VIRY.CZ

Zdravím,

byl bych moc vděčný za kontrolu a návrh řešení oprav.


Additional scan result of Farbar Recovery Scan Tool (x64) Version: 19.02.2024 02
Ran by unigl (22-02-2024 12:42:15)
Running from C:\Users\unigl\Desktop
Microsoft Windows 11 Home Version 23H2 22631.3155 (X64) (2023-09-01 10:54:13)
Boot Mode: Normal
==========================================================


==================== Accounts: =============================


(If an entry is included in the fixlist, it will be removed.)

Administrator (S-1-5-21-4206321900-3256822646-2102545685-500 - Administrator - Disabled)
DefaultAccount (S-1-5-21-4206321900-3256822646-2102545685-503 - Limited - Disabled)
Guest (S-1-5-21-4206321900-3256822646-2102545685-501 - Limited - Enabled)
unigl (S-1-5-21-4206321900-3256822646-2102545685-1001 - Administrator - Enabled) => C:\Users\unigl
WDAGUtilityAccount (S-1-5-21-4206321900-3256822646-2102545685-504 - Limited - Disabled)

==================== Security Center ========================

(If an entry is included in the fixlist, it will be removed.)

AV: Windows Defender (Enabled - Up to date) {D68DDC3A-831F-4fae-9E44-DA132C1ACF46}

==================== Installed Programs ======================

(Only the adware programs with "Hidden" flag could be added to the fixlist to unhide them. The adware programs should be uninstalled manually.)

µTorrent (HKU\S-1-5-21-4206321900-3256822646-2102545685-1001\...\uTorrent) (Version: 3.6.0.47006 - BitTorrent Limited)
Adobe Acrobat (64-bit) (HKLM\...\{AC76BA86-1033-1033-7760-BC15014EA700}) (Version: 23.008.20533 - Adobe)
Adobe Refresh Manager (HKLM-x32\...\{AC76BA86-0804-1033-1959-018244601067}) (Version: 1.8.0 - Adobe Systems Incorporated) Hidden
Call of Duty Modern Warfare 2 Campaign Remastered v. 1.1.1.1279145 (HKLM-x32\...\Call of Duty Modern Warfare 2 Campaign Remastered_is1) (Version: - )
DraftSight 2023 SP3 x64 (HKLM\...\{C71B9368-123F-44BB-82F6-5C53C6B75066}) (Version: 23.3.0025 - Dassault Systemes)
Dynamic Application Loader Host Interface Service (HKLM\...\{3252E69D-9075-40FD-A9EF-F6D96091B5BF}) (Version: 1.0.0.0 - Intel Corporation) Hidden
EA app (HKLM\...\{C2622085-ABD2-49E5-8AB9-D3D6A642C091}) (Version: 13.133.0.5646 - Electronic Arts) Hidden
EA app (HKLM-x32\...\{808115f5-372e-4994-b758-514aa090a54d}) (Version: 13.133.0.5646 - Electronic Arts)
EA SPORTS FC 24 (HKLM-x32\...\{D599A8A7-E083-496C-B891-5752CD4E04F3}) (Version: 1.0.85.48150 - Electronic Arts)
Google Chrome (HKLM-x32\...\Google Chrome) (Version: 121.0.6167.187 - Google LLC)
Chrome Remote Desktop Host (HKLM-x32\...\{3AD6E7D6-4AED-4BE4-BD97-0D2D815EF181}) (Version: 122.0.6261.0 - Google LLC)
Intel(R) Dynamic Platform and Thermal Framework (HKLM-x32\...\{654EE65D-FAA4-4EA6-8C07-DC94E6A304D4}) (Version: 8.5.10103.7263 - Intel Corporation)
Intel(R) HID Event Filter (HKLM-x32\...\3FB06EEC-013D-4366-9918-71B97DFB84EB) (Version: 2.2.1.375 - Intel Corporation)
Intel(R) Chipset Device Software (HKLM\...\{148D6ED8-24B8-443D-9C5B-5D6BF506671B}) (Version: 10.1.17903.8106 - Intel Corporation) Hidden
Intel(R) Icls (HKLM\...\{4625C928-49BB-44DC-92E3-B9EC0972C72D}) (Version: 1.0.0.0 - Intel Corporation) Hidden
Intel(R) LMS (HKLM\...\{C6577DC3-0C37-48BF-817B-54941E2A9D5F}) (Version: 1.0.0.0 - Intel Corporation) Hidden
Intel(R) Management Engine Components (HKLM\...\{0854C811-6DAD-441D-AB36-2F73631A04A1}) (Version: 1.0.0.0 - Intel Corporation) Hidden
Intel(R) Management Engine Components (HKLM\...\{1CEAC85D-2590-4760-800F-8DE5E91F3700}) (Version: 1914.12.0.1255 - Intel Corporation)
Intel(R) Management Engine Components (HKLM\...\{7715518B-08D0-4754-BB81-FE4FC61DFDF7}) (Version: 1.0.0.0 - Intel Corporation) Hidden
Intel(R) Management Engine Driver (HKLM\...\{4C230277-5515-4B51-B9E6-97880684B10C}) (Version: 1.0.0.0 - Intel Corporation) Hidden
Intel(R) OEM Extension (HKLM\...\{FEB772C1-919E-4145-9691-AFFAC915496F}) (Version: 1.0.0.0 - Intel Corporation) Hidden
Intel(R) Processor Graphics (HKLM-x32\...\{F0E3AD40-2BBD-4360-9C76-B9AC9A5886EA}) (Version: 25.20.100.6617 - Intel Corporation)
Intel® Chipset Device Software (HKLM-x32\...\{70281077-96c3-4f75-938c-dc4746110c00}) (Version: 10.1.17903.8106 - Intel(R) Corporation)
Microsoft .NET Host - 6.0.21 (x64) (HKLM\...\{26FF35F7-ADBB-4C9F-97DA-79120DB80EC6}) (Version: 48.87.64667 - Microsoft Corporation) Hidden
Microsoft .NET Host FX Resolver - 6.0.21 (x64) (HKLM\...\{D937EF87-F11D-4778-973C-B71E178F95D0}) (Version: 48.87.64667 - Microsoft Corporation) Hidden
Microsoft .NET Runtime - 6.0.21 (x64) (HKLM\...\{8D2EC92E-5903-4B25-9406-182B8EFA834F}) (Version: 48.87.64667 - Microsoft Corporation) Hidden
Microsoft 365 - cs-cz (HKLM\...\O365HomePremRetail - cs-cz) (Version: 16.0.17231.20236 - Microsoft Corporation)
Microsoft SQL Server Compact 3.5 SP2 ENU (HKLM-x32\...\{3A9FC03D-C685-4831-94CF-4EDFD3749497}) (Version: 3.5.8080.0 - Microsoft Corporation) Hidden
Microsoft SQL Server Compact 3.5 SP2 x64 ENU (HKLM\...\{D4AD39AD-091E-4D33-BB2B-59F6FCB8ADC3}) (Version: 3.5.8080.0 - Microsoft Corporation) Hidden
Microsoft SQL Server Compact 4.0 SP1 x64 ENU (HKLM\...\{78909610-D229-459C-A936-25D92283D3FD}) (Version: 4.0.8876.1 - Microsoft Corporation)
Microsoft Update Health Tools (HKLM\...\{C6FD611E-7EFE-488C-A0E0-974C09EF6473}) (Version: 5.72.0.0 - Microsoft Corporation)
Microsoft VC++ redistributables repacked. (HKLM\...\{2FAF2A80-5906-467E-8AD2-B83C94383600}) (Version: 12.0.0.0 - Intel Corporation) Hidden
Microsoft VC++ redistributables repacked. (HKLM-x32\...\{F85F7FF0-5DFF-4BC0-9045-C9573D1BC11F}) (Version: 12.0.0.0 - Intel Corporation) Hidden
Microsoft Visual C++ 2010 x86 Redistributable - 10.0.30319 (HKLM-x32\...\{196BB40D-1578-3D01-B289-BEFC77A11A1E}) (Version: 10.0.30319 - Microsoft Corporation)
Microsoft Visual C++ 2012 Redistributable (x64) - 11.0.60610 (HKLM-x32\...\{a1909659-0a08-4554-8af1-2175904903a1}) (Version: 11.0.60610.1 - Microsoft Corporation)
Microsoft Visual C++ 2012 Redistributable (x64) - 11.0.61030 (HKLM-x32\...\{ca67548a-5ebe-413a-b50c-4b9ceb6d66c6}) (Version: 11.0.61030.0 - Microsoft Corporation)
Microsoft Visual C++ 2012 Redistributable (x86) - 11.0.60610 (HKLM-x32\...\{95716cce-fc71-413f-8ad5-56c2892d4b3a}) (Version: 11.0.60610.1 - Microsoft Corporation)
Microsoft Visual C++ 2012 Redistributable (x86) - 11.0.61030 (HKLM-x32\...\{33d1fd90-4274-48a1-9bc1-97e33d9c2d6f}) (Version: 11.0.61030.0 - Microsoft Corporation)
Microsoft Visual C++ 2012 Redistributable (x86) - 11.0.61030 (HKLM-x32\...\{f0080ca2-80ae-4958-b6eb-e8fa916d744a}) (Version: 11.0.61030.0 - Корпорация Майкрософт)
Microsoft Visual C++ 2012 x64 Additional Runtime - 11.0.61030 (HKLM\...\{37B8F9C7-03FB-3253-8781-2517C99D7C00}) (Version: 11.0.61030 - Microsoft Corporation) Hidden
Microsoft Visual C++ 2012 x64 Minimum Runtime - 11.0.61030 (HKLM\...\{CF2BEA3C-26EA-32F8-AA9B-331F7E34BA97}) (Version: 11.0.61030 - Microsoft Corporation) Hidden
Microsoft Visual C++ 2012 x86 Additional Runtime - 11.0.61030 (HKLM-x32\...\{B175520C-86A2-35A7-8619-86DC379688B9}) (Version: 11.0.61030 - Microsoft Corporation) Hidden
Microsoft Visual C++ 2012 x86 Minimum Runtime - 11.0.61030 (HKLM-x32\...\{BD95A8CD-1D9F-35AD-981A-3E7925026EBB}) (Version: 11.0.61030 - Microsoft Corporation) Hidden
Microsoft Visual C++ 2013 Redistributable (x64) - 12.0.30501 (HKLM-x32\...\{050d4fc8-5d48-4b8f-8972-47c82c46020f}) (Version: 12.0.30501.0 - Microsoft Corporation)
Microsoft Visual C++ 2013 Redistributable (x86) - 12.0.30501 (HKLM-x32\...\{f65db027-aff3-4070-886a-0d87064aabb1}) (Version: 12.0.30501.0 - Microsoft Corporation)
Microsoft Visual C++ 2013 x64 Additional Runtime - 12.0.21005 (HKLM\...\{929FBD26-9020-399B-9A7A-751D61F0B942}) (Version: 12.0.21005 - Microsoft Corporation) Hidden
Microsoft Visual C++ 2013 x64 Minimum Runtime - 12.0.21005 (HKLM\...\{A749D8E6-B613-3BE3-8F5F-045C84EBA29B}) (Version: 12.0.21005 - Microsoft Corporation) Hidden
Microsoft Visual C++ 2013 x86 Additional Runtime - 12.0.21005 (HKLM-x32\...\{F8CFEB22-A2E7-3971-9EDA-4B11EDEFC185}) (Version: 12.0.21005 - Microsoft Corporation) Hidden
Microsoft Visual C++ 2013 x86 Minimum Runtime - 12.0.21005 (HKLM-x32\...\{13A4EE12-23EA-3371-91EE-EFB36DDFFF3E}) (Version: 12.0.21005 - Microsoft Corporation) Hidden
Microsoft Visual C++ 2015-2022 Redistributable (x64) - 14.36.32532 (HKLM-x32\...\{8bdfe669-9705-4184-9368-db9ce581e0e7}) (Version: 14.36.32532.0 - Microsoft Corporation)
Microsoft Visual C++ 2015-2022 Redistributable (x86) - 14.36.32532 (HKLM-x32\...\{410c0ee1-00bb-41b6-9772-e12c2828b02f}) (Version: 14.36.32532.0 - Microsoft Corporation)
Microsoft Visual C++ 2022 X64 Additional Runtime - 14.36.32532 (HKLM\...\{0025DD72-A959-45B5-A0A3-7EFEB15A8050}) (Version: 14.36.32532 - Microsoft Corporation) Hidden
Microsoft Visual C++ 2022 X64 Minimum Runtime - 14.36.32532 (HKLM\...\{D5D19E2F-7189-42FE-8103-92CD1FA457C2}) (Version: 14.36.32532 - Microsoft Corporation) Hidden
Microsoft Visual C++ 2022 X86 Additional Runtime - 14.36.32532 (HKLM-x32\...\{C2C59CAB-8766-4ABD-A8EF-1151A36C41E5}) (Version: 14.36.32532 - Microsoft Corporation) Hidden
Microsoft Visual C++ 2022 X86 Minimum Runtime - 14.36.32532 (HKLM-x32\...\{73F77E4E-5A17-46E5-A5FC-8A061047725F}) (Version: 14.36.32532 - Microsoft Corporation) Hidden
Microsoft Windows Desktop Runtime - 6.0.21 (x64) (HKLM\...\{AF6BF7DD-2B12-40C5-919C-2EC99054BBE1}) (Version: 48.87.64723 - Microsoft Corporation) Hidden
Microsoft Windows Desktop Runtime - 6.0.21 (x64) (HKLM-x32\...\{0f39db03-9030-48f3-82ef-5384bed81d85}) (Version: 6.0.21.32717 - Microsoft Corporation)
NVIDIA Ovladač HD audia 1.3.40.14 (HKLM\...\{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_HDAudio.Driver) (Version: 1.3.40.14 - NVIDIA Corporation)
NVIDIA Ovladače grafiky 551.52 (HKLM\...\{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_Display.Driver) (Version: 551.52 - NVIDIA Corporation)
NVIDIA Systémový software PhysX 9.21.0713 (HKLM\...\{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_Display.PhysX) (Version: 9.21.0713 - NVIDIA Corporation)
Office 16 Click-to-Run Extensibility Component (HKLM\...\{90160000-008C-0000-1000-0000000FF1CE}) (Version: 16.0.17231.20236 - Microsoft Corporation) Hidden
Office 16 Click-to-Run Licensing Component (HKLM\...\{90160000-007E-0000-1000-0000000FF1CE}) (Version: 16.0.17231.20236 - Microsoft Corporation) Hidden
Office 16 Click-to-Run Localization Component (HKLM\...\{90160000-008C-0405-1000-0000000FF1CE}) (Version: 16.0.11425.20202 - Microsoft Corporation) Hidden
OptaneDowngradeGuard (HKLM\...\{86B0E6C1-32E0-42CC-BC4F-BF3C0730CECB}) (Version: 18.0.0.0 - Intel Corporation) Hidden
Qualcomm 11ac Wireless LAN&Bluetooth Installer (HKLM-x32\...\{E7086B15-806E-4519-A876-DBA9FDDE9A13}) (Version: 11.0.0.10531 - Qualcomm)
Realtek High Definition Audio Driver (HKLM-x32\...\{F132AF7F-7BCA-4EDE-8A7C-958108FE7DBC}) (Version: 6.0.8694.1 - Realtek Semiconductor Corp.)
RstDowngradeGuard (HKLM\...\{13C2A26E-7AD4-4D82-BB4F-DEA6E871B958}) (Version: 18.0.0.0 - Intel Corporation) Hidden
Steam (HKLM-x32\...\Steam) (Version: 2.10.91.91 - Valve Corporation)
Way of the Hunter (HKLM-x32\...\1350104287_is1) (Version: 1.25b - GOG.com)

Chrome apps:
============
Disk Google (HKU\S-1-5-21-4206321900-3256822646-2102545685-1001\...\6fb9b06d4f88696fefb20724a4424de3) (Version: 1.0 - Google\Chrome)
Dokumenty (HKU\S-1-5-21-4206321900-3256822646-2102545685-1001\...\51e33e4ab6fb98be1d8352b477e9e465) (Version: 1.0 - Google\Chrome)
Gmail (HKU\S-1-5-21-4206321900-3256822646-2102545685-1001\...\7c321199c15af17d480c7d88a460203b) (Version: 1.0 - Google\Chrome)
Prezentace (HKU\S-1-5-21-4206321900-3256822646-2102545685-1001\...\cb87c2b9b84116177b1430c670f3f8de) (Version: 1.0 - Google\Chrome)
Tabulky (HKU\S-1-5-21-4206321900-3256822646-2102545685-1001\...\24d1b98abdad683ba6db3b9a88d914ba) (Version: 1.0 - Google\Chrome)
Vzdálená plocha Chrome (HKU\S-1-5-21-4206321900-3256822646-2102545685-1001\...\c32e19182aaaf4dbd4413d41ae0ae674) (Version: 1.0 - Google\Chrome)
YouTube (HKU\S-1-5-21-4206321900-3256822646-2102545685-1001\...\7a7affc14752174e389cd28bcc96bd5f) (Version: 1.0 - Google\Chrome)

Packages:
=========

Adobe Acrobat Reader -> C:\Program Files\Adobe\Acrobat DC [2024-02-15] ()
Dev Home -> C:\Program Files\WindowsApps\Microsoft.Windows.DevHome_0.1000.389.0_x64__8wekyb3d8bbwe [2024-02-16] (Microsoft Corporation)
Microsoft Advertising SDK for XAML -> C:\Program Files\WindowsApps\microsoft.advertising.xaml_10.1811.1.0_x64__8wekyb3d8bbwe [2024-02-11] (Microsoft Corporation) [MS Ad]
Microsoft Advertising SDK for XAML -> C:\Program Files\WindowsApps\microsoft.advertising.xaml_10.1811.1.0_x86__8wekyb3d8bbwe [2024-02-11] (Microsoft Corporation) [MS Ad]
Microsoft Defender -> C:\Program Files\WindowsApps\Microsoft.6365217CE6EB4_102.2311.21003.0_x64__8wekyb3d8bbwe [2024-01-05] (Microsoft Corporation) [Startup Task]
Microsoft.MPEG2VideoExtension -> C:\Program Files\WindowsApps\Microsoft.MPEG2VideoExtension_1.0.61931.0_x64__8wekyb3d8bbwe [2023-10-12] (Microsoft Corporation)
Microsoft.WindowsAppRuntime.CBS -> C:\WINDOWS\SystemApps\Microsoft.WindowsAppRuntime.CBS_8wekyb3d8bbwe [2024-01-10] (Microsoft Corporation)
NVIDIA Control Panel -> C:\Program Files\WindowsApps\NVIDIACorp.NVIDIAControlPanel_8.1.964.0_x64__56jybvy8sckqj [2024-02-13] (NVIDIA Corp.)
Příslušenství pro Xbox -> C:\Program Files\WindowsApps\Microsoft.XboxDevices_2402.2402.12001.0_x64__8wekyb3d8bbwe [2024-02-16] (Microsoft Corporation)
Windows Feature Experience Pack -> C:\WINDOWS\SystemApps\MicrosoftWindows.Client.FileExp_cw5n1h2txyewy [2024-01-24] (Microsoft Corporation)

==================== Custom CLSID (Whitelisted): ==============

(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)

CustomCLSID: HKU\S-1-5-21-4206321900-3256822646-2102545685-1001_Classes\CLSID\{14100442-9664-1407-2647-000000000000}\localserver32 -> no filepath
CustomCLSID: HKU\S-1-5-21-4206321900-3256822646-2102545685-1001_Classes\CLSID\{38142727-3008-9161-1521-349515000000}\localserver32 -> C:\Program Files\Adobe\Acrobat DC\Acrobat\ADNotificationManager.exe (Adobe Inc. -> Adobe)
CustomCLSID: HKU\S-1-5-21-4206321900-3256822646-2102545685-1001_Classes\CLSID\{D5C4136A-93E5-4678-A6F8-0B2D9BB10999}\localserver32 -> C:\WINDOWS\System32\RunDll32.exe "C:\Program Files\Reg Organizer\Notifications.dll",Activate -ToastActivated => No File
ShellIconOverlayIdentifiers: [ OptaneIconOverlay] -> {A3AF6F6C-8BED-3D93-8B5D-33427B5D38E9} => C:\WINDOWS\System32\DriverStore\FileRepository\iastorpinningcomponent.inf_amd64_357b728ba88fb99a\OptaneShellExt.dll [2022-12-18] (Intel Corporation -> )
ContextMenuHandlers3: [OptaneContextMenu] -> {AD7EBB13-617D-3270-8FA8-46583499C4FB} => C:\WINDOWS\System32\DriverStore\FileRepository\iastorpinningcomponent.inf_amd64_357b728ba88fb99a\OptaneShellExt.dll [2022-12-18] (Intel Corporation -> )
ContextMenuHandlers5: [NvCplDesktopContext] -> {3D1975AF-48C6-4f8e-A182-BE0E08FA86A9} => C:\WINDOWS\System32\DriverStore\FileRepository\nvdmi.inf_amd64_bf6d2a134ab6747a\nvshext.dll [2024-02-08] (NVIDIA Corporation -> NVIDIA Corporation)

==================== Codecs (Whitelisted) ====================

==================== Shortcuts & WMI ========================

(The entries could be listed to be restored or removed.)

ShortcutWithArgument: C:\Users\unigl\Desktop\Vzdálená plocha Chrome.lnk -> C:\Program Files\Google\Chrome\Application\chrome_proxy.exe (Google LLC) -> --profile-directory=Default --app-id=cmkncekebbebpfilplodngbpllndjkfo
ShortcutWithArgument: C:\Users\unigl\AppData\Local\Google\Chrome\User Data\Default\Web Applications\_crx_cmkncekebbebpfilplodngbpllndjkfo\Vzdálená plocha Chrome.lnk -> C:\Program Files\Google\Chrome\Application\chrome_proxy.exe (Google LLC) -> --profile-directory=Default --app-id=cmkncekebbebpfilplodngbpllndjkfo
ShortcutWithArgument: C:\Users\unigl\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Aplikace Chrome\Disk Google (1).lnk -> C:\Program Files\Google\Chrome\Application\chrome_proxy.exe (Google LLC) -> --profile-directory="Profile 1" --app-id=aghbiahbpaijignceidepookljebhfak
ShortcutWithArgument: C:\Users\unigl\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Aplikace Chrome\Dokumenty (1).lnk -> C:\Program Files\Google\Chrome\Application\chrome_proxy.exe (Google LLC) -> --profile-directory="Profile 1" --app-id=mpnpojknpmmopombnjdcgaaiekajbnjb
ShortcutWithArgument: C:\Users\unigl\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Aplikace Chrome\Gmail (1).lnk -> C:\Program Files\Google\Chrome\Application\chrome_proxy.exe (Google LLC) -> --profile-directory="Profile 1" --app-id=fmgjjmmmlfnkbppncabfkddbjimcfncm
ShortcutWithArgument: C:\Users\unigl\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Aplikace Chrome\Prezentace (1).lnk -> C:\Program Files\Google\Chrome\Application\chrome_proxy.exe (Google LLC) -> --profile-directory="Profile 1" --app-id=kefjledonklijopmnomlcbpllchaibag
ShortcutWithArgument: C:\Users\unigl\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Aplikace Chrome\Tabulky (1).lnk -> C:\Program Files\Google\Chrome\Application\chrome_proxy.exe (Google LLC) -> --profile-directory="Profile 1" --app-id=fhihpiojkbmbpdjeoajapmgkhlnakfjf
ShortcutWithArgument: C:\Users\unigl\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Aplikace Chrome\Vzdálená plocha Chrome.lnk -> C:\Program Files\Google\Chrome\Application\chrome_proxy.exe (Google LLC) -> --profile-directory=Default --app-id=cmkncekebbebpfilplodngbpllndjkfo
ShortcutWithArgument: C:\Users\unigl\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Aplikace Chrome\YouTube.lnk -> C:\Program Files\Google\Chrome\Application\chrome_proxy.exe (Google LLC) -> --profile-directory="Profile 1" --app-id=agimnkijcaahngcdmfeangaknmldooml

==================== Loaded Modules (Whitelisted) =============

2019-10-04 10:56 - 2019-10-04 10:56 - 000000000 ____L (Microsoft Corporation) [symlink -> C:\Program Files\Common Files\Microsoft Shared\ClickToRun\AppvIsvSubsystems64.dll] C:\Program Files\Microsoft Office\root\Client\AppVIsvSubsystems64.dll
2019-10-04 10:56 - 2019-10-04 10:56 - 000000000 ____L (Microsoft Corporation) [symlink -> C:\Program Files\Common Files\Microsoft Shared\ClickToRun\AppvIsvSubsystems64.dll] C:\Program Files\Microsoft Office\root\Office16\AppVIsvSubsystems64.dll
2019-10-04 10:56 - 2019-10-04 10:56 - 000000000 ____L (Microsoft Corporation) [symlink -> C:\Program Files\Common Files\Microsoft Shared\ClickToRun\C2R64.dll] C:\Program Files\Microsoft Office\root\Office16\c2r64.dll
2019-10-04 10:56 - 2019-10-04 10:56 - 000000000 ____L (Microsoft Corporation) [symlink -> C:\Program Files\Common Files\Microsoft Shared\ClickToRun\C2R64.dll] C:\Program Files\Microsoft Office\root\vfs\ProgramFilesCommonX64\Microsoft Shared\OFFICE16\c2r64.dll
2024-02-21 22:22 - 2024-02-21 22:22 - 002849280 _____ (The OpenSSL Project, hxxps://www.openssl.org/) [File not signed] C:\Program Files\Electronic Arts\EA Desktop\EA Desktop\libcrypto-1_1-x64.dll
2024-02-21 22:22 - 2024-02-21 22:22 - 000685056 _____ (The OpenSSL Project, hxxps://www.openssl.org/) [File not signed] C:\Program Files\Electronic Arts\EA Desktop\EA Desktop\libssl-1_1-x64.dll
2024-02-21 22:22 - 2024-02-21 22:22 - 000046592 _____ (The Qt Company Ltd.) [File not signed] C:\Program Files\Electronic Arts\EA Desktop\EA Desktop\bearer\qgenericbearer.dll
2024-02-21 22:22 - 2024-02-21 22:22 - 006270976 _____ (The Qt Company Ltd.) [File not signed] C:\Program Files\Electronic Arts\EA Desktop\EA Desktop\Qt5Core.dll
2024-02-21 22:22 - 2024-02-21 22:22 - 001389568 _____ (The Qt Company Ltd.) [File not signed] C:\Program Files\Electronic Arts\EA Desktop\EA Desktop\Qt5Network.dll
2024-02-21 22:22 - 2024-02-21 22:22 - 000157184 _____ (The Qt Company Ltd.) [File not signed] C:\Program Files\Electronic Arts\EA Desktop\EA Desktop\Qt5WebSockets.dll

==================== Alternate Data Streams (Whitelisted) ========

==================== Safe Mode (Whitelisted) ==================

(If an entry is included in the fixlist, it will be removed from the registry. The "AlternateShell" will be restored.)

HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\MCODS => ""="Service"
HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Network\McMPFSvc => ""="Service"
HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Network\MCODS => ""="Service"

==================== Association (Whitelisted) =================

==================== Internet Explorer (Whitelisted) ==========

HKLM\Software\Wow6432Node\Microsoft\Internet Explorer\Main,Search Page =
HKLM\Software\Wow6432Node\Microsoft\Internet Explorer\Main,Default_Page_URL =
HKLM\Software\Wow6432Node\Microsoft\Internet Explorer\Main,Default_Search_URL =
HKLM\Software\Wow6432Node\Microsoft\Internet Explorer\Main,Local Page =
BHO-x32: Skype for Business Browser Helper -> {31D09BA0-12F5-4CCE-BE8A-2923E76605DA} -> C:\Program Files\Microsoft Office\root\VFS\ProgramFilesX86\Microsoft Office\Office16\OCHelper.dll [2024-02-02] (Microsoft Corporation -> Microsoft Corporation)
Handler: mso-minsb-roaming.16 - {83C25742-A9F7-49FB-9138-434302C88D07} - C:\Program Files\Microsoft Office\root\Office16\MSOSB.DLL [2024-02-02] (Microsoft Corporation -> Microsoft Corporation)
Handler-x32: mso-minsb-roaming.16 - {83C25742-A9F7-49FB-9138-434302C88D07} - C:\Program Files\Microsoft Office\root\VFS\ProgramFilesX86\Microsoft Office\Office16\MSOSB.DLL [2024-02-02] (Microsoft Corporation -> Microsoft Corporation)
Handler: mso-minsb.16 - {42089D2D-912D-4018-9087-2B87803E93FB} - C:\Program Files\Microsoft Office\root\Office16\MSOSB.DLL [2024-02-02] (Microsoft Corporation -> Microsoft Corporation)
Handler-x32: mso-minsb.16 - {42089D2D-912D-4018-9087-2B87803E93FB} - C:\Program Files\Microsoft Office\root\VFS\ProgramFilesX86\Microsoft Office\Office16\MSOSB.DLL [2024-02-02] (Microsoft Corporation -> Microsoft Corporation)
Handler: osf-roaming.16 - {42089D2D-912D-4018-9087-2B87803E93FB} - C:\Program Files\Microsoft Office\root\Office16\MSOSB.DLL [2024-02-02] (Microsoft Corporation -> Microsoft Corporation)
Handler-x32: osf-roaming.16 - {42089D2D-912D-4018-9087-2B87803E93FB} - C:\Program Files\Microsoft Office\root\VFS\ProgramFilesX86\Microsoft Office\Office16\MSOSB.DLL [2024-02-02] (Microsoft Corporation -> Microsoft Corporation)
Handler: osf.16 - {5504BE45-A83B-4808-900A-3A5C36E7F77A} - C:\Program Files\Microsoft Office\root\Office16\MSOSB.DLL [2024-02-02] (Microsoft Corporation -> Microsoft Corporation)
Handler-x32: osf.16 - {5504BE45-A83B-4808-900A-3A5C36E7F77A} - C:\Program Files\Microsoft Office\root\VFS\ProgramFilesX86\Microsoft Office\Office16\MSOSB.DLL [2024-02-02] (Microsoft Corporation -> Microsoft Corporation)

==================== Hosts content: =========================

(If needed Hosts: directive could be included in the fixlist to reset Hosts.)

2019-03-19 05:49 - 2019-03-19 05:49 - 000000824 _____ C:\WINDOWS\system32\drivers\etc\hosts

==================== Other Areas ===========================

(Currently there is no automatic fix for this section.)

HKU\S-1-5-21-4206321900-3256822646-2102545685-1001\Control Panel\Desktop\\Wallpaper -> c:\users\unigl\appdata\local\microsoft\windows\themes\beach tim\desktopbackground\01 gettyimages-1170458461_resized.jpg
DNS Servers: 8.8.8.8 - 8.8.4.4
HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Policies\System => (ConsentPromptBehaviorAdmin: 0) (ConsentPromptBehaviorUser: 3) (EnableLUA: 1)
HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer => (SmartScreenEnabled: Warn)
Windows Firewall is enabled.

==================== MSCONFIG/TASK MANAGER disabled items ==

(If an entry is included in the fixlist, it will be removed.)

MSCONFIG\Services: DDVCollectorSvcApi => 2
MSCONFIG\Services: DDVDataCollector => 2
MSCONFIG\Services: DDVRulesProcessor => 2
MSCONFIG\Services: DellClientManagementService => 2
MSCONFIG\Services: DellTechHub => 2
MSCONFIG\Services: ESRV_SVC_QUEENCREEK => 2
MSCONFIG\Services: MicrosoftEdgeElevationService => 3
MSCONFIG\Services: SupportAssistAgent => 2
MSCONFIG\Services: SystemUsageReportSvc_QUEENCREEK => 2
MSCONFIG\Services: USER_ESRV_SVC_QUEENCREEK => 3
HKLM\...\StartupApproved\Run: => "SecurityHealth"
HKLM\...\StartupApproved\Run: => "RtkAudUService"
HKLM\...\StartupApproved\Run: => "Wondershare Helper Compact.exe"
HKLM\...\StartupApproved\Run: => "UniConverterUpdateHelper"
HKLM\...\StartupApproved\Run32: => "Wondershare Helper Compact.exe"
HKU\S-1-5-21-4206321900-3256822646-2102545685-1001\...\StartupApproved\Run: => "EADM"
HKU\S-1-5-21-4206321900-3256822646-2102545685-1001\...\StartupApproved\Run: => "MicrosoftEdgeAutoLaunch_CA8893526DA595542D4789D1145D5425"
HKU\S-1-5-21-4206321900-3256822646-2102545685-1001\...\StartupApproved\Run: => "OneDrive"
HKU\S-1-5-21-4206321900-3256822646-2102545685-1001\...\StartupApproved\Run: => "EpicGamesLauncher"
HKU\S-1-5-21-4206321900-3256822646-2102545685-1001\...\StartupApproved\Run: => "Steam"

==================== FirewallRules (Whitelisted) ================

(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)

FirewallRules: [TCP Query User{01BC3B94-41AE-4896-B12C-DBEC41DE1EBE}C:\program files\ea games\ea sports fc 24\fc24.exe] => (Allow) C:\program files\ea games\ea sports fc 24\fc24.exe (Electronic Arts, Inc. -> Electronic Arts)
FirewallRules: [UDP Query User{49ADC446-B825-4770-B38C-671B74FF6A82}C:\program files\ea games\ea sports fc 24\fc24.exe] => (Allow) C:\program files\ea games\ea sports fc 24\fc24.exe (Electronic Arts, Inc. -> Electronic Arts)
FirewallRules: [TCP Query User{6CA7479A-4206-497E-8DA4-E6A4BD9D4B5D}C:\program files\google\chrome\application\chrome.exe] => (Block) C:\program files\google\chrome\application\chrome.exe (Google LLC -> Google LLC)
FirewallRules: [UDP Query User{02DEE30B-47EE-4CD3-AFF4-8AF7E3110043}C:\program files\google\chrome\application\chrome.exe] => (Block) C:\program files\google\chrome\application\chrome.exe (Google LLC -> Google LLC)
FirewallRules: [TCP Query User{D3A65F8B-44F7-4196-A9C2-123CB44BAA73}D:\games\download\call of duty 2 cz\setup\data\cod2mp_s.exe] => (Allow) D:\games\download\call of duty 2 cz\setup\data\cod2mp_s.exe () [File not signed]
FirewallRules: [UDP Query User{8A1BF716-2616-4A14-9EC4-ECA9CFC4FE8A}D:\games\download\call of duty 2 cz\setup\data\cod2mp_s.exe] => (Allow) D:\games\download\call of duty 2 cz\setup\data\cod2mp_s.exe () [File not signed]
FirewallRules: [TCP Query User{1838CC55-32C8-480C-A069-3E48AED5F2B6}C:\users\unigl\appdata\roaming\utorrent\utorrent.exe] => (Allow) C:\users\unigl\appdata\roaming\utorrent\utorrent.exe (BitTorrent Inc -> BitTorrent Limited)
FirewallRules: [UDP Query User{103A716F-38B7-4242-8AF2-D829B53DC333}C:\users\unigl\appdata\roaming\utorrent\utorrent.exe] => (Allow) C:\users\unigl\appdata\roaming\utorrent\utorrent.exe (BitTorrent Inc -> BitTorrent Limited)
FirewallRules: [TCP Query User{8D12593C-9641-4F4A-8516-3C5811F9A6F1}D:\games\call of duty modern warfare 2 campaign remastered\mw2cr.exe] => (Allow) D:\games\call of duty modern warfare 2 campaign remastered\mw2cr.exe (Activision Publishing Inc -> Activision) [File not signed]
FirewallRules: [UDP Query User{9682F152-F117-4C10-BAF7-7CF6CB6F82A7}D:\games\call of duty modern warfare 2 campaign remastered\mw2cr.exe] => (Allow) D:\games\call of duty modern warfare 2 campaign remastered\mw2cr.exe (Activision Publishing Inc -> Activision) [File not signed]
FirewallRules: [{5A3C99FB-8480-4BF6-85E6-8E6572E01EF5}] => (Allow) C:\Program Files (x86)\Google\Chrome Remote Desktop\122.0.6261.0\remoting_host.exe (Google LLC -> Google LLC)
FirewallRules: [TCP Query User{51CDC24E-452D-47FA-94BF-00F64A645AFB}D:\games\soundwire server\soundwireserver.exe] => (Allow) D:\games\soundwire server\soundwireserver.exe => No File
FirewallRules: [UDP Query User{F8C3E1D3-727D-4BD8-A0CF-02312FCA2F09}D:\games\soundwire server\soundwireserver.exe] => (Allow) D:\games\soundwire server\soundwireserver.exe => No File
FirewallRules: [{93FDFAC1-CDA4-475A-976D-722F1AE31C79}] => (Allow) D:\Games\Steam\Steam.exe (Valve Corp. -> Valve Corporation)
FirewallRules: [{426AD73F-97DA-466B-81CC-E42B251DE8DA}] => (Allow) D:\Games\Steam\Steam.exe (Valve Corp. -> Valve Corporation)
FirewallRules: [{06EF3345-B8E9-495E-BD02-A9A291D4FCE3}] => (Allow) D:\Games\Steam\bin\cef\cef.win7x64\steamwebhelper.exe (Valve Corp. -> Valve Corporation)
FirewallRules: [{008BDD13-9A6C-4689-BFF6-7E35B0685972}] => (Allow) D:\Games\Steam\bin\cef\cef.win7x64\steamwebhelper.exe (Valve Corp. -> Valve Corporation)
FirewallRules: [{617B14C6-5B12-436A-9B89-83FA201D567D}] => (Allow) C:\Program Files\Microsoft Office\root\Office16\outlook.exe (Microsoft Corporation -> Microsoft Corporation)
FirewallRules: [{5EBCD5BC-C762-42ED-B215-34696687DEF9}] => (Allow) c:\program files (x86)\exitlag\exitlag.exe => No File
FirewallRules: [{58BF604B-106D-4EFA-8AB8-26E05B1AD4C8}] => (Allow) c:\program files (x86)\exitlag\exitlag.exe => No File
FirewallRules: [{EDE85C07-4932-4521-AAA9-62C520344A95}] => (Allow) C:\Program Files (x86)\Microsoft\EdgeWebView\Application\121.0.2277.128\msedgewebview2.exe => No File
FirewallRules: [{CFFD5907-A41E-40F1-98B0-79503A550C9D}] => (Allow) C:\Program Files\EA Games\EA SPORTS FC 24\EAAntiCheat.GameServiceLauncher.exe (Electronic Arts, Inc. -> Electronic Arts)
FirewallRules: [{F0B91869-1E9B-4DB2-A80D-DCC65F116E5A}] => (Allow) C:\Program Files\EA Games\EA SPORTS FC 24\EAAntiCheat.GameServiceLauncher.exe (Electronic Arts, Inc. -> Electronic Arts)
FirewallRules: [{8DB30B22-6F9D-4C7B-A3BC-B9F92FAFB752}] => (Allow) C:\Program Files\Google\Chrome\Application\chrome.exe (Google LLC -> Google LLC)
FirewallRules: [{E21181F6-F204-4257-8CAB-B47BA34D0F93}] => (Allow) C:\Program Files\Electronic Arts\EA Desktop\EA Desktop\EABackgroundService.exe (Electronic Arts, Inc. -> Electronic Arts)
FirewallRules: [{AECB1237-427D-4164-8B27-03DE8DA6EA82}] => (Allow) C:\Program Files\Electronic Arts\EA Desktop\EA Desktop\EABackgroundService.exe (Electronic Arts, Inc. -> Electronic Arts)
FirewallRules: [{32ED9914-7741-4B49-A761-EBB8490FB0AA}] => (Allow) C:\Program Files\Electronic Arts\EA Desktop\EA Desktop\EAConnect_microsoft.exe (Electronic Arts, Inc. -> Electronic Arts)
FirewallRules: [{2AEB749D-B60F-4780-B0FC-316A31CB0BAE}] => (Allow) C:\Program Files\Electronic Arts\EA Desktop\EA Desktop\EAConnect_microsoft.exe (Electronic Arts, Inc. -> Electronic Arts)
FirewallRules: [{D79CDD41-4C5D-4F70-85DE-B99CEE69DDB2}] => (Allow) C:\Program Files\Electronic Arts\EA Desktop\EA Desktop\EADesktop.exe (Electronic Arts, Inc. -> Electronic Arts)
FirewallRules: [{28B76544-DA88-49E1-8FDB-3448C150DA45}] => (Allow) C:\Program Files\Electronic Arts\EA Desktop\EA Desktop\EADesktop.exe (Electronic Arts, Inc. -> Electronic Arts)
FirewallRules: [{637E6E07-77C5-494A-8CFB-D7D7EED9DEF7}] => (Allow) C:\Program Files\Electronic Arts\EA Desktop\EA Desktop\EAGEP.exe (Electronic Arts, Inc. -> Electronic Arts)
FirewallRules: [{44A30D32-14F4-423F-9BF4-2B8357B5E80B}] => (Allow) C:\Program Files\Electronic Arts\EA Desktop\EA Desktop\EAGEP.exe (Electronic Arts, Inc. -> Electronic Arts)
FirewallRules: [{966BA8BD-2AE0-49BC-AF1E-385098A9A4F9}] => (Allow) C:\Program Files\Electronic Arts\EA Desktop\EA Desktop\EALocalHostSvc.exe (Electronic Arts, Inc. -> Electronic Arts)
FirewallRules: [{7279517B-9637-44F0-BDF5-A5DA5B8417D7}] => (Allow) C:\Program Files\Electronic Arts\EA Desktop\EA Desktop\EALocalHostSvc.exe (Electronic Arts, Inc. -> Electronic Arts)
FirewallRules: [{8C1006DA-5619-4C58-A952-20ADC88B6D99}] => (Allow) C:\Program Files\Electronic Arts\EA Desktop\EA Desktop\EALaunchHelper.exe (Electronic Arts, Inc. -> Electronic Arts)

==================== Restore Points =========================

19-02-2024 13:26:15 EA app
21-02-2024 15:13:32 Microsoft Visual C++ 2012 Redistributable (x86) - 11.0.60610
21-02-2024 15:13:42 Microsoft Visual C++ 2012 Redistributable (x64) - 11.0.60610
22-02-2024 10:03:10 Removed Microsoft GameInput

==================== Faulty Device Manager Devices ============

Name: Technologie Intel(R) Smart Sound OED
Description: Technologie Intel(R) Smart Sound OED
Class Guid: {4d36e97d-e325-11ce-bfc1-08002be10318}
Manufacturer: Intel(R) Corporation
Service: IntcOED
Problem: : This device is disabled. (Code 22)
Resolution: In Device Manager, click "Action", and then click "Enable Device". This starts the Enable Device wizard. Follow the instructions.


==================== Event log errors: ========================

Application errors:
==================
Error: (02/22/2024 10:27:32 AM) (Source: VSS) (EventID: 8193) (User: )
Description: Chyba služby Stínová kopie svazků: Při volání rutiny CoCreateInstance došlo k neočekávané chybě. hr= 0x8007045b, Probíhá vypnutí systému..

Error: (02/22/2024 10:27:32 AM) (Source: VSS) (EventID: 13) (User: )
Description: Informace služby Stínová kopie svazku: Server COM s identifikátorem CLSID {4e14fba2-2e22-11d1-9964-00c04fbbb345} a názvem CEventSystem nelze spustit. [0x8007045b, Probíhá vypnutí systému.]

Error: (02/22/2024 10:26:17 AM) (Source: Application Error) (EventID: 1000) (User: GOGO_PC)
Description: Název chybující aplikace: bad_module_info, verze: 0.0.0.0, časové razítko: 0x00000000
Název chybujícího modulu: unknown, verze: 0.0.0.0, časové razítko: 0x00000000
Kód výjimky: 0xc0000005
Posun chyby: 0x00007ffc2f1a76ae
ID chybujícího procesu: 0x0x2d20
Čas spuštění chybující aplikace: 0x0x1da656ee743b69c
Cesta k chybující aplikaci: bad_module_info
Cesta k chybujícímu modulu: unknown
ID zprávy: b160361f-85db-4dfe-bd9a-7c9626a859e9
Úplný název chybujícího balíčku: Microsoft.GamingApp_2401.1001.10.0_x64__8wekyb3d8bbwe
ID aplikace související s chybujícím balíčkem: Microsoft.Xbox.App

Error: (02/21/2024 10:31:44 PM) (Source: Application Error) (EventID: 1000) (User: GOGO_PC)
Description: Název chybující aplikace: ShellExperienceHost.exe, verze: 10.0.22621.3085, časové razítko: 0x6075c8a3
Název chybujícího modulu: ucrtbase.dll, verze: 10.0.22621.2506, časové razítko: 0x097c794c
Kód výjimky: 0xc0000409
Posun chyby: 0x000000000007f61e
ID chybujícího procesu: 0x0x26f8
Čas spuštění chybující aplikace: 0x0x1da650d5ccae55f
Cesta k chybující aplikaci: C:\WINDOWS\SystemApps\ShellExperienceHost_cw5n1h2txyewy\ShellExperienceHost.exe
Cesta k chybujícímu modulu: C:\WINDOWS\System32\ucrtbase.dll
ID zprávy: 5697eee5-1b5d-4238-bdae-99fbd7897242
Úplný název chybujícího balíčku: Microsoft.Windows.ShellExperienceHost_10.0.22621.3085_neutral_neutral_cw5n1h2txyewy
ID aplikace související s chybujícím balíčkem: App

Error: (02/21/2024 10:31:41 PM) (Source: Application Error) (EventID: 1000) (User: GOGO_PC)
Description: Název chybující aplikace: ShellExperienceHost.exe, verze: 10.0.22621.3085, časové razítko: 0x6075c8a3
Název chybujícího modulu: ucrtbase.dll, verze: 10.0.22621.2506, časové razítko: 0x097c794c
Kód výjimky: 0xc0000409
Posun chyby: 0x000000000007f61e
ID chybujícího procesu: 0x0x234c
Čas spuštění chybující aplikace: 0x0x1da650d5a871dfd
Cesta k chybující aplikaci: C:\WINDOWS\SystemApps\ShellExperienceHost_cw5n1h2txyewy\ShellExperienceHost.exe
Cesta k chybujícímu modulu: C:\WINDOWS\System32\ucrtbase.dll
ID zprávy: c8ca0cfe-3fd0-47ea-9298-4de481623ec8
Úplný název chybujícího balíčku: Microsoft.Windows.ShellExperienceHost_10.0.22621.3085_neutral_neutral_cw5n1h2txyewy
ID aplikace související s chybujícím balíčkem: App

Error: (02/21/2024 10:31:34 PM) (Source: Application Error) (EventID: 1000) (User: GOGO_PC)
Description: Název chybující aplikace: ShellExperienceHost.exe, verze: 10.0.22621.3085, časové razítko: 0x6075c8a3
Název chybujícího modulu: ucrtbase.dll, verze: 10.0.22621.2506, časové razítko: 0x097c794c
Kód výjimky: 0xc0000409
Posun chyby: 0x000000000007f61e
ID chybujícího procesu: 0x0x16cc
Čas spuštění chybující aplikace: 0x0x1da650d540b1cbd
Cesta k chybující aplikaci: C:\WINDOWS\SystemApps\ShellExperienceHost_cw5n1h2txyewy\ShellExperienceHost.exe
Cesta k chybujícímu modulu: C:\WINDOWS\System32\ucrtbase.dll
ID zprávy: 8a94403d-7eab-4ce7-a250-2e37dfef48db
Úplný název chybujícího balíčku: Microsoft.Windows.ShellExperienceHost_10.0.22621.3085_neutral_neutral_cw5n1h2txyewy
ID aplikace související s chybujícím balíčkem: App

Error: (02/21/2024 02:55:08 PM) (Source: Application) (EventID: 1) (User: )
Description: Event-ID 1

Error: (02/21/2024 10:59:22 AM) (Source: Application) (EventID: 1) (User: )
Description: Event-ID 1


System errors:
=============
Error: (02/22/2024 12:04:26 PM) (Source: DCOM) (EventID: 10010) (User: GOGO_PC)
Description: Server {8CFC164F-4BE5-4FDD-94E9-E2AF73ED4A19} se v daném časovém limitu neregistroval u služby DCOM.

Error: (02/22/2024 10:35:41 AM) (Source: Service Control Manager) (EventID: 7001) (User: )
Description: Služba igfxCUIService2.0.0.0 závisí na službě SENS, která neuspěla při spuštění v důsledku následující chyby:
Zvolenou službu nelze spustit, protože není povolena nebo s ní není spojeno žádné povolené zařízení.

Error: (02/22/2024 10:35:37 AM) (Source: i8042prt) (EventID: 23) (User: )
Description: Nelze nastavit rozlišení myši.

Error: (02/22/2024 10:35:36 AM) (Source: i8042prt) (EventID: 23) (User: )
Description: Nelze nastavit rozlišení myši.

Error: (02/22/2024 10:35:34 AM) (Source: i8042prt) (EventID: 23) (User: )
Description: Nelze nastavit rozlišení myši.

Error: (02/22/2024 10:34:03 AM) (Source: Service Control Manager) (EventID: 7034) (User: )
Description: Služba Intel(R) Content Protection HECI Service byla neočekávaně ukončena. Tento stav nastal již 1krát.

Error: (02/22/2024 10:34:03 AM) (Source: Service Control Manager) (EventID: 7034) (User: )
Description: Služba Intel(R) Content Protection HDCP Service byla neočekávaně ukončena. Tento stav nastal již 1krát.

Error: (02/22/2024 10:34:03 AM) (Source: Service Control Manager) (EventID: 7031) (User: )
Description: Služba GameInput Service byla nečekaně ukončena. Stalo se to 1 krát. Následující opravná akce bude spuštěna za 1000 milisekund: Restartovat službu.


Windows Defender:
================
Date: 2024-02-22 03:19:18
Description:
Prohledávání Antivirová ochrana v programu Microsoft Defender bylo zastaveno před dokončením.
ID prohledávání: {B158DCB9-A851-4323-B487-61335F30D62C}
Typ prohledávání: Antimalwarový program
Parametry prohledávání: Rychlé prohledávání
Uživatel: NT AUTHORITY\SYSTEM

Date: 2024-02-21 22:30:39
Description:
Prohledávání Antivirová ochrana v programu Microsoft Defender bylo zastaveno před dokončením.
ID prohledávání: {C7F67E52-6BDF-470F-9FD3-7455A4C7A1C8}
Typ prohledávání: Antimalwarový program
Parametry prohledávání: Rychlé prohledávání
Uživatel: NT AUTHORITY\SYSTEM

Date: 2024-02-21 12:20:24
Description:
Prohledávání Antivirová ochrana v programu Microsoft Defender bylo zastaveno před dokončením.
ID prohledávání: {11FCB6A8-557C-43E9-8A81-26B9910A9E3B}
Typ prohledávání: Antimalwarový program
Parametry prohledávání: Rychlé prohledávání
Uživatel: NT AUTHORITY\SYSTEM

Date: 2024-02-19 22:34:59
Description:
Prohledávání Antivirová ochrana v programu Microsoft Defender bylo zastaveno před dokončením.
ID prohledávání: {637BCA5D-493A-4F37-B657-382ED19F8DBB}
Typ prohledávání: Antimalwarový program
Parametry prohledávání: Rychlé prohledávání
Uživatel: NT AUTHORITY\SYSTEM

Date: 2024-02-19 14:59:02
Description:
Prohledávání Antivirová ochrana v programu Microsoft Defender bylo zastaveno před dokončením.
ID prohledávání: {33A6AC08-8E62-479A-935F-C1ABF98561F4}
Typ prohledávání: Antimalwarový program
Parametry prohledávání: Rychlé prohledávání
Uživatel: NT AUTHORITY\SYSTEM
Event[0]

Date: 2024-02-22 01:13:26
Description:
Antivirová ochrana v programu Microsoft Defender Sledování prostředků: Využití procesoru překročilo svůj limit.
Počet přístupů: 51
Aktuální prahová hodnota: 3735609

Date: 2024-02-22 01:04:13
Description:
Antivirová ochrana v programu Microsoft Defender Sledování prostředků: Využití procesoru překročilo svůj limit.
Počet přístupů: 50
Aktuální prahová hodnota: 3735609

Date: 2024-02-22 00:53:43
Description:
Antivirová ochrana v programu Microsoft Defender Sledování prostředků: Využití procesoru překročilo svůj limit.
Počet přístupů: 49
Aktuální prahová hodnota: 3735609

Date: 2023-11-29 10:48:00
Description:
Antivirová ochrana v programu Microsoft Defender Sledování prostředků: Využití procesoru překročilo svůj limit.
Počet přístupů: 57
Aktuální prahová hodnota: 3735609

Date: 2023-11-29 10:38:40
Description:
Antivirová ochrana v programu Microsoft Defender Sledování prostředků: Využití procesoru překročilo svůj limit.
Počet přístupů: 56
Aktuální prahová hodnota: 3735609

CodeIntegrity:
===============
Date: 2023-12-04 16:29:33
Description:
Code Integrity determined that a process (\Device\HarddiskVolume5\ProgramData\Microsoft\Windows Defender\Platform\4.18.23100.2009-0\MsMpEng.exe) attempted to load \Device\HarddiskVolume5\Program Files\Microsoft Office\root\vfs\ProgramFilesCommonX64\Microsoft Shared\OFFICE16\MSOXMLMF.DLL that did not meet the Custom 3 / Antimalware signing level requirements.

Date: 2023-11-28 23:09:53
Description:
Code Integrity is unable to verify the image integrity of the file \Device\HarddiskVolume5\Windows\System32\fcon.dll because the set of per-page image hashes could not be found on the system.


==================== Memory info ===========================

BIOS: Dell Inc. 1.16.0 12/14/2021
Motherboard: Dell Inc. 0VFVNR
Processor: Intel(R) Core(TM) i5-9300H CPU @ 2.40GHz
Percentage of memory in use: 47%
Total physical RAM: 8036.81 MB
Available physical RAM: 4245.98 MB
Total Virtual: 16740.81 MB
Available Virtual: 10963.17 MB

==================== Drives ================================

Drive c: (OS) (Fixed) (Total:220.34 GB) (Free:95.28 GB) (Model: BC501 NVMe SK hynix 256GB) NTFS
Drive d: (DATA) (Fixed) (Total:931.39 GB) (Free:424.74 GB) (Model: ST1000LM035-1RK172) NTFS

\\?\Volume{e1c04f3b-c99c-411c-a771-f9951377bf69}\ (WINRETOOLS) (Fixed) (Total:0.97 GB) (Free:0.06 GB) NTFS
\\?\Volume{cae6b7bf-16d7-4af6-a402-49172a61d04b}\ (Image) (Fixed) (Total:15.16 GB) (Free:0.15 GB) NTFS
\\?\Volume{ec4c7600-3f57-4b6e-8f79-9b8773823385}\ (DELLSUPPORT) (Fixed) (Total:1.23 GB) (Free:0.4 GB) NTFS
\\?\Volume{99876d80-3da3-48aa-9859-d8c6f22ce6d7}\ (ESP) (Fixed) (Total:0.63 GB) (Free:0.55 GB) FAT32

==================== MBR & Partition Table ====================

==========================================================
Disk: 0 (Size: 931.5 GB) (Disk ID: 284F5D41)

Partition: GPT.

==========================================================
Disk: 1 (Size: 238.5 GB) (Disk ID: 284F5844)

Partition: GPT.

==================== End of Addition.txt =======================

Zdravím!
Chybí log FRST. Najdete ho na ploše v souboru frst.txt. Děkuji.

Scan result of Farbar Recovery Scan Tool (FRST) (x64) Version: 19.02.2024 02
Ran by unigl (administrator) on GOGO_PC (Dell Inc. G3 3590) (22-02-2024 12:41:11)
Running from C:\Users\unigl\Desktop\FRST64.exe
Loaded Profiles: unigl
Platform: Microsoft Windows 11 Home Version 23H2 22631.3155 (X64) Language: Čeština (Česko)
Default browser: Chrome
Boot Mode: Normal

==================== Processes (Whitelisted) =================

(If an entry is included in the fixlist, the process will be closed. The file will not be moved.)

(Adobe Inc. -> Adobe Systems Incorporated) C:\Program Files\Adobe\Acrobat DC\Acrobat\AdobeCollabSync.exe <2>
(A-Volute SAS -> A-Volute) C:\Windows\System32\NhNotifSys.exe
(C:\Program Files\Microsoft Office\root\Office16\OUTLOOK.EXE ->) (Microsoft Corporation -> Microsoft Corporation) C:\Program Files\Microsoft Office\root\vfs\ProgramFilesCommonX64\Microsoft Shared\OFFICE16\ai.exe
(DriverStore\FileRepository\dptf_cpu.inf_amd64_c2c5b0e17a28a48f\esif_uf.exe ->) (Intel Corporation -> Intel Corporation) C:\Windows\System32\DriverStore\FileRepository\dptf_cpu.inf_amd64_c2c5b0e17a28a48f\dptf_helper.exe
(explorer.exe ->) (Microsoft Corporation -> Microsoft Corporation) C:\Program Files\Microsoft Office\root\Office16\OUTLOOK.EXE
(Google LLC -> Google LLC) C:\Program Files (x86)\Google\Update\1.3.36.372\GoogleCrashHandler.exe
(Google LLC -> Google LLC) C:\Program Files (x86)\Google\Update\1.3.36.372\GoogleCrashHandler64.exe
(services.exe ->) (Adobe Inc. -> Adobe Inc.) C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\armsvc.exe
(services.exe ->) (A-Volute SAS -> Nahimic) C:\Windows\System32\NahimicService.exe
(services.exe ->) (Electronic Arts, Inc. -> Electronic Arts) C:\Program Files\Electronic Arts\EA Desktop\EA Desktop\EABackgroundService.exe
(services.exe ->) (Flexera Software LLC -> Flexera) C:\Program Files\Common Files\Macrovision Shared\FlexNet Publisher\FNPLicensingService64.exe
(services.exe ->) (Intel Corporation -> Intel Corporation) C:\Windows\System32\DriverStore\FileRepository\dptf_cpu.inf_amd64_c2c5b0e17a28a48f\esif_uf.exe
(services.exe ->) (Intel Corporation -> Intel Corporation) C:\Windows\System32\DriverStore\FileRepository\iastorac.inf_amd64_d6e4236a0f82e7b4\RstMwService.exe
(services.exe ->) (Intel Corporation -> Intel Corporation) C:\Windows\System32\DriverStore\FileRepository\igcc_dch.inf_amd64_9cf4db1a1fd1b22d\OneApp.IGCC.WinService.exe
(services.exe ->) (Intel Corporation -> Intel Corporation) C:\Windows\System32\DriverStore\FileRepository\iigd_dch.inf_amd64_4de65d949492707a\IntelCpHDCPSvc.exe
(services.exe ->) (Intel Corporation -> Intel Corporation) C:\Windows\System32\DriverStore\FileRepository\iigd_dch.inf_amd64_4de65d949492707a\IntelCpHeciSvc.exe
(services.exe ->) (Intel(R) Embedded Subsystems and IP Blocks Group -> Intel Corporation) C:\Windows\System32\DriverStore\FileRepository\dal.inf_amd64_b5484efd38adbe8d\jhi_service.exe
(services.exe ->) (Intel(R) Embedded Subsystems and IP Blocks Group -> Intel Corporation) C:\Windows\System32\DriverStore\FileRepository\lms.inf_amd64_dd349ca1e8d98184\LMS.exe
(services.exe ->) (Microsoft Corporation -> Microsoft Corporation) C:\Program Files\Common Files\microsoft shared\ClickToRun\OfficeClickToRun.exe
(services.exe ->) (Microsoft Corporation -> Microsoft Corporation) C:\Windows\System32\GameInputSvc.exe <2>
(services.exe ->) (Microsoft Corporation -> Microsoft Corporation) C:\Windows\System32\WirelessKB850NotificationService.exe
(services.exe ->) (Microsoft Windows Hardware Compatibility Publisher -> ) C:\Windows\System32\drivers\SessionService.exe
(services.exe ->) (Microsoft Windows Hardware Compatibility Publisher -> Windows (R) Win 7 DDK provider) C:\Windows\System32\drivers\AdminService.exe
(services.exe ->) (Microsoft Windows Publisher -> Microsoft Corporation) C:\ProgramData\Microsoft\Windows Defender\Platform\4.18.23110.3-0\MsMpEng.exe
(services.exe ->) (Microsoft Windows Publisher -> Microsoft Corporation) C:\ProgramData\Microsoft\Windows Defender\Platform\4.18.23110.3-0\NisSrv.exe
(services.exe ->) (NVIDIA Corporation -> NVIDIA Corporation) C:\Windows\System32\DriverStore\FileRepository\nvdmi.inf_amd64_bf6d2a134ab6747a\Display.NvContainer\NVDisplay.Container.exe <2>
(services.exe ->) (Qualcomm Atheros, Inc. -> ) C:\Windows\System32\drivers\QcomWlanSrvx64.exe
(services.exe ->) (Realtek Semiconductor Corp. -> Realtek Semiconductor) C:\Windows\System32\DriverStore\FileRepository\realtekservice.inf_amd64_fdd83e4dd87bcfa1\RtkAudUService64.exe
(services.exe ->) (Smart Sound Technology -> Intel) C:\Windows\System32\cAVS\Intel(R) Audio Service\IntelAudioService.exe
(svchost.exe ->) (Microsoft Corporation -> Microsoft Corporation) C:\Program Files\WindowsApps\Microsoft.GamingApp_2401.1001.10.0_x64__8wekyb3d8bbwe\XboxGameBarWidgets.exe
(svchost.exe ->) (Microsoft Corporation -> Microsoft Corporation) C:\Program Files\WindowsApps\Microsoft.GamingApp_2401.1001.10.0_x64__8wekyb3d8bbwe\XboxPcAppFT.exe
(svchost.exe ->) (Microsoft Corporation -> Microsoft Corporation) C:\Program Files\WindowsApps\Microsoft.XboxGamingOverlay_6.124.1221.0_x64__8wekyb3d8bbwe\GameBar.exe
(svchost.exe ->) (Microsoft Corporation -> Microsoft Corporation) C:\Program Files\WindowsApps\Microsoft.XboxGamingOverlay_6.124.1221.0_x64__8wekyb3d8bbwe\GameBarFTServer.exe
(svchost.exe ->) (Microsoft Windows -> ) C:\Program Files\WindowsApps\MicrosoftWindows.Client.WebExperience_424.1301.140.0_x64__cw5n1h2txyewy\Dashboard\WidgetService.exe
(svchost.exe ->) (Microsoft Windows -> Microsoft Corporation) C:\Windows\ImmersiveControlPanel\SystemSettings.exe
(svchost.exe ->) (Microsoft Windows -> Microsoft Corporation) C:\Windows\System32\DataExchangeHost.exe
(svchost.exe ->) (Microsoft Windows -> Microsoft Corporation) C:\Windows\System32\dllhost.exe
(svchost.exe ->) (Microsoft Windows -> Microsoft Corporation) C:\Windows\System32\smartscreen.exe
(svchost.exe ->) (Microsoft Windows -> Microsoft Corporation) C:\Windows\UUS\Packages\Preview\amd64\MoUsoCoreWorker.exe
(svchost.exe ->) (Microsoft Windows -> Microsoft Corporation) C:\Windows\WinSxS\amd64_microsoft-windows-servicingstack_31bf3856ad364e35_10.0.22621.3073_none_e9771ec042bad855\TiWorker.exe

==================== Registry (Whitelisted) ===================

(If an entry is included in the fixlist, the registry item will be restored to default or removed. The file will not be moved.)

HKLM\...\Run: [RtkAudUService] => C:\Windows\System32\RtkAudUService64.exe [873976 2019-05-02] (Realtek Semiconductor Corp. -> Realtek Semiconductor)
HKLM\Software\Microsoft\Active Setup\Installed Components: [{8A69D345-D564-463c-AFF1-A69D9E530F96}] -> C:\Program Files\Google\Chrome\Application\121.0.6167.187\Installer\chrmstp.exe [2024-02-22] (Google LLC -> Google LLC)
HKLM\Software\...\Authentication\Credential Providers: [{C885AA15-1764-4293-B82A-0586ADD46B35}] ->

==================== Scheduled Tasks (Whitelisted) =================

(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)

Task: {1465500d-a209-4108-842c-089ebad64693} - no filepath. <==== ATTENTION
Task: {2cbbfda8-4b0c-49ac-85a7-8818410a0893} - no filepath. <==== ATTENTION
Task: {2fcca34f-ecc2-44b4-ad7e-3da6176209ba} - no filepath. <==== ATTENTION
Task: {415ff2d6-e7d8-412a-a347-9f908923de20} - no filepath. <==== ATTENTION
Task: {7dd9f761-c13c-4526-8281-99a1c0e60012} - no filepath. <==== ATTENTION
Task: {F1F00F8A-E352-412A-8CA2-E90FA7BB8589} - \Microsoft\Windows\UpdateOrchestrator\USO_UxBroker -> No File <==== ATTENTION
Task: {1FA7DD15-9360-48E6-B508-BAE31EABFA0E} - System32\Tasks\Adobe Acrobat Update Task => C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\AdobeARM.exe [1547208 2024-01-31] (Adobe Inc. -> Adobe Inc.)
Task: {687CB701-A669-4CF8-B70E-80059B603892} - System32\Tasks\GoogleUpdateTaskMachineCore{5F370170-0F3C-4C5B-A2E8-95DCBC4EA4D0} => C:\Program Files (x86)\Google\Update\GoogleUpdate.exe [162080 2023-10-12] (Google LLC -> Google LLC)
Task: {D48CF43E-0C21-48A8-B053-A6822F8C6AB5} - System32\Tasks\GoogleUpdateTaskMachineUA{527DC2E4-1B68-4EF5-A0E0-AF25E9D62FB8} => C:\Program Files (x86)\Google\Update\GoogleUpdate.exe [162080 2023-10-12] (Google LLC -> Google LLC)
Task: {60F4808A-B05C-41DF-A608-9653F850B229} - System32\Tasks\Microsoft\Office\Office Automatic Updates 2.0 => C:\Program Files\Common Files\Microsoft Shared\ClickToRun\OfficeC2RClient.exe [28372672 2024-02-10] (Microsoft Corporation -> Microsoft Corporation)
Task: {C7684857-0539-4910-9574-1E7E8EE5C3FA} - System32\Tasks\Microsoft\Office\Office ClickToRun Service Monitor => C:\Program Files\Common Files\Microsoft Shared\ClickToRun\OfficeC2RClient.exe [28372672 2024-02-10] (Microsoft Corporation -> Microsoft Corporation)
Task: {B7180413-5674-4717-961F-C67F2601760C} - System32\Tasks\Microsoft\Office\Office Feature Updates => C:\Program Files\Microsoft Office\root\Office16\sdxhelper.exe [306328 2024-02-16] (Microsoft Corporation -> Microsoft Corporation)
Task: {0813B751-3A92-4ADF-856B-7AC59E6EEF9E} - System32\Tasks\Microsoft\Office\Office Feature Updates Logon => C:\Program Files\Microsoft Office\root\Office16\sdxhelper.exe [306328 2024-02-16] (Microsoft Corporation -> Microsoft Corporation)
Task: {CE4E6670-4117-4B79-A127-67C4FC676EAE} - System32\Tasks\Microsoft\Office\Office Performance Monitor => C:\Program Files\Microsoft Office\root\VFS\ProgramFilesCommonX64\Microsoft Shared\Office16\operfmon.exe [170128 2024-02-02] (Microsoft Corporation -> Microsoft Corporation)
Task: {45CF73C8-9A94-47C5-8E45-347738A58FC5} - System32\Tasks\Microsoft\Windows\Mobile Broadband Accounts\MNO Metadata Parser => %SystemRoot%\System32\MbaeParserTask.exe (No File)
Task: {7F77C5FC-9809-44DC-B1A7-71E84501BDFE} - System32\Tasks\Microsoft\Windows\Windows Defender\Windows Defender Cache Maintenance => C:\ProgramData\Microsoft\Windows Defender\Platform\4.18.23110.3-0\MpCmdRun.exe [1608808 2023-12-07] (Microsoft Windows Publisher -> Microsoft Corporation)
Task: {1C6D182A-656B-49C8-BCC2-1FC2EBCC5C6A} - System32\Tasks\Microsoft\Windows\Windows Defender\Windows Defender Cleanup => C:\ProgramData\Microsoft\Windows Defender\Platform\4.18.23110.3-0\MpCmdRun.exe [1608808 2023-12-07] (Microsoft Windows Publisher -> Microsoft Corporation)
Task: {2649DECD-8B36-4240-9CF8-9ABAE04548E3} - System32\Tasks\Microsoft\Windows\Windows Defender\Windows Defender Scheduled Scan => C:\ProgramData\Microsoft\Windows Defender\Platform\4.18.23110.3-0\MpCmdRun.exe [1608808 2023-12-07] (Microsoft Windows Publisher -> Microsoft Corporation)
Task: {05ADFD6F-60A7-4A37-8F60-ED2E2C4A61CA} - System32\Tasks\Microsoft\Windows\Windows Defender\Windows Defender Verification => C:\ProgramData\Microsoft\Windows Defender\Platform\4.18.23110.3-0\MpCmdRun.exe [1608808 2023-12-07] (Microsoft Windows Publisher -> Microsoft Corporation)
Task: {8FB98E2B-31C5-49F1-9485-5B71E21857A3} - System32\Tasks\NvProfileUpdaterDaily_{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8} => C:\Program Files\NVIDIA Corporation\Update Core\NvProfileUpdater64.exe [910888 2023-11-02] (NVIDIA Corporation -> NVIDIA Corporation)
Task: {9B6C834C-C817-4BBE-8F08-D63B814969F4} - System32\Tasks\NvProfileUpdaterOnLogon_{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8} => C:\Program Files\NVIDIA Corporation\Update Core\NvProfileUpdater64.exe [910888 2023-11-02] (NVIDIA Corporation -> NVIDIA Corporation)
Task: {DF80E7CC-786E-4671-8ABF-D45F5C27227A} - System32\Tasks\Opera scheduled Autoupdate 1706874079 => C:\Users\unigl\AppData\Local\Programs\Opera\launcher.exe [2350496 2024-01-31] (Opera Norway AS -> Opera Software)

(If an entry is included in the fixlist, the task (.job) file will be moved. The file which is running by the task will not be moved.)


==================== Internet (Whitelisted) ====================

(If an item is included in the fixlist, if it is a registry item it will be removed or restored to default.)

Tcpip\Parameters: [DhcpNameServer] 10.0.0.138
Tcpip\..\Interfaces\{769a924c-b032-4a2c-a940-8b6e91c50654}: [NameServer] 8.8.8.8,8.8.4.4
Tcpip\..\Interfaces\{769a924c-b032-4a2c-a940-8b6e91c50654}: [DhcpNameServer] 10.0.0.138
Tcpip\..\Interfaces\{8ca6bab5-7671-435b-bda0-da848df7c0ce}: [DhcpNameServer] 10.0.0.138

Edge:
=======
Edge Profile: C:\Users\unigl\AppData\Local\Microsoft\Edge\User Data\Default [2024-02-13]
Edge Extension: (Dokumenty Google offline) - C:\Users\unigl\AppData\Local\Microsoft\Edge\User Data\Default\Extensions\ghbmnnjooekpmoecnnnilnnbdlolhkhi [2024-02-03]
Edge Extension: (Edge relevant text changes) - C:\Users\unigl\AppData\Local\Microsoft\Edge\User Data\Default\Extensions\jmjflgjpcpepeafmmgdpfkogkghcpiha [2024-02-10]

FireFox:
========
FF Plugin: @microsoft.com/SharePoint,version=14.0 -> C:\Program Files\Microsoft Office\root\Office16\NPSPWRAP.DLL [2024-02-02] (Microsoft Corporation -> Microsoft Corporation)
FF Plugin: Adobe Acrobat -> C:\Program Files\Adobe\Acrobat DC\Acrobat\Air\nppdf32.dll [2024-02-10] (Adobe Inc. -> Adobe Systems Inc.)
FF Plugin-x32: @microsoft.com/SharePoint,version=14.0 -> C:\Program Files\Microsoft Office\root\VFS\ProgramFilesX86\Microsoft Office\Office16\NPSPWRAP.DLL [2024-02-02] (Microsoft Corporation -> Microsoft Corporation)

Chrome:
=======
CHR DefaultProfile: Default
CHR Profile: C:\Users\unigl\AppData\Local\Google\Chrome\User Data\Default [2024-02-22]
CHR HomePage: Default -> hxxp://www.ask.com/?l=dis&o=41648005cr&gct=hp
CHR StartupUrls: Default -> "hxxp://www.google.com/"
CHR Session Restore: Default -> is enabled.
CHR Extension: (Adobe Acrobat: nástroje pro úpravu, převod a podpis souborů PDF) - C:\Users\unigl\AppData\Local\Google\Chrome\User Data\Default\Extensions\efaidnbmnnnibpcajpcglclefindmkaj [2024-02-01]
CHR Extension: (Dokumenty Google offline) - C:\Users\unigl\AppData\Local\Google\Chrome\User Data\Default\Extensions\ghbmnnjooekpmoecnnnilnnbdlolhkhi [2024-02-20]
CHR Extension: (LastPass: Free Password Manager) - C:\Users\unigl\AppData\Local\Google\Chrome\User Data\Default\Extensions\hdokiejnpimakedhajhdlcegeplioahd [2024-02-20]
CHR Extension: (Chrome Remote Desktop) - C:\Users\unigl\AppData\Local\Google\Chrome\User Data\Default\Extensions\inomeogfingihgjfjlpeplalcfajhgai [2023-09-01]
CHR Extension: (Rozšíření pro webové stránky - WP Screenshot) - C:\Users\unigl\AppData\Local\Google\Chrome\User Data\Default\Extensions\mhnppmochppgeilojkicdoghhgfnaaig [2023-09-01]
CHR Extension: (Úžasný snímek obrazovky a záznam obrazovky) - C:\Users\unigl\AppData\Local\Google\Chrome\User Data\Default\Extensions\nlipoenfbbikpbjkfpfillcgkoblgpmj [2024-02-21]
CHR Extension: (Platby Internetového obchodu Chrome) - C:\Users\unigl\AppData\Local\Google\Chrome\User Data\Default\Extensions\nmmhkkegccagdldgiimedpiccmgmieda [2023-09-01]
CHR Extension: (Snímání obrazovky - Nástroj pro snímání obrazovky) - C:\Users\unigl\AppData\Local\Google\Chrome\User Data\Default\Extensions\pmnphobdokkajkpbkajlaiooipfcpgio [2024-02-02]
CHR Profile: C:\Users\unigl\AppData\Local\Google\Chrome\User Data\Profile 1 [2024-02-22]
CHR Extension: (Adobe Acrobat: nástroje pro úpravu, převod a podpis souborů PDF) - C:\Users\unigl\AppData\Local\Google\Chrome\User Data\Profile 1\Extensions\efaidnbmnnnibpcajpcglclefindmkaj [2024-02-13]
CHR Extension: (Dokumenty Google offline) - C:\Users\unigl\AppData\Local\Google\Chrome\User Data\Profile 1\Extensions\ghbmnnjooekpmoecnnnilnnbdlolhkhi [2023-10-18]
CHR Extension: (Platby Internetového obchodu Chrome) - C:\Users\unigl\AppData\Local\Google\Chrome\User Data\Profile 1\Extensions\nmmhkkegccagdldgiimedpiccmgmieda [2023-09-08]
CHR Profile: C:\Users\unigl\AppData\Local\Google\Chrome\User Data\Profile 2 [2024-02-22]
CHR Extension: (Adobe Acrobat: nástroje pro úpravu, převod a podpis souborů PDF) - C:\Users\unigl\AppData\Local\Google\Chrome\User Data\Profile 2\Extensions\efaidnbmnnnibpcajpcglclefindmkaj [2023-12-14]
CHR Extension: (Dokumenty Google offline) - C:\Users\unigl\AppData\Local\Google\Chrome\User Data\Profile 2\Extensions\ghbmnnjooekpmoecnnnilnnbdlolhkhi [2023-10-18]
CHR Extension: (Platby Internetového obchodu Chrome) - C:\Users\unigl\AppData\Local\Google\Chrome\User Data\Profile 2\Extensions\nmmhkkegccagdldgiimedpiccmgmieda [2023-10-18]
CHR Profile: C:\Users\unigl\AppData\Local\Google\Chrome\User Data\System Profile [2024-02-22]
CHR HKU\S-1-5-21-4206321900-3256822646-2102545685-1001\SOFTWARE\Google\Chrome\Extensions\...\Chrome\Extension: [efaidnbmnnnibpcajpcglclefindmkaj]
CHR HKLM-x32\...\Chrome\Extension: [efaidnbmnnnibpcajpcglclefindmkaj]

Opera:
=======
OPR DefaultProfile: Default

==================== Services (Whitelisted) ===================

(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)

"MpKsla06c1369" => service could not be unlocked. <==== ATTENTION
HKLM\SYSTEM\ControlSet001\Services\MpKsla06c1369 => \??\C:\ProgramData\Microsoft\Windows Defender\Definition Updates\{DE539A92-ED9F-46A6-A2BB-644568167F33}\MpKslDrv.sys <==== ATTENTION (Rootkit!/Locked Service)

R2 AdobeARMservice; C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\armsvc.exe [172992 2024-01-31] (Adobe Inc. -> Adobe Inc.)
S3 chromoting; C:\Program Files (x86)\Google\Chrome Remote Desktop\122.0.6261.0\remoting_host.exe [73504 2024-01-23] (Google LLC -> Google LLC)
R3 ClickToRunSvc; C:\Program Files\Common Files\Microsoft Shared\ClickToRun\OfficeClickToRun.exe [14048768 2024-02-10] (Microsoft Corporation -> Microsoft Corporation)
S3 DraftSight API Service; C:\Program Files\Dassault Systemes\DraftSight\bin\dsHttpApiService.exe [132384 2023-05-11] (DASSAULT SYSTEMES SE -> Dassault Systèmes)
S3 EAAntiCheatService; C:\Program Files\EA\AC\eaanticheat.gameservice.exe [53217096 2024-02-14] (Electronic Arts, Inc. -> Electronic Arts)
R3 EABackgroundService; C:\Program Files\Electronic Arts\EA Desktop\EA Desktop\EABackgroundService.exe [12094568 2024-02-21] (Electronic Arts, Inc. -> Electronic Arts)
R2 NahimicService; C:\WINDOWS\system32\NahimicService.exe [1926840 2022-07-15] (A-Volute SAS -> Nahimic)
R2 NVDisplay.ContainerLocalSystem; C:\WINDOWS\System32\DriverStore\FileRepository\nvdmi.inf_amd64_bf6d2a134ab6747a\Display.NvContainer\NVDisplay.Container.exe [1275528 2024-02-08] (NVIDIA Corporation -> NVIDIA Corporation)
R2 QcomWlanSrv; C:\WINDOWS\System32\drivers\QcomWlanSrvx64.exe [188728 2022-01-23] (Qualcomm Atheros, Inc. -> )
R3 WdNisSvc; C:\ProgramData\Microsoft\Windows Defender\Platform\4.18.23110.3-0\NisSrv.exe [3174840 2023-12-07] (Microsoft Windows Publisher -> Microsoft Corporation)
R2 WinDefend; C:\ProgramData\Microsoft\Windows Defender\Platform\4.18.23110.3-0\MsMpEng.exe [133592 2023-12-07] (Microsoft Windows Publisher -> Microsoft Corporation)
R2 WirelessKB850NotificationService; C:\WINDOWS\System32\WirelessKB850NotificationService.exe [176624 2018-05-14] (Microsoft Corporation -> Microsoft Corporation)

===================== Drivers (Whitelisted) ===================

(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)

R1 Amfilter; C:\WINDOWS\System32\drivers\Amfltx64.sys [12288 2023-05-23] (Microsoft Windows Hardware Compatibility Publisher -> (Standard mouse types))
R3 Amps2prt; C:\WINDOWS\System32\drivers\Amps2x64.sys [21504 2023-05-23] (Microsoft Windows Hardware Compatibility Publisher -> (Standard mouse types))
S3 Amusbprt; C:\WINDOWS\System32\drivers\Amusbx64.sys [17920 2023-05-23] (Microsoft Windows Hardware Compatibility Publisher -> A4Tech Co.,Ltd.)
S3 AWCCDriver; C:\WINDOWS\System32\drivers\AWCCDriver.sys [43496 2023-04-09] (IndiLogic LLC -> Dell Inc.)
S3 DDDriver; C:\WINDOWS\System32\drivers\dddriver64Dcsa.sys [36728 2019-05-21] (Microsoft Windows Hardware Compatibility Publisher -> Dell Inc.)
S3 DellInstrumentation; C:\WINDOWS\System32\drivers\DellInstrumentation.sys [46640 2023-08-29] (Microsoft Windows Hardware Compatibility Publisher -> Dell)
S3 dg_ssudbus; C:\WINDOWS\System32\drivers\ssudbus2.sys [167440 2022-09-30] (Samsung Electronics CO., LTD. -> Samsung Electronics Co., Ltd.)
R3 MpKsleaeb8ecc; C:\ProgramData\Microsoft\Windows Defender\Definition Updates\{E03CE832-C6AC-4A33-98EA-458156B6801A}\MpKslDrv.sys [272664 2024-02-22] (Microsoft Windows -> Microsoft Corporation)
S1 ndextlag; C:\WINDOWS\system32\DRIVERS\ndextlag.sys [59696 2023-03-16] (WHIMSTERS FINANCIAL SOLUTIONS LTD -> Skowsand Tecnologia LTDA)
S3 ScpVBus; C:\WINDOWS\System32\drivers\ScpVBus.sys [39168 2013-05-19] (Bruce James -> Scarlet.Crush Productions)
S3 ssudqcfilter; C:\WINDOWS\System32\drivers\ssudqcfilter.sys [76832 2022-09-30] (Samsung Electronics CO., LTD. -> QUALCOMM Incorporated)
R1 steamxbox; C:\WINDOWS\System32\drivers\steamxbox.sys [278208 2023-02-21] (Valve Corp. -> Valve Corporation)
S0 WdBoot; C:\WINDOWS\System32\drivers\wd\WdBoot.sys [55856 2023-12-07] (Microsoft Windows Early Launch Anti-malware Publisher -> Microsoft Corporation)
R0 WdFilter; C:\WINDOWS\System32\drivers\wd\WdFilter.sys [594304 2023-12-07] (Microsoft Windows -> Microsoft Corporation)
R3 WdNisDrv; C:\WINDOWS\System32\drivers\wd\WdNisDrv.sys [105856 2023-12-07] (Microsoft Windows -> Microsoft Corporation)
S3 WOVAD; C:\WINDOWS\System32\drivers\womic.sys [51192 2022-01-14] (Microsoft Windows Hardware Compatibility Publisher -> Windows (R) Win 7 DDK provider)
S3 DellWAL; \??\C:\Program Files\Dell\DellDataVault\DDDriver64Dcsa.sys [X]
S3 EAAntiCheat; system32\drivers\eaanticheat.sys [X]

==================== NetSvcs (Whitelisted) ===================

(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)


==================== One month (created) (Whitelisted) =========

(If an entry is included in the fixlist, the file/folder will be moved.)

2024-02-22 12:41 - 2024-02-22 12:41 - 000021847 _____ C:\Users\unigl\Desktop\FRST.txt
2024-02-22 12:39 - 2024-02-22 12:39 - 000020438 _____ C:\Users\unigl\Downloads\[SkT]Prince_of_Persia_The_Lost_Crown_2024__Deluxe_Edition_Nintendo_Switch_Emulator_.torrent
2024-02-22 10:42 - 2024-02-22 10:42 - 000728678 _____ C:\WINDOWS\system32\perfh005.dat
2024-02-22 10:42 - 2024-02-22 10:42 - 000151894 _____ C:\WINDOWS\system32\perfc005.dat
2024-02-22 10:35 - 2024-02-22 10:35 - 000000008 _____ C:\ProgramData\ntuser.pol
2024-02-22 10:20 - 2024-02-22 12:41 - 000000000 ____D C:\FRST
2024-02-22 10:19 - 2024-02-22 10:19 - 002386944 _____ (Farbar) C:\Users\unigl\Desktop\FRST64.exe
2024-02-22 02:25 - 2024-02-22 02:25 - 000000000 ____D C:\WINDOWS\pss
2024-02-22 02:18 - 2024-02-22 02:18 - 000000000 ____D C:\Users\unigl\AppData\Local\ElevatedDiagnostics
2024-02-21 15:18 - 2024-02-21 20:59 - 000000000 ____D C:\Users\unigl\OneDrive\Dokumenty\FC 24
2024-02-20 04:17 - 2024-02-20 04:17 - 000000000 ____D C:\Users\unigl\AppData\Local\WayOfTheHunter
2024-02-20 00:30 - 2024-02-20 00:30 - 000000860 _____ C:\Users\Public\Desktop\Way of the Hunter.lnk
2024-02-20 00:30 - 2024-02-20 00:30 - 000000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Way of the Hunter [GOG.com]
2024-02-20 00:29 - 2024-02-20 00:29 - 000000000 ____D C:\ProgramData\GOG.com
2024-02-19 15:22 - 2024-02-19 15:22 - 000000000 ____D C:\Users\unigl\AppData\LocalLow\Messenger
2024-02-19 15:22 - 2024-02-19 15:22 - 000000000 ____D C:\Users\unigl\AppData\Local\Messenger
2024-02-19 14:38 - 2024-02-21 15:19 - 000000000 ____D C:\Program Files\EA
2024-02-19 14:38 - 2024-02-19 14:38 - 000001200 _____ C:\Users\Public\Desktop\EA SPORTS FC 24.lnk
2024-02-19 14:38 - 2024-02-19 14:38 - 000000000 ___HD C:\Program Files\Common Files\EAInstaller
2024-02-19 14:38 - 2024-02-19 14:38 - 000000000 ____D C:\ProgramData\eaanticheat
2024-02-19 13:26 - 2024-02-21 22:22 - 000000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\EA
2024-02-19 13:26 - 2024-02-21 22:22 - 000000000 ____D C:\ProgramData\EA Desktop
2024-02-19 13:26 - 2024-02-19 13:26 - 000000000 ____D C:\Users\unigl\AppData\Local\Electronic Arts
2024-02-19 13:26 - 2024-02-19 13:26 - 000000000 ____D C:\Users\unigl\AppData\Local\EADesktop
2024-02-17 14:23 - 2024-02-17 14:23 - 000000000 ____D C:\Users\unigl\OneDrive\Dokumenty\CPY_SAVES
2024-02-16 13:38 - 2024-02-16 13:38 - 000000000 ____D C:\Program Files\Common Files\DESIGNER
2024-02-16 13:01 - 2024-02-16 13:01 - 000000651 _____ C:\Users\Public\Desktop\Steam.lnk
2024-02-16 13:01 - 2024-02-16 13:01 - 000000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Steam
2024-02-16 10:35 - 2024-02-19 15:26 - 000000000 ____D C:\WINDOWS\system32\Tasks\Meta
2024-02-16 10:34 - 2024-02-16 10:34 - 000000000 ____D C:\Users\unigl\AppData\Local\messenger-updater
2024-02-14 10:14 - 2024-02-14 10:15 - 000000000 ___HD C:\$WinREAgent
2024-02-13 15:22 - 2024-02-08 09:25 - 002095464 _____ C:\WINDOWS\system32\vulkaninfo-1-999-0-0-0.exe
2024-02-13 15:22 - 2024-02-08 09:25 - 002095464 _____ C:\WINDOWS\system32\vulkaninfo.exe
2024-02-13 15:22 - 2024-02-08 09:25 - 001655656 _____ C:\WINDOWS\SysWOW64\vulkaninfo-1-999-0-0-0.exe
2024-02-13 15:22 - 2024-02-08 09:25 - 001655656 _____ C:\WINDOWS\SysWOW64\vulkaninfo.exe
2024-02-13 15:22 - 2024-02-08 09:25 - 001278824 _____ C:\WINDOWS\SysWOW64\vulkan-1-999-0-0-0.dll
2024-02-13 15:22 - 2024-02-08 09:25 - 001278824 _____ C:\WINDOWS\SysWOW64\vulkan-1.dll
2024-02-13 15:22 - 2024-02-08 09:24 - 001487904 _____ (Khronos Group) C:\WINDOWS\system32\OpenCL.dll
2024-02-13 15:22 - 2024-02-08 09:24 - 001434368 _____ C:\WINDOWS\system32\vulkan-1-999-0-0-0.dll
2024-02-13 15:22 - 2024-02-08 09:24 - 001434368 _____ C:\WINDOWS\system32\vulkan-1.dll
2024-02-13 15:22 - 2024-02-08 09:24 - 001226760 _____ (Khronos Group) C:\WINDOWS\SysWOW64\OpenCL.dll
2024-02-13 15:22 - 2024-02-08 09:20 - 001542176 _____ (NVIDIA Corporation) C:\WINDOWS\system32\NvIFR64.dll
2024-02-13 15:22 - 2024-02-08 09:20 - 001199224 _____ (NVIDIA Corporation) C:\WINDOWS\SysWOW64\NvIFR.dll
2024-02-13 15:22 - 2024-02-08 09:20 - 001040920 _____ (NVIDIA Corporation) C:\WINDOWS\system32\nvml.dll
2024-02-13 15:22 - 2024-02-08 09:20 - 000670240 _____ (NVIDIA Corporation) C:\WINDOWS\system32\nvofapi64.dll
2024-02-13 15:22 - 2024-02-08 09:20 - 000505352 _____ (NVIDIA Corporation) C:\WINDOWS\SysWOW64\nvofapi.dll
2024-02-13 15:22 - 2024-02-08 09:19 - 002173984 _____ (NVIDIA Corporation) C:\WINDOWS\system32\NvFBC64.dll
2024-02-13 15:22 - 2024-02-08 09:19 - 001625096 _____ (NVIDIA Corporation) C:\WINDOWS\SysWOW64\NvFBC.dll
2024-02-13 15:22 - 2024-02-08 09:19 - 001024136 _____ (NVIDIA Corporation) C:\WINDOWS\system32\nvEncodeAPI64.dll
2024-02-13 15:22 - 2024-02-08 09:19 - 000842376 _____ (NVIDIA Corporation) C:\WINDOWS\system32\nvidia-smi.exe
2024-02-13 15:22 - 2024-02-08 09:19 - 000786960 _____ (NVIDIA Corporation) C:\WINDOWS\SysWOW64\nvEncodeAPI.dll
2024-02-13 15:21 - 2024-02-08 09:18 - 000459272 _____ (NVIDIA Corporation) C:\WINDOWS\system32\nvdebugdump.exe
2024-02-13 15:21 - 2024-02-08 09:17 - 016033312 _____ (NVIDIA Corporation) C:\WINDOWS\SysWOW64\nvcuvid.dll
2024-02-13 15:21 - 2024-02-08 09:17 - 012928648 _____ (NVIDIA Corporation) C:\WINDOWS\system32\nvcuvid.dll
2024-02-13 15:21 - 2024-02-08 09:17 - 006780424 _____ (NVIDIA Corporation) C:\WINDOWS\SysWOW64\nvcuda.dll
2024-02-13 15:21 - 2024-02-08 09:17 - 005909112 _____ (NVIDIA Corporation) C:\WINDOWS\system32\nvcpl.dll
2024-02-13 15:21 - 2024-02-08 09:17 - 005773448 _____ (NVIDIA Corporation) C:\WINDOWS\system32\nvcudadebugger.dll
2024-02-13 15:21 - 2024-02-08 09:17 - 003721232 _____ (NVIDIA Corporation) C:\WINDOWS\system32\nvcuda.dll
2024-02-13 15:21 - 2024-02-08 09:17 - 000853112 _____ (NVIDIA Corporation) C:\WINDOWS\system32\MCU.exe
2024-02-13 15:21 - 2024-02-08 09:15 - 006030992 _____ (NVIDIA Corporation) C:\WINDOWS\SysWOW64\nvapi.dll
2024-02-13 15:21 - 2024-02-07 23:49 - 000120261 _____ C:\WINDOWS\system32\nvinfo.pb
2024-02-13 12:21 - 2024-02-13 12:21 - 000002677 _____ C:\Users\unigl\Desktop\Vzdálená plocha Chrome.lnk
2024-02-13 02:18 - 2024-02-20 04:11 - 000000000 ____D C:\Users\unigl\AppData\Local\ChemTable Software
2024-02-11 14:22 - 2024-02-11 13:29 - 000809496 ____R (Creative Labs Inc.) C:\WINDOWS\SysWOW64\tmp6261.tmp
2024-02-11 13:59 - 2024-02-11 14:22 - 000000000 ____D C:\Users\unigl\OneDrive\Dokumenty\Ubisoft
2024-02-11 13:59 - 2024-02-11 14:22 - 000000000 ____D C:\Users\unigl\AppData\Local\SKIDROW
2024-02-11 13:38 - 2024-02-11 13:29 - 000809496 ____R (Creative Labs Inc.) C:\WINDOWS\SysWOW64\tmp2144.tmp
2024-02-11 13:38 - 2024-02-11 13:29 - 000809496 ____R (Creative Labs Inc.) C:\WINDOWS\SysWOW64\tmp2134.tmp
2024-02-10 23:14 - 2024-02-22 00:13 - 000000000 ____D C:\Users\unigl\Desktop\ISLC v1.0.3.0
2024-02-02 19:25 - 2024-02-02 19:25 - 000000000 ____D C:\Users\unigl\AppData\LocalLow\uTorrent.WebView2
2024-02-02 19:24 - 2024-02-02 19:24 - 000000937 _____ C:\Users\unigl\Desktop\µTorrent.lnk
2024-02-02 14:30 - 2024-02-12 22:48 - 000000000 ___HD C:\Users\unigl\.opera
2024-02-02 14:10 - 2024-02-20 12:33 - 000000000 ____D C:\Users\unigl\.fontconfig
2024-02-02 14:10 - 2024-02-02 14:10 - 000000000 ____D C:\Users\unigl\AppData\Local\converter
2024-02-02 14:09 - 2024-02-02 14:09 - 000012553 _____ C:\ProgramData\sguasgrp.vby
2024-02-02 14:09 - 2024-02-02 14:09 - 000000016 _____ C:\ProgramData\mntemp
2024-02-02 14:09 - 2024-02-02 14:09 - 000000000 ____D C:\Users\unigl\AppData\Local\Movavi
2024-02-02 14:09 - 2024-02-02 14:09 - 000000000 ____D C:\ProgramData\movavi
2024-02-02 14:04 - 2024-02-02 14:04 - 000000000 ____D C:\Program Files (x86)\WondershareUpdate
2024-02-02 14:03 - 2024-02-02 14:07 - 000000000 ____D C:\Users\unigl\AppData\Local\Wondershare
2024-02-02 14:03 - 2024-02-02 14:07 - 000000000 ____D C:\ProgramData\Wondershare
2024-02-02 14:03 - 2024-02-02 14:07 - 000000000 ____D C:\Program Files\Wondershare
2024-02-02 14:03 - 2024-02-02 14:04 - 000000000 ____D C:\Users\unigl\AppData\Roaming\Wondershare
2024-02-02 12:41 - 2024-02-13 02:27 - 000003632 _____ C:\WINDOWS\system32\Tasks\Opera scheduled Autoupdate 1706874079
2024-02-02 12:41 - 2024-02-02 12:41 - 000000000 ____D C:\Users\unigl\AppData\Local\Opera Software
2024-02-02 12:40 - 2024-02-02 12:40 - 000000000 ____D C:\Users\unigl\AppData\Roaming\Opera Software
2024-02-01 23:38 - 2024-02-21 22:32 - 000001911 _____ C:\Users\unigl\Desktop\EA.lnk
2024-02-01 23:33 - 2024-02-01 23:33 - 000001563 _____ C:\Users\unigl\Desktop\Zástupce Plocha (OneDrive - Osobní).lnk
2024-02-01 08:25 - 2024-02-20 12:33 - 000000000 ____D C:\EADesktopDev
2024-02-01 02:50 - 2024-01-18 12:32 - 000121880 _____ (NVIDIA Corporation) C:\WINDOWS\system32\Drivers\nvhda64v.sys
2024-01-29 02:19 - 2024-01-29 02:19 - 000000000 ____D C:\Users\unigl\AppData\Roaming\NVIDIA
2024-01-29 00:04 - 2024-02-21 22:19 - 000000000 ____D C:\Users\unigl\AppData\Local\NVIDIA Corporation
2024-01-29 00:04 - 2024-02-20 12:30 - 000003894 _____ C:\WINDOWS\system32\Tasks\NvProfileUpdaterDaily_{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}
2024-01-29 00:04 - 2024-02-20 12:30 - 000003654 _____ C:\WINDOWS\system32\Tasks\NvProfileUpdaterOnLogon_{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}
2024-01-24 16:41 - 2024-01-24 16:41 - 000019222 _____ C:\WINDOWS\SysWOW64\IntegratedServicesRegionPolicySet.json
2024-01-24 16:40 - 2024-01-24 16:40 - 000019222 _____ C:\WINDOWS\system32\IntegratedServicesRegionPolicySet.json

==================== One month (modified) ==================

(If an entry is included in the fixlist, the file/folder will be moved.)

2024-02-22 12:04 - 2023-10-12 08:30 - 000000000 ____D C:\Program Files (x86)\Google
2024-02-22 12:04 - 2023-09-01 12:24 - 000000000 ____D C:\WINDOWS\SystemTemp
2024-02-22 12:04 - 2023-09-01 12:06 - 000000000 ____D C:\Users\unigl\OneDrive\Dokumenty\Soubory aplikace Outlook
2024-02-22 12:03 - 2023-09-01 12:24 - 000000000 ____D C:\ProgramData\regid.1991-06.com.microsoft
2024-02-22 10:42 - 2023-09-01 12:24 - 000000000 ____D C:\WINDOWS\INF
2024-02-22 10:42 - 2023-09-01 11:55 - 001718876 _____ C:\WINDOWS\system32\PerfStringBackup.INI
2024-02-22 10:35 - 2023-12-10 11:31 - 000000000 ____D C:\ProgramData\NVIDIA
2024-02-22 10:35 - 2023-09-01 12:24 - 000000000 ____D C:\WINDOWS\ServiceState
2024-02-22 10:35 - 2023-09-01 11:54 - 000000006 ____H C:\WINDOWS\Tasks\SA.DAT
2024-02-22 10:35 - 2023-09-01 11:48 - 000000000 ____D C:\ProgramData\Goodix
2024-02-22 10:35 - 2023-09-01 11:47 - 000012288 ___SH C:\DumpStack.log.tmp
2024-02-22 10:34 - 2023-09-01 12:21 - 000524288 _____ C:\WINDOWS\system32\config\BBI
2024-02-22 10:34 - 2019-03-19 05:52 - 000000000 ___HD C:\WINDOWS\system32\GroupPolicy
2024-02-22 10:29 - 2023-09-01 11:47 - 000000000 ____D C:\WINDOWS\system32\SleepStudy
2024-02-22 10:26 - 2023-09-25 07:58 - 000000000 ____D C:\Users\unigl\AppData\LocalLow\Temp
2024-02-22 10:26 - 2023-09-01 14:50 - 000000000 ____D C:\Users\unigl\AppData\Local\CrashDumps
2024-02-22 02:04 - 2023-10-12 08:31 - 000002249 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Google Chrome.lnk
2024-02-22 02:04 - 2023-10-12 08:31 - 000002208 _____ C:\Users\Public\Desktop\Google Chrome.lnk
2024-02-21 22:43 - 2023-09-01 12:31 - 000000000 ____D C:\WINDOWS\Panther
2024-02-21 22:23 - 2023-09-01 12:22 - 000000000 ____D C:\WINDOWS\CbsTemp
2024-02-21 22:19 - 2019-10-04 10:41 - 000000000 ____D C:\Program Files\NVIDIA Corporation
2024-02-21 22:18 - 2023-12-10 11:31 - 000000000 ____D C:\Users\unigl\AppData\Local\NVIDIA
2024-02-21 22:18 - 2023-12-10 11:31 - 000000000 ____D C:\ProgramData\NVIDIA Corporation
2024-02-21 22:18 - 2019-10-04 10:42 - 000000000 ____D C:\Program Files (x86)\NVIDIA Corporation
2024-02-21 18:43 - 2023-09-01 12:00 - 000000000 ____D C:\Users\unigl
2024-02-21 18:15 - 2023-10-27 05:13 - 000000000 ____D C:\WINDOWS\Minidump
2024-02-21 18:15 - 2023-08-30 20:09 - 007814706 ____N C:\WINDOWS\Minidump\022124-10140-01.dmp
2024-02-21 17:23 - 2023-09-13 15:14 - 000000000 ____D C:\Users\unigl\AppData\Roaming\Microsoft\Excel
2024-02-21 15:10 - 2023-09-01 12:24 - 000000000 ___HD C:\Program Files\WindowsApps
2024-02-21 15:10 - 2023-09-01 12:24 - 000000000 ____D C:\WINDOWS\AppReadiness
2024-02-21 15:10 - 2023-09-01 12:04 - 000000000 ____D C:\Users\unigl\AppData\Local\Packages
2024-02-21 14:53 - 2023-09-27 09:56 - 000000000 ____D C:\Users\unigl\AppData\Roaming\uTorrent
2024-02-21 00:56 - 2023-09-01 15:39 - 000000000 ____D C:\ProgramData\Packer
2024-02-20 12:22 - 2019-10-04 11:07 - 000000000 ____D C:\ProgramData\Packages
2024-02-20 12:12 - 2023-12-10 11:41 - 000000000 ____D C:\Users\unigl\AppData\Local\D3DSCache
2024-02-20 08:44 - 2023-09-04 11:36 - 000000000 ____D C:\Users\unigl\AppData\Roaming\Microsoft\Word
2024-02-19 15:27 - 2023-09-04 09:57 - 000003542 _____ C:\WINDOWS\system32\Tasks\Adobe Acrobat Update Task
2024-02-19 14:43 - 2023-09-01 12:24 - 000000000 ____D C:\WINDOWS\LiveKernelReports
2024-02-19 13:28 - 2023-09-01 12:37 - 000000000 ____D C:\Program Files\EA Games
2024-02-19 13:26 - 2023-09-01 12:37 - 000000000 ____D C:\Program Files\Electronic Arts
2024-02-19 13:26 - 2019-10-04 10:34 - 000000000 ____D C:\ProgramData\Package Cache
2024-02-17 14:16 - 2023-09-01 12:05 - 000000000 ____D C:\Users\unigl\AppData\Local\PlaceholderTileLogoFolder
2024-02-17 11:41 - 2023-09-13 20:00 - 002713080 _____ (Microsoft Corporation) C:\WINDOWS\system32\xgameruntime.dll
2024-02-17 11:41 - 2023-09-13 20:00 - 000689656 _____ (Microsoft Corporation) C:\WINDOWS\system32\gameplatformservices.dll
2024-02-17 11:41 - 2023-09-13 20:00 - 000218728 _____ (Microsoft Corporation) C:\WINDOWS\system32\gameconfighelper.dll
2024-02-17 11:41 - 2023-09-13 20:00 - 000202344 _____ (Microsoft Corporation) C:\WINDOWS\system32\gamelaunchhelper.dll
2024-02-17 11:41 - 2023-09-13 20:00 - 000144888 _____ (Microsoft Corporation) C:\WINDOWS\system32\gamingtcuihelpers.dll
2024-02-17 11:41 - 2023-09-13 20:00 - 000095848 _____ (Microsoft Corporation) C:\WINDOWS\system32\xgamehelper.exe
2024-02-17 11:41 - 2023-09-13 20:00 - 000075256 _____ (Microsoft Corporation) C:\WINDOWS\system32\xgamecontrol.exe
2024-02-16 13:37 - 2019-10-04 10:56 - 000000000 ____D C:\Program Files\Microsoft Office
2024-02-16 13:07 - 2023-09-17 07:47 - 000000000 ____D C:\Users\unigl\AppData\Local\Steam
2024-02-16 02:06 - 2023-11-30 17:34 - 000000000 ____D C:\Users\unigl\AppData\Local\ExitLag
2024-02-15 12:36 - 2023-09-04 09:57 - 000002075 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Adobe Acrobat.lnk
2024-02-15 12:36 - 2023-09-04 09:57 - 000002063 _____ C:\Users\Public\Desktop\Adobe Acrobat.lnk
2024-02-15 11:52 - 2023-09-01 12:21 - 000032768 _____ C:\WINDOWS\system32\config\ELAM
2024-02-14 11:14 - 2023-09-01 12:24 - 000000000 ____D C:\ProgramData\USOPrivate
2024-02-14 10:55 - 2023-09-26 22:02 - 000000000 ____D C:\WINDOWS\system32\Microsoft-Edge-WebView
2024-02-14 10:55 - 2023-09-01 12:24 - 000000000 ___RD C:\WINDOWS\ImmersiveControlPanel
2024-02-14 10:55 - 2023-09-01 12:24 - 000000000 ____D C:\WINDOWS\SystemResources
2024-02-14 10:55 - 2023-09-01 12:24 - 000000000 ____D C:\WINDOWS\system32\Sgrm
2024-02-14 10:55 - 2023-09-01 12:24 - 000000000 ____D C:\WINDOWS\bcastdvr
2024-02-14 10:23 - 2023-09-01 12:34 - 000000000 ____D C:\WINDOWS\system32\MRT
2024-02-14 10:21 - 2023-09-01 12:34 - 191155960 ____C (Microsoft Corporation) C:\WINDOWS\system32\MRT.exe
2024-02-14 10:17 - 2023-09-01 11:49 - 003212800 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\PrintConfig.dll
2024-02-13 12:21 - 2023-09-01 12:58 - 000000000 ____D C:\Users\unigl\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Aplikace Chrome
2024-02-11 18:38 - 2023-09-01 12:24 - 000000000 ____D C:\WINDOWS\registration
2024-02-08 09:15 - 2024-01-22 04:55 - 006943344 _____ (NVIDIA Corporation) C:\WINDOWS\system32\nvapi64.dll
2024-02-06 14:13 - 2023-09-01 11:47 - 000333136 _____ C:\WINDOWS\system32\FNTCACHE.DAT
2024-02-06 14:12 - 2023-09-01 17:33 - 000000000 ____D C:\Program Files\Microsoft OneDrive
2024-02-02 16:28 - 2023-09-01 12:06 - 000000000 ___RD C:\Users\unigl\OneDrive
2024-02-01 22:23 - 2023-09-01 11:55 - 000003716 _____ C:\WINDOWS\system32\Tasks\MicrosoftEdgeUpdateTaskMachineUA{19C3585E-E7D3-455E-852F-E553EF928B93}
2024-02-01 22:23 - 2023-09-01 11:55 - 000003592 _____ C:\WINDOWS\system32\Tasks\MicrosoftEdgeUpdateTaskMachineCore{0C9914C2-5F8B-4AC7-9971-8D2D4818A0AB}
2024-02-01 00:58 - 2023-10-12 08:30 - 000003844 _____ C:\WINDOWS\system32\Tasks\GoogleUpdateTaskMachineUA{527DC2E4-1B68-4EF5-A0E0-AF25E9D62FB8}
2024-02-01 00:58 - 2023-10-12 08:30 - 000003720 _____ C:\WINDOWS\system32\Tasks\GoogleUpdateTaskMachineCore{5F370170-0F3C-4C5B-A2E8-95DCBC4EA4D0}
2024-01-29 00:07 - 2023-09-04 09:57 - 000000000 ____D C:\Users\unigl\.ms-ad
2024-01-24 16:45 - 2023-09-01 12:24 - 000000000 ____D C:\WINDOWS\UUS
2024-01-24 16:45 - 2023-09-01 12:24 - 000000000 ____D C:\WINDOWS\SysWOW64\WinMetadata
2024-01-24 16:45 - 2023-09-01 12:24 - 000000000 ____D C:\WINDOWS\SysWOW64\setup
2024-01-24 16:45 - 2023-09-01 12:24 - 000000000 ____D C:\WINDOWS\system32\WinMetadata
2024-01-24 16:45 - 2023-09-01 12:24 - 000000000 ____D C:\WINDOWS\system32\setup
2024-01-24 16:45 - 2023-09-01 12:24 - 000000000 ____D C:\WINDOWS\system32\SecureBootUpdates
2024-01-24 16:45 - 2023-09-01 12:24 - 000000000 ____D C:\WINDOWS\system32\oobe
2024-01-24 16:45 - 2023-09-01 12:24 - 000000000 ____D C:\WINDOWS\system32\appraiser
2024-01-24 16:45 - 2023-09-01 12:24 - 000000000 ____D C:\WINDOWS\ShellComponents
2024-01-24 16:45 - 2023-09-01 12:24 - 000000000 ____D C:\WINDOWS\Provisioning
2024-01-24 16:45 - 2023-09-01 12:24 - 000000000 ____D C:\WINDOWS\BrowserCore
2024-01-23 15:12 - 2023-09-01 12:06 - 000000000 ____D C:\Users\unigl\OneDrive\Dokumenty\Scanned Documents

==================== Files in the root of some directories ========

2023-10-12 21:34 - 2023-11-28 15:57 - 000007627 _____ () C:\Users\unigl\AppData\Local\Resmon.ResmonCfg

==================== SigCheck ============================

(There is no automatic fix for files that do not pass verification.)

==================== End of FRST.txt ========================

Otevřte poznámkový blok a zkopírujte do něj:

Start

CloseProcesses:
HKLM\Software\...\Authentication\Credential Providers: [{C885AA15-1764-4293-B82A-0586ADD46B35}] ->
Task: {1465500d-a209-4108-842c-089ebad64693} - no filepath. <==== ATTENTION
Task: {2cbbfda8-4b0c-49ac-85a7-8818410a0893} - no filepath. <==== ATTENTION
Task: {2fcca34f-ecc2-44b4-ad7e-3da6176209ba} - no filepath. <==== ATTENTION
Task: {415ff2d6-e7d8-412a-a347-9f908923de20} - no filepath. <==== ATTENTION
Task: {7dd9f761-c13c-4526-8281-99a1c0e60012} - no filepath. <==== ATTENTION
Task: {F1F00F8A-E352-412A-8CA2-E90FA7BB8589} - \Microsoft\Windows\UpdateOrchestrator\USO_UxBroker -> No File <==== ATTENTION
Task: {45CF73C8-9A94-47C5-8E45-347738A58FC5} - System32\Tasks\Microsoft\Windows\Mobile Broadband Accounts\MNO Metadata Parser => %SystemRoot%\System32\MbaeParserTask.exe (No File)
"MpKsla06c1369" => service could not be unlocked. <==== ATTENTION
HKLM\SYSTEM\ControlSet001\Services\MpKsla06c1369 => \??\C:\ProgramData\Microsoft\Windows Defender\Definition Updates\{DE539A92-ED9F-46A6-A2BB-644568167F33}\MpKslDrv.sys <==== ATTENTION (Rootkit!/Locked Service)
C:\WINDOWS\SysWOW64\tmp6261.tmp
C:\WINDOWS\SysWOW64\tmp2144.tmp
C:\WINDOWS\SysWOW64\tmp2134.tmp
C:\DumpStack.log.tmp
C:\WINDOWS\system32\Tasks\GoogleUpdateTaskMachineUA{527DC2E4-1B68-4EF5-A0E0-AF25E9D62FB8}
C:\WINDOWS\system32\Tasks\GoogleUpdateTaskMachineCore{5F370170-0F3C-4C5B-A2E8-95DCBC4EA4D0}
CustomCLSID: HKU\S-1-5-21-4206321900-3256822646-2102545685-1001_Classes\CLSID\{14100442-9664-1407-2647-000000000000}\localserver32 -> no filepath
CustomCLSID: HKU\S-1-5-21-4206321900-3256822646-2102545685-1001_Classes\CLSID\{D5C4136A-93E5-4678-A6F8-0B2D9BB10999}\localserver32 -> C:\WINDOWS\System32\RunDll32.exe "C:\Program Files\Reg Organizer\Notifications.dll",Activate -ToastActivated => No File
FirewallRules: [TCP Query User{51CDC24E-452D-47FA-94BF-00F64A645AFB}D:\games\soundwire server\soundwireserver.exe] => (Allow) D:\games\soundwire server\soundwireserver.exe => No File
FirewallRules: [UDP Query User{F8C3E1D3-727D-4BD8-A0CF-02312FCA2F09}D:\games\soundwire server\soundwireserver.exe] => (Allow) D:\games\soundwire server\soundwireserver.exe => No File
FirewallRules: [{5EBCD5BC-C762-42ED-B215-34696687DEF9}] => (Allow) c:\program files (x86)\exitlag\exitlag.exe => No File
FirewallRules: [{58BF604B-106D-4EFA-8AB8-26E05B1AD4C8}] => (Allow) c:\program files (x86)\exitlag\exitlag.exe => No File
FirewallRules: [{EDE85C07-4932-4521-AAA9-62C520344A95}] => (Allow) C:\Program Files (x86)\Microsoft\EdgeWebView\Application\121.0.2277.128\msedgewebview2.exe => No File

EmptyTemp:
End

Uložte na plochu jako fixlist.txt. Spusťte znovu FRST a klikněte na >Fix<. Po skončení akce se objeví log, který sem zkopírujte.

Fix result of Farbar Recovery Scan Tool (x64) Version: 23.02.2024
Ran by unigl (24-02-2024 13:19:46) Run:1
Running from C:\Users\unigl\Desktop
Loaded Profiles: unigl
Boot Mode: Normal
==============================================

fixlist content:
*****************
Start

CloseProcesses:
HKLM\Software\...\Authentication\Credential Providers: [{C885AA15-1764-4293-B82A-0586ADD46B35}] ->
Task: {1465500d-a209-4108-842c-089ebad64693} - no filepath. <==== ATTENTION
Task: {2cbbfda8-4b0c-49ac-85a7-8818410a0893} - no filepath. <==== ATTENTION
Task: {2fcca34f-ecc2-44b4-ad7e-3da6176209ba} - no filepath. <==== ATTENTION
Task: {415ff2d6-e7d8-412a-a347-9f908923de20} - no filepath. <==== ATTENTION
Task: {7dd9f761-c13c-4526-8281-99a1c0e60012} - no filepath. <==== ATTENTION
Task: {F1F00F8A-E352-412A-8CA2-E90FA7BB8589} - \Microsoft\Windows\UpdateOrchestrator\USO_UxBroker -> No File <==== ATTENTION
Task: {45CF73C8-9A94-47C5-8E45-347738A58FC5} - System32\Tasks\Microsoft\Windows\Mobile Broadband Accounts\MNO Metadata Parser => %SystemRoot%\System32\MbaeParserTask.exe (No File)
"MpKsla06c1369" => service could not be unlocked. <==== ATTENTION
HKLM\SYSTEM\ControlSet001\Services\MpKsla06c1369 => \??\C:\ProgramData\Microsoft\Windows Defender\Definition Updates\{DE539A92-ED9F-46A6-A2BB-644568167F33}\MpKslDrv.sys <==== ATTENTION (Rootkit!/Locked Service)
C:\WINDOWS\SysWOW64\tmp6261.tmp
C:\WINDOWS\SysWOW64\tmp2144.tmp
C:\WINDOWS\SysWOW64\tmp2134.tmp
C:\DumpStack.log.tmp
C:\WINDOWS\system32\Tasks\GoogleUpdateTaskMachineUA{527DC2E4-1B68-4EF5-A0E0-AF25E9D62FB8}
C:\WINDOWS\system32\Tasks\GoogleUpdateTaskMachineCore{5F370170-0F3C-4C5B-A2E8-95DCBC4EA4D0}
CustomCLSID: HKU\S-1-5-21-4206321900-3256822646-2102545685-1001_Classes\CLSID\{14100442-9664-1407-2647-000000000000}\localserver32 -> no filepath
CustomCLSID: HKU\S-1-5-21-4206321900-3256822646-2102545685-1001_Classes\CLSID\{D5C4136A-93E5-4678-A6F8-0B2D9BB10999}\localserver32 -> C:\WINDOWS\System32\RunDll32.exe "C:\Program Files\Reg Organizer\Notifications.dll",Activate -ToastActivated => No File
FirewallRules: [TCP Query User{51CDC24E-452D-47FA-94BF-00F64A645AFB}D:\games\soundwire server\soundwireserver.exe] => (Allow) D:\games\soundwire server\soundwireserver.exe => No File
FirewallRules: [UDP Query User{F8C3E1D3-727D-4BD8-A0CF-02312FCA2F09}D:\games\soundwire server\soundwireserver.exe] => (Allow) D:\games\soundwire server\soundwireserver.exe => No File
FirewallRules: [{5EBCD5BC-C762-42ED-B215-34696687DEF9}] => (Allow) c:\program files (x86)\exitlag\exitlag.exe => No File
FirewallRules: [{58BF604B-106D-4EFA-8AB8-26E05B1AD4C8}] => (Allow) c:\program files (x86)\exitlag\exitlag.exe => No File
FirewallRules: [{EDE85C07-4932-4521-AAA9-62C520344A95}] => (Allow) C:\Program Files (x86)\Microsoft\EdgeWebView\Application\121.0.2277.128\msedgewebview2.exe => No File

EmptyTemp:
End
*****************

Processes closed successfully.
HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Authentication\Credential Providers\{C885AA15-1764-4293-B82A-0586ADD46B35} => removed successfully
"HKLM\Software\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tasks\{1465500d-a209-4108-842c-089ebad64693}" => removed successfully
"HKLM\Software\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tasks\{2cbbfda8-4b0c-49ac-85a7-8818410a0893}" => removed successfully
"HKLM\Software\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tasks\{2fcca34f-ecc2-44b4-ad7e-3da6176209ba}" => removed successfully
"HKLM\Software\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tasks\{415ff2d6-e7d8-412a-a347-9f908923de20}" => removed successfully
"HKLM\Software\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tasks\{7dd9f761-c13c-4526-8281-99a1c0e60012}" => removed successfully
"HKLM\Software\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Plain\{F1F00F8A-E352-412A-8CA2-E90FA7BB8589}" => removed successfully
"HKLM\Software\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tasks\{F1F00F8A-E352-412A-8CA2-E90FA7BB8589}" => removed successfully
"HKLM\Software\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tree\Microsoft\Windows\UpdateOrchestrator\USO_UxBroker" => removed successfully
"HKLM\Software\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Plain\{45CF73C8-9A94-47C5-8E45-347738A58FC5}" => removed successfully
"HKLM\Software\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tasks\{45CF73C8-9A94-47C5-8E45-347738A58FC5}" => removed successfully
C:\WINDOWS\System32\Tasks\Microsoft\Windows\Mobile Broadband Accounts\MNO Metadata Parser => moved successfully
"HKLM\Software\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tree\Microsoft\Windows\Mobile Broadband Accounts\MNO Metadata Parser" => removed successfully
"MpKsla06c1369" => service could not be unlocked. <==== ATTENTION => Error: No automatic fix found for this entry.
HKLM\SYSTEM\ControlSet001\Services\MpKsla06c1369 => \??\C:\ProgramData\Microsoft\Windows Defender\Definition Updates\{DE539A92-ED9F-46A6-A2BB-644568167F33}\MpKslDrv.sys <==== ATTENTION (Rootkit!/Locked Service) => Error: No automatic fix found for this entry.
C:\WINDOWS\SysWOW64\tmp6261.tmp => moved successfully
C:\WINDOWS\SysWOW64\tmp2144.tmp => moved successfully
C:\WINDOWS\SysWOW64\tmp2134.tmp => moved successfully
Could not move "C:\DumpStack.log.tmp" => Scheduled to move on reboot.
C:\WINDOWS\system32\Tasks\GoogleUpdateTaskMachineUA{527DC2E4-1B68-4EF5-A0E0-AF25E9D62FB8} => moved successfully
C:\WINDOWS\system32\Tasks\GoogleUpdateTaskMachineCore{5F370170-0F3C-4C5B-A2E8-95DCBC4EA4D0} => moved successfully
HKU\S-1-5-21-4206321900-3256822646-2102545685-1001_Classes\CLSID\{14100442-9664-1407-2647-000000000000} => removed successfully
HKU\S-1-5-21-4206321900-3256822646-2102545685-1001_Classes\CLSID\{D5C4136A-93E5-4678-A6F8-0B2D9BB10999} => removed successfully
"HKLM\SYSTEM\CurrentControlSet\services\SharedAccess\Parameters\FirewallPolicy\FirewallRules\\TCP Query User{51CDC24E-452D-47FA-94BF-00F64A645AFB}D:\games\soundwire server\soundwireserver.exe" => removed successfully
"HKLM\SYSTEM\CurrentControlSet\services\SharedAccess\Parameters\FirewallPolicy\FirewallRules\\UDP Query User{F8C3E1D3-727D-4BD8-A0CF-02312FCA2F09}D:\games\soundwire server\soundwireserver.exe" => removed successfully
"HKLM\SYSTEM\CurrentControlSet\services\SharedAccess\Parameters\FirewallPolicy\FirewallRules\\{5EBCD5BC-C762-42ED-B215-34696687DEF9}" => not found
"HKLM\SYSTEM\CurrentControlSet\services\SharedAccess\Parameters\FirewallPolicy\FirewallRules\\{58BF604B-106D-4EFA-8AB8-26E05B1AD4C8}" => not found
"HKLM\SYSTEM\CurrentControlSet\services\SharedAccess\Parameters\FirewallPolicy\FirewallRules\\{EDE85C07-4932-4521-AAA9-62C520344A95}" => removed successfully

=========== EmptyTemp: ==========

FlushDNS => completed
BITS transfer queue => 786432 B
DOMStore, IE Recovery, AppCache, Feeds Cache, Thumbcache, IconCache => 10547073 B
Java, Discord, Steam htmlcache, WinHttpAutoProxySvc/winhttp *.cache => 778 B
Windows/system/drivers => 8449611 B
Edge => 0 B
Chrome => 978052341 B
Firefox => 0 B
Opera => 0 B

Temp, IE cache, history, cookies, recent:
Default => 0 B
ProgramData => 0 B
Public => 0 B
systemprofile => 0 B
systemprofile32 => 0 B
LocalService => 0 B
NetworkService => 1166 B
unigl => 1555431916 B

RecycleBin => 0 B
EmptyTemp: => 2.4 GB temporary data Removed.

================================

Result of scheduled files to move (Boot Mode: Normal) (Date&Time: 24-02-2024 13:22:05)

C:\DumpStack.log.tmp => Could not move

==== End of Fixlog 13:22:05 ====

Bylo smazáno. Pokud se chyby, které jste měl (nic konkrétního jste o nuich neřekl) opravily, je to z mé strany vše.