prosím o kontrolu HJT logu Vyřešeno

[c.johnson]

Nepomohl restart ani vypnutí antiviru. Instalace vždy ohlásí chybu a ukončí se.

[Reklama]

[jaro3]

Stáhni si Security Check by screen317 z některého odkazu
http://www.bleepingcomputer.com/download/securitycheck/
https://www.bleepingcomputer.com/downlo ... ritycheck/

ulož si ho na plochu, poklepej na něj a postupuj podle instrukcí v černém okně. Potom se automaticky otevře pozn. Blok, bude mít název checkup.txt. Jeho obsah sem prosím zkopíruj.

Vypni antivir i firewall.
Prosím stáhni příslušnou verzi programu pro Tvůj systém 32-bit/64-bit FarbarRecovery Scan Tool (FrSt)
32bit.:
http://www.bleepingcomputer.com/downloa ... ool/dl/81/
64bit.:
http://www.bleepingcomputer.com/downloa ... ool/dl/82/
další odkaz:
http://www.bleepingcomputer.com/downloa ... scan-tool/
a ulož jej na plochu. ,pak spusť FrSt.
Potvrď způsob užití.
Neměň žádné z výchozích nastavení a klikni na položku „Scan“ („Skenovat“) .Když je skenování dokončeno, ukážou se dva logy = FRST.txt a Addition.txt a uloží se na ploše.Prosím zkopíruj sem celý jejich obsah.

[c.johnson]

Additional scan result of Farbar Recovery Scan Tool (x64) Version: 25.01.2024
Ran by spravce (26-01-2024 18:44:51)
Running from C:\Users\spravce\Desktop
Microsoft Windows 11 Home Version 22H2 22621.3007 (X64) (2023-02-25 17:19:44)
Boot Mode: Normal
==========================================================


==================== Accounts: =============================


(If an entry is included in the fixlist, it will be removed.)

Administrator (S-1-5-21-3232083344-1562268770-1372096952-500 - Administrator - Disabled)
DefaultAccount (S-1-5-21-3232083344-1562268770-1372096952-503 - Limited - Disabled)
Guest (S-1-5-21-3232083344-1562268770-1372096952-501 - Limited - Disabled)
spravce (S-1-5-21-3232083344-1562268770-1372096952-1001 - Administrator - Enabled) => C:\Users\spravce
WDAGUtilityAccount (S-1-5-21-3232083344-1562268770-1372096952-504 - Limited - Disabled)

==================== Security Center ========================

(If an entry is included in the fixlist, it will be removed.)

AV: Malwarebytes (Disabled - Up to date) {0D452135-A081-B000-D6B6-132E52638543}
AV: Windows Defender (Disabled - Up to date) {D68DDC3A-831F-4fae-9E44-DA132C1ACF46}

==================== Installed Programs ======================

(Only the adware programs with "Hidden" flag could be added to the fixlist to unhide them. The adware programs should be uninstalled manually.)

Adobe Acrobat (64-bit) (HKLM\...\{AC76BA86-1029-1033-7760-BC15014EA700}) (Version: 23.008.20470 - Adobe)
Adobe Refresh Manager (HKLM-x32\...\{AC76BA86-0804-1033-1959-018244601053}) (Version: 1.8.0 - Adobe Systems Incorporated) Hidden
AMD Software (HKLM\...\AMD Catalyst Install Manager) (Version: 23.9.1 - Advanced Micro Devices, Inc.)
AppLogLibSetup (HKLM-x32\...\{52FB0C8F-DF05-4C61-AEB6-18C55F8C385F}) (Version: 1.0.3.0 - Brother Industries Ltd.) Hidden
Branding64 (HKLM\...\{492AEFBE-1B81-4C20-A111-E6974BB98EC5}) (Version: 1.00.0009 - Advanced Micro Devices, Inc.) Hidden
BrLauncher (HKLM-x32\...\{C04DCB6D-02A2-41AD-AA79-2644CEB26445}) (Version: 2.0.17.0 - Brother Industries Ltd.) Hidden
BrLogRx (HKLM-x32\...\{B556F816-FF4D-4BB6-9339-ED28639E2EF3}) (Version: 1.0.2.1 - Brother Industries Ltd.) Hidden
Brother PCFax Driver (HKLM-x32\...\{79262B43-9E15-4732-A034-BFD29D9BD077}) (Version: 1.4.1.0 - Brother Industries Ltd.) Hidden
Brother Printer Driver (HKLM-x32\...\{971A4F2E-F626-4AAF-947C-F38231819E7B}) (Version: 1.6.0.0 - Brother Industries Ltd.) Hidden
Brother Scanner Driver (HKLM-x32\...\{969C25C0-AD41-41BB-A46A-E0372A620507}) (Version: 1.0.27.1 - Brother Industries Ltd.) Hidden
BrSupportTools (HKLM-x32\...\{E1B7CE6D-A4F9-4C9B-8FAB-9178CF47FDED}) (Version: 1.0.27.0 - Brother Industries Ltd.) Hidden
ControlCenter4 (HKLM-x32\...\{CD0E9C09-7A83-4DC4-A54E-7B8EECBF3CA0}) (Version: 4.6.22.1 - Brother Industries, Ltd.) Hidden
ControlCenter4 CSDK (HKLM-x32\...\{1E89F75C-EF46-406C-9AAC-615B3CCC1D3D}) (Version: 4.3.2.1 - Brother Insutries Ltd.) Hidden
Crusader Kings 3 (HKLM-x32\...\Crusader Kings 3_is1) (Version: - )
Discord (HKU\S-1-5-21-3232083344-1562268770-1372096952-1001\...\Discord) (Version: 1.0.9002 - Discord Inc.)
Google Chrome (HKLM-x32\...\Google Chrome) (Version: 120.0.6099.225 - Google LLC)
HowToGuide (HKLM-x32\...\{36580EEB-4EDF-4880-BBD4-097E2C645ECD}) (Version: 1.0.1.0 - Brother Industries Ltd.) Hidden
HxD Hex Editor 2.5 (HKLM\...\HxD_is1) (Version: 2.5 - Maël Hörz)
Cheat Engine 7.5 (HKLM\...\Cheat Engine_is1) (Version: - Cheat Engine)
KMPlayer 64X (HKLM\...\KMPlayer 64X) (Version: 2021.07.21.37 - PandoraTV)
Kontrola stavu osobního počítače s Windows (HKLM\...\{D1F15F7A-707A-42BD-BE6B-3380616F796D}) (Version: 3.6.2204.08001 - Microsoft Corporation)
Malwarebytes version 4.6.8.311 (HKLM\...\{35065F43-4BB2-439A-BFF7-0F1014F2E0CD}_is1) (Version: 4.6.8.311 - Malwarebytes)
Microsoft .NET Host - 6.0.26 (x64) (HKLM\...\{87EBA554-A002-4EF4-A612-4FFD06092B5B}) (Version: 48.104.7000 - Microsoft Corporation) Hidden
Microsoft .NET Host FX Resolver - 6.0.26 (x64) (HKLM\...\{D81A418F-966D-4069-B3E8-5EE4843CA862}) (Version: 48.104.7000 - Microsoft Corporation) Hidden
Microsoft .NET Runtime - 6.0.26 (x64) (HKLM\...\{1A02C1B1-05BB-49F7-9DFF-99A66C6877FC}) (Version: 48.104.7000 - Microsoft Corporation) Hidden
Microsoft 365 Apps pro firmy - cs-cz (HKLM\...\O365BusinessRetail - cs-cz) (Version: 16.0.17126.20132 - Microsoft Corporation)
Microsoft Edge (HKLM-x32\...\Microsoft Edge) (Version: 120.0.2210.144 - Microsoft Corporation)
Microsoft Edge WebView2 Runtime (HKLM-x32\...\Microsoft EdgeWebView) (Version: 120.0.2210.144 - Microsoft Corporation)
Microsoft OneDrive (HKLM\...\OneDriveSetup.exe) (Version: 23.246.1127.0002 - Microsoft Corporation)
Microsoft Teams (HKU\S-1-5-21-3232083344-1562268770-1372096952-1001\...\Teams) (Version: 1.5.00.21463 - Microsoft Corporation)
Microsoft Update Health Tools (HKLM\...\{C6FD611E-7EFE-488C-A0E0-974C09EF6473}) (Version: 5.72.0.0 - Microsoft Corporation)
Microsoft Visual C++ 2010 Redistributable - x64 10.0.40219 (HKLM\...\{1D8E6291-B0D5-35EC-8441-6616F567A0F7}) (Version: 10.0.40219 - Microsoft Corporation)
Microsoft Visual C++ 2010 Redistributable - x86 10.0.40219 (HKLM-x32\...\{F0C3E5D1-1ADE-321E-8167-68EF0DE699A5}) (Version: 10.0.40219 - Microsoft Corporation)
Microsoft Visual C++ 2015 Redistributable (x86) - 14.0.24215 (HKLM-x32\...\{e2803110-78b3-4664-a479-3611a381656a}) (Version: 14.0.24215.1 - Microsoft Corporation)
Microsoft Visual C++ 2015 x86 Additional Runtime - 14.0.24215 (HKLM-x32\...\{69BCE4AC-9572-3271-A2FB-9423BDA36A43}) (Version: 14.0.24215 - Microsoft Corporation) Hidden
Microsoft Visual C++ 2015 x86 Minimum Runtime - 14.0.24215 (HKLM-x32\...\{BBF2AC74-720C-3CB3-8291-5E34039232FA}) (Version: 14.0.24215 - Microsoft Corporation) Hidden
Microsoft Visual C++ 2015-2019 Redistributable (x64) - 14.29.30133 (HKLM-x32\...\{295d1583-fdb9-414b-a4c8-da539362a26b}) (Version: 14.29.30133.0 - Microsoft Corporation)
Microsoft Visual C++ 2019 X64 Additional Runtime - 14.29.30133 (HKLM\...\{E699E009-1C3C-4E50-9B57-2B39F0954C7F}) (Version: 14.29.30133 - Microsoft Corporation) Hidden
Microsoft Visual C++ 2019 X64 Minimum Runtime - 14.29.30133 (HKLM\...\{6CD9E9ED-906D-4196-8DC3-F987D2F6615F}) (Version: 14.29.30133 - Microsoft Corporation) Hidden
Microsoft Windows Desktop Runtime - 6.0.26 (x64) (HKLM\...\{1F0EB53C-BE30-436A-BC54-FA364227A870}) (Version: 48.104.6996 - Microsoft Corporation) Hidden
Microsoft Windows Desktop Runtime - 6.0.26 (x64) (HKLM-x32\...\{b2476903-b8da-4dcc-903f-378730bb4c48}) (Version: 6.0.26.33205 - Microsoft Corporation)
NetworkRepairTool (HKLM-x32\...\{947DE453-69FD-4CF6-A682-04D1308C79AF}) (Version: 1.2.15.0 - Brother Industries, Ltd.) Hidden
Office 16 Click-to-Run Extensibility Component (HKLM\...\{90160000-008C-0000-1000-0000000FF1CE}) (Version: 16.0.17126.20132 - Microsoft Corporation) Hidden
Office 16 Click-to-Run Licensing Component (HKLM\...\{90160000-007E-0000-1000-0000000FF1CE}) (Version: 16.0.17126.20132 - Microsoft Corporation) Hidden
Office 16 Click-to-Run Localization Component (HKLM\...\{90160000-008C-0405-1000-0000000FF1CE}) (Version: 16.0.14131.20278 - Microsoft Corporation) Hidden
PC-FAXReceive (HKLM-x32\...\{5905E4B2-93DD-4F9D-AC84-8AE1FC7F91F7}) (Version: 1.6.17.0 - Brother Insutries Ltd.) Hidden
PCFaxTx (HKLM-x32\...\{3C17737F-A6C4-4528-9A60-06DD0D4B3A63}) (Version: 1.0.18.1 - Brother Industries Ltd.) Hidden
PDF24 Creator 10.0.12 (HKLM\...\{81A6F461-0DBA-4F12-B56F-0E977EC10576}_is1) (Version: 10.0.12 - PDF24.org)
Pomocník s aktualizací Windows 10 (HKLM-x32\...\{D5C69738-B486-402E-85AC-2456D98A64E4}) (Version: 1.4.9200.23367 - Microsoft Corporation)
RemoteSetup (HKLM-x32\...\{EB4D046E-28C1-4884-9129-47F41317E9B0}) (Version: 3.10.3.0 - Brother Industries Ltd.) Hidden
RogueKiller version 15.14.0.0 (HKLM\...\8B3D7924-ED89-486B-8322-E8594065D5CB_is1) (Version: 15.14.0.0 - Adlice Software)
RyzenMasterSDK (HKLM\...\{EC1E87F3-CE44-4AD0-BA13-CA7CBC065736}) (Version: 1.2.3.5 - Advanced Micro Devices, Inc.) Hidden
ScannerUtilityInstaller (HKLM-x32\...\{D65C0754-7790-427F-AD73-D7C644260F57}) (Version: 1.19.9.1 - Brother) Hidden
SP Football Life 2024 (HKLM-x32\...\SP Football Life 2024) (Version: - )
StatusMonitor (HKLM-x32\...\{B8C27558-33E8-46D3-B965-5937285234CD}) (Version: 1.22.25.0 - Brother Industries, Ltd.) Hidden
Steam (HKLM-x32\...\Steam) (Version: 2.10.91.91 - Valve Corporation)
Teams Machine-Wide Installer (HKLM-x32\...\{731F6BAA-A986-45A4-8936-7C3AAAAA760B}) (Version: 1.4.0.7174 - Microsoft Corporation)
UE4 Prerequisites (x64) (HKLM\...\{36EAD5CF-44EF-4FCF-8BE1-D96C4835D7A4}) (Version: 1.0.11.0 - Epic Games, Inc.) Hidden
UE4 Prerequisites (x64) (HKLM-x32\...\{2890ae6b-90e9-448d-b3e6-97e43c21e2fd}) (Version: 1.0.13.0 - Epic Games, Inc.) Hidden
Update for Windows 10 for x64-based Systems (KB5001716) (HKLM\...\{C22F49B1-0F67-47DC-A490-E8B4B6558EA9}) (Version: 8.91.0.0 - Microsoft Corporation)
UsbRepairTool (HKLM-x32\...\{F8762A81-32B5-4144-9F3C-9274F515A651}) (Version: 1.4.0.0 - Brother Industries, Ltd.) Hidden
Vuze (HKLM\...\8461-7759-5462-8226) (Version: 5.7.7.0 - Azureus Software, Inc.)
WinRAR 6.02 (64-bit) (HKLM\...\WinRAR archiver) (Version: 6.02.0 - win.rar GmbH)

Packages:
=========
Adobe Acrobat Reader -> C:\Program Files\Adobe\Acrobat DC [2024-01-05] ()
AMD Radeon Software -> C:\Program Files\AMD\CNext\CNext [2023-12-27] (Advanced Micro Devices Inc.) [Startup Task]
Dev Home -> C:\Program Files\WindowsApps\Microsoft.Windows.DevHome_0.900.374.0_x64__8wekyb3d8bbwe [2024-01-12] (Microsoft Corporation)
Doplněk multimediálního modulu pro aplikaci Fotografie -> C:\Program Files\WindowsApps\Microsoft.Photos.MediaEngineDLC_1.0.0.0_x64__8wekyb3d8bbwe [2021-08-24] (Microsoft Corporation)
HP Smart -> C:\Program Files\WindowsApps\AD2F1837.HPPrinterControl_151.3.1092.0_x64__v10z8vjag6ke6 [2024-01-20] (HP Inc.)
Microsoft Family -> C:\Program Files\WindowsApps\MicrosoftCorporationII.MicrosoftFamily_0.2.40.0_x64__8wekyb3d8bbwe [2023-09-15] (Microsoft Corp.)
Microsoft Teams (work or school) -> C:\Program Files\WindowsApps\MSTeams_23285.3607.2525.937_x64__8wekyb3d8bbwe [2023-11-28] (Microsoft) [Startup Task]
Microsoft.AV1VideoExtension -> C:\Program Files\WindowsApps\Microsoft.AV1VideoExtension_1.1.61781.0_x64__8wekyb3d8bbwe [2023-07-14] (Microsoft Corporation)
Microsoft.WindowsAppRuntime.CBS -> C:\WINDOWS\SystemApps\Microsoft.WindowsAppRuntime.CBS_8wekyb3d8bbwe [2024-01-11] (Microsoft Corporation)
Realtek Audio Control -> C:\Program Files\WindowsApps\RealtekSemiconductorCorp.RealtekAudioControl_1.45.304.0_x64__dt26b99r8h8gj [2023-12-28] (Realtek Semiconductor Corp)
Spotify Music -> C:\Program Files\WindowsApps\SpotifyAB.SpotifyMusic_1.229.605.0_x64__zpdnekdrzrea0 [2024-01-22] (Spotify AB) [Startup Task]
WhatsApp -> C:\Program Files\WindowsApps\5319275A.WhatsAppDesktop_2.2401.3.0_x64__cv1g1gvanyjgm [2024-01-15] (WhatsApp Inc.) [Startup Task]
Windows Feature Experience Pack -> C:\WINDOWS\SystemApps\MicrosoftWindows.Client.FileExp_cw5n1h2txyewy [2024-01-11] (Microsoft Corporation)

==================== Custom CLSID (Whitelisted): ==============

(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)

CustomCLSID: HKU\S-1-5-21-3232083344-1562268770-1372096952-1001_Classes\CLSID\{04271989-C4D2-5587-8D45-7D2EEA9942A5} -> [OneDrive] => {a52bba46-e9e1-435f-b3d9-28daa648c0f6}
CustomCLSID: HKU\S-1-5-21-3232083344-1562268770-1372096952-1001_Classes\CLSID\{13357088-9834-0409-1600-134951500000}\localserver32 -> C:\Program Files\Adobe\Acrobat DC\Acrobat\ADNotificationManager.exe (Adobe Inc. -> Adobe)
CustomCLSID: HKU\S-1-5-21-3232083344-1562268770-1372096952-1001_Classes\CLSID\{19A6E644-14E6-4A60-B8D7-DD20610A871D}\InprocServer32 -> C:\Users\spravce\AppData\Local\Microsoft\TeamsMeetingAddin\1.0.22147.1\x64\Microsoft.Teams.AddinLoader.dll (Microsoft Corporation -> Microsoft Corporation)
CustomCLSID: HKU\S-1-5-21-3232083344-1562268770-1372096952-1001_Classes\CLSID\{38142727-3008-9161-1521-349515000000}\localserver32 -> C:\Program Files\Adobe\Acrobat DC\Acrobat\ADNotificationManager.exe (Adobe Inc. -> Adobe)
CustomCLSID: HKU\S-1-5-21-3232083344-1562268770-1372096952-1001_Classes\CLSID\{d1b22d3d-8585-53a6-acb3-0e803c7e8d2a}\localserver32 -> C:\Users\spravce\AppData\Local\Microsoft\Teams\current\Teams.exe (Microsoft Corporation -> Microsoft Corporation)
ShellIconOverlayIdentifiers: [ OneDrive1] -> {BBACC218-34EA-4666-9D7A-C78F2274A524} => C:\Program Files\Microsoft OneDrive\23.246.1127.0002\FileSyncShell64.dll [2023-12-19] (Microsoft Corporation -> Microsoft Corporation)
ShellIconOverlayIdentifiers: [ OneDrive2] -> {5AB7172C-9C11-405C-8DD5-AF20F3606282} => C:\Program Files\Microsoft OneDrive\23.246.1127.0002\FileSyncShell64.dll [2023-12-19] (Microsoft Corporation -> Microsoft Corporation)
ShellIconOverlayIdentifiers: [ OneDrive3] -> {A78ED123-AB77-406B-9962-2A5D9D2F7F30} => C:\Program Files\Microsoft OneDrive\23.246.1127.0002\FileSyncShell64.dll [2023-12-19] (Microsoft Corporation -> Microsoft Corporation)
ShellIconOverlayIdentifiers: [ OneDrive4] -> {F241C880-6982-4CE5-8CF7-7085BA96DA5A} => C:\Program Files\Microsoft OneDrive\23.246.1127.0002\FileSyncShell64.dll [2023-12-19] (Microsoft Corporation -> Microsoft Corporation)
ShellIconOverlayIdentifiers: [ OneDrive5] -> {A0396A93-DC06-4AEF-BEE9-95FFCCAEF20E} => C:\Program Files\Microsoft OneDrive\23.246.1127.0002\FileSyncShell64.dll [2023-12-19] (Microsoft Corporation -> Microsoft Corporation)
ShellIconOverlayIdentifiers: [ OneDrive6] -> {9AA2F32D-362A-42D9-9328-24A483E2CCC3} => C:\Program Files\Microsoft OneDrive\23.246.1127.0002\FileSyncShell64.dll [2023-12-19] (Microsoft Corporation -> Microsoft Corporation)
ShellIconOverlayIdentifiers: [ OneDrive7] -> {C5FF006E-2AE9-408C-B85B-2DFDD5449D9C} => C:\Program Files\Microsoft OneDrive\23.246.1127.0002\FileSyncShell64.dll [2023-12-19] (Microsoft Corporation -> Microsoft Corporation)
ShellIconOverlayIdentifiers-x32: [ OneDrive1] -> {BBACC218-34EA-4666-9D7A-C78F2274A524} => C:\Program Files\Microsoft OneDrive\23.246.1127.0002\FileSyncShell64.dll [2023-12-19] (Microsoft Corporation -> Microsoft Corporation)
ShellIconOverlayIdentifiers-x32: [ OneDrive2] -> {5AB7172C-9C11-405C-8DD5-AF20F3606282} => C:\Program Files\Microsoft OneDrive\23.246.1127.0002\FileSyncShell64.dll [2023-12-19] (Microsoft Corporation -> Microsoft Corporation)
ShellIconOverlayIdentifiers-x32: [ OneDrive3] -> {A78ED123-AB77-406B-9962-2A5D9D2F7F30} => C:\Program Files\Microsoft OneDrive\23.246.1127.0002\FileSyncShell64.dll [2023-12-19] (Microsoft Corporation -> Microsoft Corporation)
ShellIconOverlayIdentifiers-x32: [ OneDrive4] -> {F241C880-6982-4CE5-8CF7-7085BA96DA5A} => C:\Program Files\Microsoft OneDrive\23.246.1127.0002\FileSyncShell64.dll [2023-12-19] (Microsoft Corporation -> Microsoft Corporation)
ShellIconOverlayIdentifiers-x32: [ OneDrive5] -> {A0396A93-DC06-4AEF-BEE9-95FFCCAEF20E} => C:\Program Files\Microsoft OneDrive\23.246.1127.0002\FileSyncShell64.dll [2023-12-19] (Microsoft Corporation -> Microsoft Corporation)
ShellIconOverlayIdentifiers-x32: [ OneDrive6] -> {9AA2F32D-362A-42D9-9328-24A483E2CCC3} => C:\Program Files\Microsoft OneDrive\23.246.1127.0002\FileSyncShell64.dll [2023-12-19] (Microsoft Corporation -> Microsoft Corporation)
ShellIconOverlayIdentifiers-x32: [ OneDrive7] -> {C5FF006E-2AE9-408C-B85B-2DFDD5449D9C} => C:\Program Files\Microsoft OneDrive\23.246.1127.0002\FileSyncShell64.dll [2023-12-19] (Microsoft Corporation -> Microsoft Corporation)
ContextMenuHandlers1: [ FileSyncEx] -> {CB3D0F55-BC2C-4C1A-85ED-23ED75B5106B} => C:\Program Files\Microsoft OneDrive\23.246.1127.0002\FileSyncShell64.dll [2023-12-19] (Microsoft Corporation -> Microsoft Corporation)
ContextMenuHandlers1: [WinRAR] -> {B41DB860-64E4-11D2-9906-E49FADC173CA} => C:\Program Files\WinRAR\rarext.dll [2021-06-11] (win.rar GmbH -> Alexander Roshal)
ContextMenuHandlers1-x32: [WinRAR32] -> {B41DB860-8EE4-11D2-9906-E49FADC173CA} => C:\Program Files\WinRAR\rarext32.dll [2021-06-11] (win.rar GmbH -> Alexander Roshal)
ContextMenuHandlers3: [MBAMShlExt] -> {57CE581A-0CB6-4266-9CA0-19364C90A0B3} => C:\Program Files\Malwarebytes\Anti-Malware\mbshlext.dll [2024-01-24] (Malwarebytes Inc. -> Malwarebytes)
ContextMenuHandlers4: [ FileSyncEx] -> {CB3D0F55-BC2C-4C1A-85ED-23ED75B5106B} => C:\Program Files\Microsoft OneDrive\23.246.1127.0002\FileSyncShell64.dll [2023-12-19] (Microsoft Corporation -> Microsoft Corporation)
ContextMenuHandlers5: [ FileSyncEx] -> {CB3D0F55-BC2C-4C1A-85ED-23ED75B5106B} => C:\Program Files\Microsoft OneDrive\23.246.1127.0002\FileSyncShell64.dll [2023-12-19] (Microsoft Corporation -> Microsoft Corporation)
ContextMenuHandlers5: [ACE] -> {5E2121EE-0300-11D4-8D3B-444553540000} => C:\WINDOWS\System32\atiacm64.dll [2020-11-05] (Advanced Micro Devices, Inc. -> Advanced Micro Devices, Inc.)
ContextMenuHandlers6: [MBAMShlExt] -> {57CE581A-0CB6-4266-9CA0-19364C90A0B3} => C:\Program Files\Malwarebytes\Anti-Malware\mbshlext.dll [2024-01-24] (Malwarebytes Inc. -> Malwarebytes)
ContextMenuHandlers6: [WinRAR] -> {B41DB860-64E4-11D2-9906-E49FADC173CA} => C:\Program Files\WinRAR\rarext.dll [2021-06-11] (win.rar GmbH -> Alexander Roshal)
ContextMenuHandlers6-x32: [WinRAR32] -> {B41DB860-8EE4-11D2-9906-E49FADC173CA} => C:\Program Files\WinRAR\rarext32.dll [2021-06-11] (win.rar GmbH -> Alexander Roshal)

==================== Codecs (Whitelisted) ====================

==================== Shortcuts & WMI ========================

(The entries could be listed to be restored or removed.)

ShortcutWithArgument: C:\Users\spravce\AppData\Roaming\Microsoft\Internet Explorer\Quick Launch\User Pinned\ImplicitAppShortcuts\53b77523eaecddc1\Osobní - Edge.lnk -> C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe (Microsoft Corporation) -> --profile-directory="Profile 3"

==================== Loaded Modules (Whitelisted) =============

2021-07-29 14:21 - 2018-05-02 14:25 - 000091648 _____ () [File not signed] C:\WINDOWS\system32\BrNetSti.dll
2021-07-29 14:21 - 2005-04-22 12:36 - 000143360 _____ () [File not signed] C:\WINDOWS\system32\BrSNMP64.dll

==================== Alternate Data Streams (Whitelisted) ========

(If an entry is included in the fixlist, only the ADS will be removed.)

AlternateDataStreams: C:\Users\spravce\Desktop\JRT.exe:MBAM.Zone.Identifier [233]
AlternateDataStreams: C:\Users\spravce\Desktop\RogueKiller_setup.exe:MBAM.Zone.Identifier [240]
AlternateDataStreams: C:\Users\spravce\Desktop\Zemana.AntiMalware.Setup.exe:MBAM.Zone.Identifier [145]

==================== Safe Mode (Whitelisted) ==================

(If an entry is included in the fixlist, it will be removed from the registry. The "AlternateShell" will be restored.)

HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\amsdk.sys => ""="Driver"
HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\MBAMService => ""="Service"
HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Network\amsdk.sys => ""="Driver"
HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Network\AppXSVC => ""="Service"
HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Network\camsvc => ""="Service"
HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Network\MBAMService => ""="Service"
HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Network\MSIServer => ""="Service"

==================== Association (Whitelisted) =================

==================== Internet Explorer (Whitelisted) ==========

BHO: Skype for Business Browser Helper -> {31D09BA0-12F5-4CCE-BE8A-2923E76605DA} -> C:\Program Files\Microsoft Office\root\Office16\OCHelper.dll [2024-01-08] (Microsoft Corporation -> Microsoft Corporation)
BHO-x32: Skype for Business Browser Helper -> {31D09BA0-12F5-4CCE-BE8A-2923E76605DA} -> C:\Program Files\Microsoft Office\root\VFS\ProgramFilesX86\Microsoft Office\Office16\OCHelper.dll [2024-01-08] (Microsoft Corporation -> Microsoft Corporation)
Handler: mso-minsb-roaming.16 - {83C25742-A9F7-49FB-9138-434302C88D07} - C:\Program Files\Microsoft Office\root\Office16\MSOSB.DLL [2024-01-08] (Microsoft Corporation -> Microsoft Corporation)
Handler-x32: mso-minsb-roaming.16 - {83C25742-A9F7-49FB-9138-434302C88D07} - C:\Program Files\Microsoft Office\root\VFS\ProgramFilesX86\Microsoft Office\Office16\MSOSB.DLL [2024-01-08] (Microsoft Corporation -> Microsoft Corporation)
Handler: mso-minsb.16 - {42089D2D-912D-4018-9087-2B87803E93FB} - C:\Program Files\Microsoft Office\root\Office16\MSOSB.DLL [2024-01-08] (Microsoft Corporation -> Microsoft Corporation)
Handler-x32: mso-minsb.16 - {42089D2D-912D-4018-9087-2B87803E93FB} - C:\Program Files\Microsoft Office\root\VFS\ProgramFilesX86\Microsoft Office\Office16\MSOSB.DLL [2024-01-08] (Microsoft Corporation -> Microsoft Corporation)
Handler: osf-roaming.16 - {42089D2D-912D-4018-9087-2B87803E93FB} - C:\Program Files\Microsoft Office\root\Office16\MSOSB.DLL [2024-01-08] (Microsoft Corporation -> Microsoft Corporation)
Handler-x32: osf-roaming.16 - {42089D2D-912D-4018-9087-2B87803E93FB} - C:\Program Files\Microsoft Office\root\VFS\ProgramFilesX86\Microsoft Office\Office16\MSOSB.DLL [2024-01-08] (Microsoft Corporation -> Microsoft Corporation)
Handler: osf.16 - {5504BE45-A83B-4808-900A-3A5C36E7F77A} - C:\Program Files\Microsoft Office\root\Office16\MSOSB.DLL [2024-01-08] (Microsoft Corporation -> Microsoft Corporation)
Handler-x32: osf.16 - {5504BE45-A83B-4808-900A-3A5C36E7F77A} - C:\Program Files\Microsoft Office\root\VFS\ProgramFilesX86\Microsoft Office\Office16\MSOSB.DLL [2024-01-08] (Microsoft Corporation -> Microsoft Corporation)

(If an entry is included in the fixlist, it will be removed from the registry.)

IE trusted site: HKU\S-1-5-21-3232083344-1562268770-1372096952-1001\...\sharepoint.com -> hxxps://bulligo-files.sharepoint.com

==================== Hosts content: =========================

(If needed Hosts: directive could be included in the fixlist to reset Hosts.)

2019-12-07 10:14 - 2019-12-07 10:12 - 000000824 _____ C:\WINDOWS\system32\drivers\etc\hosts

==================== Other Areas ===========================

(Currently there is no automatic fix for this section.)

HKU\S-1-5-21-3232083344-1562268770-1372096952-1001\Control Panel\Desktop\\Wallpaper -> C:\Users\spravce\AppData\Roaming\Microsoft\Windows\Themes\TranscodedWallpaper
DNS Servers: 10.0.0.138
HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Policies\System => (ConsentPromptBehaviorAdmin: 5) (ConsentPromptBehaviorUser: 3) (EnableLUA: 1)
HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer => (SmartScreenEnabled: Off)
HKU\S-1-5-21-3232083344-1562268770-1372096952-1001\SOFTWARE\Microsoft\Windows\CurrentVersion\AppHost => (EnableWebContentEvaluation: 0)
Windows Firewall is disabled.

==================== MSCONFIG/TASK MANAGER disabled items ==

(If an entry is included in the fixlist, it will be removed.)

HKLM\...\StartupApproved\Run: => "PDF24"
HKLM\...\StartupApproved\Run32: => "ControlCenter4"
HKLM\...\StartupApproved\Run32: => "BrStsMon00"
HKU\S-1-5-21-3232083344-1562268770-1372096952-1001\...\StartupApproved\StartupFolder: => "Poslat do aplikace OneNote.lnk"
HKU\S-1-5-21-3232083344-1562268770-1372096952-1001\...\StartupApproved\Run: => "Steam"
HKU\S-1-5-21-3232083344-1562268770-1372096952-1001\...\StartupApproved\Run: => "MicrosoftEdgeAutoLaunch_26EA512E69002564B2EC02BC93D62E84"
HKU\S-1-5-21-3232083344-1562268770-1372096952-1001\...\StartupApproved\Run: => "CCleaner Smart Cleaning"

==================== FirewallRules (Whitelisted) ================

(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)

FirewallRules: [UDP Query User{66629CB3-3181-4AE8-A9ED-CA2EE5D545C3}C:\program files\vuze\azureus.exe] => (Allow) C:\program files\vuze\azureus.exe (Azureus Software, Inc. -> Azureus Software, Inc)
FirewallRules: [TCP Query User{C13180A9-3598-46BF-BCA7-F601F6950B43}C:\program files\vuze\azureus.exe] => (Allow) C:\program files\vuze\azureus.exe (Azureus Software, Inc. -> Azureus Software, Inc)
FirewallRules: [UDP Query User{841AF501-AA5A-47A0-B134-18B7ADED0D15}C:\program files (x86)\microsoft\edge\application\msedge.exe] => (Block) C:\program files (x86)\microsoft\edge\application\msedge.exe (Microsoft Corporation -> Microsoft Corporation)
FirewallRules: [TCP Query User{9D52739B-D0B7-4FAB-A826-B0C06BD69030}C:\program files (x86)\microsoft\edge\application\msedge.exe] => (Block) C:\program files (x86)\microsoft\edge\application\msedge.exe (Microsoft Corporation -> Microsoft Corporation)
FirewallRules: [UDP Query User{A18F336B-729F-49CA-9A7A-3797AFDCCB55}C:\users\spravce\appdata\local\microsoft\teams\current\teams.exe] => (Allow) C:\users\spravce\appdata\local\microsoft\teams\current\teams.exe (Microsoft Corporation -> Microsoft Corporation)
FirewallRules: [TCP Query User{48BAAB22-BECB-4B10-AD3B-69344D04FBA0}C:\users\spravce\appdata\local\microsoft\teams\current\teams.exe] => (Allow) C:\users\spravce\appdata\local\microsoft\teams\current\teams.exe (Microsoft Corporation -> Microsoft Corporation)
FirewallRules: [{FC9BEF2E-7ACA-4BB5-AD02-BE21BF0DF655}] => (Allow) C:\Program Files (x86)\Steam\steam.exe (Valve Corp. -> Valve Corporation)
FirewallRules: [{DE5F2713-F16F-45A6-B015-9E13BF664552}] => (Allow) C:\Program Files (x86)\Steam\steam.exe (Valve Corp. -> Valve Corporation)
FirewallRules: [{DCEA0E9E-AD0A-440C-B9C2-B280F4305E57}] => (Allow) C:\Program Files (x86)\Steam\bin\cef\cef.win7x64\steamwebhelper.exe (Valve Corp. -> Valve Corporation)
FirewallRules: [{CC532739-B54C-4BE5-BA02-81F7DF021109}] => (Allow) C:\Program Files (x86)\Steam\bin\cef\cef.win7x64\steamwebhelper.exe (Valve Corp. -> Valve Corporation)
FirewallRules: [TCP Query User{471A487A-AFAD-41EA-B1FD-64440F3858E0}C:\games\total war - shogun 2\shogun2.exe] => (Allow) C:\games\total war - shogun 2\shogun2.exe => No File
FirewallRules: [UDP Query User{D95336F7-E88F-4B49-B44A-13708CC01AB5}C:\games\total war - shogun 2\shogun2.exe] => (Allow) C:\games\total war - shogun 2\shogun2.exe => No File
FirewallRules: [{4FADB629-2898-4D03-BEA6-C1BA5AF964D9}] => (Allow) C:\Program Files\Microsoft Office\root\Office16\outlook.exe (Microsoft Corporation -> Microsoft Corporation)
FirewallRules: [{898260E0-F9A8-42CB-A5A4-F10346BCD091}] => (Allow) C:\Program Files\Microsoft Office\root\Office16\Lync.exe (Microsoft Corporation -> Microsoft Corporation)
FirewallRules: [{2F09980C-125E-4CD0-8D5E-9CE1A6CCFF17}] => (Allow) C:\Program Files\Microsoft Office\root\Office16\Lync.exe (Microsoft Corporation -> Microsoft Corporation)
FirewallRules: [{6BF9B663-C9A9-434F-AA22-1DCAE81FD0DC}] => (Allow) C:\Program Files\Microsoft Office\root\Office16\UcMapi.exe (Microsoft Corporation -> Microsoft Corporation)
FirewallRules: [{E1D45859-CCEB-4903-BB20-61E9BF18E850}] => (Allow) C:\Program Files\Microsoft Office\root\Office16\UcMapi.exe (Microsoft Corporation -> Microsoft Corporation)
FirewallRules: [TCP Query User{2D3E27F1-2C9D-4229-B93C-FA63EF084FCD}C:\games\sp football life 2024\fl_2024.exe] => (Allow) C:\games\sp football life 2024\fl_2024.exe (SP) [File not signed]
FirewallRules: [UDP Query User{81CA64E4-053D-4F70-A4B1-7C3BC782F088}C:\games\sp football life 2024\fl_2024.exe] => (Allow) C:\games\sp football life 2024\fl_2024.exe (SP) [File not signed]
FirewallRules: [{C778680E-D3A9-47D9-A1C6-4F282CF60E32}] => (Allow) C:\Program Files\WindowsApps\MSTeams_23285.3607.2525.937_x64__8wekyb3d8bbwe\ms-teams.exe (Microsoft Corporation -> Microsoft Corporation)
FirewallRules: [{1FD13785-479D-498F-9A96-D6463A0A9634}] => (Allow) C:\Program Files\WindowsApps\MSTeams_23285.3607.2525.937_x64__8wekyb3d8bbwe\ms-teams.exe (Microsoft Corporation -> Microsoft Corporation)
FirewallRules: [{47DB8A0F-0FEE-406F-AE8A-497D2E2E8F7A}] => (Allow) C:\Program Files\WindowsApps\MicrosoftTeams_23306.3316.2574.4550_x64__8wekyb3d8bbwe\msteams.exe (Microsoft Corporation -> Microsoft Corporation)
FirewallRules: [{716E9DB8-EBF1-4CBC-AEB0-D0244D5D6B40}] => (Allow) C:\Program Files\WindowsApps\MicrosoftTeams_23306.3316.2574.4550_x64__8wekyb3d8bbwe\msteams.exe (Microsoft Corporation -> Microsoft Corporation)
FirewallRules: [{C0A3B5C7-C2E3-45FD-BAB5-9ED54012975A}] => (Allow) C:\Program Files\WindowsApps\Microsoft.SkypeApp_15.110.3218.0_x64__kzf8qxf38zg5c\Skype\Skype.exe (Skype Software Sarl -> Skype Technologies S.A.)
FirewallRules: [{61570879-7DE5-4F09-A6ED-4FC0A33103E5}] => (Allow) C:\Program Files\WindowsApps\Microsoft.SkypeApp_15.110.3218.0_x64__kzf8qxf38zg5c\Skype\Skype.exe (Skype Software Sarl -> Skype Technologies S.A.)
FirewallRules: [{CFF2D435-DC88-49EA-A6DB-9E44EBD4BE4F}] => (Allow) C:\Program Files\WindowsApps\Microsoft.SkypeApp_15.110.3218.0_x64__kzf8qxf38zg5c\Skype\Skype.exe (Skype Software Sarl -> Skype Technologies S.A.)
FirewallRules: [{AEEBD779-F3C2-4222-9211-B7BE7B578FB1}] => (Allow) C:\Program Files\WindowsApps\Microsoft.SkypeApp_15.110.3218.0_x64__kzf8qxf38zg5c\Skype\Skype.exe (Skype Software Sarl -> Skype Technologies S.A.)
FirewallRules: [{6FD879DE-1D8A-433C-B68C-EDBFA2CCBF8A}] => (Allow) C:\Program Files\Google\Chrome\Application\chrome.exe (Google LLC -> Google LLC)
FirewallRules: [{5E023DAC-44E0-4422-B210-D53D955B50EF}] => (Allow) C:\Program Files (x86)\Microsoft\EdgeWebView\Application\120.0.2210.144\msedgewebview2.exe (Microsoft Corporation -> Microsoft Corporation)
FirewallRules: [{3C3B70D3-CCE2-4370-9EC2-F424F774B3CB}] => (Allow) C:\Program Files\WindowsApps\SpotifyAB.SpotifyMusic_1.229.605.0_x64__zpdnekdrzrea0\Spotify.exe (453637B3-4E12-4CDF-B0D3-2A3C863BF6EF -> Spotify Ltd)
FirewallRules: [{24AAD935-BFA4-4DD5-8C84-2CCAD47A050F}] => (Allow) C:\Program Files\WindowsApps\SpotifyAB.SpotifyMusic_1.229.605.0_x64__zpdnekdrzrea0\Spotify.exe (453637B3-4E12-4CDF-B0D3-2A3C863BF6EF -> Spotify Ltd)
FirewallRules: [{76EF9D46-7FCA-44DC-9EE8-DCE7A7238178}] => (Allow) C:\Program Files\WindowsApps\SpotifyAB.SpotifyMusic_1.229.605.0_x64__zpdnekdrzrea0\Spotify.exe (453637B3-4E12-4CDF-B0D3-2A3C863BF6EF -> Spotify Ltd)
FirewallRules: [{33BD85B1-7368-4C9B-8546-0D988767E271}] => (Allow) C:\Program Files\WindowsApps\SpotifyAB.SpotifyMusic_1.229.605.0_x64__zpdnekdrzrea0\Spotify.exe (453637B3-4E12-4CDF-B0D3-2A3C863BF6EF -> Spotify Ltd)
FirewallRules: [{4B1B88ED-C258-463B-ABA7-02685354299A}] => (Allow) C:\Program Files\WindowsApps\SpotifyAB.SpotifyMusic_1.229.605.0_x64__zpdnekdrzrea0\Spotify.exe (453637B3-4E12-4CDF-B0D3-2A3C863BF6EF -> Spotify Ltd)
FirewallRules: [{7CD9BB68-A095-4AA9-B698-5AAB8AF2D80D}] => (Allow) C:\Program Files\WindowsApps\SpotifyAB.SpotifyMusic_1.229.605.0_x64__zpdnekdrzrea0\Spotify.exe (453637B3-4E12-4CDF-B0D3-2A3C863BF6EF -> Spotify Ltd)
FirewallRules: [{EFA4056C-9DAE-4648-83DA-FCAB6BD47818}] => (Allow) C:\Program Files\WindowsApps\SpotifyAB.SpotifyMusic_1.229.605.0_x64__zpdnekdrzrea0\Spotify.exe (453637B3-4E12-4CDF-B0D3-2A3C863BF6EF -> Spotify Ltd)
FirewallRules: [{2ABD16A4-73D8-4FB0-A33C-7BA488E47053}] => (Allow) C:\Program Files\WindowsApps\SpotifyAB.SpotifyMusic_1.229.605.0_x64__zpdnekdrzrea0\Spotify.exe (453637B3-4E12-4CDF-B0D3-2A3C863BF6EF -> Spotify Ltd)
FirewallRules: [{8A9DF0E6-ED77-4B28-BFC5-372E2D835546}] => (Allow) C:\Program Files\WindowsApps\SpotifyAB.SpotifyMusic_1.229.605.0_x64__zpdnekdrzrea0\Spotify.exe (453637B3-4E12-4CDF-B0D3-2A3C863BF6EF -> Spotify Ltd)
FirewallRules: [{42821397-255B-4034-9466-1F37462509E8}] => (Allow) C:\Program Files\WindowsApps\SpotifyAB.SpotifyMusic_1.229.605.0_x64__zpdnekdrzrea0\Spotify.exe (453637B3-4E12-4CDF-B0D3-2A3C863BF6EF -> Spotify Ltd)
FirewallRules: [{1FFAAE12-5E1F-4925-8A9A-4D5D4F08E3B0}] => (Allow) C:\Games\SP Football Life 2024\FL 2024 start.exe () [File not signed]
FirewallRules: [{9D7345E7-0D4F-469E-B52E-C6F33753E7E9}] => (Allow) C:\Games\SP Football Life 2024\FL 2024 start.exe () [File not signed]
FirewallRules: [{DC336516-8EC6-4E2D-AEC5-985A1052B696}] => (Allow) C:\Games\SP Football Life 2024\FL 2024 start.exe () [File not signed]
FirewallRules: [{09111C9E-95C1-4E65-9B39-A8EB3A7695C4}] => (Allow) C:\Games\SP Football Life 2024\FL 2024 start.exe () [File not signed]

==================== Restore Points =========================

18-01-2024 11:58:16 Windows Update
18-01-2024 11:58:16 Windows Update
22-01-2024 11:41:44 Windows Update
22-01-2024 11:41:47 Windows Update
24-01-2024 17:13:19 JRT Pre-Junkware Removal

==================== Faulty Device Manager Devices ============


==================== Event log errors: ========================

Application errors:
==================
Error: (01/25/2024 12:23:41 AM) (Source: Application Error) (EventID: 1000) (User: NT AUTHORITY)
Description: Název chybující aplikace: MBAMService.exe, verze: 3.2.0.1269, časové razítko: 0x657105c6
Název chybujícího modulu: mbae-api-na.dll_unloaded, verze: 1.13.4.568, časové razítko: 0x657cb4e0
Kód výjimky: 0xc0000005
Posun chyby: 0x0000000000038b62
ID chybujícího procesu: 0x0x1650
Čas spuštění chybující aplikace: 0x0x1da4f1c4008e3a2
Cesta k chybující aplikaci: C:\Program Files\Malwarebytes\Anti-Malware\MBAMService.exe
Cesta k chybujícímu modulu: mbae-api-na.dll
ID zprávy: 75396758-c1b7-4c63-8107-4417ff56aad3
Úplný název chybujícího balíčku:
ID aplikace související s chybujícím balíčkem:

Error: (01/24/2024 11:40:59 PM) (Source: Application Error) (EventID: 1000) (User: NT AUTHORITY)
Description: Název chybující aplikace: SecurityHealthService.exe, verze: 10.0.22621.2506, časové razítko: 0x87033e73
Název chybujícího modulu: ntdll.dll, verze: 10.0.22621.2506, časové razítko: 0xbced4b82
Kód výjimky: 0xc0000005
Posun chyby: 0x0000000000033aca
ID chybujícího procesu: 0x0x226c
Čas spuštění chybující aplikace: 0x0x1da4f16626ef168
Cesta k chybující aplikaci: C:\WINDOWS\system32\SecurityHealthService.exe
Cesta k chybujícímu modulu: C:\WINDOWS\SYSTEM32\ntdll.dll
ID zprávy: 5fb426d8-a356-4fff-bdef-1f3b0d95e25a
Úplný název chybujícího balíčku:
ID aplikace související s chybujícím balíčkem:

Error: (01/24/2024 11:40:47 PM) (Source: CertEnroll) (EventID: 86) (User: NT AUTHORITY)
Description: Inicializace registrace certifikátu SCEP pro WORKGROUP\DESKTOP-S3P3PFR$ přes https://AMD-KeyId-52fb59e29aa83a962fb9e ... s/Aik/scep se nepovedla:

GetCACaps
GetCACaps: Not Found
{"Message":"The authority \"amd-keyid-52fb59e29aa83a962fb9eef0fe5b4811de6b751e.microsoftaik.azure.net\" does not exist."}
HTTP/1.1 404 Not Found
Date: Wed, 24 Jan 2024 22:40:50 GMT
Content-Length: 121
Content-Type: application/json; charset=utf-8
X-Content-Type-Options: nosniff
Strict-Transport-Security: max-age=31536000;includeSubDomains
x-ms-request-id: 5cddbc50-02a2-4bac-954a-e44268bca746

Metoda: GET(375ms)
Fáze: GetCACaps
Nenalezeno (404) 0x80190194 (-2145844844 HTTP_E_STATUS_NOT_FOUND)

Error: (01/24/2024 06:24:45 PM) (Source: CertEnroll) (EventID: 86) (User: NT AUTHORITY)
Description: Inicializace registrace certifikátu SCEP pro WORKGROUP\DESKTOP-S3P3PFR$ přes https://AMD-KeyId-52fb59e29aa83a962fb9e ... s/Aik/scep se nepovedla:

GetCACaps
GetCACaps: Not Found
{"Message":"The authority \"amd-keyid-52fb59e29aa83a962fb9eef0fe5b4811de6b751e.microsoftaik.azure.net\" does not exist."}
HTTP/1.1 404 Not Found
Date: Wed, 24 Jan 2024 17:24:46 GMT
Content-Length: 121
Content-Type: application/json; charset=utf-8
X-Content-Type-Options: nosniff
Strict-Transport-Security: max-age=31536000;includeSubDomains
x-ms-request-id: 806a90dd-3714-43ab-b656-b35f7badd2d8

Metoda: GET(329ms)
Fáze: GetCACaps
Nenalezeno (404) 0x80190194 (-2145844844 HTTP_E_STATUS_NOT_FOUND)

Error: (01/24/2024 11:28:02 AM) (Source: CertEnroll) (EventID: 86) (User: NT AUTHORITY)
Description: Inicializace registrace certifikátu SCEP pro WORKGROUP\DESKTOP-S3P3PFR$ přes https://AMD-KeyId-52fb59e29aa83a962fb9e ... s/Aik/scep se nepovedla:

GetCACaps
GetCACaps: Not Found
{"Message":"The authority \"amd-keyid-52fb59e29aa83a962fb9eef0fe5b4811de6b751e.microsoftaik.azure.net\" does not exist."}
HTTP/1.1 404 Not Found
Date: Wed, 24 Jan 2024 10:28:03 GMT
Content-Length: 121
Content-Type: application/json; charset=utf-8
X-Content-Type-Options: nosniff
Strict-Transport-Security: max-age=31536000;includeSubDomains
x-ms-request-id: f5cbc87a-d75c-4f71-94d9-b63566271962

Metoda: GET(484ms)
Fáze: GetCACaps
Nenalezeno (404) 0x80190194 (-2145844844 HTTP_E_STATUS_NOT_FOUND)

Error: (01/24/2024 11:27:26 AM) (Source: VSS) (EventID: 13) (User: )
Description: Informace služby Stínová kopie svazku: Server COM s identifikátorem CLSID {4e14fba2-2e22-11d1-9964-00c04fbbb345} a názvem CEventSystem nelze spustit. [0x8007045b, Probíhá vypnutí systému.]

Error: (01/24/2024 08:24:57 AM) (Source: CertEnroll) (EventID: 86) (User: NT AUTHORITY)
Description: Inicializace registrace certifikátu SCEP pro WORKGROUP\DESKTOP-S3P3PFR$ přes https://AMD-KeyId-52fb59e29aa83a962fb9e ... s/Aik/scep se nepovedla:

GetCACaps
GetCACaps: Not Found
{"Message":"The authority \"amd-keyid-52fb59e29aa83a962fb9eef0fe5b4811de6b751e.microsoftaik.azure.net\" does not exist."}
HTTP/1.1 404 Not Found
Date: Wed, 24 Jan 2024 07:25:00 GMT
Content-Length: 121
Content-Type: application/json; charset=utf-8
X-Content-Type-Options: nosniff
Strict-Transport-Security: max-age=31536000;includeSubDomains
x-ms-request-id: 9aca5aec-965c-4846-bce8-f16550b64dfb

Metoda: GET(328ms)
Fáze: GetCACaps
Nenalezeno (404) 0x80190194 (-2145844844 HTTP_E_STATUS_NOT_FOUND)

Error: (01/23/2024 09:56:27 PM) (Source: CertEnroll) (EventID: 86) (User: NT AUTHORITY)
Description: Inicializace registrace certifikátu SCEP pro WORKGROUP\DESKTOP-S3P3PFR$ přes https://AMD-KeyId-52fb59e29aa83a962fb9e ... s/Aik/scep se nepovedla:

GetCACaps
GetCACaps: Not Found
{"Message":"The authority \"amd-keyid-52fb59e29aa83a962fb9eef0fe5b4811de6b751e.microsoftaik.azure.net\" does not exist."}
HTTP/1.1 404 Not Found
Date: Tue, 23 Jan 2024 20:56:29 GMT
Content-Length: 121
Content-Type: application/json; charset=utf-8
X-Content-Type-Options: nosniff
Strict-Transport-Security: max-age=31536000;includeSubDomains
x-ms-request-id: dfa987e7-7bc6-4f25-9107-4c9ffee1ff6a

Metoda: GET(407ms)
Fáze: GetCACaps
Nenalezeno (404) 0x80190194 (-2145844844 HTTP_E_STATUS_NOT_FOUND)


System errors:
=============
Error: (01/26/2024 06:37:41 PM) (Source: DCOM) (EventID: 10010) (User: DESKTOP-S3P3PFR)
Description: Server {8CFC164F-4BE5-4FDD-94E9-E2AF73ED4A19} se v daném časovém limitu neregistroval u služby DCOM.

Error: (01/25/2024 01:02:31 AM) (Source: DCOM) (EventID: 10010) (User: DESKTOP-S3P3PFR)
Description: Server {8CFC164F-4BE5-4FDD-94E9-E2AF73ED4A19} se v daném časovém limitu neregistroval u služby DCOM.

Error: (01/24/2024 11:42:27 PM) (Source: DCOM) (EventID: 10010) (User: DESKTOP-S3P3PFR)
Description: Server {8CFC164F-4BE5-4FDD-94E9-E2AF73ED4A19} se v daném časovém limitu neregistroval u služby DCOM.

Error: (01/24/2024 11:40:38 PM) (Source: EventLog) (EventID: 6008) (User: )
Description: Předchozí vypnutí systému (21:04:34, ‎24.‎01.‎2024) bylo neočekávané.

Error: (01/24/2024 11:40:25 PM) (Source: Microsoft-Windows-Kernel-Boot) (EventID: 29) (User: NT AUTHORITY)
Description: 3221225684A fatal error occurred processing the restoration data.

Error: (01/24/2024 05:34:57 PM) (Source: DCOM) (EventID: 10010) (User: DESKTOP-S3P3PFR)
Description: Server {8CFC164F-4BE5-4FDD-94E9-E2AF73ED4A19} se v daném časovém limitu neregistroval u služby DCOM.

Error: (01/24/2024 05:13:30 PM) (Source: Service Control Manager) (EventID: 7031) (User: )
Description: Služba Realtek Audio Universal Service byla nečekaně ukončena. Stalo se to 1 krát. Následující opravná akce bude spuštěna za 0 milisekund: Restartovat službu.

Error: (01/24/2024 11:29:42 AM) (Source: DCOM) (EventID: 10010) (User: DESKTOP-S3P3PFR)
Description: Server {8CFC164F-4BE5-4FDD-94E9-E2AF73ED4A19} se v daném časovém limitu neregistroval u služby DCOM.


Windows Defender:
================
Date: 2024-01-24 08:56:30
Description:
Antivirová ochrana v programu Microsoft Defender zjistil malware nebo jiný potenciálně nežádoucí software.
Další informace:
https://go.microsoft.com/fwlink/?linkid ... terprise=0
Název: Trojan:Win32/Malgent!MSR
Závažnost: Vážné
Kategorie: Trojský kůň
Cesta: file:_C:\Games\SP Football Life 2024\FL 2024 start.exe; file:_C:\Users\spravce\Desktop\SP Football Life 2024.lnk
Původ detekce: Místní počítač
Typ detekce: Konkrétní
Zdroj detekce: Systém
Uživatel: NT AUTHORITY\SYSTEM
Název procesu: Unknown
Verze bezpečnostních informací: AV: 1.403.2612.0, AS: 1.403.2612.0, NIS: 1.403.2612.0
Verze modulu: AM: 1.1.23110.2, NIS: 1.1.23110.2

Date: 2024-01-23 14:51:15
Description:
Antivirová ochrana v programu Microsoft Defender zjistil malware nebo jiný potenciálně nežádoucí software.
Další informace:
https://go.microsoft.com/fwlink/?linkid ... terprise=0
Název: Trojan:Win32/Malgent
Závažnost: Vážné
Kategorie: Trojský kůň
Cesta: file:_C:\Games\SP Football Life 2024\FL_2024 U.exe
Původ detekce: Místní počítač
Typ detekce: FastPath
Zdroj detekce: Ochrana v reálném čase
Uživatel: DESKTOP-S3P3PFR\spravce
Název procesu: C:\Windows\explorer.exe
Verze bezpečnostních informací: AV: 1.403.2565.0, AS: 1.403.2565.0, NIS: 1.403.2565.0
Verze modulu: AM: 1.1.23110.2, NIS: 1.1.23110.2

Date: 2024-01-23 14:51:01
Description:
Antivirová ochrana v programu Microsoft Defender zjistil malware nebo jiný potenciálně nežádoucí software.
Další informace:
https://go.microsoft.com/fwlink/?linkid ... terprise=0
Název: Trojan:Win32/Malgent
Závažnost: Vážné
Kategorie: Trojský kůň
Cesta: file:_C:\Games\SP Football Life 2024\FL_2024 U.exe
Původ detekce: Místní počítač
Typ detekce: FastPath
Zdroj detekce: Ochrana v reálném čase
Uživatel: DESKTOP-S3P3PFR\spravce
Název procesu: C:\Windows\explorer.exe
Verze bezpečnostních informací: AV: 1.403.2565.0, AS: 1.403.2565.0, NIS: 1.403.2565.0
Verze modulu: AM: 1.1.23110.2, NIS: 1.1.23110.2

Date: 2024-01-23 14:50:54
Description:
Antivirová ochrana v programu Microsoft Defender zjistil malware nebo jiný potenciálně nežádoucí software.
Další informace:
https://go.microsoft.com/fwlink/?linkid ... terprise=0
Název: Trojan:Win32/Malgent
Závažnost: Vážné
Kategorie: Trojský kůň
Cesta: file:_C:\Games\SP Football Life 2024\FL_2024 U.exe
Původ detekce: Místní počítač
Typ detekce: FastPath
Zdroj detekce: Ochrana v reálném čase
Uživatel: DESKTOP-S3P3PFR\spravce
Název procesu: C:\Windows\explorer.exe
Verze bezpečnostních informací: AV: 1.403.2565.0, AS: 1.403.2565.0, NIS: 1.403.2565.0
Verze modulu: AM: 1.1.23110.2, NIS: 1.1.23110.2

Date: 2024-01-23 10:25:25
Description:
Antivirová ochrana v programu Microsoft Defender zjistil malware nebo jiný potenciálně nežádoucí software.
Další informace:
https://go.microsoft.com/fwlink/?linkid ... terprise=0
Název: Trojan:Win32/Malgent!MSR
Závažnost: Vážné
Kategorie: Trojský kůň
Cesta: file:_C:\Games\SP Football Life 2024\FL 2024 start.exe; file:_C:\Users\spravce\Desktop\SP Football Life 2024.lnk
Původ detekce: Místní počítač
Typ detekce: Konkrétní
Zdroj detekce: Systém
Uživatel: NT AUTHORITY\SYSTEM
Název procesu: Unknown
Verze bezpečnostních informací: AV: 1.403.2557.0, AS: 1.403.2557.0, NIS: 1.403.2557.0
Verze modulu: AM: 1.1.23110.2, NIS: 1.1.23110.2
Event[0]

Date: 2023-12-27 22:25:13
Description:
Funkce Ochrana v reálném čase u prohledávání Antivirová ochrana v programu Microsoft Defender zjistila chybu a došlo k jejímu selhání.
Funkce: Při přístupu
Kód chyby: 0x8007043c
Popis chyby: Tuto službu nelze spustit v nouzovém režimu.
Důvod: Antimalwarové bezpečnostní informace přestaly z neznámých důvodů fungovat. V některých případech se tento problém dá vyřešit restartováním služby.

Date: 2023-12-27 21:58:23
Description:
Funkce Ochrana v reálném čase u prohledávání Antivirová ochrana v programu Microsoft Defender zjistila chybu a došlo k jejímu selhání.
Funkce: Při přístupu
Kód chyby: 0x8007043c
Popis chyby: Tuto službu nelze spustit v nouzovém režimu.
Důvod: Antimalwarové bezpečnostní informace přestaly z neznámých důvodů fungovat. V některých případech se tento problém dá vyřešit restartováním služby.

Date: 2023-12-27 21:48:10
Description:
Funkce Ochrana v reálném čase u prohledávání Antivirová ochrana v programu Microsoft Defender zjistila chybu a došlo k jejímu selhání.
Funkce: Při přístupu
Kód chyby: 0x8007043c
Popis chyby: Tuto službu nelze spustit v nouzovém režimu.
Důvod: Antimalwarové bezpečnostní informace přestaly z neznámých důvodů fungovat. V některých případech se tento problém dá vyřešit restartováním služby.

Date: 2023-10-17 01:09:42
Description:
Antivirová ochrana v programu Microsoft Defender narazil na chybu při pokusu o aktualizaci bezpečnostních informací.
Nová verze bezpečnostních informací:
Předchozí verze bezpečnostních informací: 1.399.774.0
Zdroj aktualizace: Server Microsoft Update
Typ bezpečnostních informací: Antivirový program
Typ aktualizace: Úplné
Uživatel: NT AUTHORITY\SYSTEM
Aktuální verze modulu:
Předchozí verze modulu: 1.1.23090.2007
Kód chyby: 0x80240438
Popis chyby: Při zjišťování aktualizací došlo k neočekávaným potížím. Informace o instalaci nebo řešení potíží s aktualizacemi naleznete v nápovědě a podpoře.

Date: 2023-08-12 15:39:40
Description:
Antivirová ochrana v programu Microsoft Defender narazil na chybu při pokusu o aktualizaci bezpečnostních informací a pokusí se o obnovení na předchozí verzi.
Bezpečnostní informace, které se měly načíst: Aktuální
Kód chyby: 0x80501102
Popis chyby: Došlo k neočekávaným potížím. Nainstalujte všechny dostupné aktualizace a potom opakujte spuštění programu. Informace o instalaci aktualizací naleznete v nápovědě a podpoře.
Verze bezpečnostních informací: 1.395.257.0;1.395.257.0
Verze modulu: 1.1.23070.1005

CodeIntegrity:
===============
Date: 2024-01-25 00:24:00
Description:
Code Integrity determined that a process (System) attempted to load \Device\HarddiskVolume3\Windows\System32\drivers\amsdk.sys that is not compatible with hypervisor enforcement. Failure bitmap 0x8. Status 0xC000004E.

Date: 2024-01-25 00:23:43
Description:
Code Integrity is unable to verify the image integrity of the file \Device\HarddiskVolume3\Windows\System32\fcon.dll because the set of per-page image hashes could not be found on the system.


==================== Memory info ===========================

BIOS: INSYDE Corp. V1.05 05/19/2021
Motherboard: LN Calla_LC
Processor: AMD Ryzen 5 5500U with Radeon Graphics
Percentage of memory in use: 31%
Total physical RAM: 15722.31 MB
Available physical RAM: 10793.67 MB
Total Virtual: 16746.31 MB
Available Virtual: 10043.18 MB

==================== Drives ================================

Drive c: () (Fixed) (Total:475.2 GB) (Free:135.71 GB) (Model: Micron_2210_MTFDHBA512QFD) NTFS

\\?\Volume{b27d02fe-93a3-45c7-a1f1-87ebdf9f1da4}\ () (Fixed) (Total:0.62 GB) (Free:0.08 GB) NTFS
\\?\Volume{be616844-feec-4606-9ba1-cc5cd81fa4f3}\ (Recovery) (Fixed) (Total:1 GB) (Free:0.54 GB) NTFS
\\?\Volume{19af7802-5b54-4ef9-8fcc-f455c9a02e92}\ () (Fixed) (Total:0.09 GB) (Free:0.07 GB) FAT32

==================== MBR & Partition Table ====================

==========================================================
Disk: 0 (Size: 476.9 GB) (Disk ID: 14A75799)

Partition: GPT.

==================== End of Addition.txt =======================

[c.johnson]

Scan result of Farbar Recovery Scan Tool (FRST) (x64) Version: 25.01.2024
Ran by spravce (administrator) on DESKTOP-S3P3PFR (Acer Aspire A515-45G) (26-01-2024 18:44:11)
Running from C:\Users\spravce\Desktop\FRST64.exe
Loaded Profiles: spravce
Platform: Microsoft Windows 11 Home Version 22H2 22621.3007 (X64) Language: Čeština (Česko)
Default browser: Chrome
Boot Mode: Normal

==================== Processes (Whitelisted) =================

(If an entry is included in the fixlist, the process will be closed. The file will not be moved.)

(Advanced Micro Devices Inc. -> Advanced Micro Devices, Inc.) C:\Program Files\AMD\CNext\CNext\RadeonSoftware.exe
(C:\Program Files\AMD\CNext\CNext\AMDRSServ.exe ->) (Advanced Micro Devices Inc. -> Advanced Micro Devices, Inc.) C:\Program Files\AMD\CNext\CNext\AMDRSSrcExt.exe
(C:\Program Files\AMD\CNext\CNext\RadeonSoftware.exe ->) (Advanced Micro Devices Inc. -> Advanced Micro Devices, Inc.) C:\Program Files\AMD\CNext\CNext\cncmd.exe
(cmd.exe ->) (Advanced Micro Devices Inc. -> Advanced Micro Devices, Inc.) C:\Program Files\AMD\CNext\CNext\AMDRSServ.exe
(DriverStore\FileRepository\u0395510.inf_amd64_266bc083bb7590df\B395348\atiesrxx.exe ->) (Advanced Micro Devices Inc. -> AMD) C:\Windows\System32\DriverStore\FileRepository\u0395510.inf_amd64_266bc083bb7590df\B395348\atieclxx.exe
(Google LLC -> Google LLC) C:\Program Files (x86)\Google\Update\1.3.36.352\GoogleCrashHandler.exe
(Google LLC -> Google LLC) C:\Program Files (x86)\Google\Update\1.3.36.352\GoogleCrashHandler64.exe
(Microsoft Corporation -> Microsoft Corporation) C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe <10>
(Microsoft Windows -> Microsoft Corporation) C:\Windows\System32\cmd.exe
(services.exe ->) (Adobe Inc. -> Adobe Inc.) C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\armsvc.exe
(services.exe ->) (Advanced Micro Devices Inc. -> AMD) C:\Windows\System32\DriverStore\FileRepository\u0395510.inf_amd64_266bc083bb7590df\B395348\atiesrxx.exe
(services.exe ->) (ELAN MICROELECTRONICS CORPORATION -> ELAN Microelectronics Corp.) C:\Windows\System32\ELANFPService.exe
(services.exe ->) (geek software GmbH -> geek software GmbH) C:\Program Files\PDF24\pdf24.exe
(services.exe ->) (Microsoft Corporation -> Microsoft Corporation) C:\Program Files\Common Files\microsoft shared\ClickToRun\OfficeClickToRun.exe
(services.exe ->) (Microsoft Windows Hardware Compatibility Publisher -> Advanced Micro Devices, Inc.) C:\Windows\System32\amdfendrsr.exe
(services.exe ->) (Microsoft Windows Publisher -> Microsoft Corporation) C:\ProgramData\Microsoft\Windows Defender\Platform\4.18.23110.3-0\MsMpEng.exe
(services.exe ->) (Realtek Semiconductor Corp. -> Realtek Semiconductor) C:\Windows\System32\DriverStore\FileRepository\realtekservice.inf_amd64_aadd853bf8841644\RtkAudUService64.exe <2>
(svchost.exe ->) (24803D75-212C-471A-BC57-9EF86AB91435 -> ) C:\Program Files\WindowsApps\5319275A.WhatsAppDesktop_2.2401.3.0_x64__cv1g1gvanyjgm\WhatsApp.exe
(svchost.exe ->) (453637B3-4E12-4CDF-B0D3-2A3C863BF6EF -> ) C:\Program Files\WindowsApps\SpotifyAB.SpotifyMusic_1.229.605.0_x64__zpdnekdrzrea0\XboxGameBarSpotify.exe
(svchost.exe ->) (Advanced Micro Devices Inc. -> Advanced Micro Devices, Inc.) C:\Program Files\AMD\CNext\CNext\CPUMetricsServer.exe
(svchost.exe ->) (Google LLC -> Google LLC) C:\Program Files (x86)\Google\Update\GoogleUpdate.exe
(svchost.exe ->) (Microsoft Corporation -> Microsoft Corporation) C:\Program Files (x86)\Microsoft\EdgeUpdate\MicrosoftEdgeUpdate.exe
(svchost.exe ->) (Microsoft Corporation -> Microsoft Corporation) C:\Program Files\WindowsApps\Microsoft.XboxGamingOverlay_6.123.11012.0_x64__8wekyb3d8bbwe\GameBar.exe
(svchost.exe ->) (Microsoft Corporation -> Microsoft Corporation) C:\Program Files\WindowsApps\Microsoft.XboxGamingOverlay_6.123.11012.0_x64__8wekyb3d8bbwe\GameBarFTServer.exe
(svchost.exe ->) (Microsoft Windows -> ) C:\Program Files\WindowsApps\MicrosoftWindows.Client.WebExperience_424.400.20.0_x64__cw5n1h2txyewy\Dashboard\WidgetService.exe
(svchost.exe ->) (Microsoft Windows -> Microsoft Corporation) C:\Windows\System32\DataExchangeHost.exe
(svchost.exe ->) (Microsoft Windows -> Microsoft Corporation) C:\Windows\System32\dllhost.exe <2>
(svchost.exe ->) (Microsoft Windows -> Microsoft Corporation) C:\Windows\System32\smartscreen.exe
(svchost.exe ->) (Microsoft Windows -> Microsoft Corporation) C:\Windows\System32\wlanext.exe
(svchost.exe ->) (Microsoft Windows -> Microsoft Corporation) C:\Windows\SystemApps\Microsoft.Windows.AppRep.ChxApp_cw5n1h2txyewy\CHXSmartScreen.exe

==================== Registry (Whitelisted) ===================

(If an entry is included in the fixlist, the registry item will be restored to default or removed. The file will not be moved.)

HKLM\...\Run: [RtkAudUService] => C:\WINDOWS\System32\DriverStore\FileRepository\realtekservice.inf_amd64_aadd853bf8841644\RtkAudUService64.exe [1765280 2023-12-28] (Realtek Semiconductor Corp. -> Realtek Semiconductor)
HKLM\...\Run: [PDF24] => C:\Program Files\PDF24\pdf24.exe [564928 2021-03-25] (geek software GmbH -> geek software GmbH)
HKLM-x32\...\Run: [C16A] => C:\WINDOWS\twain_32\Brimc16a\Common\TwDsUiLaunch.exe [85928 2020-12-23] (Microsoft Windows Hardware Compatibility Publisher -> )
HKLM-x32\...\Run: [ControlCenter4] => C:\Program Files (x86)\ControlCenter4\BrCcBoot.exe [145344 2019-07-26] (Brother Industries, Ltd. -> Brother Industries, Ltd.)
HKLM-x32\...\Run: [BrStsMon00] => C:\Program Files (x86)\Browny02\Brother\BrStMonW.exe [3146752 2021-12-10] (Brother Industries, Ltd.) [File not signed]
HKLM\SOFTWARE\Policies\Microsoft\Windows\WindowsUpdate: Restriction <==== ATTENTION
HKU\S-1-5-21-3232083344-1562268770-1372096952-1001\...\Run: [Steam] => C:\Program Files (x86)\Steam\steam.exe [4375912 2023-09-29] (Valve Corp. -> Valve Corporation)
HKU\S-1-5-21-3232083344-1562268770-1372096952-1001\...\Run: [MicrosoftEdgeAutoLaunch_26EA512E69002564B2EC02BC93D62E84] => "C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --no-startup-window --win-session-start [3854376 2024-01-17] (Microsoft Corporation -> Microsoft Corporation)
HKLM\...\Windows x64\Print Processors\KOAYTJ_P: C:\Windows\System32\spool\prtprocs\x64\KOAYTJ_P.dll [92680 2016-02-11] (Microsoft Windows Hardware Compatibility Publisher -> Monotype Imaging Inc.)
HKLM\...\Print\Monitors\C364SeriesPCL Language Monitor: C:\WINDOWS\system32\KOAYTJ_L.DLL [25608 2016-02-11] (Microsoft Windows Hardware Compatibility Publisher -> KONICA MINOLTA, INC.)
HKLM\Software\Microsoft\Active Setup\Installed Components: [{8A69D345-D564-463c-AFF1-A69D9E530F96}] -> C:\Program Files\Google\Chrome\Application\120.0.6099.225\Installer\chrmstp.exe [2024-01-19] (Google LLC -> Google LLC)
HKLM\Software\...\Authentication\Credential Providers: [{C885AA15-1764-4293-B82A-0586ADD46B35}] ->
Startup: C:\Users\spravce\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup\Poslat do aplikace OneNote.lnk [2022-08-15]
ShortcutTarget: Poslat do aplikace OneNote.lnk -> C:\Program Files\Microsoft Office\root\Office16\ONENOTEM.EXE (Microsoft Corporation -> Microsoft Corporation)

==================== Scheduled Tasks (Whitelisted) =================

(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)

Task: {855E7649-5C35-411A-B066-7C4C7C209E7B} - System32\Tasks\Adobe Acrobat Update Task => C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\AdobeARM.exe [1566200 2023-09-20] (Adobe Inc. -> Adobe Inc.)
Task: {483B53CE-AA95-4341-A5E3-728D4CABD97D} - System32\Tasks\AMDInstallLauncher => C:\Program Files\AMD\CIM\Bin64\InstallManagerApp.exe [1030584 2023-08-24] (Advanced Micro Devices Inc. -> Advanced Micro Devices, Inc.)
Task: {8F6ABB1B-A2CD-431D-9972-4FA2BA031747} - System32\Tasks\AMDLinkUpdate => C:\Program Files\AMD\CIM\Bin64\InstallManagerApp.exe [1030584 2023-08-24] (Advanced Micro Devices Inc. -> Advanced Micro Devices, Inc.)
Task: {6EEA26ED-7AF3-4FBF-8D19-7171193BD168} - System32\Tasks\AMDRyzenMasterSDKTask => C:\Program Files\AMD\CNext\CNext\cpumetricsserver.exe [183736 2023-08-24] (Advanced Micro Devices Inc. -> Advanced Micro Devices, Inc.)
Task: {244BD64C-4614-44CC-B5BB-2AD282F63178} - System32\Tasks\AMDScoSupportTypeUpdate => C:\Program Files\AMD\CIM\Bin64\InstallManagerApp.exe [1030584 2023-08-24] (Advanced Micro Devices Inc. -> Advanced Micro Devices, Inc.)
Task: {6FD75373-B356-4D3D-81F0-E6EF4F33588A} - System32\Tasks\GoogleUpdateTaskMachineCore => C:\Program Files (x86)\Google\Update\GoogleUpdate.exe [154456 2021-07-28] (Google LLC -> Google LLC)
Task: {9959B5B1-BCD9-4A17-8C7B-5AA67E5A2933} - System32\Tasks\GoogleUpdateTaskMachineUA => C:\Program Files (x86)\Google\Update\GoogleUpdate.exe [154456 2021-07-28] (Google LLC -> Google LLC)
Task: {48DEABEE-5CBF-4BD6-A1EC-7232FAF6DCC8} - System32\Tasks\Microsoft\Office\Office Automatic Updates 2.0 => C:\Program Files\Common Files\Microsoft Shared\ClickToRun\OfficeC2RClient.exe [28425192 2024-01-05] (Microsoft Corporation -> Microsoft Corporation)
Task: {EE3F4729-9858-4BAC-B596-127646590DE6} - System32\Tasks\Microsoft\Office\Office ClickToRun Service Monitor => C:\Program Files\Common Files\Microsoft Shared\ClickToRun\OfficeC2RClient.exe [28425192 2024-01-05] (Microsoft Corporation -> Microsoft Corporation)
Task: {ABBD8498-65B6-4F1D-945F-BC91D4D95E80} - System32\Tasks\Microsoft\Office\Office Feature Updates => C:\Program Files\Microsoft Office\root\Office16\sdxhelper.exe [305744 2024-01-13] (Microsoft Corporation -> Microsoft Corporation)
Task: {CA93CC29-8FD6-4EEA-BA98-89A60EB50047} - System32\Tasks\Microsoft\Office\Office Feature Updates Logon => C:\Program Files\Microsoft Office\root\Office16\sdxhelper.exe [305744 2024-01-13] (Microsoft Corporation -> Microsoft Corporation)
Task: {8C61DC9F-5C4B-4781-8D09-27A434189868} - System32\Tasks\Microsoft\Office\Office Performance Monitor => C:\Program Files\Microsoft Office\root\VFS\ProgramFilesCommonX64\Microsoft Shared\Office16\operfmon.exe [170048 2024-01-08] (Microsoft Corporation -> Microsoft Corporation)
Task: {CCDFC0B8-01A3-4E74-A820-4F13F51D269E} - System32\Tasks\Microsoft\Windows\Mobile Broadband Accounts\MNO Metadata Parser => %SystemRoot%\System32\MbaeParserTask.exe (No File)
Task: {58612F3C-94B8-498E-B304-AD124B859E3E} - System32\Tasks\Microsoft\Windows\UpdateOrchestrator\MusUx_LogonUpdateResults => %systemroot%\system32\MusNotification.exe LogonUpdateResults (No File)
Task: {C762335B-31B2-432A-A1E0-233746AC7B98} - System32\Tasks\Microsoft\Windows\UpdateOrchestrator\Reboot_AC => %systemroot%\system32\MusNotification.exe /RunOnAC Reboot (No File)
Task: {10EE9ADA-D62A-4B57-92D8-AA3C1DAB0CE9} - System32\Tasks\Microsoft\Windows\UpdateOrchestrator\Reboot_Battery => %systemroot%\system32\MusNotification.exe /RunOnBattery Reboot (No File)
Task: {E0F10DCF-44AD-40E8-9370-FB5DA59F93FB} - System32\Tasks\Microsoft\Windows\UpdateOrchestrator\USO_UxBroker => %systemroot%\system32\MusNotification.exe (No File)
Task: {926C4FAA-74EA-4CBF-AE9B-648A186BEA94} - System32\Tasks\Microsoft\Windows\Windows Defender\Windows Defender Cache Maintenance => C:\ProgramData\Microsoft\Windows Defender\Platform\4.18.23110.3-0\MpCmdRun.exe [1608808 2023-12-06] (Microsoft Windows Publisher -> Microsoft Corporation)
Task: {867A379A-656D-4B4D-90DB-9BC46896D144} - System32\Tasks\Microsoft\Windows\Windows Defender\Windows Defender Cleanup => C:\ProgramData\Microsoft\Windows Defender\Platform\4.18.23110.3-0\MpCmdRun.exe [1608808 2023-12-06] (Microsoft Windows Publisher -> Microsoft Corporation)
Task: {864B2846-548F-49DC-82C5-D187C14E1B65} - System32\Tasks\Microsoft\Windows\Windows Defender\Windows Defender Scheduled Scan => C:\ProgramData\Microsoft\Windows Defender\Platform\4.18.23110.3-0\MpCmdRun.exe [1608808 2023-12-06] (Microsoft Windows Publisher -> Microsoft Corporation)
Task: {DB754404-0258-4A5F-A4DF-89A0940DF158} - System32\Tasks\Microsoft\Windows\Windows Defender\Windows Defender Verification => C:\ProgramData\Microsoft\Windows Defender\Platform\4.18.23110.3-0\MpCmdRun.exe [1608808 2023-12-06] (Microsoft Windows Publisher -> Microsoft Corporation)
Task: {F130542A-8FEB-4401-9847-A5E817719689} - System32\Tasks\ModifyLinkUpdate => C:\Program Files\AMD\CIM\Bin64\InstallManagerApp.exe [1030584 2023-08-24] (Advanced Micro Devices Inc. -> Advanced Micro Devices, Inc.)
Task: {E661FE97-4252-4546-A7B7-37978EDACB64} - System32\Tasks\OneDrive Per-Machine Standalone Update Task => C:\Program Files\Microsoft OneDrive\OneDriveStandaloneUpdater.exe [4130736 2023-12-19] (Microsoft Corporation -> Microsoft Corporation)
Task: {10E636CA-C9E9-4F16-BB5F-5AD2BF252B76} - System32\Tasks\OneDrive Reporting Task-S-1-5-21-3232083344-1562268770-1372096952-1001 => C:\Program Files\Microsoft OneDrive\OneDriveStandaloneUpdater.exe [4130736 2023-12-19] (Microsoft Corporation -> Microsoft Corporation)

(If an entry is included in the fixlist, the task (.job) file will be moved. The file which is running by the task will not be moved.)

Task: C:\WINDOWS\Tasks\CreateExplorerShellUnelevatedTask.job => C:\WINDOWS\explorer.exe

==================== Internet (Whitelisted) ====================

(If an item is included in the fixlist, if it is a registry item it will be removed or restored to default.)

Tcpip\Parameters: [DhcpNameServer] 10.0.0.138
Tcpip\..\Interfaces\{947bb690-da69-43ae-8007-a29d2a42623d}: [DhcpNameServer] 10.0.0.138
Tcpip\..\Interfaces\{947bb690-da69-43ae-8007-a29d2a42623d}: [DhcpDomain] Home
Tcpip\..\Interfaces\{947bb690-da69-43ae-8007-a29d2a42623d}\140514348423: [DhcpNameServer] 192.168.100.1
Tcpip\..\Interfaces\{947bb690-da69-43ae-8007-a29d2a42623d}\850756279616F583136373: [DhcpNameServer] 192.168.204.61
Tcpip\..\Interfaces\{c8a42e0e-56a2-4ef6-af2a-49efaf894038}: [DhcpNameServer] 192.168.21.1

Edge:
=======
Edge DefaultProfile: Profile 3
Edge Profile: C:\Users\spravce\AppData\Local\Microsoft\Edge\User Data\Default [2023-12-29]
Edge Profile: C:\Users\spravce\AppData\Local\Microsoft\Edge\User Data\Profile 1 [2023-12-29]
Edge Profile: C:\Users\spravce\AppData\Local\Microsoft\Edge\User Data\Profile 2 [2023-12-29]
Edge Profile: C:\Users\spravce\AppData\Local\Microsoft\Edge\User Data\Profile 3 [2024-01-26]
Edge Notifications: Profile 3 -> hxxps://fjvv2i.porexcosted.co.in; hxxps://meet.google.com
Edge Extension: (Dokumenty Google offline) - C:\Users\spravce\AppData\Local\Microsoft\Edge\User Data\Profile 3\Extensions\ghbmnnjooekpmoecnnnilnnbdlolhkhi [2024-01-23]
Edge Extension: (Edge relevant text changes) - C:\Users\spravce\AppData\Local\Microsoft\Edge\User Data\Profile 3\Extensions\jmjflgjpcpepeafmmgdpfkogkghcpiha [2023-09-14]

FireFox:
========
FF Plugin: @microsoft.com/SharePoint,version=14.0 -> C:\Program Files\Microsoft Office\root\Office16\NPSPWRAP.DLL [2023-12-05] (Microsoft Corporation -> Microsoft Corporation)
FF Plugin: Adobe Acrobat -> C:\Program Files\Adobe\Acrobat DC\Acrobat\Air\nppdf32.dll [2024-01-13] (Adobe Inc. -> Adobe Systems Inc.)
FF Plugin-x32: @microsoft.com/Lync,version=15.0 -> C:\Program Files\Microsoft Office\root\VFS\ProgramFilesX86\Mozilla Firefox\plugins\npmeetingjoinpluginoc.dll [2024-01-08] (Microsoft Corporation -> Microsoft Corporation)
FF Plugin-x32: @microsoft.com/SharePoint,version=14.0 -> C:\Program Files\Microsoft Office\root\VFS\ProgramFilesX86\Microsoft Office\Office16\NPSPWRAP.DLL [2023-12-05] (Microsoft Corporation -> Microsoft Corporation)

Chrome:
=======
CHR Profile: C:\Users\spravce\AppData\Local\Google\Chrome\User Data\Default [2024-01-25]
CHR Notifications: Default -> hxxps://web.skype.com
CHR Extension: (Dokumenty Google offline) - C:\Users\spravce\AppData\Local\Google\Chrome\User Data\Default\Extensions\ghbmnnjooekpmoecnnnilnnbdlolhkhi [2024-01-16]
CHR Extension: (Platby Internetového obchodu Chrome) - C:\Users\spravce\AppData\Local\Google\Chrome\User Data\Default\Extensions\nmmhkkegccagdldgiimedpiccmgmieda [2021-07-28]

==================== Services (Whitelisted) ===================

(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)

R2 AdobeARMservice; C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\armsvc.exe [173040 2023-09-20] (Adobe Inc. -> Adobe Inc.)
R2 ClickToRunSvc; C:\Program Files\Common Files\Microsoft Shared\ClickToRun\OfficeClickToRun.exe [13777080 2024-01-05] (Microsoft Corporation -> Microsoft Corporation)
S3 FileSyncHelper; C:\Program Files\Microsoft OneDrive\23.246.1127.0002\FileSyncHelper.exe [3514384 2023-12-19] (Microsoft Corporation -> Microsoft Corporation)
S2 MBAMService; C:\Program Files\Malwarebytes\Anti-Malware\MBAMService.exe [9410296 2024-01-24] (Malwarebytes Inc. -> Malwarebytes)
S3 OneDrive Updater Service; C:\Program Files\Microsoft OneDrive\23.246.1127.0002\OneDriveUpdaterService.exe [3851280 2023-12-19] (Microsoft Corporation -> Microsoft Corporation)
R2 PDF24; C:\Program Files\PDF24\pdf24.exe [564928 2021-03-25] (geek software GmbH -> geek software GmbH)
S2 rkrtservice; C:\Program Files\RogueKiller\RogueKillerSvc.exe [15243184 2024-01-17] (ADLICE -> )
S3 WdNisSvc; C:\ProgramData\Microsoft\Windows Defender\Platform\4.18.23110.3-0\NisSrv.exe [3174840 2023-12-06] (Microsoft Windows Publisher -> Microsoft Corporation)
R2 WinDefend; C:\ProgramData\Microsoft\Windows Defender\Platform\4.18.23110.3-0\MsMpEng.exe [133592 2023-12-06] (Microsoft Windows Publisher -> Microsoft Corporation)

===================== Drivers (Whitelisted) ===================

(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)

R3 AcerAirplaneModeController; C:\WINDOWS\System32\drivers\AcerAirplaneModeController.sys [36800 2022-06-02] (Acer Incorporated -> Acer Incorporated)
R3 amdfendrmgr; C:\WINDOWS\System32\drivers\amdfendrmgr.sys [25584 2023-06-13] (Microsoft Windows Hardware Compatibility Publisher -> Advanced Micro Devices, Inc.)
R2 AMDRyzenMasterDriverV20; C:\WINDOWS\system32\AMDRyzenMasterDriver.sys [48328 2023-04-07] (Advanced Micro Devices Inc. -> Advanced Micro Devices)
R3 AMDSAFD; C:\WINDOWS\System32\DriverStore\FileRepository\amdsafd.inf_amd64_54807f69fe156f14\amdsafd.sys [113088 2023-04-13] (Advanced Micro Devices Inc. -> Advanced Micro Devices)
R3 amdwddmg; C:\WINDOWS\System32\DriverStore\FileRepository\u0395510.inf_amd64_266bc083bb7590df\B395348\amdkmdag.sys [100066240 2023-09-05] (Advanced Micro Devices Inc. -> Advanced Micro Devices, Inc.)
R3 AMDXE; C:\WINDOWS\System32\drivers\amdxe.sys [61888 2023-05-24] (Advanced Micro Devices Inc. -> Advanced Micro Devices, Inc.)
S1 amsdk; C:\WINDOWS\system32\drivers\amsdk.sys [232792 2024-01-25] (Zemana D.O.O. Sarajevo -> Copyright 2018.)
S3 BTHMODEM; C:\WINDOWS\System32\drivers\bthmodem.sys [106496 2022-05-07] (Microsoft Corporation) [File not signed]
S0 MbamElam; C:\WINDOWS\System32\DRIVERS\MbamElam.sys [21480 2024-01-24] (Microsoft Windows Early Launch Anti-malware Publisher -> Malwarebytes)
S3 MBAMSwissArmy; C:\WINDOWS\System32\Drivers\mbamswissarmy.sys [239576 2024-01-24] (Microsoft Windows Hardware Compatibility Publisher -> Malwarebytes)
S3 MpKsl93ee74ee; C:\WINDOWS\system32\MpEngineStore\MpKslDrv.sys [221480 2023-07-31] (Microsoft Windows -> Microsoft Corporation)
R3 rt68cx21; C:\WINDOWS\System32\DriverStore\FileRepository\rt68cx21x64sta.inf_amd64_35a79378ec3f3135\rt68cx21x64.sys [779752 2023-12-28] (Realtek Semiconductor Corp. -> Realtek)
S3 sshid; C:\WINDOWS\System32\drivers\sshid.sys [48800 2022-02-23] (SteelSeries ApS -> SteelSeries ApS)
S0 WdBoot; C:\WINDOWS\System32\drivers\wd\WdBoot.sys [55856 2023-12-06] (Microsoft Windows Early Launch Anti-malware Publisher -> Microsoft Corporation)
U5 WdDevFlt; C:\Windows\System32\Drivers\WdDevFlt.sys [169232 2022-05-07] (Microsoft Windows -> Microsoft Corporation)
R0 WdFilter; C:\WINDOWS\System32\drivers\wd\WdFilter.sys [594304 2023-12-06] (Microsoft Windows -> Microsoft Corporation)
S3 WdNisDrv; C:\WINDOWS\System32\drivers\wd\WdNisDrv.sys [105856 2023-12-06] (Microsoft Windows -> Microsoft Corporation)
S3 cpuz148; \??\C:\WINDOWS\temp\cpuz148\cpuz148_x64.sys [X] <==== ATTENTION
S1 WinSetupMon; system32\DRIVERS\WinSetupMon.sys [X]

==================== NetSvcs (Whitelisted) ===================

(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)


==================== One month (created) (Whitelisted) =========

(If an entry is included in the fixlist, the file/folder will be moved.)

2024-01-26 18:44 - 2024-01-26 18:44 - 000020550 _____ C:\Users\spravce\Desktop\FRST.txt
2024-01-26 18:44 - 2024-01-26 18:44 - 000000000 ____D C:\FRST
2024-01-26 18:43 - 2024-01-26 18:43 - 002389504 _____ (Farbar) C:\Users\spravce\Desktop\FRST64.exe
2024-01-24 23:44 - 2024-01-24 23:44 - 000727012 _____ C:\WINDOWS\system32\perfh005.dat
2024-01-24 23:44 - 2024-01-24 23:44 - 000151244 _____ C:\WINDOWS\system32\perfc005.dat
2024-01-24 21:03 - 2024-01-25 00:24 - 000232792 _____ (Copyright 2018.) C:\WINDOWS\system32\Drivers\amsdk.sys
2024-01-24 21:03 - 2024-01-25 00:23 - 000000000 ____D C:\Users\spravce\AppData\Local\AMSDK
2024-01-24 21:02 - 2024-01-24 21:02 - 013922376 _____ (Zemana Ltd. ) C:\Users\spravce\Desktop\Zemana.AntiMalware.Setup.exe
2024-01-24 17:18 - 2024-01-24 23:40 - 000054208 _____ C:\WINDOWS\system32\Drivers\truesight.sys
2024-01-24 17:18 - 2024-01-24 23:38 - 000000000 ____D C:\ProgramData\RogueKiller
2024-01-24 17:18 - 2024-01-24 17:18 - 000000899 _____ C:\Users\Public\Desktop\RogueKiller.lnk
2024-01-24 17:18 - 2024-01-24 17:18 - 000000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\RogueKiller
2024-01-24 17:18 - 2024-01-24 17:18 - 000000000 ____D C:\Program Files\RogueKiller
2024-01-24 17:11 - 2024-01-24 17:18 - 048393360 _____ (Adlice Software ) C:\Users\spravce\Desktop\RogueKiller_setup.exe
2024-01-24 17:10 - 2024-01-24 17:12 - 001790024 _____ (Malwarebytes) C:\Users\spravce\Desktop\JRT.exe
2024-01-24 11:39 - 2024-01-26 18:41 - 000000000 ____D C:\Users\spravce\AppData\Local\Adobe
2024-01-24 11:34 - 2024-01-25 00:23 - 000000000 ____D C:\Users\spravce\AppData\Local\Malwarebytes
2024-01-24 11:34 - 2024-01-24 11:34 - 000000000 ____D C:\Users\spravce\AppData\Local\mbam
2024-01-24 11:33 - 2024-01-24 11:33 - 000002033 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Malwarebytes.lnk
2024-01-24 11:33 - 2024-01-24 11:33 - 000002021 _____ C:\Users\Public\Desktop\Malwarebytes.lnk
2024-01-24 11:33 - 2024-01-24 11:33 - 000000000 ____D C:\ProgramData\Malwarebytes
2024-01-24 11:33 - 2024-01-24 11:33 - 000000000 ____D C:\Program Files\Malwarebytes
2024-01-24 11:32 - 2024-01-24 11:32 - 002582384 _____ (Malwarebytes) C:\Users\spravce\Desktop\MBSetup.exe
2024-01-24 11:30 - 2024-01-24 11:30 - 000000000 ____D C:\AdwCleaner
2024-01-24 11:28 - 2024-01-24 11:29 - 008791352 _____ (Malwarebytes) C:\Users\spravce\Desktop\AdwCleaner.exe
2024-01-24 11:25 - 2024-01-24 11:25 - 000448512 _____ (OldTimer Tools) C:\Users\spravce\Desktop\TFC.exe
2024-01-24 11:23 - 2024-01-24 21:02 - 000001151 _____ C:\Users\spravce\Desktop\Nový Textový dokument.txt
2024-01-24 11:20 - 2024-01-24 11:20 - 000050688 _____ (Atribune.org) C:\Users\spravce\Desktop\ATF-Cleaner.exe
2024-01-23 14:56 - 2024-01-23 14:56 - 000388608 _____ (Trend Micro Inc.) C:\Users\spravce\Desktop\hijackthis.exe
2024-01-13 20:04 - 2024-01-13 20:04 - 000000000 ____D C:\Program Files\Common Files\DESIGNER
2024-01-10 21:02 - 2024-01-10 21:02 - 000016720 _____ C:\WINDOWS\system32\IntegratedServicesRegionPolicySet.json
2024-01-10 20:58 - 2024-01-10 21:01 - 000000000 ___HD C:\$WinREAgent
2024-01-10 20:11 - 2024-01-26 18:35 - 000003122 _____ C:\WINDOWS\system32\Tasks\AMDInstallLauncher
2023-12-29 01:03 - 2013-05-31 23:57 - 000249524 _____ C:\WINDOWS\system32\Drivers\RtPCEE4.DAT
2023-12-29 01:03 - 2010-09-23 19:21 - 000039672 _____ C:\WINDOWS\system32\Drivers\RtPCEE3.DAT
2023-12-29 01:03 - 2010-03-22 15:21 - 000247560 _____ C:\WINDOWS\system32\Drivers\RTConvEQ.dat
2023-12-29 01:03 - 2009-12-11 15:59 - 000059936 _____ (Realtek Semiconductor Corp.) C:\WINDOWS\system32\Drivers\AzMixerSel.exe
2023-12-28 22:09 - 2023-12-28 22:10 - 005187752 _____ (Intel Corporation) C:\WINDOWS\system32\Drivers\Netwtw10.sys
2023-12-28 22:05 - 2023-12-28 22:05 - 001472168 _____ (Intel Corporation) C:\WINDOWS\system32\IntelIHVRouter10.dll
2023-12-28 21:57 - 2023-12-28 21:57 - 000019848 _____ C:\WINDOWS\system32\RtEventLog.dll
2023-12-28 21:44 - 2023-12-28 21:46 - 006529344 _____ (Realtek Semiconductor Corp.) C:\WINDOWS\system32\Drivers\RTKVHD64.sys
2023-12-28 17:17 - 2023-12-28 17:17 - 000352192 _____ (Advanced Micro Devices, Inc. ) C:\WINDOWS\SysWOW64\amdtee_api.dll
2023-12-28 17:16 - 2023-12-28 17:17 - 000438680 _____ (Advanced Micro Devices, Inc. ) C:\WINDOWS\system32\amdtee_api.dll
2023-12-28 17:16 - 2023-12-28 17:16 - 000052120 _____ (Advanced Micro Devices, Inc. ) C:\WINDOWS\system32\Drivers\amdpsp.sys
2023-12-28 15:40 - 2023-09-05 12:02 - 000177760 _____ (Advanced Micro Devices, Inc.) C:\WINDOWS\SysWOW64\amdihk32.dll
2023-12-28 15:40 - 2020-11-05 01:13 - 001499376 _____ (Advanced Micro Devices, Inc.) C:\WINDOWS\system32\atiacm64.dll
2023-12-28 15:40 - 2020-11-05 01:13 - 000745712 _____ (Advanced Micro Devices, Inc.) C:\WINDOWS\system32\Rapidfire64.dll
2023-12-28 15:40 - 2020-11-05 01:13 - 000630000 _____ (Advanced Micro Devices, Inc.) C:\WINDOWS\SysWOW64\Rapidfire.dll
2023-12-28 15:40 - 2020-11-05 01:13 - 000502000 _____ C:\WINDOWS\system32\dgtrayicon.exe
2023-12-28 15:40 - 2020-11-05 01:13 - 000348400 _____ C:\WINDOWS\system32\clinfo.exe
2023-12-28 15:40 - 2020-11-05 01:13 - 000158960 _____ (Khronos Group) C:\WINDOWS\system32\OpenCL.dll
2023-12-28 15:40 - 2020-11-05 01:13 - 000139504 _____ (Khronos Group) C:\WINDOWS\SysWOW64\OpenCL.dll
2023-12-28 15:40 - 2020-11-05 01:13 - 000099568 _____ (Advanced Micro Devices, Inc. ) C:\WINDOWS\system32\mcl64.dll
2023-12-28 15:40 - 2020-11-05 01:13 - 000084208 _____ (Advanced Micro Devices, Inc. ) C:\WINDOWS\SysWOW64\mcl32.dll
2023-12-28 15:40 - 2020-11-05 01:13 - 000055536 _____ (Advanced Micro Devices, Inc.) C:\WINDOWS\system32\RapidFireServer64.dll
2023-12-28 15:40 - 2020-11-05 01:13 - 000052464 _____ (Advanced Micro Devices, Inc.) C:\WINDOWS\SysWOW64\RapidFireServer.dll
2023-12-28 15:40 - 2020-11-05 01:12 - 078312176 _____ C:\WINDOWS\system32\amd_comgr.dll
2023-12-28 15:40 - 2020-11-05 01:12 - 064440560 _____ C:\WINDOWS\SysWOW64\amd_comgr32.dll
2023-12-28 15:40 - 2020-11-05 01:11 - 072567024 _____ (Advanced Micro Devices Inc.) C:\WINDOWS\system32\amdhip64.dll
2023-12-28 15:40 - 2020-11-05 01:11 - 000475376 _____ C:\WINDOWS\system32\amdlogum.exe
2023-12-27 22:31 - 2023-12-27 22:31 - 000000000 ____D C:\Users\spravce\AppData\LocalLow\AMD
2023-12-27 22:31 - 2023-12-27 22:31 - 000000000 ____D C:\ProgramData\AMD
2023-12-27 22:30 - 2024-01-26 18:35 - 000003114 _____ C:\WINDOWS\system32\Tasks\AMDLinkUpdate
2023-12-27 22:30 - 2023-12-27 22:30 - 000003518 _____ C:\WINDOWS\system32\Tasks\AMDScoSupportTypeUpdate
2023-12-27 22:30 - 2023-12-27 22:30 - 000003484 _____ C:\WINDOWS\system32\Tasks\ModifyLinkUpdate
2023-12-27 22:30 - 2023-12-27 22:30 - 000002622 _____ C:\WINDOWS\system32\Tasks\AMDRyzenMasterSDKTask
2023-12-27 22:30 - 2023-12-27 22:30 - 000000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\AMD Bug Report Tool
2023-12-27 22:29 - 2023-12-27 22:29 - 000000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\AMD Software꞉ Adrenalin Edition
2023-12-27 22:28 - 2023-09-05 12:04 - 000832960 _____ C:\WINDOWS\system32\vulkaninfo-1-999-0-0-0.exe
2023-12-27 22:28 - 2023-09-05 12:04 - 000832960 _____ C:\WINDOWS\system32\vulkaninfo.exe
2023-12-27 22:28 - 2023-09-05 12:04 - 000721456 _____ C:\WINDOWS\system32\hiprt0200064.dll
2023-12-27 22:28 - 2023-09-05 12:04 - 000715200 _____ C:\WINDOWS\SysWOW64\vulkaninfo-1-999-0-0-0.exe
2023-12-27 22:28 - 2023-09-05 12:04 - 000715200 _____ C:\WINDOWS\SysWOW64\vulkaninfo.exe
2023-12-27 22:28 - 2023-09-05 12:04 - 000668712 _____ C:\WINDOWS\system32\vulkan-1-999-0-0-0.dll
2023-12-27 22:28 - 2023-09-05 12:04 - 000668712 _____ C:\WINDOWS\system32\vulkan-1.dll
2023-12-27 22:28 - 2023-09-05 12:04 - 000653256 _____ C:\WINDOWS\SysWOW64\vulkan-1-999-0-0-0.dll
2023-12-27 22:28 - 2023-09-05 12:04 - 000653256 _____ C:\WINDOWS\SysWOW64\vulkan-1.dll
2023-12-27 22:28 - 2023-09-05 12:04 - 000596528 _____ C:\WINDOWS\system32\GameManager64.dll
2023-12-27 22:28 - 2023-09-05 12:04 - 000539072 _____ C:\WINDOWS\system32\libsmi_guest.dll
2023-12-27 22:28 - 2023-09-05 12:04 - 000532016 _____ C:\WINDOWS\system32\libsmi_host.dll
2023-12-27 22:28 - 2023-09-05 12:04 - 000492592 _____ C:\WINDOWS\system32\EEURestart.exe
2023-12-27 22:28 - 2023-09-05 12:04 - 000450096 _____ C:\WINDOWS\SysWOW64\GameManager32.dll
2023-12-27 22:28 - 2023-09-05 12:04 - 000197160 _____ C:\WINDOWS\system32\mantle64.dll
2023-12-27 22:28 - 2023-09-05 12:04 - 000176168 _____ C:\WINDOWS\system32\mantleaxl64.dll
2023-12-27 22:28 - 2023-09-05 12:04 - 000153640 _____ C:\WINDOWS\SysWOW64\mantle32.dll
2023-12-27 22:28 - 2023-09-05 12:04 - 000137776 _____ C:\WINDOWS\SysWOW64\mantleaxl32.dll
2023-12-27 22:28 - 2023-08-24 16:21 - 002968184 _____ (Advanced Micro Devices, Inc.) C:\WINDOWS\SysWOW64\AMDBugReportTool.exe
2023-12-27 22:27 - 2023-09-05 12:03 - 002073536 _____ (Advanced Micro Devices, Inc.) C:\WINDOWS\system32\atiadlxx.dll
2023-12-27 22:27 - 2023-09-05 12:03 - 001592768 _____ (Advanced Micro Devices, Inc.) C:\WINDOWS\SysWOW64\atiadlxy.dll
2023-12-27 22:27 - 2023-09-05 12:03 - 001592768 _____ (Advanced Micro Devices, Inc.) C:\WINDOWS\SysWOW64\atiadlxx.dll
2023-12-27 22:27 - 2023-09-05 12:03 - 000949696 _____ (AMD) C:\WINDOWS\system32\atieclxx.exe
2023-12-27 22:27 - 2023-09-05 12:03 - 000525760 _____ C:\WINDOWS\system32\atieah64.exe
2023-12-27 22:27 - 2023-09-05 12:03 - 000463296 _____ (Advanced Micro Devices, Inc.) C:\WINDOWS\system32\atidemgy.dll
2023-12-27 22:27 - 2023-09-05 12:03 - 000394688 _____ C:\WINDOWS\SysWOW64\atieah32.exe
2023-12-27 22:27 - 2023-09-05 12:03 - 000256448 _____ (Advanced Micro Devices, Inc. ) C:\WINDOWS\system32\atig6txx.dll
2023-12-27 22:27 - 2023-09-05 12:03 - 000217024 _____ (Advanced Micro Devices, Inc. ) C:\WINDOWS\SysWOW64\atigktxx.dll
2023-12-27 22:27 - 2023-09-05 12:03 - 000200432 _____ (Advanced Micro Devices, Inc. ) C:\WINDOWS\system32\aticfx64.dll
2023-12-27 22:27 - 2023-09-05 12:03 - 000186304 _____ (AMD) C:\WINDOWS\system32\atimuixx.dll
2023-12-27 22:27 - 2023-09-05 12:03 - 000174016 _____ (Advanced Micro Devices, Inc. ) C:\WINDOWS\system32\atisamu64.dll
2023-12-27 22:27 - 2023-09-05 12:03 - 000163328 _____ (Advanced Micro Devices, Inc. ) C:\WINDOWS\SysWOW64\aticfx32.dll
2023-12-27 22:27 - 2023-09-05 12:03 - 000137152 _____ (Advanced Micro Devices, Inc. ) C:\WINDOWS\SysWOW64\atisamu32.dll
2023-12-27 22:27 - 2023-09-05 12:03 - 000132544 _____ (Advanced Micro Devices, Inc.) C:\WINDOWS\system32\amfrt64.dll
2023-12-27 22:27 - 2023-09-05 12:03 - 000128552 _____ C:\WINDOWS\system32\amdxc64.dll
2023-12-27 22:27 - 2023-09-05 12:03 - 000108584 _____ (Advanced Micro Devices, Inc.) C:\WINDOWS\SysWOW64\amfrt32.dll
2023-12-27 22:27 - 2023-09-05 12:03 - 000103976 _____ C:\WINDOWS\SysWOW64\amdxc32.dll
2023-12-27 22:27 - 2023-09-05 12:03 - 000064960 _____ (Advanced Micro Devices, Inc.) C:\WINDOWS\system32\ati2erec.dll
2023-12-27 22:27 - 2023-09-05 12:02 - 011746832 _____ C:\WINDOWS\system32\amdsmi.exe
2023-12-27 22:27 - 2023-09-05 12:02 - 004375592 _____ (Advanced Micro Devices, Inc.) C:\WINDOWS\system32\amdadlx64.dll
2023-12-27 22:27 - 2023-09-05 12:02 - 004180016 _____ (Advanced Micro Devices, Inc.) C:\WINDOWS\SysWOW64\amdadlx32.dll
2023-12-27 22:27 - 2023-09-05 12:02 - 002176448 _____ (Advanced Micro Devices, Inc.) C:\WINDOWS\system32\amdsasrv64.dll
2023-12-27 22:27 - 2023-09-05 12:02 - 001305136 _____ (Advanced Micro Devices, Inc.) C:\WINDOWS\system32\amdsacli64.dll
2023-12-27 22:27 - 2023-09-05 12:02 - 001029568 _____ (Advanced Micro Devices, Inc.) C:\WINDOWS\SysWOW64\amdsacli32.dll
2023-12-27 22:27 - 2023-09-05 12:02 - 000933936 _____ (Advanced Micro Devices, Inc.) C:\WINDOWS\system32\amdlvr64.dll
2023-12-27 22:27 - 2023-09-05 12:02 - 000761280 _____ (Advanced Micro Devices, Inc.) C:\WINDOWS\SysWOW64\amdlvr32.dll
2023-12-27 22:27 - 2023-09-05 12:02 - 000558528 _____ C:\WINDOWS\system32\amdgfxinfo64.dll
2023-12-27 22:27 - 2023-09-05 12:02 - 000422448 _____ C:\WINDOWS\SysWOW64\amdgfxinfo32.dll
2023-12-27 22:27 - 2023-09-05 12:02 - 000222192 _____ (Advanced Micro Devices, Inc.) C:\WINDOWS\system32\amdihk64.dll
2023-12-27 22:27 - 2023-09-05 12:01 - 001701144 _____ (AMD) C:\WINDOWS\system32\amf-mft-mjpeg-decoder64.dll
2023-12-27 22:27 - 2023-09-05 12:01 - 001378344 _____ (AMD) C:\WINDOWS\SysWOW64\amf-mft-mjpeg-decoder32.dll
2023-12-27 22:27 - 2023-09-05 12:01 - 000553400 _____ C:\WINDOWS\system32\amdmiracast.dll
2023-12-27 22:27 - 2023-09-05 12:01 - 000166848 _____ (Advanced Micro Devices, Inc. ) C:\WINDOWS\system32\amdmmcl6.dll
2023-12-27 22:27 - 2023-09-05 12:01 - 000165928 _____ (Advanced Micro Devices, Inc. ) C:\WINDOWS\system32\amdave64.dll
2023-12-27 22:27 - 2023-09-05 12:01 - 000156080 _____ (Advanced Micro Devices, Inc. ) C:\WINDOWS\system32\atimpc64.dll
2023-12-27 22:27 - 2023-09-05 12:01 - 000156080 _____ (Advanced Micro Devices, Inc. ) C:\WINDOWS\system32\amdpcom64.dll
2023-12-27 22:27 - 2023-09-05 12:01 - 000145656 _____ C:\WINDOWS\system32\atidxx64.dll
2023-12-27 22:27 - 2023-09-05 12:01 - 000140360 _____ (Advanced Micro Devices, Inc. ) C:\WINDOWS\SysWOW64\amdave32.dll
2023-12-27 22:27 - 2023-09-05 12:01 - 000135616 _____ (Advanced Micro Devices, Inc. ) C:\WINDOWS\system32\amdmmcl.dll
2023-12-27 22:27 - 2023-09-05 12:01 - 000125840 _____ (Advanced Micro Devices, Inc. ) C:\WINDOWS\SysWOW64\atimpc32.dll
2023-12-27 22:27 - 2023-09-05 12:01 - 000125736 _____ (Advanced Micro Devices, Inc. ) C:\WINDOWS\SysWOW64\amdpcom32.dll
2023-12-27 22:27 - 2023-09-05 12:01 - 000119064 _____ C:\WINDOWS\SysWOW64\atidxx32.dll
2023-12-27 22:27 - 2023-09-05 11:00 - 103971832 _____ C:\WINDOWS\system32\amdxc64.so
2023-12-27 22:27 - 2023-09-05 11:00 - 031938072 _____ C:\WINDOWS\system32\hiprt02000_amd.hipfb
2023-12-27 22:27 - 2023-09-05 11:00 - 023302232 _____ C:\WINDOWS\system32\hiprt02000_nv.fatbin
2023-12-27 22:27 - 2023-09-05 11:00 - 002433848 _____ C:\WINDOWS\system32\oro_compiled_kernels.hipfb
2023-12-27 22:27 - 2023-09-05 11:00 - 002000584 _____ C:\WINDOWS\system32\oro_compiled_kernels.fatbin
2023-12-27 22:27 - 2023-09-05 11:00 - 000154384 _____ C:\WINDOWS\system32\samu_krnl_ci.sbin
2023-12-27 22:27 - 2023-09-05 11:00 - 000138832 _____ C:\WINDOWS\system32\samu_krnl_isv_ci.sbin
2023-12-27 22:27 - 2023-09-05 11:00 - 000128048 _____ C:\WINDOWS\system32\kapp_ci.sbin
2023-12-27 22:27 - 2023-09-05 11:00 - 000121168 _____ C:\WINDOWS\system32\kapp_si.sbin
2023-12-27 22:27 - 2023-05-24 12:42 - 000061888 _____ (Advanced Micro Devices, Inc.) C:\WINDOWS\system32\Drivers\amdxe.sys
2023-12-27 21:48 - 2023-12-27 22:25 - 000000214 _____ C:\WINDOWS\Tasks\CreateExplorerShellUnelevatedTask.job
2023-12-27 21:39 - 2023-12-27 21:39 - 000000000 ____D C:\Users\spravce\AppData\Local\setup
2023-12-27 21:39 - 2023-12-27 21:39 - 000000000 ____D C:\Program Files (x86)\AMD
2023-12-27 21:29 - 2023-12-27 21:29 - 000000000 ____D C:\Users\spravce\AppData\Local\cache
2023-12-27 21:18 - 2023-12-27 21:18 - 000000000 ____D C:\ProgramData\Propagation
2023-12-27 00:08 - 2024-01-17 10:51 - 000000000 ____D C:\Users\spravce\AppData\Local\AMD_Common
2023-12-27 00:05 - 2023-12-27 22:31 - 000000000 ____D C:\AMD

==================== One month (modified) ==================

(If an entry is included in the fixlist, the file/folder will be moved.)

2024-01-26 18:41 - 2022-05-07 06:24 - 000000000 ____D C:\WINDOWS\SystemTemp
2024-01-26 18:41 - 2022-05-07 06:24 - 000000000 ____D C:\WINDOWS\AppReadiness
2024-01-26 18:41 - 2022-05-07 06:24 - 000000000 ____D C:\ProgramData\regid.1991-06.com.microsoft
2024-01-26 18:41 - 2021-07-28 08:31 - 000000000 ____D C:\Program Files (x86)\Google
2024-01-25 01:02 - 2021-07-28 09:08 - 000000000 ____D C:\Users\spravce\AppData\Roaming\Microsoft\Word
2024-01-24 23:44 - 2023-02-25 18:21 - 001718028 _____ C:\WINDOWS\system32\PerfStringBackup.INI
2024-01-24 23:44 - 2022-05-07 06:22 - 000000000 ____D C:\WINDOWS\INF
2024-01-24 23:40 - 2023-03-03 11:49 - 000001607 _____ C:\WINDOWS\system32\config\VSMIDK
2024-01-24 23:40 - 2023-02-25 18:19 - 000000006 ____H C:\WINDOWS\Tasks\SA.DAT
2024-01-24 23:40 - 2023-02-25 18:14 - 000000000 ____D C:\WINDOWS\system32\SleepStudy
2024-01-24 23:40 - 2022-05-07 06:24 - 000000000 ____D C:\WINDOWS\ServiceState
2024-01-24 23:40 - 2021-07-28 07:11 - 000012288 ___SH C:\DumpStack.log.tmp
2024-01-24 18:24 - 2022-05-07 06:17 - 000786432 _____ C:\WINDOWS\system32\config\BBI
2024-01-24 18:24 - 2021-07-28 07:24 - 000065536 _____ C:\WINDOWS\system32\spu_storage.bin
2024-01-24 17:43 - 2022-05-07 06:24 - 000000000 ___HD C:\Program Files\WindowsApps
2024-01-24 17:04 - 2023-07-12 12:46 - 000017683 _____ C:\Users\spravce\Desktop\Ostrava - seznam domů městských částí.xlsx
2024-01-24 17:02 - 2021-08-02 13:59 - 000000000 ____D C:\Users\spravce\AppData\Roaming\Microsoft\Excel
2024-01-24 11:33 - 2022-05-07 06:24 - 000000000 ___HD C:\WINDOWS\ELAMBKUP
2024-01-24 10:08 - 2021-07-28 07:24 - 000000000 ____D C:\Users\spravce\AppData\Local\D3DSCache
2024-01-24 08:48 - 2021-07-28 10:48 - 000000000 ____D C:\Users\spravce\AppData\Roaming\Microsoft\Teams
2024-01-24 00:37 - 2022-01-28 20:31 - 000000000 ____D C:\Users\spravce\Downloads\new moviez
2024-01-23 16:48 - 2021-07-31 22:01 - 000000000 ____D C:\Users\spravce\Documents\Vuze Downloads
2024-01-23 16:48 - 2021-07-31 22:00 - 000000000 ____D C:\Users\spravce\AppData\Roaming\Azureus
2024-01-22 11:33 - 2021-07-28 07:14 - 000000000 ____D C:\Users\spravce\AppData\Local\Packages
2024-01-19 07:53 - 2021-07-28 08:32 - 000002247 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Google Chrome.lnk
2024-01-19 07:53 - 2021-07-28 08:28 - 000002436 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Microsoft Edge.lnk
2024-01-18 17:16 - 2021-08-23 13:27 - 000000000 ____D C:\Users\spravce\AppData\Roaming\Microsoft\PowerPoint
2024-01-18 17:16 - 2021-08-12 14:53 - 000000000 ____D C:\Users\spravce\Documents\Bulligo
2024-01-16 10:27 - 2023-02-25 18:19 - 000004562 _____ C:\WINDOWS\system32\Tasks\Adobe Acrobat Update Task
2024-01-16 10:27 - 2022-10-13 08:18 - 000002073 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Adobe Acrobat.lnk
2024-01-13 20:04 - 2021-07-28 08:42 - 000000000 ____D C:\Program Files\Microsoft Office
2024-01-12 10:31 - 2021-07-28 07:30 - 000918944 ____N (Microsoft Corporation) C:\WINDOWS\system32\MpSigStub.exe
2024-01-11 11:14 - 2021-09-24 21:39 - 000000000 ____D C:\Users\spravce\Downloads\PS4 stuff
2024-01-11 00:02 - 2023-02-25 18:14 - 000471176 _____ C:\WINDOWS\system32\FNTCACHE.DAT
2024-01-11 00:01 - 2023-10-12 16:31 - 000000000 ____D C:\WINDOWS\system32\Microsoft-Edge-WebView
2024-01-11 00:01 - 2022-05-07 06:24 - 000000000 ___SD C:\WINDOWS\SysWOW64\DiagSvcs
2024-01-11 00:01 - 2022-05-07 06:24 - 000000000 ___SD C:\WINDOWS\system32\DiagSvcs
2024-01-11 00:01 - 2022-05-07 06:24 - 000000000 ____D C:\WINDOWS\SystemResources
2024-01-11 00:01 - 2022-05-07 06:24 - 000000000 ____D C:\WINDOWS\ShellExperiences
2024-01-11 00:01 - 2022-05-07 06:24 - 000000000 ____D C:\WINDOWS\bcastdvr
2024-01-10 21:21 - 2021-07-28 07:25 - 000000000 ____D C:\WINDOWS\system32\MRT
2024-01-10 21:19 - 2021-07-28 07:25 - 189718008 ____C (Microsoft Corporation) C:\WINDOWS\system32\MRT.exe
2024-01-10 21:04 - 2022-05-07 06:17 - 000000000 ____D C:\WINDOWS\CbsTemp
2024-01-10 21:02 - 2023-02-25 18:15 - 003212800 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\PrintConfig.dll
2024-01-10 20:58 - 2023-10-16 23:56 - 000000000 ____D C:\Program Files\dotnet
2024-01-10 20:58 - 2021-12-12 00:23 - 000000000 ____D C:\ProgramData\Package Cache
2024-01-09 12:35 - 2021-08-10 15:10 - 000002241 _____ C:\Users\spravce\Desktop\Discord.lnk
2024-01-06 19:21 - 2021-07-28 08:54 - 000000000 ____D C:\Users\spravce\AppData\LocalLow\Adobe
2024-01-04 18:05 - 2022-05-07 06:24 - 000000000 ____D C:\WINDOWS\system32\SecurityHealth
2024-01-01 19:32 - 2021-08-04 13:50 - 000000000 ____D C:\Games
2023-12-29 01:29 - 2021-07-31 14:36 - 000000000 ____D C:\Users\spravce\Documents\Moje e-knihy
2023-12-29 01:19 - 2023-02-25 18:19 - 000003130 _____ C:\WINDOWS\system32\Tasks\OneDrive Reporting Task-S-1-5-21-3232083344-1562268770-1372096952-1001
2023-12-29 01:19 - 2023-02-25 18:19 - 000002776 _____ C:\WINDOWS\system32\Tasks\OneDrive Per-Machine Standalone Update Task
2023-12-29 01:10 - 2023-03-13 21:34 - 000000000 ____D C:\WINDOWS\Minidump
2023-12-29 01:10 - 2023-02-23 14:01 - 000000000 ___DC C:\WINDOWS\Panther
2023-12-29 01:10 - 2022-05-07 06:24 - 000000000 ____D C:\WINDOWS\LiveKernelReports
2023-12-29 01:10 - 2021-08-05 13:27 - 000000000 ____D C:\Program Files (x86)\Steam
2023-12-28 21:38 - 2021-08-10 15:10 - 000000000 ____D C:\Users\spravce\AppData\Roaming\discord
2023-12-28 21:38 - 2021-08-10 15:10 - 000000000 ____D C:\Users\spravce\AppData\Local\Discord
2023-12-28 21:31 - 2020-05-13 01:39 - 000177784 _____ (ELAN Microelectronic Corp.) C:\WINDOWS\system32\Drivers\ETDI2C.sys
2023-12-28 15:46 - 2021-07-28 07:24 - 000000000 ____D C:\Users\spravce\AppData\Local\AMD
2023-12-27 22:30 - 2021-07-28 07:24 - 000000000 ____D C:\Program Files\AMD
2023-12-27 22:30 - 2021-07-28 07:14 - 000000000 ____D C:\ProgramData\Packages
2023-12-27 00:07 - 2021-07-28 07:24 - 000000000 ____D C:\WINDOWS\system32\AMD

==================== SigCheck ============================

(There is no automatic fix for files that do not pass verification.)

==================== End of FRST.txt ========================

[c.johnson]

Security Check by screen317 mi nefunguje po stažení ani z jednoho z přiložených odkazů :(

[jaro3]

Stáhni znovu dej do dokumentů a zkus spustit security check.

Date: 2024-01-23 14:51:01
Description:
Antivirová ochrana v programu Microsoft Defender zjistil malware nebo jiný potenciálně nežádoucí software.
Další informace:
https://go.microsoft.com/fwlink/?linkid ... terprise=0
Název: Trojan:Win32/Malgent
Závažnost: Vážné
Kategorie: Trojský kůň
Cesta: file:_C:\Games\SP Football Life 2024\FL_2024 U.exe
Původ detekce: Místní počítač
Typ detekce: FastPath
Zdroj detekce: Ochrana v reálném čase
Uživatel: DESKTOP-S3P3PFR\spravce
Název procesu: C:\Windows\explorer.exe
Verze bezpečnostních informací: AV: 1.403.2565.0, AS: 1.403.2565.0, NIS: 1.403.2565.0
Verze modulu: AM: 1.1.23110.2, NIS: 1.1.23110.2

Date: 2024-01-23 10:25:25
Description:
Antivirová ochrana v programu Microsoft Defender zjistil malware nebo jiný potenciálně nežádoucí software.
Další informace:
https://go.microsoft.com/fwlink/?linkid ... terprise=0
Název: Trojan:Win32/Malgent!MSR
Závažnost: Vážné
Kategorie: Trojský kůň
Cesta: file:_C:\Games\SP Football Life 2024\FL 2024 start.exe; file:_C:\Users\spravce\Desktop\SP Football Life 2024.lnk
Původ detekce: Místní počítač
Typ detekce: Konkrétní
Zdroj detekce: Systém
Uživatel: NT AUTHORITY\SYSTEM
Název procesu: Unknown
Verze bezpečnostních informací: AV: 1.403.2557.0, AS: 1.403.2557.0, NIS: 1.403.2557.0
Verze modulu: AM: 1.1.23110.2, NIS: 1.1.23110.2
Event[0]

Prosím, postupuj následujícím způsobem:
Otevřít poznámkový blok (Start => Všechny programy => Příslušenství => Poznámkový blok).
Prosím, zkopíruj do něj celý obsah níže.

Kód: Vybrat vše

Start
CreateRestorePoint:
CloseProcesses:
FirewallRules: [TCP Query User{471A487A-AFAD-41EA-B1FD-64440F3858E0}C:\games\total war - shogun 2\shogun2.exe] => (Allow) C:\games\total war - shogun 2\shogun2.exe => No File
FirewallRules: [UDP Query User{D95336F7-E88F-4B49-B44A-13708CC01AB5}C:\games\total war - shogun 2\shogun2.exe] => (Allow) C:\games\total war - shogun 2\shogun2.exe => No File
HKLM\SOFTWARE\Policies\Microsoft\Windows\WindowsUpdate: Restriction <==== ATTENTION
Task: {6FD75373-B356-4D3D-81F0-E6EF4F33588A} - System32\Tasks\GoogleUpdateTaskMachineCore => C:\Program Files (x86)\Google\Update\GoogleUpdate.exe [154456 2021-07-28] (Google LLC -> Google LLC)
Task: {9959B5B1-BCD9-4A17-8C7B-5AA67E5A2933} - System32\Tasks\GoogleUpdateTaskMachineUA => C:\Program Files (x86)\Google\Update\GoogleUpdate.exe [154456 2021-07-28] (Google LLC -> Google LLC)
Task: {58612F3C-94B8-498E-B304-AD124B859E3E} - System32\Tasks\Microsoft\Windows\UpdateOrchestrator\MusUx_LogonUpdateResults => %systemroot%\system32\MusNotification.exe LogonUpdateResults (No File)
Task: {C762335B-31B2-432A-A1E0-233746AC7B98} - System32\Tasks\Microsoft\Windows\UpdateOrchestrator\Reboot_AC => %systemroot%\system32\MusNotification.exe /RunOnAC Reboot (No File)
Task: {10EE9ADA-D62A-4B57-92D8-AA3C1DAB0CE9} - System32\Tasks\Microsoft\Windows\UpdateOrchestrator\Reboot_Battery => %systemroot%\system32\MusNotification.exe /RunOnBattery Reboot (No File)
Task: {E0F10DCF-44AD-40E8-9370-FB5DA59F93FB} - System32\Tasks\Microsoft\Windows\UpdateOrchestrator\USO_UxBroker => %systemroot%\system32\MusNotification.exe (No File)
S3 cpuz148; \??\C:\WINDOWS\temp\cpuz148\cpuz148_x64.sys [X] <==== ATTENTION
Virustotal: C:\Games\SP Football Life 2024\FL_2024 U.exe
Virustotal: C:\Users\spravce\Desktop\SP Football Life 2024.lnk

EmptyTemp:
End

(Můžeš použít funkci „vybrat vše“, klepni pravým tlačítkem myši na levé horní políčko v otevřeném poznámkovém bloku a zvol „ Vložit“).

Ulož jej na na plochu jako fixlist.txt


Spusťt FRST a stiskni tlačítko „Fix“ (Opravit) jen jednou a čekej.
Nástroj vypracuje log na ploše (Fixlog.txt), prosím zkopíruj sem celý jeho obsah.

[c.johnson]

Fix result of Farbar Recovery Scan Tool (x64) Version: 25.01.2024
Ran by spravce (26-01-2024 21:56:26) Run:1
Running from C:\Users\spravce\Desktop
Loaded Profiles: spravce
Boot Mode: Normal
==============================================

fixlist content:
*****************
Start
CreateRestorePoint:
CloseProcesses:
FirewallRules: [TCP Query User{471A487A-AFAD-41EA-B1FD-64440F3858E0}C:\games\total war - shogun 2\shogun2.exe] => (Allow) C:\games\total war - shogun 2\shogun2.exe => No File
FirewallRules: [UDP Query User{D95336F7-E88F-4B49-B44A-13708CC01AB5}C:\games\total war - shogun 2\shogun2.exe] => (Allow) C:\games\total war - shogun 2\shogun2.exe => No File
HKLM\SOFTWARE\Policies\Microsoft\Windows\WindowsUpdate: Restriction <==== ATTENTION
Task: {6FD75373-B356-4D3D-81F0-E6EF4F33588A} - System32\Tasks\GoogleUpdateTaskMachineCore => C:\Program Files (x86)\Google\Update\GoogleUpdate.exe [154456 2021-07-28] (Google LLC -> Google LLC)
Task: {9959B5B1-BCD9-4A17-8C7B-5AA67E5A2933} - System32\Tasks\GoogleUpdateTaskMachineUA => C:\Program Files (x86)\Google\Update\GoogleUpdate.exe [154456 2021-07-28] (Google LLC -> Google LLC)
Task: {58612F3C-94B8-498E-B304-AD124B859E3E} - System32\Tasks\Microsoft\Windows\UpdateOrchestrator\MusUx_LogonUpdateResults => %systemroot%\system32\MusNotification.exe LogonUpdateResults (No File)
Task: {C762335B-31B2-432A-A1E0-233746AC7B98} - System32\Tasks\Microsoft\Windows\UpdateOrchestrator\Reboot_AC => %systemroot%\system32\MusNotification.exe /RunOnAC Reboot (No File)
Task: {10EE9ADA-D62A-4B57-92D8-AA3C1DAB0CE9} - System32\Tasks\Microsoft\Windows\UpdateOrchestrator\Reboot_Battery => %systemroot%\system32\MusNotification.exe /RunOnBattery Reboot (No File)
Task: {E0F10DCF-44AD-40E8-9370-FB5DA59F93FB} - System32\Tasks\Microsoft\Windows\UpdateOrchestrator\USO_UxBroker => %systemroot%\system32\MusNotification.exe (No File)
S3 cpuz148; \??\C:\WINDOWS\temp\cpuz148\cpuz148_x64.sys [X] <==== ATTENTION
Virustotal: C:\Games\SP Football Life 2024\FL_2024 U.exe
Virustotal: C:\Users\spravce\Desktop\SP Football Life 2024.lnk

EmptyTemp:
End
*****************

Restore point was successfully created.
Processes closed successfully.
"HKLM\SYSTEM\CurrentControlSet\services\SharedAccess\Parameters\FirewallPolicy\FirewallRules\\TCP Query User{471A487A-AFAD-41EA-B1FD-64440F3858E0}C:\games\total war - shogun 2\shogun2.exe" => removed successfully
"HKLM\SYSTEM\CurrentControlSet\services\SharedAccess\Parameters\FirewallPolicy\FirewallRules\\UDP Query User{D95336F7-E88F-4B49-B44A-13708CC01AB5}C:\games\total war - shogun 2\shogun2.exe" => removed successfully
HKLM\SOFTWARE\Policies\Microsoft\Windows\WindowsUpdate => removed successfully
"HKLM\Software\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Logon\{6FD75373-B356-4D3D-81F0-E6EF4F33588A}" => removed successfully
"HKLM\Software\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tasks\{6FD75373-B356-4D3D-81F0-E6EF4F33588A}" => removed successfully
C:\WINDOWS\System32\Tasks\GoogleUpdateTaskMachineCore => moved successfully
"HKLM\Software\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tree\GoogleUpdateTaskMachineCore" => removed successfully
"HKLM\Software\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Plain\{9959B5B1-BCD9-4A17-8C7B-5AA67E5A2933}" => removed successfully
"HKLM\Software\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tasks\{9959B5B1-BCD9-4A17-8C7B-5AA67E5A2933}" => removed successfully
C:\WINDOWS\System32\Tasks\GoogleUpdateTaskMachineUA => moved successfully
"HKLM\Software\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tree\GoogleUpdateTaskMachineUA" => removed successfully
"HKLM\Software\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Logon\{58612F3C-94B8-498E-B304-AD124B859E3E}" => removed successfully
"HKLM\Software\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tasks\{58612F3C-94B8-498E-B304-AD124B859E3E}" => removed successfully
C:\WINDOWS\System32\Tasks\Microsoft\Windows\UpdateOrchestrator\MusUx_LogonUpdateResults => moved successfully
"HKLM\Software\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tree\Microsoft\Windows\UpdateOrchestrator\MusUx_LogonUpdateResults" => removed successfully
"HKLM\Software\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Plain\{C762335B-31B2-432A-A1E0-233746AC7B98}" => removed successfully
"HKLM\Software\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tasks\{C762335B-31B2-432A-A1E0-233746AC7B98}" => removed successfully
C:\WINDOWS\System32\Tasks\Microsoft\Windows\UpdateOrchestrator\Reboot_AC => moved successfully
"HKLM\Software\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tree\Microsoft\Windows\UpdateOrchestrator\Reboot_AC" => removed successfully
"HKLM\Software\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Plain\{10EE9ADA-D62A-4B57-92D8-AA3C1DAB0CE9}" => removed successfully
"HKLM\Software\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tasks\{10EE9ADA-D62A-4B57-92D8-AA3C1DAB0CE9}" => removed successfully
C:\WINDOWS\System32\Tasks\Microsoft\Windows\UpdateOrchestrator\Reboot_Battery => moved successfully
"HKLM\Software\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tree\Microsoft\Windows\UpdateOrchestrator\Reboot_Battery" => removed successfully
"HKLM\Software\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Plain\{E0F10DCF-44AD-40E8-9370-FB5DA59F93FB}" => removed successfully
"HKLM\Software\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tasks\{E0F10DCF-44AD-40E8-9370-FB5DA59F93FB}" => removed successfully
C:\WINDOWS\System32\Tasks\Microsoft\Windows\UpdateOrchestrator\USO_UxBroker => moved successfully
"HKLM\Software\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tree\Microsoft\Windows\UpdateOrchestrator\USO_UxBroker" => removed successfully
HKLM\System\CurrentControlSet\Services\cpuz148 => removed successfully
cpuz148 => service removed successfully
VirusTotal: C:\Games\SP Football Life 2024\FL_2024 U.exe => 0
VirusTotal: C:\Users\spravce\Desktop\SP Football Life 2024.lnk => 0

=========== EmptyTemp: ==========

FlushDNS => completed
BITS transfer queue => 2621440 B
DOMStore, IE Recovery, AppCache, Feeds Cache, Thumbcache, IconCache => 55111189 B
Java, Discord, Steam htmlcache, WinHttpAutoProxySvc/winhttp *.cache => 1034228473 B
Windows/system/drivers => 2684157 B
Edge => 0 B
Chrome => 1198595959 B
Firefox => 0 B
Opera => 0 B

Temp, IE cache, history, cookies, recent:
Default => 0 B
ProgramData => 0 B
Public => 0 B
systemprofile => 376872 B
systemprofile32 => 376872 B
LocalService => 409308 B
NetworkService => 452450 B
spravce => 359922343 B

RecycleBin => 1852 B
EmptyTemp: => 2.5 GB temporary data Removed.

================================


The system needed a reboot.

==== End of Fixlog 21:57:53 ====

[c.johnson]

security check nejde spustit ani z Dokumentů. Po stažení to má vždy jen 2 kb, je to normální?

[jaro3]

VirusTotal: C:\Games\SP Football Life 2024\FL_2024 U.exe => 0
VirusTotal: C:\Users\spravce\Desktop\SP Football Life 2024.lnk => 0
Ty soubory už tam nejsou?

V možnostech složky si povol zobrazování skrytých souborů a složek+ odškrtni zatržítko skrýt chráněné soubory operačního systému

Toto otestuj na https://www.virustotal.com/#/home/uploadVirustotal
C:\Games\SP Football Life 2024\FL_2024 U.exe
C:\Users\spravce\Desktop\SP Football Life 2024.lnk
C:\USERS\SPRAVCE\DESKTOP\SP Football Life 2024.lnk
C:\GAMES\SP FOOTBALL LIFE 2024\FL 2024 START.EXE

Klikni vpravo od okénka na Vybrat a v Exploreru najdi požadovaný soubor v Tvém PC. Označ ho myší a klikni na Otevřít , poté klikni na Send File. Pokud už byl soubor testován , objeví se okno ve kterém klikni na Reanalyze. Soubor se začne postupně testovat více antivirovými programy. Až skončí test posledního antiviru , objeví se nahoře result a červeně počet nákaz , např. 0/43 , nebo 1/43. Pak zkopíruj myší odkaz na tuto stránku a vlož ji do svého příspěvku.

Nebo na:
http://www.virscan.org/

[c.johnson]

Jsou tam pořád, ale říkal jsem, že je to v pohodě. Je to neoficiální modifikace do hry, kterou mám cíleně staženou. V téhle verzi to antiviry a podobné programy identifikují jako škodlivý software. Tím se nemusíme zabývat.

[jaro3]

Mazat to nebudu, ale přeci jen bych potřeboval vidět všechny antiviry a jejich detekce. To se týká i té ikony?

Co problémy? Co ta instalace? Jdou instalovat ostatní programy?

[c.johnson]

https://www.virustotal.com/gui/file/874 ... ad42f479a5
https://www.virustotal.com/gui/file/0f7 ... 73d5b96153
https://www.virustotal.com/gui/file/874 ... ad42f479a5

Hodně antivirů to prostě detekovat bude. Dokonce se divím, že ty .exe soubory to nahlásilo jenom 2. Je jich totiž více, viz. obrázek dole.
Možná proto, že ostatní nepoužívám. Ikona na ploše je zástupce na FL 2024 START.EXE

Ve zkratce - jsou to všechno spouštěcí soubory k té modifikované hře, optimalizované pro fungování na různých CPU, protože na některých byly potíže s kompatibilitou (https://www.pessmokepatch.com/p/compatibility.html)

.exe soubor při spuštění hry spouští ještě na pozadí sider, přes který se pak ve hře dá ladit další obsah. To je nejspíš jeden z důvodů, proč to pak ty antiviry mají tendenci zachytávat.

Jinak problémy žádné, instalovat normálně jde vše, jen ten security check ne. Zkoušel jsem znovu a pořad stejná chybová hláška.