Prosím o kontrolu logu - divné chování pr. tl. myši Vyřešeno

[karbi02]

Ahoj, prosím o kontrolu logu. Nově nainstalované pc. Při kliknutí na pravé tlačitko myši často nereaguje, nebo vidím část textu schovanou pod spuštěným oknem.
Přetahal jsem hromadu věci ze starého pc.... Myši jsem vyzkoušel tři, stále problém.
Eset blokuje komunikaci Software Radeon.

Logfile of Trend Micro HijackThis v2.0.4
Scan saved at 20:38:26, on 16.03.2022
Platform: Unknown Windows (WinNT 6.02.1008)
MSIE: Internet Explorer v11.0 (11.00.19041.1566)
Boot mode: Normal

Running processes:
C:\Program Files (x86)\Microsoft\Skype for Desktop\Skype.exe
C:\Program Files (x86)\Microsoft\Skype for Desktop\Skype.exe
C:\Program Files (x86)\Microsoft\Skype for Desktop\Skype.exe
C:\Program Files (x86)\Microsoft\Skype for Desktop\Skype.exe
C:\Program Files (x86)\Microsoft\Skype for Desktop\Skype.exe
C:\Program Files (x86)\Steam\steam.exe
C:\Program Files (x86)\Microsoft\Skype for Desktop\Skype.exe
C:\Windows\SysWOW64\DllHost.exe
C:\Users\Libor\Downloads\hijackthis.exe

R1 - HKCU\Software\Microsoft\Internet Explorer\Main,Search Page = http://go.microsoft.com/fwlink/?LinkId=54896
R0 - HKCU\Software\Microsoft\Internet Explorer\Main,Start Page = http://go.microsoft.com/fwlink/p/?LinkId=255141
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = http://go.microsoft.com/fwlink/p/?LinkId=255141
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Search_URL = http://go.microsoft.com/fwlink/?LinkId=54896
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Search Page = http://go.microsoft.com/fwlink/?LinkId=54896
R0 - HKLM\Software\Microsoft\Internet Explorer\Main,Start Page = http://go.microsoft.com/fwlink/p/?LinkId=255141
R0 - HKLM\Software\Microsoft\Internet Explorer\Search,SearchAssistant =
R0 - HKLM\Software\Microsoft\Internet Explorer\Search,CustomizeSearch =
R0 - HKCU\Software\Microsoft\Internet Explorer\Main,Local Page = %11%\blank.htm
R0 - HKLM\Software\Microsoft\Internet Explorer\Main,Local Page = C:\Windows\SysWOW64\blank.htm
R0 - HKCU\Software\Microsoft\Internet Explorer\Toolbar,LinksFolderName =
F2 - REG:system.ini: UserInit=
O2 - BHO: IEToEdge BHO - {1FD49718-1D00-4B19-AF5F-070AF6D5D54C} - C:\Program Files (x86)\Microsoft\Edge\Application\99.0.1150.39\BHO\ie_to_edge_bho.dll
O2 - BHO: Lync Click to Call BHO - {31D09BA0-12F5-4CCE-BE8A-2923E76605DA} - C:\Program Files (x86)\Microsoft Office\root\Office16\OCHelper.dll
O4 - HKCU\..\Run: [OneDrive] "C:\Program Files\Microsoft OneDrive\OneDrive.exe" /background
O4 - HKCU\..\Run: [Skype for Desktop] C:\Program Files (x86)\Microsoft\Skype for Desktop\Skype.exe
O4 - HKCU\..\Run: [Steam] "C:\Program Files (x86)\Steam\steam.exe" -silent
O4 - HKCU\..\Run: [CCleaner Smart Cleaning] "C:\Program Files\CCleaner\CCleaner64.exe" /MONITOR
O8 - Extra context menu item: E&xport to Microsoft Excel - res://C:\Program Files (x86)\Microsoft Office\root\Office16\EXCEL.EXE/3000
O8 - Extra context menu item: Se&nd to OneNote - res://C:\Program Files (x86)\Microsoft Office\root\Office16\ONBttnIE.dll/105
O9 - Extra button: Send to OneNote - {2670000A-7350-4f3c-8081-5663EE0C6C49} - C:\Program Files (x86)\Microsoft Office\root\Office16\ONBttnIE.dll
O9 - Extra 'Tools' menuitem: Se&nd to OneNote - {2670000A-7350-4f3c-8081-5663EE0C6C49} - C:\Program Files (x86)\Microsoft Office\root\Office16\ONBttnIE.dll
O9 - Extra button: Lync Click to Call - {31D09BA0-12F5-4CCE-BE8A-2923E76605DA} - C:\Program Files (x86)\Microsoft Office\root\Office16\OCHelper.dll
O9 - Extra 'Tools' menuitem: Lync Click to Call - {31D09BA0-12F5-4CCE-BE8A-2923E76605DA} - C:\Program Files (x86)\Microsoft Office\root\Office16\OCHelper.dll
O9 - Extra button: OneNote Lin&ked Notes - {789FE86F-6FC4-46A1-9849-EDE0DB0C95CA} - C:\Program Files (x86)\Microsoft Office\root\Office16\ONBttnIELinkedNotes.dll
O9 - Extra 'Tools' menuitem: OneNote Lin&ked Notes - {789FE86F-6FC4-46A1-9849-EDE0DB0C95CA} - C:\Program Files (x86)\Microsoft Office\root\Office16\ONBttnIELinkedNotes.dll
O11 - Options group: [ACCELERATED_GRAPHICS] Accelerated graphics
O18 - Protocol: mso-minsb-roaming.16 - {83C25742-A9F7-49FB-9138-434302C88D07} - C:\Program Files (x86)\Microsoft Office\root\Office16\MSOSB.DLL
O18 - Protocol: mso-minsb.16 - {42089D2D-912D-4018-9087-2B87803E93FB} - C:\Program Files (x86)\Microsoft Office\root\Office16\MSOSB.DLL
O18 - Protocol: osf-roaming.16 - {42089D2D-912D-4018-9087-2B87803E93FB} - C:\Program Files (x86)\Microsoft Office\root\Office16\MSOSB.DLL
O18 - Protocol: osf.16 - {5504BE45-A83B-4808-900A-3A5C36E7F77A} - C:\Program Files (x86)\Microsoft Office\root\Office16\MSOSB.DLL
O18 - Protocol: tbauth - {14654CA6-5711-491D-B89A-58E571679951} - C:\Windows\SysWOW64\tbauth.dll
O18 - Protocol: windows.tbauth - {14654CA6-5711-491D-B89A-58E571679951} - C:\Windows\SysWOW64\tbauth.dll
O18 - Filter hijack: text/xml - {807583E5-5146-11D5-A672-00B0D022E945} - C:\Program Files (x86)\Microsoft Office\root\VFS\ProgramFilesCommonX86\Microsoft Shared\Office16\MSOXMLMF.DLL
O23 - Service: @%SystemRoot%\system32\Alg.exe,-112 (ALG) - Unknown owner - C:\Windows\System32\alg.exe (file missing)
O23 - Service: AMD Crash Defender Service - Unknown owner - C:\Windows\System32\amdfendrsr.exe (file missing)
O23 - Service: AMD External Events Utility - AMD - C:\Windows\System32\DriverStore\FileRepository\u0372545.inf_amd64_56d459236871c3f2\B372333\atiesrxx.exe
O23 - Service: AsusCertService - ASUSTek COMPUTER INC. - C:\Program Files (x86)\ASUS\AsusCertService\AsusCertService.exe
O23 - Service: AsusUpdateCheck - Unknown owner - C:\Windows\System32\AsusUpdateCheck.exe (file missing)
O23 - Service: @%SystemRoot%\system32\CredentialEnrollmentManager.exe,-100 (CredentialEnrollmentManagerUserSvc) - Unknown owner - C:\Windows\system32\CredentialEnrollmentManager.exe (file missing)
O23 - Service: CredentialEnrollmentManagerUserSvc_48ace - Unknown owner - C:\Windows\system32\CredentialEnrollmentManager.exe (file missing)
O23 - Service: @%SystemRoot%\system32\DiagSvcs\DiagnosticsHub.StandardCollector.ServiceRes.dll,-1000 (diagnosticshub.standardcollector.service) - Unknown owner - C:\Windows\system32\DiagSvcs\DiagnosticsHub.StandardCollector.Service.exe (file missing)
O23 - Service: DtsApo4Service - Unknown owner - C:\Windows\System32\DTS\PC\APO4x\DtsApo4Service.exe (file missing)
O23 - Service: @%SystemRoot%\system32\efssvc.dll,-100 (EFS) - Unknown owner - C:\Windows\System32\lsass.exe (file missing)
O23 - Service: ESET Service (ekrn) - ESET - C:\Program Files\ESET\ESET Security\ekrn.exe
O23 - Service: ESET Firewall Helper (ekrnEpfw) - ESET - C:\Program Files\ESET\ESET Security\ekrn.exe
O23 - Service: @%systemroot%\system32\fxsresm.dll,-118 (Fax) - Unknown owner - C:\Windows\system32\fxssvc.exe (file missing)
O23 - Service: Intel(R) Dynamic Application Loader Host Interface Service (jhi_service) - Intel Corporation - C:\Windows\System32\DriverStore\FileRepository\dal.inf_amd64_b5484efd38adbe8d\jhi_service.exe
O23 - Service: @keyiso.dll,-100 (KeyIso) - Unknown owner - C:\Windows\system32\lsass.exe (file missing)
O23 - Service: Mozilla Maintenance Service (MozillaMaintenance) - Mozilla Foundation - C:\Program Files (x86)\Mozilla Maintenance Service\maintenanceservice.exe
O23 - Service: @comres.dll,-2797 (MSDTC) - Unknown owner - C:\Windows\System32\msdtc.exe (file missing)
O23 - Service: @%SystemRoot%\System32\netlogon.dll,-102 (Netlogon) - Unknown owner - C:\Windows\system32\lsass.exe (file missing)
O23 - Service: @%systemroot%\system32\PerceptionSimulation\PerceptionSimulationService.exe,-101 (perceptionsimulation) - Unknown owner - C:\Windows\system32\PerceptionSimulation\PerceptionSimulationService.exe (file missing)
O23 - Service: ROG Live Service - ASUSTek COMPUTER INC. - C:\Program Files (x86)\ASUS\ROG Live Service\ROGLiveService.exe
O23 - Service: @%systemroot%\system32\Locator.exe,-2 (RpcLocator) - Unknown owner - C:\Windows\system32\locator.exe (file missing)
O23 - Service: Realtek Audio Universal Service (RtkAudioUniversalService) - Realtek Semiconductor - C:\Windows\System32\DriverStore\FileRepository\realtekservice.inf_amd64_fdd83e4dd87bcfa1\RtkAudUService64.exe
O23 - Service: @%SystemRoot%\system32\samsrv.dll,-1 (SamSs) - Unknown owner - C:\Windows\system32\lsass.exe (file missing)
O23 - Service: @%systemroot%\system32\SecurityHealthAgent.dll,-1002 (SecurityHealthService) - Unknown owner - C:\Windows\system32\SecurityHealthService.exe (file missing)
O23 - Service: @%ProgramFiles%\Windows Defender Advanced Threat Protection\MsSense.exe,-1001 (Sense) - Unknown owner - C:\Program Files (x86)\Windows Defender Advanced Threat Protection\MsSense.exe (file missing)
O23 - Service: @%SystemRoot%\system32\SensorDataService.exe,-101 (SensorDataService) - Unknown owner - C:\Windows\System32\SensorDataService.exe (file missing)
O23 - Service: @%SystemRoot%\System32\SgrmBroker.exe,-100 (SgrmBroker) - Unknown owner - C:\Windows\system32\SgrmBroker.exe (file missing)
O23 - Service: @firewallapi.dll,-50323 (SNMPTRAP) - Unknown owner - C:\Windows\System32\snmptrap.exe (file missing)
O23 - Service: @%systemroot%\system32\spectrum.exe,-101 (spectrum) - Unknown owner - C:\Windows\system32\spectrum.exe (file missing)
O23 - Service: @%systemroot%\system32\spoolsv.exe,-1 (Spooler) - Unknown owner - C:\Windows\System32\spoolsv.exe (file missing)
O23 - Service: @%SystemRoot%\system32\sppsvc.exe,-101 (sppsvc) - Unknown owner - C:\Windows\system32\sppsvc.exe (file missing)
O23 - Service: Steam Client Service - Valve Corporation - C:\Program Files (x86)\Common Files\Steam\steamservice.exe
O23 - Service: @%SystemRoot%\system32\TieringEngineService.exe,-702 (TieringEngineService) - Unknown owner - C:\Windows\system32\TieringEngineService.exe (file missing)
O23 - Service: @%SystemRoot%\system32\vaultsvc.dll,-1003 (VaultSvc) - Unknown owner - C:\Windows\system32\lsass.exe (file missing)
O23 - Service: @%SystemRoot%\system32\vds.exe,-100 (vds) - Unknown owner - C:\Windows\System32\vds.exe (file missing)
O23 - Service: @%systemroot%\system32\vssvc.exe,-102 (VSS) - Unknown owner - C:\Windows\system32\vssvc.exe (file missing)
O23 - Service: @%systemroot%\system32\wbengine.exe,-104 (wbengine) - Unknown owner - C:\Windows\system32\wbengine.exe (file missing)
O23 - Service: @%Systemroot%\system32\wbem\wmiapsrv.exe,-110 (wmiApSrv) - Unknown owner - C:\Windows\system32\wbem\WmiApSrv.exe (file missing)
O23 - Service: Intel(R) Management Engine WMI Provider Registration (WMIRegistrationService) - Intel Corporation - C:\Windows\System32\DriverStore\FileRepository\mewmiprov.inf_amd64_cad1db73e8c782a6\WMIRegistrationService.exe
O23 - Service: @%PROGRAMFILES%\Windows Media Player\wmpnetwk.exe,-101 (WMPNetworkSvc) - Unknown owner - C:\Program Files (x86)\Windows Media Player\wmpnetwk.exe (file missing)

--
End of file - 10563 bytes

[Reklama]

[jaro3]

co ovladače myši , polohování?

Stáhni si ATF Cleaner
https://www.majorgeeks.com/mg/getmirror ... ner,2.html
Poklepej na ATF Cleaner.exe, klikni na select all, poté:
-Když používáš Firefox (Mozzila), klikni na Firefox nahoře a vyber: Select All, poté klikni na Empty Selected.
-Když používáš Operu, klikni nahoře na Operu a vyber: Select All, poté klikni na Empty Selected. Poté klikni na Main (hlavní stránku ) a klikni na Empty Selected.
Po vyčištění klikni na Exit k zavření programu.
ATF-Cleaner je jednoduchý nástroj na odstranění historie z webového prohlížeče. Program dokáže odstranit cache, cookies, historii a další stopy po surfování na Internetu. Mezi podporované prohlížeče patří Internet Explorer, Firefox a Opera. Aplikace navíc umí odstranit dočasné soubory Windows, vysypat koš atd.
- Pokud používáš jen Google Chrome , tak ATF nemusíš použít.


Stáhni si TFC
http://www.geekstogo.com/forum/files/fi ... -oldtimer/
Otevři soubor a zavři všechny ostatní okna, Klikni na Start k zahájení procesu. Program by neměl trvat dlouho.
Poté by se měl PC restartovat, pokud ne , proveď sám.

Stáhni AdwCleaner (by Xplode)
http://www.bleepingcomputer.com/download/adwcleaner/
http://www.adlice.com/downloadprogress/
pro majitele win7 stáhni zde:
https://filehippo.com/download_adwcleaner/ ( nedávej aktualizaci!)

Ulož si ho na svojí plochu . Klikni na „Souhlasím“ k povrzení podmínek.
Ukonči všechny programy , okna a prohlížeče
Spusť program poklepáním a klikni na „Skenování“
Po skenu se objeví log , který se otevře. ( jinak je uložen systémovem disku jako) C:\AdwCleaner\Logs, jeho obsah sem celý vlož.

Stáhni si ATF Cleaner
https://www.majorgeeks.com/mg/getmirror ... ner,2.html
Poklepej na ATF Cleaner.exe, klikni na select all, poté:
-Když používáš Firefox (Mozzila), klikni na Firefox nahoře a vyber: Select All, poté klikni na Empty Selected.
-Když používáš Operu, klikni nahoře na Operu a vyber: Select All, poté klikni na Empty Selected. Poté klikni na Main (hlavní stránku ) a klikni na Empty Selected.
Po vyčištění klikni na Exit k zavření programu.
ATF-Cleaner je jednoduchý nástroj na odstranění historie z webového prohlížeče. Program dokáže odstranit cache, cookies, historii a další stopy po surfování na Internetu. Mezi podporované prohlížeče patří Internet Explorer, Firefox a Opera. Aplikace navíc umí odstranit dočasné soubory Windows, vysypat koš atd.
- Pokud používáš jen Google Chrome , tak ATF nemusíš použít.


Stáhni si TFC
http://www.geekstogo.com/forum/files/fi ... -oldtimer/
Otevři soubor a zavři všechny ostatní okna, Klikni na Start k zahájení procesu. Program by neměl trvat dlouho.
Poté by se měl PC restartovat, pokud ne , proveď sám.

Stáhni AdwCleaner (by Xplode)
http://www.bleepingcomputer.com/download/adwcleaner/
http://www.adlice.com/downloadprogress/
pro majitele win7 stáhni zde:
https://filehippo.com/download_adwcleaner/ ( nedávej aktualizaci!)

Ulož si ho na svojí plochu . Klikni na „Souhlasím“ k povrzení podmínek.
Ukonči všechny programy , okna a prohlížeče
Spusť program poklepáním a klikni na „Skenování“
Po skenu se objeví log , který se otevře. ( jinak je uložen systémovem disku jako) C:\AdwCleaner\Logs, jeho obsah sem celý vlož.

Stáhni si Malwarebytes' Anti-Malware
https://www.malwarebytes.com/mwb-download/thankyou/

na plochu , nainstaluj a spusť ho
-Pokud není program aktuální , klikni na možnost „Aktualizovat nyní“ či „Opravit nyní“.
- bude nalezena aktualizace a nainstaluje se.
- poté klikni na Spustit skenování
- po proběhnutí skenu se ti objeví hláška vpravo dole, tak klikni na Zobrazit zprávu a vyber Export a vyber Kopírovat do schránky a vlož sem celý log. Nebo klikni na „Textový soubor ( .txt)“ a log si ulož.
-jinak se log nachází v programu po kliknutí na „Zprávy“ , nebo je uložen zde: C:\ProgramData\Malwarebytes\Malwarebytes Anti-Malware\Logs

- po té klikni na tlačítko Dokončit, a program zavři křížkem vpravo nahoře.
(zatím nic nemaž!).
Pokud budou problémy , spusť v nouz. režimu.

[karbi02]

Ovladače myši jsou aktuální. Je mi divný, že někdy se to okno co se objeví po kliknutí pravým tlačítkem objeví jakoby pod aktuálním oknem, ve kterém klikám. Vidím třeba jenom kousek toho textu. Teď zrovna to ale funguje normálně. Tak třeba to byla jen nějaká chvilková indispozice.
To blokování komunikace Radeonu Esetem je normální? Začalo to dělat taky až dnes.

# -------------------------------
# Malwarebytes AdwCleaner 8.3.1.0
# -------------------------------
# Build: 11-18-2021
# Database: 2022-03-15.3 (Cloud)
# Support: https://www.malwarebytes.com/support
#
# -------------------------------
# Mode: Scan
# -------------------------------
# Start: 03-16-2022
# Duration: 00:00:02
# OS: Windows 10 Pro
# Scanned: 32037
# Detected: 0


***** [ Services ] *****

No malicious services found.

***** [ Folders ] *****

No malicious folders found.

***** [ Files ] *****

No malicious files found.

***** [ DLL ] *****

No malicious DLLs found.

***** [ WMI ] *****

No malicious WMI found.

***** [ Shortcuts ] *****

No malicious shortcuts found.

***** [ Tasks ] *****

No malicious tasks found.

***** [ Registry ] *****

No malicious registry entries found.

***** [ Chromium (and derivatives) ] *****

No malicious Chromium entries found.

***** [ Chromium URLs ] *****

No malicious Chromium URLs found.

***** [ Firefox (and derivatives) ] *****

No malicious Firefox entries found.

***** [ Firefox URLs ] *****

No malicious Firefox URLs found.

***** [ Hosts File Entries ] *****

No malicious hosts file entries found.

***** [ Preinstalled Software ] *****

No Preinstalled Software found.



########## EOF - C:\AdwCleaner\Logs\AdwCleaner[S00].txt ##########


Malwarebytes
www.malwarebytes.com

-Podrobnosti logovacího souboru-
Datum skenování: 16.03.22
Čas skenování: 21:21
Logovací soubor: 98f2d3ce-a566-11ec-8269-50ebf63deff3.json

-Informace o softwaru-
Verze: 4.5.6.180
Verze komponentů: 1.0.1634
Aktualizovat verzi balíku komponent: 1.0.52442
Licence: Zkušební

-Systémová informace-
OS: Windows 10 (Build 19044.1586)
CPU: x64
Systém souborů: NTFS
Uživatel: DESKTOP-NOL41JG\Libor

-Shrnutí skenování-
Typ skenování: Skenování hrozeb (Threat Scan)
Spuštění skenování: Ruční
Výsledek: Dokončeno
Skenované objekty: 283304
Zjištěné hrozby: 0
Hrozby umístěné do karantény: 0
Uplynulý čas: 0 min, 32 sek

-Možnosti skenování-
Paměť: Povoleno
Start: Povoleno
Systém souborů: Povoleno
Archivy: Povoleno
Rootkity: Zakázáno
Heuristika: Povoleno
Potenciálně nežádoucí program: Detekovat
Potenciálně nežádoucí modifikace: Detekovat

-Podrobnosti skenování-
Proces: 0
(Nebyly zjištěny žádné škodlivé položky)

Modul: 0
(Nebyly zjištěny žádné škodlivé položky)

Klíč registru: 0
(Nebyly zjištěny žádné škodlivé položky)

Hodnota v registru: 0
(Nebyly zjištěny žádné škodlivé položky)

Data registrů: 0
(Nebyly zjištěny žádné škodlivé položky)

Datové proudy: 0
(Nebyly zjištěny žádné škodlivé položky)

Adresář: 0
(Nebyly zjištěny žádné škodlivé položky)

Soubor: 0
(Nebyly zjištěny žádné škodlivé položky)

Fyzický sektor: 0
(Nebyly zjištěny žádné škodlivé položky)

WMI: 0
(Nebyly zjištěny žádné škodlivé položky)


(end)

[jaro3]

Blokování nevím. Eset je placený? Legální?

Stáhni si Junkware Removal Tool by Thisisu
http://www.bleepingcomputer.com/downloa ... oval-tool/
https://downloads.malwarebytes.com/file/JRT-EOL
na svojí plochu.

Deaktivuj si svůj antivirový program. Pravým tl. myši klikni na JRT.exe a vyber „spustit jako správce“. Pro pokračování budeš vyzván ke stisknutí jakékoliv klávesy. Na nějakou klikni.
Začne skenování programu. Skenování může trvat dlouho , podle množství nákaz. Po ukončení skenu se objeví log (JRT.txt) , který se uloží na ploše.
Zkopíruj sem prosím celý jeho obsah.


Stáhni si RogueKiller by Adlice Software
http://www.adlice.com/download/roguekiller/
http://www.bleepingcomputer.com/download/roguekiller/
na svojí plochu.
- Zavři všechny ostatní programy a prohlížeče.
- - klikni na „Scan“. V novém okně nic neměň a klikni dole na „Start“ ve sloupci „Quick Scan“
- Program skenuje procesy PC. Po proskenování klikni na „Results “ , v dalším okně pak levým t. na „Export“ a vyber : „Text File“ , log nazvi třeb RK a ulož do dokumentů nebo na plochu. Otevři soubor a celý obsah logu sem zkopíruj.
Pokud je program blokován , zkus ho spustit několikrát. Pokud dále program nepůjde spustit a pracovat, přejmenuj ho na winlogon.exe.
-pokud bude mít log více než 60.000 znaků , rozděl ho a vlož do více příspěvků

Stáhni si CrystalDiskInfo
https://www.stahuj.cz/utility_a_ostatni ... ldiskinfo/
Spusť program a klikni na Úpravy-Kopírovat. Poté sem vlož pomocí Ctrl+V obsah logu.

[karbi02]

Eset je trial s klíčem z Facebooku.


----------------------------------------------------------------------------
CrystalDiskInfo 8.15.2 (C) 2008-2022 hiyohiyo
Crystal Dew World: https://crystalmark.info/
----------------------------------------------------------------------------

OS : Windows 10 Professional [10.0 Build 19044] (x64)
Date : 2022/03/16 22:27:00

-- Controller Map ----------------------------------------------------------
- Standardní řadič SATA AHCI [ATA]
- Řadič prostorů úložišť [SCSI]
+ Řadič Standard NVM Express [SCSI]
- Samsung SSD 980 1TB

-- Disk List ---------------------------------------------------------------
(01) Samsung SSD 980 1TB : 1000,2 GB [0/1/0, sq] - nv

----------------------------------------------------------------------------
(01) Samsung SSD 980 1TB
----------------------------------------------------------------------------
Model : Samsung SSD 980 1TB
Firmware : 2B4QFXO7
Serial Number : S649NX0RC61010J
Disk Size : 1000,2 GB
Interface : NVM Express
Standard : NVM Express 1.4
Transfer Mode : PCIe 3.0 x4 | PCIe 3.0 x4
Power On Hours : 6 hodin
Power On Count : 18 krát
Host Reads : 273 GB
Host Writes : 366 GB
Temperature : 33 C (91 F)
Health Status : Dobrý (100 %)
Features : S.M.A.R.T., TRIM, VolatileWriteCache
Drive Letter : C: D:

-- S.M.A.R.T. --------------------------------------------------------------
ID RawValues(6) Attribute Name
01 000000000000 Kritické varování
02 000000000132 Složená teplota
03 000000000064 Rezerva k dispozici
04 00000000000A Dostupná náhradní prahová hodnota
05 000000000000 Použité procento
06 00000008BE7E Čtení datových jednotek
07 0000000BB9BA Zapsané datové jednotky
08 0000004B24DF Příkazy pro hostitelské čtení
09 0000003CC72A Příkazy pro zápis hostitele
0A 000000000009 Čas obsazení řadiče
0B 000000000012 Napájecí cykly
0C 000000000006 Hodiny napájení
0D 00000000000B Nebezpečné vypnutí
0E 000000000000 Chyby v médiích a integritě dat
0F 000000000000 Počet položek protokolu chybových informací

-- IDENTIFY_DEVICE ---------------------------------------------------------
0 1 2 3 4 5 6 7 8 9
000: 144D 144D 3653 3934 584E 5230 3643 3031 3031 204A
010: 2020 2020 6153 736D 6E75 2067 5353 2044 3839 2030
020: 5431 2042 2020 2020 2020 2020 2020 2020 2020 2020
030: 2020 2020 4232 5134 5846 374F 3802 0025 0900 0005
040: 0400 0001 A120 0007 1200 007A 0200 0000 0010 0000
050: 0000 0000 0000 0000 0000 0100 0000 0000 0000 0000
060: 0000 0000 0000 0000 0000 0000 0000 0000 0000 0000
070: 0000 0000 0000 0000 0000 0000 0000 0000 0000 0000
080: 0000 0000 0000 0000 0000 0000 0000 0000 0000 0000
090: 0000 0000 0000 0000 0000 0000 0000 0000 0000 0000
100: 0000 0000 0000 0000 0000 0000 0000 0000 0000 0000
110: 0000 0000 0000 0000 0000 0000 0000 0000 0000 0000
120: 0000 0000 0000 0000 0000 0000 0000 0000 0017 0307
130: 0F16 043F 0101 0163 0166 0000 4000 0000 1000 0000
140: 6000 E0DB 00E8 0000 0000 0000 0000 0000 0000 0000
150: 0000 0000 0000 0000 0000 0000 0000 0000 0023 0400
160: 0000 0001 013E 0165 0003 6000 0010 0000 0400 0000
170: 0001 0000 0000 0000 0000 0000 0000 0000 0000 0000
180: 0000 0000 0000 0000 0000 0000 0000 0000 0000 0000
190: 0000 0000 0000 0000 0000 0000 0000 0000 0000 0000
200: 0000 0000 0000 0000 0000 0000 0000 0000 0000 0000
210: 0000 0000 0000 0000 0000 0000 0000 0000 0000 0000
220: 0000 0000 0000 0000 0000 0000 0000 0000 0000 0000
230: 0000 0000 0000 0000 0000 0000 0000 0000 0000 0000
240: 0000 0000 0000 0000 0000 0000 0000 0000 0000 0000
250: 0000 0000 0000 0000 0000 0000

-- SMART_NVME --------------------------------------------------------------
+0 +1 +2 +3 +4 +5 +6 +7 +8 +9 +A +B +C +D +E +F
000: 00 32 01 64 0A 00 00 00 00 00 00 00 00 00 00 00
010: 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00
020: 82 BE 08 00 00 00 00 00 00 00 00 00 00 00 00 00
030: C1 B9 0B 00 00 00 00 00 00 00 00 00 00 00 00 00
040: ED 24 4B 00 00 00 00 00 00 00 00 00 00 00 00 00
050: 53 C7 3C 00 00 00 00 00 00 00 00 00 00 00 00 00
060: 09 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00
070: 12 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00
080: 06 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00
090: 0B 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00
0A0: 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00
0B0: 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00
0C0: 00 00 00 00 00 00 00 00 32 01 41 01 00 00 00 00
0D0: 00 00 00 00 00 00 00 00 00 00 00 00 03 00 00 00
0E0: 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00
0F0: 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00
100: 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00
110: 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00
120: 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00
130: 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00
140: 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00
150: 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00
160: 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00
170: 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00
180: 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00
190: 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00
1A0: 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00
1B0: 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00
1C0: 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00
1D0: 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00
1E0: 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00
1F0: 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00


Junkware Removal Tool (JRT) by Malwarebytes
Version: 8.1.4 (07.09.2017)
Operating System: Windows 10 Enterprise x64
Ran by Libor (Administrator) on 16.03.2022 at 22:14:56,41
~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~




File System: 0




Registry: 2

Successfully deleted: HKLM\Software\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{1FD49718-1D00-4B19-AF5F-070AF6D5D54C} (Registry Key)
Successfully deleted: HKLM\Software\Wow6432Node\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{1FD49718-1D00-4B19-AF5F-070AF6D5D54C} (Registry Key)




~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~
Scan was completed on 16.03.2022 at 22:15:20,60
End of JRT log
~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~


Program : RogueKiller Anti-Malware
Version : 15.4.0.0
x64 : Yes
Program Date : Mar 7 2022
Location : C:\Program Files\RogueKiller\RogueKiller64.exe
Premium : No
Company : Adlice Software
Website : https://www.adlice.com/
Contact : https://adlice.com/contact/
Website : https://adlice.com/download/roguekiller/
Operating System : Windows 10 (10.0.19044) 64-bit
64-bit OS : Yes
Startup : 0
WindowsPE : No
User : Libor
User is Admin : Yes
Date : 2022/03/16 21:10:34
Type : Scan
Aborted : No
Scan Mode : Quick
Duration : 7
Found items : 0
Total scanned : 922
Signatures Version : 20220314_105008
Truesight Driver : Yes
Updates Count : 0
Arguments : -minimize

************************* Warnings *************************

************************* Processes *************************

************************* Modules *************************

************************* Services *************************

************************* Scheduled Tasks *************************

************************* Registry *************************

************************* WMI *************************

************************* Hosts File *************************
is_too_big : No
hosts_file_path : N/A


************************* Filesystem *************************

************************* Web Browsers *************************

************************* Antirootkit *************************

[jaro3]

0D 00000000000B Nebezpečné vypnutí
zkoušel si jiný zdroj?

Vypni antivir i firewall, RogueKiller, Malwarebytes Antimalware, windowsDefender
Stáhni Zoek.exe
http://download.bleepingcomputer.com/smeenk/zoek.exe
https://uloz.to/file/nFH1LwSrGioP/zoek1-rar

Zavři všechny ostatní programy , okna i prohlížeče.
Spusť Zoek.exe ( u win vista , win7, 8 klikni na něj pravým a vyber : „Spustit jako správce“
-pozor , náběh programu může trvat déle.
Do okna programu vlož skript níže:

Kód: Vybrat vše

autoclean;
resethosts;
emptyclsid;
IEdefaults;
FFdefaults;
CHRdefaults;
emptyIEcache;
emptyFFcache;
emptyCHRcache;
emptyalltemp;
emptyflash;
emptyjava;
emptyrecycle.bin;

klikni na Run Script
Program provede sken , opravu, sken i oprava může trvat i více minut ,je třeba posečkat do konce. Do okna neklikej!
Program nabídne restart , potvrď .
Po restartu se může nějaký čas ukázat pouze černá plocha , to je normální. Je třeba počkat až se vytvoří log. Ten si můžeš uložit třeba do dokumentů , jinak se sám ukládá do:
C:\zoek-results.log Zkopíruj sem celý obsah toho logu.
Pokud budou problémy , spusť zoek v nouz. režimu.

Stáhni si Zemana AntiMalware Free z tohoto odkazu:
https://www.zemana.com/Download/AntiMal ... .Setup.exe
a ulož si ho na plochu.
Poklepej na tento soubor na ploše a postupuj podle pokynů k instalaci programu.
Přijmi licenci k používání programu EULA , pokud se nabídne.
Pokud je k dispozici aktualizace programu , klepni na tlačítko „Update now“ ( aktualizovat nyní).
Zavři všechny otevřené soubory, složky a prohlížeče
Neměň žádné nastavení. Klikni na „Skenovat nyní“.
Po skenu lze vidět , zda jsou nějaké nákazy. Klikni na „Vykonat“ ( vymazat). Nákazy budou přemístěny do karantény.
Když je skenování dokončeno, klikni vlevo na „zprávy“ a pak na „otevři zprávu“ a zkopíruj sem celý obsah té zprávy.

Vlož nový log z HJT + informuj o problémech.

možná dáme ještě:
Stáhni si Memtest
http://www.stahuj.cz/utility_a_ostatni/ ... i/memtest/

Políčko , ve kterém je napsáno:
All unused RAM ponech.
-dej Start , nech nejméně 2h běžet , pokud bude po 2h stále 0 errors , jsou v pořádku.
V případě vyšších kapacit RAM je třeba Memtest spustit několikrát , pro 2GB ( jednotlivá největší kapacita RAM) 2x , pro 4GB 3x , pro 8Gb 4x ap.
poklepej na Memtest , pak znovu a znovu , do políček všech Memtestů napiš 2048 , pak dej u všech Memtestů "Start".

[karbi02]

Problémy s myší zmizely.... Horší je, že začalo zamrzat pc. Dělá to věšinou když je úplně bez zátěže, třeba dvakrát denně. Prohlížeč událostí přímo čas zamrznutí nezaznamená, až tvrdý restart, tam je krytiká chyba Kernel Power 41, ale to je asi ten restart.... plus ještě tři chyby kolem. Jiný zdroj jsem nezkoušel, nemám. Memtest v pohodě.

Název produktu    :  Zemana AntiMalware
Stav kontroly    :  Dokončena
Datum kontroly    :  17.03.2022 21:14:17
Typ kontroly    :  Inteligentní kontrola
Čas trvání    :  00:00:18
Zkontrolované objekty    :  1811
Zjištěné objekty    :  1
Vyloučené objekty    :  0
Automatické odesílání    :  Ano
Operační systém    :  Windows 10 x64
Procesor    :  12X 12th Gen Intel(R) Core(TM) i5-12400F
Režim systému BIOS    :  UEFI
Informace o doméně    :  WORKGROUP,False,NetSetupWorkgroupName
CUID    :  14A962350F723A6260B0FE


Odhalení
MD5    :  
Stav    :  Zkontrolováno
Objekt    :  c:\users\libor\appdata\roaming\mozilla\firefox\profiles\finb1osl.default-release\extensions\{036a55b4-5e72-4d05-a06c-cba2dfcc134a}.xpi
Vydavatel    :  
Velikost    :  0
Odhalení    :  HijackExt:FirefoxPlugin/{036a55b4-5e72-4d05-a06c-cba2dfcc134a}
Akce    :  Vymazat
-----------------------------------------------------------------------


Zoek.exe v5.0.0.2 Updated 03-May-2018(Online Version)
Tool run by Libor on 17.03.2022 at 20:43:43,92.
Microsoft Windows 10 Pro 10.0.19044 x64
Running in: Normal Mode Internet Access Detected
Launched: C:\Users\Libor\Desktop\zoek1\zoek (1).exe [Scan all users] [Script inserted]

==== System Restore Info ======================

17.03.2022 20:45:13 Zoek.exe System Restore Point Created Successfully.

==== Reset Hosts File ======================

# Copyright (c) 1993-2006 Microsoft Corp.
#
# This is a sample HOSTS file used by Microsoft TCP/IP for Windows.
#
# This file contains the mappings of IP addresses to host names. Each
# entry should be kept on an individual line. The IP address should
# be placed in the first column followed by the corresponding host name.
# The IP address and the host name should be separated by at least one
# space.
#
# Additionally, comments (such as these) may be inserted on individual
# lines or following the machine name denoted by a '#' symbol.
#
# For example:
#
# 102.54.94.97 rhino.acme.com # source server
# 38.25.63.10 x.acme.com # x client host

# localhost name resolution is handled within DNS itself.
127.0.0.1 localhost
::1 localhost

==== Empty Folders Check ======================

C:\PROGRA~3\SoftwareDistribution deleted successfully
C:\PROGRA~3\ssh deleted successfully
C:\Users\Libor\AppData\Roaming\Easeware deleted successfully
C:\Users\Libor\AppData\Local\PeerDistRepub deleted successfully
C:\Windows\serviceprofiles\networkservice\AppData\Local\PeerDistRepub deleted successfully

==== Deleting CLSID Registry Keys ======================


==== Deleting CLSID Registry Values ======================


==== Deleting Services ======================


==== FireFox Fix ======================

Deleted from C:\Users\Libor\AppData\Roaming\Mozilla\Firefox\Profiles\finb1osl.default-release\prefs.js:
user_pref("browser.newtab.url", "about:newtab");

Added to C:\Users\Libor\AppData\Roaming\Mozilla\Firefox\Profiles\finb1osl.default-release\prefs.js:
user_pref("browser.startup.homepage", "about:home");
user_pref("browser.newtab.url", "about:newtab");

Deleted from C:\Users\Libor\AppData\Roaming\Thunderbird\Profiles\tele2zt2.default-release\prefs.js:
user_pref("browser.startup.homepage", "about:home");
user_pref("browser.newtab.url", "about:newtab");

Added to C:\Users\Libor\AppData\Roaming\Thunderbird\Profiles\tele2zt2.default-release\prefs.js:
user_pref("browser.startup.homepage", "about:home");
user_pref("browser.newtab.url", "about:newtab");

==== Deleting Files \ Folders ======================

C:\PROGRA~3\Package Cache deleted
C:\Users\Libor\AppData\Local\cache deleted
C:\Windows\SysNative\config\systemprofile\AppData\Local\CM24972.tmp deleted
C:\Windows\SysNative\config\systemprofile\AppData\Local\tw-10c4-45c-89af.tmp deleted
C:\Windows\SysNative\config\systemprofile\AppData\Local\tw-10c4-45c-89c1.tmp deleted
C:\Windows\SysNative\config\systemprofile\AppData\Local\tw-10c4-45c-89c3.tmp deleted
C:\Windows\SysNative\config\systemprofile\AppData\Local\tw-10c4-45c-89c5.tmp deleted
C:\Windows\SysNative\config\systemprofile\AppData\Local\tw-10c4-45c-89c7.tmp deleted
C:\Windows\SysNative\config\systemprofile\AppData\Local\tw-10c4-45c-89c9.tmp deleted
C:\Windows\SysNative\config\systemprofile\AppData\Local\tw-10c4-45c-89cb.tmp deleted
C:\Windows\SysNative\config\systemprofile\AppData\Local\tw-10c4-45c-89cd.tmp deleted
C:\Windows\SysNative\config\systemprofile\AppData\Local\tw-10c4-45c-89cf.tmp deleted
C:\Windows\SysNative\config\systemprofile\AppData\Local\tw-10c4-45c-89e1.tmp deleted
C:\Windows\SysNative\config\systemprofile\AppData\Local\tw-10c4-45c-89e3.tmp deleted
C:\Windows\SysNative\config\systemprofile\AppData\Local\tw-10c4-45c-89e5.tmp deleted
C:\Windows\SysNative\config\systemprofile\AppData\Local\tw-10c4-45c-89e7.tmp deleted
C:\Windows\SysNative\config\systemprofile\AppData\Local\tw-10c4-45c-89e9.tmp deleted
C:\Windows\SysNative\config\systemprofile\AppData\Local\tw-10c4-45c-89eb.tmp deleted
C:\Windows\SysNative\config\systemprofile\AppData\Local\tw-10c4-45c-89ed.tmp deleted
C:\Windows\SysNative\config\systemprofile\AppData\Local\tw-10c4-45c-89fe.tmp deleted
C:\Windows\SysNative\config\systemprofile\AppData\Local\tw-10c4-45c-8a00.tmp deleted
C:\Windows\SysNative\config\systemprofile\AppData\Local\tw-10c4-45c-8a02.tmp deleted
C:\Windows\SysNative\config\systemprofile\AppData\Local\tw-150c-33b8-eb0bb.tmp deleted
C:\Windows\SysNative\config\systemprofile\AppData\Local\tw-150c-33b8-eb0bd.tmp deleted
C:\Windows\SysNative\config\systemprofile\AppData\Local\tw-150c-33b8-eb0bf.tmp deleted
C:\Windows\SysNative\config\systemprofile\AppData\Local\tw-150c-33b8-eb0c1.tmp deleted
C:\Windows\SysNative\config\systemprofile\AppData\Local\tw-150c-33b8-eb0c3.tmp deleted
C:\Windows\SysNative\config\systemprofile\AppData\Local\tw-150c-33b8-eb0d5.tmp deleted
C:\Windows\SysNative\config\systemprofile\AppData\Local\tw-150c-33b8-eb0d7.tmp deleted
C:\Windows\SysNative\config\systemprofile\AppData\Local\tw-150c-33b8-eb0d9.tmp deleted
C:\Windows\SysNative\config\systemprofile\AppData\Local\tw-150c-33b8-eb0db.tmp deleted
C:\Windows\SysNative\config\systemprofile\AppData\Local\tw-150c-33b8-eb0dd.tmp deleted
C:\Windows\SysNative\config\systemprofile\AppData\Local\tw-150c-33b8-eb0df.tmp deleted
C:\Windows\SysNative\config\systemprofile\AppData\Local\tw-150c-33b8-eb0f1.tmp deleted
C:\Windows\SysNative\config\systemprofile\AppData\Local\tw-150c-33b8-eb0f3.tmp deleted
C:\Windows\SysNative\config\systemprofile\AppData\Local\tw-150c-33b8-eb0f5.tmp deleted
C:\Windows\SysNative\config\systemprofile\AppData\Local\tw-150c-33b8-eb0f7.tmp deleted
C:\Windows\SysNative\config\systemprofile\AppData\Local\tw-150c-33b8-eb0f9.tmp deleted
C:\Windows\SysNative\config\systemprofile\AppData\Local\tw-150c-33b8-eb0fb.tmp deleted
C:\Windows\SysNative\config\systemprofile\AppData\Local\tw-150c-33b8-eb0fd.tmp deleted
C:\Windows\SysNative\config\systemprofile\AppData\Local\tw-150c-33b8-eb10e.tmp deleted
C:\Windows\SysNative\config\systemprofile\AppData\Local\tw-1b4c-1ea4-11fd95.tmp deleted
C:\Windows\SysNative\config\systemprofile\AppData\Local\tw-1b4c-1ea4-11fd97.tmp deleted
C:\Windows\SysNative\config\systemprofile\AppData\Local\tw-1b4c-1ea4-11fd99.tmp deleted
C:\Windows\SysNative\config\systemprofile\AppData\Local\tw-1b4c-1ea4-11fd9b.tmp deleted
C:\Windows\SysNative\config\systemprofile\AppData\Local\tw-1b4c-1ea4-11fd9d.tmp deleted
C:\Windows\SysNative\config\systemprofile\AppData\Local\tw-1b4c-1ea4-11fd9f.tmp deleted
C:\Windows\SysNative\config\systemprofile\AppData\Local\tw-1b4c-1ea4-11fda1.tmp deleted
C:\Windows\SysNative\config\systemprofile\AppData\Local\tw-1b4c-1ea4-11fdb2.tmp deleted
C:\Windows\SysNative\config\systemprofile\AppData\Local\tw-1b4c-1ea4-11fdb4.tmp deleted
C:\Windows\SysNative\config\systemprofile\AppData\Local\tw-1b4c-1ea4-11fdb6.tmp deleted
C:\Windows\SysNative\config\systemprofile\AppData\Local\tw-1b4c-1ea4-11fdb8.tmp deleted
C:\Windows\SysNative\config\systemprofile\AppData\Local\tw-1b4c-1ea4-11fdba.tmp deleted
C:\Windows\SysNative\config\systemprofile\AppData\Local\tw-1b4c-1ea4-11fdbc.tmp deleted
C:\Windows\SysNative\config\systemprofile\AppData\Local\tw-1b4c-1ea4-11fdbe.tmp deleted
C:\Windows\SysNative\config\systemprofile\AppData\Local\tw-1b4c-1ea4-11fdd0.tmp deleted
C:\Windows\SysNative\config\systemprofile\AppData\Local\tw-1b4c-1ea4-11fdd2.tmp deleted
C:\Windows\SysNative\config\systemprofile\AppData\Local\tw-1b4c-1ea4-11fdd4.tmp deleted
C:\Windows\SysNative\config\systemprofile\AppData\Local\tw-1b4c-1ea4-11fdd6.tmp deleted
C:\Windows\SysNative\config\systemprofile\AppData\Local\tw-1b4c-1ea4-11fdd8.tmp deleted
C:\Windows\SysNative\config\systemprofile\AppData\Local\tw-1b64-197c-1f83ae.tmp deleted
C:\Windows\SysNative\config\systemprofile\AppData\Local\tw-1b64-197c-1f83b0.tmp deleted
C:\Windows\SysNative\config\systemprofile\AppData\Local\tw-1b64-197c-1f83c1.tmp deleted
C:\Windows\SysNative\config\systemprofile\AppData\Local\tw-1b64-197c-1f83c3.tmp deleted
C:\Windows\SysNative\config\systemprofile\AppData\Local\tw-1b64-197c-1f83c5.tmp deleted
C:\Windows\SysNative\config\systemprofile\AppData\Local\tw-1b64-197c-1f83c7.tmp deleted
C:\Windows\SysNative\config\systemprofile\AppData\Local\tw-1b64-197c-1f83c9.tmp deleted
C:\Windows\SysNative\config\systemprofile\AppData\Local\tw-1b64-197c-1f83cb.tmp deleted
C:\Windows\SysNative\config\systemprofile\AppData\Local\tw-1b64-197c-1f83dd.tmp deleted
C:\Windows\SysNative\config\systemprofile\AppData\Local\tw-1b64-197c-1f83df.tmp deleted
C:\Windows\SysNative\config\systemprofile\AppData\Local\tw-1b64-197c-1f83e1.tmp deleted
C:\Windows\SysNative\config\systemprofile\AppData\Local\tw-1b64-197c-1f83e3.tmp deleted
C:\Windows\SysNative\config\systemprofile\AppData\Local\tw-1b64-197c-1f83e5.tmp deleted
C:\Windows\SysNative\config\systemprofile\AppData\Local\tw-1b64-197c-1f83e7.tmp deleted
C:\Windows\SysNative\config\systemprofile\AppData\Local\tw-1b64-197c-1f83e9.tmp deleted
C:\Windows\SysNative\config\systemprofile\AppData\Local\tw-1b64-197c-1f83fa.tmp deleted
C:\Windows\SysNative\config\systemprofile\AppData\Local\tw-1b64-197c-1f83fc.tmp deleted
C:\Windows\SysNative\config\systemprofile\AppData\Local\tw-1b64-197c-1f83fe.tmp deleted
C:\Windows\SysNative\config\systemprofile\AppData\Local\tw-1b64-197c-1f8400.tmp deleted
C:\Windows\SysNative\config\systemprofile\AppData\Local\tw-2124-1710-116d99.tmp deleted
C:\Windows\SysNative\config\systemprofile\AppData\Local\tw-2124-1710-116d9b.tmp deleted
C:\Windows\SysNative\config\systemprofile\AppData\Local\tw-2124-1710-116d9d.tmp deleted
C:\Windows\SysNative\config\systemprofile\AppData\Local\tw-2124-1710-116d9f.tmp deleted
C:\Windows\SysNative\config\systemprofile\AppData\Local\tw-2124-1710-116da1.tmp deleted
C:\Windows\SysNative\config\systemprofile\AppData\Local\tw-2124-1710-116db3.tmp deleted
C:\Windows\SysNative\config\systemprofile\AppData\Local\tw-2124-1710-116db5.tmp deleted
C:\Windows\SysNative\config\systemprofile\AppData\Local\tw-2124-1710-116db7.tmp deleted
C:\Windows\SysNative\config\systemprofile\AppData\Local\tw-2124-1710-116db9.tmp deleted
C:\Windows\SysNative\config\systemprofile\AppData\Local\tw-2124-1710-116dbb.tmp deleted
C:\Windows\SysNative\config\systemprofile\AppData\Local\tw-2124-1710-116dcd.tmp deleted
C:\Windows\SysNative\config\systemprofile\AppData\Local\tw-2124-1710-116dcf.tmp deleted
C:\Windows\SysNative\config\systemprofile\AppData\Local\tw-2124-1710-116dd1.tmp deleted
C:\Windows\SysNative\config\systemprofile\AppData\Local\tw-2124-1710-116dd3.tmp deleted
C:\Windows\SysNative\config\systemprofile\AppData\Local\tw-2124-1710-116de4.tmp deleted
C:\Windows\SysNative\config\systemprofile\AppData\Local\tw-2124-1710-116df6.tmp deleted
C:\Windows\SysNative\config\systemprofile\AppData\Local\tw-2124-1710-116df8.tmp deleted
C:\Windows\SysNative\config\systemprofile\AppData\Local\tw-2124-1710-116dfa.tmp deleted
C:\Windows\SysNative\config\systemprofile\AppData\Local\tw-2124-1710-116dfc.tmp deleted
C:\Windows\SysNative\config\systemprofile\AppData\Local\tw-2154-367c-199203.tmp deleted
C:\Windows\SysNative\config\systemprofile\AppData\Local\tw-2154-367c-199214.tmp deleted
C:\Windows\SysNative\config\systemprofile\AppData\Local\tw-2154-367c-199216.tmp deleted
C:\Windows\SysNative\config\systemprofile\AppData\Local\tw-2154-367c-199218.tmp deleted
C:\Windows\SysNative\config\systemprofile\AppData\Local\tw-2154-367c-19921a.tmp deleted
C:\Windows\SysNative\config\systemprofile\AppData\Local\tw-2154-367c-19921c.tmp deleted
C:\Windows\SysNative\config\systemprofile\AppData\Local\tw-2154-367c-19921e.tmp deleted
C:\Windows\SysNative\config\systemprofile\AppData\Local\tw-2154-367c-199230.tmp deleted
C:\Windows\SysNative\config\systemprofile\AppData\Local\tw-2154-367c-199232.tmp deleted
C:\Windows\SysNative\config\systemprofile\AppData\Local\tw-2154-367c-199234.tmp deleted
C:\Windows\SysNative\config\systemprofile\AppData\Local\tw-2154-367c-199236.tmp deleted
C:\Windows\SysNative\config\systemprofile\AppData\Local\tw-2154-367c-199238.tmp deleted
C:\Windows\SysNative\config\systemprofile\AppData\Local\tw-2154-367c-19923a.tmp deleted
C:\Windows\SysNative\config\systemprofile\AppData\Local\tw-2154-367c-19924c.tmp deleted
C:\Windows\SysNative\config\systemprofile\AppData\Local\tw-2154-367c-19924e.tmp deleted
C:\Windows\SysNative\config\systemprofile\AppData\Local\tw-2154-367c-199250.tmp deleted
C:\Windows\SysNative\config\systemprofile\AppData\Local\tw-2154-367c-199252.tmp deleted
C:\Windows\SysNative\config\systemprofile\AppData\Local\tw-2154-367c-199254.tmp deleted
C:\Windows\SysNative\config\systemprofile\AppData\Local\tw-2154-367c-199256.tmp deleted
C:\Windows\SysNative\config\systemprofile\AppData\Local\tw-2f08-2538-126027.tmp deleted
C:\Windows\SysNative\config\systemprofile\AppData\Local\tw-2f08-2538-126048.tmp deleted
C:\Windows\SysNative\config\systemprofile\AppData\Local\tw-2f08-2538-12604a.tmp deleted
C:\Windows\SysNative\config\systemprofile\AppData\Local\tw-2f08-2538-12604c.tmp deleted
C:\Windows\SysNative\config\systemprofile\AppData\Local\tw-2f08-2538-12604e.tmp deleted
C:\Windows\SysNative\config\systemprofile\AppData\Local\tw-2f08-2538-126060.tmp deleted
C:\Windows\SysNative\config\systemprofile\AppData\Local\tw-2f08-2538-126062.tmp deleted
C:\Windows\SysNative\config\systemprofile\AppData\Local\tw-2f08-2538-126064.tmp deleted
C:\Windows\SysNative\config\systemprofile\AppData\Local\tw-2f08-2538-126066.tmp deleted
C:\Windows\SysNative\config\systemprofile\AppData\Local\tw-2f08-2538-126068.tmp deleted
C:\Windows\SysNative\config\systemprofile\AppData\Local\tw-2f08-2538-12607a.tmp deleted
C:\Windows\SysNative\config\systemprofile\AppData\Local\tw-2f08-2538-12607c.tmp deleted
C:\Windows\SysNative\config\systemprofile\AppData\Local\tw-2f08-2538-12607e.tmp deleted
C:\Windows\SysNative\config\systemprofile\AppData\Local\tw-2f08-2538-126080.tmp deleted
C:\Windows\SysNative\config\systemprofile\AppData\Local\tw-2f08-2538-126082.tmp deleted
C:\Windows\SysNative\config\systemprofile\AppData\Local\tw-2f08-2538-126084.tmp deleted
C:\Windows\SysNative\config\systemprofile\AppData\Local\tw-2f08-2538-126095.tmp deleted
C:\Windows\SysNative\config\systemprofile\AppData\Local\tw-2f08-2538-126097.tmp deleted
C:\Windows\SysNative\config\systemprofile\AppData\Local\tw-2f08-2538-126099.tmp deleted
C:\Windows\SysNative\config\systemprofile\AppData\Local\tw-4c0-2118-b48c9.tmp deleted
C:\Windows\SysNative\config\systemprofile\AppData\Local\tw-4c0-2118-b48cb.tmp deleted
C:\Windows\SysNative\config\systemprofile\AppData\Local\tw-4c0-2118-b48cd.tmp deleted
C:\Windows\SysNative\config\systemprofile\AppData\Local\tw-4c0-2118-b48de.tmp deleted
C:\Windows\SysNative\config\systemprofile\AppData\Local\tw-4c0-2118-b48e0.tmp deleted
C:\Windows\SysNative\config\systemprofile\AppData\Local\tw-4c0-2118-b48e2.tmp deleted
C:\Windows\SysNative\config\systemprofile\AppData\Local\tw-4c0-2118-b48e4.tmp deleted
C:\Windows\SysNative\config\systemprofile\AppData\Local\tw-4c0-2118-b48e6.tmp deleted
C:\Windows\SysNative\config\systemprofile\AppData\Local\tw-4c0-2118-b48e8.tmp deleted
C:\Windows\SysNative\config\systemprofile\AppData\Local\tw-4c0-2118-b48fa.tmp deleted
C:\Windows\SysNative\config\systemprofile\AppData\Local\tw-4c0-2118-b48fc.tmp deleted
C:\Windows\SysNative\config\systemprofile\AppData\Local\tw-4c0-2118-b48fe.tmp deleted
C:\Windows\SysNative\config\systemprofile\AppData\Local\tw-4c0-2118-b4900.tmp deleted
C:\Windows\SysNative\config\systemprofile\AppData\Local\tw-4c0-2118-b4902.tmp deleted
C:\Windows\SysNative\config\systemprofile\AppData\Local\tw-4c0-2118-b4904.tmp deleted
C:\Windows\SysNative\config\systemprofile\AppData\Local\tw-4c0-2118-b4916.tmp deleted
C:\Windows\SysNative\config\systemprofile\AppData\Local\tw-4c0-2118-b4918.tmp deleted
C:\Windows\SysNative\config\systemprofile\AppData\Local\tw-4c0-2118-b491a.tmp deleted
C:\Windows\SysNative\config\systemprofile\AppData\Local\tw-4c0-2118-b491c.tmp deleted
C:\Windows\SysNative\config\systemprofile\AppData\Local\tw-ac0-2e68-1f6f5a.tmp deleted
C:\Windows\SysNative\config\systemprofile\AppData\Local\tw-ac0-2e68-1f6f5c.tmp deleted
C:\Windows\SysNative\config\systemprofile\AppData\Local\tw-ac0-2e68-1f6f5e.tmp deleted
C:\Windows\SysNative\config\systemprofile\AppData\Local\tw-ac0-2e68-1f6f60.tmp deleted
C:\Windows\SysNative\config\systemprofile\AppData\Local\tw-ac0-2e68-1f6f62.tmp deleted
C:\Windows\SysNative\config\systemprofile\AppData\Local\tw-ac0-2e68-1f6f74.tmp deleted
C:\Windows\SysNative\config\systemprofile\AppData\Local\tw-ac0-2e68-1f6f76.tmp deleted
C:\Windows\SysNative\config\systemprofile\AppData\Local\tw-ac0-2e68-1f6f78.tmp deleted
C:\Windows\SysNative\config\systemprofile\AppData\Local\tw-ac0-2e68-1f6f7a.tmp deleted
C:\Windows\SysNative\config\systemprofile\AppData\Local\tw-ac0-2e68-1f6f7c.tmp deleted
C:\Windows\SysNative\config\systemprofile\AppData\Local\tw-ac0-2e68-1f6f7e.tmp deleted
C:\Windows\SysNative\config\systemprofile\AppData\Local\tw-ac0-2e68-1f6f80.tmp deleted
C:\Windows\SysNative\config\systemprofile\AppData\Local\tw-ac0-2e68-1f6f92.tmp deleted
C:\Windows\SysNative\config\systemprofile\AppData\Local\tw-ac0-2e68-1f6f94.tmp deleted
C:\Windows\SysNative\config\systemprofile\AppData\Local\tw-ac0-2e68-1f6f96.tmp deleted
C:\Windows\SysNative\config\systemprofile\AppData\Local\tw-ac0-2e68-1f6f98.tmp deleted
C:\Windows\SysNative\config\systemprofile\AppData\Local\tw-ac0-2e68-1f6f9a.tmp deleted
C:\Windows\SysNative\config\systemprofile\AppData\Local\tw-ac0-2e68-1f6f9c.tmp deleted
C:\Windows\SysNative\config\systemprofile\AppData\Local\tw-ac0-2e68-1f6fad.tmp deleted
"C:\ProgramData\UpdateLock-D78BF5DD33499EC2" deleted
"C:\DumpStack.log.tmp" not deleted

==== Firefox Start and Search pages ======================

ProfilePath: C:\Users\Libor\AppData\Roaming\Mozilla\Firefox\Profiles\finb1osl.default-release
user_pref("browser.startup.homepage", "about:home");
user_pref("browser.newtab.url", "about:newtab");

ProfilePath: C:\Users\Libor\AppData\Roaming\Thunderbird\Profiles\tele2zt2.default-release
user_pref("browser.startup.homepage", "about:home");
user_pref("browser.newtab.url", "about:newtab");

==== Firefox Extensions ======================

ProfilePath: C:\Users\Libor\AppData\Roaming\Mozilla\Firefox\Profiles\finb1osl.default-release
- short_ __MSG_short_name__ - %ProfilePath%\extensions\adblockultimate@adblockultimate.net.xpi
- short_ Hola VPN - %ProfilePath%\extensions\jid1-4P0kohSJxU1qGg@jetpack.xpi
- __MSG_extensionName__ - %ProfilePath%\extensions\{036a55b4-5e72-4d05-a06c-cba2dfcc134a}.xpi
- short_ __MSG_name__ - %ProfilePath%\extensions\{d10d0bf8-f5b5-c8b4-a8b2-2b9879e08c5d}.xpi

ProfilePath: C:\Users\Libor\AppData\Roaming\Thunderbird\Profiles\tele2zt2.default-release
- Undetermined - D:\záloha thunderbird\s8rjd38d.default\extensions\{e2fda1a4-762b-4020-b5ad-a41df1933103}
- Extra Folder Columns - %ProfilePath%\extensions\extra-cols@jminta_gmail.com.xpi
- Adblock Plus - %ProfilePath%\extensions\{d10d0bf8-f5b5-c8b4-a8b2-2b9879e08c5d}.xpi

==== Firefox Plugins ======================

Profilepath: C:\Users\Libor\AppData\Roaming\Mozilla\Firefox\Profiles\finb1osl.default-release
- C:\Program Files x86\Adobe\Adobe Creative Cloud\Utils\npAdobeAAMDetect64.dll - [?]
- C:\Program Files x86\Adobe\Adobe Creative Cloud\Utils\npAdobeAAMDetect32.dll - [?]


==== Chromium Look ======================


==== Set IE to Default ======================

Old Values:
[HKEY_CURRENT_USER\Software\Microsoft\Internet Explorer\Main]
"Start Page"="http://go.microsoft.com/fwlink/p/?LinkId=255141"
[HKEY_CURRENT_USER\SOFTWARE\Microsoft\Internet Explorer\SearchScopes]
No DefaultScope Set For HKCU

New Values:
[HKEY_CURRENT_USER\Software\Microsoft\Internet Explorer\Main]
"Start Page"="http://go.microsoft.com/fwlink/p/?LinkId=255141"
[HKEY_CURRENT_USER\SOFTWARE\Microsoft\Internet Explorer\SearchScopes]
"DefaultScope"="{012E1000-F331-11DB-8314-0800200C9A66}"

==== All HKLM and HKCU SearchScopes ======================

HKLM\SearchScopes "DefaultScope"="{0633EE93-D776-472f-A0FF-E1416B8B2E3A}"
HKLM\SearchScopes\{0633EE93-D776-472f-A0FF-E1416B8B2E3A} - http://www.bing.com/search?q={searchTerms}&FORM=IE8SRC
HKLM\Wow6432Node\SearchScopes "DefaultScope"="{0633EE93-D776-472f-A0FF-E1416B8B2E3A}"
HKLM\Wow6432Node\SearchScopes\{0633EE93-D776-472f-A0FF-E1416B8B2E3A} - http://www.bing.com/search?q={searchTerms}&FORM=IE8SRC
HKCU\SearchScopes "DefaultScope"="{012E1000-F331-11DB-8314-0800200C9A66}"
HKCU\SearchScopes\{012E1000-F331-11DB-8314-0800200C9A66} - http://www.google.com/search?q={searchTerms}
HKCU\SearchScopes\{0633EE93-D776-472f-A0FF-E1416B8B2E3A} - http://www.bing.com/search?q={searchTerms}&src=IE-SearchBox&FORM=IE8SRC

==== Reset Google Chrome ======================

C:\Users\Libor\AppData\Local\Microsoft\Edge\User Data\Default\Preferences was reset successfully
C:\Users\Libor\AppData\Local\Microsoft\Edge\User Data\Default\Secure Preferences was reset successfully
C:\Users\Libor\AppData\Local\Microsoft\Edge\User Data\Default\Web Data was reset successfully
C:\Users\Libor\AppData\Local\Microsoft\Edge\User Data\Default\Web Data-journal was reset successfully

==== Empty IE Cache ======================

C:\Windows\system32\config\systemprofile\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5 emptied successfully
C:\Users\Libor\AppData\Local\Microsoft\Windows\INetCache\Content.IE5 emptied successfully
C:\Windows\SysNative\config\systemprofile\AppData\Local\Microsoft\Windows\INetCache\Content.IE5 emptied successfully
C:\Windows\sysWoW64\config\systemprofile\AppData\Local\Microsoft\Windows\INetCache\Content.IE5 emptied successfully
C:\Windows\sysWOW64\config\systemprofile\AppData\Local\Microsoft\Windows\INetCache\Content.IE5 emptied successfully
C:\Users\Libor\AppData\Local\Microsoft\Windows\INetCache\IE emptied successfully
C:\Windows\SysNative\config\systemprofile\AppData\Local\Microsoft\Windows\INetCache\IE emptied successfully
C:\Windows\sysWoW64\config\systemprofile\AppData\Local\Microsoft\Windows\INetCache\IE emptied successfully

==== Empty FireFox Cache ======================

C:\Users\Libor\AppData\Local\Mozilla\Firefox\Profiles\finb1osl.default-release\cache2 emptied successfully

==== Empty Edge Cache ======================

Edge Cache Emptied Successfully

==== Empty Chrome Cache ======================

C:\Users\Libor\AppData\Local\Microsoft\Edge\User Data\Default\Cache emptied successfully

==== Empty All Flash Cache ======================

No Flash Cache Found

==== Empty All Java Cache ======================

No Java Cache Found

==== C:\zoek_backup content ======================

C:\zoek_backup (files=28 folders=188 15731188 bytes)

==== Empty Temp Folders ======================

C:\Users\Default\AppData\Local\Temp emptied successfully
C:\Users\Default User\AppData\Local\Temp emptied successfully
C:\Users\Libor\AppData\Local\Temp will be emptied at reboot
C:\Windows\serviceprofiles\networkservice\AppData\Local\Temp emptied successfully
C:\Windows\serviceprofiles\Localservice\AppData\Local\Temp emptied successfully
C:\Windows\Temp will be emptied at reboot

==== After Reboot ======================

==== Empty Temp Folders ======================

C:\Windows\Temp successfully emptied
C:\Users\Libor\AppData\Local\Temp successfully emptied

==== Empty Recycle Bin ======================

C:\$RECYCLE.BIN successfully emptied

==== Deleting Files / Folders ======================

"C:\DumpStack.log.tmp" not deleted

==== EOF on 17.03.2022 at 20:55:33,01 ======================

Logfile of Trend Micro HijackThis v2.0.4
Scan saved at 16:53:28, on 19.03.2022
Platform: Unknown Windows (WinNT 6.02.1008)
MSIE: Internet Explorer v11.0 (11.00.19041.1566)
Boot mode: Normal

Running processes:
C:\Program Files (x86)\Microsoft\Skype for Desktop\Skype.exe
C:\Program Files (x86)\Microsoft\Skype for Desktop\Skype.exe
C:\Program Files (x86)\Microsoft\Skype for Desktop\Skype.exe
C:\Program Files (x86)\Microsoft\Skype for Desktop\Skype.exe
C:\Program Files (x86)\Microsoft\Skype for Desktop\Skype.exe
C:\Program Files (x86)\Microsoft\Skype for Desktop\Skype.exe
C:\Users\Libor\Downloads\hijackthis.exe

R1 - HKCU\Software\Microsoft\Internet Explorer\Main,Search Page = http://go.microsoft.com/fwlink/?LinkId=54896
R0 - HKCU\Software\Microsoft\Internet Explorer\Main,Start Page = http://go.microsoft.com/fwlink/p/?LinkId=255141
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = http://go.microsoft.com/fwlink/p/?LinkId=255141
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Search_URL = http://go.microsoft.com/fwlink/?LinkId=54896
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Search Page = http://go.microsoft.com/fwlink/?LinkId=54896
R0 - HKLM\Software\Microsoft\Internet Explorer\Main,Start Page = http://go.microsoft.com/fwlink/p/?LinkId=255141
R0 - HKLM\Software\Microsoft\Internet Explorer\Search,SearchAssistant =
R0 - HKLM\Software\Microsoft\Internet Explorer\Search,CustomizeSearch =
R0 - HKCU\Software\Microsoft\Internet Explorer\Main,Local Page = %11%\blank.htm
R0 - HKLM\Software\Microsoft\Internet Explorer\Main,Local Page = C:\Windows\SysWOW64\blank.htm
R0 - HKCU\Software\Microsoft\Internet Explorer\Toolbar,LinksFolderName =
F2 - REG:system.ini: UserInit=
O1 - Hosts: ::1 localhost
O2 - BHO: Lync Click to Call BHO - {31D09BA0-12F5-4CCE-BE8A-2923E76605DA} - C:\Program Files (x86)\Microsoft Office\root\Office16\OCHelper.dll
O4 - HKCU\..\Run: [OneDrive] "C:\Program Files\Microsoft OneDrive\OneDrive.exe" /background
O4 - HKCU\..\Run: [Skype for Desktop] C:\Program Files (x86)\Microsoft\Skype for Desktop\Skype.exe
O4 - HKCU\..\Run: [Steam] "C:\Program Files (x86)\Steam\steam.exe" -silent
O4 - HKCU\..\Run: [CCleaner Smart Cleaning] "C:\Program Files\CCleaner\CCleaner64.exe" /MONITOR
O4 - HKCU\..\Run: [EPLTarget\P0000000000000000] C:\Windows\system32\spool\DRIVERS\x64\3\E_YATIHVE.EXE /EPT "EPLTarget\P0000000000000000" /M "Epson Stylus Office BX635FWD"
O8 - Extra context menu item: E&xport to Microsoft Excel - res://C:\Program Files (x86)\Microsoft Office\root\Office16\EXCEL.EXE/3000
O8 - Extra context menu item: Se&nd to OneNote - res://C:\Program Files (x86)\Microsoft Office\root\Office16\ONBttnIE.dll/105
O9 - Extra button: Send to OneNote - {2670000A-7350-4f3c-8081-5663EE0C6C49} - C:\Program Files (x86)\Microsoft Office\root\Office16\ONBttnIE.dll
O9 - Extra 'Tools' menuitem: Se&nd to OneNote - {2670000A-7350-4f3c-8081-5663EE0C6C49} - C:\Program Files (x86)\Microsoft Office\root\Office16\ONBttnIE.dll
O9 - Extra button: Lync Click to Call - {31D09BA0-12F5-4CCE-BE8A-2923E76605DA} - C:\Program Files (x86)\Microsoft Office\root\Office16\OCHelper.dll
O9 - Extra 'Tools' menuitem: Lync Click to Call - {31D09BA0-12F5-4CCE-BE8A-2923E76605DA} - C:\Program Files (x86)\Microsoft Office\root\Office16\OCHelper.dll
O9 - Extra button: OneNote Lin&ked Notes - {789FE86F-6FC4-46A1-9849-EDE0DB0C95CA} - C:\Program Files (x86)\Microsoft Office\root\Office16\ONBttnIELinkedNotes.dll
O9 - Extra 'Tools' menuitem: OneNote Lin&ked Notes - {789FE86F-6FC4-46A1-9849-EDE0DB0C95CA} - C:\Program Files (x86)\Microsoft Office\root\Office16\ONBttnIELinkedNotes.dll
O11 - Options group: [ACCELERATED_GRAPHICS] Accelerated graphics
O18 - Protocol: mso-minsb-roaming.16 - {83C25742-A9F7-49FB-9138-434302C88D07} - C:\Program Files (x86)\Microsoft Office\root\Office16\MSOSB.DLL
O18 - Protocol: mso-minsb.16 - {42089D2D-912D-4018-9087-2B87803E93FB} - C:\Program Files (x86)\Microsoft Office\root\Office16\MSOSB.DLL
O18 - Protocol: osf-roaming.16 - {42089D2D-912D-4018-9087-2B87803E93FB} - C:\Program Files (x86)\Microsoft Office\root\Office16\MSOSB.DLL
O18 - Protocol: osf.16 - {5504BE45-A83B-4808-900A-3A5C36E7F77A} - C:\Program Files (x86)\Microsoft Office\root\Office16\MSOSB.DLL
O18 - Protocol: tbauth - {14654CA6-5711-491D-B89A-58E571679951} - C:\Windows\SysWOW64\tbauth.dll
O18 - Protocol: windows.tbauth - {14654CA6-5711-491D-B89A-58E571679951} - C:\Windows\SysWOW64\tbauth.dll
O18 - Filter hijack: text/xml - {807583E5-5146-11D5-A672-00B0D022E945} - C:\Program Files (x86)\Microsoft Office\root\VFS\ProgramFilesCommonX86\Microsoft Shared\Office16\MSOXMLMF.DLL
O23 - Service: @%SystemRoot%\system32\Alg.exe,-112 (ALG) - Unknown owner - C:\Windows\System32\alg.exe (file missing)
O23 - Service: AMD Crash Defender Service - Unknown owner - C:\Windows\System32\amdfendrsr.exe (file missing)
O23 - Service: AMD External Events Utility - AMD - C:\Windows\System32\DriverStore\FileRepository\u0372545.inf_amd64_56d459236871c3f2\B372333\atiesrxx.exe
O23 - Service: AsusCertService - ASUSTek COMPUTER INC. - C:\Program Files (x86)\ASUS\AsusCertService\AsusCertService.exe
O23 - Service: AsusUpdateCheck - Unknown owner - C:\Windows\System32\AsusUpdateCheck.exe (file missing)
O23 - Service: @%SystemRoot%\system32\CredentialEnrollmentManager.exe,-100 (CredentialEnrollmentManagerUserSvc) - Unknown owner - C:\Windows\system32\CredentialEnrollmentManager.exe (file missing)
O23 - Service: CredentialEnrollmentManagerUserSvc_4aa45 - Unknown owner - C:\Windows\system32\CredentialEnrollmentManager.exe (file missing)
O23 - Service: @%SystemRoot%\system32\DiagSvcs\DiagnosticsHub.StandardCollector.ServiceRes.dll,-1000 (diagnosticshub.standardcollector.service) - Unknown owner - C:\Windows\system32\DiagSvcs\DiagnosticsHub.StandardCollector.Service.exe (file missing)
O23 - Service: DtsApo4Service - Unknown owner - C:\Windows\System32\DTS\PC\APO4x\DtsApo4Service.exe (file missing)
O23 - Service: @%SystemRoot%\system32\efssvc.dll,-100 (EFS) - Unknown owner - C:\Windows\System32\lsass.exe (file missing)
O23 - Service: ESET Service (ekrn) - ESET - C:\Program Files\ESET\ESET Security\ekrn.exe
O23 - Service: ESET Firewall Helper (ekrnEpfw) - ESET - C:\Program Files\ESET\ESET Security\ekrn.exe
O23 - Service: @%systemroot%\system32\fxsresm.dll,-118 (Fax) - Unknown owner - C:\Windows\system32\fxssvc.exe (file missing)
O23 - Service: Intel(R) Dynamic Application Loader Host Interface Service (jhi_service) - Intel Corporation - C:\Windows\System32\DriverStore\FileRepository\dal.inf_amd64_b5484efd38adbe8d\jhi_service.exe
O23 - Service: @keyiso.dll,-100 (KeyIso) - Unknown owner - C:\Windows\system32\lsass.exe (file missing)
O23 - Service: Mozilla Maintenance Service (MozillaMaintenance) - Mozilla Foundation - C:\Program Files (x86)\Mozilla Maintenance Service\maintenanceservice.exe
O23 - Service: @comres.dll,-2797 (MSDTC) - Unknown owner - C:\Windows\System32\msdtc.exe (file missing)
O23 - Service: @%SystemRoot%\System32\netlogon.dll,-102 (Netlogon) - Unknown owner - C:\Windows\system32\lsass.exe (file missing)
O23 - Service: @%systemroot%\system32\PerceptionSimulation\PerceptionSimulationService.exe,-101 (perceptionsimulation) - Unknown owner - C:\Windows\system32\PerceptionSimulation\PerceptionSimulationService.exe (file missing)
O23 - Service: ROG Live Service - ASUSTek COMPUTER INC. - C:\Program Files (x86)\ASUS\ROG Live Service\ROGLiveService.exe
O23 - Service: @%systemroot%\system32\Locator.exe,-2 (RpcLocator) - Unknown owner - C:\Windows\system32\locator.exe (file missing)
O23 - Service: Realtek Audio Universal Service (RtkAudioUniversalService) - Realtek Semiconductor - C:\Windows\System32\DriverStore\FileRepository\realtekservice.inf_amd64_fdd83e4dd87bcfa1\RtkAudUService64.exe
O23 - Service: @%SystemRoot%\system32\samsrv.dll,-1 (SamSs) - Unknown owner - C:\Windows\system32\lsass.exe (file missing)
O23 - Service: @%systemroot%\system32\SecurityHealthAgent.dll,-1002 (SecurityHealthService) - Unknown owner - C:\Windows\system32\SecurityHealthService.exe (file missing)
O23 - Service: @%ProgramFiles%\Windows Defender Advanced Threat Protection\MsSense.exe,-1001 (Sense) - Unknown owner - C:\Program Files (x86)\Windows Defender Advanced Threat Protection\MsSense.exe (file missing)
O23 - Service: @%SystemRoot%\system32\SensorDataService.exe,-101 (SensorDataService) - Unknown owner - C:\Windows\System32\SensorDataService.exe (file missing)
O23 - Service: @%SystemRoot%\System32\SgrmBroker.exe,-100 (SgrmBroker) - Unknown owner - C:\Windows\system32\SgrmBroker.exe (file missing)
O23 - Service: @firewallapi.dll,-50323 (SNMPTRAP) - Unknown owner - C:\Windows\System32\snmptrap.exe (file missing)
O23 - Service: @%systemroot%\system32\spectrum.exe,-101 (spectrum) - Unknown owner - C:\Windows\system32\spectrum.exe (file missing)
O23 - Service: @%systemroot%\system32\spoolsv.exe,-1 (Spooler) - Unknown owner - C:\Windows\System32\spoolsv.exe (file missing)
O23 - Service: @%SystemRoot%\system32\sppsvc.exe,-101 (sppsvc) - Unknown owner - C:\Windows\system32\sppsvc.exe (file missing)
O23 - Service: Steam Client Service - Valve Corporation - C:\Program Files (x86)\Common Files\Steam\steamservice.exe
O23 - Service: @%SystemRoot%\system32\TieringEngineService.exe,-702 (TieringEngineService) - Unknown owner - C:\Windows\system32\TieringEngineService.exe (file missing)
O23 - Service: @%SystemRoot%\system32\vaultsvc.dll,-1003 (VaultSvc) - Unknown owner - C:\Windows\system32\lsass.exe (file missing)
O23 - Service: @%SystemRoot%\system32\vds.exe,-100 (vds) - Unknown owner - C:\Windows\System32\vds.exe (file missing)
O23 - Service: @%systemroot%\system32\vssvc.exe,-102 (VSS) - Unknown owner - C:\Windows\system32\vssvc.exe (file missing)
O23 - Service: @%systemroot%\system32\wbengine.exe,-104 (wbengine) - Unknown owner - C:\Windows\system32\wbengine.exe (file missing)
O23 - Service: @%Systemroot%\system32\wbem\wmiapsrv.exe,-110 (wmiApSrv) - Unknown owner - C:\Windows\system32\wbem\WmiApSrv.exe (file missing)
O23 - Service: Intel(R) Management Engine WMI Provider Registration (WMIRegistrationService) - Intel Corporation - C:\Windows\System32\DriverStore\FileRepository\mewmiprov.inf_amd64_cad1db73e8c782a6\WMIRegistrationService.exe
O23 - Service: @%PROGRAMFILES%\Windows Media Player\wmpnetwk.exe,-101 (WMPNetworkSvc) - Unknown owner - C:\Program Files (x86)\Windows Media Player\wmpnetwk.exe (file missing)

--
End of file - 10536 bytes

[jaro3]

Jestli máš možnost vyměnit zdroj , tak to zkus.

Vypni antivir i firewall , malwarebytes i RK.
Prosím stáhni příslušnou verzi programu pro Tvůj systém 32-bit/64-bit FarbarRecovery Scan Tool (FrSt)
32bit.:
http://www.bleepingcomputer.com/downloa ... ool/dl/81/
64bit.:
http://www.bleepingcomputer.com/downloa ... ool/dl/82/
další odkaz:
http://www.bleepingcomputer.com/downloa ... scan-tool/
a ulož jej na plochu. ,pak spusť FrSt.
Potvrď způsob užití.
Neměň žádné z výchozích nastavení a klikni na položku „Scan“ („Skenovat“) .Když je skenování dokončeno, ukážou se dva logy = FRST.txt a Addition.txt a uloží se na ploše.Prosím zkopíruj sem celý jejich obsah.

[karbi02]

Additional scan result of Farbar Recovery Scan Tool (x64) Version: 13-03-2022
Ran by Libor (19-03-2022 18:16:50)
Running from C:\Users\Libor\Desktop
Microsoft Windows 10 Pro Version 21H2 19044.1586 (X64) (2022-03-14 22:52:50)
Boot Mode: Normal
==========================================================


==================== Accounts: =============================


(If an entry is included in the fixlist, it will be removed.)

Administrator (S-1-5-21-2462690449-1114630332-3244458091-500 - Administrator - Disabled)
DefaultAccount (S-1-5-21-2462690449-1114630332-3244458091-503 - Limited - Disabled)
Guest (S-1-5-21-2462690449-1114630332-3244458091-501 - Limited - Disabled)
Libor (S-1-5-21-2462690449-1114630332-3244458091-1001 - Administrator - Enabled) => C:\Users\Libor
WDAGUtilityAccount (S-1-5-21-2462690449-1114630332-3244458091-504 - Limited - Disabled)

==================== Security Center ========================

(If an entry is included in the fixlist, it will be removed.)

AV: ESET Security (Disabled - Up to date) {89B55CC4-3881-78B2-11E2-479AE0371896}
AV: Windows Defender (Disabled - Up to date) {D68DDC3A-831F-4fae-9E44-DA132C1ACF46}
FW: ESET Firewall (Disabled) {B18EDDE1-72EE-79EA-3ABD-EEAF1EE45FED}

==================== Installed Programs ======================

(Only the adware programs with "Hidden" flag could be added to the fixlist to unhide them. The adware programs should be uninstalled manually.)

AMD Software (HKLM\...\AMD Catalyst Install Manager) (Version: 21.10.2 - Advanced Micro Devices, Inc.)
Branding64 (HKLM\...\{C871FC62-0186-40ED-BAEA-7C65BE367755}) (Version: 1.00.0006 - Advanced Micro Devices, Inc.) Hidden
CCleaner (HKLM\...\CCleaner) (Version: 5.91 - Piriform)
CPUID ASUS CPU-Z 1.99 (HKLM\...\CPUID ASUS CPU-Z_is1) (Version: 1.99 - CPUID, Inc.)
CrystalDiskInfo 8.15.2 (HKLM\...\CrystalDiskInfo_is1) (Version: 8.15.2 - Crystal Dew World)
dreamboxEDIT -- The one and only settings editor for your Dreambox (HKLM-x32\...\dreamboxEDIT) (Version: - )
Dynamic Application Loader Host Interface Service (HKLM\...\{3FD9F3E6-059D-4E4D-8B5B-EBAE90CA882E}) (Version: 1.0.0.0 - Intel Corporation) Hidden
EPSON Scan (HKLM-x32\...\EPSON Scanner) (Version: - Seiko Epson Corporation)
ESET Security (HKLM\...\{C8113C9E-3025-4DC5-89E8-71F7C080967A}) (Version: 15.0.23.0 - ESET, spol. s r.o.)
Hard Disk Sentinel PRO (HKLM-x32\...\Hard Disk Sentinel_is1) (Version: 6.01 - Janos Mathe)
Intel(R) Management Engine Components (HKLM\...\{1CEAC85D-2590-4760-800F-8DE5E91F3700}) (Version: 2149.16.0.2602 - Intel Corporation)
ManiaPlanet (HKLM-x32\...\ManiaPlanet_is1) (Version: - Nadeo)
Microsoft Edge (HKLM-x32\...\Microsoft Edge) (Version: 99.0.1150.46 - Microsoft Corporation)
Microsoft Office Professional Plus 2019 - cs-cz (HKLM\...\ProPlus2019Retail - cs-cz) (Version: 16.0.14931.20132 - Microsoft Corporation)
Microsoft OneDrive (HKLM\...\OneDriveSetup.exe) (Version: 22.045.0227.0004 - Microsoft Corporation)
Microsoft Update Health Tools (HKLM\...\{5016990D-7F61-4A20-9451-A915D6616DD9}) (Version: 3.66.0.0 - Microsoft Corporation)
Microsoft Visual C++ 2015-2019 Redistributable (x64) - 14.28.29913 (HKLM-x32\...\{855e31d2-9031-46e1-b06d-c9d7777deefb}) (Version: 14.28.29913.0 - Microsoft Corporation)
Microsoft Visual C++ 2015-2019 Redistributable (x86) - 14.28.29334 (HKLM-x32\...\{b2d0f752-adc5-496e-8f70-8669de01f746}) (Version: 14.28.29334.0 - Microsoft Corporation)
Mozilla Firefox (x64 cs) (HKLM\...\Mozilla Firefox 98.0.1 (x64 cs)) (Version: 98.0.1 - Mozilla)
Mozilla Maintenance Service (HKLM\...\MozillaMaintenanceService) (Version: 91.7.0 - Mozilla)
Mozilla Thunderbird (x64 cs) (HKLM\...\Mozilla Thunderbird 91.7.0 (x64 cs)) (Version: 91.7.0 - Mozilla)
Odinstalace tiskárny EPSON BX635FWD Series (HKLM\...\EPSON BX635FWD Series) (Version: - SEIKO EPSON Corporation)
Office 16 Click-to-Run Extensibility Component (HKLM-x32\...\{90160000-008C-0000-0000-0000000FF1CE}) (Version: 16.0.14931.20010 - Microsoft Corporation) Hidden
Office 16 Click-to-Run Extensibility Component 64-bit Registration (HKLM\...\{90160000-00DD-0000-1000-0000000FF1CE}) (Version: 16.0.14931.20072 - Microsoft Corporation) Hidden
Office 16 Click-to-Run Licensing Component (HKLM\...\{90160000-008F-0000-1000-0000000FF1CE}) (Version: 16.0.14931.20094 - Microsoft Corporation) Hidden
Office 16 Click-to-Run Localization Component (HKLM-x32\...\{90160000-008C-0405-0000-0000000FF1CE}) (Version: 16.0.14026.20302 - Microsoft Corporation) Hidden
Realtek Audio Driver (HKLM-x32\...\{F132AF7F-7BCA-4EDE-8A7C-958108FE7DBC}) (Version: 6.0.9254.1 - Realtek Semiconductor Corp.)
Realtek Ethernet Controller Driver (HKLM-x32\...\{8833FFB6-5B0C-4764-81AA-06DFEED9A476}) (Version: 10.50.511.2021 - Realtek)
ROG Live Service (HKLM-x32\...\{2D87BFB6-C184-4A59-9BBE-3E20CE797631}) (Version: 1.3.12.0 - ASUSTek COMPUTER INC.)
Skype verze 8.82 (HKLM-x32\...\Skype_is1) (Version: 8.82 - Skype Technologies S.A.)
Steam (HKLM-x32\...\Steam) (Version: 2.10.91.91 - Valve Corporation)
WinRAR 6.10 beta 3 (64-bit) (HKLM\...\WinRAR archiver) (Version: 6.10.3 - win.rar GmbH)

Packages:
=========
Doplněk multimediálního modulu pro aplikaci Fotografie -> C:\Program Files\WindowsApps\Microsoft.Photos.MediaEngineDLC_1.0.0.0_x64__8wekyb3d8bbwe [2022-03-16] (Microsoft Corporation)
DTS Audio Processing -> C:\Program Files\WindowsApps\DTSInc.DTSAudioProcessing_1.10.2.0_x64__t5j2fzbtdg37r [2022-03-16] (DTS, Inc.)
HP Display Center -> C:\Program Files\WindowsApps\AD2F1837.HPDisplayCenter_1.0.44.0_x64__v10z8vjag6ke6 [2022-03-16] (HP Inc.) [Startup Task]
Microsoft Solitaire Collection -> C:\Program Files\WindowsApps\Microsoft.MicrosoftSolitaireCollection_4.12.2180.0_x64__8wekyb3d8bbwe [2022-03-16] (Microsoft Studios) [MS Ad]
Realtek Audio Control -> C:\Program Files\WindowsApps\RealtekSemiconductorCorp.RealtekAudioControl_1.29.256.0_x64__dt26b99r8h8gj [2022-03-18] (Realtek Semiconductor Corp)

==================== Custom CLSID (Whitelisted): ==============

(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)

ShellIconOverlayIdentifiers: [ OneDrive1] -> {BBACC218-34EA-4666-9D7A-C78F2274A524} => C:\Program Files\Microsoft OneDrive\22.045.0227.0004\FileSyncShell64.dll [2022-03-18] (Microsoft Corporation -> Microsoft Corporation)
ShellIconOverlayIdentifiers: [ OneDrive2] -> {5AB7172C-9C11-405C-8DD5-AF20F3606282} => C:\Program Files\Microsoft OneDrive\22.045.0227.0004\FileSyncShell64.dll [2022-03-18] (Microsoft Corporation -> Microsoft Corporation)
ShellIconOverlayIdentifiers: [ OneDrive3] -> {A78ED123-AB77-406B-9962-2A5D9D2F7F30} => C:\Program Files\Microsoft OneDrive\22.045.0227.0004\FileSyncShell64.dll [2022-03-18] (Microsoft Corporation -> Microsoft Corporation)
ShellIconOverlayIdentifiers: [ OneDrive4] -> {F241C880-6982-4CE5-8CF7-7085BA96DA5A} => C:\Program Files\Microsoft OneDrive\22.045.0227.0004\FileSyncShell64.dll [2022-03-18] (Microsoft Corporation -> Microsoft Corporation)
ShellIconOverlayIdentifiers: [ OneDrive5] -> {A0396A93-DC06-4AEF-BEE9-95FFCCAEF20E} => C:\Program Files\Microsoft OneDrive\22.045.0227.0004\FileSyncShell64.dll [2022-03-18] (Microsoft Corporation -> Microsoft Corporation)
ShellIconOverlayIdentifiers: [ OneDrive6] -> {9AA2F32D-362A-42D9-9328-24A483E2CCC3} => C:\Program Files\Microsoft OneDrive\22.045.0227.0004\FileSyncShell64.dll [2022-03-18] (Microsoft Corporation -> Microsoft Corporation)
ShellIconOverlayIdentifiers: [ OneDrive7] -> {C5FF006E-2AE9-408C-B85B-2DFDD5449D9C} => C:\Program Files\Microsoft OneDrive\22.045.0227.0004\FileSyncShell64.dll [2022-03-18] (Microsoft Corporation -> Microsoft Corporation)
ShellIconOverlayIdentifiers-x32: [ OneDrive1] -> {BBACC218-34EA-4666-9D7A-C78F2274A524} => C:\Program Files\Microsoft OneDrive\22.045.0227.0004\FileSyncShell64.dll [2022-03-18] (Microsoft Corporation -> Microsoft Corporation)
ShellIconOverlayIdentifiers-x32: [ OneDrive2] -> {5AB7172C-9C11-405C-8DD5-AF20F3606282} => C:\Program Files\Microsoft OneDrive\22.045.0227.0004\FileSyncShell64.dll [2022-03-18] (Microsoft Corporation -> Microsoft Corporation)
ShellIconOverlayIdentifiers-x32: [ OneDrive3] -> {A78ED123-AB77-406B-9962-2A5D9D2F7F30} => C:\Program Files\Microsoft OneDrive\22.045.0227.0004\FileSyncShell64.dll [2022-03-18] (Microsoft Corporation -> Microsoft Corporation)
ShellIconOverlayIdentifiers-x32: [ OneDrive4] -> {F241C880-6982-4CE5-8CF7-7085BA96DA5A} => C:\Program Files\Microsoft OneDrive\22.045.0227.0004\FileSyncShell64.dll [2022-03-18] (Microsoft Corporation -> Microsoft Corporation)
ShellIconOverlayIdentifiers-x32: [ OneDrive5] -> {A0396A93-DC06-4AEF-BEE9-95FFCCAEF20E} => C:\Program Files\Microsoft OneDrive\22.045.0227.0004\FileSyncShell64.dll [2022-03-18] (Microsoft Corporation -> Microsoft Corporation)
ShellIconOverlayIdentifiers-x32: [ OneDrive6] -> {9AA2F32D-362A-42D9-9328-24A483E2CCC3} => C:\Program Files\Microsoft OneDrive\22.045.0227.0004\FileSyncShell64.dll [2022-03-18] (Microsoft Corporation -> Microsoft Corporation)
ShellIconOverlayIdentifiers-x32: [ OneDrive7] -> {C5FF006E-2AE9-408C-B85B-2DFDD5449D9C} => C:\Program Files\Microsoft OneDrive\22.045.0227.0004\FileSyncShell64.dll [2022-03-18] (Microsoft Corporation -> Microsoft Corporation)
ContextMenuHandlers1: [ FileSyncEx] -> {CB3D0F55-BC2C-4C1A-85ED-23ED75B5106B} => C:\Program Files\Microsoft OneDrive\22.045.0227.0004\FileSyncShell64.dll [2022-03-18] (Microsoft Corporation -> Microsoft Corporation)
ContextMenuHandlers1: [ESET Security Shell] -> {B089FE88-FB52-11D3-BDF1-0050DA34150D} => C:\Program Files\ESET\ESET Security\shellExt.dll [2022-01-13] (ESET, spol. s r.o. -> ESET)
ContextMenuHandlers1: [WinRAR] -> {B41DB860-64E4-11D2-9906-E49FADC173CA} => C:\Program Files\WinRAR\rarext.dll [2022-01-01] (win.rar GmbH -> Alexander Roshal)
ContextMenuHandlers1-x32: [WinRAR32] -> {B41DB860-8EE4-11D2-9906-E49FADC173CA} => C:\Program Files\WinRAR\rarext32.dll [2022-01-01] (win.rar GmbH -> Alexander Roshal)
ContextMenuHandlers2: [ESET Security Shell] -> {B089FE88-FB52-11D3-BDF1-0050DA34150D} => C:\Program Files\ESET\ESET Security\shellExt.dll [2022-01-13] (ESET, spol. s r.o. -> ESET)
ContextMenuHandlers4: [ FileSyncEx] -> {CB3D0F55-BC2C-4C1A-85ED-23ED75B5106B} => C:\Program Files\Microsoft OneDrive\22.045.0227.0004\FileSyncShell64.dll [2022-03-18] (Microsoft Corporation -> Microsoft Corporation)
ContextMenuHandlers5: [ FileSyncEx] -> {CB3D0F55-BC2C-4C1A-85ED-23ED75B5106B} => C:\Program Files\Microsoft OneDrive\22.045.0227.0004\FileSyncShell64.dll [2022-03-18] (Microsoft Corporation -> Microsoft Corporation)
ContextMenuHandlers5: [ACE] -> {5E2121EE-0300-11D4-8D3B-444553540000} => C:\Windows\System32\atiacm64.dll [2021-10-14] (Advanced Micro Devices Inc. -> Advanced Micro Devices, Inc.)
ContextMenuHandlers6: [ESET Security Shell] -> {B089FE88-FB52-11D3-BDF1-0050DA34150D} => C:\Program Files\ESET\ESET Security\shellExt.dll [2022-01-13] (ESET, spol. s r.o. -> ESET)
ContextMenuHandlers6: [WinRAR] -> {B41DB860-64E4-11D2-9906-E49FADC173CA} => C:\Program Files\WinRAR\rarext.dll [2022-01-01] (win.rar GmbH -> Alexander Roshal)
ContextMenuHandlers6-x32: [WinRAR32] -> {B41DB860-8EE4-11D2-9906-E49FADC173CA} => C:\Program Files\WinRAR\rarext32.dll [2022-01-01] (win.rar GmbH -> Alexander Roshal)

==================== Codecs (Whitelisted) ====================

==================== Shortcuts & WMI ========================

==================== Loaded Modules (Whitelisted) =============

2021-04-21 03:21 - 2021-04-21 03:21 - 000017920 _____ () [File not signed] C:\Program Files\AMD\CNext\CNext\libEGL.dll
2021-04-21 03:21 - 2021-04-21 03:21 - 003567616 _____ () [File not signed] C:\Program Files\AMD\CNext\CNext\libGLESv2.dll
2021-10-05 12:17 - 2021-10-05 12:17 - 001711616 _____ (Advanced Micro Devices, Inc.) [File not signed] C:\Program Files\AMD\WVR\OpenVR\bin\win64\driver_amdwvr.dll
2017-09-05 00:15 - 2017-09-05 00:15 - 004396032 _____ (Microsoft Corporation) [File not signed] C:\Program Files\AMD\CNext\CNext\D3DCompiler_47.dll
2021-04-21 03:21 - 2021-04-21 03:21 - 000057856 _____ (The Qt Company Ltd.) [File not signed] C:\Program Files\AMD\CNext\CNext\plugins\audio\qtaudio_windows.dll
2021-04-21 03:21 - 2021-04-21 03:21 - 000031744 _____ (The Qt Company Ltd.) [File not signed] C:\Program Files\AMD\CNext\CNext\plugins\imageformats\qgif.dll
2021-04-21 03:21 - 2021-04-21 03:21 - 000039424 _____ (The Qt Company Ltd.) [File not signed] C:\Program Files\AMD\CNext\CNext\plugins\imageformats\qicns.dll
2021-04-21 03:21 - 2021-04-21 03:21 - 000031232 _____ (The Qt Company Ltd.) [File not signed] C:\Program Files\AMD\CNext\CNext\plugins\imageformats\qico.dll
2021-04-21 03:21 - 2021-04-21 03:21 - 000415232 _____ (The Qt Company Ltd.) [File not signed] C:\Program Files\AMD\CNext\CNext\plugins\imageformats\qjpeg.dll
2021-04-21 03:21 - 2021-04-21 03:21 - 000025088 _____ (The Qt Company Ltd.) [File not signed] C:\Program Files\AMD\CNext\CNext\plugins\imageformats\qsvg.dll
2021-04-21 03:21 - 2021-04-21 03:21 - 000025088 _____ (The Qt Company Ltd.) [File not signed] C:\Program Files\AMD\CNext\CNext\plugins\imageformats\qtga.dll
2021-04-21 03:21 - 2021-04-21 03:21 - 000023552 _____ (The Qt Company Ltd.) [File not signed] C:\Program Files\AMD\CNext\CNext\plugins\imageformats\qwbmp.dll
2021-04-21 03:21 - 2021-04-21 03:21 - 000532992 _____ (The Qt Company Ltd.) [File not signed] C:\Program Files\AMD\CNext\CNext\plugins\imageformats\qwebp.dll
2021-04-21 03:21 - 2021-04-21 03:21 - 001455104 _____ (The Qt Company Ltd.) [File not signed] C:\Program Files\AMD\CNext\CNext\plugins\platforms\qwindows.dll
2021-04-21 03:21 - 2021-04-21 03:21 - 001227776 _____ (The Qt Company Ltd.) [File not signed] C:\Program Files\AMD\CNext\CNext\plugins\sqldrivers\qsqlite.dll
2021-04-21 03:21 - 2021-04-21 03:21 - 000135680 _____ (The Qt Company Ltd.) [File not signed] C:\Program Files\AMD\CNext\CNext\plugins\styles\qwindowsvistastyle.dll
2021-04-21 03:21 - 2021-04-21 03:21 - 006270976 _____ (The Qt Company Ltd.) [File not signed] C:\Program Files\AMD\CNext\CNext\Qt5Core.dll
2021-04-21 03:21 - 2021-04-21 03:21 - 006947328 _____ (The Qt Company Ltd.) [File not signed] C:\Program Files\AMD\CNext\CNext\Qt5Gui.dll
2021-04-21 03:21 - 2021-04-21 03:21 - 000740352 _____ (The Qt Company Ltd.) [File not signed] C:\Program Files\AMD\CNext\CNext\Qt5Multimedia.dll
2021-04-21 03:21 - 2021-04-21 03:21 - 000123392 _____ (The Qt Company Ltd.) [File not signed] C:\Program Files\AMD\CNext\CNext\Qt5MultimediaQuick.dll
2021-04-21 03:21 - 2021-04-21 03:21 - 001110528 _____ (The Qt Company Ltd.) [File not signed] C:\Program Files\AMD\CNext\CNext\Qt5Network.dll
2021-04-21 03:21 - 2021-04-21 03:21 - 000326656 _____ (The Qt Company Ltd.) [File not signed] C:\Program Files\AMD\CNext\CNext\Qt5Positioning.dll
2021-04-21 03:21 - 2021-04-21 03:21 - 003798528 _____ (The Qt Company Ltd.) [File not signed] C:\Program Files\AMD\CNext\CNext\Qt5Qml.dll
2021-04-21 03:21 - 2021-04-21 03:21 - 000440832 _____ (The Qt Company Ltd.) [File not signed] C:\Program Files\AMD\CNext\CNext\Qt5QmlModels.dll
2021-04-21 03:21 - 2021-04-21 03:21 - 000054784 _____ (The Qt Company Ltd.) [File not signed] C:\Program Files\AMD\CNext\CNext\Qt5QmlWorkerScript.dll
2021-04-21 03:21 - 2021-04-21 03:21 - 004255744 _____ (The Qt Company Ltd.) [File not signed] C:\Program Files\AMD\CNext\CNext\Qt5Quick.dll
2021-04-21 03:21 - 2021-04-21 03:21 - 000171520 _____ (The Qt Company Ltd.) [File not signed] C:\Program Files\AMD\CNext\CNext\Qt5QuickControls2.dll
2021-04-21 03:21 - 2021-04-21 03:21 - 001128448 _____ (The Qt Company Ltd.) [File not signed] C:\Program Files\AMD\CNext\CNext\Qt5QuickTemplates2.dll
2021-04-21 03:21 - 2021-04-21 03:21 - 000206336 _____ (The Qt Company Ltd.) [File not signed] C:\Program Files\AMD\CNext\CNext\Qt5Sql.dll
2021-04-21 03:21 - 2021-04-21 03:21 - 000334336 _____ (The Qt Company Ltd.) [File not signed] C:\Program Files\AMD\CNext\CNext\Qt5Svg.dll
2021-04-21 03:21 - 2021-04-21 03:21 - 000396800 _____ (The Qt Company Ltd.) [File not signed] C:\Program Files\AMD\CNext\CNext\Qt5WebEngine.dll
2021-04-21 03:21 - 2021-04-21 03:21 - 102854656 _____ (The Qt Company Ltd.) [File not signed] C:\Program Files\AMD\CNext\CNext\Qt5WebEngineCore.dll
2021-04-21 03:21 - 2021-04-21 03:21 - 000133120 _____ (The Qt Company Ltd.) [File not signed] C:\Program Files\AMD\CNext\CNext\Qt5WebChannel.dll
2021-04-21 03:21 - 2021-04-21 03:21 - 005611008 _____ (The Qt Company Ltd.) [File not signed] C:\Program Files\AMD\CNext\CNext\Qt5Widgets.dll
2021-04-21 03:21 - 2021-04-21 03:21 - 000463360 _____ (The Qt Company Ltd.) [File not signed] C:\Program Files\AMD\CNext\CNext\Qt5WinExtras.dll
2021-04-21 03:21 - 2021-04-21 03:21 - 000210432 _____ (The Qt Company Ltd.) [File not signed] C:\Program Files\AMD\CNext\CNext\Qt5Xml.dll
2021-04-21 03:21 - 2021-04-21 03:21 - 002877440 _____ (The Qt Company Ltd.) [File not signed] C:\Program Files\AMD\CNext\CNext\Qt5XmlPatterns.dll
2021-04-21 03:21 - 2021-04-21 03:21 - 000056832 _____ (The Qt Company Ltd.) [File not signed] C:\Program Files\AMD\CNext\CNext\QtGraphicalEffects\private\qtgraphicaleffectsprivate.dll
2021-04-21 03:21 - 2021-04-21 03:21 - 000059392 _____ (The Qt Company Ltd.) [File not signed] C:\Program Files\AMD\CNext\CNext\QtGraphicalEffects\qtgraphicaleffectsplugin.dll
2021-04-21 03:21 - 2021-04-21 03:21 - 000267776 _____ (The Qt Company Ltd.) [File not signed] C:\Program Files\AMD\CNext\CNext\QtMultimedia\declarative_multimedia.dll
2021-04-21 03:21 - 2021-04-21 03:21 - 000017408 _____ (The Qt Company Ltd.) [File not signed] C:\Program Files\AMD\CNext\CNext\QtQml\qmlplugin.dll
2021-04-21 03:21 - 2021-04-21 03:21 - 000017920 _____ (The Qt Company Ltd.) [File not signed] C:\Program Files\AMD\CNext\CNext\QtQuick.2\qtquick2plugin.dll
2021-04-21 03:21 - 2021-04-21 03:21 - 000290816 _____ (The Qt Company Ltd.) [File not signed] C:\Program Files\AMD\CNext\CNext\QtQuick\Controls.2\qtquickcontrols2plugin.dll
2021-04-21 03:21 - 2021-04-21 03:21 - 000336896 _____ (The Qt Company Ltd.) [File not signed] C:\Program Files\AMD\CNext\CNext\QtQuick\Controls\qtquickcontrolsplugin.dll
2021-04-21 03:21 - 2021-04-21 03:21 - 000134144 _____ (The Qt Company Ltd.) [File not signed] C:\Program Files\AMD\CNext\CNext\QtQuick\Dialogs\dialogplugin.dll
2021-04-21 03:21 - 2021-04-21 03:21 - 000106496 _____ (The Qt Company Ltd.) [File not signed] C:\Program Files\AMD\CNext\CNext\QtQuick\Layouts\qquicklayoutsplugin.dll
2021-04-21 03:21 - 2021-04-21 03:21 - 000325120 _____ (The Qt Company Ltd.) [File not signed] C:\Program Files\AMD\CNext\CNext\QtQuick\Templates.2\qtquicktemplates2plugin.dll
2021-04-21 03:21 - 2021-04-21 03:21 - 000045568 _____ (The Qt Company Ltd.) [File not signed] C:\Program Files\AMD\CNext\CNext\QtQuick\Window.2\windowplugin.dll
2021-04-21 03:21 - 2021-04-21 03:21 - 000093184 _____ (The Qt Company Ltd.) [File not signed] C:\Program Files\AMD\CNext\CNext\QtWebEngine\qtwebengineplugin.dll

==================== Alternate Data Streams (Whitelisted) ========

==================== Safe Mode (Whitelisted) ==================

(If an entry is included in the fixlist, it will be removed from the registry. The "AlternateShell" will be restored.)

HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\amsdk.sys => ""="Driver"
HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Network\amsdk.sys => ""="Driver"

==================== Association (Whitelisted) =================

==================== Internet Explorer (Whitelisted) ==========

BHO: Skype for Business Browser Helper -> {31D09BA0-12F5-4CCE-BE8A-2923E76605DA} -> C:\Program Files (x86)\Microsoft Office\root\VFS\ProgramFilesX64\Microsoft Office\Office16\OCHelper.dll [2022-03-16] (Microsoft Corporation -> Microsoft Corporation)
BHO-x32: Skype for Business Browser Helper -> {31D09BA0-12F5-4CCE-BE8A-2923E76605DA} -> C:\Program Files (x86)\Microsoft Office\root\Office16\OCHelper.dll [2022-03-16] (Microsoft Corporation -> Microsoft Corporation)
Handler-x32: mso-minsb-roaming.16 - {83C25742-A9F7-49FB-9138-434302C88D07} - C:\Program Files (x86)\Microsoft Office\root\Office16\MSOSB.DLL [2022-03-16] (Microsoft Corporation -> Microsoft Corporation)
Handler-x32: mso-minsb.16 - {42089D2D-912D-4018-9087-2B87803E93FB} - C:\Program Files (x86)\Microsoft Office\root\Office16\MSOSB.DLL [2022-03-16] (Microsoft Corporation -> Microsoft Corporation)
Handler-x32: osf-roaming.16 - {42089D2D-912D-4018-9087-2B87803E93FB} - C:\Program Files (x86)\Microsoft Office\root\Office16\MSOSB.DLL [2022-03-16] (Microsoft Corporation -> Microsoft Corporation)
Handler-x32: osf.16 - {5504BE45-A83B-4808-900A-3A5C36E7F77A} - C:\Program Files (x86)\Microsoft Office\root\Office16\MSOSB.DLL [2022-03-16] (Microsoft Corporation -> Microsoft Corporation)

==================== Hosts content: =========================

(If needed Hosts: directive could be included in the fixlist to reset Hosts.)

2019-12-07 10:14 - 2022-03-17 20:45 - 000000841 _____ C:\Windows\system32\drivers\etc\hosts
127.0.0.1 localhost

==================== Other Areas ===========================

(Currently there is no automatic fix for this section.)

HKU\S-1-5-21-2462690449-1114630332-3244458091-1001\Control Panel\Desktop\\Wallpaper -> c:\users\libor\appdata\local\packages\microsoft.windows.photos_8wekyb3d8bbwe\localstate\photosappbackground\hazenanoveveseli_barvainverzni_big (2).png
DNS Servers: 10.0.0.1
HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Policies\System => (ConsentPromptBehaviorAdmin: 5) (ConsentPromptBehaviorUser: 3) (EnableLUA: 1)
HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer => (SmartScreenEnabled: )
Windows Firewall is enabled.

==================== MSCONFIG/TASK MANAGER disabled items ==

(If an entry is included in the fixlist, it will be removed.)

HKU\S-1-5-21-2462690449-1114630332-3244458091-1001\...\StartupApproved\Run: => "CCleaner Smart Cleaning"
HKU\S-1-5-21-2462690449-1114630332-3244458091-1001\...\StartupApproved\Run: => "Steam"

==================== FirewallRules (Whitelisted) ================

(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)

FirewallRules: [{F5D8F54E-C479-411C-A06D-1EAF1DC6586E}] => (Allow) C:\Program Files (x86)\ASUS\ROG Live Service\ROGLiveService.exe (ASUSTeK COMPUTER INC. -> ASUSTek COMPUTER INC.)
FirewallRules: [{8694F602-48C3-48E8-BA9E-9DC25745DAB0}] => (Allow) C:\Program Files (x86)\ASUS\ROG Live Service\ROGLiveService.exe (ASUSTeK COMPUTER INC. -> ASUSTek COMPUTER INC.)
FirewallRules: [{7744E3F4-00D5-42EE-967C-BA929F2E4DF1}] => (Allow) C:\Program Files\WindowsApps\Microsoft.SkypeApp_15.80.194.0_x86__kzf8qxf38zg5c\Skype\Skype.exe (Skype Software Sarl -> Skype Technologies S.A.)
FirewallRules: [{DBF992E7-E913-494A-A10B-742D599982D0}] => (Allow) C:\Program Files\WindowsApps\Microsoft.SkypeApp_15.80.194.0_x86__kzf8qxf38zg5c\Skype\Skype.exe (Skype Software Sarl -> Skype Technologies S.A.)
FirewallRules: [{4E76DE4C-1A18-40FB-BE30-B32190077EFF}] => (Allow) C:\Program Files\WindowsApps\Microsoft.SkypeApp_15.80.194.0_x86__kzf8qxf38zg5c\Skype\Skype.exe (Skype Software Sarl -> Skype Technologies S.A.)
FirewallRules: [{01457F85-DE01-4D37-85A1-69B611376320}] => (Allow) C:\Program Files\WindowsApps\Microsoft.SkypeApp_15.80.194.0_x86__kzf8qxf38zg5c\Skype\Skype.exe (Skype Software Sarl -> Skype Technologies S.A.)
FirewallRules: [{C69C9796-7A07-46A1-9B24-F2A7734EA641}] => (Allow) C:\Program Files\Mozilla Firefox\firefox.exe (Mozilla Corporation -> Mozilla Corporation)
FirewallRules: [{45FABDE8-A1E5-44B5-931C-99EFD368992D}] => (Allow) C:\Program Files\Mozilla Firefox\firefox.exe (Mozilla Corporation -> Mozilla Corporation)
FirewallRules: [{D29B6093-E742-4125-AEA4-F1ECC4C5757E}] => (Allow) C:\Program Files (x86)\Microsoft\Skype for Desktop\Skype.exe (Skype Software Sarl -> Skype Technologies S.A.)
FirewallRules: [{5AE418B9-130B-476D-9CC1-DB1F5A7F6D79}] => (Allow) C:\Program Files (x86)\Microsoft\Skype for Desktop\Skype.exe (Skype Software Sarl -> Skype Technologies S.A.)
FirewallRules: [{E5CF53CB-6AAF-4BAB-9730-46DA37536EB0}] => (Allow) C:\Program Files (x86)\Microsoft Office\root\Office16\Lync.exe (Microsoft Corporation -> Microsoft Corporation)
FirewallRules: [{A5B69891-2B41-4F85-BCB0-42A541A3DDB3}] => (Allow) C:\Program Files (x86)\Microsoft Office\root\Office16\UcMapi.exe (Microsoft Corporation -> Microsoft Corporation)
FirewallRules: [{851D4932-7163-4C0E-B303-CA5B68E3ACD1}] => (Allow) C:\Program Files (x86)\Microsoft Office\root\Office16\outlook.exe (Microsoft Corporation -> Microsoft Corporation)
FirewallRules: [{63152B7B-35AA-4A89-A7A9-81755011DCF9}] => (Allow) C:\Program Files (x86)\Microsoft Office\root\Office16\Lync.exe (Microsoft Corporation -> Microsoft Corporation)
FirewallRules: [{494C6DF1-0D4F-4440-9CAD-9371FF8FAFFE}] => (Allow) C:\Program Files (x86)\Microsoft Office\root\Office16\UcMapi.exe (Microsoft Corporation -> Microsoft Corporation)
FirewallRules: [{F4490131-BF75-4986-85EB-30D234DFC07B}] => (Allow) C:\Program Files (x86)\Steam\Steam.exe (Valve Corp. -> Valve Corporation)
FirewallRules: [{D5D24FE9-CCB7-4615-82FD-FB62E323E5EB}] => (Allow) C:\Program Files (x86)\Steam\Steam.exe (Valve Corp. -> Valve Corporation)
FirewallRules: [{51CFF2FF-BB53-4BDE-A9E2-114771C725B3}] => (Allow) C:\Program Files (x86)\Steam\bin\cef\cef.win7x64\steamwebhelper.exe (Valve Corp. -> Valve Corporation)
FirewallRules: [{7883A8D7-9461-4BA0-9D87-D054E85B2966}] => (Allow) C:\Program Files (x86)\Steam\bin\cef\cef.win7x64\steamwebhelper.exe (Valve Corp. -> Valve Corporation)
FirewallRules: [{820ADB29-0D82-4DBE-B4AE-E8C796DAB4B2}] => (Allow) C:\Program Files (x86)\Steam\steamapps\common\Counter-Strike Global Offensive\csgo.exe (Valve Corp. -> )
FirewallRules: [{576C6554-6C4D-4B80-BCBB-20802506D43C}] => (Allow) C:\Program Files (x86)\Steam\steamapps\common\Counter-Strike Global Offensive\csgo.exe (Valve Corp. -> )
FirewallRules: [{2454CB13-ED19-4D47-8468-088E645E8F85}] => (Allow) C:\Program Files\AMD\CNext\CNext\AMDRSServ.exe (Advanced Micro Devices Inc. -> Advanced Micro Devices, Inc.)
FirewallRules: [{2D631386-475A-4D59-9974-4B81E1AB352A}] => (Allow) C:\Program Files\AMD\CNext\CNext\Radeonsoftware.exe (Advanced Micro Devices Inc. -> Advanced Micro Devices, Inc.)
FirewallRules: [{4D9D8653-72C6-45A6-80CE-448563BD027E}] => (Allow) C:\Program Files\AMD\CNext\CNext\AMDLink.exe (Advanced Micro Devices Inc. -> Advanced Micro Devices, Inc.)

==================== Restore Points =========================

15-03-2022 19:38:11 Nainstalováno rozhraní DirectX
16-03-2022 22:14:56 JRT Pre-Junkware Removal
17-03-2022 19:22:47 Installed ACECAD DigiMemo Manager
17-03-2022 19:23:37 Removed ACECAD DigiMemo Manager
17-03-2022 20:45:09 zoek.exe restore point

==================== Faulty Device Manager Devices ============

Name: Řadič sběrnice SM
Description: Řadič sběrnice SM
Class Guid:
Manufacturer:
Service:
Problem: : The drivers for this device are not installed. (Code 28)
Resolution: To install the drivers for this device, click "Update Driver", which starts the Hardware Update wizard.

Name: Zařízení PCI
Description: Zařízení PCI
Class Guid:
Manufacturer:
Service:
Problem: : The drivers for this device are not installed. (Code 28)
Resolution: To install the drivers for this device, click "Update Driver", which starts the Hardware Update wizard.

Name: AMD Streaming Audio Device
Description: AMD Streaming Audio Device
Class Guid: {4d36e96c-e325-11ce-bfc1-08002be10318}
Manufacturer: AMD
Service: AMDSAFD
Problem: : This device is disabled. (Code 22)
Resolution: In Device Manager, click "Action", and then click "Enable Device". This starts the Enable Device wizard. Follow the instructions.

Name: Zařízení PCI
Description: Zařízení PCI
Class Guid:
Manufacturer:
Service:
Problem: : The drivers for this device are not installed. (Code 28)
Resolution: To install the drivers for this device, click "Update Driver", which starts the Hardware Update wizard.

Name: AMD High Definition Audio Device
Description: AMD High Definition Audio Device
Class Guid: {4d36e96c-e325-11ce-bfc1-08002be10318}
Manufacturer: Advanced Micro Devices
Service: AtiHDAudioService
Problem: : This device is disabled. (Code 22)
Resolution: In Device Manager, click "Action", and then click "Enable Device". This starts the Enable Device wizard. Follow the instructions.

Name: Řadič RAID
Description: Řadič RAID
Class Guid:
Manufacturer:
Service:
Problem: : The drivers for this device are not installed. (Code 28)
Resolution: To install the drivers for this device, click "Update Driver", which starts the Hardware Update wizard.

Name: Zařízení PCI
Description: Zařízení PCI
Class Guid:
Manufacturer:
Service:
Problem: : The drivers for this device are not installed. (Code 28)
Resolution: To install the drivers for this device, click "Update Driver", which starts the Hardware Update wizard.

Name:
Description:
Class Guid:
Manufacturer:
Service:
Problem: : The drivers for this device are not installed. (Code 28)
Resolution: To install the drivers for this device, click "Update Driver", which starts the Hardware Update wizard.

Name: Zařízení PCI
Description: Zařízení PCI
Class Guid:
Manufacturer:
Service:
Problem: : The drivers for this device are not installed. (Code 28)
Resolution: To install the drivers for this device, click "Update Driver", which starts the Hardware Update wizard.


==================== Event log errors: ========================

Application errors:
==================
Error: (03/19/2022 02:10:27 PM) (Source: Application Hang) (EventID: 1002) (User: )
Description: Program YourPhone.exe verze 1.22022.147.0 přestal spolupracovat s Windows a byl ukončen. Pokud chcete zjistit, jestli je k dispozici více informací o tomto problému, vyhledejte historii problému na ovládacím panelu Zabezpečení a údržba.

ID procesu: 2d6c

Čas spuštění: 01d83b901fc6e6f7

Čas ukončení: 4294967295

Cesta k aplikaci: C:\Program Files\WindowsApps\Microsoft.YourPhone_1.22022.147.0_x64__8wekyb3d8bbwe\YourPhone.exe

ID hlášení: 5fb12856-753e-41cc-9d26-ffadfd4fdc12

Úplný název balíčku s chybou: Microsoft.YourPhone_1.22022.147.0_x64__8wekyb3d8bbwe

ID aplikace relativní podle balíčku s chybou: App

Typ zablokování: Quiesce

Error: (03/19/2022 01:33:28 PM) (Source: Application Hang) (EventID: 1002) (User: )
Description: Program StartMenuExperienceHost.exe verze 0.0.0.0 přestal spolupracovat s Windows a byl ukončen. Pokud chcete zjistit, jestli je k dispozici více informací o tomto problému, vyhledejte historii problému na ovládacím panelu Zabezpečení a údržba.

ID procesu: 1ba8

Čas spuštění: 01d83b838cb2484e

Čas ukončení: 4294967295

Cesta k aplikaci: C:\Windows\SystemApps\Microsoft.Windows.StartMenuExperienceHost_cw5n1h2txyewy\StartMenuExperienceHost.exe

ID hlášení: c51ea471-5661-47c6-8b77-20af0e837fe9

Úplný název balíčku s chybou: Microsoft.Windows.StartMenuExperienceHost_10.0.19041.1023_neutral_neutral_cw5n1h2txyewy

ID aplikace relativní podle balíčku s chybou: App

Typ zablokování: Quiesce

Error: (03/19/2022 01:25:52 PM) (Source: Application Hang) (EventID: 1002) (User: )
Description: Program YourPhone.exe verze 1.22022.147.0 přestal spolupracovat s Windows a byl ukončen. Pokud chcete zjistit, jestli je k dispozici více informací o tomto problému, vyhledejte historii problému na ovládacím panelu Zabezpečení a údržba.

ID procesu: 2208

Čas spuštění: 01d83b838dc3a1ec

Čas ukončení: 4294967295

Cesta k aplikaci: C:\Program Files\WindowsApps\Microsoft.YourPhone_1.22022.147.0_x64__8wekyb3d8bbwe\YourPhone.exe

ID hlášení: 9df83066-dcfe-405b-804f-c9fe4cd3da16

Úplný název balíčku s chybou: Microsoft.YourPhone_1.22022.147.0_x64__8wekyb3d8bbwe

ID aplikace relativní podle balíčku s chybou: App

Typ zablokování: Quiesce

Error: (03/18/2022 01:57:56 PM) (Source: SecurityCenter) (EventID: 17) (User: )
Description: Centru zabezpečení se nepodařilo ověřit volajícího s chybou %1.

Error: (03/18/2022 12:58:29 PM) (Source: Application Error) (EventID: 1000) (User: )
Description: Název chybující aplikace: RtkUWP.exe, verze: 1.29.256.0, časové razítko: 0x6142dd21
Název chybujícího modulu: KERNELBASE.dll, verze: 10.0.19041.1566, časové razítko: 0x0833f2d4
Kód výjimky: 0xc000027b
Posun chyby: 0x000000000010b362
ID chybujícího procesu: 0x1494
Čas spuštění chybující aplikace: 0x01d83abf7b793851
Cesta k chybující aplikaci: C:\Program Files\WindowsApps\RealtekSemiconductorCorp.RealtekAudioControl_1.29.256.0_x64__dt26b99r8h8gj\RtkUWP.exe
Cesta k chybujícímu modulu: C:\Windows\System32\KERNELBASE.dll
ID zprávy: 385ba157-f762-498a-99ac-6f72354b915a
Úplný název chybujícího balíčku: RealtekSemiconductorCorp.RealtekAudioControl_1.29.256.0_x64__dt26b99r8h8gj
ID aplikace související s chybujícím balíčkem: App

Error: (03/17/2022 07:23:14 PM) (Source: SideBySide) (EventID: 33) (User: )
Description: Generování kontextu aktivace pro C:\Windows\WinSxS\x86_microsoft.vc80.mfc_1fc8b3b9a1e18e3b_8.0.50727.4053_none_cbf21254470d8752\MFC80.DLL se nezdařilo.
Závislé sestavení Microsoft.VC80.MFCLOC,processorArchitecture="x86",publicKeyToken="1fc8b3b9a1e18e3b",type="win32",version="8.0.50608.0" nelze najít.
Podrobnější diagnostické údaje získáte pomocí programu sxstrace.exe.

Error: (03/17/2022 07:23:14 PM) (Source: SideBySide) (EventID: 33) (User: )
Description: Generování kontextu aktivace pro C:\Windows\WinSxS\x86_microsoft.vc80.mfc_1fc8b3b9a1e18e3b_8.0.50727.4053_none_cbf21254470d8752\MFC80.DLL se nezdařilo.
Závislé sestavení Microsoft.VC80.MFCLOC,processorArchitecture="x86",publicKeyToken="1fc8b3b9a1e18e3b",type="win32",version="8.0.50608.0" nelze najít.
Podrobnější diagnostické údaje získáte pomocí programu sxstrace.exe.

Error: (03/17/2022 07:23:01 PM) (Source: SideBySide) (EventID: 33) (User: )
Description: Generování kontextu aktivace pro C:\Windows\WinSxS\x86_microsoft.vc80.mfc_1fc8b3b9a1e18e3b_8.0.50727.4053_none_cbf21254470d8752\MFC80.DLL se nezdařilo.
Závislé sestavení Microsoft.VC80.MFCLOC,processorArchitecture="x86",publicKeyToken="1fc8b3b9a1e18e3b",type="win32",version="8.0.50608.0" nelze najít.
Podrobnější diagnostické údaje získáte pomocí programu sxstrace.exe.


System errors:
=============
Error: (03/19/2022 04:49:07 PM) (Source: Microsoft-Windows-WHEA-Logger) (EventID: 1) (User: NT AUTHORITY)
Description: Došlo k závažné chybě hardwaru. Záznam chyby s popisem stavu je obsažen v datové části této události.

Error: (03/19/2022 04:49:06 PM) (Source: EventLog) (EventID: 6008) (User: )
Description: Předchozí vypnutí systému (16:40:38, ‎19.‎03.‎2022) bylo neočekávané.

Error: (03/19/2022 12:21:57 PM) (Source: Microsoft-Windows-WHEA-Logger) (EventID: 1) (User: NT AUTHORITY)
Description: Došlo k závažné chybě hardwaru. Záznam chyby s popisem stavu je obsažen v datové části této události.

Error: (03/19/2022 12:21:56 PM) (Source: EventLog) (EventID: 6008) (User: )
Description: Předchozí vypnutí systému (11:29:23, ‎19.‎03.‎2022) bylo neočekávané.

Error: (03/19/2022 07:25:51 AM) (Source: DCOM) (EventID: 10000) (User: DESKTOP-NOL41JG)
Description: Nelze spustit server DCOM: {0358B920-0AC7-461F-98F4-58E32CD89148}. Došlo k chybě:
2147942767
při provádění příkazu:
C:\Windows\system32\DllHost.exe /Processid:{3EB3C877-1F16-487C-9050-104DBCD66683}

Error: (03/18/2022 01:58:45 PM) (Source: DCOM) (EventID: 10010) (User: DESKTOP-NOL41JG)
Description: Server {9BA05972-F6A8-11CF-A442-00A0C90A8F39} se v daném časovém limitu neregistroval u služby DCOM.

Error: (03/18/2022 01:31:26 PM) (Source: DCOM) (EventID: 10010) (User: DESKTOP-NOL41JG)
Description: Server {9BA05972-F6A8-11CF-A442-00A0C90A8F39} se v daném časovém limitu neregistroval u služby DCOM.

Error: (03/18/2022 12:39:57 PM) (Source: Microsoft-Windows-WHEA-Logger) (EventID: 1) (User: NT AUTHORITY)
Description: Došlo k závažné chybě hardwaru. Záznam chyby s popisem stavu je obsažen v datové části této události.


Windows Defender:
================
Date: 2022-03-16 15:30:06
Description:
Prohledávání Antivirová ochrana v programu Microsoft Defender bylo zastaveno před dokončením.
ID prohledávání: {83613592-D1A1-4336-B59B-235B87C0461C}
Typ prohledávání: Antimalwarový program
Parametry prohledávání: Rychlé prohledávání
Uživatel: DESKTOP-NOL41JG\Libor

Date: 2022-03-16 15:28:07
Description:
Antivirová ochrana v programu Microsoft Defender zjistil malware nebo jiný potenciálně nežádoucí software.
Další informace:
https://go.microsoft.com/fwlink/?linkid ... terprise=0
Název: Trojan:Win64/Donut.CIK!MTB
Závažnost: Vážné
Kategorie: Trojský kůň
Cesta: file:_C:\Users\Libor\AppData\Local\Temp\Rar$EXb4604.10614\Install.exe; file:_C:\Users\Libor\AppData\Local\Temp\Rar$EXb4604.11267\Install.exe; file:_C:\Users\Libor\AppData\Local\Temp\Rar$EXb4604.12510\Install.exe; file:_C:\Users\Libor\AppData\Local\Temp\Rar$EXb4604.15160\ESET NOD32 Antivirus Premium.exe; file:_C:\Users\Libor\AppData\Local\Temp\Rar$EXb4604.16032\ESET NOD32 Antivirus Premium.exe; file:_C:\Users\Libor\AppData\Local\Temp\Rar$EXb4604.16032\Install.exe; file:_C:\Users\Libor\AppData\Local\Temp\Rar$EXb4604.17455\ESET NOD32 Antivirus Premium.exe; file:_C:\Users\Libor\AppData\Local\Temp\Rar$EXb4604.17455\Install.exe; file:_C:\Users\Libor\AppData\Local\Temp\Rar$EXb4604.32360\Install.exe
Původ detekce: Místní počítač
Typ detekce: FastPath
Zdroj detekce: Ochrana v reálném čase
Uživatel: DESKTOP-NOL41JG\Libor
Název procesu: C:\Program Files\CCleaner\CCleaner64.exe
Verze bezpečnostních informací: AV: 1.361.81.0, AS: 1.361.81.0, NIS: 1.361.81.0
Verze modulu: AM: 1.1.19000.8, NIS: 1.1.19000.8

Date: 2022-03-16 15:28:07
Description:
Antivirová ochrana v programu Microsoft Defender zjistil malware nebo jiný potenciálně nežádoucí software.
Další informace:
https://go.microsoft.com/fwlink/?linkid ... terprise=0
Název: Trojan:Win64/Donut.CIK!MTB
Závažnost: Vážné
Kategorie: Trojský kůň
Cesta: file:_C:\Users\Libor\AppData\Local\Temp\Rar$EXb4604.10614\Install.exe; file:_C:\Users\Libor\AppData\Local\Temp\Rar$EXb4604.11267\Install.exe; file:_C:\Users\Libor\AppData\Local\Temp\Rar$EXb4604.12510\Install.exe; file:_C:\Users\Libor\AppData\Local\Temp\Rar$EXb4604.15160\ESET NOD32 Antivirus Premium.exe; file:_C:\Users\Libor\AppData\Local\Temp\Rar$EXb4604.16032\ESET NOD32 Antivirus Premium.exe; file:_C:\Users\Libor\AppData\Local\Temp\Rar$EXb4604.16032\Install.exe; file:_C:\Users\Libor\AppData\Local\Temp\Rar$EXb4604.17455\ESET NOD32 Antivirus Premium.exe; file:_C:\Users\Libor\AppData\Local\Temp\Rar$EXb4604.17455\Install.exe
Původ detekce: Místní počítač
Typ detekce: FastPath
Zdroj detekce: Ochrana v reálném čase
Uživatel: DESKTOP-NOL41JG\Libor
Název procesu: C:\Program Files\CCleaner\CCleaner64.exe
Verze bezpečnostních informací: AV: 1.361.81.0, AS: 1.361.81.0, NIS: 1.361.81.0
Verze modulu: AM: 1.1.19000.8, NIS: 1.1.19000.8

Date: 2022-03-16 15:28:07
Description:
Antivirová ochrana v programu Microsoft Defender zjistil malware nebo jiný potenciálně nežádoucí software.
Další informace:
https://go.microsoft.com/fwlink/?linkid ... terprise=0
Název: Trojan:Win64/Donut.CIK!MTB
Závažnost: Vážné
Kategorie: Trojský kůň
Cesta: file:_C:\Users\Libor\AppData\Local\Temp\Rar$EXb4604.10614\Install.exe; file:_C:\Users\Libor\AppData\Local\Temp\Rar$EXb4604.11267\Install.exe; file:_C:\Users\Libor\AppData\Local\Temp\Rar$EXb4604.12510\Install.exe; file:_C:\Users\Libor\AppData\Local\Temp\Rar$EXb4604.15160\ESET NOD32 Antivirus Premium.exe; file:_C:\Users\Libor\AppData\Local\Temp\Rar$EXb4604.16032\ESET NOD32 Antivirus Premium.exe; file:_C:\Users\Libor\AppData\Local\Temp\Rar$EXb4604.16032\Install.exe; file:_C:\Users\Libor\AppData\Local\Temp\Rar$EXb4604.17455\ESET NOD32 Antivirus Premium.exe
Původ detekce: Místní počítač
Typ detekce: FastPath
Zdroj detekce: Ochrana v reálném čase
Uživatel: DESKTOP-NOL41JG\Libor
Název procesu: C:\Program Files\CCleaner\CCleaner64.exe
Verze bezpečnostních informací: AV: 1.361.81.0, AS: 1.361.81.0, NIS: 1.361.81.0
Verze modulu: AM: 1.1.19000.8, NIS: 1.1.19000.8

Date: 2022-03-16 15:28:07
Description:
Antivirová ochrana v programu Microsoft Defender zjistil malware nebo jiný potenciálně nežádoucí software.
Další informace:
https://go.microsoft.com/fwlink/?linkid ... terprise=0
Název: Trojan:Win64/Donut.CIK!MTB
Závažnost: Vážné
Kategorie: Trojský kůň
Cesta: file:_C:\Users\Libor\AppData\Local\Temp\Rar$EXb4604.10614\Install.exe; file:_C:\Users\Libor\AppData\Local\Temp\Rar$EXb4604.11267\Install.exe; file:_C:\Users\Libor\AppData\Local\Temp\Rar$EXb4604.12510\Install.exe; file:_C:\Users\Libor\AppData\Local\Temp\Rar$EXb4604.15160\ESET NOD32 Antivirus Premium.exe; file:_C:\Users\Libor\AppData\Local\Temp\Rar$EXb4604.16032\ESET NOD32 Antivirus Premium.exe; file:_C:\Users\Libor\AppData\Local\Temp\Rar$EXb4604.16032\Install.exe
Původ detekce: Místní počítač
Typ detekce: FastPath
Zdroj detekce: Ochrana v reálném čase
Uživatel: DESKTOP-NOL41JG\Libor
Název procesu: C:\Program Files\CCleaner\CCleaner64.exe
Verze bezpečnostních informací: AV: 1.361.81.0, AS: 1.361.81.0, NIS: 1.361.81.0
Verze modulu: AM: 1.1.19000.8, NIS: 1.1.19000.8
Event[0]:

Date: 2022-03-16 15:36:30
Description:
Antivirová ochrana v programu Microsoft Defender narazil na chybu při pokusu o načtení bezpečnostních informací a pokusí se o obnovení poslední známé funkční verze.
Bezpečnostní informace, které se měly načíst: Aktuální
Kód chyby: 0x80070003
Popis chyby: Systém nemůže nalézt uvedenou cestu.
Verze bezpečnostních informací: 0.0.0.0;0.0.0.0
Verze modulu: 0.0.0.0

CodeIntegrity:
===============
Date: 2022-03-19 18:15:36
Description:
Windows is unable to verify the image integrity of the file \Device\HarddiskVolume3\Program Files\ESET\ESET Security\eamsi.dll because file hash could not be found on the system. A recent hardware or software change might have installed a file that is signed incorrectly or damaged, or that might be malicious software from an unknown source.


==================== Memory info ===========================

BIOS: American Megatrends Inc. 1013 01/28/2022
Motherboard: ASUSTeK COMPUTER INC. TUF GAMING B660M-PLUS D4
Processor: 12th Gen Intel(R) Core(TM) i5-12400F
Percentage of memory in use: 34%
Total physical RAM: 16197.42 MB
Available physical RAM: 10634.15 MB
Total Virtual: 19141.42 MB
Available Virtual: 10793.38 MB

==================== Drives ================================

Drive c: () (Fixed) (Total:244.03 GB) (Free:142.29 GB) NTFS
Drive d: (Nový svazek) (Fixed) (Total:687.37 GB) (Free:562.85 GB) NTFS

\\?\Volume{7a473c45-dfc7-44cc-a57c-1b66615da843}\ () (Fixed) (Total:0.09 GB) (Free:0.07 GB) FAT32

==================== MBR & Partition Table ====================

==================== End of Addition.txt =======================

[karbi02]

Scan result of Farbar Recovery Scan Tool (FRST) (x64) Version: 13-03-2022
Ran by Libor (administrator) on DESKTOP-NOL41JG (ASUS System Product Name) (19-03-2022 18:16:19)
Running from C:\Users\Libor\Desktop
Loaded Profiles: Libor
Platform: Microsoft Windows 10 Pro Version 21H2 19044.1586 (X64) Language: Čeština (Česko)
Default browser: FF
Boot Mode: Normal

==================== Processes (Whitelisted) =================

(If an entry is included in the fixlist, the process will be closed. The file will not be moved.)

() [File not signed] C:\Users\Libor\AppData\Local\Temp\Rar$EXa7504.40469\OpenHardwareMonitor\OpenHardwareMonitor.exe
(Advanced Micro Devices Inc. -> Advanced Micro Devices, Inc.) C:\Program Files\AMD\CNext\CNext\AMDRSServ.exe
(Advanced Micro Devices Inc. -> Advanced Micro Devices, Inc.) C:\Program Files\AMD\CNext\CNext\RadeonSoftware.exe
(C:\Program Files\AMD\CNext\CNext\AMDRSServ.exe ->) (Advanced Micro Devices Inc. -> Advanced Micro Devices, Inc.) C:\Program Files\AMD\CNext\CNext\amdow.exe
(C:\Program Files\AMD\CNext\CNext\AMDRSServ.exe ->) (Advanced Micro Devices Inc. -> Advanced Micro Devices, Inc.) C:\Program Files\AMD\CNext\CNext\AMDRSSrcExt.exe
(C:\Program Files\AMD\CNext\CNext\RadeonSoftware.exe ->) (Advanced Micro Devices Inc. -> Advanced Micro Devices, Inc.) C:\Program Files\AMD\CNext\CNext\cncmd.exe
(C:\Program Files\AMD\CNext\CNext\RadeonSoftware.exe ->) (The Qt Company Ltd.) [File not signed] C:\Program Files\AMD\CNext\CNext\QtWebEngineProcess.exe
(C:\Program Files\ESET\ESET Security\ekrn.exe ->) (ESET, spol. s r.o. -> ESET) C:\Program Files\ESET\ESET Security\eguiProxy.exe
(DriverStore\FileRepository\u0372545.inf_amd64_56d459236871c3f2\B372333\atiesrxx.exe ->) (Advanced Micro Devices Inc. -> AMD) C:\Windows\System32\DriverStore\FileRepository\u0372545.inf_amd64_56d459236871c3f2\B372333\atieclxx.exe
(explorer.exe ->) (Microsoft Corporation -> Microsoft Corporation) C:\Program Files\Microsoft OneDrive\OneDrive.exe
(explorer.exe ->) (SEIKO EPSON Corporation -> SEIKO EPSON CORPORATION) C:\Windows\System32\spool\drivers\x64\3\E_YATIHVE.EXE
(explorer.exe ->) (Skype Software Sarl -> Skype Technologies S.A.) C:\Program Files (x86)\Microsoft\Skype for Desktop\Skype.exe <6>
(Janos Mathe -> H.D.S. Hungary) C:\Program Files (x86)\Hard Disk Sentinel\HDSentinel.exe
(Mozilla Corporation -> Mozilla Corporation) C:\Program Files\Mozilla Firefox\firefox.exe <10>
(services.exe ->) (Advanced Micro Devices Inc. -> Advanced Micro Devices, Inc.) C:\Windows\System32\amdfendrsr.exe
(services.exe ->) (Advanced Micro Devices Inc. -> AMD) C:\Windows\System32\DriverStore\FileRepository\u0372545.inf_amd64_56d459236871c3f2\B372333\atiesrxx.exe
(services.exe ->) (ASUSTeK Computer Inc. -> ASUSTek COMPUTER INC.) C:\Program Files (x86)\ASUS\AsusCertService\AsusCertService.exe
(services.exe ->) (ASUSTeK COMPUTER INC. -> ASUSTek COMPUTER INC.) C:\Program Files (x86)\ASUS\ROG Live Service\ROGLiveService.exe
(services.exe ->) (DTS, Inc. -> DTS Inc.) C:\Windows\System32\DTS\PC\APO4x\DtsApo4Service.exe
(services.exe ->) (ESET, spol. s r.o. -> ESET) C:\Program Files\ESET\ESET Security\ekrn.exe
(services.exe ->) (Intel Corporation -> Intel Corporation) C:\Windows\System32\DriverStore\FileRepository\mewmiprov.inf_amd64_cad1db73e8c782a6\WMIRegistrationService.exe
(services.exe ->) (Intel(R) Embedded Subsystems and IP Blocks Group -> Intel Corporation) C:\Windows\System32\DriverStore\FileRepository\dal.inf_amd64_b5484efd38adbe8d\jhi_service.exe
(services.exe ->) (Microsoft Corporation -> Microsoft Corporation) C:\Program Files\Common Files\microsoft shared\ClickToRun\OfficeClickToRun.exe
(services.exe ->) (Realtek Semiconductor Corp. -> Realtek Semiconductor) C:\Windows\System32\DriverStore\FileRepository\realtekservice.inf_amd64_fdd83e4dd87bcfa1\RtkAudUService64.exe <2>
(svchost.exe ->) (Microsoft Corporation) C:\Program Files\WindowsApps\Microsoft.549981C3F5F10_3.2202.10603.0_x64__8wekyb3d8bbwe\Cortana.exe
(svchost.exe ->) (Microsoft Windows -> Microsoft Corporation) C:\Windows\ImmersiveControlPanel\SystemSettings.exe
(svchost.exe ->) (Microsoft Windows -> Microsoft Corporation) C:\Windows\System32\dllhost.exe <2>
(svchost.exe ->) (Microsoft Windows -> Microsoft Corporation) C:\Windows\System32\smartscreen.exe

==================== Registry (Whitelisted) ===================

(If an entry is included in the fixlist, the registry item will be restored to default or removed. The file will not be moved.)

HKLM\...\Run: [RtkAudUService] => C:\Windows\System32\DriverStore\FileRepository\realtekservice.inf_amd64_fdd83e4dd87bcfa1\RtkAudUService64.exe [1376856 2021-10-20] (Realtek Semiconductor Corp. -> Realtek Semiconductor)
HKLM\...\Run: [egui] => C:\Program Files\ESET\ESET Security\ecmds.exe [167496 2022-01-13] (ESET, spol. s r.o. -> ESET)
HKU\S-1-5-21-2462690449-1114630332-3244458091-1001\...\Run: [OneDrive] => C:\Program Files\Microsoft OneDrive\OneDrive.exe [2619296 2022-03-18] (Microsoft Corporation -> Microsoft Corporation)
HKU\S-1-5-21-2462690449-1114630332-3244458091-1001\...\Run: [Skype for Desktop] => C:\Program Files (x86)\Microsoft\Skype for Desktop\Skype.exe [116058488 2022-03-09] (Skype Software Sarl -> Skype Technologies S.A.)
HKU\S-1-5-21-2462690449-1114630332-3244458091-1001\...\Run: [Steam] => C:\Program Files (x86)\Steam\steam.exe [4279208 2022-03-14] (Valve Corp. -> Valve Corporation)
HKU\S-1-5-21-2462690449-1114630332-3244458091-1001\...\Run: [CCleaner Smart Cleaning] => C:\Program Files\CCleaner\CCleaner64.exe [35888256 2022-03-10] (Piriform Software Ltd -> Piriform Software Ltd)
HKU\S-1-5-21-2462690449-1114630332-3244458091-1001\...\Run: [EPLTarget\P0000000000000000] => C:\Windows\system32\spool\DRIVERS\x64\3\E_YATIHVE.EXE [241280 2012-07-12] (SEIKO EPSON Corporation -> SEIKO EPSON CORPORATION)
HKLM\...\Print\Monitors\EPSON BX635FWD Series 64MonitorBE: C:\Windows\system32\E_YLMHVE.DLL [120320 2011-04-20] (SEIKO EPSON CORPORATION -> SEIKO EPSON CORPORATION)

==================== Scheduled Tasks (Whitelisted) ============

(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)

Task: {0B183869-2DC3-4CB0-A8C9-EF6CB96B5CD4} - System32\Tasks\Microsoft\Office\Office ClickToRun Service Monitor => C:\Program Files\Common Files\Microsoft Shared\ClickToRun\OfficeC2RClient.exe [22580696 2022-03-03] (Microsoft Corporation -> Microsoft Corporation)
Task: {12EA9857-D6D4-4A21-9959-E78E67189654} - System32\Tasks\ModifyLinkUpdate => C:\Program Files\AMD\CIM\Bin64\InstallManagerApp.exe [1709048 2021-10-05] (Advanced Micro Devices Inc. -> Advanced Micro Devices, Inc.)
Task: {187840F9-51CC-48AF-8C31-3044F42692EB} - System32\Tasks\AMDLinkUpdate => C:\Program Files\AMD\CIM\Bin64\InstallManagerApp.exe [1709048 2021-10-05] (Advanced Micro Devices Inc. -> Advanced Micro Devices, Inc.)
Task: {24825C10-BEC1-4CC2-BDC7-8CF37B6D1140} - System32\Tasks\Mozilla\Firefox Default Browser Agent 308046B0AF4A39CB => C:\Program Files\Mozilla Firefox\default-browser-agent.exe do-task "308046B0AF4A39CB"
Task: {35EFFAC9-E2D9-44BC-8D7C-966313EE8107} - System32\Tasks\Microsoft\Office\Office Feature Updates Logon => C:\Program Files (x86)\Microsoft Office\root\Office16\sdxhelper.exe [110968 2022-03-16] (Microsoft Corporation -> Microsoft Corporation)
Task: {5C4E4006-9047-4417-805D-BBE48899D28B} - System32\Tasks\Microsoft\Office\Office Automatic Updates 2.0 => C:\Program Files\Common Files\Microsoft Shared\ClickToRun\OfficeC2RClient.exe [22580696 2022-03-03] (Microsoft Corporation -> Microsoft Corporation)
Task: {664D08BD-A2FC-4542-9284-05EBDEB48895} - System32\Tasks\OneDrive Per-Machine Standalone Update Task => C:\Program Files\Microsoft OneDrive\OneDriveStandaloneUpdater.exe [4200344 2022-03-18] (Microsoft Corporation -> Microsoft Corporation)
Task: {6D8F8EF4-8A8E-4BB2-B6F1-2FBB4720481B} - System32\Tasks\Microsoft\Office\OfficeTelemetryAgentFallBack2016 => C:\Program Files (x86)\Microsoft Office\root\Office16\msoia.exe [6481872 2022-03-16] (Microsoft Corporation -> Microsoft Corporation)
Task: {7023E3A8-C55D-4F99-90E2-1CEE65381044} - System32\Tasks\OneDrive Reporting Task-S-1-5-21-2462690449-1114630332-3244458091-1001 => C:\Program Files\Microsoft OneDrive\OneDriveStandaloneUpdater.exe [4200344 2022-03-18] (Microsoft Corporation -> Microsoft Corporation)
Task: {713CAC89-F4C5-41D0-8E4F-526CC8B31E10} - System32\Tasks\Mozilla\Firefox Background Update 308046B0AF4A39CB => C:\Program Files\Mozilla Firefox\firefox.exe --MOZ_LOG sync,prependheader,timestamp,append,maxsize:1,Dump:5 --MOZ_LOG_FILE C:\ProgramData\Mozilla-1de4eec8-1241-4177-a864-e594e8d1fb38\updates\308046B0AF4A39CB\backgroundupdate.moz_log --backgroundtask backgroundupdate
Task: {73843504-4566-4AAE-97D8-C6D8EABEDE90} - System32\Tasks\StartCN => C:\Program Files\AMD\CNext\CNext\cncmd.exe [55288 2021-10-05] (Advanced Micro Devices Inc. -> Advanced Micro Devices, Inc.)
Task: {8B772575-AE5F-4138-985E-E01B66E89F28} - System32\Tasks\CCleaner Update => C:\Program Files\CCleaner\CCUpdate.exe [684976 2022-03-10] (Piriform Software Ltd -> Piriform)
Task: {8CC4C4C0-C355-4ABC-A589-2F3DEA7DF2DE} - System32\Tasks\StartDVR => C:\Program Files\AMD\CNext\CNext\RSServCmd.exe [260600 2021-10-05] (Advanced Micro Devices Inc. -> Advanced Micro Devices, Inc.)
Task: {8F87A14E-AF61-4EA2-AA18-20158534BDB7} - System32\Tasks\MicrosoftEdgeShadowStackRollbackTask => C:\Program Files (x86)\Microsoft\Edge\Application\99.0.1150.46\Installer\setup.exe [3192248 2022-03-19] (Microsoft Corporation -> Microsoft Corporation)
Task: {A895914E-0AB3-4283-AC1C-543A25D84B41} - System32\Tasks\CCleanerSkipUAC - Libor => C:\Program Files\CCleaner\CCleaner.exe [30053504 2022-03-10] (Piriform Software Ltd -> Piriform Software Ltd)
Task: {BE157395-99FE-47B8-8514-2AAC8B0785D3} - System32\Tasks\Microsoft\Office\OfficeTelemetryAgentLogOn2016 => C:\Program Files (x86)\Microsoft Office\root\Office16\msoia.exe [6481872 2022-03-16] (Microsoft Corporation -> Microsoft Corporation)
Task: {E10A835A-E80B-444D-BF78-E56CE0459CC5} - System32\Tasks\HardDiskSentinel\Hard Disk Sentinel_Libor => C:\Program Files (x86)\Hard Disk Sentinel\HDSentinel.exe [6103432 2022-03-14] (Janos Mathe -> H.D.S. Hungary)
Task: {E24143E0-10A2-4877-8930-E002DCBE2690} - System32\Tasks\AMDInstallLauncher => C:\Program Files\AMD\CIM\Bin64\InstallManagerApp.exe [1709048 2021-10-05] (Advanced Micro Devices Inc. -> Advanced Micro Devices, Inc.)
Task: {ED51ED4C-7C8E-40E9-A3AF-96D219596F46} - System32\Tasks\Microsoft\Office\Office Feature Updates => C:\Program Files (x86)\Microsoft Office\root\Office16\sdxhelper.exe [110968 2022-03-16] (Microsoft Corporation -> Microsoft Corporation)

(If an entry is included in the fixlist, the task (.job) file will be moved. The file which is running by the task will not be moved.)


==================== Internet (Whitelisted) ====================

(If an item is included in the fixlist, if it is a registry item it will be removed or restored to default.)

Tcpip\Parameters: [DhcpNameServer] 10.0.0.1
Tcpip\..\Interfaces\{8d9f027e-47f5-4b93-adb4-152254b62e36}: [DhcpNameServer] 10.0.0.1

Edge:
=======
Edge DefaultProfile: Default
Edge Profile: C:\Users\Libor\AppData\Local\Microsoft\Edge\User Data\Default [2022-03-19]

FireFox:
========
FF DefaultProfile: r7he0pi9.default
FF ProfilePath: C:\Users\Libor\AppData\Roaming\Mozilla\Firefox\Profiles\r7he0pi9.default [2022-03-14]
FF ProfilePath: C:\Users\Libor\AppData\Roaming\Mozilla\Firefox\Profiles\finb1osl.default-release [2022-03-19]
FF NewTab: Mozilla\Firefox\Profiles\finb1osl.default-release -> about:newtab
FF Notifications: Mozilla\Firefox\Profiles\finb1osl.default-release -> hxxps://www.tipli.cz; hxxps://www.euautodily.cz; hxxps://james.darpinian.com; hxxps://www.instagram.com
FF Extension: (AdBlocker Ultimate) - C:\Users\Libor\AppData\Roaming\Mozilla\Firefox\Profiles\finb1osl.default-release\Extensions\adblockultimate@adblockultimate.net.xpi [2022-03-10]
FF Extension: (Hola Free VPN Proxy Unblocker) - C:\Users\Libor\AppData\Roaming\Mozilla\Firefox\Profiles\finb1osl.default-release\Extensions\jid1-4P0kohSJxU1qGg@jetpack.xpi [2021-08-06]
FF Extension: (No Name) - C:\Users\Libor\AppData\Roaming\Mozilla\Firefox\Profiles\finb1osl.default-release\Extensions\{d10d0bf8-f5b5-c8b4-a8b2-2b9879e08c5d}.xpi [2021-11-23]
FF Plugin-x32: @microsoft.com/Lync,version=15.0 -> C:\Program Files (x86)\Microsoft Office\root\VFS\ProgramFilesX86\Mozilla Firefox\plugins\npmeetingjoinpluginoc.dll [2022-03-16] (Microsoft Corporation -> Microsoft Corporation)
FF Plugin-x32: @microsoft.com/SharePoint,version=14.0 -> C:\Program Files (x86)\Microsoft Office\root\Office16\NPSPWRAP.DLL [2022-03-16] (Microsoft Corporation -> Microsoft Corporation)
FF ExtraCheck: C:\Program Files\mozilla firefox\defaults\pref\eset_security_config_overlay.js [2022-03-19]

==================== Services (Whitelisted) ===================

(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)

R2 AsusCertService; C:\Program Files (x86)\ASUS\AsusCertService\AsusCertService.exe [179488 2021-09-16] (ASUSTeK Computer Inc. -> ASUSTek COMPUTER INC.)
S2 AsusUpdateCheck; C:\Windows\System32\AsusUpdateCheck.exe [845256 2022-03-19] (ASUSTeK Computer Inc. -> )
R2 ClickToRunSvc; C:\Program Files\Common Files\Microsoft Shared\ClickToRun\OfficeClickToRun.exe [11649952 2022-02-27] (Microsoft Corporation -> Microsoft Corporation)
R2 DtsApo4Service; C:\Windows\System32\DTS\PC\APO4x\DtsApo4Service.exe [224680 2021-09-22] (DTS, Inc. -> DTS Inc.)
R2 ekrn; C:\Program Files\ESET\ESET Security\ekrn.exe [3141480 2022-01-13] (ESET, spol. s r.o. -> ESET)
R3 ekrnEpfw; C:\Program Files\ESET\ESET Security\ekrn.exe [3141480 2022-01-13] (ESET, spol. s r.o. -> ESET)
S3 FileSyncHelper; C:\Program Files\Microsoft OneDrive\22.045.0227.0004\FileSyncHelper.exe [3382176 2022-03-18] (Microsoft Corporation -> Microsoft Corporation)
S3 OneDrive Updater Service; C:\Program Files\Microsoft OneDrive\22.045.0227.0004\OneDriveUpdaterService.exe [3861400 2022-03-18] (Microsoft Corporation -> Microsoft Corporation)
R2 ROG Live Service; C:\Program Files (x86)\ASUS\ROG Live Service\ROGLiveService.exe [6108336 2022-02-14] (ASUSTeK COMPUTER INC. -> ASUSTek COMPUTER INC.)
S3 Sense; C:\Program Files\Windows Defender Advanced Threat Protection\MsSense.exe [6228008 2022-03-14] (Microsoft Windows Publisher -> Microsoft Corporation)
S3 WdNisSvc; C:\ProgramData\Microsoft\Windows Defender\Platform\4.18.2202.4-0\NisSrv.exe [3046608 2022-03-16] (Microsoft Windows Publisher -> Microsoft Corporation)
S3 WinDefend; C:\ProgramData\Microsoft\Windows Defender\Platform\4.18.2202.4-0\MsMpEng.exe [132504 2022-03-16] (Microsoft Windows Publisher -> Microsoft Corporation)
R2 WMIRegistrationService; C:\Windows\System32\DriverStore\FileRepository\mewmiprov.inf_amd64_cad1db73e8c782a6\WMIRegistrationService.exe [538736 2021-11-30] (Intel Corporation -> Intel Corporation)

===================== Drivers (Whitelisted) ===================

(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)

R3 amdfendrmgr; C:\Windows\System32\drivers\amdfendrmgr.sys [41376 2021-07-30] (Advanced Micro Devices Inc. -> Advanced Micro Devices, Inc.)
S3 AMDSAFD; C:\Windows\System32\DriverStore\FileRepository\amdsafd.inf_amd64_50fee1227e96ec14\amdsafd.sys [100792 2021-08-04] (Microsoft Windows Hardware Compatibility Publisher -> Advanced Micro Devices)
R3 amdwddmg; C:\Windows\System32\DriverStore\FileRepository\u0372545.inf_amd64_56d459236871c3f2\B372333\amdkmdag.sys [80510864 2021-10-14] (Advanced Micro Devices Inc. -> Advanced Micro Devices, Inc.)
R3 AMDXE; C:\Windows\System32\drivers\amdxe.sys [65168 2021-08-17] (Advanced Micro Devices Inc. -> Advanced Micro Devices, Inc.)
R1 Asusgio3; C:\Windows\system32\drivers\AsIO3.sys [43192 2021-09-16] (ASUSTeK Computer Inc. -> )
S3 BthA2dp; C:\Windows\System32\drivers\BthA2dp.sys [279040 2019-12-07] (Microsoft Corporation) [File not signed]
S3 BthHFEnum; C:\Windows\System32\drivers\bthhfenum.sys [144896 2019-12-07] (Microsoft Corporation) [File not signed]
R1 eamonm; C:\Windows\System32\DRIVERS\eamonm.sys [184464 2022-01-13] (ESET, spol. s r.o. -> ESET)
R0 edevmon; C:\Windows\System32\DRIVERS\edevmon.sys [122944 2022-01-13] (ESET, spol. s r.o. -> ESET)
S0 eelam; C:\Windows\System32\DRIVERS\eelam.sys [15824 2022-01-12] (Microsoft Windows Early Launch Anti-malware Publisher -> ESET)
R1 ehdrv; C:\Windows\system32\DRIVERS\ehdrv.sys [201976 2022-01-13] (ESET, spol. s r.o. -> ESET)
R2 ekbdflt; C:\Windows\system32\DRIVERS\ekbdflt.sys [43904 2022-01-13] (ESET, spol. s r.o. -> ESET)
R1 epfw; C:\Windows\system32\DRIVERS\epfw.sys [69704 2022-01-13] (ESET, spol. s r.o. -> ESET)
R1 epfwwfp; C:\Windows\system32\DRIVERS\epfwwfp.sys [110560 2022-01-13] (ESET, spol. s r.o. -> ESET)
S3 WdBoot; C:\Windows\system32\drivers\wd\WdBoot.sys [49600 2022-03-16] (Microsoft Windows Early Launch Anti-malware Publisher -> Microsoft Corporation)
S3 WdFilter; C:\Windows\system32\drivers\wd\WdFilter.sys [439544 2022-03-16] (Microsoft Windows -> Microsoft Corporation)
S3 WdNisDrv; C:\Windows\System32\drivers\wd\WdNisDrv.sys [90360 2022-03-16] (Microsoft Windows -> Microsoft Corporation)
R3 WinRing0_1_2_0; C:\Users\Libor\AppData\Local\Temp\Rar$EXa7504.40469\OpenHardwareMonitor\OpenHardwareMonitorLib.sys [14544 2022-03-19] (Noriyuki MIYAZAKI -> OpenLibSys.org) <==== ATTENTION
S1 amsdk; \??\C:\Windows\system32\drivers\amsdk.sys [X]

==================== NetSvcs (Whitelisted) ===================

(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)


==================== One month (created) (Whitelisted) =========

(If an entry is included in the fixlist, the file/folder will be moved.)

2022-03-19 18:16 - 2022-03-19 18:16 - 000017910 _____ C:\Users\Libor\Desktop\FRST.txt
2022-03-19 18:16 - 2022-03-19 18:16 - 000000000 ____D C:\FRST
2022-03-19 18:14 - 2022-03-19 18:14 - 002364928 _____ (Farbar) C:\Users\Libor\Desktop\FRST64.exe
2022-03-19 18:11 - 2022-03-19 18:13 - 000000000 ____D C:\Program Files (x86)\Hard Disk Sentinel
2022-03-19 18:11 - 2022-03-19 18:11 - 000001160 _____ C:\Users\Libor\Desktop\Hard Disk Sentinel.lnk
2022-03-19 18:11 - 2022-03-19 18:11 - 000000000 ____D C:\Windows\system32\Tasks\HardDiskSentinel
2022-03-19 18:11 - 2022-03-19 18:11 - 000000000 ____D C:\Users\Libor\AppData\Roaming\Hard Disk Sentinel
2022-03-19 18:11 - 2022-03-19 18:11 - 000000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Hard Disk Sentinel
2022-03-19 18:09 - 2022-03-19 18:10 - 036211706 _____ C:\Users\Libor\Downloads\hdsentinel_trial_setup.zip
2022-03-19 17:48 - 2022-03-19 17:48 - 000503277 _____ C:\Users\Libor\Downloads\openhardwaremonitor-v0.9.6.zip
2022-03-19 11:09 - 2022-03-19 11:09 - 000000286 _____ C:\Users\Libor\Desktop\httpsdocs.google.comspreadsheetsd1zxauif95w5CxODWKChSk7CuiXQlsB7q3Tw5rHOVZoJceditusp=sharing.URL
2022-03-19 09:30 - 2022-03-19 09:30 - 000002046 _____ C:\Users\Libor\Desktop\dreamboxEDIT.lnk
2022-03-19 09:30 - 2022-03-19 09:30 - 000000000 ____D C:\Users\Libor\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\dreamboxEDIT
2022-03-19 09:30 - 2022-03-19 09:30 - 000000000 ____D C:\Program Files (x86)\dreamboxEDIT
2022-03-19 09:28 - 2009-05-03 13:12 - 006640128 _____ (BernyR) C:\Users\Libor\Desktop\DCC.exe
2022-03-19 09:26 - 2022-03-19 09:26 - 009116866 _____ C:\Users\Libor\Downloads\dreamboxEDIT_setup_7.2.1.0.zip
2022-03-19 09:23 - 2022-03-19 09:28 - 004186154 _____ C:\Users\Libor\Downloads\dcc296(1).zip
2022-03-19 09:23 - 2022-03-19 09:23 - 004188532 _____ C:\Users\Libor\Downloads\dcc296.zip
2022-03-19 09:23 - 2022-03-19 09:23 - 003870712 _____ (Informer Technologies, Inc. ) C:\Users\Libor\Downloads\siinst.exe
2022-03-18 21:09 - 2022-03-18 21:09 - 000001007 _____ C:\Users\Public\Desktop\EPSON Scan.lnk
2022-03-18 21:09 - 2022-03-18 21:09 - 000000000 ____D C:\Program Files (x86)\epson
2022-03-18 21:09 - 2012-07-24 00:00 - 000466432 _____ (Seiko Epson Corporation) C:\Windows\system32\esxw2ud.dll
2022-03-18 21:09 - 2009-10-16 00:00 - 000132560 _____ (Seiko Epson Corporation) C:\Windows\system32\esdevapp.exe
2022-03-18 21:09 - 2009-10-16 00:00 - 000013824 _____ (Seiko Epson Corporation) C:\Windows\system32\esxcdev.dll
2022-03-18 21:07 - 2022-03-18 21:09 - 000000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\EPSON
2022-03-18 21:07 - 2022-03-18 21:07 - 000000000 ____D C:\Program Files\Common Files\EPSON
2022-03-18 21:07 - 2011-04-20 03:03 - 000120320 _____ (SEIKO EPSON CORPORATION) C:\Windows\system32\E_YLMHVE.DLL
2022-03-18 21:07 - 2011-03-15 03:03 - 000083968 _____ (SEIKO EPSON CORPORATION) C:\Windows\system32\E_YD4BHVE.DLL
2022-03-18 21:07 - 2007-04-10 01:06 - 000010752 _____ (SEIKO EPSON CORP.) C:\Windows\system32\E_GCINST.DLL
2022-03-18 21:06 - 2022-03-18 21:07 - 000000000 ____D C:\ProgramData\EPSON
2022-03-18 21:06 - 2022-03-18 21:06 - 022068800 _____ C:\Users\Libor\Downloads\Epson-Stylus-Office-BX635FWD-printer-driver-Windows-64-bit.exe
2022-03-18 13:32 - 2021-10-20 17:55 - 000276856 _____ (Realtek Semiconductor Corp.) C:\Windows\system32\RTHDASIO64.dll
2022-03-18 13:32 - 2021-10-20 17:55 - 000231288 _____ (Realtek Semiconductor Corp.) C:\Windows\SysWOW64\RTHDASIO.dll
2022-03-18 13:32 - 2021-10-20 17:54 - 006539840 _____ (Realtek Semiconductor Corp.) C:\Windows\system32\Drivers\RTKVHD64.sys
2022-03-18 13:32 - 2021-10-20 17:41 - 049217966 _____ C:\Windows\system32\Drivers\RTAIODAT.DAT
2022-03-18 13:28 - 2022-03-18 13:28 - 097937315 _____ C:\Users\Libor\Downloads\Realtek_Audio_Driver_V6.0.9254.1_WIN10_WIN11_64-bit.zip
2022-03-18 12:59 - 2022-03-18 12:59 - 000000000 ____D C:\Users\Libor\AppData\Local\ElevatedDiagnostics
2022-03-17 21:16 - 2022-03-17 21:16 - 000001153 _____ C:\Users\Libor\Desktop\Zemana.txt
2022-03-17 21:13 - 2022-03-18 13:59 - 000057379 _____ C:\Windows\ZAM.krnl.trace
2022-03-17 21:13 - 2022-03-17 21:13 - 000000000 ____D C:\Users\Libor\AppData\Local\Zemana
2022-03-17 21:12 - 2022-03-18 13:59 - 000000000 ____D C:\Users\Libor\AppData\Local\AMSDK
2022-03-17 21:11 - 2022-03-17 21:11 - 013922376 _____ (Zemana Ltd. ) C:\Users\Libor\Desktop\AntiMalware_Setup.exe
2022-03-17 21:02 - 2022-03-17 21:02 - 000000000 _____ C:\ProgramData\UpdateLock-D78BF5DD33499EC2
2022-03-17 21:00 - 2022-03-17 21:00 - 000000000 ____D C:\Users\Libor\AppData\Local\cache
2022-03-17 20:57 - 2022-03-17 20:58 - 000023998 _____ C:\Users\Libor\Desktop\Zoek.txt
2022-03-17 20:55 - 2022-03-17 20:55 - 000000000 ____D C:\Users\Libor\AppData\Local\PeerDistRepub
2022-03-17 20:54 - 2014-02-13 23:59 - 000024064 _____ C:\Windows\zoek-delete.exe
2022-03-17 20:43 - 2022-03-17 20:52 - 000000000 ____D C:\zoek_backup
2022-03-17 20:43 - 2020-11-11 22:29 - 000000000 ____D C:\Users\Libor\Desktop\zoek1
2022-03-17 20:42 - 2022-03-17 20:42 - 003744640 _____ C:\Users\Libor\Downloads\winrar-x64-610b3cz.exe
2022-03-17 20:42 - 2022-03-17 20:42 - 000000000 ____D C:\Users\Libor\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\WinRAR
2022-03-17 20:42 - 2022-03-17 20:42 - 000000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\WinRAR
2022-03-17 20:38 - 2022-03-17 20:39 - 001800862 _____ C:\Users\Libor\Downloads\zoek1.rar
2022-03-17 19:22 - 2022-03-17 19:22 - 000000000 ____D C:\Users\Libor\Desktop\DigiMemoManager-V2.70S-Release-20110512
2022-03-17 17:14 - 2022-03-19 07:25 - 000000000 ____D C:\Users\Libor\AppData\Local\CrashDumps
2022-03-17 12:33 - 2022-03-17 12:33 - 000000000 ____D C:\Windows\system32\Tasks\Agent Activation Runtime
2022-03-16 22:52 - 2022-03-16 22:52 - 000017671 _____ C:\Users\Libor\Downloads\MemTest.zip
2022-03-16 22:16 - 2022-03-16 22:17 - 000000000 ____D C:\Program Files\CrystalDiskInfo
2022-03-16 22:16 - 2022-03-16 22:16 - 004628000 _____ (Crystal Dew World ) C:\Users\Libor\Downloads\CrystalDiskInfo8_15_2.exe
2022-03-16 22:16 - 2022-03-16 22:16 - 000001828 _____ C:\Users\Libor\Desktop\CrystalDiskInfo.lnk
2022-03-16 22:16 - 2022-03-16 22:16 - 000000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\CrystalDiskInfo
2022-03-16 22:13 - 2022-03-16 22:13 - 001790024 _____ (Malwarebytes) C:\Users\Libor\Desktop\JRT.exe
2022-03-16 22:05 - 2022-03-16 22:06 - 042624352 _____ (Adlice Software ) C:\Users\Libor\Desktop\RogueKiller_setup.exe
2022-03-16 21:20 - 2022-03-16 21:20 - 000000000 ____D C:\Users\Libor\AppData\Local\mbam
2022-03-16 21:18 - 2022-03-16 21:18 - 002443448 _____ (Malwarebytes) C:\Users\Libor\Downloads\MBSetup(1).exe
2022-03-16 21:18 - 2022-03-16 21:18 - 002443448 _____ (Malwarebytes) C:\Users\Libor\Desktop\MBSetup.exe
2022-03-16 21:16 - 2022-03-16 21:16 - 000000000 ____D C:\AdwCleaner
2022-03-16 21:14 - 2022-03-16 21:14 - 008540344 _____ (Malwarebytes) C:\Users\Libor\Desktop\AdwCleaner.exe
2022-03-16 21:11 - 2022-03-16 21:11 - 000448512 _____ (OldTimer Tools) C:\Users\Libor\Downloads\TFC.exe
2022-03-16 21:11 - 2022-03-16 21:11 - 000448512 _____ (OldTimer Tools) C:\Users\Libor\Downloads\TFC(1).exe
2022-03-16 21:09 - 2022-03-16 21:09 - 000050688 _____ (Atribune.org) C:\Users\Libor\Downloads\ATF-Cleaner.exe
2022-03-16 20:26 - 2022-03-16 20:26 - 000003936 _____ C:\Windows\system32\Tasks\CCleaner Update
2022-03-16 20:26 - 2022-03-16 20:26 - 000002904 _____ C:\Windows\system32\Tasks\CCleanerSkipUAC - Libor
2022-03-16 20:26 - 2022-03-16 20:26 - 000000863 _____ C:\Users\Public\Desktop\CCleaner.lnk
2022-03-16 20:25 - 2022-03-16 20:25 - 037889344 _____ (Piriform Software Ltd) C:\Users\Libor\Downloads\ccsetup591.exe
2022-03-16 20:24 - 2022-03-16 20:24 - 000388608 _____ (Trend Micro Inc.) C:\Users\Libor\Downloads\hijackthis.exe
2022-03-16 17:31 - 2022-03-16 17:32 - 030298985 _____ (The qBittorrent project) C:\Users\Libor\Downloads\qbittorrent_4.4.1_x64_setup.exe
2022-03-16 16:47 - 2022-03-19 10:26 - 000000000 ____D C:\Program Files (x86)\Steam
2022-03-16 16:47 - 2022-03-16 16:47 - 001770744 _____ C:\Users\Libor\Downloads\SteamSetup.exe
2022-03-16 16:47 - 2022-03-16 16:47 - 000001036 _____ C:\Users\Public\Desktop\Steam.lnk
2022-03-16 16:44 - 2022-03-19 12:21 - 000000000 ____D C:\Program Files\Microsoft OneDrive
2022-03-16 16:26 - 2022-03-18 20:23 - 000003194 _____ C:\Windows\system32\Tasks\OneDrive Per-Machine Standalone Update Task
2022-03-16 16:26 - 2022-03-18 20:23 - 000002130 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Programs\OneDrive.lnk
2022-03-16 16:24 - 2022-03-16 16:24 - 000002559 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Programs\OneNote.lnk
2022-03-16 16:24 - 2022-03-16 16:24 - 000002553 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Word.lnk
2022-03-16 16:24 - 2022-03-16 16:24 - 000002530 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Programs\PowerPoint.lnk
2022-03-16 16:24 - 2022-03-16 16:24 - 000002525 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Excel.lnk
2022-03-16 16:24 - 2022-03-16 16:24 - 000002518 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Skype pro firmy.lnk
2022-03-16 16:24 - 2022-03-16 16:24 - 000002486 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Access.lnk
2022-03-16 16:24 - 2022-03-16 16:24 - 000002451 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Outlook.lnk
2022-03-16 16:24 - 2022-03-16 16:24 - 000002447 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Publisher.lnk
2022-03-16 16:24 - 2022-03-16 16:24 - 000000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Nástroje Microsoft Office
2022-03-16 16:24 - 2022-03-16 16:24 - 000000000 ____D C:\Program Files\Microsoft Office 15
2022-03-16 16:12 - 2022-03-16 16:22 - 4114393088 _____ C:\Users\Libor\Downloads\ProPlus2019Retail.img
2022-03-16 16:11 - 2022-03-16 16:11 - 000012320 _____ C:\Users\Libor\Downloads\Office2019 Konvertor.cmd
2022-03-16 15:50 - 2022-03-17 19:43 - 000000000 ____D C:\ProgramData\ManiaPlanet
2022-03-16 15:50 - 2022-03-16 16:02 - 000000000 ____D C:\Program Files (x86)\ManiaPlanet
2022-03-16 15:50 - 2022-03-16 15:50 - 000001156 _____ C:\Users\Public\Desktop\ManiaPlanet.lnk
2022-03-16 15:50 - 2022-03-16 15:50 - 000000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\ManiaPlanet
2022-03-16 15:46 - 2022-03-16 15:46 - 000000000 ____D C:\Windows\SysWOW64\XPSViewer
2022-03-16 15:46 - 2022-03-16 15:46 - 000000000 ____D C:\Program Files\Reference Assemblies
2022-03-16 15:46 - 2022-03-16 15:46 - 000000000 ____D C:\Program Files\MSBuild
2022-03-16 15:46 - 2022-03-16 15:46 - 000000000 ____D C:\Program Files (x86)\MSBuild
2022-03-16 15:39 - 2022-03-16 15:39 - 000002016 _____ C:\Users\Public\Desktop\ESET Ochrana bankovnictví a online plateb.lnk
2022-03-16 15:38 - 2022-03-16 15:38 - 000000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\ESET
2022-03-16 15:38 - 2022-03-16 15:38 - 000000000 ____D C:\ProgramData\ESET
2022-03-16 15:38 - 2022-03-16 15:38 - 000000000 ____D C:\Program Files\ESET
2022-03-16 15:35 - 2022-03-16 15:35 - 008428192 _____ (ESET) C:\Users\Libor\Downloads\eset_internet_security_live_installer(1).exe
2022-03-16 15:27 - 2022-03-19 16:51 - 000000000 ____D C:\Program Files\CCleaner
2022-03-16 15:27 - 2022-03-16 20:31 - 000000000 ____D C:\Program Files (x86)\Google
2022-03-16 15:27 - 2022-03-16 20:26 - 000000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\CCleaner
2022-03-16 15:06 - 2022-03-16 15:06 - 000000000 ____D C:\Users\Libor\AppData\Local\DESlock+
2022-03-16 13:45 - 2022-03-17 20:42 - 000000000 ____D C:\Program Files\WinRAR
2022-03-16 13:45 - 2022-03-16 13:45 - 000000000 ____D C:\Users\Libor\AppData\Roaming\WinRAR
2022-03-15 22:17 - 2022-03-15 22:17 - 000000000 ____D C:\Users\Libor\AppData\Local\OneDrive
2022-03-15 22:16 - 2022-03-15 22:16 - 000000000 ___HD C:\OneDriveTemp
2022-03-15 22:15 - 2022-03-15 22:15 - 000000112 ___SH C:\bootTel.dat
2022-03-15 21:53 - 2022-03-15 21:53 - 000000000 ___RD C:\Users\Default\OneDrive
2022-03-15 21:52 - 2022-03-16 16:32 - 000000000 ____D C:\Program Files (x86)\Microsoft Office
2022-03-15 21:09 - 2022-03-16 16:52 - 000000219 _____ C:\Users\Libor\Desktop\Counter-Strike Global Offensive.url
2022-03-15 21:09 - 2022-03-16 15:31 - 000000000 ____D C:\Users\Libor\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Steam
2022-03-15 21:05 - 2022-03-15 21:05 - 000000000 ____D C:\Users\Libor\AppData\Local\Steam
2022-03-15 21:05 - 2022-03-15 21:05 - 000000000 ____D C:\Users\Libor\AppData\Local\CEF
2022-03-15 21:04 - 2022-03-16 16:47 - 000000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Steam
2022-03-15 20:33 - 2022-03-15 20:33 - 000000000 ____D C:\Users\Libor\Documents\výsledky voda
2022-03-15 20:33 - 2022-03-15 20:33 - 000000000 ____D C:\Users\Libor\Documents\voda
2022-03-15 20:32 - 2022-03-15 20:32 - 000000000 ____D C:\Users\Libor\Documents\Trackmania2020
2022-03-15 20:32 - 2022-03-15 20:32 - 000000000 ____D C:\Users\Libor\Documents\BusinessCardsMX templates
2022-03-15 20:31 - 2022-03-16 15:31 - 000000000 ___RD C:\Users\Libor\Documents\Scanned Documents
2022-03-15 20:31 - 2022-03-16 15:31 - 000000000 ____D C:\Users\Libor\Documents\TrackMania
2022-03-15 20:31 - 2022-03-15 20:31 - 000000000 ____D C:\Users\Libor\Documents\scanner
2022-03-15 20:31 - 2022-03-15 20:31 - 000000000 ____D C:\Users\Libor\Documents\samsung
2022-03-15 20:31 - 2022-03-15 20:31 - 000000000 ____D C:\Users\Libor\Documents\ProfileCache
2022-03-15 20:31 - 2022-03-15 20:31 - 000000000 ____D C:\Users\Libor\Documents\My Games
2022-03-15 20:30 - 2022-03-16 15:31 - 000000000 ____D C:\Users\Libor\Documents\Euro Truck Simulator 2
2022-03-15 20:30 - 2022-03-15 20:30 - 000000000 ____D C:\Users\Libor\Documents\Formuler
2022-03-15 20:30 - 2022-03-15 20:30 - 000000000 ____D C:\Users\Libor\Documents\DyingLight
2022-03-15 20:30 - 2022-03-15 20:30 - 000000000 ____D C:\Users\Libor\Documents\dreamboxEDIT
2022-03-15 20:29 - 2022-03-16 15:31 - 000000000 ____D C:\Users\Libor\Downloads\ESET Smart Security & NOD32 Antivirus 8.0.319.1 (x86,x64)(CZ)
2022-03-15 20:29 - 2022-01-15 19:44 - 000067737 _____ C:\Users\Libor\Downloads\prihlaska-ss-2526.pdf
2022-03-15 20:29 - 2021-11-24 18:26 - 000026507 _____ C:\Users\Libor\Downloads\Vstupenky_arctic_monkeys.pdf
2022-03-15 20:29 - 2021-09-29 19:42 - 002646231 _____ C:\Users\Libor\Downloads\KOD-085-3---MAY,-Karl---Vinnetou-III.epub
2022-03-15 20:29 - 2021-09-29 19:42 - 000922387 _____ C:\Users\Libor\Downloads\KOD-085-2---MAY,-Karl---Vinnetou-II.epub
2022-03-15 20:29 - 2021-09-29 19:41 - 002899689 _____ C:\Users\Libor\Downloads\KOD-085-1---MAY,-Karl---Vinnetou-I.epub
2022-03-15 20:29 - 2021-08-19 20:22 - 000018888 _____ C:\Users\Libor\Downloads\elektronickeodesilani-fnmotol-cz-137670.zip
2022-03-15 20:29 - 2020-01-12 17:52 - 001877051 _____ C:\Users\Libor\Downloads\E150iFW_cz_v3_033_01_wifi.zip
2022-03-15 20:29 - 2020-01-12 12:58 - 000455795 _____ C:\Users\Libor\Downloads\Elcom_USB_driver_CZ.zip
2022-03-15 20:29 - 2017-03-23 13:42 - 000073466 _____ C:\Users\Libor\Downloads\Jak na to u Arivy 30102016(2).txt
2022-03-15 20:29 - 2017-03-21 14:20 - 000073466 _____ C:\Users\Libor\Downloads\Jak na to u Arivy 30102016.txt
2022-03-15 20:29 - 2017-03-01 14:23 - 002352485 _____ C:\Users\Libor\Downloads\UM_E150-FLexy_cz.pdf
2022-03-15 20:28 - 2022-03-15 20:28 - 000000000 ___HD C:\$Windows.~WS
2022-03-15 20:28 - 2022-03-15 20:28 - 000000000 ____D C:\$WINDOWS.~BT
2022-03-15 19:40 - 2022-03-17 20:22 - 000000000 ____D C:\Users\Libor\Documents\ManiaPlanet
2022-03-15 19:40 - 2022-03-15 19:40 - 000000000 ____D C:\Program Files (x86)\Reference Assemblies
2022-03-15 19:05 - 2022-03-19 16:54 - 000000000 ____D C:\ProgramData\Mozilla
2022-03-15 19:05 - 2022-03-15 19:23 - 000000000 ____D C:\Users\Libor\AppData\Roaming\Thunderbird
2022-03-15 19:05 - 2022-03-15 19:05 - 000000000 ____D C:\Users\Libor\AppData\Local\Thunderbird
2022-03-15 19:04 - 2022-03-15 19:04 - 000001055 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Mozilla Thunderbird.lnk
2022-03-15 19:04 - 2022-03-15 19:04 - 000001043 _____ C:\Users\Public\Desktop\Mozilla Thunderbird.lnk
2022-03-15 19:04 - 2022-03-15 19:04 - 000000000 ____D C:\Program Files\Mozilla Thunderbird
2022-03-15 19:03 - 2022-03-15 19:03 - 056761016 _____ (Mozilla) C:\Users\Libor\Downloads\Thunderbird Setup 91.7.0.exe
2022-03-15 18:56 - 2022-03-16 20:36 - 000000000 ____D C:\Users\Libor\AppData\Local\PlaceholderTileLogoFolder
2022-03-15 18:26 - 2022-03-15 18:26 - 000000000 ____D C:\Users\Libor\Tracing
2022-03-15 18:25 - 2022-03-15 18:25 - 087077376 _____ (Skype Technologies S.A.) C:\Users\Libor\Downloads\Skype-8.82.0.403.exe
2022-03-15 18:25 - 2022-03-15 18:25 - 000001383 _____ C:\Users\Public\Desktop\Skype.lnk
2022-03-15 18:25 - 2022-03-15 18:25 - 000000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Skype
2022-03-14 23:57 - 2022-03-19 16:56 - 001693656 _____ C:\Windows\system32\PerfStringBackup.INI
2022-03-14 23:56 - 2022-03-19 16:49 - 000000000 ___RD C:\Users\Libor\OneDrive
2022-03-14 23:56 - 2022-03-14 23:56 - 000000000 ____D C:\ProgramData\Microsoft OneDrive
2022-03-14 23:54 - 2022-03-18 13:59 - 000000000 ____D C:\Users\Libor\AppData\Local\Packages
2022-03-14 23:54 - 2022-03-16 20:24 - 000000000 ____D C:\Users\Libor\AppData\Local\VirtualStore
2022-03-14 23:54 - 2022-03-16 15:32 - 000000000 ____D C:\Users\Libor\AppData\Local\ConnectedDevicesPlatform
2022-03-14 23:54 - 2022-03-14 23:54 - 000000000 __RHD C:\Users\Public\AccountPictures
2022-03-14 23:54 - 2022-03-14 23:54 - 000000000 ___RD C:\Users\Libor\3D Objects
2022-03-14 23:54 - 2022-03-14 23:54 - 000000000 ____D C:\Windows\CSC
2022-03-14 23:54 - 2022-03-14 23:54 - 000000000 ____D C:\Users\Libor\AppData\Roaming\Adobe
2022-03-14 23:54 - 2022-03-14 23:54 - 000000000 ____D C:\Users\Libor\AppData\Local\Publishers
2022-03-14 23:54 - 2022-03-14 18:20 - 000000000 ____D C:\ProgramData\Packages
2022-03-14 23:53 - 2022-03-19 16:49 - 000000000 ____D C:\Users\Libor
2022-03-14 23:53 - 2022-03-14 23:53 - 000000020 ___SH C:\Users\Libor\ntuser.ini
2022-03-14 23:53 - 2022-03-14 23:53 - 000000000 _SHDL C:\Users\Libor\Šablony
2022-03-14 23:53 - 2022-03-14 23:53 - 000000000 _SHDL C:\Users\Libor\Soubory cookie
2022-03-14 23:53 - 2022-03-14 23:53 - 000000000 _SHDL C:\Users\Libor\Poslední
2022-03-14 23:53 - 2022-03-14 23:53 - 000000000 _SHDL C:\Users\Libor\Okolní tiskárny
2022-03-14 23:53 - 2022-03-14 23:53 - 000000000 _SHDL C:\Users\Libor\Okolní síť
2022-03-14 23:53 - 2022-03-14 23:53 - 000000000 _SHDL C:\Users\Libor\Nabídka Start
2022-03-14 23:53 - 2022-03-14 23:53 - 000000000 _SHDL C:\Users\Libor\Dokumenty
2022-03-14 23:53 - 2022-03-14 23:53 - 000000000 _SHDL C:\Users\Libor\Documents\Obrázky
2022-03-14 23:53 - 2022-03-14 23:53 - 000000000 _SHDL C:\Users\Libor\Documents\Hudba
2022-03-14 23:53 - 2022-03-14 23:53 - 000000000 _SHDL C:\Users\Libor\Documents\Filmy
2022-03-14 23:53 - 2022-03-14 23:53 - 000000000 _SHDL C:\Users\Libor\Data aplikací
2022-03-14 23:53 - 2022-03-14 23:53 - 000000000 _SHDL C:\Users\Libor\AppData\Roaming\Microsoft\Windows\Start Menu\Programy
2022-03-14 23:53 - 2022-03-14 23:53 - 000000000 _SHDL C:\Users\Libor\AppData\Local\Data aplikací
2022-03-14 23:52 - 2022-03-14 23:52 - 000000000 _SHDL C:\Users\Public\Documents\Obrázky
2022-03-14 23:52 - 2022-03-14 23:52 - 000000000 _SHDL C:\Users\Public\Documents\Hudba
2022-03-14 23:52 - 2022-03-14 23:52 - 000000000 _SHDL C:\Users\Public\Documents\Filmy
2022-03-14 23:52 - 2022-03-14 23:52 - 000000000 _SHDL C:\Users\Default\Šablony
2022-03-14 23:52 - 2022-03-14 23:52 - 000000000 _SHDL C:\Users\Default\Soubory cookie
2022-03-14 23:52 - 2022-03-14 23:52 - 000000000 _SHDL C:\Users\Default\Poslední
2022-03-14 23:52 - 2022-03-14 23:52 - 000000000 _SHDL C:\Users\Default\Okolní tiskárny
2022-03-14 23:52 - 2022-03-14 23:52 - 000000000 _SHDL C:\Users\Default\Okolní síť
2022-03-14 23:52 - 2022-03-14 23:52 - 000000000 _SHDL C:\Users\Default\Nabídka Start
2022-03-14 23:52 - 2022-03-14 23:52 - 000000000 _SHDL C:\Users\Default\Dokumenty
2022-03-14 23:52 - 2022-03-14 23:52 - 000000000 _SHDL C:\Users\Default\Documents\Obrázky
2022-03-14 23:52 - 2022-03-14 23:52 - 000000000 _SHDL C:\Users\Default\Documents\Hudba
2022-03-14 23:52 - 2022-03-14 23:52 - 000000000 _SHDL C:\Users\Default\Documents\Filmy
2022-03-14 23:52 - 2022-03-14 23:52 - 000000000 _SHDL C:\Users\Default\Data aplikací
2022-03-14 23:52 - 2022-03-14 23:52 - 000000000 _SHDL C:\Users\Default\AppData\Roaming\Microsoft\Windows\Start Menu\Programy
2022-03-14 23:52 - 2022-03-14 23:52 - 000000000 _SHDL C:\Users\Default\AppData\Local\Data aplikací
2022-03-14 23:52 - 2022-03-14 23:52 - 000000000 _SHDL C:\ProgramData\Šablony
2022-03-14 23:52 - 2022-03-14 23:52 - 000000000 _SHDL C:\ProgramData\Plocha
2022-03-14 23:52 - 2022-03-14 23:52 - 000000000 _SHDL C:\ProgramData\Nabídka Start
2022-03-14 23:52 - 2022-03-14 23:52 - 000000000 _SHDL C:\ProgramData\Microsoft\Windows\Start Menu\Programy
2022-03-14 23:52 - 2022-03-14 23:52 - 000000000 _SHDL C:\ProgramData\Dokumenty
2022-03-14 23:52 - 2022-03-14 23:52 - 000000000 _SHDL C:\ProgramData\Data aplikací
2022-03-14 23:52 - 2022-03-14 23:52 - 000000000 _SHDL C:\Documents and Settings
2022-03-14 23:51 - 2022-03-19 18:11 - 000002436 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Microsoft Edge.lnk
2022-03-14 23:51 - 2022-03-19 18:11 - 000002274 _____ C:\Users\Public\Desktop\Microsoft Edge.lnk
2022-03-14 23:51 - 2022-03-19 16:49 - 000901328 _____ () C:\Windows\system32\wpbbin.exe
2022-03-14 23:51 - 2022-03-19 16:49 - 000845256 _____ C:\Windows\system32\AsusUpdateCheck.exe
2022-03-14 23:51 - 2022-03-19 16:49 - 000008192 ___SH C:\DumpStack.log.tmp
2022-03-14 23:51 - 2022-03-19 16:49 - 000000006 ____H C:\Windows\Tasks\SA.DAT
2022-03-14 23:51 - 2022-03-19 16:49 - 000000000 ____D C:\Windows\system32\SleepStudy
2022-03-14 23:51 - 2022-03-16 16:43 - 000438944 _____ C:\Windows\system32\FNTCACHE.DAT
2022-03-14 23:51 - 2022-03-16 15:28 - 000000000 ____D C:\Windows\Panther
2022-03-14 23:51 - 2022-03-16 15:12 - 000000000 ____D C:\Windows\system32\Drivers\wd
2022-03-14 23:51 - 2022-03-14 23:51 - 000000000 ____H C:\Windows\system32\Drivers\Msft_User_WpdFs_01_11_00.Wdf
2022-03-14 23:51 - 2022-03-14 23:51 - 000000000 ____D C:\Windows\ServiceProfiles
2022-03-14 23:51 - 2022-03-14 18:24 - 000000000 ____D C:\ProgramData\ASUS
2022-03-14 23:51 - 2022-03-14 17:06 - 000003584 _____ C:\Windows\system32\Tasks\MicrosoftEdgeUpdateTaskMachineUA
2022-03-14 23:51 - 2022-03-14 17:06 - 000003460 _____ C:\Windows\system32\Tasks\MicrosoftEdgeUpdateTaskMachineCore
2022-03-14 18:41 - 2022-03-19 16:49 - 000003118 _____ C:\Windows\system32\Tasks\AMDInstallLauncher
2022-03-14 18:41 - 2022-03-19 16:49 - 000003078 _____ C:\Windows\system32\Tasks\AMDLinkUpdate
2022-03-14 18:41 - 2022-03-14 18:41 - 000003488 _____ C:\Windows\system32\Tasks\ModifyLinkUpdate
2022-03-14 18:41 - 2022-03-14 18:41 - 000003160 _____ C:\Windows\system32\Tasks\StartCN
2022-03-14 18:41 - 2022-03-14 18:41 - 000003080 _____ C:\Windows\system32\Tasks\StartDVR
2022-03-14 18:41 - 2022-03-14 18:41 - 000000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\AMD Radeon Software
2022-03-14 18:41 - 2022-03-14 18:41 - 000000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\AMD Link For Windows
2022-03-14 18:41 - 2022-03-14 18:41 - 000000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\AMD Bug Report Tool
2022-03-14 18:41 - 2021-10-05 17:45 - 002414080 _____ (AMD Inc.) C:\Windows\SysWOW64\AMDBugReportTool.exe
2022-03-14 18:40 - 2021-10-14 04:33 - 001868664 _____ C:\Windows\system32\vulkaninfo-1-999-0-0-0.exe
2022-03-14 18:40 - 2021-10-14 04:33 - 001868664 _____ C:\Windows\system32\vulkaninfo.exe
2022-03-14 18:40 - 2021-10-14 04:33 - 001448312 _____ C:\Windows\SysWOW64\vulkaninfo-1-999-0-0-0.exe
2022-03-14 18:40 - 2021-10-14 04:33 - 001448312 _____ C:\Windows\SysWOW64\vulkaninfo.exe
2022-03-14 18:40 - 2021-10-14 04:33 - 001115184 _____ C:\Windows\system32\vulkan-1-999-0-0-0.dll
2022-03-14 18:40 - 2021-10-14 04:33 - 001115184 _____ C:\Windows\system32\vulkan-1.dll
2022-03-14 18:40 - 2021-10-14 04:33 - 000967864 _____ C:\Windows\SysWOW64\vulkan-1-999-0-0-0.dll
2022-03-14 18:40 - 2021-10-14 04:33 - 000967864 _____ C:\Windows\SysWOW64\vulkan-1.dll
2022-03-14 18:40 - 2021-10-14 04:33 - 000796552 _____ (Advanced Micro Devices, Inc.) C:\Windows\system32\Rapidfire64.dll
2022-03-14 18:40 - 2021-10-14 04:33 - 000673664 _____ (Advanced Micro Devices, Inc.) C:\Windows\SysWOW64\Rapidfire.dll
2022-03-14 18:40 - 2021-10-14 04:33 - 000556936 _____ C:\Windows\system32\GameManager64.dll
2022-03-14 18:40 - 2021-10-14 04:33 - 000500080 _____ C:\Windows\system32\dgtrayicon.exe
2022-03-14 18:40 - 2021-10-14 04:33 - 000490864 _____ C:\Windows\system32\EEURestart.exe
2022-03-14 18:40 - 2021-10-14 04:33 - 000418160 _____ C:\Windows\SysWOW64\GameManager32.dll
2022-03-14 18:40 - 2021-10-14 04:33 - 000343408 _____ C:\Windows\system32\clinfo.exe
2022-03-14 18:40 - 2021-10-14 04:33 - 000201096 _____ (Advanced Micro Devices, Inc. ) C:\Windows\system32\mantle64.dll
2022-03-14 18:40 - 2021-10-14 04:33 - 000180600 _____ (Advanced Micro Devices, Inc. ) C:\Windows\system32\mantleaxl64.dll
2022-03-14 18:40 - 2021-10-14 04:33 - 000178024 _____ (Advanced Micro Devices, Inc. ) C:\Windows\system32\atisamu64.dll
2022-03-14 18:40 - 2021-10-14 04:33 - 000157552 _____ (Advanced Micro Devices, Inc. ) C:\Windows\SysWOW64\mantle32.dll
2022-03-14 18:40 - 2021-10-14 04:33 - 000142200 _____ (Advanced Micro Devices, Inc. ) C:\Windows\SysWOW64\mantleaxl32.dll
2022-03-14 18:40 - 2021-10-14 04:33 - 000140656 _____ (Advanced Micro Devices, Inc. ) C:\Windows\SysWOW64\atisamu32.dll
2022-03-14 18:40 - 2021-10-14 04:33 - 000090496 _____ (Advanced Micro Devices, Inc. ) C:\Windows\system32\mcl64.dll
2022-03-14 18:40 - 2021-10-14 04:33 - 000075120 _____ (Advanced Micro Devices, Inc. ) C:\Windows\SysWOW64\mcl32.dll
2022-03-14 18:40 - 2021-10-14 04:33 - 000046456 _____ (Advanced Micro Devices, Inc.) C:\Windows\system32\RapidFireServer64.dll
2022-03-14 18:40 - 2021-10-14 04:33 - 000043384 _____ (Advanced Micro Devices, Inc.) C:\Windows\SysWOW64\RapidFireServer.dll
2022-03-14 18:40 - 2021-10-14 04:33 - 000027936 _____ (Microsoft Corporation) C:\Windows\SysWOW64\detoured.dll
2022-03-14 18:40 - 2021-10-14 04:33 - 000027920 _____ (Microsoft Corporation) C:\Windows\system32\detoured.dll
2022-03-14 18:40 - 2021-10-14 04:32 - 084045704 _____ C:\Windows\system32\amd_comgr.dll
2022-03-14 18:40 - 2021-10-14 04:32 - 069093768 _____ C:\Windows\SysWOW64\amd_comgr32.dll
2022-03-14 18:40 - 2021-10-14 04:32 - 001536376 _____ (Advanced Micro Devices, Inc.) C:\Windows\system32\atiacm64.dll
2022-03-14 18:40 - 2021-10-14 04:32 - 001394544 _____ (Advanced Micro Devices, Inc.) C:\Windows\SysWOW64\atiadlxy.dll
2022-03-14 18:40 - 2021-10-14 04:32 - 001394544 _____ (Advanced Micro Devices, Inc.) C:\Windows\SysWOW64\atiadlxx.dll
2022-03-14 18:40 - 2021-10-14 04:32 - 000847728 _____ (AMD) C:\Windows\system32\atieclxx.exe
2022-03-14 18:40 - 2021-10-14 04:32 - 000524144 _____ C:\Windows\system32\atieah64.exe
2022-03-14 18:40 - 2021-10-14 04:32 - 000468344 _____ (Advanced Micro Devices, Inc.) C:\Windows\system32\atidemgy.dll
2022-03-14 18:40 - 2021-10-14 04:32 - 000392568 _____ C:\Windows\SysWOW64\atieah32.exe
2022-03-14 18:40 - 2021-10-14 04:32 - 000259952 _____ (Advanced Micro Devices, Inc. ) C:\Windows\system32\atig6txx.dll
2022-03-14 18:40 - 2021-10-14 04:32 - 000218992 _____ (Advanced Micro Devices, Inc. ) C:\Windows\SysWOW64\atigktxx.dll
2022-03-14 18:40 - 2021-10-14 04:32 - 000201440 _____ (Advanced Micro Devices, Inc. ) C:\Windows\system32\aticfx64.dll
2022-03-14 18:40 - 2021-10-14 04:32 - 000166264 _____ (AMD) C:\Windows\system32\atimuixx.dll
2022-03-14 18:40 - 2021-10-14 04:32 - 000165360 _____ (Advanced Micro Devices, Inc. ) C:\Windows\SysWOW64\aticfx32.dll
2022-03-14 18:40 - 2021-10-14 04:32 - 000149896 _____ (Khronos Group) C:\Windows\system32\OpenCL.dll
2022-03-14 18:40 - 2021-10-14 04:32 - 000138608 _____ C:\Windows\system32\atidxx64.dll
2022-03-14 18:40 - 2021-10-14 04:32 - 000137056 _____ (Advanced Micro Devices, Inc.) C:\Windows\system32\amfrt64.dll
2022-03-14 18:40 - 2021-10-14 04:32 - 000133000 _____ (Advanced Micro Devices, Inc. ) C:\Windows\system32\amdxc64.dll
2022-03-14 18:40 - 2021-10-14 04:32 - 000130952 _____ (Khronos Group) C:\Windows\SysWOW64\OpenCL.dll
2022-03-14 18:40 - 2021-10-14 04:32 - 000113032 _____ (Advanced Micro Devices, Inc.) C:\Windows\SysWOW64\amfrt32.dll
2022-03-14 18:40 - 2021-10-14 04:32 - 000112480 _____ C:\Windows\SysWOW64\atidxx32.dll
2022-03-14 18:40 - 2021-10-14 04:32 - 000109432 _____ (Advanced Micro Devices, Inc. ) C:\Windows\SysWOW64\amdxc32.dll
2022-03-14 18:40 - 2021-10-14 04:32 - 000070000 _____ (Advanced Micro Devices, Inc.) C:\Windows\system32\ati2erec.dll
2022-03-14 18:40 - 2021-10-14 04:31 - 069808528 _____ (Advanced Micro Devices Inc.) C:\Windows\system32\amdhip64.dll
2022-03-14 18:40 - 2021-10-14 04:31 - 001712176 _____ (AMD) C:\Windows\system32\amf-mft-mjpeg-decoder64.dll
2022-03-14 18:40 - 2021-10-14 04:31 - 001388160 _____ (AMD) C:\Windows\SysWOW64\amf-mft-mjpeg-decoder32.dll
2022-03-14 18:40 - 2021-10-14 04:31 - 000941448 _____ (Advanced Micro Devices, Inc.) C:\Windows\system32\amdlvr64.dll
2022-03-14 18:40 - 2021-10-14 04:31 - 000768888 _____ (Advanced Micro Devices, Inc.) C:\Windows\SysWOW64\amdlvr32.dll
2022-03-14 18:40 - 2021-10-14 04:31 - 000556936 _____ C:\Windows\system32\amdgfxinfo64.dll
2022-03-14 18:40 - 2021-10-14 04:31 - 000548320 _____ C:\Windows\system32\amdmiracast.dll
2022-03-14 18:40 - 2021-10-14 04:31 - 000466312 _____ C:\Windows\system32\amdlogum.exe
2022-03-14 18:40 - 2021-10-14 04:31 - 000420216 _____ C:\Windows\SysWOW64\amdgfxinfo32.dll
2022-03-14 18:40 - 2021-10-14 04:31 - 000178264 _____ (Advanced Micro Devices, Inc.) C:\Windows\SysWOW64\amdihk32.dll
2022-03-14 18:40 - 2021-10-14 04:31 - 000159464 _____ (Advanced Micro Devices, Inc. ) C:\Windows\system32\amdave64.dll
2022-03-14 18:40 - 2021-10-14 04:31 - 000149064 _____ (Advanced Micro Devices, Inc. ) C:\Windows\system32\amdpcom64.dll
2022-03-14 18:40 - 2021-10-14 04:31 - 000149056 _____ (Advanced Micro Devices, Inc. ) C:\Windows\system32\atimpc64.dll
2022-03-14 18:40 - 2021-10-14 04:31 - 000134744 _____ (Advanced Micro Devices, Inc. ) C:\Windows\SysWOW64\amdave32.dll
2022-03-14 18:40 - 2021-10-14 04:31 - 000120128 _____ (Advanced Micro Devices, Inc. ) C:\Windows\SysWOW64\atimpc32.dll
2022-03-14 18:40 - 2021-10-14 04:31 - 000120128 _____ (Advanced Micro Devices, Inc. ) C:\Windows\SysWOW64\amdpcom32.dll
2022-03-14 18:40 - 2021-10-14 04:01 - 058447000 _____ C:\Windows\system32\amdxc64.so
2022-03-14 18:40 - 2021-10-14 04:01 - 003471376 _____ C:\Windows\SysWOW64\atiumdva.cap
2022-03-14 18:40 - 2021-10-14 04:01 - 003437632 _____ C:\Windows\system32\atiumd6a.cap
2022-03-14 18:40 - 2021-10-14 04:01 - 000562656 _____ C:\Windows\SysWOW64\atiapfxx.blb
2022-03-14 18:40 - 2021-10-14 04:01 - 000562656 _____ C:\Windows\system32\atiapfxx.blb
2022-03-14 18:40 - 2021-08-17 17:34 - 000065168 _____ (Advanced Micro Devices, Inc.) C:\Windows\system32\Drivers\amdxe.sys
2022-03-14 18:40 - 2021-08-03 06:55 - 000246200 _____ (Advanced Micro Devices) C:\Windows\system32\Drivers\AtihdWT6.sys
2022-03-14 18:40 - 2021-07-30 13:17 - 000601984 _____ (Advanced Micro Devices, Inc.) C:\Windows\system32\amdfendrsr.exe
2022-03-14 18:40 - 2021-07-30 13:17 - 000164224 _____ (Advanced Micro Devices, Inc.) C:\Windows\system32\Drivers\amdfendr.sys
2022-03-14 18:40 - 2021-07-30 13:17 - 000041376 _____ (Advanced Micro Devices, Inc.) C:\Windows\system32\Drivers\amdfendrmgr.sys
2022-03-14 18:38 - 2022-03-17 20:20 - 000000000 ____D C:\Users\Libor\AppData\Local\AMD_Common
2022-03-14 18:38 - 2022-03-14 18:41 - 000000000 ____D C:\ProgramData\AMD
2022-03-14 18:38 - 2022-03-14 18:38 - 039063488 _____ (AMD Inc.) C:\Users\Libor\Downloads\radeon-software-adrenalin-2020-22.2.3-minimalsetup-220224_web.exe
2022-03-14 18:38 - 2022-03-14 18:38 - 000000000 ____D C:\Users\Libor\AppData\Local\RadeonInstaller
2022-03-14 18:38 - 2022-03-14 18:38 - 000000000 ____D C:\AMD
2022-03-14 18:34 - 2022-03-19 16:55 - 000000000 ____D C:\ProgramData\Mozilla-1de4eec8-1241-4177-a864-e594e8d1fb38
2022-03-14 18:34 - 2022-03-19 16:54 - 000000000 ____D C:\Users\Libor\AppData\LocalLow\Mozilla
2022-03-14 18:34 - 2022-03-16 15:31 - 000000000 ____D C:\Windows\system32\Tasks\Mozilla
2022-03-14 18:34 - 2022-03-16 15:31 - 000000000 ____D C:\Users\Libor\AppData\Local\Mozilla
2022-03-14 18:34 - 2022-03-16 15:31 - 000000000 ____D C:\Program Files (x86)\Mozilla Maintenance Service
2022-03-14 18:34 - 2022-03-15 19:05 - 000000000 ____D C:\Users\Libor\AppData\Roaming\Mozilla
2022-03-14 18:34 - 2022-03-14 18:34 - 000333896 _____ (Mozilla) C:\Users\Libor\Downloads\Firefox Installer.exe
2022-03-14 18:34 - 2022-03-14 18:34 - 000001005 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Firefox.lnk
2022-03-14 18:34 - 2022-03-14 18:34 - 000000993 _____ C:\Users\Public\Desktop\Firefox.lnk
2022-03-14 18:34 - 2022-03-14 18:34 - 000000000 ____D C:\Program Files\Mozilla Firefox
2022-03-14 18:10 - 2022-03-14 18:09 - 001151992 _____ (Realtek ) C:\Windows\system32\Drivers\rt640x64.sys
2022-03-14 18:06 - 2022-03-14 18:06 - 000000000 ____D C:\Users\Libor\AppData\Local\ESET
2022-03-14 18:02 - 2022-03-14 18:02 - 000000061 _____ C:\Windows\skipsavetoini
2022-03-14 17:59 - 2022-03-14 18:07 - 000000000 ____D C:\Program Files (x86)\ASUS
2022-03-14 17:59 - 2021-09-16 15:25 - 000151608 _____ (©ASUSTeK Computer Inc.) C:\Windows\system32\AsIO3.dll
2022-03-14 17:59 - 2021-09-16 15:25 - 000123744 _____ (©ASUSTeK Computer Inc.) C:\Windows\SysWOW64\AsIO3.dll
2022-03-14 17:59 - 2021-09-16 15:25 - 000043192 _____ C:\Windows\system32\Drivers\AsIO3.sys
2022-03-14 17:58 - 2022-03-14 17:58 - 000000977 _____ C:\Users\Public\Desktop\CPUID ASUS CPU-Z.lnk
2022-03-14 17:58 - 2022-03-14 17:58 - 000000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\CPUID
2022-03-14 17:58 - 2022-03-14 17:58 - 000000000 ____D C:\Program Files\CPUID
2022-03-14 17:49 - 2022-03-18 13:32 - 000000000 ___HD C:\Program Files (x86)\InstallShield Installation Information
2022-03-14 17:44 - 2022-03-18 14:04 - 000000000 ____D C:\ProgramData\UWP
2022-03-14 17:43 - 2022-03-14 17:43 - 000000000 ____D C:\Windows\system32\DTS
2022-03-14 17:39 - 2022-03-18 13:42 - 000000000 ___HD C:\Program Files (x86)\Temp
2022-03-14 17:39 - 2022-03-14 18:11 - 000000000 ____D C:\Program Files (x86)\Realtek
2022-03-14 17:39 - 2022-03-14 17:38 - 002875968 _____ (Realtek Semiconductor Corp.) C:\Windows\RtlExUpd.dll
2022-03-14 17:37 - 2022-03-14 17:37 - 000000000 ____D C:\Users\Libor\Intel
2022-03-14 17:37 - 2022-03-14 17:37 - 000000000 ____D C:\ProgramData\Intel Package Cache {9f9c9e51-d42f-4462-a27a-7d419da18045}
2022-03-14 17:37 - 2022-03-14 17:37 - 000000000 ____D C:\ProgramData\Intel Package Cache {58E22E6B-0E58-4E93-AF9A-036556EB66F5}
2022-03-14 17:37 - 2022-03-14 17:37 - 000000000 ____D C:\ProgramData\Intel Package Cache {1CEAC85D-2590-4760-800F-8DE5E91F3700}
2022-03-14 17:37 - 2022-03-14 17:37 - 000000000 ____D C:\Program Files (x86)\Intel
2022-03-14 17:16 - 2022-03-14 17:16 - 000000000 ____D C:\Windows\SystemTemp
2022-03-14 17:12 - 2022-03-19 18:11 - 000004782 _____ C:\Windows\system32\Tasks\MicrosoftEdgeShadowStackRollbackTask
2022-03-14 17:12 - 2022-03-14 17:13 - 008428192 _____ (ESET) C:\Users\Libor\Downloads\eset_internet_security_live_installer.exe
2022-03-14 17:12 - 2022-03-14 17:12 - 000523776 _____ (curl, hxxps://curl.se/) C:\Windows\system32\curl.exe
2022-03-14 17:12 - 2022-03-14 17:12 - 000464384 _____ (curl, hxxps://curl.se/) C:\Windows\SysWOW64\curl.exe
2022-03-14 17:12 - 2022-03-14 17:12 - 000223744 _____ C:\Windows\SysWOW64\TpmTool.exe
2022-03-14 17:12 - 2022-03-14 17:12 - 000195584 _____ C:\Windows\system32\uwfcfgmgmt.dll
2022-03-14 17:12 - 2022-03-14 17:12 - 000011911 _____ C:\Windows\system32\DrtmAuthTxt.wim
2022-03-14 17:11 - 2022-03-17 11:35 - 000000000 ____D C:\Users\Libor\AppData\Local\Comms
2022-03-14 17:11 - 2022-03-14 17:11 - 002260992 _____ C:\Windows\system32\TextInputMethodFormatter.dll
2022-03-14 17:11 - 2022-03-14 17:11 - 002254336 _____ C:\Windows\system32\dwmscene.dll
2022-03-14 17:11 - 2022-03-14 17:11 - 000288768 _____ C:\Windows\system32\Windows.Management.InprocObjects.dll
2022-03-14 17:11 - 2022-03-14 17:11 - 000272896 _____ C:\Windows\system32\TpmTool.exe
2022-03-14 17:11 - 2022-03-14 17:11 - 000162816 _____ C:\Windows\system32\DataStoreCacheDumpTool.exe
2022-03-14 17:11 - 2022-03-14 17:11 - 000060928 _____ C:\Windows\system32\runexehelper.exe
2022-03-14 17:11 - 2022-03-14 17:11 - 000000000 ____D C:\Users\Libor\AppData\LocalLow\AMD
2022-03-14 17:09 - 2022-03-14 17:09 - 000000000 ___HD C:\$WinREAgent
2022-03-14 17:07 - 2022-03-18 20:23 - 000003596 _____ C:\Windows\system32\Tasks\OneDrive Reporting Task-S-1-5-21-2462690449-1114630332-3244458091-1001
2022-03-14 17:05 - 2022-03-16 16:11 - 000000000 ____D C:\Users\Libor\AppData\Local\D3DSCache
2022-03-14 17:05 - 2022-03-14 18:41 - 000000000 ____D C:\Windows\system32\AMD
2022-03-14 17:05 - 2022-03-14 18:41 - 000000000 ____D C:\Users\Libor\AppData\Local\AMD
2022-03-14 17:05 - 2022-03-14 18:41 - 000000000 ____D C:\Program Files\AMD
2022-03-14 17:05 - 2022-03-14 17:05 - 000000000 ____D C:\Windows\system32\MRT
2022-03-14 17:05 - 2022-03-14 17:05 - 000000000 ____D C:\Program Files\Microsoft Update Health Tools
2022-03-14 17:02 - 2022-03-14 17:02 - 000338040 _____ () C:\Windows\system32\AsusDownLoadLicense.exe

[karbi02]

==================== One month (modified) ==================

(If an entry is included in the fixlist, the file/folder will be moved.)

2022-03-19 18:11 - 2019-12-07 10:14 - 000000000 ___HD C:\Program Files\WindowsApps
2022-03-19 18:11 - 2019-12-07 10:14 - 000000000 ____D C:\Windows\AppReadiness
2022-03-19 18:11 - 2019-12-07 10:14 - 000000000 ____D C:\ProgramData\regid.1991-06.com.microsoft
2022-03-19 16:56 - 2019-12-07 15:43 - 000716894 _____ C:\Windows\system32\perfh005.dat
2022-03-19 16:56 - 2019-12-07 15:43 - 000145072 _____ C:\Windows\system32\perfc005.dat
2022-03-19 16:56 - 2019-12-07 10:13 - 000000000 ____D C:\Windows\INF
2022-03-19 08:21 - 2019-12-07 15:45 - 000000000 ____D C:\Windows\system32\FxsTmp
2022-03-18 13:58 - 2019-12-07 10:14 - 000000000 ___HD C:\Windows\ELAMBKUP
2022-03-18 13:58 - 2019-12-07 10:03 - 000524288 _____ C:\Windows\system32\config\BBI
2022-03-16 22:55 - 2019-12-06 16:49 - 000040960 _____ () C:\Users\Libor\Desktop\memtest.exe
2022-03-16 22:25 - 2019-12-07 10:14 - 000000000 ____D C:\Windows\LiveKernelReports
2022-03-16 16:24 - 2019-12-07 10:14 - 000000000 ____D C:\Program Files\Common Files\microsoft shared
2022-03-16 15:46 - 2019-12-07 10:14 - 000000000 ____D C:\Windows\SysWOW64\MUI
2022-03-16 15:46 - 2019-12-07 10:14 - 000000000 ____D C:\Windows\system32\MUI
2022-03-16 15:46 - 2019-12-07 10:10 - 000383488 _____ (Microsoft Corporation) C:\Windows\SysWOW64\dpnet.dll
2022-03-16 15:46 - 2019-12-07 10:10 - 000215552 _____ (Microsoft Corporation) C:\Windows\SysWOW64\dplayx.dll
2022-03-16 15:46 - 2019-12-07 10:10 - 000060928 _____ (Microsoft Corporation) C:\Windows\SysWOW64\dpnathlp.dll
2022-03-16 15:46 - 2019-12-07 10:10 - 000045568 _____ (Microsoft Corporation) C:\Windows\SysWOW64\dpwsockx.dll
2022-03-16 15:46 - 2019-12-07 10:10 - 000023552 _____ (Microsoft Corporation) C:\Windows\SysWOW64\dpmodemx.dll
2022-03-16 15:46 - 2019-12-07 10:10 - 000022528 _____ (Microsoft Corporation) C:\Windows\SysWOW64\dpnsvr.exe
2022-03-16 15:46 - 2019-12-07 10:10 - 000020480 _____ (Microsoft Corporation) C:\Windows\SysWOW64\dplaysvr.exe
2022-03-16 15:46 - 2019-12-07 10:10 - 000008192 _____ (Microsoft Corporation) C:\Windows\SysWOW64\dpnhupnp.dll
2022-03-16 15:46 - 2019-12-07 10:10 - 000008192 _____ (Microsoft Corporation) C:\Windows\SysWOW64\dpnhpast.dll
2022-03-16 15:46 - 2019-12-07 10:10 - 000005120 _____ (Microsoft Corporation) C:\Windows\SysWOW64\dpnlobby.dll
2022-03-16 15:46 - 2019-12-07 10:10 - 000005120 _____ (Microsoft Corporation) C:\Windows\SysWOW64\dpnaddr.dll
2022-03-16 15:46 - 2019-12-07 10:09 - 000494592 _____ (Microsoft Corporation) C:\Windows\system32\dpnet.dll
2022-03-16 15:46 - 2019-12-07 10:09 - 000070656 _____ (Microsoft Corporation) C:\Windows\system32\dpnathlp.dll
2022-03-16 15:46 - 2019-12-07 10:09 - 000028672 _____ (Microsoft Corporation) C:\Windows\system32\dpnsvr.exe
2022-03-16 15:46 - 2019-12-07 10:09 - 000010240 _____ (Microsoft Corporation) C:\Windows\system32\dpnhupnp.dll
2022-03-16 15:46 - 2019-12-07 10:09 - 000010240 _____ (Microsoft Corporation) C:\Windows\system32\dpnhpast.dll
2022-03-16 15:46 - 2019-12-07 10:09 - 000006144 _____ (Microsoft Corporation) C:\Windows\system32\dpnlobby.dll
2022-03-16 15:46 - 2019-12-07 10:09 - 000006144 _____ (Microsoft Corporation) C:\Windows\system32\dpnaddr.dll
2022-03-16 15:46 - 2019-12-07 10:03 - 000000000 ____D C:\Windows\CbsTemp
2022-03-16 15:31 - 2019-12-07 10:14 - 000000000 ____D C:\Windows\system32\WinMetadata
2022-03-16 15:31 - 2019-12-07 10:14 - 000000000 ____D C:\Windows\system32\Sysprep
2022-03-16 15:31 - 2019-12-07 10:14 - 000000000 ____D C:\Windows\registration
2022-03-15 17:57 - 2019-12-07 10:14 - 000000000 ____D C:\Windows\appcompat
2022-03-14 23:54 - 2019-12-07 10:14 - 000000000 ____D C:\Windows\system32\spool
2022-03-14 23:54 - 2019-12-07 10:14 - 000000000 ____D C:\ProgramData\USOPrivate
2022-03-14 23:52 - 2019-12-07 10:14 - 000000000 ____D C:\Program Files\Windows NT
2022-03-14 23:51 - 2019-12-07 10:14 - 000028672 _____ C:\Windows\system32\config\BCD-Template
2022-03-14 23:51 - 2019-12-07 10:03 - 000032768 _____ C:\Windows\system32\config\ELAM
2022-03-14 17:16 - 2019-12-07 15:47 - 000000000 ___SD C:\Windows\system32\AppV
2022-03-14 17:16 - 2019-12-07 15:47 - 000000000 ____D C:\Program Files\Windows Defender Advanced Threat Protection
2022-03-14 17:16 - 2019-12-07 10:14 - 000000000 ___SD C:\Windows\system32\DiagSvcs
2022-03-14 17:16 - 2019-12-07 10:14 - 000000000 ___RD C:\Windows\ImmersiveControlPanel
2022-03-14 17:16 - 2019-12-07 10:14 - 000000000 ____D C:\Windows\SysWOW64\setup
2022-03-14 17:16 - 2019-12-07 10:14 - 000000000 ____D C:\Windows\SysWOW64\Dism
2022-03-14 17:16 - 2019-12-07 10:14 - 000000000 ____D C:\Windows\SystemResources
2022-03-14 17:16 - 2019-12-07 10:14 - 000000000 ____D C:\Windows\system32\WinBioPlugIns
2022-03-14 17:16 - 2019-12-07 10:14 - 000000000 ____D C:\Windows\system32\setup
2022-03-14 17:16 - 2019-12-07 10:14 - 000000000 ____D C:\Windows\system32\oobe
2022-03-14 17:16 - 2019-12-07 10:14 - 000000000 ____D C:\Windows\system32\migwiz
2022-03-14 17:16 - 2019-12-07 10:14 - 000000000 ____D C:\Windows\system32\lv-LV
2022-03-14 17:16 - 2019-12-07 10:14 - 000000000 ____D C:\Windows\system32\lt-LT
2022-03-14 17:16 - 2019-12-07 10:14 - 000000000 ____D C:\Windows\system32\et-EE
2022-03-14 17:16 - 2019-12-07 10:14 - 000000000 ____D C:\Windows\system32\es-MX
2022-03-14 17:16 - 2019-12-07 10:14 - 000000000 ____D C:\Windows\system32\Dism
2022-03-14 17:16 - 2019-12-07 10:14 - 000000000 ____D C:\Windows\system32\appraiser
2022-03-14 17:16 - 2019-12-07 10:14 - 000000000 ____D C:\Windows\ShellExperiences
2022-03-14 17:16 - 2019-12-07 10:14 - 000000000 ____D C:\Windows\Provisioning
2022-03-14 17:16 - 2019-12-07 10:14 - 000000000 ____D C:\Windows\PolicyDefinitions
2022-03-14 17:16 - 2019-12-07 10:14 - 000000000 ____D C:\Windows\bcastdvr
2022-03-14 17:16 - 2019-12-07 10:03 - 000000000 ____D C:\Windows\servicing
2022-03-14 17:07 - 2019-12-07 10:14 - 000000000 ___RD C:\Windows\PrintDialog
2022-03-14 17:07 - 2019-12-07 10:14 - 000000000 ____D C:\Windows\ServiceState
2022-03-14 17:06 - 2019-12-07 10:14 - 000000000 ____D C:\Windows\system32\WinBioDatabase
2022-03-14 17:06 - 2019-12-07 10:14 - 000000000 ____D C:\Program Files\Windows Defender

==================== SigCheck ============================

(There is no automatic fix for files that do not pass verification.)

==================== End of FRST.txt ========================

[jaro3]

Prosím, postupuj následujícím způsobem:
Otevřít poznámkový blok (Start => Všechny programy => Příslušenství => Poznámkový blok).
Prosím, zkopíruj do něj celý obsah níže.

Kód: Vybrat vše

Start
CreateRestorePoint:
CloseProcesses:
FF Extension: (No Name) - C:\Users\Libor\AppData\Roaming\Mozilla\Firefox\Profiles\finb1osl.default-release\Extensions\{d10d0bf8-f5b5-c8b4-a8b2-2b9879e08c5d}.xpi [2021-11-23]
R3 WinRing0_1_2_0; C:\Users\Libor\AppData\Local\Temp\Rar$EXa7504.40469\OpenHardwareMonitor\OpenHardwareMonitorLib.sys [14544 2022-03-19] (Noriyuki MIYAZAKI -> OpenLibSys.org) <==== ATTENTION

EmptyTemp:
End

(Můžeš použít funkci „vybrat vše“, klepni pravým tlačítkem myši na levé horní políčko v otevřeném poznámkovém bloku a zvol „ Vložit“).

Ulož jej na na plochu jako fixlist.txt


Spusťt FRST a stiskni tlačítko „Fix“ (Opravit) jen jednou a čekej.
Nástroj vypracuje log na ploše (Fixlog.txt), prosím zkopíruj sem celý jeho obsah.

Date: 2022-03-16 15:28:07
Description:
Antivirová ochrana v programu Microsoft Defender zjistil malware nebo jiný potenciálně nežádoucí software.
Další informace:
https://go.microsoft.com/fwlink/?linkid ... terprise=0
Název: Trojan:Win64/Donut.CIK!MTB
Závažnost: Vážné
Kategorie: Trojský kůň
Cesta: file:_C:\Users\Libor\AppData\Local\Temp\Rar$EXb4604.10614\Install.exe; file:_C:\Users\Libor\AppData\Local\Temp\Rar$EXb4604.11267\Install.exe; file:_C:\Users\Libor\AppData\Local\Temp\Rar$EXb4604.12510\Install.exe; file:_C:\Users\Libor\AppData\Local\Temp\Rar$EXb4604.15160\ESET NOD32 Antivirus Premium.exe; file:_C:\Users\Libor\AppData\Local\Temp\Rar$EXb4604.16032\ESET NOD32 Antivirus Premium.exe; file:_C:\Users\Libor\AppData\Local\Temp\Rar$EXb4604.16032\Install.exe; file:_C:\Users\Libor\AppData\Local\Temp\Rar$EXb4604.17455\ESET NOD32 Antivirus Premium.exe; file:_C:\Users\Libor\AppData\Local\Temp\Rar$EXb4604.17455\Install.exe
Původ detekce: Místní počítač

Zkus najít ty infikované soubory , pokud tam jsou.
V možnostech složky si povol zobrazování skrytých souborů a složek+ odškrtni zatržítko skrýt chráněné soubory operačního systému

otestuj na https://www.virustotal.com/#/home/uploadVirustotal

Klikni vpravo od okénka na Vybrat a v Exploreru najdi požadovaný soubor v Tvém PC. Označ ho myší a klikni na Otevřít , poté klikni na Send File. Pokud už byl soubor testován , objeví se okno ve kterém klikni na Reanalyze. Soubor se začne postupně testovat více antivirovými programy. Až skončí test posledního antiviru , objeví se nahoře result a červeně počet nákaz , např. 0/43 , nebo 1/43. Pak zkopíruj myší odkaz na tuto stránku a vlož ji do svého příspěvku.

Nebo na:
http://www.virscan.org/