Neustále dochází k pokusům o nabourání se do účtu na seznamu. Děkuji
Additional scan result of Farbar Recovery Scan Tool (x64) Version: 14-03-2025
Ran by Adriana (14-03-2025 12:30:18)
Running from C:\Users\Adriana\Downloads
Microsoft Windows 11 Home Version 23H2 22631.4890 (X64) (2024-11-12 19:27:44)
Boot Mode: Normal
==========================================================
==================== Accounts: =============================
(If an entry is included in the fixlist, it will be removed.)
Administrator (S-1-5-21-1311674592-3799105159-958900802-500 - Administrator - Disabled)
Adriana (S-1-5-21-1311674592-3799105159-958900802-1001 - Administrator - Enabled) => C:\Users\Adriana
DefaultAccount (S-1-5-21-1311674592-3799105159-958900802-503 - Limited - Disabled)
Guest (S-1-5-21-1311674592-3799105159-958900802-501 - Limited - Disabled)
WDAGUtilityAccount (S-1-5-21-1311674592-3799105159-958900802-504 - Limited - Disabled)
==================== Security Center ========================
(If an entry is included in the fixlist, it will be removed.)
AV: Bitdefender Antivirus (Enabled - Out of date) {0F59B032-EA77-E3A8-2382-74A4346E5522}
AV: Windows Defender (Disabled - Up to date) {D68DDC3A-831F-4fae-9E44-DA132C1ACF46}
==================== Installed Programs ======================
(Only the adware programs with "Hidden" flag could be added to the fixlist to unhide them. The adware programs should be uninstalled manually.)
Adobe Acrobat (64-bit) (HKLM\...\{AC76BA86-1029-1033-7760-BC15014EA700}) (Version: 24.005.20399 - Adobe)
Adobe Refresh Manager (HKLM-x32\...\{AC76BA86-0804-1033-1959-018244601108}) (Version: 1.8.0 - Adobe Systems Incorporated) Hidden
Altap Salamander 3.07 (x64) (HKLM\...\Altap Salamander 3.07 (x64)) (Version: 3.07 - ALTAP)
Bitdefender Agent (HKLM\...\Bitdefender Agent) (Version: 27.1.1.11 - Bitdefender)
Bitdefender Antivirus Free (HKLM\...\Bitdefender) (Version: 26.0.32.109 - Bitdefender)
Bonjour (HKLM\...\{6E3610B2-430D-4EB0-81E3-2B57E8B9DE8D}) (Version: 3.0.0.10 - Apple Inc.)
CCleaner (HKLM\...\CCleaner) (Version: 6.33 - Piriform)
Energy Star (HKLM\...\{5CB22648-35F8-41BC-9C35-1E41FE6E12A5}) (Version: 1.1.1 - HP Inc.)
FastStone Image Viewer 7.0 (HKLM-x32\...\FastStone Image Viewer) (Version: 7.0 - FastStone Soft)
Google Chrome (HKLM-x32\...\Google Chrome) (Version: 134.0.6998.89 - Google LLC)
HP Audio Switch (HKLM-x32\...\{3A5141D4-47DB-4302-9B1C-272BE585BC8A}) (Version: 1.0.179.0 - HP Inc.)
HP Connection Optimizer (HKLM-x32\...\{6468C4A5-E47E-405F-B675-A70A70983EA6}) (Version: 2.0.15.0 - HP Inc.)
HP Customer Experience Enhancements (HKLM-x32\...\{9720A595-3D2D-440E-9523-0B6F970745DD}) (Version: 6.0.11.1 - HP Inc.) Hidden
HP Documentation (HKLM\...\HP_Documentation) (Version: 1.0.0.1 - HP Inc.)
HP ePrint SW (HKLM\...\{16311D0B-D57C-46F8-AE64-9D4D44227271}) (Version: 5.5.22560 - HP Inc.) Hidden
HP ePrint SW (HKLM\...\{4C246A91-6BAE-450E-BDEA-70D01663DF43}) (Version: 5.5.22560 - HP Inc.) Hidden
HP ePrint SW (HKLM\...\{78525DEA-1E62-429B-9CA4-A78F899A9F29}) (Version: 5.5.22560 - HP Inc.) Hidden
HP ePrint SW (HKLM\...\{B2CFD444-5088-4ECC-A1F1-28620C082C36}) (Version: 5.5.22560 - HP Inc.) Hidden
HP ePrint SW (HKLM-x32\...\{3D00C669-D447-4A04-AFDA-25E9E76E7873}) (Version: 5.5.22560 - HP Inc.) Hidden
HP ePrint SW (HKLM-x32\...\{59649835-21FD-4523-9AB0-9E67ED77F0CA}) (Version: 5.5.22560 - HP Inc.) Hidden
HP ePrint SW (HKLM-x32\...\{cdb5f70f-5107-4613-bf69-15de903b5b5d}) (Version: 5.5.22560 - HP Inc.)
HP JumpStart Bridge (HKLM-x32\...\{3FC961DB-BD36-4D8D-B276-0C456A2BB638}) (Version: 1.4.0.441 - HP Inc.)
HP JumpStart Launch (HKLM-x32\...\{F213102E-FD30-4E22-AF73-4C682D65FFEE}) (Version: 1.4.441.0 - HP Inc.)
HP Recovery Manager (HKLM-x32\...\{64BAA990-F1FC-4145-A7B1-E41FBBC9DA47}) (Version: 1.2.1511 - HP) Hidden
HP Registration Service (HKLM-x32\...\{4E097B06-83A0-4CDD-A9DB-22F0744FE16A}) (Version: 1.0.0.43 - HP Inc.) Hidden
HP Support Assistant (HKLM-x32\...\{4AAC4B07-77EF-4BCF-88DC-D24E4DE683E8}) (Version: 8.5.37.19 - HP Inc.)
HP Support Solutions Framework (HKLM-x32\...\{4E100CB6-9312-48BC-9DC0-4F4D5C338449}) (Version: 12.8.37.11 - HP Inc.)
HP System Event Utility (HKLM-x32\...\{5D308D1F-E37B-431A-8D35-67D16287467D}) (Version: 1.4.28 - HP Inc.)
Intel(R) Dynamic Platform and Thermal Framework (HKLM-x32\...\{654EE65D-FAA4-4EA6-8C07-DC94E6A304D4}) (Version: 8.3.10208.5644 - Intel Corporation)
Intel(R) Chipset Device Software (HKLM\...\{C3F938DB-732F-4A2B-BB44-42233484D098}) (Version: 10.1.17479.8054 - Intel Corporation) Hidden
Intel(R) Serial IO (HKLM\...\{36B07318-86ED-4AAA-9F43-DB0648064E84}) (Version: 30.100.1726.2 - Intel Corporation) Hidden
Intel(R) Serial IO (HKLM\...\{9FD91C5C-44AE-4D9D-85BE-AE52816B0294}) (Version: 30.100.1726.2 - Intel Corporation)
Intel(R) Trusted Connect Service Client x64 (HKLM\...\{C9552825-7BF2-4344-BA91-D3CD46F4C442}) (Version: 1.48.197.0 - Intel Corporation) Hidden
Intel(R) Trusted Connect Service Client x86 (HKLM-x32\...\{C9552825-7BF2-4344-BA91-D3CD46F4C441}) (Version: 1.48.197.0 - Intel Corporation) Hidden
Intel(R) Trusted Connect Services Client (HKLM-x32\...\{66129f84-d3f0-4884-ac54-369ae6fc2cf6}) (Version: 1.48.197.0 - Intel Corporation) Hidden
Intel(R) Trusted Execution Engine (HKLM\...\{176E2755-0A17-42C6-88E2-192AB2131278}) (Version: 1804.4.0.1224 - Intel Corporation)
Intel(R) Trusted Execution Engine (HKLM\...\{20FD7803-DC09-43DF-BAA8-A09D653F2746}) (Version: 1.1.1.1 - Intel Corporation) Hidden
Intel(R) Trusted Execution Engine (HKLM\...\{3D1DAB00-E679-48C2-9776-37E8E813E2EF}) (Version: 1.0.0.0 - Intel Corporation) Hidden
Intel(R) Trusted Execution Engine Driver (HKLM\...\{9035C50C-2743-4D74-BA07-E5EDB1BF3180}) (Version: 1.0.0.0 - Intel Corporation) Hidden
Intel(R) TXE Storage Proxy Driver (HKLM\...\{31436E42-F7F2-4D57-B9CA-609B50714B4F}) (Version: 1.0.0.0 - Intel Corporation) Hidden
Intel® Chipset Device Software (HKLM-x32\...\{9154f79b-8fb8-46ef-b7a6-95f136391303}) (Version: 10.1.17479.8054 - Intel(R) Corporation) Hidden
KMPlayer (HKLM-x32\...\The KMPlayer) (Version: 4.2.2.24 - PandoraTV)
Kontrola stavu osobního počítače s Windows (HKLM\...\{D1F15F7A-707A-42BD-BE6B-3380616F796D}) (Version: 3.6.2204.08001 - Microsoft Corporation)
Microsoft Edge (HKLM-x32\...\Microsoft Edge) (Version: 134.0.3124.66 - Microsoft Corporation)
Microsoft Edge WebView2 Runtime (HKLM-x32\...\Microsoft EdgeWebView) (Version: 133.0.3065.92 - Microsoft Corporation) Hidden
Microsoft Office Access MUI (Czech) 2010 (HKLM-x32\...\{90140000-0015-0405-0000-0000000FF1CE}) (Version: 14.0.4763.1011 - Microsoft Corporation) Hidden
Microsoft Office Excel MUI (Czech) 2010 (HKLM-x32\...\{90140000-0016-0405-0000-0000000FF1CE}) (Version: 14.0.4763.1011 - Microsoft Corporation) Hidden
Microsoft Office Groove MUI (Czech) 2010 (HKLM-x32\...\{90140000-00BA-0405-0000-0000000FF1CE}) (Version: 14.0.4763.1011 - Microsoft Corporation) Hidden
Microsoft Office InfoPath MUI (Czech) 2010 (HKLM-x32\...\{90140000-0044-0405-0000-0000000FF1CE}) (Version: 14.0.4763.1011 - Microsoft Corporation) Hidden
Microsoft Office Office 64-bit Components 2010 (HKLM\...\{90140000-002A-0000-1000-0000000FF1CE}) (Version: 14.0.4763.1000 - Microsoft Corporation) Hidden
Microsoft Office OneNote MUI (Czech) 2010 (HKLM-x32\...\{90140000-00A1-0405-0000-0000000FF1CE}) (Version: 14.0.4763.1011 - Microsoft Corporation) Hidden
Microsoft Office Outlook MUI (Czech) 2010 (HKLM-x32\...\{90140000-001A-0405-0000-0000000FF1CE}) (Version: 14.0.4763.1011 - Microsoft Corporation) Hidden
Microsoft Office PowerPoint MUI (Czech) 2010 (HKLM-x32\...\{90140000-0018-0405-0000-0000000FF1CE}) (Version: 14.0.4763.1011 - Microsoft Corporation) Hidden
Microsoft Office Professional Plus 2010 (HKLM-x32\...\{90140000-0011-0000-0000-0000000FF1CE}) (Version: 14.0.4763.1000 - Microsoft Corporation) Hidden
Microsoft Office Professional Plus 2010 (HKLM-x32\...\Office14.PROPLUS) (Version: 14.0.4763.1000 - Microsoft Corporation)
Microsoft Office Proof (Czech) 2010 (HKLM-x32\...\{90140000-001F-0405-0000-0000000FF1CE}) (Version: 14.0.4763.1011 - Microsoft Corporation) Hidden
Microsoft Office Proof (English) 2010 (HKLM-x32\...\{90140000-001F-0409-0000-0000000FF1CE}) (Version: 14.0.4763.1000 - Microsoft Corporation) Hidden
Microsoft Office Proof (German) 2010 (HKLM-x32\...\{90140000-001F-0407-0000-0000000FF1CE}) (Version: 14.0.4763.1000 - Microsoft Corporation) Hidden
Microsoft Office Proof (Slovak) 2010 (HKLM-x32\...\{90140000-001F-041B-0000-0000000FF1CE}) (Version: 14.0.4763.1011 - Microsoft Corporation) Hidden
Microsoft Office Proofing (Czech) 2010 (HKLM-x32\...\{90140000-002C-0405-0000-0000000FF1CE}) (Version: 14.0.4763.1011 - Microsoft Corporation) Hidden
Microsoft Office Publisher MUI (Czech) 2010 (HKLM-x32\...\{90140000-0019-0405-0000-0000000FF1CE}) (Version: 14.0.4763.1011 - Microsoft Corporation) Hidden
Microsoft Office Shared 64-bit MUI (Czech) 2010 (HKLM\...\{90140000-002A-0405-1000-0000000FF1CE}) (Version: 14.0.4763.1011 - Microsoft Corporation) Hidden
Microsoft Office Shared MUI (Czech) 2010 (HKLM-x32\...\{90140000-006E-0405-0000-0000000FF1CE}) (Version: 14.0.4763.1011 - Microsoft Corporation) Hidden
Microsoft Office Word MUI (Czech) 2010 (HKLM-x32\...\{90140000-001B-0405-0000-0000000FF1CE}) (Version: 14.0.4763.1011 - Microsoft Corporation) Hidden
Microsoft OneDrive (HKU\S-1-5-21-1311674592-3799105159-958900802-1001\...\OneDriveSetup.exe) (Version: 25.020.0202.0001 - Microsoft Corporation)
Microsoft Update Health Tools (HKLM\...\{C6FD611E-7EFE-488C-A0E0-974C09EF6473}) (Version: 5.72.0.0 - Microsoft Corporation)
Microsoft VC++ redistributables repacked. (HKLM\...\{4ACCFDCF-0A88-4CE5-B194-B0C2FDB6FA7C}) (Version: 12.0.0.0 - Intel Corporation) Hidden
Microsoft VC++ redistributables repacked. (HKLM-x32\...\{CD325DFA-2712-49D4-9FE0-DC290CEFE3EC}) (Version: 12.0.0.0 - Intel Corporation) Hidden
Microsoft Visual C++ 2010 x86 Redistributable - 10.0.30319 (HKLM-x32\...\{196BB40D-1578-3D01-B289-BEFC77A11A1E}) (Version: 10.0.30319 - Microsoft Corporation)
Microsoft Visual C++ 2013 Redistributable (x64) - 12.0.21005 (HKLM-x32\...\{7f51bdb9-ee21-49ee-94d6-90afc321780e}) (Version: 12.0.21005.1 - Microsoft Corporation)
Microsoft Visual C++ 2013 Redistributable (x64) - 12.0.30501 (HKLM-x32\...\{050d4fc8-5d48-4b8f-8972-47c82c46020f}) (Version: 12.0.30501.0 - Microsoft Corporation)
Microsoft Visual C++ 2013 Redistributable (x86) - 12.0.21005 (HKLM-x32\...\{ce085a78-074e-4823-8dc1-8a721b94b76d}) (Version: 12.0.21005.1 - Microsoft Corporation)
Microsoft Visual C++ 2013 x64 Additional Runtime - 12.0.21005 (HKLM\...\{929FBD26-9020-399B-9A7A-751D61F0B942}) (Version: 12.0.21005 - Microsoft Corporation) Hidden
Microsoft Visual C++ 2013 x64 Minimum Runtime - 12.0.21005 (HKLM\...\{A749D8E6-B613-3BE3-8F5F-045C84EBA29B}) (Version: 12.0.21005 - Microsoft Corporation) Hidden
Microsoft Visual C++ 2013 x86 Additional Runtime - 12.0.21005 (HKLM-x32\...\{F8CFEB22-A2E7-3971-9EDA-4B11EDEFC185}) (Version: 12.0.21005 - Microsoft Corporation) Hidden
Microsoft Visual C++ 2013 x86 Minimum Runtime - 12.0.21005 (HKLM-x32\...\{13A4EE12-23EA-3371-91EE-EFB36DDFFF3E}) (Version: 12.0.21005 - Microsoft Corporation) Hidden
Microsoft Visual C++ 2015 Redistributable (x64) - 14.0.23506 (HKLM-x32\...\{3ee5e5bb-b7cc-4556-8861-a00a82977d6c}) (Version: 14.0.23506.0 - Microsoft Corporation)
Microsoft Visual C++ 2015 Redistributable (x86) - 14.0.23506 (HKLM-x32\...\{23daf363-3020-4059-b3ae-dc4ad39fed19}) (Version: 14.0.23506.0 - Microsoft Corporation)
Microsoft Visual C++ 2015 x64 Additional Runtime - 14.0.23506 (HKLM\...\{B0B194F8-E0CE-33FE-AA11-636428A4B73D}) (Version: 14.0.23506 - Microsoft Corporation) Hidden
Microsoft Visual C++ 2015 x64 Minimum Runtime - 14.0.23506 (HKLM\...\{A1C31BA5-5438-3A07-9EEE-A5FB2D0FDE36}) (Version: 14.0.23506 - Microsoft Corporation) Hidden
Microsoft Visual C++ 2015 x86 Additional Runtime - 14.0.23506 (HKLM-x32\...\{1045AB6F-6151-3634-8C2C-EE308AA1A6A7}) (Version: 14.0.23506 - Microsoft Corporation) Hidden
Microsoft Visual C++ 2015 x86 Minimum Runtime - 14.0.23506 (HKLM-x32\...\{65AD78AD-D23D-3A1E-9305-3AE65CD522C2}) (Version: 14.0.23506 - Microsoft Corporation) Hidden
NVIDIA GeForce Experience 3.12.0.84 (HKLM\...\{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_Display.GFExperience) (Version: 3.12.0.84 - NVIDIA Corporation)
NVIDIA Ovladače grafiky 512.78 (HKLM\...\{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_Display.Driver) (Version: 512.78 - NVIDIA Corporation)
NVIDIA Systémový software PhysX 9.17.0524 (HKLM\...\{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_Display.PhysX) (Version: 9.17.0524 - NVIDIA Corporation)
Pomocník s aktualizací Windows 10 (HKLM-x32\...\{D5C69738-B486-402E-85AC-2456D98A64E4}) (Version: 1.4.9200.22589 - Microsoft Corporation)
REALTEK Bluetooth Driver (HKLM-x32\...\{9D3D8C60-A5EF-4123-B2B9-172095903AB}) (Version: 1.0.0.88 - REALTEK Semiconductor Corp.)
Realtek Ethernet Controller Driver (HKLM-x32\...\{8833FFB6-5B0C-4764-81AA-06DFEED9A476}) (Version: 10.25.119.2018 - Realtek)
REALTEK Wireless LAN Driver (HKLM-x32\...\{A5107464-AA9B-4177-8129-5FF2F42DD322}) (Version: 1.0.0.113 - REALTEK Semiconductor Corp.)
Skype verze 8.136 (HKLM-x32\...\Skype_is1) (Version: 8.136 - Skype Technologies S.A.)
TeamViewer 14 (HKLM-x32\...\TeamViewer) (Version: 14.2.8352 - TeamViewer)
Update for Windows 10 for x64-based Systems (KB4480730) (HKLM\...\{344F3227-F502-4219-9DC4-1967E586FAFA}) (Version: 2.51.0.0 - Microsoft Corporation)
Update for x64-based Windows Systems (KB5001716) (HKLM\...\{DA80A019-4C3B-4DAA-ACA1-6937D7CAAF9E}) (Version: 8.94.0.0 - Microsoft Corporation)
VLC media player (HKLM\...\VLC media player) (Version: 3.0.6 - VideoLAN)
WebAdvisor od společnosti McAfee (HKLM-x32\...\{35ED3F83-4BDC-4c44-8EC6-6A8301C7413A}) (Version: 4.1.1.1011 - McAfee, LLC)
WinRAR 5.90 (64-bit) (HKLM\...\WinRAR archiver) (Version: 5.90.0 - win.rar GmbH)
Chrome apps:
============
Mapy Google (HKU\S-1-5-21-1311674592-3799105159-958900802-1001\...\5738b425916c8b4f4bd8e8c200100190) (Version: 1.0 - Google\Chrome)
Packages:
=========
Adobe Acrobat Reader -> C:\Program Files\Adobe\Acrobat DC [2025-01-25] ()
Bitdefender CL Contextual Menu -> C:\Program Files\Bitdefender\Bitdefender Security App [2025-03-14] (Bitdefender)
Candy Crush Friends -> C:\Program Files\WindowsApps\king.com.CandyCrushFriends_4.9.1.0_x64__kgqvnymyfvs32 [2025-03-14] (king.com)
Candy Crush Saga -> C:\Program Files\WindowsApps\king.com.CandyCrushSaga_1.2970.1.0_x64__kgqvnymyfvs32 [2025-02-27] (king.com)
Cooking Fever -> C:\Program Files\WindowsApps\NORDCURRENT.COOKINGFEVER_21.1.3.0_x86__m9bz608c1b9ra [2025-02-27] (Nordcurrent)
Doplněk multimediálního modulu pro aplikaci Fotografie -> C:\Program Files\WindowsApps\Microsoft.Photos.MediaEngineDLC_1.0.0.0_x64__8wekyb3d8bbwe [2020-07-05] (Microsoft Corporation)
HP Audio Control -> C:\Program Files\WindowsApps\RealtekSemiconductorCorp.HPAudioControl_1.10.216.0_x64__dt26b99r8h8gj [2020-09-12] (Realtek Semiconductor Corp)
HP JumpStart -> C:\Program Files\WindowsApps\AD2F1837.HPJumpStart_1.4.481.0_x86__v10z8vjag6ke6 [2018-11-24] (HP Inc.)
LinkedIn -> C:\Program Files\WindowsApps\7EE7776C.LinkedInforWindows_3.0.42.0_x64__w1wdnht996qgy [2025-02-27] (LinkedIn) [Startup Task]
Microsoft Access -> C:\Program Files\WindowsApps\Microsoft.Office.Desktop.Access_16051.18429.20158.0_x86__8wekyb3d8bbwe [2025-02-13] (Microsoft Corporation)
Microsoft Advertising SDK for XAML -> C:\Program Files\WindowsApps\Microsoft.Advertising.Xaml_10.1811.1.0_x64__8wekyb3d8bbwe [2019-04-18] (Microsoft Corporation) [MS Ad]
Microsoft Advertising SDK for XAML -> C:\Program Files\WindowsApps\Microsoft.Advertising.Xaml_10.1811.1.0_x86__8wekyb3d8bbwe [2019-04-18] (Microsoft Corporation) [MS Ad]
Microsoft Excel -> C:\Program Files\WindowsApps\Microsoft.Office.Desktop.Excel_16051.18429.20158.0_x86__8wekyb3d8bbwe [2025-02-13] (Microsoft Corporation)
Microsoft Family -> C:\Program Files\WindowsApps\MicrosoftCorporationII.MicrosoftFamily_0.2.40.0_x64__8wekyb3d8bbwe [2024-11-16] (Microsoft Corp.)
Microsoft Office Desktop Apps -> C:\Program Files\WindowsApps\Microsoft.Office.Desktop_16051.18429.20158.0_x86__8wekyb3d8bbwe [2025-02-13] (Microsoft Corporation)
Microsoft Outlook -> C:\Program Files\WindowsApps\Microsoft.Office.Desktop.Outlook_16051.18429.20158.0_x86__8wekyb3d8bbwe [2025-02-13] (Microsoft Corporation)
Microsoft PowerPoint -> C:\Program Files\WindowsApps\Microsoft.Office.Desktop.PowerPoint_16051.18429.20158.0_x86__8wekyb3d8bbwe [2025-02-13] (Microsoft Corporation)
Microsoft Publisher -> C:\Program Files\WindowsApps\Microsoft.Office.Desktop.Publisher_16051.18429.20158.0_x86__8wekyb3d8bbwe [2025-02-13] (Microsoft Corporation)
Microsoft Word -> C:\Program Files\WindowsApps\Microsoft.Office.Desktop.Word_16051.18429.20158.0_x86__8wekyb3d8bbwe [2025-02-13] (Microsoft Corporation)
Microsoft.StartExperiencesApp -> C:\Program Files\WindowsApps\Microsoft.StartExperiencesApp_1.1.235.0_x64__8wekyb3d8bbwe [2025-02-27] (Microsoft Corporation)
Power Media Player 14 for HP Consumer PCs with DVD -> C:\Program Files\WindowsApps\CyberLinkCorp.hs.PowerMediaPlayer14forHPConsumerPC_14.2.9528.0_x86__06qsbagp91rvg [2019-04-18] (CYBERLINKCOM CORP)
Simple Solitaire -> C:\Program Files\WindowsApps\26720RandomSaladGamesLLC.SimpleSolitaire_7.5.25.0_x64__kx24dqmazqk8j [2025-02-27] (Random Salad Games LLC)
SpotifyAB.SpotifyMusic -> C:\Program Files\WindowsApps\SpotifyAB.SpotifyMusic_1.257.463.0_x64__zpdnekdrzrea0 [2025-02-13] (Spotify AB) [Startup Task]
Synaptics TouchPad -> C:\Program Files\WindowsApps\SynapticsIncorporated.SynHPConsumerDApp_19005.35054.0.0_x64__807d65c4rvak2 [2020-03-15] (Synaptics Incorporated)
==================== Custom CLSID (Whitelisted): ==============
(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)
CustomCLSID: HKU\S-1-5-21-1311674592-3799105159-958900802-1001_Classes\CLSID\{38142727-3008-9161-1521-349515000000}\localserver32 -> C:\Program Files\Adobe\Acrobat DC\Acrobat\ADNotificationManager.exe (Adobe Inc. -> Adobe)
CustomCLSID: HKU\S-1-5-21-1311674592-3799105159-958900802-1001_Classes\CLSID\{C78B614D-F3EA-11D2-94A1-00E0292A01E3}\InprocServer32 -> C:\Program Files\Altap Salamander\utils\salextx64.dll (ALTAP) [File not signed]
ShellExecuteHooks: Groove GFS Stub Execution Hook - {B5A7F190-DDA6-4420-B3BA-52453494E6CD} - C:\Program Files\Microsoft Office\Office14\GROOVEEX.DLL [6722448 2010-03-25] (Microsoft Corporation -> Microsoft Corporation)
ShellExecuteHooks-x32: Groove GFS Stub Execution Hook - {B5A7F190-DDA6-4420-B3BA-52453494E6CD} - C:\Program Files (x86)\Microsoft Office\Office14\GROOVEEX.DLL [4222864 2010-03-25] (Microsoft Corporation -> Microsoft Corporation)
ContextMenuHandlers1: [WinRAR] -> {B41DB860-64E4-11D2-9906-E49FADC173CA} => C:\Program Files\WinRAR\rarext.dll [2020-03-26] (win.rar GmbH -> Alexander Roshal)
ContextMenuHandlers1-x32: [WinRAR32] -> {B41DB860-8EE4-11D2-9906-E49FADC173CA} => C:\Program Files\WinRAR\rarext32.dll [2020-03-26] (win.rar GmbH -> Alexander Roshal)
ContextMenuHandlers4: [WinRAR] -> {B41DB860-64E4-11D2-9906-E49FADC173CA} => C:\Program Files\WinRAR\rarext.dll [2020-03-26] (win.rar GmbH -> Alexander Roshal)
ContextMenuHandlers4-x32: [WinRAR32] -> {B41DB860-8EE4-11D2-9906-E49FADC173CA} => C:\Program Files\WinRAR\rarext32.dll [2020-03-26] (win.rar GmbH -> Alexander Roshal)
ContextMenuHandlers5: [igfxcui] -> {3AB1675A-CCFF-11D2-8B20-00A0C93CB1F4} => -> No File
ContextMenuHandlers5: [igfxDTCM] -> {9B5F5829-A529-4B12-814A-E81BCB8D93FC} => C:\WINDOWS\System32\DriverStore\FileRepository\igdlh64.inf_amd64_31f4e71363bfa9b6\igfxDTCM.dll [2021-01-19] (Microsoft Windows Hardware Compatibility Publisher -> Intel Corporation)
ContextMenuHandlers5: [NvCplDesktopContext] -> {3D1975AF-48C6-4f8e-A182-BE0E08FA86A9} => C:\WINDOWS\system32\nvshext.dll [2022-05-05] (Nvidia Corporation -> NVIDIA Corporation)
ContextMenuHandlers6: [WinRAR] -> {B41DB860-64E4-11D2-9906-E49FADC173CA} => C:\Program Files\WinRAR\rarext.dll [2020-03-26] (win.rar GmbH -> Alexander Roshal)
ContextMenuHandlers6-x32: [WinRAR32] -> {B41DB860-8EE4-11D2-9906-E49FADC173CA} => C:\Program Files\WinRAR\rarext32.dll [2020-03-26] (win.rar GmbH -> Alexander Roshal)
==================== Codecs (Whitelisted) ====================
(If an entry is included in the fixlist, the registry item will be restored to default or removed. The file will not be moved.)
HKLM\...\Drivers32-x32: [vidc.XVID] => xvidvfw.dll
HKLM\...\Drivers32-x32: [VIDC.VP80] => vp8vfw.dll
==================== Shortcuts & WMI ========================
(The entries could be listed to be restored or removed.)
ShortcutWithArgument: C:\Users\Adriana\Desktop\Mapy Google.lnk -> C:\Program Files (x86)\Google\Chrome\Application\chrome_proxy.exe (Google LLC) -> --profile-directory=Default --app-id=ebaakkhnommmgmlbagjehhjfhkkmhhaa
ShortcutWithArgument: C:\Users\Adriana\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Aplikace Chrome\Mapy Google.lnk -> C:\Program Files (x86)\Google\Chrome\Application\chrome_proxy.exe (Google LLC) -> --profile-directory=Default --app-id=ebaakkhnommmgmlbagjehhjfhkkmhhaa
==================== Loaded Modules (Whitelisted) =============
2025-01-26 22:17 - 2025-01-26 22:17 - 000160768 _____ () [File not signed] C:\WINDOWS\assembly\NativeImages_v4.0.30319_32\BRIDGECommon\d559c5307bd854c0ca32f44553d67642\BRIDGECommon.ni.dll
2025-01-26 22:21 - 2025-01-26 22:21 - 000125440 _____ () [File not signed] C:\WINDOWS\assembly\NativeImages_v4.0.30319_32\BridgeExtension\320703600b565b8a20889d333d4b1aa3\BridgeExtension.ni.dll
2025-01-26 22:21 - 2025-01-26 22:21 - 000395264 _____ () [File not signed] C:\WINDOWS\assembly\NativeImages_v4.0.30319_32\CleanStartController\060bc0c317b2791a7374b165a40440e0\CleanStartController.ni.dll
2025-01-26 22:21 - 2025-01-26 22:21 - 000145920 _____ () [File not signed] C:\WINDOWS\assembly\NativeImages_v4.0.30319_32\Registratio4eabc192#\0bcde7da77e70e2f6ef447634c2632ab\RegistrationUtilities.ni.dll
2025-01-26 22:21 - 2025-01-26 22:21 - 000136704 _____ (HP Inc.) [File not signed] C:\WINDOWS\assembly\NativeImages_v4.0.30319_32\CommonPortable\140d680eefc10d28c7023fe6dee2f3c8\CommonPortable.ni.dll
2017-09-27 08:02 - 2017-09-27 08:02 - 000184832 _____ (NetToolWorks Inc.) [File not signed] [File is in use] C:\Program Files (x86)\Hewlett-Packard\HP Support Solutions\Modules\DeviceDetection\NetToolWorks.Snmp.dll
2025-01-26 22:19 - 2025-01-26 22:19 - 002305536 _____ (Newtonsoft) [File not signed] C:\WINDOWS\assembly\NativeImages_v4.0.30319_32\Newtonsoft.Json\4be9d3d7336190552509e4f592712b9e\Newtonsoft.Json.ni.dll
==================== Alternate Data Streams (Whitelisted) ========
(If an entry is included in the fixlist, only the ADS will be removed.)
AlternateDataStreams: C:\Users\Adriana\Downloads\FRST.exe:BDU [0]
AlternateDataStreams: C:\Users\Adriana\Downloads\FRST64.exe:BDU [0]
==================== Safe Mode (Whitelisted) ==================
==================== Association (Whitelisted) =================
==================== Internet Explorer (Whitelisted) =============
HKLM\Software\Microsoft\Internet Explorer\Main,Start Page = hxxp://hp17win10.msn.com/?pc=HCTE
HKLM\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = hxxp://hp17win10.msn.com/?pc=HCTE
HKU\S-1-5-21-1311674592-3799105159-958900802-1001\Software\Microsoft\Internet Explorer\Main,Start Page = hxxp://hp17win10.msn.com/?pc=HCTE
HKU\S-1-5-21-1311674592-3799105159-958900802-1001\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = hxxp://hp17win10.msn.com/?pc=HCTE
SearchScopes: HKLM -> {D8ED3568-26B6-4487-ADEE-7ADBB44E8250} URL = hxxp://www.amazon.co.uk/s/ref=azs_osd_ieauk?ie ... earchTerms}
SearchScopes: HKLM-x32 -> {D8ED3568-26B6-4487-ADEE-7ADBB44E8250} URL = hxxp://www.amazon.co.uk/s/ref=azs_osd_ieauk?ie ... earchTerms}
SearchScopes: HKU\S-1-5-21-1311674592-3799105159-958900802-1001 -> {D8ED3568-26B6-4487-ADEE-7ADBB44E8250} URL = hxxp://www.amazon.co.uk/s/ref=azs_osd_ieauk?ie ... earchTerms}
BHO: Groove GFS Browser Helper -> {72853161-30C5-4D22-B7F9-0BBC1D38A37E} -> C:\Program Files\Microsoft Office\Office14\GROOVEEX.DLL [2010-03-25] (Microsoft Corporation -> Microsoft Corporation)
BHO: McAfee WebAdvisor -> {B164E929-A1B6-4A06-B104-2CD0E90A88FF} -> C:\Program Files\McAfee\WebAdvisor\x64\IEPlugin.dll [2022-07-20] (McAfee, LLC -> McAfee, LLC)
BHO: Office Document Cache Handler -> {B4F3A835-0E21-4959-BA22-42B3008E02FF} -> C:\Program Files\Microsoft Office\Office14\URLREDIR.DLL [2010-02-28] (Microsoft Corporation -> Microsoft Corporation)
BHO: HP Network Check Helper -> {E76FD755-C1BA-4DCB-9F13-99BD91223ADE} -> C:\Program Files (x86)\Hewlett-Packard\HP Support Framework\Resources\HPNetworkCheck\HPNetworkCheckPluginx64.dll [2017-09-27] (HP Inc. -> HP Inc.)
BHO-x32: Groove GFS Browser Helper -> {72853161-30C5-4D22-B7F9-0BBC1D38A37E} -> C:\Program Files (x86)\Microsoft Office\Office14\GROOVEEX.DLL [2010-03-25] (Microsoft Corporation -> Microsoft Corporation)
BHO-x32: McAfee WebAdvisor -> {B164E929-A1B6-4A06-B104-2CD0E90A88FF} -> C:\Program Files\McAfee\WebAdvisor\win32\IEPlugin.dll [2022-07-20] (McAfee, LLC -> McAfee, LLC)
BHO-x32: Office Document Cache Handler -> {B4F3A835-0E21-4959-BA22-42B3008E02FF} -> C:\Program Files (x86)\Microsoft Office\Office14\URLREDIR.DLL [2010-02-28] (Microsoft Corporation -> Microsoft Corporation)
BHO-x32: HP Network Check Helper -> {E76FD755-C1BA-4DCB-9F13-99BD91223ADE} -> C:\Program Files (x86)\Hewlett-Packard\HP Support Framework\Resources\HPNetworkCheck\HPNetworkCheckPlugin.dll [2017-09-27] (HP Inc. -> HP Inc.)
==================== Hosts content: =========================
(If needed Hosts: directive could be included in the fixlist to reset Hosts.)
2018-04-12 00:38 - 2018-04-12 00:36 - 000000824 _____ C:\WINDOWS\system32\drivers\etc\hosts
==================== Other Areas ===========================
(Currently there is no automatic fix for this section.)
HKLM\System\CurrentControlSet\Control\Session Manager\Environment\\Path -> C:\Program Files (x86)\Intel\TXE Components\iCLS\;C:\Program Files\Intel\TXE Components\iCLS\;C:\windows\system32;C:\windows;C:\windows\System32\Wbem;C:\windows\System32\WindowsPowerShell\v1.0\;C:\windows\System32\OpenSSH\;C:\Program Files\Intel\TXE Components\DAL\;C:\Program Files (x86)\Intel\TXE Components\DAL\;C:\Program Files\Intel\TXE Components\IPT\;C:\Program Files (x86)\Intel\TXE Components\IPT\;C:\Program Files (x86)\NVIDIA Corporation\PhysX\Common;%SystemRoot%\system32;%SystemRoot%;%SystemRoot%\System32\Wbem;%SYSTEMROOT%\System32\WindowsPowerShell\v1.0\;%SYSTEMROOT%\System32\OpenSSH\
HKU\S-1-5-21-1311674592-3799105159-958900802-1001\Control Panel\Desktop\\Wallpaper -> C:\Users\Adriana\Desktop\JÁ\14318556_4_1700108082.jpg
DNS Servers: 192.168.0.254 - 217.196.124.1
HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Policies\System => (ConsentPromptBehaviorAdmin: 5) (ConsentPromptBehaviorUser: 3) (EnableLUA: 1)
BITS: {2250021F-B44B-4C02-A193-7E3D1BBECF62} - (HPCeeConnect) -> [NotifyCmdLine: C:\Program Files (x86)\Hewlett-Packard\HP Ceement\HPCEE.exe "C:\Program Files (x86)\Hewlett-Packard\HP Ceement\HPCEE.exe" HPCeeConnect (null)] [files:http://ceement.rssx.hp.com/CeementWA/index.jsp -> C:\Users\Adriana\hpTemp.txt]
Windows Firewall is enabled.
Network Binding:
=============
Síťové připojení Bluetooth: Bluetooth Device (Personal Area Network) -> bthpan.sys
Ethernet: Realtek PCIe GbE Family Controller -> rtcx21x64.sys
Wi-Fi: Realtek RTL8822BE 802.11ac PCIe Adapter -> rtwlane.sys
==================== MSCONFIG/TASK MANAGER disabled items ==
(If an entry is included in the fixlist, it will be removed.)
HKLM\...\StartupApproved\Run: => "RtkAudUService"
HKLM\...\StartupApproved\Run: => "msedge_cleanup_{F3017226-FE2A-4295-8BDF-00C3A9A7E4C5}"
HKLM\...\StartupApproved\Run32: => "BCSSync"
HKU\S-1-5-21-1311674592-3799105159-958900802-1001\...\StartupApproved\Run: => "OneDrive"
==================== FirewallRules (Whitelisted) ================
(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)
FirewallRules: [{1EFB2296-BA29-4EBB-BFFA-7D62E91D8E7B}] => (Allow) C:\Program Files (x86)\Microsoft\Skype for Desktop\Skype.exe (Skype Software Sarl -> Skype Technologies S.A.)
FirewallRules: [{EB2A2B45-5A1A-4D95-B0E3-F6113EC37025}] => (Allow) C:\Program Files (x86)\Microsoft\Skype for Desktop\Skype.exe (Skype Software Sarl -> Skype Technologies S.A.)
FirewallRules: [{8882661E-DCCD-4634-82BA-13778931D278}] => (Allow) C:\Program Files\Bitdefender\Bitdefender Security\bdntwrk.exe (Bitdefender SRL -> Bitdefender)
FirewallRules: [{C944D74D-DF8B-41F6-83AB-BA6D22E61166}] => (Allow) C:\Program Files\Bonjour\mDNSResponder.exe (Apple Inc. -> Apple Inc.)
FirewallRules: [{FF2D2EB8-431C-4018-83AD-041F5D5FD8B8}] => (Allow) C:\Program Files\Bonjour\mDNSResponder.exe (Apple Inc. -> Apple Inc.)
FirewallRules: [{A15F01E2-B0B1-4015-9790-1E6BE83567FE}] => (Allow) C:\Program Files (x86)\Bonjour\mDNSResponder.exe (Apple Inc. -> Apple Inc.)
FirewallRules: [{8FC9D36B-3460-499A-8845-0525573AC366}] => (Allow) C:\Program Files (x86)\Bonjour\mDNSResponder.exe (Apple Inc. -> Apple Inc.)
FirewallRules: [{40118C59-61C0-4690-9F50-C7A63F38425F}] => (Allow) C:\Program Files\NVIDIA Corporation\NvContainer\nvcontainer.exe (NVIDIA Corporation -> NVIDIA Corporation)
FirewallRules: [{831ADED0-792F-4A4A-B839-F7D36A929997}] => (Allow) C:\Program Files\NVIDIA Corporation\NvContainer\nvcontainer.exe (NVIDIA Corporation -> NVIDIA Corporation)
FirewallRules: [{68BA3751-F556-4329-9756-0FE8643D169C}] => (Allow) C:\Program Files\NVIDIA Corporation\NvContainer\nvcontainer.exe (NVIDIA Corporation -> NVIDIA Corporation)
FirewallRules: [{6A993636-BBE8-4ED0-998F-550B9F367335}] => (Allow) C:\Program Files\NVIDIA Corporation\NvContainer\nvcontainer.exe (NVIDIA Corporation -> NVIDIA Corporation)
FirewallRules: [{71CA705F-A1EB-4C7D-AF52-9351B40869D6}] => (Allow) C:\Program Files\NVIDIA Corporation\NvStreamSrv\nvstreamer.exe (NVIDIA Corporation -> NVIDIA Corporation)
FirewallRules: [{7C3A54E6-163A-4F97-8D87-376D7FB78A52}] => (Allow) C:\Program Files\NVIDIA Corporation\NvStreamSrv\nvstreamer.exe (NVIDIA Corporation -> NVIDIA Corporation)
FirewallRules: [{2895CF63-CBCC-4CE7-8AAE-9609228006F6}] => (Allow) C:\Program Files (x86)\Common Files\Mcafee\MMSSHost\MMSSHost.exe => No File
FirewallRules: [{054907B3-0783-4ACC-88D0-FA654BE55FB5}] => (Allow) C:\Program Files\Common Files\McAfee\MMSSHost\MMSSHost.exe => No File
FirewallRules: [{7BA79C55-6DE3-43E4-BEBE-9576762FA791}] => (Allow) C:\Program Files (x86)\TeamViewer\TeamViewer.exe (TeamViewer GmbH -> TeamViewer GmbH)
FirewallRules: [{3AE225C4-8425-49C3-A5CC-7CAB9A5F0A1D}] => (Allow) C:\Program Files (x86)\TeamViewer\TeamViewer.exe (TeamViewer GmbH -> TeamViewer GmbH)
FirewallRules: [{5E54622C-EDBB-4B3F-9503-9140FC725DE5}] => (Allow) C:\Program Files (x86)\TeamViewer\TeamViewer_Service.exe (TeamViewer GmbH -> TeamViewer GmbH)
FirewallRules: [{EA0060E7-38AF-4230-96BF-E2DC065EF8A5}] => (Allow) C:\Program Files (x86)\TeamViewer\TeamViewer_Service.exe (TeamViewer GmbH -> TeamViewer GmbH)
FirewallRules: [TCP Query User{3A2473BD-28C5-4E93-9657-2A4FA16A9A56}C:\windows\explorer.exe] => (Block) C:\windows\explorer.exe (Microsoft Windows -> Microsoft Corporation)
FirewallRules: [UDP Query User{89D6091D-F9D8-45E1-B587-B64BE85426B9}C:\windows\explorer.exe] => (Block) C:\windows\explorer.exe (Microsoft Windows -> Microsoft Corporation)
FirewallRules: [{5C0B377F-C28B-468F-B864-654D2B42B8E3}] => (Allow) C:\Program Files\WindowsApps\MicrosoftTeams_24277.3102.3183.2670_x64__8wekyb3d8bbwe\msteams.exe (Microsoft Corporation -> Microsoft Corporation)
FirewallRules: [{31B18D05-5966-441B-BDED-686350046F3A}] => (Allow) C:\Program Files\WindowsApps\MicrosoftTeams_24277.3102.3183.2670_x64__8wekyb3d8bbwe\msteams.exe (Microsoft Corporation -> Microsoft Corporation)
FirewallRules: [{F0659D6B-BF79-4E5C-8C00-0FB524675A1B}] => (Allow) C:\Program Files\WindowsApps\Microsoft.SkypeApp_15.136.3203.0_x64__kzf8qxf38zg5c\Skype\Skype.exe (Skype Software Sarl -> Skype Technologies S.A.)
FirewallRules: [{A7E0DBC0-4270-4015-9A41-C1F005754FB5}] => (Allow) C:\Program Files\WindowsApps\Microsoft.SkypeApp_15.136.3203.0_x64__kzf8qxf38zg5c\Skype\Skype.exe (Skype Software Sarl -> Skype Technologies S.A.)
FirewallRules: [{6C5187B9-3F65-40A4-A273-F9DC04FD8107}] => (Allow) C:\Program Files\WindowsApps\Microsoft.SkypeApp_15.136.3203.0_x64__kzf8qxf38zg5c\Skype\Skype.exe (Skype Software Sarl -> Skype Technologies S.A.)
FirewallRules: [{2ABF5A81-F826-45FA-8E45-51E90AB139F1}] => (Allow) C:\Program Files\WindowsApps\Microsoft.SkypeApp_15.136.3203.0_x64__kzf8qxf38zg5c\Skype\Skype.exe (Skype Software Sarl -> Skype Technologies S.A.)
FirewallRules: [{E6E70C09-5F4F-449F-918B-0F5C8D700941}] => (Allow) C:\Program Files\WindowsApps\SpotifyAB.SpotifyMusic_1.257.463.0_x64__zpdnekdrzrea0\Spotify.exe (453637B3-4E12-4CDF-B0D3-2A3C863BF6EF -> Spotify Ltd)
FirewallRules: [{FDC07B9D-7AE6-43E2-A170-307D3B1CF73B}] => (Allow) C:\Program Files\WindowsApps\SpotifyAB.SpotifyMusic_1.257.463.0_x64__zpdnekdrzrea0\Spotify.exe (453637B3-4E12-4CDF-B0D3-2A3C863BF6EF -> Spotify Ltd)
FirewallRules: [{896E2DBC-3C0A-4C64-B9CD-3436415BF8B3}] => (Allow) C:\Program Files\WindowsApps\SpotifyAB.SpotifyMusic_1.257.463.0_x64__zpdnekdrzrea0\Spotify.exe (453637B3-4E12-4CDF-B0D3-2A3C863BF6EF -> Spotify Ltd)
FirewallRules: [{1FA79451-97D9-4016-A538-7962E532CE10}] => (Allow) C:\Program Files\WindowsApps\SpotifyAB.SpotifyMusic_1.257.463.0_x64__zpdnekdrzrea0\Spotify.exe (453637B3-4E12-4CDF-B0D3-2A3C863BF6EF -> Spotify Ltd)
FirewallRules: [{A73B9695-9D77-4ED5-BB6F-0832DFDE0740}] => (Allow) C:\Program Files\WindowsApps\SpotifyAB.SpotifyMusic_1.257.463.0_x64__zpdnekdrzrea0\Spotify.exe (453637B3-4E12-4CDF-B0D3-2A3C863BF6EF -> Spotify Ltd)
FirewallRules: [{D18E1FFF-6753-462C-B16B-7BC5891EC364}] => (Allow) C:\Program Files\WindowsApps\SpotifyAB.SpotifyMusic_1.257.463.0_x64__zpdnekdrzrea0\Spotify.exe (453637B3-4E12-4CDF-B0D3-2A3C863BF6EF -> Spotify Ltd)
FirewallRules: [{BF8CD9B7-F048-4F69-91D4-9B8B4E52C543}] => (Allow) C:\Program Files\WindowsApps\SpotifyAB.SpotifyMusic_1.257.463.0_x64__zpdnekdrzrea0\Spotify.exe (453637B3-4E12-4CDF-B0D3-2A3C863BF6EF -> Spotify Ltd)
FirewallRules: [{EDCA9B4C-F620-4A62-9F81-C19610EC67D4}] => (Allow) C:\Program Files\WindowsApps\SpotifyAB.SpotifyMusic_1.257.463.0_x64__zpdnekdrzrea0\Spotify.exe (453637B3-4E12-4CDF-B0D3-2A3C863BF6EF -> Spotify Ltd)
FirewallRules: [{598FCC55-F47D-4497-A9C3-7DBF570B5DEA}] => (Allow) C:\Program Files\WindowsApps\SpotifyAB.SpotifyMusic_1.257.463.0_x64__zpdnekdrzrea0\Spotify.exe (453637B3-4E12-4CDF-B0D3-2A3C863BF6EF -> Spotify Ltd)
FirewallRules: [{925EDD0E-7C3E-453B-AAA2-EE4072251B2E}] => (Allow) C:\Program Files\WindowsApps\SpotifyAB.SpotifyMusic_1.257.463.0_x64__zpdnekdrzrea0\Spotify.exe (453637B3-4E12-4CDF-B0D3-2A3C863BF6EF -> Spotify Ltd)
FirewallRules: [{949526EE-4911-41C0-8A85-055FB9475684}] => (Allow) C:\Program Files\WindowsApps\Microsoft.Office.Desktop.Outlook_16051.18429.20158.0_x86__8wekyb3d8bbwe\Office16\OUTLOOK.exe (Microsoft Corporation -> Microsoft Corporation)
FirewallRules: [{05D2A9D0-B920-46D2-8F30-60DC3ACDCF3F}] => (Allow) C:\Program Files (x86)\Microsoft\Skype for Desktop\Skype.exe (Skype Software Sarl -> Skype Technologies S.A.)
FirewallRules: [{5FDD0B61-5BBF-4733-985C-8FD7A0D88426}] => (Allow) C:\Program Files (x86)\Microsoft\Skype for Desktop\Skype.exe (Skype Software Sarl -> Skype Technologies S.A.)
FirewallRules: [{308F87A9-2876-4D66-8C97-368CFC16BF8D}] => (Allow) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe (Google LLC -> Google LLC)
FirewallRules: [{E55C9C43-E50A-479A-A477-A2BA51DA2A5D}] => (Allow) C:\Program Files (x86)\Microsoft\EdgeWebView\Application\133.0.3065.92\msedgewebview2.exe (Microsoft Corporation -> Microsoft Corporation)
==================== Restore Points =========================
14-03-2025 11:57:43 Windows Update
14-03-2025 11:57:59 Windows Update
==================== Faulty Device Manager Devices ============
==================== Event log errors: ========================
Application errors:
==================
Error: (03/14/2025 11:44:40 AM) (Source: SecurityCenter) (EventID: 19) (User: )
Description: Službě Centrum zabezpečení Windows se nepodařilo načíst instance objektu AntiVirusProduct z úložiště dat.
Error: (02/27/2025 10:04:32 AM) (Source: SecurityCenter) (EventID: 19) (User: )
Description: Službě Centrum zabezpečení Windows se nepodařilo načíst instance objektu AntiVirusProduct z úložiště dat.
Error: (02/27/2025 10:02:34 AM) (Source: System Restore) (EventID: 8193) (User: )
Description: Vytvoření bodu obnovení se nezdařilo (Proces = C:\WINDOWS\system32\svchost.exe -k netsvcs -p -s wuauserv; Popis = Windows Update; Chyba = 0x80042319).
Error: (02/27/2025 10:02:34 AM) (Source: SPP) (EventID: 16387) (User: )
Description: V zapisovači MSSearch Service Writer došlo při vytváření snímku k chybě.
Další informace: .
Error: (02/27/2025 09:51:27 AM) (Source: SecurityCenter) (EventID: 19) (User: )
Description: Službě Centrum zabezpečení Windows se nepodařilo načíst instance objektu AntiVirusProduct z úložiště dat.
Error: (02/13/2025 12:27:55 PM) (Source: SecurityCenter) (EventID: 19) (User: )
Description: Službě Centrum zabezpečení Windows se nepodařilo načíst instance objektu AntiVirusProduct z úložiště dat.
Error: (02/13/2025 09:17:02 AM) (Source: Bonjour Service) (EventID: 100) (User: )
Description: Local Hostname LAPTOP-PC5UL52V.local already in use; will try LAPTOP-PC5UL52V-2.local instead
Error: (02/13/2025 09:17:02 AM) (Source: Bonjour Service) (EventID: 100) (User: )
Description: mDNSCoreReceiveResponse: ProbeCount 0; will deregister 4 LAPTOP-PC5UL52V.local. Addr 169.254.200.205
System errors:
=============
Error: (03/14/2025 12:14:18 PM) (Source: Microsoft-Windows-WindowsUpdateClient) (EventID: 20) (User: NT AUTHORITY)
Description: Instalace se nezdařila: Instalování následující aktualizace se nezdařilo z důvodu chyby (0x80073d02): 9PC1H9VN18CM-Microsoft.StartExperiencesApp.
Error: (03/14/2025 12:04:30 PM) (Source: Microsoft-Windows-WindowsUpdateClient) (EventID: 20) (User: NT AUTHORITY)
Description: Instalace se nezdařila: Instalování následující aktualizace se nezdařilo z důvodu chyby (0x80073d02): 9NTXGKQ8P7N0-MicrosoftWindows.CrossDevice.
Error: (03/14/2025 11:58:46 AM) (Source: Microsoft-Windows-WindowsUpdateClient) (EventID: 20) (User: NT AUTHORITY)
Description: Instalace se nezdařila: Instalování následující aktualizace se nezdařilo z důvodu chyby (0x80073d02): 9NZKPSTSNW4P-Microsoft.XboxGamingOverlay.
Error: (03/14/2025 11:45:32 AM) (Source: Service Control Manager) (EventID: 7000) (User: )
Description: Služba Služba Aktualizace Google (gupdate) neuspěla při spuštění v důsledku následující chyby:
Služba neodpověděla na řídicí nebo zahajovací požadavek dostatečně včas.
Error: (03/14/2025 11:45:32 AM) (Source: Service Control Manager) (EventID: 7009) (User: )
Description: Při čekání na připojení služby Služba Aktualizace Google (gupdate) bylo dosaženo časového limitu (30000 ms).
Error: (03/14/2025 11:43:40 AM) (Source: Service Control Manager) (EventID: 7031) (User: )
Description: Služba Windows Search byla nečekaně ukončena. Stalo se to 1 krát. Následující opravná akce bude spuštěna za 30000 milisekund: Restartovat službu.
Error: (03/14/2025 11:43:40 AM) (Source: Service Control Manager) (EventID: 7023) (User: )
Description: Služba Windows Search byla ukončena s následující chybou:
Zadaná přihlašovací relace neexistuje. Zřejmě již byla ukončena.
Error: (03/14/2025 11:43:20 AM) (Source: Microsoft-Windows-Eventlog) (EventID: 22) (User: NT AUTHORITY)
Description: Služba protokolování událostí zjistila při inicializaci publikačních prostředků chybu v kanálu DebugChannel. V případě analytického nebo ladicího typu kanálu to může znamenat, že došlo také k chybě při inicializaci přihlašovacích prostředků.
==================== Memory info ===========================
BIOS: Insyde F.04 08/02/2018
Motherboard: HP 84AB
Processor: Intel(R) Pentium(R) Silver N5000 CPU @ 1.10GHz
Percentage of memory in use: 85%
Total physical RAM: 8023.57 MB
Available physical RAM: 1178.89 MB
Total Virtual: 10327.57 MB
Available Virtual: 3014.18 MB
==================== Drives ================================
Drive c: (Windows) (Fixed) (Total:222.19 GB) (Free:67.36 GB) (Model: SAMSUNG MZNLN256HAJQ-000H1) NTFS
Drive d: (RECOVERY) (Fixed) (Total:15.05 GB) (Free:1.78 GB) (Model: SAMSUNG MZNLN256HAJQ-000H1) NTFS ==>[system with boot components (obtained from drive)]
\\?\Volume{351acab9-ad10-44e4-99d7-36378fadb533}\ (Windows RE tools) (Fixed) (Total:0.96 GB) (Free:0.22 GB) NTFS
\\?\Volume{d5fcc9bd-a2d9-4f24-9b94-f47fccb9ba7e}\ () (Fixed) (Total:0.25 GB) (Free:0.2 GB) FAT32
==================== MBR & Partition Table ====================
==========================================================
Disk: 0 (Size: 238.5 GB) (Disk ID: 5BAF539E)
Partition: GPT.
==================== End of Addition.txt =======================
Scan result of Farbar Recovery Scan Tool (FRST) (x64) Version: 14-03-2025
Ran by Adriana (administrator) on LAPTOP-PC5UL52V (HP HP Laptop 15-da0xxx) (14-03-2025 12:27:05)
Running from C:\Users\Adriana\Downloads\FRST64.exe
Loaded Profiles: Adriana
Platform: Microsoft Windows 11 Home Version 23H2 22631.4890 (X64) Language: Čeština (Česko)
Default browser: Edge
Boot Mode: Normal
==================== Processes (Whitelisted) =================
(If an entry is included in the fixlist, the process will be closed. The file will not be moved.)
(C:\Program Files (x86)\Google\Chrome\Application\chrome.exe ->) (Microsoft Windows -> Microsoft Corporation) C:\Windows\System32\cmd.exe
(C:\Program Files\Bitdefender Agent\ProductAgentService.exe ->) (Bitdefender SRL -> Bitdefender) C:\Program Files\Bitdefender Agent\27.1.1.11\DiscoverySrv.exe
(C:\Program Files\Bitdefender\Bitdefender Security App\bdservicehost.exe ->) (Bitdefender SRL -> Bitdefender) C:\Program Files\Bitdefender\Bitdefender Security App\bdagent.exe
(C:\Program Files\Bitdefender\Bitdefender Security\bdservicehost.exe ->) (Bitdefender SRL -> Bitdefender) C:\Program Files\Bitdefender\Bitdefender Security\bdntwrk.exe
(C:\Program Files\Bitdefender\Bitdefender Security\bdservicehost.exe ->) (S.C. BITDEFENDER S.R.L. -> Bitdefender) C:\Program Files\Bitdefender\Bitdefender Security\wsccommunicator.exe
(C:\Program Files\McAfee\WebAdvisor\servicehost.exe ->) (McAfee, LLC -> McAfee, LLC) C:\Program Files\McAfee\WebAdvisor\uihost.exe
(cmd.exe ->) (McAfee, LLC -> McAfee, LLC) C:\Program Files\McAfee\WebAdvisor\browserhost.exe
(DriverStore\FileRepository\igdlh64.inf_amd64_31f4e71363bfa9b6\igfxCUIService.exe ->) (Intel(R) pGFX 2020 -> Intel Corporation) C:\Windows\System32\DriverStore\FileRepository\igdlh64.inf_amd64_31f4e71363bfa9b6\igfxEM.exe
(explorer.exe ->) (Google LLC -> Google LLC) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe <21>
(Gen Digital Inc. -> Gen Digital Inc.) C:\Program Files\CCleaner\CCleaner64.exe
(HP Inc. -> HP Inc.) C:\Program Files (x86)\HP\HP System Event\HPMSGSVC.exe
(Realtek Semiconductor Corp. -> Realtek) C:\Program Files (x86)\Realtek\PCIE Wireless LAN\RtlS5Wake\RtlS5Wake.exe
(SECOMN64.exe ->) (Sound Research Corporation -> Sound Research, Corp.) C:\Windows\System32\SECOCL64.exe
(services.exe ->) (Adobe Inc. -> Adobe Inc.) C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\armsvc.exe
(services.exe ->) (Apple Inc. -> Apple Inc.) C:\Program Files\Bonjour\mDNSResponder.exe
(services.exe ->) (Bitdefender SRL -> Bitdefender) C:\Program Files\Bitdefender Agent\ProductAgentService.exe
(services.exe ->) (Bitdefender SRL -> Bitdefender) C:\Program Files\Bitdefender Agent\redline\bdredline.exe
(services.exe ->) (Bitdefender SRL -> Bitdefender) C:\Program Files\Bitdefender\Bitdefender Security App\bdservicehost.exe
(services.exe ->) (Bitdefender SRL -> Bitdefender) C:\Program Files\Bitdefender\Bitdefender Security App\safepay\bdservicehost.exe
(services.exe ->) (Bitdefender SRL -> Bitdefender) C:\Program Files\Bitdefender\Bitdefender Security\bdservicehost.exe <3>
(services.exe ->) (Bitdefender SRL -> Bitdefender) C:\Program Files\Bitdefender\Bitdefender Security\updatesrv.exe
(services.exe ->) (Bitdefender SRL -> Bitdefender) C:\Program Files\Common Files\Bitdefender\SetupInformation\Bitdefender RedLine\bdredline.exe
(services.exe ->) (Conexant Systems LLC -> Conexant Systems LLC.) C:\Windows\System32\CxAudioSvc.exe
(services.exe ->) (Conexant Systems LLC -> Synaptics Incorporated.) C:\Windows\System32\SynAudSrv.exe
(services.exe ->) (Gen Digital Inc. -> Gen Digital Inc.) C:\Program Files\CCleaner\CCleanerPerformanceOptimizerService.exe
(services.exe ->) (Hewlett-Packard Company -> HP) C:\Program Files (x86)\HP\Shared\hpqwmiex.exe
(services.exe ->) (HP Inc. -> HP Inc.) C:\Program Files (x86)\Hewlett-Packard\HP Support Solutions\HPSupportSolutionsFrameworkService.exe
(services.exe ->) (HP Inc. -> HP Inc.) C:\Program Files (x86)\HP\HP JumpStart Bridge\HPJumpStartBridge.exe
(services.exe ->) (HP Inc. -> HP Inc.) C:\Program Files (x86)\HP\HP System Event\HPWMISVC.exe
(services.exe ->) (HP Inc. -> HP Inc.) C:\Program Files\HPCommRecovery\HPCommRecovery.exe
(services.exe ->) (Intel Corporation -> Intel Corporation) C:\Windows\System32\DriverStore\FileRepository\dptf_cpu.inf_amd64_21306a77b30fd6e0\esif_uf.exe
(services.exe ->) (Intel(R) Embedded Subsystems and IP Blocks Group -> Intel Corporation) C:\Windows\System32\DriverStore\FileRepository\dal.inf_amd64_0b214be229a13e84\jhi_service.exe
(services.exe ->) (Intel(R) pGFX 2020 -> Intel Corporation) C:\Windows\System32\DriverStore\FileRepository\igdlh64.inf_amd64_31f4e71363bfa9b6\igfxCUIService.exe
(services.exe ->) (Intel(R) pGFX 2020 -> Intel Corporation) C:\Windows\System32\DriverStore\FileRepository\igdlh64.inf_amd64_31f4e71363bfa9b6\IntelCpHDCPSvc.exe
(services.exe ->) (Intel(R) pGFX 2020 -> Intel Corporation) C:\Windows\System32\DriverStore\FileRepository\igdlh64.inf_amd64_31f4e71363bfa9b6\IntelCpHeciSvc.exe
(services.exe ->) (McAfee, LLC -> McAfee, LLC) C:\Program Files\McAfee\WebAdvisor\servicehost.exe
(services.exe ->) (Microsoft Corporation -> Microsoft Corporation) C:\Windows\Microsoft.NET\Framework64\v3.0\WPF\PresentationFontCache.exe
(services.exe ->) (Microsoft Windows Hardware Compatibility Publisher -> Realtek Semiconductor Corp.) C:\Program Files (x86)\Realtek\REALTEK Bluetooth\BTDevMgr.exe
(services.exe ->) (NVIDIA Corporation -> NVIDIA Corporation) C:\Program Files (x86)\NVIDIA Corporation\NvTelemetry\NvTelemetryContainer.exe
(services.exe ->) (Nvidia Corporation -> NVIDIA Corporation) C:\Program Files\NVIDIA Corporation\Display.NvContainer\NVDisplay.Container.exe <2>
(services.exe ->) (Realtek Semiconductor Corp. -> Realtek Semiconductor Corp.) C:\Windows\RtkBtManServ.exe
(services.exe ->) (Realtek Semiconductor Corp. -> Realtek Semiconductor) C:\Windows\System32\DriverStore\FileRepository\realtekservice.inf_amd64_bb0c442560f99618\RtkAudUService64.exe
(services.exe ->) (Sound Research Corporation -> Sound Research, Corp.) C:\Windows\System32\SECOMN64.exe
(services.exe ->) (Synaptics Incorporated -> Synaptics Incorporated) C:\Windows\System32\SynTPEnhService.exe
(services.exe ->) (TeamViewer GmbH -> TeamViewer GmbH) C:\Program Files (x86)\TeamViewer\TeamViewer_Service.exe
(sihost.exe ->) (Microsoft Windows -> Microsoft Corporation) C:\Program Files\WindowsApps\MicrosoftWindows.CrossDevice_1.25012.50.0_x64__cw5n1h2txyewy\CrossDeviceService.exe
(svchost.exe ->) (HP Inc. -> HP Inc.) C:\Program Files (x86)\Hewlett-Packard\HP Support Solutions\Modules\HPSFReport.exe <2>
(svchost.exe ->) (Microsoft Corporation -> Microsoft Corporation) C:\Program Files\WindowsApps\Microsoft.StartExperiencesApp_1.1.235.0_x64__8wekyb3d8bbwe\MicrosoftStartFeedProvider\MicrosoftStartFeedProvider.exe
(svchost.exe ->) (Microsoft Windows -> Microsoft Corporation) C:\Program Files\WindowsApps\MicrosoftWindows.Client.WebExperience_525.1301.30.0_x64__cw5n1h2txyewy\WidgetBoard.exe
(svchost.exe ->) (Microsoft Windows -> Microsoft Corporation) C:\Windows\System32\smartscreen.exe
(svchost.exe ->) (Microsoft Windows -> Microsoft Corporation) C:\Windows\System32\wlanext.exe
(svchost.exe ->) (Microsoft Windows -> Microsoft Corporation) C:\Windows\SystemApps\Microsoft.Windows.AppRep.ChxApp_cw5n1h2txyewy\CHXSmartScreen.exe
(svchost.exe ->) (Microsoft Windows -> Microsoft Corporation) C:\Windows\UUS\amd64\MoUsoCoreWorker.exe
(SynTPEnhService.exe ->) (Synaptics Incorporated -> Synaptics Incorporated) C:\Windows\System32\SynTPEnh.exe
==================== Registry (Whitelisted) ===================
(If an entry is included in the fixlist, the registry item will be restored to default or removed. The file will not be moved.)
HKLM\...\Run: [RtkAudUService] => C:\WINDOWS\System32\DriverStore\FileRepository\realtekservice.inf_amd64_bb0c442560f99618\RtkAudUService64.exe [1253232 2021-03-10] (Realtek Semiconductor Corp. -> Realtek Semiconductor)
HKLM\...\Run: [Bdagent] => C:\Program Files\Bitdefender\Bitdefender Security App\bdagent.exe [1088224 2025-02-13] (Bitdefender SRL -> Bitdefender)
HKLM-x32\...\Run: [HPMessageService] => C:\Program Files (x86)\HP\HP System Event\HPMSGSVC.exe [709152 2018-03-22] (HP Inc. -> HP Inc.)
HKLM-x32\...\Run: [RtlS5Wake] => C:\Program Files (x86)\Realtek\PCIE Wireless LAN\RtlS5Wake\RtlS5Wake.exe [2097600 2018-02-23] (Realtek Semiconductor Corp. -> Realtek)
HKLM-x32\...\Run: [BCSSync] => C:\Program Files (x86)\Microsoft Office\Office14\BCSSync.exe [91520 2010-03-13] (Microsoft Corporation -> Microsoft Corporation)
HKLM\SOFTWARE\Microsoft\Windows Defender: [DisableAntiSpyware] Restriction <==== ATTENTION
HKLM\SOFTWARE\Microsoft\Windows Defender: [DisableAntiVirus] Restriction <==== ATTENTION
HKLM\SOFTWARE\Policies\Microsoft\Windows\WindowsUpdate: Restriction <==== ATTENTION
HKU\S-1-5-21-1311674592-3799105159-958900802-1001\...\Run: [CCleaner Smart Cleaning] => C:\Program Files\CCleaner\CCleaner64.exe [45452080 2025-02-18] (Gen Digital Inc. -> Gen Digital Inc.)
HKU\S-1-5-21-1311674592-3799105159-958900802-1001\...\Run: [Skype for Desktop] => C:\Program Files (x86)\Microsoft\Skype for Desktop\Skype.exe [123172920 2025-02-05] (Skype Software Sarl -> Skype Technologies S.A.)
HKU\S-1-5-21-1311674592-3799105159-958900802-1001\...\RunOnce: [Delete Cached Update Binary] => C:\WINDOWS\system32\cmd.exe /q /c del /q "C:\Users\Adriana\AppData\Local\Microsoft\OneDrive\Update\OneDriveSetup.exe" (No File)
HKU\S-1-5-21-1311674592-3799105159-958900802-1001\...\RunOnce: [Delete Cached Standalone Update Binary] => C:\WINDOWS\system32\cmd.exe /q /c del /q "C:\Users\Adriana\AppData\Local\Microsoft\OneDrive\StandaloneUpdater\OneDriveSetup.exe" [85447696 2025-03-14] (Microsoft Corporation -> Microsoft Corporation)
HKU\S-1-5-21-1311674592-3799105159-958900802-1001\...\RunOnce: [Uninstall 25.005.0112.0003] => C:\WINDOWS\system32\cmd.exe /q /c rmdir /s /q "C:\Users\Adriana\AppData\Local\Microsoft\OneDrive\25.005.0112.0003" [0 2025-03-14] () <==== ATTENTION [zero byte File/Folder]
HKLM\Software\Microsoft\Active Setup\Installed Components: [{8A69D345-D564-463c-AFF1-A69D9E530F96}] -> C:\Program Files (x86)\Google\Chrome\Application\134.0.6998.89\Installer\chrmstp.exe [2025-03-14] (Google LLC -> Google LLC)
HKLM\Software\...\Authentication\Credential Providers: [{C885AA15-1764-4293-B82A-0586ADD46B35}] ->
HKLM\SOFTWARE\Policies\Mozilla\Firefox: Restriction <==== ATTENTION
HKLM\SOFTWARE\Policies\Google: Restriction <==== ATTENTION
==================== Scheduled Tasks (Whitelisted) =================
(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)
Task: {108725D5-B70E-48E5-B6D3-442C276CDF87} - System32\Tasks\Adobe Acrobat Update Task => C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\AdobeARM.exe [1580992 2024-12-18] (Adobe Inc. -> Adobe Inc.)
Task: {594A7D85-71B8-4EBD-A18C-D58BCB0A7E59} - System32\Tasks\Bitdefender Agent WatchDog_65D6944A0EF74FDAB96E31112AD39864 => C:\Program Files\Bitdefender Agent\27.1.1.11\WatchDog.exe [1156400 2025-02-04] (Bitdefender SRL -> Bitdefender) -> C:\Program Files\Bitdefender Agent\27.1.1.11\repair
Task: {AF454ACC-62B2-448E-833D-EFB3FD6A0D33} - System32\Tasks\CCleaner Update => C:\Program Files\CCleaner\CCUpdate.exe [3480504 2025-02-18] (Gen Digital Inc. -> Gen Digital Inc.)
Task: {0A96937D-25C5-4973-9B3B-C3F6812728C4} - System32\Tasks\CCleanerCrashReporting => C:\Program Files\CCleaner\CCleanerBugReport.exe [6139696 2025-02-18] (Gen Digital Inc. -> Gen Digital Inc.) -> --product 90 --send dumps|report --path "C:\Program Files\CCleaner\LOG" --programpath "C:\Program Files\CCleaner" --guid "6b63015d-8ae8-463a-9c39-fa60b869d7d9" --version "6.33.0.11465" --silent
Task: {9B947384-A2D9-4563-839E-E2A78D38A12B} - System32\Tasks\CCleanerSkipUAC - Adriana => C:\Program Files\CCleaner\CCleaner.exe [39224624 2025-02-18] (Gen Digital Inc. -> Gen Digital Inc.)
Task: {4431CE7A-0262-4EB6-B09E-63524B52448E} - System32\Tasks\GoogleSystem\GoogleUpdater\GoogleUpdaterTaskSystem135.0.7023.0{ED82493A-0174-44DD-9C38-C45D32B6442B} => C:\Program Files (x86)\Google\GoogleUpdater\135.0.7023.0\updater.exe [5745760 2025-02-19] (Google LLC -> Google LLC)
Task: {03E7DF52-5518-49F4-95C6-E30E30CBFF86} - System32\Tasks\Hewlett-Packard\HP Active Health\HP Active Health Scan (HPSA) => C:\Program Files (x86)\Hewlett-Packard\HP Support Framework\Resources\HPActiveHealth\ActiveHealth.exe [198696 2017-09-27] (HP Inc. -> HP Inc.) -> C:\Program Files (x86)\Hewlett-Packard\HP Support Framework\Resources\HPActiveHealth\-task -source HPSA
Task: {0D113D86-BC3A-4425-B228-A3905C008D4F} - System32\Tasks\Hewlett-Packard\HP Support Assistant\HP Support Assistant Quick Start => C:\Program Files (x86)\Hewlett-Packard\HP Support Framework\HPSF.exe [1490800 2017-09-27] (HP Inc. -> HP Inc.) -> C:\Program Files (x86)\Hewlett-Packard\HP Support Framework\\/taskrestart
Task: {A9E2E89F-6FD8-43B4-B035-0F7D780E3757} - System32\Tasks\Hewlett-Packard\HP Support Assistant\HP Support Solutions Framework Report => C:\Program Files (x86)\Hewlett-Packard\HP Support Solutions\Modules\HPSFReport.exe [119664 2017-09-27] (HP Inc. -> HP Inc.)
Task: {6E11CD3E-0B89-4C70-A385-CFB3569B821B} - System32\Tasks\Hewlett-Packard\HP Support Assistant\HP Support Solutions Framework Updater => C:\Program Files (x86)\Hewlett-Packard\HP Support Solutions\Modules\HPSSFUpdater.exe [651632 2017-09-27] (HP Inc. -> HP Inc.) -> C:\Program Files (x86)\Hewlett-Packard\HP Support Solutions\Modules\\/u
Task: {446208E5-D063-4FB4-8DFB-375E283E2F0F} - System32\Tasks\Hewlett-Packard\HP Support Assistant\PC Health Analysis => C:\Program Files (x86)\Hewlett-Packard\HP Support Framework\HPSF.exe [1490800 2017-09-27] (HP Inc. -> HP Inc.) -> C:\Program Files (x86)\Hewlett-Packard\HP Support Framework\\/L Analysis
Task: {0908B236-A45C-489F-A312-9A2F46301A7F} - System32\Tasks\Hewlett-Packard\HP Support Assistant\Product Configurator => C:\Program Files (x86)\Hewlett-Packard\HP Support Framework\Resources\ProductConfig.exe [216432 2017-09-27] (HP Inc. -> HP Inc.) -> C:\Program Files (x86)\Hewlett-Packard\HP Support Framework\\/noreport
Task: {640DF656-4D4F-4E44-A12B-53FCA08CBBCA} - System32\Tasks\HPAudioSwitch => C:\Program Files (x86)\HP\HPAudioSwitch\HPAudioSwitch.exe [1644472 2019-06-21] (HP Inc. -> HP Inc.)
Task: {3F0FE6C2-7FDE-4710-BE6A-F41F8C0F9E69} - System32\Tasks\HPCeeScheduleForAdriana => C:\Program Files (x86)\Hewlett-Packard\HP Ceement\HPCEE.exe [97656 2018-09-10] (HP Inc. -> HP Inc.)
Task: {3ED79A4D-37FF-45B3-8E10-AA621F15F3A1} - System32\Tasks\HPEA3JOBS => C:\Program -> Files\HP\HP ePrint\hpeprint.exe /CheckJobs
Task: {8CB76B84-F85D-4BCC-B8A2-4FBF8FEAED9C} - System32\Tasks\HPJumpStartLaunch => C:\Program Files (x86)\HP\HP JumpStart Launch\HPJumpStartLaunch.exe [461824 2017-10-06] (HP Inc. -> HP Inc.)
Task: {DD2D7A8B-F3DE-47D7-9C42-E856556538DC} - System32\Tasks\McAfee Remediation (Prepare) => C:\Program Files\Common Files\av\McAfee VirusScan\upgrade.exe [4639280 2018-12-02] (McAfee, Inc. -> McAfee, Inc.)
Task: {BAD31A74-644D-4C4D-B210-9E1442E7A2AB} - System32\Tasks\Microsoft\Windows\Clip\ClipESU => %SystemRoot%\system32\clipesu.exe (No File)
Task: {CCDFC0B8-01A3-4E74-A820-4F13F51D269E} - System32\Tasks\Microsoft\Windows\Mobile Broadband Accounts\MNO Metadata Parser => %SystemRoot%\System32\MbaeParserTask.exe (No File)
Task: {C5AD917C-62DC-422E-9C9A-8E906712430D} - System32\Tasks\Microsoft\Windows\rempl\shell => %ProgramFiles%\rempl\sedlauncher.exe (No File)
Task: {6ECC17BA-2F21-4D1D-A937-AF5B7E29ED7A} - System32\Tasks\Microsoft\Windows\UpdateOrchestrator\Reboot => %systemroot%\system32\MusNotification.exe RebootDialog (No File)
Task: {999C0BCE-01B6-4C43-B726-D8EAE49A01A6} - System32\Tasks\Microsoft\Windows\UpdateOrchestrator\Reboot_AC => %systemroot%\system32\MusNotification.exe /RunOnAC RebootDialog (No File)
Task: {5D268192-95A8-4CE7-ADDD-E7E67D345CFA} - System32\Tasks\Microsoft\Windows\UpdateOrchestrator\Reboot_Battery => %systemroot%\system32\MusNotification.exe /RunOnBattery RebootDialog (No File)
Task: {071A0CAF-202C-479A-842A-14246E469140} - System32\Tasks\Microsoft\Windows\UpdateOrchestrator\USO_Broker_Display => %systemroot%\system32\MusNotification.exe Display (No File)
Task: {E0F10DCF-44AD-40E8-9370-FB5DA59F93FB} - System32\Tasks\Microsoft\Windows\UpdateOrchestrator\USO_UxBroker => %systemroot%\system32\MusNotification.exe (No File)
Task: {B574CFD8-80B4-4727-9727-ABD6D0DA1489} - System32\Tasks\NvDriverUpdateCheckDaily_{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8} => C:\Program Files\NVIDIA Corporation\NvContainer\nvcontainer.exe [519240 2018-02-26] (NVIDIA Corporation -> NVIDIA Corporation) -> C:\Program Files\NVIDIA Corporation\NvContainer\-d "C:\Program Files\NVIDIA Corporation\NvDriverUpdateCheck" -l 3 -f C:\ProgramData\NVIDIA\NvContainerDriverUpdateCheck.log
Task: {F80000BE-7692-44F0-8100-0145DC83A23A} - System32\Tasks\NVIDIA GeForce Experience SelfUpdate_{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8} => C:\Program Files (x86)\NVIDIA Corporation\NVIDIA GeForce Experience\NVIDIA GeForce Experience.exe [1930312 2018-02-26] (NVIDIA Corporation -> NVIDIA Corporation)
Task: {2656115C-2866-41E5-BAB3-39B6E2BCC9FF} - System32\Tasks\NvNodeLauncher_{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8} => C:\Program Files (x86)\NVIDIA Corporation\NvNode\nvnodejslauncher.exe [968264 2018-02-26] (NVIDIA Corporation -> NVIDIA Corporation) -> C:\Program Files (x86)\NVIDIA Corporation\NvNode\--launcher=TaskScheduler
Task: {46983F1F-2551-44BD-935F-D97F4A902BD9} - System32\Tasks\NvProfileUpdaterDaily_{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8} => C:\Program Files\NVIDIA Corporation\Update Core\NvProfileUpdater64.exe [660040 2018-02-26] (NVIDIA Corporation -> NVIDIA Corporation)
Task: {30FBE744-DB6C-4595-87E0-0C76DC7FE076} - System32\Tasks\NvProfileUpdaterOnLogon_{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8} => C:\Program Files\NVIDIA Corporation\Update Core\NvProfileUpdater64.exe [660040 2018-02-26] (NVIDIA Corporation -> NVIDIA Corporation)
Task: {866F1105-3BE7-4F17-8FC9-2E919D079A89} - System32\Tasks\NvTmMon_{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8} => C:\Program Files (x86)\NVIDIA Corporation\Update Core\NvTmMon.exe [524360 2018-02-26] (NVIDIA Corporation -> NVIDIA Corporation)
Task: {9C9F4E3B-94C8-4C87-96BC-EE4C4340CA75} - System32\Tasks\NvTmRep_{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8} => C:\Program Files (x86)\NVIDIA Corporation\Update Core\NvTmRep.exe [746056 2018-02-26] (NVIDIA Corporation -> NVIDIA Corporation)
Task: {CCB04FD2-F175-4A67-B46B-2CEDB1BF3C28} - System32\Tasks\NvTmRepOnLogon_{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8} => C:\Program Files (x86)\NVIDIA Corporation\Update Core\NvTmRep.exe [746056 2018-02-26] (NVIDIA Corporation -> NVIDIA Corporation) -> C:\Program Files (x86)\NVIDIA Corporation\Update Core\--logon
Task: {4143F5DA-055D-4F6E-A7C6-734F9ADC2886} - System32\Tasks\OneDrive Startup Task-S-1-5-21-1311674592-3799105159-958900802-1001 => C:\Users\Adriana\AppData\Local\Microsoft\OneDrive\25.020.0202.0001\OneDriveLauncher.exe [669200 2025-03-14] (Microsoft Corporation -> Microsoft Corporation)
(If an entry is included in the fixlist, the task (.job) file will be moved. The file which is running by the task will not be moved.)
Task: C:\WINDOWS\Tasks\CCleanerCrashReporting.job => C:\Program Files\CCleaner\CCleanerBugReport.exe
Task: C:\WINDOWS\Tasks\HPCeeScheduleForAdriana.job => C:\Program Files (x86)\Hewlett-Packard\HP Ceement\HPCEE.exe
==================== Internet (Whitelisted) ====================
(If an item is included in the fixlist, if it is a registry item it will be removed or restored to default.)
Tcpip\Parameters: [DhcpNameServer] 192.168.0.254 217.196.124.1 85.163.122.11
Tcpip\..\Interfaces\{5fa6618d-07a4-45ab-aa33-34b964ca940c}: [DhcpNameServer] 192.168.0.254 217.196.124.1 85.163.122.11
Edge:
=======
Edge DefaultProfile: Default
Edge Profile: C:\Users\Adriana\AppData\Local\Microsoft\Edge\User Data\Default [2025-03-14]
Edge Extension: (Dokumenty Google offline) - C:\Users\Adriana\AppData\Local\Microsoft\Edge\User Data\Default\Extensions\ghbmnnjooekpmoecnnnilnnbdlolhkhi [2024-11-16]hxxps://clients2.google.com/service/update2/crx
Edge Extension: (Malwarebytes Browser Guard) - C:\Users\Adriana\AppData\Local\Microsoft\Edge\User Data\Default\Extensions\ihcjicgdanjaechkgeegckofjjedodee [2024-11-04]hxxps://clients2.google.com/service/update2/crx
Edge Extension: (Edge relevant text changes) - C:\Users\Adriana\AppData\Local\Microsoft\Edge\User Data\Default\Extensions\jmjflgjpcpepeafmmgdpfkogkghcpiha [2024-01-26]hxxps://edge.microsoft.com/extensionwebstorebase/v1/crx
Edge HKLM-x32\...\Edge\Extension: [ihcjicgdanjaechkgeegckofjjedodee]
FireFox:
========
FF HKLM\...\Firefox\Extensions: [{4ED1F68A-5463-4931-9384-8FFF5ED91D92}] - C:\Program Files\McAfee\WebAdvisor\e10ssaffplg.xpi
FF Extension: (McAfee® WebAdvisor) - C:\Program Files\McAfee\WebAdvisor\e10ssaffplg.xpi [2025-03-14] [UpdateUrl:hxxps://sadownload.mcafee.com/products/SA/Win/xpi/webadvisor/update.json]
FF HKLM-x32\...\Firefox\Extensions: [{4ED1F68A-5463-4931-9384-8FFF5ED91D92}] - C:\Program Files\McAfee\WebAdvisor\e10ssaffplg.xpi
FF Plugin: @microsoft.com/OfficeAuthz,version=14.0 -> C:\PROGRA~1\MICROS~1\Office14\NPAUTHZ.DLL [2010-01-09] (Microsoft Corporation -> Microsoft Corporation)
FF Plugin: @videolan.org/vlc,version=3.0.6 -> C:\Program Files\VideoLAN\VLC\npvlc.dll [2019-01-10] (VideoLAN -> VideoLAN)
FF Plugin: Adobe Acrobat -> C:\Program Files\Adobe\Acrobat DC\Acrobat\Air\nppdf32.dll [2025-01-29] (Adobe Inc. -> Adobe Systems Inc.)
FF Plugin-x32: @microsoft.com/OfficeAuthz,version=14.0 -> C:\PROGRA~2\MICROS~3\Office14\NPAUTHZ.DLL [2010-01-09] (Microsoft Corporation -> Microsoft Corporation)
FF Plugin-x32: @microsoft.com/SharePoint,version=14.0 -> C:\PROGRA~2\MICROS~3\Office14\NPSPWRAP.DLL [2010-03-24] (Microsoft Corporation -> Microsoft Corporation)
Chrome:
=======
CHR Profile: C:\Users\Adriana\AppData\Local\Google\Chrome\User Data\Default [2025-03-14]
CHR Notifications: Default -> hxxps://calendar.google.com; hxxps://meet.google.com; hxxps://web.skype.com
CHR HomePage: Default -> hxxp://www.google.com/
CHR StartupUrls: Default -> "hxxp://www.google.com/"
CHR DefaultSearchURL: Default -> hxxps://search.yahoo.com/search?fr=mcafee_uninternational&type=E210CZ91105G0&p={searchTerms}
CHR DefaultSearchKeyword: Default -> mcafee
CHR Session Restore: Default -> is enabled.
CHR Extension: (Adobe Acrobat: PDF edit, convert, sign tools) - C:\Users\Adriana\AppData\Local\Google\Chrome\User Data\Default\Extensions\efaidnbmnnnibpcajpcglclefindmkaj [2025-02-27]hxxps://clients2.google.com/service/update2/crx
CHR Extension: (Avast SafePrice) - C:\Users\Adriana\AppData\Local\Google\Chrome\User Data\Default\Extensions\eofcbnmajmjmplflapaojjnihcjkigck [2025-01-25]hxxps://clients2.google.com/service/update2/crx
CHR Extension: (McAfee® WebAdvisor) - C:\Users\Adriana\AppData\Local\Google\Chrome\User Data\Default\Extensions\fheoggkfdfchfphceeifdbepaooicaho [2025-03-14]hxxps://clients2.google.com/service/update2/crx
CHR Extension: (Dokumenty Google offline) - C:\Users\Adriana\AppData\Local\Google\Chrome\User Data\Default\Extensions\ghbmnnjooekpmoecnnnilnnbdlolhkhi [2025-03-14]hxxps://clients2.google.com/service/update2/crx
CHR Extension: (Malwarebytes Browser Guard) - C:\Users\Adriana\AppData\Local\Google\Chrome\User Data\Default\Extensions\ihcjicgdanjaechkgeegckofjjedodee [2025-03-14]hxxps://clients2.google.com/service/update2/crx
CHR Extension: (Platby Internetového obchodu Chrome) - C:\Users\Adriana\AppData\Local\Google\Chrome\User Data\Default\Extensions\nmmhkkegccagdldgiimedpiccmgmieda [2021-01-31]hxxps://clients2.google.com/service/update2/crx
CHR HKLM\...\Chrome\Extension: [fheoggkfdfchfphceeifdbepaooicaho]
CHR HKLM-x32\...\Chrome\Extension: [efaidnbmnnnibpcajpcglclefindmkaj]
CHR HKLM-x32\...\Chrome\Extension: [eofcbnmajmjmplflapaojjnihcjkigck]
CHR HKLM-x32\...\Chrome\Extension: [fheoggkfdfchfphceeifdbepaooicaho]
CHR HKLM-x32\...\Chrome\Extension: [ihcjicgdanjaechkgeegckofjjedodee]
==================== Services (Whitelisted) ===================
(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)
R2 AdobeARMservice; C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\armsvc.exe [174520 2024-12-18] (Adobe Inc. -> Adobe Inc.)
R2 BDAppSrv; C:\Program Files\Bitdefender\Bitdefender Security App\bdservicehost.exe [851640 2025-02-13] (Bitdefender SRL -> Bitdefender)
R2 BDAuxSrv; C:\Program Files\Bitdefender\Bitdefender Security\bdservicehost.exe [852152 2025-02-27] (Bitdefender SRL -> Bitdefender)
R2 BDProtSrv; C:\Program Files\Bitdefender\Bitdefender Security\bdservicehost.exe [852152 2025-02-27] (Bitdefender SRL -> Bitdefender)
R2 bdredline; C:\Program Files\Common Files\Bitdefender\SetupInformation\Bitdefender RedLine\bdredline.exe [2946088 2023-08-31] (Bitdefender SRL -> Bitdefender)
R2 bdredline_agent; C:\Program Files\Bitdefender Agent\redline\bdredline.exe [2577184 2023-07-20] (Bitdefender SRL -> Bitdefender)
R2 BDSafepaySrv; C:\Program Files\Bitdefender\Bitdefender Security App\Safepay\bdservicehost.exe [852152 2025-02-27] (Bitdefender SRL -> Bitdefender)
R2 BTDevManager; C:\Program Files (x86)\REALTEK\Realtek Bluetooth\BTDevMgr.exe [679400 2018-04-02] (Microsoft Windows Hardware Compatibility Publisher -> Realtek Semiconductor Corp.)
R3 CCleanerPerformanceOptimizerService; C:\Program Files\CCleaner\CCleanerPerformanceOptimizerService.exe [1088816 2025-02-18] (Gen Digital Inc. -> Gen Digital Inc.)
R2 HP Comm Recover; C:\Program Files\HPCommRecovery\HPCommRecovery.exe [1321096 2018-09-28] (HP Inc. -> HP Inc.)
R2 HPJumpStartBridge; c:\Program Files (x86)\HP\HP JumpStart Bridge\HPJumpStartBridge.exe [477184 2017-10-06] (HP Inc. -> HP Inc.)
R3 hpqcaslwmiex; C:\Program Files (x86)\HP\Shared\hpqwmiex.exe [1031704 2016-06-03] (Hewlett-Packard Company -> HP)
R2 HPSupportSolutionsFrameworkService; C:\Program Files (x86)\Hewlett-Packard\HP Support Solutions\HPSupportSolutionsFrameworkService.exe [323952 2017-09-27] (HP Inc. -> HP Inc.)
R2 HPWMISVC; c:\Program Files (x86)\HP\HP System Event\HPWMISVC.exe [628768 2017-07-13] (HP Inc. -> HP Inc.)
R2 McAfee WebAdvisor; C:\Program Files\McAfee\WebAdvisor\ServiceHost.exe [929792 2025-03-14] (McAfee, LLC -> McAfee, LLC)
R2 ProductAgentService; C:\Program Files\Bitdefender Agent\ProductAgentService.exe [750872 2025-02-04] (Bitdefender SRL -> Bitdefender)
R2 TeamViewer; C:\Program Files (x86)\TeamViewer\TeamViewer_Service.exe [11795800 2019-04-15] (TeamViewer GmbH -> TeamViewer GmbH)
R2 UPDATESRV; C:\Program Files\Bitdefender\Bitdefender Security\updatesrv.exe [291224 2025-02-27] (Bitdefender SRL -> Bitdefender)
R2 VSSERV; C:\Program Files\Bitdefender\Bitdefender Security\bdservicehost.exe [852152 2025-02-27] (Bitdefender SRL -> Bitdefender)
S3 WdNisSvc; C:\ProgramData\Microsoft\Windows Defender\Platform\4.18.2301.6-0\NisSrv.exe [3191256 2023-02-16] (Microsoft Windows Publisher -> Microsoft Corporation)
S3 WinDefend; C:\ProgramData\Microsoft\Windows Defender\Platform\4.18.2301.6-0\MsMpEng.exe [133576 2023-02-16] (Microsoft Windows Publisher -> Microsoft Corporation)
===================== Drivers (Whitelisted) ===================
(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)
R1 atc; C:\WINDOWS\System32\DRIVERS\atc.sys [7643696 2025-02-13] (Microsoft Windows Hardware Compatibility Publisher -> Bitdefender S.R.L. Bucharest, ROMANIA)
R2 BdDci4; C:\WINDOWS\system32\DRIVERS\bddci4.sys [971312 2025-02-27] (Microsoft Windows Hardware Compatibility Publisher -> Bitdefender)
S0 bdelam; C:\WINDOWS\System32\drivers\bdelam.sys [24568 2023-11-17] (Microsoft Windows Early Launch Anti-malware Publisher -> Bitdefender)
S3 bdprivmon; C:\WINDOWS\System32\DRIVERS\bdprivmon.sys [49200 2023-08-21] (Microsoft Windows Hardware Compatibility Publisher -> Bitdefender SRL)
S3 bduefiscan; C:\WINDOWS\system32\DRIVERS\bduefiscan.sys [42432 2024-09-13] (Microsoft Windows Hardware Compatibility Publisher -> Bitdefender)
S3 BthA2dp; C:\WINDOWS\System32\drivers\BthA2dp.sys [544768 2024-11-12] (Microsoft Corporation) [File not signed]
S3 BthHFEnum; C:\WINDOWS\System32\drivers\bthhfenum.sys [188416 2024-11-12] (Microsoft Corporation) [File not signed]
S3 BTHMODEM; C:\WINDOWS\System32\drivers\bthmodem.sys [106496 2022-05-07] (Microsoft Corporation) [File not signed]
R1 Gemma; C:\WINDOWS\System32\DRIVERS\gemma.sys [1791064 2025-02-13] (Microsoft Windows Hardware Compatibility Publisher -> BitDefender S.R.L. Bucharest, ROMANIA)
S3 Ignisv2; C:\WINDOWS\system32\DRIVERS\ignisv2.sys [849968 2024-05-31] (Microsoft Windows Hardware Compatibility Publisher -> Bitdefender)
R3 rtcx21; C:\WINDOWS\System32\DriverStore\FileRepository\rtcx21x64.inf_amd64_516e5c9b75c49dc2\rtcx21x64.sys [539648 2022-05-06] (Microsoft Windows -> Realtek)
R2 trufos; C:\WINDOWS\System32\DRIVERS\trufos.sys [629184 2023-11-17] (Microsoft Windows Hardware Compatibility Publisher -> Bitdefender)
R0 vlflt; C:\WINDOWS\System32\DRIVERS\vlflt.sys [1403456 2024-11-20] (Microsoft Windows Hardware Compatibility Publisher -> Bitdefender)
S3 WdBoot; C:\WINDOWS\system32\drivers\wd\WdBoot.sys [49576 2023-02-16] (Microsoft Windows Early Launch Anti-malware Publisher -> Microsoft Corporation)
S3 WdFilter; C:\WINDOWS\system32\drivers\wd\WdFilter.sys [473336 2023-02-16] (Microsoft Windows -> Microsoft Corporation)
S3 WdNisDrv; C:\WINDOWS\System32\drivers\wd\WdNisDrv.sys [99576 2023-02-16] (Microsoft Windows -> Microsoft Corporation)
R3 WirelessButtonDriver64; C:\WINDOWS\System32\drivers\WirelessButtonDriver64.sys [40200 2023-11-17] (HP Inc. -> HP)
==================== NetSvcs (Whitelisted) ===================
(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)
==================== One month (created) (Whitelisted) =========
(If an entry is included in the fixlist, the file/folder will be moved.)
2025-03-14 12:27 - 2025-03-14 12:28 - 000030203 ____C C:\Users\Adriana\Downloads\FRST.txt
2025-03-14 12:26 - 2025-03-14 12:27 - 000000000 ____D C:\FRST
2025-03-14 12:25 - 2025-03-14 12:25 - 002404352 ____C (Farbar) C:\Users\Adriana\Downloads\FRST64.exe
2025-03-14 12:23 - 2025-03-14 12:24 - 002097152 ____C (Farbar) C:\Users\Adriana\Downloads\FRST.exe
2025-03-14 11:56 - 2025-03-14 12:15 - 000002836 _____ C:\WINDOWS\system32\Tasks\CCleanerCrashReporting
2025-03-14 11:50 - 2025-03-14 11:50 - 000762760 _____ C:\WINDOWS\system32\perfh005.dat
2025-03-14 11:50 - 2025-03-14 11:50 - 000169372 _____ C:\WINDOWS\system32\perfc005.dat
2025-02-27 13:15 - 2025-02-27 13:15 - 000000000 ____D C:\WINDOWS\Minidump
2025-02-27 11:03 - 2025-02-27 11:03 - 000090920 _____ C:\ProgramData\agent.update.1740650573.bdinstall.v2.bin
2025-02-27 10:22 - 2025-03-14 12:14 - 000000000 ____D C:\ProgramData\BDLogging
2025-02-27 09:57 - 2025-02-27 09:57 - 000000000 ____H C:\Users\Adriana\BITA6AD.tmp
2025-02-13 10:23 - 2025-02-13 10:23 - 000027135 _____ C:\WINDOWS\SysWOW64\IntegratedServicesRegionPolicySet.json
2025-02-13 10:20 - 2025-02-13 10:20 - 000027135 _____ C:\WINDOWS\system32\IntegratedServicesRegionPolicySet.json
2025-02-13 09:23 - 2025-03-14 12:03 - 000003574 _____ C:\WINDOWS\system32\Tasks\OneDrive Startup Task-S-1-5-21-1311674592-3799105159-958900802-1001
==================== One month (modified) ==================
(If an entry is included in the fixlist, the file/folder will be moved.)
2025-03-14 12:29 - 2022-05-07 06:24 - 000000000 ____D C:\ProgramData\regid.1991-06.com.microsoft
2025-03-14 12:20 - 2024-11-12 15:03 - 000000000 ____D C:\Program Files\CCleaner
2025-03-14 12:19 - 2022-05-07 06:24 - 000000000 ___HD C:\Program Files\WindowsApps
2025-03-14 12:19 - 2022-05-07 06:24 - 000000000 ____D C:\WINDOWS\AppReadiness
2025-03-14 12:15 - 2024-11-12 15:03 - 000000670 _____ C:\WINDOWS\Tasks\CCleanerCrashReporting.job
2025-03-14 12:11 - 2022-05-07 06:24 - 000000000 ____D C:\WINDOWS\SystemTemp
2025-03-14 12:07 - 2020-06-06 11:13 - 000002443 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Microsoft Edge.lnk
2025-03-14 12:07 - 2020-06-06 11:13 - 000002281 _____ C:\Users\Public\Desktop\Microsoft Edge.lnk
2025-03-14 12:03 - 2024-11-12 20:27 - 000003588 _____ C:\WINDOWS\system32\Tasks\OneDrive Reporting Task-S-1-5-21-1311674592-3799105159-958900802-1001
2025-03-14 12:03 - 2024-11-12 20:27 - 000003382 _____ C:\WINDOWS\system32\Tasks\OneDrive Standalone Update Task-S-1-5-21-1311674592-3799105159-958900802-1001
2025-03-14 12:03 - 2020-09-07 18:29 - 000002390 ____C C:\Users\Adriana\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\OneDrive.lnk
2025-03-14 11:55 - 2024-11-12 20:27 - 000003640 _____ C:\WINDOWS\system32\Tasks\MicrosoftEdgeUpdateTaskMachineUA
2025-03-14 11:55 - 2024-11-12 20:27 - 000003516 _____ C:\WINDOWS\system32\Tasks\MicrosoftEdgeUpdateTaskMachineCore
2025-03-14 11:53 - 2019-04-18 14:35 - 000002308 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Google Chrome.lnk
2025-03-14 11:53 - 2019-04-18 14:35 - 000002267 _____ C:\Users\Public\Desktop\Google Chrome.lnk
2025-03-14 11:50 - 2024-11-12 20:17 - 001822392 _____ C:\WINDOWS\system32\PerfStringBackup.INI
2025-03-14 11:50 - 2022-05-07 06:22 - 000000000 ____D C:\WINDOWS\INF
2025-03-14 11:45 - 2020-06-24 16:05 - 000000000 ___DC C:\Users\Adriana\AppData\Roaming\Microsoft\Skype for Desktop
2025-03-14 11:44 - 2018-11-24 15:15 - 000000000 ___DC C:\Users\Adriana\AppData\Local\Packages
2025-03-14 11:43 - 2024-11-12 20:27 - 000000006 ____H C:\WINDOWS\Tasks\SA.DAT
2025-03-14 11:43 - 2024-11-12 20:14 - 000000000 ____D C:\WINDOWS\system32\SleepStudy
2025-03-14 11:43 - 2024-11-12 19:27 - 000000000 ____D C:\Users\Adriana
2025-03-14 11:43 - 2022-05-07 06:24 - 000000000 ____D C:\WINDOWS\ServiceState
2025-03-14 11:43 - 2022-05-07 06:17 - 000131072 _____ C:\WINDOWS\system32\config\ELAM
2025-03-14 11:43 - 2020-09-07 18:27 - 000012288 ___SH C:\DumpStack.log.tmp
2025-03-14 11:43 - 2019-04-18 15:58 - 000000000 ____D C:\Program Files (x86)\TeamViewer
2025-03-14 11:43 - 2018-11-24 15:15 - 000000000 _SHDC C:\Users\Adriana\IntelGraphicsProfiles
2025-03-14 11:43 - 2018-11-24 13:03 - 000000000 ____D C:\ProgramData\NVIDIA
2025-03-14 11:43 - 2018-11-24 12:59 - 000000000 ___DC C:\Intel
2025-02-27 13:15 - 2024-11-12 20:26 - 000013338 _____ C:\WINDOWS\diagwrn.xml
2025-02-27 13:15 - 2024-11-12 20:26 - 000013338 _____ C:\WINDOWS\diagerr.xml
2025-02-27 13:15 - 2024-04-01 18:09 - 000000000 ___HD C:\$WINDOWS.~BT
2025-02-27 12:58 - 2024-11-12 15:34 - 000000000 ___DC C:\WINDOWS\Panther
2025-02-27 11:03 - 2024-11-12 20:27 - 000003842 _____ C:\WINDOWS\system32\Tasks\Bitdefender Agent WatchDog_65D6944A0EF74FDAB96E31112AD39864
2025-02-27 11:03 - 2023-02-20 17:38 - 000000000 ____D C:\Program Files\Bitdefender Agent
2025-02-27 10:20 - 2024-11-12 20:27 - 000003936 _____ C:\WINDOWS\system32\Tasks\CCleaner Update
2025-02-27 10:19 - 2024-07-15 14:27 - 000971312 _____ (Bitdefender) C:\WINDOWS\system32\Drivers\bddci4.sys
2025-02-27 10:05 - 2020-06-24 16:05 - 000000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Skype
2025-02-27 10:03 - 2022-05-07 06:17 - 000524288 _____ C:\WINDOWS\system32\config\BBI
2025-02-27 10:03 - 2022-03-04 13:25 - 000000372 _____ C:\WINDOWS\Tasks\HPCeeScheduleForAdriana.job
2025-02-27 10:02 - 2024-11-12 20:27 - 000004562 _____ C:\WINDOWS\system32\Tasks\Adobe Acrobat Update Task
2025-02-27 09:57 - 2024-11-12 20:27 - 000003272 _____ C:\WINDOWS\system32\Tasks\HPCeeScheduleForAdriana
2025-02-27 09:53 - 2019-04-18 13:52 - 000000000 ___DC C:\Users\Adriana\AppData\Local\D3DSCache
2025-02-13 12:25 - 2024-11-12 20:14 - 000583872 _____ C:\WINDOWS\system32\FNTCACHE.DAT
2025-02-13 12:23 - 2024-11-12 19:06 - 000000000 ____D C:\WINDOWS\system32\Microsoft-Edge-WebView
2025-02-13 12:23 - 2024-11-12 19:06 - 000000000 ____D C:\WINDOWS\InboxApps
2025-02-13 12:23 - 2022-05-07 06:24 - 000000000 ___SD C:\WINDOWS\system32\UNP
2025-02-13 12:23 - 2022-05-07 06:24 - 000000000 ___SD C:\WINDOWS\system32\F12
2025-02-13 12:23 - 2022-05-07 06:24 - 000000000 ___RD C:\WINDOWS\PrintDialog
2025-02-13 12:23 - 2022-05-07 06:24 - 000000000 ___RD C:\WINDOWS\ImmersiveControlPanel
2025-02-13 12:23 - 2022-05-07 06:24 - 000000000 ____D C:\WINDOWS\UUS
2025-02-13 12:23 - 2022-05-07 06:24 - 000000000 ____D C:\WINDOWS\SysWOW64\setup
2025-02-13 12:23 - 2022-05-07 06:24 - 000000000 ____D C:\WINDOWS\SysWOW64\Dism
2025-02-13 12:23 - 2022-05-07 06:24 - 000000000 ____D C:\WINDOWS\SystemResources
2025-02-13 12:23 - 2022-05-07 06:24 - 000000000 ____D C:\WINDOWS\system32\WinBioPlugIns
2025-02-13 12:23 - 2022-05-07 06:24 - 000000000 ____D C:\WINDOWS\system32\ShellExperiences
2025-02-13 12:23 - 2022-05-07 06:24 - 000000000 ____D C:\WINDOWS\system32\Sgrm
2025-02-13 12:23 - 2022-05-07 06:24 - 000000000 ____D C:\WINDOWS\system32\setup
2025-02-13 12:23 - 2022-05-07 06:24 - 000000000 ____D C:\WINDOWS\system32\PerceptionSimulation
2025-02-13 12:23 - 2022-05-07 06:24 - 000000000 ____D C:\WINDOWS\system32\oobe
2025-02-13 12:23 - 2022-05-07 06:24 - 000000000 ____D C:\WINDOWS\system32\migwiz
2025-02-13 12:23 - 2022-05-07 06:24 - 000000000 ____D C:\WINDOWS\system32\HealthAttestationClient
2025-02-13 12:23 - 2022-05-07 06:24 - 000000000 ____D C:\WINDOWS\system32\Dism
2025-02-13 12:23 - 2022-05-07 06:24 - 000000000 ____D C:\WINDOWS\system32\appraiser
2025-02-13 12:23 - 2022-05-07 06:24 - 000000000 ____D C:\WINDOWS\ShellExperiences
2025-02-13 12:23 - 2022-05-07 06:24 - 000000000 ____D C:\WINDOWS\ShellComponents
2025-02-13 12:23 - 2022-05-07 06:24 - 000000000 ____D C:\WINDOWS\bcastdvr
2025-02-13 10:30 - 2022-05-07 06:17 - 000000000 ____D C:\WINDOWS\CbsTemp
2025-02-13 10:23 - 2024-11-12 20:15 - 003213312 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\PrintConfig.dll
2025-02-13 09:54 - 2019-04-18 15:15 - 000000000 ____D C:\WINDOWS\system32\MRT
2025-02-13 09:46 - 2019-04-18 15:15 - 209365816 ____C (Microsoft Corporation) C:\WINDOWS\system32\MRT.exe
2025-02-13 09:39 - 2023-03-02 12:26 - 001791064 _____ (BitDefender S.R.L. Bucharest, ROMANIA) C:\WINDOWS\system32\Drivers\gemma.sys
2025-02-13 09:37 - 2023-02-20 17:44 - 007643696 _____ (Bitdefender S.R.L. Bucharest, ROMANIA) C:\WINDOWS\system32\Drivers\atc.sys
2025-02-13 09:31 - 2022-10-12 17:30 - 000002080 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Adobe Acrobat.lnk
2025-02-13 09:31 - 2022-10-12 17:30 - 000002068 _____ C:\Users\Public\Desktop\Adobe Acrobat.lnk
==================== SigCheck ============================
(There is no automatic fix for files that do not pass verification.)
==================== End of FRST.txt ========================
Odvirování PC, zrychlení počítače, vzdálená pomoc prostřednictvím služby neslape.cz
Prosím o preventivní kontrolu
Moderátor: Moderátoři
Pravidla fóra
Pokud chcete pomoc, vložte log z FRST [návod zde] nebo RSIT [návod zde]
Jednotlivé thready budou po vyřešení uzamčeny. Stejně tak ty, které budou nečinné déle než 14 dní. Vizte Pravidlo o zamykání témat. Děkujeme za pochopení.
!NOVINKA!
Nově lze využívat služby vzdálené pomoci, kdy se k vašemu počítači připojí odborník a bližší informace o problému si od vás získá telefonicky! Více na www.neslape.cz
Pokud chcete pomoc, vložte log z FRST [návod zde] nebo RSIT [návod zde]
Jednotlivé thready budou po vyřešení uzamčeny. Stejně tak ty, které budou nečinné déle než 14 dní. Vizte Pravidlo o zamykání témat. Děkujeme za pochopení.
!NOVINKA!
Nově lze využívat služby vzdálené pomoci, kdy se k vašemu počítači připojí odborník a bližší informace o problému si od vás získá telefonicky! Více na www.neslape.cz
-
Pyroman21cz
- Návštěvník
- Příspěvky: 51
- Registrován: 20 úno 2008 21:35
-
Rudy
- Site Admin
- Příspěvky: 119309
- Registrován: 30 říj 2003 13:42
- Bydliště: Plzeň
- Kontaktovat uživatele:
Re: Prosím o preventivní kontrolu
Zdravím!
Přidejte ještě log Additin, abych to mohl kompletně prohlénout. Máte ho v C:\Users\Adriana\Downloads. Děkuji.
Přidejte ještě log Additin, abych to mohl kompletně prohlénout. Máte ho v C:\Users\Adriana\Downloads. Děkuji.
Dotazy a logy vkládejte pouze do vašich threadů. Soukromé zprávy, icq a e-maily neslouží k řešení vašich problémů.
Podpořte, prosím, naše fórum : https://platba.viry.cz/payment/.
Navštivte:
e-mail: rudy(zavináč)forum.viry.cz
Varování: Před odvirováním PC si udělejte zálohy svých důležitých dat (pošta, kontakty, dokumenty, fotografie, videa, hudba apod.). Virus mimo svých "viditelných" aktivit může poškodit systém!
Po dořešení vašeho problému bude vlákno zamknuto. Stejně tak tehdy, pokud bude nečinné více než 14dnů. Pokud budete chtít vlákno aktivovat, napište mi na mail uvedený výše.
Podpořte, prosím, naše fórum : https://platba.viry.cz/payment/.
Navštivte:
e-mail: rudy(zavináč)forum.viry.cz
Varování: Před odvirováním PC si udělejte zálohy svých důležitých dat (pošta, kontakty, dokumenty, fotografie, videa, hudba apod.). Virus mimo svých "viditelných" aktivit může poškodit systém!
Po dořešení vašeho problému bude vlákno zamknuto. Stejně tak tehdy, pokud bude nečinné více než 14dnů. Pokud budete chtít vlákno aktivovat, napište mi na mail uvedený výše.
-
Pyroman21cz
- Návštěvník
- Příspěvky: 51
- Registrován: 20 úno 2008 21:35
Re: Prosím o preventivní kontrolu
Dobrý den, přidávám.
Additional scan result of Farbar Recovery Scan Tool (x64) Version: 14-03-2025
Ran by Adriana (14-03-2025 12:30:18)
Running from C:\Users\Adriana\Downloads
Microsoft Windows 11 Home Version 23H2 22631.4890 (X64) (2024-11-12 19:27:44)
Boot Mode: Normal
==========================================================
==================== Accounts: =============================
(If an entry is included in the fixlist, it will be removed.)
Administrator (S-1-5-21-1311674592-3799105159-958900802-500 - Administrator - Disabled)
Adriana (S-1-5-21-1311674592-3799105159-958900802-1001 - Administrator - Enabled) => C:\Users\Adriana
DefaultAccount (S-1-5-21-1311674592-3799105159-958900802-503 - Limited - Disabled)
Guest (S-1-5-21-1311674592-3799105159-958900802-501 - Limited - Disabled)
WDAGUtilityAccount (S-1-5-21-1311674592-3799105159-958900802-504 - Limited - Disabled)
==================== Security Center ========================
(If an entry is included in the fixlist, it will be removed.)
AV: Bitdefender Antivirus (Enabled - Out of date) {0F59B032-EA77-E3A8-2382-74A4346E5522}
AV: Windows Defender (Disabled - Up to date) {D68DDC3A-831F-4fae-9E44-DA132C1ACF46}
==================== Installed Programs ======================
(Only the adware programs with "Hidden" flag could be added to the fixlist to unhide them. The adware programs should be uninstalled manually.)
Adobe Acrobat (64-bit) (HKLM\...\{AC76BA86-1029-1033-7760-BC15014EA700}) (Version: 24.005.20399 - Adobe)
Adobe Refresh Manager (HKLM-x32\...\{AC76BA86-0804-1033-1959-018244601108}) (Version: 1.8.0 - Adobe Systems Incorporated) Hidden
Altap Salamander 3.07 (x64) (HKLM\...\Altap Salamander 3.07 (x64)) (Version: 3.07 - ALTAP)
Bitdefender Agent (HKLM\...\Bitdefender Agent) (Version: 27.1.1.11 - Bitdefender)
Bitdefender Antivirus Free (HKLM\...\Bitdefender) (Version: 26.0.32.109 - Bitdefender)
Bonjour (HKLM\...\{6E3610B2-430D-4EB0-81E3-2B57E8B9DE8D}) (Version: 3.0.0.10 - Apple Inc.)
CCleaner (HKLM\...\CCleaner) (Version: 6.33 - Piriform)
Energy Star (HKLM\...\{5CB22648-35F8-41BC-9C35-1E41FE6E12A5}) (Version: 1.1.1 - HP Inc.)
FastStone Image Viewer 7.0 (HKLM-x32\...\FastStone Image Viewer) (Version: 7.0 - FastStone Soft)
Google Chrome (HKLM-x32\...\Google Chrome) (Version: 134.0.6998.89 - Google LLC)
HP Audio Switch (HKLM-x32\...\{3A5141D4-47DB-4302-9B1C-272BE585BC8A}) (Version: 1.0.179.0 - HP Inc.)
HP Connection Optimizer (HKLM-x32\...\{6468C4A5-E47E-405F-B675-A70A70983EA6}) (Version: 2.0.15.0 - HP Inc.)
HP Customer Experience Enhancements (HKLM-x32\...\{9720A595-3D2D-440E-9523-0B6F970745DD}) (Version: 6.0.11.1 - HP Inc.) Hidden
HP Documentation (HKLM\...\HP_Documentation) (Version: 1.0.0.1 - HP Inc.)
HP ePrint SW (HKLM\...\{16311D0B-D57C-46F8-AE64-9D4D44227271}) (Version: 5.5.22560 - HP Inc.) Hidden
HP ePrint SW (HKLM\...\{4C246A91-6BAE-450E-BDEA-70D01663DF43}) (Version: 5.5.22560 - HP Inc.) Hidden
HP ePrint SW (HKLM\...\{78525DEA-1E62-429B-9CA4-A78F899A9F29}) (Version: 5.5.22560 - HP Inc.) Hidden
HP ePrint SW (HKLM\...\{B2CFD444-5088-4ECC-A1F1-28620C082C36}) (Version: 5.5.22560 - HP Inc.) Hidden
HP ePrint SW (HKLM-x32\...\{3D00C669-D447-4A04-AFDA-25E9E76E7873}) (Version: 5.5.22560 - HP Inc.) Hidden
HP ePrint SW (HKLM-x32\...\{59649835-21FD-4523-9AB0-9E67ED77F0CA}) (Version: 5.5.22560 - HP Inc.) Hidden
HP ePrint SW (HKLM-x32\...\{cdb5f70f-5107-4613-bf69-15de903b5b5d}) (Version: 5.5.22560 - HP Inc.)
HP JumpStart Bridge (HKLM-x32\...\{3FC961DB-BD36-4D8D-B276-0C456A2BB638}) (Version: 1.4.0.441 - HP Inc.)
HP JumpStart Launch (HKLM-x32\...\{F213102E-FD30-4E22-AF73-4C682D65FFEE}) (Version: 1.4.441.0 - HP Inc.)
HP Recovery Manager (HKLM-x32\...\{64BAA990-F1FC-4145-A7B1-E41FBBC9DA47}) (Version: 1.2.1511 - HP) Hidden
HP Registration Service (HKLM-x32\...\{4E097B06-83A0-4CDD-A9DB-22F0744FE16A}) (Version: 1.0.0.43 - HP Inc.) Hidden
HP Support Assistant (HKLM-x32\...\{4AAC4B07-77EF-4BCF-88DC-D24E4DE683E8}) (Version: 8.5.37.19 - HP Inc.)
HP Support Solutions Framework (HKLM-x32\...\{4E100CB6-9312-48BC-9DC0-4F4D5C338449}) (Version: 12.8.37.11 - HP Inc.)
HP System Event Utility (HKLM-x32\...\{5D308D1F-E37B-431A-8D35-67D16287467D}) (Version: 1.4.28 - HP Inc.)
Intel(R) Dynamic Platform and Thermal Framework (HKLM-x32\...\{654EE65D-FAA4-4EA6-8C07-DC94E6A304D4}) (Version: 8.3.10208.5644 - Intel Corporation)
Intel(R) Chipset Device Software (HKLM\...\{C3F938DB-732F-4A2B-BB44-42233484D098}) (Version: 10.1.17479.8054 - Intel Corporation) Hidden
Intel(R) Serial IO (HKLM\...\{36B07318-86ED-4AAA-9F43-DB0648064E84}) (Version: 30.100.1726.2 - Intel Corporation) Hidden
Intel(R) Serial IO (HKLM\...\{9FD91C5C-44AE-4D9D-85BE-AE52816B0294}) (Version: 30.100.1726.2 - Intel Corporation)
Intel(R) Trusted Connect Service Client x64 (HKLM\...\{C9552825-7BF2-4344-BA91-D3CD46F4C442}) (Version: 1.48.197.0 - Intel Corporation) Hidden
Intel(R) Trusted Connect Service Client x86 (HKLM-x32\...\{C9552825-7BF2-4344-BA91-D3CD46F4C441}) (Version: 1.48.197.0 - Intel Corporation) Hidden
Intel(R) Trusted Connect Services Client (HKLM-x32\...\{66129f84-d3f0-4884-ac54-369ae6fc2cf6}) (Version: 1.48.197.0 - Intel Corporation) Hidden
Intel(R) Trusted Execution Engine (HKLM\...\{176E2755-0A17-42C6-88E2-192AB2131278}) (Version: 1804.4.0.1224 - Intel Corporation)
Intel(R) Trusted Execution Engine (HKLM\...\{20FD7803-DC09-43DF-BAA8-A09D653F2746}) (Version: 1.1.1.1 - Intel Corporation) Hidden
Intel(R) Trusted Execution Engine (HKLM\...\{3D1DAB00-E679-48C2-9776-37E8E813E2EF}) (Version: 1.0.0.0 - Intel Corporation) Hidden
Intel(R) Trusted Execution Engine Driver (HKLM\...\{9035C50C-2743-4D74-BA07-E5EDB1BF3180}) (Version: 1.0.0.0 - Intel Corporation) Hidden
Intel(R) TXE Storage Proxy Driver (HKLM\...\{31436E42-F7F2-4D57-B9CA-609B50714B4F}) (Version: 1.0.0.0 - Intel Corporation) Hidden
Intel® Chipset Device Software (HKLM-x32\...\{9154f79b-8fb8-46ef-b7a6-95f136391303}) (Version: 10.1.17479.8054 - Intel(R) Corporation) Hidden
KMPlayer (HKLM-x32\...\The KMPlayer) (Version: 4.2.2.24 - PandoraTV)
Kontrola stavu osobního počítače s Windows (HKLM\...\{D1F15F7A-707A-42BD-BE6B-3380616F796D}) (Version: 3.6.2204.08001 - Microsoft Corporation)
Microsoft Edge (HKLM-x32\...\Microsoft Edge) (Version: 134.0.3124.66 - Microsoft Corporation)
Microsoft Edge WebView2 Runtime (HKLM-x32\...\Microsoft EdgeWebView) (Version: 133.0.3065.92 - Microsoft Corporation) Hidden
Microsoft Office Access MUI (Czech) 2010 (HKLM-x32\...\{90140000-0015-0405-0000-0000000FF1CE}) (Version: 14.0.4763.1011 - Microsoft Corporation) Hidden
Microsoft Office Excel MUI (Czech) 2010 (HKLM-x32\...\{90140000-0016-0405-0000-0000000FF1CE}) (Version: 14.0.4763.1011 - Microsoft Corporation) Hidden
Microsoft Office Groove MUI (Czech) 2010 (HKLM-x32\...\{90140000-00BA-0405-0000-0000000FF1CE}) (Version: 14.0.4763.1011 - Microsoft Corporation) Hidden
Microsoft Office InfoPath MUI (Czech) 2010 (HKLM-x32\...\{90140000-0044-0405-0000-0000000FF1CE}) (Version: 14.0.4763.1011 - Microsoft Corporation) Hidden
Microsoft Office Office 64-bit Components 2010 (HKLM\...\{90140000-002A-0000-1000-0000000FF1CE}) (Version: 14.0.4763.1000 - Microsoft Corporation) Hidden
Microsoft Office OneNote MUI (Czech) 2010 (HKLM-x32\...\{90140000-00A1-0405-0000-0000000FF1CE}) (Version: 14.0.4763.1011 - Microsoft Corporation) Hidden
Microsoft Office Outlook MUI (Czech) 2010 (HKLM-x32\...\{90140000-001A-0405-0000-0000000FF1CE}) (Version: 14.0.4763.1011 - Microsoft Corporation) Hidden
Microsoft Office PowerPoint MUI (Czech) 2010 (HKLM-x32\...\{90140000-0018-0405-0000-0000000FF1CE}) (Version: 14.0.4763.1011 - Microsoft Corporation) Hidden
Microsoft Office Professional Plus 2010 (HKLM-x32\...\{90140000-0011-0000-0000-0000000FF1CE}) (Version: 14.0.4763.1000 - Microsoft Corporation) Hidden
Microsoft Office Professional Plus 2010 (HKLM-x32\...\Office14.PROPLUS) (Version: 14.0.4763.1000 - Microsoft Corporation)
Microsoft Office Proof (Czech) 2010 (HKLM-x32\...\{90140000-001F-0405-0000-0000000FF1CE}) (Version: 14.0.4763.1011 - Microsoft Corporation) Hidden
Microsoft Office Proof (English) 2010 (HKLM-x32\...\{90140000-001F-0409-0000-0000000FF1CE}) (Version: 14.0.4763.1000 - Microsoft Corporation) Hidden
Microsoft Office Proof (German) 2010 (HKLM-x32\...\{90140000-001F-0407-0000-0000000FF1CE}) (Version: 14.0.4763.1000 - Microsoft Corporation) Hidden
Microsoft Office Proof (Slovak) 2010 (HKLM-x32\...\{90140000-001F-041B-0000-0000000FF1CE}) (Version: 14.0.4763.1011 - Microsoft Corporation) Hidden
Microsoft Office Proofing (Czech) 2010 (HKLM-x32\...\{90140000-002C-0405-0000-0000000FF1CE}) (Version: 14.0.4763.1011 - Microsoft Corporation) Hidden
Microsoft Office Publisher MUI (Czech) 2010 (HKLM-x32\...\{90140000-0019-0405-0000-0000000FF1CE}) (Version: 14.0.4763.1011 - Microsoft Corporation) Hidden
Microsoft Office Shared 64-bit MUI (Czech) 2010 (HKLM\...\{90140000-002A-0405-1000-0000000FF1CE}) (Version: 14.0.4763.1011 - Microsoft Corporation) Hidden
Microsoft Office Shared MUI (Czech) 2010 (HKLM-x32\...\{90140000-006E-0405-0000-0000000FF1CE}) (Version: 14.0.4763.1011 - Microsoft Corporation) Hidden
Microsoft Office Word MUI (Czech) 2010 (HKLM-x32\...\{90140000-001B-0405-0000-0000000FF1CE}) (Version: 14.0.4763.1011 - Microsoft Corporation) Hidden
Microsoft OneDrive (HKU\S-1-5-21-1311674592-3799105159-958900802-1001\...\OneDriveSetup.exe) (Version: 25.020.0202.0001 - Microsoft Corporation)
Microsoft Update Health Tools (HKLM\...\{C6FD611E-7EFE-488C-A0E0-974C09EF6473}) (Version: 5.72.0.0 - Microsoft Corporation)
Microsoft VC++ redistributables repacked. (HKLM\...\{4ACCFDCF-0A88-4CE5-B194-B0C2FDB6FA7C}) (Version: 12.0.0.0 - Intel Corporation) Hidden
Microsoft VC++ redistributables repacked. (HKLM-x32\...\{CD325DFA-2712-49D4-9FE0-DC290CEFE3EC}) (Version: 12.0.0.0 - Intel Corporation) Hidden
Microsoft Visual C++ 2010 x86 Redistributable - 10.0.30319 (HKLM-x32\...\{196BB40D-1578-3D01-B289-BEFC77A11A1E}) (Version: 10.0.30319 - Microsoft Corporation)
Microsoft Visual C++ 2013 Redistributable (x64) - 12.0.21005 (HKLM-x32\...\{7f51bdb9-ee21-49ee-94d6-90afc321780e}) (Version: 12.0.21005.1 - Microsoft Corporation)
Microsoft Visual C++ 2013 Redistributable (x64) - 12.0.30501 (HKLM-x32\...\{050d4fc8-5d48-4b8f-8972-47c82c46020f}) (Version: 12.0.30501.0 - Microsoft Corporation)
Microsoft Visual C++ 2013 Redistributable (x86) - 12.0.21005 (HKLM-x32\...\{ce085a78-074e-4823-8dc1-8a721b94b76d}) (Version: 12.0.21005.1 - Microsoft Corporation)
Microsoft Visual C++ 2013 x64 Additional Runtime - 12.0.21005 (HKLM\...\{929FBD26-9020-399B-9A7A-751D61F0B942}) (Version: 12.0.21005 - Microsoft Corporation) Hidden
Microsoft Visual C++ 2013 x64 Minimum Runtime - 12.0.21005 (HKLM\...\{A749D8E6-B613-3BE3-8F5F-045C84EBA29B}) (Version: 12.0.21005 - Microsoft Corporation) Hidden
Microsoft Visual C++ 2013 x86 Additional Runtime - 12.0.21005 (HKLM-x32\...\{F8CFEB22-A2E7-3971-9EDA-4B11EDEFC185}) (Version: 12.0.21005 - Microsoft Corporation) Hidden
Microsoft Visual C++ 2013 x86 Minimum Runtime - 12.0.21005 (HKLM-x32\...\{13A4EE12-23EA-3371-91EE-EFB36DDFFF3E}) (Version: 12.0.21005 - Microsoft Corporation) Hidden
Microsoft Visual C++ 2015 Redistributable (x64) - 14.0.23506 (HKLM-x32\...\{3ee5e5bb-b7cc-4556-8861-a00a82977d6c}) (Version: 14.0.23506.0 - Microsoft Corporation)
Microsoft Visual C++ 2015 Redistributable (x86) - 14.0.23506 (HKLM-x32\...\{23daf363-3020-4059-b3ae-dc4ad39fed19}) (Version: 14.0.23506.0 - Microsoft Corporation)
Microsoft Visual C++ 2015 x64 Additional Runtime - 14.0.23506 (HKLM\...\{B0B194F8-E0CE-33FE-AA11-636428A4B73D}) (Version: 14.0.23506 - Microsoft Corporation) Hidden
Microsoft Visual C++ 2015 x64 Minimum Runtime - 14.0.23506 (HKLM\...\{A1C31BA5-5438-3A07-9EEE-A5FB2D0FDE36}) (Version: 14.0.23506 - Microsoft Corporation) Hidden
Microsoft Visual C++ 2015 x86 Additional Runtime - 14.0.23506 (HKLM-x32\...\{1045AB6F-6151-3634-8C2C-EE308AA1A6A7}) (Version: 14.0.23506 - Microsoft Corporation) Hidden
Microsoft Visual C++ 2015 x86 Minimum Runtime - 14.0.23506 (HKLM-x32\...\{65AD78AD-D23D-3A1E-9305-3AE65CD522C2}) (Version: 14.0.23506 - Microsoft Corporation) Hidden
NVIDIA GeForce Experience 3.12.0.84 (HKLM\...\{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_Display.GFExperience) (Version: 3.12.0.84 - NVIDIA Corporation)
NVIDIA Ovladače grafiky 512.78 (HKLM\...\{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_Display.Driver) (Version: 512.78 - NVIDIA Corporation)
NVIDIA Systémový software PhysX 9.17.0524 (HKLM\...\{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_Display.PhysX) (Version: 9.17.0524 - NVIDIA Corporation)
Pomocník s aktualizací Windows 10 (HKLM-x32\...\{D5C69738-B486-402E-85AC-2456D98A64E4}) (Version: 1.4.9200.22589 - Microsoft Corporation)
REALTEK Bluetooth Driver (HKLM-x32\...\{9D3D8C60-A5EF-4123-B2B9-172095903AB}) (Version: 1.0.0.88 - REALTEK Semiconductor Corp.)
Realtek Ethernet Controller Driver (HKLM-x32\...\{8833FFB6-5B0C-4764-81AA-06DFEED9A476}) (Version: 10.25.119.2018 - Realtek)
REALTEK Wireless LAN Driver (HKLM-x32\...\{A5107464-AA9B-4177-8129-5FF2F42DD322}) (Version: 1.0.0.113 - REALTEK Semiconductor Corp.)
Skype verze 8.136 (HKLM-x32\...\Skype_is1) (Version: 8.136 - Skype Technologies S.A.)
TeamViewer 14 (HKLM-x32\...\TeamViewer) (Version: 14.2.8352 - TeamViewer)
Update for Windows 10 for x64-based Systems (KB4480730) (HKLM\...\{344F3227-F502-4219-9DC4-1967E586FAFA}) (Version: 2.51.0.0 - Microsoft Corporation)
Update for x64-based Windows Systems (KB5001716) (HKLM\...\{DA80A019-4C3B-4DAA-ACA1-6937D7CAAF9E}) (Version: 8.94.0.0 - Microsoft Corporation)
VLC media player (HKLM\...\VLC media player) (Version: 3.0.6 - VideoLAN)
WebAdvisor od společnosti McAfee (HKLM-x32\...\{35ED3F83-4BDC-4c44-8EC6-6A8301C7413A}) (Version: 4.1.1.1011 - McAfee, LLC)
WinRAR 5.90 (64-bit) (HKLM\...\WinRAR archiver) (Version: 5.90.0 - win.rar GmbH)
Chrome apps:
============
Mapy Google (HKU\S-1-5-21-1311674592-3799105159-958900802-1001\...\5738b425916c8b4f4bd8e8c200100190) (Version: 1.0 - Google\Chrome)
Packages:
=========
Adobe Acrobat Reader -> C:\Program Files\Adobe\Acrobat DC [2025-01-25] ()
Bitdefender CL Contextual Menu -> C:\Program Files\Bitdefender\Bitdefender Security App [2025-03-14] (Bitdefender)
Candy Crush Friends -> C:\Program Files\WindowsApps\king.com.CandyCrushFriends_4.9.1.0_x64__kgqvnymyfvs32 [2025-03-14] (king.com)
Candy Crush Saga -> C:\Program Files\WindowsApps\king.com.CandyCrushSaga_1.2970.1.0_x64__kgqvnymyfvs32 [2025-02-27] (king.com)
Cooking Fever -> C:\Program Files\WindowsApps\NORDCURRENT.COOKINGFEVER_21.1.3.0_x86__m9bz608c1b9ra [2025-02-27] (Nordcurrent)
Doplněk multimediálního modulu pro aplikaci Fotografie -> C:\Program Files\WindowsApps\Microsoft.Photos.MediaEngineDLC_1.0.0.0_x64__8wekyb3d8bbwe [2020-07-05] (Microsoft Corporation)
HP Audio Control -> C:\Program Files\WindowsApps\RealtekSemiconductorCorp.HPAudioControl_1.10.216.0_x64__dt26b99r8h8gj [2020-09-12] (Realtek Semiconductor Corp)
HP JumpStart -> C:\Program Files\WindowsApps\AD2F1837.HPJumpStart_1.4.481.0_x86__v10z8vjag6ke6 [2018-11-24] (HP Inc.)
LinkedIn -> C:\Program Files\WindowsApps\7EE7776C.LinkedInforWindows_3.0.42.0_x64__w1wdnht996qgy [2025-02-27] (LinkedIn) [Startup Task]
Microsoft Access -> C:\Program Files\WindowsApps\Microsoft.Office.Desktop.Access_16051.18429.20158.0_x86__8wekyb3d8bbwe [2025-02-13] (Microsoft Corporation)
Microsoft Advertising SDK for XAML -> C:\Program Files\WindowsApps\Microsoft.Advertising.Xaml_10.1811.1.0_x64__8wekyb3d8bbwe [2019-04-18] (Microsoft Corporation) [MS Ad]
Microsoft Advertising SDK for XAML -> C:\Program Files\WindowsApps\Microsoft.Advertising.Xaml_10.1811.1.0_x86__8wekyb3d8bbwe [2019-04-18] (Microsoft Corporation) [MS Ad]
Microsoft Excel -> C:\Program Files\WindowsApps\Microsoft.Office.Desktop.Excel_16051.18429.20158.0_x86__8wekyb3d8bbwe [2025-02-13] (Microsoft Corporation)
Microsoft Family -> C:\Program Files\WindowsApps\MicrosoftCorporationII.MicrosoftFamily_0.2.40.0_x64__8wekyb3d8bbwe [2024-11-16] (Microsoft Corp.)
Microsoft Office Desktop Apps -> C:\Program Files\WindowsApps\Microsoft.Office.Desktop_16051.18429.20158.0_x86__8wekyb3d8bbwe [2025-02-13] (Microsoft Corporation)
Microsoft Outlook -> C:\Program Files\WindowsApps\Microsoft.Office.Desktop.Outlook_16051.18429.20158.0_x86__8wekyb3d8bbwe [2025-02-13] (Microsoft Corporation)
Microsoft PowerPoint -> C:\Program Files\WindowsApps\Microsoft.Office.Desktop.PowerPoint_16051.18429.20158.0_x86__8wekyb3d8bbwe [2025-02-13] (Microsoft Corporation)
Microsoft Publisher -> C:\Program Files\WindowsApps\Microsoft.Office.Desktop.Publisher_16051.18429.20158.0_x86__8wekyb3d8bbwe [2025-02-13] (Microsoft Corporation)
Microsoft Word -> C:\Program Files\WindowsApps\Microsoft.Office.Desktop.Word_16051.18429.20158.0_x86__8wekyb3d8bbwe [2025-02-13] (Microsoft Corporation)
Microsoft.StartExperiencesApp -> C:\Program Files\WindowsApps\Microsoft.StartExperiencesApp_1.1.235.0_x64__8wekyb3d8bbwe [2025-02-27] (Microsoft Corporation)
Power Media Player 14 for HP Consumer PCs with DVD -> C:\Program Files\WindowsApps\CyberLinkCorp.hs.PowerMediaPlayer14forHPConsumerPC_14.2.9528.0_x86__06qsbagp91rvg [2019-04-18] (CYBERLINKCOM CORP)
Simple Solitaire -> C:\Program Files\WindowsApps\26720RandomSaladGamesLLC.SimpleSolitaire_7.5.25.0_x64__kx24dqmazqk8j [2025-02-27] (Random Salad Games LLC)
SpotifyAB.SpotifyMusic -> C:\Program Files\WindowsApps\SpotifyAB.SpotifyMusic_1.257.463.0_x64__zpdnekdrzrea0 [2025-02-13] (Spotify AB) [Startup Task]
Synaptics TouchPad -> C:\Program Files\WindowsApps\SynapticsIncorporated.SynHPConsumerDApp_19005.35054.0.0_x64__807d65c4rvak2 [2020-03-15] (Synaptics Incorporated)
==================== Custom CLSID (Whitelisted): ==============
(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)
CustomCLSID: HKU\S-1-5-21-1311674592-3799105159-958900802-1001_Classes\CLSID\{38142727-3008-9161-1521-349515000000}\localserver32 -> C:\Program Files\Adobe\Acrobat DC\Acrobat\ADNotificationManager.exe (Adobe Inc. -> Adobe)
CustomCLSID: HKU\S-1-5-21-1311674592-3799105159-958900802-1001_Classes\CLSID\{C78B614D-F3EA-11D2-94A1-00E0292A01E3}\InprocServer32 -> C:\Program Files\Altap Salamander\utils\salextx64.dll (ALTAP) [File not signed]
ShellExecuteHooks: Groove GFS Stub Execution Hook - {B5A7F190-DDA6-4420-B3BA-52453494E6CD} - C:\Program Files\Microsoft Office\Office14\GROOVEEX.DLL [6722448 2010-03-25] (Microsoft Corporation -> Microsoft Corporation)
ShellExecuteHooks-x32: Groove GFS Stub Execution Hook - {B5A7F190-DDA6-4420-B3BA-52453494E6CD} - C:\Program Files (x86)\Microsoft Office\Office14\GROOVEEX.DLL [4222864 2010-03-25] (Microsoft Corporation -> Microsoft Corporation)
ContextMenuHandlers1: [WinRAR] -> {B41DB860-64E4-11D2-9906-E49FADC173CA} => C:\Program Files\WinRAR\rarext.dll [2020-03-26] (win.rar GmbH -> Alexander Roshal)
ContextMenuHandlers1-x32: [WinRAR32] -> {B41DB860-8EE4-11D2-9906-E49FADC173CA} => C:\Program Files\WinRAR\rarext32.dll [2020-03-26] (win.rar GmbH -> Alexander Roshal)
ContextMenuHandlers4: [WinRAR] -> {B41DB860-64E4-11D2-9906-E49FADC173CA} => C:\Program Files\WinRAR\rarext.dll [2020-03-26] (win.rar GmbH -> Alexander Roshal)
ContextMenuHandlers4-x32: [WinRAR32] -> {B41DB860-8EE4-11D2-9906-E49FADC173CA} => C:\Program Files\WinRAR\rarext32.dll [2020-03-26] (win.rar GmbH -> Alexander Roshal)
ContextMenuHandlers5: [igfxcui] -> {3AB1675A-CCFF-11D2-8B20-00A0C93CB1F4} => -> No File
ContextMenuHandlers5: [igfxDTCM] -> {9B5F5829-A529-4B12-814A-E81BCB8D93FC} => C:\WINDOWS\System32\DriverStore\FileRepository\igdlh64.inf_amd64_31f4e71363bfa9b6\igfxDTCM.dll [2021-01-19] (Microsoft Windows Hardware Compatibility Publisher -> Intel Corporation)
ContextMenuHandlers5: [NvCplDesktopContext] -> {3D1975AF-48C6-4f8e-A182-BE0E08FA86A9} => C:\WINDOWS\system32\nvshext.dll [2022-05-05] (Nvidia Corporation -> NVIDIA Corporation)
ContextMenuHandlers6: [WinRAR] -> {B41DB860-64E4-11D2-9906-E49FADC173CA} => C:\Program Files\WinRAR\rarext.dll [2020-03-26] (win.rar GmbH -> Alexander Roshal)
ContextMenuHandlers6-x32: [WinRAR32] -> {B41DB860-8EE4-11D2-9906-E49FADC173CA} => C:\Program Files\WinRAR\rarext32.dll [2020-03-26] (win.rar GmbH -> Alexander Roshal)
==================== Codecs (Whitelisted) ====================
(If an entry is included in the fixlist, the registry item will be restored to default or removed. The file will not be moved.)
HKLM\...\Drivers32-x32: [vidc.XVID] => xvidvfw.dll
HKLM\...\Drivers32-x32: [VIDC.VP80] => vp8vfw.dll
==================== Shortcuts & WMI ========================
(The entries could be listed to be restored or removed.)
ShortcutWithArgument: C:\Users\Adriana\Desktop\Mapy Google.lnk -> C:\Program Files (x86)\Google\Chrome\Application\chrome_proxy.exe (Google LLC) -> --profile-directory=Default --app-id=ebaakkhnommmgmlbagjehhjfhkkmhhaa
ShortcutWithArgument: C:\Users\Adriana\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Aplikace Chrome\Mapy Google.lnk -> C:\Program Files (x86)\Google\Chrome\Application\chrome_proxy.exe (Google LLC) -> --profile-directory=Default --app-id=ebaakkhnommmgmlbagjehhjfhkkmhhaa
==================== Loaded Modules (Whitelisted) =============
2025-01-26 22:17 - 2025-01-26 22:17 - 000160768 _____ () [File not signed] C:\WINDOWS\assembly\NativeImages_v4.0.30319_32\BRIDGECommon\d559c5307bd854c0ca32f44553d67642\BRIDGECommon.ni.dll
2025-01-26 22:21 - 2025-01-26 22:21 - 000125440 _____ () [File not signed] C:\WINDOWS\assembly\NativeImages_v4.0.30319_32\BridgeExtension\320703600b565b8a20889d333d4b1aa3\BridgeExtension.ni.dll
2025-01-26 22:21 - 2025-01-26 22:21 - 000395264 _____ () [File not signed] C:\WINDOWS\assembly\NativeImages_v4.0.30319_32\CleanStartController\060bc0c317b2791a7374b165a40440e0\CleanStartController.ni.dll
2025-01-26 22:21 - 2025-01-26 22:21 - 000145920 _____ () [File not signed] C:\WINDOWS\assembly\NativeImages_v4.0.30319_32\Registratio4eabc192#\0bcde7da77e70e2f6ef447634c2632ab\RegistrationUtilities.ni.dll
2025-01-26 22:21 - 2025-01-26 22:21 - 000136704 _____ (HP Inc.) [File not signed] C:\WINDOWS\assembly\NativeImages_v4.0.30319_32\CommonPortable\140d680eefc10d28c7023fe6dee2f3c8\CommonPortable.ni.dll
2017-09-27 08:02 - 2017-09-27 08:02 - 000184832 _____ (NetToolWorks Inc.) [File not signed] [File is in use] C:\Program Files (x86)\Hewlett-Packard\HP Support Solutions\Modules\DeviceDetection\NetToolWorks.Snmp.dll
2025-01-26 22:19 - 2025-01-26 22:19 - 002305536 _____ (Newtonsoft) [File not signed] C:\WINDOWS\assembly\NativeImages_v4.0.30319_32\Newtonsoft.Json\4be9d3d7336190552509e4f592712b9e\Newtonsoft.Json.ni.dll
==================== Alternate Data Streams (Whitelisted) ========
(If an entry is included in the fixlist, only the ADS will be removed.)
AlternateDataStreams: C:\Users\Adriana\Downloads\FRST.exe:BDU [0]
AlternateDataStreams: C:\Users\Adriana\Downloads\FRST64.exe:BDU [0]
==================== Safe Mode (Whitelisted) ==================
==================== Association (Whitelisted) =================
==================== Internet Explorer (Whitelisted) =============
HKLM\Software\Microsoft\Internet Explorer\Main,Start Page = hxxp://hp17win10.msn.com/?pc=HCTE
HKLM\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = hxxp://hp17win10.msn.com/?pc=HCTE
HKU\S-1-5-21-1311674592-3799105159-958900802-1001\Software\Microsoft\Internet Explorer\Main,Start Page = hxxp://hp17win10.msn.com/?pc=HCTE
HKU\S-1-5-21-1311674592-3799105159-958900802-1001\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = hxxp://hp17win10.msn.com/?pc=HCTE
SearchScopes: HKLM -> {D8ED3568-26B6-4487-ADEE-7ADBB44E8250} URL = hxxp://www.amazon.co.uk/s/ref=azs_osd_ieauk?ie ... earchTerms}
SearchScopes: HKLM-x32 -> {D8ED3568-26B6-4487-ADEE-7ADBB44E8250} URL = hxxp://www.amazon.co.uk/s/ref=azs_osd_ieauk?ie ... earchTerms}
SearchScopes: HKU\S-1-5-21-1311674592-3799105159-958900802-1001 -> {D8ED3568-26B6-4487-ADEE-7ADBB44E8250} URL = hxxp://www.amazon.co.uk/s/ref=azs_osd_ieauk?ie ... earchTerms}
BHO: Groove GFS Browser Helper -> {72853161-30C5-4D22-B7F9-0BBC1D38A37E} -> C:\Program Files\Microsoft Office\Office14\GROOVEEX.DLL [2010-03-25] (Microsoft Corporation -> Microsoft Corporation)
BHO: McAfee WebAdvisor -> {B164E929-A1B6-4A06-B104-2CD0E90A88FF} -> C:\Program Files\McAfee\WebAdvisor\x64\IEPlugin.dll [2022-07-20] (McAfee, LLC -> McAfee, LLC)
BHO: Office Document Cache Handler -> {B4F3A835-0E21-4959-BA22-42B3008E02FF} -> C:\Program Files\Microsoft Office\Office14\URLREDIR.DLL [2010-02-28] (Microsoft Corporation -> Microsoft Corporation)
BHO: HP Network Check Helper -> {E76FD755-C1BA-4DCB-9F13-99BD91223ADE} -> C:\Program Files (x86)\Hewlett-Packard\HP Support Framework\Resources\HPNetworkCheck\HPNetworkCheckPluginx64.dll [2017-09-27] (HP Inc. -> HP Inc.)
BHO-x32: Groove GFS Browser Helper -> {72853161-30C5-4D22-B7F9-0BBC1D38A37E} -> C:\Program Files (x86)\Microsoft Office\Office14\GROOVEEX.DLL [2010-03-25] (Microsoft Corporation -> Microsoft Corporation)
BHO-x32: McAfee WebAdvisor -> {B164E929-A1B6-4A06-B104-2CD0E90A88FF} -> C:\Program Files\McAfee\WebAdvisor\win32\IEPlugin.dll [2022-07-20] (McAfee, LLC -> McAfee, LLC)
BHO-x32: Office Document Cache Handler -> {B4F3A835-0E21-4959-BA22-42B3008E02FF} -> C:\Program Files (x86)\Microsoft Office\Office14\URLREDIR.DLL [2010-02-28] (Microsoft Corporation -> Microsoft Corporation)
BHO-x32: HP Network Check Helper -> {E76FD755-C1BA-4DCB-9F13-99BD91223ADE} -> C:\Program Files (x86)\Hewlett-Packard\HP Support Framework\Resources\HPNetworkCheck\HPNetworkCheckPlugin.dll [2017-09-27] (HP Inc. -> HP Inc.)
==================== Hosts content: =========================
(If needed Hosts: directive could be included in the fixlist to reset Hosts.)
2018-04-12 00:38 - 2018-04-12 00:36 - 000000824 _____ C:\WINDOWS\system32\drivers\etc\hosts
==================== Other Areas ===========================
(Currently there is no automatic fix for this section.)
HKLM\System\CurrentControlSet\Control\Session Manager\Environment\\Path -> C:\Program Files (x86)\Intel\TXE Components\iCLS\;C:\Program Files\Intel\TXE Components\iCLS\;C:\windows\system32;C:\windows;C:\windows\System32\Wbem;C:\windows\System32\WindowsPowerShell\v1.0\;C:\windows\System32\OpenSSH\;C:\Program Files\Intel\TXE Components\DAL\;C:\Program Files (x86)\Intel\TXE Components\DAL\;C:\Program Files\Intel\TXE Components\IPT\;C:\Program Files (x86)\Intel\TXE Components\IPT\;C:\Program Files (x86)\NVIDIA Corporation\PhysX\Common;%SystemRoot%\system32;%SystemRoot%;%SystemRoot%\System32\Wbem;%SYSTEMROOT%\System32\WindowsPowerShell\v1.0\;%SYSTEMROOT%\System32\OpenSSH\
HKU\S-1-5-21-1311674592-3799105159-958900802-1001\Control Panel\Desktop\\Wallpaper -> C:\Users\Adriana\Desktop\JÁ\14318556_4_1700108082.jpg
DNS Servers: 192.168.0.254 - 217.196.124.1
HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Policies\System => (ConsentPromptBehaviorAdmin: 5) (ConsentPromptBehaviorUser: 3) (EnableLUA: 1)
BITS: {2250021F-B44B-4C02-A193-7E3D1BBECF62} - (HPCeeConnect) -> [NotifyCmdLine: C:\Program Files (x86)\Hewlett-Packard\HP Ceement\HPCEE.exe "C:\Program Files (x86)\Hewlett-Packard\HP Ceement\HPCEE.exe" HPCeeConnect (null)] [files:http://ceement.rssx.hp.com/CeementWA/index.jsp -> C:\Users\Adriana\hpTemp.txt]
Windows Firewall is enabled.
Network Binding:
=============
Síťové připojení Bluetooth: Bluetooth Device (Personal Area Network) -> bthpan.sys
Ethernet: Realtek PCIe GbE Family Controller -> rtcx21x64.sys
Wi-Fi: Realtek RTL8822BE 802.11ac PCIe Adapter -> rtwlane.sys
==================== MSCONFIG/TASK MANAGER disabled items ==
(If an entry is included in the fixlist, it will be removed.)
HKLM\...\StartupApproved\Run: => "RtkAudUService"
HKLM\...\StartupApproved\Run: => "msedge_cleanup_{F3017226-FE2A-4295-8BDF-00C3A9A7E4C5}"
HKLM\...\StartupApproved\Run32: => "BCSSync"
HKU\S-1-5-21-1311674592-3799105159-958900802-1001\...\StartupApproved\Run: => "OneDrive"
==================== FirewallRules (Whitelisted) ================
(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)
FirewallRules: [{1EFB2296-BA29-4EBB-BFFA-7D62E91D8E7B}] => (Allow) C:\Program Files (x86)\Microsoft\Skype for Desktop\Skype.exe (Skype Software Sarl -> Skype Technologies S.A.)
FirewallRules: [{EB2A2B45-5A1A-4D95-B0E3-F6113EC37025}] => (Allow) C:\Program Files (x86)\Microsoft\Skype for Desktop\Skype.exe (Skype Software Sarl -> Skype Technologies S.A.)
FirewallRules: [{8882661E-DCCD-4634-82BA-13778931D278}] => (Allow) C:\Program Files\Bitdefender\Bitdefender Security\bdntwrk.exe (Bitdefender SRL -> Bitdefender)
FirewallRules: [{C944D74D-DF8B-41F6-83AB-BA6D22E61166}] => (Allow) C:\Program Files\Bonjour\mDNSResponder.exe (Apple Inc. -> Apple Inc.)
FirewallRules: [{FF2D2EB8-431C-4018-83AD-041F5D5FD8B8}] => (Allow) C:\Program Files\Bonjour\mDNSResponder.exe (Apple Inc. -> Apple Inc.)
FirewallRules: [{A15F01E2-B0B1-4015-9790-1E6BE83567FE}] => (Allow) C:\Program Files (x86)\Bonjour\mDNSResponder.exe (Apple Inc. -> Apple Inc.)
FirewallRules: [{8FC9D36B-3460-499A-8845-0525573AC366}] => (Allow) C:\Program Files (x86)\Bonjour\mDNSResponder.exe (Apple Inc. -> Apple Inc.)
FirewallRules: [{40118C59-61C0-4690-9F50-C7A63F38425F}] => (Allow) C:\Program Files\NVIDIA Corporation\NvContainer\nvcontainer.exe (NVIDIA Corporation -> NVIDIA Corporation)
FirewallRules: [{831ADED0-792F-4A4A-B839-F7D36A929997}] => (Allow) C:\Program Files\NVIDIA Corporation\NvContainer\nvcontainer.exe (NVIDIA Corporation -> NVIDIA Corporation)
FirewallRules: [{68BA3751-F556-4329-9756-0FE8643D169C}] => (Allow) C:\Program Files\NVIDIA Corporation\NvContainer\nvcontainer.exe (NVIDIA Corporation -> NVIDIA Corporation)
FirewallRules: [{6A993636-BBE8-4ED0-998F-550B9F367335}] => (Allow) C:\Program Files\NVIDIA Corporation\NvContainer\nvcontainer.exe (NVIDIA Corporation -> NVIDIA Corporation)
FirewallRules: [{71CA705F-A1EB-4C7D-AF52-9351B40869D6}] => (Allow) C:\Program Files\NVIDIA Corporation\NvStreamSrv\nvstreamer.exe (NVIDIA Corporation -> NVIDIA Corporation)
FirewallRules: [{7C3A54E6-163A-4F97-8D87-376D7FB78A52}] => (Allow) C:\Program Files\NVIDIA Corporation\NvStreamSrv\nvstreamer.exe (NVIDIA Corporation -> NVIDIA Corporation)
FirewallRules: [{2895CF63-CBCC-4CE7-8AAE-9609228006F6}] => (Allow) C:\Program Files (x86)\Common Files\Mcafee\MMSSHost\MMSSHost.exe => No File
FirewallRules: [{054907B3-0783-4ACC-88D0-FA654BE55FB5}] => (Allow) C:\Program Files\Common Files\McAfee\MMSSHost\MMSSHost.exe => No File
FirewallRules: [{7BA79C55-6DE3-43E4-BEBE-9576762FA791}] => (Allow) C:\Program Files (x86)\TeamViewer\TeamViewer.exe (TeamViewer GmbH -> TeamViewer GmbH)
FirewallRules: [{3AE225C4-8425-49C3-A5CC-7CAB9A5F0A1D}] => (Allow) C:\Program Files (x86)\TeamViewer\TeamViewer.exe (TeamViewer GmbH -> TeamViewer GmbH)
FirewallRules: [{5E54622C-EDBB-4B3F-9503-9140FC725DE5}] => (Allow) C:\Program Files (x86)\TeamViewer\TeamViewer_Service.exe (TeamViewer GmbH -> TeamViewer GmbH)
FirewallRules: [{EA0060E7-38AF-4230-96BF-E2DC065EF8A5}] => (Allow) C:\Program Files (x86)\TeamViewer\TeamViewer_Service.exe (TeamViewer GmbH -> TeamViewer GmbH)
FirewallRules: [TCP Query User{3A2473BD-28C5-4E93-9657-2A4FA16A9A56}C:\windows\explorer.exe] => (Block) C:\windows\explorer.exe (Microsoft Windows -> Microsoft Corporation)
FirewallRules: [UDP Query User{89D6091D-F9D8-45E1-B587-B64BE85426B9}C:\windows\explorer.exe] => (Block) C:\windows\explorer.exe (Microsoft Windows -> Microsoft Corporation)
FirewallRules: [{5C0B377F-C28B-468F-B864-654D2B42B8E3}] => (Allow) C:\Program Files\WindowsApps\MicrosoftTeams_24277.3102.3183.2670_x64__8wekyb3d8bbwe\msteams.exe (Microsoft Corporation -> Microsoft Corporation)
FirewallRules: [{31B18D05-5966-441B-BDED-686350046F3A}] => (Allow) C:\Program Files\WindowsApps\MicrosoftTeams_24277.3102.3183.2670_x64__8wekyb3d8bbwe\msteams.exe (Microsoft Corporation -> Microsoft Corporation)
FirewallRules: [{F0659D6B-BF79-4E5C-8C00-0FB524675A1B}] => (Allow) C:\Program Files\WindowsApps\Microsoft.SkypeApp_15.136.3203.0_x64__kzf8qxf38zg5c\Skype\Skype.exe (Skype Software Sarl -> Skype Technologies S.A.)
FirewallRules: [{A7E0DBC0-4270-4015-9A41-C1F005754FB5}] => (Allow) C:\Program Files\WindowsApps\Microsoft.SkypeApp_15.136.3203.0_x64__kzf8qxf38zg5c\Skype\Skype.exe (Skype Software Sarl -> Skype Technologies S.A.)
FirewallRules: [{6C5187B9-3F65-40A4-A273-F9DC04FD8107}] => (Allow) C:\Program Files\WindowsApps\Microsoft.SkypeApp_15.136.3203.0_x64__kzf8qxf38zg5c\Skype\Skype.exe (Skype Software Sarl -> Skype Technologies S.A.)
FirewallRules: [{2ABF5A81-F826-45FA-8E45-51E90AB139F1}] => (Allow) C:\Program Files\WindowsApps\Microsoft.SkypeApp_15.136.3203.0_x64__kzf8qxf38zg5c\Skype\Skype.exe (Skype Software Sarl -> Skype Technologies S.A.)
FirewallRules: [{E6E70C09-5F4F-449F-918B-0F5C8D700941}] => (Allow) C:\Program Files\WindowsApps\SpotifyAB.SpotifyMusic_1.257.463.0_x64__zpdnekdrzrea0\Spotify.exe (453637B3-4E12-4CDF-B0D3-2A3C863BF6EF -> Spotify Ltd)
FirewallRules: [{FDC07B9D-7AE6-43E2-A170-307D3B1CF73B}] => (Allow) C:\Program Files\WindowsApps\SpotifyAB.SpotifyMusic_1.257.463.0_x64__zpdnekdrzrea0\Spotify.exe (453637B3-4E12-4CDF-B0D3-2A3C863BF6EF -> Spotify Ltd)
FirewallRules: [{896E2DBC-3C0A-4C64-B9CD-3436415BF8B3}] => (Allow) C:\Program Files\WindowsApps\SpotifyAB.SpotifyMusic_1.257.463.0_x64__zpdnekdrzrea0\Spotify.exe (453637B3-4E12-4CDF-B0D3-2A3C863BF6EF -> Spotify Ltd)
FirewallRules: [{1FA79451-97D9-4016-A538-7962E532CE10}] => (Allow) C:\Program Files\WindowsApps\SpotifyAB.SpotifyMusic_1.257.463.0_x64__zpdnekdrzrea0\Spotify.exe (453637B3-4E12-4CDF-B0D3-2A3C863BF6EF -> Spotify Ltd)
FirewallRules: [{A73B9695-9D77-4ED5-BB6F-0832DFDE0740}] => (Allow) C:\Program Files\WindowsApps\SpotifyAB.SpotifyMusic_1.257.463.0_x64__zpdnekdrzrea0\Spotify.exe (453637B3-4E12-4CDF-B0D3-2A3C863BF6EF -> Spotify Ltd)
FirewallRules: [{D18E1FFF-6753-462C-B16B-7BC5891EC364}] => (Allow) C:\Program Files\WindowsApps\SpotifyAB.SpotifyMusic_1.257.463.0_x64__zpdnekdrzrea0\Spotify.exe (453637B3-4E12-4CDF-B0D3-2A3C863BF6EF -> Spotify Ltd)
FirewallRules: [{BF8CD9B7-F048-4F69-91D4-9B8B4E52C543}] => (Allow) C:\Program Files\WindowsApps\SpotifyAB.SpotifyMusic_1.257.463.0_x64__zpdnekdrzrea0\Spotify.exe (453637B3-4E12-4CDF-B0D3-2A3C863BF6EF -> Spotify Ltd)
FirewallRules: [{EDCA9B4C-F620-4A62-9F81-C19610EC67D4}] => (Allow) C:\Program Files\WindowsApps\SpotifyAB.SpotifyMusic_1.257.463.0_x64__zpdnekdrzrea0\Spotify.exe (453637B3-4E12-4CDF-B0D3-2A3C863BF6EF -> Spotify Ltd)
FirewallRules: [{598FCC55-F47D-4497-A9C3-7DBF570B5DEA}] => (Allow) C:\Program Files\WindowsApps\SpotifyAB.SpotifyMusic_1.257.463.0_x64__zpdnekdrzrea0\Spotify.exe (453637B3-4E12-4CDF-B0D3-2A3C863BF6EF -> Spotify Ltd)
FirewallRules: [{925EDD0E-7C3E-453B-AAA2-EE4072251B2E}] => (Allow) C:\Program Files\WindowsApps\SpotifyAB.SpotifyMusic_1.257.463.0_x64__zpdnekdrzrea0\Spotify.exe (453637B3-4E12-4CDF-B0D3-2A3C863BF6EF -> Spotify Ltd)
FirewallRules: [{949526EE-4911-41C0-8A85-055FB9475684}] => (Allow) C:\Program Files\WindowsApps\Microsoft.Office.Desktop.Outlook_16051.18429.20158.0_x86__8wekyb3d8bbwe\Office16\OUTLOOK.exe (Microsoft Corporation -> Microsoft Corporation)
FirewallRules: [{05D2A9D0-B920-46D2-8F30-60DC3ACDCF3F}] => (Allow) C:\Program Files (x86)\Microsoft\Skype for Desktop\Skype.exe (Skype Software Sarl -> Skype Technologies S.A.)
FirewallRules: [{5FDD0B61-5BBF-4733-985C-8FD7A0D88426}] => (Allow) C:\Program Files (x86)\Microsoft\Skype for Desktop\Skype.exe (Skype Software Sarl -> Skype Technologies S.A.)
FirewallRules: [{308F87A9-2876-4D66-8C97-368CFC16BF8D}] => (Allow) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe (Google LLC -> Google LLC)
FirewallRules: [{E55C9C43-E50A-479A-A477-A2BA51DA2A5D}] => (Allow) C:\Program Files (x86)\Microsoft\EdgeWebView\Application\133.0.3065.92\msedgewebview2.exe (Microsoft Corporation -> Microsoft Corporation)
==================== Restore Points =========================
14-03-2025 11:57:43 Windows Update
14-03-2025 11:57:59 Windows Update
==================== Faulty Device Manager Devices ============
==================== Event log errors: ========================
Application errors:
==================
Error: (03/14/2025 11:44:40 AM) (Source: SecurityCenter) (EventID: 19) (User: )
Description: Službě Centrum zabezpečení Windows se nepodařilo načíst instance objektu AntiVirusProduct z úložiště dat.
Error: (02/27/2025 10:04:32 AM) (Source: SecurityCenter) (EventID: 19) (User: )
Description: Službě Centrum zabezpečení Windows se nepodařilo načíst instance objektu AntiVirusProduct z úložiště dat.
Error: (02/27/2025 10:02:34 AM) (Source: System Restore) (EventID: 8193) (User: )
Description: Vytvoření bodu obnovení se nezdařilo (Proces = C:\WINDOWS\system32\svchost.exe -k netsvcs -p -s wuauserv; Popis = Windows Update; Chyba = 0x80042319).
Error: (02/27/2025 10:02:34 AM) (Source: SPP) (EventID: 16387) (User: )
Description: V zapisovači MSSearch Service Writer došlo při vytváření snímku k chybě.
Další informace: .
Error: (02/27/2025 09:51:27 AM) (Source: SecurityCenter) (EventID: 19) (User: )
Description: Službě Centrum zabezpečení Windows se nepodařilo načíst instance objektu AntiVirusProduct z úložiště dat.
Error: (02/13/2025 12:27:55 PM) (Source: SecurityCenter) (EventID: 19) (User: )
Description: Službě Centrum zabezpečení Windows se nepodařilo načíst instance objektu AntiVirusProduct z úložiště dat.
Error: (02/13/2025 09:17:02 AM) (Source: Bonjour Service) (EventID: 100) (User: )
Description: Local Hostname LAPTOP-PC5UL52V.local already in use; will try LAPTOP-PC5UL52V-2.local instead
Error: (02/13/2025 09:17:02 AM) (Source: Bonjour Service) (EventID: 100) (User: )
Description: mDNSCoreReceiveResponse: ProbeCount 0; will deregister 4 LAPTOP-PC5UL52V.local. Addr 169.254.200.205
System errors:
=============
Error: (03/14/2025 12:14:18 PM) (Source: Microsoft-Windows-WindowsUpdateClient) (EventID: 20) (User: NT AUTHORITY)
Description: Instalace se nezdařila: Instalování následující aktualizace se nezdařilo z důvodu chyby (0x80073d02): 9PC1H9VN18CM-Microsoft.StartExperiencesApp.
Error: (03/14/2025 12:04:30 PM) (Source: Microsoft-Windows-WindowsUpdateClient) (EventID: 20) (User: NT AUTHORITY)
Description: Instalace se nezdařila: Instalování následující aktualizace se nezdařilo z důvodu chyby (0x80073d02): 9NTXGKQ8P7N0-MicrosoftWindows.CrossDevice.
Error: (03/14/2025 11:58:46 AM) (Source: Microsoft-Windows-WindowsUpdateClient) (EventID: 20) (User: NT AUTHORITY)
Description: Instalace se nezdařila: Instalování následující aktualizace se nezdařilo z důvodu chyby (0x80073d02): 9NZKPSTSNW4P-Microsoft.XboxGamingOverlay.
Error: (03/14/2025 11:45:32 AM) (Source: Service Control Manager) (EventID: 7000) (User: )
Description: Služba Služba Aktualizace Google (gupdate) neuspěla při spuštění v důsledku následující chyby:
Služba neodpověděla na řídicí nebo zahajovací požadavek dostatečně včas.
Error: (03/14/2025 11:45:32 AM) (Source: Service Control Manager) (EventID: 7009) (User: )
Description: Při čekání na připojení služby Služba Aktualizace Google (gupdate) bylo dosaženo časového limitu (30000 ms).
Error: (03/14/2025 11:43:40 AM) (Source: Service Control Manager) (EventID: 7031) (User: )
Description: Služba Windows Search byla nečekaně ukončena. Stalo se to 1 krát. Následující opravná akce bude spuštěna za 30000 milisekund: Restartovat službu.
Error: (03/14/2025 11:43:40 AM) (Source: Service Control Manager) (EventID: 7023) (User: )
Description: Služba Windows Search byla ukončena s následující chybou:
Zadaná přihlašovací relace neexistuje. Zřejmě již byla ukončena.
Error: (03/14/2025 11:43:20 AM) (Source: Microsoft-Windows-Eventlog) (EventID: 22) (User: NT AUTHORITY)
Description: Služba protokolování událostí zjistila při inicializaci publikačních prostředků chybu v kanálu DebugChannel. V případě analytického nebo ladicího typu kanálu to může znamenat, že došlo také k chybě při inicializaci přihlašovacích prostředků.
==================== Memory info ===========================
BIOS: Insyde F.04 08/02/2018
Motherboard: HP 84AB
Processor: Intel(R) Pentium(R) Silver N5000 CPU @ 1.10GHz
Percentage of memory in use: 85%
Total physical RAM: 8023.57 MB
Available physical RAM: 1178.89 MB
Total Virtual: 10327.57 MB
Available Virtual: 3014.18 MB
==================== Drives ================================
Drive c: (Windows) (Fixed) (Total:222.19 GB) (Free:67.36 GB) (Model: SAMSUNG MZNLN256HAJQ-000H1) NTFS
Drive d: (RECOVERY) (Fixed) (Total:15.05 GB) (Free:1.78 GB) (Model: SAMSUNG MZNLN256HAJQ-000H1) NTFS ==>[system with boot components (obtained from drive)]
\\?\Volume{351acab9-ad10-44e4-99d7-36378fadb533}\ (Windows RE tools) (Fixed) (Total:0.96 GB) (Free:0.22 GB) NTFS
\\?\Volume{d5fcc9bd-a2d9-4f24-9b94-f47fccb9ba7e}\ () (Fixed) (Total:0.25 GB) (Free:0.2 GB) FAT32
==================== MBR & Partition Table ====================
==========================================================
Disk: 0 (Size: 238.5 GB) (Disk ID: 5BAF539E)
Partition: GPT.
==================== End of Addition.txt =======================
Additional scan result of Farbar Recovery Scan Tool (x64) Version: 14-03-2025
Ran by Adriana (14-03-2025 12:30:18)
Running from C:\Users\Adriana\Downloads
Microsoft Windows 11 Home Version 23H2 22631.4890 (X64) (2024-11-12 19:27:44)
Boot Mode: Normal
==========================================================
==================== Accounts: =============================
(If an entry is included in the fixlist, it will be removed.)
Administrator (S-1-5-21-1311674592-3799105159-958900802-500 - Administrator - Disabled)
Adriana (S-1-5-21-1311674592-3799105159-958900802-1001 - Administrator - Enabled) => C:\Users\Adriana
DefaultAccount (S-1-5-21-1311674592-3799105159-958900802-503 - Limited - Disabled)
Guest (S-1-5-21-1311674592-3799105159-958900802-501 - Limited - Disabled)
WDAGUtilityAccount (S-1-5-21-1311674592-3799105159-958900802-504 - Limited - Disabled)
==================== Security Center ========================
(If an entry is included in the fixlist, it will be removed.)
AV: Bitdefender Antivirus (Enabled - Out of date) {0F59B032-EA77-E3A8-2382-74A4346E5522}
AV: Windows Defender (Disabled - Up to date) {D68DDC3A-831F-4fae-9E44-DA132C1ACF46}
==================== Installed Programs ======================
(Only the adware programs with "Hidden" flag could be added to the fixlist to unhide them. The adware programs should be uninstalled manually.)
Adobe Acrobat (64-bit) (HKLM\...\{AC76BA86-1029-1033-7760-BC15014EA700}) (Version: 24.005.20399 - Adobe)
Adobe Refresh Manager (HKLM-x32\...\{AC76BA86-0804-1033-1959-018244601108}) (Version: 1.8.0 - Adobe Systems Incorporated) Hidden
Altap Salamander 3.07 (x64) (HKLM\...\Altap Salamander 3.07 (x64)) (Version: 3.07 - ALTAP)
Bitdefender Agent (HKLM\...\Bitdefender Agent) (Version: 27.1.1.11 - Bitdefender)
Bitdefender Antivirus Free (HKLM\...\Bitdefender) (Version: 26.0.32.109 - Bitdefender)
Bonjour (HKLM\...\{6E3610B2-430D-4EB0-81E3-2B57E8B9DE8D}) (Version: 3.0.0.10 - Apple Inc.)
CCleaner (HKLM\...\CCleaner) (Version: 6.33 - Piriform)
Energy Star (HKLM\...\{5CB22648-35F8-41BC-9C35-1E41FE6E12A5}) (Version: 1.1.1 - HP Inc.)
FastStone Image Viewer 7.0 (HKLM-x32\...\FastStone Image Viewer) (Version: 7.0 - FastStone Soft)
Google Chrome (HKLM-x32\...\Google Chrome) (Version: 134.0.6998.89 - Google LLC)
HP Audio Switch (HKLM-x32\...\{3A5141D4-47DB-4302-9B1C-272BE585BC8A}) (Version: 1.0.179.0 - HP Inc.)
HP Connection Optimizer (HKLM-x32\...\{6468C4A5-E47E-405F-B675-A70A70983EA6}) (Version: 2.0.15.0 - HP Inc.)
HP Customer Experience Enhancements (HKLM-x32\...\{9720A595-3D2D-440E-9523-0B6F970745DD}) (Version: 6.0.11.1 - HP Inc.) Hidden
HP Documentation (HKLM\...\HP_Documentation) (Version: 1.0.0.1 - HP Inc.)
HP ePrint SW (HKLM\...\{16311D0B-D57C-46F8-AE64-9D4D44227271}) (Version: 5.5.22560 - HP Inc.) Hidden
HP ePrint SW (HKLM\...\{4C246A91-6BAE-450E-BDEA-70D01663DF43}) (Version: 5.5.22560 - HP Inc.) Hidden
HP ePrint SW (HKLM\...\{78525DEA-1E62-429B-9CA4-A78F899A9F29}) (Version: 5.5.22560 - HP Inc.) Hidden
HP ePrint SW (HKLM\...\{B2CFD444-5088-4ECC-A1F1-28620C082C36}) (Version: 5.5.22560 - HP Inc.) Hidden
HP ePrint SW (HKLM-x32\...\{3D00C669-D447-4A04-AFDA-25E9E76E7873}) (Version: 5.5.22560 - HP Inc.) Hidden
HP ePrint SW (HKLM-x32\...\{59649835-21FD-4523-9AB0-9E67ED77F0CA}) (Version: 5.5.22560 - HP Inc.) Hidden
HP ePrint SW (HKLM-x32\...\{cdb5f70f-5107-4613-bf69-15de903b5b5d}) (Version: 5.5.22560 - HP Inc.)
HP JumpStart Bridge (HKLM-x32\...\{3FC961DB-BD36-4D8D-B276-0C456A2BB638}) (Version: 1.4.0.441 - HP Inc.)
HP JumpStart Launch (HKLM-x32\...\{F213102E-FD30-4E22-AF73-4C682D65FFEE}) (Version: 1.4.441.0 - HP Inc.)
HP Recovery Manager (HKLM-x32\...\{64BAA990-F1FC-4145-A7B1-E41FBBC9DA47}) (Version: 1.2.1511 - HP) Hidden
HP Registration Service (HKLM-x32\...\{4E097B06-83A0-4CDD-A9DB-22F0744FE16A}) (Version: 1.0.0.43 - HP Inc.) Hidden
HP Support Assistant (HKLM-x32\...\{4AAC4B07-77EF-4BCF-88DC-D24E4DE683E8}) (Version: 8.5.37.19 - HP Inc.)
HP Support Solutions Framework (HKLM-x32\...\{4E100CB6-9312-48BC-9DC0-4F4D5C338449}) (Version: 12.8.37.11 - HP Inc.)
HP System Event Utility (HKLM-x32\...\{5D308D1F-E37B-431A-8D35-67D16287467D}) (Version: 1.4.28 - HP Inc.)
Intel(R) Dynamic Platform and Thermal Framework (HKLM-x32\...\{654EE65D-FAA4-4EA6-8C07-DC94E6A304D4}) (Version: 8.3.10208.5644 - Intel Corporation)
Intel(R) Chipset Device Software (HKLM\...\{C3F938DB-732F-4A2B-BB44-42233484D098}) (Version: 10.1.17479.8054 - Intel Corporation) Hidden
Intel(R) Serial IO (HKLM\...\{36B07318-86ED-4AAA-9F43-DB0648064E84}) (Version: 30.100.1726.2 - Intel Corporation) Hidden
Intel(R) Serial IO (HKLM\...\{9FD91C5C-44AE-4D9D-85BE-AE52816B0294}) (Version: 30.100.1726.2 - Intel Corporation)
Intel(R) Trusted Connect Service Client x64 (HKLM\...\{C9552825-7BF2-4344-BA91-D3CD46F4C442}) (Version: 1.48.197.0 - Intel Corporation) Hidden
Intel(R) Trusted Connect Service Client x86 (HKLM-x32\...\{C9552825-7BF2-4344-BA91-D3CD46F4C441}) (Version: 1.48.197.0 - Intel Corporation) Hidden
Intel(R) Trusted Connect Services Client (HKLM-x32\...\{66129f84-d3f0-4884-ac54-369ae6fc2cf6}) (Version: 1.48.197.0 - Intel Corporation) Hidden
Intel(R) Trusted Execution Engine (HKLM\...\{176E2755-0A17-42C6-88E2-192AB2131278}) (Version: 1804.4.0.1224 - Intel Corporation)
Intel(R) Trusted Execution Engine (HKLM\...\{20FD7803-DC09-43DF-BAA8-A09D653F2746}) (Version: 1.1.1.1 - Intel Corporation) Hidden
Intel(R) Trusted Execution Engine (HKLM\...\{3D1DAB00-E679-48C2-9776-37E8E813E2EF}) (Version: 1.0.0.0 - Intel Corporation) Hidden
Intel(R) Trusted Execution Engine Driver (HKLM\...\{9035C50C-2743-4D74-BA07-E5EDB1BF3180}) (Version: 1.0.0.0 - Intel Corporation) Hidden
Intel(R) TXE Storage Proxy Driver (HKLM\...\{31436E42-F7F2-4D57-B9CA-609B50714B4F}) (Version: 1.0.0.0 - Intel Corporation) Hidden
Intel® Chipset Device Software (HKLM-x32\...\{9154f79b-8fb8-46ef-b7a6-95f136391303}) (Version: 10.1.17479.8054 - Intel(R) Corporation) Hidden
KMPlayer (HKLM-x32\...\The KMPlayer) (Version: 4.2.2.24 - PandoraTV)
Kontrola stavu osobního počítače s Windows (HKLM\...\{D1F15F7A-707A-42BD-BE6B-3380616F796D}) (Version: 3.6.2204.08001 - Microsoft Corporation)
Microsoft Edge (HKLM-x32\...\Microsoft Edge) (Version: 134.0.3124.66 - Microsoft Corporation)
Microsoft Edge WebView2 Runtime (HKLM-x32\...\Microsoft EdgeWebView) (Version: 133.0.3065.92 - Microsoft Corporation) Hidden
Microsoft Office Access MUI (Czech) 2010 (HKLM-x32\...\{90140000-0015-0405-0000-0000000FF1CE}) (Version: 14.0.4763.1011 - Microsoft Corporation) Hidden
Microsoft Office Excel MUI (Czech) 2010 (HKLM-x32\...\{90140000-0016-0405-0000-0000000FF1CE}) (Version: 14.0.4763.1011 - Microsoft Corporation) Hidden
Microsoft Office Groove MUI (Czech) 2010 (HKLM-x32\...\{90140000-00BA-0405-0000-0000000FF1CE}) (Version: 14.0.4763.1011 - Microsoft Corporation) Hidden
Microsoft Office InfoPath MUI (Czech) 2010 (HKLM-x32\...\{90140000-0044-0405-0000-0000000FF1CE}) (Version: 14.0.4763.1011 - Microsoft Corporation) Hidden
Microsoft Office Office 64-bit Components 2010 (HKLM\...\{90140000-002A-0000-1000-0000000FF1CE}) (Version: 14.0.4763.1000 - Microsoft Corporation) Hidden
Microsoft Office OneNote MUI (Czech) 2010 (HKLM-x32\...\{90140000-00A1-0405-0000-0000000FF1CE}) (Version: 14.0.4763.1011 - Microsoft Corporation) Hidden
Microsoft Office Outlook MUI (Czech) 2010 (HKLM-x32\...\{90140000-001A-0405-0000-0000000FF1CE}) (Version: 14.0.4763.1011 - Microsoft Corporation) Hidden
Microsoft Office PowerPoint MUI (Czech) 2010 (HKLM-x32\...\{90140000-0018-0405-0000-0000000FF1CE}) (Version: 14.0.4763.1011 - Microsoft Corporation) Hidden
Microsoft Office Professional Plus 2010 (HKLM-x32\...\{90140000-0011-0000-0000-0000000FF1CE}) (Version: 14.0.4763.1000 - Microsoft Corporation) Hidden
Microsoft Office Professional Plus 2010 (HKLM-x32\...\Office14.PROPLUS) (Version: 14.0.4763.1000 - Microsoft Corporation)
Microsoft Office Proof (Czech) 2010 (HKLM-x32\...\{90140000-001F-0405-0000-0000000FF1CE}) (Version: 14.0.4763.1011 - Microsoft Corporation) Hidden
Microsoft Office Proof (English) 2010 (HKLM-x32\...\{90140000-001F-0409-0000-0000000FF1CE}) (Version: 14.0.4763.1000 - Microsoft Corporation) Hidden
Microsoft Office Proof (German) 2010 (HKLM-x32\...\{90140000-001F-0407-0000-0000000FF1CE}) (Version: 14.0.4763.1000 - Microsoft Corporation) Hidden
Microsoft Office Proof (Slovak) 2010 (HKLM-x32\...\{90140000-001F-041B-0000-0000000FF1CE}) (Version: 14.0.4763.1011 - Microsoft Corporation) Hidden
Microsoft Office Proofing (Czech) 2010 (HKLM-x32\...\{90140000-002C-0405-0000-0000000FF1CE}) (Version: 14.0.4763.1011 - Microsoft Corporation) Hidden
Microsoft Office Publisher MUI (Czech) 2010 (HKLM-x32\...\{90140000-0019-0405-0000-0000000FF1CE}) (Version: 14.0.4763.1011 - Microsoft Corporation) Hidden
Microsoft Office Shared 64-bit MUI (Czech) 2010 (HKLM\...\{90140000-002A-0405-1000-0000000FF1CE}) (Version: 14.0.4763.1011 - Microsoft Corporation) Hidden
Microsoft Office Shared MUI (Czech) 2010 (HKLM-x32\...\{90140000-006E-0405-0000-0000000FF1CE}) (Version: 14.0.4763.1011 - Microsoft Corporation) Hidden
Microsoft Office Word MUI (Czech) 2010 (HKLM-x32\...\{90140000-001B-0405-0000-0000000FF1CE}) (Version: 14.0.4763.1011 - Microsoft Corporation) Hidden
Microsoft OneDrive (HKU\S-1-5-21-1311674592-3799105159-958900802-1001\...\OneDriveSetup.exe) (Version: 25.020.0202.0001 - Microsoft Corporation)
Microsoft Update Health Tools (HKLM\...\{C6FD611E-7EFE-488C-A0E0-974C09EF6473}) (Version: 5.72.0.0 - Microsoft Corporation)
Microsoft VC++ redistributables repacked. (HKLM\...\{4ACCFDCF-0A88-4CE5-B194-B0C2FDB6FA7C}) (Version: 12.0.0.0 - Intel Corporation) Hidden
Microsoft VC++ redistributables repacked. (HKLM-x32\...\{CD325DFA-2712-49D4-9FE0-DC290CEFE3EC}) (Version: 12.0.0.0 - Intel Corporation) Hidden
Microsoft Visual C++ 2010 x86 Redistributable - 10.0.30319 (HKLM-x32\...\{196BB40D-1578-3D01-B289-BEFC77A11A1E}) (Version: 10.0.30319 - Microsoft Corporation)
Microsoft Visual C++ 2013 Redistributable (x64) - 12.0.21005 (HKLM-x32\...\{7f51bdb9-ee21-49ee-94d6-90afc321780e}) (Version: 12.0.21005.1 - Microsoft Corporation)
Microsoft Visual C++ 2013 Redistributable (x64) - 12.0.30501 (HKLM-x32\...\{050d4fc8-5d48-4b8f-8972-47c82c46020f}) (Version: 12.0.30501.0 - Microsoft Corporation)
Microsoft Visual C++ 2013 Redistributable (x86) - 12.0.21005 (HKLM-x32\...\{ce085a78-074e-4823-8dc1-8a721b94b76d}) (Version: 12.0.21005.1 - Microsoft Corporation)
Microsoft Visual C++ 2013 x64 Additional Runtime - 12.0.21005 (HKLM\...\{929FBD26-9020-399B-9A7A-751D61F0B942}) (Version: 12.0.21005 - Microsoft Corporation) Hidden
Microsoft Visual C++ 2013 x64 Minimum Runtime - 12.0.21005 (HKLM\...\{A749D8E6-B613-3BE3-8F5F-045C84EBA29B}) (Version: 12.0.21005 - Microsoft Corporation) Hidden
Microsoft Visual C++ 2013 x86 Additional Runtime - 12.0.21005 (HKLM-x32\...\{F8CFEB22-A2E7-3971-9EDA-4B11EDEFC185}) (Version: 12.0.21005 - Microsoft Corporation) Hidden
Microsoft Visual C++ 2013 x86 Minimum Runtime - 12.0.21005 (HKLM-x32\...\{13A4EE12-23EA-3371-91EE-EFB36DDFFF3E}) (Version: 12.0.21005 - Microsoft Corporation) Hidden
Microsoft Visual C++ 2015 Redistributable (x64) - 14.0.23506 (HKLM-x32\...\{3ee5e5bb-b7cc-4556-8861-a00a82977d6c}) (Version: 14.0.23506.0 - Microsoft Corporation)
Microsoft Visual C++ 2015 Redistributable (x86) - 14.0.23506 (HKLM-x32\...\{23daf363-3020-4059-b3ae-dc4ad39fed19}) (Version: 14.0.23506.0 - Microsoft Corporation)
Microsoft Visual C++ 2015 x64 Additional Runtime - 14.0.23506 (HKLM\...\{B0B194F8-E0CE-33FE-AA11-636428A4B73D}) (Version: 14.0.23506 - Microsoft Corporation) Hidden
Microsoft Visual C++ 2015 x64 Minimum Runtime - 14.0.23506 (HKLM\...\{A1C31BA5-5438-3A07-9EEE-A5FB2D0FDE36}) (Version: 14.0.23506 - Microsoft Corporation) Hidden
Microsoft Visual C++ 2015 x86 Additional Runtime - 14.0.23506 (HKLM-x32\...\{1045AB6F-6151-3634-8C2C-EE308AA1A6A7}) (Version: 14.0.23506 - Microsoft Corporation) Hidden
Microsoft Visual C++ 2015 x86 Minimum Runtime - 14.0.23506 (HKLM-x32\...\{65AD78AD-D23D-3A1E-9305-3AE65CD522C2}) (Version: 14.0.23506 - Microsoft Corporation) Hidden
NVIDIA GeForce Experience 3.12.0.84 (HKLM\...\{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_Display.GFExperience) (Version: 3.12.0.84 - NVIDIA Corporation)
NVIDIA Ovladače grafiky 512.78 (HKLM\...\{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_Display.Driver) (Version: 512.78 - NVIDIA Corporation)
NVIDIA Systémový software PhysX 9.17.0524 (HKLM\...\{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_Display.PhysX) (Version: 9.17.0524 - NVIDIA Corporation)
Pomocník s aktualizací Windows 10 (HKLM-x32\...\{D5C69738-B486-402E-85AC-2456D98A64E4}) (Version: 1.4.9200.22589 - Microsoft Corporation)
REALTEK Bluetooth Driver (HKLM-x32\...\{9D3D8C60-A5EF-4123-B2B9-172095903AB}) (Version: 1.0.0.88 - REALTEK Semiconductor Corp.)
Realtek Ethernet Controller Driver (HKLM-x32\...\{8833FFB6-5B0C-4764-81AA-06DFEED9A476}) (Version: 10.25.119.2018 - Realtek)
REALTEK Wireless LAN Driver (HKLM-x32\...\{A5107464-AA9B-4177-8129-5FF2F42DD322}) (Version: 1.0.0.113 - REALTEK Semiconductor Corp.)
Skype verze 8.136 (HKLM-x32\...\Skype_is1) (Version: 8.136 - Skype Technologies S.A.)
TeamViewer 14 (HKLM-x32\...\TeamViewer) (Version: 14.2.8352 - TeamViewer)
Update for Windows 10 for x64-based Systems (KB4480730) (HKLM\...\{344F3227-F502-4219-9DC4-1967E586FAFA}) (Version: 2.51.0.0 - Microsoft Corporation)
Update for x64-based Windows Systems (KB5001716) (HKLM\...\{DA80A019-4C3B-4DAA-ACA1-6937D7CAAF9E}) (Version: 8.94.0.0 - Microsoft Corporation)
VLC media player (HKLM\...\VLC media player) (Version: 3.0.6 - VideoLAN)
WebAdvisor od společnosti McAfee (HKLM-x32\...\{35ED3F83-4BDC-4c44-8EC6-6A8301C7413A}) (Version: 4.1.1.1011 - McAfee, LLC)
WinRAR 5.90 (64-bit) (HKLM\...\WinRAR archiver) (Version: 5.90.0 - win.rar GmbH)
Chrome apps:
============
Mapy Google (HKU\S-1-5-21-1311674592-3799105159-958900802-1001\...\5738b425916c8b4f4bd8e8c200100190) (Version: 1.0 - Google\Chrome)
Packages:
=========
Adobe Acrobat Reader -> C:\Program Files\Adobe\Acrobat DC [2025-01-25] ()
Bitdefender CL Contextual Menu -> C:\Program Files\Bitdefender\Bitdefender Security App [2025-03-14] (Bitdefender)
Candy Crush Friends -> C:\Program Files\WindowsApps\king.com.CandyCrushFriends_4.9.1.0_x64__kgqvnymyfvs32 [2025-03-14] (king.com)
Candy Crush Saga -> C:\Program Files\WindowsApps\king.com.CandyCrushSaga_1.2970.1.0_x64__kgqvnymyfvs32 [2025-02-27] (king.com)
Cooking Fever -> C:\Program Files\WindowsApps\NORDCURRENT.COOKINGFEVER_21.1.3.0_x86__m9bz608c1b9ra [2025-02-27] (Nordcurrent)
Doplněk multimediálního modulu pro aplikaci Fotografie -> C:\Program Files\WindowsApps\Microsoft.Photos.MediaEngineDLC_1.0.0.0_x64__8wekyb3d8bbwe [2020-07-05] (Microsoft Corporation)
HP Audio Control -> C:\Program Files\WindowsApps\RealtekSemiconductorCorp.HPAudioControl_1.10.216.0_x64__dt26b99r8h8gj [2020-09-12] (Realtek Semiconductor Corp)
HP JumpStart -> C:\Program Files\WindowsApps\AD2F1837.HPJumpStart_1.4.481.0_x86__v10z8vjag6ke6 [2018-11-24] (HP Inc.)
LinkedIn -> C:\Program Files\WindowsApps\7EE7776C.LinkedInforWindows_3.0.42.0_x64__w1wdnht996qgy [2025-02-27] (LinkedIn) [Startup Task]
Microsoft Access -> C:\Program Files\WindowsApps\Microsoft.Office.Desktop.Access_16051.18429.20158.0_x86__8wekyb3d8bbwe [2025-02-13] (Microsoft Corporation)
Microsoft Advertising SDK for XAML -> C:\Program Files\WindowsApps\Microsoft.Advertising.Xaml_10.1811.1.0_x64__8wekyb3d8bbwe [2019-04-18] (Microsoft Corporation) [MS Ad]
Microsoft Advertising SDK for XAML -> C:\Program Files\WindowsApps\Microsoft.Advertising.Xaml_10.1811.1.0_x86__8wekyb3d8bbwe [2019-04-18] (Microsoft Corporation) [MS Ad]
Microsoft Excel -> C:\Program Files\WindowsApps\Microsoft.Office.Desktop.Excel_16051.18429.20158.0_x86__8wekyb3d8bbwe [2025-02-13] (Microsoft Corporation)
Microsoft Family -> C:\Program Files\WindowsApps\MicrosoftCorporationII.MicrosoftFamily_0.2.40.0_x64__8wekyb3d8bbwe [2024-11-16] (Microsoft Corp.)
Microsoft Office Desktop Apps -> C:\Program Files\WindowsApps\Microsoft.Office.Desktop_16051.18429.20158.0_x86__8wekyb3d8bbwe [2025-02-13] (Microsoft Corporation)
Microsoft Outlook -> C:\Program Files\WindowsApps\Microsoft.Office.Desktop.Outlook_16051.18429.20158.0_x86__8wekyb3d8bbwe [2025-02-13] (Microsoft Corporation)
Microsoft PowerPoint -> C:\Program Files\WindowsApps\Microsoft.Office.Desktop.PowerPoint_16051.18429.20158.0_x86__8wekyb3d8bbwe [2025-02-13] (Microsoft Corporation)
Microsoft Publisher -> C:\Program Files\WindowsApps\Microsoft.Office.Desktop.Publisher_16051.18429.20158.0_x86__8wekyb3d8bbwe [2025-02-13] (Microsoft Corporation)
Microsoft Word -> C:\Program Files\WindowsApps\Microsoft.Office.Desktop.Word_16051.18429.20158.0_x86__8wekyb3d8bbwe [2025-02-13] (Microsoft Corporation)
Microsoft.StartExperiencesApp -> C:\Program Files\WindowsApps\Microsoft.StartExperiencesApp_1.1.235.0_x64__8wekyb3d8bbwe [2025-02-27] (Microsoft Corporation)
Power Media Player 14 for HP Consumer PCs with DVD -> C:\Program Files\WindowsApps\CyberLinkCorp.hs.PowerMediaPlayer14forHPConsumerPC_14.2.9528.0_x86__06qsbagp91rvg [2019-04-18] (CYBERLINKCOM CORP)
Simple Solitaire -> C:\Program Files\WindowsApps\26720RandomSaladGamesLLC.SimpleSolitaire_7.5.25.0_x64__kx24dqmazqk8j [2025-02-27] (Random Salad Games LLC)
SpotifyAB.SpotifyMusic -> C:\Program Files\WindowsApps\SpotifyAB.SpotifyMusic_1.257.463.0_x64__zpdnekdrzrea0 [2025-02-13] (Spotify AB) [Startup Task]
Synaptics TouchPad -> C:\Program Files\WindowsApps\SynapticsIncorporated.SynHPConsumerDApp_19005.35054.0.0_x64__807d65c4rvak2 [2020-03-15] (Synaptics Incorporated)
==================== Custom CLSID (Whitelisted): ==============
(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)
CustomCLSID: HKU\S-1-5-21-1311674592-3799105159-958900802-1001_Classes\CLSID\{38142727-3008-9161-1521-349515000000}\localserver32 -> C:\Program Files\Adobe\Acrobat DC\Acrobat\ADNotificationManager.exe (Adobe Inc. -> Adobe)
CustomCLSID: HKU\S-1-5-21-1311674592-3799105159-958900802-1001_Classes\CLSID\{C78B614D-F3EA-11D2-94A1-00E0292A01E3}\InprocServer32 -> C:\Program Files\Altap Salamander\utils\salextx64.dll (ALTAP) [File not signed]
ShellExecuteHooks: Groove GFS Stub Execution Hook - {B5A7F190-DDA6-4420-B3BA-52453494E6CD} - C:\Program Files\Microsoft Office\Office14\GROOVEEX.DLL [6722448 2010-03-25] (Microsoft Corporation -> Microsoft Corporation)
ShellExecuteHooks-x32: Groove GFS Stub Execution Hook - {B5A7F190-DDA6-4420-B3BA-52453494E6CD} - C:\Program Files (x86)\Microsoft Office\Office14\GROOVEEX.DLL [4222864 2010-03-25] (Microsoft Corporation -> Microsoft Corporation)
ContextMenuHandlers1: [WinRAR] -> {B41DB860-64E4-11D2-9906-E49FADC173CA} => C:\Program Files\WinRAR\rarext.dll [2020-03-26] (win.rar GmbH -> Alexander Roshal)
ContextMenuHandlers1-x32: [WinRAR32] -> {B41DB860-8EE4-11D2-9906-E49FADC173CA} => C:\Program Files\WinRAR\rarext32.dll [2020-03-26] (win.rar GmbH -> Alexander Roshal)
ContextMenuHandlers4: [WinRAR] -> {B41DB860-64E4-11D2-9906-E49FADC173CA} => C:\Program Files\WinRAR\rarext.dll [2020-03-26] (win.rar GmbH -> Alexander Roshal)
ContextMenuHandlers4-x32: [WinRAR32] -> {B41DB860-8EE4-11D2-9906-E49FADC173CA} => C:\Program Files\WinRAR\rarext32.dll [2020-03-26] (win.rar GmbH -> Alexander Roshal)
ContextMenuHandlers5: [igfxcui] -> {3AB1675A-CCFF-11D2-8B20-00A0C93CB1F4} => -> No File
ContextMenuHandlers5: [igfxDTCM] -> {9B5F5829-A529-4B12-814A-E81BCB8D93FC} => C:\WINDOWS\System32\DriverStore\FileRepository\igdlh64.inf_amd64_31f4e71363bfa9b6\igfxDTCM.dll [2021-01-19] (Microsoft Windows Hardware Compatibility Publisher -> Intel Corporation)
ContextMenuHandlers5: [NvCplDesktopContext] -> {3D1975AF-48C6-4f8e-A182-BE0E08FA86A9} => C:\WINDOWS\system32\nvshext.dll [2022-05-05] (Nvidia Corporation -> NVIDIA Corporation)
ContextMenuHandlers6: [WinRAR] -> {B41DB860-64E4-11D2-9906-E49FADC173CA} => C:\Program Files\WinRAR\rarext.dll [2020-03-26] (win.rar GmbH -> Alexander Roshal)
ContextMenuHandlers6-x32: [WinRAR32] -> {B41DB860-8EE4-11D2-9906-E49FADC173CA} => C:\Program Files\WinRAR\rarext32.dll [2020-03-26] (win.rar GmbH -> Alexander Roshal)
==================== Codecs (Whitelisted) ====================
(If an entry is included in the fixlist, the registry item will be restored to default or removed. The file will not be moved.)
HKLM\...\Drivers32-x32: [vidc.XVID] => xvidvfw.dll
HKLM\...\Drivers32-x32: [VIDC.VP80] => vp8vfw.dll
==================== Shortcuts & WMI ========================
(The entries could be listed to be restored or removed.)
ShortcutWithArgument: C:\Users\Adriana\Desktop\Mapy Google.lnk -> C:\Program Files (x86)\Google\Chrome\Application\chrome_proxy.exe (Google LLC) -> --profile-directory=Default --app-id=ebaakkhnommmgmlbagjehhjfhkkmhhaa
ShortcutWithArgument: C:\Users\Adriana\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Aplikace Chrome\Mapy Google.lnk -> C:\Program Files (x86)\Google\Chrome\Application\chrome_proxy.exe (Google LLC) -> --profile-directory=Default --app-id=ebaakkhnommmgmlbagjehhjfhkkmhhaa
==================== Loaded Modules (Whitelisted) =============
2025-01-26 22:17 - 2025-01-26 22:17 - 000160768 _____ () [File not signed] C:\WINDOWS\assembly\NativeImages_v4.0.30319_32\BRIDGECommon\d559c5307bd854c0ca32f44553d67642\BRIDGECommon.ni.dll
2025-01-26 22:21 - 2025-01-26 22:21 - 000125440 _____ () [File not signed] C:\WINDOWS\assembly\NativeImages_v4.0.30319_32\BridgeExtension\320703600b565b8a20889d333d4b1aa3\BridgeExtension.ni.dll
2025-01-26 22:21 - 2025-01-26 22:21 - 000395264 _____ () [File not signed] C:\WINDOWS\assembly\NativeImages_v4.0.30319_32\CleanStartController\060bc0c317b2791a7374b165a40440e0\CleanStartController.ni.dll
2025-01-26 22:21 - 2025-01-26 22:21 - 000145920 _____ () [File not signed] C:\WINDOWS\assembly\NativeImages_v4.0.30319_32\Registratio4eabc192#\0bcde7da77e70e2f6ef447634c2632ab\RegistrationUtilities.ni.dll
2025-01-26 22:21 - 2025-01-26 22:21 - 000136704 _____ (HP Inc.) [File not signed] C:\WINDOWS\assembly\NativeImages_v4.0.30319_32\CommonPortable\140d680eefc10d28c7023fe6dee2f3c8\CommonPortable.ni.dll
2017-09-27 08:02 - 2017-09-27 08:02 - 000184832 _____ (NetToolWorks Inc.) [File not signed] [File is in use] C:\Program Files (x86)\Hewlett-Packard\HP Support Solutions\Modules\DeviceDetection\NetToolWorks.Snmp.dll
2025-01-26 22:19 - 2025-01-26 22:19 - 002305536 _____ (Newtonsoft) [File not signed] C:\WINDOWS\assembly\NativeImages_v4.0.30319_32\Newtonsoft.Json\4be9d3d7336190552509e4f592712b9e\Newtonsoft.Json.ni.dll
==================== Alternate Data Streams (Whitelisted) ========
(If an entry is included in the fixlist, only the ADS will be removed.)
AlternateDataStreams: C:\Users\Adriana\Downloads\FRST.exe:BDU [0]
AlternateDataStreams: C:\Users\Adriana\Downloads\FRST64.exe:BDU [0]
==================== Safe Mode (Whitelisted) ==================
==================== Association (Whitelisted) =================
==================== Internet Explorer (Whitelisted) =============
HKLM\Software\Microsoft\Internet Explorer\Main,Start Page = hxxp://hp17win10.msn.com/?pc=HCTE
HKLM\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = hxxp://hp17win10.msn.com/?pc=HCTE
HKU\S-1-5-21-1311674592-3799105159-958900802-1001\Software\Microsoft\Internet Explorer\Main,Start Page = hxxp://hp17win10.msn.com/?pc=HCTE
HKU\S-1-5-21-1311674592-3799105159-958900802-1001\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = hxxp://hp17win10.msn.com/?pc=HCTE
SearchScopes: HKLM -> {D8ED3568-26B6-4487-ADEE-7ADBB44E8250} URL = hxxp://www.amazon.co.uk/s/ref=azs_osd_ieauk?ie ... earchTerms}
SearchScopes: HKLM-x32 -> {D8ED3568-26B6-4487-ADEE-7ADBB44E8250} URL = hxxp://www.amazon.co.uk/s/ref=azs_osd_ieauk?ie ... earchTerms}
SearchScopes: HKU\S-1-5-21-1311674592-3799105159-958900802-1001 -> {D8ED3568-26B6-4487-ADEE-7ADBB44E8250} URL = hxxp://www.amazon.co.uk/s/ref=azs_osd_ieauk?ie ... earchTerms}
BHO: Groove GFS Browser Helper -> {72853161-30C5-4D22-B7F9-0BBC1D38A37E} -> C:\Program Files\Microsoft Office\Office14\GROOVEEX.DLL [2010-03-25] (Microsoft Corporation -> Microsoft Corporation)
BHO: McAfee WebAdvisor -> {B164E929-A1B6-4A06-B104-2CD0E90A88FF} -> C:\Program Files\McAfee\WebAdvisor\x64\IEPlugin.dll [2022-07-20] (McAfee, LLC -> McAfee, LLC)
BHO: Office Document Cache Handler -> {B4F3A835-0E21-4959-BA22-42B3008E02FF} -> C:\Program Files\Microsoft Office\Office14\URLREDIR.DLL [2010-02-28] (Microsoft Corporation -> Microsoft Corporation)
BHO: HP Network Check Helper -> {E76FD755-C1BA-4DCB-9F13-99BD91223ADE} -> C:\Program Files (x86)\Hewlett-Packard\HP Support Framework\Resources\HPNetworkCheck\HPNetworkCheckPluginx64.dll [2017-09-27] (HP Inc. -> HP Inc.)
BHO-x32: Groove GFS Browser Helper -> {72853161-30C5-4D22-B7F9-0BBC1D38A37E} -> C:\Program Files (x86)\Microsoft Office\Office14\GROOVEEX.DLL [2010-03-25] (Microsoft Corporation -> Microsoft Corporation)
BHO-x32: McAfee WebAdvisor -> {B164E929-A1B6-4A06-B104-2CD0E90A88FF} -> C:\Program Files\McAfee\WebAdvisor\win32\IEPlugin.dll [2022-07-20] (McAfee, LLC -> McAfee, LLC)
BHO-x32: Office Document Cache Handler -> {B4F3A835-0E21-4959-BA22-42B3008E02FF} -> C:\Program Files (x86)\Microsoft Office\Office14\URLREDIR.DLL [2010-02-28] (Microsoft Corporation -> Microsoft Corporation)
BHO-x32: HP Network Check Helper -> {E76FD755-C1BA-4DCB-9F13-99BD91223ADE} -> C:\Program Files (x86)\Hewlett-Packard\HP Support Framework\Resources\HPNetworkCheck\HPNetworkCheckPlugin.dll [2017-09-27] (HP Inc. -> HP Inc.)
==================== Hosts content: =========================
(If needed Hosts: directive could be included in the fixlist to reset Hosts.)
2018-04-12 00:38 - 2018-04-12 00:36 - 000000824 _____ C:\WINDOWS\system32\drivers\etc\hosts
==================== Other Areas ===========================
(Currently there is no automatic fix for this section.)
HKLM\System\CurrentControlSet\Control\Session Manager\Environment\\Path -> C:\Program Files (x86)\Intel\TXE Components\iCLS\;C:\Program Files\Intel\TXE Components\iCLS\;C:\windows\system32;C:\windows;C:\windows\System32\Wbem;C:\windows\System32\WindowsPowerShell\v1.0\;C:\windows\System32\OpenSSH\;C:\Program Files\Intel\TXE Components\DAL\;C:\Program Files (x86)\Intel\TXE Components\DAL\;C:\Program Files\Intel\TXE Components\IPT\;C:\Program Files (x86)\Intel\TXE Components\IPT\;C:\Program Files (x86)\NVIDIA Corporation\PhysX\Common;%SystemRoot%\system32;%SystemRoot%;%SystemRoot%\System32\Wbem;%SYSTEMROOT%\System32\WindowsPowerShell\v1.0\;%SYSTEMROOT%\System32\OpenSSH\
HKU\S-1-5-21-1311674592-3799105159-958900802-1001\Control Panel\Desktop\\Wallpaper -> C:\Users\Adriana\Desktop\JÁ\14318556_4_1700108082.jpg
DNS Servers: 192.168.0.254 - 217.196.124.1
HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Policies\System => (ConsentPromptBehaviorAdmin: 5) (ConsentPromptBehaviorUser: 3) (EnableLUA: 1)
BITS: {2250021F-B44B-4C02-A193-7E3D1BBECF62} - (HPCeeConnect) -> [NotifyCmdLine: C:\Program Files (x86)\Hewlett-Packard\HP Ceement\HPCEE.exe "C:\Program Files (x86)\Hewlett-Packard\HP Ceement\HPCEE.exe" HPCeeConnect (null)] [files:http://ceement.rssx.hp.com/CeementWA/index.jsp -> C:\Users\Adriana\hpTemp.txt]
Windows Firewall is enabled.
Network Binding:
=============
Síťové připojení Bluetooth: Bluetooth Device (Personal Area Network) -> bthpan.sys
Ethernet: Realtek PCIe GbE Family Controller -> rtcx21x64.sys
Wi-Fi: Realtek RTL8822BE 802.11ac PCIe Adapter -> rtwlane.sys
==================== MSCONFIG/TASK MANAGER disabled items ==
(If an entry is included in the fixlist, it will be removed.)
HKLM\...\StartupApproved\Run: => "RtkAudUService"
HKLM\...\StartupApproved\Run: => "msedge_cleanup_{F3017226-FE2A-4295-8BDF-00C3A9A7E4C5}"
HKLM\...\StartupApproved\Run32: => "BCSSync"
HKU\S-1-5-21-1311674592-3799105159-958900802-1001\...\StartupApproved\Run: => "OneDrive"
==================== FirewallRules (Whitelisted) ================
(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)
FirewallRules: [{1EFB2296-BA29-4EBB-BFFA-7D62E91D8E7B}] => (Allow) C:\Program Files (x86)\Microsoft\Skype for Desktop\Skype.exe (Skype Software Sarl -> Skype Technologies S.A.)
FirewallRules: [{EB2A2B45-5A1A-4D95-B0E3-F6113EC37025}] => (Allow) C:\Program Files (x86)\Microsoft\Skype for Desktop\Skype.exe (Skype Software Sarl -> Skype Technologies S.A.)
FirewallRules: [{8882661E-DCCD-4634-82BA-13778931D278}] => (Allow) C:\Program Files\Bitdefender\Bitdefender Security\bdntwrk.exe (Bitdefender SRL -> Bitdefender)
FirewallRules: [{C944D74D-DF8B-41F6-83AB-BA6D22E61166}] => (Allow) C:\Program Files\Bonjour\mDNSResponder.exe (Apple Inc. -> Apple Inc.)
FirewallRules: [{FF2D2EB8-431C-4018-83AD-041F5D5FD8B8}] => (Allow) C:\Program Files\Bonjour\mDNSResponder.exe (Apple Inc. -> Apple Inc.)
FirewallRules: [{A15F01E2-B0B1-4015-9790-1E6BE83567FE}] => (Allow) C:\Program Files (x86)\Bonjour\mDNSResponder.exe (Apple Inc. -> Apple Inc.)
FirewallRules: [{8FC9D36B-3460-499A-8845-0525573AC366}] => (Allow) C:\Program Files (x86)\Bonjour\mDNSResponder.exe (Apple Inc. -> Apple Inc.)
FirewallRules: [{40118C59-61C0-4690-9F50-C7A63F38425F}] => (Allow) C:\Program Files\NVIDIA Corporation\NvContainer\nvcontainer.exe (NVIDIA Corporation -> NVIDIA Corporation)
FirewallRules: [{831ADED0-792F-4A4A-B839-F7D36A929997}] => (Allow) C:\Program Files\NVIDIA Corporation\NvContainer\nvcontainer.exe (NVIDIA Corporation -> NVIDIA Corporation)
FirewallRules: [{68BA3751-F556-4329-9756-0FE8643D169C}] => (Allow) C:\Program Files\NVIDIA Corporation\NvContainer\nvcontainer.exe (NVIDIA Corporation -> NVIDIA Corporation)
FirewallRules: [{6A993636-BBE8-4ED0-998F-550B9F367335}] => (Allow) C:\Program Files\NVIDIA Corporation\NvContainer\nvcontainer.exe (NVIDIA Corporation -> NVIDIA Corporation)
FirewallRules: [{71CA705F-A1EB-4C7D-AF52-9351B40869D6}] => (Allow) C:\Program Files\NVIDIA Corporation\NvStreamSrv\nvstreamer.exe (NVIDIA Corporation -> NVIDIA Corporation)
FirewallRules: [{7C3A54E6-163A-4F97-8D87-376D7FB78A52}] => (Allow) C:\Program Files\NVIDIA Corporation\NvStreamSrv\nvstreamer.exe (NVIDIA Corporation -> NVIDIA Corporation)
FirewallRules: [{2895CF63-CBCC-4CE7-8AAE-9609228006F6}] => (Allow) C:\Program Files (x86)\Common Files\Mcafee\MMSSHost\MMSSHost.exe => No File
FirewallRules: [{054907B3-0783-4ACC-88D0-FA654BE55FB5}] => (Allow) C:\Program Files\Common Files\McAfee\MMSSHost\MMSSHost.exe => No File
FirewallRules: [{7BA79C55-6DE3-43E4-BEBE-9576762FA791}] => (Allow) C:\Program Files (x86)\TeamViewer\TeamViewer.exe (TeamViewer GmbH -> TeamViewer GmbH)
FirewallRules: [{3AE225C4-8425-49C3-A5CC-7CAB9A5F0A1D}] => (Allow) C:\Program Files (x86)\TeamViewer\TeamViewer.exe (TeamViewer GmbH -> TeamViewer GmbH)
FirewallRules: [{5E54622C-EDBB-4B3F-9503-9140FC725DE5}] => (Allow) C:\Program Files (x86)\TeamViewer\TeamViewer_Service.exe (TeamViewer GmbH -> TeamViewer GmbH)
FirewallRules: [{EA0060E7-38AF-4230-96BF-E2DC065EF8A5}] => (Allow) C:\Program Files (x86)\TeamViewer\TeamViewer_Service.exe (TeamViewer GmbH -> TeamViewer GmbH)
FirewallRules: [TCP Query User{3A2473BD-28C5-4E93-9657-2A4FA16A9A56}C:\windows\explorer.exe] => (Block) C:\windows\explorer.exe (Microsoft Windows -> Microsoft Corporation)
FirewallRules: [UDP Query User{89D6091D-F9D8-45E1-B587-B64BE85426B9}C:\windows\explorer.exe] => (Block) C:\windows\explorer.exe (Microsoft Windows -> Microsoft Corporation)
FirewallRules: [{5C0B377F-C28B-468F-B864-654D2B42B8E3}] => (Allow) C:\Program Files\WindowsApps\MicrosoftTeams_24277.3102.3183.2670_x64__8wekyb3d8bbwe\msteams.exe (Microsoft Corporation -> Microsoft Corporation)
FirewallRules: [{31B18D05-5966-441B-BDED-686350046F3A}] => (Allow) C:\Program Files\WindowsApps\MicrosoftTeams_24277.3102.3183.2670_x64__8wekyb3d8bbwe\msteams.exe (Microsoft Corporation -> Microsoft Corporation)
FirewallRules: [{F0659D6B-BF79-4E5C-8C00-0FB524675A1B}] => (Allow) C:\Program Files\WindowsApps\Microsoft.SkypeApp_15.136.3203.0_x64__kzf8qxf38zg5c\Skype\Skype.exe (Skype Software Sarl -> Skype Technologies S.A.)
FirewallRules: [{A7E0DBC0-4270-4015-9A41-C1F005754FB5}] => (Allow) C:\Program Files\WindowsApps\Microsoft.SkypeApp_15.136.3203.0_x64__kzf8qxf38zg5c\Skype\Skype.exe (Skype Software Sarl -> Skype Technologies S.A.)
FirewallRules: [{6C5187B9-3F65-40A4-A273-F9DC04FD8107}] => (Allow) C:\Program Files\WindowsApps\Microsoft.SkypeApp_15.136.3203.0_x64__kzf8qxf38zg5c\Skype\Skype.exe (Skype Software Sarl -> Skype Technologies S.A.)
FirewallRules: [{2ABF5A81-F826-45FA-8E45-51E90AB139F1}] => (Allow) C:\Program Files\WindowsApps\Microsoft.SkypeApp_15.136.3203.0_x64__kzf8qxf38zg5c\Skype\Skype.exe (Skype Software Sarl -> Skype Technologies S.A.)
FirewallRules: [{E6E70C09-5F4F-449F-918B-0F5C8D700941}] => (Allow) C:\Program Files\WindowsApps\SpotifyAB.SpotifyMusic_1.257.463.0_x64__zpdnekdrzrea0\Spotify.exe (453637B3-4E12-4CDF-B0D3-2A3C863BF6EF -> Spotify Ltd)
FirewallRules: [{FDC07B9D-7AE6-43E2-A170-307D3B1CF73B}] => (Allow) C:\Program Files\WindowsApps\SpotifyAB.SpotifyMusic_1.257.463.0_x64__zpdnekdrzrea0\Spotify.exe (453637B3-4E12-4CDF-B0D3-2A3C863BF6EF -> Spotify Ltd)
FirewallRules: [{896E2DBC-3C0A-4C64-B9CD-3436415BF8B3}] => (Allow) C:\Program Files\WindowsApps\SpotifyAB.SpotifyMusic_1.257.463.0_x64__zpdnekdrzrea0\Spotify.exe (453637B3-4E12-4CDF-B0D3-2A3C863BF6EF -> Spotify Ltd)
FirewallRules: [{1FA79451-97D9-4016-A538-7962E532CE10}] => (Allow) C:\Program Files\WindowsApps\SpotifyAB.SpotifyMusic_1.257.463.0_x64__zpdnekdrzrea0\Spotify.exe (453637B3-4E12-4CDF-B0D3-2A3C863BF6EF -> Spotify Ltd)
FirewallRules: [{A73B9695-9D77-4ED5-BB6F-0832DFDE0740}] => (Allow) C:\Program Files\WindowsApps\SpotifyAB.SpotifyMusic_1.257.463.0_x64__zpdnekdrzrea0\Spotify.exe (453637B3-4E12-4CDF-B0D3-2A3C863BF6EF -> Spotify Ltd)
FirewallRules: [{D18E1FFF-6753-462C-B16B-7BC5891EC364}] => (Allow) C:\Program Files\WindowsApps\SpotifyAB.SpotifyMusic_1.257.463.0_x64__zpdnekdrzrea0\Spotify.exe (453637B3-4E12-4CDF-B0D3-2A3C863BF6EF -> Spotify Ltd)
FirewallRules: [{BF8CD9B7-F048-4F69-91D4-9B8B4E52C543}] => (Allow) C:\Program Files\WindowsApps\SpotifyAB.SpotifyMusic_1.257.463.0_x64__zpdnekdrzrea0\Spotify.exe (453637B3-4E12-4CDF-B0D3-2A3C863BF6EF -> Spotify Ltd)
FirewallRules: [{EDCA9B4C-F620-4A62-9F81-C19610EC67D4}] => (Allow) C:\Program Files\WindowsApps\SpotifyAB.SpotifyMusic_1.257.463.0_x64__zpdnekdrzrea0\Spotify.exe (453637B3-4E12-4CDF-B0D3-2A3C863BF6EF -> Spotify Ltd)
FirewallRules: [{598FCC55-F47D-4497-A9C3-7DBF570B5DEA}] => (Allow) C:\Program Files\WindowsApps\SpotifyAB.SpotifyMusic_1.257.463.0_x64__zpdnekdrzrea0\Spotify.exe (453637B3-4E12-4CDF-B0D3-2A3C863BF6EF -> Spotify Ltd)
FirewallRules: [{925EDD0E-7C3E-453B-AAA2-EE4072251B2E}] => (Allow) C:\Program Files\WindowsApps\SpotifyAB.SpotifyMusic_1.257.463.0_x64__zpdnekdrzrea0\Spotify.exe (453637B3-4E12-4CDF-B0D3-2A3C863BF6EF -> Spotify Ltd)
FirewallRules: [{949526EE-4911-41C0-8A85-055FB9475684}] => (Allow) C:\Program Files\WindowsApps\Microsoft.Office.Desktop.Outlook_16051.18429.20158.0_x86__8wekyb3d8bbwe\Office16\OUTLOOK.exe (Microsoft Corporation -> Microsoft Corporation)
FirewallRules: [{05D2A9D0-B920-46D2-8F30-60DC3ACDCF3F}] => (Allow) C:\Program Files (x86)\Microsoft\Skype for Desktop\Skype.exe (Skype Software Sarl -> Skype Technologies S.A.)
FirewallRules: [{5FDD0B61-5BBF-4733-985C-8FD7A0D88426}] => (Allow) C:\Program Files (x86)\Microsoft\Skype for Desktop\Skype.exe (Skype Software Sarl -> Skype Technologies S.A.)
FirewallRules: [{308F87A9-2876-4D66-8C97-368CFC16BF8D}] => (Allow) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe (Google LLC -> Google LLC)
FirewallRules: [{E55C9C43-E50A-479A-A477-A2BA51DA2A5D}] => (Allow) C:\Program Files (x86)\Microsoft\EdgeWebView\Application\133.0.3065.92\msedgewebview2.exe (Microsoft Corporation -> Microsoft Corporation)
==================== Restore Points =========================
14-03-2025 11:57:43 Windows Update
14-03-2025 11:57:59 Windows Update
==================== Faulty Device Manager Devices ============
==================== Event log errors: ========================
Application errors:
==================
Error: (03/14/2025 11:44:40 AM) (Source: SecurityCenter) (EventID: 19) (User: )
Description: Službě Centrum zabezpečení Windows se nepodařilo načíst instance objektu AntiVirusProduct z úložiště dat.
Error: (02/27/2025 10:04:32 AM) (Source: SecurityCenter) (EventID: 19) (User: )
Description: Službě Centrum zabezpečení Windows se nepodařilo načíst instance objektu AntiVirusProduct z úložiště dat.
Error: (02/27/2025 10:02:34 AM) (Source: System Restore) (EventID: 8193) (User: )
Description: Vytvoření bodu obnovení se nezdařilo (Proces = C:\WINDOWS\system32\svchost.exe -k netsvcs -p -s wuauserv; Popis = Windows Update; Chyba = 0x80042319).
Error: (02/27/2025 10:02:34 AM) (Source: SPP) (EventID: 16387) (User: )
Description: V zapisovači MSSearch Service Writer došlo při vytváření snímku k chybě.
Další informace: .
Error: (02/27/2025 09:51:27 AM) (Source: SecurityCenter) (EventID: 19) (User: )
Description: Službě Centrum zabezpečení Windows se nepodařilo načíst instance objektu AntiVirusProduct z úložiště dat.
Error: (02/13/2025 12:27:55 PM) (Source: SecurityCenter) (EventID: 19) (User: )
Description: Službě Centrum zabezpečení Windows se nepodařilo načíst instance objektu AntiVirusProduct z úložiště dat.
Error: (02/13/2025 09:17:02 AM) (Source: Bonjour Service) (EventID: 100) (User: )
Description: Local Hostname LAPTOP-PC5UL52V.local already in use; will try LAPTOP-PC5UL52V-2.local instead
Error: (02/13/2025 09:17:02 AM) (Source: Bonjour Service) (EventID: 100) (User: )
Description: mDNSCoreReceiveResponse: ProbeCount 0; will deregister 4 LAPTOP-PC5UL52V.local. Addr 169.254.200.205
System errors:
=============
Error: (03/14/2025 12:14:18 PM) (Source: Microsoft-Windows-WindowsUpdateClient) (EventID: 20) (User: NT AUTHORITY)
Description: Instalace se nezdařila: Instalování následující aktualizace se nezdařilo z důvodu chyby (0x80073d02): 9PC1H9VN18CM-Microsoft.StartExperiencesApp.
Error: (03/14/2025 12:04:30 PM) (Source: Microsoft-Windows-WindowsUpdateClient) (EventID: 20) (User: NT AUTHORITY)
Description: Instalace se nezdařila: Instalování následující aktualizace se nezdařilo z důvodu chyby (0x80073d02): 9NTXGKQ8P7N0-MicrosoftWindows.CrossDevice.
Error: (03/14/2025 11:58:46 AM) (Source: Microsoft-Windows-WindowsUpdateClient) (EventID: 20) (User: NT AUTHORITY)
Description: Instalace se nezdařila: Instalování následující aktualizace se nezdařilo z důvodu chyby (0x80073d02): 9NZKPSTSNW4P-Microsoft.XboxGamingOverlay.
Error: (03/14/2025 11:45:32 AM) (Source: Service Control Manager) (EventID: 7000) (User: )
Description: Služba Služba Aktualizace Google (gupdate) neuspěla při spuštění v důsledku následující chyby:
Služba neodpověděla na řídicí nebo zahajovací požadavek dostatečně včas.
Error: (03/14/2025 11:45:32 AM) (Source: Service Control Manager) (EventID: 7009) (User: )
Description: Při čekání na připojení služby Služba Aktualizace Google (gupdate) bylo dosaženo časového limitu (30000 ms).
Error: (03/14/2025 11:43:40 AM) (Source: Service Control Manager) (EventID: 7031) (User: )
Description: Služba Windows Search byla nečekaně ukončena. Stalo se to 1 krát. Následující opravná akce bude spuštěna za 30000 milisekund: Restartovat službu.
Error: (03/14/2025 11:43:40 AM) (Source: Service Control Manager) (EventID: 7023) (User: )
Description: Služba Windows Search byla ukončena s následující chybou:
Zadaná přihlašovací relace neexistuje. Zřejmě již byla ukončena.
Error: (03/14/2025 11:43:20 AM) (Source: Microsoft-Windows-Eventlog) (EventID: 22) (User: NT AUTHORITY)
Description: Služba protokolování událostí zjistila při inicializaci publikačních prostředků chybu v kanálu DebugChannel. V případě analytického nebo ladicího typu kanálu to může znamenat, že došlo také k chybě při inicializaci přihlašovacích prostředků.
==================== Memory info ===========================
BIOS: Insyde F.04 08/02/2018
Motherboard: HP 84AB
Processor: Intel(R) Pentium(R) Silver N5000 CPU @ 1.10GHz
Percentage of memory in use: 85%
Total physical RAM: 8023.57 MB
Available physical RAM: 1178.89 MB
Total Virtual: 10327.57 MB
Available Virtual: 3014.18 MB
==================== Drives ================================
Drive c: (Windows) (Fixed) (Total:222.19 GB) (Free:67.36 GB) (Model: SAMSUNG MZNLN256HAJQ-000H1) NTFS
Drive d: (RECOVERY) (Fixed) (Total:15.05 GB) (Free:1.78 GB) (Model: SAMSUNG MZNLN256HAJQ-000H1) NTFS ==>[system with boot components (obtained from drive)]
\\?\Volume{351acab9-ad10-44e4-99d7-36378fadb533}\ (Windows RE tools) (Fixed) (Total:0.96 GB) (Free:0.22 GB) NTFS
\\?\Volume{d5fcc9bd-a2d9-4f24-9b94-f47fccb9ba7e}\ () (Fixed) (Total:0.25 GB) (Free:0.2 GB) FAT32
==================== MBR & Partition Table ====================
==========================================================
Disk: 0 (Size: 238.5 GB) (Disk ID: 5BAF539E)
Partition: GPT.
==================== End of Addition.txt =======================
-
Rudy
- Site Admin
- Příspěvky: 119309
- Registrován: 30 říj 2003 13:42
- Bydliště: Plzeň
- Kontaktovat uživatele:
Re: Prosím o preventivní kontrolu
OK. Otevřte poznámkový blok a zkopírujte do něj:
Uložte do C:\Users\Adriana\Downloads jako fixlist.txt. Spusťte znovu FRST a klikněte na >Fix<. Po skončení akce se objeví log, který sem zkopírujte.Start
CloseProcesses:
ContextMenuHandlers5: [igfxcui] -> {3AB1675A-CCFF-11D2-8B20-00A0C93CB1F4} => -> No File
AlternateDataStreams: C:\Users\Adriana\Downloads\FRST.exe:BDU [0]
AlternateDataStreams: C:\Users\Adriana\Downloads\FRST64.exe:BDU [0]
irewallRules: [{2895CF63-CBCC-4CE7-8AAE-9609228006F6}] => (Allow) C:\Program Files (x86)\Common Files\Mcafee\MMSSHost\MMSSHost.exe => No File
FirewallRules: [{054907B3-0783-4ACC-88D0-FA654BE55FB5}] => (Allow) C:\Program Files\Common Files\McAfee\MMSSHost\MMSSHost.exe => No File
ContextMenuHandlers5: [igfxcui] -> {3AB1675A-CCFF-11D2-8B20-00A0C93CB1F4} => -> No File
HKLM\SOFTWARE\Microsoft\Windows Defender: [DisableAntiSpyware] Restriction <==== ATTENTION
HKLM\SOFTWARE\Microsoft\Windows Defender: [DisableAntiVirus] Restriction <==== ATTENTION
HKLM\SOFTWARE\Policies\Microsoft\Windows\WindowsUpdate: Restriction <==== ATTENTION
HKU\S-1-5-21-1311674592-3799105159-958900802-1001\...\RunOnce: [Delete Cached Update Binary] => C:\WINDOWS\system32\cmd.exe /q /c del /q "C:\Users\Adriana\AppData\Local\Microsoft\OneDrive\Update\OneDriveSetup.exe" (No File)
HKU\S-1-5-21-1311674592-3799105159-958900802-1001\...\RunOnce: [Uninstall 25.005.0112.0003] => C:\WINDOWS\system32\cmd.exe /q /c rmdir /s /q "C:\Users\Adriana\AppData\Local\Microsoft\OneDrive\25.005.0112.0003" [0 2025-03-14] () <==== ATTENTION [zero byte File/Folder]
HKLM\Software\...\Authentication\Credential Providers: [{C885AA15-1764-4293-B82A-0586ADD46B35}] ->
HKLM\SOFTWARE\Policies\Mozilla\Firefox: Restriction <==== ATTENTION
HKLM\SOFTWARE\Policies\Google: Restriction <==== ATTENTION
ask: {BAD31A74-644D-4C4D-B210-9E1442E7A2AB} - System32\Tasks\Microsoft\Windows\Clip\ClipESU => %SystemRoot%\system32\clipesu.exe (No File)
Task: {CCDFC0B8-01A3-4E74-A820-4F13F51D269E} - System32\Tasks\Microsoft\Windows\Mobile Broadband Accounts\MNO Metadata Parser => %SystemRoot%\System32\MbaeParserTask.exe (No File)
Task: {C5AD917C-62DC-422E-9C9A-8E906712430D} - System32\Tasks\Microsoft\Windows\rempl\shell => %ProgramFiles%\rempl\sedlauncher.exe (No File)
Task: {6ECC17BA-2F21-4D1D-A937-AF5B7E29ED7A} - System32\Tasks\Microsoft\Windows\UpdateOrchestrator\Reboot => %systemroot%\system32\MusNotification.exe RebootDialog (No File)
Task: {999C0BCE-01B6-4C43-B726-D8EAE49A01A6} - System32\Tasks\Microsoft\Windows\UpdateOrchestrator\Reboot_AC => %systemroot%\system32\MusNotification.exe /RunOnAC RebootDialog (No File)
Task: {5D268192-95A8-4CE7-ADDD-E7E67D345CFA} - System32\Tasks\Microsoft\Windows\UpdateOrchestrator\Reboot_Battery => %systemroot%\system32\MusNotification.exe /RunOnBattery RebootDialog (No File)
Task: {071A0CAF-202C-479A-842A-14246E469140} - System32\Tasks\Microsoft\Windows\UpdateOrchestrator\USO_Broker_Display => %systemroot%\system32\MusNotification.exe Display (No File)
Task: {E0F10DCF-44AD-40E8-9370-FB5DA59F93FB} - System32\Tasks\Microsoft\Windows\UpdateOrchestrator\USO_UxBroker => %systemroot%\system32\MusNotification.exe (No File)
C:\Users\Adriana\BITA6AD.tmp
EmptyTemp:
End
Dotazy a logy vkládejte pouze do vašich threadů. Soukromé zprávy, icq a e-maily neslouží k řešení vašich problémů.
Podpořte, prosím, naše fórum : https://platba.viry.cz/payment/.
Navštivte:
e-mail: rudy(zavináč)forum.viry.cz
Varování: Před odvirováním PC si udělejte zálohy svých důležitých dat (pošta, kontakty, dokumenty, fotografie, videa, hudba apod.). Virus mimo svých "viditelných" aktivit může poškodit systém!
Po dořešení vašeho problému bude vlákno zamknuto. Stejně tak tehdy, pokud bude nečinné více než 14dnů. Pokud budete chtít vlákno aktivovat, napište mi na mail uvedený výše.
Podpořte, prosím, naše fórum : https://platba.viry.cz/payment/.
Navštivte:
e-mail: rudy(zavináč)forum.viry.cz
Varování: Před odvirováním PC si udělejte zálohy svých důležitých dat (pošta, kontakty, dokumenty, fotografie, videa, hudba apod.). Virus mimo svých "viditelných" aktivit může poškodit systém!
Po dořešení vašeho problému bude vlákno zamknuto. Stejně tak tehdy, pokud bude nečinné více než 14dnů. Pokud budete chtít vlákno aktivovat, napište mi na mail uvedený výše.
-
Pyroman21cz
- Návštěvník
- Příspěvky: 51
- Registrován: 20 úno 2008 21:35
Re: Prosím o preventivní kontrolu
ix result of Farbar Recovery Scan Tool (x64) Version: 16-03-2025
Ran by Adriana (16-03-2025 18:32:16) Run:1
Running from C:\Users\Adriana\Downloads
Loaded Profiles: Adriana
Boot Mode: Normal
==============================================
fixlist content:
*****************
Start
CloseProcesses:
ContextMenuHandlers5: [igfxcui] -> {3AB1675A-CCFF-11D2-8B20-00A0C93CB1F4} => -> No File
AlternateDataStreams: C:\Users\Adriana\Downloads\FRST.exe:BDU [0]
AlternateDataStreams: C:\Users\Adriana\Downloads\FRST64.exe:BDU [0]
irewallRules: [{2895CF63-CBCC-4CE7-8AAE-9609228006F6}] => (Allow) C:\Program Files (x86)\Common Files\Mcafee\MMSSHost\MMSSHost.exe => No File
FirewallRules: [{054907B3-0783-4ACC-88D0-FA654BE55FB5}] => (Allow) C:\Program Files\Common Files\McAfee\MMSSHost\MMSSHost.exe => No File
ContextMenuHandlers5: [igfxcui] -> {3AB1675A-CCFF-11D2-8B20-00A0C93CB1F4} => -> No File
HKLM\SOFTWARE\Microsoft\Windows Defender: [DisableAntiSpyware] Restriction <==== ATTENTION
HKLM\SOFTWARE\Microsoft\Windows Defender: [DisableAntiVirus] Restriction <==== ATTENTION
HKLM\SOFTWARE\Policies\Microsoft\Windows\WindowsUpdate: Restriction <==== ATTENTION
HKU\S-1-5-21-1311674592-3799105159-958900802-1001\...\RunOnce: [Delete Cached Update Binary] => C:\WINDOWS\system32\cmd.exe /q /c del /q "C:\Users\Adriana\AppData\Local\Microsoft\OneDrive\Update\OneDriveSetup.exe" (No File)
HKU\S-1-5-21-1311674592-3799105159-958900802-1001\...\RunOnce: [Uninstall 25.005.0112.0003] => C:\WINDOWS\system32\cmd.exe /q /c rmdir /s /q "C:\Users\Adriana\AppData\Local\Microsoft\OneDrive\25.005.0112.0003" [0 2025-03-14] () <==== ATTENTION [zero byte File/Folder]
HKLM\Software\...\Authentication\Credential Providers: [{C885AA15-1764-4293-B82A-0586ADD46B35}] ->
HKLM\SOFTWARE\Policies\Mozilla\Firefox: Restriction <==== ATTENTION
HKLM\SOFTWARE\Policies\Google: Restriction <==== ATTENTION
ask: {BAD31A74-644D-4C4D-B210-9E1442E7A2AB} - System32\Tasks\Microsoft\Windows\Clip\ClipESU => %SystemRoot%\system32\clipesu.exe (No File)
Task: {CCDFC0B8-01A3-4E74-A820-4F13F51D269E} - System32\Tasks\Microsoft\Windows\Mobile Broadband Accounts\MNO Metadata Parser => %SystemRoot%\System32\MbaeParserTask.exe (No File)
Task: {C5AD917C-62DC-422E-9C9A-8E906712430D} - System32\Tasks\Microsoft\Windows\rempl\shell => %ProgramFiles%\rempl\sedlauncher.exe (No File)
Task: {6ECC17BA-2F21-4D1D-A937-AF5B7E29ED7A} - System32\Tasks\Microsoft\Windows\UpdateOrchestrator\Reboot => %systemroot%\system32\MusNotification.exe RebootDialog (No File)
Task: {999C0BCE-01B6-4C43-B726-D8EAE49A01A6} - System32\Tasks\Microsoft\Windows\UpdateOrchestrator\Reboot_AC => %systemroot%\system32\MusNotification.exe /RunOnAC RebootDialog (No File)
Task: {5D268192-95A8-4CE7-ADDD-E7E67D345CFA} - System32\Tasks\Microsoft\Windows\UpdateOrchestrator\Reboot_Battery => %systemroot%\system32\MusNotification.exe /RunOnBattery RebootDialog (No File)
Task: {071A0CAF-202C-479A-842A-14246E469140} - System32\Tasks\Microsoft\Windows\UpdateOrchestrator\USO_Broker_Display => %systemroot%\system32\MusNotification.exe Display (No File)
Task: {E0F10DCF-44AD-40E8-9370-FB5DA59F93FB} - System32\Tasks\Microsoft\Windows\UpdateOrchestrator\USO_UxBroker => %systemroot%\system32\MusNotification.exe (No File)
C:\Users\Adriana\BITA6AD.tmp
EmptyTemp:
End
*****************
Processes closed successfully.
HKLM\Software\Classes\Directory\Background\ShellEx\ContextMenuHandlers\igfxcui => removed successfully
"C:\Users\Adriana\Downloads\FRST.exe" => ":BDU" ADS not found.
"C:\Users\Adriana\Downloads\FRST64.exe" => ":BDU" ADS not found.
irewallRules: [{2895CF63-CBCC-4CE7-8AAE-9609228006F6}] => (Allow) C:\Program Files (x86)\Common Files\Mcafee\MMSSHost\MMSSHost.exe => No File => Error: No automatic fix found for this entry.
"HKLM\SYSTEM\CurrentControlSet\services\SharedAccess\Parameters\FirewallPolicy\FirewallRules\\{054907B3-0783-4ACC-88D0-FA654BE55FB5}" => removed successfully
HKLM\Software\Classes\Directory\Background\ShellEx\ContextMenuHandlers\igfxcui => not found
HKLM\SOFTWARE\Microsoft\Windows Defender\\"DisableAntiSpyware"="0" => value restored successfully
HKLM\SOFTWARE\Microsoft\Windows Defender\\"DisableAntiVirus"="0" => value restored successfully
HKLM\SOFTWARE\Policies\Microsoft\Windows\WindowsUpdate => removed successfully
"HKU\S-1-5-21-1311674592-3799105159-958900802-1001\Software\Microsoft\Windows\CurrentVersion\RunOnce\\Delete Cached Update Binary" => removed successfully
"HKU\S-1-5-21-1311674592-3799105159-958900802-1001\Software\Microsoft\Windows\CurrentVersion\RunOnce\\Uninstall 25.005.0112.0003" => removed successfully
HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Authentication\Credential Providers\{C885AA15-1764-4293-B82A-0586ADD46B35} => removed successfully
HKLM\SOFTWARE\Policies\Mozilla => removed successfully
HKLM\SOFTWARE\Policies\Google => removed successfully
ask: {BAD31A74-644D-4C4D-B210-9E1442E7A2AB} - System32\Tasks\Microsoft\Windows\Clip\ClipESU => %SystemRoot%\system32\clipesu.exe (No File) => Error: No automatic fix found for this entry.
"HKLM\Software\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Plain\{CCDFC0B8-01A3-4E74-A820-4F13F51D269E}" => removed successfully
"HKLM\Software\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tasks\{CCDFC0B8-01A3-4E74-A820-4F13F51D269E}" => removed successfully
C:\WINDOWS\System32\Tasks\Microsoft\Windows\Mobile Broadband Accounts\MNO Metadata Parser => moved successfully
"HKLM\Software\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tree\Microsoft\Windows\Mobile Broadband Accounts\MNO Metadata Parser" => removed successfully
"HKLM\Software\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Plain\{C5AD917C-62DC-422E-9C9A-8E906712430D}" => removed successfully
"HKLM\Software\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tasks\{C5AD917C-62DC-422E-9C9A-8E906712430D}" => removed successfully
C:\WINDOWS\System32\Tasks\Microsoft\Windows\rempl\shell => moved successfully
"HKLM\Software\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tree\Microsoft\Windows\rempl\shell" => removed successfully
"HKLM\Software\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Plain\{6ECC17BA-2F21-4D1D-A937-AF5B7E29ED7A}" => removed successfully
"HKLM\Software\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tasks\{6ECC17BA-2F21-4D1D-A937-AF5B7E29ED7A}" => removed successfully
C:\WINDOWS\System32\Tasks\Microsoft\Windows\UpdateOrchestrator\Reboot => moved successfully
"HKLM\Software\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tree\Microsoft\Windows\UpdateOrchestrator\Reboot" => removed successfully
"HKLM\Software\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Plain\{999C0BCE-01B6-4C43-B726-D8EAE49A01A6}" => removed successfully
"HKLM\Software\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tasks\{999C0BCE-01B6-4C43-B726-D8EAE49A01A6}" => removed successfully
C:\WINDOWS\System32\Tasks\Microsoft\Windows\UpdateOrchestrator\Reboot_AC => moved successfully
"HKLM\Software\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tree\Microsoft\Windows\UpdateOrchestrator\Reboot_AC" => removed successfully
"HKLM\Software\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Plain\{5D268192-95A8-4CE7-ADDD-E7E67D345CFA}" => removed successfully
"HKLM\Software\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tasks\{5D268192-95A8-4CE7-ADDD-E7E67D345CFA}" => removed successfully
C:\WINDOWS\System32\Tasks\Microsoft\Windows\UpdateOrchestrator\Reboot_Battery => moved successfully
"HKLM\Software\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tree\Microsoft\Windows\UpdateOrchestrator\Reboot_Battery" => removed successfully
"HKLM\Software\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Plain\{071A0CAF-202C-479A-842A-14246E469140}" => removed successfully
"HKLM\Software\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tasks\{071A0CAF-202C-479A-842A-14246E469140}" => removed successfully
C:\WINDOWS\System32\Tasks\Microsoft\Windows\UpdateOrchestrator\USO_Broker_Display => moved successfully
"HKLM\Software\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tree\Microsoft\Windows\UpdateOrchestrator\USO_Broker_Display" => removed successfully
"HKLM\Software\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Plain\{E0F10DCF-44AD-40E8-9370-FB5DA59F93FB}" => removed successfully
"HKLM\Software\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tasks\{E0F10DCF-44AD-40E8-9370-FB5DA59F93FB}" => removed successfully
C:\WINDOWS\System32\Tasks\Microsoft\Windows\UpdateOrchestrator\USO_UxBroker => moved successfully
"HKLM\Software\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tree\Microsoft\Windows\UpdateOrchestrator\USO_UxBroker" => removed successfully
"C:\Users\Adriana\BITA6AD.tmp" => not found
=========== EmptyTemp: ==========
Ran by Adriana (16-03-2025 18:32:16) Run:1
Running from C:\Users\Adriana\Downloads
Loaded Profiles: Adriana
Boot Mode: Normal
==============================================
fixlist content:
*****************
Start
CloseProcesses:
ContextMenuHandlers5: [igfxcui] -> {3AB1675A-CCFF-11D2-8B20-00A0C93CB1F4} => -> No File
AlternateDataStreams: C:\Users\Adriana\Downloads\FRST.exe:BDU [0]
AlternateDataStreams: C:\Users\Adriana\Downloads\FRST64.exe:BDU [0]
irewallRules: [{2895CF63-CBCC-4CE7-8AAE-9609228006F6}] => (Allow) C:\Program Files (x86)\Common Files\Mcafee\MMSSHost\MMSSHost.exe => No File
FirewallRules: [{054907B3-0783-4ACC-88D0-FA654BE55FB5}] => (Allow) C:\Program Files\Common Files\McAfee\MMSSHost\MMSSHost.exe => No File
ContextMenuHandlers5: [igfxcui] -> {3AB1675A-CCFF-11D2-8B20-00A0C93CB1F4} => -> No File
HKLM\SOFTWARE\Microsoft\Windows Defender: [DisableAntiSpyware] Restriction <==== ATTENTION
HKLM\SOFTWARE\Microsoft\Windows Defender: [DisableAntiVirus] Restriction <==== ATTENTION
HKLM\SOFTWARE\Policies\Microsoft\Windows\WindowsUpdate: Restriction <==== ATTENTION
HKU\S-1-5-21-1311674592-3799105159-958900802-1001\...\RunOnce: [Delete Cached Update Binary] => C:\WINDOWS\system32\cmd.exe /q /c del /q "C:\Users\Adriana\AppData\Local\Microsoft\OneDrive\Update\OneDriveSetup.exe" (No File)
HKU\S-1-5-21-1311674592-3799105159-958900802-1001\...\RunOnce: [Uninstall 25.005.0112.0003] => C:\WINDOWS\system32\cmd.exe /q /c rmdir /s /q "C:\Users\Adriana\AppData\Local\Microsoft\OneDrive\25.005.0112.0003" [0 2025-03-14] () <==== ATTENTION [zero byte File/Folder]
HKLM\Software\...\Authentication\Credential Providers: [{C885AA15-1764-4293-B82A-0586ADD46B35}] ->
HKLM\SOFTWARE\Policies\Mozilla\Firefox: Restriction <==== ATTENTION
HKLM\SOFTWARE\Policies\Google: Restriction <==== ATTENTION
ask: {BAD31A74-644D-4C4D-B210-9E1442E7A2AB} - System32\Tasks\Microsoft\Windows\Clip\ClipESU => %SystemRoot%\system32\clipesu.exe (No File)
Task: {CCDFC0B8-01A3-4E74-A820-4F13F51D269E} - System32\Tasks\Microsoft\Windows\Mobile Broadband Accounts\MNO Metadata Parser => %SystemRoot%\System32\MbaeParserTask.exe (No File)
Task: {C5AD917C-62DC-422E-9C9A-8E906712430D} - System32\Tasks\Microsoft\Windows\rempl\shell => %ProgramFiles%\rempl\sedlauncher.exe (No File)
Task: {6ECC17BA-2F21-4D1D-A937-AF5B7E29ED7A} - System32\Tasks\Microsoft\Windows\UpdateOrchestrator\Reboot => %systemroot%\system32\MusNotification.exe RebootDialog (No File)
Task: {999C0BCE-01B6-4C43-B726-D8EAE49A01A6} - System32\Tasks\Microsoft\Windows\UpdateOrchestrator\Reboot_AC => %systemroot%\system32\MusNotification.exe /RunOnAC RebootDialog (No File)
Task: {5D268192-95A8-4CE7-ADDD-E7E67D345CFA} - System32\Tasks\Microsoft\Windows\UpdateOrchestrator\Reboot_Battery => %systemroot%\system32\MusNotification.exe /RunOnBattery RebootDialog (No File)
Task: {071A0CAF-202C-479A-842A-14246E469140} - System32\Tasks\Microsoft\Windows\UpdateOrchestrator\USO_Broker_Display => %systemroot%\system32\MusNotification.exe Display (No File)
Task: {E0F10DCF-44AD-40E8-9370-FB5DA59F93FB} - System32\Tasks\Microsoft\Windows\UpdateOrchestrator\USO_UxBroker => %systemroot%\system32\MusNotification.exe (No File)
C:\Users\Adriana\BITA6AD.tmp
EmptyTemp:
End
*****************
Processes closed successfully.
HKLM\Software\Classes\Directory\Background\ShellEx\ContextMenuHandlers\igfxcui => removed successfully
"C:\Users\Adriana\Downloads\FRST.exe" => ":BDU" ADS not found.
"C:\Users\Adriana\Downloads\FRST64.exe" => ":BDU" ADS not found.
irewallRules: [{2895CF63-CBCC-4CE7-8AAE-9609228006F6}] => (Allow) C:\Program Files (x86)\Common Files\Mcafee\MMSSHost\MMSSHost.exe => No File => Error: No automatic fix found for this entry.
"HKLM\SYSTEM\CurrentControlSet\services\SharedAccess\Parameters\FirewallPolicy\FirewallRules\\{054907B3-0783-4ACC-88D0-FA654BE55FB5}" => removed successfully
HKLM\Software\Classes\Directory\Background\ShellEx\ContextMenuHandlers\igfxcui => not found
HKLM\SOFTWARE\Microsoft\Windows Defender\\"DisableAntiSpyware"="0" => value restored successfully
HKLM\SOFTWARE\Microsoft\Windows Defender\\"DisableAntiVirus"="0" => value restored successfully
HKLM\SOFTWARE\Policies\Microsoft\Windows\WindowsUpdate => removed successfully
"HKU\S-1-5-21-1311674592-3799105159-958900802-1001\Software\Microsoft\Windows\CurrentVersion\RunOnce\\Delete Cached Update Binary" => removed successfully
"HKU\S-1-5-21-1311674592-3799105159-958900802-1001\Software\Microsoft\Windows\CurrentVersion\RunOnce\\Uninstall 25.005.0112.0003" => removed successfully
HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Authentication\Credential Providers\{C885AA15-1764-4293-B82A-0586ADD46B35} => removed successfully
HKLM\SOFTWARE\Policies\Mozilla => removed successfully
HKLM\SOFTWARE\Policies\Google => removed successfully
ask: {BAD31A74-644D-4C4D-B210-9E1442E7A2AB} - System32\Tasks\Microsoft\Windows\Clip\ClipESU => %SystemRoot%\system32\clipesu.exe (No File) => Error: No automatic fix found for this entry.
"HKLM\Software\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Plain\{CCDFC0B8-01A3-4E74-A820-4F13F51D269E}" => removed successfully
"HKLM\Software\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tasks\{CCDFC0B8-01A3-4E74-A820-4F13F51D269E}" => removed successfully
C:\WINDOWS\System32\Tasks\Microsoft\Windows\Mobile Broadband Accounts\MNO Metadata Parser => moved successfully
"HKLM\Software\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tree\Microsoft\Windows\Mobile Broadband Accounts\MNO Metadata Parser" => removed successfully
"HKLM\Software\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Plain\{C5AD917C-62DC-422E-9C9A-8E906712430D}" => removed successfully
"HKLM\Software\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tasks\{C5AD917C-62DC-422E-9C9A-8E906712430D}" => removed successfully
C:\WINDOWS\System32\Tasks\Microsoft\Windows\rempl\shell => moved successfully
"HKLM\Software\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tree\Microsoft\Windows\rempl\shell" => removed successfully
"HKLM\Software\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Plain\{6ECC17BA-2F21-4D1D-A937-AF5B7E29ED7A}" => removed successfully
"HKLM\Software\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tasks\{6ECC17BA-2F21-4D1D-A937-AF5B7E29ED7A}" => removed successfully
C:\WINDOWS\System32\Tasks\Microsoft\Windows\UpdateOrchestrator\Reboot => moved successfully
"HKLM\Software\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tree\Microsoft\Windows\UpdateOrchestrator\Reboot" => removed successfully
"HKLM\Software\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Plain\{999C0BCE-01B6-4C43-B726-D8EAE49A01A6}" => removed successfully
"HKLM\Software\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tasks\{999C0BCE-01B6-4C43-B726-D8EAE49A01A6}" => removed successfully
C:\WINDOWS\System32\Tasks\Microsoft\Windows\UpdateOrchestrator\Reboot_AC => moved successfully
"HKLM\Software\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tree\Microsoft\Windows\UpdateOrchestrator\Reboot_AC" => removed successfully
"HKLM\Software\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Plain\{5D268192-95A8-4CE7-ADDD-E7E67D345CFA}" => removed successfully
"HKLM\Software\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tasks\{5D268192-95A8-4CE7-ADDD-E7E67D345CFA}" => removed successfully
C:\WINDOWS\System32\Tasks\Microsoft\Windows\UpdateOrchestrator\Reboot_Battery => moved successfully
"HKLM\Software\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tree\Microsoft\Windows\UpdateOrchestrator\Reboot_Battery" => removed successfully
"HKLM\Software\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Plain\{071A0CAF-202C-479A-842A-14246E469140}" => removed successfully
"HKLM\Software\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tasks\{071A0CAF-202C-479A-842A-14246E469140}" => removed successfully
C:\WINDOWS\System32\Tasks\Microsoft\Windows\UpdateOrchestrator\USO_Broker_Display => moved successfully
"HKLM\Software\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tree\Microsoft\Windows\UpdateOrchestrator\USO_Broker_Display" => removed successfully
"HKLM\Software\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Plain\{E0F10DCF-44AD-40E8-9370-FB5DA59F93FB}" => removed successfully
"HKLM\Software\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tasks\{E0F10DCF-44AD-40E8-9370-FB5DA59F93FB}" => removed successfully
C:\WINDOWS\System32\Tasks\Microsoft\Windows\UpdateOrchestrator\USO_UxBroker => moved successfully
"HKLM\Software\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tree\Microsoft\Windows\UpdateOrchestrator\USO_UxBroker" => removed successfully
"C:\Users\Adriana\BITA6AD.tmp" => not found
=========== EmptyTemp: ==========
-
Rudy
- Site Admin
- Příspěvky: 119309
- Registrován: 30 říj 2003 13:42
- Bydliště: Plzeň
- Kontaktovat uživatele:
Re: Prosím o preventivní kontrolu
Tohle je můj skript. Celý log vypadá asi takto: https://forum.viry.cz/viewtopic.php?p=1558115#p1558115 . Bez toho nevím, zdfa bylo něco smazáno. Děkuji.
Dotazy a logy vkládejte pouze do vašich threadů. Soukromé zprávy, icq a e-maily neslouží k řešení vašich problémů.
Podpořte, prosím, naše fórum : https://platba.viry.cz/payment/.
Navštivte:
e-mail: rudy(zavináč)forum.viry.cz
Varování: Před odvirováním PC si udělejte zálohy svých důležitých dat (pošta, kontakty, dokumenty, fotografie, videa, hudba apod.). Virus mimo svých "viditelných" aktivit může poškodit systém!
Po dořešení vašeho problému bude vlákno zamknuto. Stejně tak tehdy, pokud bude nečinné více než 14dnů. Pokud budete chtít vlákno aktivovat, napište mi na mail uvedený výše.
Podpořte, prosím, naše fórum : https://platba.viry.cz/payment/.
Navštivte:
e-mail: rudy(zavináč)forum.viry.cz
Varování: Před odvirováním PC si udělejte zálohy svých důležitých dat (pošta, kontakty, dokumenty, fotografie, videa, hudba apod.). Virus mimo svých "viditelných" aktivit může poškodit systém!
Po dořešení vašeho problému bude vlákno zamknuto. Stejně tak tehdy, pokud bude nečinné více než 14dnů. Pokud budete chtít vlákno aktivovat, napište mi na mail uvedený výše.
-
Pyroman21cz
- Návštěvník
- Příspěvky: 51
- Registrován: 20 úno 2008 21:35
Re: Prosím o preventivní kontrolu
Ale to by mělo být ono, žádný jiný log se nevygeneroval...
Fix result of Farbar Recovery Scan Tool (x64) Version: 16-03-2025
Ran by Adriana (16-03-2025 18:32:16) Run:1
Running from C:\Users\Adriana\Downloads
Loaded Profiles: Adriana
Boot Mode: Normal
==============================================
fixlist content:
*****************
Start
CloseProcesses:
ContextMenuHandlers5: [igfxcui] -> {3AB1675A-CCFF-11D2-8B20-00A0C93CB1F4} => -> No File
AlternateDataStreams: C:\Users\Adriana\Downloads\FRST.exe:BDU [0]
AlternateDataStreams: C:\Users\Adriana\Downloads\FRST64.exe:BDU [0]
irewallRules: [{2895CF63-CBCC-4CE7-8AAE-9609228006F6}] => (Allow) C:\Program Files (x86)\Common Files\Mcafee\MMSSHost\MMSSHost.exe => No File
FirewallRules: [{054907B3-0783-4ACC-88D0-FA654BE55FB5}] => (Allow) C:\Program Files\Common Files\McAfee\MMSSHost\MMSSHost.exe => No File
ContextMenuHandlers5: [igfxcui] -> {3AB1675A-CCFF-11D2-8B20-00A0C93CB1F4} => -> No File
HKLM\SOFTWARE\Microsoft\Windows Defender: [DisableAntiSpyware] Restriction <==== ATTENTION
HKLM\SOFTWARE\Microsoft\Windows Defender: [DisableAntiVirus] Restriction <==== ATTENTION
HKLM\SOFTWARE\Policies\Microsoft\Windows\WindowsUpdate: Restriction <==== ATTENTION
HKU\S-1-5-21-1311674592-3799105159-958900802-1001\...\RunOnce: [Delete Cached Update Binary] => C:\WINDOWS\system32\cmd.exe /q /c del /q "C:\Users\Adriana\AppData\Local\Microsoft\OneDrive\Update\OneDriveSetup.exe" (No File)
HKU\S-1-5-21-1311674592-3799105159-958900802-1001\...\RunOnce: [Uninstall 25.005.0112.0003] => C:\WINDOWS\system32\cmd.exe /q /c rmdir /s /q "C:\Users\Adriana\AppData\Local\Microsoft\OneDrive\25.005.0112.0003" [0 2025-03-14] () <==== ATTENTION [zero byte File/Folder]
HKLM\Software\...\Authentication\Credential Providers: [{C885AA15-1764-4293-B82A-0586ADD46B35}] ->
HKLM\SOFTWARE\Policies\Mozilla\Firefox: Restriction <==== ATTENTION
HKLM\SOFTWARE\Policies\Google: Restriction <==== ATTENTION
ask: {BAD31A74-644D-4C4D-B210-9E1442E7A2AB} - System32\Tasks\Microsoft\Windows\Clip\ClipESU => %SystemRoot%\system32\clipesu.exe (No File)
Task: {CCDFC0B8-01A3-4E74-A820-4F13F51D269E} - System32\Tasks\Microsoft\Windows\Mobile Broadband Accounts\MNO Metadata Parser => %SystemRoot%\System32\MbaeParserTask.exe (No File)
Task: {C5AD917C-62DC-422E-9C9A-8E906712430D} - System32\Tasks\Microsoft\Windows\rempl\shell => %ProgramFiles%\rempl\sedlauncher.exe (No File)
Task: {6ECC17BA-2F21-4D1D-A937-AF5B7E29ED7A} - System32\Tasks\Microsoft\Windows\UpdateOrchestrator\Reboot => %systemroot%\system32\MusNotification.exe RebootDialog (No File)
Task: {999C0BCE-01B6-4C43-B726-D8EAE49A01A6} - System32\Tasks\Microsoft\Windows\UpdateOrchestrator\Reboot_AC => %systemroot%\system32\MusNotification.exe /RunOnAC RebootDialog (No File)
Task: {5D268192-95A8-4CE7-ADDD-E7E67D345CFA} - System32\Tasks\Microsoft\Windows\UpdateOrchestrator\Reboot_Battery => %systemroot%\system32\MusNotification.exe /RunOnBattery RebootDialog (No File)
Task: {071A0CAF-202C-479A-842A-14246E469140} - System32\Tasks\Microsoft\Windows\UpdateOrchestrator\USO_Broker_Display => %systemroot%\system32\MusNotification.exe Display (No File)
Task: {E0F10DCF-44AD-40E8-9370-FB5DA59F93FB} - System32\Tasks\Microsoft\Windows\UpdateOrchestrator\USO_UxBroker => %systemroot%\system32\MusNotification.exe (No File)
C:\Users\Adriana\BITA6AD.tmp
EmptyTemp:
End
*****************
Processes closed successfully.
HKLM\Software\Classes\Directory\Background\ShellEx\ContextMenuHandlers\igfxcui => removed successfully
"C:\Users\Adriana\Downloads\FRST.exe" => ":BDU" ADS not found.
"C:\Users\Adriana\Downloads\FRST64.exe" => ":BDU" ADS not found.
irewallRules: [{2895CF63-CBCC-4CE7-8AAE-9609228006F6}] => (Allow) C:\Program Files (x86)\Common Files\Mcafee\MMSSHost\MMSSHost.exe => No File => Error: No automatic fix found for this entry.
"HKLM\SYSTEM\CurrentControlSet\services\SharedAccess\Parameters\FirewallPolicy\FirewallRules\\{054907B3-0783-4ACC-88D0-FA654BE55FB5}" => removed successfully
HKLM\Software\Classes\Directory\Background\ShellEx\ContextMenuHandlers\igfxcui => not found
HKLM\SOFTWARE\Microsoft\Windows Defender\\"DisableAntiSpyware"="0" => value restored successfully
HKLM\SOFTWARE\Microsoft\Windows Defender\\"DisableAntiVirus"="0" => value restored successfully
HKLM\SOFTWARE\Policies\Microsoft\Windows\WindowsUpdate => removed successfully
"HKU\S-1-5-21-1311674592-3799105159-958900802-1001\Software\Microsoft\Windows\CurrentVersion\RunOnce\\Delete Cached Update Binary" => removed successfully
"HKU\S-1-5-21-1311674592-3799105159-958900802-1001\Software\Microsoft\Windows\CurrentVersion\RunOnce\\Uninstall 25.005.0112.0003" => removed successfully
HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Authentication\Credential Providers\{C885AA15-1764-4293-B82A-0586ADD46B35} => removed successfully
HKLM\SOFTWARE\Policies\Mozilla => removed successfully
HKLM\SOFTWARE\Policies\Google => removed successfully
ask: {BAD31A74-644D-4C4D-B210-9E1442E7A2AB} - System32\Tasks\Microsoft\Windows\Clip\ClipESU => %SystemRoot%\system32\clipesu.exe (No File) => Error: No automatic fix found for this entry.
"HKLM\Software\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Plain\{CCDFC0B8-01A3-4E74-A820-4F13F51D269E}" => removed successfully
"HKLM\Software\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tasks\{CCDFC0B8-01A3-4E74-A820-4F13F51D269E}" => removed successfully
C:\WINDOWS\System32\Tasks\Microsoft\Windows\Mobile Broadband Accounts\MNO Metadata Parser => moved successfully
"HKLM\Software\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tree\Microsoft\Windows\Mobile Broadband Accounts\MNO Metadata Parser" => removed successfully
"HKLM\Software\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Plain\{C5AD917C-62DC-422E-9C9A-8E906712430D}" => removed successfully
"HKLM\Software\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tasks\{C5AD917C-62DC-422E-9C9A-8E906712430D}" => removed successfully
C:\WINDOWS\System32\Tasks\Microsoft\Windows\rempl\shell => moved successfully
"HKLM\Software\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tree\Microsoft\Windows\rempl\shell" => removed successfully
"HKLM\Software\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Plain\{6ECC17BA-2F21-4D1D-A937-AF5B7E29ED7A}" => removed successfully
"HKLM\Software\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tasks\{6ECC17BA-2F21-4D1D-A937-AF5B7E29ED7A}" => removed successfully
C:\WINDOWS\System32\Tasks\Microsoft\Windows\UpdateOrchestrator\Reboot => moved successfully
"HKLM\Software\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tree\Microsoft\Windows\UpdateOrchestrator\Reboot" => removed successfully
"HKLM\Software\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Plain\{999C0BCE-01B6-4C43-B726-D8EAE49A01A6}" => removed successfully
"HKLM\Software\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tasks\{999C0BCE-01B6-4C43-B726-D8EAE49A01A6}" => removed successfully
C:\WINDOWS\System32\Tasks\Microsoft\Windows\UpdateOrchestrator\Reboot_AC => moved successfully
"HKLM\Software\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tree\Microsoft\Windows\UpdateOrchestrator\Reboot_AC" => removed successfully
"HKLM\Software\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Plain\{5D268192-95A8-4CE7-ADDD-E7E67D345CFA}" => removed successfully
"HKLM\Software\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tasks\{5D268192-95A8-4CE7-ADDD-E7E67D345CFA}" => removed successfully
C:\WINDOWS\System32\Tasks\Microsoft\Windows\UpdateOrchestrator\Reboot_Battery => moved successfully
"HKLM\Software\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tree\Microsoft\Windows\UpdateOrchestrator\Reboot_Battery" => removed successfully
"HKLM\Software\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Plain\{071A0CAF-202C-479A-842A-14246E469140}" => removed successfully
"HKLM\Software\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tasks\{071A0CAF-202C-479A-842A-14246E469140}" => removed successfully
C:\WINDOWS\System32\Tasks\Microsoft\Windows\UpdateOrchestrator\USO_Broker_Display => moved successfully
"HKLM\Software\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tree\Microsoft\Windows\UpdateOrchestrator\USO_Broker_Display" => removed successfully
"HKLM\Software\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Plain\{E0F10DCF-44AD-40E8-9370-FB5DA59F93FB}" => removed successfully
"HKLM\Software\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tasks\{E0F10DCF-44AD-40E8-9370-FB5DA59F93FB}" => removed successfully
C:\WINDOWS\System32\Tasks\Microsoft\Windows\UpdateOrchestrator\USO_UxBroker => moved successfully
"HKLM\Software\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tree\Microsoft\Windows\UpdateOrchestrator\USO_UxBroker" => removed successfully
"C:\Users\Adriana\BITA6AD.tmp" => not found
=========== EmptyTemp: ==========
FlushDNS => completed
BITS transfer queue => 0 B
DOMStore, IE Recovery, AppCache, Feeds Cache, Thumbcache, IconCache => 9537110 B
Java, Discord, Steam htmlcache, WinHttpAutoProxySvc/winhttp *.cache => 0 B
Windows/system/drivers => 3425449 B
Edge => 0 B
Chrome => 94636788 B
Firefox => 0 B
Opera => 0 B
Temp, IE cache, history, cookies, recent:
Default => 0 B
ProgramData => 0 B
Public => 0 B
systemprofile => 126 B
systemprofile32 => 126 B
LocalService => 126 B
NetworkService => 126 B
Adriana => 11466024 B
RecycleBin => 0 B
EmptyTemp: => 113.6 MB temporary data Removed.
================================
The system needed a reboot.
==== End of Fixlog 18:32:46 ====
Fix result of Farbar Recovery Scan Tool (x64) Version: 16-03-2025
Ran by Adriana (16-03-2025 18:32:16) Run:1
Running from C:\Users\Adriana\Downloads
Loaded Profiles: Adriana
Boot Mode: Normal
==============================================
fixlist content:
*****************
Start
CloseProcesses:
ContextMenuHandlers5: [igfxcui] -> {3AB1675A-CCFF-11D2-8B20-00A0C93CB1F4} => -> No File
AlternateDataStreams: C:\Users\Adriana\Downloads\FRST.exe:BDU [0]
AlternateDataStreams: C:\Users\Adriana\Downloads\FRST64.exe:BDU [0]
irewallRules: [{2895CF63-CBCC-4CE7-8AAE-9609228006F6}] => (Allow) C:\Program Files (x86)\Common Files\Mcafee\MMSSHost\MMSSHost.exe => No File
FirewallRules: [{054907B3-0783-4ACC-88D0-FA654BE55FB5}] => (Allow) C:\Program Files\Common Files\McAfee\MMSSHost\MMSSHost.exe => No File
ContextMenuHandlers5: [igfxcui] -> {3AB1675A-CCFF-11D2-8B20-00A0C93CB1F4} => -> No File
HKLM\SOFTWARE\Microsoft\Windows Defender: [DisableAntiSpyware] Restriction <==== ATTENTION
HKLM\SOFTWARE\Microsoft\Windows Defender: [DisableAntiVirus] Restriction <==== ATTENTION
HKLM\SOFTWARE\Policies\Microsoft\Windows\WindowsUpdate: Restriction <==== ATTENTION
HKU\S-1-5-21-1311674592-3799105159-958900802-1001\...\RunOnce: [Delete Cached Update Binary] => C:\WINDOWS\system32\cmd.exe /q /c del /q "C:\Users\Adriana\AppData\Local\Microsoft\OneDrive\Update\OneDriveSetup.exe" (No File)
HKU\S-1-5-21-1311674592-3799105159-958900802-1001\...\RunOnce: [Uninstall 25.005.0112.0003] => C:\WINDOWS\system32\cmd.exe /q /c rmdir /s /q "C:\Users\Adriana\AppData\Local\Microsoft\OneDrive\25.005.0112.0003" [0 2025-03-14] () <==== ATTENTION [zero byte File/Folder]
HKLM\Software\...\Authentication\Credential Providers: [{C885AA15-1764-4293-B82A-0586ADD46B35}] ->
HKLM\SOFTWARE\Policies\Mozilla\Firefox: Restriction <==== ATTENTION
HKLM\SOFTWARE\Policies\Google: Restriction <==== ATTENTION
ask: {BAD31A74-644D-4C4D-B210-9E1442E7A2AB} - System32\Tasks\Microsoft\Windows\Clip\ClipESU => %SystemRoot%\system32\clipesu.exe (No File)
Task: {CCDFC0B8-01A3-4E74-A820-4F13F51D269E} - System32\Tasks\Microsoft\Windows\Mobile Broadband Accounts\MNO Metadata Parser => %SystemRoot%\System32\MbaeParserTask.exe (No File)
Task: {C5AD917C-62DC-422E-9C9A-8E906712430D} - System32\Tasks\Microsoft\Windows\rempl\shell => %ProgramFiles%\rempl\sedlauncher.exe (No File)
Task: {6ECC17BA-2F21-4D1D-A937-AF5B7E29ED7A} - System32\Tasks\Microsoft\Windows\UpdateOrchestrator\Reboot => %systemroot%\system32\MusNotification.exe RebootDialog (No File)
Task: {999C0BCE-01B6-4C43-B726-D8EAE49A01A6} - System32\Tasks\Microsoft\Windows\UpdateOrchestrator\Reboot_AC => %systemroot%\system32\MusNotification.exe /RunOnAC RebootDialog (No File)
Task: {5D268192-95A8-4CE7-ADDD-E7E67D345CFA} - System32\Tasks\Microsoft\Windows\UpdateOrchestrator\Reboot_Battery => %systemroot%\system32\MusNotification.exe /RunOnBattery RebootDialog (No File)
Task: {071A0CAF-202C-479A-842A-14246E469140} - System32\Tasks\Microsoft\Windows\UpdateOrchestrator\USO_Broker_Display => %systemroot%\system32\MusNotification.exe Display (No File)
Task: {E0F10DCF-44AD-40E8-9370-FB5DA59F93FB} - System32\Tasks\Microsoft\Windows\UpdateOrchestrator\USO_UxBroker => %systemroot%\system32\MusNotification.exe (No File)
C:\Users\Adriana\BITA6AD.tmp
EmptyTemp:
End
*****************
Processes closed successfully.
HKLM\Software\Classes\Directory\Background\ShellEx\ContextMenuHandlers\igfxcui => removed successfully
"C:\Users\Adriana\Downloads\FRST.exe" => ":BDU" ADS not found.
"C:\Users\Adriana\Downloads\FRST64.exe" => ":BDU" ADS not found.
irewallRules: [{2895CF63-CBCC-4CE7-8AAE-9609228006F6}] => (Allow) C:\Program Files (x86)\Common Files\Mcafee\MMSSHost\MMSSHost.exe => No File => Error: No automatic fix found for this entry.
"HKLM\SYSTEM\CurrentControlSet\services\SharedAccess\Parameters\FirewallPolicy\FirewallRules\\{054907B3-0783-4ACC-88D0-FA654BE55FB5}" => removed successfully
HKLM\Software\Classes\Directory\Background\ShellEx\ContextMenuHandlers\igfxcui => not found
HKLM\SOFTWARE\Microsoft\Windows Defender\\"DisableAntiSpyware"="0" => value restored successfully
HKLM\SOFTWARE\Microsoft\Windows Defender\\"DisableAntiVirus"="0" => value restored successfully
HKLM\SOFTWARE\Policies\Microsoft\Windows\WindowsUpdate => removed successfully
"HKU\S-1-5-21-1311674592-3799105159-958900802-1001\Software\Microsoft\Windows\CurrentVersion\RunOnce\\Delete Cached Update Binary" => removed successfully
"HKU\S-1-5-21-1311674592-3799105159-958900802-1001\Software\Microsoft\Windows\CurrentVersion\RunOnce\\Uninstall 25.005.0112.0003" => removed successfully
HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Authentication\Credential Providers\{C885AA15-1764-4293-B82A-0586ADD46B35} => removed successfully
HKLM\SOFTWARE\Policies\Mozilla => removed successfully
HKLM\SOFTWARE\Policies\Google => removed successfully
ask: {BAD31A74-644D-4C4D-B210-9E1442E7A2AB} - System32\Tasks\Microsoft\Windows\Clip\ClipESU => %SystemRoot%\system32\clipesu.exe (No File) => Error: No automatic fix found for this entry.
"HKLM\Software\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Plain\{CCDFC0B8-01A3-4E74-A820-4F13F51D269E}" => removed successfully
"HKLM\Software\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tasks\{CCDFC0B8-01A3-4E74-A820-4F13F51D269E}" => removed successfully
C:\WINDOWS\System32\Tasks\Microsoft\Windows\Mobile Broadband Accounts\MNO Metadata Parser => moved successfully
"HKLM\Software\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tree\Microsoft\Windows\Mobile Broadband Accounts\MNO Metadata Parser" => removed successfully
"HKLM\Software\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Plain\{C5AD917C-62DC-422E-9C9A-8E906712430D}" => removed successfully
"HKLM\Software\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tasks\{C5AD917C-62DC-422E-9C9A-8E906712430D}" => removed successfully
C:\WINDOWS\System32\Tasks\Microsoft\Windows\rempl\shell => moved successfully
"HKLM\Software\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tree\Microsoft\Windows\rempl\shell" => removed successfully
"HKLM\Software\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Plain\{6ECC17BA-2F21-4D1D-A937-AF5B7E29ED7A}" => removed successfully
"HKLM\Software\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tasks\{6ECC17BA-2F21-4D1D-A937-AF5B7E29ED7A}" => removed successfully
C:\WINDOWS\System32\Tasks\Microsoft\Windows\UpdateOrchestrator\Reboot => moved successfully
"HKLM\Software\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tree\Microsoft\Windows\UpdateOrchestrator\Reboot" => removed successfully
"HKLM\Software\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Plain\{999C0BCE-01B6-4C43-B726-D8EAE49A01A6}" => removed successfully
"HKLM\Software\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tasks\{999C0BCE-01B6-4C43-B726-D8EAE49A01A6}" => removed successfully
C:\WINDOWS\System32\Tasks\Microsoft\Windows\UpdateOrchestrator\Reboot_AC => moved successfully
"HKLM\Software\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tree\Microsoft\Windows\UpdateOrchestrator\Reboot_AC" => removed successfully
"HKLM\Software\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Plain\{5D268192-95A8-4CE7-ADDD-E7E67D345CFA}" => removed successfully
"HKLM\Software\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tasks\{5D268192-95A8-4CE7-ADDD-E7E67D345CFA}" => removed successfully
C:\WINDOWS\System32\Tasks\Microsoft\Windows\UpdateOrchestrator\Reboot_Battery => moved successfully
"HKLM\Software\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tree\Microsoft\Windows\UpdateOrchestrator\Reboot_Battery" => removed successfully
"HKLM\Software\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Plain\{071A0CAF-202C-479A-842A-14246E469140}" => removed successfully
"HKLM\Software\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tasks\{071A0CAF-202C-479A-842A-14246E469140}" => removed successfully
C:\WINDOWS\System32\Tasks\Microsoft\Windows\UpdateOrchestrator\USO_Broker_Display => moved successfully
"HKLM\Software\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tree\Microsoft\Windows\UpdateOrchestrator\USO_Broker_Display" => removed successfully
"HKLM\Software\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Plain\{E0F10DCF-44AD-40E8-9370-FB5DA59F93FB}" => removed successfully
"HKLM\Software\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tasks\{E0F10DCF-44AD-40E8-9370-FB5DA59F93FB}" => removed successfully
C:\WINDOWS\System32\Tasks\Microsoft\Windows\UpdateOrchestrator\USO_UxBroker => moved successfully
"HKLM\Software\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tree\Microsoft\Windows\UpdateOrchestrator\USO_UxBroker" => removed successfully
"C:\Users\Adriana\BITA6AD.tmp" => not found
=========== EmptyTemp: ==========
FlushDNS => completed
BITS transfer queue => 0 B
DOMStore, IE Recovery, AppCache, Feeds Cache, Thumbcache, IconCache => 9537110 B
Java, Discord, Steam htmlcache, WinHttpAutoProxySvc/winhttp *.cache => 0 B
Windows/system/drivers => 3425449 B
Edge => 0 B
Chrome => 94636788 B
Firefox => 0 B
Opera => 0 B
Temp, IE cache, history, cookies, recent:
Default => 0 B
ProgramData => 0 B
Public => 0 B
systemprofile => 126 B
systemprofile32 => 126 B
LocalService => 126 B
NetworkService => 126 B
Adriana => 11466024 B
RecycleBin => 0 B
EmptyTemp: => 113.6 MB temporary data Removed.
================================
The system needed a reboot.
==== End of Fixlog 18:32:46 ====
-
Rudy
- Site Admin
- Příspěvky: 119309
- Registrován: 30 říj 2003 13:42
- Bydliště: Plzeň
- Kontaktovat uživatele:
Re: Prosím o preventivní kontrolu
Ano, je to ono. Předtím jste ale dal jen polovinu (můj skript). Teď je to v pořádku. Bylo smazáno, log je již OK.
Dotazy a logy vkládejte pouze do vašich threadů. Soukromé zprávy, icq a e-maily neslouží k řešení vašich problémů.
Podpořte, prosím, naše fórum : https://platba.viry.cz/payment/.
Navštivte:
e-mail: rudy(zavináč)forum.viry.cz
Varování: Před odvirováním PC si udělejte zálohy svých důležitých dat (pošta, kontakty, dokumenty, fotografie, videa, hudba apod.). Virus mimo svých "viditelných" aktivit může poškodit systém!
Po dořešení vašeho problému bude vlákno zamknuto. Stejně tak tehdy, pokud bude nečinné více než 14dnů. Pokud budete chtít vlákno aktivovat, napište mi na mail uvedený výše.
Podpořte, prosím, naše fórum : https://platba.viry.cz/payment/.
Navštivte:
e-mail: rudy(zavináč)forum.viry.cz
Varování: Před odvirováním PC si udělejte zálohy svých důležitých dat (pošta, kontakty, dokumenty, fotografie, videa, hudba apod.). Virus mimo svých "viditelných" aktivit může poškodit systém!
Po dořešení vašeho problému bude vlákno zamknuto. Stejně tak tehdy, pokud bude nečinné více než 14dnů. Pokud budete chtít vlákno aktivovat, napište mi na mail uvedený výše.
-
Pyroman21cz
- Návštěvník
- Příspěvky: 51
- Registrován: 20 úno 2008 21:35
Re: Prosím o preventivní kontrolu
Díky moc, posílám příspěvek.
Hezký večer přeji
Hezký večer přeji
-
Rudy
- Site Admin
- Příspěvky: 119309
- Registrován: 30 říj 2003 13:42
- Bydliště: Plzeň
- Kontaktovat uživatele:
Re: Prosím o preventivní kontrolu
Hezký večer i vám, za příspěvek děkujeme a nemáte zač.
Dotazy a logy vkládejte pouze do vašich threadů. Soukromé zprávy, icq a e-maily neslouží k řešení vašich problémů.
Podpořte, prosím, naše fórum : https://platba.viry.cz/payment/.
Navštivte:
e-mail: rudy(zavináč)forum.viry.cz
Varování: Před odvirováním PC si udělejte zálohy svých důležitých dat (pošta, kontakty, dokumenty, fotografie, videa, hudba apod.). Virus mimo svých "viditelných" aktivit může poškodit systém!
Po dořešení vašeho problému bude vlákno zamknuto. Stejně tak tehdy, pokud bude nečinné více než 14dnů. Pokud budete chtít vlákno aktivovat, napište mi na mail uvedený výše.
Podpořte, prosím, naše fórum : https://platba.viry.cz/payment/.
Navštivte:
e-mail: rudy(zavináč)forum.viry.cz
Varování: Před odvirováním PC si udělejte zálohy svých důležitých dat (pošta, kontakty, dokumenty, fotografie, videa, hudba apod.). Virus mimo svých "viditelných" aktivit může poškodit systém!
Po dořešení vašeho problému bude vlákno zamknuto. Stejně tak tehdy, pokud bude nečinné více než 14dnů. Pokud budete chtít vlákno aktivovat, napište mi na mail uvedený výše.
Přispějete na provoz fóra?