Ahoj při hledání křížovek mě začal Firefox hlásit nalezenýho trojáka, mrkněte mi na to někdo. Dík
Scan result of Farbar Recovery Scan Tool (FRST) (x64) Version: 06-12-2024
Ran by Tomáš (administrator) on DESKTOP-FFT066H (Dell Inc. Latitude E6220) (07-12-2024 12:15:13)
Running from C:\Users\Tomáš\Downloads\FRST64.exe
Loaded Profiles: Tomáš
Platform: Microsoft Windows 10 Pro Version 22H2 19045.5131 (X64) Language: Čeština (Česko)
Default browser: FF
Boot Mode: Normal
==================== Processes (Whitelisted) =================
(If an entry is included in the fixlist, the process will be closed. The file will not be moved.)
(Alps Electric Co., LTD. -> Alps Electric Co., Ltd.) C:\Program Files\DellTPad\ApntEx.exe
(C:\Program Files\DellTPad\Apoint.exe ->) (Alps Electric Co., LTD. -> Alps Electric Co., Ltd.) C:\Program Files\DellTPad\ApMsgFwd.exe
(C:\Program Files\DellTPad\Apoint.exe ->) (Alps Electric Co., LTD. -> Alps Electric Co., Ltd.) C:\Program Files\DellTPad\hidfind.exe
(C:\Program Files\DellTPad\HidMonitorSvc.exe ->) (Alps Electric Co., LTD. -> Alps Electric Co., Ltd.) C:\Program Files\DellTPad\Apoint.exe
(C:\Program Files\Mozilla Firefox\firefox.exe ->) (OR KAHOL LTD -> ) C:\Users\Tomáš\Downloads\zipmate(2).exe
(explorer.exe ->) (Intel(R) pGFX -> Intel Corporation) C:\Windows\System32\hkcmd.exe
(explorer.exe ->) (Intel(R) pGFX -> Intel Corporation) C:\Windows\System32\igfxpers.exe
(explorer.exe ->) (Intel(R) pGFX -> Intel Corporation) C:\Windows\System32\igfxtray.exe
(explorer.exe ->) (Microsoft Windows -> Microsoft Corporation) C:\Windows\System32\rundll32.exe
(Gen Digital Inc. -> Piriform Software Ltd) C:\Program Files\CCleaner\CCleaner64.exe
(Hewlett-Packard Company -> Hewlett-Packard) C:\Program Files (x86)\HP\HP Software Update\hpwuschd2.exe
(Hewlett-Packard Company -> HP Development Company, L.P.) C:\Program Files (x86)\HP\StatusAlerts\bin\HPStatusAlerts.exe
(Microsoft Corporation -> Microsoft Corporation) C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe <5>
(Mozilla Corporation -> Mozilla Corporation) C:\Program Files\Mozilla Firefox\firefox.exe <38>
(services.exe ->) (Alps Electric Co., LTD. -> Alps Electric Co., Ltd.) C:\Program Files\DellTPad\HidMonitorSvc.exe
(services.exe ->) (HP Inc.) [File not signed] C:\Program Files (x86)\HP\HPLaserJetService\HPLaserJetService.exe
(services.exe ->) (Microsoft Windows Publisher -> Microsoft Corporation) C:\ProgramData\Microsoft\Windows Defender\Platform\4.18.24090.11-0\MpDefenderCoreService.exe
(services.exe ->) (Microsoft Windows Publisher -> Microsoft Corporation) C:\ProgramData\Microsoft\Windows Defender\Platform\4.18.24090.11-0\MsMpEng.exe
(services.exe ->) (Microsoft Windows Publisher -> Microsoft Corporation) C:\ProgramData\Microsoft\Windows Defender\Platform\4.18.24090.11-0\NisSrv.exe
(svchost.exe ->) (Microsoft Windows -> Microsoft Corporation) C:\Windows\ImmersiveControlPanel\SystemSettings.exe
(svchost.exe ->) (Microsoft Windows -> Microsoft Corporation) C:\Windows\System32\dllhost.exe <2>
(svchost.exe ->) (Microsoft Windows -> Microsoft Corporation) C:\Windows\System32\MoUsoCoreWorker.exe
(svchost.exe ->) (Microsoft Windows -> Microsoft Corporation) C:\Windows\System32\smartscreen.exe
==================== Registry (Whitelisted) ===================
(If an entry is included in the fixlist, the registry item will be restored to default or removed. The file will not be moved.)
HKLM\...\Run: [Apoint] => C:\Program Files\DellTPad\Apoint.exe [727896 2014-03-13] (Alps Electric Co., LTD. -> Alps Electric Co., Ltd.)
HKLM-x32\...\Run: [HP Software Update] => C:\Program Files (x86)\Hp\HP Software Update\HPWuSchd2.exe [96056 2013-05-30] (Hewlett-Packard Company -> Hewlett-Packard)
HKLM-x32\...\Run: [] => [X]
HKLM-x32\...\Run: [StatusAlerts] => C:\Program Files (x86)\HP\StatusAlerts\bin\HPStatusAlerts.exe [329992 2015-06-17] (Hewlett-Packard Company -> HP Development Company, L.P.)
HKU\S-1-5-21-3489919597-1578466563-2200197977-1001\...\Run: [Microsoft Edge Update] => C:\Users\Tomáš\AppData\Local\Microsoft\EdgeUpdate\1.3.195.39\MicrosoftEdgeUpdateCore.exe [268344 2024-11-28] (Microsoft Corporation -> Microsoft Corporation)
HKU\S-1-5-21-3489919597-1578466563-2200197977-1001\...\Run: [CCleaner Smart Cleaning] => C:\Program Files\CCleaner\CCleaner64.exe [45359408 2024-11-06] (Gen Digital Inc. -> Piriform Software Ltd)
HKU\S-1-5-21-3489919597-1578466563-2200197977-1001\...\Run: [MicrosoftEdgeAutoLaunch_A04DB29D7BBA667E0666614EBA03A945] => "C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --no-startup-window --win-session-start [3911232 2024-12-05] (Microsoft Corporation -> Microsoft Corporation)
HKLM\...\Print\Monitors\HP Standard TCP/IP Port: C:\Windows\system32\HpTcpMon.dll [331264 2009-09-16] (Hewlett Packard) [File not signed]
HKLM\Software\Microsoft\Active Setup\Installed Components: [{8A69D345-D564-463c-AFF1-A69D9E530F96}] -> C:\Program Files\Google\Chrome\Application\131.0.6778.109\Installer\chrmstp.exe [2024-12-06] (Google LLC -> Google LLC)
==================== Scheduled Tasks (Whitelisted) =================
(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)
Task: {975739FA-BE4F-4A7C-AD76-11E3AD80AAFE} - System32\Tasks\CCleaner Update => C:\Program Files\CCleaner\CCUpdate.exe [829408 2024-11-06] (Gen Digital Inc. -> Gen Digital Inc.)
Task: {4078EAE6-E7FF-4FF6-8B29-3D957D504D93} - System32\Tasks\CCleanerCrashReporting => C:\Program Files\CCleaner\CCleanerBugReport.exe [5983536 2024-11-06] (Gen Digital Inc. -> Gen Digital Inc.) -> --product 90 --send dumps|report --path "C:\Program Files\CCleaner\LOG" --programpath "C:\Program Files\CCleaner" --guid "06b30e18-9de7-445f-950d-672383b2c1b8" --version "6.30.11385" --silent
Task: {B454A5D6-B7F3-4092-BDE7-5FDE29E1A92F} - System32\Tasks\CCleanerSkipUAC - Tomáš => C:\Program Files\CCleaner\CCleaner.exe [39135536 2024-11-06] (Gen Digital Inc. -> Piriform Software Ltd)
Task: {C6010DB2-44DC-4339-9A65-A1B1E1D03822} - System32\Tasks\GoogleSystem\GoogleUpdater\GoogleUpdaterTaskSystem132.0.6833.0{3BC142C6-6C32-4F73-BEC2-2C2063F59757} => C:\Program Files (x86)\Google\GoogleUpdater\132.0.6833.0\updater.exe [5591136 2024-11-11] (Google LLC -> Google LLC)
Task: {32CA82BE-D54B-4E18-BDDF-7B2244F51C9E} - System32\Tasks\HPLJCustParticipation => C:\Program Files (x86)\HP\HPLJUT\HPLJUTSCH.exe [89840 2014-10-19] (Hewlett-Packard Company -> Hewlett Packard)
Task: {F4D30E84-586F-40AA-9310-E86C6E0BD7F4} - System32\Tasks\Microsoft\Windows\Windows Defender\Windows Defender Cache Maintenance => C:\ProgramData\Microsoft\Windows Defender\Platform\4.18.24090.11-0\MpCmdRun.exe [1687360 2024-11-16] (Microsoft Windows Publisher -> Microsoft Corporation)
Task: {B744C083-66A3-47C4-8AB2-B8B7DBF37929} - System32\Tasks\Microsoft\Windows\Windows Defender\Windows Defender Cleanup => C:\ProgramData\Microsoft\Windows Defender\Platform\4.18.24090.11-0\MpCmdRun.exe [1687360 2024-11-16] (Microsoft Windows Publisher -> Microsoft Corporation)
Task: {54049AA5-456F-4662-8D42-09935018AC97} - System32\Tasks\Microsoft\Windows\Windows Defender\Windows Defender Scheduled Scan => C:\ProgramData\Microsoft\Windows Defender\Platform\4.18.24090.11-0\MpCmdRun.exe [1687360 2024-11-16] (Microsoft Windows Publisher -> Microsoft Corporation)
Task: {423EAB22-DE87-4E86-832E-20423C3676D7} - System32\Tasks\Microsoft\Windows\Windows Defender\Windows Defender Verification => C:\ProgramData\Microsoft\Windows Defender\Platform\4.18.24090.11-0\MpCmdRun.exe [1687360 2024-11-16] (Microsoft Windows Publisher -> Microsoft Corporation)
Task: {646FA8C0-0046-40F7-978E-8BC46EBF69BA} - System32\Tasks\MicrosoftEdgeUpdateTaskUserS-1-5-21-3489919597-1578466563-2200197977-1001Core{48749483-551D-4D33-B949-2874132A79FC} => C:\Users\Tomáš\AppData\Local\Microsoft\EdgeUpdate\MicrosoftEdgeUpdate.exe [206392 2024-04-04] (Microsoft Corporation -> Microsoft Corporation)
Task: {B22E4E0F-D27D-4BE5-A609-3D1F73407CCD} - System32\Tasks\MicrosoftEdgeUpdateTaskUserS-1-5-21-3489919597-1578466563-2200197977-1001UA{73A90630-A870-4BB8-9254-1444E1E023C0} => C:\Users\Tomáš\AppData\Local\Microsoft\EdgeUpdate\MicrosoftEdgeUpdate.exe [206392 2024-04-04] (Microsoft Corporation -> Microsoft Corporation)
Task: {C1E6FA04-4A80-4129-8196-E7CA319AC8CE} - System32\Tasks\Mozilla\Firefox Background Update S-1-5-21-3489919597-1578466563-2200197977-1001 308046B0AF4A39CB => C:\Program Files\Mozilla Firefox\firefox.exe [671808 2024-11-29] (Mozilla Corporation -> Mozilla Corporation) -> C:\ProgramData\Mozilla-1de4eec8-1241-4177-a864-e594e8d1fb38\updates\308046B0AF4A39CB\--MOZ_LOG sync,prependheader,timestamp,append,maxsize:1,Dump:5 --MOZ_LOG_FILE C:\ProgramData\Mozilla-1de4eec8-1241-4177-a864-e594e8d1fb38\updates\308046B0AF4A39CB\backgroundupdate.moz_log --backgroundtask background (the data entry has 6 more characters).
Task: {3290231A-3AE5-49CC-9251-D2710FAE529A} - System32\Tasks\Mozilla\Firefox Default Browser Agent 308046B0AF4A39CB => C:\Program Files\Mozilla Firefox\default-browser-agent.exe [34368 2024-11-29] (Mozilla Corporation -> Mozilla Foundation)
(If an entry is included in the fixlist, the task (.job) file will be moved. The file which is running by the task will not be moved.)
Task: C:\Windows\Tasks\CCleanerCrashReporting.job => C:\Program Files\CCleaner\CCleanerBugReport.exe
==================== Internet (Whitelisted) ====================
(If an item is included in the fixlist, if it is a registry item it will be removed or restored to default.)
Tcpip\Parameters: [DhcpNameServer] 77.236.192.130 77.236.192.150
Tcpip\..\Interfaces\{470464b2-08ff-4641-a4a2-551f9a886915}: [DhcpNameServer] 77.236.192.130 77.236.192.150
Edge:
=======
Edge DefaultProfile: Default
Edge Profile: C:\Users\Tomáš\AppData\Local\Microsoft\Edge\User Data\Default [2024-12-07]
Edge Extension: (Dokumenty Google offline) - C:\Users\Tomáš\AppData\Local\Microsoft\Edge\User Data\Default\Extensions\ghbmnnjooekpmoecnnnilnnbdlolhkhi [2024-11-28]
Edge Extension: (Edge relevant text changes) - C:\Users\Tomáš\AppData\Local\Microsoft\Edge\User Data\Default\Extensions\jmjflgjpcpepeafmmgdpfkogkghcpiha [2024-04-05]
FireFox:
========
FF DefaultProfile: srxn1ztw.default
FF ProfilePath: C:\Users\Tomáš\AppData\Roaming\Mozilla\Firefox\Profiles\srxn1ztw.default [2024-06-28]
FF ProfilePath: C:\Users\Tomáš\AppData\Roaming\Mozilla\Firefox\Profiles\zi1lyum7.default-release [2024-12-07]
FF Notifications: Mozilla\Firefox\Profiles\zi1lyum7.default-release -> hxxps://cz10.herozerogame.com; hxxps://www.amateri.com; hxxps://ahfp61v57oduhz.enhanceprotocol.co.in; hxxps://9zez4u3h2kvr5h.enhanceprotocol.co.in
Chrome:
=======
CHR Profile: C:\Users\Tomáš\AppData\Local\Google\Chrome\User Data\Default [2024-07-26]
CHR Notifications: Default -> hxxps://aukro.cz; hxxps://cz2.forgeofempires.com; hxxps://cz4.forgeofempires.com; hxxps://www.amateri.com; hxxps://www.kupi.cz; hxxps://www.youtube.com
CHR Extension: (Dokumenty Google offline) - C:\Users\Tomáš\AppData\Local\Google\Chrome\User Data\Default\Extensions\ghbmnnjooekpmoecnnnilnnbdlolhkhi [2024-04-04]
CHR Extension: (Platby Internetového obchodu Chrome) - C:\Users\Tomáš\AppData\Local\Google\Chrome\User Data\Default\Extensions\nmmhkkegccagdldgiimedpiccmgmieda [2024-04-04]
==================== Services (Whitelisted) ===================
(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)
R2 ApHidMonitorService; C:\Program Files\DellTPad\HidMonitorSvc.exe [87384 2014-03-27] (Alps Electric Co., LTD. -> Alps Electric Co., Ltd.)
S3 CCleanerPerformanceOptimizerService; C:\Program Files\CCleaner\CCleanerPerformanceOptimizerService.exe [1087792 2024-11-06] (Gen Digital Inc. -> Piriform Software Ltd)
R2 HP LaserJet Service; C:\Program Files (x86)\HP\HPLaserJetService\HPLaserJetService.exe [176640 2020-02-11] (HP Inc.) [File not signed]
R2 MDCoreSvc; C:\ProgramData\Microsoft\Windows Defender\Platform\4.18.24090.11-0\MpDefenderCoreService.exe [1447680 2024-11-16] (Microsoft Windows Publisher -> Microsoft Corporation)
S3 Sense; C:\Program Files\Windows Defender Advanced Threat Protection\MsSense.exe [559368 2024-11-15] (Microsoft Windows Publisher -> Microsoft Corporation)
R3 WdNisSvc; C:\ProgramData\Microsoft\Windows Defender\Platform\4.18.24090.11-0\NisSrv.exe [3199672 2024-11-16] (Microsoft Windows Publisher -> Microsoft Corporation)
R2 WinDefend; C:\ProgramData\Microsoft\Windows Defender\Platform\4.18.24090.11-0\MsMpEng.exe [141952 2024-11-16] (Microsoft Windows Publisher -> Microsoft Corporation)
===================== Drivers (Whitelisted) ===================
(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)
S3 BthA2dp; C:\Windows\System32\drivers\BthA2dp.sys [279040 2019-12-07] (Microsoft Corporation) [File not signed]
S3 BthHFEnum; C:\Windows\System32\drivers\bthhfenum.sys [144896 2019-12-07] (Microsoft Corporation) [File not signed]
S0 WdBoot; C:\Windows\System32\drivers\wd\WdBoot.sys [22104 2024-11-16] (Microsoft Windows Early Launch Anti-malware Publisher -> Microsoft Corporation)
R0 WdFilter; C:\Windows\System32\drivers\wd\WdFilter.sys [606624 2024-11-16] (Microsoft Windows -> Microsoft Corporation)
R3 WdNisDrv; C:\Windows\System32\drivers\wd\WdNisDrv.sys [105888 2024-11-16] (Microsoft Windows -> Microsoft Corporation)
==================== NetSvcs (Whitelisted) ===================
(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)
==================== One month (created) (Whitelisted) =========
(If an entry is included in the fixlist, the file/folder will be moved.)
2024-12-07 12:15 - 2024-12-07 12:16 - 000013695 _____ C:\Users\Tomáš\Downloads\FRST.txt
2024-12-07 12:15 - 2024-12-07 12:15 - 000000000 ____D C:\FRST
2024-12-07 12:14 - 2024-12-07 12:14 - 002402304 _____ (Farbar) C:\Users\Tomáš\Downloads\FRST64.exe
2024-12-07 12:07 - 2024-12-07 12:07 - 002473232 _____ () C:\Users\Tomáš\Downloads\zipmate(2).exe
2024-12-07 12:04 - 2024-12-07 12:04 - 002096640 _____ (Farbar) C:\Users\Tomáš\Downloads\FRST.exe
2024-12-06 08:19 - 2024-12-06 10:39 - 000000000 ____D C:\Users\Tomáš\Desktop\2024 5.12. Pardubice Žluťák
2024-11-29 07:19 - 2024-11-30 20:00 - 000000000 ____D C:\Program Files\Mozilla Firefox
2024-11-17 07:57 - 2024-12-07 11:39 - 000000014 ____H C:\Users\Tomáš\Desktop\fssort.ini
2024-11-16 08:28 - 2024-11-16 08:28 - 000048011 _____ C:\Users\Tomáš\Downloads\Shrnutí objednávky-98766eb7-70c5-3e4e-b641-d833758afc6e.pdf
2024-11-15 15:30 - 2024-11-15 15:30 - 000082947 _____ C:\Users\Tomáš\Downloads\dark_crystal.zip
2024-11-15 15:26 - 2024-11-15 15:26 - 002474264 _____ () C:\Users\Tomáš\Downloads\zipmate(1).exe
2024-11-15 14:33 - 2024-11-15 14:33 - 000000000 ___HD C:\$WinREAgent
2024-11-15 14:09 - 2024-11-15 14:09 - 000000000 ____D C:\Users\Tomáš\AppData\Roaming\WinRAR
2024-11-15 14:09 - 2024-11-15 14:09 - 000000000 ____D C:\Users\Tomáš\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\WinRAR
2024-11-15 14:09 - 2024-11-15 14:09 - 000000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\WinRAR
2024-11-15 14:09 - 2024-11-15 14:09 - 000000000 ____D C:\Program Files\WinRAR
2024-11-15 14:08 - 2024-11-15 14:08 - 004194776 _____ C:\Users\Tomáš\Downloads\winrar-x64-701cz.exe
2024-11-15 13:55 - 2024-11-15 13:55 - 000000000 ____D C:\Users\Tomáš\Documents\ZPS11
2024-11-15 13:54 - 2024-11-15 13:54 - 000000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Zoner Photo Studio 11
2024-11-15 13:54 - 2024-11-15 13:54 - 000000000 ____D C:\Program Files (x86)\Zoner
2024-11-15 13:53 - 2024-11-15 13:53 - 063819721 _____ (ZONER software ) C:\Users\Tomáš\Downloads\zps11_cz_home.exe
2024-11-15 09:31 - 2024-11-15 13:55 - 000000000 ____D C:\Users\Tomáš\AppData\Roaming\Zoner
2024-11-15 09:31 - 2024-11-15 09:31 - 000000000 ____D C:\Users\Tomáš\AppData\Local\Zoner
2024-11-15 09:31 - 2024-11-15 09:31 - 000000000 ____D C:\Users\Tomáš\AppData\Local\CEF
2024-11-15 09:30 - 2024-11-15 09:31 - 079831160 _____ (ZONER software ) C:\Users\Tomáš\Downloads\zpsx_cz.exe
2024-11-15 09:27 - 2024-11-15 09:27 - 002474264 _____ () C:\Users\Tomáš\Downloads\zipmate.exe
==================== One month (modified) ==================
(If an entry is included in the fixlist, the file/folder will be moved.)
2024-12-07 11:27 - 2019-12-07 10:14 - 000000000 ____D C:\ProgramData\regid.1991-06.com.microsoft
2024-12-07 11:26 - 2024-03-31 10:14 - 000000000 ____D C:\Windows\system32\SleepStudy
2024-12-07 08:22 - 2024-07-26 13:10 - 000000000 ____D C:\Program Files\CCleaner
2024-12-07 08:22 - 2024-06-28 07:12 - 000000000 ____D C:\ProgramData\Mozilla-1de4eec8-1241-4177-a864-e594e8d1fb38
2024-12-07 08:22 - 2024-03-31 10:23 - 000000000 ___RD C:\Users\Tomáš\OneDrive
2024-12-07 08:21 - 2019-12-07 10:14 - 000000000 ___HD C:\Program Files\WindowsApps
2024-12-07 08:21 - 2019-12-07 10:14 - 000000000 ____D C:\Windows\AppReadiness
2024-12-07 08:20 - 2024-03-31 10:14 - 000002436 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Microsoft Edge.lnk
2024-12-07 08:20 - 2023-12-04 03:52 - 000000000 ____D C:\Windows\SystemTemp
2024-12-06 08:16 - 2024-04-05 13:27 - 000002247 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Google Chrome.lnk
2024-12-01 07:31 - 2024-03-31 10:23 - 001605606 _____ C:\Windows\system32\PerfStringBackup.INI
2024-12-01 07:31 - 2019-12-07 15:43 - 000683606 _____ C:\Windows\system32\perfh005.dat
2024-12-01 07:31 - 2019-12-07 15:43 - 000137386 _____ C:\Windows\system32\perfc005.dat
2024-12-01 07:31 - 2019-12-07 10:13 - 000000000 ____D C:\Windows\INF
2024-12-01 07:27 - 2024-03-31 10:14 - 000008192 ___SH C:\DumpStack.log.tmp
2024-12-01 07:27 - 2024-03-31 10:14 - 000000006 ____H C:\Windows\Tasks\SA.DAT
2024-11-30 20:01 - 2019-12-07 10:03 - 000524288 _____ C:\Windows\system32\config\BBI
2024-11-30 20:00 - 2024-06-28 07:12 - 000000000 ____D C:\Program Files (x86)\Mozilla Maintenance Service
2024-11-30 15:00 - 2019-12-07 10:03 - 000000000 ____D C:\Windows\CbsTemp
2024-11-30 07:25 - 2024-06-28 07:12 - 000001005 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Firefox.lnk
2024-11-29 17:07 - 2024-04-05 15:40 - 000000000 ____D C:\Program Files\RUXIM
2024-11-28 19:02 - 2024-04-04 16:23 - 000003592 _____ C:\Windows\system32\Tasks\OneDrive Reporting Task-S-1-5-21-3489919597-1578466563-2200197977-1001
2024-11-28 19:02 - 2024-03-31 10:23 - 000003380 _____ C:\Windows\system32\Tasks\OneDrive Standalone Update Task-S-1-5-21-3489919597-1578466563-2200197977-1001
2024-11-28 19:02 - 2024-03-31 10:18 - 000002381 _____ C:\Users\Tomáš\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\OneDrive.lnk
2024-11-28 16:46 - 2024-04-04 16:24 - 000003980 _____ C:\Windows\system32\Tasks\MicrosoftEdgeUpdateTaskUserS-1-5-21-3489919597-1578466563-2200197977-1001UA{73A90630-A870-4BB8-9254-1444E1E023C0}
2024-11-28 16:46 - 2024-04-04 16:24 - 000003916 _____ C:\Windows\system32\Tasks\MicrosoftEdgeUpdateTaskUserS-1-5-21-3489919597-1578466563-2200197977-1001Core{48749483-551D-4D33-B949-2874132A79FC}
2024-11-28 14:53 - 2024-03-31 10:14 - 000003640 _____ C:\Windows\system32\Tasks\MicrosoftEdgeUpdateTaskMachineUA
2024-11-28 14:53 - 2024-03-31 10:14 - 000003516 _____ C:\Windows\system32\Tasks\MicrosoftEdgeUpdateTaskMachineCore
2024-11-16 08:22 - 2024-03-31 10:14 - 000000000 ____D C:\Windows\system32\Drivers\wd
2024-11-15 18:48 - 2024-07-26 13:10 - 000000666 _____ C:\Windows\Tasks\CCleanerCrashReporting.job
2024-11-15 18:48 - 2024-03-31 10:14 - 000259768 _____ C:\Windows\system32\FNTCACHE.DAT
2024-11-15 18:47 - 2019-12-07 15:47 - 000000000 ____D C:\Program Files\Windows Defender Advanced Threat Protection
2024-11-15 18:47 - 2019-12-07 10:14 - 000000000 ___RD C:\Windows\ImmersiveControlPanel
2024-11-15 18:47 - 2019-12-07 10:14 - 000000000 ____D C:\Windows\SysWOW64\Dism
2024-11-15 18:47 - 2019-12-07 10:14 - 000000000 ____D C:\Windows\SystemResources
2024-11-15 18:47 - 2019-12-07 10:14 - 000000000 ____D C:\Windows\system32\setup
2024-11-15 18:47 - 2019-12-07 10:14 - 000000000 ____D C:\Windows\system32\SecureBootUpdates
2024-11-15 18:47 - 2019-12-07 10:14 - 000000000 ____D C:\Windows\system32\oobe
2024-11-15 18:47 - 2019-12-07 10:14 - 000000000 ____D C:\Windows\system32\Dism
2024-11-15 18:47 - 2019-12-07 10:14 - 000000000 ____D C:\Windows\system32\appraiser
2024-11-15 18:47 - 2019-12-07 10:14 - 000000000 ____D C:\Windows\ShellExperiences
2024-11-15 18:47 - 2019-12-07 10:14 - 000000000 ____D C:\Windows\DiagTrack
2024-11-15 18:47 - 2019-12-07 10:14 - 000000000 ____D C:\Windows\bcastdvr
2024-11-15 15:03 - 2024-04-04 16:21 - 000000000 ____D C:\Users\Tomáš\AppData\Local\PlaceholderTileLogoFolder
2024-11-15 15:03 - 2024-03-31 10:19 - 000000000 ____D C:\ProgramData\Packages
2024-11-15 15:03 - 2024-03-31 10:18 - 000000000 ____D C:\Users\Tomáš\AppData\Local\Packages
2024-11-15 14:43 - 2024-03-31 10:18 - 003016192 _____ (Microsoft Corporation) C:\Windows\SysWOW64\PrintConfig.dll
2024-11-15 11:30 - 2024-04-05 12:17 - 000000000 ____D C:\Windows\system32\MRT
2024-11-15 11:27 - 2024-04-05 12:17 - 202035632 ____C (Microsoft Corporation) C:\Windows\system32\MRT.exe
2024-11-15 08:28 - 2024-07-26 13:10 - 000003936 _____ C:\Windows\system32\Tasks\CCleaner Update
2024-11-15 08:28 - 2024-07-26 13:10 - 000003382 _____ C:\Windows\system32\Tasks\CCleanerCrashReporting
==================== SigCheck ============================
(There is no automatic fix for files that do not pass verification.)
==================== End of FRST.txt ========================
Additional scan result of Farbar Recovery Scan Tool (x64) Version: 06-12-2024
Ran by Tomáš (07-12-2024 12:17:10)
Running from C:\Users\Tomáš\Downloads
Microsoft Windows 10 Pro Version 22H2 19045.5131 (X64) (2024-03-31 09:17:02)
Boot Mode: Normal
==========================================================
==================== Accounts: =============================
(If an entry is included in the fixlist, it will be removed.)
Administrator (S-1-5-21-3489919597-1578466563-2200197977-500 - Administrator - Disabled)
DefaultAccount (S-1-5-21-3489919597-1578466563-2200197977-503 - Limited - Disabled)
Guest (S-1-5-21-3489919597-1578466563-2200197977-501 - Limited - Disabled)
Tomáš (S-1-5-21-3489919597-1578466563-2200197977-1001 - Administrator - Enabled) => C:\Users\Tomáš
WDAGUtilityAccount (S-1-5-21-3489919597-1578466563-2200197977-504 - Limited - Disabled)
==================== Security Center ========================
(If an entry is included in the fixlist, it will be removed.)
AV: Windows Defender (Enabled - Up to date) {D68DDC3A-831F-4fae-9E44-DA132C1ACF46}
==================== Installed Programs ======================
(Only the adware programs with "Hidden" flag could be added to the fixlist to unhide them. The adware programs should be uninstalled manually.)
CCleaner (HKLM\...\CCleaner) (Version: 6.30 - Piriform)
Dell Touchpad (HKLM\...\{9F72EF8B-AEC9-4CA5-B483-143980AFD6FD}) (Version: 8.1206.101.112 - ALPS ELECTRIC CO., LTD.)
FastStone Image Viewer 7.8 (HKLM-x32\...\FastStone Image Viewer) (Version: 7.8 - FastStone Corporation)
Google Chrome (HKLM-x32\...\Google Chrome) (Version: 131.0.6778.109 - Google LLC)
HP LaserJet Pro MFP M125-M126 (HKLM-x32\...\{c65448bc-e467-4ec7-b4a5-246697f52957}) (Version: 15.0.15310.1316 - Hewlett-Packard)
HP LaserJet Pro MFP M125-M126 HP Device Toolbox (HKLM-x32\...\{82E7776B-E837-4584-BD0D-E2F54A0F6960}) (Version: 32.0.28.0 - Hewlett-Packard Co.) Hidden
HP LJ M125126 Scan HP Scan (HKLM-x32\...\{F84EA1B1-5184-4145-B6E6-5E5D33D85FE4}) (Version: 1.0.302.0 - Hewlett-Packard Co.) Hidden
HP Product FWUpdater (HKLM-x32\...\{5A11EF83-9E0A-4B5C-8D2F-1FF9551A5E8C}) (Version: 4.0.0.8895 - Hewlett-Packard Company) Hidden
HP Unified IO (HKLM\...\{5C76ED0D-0F6F-4985-8B34-F9AE7834848F}) (Version: 2.0.0.434 - HP) Hidden
HP Unified IO (HKLM-x32\...\{F1390872-2500-4408-A46C-CD16C960C661}) (Version: 2.0.0.434 - HP) Hidden
HP Update (HKLM-x32\...\{912D30CF-F39E-4B31-AD9A-123C6B794EE2}) (Version: 5.005.002.002 - Hewlett-Packard)
HPLJProMFPM125M126 (HKLM-x32\...\{B2894225-82C7-4006-B243-6272589993B2}) (Version: 1.00.0000 - Hewlett-Packard)
HPLJUTCore (HKLM-x32\...\{B445502B-2F83-4873-90F1-06059F71A46A}) (Version: 014.000.0001 - HP) Hidden
HPLJUTM125_126 (HKLM-x32\...\{9E7CB788-5C1F-4A18-95AA-8F4B1618A80C}) (Version: 008.000.0001 - HP) Hidden
hppM125LaserJetService (HKLM-x32\...\{18D5B189-DBDD-4E57-A84B-58C7700E9BB0}) (Version: 001.032.00682 - Hewlett-Packard) Hidden
hpStatusAlerts (HKLM-x32\...\{6bb3c4d6-a57b-4ab7-a96a-be45a4959fe1}) (Version: 170.040.00260 - HP Development Company, L.P.) Hidden
hpStatusAlertsM125-M126 (HKLM-x32\...\{581A9CCB-1AD7-4BB4-A698-590305F773FB}) (Version: 080.046.00113 - Hewlett-Packard) Hidden
Microsoft Edge (HKLM-x32\...\Microsoft Edge) (Version: 131.0.2903.86 - Microsoft Corporation)
Microsoft Edge WebView2 Runtime (HKLM-x32\...\Microsoft EdgeWebView) (Version: 131.0.2903.86 - Microsoft Corporation) Hidden
Microsoft OneDrive (HKU\S-1-5-21-3489919597-1578466563-2200197977-1001\...\OneDriveSetup.exe) (Version: 24.221.1103.0003 - Microsoft Corporation)
Microsoft Update Health Tools (HKLM\...\{1FC1A6C2-576E-489A-9B4A-92D21F542136}) (Version: 3.74.0.0 - Microsoft Corporation)
Mozilla Firefox (x64 cs) (HKLM\...\Mozilla Firefox 133.0 (x64 cs)) (Version: 133.0 - Mozilla)
Mozilla Maintenance Service (HKLM\...\MozillaMaintenanceService) (Version: 127.0.2 - Mozilla)
pltcli (HKU\S-1-5-21-3489919597-1578466563-2200197977-1001\...\pltcli) (Version: 1.0 - pltcli)
Update for x64-based Windows Systems (KB5001716) (HKLM\...\{DA80A019-4C3B-4DAA-ACA1-6937D7CAAF9E}) (Version: 8.94.0.0 - Microsoft Corporation)
WinRAR 7.01 (64-bit) (HKLM\...\WinRAR archiver) (Version: 7.01.0 - win.rar GmbH)
ZipMatePro (HKU\S-1-5-21-3489919597-1578466563-2200197977-1001\...\ZipMatePro) (Version: 1.0 - ZipMatePro)
Zoner Photo Studio 11 (HKLM-x32\...\ZonerPhotoStudio11_CZ_is1) (Version: - ZONER software)
Chrome apps:
============
Disk Google (HKU\S-1-5-21-3489919597-1578466563-2200197977-1001\...\d8eef3a0245b73f9e174eadb491b4100) (Version: 1.0 - Google\Chrome)
Dokumenty (HKU\S-1-5-21-3489919597-1578466563-2200197977-1001\...\d775f32a9426acd4bf4d1586e6134459) (Version: 1.0 - Google\Chrome)
Gmail (HKU\S-1-5-21-3489919597-1578466563-2200197977-1001\...\1572f198952fadc2b912362ece2a43fe) (Version: 1.0 - Google\Chrome)
Prezentace (HKU\S-1-5-21-3489919597-1578466563-2200197977-1001\...\339754b122c6975b3f02e5f1b63aa960) (Version: 1.0 - Google\Chrome)
Tabulky (HKU\S-1-5-21-3489919597-1578466563-2200197977-1001\...\71d1f384c28d341a1ed8c86007b72ac7) (Version: 1.0 - Google\Chrome)
YouTube (HKU\S-1-5-21-3489919597-1578466563-2200197977-1001\...\7631678bf8e2ee006e310974cbacc5db) (Version: 1.0 - Google\Chrome)
Packages:
=========
Spotify – hudba a podcasty -> C:\Program Files\WindowsApps\SpotifyAB.SpotifyMusic_1.252.442.0_x64__zpdnekdrzrea0 [2024-12-06] (Spotify AB) [Startup Task]
==================== Custom CLSID (Whitelisted): ==============
(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)
CustomCLSID: HKU\S-1-5-21-3489919597-1578466563-2200197977-1001_Classes\CLSID\{1108FD1C-492F-4251-B9DB-77F0274267B2}\InprocServer32 -> C:\Users\Tomáš\AppData\Local\Microsoft\EdgeUpdate\1.3.187.37\psuser_64.dll => No File
CustomCLSID: HKU\S-1-5-21-3489919597-1578466563-2200197977-1001_Classes\CLSID\{2FDB3305-19B8-4FE2-972B-ED5E97CBBD6E}\InprocServer32 -> C:\Users\Tomáš\AppData\Local\Microsoft\EdgeUpdate\1.3.195.39\psuser_64.dll (Microsoft Corporation -> Microsoft Corporation)
CustomCLSID: HKU\S-1-5-21-3489919597-1578466563-2200197977-1001_Classes\CLSID\{5EA43877-C6D8-4885-B77A-C0BB27E94372}\InprocServer32 -> C:\Users\Tomáš\AppData\Local\Microsoft\EdgeUpdate\1.3.195.39\psuser_64.dll (Microsoft Corporation -> Microsoft Corporation)
CustomCLSID: HKU\S-1-5-21-3489919597-1578466563-2200197977-1001_Classes\CLSID\{5FC44EBC-3A1F-4FBB-85E5-34405788C8D7}\InprocServer32 -> C:\Users\Tomáš\AppData\Local\Microsoft\EdgeUpdate\1.3.187.41\psuser_64.dll => No File
CustomCLSID: HKU\S-1-5-21-3489919597-1578466563-2200197977-1001_Classes\CLSID\{6DD6748E-7DAE-47EF-B4D5-03AA1B06D697}\InprocServer32 -> C:\Users\Tomáš\AppData\Local\Microsoft\EdgeUpdate\1.3.187.39\psuser_64.dll => No File
CustomCLSID: HKU\S-1-5-21-3489919597-1578466563-2200197977-1001_Classes\CLSID\{78C1ADF4-6DAE-4164-AEFA-4E3EAD9E750A}\InprocServer32 -> C:\Users\Tomáš\AppData\Local\Microsoft\EdgeUpdate\1.3.195.19\psuser_64.dll => No File
CustomCLSID: HKU\S-1-5-21-3489919597-1578466563-2200197977-1001_Classes\CLSID\{81093D63-7825-417B-BFC8-ADC63FA4E53D}\InprocServer32 -> C:\Users\Tomáš\AppData\Local\Microsoft\EdgeUpdate\1.3.195.39\psuser_64.dll (Microsoft Corporation -> Microsoft Corporation)
CustomCLSID: HKU\S-1-5-21-3489919597-1578466563-2200197977-1001_Classes\CLSID\{83F21C4B-8643-4A08-A29A-822AFD835037}\InprocServer32 -> C:\Users\Tomáš\AppData\Local\Microsoft\EdgeUpdate\1.3.193.5\psuser_64.dll => No File
CustomCLSID: HKU\S-1-5-21-3489919597-1578466563-2200197977-1001_Classes\CLSID\{A087E49F-1F8E-4603-A200-55537B737421}\InprocServer32 -> C:\Users\Tomáš\AppData\Local\Microsoft\EdgeUpdate\1.3.195.25\psuser_64.dll => No File
CustomCLSID: HKU\S-1-5-21-3489919597-1578466563-2200197977-1001_Classes\CLSID\{B258532D-3529-4BEB-BF38-F08F98B3968C}\InprocServer32 -> C:\Users\Tomáš\AppData\Local\Microsoft\EdgeUpdate\1.3.195.15\psuser_64.dll => No File
CustomCLSID: HKU\S-1-5-21-3489919597-1578466563-2200197977-1001_Classes\CLSID\{BC4C72EF-3055-4A6D-86E1-AE4D24DB63CA}\InprocServer32 -> C:\Users\Tomáš\AppData\Local\Microsoft\EdgeUpdate\1.3.195.35\psuser_64.dll => No File
CustomCLSID: HKU\S-1-5-21-3489919597-1578466563-2200197977-1001_Classes\CLSID\{DAA7499A-B3AC-4419-A89B-124318504051}\InprocServer32 -> C:\Users\Tomáš\AppData\Local\Microsoft\EdgeUpdate\1.3.185.29\psuser_64.dll => No File
ContextMenuHandlers1: [WinRAR] -> {B41DB860-64E4-11D2-9906-E49FADC173CA} => C:\Program Files\WinRAR\rarext.dll [2024-05-12] (win.rar GmbH -> Alexander Roshal)
ContextMenuHandlers1-x32: [WinRAR32] -> {B41DB860-8EE4-11D2-9906-E49FADC173CA} => C:\Program Files\WinRAR\rarext32.dll [2024-05-12] (win.rar GmbH -> Alexander Roshal)
ContextMenuHandlers5: [igfxcui] -> {3AB1675A-CCFF-11D2-8B20-00A0C93CB1F4} => C:\Windows\system32\igfxpph.dll [2017-03-09] (Microsoft Windows Hardware Compatibility Publisher -> Intel Corporation)
ContextMenuHandlers6: [WinRAR] -> {B41DB860-64E4-11D2-9906-E49FADC173CA} => C:\Program Files\WinRAR\rarext.dll [2024-05-12] (win.rar GmbH -> Alexander Roshal)
ContextMenuHandlers6-x32: [WinRAR32] -> {B41DB860-8EE4-11D2-9906-E49FADC173CA} => C:\Program Files\WinRAR\rarext32.dll [2024-05-12] (win.rar GmbH -> Alexander Roshal)
==================== Codecs (Whitelisted) ====================
==================== Shortcuts & WMI ========================
(The entries could be listed to be restored or removed.)
ShortcutWithArgument: C:\Users\Tomáš\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Aplikace Chrome\Disk Google.lnk -> C:\Program Files\Google\Chrome\Application\chrome_proxy.exe (Google LLC) -> --profile-directory=Default --app-id=aghbiahbpaijignceidepookljebhfak
ShortcutWithArgument: C:\Users\Tomáš\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Aplikace Chrome\Dokumenty.lnk -> C:\Program Files\Google\Chrome\Application\chrome_proxy.exe (Google LLC) -> --profile-directory=Default --app-id=mpnpojknpmmopombnjdcgaaiekajbnjb
ShortcutWithArgument: C:\Users\Tomáš\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Aplikace Chrome\Gmail.lnk -> C:\Program Files\Google\Chrome\Application\chrome_proxy.exe (Google LLC) -> --profile-directory=Default --app-id=fmgjjmmmlfnkbppncabfkddbjimcfncm
ShortcutWithArgument: C:\Users\Tomáš\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Aplikace Chrome\Prezentace.lnk -> C:\Program Files\Google\Chrome\Application\chrome_proxy.exe (Google LLC) -> --profile-directory=Default --app-id=kefjledonklijopmnomlcbpllchaibag
ShortcutWithArgument: C:\Users\Tomáš\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Aplikace Chrome\Tabulky.lnk -> C:\Program Files\Google\Chrome\Application\chrome_proxy.exe (Google LLC) -> --profile-directory=Default --app-id=fhihpiojkbmbpdjeoajapmgkhlnakfjf
ShortcutWithArgument: C:\Users\Tomáš\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Aplikace Chrome\YouTube.lnk -> C:\Program Files\Google\Chrome\Application\chrome_proxy.exe (Google LLC) -> --profile-directory=Default --app-id=agimnkijcaahngcdmfeangaknmldooml
==================== Loaded Modules (Whitelisted) =============
2009-09-16 17:44 - 2009-09-16 17:44 - 000153088 _____ (Hewlett Packard) [File not signed] C:\Windows\System32\hptcpmib.dll
2009-09-16 17:45 - 2009-09-16 17:45 - 000331264 _____ (Hewlett Packard) [File not signed] C:\Windows\System32\HpTcpMon.dll
2009-09-16 10:44 - 2009-09-16 10:44 - 000132096 _____ (Hewlett Packard) [File not signed] C:\Windows\System32\hpzjrd01.dll
2009-09-16 17:45 - 2009-09-16 17:45 - 000317440 _____ (Microsoft Corporation) [File not signed] C:\Windows\System32\HPTcpMUI.dll
==================== Alternate Data Streams (Whitelisted) ========
==================== Safe Mode (Whitelisted) ==================
==================== Association (Whitelisted) =================
==================== Internet Explorer (Whitelisted) =============
==================== Hosts content: =========================
(If needed Hosts: directive could be included in the fixlist to reset Hosts.)
2019-12-07 10:14 - 2019-12-07 10:12 - 000000824 _____ C:\Windows\system32\drivers\etc\hosts
==================== Other Areas ===========================
(Currently there is no automatic fix for this section.)
HKU\S-1-5-21-3489919597-1578466563-2200197977-1001\Control Panel\Desktop\\Wallpaper -> C:\Users\Tomáš\Desktop\HD-wallpaper-deicide-death-metal-metal-scars.jpg
DNS Servers: 77.236.192.130 - 77.236.192.150
HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Policies\System => (ConsentPromptBehaviorAdmin: 5) (ConsentPromptBehaviorUser: 3) (EnableLUA: 1)
Windows Firewall is enabled.
Network Binding:
=============
Wi-Fi: Intel(R) Centrino(R) Advanced-N 6205 -> NETwew01.sys
Ethernet: Intel(R) 82579LM Gigabit Network Connection -> e1i65x64.sys
==================== MSCONFIG/TASK MANAGER disabled items ==
==================== FirewallRules (Whitelisted) ================
(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)
FirewallRules: [{B378EBB2-BDDD-4D11-8656-F59B17084A2B}] => (Allow) C:\Program Files (x86)\HP\HP LaserJet Pro MFP M125-M126\Bin\HPNetworkCommunicatorCom.exe (VistaName -> Hewlett-Packard Co.) [File not signed]
FirewallRules: [{572C0C0F-2E92-4192-AB63-045BAE373164}] => (Allow) C:\Program Files (x86)\HP\HP LaserJet Pro MFP M125-M126\bin\EWSProxy.exe (VistaName -> Hewlett-Packard Co.) [File not signed]
FirewallRules: [{CA0D8E74-9317-4AB5-BAE3-A82288B136F5}] => (Allow) C:\Program Files\Mozilla Firefox\firefox.exe (Mozilla Corporation -> Mozilla Corporation)
FirewallRules: [{9F6E9C79-1536-4D0E-84E9-6DCDD0F4F5CA}] => (Allow) C:\Program Files\Mozilla Firefox\firefox.exe (Mozilla Corporation -> Mozilla Corporation)
FirewallRules: [{BFE859D3-6A77-495D-85DD-AE14E93F65C3}] => (Allow) C:\Program Files\Google\Chrome\Application\chrome.exe (Google LLC -> Google LLC)
FirewallRules: [{EDC8B73A-D51E-4AAB-BC89-B47601C439CD}] => (Allow) C:\Program Files\WindowsApps\Microsoft.SkypeApp_15.133.3202.0_x64__kzf8qxf38zg5c\Skype\Skype.exe (Skype Software Sarl -> Skype Technologies S.A.)
FirewallRules: [{C0B0B697-9EF0-41DD-A598-A82DDE6433AB}] => (Allow) C:\Program Files\WindowsApps\Microsoft.SkypeApp_15.133.3202.0_x64__kzf8qxf38zg5c\Skype\Skype.exe (Skype Software Sarl -> Skype Technologies S.A.)
FirewallRules: [{C2CA360C-9BF1-407A-876A-DD7BFC29E1AC}] => (Allow) C:\Program Files\WindowsApps\Microsoft.SkypeApp_15.133.3202.0_x64__kzf8qxf38zg5c\Skype\Skype.exe (Skype Software Sarl -> Skype Technologies S.A.)
FirewallRules: [{AEED1C68-3C1C-40A0-AF59-9301266D817E}] => (Allow) C:\Program Files\WindowsApps\Microsoft.SkypeApp_15.133.3202.0_x64__kzf8qxf38zg5c\Skype\Skype.exe (Skype Software Sarl -> Skype Technologies S.A.)
FirewallRules: [{4A17DA12-2770-44E9-AC19-8CA61F87F5A2}] => (Allow) C:\Program Files\WindowsApps\SpotifyAB.SpotifyMusic_1.252.442.0_x64__zpdnekdrzrea0\Spotify.exe (453637B3-4E12-4CDF-B0D3-2A3C863BF6EF -> Spotify Ltd)
FirewallRules: [{5033D075-BEF4-410C-A514-D35594DDA4B8}] => (Allow) C:\Program Files\WindowsApps\SpotifyAB.SpotifyMusic_1.252.442.0_x64__zpdnekdrzrea0\Spotify.exe (453637B3-4E12-4CDF-B0D3-2A3C863BF6EF -> Spotify Ltd)
FirewallRules: [{7BC91C82-A1F8-4947-9808-C32D959AA3B9}] => (Allow) C:\Program Files\WindowsApps\SpotifyAB.SpotifyMusic_1.252.442.0_x64__zpdnekdrzrea0\Spotify.exe (453637B3-4E12-4CDF-B0D3-2A3C863BF6EF -> Spotify Ltd)
FirewallRules: [{BA1A7C62-C72B-4A35-99E3-F239408F0740}] => (Allow) C:\Program Files\WindowsApps\SpotifyAB.SpotifyMusic_1.252.442.0_x64__zpdnekdrzrea0\Spotify.exe (453637B3-4E12-4CDF-B0D3-2A3C863BF6EF -> Spotify Ltd)
FirewallRules: [{11E20890-4A27-406C-8DCC-CF9B6BC46D17}] => (Allow) C:\Program Files\WindowsApps\SpotifyAB.SpotifyMusic_1.252.442.0_x64__zpdnekdrzrea0\Spotify.exe (453637B3-4E12-4CDF-B0D3-2A3C863BF6EF -> Spotify Ltd)
FirewallRules: [{40A091EC-B0F6-45C8-8026-D9414F785B1C}] => (Allow) C:\Program Files\WindowsApps\SpotifyAB.SpotifyMusic_1.252.442.0_x64__zpdnekdrzrea0\Spotify.exe (453637B3-4E12-4CDF-B0D3-2A3C863BF6EF -> Spotify Ltd)
FirewallRules: [{B8F5904E-8136-47F0-B3A8-9E8B4543B5BF}] => (Allow) C:\Program Files\WindowsApps\SpotifyAB.SpotifyMusic_1.252.442.0_x64__zpdnekdrzrea0\Spotify.exe (453637B3-4E12-4CDF-B0D3-2A3C863BF6EF -> Spotify Ltd)
FirewallRules: [{AA7831A8-C2AA-4226-8561-82E16C5C3CBE}] => (Allow) C:\Program Files\WindowsApps\SpotifyAB.SpotifyMusic_1.252.442.0_x64__zpdnekdrzrea0\Spotify.exe (453637B3-4E12-4CDF-B0D3-2A3C863BF6EF -> Spotify Ltd)
FirewallRules: [{ED9DA6F4-96A1-4BFE-AC03-E56C8CC6E70A}] => (Allow) C:\Program Files\WindowsApps\SpotifyAB.SpotifyMusic_1.252.442.0_x64__zpdnekdrzrea0\Spotify.exe (453637B3-4E12-4CDF-B0D3-2A3C863BF6EF -> Spotify Ltd)
FirewallRules: [{C6A6CE63-8462-4B8E-94FA-CEF91F04D862}] => (Allow) C:\Program Files\WindowsApps\SpotifyAB.SpotifyMusic_1.252.442.0_x64__zpdnekdrzrea0\Spotify.exe (453637B3-4E12-4CDF-B0D3-2A3C863BF6EF -> Spotify Ltd)
FirewallRules: [{9B28761F-D0AD-4DBB-8CB6-FED7E7469377}] => (Allow) C:\Program Files (x86)\Microsoft\EdgeWebView\Application\131.0.2903.86\msedgewebview2.exe (Microsoft Corporation -> Microsoft Corporation)
==================== Restore Points =========================
15-11-2024 14:33:35 Instalační služba modulů systému Windows
30-11-2024 08:02:13 Naplánovaný kontrolní bod
30-11-2024 15:00:07 Instalační služba modulů systému Windows
==================== Faulty Device Manager Devices ============
Name: Broadcom USH
Description: Broadcom USH
Class Guid:
Manufacturer:
Service:
Problem: : The drivers for this device are not installed. (Code 28)
Resolution: To install the drivers for this device, click "Update Driver", which starts the Hardware Update wizard.
Name: Sériový port sběrnice PCI
Description: Sériový port sběrnice PCI
Class Guid:
Manufacturer:
Service:
Problem: : The drivers for this device are not installed. (Code 28)
Resolution: To install the drivers for this device, click "Update Driver", which starts the Hardware Update wizard.
Name: Řadič jednoduché komunikace pro sběrnici PCI
Description: Řadič jednoduché komunikace pro sběrnici PCI
Class Guid:
Manufacturer:
Service:
Problem: : The drivers for this device are not installed. (Code 28)
Resolution: To install the drivers for this device, click "Update Driver", which starts the Hardware Update wizard.
Name: Řadič velkokapacitního paměťového zařízení
Description: Řadič velkokapacitního paměťového zařízení
Class Guid:
Manufacturer:
Service:
Problem: : The drivers for this device are not installed. (Code 28)
Resolution: To install the drivers for this device, click "Update Driver", which starts the Hardware Update wizard.
Name:
Description:
Class Guid:
Manufacturer:
Service:
Problem: : The drivers for this device are not installed. (Code 28)
Resolution: To install the drivers for this device, click "Update Driver", which starts the Hardware Update wizard.
==================== Event log errors: ========================
Application errors:
==================
Error: (12/06/2024 10:14:32 AM) (Source: SideBySide) (EventID: 33) (User: )
Description: Generování kontextu aktivace pro C:\Program Files (x86)\Zoner\Photo Studio 11\Program\Microsoft.VC80.MFC\MFC80U.DLL se nezdařilo.
Závislé sestavení Microsoft.VC80.MFCLOC,processorArchitecture="x86",publicKeyToken="1fc8b3b9a1e18e3b",type="win32",version="8.0.50608.0" nelze najít.
Podrobnější diagnostické údaje získáte pomocí programu sxstrace.exe.
Error: (12/06/2024 10:14:32 AM) (Source: SideBySide) (EventID: 33) (User: )
Description: Generování kontextu aktivace pro C:\Program Files (x86)\Zoner\Photo Studio 11\Program\Microsoft.VC80.MFC\MFC80U.DLL se nezdařilo.
Závislé sestavení Microsoft.VC80.MFCLOC,processorArchitecture="x86",publicKeyToken="1fc8b3b9a1e18e3b",type="win32",version="8.0.50608.0" nelze najít.
Podrobnější diagnostické údaje získáte pomocí programu sxstrace.exe.
Error: (12/06/2024 10:14:26 AM) (Source: SideBySide) (EventID: 33) (User: )
Description: Generování kontextu aktivace pro C:\Program Files (x86)\Zoner\Photo Studio 11\Program\Microsoft.VC80.MFC\MFC80U.DLL se nezdařilo.
Závislé sestavení Microsoft.VC80.MFCLOC,processorArchitecture="x86",publicKeyToken="1fc8b3b9a1e18e3b",type="win32",version="8.0.50608.0" nelze najít.
Podrobnější diagnostické údaje získáte pomocí programu sxstrace.exe.
Error: (12/06/2024 10:14:26 AM) (Source: SideBySide) (EventID: 33) (User: )
Description: Generování kontextu aktivace pro C:\Program Files (x86)\Zoner\Photo Studio 11\Program\Microsoft.VC80.MFC\MFC80U.DLL se nezdařilo.
Závislé sestavení Microsoft.VC80.MFCLOC,processorArchitecture="x86",publicKeyToken="1fc8b3b9a1e18e3b",type="win32",version="8.0.50608.0" nelze najít.
Podrobnější diagnostické údaje získáte pomocí programu sxstrace.exe.
Error: (11/30/2024 07:25:49 AM) (Source: Firefox Default Browser Agent) (EventID: 5) (User: )
Description: Event-ID 5
Error: (11/15/2024 05:27:16 PM) (Source: SideBySide) (EventID: 33) (User: )
Description: Generování kontextu aktivace pro C:\Program Files (x86)\Zoner\Photo Studio 11\Program\Microsoft.VC80.MFC\MFC80U.DLL se nezdařilo.
Závislé sestavení Microsoft.VC80.MFCLOC,processorArchitecture="x86",publicKeyToken="1fc8b3b9a1e18e3b",type="win32",version="8.0.50608.0" nelze najít.
Podrobnější diagnostické údaje získáte pomocí programu sxstrace.exe.
Error: (11/15/2024 05:27:16 PM) (Source: SideBySide) (EventID: 33) (User: )
Description: Generování kontextu aktivace pro C:\Program Files (x86)\Zoner\Photo Studio 11\Program\Microsoft.VC80.MFC\MFC80U.DLL se nezdařilo.
Závislé sestavení Microsoft.VC80.MFCLOC,processorArchitecture="x86",publicKeyToken="1fc8b3b9a1e18e3b",type="win32",version="8.0.50608.0" nelze najít.
Podrobnější diagnostické údaje získáte pomocí programu sxstrace.exe.
Error: (11/15/2024 05:24:22 PM) (Source: SideBySide) (EventID: 33) (User: )
Description: Generování kontextu aktivace pro C:\Program Files (x86)\Zoner\Photo Studio 11\Program\Microsoft.VC80.MFC\MFC80U.DLL se nezdařilo.
Závislé sestavení Microsoft.VC80.MFCLOC,processorArchitecture="x86",publicKeyToken="1fc8b3b9a1e18e3b",type="win32",version="8.0.50608.0" nelze najít.
Podrobnější diagnostické údaje získáte pomocí programu sxstrace.exe.
System errors:
=============
Error: (12/06/2024 08:53:52 AM) (Source: Microsoft-Windows-WindowsUpdateClient) (EventID: 20) (User: NT AUTHORITY)
Description: Instalace se nezdařila: Instalování následující aktualizace se nezdařilo z důvodu chyby (0x80073d02): 9NMPJ99VJBWV-Microsoft.YourPhone.
Error: (12/06/2024 08:20:38 AM) (Source: Microsoft-Windows-WindowsUpdateClient) (EventID: 20) (User: NT AUTHORITY)
Description: Instalace se nezdařila: Instalování následující aktualizace se nezdařilo z důvodu chyby (0x80073d02): 9NMPJ99VJBWV-Microsoft.YourPhone.
Error: (12/01/2024 07:29:14 AM) (Source: Service Control Manager) (EventID: 7000) (User: )
Description: Služba Služba Aktualizace Google (gupdate) neuspěla při spuštění v důsledku následující chyby:
Služba neodpověděla na řídicí nebo zahajovací požadavek dostatečně včas.
Error: (12/01/2024 07:29:14 AM) (Source: Service Control Manager) (EventID: 7009) (User: )
Description: Při čekání na připojení služby Služba Aktualizace Google (gupdate) bylo dosaženo časového limitu (30000 ms).
Error: (11/16/2024 08:22:41 AM) (Source: Service Control Manager) (EventID: 7000) (User: )
Description: Služba Služba Aktualizace Google (gupdate) neuspěla při spuštění v důsledku následující chyby:
Služba neodpověděla na řídicí nebo zahajovací požadavek dostatečně včas.
Error: (11/16/2024 08:22:41 AM) (Source: Service Control Manager) (EventID: 7009) (User: )
Description: Při čekání na připojení služby Služba Aktualizace Google (gupdate) bylo dosaženo časového limitu (30000 ms).
Error: (11/15/2024 02:34:09 PM) (Source: Microsoft-Windows-WindowsUpdateClient) (EventID: 20) (User: NT AUTHORITY)
Description: Instalace se nezdařila: Instalování následující aktualizace se nezdařilo z důvodu chyby (0x80073d02): 9WZDNCRFJ364-MICROSOFT.SKYPEAPP.
Error: (11/15/2024 08:59:57 AM) (Source: Microsoft-Windows-WindowsUpdateClient) (EventID: 20) (User: NT AUTHORITY)
Description: Instalace se nezdařila: Instalování následující aktualizace se nezdařilo z důvodu chyby (0x80073d02): 9NMPJ99VJBWV-Microsoft.YourPhone.
Windows Defender:
================
Date: 2024-12-07 08:57:30
Description:
Prohledávání Antivirová ochrana v programu Microsoft Defender bylo zastaveno před dokončením.
ID prohledávání: {79E2E025-6346-47A0-9B3D-A6E46B317BB8}
Typ prohledávání: Antimalwarový program
Parametry prohledávání: Rychlé prohledávání
Uživatel: NT AUTHORITY\SYSTEM
Date: 2024-12-06 08:53:20
Description:
Prohledávání Antivirová ochrana v programu Microsoft Defender bylo zastaveno před dokončením.
ID prohledávání: {CC816A28-5E68-469A-9811-A7CD8F81F9EC}
Typ prohledávání: Antimalwarový program
Parametry prohledávání: Rychlé prohledávání
Uživatel: NT AUTHORITY\SYSTEM
Date: 2024-11-30 08:51:06
Description:
Prohledávání Antivirová ochrana v programu Microsoft Defender bylo zastaveno před dokončením.
ID prohledávání: {E3698D32-2FDF-4171-824F-A4D4F2AC83CE}
Typ prohledávání: Antimalwarový program
Parametry prohledávání: Rychlé prohledávání
Uživatel: NT AUTHORITY\SYSTEM
Date: 2024-11-29 17:40:14
Description:
Prohledávání Antivirová ochrana v programu Microsoft Defender bylo zastaveno před dokončením.
ID prohledávání: {E9A5A3AF-F013-46A6-98FE-B72AB3E302E4}
Typ prohledávání: Antimalwarový program
Parametry prohledávání: Rychlé prohledávání
Uživatel: NT AUTHORITY\SYSTEM
Date: 2024-11-29 14:47:58
Description:
Prohledávání Antivirová ochrana v programu Microsoft Defender bylo zastaveno před dokončením.
ID prohledávání: {9164D885-E0DA-4A0D-9A37-7F2D04146AB2}
Typ prohledávání: Antimalwarový program
Parametry prohledávání: Rychlé prohledávání
Uživatel: NT AUTHORITY\SYSTEM
==================== Memory info ===========================
BIOS: Dell Inc. A13 11/17/2013
Motherboard: Dell Inc. 0R97MN
Processor: Intel(R) Core(TM) i5-2520M CPU @ 2.50GHz
Percentage of memory in use: 38%
Total physical RAM: 8073.01 MB
Available physical RAM: 4939.75 MB
Total Virtual: 10377.01 MB
Available Virtual: 7187.18 MB
==================== Drives ================================
Drive c: () (Fixed) (Total:222.98 GB) (Free:174.82 GB) (Model: ADATA SU650) NTFS
\\?\Volume{1d98aefa-0000-0000-0000-100000000000}\ (Rezervováno systémem) (Fixed) (Total:0.05 GB) (Free:0.02 GB) NTFS
\\?\Volume{1d98aefa-0000-0000-0000-30c237000000}\ () (Fixed) (Total:0.53 GB) (Free:0.08 GB) NTFS
==================== MBR & Partition Table ====================
==========================================================
Disk: 0 (MBR Code: Windows 7/8/10) (Size: 223.6 GB) (Disk ID: 1D98AEFA)
Partition 1: (Active) - (Size=50 MB) - (Type=07 NTFS)
Partition 2: (Not Active) - (Size=223 GB) - (Type=07 NTFS)
Partition 3: (Not Active) - (Size=547 MB) - (Type=27)
==================== End of Addition.txt =======================
Odvirování PC, zrychlení počítače, vzdálená pomoc prostřednictvím služby neslape.cz
Troják?
Moderátor: Moderátoři
Pravidla fóra
Pokud chcete pomoc, vložte log z FRST [návod zde] nebo RSIT [návod zde]
Jednotlivé thready budou po vyřešení uzamčeny. Stejně tak ty, které budou nečinné déle než 14 dní. Vizte Pravidlo o zamykání témat. Děkujeme za pochopení.
!NOVINKA!
Nově lze využívat služby vzdálené pomoci, kdy se k vašemu počítači připojí odborník a bližší informace o problému si od vás získá telefonicky! Více na www.neslape.cz
Pokud chcete pomoc, vložte log z FRST [návod zde] nebo RSIT [návod zde]
Jednotlivé thready budou po vyřešení uzamčeny. Stejně tak ty, které budou nečinné déle než 14 dní. Vizte Pravidlo o zamykání témat. Děkujeme za pochopení.
!NOVINKA!
Nově lze využívat služby vzdálené pomoci, kdy se k vašemu počítači připojí odborník a bližší informace o problému si od vás získá telefonicky! Více na www.neslape.cz
-
Rudy
- Site Admin
- Příspěvky: 119315
- Registrován: 30 říj 2003 13:42
- Bydliště: Plzeň
- Kontaktovat uživatele:
Re: Troják?
Zdravím!
Spusťte nejprve tuto utilitu:
Spusťte nejprve tuto utilitu:
Ulozte na plochu AdwCleaner https://malwarebytes.com/adwcleaner/ nebo http://www.bleepingcomputer.com/download/adwcleaner/
ukoncete vsechny programy
odsouhlaste licencni podmiky (EULA) klikem na Souhlasim
kliknete pravym na ikonu AdwCleaneru a vyberte Spustit jako spravce (v pripade Win XP spustte obycejne dvojklikem)
kliknete na Skenovat nyni (Scan now), pote na Cisteni a opravy (Clean and Repair)
po restartu na Vas vyskoci log (pripadne jej najdete v C:\AdwCleaner\Logs\AdwCleaner[Cxx].txt), jehoz obsah zkopirujte do pristi odpovedi
Dotazy a logy vkládejte pouze do vašich threadů. Soukromé zprávy, icq a e-maily neslouží k řešení vašich problémů.
Podpořte, prosím, naše fórum : https://platba.viry.cz/payment/.
Navštivte:
e-mail: rudy(zavináč)forum.viry.cz
Varování: Před odvirováním PC si udělejte zálohy svých důležitých dat (pošta, kontakty, dokumenty, fotografie, videa, hudba apod.). Virus mimo svých "viditelných" aktivit může poškodit systém!
Po dořešení vašeho problému bude vlákno zamknuto. Stejně tak tehdy, pokud bude nečinné více než 14dnů. Pokud budete chtít vlákno aktivovat, napište mi na mail uvedený výše.
Podpořte, prosím, naše fórum : https://platba.viry.cz/payment/.
Navštivte:
e-mail: rudy(zavináč)forum.viry.cz
Varování: Před odvirováním PC si udělejte zálohy svých důležitých dat (pošta, kontakty, dokumenty, fotografie, videa, hudba apod.). Virus mimo svých "viditelných" aktivit může poškodit systém!
Po dořešení vašeho problému bude vlákno zamknuto. Stejně tak tehdy, pokud bude nečinné více než 14dnů. Pokud budete chtít vlákno aktivovat, napište mi na mail uvedený výše.
-
Thomas
- Návštěvník
- Příspěvky: 251
- Registrován: 07 dub 2005 20:02
- Bydliště: Hradec Králové
- Kontaktovat uživatele:
Re: Troják?
# -------------------------------
# Malwarebytes AdwCleaner 8.4.2.0
# -------------------------------
# Build: 03-04-2024
# Database: 2024-03-04.1 (Local)
# Support: https://www.malwarebytes.com/support
#
# -------------------------------
# Mode: Clean
# -------------------------------
# Start: 12-07-2024
# Duration: 00:00:00
# OS: Windows 10 (Build 19045.5131)
# Cleaned: 2
# Failed: 0
***** [ Services ] *****
No malicious services cleaned.
***** [ Folders ] *****
No malicious folders cleaned.
***** [ Files ] *****
No malicious files cleaned.
***** [ DLL ] *****
No malicious DLLs cleaned.
***** [ WMI ] *****
No malicious WMI cleaned.
***** [ Shortcuts ] *****
No malicious shortcuts cleaned.
***** [ Tasks ] *****
No malicious tasks cleaned.
***** [ Registry ] *****
Deleted HKLM\System\CurrentControlSet\Services\Tcpip\Parameters\Interfaces\{470464b2-08ff-4641-a4a2-551f9a886915}|DhcpNameServer - "77.236.192.130"
Deleted HKLM\System\CurrentControlSet\Services\Tcpip\Parameters|DhcpNameServer - "77.236.192.130"
***** [ Chromium (and derivatives) ] *****
No malicious Chromium entries cleaned.
***** [ Chromium URLs ] *****
No malicious Chromium URLs cleaned.
***** [ Firefox (and derivatives) ] *****
No malicious Firefox entries cleaned.
***** [ Firefox URLs ] *****
No malicious Firefox URLs cleaned.
***** [ Hosts File Entries ] *****
No malicious hosts file entries cleaned.
***** [ Preinstalled Software ] *****
No Preinstalled Software cleaned.
*************************
[+] Delete Tracing Keys
[+] Reset Winsock
*************************
AdwCleaner[S00].txt - [1678 octets] - [07/12/2024 14:32:48]
########## EOF - C:\AdwCleaner\Logs\AdwCleaner[C00].txt ##########
# Malwarebytes AdwCleaner 8.4.2.0
# -------------------------------
# Build: 03-04-2024
# Database: 2024-03-04.1 (Local)
# Support: https://www.malwarebytes.com/support
#
# -------------------------------
# Mode: Clean
# -------------------------------
# Start: 12-07-2024
# Duration: 00:00:00
# OS: Windows 10 (Build 19045.5131)
# Cleaned: 2
# Failed: 0
***** [ Services ] *****
No malicious services cleaned.
***** [ Folders ] *****
No malicious folders cleaned.
***** [ Files ] *****
No malicious files cleaned.
***** [ DLL ] *****
No malicious DLLs cleaned.
***** [ WMI ] *****
No malicious WMI cleaned.
***** [ Shortcuts ] *****
No malicious shortcuts cleaned.
***** [ Tasks ] *****
No malicious tasks cleaned.
***** [ Registry ] *****
Deleted HKLM\System\CurrentControlSet\Services\Tcpip\Parameters\Interfaces\{470464b2-08ff-4641-a4a2-551f9a886915}|DhcpNameServer - "77.236.192.130"
Deleted HKLM\System\CurrentControlSet\Services\Tcpip\Parameters|DhcpNameServer - "77.236.192.130"
***** [ Chromium (and derivatives) ] *****
No malicious Chromium entries cleaned.
***** [ Chromium URLs ] *****
No malicious Chromium URLs cleaned.
***** [ Firefox (and derivatives) ] *****
No malicious Firefox entries cleaned.
***** [ Firefox URLs ] *****
No malicious Firefox URLs cleaned.
***** [ Hosts File Entries ] *****
No malicious hosts file entries cleaned.
***** [ Preinstalled Software ] *****
No Preinstalled Software cleaned.
*************************
[+] Delete Tracing Keys
[+] Reset Winsock
*************************
AdwCleaner[S00].txt - [1678 octets] - [07/12/2024 14:32:48]
########## EOF - C:\AdwCleaner\Logs\AdwCleaner[C00].txt ##########
-
Rudy
- Site Admin
- Příspěvky: 119315
- Registrován: 30 říj 2003 13:42
- Bydliště: Plzeň
- Kontaktovat uživatele:
Re: Troják?
Dejte nové logy FRST+Addition.
Dotazy a logy vkládejte pouze do vašich threadů. Soukromé zprávy, icq a e-maily neslouží k řešení vašich problémů.
Podpořte, prosím, naše fórum : https://platba.viry.cz/payment/.
Navštivte:
e-mail: rudy(zavináč)forum.viry.cz
Varování: Před odvirováním PC si udělejte zálohy svých důležitých dat (pošta, kontakty, dokumenty, fotografie, videa, hudba apod.). Virus mimo svých "viditelných" aktivit může poškodit systém!
Po dořešení vašeho problému bude vlákno zamknuto. Stejně tak tehdy, pokud bude nečinné více než 14dnů. Pokud budete chtít vlákno aktivovat, napište mi na mail uvedený výše.
Podpořte, prosím, naše fórum : https://platba.viry.cz/payment/.
Navštivte:
e-mail: rudy(zavináč)forum.viry.cz
Varování: Před odvirováním PC si udělejte zálohy svých důležitých dat (pošta, kontakty, dokumenty, fotografie, videa, hudba apod.). Virus mimo svých "viditelných" aktivit může poškodit systém!
Po dořešení vašeho problému bude vlákno zamknuto. Stejně tak tehdy, pokud bude nečinné více než 14dnů. Pokud budete chtít vlákno aktivovat, napište mi na mail uvedený výše.
-
Thomas
- Návštěvník
- Příspěvky: 251
- Registrován: 07 dub 2005 20:02
- Bydliště: Hradec Králové
- Kontaktovat uživatele:
Re: Troják?
Scan result of Farbar Recovery Scan Tool (FRST) (x64) Version: 06-12-2024
Ran by Tomáš (administrator) on DESKTOP-FFT066H (Dell Inc. Latitude E6220) (07-12-2024 15:10:14)
Running from C:\Users\Tomáš\Downloads\FRST64.exe
Loaded Profiles: Tomáš
Platform: Microsoft Windows 10 Pro Version 22H2 19045.5131 (X64) Language: Čeština (Česko)
Default browser: FF
Boot Mode: Normal
==================== Processes (Whitelisted) =================
(If an entry is included in the fixlist, the process will be closed. The file will not be moved.)
(Alps Electric Co., LTD. -> Alps Electric Co., Ltd.) C:\Program Files\DellTPad\ApntEx.exe
(C:\Program Files\DellTPad\Apoint.exe ->) (Alps Electric Co., LTD. -> Alps Electric Co., Ltd.) C:\Program Files\DellTPad\ApMsgFwd.exe
(C:\Program Files\DellTPad\Apoint.exe ->) (Alps Electric Co., LTD. -> Alps Electric Co., Ltd.) C:\Program Files\DellTPad\hidfind.exe
(C:\Program Files\DellTPad\HidMonitorSvc.exe ->) (Alps Electric Co., LTD. -> Alps Electric Co., Ltd.) C:\Program Files\DellTPad\Apoint.exe
(explorer.exe ->) (Intel(R) pGFX -> Intel Corporation) C:\Windows\System32\hkcmd.exe
(explorer.exe ->) (Intel(R) pGFX -> Intel Corporation) C:\Windows\System32\igfxpers.exe
(explorer.exe ->) (Intel(R) pGFX -> Intel Corporation) C:\Windows\System32\igfxtray.exe
(explorer.exe ->) (Microsoft Corporation -> Microsoft Corporation) C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe <5>
(explorer.exe ->) (Microsoft Windows -> Microsoft Corporation) C:\Windows\System32\rundll32.exe
(Gen Digital Inc. -> Piriform Software Ltd) C:\Program Files\CCleaner\CCleaner64.exe
(Hewlett-Packard Company -> Hewlett-Packard) C:\Program Files (x86)\HP\HP Software Update\hpwuschd2.exe
(Hewlett-Packard Company -> HP Development Company, L.P.) C:\Program Files (x86)\HP\StatusAlerts\bin\HPStatusAlerts.exe
(services.exe ->) (Alps Electric Co., LTD. -> Alps Electric Co., Ltd.) C:\Program Files\DellTPad\HidMonitorSvc.exe
(services.exe ->) (HP Inc.) [File not signed] C:\Program Files (x86)\HP\HPLaserJetService\HPLaserJetService.exe
(services.exe ->) (Microsoft Windows Publisher -> Microsoft Corporation) C:\ProgramData\Microsoft\Windows Defender\Platform\4.18.24090.11-0\MpDefenderCoreService.exe
(services.exe ->) (Microsoft Windows Publisher -> Microsoft Corporation) C:\ProgramData\Microsoft\Windows Defender\Platform\4.18.24090.11-0\MsMpEng.exe
(services.exe ->) (Microsoft Windows Publisher -> Microsoft Corporation) C:\ProgramData\Microsoft\Windows Defender\Platform\4.18.24090.11-0\NisSrv.exe
(svchost.exe ->) (Microsoft Corporation -> Microsoft Corporation) C:\Users\Tomáš\AppData\Local\Microsoft\OneDrive\24.221.1103.0003\FileCoAuth.exe
(svchost.exe ->) (Microsoft Windows -> Microsoft Corporation) C:\Windows\ImmersiveControlPanel\SystemSettings.exe
(svchost.exe ->) (Microsoft Windows -> Microsoft Corporation) C:\Windows\System32\dllhost.exe <2>
(svchost.exe ->) (Microsoft Windows -> Microsoft Corporation) C:\Windows\System32\smartscreen.exe
(svchost.exe ->) (Microsoft Windows -> Microsoft Corporation) C:\Windows\SysWOW64\dllhost.exe
==================== Registry (Whitelisted) ===================
(If an entry is included in the fixlist, the registry item will be restored to default or removed. The file will not be moved.)
HKLM\...\Run: [Apoint] => C:\Program Files\DellTPad\Apoint.exe [727896 2014-03-13] (Alps Electric Co., LTD. -> Alps Electric Co., Ltd.)
HKLM-x32\...\Run: [HP Software Update] => C:\Program Files (x86)\Hp\HP Software Update\HPWuSchd2.exe [96056 2013-05-30] (Hewlett-Packard Company -> Hewlett-Packard)
HKLM-x32\...\Run: [] => [X]
HKLM-x32\...\Run: [StatusAlerts] => C:\Program Files (x86)\HP\StatusAlerts\bin\HPStatusAlerts.exe [329992 2015-06-17] (Hewlett-Packard Company -> HP Development Company, L.P.)
HKU\S-1-5-21-3489919597-1578466563-2200197977-1001\...\Run: [Microsoft Edge Update] => C:\Users\Tomáš\AppData\Local\Microsoft\EdgeUpdate\1.3.195.39\MicrosoftEdgeUpdateCore.exe [268344 2024-11-28] (Microsoft Corporation -> Microsoft Corporation)
HKU\S-1-5-21-3489919597-1578466563-2200197977-1001\...\Run: [CCleaner Smart Cleaning] => C:\Program Files\CCleaner\CCleaner64.exe [45359408 2024-11-06] (Gen Digital Inc. -> Piriform Software Ltd)
HKU\S-1-5-21-3489919597-1578466563-2200197977-1001\...\Run: [MicrosoftEdgeAutoLaunch_A04DB29D7BBA667E0666614EBA03A945] => "C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --no-startup-window --win-session-start [3911232 2024-12-05] (Microsoft Corporation -> Microsoft Corporation)
HKLM\...\Print\Monitors\HP Standard TCP/IP Port: C:\Windows\system32\HpTcpMon.dll [331264 2009-09-16] (Hewlett Packard) [File not signed]
HKLM\Software\Microsoft\Active Setup\Installed Components: [{8A69D345-D564-463c-AFF1-A69D9E530F96}] -> C:\Program Files\Google\Chrome\Application\131.0.6778.109\Installer\chrmstp.exe [2024-12-06] (Google LLC -> Google LLC)
==================== Scheduled Tasks (Whitelisted) =================
(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)
Task: {975739FA-BE4F-4A7C-AD76-11E3AD80AAFE} - System32\Tasks\CCleaner Update => C:\Program Files\CCleaner\CCUpdate.exe [829408 2024-11-06] (Gen Digital Inc. -> Gen Digital Inc.)
Task: {4078EAE6-E7FF-4FF6-8B29-3D957D504D93} - System32\Tasks\CCleanerCrashReporting => C:\Program Files\CCleaner\CCleanerBugReport.exe [5983536 2024-11-06] (Gen Digital Inc. -> Gen Digital Inc.) -> --product 90 --send dumps|report --path "C:\Program Files\CCleaner\LOG" --programpath "C:\Program Files\CCleaner" --guid "06b30e18-9de7-445f-950d-672383b2c1b8" --version "6.30.11385" --silent
Task: {B454A5D6-B7F3-4092-BDE7-5FDE29E1A92F} - System32\Tasks\CCleanerSkipUAC - Tomáš => C:\Program Files\CCleaner\CCleaner.exe [39135536 2024-11-06] (Gen Digital Inc. -> Piriform Software Ltd)
Task: {C6010DB2-44DC-4339-9A65-A1B1E1D03822} - System32\Tasks\GoogleSystem\GoogleUpdater\GoogleUpdaterTaskSystem132.0.6833.0{3BC142C6-6C32-4F73-BEC2-2C2063F59757} => C:\Program Files (x86)\Google\GoogleUpdater\132.0.6833.0\updater.exe [5591136 2024-11-11] (Google LLC -> Google LLC)
Task: {32CA82BE-D54B-4E18-BDDF-7B2244F51C9E} - System32\Tasks\HPLJCustParticipation => C:\Program Files (x86)\HP\HPLJUT\HPLJUTSCH.exe [89840 2014-10-19] (Hewlett-Packard Company -> Hewlett Packard)
Task: {F4D30E84-586F-40AA-9310-E86C6E0BD7F4} - System32\Tasks\Microsoft\Windows\Windows Defender\Windows Defender Cache Maintenance => C:\ProgramData\Microsoft\Windows Defender\Platform\4.18.24090.11-0\MpCmdRun.exe [1687360 2024-11-16] (Microsoft Windows Publisher -> Microsoft Corporation)
Task: {B744C083-66A3-47C4-8AB2-B8B7DBF37929} - System32\Tasks\Microsoft\Windows\Windows Defender\Windows Defender Cleanup => C:\ProgramData\Microsoft\Windows Defender\Platform\4.18.24090.11-0\MpCmdRun.exe [1687360 2024-11-16] (Microsoft Windows Publisher -> Microsoft Corporation)
Task: {54049AA5-456F-4662-8D42-09935018AC97} - System32\Tasks\Microsoft\Windows\Windows Defender\Windows Defender Scheduled Scan => C:\ProgramData\Microsoft\Windows Defender\Platform\4.18.24090.11-0\MpCmdRun.exe [1687360 2024-11-16] (Microsoft Windows Publisher -> Microsoft Corporation)
Task: {423EAB22-DE87-4E86-832E-20423C3676D7} - System32\Tasks\Microsoft\Windows\Windows Defender\Windows Defender Verification => C:\ProgramData\Microsoft\Windows Defender\Platform\4.18.24090.11-0\MpCmdRun.exe [1687360 2024-11-16] (Microsoft Windows Publisher -> Microsoft Corporation)
Task: {646FA8C0-0046-40F7-978E-8BC46EBF69BA} - System32\Tasks\MicrosoftEdgeUpdateTaskUserS-1-5-21-3489919597-1578466563-2200197977-1001Core{48749483-551D-4D33-B949-2874132A79FC} => C:\Users\Tomáš\AppData\Local\Microsoft\EdgeUpdate\MicrosoftEdgeUpdate.exe [206392 2024-04-04] (Microsoft Corporation -> Microsoft Corporation)
Task: {B22E4E0F-D27D-4BE5-A609-3D1F73407CCD} - System32\Tasks\MicrosoftEdgeUpdateTaskUserS-1-5-21-3489919597-1578466563-2200197977-1001UA{73A90630-A870-4BB8-9254-1444E1E023C0} => C:\Users\Tomáš\AppData\Local\Microsoft\EdgeUpdate\MicrosoftEdgeUpdate.exe [206392 2024-04-04] (Microsoft Corporation -> Microsoft Corporation)
Task: {C1E6FA04-4A80-4129-8196-E7CA319AC8CE} - System32\Tasks\Mozilla\Firefox Background Update S-1-5-21-3489919597-1578466563-2200197977-1001 308046B0AF4A39CB => C:\Program Files\Mozilla Firefox\firefox.exe [671808 2024-11-29] (Mozilla Corporation -> Mozilla Corporation) -> C:\ProgramData\Mozilla-1de4eec8-1241-4177-a864-e594e8d1fb38\updates\308046B0AF4A39CB\--MOZ_LOG sync,prependheader,timestamp,append,maxsize:1,Dump:5 --MOZ_LOG_FILE C:\ProgramData\Mozilla-1de4eec8-1241-4177-a864-e594e8d1fb38\updates\308046B0AF4A39CB\backgroundupdate.moz_log --backgroundtask background (the data entry has 6 more characters).
Task: {3290231A-3AE5-49CC-9251-D2710FAE529A} - System32\Tasks\Mozilla\Firefox Default Browser Agent 308046B0AF4A39CB => C:\Program Files\Mozilla Firefox\default-browser-agent.exe [34368 2024-11-29] (Mozilla Corporation -> Mozilla Foundation)
(If an entry is included in the fixlist, the task (.job) file will be moved. The file which is running by the task will not be moved.)
Task: C:\Windows\Tasks\CCleanerCrashReporting.job => C:\Program Files\CCleaner\CCleanerBugReport.exe
==================== Internet (Whitelisted) ====================
(If an item is included in the fixlist, if it is a registry item it will be removed or restored to default.)
Tcpip\Parameters: [DhcpNameServer] 77.236.192.130 77.236.192.150
Tcpip\..\Interfaces\{470464b2-08ff-4641-a4a2-551f9a886915}: [DhcpNameServer] 77.236.192.130 77.236.192.150
Edge:
=======
Edge DefaultProfile: Default
Edge Profile: C:\Users\Tomáš\AppData\Local\Microsoft\Edge\User Data\Default [2024-12-07]
Edge Extension: (Dokumenty Google offline) - C:\Users\Tomáš\AppData\Local\Microsoft\Edge\User Data\Default\Extensions\ghbmnnjooekpmoecnnnilnnbdlolhkhi [2024-11-28]
Edge Extension: (Edge relevant text changes) - C:\Users\Tomáš\AppData\Local\Microsoft\Edge\User Data\Default\Extensions\jmjflgjpcpepeafmmgdpfkogkghcpiha [2024-04-05]
FireFox:
========
FF DefaultProfile: srxn1ztw.default
FF ProfilePath: C:\Users\Tomáš\AppData\Roaming\Mozilla\Firefox\Profiles\srxn1ztw.default [2024-06-28]
FF ProfilePath: C:\Users\Tomáš\AppData\Roaming\Mozilla\Firefox\Profiles\zi1lyum7.default-release [2024-12-07]
FF Notifications: Mozilla\Firefox\Profiles\zi1lyum7.default-release -> hxxps://cz10.herozerogame.com; hxxps://www.amateri.com; hxxps://ahfp61v57oduhz.enhanceprotocol.co.in; hxxps://9zez4u3h2kvr5h.enhanceprotocol.co.in
Chrome:
=======
CHR Profile: C:\Users\Tomáš\AppData\Local\Google\Chrome\User Data\Default [2024-07-26]
CHR Notifications: Default -> hxxps://aukro.cz; hxxps://cz2.forgeofempires.com; hxxps://cz4.forgeofempires.com; hxxps://www.amateri.com; hxxps://www.kupi.cz; hxxps://www.youtube.com
CHR Extension: (Dokumenty Google offline) - C:\Users\Tomáš\AppData\Local\Google\Chrome\User Data\Default\Extensions\ghbmnnjooekpmoecnnnilnnbdlolhkhi [2024-04-04]
CHR Extension: (Platby Internetového obchodu Chrome) - C:\Users\Tomáš\AppData\Local\Google\Chrome\User Data\Default\Extensions\nmmhkkegccagdldgiimedpiccmgmieda [2024-04-04]
==================== Services (Whitelisted) ===================
(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)
R2 ApHidMonitorService; C:\Program Files\DellTPad\HidMonitorSvc.exe [87384 2014-03-27] (Alps Electric Co., LTD. -> Alps Electric Co., Ltd.)
S3 CCleanerPerformanceOptimizerService; C:\Program Files\CCleaner\CCleanerPerformanceOptimizerService.exe [1087792 2024-11-06] (Gen Digital Inc. -> Piriform Software Ltd)
R2 HP LaserJet Service; C:\Program Files (x86)\HP\HPLaserJetService\HPLaserJetService.exe [176640 2020-02-11] (HP Inc.) [File not signed]
R2 MDCoreSvc; C:\ProgramData\Microsoft\Windows Defender\Platform\4.18.24090.11-0\MpDefenderCoreService.exe [1447680 2024-11-16] (Microsoft Windows Publisher -> Microsoft Corporation)
S3 Sense; C:\Program Files\Windows Defender Advanced Threat Protection\MsSense.exe [559368 2024-11-15] (Microsoft Windows Publisher -> Microsoft Corporation)
R3 WdNisSvc; C:\ProgramData\Microsoft\Windows Defender\Platform\4.18.24090.11-0\NisSrv.exe [3199672 2024-11-16] (Microsoft Windows Publisher -> Microsoft Corporation)
R2 WinDefend; C:\ProgramData\Microsoft\Windows Defender\Platform\4.18.24090.11-0\MsMpEng.exe [141952 2024-11-16] (Microsoft Windows Publisher -> Microsoft Corporation)
===================== Drivers (Whitelisted) ===================
(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)
S3 BthA2dp; C:\Windows\System32\drivers\BthA2dp.sys [279040 2019-12-07] (Microsoft Corporation) [File not signed]
S3 BthHFEnum; C:\Windows\System32\drivers\bthhfenum.sys [144896 2019-12-07] (Microsoft Corporation) [File not signed]
S0 WdBoot; C:\Windows\System32\drivers\wd\WdBoot.sys [22104 2024-11-16] (Microsoft Windows Early Launch Anti-malware Publisher -> Microsoft Corporation)
R0 WdFilter; C:\Windows\System32\drivers\wd\WdFilter.sys [606624 2024-11-16] (Microsoft Windows -> Microsoft Corporation)
R3 WdNisDrv; C:\Windows\System32\drivers\wd\WdNisDrv.sys [105888 2024-11-16] (Microsoft Windows -> Microsoft Corporation)
==================== NetSvcs (Whitelisted) ===================
(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)
==================== One month (created) (Whitelisted) =========
(If an entry is included in the fixlist, the file/folder will be moved.)
2024-12-07 14:35 - 2024-12-07 14:35 - 008790880 _____ (Malwarebytes) C:\Users\Tomáš\Downloads\AdwCleaner(1).exe
2024-12-07 14:32 - 2024-12-07 14:33 - 000000000 ____D C:\AdwCleaner
2024-12-07 14:32 - 2024-12-07 14:32 - 008790880 _____ (Malwarebytes) C:\Users\Tomáš\Downloads\adwcleaner.exe
2024-12-07 12:17 - 2024-12-07 12:18 - 000027640 _____ C:\Users\Tomáš\Downloads\Addition.txt
2024-12-07 12:15 - 2024-12-07 15:11 - 000013646 _____ C:\Users\Tomáš\Downloads\FRST.txt
2024-12-07 12:15 - 2024-12-07 15:10 - 000000000 ____D C:\FRST
2024-12-07 12:14 - 2024-12-07 12:14 - 002402304 _____ (Farbar) C:\Users\Tomáš\Downloads\FRST64.exe
2024-12-07 12:07 - 2024-12-07 12:07 - 002473232 _____ () C:\Users\Tomáš\Downloads\zipmate(2).exe
2024-12-07 12:04 - 2024-12-07 12:04 - 002096640 _____ (Farbar) C:\Users\Tomáš\Downloads\FRST.exe
2024-12-06 08:19 - 2024-12-06 10:39 - 000000000 ____D C:\Users\Tomáš\Desktop\2024 5.12. Pardubice Žluťák
2024-11-29 07:19 - 2024-11-30 20:00 - 000000000 ____D C:\Program Files\Mozilla Firefox
2024-11-17 07:57 - 2024-12-07 14:58 - 000000000 ____H C:\Users\Tomáš\Desktop\fssort.ini
2024-11-16 08:28 - 2024-11-16 08:28 - 000048011 _____ C:\Users\Tomáš\Downloads\Shrnutí objednávky-98766eb7-70c5-3e4e-b641-d833758afc6e.pdf
2024-11-15 15:30 - 2024-11-15 15:30 - 000082947 _____ C:\Users\Tomáš\Downloads\dark_crystal.zip
2024-11-15 15:26 - 2024-11-15 15:26 - 002474264 _____ () C:\Users\Tomáš\Downloads\zipmate(1).exe
2024-11-15 14:33 - 2024-11-15 14:33 - 000000000 ___HD C:\$WinREAgent
2024-11-15 14:09 - 2024-11-15 14:09 - 000000000 ____D C:\Users\Tomáš\AppData\Roaming\WinRAR
2024-11-15 14:09 - 2024-11-15 14:09 - 000000000 ____D C:\Users\Tomáš\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\WinRAR
2024-11-15 14:09 - 2024-11-15 14:09 - 000000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\WinRAR
2024-11-15 14:09 - 2024-11-15 14:09 - 000000000 ____D C:\Program Files\WinRAR
2024-11-15 14:08 - 2024-11-15 14:08 - 004194776 _____ C:\Users\Tomáš\Downloads\winrar-x64-701cz.exe
2024-11-15 13:55 - 2024-11-15 13:55 - 000000000 ____D C:\Users\Tomáš\Documents\ZPS11
2024-11-15 13:54 - 2024-11-15 13:54 - 000000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Zoner Photo Studio 11
2024-11-15 13:54 - 2024-11-15 13:54 - 000000000 ____D C:\Program Files (x86)\Zoner
2024-11-15 13:53 - 2024-11-15 13:53 - 063819721 _____ (ZONER software ) C:\Users\Tomáš\Downloads\zps11_cz_home.exe
2024-11-15 09:31 - 2024-11-15 13:55 - 000000000 ____D C:\Users\Tomáš\AppData\Roaming\Zoner
2024-11-15 09:31 - 2024-11-15 09:31 - 000000000 ____D C:\Users\Tomáš\AppData\Local\Zoner
2024-11-15 09:31 - 2024-11-15 09:31 - 000000000 ____D C:\Users\Tomáš\AppData\Local\CEF
2024-11-15 09:30 - 2024-11-15 09:31 - 079831160 _____ (ZONER software ) C:\Users\Tomáš\Downloads\zpsx_cz.exe
2024-11-15 09:27 - 2024-11-15 09:27 - 002474264 _____ () C:\Users\Tomáš\Downloads\zipmate.exe
==================== One month (modified) ==================
(If an entry is included in the fixlist, the file/folder will be moved.)
2024-12-07 14:51 - 2024-06-28 07:12 - 000000000 ____D C:\ProgramData\Mozilla-1de4eec8-1241-4177-a864-e594e8d1fb38
2024-12-07 14:50 - 2024-07-26 13:10 - 000000000 ____D C:\Program Files\CCleaner
2024-12-07 14:50 - 2024-03-31 10:23 - 000000000 ___RD C:\Users\Tomáš\OneDrive
2024-12-07 14:47 - 2019-12-07 10:14 - 000000000 ____D C:\ProgramData\regid.1991-06.com.microsoft
2024-12-07 14:42 - 2024-03-31 10:23 - 001605606 _____ C:\Windows\system32\PerfStringBackup.INI
2024-12-07 14:42 - 2019-12-07 15:43 - 000683606 _____ C:\Windows\system32\perfh005.dat
2024-12-07 14:42 - 2019-12-07 15:43 - 000137386 _____ C:\Windows\system32\perfc005.dat
2024-12-07 14:42 - 2019-12-07 10:13 - 000000000 ____D C:\Windows\INF
2024-12-07 14:38 - 2024-03-31 10:14 - 000008192 ___SH C:\DumpStack.log.tmp
2024-12-07 14:38 - 2024-03-31 10:14 - 000000006 ____H C:\Windows\Tasks\SA.DAT
2024-12-07 14:38 - 2023-12-04 03:52 - 000000000 ____D C:\Windows\SystemTemp
2024-12-07 14:37 - 2019-12-07 10:03 - 000524288 _____ C:\Windows\system32\config\BBI
2024-12-07 11:26 - 2024-03-31 10:14 - 000000000 ____D C:\Windows\system32\SleepStudy
2024-12-07 08:21 - 2019-12-07 10:14 - 000000000 ___HD C:\Program Files\WindowsApps
2024-12-07 08:21 - 2019-12-07 10:14 - 000000000 ____D C:\Windows\AppReadiness
2024-12-07 08:20 - 2024-03-31 10:14 - 000002436 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Microsoft Edge.lnk
2024-12-06 08:16 - 2024-04-05 13:27 - 000002247 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Google Chrome.lnk
2024-11-30 20:00 - 2024-06-28 07:12 - 000000000 ____D C:\Program Files (x86)\Mozilla Maintenance Service
2024-11-30 15:00 - 2019-12-07 10:03 - 000000000 ____D C:\Windows\CbsTemp
2024-11-30 07:25 - 2024-06-28 07:12 - 000001005 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Firefox.lnk
2024-11-29 17:07 - 2024-04-05 15:40 - 000000000 ____D C:\Program Files\RUXIM
2024-11-28 19:02 - 2024-04-04 16:23 - 000003592 _____ C:\Windows\system32\Tasks\OneDrive Reporting Task-S-1-5-21-3489919597-1578466563-2200197977-1001
2024-11-28 19:02 - 2024-03-31 10:23 - 000003380 _____ C:\Windows\system32\Tasks\OneDrive Standalone Update Task-S-1-5-21-3489919597-1578466563-2200197977-1001
2024-11-28 19:02 - 2024-03-31 10:18 - 000002381 _____ C:\Users\Tomáš\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\OneDrive.lnk
2024-11-28 16:46 - 2024-04-04 16:24 - 000003980 _____ C:\Windows\system32\Tasks\MicrosoftEdgeUpdateTaskUserS-1-5-21-3489919597-1578466563-2200197977-1001UA{73A90630-A870-4BB8-9254-1444E1E023C0}
2024-11-28 16:46 - 2024-04-04 16:24 - 000003916 _____ C:\Windows\system32\Tasks\MicrosoftEdgeUpdateTaskUserS-1-5-21-3489919597-1578466563-2200197977-1001Core{48749483-551D-4D33-B949-2874132A79FC}
2024-11-28 14:53 - 2024-03-31 10:14 - 000003640 _____ C:\Windows\system32\Tasks\MicrosoftEdgeUpdateTaskMachineUA
2024-11-28 14:53 - 2024-03-31 10:14 - 000003516 _____ C:\Windows\system32\Tasks\MicrosoftEdgeUpdateTaskMachineCore
2024-11-16 08:22 - 2024-03-31 10:14 - 000000000 ____D C:\Windows\system32\Drivers\wd
2024-11-15 18:48 - 2024-07-26 13:10 - 000000666 _____ C:\Windows\Tasks\CCleanerCrashReporting.job
2024-11-15 18:48 - 2024-03-31 10:14 - 000259768 _____ C:\Windows\system32\FNTCACHE.DAT
2024-11-15 18:47 - 2019-12-07 15:47 - 000000000 ____D C:\Program Files\Windows Defender Advanced Threat Protection
2024-11-15 18:47 - 2019-12-07 10:14 - 000000000 ___RD C:\Windows\ImmersiveControlPanel
2024-11-15 18:47 - 2019-12-07 10:14 - 000000000 ____D C:\Windows\SysWOW64\Dism
2024-11-15 18:47 - 2019-12-07 10:14 - 000000000 ____D C:\Windows\SystemResources
2024-11-15 18:47 - 2019-12-07 10:14 - 000000000 ____D C:\Windows\system32\setup
2024-11-15 18:47 - 2019-12-07 10:14 - 000000000 ____D C:\Windows\system32\SecureBootUpdates
2024-11-15 18:47 - 2019-12-07 10:14 - 000000000 ____D C:\Windows\system32\oobe
2024-11-15 18:47 - 2019-12-07 10:14 - 000000000 ____D C:\Windows\system32\Dism
2024-11-15 18:47 - 2019-12-07 10:14 - 000000000 ____D C:\Windows\system32\appraiser
2024-11-15 18:47 - 2019-12-07 10:14 - 000000000 ____D C:\Windows\ShellExperiences
2024-11-15 18:47 - 2019-12-07 10:14 - 000000000 ____D C:\Windows\DiagTrack
2024-11-15 18:47 - 2019-12-07 10:14 - 000000000 ____D C:\Windows\bcastdvr
2024-11-15 15:03 - 2024-04-04 16:21 - 000000000 ____D C:\Users\Tomáš\AppData\Local\PlaceholderTileLogoFolder
2024-11-15 15:03 - 2024-03-31 10:19 - 000000000 ____D C:\ProgramData\Packages
2024-11-15 15:03 - 2024-03-31 10:18 - 000000000 ____D C:\Users\Tomáš\AppData\Local\Packages
2024-11-15 14:43 - 2024-03-31 10:18 - 003016192 _____ (Microsoft Corporation) C:\Windows\SysWOW64\PrintConfig.dll
2024-11-15 11:30 - 2024-04-05 12:17 - 000000000 ____D C:\Windows\system32\MRT
2024-11-15 11:27 - 2024-04-05 12:17 - 202035632 ____C (Microsoft Corporation) C:\Windows\system32\MRT.exe
2024-11-15 08:28 - 2024-07-26 13:10 - 000003936 _____ C:\Windows\system32\Tasks\CCleaner Update
2024-11-15 08:28 - 2024-07-26 13:10 - 000003382 _____ C:\Windows\system32\Tasks\CCleanerCrashReporting
==================== SigCheck ============================
(There is no automatic fix for files that do not pass verification.)
==================== End of FRST.txt ========================
Additional scan result of Farbar Recovery Scan Tool (x64) Version: 06-12-2024
Ran by Tomáš (07-12-2024 15:11:55)
Running from C:\Users\Tomáš\Downloads
Microsoft Windows 10 Pro Version 22H2 19045.5131 (X64) (2024-03-31 09:17:02)
Boot Mode: Normal
==========================================================
==================== Accounts: =============================
(If an entry is included in the fixlist, it will be removed.)
Administrator (S-1-5-21-3489919597-1578466563-2200197977-500 - Administrator - Disabled)
DefaultAccount (S-1-5-21-3489919597-1578466563-2200197977-503 - Limited - Disabled)
Guest (S-1-5-21-3489919597-1578466563-2200197977-501 - Limited - Disabled)
Tomáš (S-1-5-21-3489919597-1578466563-2200197977-1001 - Administrator - Enabled) => C:\Users\Tomáš
WDAGUtilityAccount (S-1-5-21-3489919597-1578466563-2200197977-504 - Limited - Disabled)
==================== Security Center ========================
(If an entry is included in the fixlist, it will be removed.)
AV: Windows Defender (Enabled - Up to date) {D68DDC3A-831F-4fae-9E44-DA132C1ACF46}
==================== Installed Programs ======================
(Only the adware programs with "Hidden" flag could be added to the fixlist to unhide them. The adware programs should be uninstalled manually.)
CCleaner (HKLM\...\CCleaner) (Version: 6.30 - Piriform)
Dell Touchpad (HKLM\...\{9F72EF8B-AEC9-4CA5-B483-143980AFD6FD}) (Version: 8.1206.101.112 - ALPS ELECTRIC CO., LTD.)
FastStone Image Viewer 7.8 (HKLM-x32\...\FastStone Image Viewer) (Version: 7.8 - FastStone Corporation)
Google Chrome (HKLM-x32\...\Google Chrome) (Version: 131.0.6778.109 - Google LLC)
HP LaserJet Pro MFP M125-M126 (HKLM-x32\...\{c65448bc-e467-4ec7-b4a5-246697f52957}) (Version: 15.0.15310.1316 - Hewlett-Packard)
HP LaserJet Pro MFP M125-M126 HP Device Toolbox (HKLM-x32\...\{82E7776B-E837-4584-BD0D-E2F54A0F6960}) (Version: 32.0.28.0 - Hewlett-Packard Co.) Hidden
HP LJ M125126 Scan HP Scan (HKLM-x32\...\{F84EA1B1-5184-4145-B6E6-5E5D33D85FE4}) (Version: 1.0.302.0 - Hewlett-Packard Co.) Hidden
HP Product FWUpdater (HKLM-x32\...\{5A11EF83-9E0A-4B5C-8D2F-1FF9551A5E8C}) (Version: 4.0.0.8895 - Hewlett-Packard Company) Hidden
HP Unified IO (HKLM\...\{5C76ED0D-0F6F-4985-8B34-F9AE7834848F}) (Version: 2.0.0.434 - HP) Hidden
HP Unified IO (HKLM-x32\...\{F1390872-2500-4408-A46C-CD16C960C661}) (Version: 2.0.0.434 - HP) Hidden
HP Update (HKLM-x32\...\{912D30CF-F39E-4B31-AD9A-123C6B794EE2}) (Version: 5.005.002.002 - Hewlett-Packard)
HPLJProMFPM125M126 (HKLM-x32\...\{B2894225-82C7-4006-B243-6272589993B2}) (Version: 1.00.0000 - Hewlett-Packard)
HPLJUTCore (HKLM-x32\...\{B445502B-2F83-4873-90F1-06059F71A46A}) (Version: 014.000.0001 - HP) Hidden
HPLJUTM125_126 (HKLM-x32\...\{9E7CB788-5C1F-4A18-95AA-8F4B1618A80C}) (Version: 008.000.0001 - HP) Hidden
hppM125LaserJetService (HKLM-x32\...\{18D5B189-DBDD-4E57-A84B-58C7700E9BB0}) (Version: 001.032.00682 - Hewlett-Packard) Hidden
hpStatusAlerts (HKLM-x32\...\{6bb3c4d6-a57b-4ab7-a96a-be45a4959fe1}) (Version: 170.040.00260 - HP Development Company, L.P.) Hidden
hpStatusAlertsM125-M126 (HKLM-x32\...\{581A9CCB-1AD7-4BB4-A698-590305F773FB}) (Version: 080.046.00113 - Hewlett-Packard) Hidden
Microsoft Edge (HKLM-x32\...\Microsoft Edge) (Version: 131.0.2903.86 - Microsoft Corporation)
Microsoft Edge WebView2 Runtime (HKLM-x32\...\Microsoft EdgeWebView) (Version: 131.0.2903.86 - Microsoft Corporation) Hidden
Microsoft OneDrive (HKU\S-1-5-21-3489919597-1578466563-2200197977-1001\...\OneDriveSetup.exe) (Version: 24.221.1103.0003 - Microsoft Corporation)
Microsoft Update Health Tools (HKLM\...\{1FC1A6C2-576E-489A-9B4A-92D21F542136}) (Version: 3.74.0.0 - Microsoft Corporation)
Mozilla Firefox (x64 cs) (HKLM\...\Mozilla Firefox 133.0 (x64 cs)) (Version: 133.0 - Mozilla)
Mozilla Maintenance Service (HKLM\...\MozillaMaintenanceService) (Version: 127.0.2 - Mozilla)
pltcli (HKU\S-1-5-21-3489919597-1578466563-2200197977-1001\...\pltcli) (Version: 1.0 - pltcli)
Update for x64-based Windows Systems (KB5001716) (HKLM\...\{DA80A019-4C3B-4DAA-ACA1-6937D7CAAF9E}) (Version: 8.94.0.0 - Microsoft Corporation)
WinRAR 7.01 (64-bit) (HKLM\...\WinRAR archiver) (Version: 7.01.0 - win.rar GmbH)
ZipMatePro (HKU\S-1-5-21-3489919597-1578466563-2200197977-1001\...\ZipMatePro) (Version: 1.0 - ZipMatePro)
Zoner Photo Studio 11 (HKLM-x32\...\ZonerPhotoStudio11_CZ_is1) (Version: - ZONER software)
Chrome apps:
============
Disk Google (HKU\S-1-5-21-3489919597-1578466563-2200197977-1001\...\d8eef3a0245b73f9e174eadb491b4100) (Version: 1.0 - Google\Chrome)
Dokumenty (HKU\S-1-5-21-3489919597-1578466563-2200197977-1001\...\d775f32a9426acd4bf4d1586e6134459) (Version: 1.0 - Google\Chrome)
Gmail (HKU\S-1-5-21-3489919597-1578466563-2200197977-1001\...\1572f198952fadc2b912362ece2a43fe) (Version: 1.0 - Google\Chrome)
Prezentace (HKU\S-1-5-21-3489919597-1578466563-2200197977-1001\...\339754b122c6975b3f02e5f1b63aa960) (Version: 1.0 - Google\Chrome)
Tabulky (HKU\S-1-5-21-3489919597-1578466563-2200197977-1001\...\71d1f384c28d341a1ed8c86007b72ac7) (Version: 1.0 - Google\Chrome)
YouTube (HKU\S-1-5-21-3489919597-1578466563-2200197977-1001\...\7631678bf8e2ee006e310974cbacc5db) (Version: 1.0 - Google\Chrome)
Packages:
=========
Spotify – hudba a podcasty -> C:\Program Files\WindowsApps\SpotifyAB.SpotifyMusic_1.252.442.0_x64__zpdnekdrzrea0 [2024-12-06] (Spotify AB) [Startup Task]
==================== Custom CLSID (Whitelisted): ==============
(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)
CustomCLSID: HKU\S-1-5-21-3489919597-1578466563-2200197977-1001_Classes\CLSID\{1108FD1C-492F-4251-B9DB-77F0274267B2}\InprocServer32 -> C:\Users\Tomáš\AppData\Local\Microsoft\EdgeUpdate\1.3.187.37\psuser_64.dll => No File
CustomCLSID: HKU\S-1-5-21-3489919597-1578466563-2200197977-1001_Classes\CLSID\{2FDB3305-19B8-4FE2-972B-ED5E97CBBD6E}\InprocServer32 -> C:\Users\Tomáš\AppData\Local\Microsoft\EdgeUpdate\1.3.195.39\psuser_64.dll (Microsoft Corporation -> Microsoft Corporation)
CustomCLSID: HKU\S-1-5-21-3489919597-1578466563-2200197977-1001_Classes\CLSID\{5EA43877-C6D8-4885-B77A-C0BB27E94372}\InprocServer32 -> C:\Users\Tomáš\AppData\Local\Microsoft\EdgeUpdate\1.3.195.39\psuser_64.dll (Microsoft Corporation -> Microsoft Corporation)
CustomCLSID: HKU\S-1-5-21-3489919597-1578466563-2200197977-1001_Classes\CLSID\{5FC44EBC-3A1F-4FBB-85E5-34405788C8D7}\InprocServer32 -> C:\Users\Tomáš\AppData\Local\Microsoft\EdgeUpdate\1.3.187.41\psuser_64.dll => No File
CustomCLSID: HKU\S-1-5-21-3489919597-1578466563-2200197977-1001_Classes\CLSID\{6DD6748E-7DAE-47EF-B4D5-03AA1B06D697}\InprocServer32 -> C:\Users\Tomáš\AppData\Local\Microsoft\EdgeUpdate\1.3.187.39\psuser_64.dll => No File
CustomCLSID: HKU\S-1-5-21-3489919597-1578466563-2200197977-1001_Classes\CLSID\{78C1ADF4-6DAE-4164-AEFA-4E3EAD9E750A}\InprocServer32 -> C:\Users\Tomáš\AppData\Local\Microsoft\EdgeUpdate\1.3.195.19\psuser_64.dll => No File
CustomCLSID: HKU\S-1-5-21-3489919597-1578466563-2200197977-1001_Classes\CLSID\{81093D63-7825-417B-BFC8-ADC63FA4E53D}\InprocServer32 -> C:\Users\Tomáš\AppData\Local\Microsoft\EdgeUpdate\1.3.195.39\psuser_64.dll (Microsoft Corporation -> Microsoft Corporation)
CustomCLSID: HKU\S-1-5-21-3489919597-1578466563-2200197977-1001_Classes\CLSID\{83F21C4B-8643-4A08-A29A-822AFD835037}\InprocServer32 -> C:\Users\Tomáš\AppData\Local\Microsoft\EdgeUpdate\1.3.193.5\psuser_64.dll => No File
CustomCLSID: HKU\S-1-5-21-3489919597-1578466563-2200197977-1001_Classes\CLSID\{A087E49F-1F8E-4603-A200-55537B737421}\InprocServer32 -> C:\Users\Tomáš\AppData\Local\Microsoft\EdgeUpdate\1.3.195.25\psuser_64.dll => No File
CustomCLSID: HKU\S-1-5-21-3489919597-1578466563-2200197977-1001_Classes\CLSID\{B258532D-3529-4BEB-BF38-F08F98B3968C}\InprocServer32 -> C:\Users\Tomáš\AppData\Local\Microsoft\EdgeUpdate\1.3.195.15\psuser_64.dll => No File
CustomCLSID: HKU\S-1-5-21-3489919597-1578466563-2200197977-1001_Classes\CLSID\{BC4C72EF-3055-4A6D-86E1-AE4D24DB63CA}\InprocServer32 -> C:\Users\Tomáš\AppData\Local\Microsoft\EdgeUpdate\1.3.195.35\psuser_64.dll => No File
CustomCLSID: HKU\S-1-5-21-3489919597-1578466563-2200197977-1001_Classes\CLSID\{DAA7499A-B3AC-4419-A89B-124318504051}\InprocServer32 -> C:\Users\Tomáš\AppData\Local\Microsoft\EdgeUpdate\1.3.185.29\psuser_64.dll => No File
ContextMenuHandlers1: [WinRAR] -> {B41DB860-64E4-11D2-9906-E49FADC173CA} => C:\Program Files\WinRAR\rarext.dll [2024-05-12] (win.rar GmbH -> Alexander Roshal)
ContextMenuHandlers1-x32: [WinRAR32] -> {B41DB860-8EE4-11D2-9906-E49FADC173CA} => C:\Program Files\WinRAR\rarext32.dll [2024-05-12] (win.rar GmbH -> Alexander Roshal)
ContextMenuHandlers5: [igfxcui] -> {3AB1675A-CCFF-11D2-8B20-00A0C93CB1F4} => C:\Windows\system32\igfxpph.dll [2017-03-09] (Microsoft Windows Hardware Compatibility Publisher -> Intel Corporation)
ContextMenuHandlers6: [WinRAR] -> {B41DB860-64E4-11D2-9906-E49FADC173CA} => C:\Program Files\WinRAR\rarext.dll [2024-05-12] (win.rar GmbH -> Alexander Roshal)
ContextMenuHandlers6-x32: [WinRAR32] -> {B41DB860-8EE4-11D2-9906-E49FADC173CA} => C:\Program Files\WinRAR\rarext32.dll [2024-05-12] (win.rar GmbH -> Alexander Roshal)
==================== Codecs (Whitelisted) ====================
==================== Shortcuts & WMI ========================
(The entries could be listed to be restored or removed.)
ShortcutWithArgument: C:\Users\Tomáš\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Aplikace Chrome\Disk Google.lnk -> C:\Program Files\Google\Chrome\Application\chrome_proxy.exe (Google LLC) -> --profile-directory=Default --app-id=aghbiahbpaijignceidepookljebhfak
ShortcutWithArgument: C:\Users\Tomáš\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Aplikace Chrome\Dokumenty.lnk -> C:\Program Files\Google\Chrome\Application\chrome_proxy.exe (Google LLC) -> --profile-directory=Default --app-id=mpnpojknpmmopombnjdcgaaiekajbnjb
ShortcutWithArgument: C:\Users\Tomáš\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Aplikace Chrome\Gmail.lnk -> C:\Program Files\Google\Chrome\Application\chrome_proxy.exe (Google LLC) -> --profile-directory=Default --app-id=fmgjjmmmlfnkbppncabfkddbjimcfncm
ShortcutWithArgument: C:\Users\Tomáš\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Aplikace Chrome\Prezentace.lnk -> C:\Program Files\Google\Chrome\Application\chrome_proxy.exe (Google LLC) -> --profile-directory=Default --app-id=kefjledonklijopmnomlcbpllchaibag
ShortcutWithArgument: C:\Users\Tomáš\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Aplikace Chrome\Tabulky.lnk -> C:\Program Files\Google\Chrome\Application\chrome_proxy.exe (Google LLC) -> --profile-directory=Default --app-id=fhihpiojkbmbpdjeoajapmgkhlnakfjf
ShortcutWithArgument: C:\Users\Tomáš\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Aplikace Chrome\YouTube.lnk -> C:\Program Files\Google\Chrome\Application\chrome_proxy.exe (Google LLC) -> --profile-directory=Default --app-id=agimnkijcaahngcdmfeangaknmldooml
==================== Loaded Modules (Whitelisted) =============
2009-09-16 17:44 - 2009-09-16 17:44 - 000153088 _____ (Hewlett Packard) [File not signed] C:\Windows\System32\hptcpmib.dll
2009-09-16 17:45 - 2009-09-16 17:45 - 000331264 _____ (Hewlett Packard) [File not signed] C:\Windows\System32\HpTcpMon.dll
2009-09-16 10:44 - 2009-09-16 10:44 - 000132096 _____ (Hewlett Packard) [File not signed] C:\Windows\System32\hpzjrd01.dll
2009-09-16 17:45 - 2009-09-16 17:45 - 000317440 _____ (Microsoft Corporation) [File not signed] C:\Windows\System32\HPTcpMUI.dll
==================== Alternate Data Streams (Whitelisted) ========
==================== Safe Mode (Whitelisted) ==================
==================== Association (Whitelisted) =================
==================== Internet Explorer (Whitelisted) =============
==================== Hosts content: =========================
(If needed Hosts: directive could be included in the fixlist to reset Hosts.)
2019-12-07 10:14 - 2019-12-07 10:12 - 000000824 _____ C:\Windows\system32\drivers\etc\hosts
==================== Other Areas ===========================
(Currently there is no automatic fix for this section.)
HKU\S-1-5-21-3489919597-1578466563-2200197977-1001\Control Panel\Desktop\\Wallpaper -> C:\Users\Tomáš\Desktop\HD-wallpaper-deicide-death-metal-metal-scars.jpg
DNS Servers: 77.236.192.130 - 77.236.192.150
HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Policies\System => (ConsentPromptBehaviorAdmin: 5) (ConsentPromptBehaviorUser: 3) (EnableLUA: 1)
Windows Firewall is enabled.
Network Binding:
=============
Wi-Fi: Intel(R) Centrino(R) Advanced-N 6205 -> NETwew01.sys
Ethernet: Intel(R) 82579LM Gigabit Network Connection -> e1i65x64.sys
==================== MSCONFIG/TASK MANAGER disabled items ==
==================== FirewallRules (Whitelisted) ================
(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)
FirewallRules: [{B378EBB2-BDDD-4D11-8656-F59B17084A2B}] => (Allow) C:\Program Files (x86)\HP\HP LaserJet Pro MFP M125-M126\Bin\HPNetworkCommunicatorCom.exe (VistaName -> Hewlett-Packard Co.) [File not signed]
FirewallRules: [{572C0C0F-2E92-4192-AB63-045BAE373164}] => (Allow) C:\Program Files (x86)\HP\HP LaserJet Pro MFP M125-M126\bin\EWSProxy.exe (VistaName -> Hewlett-Packard Co.) [File not signed]
FirewallRules: [{CA0D8E74-9317-4AB5-BAE3-A82288B136F5}] => (Allow) C:\Program Files\Mozilla Firefox\firefox.exe (Mozilla Corporation -> Mozilla Corporation)
FirewallRules: [{9F6E9C79-1536-4D0E-84E9-6DCDD0F4F5CA}] => (Allow) C:\Program Files\Mozilla Firefox\firefox.exe (Mozilla Corporation -> Mozilla Corporation)
FirewallRules: [{BFE859D3-6A77-495D-85DD-AE14E93F65C3}] => (Allow) C:\Program Files\Google\Chrome\Application\chrome.exe (Google LLC -> Google LLC)
FirewallRules: [{EDC8B73A-D51E-4AAB-BC89-B47601C439CD}] => (Allow) C:\Program Files\WindowsApps\Microsoft.SkypeApp_15.133.3202.0_x64__kzf8qxf38zg5c\Skype\Skype.exe (Skype Software Sarl -> Skype Technologies S.A.)
FirewallRules: [{C0B0B697-9EF0-41DD-A598-A82DDE6433AB}] => (Allow) C:\Program Files\WindowsApps\Microsoft.SkypeApp_15.133.3202.0_x64__kzf8qxf38zg5c\Skype\Skype.exe (Skype Software Sarl -> Skype Technologies S.A.)
FirewallRules: [{C2CA360C-9BF1-407A-876A-DD7BFC29E1AC}] => (Allow) C:\Program Files\WindowsApps\Microsoft.SkypeApp_15.133.3202.0_x64__kzf8qxf38zg5c\Skype\Skype.exe (Skype Software Sarl -> Skype Technologies S.A.)
FirewallRules: [{AEED1C68-3C1C-40A0-AF59-9301266D817E}] => (Allow) C:\Program Files\WindowsApps\Microsoft.SkypeApp_15.133.3202.0_x64__kzf8qxf38zg5c\Skype\Skype.exe (Skype Software Sarl -> Skype Technologies S.A.)
FirewallRules: [{4A17DA12-2770-44E9-AC19-8CA61F87F5A2}] => (Allow) C:\Program Files\WindowsApps\SpotifyAB.SpotifyMusic_1.252.442.0_x64__zpdnekdrzrea0\Spotify.exe (453637B3-4E12-4CDF-B0D3-2A3C863BF6EF -> Spotify Ltd)
FirewallRules: [{5033D075-BEF4-410C-A514-D35594DDA4B8}] => (Allow) C:\Program Files\WindowsApps\SpotifyAB.SpotifyMusic_1.252.442.0_x64__zpdnekdrzrea0\Spotify.exe (453637B3-4E12-4CDF-B0D3-2A3C863BF6EF -> Spotify Ltd)
FirewallRules: [{7BC91C82-A1F8-4947-9808-C32D959AA3B9}] => (Allow) C:\Program Files\WindowsApps\SpotifyAB.SpotifyMusic_1.252.442.0_x64__zpdnekdrzrea0\Spotify.exe (453637B3-4E12-4CDF-B0D3-2A3C863BF6EF -> Spotify Ltd)
FirewallRules: [{BA1A7C62-C72B-4A35-99E3-F239408F0740}] => (Allow) C:\Program Files\WindowsApps\SpotifyAB.SpotifyMusic_1.252.442.0_x64__zpdnekdrzrea0\Spotify.exe (453637B3-4E12-4CDF-B0D3-2A3C863BF6EF -> Spotify Ltd)
FirewallRules: [{11E20890-4A27-406C-8DCC-CF9B6BC46D17}] => (Allow) C:\Program Files\WindowsApps\SpotifyAB.SpotifyMusic_1.252.442.0_x64__zpdnekdrzrea0\Spotify.exe (453637B3-4E12-4CDF-B0D3-2A3C863BF6EF -> Spotify Ltd)
FirewallRules: [{40A091EC-B0F6-45C8-8026-D9414F785B1C}] => (Allow) C:\Program Files\WindowsApps\SpotifyAB.SpotifyMusic_1.252.442.0_x64__zpdnekdrzrea0\Spotify.exe (453637B3-4E12-4CDF-B0D3-2A3C863BF6EF -> Spotify Ltd)
FirewallRules: [{B8F5904E-8136-47F0-B3A8-9E8B4543B5BF}] => (Allow) C:\Program Files\WindowsApps\SpotifyAB.SpotifyMusic_1.252.442.0_x64__zpdnekdrzrea0\Spotify.exe (453637B3-4E12-4CDF-B0D3-2A3C863BF6EF -> Spotify Ltd)
FirewallRules: [{AA7831A8-C2AA-4226-8561-82E16C5C3CBE}] => (Allow) C:\Program Files\WindowsApps\SpotifyAB.SpotifyMusic_1.252.442.0_x64__zpdnekdrzrea0\Spotify.exe (453637B3-4E12-4CDF-B0D3-2A3C863BF6EF -> Spotify Ltd)
FirewallRules: [{ED9DA6F4-96A1-4BFE-AC03-E56C8CC6E70A}] => (Allow) C:\Program Files\WindowsApps\SpotifyAB.SpotifyMusic_1.252.442.0_x64__zpdnekdrzrea0\Spotify.exe (453637B3-4E12-4CDF-B0D3-2A3C863BF6EF -> Spotify Ltd)
FirewallRules: [{C6A6CE63-8462-4B8E-94FA-CEF91F04D862}] => (Allow) C:\Program Files\WindowsApps\SpotifyAB.SpotifyMusic_1.252.442.0_x64__zpdnekdrzrea0\Spotify.exe (453637B3-4E12-4CDF-B0D3-2A3C863BF6EF -> Spotify Ltd)
FirewallRules: [{9B28761F-D0AD-4DBB-8CB6-FED7E7469377}] => (Allow) C:\Program Files (x86)\Microsoft\EdgeWebView\Application\131.0.2903.86\msedgewebview2.exe (Microsoft Corporation -> Microsoft Corporation)
==================== Restore Points =========================
15-11-2024 14:33:35 Instalační služba modulů systému Windows
30-11-2024 08:02:13 Naplánovaný kontrolní bod
30-11-2024 15:00:07 Instalační služba modulů systému Windows
==================== Faulty Device Manager Devices ============
Name: Broadcom USH
Description: Broadcom USH
Class Guid:
Manufacturer:
Service:
Problem: : The drivers for this device are not installed. (Code 28)
Resolution: To install the drivers for this device, click "Update Driver", which starts the Hardware Update wizard.
Name: Sériový port sběrnice PCI
Description: Sériový port sběrnice PCI
Class Guid:
Manufacturer:
Service:
Problem: : The drivers for this device are not installed. (Code 28)
Resolution: To install the drivers for this device, click "Update Driver", which starts the Hardware Update wizard.
Name: Řadič jednoduché komunikace pro sběrnici PCI
Description: Řadič jednoduché komunikace pro sběrnici PCI
Class Guid:
Manufacturer:
Service:
Problem: : The drivers for this device are not installed. (Code 28)
Resolution: To install the drivers for this device, click "Update Driver", which starts the Hardware Update wizard.
Name: Řadič velkokapacitního paměťového zařízení
Description: Řadič velkokapacitního paměťového zařízení
Class Guid:
Manufacturer:
Service:
Problem: : The drivers for this device are not installed. (Code 28)
Resolution: To install the drivers for this device, click "Update Driver", which starts the Hardware Update wizard.
Name:
Description:
Class Guid:
Manufacturer:
Service:
Problem: : The drivers for this device are not installed. (Code 28)
Resolution: To install the drivers for this device, click "Update Driver", which starts the Hardware Update wizard.
==================== Event log errors: ========================
Application errors:
==================
Error: (12/07/2024 02:37:54 PM) (Source: VSS) (EventID: 13) (User: )
Description: Informace služby Stínová kopie svazku: Server COM s identifikátorem CLSID {4e14fba2-2e22-11d1-9964-00c04fbbb345} a názvem CEventSystem nelze spustit. [0x8007045b, Probíhá vypnutí systému.]
Error: (12/06/2024 10:14:32 AM) (Source: SideBySide) (EventID: 33) (User: )
Description: Generování kontextu aktivace pro C:\Program Files (x86)\Zoner\Photo Studio 11\Program\Microsoft.VC80.MFC\MFC80U.DLL se nezdařilo.
Závislé sestavení Microsoft.VC80.MFCLOC,processorArchitecture="x86",publicKeyToken="1fc8b3b9a1e18e3b",type="win32",version="8.0.50608.0" nelze najít.
Podrobnější diagnostické údaje získáte pomocí programu sxstrace.exe.
Error: (12/06/2024 10:14:32 AM) (Source: SideBySide) (EventID: 33) (User: )
Description: Generování kontextu aktivace pro C:\Program Files (x86)\Zoner\Photo Studio 11\Program\Microsoft.VC80.MFC\MFC80U.DLL se nezdařilo.
Závislé sestavení Microsoft.VC80.MFCLOC,processorArchitecture="x86",publicKeyToken="1fc8b3b9a1e18e3b",type="win32",version="8.0.50608.0" nelze najít.
Podrobnější diagnostické údaje získáte pomocí programu sxstrace.exe.
Error: (12/06/2024 10:14:26 AM) (Source: SideBySide) (EventID: 33) (User: )
Description: Generování kontextu aktivace pro C:\Program Files (x86)\Zoner\Photo Studio 11\Program\Microsoft.VC80.MFC\MFC80U.DLL se nezdařilo.
Závislé sestavení Microsoft.VC80.MFCLOC,processorArchitecture="x86",publicKeyToken="1fc8b3b9a1e18e3b",type="win32",version="8.0.50608.0" nelze najít.
Podrobnější diagnostické údaje získáte pomocí programu sxstrace.exe.
Error: (12/06/2024 10:14:26 AM) (Source: SideBySide) (EventID: 33) (User: )
Description: Generování kontextu aktivace pro C:\Program Files (x86)\Zoner\Photo Studio 11\Program\Microsoft.VC80.MFC\MFC80U.DLL se nezdařilo.
Závislé sestavení Microsoft.VC80.MFCLOC,processorArchitecture="x86",publicKeyToken="1fc8b3b9a1e18e3b",type="win32",version="8.0.50608.0" nelze najít.
Podrobnější diagnostické údaje získáte pomocí programu sxstrace.exe.
Error: (11/30/2024 07:25:49 AM) (Source: Firefox Default Browser Agent) (EventID: 5) (User: )
Description: Event-ID 5
Error: (11/15/2024 05:27:16 PM) (Source: SideBySide) (EventID: 33) (User: )
Description: Generování kontextu aktivace pro C:\Program Files (x86)\Zoner\Photo Studio 11\Program\Microsoft.VC80.MFC\MFC80U.DLL se nezdařilo.
Závislé sestavení Microsoft.VC80.MFCLOC,processorArchitecture="x86",publicKeyToken="1fc8b3b9a1e18e3b",type="win32",version="8.0.50608.0" nelze najít.
Podrobnější diagnostické údaje získáte pomocí programu sxstrace.exe.
Error: (11/15/2024 05:27:16 PM) (Source: SideBySide) (EventID: 33) (User: )
Description: Generování kontextu aktivace pro C:\Program Files (x86)\Zoner\Photo Studio 11\Program\Microsoft.VC80.MFC\MFC80U.DLL se nezdařilo.
Závislé sestavení Microsoft.VC80.MFCLOC,processorArchitecture="x86",publicKeyToken="1fc8b3b9a1e18e3b",type="win32",version="8.0.50608.0" nelze najít.
Podrobnější diagnostické údaje získáte pomocí programu sxstrace.exe.
System errors:
=============
Error: (12/07/2024 02:40:20 PM) (Source: Service Control Manager) (EventID: 7000) (User: )
Description: Služba Služba Aktualizace Google (gupdate) neuspěla při spuštění v důsledku následující chyby:
Služba neodpověděla na řídicí nebo zahajovací požadavek dostatečně včas.
Error: (12/07/2024 02:40:20 PM) (Source: Service Control Manager) (EventID: 7009) (User: )
Description: Při čekání na připojení služby Služba Aktualizace Google (gupdate) bylo dosaženo časového limitu (30000 ms).
Error: (12/07/2024 02:33:08 PM) (Source: Service Control Manager) (EventID: 7034) (User: )
Description: Služba HP LaserJet Service byla neočekávaně ukončena. Tento stav nastal již 1krát.
Error: (12/07/2024 02:33:08 PM) (Source: Service Control Manager) (EventID: 7034) (User: )
Description: Služba Alps HID Monitor Service byla neočekávaně ukončena. Tento stav nastal již 1krát.
Error: (12/06/2024 08:53:52 AM) (Source: Microsoft-Windows-WindowsUpdateClient) (EventID: 20) (User: NT AUTHORITY)
Description: Instalace se nezdařila: Instalování následující aktualizace se nezdařilo z důvodu chyby (0x80073d02): 9NMPJ99VJBWV-Microsoft.YourPhone.
Error: (12/06/2024 08:20:38 AM) (Source: Microsoft-Windows-WindowsUpdateClient) (EventID: 20) (User: NT AUTHORITY)
Description: Instalace se nezdařila: Instalování následující aktualizace se nezdařilo z důvodu chyby (0x80073d02): 9NMPJ99VJBWV-Microsoft.YourPhone.
Error: (12/01/2024 07:29:14 AM) (Source: Service Control Manager) (EventID: 7000) (User: )
Description: Služba Služba Aktualizace Google (gupdate) neuspěla při spuštění v důsledku následující chyby:
Služba neodpověděla na řídicí nebo zahajovací požadavek dostatečně včas.
Error: (12/01/2024 07:29:14 AM) (Source: Service Control Manager) (EventID: 7009) (User: )
Description: Při čekání na připojení služby Služba Aktualizace Google (gupdate) bylo dosaženo časového limitu (30000 ms).
Windows Defender:
================
Date: 2024-12-07 08:57:30
Description:
Prohledávání Antivirová ochrana v programu Microsoft Defender bylo zastaveno před dokončením.
ID prohledávání: {79E2E025-6346-47A0-9B3D-A6E46B317BB8}
Typ prohledávání: Antimalwarový program
Parametry prohledávání: Rychlé prohledávání
Uživatel: NT AUTHORITY\SYSTEM
Date: 2024-12-06 08:53:20
Description:
Prohledávání Antivirová ochrana v programu Microsoft Defender bylo zastaveno před dokončením.
ID prohledávání: {CC816A28-5E68-469A-9811-A7CD8F81F9EC}
Typ prohledávání: Antimalwarový program
Parametry prohledávání: Rychlé prohledávání
Uživatel: NT AUTHORITY\SYSTEM
Date: 2024-11-30 08:51:06
Description:
Prohledávání Antivirová ochrana v programu Microsoft Defender bylo zastaveno před dokončením.
ID prohledávání: {E3698D32-2FDF-4171-824F-A4D4F2AC83CE}
Typ prohledávání: Antimalwarový program
Parametry prohledávání: Rychlé prohledávání
Uživatel: NT AUTHORITY\SYSTEM
Date: 2024-11-29 17:40:14
Description:
Prohledávání Antivirová ochrana v programu Microsoft Defender bylo zastaveno před dokončením.
ID prohledávání: {E9A5A3AF-F013-46A6-98FE-B72AB3E302E4}
Typ prohledávání: Antimalwarový program
Parametry prohledávání: Rychlé prohledávání
Uživatel: NT AUTHORITY\SYSTEM
Date: 2024-11-29 14:47:58
Description:
Prohledávání Antivirová ochrana v programu Microsoft Defender bylo zastaveno před dokončením.
ID prohledávání: {9164D885-E0DA-4A0D-9A37-7F2D04146AB2}
Typ prohledávání: Antimalwarový program
Parametry prohledávání: Rychlé prohledávání
Uživatel: NT AUTHORITY\SYSTEM
==================== Memory info ===========================
BIOS: Dell Inc. A13 11/17/2013
Motherboard: Dell Inc. 0R97MN
Processor: Intel(R) Core(TM) i5-2520M CPU @ 2.50GHz
Percentage of memory in use: 38%
Total physical RAM: 8073.01 MB
Available physical RAM: 4951.02 MB
Total Virtual: 10377.01 MB
Available Virtual: 7584.48 MB
==================== Drives ================================
Drive c: () (Fixed) (Total:222.98 GB) (Free:174.36 GB) (Model: ADATA SU650) NTFS
\\?\Volume{1d98aefa-0000-0000-0000-100000000000}\ (Rezervováno systémem) (Fixed) (Total:0.05 GB) (Free:0.02 GB) NTFS
\\?\Volume{1d98aefa-0000-0000-0000-30c237000000}\ () (Fixed) (Total:0.53 GB) (Free:0.08 GB) NTFS
==================== MBR & Partition Table ====================
==========================================================
Disk: 0 (MBR Code: Windows 7/8/10) (Size: 223.6 GB) (Disk ID: 1D98AEFA)
Partition 1: (Active) - (Size=50 MB) - (Type=07 NTFS)
Partition 2: (Not Active) - (Size=223 GB) - (Type=07 NTFS)
Partition 3: (Not Active) - (Size=547 MB) - (Type=27)
==================== End of Addition.txt =======================
Ran by Tomáš (administrator) on DESKTOP-FFT066H (Dell Inc. Latitude E6220) (07-12-2024 15:10:14)
Running from C:\Users\Tomáš\Downloads\FRST64.exe
Loaded Profiles: Tomáš
Platform: Microsoft Windows 10 Pro Version 22H2 19045.5131 (X64) Language: Čeština (Česko)
Default browser: FF
Boot Mode: Normal
==================== Processes (Whitelisted) =================
(If an entry is included in the fixlist, the process will be closed. The file will not be moved.)
(Alps Electric Co., LTD. -> Alps Electric Co., Ltd.) C:\Program Files\DellTPad\ApntEx.exe
(C:\Program Files\DellTPad\Apoint.exe ->) (Alps Electric Co., LTD. -> Alps Electric Co., Ltd.) C:\Program Files\DellTPad\ApMsgFwd.exe
(C:\Program Files\DellTPad\Apoint.exe ->) (Alps Electric Co., LTD. -> Alps Electric Co., Ltd.) C:\Program Files\DellTPad\hidfind.exe
(C:\Program Files\DellTPad\HidMonitorSvc.exe ->) (Alps Electric Co., LTD. -> Alps Electric Co., Ltd.) C:\Program Files\DellTPad\Apoint.exe
(explorer.exe ->) (Intel(R) pGFX -> Intel Corporation) C:\Windows\System32\hkcmd.exe
(explorer.exe ->) (Intel(R) pGFX -> Intel Corporation) C:\Windows\System32\igfxpers.exe
(explorer.exe ->) (Intel(R) pGFX -> Intel Corporation) C:\Windows\System32\igfxtray.exe
(explorer.exe ->) (Microsoft Corporation -> Microsoft Corporation) C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe <5>
(explorer.exe ->) (Microsoft Windows -> Microsoft Corporation) C:\Windows\System32\rundll32.exe
(Gen Digital Inc. -> Piriform Software Ltd) C:\Program Files\CCleaner\CCleaner64.exe
(Hewlett-Packard Company -> Hewlett-Packard) C:\Program Files (x86)\HP\HP Software Update\hpwuschd2.exe
(Hewlett-Packard Company -> HP Development Company, L.P.) C:\Program Files (x86)\HP\StatusAlerts\bin\HPStatusAlerts.exe
(services.exe ->) (Alps Electric Co., LTD. -> Alps Electric Co., Ltd.) C:\Program Files\DellTPad\HidMonitorSvc.exe
(services.exe ->) (HP Inc.) [File not signed] C:\Program Files (x86)\HP\HPLaserJetService\HPLaserJetService.exe
(services.exe ->) (Microsoft Windows Publisher -> Microsoft Corporation) C:\ProgramData\Microsoft\Windows Defender\Platform\4.18.24090.11-0\MpDefenderCoreService.exe
(services.exe ->) (Microsoft Windows Publisher -> Microsoft Corporation) C:\ProgramData\Microsoft\Windows Defender\Platform\4.18.24090.11-0\MsMpEng.exe
(services.exe ->) (Microsoft Windows Publisher -> Microsoft Corporation) C:\ProgramData\Microsoft\Windows Defender\Platform\4.18.24090.11-0\NisSrv.exe
(svchost.exe ->) (Microsoft Corporation -> Microsoft Corporation) C:\Users\Tomáš\AppData\Local\Microsoft\OneDrive\24.221.1103.0003\FileCoAuth.exe
(svchost.exe ->) (Microsoft Windows -> Microsoft Corporation) C:\Windows\ImmersiveControlPanel\SystemSettings.exe
(svchost.exe ->) (Microsoft Windows -> Microsoft Corporation) C:\Windows\System32\dllhost.exe <2>
(svchost.exe ->) (Microsoft Windows -> Microsoft Corporation) C:\Windows\System32\smartscreen.exe
(svchost.exe ->) (Microsoft Windows -> Microsoft Corporation) C:\Windows\SysWOW64\dllhost.exe
==================== Registry (Whitelisted) ===================
(If an entry is included in the fixlist, the registry item will be restored to default or removed. The file will not be moved.)
HKLM\...\Run: [Apoint] => C:\Program Files\DellTPad\Apoint.exe [727896 2014-03-13] (Alps Electric Co., LTD. -> Alps Electric Co., Ltd.)
HKLM-x32\...\Run: [HP Software Update] => C:\Program Files (x86)\Hp\HP Software Update\HPWuSchd2.exe [96056 2013-05-30] (Hewlett-Packard Company -> Hewlett-Packard)
HKLM-x32\...\Run: [] => [X]
HKLM-x32\...\Run: [StatusAlerts] => C:\Program Files (x86)\HP\StatusAlerts\bin\HPStatusAlerts.exe [329992 2015-06-17] (Hewlett-Packard Company -> HP Development Company, L.P.)
HKU\S-1-5-21-3489919597-1578466563-2200197977-1001\...\Run: [Microsoft Edge Update] => C:\Users\Tomáš\AppData\Local\Microsoft\EdgeUpdate\1.3.195.39\MicrosoftEdgeUpdateCore.exe [268344 2024-11-28] (Microsoft Corporation -> Microsoft Corporation)
HKU\S-1-5-21-3489919597-1578466563-2200197977-1001\...\Run: [CCleaner Smart Cleaning] => C:\Program Files\CCleaner\CCleaner64.exe [45359408 2024-11-06] (Gen Digital Inc. -> Piriform Software Ltd)
HKU\S-1-5-21-3489919597-1578466563-2200197977-1001\...\Run: [MicrosoftEdgeAutoLaunch_A04DB29D7BBA667E0666614EBA03A945] => "C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --no-startup-window --win-session-start [3911232 2024-12-05] (Microsoft Corporation -> Microsoft Corporation)
HKLM\...\Print\Monitors\HP Standard TCP/IP Port: C:\Windows\system32\HpTcpMon.dll [331264 2009-09-16] (Hewlett Packard) [File not signed]
HKLM\Software\Microsoft\Active Setup\Installed Components: [{8A69D345-D564-463c-AFF1-A69D9E530F96}] -> C:\Program Files\Google\Chrome\Application\131.0.6778.109\Installer\chrmstp.exe [2024-12-06] (Google LLC -> Google LLC)
==================== Scheduled Tasks (Whitelisted) =================
(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)
Task: {975739FA-BE4F-4A7C-AD76-11E3AD80AAFE} - System32\Tasks\CCleaner Update => C:\Program Files\CCleaner\CCUpdate.exe [829408 2024-11-06] (Gen Digital Inc. -> Gen Digital Inc.)
Task: {4078EAE6-E7FF-4FF6-8B29-3D957D504D93} - System32\Tasks\CCleanerCrashReporting => C:\Program Files\CCleaner\CCleanerBugReport.exe [5983536 2024-11-06] (Gen Digital Inc. -> Gen Digital Inc.) -> --product 90 --send dumps|report --path "C:\Program Files\CCleaner\LOG" --programpath "C:\Program Files\CCleaner" --guid "06b30e18-9de7-445f-950d-672383b2c1b8" --version "6.30.11385" --silent
Task: {B454A5D6-B7F3-4092-BDE7-5FDE29E1A92F} - System32\Tasks\CCleanerSkipUAC - Tomáš => C:\Program Files\CCleaner\CCleaner.exe [39135536 2024-11-06] (Gen Digital Inc. -> Piriform Software Ltd)
Task: {C6010DB2-44DC-4339-9A65-A1B1E1D03822} - System32\Tasks\GoogleSystem\GoogleUpdater\GoogleUpdaterTaskSystem132.0.6833.0{3BC142C6-6C32-4F73-BEC2-2C2063F59757} => C:\Program Files (x86)\Google\GoogleUpdater\132.0.6833.0\updater.exe [5591136 2024-11-11] (Google LLC -> Google LLC)
Task: {32CA82BE-D54B-4E18-BDDF-7B2244F51C9E} - System32\Tasks\HPLJCustParticipation => C:\Program Files (x86)\HP\HPLJUT\HPLJUTSCH.exe [89840 2014-10-19] (Hewlett-Packard Company -> Hewlett Packard)
Task: {F4D30E84-586F-40AA-9310-E86C6E0BD7F4} - System32\Tasks\Microsoft\Windows\Windows Defender\Windows Defender Cache Maintenance => C:\ProgramData\Microsoft\Windows Defender\Platform\4.18.24090.11-0\MpCmdRun.exe [1687360 2024-11-16] (Microsoft Windows Publisher -> Microsoft Corporation)
Task: {B744C083-66A3-47C4-8AB2-B8B7DBF37929} - System32\Tasks\Microsoft\Windows\Windows Defender\Windows Defender Cleanup => C:\ProgramData\Microsoft\Windows Defender\Platform\4.18.24090.11-0\MpCmdRun.exe [1687360 2024-11-16] (Microsoft Windows Publisher -> Microsoft Corporation)
Task: {54049AA5-456F-4662-8D42-09935018AC97} - System32\Tasks\Microsoft\Windows\Windows Defender\Windows Defender Scheduled Scan => C:\ProgramData\Microsoft\Windows Defender\Platform\4.18.24090.11-0\MpCmdRun.exe [1687360 2024-11-16] (Microsoft Windows Publisher -> Microsoft Corporation)
Task: {423EAB22-DE87-4E86-832E-20423C3676D7} - System32\Tasks\Microsoft\Windows\Windows Defender\Windows Defender Verification => C:\ProgramData\Microsoft\Windows Defender\Platform\4.18.24090.11-0\MpCmdRun.exe [1687360 2024-11-16] (Microsoft Windows Publisher -> Microsoft Corporation)
Task: {646FA8C0-0046-40F7-978E-8BC46EBF69BA} - System32\Tasks\MicrosoftEdgeUpdateTaskUserS-1-5-21-3489919597-1578466563-2200197977-1001Core{48749483-551D-4D33-B949-2874132A79FC} => C:\Users\Tomáš\AppData\Local\Microsoft\EdgeUpdate\MicrosoftEdgeUpdate.exe [206392 2024-04-04] (Microsoft Corporation -> Microsoft Corporation)
Task: {B22E4E0F-D27D-4BE5-A609-3D1F73407CCD} - System32\Tasks\MicrosoftEdgeUpdateTaskUserS-1-5-21-3489919597-1578466563-2200197977-1001UA{73A90630-A870-4BB8-9254-1444E1E023C0} => C:\Users\Tomáš\AppData\Local\Microsoft\EdgeUpdate\MicrosoftEdgeUpdate.exe [206392 2024-04-04] (Microsoft Corporation -> Microsoft Corporation)
Task: {C1E6FA04-4A80-4129-8196-E7CA319AC8CE} - System32\Tasks\Mozilla\Firefox Background Update S-1-5-21-3489919597-1578466563-2200197977-1001 308046B0AF4A39CB => C:\Program Files\Mozilla Firefox\firefox.exe [671808 2024-11-29] (Mozilla Corporation -> Mozilla Corporation) -> C:\ProgramData\Mozilla-1de4eec8-1241-4177-a864-e594e8d1fb38\updates\308046B0AF4A39CB\--MOZ_LOG sync,prependheader,timestamp,append,maxsize:1,Dump:5 --MOZ_LOG_FILE C:\ProgramData\Mozilla-1de4eec8-1241-4177-a864-e594e8d1fb38\updates\308046B0AF4A39CB\backgroundupdate.moz_log --backgroundtask background (the data entry has 6 more characters).
Task: {3290231A-3AE5-49CC-9251-D2710FAE529A} - System32\Tasks\Mozilla\Firefox Default Browser Agent 308046B0AF4A39CB => C:\Program Files\Mozilla Firefox\default-browser-agent.exe [34368 2024-11-29] (Mozilla Corporation -> Mozilla Foundation)
(If an entry is included in the fixlist, the task (.job) file will be moved. The file which is running by the task will not be moved.)
Task: C:\Windows\Tasks\CCleanerCrashReporting.job => C:\Program Files\CCleaner\CCleanerBugReport.exe
==================== Internet (Whitelisted) ====================
(If an item is included in the fixlist, if it is a registry item it will be removed or restored to default.)
Tcpip\Parameters: [DhcpNameServer] 77.236.192.130 77.236.192.150
Tcpip\..\Interfaces\{470464b2-08ff-4641-a4a2-551f9a886915}: [DhcpNameServer] 77.236.192.130 77.236.192.150
Edge:
=======
Edge DefaultProfile: Default
Edge Profile: C:\Users\Tomáš\AppData\Local\Microsoft\Edge\User Data\Default [2024-12-07]
Edge Extension: (Dokumenty Google offline) - C:\Users\Tomáš\AppData\Local\Microsoft\Edge\User Data\Default\Extensions\ghbmnnjooekpmoecnnnilnnbdlolhkhi [2024-11-28]
Edge Extension: (Edge relevant text changes) - C:\Users\Tomáš\AppData\Local\Microsoft\Edge\User Data\Default\Extensions\jmjflgjpcpepeafmmgdpfkogkghcpiha [2024-04-05]
FireFox:
========
FF DefaultProfile: srxn1ztw.default
FF ProfilePath: C:\Users\Tomáš\AppData\Roaming\Mozilla\Firefox\Profiles\srxn1ztw.default [2024-06-28]
FF ProfilePath: C:\Users\Tomáš\AppData\Roaming\Mozilla\Firefox\Profiles\zi1lyum7.default-release [2024-12-07]
FF Notifications: Mozilla\Firefox\Profiles\zi1lyum7.default-release -> hxxps://cz10.herozerogame.com; hxxps://www.amateri.com; hxxps://ahfp61v57oduhz.enhanceprotocol.co.in; hxxps://9zez4u3h2kvr5h.enhanceprotocol.co.in
Chrome:
=======
CHR Profile: C:\Users\Tomáš\AppData\Local\Google\Chrome\User Data\Default [2024-07-26]
CHR Notifications: Default -> hxxps://aukro.cz; hxxps://cz2.forgeofempires.com; hxxps://cz4.forgeofempires.com; hxxps://www.amateri.com; hxxps://www.kupi.cz; hxxps://www.youtube.com
CHR Extension: (Dokumenty Google offline) - C:\Users\Tomáš\AppData\Local\Google\Chrome\User Data\Default\Extensions\ghbmnnjooekpmoecnnnilnnbdlolhkhi [2024-04-04]
CHR Extension: (Platby Internetového obchodu Chrome) - C:\Users\Tomáš\AppData\Local\Google\Chrome\User Data\Default\Extensions\nmmhkkegccagdldgiimedpiccmgmieda [2024-04-04]
==================== Services (Whitelisted) ===================
(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)
R2 ApHidMonitorService; C:\Program Files\DellTPad\HidMonitorSvc.exe [87384 2014-03-27] (Alps Electric Co., LTD. -> Alps Electric Co., Ltd.)
S3 CCleanerPerformanceOptimizerService; C:\Program Files\CCleaner\CCleanerPerformanceOptimizerService.exe [1087792 2024-11-06] (Gen Digital Inc. -> Piriform Software Ltd)
R2 HP LaserJet Service; C:\Program Files (x86)\HP\HPLaserJetService\HPLaserJetService.exe [176640 2020-02-11] (HP Inc.) [File not signed]
R2 MDCoreSvc; C:\ProgramData\Microsoft\Windows Defender\Platform\4.18.24090.11-0\MpDefenderCoreService.exe [1447680 2024-11-16] (Microsoft Windows Publisher -> Microsoft Corporation)
S3 Sense; C:\Program Files\Windows Defender Advanced Threat Protection\MsSense.exe [559368 2024-11-15] (Microsoft Windows Publisher -> Microsoft Corporation)
R3 WdNisSvc; C:\ProgramData\Microsoft\Windows Defender\Platform\4.18.24090.11-0\NisSrv.exe [3199672 2024-11-16] (Microsoft Windows Publisher -> Microsoft Corporation)
R2 WinDefend; C:\ProgramData\Microsoft\Windows Defender\Platform\4.18.24090.11-0\MsMpEng.exe [141952 2024-11-16] (Microsoft Windows Publisher -> Microsoft Corporation)
===================== Drivers (Whitelisted) ===================
(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)
S3 BthA2dp; C:\Windows\System32\drivers\BthA2dp.sys [279040 2019-12-07] (Microsoft Corporation) [File not signed]
S3 BthHFEnum; C:\Windows\System32\drivers\bthhfenum.sys [144896 2019-12-07] (Microsoft Corporation) [File not signed]
S0 WdBoot; C:\Windows\System32\drivers\wd\WdBoot.sys [22104 2024-11-16] (Microsoft Windows Early Launch Anti-malware Publisher -> Microsoft Corporation)
R0 WdFilter; C:\Windows\System32\drivers\wd\WdFilter.sys [606624 2024-11-16] (Microsoft Windows -> Microsoft Corporation)
R3 WdNisDrv; C:\Windows\System32\drivers\wd\WdNisDrv.sys [105888 2024-11-16] (Microsoft Windows -> Microsoft Corporation)
==================== NetSvcs (Whitelisted) ===================
(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)
==================== One month (created) (Whitelisted) =========
(If an entry is included in the fixlist, the file/folder will be moved.)
2024-12-07 14:35 - 2024-12-07 14:35 - 008790880 _____ (Malwarebytes) C:\Users\Tomáš\Downloads\AdwCleaner(1).exe
2024-12-07 14:32 - 2024-12-07 14:33 - 000000000 ____D C:\AdwCleaner
2024-12-07 14:32 - 2024-12-07 14:32 - 008790880 _____ (Malwarebytes) C:\Users\Tomáš\Downloads\adwcleaner.exe
2024-12-07 12:17 - 2024-12-07 12:18 - 000027640 _____ C:\Users\Tomáš\Downloads\Addition.txt
2024-12-07 12:15 - 2024-12-07 15:11 - 000013646 _____ C:\Users\Tomáš\Downloads\FRST.txt
2024-12-07 12:15 - 2024-12-07 15:10 - 000000000 ____D C:\FRST
2024-12-07 12:14 - 2024-12-07 12:14 - 002402304 _____ (Farbar) C:\Users\Tomáš\Downloads\FRST64.exe
2024-12-07 12:07 - 2024-12-07 12:07 - 002473232 _____ () C:\Users\Tomáš\Downloads\zipmate(2).exe
2024-12-07 12:04 - 2024-12-07 12:04 - 002096640 _____ (Farbar) C:\Users\Tomáš\Downloads\FRST.exe
2024-12-06 08:19 - 2024-12-06 10:39 - 000000000 ____D C:\Users\Tomáš\Desktop\2024 5.12. Pardubice Žluťák
2024-11-29 07:19 - 2024-11-30 20:00 - 000000000 ____D C:\Program Files\Mozilla Firefox
2024-11-17 07:57 - 2024-12-07 14:58 - 000000000 ____H C:\Users\Tomáš\Desktop\fssort.ini
2024-11-16 08:28 - 2024-11-16 08:28 - 000048011 _____ C:\Users\Tomáš\Downloads\Shrnutí objednávky-98766eb7-70c5-3e4e-b641-d833758afc6e.pdf
2024-11-15 15:30 - 2024-11-15 15:30 - 000082947 _____ C:\Users\Tomáš\Downloads\dark_crystal.zip
2024-11-15 15:26 - 2024-11-15 15:26 - 002474264 _____ () C:\Users\Tomáš\Downloads\zipmate(1).exe
2024-11-15 14:33 - 2024-11-15 14:33 - 000000000 ___HD C:\$WinREAgent
2024-11-15 14:09 - 2024-11-15 14:09 - 000000000 ____D C:\Users\Tomáš\AppData\Roaming\WinRAR
2024-11-15 14:09 - 2024-11-15 14:09 - 000000000 ____D C:\Users\Tomáš\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\WinRAR
2024-11-15 14:09 - 2024-11-15 14:09 - 000000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\WinRAR
2024-11-15 14:09 - 2024-11-15 14:09 - 000000000 ____D C:\Program Files\WinRAR
2024-11-15 14:08 - 2024-11-15 14:08 - 004194776 _____ C:\Users\Tomáš\Downloads\winrar-x64-701cz.exe
2024-11-15 13:55 - 2024-11-15 13:55 - 000000000 ____D C:\Users\Tomáš\Documents\ZPS11
2024-11-15 13:54 - 2024-11-15 13:54 - 000000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Zoner Photo Studio 11
2024-11-15 13:54 - 2024-11-15 13:54 - 000000000 ____D C:\Program Files (x86)\Zoner
2024-11-15 13:53 - 2024-11-15 13:53 - 063819721 _____ (ZONER software ) C:\Users\Tomáš\Downloads\zps11_cz_home.exe
2024-11-15 09:31 - 2024-11-15 13:55 - 000000000 ____D C:\Users\Tomáš\AppData\Roaming\Zoner
2024-11-15 09:31 - 2024-11-15 09:31 - 000000000 ____D C:\Users\Tomáš\AppData\Local\Zoner
2024-11-15 09:31 - 2024-11-15 09:31 - 000000000 ____D C:\Users\Tomáš\AppData\Local\CEF
2024-11-15 09:30 - 2024-11-15 09:31 - 079831160 _____ (ZONER software ) C:\Users\Tomáš\Downloads\zpsx_cz.exe
2024-11-15 09:27 - 2024-11-15 09:27 - 002474264 _____ () C:\Users\Tomáš\Downloads\zipmate.exe
==================== One month (modified) ==================
(If an entry is included in the fixlist, the file/folder will be moved.)
2024-12-07 14:51 - 2024-06-28 07:12 - 000000000 ____D C:\ProgramData\Mozilla-1de4eec8-1241-4177-a864-e594e8d1fb38
2024-12-07 14:50 - 2024-07-26 13:10 - 000000000 ____D C:\Program Files\CCleaner
2024-12-07 14:50 - 2024-03-31 10:23 - 000000000 ___RD C:\Users\Tomáš\OneDrive
2024-12-07 14:47 - 2019-12-07 10:14 - 000000000 ____D C:\ProgramData\regid.1991-06.com.microsoft
2024-12-07 14:42 - 2024-03-31 10:23 - 001605606 _____ C:\Windows\system32\PerfStringBackup.INI
2024-12-07 14:42 - 2019-12-07 15:43 - 000683606 _____ C:\Windows\system32\perfh005.dat
2024-12-07 14:42 - 2019-12-07 15:43 - 000137386 _____ C:\Windows\system32\perfc005.dat
2024-12-07 14:42 - 2019-12-07 10:13 - 000000000 ____D C:\Windows\INF
2024-12-07 14:38 - 2024-03-31 10:14 - 000008192 ___SH C:\DumpStack.log.tmp
2024-12-07 14:38 - 2024-03-31 10:14 - 000000006 ____H C:\Windows\Tasks\SA.DAT
2024-12-07 14:38 - 2023-12-04 03:52 - 000000000 ____D C:\Windows\SystemTemp
2024-12-07 14:37 - 2019-12-07 10:03 - 000524288 _____ C:\Windows\system32\config\BBI
2024-12-07 11:26 - 2024-03-31 10:14 - 000000000 ____D C:\Windows\system32\SleepStudy
2024-12-07 08:21 - 2019-12-07 10:14 - 000000000 ___HD C:\Program Files\WindowsApps
2024-12-07 08:21 - 2019-12-07 10:14 - 000000000 ____D C:\Windows\AppReadiness
2024-12-07 08:20 - 2024-03-31 10:14 - 000002436 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Microsoft Edge.lnk
2024-12-06 08:16 - 2024-04-05 13:27 - 000002247 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Google Chrome.lnk
2024-11-30 20:00 - 2024-06-28 07:12 - 000000000 ____D C:\Program Files (x86)\Mozilla Maintenance Service
2024-11-30 15:00 - 2019-12-07 10:03 - 000000000 ____D C:\Windows\CbsTemp
2024-11-30 07:25 - 2024-06-28 07:12 - 000001005 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Firefox.lnk
2024-11-29 17:07 - 2024-04-05 15:40 - 000000000 ____D C:\Program Files\RUXIM
2024-11-28 19:02 - 2024-04-04 16:23 - 000003592 _____ C:\Windows\system32\Tasks\OneDrive Reporting Task-S-1-5-21-3489919597-1578466563-2200197977-1001
2024-11-28 19:02 - 2024-03-31 10:23 - 000003380 _____ C:\Windows\system32\Tasks\OneDrive Standalone Update Task-S-1-5-21-3489919597-1578466563-2200197977-1001
2024-11-28 19:02 - 2024-03-31 10:18 - 000002381 _____ C:\Users\Tomáš\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\OneDrive.lnk
2024-11-28 16:46 - 2024-04-04 16:24 - 000003980 _____ C:\Windows\system32\Tasks\MicrosoftEdgeUpdateTaskUserS-1-5-21-3489919597-1578466563-2200197977-1001UA{73A90630-A870-4BB8-9254-1444E1E023C0}
2024-11-28 16:46 - 2024-04-04 16:24 - 000003916 _____ C:\Windows\system32\Tasks\MicrosoftEdgeUpdateTaskUserS-1-5-21-3489919597-1578466563-2200197977-1001Core{48749483-551D-4D33-B949-2874132A79FC}
2024-11-28 14:53 - 2024-03-31 10:14 - 000003640 _____ C:\Windows\system32\Tasks\MicrosoftEdgeUpdateTaskMachineUA
2024-11-28 14:53 - 2024-03-31 10:14 - 000003516 _____ C:\Windows\system32\Tasks\MicrosoftEdgeUpdateTaskMachineCore
2024-11-16 08:22 - 2024-03-31 10:14 - 000000000 ____D C:\Windows\system32\Drivers\wd
2024-11-15 18:48 - 2024-07-26 13:10 - 000000666 _____ C:\Windows\Tasks\CCleanerCrashReporting.job
2024-11-15 18:48 - 2024-03-31 10:14 - 000259768 _____ C:\Windows\system32\FNTCACHE.DAT
2024-11-15 18:47 - 2019-12-07 15:47 - 000000000 ____D C:\Program Files\Windows Defender Advanced Threat Protection
2024-11-15 18:47 - 2019-12-07 10:14 - 000000000 ___RD C:\Windows\ImmersiveControlPanel
2024-11-15 18:47 - 2019-12-07 10:14 - 000000000 ____D C:\Windows\SysWOW64\Dism
2024-11-15 18:47 - 2019-12-07 10:14 - 000000000 ____D C:\Windows\SystemResources
2024-11-15 18:47 - 2019-12-07 10:14 - 000000000 ____D C:\Windows\system32\setup
2024-11-15 18:47 - 2019-12-07 10:14 - 000000000 ____D C:\Windows\system32\SecureBootUpdates
2024-11-15 18:47 - 2019-12-07 10:14 - 000000000 ____D C:\Windows\system32\oobe
2024-11-15 18:47 - 2019-12-07 10:14 - 000000000 ____D C:\Windows\system32\Dism
2024-11-15 18:47 - 2019-12-07 10:14 - 000000000 ____D C:\Windows\system32\appraiser
2024-11-15 18:47 - 2019-12-07 10:14 - 000000000 ____D C:\Windows\ShellExperiences
2024-11-15 18:47 - 2019-12-07 10:14 - 000000000 ____D C:\Windows\DiagTrack
2024-11-15 18:47 - 2019-12-07 10:14 - 000000000 ____D C:\Windows\bcastdvr
2024-11-15 15:03 - 2024-04-04 16:21 - 000000000 ____D C:\Users\Tomáš\AppData\Local\PlaceholderTileLogoFolder
2024-11-15 15:03 - 2024-03-31 10:19 - 000000000 ____D C:\ProgramData\Packages
2024-11-15 15:03 - 2024-03-31 10:18 - 000000000 ____D C:\Users\Tomáš\AppData\Local\Packages
2024-11-15 14:43 - 2024-03-31 10:18 - 003016192 _____ (Microsoft Corporation) C:\Windows\SysWOW64\PrintConfig.dll
2024-11-15 11:30 - 2024-04-05 12:17 - 000000000 ____D C:\Windows\system32\MRT
2024-11-15 11:27 - 2024-04-05 12:17 - 202035632 ____C (Microsoft Corporation) C:\Windows\system32\MRT.exe
2024-11-15 08:28 - 2024-07-26 13:10 - 000003936 _____ C:\Windows\system32\Tasks\CCleaner Update
2024-11-15 08:28 - 2024-07-26 13:10 - 000003382 _____ C:\Windows\system32\Tasks\CCleanerCrashReporting
==================== SigCheck ============================
(There is no automatic fix for files that do not pass verification.)
==================== End of FRST.txt ========================
Additional scan result of Farbar Recovery Scan Tool (x64) Version: 06-12-2024
Ran by Tomáš (07-12-2024 15:11:55)
Running from C:\Users\Tomáš\Downloads
Microsoft Windows 10 Pro Version 22H2 19045.5131 (X64) (2024-03-31 09:17:02)
Boot Mode: Normal
==========================================================
==================== Accounts: =============================
(If an entry is included in the fixlist, it will be removed.)
Administrator (S-1-5-21-3489919597-1578466563-2200197977-500 - Administrator - Disabled)
DefaultAccount (S-1-5-21-3489919597-1578466563-2200197977-503 - Limited - Disabled)
Guest (S-1-5-21-3489919597-1578466563-2200197977-501 - Limited - Disabled)
Tomáš (S-1-5-21-3489919597-1578466563-2200197977-1001 - Administrator - Enabled) => C:\Users\Tomáš
WDAGUtilityAccount (S-1-5-21-3489919597-1578466563-2200197977-504 - Limited - Disabled)
==================== Security Center ========================
(If an entry is included in the fixlist, it will be removed.)
AV: Windows Defender (Enabled - Up to date) {D68DDC3A-831F-4fae-9E44-DA132C1ACF46}
==================== Installed Programs ======================
(Only the adware programs with "Hidden" flag could be added to the fixlist to unhide them. The adware programs should be uninstalled manually.)
CCleaner (HKLM\...\CCleaner) (Version: 6.30 - Piriform)
Dell Touchpad (HKLM\...\{9F72EF8B-AEC9-4CA5-B483-143980AFD6FD}) (Version: 8.1206.101.112 - ALPS ELECTRIC CO., LTD.)
FastStone Image Viewer 7.8 (HKLM-x32\...\FastStone Image Viewer) (Version: 7.8 - FastStone Corporation)
Google Chrome (HKLM-x32\...\Google Chrome) (Version: 131.0.6778.109 - Google LLC)
HP LaserJet Pro MFP M125-M126 (HKLM-x32\...\{c65448bc-e467-4ec7-b4a5-246697f52957}) (Version: 15.0.15310.1316 - Hewlett-Packard)
HP LaserJet Pro MFP M125-M126 HP Device Toolbox (HKLM-x32\...\{82E7776B-E837-4584-BD0D-E2F54A0F6960}) (Version: 32.0.28.0 - Hewlett-Packard Co.) Hidden
HP LJ M125126 Scan HP Scan (HKLM-x32\...\{F84EA1B1-5184-4145-B6E6-5E5D33D85FE4}) (Version: 1.0.302.0 - Hewlett-Packard Co.) Hidden
HP Product FWUpdater (HKLM-x32\...\{5A11EF83-9E0A-4B5C-8D2F-1FF9551A5E8C}) (Version: 4.0.0.8895 - Hewlett-Packard Company) Hidden
HP Unified IO (HKLM\...\{5C76ED0D-0F6F-4985-8B34-F9AE7834848F}) (Version: 2.0.0.434 - HP) Hidden
HP Unified IO (HKLM-x32\...\{F1390872-2500-4408-A46C-CD16C960C661}) (Version: 2.0.0.434 - HP) Hidden
HP Update (HKLM-x32\...\{912D30CF-F39E-4B31-AD9A-123C6B794EE2}) (Version: 5.005.002.002 - Hewlett-Packard)
HPLJProMFPM125M126 (HKLM-x32\...\{B2894225-82C7-4006-B243-6272589993B2}) (Version: 1.00.0000 - Hewlett-Packard)
HPLJUTCore (HKLM-x32\...\{B445502B-2F83-4873-90F1-06059F71A46A}) (Version: 014.000.0001 - HP) Hidden
HPLJUTM125_126 (HKLM-x32\...\{9E7CB788-5C1F-4A18-95AA-8F4B1618A80C}) (Version: 008.000.0001 - HP) Hidden
hppM125LaserJetService (HKLM-x32\...\{18D5B189-DBDD-4E57-A84B-58C7700E9BB0}) (Version: 001.032.00682 - Hewlett-Packard) Hidden
hpStatusAlerts (HKLM-x32\...\{6bb3c4d6-a57b-4ab7-a96a-be45a4959fe1}) (Version: 170.040.00260 - HP Development Company, L.P.) Hidden
hpStatusAlertsM125-M126 (HKLM-x32\...\{581A9CCB-1AD7-4BB4-A698-590305F773FB}) (Version: 080.046.00113 - Hewlett-Packard) Hidden
Microsoft Edge (HKLM-x32\...\Microsoft Edge) (Version: 131.0.2903.86 - Microsoft Corporation)
Microsoft Edge WebView2 Runtime (HKLM-x32\...\Microsoft EdgeWebView) (Version: 131.0.2903.86 - Microsoft Corporation) Hidden
Microsoft OneDrive (HKU\S-1-5-21-3489919597-1578466563-2200197977-1001\...\OneDriveSetup.exe) (Version: 24.221.1103.0003 - Microsoft Corporation)
Microsoft Update Health Tools (HKLM\...\{1FC1A6C2-576E-489A-9B4A-92D21F542136}) (Version: 3.74.0.0 - Microsoft Corporation)
Mozilla Firefox (x64 cs) (HKLM\...\Mozilla Firefox 133.0 (x64 cs)) (Version: 133.0 - Mozilla)
Mozilla Maintenance Service (HKLM\...\MozillaMaintenanceService) (Version: 127.0.2 - Mozilla)
pltcli (HKU\S-1-5-21-3489919597-1578466563-2200197977-1001\...\pltcli) (Version: 1.0 - pltcli)
Update for x64-based Windows Systems (KB5001716) (HKLM\...\{DA80A019-4C3B-4DAA-ACA1-6937D7CAAF9E}) (Version: 8.94.0.0 - Microsoft Corporation)
WinRAR 7.01 (64-bit) (HKLM\...\WinRAR archiver) (Version: 7.01.0 - win.rar GmbH)
ZipMatePro (HKU\S-1-5-21-3489919597-1578466563-2200197977-1001\...\ZipMatePro) (Version: 1.0 - ZipMatePro)
Zoner Photo Studio 11 (HKLM-x32\...\ZonerPhotoStudio11_CZ_is1) (Version: - ZONER software)
Chrome apps:
============
Disk Google (HKU\S-1-5-21-3489919597-1578466563-2200197977-1001\...\d8eef3a0245b73f9e174eadb491b4100) (Version: 1.0 - Google\Chrome)
Dokumenty (HKU\S-1-5-21-3489919597-1578466563-2200197977-1001\...\d775f32a9426acd4bf4d1586e6134459) (Version: 1.0 - Google\Chrome)
Gmail (HKU\S-1-5-21-3489919597-1578466563-2200197977-1001\...\1572f198952fadc2b912362ece2a43fe) (Version: 1.0 - Google\Chrome)
Prezentace (HKU\S-1-5-21-3489919597-1578466563-2200197977-1001\...\339754b122c6975b3f02e5f1b63aa960) (Version: 1.0 - Google\Chrome)
Tabulky (HKU\S-1-5-21-3489919597-1578466563-2200197977-1001\...\71d1f384c28d341a1ed8c86007b72ac7) (Version: 1.0 - Google\Chrome)
YouTube (HKU\S-1-5-21-3489919597-1578466563-2200197977-1001\...\7631678bf8e2ee006e310974cbacc5db) (Version: 1.0 - Google\Chrome)
Packages:
=========
Spotify – hudba a podcasty -> C:\Program Files\WindowsApps\SpotifyAB.SpotifyMusic_1.252.442.0_x64__zpdnekdrzrea0 [2024-12-06] (Spotify AB) [Startup Task]
==================== Custom CLSID (Whitelisted): ==============
(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)
CustomCLSID: HKU\S-1-5-21-3489919597-1578466563-2200197977-1001_Classes\CLSID\{1108FD1C-492F-4251-B9DB-77F0274267B2}\InprocServer32 -> C:\Users\Tomáš\AppData\Local\Microsoft\EdgeUpdate\1.3.187.37\psuser_64.dll => No File
CustomCLSID: HKU\S-1-5-21-3489919597-1578466563-2200197977-1001_Classes\CLSID\{2FDB3305-19B8-4FE2-972B-ED5E97CBBD6E}\InprocServer32 -> C:\Users\Tomáš\AppData\Local\Microsoft\EdgeUpdate\1.3.195.39\psuser_64.dll (Microsoft Corporation -> Microsoft Corporation)
CustomCLSID: HKU\S-1-5-21-3489919597-1578466563-2200197977-1001_Classes\CLSID\{5EA43877-C6D8-4885-B77A-C0BB27E94372}\InprocServer32 -> C:\Users\Tomáš\AppData\Local\Microsoft\EdgeUpdate\1.3.195.39\psuser_64.dll (Microsoft Corporation -> Microsoft Corporation)
CustomCLSID: HKU\S-1-5-21-3489919597-1578466563-2200197977-1001_Classes\CLSID\{5FC44EBC-3A1F-4FBB-85E5-34405788C8D7}\InprocServer32 -> C:\Users\Tomáš\AppData\Local\Microsoft\EdgeUpdate\1.3.187.41\psuser_64.dll => No File
CustomCLSID: HKU\S-1-5-21-3489919597-1578466563-2200197977-1001_Classes\CLSID\{6DD6748E-7DAE-47EF-B4D5-03AA1B06D697}\InprocServer32 -> C:\Users\Tomáš\AppData\Local\Microsoft\EdgeUpdate\1.3.187.39\psuser_64.dll => No File
CustomCLSID: HKU\S-1-5-21-3489919597-1578466563-2200197977-1001_Classes\CLSID\{78C1ADF4-6DAE-4164-AEFA-4E3EAD9E750A}\InprocServer32 -> C:\Users\Tomáš\AppData\Local\Microsoft\EdgeUpdate\1.3.195.19\psuser_64.dll => No File
CustomCLSID: HKU\S-1-5-21-3489919597-1578466563-2200197977-1001_Classes\CLSID\{81093D63-7825-417B-BFC8-ADC63FA4E53D}\InprocServer32 -> C:\Users\Tomáš\AppData\Local\Microsoft\EdgeUpdate\1.3.195.39\psuser_64.dll (Microsoft Corporation -> Microsoft Corporation)
CustomCLSID: HKU\S-1-5-21-3489919597-1578466563-2200197977-1001_Classes\CLSID\{83F21C4B-8643-4A08-A29A-822AFD835037}\InprocServer32 -> C:\Users\Tomáš\AppData\Local\Microsoft\EdgeUpdate\1.3.193.5\psuser_64.dll => No File
CustomCLSID: HKU\S-1-5-21-3489919597-1578466563-2200197977-1001_Classes\CLSID\{A087E49F-1F8E-4603-A200-55537B737421}\InprocServer32 -> C:\Users\Tomáš\AppData\Local\Microsoft\EdgeUpdate\1.3.195.25\psuser_64.dll => No File
CustomCLSID: HKU\S-1-5-21-3489919597-1578466563-2200197977-1001_Classes\CLSID\{B258532D-3529-4BEB-BF38-F08F98B3968C}\InprocServer32 -> C:\Users\Tomáš\AppData\Local\Microsoft\EdgeUpdate\1.3.195.15\psuser_64.dll => No File
CustomCLSID: HKU\S-1-5-21-3489919597-1578466563-2200197977-1001_Classes\CLSID\{BC4C72EF-3055-4A6D-86E1-AE4D24DB63CA}\InprocServer32 -> C:\Users\Tomáš\AppData\Local\Microsoft\EdgeUpdate\1.3.195.35\psuser_64.dll => No File
CustomCLSID: HKU\S-1-5-21-3489919597-1578466563-2200197977-1001_Classes\CLSID\{DAA7499A-B3AC-4419-A89B-124318504051}\InprocServer32 -> C:\Users\Tomáš\AppData\Local\Microsoft\EdgeUpdate\1.3.185.29\psuser_64.dll => No File
ContextMenuHandlers1: [WinRAR] -> {B41DB860-64E4-11D2-9906-E49FADC173CA} => C:\Program Files\WinRAR\rarext.dll [2024-05-12] (win.rar GmbH -> Alexander Roshal)
ContextMenuHandlers1-x32: [WinRAR32] -> {B41DB860-8EE4-11D2-9906-E49FADC173CA} => C:\Program Files\WinRAR\rarext32.dll [2024-05-12] (win.rar GmbH -> Alexander Roshal)
ContextMenuHandlers5: [igfxcui] -> {3AB1675A-CCFF-11D2-8B20-00A0C93CB1F4} => C:\Windows\system32\igfxpph.dll [2017-03-09] (Microsoft Windows Hardware Compatibility Publisher -> Intel Corporation)
ContextMenuHandlers6: [WinRAR] -> {B41DB860-64E4-11D2-9906-E49FADC173CA} => C:\Program Files\WinRAR\rarext.dll [2024-05-12] (win.rar GmbH -> Alexander Roshal)
ContextMenuHandlers6-x32: [WinRAR32] -> {B41DB860-8EE4-11D2-9906-E49FADC173CA} => C:\Program Files\WinRAR\rarext32.dll [2024-05-12] (win.rar GmbH -> Alexander Roshal)
==================== Codecs (Whitelisted) ====================
==================== Shortcuts & WMI ========================
(The entries could be listed to be restored or removed.)
ShortcutWithArgument: C:\Users\Tomáš\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Aplikace Chrome\Disk Google.lnk -> C:\Program Files\Google\Chrome\Application\chrome_proxy.exe (Google LLC) -> --profile-directory=Default --app-id=aghbiahbpaijignceidepookljebhfak
ShortcutWithArgument: C:\Users\Tomáš\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Aplikace Chrome\Dokumenty.lnk -> C:\Program Files\Google\Chrome\Application\chrome_proxy.exe (Google LLC) -> --profile-directory=Default --app-id=mpnpojknpmmopombnjdcgaaiekajbnjb
ShortcutWithArgument: C:\Users\Tomáš\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Aplikace Chrome\Gmail.lnk -> C:\Program Files\Google\Chrome\Application\chrome_proxy.exe (Google LLC) -> --profile-directory=Default --app-id=fmgjjmmmlfnkbppncabfkddbjimcfncm
ShortcutWithArgument: C:\Users\Tomáš\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Aplikace Chrome\Prezentace.lnk -> C:\Program Files\Google\Chrome\Application\chrome_proxy.exe (Google LLC) -> --profile-directory=Default --app-id=kefjledonklijopmnomlcbpllchaibag
ShortcutWithArgument: C:\Users\Tomáš\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Aplikace Chrome\Tabulky.lnk -> C:\Program Files\Google\Chrome\Application\chrome_proxy.exe (Google LLC) -> --profile-directory=Default --app-id=fhihpiojkbmbpdjeoajapmgkhlnakfjf
ShortcutWithArgument: C:\Users\Tomáš\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Aplikace Chrome\YouTube.lnk -> C:\Program Files\Google\Chrome\Application\chrome_proxy.exe (Google LLC) -> --profile-directory=Default --app-id=agimnkijcaahngcdmfeangaknmldooml
==================== Loaded Modules (Whitelisted) =============
2009-09-16 17:44 - 2009-09-16 17:44 - 000153088 _____ (Hewlett Packard) [File not signed] C:\Windows\System32\hptcpmib.dll
2009-09-16 17:45 - 2009-09-16 17:45 - 000331264 _____ (Hewlett Packard) [File not signed] C:\Windows\System32\HpTcpMon.dll
2009-09-16 10:44 - 2009-09-16 10:44 - 000132096 _____ (Hewlett Packard) [File not signed] C:\Windows\System32\hpzjrd01.dll
2009-09-16 17:45 - 2009-09-16 17:45 - 000317440 _____ (Microsoft Corporation) [File not signed] C:\Windows\System32\HPTcpMUI.dll
==================== Alternate Data Streams (Whitelisted) ========
==================== Safe Mode (Whitelisted) ==================
==================== Association (Whitelisted) =================
==================== Internet Explorer (Whitelisted) =============
==================== Hosts content: =========================
(If needed Hosts: directive could be included in the fixlist to reset Hosts.)
2019-12-07 10:14 - 2019-12-07 10:12 - 000000824 _____ C:\Windows\system32\drivers\etc\hosts
==================== Other Areas ===========================
(Currently there is no automatic fix for this section.)
HKU\S-1-5-21-3489919597-1578466563-2200197977-1001\Control Panel\Desktop\\Wallpaper -> C:\Users\Tomáš\Desktop\HD-wallpaper-deicide-death-metal-metal-scars.jpg
DNS Servers: 77.236.192.130 - 77.236.192.150
HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Policies\System => (ConsentPromptBehaviorAdmin: 5) (ConsentPromptBehaviorUser: 3) (EnableLUA: 1)
Windows Firewall is enabled.
Network Binding:
=============
Wi-Fi: Intel(R) Centrino(R) Advanced-N 6205 -> NETwew01.sys
Ethernet: Intel(R) 82579LM Gigabit Network Connection -> e1i65x64.sys
==================== MSCONFIG/TASK MANAGER disabled items ==
==================== FirewallRules (Whitelisted) ================
(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)
FirewallRules: [{B378EBB2-BDDD-4D11-8656-F59B17084A2B}] => (Allow) C:\Program Files (x86)\HP\HP LaserJet Pro MFP M125-M126\Bin\HPNetworkCommunicatorCom.exe (VistaName -> Hewlett-Packard Co.) [File not signed]
FirewallRules: [{572C0C0F-2E92-4192-AB63-045BAE373164}] => (Allow) C:\Program Files (x86)\HP\HP LaserJet Pro MFP M125-M126\bin\EWSProxy.exe (VistaName -> Hewlett-Packard Co.) [File not signed]
FirewallRules: [{CA0D8E74-9317-4AB5-BAE3-A82288B136F5}] => (Allow) C:\Program Files\Mozilla Firefox\firefox.exe (Mozilla Corporation -> Mozilla Corporation)
FirewallRules: [{9F6E9C79-1536-4D0E-84E9-6DCDD0F4F5CA}] => (Allow) C:\Program Files\Mozilla Firefox\firefox.exe (Mozilla Corporation -> Mozilla Corporation)
FirewallRules: [{BFE859D3-6A77-495D-85DD-AE14E93F65C3}] => (Allow) C:\Program Files\Google\Chrome\Application\chrome.exe (Google LLC -> Google LLC)
FirewallRules: [{EDC8B73A-D51E-4AAB-BC89-B47601C439CD}] => (Allow) C:\Program Files\WindowsApps\Microsoft.SkypeApp_15.133.3202.0_x64__kzf8qxf38zg5c\Skype\Skype.exe (Skype Software Sarl -> Skype Technologies S.A.)
FirewallRules: [{C0B0B697-9EF0-41DD-A598-A82DDE6433AB}] => (Allow) C:\Program Files\WindowsApps\Microsoft.SkypeApp_15.133.3202.0_x64__kzf8qxf38zg5c\Skype\Skype.exe (Skype Software Sarl -> Skype Technologies S.A.)
FirewallRules: [{C2CA360C-9BF1-407A-876A-DD7BFC29E1AC}] => (Allow) C:\Program Files\WindowsApps\Microsoft.SkypeApp_15.133.3202.0_x64__kzf8qxf38zg5c\Skype\Skype.exe (Skype Software Sarl -> Skype Technologies S.A.)
FirewallRules: [{AEED1C68-3C1C-40A0-AF59-9301266D817E}] => (Allow) C:\Program Files\WindowsApps\Microsoft.SkypeApp_15.133.3202.0_x64__kzf8qxf38zg5c\Skype\Skype.exe (Skype Software Sarl -> Skype Technologies S.A.)
FirewallRules: [{4A17DA12-2770-44E9-AC19-8CA61F87F5A2}] => (Allow) C:\Program Files\WindowsApps\SpotifyAB.SpotifyMusic_1.252.442.0_x64__zpdnekdrzrea0\Spotify.exe (453637B3-4E12-4CDF-B0D3-2A3C863BF6EF -> Spotify Ltd)
FirewallRules: [{5033D075-BEF4-410C-A514-D35594DDA4B8}] => (Allow) C:\Program Files\WindowsApps\SpotifyAB.SpotifyMusic_1.252.442.0_x64__zpdnekdrzrea0\Spotify.exe (453637B3-4E12-4CDF-B0D3-2A3C863BF6EF -> Spotify Ltd)
FirewallRules: [{7BC91C82-A1F8-4947-9808-C32D959AA3B9}] => (Allow) C:\Program Files\WindowsApps\SpotifyAB.SpotifyMusic_1.252.442.0_x64__zpdnekdrzrea0\Spotify.exe (453637B3-4E12-4CDF-B0D3-2A3C863BF6EF -> Spotify Ltd)
FirewallRules: [{BA1A7C62-C72B-4A35-99E3-F239408F0740}] => (Allow) C:\Program Files\WindowsApps\SpotifyAB.SpotifyMusic_1.252.442.0_x64__zpdnekdrzrea0\Spotify.exe (453637B3-4E12-4CDF-B0D3-2A3C863BF6EF -> Spotify Ltd)
FirewallRules: [{11E20890-4A27-406C-8DCC-CF9B6BC46D17}] => (Allow) C:\Program Files\WindowsApps\SpotifyAB.SpotifyMusic_1.252.442.0_x64__zpdnekdrzrea0\Spotify.exe (453637B3-4E12-4CDF-B0D3-2A3C863BF6EF -> Spotify Ltd)
FirewallRules: [{40A091EC-B0F6-45C8-8026-D9414F785B1C}] => (Allow) C:\Program Files\WindowsApps\SpotifyAB.SpotifyMusic_1.252.442.0_x64__zpdnekdrzrea0\Spotify.exe (453637B3-4E12-4CDF-B0D3-2A3C863BF6EF -> Spotify Ltd)
FirewallRules: [{B8F5904E-8136-47F0-B3A8-9E8B4543B5BF}] => (Allow) C:\Program Files\WindowsApps\SpotifyAB.SpotifyMusic_1.252.442.0_x64__zpdnekdrzrea0\Spotify.exe (453637B3-4E12-4CDF-B0D3-2A3C863BF6EF -> Spotify Ltd)
FirewallRules: [{AA7831A8-C2AA-4226-8561-82E16C5C3CBE}] => (Allow) C:\Program Files\WindowsApps\SpotifyAB.SpotifyMusic_1.252.442.0_x64__zpdnekdrzrea0\Spotify.exe (453637B3-4E12-4CDF-B0D3-2A3C863BF6EF -> Spotify Ltd)
FirewallRules: [{ED9DA6F4-96A1-4BFE-AC03-E56C8CC6E70A}] => (Allow) C:\Program Files\WindowsApps\SpotifyAB.SpotifyMusic_1.252.442.0_x64__zpdnekdrzrea0\Spotify.exe (453637B3-4E12-4CDF-B0D3-2A3C863BF6EF -> Spotify Ltd)
FirewallRules: [{C6A6CE63-8462-4B8E-94FA-CEF91F04D862}] => (Allow) C:\Program Files\WindowsApps\SpotifyAB.SpotifyMusic_1.252.442.0_x64__zpdnekdrzrea0\Spotify.exe (453637B3-4E12-4CDF-B0D3-2A3C863BF6EF -> Spotify Ltd)
FirewallRules: [{9B28761F-D0AD-4DBB-8CB6-FED7E7469377}] => (Allow) C:\Program Files (x86)\Microsoft\EdgeWebView\Application\131.0.2903.86\msedgewebview2.exe (Microsoft Corporation -> Microsoft Corporation)
==================== Restore Points =========================
15-11-2024 14:33:35 Instalační služba modulů systému Windows
30-11-2024 08:02:13 Naplánovaný kontrolní bod
30-11-2024 15:00:07 Instalační služba modulů systému Windows
==================== Faulty Device Manager Devices ============
Name: Broadcom USH
Description: Broadcom USH
Class Guid:
Manufacturer:
Service:
Problem: : The drivers for this device are not installed. (Code 28)
Resolution: To install the drivers for this device, click "Update Driver", which starts the Hardware Update wizard.
Name: Sériový port sběrnice PCI
Description: Sériový port sběrnice PCI
Class Guid:
Manufacturer:
Service:
Problem: : The drivers for this device are not installed. (Code 28)
Resolution: To install the drivers for this device, click "Update Driver", which starts the Hardware Update wizard.
Name: Řadič jednoduché komunikace pro sběrnici PCI
Description: Řadič jednoduché komunikace pro sběrnici PCI
Class Guid:
Manufacturer:
Service:
Problem: : The drivers for this device are not installed. (Code 28)
Resolution: To install the drivers for this device, click "Update Driver", which starts the Hardware Update wizard.
Name: Řadič velkokapacitního paměťového zařízení
Description: Řadič velkokapacitního paměťového zařízení
Class Guid:
Manufacturer:
Service:
Problem: : The drivers for this device are not installed. (Code 28)
Resolution: To install the drivers for this device, click "Update Driver", which starts the Hardware Update wizard.
Name:
Description:
Class Guid:
Manufacturer:
Service:
Problem: : The drivers for this device are not installed. (Code 28)
Resolution: To install the drivers for this device, click "Update Driver", which starts the Hardware Update wizard.
==================== Event log errors: ========================
Application errors:
==================
Error: (12/07/2024 02:37:54 PM) (Source: VSS) (EventID: 13) (User: )
Description: Informace služby Stínová kopie svazku: Server COM s identifikátorem CLSID {4e14fba2-2e22-11d1-9964-00c04fbbb345} a názvem CEventSystem nelze spustit. [0x8007045b, Probíhá vypnutí systému.]
Error: (12/06/2024 10:14:32 AM) (Source: SideBySide) (EventID: 33) (User: )
Description: Generování kontextu aktivace pro C:\Program Files (x86)\Zoner\Photo Studio 11\Program\Microsoft.VC80.MFC\MFC80U.DLL se nezdařilo.
Závislé sestavení Microsoft.VC80.MFCLOC,processorArchitecture="x86",publicKeyToken="1fc8b3b9a1e18e3b",type="win32",version="8.0.50608.0" nelze najít.
Podrobnější diagnostické údaje získáte pomocí programu sxstrace.exe.
Error: (12/06/2024 10:14:32 AM) (Source: SideBySide) (EventID: 33) (User: )
Description: Generování kontextu aktivace pro C:\Program Files (x86)\Zoner\Photo Studio 11\Program\Microsoft.VC80.MFC\MFC80U.DLL se nezdařilo.
Závislé sestavení Microsoft.VC80.MFCLOC,processorArchitecture="x86",publicKeyToken="1fc8b3b9a1e18e3b",type="win32",version="8.0.50608.0" nelze najít.
Podrobnější diagnostické údaje získáte pomocí programu sxstrace.exe.
Error: (12/06/2024 10:14:26 AM) (Source: SideBySide) (EventID: 33) (User: )
Description: Generování kontextu aktivace pro C:\Program Files (x86)\Zoner\Photo Studio 11\Program\Microsoft.VC80.MFC\MFC80U.DLL se nezdařilo.
Závislé sestavení Microsoft.VC80.MFCLOC,processorArchitecture="x86",publicKeyToken="1fc8b3b9a1e18e3b",type="win32",version="8.0.50608.0" nelze najít.
Podrobnější diagnostické údaje získáte pomocí programu sxstrace.exe.
Error: (12/06/2024 10:14:26 AM) (Source: SideBySide) (EventID: 33) (User: )
Description: Generování kontextu aktivace pro C:\Program Files (x86)\Zoner\Photo Studio 11\Program\Microsoft.VC80.MFC\MFC80U.DLL se nezdařilo.
Závislé sestavení Microsoft.VC80.MFCLOC,processorArchitecture="x86",publicKeyToken="1fc8b3b9a1e18e3b",type="win32",version="8.0.50608.0" nelze najít.
Podrobnější diagnostické údaje získáte pomocí programu sxstrace.exe.
Error: (11/30/2024 07:25:49 AM) (Source: Firefox Default Browser Agent) (EventID: 5) (User: )
Description: Event-ID 5
Error: (11/15/2024 05:27:16 PM) (Source: SideBySide) (EventID: 33) (User: )
Description: Generování kontextu aktivace pro C:\Program Files (x86)\Zoner\Photo Studio 11\Program\Microsoft.VC80.MFC\MFC80U.DLL se nezdařilo.
Závislé sestavení Microsoft.VC80.MFCLOC,processorArchitecture="x86",publicKeyToken="1fc8b3b9a1e18e3b",type="win32",version="8.0.50608.0" nelze najít.
Podrobnější diagnostické údaje získáte pomocí programu sxstrace.exe.
Error: (11/15/2024 05:27:16 PM) (Source: SideBySide) (EventID: 33) (User: )
Description: Generování kontextu aktivace pro C:\Program Files (x86)\Zoner\Photo Studio 11\Program\Microsoft.VC80.MFC\MFC80U.DLL se nezdařilo.
Závislé sestavení Microsoft.VC80.MFCLOC,processorArchitecture="x86",publicKeyToken="1fc8b3b9a1e18e3b",type="win32",version="8.0.50608.0" nelze najít.
Podrobnější diagnostické údaje získáte pomocí programu sxstrace.exe.
System errors:
=============
Error: (12/07/2024 02:40:20 PM) (Source: Service Control Manager) (EventID: 7000) (User: )
Description: Služba Služba Aktualizace Google (gupdate) neuspěla při spuštění v důsledku následující chyby:
Služba neodpověděla na řídicí nebo zahajovací požadavek dostatečně včas.
Error: (12/07/2024 02:40:20 PM) (Source: Service Control Manager) (EventID: 7009) (User: )
Description: Při čekání na připojení služby Služba Aktualizace Google (gupdate) bylo dosaženo časového limitu (30000 ms).
Error: (12/07/2024 02:33:08 PM) (Source: Service Control Manager) (EventID: 7034) (User: )
Description: Služba HP LaserJet Service byla neočekávaně ukončena. Tento stav nastal již 1krát.
Error: (12/07/2024 02:33:08 PM) (Source: Service Control Manager) (EventID: 7034) (User: )
Description: Služba Alps HID Monitor Service byla neočekávaně ukončena. Tento stav nastal již 1krát.
Error: (12/06/2024 08:53:52 AM) (Source: Microsoft-Windows-WindowsUpdateClient) (EventID: 20) (User: NT AUTHORITY)
Description: Instalace se nezdařila: Instalování následující aktualizace se nezdařilo z důvodu chyby (0x80073d02): 9NMPJ99VJBWV-Microsoft.YourPhone.
Error: (12/06/2024 08:20:38 AM) (Source: Microsoft-Windows-WindowsUpdateClient) (EventID: 20) (User: NT AUTHORITY)
Description: Instalace se nezdařila: Instalování následující aktualizace se nezdařilo z důvodu chyby (0x80073d02): 9NMPJ99VJBWV-Microsoft.YourPhone.
Error: (12/01/2024 07:29:14 AM) (Source: Service Control Manager) (EventID: 7000) (User: )
Description: Služba Služba Aktualizace Google (gupdate) neuspěla při spuštění v důsledku následující chyby:
Služba neodpověděla na řídicí nebo zahajovací požadavek dostatečně včas.
Error: (12/01/2024 07:29:14 AM) (Source: Service Control Manager) (EventID: 7009) (User: )
Description: Při čekání na připojení služby Služba Aktualizace Google (gupdate) bylo dosaženo časového limitu (30000 ms).
Windows Defender:
================
Date: 2024-12-07 08:57:30
Description:
Prohledávání Antivirová ochrana v programu Microsoft Defender bylo zastaveno před dokončením.
ID prohledávání: {79E2E025-6346-47A0-9B3D-A6E46B317BB8}
Typ prohledávání: Antimalwarový program
Parametry prohledávání: Rychlé prohledávání
Uživatel: NT AUTHORITY\SYSTEM
Date: 2024-12-06 08:53:20
Description:
Prohledávání Antivirová ochrana v programu Microsoft Defender bylo zastaveno před dokončením.
ID prohledávání: {CC816A28-5E68-469A-9811-A7CD8F81F9EC}
Typ prohledávání: Antimalwarový program
Parametry prohledávání: Rychlé prohledávání
Uživatel: NT AUTHORITY\SYSTEM
Date: 2024-11-30 08:51:06
Description:
Prohledávání Antivirová ochrana v programu Microsoft Defender bylo zastaveno před dokončením.
ID prohledávání: {E3698D32-2FDF-4171-824F-A4D4F2AC83CE}
Typ prohledávání: Antimalwarový program
Parametry prohledávání: Rychlé prohledávání
Uživatel: NT AUTHORITY\SYSTEM
Date: 2024-11-29 17:40:14
Description:
Prohledávání Antivirová ochrana v programu Microsoft Defender bylo zastaveno před dokončením.
ID prohledávání: {E9A5A3AF-F013-46A6-98FE-B72AB3E302E4}
Typ prohledávání: Antimalwarový program
Parametry prohledávání: Rychlé prohledávání
Uživatel: NT AUTHORITY\SYSTEM
Date: 2024-11-29 14:47:58
Description:
Prohledávání Antivirová ochrana v programu Microsoft Defender bylo zastaveno před dokončením.
ID prohledávání: {9164D885-E0DA-4A0D-9A37-7F2D04146AB2}
Typ prohledávání: Antimalwarový program
Parametry prohledávání: Rychlé prohledávání
Uživatel: NT AUTHORITY\SYSTEM
==================== Memory info ===========================
BIOS: Dell Inc. A13 11/17/2013
Motherboard: Dell Inc. 0R97MN
Processor: Intel(R) Core(TM) i5-2520M CPU @ 2.50GHz
Percentage of memory in use: 38%
Total physical RAM: 8073.01 MB
Available physical RAM: 4951.02 MB
Total Virtual: 10377.01 MB
Available Virtual: 7584.48 MB
==================== Drives ================================
Drive c: () (Fixed) (Total:222.98 GB) (Free:174.36 GB) (Model: ADATA SU650) NTFS
\\?\Volume{1d98aefa-0000-0000-0000-100000000000}\ (Rezervováno systémem) (Fixed) (Total:0.05 GB) (Free:0.02 GB) NTFS
\\?\Volume{1d98aefa-0000-0000-0000-30c237000000}\ () (Fixed) (Total:0.53 GB) (Free:0.08 GB) NTFS
==================== MBR & Partition Table ====================
==========================================================
Disk: 0 (MBR Code: Windows 7/8/10) (Size: 223.6 GB) (Disk ID: 1D98AEFA)
Partition 1: (Active) - (Size=50 MB) - (Type=07 NTFS)
Partition 2: (Not Active) - (Size=223 GB) - (Type=07 NTFS)
Partition 3: (Not Active) - (Size=547 MB) - (Type=27)
==================== End of Addition.txt =======================
-
Rudy
- Site Admin
- Příspěvky: 119315
- Registrován: 30 říj 2003 13:42
- Bydliště: Plzeň
- Kontaktovat uživatele:
Re: Troják?
Otevřte poznámkový blok a zkopírujte do něj:
Uložte do C:\Users\Tomáš\Downloads jako fixlist.txt. Spusťte znovu FRST a klikněte na >Fix<. Po skončení akce se objeví log, který sem zkopírujte.Start
CloseProcesses:
HKLM-x32\...\Run: [] => [X]
Task: {C6010DB2-44DC-4339-9A65-A1B1E1D03822} - System32\Tasks\GoogleSystem\GoogleUpdater\GoogleUpdaterTaskSystem132.0.6833.0{3BC142C6-6C32-4F73-BEC2-2C2063F59757} => C:\Program Files (x86)\Google\GoogleUpdater\132.0.6833.0\updater.exe [5591136 2024-11-11] (Google LLC -> Google LLC)
C:\DumpStack.log.tmp
CustomCLSID: HKU\S-1-5-21-3489919597-1578466563-2200197977-1001_Classes\CLSID\{1108FD1C-492F-4251-B9DB-77F0274267B2}\InprocServer32 -> C:\Users\Tomáš\AppData\Local\Microsoft\EdgeUpdate\1.3.187.37\psuser_64.dll => No File
ustomCLSID: HKU\S-1-5-21-3489919597-1578466563-2200197977-1001_Classes\CLSID\{5FC44EBC-3A1F-4FBB-85E5-34405788C8D7}\InprocServer32 -> C:\Users\Tomáš\AppData\Local\Microsoft\EdgeUpdate\1.3.187.41\psuser_64.dll => No File
CustomCLSID: HKU\S-1-5-21-3489919597-1578466563-2200197977-1001_Classes\CLSID\{6DD6748E-7DAE-47EF-B4D5-03AA1B06D697}\InprocServer32 -> C:\Users\Tomáš\AppData\Local\Microsoft\EdgeUpdate\1.3.187.39\psuser_64.dll => No File
CustomCLSID: HKU\S-1-5-21-3489919597-1578466563-2200197977-1001_Classes\CLSID\{78C1ADF4-6DAE-4164-AEFA-4E3EAD9E750A}\InprocServer32 -> C:\Users\Tomáš\AppData\Local\Microsoft\EdgeUpdate\1.3.195.19\psuser_64.dll => No File
CustomCLSID: HKU\S-1-5-21-3489919597-1578466563-2200197977-1001_Classes\CLSID\{83F21C4B-8643-4A08-A29A-822AFD835037}\InprocServer32 -> C:\Users\Tomáš\AppData\Local\Microsoft\EdgeUpdate\1.3.193.5\psuser_64.dll => No File
CustomCLSID: HKU\S-1-5-21-3489919597-1578466563-2200197977-1001_Classes\CLSID\{A087E49F-1F8E-4603-A200-55537B737421}\InprocServer32 -> C:\Users\Tomáš\AppData\Local\Microsoft\EdgeUpdate\1.3.195.25\psuser_64.dll => No File
CustomCLSID: HKU\S-1-5-21-3489919597-1578466563-2200197977-1001_Classes\CLSID\{B258532D-3529-4BEB-BF38-F08F98B3968C}\InprocServer32 -> C:\Users\Tomáš\AppData\Local\Microsoft\EdgeUpdate\1.3.195.15\psuser_64.dll => No File
CustomCLSID: HKU\S-1-5-21-3489919597-1578466563-2200197977-1001_Classes\CLSID\{BC4C72EF-3055-4A6D-86E1-AE4D24DB63CA}\InprocServer32 -> C:\Users\Tomáš\AppData\Local\Microsoft\EdgeUpdate\1.3.195.35\psuser_64.dll => No File
CustomCLSID: HKU\S-1-5-21-3489919597-1578466563-2200197977-1001_Classes\CLSID\{DAA7499A-B3AC-4419-A89B-124318504051}\InprocServer32 -> C:\Users\Tomáš\AppData\Local\Microsoft\EdgeUpdate\1.3.185.29\psuser_64.dll => No File
EmptyTemp:
End
Dotazy a logy vkládejte pouze do vašich threadů. Soukromé zprávy, icq a e-maily neslouží k řešení vašich problémů.
Podpořte, prosím, naše fórum : https://platba.viry.cz/payment/.
Navštivte:
e-mail: rudy(zavináč)forum.viry.cz
Varování: Před odvirováním PC si udělejte zálohy svých důležitých dat (pošta, kontakty, dokumenty, fotografie, videa, hudba apod.). Virus mimo svých "viditelných" aktivit může poškodit systém!
Po dořešení vašeho problému bude vlákno zamknuto. Stejně tak tehdy, pokud bude nečinné více než 14dnů. Pokud budete chtít vlákno aktivovat, napište mi na mail uvedený výše.
Podpořte, prosím, naše fórum : https://platba.viry.cz/payment/.
Navštivte:
e-mail: rudy(zavináč)forum.viry.cz
Varování: Před odvirováním PC si udělejte zálohy svých důležitých dat (pošta, kontakty, dokumenty, fotografie, videa, hudba apod.). Virus mimo svých "viditelných" aktivit může poškodit systém!
Po dořešení vašeho problému bude vlákno zamknuto. Stejně tak tehdy, pokud bude nečinné více než 14dnů. Pokud budete chtít vlákno aktivovat, napište mi na mail uvedený výše.
-
Thomas
- Návštěvník
- Příspěvky: 251
- Registrován: 07 dub 2005 20:02
- Bydliště: Hradec Králové
- Kontaktovat uživatele:
Re: Troják?
Fix result of Farbar Recovery Scan Tool (x64) Version: 06-12-2024
Ran by Tomáš (07-12-2024 16:06:39) Run:1
Running from C:\Users\Tomáš\Downloads
Loaded Profiles: Tomáš
Boot Mode: Normal
==============================================
fixlist content:
*****************
Start
CloseProcesses:
HKLM-x32\...\Run: [] => [X]
Task: {C6010DB2-44DC-4339-9A65-A1B1E1D03822} - System32\Tasks\GoogleSystem\GoogleUpdater\GoogleUpdaterTaskSystem132.0.6833.0{3BC142C6-6C32-4F73-BEC2-2C2063F59757} => C:\Program Files (x86)\Google\GoogleUpdater\132.0.6833.0\updater.exe [5591136 2024-11-11] (Google LLC -> Google LLC)
C:\DumpStack.log.tmp
CustomCLSID: HKU\S-1-5-21-3489919597-1578466563-2200197977-1001_Classes\CLSID\{1108FD1C-492F-4251-B9DB-77F0274267B2}\InprocServer32 -> C:\Users\Tomáš\AppData\Local\Microsoft\EdgeUpdate\1.3.187.37\psuser_64.dll => No File
ustomCLSID: HKU\S-1-5-21-3489919597-1578466563-2200197977-1001_Classes\CLSID\{5FC44EBC-3A1F-4FBB-85E5-34405788C8D7}\InprocServer32 -> C:\Users\Tomáš\AppData\Local\Microsoft\EdgeUpdate\1.3.187.41\psuser_64.dll => No File
CustomCLSID: HKU\S-1-5-21-3489919597-1578466563-2200197977-1001_Classes\CLSID\{6DD6748E-7DAE-47EF-B4D5-03AA1B06D697}\InprocServer32 -> C:\Users\Tomáš\AppData\Local\Microsoft\EdgeUpdate\1.3.187.39\psuser_64.dll => No File
CustomCLSID: HKU\S-1-5-21-3489919597-1578466563-2200197977-1001_Classes\CLSID\{78C1ADF4-6DAE-4164-AEFA-4E3EAD9E750A}\InprocServer32 -> C:\Users\Tomáš\AppData\Local\Microsoft\EdgeUpdate\1.3.195.19\psuser_64.dll => No File
CustomCLSID: HKU\S-1-5-21-3489919597-1578466563-2200197977-1001_Classes\CLSID\{83F21C4B-8643-4A08-A29A-822AFD835037}\InprocServer32 -> C:\Users\Tomáš\AppData\Local\Microsoft\EdgeUpdate\1.3.193.5\psuser_64.dll => No File
CustomCLSID: HKU\S-1-5-21-3489919597-1578466563-2200197977-1001_Classes\CLSID\{A087E49F-1F8E-4603-A200-55537B737421}\InprocServer32 -> C:\Users\Tomáš\AppData\Local\Microsoft\EdgeUpdate\1.3.195.25\psuser_64.dll => No File
CustomCLSID: HKU\S-1-5-21-3489919597-1578466563-2200197977-1001_Classes\CLSID\{B258532D-3529-4BEB-BF38-F08F98B3968C}\InprocServer32 -> C:\Users\Tomáš\AppData\Local\Microsoft\EdgeUpdate\1.3.195.15\psuser_64.dll => No File
CustomCLSID: HKU\S-1-5-21-3489919597-1578466563-2200197977-1001_Classes\CLSID\{BC4C72EF-3055-4A6D-86E1-AE4D24DB63CA}\InprocServer32 -> C:\Users\Tomáš\AppData\Local\Microsoft\EdgeUpdate\1.3.195.35\psuser_64.dll => No File
CustomCLSID: HKU\S-1-5-21-3489919597-1578466563-2200197977-1001_Classes\CLSID\{DAA7499A-B3AC-4419-A89B-124318504051}\InprocServer32 -> C:\Users\Tomáš\AppData\Local\Microsoft\EdgeUpdate\1.3.185.29\psuser_64.dll => No File
EmptyTemp:
End
*****************
Processes closed successfully.
"HKLM\Software\WOW6432Node\Microsoft\Windows\CurrentVersion\Run\\" => removed successfully
"HKLM\Software\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Logon\{C6010DB2-44DC-4339-9A65-A1B1E1D03822}" => removed successfully
"HKLM\Software\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tasks\{C6010DB2-44DC-4339-9A65-A1B1E1D03822}" => removed successfully
C:\Windows\System32\Tasks\GoogleSystem\GoogleUpdater\GoogleUpdaterTaskSystem132.0.6833.0{3BC142C6-6C32-4F73-BEC2-2C2063F59757} => moved successfully
"HKLM\Software\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tree\GoogleSystem\GoogleUpdater\GoogleUpdaterTaskSystem132.0.6833.0{3BC142C6-6C32-4F73-BEC2-2C2063F59757}" => removed successfully
Could not move "C:\DumpStack.log.tmp" => Scheduled to move on reboot.
HKU\S-1-5-21-3489919597-1578466563-2200197977-1001_Classes\CLSID\{1108FD1C-492F-4251-B9DB-77F0274267B2} => removed successfully
ustomCLSID: HKU\S-1-5-21-3489919597-1578466563-2200197977-1001_Classes\CLSID\{5FC44EBC-3A1F-4FBB-85E5-34405788C8D7}\InprocServer32 -> C:\Users\Tomáš\AppData\Local\Microsoft\EdgeUpdate\1.3.187.41\psuser_64.dll => No File => Error: No automatic fix found for this entry.
HKU\S-1-5-21-3489919597-1578466563-2200197977-1001_Classes\CLSID\{6DD6748E-7DAE-47EF-B4D5-03AA1B06D697} => removed successfully
HKU\S-1-5-21-3489919597-1578466563-2200197977-1001_Classes\CLSID\{78C1ADF4-6DAE-4164-AEFA-4E3EAD9E750A} => removed successfully
HKU\S-1-5-21-3489919597-1578466563-2200197977-1001_Classes\CLSID\{83F21C4B-8643-4A08-A29A-822AFD835037} => removed successfully
HKU\S-1-5-21-3489919597-1578466563-2200197977-1001_Classes\CLSID\{A087E49F-1F8E-4603-A200-55537B737421} => removed successfully
HKU\S-1-5-21-3489919597-1578466563-2200197977-1001_Classes\CLSID\{B258532D-3529-4BEB-BF38-F08F98B3968C} => removed successfully
HKU\S-1-5-21-3489919597-1578466563-2200197977-1001_Classes\CLSID\{BC4C72EF-3055-4A6D-86E1-AE4D24DB63CA} => removed successfully
HKU\S-1-5-21-3489919597-1578466563-2200197977-1001_Classes\CLSID\{DAA7499A-B3AC-4419-A89B-124318504051} => removed successfully
=========== EmptyTemp: ==========
FlushDNS => completed
BITS transfer queue => 1310720 B
DOMStore, IE Recovery, AppCache, Feeds Cache, Thumbcache, IconCache => 63403759 B
Java, Discord, Steam htmlcache, WinHttpAutoProxySvc/winhttp *.cache => 0 B
Windows/system/drivers => 423611 B
Edge => 0 B
Chrome => 3998432 B
Firefox => 1866856891 B
Opera => 0 B
Temp, IE cache, history, cookies, recent:
Default => 0 B
ProgramData => 0 B
Public => 0 B
systemprofile => 0 B
systemprofile32 => 0 B
LocalService => 1536942 B
NetworkService => 1573128 B
Tomáš => 1083765984 B
RecycleBin => 2255733731 B
EmptyTemp: => 4.9 GB temporary data Removed.
================================
Result of scheduled files to move (Boot Mode: Normal) (Date&Time: 07-12-2024 16:12:01)
C:\DumpStack.log.tmp => Could not move
==== End of Fixlog 16:12:01 ====
Ran by Tomáš (07-12-2024 16:06:39) Run:1
Running from C:\Users\Tomáš\Downloads
Loaded Profiles: Tomáš
Boot Mode: Normal
==============================================
fixlist content:
*****************
Start
CloseProcesses:
HKLM-x32\...\Run: [] => [X]
Task: {C6010DB2-44DC-4339-9A65-A1B1E1D03822} - System32\Tasks\GoogleSystem\GoogleUpdater\GoogleUpdaterTaskSystem132.0.6833.0{3BC142C6-6C32-4F73-BEC2-2C2063F59757} => C:\Program Files (x86)\Google\GoogleUpdater\132.0.6833.0\updater.exe [5591136 2024-11-11] (Google LLC -> Google LLC)
C:\DumpStack.log.tmp
CustomCLSID: HKU\S-1-5-21-3489919597-1578466563-2200197977-1001_Classes\CLSID\{1108FD1C-492F-4251-B9DB-77F0274267B2}\InprocServer32 -> C:\Users\Tomáš\AppData\Local\Microsoft\EdgeUpdate\1.3.187.37\psuser_64.dll => No File
ustomCLSID: HKU\S-1-5-21-3489919597-1578466563-2200197977-1001_Classes\CLSID\{5FC44EBC-3A1F-4FBB-85E5-34405788C8D7}\InprocServer32 -> C:\Users\Tomáš\AppData\Local\Microsoft\EdgeUpdate\1.3.187.41\psuser_64.dll => No File
CustomCLSID: HKU\S-1-5-21-3489919597-1578466563-2200197977-1001_Classes\CLSID\{6DD6748E-7DAE-47EF-B4D5-03AA1B06D697}\InprocServer32 -> C:\Users\Tomáš\AppData\Local\Microsoft\EdgeUpdate\1.3.187.39\psuser_64.dll => No File
CustomCLSID: HKU\S-1-5-21-3489919597-1578466563-2200197977-1001_Classes\CLSID\{78C1ADF4-6DAE-4164-AEFA-4E3EAD9E750A}\InprocServer32 -> C:\Users\Tomáš\AppData\Local\Microsoft\EdgeUpdate\1.3.195.19\psuser_64.dll => No File
CustomCLSID: HKU\S-1-5-21-3489919597-1578466563-2200197977-1001_Classes\CLSID\{83F21C4B-8643-4A08-A29A-822AFD835037}\InprocServer32 -> C:\Users\Tomáš\AppData\Local\Microsoft\EdgeUpdate\1.3.193.5\psuser_64.dll => No File
CustomCLSID: HKU\S-1-5-21-3489919597-1578466563-2200197977-1001_Classes\CLSID\{A087E49F-1F8E-4603-A200-55537B737421}\InprocServer32 -> C:\Users\Tomáš\AppData\Local\Microsoft\EdgeUpdate\1.3.195.25\psuser_64.dll => No File
CustomCLSID: HKU\S-1-5-21-3489919597-1578466563-2200197977-1001_Classes\CLSID\{B258532D-3529-4BEB-BF38-F08F98B3968C}\InprocServer32 -> C:\Users\Tomáš\AppData\Local\Microsoft\EdgeUpdate\1.3.195.15\psuser_64.dll => No File
CustomCLSID: HKU\S-1-5-21-3489919597-1578466563-2200197977-1001_Classes\CLSID\{BC4C72EF-3055-4A6D-86E1-AE4D24DB63CA}\InprocServer32 -> C:\Users\Tomáš\AppData\Local\Microsoft\EdgeUpdate\1.3.195.35\psuser_64.dll => No File
CustomCLSID: HKU\S-1-5-21-3489919597-1578466563-2200197977-1001_Classes\CLSID\{DAA7499A-B3AC-4419-A89B-124318504051}\InprocServer32 -> C:\Users\Tomáš\AppData\Local\Microsoft\EdgeUpdate\1.3.185.29\psuser_64.dll => No File
EmptyTemp:
End
*****************
Processes closed successfully.
"HKLM\Software\WOW6432Node\Microsoft\Windows\CurrentVersion\Run\\" => removed successfully
"HKLM\Software\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Logon\{C6010DB2-44DC-4339-9A65-A1B1E1D03822}" => removed successfully
"HKLM\Software\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tasks\{C6010DB2-44DC-4339-9A65-A1B1E1D03822}" => removed successfully
C:\Windows\System32\Tasks\GoogleSystem\GoogleUpdater\GoogleUpdaterTaskSystem132.0.6833.0{3BC142C6-6C32-4F73-BEC2-2C2063F59757} => moved successfully
"HKLM\Software\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tree\GoogleSystem\GoogleUpdater\GoogleUpdaterTaskSystem132.0.6833.0{3BC142C6-6C32-4F73-BEC2-2C2063F59757}" => removed successfully
Could not move "C:\DumpStack.log.tmp" => Scheduled to move on reboot.
HKU\S-1-5-21-3489919597-1578466563-2200197977-1001_Classes\CLSID\{1108FD1C-492F-4251-B9DB-77F0274267B2} => removed successfully
ustomCLSID: HKU\S-1-5-21-3489919597-1578466563-2200197977-1001_Classes\CLSID\{5FC44EBC-3A1F-4FBB-85E5-34405788C8D7}\InprocServer32 -> C:\Users\Tomáš\AppData\Local\Microsoft\EdgeUpdate\1.3.187.41\psuser_64.dll => No File => Error: No automatic fix found for this entry.
HKU\S-1-5-21-3489919597-1578466563-2200197977-1001_Classes\CLSID\{6DD6748E-7DAE-47EF-B4D5-03AA1B06D697} => removed successfully
HKU\S-1-5-21-3489919597-1578466563-2200197977-1001_Classes\CLSID\{78C1ADF4-6DAE-4164-AEFA-4E3EAD9E750A} => removed successfully
HKU\S-1-5-21-3489919597-1578466563-2200197977-1001_Classes\CLSID\{83F21C4B-8643-4A08-A29A-822AFD835037} => removed successfully
HKU\S-1-5-21-3489919597-1578466563-2200197977-1001_Classes\CLSID\{A087E49F-1F8E-4603-A200-55537B737421} => removed successfully
HKU\S-1-5-21-3489919597-1578466563-2200197977-1001_Classes\CLSID\{B258532D-3529-4BEB-BF38-F08F98B3968C} => removed successfully
HKU\S-1-5-21-3489919597-1578466563-2200197977-1001_Classes\CLSID\{BC4C72EF-3055-4A6D-86E1-AE4D24DB63CA} => removed successfully
HKU\S-1-5-21-3489919597-1578466563-2200197977-1001_Classes\CLSID\{DAA7499A-B3AC-4419-A89B-124318504051} => removed successfully
=========== EmptyTemp: ==========
FlushDNS => completed
BITS transfer queue => 1310720 B
DOMStore, IE Recovery, AppCache, Feeds Cache, Thumbcache, IconCache => 63403759 B
Java, Discord, Steam htmlcache, WinHttpAutoProxySvc/winhttp *.cache => 0 B
Windows/system/drivers => 423611 B
Edge => 0 B
Chrome => 3998432 B
Firefox => 1866856891 B
Opera => 0 B
Temp, IE cache, history, cookies, recent:
Default => 0 B
ProgramData => 0 B
Public => 0 B
systemprofile => 0 B
systemprofile32 => 0 B
LocalService => 1536942 B
NetworkService => 1573128 B
Tomáš => 1083765984 B
RecycleBin => 2255733731 B
EmptyTemp: => 4.9 GB temporary data Removed.
================================
Result of scheduled files to move (Boot Mode: Normal) (Date&Time: 07-12-2024 16:12:01)
C:\DumpStack.log.tmp => Could not move
==== End of Fixlog 16:12:01 ====
-
Rudy
- Site Admin
- Příspěvky: 119315
- Registrován: 30 říj 2003 13:42
- Bydliště: Plzeň
- Kontaktovat uživatele:
Re: Troják?
Smazáno. Hláška zmizela, nebo přetrvává?
Dotazy a logy vkládejte pouze do vašich threadů. Soukromé zprávy, icq a e-maily neslouží k řešení vašich problémů.
Podpořte, prosím, naše fórum : https://platba.viry.cz/payment/.
Navštivte:
e-mail: rudy(zavináč)forum.viry.cz
Varování: Před odvirováním PC si udělejte zálohy svých důležitých dat (pošta, kontakty, dokumenty, fotografie, videa, hudba apod.). Virus mimo svých "viditelných" aktivit může poškodit systém!
Po dořešení vašeho problému bude vlákno zamknuto. Stejně tak tehdy, pokud bude nečinné více než 14dnů. Pokud budete chtít vlákno aktivovat, napište mi na mail uvedený výše.
Podpořte, prosím, naše fórum : https://platba.viry.cz/payment/.
Navštivte:
e-mail: rudy(zavináč)forum.viry.cz
Varování: Před odvirováním PC si udělejte zálohy svých důležitých dat (pošta, kontakty, dokumenty, fotografie, videa, hudba apod.). Virus mimo svých "viditelných" aktivit může poškodit systém!
Po dořešení vašeho problému bude vlákno zamknuto. Stejně tak tehdy, pokud bude nečinné více než 14dnů. Pokud budete chtít vlákno aktivovat, napište mi na mail uvedený výše.
-
Thomas
- Návštěvník
- Příspěvky: 251
- Registrován: 07 dub 2005 20:02
- Bydliště: Hradec Králové
- Kontaktovat uživatele:
Re: Troják?
Zmizela, díky Rudy posílám na účet pajdu 
-
Rudy
- Site Admin
- Příspěvky: 119315
- Registrován: 30 říj 2003 13:42
- Bydliště: Plzeň
- Kontaktovat uživatele:
Re: Troják?
Tak to jsem rád. A za příspěvek děkujeme! 
Dotazy a logy vkládejte pouze do vašich threadů. Soukromé zprávy, icq a e-maily neslouží k řešení vašich problémů.
Podpořte, prosím, naše fórum : https://platba.viry.cz/payment/.
Navštivte:
e-mail: rudy(zavináč)forum.viry.cz
Varování: Před odvirováním PC si udělejte zálohy svých důležitých dat (pošta, kontakty, dokumenty, fotografie, videa, hudba apod.). Virus mimo svých "viditelných" aktivit může poškodit systém!
Po dořešení vašeho problému bude vlákno zamknuto. Stejně tak tehdy, pokud bude nečinné více než 14dnů. Pokud budete chtít vlákno aktivovat, napište mi na mail uvedený výše.
Podpořte, prosím, naše fórum : https://platba.viry.cz/payment/.
Navštivte:
e-mail: rudy(zavináč)forum.viry.cz
Varování: Před odvirováním PC si udělejte zálohy svých důležitých dat (pošta, kontakty, dokumenty, fotografie, videa, hudba apod.). Virus mimo svých "viditelných" aktivit může poškodit systém!
Po dořešení vašeho problému bude vlákno zamknuto. Stejně tak tehdy, pokud bude nečinné více než 14dnů. Pokud budete chtít vlákno aktivovat, napište mi na mail uvedený výše.
Přispějete na provoz fóra?