Prosím o kontrolu logu
Napsal: 27 bře 2024 15:48
Dnes jsem otevřel pochybný email neměl žádnou přílohu. Nainstaloval jsem ihned eset a ten ted opakovaně vyskakuje hláška zablokován útok ARP Cache Poisoing zařízení (192.168.1.10) nicméně když jsem šel do routeru zobrazuje se mi tato ip jako má televize a při skenu nalezl Čas;Skener;Typ objektu;Objekt;Detekce;Akce;Uživatel;Informace;Hash;První výskyt
27.03.2024 16:14:34;HTTP filtr;soubor;https://jootizud.net/pfe/current/tag.mi ... ed.Agent.L podezřelá aplikace;přerušeno spojení;ZALMAN-PC\petrs;Tato událost nastala při pokusu o přístup na web aplikací: C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe (A3C06B947549921D60D59917575DF5EE5DFC472A).;C3C68A1B3FEC1DE7F1DD9AD78CE9BA8CB6CA2286;
Scan result of Farbar Recovery Scan Tool (FRST) (x64) Version: 25.03.2024
Ran by petrs (administrator) on ZALMAN-PC (Micro-Star International Co., Ltd. MS-7B93) (27-03-2024 15:44:18)
Running from C:\Users\petrs\Desktop\FRST64.exe
Loaded Profiles: petrs
Platform: Microsoft Windows 11 Home Version 23H2 22631.3296 (X64) Language: Čeština (Česko)
Default browser: Edge
Boot Mode: Normal
==================== Processes (Whitelisted) =================
(If an entry is included in the fixlist, the process will be closed. The file will not be moved.)
(A-Volute SAS -> A-Volute) C:\Windows\System32\NhNotifSys.exe
(C:\Program Files (x86)\Common Files\Java\Java Update\jusched.exe ->) (Oracle America, Inc. -> Oracle Corporation) C:\Program Files (x86)\Common Files\Java\Java Update\jucheck.exe
(C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe ->) (Microsoft Windows -> Microsoft Corporation) C:\Windows\System32\cmd.exe <2>
(C:\Program Files (x86)\Sticky Password\stpass.exe ->) (Lamantine Software a.s. -> Lamantine Software a.s.) C:\Program Files (x86)\Sticky Password\spUIAManager.exe
(C:\Program Files\ESET\ESET Security\ekrn.exe ->) (ESET, spol. s r.o. -> ESET) C:\Program Files\ESET\ESET Security\egui.exe
(C:\Program Files\ESET\ESET Security\ekrn.exe ->) (ESET, spol. s r.o. -> ESET) C:\Program Files\ESET\ESET Security\eguiProxy.exe
(C:\Program Files\ESET\ESET Security\ekrn.exe ->) (ESET, spol. s r.o. -> ESET) C:\Program Files\ESET\ESET Security\eOppFrame.exe
(C:\Program Files\LogiOptionsPlus\logioptionsplus_agent.exe ->) (Logitech Inc -> Logitech, Inc.) C:\Program Files\LogiOptionsPlus\logioptionsplus_appbroker.exe
(C:\Program Files\LogiOptionsPlus\logioptionsplus_updater.exe ->) (Logitech Inc -> Logitech, Inc.) C:\Program Files\LogiOptionsPlus\logioptionsplus_agent.exe
(C:\Program Files\NVIDIA Corporation\NvContainer\nvcontainer.exe ->) (NVIDIA Corporation -> NVIDIA Corporation) C:\Program Files\NVIDIA Corporation\NVIDIA GeForce Experience\NVIDIA Share.exe <3>
(C:\Program Files\NVIDIA Corporation\NvContainer\nvcontainer.exe ->) (NVIDIA Corporation -> NVIDIA Corporation) C:\Program Files\NVIDIA Corporation\ShadowPlay\nvsphelper64.exe
(C:\Program Files\WindowsApps\MicrosoftTeams_24060.3102.2733.5911_x64__8wekyb3d8bbwe\msteams.exe ->) (Microsoft Corporation -> Microsoft Corporation) C:\Program Files (x86)\Microsoft\EdgeWebView\Application\122.0.2365.92\msedgewebview2.exe <12>
(cmd.exe ->) (ESET, spol. s r.o. -> ESET) C:\Program Files\ESET\ESET Security\BrowserPrivacyAndSecurity.exe
(cmd.exe ->) (Lamantine Software a.s. -> Lamantine Software a.s.) C:\Program Files (x86)\Sticky Password\spNMHost.exe
(explorer.exe ->) (Lamantine Software a.s. -> Lamantine Software a.s.) C:\Program Files (x86)\Sticky Password\stpass.exe
(Microsoft Corporation -> Microsoft Corporation) C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe <16>
(NVIDIA Corporation -> Node.js) C:\Program Files (x86)\NVIDIA Corporation\NvNode\NVIDIA Web Helper.exe
(Oracle America, Inc. -> Oracle Corporation) C:\Program Files (x86)\Common Files\Java\Java Update\jusched.exe
(services.exe ->) (Adobe Inc. -> Adobe Inc.) C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\armsvc.exe
(services.exe ->) (AVB Disc Soft, SIA -> Disc Soft FZE LLC) C:\Program Files\DAEMON Tools Lite\DiscSoftBusServiceLite.exe
(services.exe ->) (A-Volute SAS -> Nahimic) C:\Windows\System32\NahimicService.exe
(services.exe ->) (ESET, spol. s r.o. -> ESET) C:\Program Files\ESET\ESET Security\efwd.exe
(services.exe ->) (ESET, spol. s r.o. -> ESET) C:\Program Files\ESET\ESET Security\ekrn.exe
(services.exe ->) (HP Inc. -> HP Inc.) C:\Program Files\HPPrintScanDoctor\HPPrintScanDoctorService.exe
(services.exe ->) (Logitech Inc -> Logitech, Inc.) C:\Program Files\LogiOptionsPlus\logioptionsplus_updater.exe
(services.exe ->) (Microsoft Corporation -> Microsoft Corporation) C:\Program Files\Common Files\microsoft shared\ClickToRun\OfficeClickToRun.exe
(services.exe ->) (ND_Apps -> Intel Corporation) C:\Windows\System32\IPROSetMonitor.exe
(services.exe ->) (NVIDIA Corporation -> NVIDIA Corporation) C:\Program Files\NVIDIA Corporation\NvContainer\nvcontainer.exe <3>
(services.exe ->) (NVIDIA Corporation -> NVIDIA Corporation) C:\Windows\System32\DriverStore\FileRepository\nvmdi.inf_amd64_04ffae6d80cb7adc\Display.NvContainer\NVDisplay.Container.exe <2>
(services.exe ->) (Realtek Semiconductor Corp. -> Realtek Semiconductor) C:\Windows\System32\DriverStore\FileRepository\realtekservice.inf_amd64_5349479f7c9fe8a6\RtkAudUService64.exe <2>
(svchost.exe ->) (453637B3-4E12-4CDF-B0D3-2A3C863BF6EF -> ) C:\Program Files\WindowsApps\SpotifyAB.SpotifyMusic_1.233.1042.0_x64__zpdnekdrzrea0\SpotifyWidgetProvider.exe
(svchost.exe ->) (Microsoft Corporation -> Microsoft Corporation) C:\Program Files\Microsoft Office\root\Office16\SDXHelper.exe
(svchost.exe ->) (Microsoft Windows -> ) C:\Program Files\WindowsApps\MicrosoftWindows.Client.WebExperience_424.1301.310.0_x64__cw5n1h2txyewy\Dashboard\WidgetService.exe
(svchost.exe ->) (Microsoft Windows -> Microsoft Corporation) C:\Windows\System32\dllhost.exe <2>
(svchost.exe ->) (Microsoft Windows -> Microsoft Corporation) C:\Windows\System32\smartscreen.exe
(svchost.exe ->) (Microsoft Windows -> Microsoft Corporation) C:\Windows\System32\wlanext.exe
==================== Registry (Whitelisted) ===================
(If an entry is included in the fixlist, the registry item will be restored to default or removed. The file will not be moved.)
HKLM\...\Run: [Logitech Download Assistant] => C:\Windows\system32\rundll32.exe C:\Windows\System32\LogiLDA.dll,LogiFetch [3951024 2019-10-11] (Microsoft Windows Hardware Compatibility Publisher -> Logitech, Inc.)
HKLM\...\Run: [RtkAudUService] => C:\Windows\System32\DriverStore\FileRepository\realtekservice.inf_amd64_5349479f7c9fe8a6\RtkAudUService64.exe [1951632 2023-12-20] (Realtek Semiconductor Corp. -> Realtek Semiconductor)
HKLM\...\Run: [egui] => C:\Program Files\ESET\ESET Security\ecmds.exe [196016 2024-03-25] (ESET, spol. s r.o. -> ESET)
HKLM-x32\...\Run: [SunJavaUpdateSched] => C:\Program Files (x86)\Common Files\Java\Java Update\jusched.exe [739448 2023-03-17] (Oracle America, Inc. -> Oracle Corporation)
HKLM\SOFTWARE\Microsoft\Windows Defender: [DisableAntiSpyware] Restriction <==== ATTENTION
HKLM\SOFTWARE\Microsoft\Windows Defender: [DisableAntiVirus] Restriction <==== ATTENTION
HKU\S-1-5-21-2785552240-912787919-3056475977-1001\...\Run: [OneDrive] => C:\Program Files\Microsoft OneDrive\OneDrive.exe [3306504 2024-03-26] (Microsoft Corporation -> Microsoft Corporation)
HKU\S-1-5-21-2785552240-912787919-3056475977-1001\...\Run: [StickyPassword] => C:\Program Files (x86)\Sticky Password\stpass.exe [72104 2023-12-18] (Lamantine Software a.s. -> Lamantine Software a.s.)
HKU\S-1-5-21-2785552240-912787919-3056475977-1001\...\Run: [MicrosoftEdgeAutoLaunch_C8232F012CA43EDA63AF8D019F227CEA] => "C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --no-startup-window --win-session-start [4060712 2024-03-14] (Microsoft Corporation -> Microsoft Corporation)
HKU\S-1-5-21-2785552240-912787919-3056475977-1001\...\Run: [GalaxyClient] => [X]
HKU\S-1-5-21-2785552240-912787919-3056475977-1001\...\Run: [DAEMON Tools Lite Automount] => C:\Program Files\DAEMON Tools Lite\DTAgent.exe [482128 2023-10-11] (AVB Disc Soft, SIA -> Disc Soft FZE LLC)
==================== Scheduled Tasks (Whitelisted) =================
(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)
Task: {399B43F5-1228-4711-AB4C-129BC36CDA2C} - System32\Tasks\Adobe Acrobat Update Task => C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\AdobeARM.exe [1547208 2024-01-31] (Adobe Inc. -> Adobe Inc.)
Task: {14EEFDE1-83F4-42B5-9F79-A98B61DC1A29} - System32\Tasks\CCleaner Update => C:\Program Files\CCleaner\CCUpdate.exe [714256 2023-10-10] (PIRIFORM SOFTWARE LIMITED -> Piriform Software Ltd)
Task: {DD64EFEC-3053-48B3-B723-5750FCB60292} - System32\Tasks\CCleanerCrashReporting => C:\Program Files\CCleaner\CCleanerBugReport.exe [4703648 2023-10-10] (PIRIFORM SOFTWARE LIMITED -> Piriform Software) -> --product 90 --send dumps|report --path "C:\Program Files\CCleaner\LOG" --programpath "C:\Program Files\CCleaner" --configpath "C:\Program Files\CCleaner\Setup" --guid "17ef4122-613d-4c33-aeff-6851f77dacdc" --version "6.17.10746" --silent
Task: {B2F56437-8C34-467D-9118-010D0C3F63D2} - System32\Tasks\CCleanerSkipUAC - petrs => C:\Program Files\CCleaner\CCleaner.exe [35664800 2023-10-10] (PIRIFORM SOFTWARE LIMITED -> Piriform Software Ltd)
Task: {F2A18D04-40CB-4948-A4E6-2C188D3D3A25} - System32\Tasks\GarminUpdaterTask => C:\Program Files (x86)\Garmin\Express SelfUpdater\ExpressSelfUpdater.exe [31008 2023-08-28] (Garmin International, Inc. -> )
Task: {9B1F60EF-5E7F-4CC9-B744-85F80873659D} - System32\Tasks\HP\HP Print Scan Doctor\Printer Health Monitor => C:\Program Files\HPPrintScanDoctor\HPPrinterHealthMonitor.exe [64464 2024-03-08] (HP Inc. -> HP Inc.)
Task: {C8EFF6FD-9206-4C41-A73A-C28FF3F660DE} - System32\Tasks\HP\HP Print Scan Doctor\Printer Health Monitor Logon => C:\Program Files\HPPrintScanDoctor\HPPrinterHealthMonitor.exe [64464 2024-03-08] (HP Inc. -> HP Inc.)
Task: {63A08CFA-7515-407A-B831-D1D1EBB87F96} - System32\Tasks\Microsoft\Office\Office Automatic Updates 2.0 => C:\Program Files\Common Files\Microsoft Shared\ClickToRun\OfficeC2RClient.exe [28491744 2024-03-07] (Microsoft Corporation -> Microsoft Corporation)
Task: {9BC130E2-FF6F-492F-BFF0-6270A7F06418} - System32\Tasks\Microsoft\Office\Office ClickToRun Service Monitor => C:\Program Files\Common Files\Microsoft Shared\ClickToRun\OfficeC2RClient.exe [28491744 2024-03-07] (Microsoft Corporation -> Microsoft Corporation)
Task: {E0B79C08-79BB-46A8-9855-A88FFD95C568} - System32\Tasks\Microsoft\Office\Office Feature Updates => C:\Program Files\Microsoft Office\root\Office16\sdxhelper.exe [309184 2024-03-19] (Microsoft Corporation -> Microsoft Corporation)
Task: {15636897-284F-4CD3-93DE-843B4536F239} - System32\Tasks\Microsoft\Office\Office Feature Updates Logon => C:\Program Files\Microsoft Office\root\Office16\sdxhelper.exe [309184 2024-03-19] (Microsoft Corporation -> Microsoft Corporation)
Task: {9530E009-2B61-4644-B69C-F754B8CC191C} - System32\Tasks\Microsoft\Office\Office Performance Monitor => C:\Program Files\Microsoft Office\root\vfs\ProgramFilesCommonX64\Microsoft Shared\Office16\operfmon.exe [170136 2024-03-19] (Microsoft Corporation -> Microsoft Corporation)
Task: {E0F10DCF-44AD-40E8-9370-FB5DA59F93FB} - System32\Tasks\Microsoft\Windows\UpdateOrchestrator\USO_UxBroker => %systemroot%\system32\MusNotification.exe (No File)
Task: {662472C2-6CCA-4CBB-91AB-2A0BEE3A412F} - System32\Tasks\Mozilla\Firefox Background Update 308046B0AF4A39CB => C:\Program Files\Mozilla Firefox\firefox.exe [671648 2024-02-18] (Mozilla Corporation -> Mozilla Corporation) -> C:\ProgramData\Mozilla-1de4eec8-1241-4177-a864-e594e8d1fb38\updates\308046B0AF4A39CB\--MOZ_LOG sync,prependheader,timestamp,append,maxsize:1,Dump:5 --MOZ_LOG_FILE C:\ProgramData\Mozilla-1de4eec8-1241-4177-a864-e594e8d1fb38\updates\308046B0AF4A39CB\backgroundupdate.moz_log --backgroundtask background (the data entry has 6 more characters).
Task: {648AC316-16F7-4EF3-A0B5-0E576869DC1C} - System32\Tasks\Mozilla\Firefox Default Browser Agent 308046B0AF4A39CB => C:\Program Files\Mozilla Firefox\default-browser-agent.exe [34720 2024-02-18] (Mozilla Corporation -> Mozilla Foundation)
Task: {B5DB29EA-E21F-476A-9A75-64EFAC04A25B} - System32\Tasks\NvDriverUpdateCheckDaily_{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8} => C:\Program Files\NVIDIA Corporation\NvContainer\nvcontainer.exe [1005096 2023-11-02] (NVIDIA Corporation -> NVIDIA Corporation) -> C:\Program Files\NVIDIA Corporation\NvContainer\-d "C:\Program Files\NVIDIA Corporation\NvDriverUpdateCheck" -l 3 -f C:\ProgramData\NVIDIA\NvContainerDriverUpdateCheck.log
Task: {A3A1D2A0-F5B4-4098-AED7-D929EB2B0080} - System32\Tasks\NVIDIA GeForce Experience SelfUpdate_{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8} => C:\Program Files\NVIDIA Corporation\NVIDIA GeForce Experience\NVIDIA GeForce Experience.exe [3345448 2023-11-02] (NVIDIA Corporation -> NVIDIA Corporation)
Task: {03F4E411-B084-4494-B0A8-A3A41917110D} - System32\Tasks\NvNodeLauncher_{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8} => C:\Program Files (x86)\NVIDIA Corporation\NvNode\nvnodejslauncher.exe [649256 2023-11-02] (NVIDIA Corporation -> NVIDIA Corporation) -> C:\Program Files (x86)\NVIDIA Corporation\NvNode\--launcher=TaskScheduler
Task: {91BA0E52-6B58-4C1A-8031-44ACE5CA6AD9} - System32\Tasks\NvProfileUpdaterDaily_{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8} => C:\Program Files\NVIDIA Corporation\Update Core\NvProfileUpdater64.exe [910888 2023-11-02] (NVIDIA Corporation -> NVIDIA Corporation)
Task: {2F69E5F6-22E8-466A-AE63-B06ED5AAB17B} - System32\Tasks\NvProfileUpdaterOnLogon_{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8} => C:\Program Files\NVIDIA Corporation\Update Core\NvProfileUpdater64.exe [910888 2023-11-02] (NVIDIA Corporation -> NVIDIA Corporation)
Task: {D8B8B94C-E059-4B26-BCE0-8C6A7ECFB245} - System32\Tasks\NvTmRep_CrashReport1_{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8} => C:\Program Files\NVIDIA Corporation\NvBackend\NvTmRep.exe [1665064 2023-11-02] (NVIDIA Corporation -> NVIDIA Corporation)
Task: {04417C82-AEB0-49FB-9CA1-E9DD3839DDAA} - System32\Tasks\NvTmRep_CrashReport2_{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8} => C:\Program Files\NVIDIA Corporation\NvBackend\NvTmRep.exe [1665064 2023-11-02] (NVIDIA Corporation -> NVIDIA Corporation)
Task: {BB336857-72A4-4BC7-855D-C26FF16E0F21} - System32\Tasks\NvTmRep_CrashReport3_{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8} => C:\Program Files\NVIDIA Corporation\NvBackend\NvTmRep.exe [1665064 2023-11-02] (NVIDIA Corporation -> NVIDIA Corporation)
Task: {F92BCC29-8EA7-4146-8E85-EE15F428560F} - System32\Tasks\NvTmRep_CrashReport4_{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8} => C:\Program Files\NVIDIA Corporation\NvBackend\NvTmRep.exe [1665064 2023-11-02] (NVIDIA Corporation -> NVIDIA Corporation)
Task: {86D74176-E9A1-4792-9DF9-65DF22201D67} - System32\Tasks\OneDrive Per-Machine Standalone Update Task => C:\Program Files\Microsoft OneDrive\OneDriveStandaloneUpdater.exe [4206096 2024-03-26] (Microsoft Corporation -> Microsoft Corporation)
Task: {26998442-F9D7-4310-81AB-DA99388D4B84} - System32\Tasks\OneDrive Reporting Task-S-1-5-21-2785552240-912787919-3056475977-1001 => C:\Program Files\Microsoft OneDrive\OneDriveStandaloneUpdater.exe [4206096 2024-03-26] (Microsoft Corporation -> Microsoft Corporation)
(If an entry is included in the fixlist, the task (.job) file will be moved. The file which is running by the task will not be moved.)
Task: C:\Windows\Tasks\CCleanerCrashReporting.job => C:\Program Files\CCleaner\CCleanerBugReport.exe
==================== Internet (Whitelisted) ====================
(If an item is included in the fixlist, if it is a registry item it will be removed or restored to default.)
Tcpip\Parameters: [DhcpNameServer] 192.168.1.1
Tcpip\..\Interfaces\{35a168d9-1984-429c-9a8a-e56395f3eb51}: [DhcpNameServer] 192.168.1.1
Tcpip\..\Interfaces\{de550de4-89a9-46b5-bdc1-069d2be646cf}: [DhcpNameServer] 192.168.1.1
Edge:
=======
Edge DefaultProfile: Default
Edge Profile: C:\Users\petrs\AppData\Local\Microsoft\Edge\User Data\Default [2024-03-27]
Edge HomePage: Default -> hxxp://www.seznam.cz/
Edge StartupUrls: Default -> "hxxp://www.seznam.cz/"
Edge Extension: (Dokumenty Google offline) - C:\Users\petrs\AppData\Local\Microsoft\Edge\User Data\Default\Extensions\ghbmnnjooekpmoecnnnilnnbdlolhkhi [2024-03-08]
Edge Extension: (Popup Blocker (strict)) - C:\Users\petrs\AppData\Local\Microsoft\Edge\User Data\Default\Extensions\ijhfkkgjgpcplfeajghagkcebakjcpge [2024-03-10]
Edge Extension: (Sticky Password - správce hesel) - C:\Users\petrs\AppData\Local\Microsoft\Edge\User Data\Default\Extensions\jbipmfkjgjhibkepepeneigpkfeikikp [2024-02-28]
Edge Extension: (Edge relevant text changes) - C:\Users\petrs\AppData\Local\Microsoft\Edge\User Data\Default\Extensions\jmjflgjpcpepeafmmgdpfkogkghcpiha [2024-01-24]
Edge Extension: (ESET Browser Privacy & Security) - C:\Users\petrs\AppData\Local\Microsoft\Edge\User Data\Default\Extensions\nkapkmklnmidbbgjaipbgpcnbomnaakc [2024-03-27]
Edge Extension: (Hlídač Shopů) - C:\Users\petrs\AppData\Local\Microsoft\Edge\User Data\Default\Extensions\plmlonggbfebcjelncogcnclagkmkikk [2023-11-17]
Edge HKLM-x32\...\Edge\Extension: [nkapkmklnmidbbgjaipbgpcnbomnaakc]
FireFox:
========
FF DefaultProfile: gdl9l20v.default
FF ProfilePath: C:\Users\petrs\AppData\Roaming\Mozilla\Firefox\Profiles\gdl9l20v.default [2023-05-04]
FF ProfilePath: C:\Users\petrs\AppData\Roaming\Mozilla\Firefox\Profiles\7wzm0yq2.default-release [2024-03-27]
FF Extension: (Sticky Password - správce hesel) - C:\Users\petrs\AppData\Roaming\Mozilla\Firefox\Profiles\7wzm0yq2.default-release\Extensions\{ecb80162-dfbd-4d91-a8da-17b35ba4707a}.xpi [2023-05-04]
FF Plugin: @java.com/DTPlugin,version=11.371.2 -> C:\Program Files\Java\jre-1.8\bin\dtplugin\npDeployJava1.dll [2023-03-17] (Oracle America, Inc. -> Oracle Corporation)
FF Plugin: @java.com/JavaPlugin,version=11.371.2 -> C:\Program Files\Java\jre-1.8\bin\plugin2\npjp2.dll [2023-03-17] (Oracle America, Inc. -> Oracle Corporation)
FF Plugin: @microsoft.com/SharePoint,version=14.0 -> C:\Program Files\Microsoft Office\root\Office16\NPSPWRAP.DLL [2024-01-31] (Microsoft Corporation -> Microsoft Corporation)
FF Plugin: @videolan.org/vlc,version=3.0.18 -> C:\Program Files\VideoLAN\VLC\npvlc.dll [2022-11-08] (VideoLAN -> VideoLAN)
FF Plugin: Adobe Acrobat -> C:\Program Files\Adobe\Acrobat DC\Acrobat\Air\nppdf32.dll [2024-03-18] (Adobe Inc. -> Adobe Systems Inc.)
FF Plugin-x32: @microsoft.com/SharePoint,version=14.0 -> C:\Program Files\Microsoft Office\root\VFS\ProgramFilesX86\Microsoft Office\Office16\NPSPWRAP.DLL [2024-01-31] (Microsoft Corporation -> Microsoft Corporation)
FF ExtraCheck: C:\Program Files\mozilla firefox\defaults\pref\eset_security_config_overlay.js [2024-03-27]
==================== Services (Whitelisted) ===================
(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)
R2 AdobeARMservice; C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\armsvc.exe [172992 2024-01-31] (Adobe Inc. -> Adobe Inc.)
R2 ClickToRunSvc; C:\Program Files\Common Files\Microsoft Shared\ClickToRun\OfficeClickToRun.exe [14097992 2024-03-07] (Microsoft Corporation -> Microsoft Corporation)
R3 Disc Soft Lite Bus Service; C:\Program Files\DAEMON Tools Lite\DiscSoftBusServiceLite.exe [4973904 2023-10-11] (AVB Disc Soft, SIA -> Disc Soft FZE LLC)
S3 EasyAntiCheat; C:\Program Files (x86)\EasyAntiCheat\EasyAntiCheat.exe [1136552 2023-08-22] (EasyAntiCheat Oy -> Epic Games, Inc)
S3 EasyAntiCheat_EOS; C:\Program Files (x86)\EasyAntiCheat_EOS\EasyAntiCheat_EOS.exe [943528 2023-11-26] (EasyAntiCheat Oy -> Epic Games, Inc.)
R2 efwd; C:\Program Files\ESET\ESET Security\efwd.exe [5584248 2024-03-25] (ESET, spol. s r.o. -> ESET)
R2 ekrn; C:\Program Files\ESET\ESET Security\ekrn.exe [3903416 2024-03-25] (ESET, spol. s r.o. -> ESET)
R3 ekrnEpfw; C:\Program Files\ESET\ESET Security\ekrn.exe [3903416 2024-03-25] (ESET, spol. s r.o. -> ESET)
S3 EpicOnlineServices; C:\Program Files (x86)\Epic Games\Epic Online Services\service\EpicOnlineServicesHost.exe [375248 2023-12-26] (Epic Games Inc. -> Epic Games, Inc.)
S3 FileSyncHelper; C:\Program Files\Microsoft OneDrive\24.050.0310.0001\FileSyncHelper.exe [3511312 2024-03-26] (Microsoft Corporation -> Microsoft Corporation)
S3 GalaxyClientService; E:\Hry\GOG Galaxy\GalaxyClientService.exe [2348000 2023-04-13] (GOG sp. z o.o -> GOG.com)
S3 GalaxyCommunication; C:\ProgramData\GOG.com\Galaxy\redists\GalaxyCommunication.exe [7178720 2023-04-13] (GOG sp. z o.o -> GOG.com)
R2 HPPrintScanDoctorService; C:\Program Files\HPPrintScanDoctor\HPPrintScanDoctorService.exe [234968 2024-03-08] (HP Inc. -> HP Inc.)
R2 NahimicService; C:\Windows\system32\NahimicService.exe [1909416 2024-01-01] (A-Volute SAS -> Nahimic)
S3 OneDrive Updater Service; C:\Program Files\Microsoft OneDrive\24.050.0310.0001\OneDriveUpdaterService.exe [3851296 2024-03-26] (Microsoft Corporation -> Microsoft Corporation)
R2 OptionsPlusUpdaterService; C:\Program Files\LogiOptionsPlus\logioptionsplus_updater.exe [18545408 2024-03-06] (Logitech Inc -> Logitech, Inc.)
S3 WdNisSvc; C:\ProgramData\Microsoft\Windows Defender\Platform\4.18.24020.7-0\NisSrv.exe [3191272 2024-03-12] (Microsoft Windows Publisher -> Microsoft Corporation)
S3 WinDefend; C:\ProgramData\Microsoft\Windows Defender\Platform\4.18.24020.7-0\MsMpEng.exe [133688 2024-03-12] (Microsoft Windows Publisher -> Microsoft Corporation)
R2 NVDisplay.ContainerLocalSystem; C:\Windows\System32\DriverStore\FileRepository\nvmdi.inf_amd64_04ffae6d80cb7adc\Display.NvContainer\NVDisplay.Container.exe -s NVDisplay.ContainerLocalSystem -f %ProgramData%\NVIDIA\NVDisplay.ContainerLocalSystem.log -l 3 -d C:\Windows\System32\DriverStore\FileRepository\nvmdi.inf_amd64_04ffae6d80cb7adc\Display.NvContainer\plugins\LocalSystem -r -p 30000 -cfg NVDisplay.ContainerLocalSystem\LocalSystem
===================== Drivers (Whitelisted) ===================
(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)
S3 dg_ssudbus; C:\Windows\system32\DRIVERS\ssudbus2.sys [167440 2022-09-30] (Samsung Electronics CO., LTD. -> Samsung Electronics Co., Ltd.)
R3 dtlitescsibus; C:\Windows\System32\drivers\dtlitescsibus.sys [42256 2023-10-11] (AVB Disc Soft, SIA -> Disc Soft Ltd)
R3 dtliteusbbus; C:\Windows\System32\drivers\dtliteusbbus.sys [63696 2023-10-11] (AVB Disc Soft, SIA -> Disc Soft Ltd)
R1 eamonm; C:\Windows\System32\DRIVERS\eamonm.sys [218432 2024-03-25] (ESET, spol. s r.o. -> ESET)
R0 edevmon; C:\Windows\System32\DRIVERS\edevmon.sys [121304 2024-03-25] (ESET, spol. s r.o. -> ESET)
S0 eelam; C:\Windows\System32\DRIVERS\eelam.sys [16336 2024-03-21] (Microsoft Windows Early Launch Anti-malware Publisher -> ESET)
R1 ehdrv; C:\Windows\system32\DRIVERS\ehdrv.sys [259752 2024-03-25] (ESET, spol. s r.o. -> ESET)
S2 ekbdflt; C:\Windows\system32\DRIVERS\ekbdflt.sys [57832 2024-03-25] (ESET, spol. s r.o. -> ESET)
R1 epfw; C:\Windows\system32\DRIVERS\epfw.sys [84120 2024-03-25] (ESET, spol. s r.o. -> ESET)
R1 epfwwfp; C:\Windows\system32\DRIVERS\epfwwfp.sys [125952 2024-03-25] (ESET, spol. s r.o. -> ESET)
R3 Nahimic_Mirroring; C:\Windows\System32\drivers\Nahimic_Mirroring.sys [86224 2022-08-19] (A-Volute SAS -> Windows (R) Win 7 DDK provider)
R3 NvModuleTracker; C:\Windows\System32\DriverStore\FileRepository\nvmoduletracker.inf_amd64_0c1cc60a4b422185\NvModuleTracker.sys [45656 2022-07-14] (Nvidia Corporation -> NVIDIA Corporation)
S3 ssudmdm; C:\Windows\system32\DRIVERS\ssudmdm.sys [174112 2022-09-30] (Samsung Electronics CO., LTD. -> Samsung Electronics Co., Ltd.)
R3 WdBoot; C:\Windows\system32\drivers\wd\WdBoot.sys [20928 2024-03-12] (Microsoft Windows Early Launch Anti-malware Publisher -> Microsoft Corporation)
U5 WdDevFlt; C:\Windows\System32\Drivers\WdDevFlt.sys [169232 2022-05-07] (Microsoft Windows -> Microsoft Corporation)
S3 WdFilter; C:\Windows\system32\drivers\wd\WdFilter.sys [603416 2024-03-12] (Microsoft Windows -> Microsoft Corporation)
S3 WdNisDrv; C:\Windows\System32\drivers\wd\WdNisDrv.sys [105752 2024-03-12] (Microsoft Windows -> Microsoft Corporation)
==================== NetSvcs (Whitelisted) ===================
(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)
==================== One month (created) (Whitelisted) =========
(If an entry is included in the fixlist, the file/folder will be moved.)
2024-03-27 15:44 - 2024-03-27 15:44 - 000023935 _____ C:\Users\petrs\Desktop\FRST.txt
2024-03-27 15:43 - 2024-03-27 15:44 - 000000000 ____D C:\FRST
2024-03-27 15:42 - 2024-03-27 15:43 - 002391552 _____ (Farbar) C:\Users\petrs\Desktop\FRST64.exe
2024-03-27 15:09 - 2024-03-27 15:09 - 000002016 _____ C:\Users\Public\Desktop\ESET Zabezpečené bankovnictví a prohlížení webu.lnk
2024-03-27 15:07 - 2024-03-27 15:07 - 000000000 ____D C:\Users\petrs\AppData\Local\ESET
2024-03-27 15:06 - 2024-03-27 15:06 - 000000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\ESET
2024-03-27 15:06 - 2024-03-27 15:06 - 000000000 ____D C:\ProgramData\ESET
2024-03-27 15:06 - 2024-03-27 15:06 - 000000000 ____D C:\Program Files\ESET
2024-03-27 11:01 - 2024-03-27 11:01 - 000000000 ___HD C:\OneDriveTemp
2024-03-25 19:28 - 2024-03-25 19:30 - 1455116713 _____ C:\Users\petrs\Downloads\[Erai-raws] Ore dake Level Up na Ken - 11 [1080p][Multiple Subtitle][9A1B5F9A].mkv
2024-03-25 19:28 - 2024-03-25 19:29 - 1443718225 _____ C:\Users\petrs\Downloads\[SubsPlease] Nozomanu Fushi no Boukensha - 12 (1080p) [8E8A3480].mkv
2024-03-25 19:28 - 2024-03-25 19:28 - 000031910 _____ C:\Users\petrs\Downloads\[SubsPlease] Nozomanu Fushi no Boukensha - 12 (720p) [732D5AD4].ass
2024-03-25 19:27 - 2024-03-25 19:27 - 000022908 _____ C:\Users\petrs\Downloads\[Erai-raws] Ore dake Level Up na Ken - 11 [720p][Multiple Subtitle][5BF36326].ass
2024-03-25 18:17 - 2024-03-25 18:17 - 000725758 _____ C:\Windows\system32\perfh005.dat
2024-03-25 18:17 - 2024-03-25 18:17 - 000151026 _____ C:\Windows\system32\perfc005.dat
2024-03-25 13:27 - 2024-03-25 13:27 - 000259752 _____ (ESET) C:\Windows\system32\Drivers\ehdrv.sys
2024-03-25 13:27 - 2024-03-25 13:27 - 000218432 _____ (ESET) C:\Windows\system32\Drivers\eamonm.sys
2024-03-25 13:27 - 2024-03-25 13:27 - 000125952 _____ (ESET) C:\Windows\system32\Drivers\epfwwfp.sys
2024-03-25 13:27 - 2024-03-25 13:27 - 000121304 _____ (ESET) C:\Windows\system32\Drivers\edevmon.sys
2024-03-25 13:27 - 2024-03-25 13:27 - 000084120 _____ (ESET) C:\Windows\system32\Drivers\epfw.sys
2024-03-25 13:27 - 2024-03-25 13:27 - 000057832 _____ (ESET) C:\Windows\system32\Drivers\ekbdflt.sys
2024-03-17 23:25 - 2024-03-17 23:29 - 1634514431 _____ C:\Users\petrs\Downloads\[SubsPlease] Shangri-La Frontier - 19 (1080p) [7F0307E9].mkv
2024-03-17 23:25 - 2024-03-17 23:29 - 1543821013 _____ C:\Users\petrs\Downloads\[SubsPlease] Shangri-La Frontier - 22 (1080p) [841BED2C].mkv
2024-03-17 23:25 - 2024-03-17 23:29 - 1537764566 _____ C:\Users\petrs\Downloads\[SubsPlease] Shangri-La Frontier - 20 (1080p) [AF8AE360].mkv
2024-03-17 23:25 - 2024-03-17 23:27 - 1441065815 _____ C:\Users\petrs\Downloads\[SubsPlease] Shangri-La Frontier - 23 (1080p) [ECD81383].mkv
2024-03-17 23:25 - 2024-03-17 23:27 - 1439089554 _____ C:\Users\petrs\Downloads\[SubsPlease] Shangri-La Frontier - 21 (1080p) [4EA64D0E].mkv
2024-03-17 23:25 - 2024-03-17 23:25 - 000041949 _____ C:\Users\petrs\Downloads\[subsplease] Shangri-La Frontier_ Kusoge Hunter, Kamige ni Idoman to su - 21 [BRZK].ass
2024-03-17 23:25 - 2024-03-17 23:25 - 000038818 _____ C:\Users\petrs\Downloads\[subsplease] Shangri-La Frontier_ Kusoge Hunter, Kamige ni Idoman to su - 20 [BRZK].ass
2024-03-17 23:25 - 2024-03-17 23:25 - 000038361 _____ C:\Users\petrs\Downloads\[Subsplease] Shangri-La Frontier_ Kusoge Hunter, Kamige ni Idoman to su - 22 [BRZK].ass
2024-03-17 23:24 - 2024-03-17 23:24 - 000043781 _____ C:\Users\petrs\Downloads\[subsplease] Shangri-La Frontier_ Kusoge Hunter, Kamige ni Idoman to su - 19 [BRZK].ass
2024-03-17 12:19 - 2024-03-17 12:21 - 1472280553 _____ C:\Users\petrs\Downloads\[Erai-raws] Ore dake Level Up na Ken - 10 [1080p][Multiple Subtitle][A9FB951C].mkv
2024-03-17 12:19 - 2024-03-17 12:21 - 1446510149 _____ C:\Users\petrs\Downloads\[SubsPlease] Nozomanu Fushi no Boukensha - 11 (1080p) [5EB1F3AB].mkv
2024-03-17 12:19 - 2024-03-17 12:19 - 000032894 _____ C:\Users\petrs\Downloads\[Erai-raws] Ore dake Level Up na Ken - 10 [720p][Multiple Subtitle][C628981E].ass
2024-03-17 12:18 - 2024-03-17 12:18 - 000032480 _____ C:\Users\petrs\Downloads\[SubsPlease] Nozomanu Fushi no Boukensha - 11 (720p) [9DC5A493].ass
2024-03-13 10:18 - 2024-03-13 10:18 - 000020023 _____ C:\Windows\SysWOW64\IntegratedServicesRegionPolicySet.json
2024-03-13 10:18 - 2024-03-13 10:18 - 000020023 _____ C:\Windows\system32\IntegratedServicesRegionPolicySet.json
2024-03-13 10:15 - 2024-03-13 10:16 - 000000000 ___HD C:\$WinREAgent
2024-03-10 08:54 - 2024-03-10 08:56 - 1473031609 _____ C:\Users\petrs\Downloads\[Erai-raws] Ore dake Level Up na Ken - 09 [1080p][Multiple Subtitle][2948F80F].mkv
2024-03-10 08:54 - 2024-03-10 08:54 - 000034556 _____ C:\Users\petrs\Downloads\[Erai-raws] Ore dake Level Up na Ken - 09 [720p][Multiple Subtitle][1B63B228].ass
2024-03-09 14:36 - 2024-03-09 14:38 - 1446313464 _____ C:\Users\petrs\Downloads\[SubsPlease] Nozomanu Fushi no Boukensha - 10v2 (1080p) [E2851279].mkv
2024-03-09 14:36 - 2024-03-09 14:36 - 000034901 _____ C:\Users\petrs\Downloads\[SubsPlease] Nozomanu Fushi no Boukensha - 10v2 (720p) [1A67B818].ass
2024-03-07 13:02 - 2024-03-07 13:02 - 001059500 _____ C:\Users\petrs\Downloads\Faktura_objednávka ES01651_dobropis.pdf
2024-03-07 12:39 - 2024-03-07 12:42 - 000239316 _____ C:\Users\petrs\Downloads\Formulář pro odstoupení od kupní smlouvy.pdf
2024-03-07 09:30 - 2024-03-07 09:30 - 000000000 ____D C:\Program Files\Common Files\DESIGNER
2024-03-07 09:23 - 2024-03-07 09:23 - 000000859 _____ C:\Users\Public\Desktop\Logi Options+.lnk
2024-03-07 09:23 - 2024-03-07 09:23 - 000000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Logi
2024-03-07 09:23 - 2024-03-07 09:23 - 000000000 ____D C:\Program Files\LogiOptionsPlus
2024-03-03 10:09 - 2024-03-03 10:11 - 1473157029 _____ C:\Users\petrs\Downloads\[Erai-raws] Ore dake Level Up na Ken - 08 [1080p][Multiple Subtitle][58CC8C8A].mkv
2024-03-03 10:09 - 2024-03-03 10:09 - 000031871 _____ C:\Users\petrs\Downloads\[Erai-raws] Ore dake Level Up na Ken - 08 [720p][Multiple Subtitle][C7393F9D].ass
2024-03-02 17:32 - 2024-03-02 17:34 - 001221812 ____H C:\Users\petrs\Downloads\.52ea00a70119d22fae99c0401353f27ed9fcf95b.parts
2024-03-02 17:32 - 2024-03-02 17:32 - 000000000 ____D C:\Users\petrs\Downloads\Hello World and Another World (2019) [1080p]
2024-03-02 17:29 - 2024-03-02 17:30 - 1445409432 _____ C:\Users\petrs\Downloads\[SubsPlease] Nozomanu Fushi no Boukensha - 09 (1080p) [8579C6AE].mkv
2024-03-02 17:29 - 2024-03-02 17:29 - 000086728 _____ C:\Users\petrs\Downloads\[EMBER _ AnimeKayo] Hello World - 01 [WOSUBS].ass
2024-03-02 17:28 - 2024-03-02 17:28 - 000034164 _____ C:\Users\petrs\Downloads\[SubsPlease] Nozomanu Fushi no Boukensha - 09 (720p) [97AD02E8].ass
==================== One month (modified) ==================
(If an entry is included in the fixlist, the file/folder will be moved.)
2024-03-27 15:33 - 2022-05-07 06:24 - 000000000 ____D C:\Windows\AppReadiness
2024-03-27 15:10 - 2023-04-14 20:06 - 000000000 ____D C:\Users\petrs\AppData\Local\Packages
2024-03-27 15:10 - 2023-04-14 19:25 - 000000000 ____D C:\ProgramData\Packages
2024-03-27 15:10 - 2022-05-07 06:24 - 000000000 ___HD C:\Program Files\WindowsApps
2024-03-27 15:08 - 2022-05-07 06:24 - 000000000 ____D C:\ProgramData\regid.1991-06.com.microsoft
2024-03-27 15:07 - 2023-04-14 20:06 - 000000000 ____D C:\Users\petrs\AppData\Local\D3DSCache
2024-03-27 15:07 - 2022-05-07 06:24 - 000000000 ____D C:\Windows\SystemTemp
2024-03-27 15:07 - 2022-05-07 06:22 - 000000000 ____D C:\Windows\INF
2024-03-27 15:06 - 2022-05-07 06:24 - 000000000 ___HD C:\Windows\ELAMBKUP
2024-03-27 15:05 - 2023-10-21 19:18 - 000000000 ____D C:\Windows\Minidump
2024-03-27 15:05 - 2023-07-10 20:28 - 000000000 ____D C:\Users\petrs\AppData\Roaming\discord
2024-03-27 15:04 - 2023-10-19 19:56 - 000000000 ____D C:\Program Files\CCleaner
2024-03-27 14:55 - 2023-04-22 08:54 - 000000000 ____D C:\Users\petrs\Documents\Sticky Passwords
2024-03-27 13:21 - 2023-04-22 08:29 - 000000000 ____D C:\Users\petrs\AppData\Local\LogiOptionsPlus
2024-03-27 12:26 - 2023-04-14 19:29 - 000000000 ____D C:\ProgramData\NVIDIA
2024-03-27 12:26 - 2023-04-14 19:23 - 000000000 ____D C:\Windows\system32\SleepStudy
2024-03-27 11:01 - 2023-04-14 20:08 - 000000000 ___RD C:\Users\petrs\OneDrive
2024-03-26 08:16 - 2023-04-27 20:05 - 000000000 ____D C:\Users\petrs\AppData\Roaming\vlc
2024-03-26 08:15 - 2023-04-23 10:06 - 000000000 ____D C:\Program Files\Microsoft OneDrive
2024-03-26 08:15 - 2023-04-22 09:31 - 000003194 _____ C:\Windows\system32\Tasks\OneDrive Per-Machine Standalone Update Task
2024-03-26 08:15 - 2023-04-22 09:31 - 000002130 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Programs\OneDrive.lnk
2024-03-26 08:15 - 2023-04-14 20:08 - 000003592 _____ C:\Windows\system32\Tasks\OneDrive Reporting Task-S-1-5-21-2785552240-912787919-3056475977-1001
2024-03-25 22:16 - 2023-04-27 19:43 - 000000000 ____D C:\Users\petrs\AppData\Roaming\qBittorrent
2024-03-25 21:18 - 2023-04-14 19:24 - 000003640 _____ C:\Windows\system32\Tasks\MicrosoftEdgeUpdateTaskMachineUA
2024-03-25 21:18 - 2023-04-14 19:24 - 000003516 _____ C:\Windows\system32\Tasks\MicrosoftEdgeUpdateTaskMachineCore
2024-03-25 21:17 - 2023-04-22 09:35 - 000000000 ____D C:\Users\petrs\AppData\Roaming\Microsoft\Word
2024-03-25 20:44 - 2023-10-25 15:13 - 000000000 ____D C:\Users\petrs\AppData\Roaming\Microsoft\Excel
2024-03-25 18:17 - 2023-04-14 19:38 - 001718036 _____ C:\Windows\system32\PerfStringBackup.INI
2024-03-25 18:10 - 2023-04-14 19:25 - 000001607 _____ C:\Windows\system32\config\VSMIDK
2024-03-25 18:10 - 2023-04-14 19:23 - 000012288 ___SH C:\DumpStack.log.tmp
2024-03-25 18:10 - 2023-04-14 19:23 - 000000006 ____H C:\Windows\Tasks\SA.DAT
2024-03-25 18:10 - 2022-05-07 06:24 - 000000000 ____D C:\Windows\ServiceState
2024-03-21 12:45 - 2023-07-10 20:28 - 000000000 ____D C:\Users\petrs\AppData\Local\Discord
2024-03-20 20:24 - 2023-06-24 20:00 - 000004562 _____ C:\Windows\system32\Tasks\Adobe Acrobat Update Task
2024-03-20 20:24 - 2023-06-24 19:59 - 000002073 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Adobe Acrobat.lnk
2024-03-20 20:24 - 2023-06-24 19:59 - 000002061 _____ C:\Users\Public\Desktop\Adobe Acrobat.lnk
2024-03-19 19:28 - 2023-07-10 20:28 - 000002227 _____ C:\Users\petrs\Desktop\Discord.lnk
2024-03-19 14:34 - 2023-04-22 09:28 - 000000000 ____D C:\Program Files\Microsoft Office
2024-03-18 01:09 - 2023-04-14 20:01 - 000000000 ____D C:\Users\petrs
2024-03-17 19:15 - 2023-06-24 20:15 - 000000000 ____D C:\Users\petrs\AppData\Roaming\com.adobe.dunamis
2024-03-17 11:23 - 2024-02-16 15:23 - 000263680 _____ (Microsoft Corporation) C:\Windows\system32\gamingservicesproxy_4.dll
2024-03-17 11:23 - 2023-05-06 20:20 - 002709096 _____ (Microsoft Corporation) C:\Windows\system32\xgameruntime.dll
2024-03-17 11:23 - 2023-05-06 20:20 - 000706152 _____ (Microsoft Corporation) C:\Windows\system32\gameplatformservices.dll
2024-03-17 11:23 - 2023-05-06 20:20 - 000218728 _____ (Microsoft Corporation) C:\Windows\system32\gameconfighelper.dll
2024-03-17 11:23 - 2023-05-06 20:20 - 000206440 _____ (Microsoft Corporation) C:\Windows\system32\gamelaunchhelper.dll
2024-03-17 11:23 - 2023-05-06 20:20 - 000145000 _____ (Microsoft Corporation) C:\Windows\system32\gamingtcuihelpers.dll
2024-03-17 11:23 - 2023-05-06 20:20 - 000108136 _____ (Microsoft Corporation) C:\Windows\system32\xgamehelper.exe
2024-03-17 11:23 - 2023-05-06 20:20 - 000075368 _____ (Microsoft Corporation) C:\Windows\system32\xgamecontrol.exe
2024-03-17 11:21 - 2023-04-14 19:24 - 000002436 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Microsoft Edge.lnk
2024-03-17 11:21 - 2023-04-14 19:24 - 000002274 _____ C:\Users\Public\Desktop\Microsoft Edge.lnk
2024-03-13 14:48 - 2022-05-07 06:24 - 000000000 ____D C:\ProgramData\USOPrivate
2024-03-13 14:33 - 2023-04-14 19:23 - 000350632 _____ C:\Windows\system32\FNTCACHE.DAT
2024-03-13 14:32 - 2024-02-01 16:15 - 000000000 ____D C:\Windows\en-GB
2024-03-13 14:32 - 2023-10-11 20:58 - 000000000 ____D C:\Windows\system32\Microsoft-Edge-WebView
2024-03-13 14:32 - 2022-05-07 06:24 - 000000000 ___RD C:\Windows\ImmersiveControlPanel
2024-03-13 14:32 - 2022-05-07 06:24 - 000000000 ____D C:\Windows\SysWOW64\Dism
2024-03-13 14:32 - 2022-05-07 06:24 - 000000000 ____D C:\Windows\SystemResources
2024-03-13 14:32 - 2022-05-07 06:24 - 000000000 ____D C:\Windows\system32\oobe
2024-03-13 14:32 - 2022-05-07 06:24 - 000000000 ____D C:\Windows\system32\appraiser
2024-03-13 14:32 - 2022-05-07 06:24 - 000000000 ____D C:\Windows\ShellExperiences
2024-03-13 14:32 - 2022-05-07 06:24 - 000000000 ____D C:\Windows\ShellComponents
2024-03-13 14:32 - 2022-05-07 06:24 - 000000000 ____D C:\Windows\bcastdvr
2024-03-13 14:32 - 2022-05-07 06:17 - 000524288 _____ C:\Windows\system32\config\BBI
2024-03-13 14:32 - 2022-05-07 06:17 - 000000000 ____D C:\Windows\servicing
2024-03-13 11:22 - 2023-05-10 15:32 - 000000000 ____D C:\Windows\system32\MRT
2024-03-13 11:21 - 2023-04-22 11:07 - 190470136 ____C (Microsoft Corporation) C:\Windows\system32\MRT.exe
2024-03-13 10:20 - 2022-05-07 06:17 - 000000000 ____D C:\Windows\CbsTemp
2024-03-13 10:18 - 2023-04-14 19:25 - 003213824 _____ (Microsoft Corporation) C:\Windows\SysWOW64\PrintConfig.dll
2024-03-12 23:46 - 2023-04-14 19:23 - 000000000 ____D C:\Windows\system32\Drivers\wd
2024-03-08 13:36 - 2023-04-24 13:08 - 000000000 ____D C:\Windows\system32\Tasks\HP
2024-03-08 13:36 - 2023-04-24 13:08 - 000000000 ____D C:\Program Files\HPPrintScanDoctor
==================== SigCheck ============================
(There is no automatic fix for files that do not pass verification.)
==================== End of FRST.txt ========================
Additional scan result of Farbar Recovery Scan Tool (x64) Version: 25.03.2024
Ran by petrs (27-03-2024 15:45:29)
Running from C:\Users\petrs\Desktop
Microsoft Windows 11 Home Version 23H2 22631.3296 (X64) (2023-04-14 18:25:38)
Boot Mode: Normal
==========================================================
==================== Accounts: =============================
(If an entry is included in the fixlist, it will be removed.)
Administrator (S-1-5-21-2785552240-912787919-3056475977-500 - Administrator - Disabled)
DefaultAccount (S-1-5-21-2785552240-912787919-3056475977-503 - Limited - Disabled)
Guest (S-1-5-21-2785552240-912787919-3056475977-501 - Limited - Disabled)
petrs (S-1-5-21-2785552240-912787919-3056475977-1001 - Administrator - Enabled) => C:\Users\petrs
WDAGUtilityAccount (S-1-5-21-2785552240-912787919-3056475977-504 - Limited - Disabled)
==================== Security Center ========================
(If an entry is included in the fixlist, it will be removed.)
AV: Windows Defender (Disabled - Up to date) {D68DDC3A-831F-4fae-9E44-DA132C1ACF46}
AV: ESET Security (Enabled - Up to date) {26E0861C-6FB9-CEF9-E4F0-531986211ACE}
FW: ESET Firewall (Enabled) {1EDB0739-25D6-CFA1-CFAF-FA2C78F25DB5}
==================== Installed Programs ======================
(Only the adware programs with "Hidden" flag could be added to the fixlist to unhide them. The adware programs should be uninstalled manually.)
Adobe Acrobat (64-bit) (HKLM\...\{AC76BA86-1029-1033-7760-BC15014EA700}) (Version: 24.001.20615 - Adobe)
Adobe Refresh Manager (HKLM-x32\...\{AC76BA86-0804-1033-1959-018244601067}) (Version: 1.8.0 - Adobe Systems Incorporated) Hidden
Aegisub 3.2.2 (HKLM\...\{24BC8B57-716C-444F-B46B-A3349B9164C5}_is1) (Version: 3.2.2 - Aegisub Team)
AMD GPIO2 Driver (HKLM-x32\...\{E9DD399F-21A3-479E-A7DF-D6CF4B2ADBF3}) (Version: 2.2.0.130 - Advanced Micro Devices, Inc.) Hidden
AMD Chipset Software (HKLM-x32\...\AMD_Chipset_IODrivers) (Version: 5.01.29.2026 - Advanced Micro Devices, Inc.)
AMD PCI Driver (HKLM-x32\...\{80EC3CEE-2940-42A1-A776-B5D810D39F1E}) (Version: 1.0.0.90 - Advanced Micro Devices, Inc.) Hidden
AMD Ryzen Balanced Driver (HKLM-x32\...\{A171D320-C42C-4F3B-A2D8-C6A09F6788CC}) (Version: 8.0.0.13 - Advanced Micro Devices, Inc.) Hidden
AMD SBxxx SMBus Driver (HKLM-x32\...\{AAE0E27D-C88A-49BA-8715-77ADCD4286A3}) (Version: 5.12.0.38 - Advanced Micro Devices, Inc.) Hidden
AMD_Chipset_Drivers (HKLM-x32\...\{8de7ed70-e784-45ea-951c-088ea579e49a}) (Version: 5.01.29.2026 - Advanced Micro Devices, Inc.) Hidden
ANT Drivers Installer x64 (HKLM\...\{2D6E4C69-7E20-4EF0-938E-9C4887D6C8BB}) (Version: 2.3.4 - Garmin Ltd or its subsidiaries) Hidden
Balíček ovladače systému Windows - Dynastream Innovations, Inc. ANT LibUSB Drivers (04/11/2012 1.2.40.201) (HKLM\...\F9D2A789F9CFF8CEC36B544F53877C80F1F73C46) (Version: 04/11/2012 1.2.40.201 - Dynastream Innovations, Inc.)
Balíček ovladače systému Windows - Garmin (grmnusb) GARMIN Devices (04/19/2012 2.3.1.0) (HKLM\...\98157A226B40B173301B0F53C8E98C47805D5152) (Version: 04/19/2012 2.3.1.0 - Garmin)
Balíček ovladače systému Windows - Silicon Labs Software (DSI_SiUSBXp_3_1) USB (02/06/2007 3.1) (HKLM\...\D1506E0025B5A3F9EB8270FE81C1EEDD9388B8A2) (Version: 02/06/2007 3.1 - Silicon Labs Software)
CCleaner (HKLM\...\CCleaner) (Version: 6.17 - Piriform)
DAEMON Tools Lite (HKLM\...\DAEMON Tools Lite) (Version: 11.2.0.2105 - Disc Soft Ltd)
Discord (HKU\S-1-5-21-2785552240-912787919-3056475977-1001\...\Discord) (Version: 1.0.9013 - Discord Inc.)
Documentation Manager (HKLM\...\{30EDBBE7-D455-4B19-B6EC-EF0F4934ABFE}) (Version: 22.180.0.4 - Intel Corporation) Hidden
Elevated Installer (HKLM-x32\...\{A154BCFF-4EEF-4136-AAD0-98FB2FC765B5}) (Version: 7.18.1.0 - Garmin Ltd or its subsidiaries) Hidden
Epic Games Launcher (HKLM-x32\...\{C027033D-F5BC-4556-B302-84E6EC6BD4D4}) (Version: 1.3.67.0 - Epic Games, Inc.)
Epic Online Services (HKLM-x32\...\{4757C19B-4CE3-418C-91D2-E15E938091FB}) (Version: 2.0.39.0 - Epic Games, Inc.)
ESET Security (HKLM\...\{46FD9D9F-B21B-4A16-A0EE-29054278C714}) (Version: 17.1.9.0 - ESET, spol. s r.o.)
Fallout 4 v.1.10.163.0.1 (HKLM-x32\...\Fallout 4_is1) (Version: - )
Garmin Express (HKLM-x32\...\{0029982a-8785-49de-8510-2f4cc7385907}) (Version: 7.18.1.0 - Garmin Ltd or its subsidiaries)
Garmin Express (HKLM-x32\...\{E4FDC1CC-D41D-4ABE-B0A9-D63A375BD45B}) (Version: 7.18.1.0 - Garmin Ltd or its subsidiaries) Hidden
GOG GALAXY (HKLM-x32\...\{7258BA11-600C-430E-A759-27E2C691A335}_is1) (Version: 2.0.62.26 - GOG.com)
Intel(R) Network Connections 26.2.0.1 (HKLM\...\{AC44C09E-6D45-4F0F-8749-C3DF69A55FDE}) (Version: 26.2.0.1 - Intel) Hidden
Intel(R) Network Connections 26.2.0.1 (HKLM\...\PROSetDX) (Version: 26.2.0.1 - Intel)
Intel(R) Wireless Bluetooth(R) (HKLM-x32\...\{00000180-0220-1029-84C8-B8D95FA3C8C3}) (Version: 22.180.0.2 - Intel Corporation)
Intel® Software Installer (HKLM-x32\...\{6c1d0e1a-8811-4048-902c-f970d54b83f4}) (Version: 22.180.0.4 - Intel Corporation) Hidden
Java 8 Update 371 (64-bit) (HKLM\...\{71124AE4-039E-4CA4-87B4-2F64180371F0}) (Version: 8.0.3710.11 - Oracle Corporation)
Launcher Prerequisites (x64) (HKLM-x32\...\{43a03b9c-4770-409c-a999-587b60700b63}) (Version: 1.0.0.0 - Epic Games, Inc.) Hidden
Logi Options+ (HKLM\...\{850cdc16-85df-4052-b06e-4e3e9e83c5c6}) (Version: 1.66.531337 - Logitech)
Medieval Dynasty (HKLM-x32\...\1224667888_is1) (Version: 1.5.2.2 - GOG.com)
Metro Exodus - Sam's Story (HKLM-x32\...\1414471894_is1) (Version: 3.0.7.24 - GOG.com)
Metro Exodus - The Two Colonels (HKLM-x32\...\2063590233_is1) (Version: 3.0.7.24 - GOG.com)
Metro Exodus (HKLM-x32\...\1407287452_is1) (Version: 3.0.7.24 - GOG.com)
Microsoft Edge (HKLM-x32\...\Microsoft Edge) (Version: 122.0.2365.92 - Microsoft Corporation)
Microsoft Edge WebView2 Runtime (HKLM-x32\...\Microsoft EdgeWebView) (Version: 122.0.2365.92 - Microsoft Corporation)
Microsoft GameInput (HKLM-x32\...\{1F2B6AF3-C260-8666-5950-E3FEDBC851D6}) (Version: 10.1.22621.3036 - Microsoft Corporation)
Microsoft Office pro studenty a domácnosti 2021 - cs-cz (HKLM\...\HomeStudent2021Retail - cs-cz) (Version: 16.0.17328.20184 - Microsoft Corporation)
Microsoft OneDrive (HKLM\...\OneDriveSetup.exe) (Version: 24.050.0310.0001 - Microsoft Corporation)
Microsoft Update Health Tools (HKLM\...\{C6FD611E-7EFE-488C-A0E0-974C09EF6473}) (Version: 5.72.0.0 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.6161 (HKLM-x32\...\{9BE518E6-ECC6-35A9-88E4-87755C07200F}) (Version: 9.0.30729.6161 - Microsoft Corporation)
Microsoft Visual C++ 2010 x64 Redistributable - 10.0.40219 (HKLM\...\{1D8E6291-B0D5-35EC-8441-6616F567A0F7}) (Version: 10.0.40219 - Microsoft Corporation)
Microsoft Visual C++ 2010 x86 Redistributable - 10.0.40219 (HKLM-x32\...\{F0C3E5D1-1ADE-321E-8167-68EF0DE699A5}) (Version: 10.0.40219 - Microsoft Corporation)
Microsoft Visual C++ 2012 Redistributable (x64) - 11.0.61030 (HKLM-x32\...\{ca67548a-5ebe-413a-b50c-4b9ceb6d66c6}) (Version: 11.0.61030.0 - Microsoft Corporation)
Microsoft Visual C++ 2012 x64 Additional Runtime - 11.0.61030 (HKLM\...\{37B8F9C7-03FB-3253-8781-2517C99D7C00}) (Version: 11.0.61030 - Microsoft Corporation) Hidden
Microsoft Visual C++ 2012 x64 Minimum Runtime - 11.0.61030 (HKLM\...\{CF2BEA3C-26EA-32F8-AA9B-331F7E34BA97}) (Version: 11.0.61030 - Microsoft Corporation) Hidden
Microsoft Visual C++ 2013 Redistributable (x64) - 12.0.21005 (HKLM-x32\...\{7f51bdb9-ee21-49ee-94d6-90afc321780e}) (Version: 12.0.21005.1 - Microsoft Corporation)
Microsoft Visual C++ 2013 x64 Additional Runtime - 12.0.21005 (HKLM\...\{929FBD26-9020-399B-9A7A-751D61F0B942}) (Version: 12.0.21005 - Microsoft Corporation) Hidden
Microsoft Visual C++ 2013 x64 Minimum Runtime - 12.0.21005 (HKLM\...\{A749D8E6-B613-3BE3-8F5F-045C84EBA29B}) (Version: 12.0.21005 - Microsoft Corporation) Hidden
Microsoft Visual C++ 2015-2022 Redistributable (x64) - 14.36.32532 (HKLM-x32\...\{8bdfe669-9705-4184-9368-db9ce581e0e7}) (Version: 14.36.32532.0 - Microsoft Corporation)
Microsoft Visual C++ 2015-2022 Redistributable (x86) - 14.36.32532 (HKLM-x32\...\{410c0ee1-00bb-41b6-9772-e12c2828b02f}) (Version: 14.36.32532.0 - Microsoft Corporation)
Microsoft Visual C++ 2022 X64 Additional Runtime - 14.36.32532 (HKLM\...\{0025DD72-A959-45B5-A0A3-7EFEB15A8050}) (Version: 14.36.32532 - Microsoft Corporation) Hidden
Microsoft Visual C++ 2022 X64 Minimum Runtime - 14.36.32532 (HKLM\...\{D5D19E2F-7189-42FE-8103-92CD1FA457C2}) (Version: 14.36.32532 - Microsoft Corporation) Hidden
Microsoft Visual C++ 2022 X86 Additional Runtime - 14.36.32532 (HKLM-x32\...\{C2C59CAB-8766-4ABD-A8EF-1151A36C41E5}) (Version: 14.36.32532 - Microsoft Corporation) Hidden
Microsoft Visual C++ 2022 X86 Minimum Runtime - 14.36.32532 (HKLM-x32\...\{73F77E4E-5A17-46E5-A5FC-8A061047725F}) (Version: 14.36.32532 - Microsoft Corporation) Hidden
Mozilla Firefox (x64 cs) (HKLM\...\Mozilla Firefox 122.0 (x64 cs)) (Version: 122.0 - Mozilla)
Mozilla Maintenance Service (HKLM\...\MozillaMaintenanceService) (Version: 112.0.2 - Mozilla)
Northgard verze 3.2.8.34322 (HKLM\...\{6E63E6E3-B8E8-4D19-8FD2-E644C2CDBA37}_is1) (Version: 3.2.8.34322 - Threadt)
NVIDIA FrameView SDK 1.3.8513.32290073 (HKLM\...\{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_FrameViewSdk) (Version: 1.3.8513.32290073 - NVIDIA Corporation)
NVIDIA GeForce Experience 3.27.0.120 (HKLM\...\{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_Display.GFExperience) (Version: 3.27.0.120 - NVIDIA Corporation)
NVIDIA Ovladač HD audia 1.3.40.14 (HKLM\...\{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_HDAudio.Driver) (Version: 1.3.40.14 - NVIDIA Corporation)
NVIDIA Ovladače grafiky 536.23 (HKLM\...\{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_Display.Driver) (Version: 536.23 - NVIDIA Corporation)
NVIDIA Systémový software PhysX 9.21.0713 (HKLM\...\{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_Display.PhysX) (Version: 9.21.0713 - NVIDIA Corporation)
NVIDIA USBC Driver 1.50.831.832 (HKLM\...\{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_USBC) (Version: 1.50.831.832 - NVIDIA Corporation)
Office 16 Click-to-Run Extensibility Component (HKLM\...\{90160000-008C-0000-1000-0000000FF1CE}) (Version: 16.0.17328.20142 - Microsoft Corporation) Hidden
Office 16 Click-to-Run Licensing Component (HKLM\...\{90160000-007E-0000-1000-0000000FF1CE}) (Version: 16.0.17328.20108 - Microsoft Corporation) Hidden
qBittorrent (HKLM-x32\...\qBittorrent) (Version: 4.6.3 - The qBittorrent project)
Realtek Audio Driver (HKLM-x32\...\{F132AF7F-7BCA-4EDE-8A7C-958108FE7DBC}) (Version: 6.0.9492.1 - Realtek Semiconductor Corp.)
Steam (HKLM-x32\...\Steam) (Version: 2.10.91.91 - Valve Corporation)
Sticky Password 8.8.4.1676 (HKLM-x32\...\Sticky Password_is1) (Version: 8.8.4.1676 - Lamantine Software)
UE4 Prerequisites (x64) (HKLM\...\{36EAD5CF-44EF-4FCF-8BE1-D96C4835D7A4}) (Version: 1.0.11.0 - Epic Games, Inc.) Hidden
UE4 Prerequisites (x64) (HKLM-x32\...\{2890ae6b-90e9-448d-b3e6-97e43c21e2fd}) (Version: 1.0.13.0 - Epic Games, Inc.) Hidden
VLC media player (HKLM\...\VLC media player) (Version: 3.0.18 - VideoLAN)
WinRAR 6.21 (64-bit) (HKLM\...\WinRAR archiver) (Version: 6.21.0 - win.rar GmbH)
Packages:
=========
Adobe Acrobat Reader -> C:\Program Files\Adobe\Acrobat DC [2024-03-17] ()
Dev Home -> C:\Program Files\WindowsApps\Microsoft.Windows.DevHome_0.1200.442.0_x64__8wekyb3d8bbwe [2024-03-20] (Microsoft Corporation)
ESET Context Menu -> C:\Program Files\ESET\ESET Security [2024-03-27] (Sparse Package)
ESPN -> C:\Program Files\WindowsApps\22364Disney.ESPNBetaPWA_16.0.1.0_neutral__6rarf9sa4v8jt [2024-03-13] (Disney)
HP Smart -> C:\Program Files\WindowsApps\AD2F1837.HPPrinterControl_152.1.1099.0_x64__v10z8vjag6ke6 [2024-03-08] (HP Inc.)
Microsoft Family -> C:\Program Files\WindowsApps\MicrosoftCorporationII.MicrosoftFamily_0.2.40.0_x64__8wekyb3d8bbwe [2023-09-14] (Microsoft Corp.)
Microsoft Teams Play Together -> C:\Program Files\WindowsApps\Microsoft.TeamsXboxGameBarWidget_1.2402.801.0_x64__8wekyb3d8bbwe [2024-02-22] (Microsoft Corporation)
Microsoft.WindowsAppRuntime.CBS -> C:\Windows\SystemApps\Microsoft.WindowsAppRuntime.CBS_8wekyb3d8bbwe [2024-03-13] (Microsoft Corporation)
MicrosoftWindows.CrossDevice -> C:\Program Files\WindowsApps\MicrosoftWindows.CrossDevice_1.24022.90.0_x64__cw5n1h2txyewy [2024-03-27] (Microsoft Windows) [Startup Task]
Minecraft Launcher -> C:\Program Files\WindowsApps\Microsoft.4297127D64EC6_1.7.2.0_x64__8wekyb3d8bbwe [2023-12-21] (Microsoft Studios)
NVIDIA Control Panel -> C:\Program Files\WindowsApps\NVIDIACorp.NVIDIAControlPanel_8.1.965.0_x64__56jybvy8sckqj [2024-03-25] (NVIDIA Corp.)
Spotify Music -> C:\Program Files\WindowsApps\SpotifyAB.SpotifyMusic_1.233.1042.0_x64__zpdnekdrzrea0 [2024-03-26] (Spotify AB) [Startup Task]
Windows Feature Experience Pack -> C:\Windows\SystemApps\MicrosoftWindows.Client.FileExp_cw5n1h2txyewy [2024-03-13] (Microsoft Corporation)
WinRAR -> C:\Program Files\WinRAR [2023-04-22] (win.rar GmbH)
==================== Custom CLSID (Whitelisted): ==============
(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)
CustomCLSID: HKU\S-1-5-21-2785552240-912787919-3056475977-1001_Classes\CLSID\{38142727-3008-9161-1521-349515000000}\localserver32 -> C:\Program Files\Adobe\Acrobat DC\Acrobat\ADNotificationManager.exe (Adobe Inc. -> Adobe)
ShellIconOverlayIdentifiers: [ OneDrive1] -> {BBACC218-34EA-4666-9D7A-C78F2274A524} => C:\Program Files\Microsoft OneDrive\24.050.0310.0001\FileSyncShell64.dll [2024-03-26] (Microsoft Corporation -> Microsoft Corporation)
ShellIconOverlayIdentifiers: [ OneDrive2] -> {5AB7172C-9C11-405C-8DD5-AF20F3606282} => C:\Program Files\Microsoft OneDrive\24.050.0310.0001\FileSyncShell64.dll [2024-03-26] (Microsoft Corporation -> Microsoft Corporation)
ShellIconOverlayIdentifiers: [ OneDrive3] -> {A78ED123-AB77-406B-9962-2A5D9D2F7F30} => C:\Program Files\Microsoft OneDrive\24.050.0310.0001\FileSyncShell64.dll [2024-03-26] (Microsoft Corporation -> Microsoft Corporation)
ShellIconOverlayIdentifiers: [ OneDrive4] -> {F241C880-6982-4CE5-8CF7-7085BA96DA5A} => C:\Program Files\Microsoft OneDrive\24.050.0310.0001\FileSyncShell64.dll [2024-03-26] (Microsoft Corporation -> Microsoft Corporation)
ShellIconOverlayIdentifiers: [ OneDrive5] -> {A0396A93-DC06-4AEF-BEE9-95FFCCAEF20E} => C:\Program Files\Microsoft OneDrive\24.050.0310.0001\FileSyncShell64.dll [2024-03-26] (Microsoft Corporation -> Microsoft Corporation)
ShellIconOverlayIdentifiers: [ OneDrive6] -> {9AA2F32D-362A-42D9-9328-24A483E2CCC3} => C:\Program Files\Microsoft OneDrive\24.050.0310.0001\FileSyncShell64.dll [2024-03-26] (Microsoft Corporation -> Microsoft Corporation)
ShellIconOverlayIdentifiers: [ OneDrive7] -> {C5FF006E-2AE9-408C-B85B-2DFDD5449D9C} => C:\Program Files\Microsoft OneDrive\24.050.0310.0001\FileSyncShell64.dll [2024-03-26] (Microsoft Corporation -> Microsoft Corporation)
ShellIconOverlayIdentifiers-x32: [ OneDrive1] -> {BBACC218-34EA-4666-9D7A-C78F2274A524} => C:\Program Files\Microsoft OneDrive\24.050.0310.0001\FileSyncShell64.dll [2024-03-26] (Microsoft Corporation -> Microsoft Corporation)
ShellIconOverlayIdentifiers-x32: [ OneDrive2] -> {5AB7172C-9C11-405C-8DD5-AF20F3606282} => C:\Program Files\Microsoft OneDrive\24.050.0310.0001\FileSyncShell64.dll [2024-03-26] (Microsoft Corporation -> Microsoft Corporation)
ShellIconOverlayIdentifiers-x32: [ OneDrive3] -> {A78ED123-AB77-406B-9962-2A5D9D2F7F30} => C:\Program Files\Microsoft OneDrive\24.050.0310.0001\FileSyncShell64.dll [2024-03-26] (Microsoft Corporation -> Microsoft Corporation)
ShellIconOverlayIdentifiers-x32: [ OneDrive4] -> {F241C880-6982-4CE5-8CF7-7085BA96DA5A} => C:\Program Files\Microsoft OneDrive\24.050.0310.0001\FileSyncShell64.dll [2024-03-26] (Microsoft Corporation -> Microsoft Corporation)
ShellIconOverlayIdentifiers-x32: [ OneDrive5] -> {A0396A93-DC06-4AEF-BEE9-95FFCCAEF20E} => C:\Program Files\Microsoft OneDrive\24.050.0310.0001\FileSyncShell64.dll [2024-03-26] (Microsoft Corporation -> Microsoft Corporation)
ShellIconOverlayIdentifiers-x32: [ OneDrive6] -> {9AA2F32D-362A-42D9-9328-24A483E2CCC3} => C:\Program Files\Microsoft OneDrive\24.050.0310.0001\FileSyncShell64.dll [2024-03-26] (Microsoft Corporation -> Microsoft Corporation)
ShellIconOverlayIdentifiers-x32: [ OneDrive7] -> {C5FF006E-2AE9-408C-B85B-2DFDD5449D9C} => C:\Program Files\Microsoft OneDrive\24.050.0310.0001\FileSyncShell64.dll [2024-03-26] (Microsoft Corporation -> Microsoft Corporation)
ContextMenuHandlers1: [ FileSyncEx] -> {CB3D0F55-BC2C-4C1A-85ED-23ED75B5106B} => C:\Program Files\Microsoft OneDrive\24.050.0310.0001\FileSyncShell64.dll [2024-03-26] (Microsoft Corporation -> Microsoft Corporation)
ContextMenuHandlers1: [ESET Security Shell] -> {B089FE88-FB52-11D3-BDF1-0050DA34150D} => C:\Program Files\ESET\ESET Security\shellExt.dll [2024-03-25] (ESET, spol. s r.o. -> ESET)
ContextMenuHandlers2: [DaemonShellExtDriveLite] -> {C06369D6-E77D-4626-9656-1256312BD576} => C:\Program Files\DAEMON Tools Lite\dtshl64.dll [2023-10-11] (AVB Disc Soft, SIA -> Disc Soft FZE LLC)
ContextMenuHandlers2: [ESET Security Shell] -> {B089FE88-FB52-11D3-BDF1-0050DA34150D} => C:\Program Files\ESET\ESET Security\shellExt.dll [2024-03-25] (ESET, spol. s r.o. -> ESET)
ContextMenuHandlers3: [DaemonShellExtImageLite] -> {1D1B5D7B-0FC9-452E-902C-12BACD4FBC20} => C:\Program Files\DAEMON Tools Lite\dtshl64.dll [2023-10-11] (AVB Disc Soft, SIA -> Disc Soft FZE LLC)
ContextMenuHandlers4: [ FileSyncEx] -> {CB3D0F55-BC2C-4C1A-85ED-23ED75B5106B} => C:\Program Files\Microsoft OneDrive\24.050.0310.0001\FileSyncShell64.dll [2024-03-26] (Microsoft Corporation -> Microsoft Corporation)
ContextMenuHandlers5: [ FileSyncEx] -> {CB3D0F55-BC2C-4C1A-85ED-23ED75B5106B} => C:\Program Files\Microsoft OneDrive\24.050.0310.0001\FileSyncShell64.dll [2024-03-26] (Microsoft Corporation -> Microsoft Corporation)
ContextMenuHandlers5: [NvCplDesktopContext] -> {3D1975AF-48C6-4f8e-A182-BE0E08FA86A9} => C:\Windows\System32\DriverStore\FileRepository\nvmdi.inf_amd64_04ffae6d80cb7adc\nvshext.dll [2023-06-09] (NVIDIA Corporation -> NVIDIA Corporation)
ContextMenuHandlers6: [ESET Security Shell] -> {B089FE88-FB52-11D3-BDF1-0050DA34150D} => C:\Program Files\ESET\ESET Security\shellExt.dll [2024-03-25] (ESET, spol. s r.o. -> ESET)
==================== Codecs (Whitelisted) ====================
==================== Shortcuts & WMI ========================
(The entries could be listed to be restored or removed.)
Shortcut: C:\Users\petrs\Desktop\НастройкиFallout 4.lnk -> E:\Hry\Fallout 4\Fallout4Launcher.exe (Bethesda Softworks) <==== Cyrillic
==================== Loaded Modules (Whitelisted) =============
2024-03-27 15:06 - 2024-03-27 15:06 - 005855744 _____ (ESET, spol. s r.o. -> ESET) [File not signed] C:\Program Files\ESET\ESET Security\Modules\em045_64\1087\em045_64.dll
2023-04-22 09:28 - 2023-04-22 09:28 - 000000000 ____L (Microsoft Corporation) [symlink -> C:\Program Files\Common Files\Microsoft Shared\ClickToRun\AppvIsvSubsystems64.dll] C:\Program Files\Microsoft Office\Root\Office16\AppVIsvSubsystems64.dll
2023-04-22 09:28 - 2023-04-22 09:28 - 000000000 ____L (Microsoft Corporation) [symlink -> C:\Program Files\Common Files\Microsoft Shared\ClickToRun\C2R64.dll] C:\Program Files\Microsoft Office\Root\Office16\c2r64.dll
==================== Alternate Data Streams (Whitelisted) ========
==================== Safe Mode (Whitelisted) ==================
==================== Association (Whitelisted) =================
==================== Internet Explorer (Whitelisted) ==========
BHO: Java(tm) Plug-In SSV Helper -> {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} -> C:\Program Files\Java\jre-1.8\bin\ssv.dll [2023-03-17] (Oracle America, Inc. -> Oracle Corporation)
BHO: Java(tm) Plug-In 2 SSV Helper -> {DBC80044-A445-435b-BC74-9C25C1C588A9} -> C:\Program Files\Java\jre-1.8\bin\jp2ssv.dll [2023-03-17] (Oracle America, Inc. -> Oracle Corporation)
BHO-x32: Skype for Business Browser Helper -> {31D09BA0-12F5-4CCE-BE8A-2923E76605DA} -> C:\Program Files\Microsoft Office\root\VFS\ProgramFilesX86\Microsoft Office\Office16\OCHelper.dll [2024-01-31] (Microsoft Corporation -> Microsoft Corporation)
Handler: mso-minsb-roaming.16 - {83C25742-A9F7-49FB-9138-434302C88D07} - C:\Program Files\Microsoft Office\root\Office16\MSOSB.DLL [2024-03-07] (Microsoft Corporation -> Microsoft Corporation)
Handler-x32: mso-minsb-roaming.16 - {83C25742-A9F7-49FB-9138-434302C88D07} - C:\Program Files\Microsoft Office\root\VFS\ProgramFilesX86\Microsoft Office\Office16\MSOSB.DLL [2024-03-07] (Microsoft Corporation -> Microsoft Corporation)
Handler: mso-minsb.16 - {42089D2D-912D-4018-9087-2B87803E93FB} - C:\Program Files\Microsoft Office\root\Office16\MSOSB.DLL [2024-03-07] (Microsoft Corporation -> Microsoft Corporation)
Handler-x32: mso-minsb.16 - {42089D2D-912D-4018-9087-2B87803E93FB} - C:\Program Files\Microsoft Office\root\VFS\ProgramFilesX86\Microsoft Office\Office16\MSOSB.DLL [2024-03-07] (Microsoft Corporation -> Microsoft Corporation)
Handler: osf-roaming.16 - {42089D2D-912D-4018-9087-2B87803E93FB} - C:\Program Files\Microsoft Office\root\Office16\MSOSB.DLL [2024-03-07] (Microsoft Corporation -> Microsoft Corporation)
Handler-x32: osf-roaming.16 - {42089D2D-912D-4018-9087-2B87803E93FB} - C:\Program Files\Microsoft Office\root\VFS\ProgramFilesX86\Microsoft Office\Office16\MSOSB.DLL [2024-03-07] (Microsoft Corporation -> Microsoft Corporation)
Handler: osf.16 - {5504BE45-A83B-4808-900A-3A5C36E7F77A} - C:\Program Files\Microsoft Office\root\Office16\MSOSB.DLL [2024-03-07] (Microsoft Corporation -> Microsoft Corporation)
Handler-x32: osf.16 - {5504BE45-A83B-4808-900A-3A5C36E7F77A} - C:\Program Files\Microsoft Office\root\VFS\ProgramFilesX86\Microsoft Office\Office16\MSOSB.DLL [2024-03-07] (Microsoft Corporation -> Microsoft Corporation)
==================== Hosts content: =========================
(If needed Hosts: directive could be included in the fixlist to reset Hosts.)
2022-05-07 06:24 - 2022-05-07 06:22 - 000000824 _____ C:\Windows\system32\drivers\etc\hosts
==================== Other Areas ===========================
(Currently there is no automatic fix for this section.)
HKLM\System\CurrentControlSet\Control\Session Manager\Environment\\Path -> C:\Program Files (x86)\Common Files\Oracle\Java\javapath;C:\Windows\system32;C:\Windows;C:\Windows\System32\Wbem;C:\Windows\System32\WindowsPowerShell\v1.0\;C:\Windows\System32\OpenSSH\;C:\Program Files\NVIDIA Corporation\NVIDIA NvDLISR;C:\Program Files (x86)\NVIDIA Corporation\PhysX\Common
HKU\S-1-5-21-2785552240-912787919-3056475977-1001\Control Panel\Desktop\\Wallpaper -> D:\Všechny rodinné fotky nemazat !!!\Stanovnice 2008 Léto\Stanovnice VII 08 029.jpg
DNS Servers: 192.168.1.1
HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Policies\System => (ConsentPromptBehaviorAdmin: 5) (ConsentPromptBehaviorUser: 3) (EnableLUA: 1)
Windows Firewall is enabled.
==================== MSCONFIG/TASK MANAGER disabled items ==
==================== FirewallRules (Whitelisted) ================
(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)
FirewallRules: [{6CB0B561-0592-4BDD-B619-C8E3E07EF0B2}] => (Allow) C:\Program Files\LogiOptionsPlus\logioptionsplus_agent.exe (Logitech Inc -> Logitech, Inc.)
FirewallRules: [{61BF0263-F05F-46B4-82EB-E034471D1499}] => (Allow) C:\Program Files\NVIDIA Corporation\NvContainer\nvcontainer.exe (NVIDIA Corporation -> NVIDIA Corporation)
FirewallRules: [{F9731812-D9FF-4110-916A-A7A3544E5CF7}] => (Allow) C:\Program Files\NVIDIA Corporation\NvContainer\nvcontainer.exe (NVIDIA Corporation -> NVIDIA Corporation)
FirewallRules: [{1F59F503-46C1-46D2-8CD3-21C1BFF0452E}] => (Allow) C:\Program Files\Mozilla Firefox\firefox.exe (Mozilla Corporation -> Mozilla Corporation)
FirewallRules: [{791FB0FB-49C8-4DD7-9262-3225200D8D76}] => (Allow) C:\Program Files\Mozilla Firefox\firefox.exe (Mozilla Corporation -> Mozilla Corporation)
FirewallRules: [{0026DF3C-A56E-4976-AB96-623922E24110}] => (Allow) E:\Hry\Steam.exe (Valve Corp. -> Valve Corporation)
FirewallRules: [{8D0C5721-3482-4F65-9865-040F76573A61}] => (Allow) E:\Hry\Steam.exe (Valve Corp. -> Valve Corporation)
FirewallRules: [{07BFE2C2-E517-440D-8BDE-23B5C89599A2}] => (Allow) E:\Hry\bin\cef\cef.win7x64\steamwebhelper.exe (Valve Corp. -> Valve Corporation)
FirewallRules: [{C2A2E3C9-3903-4197-9DA0-0FAD0BF3207F}] => (Allow) E:\Hry\bin\cef\cef.win7x64\steamwebhelper.exe (Valve Corp. -> Valve Corporation)
FirewallRules: [{7568F6F9-8484-41E4-9520-91264DE98029}] => (Allow) E:\Hry\steamapps\common\Hogwarts Legacy\HogwartsLegacy.exe (Warner Bros. Interactive) [File not signed]
FirewallRules: [{7E3DBE9D-BAE8-4684-B64F-AED4E5DC4DAB}] => (Allow) E:\Hry\steamapps\common\Hogwarts Legacy\HogwartsLegacy.exe (Warner Bros. Interactive) [File not signed]
FirewallRules: [{16823495-B5F8-4CC7-A7DA-745790937911}] => (Allow) E:\Hry\steamapps\common\VRChat\launch.exe () [File not signed]
FirewallRules: [{65EC1B8C-8BA9-4A74-8041-ED68689A1C08}] => (Allow) E:\Hry\steamapps\common\VRChat\launch.exe () [File not signed]
FirewallRules: [TCP Query User{11F9593C-1625-4C08-B581-7088DC39C9AA}C:\program files\qbittorrent\qbittorrent.exe] => (Block) C:\program files\qbittorrent\qbittorrent.exe (The qBittorrent Project) [File not signed]
FirewallRules: [UDP Query User{C3DF1A79-951C-4DC2-A8E2-B65F0082CB7C}C:\program files\qbittorrent\qbittorrent.exe] => (Block) C:\program files\qbittorrent\qbittorrent.exe (The qBittorrent Project) [File not signed]
FirewallRules: [TCP Query User{8FAF17B1-78CC-4D89-8EBB-D9CFA076458B}E:\hry\epic games\launcher\engine\binaries\win64\epicwebhelper.exe] => (Allow) E:\hry\epic games\launcher\engine\binaries\win64\epicwebhelper.exe (Epic Games Inc. -> Epic Games, Inc.)
FirewallRules: [UDP Query User{55E199DE-CCEC-4588-80A6-B668E569F5FD}E:\hry\epic games\launcher\engine\binaries\win64\epicwebhelper.exe] => (Allow) E:\hry\epic games\launcher\engine\binaries\win64\epicwebhelper.exe (Epic Games Inc. -> Epic Games, Inc.)
FirewallRules: [{9F9F1179-26C7-47F8-8144-E72ECF52E1C4}] => (Allow) C:\Program Files\DAEMON Tools Lite\DiscSoftBusServiceLite.exe (AVB Disc Soft, SIA -> Disc Soft FZE LLC)
FirewallRules: [{5A9F8DF5-3C82-48DB-94E3-C5892CD675A3}] => (Allow) C:\Program Files\DAEMON Tools Lite\DiscSoftBusServiceLite.exe (AVB Disc Soft, SIA -> Disc Soft FZE LLC)
FirewallRules: [TCP Query User{36FC7988-02DF-4B1A-8004-9E58126B1BF0}C:\users\petrs\appdata\local\packages\microsoft.4297127d64ec6_8wekyb3d8bbwe\localcache\local\runtime\java-runtime-gamma\windows-x64\java-runtime-gamma\bin\javaw.exe] => (Allow) C:\users\petrs\appdata\local\packages\microsoft.4297127d64ec6_8wekyb3d8bbwe\localcache\local\runtime\java-runtime-gamma\windows-x64\java-runtime-gamma\bin\javaw.exe
FirewallRules: [UDP Query User{1AE7DD89-F5AF-42F4-9261-2407562E1C4E}C:\users\petrs\appdata\local\packages\microsoft.4297127d64ec6_8wekyb3d8bbwe\localcache\local\runtime\java-runtime-gamma\windows-x64\java-runtime-gamma\bin\javaw.exe] => (Allow) C:\users\petrs\appdata\local\packages\microsoft.4297127d64ec6_8wekyb3d8bbwe\localcache\local\runtime\java-runtime-gamma\windows-x64\java-runtime-gamma\bin\javaw.exe
FirewallRules: [{B5FAA428-A6A5-457E-B7D3-91CD6A7421B9}] => (Allow) C:\Program Files\NVIDIA Corporation\NvContainer\nvcontainer.exe (NVIDIA Corporation -> NVIDIA Corporation)
FirewallRules: [{4EA6C1E4-3D86-4C5F-8826-960E94001B64}] => (Allow) C:\Program Files\NVIDIA Corporation\NvContainer\nvcontainer.exe (NVIDIA Corporation -> NVIDIA Corporation)
FirewallRules: [{4E5A36F7-DB24-48EF-974E-786496C25D2D}] => (Allow) C:\Program Files\NVIDIA Corporation\NvStreamSrv\nvstreamer.exe (NVIDIA Corporation -> NVIDIA Corporation)
FirewallRules: [{B3708D0F-88E0-4A06-9A4E-C34B7AA77CC6}] => (Allow) C:\Program Files\NVIDIA Corporation\NvStreamSrv\nvstreamer.exe (NVIDIA Corporation -> NVIDIA Corporation)
FirewallRules: [{8C028B2F-6CA0-43FC-90A1-B077890DB941}] => (Allow) E:\Hry\steamapps\common\Poppy Playtime - Multiplayer\Playtime_Multiplayer.exe (EasyAntiCheat Oy -> Epic Games, Inc.)
FirewallRules: [{14EB1F0D-D709-447F-AFEA-3DFB9DE8C7D8}] => (Allow) E:\Hry\steamapps\common\Poppy Playtime - Multiplayer\Playtime_Multiplayer.exe (EasyAntiCheat Oy -> Epic Games, Inc.)
FirewallRules: [TCP Query User{39099541-348F-4A81-AB48-E6463C8595CB}E:\hry\steamapps\common\poppy playtime - multiplayer\playtime_multiplayer\binaries\win64\playtime_multiplayer-win64-shipping.exe] => (Allow) E:\hry\steamapps\common\poppy playtime - multiplayer\playtime_multiplayer\binaries\win64\playtime_multiplayer-win64-shipping.exe (Epic Games, Inc.) [File not signed]
FirewallRules: [UDP Query User{170B4B36-F066-464E-A87B-77152AAD1D65}E:\hry\steamapps\common\poppy playtime - multiplayer\playtime_multiplayer\binaries\win64\playtime_multiplayer-win64-shipping.exe] => (Allow) E:\hry\steamapps\common\poppy playtime - multiplayer\playtime_multiplayer\binaries\win64\playtime_multiplayer-win64-shipping.exe (Epic Games, Inc.) [File not signed]
FirewallRules: [{5BDB27A2-3FBF-4A89-B5A0-FB719085ED1F}] => (Allow) E:\Hry\steamapps\common\AreYouReadyForValveIndex\compatapp.exe (Valve -> )
FirewallRules: [{576BF63F-5185-46B9-A64F-8ED0A8058634}] => (Allow) E:\Hry\steamapps\common\AreYouReadyForValveIndex\compatapp.exe (Valve -> )
FirewallRules: [{37FF988B-AEAD-4FF7-AAA3-4F80109B6265}] => (Allow) C:\Program Files (x86)\Sticky Password\stpass.exe (Lamantine Software a.s. -> Lamantine Software a.s.)
FirewallRules: [{03C1901D-BC4E-4A29-BD3C-3B49F071F705}] => (Allow) C:\Program Files (x86)\Sticky Password\stpass.exe (Lamantine Software a.s. -> Lamantine Software a.s.)
FirewallRules: [{01913BD6-F5FD-473D-8472-00ED116DF64E}] => (Allow) E:\Hry\steamapps\common\Palworld\Palworld.exe (Epic Games, Inc.) [File not signed]
FirewallRules: [{E8DD902F-C4E2-4213-A417-F3FB61BF1E6C}] => (Allow) E:\Hry\steamapps\common\Palworld\Palworld.exe (Epic Games, Inc.) [File not signed]
FirewallRules: [{B7D17A44-A388-4C87-94F0-BAA02D25495F}] => (Allow) C:\Program Files\LogiOptionsPlus\logioptionsplus_agent.exe (Logitech Inc -> Logitech, Inc.)
FirewallRules: [{6BF4BB4A-2728-458F-9511-BAE85BA9A629}] => (Allow) C:\Program Files\qBittorrent\qbittorrent.exe (The qBittorrent Project) [File not signed]
FirewallRules: [{D466CB32-501C-4F87-BE9E-3398D44603C7}] => (Allow) C:\Program Files\qBittorrent\qbittorrent.exe (The qBittorrent Project) [File not signed]
FirewallRules: [{4BDA6956-6C89-4C22-8350-407A1599E75A}] => (Allow) C:\Program Files (x86)\Microsoft\EdgeWebView\Application\122.0.2365.92\msedgewebview2.exe (Microsoft Corporation -> Microsoft Corporation)
FirewallRules: [{EF4B2994-DE1F-4A50-981D-B5B5A32A95F1}] => (Allow) C:\Program Files\WindowsApps\MicrosoftTeams_24060.3102.2733.5911_x64__8wekyb3d8bbwe\msteams.exe (Microsoft Corporation -> Microsoft Corporation)
FirewallRules: [{D14BAB15-B22D-44B4-B783-7F3951C93A2A}] => (Allow) C:\Program Files\WindowsApps\MicrosoftTeams_24060.3102.2733.5911_x64__8wekyb3d8bbwe\msteams.exe (Microsoft Corporation -> Microsoft Corporation)
FirewallRules: [{74C3FA3B-6D44-45D2-8AF9-53191D30FDAB}] => (Allow) C:\Program Files\WindowsApps\SpotifyAB.SpotifyMusic_1.233.1042.0_x64__zpdnekdrzrea0\Spotify.exe (453637B3-4E12-4CDF-B0D3-2A3C863BF6EF -> Spotify Ltd)
FirewallRules: [{3E0AF9CC-6371-40B2-B876-A998C8695B43}] => (Allow) C:\Program Files\WindowsApps\SpotifyAB.SpotifyMusic_1.233.1042.0_x64__zpdnekdrzrea0\Spotify.exe (453637B3-4E12-4CDF-B0D3-2A3C863BF6EF -> Spotify Ltd)
FirewallRules: [{EFC12E27-E3AC-4443-8130-4825CDFA0B9C}] => (Allow) C:\Program Files\WindowsApps\SpotifyAB.SpotifyMusic_1.233.1042.0_x64__zpdnekdrzrea0\Spotify.exe (453637B3-4E12-4CDF-B0D3-2A3C863BF6EF -> Spotify Ltd)
FirewallRules: [{8BEFFD99-5131-4B8B-A405-E679477FDCE4}] => (Allow) C:\Program Files\WindowsApps\SpotifyAB.SpotifyMusic_1.233.1042.0_x64__zpdnekdrzrea0\Spotify.exe (453637B3-4E12-4CDF-B0D3-2A3C863BF6EF -> Spotify Ltd)
FirewallRules: [{BBAA3A03-4AF7-4DA0-9200-15CE44886608}] => (Allow) C:\Program Files\WindowsApps\SpotifyAB.SpotifyMusic_1.233.1042.0_x64__zpdnekdrzrea0\Spotify.exe (453637B3-4E12-4CDF-B0D3-2A3C863BF6EF -> Spotify Ltd)
FirewallRules: [{133A1A31-1ADB-4008-B414-E8ACE8990D0B}] => (Allow) C:\Program Files\WindowsApps\SpotifyAB.SpotifyMusic_1.233.1042.0_x64__zpdnekdrzrea0\Spotify.exe (453637B3-4E12-4CDF-B0D3-2A3C863BF6EF -> Spotify Ltd)
FirewallRules: [{755FD29A-3361-45E5-BF66-C0805414D15A}] => (Allow) C:\Program Files\WindowsApps\SpotifyAB.SpotifyMusic_1.233.1042.0_x64__zpdnekdrzrea0\Spotify.exe (453637B3-4E12-4CDF-B0D3-2A3C863BF6EF -> Spotify Ltd)
FirewallRules: [{B372E5DD-3D78-49F0-A5BB-4567C6282AF9}] => (Allow) C:\Program Files\WindowsApps\SpotifyAB.SpotifyMusic_1.233.1042.0_x64__zpdnekdrzrea0\Spotify.exe (453637B3-4E12-4CDF-B0D3-2A3C863BF6EF -> Spotify Ltd)
FirewallRules: [{2E0D6DD9-20B5-460F-9D52-1DE6382C9C15}] => (Allow) C:\Program Files\WindowsApps\SpotifyAB.SpotifyMusic_1.233.1042.0_x64__zpdnekdrzrea0\Spotify.exe (453637B3-4E12-4CDF-B0D3-2A3C863BF6EF -> Spotify Ltd)
FirewallRules: [{5943667F-B38C-46D9-B807-9973C1B63E1A}] => (Allow) C:\Program Files\WindowsApps\SpotifyAB.SpotifyMusic_1.233.1042.0_x64__zpdnekdrzrea0\Spotify.exe (453637B3-4E12-4CDF-B0D3-2A3C863BF6EF -> Spotify Ltd)
==================== Restore Points =========================
20-03-2024 18:38:26 Windows Update
25-03-2024 18:25:40 Windows Update
25-03-2024 18:25:40 Windows Update
25-03-2024 18:25:41 Windows Update
==================== Faulty Device Manager Devices ============
==================== Event log errors: ========================
Application errors:
==================
Error: (03/27/2024 03:10:23 PM) (Source: Microsoft Security Client) (EventID: 3002) (User: )
Description: Event-ID 3002
Error: (03/27/2024 03:10:23 PM) (Source: Microsoft Security Client) (EventID: 2002) (User: )
Description: Event-ID 2002
Error: (03/27/2024 03:10:23 PM) (Source: Microsoft Security Client) (EventID: 2003) (User: )
Description: Event-ID 2003
System errors:
=============
Error: (03/26/2024 11:04:56 AM) (Source: Microsoft-Windows-WindowsUpdateClient) (EventID: 20) (User: NT AUTHORITY)
Description: Instalace se nezdařila: Instalování následující aktualizace se nezdařilo z důvodu chyby (0x80073d02): 9NMPJ99VJBWV-Microsoft.YourPhone.
Error: (03/26/2024 11:04:48 AM) (Source: Microsoft-Windows-WindowsUpdateClient) (EventID: 20) (User: NT AUTHORITY)
Description: Instalace se nezdařila: Instalování následující aktualizace se nezdařilo z důvodu chyby (0x80073d02): 9MV0B5HZVK9Z-Microsoft.GamingApp.
Error: (03/25/2024 06:26:14 PM) (Source: Microsoft-Windows-WindowsUpdateClient) (EventID: 20) (User: NT AUTHORITY)
Description: Instalace se nezdařila: Instalování následující aktualizace se nezdařilo z důvodu chyby (0x80073d02): 9NCBCSZSJRSB-SpotifyAB.SpotifyMusic.
Error: (03/25/2024 06:10:24 PM) (Source: Service Control Manager) (EventID: 7034) (User: )
Description: Služba GameInput Service byla neočekávaně ukončena. Tento stav nastal již 6krát.
Error: (03/25/2024 06:10:24 PM) (Source: Service Control Manager) (EventID: 7023) (User: )
Description: Služba GameInput Service byla ukončena s následující chybou:
Složený soubor GameInput Service byl vytvořen s novější verzi úložného prostoru.
Error: (03/25/2024 06:10:23 PM) (Source: Service Control Manager) (EventID: 7031) (User: )
Description: Služba GameInput Service byla nečekaně ukončena. Stalo se to 5 krát. Následující opravná akce bude spuštěna za 1000 milisekund: Restartovat službu.
Error: (03/25/2024 06:10:23 PM) (Source: Service Control Manager) (EventID: 7023) (User: )
Description: Služba GameInput Service byla ukončena s následující chybou:
Složený soubor GameInput Service byl vytvořen s novější verzi úložného prostoru.
Error: (03/25/2024 06:10:22 PM) (Source: Service Control Manager) (EventID: 7031) (User: )
Description: Služba GameInput Service byla nečekaně ukončena. Stalo se to 4 krát. Následující opravná akce bude spuštěna za 1000 milisekund: Restartovat službu.
Windows Defender:
================
Date: 2024-03-27 11:49:12
Description:
Prohledávání Antivirová ochrana v programu Microsoft Defender bylo zastaveno před dokončením.
ID prohledávání: {065A7352-698C-42A3-B0D6-0EB3AA01C6A8}
Typ prohledávání: Antimalwarový program
Parametry prohledávání: Rychlé prohledávání
Uživatel: NT AUTHORITY\SYSTEM
Date: 2024-03-26 11:04:25
Description:
Prohledávání Antivirová ochrana v programu Microsoft Defender bylo zastaveno před dokončením.
ID prohledávání: {05952EFA-7104-4861-9F9A-ED72BFCC57E6}
Typ prohledávání: Antimalwarový program
Parametry prohledávání: Rychlé prohledávání
Uživatel: NT AUTHORITY\SYSTEM
Date: 2024-03-19 14:42:11
Description:
Prohledávání Antivirová ochrana v programu Microsoft Defender bylo zastaveno před dokončením.
ID prohledávání: {967023EF-3810-4877-8EF7-3378CD26B578}
Typ prohledávání: Antimalwarový program
Parametry prohledávání: Rychlé prohledávání
Uživatel: NT AUTHORITY\SYSTEM
Date: 2024-03-18 09:22:45
Description:
Prohledávání Antivirová ochrana v programu Microsoft Defender bylo zastaveno před dokončením.
ID prohledávání: {3B22F4A7-74BB-4F2D-B5A0-388E15E0B88D}
Typ prohledávání: Antimalwarový program
Parametry prohledávání: Rychlé prohledávání
Uživatel: NT AUTHORITY\SYSTEM
Date: 2024-03-17 14:40:34
Description:
Prohledávání Antivirová ochrana v programu Microsoft Defender bylo zastaveno před dokončením.
ID prohledávání: {8F131DA7-2EBB-4FDF-BE68-C8309F699900}
Typ prohledávání: Antimalwarový program
Parametry prohledávání: Rychlé prohledávání
Uživatel: NT AUTHORITY\SYSTEM
Event[0]
Date: 2023-04-22 09:27:33
Description:
Antivirová ochrana v programu Microsoft Defender narazil na chybu při pokusu o aktualizaci bezpečnostních informací.
Nová verze bezpečnostních informací:
Předchozí verze bezpečnostních informací: 1.321.69.0
Zdroj aktualizace: Centrum společnosti Microsoft pro ochranu před škodlivým softwarem
Typ bezpečnostních informací: Antivirový program
Typ aktualizace: Úplné
Uživatel: NT AUTHORITY\NETWORK SERVICE
Aktuální verze modulu:
Předchozí verze modulu: 1.1.17300.4
Kód chyby: 0x80072ee7
Popis chyby: Nelze rozpoznat název nebo adresu serveru.
Date: 2023-04-22 09:27:33
Description:
Antivirová ochrana v programu Microsoft Defender narazil na chybu při pokusu o aktualizaci bezpečnostních informací.
Nová verze bezpečnostních informací:
Předchozí verze bezpečnostních informací: 1.321.69.0
Zdroj aktualizace: Centrum společnosti Microsoft pro ochranu před škodlivým softwarem
Typ bezpečnostních informací: Antispywarový program
Typ aktualizace: Úplné
Uživatel: NT AUTHORITY\NETWORK SERVICE
Aktuální verze modulu:
Předchozí verze modulu: 1.1.17300.4
Kód chyby: 0x80072ee7
Popis chyby: Nelze rozpoznat název nebo adresu serveru.
Date: 2023-04-22 09:27:33
Description:
Antivirová ochrana v programu Microsoft Defender narazil na chybu při pokusu o aktualizaci bezpečnostních informací.
Nová verze bezpečnostních informací:
Předchozí verze bezpečnostních informací: 1.321.69.0
Zdroj aktualizace: Centrum společnosti Microsoft pro ochranu před škodlivým softwarem
Typ bezpečnostních informací: Antivirový program
Typ aktualizace: Úplné
Uživatel: NT AUTHORITY\NETWORK SERVICE
Aktuální verze modulu:
Předchozí verze modulu: 1.1.17300.4
Kód chyby: 0x80072ee7
Popis chyby: Nelze rozpoznat název nebo adresu serveru.
Date: 2023-04-22 09:27:33
Description:
Antivirová ochrana v programu Microsoft Defender narazil na chybu při pokusu o aktualizaci bezpečnostních informací.
Nová verze bezpečnostních informací:
Předchozí verze bezpečnostních informací: 1.321.69.0
Zdroj aktualizace: Centrum společnosti Microsoft pro ochranu před škodlivým softwarem
Typ bezpečnostních informací: Antivirový program
Typ aktualizace: Úplné
Uživatel: NT AUTHORITY\NETWORK SERVICE
Aktuální verze modulu:
Předchozí verze modulu: 1.1.17300.4
Kód chyby: 0x80072ee7
Popis chyby: Nelze rozpoznat název nebo adresu serveru.
Date: 2023-04-22 09:27:33
Description:
Antivirová ochrana v programu Microsoft Defender narazil na chybu při pokusu o aktualizaci bezpečnostních informací.
Nová verze bezpečnostních informací:
Předchozí verze bezpečnostních informací: 1.321.69.0
Zdroj aktualizace: Centrum společnosti Microsoft pro ochranu před škodlivým softwarem
Typ bezpečnostních informací: Antispywarový program
Typ aktualizace: Úplné
Uživatel: NT AUTHORITY\NETWORK SERVICE
Aktuální verze modulu:
Předchozí verze modulu: 1.1.17300.4
Kód chyby: 0x80072ee7
Popis chyby: Nelze rozpoznat název nebo adresu serveru.
CodeIntegrity:
===============
Date: 2024-03-27 15:10:05
Description:
Code Integrity determined that a process (\Device\HarddiskVolume4\Windows\System32\SecurityHealthService.exe) attempted to load \Device\HarddiskVolume4\Program Files\ESET\ESET Security\eamsi.dll that did not meet the Windows signing level requirements.
Date: 2024-03-27 15:09:36
Description:
Code Integrity determined that a process (\Device\HarddiskVolume4\ProgramData\Microsoft\Windows Defender\Platform\4.18.24020.7-0\MsMpEng.exe) attempted to load \Device\HarddiskVolume4\Program Files\ESET\ESET Security\eamsi.dll that did not meet the Custom 3 / Antimalware signing level requirements.
Date: 2024-03-27 15:09:31
Description:
Code Integrity determined that a process (\Device\HarddiskVolume4\Program Files\ESET\ESET Security\ekrn.exe) attempted to load \Device\HarddiskVolume4\Program Files\ESET\ESET Security\eamsi.dll that did not meet the Custom 3 / Antimalware signing level requirements.
Date: 2024-02-18 16:15:37
Description:
Code Integrity is unable to verify the image integrity of the file \Device\HarddiskVolume4\Windows\System32\fcon.dll because the set of per-page image hashes could not be found on the system.
Date: 2023-12-04 18:08:08
Description:
Code Integrity determined that a process (\Device\HarddiskVolume4\ProgramData\Microsoft\Windows Defender\Platform\4.18.23100.2009-0\MsMpEng.exe) attempted to load \Device\HarddiskVolume4\Program Files\Microsoft Office\root\vfs\ProgramFilesCommonX64\Microsoft Shared\Office16\MSOXMLMF.DLL that did not meet the Custom 3 / Antimalware signing level requirements.
==================== Memory info ===========================
BIOS: American Megatrends International, LLC. 1.I0 03/01/2023
Motherboard: Micro-Star International Co., Ltd. MPG X570 GAMING PRO CARBON WIFI (MS-7B93)
Processor: AMD Ryzen 9 3900X 12-Core Processor
Percentage of memory in use: 38%
Total physical RAM: 16303.47 MB
Available physical RAM: 10054.13 MB
Total Virtual: 26543.47 MB
Available Virtual: 18137.3 MB
==================== Drives ================================
Drive c: () (Fixed) (Total:930.79 GB) (Free:691.53 GB) (Model: Samsung SSD 990 PRO 1TB) NTFS
Drive d: (Místní disk) (Fixed) (Total:1863 GB) (Free:1102.47 GB) (Model: HGST HUS722T2TALA604) NTFS
Drive e: (Místní disk E) (Fixed) (Total:465.65 GB) (Free:221.43 GB) (Model: Samsung SSD 970 EVO Plus 500GB) NTFS
\\?\Volume{e26e90c5-7abc-48fe-a1d0-cdb7280b4b78}\ () (Fixed) (Total:0.61 GB) (Free:0.08 GB) NTFS
\\?\Volume{aed9f27e-b2dc-40a4-a67e-a9c26c3a08fc}\ () (Fixed) (Total:0.09 GB) (Free:0.07 GB) FAT32
==================== MBR & Partition Table ====================
==========================================================
Disk: 0 (Protective MBR) (Size: 1863 GB) (Disk ID: 00000000)
Partition: GPT.
==========================================================
Disk: 1 (Size: 465.8 GB) (Disk ID: 1F09C536)
Partition: GPT.
==========================================================
Disk: 2 (Protective MBR) (Size: 931.5 GB) (Disk ID: 00000000)
Partition: GPT.
==================== End of Addition.txt =======================
27.03.2024 16:14:34;HTTP filtr;soubor;https://jootizud.net/pfe/current/tag.mi ... ed.Agent.L podezřelá aplikace;přerušeno spojení;ZALMAN-PC\petrs;Tato událost nastala při pokusu o přístup na web aplikací: C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe (A3C06B947549921D60D59917575DF5EE5DFC472A).;C3C68A1B3FEC1DE7F1DD9AD78CE9BA8CB6CA2286;
Scan result of Farbar Recovery Scan Tool (FRST) (x64) Version: 25.03.2024
Ran by petrs (administrator) on ZALMAN-PC (Micro-Star International Co., Ltd. MS-7B93) (27-03-2024 15:44:18)
Running from C:\Users\petrs\Desktop\FRST64.exe
Loaded Profiles: petrs
Platform: Microsoft Windows 11 Home Version 23H2 22631.3296 (X64) Language: Čeština (Česko)
Default browser: Edge
Boot Mode: Normal
==================== Processes (Whitelisted) =================
(If an entry is included in the fixlist, the process will be closed. The file will not be moved.)
(A-Volute SAS -> A-Volute) C:\Windows\System32\NhNotifSys.exe
(C:\Program Files (x86)\Common Files\Java\Java Update\jusched.exe ->) (Oracle America, Inc. -> Oracle Corporation) C:\Program Files (x86)\Common Files\Java\Java Update\jucheck.exe
(C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe ->) (Microsoft Windows -> Microsoft Corporation) C:\Windows\System32\cmd.exe <2>
(C:\Program Files (x86)\Sticky Password\stpass.exe ->) (Lamantine Software a.s. -> Lamantine Software a.s.) C:\Program Files (x86)\Sticky Password\spUIAManager.exe
(C:\Program Files\ESET\ESET Security\ekrn.exe ->) (ESET, spol. s r.o. -> ESET) C:\Program Files\ESET\ESET Security\egui.exe
(C:\Program Files\ESET\ESET Security\ekrn.exe ->) (ESET, spol. s r.o. -> ESET) C:\Program Files\ESET\ESET Security\eguiProxy.exe
(C:\Program Files\ESET\ESET Security\ekrn.exe ->) (ESET, spol. s r.o. -> ESET) C:\Program Files\ESET\ESET Security\eOppFrame.exe
(C:\Program Files\LogiOptionsPlus\logioptionsplus_agent.exe ->) (Logitech Inc -> Logitech, Inc.) C:\Program Files\LogiOptionsPlus\logioptionsplus_appbroker.exe
(C:\Program Files\LogiOptionsPlus\logioptionsplus_updater.exe ->) (Logitech Inc -> Logitech, Inc.) C:\Program Files\LogiOptionsPlus\logioptionsplus_agent.exe
(C:\Program Files\NVIDIA Corporation\NvContainer\nvcontainer.exe ->) (NVIDIA Corporation -> NVIDIA Corporation) C:\Program Files\NVIDIA Corporation\NVIDIA GeForce Experience\NVIDIA Share.exe <3>
(C:\Program Files\NVIDIA Corporation\NvContainer\nvcontainer.exe ->) (NVIDIA Corporation -> NVIDIA Corporation) C:\Program Files\NVIDIA Corporation\ShadowPlay\nvsphelper64.exe
(C:\Program Files\WindowsApps\MicrosoftTeams_24060.3102.2733.5911_x64__8wekyb3d8bbwe\msteams.exe ->) (Microsoft Corporation -> Microsoft Corporation) C:\Program Files (x86)\Microsoft\EdgeWebView\Application\122.0.2365.92\msedgewebview2.exe <12>
(cmd.exe ->) (ESET, spol. s r.o. -> ESET) C:\Program Files\ESET\ESET Security\BrowserPrivacyAndSecurity.exe
(cmd.exe ->) (Lamantine Software a.s. -> Lamantine Software a.s.) C:\Program Files (x86)\Sticky Password\spNMHost.exe
(explorer.exe ->) (Lamantine Software a.s. -> Lamantine Software a.s.) C:\Program Files (x86)\Sticky Password\stpass.exe
(Microsoft Corporation -> Microsoft Corporation) C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe <16>
(NVIDIA Corporation -> Node.js) C:\Program Files (x86)\NVIDIA Corporation\NvNode\NVIDIA Web Helper.exe
(Oracle America, Inc. -> Oracle Corporation) C:\Program Files (x86)\Common Files\Java\Java Update\jusched.exe
(services.exe ->) (Adobe Inc. -> Adobe Inc.) C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\armsvc.exe
(services.exe ->) (AVB Disc Soft, SIA -> Disc Soft FZE LLC) C:\Program Files\DAEMON Tools Lite\DiscSoftBusServiceLite.exe
(services.exe ->) (A-Volute SAS -> Nahimic) C:\Windows\System32\NahimicService.exe
(services.exe ->) (ESET, spol. s r.o. -> ESET) C:\Program Files\ESET\ESET Security\efwd.exe
(services.exe ->) (ESET, spol. s r.o. -> ESET) C:\Program Files\ESET\ESET Security\ekrn.exe
(services.exe ->) (HP Inc. -> HP Inc.) C:\Program Files\HPPrintScanDoctor\HPPrintScanDoctorService.exe
(services.exe ->) (Logitech Inc -> Logitech, Inc.) C:\Program Files\LogiOptionsPlus\logioptionsplus_updater.exe
(services.exe ->) (Microsoft Corporation -> Microsoft Corporation) C:\Program Files\Common Files\microsoft shared\ClickToRun\OfficeClickToRun.exe
(services.exe ->) (ND_Apps -> Intel Corporation) C:\Windows\System32\IPROSetMonitor.exe
(services.exe ->) (NVIDIA Corporation -> NVIDIA Corporation) C:\Program Files\NVIDIA Corporation\NvContainer\nvcontainer.exe <3>
(services.exe ->) (NVIDIA Corporation -> NVIDIA Corporation) C:\Windows\System32\DriverStore\FileRepository\nvmdi.inf_amd64_04ffae6d80cb7adc\Display.NvContainer\NVDisplay.Container.exe <2>
(services.exe ->) (Realtek Semiconductor Corp. -> Realtek Semiconductor) C:\Windows\System32\DriverStore\FileRepository\realtekservice.inf_amd64_5349479f7c9fe8a6\RtkAudUService64.exe <2>
(svchost.exe ->) (453637B3-4E12-4CDF-B0D3-2A3C863BF6EF -> ) C:\Program Files\WindowsApps\SpotifyAB.SpotifyMusic_1.233.1042.0_x64__zpdnekdrzrea0\SpotifyWidgetProvider.exe
(svchost.exe ->) (Microsoft Corporation -> Microsoft Corporation) C:\Program Files\Microsoft Office\root\Office16\SDXHelper.exe
(svchost.exe ->) (Microsoft Windows -> ) C:\Program Files\WindowsApps\MicrosoftWindows.Client.WebExperience_424.1301.310.0_x64__cw5n1h2txyewy\Dashboard\WidgetService.exe
(svchost.exe ->) (Microsoft Windows -> Microsoft Corporation) C:\Windows\System32\dllhost.exe <2>
(svchost.exe ->) (Microsoft Windows -> Microsoft Corporation) C:\Windows\System32\smartscreen.exe
(svchost.exe ->) (Microsoft Windows -> Microsoft Corporation) C:\Windows\System32\wlanext.exe
==================== Registry (Whitelisted) ===================
(If an entry is included in the fixlist, the registry item will be restored to default or removed. The file will not be moved.)
HKLM\...\Run: [Logitech Download Assistant] => C:\Windows\system32\rundll32.exe C:\Windows\System32\LogiLDA.dll,LogiFetch [3951024 2019-10-11] (Microsoft Windows Hardware Compatibility Publisher -> Logitech, Inc.)
HKLM\...\Run: [RtkAudUService] => C:\Windows\System32\DriverStore\FileRepository\realtekservice.inf_amd64_5349479f7c9fe8a6\RtkAudUService64.exe [1951632 2023-12-20] (Realtek Semiconductor Corp. -> Realtek Semiconductor)
HKLM\...\Run: [egui] => C:\Program Files\ESET\ESET Security\ecmds.exe [196016 2024-03-25] (ESET, spol. s r.o. -> ESET)
HKLM-x32\...\Run: [SunJavaUpdateSched] => C:\Program Files (x86)\Common Files\Java\Java Update\jusched.exe [739448 2023-03-17] (Oracle America, Inc. -> Oracle Corporation)
HKLM\SOFTWARE\Microsoft\Windows Defender: [DisableAntiSpyware] Restriction <==== ATTENTION
HKLM\SOFTWARE\Microsoft\Windows Defender: [DisableAntiVirus] Restriction <==== ATTENTION
HKU\S-1-5-21-2785552240-912787919-3056475977-1001\...\Run: [OneDrive] => C:\Program Files\Microsoft OneDrive\OneDrive.exe [3306504 2024-03-26] (Microsoft Corporation -> Microsoft Corporation)
HKU\S-1-5-21-2785552240-912787919-3056475977-1001\...\Run: [StickyPassword] => C:\Program Files (x86)\Sticky Password\stpass.exe [72104 2023-12-18] (Lamantine Software a.s. -> Lamantine Software a.s.)
HKU\S-1-5-21-2785552240-912787919-3056475977-1001\...\Run: [MicrosoftEdgeAutoLaunch_C8232F012CA43EDA63AF8D019F227CEA] => "C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --no-startup-window --win-session-start [4060712 2024-03-14] (Microsoft Corporation -> Microsoft Corporation)
HKU\S-1-5-21-2785552240-912787919-3056475977-1001\...\Run: [GalaxyClient] => [X]
HKU\S-1-5-21-2785552240-912787919-3056475977-1001\...\Run: [DAEMON Tools Lite Automount] => C:\Program Files\DAEMON Tools Lite\DTAgent.exe [482128 2023-10-11] (AVB Disc Soft, SIA -> Disc Soft FZE LLC)
==================== Scheduled Tasks (Whitelisted) =================
(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)
Task: {399B43F5-1228-4711-AB4C-129BC36CDA2C} - System32\Tasks\Adobe Acrobat Update Task => C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\AdobeARM.exe [1547208 2024-01-31] (Adobe Inc. -> Adobe Inc.)
Task: {14EEFDE1-83F4-42B5-9F79-A98B61DC1A29} - System32\Tasks\CCleaner Update => C:\Program Files\CCleaner\CCUpdate.exe [714256 2023-10-10] (PIRIFORM SOFTWARE LIMITED -> Piriform Software Ltd)
Task: {DD64EFEC-3053-48B3-B723-5750FCB60292} - System32\Tasks\CCleanerCrashReporting => C:\Program Files\CCleaner\CCleanerBugReport.exe [4703648 2023-10-10] (PIRIFORM SOFTWARE LIMITED -> Piriform Software) -> --product 90 --send dumps|report --path "C:\Program Files\CCleaner\LOG" --programpath "C:\Program Files\CCleaner" --configpath "C:\Program Files\CCleaner\Setup" --guid "17ef4122-613d-4c33-aeff-6851f77dacdc" --version "6.17.10746" --silent
Task: {B2F56437-8C34-467D-9118-010D0C3F63D2} - System32\Tasks\CCleanerSkipUAC - petrs => C:\Program Files\CCleaner\CCleaner.exe [35664800 2023-10-10] (PIRIFORM SOFTWARE LIMITED -> Piriform Software Ltd)
Task: {F2A18D04-40CB-4948-A4E6-2C188D3D3A25} - System32\Tasks\GarminUpdaterTask => C:\Program Files (x86)\Garmin\Express SelfUpdater\ExpressSelfUpdater.exe [31008 2023-08-28] (Garmin International, Inc. -> )
Task: {9B1F60EF-5E7F-4CC9-B744-85F80873659D} - System32\Tasks\HP\HP Print Scan Doctor\Printer Health Monitor => C:\Program Files\HPPrintScanDoctor\HPPrinterHealthMonitor.exe [64464 2024-03-08] (HP Inc. -> HP Inc.)
Task: {C8EFF6FD-9206-4C41-A73A-C28FF3F660DE} - System32\Tasks\HP\HP Print Scan Doctor\Printer Health Monitor Logon => C:\Program Files\HPPrintScanDoctor\HPPrinterHealthMonitor.exe [64464 2024-03-08] (HP Inc. -> HP Inc.)
Task: {63A08CFA-7515-407A-B831-D1D1EBB87F96} - System32\Tasks\Microsoft\Office\Office Automatic Updates 2.0 => C:\Program Files\Common Files\Microsoft Shared\ClickToRun\OfficeC2RClient.exe [28491744 2024-03-07] (Microsoft Corporation -> Microsoft Corporation)
Task: {9BC130E2-FF6F-492F-BFF0-6270A7F06418} - System32\Tasks\Microsoft\Office\Office ClickToRun Service Monitor => C:\Program Files\Common Files\Microsoft Shared\ClickToRun\OfficeC2RClient.exe [28491744 2024-03-07] (Microsoft Corporation -> Microsoft Corporation)
Task: {E0B79C08-79BB-46A8-9855-A88FFD95C568} - System32\Tasks\Microsoft\Office\Office Feature Updates => C:\Program Files\Microsoft Office\root\Office16\sdxhelper.exe [309184 2024-03-19] (Microsoft Corporation -> Microsoft Corporation)
Task: {15636897-284F-4CD3-93DE-843B4536F239} - System32\Tasks\Microsoft\Office\Office Feature Updates Logon => C:\Program Files\Microsoft Office\root\Office16\sdxhelper.exe [309184 2024-03-19] (Microsoft Corporation -> Microsoft Corporation)
Task: {9530E009-2B61-4644-B69C-F754B8CC191C} - System32\Tasks\Microsoft\Office\Office Performance Monitor => C:\Program Files\Microsoft Office\root\vfs\ProgramFilesCommonX64\Microsoft Shared\Office16\operfmon.exe [170136 2024-03-19] (Microsoft Corporation -> Microsoft Corporation)
Task: {E0F10DCF-44AD-40E8-9370-FB5DA59F93FB} - System32\Tasks\Microsoft\Windows\UpdateOrchestrator\USO_UxBroker => %systemroot%\system32\MusNotification.exe (No File)
Task: {662472C2-6CCA-4CBB-91AB-2A0BEE3A412F} - System32\Tasks\Mozilla\Firefox Background Update 308046B0AF4A39CB => C:\Program Files\Mozilla Firefox\firefox.exe [671648 2024-02-18] (Mozilla Corporation -> Mozilla Corporation) -> C:\ProgramData\Mozilla-1de4eec8-1241-4177-a864-e594e8d1fb38\updates\308046B0AF4A39CB\--MOZ_LOG sync,prependheader,timestamp,append,maxsize:1,Dump:5 --MOZ_LOG_FILE C:\ProgramData\Mozilla-1de4eec8-1241-4177-a864-e594e8d1fb38\updates\308046B0AF4A39CB\backgroundupdate.moz_log --backgroundtask background (the data entry has 6 more characters).
Task: {648AC316-16F7-4EF3-A0B5-0E576869DC1C} - System32\Tasks\Mozilla\Firefox Default Browser Agent 308046B0AF4A39CB => C:\Program Files\Mozilla Firefox\default-browser-agent.exe [34720 2024-02-18] (Mozilla Corporation -> Mozilla Foundation)
Task: {B5DB29EA-E21F-476A-9A75-64EFAC04A25B} - System32\Tasks\NvDriverUpdateCheckDaily_{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8} => C:\Program Files\NVIDIA Corporation\NvContainer\nvcontainer.exe [1005096 2023-11-02] (NVIDIA Corporation -> NVIDIA Corporation) -> C:\Program Files\NVIDIA Corporation\NvContainer\-d "C:\Program Files\NVIDIA Corporation\NvDriverUpdateCheck" -l 3 -f C:\ProgramData\NVIDIA\NvContainerDriverUpdateCheck.log
Task: {A3A1D2A0-F5B4-4098-AED7-D929EB2B0080} - System32\Tasks\NVIDIA GeForce Experience SelfUpdate_{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8} => C:\Program Files\NVIDIA Corporation\NVIDIA GeForce Experience\NVIDIA GeForce Experience.exe [3345448 2023-11-02] (NVIDIA Corporation -> NVIDIA Corporation)
Task: {03F4E411-B084-4494-B0A8-A3A41917110D} - System32\Tasks\NvNodeLauncher_{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8} => C:\Program Files (x86)\NVIDIA Corporation\NvNode\nvnodejslauncher.exe [649256 2023-11-02] (NVIDIA Corporation -> NVIDIA Corporation) -> C:\Program Files (x86)\NVIDIA Corporation\NvNode\--launcher=TaskScheduler
Task: {91BA0E52-6B58-4C1A-8031-44ACE5CA6AD9} - System32\Tasks\NvProfileUpdaterDaily_{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8} => C:\Program Files\NVIDIA Corporation\Update Core\NvProfileUpdater64.exe [910888 2023-11-02] (NVIDIA Corporation -> NVIDIA Corporation)
Task: {2F69E5F6-22E8-466A-AE63-B06ED5AAB17B} - System32\Tasks\NvProfileUpdaterOnLogon_{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8} => C:\Program Files\NVIDIA Corporation\Update Core\NvProfileUpdater64.exe [910888 2023-11-02] (NVIDIA Corporation -> NVIDIA Corporation)
Task: {D8B8B94C-E059-4B26-BCE0-8C6A7ECFB245} - System32\Tasks\NvTmRep_CrashReport1_{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8} => C:\Program Files\NVIDIA Corporation\NvBackend\NvTmRep.exe [1665064 2023-11-02] (NVIDIA Corporation -> NVIDIA Corporation)
Task: {04417C82-AEB0-49FB-9CA1-E9DD3839DDAA} - System32\Tasks\NvTmRep_CrashReport2_{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8} => C:\Program Files\NVIDIA Corporation\NvBackend\NvTmRep.exe [1665064 2023-11-02] (NVIDIA Corporation -> NVIDIA Corporation)
Task: {BB336857-72A4-4BC7-855D-C26FF16E0F21} - System32\Tasks\NvTmRep_CrashReport3_{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8} => C:\Program Files\NVIDIA Corporation\NvBackend\NvTmRep.exe [1665064 2023-11-02] (NVIDIA Corporation -> NVIDIA Corporation)
Task: {F92BCC29-8EA7-4146-8E85-EE15F428560F} - System32\Tasks\NvTmRep_CrashReport4_{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8} => C:\Program Files\NVIDIA Corporation\NvBackend\NvTmRep.exe [1665064 2023-11-02] (NVIDIA Corporation -> NVIDIA Corporation)
Task: {86D74176-E9A1-4792-9DF9-65DF22201D67} - System32\Tasks\OneDrive Per-Machine Standalone Update Task => C:\Program Files\Microsoft OneDrive\OneDriveStandaloneUpdater.exe [4206096 2024-03-26] (Microsoft Corporation -> Microsoft Corporation)
Task: {26998442-F9D7-4310-81AB-DA99388D4B84} - System32\Tasks\OneDrive Reporting Task-S-1-5-21-2785552240-912787919-3056475977-1001 => C:\Program Files\Microsoft OneDrive\OneDriveStandaloneUpdater.exe [4206096 2024-03-26] (Microsoft Corporation -> Microsoft Corporation)
(If an entry is included in the fixlist, the task (.job) file will be moved. The file which is running by the task will not be moved.)
Task: C:\Windows\Tasks\CCleanerCrashReporting.job => C:\Program Files\CCleaner\CCleanerBugReport.exe
==================== Internet (Whitelisted) ====================
(If an item is included in the fixlist, if it is a registry item it will be removed or restored to default.)
Tcpip\Parameters: [DhcpNameServer] 192.168.1.1
Tcpip\..\Interfaces\{35a168d9-1984-429c-9a8a-e56395f3eb51}: [DhcpNameServer] 192.168.1.1
Tcpip\..\Interfaces\{de550de4-89a9-46b5-bdc1-069d2be646cf}: [DhcpNameServer] 192.168.1.1
Edge:
=======
Edge DefaultProfile: Default
Edge Profile: C:\Users\petrs\AppData\Local\Microsoft\Edge\User Data\Default [2024-03-27]
Edge HomePage: Default -> hxxp://www.seznam.cz/
Edge StartupUrls: Default -> "hxxp://www.seznam.cz/"
Edge Extension: (Dokumenty Google offline) - C:\Users\petrs\AppData\Local\Microsoft\Edge\User Data\Default\Extensions\ghbmnnjooekpmoecnnnilnnbdlolhkhi [2024-03-08]
Edge Extension: (Popup Blocker (strict)) - C:\Users\petrs\AppData\Local\Microsoft\Edge\User Data\Default\Extensions\ijhfkkgjgpcplfeajghagkcebakjcpge [2024-03-10]
Edge Extension: (Sticky Password - správce hesel) - C:\Users\petrs\AppData\Local\Microsoft\Edge\User Data\Default\Extensions\jbipmfkjgjhibkepepeneigpkfeikikp [2024-02-28]
Edge Extension: (Edge relevant text changes) - C:\Users\petrs\AppData\Local\Microsoft\Edge\User Data\Default\Extensions\jmjflgjpcpepeafmmgdpfkogkghcpiha [2024-01-24]
Edge Extension: (ESET Browser Privacy & Security) - C:\Users\petrs\AppData\Local\Microsoft\Edge\User Data\Default\Extensions\nkapkmklnmidbbgjaipbgpcnbomnaakc [2024-03-27]
Edge Extension: (Hlídač Shopů) - C:\Users\petrs\AppData\Local\Microsoft\Edge\User Data\Default\Extensions\plmlonggbfebcjelncogcnclagkmkikk [2023-11-17]
Edge HKLM-x32\...\Edge\Extension: [nkapkmklnmidbbgjaipbgpcnbomnaakc]
FireFox:
========
FF DefaultProfile: gdl9l20v.default
FF ProfilePath: C:\Users\petrs\AppData\Roaming\Mozilla\Firefox\Profiles\gdl9l20v.default [2023-05-04]
FF ProfilePath: C:\Users\petrs\AppData\Roaming\Mozilla\Firefox\Profiles\7wzm0yq2.default-release [2024-03-27]
FF Extension: (Sticky Password - správce hesel) - C:\Users\petrs\AppData\Roaming\Mozilla\Firefox\Profiles\7wzm0yq2.default-release\Extensions\{ecb80162-dfbd-4d91-a8da-17b35ba4707a}.xpi [2023-05-04]
FF Plugin: @java.com/DTPlugin,version=11.371.2 -> C:\Program Files\Java\jre-1.8\bin\dtplugin\npDeployJava1.dll [2023-03-17] (Oracle America, Inc. -> Oracle Corporation)
FF Plugin: @java.com/JavaPlugin,version=11.371.2 -> C:\Program Files\Java\jre-1.8\bin\plugin2\npjp2.dll [2023-03-17] (Oracle America, Inc. -> Oracle Corporation)
FF Plugin: @microsoft.com/SharePoint,version=14.0 -> C:\Program Files\Microsoft Office\root\Office16\NPSPWRAP.DLL [2024-01-31] (Microsoft Corporation -> Microsoft Corporation)
FF Plugin: @videolan.org/vlc,version=3.0.18 -> C:\Program Files\VideoLAN\VLC\npvlc.dll [2022-11-08] (VideoLAN -> VideoLAN)
FF Plugin: Adobe Acrobat -> C:\Program Files\Adobe\Acrobat DC\Acrobat\Air\nppdf32.dll [2024-03-18] (Adobe Inc. -> Adobe Systems Inc.)
FF Plugin-x32: @microsoft.com/SharePoint,version=14.0 -> C:\Program Files\Microsoft Office\root\VFS\ProgramFilesX86\Microsoft Office\Office16\NPSPWRAP.DLL [2024-01-31] (Microsoft Corporation -> Microsoft Corporation)
FF ExtraCheck: C:\Program Files\mozilla firefox\defaults\pref\eset_security_config_overlay.js [2024-03-27]
==================== Services (Whitelisted) ===================
(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)
R2 AdobeARMservice; C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\armsvc.exe [172992 2024-01-31] (Adobe Inc. -> Adobe Inc.)
R2 ClickToRunSvc; C:\Program Files\Common Files\Microsoft Shared\ClickToRun\OfficeClickToRun.exe [14097992 2024-03-07] (Microsoft Corporation -> Microsoft Corporation)
R3 Disc Soft Lite Bus Service; C:\Program Files\DAEMON Tools Lite\DiscSoftBusServiceLite.exe [4973904 2023-10-11] (AVB Disc Soft, SIA -> Disc Soft FZE LLC)
S3 EasyAntiCheat; C:\Program Files (x86)\EasyAntiCheat\EasyAntiCheat.exe [1136552 2023-08-22] (EasyAntiCheat Oy -> Epic Games, Inc)
S3 EasyAntiCheat_EOS; C:\Program Files (x86)\EasyAntiCheat_EOS\EasyAntiCheat_EOS.exe [943528 2023-11-26] (EasyAntiCheat Oy -> Epic Games, Inc.)
R2 efwd; C:\Program Files\ESET\ESET Security\efwd.exe [5584248 2024-03-25] (ESET, spol. s r.o. -> ESET)
R2 ekrn; C:\Program Files\ESET\ESET Security\ekrn.exe [3903416 2024-03-25] (ESET, spol. s r.o. -> ESET)
R3 ekrnEpfw; C:\Program Files\ESET\ESET Security\ekrn.exe [3903416 2024-03-25] (ESET, spol. s r.o. -> ESET)
S3 EpicOnlineServices; C:\Program Files (x86)\Epic Games\Epic Online Services\service\EpicOnlineServicesHost.exe [375248 2023-12-26] (Epic Games Inc. -> Epic Games, Inc.)
S3 FileSyncHelper; C:\Program Files\Microsoft OneDrive\24.050.0310.0001\FileSyncHelper.exe [3511312 2024-03-26] (Microsoft Corporation -> Microsoft Corporation)
S3 GalaxyClientService; E:\Hry\GOG Galaxy\GalaxyClientService.exe [2348000 2023-04-13] (GOG sp. z o.o -> GOG.com)
S3 GalaxyCommunication; C:\ProgramData\GOG.com\Galaxy\redists\GalaxyCommunication.exe [7178720 2023-04-13] (GOG sp. z o.o -> GOG.com)
R2 HPPrintScanDoctorService; C:\Program Files\HPPrintScanDoctor\HPPrintScanDoctorService.exe [234968 2024-03-08] (HP Inc. -> HP Inc.)
R2 NahimicService; C:\Windows\system32\NahimicService.exe [1909416 2024-01-01] (A-Volute SAS -> Nahimic)
S3 OneDrive Updater Service; C:\Program Files\Microsoft OneDrive\24.050.0310.0001\OneDriveUpdaterService.exe [3851296 2024-03-26] (Microsoft Corporation -> Microsoft Corporation)
R2 OptionsPlusUpdaterService; C:\Program Files\LogiOptionsPlus\logioptionsplus_updater.exe [18545408 2024-03-06] (Logitech Inc -> Logitech, Inc.)
S3 WdNisSvc; C:\ProgramData\Microsoft\Windows Defender\Platform\4.18.24020.7-0\NisSrv.exe [3191272 2024-03-12] (Microsoft Windows Publisher -> Microsoft Corporation)
S3 WinDefend; C:\ProgramData\Microsoft\Windows Defender\Platform\4.18.24020.7-0\MsMpEng.exe [133688 2024-03-12] (Microsoft Windows Publisher -> Microsoft Corporation)
R2 NVDisplay.ContainerLocalSystem; C:\Windows\System32\DriverStore\FileRepository\nvmdi.inf_amd64_04ffae6d80cb7adc\Display.NvContainer\NVDisplay.Container.exe -s NVDisplay.ContainerLocalSystem -f %ProgramData%\NVIDIA\NVDisplay.ContainerLocalSystem.log -l 3 -d C:\Windows\System32\DriverStore\FileRepository\nvmdi.inf_amd64_04ffae6d80cb7adc\Display.NvContainer\plugins\LocalSystem -r -p 30000 -cfg NVDisplay.ContainerLocalSystem\LocalSystem
===================== Drivers (Whitelisted) ===================
(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)
S3 dg_ssudbus; C:\Windows\system32\DRIVERS\ssudbus2.sys [167440 2022-09-30] (Samsung Electronics CO., LTD. -> Samsung Electronics Co., Ltd.)
R3 dtlitescsibus; C:\Windows\System32\drivers\dtlitescsibus.sys [42256 2023-10-11] (AVB Disc Soft, SIA -> Disc Soft Ltd)
R3 dtliteusbbus; C:\Windows\System32\drivers\dtliteusbbus.sys [63696 2023-10-11] (AVB Disc Soft, SIA -> Disc Soft Ltd)
R1 eamonm; C:\Windows\System32\DRIVERS\eamonm.sys [218432 2024-03-25] (ESET, spol. s r.o. -> ESET)
R0 edevmon; C:\Windows\System32\DRIVERS\edevmon.sys [121304 2024-03-25] (ESET, spol. s r.o. -> ESET)
S0 eelam; C:\Windows\System32\DRIVERS\eelam.sys [16336 2024-03-21] (Microsoft Windows Early Launch Anti-malware Publisher -> ESET)
R1 ehdrv; C:\Windows\system32\DRIVERS\ehdrv.sys [259752 2024-03-25] (ESET, spol. s r.o. -> ESET)
S2 ekbdflt; C:\Windows\system32\DRIVERS\ekbdflt.sys [57832 2024-03-25] (ESET, spol. s r.o. -> ESET)
R1 epfw; C:\Windows\system32\DRIVERS\epfw.sys [84120 2024-03-25] (ESET, spol. s r.o. -> ESET)
R1 epfwwfp; C:\Windows\system32\DRIVERS\epfwwfp.sys [125952 2024-03-25] (ESET, spol. s r.o. -> ESET)
R3 Nahimic_Mirroring; C:\Windows\System32\drivers\Nahimic_Mirroring.sys [86224 2022-08-19] (A-Volute SAS -> Windows (R) Win 7 DDK provider)
R3 NvModuleTracker; C:\Windows\System32\DriverStore\FileRepository\nvmoduletracker.inf_amd64_0c1cc60a4b422185\NvModuleTracker.sys [45656 2022-07-14] (Nvidia Corporation -> NVIDIA Corporation)
S3 ssudmdm; C:\Windows\system32\DRIVERS\ssudmdm.sys [174112 2022-09-30] (Samsung Electronics CO., LTD. -> Samsung Electronics Co., Ltd.)
R3 WdBoot; C:\Windows\system32\drivers\wd\WdBoot.sys [20928 2024-03-12] (Microsoft Windows Early Launch Anti-malware Publisher -> Microsoft Corporation)
U5 WdDevFlt; C:\Windows\System32\Drivers\WdDevFlt.sys [169232 2022-05-07] (Microsoft Windows -> Microsoft Corporation)
S3 WdFilter; C:\Windows\system32\drivers\wd\WdFilter.sys [603416 2024-03-12] (Microsoft Windows -> Microsoft Corporation)
S3 WdNisDrv; C:\Windows\System32\drivers\wd\WdNisDrv.sys [105752 2024-03-12] (Microsoft Windows -> Microsoft Corporation)
==================== NetSvcs (Whitelisted) ===================
(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)
==================== One month (created) (Whitelisted) =========
(If an entry is included in the fixlist, the file/folder will be moved.)
2024-03-27 15:44 - 2024-03-27 15:44 - 000023935 _____ C:\Users\petrs\Desktop\FRST.txt
2024-03-27 15:43 - 2024-03-27 15:44 - 000000000 ____D C:\FRST
2024-03-27 15:42 - 2024-03-27 15:43 - 002391552 _____ (Farbar) C:\Users\petrs\Desktop\FRST64.exe
2024-03-27 15:09 - 2024-03-27 15:09 - 000002016 _____ C:\Users\Public\Desktop\ESET Zabezpečené bankovnictví a prohlížení webu.lnk
2024-03-27 15:07 - 2024-03-27 15:07 - 000000000 ____D C:\Users\petrs\AppData\Local\ESET
2024-03-27 15:06 - 2024-03-27 15:06 - 000000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\ESET
2024-03-27 15:06 - 2024-03-27 15:06 - 000000000 ____D C:\ProgramData\ESET
2024-03-27 15:06 - 2024-03-27 15:06 - 000000000 ____D C:\Program Files\ESET
2024-03-27 11:01 - 2024-03-27 11:01 - 000000000 ___HD C:\OneDriveTemp
2024-03-25 19:28 - 2024-03-25 19:30 - 1455116713 _____ C:\Users\petrs\Downloads\[Erai-raws] Ore dake Level Up na Ken - 11 [1080p][Multiple Subtitle][9A1B5F9A].mkv
2024-03-25 19:28 - 2024-03-25 19:29 - 1443718225 _____ C:\Users\petrs\Downloads\[SubsPlease] Nozomanu Fushi no Boukensha - 12 (1080p) [8E8A3480].mkv
2024-03-25 19:28 - 2024-03-25 19:28 - 000031910 _____ C:\Users\petrs\Downloads\[SubsPlease] Nozomanu Fushi no Boukensha - 12 (720p) [732D5AD4].ass
2024-03-25 19:27 - 2024-03-25 19:27 - 000022908 _____ C:\Users\petrs\Downloads\[Erai-raws] Ore dake Level Up na Ken - 11 [720p][Multiple Subtitle][5BF36326].ass
2024-03-25 18:17 - 2024-03-25 18:17 - 000725758 _____ C:\Windows\system32\perfh005.dat
2024-03-25 18:17 - 2024-03-25 18:17 - 000151026 _____ C:\Windows\system32\perfc005.dat
2024-03-25 13:27 - 2024-03-25 13:27 - 000259752 _____ (ESET) C:\Windows\system32\Drivers\ehdrv.sys
2024-03-25 13:27 - 2024-03-25 13:27 - 000218432 _____ (ESET) C:\Windows\system32\Drivers\eamonm.sys
2024-03-25 13:27 - 2024-03-25 13:27 - 000125952 _____ (ESET) C:\Windows\system32\Drivers\epfwwfp.sys
2024-03-25 13:27 - 2024-03-25 13:27 - 000121304 _____ (ESET) C:\Windows\system32\Drivers\edevmon.sys
2024-03-25 13:27 - 2024-03-25 13:27 - 000084120 _____ (ESET) C:\Windows\system32\Drivers\epfw.sys
2024-03-25 13:27 - 2024-03-25 13:27 - 000057832 _____ (ESET) C:\Windows\system32\Drivers\ekbdflt.sys
2024-03-17 23:25 - 2024-03-17 23:29 - 1634514431 _____ C:\Users\petrs\Downloads\[SubsPlease] Shangri-La Frontier - 19 (1080p) [7F0307E9].mkv
2024-03-17 23:25 - 2024-03-17 23:29 - 1543821013 _____ C:\Users\petrs\Downloads\[SubsPlease] Shangri-La Frontier - 22 (1080p) [841BED2C].mkv
2024-03-17 23:25 - 2024-03-17 23:29 - 1537764566 _____ C:\Users\petrs\Downloads\[SubsPlease] Shangri-La Frontier - 20 (1080p) [AF8AE360].mkv
2024-03-17 23:25 - 2024-03-17 23:27 - 1441065815 _____ C:\Users\petrs\Downloads\[SubsPlease] Shangri-La Frontier - 23 (1080p) [ECD81383].mkv
2024-03-17 23:25 - 2024-03-17 23:27 - 1439089554 _____ C:\Users\petrs\Downloads\[SubsPlease] Shangri-La Frontier - 21 (1080p) [4EA64D0E].mkv
2024-03-17 23:25 - 2024-03-17 23:25 - 000041949 _____ C:\Users\petrs\Downloads\[subsplease] Shangri-La Frontier_ Kusoge Hunter, Kamige ni Idoman to su - 21 [BRZK].ass
2024-03-17 23:25 - 2024-03-17 23:25 - 000038818 _____ C:\Users\petrs\Downloads\[subsplease] Shangri-La Frontier_ Kusoge Hunter, Kamige ni Idoman to su - 20 [BRZK].ass
2024-03-17 23:25 - 2024-03-17 23:25 - 000038361 _____ C:\Users\petrs\Downloads\[Subsplease] Shangri-La Frontier_ Kusoge Hunter, Kamige ni Idoman to su - 22 [BRZK].ass
2024-03-17 23:24 - 2024-03-17 23:24 - 000043781 _____ C:\Users\petrs\Downloads\[subsplease] Shangri-La Frontier_ Kusoge Hunter, Kamige ni Idoman to su - 19 [BRZK].ass
2024-03-17 12:19 - 2024-03-17 12:21 - 1472280553 _____ C:\Users\petrs\Downloads\[Erai-raws] Ore dake Level Up na Ken - 10 [1080p][Multiple Subtitle][A9FB951C].mkv
2024-03-17 12:19 - 2024-03-17 12:21 - 1446510149 _____ C:\Users\petrs\Downloads\[SubsPlease] Nozomanu Fushi no Boukensha - 11 (1080p) [5EB1F3AB].mkv
2024-03-17 12:19 - 2024-03-17 12:19 - 000032894 _____ C:\Users\petrs\Downloads\[Erai-raws] Ore dake Level Up na Ken - 10 [720p][Multiple Subtitle][C628981E].ass
2024-03-17 12:18 - 2024-03-17 12:18 - 000032480 _____ C:\Users\petrs\Downloads\[SubsPlease] Nozomanu Fushi no Boukensha - 11 (720p) [9DC5A493].ass
2024-03-13 10:18 - 2024-03-13 10:18 - 000020023 _____ C:\Windows\SysWOW64\IntegratedServicesRegionPolicySet.json
2024-03-13 10:18 - 2024-03-13 10:18 - 000020023 _____ C:\Windows\system32\IntegratedServicesRegionPolicySet.json
2024-03-13 10:15 - 2024-03-13 10:16 - 000000000 ___HD C:\$WinREAgent
2024-03-10 08:54 - 2024-03-10 08:56 - 1473031609 _____ C:\Users\petrs\Downloads\[Erai-raws] Ore dake Level Up na Ken - 09 [1080p][Multiple Subtitle][2948F80F].mkv
2024-03-10 08:54 - 2024-03-10 08:54 - 000034556 _____ C:\Users\petrs\Downloads\[Erai-raws] Ore dake Level Up na Ken - 09 [720p][Multiple Subtitle][1B63B228].ass
2024-03-09 14:36 - 2024-03-09 14:38 - 1446313464 _____ C:\Users\petrs\Downloads\[SubsPlease] Nozomanu Fushi no Boukensha - 10v2 (1080p) [E2851279].mkv
2024-03-09 14:36 - 2024-03-09 14:36 - 000034901 _____ C:\Users\petrs\Downloads\[SubsPlease] Nozomanu Fushi no Boukensha - 10v2 (720p) [1A67B818].ass
2024-03-07 13:02 - 2024-03-07 13:02 - 001059500 _____ C:\Users\petrs\Downloads\Faktura_objednávka ES01651_dobropis.pdf
2024-03-07 12:39 - 2024-03-07 12:42 - 000239316 _____ C:\Users\petrs\Downloads\Formulář pro odstoupení od kupní smlouvy.pdf
2024-03-07 09:30 - 2024-03-07 09:30 - 000000000 ____D C:\Program Files\Common Files\DESIGNER
2024-03-07 09:23 - 2024-03-07 09:23 - 000000859 _____ C:\Users\Public\Desktop\Logi Options+.lnk
2024-03-07 09:23 - 2024-03-07 09:23 - 000000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Logi
2024-03-07 09:23 - 2024-03-07 09:23 - 000000000 ____D C:\Program Files\LogiOptionsPlus
2024-03-03 10:09 - 2024-03-03 10:11 - 1473157029 _____ C:\Users\petrs\Downloads\[Erai-raws] Ore dake Level Up na Ken - 08 [1080p][Multiple Subtitle][58CC8C8A].mkv
2024-03-03 10:09 - 2024-03-03 10:09 - 000031871 _____ C:\Users\petrs\Downloads\[Erai-raws] Ore dake Level Up na Ken - 08 [720p][Multiple Subtitle][C7393F9D].ass
2024-03-02 17:32 - 2024-03-02 17:34 - 001221812 ____H C:\Users\petrs\Downloads\.52ea00a70119d22fae99c0401353f27ed9fcf95b.parts
2024-03-02 17:32 - 2024-03-02 17:32 - 000000000 ____D C:\Users\petrs\Downloads\Hello World and Another World (2019) [1080p]
2024-03-02 17:29 - 2024-03-02 17:30 - 1445409432 _____ C:\Users\petrs\Downloads\[SubsPlease] Nozomanu Fushi no Boukensha - 09 (1080p) [8579C6AE].mkv
2024-03-02 17:29 - 2024-03-02 17:29 - 000086728 _____ C:\Users\petrs\Downloads\[EMBER _ AnimeKayo] Hello World - 01 [WOSUBS].ass
2024-03-02 17:28 - 2024-03-02 17:28 - 000034164 _____ C:\Users\petrs\Downloads\[SubsPlease] Nozomanu Fushi no Boukensha - 09 (720p) [97AD02E8].ass
==================== One month (modified) ==================
(If an entry is included in the fixlist, the file/folder will be moved.)
2024-03-27 15:33 - 2022-05-07 06:24 - 000000000 ____D C:\Windows\AppReadiness
2024-03-27 15:10 - 2023-04-14 20:06 - 000000000 ____D C:\Users\petrs\AppData\Local\Packages
2024-03-27 15:10 - 2023-04-14 19:25 - 000000000 ____D C:\ProgramData\Packages
2024-03-27 15:10 - 2022-05-07 06:24 - 000000000 ___HD C:\Program Files\WindowsApps
2024-03-27 15:08 - 2022-05-07 06:24 - 000000000 ____D C:\ProgramData\regid.1991-06.com.microsoft
2024-03-27 15:07 - 2023-04-14 20:06 - 000000000 ____D C:\Users\petrs\AppData\Local\D3DSCache
2024-03-27 15:07 - 2022-05-07 06:24 - 000000000 ____D C:\Windows\SystemTemp
2024-03-27 15:07 - 2022-05-07 06:22 - 000000000 ____D C:\Windows\INF
2024-03-27 15:06 - 2022-05-07 06:24 - 000000000 ___HD C:\Windows\ELAMBKUP
2024-03-27 15:05 - 2023-10-21 19:18 - 000000000 ____D C:\Windows\Minidump
2024-03-27 15:05 - 2023-07-10 20:28 - 000000000 ____D C:\Users\petrs\AppData\Roaming\discord
2024-03-27 15:04 - 2023-10-19 19:56 - 000000000 ____D C:\Program Files\CCleaner
2024-03-27 14:55 - 2023-04-22 08:54 - 000000000 ____D C:\Users\petrs\Documents\Sticky Passwords
2024-03-27 13:21 - 2023-04-22 08:29 - 000000000 ____D C:\Users\petrs\AppData\Local\LogiOptionsPlus
2024-03-27 12:26 - 2023-04-14 19:29 - 000000000 ____D C:\ProgramData\NVIDIA
2024-03-27 12:26 - 2023-04-14 19:23 - 000000000 ____D C:\Windows\system32\SleepStudy
2024-03-27 11:01 - 2023-04-14 20:08 - 000000000 ___RD C:\Users\petrs\OneDrive
2024-03-26 08:16 - 2023-04-27 20:05 - 000000000 ____D C:\Users\petrs\AppData\Roaming\vlc
2024-03-26 08:15 - 2023-04-23 10:06 - 000000000 ____D C:\Program Files\Microsoft OneDrive
2024-03-26 08:15 - 2023-04-22 09:31 - 000003194 _____ C:\Windows\system32\Tasks\OneDrive Per-Machine Standalone Update Task
2024-03-26 08:15 - 2023-04-22 09:31 - 000002130 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Programs\OneDrive.lnk
2024-03-26 08:15 - 2023-04-14 20:08 - 000003592 _____ C:\Windows\system32\Tasks\OneDrive Reporting Task-S-1-5-21-2785552240-912787919-3056475977-1001
2024-03-25 22:16 - 2023-04-27 19:43 - 000000000 ____D C:\Users\petrs\AppData\Roaming\qBittorrent
2024-03-25 21:18 - 2023-04-14 19:24 - 000003640 _____ C:\Windows\system32\Tasks\MicrosoftEdgeUpdateTaskMachineUA
2024-03-25 21:18 - 2023-04-14 19:24 - 000003516 _____ C:\Windows\system32\Tasks\MicrosoftEdgeUpdateTaskMachineCore
2024-03-25 21:17 - 2023-04-22 09:35 - 000000000 ____D C:\Users\petrs\AppData\Roaming\Microsoft\Word
2024-03-25 20:44 - 2023-10-25 15:13 - 000000000 ____D C:\Users\petrs\AppData\Roaming\Microsoft\Excel
2024-03-25 18:17 - 2023-04-14 19:38 - 001718036 _____ C:\Windows\system32\PerfStringBackup.INI
2024-03-25 18:10 - 2023-04-14 19:25 - 000001607 _____ C:\Windows\system32\config\VSMIDK
2024-03-25 18:10 - 2023-04-14 19:23 - 000012288 ___SH C:\DumpStack.log.tmp
2024-03-25 18:10 - 2023-04-14 19:23 - 000000006 ____H C:\Windows\Tasks\SA.DAT
2024-03-25 18:10 - 2022-05-07 06:24 - 000000000 ____D C:\Windows\ServiceState
2024-03-21 12:45 - 2023-07-10 20:28 - 000000000 ____D C:\Users\petrs\AppData\Local\Discord
2024-03-20 20:24 - 2023-06-24 20:00 - 000004562 _____ C:\Windows\system32\Tasks\Adobe Acrobat Update Task
2024-03-20 20:24 - 2023-06-24 19:59 - 000002073 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Adobe Acrobat.lnk
2024-03-20 20:24 - 2023-06-24 19:59 - 000002061 _____ C:\Users\Public\Desktop\Adobe Acrobat.lnk
2024-03-19 19:28 - 2023-07-10 20:28 - 000002227 _____ C:\Users\petrs\Desktop\Discord.lnk
2024-03-19 14:34 - 2023-04-22 09:28 - 000000000 ____D C:\Program Files\Microsoft Office
2024-03-18 01:09 - 2023-04-14 20:01 - 000000000 ____D C:\Users\petrs
2024-03-17 19:15 - 2023-06-24 20:15 - 000000000 ____D C:\Users\petrs\AppData\Roaming\com.adobe.dunamis
2024-03-17 11:23 - 2024-02-16 15:23 - 000263680 _____ (Microsoft Corporation) C:\Windows\system32\gamingservicesproxy_4.dll
2024-03-17 11:23 - 2023-05-06 20:20 - 002709096 _____ (Microsoft Corporation) C:\Windows\system32\xgameruntime.dll
2024-03-17 11:23 - 2023-05-06 20:20 - 000706152 _____ (Microsoft Corporation) C:\Windows\system32\gameplatformservices.dll
2024-03-17 11:23 - 2023-05-06 20:20 - 000218728 _____ (Microsoft Corporation) C:\Windows\system32\gameconfighelper.dll
2024-03-17 11:23 - 2023-05-06 20:20 - 000206440 _____ (Microsoft Corporation) C:\Windows\system32\gamelaunchhelper.dll
2024-03-17 11:23 - 2023-05-06 20:20 - 000145000 _____ (Microsoft Corporation) C:\Windows\system32\gamingtcuihelpers.dll
2024-03-17 11:23 - 2023-05-06 20:20 - 000108136 _____ (Microsoft Corporation) C:\Windows\system32\xgamehelper.exe
2024-03-17 11:23 - 2023-05-06 20:20 - 000075368 _____ (Microsoft Corporation) C:\Windows\system32\xgamecontrol.exe
2024-03-17 11:21 - 2023-04-14 19:24 - 000002436 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Microsoft Edge.lnk
2024-03-17 11:21 - 2023-04-14 19:24 - 000002274 _____ C:\Users\Public\Desktop\Microsoft Edge.lnk
2024-03-13 14:48 - 2022-05-07 06:24 - 000000000 ____D C:\ProgramData\USOPrivate
2024-03-13 14:33 - 2023-04-14 19:23 - 000350632 _____ C:\Windows\system32\FNTCACHE.DAT
2024-03-13 14:32 - 2024-02-01 16:15 - 000000000 ____D C:\Windows\en-GB
2024-03-13 14:32 - 2023-10-11 20:58 - 000000000 ____D C:\Windows\system32\Microsoft-Edge-WebView
2024-03-13 14:32 - 2022-05-07 06:24 - 000000000 ___RD C:\Windows\ImmersiveControlPanel
2024-03-13 14:32 - 2022-05-07 06:24 - 000000000 ____D C:\Windows\SysWOW64\Dism
2024-03-13 14:32 - 2022-05-07 06:24 - 000000000 ____D C:\Windows\SystemResources
2024-03-13 14:32 - 2022-05-07 06:24 - 000000000 ____D C:\Windows\system32\oobe
2024-03-13 14:32 - 2022-05-07 06:24 - 000000000 ____D C:\Windows\system32\appraiser
2024-03-13 14:32 - 2022-05-07 06:24 - 000000000 ____D C:\Windows\ShellExperiences
2024-03-13 14:32 - 2022-05-07 06:24 - 000000000 ____D C:\Windows\ShellComponents
2024-03-13 14:32 - 2022-05-07 06:24 - 000000000 ____D C:\Windows\bcastdvr
2024-03-13 14:32 - 2022-05-07 06:17 - 000524288 _____ C:\Windows\system32\config\BBI
2024-03-13 14:32 - 2022-05-07 06:17 - 000000000 ____D C:\Windows\servicing
2024-03-13 11:22 - 2023-05-10 15:32 - 000000000 ____D C:\Windows\system32\MRT
2024-03-13 11:21 - 2023-04-22 11:07 - 190470136 ____C (Microsoft Corporation) C:\Windows\system32\MRT.exe
2024-03-13 10:20 - 2022-05-07 06:17 - 000000000 ____D C:\Windows\CbsTemp
2024-03-13 10:18 - 2023-04-14 19:25 - 003213824 _____ (Microsoft Corporation) C:\Windows\SysWOW64\PrintConfig.dll
2024-03-12 23:46 - 2023-04-14 19:23 - 000000000 ____D C:\Windows\system32\Drivers\wd
2024-03-08 13:36 - 2023-04-24 13:08 - 000000000 ____D C:\Windows\system32\Tasks\HP
2024-03-08 13:36 - 2023-04-24 13:08 - 000000000 ____D C:\Program Files\HPPrintScanDoctor
==================== SigCheck ============================
(There is no automatic fix for files that do not pass verification.)
==================== End of FRST.txt ========================
Additional scan result of Farbar Recovery Scan Tool (x64) Version: 25.03.2024
Ran by petrs (27-03-2024 15:45:29)
Running from C:\Users\petrs\Desktop
Microsoft Windows 11 Home Version 23H2 22631.3296 (X64) (2023-04-14 18:25:38)
Boot Mode: Normal
==========================================================
==================== Accounts: =============================
(If an entry is included in the fixlist, it will be removed.)
Administrator (S-1-5-21-2785552240-912787919-3056475977-500 - Administrator - Disabled)
DefaultAccount (S-1-5-21-2785552240-912787919-3056475977-503 - Limited - Disabled)
Guest (S-1-5-21-2785552240-912787919-3056475977-501 - Limited - Disabled)
petrs (S-1-5-21-2785552240-912787919-3056475977-1001 - Administrator - Enabled) => C:\Users\petrs
WDAGUtilityAccount (S-1-5-21-2785552240-912787919-3056475977-504 - Limited - Disabled)
==================== Security Center ========================
(If an entry is included in the fixlist, it will be removed.)
AV: Windows Defender (Disabled - Up to date) {D68DDC3A-831F-4fae-9E44-DA132C1ACF46}
AV: ESET Security (Enabled - Up to date) {26E0861C-6FB9-CEF9-E4F0-531986211ACE}
FW: ESET Firewall (Enabled) {1EDB0739-25D6-CFA1-CFAF-FA2C78F25DB5}
==================== Installed Programs ======================
(Only the adware programs with "Hidden" flag could be added to the fixlist to unhide them. The adware programs should be uninstalled manually.)
Adobe Acrobat (64-bit) (HKLM\...\{AC76BA86-1029-1033-7760-BC15014EA700}) (Version: 24.001.20615 - Adobe)
Adobe Refresh Manager (HKLM-x32\...\{AC76BA86-0804-1033-1959-018244601067}) (Version: 1.8.0 - Adobe Systems Incorporated) Hidden
Aegisub 3.2.2 (HKLM\...\{24BC8B57-716C-444F-B46B-A3349B9164C5}_is1) (Version: 3.2.2 - Aegisub Team)
AMD GPIO2 Driver (HKLM-x32\...\{E9DD399F-21A3-479E-A7DF-D6CF4B2ADBF3}) (Version: 2.2.0.130 - Advanced Micro Devices, Inc.) Hidden
AMD Chipset Software (HKLM-x32\...\AMD_Chipset_IODrivers) (Version: 5.01.29.2026 - Advanced Micro Devices, Inc.)
AMD PCI Driver (HKLM-x32\...\{80EC3CEE-2940-42A1-A776-B5D810D39F1E}) (Version: 1.0.0.90 - Advanced Micro Devices, Inc.) Hidden
AMD Ryzen Balanced Driver (HKLM-x32\...\{A171D320-C42C-4F3B-A2D8-C6A09F6788CC}) (Version: 8.0.0.13 - Advanced Micro Devices, Inc.) Hidden
AMD SBxxx SMBus Driver (HKLM-x32\...\{AAE0E27D-C88A-49BA-8715-77ADCD4286A3}) (Version: 5.12.0.38 - Advanced Micro Devices, Inc.) Hidden
AMD_Chipset_Drivers (HKLM-x32\...\{8de7ed70-e784-45ea-951c-088ea579e49a}) (Version: 5.01.29.2026 - Advanced Micro Devices, Inc.) Hidden
ANT Drivers Installer x64 (HKLM\...\{2D6E4C69-7E20-4EF0-938E-9C4887D6C8BB}) (Version: 2.3.4 - Garmin Ltd or its subsidiaries) Hidden
Balíček ovladače systému Windows - Dynastream Innovations, Inc. ANT LibUSB Drivers (04/11/2012 1.2.40.201) (HKLM\...\F9D2A789F9CFF8CEC36B544F53877C80F1F73C46) (Version: 04/11/2012 1.2.40.201 - Dynastream Innovations, Inc.)
Balíček ovladače systému Windows - Garmin (grmnusb) GARMIN Devices (04/19/2012 2.3.1.0) (HKLM\...\98157A226B40B173301B0F53C8E98C47805D5152) (Version: 04/19/2012 2.3.1.0 - Garmin)
Balíček ovladače systému Windows - Silicon Labs Software (DSI_SiUSBXp_3_1) USB (02/06/2007 3.1) (HKLM\...\D1506E0025B5A3F9EB8270FE81C1EEDD9388B8A2) (Version: 02/06/2007 3.1 - Silicon Labs Software)
CCleaner (HKLM\...\CCleaner) (Version: 6.17 - Piriform)
DAEMON Tools Lite (HKLM\...\DAEMON Tools Lite) (Version: 11.2.0.2105 - Disc Soft Ltd)
Discord (HKU\S-1-5-21-2785552240-912787919-3056475977-1001\...\Discord) (Version: 1.0.9013 - Discord Inc.)
Documentation Manager (HKLM\...\{30EDBBE7-D455-4B19-B6EC-EF0F4934ABFE}) (Version: 22.180.0.4 - Intel Corporation) Hidden
Elevated Installer (HKLM-x32\...\{A154BCFF-4EEF-4136-AAD0-98FB2FC765B5}) (Version: 7.18.1.0 - Garmin Ltd or its subsidiaries) Hidden
Epic Games Launcher (HKLM-x32\...\{C027033D-F5BC-4556-B302-84E6EC6BD4D4}) (Version: 1.3.67.0 - Epic Games, Inc.)
Epic Online Services (HKLM-x32\...\{4757C19B-4CE3-418C-91D2-E15E938091FB}) (Version: 2.0.39.0 - Epic Games, Inc.)
ESET Security (HKLM\...\{46FD9D9F-B21B-4A16-A0EE-29054278C714}) (Version: 17.1.9.0 - ESET, spol. s r.o.)
Fallout 4 v.1.10.163.0.1 (HKLM-x32\...\Fallout 4_is1) (Version: - )
Garmin Express (HKLM-x32\...\{0029982a-8785-49de-8510-2f4cc7385907}) (Version: 7.18.1.0 - Garmin Ltd or its subsidiaries)
Garmin Express (HKLM-x32\...\{E4FDC1CC-D41D-4ABE-B0A9-D63A375BD45B}) (Version: 7.18.1.0 - Garmin Ltd or its subsidiaries) Hidden
GOG GALAXY (HKLM-x32\...\{7258BA11-600C-430E-A759-27E2C691A335}_is1) (Version: 2.0.62.26 - GOG.com)
Intel(R) Network Connections 26.2.0.1 (HKLM\...\{AC44C09E-6D45-4F0F-8749-C3DF69A55FDE}) (Version: 26.2.0.1 - Intel) Hidden
Intel(R) Network Connections 26.2.0.1 (HKLM\...\PROSetDX) (Version: 26.2.0.1 - Intel)
Intel(R) Wireless Bluetooth(R) (HKLM-x32\...\{00000180-0220-1029-84C8-B8D95FA3C8C3}) (Version: 22.180.0.2 - Intel Corporation)
Intel® Software Installer (HKLM-x32\...\{6c1d0e1a-8811-4048-902c-f970d54b83f4}) (Version: 22.180.0.4 - Intel Corporation) Hidden
Java 8 Update 371 (64-bit) (HKLM\...\{71124AE4-039E-4CA4-87B4-2F64180371F0}) (Version: 8.0.3710.11 - Oracle Corporation)
Launcher Prerequisites (x64) (HKLM-x32\...\{43a03b9c-4770-409c-a999-587b60700b63}) (Version: 1.0.0.0 - Epic Games, Inc.) Hidden
Logi Options+ (HKLM\...\{850cdc16-85df-4052-b06e-4e3e9e83c5c6}) (Version: 1.66.531337 - Logitech)
Medieval Dynasty (HKLM-x32\...\1224667888_is1) (Version: 1.5.2.2 - GOG.com)
Metro Exodus - Sam's Story (HKLM-x32\...\1414471894_is1) (Version: 3.0.7.24 - GOG.com)
Metro Exodus - The Two Colonels (HKLM-x32\...\2063590233_is1) (Version: 3.0.7.24 - GOG.com)
Metro Exodus (HKLM-x32\...\1407287452_is1) (Version: 3.0.7.24 - GOG.com)
Microsoft Edge (HKLM-x32\...\Microsoft Edge) (Version: 122.0.2365.92 - Microsoft Corporation)
Microsoft Edge WebView2 Runtime (HKLM-x32\...\Microsoft EdgeWebView) (Version: 122.0.2365.92 - Microsoft Corporation)
Microsoft GameInput (HKLM-x32\...\{1F2B6AF3-C260-8666-5950-E3FEDBC851D6}) (Version: 10.1.22621.3036 - Microsoft Corporation)
Microsoft Office pro studenty a domácnosti 2021 - cs-cz (HKLM\...\HomeStudent2021Retail - cs-cz) (Version: 16.0.17328.20184 - Microsoft Corporation)
Microsoft OneDrive (HKLM\...\OneDriveSetup.exe) (Version: 24.050.0310.0001 - Microsoft Corporation)
Microsoft Update Health Tools (HKLM\...\{C6FD611E-7EFE-488C-A0E0-974C09EF6473}) (Version: 5.72.0.0 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.6161 (HKLM-x32\...\{9BE518E6-ECC6-35A9-88E4-87755C07200F}) (Version: 9.0.30729.6161 - Microsoft Corporation)
Microsoft Visual C++ 2010 x64 Redistributable - 10.0.40219 (HKLM\...\{1D8E6291-B0D5-35EC-8441-6616F567A0F7}) (Version: 10.0.40219 - Microsoft Corporation)
Microsoft Visual C++ 2010 x86 Redistributable - 10.0.40219 (HKLM-x32\...\{F0C3E5D1-1ADE-321E-8167-68EF0DE699A5}) (Version: 10.0.40219 - Microsoft Corporation)
Microsoft Visual C++ 2012 Redistributable (x64) - 11.0.61030 (HKLM-x32\...\{ca67548a-5ebe-413a-b50c-4b9ceb6d66c6}) (Version: 11.0.61030.0 - Microsoft Corporation)
Microsoft Visual C++ 2012 x64 Additional Runtime - 11.0.61030 (HKLM\...\{37B8F9C7-03FB-3253-8781-2517C99D7C00}) (Version: 11.0.61030 - Microsoft Corporation) Hidden
Microsoft Visual C++ 2012 x64 Minimum Runtime - 11.0.61030 (HKLM\...\{CF2BEA3C-26EA-32F8-AA9B-331F7E34BA97}) (Version: 11.0.61030 - Microsoft Corporation) Hidden
Microsoft Visual C++ 2013 Redistributable (x64) - 12.0.21005 (HKLM-x32\...\{7f51bdb9-ee21-49ee-94d6-90afc321780e}) (Version: 12.0.21005.1 - Microsoft Corporation)
Microsoft Visual C++ 2013 x64 Additional Runtime - 12.0.21005 (HKLM\...\{929FBD26-9020-399B-9A7A-751D61F0B942}) (Version: 12.0.21005 - Microsoft Corporation) Hidden
Microsoft Visual C++ 2013 x64 Minimum Runtime - 12.0.21005 (HKLM\...\{A749D8E6-B613-3BE3-8F5F-045C84EBA29B}) (Version: 12.0.21005 - Microsoft Corporation) Hidden
Microsoft Visual C++ 2015-2022 Redistributable (x64) - 14.36.32532 (HKLM-x32\...\{8bdfe669-9705-4184-9368-db9ce581e0e7}) (Version: 14.36.32532.0 - Microsoft Corporation)
Microsoft Visual C++ 2015-2022 Redistributable (x86) - 14.36.32532 (HKLM-x32\...\{410c0ee1-00bb-41b6-9772-e12c2828b02f}) (Version: 14.36.32532.0 - Microsoft Corporation)
Microsoft Visual C++ 2022 X64 Additional Runtime - 14.36.32532 (HKLM\...\{0025DD72-A959-45B5-A0A3-7EFEB15A8050}) (Version: 14.36.32532 - Microsoft Corporation) Hidden
Microsoft Visual C++ 2022 X64 Minimum Runtime - 14.36.32532 (HKLM\...\{D5D19E2F-7189-42FE-8103-92CD1FA457C2}) (Version: 14.36.32532 - Microsoft Corporation) Hidden
Microsoft Visual C++ 2022 X86 Additional Runtime - 14.36.32532 (HKLM-x32\...\{C2C59CAB-8766-4ABD-A8EF-1151A36C41E5}) (Version: 14.36.32532 - Microsoft Corporation) Hidden
Microsoft Visual C++ 2022 X86 Minimum Runtime - 14.36.32532 (HKLM-x32\...\{73F77E4E-5A17-46E5-A5FC-8A061047725F}) (Version: 14.36.32532 - Microsoft Corporation) Hidden
Mozilla Firefox (x64 cs) (HKLM\...\Mozilla Firefox 122.0 (x64 cs)) (Version: 122.0 - Mozilla)
Mozilla Maintenance Service (HKLM\...\MozillaMaintenanceService) (Version: 112.0.2 - Mozilla)
Northgard verze 3.2.8.34322 (HKLM\...\{6E63E6E3-B8E8-4D19-8FD2-E644C2CDBA37}_is1) (Version: 3.2.8.34322 - Threadt)
NVIDIA FrameView SDK 1.3.8513.32290073 (HKLM\...\{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_FrameViewSdk) (Version: 1.3.8513.32290073 - NVIDIA Corporation)
NVIDIA GeForce Experience 3.27.0.120 (HKLM\...\{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_Display.GFExperience) (Version: 3.27.0.120 - NVIDIA Corporation)
NVIDIA Ovladač HD audia 1.3.40.14 (HKLM\...\{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_HDAudio.Driver) (Version: 1.3.40.14 - NVIDIA Corporation)
NVIDIA Ovladače grafiky 536.23 (HKLM\...\{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_Display.Driver) (Version: 536.23 - NVIDIA Corporation)
NVIDIA Systémový software PhysX 9.21.0713 (HKLM\...\{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_Display.PhysX) (Version: 9.21.0713 - NVIDIA Corporation)
NVIDIA USBC Driver 1.50.831.832 (HKLM\...\{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_USBC) (Version: 1.50.831.832 - NVIDIA Corporation)
Office 16 Click-to-Run Extensibility Component (HKLM\...\{90160000-008C-0000-1000-0000000FF1CE}) (Version: 16.0.17328.20142 - Microsoft Corporation) Hidden
Office 16 Click-to-Run Licensing Component (HKLM\...\{90160000-007E-0000-1000-0000000FF1CE}) (Version: 16.0.17328.20108 - Microsoft Corporation) Hidden
qBittorrent (HKLM-x32\...\qBittorrent) (Version: 4.6.3 - The qBittorrent project)
Realtek Audio Driver (HKLM-x32\...\{F132AF7F-7BCA-4EDE-8A7C-958108FE7DBC}) (Version: 6.0.9492.1 - Realtek Semiconductor Corp.)
Steam (HKLM-x32\...\Steam) (Version: 2.10.91.91 - Valve Corporation)
Sticky Password 8.8.4.1676 (HKLM-x32\...\Sticky Password_is1) (Version: 8.8.4.1676 - Lamantine Software)
UE4 Prerequisites (x64) (HKLM\...\{36EAD5CF-44EF-4FCF-8BE1-D96C4835D7A4}) (Version: 1.0.11.0 - Epic Games, Inc.) Hidden
UE4 Prerequisites (x64) (HKLM-x32\...\{2890ae6b-90e9-448d-b3e6-97e43c21e2fd}) (Version: 1.0.13.0 - Epic Games, Inc.) Hidden
VLC media player (HKLM\...\VLC media player) (Version: 3.0.18 - VideoLAN)
WinRAR 6.21 (64-bit) (HKLM\...\WinRAR archiver) (Version: 6.21.0 - win.rar GmbH)
Packages:
=========
Adobe Acrobat Reader -> C:\Program Files\Adobe\Acrobat DC [2024-03-17] ()
Dev Home -> C:\Program Files\WindowsApps\Microsoft.Windows.DevHome_0.1200.442.0_x64__8wekyb3d8bbwe [2024-03-20] (Microsoft Corporation)
ESET Context Menu -> C:\Program Files\ESET\ESET Security [2024-03-27] (Sparse Package)
ESPN -> C:\Program Files\WindowsApps\22364Disney.ESPNBetaPWA_16.0.1.0_neutral__6rarf9sa4v8jt [2024-03-13] (Disney)
HP Smart -> C:\Program Files\WindowsApps\AD2F1837.HPPrinterControl_152.1.1099.0_x64__v10z8vjag6ke6 [2024-03-08] (HP Inc.)
Microsoft Family -> C:\Program Files\WindowsApps\MicrosoftCorporationII.MicrosoftFamily_0.2.40.0_x64__8wekyb3d8bbwe [2023-09-14] (Microsoft Corp.)
Microsoft Teams Play Together -> C:\Program Files\WindowsApps\Microsoft.TeamsXboxGameBarWidget_1.2402.801.0_x64__8wekyb3d8bbwe [2024-02-22] (Microsoft Corporation)
Microsoft.WindowsAppRuntime.CBS -> C:\Windows\SystemApps\Microsoft.WindowsAppRuntime.CBS_8wekyb3d8bbwe [2024-03-13] (Microsoft Corporation)
MicrosoftWindows.CrossDevice -> C:\Program Files\WindowsApps\MicrosoftWindows.CrossDevice_1.24022.90.0_x64__cw5n1h2txyewy [2024-03-27] (Microsoft Windows) [Startup Task]
Minecraft Launcher -> C:\Program Files\WindowsApps\Microsoft.4297127D64EC6_1.7.2.0_x64__8wekyb3d8bbwe [2023-12-21] (Microsoft Studios)
NVIDIA Control Panel -> C:\Program Files\WindowsApps\NVIDIACorp.NVIDIAControlPanel_8.1.965.0_x64__56jybvy8sckqj [2024-03-25] (NVIDIA Corp.)
Spotify Music -> C:\Program Files\WindowsApps\SpotifyAB.SpotifyMusic_1.233.1042.0_x64__zpdnekdrzrea0 [2024-03-26] (Spotify AB) [Startup Task]
Windows Feature Experience Pack -> C:\Windows\SystemApps\MicrosoftWindows.Client.FileExp_cw5n1h2txyewy [2024-03-13] (Microsoft Corporation)
WinRAR -> C:\Program Files\WinRAR [2023-04-22] (win.rar GmbH)
==================== Custom CLSID (Whitelisted): ==============
(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)
CustomCLSID: HKU\S-1-5-21-2785552240-912787919-3056475977-1001_Classes\CLSID\{38142727-3008-9161-1521-349515000000}\localserver32 -> C:\Program Files\Adobe\Acrobat DC\Acrobat\ADNotificationManager.exe (Adobe Inc. -> Adobe)
ShellIconOverlayIdentifiers: [ OneDrive1] -> {BBACC218-34EA-4666-9D7A-C78F2274A524} => C:\Program Files\Microsoft OneDrive\24.050.0310.0001\FileSyncShell64.dll [2024-03-26] (Microsoft Corporation -> Microsoft Corporation)
ShellIconOverlayIdentifiers: [ OneDrive2] -> {5AB7172C-9C11-405C-8DD5-AF20F3606282} => C:\Program Files\Microsoft OneDrive\24.050.0310.0001\FileSyncShell64.dll [2024-03-26] (Microsoft Corporation -> Microsoft Corporation)
ShellIconOverlayIdentifiers: [ OneDrive3] -> {A78ED123-AB77-406B-9962-2A5D9D2F7F30} => C:\Program Files\Microsoft OneDrive\24.050.0310.0001\FileSyncShell64.dll [2024-03-26] (Microsoft Corporation -> Microsoft Corporation)
ShellIconOverlayIdentifiers: [ OneDrive4] -> {F241C880-6982-4CE5-8CF7-7085BA96DA5A} => C:\Program Files\Microsoft OneDrive\24.050.0310.0001\FileSyncShell64.dll [2024-03-26] (Microsoft Corporation -> Microsoft Corporation)
ShellIconOverlayIdentifiers: [ OneDrive5] -> {A0396A93-DC06-4AEF-BEE9-95FFCCAEF20E} => C:\Program Files\Microsoft OneDrive\24.050.0310.0001\FileSyncShell64.dll [2024-03-26] (Microsoft Corporation -> Microsoft Corporation)
ShellIconOverlayIdentifiers: [ OneDrive6] -> {9AA2F32D-362A-42D9-9328-24A483E2CCC3} => C:\Program Files\Microsoft OneDrive\24.050.0310.0001\FileSyncShell64.dll [2024-03-26] (Microsoft Corporation -> Microsoft Corporation)
ShellIconOverlayIdentifiers: [ OneDrive7] -> {C5FF006E-2AE9-408C-B85B-2DFDD5449D9C} => C:\Program Files\Microsoft OneDrive\24.050.0310.0001\FileSyncShell64.dll [2024-03-26] (Microsoft Corporation -> Microsoft Corporation)
ShellIconOverlayIdentifiers-x32: [ OneDrive1] -> {BBACC218-34EA-4666-9D7A-C78F2274A524} => C:\Program Files\Microsoft OneDrive\24.050.0310.0001\FileSyncShell64.dll [2024-03-26] (Microsoft Corporation -> Microsoft Corporation)
ShellIconOverlayIdentifiers-x32: [ OneDrive2] -> {5AB7172C-9C11-405C-8DD5-AF20F3606282} => C:\Program Files\Microsoft OneDrive\24.050.0310.0001\FileSyncShell64.dll [2024-03-26] (Microsoft Corporation -> Microsoft Corporation)
ShellIconOverlayIdentifiers-x32: [ OneDrive3] -> {A78ED123-AB77-406B-9962-2A5D9D2F7F30} => C:\Program Files\Microsoft OneDrive\24.050.0310.0001\FileSyncShell64.dll [2024-03-26] (Microsoft Corporation -> Microsoft Corporation)
ShellIconOverlayIdentifiers-x32: [ OneDrive4] -> {F241C880-6982-4CE5-8CF7-7085BA96DA5A} => C:\Program Files\Microsoft OneDrive\24.050.0310.0001\FileSyncShell64.dll [2024-03-26] (Microsoft Corporation -> Microsoft Corporation)
ShellIconOverlayIdentifiers-x32: [ OneDrive5] -> {A0396A93-DC06-4AEF-BEE9-95FFCCAEF20E} => C:\Program Files\Microsoft OneDrive\24.050.0310.0001\FileSyncShell64.dll [2024-03-26] (Microsoft Corporation -> Microsoft Corporation)
ShellIconOverlayIdentifiers-x32: [ OneDrive6] -> {9AA2F32D-362A-42D9-9328-24A483E2CCC3} => C:\Program Files\Microsoft OneDrive\24.050.0310.0001\FileSyncShell64.dll [2024-03-26] (Microsoft Corporation -> Microsoft Corporation)
ShellIconOverlayIdentifiers-x32: [ OneDrive7] -> {C5FF006E-2AE9-408C-B85B-2DFDD5449D9C} => C:\Program Files\Microsoft OneDrive\24.050.0310.0001\FileSyncShell64.dll [2024-03-26] (Microsoft Corporation -> Microsoft Corporation)
ContextMenuHandlers1: [ FileSyncEx] -> {CB3D0F55-BC2C-4C1A-85ED-23ED75B5106B} => C:\Program Files\Microsoft OneDrive\24.050.0310.0001\FileSyncShell64.dll [2024-03-26] (Microsoft Corporation -> Microsoft Corporation)
ContextMenuHandlers1: [ESET Security Shell] -> {B089FE88-FB52-11D3-BDF1-0050DA34150D} => C:\Program Files\ESET\ESET Security\shellExt.dll [2024-03-25] (ESET, spol. s r.o. -> ESET)
ContextMenuHandlers2: [DaemonShellExtDriveLite] -> {C06369D6-E77D-4626-9656-1256312BD576} => C:\Program Files\DAEMON Tools Lite\dtshl64.dll [2023-10-11] (AVB Disc Soft, SIA -> Disc Soft FZE LLC)
ContextMenuHandlers2: [ESET Security Shell] -> {B089FE88-FB52-11D3-BDF1-0050DA34150D} => C:\Program Files\ESET\ESET Security\shellExt.dll [2024-03-25] (ESET, spol. s r.o. -> ESET)
ContextMenuHandlers3: [DaemonShellExtImageLite] -> {1D1B5D7B-0FC9-452E-902C-12BACD4FBC20} => C:\Program Files\DAEMON Tools Lite\dtshl64.dll [2023-10-11] (AVB Disc Soft, SIA -> Disc Soft FZE LLC)
ContextMenuHandlers4: [ FileSyncEx] -> {CB3D0F55-BC2C-4C1A-85ED-23ED75B5106B} => C:\Program Files\Microsoft OneDrive\24.050.0310.0001\FileSyncShell64.dll [2024-03-26] (Microsoft Corporation -> Microsoft Corporation)
ContextMenuHandlers5: [ FileSyncEx] -> {CB3D0F55-BC2C-4C1A-85ED-23ED75B5106B} => C:\Program Files\Microsoft OneDrive\24.050.0310.0001\FileSyncShell64.dll [2024-03-26] (Microsoft Corporation -> Microsoft Corporation)
ContextMenuHandlers5: [NvCplDesktopContext] -> {3D1975AF-48C6-4f8e-A182-BE0E08FA86A9} => C:\Windows\System32\DriverStore\FileRepository\nvmdi.inf_amd64_04ffae6d80cb7adc\nvshext.dll [2023-06-09] (NVIDIA Corporation -> NVIDIA Corporation)
ContextMenuHandlers6: [ESET Security Shell] -> {B089FE88-FB52-11D3-BDF1-0050DA34150D} => C:\Program Files\ESET\ESET Security\shellExt.dll [2024-03-25] (ESET, spol. s r.o. -> ESET)
==================== Codecs (Whitelisted) ====================
==================== Shortcuts & WMI ========================
(The entries could be listed to be restored or removed.)
Shortcut: C:\Users\petrs\Desktop\НастройкиFallout 4.lnk -> E:\Hry\Fallout 4\Fallout4Launcher.exe (Bethesda Softworks) <==== Cyrillic
==================== Loaded Modules (Whitelisted) =============
2024-03-27 15:06 - 2024-03-27 15:06 - 005855744 _____ (ESET, spol. s r.o. -> ESET) [File not signed] C:\Program Files\ESET\ESET Security\Modules\em045_64\1087\em045_64.dll
2023-04-22 09:28 - 2023-04-22 09:28 - 000000000 ____L (Microsoft Corporation) [symlink -> C:\Program Files\Common Files\Microsoft Shared\ClickToRun\AppvIsvSubsystems64.dll] C:\Program Files\Microsoft Office\Root\Office16\AppVIsvSubsystems64.dll
2023-04-22 09:28 - 2023-04-22 09:28 - 000000000 ____L (Microsoft Corporation) [symlink -> C:\Program Files\Common Files\Microsoft Shared\ClickToRun\C2R64.dll] C:\Program Files\Microsoft Office\Root\Office16\c2r64.dll
==================== Alternate Data Streams (Whitelisted) ========
==================== Safe Mode (Whitelisted) ==================
==================== Association (Whitelisted) =================
==================== Internet Explorer (Whitelisted) ==========
BHO: Java(tm) Plug-In SSV Helper -> {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} -> C:\Program Files\Java\jre-1.8\bin\ssv.dll [2023-03-17] (Oracle America, Inc. -> Oracle Corporation)
BHO: Java(tm) Plug-In 2 SSV Helper -> {DBC80044-A445-435b-BC74-9C25C1C588A9} -> C:\Program Files\Java\jre-1.8\bin\jp2ssv.dll [2023-03-17] (Oracle America, Inc. -> Oracle Corporation)
BHO-x32: Skype for Business Browser Helper -> {31D09BA0-12F5-4CCE-BE8A-2923E76605DA} -> C:\Program Files\Microsoft Office\root\VFS\ProgramFilesX86\Microsoft Office\Office16\OCHelper.dll [2024-01-31] (Microsoft Corporation -> Microsoft Corporation)
Handler: mso-minsb-roaming.16 - {83C25742-A9F7-49FB-9138-434302C88D07} - C:\Program Files\Microsoft Office\root\Office16\MSOSB.DLL [2024-03-07] (Microsoft Corporation -> Microsoft Corporation)
Handler-x32: mso-minsb-roaming.16 - {83C25742-A9F7-49FB-9138-434302C88D07} - C:\Program Files\Microsoft Office\root\VFS\ProgramFilesX86\Microsoft Office\Office16\MSOSB.DLL [2024-03-07] (Microsoft Corporation -> Microsoft Corporation)
Handler: mso-minsb.16 - {42089D2D-912D-4018-9087-2B87803E93FB} - C:\Program Files\Microsoft Office\root\Office16\MSOSB.DLL [2024-03-07] (Microsoft Corporation -> Microsoft Corporation)
Handler-x32: mso-minsb.16 - {42089D2D-912D-4018-9087-2B87803E93FB} - C:\Program Files\Microsoft Office\root\VFS\ProgramFilesX86\Microsoft Office\Office16\MSOSB.DLL [2024-03-07] (Microsoft Corporation -> Microsoft Corporation)
Handler: osf-roaming.16 - {42089D2D-912D-4018-9087-2B87803E93FB} - C:\Program Files\Microsoft Office\root\Office16\MSOSB.DLL [2024-03-07] (Microsoft Corporation -> Microsoft Corporation)
Handler-x32: osf-roaming.16 - {42089D2D-912D-4018-9087-2B87803E93FB} - C:\Program Files\Microsoft Office\root\VFS\ProgramFilesX86\Microsoft Office\Office16\MSOSB.DLL [2024-03-07] (Microsoft Corporation -> Microsoft Corporation)
Handler: osf.16 - {5504BE45-A83B-4808-900A-3A5C36E7F77A} - C:\Program Files\Microsoft Office\root\Office16\MSOSB.DLL [2024-03-07] (Microsoft Corporation -> Microsoft Corporation)
Handler-x32: osf.16 - {5504BE45-A83B-4808-900A-3A5C36E7F77A} - C:\Program Files\Microsoft Office\root\VFS\ProgramFilesX86\Microsoft Office\Office16\MSOSB.DLL [2024-03-07] (Microsoft Corporation -> Microsoft Corporation)
==================== Hosts content: =========================
(If needed Hosts: directive could be included in the fixlist to reset Hosts.)
2022-05-07 06:24 - 2022-05-07 06:22 - 000000824 _____ C:\Windows\system32\drivers\etc\hosts
==================== Other Areas ===========================
(Currently there is no automatic fix for this section.)
HKLM\System\CurrentControlSet\Control\Session Manager\Environment\\Path -> C:\Program Files (x86)\Common Files\Oracle\Java\javapath;C:\Windows\system32;C:\Windows;C:\Windows\System32\Wbem;C:\Windows\System32\WindowsPowerShell\v1.0\;C:\Windows\System32\OpenSSH\;C:\Program Files\NVIDIA Corporation\NVIDIA NvDLISR;C:\Program Files (x86)\NVIDIA Corporation\PhysX\Common
HKU\S-1-5-21-2785552240-912787919-3056475977-1001\Control Panel\Desktop\\Wallpaper -> D:\Všechny rodinné fotky nemazat !!!\Stanovnice 2008 Léto\Stanovnice VII 08 029.jpg
DNS Servers: 192.168.1.1
HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Policies\System => (ConsentPromptBehaviorAdmin: 5) (ConsentPromptBehaviorUser: 3) (EnableLUA: 1)
Windows Firewall is enabled.
==================== MSCONFIG/TASK MANAGER disabled items ==
==================== FirewallRules (Whitelisted) ================
(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)
FirewallRules: [{6CB0B561-0592-4BDD-B619-C8E3E07EF0B2}] => (Allow) C:\Program Files\LogiOptionsPlus\logioptionsplus_agent.exe (Logitech Inc -> Logitech, Inc.)
FirewallRules: [{61BF0263-F05F-46B4-82EB-E034471D1499}] => (Allow) C:\Program Files\NVIDIA Corporation\NvContainer\nvcontainer.exe (NVIDIA Corporation -> NVIDIA Corporation)
FirewallRules: [{F9731812-D9FF-4110-916A-A7A3544E5CF7}] => (Allow) C:\Program Files\NVIDIA Corporation\NvContainer\nvcontainer.exe (NVIDIA Corporation -> NVIDIA Corporation)
FirewallRules: [{1F59F503-46C1-46D2-8CD3-21C1BFF0452E}] => (Allow) C:\Program Files\Mozilla Firefox\firefox.exe (Mozilla Corporation -> Mozilla Corporation)
FirewallRules: [{791FB0FB-49C8-4DD7-9262-3225200D8D76}] => (Allow) C:\Program Files\Mozilla Firefox\firefox.exe (Mozilla Corporation -> Mozilla Corporation)
FirewallRules: [{0026DF3C-A56E-4976-AB96-623922E24110}] => (Allow) E:\Hry\Steam.exe (Valve Corp. -> Valve Corporation)
FirewallRules: [{8D0C5721-3482-4F65-9865-040F76573A61}] => (Allow) E:\Hry\Steam.exe (Valve Corp. -> Valve Corporation)
FirewallRules: [{07BFE2C2-E517-440D-8BDE-23B5C89599A2}] => (Allow) E:\Hry\bin\cef\cef.win7x64\steamwebhelper.exe (Valve Corp. -> Valve Corporation)
FirewallRules: [{C2A2E3C9-3903-4197-9DA0-0FAD0BF3207F}] => (Allow) E:\Hry\bin\cef\cef.win7x64\steamwebhelper.exe (Valve Corp. -> Valve Corporation)
FirewallRules: [{7568F6F9-8484-41E4-9520-91264DE98029}] => (Allow) E:\Hry\steamapps\common\Hogwarts Legacy\HogwartsLegacy.exe (Warner Bros. Interactive) [File not signed]
FirewallRules: [{7E3DBE9D-BAE8-4684-B64F-AED4E5DC4DAB}] => (Allow) E:\Hry\steamapps\common\Hogwarts Legacy\HogwartsLegacy.exe (Warner Bros. Interactive) [File not signed]
FirewallRules: [{16823495-B5F8-4CC7-A7DA-745790937911}] => (Allow) E:\Hry\steamapps\common\VRChat\launch.exe () [File not signed]
FirewallRules: [{65EC1B8C-8BA9-4A74-8041-ED68689A1C08}] => (Allow) E:\Hry\steamapps\common\VRChat\launch.exe () [File not signed]
FirewallRules: [TCP Query User{11F9593C-1625-4C08-B581-7088DC39C9AA}C:\program files\qbittorrent\qbittorrent.exe] => (Block) C:\program files\qbittorrent\qbittorrent.exe (The qBittorrent Project) [File not signed]
FirewallRules: [UDP Query User{C3DF1A79-951C-4DC2-A8E2-B65F0082CB7C}C:\program files\qbittorrent\qbittorrent.exe] => (Block) C:\program files\qbittorrent\qbittorrent.exe (The qBittorrent Project) [File not signed]
FirewallRules: [TCP Query User{8FAF17B1-78CC-4D89-8EBB-D9CFA076458B}E:\hry\epic games\launcher\engine\binaries\win64\epicwebhelper.exe] => (Allow) E:\hry\epic games\launcher\engine\binaries\win64\epicwebhelper.exe (Epic Games Inc. -> Epic Games, Inc.)
FirewallRules: [UDP Query User{55E199DE-CCEC-4588-80A6-B668E569F5FD}E:\hry\epic games\launcher\engine\binaries\win64\epicwebhelper.exe] => (Allow) E:\hry\epic games\launcher\engine\binaries\win64\epicwebhelper.exe (Epic Games Inc. -> Epic Games, Inc.)
FirewallRules: [{9F9F1179-26C7-47F8-8144-E72ECF52E1C4}] => (Allow) C:\Program Files\DAEMON Tools Lite\DiscSoftBusServiceLite.exe (AVB Disc Soft, SIA -> Disc Soft FZE LLC)
FirewallRules: [{5A9F8DF5-3C82-48DB-94E3-C5892CD675A3}] => (Allow) C:\Program Files\DAEMON Tools Lite\DiscSoftBusServiceLite.exe (AVB Disc Soft, SIA -> Disc Soft FZE LLC)
FirewallRules: [TCP Query User{36FC7988-02DF-4B1A-8004-9E58126B1BF0}C:\users\petrs\appdata\local\packages\microsoft.4297127d64ec6_8wekyb3d8bbwe\localcache\local\runtime\java-runtime-gamma\windows-x64\java-runtime-gamma\bin\javaw.exe] => (Allow) C:\users\petrs\appdata\local\packages\microsoft.4297127d64ec6_8wekyb3d8bbwe\localcache\local\runtime\java-runtime-gamma\windows-x64\java-runtime-gamma\bin\javaw.exe
FirewallRules: [UDP Query User{1AE7DD89-F5AF-42F4-9261-2407562E1C4E}C:\users\petrs\appdata\local\packages\microsoft.4297127d64ec6_8wekyb3d8bbwe\localcache\local\runtime\java-runtime-gamma\windows-x64\java-runtime-gamma\bin\javaw.exe] => (Allow) C:\users\petrs\appdata\local\packages\microsoft.4297127d64ec6_8wekyb3d8bbwe\localcache\local\runtime\java-runtime-gamma\windows-x64\java-runtime-gamma\bin\javaw.exe
FirewallRules: [{B5FAA428-A6A5-457E-B7D3-91CD6A7421B9}] => (Allow) C:\Program Files\NVIDIA Corporation\NvContainer\nvcontainer.exe (NVIDIA Corporation -> NVIDIA Corporation)
FirewallRules: [{4EA6C1E4-3D86-4C5F-8826-960E94001B64}] => (Allow) C:\Program Files\NVIDIA Corporation\NvContainer\nvcontainer.exe (NVIDIA Corporation -> NVIDIA Corporation)
FirewallRules: [{4E5A36F7-DB24-48EF-974E-786496C25D2D}] => (Allow) C:\Program Files\NVIDIA Corporation\NvStreamSrv\nvstreamer.exe (NVIDIA Corporation -> NVIDIA Corporation)
FirewallRules: [{B3708D0F-88E0-4A06-9A4E-C34B7AA77CC6}] => (Allow) C:\Program Files\NVIDIA Corporation\NvStreamSrv\nvstreamer.exe (NVIDIA Corporation -> NVIDIA Corporation)
FirewallRules: [{8C028B2F-6CA0-43FC-90A1-B077890DB941}] => (Allow) E:\Hry\steamapps\common\Poppy Playtime - Multiplayer\Playtime_Multiplayer.exe (EasyAntiCheat Oy -> Epic Games, Inc.)
FirewallRules: [{14EB1F0D-D709-447F-AFEA-3DFB9DE8C7D8}] => (Allow) E:\Hry\steamapps\common\Poppy Playtime - Multiplayer\Playtime_Multiplayer.exe (EasyAntiCheat Oy -> Epic Games, Inc.)
FirewallRules: [TCP Query User{39099541-348F-4A81-AB48-E6463C8595CB}E:\hry\steamapps\common\poppy playtime - multiplayer\playtime_multiplayer\binaries\win64\playtime_multiplayer-win64-shipping.exe] => (Allow) E:\hry\steamapps\common\poppy playtime - multiplayer\playtime_multiplayer\binaries\win64\playtime_multiplayer-win64-shipping.exe (Epic Games, Inc.) [File not signed]
FirewallRules: [UDP Query User{170B4B36-F066-464E-A87B-77152AAD1D65}E:\hry\steamapps\common\poppy playtime - multiplayer\playtime_multiplayer\binaries\win64\playtime_multiplayer-win64-shipping.exe] => (Allow) E:\hry\steamapps\common\poppy playtime - multiplayer\playtime_multiplayer\binaries\win64\playtime_multiplayer-win64-shipping.exe (Epic Games, Inc.) [File not signed]
FirewallRules: [{5BDB27A2-3FBF-4A89-B5A0-FB719085ED1F}] => (Allow) E:\Hry\steamapps\common\AreYouReadyForValveIndex\compatapp.exe (Valve -> )
FirewallRules: [{576BF63F-5185-46B9-A64F-8ED0A8058634}] => (Allow) E:\Hry\steamapps\common\AreYouReadyForValveIndex\compatapp.exe (Valve -> )
FirewallRules: [{37FF988B-AEAD-4FF7-AAA3-4F80109B6265}] => (Allow) C:\Program Files (x86)\Sticky Password\stpass.exe (Lamantine Software a.s. -> Lamantine Software a.s.)
FirewallRules: [{03C1901D-BC4E-4A29-BD3C-3B49F071F705}] => (Allow) C:\Program Files (x86)\Sticky Password\stpass.exe (Lamantine Software a.s. -> Lamantine Software a.s.)
FirewallRules: [{01913BD6-F5FD-473D-8472-00ED116DF64E}] => (Allow) E:\Hry\steamapps\common\Palworld\Palworld.exe (Epic Games, Inc.) [File not signed]
FirewallRules: [{E8DD902F-C4E2-4213-A417-F3FB61BF1E6C}] => (Allow) E:\Hry\steamapps\common\Palworld\Palworld.exe (Epic Games, Inc.) [File not signed]
FirewallRules: [{B7D17A44-A388-4C87-94F0-BAA02D25495F}] => (Allow) C:\Program Files\LogiOptionsPlus\logioptionsplus_agent.exe (Logitech Inc -> Logitech, Inc.)
FirewallRules: [{6BF4BB4A-2728-458F-9511-BAE85BA9A629}] => (Allow) C:\Program Files\qBittorrent\qbittorrent.exe (The qBittorrent Project) [File not signed]
FirewallRules: [{D466CB32-501C-4F87-BE9E-3398D44603C7}] => (Allow) C:\Program Files\qBittorrent\qbittorrent.exe (The qBittorrent Project) [File not signed]
FirewallRules: [{4BDA6956-6C89-4C22-8350-407A1599E75A}] => (Allow) C:\Program Files (x86)\Microsoft\EdgeWebView\Application\122.0.2365.92\msedgewebview2.exe (Microsoft Corporation -> Microsoft Corporation)
FirewallRules: [{EF4B2994-DE1F-4A50-981D-B5B5A32A95F1}] => (Allow) C:\Program Files\WindowsApps\MicrosoftTeams_24060.3102.2733.5911_x64__8wekyb3d8bbwe\msteams.exe (Microsoft Corporation -> Microsoft Corporation)
FirewallRules: [{D14BAB15-B22D-44B4-B783-7F3951C93A2A}] => (Allow) C:\Program Files\WindowsApps\MicrosoftTeams_24060.3102.2733.5911_x64__8wekyb3d8bbwe\msteams.exe (Microsoft Corporation -> Microsoft Corporation)
FirewallRules: [{74C3FA3B-6D44-45D2-8AF9-53191D30FDAB}] => (Allow) C:\Program Files\WindowsApps\SpotifyAB.SpotifyMusic_1.233.1042.0_x64__zpdnekdrzrea0\Spotify.exe (453637B3-4E12-4CDF-B0D3-2A3C863BF6EF -> Spotify Ltd)
FirewallRules: [{3E0AF9CC-6371-40B2-B876-A998C8695B43}] => (Allow) C:\Program Files\WindowsApps\SpotifyAB.SpotifyMusic_1.233.1042.0_x64__zpdnekdrzrea0\Spotify.exe (453637B3-4E12-4CDF-B0D3-2A3C863BF6EF -> Spotify Ltd)
FirewallRules: [{EFC12E27-E3AC-4443-8130-4825CDFA0B9C}] => (Allow) C:\Program Files\WindowsApps\SpotifyAB.SpotifyMusic_1.233.1042.0_x64__zpdnekdrzrea0\Spotify.exe (453637B3-4E12-4CDF-B0D3-2A3C863BF6EF -> Spotify Ltd)
FirewallRules: [{8BEFFD99-5131-4B8B-A405-E679477FDCE4}] => (Allow) C:\Program Files\WindowsApps\SpotifyAB.SpotifyMusic_1.233.1042.0_x64__zpdnekdrzrea0\Spotify.exe (453637B3-4E12-4CDF-B0D3-2A3C863BF6EF -> Spotify Ltd)
FirewallRules: [{BBAA3A03-4AF7-4DA0-9200-15CE44886608}] => (Allow) C:\Program Files\WindowsApps\SpotifyAB.SpotifyMusic_1.233.1042.0_x64__zpdnekdrzrea0\Spotify.exe (453637B3-4E12-4CDF-B0D3-2A3C863BF6EF -> Spotify Ltd)
FirewallRules: [{133A1A31-1ADB-4008-B414-E8ACE8990D0B}] => (Allow) C:\Program Files\WindowsApps\SpotifyAB.SpotifyMusic_1.233.1042.0_x64__zpdnekdrzrea0\Spotify.exe (453637B3-4E12-4CDF-B0D3-2A3C863BF6EF -> Spotify Ltd)
FirewallRules: [{755FD29A-3361-45E5-BF66-C0805414D15A}] => (Allow) C:\Program Files\WindowsApps\SpotifyAB.SpotifyMusic_1.233.1042.0_x64__zpdnekdrzrea0\Spotify.exe (453637B3-4E12-4CDF-B0D3-2A3C863BF6EF -> Spotify Ltd)
FirewallRules: [{B372E5DD-3D78-49F0-A5BB-4567C6282AF9}] => (Allow) C:\Program Files\WindowsApps\SpotifyAB.SpotifyMusic_1.233.1042.0_x64__zpdnekdrzrea0\Spotify.exe (453637B3-4E12-4CDF-B0D3-2A3C863BF6EF -> Spotify Ltd)
FirewallRules: [{2E0D6DD9-20B5-460F-9D52-1DE6382C9C15}] => (Allow) C:\Program Files\WindowsApps\SpotifyAB.SpotifyMusic_1.233.1042.0_x64__zpdnekdrzrea0\Spotify.exe (453637B3-4E12-4CDF-B0D3-2A3C863BF6EF -> Spotify Ltd)
FirewallRules: [{5943667F-B38C-46D9-B807-9973C1B63E1A}] => (Allow) C:\Program Files\WindowsApps\SpotifyAB.SpotifyMusic_1.233.1042.0_x64__zpdnekdrzrea0\Spotify.exe (453637B3-4E12-4CDF-B0D3-2A3C863BF6EF -> Spotify Ltd)
==================== Restore Points =========================
20-03-2024 18:38:26 Windows Update
25-03-2024 18:25:40 Windows Update
25-03-2024 18:25:40 Windows Update
25-03-2024 18:25:41 Windows Update
==================== Faulty Device Manager Devices ============
==================== Event log errors: ========================
Application errors:
==================
Error: (03/27/2024 03:10:23 PM) (Source: Microsoft Security Client) (EventID: 3002) (User: )
Description: Event-ID 3002
Error: (03/27/2024 03:10:23 PM) (Source: Microsoft Security Client) (EventID: 2002) (User: )
Description: Event-ID 2002
Error: (03/27/2024 03:10:23 PM) (Source: Microsoft Security Client) (EventID: 2003) (User: )
Description: Event-ID 2003
System errors:
=============
Error: (03/26/2024 11:04:56 AM) (Source: Microsoft-Windows-WindowsUpdateClient) (EventID: 20) (User: NT AUTHORITY)
Description: Instalace se nezdařila: Instalování následující aktualizace se nezdařilo z důvodu chyby (0x80073d02): 9NMPJ99VJBWV-Microsoft.YourPhone.
Error: (03/26/2024 11:04:48 AM) (Source: Microsoft-Windows-WindowsUpdateClient) (EventID: 20) (User: NT AUTHORITY)
Description: Instalace se nezdařila: Instalování následující aktualizace se nezdařilo z důvodu chyby (0x80073d02): 9MV0B5HZVK9Z-Microsoft.GamingApp.
Error: (03/25/2024 06:26:14 PM) (Source: Microsoft-Windows-WindowsUpdateClient) (EventID: 20) (User: NT AUTHORITY)
Description: Instalace se nezdařila: Instalování následující aktualizace se nezdařilo z důvodu chyby (0x80073d02): 9NCBCSZSJRSB-SpotifyAB.SpotifyMusic.
Error: (03/25/2024 06:10:24 PM) (Source: Service Control Manager) (EventID: 7034) (User: )
Description: Služba GameInput Service byla neočekávaně ukončena. Tento stav nastal již 6krát.
Error: (03/25/2024 06:10:24 PM) (Source: Service Control Manager) (EventID: 7023) (User: )
Description: Služba GameInput Service byla ukončena s následující chybou:
Složený soubor GameInput Service byl vytvořen s novější verzi úložného prostoru.
Error: (03/25/2024 06:10:23 PM) (Source: Service Control Manager) (EventID: 7031) (User: )
Description: Služba GameInput Service byla nečekaně ukončena. Stalo se to 5 krát. Následující opravná akce bude spuštěna za 1000 milisekund: Restartovat službu.
Error: (03/25/2024 06:10:23 PM) (Source: Service Control Manager) (EventID: 7023) (User: )
Description: Služba GameInput Service byla ukončena s následující chybou:
Složený soubor GameInput Service byl vytvořen s novější verzi úložného prostoru.
Error: (03/25/2024 06:10:22 PM) (Source: Service Control Manager) (EventID: 7031) (User: )
Description: Služba GameInput Service byla nečekaně ukončena. Stalo se to 4 krát. Následující opravná akce bude spuštěna za 1000 milisekund: Restartovat službu.
Windows Defender:
================
Date: 2024-03-27 11:49:12
Description:
Prohledávání Antivirová ochrana v programu Microsoft Defender bylo zastaveno před dokončením.
ID prohledávání: {065A7352-698C-42A3-B0D6-0EB3AA01C6A8}
Typ prohledávání: Antimalwarový program
Parametry prohledávání: Rychlé prohledávání
Uživatel: NT AUTHORITY\SYSTEM
Date: 2024-03-26 11:04:25
Description:
Prohledávání Antivirová ochrana v programu Microsoft Defender bylo zastaveno před dokončením.
ID prohledávání: {05952EFA-7104-4861-9F9A-ED72BFCC57E6}
Typ prohledávání: Antimalwarový program
Parametry prohledávání: Rychlé prohledávání
Uživatel: NT AUTHORITY\SYSTEM
Date: 2024-03-19 14:42:11
Description:
Prohledávání Antivirová ochrana v programu Microsoft Defender bylo zastaveno před dokončením.
ID prohledávání: {967023EF-3810-4877-8EF7-3378CD26B578}
Typ prohledávání: Antimalwarový program
Parametry prohledávání: Rychlé prohledávání
Uživatel: NT AUTHORITY\SYSTEM
Date: 2024-03-18 09:22:45
Description:
Prohledávání Antivirová ochrana v programu Microsoft Defender bylo zastaveno před dokončením.
ID prohledávání: {3B22F4A7-74BB-4F2D-B5A0-388E15E0B88D}
Typ prohledávání: Antimalwarový program
Parametry prohledávání: Rychlé prohledávání
Uživatel: NT AUTHORITY\SYSTEM
Date: 2024-03-17 14:40:34
Description:
Prohledávání Antivirová ochrana v programu Microsoft Defender bylo zastaveno před dokončením.
ID prohledávání: {8F131DA7-2EBB-4FDF-BE68-C8309F699900}
Typ prohledávání: Antimalwarový program
Parametry prohledávání: Rychlé prohledávání
Uživatel: NT AUTHORITY\SYSTEM
Event[0]
Date: 2023-04-22 09:27:33
Description:
Antivirová ochrana v programu Microsoft Defender narazil na chybu při pokusu o aktualizaci bezpečnostních informací.
Nová verze bezpečnostních informací:
Předchozí verze bezpečnostních informací: 1.321.69.0
Zdroj aktualizace: Centrum společnosti Microsoft pro ochranu před škodlivým softwarem
Typ bezpečnostních informací: Antivirový program
Typ aktualizace: Úplné
Uživatel: NT AUTHORITY\NETWORK SERVICE
Aktuální verze modulu:
Předchozí verze modulu: 1.1.17300.4
Kód chyby: 0x80072ee7
Popis chyby: Nelze rozpoznat název nebo adresu serveru.
Date: 2023-04-22 09:27:33
Description:
Antivirová ochrana v programu Microsoft Defender narazil na chybu při pokusu o aktualizaci bezpečnostních informací.
Nová verze bezpečnostních informací:
Předchozí verze bezpečnostních informací: 1.321.69.0
Zdroj aktualizace: Centrum společnosti Microsoft pro ochranu před škodlivým softwarem
Typ bezpečnostních informací: Antispywarový program
Typ aktualizace: Úplné
Uživatel: NT AUTHORITY\NETWORK SERVICE
Aktuální verze modulu:
Předchozí verze modulu: 1.1.17300.4
Kód chyby: 0x80072ee7
Popis chyby: Nelze rozpoznat název nebo adresu serveru.
Date: 2023-04-22 09:27:33
Description:
Antivirová ochrana v programu Microsoft Defender narazil na chybu při pokusu o aktualizaci bezpečnostních informací.
Nová verze bezpečnostních informací:
Předchozí verze bezpečnostních informací: 1.321.69.0
Zdroj aktualizace: Centrum společnosti Microsoft pro ochranu před škodlivým softwarem
Typ bezpečnostních informací: Antivirový program
Typ aktualizace: Úplné
Uživatel: NT AUTHORITY\NETWORK SERVICE
Aktuální verze modulu:
Předchozí verze modulu: 1.1.17300.4
Kód chyby: 0x80072ee7
Popis chyby: Nelze rozpoznat název nebo adresu serveru.
Date: 2023-04-22 09:27:33
Description:
Antivirová ochrana v programu Microsoft Defender narazil na chybu při pokusu o aktualizaci bezpečnostních informací.
Nová verze bezpečnostních informací:
Předchozí verze bezpečnostních informací: 1.321.69.0
Zdroj aktualizace: Centrum společnosti Microsoft pro ochranu před škodlivým softwarem
Typ bezpečnostních informací: Antivirový program
Typ aktualizace: Úplné
Uživatel: NT AUTHORITY\NETWORK SERVICE
Aktuální verze modulu:
Předchozí verze modulu: 1.1.17300.4
Kód chyby: 0x80072ee7
Popis chyby: Nelze rozpoznat název nebo adresu serveru.
Date: 2023-04-22 09:27:33
Description:
Antivirová ochrana v programu Microsoft Defender narazil na chybu při pokusu o aktualizaci bezpečnostních informací.
Nová verze bezpečnostních informací:
Předchozí verze bezpečnostních informací: 1.321.69.0
Zdroj aktualizace: Centrum společnosti Microsoft pro ochranu před škodlivým softwarem
Typ bezpečnostních informací: Antispywarový program
Typ aktualizace: Úplné
Uživatel: NT AUTHORITY\NETWORK SERVICE
Aktuální verze modulu:
Předchozí verze modulu: 1.1.17300.4
Kód chyby: 0x80072ee7
Popis chyby: Nelze rozpoznat název nebo adresu serveru.
CodeIntegrity:
===============
Date: 2024-03-27 15:10:05
Description:
Code Integrity determined that a process (\Device\HarddiskVolume4\Windows\System32\SecurityHealthService.exe) attempted to load \Device\HarddiskVolume4\Program Files\ESET\ESET Security\eamsi.dll that did not meet the Windows signing level requirements.
Date: 2024-03-27 15:09:36
Description:
Code Integrity determined that a process (\Device\HarddiskVolume4\ProgramData\Microsoft\Windows Defender\Platform\4.18.24020.7-0\MsMpEng.exe) attempted to load \Device\HarddiskVolume4\Program Files\ESET\ESET Security\eamsi.dll that did not meet the Custom 3 / Antimalware signing level requirements.
Date: 2024-03-27 15:09:31
Description:
Code Integrity determined that a process (\Device\HarddiskVolume4\Program Files\ESET\ESET Security\ekrn.exe) attempted to load \Device\HarddiskVolume4\Program Files\ESET\ESET Security\eamsi.dll that did not meet the Custom 3 / Antimalware signing level requirements.
Date: 2024-02-18 16:15:37
Description:
Code Integrity is unable to verify the image integrity of the file \Device\HarddiskVolume4\Windows\System32\fcon.dll because the set of per-page image hashes could not be found on the system.
Date: 2023-12-04 18:08:08
Description:
Code Integrity determined that a process (\Device\HarddiskVolume4\ProgramData\Microsoft\Windows Defender\Platform\4.18.23100.2009-0\MsMpEng.exe) attempted to load \Device\HarddiskVolume4\Program Files\Microsoft Office\root\vfs\ProgramFilesCommonX64\Microsoft Shared\Office16\MSOXMLMF.DLL that did not meet the Custom 3 / Antimalware signing level requirements.
==================== Memory info ===========================
BIOS: American Megatrends International, LLC. 1.I0 03/01/2023
Motherboard: Micro-Star International Co., Ltd. MPG X570 GAMING PRO CARBON WIFI (MS-7B93)
Processor: AMD Ryzen 9 3900X 12-Core Processor
Percentage of memory in use: 38%
Total physical RAM: 16303.47 MB
Available physical RAM: 10054.13 MB
Total Virtual: 26543.47 MB
Available Virtual: 18137.3 MB
==================== Drives ================================
Drive c: () (Fixed) (Total:930.79 GB) (Free:691.53 GB) (Model: Samsung SSD 990 PRO 1TB) NTFS
Drive d: (Místní disk) (Fixed) (Total:1863 GB) (Free:1102.47 GB) (Model: HGST HUS722T2TALA604) NTFS
Drive e: (Místní disk E) (Fixed) (Total:465.65 GB) (Free:221.43 GB) (Model: Samsung SSD 970 EVO Plus 500GB) NTFS
\\?\Volume{e26e90c5-7abc-48fe-a1d0-cdb7280b4b78}\ () (Fixed) (Total:0.61 GB) (Free:0.08 GB) NTFS
\\?\Volume{aed9f27e-b2dc-40a4-a67e-a9c26c3a08fc}\ () (Fixed) (Total:0.09 GB) (Free:0.07 GB) FAT32
==================== MBR & Partition Table ====================
==========================================================
Disk: 0 (Protective MBR) (Size: 1863 GB) (Disk ID: 00000000)
Partition: GPT.
==========================================================
Disk: 1 (Size: 465.8 GB) (Disk ID: 1F09C536)
Partition: GPT.
==========================================================
Disk: 2 (Protective MBR) (Size: 931.5 GB) (Disk ID: 00000000)
Partition: GPT.
==================== End of Addition.txt =======================
