Odvirování PC, zrychlení počítače, vzdálená pomoc prostřednictvím služby neslape.cz

Vyskakovací okno.

Máte problém s virem? Vložte sem log z FRST nebo RSIT.

Moderátor: Moderátoři

Pravidla fóra
Pokud chcete pomoc, vložte log z FRST [návod zde] nebo RSIT [návod zde]

Jednotlivé thready budou po vyřešení uzamčeny. Stejně tak ty, které budou nečinné déle než 14 dní. Vizte Pravidlo o zamykání témat. Děkujeme za pochopení.

!NOVINKA!
Nově lze využívat služby vzdálené pomoci, kdy se k vašemu počítači připojí odborník a bližší informace o problému si od vás získá telefonicky! Více na www.neslape.cz
Zamčeno
Zpráva
Autor
oplis
Návštěvník
Návštěvník
Příspěvky: 14
Registrován: 27 zář 2009 15:22

Vyskakovací okno.

#1 Příspěvek od oplis »

Ahoj.
Neustále mi vyskakuje okno se zprávou Autolt Error Viz foto
Obrázek
Takže předpokládám, že jde o virus.
Prosím tedy o kontrolu Logu. Děkuji.
Přílohy
Bez názvu.png
Bez názvu.png (19.98 KiB) Zobrazeno 498 x
Nahoru
oplis
Návštěvník
Návštěvník
Příspěvky: 14
Registrován: 27 zář 2009 15:22

Re: Vyskakovací okno.

#2 Příspěvek od oplis »

FRST.rar
(35.05 KiB) Staženo 25 x
Nahoru
Uživatelský avatar
Rudy
Site Admin
Site Admin
Příspěvky: 118275
Registrován: 30 říj 2003 13:42
Bydliště: Plzeň
Kontaktovat uživatele:
Kontaktovat uživatele Rudy

Re: Vyskakovací okno.

#3 Příspěvek od Rudy »

Zdravím!
Otevřte poznámkový blok a zkopírujte do něj:
Start

CloseProcesses:
HKLM-x32\...\Run: [seznam-listicka-distribuce] => C:\Program Files (x86)\Seznam.cz\distribution\szninstall.exe [1069296 2018-03-27] (Seznam.cz, a.s. -> )
HKLM-x32\...\Run: [SunJavaUpdateSched] => C:\Program Files (x86)\Common Files\Java\Java Update\jusched.exe [738936 2023-03-17] (Oracle America, Inc. -> Oracle Corporation)
HKLM-x32\...\Run: [GoogleDriveFS] => C:\Program Files\Google\Drive File Stream\57.0.5.0\GoogleDriveFS.exe --startup_mode (No File)
HKLM-x32\...\Run: [IObit Malware Fighter] => C:\Program Files (x86)\IObit\IObit Malware Fighter\IMF.exe [6984632 2023-04-06] (IObit CO., LTD -> IObit)
HKLM\SOFTWARE\Policies\Microsoft\Windows Defender: Restriction <==== ATTENTION
HKLM\SOFTWARE\Policies\Microsoft\MRT: Restriction <==== ATTENTION
HKLM\SOFTWARE\Policies\Microsoft\Windows Defender Security Center: Restriction <==== ATTENTION
HKU\S-1-5-19\...\Run: [GoogleDriveFS] => C:\Program Files\Google\Drive File Stream\65.0.4.0\GoogleDriveFS.exe --startup_mode (No File)
HKU\S-1-5-20\...\Run: [GoogleDriveFS] => C:\Program Files\Google\Drive File Stream\65.0.4.0\GoogleDriveFS.exe --startup_mode (No File)
HKU\S-1-5-21-3669646493-3408483959-2653820563-1001\...\Policies\Explorer: []
HKU\S-1-5-21-3669646493-3408483959-2653820563-1001\...\Policies\Explorer: [NolowDiskSpaceChecks] 1
HKU\S-1-5-21-3669646493-3408483959-2653820563-1001\...\MountPoints2: {14f1e8ee-5c1c-11eb-8fce-74c63b168c13} - "G:\HiSuiteDownLoader.exe"
HKU\S-1-5-21-3669646493-3408483959-2653820563-1001\...\MountPoints2: {28f865b6-63fe-11eb-8fe6-74c63b168c12} - "G:\HiSuiteDownLoader.exe"
HKU\S-1-5-21-3669646493-3408483959-2653820563-1001\...\MountPoints2: {322877ca-0952-11ec-9073-74c63b168c12} - "E:\HiSuiteDownLoader.exe"
HKU\S-1-5-21-3669646493-3408483959-2653820563-1001\...\MountPoints2: {5a01f2f7-5e58-11eb-8fd7-74c63b168c12} - "G:\HiSuiteDownLoader.exe"
HKU\S-1-5-21-3669646493-3408483959-2653820563-1001\...\MountPoints2: {5a01f373-5e58-11eb-8fd7-74c63b168c12} - "G:\HiSuiteDownLoader.exe"
HKU\S-1-5-21-3669646493-3408483959-2653820563-1001\...\MountPoints2: {600e5831-8e4c-11eb-9021-74c63b168c12} - "G:\HiSuiteDownLoader.exe"
HKU\S-1-5-21-3669646493-3408483959-2653820563-1001\...\MountPoints2: {6382d0e6-8cdc-11eb-9020-74c63b168c12} - "G:\HiSuiteDownLoader.exe"
HKU\S-1-5-21-3669646493-3408483959-2653820563-1001\...\MountPoints2: {72fdec61-8676-11ec-90e2-74c63b168c12} - "E:\HiSuiteDownLoader.exe"
HKU\S-1-5-21-3669646493-3408483959-2653820563-1001\...\MountPoints2: {75392adf-6949-11eb-8fec-74c63b168c12} - "G:\HiSuiteDownLoader.exe"
HKU\S-1-5-21-3669646493-3408483959-2653820563-1001\...\MountPoints2: {992393a3-0035-11ec-906d-74c63b168c12} - "E:\HiSuiteDownLoader.exe"
HKU\S-1-5-21-3669646493-3408483959-2653820563-1001\...\MountPoints2: {e9dc555d-4416-11ec-9098-9c5c8e504f90} - "E:\HiSuiteDownLoader.exe"
HKU\S-1-5-21-3669646493-3408483959-2653820563-1001\...\MountPoints2: {e9dc558b-4416-11ec-9098-9c5c8e504f90} - "E:\HiSuiteDownLoader.exe"
HKU\S-1-5-21-3669646493-3408483959-2653820563-1002\...\Run: [Advanced SystemCare Ultimate] => "C:\Program Files (x86)\IObit\Advanced SystemCare Ultimate\ASCTray.exe" /Auto (No File)
HKU\S-1-5-21-3669646493-3408483959-2653820563-1002\...\Policies\Explorer: []
HKU\S-1-5-21-3669646493-3408483959-2653820563-1002\...\MountPoints2: {e9dc555d-4416-11ec-9098-9c5c8e504f90} - "E:\HiSuiteDownLoader.exe"
HKU\S-1-5-21-3669646493-3408483959-2653820563-1002\...\MountPoints2: {e9dc558b-4416-11ec-9098-9c5c8e504f90} - "E:\HiSuiteDownLoader.exe"
HKU\S-1-5-21-3669646493-3408483959-2653820563-1003\...\Run: [Advanced SystemCare Ultimate] => "C:\Program Files (x86)\IObit\Advanced SystemCare Ultimate\ASCTray.exe" /Auto (No File)
HKU\S-1-5-21-3669646493-3408483959-2653820563-1003\...\MountPoints2: {72fdec61-8676-11ec-90e2-74c63b168c12} - "E:\HiSuiteDownLoader.exe"
HKU\S-1-5-21-3669646493-3408483959-2653820563-1004\...\Run: [Advanced SystemCare Ultimate] => "C:\Program Files (x86)\IObit\Advanced SystemCare Ultimate\ASCTray.exe" /Auto (No File)
HKU\S-1-5-21-3669646493-3408483959-2653820563-1004\...\MountPoints2: {5a01f2f7-5e58-11eb-8fd7-74c63b168c12} - "G:\HiSuiteDownLoader.exe"
HKU\S-1-5-21-3669646493-3408483959-2653820563-1004\...\MountPoints2: {5a01f373-5e58-11eb-8fd7-74c63b168c12} - "G:\HiSuiteDownLoader.exe"
HKU\S-1-5-18\...\Run: [GoogleDriveFS] => C:\Program Files\Google\Drive File Stream\65.0.4.0\GoogleDriveFS.exe --startup_mode (No File)
HKU\S-1-5-18\...\Run: [Advanced SystemCare] => "C:\Program Files (x86)\IObit\Advanced SystemCare\ASCTray.exe" /Auto (No File)
HKU\S-1-5-21-3669646493-3408483959-2653820563-1001\SOFTWARE\Policies\Google: Restriction <==== ATTENTION
HKU\.DEFAULT\SOFTWARE\Policies\Microsoft\Edge: Restriction <==== ATTENTION
Task: {0845149B-5E5B-4F3C-8C90-090C9F7E17E9} - System32\Tasks\ShECp\Dq6f => C:\Users\marti\AppData\Roaming\94559E5F2EA8AE74\srvrast.exe [947288 2023-05-27] (AutoIt Consulting Ltd -> AutoIt Team) -> "C:\Users\marti\AppData\Roaming\94559E5F2EA8AE74\srvrast.chm" <==== ATTENTION
Task: {45FC8B0B-4360-442A-9D06-66C396E0C173} - System32\Tasks\IMF_SkipUAC_lucia => C:\Program Files (x86)\IObit\IObit Malware Fighter\IMF.exe [6984632 2023-04-06] (IObit CO., LTD -> IObit)
Task: {563EEDE8-5B45-4463-A329-62012DD972DB} - System32\Tasks\Software Updater SkipUAC(lucia) => "C:\Program Files (x86)\IObit\Software Updater\SoftwareUpdater.exe" /SkipUac (No File) <==== ATTENTION
Task: {58BF1643-65BD-4DFC-B9B7-16E367D53FFE} - System32\Tasks\jixvpusabk => C:\Users\marti\AppData\Roaming\jixvpusabk\svcupdater.exe [2258432 2022-11-11] () [File not signed] <==== ATTENTION
Task: {5AEA67C6-C22C-4938-A9D2-C8626E62611E} - System32\Tasks\Software Updater SkipUAC(zuzan) => "C:\Program Files (x86)\IObit\Software Updater\SoftwareUpdater.exe" /SkipUac (No File) <==== ATTENTION
Task: {9268D27D-FEF5-4570-91DA-0A100EAA7181} - System32\Tasks\Software Updater SkipUAC(Administrator) => "C:\Program Files (x86)\IObit\Software Updater\SoftwareUpdater.exe" /SkipUac (No File) <==== ATTENTION
Task: {CF9482C6-1BE3-4677-91EC-1BEB5C9F072B} - System32\Tasks\EOSv3 Scheduler onTime => C:\Users\marti\AppData\Local\ESET\ESETOnlineScanner\ESETOnlineScanner.exe SCHED (No File)
Task: {E6A0DE18-D9D8-48CD-B5B5-D43F52A4AEB4} - System32\Tasks\Software Updater SkipUAC(simon) => "C:\Program Files (x86)\IObit\Software Updater\SoftwareUpdater.exe" /SkipUac (No File) <==== ATTENTION
HKLM\SOFTWARE\Policies\Microsoft\Internet Explorer: Restriction <==== ATTENTION
S3 cpuz145; no ImagePath
S3 cpuz152; no ImagePath
R3 Imf8HpRegFilter; C:\Program Files (x86)\IObit\IObit Malware Fighter\drivers\win10_amd64\ImfHpRegFilter.sys [41848 2022-10-24] (IObit Information Technology -> IObit)
R1 IMFCameraProtect; C:\Windows\system32\drivers\IMFCameraProtect.sys [42360 2022-10-24] (IObit Information Technology -> IObit)
R3 IMFDownProtect; C:\Program Files (x86)\IObit\IObit Malware Fighter\drivers\win10_amd64\IMFDownProtect.sys [40920 2022-10-24] (IObit CO., LTD -> IObit)
R3 IMFEFSFileControl; C:\Program Files (x86)\IObit\IObit Malware Fighter\drivers\win10_amd64\IMFEFSFileControl.sys [40824 2022-10-24] (IObit Information Technology -> IObit)
R3 IMFForceDelete123; C:\Program Files (x86)\IObit\IObit Malware Fighter\drivers\win10_amd64\IMFForceDelete.sys [20008 2022-10-24] (Microsoft Windows Hardware Compatibility Publisher -> IObit)
R3 ImfHpFileFilter; C:\Program Files (x86)\IObit\IObit Malware Fighter\drivers\win10_amd64\ImfHpFileFilter.sys [45432 2022-10-24] (IObit Information Technology -> IObit)
R3 ImfObCallback; C:\Program Files (x86)\IObit\IObit Malware Fighter\drivers\win10_amd64\ImfObCallback.sys [33984 2022-10-24] (IObit Information Technology -> IObit)
R3 ImfRealScanner; C:\Program Files (x86)\IObit\IObit Malware Fighter\drivers\win10_amd64\ImfRealScanner.sys [53232 2022-10-24] (IObit CO., LTD -> IObit)
R3 ImfRegistryFilter; C:\Program Files (x86)\IObit\IObit Malware Fighter\drivers\win10_amd64\ImfRegistryFilter.sys [42360 2022-10-24] (IObit Information Technology -> IObit)
R3 IUFileFilter; C:\Program Files (x86)\IObit\IObit Uninstaller\drivers\win10_amd64\IUFileFilter.sys [43896 2023-01-13] (IObit Information Technology -> IObit)
R3 IUProcessFilter; C:\Program Files (x86)\IObit\IObit Uninstaller\drivers\win10_amd64\IUProcessFilter.sys [37112 2023-01-13] (IObit Information Technology -> IObit)
R3 IURegistryFilter; C:\Program Files (x86)\IObit\IObit Uninstaller\drivers\win10_amd64\IURegistryFilter.sys [51128 2023-01-13] (IObit Information Technology -> IObit)
U4 Sense; no ImagePath
C:\Windows\system32\Tasks\GoogleUpdateTaskMachineUA
C:\Windows\system32\Tasks\GoogleUpdateTaskMachineCore
C:\Program Files (x86)\IObit
hellIconOverlayIdentifiers: [ IMFSafeBox] -> {0BB81440-5F42-4480-A5F7-770A6F439FC8} => C:\Program Files (x86)\IObit\IObit Malware Fighter\IMFShellExt.dll [2022-10-24] (IObit Information Technology -> IObit)
ContextMenuHandlers1: [DriveFS 28 or later] -> [CC]{EE15C2BD-CECB-49F8-A113-CA1BFC528F5B} => -> No File
ContextMenuHandlers1: [GDContextMenu] -> [CC]{BB02B294-8425-42E5-983F-41A1FA970CD6} => -> No File
ContextMenuHandlers1: [IObit Malware Fighter] -> {0BB81440-5F42-4480-A5F7-770A6F439FC8} => C:\Program Files (x86)\IObit\IObit Malware Fighter\IMFShellExt.dll [2022-10-24] (IObit Information Technology -> IObit)
ContextMenuHandlers1: [IObitUninstaller] -> {836AB26C-2DE4-41D3-AC24-4C6C2699B960} => C:\Program Files (x86)\IObit\IObit Uninstaller\IUMenuRight.dll [2022-10-20] (IObit CO., LTD -> IObit)
ContextMenuHandlers1: [IObitUnstaler] -> [CC]{836AB26C-2DE4-41D3-AC24-4C6C2699B960} => -> No File
ContextMenuHandlers1: [SmartDefragExtension] -> {189F1E63-33A7-404B-B2F6-8C76A452CC54} => C:\Windows\System32\IObitSmartDefragExtension.dll -> No File
ContextMenuHandlers4: [IObit Malware Fighter] -> {0BB81440-5F42-4480-A5F7-770A6F439FC8} => C:\Program Files (x86)\IObit\IObit Malware Fighter\IMFShellExt.dll [2022-10-24] (IObit Information Technology -> IObit)
ContextMenuHandlers4: [IObitUninstaller] -> {836AB26C-2DE4-41D3-AC24-4C6C2699B960} => C:\Program Files (x86)\IObit\IObit Uninstaller\IUMenuRight.dll [2022-10-20] (IObit CO., LTD -> IObit)
ContextMenuHandlers6: [IObit Malware Fighter] -> {0BB81440-5F42-4480-A5F7-770A6F439FC8} => C:\Program Files (x86)\IObit\IObit Malware Fighter\IMFShellExt.dll [2022-10-24] (IObit Information Technology -> IObit)
ContextMenuHandlers6: [IObitUninstaller] -> {836AB26C-2DE4-41D3-AC24-4C6C2699B960} => C:\Program Files (x86)\IObit\IObit Uninstaller\IUMenuRight.dll [2022-10-20] (IObit CO., LTD -> IObit)
ContextMenuHandlers6: [IObitUnstaler] -> {836AB26C-2DE4-41D3-AC24-4C6C2699B960} => C:\Program Files (x86)\IObit\IObit Uninstaller\IUMenuRight.dll [2022-10-20] (IObit CO., LTD -> IObit)
ContextMenuHandlers6: [SmartDefragExtension] -> {189F1E63-33A7-404B-B2F6-8C76A452CC54} => C:\Windows\System32\IObitSmartDefragExtension.dll -> No File
AlternateDataStreams: C:\ProgramData:3BBE1C506855CC24 [217]
AlternateDataStreams: C:\ProgramData:err [1840]
AlternateDataStreams: C:\Users\All Users:3BBE1C506855CC24 [217]
AlternateDataStreams: C:\Users\All Users:err [1840]
AlternateDataStreams: C:\ProgramData\Data aplikací:3BBE1C506855CC24 [217]
AlternateDataStreams: C:\ProgramData\Data aplikací:err [1840]
AlternateDataStreams: C:\Users\Public\Shared Files:VersionCache [4700]
BHO-x32: IObit Surfing Protection -> {BA0C978D-D909-49B6-AFE2-8BDE245DC7E6} -> C:\Program Files (x86)\IObit\IObit Malware Fighter\Surfing Protection\BrowerProtect\ASCPlugin_Protection.dll [2022-06-18] (IObit CO., LTD -> IObit)
FirewallRules: [{14B70805-D81A-43A0-AC07-C26BF47FBAD1}] => (Allow) C:\Users\marti\AppData\Local\Programs\Opera\97.0.4719.26\opera.exe => No File
FirewallRules: [{53227906-96AD-4A9E-A88D-8B329AFC99D7}] => (Allow) C:\Users\marti\AppData\Local\Programs\Opera\98.0.4759.6\opera.exe => No File
FirewallRules: [{C6967AE9-B974-42D7-B55E-C982870A2C3B}] => (Allow) C:\Users\marti\AppData\Local\Programs\Opera\98.0.4759.6_0\opera.exe => No File
FirewallRules: [{0FE734DC-19F7-4C71-8441-7CE6FCA03BE2}] => (Allow) C:\Program Files\WindowsApps\Microsoft.SkypeApp_15.97.3404.0_x64__kzf8qxf38zg5c\Skype\Skype.exe => No File
FirewallRules: [{15257344-F483-4E95-B1FC-85B601BD7D5F}] => (Allow) C:\Program Files\WindowsApps\Microsoft.SkypeApp_15.97.3404.0_x64__kzf8qxf38zg5c\Skype\Skype.exe => No File
FirewallRules: [{6B9D46DA-EE27-4C7E-B3DE-D6EEA499D6D9}] => (Allow) C:\Program Files\WindowsApps\Microsoft.SkypeApp_15.97.3404.0_x64__kzf8qxf38zg5c\Skype\Skype.exe => No File
FirewallRules: [{0C97DAA9-107F-48A1-AD5C-37D401BF2A9E}] => (Allow) C:\Program Files\WindowsApps\Microsoft.SkypeApp_15.97.3404.0_x64__kzf8qxf38zg5c\Skype\Skype.exe => No File
Startup: C:\Users\marti\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup\Sidebar658.lnk [2023-01-19]
Startup: C:\Users\zuzan\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup\Sidebar305.lnk [2022-06-28]

EmptyTemp:
Hosts:
End
Uložte na plochu jako fixlist.txt. Spusťte znovu FRST a klikněte na >Fix<. Po skončení akce se objeví log, který sem zkopírujte.
Dotazy a logy vkládejte pouze do vašich threadů. Soukromé zprávy, icq a e-maily neslouží k řešení vašich problémů.

Podpořte, prosím, naše fórum : https://platba.viry.cz/payment/.

Navštivte: Obrázek

e-mail: rudy(zavináč)forum.viry.cz

Varování: Před odvirováním PC si udělejte zálohy svých důležitých dat (pošta, kontakty, dokumenty, fotografie, videa, hudba apod.). Virus mimo svých "viditelných" aktivit může poškodit systém!


Po dořešení vašeho problému bude vlákno zamknuto. Stejně tak tehdy, pokud bude nečinné více než 14dnů. Pokud budete chtít vlákno aktivovat, napište mi na mail uvedený výše.
Nahoru
oplis
Návštěvník
Návštěvník
Příspěvky: 14
Registrován: 27 zář 2009 15:22

Re: Vyskakovací okno.

#4 Příspěvek od oplis »

Fix result of Farbar Recovery Scan Tool (x64) Version: 29-05-2023
Ran by marti (01-06-2023 16:32:21) Run:1
Running from C:\Users\marti\Desktop
Loaded Profiles: marti & simon & lucia & zuzan
Boot Mode: Normal
==============================================

fixlist content:
*****************
Start

CloseProcesses:
HKLM-x32\...\Run: [seznam-listicka-distribuce] => C:\Program Files (x86)\Seznam.cz\distribution\szninstall.exe [1069296 2018-03-27] (Seznam.cz, a.s. -> )
HKLM-x32\...\Run: [SunJavaUpdateSched] => C:\Program Files (x86)\Common Files\Java\Java Update\jusched.exe [738936 2023-03-17] (Oracle America, Inc. -> Oracle Corporation)
HKLM-x32\...\Run: [GoogleDriveFS] => C:\Program Files\Google\Drive File Stream\57.0.5.0\GoogleDriveFS.exe --startup_mode (No File)
HKLM-x32\...\Run: [IObit Malware Fighter] => C:\Program Files (x86)\IObit\IObit Malware Fighter\IMF.exe [6984632 2023-04-06] (IObit CO., LTD -> IObit)
HKLM\SOFTWARE\Policies\Microsoft\Windows Defender: Restriction <==== ATTENTION
HKLM\SOFTWARE\Policies\Microsoft\MRT: Restriction <==== ATTENTION
HKLM\SOFTWARE\Policies\Microsoft\Windows Defender Security Center: Restriction <==== ATTENTION
HKU\S-1-5-19\...\Run: [GoogleDriveFS] => C:\Program Files\Google\Drive File Stream\65.0.4.0\GoogleDriveFS.exe --startup_mode (No File)
HKU\S-1-5-20\...\Run: [GoogleDriveFS] => C:\Program Files\Google\Drive File Stream\65.0.4.0\GoogleDriveFS.exe --startup_mode (No File)
HKU\S-1-5-21-3669646493-3408483959-2653820563-1001\...\Policies\Explorer: []
HKU\S-1-5-21-3669646493-3408483959-2653820563-1001\...\Policies\Explorer: [NolowDiskSpaceChecks] 1
HKU\S-1-5-21-3669646493-3408483959-2653820563-1001\...\MountPoints2: {14f1e8ee-5c1c-11eb-8fce-74c63b168c13} - "G:\HiSuiteDownLoader.exe"
HKU\S-1-5-21-3669646493-3408483959-2653820563-1001\...\MountPoints2: {28f865b6-63fe-11eb-8fe6-74c63b168c12} - "G:\HiSuiteDownLoader.exe"
HKU\S-1-5-21-3669646493-3408483959-2653820563-1001\...\MountPoints2: {322877ca-0952-11ec-9073-74c63b168c12} - "E:\HiSuiteDownLoader.exe"
HKU\S-1-5-21-3669646493-3408483959-2653820563-1001\...\MountPoints2: {5a01f2f7-5e58-11eb-8fd7-74c63b168c12} - "G:\HiSuiteDownLoader.exe"
HKU\S-1-5-21-3669646493-3408483959-2653820563-1001\...\MountPoints2: {5a01f373-5e58-11eb-8fd7-74c63b168c12} - "G:\HiSuiteDownLoader.exe"
HKU\S-1-5-21-3669646493-3408483959-2653820563-1001\...\MountPoints2: {600e5831-8e4c-11eb-9021-74c63b168c12} - "G:\HiSuiteDownLoader.exe"
HKU\S-1-5-21-3669646493-3408483959-2653820563-1001\...\MountPoints2: {6382d0e6-8cdc-11eb-9020-74c63b168c12} - "G:\HiSuiteDownLoader.exe"
HKU\S-1-5-21-3669646493-3408483959-2653820563-1001\...\MountPoints2: {72fdec61-8676-11ec-90e2-74c63b168c12} - "E:\HiSuiteDownLoader.exe"
HKU\S-1-5-21-3669646493-3408483959-2653820563-1001\...\MountPoints2: {75392adf-6949-11eb-8fec-74c63b168c12} - "G:\HiSuiteDownLoader.exe"
HKU\S-1-5-21-3669646493-3408483959-2653820563-1001\...\MountPoints2: {992393a3-0035-11ec-906d-74c63b168c12} - "E:\HiSuiteDownLoader.exe"
HKU\S-1-5-21-3669646493-3408483959-2653820563-1001\...\MountPoints2: {e9dc555d-4416-11ec-9098-9c5c8e504f90} - "E:\HiSuiteDownLoader.exe"
HKU\S-1-5-21-3669646493-3408483959-2653820563-1001\...\MountPoints2: {e9dc558b-4416-11ec-9098-9c5c8e504f90} - "E:\HiSuiteDownLoader.exe"
HKU\S-1-5-21-3669646493-3408483959-2653820563-1002\...\Run: [Advanced SystemCare Ultimate] => "C:\Program Files (x86)\IObit\Advanced SystemCare Ultimate\ASCTray.exe" /Auto (No File)
HKU\S-1-5-21-3669646493-3408483959-2653820563-1002\...\Policies\Explorer: []
HKU\S-1-5-21-3669646493-3408483959-2653820563-1002\...\MountPoints2: {e9dc555d-4416-11ec-9098-9c5c8e504f90} - "E:\HiSuiteDownLoader.exe"
HKU\S-1-5-21-3669646493-3408483959-2653820563-1002\...\MountPoints2: {e9dc558b-4416-11ec-9098-9c5c8e504f90} - "E:\HiSuiteDownLoader.exe"
HKU\S-1-5-21-3669646493-3408483959-2653820563-1003\...\Run: [Advanced SystemCare Ultimate] => "C:\Program Files (x86)\IObit\Advanced SystemCare Ultimate\ASCTray.exe" /Auto (No File)
HKU\S-1-5-21-3669646493-3408483959-2653820563-1003\...\MountPoints2: {72fdec61-8676-11ec-90e2-74c63b168c12} - "E:\HiSuiteDownLoader.exe"
HKU\S-1-5-21-3669646493-3408483959-2653820563-1004\...\Run: [Advanced SystemCare Ultimate] => "C:\Program Files (x86)\IObit\Advanced SystemCare Ultimate\ASCTray.exe" /Auto (No File)
HKU\S-1-5-21-3669646493-3408483959-2653820563-1004\...\MountPoints2: {5a01f2f7-5e58-11eb-8fd7-74c63b168c12} - "G:\HiSuiteDownLoader.exe"
HKU\S-1-5-21-3669646493-3408483959-2653820563-1004\...\MountPoints2: {5a01f373-5e58-11eb-8fd7-74c63b168c12} - "G:\HiSuiteDownLoader.exe"
HKU\S-1-5-18\...\Run: [GoogleDriveFS] => C:\Program Files\Google\Drive File Stream\65.0.4.0\GoogleDriveFS.exe --startup_mode (No File)
HKU\S-1-5-18\...\Run: [Advanced SystemCare] => "C:\Program Files (x86)\IObit\Advanced SystemCare\ASCTray.exe" /Auto (No File)
HKU\S-1-5-21-3669646493-3408483959-2653820563-1001\SOFTWARE\Policies\Google: Restriction <==== ATTENTION
HKU\.DEFAULT\SOFTWARE\Policies\Microsoft\Edge: Restriction <==== ATTENTION
Task: {0845149B-5E5B-4F3C-8C90-090C9F7E17E9} - System32\Tasks\ShECp\Dq6f => C:\Users\marti\AppData\Roaming\94559E5F2EA8AE74\srvrast.exe [947288 2023-05-27] (AutoIt Consulting Ltd -> AutoIt Team) -> "C:\Users\marti\AppData\Roaming\94559E5F2EA8AE74\srvrast.chm" <==== ATTENTION
Task: {45FC8B0B-4360-442A-9D06-66C396E0C173} - System32\Tasks\IMF_SkipUAC_lucia => C:\Program Files (x86)\IObit\IObit Malware Fighter\IMF.exe [6984632 2023-04-06] (IObit CO., LTD -> IObit)
Task: {563EEDE8-5B45-4463-A329-62012DD972DB} - System32\Tasks\Software Updater SkipUAC(lucia) => "C:\Program Files (x86)\IObit\Software Updater\SoftwareUpdater.exe" /SkipUac (No File) <==== ATTENTION
Task: {58BF1643-65BD-4DFC-B9B7-16E367D53FFE} - System32\Tasks\jixvpusabk => C:\Users\marti\AppData\Roaming\jixvpusabk\svcupdater.exe [2258432 2022-11-11] () [File not signed] <==== ATTENTION
Task: {5AEA67C6-C22C-4938-A9D2-C8626E62611E} - System32\Tasks\Software Updater SkipUAC(zuzan) => "C:\Program Files (x86)\IObit\Software Updater\SoftwareUpdater.exe" /SkipUac (No File) <==== ATTENTION
Task: {9268D27D-FEF5-4570-91DA-0A100EAA7181} - System32\Tasks\Software Updater SkipUAC(Administrator) => "C:\Program Files (x86)\IObit\Software Updater\SoftwareUpdater.exe" /SkipUac (No File) <==== ATTENTION
Task: {CF9482C6-1BE3-4677-91EC-1BEB5C9F072B} - System32\Tasks\EOSv3 Scheduler onTime => C:\Users\marti\AppData\Local\ESET\ESETOnlineScanner\ESETOnlineScanner.exe SCHED (No File)
Task: {E6A0DE18-D9D8-48CD-B5B5-D43F52A4AEB4} - System32\Tasks\Software Updater SkipUAC(simon) => "C:\Program Files (x86)\IObit\Software Updater\SoftwareUpdater.exe" /SkipUac (No File) <==== ATTENTION
HKLM\SOFTWARE\Policies\Microsoft\Internet Explorer: Restriction <==== ATTENTION
S3 cpuz145; no ImagePath
S3 cpuz152; no ImagePath
R3 Imf8HpRegFilter; C:\Program Files (x86)\IObit\IObit Malware Fighter\drivers\win10_amd64\ImfHpRegFilter.sys [41848 2022-10-24] (IObit Information Technology -> IObit)
R1 IMFCameraProtect; C:\Windows\system32\drivers\IMFCameraProtect.sys [42360 2022-10-24] (IObit Information Technology -> IObit)
R3 IMFDownProtect; C:\Program Files (x86)\IObit\IObit Malware Fighter\drivers\win10_amd64\IMFDownProtect.sys [40920 2022-10-24] (IObit CO., LTD -> IObit)
R3 IMFEFSFileControl; C:\Program Files (x86)\IObit\IObit Malware Fighter\drivers\win10_amd64\IMFEFSFileControl.sys [40824 2022-10-24] (IObit Information Technology -> IObit)
R3 IMFForceDelete123; C:\Program Files (x86)\IObit\IObit Malware Fighter\drivers\win10_amd64\IMFForceDelete.sys [20008 2022-10-24] (Microsoft Windows Hardware Compatibility Publisher -> IObit)
R3 ImfHpFileFilter; C:\Program Files (x86)\IObit\IObit Malware Fighter\drivers\win10_amd64\ImfHpFileFilter.sys [45432 2022-10-24] (IObit Information Technology -> IObit)
R3 ImfObCallback; C:\Program Files (x86)\IObit\IObit Malware Fighter\drivers\win10_amd64\ImfObCallback.sys [33984 2022-10-24] (IObit Information Technology -> IObit)
R3 ImfRealScanner; C:\Program Files (x86)\IObit\IObit Malware Fighter\drivers\win10_amd64\ImfRealScanner.sys [53232 2022-10-24] (IObit CO., LTD -> IObit)
R3 ImfRegistryFilter; C:\Program Files (x86)\IObit\IObit Malware Fighter\drivers\win10_amd64\ImfRegistryFilter.sys [42360 2022-10-24] (IObit Information Technology -> IObit)
R3 IUFileFilter; C:\Program Files (x86)\IObit\IObit Uninstaller\drivers\win10_amd64\IUFileFilter.sys [43896 2023-01-13] (IObit Information Technology -> IObit)
R3 IUProcessFilter; C:\Program Files (x86)\IObit\IObit Uninstaller\drivers\win10_amd64\IUProcessFilter.sys [37112 2023-01-13] (IObit Information Technology -> IObit)
R3 IURegistryFilter; C:\Program Files (x86)\IObit\IObit Uninstaller\drivers\win10_amd64\IURegistryFilter.sys [51128 2023-01-13] (IObit Information Technology -> IObit)
U4 Sense; no ImagePath
C:\Windows\system32\Tasks\GoogleUpdateTaskMachineUA
C:\Windows\system32\Tasks\GoogleUpdateTaskMachineCore
C:\Program Files (x86)\IObit
hellIconOverlayIdentifiers: [ IMFSafeBox] -> {0BB81440-5F42-4480-A5F7-770A6F439FC8} => C:\Program Files (x86)\IObit\IObit Malware Fighter\IMFShellExt.dll [2022-10-24] (IObit Information Technology -> IObit)
ContextMenuHandlers1: [DriveFS 28 or later] -> [CC]{EE15C2BD-CECB-49F8-A113-CA1BFC528F5B} => -> No File
ContextMenuHandlers1: [GDContextMenu] -> [CC]{BB02B294-8425-42E5-983F-41A1FA970CD6} => -> No File
ContextMenuHandlers1: [IObit Malware Fighter] -> {0BB81440-5F42-4480-A5F7-770A6F439FC8} => C:\Program Files (x86)\IObit\IObit Malware Fighter\IMFShellExt.dll [2022-10-24] (IObit Information Technology -> IObit)
ContextMenuHandlers1: [IObitUninstaller] -> {836AB26C-2DE4-41D3-AC24-4C6C2699B960} => C:\Program Files (x86)\IObit\IObit Uninstaller\IUMenuRight.dll [2022-10-20] (IObit CO., LTD -> IObit)
ContextMenuHandlers1: [IObitUnstaler] -> [CC]{836AB26C-2DE4-41D3-AC24-4C6C2699B960} => -> No File
ContextMenuHandlers1: [SmartDefragExtension] -> {189F1E63-33A7-404B-B2F6-8C76A452CC54} => C:\Windows\System32\IObitSmartDefragExtension.dll -> No File
ContextMenuHandlers4: [IObit Malware Fighter] -> {0BB81440-5F42-4480-A5F7-770A6F439FC8} => C:\Program Files (x86)\IObit\IObit Malware Fighter\IMFShellExt.dll [2022-10-24] (IObit Information Technology -> IObit)
ContextMenuHandlers4: [IObitUninstaller] -> {836AB26C-2DE4-41D3-AC24-4C6C2699B960} => C:\Program Files (x86)\IObit\IObit Uninstaller\IUMenuRight.dll [2022-10-20] (IObit CO., LTD -> IObit)
ContextMenuHandlers6: [IObit Malware Fighter] -> {0BB81440-5F42-4480-A5F7-770A6F439FC8} => C:\Program Files (x86)\IObit\IObit Malware Fighter\IMFShellExt.dll [2022-10-24] (IObit Information Technology -> IObit)
ContextMenuHandlers6: [IObitUninstaller] -> {836AB26C-2DE4-41D3-AC24-4C6C2699B960} => C:\Program Files (x86)\IObit\IObit Uninstaller\IUMenuRight.dll [2022-10-20] (IObit CO., LTD -> IObit)
ContextMenuHandlers6: [IObitUnstaler] -> {836AB26C-2DE4-41D3-AC24-4C6C2699B960} => C:\Program Files (x86)\IObit\IObit Uninstaller\IUMenuRight.dll [2022-10-20] (IObit CO., LTD -> IObit)
ContextMenuHandlers6: [SmartDefragExtension] -> {189F1E63-33A7-404B-B2F6-8C76A452CC54} => C:\Windows\System32\IObitSmartDefragExtension.dll -> No File
AlternateDataStreams: C:\ProgramData:3BBE1C506855CC24 [217]
AlternateDataStreams: C:\ProgramData:err [1840]
AlternateDataStreams: C:\Users\All Users:3BBE1C506855CC24 [217]
AlternateDataStreams: C:\Users\All Users:err [1840]
AlternateDataStreams: C:\ProgramData\Data aplikací:3BBE1C506855CC24 [217]
AlternateDataStreams: C:\ProgramData\Data aplikací:err [1840]
AlternateDataStreams: C:\Users\Public\Shared Files:VersionCache [4700]
BHO-x32: IObit Surfing Protection -> {BA0C978D-D909-49B6-AFE2-8BDE245DC7E6} -> C:\Program Files (x86)\IObit\IObit Malware Fighter\Surfing Protection\BrowerProtect\ASCPlugin_Protection.dll [2022-06-18] (IObit CO., LTD -> IObit)
FirewallRules: [{14B70805-D81A-43A0-AC07-C26BF47FBAD1}] => (Allow) C:\Users\marti\AppData\Local\Programs\Opera\97.0.4719.26\opera.exe => No File
FirewallRules: [{53227906-96AD-4A9E-A88D-8B329AFC99D7}] => (Allow) C:\Users\marti\AppData\Local\Programs\Opera\98.0.4759.6\opera.exe => No File
FirewallRules: [{C6967AE9-B974-42D7-B55E-C982870A2C3B}] => (Allow) C:\Users\marti\AppData\Local\Programs\Opera\98.0.4759.6_0\opera.exe => No File
FirewallRules: [{0FE734DC-19F7-4C71-8441-7CE6FCA03BE2}] => (Allow) C:\Program Files\WindowsApps\Microsoft.SkypeApp_15.97.3404.0_x64__kzf8qxf38zg5c\Skype\Skype.exe => No File
FirewallRules: [{15257344-F483-4E95-B1FC-85B601BD7D5F}] => (Allow) C:\Program Files\WindowsApps\Microsoft.SkypeApp_15.97.3404.0_x64__kzf8qxf38zg5c\Skype\Skype.exe => No File
FirewallRules: [{6B9D46DA-EE27-4C7E-B3DE-D6EEA499D6D9}] => (Allow) C:\Program Files\WindowsApps\Microsoft.SkypeApp_15.97.3404.0_x64__kzf8qxf38zg5c\Skype\Skype.exe => No File
FirewallRules: [{0C97DAA9-107F-48A1-AD5C-37D401BF2A9E}] => (Allow) C:\Program Files\WindowsApps\Microsoft.SkypeApp_15.97.3404.0_x64__kzf8qxf38zg5c\Skype\Skype.exe => No File
Startup: C:\Users\marti\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup\Sidebar658.lnk [2023-01-19]
Startup: C:\Users\zuzan\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup\Sidebar305.lnk [2022-06-28]

EmptyTemp:
Hosts:
End
*****************

Processes closed successfully.
"HKLM\Software\WOW6432Node\Microsoft\Windows\CurrentVersion\Run\\seznam-listicka-distribuce" => removed successfully
"HKLM\Software\WOW6432Node\Microsoft\Windows\CurrentVersion\Run\\SunJavaUpdateSched" => removed successfully
"HKLM\Software\WOW6432Node\Microsoft\Windows\CurrentVersion\Run\\GoogleDriveFS" => removed successfully
"HKLM\Software\WOW6432Node\Microsoft\Windows\CurrentVersion\Run\\IObit Malware Fighter" => removed successfully
HKLM\SOFTWARE\Policies\Microsoft\Windows Defender => removed successfully
HKLM\SOFTWARE\Policies\Microsoft\MRT => removed successfully
HKLM\SOFTWARE\Policies\Microsoft\Windows Defender Security Center => removed successfully
"HKU\S-1-5-19\Software\Microsoft\Windows\CurrentVersion\Run\\GoogleDriveFS" => removed successfully
"HKU\S-1-5-20\Software\Microsoft\Windows\CurrentVersion\Run\\GoogleDriveFS" => removed successfully
"HKU\S-1-5-21-3669646493-3408483959-2653820563-1001\Software\Microsoft\Windows\CurrentVersion\Policies\Explorer\\" => removed successfully
"HKU\S-1-5-21-3669646493-3408483959-2653820563-1001\Software\Microsoft\Windows\CurrentVersion\Policies\Explorer\\NolowDiskSpaceChecks" => removed successfully
HKU\S-1-5-21-3669646493-3408483959-2653820563-1001\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\MountPoints2\{14f1e8ee-5c1c-11eb-8fce-74c63b168c13} => removed successfully
HKU\S-1-5-21-3669646493-3408483959-2653820563-1001\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\MountPoints2\{28f865b6-63fe-11eb-8fe6-74c63b168c12} => removed successfully
HKU\S-1-5-21-3669646493-3408483959-2653820563-1001\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\MountPoints2\{322877ca-0952-11ec-9073-74c63b168c12} => removed successfully
HKU\S-1-5-21-3669646493-3408483959-2653820563-1001\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\MountPoints2\{5a01f2f7-5e58-11eb-8fd7-74c63b168c12} => removed successfully
HKU\S-1-5-21-3669646493-3408483959-2653820563-1001\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\MountPoints2\{5a01f373-5e58-11eb-8fd7-74c63b168c12} => removed successfully
HKU\S-1-5-21-3669646493-3408483959-2653820563-1001\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\MountPoints2\{600e5831-8e4c-11eb-9021-74c63b168c12} => removed successfully
HKU\S-1-5-21-3669646493-3408483959-2653820563-1001\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\MountPoints2\{6382d0e6-8cdc-11eb-9020-74c63b168c12} => removed successfully
HKU\S-1-5-21-3669646493-3408483959-2653820563-1001\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\MountPoints2\{72fdec61-8676-11ec-90e2-74c63b168c12} => removed successfully
HKU\S-1-5-21-3669646493-3408483959-2653820563-1001\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\MountPoints2\{75392adf-6949-11eb-8fec-74c63b168c12} => removed successfully
HKU\S-1-5-21-3669646493-3408483959-2653820563-1001\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\MountPoints2\{992393a3-0035-11ec-906d-74c63b168c12} => removed successfully
HKU\S-1-5-21-3669646493-3408483959-2653820563-1001\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\MountPoints2\{e9dc555d-4416-11ec-9098-9c5c8e504f90} => removed successfully
HKU\S-1-5-21-3669646493-3408483959-2653820563-1001\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\MountPoints2\{e9dc558b-4416-11ec-9098-9c5c8e504f90} => removed successfully
"HKU\S-1-5-21-3669646493-3408483959-2653820563-1002\Software\Microsoft\Windows\CurrentVersion\Run\\Advanced SystemCare Ultimate" => removed successfully
"HKU\S-1-5-21-3669646493-3408483959-2653820563-1002\Software\Microsoft\Windows\CurrentVersion\Policies\Explorer\\" => removed successfully
HKU\S-1-5-21-3669646493-3408483959-2653820563-1002\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\MountPoints2\{e9dc555d-4416-11ec-9098-9c5c8e504f90} => removed successfully
HKU\S-1-5-21-3669646493-3408483959-2653820563-1002\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\MountPoints2\{e9dc558b-4416-11ec-9098-9c5c8e504f90} => removed successfully
"HKU\S-1-5-21-3669646493-3408483959-2653820563-1003\Software\Microsoft\Windows\CurrentVersion\Run\\Advanced SystemCare Ultimate" => removed successfully
HKU\S-1-5-21-3669646493-3408483959-2653820563-1003\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\MountPoints2\{72fdec61-8676-11ec-90e2-74c63b168c12} => removed successfully
"HKU\S-1-5-21-3669646493-3408483959-2653820563-1004\Software\Microsoft\Windows\CurrentVersion\Run\\Advanced SystemCare Ultimate" => removed successfully
HKU\S-1-5-21-3669646493-3408483959-2653820563-1004\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\MountPoints2\{5a01f2f7-5e58-11eb-8fd7-74c63b168c12} => removed successfully
HKU\S-1-5-21-3669646493-3408483959-2653820563-1004\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\MountPoints2\{5a01f373-5e58-11eb-8fd7-74c63b168c12} => removed successfully
"HKU\S-1-5-18\Software\Microsoft\Windows\CurrentVersion\Run\\GoogleDriveFS" => removed successfully
"HKU\S-1-5-18\Software\Microsoft\Windows\CurrentVersion\Run\\Advanced SystemCare" => removed successfully
HKU\S-1-5-21-3669646493-3408483959-2653820563-1001\SOFTWARE\Policies\Google => removed successfully
HKU\.DEFAULT\SOFTWARE\Policies\Microsoft\Edge => removed successfully
"HKLM\Software\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Plain\{0845149B-5E5B-4F3C-8C90-090C9F7E17E9}" => removed successfully
"HKLM\Software\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tasks\{0845149B-5E5B-4F3C-8C90-090C9F7E17E9}" => removed successfully
C:\Windows\System32\Tasks\ShECp\Dq6f => moved successfully
"HKLM\Software\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tree\ShECp\Dq6f" => removed successfully
"HKLM\Software\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Plain\{45FC8B0B-4360-442A-9D06-66C396E0C173}" => removed successfully
"HKLM\Software\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tasks\{45FC8B0B-4360-442A-9D06-66C396E0C173}" => removed successfully
C:\Windows\System32\Tasks\IMF_SkipUAC_lucia => moved successfully
"HKLM\Software\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tree\IMF_SkipUAC_lucia" => removed successfully
"HKLM\Software\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Plain\{563EEDE8-5B45-4463-A329-62012DD972DB}" => removed successfully
"HKLM\Software\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tasks\{563EEDE8-5B45-4463-A329-62012DD972DB}" => removed successfully
C:\Windows\System32\Tasks\Software Updater SkipUAC(lucia) => moved successfully
"HKLM\Software\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tree\Software Updater SkipUAC(lucia)" => removed successfully
"HKLM\Software\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Plain\{58BF1643-65BD-4DFC-B9B7-16E367D53FFE}" => removed successfully
"HKLM\Software\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tasks\{58BF1643-65BD-4DFC-B9B7-16E367D53FFE}" => removed successfully
C:\Windows\System32\Tasks\jixvpusabk => moved successfully
"HKLM\Software\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tree\jixvpusabk" => removed successfully
"HKLM\Software\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Plain\{5AEA67C6-C22C-4938-A9D2-C8626E62611E}" => removed successfully
"HKLM\Software\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tasks\{5AEA67C6-C22C-4938-A9D2-C8626E62611E}" => removed successfully
C:\Windows\System32\Tasks\Software Updater SkipUAC(zuzan) => moved successfully
"HKLM\Software\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tree\Software Updater SkipUAC(zuzan)" => removed successfully
"HKLM\Software\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Plain\{9268D27D-FEF5-4570-91DA-0A100EAA7181}" => removed successfully
"HKLM\Software\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tasks\{9268D27D-FEF5-4570-91DA-0A100EAA7181}" => removed successfully
C:\Windows\System32\Tasks\Software Updater SkipUAC(Administrator) => moved successfully
"HKLM\Software\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tree\Software Updater SkipUAC(Administrator)" => removed successfully
"HKLM\Software\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Plain\{CF9482C6-1BE3-4677-91EC-1BEB5C9F072B}" => removed successfully
"HKLM\Software\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tasks\{CF9482C6-1BE3-4677-91EC-1BEB5C9F072B}" => removed successfully
C:\Windows\System32\Tasks\EOSv3 Scheduler onTime => moved successfully
"HKLM\Software\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tree\EOSv3 Scheduler onTime" => removed successfully
"HKLM\Software\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Plain\{E6A0DE18-D9D8-48CD-B5B5-D43F52A4AEB4}" => removed successfully
"HKLM\Software\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tasks\{E6A0DE18-D9D8-48CD-B5B5-D43F52A4AEB4}" => removed successfully
C:\Windows\System32\Tasks\Software Updater SkipUAC(simon) => moved successfully
"HKLM\Software\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tree\Software Updater SkipUAC(simon)" => removed successfully
HKLM\SOFTWARE\Policies\Microsoft\Internet Explorer => removed successfully
HKLM\System\CurrentControlSet\Services\cpuz145 => removed successfully
cpuz145 => service removed successfully
HKLM\System\CurrentControlSet\Services\cpuz152 => removed successfully
cpuz152 => service removed successfully
Imf8HpRegFilter => Service stopped successfully.
HKLM\System\CurrentControlSet\Services\Imf8HpRegFilter => removed successfully
Imf8HpRegFilter => service removed successfully
IMFCameraProtect => Unable to stop service.
HKLM\System\CurrentControlSet\Services\IMFCameraProtect => removed successfully
IMFCameraProtect => service removed successfully
HKLM\System\CurrentControlSet\Control\Class\{6bdd1fc6-810f-11d0-bec7-08002be2092f}\\UpperFilters IMFCameraProtect => value removed successfully
HKLM\System\CurrentControlSet\Control\Class\{ca3e7ab9-b4c3-4ae6-8251-579ef933890f}\\UpperFilters IMFCameraProtect => value removed successfully
IMFDownProtect => Service stopped successfully.
HKLM\System\CurrentControlSet\Services\IMFDownProtect => removed successfully
IMFDownProtect => service removed successfully
IMFEFSFileControl => Service stopped successfully.
HKLM\System\CurrentControlSet\Services\IMFEFSFileControl => removed successfully
IMFEFSFileControl => service removed successfully
IMFForceDelete123 => Service stopped successfully.
HKLM\System\CurrentControlSet\Services\IMFForceDelete123 => removed successfully
IMFForceDelete123 => service removed successfully
ImfHpFileFilter => Service stopped successfully.
HKLM\System\CurrentControlSet\Services\ImfHpFileFilter => removed successfully
ImfHpFileFilter => service removed successfully
ImfObCallback => Unable to stop service.
HKLM\System\CurrentControlSet\Services\ImfObCallback => removed successfully
ImfObCallback => service removed successfully
ImfRealScanner => Service stopped successfully.
HKLM\System\CurrentControlSet\Services\ImfRealScanner => removed successfully
ImfRealScanner => service removed successfully
ImfRegistryFilter => Unable to stop service.
HKLM\System\CurrentControlSet\Services\ImfRegistryFilter => removed successfully
ImfRegistryFilter => service removed successfully
IUFileFilter => Service stopped successfully.
HKLM\System\CurrentControlSet\Services\IUFileFilter => removed successfully
IUFileFilter => service removed successfully
IUProcessFilter => Service stopped successfully.
HKLM\System\CurrentControlSet\Services\IUProcessFilter => removed successfully
IUProcessFilter => service removed successfully
IURegistryFilter => Service stopped successfully.
HKLM\System\CurrentControlSet\Services\IURegistryFilter => removed successfully
IURegistryFilter => service removed successfully
HKLM\System\CurrentControlSet\Services\Sense => removed successfully
Sense => service removed successfully
C:\Windows\system32\Tasks\GoogleUpdateTaskMachineUA => moved successfully
C:\Windows\system32\Tasks\GoogleUpdateTaskMachineCore => moved successfully

"C:\Program Files (x86)\IObit" folder move:

Could not move "C:\Program Files (x86)\IObit" => Scheduled to move on reboot.

hellIconOverlayIdentifiers: [ IMFSafeBox] -> {0BB81440-5F42-4480-A5F7-770A6F439FC8} => C:\Program Files (x86)\IObit\IObit Malware Fighter\IMFShellExt.dll [2022-10-24] (IObit Information Technology -> IObit) => Error: No automatic fix found for this entry.
HKLM\Software\Classes\*\ShellEx\ContextMenuHandlers\DriveFS 28 or later => removed successfully
HKLM\Software\Classes\*\ShellEx\ContextMenuHandlers\GDContextMenu => removed successfully
HKLM\Software\Classes\*\ShellEx\ContextMenuHandlers\IObit Malware Fighter => removed successfully
HKLM\Software\Classes\CLSID\{0BB81440-5F42-4480-A5F7-770A6F439FC8} => removed successfully
HKLM\Software\Classes\*\ShellEx\ContextMenuHandlers\IObitUninstaller => removed successfully
HKLM\Software\Classes\CLSID\{836AB26C-2DE4-41D3-AC24-4C6C2699B960} => removed successfully
HKLM\Software\Classes\*\ShellEx\ContextMenuHandlers\IObitUnstaler => removed successfully
HKLM\Software\Classes\*\ShellEx\ContextMenuHandlers\SmartDefragExtension => removed successfully
HKLM\Software\Classes\CLSID\{189F1E63-33A7-404B-B2F6-8C76A452CC54} => removed successfully
HKLM\Software\Classes\Directory\ShellEx\ContextMenuHandlers\IObit Malware Fighter => removed successfully
HKLM\Software\Classes\Directory\ShellEx\ContextMenuHandlers\IObitUninstaller => removed successfully
HKLM\Software\Classes\Folder\ShellEx\ContextMenuHandlers\IObit Malware Fighter => removed successfully
HKLM\Software\Classes\Folder\ShellEx\ContextMenuHandlers\IObitUninstaller => removed successfully
HKLM\Software\Classes\Folder\ShellEx\ContextMenuHandlers\IObitUnstaler => removed successfully
HKLM\Software\Classes\Folder\ShellEx\ContextMenuHandlers\SmartDefragExtension => removed successfully
C:\ProgramData => ":3BBE1C506855CC24" ADS removed successfully
C:\ProgramData => ":err" ADS removed successfully
"C:\Users\All Users" => ":3BBE1C506855CC24" ADS not found.
"C:\Users\All Users" => ":err" ADS not found.
"C:\ProgramData\Data aplikací" => ":3BBE1C506855CC24" ADS not found.
"C:\ProgramData\Data aplikací" => ":err" ADS not found.
C:\Users\Public\Shared Files => ":VersionCache" ADS removed successfully
HKLM\SOFTWARE\Wow6432Node\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{BA0C978D-D909-49B6-AFE2-8BDE245DC7E6} => removed successfully
HKLM\Software\Wow6432Node\Classes\CLSID\{BA0C978D-D909-49B6-AFE2-8BDE245DC7E6} => removed successfully
"HKLM\SYSTEM\CurrentControlSet\services\SharedAccess\Parameters\FirewallPolicy\FirewallRules\\{14B70805-D81A-43A0-AC07-C26BF47FBAD1}" => removed successfully
"HKLM\SYSTEM\CurrentControlSet\services\SharedAccess\Parameters\FirewallPolicy\FirewallRules\\{53227906-96AD-4A9E-A88D-8B329AFC99D7}" => removed successfully
"HKLM\SYSTEM\CurrentControlSet\services\SharedAccess\Parameters\FirewallPolicy\FirewallRules\\{C6967AE9-B974-42D7-B55E-C982870A2C3B}" => removed successfully
"HKLM\SYSTEM\CurrentControlSet\services\SharedAccess\Parameters\FirewallPolicy\FirewallRules\\{0FE734DC-19F7-4C71-8441-7CE6FCA03BE2}" => removed successfully
"HKLM\SYSTEM\CurrentControlSet\services\SharedAccess\Parameters\FirewallPolicy\FirewallRules\\{15257344-F483-4E95-B1FC-85B601BD7D5F}" => removed successfully
"HKLM\SYSTEM\CurrentControlSet\services\SharedAccess\Parameters\FirewallPolicy\FirewallRules\\{6B9D46DA-EE27-4C7E-B3DE-D6EEA499D6D9}" => removed successfully
"HKLM\SYSTEM\CurrentControlSet\services\SharedAccess\Parameters\FirewallPolicy\FirewallRules\\{0C97DAA9-107F-48A1-AD5C-37D401BF2A9E}" => removed successfully
C:\Users\marti\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup\Sidebar658.lnk => moved successfully
C:\Users\zuzan\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup\Sidebar305.lnk => moved successfully
C:\Windows\System32\Drivers\etc\hosts => moved successfully
Hosts restored successfully.

=========== EmptyTemp: ==========

FlushDNS => completed
BITS transfer queue => 1048576 B
DOMStore, IE Recovery, AppCache, Feeds Cache, Thumbcache, IconCache => 111103431 B
Java, Discord, Steam htmlcache, WinHttpAutoProxySvc/winhttp *.cache => 431648287 B
Windows/system/drivers => 127165433 B
Edge => 0 B
Chrome => 512607234 B
Firefox => 0 B
Opera => 523227819 B

Temp, IE cache, history, cookies, recent:
Default => 0 B
ProgramData => 0 B
Public => 0 B
systemprofile => 0 B
systemprofile32 => 0 B
LocalService => 11758 B
NetworkService => 11758 B
marti => 307718986 B
simon => 310096973 B
lucia => 1605330051 B
zuzan => 2009663004 B

RecycleBin => 104344517 B
EmptyTemp: => 5.6 GB temporary data Removed.

================================

Result of scheduled files to move (Boot Mode: Normal) (Date&Time: 01-06-2023 16:44:37)

C:\Program Files (x86)\IObit => Is moved successfully

==== End of Fixlog 16:44:37 ====
Nahoru
Uživatelský avatar
Rudy
Site Admin
Site Admin
Příspěvky: 118275
Registrován: 30 říj 2003 13:42
Bydliště: Plzeň
Kontaktovat uživatele:
Kontaktovat uživatele Rudy

Re: Vyskakovací okno.

#5 Příspěvek od Rudy »

OK. Okno už nevyskakuje?
Dotazy a logy vkládejte pouze do vašich threadů. Soukromé zprávy, icq a e-maily neslouží k řešení vašich problémů.

Podpořte, prosím, naše fórum : https://platba.viry.cz/payment/.

Navštivte: Obrázek

e-mail: rudy(zavináč)forum.viry.cz

Varování: Před odvirováním PC si udělejte zálohy svých důležitých dat (pošta, kontakty, dokumenty, fotografie, videa, hudba apod.). Virus mimo svých "viditelných" aktivit může poškodit systém!


Po dořešení vašeho problému bude vlákno zamknuto. Stejně tak tehdy, pokud bude nečinné více než 14dnů. Pokud budete chtít vlákno aktivovat, napište mi na mail uvedený výše.
Nahoru
oplis
Návštěvník
Návštěvník
Příspěvky: 14
Registrován: 27 zář 2009 15:22

Re: Vyskakovací okno.

#6 Příspěvek od oplis »

Už nevyskakuje.
Je to vše?
Nahoru
Uživatelský avatar
Rudy
Site Admin
Site Admin
Příspěvky: 118275
Registrován: 30 říj 2003 13:42
Bydliště: Plzeň
Kontaktovat uživatele:
Kontaktovat uživatele Rudy

Re: Vyskakovací okno.

#7 Příspěvek od Rudy »

To jsem rád. Z mé strany je to vše.
Dotazy a logy vkládejte pouze do vašich threadů. Soukromé zprávy, icq a e-maily neslouží k řešení vašich problémů.

Podpořte, prosím, naše fórum : https://platba.viry.cz/payment/.

Navštivte: Obrázek

e-mail: rudy(zavináč)forum.viry.cz

Varování: Před odvirováním PC si udělejte zálohy svých důležitých dat (pošta, kontakty, dokumenty, fotografie, videa, hudba apod.). Virus mimo svých "viditelných" aktivit může poškodit systém!


Po dořešení vašeho problému bude vlákno zamknuto. Stejně tak tehdy, pokud bude nečinné více než 14dnů. Pokud budete chtít vlákno aktivovat, napište mi na mail uvedený výše.
Nahoru
oplis
Návštěvník
Návštěvník
Příspěvky: 14
Registrován: 27 zář 2009 15:22

Re: Vyskakovací okno.

#8 Příspěvek od oplis »

Krásná práce.
Děkuji moc a přeji hezký zbytek dne.
Nahoru
Uživatelský avatar
Rudy
Site Admin
Site Admin
Příspěvky: 118275
Registrován: 30 říj 2003 13:42
Bydliště: Plzeň
Kontaktovat uživatele:
Kontaktovat uživatele Rudy

Re: Vyskakovací okno.

#9 Příspěvek od Rudy »

Děkuji a rádo se stalo! :)
Dotazy a logy vkládejte pouze do vašich threadů. Soukromé zprávy, icq a e-maily neslouží k řešení vašich problémů.

Podpořte, prosím, naše fórum : https://platba.viry.cz/payment/.

Navštivte: Obrázek

e-mail: rudy(zavináč)forum.viry.cz

Varování: Před odvirováním PC si udělejte zálohy svých důležitých dat (pošta, kontakty, dokumenty, fotografie, videa, hudba apod.). Virus mimo svých "viditelných" aktivit může poškodit systém!


Po dořešení vašeho problému bude vlákno zamknuto. Stejně tak tehdy, pokud bude nečinné více než 14dnů. Pokud budete chtít vlákno aktivovat, napište mi na mail uvedený výše.
Nahoru
Zamčeno

Zpět na „Řešení problémů, logy“