFS] => C:\Program Files\Google\Drive File Stream\85.0.26.0\GoogleDriveFS.exe [58654496 2023-12-18] (Google LLC -> Google, Inc.)
HKLM\...\Print\Monitors\HP c111 Status Monitor: C:\WINDOWS\system32\hpinkstsc111LM.dll [333496 2012-12-16] (Hewlett Packard -> Hewlett-Packard Co.)
HKLM\Software\Microsoft\Active Setup\Installed Components: [{8A69D345-D564-463c-AFF1-A69D9E530F96}] -> C:\Program Files (x86)\Google\Chrome\Application\120.0.6099.110\Installer\chrmstp.exe [2023-12-19] (Google LLC -> Google LLC)
BootExecute: autocheck autochk * avgBoot.exe /M:6de394024a /dir:"C:\Program Files\AVG\Antivirus"
HKLM\SOFTWARE\Policies\Mozilla\Firefox: Restriction <==== ATTENTION

==================== Scheduled Tasks (Whitelisted) =================

(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)

Task: {E79460D9-8FED-4AC1-87B4-10EF2351AEA4} - System32\Tasks\{530F65A9-5287-4B5F-83F4-98E3FF9F55D8} => C:\Windows\system32\pcalua.exe [53760 2023-11-30] (Microsoft Windows -> Microsoft Corporation) -> -a "C:\Users\Roman\Desktop\zoek1\zoek (1).exe" -d C:\Users\Roman\Desktop\zoek1
Task: {B39ADC6B-ADF2-40AA-BAC5-4F38E59F4B1C} - System32\Tasks\{977C5418-B343-424B-A9C2-8A0F33BD3106} => C:\Windows\system32\pcalua.exe [53760 2023-11-30] (Microsoft Windows -> Microsoft Corporation) -> -a "C:\Program Files (x86)\Common Files\EAInstaller\Battlefield 3\Cleanup.exe" -c uninstall_game -autologging
Task: {F590873F-8C30-4A97-AD15-40EAC678EF09} - System32\Tasks\{B5A7E01A-B572-4972-8D70-EED030CA29B2} => C:\Windows\system32\pcalua.exe [53760 2023-11-30] (Microsoft Windows -> Microsoft Corporation) -> -a C:\Users\Roman\Desktop\zoek1\zoek1\zoek.exe -d C:\Users\Roman\Desktop\zoek1\zoek1
Task: {74D6DED2-14C2-4B85-BCE9-A11BB4F29F4F} - System32\Tasks\{C30BB5A5-9E23-444F-A450-A9CB8B282090} => C:\Windows\system32\pcalua.exe [53760 2023-11-30] (Microsoft Windows -> Microsoft Corporation) -> -a "C:\Users\Roman\Desktop\čištění PC\zoek\zoek1\zoek (1).exe" -d "C:\Users\Roman\Desktop\čištění PC\zoek\zoek1"
Task: {B4417120-B076-41FE-9795-089FD917282A} - System32\Tasks\Avast Software\Overseer => C:\Program Files\Common Files\Avast Software\Overseer\overseer.exe [2144664 2023-08-05] (Avast Software s.r.o. -> Avast Software)
Task: {3BAAFCD7-0797-4F4D-A341-DE309B35ACA5} - System32\Tasks\CCleaner Update => C:\Program Files\CCleaner\CCUpdate.exe [714256 2023-12-05] (PIRIFORM SOFTWARE LIMITED -> Piriform Software Ltd)
Task: {F64CB0C8-D01F-4E8B-BED7-D201E5CA27D8} - System32\Tasks\CCleanerCrashReporting => C:\Program Files\CCleaner\CCleanerBugReport.exe [4703648 2023-12-05] (PIRIFORM SOFTWARE LIMITED -> Piriform Software) -> --product 90 --send dumps|report --path "C:\Program Files\CCleaner\LOG" --programpath "C:\Program Files\CCleaner" --guid "ff23339d-bb51-42b1-885a-9cdbee020fb3" --version "6.19.10858" --silent
Task: {719025DA-4265-458A-8169-1E1B244096D9} - System32\Tasks\CCleanerSkipUAC - Roman => C:\Program Files\CCleaner\CCleaner.exe [37458848 2023-12-05] (PIRIFORM SOFTWARE LIMITED -> Piriform Software Ltd)
Task: {7DB76F60-B46D-476C-A3D5-097F5D94C7FA} - System32\Tasks\GoogleUpdateTaskMachineCore => C:\Program Files (x86)\Google\Update\GoogleUpdate.exe [153752 2017-03-22] (Google Inc -> Google Inc.)
Task: {A68A477E-0EE5-4B83-8CC3-8FF5BA879940} - System32\Tasks\GoogleUpdateTaskMachineUA => C:\Program Files (x86)\Google\Update\GoogleUpdate.exe [153752 2017-03-22] (Google Inc -> Google Inc.)
Task: {153A89E5-00C3-43EB-8F0B-DC9461911F2F} - System32\Tasks\Microsoft\Office\Office Automatic Updates 2.0 => C:\Program Files\Common Files\Microsoft Shared\ClickToRun\OfficeC2RClient.exe [22799320 2021-12-02] (Microsoft Corporation -> Microsoft Corporation)
Task: {7624807A-11DE-462C-9665-E9FAF775EA2C} - System32\Tasks\Microsoft\Office\Office ClickToRun Service Monitor => C:\Program Files\Common Files\Microsoft Shared\ClickToRun\OfficeC2RClient.exe [22799320 2021-12-02] (Microsoft Corporation -> Microsoft Corporation)
Task: {3258B303-F753-48DC-BCC6-53988F7B7557} - System32\Tasks\Microsoft\Office\Office Feature Updates => C:\Program Files\Microsoft Office\root\Office16\sdxhelper.exe [139656 2023-06-06] (Microsoft Corporation -> Microsoft Corporation)
Task: {C02ABF01-AD67-4206-8036-322C3AC7E3F3} - System32\Tasks\Microsoft\Office\Office Feature Updates Logon => C:\Program Files\Microsoft Office\root\Office16\sdxhelper.exe [139656 2023-06-06] (Microsoft Corporation -> Microsoft Corporation)
Task: {160E0086-DC3C-476C-816D-6DA4B4A466C7} - System32\Tasks\Microsoft\Office\OfficeTelemetryAgentFallBack2016 => C:\Program Files\Microsoft Office\root\Office16\msoia.exe [8386448 2023-06-06] (Microsoft Corporation -> Microsoft Corporation)
Task: {92E37D2E-6720-4653-8F09-88F7F9B97C61} - System32\Tasks\Microsoft\Office\OfficeTelemetryAgentLogOn2016 => C:\Program Files\Microsoft Office\root\Office16\msoia.exe [8386448 2023-06-06] (Microsoft Corporation -> Microsoft Corporation)
Task: {CE2DE968-E342-40D7-9566-427D45E4A886} - System32\Tasks\Microsoft\Windows\PerfTrack\BackgroundConfigSurveyor => {EA9155A3-8A39-40B4-8963-D3C761B18371}
Task: {3A3C87CD-8411-4B19-A4D6-5EA71EF5CC51} - System32\Tasks\Microsoft\Windows\Shell\FamilySafetyUpload => {EBF00FCB-0769-4B81-9BEC-6C05514111AA}
Task: {6DFCB649-0769-4F83-BB10-F60F235F6D3D} - System32\Tasks\Microsoft\Windows\SkyDrive\Idle Sync Maintenance Task => {BF6C1E47-86EC-4194-9CE5-13C15DCB2001}
Task: {872D0E53-FD2E-41E3-B431-698AF82882CE} - System32\Tasks\Microsoft\Windows\SkyDrive\Routine Maintenance Task => {1B1F472E-3221-4826-97DB-2C2324D389AE}
Task: {0CCDBB7E-021A-4DEA-9644-F852928E7E4F} - System32\Tasks\Opera scheduled assistant Autoupdate 1583089720 => C:\Program Files\Opera\launcher.exe [2353056 2023-12-13] (Opera Norway AS -> Opera Software) -> --scheduledautoupdate --component-name=assistant --component-path="C:\Program Files\Opera\assistant" $(Arg0)
Task: {AFBCA974-40A9-4026-95A4-C726A1F9C990} - System32\Tasks\Opera scheduled Autoupdate 1516182081 => C:\Program Files\Opera\launcher.exe [2353056 2023-12-13] (Opera Norway AS -> Opera Software)

(If an entry is included in the fixlist, the task (.job) file will be moved. The file which is running by the task will not be moved.)

Task: C:\WINDOWS\Tasks\CCleanerCrashReporting.job => C:\Program Files\CCleaner\CCleanerBugReport.exe

==================== Internet (Whitelisted) ====================

(If an item is included in the fixlist, if it is a registry item it will be removed or restored to default.)

Tcpip\Parameters: [DhcpNameServer] 172.16.32.3 93.93.32.32 93.93.33.33
Tcpip\..\Interfaces\{6C0FD1B0-B1B2-456A-ABA1-B65612D05AAF}: [DhcpNameServer] 172.16.32.3 93.93.32.32 93.93.33.33
HKU\S-1-5-21-3164086441-1288322857-271608641-1001\SOFTWARE\Policies\Microsoft\Internet Explorer: Restriction <==== ATTENTION

Edge:
=======
Edge Profile: C:\Users\Roman\AppData\Local\Microsoft\Edge\User Data\Default [2023-12-19]
Edge Extension: (Malwarebytes Browser Guard) - C:\Users\Roman\AppData\Local\Microsoft\Edge\User Data\Default\Extensions\bojobppfploabceghnmlahpoonbcbacn [2023-12-19]
Edge Extension: (Dokumenty Google offline) - C:\Users\Roman\AppData\Local\Microsoft\Edge\User Data\Default\Extensions\ghbmnnjooekpmoecnnnilnnbdlolhkhi [2023-12-19]
Edge Extension: (Online Security) - C:\Users\Roman\AppData\Local\Microsoft\Edge\User Data\Default\Extensions\jcpgbnbdnakoblgfkbgggankeidkfcdl [2023-12-19]
Edge Extension: (Edge relevant text changes) - C:\Users\Roman\AppData\Local\Microsoft\Edge\User Data\Default\Extensions\jmjflgjpcpepeafmmgdpfkogkghcpiha [2023-12-19]
Edge HKLM\...\Edge\Extension: [bojobppfploabceghnmlahpoonbcbacn]
Edge HKLM-x32\...\Edge\Extension: [bojobppfploabceghnmlahpoonbcbacn]
Edge HKLM-x32\...\Edge\Extension: [jcpgbnbdnakoblgfkbgggankeidkfcdl]

FireFox:
========
FF DefaultProfile: wbssuqo1.default
FF ProfilePath: C:\Users\Roman\AppData\Roaming\Mozilla\Firefox\Profiles\wbssuqo1.default [2023-12-19]
FF Homepage: Mozilla\Firefox\Profiles\wbssuqo1.default -> about:home
FF NewTab: Mozilla\Firefox\Profiles\wbssuqo1.default -> about:newtab
FF Extension: (AdBlock) - C:\Users\Roman\AppData\Roaming\Mozilla\Firefox\Profiles\wbssuqo1.default\Extensions\jid1-NIfFY2CA8fy1tg@jetpack.xpi [2020-02-04]
FF Plugin: @microsoft.com/SharePoint,version=14.0 -> C:\Program Files\Microsoft Office\root\Office16\NPSPWRAP.DLL [2023-06-06] (Microsoft Corporation -> Microsoft Corporation)
FF Plugin-x32: @adobe.com/ShockwavePlayer -> C:\Windows\SysWOW64\Adobe\Director\np32dsw.dll [2015-11-18] (Adobe Systems, Inc.) [File not signed]
FF Plugin-x32: @esn.me/esnsonar,version=0.70.4 -> C:\Program Files (x86)\Battlelog Web Plugins\Sonar\0.70.4\npesnsonar.dll [2011-11-03] (Electronic Sports Network i Sverige AB -> ESN Social Software AB)
FF Plugin-x32: @esn/esnlaunch,version=2.3.0 -> C:\Program Files (x86)\Battlelog Web Plugins\2.3.0\npesnlaunch.dll [2013-09-16] (ESN Social Software AB) [File not signed]
FF Plugin-x32: @microsoft.com/SharePoint,version=14.0 -> C:\Program Files\Microsoft Office\root\VFS\ProgramFilesX86\Microsoft Office\Office16\NPSPWRAP.DLL [2023-06-06] (Microsoft Corporation -> Microsoft Corporation)
FF Plugin-x32: @videolan.org/vlc,version=2.2.8 -> C:\Program Files (x86)\VideoLAN\VLC\npvlc.dll [2021-06-18] (VideoLAN -> VideoLAN)
FF Plugin-x32: @videolan.org/vlc,version=3.0.16 -> C:\Program Files (x86)\VideoLAN\VLC\npvlc.dll [2021-06-18] (VideoLAN -> VideoLAN)
FF Plugin-x32: @videolan.org/vlc,version=3.0.8 -> C:\Program Files (x86)\VideoLAN\VLC\npvlc.dll [2021-06-18] (VideoLAN -> VideoLAN)

Chrome:
=======
CHR HKLM\...\Chrome\Extension: [ihcjicgdanjaechkgeegckofjjedodee]
CHR HKU\S-1-5-21-3164086441-1288322857-271608641-1001\SOFTWARE\Google\Chrome\Extensions\...\Chrome\Extension: [lmjegmlicamnimmfhcmpkclmigmmcbeh]
CHR HKLM-x32\...\Chrome\Extension: [aegnopegbbhjeeiganiajffnalhlkkjb]
CHR HKLM-x32\...\Chrome\Extension: [eofcbnmajmjmplflapaojjnihcjkigck]
CHR HKLM-x32\...\Chrome\Extension: [ihcjicgdanjaechkgeegckofjjedodee]
CHR HKLM-x32\...\Chrome\Extension: [llbcnfanfmjhpedaedhbcnpgeepdnnok]

Opera:
=======
OPR DefaultProfile: Default

==================== Services (Whitelisted) ===================

(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)

S3 Autodesk Content Service; C:\Program Files (x86)\Autodesk\Content Service\Connect.Service.ContentService.exe [19232 2012-01-31] (Autodesk, Inc. -> Autodesk, Inc.)
S3 CCleanerPerformanceOptimizerService; C:\Program Files\CCleaner\CCleanerPerformanceOptimizerService.exe [1082784 2023-12-05] (PIRIFORM SOFTWARE LIMITED -> Piriform Software Ltd)
R2 ClickToRunSvc; C:\Program Files\Common Files\Microsoft Shared\ClickToRun\OfficeClickToRun.exe [12129160 2021-12-02] (Microsoft Corporation -> Microsoft Corporation)
S3 CPUMonitor; C:\Windows\nssm.exe [331264 2014-08-31] () [File not signed]
R3 Disc Soft Lite Bus Service; C:\Program Files\DAEMON Tools Lite\DiscSoftBusServiceLite.exe [4974416 2023-12-02] (AVB Disc Soft, SIA -> Disc Soft FZE LLC)
S3 EABackgroundService; C:\Program Files\Electronic Arts\EA Desktop\EA Desktop\EABackgroundService.exe [11385960 2023-12-12] (Electronic Arts, Inc. -> Electronic Arts)
S3 MBAMService; C:\Program Files\Malwarebytes\Anti-Malware\mbamservice.exe [9341488 2023-11-30] (Malwarebytes Inc. -> Malwarebytes)
S3 MSI_LiveUpdate_Service; C:\Program Files (x86)\MSI\Live Update\MSI_LiveUpdate_Service.exe [2286032 2017-03-06] (MICRO-STAR INTERNATIONAL CO., LTD. -> Micro-Star INT'L CO., LTD.)
R2 obupdate; C:\Program Files (x86)\OneBrowser\Update\OBUpdateService.exe [3306400 2023-12-17] (Chickadee Digital, LLC -> Chickadee Digital LLC)
R2 PnkBstrA; C:\Windows\system32\PnkBstrA.exe [76152 2022-11-05] (Even Balance, Inc. -> )
S3 Sense; C:\Program Files\Windows Defender Advanced Threat Protection\MsSense.exe [534472 2023-12-13] (Microsoft Windows Publisher -> Microsoft Corporation)
S4 WdNisSvc; C:\ProgramData\Microsoft\Windows Defender\platform\4.18.23100.2009-0\NisSrv.exe [3121120 2023-11-28] (Microsoft Windows Publisher -> Microsoft Corporation)
S4 WinDefend; C:\ProgramData\Microsoft\Windows Defender\platform\4.18.23100.2009-0\MsMpEng.exe [133704 2023-11-28] (Microsoft Windows Publisher -> Microsoft Corporation)
R2 WiseBootAssistant; C:\Program Files (x86)\Wise\Wise Care 365\BootTime.exe [658600 2017-07-06] (Lespeed Technology Ltd. -> WiseCleaner.com)

===================== Drivers (Whitelisted) ===================

(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)

R3 amdfendrmgr; C:\WINDOWS\System32\drivers\amdfendrmgr.sys [25584 2023-06-13] (Microsoft Windows Hardware Compatibility Publisher -> Advanced Micro Devices, Inc.)
S0 amdkmafd; C:\WINDOWS\System32\drivers\amdkmafd.sys [21160 2012-09-23] (Advanced Micro Devices, Inc. -> Advanced Micro Devices, Inc.)
R3 AMDSAFD; C:\WINDOWS\System32\DriverStore\FileRepository\amdsafd.inf_amd64_54807f69fe156f14\amdsafd.sys [113088 2023-04-13] (Advanced Micro Devices Inc. -> Advanced Micro Devices)
R3 amdwddmg; C:\WINDOWS\System32\DriverStore\FileRepository\u0397033.inf_amd64_bf2b1fc18ba7195d\B396953\amdkmdag.sys [106378272 2023-10-26] (Advanced Micro Devices Inc. -> Advanced Micro Devices, Inc.)
S3 aswTap; C:\WINDOWS\system32\DRIVERS\aswTap.sys [53904 2018-02-13] (AVAST Software s.r.o. -> The OpenVPN Project)
S3 atvi-brynhildr; C:\ProgramData\Battle.net_components\brynhildr_odin\brynhildr.sys [2336008 2023-12-05] (Activision Publishing Inc -> Activision Blizzard, Inc.)
S3 BthA2dp; C:\WINDOWS\System32\drivers\BthA2dp.sys [279040 2019-12-07] (Microsoft Corporation) [File not signed]
S3 BthHFEnum; C:\WINDOWS\System32\drivers\bthhfenum.sys [144896 2019-12-07] (Microsoft Corporation) [File not signed]
S3 dg_ssudbus; C:\WINDOWS\system32\DRIVERS\ssudbus2.sys [167440 2022-09-30] (Samsung Electronics CO., LTD. -> Samsung Electronics Co., Ltd.)
R3 dtlitescsibus; C:\WINDOWS\System32\drivers\dtlitescsibus.sys [42256 2023-11-28] (AVB Disc Soft, SIA -> Disc Soft Ltd)
R3 dtliteusbbus; C:\WINDOWS\System32\drivers\dtliteusbbus.sys [63696 2023-11-28] (AVB Disc Soft, SIA -> Disc Soft Ltd)
R1 googledrivefs31357; C:\WINDOWS\System32\DriverStore\FileRepository\googledrivefs31357.inf_amd64_a8bf31a168cf7d00\googledrivefs31357.sys [384712 2023-11-28] (Microsoft Windows Hardware Compatibility Publisher -> Google, Inc.)
R2 inpoutx64; C:\WINDOWS\System32\Drivers\inpoutx64.sys [15008 2018-02-11] (Red Fox UK Limited -> Highresolution Enterprises [www.highrez.co.uk])
S3 kltap; C:\WINDOWS\system32\DRIVERS\kltap.sys [52152 2016-06-07] (AnchorFree Inc -> The OpenVPN Project)
S0 MbamElam; C:\WINDOWS\System32\DRIVERS\MbamElam.sys [21480 2022-09-27] (Microsoft Windows Early Launch Anti-malware Publisher -> Malwarebytes)
S3 MBAMSwissArmy; C:\WINDOWS\System32\Drivers\mbamswissarmy.sys [239544 2022-09-28] (Microsoft Windows Hardware Compatibility Publisher -> Malwarebytes)
R3 mcaudrv_simple; C:\WINDOWS\system32\drivers\mcaudrv_x64.sys [35960 2014-12-29] (ManyCam -> Visicom Media Inc.)
S3 ssudmdm; C:\WINDOWS\system32\DRIVERS\ssudmdm.sys [174112 2022-09-30] (Samsung Electronics CO., LTD. -> Samsung Electronics Co., Ltd.)
S3 USBAAPL64; C:\WINDOWS\System32\Drivers\usbaapl64.sys [54784 2016-12-21] (Apple, Inc.) [File not signed]
S3 WdBoot; C:\WINDOWS\system32\drivers\wd\WdBoot.sys [55744 2023-11-28] (Microsoft Windows Early Launch Anti-malware Publisher -> Microsoft Corporation)
S3 WdFilter; C:\WINDOWS\System32\drivers\wd\WdFilter.sys [578856 2023-11-28] (Microsoft Windows -> Microsoft Corporation)
S3 wdm_usb; C:\WINDOWS\system32\DRIVERS\usb2ser.sys [159936 2016-08-16] (NGO -> MBB)
S4 WdNisDrv; C:\WINDOWS\System32\drivers\wd\WdNisDrv.sys [105768 2023-11-28] (Microsoft Windows -> Microsoft Corporation)
S3 WiseHDInfo; C:\Windows\WiseHDInfo64.dll [33864 2018-02-13] (Beijing Lang Xingda Network Technology Co., Ltd -> wisecleaner.com)
S3 WiseRegNotify; C:\Windows\WiseRegNotify.sys [51272 2018-02-12] (Beijing Lang Xingda Network Technology Co., Ltd -> WiseCleaner.com)
S3 WiseUnlock; C:\Windows\WiseUnlock64.sys [33864 2018-02-13] (Beijing Lang Xingda Network Technology Co., Ltd -> WiseCleaner.com)
S1 amsdk; \??\C:\WINDOWS\system32\drivers\amsdk.sys [X]

==================== NetSvcs (Whitelisted) ===================

(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)


==================== One month (created) (Whitelisted) =========

(If an entry is included in the fixlist, the file/folder will be moved.)

2023-12-19 20:41 - 2023-12-19 20:41 - 000021375 _____ C:\Users\Roman\Desktop\FRST.txt
2023-12-19 20:40 - 2023-12-19 20:41 - 000000000 ____D C:\FRST
2023-12-19 20:40 - 2023-12-19 20:40 - 002387456 _____ (Farbar) C:\Users\Roman\Desktop\FRST64 (1).exe
2023-12-19 20:40 - 2023-12-19 20:40 - 000000000 ____D C:\Users\Roman\Desktop\FRST-OlderVersion
2023-12-19 20:30 - 2023-12-19 20:30 - 000547892 _____ (glax24 (safezone.cc)) C:\Users\Roman\Downloads\SecurityCheck (1).exe
2023-12-19 20:28 - 2023-12-19 20:30 - 000000000 ____D C:\SecurityCheck
2023-12-19 20:28 - 2023-12-19 20:28 - 000547892 _____ (glax24 (safezone.cc)) C:\Users\Roman\Downloads\SecurityCheck.exe
2023-12-19 20:28 - 2023-12-19 20:28 - 000518860 _____ (glax24 (safezone.cc)) C:\Users\Roman\Desktop\SecurityCheck (1).exe
2023-12-19 19:53 - 2023-12-19 19:53 - 000001852 _____ C:\Users\Roman\Desktop\SecurityCheck.exe
2023-12-19 17:48 - 2023-12-19 17:48 - 000226168 _____ C:\WINDOWS\SysWOW64\PnkBstrB.exe
2023-12-19 17:48 - 2023-12-19 17:48 - 000214392 _____ C:\WINDOWS\SysWOW64\PnkBstrB.ex0
2023-12-19 17:01 - 2023-12-19 17:01 - 000000000 ___SD C:\WINDOWS\system32\containers
2023-12-19 17:01 - 2023-12-19 17:01 - 000000000 ____D C:\WINDOWS\system32\HvsiSettingsProviders
2023-12-19 16:54 - 2023-12-19 16:57 - 000060562 _____ C:\WINDOWS\ZAM.krnl.trace
2023-12-19 16:28 - 2023-12-19 16:28 - 000000646 _____ C:\DelFix.txt
2023-12-19 16:16 - 2023-12-19 19:01 - 000001134 _____ C:\WINDOWS\system32\config\VSMIDK
2023-12-19 10:58 - 2023-12-19 10:58 - 000000000 ____D C:\Users\Roman\AppData\Local\OneDrive
2023-12-19 07:22 - 2023-12-19 07:22 - 000000000 ____D C:\Users\Roman\AppData\Local\cache
2023-12-19 06:36 - 2023-12-19 06:36 - 005114192 _____ C:\WINDOWS\system32\FNTCACHE.DAT
2023-12-19 06:31 - 2023-12-19 06:31 - 000000000 ____D C:\ProgramData\Piriform
2023-12-19 06:06 - 2023-12-19 06:06 - 000000008 __RSH C:\ProgramData\ntuser.pol
2023-12-19 06:05 - 2014-02-13 23:59 - 000024064 _____ C:\WINDOWS\zoek-delete.exe
2023-12-18 07:08 - 2023-12-18 07:08 - 000000000 ____D C:\Users\Roman\AppData\Roaming\FLT
2023-12-18 07:07 - 2023-12-19 08:16 - 000000994 _____ C:\Users\Roman\Desktop\Crysis 3 Remastered.lnk
2023-12-18 06:22 - 2023-12-18 06:22 - 000000000 ____D C:\Program Files\CrystalDiskInfo
2023-12-18 06:04 - 2023-12-18 06:04 - 000000925 _____ C:\Users\Roman\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Temp File Cleaner.lnk
2023-12-18 06:04 - 2023-12-18 06:04 - 000000000 ____D C:\Users\Roman\AppData\Roaming\addpcs
2023-12-18 06:04 - 2023-12-18 06:04 - 000000000 ____D C:\Program Files\Temp File Cleaner
2023-12-18 05:48 - 2023-12-18 05:48 - 000000000 ____D C:\Users\Roman\AppData\LocalLow\AMD
2023-12-17 20:11 - 2023-12-17 20:11 - 000000000 ____D C:\ProgramData\AMD
2023-12-17 20:07 - 2023-08-29 16:37 - 000721344 _____ C:\WINDOWS\system32\hiprt0200064.dll
2023-12-17 20:07 - 2023-08-29 15:42 - 031938072 _____ C:\WINDOWS\system32\hiprt02000_amd.hipfb
2023-12-17 20:07 - 2023-08-29 15:42 - 023302232 _____ C:\WINDOWS\system32\hiprt02000_nv.fatbin
2023-12-17 20:07 - 2023-08-29 15:42 - 002433848 _____ C:\WINDOWS\system32\oro_compiled_kernels.hipfb
2023-12-17 20:07 - 2023-08-29 15:42 - 002000584 _____ C:\WINDOWS\system32\oro_compiled_kernels.fatbin
2023-12-17 19:39 - 2023-12-17 19:39 - 000000000 ___HD C:\$SysReset
2023-12-17 17:35 - 2023-12-19 19:01 - 000008192 ___SH C:\DumpStack.log.tmp
2023-12-17 17:35 - 2023-12-17 18:47 - 000000000 ____D C:\WINDOWS\Minidump
2023-12-17 16:46 - 2023-12-17 16:46 - 000000000 ____D C:\Users\Roman\AppData\Local\OneBrowser
2023-12-17 16:39 - 2023-12-17 16:39 - 000000000 ___HD C:\$AV_AVG
2023-12-17 16:38 - 2023-12-17 16:38 - 000314304 _____ (AVG Technologies CZ, s.r.o.) C:\WINDOWS\system32\avgBoot.exe
2023-12-17 16:37 - 2023-12-17 16:45 - 000000000 ____D C:\ProgramData\AVG
2023-12-17 16:37 - 2023-12-17 16:39 - 000000000 ____D C:\Program Files (x86)\progIqUE
2023-12-17 16:37 - 2023-12-17 16:37 - 000000000 ____D C:\Users\Roman\AppData\Local\Gh
2023-12-17 16:35 - 2023-12-17 16:35 - 000002322 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Programs\OneBrowser.lnk
2023-12-17 16:35 - 2023-12-17 16:35 - 000001090 _____ C:\Users\Roman\Downloads\install.exe.lnk
2023-12-17 16:35 - 2023-12-17 16:35 - 000000000 ____D C:\Program Files (x86)\OneBrowser
2023-12-17 09:21 - 2023-12-17 09:21 - 000003358 _____ C:\WINDOWS\system32\Tasks\OneDrive Standalone Update Task-S-1-5-21-3164086441-1288322857-271608641-1001
2023-12-17 09:21 - 2023-12-17 09:21 - 000002377 _____ C:\Users\Roman\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\OneDrive.lnk
2023-12-16 15:50 - 2023-12-16 15:50 - 000000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Monkey's Audio
2023-12-16 15:50 - 2023-12-16 15:50 - 000000000 ____D C:\Program Files (x86)\Monkey's Audio
2023-12-16 15:50 - 2015-03-24 20:55 - 000445952 _____ (Matthew T. Ashland) C:\WINDOWS\SysWOW64\MACDll.dll
2023-12-15 05:50 - 2023-12-16 12:46 - 000000666 _____ C:\WINDOWS\Tasks\CCleanerCrashReporting.job
2023-12-15 05:50 - 2023-12-15 05:50 - 000003936 _____ C:\WINDOWS\system32\Tasks\CCleaner Update
2023-12-15 05:50 - 2023-12-15 05:50 - 000003380 _____ C:\WINDOWS\system32\Tasks\CCleanerCrashReporting
2023-12-14 15:18 - 2023-12-14 15:18 - 000003938 _____ C:\WINDOWS\system32\Tasks\Opera scheduled Autoupdate 1516182081
2023-12-14 15:18 - 2023-12-14 15:18 - 000001113 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Prohlížeč Opera.lnk
2023-12-14 14:35 - 2023-12-14 14:35 - 000000000 ____D C:\WINDOWS\InboxApps
2023-12-13 15:36 - 2023-12-13 15:36 - 000016707 _____ C:\WINDOWS\system32\IntegratedServicesRegionPolicySet.json
2023-12-13 15:28 - 2023-12-13 15:28 - 000000000 ___HD C:\$WinREAgent
2023-12-06 16:06 - 2023-10-26 16:42 - 000846880 _____ C:\WINDOWS\system32\vulkaninfo-1-999-0-0-0.exe
2023-12-06 16:06 - 2023-10-26 16:42 - 000846880 _____ C:\WINDOWS\system32\vulkaninfo.exe
2023-12-06 16:06 - 2023-10-26 16:42 - 000727584 _____ C:\WINDOWS\SysWOW64\vulkaninfo-1-999-0-0-0.exe
2023-12-06 16:06 - 2023-10-26 16:42 - 000727584 _____ C:\WINDOWS\SysWOW64\vulkaninfo.exe
2023-12-06 16:06 - 2023-10-26 16:42 - 000672192 _____ C:\WINDOWS\system32\vulkan-1-999-0-0-0.dll
2023-12-06 16:06 - 2023-10-26 16:42 - 000672192 _____ C:\WINDOWS\system32\vulkan-1.dll
2023-12-06 16:06 - 2023-10-26 16:42 - 000657792 _____ C:\WINDOWS\SysWOW64\vulkan-1-999-0-0-0.dll
2023-12-06 16:06 - 2023-10-26 16:42 - 000657792 _____ C:\WINDOWS\SysWOW64\vulkan-1.dll
2023-12-06 16:06 - 2023-10-26 16:42 - 000597936 _____ C:\WINDOWS\system32\GameManager64.dll
2023-12-06 16:06 - 2023-10-26 16:42 - 000539064 _____ C:\WINDOWS\system32\libsmi_guest.dll
2023-12-06 16:06 - 2023-10-26 16:42 - 000514480 _____ C:\WINDOWS\system32\libsmi_host.dll
2023-12-06 16:06 - 2023-10-26 16:42 - 000494008 _____ C:\WINDOWS\system32\EEURestart.exe
2023-12-06 16:06 - 2023-10-26 16:42 - 000452536 _____ C:\WINDOWS\SysWOW64\GameManager32.dll
2023-12-06 16:06 - 2023-10-26 16:42 - 000197560 _____ C:\WINDOWS\system32\mantle64.dll
2023-12-06 16:06 - 2023-10-26 16:42 - 000176560 _____ C:\WINDOWS\system32\mantleaxl64.dll
2023-12-06 16:06 - 2023-10-26 16:42 - 000174624 _____ (Advanced Micro Devices, Inc. ) C:\WINDOWS\system32\atisamu64.dll
2023-12-06 16:06 - 2023-10-26 16:42 - 000155680 _____ C:\WINDOWS\SysWOW64\mantle32.dll
2023-12-06 16:06 - 2023-10-26 16:42 - 000139296 _____ C:\WINDOWS\SysWOW64\mantleaxl32.dll
2023-12-06 16:06 - 2023-10-26 16:42 - 000138784 _____ (Advanced Micro Devices, Inc. ) C:\WINDOWS\SysWOW64\atisamu32.dll
2023-12-06 16:06 - 2023-10-26 16:41 - 011747104 _____ C:\WINDOWS\system32\amdsmi.exe
2023-12-06 16:06 - 2023-10-26 16:41 - 002235424 _____ (Advanced Micro Devices, Inc.) C:\WINDOWS\system32\amdsasrv64.dll
2023-12-06 16:06 - 2023-10-26 16:41 - 002089912 _____ (Advanced Micro Devices, Inc.) C:\WINDOWS\system32\atiadlxx.dll
2023-12-06 16:06 - 2023-10-26 16:41 - 001607600 _____ (Advanced Micro Devices, Inc.) C:\WINDOWS\SysWOW64\atiadlxy.dll
2023-12-06 16:06 - 2023-10-26 16:41 - 001607600 _____ (Advanced Micro Devices, Inc.) C:\WINDOWS\SysWOW64\atiadlxx.dll
2023-12-06 16:06 - 2023-10-26 16:41 - 001328672 _____ (Advanced Micro Devices, Inc.) C:\WINDOWS\system32\amdsacli64.dll
2023-12-06 16:06 - 2023-10-26 16:41 - 001049632 _____ (Advanced Micro Devices, Inc.) C:\WINDOWS\SysWOW64\amdsacli32.dll
2023-12-06 16:06 - 2023-10-26 16:41 - 000965664 _____ (AMD) C:\WINDOWS\system32\atieclxx.exe
2023-12-06 16:06 - 2023-10-26 16:41 - 000933920 _____ (Advanced Micro Devices, Inc.) C:\WINDOWS\system32\amdlvr64.dll
2023-12-06 16:06 - 2023-10-26 16:41 - 000761376 _____ (Advanced Micro Devices, Inc.) C:\WINDOWS\SysWOW64\amdlvr32.dll
2023-12-06 16:06 - 2023-10-26 16:41 - 000527392 _____ C:\WINDOWS\system32\atieah64.exe
2023-12-06 16:06 - 2023-10-26 16:41 - 000463392 _____ (Advanced Micro Devices, Inc.) C:\WINDOWS\system32\atidemgy.dll
2023-12-06 16:06 - 2023-10-26 16:41 - 000396320 _____ C:\WINDOWS\SysWOW64\atieah32.exe
2023-12-06 16:06 - 2023-10-26 16:41 - 000256952 _____ (Advanced Micro Devices, Inc. ) C:\WINDOWS\system32\atig6txx.dll
2023-12-06 16:06 - 2023-10-26 16:41 - 000219168 _____ (Advanced Micro Devices, Inc. ) C:\WINDOWS\SysWOW64\atigktxx.dll
2023-12-06 16:06 - 2023-10-26 16:41 - 000200936 _____ (Advanced Micro Devices, Inc. ) C:\WINDOWS\system32\aticfx64.dll
2023-12-06 16:06 - 2023-10-26 16:41 - 000186400 _____ (AMD) C:\WINDOWS\system32\atimuixx.dll
2023-12-06 16:06 - 2023-10-26 16:41 - 000164960 _____ (Advanced Micro Devices, Inc. ) C:\WINDOWS\SysWOW64\aticfx32.dll
2023-12-06 16:06 - 2023-10-26 16:41 - 000132528 _____ (Advanced Micro Devices, Inc.) C:\WINDOWS\system32\amfrt64.dll
2023-12-06 16:06 - 2023-10-26 16:41 - 000129056 _____ C:\WINDOWS\system32\amdxc64.dll
2023-12-06 16:06 - 2023-10-26 16:41 - 000108464 _____ (Advanced Micro Devices, Inc.) C:\WINDOWS\SysWOW64\amfrt32.dll
2023-12-06 16:06 - 2023-10-26 16:41 - 000104888 _____ C:\WINDOWS\SysWOW64\amdxc32.dll
2023-12-06 16:06 - 2023-10-26 16:41 - 000064944 _____ (Advanced Micro Devices, Inc.) C:\WINDOWS\system32\ati2erec.dll
2023-12-06 16:06 - 2023-10-26 16:40 - 105391032 _____ C:\WINDOWS\system32\amd_comgr.dll
2023-12-06 16:06 - 2023-10-26 16:40 - 088596400 _____ C:\WINDOWS\SysWOW64\amd_comgr32.dll
2023-12-06 16:06 - 2023-10-26 16:40 - 019424288 _____ (Advanced Micro Devices Inc.) C:\WINDOWS\system32\amdhip64.dll
2023-12-06 16:06 - 2023-10-26 16:40 - 004375072 _____ (Advanced Micro Devices, Inc.) C:\WINDOWS\system32\amdadlx64.dll
2023-12-06 16:06 - 2023-10-26 16:40 - 004180000 _____ (Advanced Micro Devices, Inc.) C:\WINDOWS\SysWOW64\amdadlx32.dll
2023-12-06 16:06 - 2023-10-26 16:40 - 001701144 _____ (AMD) C:\WINDOWS\system32\amf-mft-mjpeg-decoder64.dll
2023-12-06 16:06 - 2023-10-26 16:40 - 001378456 _____ (AMD) C:\WINDOWS\SysWOW64\amf-mft-mjpeg-decoder32.dll
2023-12-06 16:06 - 2023-10-26 16:40 - 000791584 _____ (Advanced Micro Devices, Inc.) C:\WINDOWS\system32\Rapidfire64.dll
2023-12-06 16:06 - 2023-10-26 16:40 - 000668704 _____ (Advanced Micro Devices, Inc.) C:\WINDOWS\SysWOW64\Rapidfire.dll
2023-12-06 16:06 - 2023-10-26 16:40 - 000560160 _____ C:\WINDOWS\system32\amdgfxinfo64.dll
2023-12-06 16:06 - 2023-10-26 16:40 - 000532912 _____ C:\WINDOWS\system32\dgtrayicon.exe
2023-12-06 16:06 - 2023-10-26 16:40 - 000514992 _____ (Khronos Group) C:\WINDOWS\system32\OpenCL.dll
2023-12-06 16:06 - 2023-10-26 16:40 - 000461240 _____ C:\WINDOWS\system32\amdlogum.exe
2023-12-06 16:06 - 2023-10-26 16:40 - 000423856 _____ C:\WINDOWS\SysWOW64\amdgfxinfo32.dll
2023-12-06 16:06 - 2023-10-26 16:40 - 000380848 _____ (Khronos Group) C:\WINDOWS\SysWOW64\OpenCL.dll
2023-12-06 16:06 - 2023-10-26 16:40 - 000328040 _____ (Advanced Micro Devices, Inc.) C:\WINDOWS\system32\amdfendr.stz
2023-12-06 16:06 - 2023-10-26 16:40 - 000222688 _____ (Advanced Micro Devices, Inc.) C:\WINDOWS\system32\amdihk64.dll
2023-12-06 16:06 - 2023-10-26 16:40 - 000177856 _____ (Advanced Micro Devices, Inc.) C:\WINDOWS\SysWOW64\amdihk32.dll
2023-12-06 16:06 - 2023-10-26 16:40 - 000166832 _____ (Advanced Micro Devices, Inc. ) C:\WINDOWS\system32\amdmmcl6.dll
2023-12-06 16:06 - 2023-10-26 16:40 - 000155968 _____ (Advanced Micro Devices, Inc. ) C:\WINDOWS\system32\atimpc64.dll
2023-12-06 16:06 - 2023-10-26 16:40 - 000146064 _____ C:\WINDOWS\system32\atidxx64.dll
2023-12-06 16:06 - 2023-10-26 16:40 - 000135608 _____ (Advanced Micro Devices, Inc. ) C:\WINDOWS\system32\amdmmcl.dll
2023-12-06 16:06 - 2023-10-26 16:40 - 000127328 _____ (Advanced Micro Devices, Inc. ) C:\WINDOWS\SysWOW64\atimpc32.dll
2023-12-06 16:06 - 2023-10-26 16:40 - 000119984 _____ C:\WINDOWS\SysWOW64\atidxx32.dll
2023-12-06 16:06 - 2023-10-26 16:40 - 000093104 _____ C:\WINDOWS\system32\clinfo.exe
2023-12-06 16:06 - 2023-10-26 16:40 - 000046440 _____ (Advanced Micro Devices, Inc.) C:\WINDOWS\system32\amdfendrmgr.stz
2023-12-06 16:06 - 2023-10-26 16:40 - 000041504 _____ (Advanced Micro Devices, Inc.) C:\WINDOWS\system32\RapidFireServer64.dll
2023-12-06 16:06 - 2023-10-26 16:40 - 000038432 _____ (Advanced Micro Devices, Inc.) C:\WINDOWS\SysWOW64\RapidFireServer.dll
2023-12-06 16:06 - 2023-10-26 16:39 - 000557448 _____ C:\WINDOWS\system32\amdmiracast.dll
2023-12-06 16:06 - 2023-10-26 16:39 - 000166328 _____ (Advanced Micro Devices, Inc. ) C:\WINDOWS\system32\amdave64.dll
2023-12-06 16:06 - 2023-10-26 16:39 - 000155968 _____ (Advanced Micro Devices, Inc. ) C:\WINDOWS\system32\amdpcom64.dll
2023-12-06 16:06 - 2023-10-26 16:39 - 000141272 _____ (Advanced Micro Devices, Inc. ) C:\WINDOWS\SysWOW64\amdave32.dll
2023-12-06 16:06 - 2023-10-26 16:39 - 000127440 _____ (Advanced Micro Devices, Inc. ) C:\WINDOWS\SysWOW64\amdpcom32.dll
2023-12-06 16:06 - 2023-10-26 15:53 - 109628272 _____ C:\WINDOWS\system32\amdxc64.so
2023-12-06 05:55 - 2023-12-06 05:56 - 654624176 _____ (Advanced Micro Devices, Inc.) C:\Users\Roman\Desktop\whql-amd-software-adrenalin-edition-23.11.1-win10-win11-nov3-vega-polaris.exe

[PARKR]

pokračování ..
2023-12-05 22:38 - 2023-12-05 22:38 - 000000000 ____D C:\Users\Roman\Documents\Call of Duty Modern Warfare
2023-12-05 22:06 - 2023-12-05 22:06 - 000000671 _____ C:\Users\Public\Desktop\Call of Duty Modern Warfare.lnk
2023-12-05 22:06 - 2023-12-05 22:06 - 000000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Call of Duty Modern Warfare
2023-12-05 18:20 - 2023-12-05 18:20 - 000000000 ____D C:\ProgramData\Battle.net_components
2023-12-05 18:15 - 2023-12-05 18:15 - 000000000 ____D C:\ProgramData\Blizzard Entertainment
2023-12-05 18:09 - 2023-12-10 10:32 - 000000000 ____D C:\Users\Roman\AppData\Local\Battle.net
2023-12-05 18:09 - 2023-12-05 18:15 - 000000000 ____D C:\Users\Roman\AppData\Roaming\Battle.net
2023-12-05 18:09 - 2023-12-05 18:09 - 000000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Battle.net
2023-12-05 18:08 - 2023-12-05 18:15 - 000000000 ____D C:\Program Files (x86)\Battle.net
2023-12-03 09:01 - 2022-09-30 05:23 - 000167440 _____ (Samsung Electronics Co., Ltd.) C:\WINDOWS\system32\Drivers\ssudbus2.sys
2023-12-02 14:11 - 2023-12-02 14:11 - 000001843 _____ C:\Users\Roman\Desktop\Webshare klient.lnk
2023-12-02 14:11 - 2023-12-02 14:11 - 000000000 ____D C:\Users\Roman\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Webshare klient
2023-12-02 14:11 - 2023-12-02 14:11 - 000000000 ____D C:\Program Files\Webshare klient
2023-12-02 10:34 - 2023-12-02 10:34 - 000000000 ___SD C:\Users\Roman\Documents\Zdroje dat
2023-12-02 10:18 - 2023-12-02 10:18 - 000000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\DAEMON Tools Lite
2023-12-02 09:30 - 2023-12-02 09:30 - 003553624 _____ (Opera Software) C:\Users\Roman\Downloads\OperaGXSetup.exe
2023-12-02 08:48 - 2022-09-30 05:24 - 000174112 _____ (Samsung Electronics Co., Ltd.) C:\WINDOWS\system32\Drivers\ssudmdm.sys
2023-11-30 18:57 - 2023-12-19 16:06 - 000000000 ____D C:\Users\Roman\AppData\Local\Malwarebytes
2023-11-30 18:46 - 2023-12-19 16:11 - 000000000 ____D C:\Users\Roman\AppData\LocalLow\IGDump
2023-11-30 16:52 - 2023-11-30 16:52 - 000000000 ____D C:\ProgramData\PLUG
2023-11-29 18:36 - 2023-11-29 18:36 - 000000000 ____D C:\Program Files\Microsoft Update Health Tools
2023-11-29 18:30 - 2023-11-29 18:30 - 000000000 ____D C:\Program Files\RUXIM
2023-11-29 17:34 - 2023-11-30 18:52 - 000000000 ____D C:\Users\Roman\Desktop\aktivace
2023-11-29 04:59 - 2023-12-17 09:21 - 000003588 _____ C:\WINDOWS\system32\Tasks\OneDrive Reporting Task-S-1-5-21-3164086441-1288322857-271608641-1001
2023-11-28 20:23 - 2023-12-02 10:18 - 000000000 ____D C:\Program Files\DAEMON Tools Lite
2023-11-28 20:23 - 2023-11-28 20:23 - 000063696 _____ (Disc Soft Ltd) C:\WINDOWS\system32\Drivers\dtliteusbbus.sys
2023-11-28 20:23 - 2023-11-28 20:23 - 000042256 _____ (Disc Soft Ltd) C:\WINDOWS\system32\Drivers\dtlitescsibus.sys
2023-11-28 19:53 - 2023-12-19 07:13 - 000000000 ____D C:\Program Files\CCleaner
2023-11-28 19:53 - 2023-11-28 19:53 - 000002884 _____ C:\WINDOWS\system32\Tasks\CCleanerSkipUAC - Roman
2023-11-28 19:53 - 2023-11-28 19:53 - 000000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\CCleaner
2023-11-28 19:37 - 2023-11-28 19:37 - 000000000 ____D C:\tmpDownload
2023-11-28 18:40 - 2023-11-28 18:40 - 000000436 _____ C:\Users\Roman\Desktop\Tento počítač – zástupce.lnk
2023-11-28 18:38 - 2023-12-19 19:05 - 000004502 _____ C:\WINDOWS\system32\PerfStringBackup.INI
2023-11-28 18:37 - 2023-12-19 10:58 - 000000000 ____D C:\Users\Roman\AppData\Local\D3DSCache
2023-11-28 18:37 - 2023-12-17 17:39 - 000000000 ____D C:\WINDOWS\system32\AMD
2023-11-28 18:37 - 2023-12-15 07:01 - 000000000 ____D C:\Users\Roman\AppData\Local\PlaceholderTileLogoFolder
2023-11-28 18:37 - 2023-11-28 18:37 - 000000000 ___RD C:\Users\Roman\OneDrive
2023-11-28 18:37 - 2023-11-28 18:37 - 000000000 ____D C:\ProgramData\Microsoft OneDrive
2023-11-28 18:37 - 2023-10-26 16:41 - 000105488 _____ (Advanced Micro Devices, Inc.) C:\WINDOWS\system32\Drivers\amdkmpfd.sys
2023-11-28 18:34 - 2023-12-02 08:05 - 000000000 ____D C:\ProgramData\Packages
2023-11-28 18:34 - 2023-11-29 04:59 - 000000000 ____D C:\Users\Roman\AppData\Local\ConnectedDevicesPlatform
2023-11-28 18:34 - 2023-11-28 18:38 - 000000000 ____D C:\Users\Roman\AppData\Local\Publishers
2023-11-28 18:34 - 2023-11-28 18:34 - 000003714 _____ C:\WINDOWS\system32\Tasks\MicrosoftEdgeUpdateTaskMachineUA{0D928BDE-0C61-42D2-A076-24A55912B0F9}
2023-11-28 18:34 - 2023-11-28 18:34 - 000003590 _____ C:\WINDOWS\system32\Tasks\MicrosoftEdgeUpdateTaskMachineCore{E5E5419F-7330-4545-B606-A14D7D4EA323}
2023-11-28 18:34 - 2023-11-28 18:34 - 000000020 ___SH C:\Users\Roman\ntuser.ini
2023-11-28 18:34 - 2023-11-28 18:34 - 000000000 ___RD C:\Users\Roman\3D Objects
2023-11-28 18:34 - 2023-11-28 18:34 - 000000000 ____D C:\Users\Roman\AppData\Local\Comms
2023-11-28 18:33 - 2023-12-19 19:01 - 000000006 ____H C:\WINDOWS\Tasks\SA.DAT
2023-11-28 18:33 - 2023-12-07 15:29 - 000003768 _____ C:\WINDOWS\system32\Tasks\GoogleUpdateTaskMachineUA
2023-11-28 18:33 - 2023-12-07 15:29 - 000003644 _____ C:\WINDOWS\system32\Tasks\GoogleUpdateTaskMachineCore
2023-11-28 18:33 - 2023-11-28 20:35 - 000000000 ____D C:\WINDOWS\system32\Drivers\wd
2023-11-28 18:33 - 2023-11-28 18:33 - 000003250 _____ C:\WINDOWS\system32\Tasks\Opera scheduled assistant Autoupdate 1583089720
2023-11-28 18:33 - 2023-11-28 18:33 - 000003110 _____ C:\WINDOWS\system32\Tasks\User_Feed_Synchronization-{558DEA9B-AE4E-42DB-B3BA-255674712589}
2023-11-28 18:33 - 2023-11-28 18:33 - 000002750 _____ C:\WINDOWS\system32\Tasks\Optimize Start Menu Cache Files-S-1-5-21-3164086441-1288322857-271608641-1001
2023-11-28 18:33 - 2023-11-28 18:33 - 000002150 _____ C:\WINDOWS\system32\Tasks\{C30BB5A5-9E23-444F-A450-A9CB8B282090}
2023-11-28 18:33 - 2023-11-28 18:33 - 000002144 _____ C:\WINDOWS\system32\Tasks\{977C5418-B343-424B-A9C2-8A0F33BD3106}
2023-11-28 18:33 - 2023-11-28 18:33 - 000002094 _____ C:\WINDOWS\system32\Tasks\{B5A7E01A-B572-4972-8D70-EED030CA29B2}
2023-11-28 18:33 - 2023-11-28 18:33 - 000002082 _____ C:\WINDOWS\system32\Tasks\{530F65A9-5287-4B5F-83F4-98E3FF9F55D8}
2023-11-28 18:33 - 2023-11-28 18:33 - 000000000 ____D C:\WINDOWS\system32\Tasks\WPD
2023-11-28 18:33 - 2023-11-28 18:33 - 000000000 ____D C:\WINDOWS\system32\Tasks\COMODO
2023-11-28 18:33 - 2023-11-28 18:33 - 000000000 ____D C:\WINDOWS\system32\Tasks\Avast Software
2023-11-28 18:32 - 2023-11-28 18:33 - 000007623 _____ C:\WINDOWS\diagwrn.xml
2023-11-28 18:32 - 2023-11-28 18:33 - 000007623 _____ C:\WINDOWS\diagerr.xml
2023-11-28 18:32 - 2023-11-28 18:32 - 000000000 ____D C:\Users\Roman\AppData\Roaming\Microsoft\SystemCertificates
2023-11-28 18:32 - 2023-11-28 18:32 - 000000000 ____D C:\Users\Roman\AppData\Roaming\Microsoft\Network
2023-11-28 18:32 - 2023-11-28 18:32 - 000000000 ____D C:\Users\Roman\AppData\Roaming\Microsoft\Crypto
2023-11-28 18:32 - 2023-11-28 18:32 - 000000000 ____D C:\Users\Default\AppData\Roaming\Microsoft\Network
2023-11-28 18:30 - 2023-12-18 10:30 - 000000000 ____D C:\Users\Roman
2023-11-28 18:30 - 2023-11-28 18:32 - 000000000 ____D C:\Users\Roman\AppData\Roaming\Microsoft\Windows
2023-11-28 18:30 - 2023-11-28 18:30 - 000000000 _SHDL C:\Users\Roman\Šablony
2023-11-28 18:30 - 2023-11-28 18:30 - 000000000 _SHDL C:\Users\Roman\Soubory cookie
2023-11-28 18:30 - 2023-11-28 18:30 - 000000000 _SHDL C:\Users\Roman\Poslední
2023-11-28 18:30 - 2023-11-28 18:30 - 000000000 _SHDL C:\Users\Roman\Okolní tiskárny
2023-11-28 18:30 - 2023-11-28 18:30 - 000000000 _SHDL C:\Users\Roman\Okolní síť
2023-11-28 18:30 - 2023-11-28 18:30 - 000000000 _SHDL C:\Users\Roman\Nabídka Start
2023-11-28 18:30 - 2023-11-28 18:30 - 000000000 _SHDL C:\Users\Roman\Dokumenty
2023-11-28 18:30 - 2023-11-28 18:30 - 000000000 _SHDL C:\Users\Roman\Documents\Obrázky
2023-11-28 18:30 - 2023-11-28 18:30 - 000000000 _SHDL C:\Users\Roman\Documents\Hudba
2023-11-28 18:30 - 2023-11-28 18:30 - 000000000 _SHDL C:\Users\Roman\Documents\Filmy
2023-11-28 18:30 - 2023-11-28 18:30 - 000000000 _SHDL C:\Users\Roman\Data aplikací
2023-11-28 18:30 - 2023-11-28 18:30 - 000000000 _SHDL C:\Users\Roman\AppData\Roaming\Microsoft\Windows\Start Menu\Programy
2023-11-28 18:30 - 2023-11-28 18:30 - 000000000 _SHDL C:\Users\Roman\AppData\Local\Data aplikací
2023-11-28 18:30 - 2023-11-28 18:30 - 000000000 ____D C:\Users\Roman\AppData\Roaming\Microsoft\Protect
2023-11-28 18:24 - 2023-12-17 09:21 - 000002436 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Microsoft Edge.lnk
2023-11-28 18:23 - 2023-12-19 15:02 - 000000000 ____D C:\WINDOWS\system32\SleepStudy
2023-11-28 18:21 - 2023-11-28 18:23 - 000000000 ____D C:\WINDOWS\system32\config\bbimigrate
2023-11-28 18:21 - 2023-11-28 18:21 - 000000000 ____D C:\WINDOWS\ServiceProfiles
2023-11-28 18:20 - 2023-11-28 18:20 - 000008192 _____ C:\WINDOWS\system32\config\userdiff
2023-11-28 17:56 - 2023-12-10 19:01 - 000000000 ___DC C:\WINDOWS\Panther
2023-11-28 17:46 - 2023-11-28 17:56 - 000000000 ____D C:\ESD
2023-11-28 17:42 - 2023-11-28 17:42 - 000000000 ___HD C:\$Windows.~WS
2023-11-27 18:34 - 2023-11-27 18:34 - 000000000 ____D C:\ProgramData\Activision
2023-11-27 17:31 - 2023-11-27 17:31 - 000131384 _____ (Realtek Semiconductor Corporation) C:\WINDOWS\system32\RtNicProp64.dll
2023-11-27 17:30 - 2023-11-27 17:30 - 000131984 _____ (Samsung Electronics Co., Ltd.) C:\WINDOWS\system32\Drivers\ssudbus.sys
2023-11-27 17:29 - 2023-11-27 17:29 - 000285240 _____ (Intel Corporation) C:\WINDOWS\system32\Drivers\TeeDriverW8x64.sys
2023-11-26 22:11 - 2023-12-05 18:07 - 000000000 ____D C:\ProgramData\Battle.net
2023-11-26 22:11 - 2023-11-26 22:11 - 000000000 ____D C:\Users\Roman\AppData\Local\Blizzard Entertainment
2023-11-26 19:16 - 2023-11-26 19:16 - 000000000 ____D C:\Users\Roman\AppData\Roaming\Disc-Soft
2023-11-26 19:16 - 2023-11-26 19:16 - 000000000 ____D C:\Users\Roman\AppData\Roaming\DAEMON Tools Lite
2023-11-26 19:16 - 2023-11-26 19:16 - 000000000 ____D C:\Users\Roman\AppData\Local\Disc_Soft_FZE_LLC
2023-11-26 19:16 - 2023-11-26 19:16 - 000000000 ____D C:\ProgramData\McAfee
2023-11-26 19:15 - 2023-11-26 19:15 - 000000000 ____D C:\ProgramData\Disc-Soft
2023-11-26 10:52 - 2023-12-10 20:40 - 000000000 ____D C:\Users\Roman\AppData\Local\Webshare

==================== One month (modified) ==================

(If an entry is included in the fixlist, the file/folder will be moved.)

2023-12-19 20:36 - 2022-09-27 14:22 - 000000000 ____D C:\Users\Roman\Desktop\čištění PC
2023-12-19 20:34 - 2023-05-05 13:28 - 000000000 ____D C:\WINDOWS\SystemTemp
2023-12-19 20:34 - 2017-03-22 17:28 - 000000000 ____D C:\Program Files (x86)\Google
2023-12-19 19:29 - 2019-12-07 10:14 - 000000000 ____D C:\ProgramData\regid.1991-06.com.microsoft
2023-12-19 19:05 - 2019-12-07 15:43 - 000993750 _____ C:\WINDOWS\system32\perfh005.dat
2023-12-19 19:05 - 2019-12-07 15:43 - 000233240 _____ C:\WINDOWS\system32\perfc005.dat
2023-12-19 19:01 - 2018-02-12 16:48 - 000000000 ____D C:\Users\Roman\AppData\Roaming\Wise Care 365
2023-12-19 19:00 - 2019-12-07 10:03 - 000524288 _____ C:\WINDOWS\system32\config\BBI
2023-12-19 19:00 - 2017-03-23 09:29 - 000065536 _____ C:\WINDOWS\system32\spu_storage.bin
2023-12-19 18:50 - 2019-12-07 10:14 - 000000000 ____D C:\WINDOWS\AppReadiness
2023-12-19 18:41 - 2013-08-22 16:36 - 000000000 ___HD C:\WINDOWS\system32\GroupPolicy
2023-12-19 17:01 - 2019-12-07 10:13 - 000000000 ____D C:\WINDOWS\INF
2023-12-19 17:01 - 2019-12-07 10:03 - 000000000 ____D C:\WINDOWS\CbsTemp
2023-12-19 16:57 - 2022-09-29 19:20 - 000000000 ____D C:\Users\Roman\AppData\Local\AMSDK
2023-12-19 11:35 - 2017-03-22 17:28 - 000002301 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Google Chrome.lnk
2023-12-19 10:58 - 2019-11-20 16:56 - 000000000 ____D C:\Users\Roman\Desktop\fota z dovolené
2023-12-19 10:18 - 2022-11-18 09:23 - 000000000 ____D C:\Users\Roman\AppData\Local\CrashDumps
2023-12-19 06:34 - 2017-05-02 15:41 - 000000000 ____D C:\Users\Roman\AppData\LocalLow\Temp
2023-12-19 06:28 - 2022-09-27 17:23 - 000000000 ____D C:\ProgramData\Comodo
2023-12-18 21:55 - 2018-02-01 23:00 - 000000000 ____D C:\Users\Roman\AppData\Roaming\vlc
2023-12-18 18:35 - 2021-09-02 17:14 - 000002185 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Google Drive.lnk
2023-12-18 18:35 - 2021-09-02 17:14 - 000002016 _____ C:\Users\Default\Desktop\Google Slides.lnk
2023-12-18 18:35 - 2021-09-02 17:14 - 000002016 _____ C:\Users\Default\Desktop\Google Sheets.lnk
2023-12-18 18:35 - 2021-09-02 17:14 - 000002004 _____ C:\Users\Default\Desktop\Google Docs.lnk
2023-12-18 17:51 - 2018-02-12 16:20 - 000000000 ____D C:\Users\Roman\AppData\Roaming\IObit
2023-12-18 07:08 - 2017-03-23 09:29 - 000000000 ____D C:\Users\Roman\AppData\Local\AMD
2023-12-17 20:10 - 2017-03-22 20:21 - 000000000 ____D C:\Program Files\AMD
2023-12-17 20:07 - 2017-03-22 20:20 - 000000000 ____D C:\AMD
2023-12-17 16:50 - 2018-02-12 16:47 - 000000000 ____D C:\Program Files (x86)\Wise
2023-12-17 16:38 - 2019-12-07 10:14 - 000000000 ___HD C:\WINDOWS\ELAMBKUP
2023-12-17 16:37 - 2019-10-06 09:39 - 000000000 ____D C:\Program Files\Google
2023-12-17 16:37 - 2017-03-22 17:28 - 000000000 ____D C:\Users\Roman\AppData\Local\Google
2023-12-17 16:36 - 2017-03-22 20:52 - 000000000 ____D C:\ProgramData\AVAST Software
2023-12-17 09:21 - 2019-12-07 10:14 - 000000000 ___HD C:\Program Files\WindowsApps
2023-12-16 17:44 - 2020-02-05 11:40 - 000000000 ____D C:\Program Files (x86)\Winamp
2023-12-16 15:45 - 2017-03-22 17:19 - 000000000 ____D C:\Users\Roman\AppData\Local\VirtualStore
2023-12-16 12:46 - 2018-01-17 10:41 - 000000000 ____D C:\Program Files\Opera
2023-12-15 07:02 - 2017-03-22 17:19 - 000000000 ____D C:\Users\Roman\AppData\Local\Packages
2023-12-14 16:19 - 2023-08-31 16:58 - 000018656 _____ C:\Users\Roman\Desktop\Prac výkaz k 13.12.2023_Roman Plch.xlsx
2023-12-14 14:35 - 2019-12-07 15:47 - 000000000 ____D C:\Program Files\Windows Defender Advanced Threat Protection
2023-12-14 14:35 - 2019-12-07 10:14 - 000000000 ___RD C:\WINDOWS\ImmersiveControlPanel
2023-12-14 14:35 - 2019-12-07 10:14 - 000000000 ____D C:\WINDOWS\SysWOW64\WinMetadata
2023-12-14 14:35 - 2019-12-07 10:14 - 000000000 ____D C:\WINDOWS\SysWOW64\lv-LV
2023-12-14 14:35 - 2019-12-07 10:14 - 000000000 ____D C:\WINDOWS\SysWOW64\lt-LT
2023-12-14 14:35 - 2019-12-07 10:14 - 000000000 ____D C:\WINDOWS\SysWOW64\et-EE
2023-12-14 14:35 - 2019-12-07 10:14 - 000000000 ____D C:\WINDOWS\SysWOW64\es-MX
2023-12-14 14:35 - 2019-12-07 10:14 - 000000000 ____D C:\WINDOWS\SysWOW64\Dism
2023-12-14 14:35 - 2019-12-07 10:14 - 000000000 ____D C:\WINDOWS\SystemResources
2023-12-14 14:35 - 2019-12-07 10:14 - 000000000 ____D C:\WINDOWS\system32\WinMetadata
2023-12-14 14:35 - 2019-12-07 10:14 - 000000000 ____D C:\WINDOWS\system32\oobe
2023-12-14 14:35 - 2019-12-07 10:14 - 000000000 ____D C:\WINDOWS\system32\lv-LV
2023-12-14 14:35 - 2019-12-07 10:14 - 000000000 ____D C:\WINDOWS\system32\lt-LT
2023-12-14 14:35 - 2019-12-07 10:14 - 000000000 ____D C:\WINDOWS\system32\et-EE
2023-12-14 14:35 - 2019-12-07 10:14 - 000000000 ____D C:\WINDOWS\system32\es-MX
2023-12-14 14:35 - 2019-12-07 10:14 - 000000000 ____D C:\WINDOWS\system32\Dism
2023-12-14 14:35 - 2019-12-07 10:14 - 000000000 ____D C:\WINDOWS\ShellExperiences
2023-12-14 14:35 - 2019-12-07 10:14 - 000000000 ____D C:\WINDOWS\Provisioning
2023-12-14 14:35 - 2019-12-07 10:14 - 000000000 ____D C:\WINDOWS\PolicyDefinitions
2023-12-14 14:35 - 2019-12-07 10:14 - 000000000 ____D C:\WINDOWS\bcastdvr
2023-12-14 14:35 - 2019-12-07 10:03 - 000000000 ____D C:\WINDOWS\servicing
2023-12-13 21:35 - 2017-03-22 17:19 - 000000000 ___SD C:\Users\Roman\AppData\Roaming\Microsoft\Credentials
2023-12-13 17:01 - 2023-06-06 18:27 - 000000000 ____D C:\Users\Roman\AppData\Roaming\Microsoft\Excel
2023-12-11 16:38 - 2019-12-07 10:14 - 000000000 ____D C:\WINDOWS\system32\NDF
2023-12-09 11:03 - 2019-12-07 10:14 - 000000000 ____D C:\WINDOWS\LiveKernelReports
2023-12-02 16:47 - 2021-12-29 11:21 - 000000000 ____D C:\ProgramData\tmp
2023-12-02 16:47 - 2020-01-13 11:40 - 000000000 ____D C:\Program Files\Mozilla Firefox
2023-12-02 09:30 - 2018-01-17 10:41 - 000000000 ____D C:\Users\Roman\AppData\Roaming\Opera Software
2023-11-30 19:58 - 2017-03-22 18:43 - 000000000 ____D C:\Users\Roman\Downloads\utility
2023-11-30 19:14 - 2018-02-11 01:00 - 000000000 ____D C:\Program Files (x86)\Kerish Doctor
2023-11-30 17:49 - 2019-12-07 15:47 - 000000000 ___SD C:\WINDOWS\system32\AppV
2023-11-30 17:49 - 2019-12-07 15:47 - 000000000 ____D C:\Program Files\Windows Photo Viewer
2023-11-30 17:49 - 2019-12-07 15:47 - 000000000 ____D C:\Program Files (x86)\Windows Photo Viewer
2023-11-30 17:49 - 2019-12-07 15:43 - 000000000 ____D C:\WINDOWS\SysWOW64\cs
2023-11-30 17:49 - 2019-12-07 15:43 - 000000000 ____D C:\WINDOWS\system32\cs
2023-11-30 17:49 - 2019-12-07 10:14 - 000000000 ___SD C:\WINDOWS\SysWOW64\F12
2023-11-30 17:49 - 2019-12-07 10:14 - 000000000 ___SD C:\WINDOWS\SysWOW64\DiagSvcs
2023-11-30 17:49 - 2019-12-07 10:14 - 000000000 ___SD C:\WINDOWS\system32\UNP
2023-11-30 17:49 - 2019-12-07 10:14 - 000000000 ___SD C:\WINDOWS\system32\F12
2023-11-30 17:49 - 2019-12-07 10:14 - 000000000 ___SD C:\WINDOWS\system32\DiagSvcs
2023-11-30 17:49 - 2019-12-07 10:14 - 000000000 ___RD C:\WINDOWS\PrintDialog
2023-11-30 17:49 - 2019-12-07 10:14 - 000000000 ____D C:\WINDOWS\SysWOW64\setup
2023-11-30 17:49 - 2019-12-07 10:14 - 000000000 ____D C:\WINDOWS\SysWOW64\PerceptionSimulation
2023-11-30 17:49 - 2019-12-07 10:14 - 000000000 ____D C:\WINDOWS\SysWOW64\oobe
2023-11-30 17:49 - 2019-12-07 10:14 - 000000000 ____D C:\WINDOWS\SysWOW64\migwiz
2023-11-30 17:49 - 2019-12-07 10:14 - 000000000 ____D C:\WINDOWS\SysWOW64\Com
2023-11-30 17:49 - 2019-12-07 10:14 - 000000000 ____D C:\WINDOWS\SysWOW64\AdvancedInstallers
2023-11-30 17:49 - 2019-12-07 10:14 - 000000000 ____D C:\WINDOWS\system32\WinBioPlugIns
2023-11-30 17:49 - 2019-12-07 10:14 - 000000000 ____D C:\WINDOWS\system32\SystemResetPlatform
2023-11-30 17:49 - 2019-12-07 10:14 - 000000000 ____D C:\WINDOWS\system32\Sysprep
2023-11-30 17:49 - 2019-12-07 10:14 - 000000000 ____D C:\WINDOWS\system32\ShellExperiences
2023-11-30 17:49 - 2019-12-07 10:14 - 000000000 ____D C:\WINDOWS\system32\setup
2023-11-30 17:49 - 2019-12-07 10:14 - 000000000 ____D C:\WINDOWS\system32\SecureBootUpdates
2023-11-30 17:49 - 2019-12-07 10:14 - 000000000 ____D C:\WINDOWS\system32\PerceptionSimulation
2023-11-30 17:49 - 2019-12-07 10:14 - 000000000 ____D C:\WINDOWS\system32\migwiz
2023-11-30 17:49 - 2019-12-07 10:14 - 000000000 ____D C:\WINDOWS\system32\Com
2023-11-30 17:49 - 2019-12-07 10:14 - 000000000 ____D C:\WINDOWS\system32\appraiser
2023-11-30 17:49 - 2019-12-07 10:14 - 000000000 ____D C:\WINDOWS\system32\AdvancedInstallers
2023-11-30 17:49 - 2019-12-07 10:14 - 000000000 ____D C:\WINDOWS\ShellComponents
2023-11-30 17:49 - 2019-12-07 10:14 - 000000000 ____D C:\WINDOWS\IME
2023-11-30 17:49 - 2019-12-07 10:14 - 000000000 ____D C:\WINDOWS\appcompat
2023-11-30 17:49 - 2019-12-07 10:14 - 000000000 ____D C:\Program Files\Windows Defender
2023-11-30 17:49 - 2019-12-07 10:14 - 000000000 ____D C:\Program Files\Common Files\System
2023-11-30 17:49 - 2019-12-07 10:14 - 000000000 ____D C:\Program Files (x86)\Windows Defender
2023-11-29 18:36 - 2017-03-25 10:31 - 000000000 ____D C:\WINDOWS\system32\MRT
2023-11-29 18:32 - 2017-03-25 10:31 - 182871392 ____C (Microsoft Corporation) C:\WINDOWS\system32\MRT.exe
2023-11-29 04:59 - 2017-03-22 17:22 - 000000000 __RDO C:\Users\Roman\SkyDrive
2023-11-28 19:38 - 2019-12-07 10:14 - 000000000 ___SD C:\WINDOWS\Downloaded Program Files
2023-11-28 19:09 - 2017-03-22 17:19 - 000000000 ____D C:\Users\Roman\AppData\Roaming\Microsoft\Spelling
2023-11-28 18:50 - 2019-12-07 10:14 - 000000000 ____D C:\WINDOWS\ServiceState
2023-11-28 18:34 - 2020-09-06 14:04 - 000000000 __RHD C:\Users\Public\AccountPictures
2023-11-28 18:34 - 2019-12-07 10:14 - 000000000 ____D C:\WINDOWS\system32\WinBioDatabase
2023-11-28 18:33 - 2019-12-07 10:14 - 000000000 ____D C:\ProgramData\USOPrivate
2023-11-28 18:33 - 2019-12-07 10:14 - 000000000 ____D C:\Program Files\Windows NT
2023-11-28 18:33 - 2019-12-07 10:03 - 000032768 _____ C:\WINDOWS\system32\config\ELAM
2023-11-28 18:32 - 2019-12-07 10:14 - 000000000 __RHD C:\Users\Public\Libraries
2023-11-28 18:32 - 2019-12-07 10:14 - 000000000 ____D C:\Users\Default\AppData\Roaming\Microsoft\Windows
2023-11-28 18:30 - 2022-01-10 12:20 - 000000000 ____D C:\Users\Roman\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Sony
2023-11-28 18:30 - 2020-05-16 10:20 - 000000000 ____D C:\Users\Roman\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\WinRAR
2023-11-28 18:30 - 2019-06-29 18:01 - 000000000 ____D C:\Users\Roman\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Portable Programs
2023-11-28 18:30 - 2019-06-29 18:01 - 000000000 ____D C:\Users\Roman\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\1-click run
2023-11-28 18:30 - 2019-04-04 17:15 - 000000000 ____D C:\Users\Roman\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Hammer & Chisel, Inc
2023-11-28 18:30 - 2019-03-04 18:58 - 000000000 ____D C:\Users\Roman\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\UmmyVideoDownloader
2023-11-28 18:24 - 2022-01-16 12:46 - 000000000 _____ C:\WINDOWS\system32\fpfftResultsFile.txt
2023-11-28 18:24 - 2018-02-12 17:13 - 000000000 ____D C:\WINDOWS\system32\DAX3
2023-11-28 18:24 - 2017-03-22 18:25 - 000000000 ____D C:\WINDOWS\SysWOW64\RTCOM
2023-11-28 18:24 - 2017-03-22 18:25 - 000000000 ____D C:\WINDOWS\system32\DAX2
2023-11-28 18:23 - 2023-06-06 18:24 - 000000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Nástroje Microsoft Office
2023-11-28 18:23 - 2023-03-01 07:14 - 000000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\EA
2023-11-28 18:23 - 2023-02-02 13:15 - 000000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\WinDirStat
2023-11-28 18:23 - 2022-01-16 17:29 - 000000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Pinnacle Studio 20
2023-11-28 18:23 - 2021-09-25 07:40 - 000000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Autodesk
2023-11-28 18:23 - 2021-05-23 13:51 - 000000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\GVP
2023-11-28 18:23 - 2021-02-11 11:57 - 000000000 ____D C:\WINDOWS\SysWOW64\QuickTime
2023-11-28 18:23 - 2021-02-11 11:57 - 000000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Macromedia
2023-11-28 18:23 - 2020-05-22 15:28 - 000000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Nero
2023-11-28 18:23 - 2020-05-16 10:20 - 000000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\WinRAR
2023-11-28 18:23 - 2020-02-04 18:42 - 000000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Youtube Music Downloader
2023-11-28 18:23 - 2019-12-07 10:18 - 000000000 ____D C:\WINDOWS\Setup
2023-11-28 18:23 - 2019-12-07 10:14 - 000028672 _____ C:\WINDOWS\system32\config\BCD-Template
2023-11-28 18:23 - 2019-12-07 10:14 - 000000000 ____D C:\WINDOWS\system32\spool
2023-11-28 18:23 - 2019-12-07 10:14 - 000000000 ____D C:\Program Files\Common Files\microsoft shared
2023-11-28 18:23 - 2019-02-06 17:58 - 000000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\PingPlotter 5
2023-11-28 18:23 - 2018-05-21 16:08 - 000000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\LibreOffice 5.4
2023-11-28 18:23 - 2018-02-13 09:03 - 000000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Wise Reminder
2023-11-28 18:23 - 2018-02-13 09:03 - 000000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Wise Data Recovery
2023-11-28 18:23 - 2018-02-13 09:02 - 000000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Wise Force Deleter
2023-11-28 18:23 - 2018-02-13 09:02 - 000000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Wise Auto Shutdown
2023-11-28 18:23 - 2018-02-13 08:56 - 000000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Wise Duplicate Finder
2023-11-28 18:23 - 2018-02-13 08:55 - 000000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Wise Memory Optimizer
2023-11-28 18:23 - 2018-02-12 17:18 - 000000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Wise Game Booster
2023-11-28 18:23 - 2018-02-12 16:47 - 000000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Wise Care 365
2023-11-28 18:23 - 2018-02-10 20:22 - 000000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\FastStone Capture
2023-11-28 18:23 - 2018-02-07 18:50 - 000000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Sherlock Holmes - The Devil's Daughter
2023-11-28 18:23 - 2018-02-07 15:42 - 000000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\7-Zip
2023-11-28 18:23 - 2018-02-06 15:27 - 000000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Assassin's Creed Origins
2023-11-28 18:23 - 2018-02-01 23:00 - 000000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\VideoLAN
2023-11-28 18:23 - 2018-01-14 22:49 - 000000000 ____D C:\WINDOWS\SysWOW64\Adobe
2023-11-28 18:23 - 2017-12-20 08:54 - 000000000 ____D C:\WINDOWS\system32\appmgmt
2023-11-28 18:23 - 2017-06-18 12:30 - 000000000 ____D C:\ProgramData\regid.1986-12.com.adobe
2023-11-28 18:23 - 2017-04-28 15:07 - 000000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\HP
2023-11-28 18:23 - 2017-03-28 17:49 - 000000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Fraps
2023-11-28 18:23 - 2017-03-26 19:34 - 000000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Steam
2023-11-28 18:23 - 2017-03-23 00:51 - 000000000 ____D C:\WINDOWS\SysWOW64\LiveUpdate
2023-11-28 18:23 - 2017-03-22 20:12 - 000000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\HWiNFO64
2023-11-28 18:23 - 2017-03-22 18:21 - 000000000 ____D C:\Program Files (x86)\Realtek
2023-11-28 18:23 - 2017-03-22 18:14 - 000000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\MSI Kombustor 3
2023-11-28 18:23 - 2013-08-22 16:36 - 000000000 ____D C:\WINDOWS\SysWOW64\Macromed
2023-11-28 18:23 - 2013-08-22 16:36 - 000000000 ____D C:\WINDOWS\system32\Tasks_Migrated
2023-11-28 18:23 - 2013-08-22 16:36 - 000000000 ____D C:\WINDOWS\system32\MsDtc
2023-11-28 18:23 - 2013-08-22 16:36 - 000000000 ____D C:\WINDOWS\system32\Macromed
2023-11-28 18:21 - 2020-05-16 11:01 - 000000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Sony
2023-11-28 18:21 - 2019-12-07 10:14 - 000000000 ____D C:\WINDOWS\system32\InputMethod
2023-11-28 18:21 - 2019-12-07 10:14 - 000000000 ____D C:\WINDOWS\InputMethod
2023-11-28 18:21 - 2017-03-23 09:28 - 000000000 ____D C:\Program Files\Common Files\ATI Technologies
2023-11-28 18:21 - 2017-03-23 00:51 - 000000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\MSI
2023-11-28 18:21 - 2017-03-22 18:25 - 000000000 ____D C:\Program Files\Realtek
2023-11-28 18:21 - 2013-08-22 16:36 - 000000000 ____D C:\WINDOWS\system32\WindowsInternal.Inbox.Shared
2023-11-28 18:21 - 2013-08-22 16:36 - 000000000 ____D C:\WINDOWS\system32\WindowsInternal.Inbox.Media.Shared
2023-11-28 05:40 - 2018-02-12 16:20 - 000000000 ____D C:\ProgramData\IObit

==================== Files in the root of some directories ========

2019-02-05 12:32 - 2019-02-05 12:32 - 000000048 ____H () C:\Program Files (x86)\pgqxfpxn0x.dat
2013-02-25 02:59 - 2013-02-25 02:59 - 002174976 _____ (Advanced Micro Devices Inc.) C:\Program Files (x86)\Common Files\atimpenc.dll
2022-01-16 17:31 - 2022-01-17 12:20 - 000006144 _____ () C:\Users\Roman\AppData\Local\DCBC2A71-70D8-4DAN-EHR8-E0D61DEA3FDF.ini

==================== SigCheck ============================

(There is no automatic fix for files that do not pass verification.)

==================== End of FRST.txt ========================

Dodatečně přidáno po 32 vteřinách:
Additional scan result of Farbar Recovery Scan Tool (x64) Version: 18-12-2023
Ran by Roman (19-12-2023 20:43:07)
Running from C:\Users\Roman\Desktop
Microsoft Windows 10 Pro Version 22H2 19045.3803 (X64) (2023-11-28 17:33:13)
Boot Mode: Normal
==========================================================


==================== Accounts: =============================


(If an entry is included in the fixlist, it will be removed.)

Administrator (S-1-5-21-3164086441-1288322857-271608641-500 - Administrator - Disabled)
DefaultAccount (S-1-5-21-3164086441-1288322857-271608641-503 - Limited - Disabled)
Guest (S-1-5-21-3164086441-1288322857-271608641-501 - Limited - Disabled)
Roman (S-1-5-21-3164086441-1288322857-271608641-1001 - Administrator - Enabled) => C:\Users\Roman
WDAGUtilityAccount (S-1-5-21-3164086441-1288322857-271608641-504 - Limited - Disabled)

==================== Security Center ========================

(If an entry is included in the fixlist, it will be removed.)

AV: Windows Defender (Disabled - Up to date) {D68DDC3A-831F-4fae-9E44-DA132C1ACF46}
AS: Windows Defender (Enabled - Up to date) {D68DDC3A-831F-4fae-9E44-DA132C1ACF46}

==================== Installed Programs ======================

(Only the adware programs with "Hidden" flag could be added to the fixlist to unhide them. The adware programs should be uninstalled manually.)

7-Zip 21.07 (x64) (HKLM\...\7-Zip) (Version: 21.07 - Igor Pavlov)
7-Zip 22.00 (x64 edition) (HKLM\...\{23170F69-40C1-2702-2200-000001000000}) (Version: 22.00.00.0 - Igor Pavlov)
Adobe Shockwave Player 12.2 (HKLM-x32\...\{315BE77E-D725-477D-9C71-63F78844363C}) (Version: 12.2.2.172 - Adobe Systems, Inc)
AMD Software (HKLM\...\{08EF2C99-1771-7A23-8D55-20BE350AB8AC}) (Version: 9.0.000.8 - Advanced Micro Devices, Inc.) Hidden
AMD Software (HKLM\...\AMD Catalyst Install Manager) (Version: 23.8.2 - Advanced Micro Devices, Inc.)
AutoCAD 2013 Language Pack – Čeština (Czech) (HKLM\...\{5783F2D7-B001-0405-1102-0060B0CE6BBA}) (Version: 19.0.55.0 - Autodesk) Hidden
AutoCAD 2013 Language Pack – Čeština (Czech) (HKLM\...\AutoCAD 2013 Language Pack – Čeština (Czech)) (Version: 19.0.55.0 - Autodesk)
Autodesk Content Service (HKLM-x32\...\Autodesk Content Service) (Version: 3.0.84.0 - Autodesk)
Autodesk Content Service Language Pack (HKLM-x32\...\{62F029AB-85F2-0001-866A-9FC0DD99DDBC}) (Version: 3.0.84.0 - Autodesk) Hidden
Autodesk Inventor Fusion 2013 (HKLM\...\{FFF5619F-2013-0064-A85E-9994F70A9E5D}) (Version: 2.0.0.206 - Autodesk, Inc.) Hidden
Autodesk Inventor Fusion 2013 (HKLM\...\Autodesk Inventor Fusion 2013) (Version: 2.0.0.206 - Autodesk, Inc.)
Autodesk Inventor Fusion plug-in for AutoCAD 2013 (HKLM\...\{82C1E6E4-6718-4EFD-9DCC-E276D690EF46}) (Version: 0.2.0.230 - Autodesk) Hidden
Autodesk Inventor Fusion plug-in language pack for AutoCAD 2013 (HKLM\...\{FE2F4875-095C-427C-9A97-4F8DE05ACF22}) (Version: 0.2.0.230 - Autodesk) Hidden
Autodesk Material Library 2013 (HKLM-x32\...\{117EBEEB-5DB0-43C8-9FD6-DD583DB152DD}) (Version: 3.0.13 - Autodesk)
Autodesk Material Library Base Resolution Image Library 2013 (HKLM-x32\...\{606E12B9-641F-4644-A22A-FF38AE980AFD}) (Version: 3.0.13 - Autodesk)
Autodesk Sync (HKLM\...\{EE5F74BC-5CD5-4EF2-86BA-81E6CF46A18F}) (Version: 3.5.24.0 - Autodesk, Inc.)
Battle.net (HKLM-x32\...\Battle.net) (Version: - Blizzard Entertainment)
Battlefield 3™ (HKLM-x32\...\{76285C16-411A-488A-BCE3-C83CB933D8CF}) (Version: 1.6.0.0 - Electronic Arts)
Battlefield 4™ (HKLM-x32\...\{ABADE36E-EC37-413B-8179-B432AD3FACE7}) (Version: 1.8.2.48475 - Electronic Arts)
Battlelog Web Plugins (HKLM-x32\...\Battlelog Web Plugins) (Version: 2.3.0 - EA Digital Illusions CE AB)
Call of Duty Modern Warfare (HKLM-x32\...\Call of Duty Modern Warfare) (Version: - Blizzard Entertainment)
CCleaner (HKLM\...\CCleaner) (Version: 6.19 - Piriform)
Crysis 3 Remastered (HKLM-x32\...\FLT_Crysis3Remastered) (Version: - )
CrystalDiskInfo 9.2.1 (HKLM\...\CrystalDiskInfo_is1) (Version: 9.2.1 - Crystal Dew World)
DAEMON Tools Lite (HKLM\...\DAEMON Tools Lite) (Version: 12.0.0.2126 - Disc Soft Ltd)
DriverGenius (HKLM-x32\...\{D551274E-6CB8-4313-9290-9AD7EB15FD91}) (Version: 1.0.0 - Driver-Soft)
EA app (HKLM\...\{C2622085-ABD2-49E5-8AB9-D3D6A642C091}) (Version: 13.86.0.5599 - Electronic Arts) Hidden
EA app (HKLM-x32\...\{f10d9b37-ef6d-43ca-ab77-f212411f146e}) (Version: 13.86.0.5599 - Electronic Arts)
ESN Sonar (HKLM-x32\...\ESN Sonar-0.70.4) (Version: 0.70.4 - ESN Social Software AB)
FARO LS 1.1.406.58 (HKLM-x32\...\{951B0F30-9F1A-4BF6-B3DA-99EB0E917B1C}) (Version: 4.6.58.2 - FARO Scanner Production)
FastStone Capture 8.6 (HKLM-x32\...\FastStone Capture) (Version: 8.6 - FastStone Soft)
Fraps (HKLM-x32\...\Fraps) (Version: - )
Free DOC Reader (HKLM-x32\...\{810B21F5-6D1A-4E52-B5B1-ECBF75A30FF0}) (Version: 1.0.0 - Media Freeware)
Free MP3 Cutter 2.1 (HKLM-x32\...\{847E0734-4457-4B48-BF49-998D1CF2CFA1}_is1) (Version: 2.1 - PolySoft Solutions)
Google Drive (HKLM\...\{6BBAE539-2232-434A-A4E5-9A33560C6283}) (Version: 85.0.26.0 - Google LLC)
Google Chrome (HKLM-x32\...\Google Chrome) (Version: 120.0.6099.110 - Google LLC)
GpsVideoPlayer (HKLM-x32\...\{2B66B3E3-3FE6-4D50-A9FA-BD4A39597EB1}) (Version: 1.0.1.54 - Your Company Name)
HP Deskjet 1510 series Nápověda (HKLM-x32\...\{FB815CBF-148E-42A4-8741-4924C28C118F}) (Version: 30.0.0 - Hewlett Packard)
HP Photo Creations (HKLM-x32\...\HP Photo Creations) (Version: 1.0.0.7702 - HP)
HP Update (HKLM-x32\...\{912D30CF-F39E-4B31-AD9A-123C6B794EE2}) (Version: 5.005.002.002 - Hewlett-Packard)
HWiNFO64 Version 5.38 (HKLM\...\HWiNFO64_is1) (Version: 5.38 - Martin Malík - REALiX)
Intel(R) Chipset Device Software (HKLM\...\{81520FC5-3518-40E9-9803-70CE8A801D07}) (Version: 10.1.1.38 - Intel Corporation) Hidden
Intel(R) Management Engine Components (HKLM\...\{1CEAC85D-2590-4760-800F-8DE5E91F3700}) (Version: 11.0.6.1194 - Intel Corporation)
Intel(R) Management Engine Components (HKLM\...\{54EC951C-4197-4AA4-803B-101F127BBB38}) (Version: 11.0.6.1194 - Intel Corporation) Hidden
Intel(R) ME UninstallLegacy (HKLM\...\{335F9123-9306-4DB0-AF07-9C636317EE9D}) (Version: 1.0.1.0 - Intel Corporation) Hidden
Intel(R) Serial IO (HKLM\...\{70A78B94-1B16-46A1-8C7A-A59F7B28B425}) (Version: 30.63.1519.07 - Intel Corporation) Hidden
Intel(R) Serial IO (HKLM\...\{9FD91C5C-44AE-4D9D-85BE-AE52816B0294}) (Version: 30.63.1519.7 - Intel Corporation)
Intel(R) USB 3.0 Host Controller Adaptation Driver (HKLM\...\{0D2BE106-2900-4620-A85E-0DE92762610F}) (Version: 1.0.1.45 - Intel Corporation) Hidden
Intel(R) USB 3.0 Host Controller Adaptation Driver (HKLM\...\{9472AEE5-5D4D-4329-8BD8-B282FD33B8E0}) (Version: 1.0.1.45 - Intel Corporation)
Kaspersky Secure Connection (HKLM-x32\...\{F33C0717-8E04-4EB5-90C8-47221287DB4F}) (Version: 18.0.0.405 - Kaspersky Lab) Hidden
LibreOffice 5.4.7.2 (HKLM\...\{26D12F93-E454-4637-9A5C-D52F6B4CC0DD}) (Version: 5.4.7.2 - The Document Foundation)
Macromedia Extension Manager (HKLM-x32\...\{5546CDB5-2CE2-498B-B059-5B3BF81FC41F}) (Version: 1.7.240 - Macromedia, Inc.)
Macromedia Flash 8 (HKLM-x32\...\{2BD5C305-1B27-4D41-B690-7A61172D2FEB}) (Version: 8.00.0000 - Macromedia)
Macromedia Flash 8 Video Encoder (HKLM-x32\...\{8BF2C401-02CE-424D-BC26-6C4F9FB446B6}) (Version: 1.00.0000 - Macromedia)
Malwarebytes version 4.6.5.293 (HKLM\...\{35065F43-4BB2-439A-BFF7-0F1014F2E0CD}_is1) (Version: 4.6.5.293 - Malwarebytes)
Microsoft Edge (HKLM-x32\...\Microsoft Edge) (Version: 120.0.2210.77 - Microsoft Corporation)
Microsoft Edge WebView2 Runtime (HKLM-x32\...\Microsoft EdgeWebView) (Version: 120.0.2210.77 - Microsoft Corporation)
Microsoft Office Professional Plus 2016 - cs-cz (HKLM\...\ProPlusVolume - cs-cz) (Version: 16.0.14701.20226 - Microsoft Corporation)
Microsoft OneDrive (HKU\S-1-5-21-3164086441-1288322857-271608641-1001\...\OneDriveSetup.exe) (Version: 23.246.1127.0002 - Microsoft Corporation)
Microsoft Update Health Tools (HKLM\...\{1FC1A6C2-576E-489A-9B4A-92D21F542136}) (Version: 3.74.0.0 - Microsoft Corporation)
Microsoft Visual C++ 2005 Redistributable (HKLM-x32\...\{710f4c1c-cc18-4c49-8cbf-51240c89a1a2}) (Version: 8.0.61001 - Microsoft Corporation)
Microsoft Visual C++ 2005 Redistributable (HKLM-x32\...\{837b34e3-7c30-493c-8f6a-2b0f04e2912c}) (Version: 8.0.59193 - Microsoft Corporation)
Microsoft Visual C++ 2005 Redistributable (x64) (HKLM\...\{6ce5bae9-d3ca-4b99-891a-1dc6c118a5fc}) (Version: 8.0.59192 - Microsoft Corporation)
Microsoft Visual C++ 2005 Redistributable (x64) (HKLM\...\{ad8a2fa1-06e7-4b0d-927d-6e54b3d31028}) (Version: 8.0.61000 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x64 9.0.30729.17 (HKLM\...\{8220EEFE-38CD-377E-8595-13398D740ACE}) (Version: 9.0.30729 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x64 9.0.30729.4148 (HKLM\...\{4B6C7001-C7D6-3710-913E-5BC23FCE91E6}) (Version: 9.0.30729.4148 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x86 9.0.21022 (HKLM-x32\...\{FF66E9F6-83E7-3A3E-AF14-8DE9A809A6A4}) (Version: 9.0.21022 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.17 (HKLM-x32\...\{9A25302D-30C0-39D9-BD6F-21E6EC160475}) (Version: 9.0.30729 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.4148 (HKLM-x32\...\{1F1C2DFC-2D24-3E06-BCB8-725134ADF989}) (Version: 9.0.30729.4148 - Microsoft Corporation)
Microsoft Visual C++ 2010 x64 Redistributable - 10.0.40219 (HKLM\...\{1D8E6291-B0D5-35EC-8441-6616F567A0F7}) (Version: 10.0.40219 - Microsoft Corporation)
Microsoft Visual C++ 2010 x86 Redistributable - 10.0.40219 (HKLM-x32\...\{F0C3E5D1-1ADE-321E-8167-68EF0DE699A5}) (Version: 10.0.40219 - Microsoft Corporation)
Microsoft Visual C++ 2012 x64 Additional Runtime - 11.0.61030 (HKLM\...\{37B8F9C7-03FB-3253-8781-2517C99D7C00}) (Version: 11.0.61030 - Microsoft Corporation) Hidden
Microsoft Visual C++ 2012 x64 Minimum Runtime - 11.0.61030 (HKLM\...\{CF2BEA3C-26EA-32F8-AA9B-331F7E34BA97}) (Version: 11.0.61030 - Microsoft Corporation) Hidden
Microsoft Visual C++ 2012 x86 Additional Runtime - 11.0.61030 (HKLM-x32\...\{B175520C-86A2-35A7-8619-86DC379688B9}) (Version: 11.0.61030 - Microsoft Corporation) Hidden
Microsoft Visual C++ 2012 x86 Minimum Runtime - 11.0.61030 (HKLM-x32\...\{BD95A8CD-1D9F-35AD-981A-3E7925026EBB}) (Version: 11.0.61030 - Microsoft Corporation) Hidden
Microsoft Visual C++ 2013 x64 Additional Runtime - 12.0.40660 (HKLM\...\{5740BD44-B58D-321A-AFC0-6D3D4556DD6C}) (Version: 12.0.40660 - Microsoft Corporation) Hidden
Microsoft Visual C++ 2013 x64 Minimum Runtime - 12.0.40660 (HKLM\...\{CB0836EC-B072-368D-82B2-D3470BF95707}) (Version: 12.0.40660 - Microsoft Corporation) Hidden
Microsoft Visual C++ 2013 x86 Additional Runtime - 12.0.40660 (HKLM-x32\...\{7DAD0258-515C-3DD4-8964-BD714199E0F7}) (Version: 12.0.40660 - Microsoft Corporation) Hidden
Microsoft Visual C++ 2013 x86 Minimum Runtime - 12.0.40660 (HKLM-x32\...\{E30D8B21-D82D-3211-82CC-0F0A5D1495E8}) (Version: 12.0.40660 - Microsoft Corporation) Hidden
Microsoft Visual C++ 2022 X64 Additional Runtime - 14.34.31938 (HKLM\...\{7DA37AE3-D8AE-49B1-9BDC-23CA0AB9FF22}) (Version: 14.34.31938 - Microsoft Corporation) Hidden
Microsoft Visual C++ 2022 X64 Minimum Runtime - 14.34.31938 (HKLM\...\{0AE39060-F209-4D05-ABC7-54B8F9CFA32E}) (Version: 14.34.31938 - Microsoft Corporation) Hidden
Microsoft Visual C++ 2022 X86 Additional Runtime - 14.34.31938 (HKLM-x32\...\{080D8397-60F4-44B3-BB95-FBB950CB0B4E}) (Version: 14.34.31938 - Microsoft Corporation) Hidden
Microsoft Visual C++ 2022 X86 Minimum Runtime - 14.34.31938 (HKLM-x32\...\{8DE5B0D4-A6D8-4F72-B8EF-28776A2EE5D5}) (Version: 14.34.31938 - Microsoft Corporation) Hidden
Microsoft_VC80_CRT_x86 (HKLM-x32\...\{92D58719-BBC1-4CC3-A08B-56C9E884CC2C}) (Version: 8.0.50727.4053 - Adobe) Hidden
Microsoft_VC90_CRT_x86 (HKLM-x32\...\{08D2E121-7F6A-43EB-97FD-629B44903403}) (Version: 1.00.0000 - Adobe) Hidden
Monkey's Audio (HKLM-x32\...\Monkey's Audio_is1) (Version: - )
Mozilla Firefox 72.0.2 (x64 cs) (HKLM\...\Mozilla Firefox 72.0.2 (x64 cs)) (Version: 72.0.2 - Mozilla)
Mozilla Maintenance Service (HKLM\...\MozillaMaintenanceService) (Version: 65.0 - Mozilla)
MSI Kombustor 3.5.0 (HKLM\...\{9598DA62-2AE8-426D-9C86-BEA96AC6721E}_is1) (Version: - MSI Co., LTD)
MSI Live Update 6 (HKLM-x32\...\{4F46CF54-47D2-41F4-B230-B0954C544420}}_is1) (Version: 6.2.0.10 - MSI)
MSVCRT Redists (HKLM\...\{151C3FD1-4A0B-11EA-8579-00155D6302F2}) (Version: 1.0 - MAGIX Computer Products Intl. Co.) Hidden
MSVCRT Redists (HKLM\...\{24DB3A5E-0BC8-11E5-9A27-F04DA23A5C58}) (Version: 1.0 - Sony Creative Software Inc.) Hidden
Nero 9 (HKLM-x32\...\{6fe89cb1-0fe4-45d4-9201-5ac5662f2cd3}) (Version: - Nero AG)
Nero ControlCenter (HKLM-x32\...\{ABC88553-8770-4B97-B43E-5A90647A5B63}) (Version: 11.4.2006 - Nero AG) Hidden
Nero Core (HKLM-x32\...\{85EFC653-C416-4759-BFD0-0A0095B3FFAC}) (Version: 1.2.00200 - Nero AG)
Nero Core Components (HKLM-x32\...\{BEBEE34D-84A2-4EDD-8BEA-96CC54371263}) (Version: 11.8.1010 - Nero AG) Hidden
Nero KnowHow PLUS (HKLM-x32\...\{AACDE618-4162-4074-B01D-67C5E8D07233}) (Version: 1.3.5005 - Nero AG) Hidden
Nero Launcher (HKLM-x32\...\{F942C990-9AD6-4607-9C15-1021D8D859A8}) (Version: 20.1.2013 - Nero AG) Hidden
Nero Update (HKLM-x32\...\{65BB0407-4CC8-4DC7-952E-3EEFDF05602A}) (Version: 20.0.1006 - Nero AG) Hidden
neroxml (HKLM-x32\...\{56C049BE-79E9-4502-BEA7-9754A3E60F9B}) (Version: 1.0.0 - Nero AG) Hidden
Office 16 Click-to-Run Extensibility Component (HKLM\...\{90160000-008C-0000-1000-0000000FF1CE}) (Version: 16.0.14701.20226 - Microsoft Corporation) Hidden
Office 16 Click-to-Run Licensing Component (HKLM\...\{90160000-007E-0000-1000-0000000FF1CE}) (Version: 16.0.14701.20226 - Microsoft Corporation) Hidden
OneBrowser (HKLM-x32\...\OneBrowser) (Version: 115.0.5790.171 - OneBrowser)
Opera Stable 105.0.4970.48 (HKLM-x32\...\Opera 105.0.4970.48) (Version: 105.0.4970.48 - Opera Software)
Opera Stable 70.0.3728.133 (HKLM-x32\...\Opera 70.0.3728.133) (Version: 70.0.3728.133 - Opera Software)
PicPick (HKLM-x32\...\PicPick) (Version: 4.2.5 - NGWIN)
PingPlotter 5 (HKLM-x32\...\{347BFF8D-63F4-400C-9C13-1DCD399DC13C}) (Version: 5.8.10.5715 - Pingman Tools, LLC) Hidden
PingPlotter 5 (HKLM-x32\...\PingPlotter 5 5.8.10.5715) (Version: 5.8.10.5715 - Pingman Tools, LLC)
Pinnacle Studio 20 (HKLM\...\{4D548AFA-B83A-4C39-A474-AAE833B320AD}) (Version: 20.6.0.322 - Corel Corporation)
PunkBuster Services (HKLM-x32\...\PunkBusterSvc) (Version: 0.993 - Even Balance, Inc.)
Realtek Ethernet Controller Driver (HKLM-x32\...\{8833FFB6-5B0C-4764-81AA-06DFEED9A476}) (Version: 8.46.422.2016 - Realtek)
Realtek High Definition Audio Driver (HKLM-x32\...\{F132AF7F-7BCA-4EDE-8A7C-958108FE7DBC}) (Version: 6.0.9205.1 - Realtek Semiconductor Corp.)
Rockstar Games Social Club (HKLM-x32\...\Rockstar Games Social Club) (Version: 1.1.0.1 - Rockstar Games)
Sony Vegas Pro 17.0.0 Build 421 (HKLM-x32\...\Sony Vegas Pro 17.0.0 Build 421) (Version: 17.0.0 Build 421 - Crackingpatching.com Team)
Steam (HKLM-x32\...\Steam) (Version: 2.10.91.91 - Valve Corporation)
Temp File Cleaner (HKLM\...\Temp File Cleaner) (Version: 4.5.0.74(master)(8d92a0e96285c09fa03691e2b7618aee84c6c2b6) - Addpcs, LLC)
UmmyVideoDownloader (HKLM-x32\...\{E028DBDA-EEE7-48A0-ADF7-D250589A02C5}_is1) (Version: 1.10.3.1 - ) <==== ATTENTION
Update for Windows 10 for x64-based Systems (KB5001716) (HKLM\...\{7B63012A-4AC6-40C6-B6AF-B24A84359DD5}) (Version: 8.93.0.0 - Microsoft Corporation)
Vegas Pro 13.0 (64-bit) (HKLM\...\{1EEE0BEE-0BC8-11E5-A19E-F04DA23A5C58}) (Version: 13.0.453 - Sony)
Vegas Pro 13.0 (64-bit) (HKLM-x32\...\Vegas Pro 13.0 (64-bit)) (Version: 13.0 (64-bit) - Exµs ™)
VEGAS Pro 17.0 (HKLM\...\{131CED61-4A0B-11EA-8CFD-00155D6302F2}) (Version: 17.0.421 - VEGAS)
VLC media player (HKLM-x32\...\VLC media player) (Version: 3.0.16 - VideoLAN)
VT Hash Check 1.60 (HKLM-x32\...\{1E579B65-503B-4184-B481-5138124BEE1D}_is1) (Version: 1.60 - Boredom Software)
Vulkan Run Time Libraries 1.0.26.0 (HKLM\...\VulkanRT1.0.26.0) (Version: 1.0.26.0 - LunarG, Inc.)
Vulkan Run Time Libraries 1.0.39.1 (HKLM\...\VulkanRT1.0.39.1) (Version: 1.0.39.1 - LunarG, Inc.)
Webshare klient (HKLM-x32\...\Webshare klient) (Version: - )
WinDirStat 1.1.2 (HKU\S-1-5-21-3164086441-1288322857-271608641-1001\...\WinDirStat) (Version: - )
WinRAR 5.50 64bit CZ Full verze 5.50 (HKLM-x32\...\{AEB93D01-99F5-42A6-ABCF-3B9AFA0BE159}_is1) (Version: 5.50 - rarLAB)
WinRAR 5.90 (64-bit) (HKLM\...\WinRAR archiver) (Version: 5.90.0 - win.rar GmbH)
Wise Auto Shutdown 1.6.5 (HKLM-x32\...\Wise Auto Shutdown_is1) (Version: 1.6.5 - WiseCleaner.com, Inc.)
Wise Care 365 4.81 (HKLM-x32\...\Wise Care 365_is1) (Version: 4.81 - WiseCleaner.com, Inc.)
Wise Data Recovery 3.87 (HKLM-x32\...\Wise Data Recovery_is1) (Version: 3.87 - WiseCleaner.com, Inc.)
Wise Duplicate Finder 1.2.5 (HKLM-x32\...\Wise Duplicate Finder_is1) (Version: 1.2.5 - WiseCleaner.com, Inc.)
Wise Force Deleter 1.4.6 (HKLM-x32\...\Wise Force Deleter_is1) (Version: 1.4.6 - WiseCleaner.com, Inc.)
Wise Game Booster 1.39 (HKLM-x32\...\Wise Game Booster_is1) (Version: 1.39 - WiseCleaner.com, Inc.)
Wise JetSearch 2.3.5 (HKLM-x32\...\Wise JetSearch_is1) (Version: 2.3.5 - WiseCleaner.com, Inc.)
Wise Memory Optimizer 3.5.2 (HKLM-x32\...\Wise Memory Optimizer_is1) (Version: 3.5.2 - WiseCleaner.com, Inc.)
Wise Reminder 1.2.8 (HKLM-x32\...\Wise Reminder_is1) (Version: 1.2.8 - WiseCleaner.com, Inc.)
Youtube Music Downloader V7.3.4 (HKLM-x32\...\Youtube Music Downloader_is1) (Version: - Youtube Music Downloader)
YTD Video Downloader Pro 4.1 (HKLM-x32\...\YTD Video Downloader Pro 4.14.1) (Version: 4.1 - Friends in War) <==== ATTENTION
Základní software zařízení HP Deskjet 1510 series (HKLM\...\{BF7E34C1-4669-46ED-A8DA-244125F41B89}) (Version: 32.2.188.47710 - Hewlett-Packard Co.)

Packages:
=========
HP Smart -> C:\Program Files\WindowsApps\AD2F1837.HPPrinterControl_150.1.1140.0_x64__v10z8vjag6ke6 [2023-11-28] (HP Inc.)
MSN Cestování -> C:\Program Files\WindowsApps\Microsoft.BingTravel_3.0.4.336_x64__8wekyb3d8bbwe [2023-11-29] (Microsoft Corporation) [MS Ad]
MSN Gurmánský svět -> C:\Program Files\WindowsApps\Microsoft.BingFoodAndDrink_3.0.4.336_x64__8wekyb3d8bbwe [2023-11-29] (Microsoft Corporation) [MS Ad]
MSN Zdraví a fitness -> C:\Program Files\WindowsApps\Microsoft.BingHealthAndFitness_3.0.4.336_x64__8wekyb3d8bbwe [2023-11-29] (Microsoft Corporation) [MS Ad]
Solitaire & Casual Games -> C:\Program Files\WindowsApps\Microsoft.MicrosoftSolitaireCollection_4.18.11020.0_x64__8wekyb3d8bbwe [2023-11-29] (Microsoft Studios) [MS Ad]
WhatsApp -> C:\Program Files\WindowsApps\5319275A.WhatsAppDesktop_2.2349.2.0_x64__cv1g1gvanyjgm [2023-12-15] (WhatsApp Inc.) [Startup Task]

==================== Custom CLSID (Whitelisted): ==============

(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)

ShellIconOverlayIdentifiers: [ GoogleDriveCloudOverlayIconHandler] -> {A8E52322-8734-481D-A7E2-27B309EF8D56} => C:\Program Files\Google\Drive File Stream\85.0.26.0\drivefsext.dll [2023-12-18] (Google LLC -> Google, Inc.)
ShellIconOverlayIdentifiers: [ GoogleDriveMirrorBlacklistedOverlayIconHandler] -> {51EF1569-67EE-4AD6-9646-E726C3FFC8A2} => C:\Program Files\Google\Drive File Stream\85.0.26.0\drivefsext.dll [2023-12-18] (Google LLC -> Google, Inc.)
ShellIconOverlayIdentifiers: [ GoogleDrivePinnedOverlayIconHandler] -> {CFE8B367-77A7-41D7-9C90-75D16D7DC6B6} => C:\Program Files\Google\Drive File Stream\85.0.26.0\drivefsext.dll [2023-12-18] (Google LLC -> Google, Inc.)
ShellIconOverlayIdentifiers: [ GoogleDriveProgressOverlayIconHandler] -> {C973DA94-CBDF-4E77-81D1-E5B794FBD146} => C:\Program Files\Google\Drive File Stream\85.0.26.0\drivefsext.dll [2023-12-18] (Google LLC -> Google, Inc.)
ContextMenuHandlers1: [2.0 Zemana AntiMalware] -> {6ABB1C11-E261-4CEA-BBB5-3836225689DD} => C:\Program Files (x86)\Zemana\AntiMalware\AM_ShellExt64.dll [2021-03-30] (Zemana D.O.O. Sarajevo -> Advanced Malware Protection. Copyright 2019.)
ContextMenuHandlers1: [7-Zip] -> {23170F69-40C1-278A-1000-000100020000} => C:\Program Files\7-Zip\7-zip.dll [2022-06-15] (Igor Pavlov) [File not signed]
ContextMenuHandlers1: [AcShellExtension.AcContextMenuHandler] -> {2E7A2C6C-B938-40a4-BA1C-C7EC982DC202} => C:\Program Files (x86)\Common Files\Autodesk Shared\AcShellEx\AcShellExtension.dll [2012-01-31] (Autodesk, Inc -> Autodesk)
ContextMenuHandlers1-x32: [Cover Designer] -> {73FCA462-9BD5-4065-A73F-A8E5F6904EF7} => D:\soft\Nero 9\Nero CoverDesigner\CoverEdExtension.dll [2008-09-19] (Nero AG -> Nero AG)
ContextMenuHandlers1: [DriveFS 28 or later] -> {EE15C2BD-CECB-49F8-A113-CA1BFC528F5B} => C:\Program Files\Google\Drive File Stream\85.0.26.0\drivefsext.dll [2023-12-18] (Google LLC -> Google, Inc.)
ContextMenuHandlers1: [WinRAR] -> {B41DB860-64E4-11D2-9906-E49FADC173CA} => C:\Program Files\WinRAR\rarext.dll [2020-03-26] (win.rar GmbH -> Alexander Roshal)
ContextMenuHandlers1-x32: [WinRAR32] -> {B41DB860-8EE4-11D2-9906-E49FADC173CA} => C:\Program Files\WinRAR\rarext32.dll [2020-03-26] (win.rar GmbH -> Alexander Roshal)
ContextMenuHandlers2: [DaemonShellExtDriveLite] -> {C06369D6-E77D-4626-9656-1256312BD576} => C:\Program Files\DAEMON Tools Lite\dtshl64.dll [2023-12-02] (AVB Disc Soft, SIA -> Disc Soft FZE LLC)
ContextMenuHandlers3: [DaemonShellExtImageLite] -> {1D1B5D7B-0FC9-452E-902C-12BACD4FBC20} => C:\Program Files\DAEMON Tools Lite\dtshl64.dll [2023-12-02] (AVB Disc Soft, SIA -> Disc Soft FZE LLC)
ContextMenuHandlers3: [MBAMShlExt] -> {57CE581A-0CB6-4266-9CA0-19364C90A0B3} => C:\Program Files\Malwarebytes\Anti-Malware\mbshlext.dll [2023-11-30] (Malwarebytes Inc. -> Malwarebytes)
ContextMenuHandlers4: [7-Zip] -> {23170F69-40C1-278A-1000-000100020000} => C:\Program Files\7-Zip\7-zip.dll [2022-06-15] (Igor Pavlov) [File not signed]
ContextMenuHandlers4: [DriveFS 28 or later] -> {EE15C2BD-CECB-49F8-A113-CA1BFC528F5B} => C:\Program Files\Google\Drive File Stream\85.0.26.0\drivefsext.dll [2023-12-18] (Google LLC -> Google, Inc.)
ContextMenuHandlers5: [DriveFS 28 or later] -> {EE15C2BD-CECB-49F8-A113-CA1BFC528F5B} => C:\Program Files\Google\Drive File Stream\85.0.26.0\drivefsext.dll [2023-12-18] (Google LLC -> Google, Inc.)
ContextMenuHandlers6: [2.0 Zemana AntiMalware] -> {6ABB1C11-E261-4CEA-BBB5-3836225689DD} => C:\Program Files (x86)\Zemana\AntiMalware\AM_ShellExt64.dll [2021-03-30] (Zemana D.O.O. Sarajevo -> Advanced Malware Protection. Copyright 2019.)
ContextMenuHandlers6: [7-Zip] -> {23170F69-40C1-278A-1000-000100020000} => C:\Program Files\7-Zip\7-zip.dll [2022-06-15] (Igor Pavlov) [File not signed]
ContextMenuHandlers6: [MBAMShlExt] -> {57CE581A-0CB6-4266-9CA0-19364C90A0B3} => C:\Program Files\Malwarebytes\Anti-Malware\mbshlext.dll [2023-11-30] (Malwarebytes Inc. -> Malwarebytes)
ContextMenuHandlers6: [WinRAR] -> {B41DB860-64E4-11D2-9906-E49FADC173CA} => C:\Program Files\WinRAR\rarext.dll [2020-03-26] (win.rar GmbH -> Alexander Roshal)
ContextMenuHandlers6-x32: [WinRAR32] -> {B41DB860-8EE4-11D2-9906-E49FADC173CA} => C:\Program Files\WinRAR\rarext32.dll [2020-03-26] (win.rar GmbH -> Alexander Roshal)

==================== Codecs (Whitelisted) ====================

(If an entry is included in the fixlist, the registry item will be restored to default or removed. The file will not be moved.)

HKLM\...\Drivers32: [VIDC.FPS1] => C:\WINDOWS\system32\frapsv64.dll [71680 2013-02-26] (Beepa P/L) [File not signed]
HKLM\...\Drivers32: [VIDC.FPS1] => C:\Windows\SysWOW64\frapsvid.dll [65536 2013-02-26] (Beepa P/L) [File not signed]

==================== Shortcuts & WMI ========================

==================== Loaded Modules (Whitelisted) =============

2022-06-15 17:00 - 2022-06-15 17:00 - 000094720 _____ (Igor Pavlov) [File not signed] C:\Program Files\7-Zip\7-zip.dll

==================== Alternate Data Streams (Whitelisted) ========

==================== Safe Mode (Whitelisted) ==================

(If an entry is included in the fixlist, it will be removed from the registry. The "AlternateShell" will be restored.)

HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\amsdk.sys => ""="Driver"
HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Network\amsdk.sys => ""="Driver"

==================== Association (Whitelisted) =================

(If an entry is included in the fixlist, the registry item will be restored to default or removed.)

HKU\S-1-5-21-3164086441-1288322857-271608641-1001\Software\Classes\.scr: scrfile => <==== ATTENTION

==================== Internet Explorer (Whitelisted) ==========

BHO-x32: Skype for Business Browser Helper -> {31D09BA0-12F5-4CCE-BE8A-2923E76605DA} -> C:\Program Files\Microsoft Office\root\VFS\ProgramFilesX86\Microsoft Office\Office16\OCHelper.dll [2023-06-06] (Microsoft Corporation -> Microsoft Corporation)
Handler: mso-minsb-roaming.16 - {83C25742-A9F7-49FB-9138-434302C88D07} - C:\Program Files\Microsoft Office\root\Office16\MSOSB.DLL [2023-06-06] (Microsoft Corporation -> Microsoft Corporation)
Handler-x32: mso-minsb-roaming.16 - {83C25742-A9F7-49FB-9138-434302C88D07} - C:\Program Files\Microsoft Office\root\VFS\ProgramFilesX86\Microsoft Office\Office16\MSOSB.DLL [2023-06-06] (Microsoft Corporation -> Microsoft Corporation)
Handler: mso-minsb.16 - {42089D2D-912D-4018-9087-2B87803E93FB} - C:\Program Files\Microsoft Office\root\Office16\MSOSB.DLL [2023-06-06] (Microsoft Corporation -> Microsoft Corporation)
Handler-x32: mso-minsb.16 - {42089D2D-912D-4018-9087-2B87803E93FB} - C:\Program Files\Microsoft Office\root\VFS\ProgramFilesX86\Microsoft Office\Office16\MSOSB.DLL [2023-06-06] (Microsoft Corporation -> Microsoft Corporation)
Handler: osf-roaming.16 - {42089D2D-912D-4018-9087-2B87803E93FB} - C:\Program Files\Microsoft Office\root\Office16\MSOSB.DLL [2023-06-06] (Microsoft Corporation -> Microsoft Corporation)
Handler-x32: osf-roaming.16 - {42089D2D-912D-4018-9087-2B87803E93FB} - C:\Program Files\Microsoft Office\root\VFS\ProgramFilesX86\Microsoft Office\Office16\MSOSB.DLL [2023-06-06] (Microsoft Corporation -> Microsoft Corporation)
Handler: osf.16 - {5504BE45-A83B-4808-900A-3A5C36E7F77A} - C:\Program Files\Microsoft Office\root\Office16\MSOSB.DLL [2023-06-06] (Microsoft Corporation -> Microsoft Corporation)
Handler-x32: osf.16 - {5504BE45-A83B-4808-900A-3A5C36E7F77A} - C:\Program Files\Microsoft Office\root\VFS\ProgramFilesX86\Microsoft Office\Office16\MSOSB.DLL [2023-06-06] (Microsoft Corporation -> Microsoft Corporation)

(If an entry is included in the fixlist, it will be removed from the registry.)

IE trusted site: HKU\.DEFAULT\...\localhost -> localhost
IE trusted site: HKU\S-1-5-21-3164086441-1288322857-271608641-1001\...\localhost -> localhost

==================== Hosts content: =========================

(If needed Hosts: directive could be included in the fixlist to reset Hosts.)

2023-12-19 05:49 - 2023-12-19 05:49 - 000000841 _____ C:\WINDOWS\system32\drivers\etc\hosts
127.0.0.1 localhost

==================== Other Areas ===========================

(Currently there is no automatic fix for this section.)

HKU\S-1-5-21-3164086441-1288322857-271608641-1001\Control Panel\Desktop\\Wallpaper -> C:\Users\Roman\AppData\Local\Microsoft\Windows\Themes\Community\DesktopBackground\9_kennysimpson-microphone.jpg
DNS Servers: 172.16.32.3 - 93.93.32.32
HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Policies\System => (ConsentPromptBehaviorAdmin: 5) (ConsentPromptBehaviorUser: 3) (EnableLUA: 1)
HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer => (SmartScreenEnabled: RequireAdmin)
Windows Firewall is disabled.

==================== MSCONFIG/TASK MANAGER disabled items ==

(If an entry is included in the fixlist, it will be removed.)

HKLM\...\StartupApproved\StartupFolder: => "Avast SecureLine.lnk"
HKLM\...\StartupApproved\StartupFolder: => "Avast SecureLine VPN.lnk"
HKLM\...\StartupApproved\Run: => "SecurityHealth"
HKLM\...\StartupApproved\Run: => "RTHDVCPL"
HKLM\...\StartupApproved\Run: => "AvastUI.exe"
HKLM\...\StartupApproved\Run: => "AdobeAAMUpdater-1.0"
HKLM\...\StartupApproved\Run: => "iTunesHelper"
HKLM\...\StartupApproved\Run32: => "Live Update"
HKLM\...\StartupApproved\Run32: => "HP Software Update"
HKLM\...\StartupApproved\Run32: => "AdobeCS6ServiceManager"
HKLM\...\StartupApproved\Run32: => "SwitchBoard"
HKLM\...\StartupApproved\Run32: => "Discord"
HKLM\...\StartupApproved\Run32: => "Opera Browser Assistant"
HKU\S-1-5-21-3164086441-1288322857-271608641-1001\...\StartupApproved\StartupFolder: => "Sledovat výstrahy inkoustu - HP Deskjet 1510 series.lnk"
HKU\S-1-5-21-3164086441-1288322857-271608641-1001\...\StartupApproved\Run: => "CCleaner Monitoring"
HKU\S-1-5-21-3164086441-1288322857-271608641-1001\...\StartupApproved\Run: => "EADM"
HKU\S-1-5-21-3164086441-1288322857-271608641-1001\...\StartupApproved\Run: => "Steam"
HKU\S-1-5-21-3164086441-1288322857-271608641-1001\...\StartupApproved\Run: => "WTFast Tray"
HKU\S-1-5-21-3164086441-1288322857-271608641-1001\...\StartupApproved\Run: => "DAEMON Tools Lite Automount"
HKU\S-1-5-21-3164086441-1288322857-271608641-1001\...\StartupApproved\Run: => "PicPick Start"
HKU\S-1-5-21-3164086441-1288322857-271608641-1001\...\StartupApproved\Run: => "Discord"
HKU\S-1-5-21-3164086441-1288322857-271608641-1001\...\StartupApproved\Run: => "CCleaner Smart Cleaning"
HKU\S-1-5-21-3164086441-1288322857-271608641-1001\...\StartupApproved\Run: => "DAEMON Tools Ultra Automount"
HKU\S-1-5-21-3164086441-1288322857-271608641-1001\...\StartupApproved\Run: => "GoogleDriveFS"
HKU\S-1-5-21-3164086441-1288322857-271608641-1001\...\StartupApproved\Run: => "Battle.net"
HKU\S-1-5-21-3164086441-1288322857-271608641-1001\...\StartupApproved\Run: => "MicrosoftEdgeAutoLaunch_66D161819F0EAC1A9819F518A968ED0B"

[PARKR]

pokračování ..
==================== FirewallRules (Whitelisted) ================

(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)

FirewallRules: [{98C150A3-E423-4E7E-A9FE-C59D25D7E825}] => (Allow) C:\Program Files\Electronic Arts\EA Desktop\EA Desktop\EABackgroundService.exe (Electronic Arts, Inc. -> Electronic Arts)
FirewallRules: [{F908FDFB-B8AE-4A96-AB15-F7A943C5736D}] => (Allow) C:\Program Files\Electronic Arts\EA Desktop\EA Desktop\EABackgroundService.exe (Electronic Arts, Inc. -> Electronic Arts)
FirewallRules: [{5CD1BD55-DB9C-41AB-9F55-49C97F722826}] => (Allow) C:\Program Files\Electronic Arts\EA Desktop\EA Desktop\EAConnect_microsoft.exe (Electronic Arts, Inc. -> Electronic Arts)
FirewallRules: [{C5734AE2-1F3E-4509-A510-8F22E043FD39}] => (Allow) C:\Program Files\Electronic Arts\EA Desktop\EA Desktop\EAConnect_microsoft.exe (Electronic Arts, Inc. -> Electronic Arts)
FirewallRules: [{00BB64FF-5E02-46B0-8CAA-8B8C86D341DA}] => (Allow) C:\Program Files\Electronic Arts\EA Desktop\EA Desktop\EADesktop.exe (Electronic Arts, Inc. -> Electronic Arts)
FirewallRules: [{B793BC42-CC6B-4E1B-9F5F-03DACEBAC7D3}] => (Allow) C:\Program Files\Electronic Arts\EA Desktop\EA Desktop\EADesktop.exe (Electronic Arts, Inc. -> Electronic Arts)
FirewallRules: [{E8E954F6-6E1C-40F8-9CBA-B5C950A3F30D}] => (Allow) C:\Program Files\Electronic Arts\EA Desktop\EA Desktop\EAGEP.exe (Electronic Arts, Inc. -> Electronic Arts)
FirewallRules: [{91FCC058-AD0F-48D8-8022-A565032A171C}] => (Allow) C:\Program Files\Electronic Arts\EA Desktop\EA Desktop\EAGEP.exe (Electronic Arts, Inc. -> Electronic Arts)
FirewallRules: [{9F3DB691-DB48-43CD-B341-C1455885EB72}] => (Allow) C:\Program Files\Electronic Arts\EA Desktop\EA Desktop\EALocalHostSvc.exe (Electronic Arts, Inc. -> Electronic Arts)
FirewallRules: [{9649B6F9-685F-4DEF-BEDC-0A633DA3B7B0}] => (Allow) C:\Program Files\Electronic Arts\EA Desktop\EA Desktop\EALocalHostSvc.exe (Electronic Arts, Inc. -> Electronic Arts)
FirewallRules: [{ECF1B762-AE64-4103-8A24-C0286A1670B7}] => (Allow) C:\Program Files\Electronic Arts\EA Desktop\EA Desktop\EALaunchHelper.exe (Electronic Arts, Inc. -> Electronic Arts)
FirewallRules: [TCP Query User{677F3703-97E0-496E-9F08-5091A4E256ED}D:\battlefield 4\battlefield 4\bf4.exe] => (Allow) D:\battlefield 4\battlefield 4\bf4.exe (Electronic Arts -> EA Digital Illusions CE AB)
FirewallRules: [UDP Query User{B0DE1F9C-89D1-43A0-A12E-44608F40858A}D:\battlefield 4\battlefield 4\bf4.exe] => (Allow) D:\battlefield 4\battlefield 4\bf4.exe (Electronic Arts -> EA Digital Illusions CE AB)
FirewallRules: [TCP Query User{96BB1A1D-F84C-4AE7-A07C-6DCBD2BD8EF7}D:\crysis 3\instalace\crysis3remastered\bin64\crysis3remastered.exe] => (Allow) D:\crysis 3\instalace\crysis3remastered\bin64\crysis3remastered.exe (Crytek GmbH) [File not signed]
FirewallRules: [UDP Query User{7FC40B18-01CE-45D9-8438-F964B78B3071}D:\crysis 3\instalace\crysis3remastered\bin64\crysis3remastered.exe] => (Allow) D:\crysis 3\instalace\crysis3remastered\bin64\crysis3remastered.exe (Crytek GmbH) [File not signed]
FirewallRules: [{E8F5E4E6-9F89-4F1E-A6FB-5EA7C3AE6777}] => (Block) D:\crysis 3\instalace\crysis3remastered\bin64\crysis3remastered.exe (Crytek GmbH) [File not signed]
FirewallRules: [{F54C9B1C-DE4F-4EC5-8ACC-DE409DA10E1C}] => (Block) D:\crysis 3\instalace\crysis3remastered\bin64\crysis3remastered.exe (Crytek GmbH) [File not signed]
FirewallRules: [{3CF43EC1-108E-460E-8F62-6BF3150EE50F}] => (Allow) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe (Google LLC -> Google LLC)

==================== Restore Points =========================

19-12-2023 16:28:15 End of disinfection
19-12-2023 16:59:11 Instalační služba modulů systému Windows

==================== Faulty Device Manager Devices ============

Name: Standardní klávesnice PS/2
Description: Standardní klávesnice PS/2
Class Guid: {4d36e96b-e325-11ce-bfc1-08002be10318}
Manufacturer: (Standardní klávesnice)
Service: i8042prt
Problem: : This device is not present, is not working properly, or does not have all its drivers installed. (Code 24)
Resolution: The device is installed incorrectly. The problem could be a hardware failure, or a new driver might be needed.
Devices stay in this state if they have been prepared for removal.
After you remove the device, this error disappears.Remove the device, and this error should be resolved.

Name: Myš Microsoft PS/2
Description: Myš Microsoft PS/2
Class Guid: {4d36e96f-e325-11ce-bfc1-08002be10318}
Manufacturer: Microsoft
Service: i8042prt
Problem: : This device is not present, is not working properly, or does not have all its drivers installed. (Code 24)
Resolution: The device is installed incorrectly. The problem could be a hardware failure, or a new driver might be needed.
Devices stay in this state if they have been prepared for removal.
After you remove the device, this error disappears.Remove the device, and this error should be resolved.


==================== Event log errors: ========================

Application errors:
==================
Error: (12/19/2023 07:05:36 PM) (Source: Microsoft-Windows-LoadPerf) (EventID: 3011) (User: NT AUTHORITY)
Description: Unloading the performance counter strings for service WmiApRpl (WmiApRpl) failed. The first DWORD in the Data section contains the error code.

Error: (12/19/2023 07:05:36 PM) (Source: Microsoft-Windows-LoadPerf) (EventID: 3012) (User: NT AUTHORITY)
Description: The performance strings in the Performance registry value is corrupted when process Performance extension counter provider. The BaseIndex value from the Performance registry is the first DWORD in the Data section, LastCounter value is the second DWORD in the Data section, and LastHelp value is the third DWORD in the Data section.

Error: (12/19/2023 07:05:36 PM) (Source: Microsoft-Windows-LoadPerf) (EventID: 3012) (User: NT AUTHORITY)
Description: The performance strings in the Performance registry value is corrupted when process Performance extension counter provider. The BaseIndex value from the Performance registry is the first DWORD in the Data section, LastCounter value is the second DWORD in the Data section, and LastHelp value is the third DWORD in the Data section.

Error: (12/19/2023 06:41:23 PM) (Source: Microsoft-Windows-LoadPerf) (EventID: 3011) (User: NT AUTHORITY)
Description: Unloading the performance counter strings for service WmiApRpl (WmiApRpl) failed. The first DWORD in the Data section contains the error code.

Error: (12/19/2023 06:41:23 PM) (Source: Microsoft-Windows-LoadPerf) (EventID: 3012) (User: NT AUTHORITY)
Description: The performance strings in the Performance registry value is corrupted when process Performance extension counter provider. The BaseIndex value from the Performance registry is the first DWORD in the Data section, LastCounter value is the second DWORD in the Data section, and LastHelp value is the third DWORD in the Data section.

Error: (12/19/2023 06:41:23 PM) (Source: Microsoft-Windows-LoadPerf) (EventID: 3012) (User: NT AUTHORITY)
Description: The performance strings in the Performance registry value is corrupted when process Performance extension counter provider. The BaseIndex value from the Performance registry is the first DWORD in the Data section, LastCounter value is the second DWORD in the Data section, and LastHelp value is the third DWORD in the Data section.

Error: (12/19/2023 05:21:49 PM) (Source: Microsoft-Windows-LoadPerf) (EventID: 3011) (User: NT AUTHORITY)
Description: Unloading the performance counter strings for service WmiApRpl (WmiApRpl) failed. The first DWORD in the Data section contains the error code.

Error: (12/19/2023 05:21:49 PM) (Source: Microsoft-Windows-LoadPerf) (EventID: 3012) (User: NT AUTHORITY)
Description: The performance strings in the Performance registry value is corrupted when process Performance extension counter provider. The BaseIndex value from the Performance registry is the first DWORD in the Data section, LastCounter value is the second DWORD in the Data section, and LastHelp value is the third DWORD in the Data section.


System errors:
=============
Error: (12/19/2023 05:47:59 PM) (Source: DCOM) (EventID: 10010) (User: ROMAN)
Description: Server Windows.Gaming.GameBar.PresenceServer.Internal.PresenceWriter se v daném časovém limitu neregistroval u služby DCOM.

Error: (12/19/2023 05:02:30 PM) (Source: EventLog) (EventID: 6008) (User: )
Description: Předchozí vypnutí systému (16:54:37, ‎19.‎12.‎2023) bylo neočekávané.

Error: (12/19/2023 04:48:01 PM) (Source: DCOM) (EventID: 10010) (User: ROMAN)
Description: Server {9BA05972-F6A8-11CF-A442-00A0C90A8F39} se v daném časovém limitu neregistroval u služby DCOM.

Error: (12/19/2023 04:16:16 PM) (Source: Service Control Manager) (EventID: 7001) (User: )
Description: Služba hvsics závisí na službě CmService, která neuspěla při spuštění v důsledku následující chyby:
Nepodařilo se zahájit závislou službu nebo skupinu.

Error: (12/19/2023 04:16:16 PM) (Source: Service Control Manager) (EventID: 7001) (User: )
Description: Služba CmService závisí na službě hns, která neuspěla při spuštění v důsledku následující chyby:
Nepodařilo se zahájit závislou službu nebo skupinu.

Error: (12/19/2023 04:16:16 PM) (Source: Service Control Manager) (EventID: 7000) (User: )
Description: Služba VMSP neuspěla při spuštění v důsledku následující chyby:
K dokončení požadované služby není k dispozici dostatek prostředků.

Error: (12/19/2023 04:16:15 PM) (Source: Service Control Manager) (EventID: 7001) (User: )
Description: Služba hns závisí na službě VfpExt, která neuspěla při spuštění v důsledku následující chyby:
Zařízení připojené k systému nefunguje.

Error: (12/19/2023 12:03:43 PM) (Source: DCOM) (EventID: 10010) (User: ROMAN)
Description: Server Windows.Gaming.GameBar.PresenceServer.Internal.PresenceWriter se v daném časovém limitu neregistroval u služby DCOM.


Windows Defender:
================
Date: 2023-11-29 17:41:26
Description:
Antivirová ochrana v programu Microsoft Defender zjistil malware nebo jiný potenciálně nežádoucí software.
Další informace:
https://go.microsoft.com/fwlink/?linkid ... terprise=0
Název: HackTool:Win32/DefenderControl!MSR
Závažnost: Vysoké
Kategorie: Nástroj
Cesta: containerfile:_C:\Users\Roman\Desktop\aktivace\defender 2.1.rar; file:_C:\Users\Roman\Desktop\aktivace\defender 2.1.rar->defender 2.1\dControl.exe; webfile:_C:\Users\Roman\Desktop\aktivace\defender 2.1.rar|https://vip.17.dl.webshare.cz/8300/udt78FbdZM/524288000/eJw1jstqwzAQRX+lzKIrIUvWcwQhu2xC3VUIFEORI4kEgh3GdgMp_fcqhS7v4d4z8w0RAkhnuRQtl0ZxVMDgAkEwWCBIJ1qpEFEy+KqRwQrBoPHIYP7LNwgLrZnBWEUplzymTC_VxSlSVaWK0SpVinZWe_TxVMSAyVkUSlhvo8bBtlliq5_1ehTK5Zo_03Qfr1NMFVJl9zzM50iZnx598yz0zZoW53dD+njrm20mmmhz6Pbd+7F7nTZ1ttD_b_MDgjbGa_XzCyjAQnk/18861133d4ea7b2efc97b6de7cf20efef6e60dc3/defender-2.1.rar|pid:10152,ProcessStart:133457496857493660
Původ detekce: Internet
Typ detekce: Konkrétní
Zdroj detekce: Soubory ke stažení a přílohy
Uživatel: Roman\Roman
Název procesu: Unknown
Verze bezpečnostních informací: AV: 1.401.1392.0, AS: 1.401.1392.0, NIS: 1.401.1392.0
Verze modulu: AM: 1.1.23100.2009, NIS: 1.1.23100.2009

Date: 2023-11-29 17:41:15
Description:
Antivirová ochrana v programu Microsoft Defender zjistil malware nebo jiný potenciálně nežádoucí software.
Další informace:
https://go.microsoft.com/fwlink/?linkid ... terprise=0
Název: HackTool:Win32/DefenderControl!MSR
Závažnost: Vysoké
Kategorie: Nástroj
Cesta: containerfile:_C:\Users\Roman\Desktop\aktivace\defender 2.1.rar; file:_C:\Users\Roman\Desktop\aktivace\defender 2.1.rar->defender 2.1\dControl.exe; webfile:_C:\Users\Roman\Desktop\aktivace\defender 2.1.rar|https://vip.17.dl.webshare.cz/8300/udt78FbdZM/524288000/eJw1jstqwzAQRX+lzKIrIUvWcwQhu2xC3VUIFEORI4kEgh3GdgMp_fcqhS7v4d4z8w0RAkhnuRQtl0ZxVMDgAkEwWCBIJ1qpEFEy+KqRwQrBoPHIYP7LNwgLrZnBWEUplzymTC_VxSlSVaWK0SpVinZWe_TxVMSAyVkUSlhvo8bBtlliq5_1ehTK5Zo_03Qfr1NMFVJl9zzM50iZnx598yz0zZoW53dD+njrm20mmmhz6Pbd+7F7nTZ1ttD_b_MDgjbGa_XzCyjAQnk/18861133d4ea7b2efc97b6de7cf20efef6e60dc3/defender-2.1.rar|pid:9316,ProcessStart:133457496747767797
Původ detekce: Internet
Typ detekce: Konkrétní
Zdroj detekce: Soubory ke stažení a přílohy
Uživatel: Roman\Roman
Název procesu: Unknown
Verze bezpečnostních informací: AV: 1.401.1392.0, AS: 1.401.1392.0, NIS: 1.401.1392.0
Verze modulu: AM: 1.1.23100.2009, NIS: 1.1.23100.2009

Date: 2023-11-28 19:52:22
Description:
Antivirová ochrana v programu Microsoft Defender zjistil malware nebo jiný potenciálně nežádoucí software.
Další informace:
https://go.microsoft.com/fwlink/?linkid ... terprise=0
Název: Backdoor:Win32/Bladabindi!ml
Závažnost: Vážné
Kategorie: Zadní vrátka
Cesta: file:_C:\Users\Roman\AppData\Local\Temp\Temp1_Ccleaner Professional v5 12 5431 FINAL Serials.zip\Ccleaner Professional v5 12 5431 FINAL + Serials.exe
Původ detekce: Místní počítač
Typ detekce: FastPath
Zdroj detekce: Ochrana v reálném čase
Uživatel: Roman\Roman
Název procesu: C:\Windows\explorer.exe
Verze bezpečnostních informací: AV: 1.401.1290.0, AS: 1.401.1290.0, NIS: 1.401.1290.0
Verze modulu: AM: 1.1.23100.2009, NIS: 1.1.23100.2009

Date: 2023-11-28 19:52:06
Description:
Antivirová ochrana v programu Microsoft Defender zjistil malware nebo jiný potenciálně nežádoucí software.
Další informace:
https://go.microsoft.com/fwlink/?linkid ... terprise=0
Název: Backdoor:Win32/Bladabindi!ml
Závažnost: Vážné
Kategorie: Zadní vrátka
Cesta: file:_C:\Users\Roman\AppData\Local\Temp\Temp1_Ccleaner Professional v5 12 5431 FINAL Serials.zip\Ccleaner Professional v5 12 5431 FINAL + Serials.exe
Původ detekce: Místní počítač
Typ detekce: FastPath
Zdroj detekce: Ochrana v reálném čase
Uživatel: Roman\Roman
Název procesu: C:\Windows\explorer.exe
Verze bezpečnostních informací: AV: 1.401.1290.0, AS: 1.401.1290.0, NIS: 1.401.1290.0
Verze modulu: AM: 1.1.23100.2009, NIS: 1.1.23100.2009

Date: 2023-11-28 19:51:58
Description:
Antivirová ochrana v programu Microsoft Defender zjistil malware nebo jiný potenciálně nežádoucí software.
Další informace:
https://go.microsoft.com/fwlink/?linkid ... terprise=0
Název: Backdoor:Win32/Bladabindi!ml
Závažnost: Vážné
Kategorie: Zadní vrátka
Cesta: file:_C:\Users\Roman\AppData\Local\Temp\Temp1_Ccleaner Professional v5 12 5431 FINAL Serials.zip\Ccleaner Professional v5 12 5431 FINAL + Serials.exe
Původ detekce: Místní počítač
Typ detekce: FastPath
Zdroj detekce: Systém
Uživatel: NT AUTHORITY\SYSTEM
Název procesu: C:\Windows\explorer.exe
Verze bezpečnostních informací: AV: 1.401.1290.0, AS: 1.401.1290.0, NIS: 1.401.1290.0
Verze modulu: AM: 1.1.23100.2009, NIS: 1.1.23100.2009

CodeIntegrity:
===============
Date: 2023-12-17 18:31:38
Description:
Code Integrity determined that a process (\Device\HarddiskVolume2\Program Files (x86)\Google\Chrome\Application\chrome.exe) attempted to load \Device\HarddiskVolume2\Program Files\Malwarebytes\Anti-Malware\mbae64.dll that did not meet the Microsoft signing level requirements.

Date: 2023-12-17 18:31:38
Description:
Code Integrity determined that a process (\Device\HarddiskVolume2\Program Files (x86)\Google\Chrome\Application\chrome.exe) attempted to load \Device\HarddiskVolume2\Windows\System32\iseguard64.dll that did not meet the Microsoft signing level requirements.


==================== Memory info ===========================

BIOS: American Megatrends Inc. C.A0 10/17/2016
Motherboard: MSI B150 PC MATE (MS-7971)
Processor: Intel(R) Core(TM) i5-7400 CPU @ 3.00GHz
Percentage of memory in use: 55%
Total physical RAM: 8155.14 MB
Available physical RAM: 3646.39 MB
Total Virtual: 23515.14 MB
Available Virtual: 16287.33 MB

==================== Drives ================================

Drive c: () (Fixed) (Total:110.92 GB) (Free:30.63 GB) (Model: KINGSTON SUV400S37120G) NTFS
Drive d: () (Fixed) (Total:931.5 GB) (Free:438.59 GB) (Model: ST1000DM010-2EP102) NTFS

\\?\Volume{0d4f050d-0f1a-11e7-824b-806e6f6e6963}\ (Rezervováno systémem) (Fixed) (Total:0.34 GB) (Free:0.09 GB) NTFS
\\?\Volume{629458e4-0000-0000-0000-010000000000}\ (PortableBaseLayer) (Fixed) (Total:8 GB) (Free:7.49 GB) NTFS
\\?\Volume{9144be72-0000-0000-0000-b0d01b000000}\ () (Fixed) (Total:0.53 GB) (Free:0.08 GB) NTFS

==================== MBR & Partition Table ====================

==========================================================
Disk: 0 (MBR Code: Windows 7/8/10) (Size: 111.8 GB) (Disk ID: 9144BE72)
Partition 1: (Active) - (Size=350 MB) - (Type=07 NTFS)
Partition 2: (Not Active) - (Size=110.9 GB) - (Type=07 NTFS)
Partition 3: (Not Active) - (Size=540 MB) - (Type=27)

==========================================================
Disk: 1 (MBR Code: Windows 7/8/10) (Size: 931.5 GB) (Disk ID: C87BC87B)

Partition: GPT.

==========================================================
Disk: 2 (MBR Code: Windows 7/8/10) (Size: 8 GB) (Disk ID: 629458E4)
Partition 1: (Not Active) - (Size=8 GB) - (Type=07 NTFS)

==================== End of Addition.txt =======================

[jaro3]

Měl bys sis přečíst v logu security check, co odinstalovat ap.

Nepořádek - Avast, AVG, McAfee..

AVAST Software s.r.o. -> The OpenVPN Project
AnchorFree Inc -> The OpenVPN Project
Co platí? Nebo oboje VPN?

Prosím, postupuj následujícím způsobem:
Otevřít poznámkový blok (Start => Všechny programy => Příslušenství => Poznámkový blok).
Prosím, zkopíruj do něj celý obsah níže.

Kód: Vybrat vše

Start
CreateRestorePoint:
CloseProcesses:
HKLM\SOFTWARE\Microsoft\Windows Defender: [DisableAntiSpyware] Restriction <==== ATTENTION
HKLM\SOFTWARE\Microsoft\Windows Defender: [DisableAntiVirus] Restriction <==== ATTENTION
HKLM\SOFTWARE\Policies\Microsoft\Windows Defender: Restriction <==== ATTENTION
HKLM\SOFTWARE\Policies\Microsoft\Windows\WindowsUpdate: Restriction <==== ATTENTION
HKU\S-1-5-21-3164086441-1288322857-271608641-1001\...\MountPoints2: {fd953d6f-8e13-11ee-9142-4ccc6a6d0ec0} - "F:\setup.exe"
BootExecute: autocheck autochk * avgBoot.exe /M:6de394024a /dir:"C:\Program Files\AVG\Antivirus"
HKLM\SOFTWARE\Policies\Mozilla\Firefox: Restriction <==== ATTENTION
Task: {B4417120-B076-41FE-9795-089FD917282A} - System32\Tasks\Avast Software\Overseer => C:\Program Files\Common Files\Avast Software\Overseer\overseer.exe [2144664 2023-08-05] (Avast Software s.r.o. -> Avast Software)
Task: {7DB76F60-B46D-476C-A3D5-097F5D94C7FA} - System32\Tasks\GoogleUpdateTaskMachineCore => C:\Program Files (x86)\Google\Update\GoogleUpdate.exe [153752 2017-03-22] (Google Inc -> Google Inc.)
Task: {A68A477E-0EE5-4B83-8CC3-8FF5BA879940} - System32\Tasks\GoogleUpdateTaskMachineUA => C:\Program Files (x86)\Google\Update\GoogleUpdate.exe [153752 2017-03-22] (Google Inc -> Google Inc.)
Edge HKLM\...\Edge\Extension: [bojobppfploabceghnmlahpoonbcbacn]
Edge HKLM-x32\...\Edge\Extension: [bojobppfploabceghnmlahpoonbcbacn]
Edge HKLM-x32\...\Edge\Extension: [jcpgbnbdnakoblgfkbgggankeidkfcdl]
FF Plugin-x32: @videolan.org/vlc,version=2.2.8 -> C:\Program Files (x86)\VideoLAN\VLC\npvlc.dll [2021-06-18] (VideoLAN -> VideoLAN)
FF Plugin-x32: @videolan.org/vlc,version=3.0.8 -> C:\Program Files (x86)\VideoLAN\VLC\npvlc.dll [2021-06-18] (VideoLAN -> VideoLAN)
CHR HKLM\...\Chrome\Extension: [ihcjicgdanjaechkgeegckofjjedodee]
CHR HKLM-x32\...\Chrome\Extension: [aegnopegbbhjeeiganiajffnalhlkkjb]
CHR HKLM-x32\...\Chrome\Extension: [eofcbnmajmjmplflapaojjnihcjkigck]
CHR HKLM-x32\...\Chrome\Extension: [ihcjicgdanjaechkgeegckofjjedodee]
CHR HKLM-x32\...\Chrome\Extension: [llbcnfanfmjhpedaedhbcnpgeepdnnok]
C:\$AV_AVG
C:\ProgramData\AVG
C:\WINDOWS\system32\Tasks\GoogleUpdateTaskMachineUA
C:\WINDOWS\system32\Tasks\GoogleUpdateTaskMachineCore
C:\WINDOWS\system32\Tasks\COMODO
C:\ProgramData\McAfee
HKU\S-1-5-21-3164086441-1288322857-271608641-1001\Software\Classes\.scr: scrfile => <==== ATTENTION

Virustotal: C:\Program Files (x86)\pgqxfpxn0x.dat

EmptyTemp:
End

(Můžeš použít funkci „vybrat vše“, klepni pravým tlačítkem myši na levé horní políčko v otevřeném poznámkovém bloku a zvol „ Vložit“).

Ulož jej na na plochu jako fixlist.txt


Spusťt FRST a stiskni tlačítko „Fix“ (Opravit) jen jednou a čekej.
Nástroj vypracuje log na ploše (Fixlog.txt), prosím zkopíruj sem celý jeho obsah.

[PARKR]

Fix result of Farbar Recovery Scan Tool (x64) Version: 18-12-2023
Ran by Roman (19-12-2023 21:39:58) Run:1
Running from C:\Users\Roman\Desktop
Loaded Profiles: Roman
Boot Mode: Normal
==============================================

fixlist content:
*****************
Start
CreateRestorePoint:
CloseProcesses:
HKLM\SOFTWARE\Microsoft\Windows Defender: [DisableAntiSpyware] Restriction <==== ATTENTION
HKLM\SOFTWARE\Microsoft\Windows Defender: [DisableAntiVirus] Restriction <==== ATTENTION
HKLM\SOFTWARE\Policies\Microsoft\Windows Defender: Restriction <==== ATTENTION
HKLM\SOFTWARE\Policies\Microsoft\Windows\WindowsUpdate: Restriction <==== ATTENTION
HKU\S-1-5-21-3164086441-1288322857-271608641-1001\...\MountPoints2: {fd953d6f-8e13-11ee-9142-4ccc6a6d0ec0} - "F:\setup.exe"
BootExecute: autocheck autochk * avgBoot.exe /M:6de394024a /dir:"C:\Program Files\AVG\Antivirus"
HKLM\SOFTWARE\Policies\Mozilla\Firefox: Restriction <==== ATTENTION
Task: {B4417120-B076-41FE-9795-089FD917282A} - System32\Tasks\Avast Software\Overseer => C:\Program Files\Common Files\Avast Software\Overseer\overseer.exe [2144664 2023-08-05] (Avast Software s.r.o. -> Avast Software)
Task: {7DB76F60-B46D-476C-A3D5-097F5D94C7FA} - System32\Tasks\GoogleUpdateTaskMachineCore => C:\Program Files (x86)\Google\Update\GoogleUpdate.exe [153752 2017-03-22] (Google Inc -> Google Inc.)
Task: {A68A477E-0EE5-4B83-8CC3-8FF5BA879940} - System32\Tasks\GoogleUpdateTaskMachineUA => C:\Program Files (x86)\Google\Update\GoogleUpdate.exe [153752 2017-03-22] (Google Inc -> Google Inc.)
Edge HKLM\...\Edge\Extension: [bojobppfploabceghnmlahpoonbcbacn]
Edge HKLM-x32\...\Edge\Extension: [bojobppfploabceghnmlahpoonbcbacn]
Edge HKLM-x32\...\Edge\Extension: [jcpgbnbdnakoblgfkbgggankeidkfcdl]
FF Plugin-x32: @videolan.org/vlc,version=2.2.8 -> C:\Program Files (x86)\VideoLAN\VLC\npvlc.dll [2021-06-18] (VideoLAN -> VideoLAN)
FF Plugin-x32: @videolan.org/vlc,version=3.0.8 -> C:\Program Files (x86)\VideoLAN\VLC\npvlc.dll [2021-06-18] (VideoLAN -> VideoLAN)
CHR HKLM\...\Chrome\Extension: [ihcjicgdanjaechkgeegckofjjedodee]
CHR HKLM-x32\...\Chrome\Extension: [aegnopegbbhjeeiganiajffnalhlkkjb]
CHR HKLM-x32\...\Chrome\Extension: [eofcbnmajmjmplflapaojjnihcjkigck]
CHR HKLM-x32\...\Chrome\Extension: [ihcjicgdanjaechkgeegckofjjedodee]
CHR HKLM-x32\...\Chrome\Extension: [llbcnfanfmjhpedaedhbcnpgeepdnnok]
C:\$AV_AVG
C:\ProgramData\AVG
C:\WINDOWS\system32\Tasks\GoogleUpdateTaskMachineUA
C:\WINDOWS\system32\Tasks\GoogleUpdateTaskMachineCore
C:\WINDOWS\system32\Tasks\COMODO
C:\ProgramData\McAfee
HKU\S-1-5-21-3164086441-1288322857-271608641-1001\Software\Classes\.scr: scrfile => <==== ATTENTION

Virustotal: C:\Program Files (x86)\pgqxfpxn0x.dat

EmptyTemp:
End
*****************

Restore point was successfully created.
Processes closed successfully.
HKLM\SOFTWARE\Microsoft\Windows Defender\\"DisableAntiSpyware"="0" => value restored successfully
HKLM\SOFTWARE\Microsoft\Windows Defender\\"DisableAntiVirus"="0" => value restored successfully
HKLM\SOFTWARE\Policies\Microsoft\Windows Defender => removed successfully
HKLM\SOFTWARE\Policies\Microsoft\Windows\WindowsUpdate => removed successfully
HKU\S-1-5-21-3164086441-1288322857-271608641-1001\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\MountPoints2\{fd953d6f-8e13-11ee-9142-4ccc6a6d0ec0} => removed successfully
HKLM\System\CurrentControlSet\Control\Session Manager\\"BootExecute"="autocheck autochk *" => value restored successfully
HKLM\SOFTWARE\Policies\Mozilla => removed successfully
"HKLM\Software\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Boot\{B4417120-B076-41FE-9795-089FD917282A}" => removed successfully
"HKLM\Software\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tasks\{B4417120-B076-41FE-9795-089FD917282A}" => removed successfully
C:\WINDOWS\System32\Tasks\Avast Software\Overseer => moved successfully
"HKLM\Software\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tree\Avast Software\Overseer" => removed successfully
"HKLM\Software\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Logon\{7DB76F60-B46D-476C-A3D5-097F5D94C7FA}" => removed successfully
"HKLM\Software\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tasks\{7DB76F60-B46D-476C-A3D5-097F5D94C7FA}" => removed successfully
C:\WINDOWS\System32\Tasks\GoogleUpdateTaskMachineCore => moved successfully
"HKLM\Software\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tree\GoogleUpdateTaskMachineCore" => removed successfully
"HKLM\Software\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Plain\{A68A477E-0EE5-4B83-8CC3-8FF5BA879940}" => removed successfully
"HKLM\Software\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tasks\{A68A477E-0EE5-4B83-8CC3-8FF5BA879940}" => removed successfully
C:\WINDOWS\System32\Tasks\GoogleUpdateTaskMachineUA => moved successfully
"HKLM\Software\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tree\GoogleUpdateTaskMachineUA" => removed successfully
HKLM\SOFTWARE\Microsoft\Edge\Extensions\bojobppfploabceghnmlahpoonbcbacn => removed successfully
HKLM\SOFTWARE\Wow6432Node\Microsoft\Edge\Extensions\bojobppfploabceghnmlahpoonbcbacn => removed successfully
HKLM\SOFTWARE\Wow6432Node\Microsoft\Edge\Extensions\jcpgbnbdnakoblgfkbgggankeidkfcdl => removed successfully
"HKLM\Software\Wow6432Node\MozillaPlugins\@videolan.org/vlc,version=2.2.8 -> C:\Program Files (x86)\VideoLAN\VLC\npvlc.dll [2021-06-18] (VideoLAN" => not found
C:\Program Files (x86)\VideoLAN\VLC\npvlc.dll => moved successfully
"HKLM\Software\Wow6432Node\MozillaPlugins\@videolan.org/vlc,version=3.0.8 -> C:\Program Files (x86)\VideoLAN\VLC\npvlc.dll [2021-06-18] (VideoLAN" => not found
"C:\Program Files (x86)\VideoLAN\VLC\npvlc.dll" => not found
HKLM\SOFTWARE\Google\Chrome\Extensions\ihcjicgdanjaechkgeegckofjjedodee => removed successfully
HKLM\SOFTWARE\Wow6432Node\Google\Chrome\Extensions\aegnopegbbhjeeiganiajffnalhlkkjb => removed successfully
HKLM\SOFTWARE\Wow6432Node\Google\Chrome\Extensions\eofcbnmajmjmplflapaojjnihcjkigck => removed successfully
HKLM\SOFTWARE\Wow6432Node\Google\Chrome\Extensions\ihcjicgdanjaechkgeegckofjjedodee => removed successfully
HKLM\SOFTWARE\Wow6432Node\Google\Chrome\Extensions\llbcnfanfmjhpedaedhbcnpgeepdnnok => removed successfully

"C:\$AV_AVG" folder move:

C:\$AV_AVG => moved successfully

"C:\ProgramData\AVG" folder move:

C:\ProgramData\AVG => moved successfully
"C:\WINDOWS\system32\Tasks\GoogleUpdateTaskMachineUA" => not found
"C:\WINDOWS\system32\Tasks\GoogleUpdateTaskMachineCore" => not found

"C:\WINDOWS\system32\Tasks\COMODO" folder move:

C:\WINDOWS\system32\Tasks\COMODO => moved successfully

"C:\ProgramData\McAfee" folder move:

C:\ProgramData\McAfee => moved successfully
HKU\S-1-5-21-3164086441-1288322857-271608641-1001\Software\Classes\.scr => removed successfully
VirusTotal: C:\Program Files (x86)\pgqxfpxn0x.dat => 0

=========== EmptyTemp: ==========

FlushDNS => completed
BITS transfer queue => 1048576 B
DOMStore, IE Recovery, AppCache, Feeds Cache, Thumbcache, IconCache => 77864053 B
Java, Discord, Steam htmlcache, WinHttpAutoProxySvc/winhttp *.cache => 33114008 B
Windows/system/drivers => 1603904 B
Edge => 0 B
Chrome => 646442 B
Firefox => 147899 B
Opera => 28351744 B

Temp, IE cache, history, cookies, recent:
Default => 0 B
ProgramData => 0 B
Public => 0 B
systemprofile => 0 B
systemprofile32 => 0 B
LocalService => 0 B
NetworkService => 0 B
Roman => 4602702 B

RecycleBin => 2533367 B
EmptyTemp: => 143 MB temporary data Removed.

================================


The system needed a reboot.

==== End of Fixlog 21:40:14 ====

[jaro3]

Co ty VPN?
Dej vědět jak je na tom Windows Defender.

[PARKR]

Po spuštění se Windefender nerozjel . Jinak VPN jsem neaktivoval aspoň teda o tom nevím . Možná nějak nevědomky . Myslíš že je to může spůsobovat ono ? Nejspíše jsem něco do PC natáhl Jako když zapnu PC a jdu do nastavení Win zabezpečení , tak ikona se tváří že dobrý ,ale bez fajfky zelené jen je tam pod ní napsáno Neznámé a pak během chvilky už jen upozorní že PC není chráněno před viry a zapněte antivirovou ochranu . po kliknutí na hlášku v panelu vpravo už se dostanu do nastavení win zabezpečení a zbytek už známe