VIRY.CZ

Scan result of Farbar Recovery Scan Tool (FRST) (x64) Version: 10.03.2024
Ran by Boss (administrator) on KACKA (10-03-2024 18:19:06)
Running from C:\Users\Boss\Desktop\FRST64.exe
Loaded Profiles: Boss
Platform: Microsoft Windows 10 Pro Version 22H2 19045.4046 (X64) Language: Čeština (Česko)
Default browser: FF
Boot Mode: Normal

==================== Processes (Whitelisted) =================

(If an entry is included in the fixlist, the process will be closed. The file will not be moved.)

(C:\Program Files (x86)\Common Files\Java\Java Update\jusched.exe ->) (Oracle America, Inc. -> Oracle Corporation) C:\Program Files (x86)\Common Files\Java\Java Update\jucheck.exe
(C:\Program Files (x86)\Steam\steam.exe ->) (Valve Corp. -> Valve Corporation) C:\Program Files (x86)\Steam\bin\cef\cef.win7x64\steamwebhelper.exe <7>
(C:\Program Files\AMD\CNext\CNext\AMDRSServ.exe ->) (Advanced Micro Devices Inc. -> Advanced Micro Devices, Inc.) C:\Program Files\AMD\CNext\CNext\amdow.exe
(C:\Program Files\AMD\CNext\CNext\AMDRSServ.exe ->) (Advanced Micro Devices Inc. -> Advanced Micro Devices, Inc.) C:\Program Files\AMD\CNext\CNext\AMDRSSrcExt.exe
(C:\Program Files\AMD\CNext\CNext\RadeonSoftware.exe ->) (Advanced Micro Devices Inc. -> Advanced Micro Devices, Inc.) C:\Program Files\AMD\CNext\CNext\cncmd.exe
(C:\Program Files\Common Files\microsoft shared\ClickToRun\OfficeClickToRun.exe ->) (Microsoft Corporation -> Microsoft Corporation) C:\Program Files\Common Files\microsoft shared\ClickToRun\AppVShNotify.exe
(C:\Program Files\WindowsApps\MSTeams_24004.1309.2689.2246_x64__8wekyb3d8bbwe\ms-teams.exe ->) (Microsoft Corporation -> Microsoft Corporation) C:\Program Files (x86)\Microsoft\EdgeWebView\Application\122.0.2365.80\msedgewebview2.exe <6>
(cmd.exe ->) (Advanced Micro Devices Inc. -> Advanced Micro Devices, Inc.) C:\Program Files\AMD\CNext\CNext\AMDRSServ.exe
(conhost.exe ->) (Advanced Micro Devices Inc. -> Advanced Micro Devices, Inc.) C:\Program Files\AMD\CNext\CNext\RadeonSoftware.exe
(DriverStore\FileRepository\u0392064.inf_amd64_f5afb73c644105f0\B392017\atiesrxx.exe ->) (Advanced Micro Devices Inc. -> AMD) C:\Windows\System32\DriverStore\FileRepository\u0392064.inf_amd64_f5afb73c644105f0\B392017\atieclxx.exe
(explorer.exe ->) (3369D7DB-FC10-4DBB-A701-31D053DEF758 -> The NW.js Community) C:\Program Files\WindowsApps\63685TenBrowser.TenBrowser_1.7.78.0_neutral__q4wt7ke8hpbsc\VFS\AppData\TenBrowser\TenBrowser.exe <8>
(explorer.exe ->) (Ivaylo Beltchev -> IvoSoft) [File not signed] C:\Program Files\Classic Shell\ClassicStartMenu.exe
(explorer.exe ->) (Scarlet.Crush Productions) [File not signed] C:\Program Files\Nefarius Software Solutions\ScpToolkit\ScpTrayApp.exe
(explorer.exe ->) (Valve Corp. -> Valve Corporation) C:\Program Files (x86)\Steam\steam.exe
(Google LLC -> Google LLC) C:\Program Files (x86)\Google\Update\1.3.36.372\GoogleCrashHandler.exe
(Google LLC -> Google LLC) C:\Program Files (x86)\Google\Update\1.3.36.372\GoogleCrashHandler64.exe
(Microsoft Corporation -> Microsoft Corporation) C:\Program Files\WindowsApps\MSTeams_24004.1309.2689.2246_x64__8wekyb3d8bbwe\ms-teams.exe
(Microsoft Windows -> Microsoft Corporation) C:\Windows\System32\cmd.exe
(Oracle America, Inc. -> Oracle Corporation) C:\Program Files (x86)\Common Files\Java\Java Update\jusched.exe
(services.exe ->) (Advanced Micro Devices Inc. -> AMD) C:\Windows\System32\DriverStore\FileRepository\u0392064.inf_amd64_f5afb73c644105f0\B392017\atiesrxx.exe
(services.exe ->) (Microsoft Corporation -> Microsoft Corporation) C:\Program Files\Common Files\microsoft shared\ClickToRun\OfficeClickToRun.exe
(services.exe ->) (Microsoft Corporation) [File not signed] C:\Program Files (x86)\Common Files\Microsoft Shared\VS7DEBUG\mdm.exe
(services.exe ->) (Microsoft Windows Hardware Compatibility Publisher -> Advanced Micro Devices, Inc.) C:\Windows\System32\amdfendrsr.exe
(services.exe ->) (Microsoft Windows Publisher -> Microsoft Corporation) C:\ProgramData\Microsoft\Windows Defender\Platform\4.18.24010.12-0\MsMpEng.exe
(services.exe ->) (Microsoft Windows Publisher -> Microsoft Corporation) C:\ProgramData\Microsoft\Windows Defender\Platform\4.18.24010.12-0\NisSrv.exe
(services.exe ->) (Scarlet.Crush Productions) [File not signed] [File is in use] C:\Program Files\Nefarius Software Solutions\ScpToolkit\ScpService.exe
(services.exe ->) (Valve Corp. -> Valve Corporation) C:\Program Files (x86)\Common Files\Steam\steamservice.exe
(svchost.exe ->) (Microsoft Windows -> Microsoft Corporation) C:\Windows\System32\dllhost.exe <3>
(svchost.exe ->) (Microsoft Windows -> Microsoft Corporation) C:\Windows\System32\MoUsoCoreWorker.exe
(svchost.exe ->) (Microsoft Windows -> Microsoft Corporation) C:\Windows\System32\smartscreen.exe

==================== Registry (Whitelisted) ===================

(If an entry is included in the fixlist, the registry item will be restored to default or removed. The file will not be moved.)

HKLM\...\Run: [Classic Start Menu] => C:\Program Files\Classic Shell\ClassicStartMenu.exe [163640 2018-07-15] (Ivaylo Beltchev -> IvoSoft) [File not signed]
HKLM-x32\...\Run: [SunJavaUpdateSched] => C:\Program Files (x86)\Common Files\Java\Java Update\jusched.exe [739448 2023-03-17] (Oracle America, Inc. -> Oracle Corporation)
HKLM-x32\...\Run: [TeamsMachineInstaller] => C:\Program Files (x86)\Teams Installer\Teams.exe [138214768 2022-11-03] (Microsoft Corporation -> Microsoft Corporation)
HKLM\...\RunOnce: [Delete Cached Update Binary] => C:\Windows\system32\cmd.exe /q /c del /q "C:\Program Files\Microsoft OneDrive\Update\OneDriveSetup.exe" (No File)
HKLM\...\RunOnce: [Delete Cached Standalone Update Binary] => C:\Windows\system32\cmd.exe /q /c del /q "C:\Program Files\Microsoft OneDrive\StandaloneUpdater\OneDriveSetup.exe" [66220968 2024-03-10] (Microsoft Corporation -> Microsoft Corporation)
HKU\S-1-5-21-4194677476-3627657768-3988829947-1001\...\Run: [OneDrive] => C:\Program Files\Microsoft OneDrive\OneDrive.exe [2598928 2024-03-10] (Microsoft Corporation -> Microsoft Corporation)
HKU\S-1-5-21-4194677476-3627657768-3988829947-1001\...\Run: [MicrosoftEdgeAutoLaunch_B14DBBE1EF03929244E921C90BE13BF3] => "C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --no-startup-window --win-session-start [4060608 2024-03-07] (Microsoft Corporation -> Microsoft Corporation)
HKU\S-1-5-21-4194677476-3627657768-3988829947-1001\...\Run: [AMDNoiseSuppression] => "C:\Windows\system32\AMD\ANR\AMDNoiseSuppression.exe" (No File)
HKU\S-1-5-21-4194677476-3627657768-3988829947-1001\...\Run: [com.squirrel.Teams.Teams] => C:\Users\Boss\AppData\Local\Microsoft\Teams\Update.exe [2613704 2024-03-10] (Microsoft Corporation -> Microsoft Corporation)
HKU\S-1-5-21-4194677476-3627657768-3988829947-1001\...\Run: [Steam] => C:\Program Files (x86)\Steam\steam.exe [4388712 2024-02-29] (Valve Corp. -> Valve Corporation)
HKU\S-1-5-21-4194677476-3627657768-3988829947-1001\...\MountPoints2: {560a23a1-0ce9-11ee-8d96-107b447c800e} - "F:\HiSuiteDownLoader.exe"
HKLM\Software\Microsoft\Active Setup\Installed Components: [{8A69D345-D564-463c-AFF1-A69D9E530F96}] -> C:\Program Files\Google\Chrome\Application\122.0.6261.112\Installer\chrmstp.exe [2024-03-10] (Google LLC -> Google LLC)
Startup: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Startup\ScpToolkit Tray Notifications.lnk [2023-11-16]
ShortcutTarget: ScpToolkit Tray Notifications.lnk -> C:\Program Files\Nefarius Software Solutions\ScpToolkit\ScpTrayApp.exe (Scarlet.Crush Productions) [File not signed]
GroupPolicy: Restriction ? <==== ATTENTION
Policies: C:\ProgramData\NTUSER.pol: Restriction <==== ATTENTION
HKLM\SOFTWARE\Policies\Mozilla\Firefox: Restriction <==== ATTENTION

==================== Scheduled Tasks (Whitelisted) =================

(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)

Task: {4A8F6895-275D-411C-8DE7-F2E4E1F6455B} - System32\Tasks\AMDInstallLauncher => C:\Program Files\AMD\CIM\Bin64\InstallManagerApp.exe [1024440 2023-05-12] (Advanced Micro Devices Inc. -> Advanced Micro Devices, Inc.)
Task: {0191411E-5E15-4461-AAA1-F78A6AA41DAC} - System32\Tasks\AMDLinkUpdate => C:\Program Files\AMD\CIM\Bin64\InstallManagerApp.exe [1024440 2023-05-12] (Advanced Micro Devices Inc. -> Advanced Micro Devices, Inc.)
Task: {D8D4AE93-6C2B-4AEC-8A70-CA52B75704E7} - System32\Tasks\GoogleUpdateTaskMachineCore{90BD869D-AEFD-4B37-97E2-E09EF29912CC} => C:\Program Files (x86)\Google\Update\GoogleUpdate.exe [162072 2023-05-23] (Google LLC -> Google LLC)
Task: {57D7A0C9-C9C3-415B-94BD-20C722858903} - System32\Tasks\GoogleUpdateTaskMachineUA{C8824E64-E38E-482D-98E3-556E7BDC451D} => C:\Program Files (x86)\Google\Update\GoogleUpdate.exe [162072 2023-05-23] (Google LLC -> Google LLC)
Task: {F47AA8C2-369F-48BF-A8B2-4805FCE6D29E} - System32\Tasks\Microsoft\Office\Office Automatic Updates 2.0 => C:\Program Files\Common Files\Microsoft Shared\ClickToRun\OfficeC2RClient.exe [28491856 2024-03-10] (Microsoft Corporation -> Microsoft Corporation)
Task: {9A418831-81E3-413B-B532-E16F0AEFA1B2} - System32\Tasks\Microsoft\Office\Office ClickToRun Service Monitor => C:\Program Files\Common Files\Microsoft Shared\ClickToRun\OfficeC2RClient.exe [28491856 2024-03-10] (Microsoft Corporation -> Microsoft Corporation)
Task: {E2F8FB0D-1AEF-44E1-AC68-4115778E6A4B} - System32\Tasks\Microsoft\Office\Office Feature Updates => C:\Program Files\Microsoft Office\root\Office16\sdxhelper.exe [309320 2024-03-10] (Microsoft Corporation -> Microsoft Corporation)
Task: {864F3A59-9063-4D91-9E83-6B60F4764706} - System32\Tasks\Microsoft\Office\Office Feature Updates Logon => C:\Program Files\Microsoft Office\root\Office16\sdxhelper.exe [309320 2024-03-10] (Microsoft Corporation -> Microsoft Corporation)
Task: {0C27CB30-0792-4BD1-85E9-424ADF68C7D9} - System32\Tasks\Microsoft\Office\Office Performance Monitor => C:\Program Files\Microsoft Office\root\VFS\ProgramFilesCommonX64\Microsoft Shared\Office16\operfmon.exe [170024 2024-03-10] (Microsoft Corporation -> Microsoft Corporation)
Task: {96EAC646-4CBC-47B5-9834-43DD7B8BCC3B} - System32\Tasks\Microsoft\Windows\Windows Defender\Windows Defender Cache Maintenance => C:\ProgramData\Microsoft\Windows Defender\Platform\4.18.24010.12-0\MpCmdRun.exe [1646000 2024-02-29] (Microsoft Windows Publisher -> Microsoft Corporation)
Task: {B90388C9-CF94-4650-892F-08CF0FF408BD} - System32\Tasks\Microsoft\Windows\Windows Defender\Windows Defender Cleanup => C:\ProgramData\Microsoft\Windows Defender\Platform\4.18.24010.12-0\MpCmdRun.exe [1646000 2024-02-29] (Microsoft Windows Publisher -> Microsoft Corporation)
Task: {5BD5AA28-D015-43EC-B115-7E89C43D922A} - System32\Tasks\Microsoft\Windows\Windows Defender\Windows Defender Scheduled Scan => C:\ProgramData\Microsoft\Windows Defender\Platform\4.18.24010.12-0\MpCmdRun.exe [1646000 2024-02-29] (Microsoft Windows Publisher -> Microsoft Corporation)
Task: {B6DED1D1-3AEB-4FD8-8CF7-6A577A66B9DB} - System32\Tasks\Microsoft\Windows\Windows Defender\Windows Defender Verification => C:\ProgramData\Microsoft\Windows Defender\Platform\4.18.24010.12-0\MpCmdRun.exe [1646000 2024-02-29] (Microsoft Windows Publisher -> Microsoft Corporation)
Task: {CB5C9A94-1D11-4198-B84D-717C42035532} - System32\Tasks\ModifyLinkUpdate => C:\Program Files\AMD\CIM\Bin64\InstallManagerApp.exe [1024440 2023-05-12] (Advanced Micro Devices Inc. -> Advanced Micro Devices, Inc.)
Task: {D02BC8F4-4DB1-4744-BB50-8E20F43811A3} - System32\Tasks\Mozilla\Firefox Background Update 308046B0AF4A39CB => C:\Program Files\Mozilla Firefox\firefox.exe [671136 2024-02-24] (Mozilla Corporation -> Mozilla Corporation) -> --MOZ_LOG sync,prependheader,timestamp,append,maxsize:1,Dump:5 --MOZ_LOG_FILE C:\ProgramData\Mozilla-1de4eec8-1241-4177-a864-e594e8d1fb38\updates\308046B0AF4A39CB\backgroundupdate.moz_log --backgroundtask backgroundupdate
Task: {563A8251-AD39-433F-A7C7-AC7C2AA1B402} - System32\Tasks\Mozilla\Firefox Default Browser Agent 308046B0AF4A39CB => C:\Program Files\Mozilla Firefox\default-browser-agent.exe [34720 2024-02-24] (Mozilla Corporation -> Mozilla Foundation)
Task: {20615B0A-257E-4FB6-9EF1-87BFEBACCBFE} - System32\Tasks\OneDrive Per-Machine Standalone Update Task => C:\Program Files\Microsoft OneDrive\OneDriveStandaloneUpdater.exe [4206512 2024-03-10] (Microsoft Corporation -> Microsoft Corporation)
Task: {D1100223-0CF2-4641-A2AB-7B402662D20F} - System32\Tasks\OneDrive Reporting Task-S-1-5-21-4194677476-3627657768-3988829947-1001 => C:\Program Files\Microsoft OneDrive\OneDriveStandaloneUpdater.exe [4206512 2024-03-10] (Microsoft Corporation -> Microsoft Corporation)
Task: {58A22B38-D1DD-451C-932F-4539AF07AC81} - System32\Tasks\Opera scheduled Autoupdate 1685954649 => C:\Users\Boss\AppData\Local\Programs\Opera\launcher.exe --scheduledautoupdate $(Arg0) (No File)
Task: {217A2C3A-2339-4A5C-84E7-76358C50F2FE} - System32\Tasks\Opera scheduled Autoupdate 1701959593 => C:\Users\Boss\AppData\Local\Programs\Opera\launcher.exe --scheduledautoupdate $(Arg0) (No File)
Task: {914A219D-7963-4543-9885-1F16CF4AF0BA} - System32\Tasks\StartCN => C:\Program Files\AMD\CNext\CNext\cncmd.exe [59832 2023-05-12] (Advanced Micro Devices Inc. -> Advanced Micro Devices, Inc.)
Task: {4EC054BD-ADF2-4CA5-A888-591C366F8B6F} - System32\Tasks\StartDVR => C:\Program Files\AMD\CNext\CNext\RSServCmd.exe [291768 2023-05-12] (Advanced Micro Devices Inc. -> Advanced Micro Devices, Inc.)
Task: {02776A18-1449-41A4-85BD-EA589F8FC419} - System32\Tasks\updater => C:\Program Files\Nefarius Software Solutions\ScpToolkit\ScpUpdater.exe [464384 2016-01-10] (Nefarius Software Solutions) [File not signed]

(If an entry is included in the fixlist, the task (.job) file will be moved. The file which is running by the task will not be moved.)

Task: C:\Windows\Tasks\CreateExplorerShellUnelevatedTask.job => C:\Windows\explorer.exe

==================== Internet (Whitelisted) ====================

(If an item is included in the fixlist, if it is a registry item it will be removed or restored to default.)

Tcpip\Parameters: [DhcpNameServer] 192.168.2.1
Tcpip\..\Interfaces\{2c1f5d8d-c472-4be5-bf65-1aa1ea30054c}: [DhcpNameServer] 192.168.2.1

Edge:
=======
Edge DefaultProfile: Default
Edge Profile: C:\Users\Boss\AppData\Local\Microsoft\Edge\User Data\Default [2024-02-27]
Edge Extension: (Dokumenty Google offline) - C:\Users\Boss\AppData\Local\Microsoft\Edge\User Data\Default\Extensions\ghbmnnjooekpmoecnnnilnnbdlolhkhi [2023-09-09]
Edge Extension: (Edge relevant text changes) - C:\Users\Boss\AppData\Local\Microsoft\Edge\User Data\Default\Extensions\jmjflgjpcpepeafmmgdpfkogkghcpiha [2024-02-24]

FireFox:
========
FF DefaultProfile: 5og8wrwc.default
FF ProfilePath: C:\Users\Boss\AppData\Roaming\Mozilla\Firefox\Profiles\5og8wrwc.default [2023-09-10]
FF ProfilePath: C:\Users\Boss\AppData\Roaming\Mozilla\Firefox\Profiles\wl6337xl.default-release [2024-02-06]
FF Plugin: @microsoft.com/SharePoint,version=14.0 -> C:\Program Files\Microsoft Office\root\Office16\NPSPWRAP.DLL [2024-02-05] (Microsoft Corporation -> Microsoft Corporation)
FF Plugin: @videolan.org/vlc,version=3.0.18 -> C:\Program Files\VideoLAN\VLC\npvlc.dll [2023-10-30] (VideoLAN -> VideoLAN)
FF Plugin: @videolan.org/vlc,version=3.0.20 -> C:\Program Files\VideoLAN\VLC\npvlc.dll [2023-10-30] (VideoLAN -> VideoLAN)
FF Plugin-x32: @java.com/DTPlugin,version=11.371.2 -> C:\Program Files (x86)\Java\jre-1.8\bin\dtplugin\npDeployJava1.dll [2023-03-17] (Oracle America, Inc. -> Oracle Corporation)
FF Plugin-x32: @java.com/JavaPlugin,version=11.371.2 -> C:\Program Files (x86)\Java\jre-1.8\bin\plugin2\npjp2.dll [2023-03-17] (Oracle America, Inc. -> Oracle Corporation)
FF Plugin-x32: @microsoft.com/SharePoint,version=14.0 -> C:\Program Files\Microsoft Office\root\VFS\ProgramFilesX86\Microsoft Office\Office16\NPSPWRAP.DLL [2024-02-05] (Microsoft Corporation -> Microsoft Corporation)

Chrome:
=======
CHR DefaultProfile: Default
CHR Profile: C:\Users\Boss\AppData\Local\Google\Chrome\User Data\Default [2024-03-10]
CHR Notifications: Default -> hxxps://mail.google.com; hxxps://www.filehorse.com; hxxps://www.youtube.com
CHR Session Restore: Default -> is enabled.
CHR Extension: (Dokumenty Google offline) - C:\Users\Boss\AppData\Local\Google\Chrome\User Data\Default\Extensions\ghbmnnjooekpmoecnnnilnnbdlolhkhi [2024-02-27]
CHR Extension: (Platby Internetového obchodu Chrome) - C:\Users\Boss\AppData\Local\Google\Chrome\User Data\Default\Extensions\nmmhkkegccagdldgiimedpiccmgmieda [2023-05-23]
CHR Profile: C:\Users\Boss\AppData\Local\Google\Chrome\User Data\Guest Profile [2024-01-27]
CHR Profile: C:\Users\Boss\AppData\Local\Google\Chrome\User Data\Profile 1 [2024-03-10]
CHR Extension: (Dokumenty Google offline) - C:\Users\Boss\AppData\Local\Google\Chrome\User Data\Profile 1\Extensions\ghbmnnjooekpmoecnnnilnnbdlolhkhi [2024-03-10]
CHR Extension: (Platby Internetového obchodu Chrome) - C:\Users\Boss\AppData\Local\Google\Chrome\User Data\Profile 1\Extensions\nmmhkkegccagdldgiimedpiccmgmieda [2023-09-16]
CHR Profile: C:\Users\Boss\AppData\Local\Google\Chrome\User Data\Profile 2 [2024-02-27]
CHR Extension: (Dokumenty Google offline) - C:\Users\Boss\AppData\Local\Google\Chrome\User Data\Profile 2\Extensions\ghbmnnjooekpmoecnnnilnnbdlolhkhi [2024-02-27]
CHR Extension: (Platby Internetového obchodu Chrome) - C:\Users\Boss\AppData\Local\Google\Chrome\User Data\Profile 2\Extensions\nmmhkkegccagdldgiimedpiccmgmieda [2023-10-13]
CHR Profile: C:\Users\Boss\AppData\Local\Google\Chrome\User Data\System Profile [2024-03-10]

Opera:
=======
OPR DefaultProfile: Default

==================== Services (Whitelisted) ===================

(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)

R2 ClickToRunSvc; C:\Program Files\Common Files\Microsoft Shared\ClickToRun\OfficeClickToRun.exe [14097992 2024-03-10] (Microsoft Corporation -> Microsoft Corporation)
R2 Ds3Service; C:\Program Files\Nefarius Software Solutions\ScpToolkit\ScpService.exe [389632 2016-01-10] (Scarlet.Crush Productions) [File not signed] [File is in use] <==== ATTENTION
S3 FileSyncHelper; C:\Program Files\Microsoft OneDrive\24.025.0204.0003\FileSyncHelper.exe [3516848 2024-03-10] (Microsoft Corporation -> Microsoft Corporation)
R2 MDM; C:\Program Files (x86)\Common Files\Microsoft Shared\VS7DEBUG\mdm.exe [335872 2006-10-26] (Microsoft Corporation) [File not signed]
S3 OneDrive Updater Service; C:\Program Files\Microsoft OneDrive\24.025.0204.0003\OneDriveUpdaterService.exe [3853744 2024-03-10] (Microsoft Corporation -> Microsoft Corporation)
S3 Sense; C:\Program Files\Windows Defender Advanced Threat Protection\MsSense.exe [534472 2023-12-15] (Microsoft Windows Publisher -> Microsoft Corporation)
S3 updater; C:\Program Files\Nefarius Software Solutions\ScpToolkit\ScpUpdater.exe [464384 2016-01-10] (Nefarius Software Solutions) [File not signed]
R3 WdNisSvc; C:\ProgramData\Microsoft\Windows Defender\Platform\4.18.24010.12-0\NisSrv.exe [3191256 2024-02-29] (Microsoft Windows Publisher -> Microsoft Corporation)
R2 WinDefend; C:\ProgramData\Microsoft\Windows Defender\Platform\4.18.24010.12-0\MsMpEng.exe [133576 2024-02-29] (Microsoft Windows Publisher -> Microsoft Corporation)

===================== Drivers (Whitelisted) ===================

(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)

R3 amdfendrmgr; C:\Windows\System32\drivers\amdfendrmgr.sys [25560 2023-04-12] (Microsoft Windows Hardware Compatibility Publisher -> Advanced Micro Devices, Inc.)
R3 AMDSAFD; C:\Windows\System32\DriverStore\FileRepository\amdsafd.inf_amd64_1a1a381a2c0e293c\amdsafd.sys [113056 2022-08-25] (Advanced Micro Devices Inc. -> Advanced Micro Devices)
R3 AmdTools64; C:\Windows\System32\drivers\AmdTools64.sys [77240 2022-07-18] (Advanced Micro Devices Inc. -> AMD)
R3 amdwddmg; C:\Windows\System32\DriverStore\FileRepository\u0392064.inf_amd64_f5afb73c644105f0\B392017\amdkmdag.sys [100296072 2023-05-23] (Advanced Micro Devices Inc. -> Advanced Micro Devices, Inc.)
R3 AMDXE; C:\Windows\System32\drivers\amdxe.sys [59920 2022-05-31] (Advanced Micro Devices Inc. -> Advanced Micro Devices, Inc.)
S3 libusbK; C:\Windows\System32\drivers\libusbK.sys [47200 2023-11-16] (Travis Lee Robinson -> hxxp://libusb-win32.sourceforge.net)
R3 MTsensor; C:\Windows\system32\DRIVERS\ASACPI.sys [17280 2023-05-23] (ASUSTeK Computer Inc. -> )
R3 ScpVBus; C:\Windows\System32\drivers\ScpVBus.sys [39168 2013-05-19] (Bruce James -> Scarlet.Crush Productions)
S0 WdBoot; C:\Windows\System32\drivers\wd\WdBoot.sys [21040 2024-02-29] (Microsoft Windows Early Launch Anti-malware Publisher -> Microsoft Corporation)
R0 WdFilter; C:\Windows\System32\drivers\wd\WdFilter.sys [608648 2024-02-29] (Microsoft Windows -> Microsoft Corporation)
R3 WdNisDrv; C:\Windows\System32\drivers\wd\WdNisDrv.sys [105752 2024-02-29] (Microsoft Windows -> Microsoft Corporation)
S4 NVHDA; \SystemRoot\system32\drivers\nvhda64v.sys [X]

==================== NetSvcs (Whitelisted) ===================

(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)


==================== One month (created) (Whitelisted) =========

(If an entry is included in the fixlist, the file/folder will be moved.)

2024-03-10 18:19 - 2024-03-10 18:20 - 000021465 _____ C:\Users\Boss\Desktop\FRST.txt
2024-03-10 18:17 - 2024-03-10 18:19 - 000000000 ____D C:\FRST
2024-03-10 18:15 - 2024-03-10 18:15 - 002390016 _____ (Farbar) C:\Users\Boss\Desktop\FRST64.exe
2024-03-10 17:40 - 2024-03-10 17:40 - 000000000 ____D C:\Program Files\Common Files\DESIGNER
2024-02-24 22:04 - 2024-02-24 23:37 - 000000000 ____D C:\Users\Boss\Desktop\Chlapec
2024-02-24 16:43 - 2024-02-24 16:53 - 000000000 ____D C:\Users\Boss\AppData\Roaming\Microsoft\PowerPoint
2024-02-16 21:11 - 2024-02-16 21:11 - 000019697 _____ C:\Windows\SysWOW64\IntegratedServicesRegionPolicySet.json
2024-02-16 21:10 - 2024-02-16 21:10 - 000019697 _____ C:\Windows\system32\IntegratedServicesRegionPolicySet.json
2024-02-16 21:01 - 2024-02-16 21:01 - 000000000 ___HD C:\$WinREAgent

==================== One month (modified) ==================

(If an entry is included in the fixlist, the file/folder will be moved.)

2024-03-10 18:16 - 2023-05-23 13:03 - 000000000 ____D C:\Program Files (x86)\Google
2024-03-10 18:16 - 2022-09-08 04:11 - 000000000 ____D C:\Windows\SystemTemp
2024-03-10 18:12 - 2021-05-22 23:09 - 000000000 ____D C:\Windows\system32\SleepStudy
2024-03-10 18:08 - 2023-12-28 19:04 - 000000000 ____D C:\Program Files (x86)\Steam
2024-03-10 17:53 - 2019-12-07 10:14 - 000000000 ___HD C:\Program Files\WindowsApps
2024-03-10 17:53 - 2019-12-07 10:14 - 000000000 ____D C:\Windows\AppReadiness
2024-03-10 17:52 - 2019-12-07 10:14 - 000000000 ____D C:\ProgramData\regid.1991-06.com.microsoft
2024-03-10 17:45 - 2023-05-23 13:02 - 000000000 ____D C:\Users\Boss\AppData\Local\D3DSCache
2024-03-10 17:43 - 2023-10-30 20:23 - 000002398 _____ C:\Users\Boss\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Microsoft Teams classic.lnk
2024-03-10 17:43 - 2023-10-30 20:22 - 000000000 ____D C:\Users\Boss\AppData\Roaming\Microsoft\Teams
2024-03-10 17:43 - 2023-10-30 20:22 - 000000000 ____D C:\Users\Boss\AppData\Local\SquirrelTemp
2024-03-10 17:40 - 2023-12-17 18:06 - 000000000 ____D C:\Program Files\Microsoft Office
2024-03-10 17:34 - 2021-05-22 23:09 - 000002436 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Microsoft Edge.lnk
2024-03-10 17:31 - 2023-05-23 12:53 - 000000000 ____D C:\Users\Boss\AppData\Local\AMD_Common
2024-03-10 17:28 - 2023-12-18 20:05 - 000000000 ____D C:\Program Files\Microsoft OneDrive
2024-03-10 17:28 - 2023-12-17 17:55 - 000003194 _____ C:\Windows\system32\Tasks\OneDrive Per-Machine Standalone Update Task
2024-03-10 17:28 - 2023-12-17 17:55 - 000002130 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Programs\OneDrive.lnk
2024-03-10 17:28 - 2023-05-23 12:47 - 000003596 _____ C:\Windows\system32\Tasks\OneDrive Reporting Task-S-1-5-21-4194677476-3627657768-3988829947-1001
2024-03-10 17:28 - 2021-05-22 23:09 - 000003640 _____ C:\Windows\system32\Tasks\MicrosoftEdgeUpdateTaskMachineUA
2024-03-10 17:28 - 2021-05-22 23:09 - 000003516 _____ C:\Windows\system32\Tasks\MicrosoftEdgeUpdateTaskMachineCore
2024-03-10 17:27 - 2023-05-23 13:04 - 000002247 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Google Chrome.lnk
2024-03-10 17:27 - 2023-05-23 13:04 - 000002206 _____ C:\Users\Public\Desktop\Google Chrome.lnk
2024-03-10 17:25 - 2023-06-05 09:11 - 000003096 _____ C:\Windows\system32\Tasks\AMDInstallLauncher
2024-03-10 17:25 - 2023-06-05 09:11 - 000003088 _____ C:\Windows\system32\Tasks\AMDLinkUpdate
2024-02-29 20:52 - 2023-05-23 13:07 - 000000000 ____D C:\Users\Boss\AppData\Local\ClassicShell
2024-02-29 18:09 - 2021-05-22 23:09 - 000000000 ____D C:\Windows\system32\Drivers\wd
2024-02-27 17:02 - 2023-06-05 09:34 - 000000000 ____D C:\Users\Boss\AppData\Roaming\Microsoft\Word
2024-02-27 17:02 - 2023-06-05 09:34 - 000000000 ____D C:\Users\Boss\AppData\Roaming\Microsoft\Excel
2024-02-27 16:50 - 2023-09-16 18:09 - 000000000 ____D C:\Users\Boss\AppData\Local\CrashDumps
2024-02-25 22:39 - 2023-05-23 12:49 - 001605602 _____ C:\Windows\system32\PerfStringBackup.INI
2024-02-25 22:39 - 2019-12-07 15:43 - 000682184 _____ C:\Windows\system32\perfh005.dat
2024-02-25 22:39 - 2019-12-07 15:43 - 000137000 _____ C:\Windows\system32\perfc005.dat
2024-02-25 22:39 - 2019-12-07 10:13 - 000000000 ____D C:\Windows\INF
2024-02-25 14:12 - 2024-01-13 17:40 - 000000000 ____D C:\Program Files\Mozilla Firefox
2024-02-25 14:12 - 2023-09-09 13:16 - 000000000 ____D C:\Program Files (x86)\Mozilla Maintenance Service
2024-02-25 14:12 - 2021-05-22 23:09 - 000454096 _____ C:\Windows\system32\FNTCACHE.DAT
2024-02-25 14:12 - 2021-05-22 23:09 - 000008192 ___SH C:\DumpStack.log.tmp
2024-02-25 14:12 - 2021-05-22 23:09 - 000000006 ____H C:\Windows\Tasks\SA.DAT
2024-02-25 00:31 - 2023-05-23 12:57 - 000065536 _____ C:\Windows\system32\spu_storage.bin
2024-02-25 00:31 - 2019-12-07 10:03 - 000262144 _____ C:\Windows\system32\config\BBI
2024-02-25 00:30 - 2019-12-07 15:47 - 000000000 ___SD C:\Windows\system32\AppV
2024-02-25 00:30 - 2019-12-07 10:14 - 000000000 ___RD C:\Windows\ImmersiveControlPanel
2024-02-25 00:30 - 2019-12-07 10:14 - 000000000 ____D C:\Windows\SysWOW64\WinMetadata
2024-02-25 00:30 - 2019-12-07 10:14 - 000000000 ____D C:\Windows\SysWOW64\setup
2024-02-25 00:30 - 2019-12-07 10:14 - 000000000 ____D C:\Windows\SystemResources
2024-02-25 00:30 - 2019-12-07 10:14 - 000000000 ____D C:\Windows\system32\WinMetadata
2024-02-25 00:30 - 2019-12-07 10:14 - 000000000 ____D C:\Windows\system32\setup
2024-02-25 00:30 - 2019-12-07 10:14 - 000000000 ____D C:\Windows\system32\SecureBootUpdates
2024-02-25 00:30 - 2019-12-07 10:14 - 000000000 ____D C:\Windows\system32\oobe
2024-02-25 00:30 - 2019-12-07 10:14 - 000000000 ____D C:\Windows\system32\migwiz
2024-02-25 00:30 - 2019-12-07 10:14 - 000000000 ____D C:\Windows\system32\appraiser
2024-02-25 00:30 - 2019-12-07 10:14 - 000000000 ____D C:\Windows\ShellComponents
2024-02-25 00:30 - 2019-12-07 10:14 - 000000000 ____D C:\Windows\bcastdvr
2024-02-24 15:20 - 2023-09-10 12:20 - 000001005 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Firefox.lnk
2024-02-16 21:16 - 2019-12-07 10:03 - 000000000 ____D C:\Windows\CbsTemp
2024-02-16 21:10 - 2021-05-22 23:13 - 003016192 _____ (Microsoft Corporation) C:\Windows\SysWOW64\PrintConfig.dll
2024-02-16 21:00 - 2023-05-23 13:01 - 000000000 ____D C:\Windows\system32\MRT
2024-02-16 20:58 - 2023-05-23 13:00 - 191155960 ____C (Microsoft Corporation) C:\Windows\system32\MRT.exe
2024-02-16 20:23 - 2019-12-07 10:03 - 000032768 _____ C:\Windows\system32\config\ELAM
2024-02-11 16:16 - 2021-05-22 23:12 - 000000000 ____D C:\Users\Boss\AppData\Local\Packages

==================== Files in the root of some directories ========

2023-11-15 16:58 - 2023-11-15 16:58 - 010571443 _____ () C:\Program Files (x86)\SCP-DS-Driver-Package-1.2.0.160.7z
2023-06-02 10:04 - 2023-06-02 10:04 - 000000001 _____ () C:\Users\Boss\AppData\Local\llftool.4.40.agreement

==================== SigCheck ============================

(There is no automatic fix for files that do not pass verification.)

==================== End of FRST.txt ========================

Additional scan result of Farbar Recovery Scan Tool (x64) Version: 10.03.2024
Ran by Boss (10-03-2024 18:20:59)
Running from C:\Users\Boss\Desktop
Microsoft Windows 10 Pro Version 22H2 19045.4046 (X64) (2021-05-22 22:11:45)
Boot Mode: Normal
==========================================================


==================== Accounts: =============================


(If an entry is included in the fixlist, it will be removed.)

Administrator (S-1-5-21-4194677476-3627657768-3988829947-500 - Administrator - Disabled)
Boss (S-1-5-21-4194677476-3627657768-3988829947-1001 - Administrator - Enabled) => C:\Users\Boss
DefaultAccount (S-1-5-21-4194677476-3627657768-3988829947-503 - Limited - Disabled)
Guest (S-1-5-21-4194677476-3627657768-3988829947-501 - Limited - Enabled)
WDAGUtilityAccount (S-1-5-21-4194677476-3627657768-3988829947-504 - Limited - Disabled)

==================== Security Center ========================

(If an entry is included in the fixlist, it will be removed.)

AV: Windows Defender (Enabled - Up to date) {D68DDC3A-831F-4fae-9E44-DA132C1ACF46}

==================== Installed Programs ======================

(Only the adware programs with "Hidden" flag could be added to the fixlist to unhide them. The adware programs should be uninstalled manually.)

AMD Chipset Software (HKLM-x32\...\AMD_Chipset_IODrivers) (Version: 5.05.16.529 - Advanced Micro Devices, Inc.)
AMD SBxxx SMBus Driver (HKLM-x32\...\{AAE0E27D-C88A-49BA-8715-77ADCD4286A3}) (Version: 5.12.0.38 - Advanced Micro Devices, Inc.) Hidden
AMD Software (HKLM\...\AMD Catalyst Install Manager) (Version: 23.5.1 - Advanced Micro Devices, Inc.)
AMD_Chipset_Drivers (HKLM-x32\...\{fa489a41-09bb-480e-95ff-0856f05112eb}) (Version: 5.05.16.529 - Advanced Micro Devices, Inc.) Hidden
Bandizip (HKLM\...\Bandizip) (Version: 7.30 - Bandisoft.com)
Branding64 (HKLM\...\{2A677A6A-43E8-4FE3-A273-07B0E27DADAE}) (Version: 1.00.0008 - Advanced Micro Devices, Inc.) Hidden
Classic Shell (HKLM\...\{CABCE573-0A86-42FA-A52A-C7EA61D5BE08}) (Version: 4.3.1 - IvoSoft)
CPUID CPU-Z 2.05 (HKLM\...\CPUID CPU-Z_is1) (Version: 2.05 - CPUID, Inc.)
Crash Bandicoot N Sane Trilogy (HKLM-x32\...\Crash Bandicoot N Sane Trilogy_is1) (Version: - )
Geeks3D FurMark 1.34.0.0 (HKLM-x32\...\{2397CAD4-2263-4CD0-96BE-E43A980B9C9A}_is1) (Version: 1.34.0.0 - Geeks3D)
Google Chrome (HKLM-x32\...\Google Chrome) (Version: 122.0.6261.112 - Google LLC)
Hard Disk Low Level Format Tool 4.40 (HKLM-x32\...\Hard Disk Low Level Format Tool_is1) (Version: - HDDGURU)
Java 8 Update 371 (HKLM-x32\...\{71124AE4-039E-4CA4-87B4-2F32180371F0}) (Version: 8.0.3710.11 - Oracle Corporation)
Microsoft Edge (HKLM-x32\...\Microsoft Edge) (Version: 122.0.2365.80 - Microsoft Corporation)
Microsoft Edge WebView2 Runtime (HKLM-x32\...\Microsoft EdgeWebView) (Version: 122.0.2365.80 - Microsoft Corporation)
Microsoft Office Professional Plus 2021 - cs-cz (HKLM\...\ProPlus2021Retail - cs-cz) (Version: 16.0.17328.20162 - Microsoft Corporation)
Microsoft OneDrive (HKLM\...\OneDriveSetup.exe) (Version: 24.025.0204.0003 - Microsoft Corporation)
Microsoft OneDrive (HKU\.DEFAULT\...\OneDriveSetup.exe) (Version: 18.151.0729.0013 - Microsoft Corporation)
Microsoft Teams classic (HKU\S-1-5-21-4194677476-3627657768-3988829947-1001\...\Teams) (Version: 1.7.00.6058 - Microsoft Corporation)
Microsoft Teams Meeting Add-in for Microsoft Office (HKLM\...\{A7AB73A3-CB10-4AA5-9D38-6AEFFBDE4C91}) (Version: 1.23.35502 - Microsoft)
Microsoft Update Health Tools (HKLM\...\{1FC1A6C2-576E-489A-9B4A-92D21F542136}) (Version: 3.74.0.0 - Microsoft Corporation)
Microsoft Visual C++ 2005 Redistributable (HKLM-x32\...\{710f4c1c-cc18-4c49-8cbf-51240c89a1a2}) (Version: 8.0.61001 - Microsoft Corporation)
Microsoft Visual C++ 2005 Redistributable (x64) (HKLM\...\{ad8a2fa1-06e7-4b0d-927d-6e54b3d31028}) (Version: 8.0.61000 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x64 9.0.30729.6161 (HKLM\...\{5FCE6D76-F5DC-37AB-B2B8-22AB8CEDB1D4}) (Version: 9.0.30729.6161 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.6161 (HKLM-x32\...\{9BE518E6-ECC6-35A9-88E4-87755C07200F}) (Version: 9.0.30729.6161 - Microsoft Corporation)
Microsoft Visual C++ 2010 x64 Redistributable - 10.0.40219 (HKLM\...\{1D8E6291-B0D5-35EC-8441-6616F567A0F7}) (Version: 10.0.40219 - Microsoft Corporation)
Microsoft Visual C++ 2010 x86 Redistributable - 10.0.40219 (HKLM-x32\...\{F0C3E5D1-1ADE-321E-8167-68EF0DE699A5}) (Version: 10.0.40219 - Microsoft Corporation)
Microsoft Visual C++ 2012 Redistributable (x64) - 11.0.61030 (HKLM-x32\...\{ca67548a-5ebe-413a-b50c-4b9ceb6d66c6}) (Version: 11.0.61030.0 - Microsoft Corporation)
Microsoft Visual C++ 2012 Redistributable (x86) - 11.0.61030 (HKLM-x32\...\{33d1fd90-4274-48a1-9bc1-97e33d9c2d6f}) (Version: 11.0.61030.0 - Microsoft Corporation)
Microsoft Visual C++ 2012 x64 Additional Runtime - 11.0.61030 (HKLM\...\{37B8F9C7-03FB-3253-8781-2517C99D7C00}) (Version: 11.0.61030 - Microsoft Corporation) Hidden
Microsoft Visual C++ 2012 x64 Minimum Runtime - 11.0.61030 (HKLM\...\{CF2BEA3C-26EA-32F8-AA9B-331F7E34BA97}) (Version: 11.0.61030 - Microsoft Corporation) Hidden
Microsoft Visual C++ 2012 x86 Additional Runtime - 11.0.61030 (HKLM-x32\...\{B175520C-86A2-35A7-8619-86DC379688B9}) (Version: 11.0.61030 - Microsoft Corporation) Hidden
Microsoft Visual C++ 2012 x86 Minimum Runtime - 11.0.61030 (HKLM-x32\...\{BD95A8CD-1D9F-35AD-981A-3E7925026EBB}) (Version: 11.0.61030 - Microsoft Corporation) Hidden
Microsoft Visual C++ 2013 Redistributable (x64) - 12.0.40664 (HKLM-x32\...\{042d26ef-3dbe-4c25-95d3-4c1b11b235a7}) (Version: 12.0.40664.0 - Microsoft Corporation)
Microsoft Visual C++ 2013 Redistributable (x86) - 12.0.40664 (HKLM-x32\...\{9dff3540-fc85-4ed5-ac84-9e3c7fd8bece}) (Version: 12.0.40664.0 - Microsoft Corporation)
Microsoft Visual C++ 2013 x64 Additional Runtime - 12.0.40664 (HKLM\...\{010792BA-551A-3AC0-A7EF-0FAB4156C382}) (Version: 12.0.40664 - Microsoft Corporation) Hidden
Microsoft Visual C++ 2013 x64 Minimum Runtime - 12.0.40664 (HKLM\...\{53CF6934-A98D-3D84-9146-FC4EDF3D5641}) (Version: 12.0.40664 - Microsoft Corporation) Hidden
Microsoft Visual C++ 2013 x86 Additional Runtime - 12.0.40664 (HKLM-x32\...\{D401961D-3A20-3AC7-943B-6139D5BD490A}) (Version: 12.0.40664 - Microsoft Corporation) Hidden
Microsoft Visual C++ 2013 x86 Minimum Runtime - 12.0.40664 (HKLM-x32\...\{8122DAB1-ED4D-3676-BB0A-CA368196543E}) (Version: 12.0.40664 - Microsoft Corporation) Hidden
Microsoft Visual C++ 2015-2022 Redistributable (x64) - 14.34.31931 (HKLM-x32\...\{d4cecf3b-b68f-4995-8840-52ea0fab646e}) (Version: 14.34.31931.0 - Microsoft Corporation)
Microsoft Visual C++ 2015-2022 Redistributable (x86) - 14.34.31931 (HKLM-x32\...\{6ba9fb5e-8366-4cc4-bf65-25fe9819b2fc}) (Version: 14.34.31931.0 - Microsoft Corporation)
Microsoft Visual C++ 2022 X64 Additional Runtime - 14.34.31931 (HKLM\...\{EAE242B1-0A26-485A-BFEB-0292EE9F03CB}) (Version: 14.34.31931 - Microsoft Corporation) Hidden
Microsoft Visual C++ 2022 X64 Minimum Runtime - 14.34.31931 (HKLM\...\{CF4C347D-954E-4543-88D2-EC17F07F466F}) (Version: 14.34.31931 - Microsoft Corporation) Hidden
Microsoft Visual C++ 2022 X86 Additional Runtime - 14.34.31931 (HKLM-x32\...\{C2662EFF-06E6-4FD1-9D6D-FDCA91025757}) (Version: 14.34.31931 - Microsoft Corporation) Hidden
Microsoft Visual C++ 2022 X86 Minimum Runtime - 14.34.31931 (HKLM-x32\...\{AB1BDF73-7393-42CE-812D-9A90918814D5}) (Version: 14.34.31931 - Microsoft Corporation) Hidden
Minecraft - ElAmigos verze 1.17.1 (HKLM-x32\...\{64E20254-DB52-4EC0-97E4-93B7C7B2DEDA}_is1) (Version: 1.17.1 - Mojang)
Mozilla Firefox (x64 cs) (HKLM\...\Mozilla Firefox 122.0.1 (x64 cs)) (Version: 122.0.1 - Mozilla)
Mozilla Maintenance Service (HKLM\...\MozillaMaintenanceService) (Version: 117.0 - Mozilla)
Mozilla Thunderbird (x64 cs) (HKLM\...\Mozilla Thunderbird 115.6.1 (x64 cs)) (Version: 115.6.1 - Mozilla)
NVIDIA PhysX (HKLM-x32\...\{3F5C371F-8EA2-4F25-9D3D-D0B4526E3AEA}) (Version: 9.10.0513 - NVIDIA Corporation)
Office 16 Click-to-Run Extensibility Component (HKLM\...\{90160000-008C-0000-1000-0000000FF1CE}) (Version: 16.0.17328.20142 - Microsoft Corporation) Hidden
Office 16 Click-to-Run Licensing Component (HKLM\...\{90160000-007E-0000-1000-0000000FF1CE}) (Version: 16.0.17328.20108 - Microsoft Corporation) Hidden
Restaurace Medvěda Míši (HKLM-x32\...\Restaurace Medvěda Míši) (Version: - )
Roblox Player for Boss (HKU\S-1-5-21-4194677476-3627657768-3988829947-1001\...\roblox-player) (Version: - Roblox Corporation)
ScpToolkit (HKLM\...\{AC052048-9828-45E3-872B-04CE30A3B58B}) (Version: 1.6.238.16010 - Nefarius Software Solutions)
Steam (HKLM-x32\...\Steam) (Version: 2.10.91.91 - Valve Corporation)
Teams Machine-Wide Installer (HKLM-x32\...\{731F6BAA-A986-45A4-8936-7C3AAAAA760B}) (Version: 1.5.0.30767 - Microsoft Corporation)
TechPowerUp GPU-Z (HKLM-x32\...\{8B0F211E-5846-4FB2-B0B9-4EB31546FDF9}}_is1) (Version: 2.53.0 - TechPowerUp)
The Sims 4 Dream Home Decorator (HKLM-x32\...\The Sims 4 Dream Home Decorator_is1) (Version: - )
Total Commander 64-bit (Remove or Repair) (HKLM\...\Totalcmd64) (Version: 10.52 - Ghisler Software GmbH)
Update for Windows 10 for x64-based Systems (KB5001716) (HKLM\...\{7B63012A-4AC6-40C6-B6AF-B24A84359DD5}) (Version: 8.93.0.0 - Microsoft Corporation)
VLC media player (HKLM\...\VLC media player) (Version: 3.0.20 - VideoLAN)

Chrome apps:
============
Disk Google (HKU\S-1-5-21-4194677476-3627657768-3988829947-1001\...\14040518e68da604e0144e2394ec3629) (Version: 1.0 - Google\Chrome)
Dokumenty (HKU\S-1-5-21-4194677476-3627657768-3988829947-1001\...\5604d365b698317cfe78bd7252ba23a9) (Version: 1.0 - Google\Chrome)
Gmail (HKU\S-1-5-21-4194677476-3627657768-3988829947-1001\...\0f4b2c1235e193c7b4070d2c1e994383) (Version: 1.0 - Google\Chrome)
Prezentace (HKU\S-1-5-21-4194677476-3627657768-3988829947-1001\...\734fd7ca719aac2d9dc9726cb395a5f1) (Version: 1.0 - Google\Chrome)
Tabulky (HKU\S-1-5-21-4194677476-3627657768-3988829947-1001\...\4d170e5c6f7baaf9d052d1ec2a07f6ab) (Version: 1.0 - Google\Chrome)
YouTube (HKU\S-1-5-21-4194677476-3627657768-3988829947-1001\...\a6cf77c1e8f5d0232d8f60134c0adbdb) (Version: 1.0 - Google\Chrome)

Packages:
=========

Doplněk multimediálního modulu pro aplikaci Fotografie -> C:\Program Files\WindowsApps\Microsoft.Photos.MediaEngineDLC_1.0.0.0_x64__8wekyb3d8bbwe [2023-07-17] (Microsoft Corporation)
Microsoft Teams (work or school) -> C:\Program Files\WindowsApps\MSTeams_24004.1309.2689.2246_x64__8wekyb3d8bbwe [2024-03-10] (Microsoft) [Startup Task]
NVIDIA Control Panel -> C:\Program Files\WindowsApps\NVIDIACorp.NVIDIAControlPanel_8.1.964.0_x64__56jybvy8sckqj [2023-06-01] (NVIDIA Corp.)
Solitaire & Casual Games -> C:\Program Files\WindowsApps\Microsoft.MicrosoftSolitaireCollection_4.19.1262.0_x64__8wekyb3d8bbwe [2024-02-06] (Microsoft Studios) [MS Ad]
TenBrowser -> C:\Program Files\WindowsApps\63685TenBrowser.TenBrowser_1.7.78.0_neutral__q4wt7ke8hpbsc [2023-11-09] (TenBrowser) [Startup Task]
Windows Package Manager Source (platform) -> C:\Program Files\WindowsApps\Microsoft.Winget.Platform.Source_2023.516.1956.874_neutral__8wekyb3d8bbwe [2023-10-30] (Microsoft Corporation)

==================== Custom CLSID (Whitelisted): ==============

(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)

CustomCLSID: HKU\S-1-5-21-4194677476-3627657768-3988829947-1001_Classes\CLSID\{19A6E644-14E6-4A60-B8D7-DD20610A871D}\InprocServer32 -> C:\Users\Boss\AppData\Local\Microsoft\TeamsMeetingAddin\1.0.24022.3\x64\Microsoft.Teams.AddinLoader.dll (Microsoft Corporation -> Microsoft Corporation)
CustomCLSID: HKU\S-1-5-21-4194677476-3627657768-3988829947-1001_Classes\CLSID\{5B69A6B4-393B-459C-8EBB-214237A9E7AC}\InprocServer32 -> C:\Program Files\Bandizip\bdzshl.x64.dll (Bandisoft -> Bandisoft International Inc.)
CustomCLSID: HKU\S-1-5-21-4194677476-3627657768-3988829947-1001_Classes\CLSID\{d1b22d3d-8585-53a6-acb3-0e803c7e8d2a}\localserver32 -> C:\Users\Boss\AppData\Local\Microsoft\Teams\current\Teams.exe (Microsoft Corporation -> Microsoft Corporation)
ShellIconOverlayIdentifiers: [ OneDrive1] -> {BBACC218-34EA-4666-9D7A-C78F2274A524} => C:\Program Files\Microsoft OneDrive\24.025.0204.0003\FileSyncShell64.dll [2024-03-10] (Microsoft Corporation -> Microsoft Corporation)
ShellIconOverlayIdentifiers: [ OneDrive2] -> {5AB7172C-9C11-405C-8DD5-AF20F3606282} => C:\Program Files\Microsoft OneDrive\24.025.0204.0003\FileSyncShell64.dll [2024-03-10] (Microsoft Corporation -> Microsoft Corporation)
ShellIconOverlayIdentifiers: [ OneDrive3] -> {A78ED123-AB77-406B-9962-2A5D9D2F7F30} => C:\Program Files\Microsoft OneDrive\24.025.0204.0003\FileSyncShell64.dll [2024-03-10] (Microsoft Corporation -> Microsoft Corporation)
ShellIconOverlayIdentifiers: [ OneDrive4] -> {F241C880-6982-4CE5-8CF7-7085BA96DA5A} => C:\Program Files\Microsoft OneDrive\24.025.0204.0003\FileSyncShell64.dll [2024-03-10] (Microsoft Corporation -> Microsoft Corporation)
ShellIconOverlayIdentifiers: [ OneDrive5] -> {A0396A93-DC06-4AEF-BEE9-95FFCCAEF20E} => C:\Program Files\Microsoft OneDrive\24.025.0204.0003\FileSyncShell64.dll [2024-03-10] (Microsoft Corporation -> Microsoft Corporation)
ShellIconOverlayIdentifiers: [ OneDrive6] -> {9AA2F32D-362A-42D9-9328-24A483E2CCC3} => C:\Program Files\Microsoft OneDrive\24.025.0204.0003\FileSyncShell64.dll [2024-03-10] (Microsoft Corporation -> Microsoft Corporation)
ShellIconOverlayIdentifiers: [ OneDrive7] -> {C5FF006E-2AE9-408C-B85B-2DFDD5449D9C} => C:\Program Files\Microsoft OneDrive\24.025.0204.0003\FileSyncShell64.dll [2024-03-10] (Microsoft Corporation -> Microsoft Corporation)
ShellIconOverlayIdentifiers: [ShareOverlay] -> {594D4122-1F87-41E2-96C7-825FB4796516} => C:\Program Files\Classic Shell\ClassicExplorer64.dll [2018-07-15] (Ivaylo Beltchev -> IvoSoft) [File not signed]
ShellIconOverlayIdentifiers-x32: [ OneDrive1] -> {BBACC218-34EA-4666-9D7A-C78F2274A524} => C:\Program Files\Microsoft OneDrive\24.025.0204.0003\FileSyncShell64.dll [2024-03-10] (Microsoft Corporation -> Microsoft Corporation)
ShellIconOverlayIdentifiers-x32: [ OneDrive2] -> {5AB7172C-9C11-405C-8DD5-AF20F3606282} => C:\Program Files\Microsoft OneDrive\24.025.0204.0003\FileSyncShell64.dll [2024-03-10] (Microsoft Corporation -> Microsoft Corporation)
ShellIconOverlayIdentifiers-x32: [ OneDrive3] -> {A78ED123-AB77-406B-9962-2A5D9D2F7F30} => C:\Program Files\Microsoft OneDrive\24.025.0204.0003\FileSyncShell64.dll [2024-03-10] (Microsoft Corporation -> Microsoft Corporation)
ShellIconOverlayIdentifiers-x32: [ OneDrive4] -> {F241C880-6982-4CE5-8CF7-7085BA96DA5A} => C:\Program Files\Microsoft OneDrive\24.025.0204.0003\FileSyncShell64.dll [2024-03-10] (Microsoft Corporation -> Microsoft Corporation)
ShellIconOverlayIdentifiers-x32: [ OneDrive5] -> {A0396A93-DC06-4AEF-BEE9-95FFCCAEF20E} => C:\Program Files\Microsoft OneDrive\24.025.0204.0003\FileSyncShell64.dll [2024-03-10] (Microsoft Corporation -> Microsoft Corporation)
ShellIconOverlayIdentifiers-x32: [ OneDrive6] -> {9AA2F32D-362A-42D9-9328-24A483E2CCC3} => C:\Program Files\Microsoft OneDrive\24.025.0204.0003\FileSyncShell64.dll [2024-03-10] (Microsoft Corporation -> Microsoft Corporation)
ShellIconOverlayIdentifiers-x32: [ OneDrive7] -> {C5FF006E-2AE9-408C-B85B-2DFDD5449D9C} => C:\Program Files\Microsoft OneDrive\24.025.0204.0003\FileSyncShell64.dll [2024-03-10] (Microsoft Corporation -> Microsoft Corporation)
ShellIconOverlayIdentifiers-x32: [ShareOverlay] -> {594D4122-1F87-41E2-96C7-825FB4796516} => C:\Program Files\Classic Shell\ClassicExplorer64.dll [2018-07-15] (Ivaylo Beltchev -> IvoSoft) [File not signed]
ContextMenuHandlers1: [ FileSyncEx] -> {CB3D0F55-BC2C-4C1A-85ED-23ED75B5106B} => C:\Program Files\Microsoft OneDrive\24.025.0204.0003\FileSyncShell64.dll [2024-03-10] (Microsoft Corporation -> Microsoft Corporation)
ContextMenuHandlers1: [AABdzCtx] -> {5B69A6B4-393B-459C-8EBB-214237A9E7AC} => C:\Program Files\Bandizip\bdzshl.x64.dll [2023-01-19] (Bandisoft -> Bandisoft International Inc.)
ContextMenuHandlers2: [AABdzCtx] -> {5B69A6B4-393B-459C-8EBB-214237A9E7AC} => C:\Program Files\Bandizip\bdzshl.x64.dll [2023-01-19] (Bandisoft -> Bandisoft International Inc.)
ContextMenuHandlers4: [ FileSyncEx] -> {CB3D0F55-BC2C-4C1A-85ED-23ED75B5106B} => C:\Program Files\Microsoft OneDrive\24.025.0204.0003\FileSyncShell64.dll [2024-03-10] (Microsoft Corporation -> Microsoft Corporation)
ContextMenuHandlers4: [AABdzCtx] -> {5B69A6B4-393B-459C-8EBB-214237A9E7AC} => C:\Program Files\Bandizip\bdzshl.x64.dll [2023-01-19] (Bandisoft -> Bandisoft International Inc.)
ContextMenuHandlers5: [ FileSyncEx] -> {CB3D0F55-BC2C-4C1A-85ED-23ED75B5106B} => C:\Program Files\Microsoft OneDrive\24.025.0204.0003\FileSyncShell64.dll [2024-03-10] (Microsoft Corporation -> Microsoft Corporation)
ContextMenuHandlers5: [AABdzCtx] -> {5B69A6B4-393B-459C-8EBB-214237A9E7AC} => C:\Program Files\Bandizip\bdzshl.x64.dll [2023-01-19] (Bandisoft -> Bandisoft International Inc.)
ContextMenuHandlers5: [NvCplDesktopContext] -> {3D1975AF-48C6-4f8e-A182-BE0E08FA86A9} => C:\Windows\System32\DriverStore\FileRepository\nvgbdig.inf_amd64_82eb686a406694a3\nvshext.dll [2023-05-25] (NVIDIA Corporation -> NVIDIA Corporation)
ContextMenuHandlers6: [StartMenuExt] -> {E595F05F-903F-4318-8B0A-7F633B520D2B} => C:\Windows\system32\StartMenuHelper64.dll [2018-07-15] (Ivaylo Beltchev -> IvoSoft) [File not signed]
ContextMenuHandlers1_.DEFAULT: [ FileSyncEx] -> {CB3D0F55-BC2C-4C1A-85ED-23ED75B5106B} => C:\Program Files\Microsoft OneDrive\24.025.0204.0003\FileSyncShell64.dll [2024-03-10] (Microsoft Corporation -> Microsoft Corporation)
ContextMenuHandlers4_.DEFAULT: [ FileSyncEx] -> {CB3D0F55-BC2C-4C1A-85ED-23ED75B5106B} => C:\Program Files\Microsoft OneDrive\24.025.0204.0003\FileSyncShell64.dll [2024-03-10] (Microsoft Corporation -> Microsoft Corporation)
ContextMenuHandlers5_.DEFAULT: [ FileSyncEx] -> {CB3D0F55-BC2C-4C1A-85ED-23ED75B5106B} => C:\Program Files\Microsoft OneDrive\24.025.0204.0003\FileSyncShell64.dll [2024-03-10] (Microsoft Corporation -> Microsoft Corporation)
ContextMenuHandlers1_S-1-5-21-4194677476-3627657768-3988829947-1001: [AABdzCtx] -> {5B69A6B4-393B-459C-8EBB-214237A9E7AC} => C:\Program Files\Bandizip\bdzshl.x64.dll [2023-01-19] (Bandisoft -> Bandisoft International Inc.)
ContextMenuHandlers2_S-1-5-21-4194677476-3627657768-3988829947-1001: [AABdzCtx] -> {5B69A6B4-393B-459C-8EBB-214237A9E7AC} => C:\Program Files\Bandizip\bdzshl.x64.dll [2023-01-19] (Bandisoft -> Bandisoft International Inc.)
ContextMenuHandlers4_S-1-5-21-4194677476-3627657768-3988829947-1001: [AABdzCtx] -> {5B69A6B4-393B-459C-8EBB-214237A9E7AC} => C:\Program Files\Bandizip\bdzshl.x64.dll [2023-01-19] (Bandisoft -> Bandisoft International Inc.)
ContextMenuHandlers5_S-1-5-21-4194677476-3627657768-3988829947-1001: [AABdzCtx] -> {5B69A6B4-393B-459C-8EBB-214237A9E7AC} => C:\Program Files\Bandizip\bdzshl.x64.dll [2023-01-19] (Bandisoft -> Bandisoft International Inc.)

==================== Codecs (Whitelisted) ====================

==================== Shortcuts & WMI ========================

(The entries could be listed to be restored or removed.)

Shortcut: C:\Users\Boss\Desktop\Minecraft.lnk -> C:\Users\Boss\AppData\Roaming\.minecraft\start.bat ()
Shortcut: C:\Users\Boss\Desktop\Hry\Minecraft.lnk -> C:\Users\Boss\AppData\Roaming\.minecraft\start.bat ()
ShortcutWithArgument: C:\Users\Boss\Desktop\Satoru (Satoru Gojo) - Chrome.lnk -> C:\Program Files\Google\Chrome\Application\chrome.exe (Google LLC) -> --profile-directory="Default"
ShortcutWithArgument: C:\Users\Boss\Desktop\YouTube.lnk -> C:\Program Files\Google\Chrome\Application\chrome_proxy.exe (Google LLC) -> --profile-directory=Default --app-id=agimnkijcaahngcdmfeangaknmldooml
ShortcutWithArgument: C:\Users\Boss\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Aplikace Chrome\Disk Google.lnk -> C:\Program Files\Google\Chrome\Application\chrome_proxy.exe (Google LLC) -> --profile-directory="Profile 1" --app-id=aghbiahbpaijignceidepookljebhfak
ShortcutWithArgument: C:\Users\Boss\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Aplikace Chrome\Dokumenty.lnk -> C:\Program Files\Google\Chrome\Application\chrome_proxy.exe (Google LLC) -> --profile-directory="Profile 1" --app-id=mpnpojknpmmopombnjdcgaaiekajbnjb
ShortcutWithArgument: C:\Users\Boss\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Aplikace Chrome\Gmail.lnk -> C:\Program Files\Google\Chrome\Application\chrome_proxy.exe (Google LLC) -> --profile-directory="Profile 1" --app-id=fmgjjmmmlfnkbppncabfkddbjimcfncm
ShortcutWithArgument: C:\Users\Boss\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Aplikace Chrome\Prezentace.lnk -> C:\Program Files\Google\Chrome\Application\chrome_proxy.exe (Google LLC) -> --profile-directory="Profile 1" --app-id=kefjledonklijopmnomlcbpllchaibag
ShortcutWithArgument: C:\Users\Boss\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Aplikace Chrome\Tabulky.lnk -> C:\Program Files\Google\Chrome\Application\chrome_proxy.exe (Google LLC) -> --profile-directory="Profile 1" --app-id=fhihpiojkbmbpdjeoajapmgkhlnakfjf
ShortcutWithArgument: C:\Users\Boss\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Aplikace Chrome\YouTube.lnk -> C:\Program Files\Google\Chrome\Application\chrome_proxy.exe (Google LLC) -> --profile-directory=Default --app-id=agimnkijcaahngcdmfeangaknmldooml
ShortcutWithArgument: C:\Users\Boss\AppData\Roaming\Microsoft\Internet Explorer\Quick Launch\User Pinned\TaskBar\YouTube.lnk -> C:\Program Files\Google\Chrome\Application\chrome_proxy.exe (Google LLC) -> --profile-directory=Default --app-id=agimnkijcaahngcdmfeangaknmldooml
ShortcutWithArgument: C:\Users\Boss\AppData\Roaming\Microsoft\Internet Explorer\Quick Launch\User Pinned\ImplicitAppShortcuts\9501e18d7c2ab92e\Max (Maxim) - Chrome.lnk -> C:\Program Files\Google\Chrome\Application\chrome.exe (Google LLC) -> --profile-directory="Profile 2"

==================== Loaded Modules (Whitelisted) =============

2014-05-02 11:52 - 2014-05-02 11:52 - 000599040 _____ () [File not signed] [File is in use] C:\Program Files\Nefarius Software Solutions\ScpToolkit\irrKlang\amd64\irrKlang.NET4.dll
2014-05-02 06:55 - 2014-05-02 06:55 - 000185344 _____ () [File not signed] C:\Program Files\Nefarius Software Solutions\ScpToolkit\irrKlang\amd64\ikpflac.dll
2014-05-02 06:05 - 2014-05-02 06:05 - 000173056 _____ () [File not signed] C:\Program Files\Nefarius Software Solutions\ScpToolkit\irrKlang\amd64\ikpmp3.dll
2015-08-28 20:16 - 2015-08-28 20:16 - 003496448 _____ (akeo.ie) [File not signed] C:\Program Files\Nefarius Software Solutions\ScpToolkit\libwdi\amd64\libwdi.dll
2024-02-27 16:10 - 2024-02-27 16:10 - 000356864 _____ (Benjamin Höglinger) [File not signed] C:\Windows\assembly\NativeImages_v4.0.30319_64\Libarius\d1f80afa7d5d94c93b9d7116f180ed4b\Libarius.ni.dll
2018-07-15 12:15 - 2018-07-15 12:15 - 000885560 _____ (Ivaylo Beltchev -> IvoSoft) [File not signed] C:\Program Files\Classic Shell\ClassicExplorer64.dll
2018-07-15 12:15 - 2018-07-15 12:15 - 003664696 _____ (Ivaylo Beltchev -> IvoSoft) [File not signed] C:\Program Files\Classic Shell\ClassicStartMenuDLL.dll
2018-07-15 12:15 - 2018-07-15 12:15 - 000291128 _____ (Ivaylo Beltchev -> IvoSoft) [File not signed] C:\Windows\system32\StartMenuHelper64.dll
2003-03-18 21:23 - 2003-03-18 21:23 - 000024576 _____ (Microsoft Corporation) [File not signed] C:\Program Files (x86)\Common Files\Microsoft Shared\VS7DEBUG\1029\mdmui.dll
2006-10-26 12:40 - 2006-10-26 12:40 - 000192512 _____ (Microsoft Corporation) [File not signed] C:\Program Files (x86)\Common Files\Microsoft Shared\VS7DEBUG\msdbg2.dll
2024-02-27 16:09 - 2024-02-27 16:09 - 000978432 _____ (The Apache Software Foundation) [File not signed] C:\Windows\assembly\NativeImages_v4.0.30319_64\log4net\38f78ad8f1b3ce12b81fe03103ae7d69\log4net.ni.dll

==================== Alternate Data Streams (Whitelisted) ========

==================== Safe Mode (Whitelisted) ==================

(If an entry is included in the fixlist, it will be removed from the registry. The "AlternateShell" will be restored.)

HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Network\AppXSVC => ""="Service"
HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Network\camsvc => ""="Service"
HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Network\MSIServer => ""="Service"

==================== Association (Whitelisted) =================

==================== Internet Explorer (Whitelisted) ==========

BHO: ExplorerBHO Class -> {449D0D6E-2412-4E61-B68F-1CB625CD9E52} -> C:\Program Files\Classic Shell\ClassicExplorer64.dll [2018-07-15] (Ivaylo Beltchev -> IvoSoft) [File not signed]
BHO: ClassicIEBHO Class -> {EA801577-E6AD-4BD5-8F71-4BE0154331A4} -> C:\Program Files\Classic Shell\ClassicIEDLL_64.dll [2018-07-15] (Ivaylo Beltchev -> IvoSoft) [File not signed]
BHO-x32: Skype for Business Browser Helper -> {31D09BA0-12F5-4CCE-BE8A-2923E76605DA} -> C:\Program Files\Microsoft Office\root\VFS\ProgramFilesX86\Microsoft Office\Office16\OCHelper.dll [2024-02-05] (Microsoft Corporation -> Microsoft Corporation)
BHO-x32: ExplorerBHO Class -> {449D0D6E-2412-4E61-B68F-1CB625CD9E52} -> C:\Program Files\Classic Shell\ClassicExplorer32.dll [2018-07-15] (Ivaylo Beltchev -> IvoSoft) [File not signed]
BHO-x32: Java(tm) Plug-In SSV Helper -> {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} -> C:\Program Files (x86)\Java\jre-1.8\bin\ssv.dll [2023-03-17] (Oracle America, Inc. -> Oracle Corporation)
BHO-x32: Java(tm) Plug-In 2 SSV Helper -> {DBC80044-A445-435b-BC74-9C25C1C588A9} -> C:\Program Files (x86)\Java\jre-1.8\bin\jp2ssv.dll [2023-03-17] (Oracle America, Inc. -> Oracle Corporation)
BHO-x32: ClassicIEBHO Class -> {EA801577-E6AD-4BD5-8F71-4BE0154331A4} -> C:\Program Files\Classic Shell\ClassicIEDLL_32.dll [2018-07-15] (Ivaylo Beltchev -> IvoSoft) [File not signed]
Toolbar: HKLM - Classic Explorer Bar - {553891B7-A0D5-4526-BE18-D3CE461D6310} - C:\Program Files\Classic Shell\ClassicExplorer64.dll [2018-07-15] (Ivaylo Beltchev -> IvoSoft) [File not signed]
Toolbar: HKLM-x32 - Classic Explorer Bar - {553891B7-A0D5-4526-BE18-D3CE461D6310} - C:\Program Files\Classic Shell\ClassicExplorer32.dll [2018-07-15] (Ivaylo Beltchev -> IvoSoft) [File not signed]
Handler: mso-minsb-roaming.16 - {83C25742-A9F7-49FB-9138-434302C88D07} - C:\Program Files\Microsoft Office\root\Office16\MSOSB.DLL [2024-03-10] (Microsoft Corporation -> Microsoft Corporation)
Handler-x32: mso-minsb-roaming.16 - {83C25742-A9F7-49FB-9138-434302C88D07} - C:\Program Files\Microsoft Office\root\VFS\ProgramFilesX86\Microsoft Office\Office16\MSOSB.DLL [2024-03-10] (Microsoft Corporation -> Microsoft Corporation)
Handler: mso-minsb.16 - {42089D2D-912D-4018-9087-2B87803E93FB} - C:\Program Files\Microsoft Office\root\Office16\MSOSB.DLL [2024-03-10] (Microsoft Corporation -> Microsoft Corporation)
Handler-x32: mso-minsb.16 - {42089D2D-912D-4018-9087-2B87803E93FB} - C:\Program Files\Microsoft Office\root\VFS\ProgramFilesX86\Microsoft Office\Office16\MSOSB.DLL [2024-03-10] (Microsoft Corporation -> Microsoft Corporation)
Handler: osf-roaming.16 - {42089D2D-912D-4018-9087-2B87803E93FB} - C:\Program Files\Microsoft Office\root\Office16\MSOSB.DLL [2024-03-10] (Microsoft Corporation -> Microsoft Corporation)
Handler-x32: osf-roaming.16 - {42089D2D-912D-4018-9087-2B87803E93FB} - C:\Program Files\Microsoft Office\root\VFS\ProgramFilesX86\Microsoft Office\Office16\MSOSB.DLL [2024-03-10] (Microsoft Corporation -> Microsoft Corporation)
Handler: osf.16 - {5504BE45-A83B-4808-900A-3A5C36E7F77A} - C:\Program Files\Microsoft Office\root\Office16\MSOSB.DLL [2024-03-10] (Microsoft Corporation -> Microsoft Corporation)
Handler-x32: osf.16 - {5504BE45-A83B-4808-900A-3A5C36E7F77A} - C:\Program Files\Microsoft Office\root\VFS\ProgramFilesX86\Microsoft Office\Office16\MSOSB.DLL [2024-03-10] (Microsoft Corporation -> Microsoft Corporation)

==================== Hosts content: =========================

(If needed Hosts: directive could be included in the fixlist to reset Hosts.)

2019-12-07 10:14 - 2019-12-07 10:12 - 000000824 _____ C:\Windows\system32\drivers\etc\hosts

==================== Other Areas ===========================

(Currently there is no automatic fix for this section.)

HKLM\System\CurrentControlSet\Control\Session Manager\Environment\\Path -> C:\Program Files (x86)\NVIDIA Corporation\PhysX\Common;C:\Program Files (x86)\Common Files\Oracle\Java\javapath;%SystemRoot%\system32;%SystemRoot%;%SystemRoot%\System32\Wbem;%SYSTEMROOT%\System32\WindowsPowerShell\v1.0\;%SYSTEMROOT%\System32\OpenSSH\;C:\Program Files\Bandizip\
HKU\S-1-5-21-4194677476-3627657768-3988829947-1001\Control Panel\Desktop\\Wallpaper -> C:\Users\Boss\Desktop\Jujutsu kaisen\f75750c4cff421ad52938bd684aaa060.jpg
DNS Servers: 192.168.2.1
HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Policies\System => (ConsentPromptBehaviorAdmin: 5) (ConsentPromptBehaviorUser: 3) (EnableLUA: 1)
Windows Firewall is enabled.

==================== MSCONFIG/TASK MANAGER disabled items ==

(If an entry is included in the fixlist, it will be removed.)

HKU\S-1-5-21-4194677476-3627657768-3988829947-1001\...\StartupApproved\Run: => "OneDrive"
HKU\S-1-5-21-4194677476-3627657768-3988829947-1001\...\StartupApproved\Run: => "MicrosoftEdgeAutoLaunch_B14DBBE1EF03929244E921C90BE13BF3"
HKU\S-1-5-21-4194677476-3627657768-3988829947-1001\...\StartupApproved\Run: => "Opera Stable"
HKU\S-1-5-21-4194677476-3627657768-3988829947-1001\...\StartupApproved\Run: => "com.squirrel.Teams.Teams"

==================== FirewallRules (Whitelisted) ================

(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)

FirewallRules: [{FDCF403C-C615-4CD3-9E89-E12E62E24B2D}] => (Allow) C:\Program Files (x86)\Microsoft Office\root\Office16\Lync.exe => No File
FirewallRules: [{7DE588F6-1A59-46DC-87C9-D96A0053EC1A}] => (Allow) C:\Program Files (x86)\Microsoft Office\root\Office16\UcMapi.exe => No File
FirewallRules: [TCP Query User{97E70A10-E636-4EEA-B63D-743FC36EF6C3}D:\games\crash bandicoot n sane trilogy\crashbandicootnsanetrilogy.exe] => (Allow) D:\games\crash bandicoot n sane trilogy\crashbandicootnsanetrilogy.exe (Activision Publishing Inc -> ) [File not signed]
FirewallRules: [UDP Query User{9C64D3D0-5331-4A55-ADC3-D76A0E3F8CAD}D:\games\crash bandicoot n sane trilogy\crashbandicootnsanetrilogy.exe] => (Allow) D:\games\crash bandicoot n sane trilogy\crashbandicootnsanetrilogy.exe (Activision Publishing Inc -> ) [File not signed]
FirewallRules: [TCP Query User{DA1CCEC8-71BB-43C7-B906-38302F9D8CD8}C:\users\boss\appdata\roaming\.tlauncher\jvms\jre1.8.0_281\bin\javaw.exe] => (Allow) C:\users\boss\appdata\roaming\.tlauncher\jvms\jre1.8.0_281\bin\javaw.exe
FirewallRules: [UDP Query User{BE9715FE-DDE2-49C4-8CC5-8FADB9065532}C:\users\boss\appdata\roaming\.tlauncher\jvms\jre1.8.0_281\bin\javaw.exe] => (Allow) C:\users\boss\appdata\roaming\.tlauncher\jvms\jre1.8.0_281\bin\javaw.exe
FirewallRules: [TCP Query User{40FDD4C0-39DA-4D8B-AD76-6B3B7B673D9C}D:\games\far cry - primal\bin\fcprimal.exe] => (Allow) D:\games\far cry - primal\bin\fcprimal.exe (UBISOFT ENTERTAINMENT INC. -> Ubisoft Entertainment)
FirewallRules: [UDP Query User{6DB4C53E-09E6-45C4-8ACA-A00BAD58AA25}D:\games\far cry - primal\bin\fcprimal.exe] => (Allow) D:\games\far cry - primal\bin\fcprimal.exe (UBISOFT ENTERTAINMENT INC. -> Ubisoft Entertainment)
FirewallRules: [{D5127A7B-3872-4C1B-844B-B7DCDB29CBE0}] => (Allow) C:\Users\Boss\AppData\Local\Programs\Opera\99.0.4788.24\opera.exe => No File
FirewallRules: [TCP Query User{ED55C08E-BAF8-4C9A-AC82-D2E02037A619}D:\games\the sims 4 dream home decorator\game\bin\ts4_x64.exe] => (Allow) D:\games\the sims 4 dream home decorator\game\bin\ts4_x64.exe (Electronic Arts Inc.) [File not signed]
FirewallRules: [UDP Query User{B22CF530-752D-44B0-9C93-4ABFA2A89F23}D:\games\the sims 4 dream home decorator\game\bin\ts4_x64.exe] => (Allow) D:\games\the sims 4 dream home decorator\game\bin\ts4_x64.exe (Electronic Arts Inc.) [File not signed]
FirewallRules: [TCP Query User{C5266588-0301-4A43-B32C-741A95B353BA}C:\users\boss\appdata\roaming\.minecraft\runtime\java-runtime-gamma\windows\java-runtime-gamma\bin\javaw.exe] => (Allow) C:\users\boss\appdata\roaming\.minecraft\runtime\java-runtime-gamma\windows\java-runtime-gamma\bin\javaw.exe
FirewallRules: [UDP Query User{5923D673-8782-4D2D-954E-59CB1827B276}C:\users\boss\appdata\roaming\.minecraft\runtime\java-runtime-gamma\windows\java-runtime-gamma\bin\javaw.exe] => (Allow) C:\users\boss\appdata\roaming\.minecraft\runtime\java-runtime-gamma\windows\java-runtime-gamma\bin\javaw.exe
FirewallRules: [TCP Query User{48065DF4-DED4-45DF-BD70-B10979DCC075}C:\users\boss\appdata\roaming\.minecraft\runtime\java-runtime-alpha\windows\java-runtime-alpha\bin\javaw.exe] => (Allow) C:\users\boss\appdata\roaming\.minecraft\runtime\java-runtime-alpha\windows\java-runtime-alpha\bin\javaw.exe
FirewallRules: [UDP Query User{0D2580F1-3460-4326-9E60-10F84F31B3CC}C:\users\boss\appdata\roaming\.minecraft\runtime\java-runtime-alpha\windows\java-runtime-alpha\bin\javaw.exe] => (Allow) C:\users\boss\appdata\roaming\.minecraft\runtime\java-runtime-alpha\windows\java-runtime-alpha\bin\javaw.exe
FirewallRules: [{0E1E5068-EA78-4262-9A9D-C810FFE39FDC}] => (Allow) C:\Program Files\Mozilla Thunderbird\thunderbird.exe (Mozilla Corporation -> Mozilla Corporation)
FirewallRules: [{6F101244-CAE5-4A14-86B2-2DA4203DCFF3}] => (Allow) C:\Program Files\Mozilla Thunderbird\thunderbird.exe (Mozilla Corporation -> Mozilla Corporation)
FirewallRules: [{4DA7D1C4-D2A6-4C2C-9EC0-4648F781E5EC}] => (Allow) C:\Program Files\Mozilla Thunderbird\thunderbird.exe (Mozilla Corporation -> Mozilla Corporation)
FirewallRules: [{6533A1E3-8392-4B34-9AE9-3676A99E3422}] => (Allow) C:\Program Files\Mozilla Thunderbird\thunderbird.exe (Mozilla Corporation -> Mozilla Corporation)
FirewallRules: [{8EDD8B67-799F-4AC5-9A8D-9C0ADDF17C0C}] => (Allow) C:\Program Files\Mozilla Firefox\firefox.exe (Mozilla Corporation -> Mozilla Corporation)
FirewallRules: [{4B56E729-8644-4D60-A2A3-AA3EF1A31BB8}] => (Allow) C:\Program Files\Mozilla Firefox\firefox.exe (Mozilla Corporation -> Mozilla Corporation)
FirewallRules: [TCP Query User{75ED434E-A429-444A-B699-A41242B0D5D3}C:\program files\mozilla firefox\firefox.exe] => (Allow) C:\program files\mozilla firefox\firefox.exe (Mozilla Corporation -> Mozilla Corporation)
FirewallRules: [UDP Query User{8D48C654-5712-4421-8AE4-C5EF95AB264C}C:\program files\mozilla firefox\firefox.exe] => (Allow) C:\program files\mozilla firefox\firefox.exe (Mozilla Corporation -> Mozilla Corporation)
FirewallRules: [TCP Query User{217DF551-01F1-47B1-91B3-E837134228DB}C:\program files\totalcmd\totalcmd64.exe] => (Allow) C:\program files\totalcmd\totalcmd64.exe (Ghisler Software GmbH -> Ghisler Software GmbH)
FirewallRules: [UDP Query User{65E5CB20-4084-4375-A2A6-A677903929DB}C:\program files\totalcmd\totalcmd64.exe] => (Allow) C:\program files\totalcmd\totalcmd64.exe (Ghisler Software GmbH -> Ghisler Software GmbH)
FirewallRules: [{D6E2CECF-9D7D-4916-84E8-B1E83B5596A2}] => (Allow) C:\Users\Boss\AppData\Local\Programs\Opera\105.0.4970.34\opera.exe => No File
FirewallRules: [{52A0B7EE-7704-4FDC-BF91-C92ADC45AC55}] => (Allow) C:\Users\Boss\AppData\Local\Programs\Opera\105.0.4970.48\opera.exe => No File
FirewallRules: [{6BF6D402-E33C-44A3-A37F-6330F6BF1533}] => (Allow) C:\Program Files\Microsoft Office\root\Office16\outlook.exe (Microsoft Corporation -> Microsoft Corporation)
FirewallRules: [{8C1B382A-FD16-4580-AEE6-63128C040C81}] => (Allow) C:\Program Files (x86)\Steam\Steam.exe (Valve Corp. -> Valve Corporation)
FirewallRules: [{F839EB32-1A45-44F6-94A9-444D5A6BBE2A}] => (Allow) C:\Program Files (x86)\Steam\Steam.exe (Valve Corp. -> Valve Corporation)
FirewallRules: [{FAD2A8FA-80E9-4AF4-A55B-4E2C35B0B54A}] => (Allow) C:\Program Files (x86)\Steam\bin\cef\cef.win7x64\steamwebhelper.exe (Valve Corp. -> Valve Corporation)
FirewallRules: [{7426F4BE-7CC6-4E92-9FA3-1814E4304337}] => (Allow) C:\Program Files (x86)\Steam\bin\cef\cef.win7x64\steamwebhelper.exe (Valve Corp. -> Valve Corporation)
FirewallRules: [{A43448EC-2647-4646-8202-275852D2AE51}] => (Allow) C:\Program Files (x86)\Steam\steamapps\common\Mafia II Definitive Edition\2KLauncher\LauncherPatcher.exe (Take-Two Interactive Software, Inc. -> Take-Two Interactive Software, Inc.)
FirewallRules: [{F33B70FF-EC9A-4365-932F-DC25470DDA01}] => (Allow) C:\Program Files (x86)\Steam\steamapps\common\Mafia II Definitive Edition\2KLauncher\LauncherPatcher.exe (Take-Two Interactive Software, Inc. -> Take-Two Interactive Software, Inc.)
FirewallRules: [TCP Query User{82490FE6-C72D-44E6-BBF9-4011CABF2027}C:\users\boss\appdata\roaming\.tlauncher\jvms\jre1.8.0_281\bin\javaw.exe] => (Allow) C:\users\boss\appdata\roaming\.tlauncher\jvms\jre1.8.0_281\bin\javaw.exe
FirewallRules: [UDP Query User{0434B749-A487-446E-B6E7-692035DFA8FC}C:\users\boss\appdata\roaming\.tlauncher\jvms\jre1.8.0_281\bin\javaw.exe] => (Allow) C:\users\boss\appdata\roaming\.tlauncher\jvms\jre1.8.0_281\bin\javaw.exe
FirewallRules: [TCP Query User{23A93CA6-723C-47B7-8EB8-BDC623B02694}C:\users\boss\appdata\roaming\.minecraft\runtime\java-runtime-gamma\windows\java-runtime-gamma\bin\javaw.exe] => (Allow) C:\users\boss\appdata\roaming\.minecraft\runtime\java-runtime-gamma\windows\java-runtime-gamma\bin\javaw.exe
FirewallRules: [UDP Query User{643D7DC9-BEA6-4FF8-9811-619D5B7F438C}C:\users\boss\appdata\roaming\.minecraft\runtime\java-runtime-gamma\windows\java-runtime-gamma\bin\javaw.exe] => (Allow) C:\users\boss\appdata\roaming\.minecraft\runtime\java-runtime-gamma\windows\java-runtime-gamma\bin\javaw.exe
FirewallRules: [{CF087331-87A5-42A9-9EBD-8564B314139B}] => (Allow) C:\Program Files\WindowsApps\MSTeams_24004.1307.2669.7070_x64__8wekyb3d8bbwe\ms-teams.exe (Microsoft Corporation -> Microsoft Corporation)
FirewallRules: [{6B013272-AC72-4E6F-8748-370CD266FA48}] => (Allow) C:\Program Files\WindowsApps\MSTeams_24004.1307.2669.7070_x64__8wekyb3d8bbwe\ms-teams.exe (Microsoft Corporation -> Microsoft Corporation)
FirewallRules: [{D2112656-86DF-462B-A0B6-EA43305B0697}] => (Allow) C:\Program Files\WindowsApps\Microsoft.SkypeApp_15.113.3210.0_x64__kzf8qxf38zg5c\Skype\Skype.exe (Skype Software Sarl -> Skype Technologies S.A.)
FirewallRules: [{C0BB5EF5-8A1C-4ED3-BDB8-CF83A481FB26}] => (Allow) C:\Program Files\WindowsApps\Microsoft.SkypeApp_15.113.3210.0_x64__kzf8qxf38zg5c\Skype\Skype.exe (Skype Software Sarl -> Skype Technologies S.A.)
FirewallRules: [{29885E6F-91D4-4197-94FE-EC0992CCE2B7}] => (Allow) C:\Program Files\WindowsApps\Microsoft.SkypeApp_15.113.3210.0_x64__kzf8qxf38zg5c\Skype\Skype.exe (Skype Software Sarl -> Skype Technologies S.A.)
FirewallRules: [{20F19FF1-C9F2-44AE-8B17-8FFDCC0EC663}] => (Allow) C:\Program Files\WindowsApps\Microsoft.SkypeApp_15.113.3210.0_x64__kzf8qxf38zg5c\Skype\Skype.exe (Skype Software Sarl -> Skype Technologies S.A.)
FirewallRules: [{9C1485C6-CCA5-4758-9B4D-979276BFD97D}] => (Allow) C:\Program Files\WindowsApps\MSTeams_24004.1309.2689.2246_x64__8wekyb3d8bbwe\ms-teams.exe (Microsoft Corporation -> Microsoft Corporation)
FirewallRules: [{6403BB23-B2CA-45CA-A206-C85EAEBA2F59}] => (Allow) C:\Program Files\WindowsApps\MSTeams_24004.1309.2689.2246_x64__8wekyb3d8bbwe\ms-teams.exe (Microsoft Corporation -> Microsoft Corporation)
FirewallRules: [{BDF135AC-A728-4D5F-90EC-CB1AA104CB8B}] => (Allow) C:\Program Files\Google\Chrome\Application\chrome.exe (Google LLC -> Google LLC)
FirewallRules: [{198020FD-2AE3-4723-80D7-6309443C9B8E}] => (Allow) C:\Program Files (x86)\Microsoft\EdgeWebView\Application\122.0.2365.80\msedgewebview2.exe (Microsoft Corporation -> Microsoft Corporation)

==================== Restore Points =========================

10-03-2024 18:07:53 Naplánovaný kontrolní bod

==================== Faulty Device Manager Devices ============


==================== Event log errors: ========================

Application errors:
==================
Error: (03/10/2024 05:52:28 PM) (Source: Microsoft-Windows-Defrag) (EventID: 264) (User: )
Description: Optimalizátor úložiště nemohl dokončit opakovat operaci trim na DATA (E:), protože: Požadovaná operace není podporována hardwarem, který zálohuje svazek. (0x8900002A)

Error: (03/10/2024 05:52:25 PM) (Source: Microsoft-Windows-Defrag) (EventID: 264) (User: )
Description: Optimalizátor úložiště nemohl dokončit opakovat operaci trim na HRY (D:), protože: Požadovaná operace není podporována hardwarem, který zálohuje svazek. (0x8900002A)

Error: (03/10/2024 05:27:35 PM) (Source: Firefox Default Browser Agent) (EventID: 2) (User: )
Description: Event-ID 2

Error: (02/29/2024 06:24:26 PM) (Source: Microsoft-Windows-Defrag) (EventID: 264) (User: )
Description: Optimalizátor úložiště nemohl dokončit opakovat operaci trim na DATA (E:), protože: Požadovaná operace není podporována hardwarem, který zálohuje svazek. (0x8900002A)

Error: (02/29/2024 06:24:24 PM) (Source: Microsoft-Windows-Defrag) (EventID: 264) (User: )
Description: Optimalizátor úložiště nemohl dokončit opakovat operaci trim na HRY (D:), protože: Požadovaná operace není podporována hardwarem, který zálohuje svazek. (0x8900002A)

Error: (02/29/2024 06:11:05 PM) (Source: Firefox Default Browser Agent) (EventID: 2) (User: )
Description: Event-ID 2

Error: (02/27/2024 04:50:25 PM) (Source: Application Error) (EventID: 1000) (User: )
Description: Název chybující aplikace: Teams.exe, verze: 1.7.0.3653, časové razítko: 0x63f7d881
Název chybujícího modulu: Teams.exe, verze: 1.7.0.3653, časové razítko: 0x63f7d881
Kód výjimky: 0xc0000005
Posun chyby: 0x0000000003359742
ID chybujícího procesu: 0x2a04
Čas spuštění chybující aplikace: 0x01da69930eb3f0bd
Cesta k chybující aplikaci: C:\Users\Boss\AppData\Local\Microsoft\Teams\current\Teams.exe
Cesta k chybujícímu modulu: C:\Users\Boss\AppData\Local\Microsoft\Teams\current\Teams.exe
ID zprávy: 29966bfa-24aa-4de4-8fc9-ce6aca319506
Úplný název chybujícího balíčku:
ID aplikace související s chybujícím balíčkem:

Error: (02/24/2024 03:13:25 PM) (Source: Microsoft-Windows-Defrag) (EventID: 264) (User: )
Description: Optimalizátor úložiště nemohl dokončit opakovat operaci trim na DATA (E:), protože: Požadovaná operace není podporována hardwarem, který zálohuje svazek. (0x8900002A)


System errors:
=============
Error: (03/10/2024 05:26:22 PM) (Source: volsnap) (EventID: 36) (User: )
Description: Stínové kopie svazku C: byly přerušeny, protože z důvodu limitu stanoveného uživatelem se nepodařilo zvětšit úložiště stínové kopie.

Error: (03/10/2024 05:24:39 PM) (Source: Tcpip) (EventID: 4199) (User: )
Description: Systém zjistil konflikt IP adresy 0.0.0.0 se systémem,
jehož síťová hardwarová adresa je 00-12-42-2E-3B-87. Síťové operace v systému mohou
být přerušeny.

Error: (02/29/2024 07:07:41 PM) (Source: Service Control Manager) (EventID: 7000) (User: )
Description: Služba Steam Client Service neuspěla při spuštění v důsledku následující chyby:
Služba neodpověděla na řídicí nebo zahajovací požadavek dostatečně včas.

Error: (02/29/2024 07:07:41 PM) (Source: Service Control Manager) (EventID: 7009) (User: )
Description: Při čekání na připojení služby Steam Client Service bylo dosaženo časového limitu (30000 ms).

Error: (02/27/2024 05:58:32 PM) (Source: Tcpip) (EventID: 4199) (User: )
Description: Systém zjistil konflikt IP adresy 0.0.0.0 se systémem,
jehož síťová hardwarová adresa je 00-12-42-2E-3B-87. Síťové operace v systému mohou
být přerušeny.

Error: (02/24/2024 03:07:11 PM) (Source: volsnap) (EventID: 36) (User: )
Description: Stínové kopie svazku C: byly přerušeny, protože z důvodu limitu stanoveného uživatelem se nepodařilo zvětšit úložiště stínové kopie.

Error: (02/16/2024 08:24:27 PM) (Source: Service Control Manager) (EventID: 7023) (User: )
Description: Služba Mozilla Maintenance Service byla ukončena s následující chybou:
Nesprávná funkce.

Error: (02/11/2024 02:59:01 PM) (Source: Service Control Manager) (EventID: 7023) (User: )
Description: Služba Mozilla Maintenance Service byla ukončena s následující chybou:
Nesprávná funkce.


Windows Defender:
================
Date: 2024-03-10 17:55:42
Description:
Prohledávání Antivirová ochrana v programu Microsoft Defender bylo zastaveno před dokončením.
ID prohledávání: {D731898D-72A3-419A-89D2-156BD5B26543}
Typ prohledávání: Antimalwarový program
Parametry prohledávání: Rychlé prohledávání
Uživatel: NT AUTHORITY\SYSTEM

Date: 2024-02-27 16:09:05
Description:
Prohledávání Antivirová ochrana v programu Microsoft Defender bylo zastaveno před dokončením.
ID prohledávání: {0884A038-9968-4C5B-BAA9-051E154F08BC}
Typ prohledávání: Antimalwarový program
Parametry prohledávání: Rychlé prohledávání
Uživatel: NT AUTHORITY\SYSTEM

Date: 2024-02-11 15:07:25
Description:
Prohledávání Antivirová ochrana v programu Microsoft Defender bylo zastaveno před dokončením.
ID prohledávání: {CBFC6906-C46B-4DB4-A77F-86D26BC6D95F}
Typ prohledávání: Antimalwarový program
Parametry prohledávání: Rychlé prohledávání
Uživatel: NT AUTHORITY\SYSTEM

Date: 2024-02-08 15:16:28
Description:
Prohledávání Antivirová ochrana v programu Microsoft Defender bylo zastaveno před dokončením.
ID prohledávání: {1E566F3F-0468-47AE-BBA2-1E5237BB82B9}
Typ prohledávání: Antimalwarový program
Parametry prohledávání: Rychlé prohledávání
Uživatel: NT AUTHORITY\SYSTEM

Date: 2024-02-07 18:44:49
Description:
Prohledávání Antivirová ochrana v programu Microsoft Defender bylo zastaveno před dokončením.
ID prohledávání: {32750352-7DB1-40FD-AC7B-D7F6B8AA0423}
Typ prohledávání: Antimalwarový program
Parametry prohledávání: Rychlé prohledávání
Uživatel: NT AUTHORITY\SYSTEM
Event[0]:

Date: 2023-06-02 11:06:27
Description:
Funkce Ochrana v reálném čase u prohledávání Antivirová ochrana v programu Microsoft Defender zjistila chybu a došlo k jejímu selhání.
Funkce: Při přístupu
Kód chyby: 0x8007043c
Popis chyby: Tuto službu nelze spustit v nouzovém režimu.
Důvod: Antimalwarové bezpečnostní informace přestaly z neznámých důvodů fungovat. V některých případech se tento problém dá vyřešit restartováním služby.

CodeIntegrity:
===============
Date: 2023-11-19 17:37:49
Description:
Code Integrity determined that a process (\Device\HarddiskVolume2\ProgramData\Microsoft\Windows Defender\Platform\4.18.23100.2009-0\MsMpEng.exe) attempted to load \Device\HarddiskVolume2\Program Files\Common Files\microsoft shared\OFFICE12\MSOXMLMF.DLL that did not meet the Custom 3 / Antimalware signing level requirements.

Date: 2023-11-01 14:38:35
Description:
Code Integrity determined that a process (\Device\HarddiskVolume2\ProgramData\Microsoft\Windows Defender\Platform\4.18.23090.2008-0\MsMpEng.exe) attempted to load \Device\HarddiskVolume2\Program Files\Common Files\microsoft shared\OFFICE12\MSOXMLMF.DLL that did not meet the Custom 3 / Antimalware signing level requirements.

Date: 2023-10-30 18:40:44
Description:
Code Integrity determined that a process (\Device\HarddiskVolume2\Windows\System32\svchost.exe) attempted to load \Device\HarddiskVolume2\Program Files\Avast Software\Avast\aswAMSI.dll that did not meet the Windows signing level requirements.


==================== Memory info ===========================

BIOS: American Megatrends Inc. 0502 03/04/2017
Motherboard: ASUSTeK Computer INC. M5A78L-M LE/USB3
Processor: AMD FX(tm)-6300 Six-Core Processor
Percentage of memory in use: 44%
Total physical RAM: 8174.11 MB
Available physical RAM: 4561.25 MB
Total Virtual: 14062.11 MB
Available Virtual: 5728.86 MB

==================== Drives ================================

Drive c: () (Fixed) (Total:237.9 GB) (Free:9.25 GB) (Model: Apacer AS350 256GB ATA Device) NTFS
Drive d: (HRY) (Fixed) (Total:886.45 GB) (Free:685.34 GB) (Model: WDC WD20EZRZ-00Z5HB0 ATA Device) NTFS
Drive e: (DATA) (Fixed) (Total:976.56 GB) (Free:976.43 GB) (Model: WDC WD20EZRZ-00Z5HB0 ATA Device) NTFS

\\?\Volume{38d0b591-0000-0000-0000-100000000000}\ (Rezervováno systémem) (Fixed) (Total:0.05 GB) (Free:0.02 GB) NTFS
\\?\Volume{38d0b591-0000-0000-0000-107d3b000000}\ () (Fixed) (Total:0.52 GB) (Free:0.08 GB) NTFS

==================== MBR & Partition Table ====================

==========================================================
Disk: 0 (MBR Code: Windows 7/8/10) (Size: 238.5 GB) (Disk ID: 38D0B591)
Partition 1: (Active) - (Size=50 MB) - (Type=07 NTFS)
Partition 2: (Not Active) - (Size=237.9 GB) - (Type=07 NTFS)
Partition 3: (Not Active) - (Size=531 MB) - (Type=27)

==========================================================
Disk: 1 (MBR Code: Windows 7/8/10) (Size: 1863 GB) (Disk ID: 6E0FA70F)
Partition 1: (Not Active) - (Size=886.5 GB) - (Type=07 NTFS)
Partition 2: (Not Active) - (Size=976.6 GB) - (Type=07 NTFS)

==================== End of Addition.txt =======================

Dobrý den,

prosím o radu, samovolně se mi pohybuje myš, otvírá mi složky, prohlížeč a chodí do nastavení chromu nebo vyhledává nějaké odkazy. Viz. příloha.

Děkuji za odpověď.

Zdravím!
Spusťte tuto utilitu

Ulozte na plochu AdwCleaner https://malwarebytes.com/adwcleaner/ nebo http://www.bleepingcomputer.com/download/adwcleaner/

ukoncete vsechny programy
odsouhlaste licencni podmiky (EULA) klikem na Souhlasim
kliknete pravym na ikonu AdwCleaneru a vyberte Spustit jako spravce (v pripade Win XP spustte obycejne dvojklikem)
kliknete na Skenovat nyni (Scan now), pote na Cisteni a opravy (Clean and Repair)
po restartu na Vas vyskoci log (pripadne jej najdete v C:\AdwCleaner\Logs\AdwCleaner[Cxx].txt), jehoz obsah zkopirujte do pristi odpovedi

Můžete ji spustit i v nouz. režimu, pokud by to nešlo jinak.

# -------------------------------
# Malwarebytes AdwCleaner 8.4.2.0
# -------------------------------
# Build: 03-04-2024
# Database: 2024-03-04.1 (Cloud)
# Support: https://www.malwarebytes.com/support
#
# -------------------------------
# Mode: Scan
# -------------------------------
# Start: 03-10-2024
# Duration: 00:00:10
# OS: Windows 10 (Build 19045.4046)
# Scanned: 32104
# Detected: 0


***** [ Services ] *****

No malicious services found.

***** [ Folders ] *****

No malicious folders found.

***** [ Files ] *****

No malicious files found.

***** [ DLL ] *****

No malicious DLLs found.

***** [ WMI ] *****

No malicious WMI found.

***** [ Shortcuts ] *****

No malicious shortcuts found.

***** [ Tasks ] *****

No malicious tasks found.

***** [ Registry ] *****

No malicious registry entries found.

***** [ Chromium (and derivatives) ] *****

No malicious Chromium entries found.

***** [ Chromium URLs ] *****

No malicious Chromium URLs found.

***** [ Firefox (and derivatives) ] *****

No malicious Firefox entries found.

***** [ Firefox URLs ] *****

No malicious Firefox URLs found.

***** [ Hosts File Entries ] *****

No malicious hosts file entries found.

***** [ Preinstalled Software ] *****

No Preinstalled Software found.


AdwCleaner[S00].txt - [1431 octets] - [10/03/2024 20:33:51]
AdwCleaner[C00].txt - [1601 octets] - [10/03/2024 20:34:31]

########## EOF - C:\AdwCleaner\Logs\AdwCleaner[S01].txt ##########

Toto je OK. Otevřte poznámkový blok a zkopírujte do něj:

Start

CloseProcesses:
FirewallRules: [{FDCF403C-C615-4CD3-9E89-E12E62E24B2D}] => (Allow) C:\Program Files (x86)\Microsoft Office\root\Office16\Lync.exe => No File
FirewallRules: [{7DE588F6-1A59-46DC-87C9-D96A0053EC1A}] => (Allow) C:\Program Files (x86)\Microsoft Office\root\Office16\UcMapi.exe => No File
FirewallRules: [{D5127A7B-3872-4C1B-844B-B7DCDB29CBE0}] => (Allow) C:\Users\Boss\AppData\Local\Programs\Opera\99.0.4788.24\opera.exe => No File
FirewallRules: [{D6E2CECF-9D7D-4916-84E8-B1E83B5596A2}] => (Allow) C:\Users\Boss\AppData\Local\Programs\Opera\105.0.4970.34\opera.exe => No File
FirewallRules: [{52A0B7EE-7704-4FDC-BF91-C92ADC45AC55}] => (Allow) C:\Users\Boss\AppData\Local\Programs\Opera\105.0.4970.48\opera.exe => No File
HKLM\...\RunOnce: [Delete Cached Update Binary] => C:\Windows\system32\cmd.exe /q /c del /q "C:\Program Files\Microsoft OneDrive\Update\OneDriveSetup.exe" (No File)
HKU\S-1-5-21-4194677476-3627657768-3988829947-1001\...\Run: [AMDNoiseSuppression] => "C:\Windows\system32\AMD\ANR\AMDNoiseSuppression.exe" (No File)
HKU\S-1-5-21-4194677476-3627657768-3988829947-1001\...\MountPoints2: {560a23a1-0ce9-11ee-8d96-107b447c800e} - "F:\HiSuiteDownLoader.exe"
GroupPolicy: Restriction ? <==== ATTENTION
Policies: C:\ProgramData\NTUSER.pol: Restriction <==== ATTENTION
HKLM\SOFTWARE\Policies\Mozilla\Firefox: Restriction <==== ATTENTION
Task: {D8D4AE93-6C2B-4AEC-8A70-CA52B75704E7} - System32\Tasks\GoogleUpdateTaskMachineCore{90BD869D-AEFD-4B37-97E2-E09EF29912CC} => C:\Program Files (x86)\Google\Update\GoogleUpdate.exe [162072 2023-05-23] (Google LLC -> Google LLC)
Task: {57D7A0C9-C9C3-415B-94BD-20C722858903} - System32\Tasks\GoogleUpdateTaskMachineUA{C8824E64-E38E-482D-98E3-556E7BDC451D} => C:\Program Files (x86)\Google\Update\GoogleUpdate.exe [162072 2023-05-23] (Google LLC -> Google LLC)
Task: {58A22B38-D1DD-451C-932F-4539AF07AC81} - System32\Tasks\Opera scheduled Autoupdate 1685954649 => C:\Users\Boss\AppData\Local\Programs\Opera\launcher.exe --scheduledautoupdate $(Arg0) (No File)
Task: {217A2C3A-2339-4A5C-84E7-76358C50F2FE} - System32\Tasks\Opera scheduled Autoupdate 1701959593 => C:\Users\Boss\AppData\Local\Programs\Opera\launcher.exe --scheduledautoupdate $(Arg0) (No File)
R2 Ds3Service; C:\Program Files\Nefarius Software Solutions\ScpToolkit\ScpService.exe [389632 2016-01-10] (Scarlet.Crush Productions) [File not signed] [File is in use] <==== ATTENTION

EmptyTemp:
End

Uložte na plochu jako fixlist.txt. Spusťte znovu FRST a klikněte na >Fix<. Po skončení akce se objeví log, který sem zkopírujte.

Fix result of Farbar Recovery Scan Tool (x64) Version: 11.03.2024
Ran by Boss (11-03-2024 18:08:09) Run:1
Running from C:\Users\Boss\Desktop
Loaded Profiles: Boss
Boot Mode: Normal
==============================================

fixlist content:
*****************
Start

CloseProcesses:
FirewallRules: [{FDCF403C-C615-4CD3-9E89-E12E62E24B2D}] => (Allow) C:\Program Files (x86)\Microsoft Office\root\Office16\Lync.exe => No File
FirewallRules: [{7DE588F6-1A59-46DC-87C9-D96A0053EC1A}] => (Allow) C:\Program Files (x86)\Microsoft Office\root\Office16\UcMapi.exe => No File
FirewallRules: [{D5127A7B-3872-4C1B-844B-B7DCDB29CBE0}] => (Allow) C:\Users\Boss\AppData\Local\Programs\Opera\99.0.4788.24\opera.exe => No File
FirewallRules: [{D6E2CECF-9D7D-4916-84E8-B1E83B5596A2}] => (Allow) C:\Users\Boss\AppData\Local\Programs\Opera\105.0.4970.34\opera.exe => No File
FirewallRules: [{52A0B7EE-7704-4FDC-BF91-C92ADC45AC55}] => (Allow) C:\Users\Boss\AppData\Local\Programs\Opera\105.0.4970.48\opera.exe => No File
HKLM\...\RunOnce: [Delete Cached Update Binary] => C:\Windows\system32\cmd.exe /q /c del /q "C:\Program Files\Microsoft OneDrive\Update\OneDriveSetup.exe" (No File)
HKU\S-1-5-21-4194677476-3627657768-3988829947-1001\...\Run: [AMDNoiseSuppression] => "C:\Windows\system32\AMD\ANR\AMDNoiseSuppression.exe" (No File)
HKU\S-1-5-21-4194677476-3627657768-3988829947-1001\...\MountPoints2: {560a23a1-0ce9-11ee-8d96-107b447c800e} - "F:\HiSuiteDownLoader.exe"
GroupPolicy: Restriction ? <==== ATTENTION
Policies: C:\ProgramData\NTUSER.pol: Restriction <==== ATTENTION
HKLM\SOFTWARE\Policies\Mozilla\Firefox: Restriction <==== ATTENTION
Task: {D8D4AE93-6C2B-4AEC-8A70-CA52B75704E7} - System32\Tasks\GoogleUpdateTaskMachineCore{90BD869D-AEFD-4B37-97E2-E09EF29912CC} => C:\Program Files (x86)\Google\Update\GoogleUpdate.exe [162072 2023-05-23] (Google LLC -> Google LLC)
Task: {57D7A0C9-C9C3-415B-94BD-20C722858903} - System32\Tasks\GoogleUpdateTaskMachineUA{C8824E64-E38E-482D-98E3-556E7BDC451D} => C:\Program Files (x86)\Google\Update\GoogleUpdate.exe [162072 2023-05-23] (Google LLC -> Google LLC)
Task: {58A22B38-D1DD-451C-932F-4539AF07AC81} - System32\Tasks\Opera scheduled Autoupdate 1685954649 => C:\Users\Boss\AppData\Local\Programs\Opera\launcher.exe --scheduledautoupdate $(Arg0) (No File)
Task: {217A2C3A-2339-4A5C-84E7-76358C50F2FE} - System32\Tasks\Opera scheduled Autoupdate 1701959593 => C:\Users\Boss\AppData\Local\Programs\Opera\launcher.exe --scheduledautoupdate $(Arg0) (No File)
R2 Ds3Service; C:\Program Files\Nefarius Software Solutions\ScpToolkit\ScpService.exe [389632 2016-01-10] (Scarlet.Crush Productions) [File not signed] [File is in use] <==== ATTENTION

EmptyTemp:
End
*****************

Processes closed successfully.
"HKLM\SYSTEM\CurrentControlSet\services\SharedAccess\Parameters\FirewallPolicy\FirewallRules\\{FDCF403C-C615-4CD3-9E89-E12E62E24B2D}" => removed successfully
"HKLM\SYSTEM\CurrentControlSet\services\SharedAccess\Parameters\FirewallPolicy\FirewallRules\\{7DE588F6-1A59-46DC-87C9-D96A0053EC1A}" => removed successfully
"HKLM\SYSTEM\CurrentControlSet\services\SharedAccess\Parameters\FirewallPolicy\FirewallRules\\{D5127A7B-3872-4C1B-844B-B7DCDB29CBE0}" => removed successfully
"HKLM\SYSTEM\CurrentControlSet\services\SharedAccess\Parameters\FirewallPolicy\FirewallRules\\{D6E2CECF-9D7D-4916-84E8-B1E83B5596A2}" => removed successfully
"HKLM\SYSTEM\CurrentControlSet\services\SharedAccess\Parameters\FirewallPolicy\FirewallRules\\{52A0B7EE-7704-4FDC-BF91-C92ADC45AC55}" => removed successfully
"HKLM\Software\Microsoft\Windows\CurrentVersion\RunOnce\\Delete Cached Update Binary" => not found
"HKU\S-1-5-21-4194677476-3627657768-3988829947-1001\Software\Microsoft\Windows\CurrentVersion\Run\\AMDNoiseSuppression" => removed successfully
HKU\S-1-5-21-4194677476-3627657768-3988829947-1001\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\MountPoints2\{560a23a1-0ce9-11ee-8d96-107b447c800e} => removed successfully

"C:\Windows\system32\GroupPolicy\Machine" folder move:

C:\Windows\system32\GroupPolicy\Machine => moved successfully
C:\Windows\system32\GroupPolicy\GPT.ini => moved successfully
C:\ProgramData\NTUSER.pol => moved successfully
HKLM\SOFTWARE\Policies\Mozilla => removed successfully
"HKLM\Software\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Logon\{D8D4AE93-6C2B-4AEC-8A70-CA52B75704E7}" => removed successfully
"HKLM\Software\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tasks\{D8D4AE93-6C2B-4AEC-8A70-CA52B75704E7}" => removed successfully
C:\Windows\System32\Tasks\GoogleUpdateTaskMachineCore{90BD869D-AEFD-4B37-97E2-E09EF29912CC} => moved successfully
"HKLM\Software\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tree\GoogleUpdateTaskMachineCore{90BD869D-AEFD-4B37-97E2-E09EF29912CC}" => removed successfully
"HKLM\Software\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Plain\{57D7A0C9-C9C3-415B-94BD-20C722858903}" => removed successfully
"HKLM\Software\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tasks\{57D7A0C9-C9C3-415B-94BD-20C722858903}" => removed successfully
C:\Windows\System32\Tasks\GoogleUpdateTaskMachineUA{C8824E64-E38E-482D-98E3-556E7BDC451D} => moved successfully
"HKLM\Software\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tree\GoogleUpdateTaskMachineUA{C8824E64-E38E-482D-98E3-556E7BDC451D}" => removed successfully
"HKLM\Software\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Logon\{58A22B38-D1DD-451C-932F-4539AF07AC81}" => removed successfully
"HKLM\Software\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tasks\{58A22B38-D1DD-451C-932F-4539AF07AC81}" => removed successfully
C:\Windows\System32\Tasks\Opera scheduled Autoupdate 1685954649 => moved successfully
"HKLM\Software\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tree\Opera scheduled Autoupdate 1685954649" => removed successfully
"HKLM\Software\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Logon\{217A2C3A-2339-4A5C-84E7-76358C50F2FE}" => removed successfully
"HKLM\Software\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tasks\{217A2C3A-2339-4A5C-84E7-76358C50F2FE}" => removed successfully
C:\Windows\System32\Tasks\Opera scheduled Autoupdate 1701959593 => moved successfully
"HKLM\Software\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tree\Opera scheduled Autoupdate 1701959593" => removed successfully
HKLM\System\CurrentControlSet\Services\Ds3Service => removed successfully
Ds3Service => service removed successfully

=========== EmptyTemp: ==========

FlushDNS => completed
BITS transfer queue => 1310720 B
DOMStore, IE Recovery, AppCache, Feeds Cache, Thumbcache, IconCache => 102566817 B
Java, Discord, Steam htmlcache, WinHttpAutoProxySvc/winhttp *.cache => 60339949 B
Windows/system/drivers => 10953406 B
Edge => 0 B
Chrome => 1132534025 B
Firefox => 491473291 B
Opera => 6740854 B

Temp, IE cache, history, cookies, recent:
Default => 0 B
ProgramData => 0 B
Public => 0 B
systemprofile => 229875 B
systemprofile32 => 230434 B
LocalService => 356164 B
NetworkService => 458028 B
Boss => 17850376 B

RecycleBin => 0 B
EmptyTemp: => 1.7 GB temporary data Removed.

================================


The system needed a reboot.

==== End of Fixlog 18:09:42 ====

Smazáno. Nastala nějaká změna?

Dobrý den, jednou se opakoval stejný problém, a to při psaní prezentace do školy se mi do ní samovolně smazal obrázek a místo něj se vložil internetový odkaz.

Nevím, co tím chcete říci. Jednou? Kdy? Nyní? Jde mi o to, zda zmizel samovolný pohyb myši a to otevírání prohlížeče. To tu řešíme.

Ano samovolný pohyb myši, otevření prohlížeče a vyhledávání na googlu se objevilo poprvé po aplikování fixu a před chvílí znovu.

OK. Dejte nové logy FRST+Addition.

Additional scan result of Farbar Recovery Scan Tool (x64) Version: 12.03.2024
Ran by Boss (13-03-2024 17:36:43)
Running from C:\Users\Boss\Desktop
Microsoft Windows 10 Pro Version 22H2 19045.4046 (X64) (2021-05-22 22:11:45)
Boot Mode: Normal
==========================================================


==================== Accounts: =============================


(If an entry is included in the fixlist, it will be removed.)

Administrator (S-1-5-21-4194677476-3627657768-3988829947-500 - Administrator - Disabled)
Boss (S-1-5-21-4194677476-3627657768-3988829947-1001 - Administrator - Enabled) => C:\Users\Boss
DefaultAccount (S-1-5-21-4194677476-3627657768-3988829947-503 - Limited - Disabled)
Guest (S-1-5-21-4194677476-3627657768-3988829947-501 - Limited - Enabled)
WDAGUtilityAccount (S-1-5-21-4194677476-3627657768-3988829947-504 - Limited - Disabled)

==================== Security Center ========================

(If an entry is included in the fixlist, it will be removed.)

AV: Windows Defender (Enabled - Up to date) {D68DDC3A-831F-4fae-9E44-DA132C1ACF46}

==================== Installed Programs ======================

(Only the adware programs with "Hidden" flag could be added to the fixlist to unhide them. The adware programs should be uninstalled manually.)

AMD Chipset Software (HKLM-x32\...\AMD_Chipset_IODrivers) (Version: 5.05.16.529 - Advanced Micro Devices, Inc.)
AMD SBxxx SMBus Driver (HKLM-x32\...\{AAE0E27D-C88A-49BA-8715-77ADCD4286A3}) (Version: 5.12.0.38 - Advanced Micro Devices, Inc.) Hidden
AMD Software (HKLM\...\AMD Catalyst Install Manager) (Version: 23.5.1 - Advanced Micro Devices, Inc.)
AMD_Chipset_Drivers (HKLM-x32\...\{fa489a41-09bb-480e-95ff-0856f05112eb}) (Version: 5.05.16.529 - Advanced Micro Devices, Inc.) Hidden
Bandizip (HKLM\...\Bandizip) (Version: 7.30 - Bandisoft.com)
Branding64 (HKLM\...\{2A677A6A-43E8-4FE3-A273-07B0E27DADAE}) (Version: 1.00.0008 - Advanced Micro Devices, Inc.) Hidden
Classic Shell (HKLM\...\{CABCE573-0A86-42FA-A52A-C7EA61D5BE08}) (Version: 4.3.1 - IvoSoft)
CPUID CPU-Z 2.05 (HKLM\...\CPUID CPU-Z_is1) (Version: 2.05 - CPUID, Inc.)
Crash Bandicoot N Sane Trilogy (HKLM-x32\...\Crash Bandicoot N Sane Trilogy_is1) (Version: - )
Geeks3D FurMark 1.34.0.0 (HKLM-x32\...\{2397CAD4-2263-4CD0-96BE-E43A980B9C9A}_is1) (Version: 1.34.0.0 - Geeks3D)
Google Chrome (HKLM-x32\...\Google Chrome) (Version: 122.0.6261.128 - Google LLC)
Hard Disk Low Level Format Tool 4.40 (HKLM-x32\...\Hard Disk Low Level Format Tool_is1) (Version: - HDDGURU)
Java 8 Update 371 (HKLM-x32\...\{71124AE4-039E-4CA4-87B4-2F32180371F0}) (Version: 8.0.3710.11 - Oracle Corporation)
Microsoft Edge (HKLM-x32\...\Microsoft Edge) (Version: 122.0.2365.80 - Microsoft Corporation)
Microsoft Edge WebView2 Runtime (HKLM-x32\...\Microsoft EdgeWebView) (Version: 122.0.2365.80 - Microsoft Corporation)
Microsoft Office Professional Plus 2021 - cs-cz (HKLM\...\ProPlus2021Retail - cs-cz) (Version: 16.0.17328.20162 - Microsoft Corporation)
Microsoft OneDrive (HKLM\...\OneDriveSetup.exe) (Version: 24.025.0204.0003 - Microsoft Corporation)
Microsoft OneDrive (HKU\.DEFAULT\...\OneDriveSetup.exe) (Version: 18.151.0729.0013 - Microsoft Corporation)
Microsoft Teams classic (HKU\S-1-5-21-4194677476-3627657768-3988829947-1001\...\Teams) (Version: 1.7.00.6058 - Microsoft Corporation)
Microsoft Teams Meeting Add-in for Microsoft Office (HKLM\...\{A7AB73A3-CB10-4AA5-9D38-6AEFFBDE4C91}) (Version: 1.23.35502 - Microsoft)
Microsoft Update Health Tools (HKLM\...\{1FC1A6C2-576E-489A-9B4A-92D21F542136}) (Version: 3.74.0.0 - Microsoft Corporation)
Microsoft Visual C++ 2005 Redistributable (HKLM-x32\...\{710f4c1c-cc18-4c49-8cbf-51240c89a1a2}) (Version: 8.0.61001 - Microsoft Corporation)
Microsoft Visual C++ 2005 Redistributable (x64) (HKLM\...\{ad8a2fa1-06e7-4b0d-927d-6e54b3d31028}) (Version: 8.0.61000 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x64 9.0.30729.6161 (HKLM\...\{5FCE6D76-F5DC-37AB-B2B8-22AB8CEDB1D4}) (Version: 9.0.30729.6161 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.6161 (HKLM-x32\...\{9BE518E6-ECC6-35A9-88E4-87755C07200F}) (Version: 9.0.30729.6161 - Microsoft Corporation)
Microsoft Visual C++ 2010 x64 Redistributable - 10.0.40219 (HKLM\...\{1D8E6291-B0D5-35EC-8441-6616F567A0F7}) (Version: 10.0.40219 - Microsoft Corporation)
Microsoft Visual C++ 2010 x86 Redistributable - 10.0.40219 (HKLM-x32\...\{F0C3E5D1-1ADE-321E-8167-68EF0DE699A5}) (Version: 10.0.40219 - Microsoft Corporation)
Microsoft Visual C++ 2012 Redistributable (x64) - 11.0.61030 (HKLM-x32\...\{ca67548a-5ebe-413a-b50c-4b9ceb6d66c6}) (Version: 11.0.61030.0 - Microsoft Corporation)
Microsoft Visual C++ 2012 Redistributable (x86) - 11.0.61030 (HKLM-x32\...\{33d1fd90-4274-48a1-9bc1-97e33d9c2d6f}) (Version: 11.0.61030.0 - Microsoft Corporation)
Microsoft Visual C++ 2012 x64 Additional Runtime - 11.0.61030 (HKLM\...\{37B8F9C7-03FB-3253-8781-2517C99D7C00}) (Version: 11.0.61030 - Microsoft Corporation) Hidden
Microsoft Visual C++ 2012 x64 Minimum Runtime - 11.0.61030 (HKLM\...\{CF2BEA3C-26EA-32F8-AA9B-331F7E34BA97}) (Version: 11.0.61030 - Microsoft Corporation) Hidden
Microsoft Visual C++ 2012 x86 Additional Runtime - 11.0.61030 (HKLM-x32\...\{B175520C-86A2-35A7-8619-86DC379688B9}) (Version: 11.0.61030 - Microsoft Corporation) Hidden
Microsoft Visual C++ 2012 x86 Minimum Runtime - 11.0.61030 (HKLM-x32\...\{BD95A8CD-1D9F-35AD-981A-3E7925026EBB}) (Version: 11.0.61030 - Microsoft Corporation) Hidden
Microsoft Visual C++ 2013 Redistributable (x64) - 12.0.40664 (HKLM-x32\...\{042d26ef-3dbe-4c25-95d3-4c1b11b235a7}) (Version: 12.0.40664.0 - Microsoft Corporation)
Microsoft Visual C++ 2013 Redistributable (x86) - 12.0.40664 (HKLM-x32\...\{9dff3540-fc85-4ed5-ac84-9e3c7fd8bece}) (Version: 12.0.40664.0 - Microsoft Corporation)
Microsoft Visual C++ 2013 x64 Additional Runtime - 12.0.40664 (HKLM\...\{010792BA-551A-3AC0-A7EF-0FAB4156C382}) (Version: 12.0.40664 - Microsoft Corporation) Hidden
Microsoft Visual C++ 2013 x64 Minimum Runtime - 12.0.40664 (HKLM\...\{53CF6934-A98D-3D84-9146-FC4EDF3D5641}) (Version: 12.0.40664 - Microsoft Corporation) Hidden
Microsoft Visual C++ 2013 x86 Additional Runtime - 12.0.40664 (HKLM-x32\...\{D401961D-3A20-3AC7-943B-6139D5BD490A}) (Version: 12.0.40664 - Microsoft Corporation) Hidden
Microsoft Visual C++ 2013 x86 Minimum Runtime - 12.0.40664 (HKLM-x32\...\{8122DAB1-ED4D-3676-BB0A-CA368196543E}) (Version: 12.0.40664 - Microsoft Corporation) Hidden
Microsoft Visual C++ 2015-2022 Redistributable (x64) - 14.34.31931 (HKLM-x32\...\{d4cecf3b-b68f-4995-8840-52ea0fab646e}) (Version: 14.34.31931.0 - Microsoft Corporation)
Microsoft Visual C++ 2015-2022 Redistributable (x86) - 14.34.31931 (HKLM-x32\...\{6ba9fb5e-8366-4cc4-bf65-25fe9819b2fc}) (Version: 14.34.31931.0 - Microsoft Corporation)
Microsoft Visual C++ 2022 X64 Additional Runtime - 14.34.31931 (HKLM\...\{EAE242B1-0A26-485A-BFEB-0292EE9F03CB}) (Version: 14.34.31931 - Microsoft Corporation) Hidden
Microsoft Visual C++ 2022 X64 Minimum Runtime - 14.34.31931 (HKLM\...\{CF4C347D-954E-4543-88D2-EC17F07F466F}) (Version: 14.34.31931 - Microsoft Corporation) Hidden
Microsoft Visual C++ 2022 X86 Additional Runtime - 14.34.31931 (HKLM-x32\...\{C2662EFF-06E6-4FD1-9D6D-FDCA91025757}) (Version: 14.34.31931 - Microsoft Corporation) Hidden
Microsoft Visual C++ 2022 X86 Minimum Runtime - 14.34.31931 (HKLM-x32\...\{AB1BDF73-7393-42CE-812D-9A90918814D5}) (Version: 14.34.31931 - Microsoft Corporation) Hidden
Minecraft - ElAmigos verze 1.17.1 (HKLM-x32\...\{64E20254-DB52-4EC0-97E4-93B7C7B2DEDA}_is1) (Version: 1.17.1 - Mojang)
Mozilla Firefox (x64 cs) (HKLM\...\Mozilla Firefox 122.0.1 (x64 cs)) (Version: 122.0.1 - Mozilla)
Mozilla Maintenance Service (HKLM\...\MozillaMaintenanceService) (Version: 117.0 - Mozilla)
Mozilla Thunderbird (x64 cs) (HKLM\...\Mozilla Thunderbird 115.6.1 (x64 cs)) (Version: 115.6.1 - Mozilla)
NVIDIA PhysX (HKLM-x32\...\{3F5C371F-8EA2-4F25-9D3D-D0B4526E3AEA}) (Version: 9.10.0513 - NVIDIA Corporation)
Office 16 Click-to-Run Extensibility Component (HKLM\...\{90160000-008C-0000-1000-0000000FF1CE}) (Version: 16.0.17328.20142 - Microsoft Corporation) Hidden
Office 16 Click-to-Run Licensing Component (HKLM\...\{90160000-007E-0000-1000-0000000FF1CE}) (Version: 16.0.17328.20108 - Microsoft Corporation) Hidden
Restaurace Medvěda Míši (HKLM-x32\...\Restaurace Medvěda Míši) (Version: - )
Roblox Player for Boss (HKU\S-1-5-21-4194677476-3627657768-3988829947-1001\...\roblox-player) (Version: - Roblox Corporation)
ScpToolkit (HKLM\...\{AC052048-9828-45E3-872B-04CE30A3B58B}) (Version: 1.6.238.16010 - Nefarius Software Solutions)
Steam (HKLM-x32\...\Steam) (Version: 2.10.91.91 - Valve Corporation)
Teams Machine-Wide Installer (HKLM-x32\...\{731F6BAA-A986-45A4-8936-7C3AAAAA760B}) (Version: 1.5.0.30767 - Microsoft Corporation)
TechPowerUp GPU-Z (HKLM-x32\...\{8B0F211E-5846-4FB2-B0B9-4EB31546FDF9}}_is1) (Version: 2.53.0 - TechPowerUp)
The Sims 4 Dream Home Decorator (HKLM-x32\...\The Sims 4 Dream Home Decorator_is1) (Version: - )
Total Commander 64-bit (Remove or Repair) (HKLM\...\Totalcmd64) (Version: 10.52 - Ghisler Software GmbH)
Update for Windows 10 for x64-based Systems (KB5001716) (HKLM\...\{B9A7A138-BFD5-4C73-A269-F78CCA28150E}) (Version: 8.94.0.0 - Microsoft Corporation)
VLC media player (HKLM\...\VLC media player) (Version: 3.0.20 - VideoLAN)

Chrome apps:
============
Disk Google (HKU\S-1-5-21-4194677476-3627657768-3988829947-1001\...\14040518e68da604e0144e2394ec3629) (Version: 1.0 - Google\Chrome)
Dokumenty (HKU\S-1-5-21-4194677476-3627657768-3988829947-1001\...\5604d365b698317cfe78bd7252ba23a9) (Version: 1.0 - Google\Chrome)
Gmail (HKU\S-1-5-21-4194677476-3627657768-3988829947-1001\...\0f4b2c1235e193c7b4070d2c1e994383) (Version: 1.0 - Google\Chrome)
Prezentace (HKU\S-1-5-21-4194677476-3627657768-3988829947-1001\...\734fd7ca719aac2d9dc9726cb395a5f1) (Version: 1.0 - Google\Chrome)
Tabulky (HKU\S-1-5-21-4194677476-3627657768-3988829947-1001\...\4d170e5c6f7baaf9d052d1ec2a07f6ab) (Version: 1.0 - Google\Chrome)
YouTube (HKU\S-1-5-21-4194677476-3627657768-3988829947-1001\...\a6cf77c1e8f5d0232d8f60134c0adbdb) (Version: 1.0 - Google\Chrome)

Packages:
=========

Doplněk multimediálního modulu pro aplikaci Fotografie -> C:\Program Files\WindowsApps\Microsoft.Photos.MediaEngineDLC_1.0.0.0_x64__8wekyb3d8bbwe [2023-07-17] (Microsoft Corporation)
Microsoft Teams (work or school) -> C:\Program Files\WindowsApps\MSTeams_24033.811.2738.2546_x64__8wekyb3d8bbwe [2024-03-12] (Microsoft) [Startup Task]
NVIDIA Control Panel -> C:\Program Files\WindowsApps\NVIDIACorp.NVIDIAControlPanel_8.1.964.0_x64__56jybvy8sckqj [2023-06-01] (NVIDIA Corp.)
Solitaire & Casual Games -> C:\Program Files\WindowsApps\Microsoft.MicrosoftSolitaireCollection_4.19.1262.0_x64__8wekyb3d8bbwe [2024-02-06] (Microsoft Studios) [MS Ad]
TenBrowser -> C:\Program Files\WindowsApps\63685TenBrowser.TenBrowser_1.7.78.0_neutral__q4wt7ke8hpbsc [2023-11-09] (TenBrowser) [Startup Task]
Windows Package Manager Source (platform) -> C:\Program Files\WindowsApps\Microsoft.Winget.Platform.Source_2023.516.1956.874_neutral__8wekyb3d8bbwe [2023-10-30] (Microsoft Corporation)

==================== Custom CLSID (Whitelisted): ==============

(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)

CustomCLSID: HKU\S-1-5-21-4194677476-3627657768-3988829947-1001_Classes\CLSID\{19A6E644-14E6-4A60-B8D7-DD20610A871D}\InprocServer32 -> C:\Users\Boss\AppData\Local\Microsoft\TeamsMeetingAddin\1.0.24022.3\x64\Microsoft.Teams.AddinLoader.dll (Microsoft Corporation -> Microsoft Corporation)
CustomCLSID: HKU\S-1-5-21-4194677476-3627657768-3988829947-1001_Classes\CLSID\{5B69A6B4-393B-459C-8EBB-214237A9E7AC}\InprocServer32 -> C:\Program Files\Bandizip\bdzshl.x64.dll (Bandisoft -> Bandisoft International Inc.)
CustomCLSID: HKU\S-1-5-21-4194677476-3627657768-3988829947-1001_Classes\CLSID\{d1b22d3d-8585-53a6-acb3-0e803c7e8d2a}\localserver32 -> C:\Users\Boss\AppData\Local\Microsoft\Teams\current\Teams.exe (Microsoft Corporation -> Microsoft Corporation)
ShellIconOverlayIdentifiers: [ OneDrive1] -> {BBACC218-34EA-4666-9D7A-C78F2274A524} => C:\Program Files\Microsoft OneDrive\24.025.0204.0003\FileSyncShell64.dll [2024-03-10] (Microsoft Corporation -> Microsoft Corporation)
ShellIconOverlayIdentifiers: [ OneDrive2] -> {5AB7172C-9C11-405C-8DD5-AF20F3606282} => C:\Program Files\Microsoft OneDrive\24.025.0204.0003\FileSyncShell64.dll [2024-03-10] (Microsoft Corporation -> Microsoft Corporation)
ShellIconOverlayIdentifiers: [ OneDrive3] -> {A78ED123-AB77-406B-9962-2A5D9D2F7F30} => C:\Program Files\Microsoft OneDrive\24.025.0204.0003\FileSyncShell64.dll [2024-03-10] (Microsoft Corporation -> Microsoft Corporation)
ShellIconOverlayIdentifiers: [ OneDrive4] -> {F241C880-6982-4CE5-8CF7-7085BA96DA5A} => C:\Program Files\Microsoft OneDrive\24.025.0204.0003\FileSyncShell64.dll [2024-03-10] (Microsoft Corporation -> Microsoft Corporation)
ShellIconOverlayIdentifiers: [ OneDrive5] -> {A0396A93-DC06-4AEF-BEE9-95FFCCAEF20E} => C:\Program Files\Microsoft OneDrive\24.025.0204.0003\FileSyncShell64.dll [2024-03-10] (Microsoft Corporation -> Microsoft Corporation)
ShellIconOverlayIdentifiers: [ OneDrive6] -> {9AA2F32D-362A-42D9-9328-24A483E2CCC3} => C:\Program Files\Microsoft OneDrive\24.025.0204.0003\FileSyncShell64.dll [2024-03-10] (Microsoft Corporation -> Microsoft Corporation)
ShellIconOverlayIdentifiers: [ OneDrive7] -> {C5FF006E-2AE9-408C-B85B-2DFDD5449D9C} => C:\Program Files\Microsoft OneDrive\24.025.0204.0003\FileSyncShell64.dll [2024-03-10] (Microsoft Corporation -> Microsoft Corporation)
ShellIconOverlayIdentifiers: [ShareOverlay] -> {594D4122-1F87-41E2-96C7-825FB4796516} => C:\Program Files\Classic Shell\ClassicExplorer64.dll [2018-07-15] (Ivaylo Beltchev -> IvoSoft) [File not signed]
ShellIconOverlayIdentifiers-x32: [ OneDrive1] -> {BBACC218-34EA-4666-9D7A-C78F2274A524} => C:\Program Files\Microsoft OneDrive\24.025.0204.0003\FileSyncShell64.dll [2024-03-10] (Microsoft Corporation -> Microsoft Corporation)
ShellIconOverlayIdentifiers-x32: [ OneDrive2] -> {5AB7172C-9C11-405C-8DD5-AF20F3606282} => C:\Program Files\Microsoft OneDrive\24.025.0204.0003\FileSyncShell64.dll [2024-03-10] (Microsoft Corporation -> Microsoft Corporation)
ShellIconOverlayIdentifiers-x32: [ OneDrive3] -> {A78ED123-AB77-406B-9962-2A5D9D2F7F30} => C:\Program Files\Microsoft OneDrive\24.025.0204.0003\FileSyncShell64.dll [2024-03-10] (Microsoft Corporation -> Microsoft Corporation)
ShellIconOverlayIdentifiers-x32: [ OneDrive4] -> {F241C880-6982-4CE5-8CF7-7085BA96DA5A} => C:\Program Files\Microsoft OneDrive\24.025.0204.0003\FileSyncShell64.dll [2024-03-10] (Microsoft Corporation -> Microsoft Corporation)
ShellIconOverlayIdentifiers-x32: [ OneDrive5] -> {A0396A93-DC06-4AEF-BEE9-95FFCCAEF20E} => C:\Program Files\Microsoft OneDrive\24.025.0204.0003\FileSyncShell64.dll [2024-03-10] (Microsoft Corporation -> Microsoft Corporation)
ShellIconOverlayIdentifiers-x32: [ OneDrive6] -> {9AA2F32D-362A-42D9-9328-24A483E2CCC3} => C:\Program Files\Microsoft OneDrive\24.025.0204.0003\FileSyncShell64.dll [2024-03-10] (Microsoft Corporation -> Microsoft Corporation)
ShellIconOverlayIdentifiers-x32: [ OneDrive7] -> {C5FF006E-2AE9-408C-B85B-2DFDD5449D9C} => C:\Program Files\Microsoft OneDrive\24.025.0204.0003\FileSyncShell64.dll [2024-03-10] (Microsoft Corporation -> Microsoft Corporation)
ShellIconOverlayIdentifiers-x32: [ShareOverlay] -> {594D4122-1F87-41E2-96C7-825FB4796516} => C:\Program Files\Classic Shell\ClassicExplorer64.dll [2018-07-15] (Ivaylo Beltchev -> IvoSoft) [File not signed]
ContextMenuHandlers1: [ FileSyncEx] -> {CB3D0F55-BC2C-4C1A-85ED-23ED75B5106B} => C:\Program Files\Microsoft OneDrive\24.025.0204.0003\FileSyncShell64.dll [2024-03-10] (Microsoft Corporation -> Microsoft Corporation)
ContextMenuHandlers1: [AABdzCtx] -> {5B69A6B4-393B-459C-8EBB-214237A9E7AC} => C:\Program Files\Bandizip\bdzshl.x64.dll [2023-01-19] (Bandisoft -> Bandisoft International Inc.)
ContextMenuHandlers2: [AABdzCtx] -> {5B69A6B4-393B-459C-8EBB-214237A9E7AC} => C:\Program Files\Bandizip\bdzshl.x64.dll [2023-01-19] (Bandisoft -> Bandisoft International Inc.)
ContextMenuHandlers4: [ FileSyncEx] -> {CB3D0F55-BC2C-4C1A-85ED-23ED75B5106B} => C:\Program Files\Microsoft OneDrive\24.025.0204.0003\FileSyncShell64.dll [2024-03-10] (Microsoft Corporation -> Microsoft Corporation)
ContextMenuHandlers4: [AABdzCtx] -> {5B69A6B4-393B-459C-8EBB-214237A9E7AC} => C:\Program Files\Bandizip\bdzshl.x64.dll [2023-01-19] (Bandisoft -> Bandisoft International Inc.)
ContextMenuHandlers5: [ FileSyncEx] -> {CB3D0F55-BC2C-4C1A-85ED-23ED75B5106B} => C:\Program Files\Microsoft OneDrive\24.025.0204.0003\FileSyncShell64.dll [2024-03-10] (Microsoft Corporation -> Microsoft Corporation)
ContextMenuHandlers5: [AABdzCtx] -> {5B69A6B4-393B-459C-8EBB-214237A9E7AC} => C:\Program Files\Bandizip\bdzshl.x64.dll [2023-01-19] (Bandisoft -> Bandisoft International Inc.)
ContextMenuHandlers5: [NvCplDesktopContext] -> {3D1975AF-48C6-4f8e-A182-BE0E08FA86A9} => C:\Windows\System32\DriverStore\FileRepository\nvgbdig.inf_amd64_82eb686a406694a3\nvshext.dll [2023-05-25] (NVIDIA Corporation -> NVIDIA Corporation)
ContextMenuHandlers6: [StartMenuExt] -> {E595F05F-903F-4318-8B0A-7F633B520D2B} => C:\Windows\system32\StartMenuHelper64.dll [2018-07-15] (Ivaylo Beltchev -> IvoSoft) [File not signed]
ContextMenuHandlers1_.DEFAULT: [ FileSyncEx] -> {CB3D0F55-BC2C-4C1A-85ED-23ED75B5106B} => C:\Program Files\Microsoft OneDrive\24.025.0204.0003\FileSyncShell64.dll [2024-03-10] (Microsoft Corporation -> Microsoft Corporation)
ContextMenuHandlers4_.DEFAULT: [ FileSyncEx] -> {CB3D0F55-BC2C-4C1A-85ED-23ED75B5106B} => C:\Program Files\Microsoft OneDrive\24.025.0204.0003\FileSyncShell64.dll [2024-03-10] (Microsoft Corporation -> Microsoft Corporation)
ContextMenuHandlers5_.DEFAULT: [ FileSyncEx] -> {CB3D0F55-BC2C-4C1A-85ED-23ED75B5106B} => C:\Program Files\Microsoft OneDrive\24.025.0204.0003\FileSyncShell64.dll [2024-03-10] (Microsoft Corporation -> Microsoft Corporation)
ContextMenuHandlers1_S-1-5-21-4194677476-3627657768-3988829947-1001: [AABdzCtx] -> {5B69A6B4-393B-459C-8EBB-214237A9E7AC} => C:\Program Files\Bandizip\bdzshl.x64.dll [2023-01-19] (Bandisoft -> Bandisoft International Inc.)
ContextMenuHandlers2_S-1-5-21-4194677476-3627657768-3988829947-1001: [AABdzCtx] -> {5B69A6B4-393B-459C-8EBB-214237A9E7AC} => C:\Program Files\Bandizip\bdzshl.x64.dll [2023-01-19] (Bandisoft -> Bandisoft International Inc.)
ContextMenuHandlers4_S-1-5-21-4194677476-3627657768-3988829947-1001: [AABdzCtx] -> {5B69A6B4-393B-459C-8EBB-214237A9E7AC} => C:\Program Files\Bandizip\bdzshl.x64.dll [2023-01-19] (Bandisoft -> Bandisoft International Inc.)
ContextMenuHandlers5_S-1-5-21-4194677476-3627657768-3988829947-1001: [AABdzCtx] -> {5B69A6B4-393B-459C-8EBB-214237A9E7AC} => C:\Program Files\Bandizip\bdzshl.x64.dll [2023-01-19] (Bandisoft -> Bandisoft International Inc.)

==================== Codecs (Whitelisted) ====================

==================== Shortcuts & WMI ========================

(The entries could be listed to be restored or removed.)

Shortcut: C:\Users\Boss\Desktop\Minecraft.lnk -> C:\Users\Boss\AppData\Roaming\.minecraft\start.bat ()
Shortcut: C:\Users\Boss\Desktop\Hry\Minecraft.lnk -> C:\Users\Boss\AppData\Roaming\.minecraft\start.bat ()
ShortcutWithArgument: C:\Users\Boss\Desktop\Microsoft Edge.lnk -> C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe (Microsoft Corporation) -> --profile-directory="Default"
ShortcutWithArgument: C:\Users\Boss\Desktop\Satoru (Satoru Gojo) - Chrome.lnk -> C:\Program Files\Google\Chrome\Application\chrome.exe (Google LLC) -> --profile-directory="Default"
ShortcutWithArgument: C:\Users\Boss\Desktop\YouTube.lnk -> C:\Program Files\Google\Chrome\Application\chrome_proxy.exe (Google LLC) -> --profile-directory=Default --app-id=agimnkijcaahngcdmfeangaknmldooml
ShortcutWithArgument: C:\Users\Boss\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Aplikace Chrome\Disk Google.lnk -> C:\Program Files\Google\Chrome\Application\chrome_proxy.exe (Google LLC) -> --profile-directory="Profile 1" --app-id=aghbiahbpaijignceidepookljebhfak
ShortcutWithArgument: C:\Users\Boss\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Aplikace Chrome\Dokumenty.lnk -> C:\Program Files\Google\Chrome\Application\chrome_proxy.exe (Google LLC) -> --profile-directory="Profile 1" --app-id=mpnpojknpmmopombnjdcgaaiekajbnjb
ShortcutWithArgument: C:\Users\Boss\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Aplikace Chrome\Gmail.lnk -> C:\Program Files\Google\Chrome\Application\chrome_proxy.exe (Google LLC) -> --profile-directory="Profile 1" --app-id=fmgjjmmmlfnkbppncabfkddbjimcfncm
ShortcutWithArgument: C:\Users\Boss\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Aplikace Chrome\Prezentace.lnk -> C:\Program Files\Google\Chrome\Application\chrome_proxy.exe (Google LLC) -> --profile-directory="Profile 1" --app-id=kefjledonklijopmnomlcbpllchaibag
ShortcutWithArgument: C:\Users\Boss\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Aplikace Chrome\Tabulky.lnk -> C:\Program Files\Google\Chrome\Application\chrome_proxy.exe (Google LLC) -> --profile-directory="Profile 1" --app-id=fhihpiojkbmbpdjeoajapmgkhlnakfjf
ShortcutWithArgument: C:\Users\Boss\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Aplikace Chrome\YouTube.lnk -> C:\Program Files\Google\Chrome\Application\chrome_proxy.exe (Google LLC) -> --profile-directory=Default --app-id=agimnkijcaahngcdmfeangaknmldooml
ShortcutWithArgument: C:\Users\Boss\AppData\Roaming\Microsoft\Internet Explorer\Quick Launch\User Pinned\TaskBar\YouTube.lnk -> C:\Program Files\Google\Chrome\Application\chrome_proxy.exe (Google LLC) -> --profile-directory=Default --app-id=agimnkijcaahngcdmfeangaknmldooml
ShortcutWithArgument: C:\Users\Boss\AppData\Roaming\Microsoft\Internet Explorer\Quick Launch\User Pinned\ImplicitAppShortcuts\9501e18d7c2ab92e\Max (Maxim) - Chrome.lnk -> C:\Program Files\Google\Chrome\Application\chrome.exe (Google LLC) -> --profile-directory="Profile 2"

==================== Loaded Modules (Whitelisted) =============

2024-02-27 16:10 - 2024-02-27 16:10 - 000356864 _____ (Benjamin Höglinger) [File not signed] C:\Windows\assembly\NativeImages_v4.0.30319_64\Libarius\d1f80afa7d5d94c93b9d7116f180ed4b\Libarius.ni.dll
2018-07-15 12:15 - 2018-07-15 12:15 - 003664696 _____ (Ivaylo Beltchev -> IvoSoft) [File not signed] C:\Program Files\Classic Shell\ClassicStartMenuDLL.dll
2018-07-15 12:15 - 2018-07-15 12:15 - 000291128 _____ (Ivaylo Beltchev -> IvoSoft) [File not signed] C:\Windows\system32\StartMenuHelper64.dll
2003-03-18 21:23 - 2003-03-18 21:23 - 000024576 _____ (Microsoft Corporation) [File not signed] C:\Program Files (x86)\Common Files\Microsoft Shared\VS7DEBUG\1029\mdmui.dll
2006-10-26 12:40 - 2006-10-26 12:40 - 000192512 _____ (Microsoft Corporation) [File not signed] C:\Program Files (x86)\Common Files\Microsoft Shared\VS7DEBUG\msdbg2.dll
2023-12-17 18:08 - 2023-12-17 18:08 - 000000000 ____L (Microsoft Corporation) [symlink -> C:\Program Files\Common Files\Microsoft Shared\ClickToRun\AppvIsvSubsystems64.dll] C:\Program Files\Microsoft Office\Root\Office16\AppVIsvSubsystems64.dll
2023-12-17 18:08 - 2023-12-17 18:08 - 000000000 ____L (Microsoft Corporation) [symlink -> C:\Program Files\Common Files\Microsoft Shared\ClickToRun\C2R64.dll] C:\Program Files\Microsoft Office\Root\Office16\c2r64.dll
2024-02-27 16:09 - 2024-02-27 16:09 - 000978432 _____ (The Apache Software Foundation) [File not signed] C:\Windows\assembly\NativeImages_v4.0.30319_64\log4net\38f78ad8f1b3ce12b81fe03103ae7d69\log4net.ni.dll

==================== Alternate Data Streams (Whitelisted) ========

==================== Safe Mode (Whitelisted) ==================

(If an entry is included in the fixlist, it will be removed from the registry. The "AlternateShell" will be restored.)

HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Network\AppXSVC => ""="Service"
HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Network\camsvc => ""="Service"
HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Network\MSIServer => ""="Service"

==================== Association (Whitelisted) =================

==================== Internet Explorer (Whitelisted) ==========

SearchScopes: HKU\S-1-5-21-4194677476-3627657768-3988829947-1001 -> DefaultScope {0633EE93-D776-472f-A0FF-E1416B8B2E3A} URL =
BHO: ExplorerBHO Class -> {449D0D6E-2412-4E61-B68F-1CB625CD9E52} -> C:\Program Files\Classic Shell\ClassicExplorer64.dll [2018-07-15] (Ivaylo Beltchev -> IvoSoft) [File not signed]
BHO: ClassicIEBHO Class -> {EA801577-E6AD-4BD5-8F71-4BE0154331A4} -> C:\Program Files\Classic Shell\ClassicIEDLL_64.dll [2018-07-15] (Ivaylo Beltchev -> IvoSoft) [File not signed]
BHO-x32: Skype for Business Browser Helper -> {31D09BA0-12F5-4CCE-BE8A-2923E76605DA} -> C:\Program Files\Microsoft Office\root\VFS\ProgramFilesX86\Microsoft Office\Office16\OCHelper.dll [2024-02-05] (Microsoft Corporation -> Microsoft Corporation)
BHO-x32: ExplorerBHO Class -> {449D0D6E-2412-4E61-B68F-1CB625CD9E52} -> C:\Program Files\Classic Shell\ClassicExplorer32.dll [2018-07-15] (Ivaylo Beltchev -> IvoSoft) [File not signed]
BHO-x32: Java(tm) Plug-In SSV Helper -> {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} -> C:\Program Files (x86)\Java\jre-1.8\bin\ssv.dll [2023-03-17] (Oracle America, Inc. -> Oracle Corporation)
BHO-x32: Java(tm) Plug-In 2 SSV Helper -> {DBC80044-A445-435b-BC74-9C25C1C588A9} -> C:\Program Files (x86)\Java\jre-1.8\bin\jp2ssv.dll [2023-03-17] (Oracle America, Inc. -> Oracle Corporation)
BHO-x32: ClassicIEBHO Class -> {EA801577-E6AD-4BD5-8F71-4BE0154331A4} -> C:\Program Files\Classic Shell\ClassicIEDLL_32.dll [2018-07-15] (Ivaylo Beltchev -> IvoSoft) [File not signed]
Toolbar: HKLM - Classic Explorer Bar - {553891B7-A0D5-4526-BE18-D3CE461D6310} - C:\Program Files\Classic Shell\ClassicExplorer64.dll [2018-07-15] (Ivaylo Beltchev -> IvoSoft) [File not signed]
Toolbar: HKLM-x32 - Classic Explorer Bar - {553891B7-A0D5-4526-BE18-D3CE461D6310} - C:\Program Files\Classic Shell\ClassicExplorer32.dll [2018-07-15] (Ivaylo Beltchev -> IvoSoft) [File not signed]
Handler: mso-minsb-roaming.16 - {83C25742-A9F7-49FB-9138-434302C88D07} - C:\Program Files\Microsoft Office\root\Office16\MSOSB.DLL [2024-03-10] (Microsoft Corporation -> Microsoft Corporation)
Handler-x32: mso-minsb-roaming.16 - {83C25742-A9F7-49FB-9138-434302C88D07} - C:\Program Files\Microsoft Office\root\VFS\ProgramFilesX86\Microsoft Office\Office16\MSOSB.DLL [2024-03-10] (Microsoft Corporation -> Microsoft Corporation)
Handler: mso-minsb.16 - {42089D2D-912D-4018-9087-2B87803E93FB} - C:\Program Files\Microsoft Office\root\Office16\MSOSB.DLL [2024-03-10] (Microsoft Corporation -> Microsoft Corporation)
Handler-x32: mso-minsb.16 - {42089D2D-912D-4018-9087-2B87803E93FB} - C:\Program Files\Microsoft Office\root\VFS\ProgramFilesX86\Microsoft Office\Office16\MSOSB.DLL [2024-03-10] (Microsoft Corporation -> Microsoft Corporation)
Handler: osf-roaming.16 - {42089D2D-912D-4018-9087-2B87803E93FB} - C:\Program Files\Microsoft Office\root\Office16\MSOSB.DLL [2024-03-10] (Microsoft Corporation -> Microsoft Corporation)
Handler-x32: osf-roaming.16 - {42089D2D-912D-4018-9087-2B87803E93FB} - C:\Program Files\Microsoft Office\root\VFS\ProgramFilesX86\Microsoft Office\Office16\MSOSB.DLL [2024-03-10] (Microsoft Corporation -> Microsoft Corporation)
Handler: osf.16 - {5504BE45-A83B-4808-900A-3A5C36E7F77A} - C:\Program Files\Microsoft Office\root\Office16\MSOSB.DLL [2024-03-10] (Microsoft Corporation -> Microsoft Corporation)
Handler-x32: osf.16 - {5504BE45-A83B-4808-900A-3A5C36E7F77A} - C:\Program Files\Microsoft Office\root\VFS\ProgramFilesX86\Microsoft Office\Office16\MSOSB.DLL [2024-03-10] (Microsoft Corporation -> Microsoft Corporation)

(If an entry is included in the fixlist, it will be removed from the registry.)

IE trusted site: HKU\S-1-5-21-4194677476-3627657768-3988829947-1001\...\sharepoint.com -> hxxps://zsdolnihbity-files.sharepoint.com

==================== Hosts content: =========================

(If needed Hosts: directive could be included in the fixlist to reset Hosts.)

2019-12-07 10:14 - 2019-12-07 10:12 - 000000824 _____ C:\Windows\system32\drivers\etc\hosts

==================== Other Areas ===========================

(Currently there is no automatic fix for this section.)

HKLM\System\CurrentControlSet\Control\Session Manager\Environment\\Path -> C:\Program Files (x86)\NVIDIA Corporation\PhysX\Common;C:\Program Files (x86)\Common Files\Oracle\Java\javapath;%SystemRoot%\system32;%SystemRoot%;%SystemRoot%\System32\Wbem;%SYSTEMROOT%\System32\WindowsPowerShell\v1.0\;%SYSTEMROOT%\System32\OpenSSH\;C:\Program Files\Bandizip\
HKU\S-1-5-21-4194677476-3627657768-3988829947-1001\Control Panel\Desktop\\Wallpaper -> C:\Users\Boss\Desktop\Jujutsu kaisen\f75750c4cff421ad52938bd684aaa060.jpg
DNS Servers: 192.168.2.1
HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Policies\System => (ConsentPromptBehaviorAdmin: 5) (ConsentPromptBehaviorUser: 3) (EnableLUA: 1)
Windows Firewall is enabled.

==================== MSCONFIG/TASK MANAGER disabled items ==

(If an entry is included in the fixlist, it will be removed.)

HKU\S-1-5-21-4194677476-3627657768-3988829947-1001\...\StartupApproved\Run: => "OneDrive"
HKU\S-1-5-21-4194677476-3627657768-3988829947-1001\...\StartupApproved\Run: => "MicrosoftEdgeAutoLaunch_B14DBBE1EF03929244E921C90BE13BF3"
HKU\S-1-5-21-4194677476-3627657768-3988829947-1001\...\StartupApproved\Run: => "Opera Stable"
HKU\S-1-5-21-4194677476-3627657768-3988829947-1001\...\StartupApproved\Run: => "com.squirrel.Teams.Teams"

==================== FirewallRules (Whitelisted) ================

(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)

FirewallRules: [TCP Query User{97E70A10-E636-4EEA-B63D-743FC36EF6C3}D:\games\crash bandicoot n sane trilogy\crashbandicootnsanetrilogy.exe] => (Allow) D:\games\crash bandicoot n sane trilogy\crashbandicootnsanetrilogy.exe (Activision Publishing Inc -> ) [File not signed]
FirewallRules: [UDP Query User{9C64D3D0-5331-4A55-ADC3-D76A0E3F8CAD}D:\games\crash bandicoot n sane trilogy\crashbandicootnsanetrilogy.exe] => (Allow) D:\games\crash bandicoot n sane trilogy\crashbandicootnsanetrilogy.exe (Activision Publishing Inc -> ) [File not signed]
FirewallRules: [TCP Query User{DA1CCEC8-71BB-43C7-B906-38302F9D8CD8}C:\users\boss\appdata\roaming\.tlauncher\jvms\jre1.8.0_281\bin\javaw.exe] => (Allow) C:\users\boss\appdata\roaming\.tlauncher\jvms\jre1.8.0_281\bin\javaw.exe
FirewallRules: [UDP Query User{BE9715FE-DDE2-49C4-8CC5-8FADB9065532}C:\users\boss\appdata\roaming\.tlauncher\jvms\jre1.8.0_281\bin\javaw.exe] => (Allow) C:\users\boss\appdata\roaming\.tlauncher\jvms\jre1.8.0_281\bin\javaw.exe
FirewallRules: [TCP Query User{40FDD4C0-39DA-4D8B-AD76-6B3B7B673D9C}D:\games\far cry - primal\bin\fcprimal.exe] => (Allow) D:\games\far cry - primal\bin\fcprimal.exe (UBISOFT ENTERTAINMENT INC. -> Ubisoft Entertainment)
FirewallRules: [UDP Query User{6DB4C53E-09E6-45C4-8ACA-A00BAD58AA25}D:\games\far cry - primal\bin\fcprimal.exe] => (Allow) D:\games\far cry - primal\bin\fcprimal.exe (UBISOFT ENTERTAINMENT INC. -> Ubisoft Entertainment)
FirewallRules: [TCP Query User{ED55C08E-BAF8-4C9A-AC82-D2E02037A619}D:\games\the sims 4 dream home decorator\game\bin\ts4_x64.exe] => (Allow) D:\games\the sims 4 dream home decorator\game\bin\ts4_x64.exe (Electronic Arts Inc.) [File not signed]
FirewallRules: [UDP Query User{B22CF530-752D-44B0-9C93-4ABFA2A89F23}D:\games\the sims 4 dream home decorator\game\bin\ts4_x64.exe] => (Allow) D:\games\the sims 4 dream home decorator\game\bin\ts4_x64.exe (Electronic Arts Inc.) [File not signed]
FirewallRules: [TCP Query User{C5266588-0301-4A43-B32C-741A95B353BA}C:\users\boss\appdata\roaming\.minecraft\runtime\java-runtime-gamma\windows\java-runtime-gamma\bin\javaw.exe] => (Allow) C:\users\boss\appdata\roaming\.minecraft\runtime\java-runtime-gamma\windows\java-runtime-gamma\bin\javaw.exe
FirewallRules: [UDP Query User{5923D673-8782-4D2D-954E-59CB1827B276}C:\users\boss\appdata\roaming\.minecraft\runtime\java-runtime-gamma\windows\java-runtime-gamma\bin\javaw.exe] => (Allow) C:\users\boss\appdata\roaming\.minecraft\runtime\java-runtime-gamma\windows\java-runtime-gamma\bin\javaw.exe
FirewallRules: [TCP Query User{48065DF4-DED4-45DF-BD70-B10979DCC075}C:\users\boss\appdata\roaming\.minecraft\runtime\java-runtime-alpha\windows\java-runtime-alpha\bin\javaw.exe] => (Allow) C:\users\boss\appdata\roaming\.minecraft\runtime\java-runtime-alpha\windows\java-runtime-alpha\bin\javaw.exe
FirewallRules: [UDP Query User{0D2580F1-3460-4326-9E60-10F84F31B3CC}C:\users\boss\appdata\roaming\.minecraft\runtime\java-runtime-alpha\windows\java-runtime-alpha\bin\javaw.exe] => (Allow) C:\users\boss\appdata\roaming\.minecraft\runtime\java-runtime-alpha\windows\java-runtime-alpha\bin\javaw.exe
FirewallRules: [{0E1E5068-EA78-4262-9A9D-C810FFE39FDC}] => (Allow) C:\Program Files\Mozilla Thunderbird\thunderbird.exe (Mozilla Corporation -> Mozilla Corporation)
FirewallRules: [{6F101244-CAE5-4A14-86B2-2DA4203DCFF3}] => (Allow) C:\Program Files\Mozilla Thunderbird\thunderbird.exe (Mozilla Corporation -> Mozilla Corporation)
FirewallRules: [{4DA7D1C4-D2A6-4C2C-9EC0-4648F781E5EC}] => (Allow) C:\Program Files\Mozilla Thunderbird\thunderbird.exe (Mozilla Corporation -> Mozilla Corporation)
FirewallRules: [{6533A1E3-8392-4B34-9AE9-3676A99E3422}] => (Allow) C:\Program Files\Mozilla Thunderbird\thunderbird.exe (Mozilla Corporation -> Mozilla Corporation)
FirewallRules: [{8EDD8B67-799F-4AC5-9A8D-9C0ADDF17C0C}] => (Allow) C:\Program Files\Mozilla Firefox\firefox.exe (Mozilla Corporation -> Mozilla Corporation)
FirewallRules: [{4B56E729-8644-4D60-A2A3-AA3EF1A31BB8}] => (Allow) C:\Program Files\Mozilla Firefox\firefox.exe (Mozilla Corporation -> Mozilla Corporation)
FirewallRules: [TCP Query User{75ED434E-A429-444A-B699-A41242B0D5D3}C:\program files\mozilla firefox\firefox.exe] => (Allow) C:\program files\mozilla firefox\firefox.exe (Mozilla Corporation -> Mozilla Corporation)
FirewallRules: [UDP Query User{8D48C654-5712-4421-8AE4-C5EF95AB264C}C:\program files\mozilla firefox\firefox.exe] => (Allow) C:\program files\mozilla firefox\firefox.exe (Mozilla Corporation -> Mozilla Corporation)
FirewallRules: [TCP Query User{217DF551-01F1-47B1-91B3-E837134228DB}C:\program files\totalcmd\totalcmd64.exe] => (Allow) C:\program files\totalcmd\totalcmd64.exe (Ghisler Software GmbH -> Ghisler Software GmbH)
FirewallRules: [UDP Query User{65E5CB20-4084-4375-A2A6-A677903929DB}C:\program files\totalcmd\totalcmd64.exe] => (Allow) C:\program files\totalcmd\totalcmd64.exe (Ghisler Software GmbH -> Ghisler Software GmbH)
FirewallRules: [{6BF6D402-E33C-44A3-A37F-6330F6BF1533}] => (Allow) C:\Program Files\Microsoft Office\root\Office16\outlook.exe (Microsoft Corporation -> Microsoft Corporation)
FirewallRules: [{8C1B382A-FD16-4580-AEE6-63128C040C81}] => (Allow) C:\Program Files (x86)\Steam\Steam.exe (Valve Corp. -> Valve Corporation)
FirewallRules: [{F839EB32-1A45-44F6-94A9-444D5A6BBE2A}] => (Allow) C:\Program Files (x86)\Steam\Steam.exe (Valve Corp. -> Valve Corporation)
FirewallRules: [{FAD2A8FA-80E9-4AF4-A55B-4E2C35B0B54A}] => (Allow) C:\Program Files (x86)\Steam\bin\cef\cef.win7x64\steamwebhelper.exe (Valve Corp. -> Valve Corporation)
FirewallRules: [{7426F4BE-7CC6-4E92-9FA3-1814E4304337}] => (Allow) C:\Program Files (x86)\Steam\bin\cef\cef.win7x64\steamwebhelper.exe (Valve Corp. -> Valve Corporation)
FirewallRules: [{A43448EC-2647-4646-8202-275852D2AE51}] => (Allow) C:\Program Files (x86)\Steam\steamapps\common\Mafia II Definitive Edition\2KLauncher\LauncherPatcher.exe (Take-Two Interactive Software, Inc. -> Take-Two Interactive Software, Inc.)
FirewallRules: [{F33B70FF-EC9A-4365-932F-DC25470DDA01}] => (Allow) C:\Program Files (x86)\Steam\steamapps\common\Mafia II Definitive Edition\2KLauncher\LauncherPatcher.exe (Take-Two Interactive Software, Inc. -> Take-Two Interactive Software, Inc.)
FirewallRules: [TCP Query User{82490FE6-C72D-44E6-BBF9-4011CABF2027}C:\users\boss\appdata\roaming\.tlauncher\jvms\jre1.8.0_281\bin\javaw.exe] => (Allow) C:\users\boss\appdata\roaming\.tlauncher\jvms\jre1.8.0_281\bin\javaw.exe
FirewallRules: [UDP Query User{0434B749-A487-446E-B6E7-692035DFA8FC}C:\users\boss\appdata\roaming\.tlauncher\jvms\jre1.8.0_281\bin\javaw.exe] => (Allow) C:\users\boss\appdata\roaming\.tlauncher\jvms\jre1.8.0_281\bin\javaw.exe
FirewallRules: [TCP Query User{23A93CA6-723C-47B7-8EB8-BDC623B02694}C:\users\boss\appdata\roaming\.minecraft\runtime\java-runtime-gamma\windows\java-runtime-gamma\bin\javaw.exe] => (Allow) C:\users\boss\appdata\roaming\.minecraft\runtime\java-runtime-gamma\windows\java-runtime-gamma\bin\javaw.exe
FirewallRules: [UDP Query User{643D7DC9-BEA6-4FF8-9811-619D5B7F438C}C:\users\boss\appdata\roaming\.minecraft\runtime\java-runtime-gamma\windows\java-runtime-gamma\bin\javaw.exe] => (Allow) C:\users\boss\appdata\roaming\.minecraft\runtime\java-runtime-gamma\windows\java-runtime-gamma\bin\javaw.exe
FirewallRules: [{D2112656-86DF-462B-A0B6-EA43305B0697}] => (Allow) C:\Program Files\WindowsApps\Microsoft.SkypeApp_15.113.3210.0_x64__kzf8qxf38zg5c\Skype\Skype.exe (Skype Software Sarl -> Skype Technologies S.A.)
FirewallRules: [{C0BB5EF5-8A1C-4ED3-BDB8-CF83A481FB26}] => (Allow) C:\Program Files\WindowsApps\Microsoft.SkypeApp_15.113.3210.0_x64__kzf8qxf38zg5c\Skype\Skype.exe (Skype Software Sarl -> Skype Technologies S.A.)
FirewallRules: [{29885E6F-91D4-4197-94FE-EC0992CCE2B7}] => (Allow) C:\Program Files\WindowsApps\Microsoft.SkypeApp_15.113.3210.0_x64__kzf8qxf38zg5c\Skype\Skype.exe (Skype Software Sarl -> Skype Technologies S.A.)
FirewallRules: [{20F19FF1-C9F2-44AE-8B17-8FFDCC0EC663}] => (Allow) C:\Program Files\WindowsApps\Microsoft.SkypeApp_15.113.3210.0_x64__kzf8qxf38zg5c\Skype\Skype.exe (Skype Software Sarl -> Skype Technologies S.A.)
FirewallRules: [{198020FD-2AE3-4723-80D7-6309443C9B8E}] => (Allow) C:\Program Files (x86)\Microsoft\EdgeWebView\Application\122.0.2365.80\msedgewebview2.exe (Microsoft Corporation -> Microsoft Corporation)
FirewallRules: [TCP Query User{21AE39FC-4E66-4BAB-AA1E-6410A6364B8C}C:\users\boss\appdata\roaming\.tlauncher\starter\jre_default\jre-17.0.9-windows-x64\bin\java.exe] => (Allow) C:\users\boss\appdata\roaming\.tlauncher\starter\jre_default\jre-17.0.9-windows-x64\bin\java.exe
FirewallRules: [UDP Query User{3E45AA19-187B-4399-A380-F9A16C0E1B6C}C:\users\boss\appdata\roaming\.tlauncher\starter\jre_default\jre-17.0.9-windows-x64\bin\java.exe] => (Allow) C:\users\boss\appdata\roaming\.tlauncher\starter\jre_default\jre-17.0.9-windows-x64\bin\java.exe
FirewallRules: [{A8C6F5B2-1BBB-4882-AFF1-96382EAE96F1}] => (Allow) C:\Program Files (x86)\360\Total Security\360TsLiveUpd.exe => No File
FirewallRules: [{CAF2281A-C86E-4E64-A88A-2FB8DB7CA80F}] => (Allow) C:\Program Files (x86)\360\Total Security\360TsLiveUpd.exe => No File
FirewallRules: [{61A91740-8229-436B-A045-7F809FA94A6E}] => (Allow) C:\Program Files\WindowsApps\MSTeams_24033.811.2738.2546_x64__8wekyb3d8bbwe\ms-teams.exe (Microsoft Corporation -> Microsoft Corporation)
FirewallRules: [{5CF7FC2B-CF0C-4E72-AAB3-C0809CD025D1}] => (Allow) C:\Program Files\WindowsApps\MSTeams_24033.811.2738.2546_x64__8wekyb3d8bbwe\ms-teams.exe (Microsoft Corporation -> Microsoft Corporation)
FirewallRules: [TCP Query User{C0560BB6-8E26-428A-8EB9-8C91F5E8C2B6}D:\games\the sims 4 dream home decorator\game\bin\ts4_x64.exe] => (Allow) D:\games\the sims 4 dream home decorator\game\bin\ts4_x64.exe (Electronic Arts Inc.) [File not signed]
FirewallRules: [UDP Query User{B3B492CE-C8C5-4EDB-842C-CDC10D59ED62}D:\games\the sims 4 dream home decorator\game\bin\ts4_x64.exe] => (Allow) D:\games\the sims 4 dream home decorator\game\bin\ts4_x64.exe (Electronic Arts Inc.) [File not signed]
FirewallRules: [{10EFBDF5-1F75-46EC-85E9-A85C476F5030}] => (Allow) C:\Program Files\Google\Chrome\Application\chrome.exe (Google LLC -> Google LLC)

==================== Restore Points =========================


==================== Faulty Device Manager Devices ============


==================== Event log errors: ========================

Application errors:
==================
Error: (03/13/2024 05:34:00 PM) (Source: SecurityCenter) (EventID: 17) (User: )
Description: Centru zabezpečení se nepodařilo ověřit volajícího s chybou %1.

Error: (03/13/2024 05:12:23 PM) (Source: Microsoft-Windows-PerfNet) (EventID: 2004) (User: KACKA)
Description: Nelze otevřít objekt výkonu služby serveru. Vrácený kód stavu představují první čtyři bajty (DWORD) datové části.

Error: (03/13/2024 04:21:23 PM) (Source: Firefox Default Browser Agent) (EventID: 2) (User: )
Description: Event-ID 2

Error: (03/13/2024 04:19:10 PM) (Source: SecurityCenter) (EventID: 17) (User: )
Description: Centru zabezpečení se nepodařilo ověřit volajícího s chybou %1.

Error: (03/12/2024 08:14:49 PM) (Source: SecurityCenter) (EventID: 16) (User: )
Description: Při aktualizaci stavu na SECURITY_PRODUCT_STATE_ON došlo k chybě.

Error: (03/12/2024 08:14:49 PM) (Source: SecurityCenter) (EventID: 17) (User: )
Description: Centru zabezpečení se nepodařilo ověřit volajícího s chybou %1.

Error: (03/12/2024 05:42:54 PM) (Source: Firefox Default Browser Agent) (EventID: 2) (User: )
Description: Event-ID 2

Error: (03/12/2024 05:42:00 PM) (Source: Microsoft-Windows-PerfNet) (EventID: 2004) (User: KACKA)
Description: Nelze otevřít objekt výkonu služby serveru. Vrácený kód stavu představují první čtyři bajty (DWORD) datové části.


System errors:
=============
Error: (03/13/2024 05:21:48 PM) (Source: volsnap) (EventID: 25) (User: )
Description: Stínové kopie svazku C: byly smazány, protože úložiště stínové kopie nebylo možné včas zvětšit. Zvažte možnost snížení vstupně-výstupního zatížení systému nebo zvolte svazek úložiště stínové kopie, pro který není vytvářena stínová kopie.

Error: (03/13/2024 05:12:51 PM) (Source: DCOM) (EventID: 10010) (User: KACKA)
Description: Server Windows.Gaming.GameBar.PresenceServer.Internal.PresenceWriter se v daném časovém limitu neregistroval u služby DCOM.

Error: (03/13/2024 04:56:42 PM) (Source: DCOM) (EventID: 10010) (User: KACKA)
Description: Server Windows.Gaming.GameBar.PresenceServer.Internal.PresenceWriter se v daném časovém limitu neregistroval u služby DCOM.

Error: (03/13/2024 04:52:00 PM) (Source: DCOM) (EventID: 10010) (User: KACKA)
Description: Server Windows.Gaming.GameBar.PresenceServer.Internal.PresenceWriter se v daném časovém limitu neregistroval u služby DCOM.

Error: (03/13/2024 04:47:48 PM) (Source: DCOM) (EventID: 10010) (User: KACKA)
Description: Server Windows.Gaming.GameBar.PresenceServer.Internal.PresenceWriter se v daném časovém limitu neregistroval u služby DCOM.

Error: (03/12/2024 08:16:14 PM) (Source: DCOM) (EventID: 10010) (User: KACKA)
Description: Server Windows.Gaming.GameBar.PresenceServer.Internal.PresenceWriter se v daném časovém limitu neregistroval u služby DCOM.

Error: (03/12/2024 08:14:34 PM) (Source: Service Control Manager) (EventID: 7006) (User: )
Description: Volání ScRegSetValueExW skončilo neúspěšné pro Description s touto chybou:
Přístup byl odepřen.

Error: (03/12/2024 08:12:27 PM) (Source: DCOM) (EventID: 10010) (User: KACKA)
Description: Server Windows.Gaming.GameBar.PresenceServer.Internal.PresenceWriter se v daném časovém limitu neregistroval u služby DCOM.


Windows Defender:
================
Date: 2024-03-10 18:53:20
Description:
Prohledávání Antivirová ochrana v programu Microsoft Defender bylo zastaveno před dokončením.
ID prohledávání: {BA477C24-883D-408B-8CF0-AD84E917119E}
Typ prohledávání: Antimalwarový program
Parametry prohledávání: Rychlé prohledávání
Uživatel: NT AUTHORITY\SYSTEM

Date: 2024-03-10 17:55:42
Description:
Prohledávání Antivirová ochrana v programu Microsoft Defender bylo zastaveno před dokončením.
ID prohledávání: {D731898D-72A3-419A-89D2-156BD5B26543}
Typ prohledávání: Antimalwarový program
Parametry prohledávání: Rychlé prohledávání
Uživatel: NT AUTHORITY\SYSTEM

Date: 2024-02-27 16:09:05
Description:
Prohledávání Antivirová ochrana v programu Microsoft Defender bylo zastaveno před dokončením.
ID prohledávání: {0884A038-9968-4C5B-BAA9-051E154F08BC}
Typ prohledávání: Antimalwarový program
Parametry prohledávání: Rychlé prohledávání
Uživatel: NT AUTHORITY\SYSTEM

Date: 2024-02-11 15:07:25
Description:
Prohledávání Antivirová ochrana v programu Microsoft Defender bylo zastaveno před dokončením.
ID prohledávání: {CBFC6906-C46B-4DB4-A77F-86D26BC6D95F}
Typ prohledávání: Antimalwarový program
Parametry prohledávání: Rychlé prohledávání
Uživatel: NT AUTHORITY\SYSTEM

Date: 2024-02-08 15:16:28
Description:
Prohledávání Antivirová ochrana v programu Microsoft Defender bylo zastaveno před dokončením.
ID prohledávání: {1E566F3F-0468-47AE-BBA2-1E5237BB82B9}
Typ prohledávání: Antimalwarový program
Parametry prohledávání: Rychlé prohledávání
Uživatel: NT AUTHORITY\SYSTEM
Event[0]:

Date: 2023-06-02 11:06:27
Description:
Funkce Ochrana v reálném čase u prohledávání Antivirová ochrana v programu Microsoft Defender zjistila chybu a došlo k jejímu selhání.
Funkce: Při přístupu
Kód chyby: 0x8007043c
Popis chyby: Tuto službu nelze spustit v nouzovém režimu.
Důvod: Antimalwarové bezpečnostní informace přestaly z neznámých důvodů fungovat. V některých případech se tento problém dá vyřešit restartováním služby.

CodeIntegrity:
===============
Date: 2024-03-13 17:34:00
Description:
Code Integrity determined that a process (\Device\HarddiskVolume2\Program Files (x86)\360\Total Security\safemon\WscReg.exe) attempted to load \Device\HarddiskVolume2\Program Files (x86)\360\Total Security\360Base.dll that did not meet the Custom 3 / Antimalware signing level requirements.

Date: 2024-03-13 16:46:09
Description:
Code Integrity determined that a process (\Device\HarddiskVolume2\Program Files\Google\Chrome\Application\chrome.exe) attempted to load \Device\HarddiskVolume2\Program Files (x86)\360\Total Security\safemon\chromesafe64.dll that did not meet the Microsoft signing level requirements.


==================== Memory info ===========================

BIOS: American Megatrends Inc. 0502 03/04/2017
Motherboard: ASUSTeK Computer INC. M5A78L-M LE/USB3
Processor: AMD FX(tm)-6300 Six-Core Processor
Percentage of memory in use: 48%
Total physical RAM: 8174.11 MB
Available physical RAM: 4209.17 MB
Total Virtual: 14062.11 MB
Available Virtual: 5986.38 MB

==================== Drives ================================

Drive c: () (Fixed) (Total:237.9 GB) (Free:9.97 GB) (Model: Apacer AS350 256GB ATA Device) NTFS
Drive d: (HRY) (Fixed) (Total:886.45 GB) (Free:685.34 GB) (Model: WDC WD20EZRZ-00Z5HB0 ATA Device) NTFS
Drive e: (DATA) (Fixed) (Total:976.56 GB) (Free:976.43 GB) (Model: WDC WD20EZRZ-00Z5HB0 ATA Device) NTFS

\\?\Volume{38d0b591-0000-0000-0000-100000000000}\ (Rezervováno systémem) (Fixed) (Total:0.05 GB) (Free:0.02 GB) NTFS
\\?\Volume{38d0b591-0000-0000-0000-107d3b000000}\ () (Fixed) (Total:0.52 GB) (Free:0.08 GB) NTFS

==================== MBR & Partition Table ====================

==========================================================
Disk: 0 (MBR Code: Windows 7/8/10) (Size: 238.5 GB) (Disk ID: 38D0B591)
Partition 1: (Active) - (Size=50 MB) - (Type=07 NTFS)
Partition 2: (Not Active) - (Size=237.9 GB) - (Type=07 NTFS)
Partition 3: (Not Active) - (Size=531 MB) - (Type=27)

==========================================================
Disk: 1 (MBR Code: Windows 7/8/10) (Size: 1863 GB) (Disk ID: 6E0FA70F)
Partition 1: (Not Active) - (Size=886.5 GB) - (Type=07 NTFS)
Partition 2: (Not Active) - (Size=976.6 GB) - (Type=07 NTFS)

==================== End of Addition.txt =======================

Scan result of Farbar Recovery Scan Tool (FRST) (x64) Version: 12.03.2024
Ran by Boss (administrator) on KACKA (13-03-2024 17:34:24)
Running from C:\Users\Boss\Desktop\FRST64.exe
Loaded Profiles: Boss
Platform: Microsoft Windows 10 Pro Version 22H2 19045.4046 (X64) Language: Čeština (Česko)
Default browser: FF
Boot Mode: Normal

==================== Processes (Whitelisted) =================

(If an entry is included in the fixlist, the process will be closed. The file will not be moved.)

(Advanced Micro Devices Inc. -> Advanced Micro Devices, Inc.) C:\Program Files\AMD\CNext\CNext\RadeonSoftware.exe
(C:\Program Files (x86)\Google\Update\GoogleUpdate.exe ->) (Google LLC -> Google LLC) C:\Program Files (x86)\Google\Update\1.3.36.372\GoogleCrashHandler.exe
(C:\Program Files (x86)\Google\Update\GoogleUpdate.exe ->) (Google LLC -> Google LLC) C:\Program Files (x86)\Google\Update\1.3.36.372\GoogleCrashHandler64.exe
(C:\Program Files (x86)\Steam\steam.exe ->) (Valve Corp. -> Valve Corporation) C:\Program Files (x86)\Steam\bin\cef\cef.win7x64\steamwebhelper.exe <7>
(C:\Program Files\AMD\CNext\CNext\AMDRSServ.exe ->) (Advanced Micro Devices Inc. -> Advanced Micro Devices, Inc.) C:\Program Files\AMD\CNext\CNext\amdow.exe
(C:\Program Files\AMD\CNext\CNext\AMDRSServ.exe ->) (Advanced Micro Devices Inc. -> Advanced Micro Devices, Inc.) C:\Program Files\AMD\CNext\CNext\AMDRSSrcExt.exe
(C:\Program Files\AMD\CNext\CNext\RadeonSoftware.exe ->) (Advanced Micro Devices Inc. -> Advanced Micro Devices, Inc.) C:\Program Files\AMD\CNext\CNext\cncmd.exe
(cmd.exe ->) (Advanced Micro Devices Inc. -> Advanced Micro Devices, Inc.) C:\Program Files\AMD\CNext\CNext\AMDRSServ.exe
(DriverStore\FileRepository\u0392064.inf_amd64_f5afb73c644105f0\B392017\atiesrxx.exe ->) (Advanced Micro Devices Inc. -> AMD) C:\Windows\System32\DriverStore\FileRepository\u0392064.inf_amd64_f5afb73c644105f0\B392017\atieclxx.exe
(explorer.exe ->) (3369D7DB-FC10-4DBB-A701-31D053DEF758 -> The NW.js Community) C:\Program Files\WindowsApps\63685TenBrowser.TenBrowser_1.7.78.0_neutral__q4wt7ke8hpbsc\VFS\AppData\TenBrowser\TenBrowser.exe <8>
(explorer.exe ->) (Ivaylo Beltchev -> IvoSoft) [File not signed] C:\Program Files\Classic Shell\ClassicStartMenu.exe
(explorer.exe ->) (Scarlet.Crush Productions) [File not signed] C:\Program Files\Nefarius Software Solutions\ScpToolkit\ScpTrayApp.exe
(explorer.exe ->) (Valve Corp. -> Valve Corporation) C:\Program Files (x86)\Steam\steam.exe
(Google LLC -> Google LLC) C:\Program Files (x86)\Google\Update\GoogleUpdate.exe
(Microsoft Windows -> Microsoft Corporation) C:\Windows\System32\cmd.exe
(Microsoft Windows -> Microsoft Corporation) C:\Windows\System32\MusNotifyIcon.exe
(Mozilla Corporation -> Mozilla Corporation) C:\Program Files\Mozilla Firefox\firefox.exe
(services.exe ->) (Advanced Micro Devices Inc. -> AMD) C:\Windows\System32\DriverStore\FileRepository\u0392064.inf_amd64_f5afb73c644105f0\B392017\atiesrxx.exe
(services.exe ->) (Microsoft Corporation -> Microsoft Corporation) C:\Program Files\Common Files\microsoft shared\ClickToRun\OfficeClickToRun.exe
(services.exe ->) (Microsoft Corporation) [File not signed] C:\Program Files (x86)\Common Files\Microsoft Shared\VS7DEBUG\mdm.exe
(services.exe ->) (Microsoft Windows Hardware Compatibility Publisher -> Advanced Micro Devices, Inc.) C:\Windows\System32\amdfendrsr.exe
(services.exe ->) (Microsoft Windows Publisher -> Microsoft Corporation) C:\ProgramData\Microsoft\Windows Defender\Platform\4.18.24010.12-0\MsMpEng.exe
(services.exe ->) (Microsoft Windows Publisher -> Microsoft Corporation) C:\ProgramData\Microsoft\Windows Defender\Platform\4.18.24010.12-0\NisSrv.exe
(services.exe ->) (Valve Corp. -> Valve Corporation) C:\Program Files (x86)\Common Files\Steam\steamservice.exe
(svchost.exe ->) (Microsoft Corporation -> Microsoft Corporation) C:\Program Files\Microsoft Office\root\Office16\SDXHelper.exe
(svchost.exe ->) (Microsoft Windows -> Microsoft Corporation) C:\Windows\System32\dllhost.exe <2>
(svchost.exe ->) (Microsoft Windows -> Microsoft Corporation) C:\Windows\System32\smartscreen.exe
(svchost.exe ->) (Microsoft Windows -> Microsoft Corporation) C:\Windows\SysWOW64\wbem\WmiPrvSE.exe

==================== Registry (Whitelisted) ===================

(If an entry is included in the fixlist, the registry item will be restored to default or removed. The file will not be moved.)

HKLM\...\Run: [Classic Start Menu] => C:\Program Files\Classic Shell\ClassicStartMenu.exe [163640 2018-07-15] (Ivaylo Beltchev -> IvoSoft) [File not signed]
HKLM-x32\...\Run: [TeamsMachineInstaller] => C:\Program Files (x86)\Teams Installer\Teams.exe [138214768 2022-11-03] (Microsoft Corporation -> Microsoft Corporation)
HKLM-x32\...\RunOnce: [360safeuninst_1f0fb7c2d13cc0c07ff2ca40747bc03e] => C:\Users\Boss\AppData\Local\Temp\1f0fb7c2d13cc0c07ff2ca40747bc03e_remove360.bat [642 2024-03-13] () [File not signed] <==== ATTENTION
HKU\S-1-5-21-4194677476-3627657768-3988829947-1001\...\Run: [MicrosoftEdgeAutoLaunch_B14DBBE1EF03929244E921C90BE13BF3] => "C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --no-startup-window --win-session-start [4060608 2024-03-07] (Microsoft Corporation -> Microsoft Corporation)
HKU\S-1-5-21-4194677476-3627657768-3988829947-1001\...\Run: [com.squirrel.Teams.Teams] => C:\Users\Boss\AppData\Local\Microsoft\Teams\Update.exe [2613704 2024-03-11] (Microsoft Corporation -> Microsoft Corporation)
HKU\S-1-5-21-4194677476-3627657768-3988829947-1001\...\Run: [Steam] => C:\Program Files (x86)\Steam\steam.exe [4384104 2024-03-06] (Valve Corp. -> Valve Corporation)
HKU\S-1-5-21-4194677476-3627657768-3988829947-1001\...\Policies\Explorer: [NoLowDiskSpaceChecks] 1
HKLM\Software\Microsoft\Active Setup\Installed Components: [{8A69D345-D564-463c-AFF1-A69D9E530F96}] -> C:\Program Files\Google\Chrome\Application\122.0.6261.128\Installer\chrmstp.exe [2024-03-13] (Google LLC -> Google LLC)
Startup: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Startup\ScpToolkit Tray Notifications.lnk [2023-11-16]
ShortcutTarget: ScpToolkit Tray Notifications.lnk -> C:\Program Files\Nefarius Software Solutions\ScpToolkit\ScpTrayApp.exe (Scarlet.Crush Productions) [File not signed]

==================== Scheduled Tasks (Whitelisted) =================

(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)

Task: {A586464B-1C0B-4C6B-B41F-2326CF3589FB} - System32\Tasks\AMDInstallLauncher => C:\Program Files\AMD\CIM\Bin64\InstallManagerApp.exe [1024440 2023-05-12] (Advanced Micro Devices Inc. -> Advanced Micro Devices, Inc.)
Task: {5E34B909-9A52-4865-BDBD-B897AA89CF92} - System32\Tasks\AMDLinkUpdate => C:\Program Files\AMD\CIM\Bin64\InstallManagerApp.exe [1024440 2023-05-12] (Advanced Micro Devices Inc. -> Advanced Micro Devices, Inc.)
Task: {F47AA8C2-369F-48BF-A8B2-4805FCE6D29E} - System32\Tasks\Microsoft\Office\Office Automatic Updates 2.0 => C:\Program Files\Common Files\Microsoft Shared\ClickToRun\OfficeC2RClient.exe [28491856 2024-03-10] (Microsoft Corporation -> Microsoft Corporation)
Task: {9A418831-81E3-413B-B532-E16F0AEFA1B2} - System32\Tasks\Microsoft\Office\Office ClickToRun Service Monitor => C:\Program Files\Common Files\Microsoft Shared\ClickToRun\OfficeC2RClient.exe [28491856 2024-03-10] (Microsoft Corporation -> Microsoft Corporation)
Task: {E2F8FB0D-1AEF-44E1-AC68-4115778E6A4B} - System32\Tasks\Microsoft\Office\Office Feature Updates => C:\Program Files\Microsoft Office\root\Office16\sdxhelper.exe [309320 2024-03-10] (Microsoft Corporation -> Microsoft Corporation)
Task: {864F3A59-9063-4D91-9E83-6B60F4764706} - System32\Tasks\Microsoft\Office\Office Feature Updates Logon => C:\Program Files\Microsoft Office\root\Office16\sdxhelper.exe [309320 2024-03-10] (Microsoft Corporation -> Microsoft Corporation)
Task: {0C27CB30-0792-4BD1-85E9-424ADF68C7D9} - System32\Tasks\Microsoft\Office\Office Performance Monitor => C:\Program Files\Microsoft Office\root\VFS\ProgramFilesCommonX64\Microsoft Shared\Office16\operfmon.exe [170024 2024-03-10] (Microsoft Corporation -> Microsoft Corporation)
Task: {CB5C9A94-1D11-4198-B84D-717C42035532} - System32\Tasks\ModifyLinkUpdate => C:\Program Files\AMD\CIM\Bin64\InstallManagerApp.exe [1024440 2023-05-12] (Advanced Micro Devices Inc. -> Advanced Micro Devices, Inc.)
Task: {D02BC8F4-4DB1-4744-BB50-8E20F43811A3} - System32\Tasks\Mozilla\Firefox Background Update 308046B0AF4A39CB => C:\Program Files\Mozilla Firefox\firefox.exe [671136 2024-02-24] (Mozilla Corporation -> Mozilla Corporation) -> --MOZ_LOG sync,prependheader,timestamp,append,maxsize:1,Dump:5 --MOZ_LOG_FILE C:\ProgramData\Mozilla-1de4eec8-1241-4177-a864-e594e8d1fb38\updates\308046B0AF4A39CB\backgroundupdate.moz_log --backgroundtask backgroundupdate
Task: {563A8251-AD39-433F-A7C7-AC7C2AA1B402} - System32\Tasks\Mozilla\Firefox Default Browser Agent 308046B0AF4A39CB => C:\Program Files\Mozilla Firefox\default-browser-agent.exe [34720 2024-02-24] (Mozilla Corporation -> Mozilla Foundation)
Task: {20615B0A-257E-4FB6-9EF1-87BFEBACCBFE} - System32\Tasks\OneDrive Per-Machine Standalone Update Task => C:\Program Files\Microsoft OneDrive\OneDriveStandaloneUpdater.exe [4206512 2024-03-10] (Microsoft Corporation -> Microsoft Corporation)
Task: {D1100223-0CF2-4641-A2AB-7B402662D20F} - System32\Tasks\OneDrive Reporting Task-S-1-5-21-4194677476-3627657768-3988829947-1001 => C:\Program Files\Microsoft OneDrive\OneDriveStandaloneUpdater.exe [4206512 2024-03-10] (Microsoft Corporation -> Microsoft Corporation)
Task: {914A219D-7963-4543-9885-1F16CF4AF0BA} - System32\Tasks\StartCN => C:\Program Files\AMD\CNext\CNext\cncmd.exe [59832 2023-05-12] (Advanced Micro Devices Inc. -> Advanced Micro Devices, Inc.)
Task: {4EC054BD-ADF2-4CA5-A888-591C366F8B6F} - System32\Tasks\StartDVR => C:\Program Files\AMD\CNext\CNext\RSServCmd.exe [291768 2023-05-12] (Advanced Micro Devices Inc. -> Advanced Micro Devices, Inc.)
Task: {02776A18-1449-41A4-85BD-EA589F8FC419} - System32\Tasks\updater => C:\Program Files\Nefarius Software Solutions\ScpToolkit\ScpUpdater.exe [464384 2016-01-10] (Nefarius Software Solutions) [File not signed]

(If an entry is included in the fixlist, the task (.job) file will be moved. The file which is running by the task will not be moved.)


==================== Internet (Whitelisted) ====================

(If an item is included in the fixlist, if it is a registry item it will be removed or restored to default.)

Tcpip\Parameters: [DhcpNameServer] 192.168.2.1
Tcpip\..\Interfaces\{2c1f5d8d-c472-4be5-bf65-1aa1ea30054c}: [DhcpNameServer] 192.168.2.1
HKLM\SOFTWARE\Policies\Microsoft\Internet Explorer: Restriction <==== ATTENTION

Edge:
=======
Edge DefaultProfile: Default
Edge Profile: C:\Users\Boss\AppData\Local\Microsoft\Edge\User Data\Default [2024-03-12]
Edge Extension: (Dokumenty Google offline) - C:\Users\Boss\AppData\Local\Microsoft\Edge\User Data\Default\Extensions\ghbmnnjooekpmoecnnnilnnbdlolhkhi [2024-03-11]
Edge Extension: (Edge relevant text changes) - C:\Users\Boss\AppData\Local\Microsoft\Edge\User Data\Default\Extensions\jmjflgjpcpepeafmmgdpfkogkghcpiha [2024-02-24]

FireFox:
========
FF DefaultProfile: 5og8wrwc.default
FF ProfilePath: C:\Users\Boss\AppData\Roaming\Mozilla\Firefox\Profiles\5og8wrwc.default [2024-03-11]
FF ProfilePath: C:\Users\Boss\AppData\Roaming\Mozilla\Firefox\Profiles\wl6337xl.default-release [2024-03-13]
FF Plugin: @microsoft.com/SharePoint,version=14.0 -> C:\Program Files\Microsoft Office\root\Office16\NPSPWRAP.DLL [2024-02-05] (Microsoft Corporation -> Microsoft Corporation)
FF Plugin: @videolan.org/vlc,version=3.0.18 -> C:\Program Files\VideoLAN\VLC\npvlc.dll [2023-10-30] (VideoLAN -> VideoLAN)
FF Plugin: @videolan.org/vlc,version=3.0.20 -> C:\Program Files\VideoLAN\VLC\npvlc.dll [2023-10-30] (VideoLAN -> VideoLAN)
FF Plugin-x32: @java.com/DTPlugin,version=11.371.2 -> C:\Program Files (x86)\Java\jre-1.8\bin\dtplugin\npDeployJava1.dll [2023-03-17] (Oracle America, Inc. -> Oracle Corporation)
FF Plugin-x32: @java.com/JavaPlugin,version=11.371.2 -> C:\Program Files (x86)\Java\jre-1.8\bin\plugin2\npjp2.dll [2023-03-17] (Oracle America, Inc. -> Oracle Corporation)
FF Plugin-x32: @microsoft.com/SharePoint,version=14.0 -> C:\Program Files\Microsoft Office\root\VFS\ProgramFilesX86\Microsoft Office\Office16\NPSPWRAP.DLL [2024-02-05] (Microsoft Corporation -> Microsoft Corporation)

Chrome:
=======
CHR DefaultProfile: Default
CHR Profile: C:\Users\Boss\AppData\Local\Google\Chrome\User Data\Default [2024-03-13]
CHR Notifications: Default -> hxxps://mail.google.com; hxxps://www.filehorse.com; hxxps://www.youtube.com
CHR Extension: (Dokumenty Google offline) - C:\Users\Boss\AppData\Local\Google\Chrome\User Data\Default\Extensions\ghbmnnjooekpmoecnnnilnnbdlolhkhi [2024-02-27]
CHR Extension: (Platby Internetového obchodu Chrome) - C:\Users\Boss\AppData\Local\Google\Chrome\User Data\Default\Extensions\nmmhkkegccagdldgiimedpiccmgmieda [2023-05-23]
CHR Profile: C:\Users\Boss\AppData\Local\Google\Chrome\User Data\Guest Profile [2024-03-11]
CHR Profile: C:\Users\Boss\AppData\Local\Google\Chrome\User Data\Profile 1 [2024-03-11]
CHR Extension: (Dokumenty Google offline) - C:\Users\Boss\AppData\Local\Google\Chrome\User Data\Profile 1\Extensions\ghbmnnjooekpmoecnnnilnnbdlolhkhi [2024-03-10]
CHR Extension: (Platby Internetového obchodu Chrome) - C:\Users\Boss\AppData\Local\Google\Chrome\User Data\Profile 1\Extensions\nmmhkkegccagdldgiimedpiccmgmieda [2023-09-16]
CHR Profile: C:\Users\Boss\AppData\Local\Google\Chrome\User Data\Profile 2 [2024-03-11]
CHR Extension: (Dokumenty Google offline) - C:\Users\Boss\AppData\Local\Google\Chrome\User Data\Profile 2\Extensions\ghbmnnjooekpmoecnnnilnnbdlolhkhi [2024-02-27]
CHR Extension: (Platby Internetového obchodu Chrome) - C:\Users\Boss\AppData\Local\Google\Chrome\User Data\Profile 2\Extensions\nmmhkkegccagdldgiimedpiccmgmieda [2023-10-13]
CHR Profile: C:\Users\Boss\AppData\Local\Google\Chrome\User Data\System Profile [2024-03-13]

Opera:
=======
OPR DefaultProfile: Default

==================== Services (Whitelisted) ===================

(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)

R2 ClickToRunSvc; C:\Program Files\Common Files\Microsoft Shared\ClickToRun\OfficeClickToRun.exe [14097992 2024-03-10] (Microsoft Corporation -> Microsoft Corporation)
S3 FileSyncHelper; C:\Program Files\Microsoft OneDrive\24.025.0204.0003\FileSyncHelper.exe [3516848 2024-03-10] (Microsoft Corporation -> Microsoft Corporation)
R2 MDM; C:\Program Files (x86)\Common Files\Microsoft Shared\VS7DEBUG\mdm.exe [335872 2006-10-26] (Microsoft Corporation) [File not signed]
S3 OneDrive Updater Service; C:\Program Files\Microsoft OneDrive\24.025.0204.0003\OneDriveUpdaterService.exe [3853744 2024-03-10] (Microsoft Corporation -> Microsoft Corporation)
S3 Sense; C:\Program Files\Windows Defender Advanced Threat Protection\MsSense.exe [534472 2023-12-15] (Microsoft Windows Publisher -> Microsoft Corporation)
R3 WdNisSvc; C:\ProgramData\Microsoft\Windows Defender\Platform\4.18.24010.12-0\NisSrv.exe [3191256 2024-02-29] (Microsoft Windows Publisher -> Microsoft Corporation)
R2 WinDefend; C:\ProgramData\Microsoft\Windows Defender\Platform\4.18.24010.12-0\MsMpEng.exe [133576 2024-02-29] (Microsoft Windows Publisher -> Microsoft Corporation)
S4 QHActiveDefense; "C:\Program Files (x86)\360\Total Security\safemon\QHActiveDefense.exe" [X]
S4 QHProtected; "C:\Program Files (x86)\360\Total Security\safemon\WscReg.exe" [X]

===================== Drivers (Whitelisted) ===================

(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)

R3 360AvFlt; C:\Windows\SysWOW64\DRIVERS\360AvFlt.sys [100592 2023-12-21] (Microsoft Windows Hardware Compatibility Publisher -> 360.cn)
R3 360netmon; C:\Windows\System32\DRIVERS\360netmon.sys [96424 2023-03-15] (Qihoo 360 Software (Beijing) Company Limited -> 360.cn)
R3 amdfendrmgr; C:\Windows\System32\drivers\amdfendrmgr.sys [25560 2023-04-12] (Microsoft Windows Hardware Compatibility Publisher -> Advanced Micro Devices, Inc.)
R3 AMDSAFD; C:\Windows\System32\DriverStore\FileRepository\amdsafd.inf_amd64_1a1a381a2c0e293c\amdsafd.sys [113056 2022-08-25] (Advanced Micro Devices Inc. -> Advanced Micro Devices)
R3 AmdTools64; C:\Windows\System32\drivers\AmdTools64.sys [77240 2022-07-18] (Advanced Micro Devices Inc. -> AMD)
R3 amdwddmg; C:\Windows\System32\DriverStore\FileRepository\u0392064.inf_amd64_f5afb73c644105f0\B392017\amdkmdag.sys [100296072 2023-05-23] (Advanced Micro Devices Inc. -> Advanced Micro Devices, Inc.)
R3 AMDXE; C:\Windows\System32\drivers\amdxe.sys [59920 2022-05-31] (Advanced Micro Devices Inc. -> Advanced Micro Devices, Inc.)
S3 libusbK; C:\Windows\System32\drivers\libusbK.sys [47200 2023-11-16] (Travis Lee Robinson -> hxxp://libusb-win32.sourceforge.net)
R3 MTsensor; C:\Windows\system32\DRIVERS\ASACPI.sys [17280 2023-05-23] (ASUSTeK Computer Inc. -> )
R3 ScpVBus; C:\Windows\System32\drivers\ScpVBus.sys [39168 2013-05-19] (Bruce James -> Scarlet.Crush Productions)
R0 WdBoot; C:\Windows\System32\drivers\wd\WdBoot.sys [21040 2024-02-29] (Microsoft Windows Early Launch Anti-malware Publisher -> Microsoft Corporation)
R0 WdFilter; C:\Windows\System32\drivers\wd\WdFilter.sys [608648 2024-02-29] (Microsoft Windows -> Microsoft Corporation)
R3 WdNisDrv; C:\Windows\System32\drivers\wd\WdNisDrv.sys [105752 2024-02-29] (Microsoft Windows -> Microsoft Corporation)
R3 360Box64; system32\DRIVERS\360Box64.sys [X]
S4 NVHDA; \SystemRoot\system32\drivers\nvhda64v.sys [X]

==================== NetSvcs (Whitelisted) ===================

(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)


==================== One month (created) (Whitelisted) =========

(If an entry is included in the fixlist, the file/folder will be moved.)

2024-03-13 16:47 - 2024-03-13 16:47 - 000000000 ___HD C:\$WinREAgent
2024-03-12 22:38 - 2024-03-12 22:40 - 000000000 ____D C:\Users\Boss\Desktop\Nová složka (2)
2024-03-12 21:46 - 2024-03-12 21:47 - 000000000 ____D C:\Windows\Tasks\360Disabled
2024-03-12 20:16 - 2024-03-13 17:32 - 000000000 ____D C:\ProgramData\360Quarant
2024-03-12 20:14 - 2024-02-01 06:14 - 000349928 _____ (360.cn) C:\Windows\system32\Drivers\360Box64.sys.951
2024-03-12 20:14 - 2023-12-21 05:38 - 000553712 _____ (360.cn) C:\Windows\system32\Drivers\360FsFlt.sys.675
2024-03-12 20:14 - 2023-12-21 05:38 - 000100592 _____ (360.cn) C:\Windows\system32\Drivers\360AvFlt.sys.000
2024-03-12 20:14 - 2023-03-15 09:02 - 000096424 ____N (360.cn) C:\Windows\system32\Drivers\360netmon.sys
2024-03-12 20:13 - 2024-03-12 20:13 - 000000000 ____D C:\Program Files (x86)\360
2024-03-11 20:54 - 2024-03-11 20:54 - 000259224 _____ C:\Users\Boss\Downloads\aircraft-sales-item.webp
2024-03-11 20:47 - 2024-03-11 20:47 - 000088476 _____ C:\Users\Boss\Downloads\letadlo-cestovani.jpeg
2024-03-11 20:47 - 2024-03-11 20:47 - 000080090 _____ C:\Users\Boss\Downloads\image.webp
2024-03-11 20:47 - 2024-03-11 20:47 - 000070770 _____ C:\Users\Boss\Downloads\letadla.webp
2024-03-11 20:39 - 2024-03-11 20:39 - 000161735 _____ C:\Users\Boss\Downloads\dánsko.jpeg
2024-03-11 20:26 - 2024-03-11 20:26 - 001645116 _____ C:\Users\Boss\Downloads\ee2a8173dc4f6253bebe62bb07c6b10e.jpeg
2024-03-11 20:26 - 2024-03-11 20:26 - 000090756 _____ C:\Users\Boss\Downloads\shutterstock_445892848_1200x.webp
2024-03-11 20:25 - 2024-03-11 20:25 - 000024746 _____ C:\Users\Boss\Downloads\2koru.webp
2024-03-11 20:14 - 2024-03-11 20:14 - 000462712 _____ C:\Users\Boss\Downloads\newFile.avif
2024-03-11 20:11 - 2024-03-11 20:11 - 000075324 _____ C:\Users\Boss\Downloads\Image-1-Amtraks-Airo-Passenger-Train-1.webp
2024-03-11 20:11 - 2024-03-11 20:11 - 000040861 _____ C:\Users\Boss\Downloads\high-speed-train-motion-railway-station-sunset-generative-ai_527096-24567.avif
2024-03-11 19:51 - 2024-03-11 21:20 - 011960210 _____ C:\Users\Boss\Desktop\Traveling.pptx
2024-03-11 18:49 - 2024-03-11 18:49 - 000138929 _____ C:\Users\Boss\Downloads\1967-Chevrolet-Impala-Supernatural-Cropped.avif
2024-03-11 18:49 - 2024-03-11 18:49 - 000079354 _____ C:\Users\Boss\Downloads\Supernatural-Jensen-Ackles-Dean-Winchester-with-Impala.avif
2024-03-11 18:49 - 2024-03-11 18:49 - 000059364 _____ C:\Users\Boss\Downloads\Supernatural.webp
2024-03-11 18:48 - 2024-03-11 18:48 - 000087098 _____ C:\Users\Boss\Downloads\wp2353934.webp
2024-03-11 18:11 - 2024-03-11 18:11 - 000000008 _____ C:\ProgramData\ntuser.pol
2024-03-11 18:08 - 2024-03-13 17:32 - 000000000 ____D C:\Users\Boss\Desktop\FRST-OlderVersion
2024-03-11 18:08 - 2024-03-11 18:09 - 000007324 _____ C:\Users\Boss\Desktop\Fixlog.txt
2024-03-10 20:33 - 2024-03-10 20:34 - 000000000 ____D C:\AdwCleaner
2024-03-10 20:32 - 2024-03-10 20:32 - 008790880 _____ (Malwarebytes) C:\Users\Boss\Desktop\adwcleaner.exe
2024-03-10 18:20 - 2024-03-10 18:22 - 000049729 _____ C:\Users\Boss\Desktop\Addition.txt
2024-03-10 18:19 - 2024-03-13 17:35 - 000018069 _____ C:\Users\Boss\Desktop\FRST.txt
2024-03-10 18:17 - 2024-03-13 17:34 - 000000000 ____D C:\FRST
2024-03-10 18:15 - 2024-03-13 17:32 - 002390528 _____ (Farbar) C:\Users\Boss\Desktop\FRST64.exe
2024-03-10 17:40 - 2024-03-10 17:40 - 000000000 ____D C:\Program Files\Common Files\DESIGNER
2024-02-24 22:04 - 2024-02-24 23:37 - 000000000 ____D C:\Users\Boss\Desktop\Chlapec
2024-02-24 16:43 - 2024-03-11 21:20 - 000000000 ____D C:\Users\Boss\AppData\Roaming\Microsoft\PowerPoint
2024-02-16 21:11 - 2024-02-16 21:11 - 000019697 _____ C:\Windows\SysWOW64\IntegratedServicesRegionPolicySet.json
2024-02-16 21:10 - 2024-02-16 21:10 - 000019697 _____ C:\Windows\system32\IntegratedServicesRegionPolicySet.json

==================== One month (modified) ==================

(If an entry is included in the fixlist, the file/folder will be moved.)

2024-03-13 17:34 - 2023-09-09 13:18 - 000000000 ____D C:\ProgramData\Mozilla-1de4eec8-1241-4177-a864-e594e8d1fb38
2024-03-13 17:34 - 2019-12-07 10:14 - 000000000 ___HD C:\Windows\ELAMBKUP
2024-03-13 17:33 - 2019-12-07 10:14 - 000000000 ___RD C:\Windows\ImmersiveControlPanel
2024-03-13 17:31 - 2023-05-23 13:07 - 000000000 ____D C:\Users\Boss\AppData\Local\ClassicShell
2024-03-13 17:29 - 2019-12-07 10:03 - 000000000 ____D C:\Windows\CbsTemp
2024-03-13 17:20 - 2023-12-28 19:04 - 000000000 ____D C:\Program Files (x86)\Steam
2024-03-13 17:17 - 2019-12-07 10:14 - 000000000 ____D C:\ProgramData\regid.1991-06.com.microsoft
2024-03-13 16:56 - 2023-06-02 12:58 - 000000000 ____D C:\Users\Boss\AppData\Roaming\.minecraft
2024-03-13 16:52 - 2023-06-02 13:00 - 000000000 ____D C:\Users\Boss\AppData\Roaming\.tlauncher
2024-03-13 16:50 - 2023-05-23 13:03 - 000000000 ____D C:\Program Files (x86)\Google
2024-03-13 16:50 - 2022-09-08 04:11 - 000000000 ____D C:\Windows\SystemTemp
2024-03-13 16:49 - 2023-05-23 13:04 - 000002247 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Google Chrome.lnk
2024-03-13 16:49 - 2023-05-23 13:04 - 000002206 _____ C:\Users\Public\Desktop\Google Chrome.lnk
2024-03-13 16:32 - 2023-05-23 13:01 - 000000000 ____D C:\Windows\system32\MRT
2024-03-13 16:29 - 2023-05-23 13:00 - 190470136 ____C (Microsoft Corporation) C:\Windows\system32\MRT.exe
2024-03-13 16:19 - 2019-12-07 10:14 - 000000000 ____D C:\Windows\LiveKernelReports
2024-03-13 16:19 - 2019-12-07 10:13 - 000000000 ____D C:\Windows\INF
2024-03-13 16:18 - 2023-06-05 09:11 - 000003096 _____ C:\Windows\system32\Tasks\AMDInstallLauncher
2024-03-13 16:18 - 2023-06-05 09:11 - 000003088 _____ C:\Windows\system32\Tasks\AMDLinkUpdate
2024-03-12 23:07 - 2021-05-22 23:09 - 000000000 ____D C:\Windows\system32\SleepStudy
2024-03-12 22:40 - 2023-06-11 16:08 - 000000000 ____D C:\Users\Boss\Desktop\obrásky
2024-03-12 22:39 - 2023-05-24 14:43 - 000000000 ____D C:\Users\Boss\AppData\Roaming\vlc
2024-03-12 22:32 - 2019-12-07 10:14 - 000000000 ___HD C:\Program Files\WindowsApps
2024-03-12 22:32 - 2019-12-07 10:14 - 000000000 ____D C:\Windows\AppReadiness
2024-03-12 20:14 - 2023-05-23 13:02 - 000000000 ____D C:\Users\Boss\AppData\Local\D3DSCache
2024-03-12 18:35 - 2023-10-28 13:19 - 000000000 ____D C:\Users\Boss\Desktop\Mafia fail
2024-03-11 21:25 - 2021-05-22 23:12 - 000000000 ____D C:\Users\Boss
2024-03-11 21:24 - 2021-05-22 23:12 - 000002444 _____ C:\Users\Boss\Desktop\Microsoft Edge.lnk
2024-03-11 21:22 - 2021-05-22 23:12 - 000000000 ____D C:\Users\Boss\AppData\Local\ConnectedDevicesPlatform
2024-03-11 21:21 - 2023-10-30 20:22 - 000000000 ____D C:\Users\Boss\AppData\Roaming\Microsoft\Teams
2024-03-11 21:21 - 2023-10-30 20:22 - 000000000 ____D C:\Users\Boss\AppData\Local\SquirrelTemp
2024-03-11 19:51 - 2023-06-05 09:34 - 000000000 ____D C:\Users\Boss\AppData\Roaming\Microsoft\Office
2024-03-11 19:17 - 2023-06-05 09:34 - 000000000 ____D C:\Users\Boss\AppData\Roaming\Microsoft\UProof
2024-03-11 18:26 - 2023-10-30 20:23 - 000002398 _____ C:\Users\Boss\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Microsoft Teams classic.lnk
2024-03-11 18:15 - 2023-10-06 13:42 - 000000000 ____D C:\Program Files\RUXIM
2024-03-11 18:15 - 2023-05-23 12:49 - 001605602 _____ C:\Windows\system32\PerfStringBackup.INI
2024-03-11 18:15 - 2019-12-07 15:43 - 000682184 _____ C:\Windows\system32\perfh005.dat
2024-03-11 18:15 - 2019-12-07 15:43 - 000137000 _____ C:\Windows\system32\perfc005.dat
2024-03-11 18:11 - 2023-12-18 20:05 - 000000000 ____D C:\Program Files\Microsoft OneDrive
2024-03-11 18:11 - 2021-05-22 23:09 - 000008192 ___SH C:\DumpStack.log.tmp
2024-03-11 18:11 - 2021-05-22 23:09 - 000000006 ____H C:\Windows\Tasks\SA.DAT
2024-03-11 18:10 - 2023-05-23 12:57 - 000065536 _____ C:\Windows\system32\spu_storage.bin
2024-03-11 18:10 - 2019-12-07 10:03 - 000262144 _____ C:\Windows\system32\config\BBI
2024-03-11 18:09 - 2023-06-20 12:15 - 000000000 ____D C:\Users\Boss\AppData\LocalLow\Temp
2024-03-11 18:08 - 2019-12-07 10:14 - 000000000 ___HD C:\Windows\system32\GroupPolicy
2024-03-10 17:40 - 2023-12-17 18:06 - 000000000 ____D C:\Program Files\Microsoft Office
2024-03-10 17:34 - 2021-05-22 23:09 - 000002436 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Microsoft Edge.lnk
2024-03-10 17:31 - 2023-05-23 12:53 - 000000000 ____D C:\Users\Boss\AppData\Local\AMD_Common
2024-03-10 17:28 - 2023-12-17 17:55 - 000003194 _____ C:\Windows\system32\Tasks\OneDrive Per-Machine Standalone Update Task
2024-03-10 17:28 - 2023-12-17 17:55 - 000002130 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Programs\OneDrive.lnk
2024-03-10 17:28 - 2023-05-23 12:47 - 000003596 _____ C:\Windows\system32\Tasks\OneDrive Reporting Task-S-1-5-21-4194677476-3627657768-3988829947-1001
2024-03-10 17:28 - 2021-05-22 23:09 - 000003640 _____ C:\Windows\system32\Tasks\MicrosoftEdgeUpdateTaskMachineUA
2024-03-10 17:28 - 2021-05-22 23:09 - 000003516 _____ C:\Windows\system32\Tasks\MicrosoftEdgeUpdateTaskMachineCore
2024-02-29 18:09 - 2021-05-22 23:09 - 000000000 ____D C:\Windows\system32\Drivers\wd
2024-02-27 17:02 - 2023-06-05 09:34 - 000000000 ____D C:\Users\Boss\AppData\Roaming\Microsoft\Word
2024-02-27 17:02 - 2023-06-05 09:34 - 000000000 ____D C:\Users\Boss\AppData\Roaming\Microsoft\Excel
2024-02-27 16:50 - 2023-09-16 18:09 - 000000000 ____D C:\Users\Boss\AppData\Local\CrashDumps
2024-02-25 14:12 - 2024-01-13 17:40 - 000000000 ____D C:\Program Files\Mozilla Firefox
2024-02-25 14:12 - 2023-09-09 13:16 - 000000000 ____D C:\Program Files (x86)\Mozilla Maintenance Service
2024-02-25 14:12 - 2021-05-22 23:09 - 000454096 _____ C:\Windows\system32\FNTCACHE.DAT
2024-02-25 00:30 - 2019-12-07 15:47 - 000000000 ___SD C:\Windows\system32\AppV
2024-02-25 00:30 - 2019-12-07 10:14 - 000000000 ____D C:\Windows\SysWOW64\WinMetadata
2024-02-25 00:30 - 2019-12-07 10:14 - 000000000 ____D C:\Windows\SysWOW64\setup
2024-02-25 00:30 - 2019-12-07 10:14 - 000000000 ____D C:\Windows\SystemResources
2024-02-25 00:30 - 2019-12-07 10:14 - 000000000 ____D C:\Windows\system32\WinMetadata
2024-02-25 00:30 - 2019-12-07 10:14 - 000000000 ____D C:\Windows\system32\setup
2024-02-25 00:30 - 2019-12-07 10:14 - 000000000 ____D C:\Windows\system32\SecureBootUpdates
2024-02-25 00:30 - 2019-12-07 10:14 - 000000000 ____D C:\Windows\system32\oobe
2024-02-25 00:30 - 2019-12-07 10:14 - 000000000 ____D C:\Windows\system32\migwiz
2024-02-25 00:30 - 2019-12-07 10:14 - 000000000 ____D C:\Windows\system32\appraiser
2024-02-25 00:30 - 2019-12-07 10:14 - 000000000 ____D C:\Windows\ShellComponents
2024-02-25 00:30 - 2019-12-07 10:14 - 000000000 ____D C:\Windows\bcastdvr
2024-02-24 15:20 - 2023-09-10 12:20 - 000001005 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Firefox.lnk
2024-02-16 21:10 - 2021-05-22 23:13 - 003016192 _____ (Microsoft Corporation) C:\Windows\SysWOW64\PrintConfig.dll
2024-02-16 20:23 - 2019-12-07 10:03 - 000032768 _____ C:\Windows\system32\config\ELAM

==================== Files in the root of some directories ========

2023-11-15 16:58 - 2023-11-15 16:58 - 010571443 _____ () C:\Program Files (x86)\SCP-DS-Driver-Package-1.2.0.160.7z
2023-06-02 10:04 - 2023-06-02 10:04 - 000000001 _____ () C:\Users\Boss\AppData\Local\llftool.4.40.agreement

==================== SigCheck ============================

(There is no automatic fix for files that do not pass verification.)

==================== End of FRST.txt ========================

Zkuste smazat tento soubor: C:\Users\Boss\AppData\Local\Microsoft\Teams\Update.exe .