Prosím o kontrolu Vyřešeno

[Luk4579]

Logfile of HiJackThis Fork by Alex Dragokas v.2.9.0.26

Platform: x64 Windows 10 (Pro), 10.0.26100.3194 (ReleaseId: 2009), Service Pack: 0
Time: 18.02.2025 - 00:25 (UTC+01:00)
Language: OS: Czech (0x405). Display: Czech (0x405). Non-Unicode: Czech (0x405)
Elevated: Yes
Ran by: lukin (group: Administrator) on LUKAS, FirstRun: yes

Chrome: 133.0.6943.98
Internet Explorer: 11.0.26100.1882
Default: "C:\Program Files\Google\Chrome\Application\chrome.exe" --single-argument %1 (Google Chrome)

Boot mode: Normal

Running processes:
Number | Path
7 C:\Program Files (x86)\Microsoft\EdgeWebView\Application\133.0.3065.69\msedgewebview2.exe
4 C:\Program Files (x86)\Samsung\Samsung Magician\SamsungMagician.exe
1 C:\Program Files (x86)\Samsung\Samsung Magician\SamsungMagicianSVC.exe
1 C:\Program Files\NVIDIA Corporation\FrameViewSDK\FvContainer\FvContainer.System.exe
1 C:\Program Files\NVIDIA Corporation\FrameViewSDK\FvContainer\FvContainer.exe
1 C:\Program Files\NVIDIA Corporation\FrameViewSDK\bin\PresentMon_x64.exe
1 C:\Program Files\NVIDIA Corporation\FrameViewSDK\bin\nvrla.exe
1 C:\Program Files\NVIDIA Corporation\FrameViewSDK\nvfvsdksvc_x64.exe
5 C:\Program Files\NVIDIA Corporation\NVIDIA app\CEF\NVIDIA Overlay.exe
1 C:\Program Files\NVIDIA Corporation\NVIDIA app\ShadowPlay\nvsphelper64.exe
4 C:\Program Files\NVIDIA Corporation\NvContainer\nvcontainer.exe
1 C:\Program Files\WindowsApps\Microsoft.StartExperiencesApp_1.1.235.0_x64__8wekyb3d8bbwe\MicrosoftStartFeedProvider\MicrosoftStartFeedProvider.exe
1 C:\Program Files\WindowsApps\Microsoft.WidgetsPlatformRuntime_1.6.2.0_x64__8wekyb3d8bbwe\WidgetService\WidgetService.exe
1 C:\Program Files\WindowsApps\Microsoft.YourPhone_1.25011.56.0_x64__8wekyb3d8bbwe\PhoneExperienceHost.exe
1 C:\Program Files\WindowsApps\MicrosoftWindows.Client.WebExperience_525.1301.30.0_x64__cw5n1h2txyewy\WidgetBoard.exe
1 C:\Program Files\WindowsApps\MicrosoftWindows.CrossDevice_1.25012.50.0_x64__cw5n1h2txyewy\CrossDeviceService.exe
1 C:\ProgramData\Microsoft\Windows Defender\Platform\4.18.24090.11-0\MpDefenderCoreService.exe
1 C:\ProgramData\Microsoft\Windows Defender\Platform\4.18.24090.11-0\MsMpEng.exe
1 C:\ProgramData\Microsoft\Windows Defender\Platform\4.18.24090.11-0\NisSrv.exe
1 C:\Users\lukin\Downloads\HiJackThis\HiJackThis.exe
1 C:\Windows\ImmersiveControlPanel\SystemSettings.exe
1 C:\Windows\System32\AggregatorHost.exe
1 C:\Windows\System32\ApplicationFrameHost.exe
2 C:\Windows\System32\DriverStore\FileRepository\nv_dispi.inf_amd64_52f3d9d461d3ba3c\Display.NvContainer\NVDisplay.Container.exe
2 C:\Windows\System32\DriverStore\FileRepository\realtekservice.inf_amd64_2c6939fa3ca49312\RtkAudUService64.exe
4 C:\Windows\System32\RuntimeBroker.exe
1 C:\Windows\System32\SearchIndexer.exe
1 C:\Windows\System32\SearchProtocolHost.exe
1 C:\Windows\System32\SecurityHealthService.exe
1 C:\Windows\System32\SecurityHealthSystray.exe
1 C:\Windows\System32\ShellHost.exe
1 C:\Windows\System32\audiodg.exe
2 C:\Windows\System32\csrss.exe
1 C:\Windows\System32\ctfmon.exe
1 C:\Windows\System32\dllhost.exe
1 C:\Windows\System32\dwm.exe
2 C:\Windows\System32\fontdrvhost.exe
1 C:\Windows\System32\lsass.exe
1 C:\Windows\System32\services.exe
1 C:\Windows\System32\sihost.exe
1 C:\Windows\System32\smartscreen.exe
1 C:\Windows\System32\smss.exe
1 C:\Windows\System32\spoolsv.exe
74 C:\Windows\System32\svchost.exe
2 C:\Windows\System32\taskhostw.exe
2 C:\Windows\System32\wbem\WmiPrvSE.exe
1 C:\Windows\System32\wbem\unsecapp.exe
1 C:\Windows\System32\wininit.exe
1 C:\Windows\System32\winlogon.exe
1 C:\Windows\SystemApps\Microsoft.Windows.StartMenuExperienceHost_cw5n1h2txyewy\StartMenuExperienceHost.exe
1 C:\Windows\SystemApps\MicrosoftWindows.Client.CBS_cw5n1h2txyewy\SearchHost.exe
1 C:\Windows\explorer.exe

O2 - HKLM\..\BHO: IEToEdge BHO - {1FD49718-1D00-4B19-AF5F-070AF6D5D54C} - C:\Program Files (x86)\Microsoft\Edge\Application\133.0.3065.69\BHO\ie_to_edge_bho_64.dll
O2-32 - HKLM\..\BHO: IEToEdge BHO - {1FD49718-1D00-4B19-AF5F-070AF6D5D54C} - C:\Program Files (x86)\Microsoft\Edge\Application\133.0.3065.69\BHO\ie_to_edge_bho.dll
O4 - HKCU\..\StartupApproved\Run: [MicrosoftEdgeAutoLaunch_C2A946453535DAC8E26670192D3842C0] = C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe --no-startup-window --win-session-start (2024/09/23)
O4 - HKLM\..\Run: [RtkAudUService] = C:\WINDOWS\System32\DriverStore\FileRepository\realtekservice.inf_amd64_2c6939fa3ca49312\RtkAudUService64.exe -background
O4 - HKU\S-1-5-19\..\Run: [OneDriveSetup] = C:\Windows\System32\OneDriveSetup.exe /thfirstsetup (Microsoft)
O4 - HKU\S-1-5-19\..\RunOnce: [WAB Migrate] = C:\Program Files\Windows Mail\wab.exe /Upgrade
O4 - HKU\S-1-5-20\..\Run: [OneDriveSetup] = C:\Windows\System32\OneDriveSetup.exe /thfirstsetup (Microsoft)
O4 - HKU\S-1-5-20\..\RunOnce: [WAB Migrate] = C:\Program Files\Windows Mail\wab.exe /Upgrade
O10 - Unknown file in Winsock LSP: C:\WINDOWS\system32\nlansp_c.dll
O17 - DHCP DNS 1: 192.168.1.1
O21 - HKLM\..\ShellIconOverlayIdentifiers\ OneDrive1: (no name) - {BBACC218-34EA-4666-9D7A-C78F2274A524} - (no file)
O21 - HKLM\..\ShellIconOverlayIdentifiers\ OneDrive2: (no name) - {5AB7172C-9C11-405C-8DD5-AF20F3606282} - (no file)
O21 - HKLM\..\ShellIconOverlayIdentifiers\ OneDrive3: (no name) - {A78ED123-AB77-406B-9962-2A5D9D2F7F30} - (no file)
O21 - HKLM\..\ShellIconOverlayIdentifiers\ OneDrive4: (no name) - {F241C880-6982-4CE5-8CF7-7085BA96DA5A} - (no file)
O21 - HKLM\..\ShellIconOverlayIdentifiers\ OneDrive5: (no name) - {A0396A93-DC06-4AEF-BEE9-95FFCCAEF20E} - (no file)
O21 - HKLM\..\ShellIconOverlayIdentifiers\ OneDrive6: (no name) - {9AA2F32D-362A-42D9-9328-24A483E2CCC3} - (no file)
O21 - HKLM\..\ShellIconOverlayIdentifiers\ OneDrive7: (no name) - {C5FF006E-2AE9-408C-B85B-2DFDD5449D9C} - (no file)
O21-32 - HKLM\..\ShellIconOverlayIdentifiers\ OneDrive1: (no name) - {BBACC218-34EA-4666-9D7A-C78F2274A524} - (no file)
O21-32 - HKLM\..\ShellIconOverlayIdentifiers\ OneDrive2: (no name) - {5AB7172C-9C11-405C-8DD5-AF20F3606282} - (no file)
O21-32 - HKLM\..\ShellIconOverlayIdentifiers\ OneDrive3: (no name) - {A78ED123-AB77-406B-9962-2A5D9D2F7F30} - (no file)
O21-32 - HKLM\..\ShellIconOverlayIdentifiers\ OneDrive4: (no name) - {F241C880-6982-4CE5-8CF7-7085BA96DA5A} - (no file)
O21-32 - HKLM\..\ShellIconOverlayIdentifiers\ OneDrive5: (no name) - {A0396A93-DC06-4AEF-BEE9-95FFCCAEF20E} - (no file)
O21-32 - HKLM\..\ShellIconOverlayIdentifiers\ OneDrive6: (no name) - {9AA2F32D-362A-42D9-9328-24A483E2CCC3} - (no file)
O21-32 - HKLM\..\ShellIconOverlayIdentifiers\ OneDrive7: (no name) - {C5FF006E-2AE9-408C-B85B-2DFDD5449D9C} - (no file)
O22 - Task: (disabled) \Microsoft\Windows\Clip\LicenseImdsIntegration - C:\WINDOWS\system32\fclip.exe (Microsoft)
O22 - Task: (disabled) \Microsoft\Windows\Flighting\FeatureConfig\BootstrapUsageDataReporting - {D759C938-B375-41CB-A2A2-E6D866A767F4} - C:\Windows\System32\fcon.dll (Microsoft)
O22 - Task: (disabled) \Microsoft\Windows\Management\Autopilot\DetectHardwareChange - {62B2DD2C-F129-42EE-BF59-55D3FD21C215},DetectHardwareChange - C:\Windows\System32\Autopilot.dll (Microsoft)
O22 - Task: (disabled) \Microsoft\Windows\Management\Autopilot\RemediateHardwareChange - {62B2DD2C-F129-42EE-BF59-55D3FD21C215},RemediateHardwareChange - C:\Windows\System32\Autopilot.dll (Microsoft)
O22 - Task: (disabled) \Microsoft\Windows\Management\Provisioning\MdmDiagnosticsCleanup - C:\WINDOWS\system32\MdmDiagnosticsTool.exe /clean (Microsoft)
O22 - Task: (disabled) \Microsoft\Windows\Management\Provisioning\Retry - C:\WINDOWS\system32\ProvTool.exe /turn 5 /source ProvRetryTask (Microsoft)
O22 - Task: (disabled) \Microsoft\Windows\Management\Provisioning\RunOnReboot - C:\WINDOWS\system32\ProvTool.exe /turn 5 /source ContinueSessionTask (Microsoft)
O22 - Task: (disabled) \Microsoft\Windows\Printing\PrintJobCleanupTask - {8ABCE260-32B6-476C-AE13-B34D0C91292D} - C:\Windows\System32\PrinterCleanupTask.dll (Microsoft)
O22 - Task: (disabled) \Microsoft\Windows\Servicing\OOBEFodSetup - C:\WINDOWS\system32\OOBEFodSetup.exe (Microsoft)
O22 - Task: (disabled) \Microsoft\Windows\SharedPC\Account Cleanup - {7750564D-D61C-4557-8A9D-7DF56BDCFF96} - C:\WINDOWS\system32\Windows.SharedPC.AccountManager.dll (Microsoft)
O22 - Task: (disabled) \Microsoft\Windows\Shell\ThemeAssetTask_SyncFODState - {3BC5DD7D-EA3B-428C-B9B6-0723DB6A1057} - C:\Windows\System32\Windows.UI.Immersive.dll (Microsoft)
O22 - Task: (disabled) \Microsoft\Windows\UpdateOrchestrator\Schedule Maintenance Work - C:\WINDOWS\system32\usoclient.exe StartMaintenanceWork (Microsoft)
O22 - Task: (disabled) \Microsoft\Windows\UpdateOrchestrator\Schedule Wake To Work - C:\WINDOWS\system32\usoclient.exe StartWork (Microsoft)
O22 - Task: (telemetry) \Microsoft\Windows\Application Experience\MareBackup - C:\WINDOWS\system32\compattelrunner.exe -m:aeinv.dll -f:UpdateSoftwareInventoryW invsvc (Microsoft)
O22 - Task: (telemetry) \Microsoft\Windows\Application Experience\MareBackup - C:\WINDOWS\system32\compattelrunner.exe -m:aemarebackup.dll -f:BackupMareData (Microsoft)
O22 - Task: (telemetry) \Microsoft\Windows\Application Experience\MareBackup - C:\WINDOWS\system32\compattelrunner.exe -m:appraiser.dll -f:DoScheduledTelemetryRun (Microsoft)
O22 - Task: (telemetry) \Microsoft\Windows\Application Experience\Microsoft Compatibility Appraiser - C:\WINDOWS\system32\sc.exe start InventorySvc
O22 - Task: (telemetry) \Microsoft\Windows\Application Experience\Microsoft Compatibility Appraiser Exp - C:\WINDOWS\system32\compattelrunner.exe -m:appraiser.dll -f:DoScheduledTelemetryRun express (Microsoft)
O22 - Task: (telemetry) \Microsoft\Windows\Application Experience\PcaPatchDbTask - C:\WINDOWS\system32\rundll32.exe C:\WINDOWS\system32\PcaSvc.dll,PcaPatchSdbTask (Microsoft)
O22 - Task: (telemetry) \Microsoft\Windows\Application Experience\SdbinstMergeDbTask - C:\WINDOWS\system32\sdbinst.exe -mm (Microsoft)
O22 - Task: (telemetry) \Microsoft\Windows\Sustainability\SustainabilityTelemetry - {6EE41D75-D091-4FB7-9AD5-018760DD25D4} - C:\WINDOWS\system32\EcoScoreTask.dll (Microsoft)
O22 - Task: GPU Tweak III - C:\Program Files (x86)\ASUS\GPUTweakIII\GPU Tweak III.exe (file missing)
O22 - Task: NVIDIA app SelfUpdate_{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8} - C:\Program Files\NVIDIA Corporation\NVIDIA app\CEF\NVIDIA app.exe
O22 - Task: SamsungMagician - C:\Program Files (x86)\Samsung\Samsung Magician\SamsungMagician.exe --disable-gpu-sandbox /AUTOHIDE
O22 - Task: \GoogleSystem\GoogleUpdater\GoogleUpdaterTaskSystem134.0.6985.0{0BAFE448-88A8-489F-B467-C065CAFB40D6} - C:\Program Files (x86)\Google\GoogleUpdater\134.0.6985.0\updater.exe --wake --system
O22 - Task: \Meta\Messenger-WSP-Helper-S-1-5-21-3977676359-3934739732-2708753334-1001 - MessengerHelper.exe --lassie (file missing)
O22 - Task: \Microsoft\Windows\AppListBackup\Backup - {E0DCC2CC-3354-45F2-8914-519E07809082} - C:\WINDOWS\system32\AppListBackupLauncher.dll (Microsoft)
O22 - Task: \Microsoft\Windows\AppListBackup\BackupNonMaintenance - {E0DCC2CC-3354-45F2-8914-519E07809082} - C:\WINDOWS\system32\AppListBackupLauncher.dll (Microsoft)
O22 - Task: \Microsoft\Windows\AppxDeploymentClient\UCPD velocity - C:\WINDOWS\system32\UCPDMgr.exe (Microsoft)
O22 - Task: \Microsoft\Windows\CloudRestore\Backup - {722D0F89-B69C-4700-AE8C-4A44350E4876},$(Arg0) - C:\Windows\System32\CloudRestoreLauncher.dll (Microsoft)
O22 - Task: \Microsoft\Windows\CloudRestore\Restore - {b4bcfa6f-948d-46b8-bf27-e8b1117e23b3} - C:\WINDOWS\system32\CloudRestoreLauncher.dll (Microsoft)
O22 - Task: \Microsoft\Windows\ConsentUX\UnifiedConsent\UnifiedConsentSyncTask - {82AA0895-198A-4C1B-B2D1-C16894218AFB} - C:\WINDOWS\System32\unifiedconsent.dll (Microsoft)
O22 - Task: \Microsoft\Windows\Containers\CmCleanup - {F50E9363-6BC8-4DC5-8CAB-7D9F8C1B81B4} - C:\WINDOWS\System32\cmcleanup.dll (Microsoft)
O22 - Task: \Microsoft\Windows\Diagnosis\UnexpectedCodepath - C:\WINDOWS\system32\UCConfigTask.exe (Microsoft)
O22 - Task: \Microsoft\Windows\DiskCleanup\SilentCleanup - C:\WINDOWS\system32\cleanmgr.exe /autocleanstoragesense /d C: (Microsoft)
O22 - Task: \Microsoft\Windows\Flighting\FeatureConfig\ReconcileConfigs - {15F5ECE1-4550-4A92-8E26-984FD1DA54FA} - C:\WINDOWS\System32\fcon.dll (Microsoft)
O22 - Task: \Microsoft\Windows\Flighting\FeatureConfig\UsageDataReceiver - {D4C0420F-76BD-4F66-A91F-918A93ABEBEB} - C:\Windows\System32\fcon.dll (Microsoft)
O22 - Task: \Microsoft\Windows\Input\InputSettingsRestoreDataAvailable - {378EAB97-EFD6-4ED5-9AD9-E64A6AA1E6FA},InputSettingsRestoreDataAvailable - C:\Windows\System32\InputCloudStore.dll (Microsoft)
O22 - Task: \Microsoft\Windows\Input\RemoteMouseSyncDataAvailable - {378EAB97-EFD6-4ED5-9AD9-E64A6AA1E6FA},RemoteMouseSyncDataAvailable - C:\Windows\System32\InputCloudStore.dll (Microsoft)
O22 - Task: \Microsoft\Windows\Input\RemotePenSyncDataAvailable - {378EAB97-EFD6-4ED5-9AD9-E64A6AA1E6FA},RemotePenSyncDataAvailable - C:\Windows\System32\InputCloudStore.dll (Microsoft)
O22 - Task: \Microsoft\Windows\Input\RemoteTouchpadSyncDataAvailable - {378EAB97-EFD6-4ED5-9AD9-E64A6AA1E6FA},RemoteTouchpadSyncDataAvailable - C:\Windows\System32\InputCloudStore.dll (Microsoft)
O22 - Task: \Microsoft\Windows\Input\syncpensettings - {3ECEE215-83F5-4123-A592-74F1FE4C3D59},SYNC_PEN_SETTINGS - C:\Windows\System32\SettingsHandlers_Pen.dll (Microsoft)
O22 - Task: \Microsoft\Windows\InstallService\RestoreDevice - {7F019157-05C8-473F-8664-2BA04A090DC8} - C:\Windows\System32\InstallServiceTasks.dll (Microsoft)
O22 - Task: \Microsoft\Windows\Kernel\La57Cleanup - C:\WINDOWS\system32\la57setup.exe (Microsoft)
O22 - Task: \Microsoft\Windows\Location\Notifications - C:\WINDOWS\System32\LocationNotificationWindows.exe (file missing)
O22 - Task: \Microsoft\Windows\Network Connectivity Status Indicator\NcsiIdentifyUserProxies - {706B965A-8308-4CD4-9900-87C2D79C121B} - C:\Windows\System32\netprofm.dll (Microsoft)
O22 - Task: \Microsoft\Windows\PerformanceTrace\RequestTrace - {9EFEB182-2EE3-4AF9-AFFA-521410D110D1} - C:\WINDOWS\system32\PerformanceTraceHandler.dll (Microsoft)
O22 - Task: \Microsoft\Windows\Printing\PrinterCleanupTask - {C56F065E-DE49-4E42-BE7C-305C45609D25} - C:\Windows\System32\PrinterCleanupTask.dll (Microsoft)
O22 - Task: \Microsoft\Windows\ReFsDedupSvc\Initialization - {DCFF735B-64F7-45F3-B39C-6C66BBE2120F} - C:\WINDOWS\System32\ReFsDedupSvc.exe (Microsoft)
O22 - Task: \Microsoft\Windows\Shell\ThemesSyncedImageDownload - {79F8E185-4E45-4B74-8182-02AA430661E4} - C:\Windows\System32\Themes.SsfDownload.ScheduledTask.dll (Microsoft)
O22 - Task: \Microsoft\Windows\Sustainability\PowerGridForecastTask - {251E5B1F-E370-4E12-B5BD-B7AD2A8EE810} - C:\WINDOWS\system32\PowerGridForecastTask.dll (Microsoft)
O22 - Task: \Microsoft\Windows\TPM\Tpm-PreAttestationHealthCheck - {5014B7C8-934E-4262-9816-887FA745A6C4},TpmPreAttestationHealthCheck - C:\WINDOWS\system32\TpmTasks.dll (Microsoft)
O22 - Task: \Microsoft\Windows\UpdateOrchestrator\Start Oobe Expedite Work - C:\WINDOWS\system32\usoclient.exe StartWork (Microsoft)
O22 - Task: \Microsoft\Windows\UpdateOrchestrator\StartOobeAppsScanAfterUpdate - C:\WINDOWS\system32\usoclient.exe StartOobeAppsScanAfterUpdate (Microsoft)
O22 - Task: \Microsoft\Windows\UpdateOrchestrator\StartOobeAppsScan_LicenseAccepted - C:\WINDOWS\system32\usoclient.exe StartOobeAppsScan (Microsoft)
O22 - Task: \Microsoft\Windows\UpdateOrchestrator\UIEOrchestrator - C:\WINDOWS\system32\UIEOrchestrator.exe /SendHeartbeat (Microsoft)
O22 - Task: \Microsoft\Windows\UpdateOrchestrator\USO_UxBroker - C:\WINDOWS\system32\MusNotification.exe (file missing)
O22 - Task: \Microsoft\Windows\UpdateOrchestrator\UUS Failover Task - C:\WINDOWS\System32\MLEngineStub.exe HandleUusFailoverEvaluationSignalFromWnf (Microsoft)
O22 - Task: \Microsoft\Windows\WindowsUpdate\Refresh Group Policy Cache - {07369A67-07A6-4608-ABEA-379491CB7C46} - C:\Windows\System32\UpdatePolicy.dll (Microsoft)
O22 - Task: \Microsoft\Windows\WlanSvc\MoProfileManagement - {085EDA12-CF4A-4944-8222-8ADCADE137CB} - C:\Windows\System32\WlanMediaManager.dll (Microsoft)
O22 - Task: \Microsoft\Windows\capabilityaccessmanager\maintenancetasks - C:\WINDOWS\system32\rundll32.exe C:\WINDOWS\system32\CapabilityAccessManager.dll,CapabilityAccessManagerDoStoreMaintenance (Microsoft)
O23 - Service R2: Microsoft Defender Core Service - (MDCoreSvc) - C:\ProgramData\Microsoft\Windows Defender\Platform\4.18.24090.11-0\MpDefenderCoreService.exe
O23 - Service R2: NVIDIA Display Container LS - (NVDisplay.ContainerLocalSystem) - C:\WINDOWS\System32\DriverStore\FileRepository\nv_dispi.inf_amd64_52f3d9d461d3ba3c\Display.NvContainer\NVDisplay.Container.exe -s NVDisplay.ContainerLocalSystem -f C:\ProgramData\NVIDIA\NVDisplay.ContainerLocalSystem.log -l 3 -d C:\WINDOWS\System32\DriverStore\FileRepository\nv_dispi.inf_amd64_52f3d9d461d3ba3c\Display.NvContainer\plugins\LocalSystem -r -p 30000 -cfg NVDisplay.ContainerLocalSystem\LocalSystem /ert
O23 - Service R2: NVIDIA LocalSystem Container - (NvContainerLocalSystem) - C:\Program Files\NVIDIA Corporation\NvContainer\nvcontainer.exe -s NvContainerLocalSystem -a -f "C:\ProgramData\NVIDIA Corporation\NVIDIA app\NvContainer\NvContainerLocalSystem.log" -l 3 -d "C:\Program Files\NVIDIA Corporation\NvContainer\plugins\LocalSystem" -r -p 30000 -ert
O23 - Service R2: Realtek Audio Universal Service - (RtkAudioUniversalService) - C:\WINDOWS\System32\DriverStore\FileRepository\realtekservice.inf_amd64_2c6939fa3ca49312\RtkAudUService64.exe
O23 - Service R2: SamsungMagicianSVC - C:\Program Files (x86)\Samsung\Samsung Magician\SamsungMagicianSVC.exe
O23 - Service R3: NVIDIA FrameView SDK service - (FvSvc) - C:\Program Files\NVIDIA Corporation\FrameViewSDK\nvfvsdksvc_x64.exe -service
O23 - Service S2: Aktualizační služba Google (GoogleUpdaterService134.0.6985.0) - (GoogleUpdaterService134.0.6985.0) - C:\Program Files (x86)\Google\GoogleUpdater\134.0.6985.0\updater.exe --system --windows-service --service=update
O23 - Service S2: AsusUpdateCheck - C:\WINDOWS\System32\AsusUpdateCheck.exe
O23 - Service S2: CMigrationService - C:\Program Files (x86)\Samsung\Samsung Magician\MigrationService\MigrationService.exe
O23 - Service S2: Interní aktualizační služba Google (GoogleUpdaterInternalService134.0.6985.0) - (GoogleUpdaterInternalService134.0.6985.0) - C:\Program Files (x86)\Google\GoogleUpdater\134.0.6985.0\updater.exe --system --windows-service --service=update-internal
O23 - Service S3: Epic Online Services - (EpicOnlineServices) - C:\Program Files (x86)\Epic Games\Epic Online Services\service\EpicOnlineServicesHost.exe
O23 - Service S3: Google Chrome Elevation Service (GoogleChromeElevationService) - (GoogleChromeElevationService) - C:\Program Files\Google\Chrome\Application\133.0.6943.98\elevation_service.exe


--
End of file - Time spent: 8,8 sec. - 38480 bytes, CRC32: FFFFFFFF. Sign: 啟踑

[Reklama]

[Luk4579]

-------------------------------
# Malwarebytes AdwCleaner 8.4.2.0
# -------------------------------
# Build: 03-04-2024
# Database: 2024-03-04.1 (Local)
# Support: https://www.malwarebytes.com/support
#
# -------------------------------
# Mode: Clean
# -------------------------------
# Start: 02-18-2025
# Duration: 00:00:00
# OS: Windows 11 (Build 26100.3194)
# Cleaned: 0
# Failed: 0


***** [ Services ] *****

No malicious services cleaned.

***** [ Folders ] *****

No malicious folders cleaned.

***** [ Files ] *****

No malicious files cleaned.

***** [ DLL ] *****

No malicious DLLs cleaned.

***** [ WMI ] *****

No malicious WMI cleaned.

***** [ Shortcuts ] *****

No malicious shortcuts cleaned.

***** [ Tasks ] *****

No malicious tasks cleaned.

***** [ Registry ] *****

No malicious registry entries cleaned.

***** [ Chromium (and derivatives) ] *****

No malicious Chromium entries cleaned.

***** [ Chromium URLs ] *****

No malicious Chromium URLs cleaned.

***** [ Firefox (and derivatives) ] *****

No malicious Firefox entries cleaned.

***** [ Firefox URLs ] *****

No malicious Firefox URLs cleaned.

***** [ Hosts File Entries ] *****

No malicious hosts file entries cleaned.

***** [ Preinstalled Software ] *****

No Preinstalled Software cleaned.


*************************

[+] Delete Tracing Keys
[+] Reset Winsock

*************************

AdwCleaner[S00].txt - [1420 octets] - [18/02/2025 00:30:17]

########## EOF - C:\AdwCleaner\Logs\AdwCleaner[C00].txt ##########

[Luk4579]

Malwarebytes
www.malwarebytes.com

-Log Details-
Scan Date: 18.02.2025
Scan Time: 1:37
Log File: 7dc00f98-ed90-11ef-aae9-581122c741b8.json

-Software Information-
Version: 5.2.6.163
Components Version: 1.0.5146
Update Package Version: 1.0.96042
License: Free

-System Information-
OS: Windows 11 (Build 26100.3194)
CPU: x64
File System: NTFS
User: LUKAS\lukin

-Scan Summary-
Scan Type: Threat Scan
Scan Initiated By: Manual
Result: Completed
Objects Scanned: 202359
Threats Detected: 0
Threats Quarantined: 0
Time Elapsed: 0 min, 14 sec

-Scan Options-
Memory: Enabled
Startup: Enabled
File system: Enabled
Archives: Enabled
Rootkits: Disabled
Heuristics: Enabled
PUP: Detect
PUM: Detect

-Scan Details-
Process: 0
(No malicious items detected)

Module: 0
(No malicious items detected)

Registry Key: 0
(No malicious items detected)

Registry Value: 0
(No malicious items detected)

Registry Data: 0
(No malicious items detected)

Data Stream: 0
(No malicious items detected)

Folder: 0
(No malicious items detected)

File: 0
(No malicious items detected)

Physical Sector: 0
(No malicious items detected)

WMI: 0
(No malicious items detected)


(end)

[jaro3]

Stáhni si ATF Cleaner
https://www.majorgeeks.com/mg/getmirror ... ner,2.html
Poklepej na ATF Cleaner.exe, klikni na select all, poté:
-Když používáš Firefox (Mozzila), klikni na Firefox nahoře a vyber: Select All, poté klikni na Empty Selected.
-Když používáš Operu, klikni nahoře na Operu a vyber: Select All, poté klikni na Empty Selected. Poté klikni na Main (hlavní stránku ) a klikni na Empty Selected.
Po vyčištění klikni na Exit k zavření programu.
ATF-Cleaner je jednoduchý nástroj na odstranění historie z webového prohlížeče. Program dokáže odstranit cache, cookies, historii a další stopy po surfování na Internetu. Mezi podporované prohlížeče patří Internet Explorer, Firefox a Opera. Aplikace navíc umí odstranit dočasné soubory Windows, vysypat koš atd.
- Pokud používáš jen Google Chrome ,Edge , tak ATF nemusíš použít.


Stáhni si TFC
http://www.geekstogo.com/forum/files/fi ... -oldtimer/
https://www.bleepingcomputer.com/download/tfc/
https://www.majorgeeks.com/files/detail ... eaner.html
https://www.majorgeeks.com/mg/get/temp_ ... ner,1.html

Otevři soubor a zavři všechny ostatní okna, Klikni na Start k zahájení procesu. Program by neměl trvat dlouho.
Poté by se měl PC restartovat, pokud ne , proveď sám.

Stáhni si Junkware Removal Tool by Thisisu
http://www.bleepingcomputer.com/downloa ... oval-tool/
https://downloads.malwarebytes.com/file/JRT-EOL
na svojí plochu.

Deaktivuj si svůj antivirový program. Pravým tl. myši klikni na JRT.exe a vyber „spustit jako správce“. Pro pokračování budeš vyzván ke stisknutí jakékoliv klávesy. Na nějakou klikni.
Začne skenování programu. Skenování může trvat dlouho , podle množství nákaz. Po ukončení skenu se objeví log (JRT.txt) , který se uloží na ploše.
Zkopíruj sem prosím celý jeho obsah.


Stáhni si RogueKiller by Adlice Software
http://www.adlice.com/download/roguekiller/
http://www.bleepingcomputer.com/download/roguekiller/
tutorial:
https://www.adlice.com/docs/roguekiller ... /tutorial/
na svojí plochu.
- Zavři všechny ostatní programy a prohlížeče.
- - klikni na „Scan“. V novém okně nic neměň a klikni dole na „Start“ ve sloupci „Quick Scan“
- Program skenuje procesy PC. Po proskenování klikni na „Results “ , v dalším okně pak levým t. na „Report“ a vyber : „Text File“ , log nazvi třeba RK a ulož do dokumentů nebo na plochu. Otevři soubor a celý obsah logu sem zkopíruj.
Pokud je program blokován , zkus ho spustit několikrát. Pokud dále program nepůjde spustit a pracovat, přejmenuj ho na winlogon.exe.
-pokud bude mít log více než 60.000 znaků , rozděl ho a vlož do více příspěvků
Pokud nepůjde uložit log, vyfoť si nákazy z obrazovky a vlož sem.

Jsou nějaké problémy?

[Luk4579]

Junkware Removal Tool (JRT) by Malwarebytes
Version: 8.1.4 (07.09.2017)
Operating System: Windows 10 Enterprise x64
Ran by lukin (Administrator) on 18.02.2025 at 23:30:14,86
~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~




File System: 0




Registry: 2

Successfully deleted: HKLM\Software\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{1FD49718-1D00-4B19-AF5F-070AF6D5D54C} (Registry Key)
Successfully deleted: HKLM\Software\Wow6432Node\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{1FD49718-1D00-4B19-AF5F-070AF6D5D54C} (Registry Key)




~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~
Scan was completed on 18.02.2025 at 23:31:25,38
End of JRT log
~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~

[Luk4579]

Program : RogueKillerSVC
Version : 3.0.2.0
x64 : Yes
Program Date : Feb 14 2025
Location : C:\Program Files\RogueKiller\RogueKillerSvc.exe
Premium : No
Company : Adlice Software
Website : https://www.adlice.com/
Operating System : Windows 11 (10.0.26100) 64-bit
64-bit OS : Yes
Startup : 0
WindowsPE : No
User : lukin
User is Admin : Yes
Date : 2025/02/18 22:45:40
Type : Scan
Aborted : No
Scan Mode : Quick
Duration : 8
Found items : 0
Total scanned : 940
removed_count : 0
Signatures Version : 20250110_132930
Truesight Driver : Yes
Updates Count : 0

************************* Warnings *************************

************************* Updates *************************

************************* Processes *************************

************************* Modules *************************

************************* Services *************************

************************* Scheduled Tasks *************************

************************* Registry *************************

************************* WMI *************************

************************* Hosts File *************************
is_too_big : No
hosts_file_path : N/A


************************* Filesystem *************************

************************* Web Browsers *************************

************************* Antirootkit *************************

[Luk4579]

Antimalware Service Executable, tento proces vytěžuje Cpu i po skončení scenu antivirové ochrany. Musím pc restartovat.

[jaro3]

Antimalware Service Executable

https://www.google.com/search?client=fi ... Executable
jde to zastavit? Popř. odinstalovat?
Jiné problémy nejsou?

[Luk4579]

Zastavit to nelze. Píše to přístup byl odepřen

[jaro3]

Správce úloh jako správce. Nelze? Zastavit proces?
Ani návody v tom odkazu Google?

Vypni antivir i firewall.
Prosím stáhni příslušnou verzi programu pro Tvůj systém 32-bit/64-bit FarbarRecovery Scan Tool (FrSt)
32bit.:
http://www.bleepingcomputer.com/downloa ... ool/dl/81/
64bit.:
http://www.bleepingcomputer.com/downloa ... ool/dl/82/
další odkaz:
http://www.bleepingcomputer.com/downloa ... scan-tool/
a ulož jej na plochu. ,pak spusť FrSt.
Potvrď způsob užití.
Neměň žádné z výchozích nastavení a klikni na položku „Scan“ („Skenovat“) .Když je skenování dokončeno, ukážou se dva logy = FRST.txt a Addition.txt a uloží se na ploše.Prosím zkopíruj sem celý jejich obsah.

[Luk4579]

Additional scan result of Farbar Recovery Scan Tool (x64) Version: 18-02-2025
Ran by lukin (19-02-2025 23:09:32)
Running from C:\Users\lukin\Downloads
Microsoft Windows 11 Pro Version 24H2 26100.3194 (X64) (2024-12-15 20:36:58)
Boot Mode: Normal
==========================================================


==================== Accounts: =============================

(If an entry is included in the fixlist, it will be removed.)

Administrator (S-1-5-21-3977676359-3934739732-2708753334-500 - Administrator - Disabled)
DefaultAccount (S-1-5-21-3977676359-3934739732-2708753334-503 - Limited - Disabled)
Guest (S-1-5-21-3977676359-3934739732-2708753334-501 - Limited - Disabled)
lukin (S-1-5-21-3977676359-3934739732-2708753334-1001 - Administrator - Enabled) => C:\Users\lukin
WDAGUtilityAccount (S-1-5-21-3977676359-3934739732-2708753334-504 - Limited - Disabled)
WsiAccount (S-1-5-21-3977676359-3934739732-2708753334-1002 - Limited - Disabled) => C:\Users\WsiAccount

==================== Security Center ========================

(If an entry is included in the fixlist, it will be removed.)

AV: Windows Defender (Enabled - Up to date) {D68DDC3A-831F-4fae-9E44-DA132C1ACF46}

==================== Installed Programs ======================

(Only the adware programs with "Hidden" flag could be added to the fixlist to unhide them. The adware programs should be uninstalled manually.)

Adlice Protect version 16.0.3.0 (HKLM\...\8B3D7924-ED89-486B-8322-E8594065D5CB_is1) (Version: 16.0.3.0 - Adlice Software)
AMD GPIO2 Driver (HKLM-x32\...\{E9DD399F-21A3-479E-A7DF-D6CF4B2ADBF3}) (Version: 2.2.0.133 - Advanced Micro Devices, Inc.) Hidden
AMD Chipset Software (HKLM-x32\...\AMD_Chipset_IODrivers) (Version: 6.05.16.221 - Advanced Micro Devices, Inc.)
AMD I2C Driver (HKLM-x32\...\{B31D92D9-2914-46B0-9738-F668A563DE73}) (Version: 1.2.0.124 - Advanced Micro Devices, Inc.) Hidden
AMD PCI Driver (HKLM-x32\...\{80EC3CEE-2940-42A1-A776-B5D810D39F1E}) (Version: 1.0.0.90 - Advanced Micro Devices, Inc.) Hidden
AMD PSP Driver (HKLM-x32\...\{988F14B8-79A8-475D-BAC7-83F96AD3D821}) (Version: 5.27.0.0 - Advanced Micro Devices, Inc.) Hidden
AMD Ryzen Balanced Driver (HKLM-x32\...\{A171D320-C42C-4F3B-A2D8-C6A09F6788CC}) (Version: 8.0.0.13 - Advanced Micro Devices, Inc.) Hidden
AMD SBxxx SMBus Driver (HKLM-x32\...\{AAE0E27D-C88A-49BA-8715-77ADCD4286A3}) (Version: 5.12.0.44 - Advanced Micro Devices, Inc.) Hidden
AMD_Chipset_Drivers (HKLM-x32\...\{1ee7f179-da35-4723-a064-99a2a93c80be}) (Version: 6.05.16.221 - Advanced Micro Devices, Inc.) Hidden
Aplikace NVIDIA 11.0.2.312 (HKLM\...\{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_Display.NvApp) (Version: 11.0.2.312 - NVIDIA Corporation)
CrystalDiskInfo 9.4.4 (HKLM\...\CrystalDiskInfo_is1) (Version: 9.4.4 - Crystal Dew World)
CrystalDiskMark 8.0.5 (HKLM\...\CrystalDiskMark8_is1) (Version: 8.0.5 - Crystal Dew World)
Epic Games Launcher (HKLM-x32\...\{B85FAA6E-A9AA-4655-9029-E1A4EDC05E1A}) (Version: 1.3.93.0 - Epic Games, Inc.)
Epic Games Launcher Prerequisites (x64) (HKLM\...\{F9C5C994-F6B9-4D75-B3E7-AD01B84073E9}) (Version: 1.0.0.0 - Epic Games, Inc.) Hidden
Epic Online Services (HKLM-x32\...\{57A956AB-4BCC-45C6-9B40-957E4E125568}) (Version: 2.0.44.0 - Epic Games, Inc.)
Google Earth Pro (HKLM\...\{AE3261A9-F9D9-4410-BB38-7FA1D6B54BDE}) (Version: 7.3.6.10201 - Google)
Google Chrome (HKLM-x32\...\Google Chrome) (Version: 133.0.6943.99 - Google LLC)
HWiNFO® 64 (HKLM\...\HWiNFO® 64_is1) (Version: 8.20 - Martin Malik, REALiX s.r.o.)
Launcher Prerequisites (x64) (HKLM-x32\...\{43a03b9c-4770-409c-a999-587b60700b63}) (Version: 1.0.0.0 - Epic Games, Inc.) Hidden
Malwarebytes version 5.2.6.163 (HKLM\...\{35065F43-4BB2-439A-BFF7-0F1014F2E0CD}_is1) (Version: 5.2.6.163 - Malwarebytes)
Messenger (HKU\S-1-5-21-3977676359-3934739732-2708753334-1001\...\0a93669aced325d6c1991ebd989628f4) (Version: 1.0 - Messenger)
Microsoft Edge (HKLM-x32\...\Microsoft Edge) (Version: 133.0.3065.69 - Microsoft Corporation)
Microsoft Edge WebView2 Runtime (HKLM-x32\...\Microsoft EdgeWebView) (Version: 133.0.3065.69 - Microsoft Corporation) Hidden
Microsoft Update Health Tools (HKLM\...\{C6FD611E-7EFE-488C-A0E0-974C09EF6473}) (Version: 5.72.0.0 - Microsoft Corporation)
Microsoft Visual C++ 2015-2022 Redistributable (x64) - 14.40.33810 (HKLM-x32\...\{5af95fd8-a22e-458f-acee-c61bd787178e}) (Version: 14.40.33810.0 - Microsoft Corporation)
Microsoft Visual C++ 2015-2022 Redistributable (x86) - 14.40.33810 (HKLM-x32\...\{47109d57-d746-4f8b-9618-ed6a17cc922b}) (Version: 14.40.33810.0 - Microsoft Corporation)
Microsoft Visual C++ 2022 X64 Additional Runtime - 14.40.33810 (HKLM\...\{59CED48F-EBFE-480C-8A38-FC079C2BEC0F}) (Version: 14.40.33810 - Microsoft Corporation) Hidden
Microsoft Visual C++ 2022 X64 Minimum Runtime - 14.40.33810 (HKLM\...\{B8B3BB4A-A10D-4F51-91B7-A64FFAC31EA7}) (Version: 14.40.33810 - Microsoft Corporation) Hidden
Microsoft Visual C++ 2022 X86 Additional Runtime - 14.40.33810 (HKLM-x32\...\{5EA6C998-D5AC-4ED9-89C3-9F25B17CCD3D}) (Version: 14.40.33810 - Microsoft Corporation) Hidden
Microsoft Visual C++ 2022 X86 Minimum Runtime - 14.40.33810 (HKLM-x32\...\{0C3457A0-3DCE-4A33-BEF0-9B528C557771}) (Version: 14.40.33810 - Microsoft Corporation) Hidden
NVIDIA FrameView SDK 1.5.10819.35301613 (HKLM\...\{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_FrameViewSdk) (Version: 1.5.10819.35301613 - NVIDIA Corporation)
NVIDIA Ovladač HD audia 1.4.3.2 (HKLM\...\{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_HDAudio.Driver) (Version: 1.4.3.2 - NVIDIA Corporation)
NVIDIA Ovladače grafiky 572.42 (HKLM\...\{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_Display.Driver) (Version: 572.42 - NVIDIA Corporation)
NVIDIA Systémový software PhysX 9.23.1019 (HKLM\...\{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_Display.PhysX) (Version: 9.23.1019 - NVIDIA Corporation)
Promontory_GPIO Driver (HKLM-x32\...\{B5512BCC-F4CD-4159-86A4-B2AD7D38FFA9}) (Version: 3.0.1.0 - Advanced Micro Devices, Inc.) Hidden
Realtek Audio Driver (HKLM-x32\...\{F132AF7F-7BCA-4EDE-8A7C-958108FE7DBC}) (Version: 6.0.9700.1 - Realtek Semiconductor Corp.)
Realtek Ethernet Controller Driver (HKLM-x32\...\{8833FFB6-5B0C-4764-81AA-06DFEED9A476}) (Version: 11.19.0704.2024 - Realtek)
Samsung Magician (HKLM-x32\...\{29AE3F9F-7158-4ca7-B1ED-28A73ECDB215}_is1) (Version: 8.2.0.880 - Samsung Electronics)
Speedtest by Ookla (HKLM\...\{49DC746F-BFC1-41CC-B5B1-AE3721829A3A}) (Version: 1.13.194.001 - Ookla)
WinRAR 7.01 (64-bit) (HKLM\...\WinRAR archiver) (Version: 7.01.0 - win.rar GmbH)

Packages:
=========
Bending Light PREMIUM -> C:\Program Files\WindowsApps\Microsoft.BendingLightPREMIUM_1.0.0.0_neutral__8wekyb3d8bbwe [2024-12-21] (Microsoft Corporation)
Color Explosion -> C:\Program Files\WindowsApps\Microsoft.ColorExplosion_1.0.0.0_neutral__8wekyb3d8bbwe [2024-10-10] (Microsoft Corporation)
Fish and Corals -> C:\Program Files\WindowsApps\Microsoft.FishandCorals_1.0.0.0_neutral__8wekyb3d8bbwe [2024-10-07] (Microsoft Corporation)
London Architecture by Imran Mirza -> C:\Program Files\WindowsApps\Microsoft.LondonArchitecturebyImranMirza_1.0.0.0_neutral__8wekyb3d8bbwe [2024-10-04] (Microsoft Corporation)
Messenger -> C:\Program Files\WindowsApps\FACEBOOK.317180B0BB486_2250.0.0.0_x64__8xx8rvfyw5nnt [2024-12-09] (Meta)
Microsoft.StartExperiencesApp -> C:\Program Files\WindowsApps\Microsoft.StartExperiencesApp_1.1.235.0_x64__8wekyb3d8bbwe [2025-01-28] (Microsoft Corporation)
Nightfall Camo Special Edition -> C:\Program Files\WindowsApps\Microsoft.37199B0E2AC7E_1.0.0.0_neutral__8wekyb3d8bbwe [2024-10-10] (Microsoft Corporation)
NVIDIA Control Panel -> C:\Program Files\WindowsApps\NVIDIACorp.NVIDIAControlPanel_8.1.967.0_x64__56jybvy8sckqj [2025-01-11] (NVIDIA Corp.)
Realtek Audio Control -> C:\Program Files\WindowsApps\RealtekSemiconductorCorp.RealtekAudioControl_1.51.339.0_x64__dt26b99r8h8gj [2024-09-24] (Realtek Semiconductor Corp)
Spiraling Fractals PREMIUM -> C:\Program Files\WindowsApps\Microsoft.SpiralingFractalsPREMIUM_1.0.0.0_neutral__8wekyb3d8bbwe [2024-10-04] (Microsoft Corporation)
SpotifyAB.SpotifyMusic -> C:\Program Files\WindowsApps\SpotifyAB.SpotifyMusic_1.257.463.0_x64__zpdnekdrzrea0 [2025-02-12] (Spotify AB) [Startup Task]
WinRAR -> C:\Program Files\WinRAR [2025-02-18] (win.rar GmbH)

==================== Custom CLSID (Whitelisted): ==============

(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)

CustomCLSID: HKU\S-1-5-21-3977676359-3934739732-2708753334-1001_Classes\CLSID\{23B3E3D8-C162-4A8B-AB0C-0905DCB1DF19}\InprocServer32 -> C:\Users\lukin\AppData\Local\Packages\Microsoft.PowerAutomateDesktop_8wekyb3d8bbwe\TempState\RDP\DVCPlugin\x64\Microsoft.Flow.RPA.Desktop.UIAutomation.RDP.DVC.Plugin.dll (Microsoft Corporation -> )
ShellIconOverlayIdentifiers: [ OneDrive1] -> {BBACC218-34EA-4666-9D7A-C78F2274A524} => -> No File
ShellIconOverlayIdentifiers: [ OneDrive2] -> {5AB7172C-9C11-405C-8DD5-AF20F3606282} => -> No File
ShellIconOverlayIdentifiers: [ OneDrive3] -> {A78ED123-AB77-406B-9962-2A5D9D2F7F30} => -> No File
ShellIconOverlayIdentifiers: [ OneDrive4] -> {F241C880-6982-4CE5-8CF7-7085BA96DA5A} => -> No File
ShellIconOverlayIdentifiers: [ OneDrive5] -> {A0396A93-DC06-4AEF-BEE9-95FFCCAEF20E} => -> No File
ShellIconOverlayIdentifiers: [ OneDrive6] -> {9AA2F32D-362A-42D9-9328-24A483E2CCC3} => -> No File
ShellIconOverlayIdentifiers: [ OneDrive7] -> {C5FF006E-2AE9-408C-B85B-2DFDD5449D9C} => -> No File
ShellIconOverlayIdentifiers-x32: [ OneDrive1] -> {BBACC218-34EA-4666-9D7A-C78F2274A524} => -> No File
ShellIconOverlayIdentifiers-x32: [ OneDrive2] -> {5AB7172C-9C11-405C-8DD5-AF20F3606282} => -> No File
ShellIconOverlayIdentifiers-x32: [ OneDrive3] -> {A78ED123-AB77-406B-9962-2A5D9D2F7F30} => -> No File
ShellIconOverlayIdentifiers-x32: [ OneDrive4] -> {F241C880-6982-4CE5-8CF7-7085BA96DA5A} => -> No File
ShellIconOverlayIdentifiers-x32: [ OneDrive5] -> {A0396A93-DC06-4AEF-BEE9-95FFCCAEF20E} => -> No File
ShellIconOverlayIdentifiers-x32: [ OneDrive6] -> {9AA2F32D-362A-42D9-9328-24A483E2CCC3} => -> No File
ShellIconOverlayIdentifiers-x32: [ OneDrive7] -> {C5FF006E-2AE9-408C-B85B-2DFDD5449D9C} => -> No File
ContextMenuHandlers3: [MBAMShlExt] -> {57CE581A-0CB6-4266-9CA0-19364C90A0B3} => C:\Program Files\Malwarebytes\Anti-Malware\mbshlext.dll [2025-02-17] (Malwarebytes Inc. -> Malwarebytes)
ContextMenuHandlers5: [NvCplDesktopContext] -> {3D1975AF-48C6-4f8e-A182-BE0E08FA86A9} => C:\WINDOWS\System32\DriverStore\FileRepository\nv_dispi.inf_amd64_52f3d9d461d3ba3c\nvshext.dll [2025-02-12] (NVIDIA Corporation -> NVIDIA Corporation)
ContextMenuHandlers6: [MBAMShlExt] -> {57CE581A-0CB6-4266-9CA0-19364C90A0B3} => C:\Program Files\Malwarebytes\Anti-Malware\mbshlext.dll [2025-02-17] (Malwarebytes Inc. -> Malwarebytes)

==================== Codecs (Whitelisted) ====================

==================== Shortcuts & WMI ========================

==================== Loaded Modules (Whitelisted) =============

2024-10-07 18:58 - 2024-08-23 20:06 - 002574336 _____ () [File not signed] C:\Program Files (x86)\Samsung\Samsung Magician\ffmpeg.dll
2024-10-07 18:58 - 2024-08-23 20:06 - 000379392 _____ () [File not signed] C:\Program Files (x86)\Samsung\Samsung Magician\libegl.dll
2024-10-07 18:58 - 2024-08-23 20:06 - 006585344 _____ () [File not signed] C:\Program Files (x86)\Samsung\Samsung Magician\libglesv2.dll
2024-10-07 18:58 - 2024-08-23 20:05 - 000143360 _____ () [File not signed] C:\Program Files (x86)\Samsung\Samsung Magician\resources\app\dist\magutils-napi.node
2024-10-07 18:58 - 2024-08-23 20:05 - 000087040 _____ () [File not signed] C:\Program Files (x86)\Samsung\Samsung Magician\resources\app\dist\magvibrancy-napi.node
2024-10-07 18:58 - 2024-08-23 20:05 - 000646656 _____ () [File not signed] C:\Program Files (x86)\Samsung\Samsung Magician\resources\app\dist\uimpewrapper-napi.node
2024-10-07 18:58 - 2024-08-23 20:06 - 004512256 _____ () [File not signed] C:\Program Files (x86)\Samsung\Samsung Magician\vk_swiftshader.dll
2024-10-07 18:58 - 2024-08-23 20:06 - 000815104 _____ () [File not signed] C:\Program Files (x86)\Samsung\Samsung Magician\vulkan-1.dll
2025-02-13 22:36 - 2025-02-13 22:36 - 000000000 ____L (NVIDIA Corporation) [symlink -> C:\Program Files\NVIDIA Corporation\NVIDIA app\CEF\PlugIns\NVIDIA app\MessageBusRouter.dll] C:\Program Files\NVIDIA Corporation\NVIDIA App\CEF\PlugIns\NVIDIA Overlay\MessageBusRouter.dll
2024-11-18 20:30 - 2025-02-13 22:36 - 000000000 ____L (NVIDIA Corporation) [symlink -> C:\Program Files\NVIDIA Corporation\NVIDIA app\MessageBus\NvMessageBusBroadcast.dll] C:\Program Files\NVIDIA Corporation\NvContainer\plugins\LocalSystem\NvMessageBusBroadcast.dll

==================== Alternate Data Streams (Whitelisted) ========

==================== Safe Mode (Whitelisted) ==================

(If an entry is included in the fixlist, it will be removed from the registry. The "AlternateShell" will be restored.)

HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\MBAMService => ""="Service"
HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Network\MBAMService => ""="Service"

==================== Association (Whitelisted) =================

==================== Internet Explorer (Whitelisted) =============


==================== Hosts content: =========================

(If needed Hosts: directive could be included in the fixlist to reset Hosts.)

2022-05-07 06:24 - 2022-05-07 06:22 - 000000824 _____ C:\WINDOWS\system32\drivers\etc\hosts

==================== Other Areas ===========================

(Currently there is no automatic fix for this section.)

HKU\S-1-5-21-3977676359-3934739732-2708753334-1001\Control Panel\Desktop\\Wallpaper -> C:\Users\lukin\AppData\Roaming\Microsoft\Windows\Themes\TranscodedWallpaper
HKU\S-1-5-21-3977676359-3934739732-2708753334-1002\Control Panel\Desktop\\Wallpaper -> C:\Windows\Web\Wallpaper\Windows\img0.jpg
DNS Servers: 192.168.1.1
HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Policies\System => (ConsentPromptBehaviorAdmin: 5) (ConsentPromptBehaviorUser: 3) (EnableLUA: 1)
Windows Firewall is enabled.

Network Binding:
=============
Ethernet: Realtek PCIe GbE Family Controller -> rt68cx21x64.sys

==================== MSCONFIG/TASK MANAGER disabled items ==

(If an entry is included in the fixlist, it will be removed.)

HKU\S-1-5-21-3977676359-3934739732-2708753334-1001\...\StartupApproved\Run: => "MicrosoftEdgeAutoLaunch_C2A946453535DAC8E26670192D3842C0"

==================== FirewallRules (Whitelisted) ================

(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)

FirewallRules: [UDP Query User{6632D829-91FE-498F-AE5E-681FA728F5F4}D:\riseofthetombraider\rottr.exe] => (Block) D:\riseofthetombraider\rottr.exe (Square Enix LTD -> Eidos Inc.)
FirewallRules: [TCP Query User{947C2DEE-0074-42E5-BAD2-DBA2AC2CE189}D:\riseofthetombraider\rottr.exe] => (Block) D:\riseofthetombraider\rottr.exe (Square Enix LTD -> Eidos Inc.)
FirewallRules: [UDP Query User{BB296308-368E-4170-9736-70967D79388D}C:\program files (x86)\asus\gputweakiii\gt3 mobile service.exe] => (Block) C:\program files (x86)\asus\gputweakiii\gt3 mobile service.exe => No File
FirewallRules: [TCP Query User{4D482A87-EF1D-4BA3-A3D1-C67F83233F18}C:\program files (x86)\asus\gputweakiii\gt3 mobile service.exe] => (Block) C:\program files (x86)\asus\gputweakiii\gt3 mobile service.exe => No File
FirewallRules: [{3ABB5109-AD0E-447B-BFD3-7C5919B1B656}] => (Allow) C:\Program Files\WindowsApps\MSTeams_24295.605.3225.8804_x64__8wekyb3d8bbwe\ms-teams.exe (Microsoft Corporation -> Microsoft Corporation)
FirewallRules: [{4D699AE6-07B8-4488-87C9-4B1BE36E9ADB}] => (Allow) C:\Program Files\WindowsApps\MSTeams_24295.605.3225.8804_x64__8wekyb3d8bbwe\ms-teams.exe (Microsoft Corporation -> Microsoft Corporation)
FirewallRules: [{73F80E3D-26A0-49EA-875D-213C0B8092CE}] => (Allow) C:\Program Files\WindowsApps\SpotifyAB.SpotifyMusic_1.257.463.0_x64__zpdnekdrzrea0\Spotify.exe (453637B3-4E12-4CDF-B0D3-2A3C863BF6EF -> Spotify Ltd)
FirewallRules: [{BEFCAE88-FFF0-46DB-8D6E-4936294C180C}] => (Allow) C:\Program Files\WindowsApps\SpotifyAB.SpotifyMusic_1.257.463.0_x64__zpdnekdrzrea0\Spotify.exe (453637B3-4E12-4CDF-B0D3-2A3C863BF6EF -> Spotify Ltd)
FirewallRules: [{EB1FB811-0F42-498D-8C84-5A3C7B870E98}] => (Allow) C:\Program Files\WindowsApps\SpotifyAB.SpotifyMusic_1.257.463.0_x64__zpdnekdrzrea0\Spotify.exe (453637B3-4E12-4CDF-B0D3-2A3C863BF6EF -> Spotify Ltd)
FirewallRules: [{C91036E2-D6B7-4598-A9A1-BFBD4DA67E01}] => (Allow) C:\Program Files\WindowsApps\SpotifyAB.SpotifyMusic_1.257.463.0_x64__zpdnekdrzrea0\Spotify.exe (453637B3-4E12-4CDF-B0D3-2A3C863BF6EF -> Spotify Ltd)
FirewallRules: [{B996B346-81A7-4645-BA1B-0E8CE6A64FFF}] => (Allow) C:\Program Files\WindowsApps\SpotifyAB.SpotifyMusic_1.257.463.0_x64__zpdnekdrzrea0\Spotify.exe (453637B3-4E12-4CDF-B0D3-2A3C863BF6EF -> Spotify Ltd)
FirewallRules: [{89B01185-0575-4B58-A24C-E77D42C8D7D3}] => (Allow) C:\Program Files\WindowsApps\SpotifyAB.SpotifyMusic_1.257.463.0_x64__zpdnekdrzrea0\Spotify.exe (453637B3-4E12-4CDF-B0D3-2A3C863BF6EF -> Spotify Ltd)
FirewallRules: [{189D6BCA-3705-4191-B607-22AA9EC8427A}] => (Allow) C:\Program Files\WindowsApps\SpotifyAB.SpotifyMusic_1.257.463.0_x64__zpdnekdrzrea0\Spotify.exe (453637B3-4E12-4CDF-B0D3-2A3C863BF6EF -> Spotify Ltd)
FirewallRules: [{2D42552C-0F88-4D7F-AA51-3F0B2A277B65}] => (Allow) C:\Program Files\WindowsApps\SpotifyAB.SpotifyMusic_1.257.463.0_x64__zpdnekdrzrea0\Spotify.exe (453637B3-4E12-4CDF-B0D3-2A3C863BF6EF -> Spotify Ltd)
FirewallRules: [{C45E07FF-8D96-4BD2-A41B-4700A687E86B}] => (Allow) C:\Program Files\WindowsApps\SpotifyAB.SpotifyMusic_1.257.463.0_x64__zpdnekdrzrea0\Spotify.exe (453637B3-4E12-4CDF-B0D3-2A3C863BF6EF -> Spotify Ltd)
FirewallRules: [{7CA03C37-5FC1-4A9F-B560-ED55AD8BFCE2}] => (Allow) C:\Program Files\WindowsApps\SpotifyAB.SpotifyMusic_1.257.463.0_x64__zpdnekdrzrea0\Spotify.exe (453637B3-4E12-4CDF-B0D3-2A3C863BF6EF -> Spotify Ltd)
FirewallRules: [{3FCD9F35-8CA2-4DF7-A8EC-C279C9BAAF3B}] => (Allow) C:\Program Files (x86)\Microsoft\EdgeWebView\Application\133.0.3065.69\msedgewebview2.exe (Microsoft Corporation -> Microsoft Corporation)
FirewallRules: [{3A77D3C9-3CC2-466B-9E1B-C0459491F78D}] => (Allow) C:\Program Files\Google\Chrome\Application\chrome.exe (Google LLC -> Google LLC)

==================== Restore Points =========================

14-02-2025 00:28:23 Windows Update
18-02-2025 23:30:15 JRT Pre-Junkware Removal

==================== Faulty Device Manager Devices ============

==================== Event log errors: ========================

Application errors:
==================
Error: (02/19/2025 05:31:00 AM) (Source: CertEnroll) (EventID: 86) (User: NT AUTHORITY)
Description: Inicializace registrace certifikátu SCEP pro WORKGROUP\LUKAS$ přes https://AMD-KeyId-52fb59e29aa83a962fb9e ... s/Aik/scep se nepovedla:

GetCACaps
GetCACaps

[Luk4579]

Not Found
{"Message":"The authority \"amd-keyid-52fb59e29aa83a962fb9eef0fe5b4811de6b751e.microsoftaik.azure.net\" does not exist."}
HTTP/1.1 404 Not Found
Date: Wed, 19 Feb 2025 04:30:54 GMT
Content-Length: 121
Content-Type: application/json; charset=utf-8
X-Content-Type-Options: nosniff
Strict-Transport-Security: max-age=31536000;includeSubDomains
x-ms-request-id: d7324ea0-f4dd-4cab-98eb-a409b707d8c5

Metoda: GET(265ms)
Fáze: GetCACaps
Nenalezeno (404) 0x80190194 (-2145844844 HTTP_E_STATUS_NOT_FOUND)

Error: (02/19/2025 05:31:00 AM) (Source: CertEnroll) (EventID: 86) (User: NT AUTHORITY)
Description: Inicializace registrace certifikátu SCEP pro Místní systém přes https://AMD-KeyId-52fb59e29aa83a962fb9e ... s/Aik/scep se nepovedla:

GetCACaps
GetCACaps: Not Found
{"Message":"The authority \"amd-keyid-52fb59e29aa83a962fb9eef0fe5b4811de6b751e.microsoftaik.azure.net\" does not exist."}
HTTP/1.1 404 Not Found
Date: Wed, 19 Feb 2025 04:30:53 GMT
Content-Length: 121
Content-Type: application/json; charset=utf-8
X-Content-Type-Options: nosniff
Strict-Transport-Security: max-age=31536000;includeSubDomains
x-ms-request-id: 7bfb5d14-41a2-4013-84c9-6f6522fb80a2

Metoda: GET(281ms)
Fáze: GetCACaps
Nenalezeno (404) 0x80190194 (-2145844844 HTTP_E_STATUS_NOT_FOUND)

Error: (02/19/2025 05:31:00 AM) (Source: CertEnroll) (EventID: 86) (User: NT AUTHORITY)
Description: Inicializace registrace certifikátu SCEP pro WORKGROUP\LUKAS$ přes https://AMD-KeyId-52fb59e29aa83a962fb9e ... s/Aik/scep se nepovedla:

GetCACaps
GetCACaps: Not Found
{"Message":"The authority \"amd-keyid-52fb59e29aa83a962fb9eef0fe5b4811de6b751e.microsoftaik.azure.net\" does not exist."}
HTTP/1.1 404 Not Found
Date: Wed, 19 Feb 2025 04:30:53 GMT
Content-Length: 121
Content-Type: application/json; charset=utf-8
X-Content-Type-Options: nosniff
Strict-Transport-Security: max-age=31536000;includeSubDomains
x-ms-request-id: 8c7ddc32-73d2-4449-9cc7-4851179979a1

Metoda: GET(328ms)
Fáze: GetCACaps
Nenalezeno (404) 0x80190194 (-2145844844 HTTP_E_STATUS_NOT_FOUND)

Error: (02/19/2025 02:27:06 AM) (Source: CertEnroll) (EventID: 86) (User: NT AUTHORITY)
Description: Inicializace registrace certifikátu SCEP pro WORKGROUP\LUKAS$ přes https://AMD-KeyId-52fb59e29aa83a962fb9e ... s/Aik/scep se nepovedla:

GetCACaps
GetCACaps: Not Found
{"Message":"The authority \"amd-keyid-52fb59e29aa83a962fb9eef0fe5b4811de6b751e.microsoftaik.azure.net\" does not exist."}
HTTP/1.1 404 Not Found
Date: Wed, 19 Feb 2025 01:26:59 GMT
Content-Length: 121
Content-Type: application/json; charset=utf-8
X-Content-Type-Options: nosniff
Strict-Transport-Security: max-age=31536000;includeSubDomains
x-ms-request-id: a06ec246-1fcb-4b11-8b21-3df313986999

Metoda: GET(312ms)
Fáze: GetCACaps
Nenalezeno (404) 0x80190194 (-2145844844 HTTP_E_STATUS_NOT_FOUND)

Error: (02/18/2025 11:56:10 PM) (Source: CertEnroll) (EventID: 86) (User: NT AUTHORITY)
Description: Inicializace registrace certifikátu SCEP pro WORKGROUP\LUKAS$ přes https://AMD-KeyId-52fb59e29aa83a962fb9e ... s/Aik/scep se nepovedla:

GetCACaps
GetCACaps: Not Found
{"Message":"The authority \"amd-keyid-52fb59e29aa83a962fb9eef0fe5b4811de6b751e.microsoftaik.azure.net\" does not exist."}
HTTP/1.1 404 Not Found
Date: Tue, 18 Feb 2025 22:56:03 GMT
Content-Length: 121
Content-Type: application/json; charset=utf-8
X-Content-Type-Options: nosniff
Strict-Transport-Security: max-age=31536000;includeSubDomains
x-ms-request-id: 5dc55221-833b-4224-955f-5bccf18d3973

Metoda: GET(281ms)
Fáze: GetCACaps
Nenalezeno (404) 0x80190194 (-2145844844 HTTP_E_STATUS_NOT_FOUND)

Error: (02/18/2025 11:56:10 PM) (Source: CertEnroll) (EventID: 86) (User: NT AUTHORITY)
Description: Inicializace registrace certifikátu SCEP pro Místní systém přes https://AMD-KeyId-52fb59e29aa83a962fb9e ... s/Aik/scep se nepovedla:

GetCACaps
GetCACaps: Not Found
{"Message":"The authority \"amd-keyid-52fb59e29aa83a962fb9eef0fe5b4811de6b751e.microsoftaik.azure.net\" does not exist."}
HTTP/1.1 404 Not Found
Date: Tue, 18 Feb 2025 22:56:02 GMT
Content-Length: 121
Content-Type: application/json; charset=utf-8
X-Content-Type-Options: nosniff
Strict-Transport-Security: max-age=31536000;includeSubDomains
x-ms-request-id: adda81bb-706c-4db3-92e5-e7903638fe79

Metoda: GET(313ms)
Fáze: GetCACaps
Nenalezeno (404) 0x80190194 (-2145844844 HTTP_E_STATUS_NOT_FOUND)

Error: (02/18/2025 11:56:10 PM) (Source: CertEnroll) (EventID: 86) (User: NT AUTHORITY)
Description: Inicializace registrace certifikátu SCEP pro WORKGROUP\LUKAS$ přes https://AMD-KeyId-52fb59e29aa83a962fb9e ... s/Aik/scep se nepovedla:

GetCACaps
GetCACaps: Not Found
{"Message":"The authority \"amd-keyid-52fb59e29aa83a962fb9eef0fe5b4811de6b751e.microsoftaik.azure.net\" does not exist."}
HTTP/1.1 404 Not Found
Date: Tue, 18 Feb 2025 22:56:02 GMT
Content-Length: 121
Content-Type: application/json; charset=utf-8
X-Content-Type-Options: nosniff
Strict-Transport-Security: max-age=31536000;includeSubDomains
x-ms-request-id: f384e48a-d817-4edb-932f-2735f427d79c

Metoda: GET(313ms)
Fáze: GetCACaps
Nenalezeno (404) 0x80190194 (-2145844844 HTTP_E_STATUS_NOT_FOUND)

Error: (02/18/2025 11:27:05 PM) (Source: CertEnroll) (EventID: 86) (User: NT AUTHORITY)
Description: Inicializace registrace certifikátu SCEP pro Místní systém přes https://AMD-KeyId-52fb59e29aa83a962fb9e ... s/Aik/scep se nepovedla:

GetCACaps

Metoda: GET(31ms)
Fáze: GetCACaps
Nelze rozpoznat název nebo adresu serveru. 0x80072ee7 (WinHttp: 12007 ERROR_WINHTTP_NAME_NOT_RESOLVED)


System errors:
=============
Error: (02/19/2025 11:05:46 PM) (Source: Microsoft-Windows-TPM-WMI) (EventID: 1796) (User: NT AUTHORITY)
Description: The Secure Boot update failed to update a Secure Boot variable with error (-2147020471 = Zabezpečené spouštění není v tomto počítači zapnuto.). For more information, please see https://go.microsoft.com/fwlink/?linkid=2169931

Error: (02/19/2025 05:35:52 AM) (Source: Microsoft-Windows-TPM-WMI) (EventID: 1796) (User: NT AUTHORITY)
Description: The Secure Boot update failed to update a Secure Boot variable with error (-2147020471 = Zabezpečené spouštění není v tomto počítači zapnuto.). For more information, please see https://go.microsoft.com/fwlink/?linkid=2169931

Error: (02/19/2025 12:00:57 AM) (Source: Microsoft-Windows-TPM-WMI) (EventID: 1796) (User: NT AUTHORITY)
Description: The Secure Boot update failed to update a Secure Boot variable with error (-2147020471 = Zabezpečené spouštění není v tomto počítači zapnuto.). For more information, please see https://go.microsoft.com/fwlink/?linkid=2169931

Error: (02/18/2025 11:31:58 PM) (Source: Microsoft-Windows-TPM-WMI) (EventID: 1796) (User: NT AUTHORITY)
Description: The Secure Boot update failed to update a Secure Boot variable with error (-2147020471 = Zabezpečené spouštění není v tomto počítači zapnuto.). For more information, please see https://go.microsoft.com/fwlink/?linkid=2169931

Error: (02/18/2025 11:30:25 PM) (Source: Service Control Manager) (EventID: 7031) (User: )
Description: Služba Realtek Audio Universal Service byla nečekaně ukončena. Stalo se to 1 krát. Následující opravná akce bude spuštěna za 0 milisekund: Restartovat službu.

Error: (02/18/2025 11:30:24 PM) (Source: Service Control Manager) (EventID: 7031) (User: )
Description: Služba NVIDIA LocalSystem Container byla nečekaně ukončena. Stalo se to 1 krát. Následující opravná akce bude spuštěna za 6000 milisekund: Restartovat službu.

Error: (02/18/2025 11:30:24 PM) (Source: Service Control Manager) (EventID: 7031) (User: )
Description: Služba NVIDIA Display Container LS byla nečekaně ukončena. Stalo se to 1 krát. Následující opravná akce bude spuštěna za 6000 milisekund: Restartovat službu.

Error: (02/18/2025 11:24:17 PM) (Source: Microsoft-Windows-TPM-WMI) (EventID: 1796) (User: NT AUTHORITY)
Description: The Secure Boot update failed to update a Secure Boot variable with error (-2147020471 = Zabezpečené spouštění není v tomto počítači zapnuto.). For more information, please see https://go.microsoft.com/fwlink/?linkid=2169931


Windows Defender:
================
Date: 2025-02-18 00:04:58
Description:
Prohledávání Antivirová ochrana v programu Microsoft Defender bylo zastaveno před dokončením.
ID prohledávání: {6D5B9719-8596-4510-8C43-41C2B0892076}
Typ prohledávání: Antimalwarový program
Parametry prohledávání: Rychlé prohledávání
Uživatel: NT AUTHORITY\SYSTEM

Date: 2025-02-15 02:17:42
Description:
Prohledávání Antivirová ochrana v programu Microsoft Defender bylo zastaveno před dokončením.
ID prohledávání: {21B3FA49-E37C-478C-8A8D-5B434527655E}
Typ prohledávání: Antimalwarový program
Parametry prohledávání: Rychlé prohledávání
Uživatel: NT AUTHORITY\SYSTEM

Date: 2025-02-12 10:38:51
Description:
Prohledávání Antivirová ochrana v programu Microsoft Defender bylo zastaveno před dokončením.
ID prohledávání: {C5977E8A-5F38-48AB-8F9D-5DC700A6A40C}
Typ prohledávání: Antimalwarový program
Parametry prohledávání: Rychlé prohledávání
Uživatel: NT AUTHORITY\SYSTEM

Date: 2025-02-09 09:20:52
Description:
Prohledávání Antivirová ochrana v programu Microsoft Defender bylo zastaveno před dokončením.
ID prohledávání: {1ED5F336-7454-4D72-AADE-E8E4D7AA41C6}
Typ prohledávání: Antimalwarový program
Parametry prohledávání: Rychlé prohledávání
Uživatel: NT AUTHORITY\SYSTEM

Date: 2025-01-13 00:11:21
Description:
Prohledávání Antivirová ochrana v programu Microsoft Defender bylo zastaveno před dokončením.
ID prohledávání: {F4842DC2-5A4F-4A6D-8ACA-80DA2941B162}
Typ prohledávání: Antimalwarový program
Parametry prohledávání: Rychlé prohledávání
Uživatel: NT AUTHORITY\SYSTEM
Event[0]

Date: 2025-02-07 21:12:28
Description:
Antivirová ochrana v programu Microsoft Defender narazil na chybu při pokusu o aktualizaci bezpečnostních informací.
Nová verze bezpečnostních informací:
Předchozí verze bezpečnostních informací: 1.421.1569.0
Zdroj aktualizace: Centrum společnosti Microsoft pro ochranu před škodlivým softwarem
Typ bezpečnostních informací: Antivirový program
Typ aktualizace: Úplné
Uživatel: NT AUTHORITY\SYSTEM
Aktuální verze modulu:
Předchozí verze modulu: 1.1.24090.11
Kód chyby: 0x80072ee7
Popis chyby: Nelze rozpoznat název nebo adresu serveru.

Date: 2025-02-07 21:12:28
Description:
Antivirová ochrana v programu Microsoft Defender narazil na chybu při pokusu o aktualizaci bezpečnostních informací.
Nová verze bezpečnostních informací:
Předchozí verze bezpečnostních informací: 1.421.1569.0
Zdroj aktualizace: Centrum společnosti Microsoft pro ochranu před škodlivým softwarem
Typ bezpečnostních informací: Antispywarový program
Typ aktualizace: Úplné
Uživatel: NT AUTHORITY\SYSTEM
Aktuální verze modulu:
Předchozí verze modulu: 1.1.24090.11
Kód chyby: 0x80072ee7
Popis chyby: Nelze rozpoznat název nebo adresu serveru.

Date: 2025-02-07 21:12:28
Description:
Antivirová ochrana v programu Microsoft Defender narazil na chybu při pokusu o aktualizaci bezpečnostních informací.
Nová verze bezpečnostních informací:
Předchozí verze bezpečnostních informací: 1.421.1569.0
Zdroj aktualizace: Centrum společnosti Microsoft pro ochranu před škodlivým softwarem
Typ bezpečnostních informací: Antivirový program
Typ aktualizace: Úplné
Uživatel: NT AUTHORITY\SYSTEM
Aktuální verze modulu:
Předchozí verze modulu: 1.1.24090.11
Kód chyby: 0x80072ee7
Popis chyby: Nelze rozpoznat název nebo adresu serveru.

Date: 2025-02-07 21:12:28
Description:
Antivirová ochrana v programu Microsoft Defender narazil na chybu při pokusu o aktualizaci bezpečnostních informací.
Nová verze bezpečnostních informací:
Předchozí verze bezpečnostních informací: 1.421.1569.0
Zdroj aktualizace: Centrum společnosti Microsoft pro ochranu před škodlivým softwarem
Typ bezpečnostních informací: Antivirový program
Typ aktualizace: Úplné
Uživatel: NT AUTHORITY\SYSTEM
Aktuální verze modulu:
Předchozí verze modulu: 1.1.24090.11
Kód chyby: 0x80072ee7
Popis chyby: Nelze rozpoznat název nebo adresu serveru.

Date: 2025-02-07 21:12:28
Description:
Antivirová ochrana v programu Microsoft Defender narazil na chybu při pokusu o aktualizaci bezpečnostních informací.
Nová verze bezpečnostních informací:
Předchozí verze bezpečnostních informací: 1.421.1569.0
Zdroj aktualizace: Centrum společnosti Microsoft pro ochranu před škodlivým softwarem
Typ bezpečnostních informací: Antispywarový program
Typ aktualizace: Úplné
Uživatel: NT AUTHORITY\SYSTEM
Aktuální verze modulu:
Předchozí verze modulu: 1.1.24090.11
Kód chyby: 0x80072ee7
Popis chyby: Nelze rozpoznat název nebo adresu serveru.

CodeIntegrity:
===============
Date: 2025-02-18 01:41:17
Description:
Code Integrity determined that a process (\Device\HarddiskVolume3\Windows\System32\SecurityHealthService.exe) attempted to load \Device\HarddiskVolume3\Program Files\Malwarebytes\Anti-Malware\mbamsi64.dll that did not meet the Windows signing level requirements.

Date: 2025-02-18 01:37:11
Description:
Code Integrity determined that a process (\Device\HarddiskVolume3\ProgramData\Microsoft\Windows Defender\Platform\4.18.24090.11-0\MpCmdRun.exe) attempted to load \Device\HarddiskVolume3\Program Files\Malwarebytes\Anti-Malware\mbamsi64.dll that did not meet the Microsoft signing level requirements.


==================== Memory info ===========================

BIOS: American Megatrends Inc. 3611 09/29/2024
Motherboard: ASUSTeK COMPUTER INC. PRIME B550-PLUS
Processor: AMD Ryzen 7 5700G with Radeon Graphics
Percentage of memory in use: 17%
Total physical RAM: 32563.54 MB
Available physical RAM: 26926.82 MB
Total Virtual: 34611.54 MB
Available Virtual: 27881.82 MB

==================== Drives ================================

Drive c: (LUKÁŠ - SYSTÉM) (Fixed) (Total:232.02 GB) (Free:164.66 GB) (Model: Samsung SSD 860 EVO 250GB) NTFS
Drive d: (LUKÁŠ -DATA) (Fixed) (Total:465.75 GB) (Free:429.7 GB) (Model: WDC WD5000AZLX-60K2TA0) NTFS

\\?\Volume{07df9653-f4de-4055-b590-9fffa046b12d}\ () (Fixed) (Total:0.75 GB) (Free:0.22 GB) NTFS
\\?\Volume{68259ca7-cfab-48d2-be6b-e62d150399dd}\ () (Fixed) (Total:0.09 GB) (Free:0.06 GB) FAT32

==================== MBR & Partition Table ====================

==========================================================
Disk: 0 (Protective MBR) (Size: 232.9 GB) (Disk ID: 00000000)

Partition: GPT.

==========================================================
Disk: 1 (Protective MBR) (Size: 465.8 GB) (Disk ID: 00000000)

Partition: GPT.

==================== End of Addition.txt =======================