Prosím o kontrolu.

Zpráva

zdenek72 · #1 Příspěvek od **zdenek72** » 26 lis 2023 09:08

Scan result of Farbar Recovery Scan Tool (FRST) (x64) Version: 05-11-2023 02
Ran by PC (administrator) on DESKTOP-G2RHETR (FUJITSU FUTRO S720) (26-11-2023 08:59:15)
Running from C:\Users\PC\Desktop\Čištění\FRST64.exe
Loaded Profiles: PC
Platform: Microsoft Windows 10 Pro Version 21H2 19044.3086 (X64) Language: Čeština (Česko)
Default browser: Opera
Boot Mode: Normal

==================== Processes (Whitelisted) =================

(If an entry is included in the fixlist, the process will be closed. The file will not be moved.)

(Adobe Inc. -> Adobe Systems Incorporated) C:\Program Files (x86)\Adobe\Acrobat DC\Acrobat\AdobeCollabSync.exe <2>
(BitTorrent Inc -> BitTorrent, Inc.) C:\Program Files (x86)\uTorrent\uTorrent.exe
(C:\Users\PC\AppData\Local\Programs\Opera\opera.exe ->) (Opera Norway AS -> Opera Software) C:\Users\PC\AppData\Local\Programs\Opera\104.0.4944.72\opera_crashreporter.exe
(explorer.exe ->) (Telegram FZ-LLC -> Telegram FZ-LLC) C:\Users\PC\AppData\Roaming\Telegram Desktop\Telegram.exe
(Opera Norway AS -> Opera Software) C:\Users\PC\AppData\Local\Programs\Opera\opera.exe <14>
(PIRIFORM SOFTWARE LIMITED -> Piriform Software Ltd) C:\Program Files\CCleaner\CCleaner64.exe
(services.exe ->) (Microsoft Windows Publisher -> Microsoft Corporation) C:\ProgramData\Microsoft\Windows Defender\Platform\4.18.23100.2009-0\MsMpEng.exe
(services.exe ->) (Microsoft Windows Publisher -> Microsoft Corporation) C:\ProgramData\Microsoft\Windows Defender\Platform\4.18.23100.2009-0\NisSrv.exe
(svchost.exe ->) (Microsoft Windows -> Microsoft Corporation) C:\Windows\System32\dllhost.exe <2>
(svchost.exe ->) (Microsoft Windows -> Microsoft Corporation) C:\Windows\System32\MoUsoCoreWorker.exe
(svchost.exe ->) (Microsoft Windows -> Microsoft Corporation) C:\Windows\System32\smartscreen.exe

==================== Registry (Whitelisted) ===================

(If an entry is included in the fixlist, the registry item will be restored to default or removed. The file will not be moved.)

HKLM\...\Run: [RTHDVCPL] => C:\Program Files\Realtek\Audio\HDA\RAVCpl64.exe [19572536 2023-06-14] (Realtek Semiconductor Corp. -> Realtek Semiconductor)
HKLM-x32\...\Run: [] => [X]
HKLM\SOFTWARE\Policies\Microsoft\Windows\WindowsUpdate: Restriction <==== ATTENTION
HKU\S-1-5-21-2253703465-1662604871-2040846708-1001\...\Run: [uTorrent] => C:\Program Files (x86)\uTorrent\uTorrent.exe [399736 2022-06-27] (BitTorrent Inc -> BitTorrent, Inc.)
HKU\S-1-5-21-2253703465-1662604871-2040846708-1001\...\Run: [CCleaner Smart Cleaning] => C:\Program Files\CCleaner\CCleaner64.exe [42727840 2023-10-10] (PIRIFORM SOFTWARE LIMITED -> Piriform Software Ltd)
HKU\S-1-5-21-2253703465-1662604871-2040846708-1001\...\Run: [MicrosoftEdgeAutoLaunch_B47356396DDD0FAAE76D0ED141F5CEA2] => "C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --no-startup-window --win-session-start /prefetch:5 [3896768 2023-11-16] (Microsoft Corporation -> Microsoft Corporation)
HKU\S-1-5-21-2253703465-1662604871-2040846708-1001\...\Run: [org.whispersystems.signal-desktop] => C:\Users\PC\AppData\Local\Programs\signal-desktop\Signal.exe [163621088 2023-08-09] (Signal Messenger, LLC -> Signal Messenger, LLC)
HKU\S-1-5-21-2253703465-1662604871-2040846708-1001\...\RunOnce: [Application Restart #0] => C:\Users\PC\AppData\Roaming\Seznam Browser\Seznam.cz.exe [2056984 2023-05-29] (Seznam.cz, a.s. -> Seznam.cz)
HKU\S-1-5-21-2253703465-1662604871-2040846708-1001\...\Policies\Explorer: [NoLowDiskSpaceChecks] 1
HKU\S-1-5-21-2253703465-1662604871-2040846708-1001\...\MountPoints2: {1996eb4a-0d3f-11ec-9590-901b0e374bd5} - "D:\HiSuiteDownLoader.exe"
HKU\S-1-5-21-2253703465-1662604871-2040846708-1001\...\MountPoints2: {25c6bace-9fb4-11ed-961d-901b0e374bd5} - "D:\HiSuiteDownLoader.exe"
HKU\S-1-5-21-2253703465-1662604871-2040846708-1001\...\MountPoints2: {25c6bad4-9fb4-11ed-961d-901b0e374bd5} - "D:\HiSuiteDownLoader.exe"
HKU\S-1-5-21-2253703465-1662604871-2040846708-1001\...\MountPoints2: {49fa7e89-ea6f-11ec-95ff-901b0e374bd5} - "F:\HiSuiteDownLoader.exe"
HKU\S-1-5-21-2253703465-1662604871-2040846708-1001\...\MountPoints2: {49fa7ea0-ea6f-11ec-95ff-901b0e374bd5} - "F:\HiSuiteDownLoader.exe"
HKU\S-1-5-21-2253703465-1662604871-2040846708-1001\...\MountPoints2: {6f591446-b673-11ec-95ed-901b0e374bd5} - "E:\HiSuiteDownLoader.exe"
HKU\S-1-5-21-2253703465-1662604871-2040846708-1001\...\MountPoints2: {7c9ef503-4628-11ec-95bf-901b0e374bd5} - "D:\HiSuiteDownLoader.exe"
HKU\S-1-5-21-2253703465-1662604871-2040846708-1001\...\MountPoints2: {7c9ef626-4628-11ec-95bf-901b0e374bd5} - "D:\HiSuiteDownLoader.exe"
HKU\S-1-5-21-2253703465-1662604871-2040846708-1001\...\MountPoints2: {9df471eb-7a6b-11eb-954b-901b0e374bd5} - "D:\iStudio.exe"
HKU\S-1-5-21-2253703465-1662604871-2040846708-1001\...\MountPoints2: {b56f695c-9fba-11ed-961f-901b0e374bd5} - "D:\HiSuiteDownLoader.exe"
HKU\S-1-5-21-2253703465-1662604871-2040846708-1001\...\MountPoints2: {b56f6b09-9fba-11ed-961f-901b0e374bd5} - "D:\HiSuiteDownLoader.exe"
HKU\S-1-5-21-2253703465-1662604871-2040846708-1001\...\MountPoints2: {d42f75a1-8f0f-11ec-95dd-901b0e374bd5} - "D:\HiSuiteDownLoader.exe"
HKU\S-1-5-21-2253703465-1662604871-2040846708-1001\...\MountPoints2: {dc2139b0-4e04-11ee-9677-901b0e374bd5} - "D:\HiSuiteDownLoader.exe"
HKU\S-1-5-21-2253703465-1662604871-2040846708-1001\...\MountPoints2: {dc2139b7-4e04-11ee-9677-901b0e374bd5} - "D:\HiSuiteDownLoader.exe"
HKU\S-1-5-18\...\RunOnce: [Application Restart #1] => C:\Windows\System32\osk.exe [653312 2023-04-12] (Microsoft Windows -> Microsoft Corporation)
HKLM\...\Print\Monitors\Adobe PDF Port Monitor: C:\Windows\system32\AdobePDF.dll [203936 2022-10-16] (Adobe Inc. -> Adobe Systems Inc)
HKLM\...\Print\Monitors\HP E111 Status Monitor: C:\Windows\system32\hpinkstsE111LM.dll [393352 2017-04-14] (Hewlett Packard -> HP Inc.)
HKLM\...\Print\Monitors\novaPDF Port Monitor: C:\Windows\system32\novamn8.dll [18944 2016-01-21] (Softland) [File not signed]
HKLM\Software\Microsoft\Active Setup\Installed Components: [{8A69D345-D564-463c-AFF1-A69D9E530F96}] -> C:\Program Files\Google\Chrome\Application\100.0.4896.127\Installer\chrmstp.exe [2022-04-20] (Google LLC -> Google LLC)
GroupPolicy: Restriction ? <==== ATTENTION
Policies: C:\ProgramData\NTUSER.pol: Restriction <==== ATTENTION

==================== Scheduled Tasks (Whitelisted) =================

(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)

Task: {86F63ADC-1546-4666-9F57-4E9661787ABE} - System32\Tasks\Adobe Acrobat Update Task => C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\AdobeARM.exe [1552376 2022-09-26] (Adobe Inc. -> Adobe Inc.)
Task: {96501B01-A046-468A-8839-53B7B5C4C5A8} - System32\Tasks\CCleaner Update => C:\Program Files\CCleaner\CCUpdate.exe [714256 2023-10-10] (PIRIFORM SOFTWARE LIMITED -> Piriform Software Ltd)
Task: {FE71F3F5-EE29-4A2F-9DAD-37BC7114B49C} - System32\Tasks\CCleanerCrashReporting => C:\Program Files\CCleaner\CCleanerBugReport.exe [4703648 2023-10-10] (PIRIFORM SOFTWARE LIMITED -> Piriform Software) -> --product 90 --send dumps|report --path "C:\Program Files\CCleaner\LOG" --programpath "C:\Program Files\CCleaner" --configpath "C:\Program Files\CCleaner\Setup" --guid "36e2f520-6e28-4164-bc81-d544937b9fcd" --version "6.17.10746" --silent
Task: {EAF100A0-7731-435A-990A-CD0626D39468} - System32\Tasks\CCleanerSkipUAC - PC => C:\Program Files\CCleaner\CCleaner.exe [35664800 2023-10-10] (PIRIFORM SOFTWARE LIMITED -> Piriform Software Ltd)
Task: {DC2DB477-C2B7-4CE3-B52D-1562B2851BD9} - System32\Tasks\Driver Booster SkipUAC (PC) => C:\Program Files (x86)\IObit\Driver Booster\DriverBooster.exe [8946688 2023-06-09] (IObit) [File not signed]
Task: {A91E4C37-25F1-421C-BBB3-323088A96B54} - System32\Tasks\GoogleUpdateTaskMachineCore{9CFE5E76-E6AE-40D1-8A7A-784651BFAC92} => C:\Program Files (x86)\Google\Update\GoogleUpdate.exe /c (No File)
Task: {3EB50B9C-E5D8-414B-9FB9-61B826A54942} - System32\Tasks\GoogleUpdateTaskMachineUA{89C6BD60-727E-474D-80CC-35FBDE5236CC} => C:\Program Files (x86)\Google\Update\GoogleUpdate.exe /ua /installsource scheduler (No File)
Task: {5953D771-9B76-474E-ACD2-D26762B74612} - System32\Tasks\Microsoft\Windows\WaaSMedic\MaintenanceWork => {72566E27-1ABB-4EB3-B4F0-EB431CB1CB32}
Task: {1FEA6315-2FB9-40A6-9292-8E89F876E25A} - System32\Tasks\Microsoft\Windows\Windows Defender\Windows Defender Cache Maintenance => C:\ProgramData\Microsoft\Windows Defender\Platform\4.18.23100.2009-0\MpCmdRun.exe [1604680 2023-11-07] (Microsoft Windows Publisher -> Microsoft Corporation)
Task: {91EE52D1-9A59-4310-A96B-ECB8F4E2DA88} - System32\Tasks\Microsoft\Windows\Windows Defender\Windows Defender Cleanup => C:\ProgramData\Microsoft\Windows Defender\Platform\4.18.23100.2009-0\MpCmdRun.exe [1604680 2023-11-07] (Microsoft Windows Publisher -> Microsoft Corporation)
Task: {362800B7-681D-4599-8C1E-32E734A82CF4} - System32\Tasks\Microsoft\Windows\Windows Defender\Windows Defender Scheduled Scan => C:\ProgramData\Microsoft\Windows Defender\Platform\4.18.23100.2009-0\MpCmdRun.exe [1604680 2023-11-07] (Microsoft Windows Publisher -> Microsoft Corporation)
Task: {C8FAA633-2AF0-446C-A248-6A15BB251A6D} - System32\Tasks\Microsoft\Windows\Windows Defender\Windows Defender Verification => C:\ProgramData\Microsoft\Windows Defender\Platform\4.18.23100.2009-0\MpCmdRun.exe [1604680 2023-11-07] (Microsoft Windows Publisher -> Microsoft Corporation)
Task: {22766B32-2C3B-49A0-BD82-D0BD0652B2B7} - System32\Tasks\Opera scheduled assistant Autoupdate 1613583720 => C:\Users\PC\AppData\Local\Programs\Opera\launcher.exe [1843104 2023-11-21] (Opera Norway AS -> Opera Software) -> --scheduledautoupdate --component-name=assistant --component-path="C:\Users\PC\AppData\Local\Programs\Opera\assistant" $(Arg0)
Task: {4162E6DF-2904-4E2B-9C33-0FA55C3661E6} - System32\Tasks\Opera scheduled Autoupdate 1613583704 => C:\Users\PC\AppData\Local\Programs\Opera\launcher.exe [1843104 2023-11-21] (Opera Norway AS -> Opera Software)

(If an entry is included in the fixlist, the task (.job) file will be moved. The file which is running by the task will not be moved.)

Task: C:\Windows\Tasks\CCleanerCrashReporting.job => C:\Program Files\CCleaner\CCleanerBugReport.exe

==================== Internet (Whitelisted) ====================

(If an item is included in the fixlist, if it is a registry item it will be removed or restored to default.)

Hosts: There are more than one entry in Hosts. See Hosts section of Addition.txt
Tcpip\Parameters: [DhcpNameServer] 192.168.0.1
Tcpip\..\Interfaces\{0e04e0a3-424f-4fec-a6c7-0774336f3786}: [DhcpNameServer] 192.168.0.1
Tcpip\..\Interfaces\{30f48f5f-a2bd-4777-a542-86bb31410168}: [DhcpNameServer] 192.168.0.1
Tcpip\..\Interfaces\{4af17e37-397a-41b5-8ee7-eb9be6157581}: [DhcpNameServer] 192.168.100.1
Tcpip\..\Interfaces\{6592cec7-bc42-4e27-b1c1-22cfe3ab8561}: [DhcpNameServer] 192.168.0.1
Tcpip\..\Interfaces\{6bb8ebdc-f641-4340-af09-dec529fa4627}: [DhcpNameServer] 192.168.0.1
Tcpip\..\Interfaces\{7b6b5667-de2e-4433-9fed-53fdf8d1d189}: [DhcpNameServer] 192.168.0.1
Tcpip\..\Interfaces\{9454fa13-ca21-4e04-bcde-07e21fce4c6d}: [DhcpNameServer] 192.168.100.1
Tcpip\..\Interfaces\{9b6bd4ce-d30c-498b-9bc7-082dbe85f0ae}: [DhcpNameServer] 192.168.0.1
Tcpip\..\Interfaces\{f8b15ad9-6c6f-4e20-b4d4-400f47b0d094}: [DhcpNameServer] 192.168.100.1

Edge:
=======
Edge DefaultProfile: Default
Edge Profile: C:\Users\PC\AppData\Local\Microsoft\Edge\User Data\Default [2023-11-26]
Edge Extension: (Dokumenty Google offline) - C:\Users\PC\AppData\Local\Microsoft\Edge\User Data\Default\Extensions\ghbmnnjooekpmoecnnnilnnbdlolhkhi [2023-08-30]
Edge Extension: (Edge relevant text changes) - C:\Users\PC\AppData\Local\Microsoft\Edge\User Data\Default\Extensions\jmjflgjpcpepeafmmgdpfkogkghcpiha [2023-09-23]
Edge HKU\S-1-5-21-2253703465-1662604871-2040846708-1001\SOFTWARE\Microsoft\Edge\Extensions\...\Edge\Extension: [ahkjpbeeocnddjkakilopmfdlnjdpcdm]

FireFox:
========
FF HKLM\...\Firefox\Extensions: [web2pdfextension.17@acrobat.adobe.com] - C:\Program Files (x86)\Adobe\Acrobat DC\Acrobat\Browser\WCFirefoxExtn\WebExtn\signed_extn\adobe_acrobat-1.0-windows.xpi
FF Extension: (Adobe Acrobat) - C:\Program Files (x86)\Adobe\Acrobat DC\Acrobat\Browser\WCFirefoxExtn\WebExtn\signed_extn\adobe_acrobat-1.0-windows.xpi [2022-10-16]
FF HKLM-x32\...\Firefox\Extensions: [web2pdfextension.17@acrobat.adobe.com] - C:\Program Files (x86)\Adobe\Acrobat DC\Acrobat\Browser\WCFirefoxExtn\WebExtn\signed_extn\adobe_acrobat-1.0-windows.xpi
FF Plugin-x32: Adobe Acrobat -> C:\Program Files (x86)\Adobe\Acrobat DC\Acrobat\Air\nppdf32.dll [2022-10-16] (Adobe Inc. -> Adobe Systems Inc.)

Chrome:
=======
CHR Profile: C:\Users\PC\AppData\Local\Google\Chrome\User Data\Default [2023-11-26]
CHR Extension: (Prezentace) - C:\Users\PC\AppData\Local\Google\Chrome\User Data\Default\Extensions\aapocclcgogkmnckokdopfmhonfmgoek [2021-08-03]
CHR Extension: (Dokumenty) - C:\Users\PC\AppData\Local\Google\Chrome\User Data\Default\Extensions\aohghmighlieiainnegkcijnfilokake [2021-08-03]
CHR Extension: (Disk Google) - C:\Users\PC\AppData\Local\Google\Chrome\User Data\Default\Extensions\apdfllckaahabafndbhieahigkjlhalf [2023-04-21]
CHR Extension: (YouTube) - C:\Users\PC\AppData\Local\Google\Chrome\User Data\Default\Extensions\blpcfgokakmgnkcojhhkbfbldkacnbeo [2021-08-03]
CHR Extension: (Tabulky) - C:\Users\PC\AppData\Local\Google\Chrome\User Data\Default\Extensions\felcaaldnbdncclmgdcncolpebgiejap [2021-08-03]
CHR Extension: (Dokumenty Google offline) - C:\Users\PC\AppData\Local\Google\Chrome\User Data\Default\Extensions\ghbmnnjooekpmoecnnnilnnbdlolhkhi [2023-04-21]
CHR Extension: (Platby Internetového obchodu Chrome) - C:\Users\PC\AppData\Local\Google\Chrome\User Data\Default\Extensions\nmmhkkegccagdldgiimedpiccmgmieda [2021-08-03]
CHR Extension: (Gmail) - C:\Users\PC\AppData\Local\Google\Chrome\User Data\Default\Extensions\pjkljhegncpnkpknbcohdijeoejaedia [2021-08-03]
CHR HKLM-x32\...\Chrome\Extension: [efaidnbmnnnibpcajpcglclefindmkaj]

Opera:
=======
OPR DefaultProfile: Default

==================== Services (Whitelisted) ===================

(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)

S4 AdobeARMservice; C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\armsvc.exe [173040 2022-09-26] (Adobe Inc. -> Adobe Inc.)
S3 CCleanerPerformanceOptimizerService; C:\Program Files\CCleaner\CCleanerPerformanceOptimizerService.exe [1074080 2023-10-10] (PIRIFORM SOFTWARE LIMITED -> Piriform Software Ltd)
S3 Fuj02e3DriverUtilityService; C:\Windows\System32\DriverStore\FileRepository\fuj02e3.inf_amd64_f5cabf7373a6ef85\fuj02e3-utility.exe [168104 2023-06-14] (FUJITSU CLIENT COMPUTING LIMITED -> Fujitsu Client Computing Limited)
S3 HuaweiHiSuiteService64.exe; C:\Program Files (x86)\HiSuite\HandSetService\HuaweiHiSuiteService64.exe [236864 2022-06-24] (Huawei Technologies Co., Ltd. -> ) [File not signed]
S3 Sense; C:\Program Files\Windows Defender Advanced Threat Protection\MsSense.exe [336208 2023-06-15] (Microsoft Windows Publisher -> Microsoft Corporation)
R3 WdNisSvc; C:\ProgramData\Microsoft\Windows Defender\Platform\4.18.23100.2009-0\NisSrv.exe [3121120 2023-11-07] (Microsoft Windows Publisher -> Microsoft Corporation)
R2 WinDefend; C:\ProgramData\Microsoft\Windows Defender\Platform\4.18.23100.2009-0\MsMpEng.exe [133704 2023-11-07] (Microsoft Windows Publisher -> Microsoft Corporation)

===================== Drivers (Whitelisted) ===================

(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)

R3 amdfendrmgr; C:\Windows\System32\drivers\amdfendrmgr.sys [33216 2021-10-28] (Advanced Micro Devices Inc. -> Advanced Micro Devices, Inc.)
S3 BthA2dp; C:\Windows\System32\drivers\BthA2dp.sys [284672 2021-04-14] (Microsoft Corporation) [File not signed]
S3 BthHFEnum; C:\Windows\System32\drivers\bthhfenum.sys [153088 2021-08-10] (Microsoft Corporation) [File not signed]
S3 ew_usbccgpfilter; C:\Windows\System32\drivers\ew_usbccgpfilter.sys [18944 2022-06-24] (Microsoft Windows Hardware Compatibility Publisher -> Huawei Technologies Co., Ltd.)
R3 fuj02e3; C:\Windows\System32\DriverStore\FileRepository\fuj02e3.inf_amd64_f5cabf7373a6ef85\fuj02e3.sys [50344 2023-06-14] (FUJITSU CLIENT COMPUTING LIMITED -> Fujitsu Client Computing Limited)
U5 hw_usbdev; C:\Windows\System32\Drivers\hw_usbdev.sys [116864 2022-06-24] (Microsoft Windows Hardware Compatibility Publisher -> Huawei Technologies Co., Ltd.)
R2 inpoutx64; C:\Windows\System32\Drivers\inpoutx64.sys [15008 2021-04-15] (Red Fox UK Limited -> Highresolution Enterprises [www.highrez.co.uk])
R3 RtlWlanu; C:\Windows\System32\drivers\rtwlanu.sys [12183512 2023-06-14] (Realtek Semiconductor Corp. -> Realtek Semiconductor Corporation)
S0 WdBoot; C:\Windows\System32\drivers\wd\WdBoot.sys [55744 2023-11-07] (Microsoft Windows Early Launch Anti-malware Publisher -> Microsoft Corporation)
R0 WdFilter; C:\Windows\System32\drivers\wd\WdFilter.sys [578856 2023-11-07] (Microsoft Windows -> Microsoft Corporation)
S3 wdm_usb; C:\Windows\system32\DRIVERS\usb2ser.sys [151184 2022-02-14] (NGO -> MBB)
R3 WdNisDrv; C:\Windows\System32\drivers\wd\WdNisDrv.sys [105768 2023-11-07] (Microsoft Windows -> Microsoft Corporation)

==================== NetSvcs (Whitelisted) ===================

(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)

==================== One month (created) (Whitelisted) =========

(If an entry is included in the fixlist, the file/folder will be moved.)

2023-11-23 05:31 - 2023-11-26 08:48 - 000003556 _____ C:\Windows\system32\Tasks\Opera scheduled Autoupdate 1613583704
2023-11-23 05:31 - 2023-11-23 05:31 - 000001378 _____ C:\Users\PC\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Prohlížeč Opera.lnk
2023-11-20 06:39 - 2023-11-20 06:39 - 000000085 _____ C:\Users\PC\Downloads\BingSiteAuth.xml
2023-11-17 09:55 - 2023-11-17 09:55 - 000000000 ____D C:\ProgramData\Piriform
2023-11-05 05:33 - 2023-11-11 16:54 - 000000760 _____ C:\Windows\Tasks\CCleanerCrashReporting.job
2023-11-05 05:33 - 2023-11-11 16:48 - 000003108 _____ C:\Windows\system32\Tasks\CCleanerCrashReporting
2023-11-05 05:33 - 2023-11-05 05:33 - 000003936 _____ C:\Windows\system32\Tasks\CCleaner Update
2023-11-03 10:58 - 2023-11-17 09:31 - 000000000 ___RD C:\Users\PC\Desktop\Aleš web

==================== One month (modified) ==================

(If an entry is included in the fixlist, the file/folder will be moved.)

2023-11-26 09:00 - 2023-03-03 08:53 - 000000000 ____D C:\FRST
2023-11-26 09:00 - 2022-06-27 03:05 - 000000000 ____D C:\Users\PC\AppData\Roaming\uTorrent
2023-11-26 08:59 - 2021-02-19 07:29 - 000000000 ___RD C:\Users\PC\Desktop\Čištění
2023-11-26 08:57 - 2022-02-05 09:51 - 000001395 _____ C:\Users\PC\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\ESET Online Scanner.lnk
2023-11-26 08:48 - 2022-12-20 12:04 - 000002308 _____ C:\Windows\system32\Tasks\CCleanerSkipUAC - PC
2023-11-26 08:46 - 2022-12-20 12:04 - 000000000 ____D C:\Program Files\CCleaner
2023-11-26 08:45 - 2021-02-17 22:42 - 000000000 ____D C:\Users\PC\Documents\film
2023-11-26 08:42 - 2020-11-18 23:46 - 000000000 ____D C:\Windows\system32\SleepStudy
2023-11-26 08:10 - 2019-12-07 10:14 - 000000000 ____D C:\ProgramData\regid.1991-06.com.microsoft
2023-11-26 01:29 - 2019-12-07 10:14 - 000000000 ____D C:\Windows\AppReadiness
2023-11-25 14:59 - 2021-02-12 12:32 - 000000000 ____D C:\Windows\system32\AMD
2023-11-25 07:56 - 2021-03-12 10:25 - 000000000 ____D C:\Users\PC\AppData\Roaming\vlc
2023-11-22 05:00 - 2019-12-07 10:14 - 000000000 ___HD C:\Program Files\WindowsApps
2023-11-21 16:06 - 2023-01-04 08:55 - 000000000 ____D C:\Users\PC\AppData\LocalLow\EBWebView
2023-11-21 07:12 - 2022-02-04 09:40 - 000000000 ____D C:\Users\PC\AppData\Roaming\Telegram Desktop
2023-11-19 20:26 - 2021-02-17 18:28 - 000000000 ____D C:\Users\PC\Desktop\Torrent
2023-11-18 11:33 - 2020-11-19 00:55 - 001605666 _____ C:\Windows\system32\PerfStringBackup.INI
2023-11-18 11:33 - 2019-12-07 15:43 - 000682192 _____ C:\Windows\system32\perfh005.dat
2023-11-18 11:33 - 2019-12-07 15:43 - 000137008 _____ C:\Windows\system32\perfc005.dat
2023-11-18 11:33 - 2019-12-07 10:13 - 000000000 ____D C:\Windows\INF
2023-11-18 11:27 - 2021-08-10 05:41 - 000008192 ___SH C:\DumpStack.log.tmp
2023-11-18 11:27 - 2020-11-19 00:46 - 000000006 ____H C:\Windows\Tasks\SA.DAT
2023-11-18 09:05 - 2021-02-12 12:32 - 000065536 _____ C:\Windows\system32\spu_storage.bin
2023-11-18 09:05 - 2019-12-07 10:03 - 000524288 _____ C:\Windows\system32\config\BBI
2023-11-18 06:23 - 2020-11-19 00:48 - 000002436 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Microsoft Edge.lnk
2023-11-17 09:55 - 2023-06-14 09:13 - 000002786 _____ C:\Windows\system32\Tasks\Driver Booster SkipUAC (PC)
2023-11-16 12:50 - 2023-05-29 16:25 - 000000000 ____D C:\Users\PC\AppData\Roaming\Seznam Browser
2023-11-15 11:11 - 2021-02-17 16:44 - 000000000 ____D C:\Users\PC\AppData\Local\PlaceholderTileLogoFolder
2023-11-15 11:11 - 2021-02-12 12:28 - 000000000 ____D C:\Users\PC\AppData\Local\Packages
2023-11-14 21:27 - 2021-02-19 09:17 - 000000000 ____D C:\Windows\system32\MRT
2023-11-14 21:20 - 2021-02-19 09:17 - 182871392 ____C (Microsoft Corporation) C:\Windows\system32\MRT.exe
2023-11-13 06:05 - 2019-12-07 10:03 - 000000000 ____D C:\Windows\CbsTemp
2023-11-11 16:49 - 2022-04-26 22:51 - 000003402 _____ C:\Windows\system32\Tasks\MicrosoftEdgeUpdateTaskMachineCore
2023-11-11 16:49 - 2020-11-19 00:48 - 000003626 _____ C:\Windows\system32\Tasks\MicrosoftEdgeUpdateTaskMachineUA
2023-11-07 11:52 - 2020-11-19 00:46 - 000000000 ____D C:\Windows\system32\Drivers\wd
2023-10-27 09:18 - 2021-09-04 09:40 - 000000000 ____D C:\Program Files\Microsoft Update Health Tools

==================== Files in the root of some directories ========

2021-08-03 04:42 - 2021-08-03 04:58 - 000031563 _____ () C:\Users\PC\AppData\Local\PlariumPlay.log
2021-04-02 13:11 - 2021-05-07 01:32 - 000007597 _____ () C:\Users\PC\AppData\Local\Resmon.ResmonCfg
2022-03-19 05:13 - 2022-03-19 05:13 - 003212320 _____ () C:\Users\PC\AppData\Local\usbdrvtemp.7zz

==================== SigCheck ============================

(There is no automatic fix for files that do not pass verification.)

==================== End of FRST.txt ========================

Additional scan result of Farbar Recovery Scan Tool (x64) Version: 05-11-2023 02
Ran by PC (26-11-2023 09:03:14)
Running from C:\Users\PC\Desktop\Čištění
Microsoft Windows 10 Pro Version 21H2 19044.3086 (X64) (2021-02-12 10:19:37)
Boot Mode: Normal
==========================================================

==================== Accounts: =============================

(If an entry is included in the fixlist, it will be removed.)

Administrator (S-1-5-21-2253703465-1662604871-2040846708-500 - Administrator - Disabled)
DefaultAccount (S-1-5-21-2253703465-1662604871-2040846708-503 - Limited - Disabled)
Guest (S-1-5-21-2253703465-1662604871-2040846708-501 - Limited - Disabled)
PC (S-1-5-21-2253703465-1662604871-2040846708-1001 - Administrator - Enabled) => C:\Users\PC
WDAGUtilityAccount (S-1-5-21-2253703465-1662604871-2040846708-504 - Limited - Disabled)

==================== Security Center ========================

(If an entry is included in the fixlist, it will be removed.)

AV: Windows Defender (Enabled - Up to date) {D68DDC3A-831F-4fae-9E44-DA132C1ACF46}
AV: Kaspersky Internet Security (Enabled - Up to date) {4F76F112-43EB-40E8-11D8-F7BD1853EA23}
FW: Kaspersky Internet Security (Disabled) {774D7037-0984-41B0-3A87-5E88E680AD58}

==================== Installed Programs ======================

(Only the adware programs with "Hidden" flag could be added to the fixlist to unhide them. The adware programs should be uninstalled manually.)

µTorrent (HKLM-x32\...\uTorrent) (Version: 2.2.1 - )
AdmWin 3.12 (HKLM-x32\...\AdmWin_is1) (Version: - AdmWin)
Adobe Acrobat (HKLM-x32\...\{AC76BA86-1033-FFFF-7760-0C0F074E4100}) (Version: 22.003.20263 - Adobe Systems Incorporated)
Bandizip (HKLM\...\Bandizip) (Version: 7.29 - Bandisoft.com)
CCleaner (HKLM\...\CCleaner) (Version: 6.17 - Piriform)
CCleaner Update Helper (HKLM-x32\...\{E4EAC0E2-A80B-479F-BA45-DCDA595C9A93}) (Version: 1.8.1583.3 - Piriform Software) Hidden
FastStone Image Viewer 7.6 (HKLM-x32\...\FastStone Image Viewer) (Version: 7.6 - FastStone Corporation)
FORM studio (HKLM-x32\...\FSCZ_is1) (Version: - KASTNER software s.r.o.)
Google Chrome (HKLM-x32\...\Google Chrome) (Version: 100.0.4896.127 - Google LLC)
HiSuite (HKLM-x32\...\Hi Suite) (Version: 11.0.0.650 - Huawei Technologies Co., Ltd.)
HP DeskJet 2130 series Nápověda (HKLM-x32\...\{C8CCFDF2-9CB2-4714-BCE5-17178CB71646}) (Version: 35.0.0 - Hewlett Packard)
HP Dropbox Plugin (HKLM-x32\...\{0078F518-B5B5-4857-8939-199E752A4190}) (Version: 36.0.41.58587 - HP)
HP Google Drive Plugin (HKLM-x32\...\{F260117F-45E4-483E-B10F-C80224558C4D}) (Version: 36.0.41.58587 - HP)
IObit Driver Booster 10.5.0.139 (HKLM-x32\...\IObit Driver Booster_is1) (Version: 10.5.0.139 - LR)
LibreOffice 7.3.0.3 (HKLM\...\{8113FFA7-4CB7-4855-A319-1DB2A7FB9733}) (Version: 7.3.0.3 - The Document Foundation)
MediaHuman YouTube Downloader v3.9.9.77 (HKLM\...\MediaHuman YouTube Downloader_is1) (Version: 3.9.9.77 - MediaHuman (RePack by Dodakaedr))
Microsoft .NET Core Host - 3.1.23 (x64) (HKLM\...\{9C7A4D28-C2E1-4CA7-A1F3-603049ED2937}) (Version: 24.92.31022 - Microsoft Corporation) Hidden
Microsoft .NET Core Host FX Resolver - 3.1.23 (x64) (HKLM\...\{7FF9BE57-3115-4282-BC9A-7FAB77C27235}) (Version: 24.92.31022 - Microsoft Corporation) Hidden
Microsoft .NET Core Runtime - 3.1.23 (x64) (HKLM\...\{81EDF4A0-FC57-48C3-B26A-E90C2DC266CE}) (Version: 24.92.31022 - Microsoft Corporation) Hidden
Microsoft .NET Host - 6.0.3 (x64) (HKLM\...\{9ED2B6EE-5450-4B01-B051-B6D5DCE7C443}) (Version: 48.15.37625 - Microsoft Corporation) Hidden
Microsoft .NET Host FX Resolver - 6.0.3 (x64) (HKLM\...\{A2AE3C2D-C169-4F27-81D8-AD5641945F48}) (Version: 48.15.37625 - Microsoft Corporation) Hidden
Microsoft .NET Runtime - 6.0.3 (x64) (HKLM\...\{440E6A1A-3902-4A8E-90B7-6FAA6A5E78C5}) (Version: 48.15.37625 - Microsoft Corporation) Hidden
Microsoft Access database engine 2010 (English) (HKLM-x32\...\{90140000-00D1-0409-0000-0000000FF1CE}) (Version: 14.0.7015.1000 - Microsoft Corporation)
Microsoft Edge (HKLM-x32\...\Microsoft Edge) (Version: 119.0.2151.72 - Microsoft Corporation)
Microsoft Edge WebView2 Runtime (HKLM-x32\...\Microsoft EdgeWebView) (Version: 119.0.2151.72 - Microsoft Corporation)
Microsoft Update Health Tools (HKLM\...\{1FC1A6C2-576E-489A-9B4A-92D21F542136}) (Version: 3.74.0.0 - Microsoft Corporation)
Microsoft Visual C++ 2010 x86 Redistributable - 10.0.40219 (HKLM-x32\...\{F0C3E5D1-1ADE-321E-8167-68EF0DE699A5}) (Version: 10.0.40219 - Microsoft Corporation)
Microsoft Visual C++ 2013 Redistributable (x86) - 12.0.40660 (HKLM-x32\...\{61087a79-ac85-455c-934d-1fa22cc64f36}) (Version: 12.0.40660.0 - Microsoft Corporation)
Microsoft Visual C++ 2013 x64 Minimum Runtime - 12.0.21005 (HKLM\...\{A749D8E6-B613-3BE3-8F5F-045C84EBA29B}) (Version: 12.0.21005 - Microsoft Corporation) Hidden
Microsoft Visual C++ 2013 x86 Additional Runtime - 12.0.40660 (HKLM-x32\...\{7DAD0258-515C-3DD4-8964-BD714199E0F7}) (Version: 12.0.40660 - Microsoft Corporation) Hidden
Microsoft Visual C++ 2013 x86 Minimum Runtime - 12.0.40660 (HKLM-x32\...\{E30D8B21-D82D-3211-82CC-0F0A5D1495E8}) (Version: 12.0.40660 - Microsoft Corporation) Hidden
Microsoft Visual C++ 2015-2022 Redistributable (x64) - 14.32.31332 (HKLM-x32\...\{3746f21b-c990-4045-bb33-1cf98cff7a68}) (Version: 14.32.31332.0 - Microsoft Corporation)
Microsoft Visual C++ 2015-2022 Redistributable (x86) - 14.32.31332 (HKLM-x32\...\{a98dc6ff-d360-4878-9f0a-915eba86eaf3}) (Version: 14.32.31332.0 - Microsoft Corporation)
Microsoft Visual C++ 2022 X64 Additional Runtime - 14.32.31332 (HKLM\...\{F4499EE3-A166-496C-81BB-51D1BCDC70A9}) (Version: 14.32.31332 - Microsoft Corporation) Hidden
Microsoft Visual C++ 2022 X64 Minimum Runtime - 14.32.31332 (HKLM\...\{3407B900-37F5-4CC2-B612-5CD5D580A163}) (Version: 14.32.31332 - Microsoft Corporation) Hidden
Microsoft Visual C++ 2022 X86 Additional Runtime - 14.32.31332 (HKLM-x32\...\{8972AC25-452E-4FFE-945A-EB9E28C20322}) (Version: 14.32.31332 - Microsoft Corporation) Hidden
Microsoft Visual C++ 2022 X86 Minimum Runtime - 14.32.31332 (HKLM-x32\...\{AEAA18F7-9C96-4A43-BC07-8B88A4913EEB}) (Version: 14.32.31332 - Microsoft Corporation) Hidden
Microsoft Windows Desktop Runtime - 3.1.23 (x64) (HKLM\...\{4456FDE5-AAE9-4E03-9B34-0D9A476CEF5A}) (Version: 24.92.31022 - Microsoft Corporation) Hidden
Microsoft Windows Desktop Runtime - 3.1.23 (x64) (HKLM-x32\...\{d2f91fed-8a18-4071-b8d3-22606fa9a9f6}) (Version: 3.1.23.31022 - Microsoft Corporation)
Microsoft Windows Desktop Runtime - 6.0.3 (x64) (HKLM\...\{9F3D8C21-B2A9-4E7D-A6AA-50B34EFFA1E0}) (Version: 48.15.37635 - Microsoft Corporation) Hidden
Microsoft Windows Desktop Runtime - 6.0.3 (x64) (HKLM-x32\...\{7bde23ed-68e7-4655-8b90-91aa681a31da}) (Version: 6.0.3.31024 - Microsoft Corporation)
Old Calculator for Windows 10 (HKLM-x32\...\OldCalcForWin10) (Version: 1.1 - hxxp://winaero.com)
Opera Stable 104.0.4944.72 (HKU\S-1-5-21-2253703465-1662604871-2040846708-1001\...\Opera 104.0.4944.72) (Version: 104.0.4944.72 - Opera Software)
PROFIT 2021.02 (HKLM-x32\...\{670A9A20-E29D-40C3-9937-2AFF89C3AC82}_is1) (Version: - LPsoft)
Prohlížeč Seznam.cz (HKU\S-1-5-21-2253703465-1662604871-2040846708-1001\...\Seznam Browser) (Version: 6.23.0 - Seznam.cz a.s.)
Realtek High Definition Audio Driver (HKLM-x32\...\{F132AF7F-7BCA-4EDE-8A7C-958108FE7DBC}) (Version: 6.0.9205.1 - Realtek Semiconductor Corp.)
Recuva (HKLM\...\Recuva) (Version: 1.53 - Piriform)
Signal 6.28.0 (HKU\S-1-5-21-2253703465-1662604871-2040846708-1001\...\7d96caee-06e6-597c-9f2f-c7bb2e0948b4) (Version: 6.28.0 - Signal Messenger, LLC)
Telegram Desktop (HKU\S-1-5-21-2253703465-1662604871-2040846708-1001\...\{53F49750-6209-4FBF-9CA8-7A333C87D1ED}_is1) (Version: 4.11.7 - Telegram FZ-LLC)
TP-Link TL-WN725N Driver (HKLM-x32\...\{3C3F9CEB-2C5A-4A47-8EAA-DA76037546BA}) (Version: 2.1.0 - TP-Link)
Update for Windows 10 for x64-based Systems (KB5001716) (HKLM\...\{7B63012A-4AC6-40C6-B6AF-B24A84359DD5}) (Version: 8.93.0.0 - Microsoft Corporation)
VLC media player (HKLM-x32\...\VLC media player) (Version: 3.0.16 - VideoLAN)
VS Revo Group (HKU\S-1-5-21-2253703465-1662604871-2040846708-1001\...\{1F44C2C3-CECF-B184-84E9-449538C5D6E9}) (Version: v.4.3.3 - libbi)
Základní software zařízení HP DeskJet 2130 series (HKLM\...\{E1665677-E241-44A0-9152-CAE8059260CC}) (Version: 40.11.1124.17107 - HP Inc.)

Packages:
=========
Doplněk multimediálního modulu pro aplikaci Fotografie -> C:\Program Files\WindowsApps\Microsoft.Photos.MediaEngineDLC_1.0.0.0_x64__8wekyb3d8bbwe [2021-08-10] (Microsoft Corporation)
Doplněk pro Fotky -> C:\Program Files\WindowsApps\Microsoft.Windows.Photos.DLC.Main_2021.39122.10110.0_x64__8wekyb3d8bbwe [2021-08-10] (Microsoft Corporation)
Microsoft Whiteboard -> C:\Program Files\WindowsApps\Microsoft.Whiteboard_53.21027.539.0_x64__8wekyb3d8bbwe [2023-11-15] (Microsoft Corporation)
Solitaire & Casual Games -> C:\Program Files\WindowsApps\Microsoft.MicrosoftSolitaireCollection_4.18.11020.0_x64__8wekyb3d8bbwe [2023-11-15] (Microsoft Studios) [MS Ad]

==================== Custom CLSID (Whitelisted): ==============

(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)

CustomCLSID: HKU\S-1-5-21-2253703465-1662604871-2040846708-1001_Classes\CLSID\{5B69A6B4-393B-459C-8EBB-214237A9E7AC}\InprocServer32 -> C:\Program Files\Bandizip\bdzshl.x64.dll (Bandisoft -> Bandisoft International Inc.)
ContextMenuHandlers1: [AABdzCtx] -> [CC]{5B69A6B4-393B-459C-8EBB-214237A9E7AC} => -> No File
ContextMenuHandlers1: [Adobe.Acrobat.ContextMenu] -> [CC]{A6595CD1-BF77-430A-A452-18696685F7C7} => -> No File
ContextMenuHandlers2: [AABdzCtx] -> [CC]{5B69A6B4-393B-459C-8EBB-214237A9E7AC} => -> No File
ContextMenuHandlers3: [Advanced SystemCare] -> [CC]{2803063F-4B8D-4dc6-8874-D1802487FE2D} => -> No File
ContextMenuHandlers4: [AABdzCtx] -> [CC]{5B69A6B4-393B-459C-8EBB-214237A9E7AC} => -> No File
ContextMenuHandlers5: [AABdzCtx] -> {5B69A6B4-393B-459C-8EBB-214237A9E7AC} => C:\Program Files\Bandizip\bdzshl.x64.dll [2022-11-21] (Bandisoft -> Bandisoft International Inc.)
ContextMenuHandlers5: [ACE] -> {5E2121EE-0300-11D4-8D3B-444553540000} => C:\Windows\System32\atiacm64.dll [2022-02-14] (Advanced Micro Devices, Inc. -> Advanced Micro Devices, Inc.)
ContextMenuHandlers6: [Adobe.Acrobat.ContextMenu] -> [CC]{A6595CD1-BF77-430A-A452-18696685F7C7} => -> No File
ContextMenuHandlers1_S-1-5-21-2253703465-1662604871-2040846708-1001: [AABdzCtx] -> [CC]{5B69A6B4-393B-459C-8EBB-214237A9E7AC} => -> No File
ContextMenuHandlers2_S-1-5-21-2253703465-1662604871-2040846708-1001: [AABdzCtx] -> [CC]{5B69A6B4-393B-459C-8EBB-214237A9E7AC} => -> No File
ContextMenuHandlers4_S-1-5-21-2253703465-1662604871-2040846708-1001: [AABdzCtx] -> [CC]{5B69A6B4-393B-459C-8EBB-214237A9E7AC} => -> No File
ContextMenuHandlers5_S-1-5-21-2253703465-1662604871-2040846708-1001: [AABdzCtx] -> {5B69A6B4-393B-459C-8EBB-214237A9E7AC} => C:\Program Files\Bandizip\bdzshl.x64.dll [2022-11-21] (Bandisoft -> Bandisoft International Inc.)

==================== Codecs (Whitelisted) ====================

==================== Shortcuts & WMI ========================

(The entries could be listed to be restored or removed.)

ShortcutWithArgument: C:\Users\PC\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Aplikace Chrome\Chrome Remote Desktop.lnk -> C:\Program Files\Google\Chrome\Application\chrome_proxy.exe (Google LLC) -> --profile-directory=Default --app-id=efmjfjelnicpmdcmfikempdhlmainjcb

==================== Loaded Modules (Whitelisted) =============

2016-01-21 16:59 - 2016-01-21 16:59 - 000018944 _____ (Softland) [File not signed] C:\Windows\System32\novamn8.dll

==================== Alternate Data Streams (Whitelisted) ========

==================== Safe Mode (Whitelisted) ==================

==================== Association (Whitelisted) =================

(If an entry is included in the fixlist, the registry item will be restored to default or removed.)

HKU\S-1-5-21-2253703465-1662604871-2040846708-1001\Software\Classes\.bat: => <==== ATTENTION
HKU\S-1-5-21-2253703465-1662604871-2040846708-1001\Software\Classes\.cmd: => <==== ATTENTION

==================== Internet Explorer (Whitelisted) ==========

BHO: Adobe Acrobat Create PDF Helper -> {AE7CD045-E861-484f-8273-0445EE161910} -> C:\Program Files (x86)\Common Files\Adobe\Acrobat\WCIEActiveX\DC\x64\AcroIEFavStub.dll [2022-10-16] (Adobe Systems, Incorporated -> Adobe Systems Incorporated)
BHO: Adobe Acrobat Create PDF from Selection -> {F4971EE7-DAA0-4053-9964-665D8EE6A077} -> C:\Program Files (x86)\Common Files\Adobe\Acrobat\WCIEActiveX\DC\x64\AcroIEFavStub.dll [2022-10-16] (Adobe Systems, Incorporated -> Adobe Systems Incorporated)
BHO-x32: Adobe Acrobat Create PDF Helper -> {AE7CD045-E861-484f-8273-0445EE161910} -> C:\Program Files (x86)\Common Files\Adobe\Acrobat\WCIEActiveX\DC\AcroIEFavStub.dll [2022-10-16] (Adobe Systems, Incorporated -> Adobe Systems Incorporated)
BHO-x32: Adobe Acrobat Create PDF from Selection -> {F4971EE7-DAA0-4053-9964-665D8EE6A077} -> C:\Program Files (x86)\Common Files\Adobe\Acrobat\WCIEActiveX\DC\AcroIEFavStub.dll [2022-10-16] (Adobe Systems, Incorporated -> Adobe Systems Incorporated)
Toolbar: HKLM - Adobe Acrobat Create PDF Toolbar - {47833539-D0C5-4125-9FA8-0819E2EAAC93} - C:\Program Files (x86)\Common Files\Adobe\Acrobat\WCIEActiveX\DC\x64\AcroIEFavStub.dll [2022-10-16] (Adobe Systems, Incorporated -> Adobe Systems Incorporated)
Toolbar: HKLM-x32 - Adobe Acrobat Create PDF Toolbar - {47833539-D0C5-4125-9FA8-0819E2EAAC93} - C:\Program Files (x86)\Common Files\Adobe\Acrobat\WCIEActiveX\DC\AcroIEFavStub.dll [2022-10-16] (Adobe Systems, Incorporated -> Adobe Systems Incorporated)

(If an entry is included in the fixlist, it will be removed from the registry.)

IE trusted site: HKU\S-1-5-21-2253703465-1662604871-2040846708-1001\...\localhost -> localhost

==================== Hosts content: =========================

(If needed Hosts: directive could be included in the fixlist to reset Hosts.)

2021-08-31 20:06 - 2022-12-16 11:54 - 000000645 _____ C:\Windows\system32\drivers\etc\hosts
127.0.0.1 localhost
0.0.0.0 lm.licenses.adobe.com
0.0.0.0 lmlicenses.wip4.adobe.com
0.0.0.0 lm-prd-da1.licenses.adobe.com
0.0.0.0 activate.adobe.com
0.0.0.0 activate.wip4.adobe.com
0.0.0.0 practivate.adobe.com
0.0.0.0 practivate-da1.adobe.com
0.0.0.0 na1r.services.adobe.com
0.0.0.0 hlrcv.stage.adobe.com
0.0.0.0 uds.licenses.adobe.com
0.0.0.0 licenses.adobe.com
0.0.0.0 license.adobe.com
0.0.0.0 helpexamples.com
0.0.0.0 activate-sea.adobe.com
0.0.0.0 activate-sjc0.adobe.com
0.0.0.0 ereg.adobe.com
0.0.0.0 activate.wip3.adobe.com
0.0.0.0 wip3.adobe.com
0.0.0.0 ereg.wip3.adobe.com
0.0.0.0 wwis-dubc1-vip60.adobe.com

2021-03-18 16:54 - 2021-03-18 16:58 - 000000445 _____ C:\Windows\system32\drivers\etc\hosts.ics

==================== Other Areas ===========================

(Currently there is no automatic fix for this section.)

HKU\S-1-5-21-2253703465-1662604871-2040846708-1001\Control Panel\Desktop\\Wallpaper -> C:\Users\PC\AppData\Local\FastStone\FSIV\FSViewerWallPaper.bmp
DNS Servers: 192.168.0.1
HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Policies\System => (ConsentPromptBehaviorAdmin: 5) (ConsentPromptBehaviorUser: 3) (EnableLUA: 1)
HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\AppHost => (EnableWebContentEvaluation: 1)
Windows Firewall is enabled.

==================== MSCONFIG/TASK MANAGER disabled items ==

(If an entry is included in the fixlist, it will be removed.)

HKLM\...\StartupApproved\Run: => "RTHDVCPL"
HKU\S-1-5-21-2253703465-1662604871-2040846708-1001\...\StartupApproved\StartupFolder: => "Telegram.lnk"
HKU\S-1-5-21-2253703465-1662604871-2040846708-1001\...\StartupApproved\Run: => "OneDrive"
HKU\S-1-5-21-2253703465-1662604871-2040846708-1001\...\StartupApproved\Run: => "CCleaner Smart Cleaning"
HKU\S-1-5-21-2253703465-1662604871-2040846708-1001\...\StartupApproved\Run: => "CCleanerBrowserAutoLaunch_E71417B8001168D10E406277AE4A1137"
HKU\S-1-5-21-2253703465-1662604871-2040846708-1001\...\StartupApproved\Run: => "Opera Browser Assistant"
HKU\S-1-5-21-2253703465-1662604871-2040846708-1001\...\StartupApproved\Run: => "Zoner Photo Studio Autoupdate"
HKU\S-1-5-21-2253703465-1662604871-2040846708-1001\...\StartupApproved\Run: => "electron.app.Fing"
HKU\S-1-5-21-2253703465-1662604871-2040846708-1001\...\StartupApproved\Run: => "uTorrent"
HKU\S-1-5-21-2253703465-1662604871-2040846708-1001\...\StartupApproved\Run: => "MicrosoftEdgeAutoLaunch_B47356396DDD0FAAE76D0ED141F5CEA2"
HKU\S-1-5-21-2253703465-1662604871-2040846708-1001\...\StartupApproved\Run: => "Application Restart #0"
HKU\S-1-5-21-2253703465-1662604871-2040846708-1001\...\StartupApproved\Run: => "org.whispersystems.signal-desktop"

==================== FirewallRules (Whitelisted) ================

(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)

FirewallRules: [{6D29CCB6-BE7B-4DE4-AB17-1A7EAFD29CB2}] => (Allow) C:\Program Files\HP\HP DeskJet 2130 series\Bin\USBSetup.exe (Hewlett Packard -> HP Inc.)
FirewallRules: [{AAFDF72C-88E9-43AC-9CB6-697AF53CA8FD}] => (Allow) C:\Program Files\HP\HP DeskJet 2130 series\Bin\HPNetworkCommunicatorCom.exe (Hewlett Packard -> HP Inc.)
FirewallRules: [TCP Query User{958E1C17-8104-4483-8A5C-C7F833246307}C:\windows\syswow64\dpnsvr.exe] => (Allow) C:\windows\syswow64\dpnsvr.exe (Microsoft Windows -> Microsoft Corporation)
FirewallRules: [UDP Query User{7EAF9432-A0A0-457F-833E-7D447BF9DC36}C:\windows\syswow64\dpnsvr.exe] => (Allow) C:\windows\syswow64\dpnsvr.exe (Microsoft Windows -> Microsoft Corporation)
FirewallRules: [{F8E22406-EBEA-4B42-8C6E-CAF5D14A7741}] => (Allow) C:\Users\PC\AppData\Local\Programs\Opera\launcher.exe (Opera Norway AS -> Opera Software)
FirewallRules: [{C7ADD0C1-8AD3-4707-9C1A-15805FCB17D8}] => (Allow) C:\Users\PC\AppData\Local\Programs\Opera\launcher.exe (Opera Norway AS -> Opera Software)
FirewallRules: [{32FBA9C5-975D-42BB-B455-A04F2A1AAA93}] => (Allow) C:\Users\PC\AppData\Local\Programs\Opera\launcher.exe (Opera Norway AS -> Opera Software)
FirewallRules: [{2A1E9EF4-03E2-469D-901A-5E948FD4C447}] => (Allow) C:\Users\PC\AppData\Local\Programs\Opera\launcher.exe (Opera Norway AS -> Opera Software)
FirewallRules: [TCP Query User{2BD1F1FF-B8A3-4D11-91D8-7AB02087AB7F}C:\users\pc\appdata\local\programs\opera\opera.exe] => (Allow) C:\users\pc\appdata\local\programs\opera\opera.exe (Opera Norway AS -> Opera Software)
FirewallRules: [UDP Query User{D80BD8E1-BA84-4AFE-A5A0-3D0069650206}C:\users\pc\appdata\local\programs\opera\opera.exe] => (Allow) C:\users\pc\appdata\local\programs\opera\opera.exe (Opera Norway AS -> Opera Software)
FirewallRules: [{2D2A664D-54D1-4C40-A32C-B9C8B0744D23}] => (Allow) LPort=8501
FirewallRules: [{F49F68E2-0410-4565-9E04-7BBC6F11AEFD}] => (Allow) LPort=8501
FirewallRules: [TCP Query User{4E585E1C-3A0B-41A6-8746-23E7003558F3}C:\users\pc\appdata\local\programs\opera\opera.exe] => (Allow) C:\users\pc\appdata\local\programs\opera\opera.exe (Opera Norway AS -> Opera Software)
FirewallRules: [UDP Query User{A23ED898-6C2F-4846-AED0-68EF2661B589}C:\users\pc\appdata\local\programs\opera\opera.exe] => (Allow) C:\users\pc\appdata\local\programs\opera\opera.exe (Opera Norway AS -> Opera Software)
FirewallRules: [TCP Query User{B91ACFF1-2140-4D7F-82A8-890FF2516E2F}C:\program files (x86)\videolan\vlc\vlc.exe] => (Allow) C:\program files (x86)\videolan\vlc\vlc.exe (VideoLAN -> VideoLAN)
FirewallRules: [UDP Query User{2B06AC90-7405-43D8-ADAC-AA2A705B8108}C:\program files (x86)\videolan\vlc\vlc.exe] => (Allow) C:\program files (x86)\videolan\vlc\vlc.exe (VideoLAN -> VideoLAN)
FirewallRules: [{2C0DAE33-5214-47A9-824C-D5C713596CED}] => (Block) C:\program files (x86)\videolan\vlc\vlc.exe (VideoLAN -> VideoLAN)
FirewallRules: [{2DD81983-08EE-47E2-8CDD-099A2738A7F8}] => (Block) C:\program files (x86)\videolan\vlc\vlc.exe (VideoLAN -> VideoLAN)
FirewallRules: [{4CBFF3A3-BCC3-4F03-A035-94F0A9ED4CBF}] => (Allow) C:\Program Files\Google\Chrome\Application\chrome.exe (Google LLC -> Google LLC)
FirewallRules: [{39D6D435-4949-4451-B983-2AA8D72DDBE3}] => (Allow) C:\Program Files (x86)\uTorrent\uTorrent.exe (BitTorrent Inc -> BitTorrent, Inc.)
FirewallRules: [{CB1FDA56-A536-440D-9A2A-C4FFFFFF024C}] => (Allow) C:\Program Files (x86)\uTorrent\uTorrent.exe (BitTorrent Inc -> BitTorrent, Inc.)
FirewallRules: [{DE29559B-CDFE-4AAD-AF46-E7AD364344FE}] => (Allow) C:\Program Files (x86)\Microsoft\EdgeWebView\Application\119.0.2151.72\msedgewebview2.exe (Microsoft Corporation -> Microsoft Corporation)

==================== Restore Points =========================

==================== Faulty Device Manager Devices ============

==================== Event log errors: ========================

Application errors:
==================
Error: (11/26/2023 09:00:04 AM) (Source: VSS) (EventID: 12293) (User: )
Description: Chyba služby Stínová kopie svazků: Při volání rutiny zprostředkovatele stínové kopie {b5946137-7b9f-4925-af80-51abd60b20d5} došlo k chybě. Podrobnosti rutiny Cannot ask provider {b5946137-7b9f-4925-af80-51abd60b20d5} if volume is supported. [0x8000ffff] [hr = 0x8000ffff, Katastrofální selhání
].

Operace:
Zkontrolovat, zda poskytovatel podporuje svazek
Přidat svazek k sadě stínových kopií

Kontext:
Kontext spuštění: Coordinator
ID zprostředkovatele: {00000000-0000-0000-0000-000000000000}
Název svazku: \\?\Volume{9ae8f24a-0000-0000-0000-300300000000}\
Kontext spuštění: Coordinator

Error: (11/26/2023 08:57:34 AM) (Source: VSS) (EventID: 12293) (User: )
Description: Chyba služby Stínová kopie svazků: Při volání rutiny zprostředkovatele stínové kopie {b5946137-7b9f-4925-af80-51abd60b20d5} došlo k chybě. Podrobnosti rutiny Cannot ask provider {b5946137-7b9f-4925-af80-51abd60b20d5} if volume is supported. [0x8000ffff] [hr = 0x8000ffff, Katastrofální selhání
].

Operace:
Zkontrolovat, zda poskytovatel podporuje svazek
Přidat svazek k sadě stínových kopií

Kontext:
Kontext spuštění: Coordinator
ID zprostředkovatele: {00000000-0000-0000-0000-000000000000}
Název svazku: \\?\Volume{9ae8f24a-0000-0000-0000-300300000000}\
Kontext spuštění: Coordinator

Error: (11/26/2023 08:46:59 AM) (Source: Windows Search Service) (EventID: 1019) (User: )
Description: Službě Windows Search se nepodařilo zpracovat seznam zahrnutých a vyloučených umístění, a to s chybou <30, 0x80040d07, iehistory://{S-1-5-21-2253703465-1662604871-2040846708-1001}/>.

Error: (11/26/2023 03:07:19 AM) (Source: MsiInstaller) (EventID: 10005) (User: NT AUTHORITY)
Description: Produkt: Update for Windows 10 for x64-based Systems (KB5001716) - A later version of Update for Windows 10 for x64-based Systems (KB5001716) is already installed. Setup will now exit.

Error: (11/26/2023 01:47:30 AM) (Source: System Restore) (EventID: 8211) (User: )
Description: Naplánovaný bod obnovení nebylo možné vytvořit. Další informace: (0x8004230f).

Error: (11/26/2023 01:47:30 AM) (Source: System Restore) (EventID: 8193) (User: )
Description: Vytvoření bodu obnovení se nezdařilo (Proces = C:\Windows\system32\srtasks.exe ExecuteScheduledSPPCreation; Popis = Naplánovaný kontrolní bod; Chyba = 0x8004230f).

Error: (11/26/2023 01:47:25 AM) (Source: VSS) (EventID: 12293) (User: )
Description: Chyba služby Stínová kopie svazků: Při volání rutiny zprostředkovatele stínové kopie {b5946137-7b9f-4925-af80-51abd60b20d5} došlo k chybě. Podrobnosti rutiny IVssSnapshotProvider::IsVolumeSupported() failed with 0x8000ffff [hr = 0x8000ffff, Katastrofální selhání
].

Operace:
Zkontrolovat, zda poskytovatel podporuje svazek
Přidat svazek k sadě stínových kopií

Kontext:
Kontext spuštění: Coordinator
ID zprostředkovatele: {b5946137-7b9f-4925-af80-51abd60b20d5}
Název svazku: \\?\Volume{9ae8f24a-0000-0000-0000-300300000000}\
Kontext spuštění: Coordinator

Error: (11/26/2023 01:47:01 AM) (Source: VSS) (EventID: 12293) (User: )
Description: Chyba služby Stínová kopie svazků: Při volání rutiny zprostředkovatele stínové kopie {b5946137-7b9f-4925-af80-51abd60b20d5} došlo k chybě. Podrobnosti rutiny IVssSnapshotProvider::IsVolumeSupported() failed with 0x8000ffff [hr = 0x8000ffff, Katastrofální selhání
].

Operace:
Zkontrolovat, zda poskytovatel podporuje svazek
Přidat svazek k sadě stínových kopií

Kontext:
Kontext spuštění: Coordinator
ID zprostředkovatele: {b5946137-7b9f-4925-af80-51abd60b20d5}
Název svazku: \\?\Volume{9ae8f24a-0000-0000-0000-300300000000}\
Kontext spuštění: Coordinator

System errors:
=============
Error: (11/26/2023 03:07:19 AM) (Source: Microsoft-Windows-WindowsUpdateClient) (EventID: 20) (User: NT AUTHORITY)
Description: Instalace se nezdařila: Instalování následující aktualizace se nezdařilo z důvodu chyby (0x8024200b): 2023-05 Aktualizace pro Windows 10 Version 21H2 pro systémy typu x64 (KB5001716).

Error: (11/24/2023 08:35:21 PM) (Source: Microsoft-Windows-WindowsUpdateClient) (EventID: 20) (User: NT AUTHORITY)
Description: Instalace se nezdařila: Instalování následující aktualizace se nezdařilo z důvodu chyby (0x8024200b): 2023-05 Aktualizace pro Windows 10 Version 21H2 pro systémy typu x64 (KB5001716).

Error: (11/23/2023 01:46:16 PM) (Source: Microsoft-Windows-WindowsUpdateClient) (EventID: 20) (User: NT AUTHORITY)
Description: Instalace se nezdařila: Instalování následující aktualizace se nezdařilo z důvodu chyby (0x8024200b): 2023-05 Aktualizace pro Windows 10 Version 21H2 pro systémy typu x64 (KB5001716).

Error: (11/22/2023 07:24:43 AM) (Source: Microsoft-Windows-WindowsUpdateClient) (EventID: 20) (User: NT AUTHORITY)
Description: Instalace se nezdařila: Instalování následující aktualizace se nezdařilo z důvodu chyby (0x8024200b): 2023-05 Aktualizace pro Windows 10 Version 21H2 pro systémy typu x64 (KB5001716).

Error: (11/21/2023 12:31:17 AM) (Source: Microsoft-Windows-WindowsUpdateClient) (EventID: 20) (User: NT AUTHORITY)
Description: Instalace se nezdařila: Instalování následující aktualizace se nezdařilo z důvodu chyby (0x8024200b): 2023-05 Aktualizace pro Windows 10 Version 21H2 pro systémy typu x64 (KB5001716).

Error: (11/19/2023 05:39:59 PM) (Source: Microsoft-Windows-WindowsUpdateClient) (EventID: 20) (User: NT AUTHORITY)
Description: Instalace se nezdařila: Instalování následující aktualizace se nezdařilo z důvodu chyby (0x8024200b): 2023-05 Aktualizace pro Windows 10 Version 21H2 pro systémy typu x64 (KB5001716).

Error: (11/18/2023 11:30:26 AM) (Source: Microsoft-Windows-WindowsUpdateClient) (EventID: 20) (User: NT AUTHORITY)
Description: Instalace se nezdařila: Instalování následující aktualizace se nezdařilo z důvodu chyby (0x8024200b): 2023-05 Aktualizace pro Windows 10 Version 21H2 pro systémy typu x64 (KB5001716).

Error: (11/17/2023 04:42:39 AM) (Source: Microsoft-Windows-WindowsUpdateClient) (EventID: 20) (User: NT AUTHORITY)
Description: Instalace se nezdařila: Instalování následující aktualizace se nezdařilo z důvodu chyby (0x8024200b): 2023-05 Aktualizace pro Windows 10 Version 21H2 pro systémy typu x64 (KB5001716).

Windows Defender:
================
Date: 2023-11-24 13:27:14
Description:
Prohledávání Antivirová ochrana v programu Microsoft Defender bylo zastaveno před dokončením.
ID prohledávání: {CDC0A1C6-D0DD-48EB-BD1B-728EEF1CBB82}
Typ prohledávání: Antimalwarový program
Parametry prohledávání: Rychlé prohledávání
Uživatel: NT AUTHORITY\SYSTEM

Date: 2023-11-23 13:27:15
Description:
Prohledávání Antivirová ochrana v programu Microsoft Defender bylo zastaveno před dokončením.
ID prohledávání: {A1F49CFD-0AEA-40E5-A872-1351DAAA2B40}
Typ prohledávání: Antimalwarový program
Parametry prohledávání: Rychlé prohledávání
Uživatel: NT AUTHORITY\SYSTEM

Date: 2023-11-23 05:46:10
Description:
Prohledávání Antivirová ochrana v programu Microsoft Defender bylo zastaveno před dokončením.
ID prohledávání: {5703E9A1-F007-4377-BA93-9F77283568E1}
Typ prohledávání: Antimalwarový program
Parametry prohledávání: Rychlé prohledávání
Uživatel: NT AUTHORITY\SYSTEM

Date: 2023-11-21 13:23:19
Description:
Prohledávání Antivirová ochrana v programu Microsoft Defender bylo zastaveno před dokončením.
ID prohledávání: {F94026E1-CA74-4D10-8FF1-4B694904A41E}
Typ prohledávání: Antimalwarový program
Parametry prohledávání: Rychlé prohledávání
Uživatel: NT AUTHORITY\SYSTEM

Date: 2023-11-20 12:41:15
Description:
Prohledávání Antivirová ochrana v programu Microsoft Defender bylo zastaveno před dokončením.
ID prohledávání: {F1F85680-D80A-46E0-8FBC-34CB635B0CD8}
Typ prohledávání: Antimalwarový program
Parametry prohledávání: Rychlé prohledávání
Uživatel: NT AUTHORITY\SYSTEM
Event[0]:

Date: 2023-06-26 05:58:47
Description:
Antivirová ochrana v programu Microsoft Defender narazil na chybu při pokusu o aktualizaci bezpečnostních informací.
Nová verze bezpečnostních informací:
Předchozí verze bezpečnostních informací: 1.391.2598.0
Zdroj aktualizace: Server Microsoft Update
Typ bezpečnostních informací: Antivirový program
Typ aktualizace: Úplné
Uživatel: NT AUTHORITY\SYSTEM
Aktuální verze modulu:
Předchozí verze modulu: 1.1.23050.3
Kód chyby: 0x80240438
Popis chyby: Při zjišťování aktualizací došlo k neočekávaným potížím. Informace o instalaci nebo řešení potíží s aktualizacemi naleznete v nápovědě a podpoře.

Date: 2023-06-23 14:13:41
Description:
Antivirová ochrana v programu Microsoft Defender narazil na chybu při pokusu o aktualizaci bezpečnostních informací.
Nová verze bezpečnostních informací:
Předchozí verze bezpečnostních informací: 1.391.2263.0
Zdroj aktualizace: Server Microsoft Update
Typ bezpečnostních informací: Antivirový program
Typ aktualizace: Úplné
Uživatel: NT AUTHORITY\SYSTEM
Aktuální verze modulu:
Předchozí verze modulu: 1.1.23050.3
Kód chyby: 0x8024402c
Popis chyby: Při zjišťování aktualizací došlo k neočekávaným potížím. Informace o instalaci nebo řešení potíží s aktualizacemi naleznete v nápovědě a podpoře.

CodeIntegrity:
===============
Date: 2022-12-12 04:43:48
Description:
Code Integrity determined that a process (\Device\HarddiskVolume2\ProgramData\Microsoft\Windows Defender\Platform\4.18.2211.5-0\MsMpEng.exe) attempted to load \Device\HarddiskVolume2\Program Files (x86)\Microsoft Office\root\vfs\ProgramFilesCommonX64\Microsoft Shared\OFFICE16\MSOXMLMF.DLL that did not meet the Custom 3 / Antimalware signing level requirements.

Date: 2021-12-16 11:45:31
Description:
Code Integrity determined that a process (\Device\HarddiskVolume2\Users\PC\AppData\Local\Programs\Opera\opera.exe) attempted to load \Device\HarddiskVolume2\Program Files\Malwarebytes\Anti-Malware\mbae.dll that did not meet the Microsoft signing level requirements.

Date: 2021-08-25 06:28:33
Description:
Code Integrity determined that a process (\Device\HarddiskVolume2\Windows\System32\svchost.exe) attempted to load \Device\HarddiskVolume2\Program Files (x86)\Kaspersky Lab\Kaspersky Internet Security 21.3\x64\antimalware_provider.dll that did not meet the Windows signing level requirements.

==================== Memory info ===========================

BIOS: FUJITSU // American Megatrends Inc. V4.6.5.4 R1.8.0 for D3313-B1x 04/30/2014
Motherboard: FUJITSU D3313-B1
Processor: AMD GX-217GA SOC with Radeon(tm) HD Graphics
Percentage of memory in use: 52%
Total physical RAM: 7862.6 MB
Available physical RAM: 3718.02 MB
Total Virtual: 9078.6 MB
Available Virtual: 4437.21 MB

==================== Drives ================================

Drive c: () (Fixed) (Total:118.7 GB) (Free:27.85 GB) (Model: REPASY.E U-128GB SATA Disk Device) NTFS
Drive f: (KINGSTON) (Removable) (Total:28.87 GB) (Free:28.75 GB) NTFS

\\?\Volume{9ae8f24a-0000-0000-0000-100000000000}\ (Rezervováno systémem) (Fixed) (Total:0.05 GB) (Free:0.02 GB) NTFS
\\?\Volume{9ae8f24a-0000-0000-0000-20b01d000000}\ () (Fixed) (Total:0.49 GB) (Free:0.08 GB) NTFS

==================== MBR & Partition Table ====================

==========================================================
Disk: 0 (MBR Code: Windows 7/8/10) (Size: 119.2 GB) (Disk ID: 9AE8F24A)
Partition 1: (Active) - (Size=50 MB) - (Type=07 NTFS)
Partition 2: (Not Active) - (Size=118.7 GB) - (Type=07 NTFS)
Partition 3: (Not Active) - (Size=500 MB) - (Type=27)

==========================================================
Disk: 1 (Size: 28.9 GB) (Disk ID: 054DB5B7)
Partition 1: (Active) - (Size=28.9 GB) - (Type=07 NTFS)

==================== End of Addition.txt =======================

#2 Příspěvek od **Rudy** » 26 lis 2023 11:14

Zdravím!
Otevřte poznámkový blok a zkopírujte do něj:

Start

CloseProcesses:
HKLM-x32\...\Run: [] => [X]
HKLM\SOFTWARE\Policies\Microsoft\Windows\WindowsUpdate: Restriction <==== ATTENTION
HKU\S-1-5-21-2253703465-1662604871-2040846708-1001\...\MountPoints2: {1996eb4a-0d3f-11ec-9590-901b0e374bd5} - "D:\HiSuiteDownLoader.exe"
HKU\S-1-5-21-2253703465-1662604871-2040846708-1001\...\MountPoints2: {25c6bace-9fb4-11ed-961d-901b0e374bd5} - "D:\HiSuiteDownLoader.exe"
HKU\S-1-5-21-2253703465-1662604871-2040846708-1001\...\MountPoints2: {25c6bad4-9fb4-11ed-961d-901b0e374bd5} - "D:\HiSuiteDownLoader.exe"
HKU\S-1-5-21-2253703465-1662604871-2040846708-1001\...\MountPoints2: {49fa7e89-ea6f-11ec-95ff-901b0e374bd5} - "F:\HiSuiteDownLoader.exe"
HKU\S-1-5-21-2253703465-1662604871-2040846708-1001\...\MountPoints2: {49fa7ea0-ea6f-11ec-95ff-901b0e374bd5} - "F:\HiSuiteDownLoader.exe"
HKU\S-1-5-21-2253703465-1662604871-2040846708-1001\...\MountPoints2: {6f591446-b673-11ec-95ed-901b0e374bd5} - "E:\HiSuiteDownLoader.exe"
HKU\S-1-5-21-2253703465-1662604871-2040846708-1001\...\MountPoints2: {7c9ef503-4628-11ec-95bf-901b0e374bd5} - "D:\HiSuiteDownLoader.exe"
HKU\S-1-5-21-2253703465-1662604871-2040846708-1001\...\MountPoints2: {7c9ef626-4628-11ec-95bf-901b0e374bd5} - "D:\HiSuiteDownLoader.exe"
HKU\S-1-5-21-2253703465-1662604871-2040846708-1001\...\MountPoints2: {9df471eb-7a6b-11eb-954b-901b0e374bd5} - "D:\iStudio.exe"
HKU\S-1-5-21-2253703465-1662604871-2040846708-1001\...\MountPoints2: {b56f695c-9fba-11ed-961f-901b0e374bd5} - "D:\HiSuiteDownLoader.exe"
HKU\S-1-5-21-2253703465-1662604871-2040846708-1001\...\MountPoints2: {b56f6b09-9fba-11ed-961f-901b0e374bd5} - "D:\HiSuiteDownLoader.exe"
HKU\S-1-5-21-2253703465-1662604871-2040846708-1001\...\MountPoints2: {d42f75a1-8f0f-11ec-95dd-901b0e374bd5} - "D:\HiSuiteDownLoader.exe"
HKU\S-1-5-21-2253703465-1662604871-2040846708-1001\...\MountPoints2: {dc2139b0-4e04-11ee-9677-901b0e374bd5} - "D:\HiSuiteDownLoader.exe"
HKU\S-1-5-21-2253703465-1662604871-2040846708-1001\...\MountPoints2: {dc2139b7-4e04-11ee-9677-901b0e374bd5} - "D:\HiSuiteDownLoader.exe"
GroupPolicy: Restriction ? <==== ATTENTION
Policies: C:\ProgramData\NTUSER.pol: Restriction <==== ATTENTION
ask: {A91E4C37-25F1-421C-BBB3-323088A96B54} - System32\Tasks\GoogleUpdateTaskMachineCore{9CFE5E76-E6AE-40D1-8A7A-784651BFAC92} => C:\Program Files (x86)\Google\Update\GoogleUpdate.exe /c (No File)
Task: {3EB50B9C-E5D8-414B-9FB9-61B826A54942} - System32\Tasks\GoogleUpdateTaskMachineUA{89C6BD60-727E-474D-80CC-35FBDE5236CC} => C:\Program Files (x86)\Google\Update\GoogleUpdate.exe /ua /installsource scheduler (No File)
ContextMenuHandlers1: [AABdzCtx] -> [CC]{5B69A6B4-393B-459C-8EBB-214237A9E7AC} => -> No File
ContextMenuHandlers1: [Adobe.Acrobat.ContextMenu] -> [CC]{A6595CD1-BF77-430A-A452-18696685F7C7} => -> No File
ContextMenuHandlers2: [AABdzCtx] -> [CC]{5B69A6B4-393B-459C-8EBB-214237A9E7AC} => -> No File
ContextMenuHandlers3: [Advanced SystemCare] -> [CC]{2803063F-4B8D-4dc6-8874-D1802487FE2D} => -> No File
ContextMenuHandlers4: [AABdzCtx] -> [CC]{5B69A6B4-393B-459C-8EBB-214237A9E7AC} => -> No File
ContextMenuHandlers6: [Adobe.Acrobat.ContextMenu] -> [CC]{A6595CD1-BF77-430A-A452-18696685F7C7} => -> No File
ContextMenuHandlers1_S-1-5-21-2253703465-1662604871-2040846708-1001: [AABdzCtx] -> [CC]{5B69A6B4-393B-459C-8EBB-214237A9E7AC} => -> No File
ContextMenuHandlers2_S-1-5-21-2253703465-1662604871-2040846708-1001: [AABdzCtx] -> [CC]{5B69A6B4-393B-459C-8EBB-214237A9E7AC} => -> No File
ContextMenuHandlers4_S-1-5-21-2253703465-1662604871-2040846708-1001: [AABdzCtx] -> [CC]{5B69A6B4-393B-459C-8EBB-214237A9E7AC} => -> No File
HKU\S-1-5-21-2253703465-1662604871-2040846708-1001\Software\Classes\.bat: => <==== ATTENTION
HKU\S-1-5-21-2253703465-1662604871-2040846708-1001\Software\Classes\.cmd: => <==== ATTENTION

EmptyTemp:
Hosts:
End

Uložte do C:\Users\PC\Desktop\Čištění jako fixlist.txt. Spusťte znovu FRST a klikněte na >Fix<. Po skončení akce se objeví log, který sem zkopírujte.

zdenek72 · #3 Příspěvek od **zdenek72** » 26 lis 2023 12:09

Fix result of Farbar Recovery Scan Tool (x64) Version: 05-11-2023 02
Ran by PC (26-11-2023 12:02:27) Run:1
Running from C:\Users\PC\Desktop\Čištění
Loaded Profiles: PC
Boot Mode: Normal
==============================================

fixlist content:
*****************
Start

CloseProcesses:
HKLM-x32\...\Run: [] => [X]
HKLM\SOFTWARE\Policies\Microsoft\Windows\WindowsUpdate: Restriction <==== ATTENTION
HKU\S-1-5-21-2253703465-1662604871-2040846708-1001\...\MountPoints2: {1996eb4a-0d3f-11ec-9590-901b0e374bd5} - "D:\HiSuiteDownLoader.exe"
HKU\S-1-5-21-2253703465-1662604871-2040846708-1001\...\MountPoints2: {25c6bace-9fb4-11ed-961d-901b0e374bd5} - "D:\HiSuiteDownLoader.exe"
HKU\S-1-5-21-2253703465-1662604871-2040846708-1001\...\MountPoints2: {25c6bad4-9fb4-11ed-961d-901b0e374bd5} - "D:\HiSuiteDownLoader.exe"
HKU\S-1-5-21-2253703465-1662604871-2040846708-1001\...\MountPoints2: {49fa7e89-ea6f-11ec-95ff-901b0e374bd5} - "F:\HiSuiteDownLoader.exe"
HKU\S-1-5-21-2253703465-1662604871-2040846708-1001\...\MountPoints2: {49fa7ea0-ea6f-11ec-95ff-901b0e374bd5} - "F:\HiSuiteDownLoader.exe"
HKU\S-1-5-21-2253703465-1662604871-2040846708-1001\...\MountPoints2: {6f591446-b673-11ec-95ed-901b0e374bd5} - "E:\HiSuiteDownLoader.exe"
HKU\S-1-5-21-2253703465-1662604871-2040846708-1001\...\MountPoints2: {7c9ef503-4628-11ec-95bf-901b0e374bd5} - "D:\HiSuiteDownLoader.exe"
HKU\S-1-5-21-2253703465-1662604871-2040846708-1001\...\MountPoints2: {7c9ef626-4628-11ec-95bf-901b0e374bd5} - "D:\HiSuiteDownLoader.exe"
HKU\S-1-5-21-2253703465-1662604871-2040846708-1001\...\MountPoints2: {9df471eb-7a6b-11eb-954b-901b0e374bd5} - "D:\iStudio.exe"
HKU\S-1-5-21-2253703465-1662604871-2040846708-1001\...\MountPoints2: {b56f695c-9fba-11ed-961f-901b0e374bd5} - "D:\HiSuiteDownLoader.exe"
HKU\S-1-5-21-2253703465-1662604871-2040846708-1001\...\MountPoints2: {b56f6b09-9fba-11ed-961f-901b0e374bd5} - "D:\HiSuiteDownLoader.exe"
HKU\S-1-5-21-2253703465-1662604871-2040846708-1001\...\MountPoints2: {d42f75a1-8f0f-11ec-95dd-901b0e374bd5} - "D:\HiSuiteDownLoader.exe"
HKU\S-1-5-21-2253703465-1662604871-2040846708-1001\...\MountPoints2: {dc2139b0-4e04-11ee-9677-901b0e374bd5} - "D:\HiSuiteDownLoader.exe"
HKU\S-1-5-21-2253703465-1662604871-2040846708-1001\...\MountPoints2: {dc2139b7-4e04-11ee-9677-901b0e374bd5} - "D:\HiSuiteDownLoader.exe"
GroupPolicy: Restriction ? <==== ATTENTION
Policies: C:\ProgramData\NTUSER.pol: Restriction <==== ATTENTION
ask: {A91E4C37-25F1-421C-BBB3-323088A96B54} - System32\Tasks\GoogleUpdateTaskMachineCore{9CFE5E76-E6AE-40D1-8A7A-784651BFAC92} => C:\Program Files (x86)\Google\Update\GoogleUpdate.exe /c (No File)
Task: {3EB50B9C-E5D8-414B-9FB9-61B826A54942} - System32\Tasks\GoogleUpdateTaskMachineUA{89C6BD60-727E-474D-80CC-35FBDE5236CC} => C:\Program Files (x86)\Google\Update\GoogleUpdate.exe /ua /installsource scheduler (No File)
ContextMenuHandlers1: [AABdzCtx] -> [CC]{5B69A6B4-393B-459C-8EBB-214237A9E7AC} => -> No File
ContextMenuHandlers1: [Adobe.Acrobat.ContextMenu] -> [CC]{A6595CD1-BF77-430A-A452-18696685F7C7} => -> No File
ContextMenuHandlers2: [AABdzCtx] -> [CC]{5B69A6B4-393B-459C-8EBB-214237A9E7AC} => -> No File
ContextMenuHandlers3: [Advanced SystemCare] -> [CC]{2803063F-4B8D-4dc6-8874-D1802487FE2D} => -> No File
ContextMenuHandlers4: [AABdzCtx] -> [CC]{5B69A6B4-393B-459C-8EBB-214237A9E7AC} => -> No File
ContextMenuHandlers6: [Adobe.Acrobat.ContextMenu] -> [CC]{A6595CD1-BF77-430A-A452-18696685F7C7} => -> No File
ContextMenuHandlers1_S-1-5-21-2253703465-1662604871-2040846708-1001: [AABdzCtx] -> [CC]{5B69A6B4-393B-459C-8EBB-214237A9E7AC} => -> No File
ContextMenuHandlers2_S-1-5-21-2253703465-1662604871-2040846708-1001: [AABdzCtx] -> [CC]{5B69A6B4-393B-459C-8EBB-214237A9E7AC} => -> No File
ContextMenuHandlers4_S-1-5-21-2253703465-1662604871-2040846708-1001: [AABdzCtx] -> [CC]{5B69A6B4-393B-459C-8EBB-214237A9E7AC} => -> No File
HKU\S-1-5-21-2253703465-1662604871-2040846708-1001\Software\Classes\.bat: => <==== ATTENTION
HKU\S-1-5-21-2253703465-1662604871-2040846708-1001\Software\Classes\.cmd: => <==== ATTENTION

EmptyTemp:
Hosts:
End
*****************

Processes closed successfully.
"HKLM\Software\WOW6432Node\Microsoft\Windows\CurrentVersion\Run\\" => removed successfully
HKLM\SOFTWARE\Policies\Microsoft\Windows\WindowsUpdate => removed successfully
HKU\S-1-5-21-2253703465-1662604871-2040846708-1001\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\MountPoints2\{1996eb4a-0d3f-11ec-9590-901b0e374bd5} => removed successfully
HKU\S-1-5-21-2253703465-1662604871-2040846708-1001\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\MountPoints2\{25c6bace-9fb4-11ed-961d-901b0e374bd5} => removed successfully
HKU\S-1-5-21-2253703465-1662604871-2040846708-1001\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\MountPoints2\{25c6bad4-9fb4-11ed-961d-901b0e374bd5} => removed successfully
HKU\S-1-5-21-2253703465-1662604871-2040846708-1001\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\MountPoints2\{49fa7e89-ea6f-11ec-95ff-901b0e374bd5} => removed successfully
HKU\S-1-5-21-2253703465-1662604871-2040846708-1001\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\MountPoints2\{49fa7ea0-ea6f-11ec-95ff-901b0e374bd5} => removed successfully
HKU\S-1-5-21-2253703465-1662604871-2040846708-1001\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\MountPoints2\{6f591446-b673-11ec-95ed-901b0e374bd5} => removed successfully
HKU\S-1-5-21-2253703465-1662604871-2040846708-1001\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\MountPoints2\{7c9ef503-4628-11ec-95bf-901b0e374bd5} => removed successfully
HKU\S-1-5-21-2253703465-1662604871-2040846708-1001\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\MountPoints2\{7c9ef626-4628-11ec-95bf-901b0e374bd5} => removed successfully
HKU\S-1-5-21-2253703465-1662604871-2040846708-1001\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\MountPoints2\{9df471eb-7a6b-11eb-954b-901b0e374bd5} => removed successfully
HKU\S-1-5-21-2253703465-1662604871-2040846708-1001\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\MountPoints2\{b56f695c-9fba-11ed-961f-901b0e374bd5} => removed successfully
HKU\S-1-5-21-2253703465-1662604871-2040846708-1001\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\MountPoints2\{b56f6b09-9fba-11ed-961f-901b0e374bd5} => removed successfully
HKU\S-1-5-21-2253703465-1662604871-2040846708-1001\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\MountPoints2\{d42f75a1-8f0f-11ec-95dd-901b0e374bd5} => removed successfully
HKU\S-1-5-21-2253703465-1662604871-2040846708-1001\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\MountPoints2\{dc2139b0-4e04-11ee-9677-901b0e374bd5} => removed successfully
HKU\S-1-5-21-2253703465-1662604871-2040846708-1001\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\MountPoints2\{dc2139b7-4e04-11ee-9677-901b0e374bd5} => removed successfully

"C:\Windows\system32\GroupPolicy\Machine" folder move:

C:\Windows\system32\GroupPolicy\Machine => moved successfully
C:\Windows\system32\GroupPolicy\GPT.ini => moved successfully
C:\Windows\SysWOW64\GroupPolicy\GPT.ini => moved successfully
C:\ProgramData\NTUSER.pol => moved successfully
ask: {A91E4C37-25F1-421C-BBB3-323088A96B54} - System32\Tasks\GoogleUpdateTaskMachineCore{9CFE5E76-E6AE-40D1-8A7A-784651BFAC92} => C:\Program Files (x86)\Google\Update\GoogleUpdate.exe /c (No File) => Error: No automatic fix found for this entry.
"HKLM\Software\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Plain\{3EB50B9C-E5D8-414B-9FB9-61B826A54942}" => removed successfully
"HKLM\Software\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tasks\{3EB50B9C-E5D8-414B-9FB9-61B826A54942}" => removed successfully
C:\Windows\System32\Tasks\GoogleUpdateTaskMachineUA{89C6BD60-727E-474D-80CC-35FBDE5236CC} => moved successfully
"HKLM\Software\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tree\GoogleUpdateTaskMachineUA{89C6BD60-727E-474D-80CC-35FBDE5236CC}" => removed successfully
HKLM\Software\Classes\*\ShellEx\ContextMenuHandlers\AABdzCtx => removed successfully
HKLM\Software\Classes\*\ShellEx\ContextMenuHandlers\Adobe.Acrobat.ContextMenu => removed successfully
HKLM\Software\Classes\Drive\ShellEx\ContextMenuHandlers\AABdzCtx => removed successfully
HKLM\Software\Classes\AllFileSystemObjects\ShellEx\ContextMenuHandlers\Advanced SystemCare => removed successfully
HKLM\Software\Classes\Directory\ShellEx\ContextMenuHandlers\AABdzCtx => removed successfully
HKLM\Software\Classes\Folder\ShellEx\ContextMenuHandlers\Adobe.Acrobat.ContextMenu => removed successfully
HKU\S-1-5-21-2253703465-1662604871-2040846708-1001\Software\Classes\*\ShellEx\ContextMenuHandlers\AABdzCtx => removed successfully
HKU\S-1-5-21-2253703465-1662604871-2040846708-1001\Software\Classes\Drive\ShellEx\ContextMenuHandlers\AABdzCtx => removed successfully
HKU\S-1-5-21-2253703465-1662604871-2040846708-1001\Software\Classes\Directory\ShellEx\ContextMenuHandlers\AABdzCtx => removed successfully
HKU\S-1-5-21-2253703465-1662604871-2040846708-1001\Software\Classes\.bat => removed successfully
HKU\S-1-5-21-2253703465-1662604871-2040846708-1001\Software\Classes\.cmd => removed successfully
C:\Windows\System32\Drivers\etc\hosts => moved successfully
Hosts restored successfully.

=========== EmptyTemp: ==========

FlushDNS => completed
BITS transfer queue => 0 B
DOMStore, IE Recovery, AppCache, Feeds Cache, Thumbcache, IconCache => 13743457 B
Java, Discord, Steam htmlcache, WinHttpAutoProxySvc/winhttp *.cache => 0 B
Windows/system/drivers => 12790 B
Edge => 0 B
Chrome => 0 B
Firefox => 0 B
Opera => 11084470 B

Temp, IE cache, history, cookies, recent:
Default => 0 B
ProgramData => 0 B
Public => 0 B
systemprofile => 0 B
systemprofile32 => 0 B
LocalService => 0 B
NetworkService => 1172 B
PC => 137043792 B

RecycleBin => 466724 B
EmptyTemp: => 154.8 MB temporary data Removed.

================================

The system needed a reboot.

==== End of Fixlog 12:04:30 ====

#4 Příspěvek od **Rudy** » 26 lis 2023 12:51

Smazáno. Šlo jen o zbytečnosti.

zdenek72 · #5 Příspěvek od **zdenek72** » 26 lis 2023 15:02

Díky mooc

#6 Příspěvek od **Rudy** » 26 lis 2023 16:08

Rádo se stalo!

VIRY.CZ

Prosím o kontrolu.

Prosím o kontrolu.

Re: Prosím o kontrolu.

Re: Prosím o kontrolu.

Re: Prosím o kontrolu.

Re: Prosím o kontrolu.

Re: Prosím o kontrolu.