Vyskakující okna Firefox-viry, licence, systém atd

[darkane]

Dobrý den, prosím o kontrolu, vyskakují mi okna Firefoxu a virech, systému atd.
Zase jsem lezl někam, kam jsem neměl.
děkuji

Scan result of Farbar Recovery Scan Tool (FRST) (x64) Version: 11-10-2025
Ran by Admin (administrator) on SUBOTNIKOVA (LENOVO 10NS000DMC) (16-10-2025 16:33:41)
Running from C:\Users\Admin\Desktop\FRST64.exe
Loaded Profiles: Admin
Platform: Microsoft Windows 10 Pro Version 22H2 19045.6396 (X64) Language: Čeština (Česko)
Default browser: FF
Boot Mode: Normal

==================== Processes (Whitelisted) =================

(If an entry is included in the fixlist, the process will be closed. The file will not be moved.)

(C:\Program Files\LGHUB\system_tray\lghub_system_tray.exe ->) (Logitech Inc -> Logitech, Inc.) C:\Program Files\LGHUB\lghub_agent.exe
(C:\Program Files\Mozilla Firefox\firefox.exe ->) (Mozilla Corporation -> Mozilla Foundation) C:\Program Files\Mozilla Firefox\crashhelper.exe
(C:\Program Files\Realtek\Audio\HDA\RtkAudioService64.exe ->) (Realtek Semiconductor Corp. -> Realtek Semiconductor) C:\Program Files\Realtek\Audio\HDA\RAVBg64.exe
(explorer.exe ->) (Adobe Inc. -> Adobe Systems Incorporated) C:\Program Files\Adobe\Acrobat DC\Acrobat\AdobeCollabSync.exe <2>
(explorer.exe ->) (Logitech Inc -> Logitech, Inc.) C:\Program Files\LGHUB\system_tray\lghub_system_tray.exe
(Intel(R) pGFX -> Intel Corporation) C:\Windows\System32\DriverStore\FileRepository\igdlh64.inf_amd64_d44295a98a21a376\igfxEM.exe
(Mozilla Corporation -> Mozilla Corporation) C:\Program Files\Mozilla Firefox\firefox.exe <13>
(services.exe ->) (Adobe Inc. -> Adobe Inc.) C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\armsvc.exe
(services.exe ->) (Dolby Laboratories, Inc. -> Dolby Laboratories, Inc.) C:\Program Files\Dolby\Dolby DAX2\DAX2_API\DolbyDAX2API.exe
(services.exe ->) (HP Inc. -> HP Inc.) C:\Program Files\HPPrintScanDoctor\HPPrintScanDoctorService.exe
(services.exe ->) (Intel Corporation -> Intel Corporation) C:\Windows\System32\DriverStore\FileRepository\dal.inf_amd64_af50fdb80983f7bc\jhi_service.exe
(services.exe ->) (Intel Corporation -> Intel Corporation) C:\Windows\System32\DriverStore\FileRepository\lms.inf_amd64_a55aa2cd52a3429d\LMS.exe
(services.exe ->) (Intel(R) pGFX -> Intel Corporation) C:\Windows\System32\DriverStore\FileRepository\igdlh64.inf_amd64_d44295a98a21a376\igfxCUIService.exe
(services.exe ->) (Intel(R) pGFX -> Intel Corporation) C:\Windows\System32\DriverStore\FileRepository\igdlh64.inf_amd64_d44295a98a21a376\IntelCpHDCPSvc.exe
(services.exe ->) (Intel(R) pGFX -> Intel Corporation) C:\Windows\System32\DriverStore\FileRepository\igdlh64.inf_amd64_d44295a98a21a376\IntelCpHeciSvc.exe
(services.exe ->) (Intel(R) Rapid Storage Technology -> Intel Corporation) C:\Windows\System32\DriverStore\FileRepository\iaahcic.inf_amd64_f222132bfa8270de\RstMwService.exe
(services.exe ->) (Intel(R) Wireless Connectivity Solutions -> Intel Corporation) C:\Windows\System32\DriverStore\FileRepository\piecomponent.inf_amd64_47a3c840f4f369ff\Intel_PIE_Service.exe
(services.exe ->) (Logitech Inc -> Logitech, Inc.) C:\Program Files\LGHUB\lghub_updater.exe
(services.exe ->) (Microsoft Corporation -> Microsoft Corporation) C:\Windows\Microsoft.NET\Framework64\v3.0\WPF\PresentationFontCache.exe
(services.exe ->) (Microsoft Windows Publisher -> Microsoft Corporation) C:\ProgramData\Microsoft\Windows Defender\Platform\4.18.25080.5-0\MpDefenderCoreService.exe
(services.exe ->) (Microsoft Windows Publisher -> Microsoft Corporation) C:\ProgramData\Microsoft\Windows Defender\Platform\4.18.25080.5-0\MsMpEng.exe
(services.exe ->) (Microsoft Windows Publisher -> Microsoft Corporation) C:\ProgramData\Microsoft\Windows Defender\Platform\4.18.25080.5-0\NisSrv.exe
(services.exe ->) (Realtek Semiconductor Corp. -> Realtek Semiconductor) C:\Program Files\Realtek\Audio\HDA\RtkAudioService64.exe
(svchost.exe ->) (24803D75-212C-471A-BC57-9EF86AB91435 -> ) C:\Program Files\WindowsApps\5319275A.WhatsAppDesktop_2.2541.3.0_x64__cv1g1gvanyjgm\WhatsApp.exe
(svchost.exe ->) (Microsoft Windows -> Microsoft Corporation) C:\Windows\System32\dllhost.exe <3>
(svchost.exe ->) (Microsoft Windows -> Microsoft Corporation) C:\Windows\System32\smartscreen.exe

==================== Registry (Whitelisted) ===================

(If an entry is included in the fixlist, the registry item will be restored to default or removed. The file will not be moved.)

HKLM\...\Run: [RTHDVCPL] => C:\Program Files\Realtek\Audio\HDA\RAVCpl64.exe [19677472 2020-06-30] (Realtek Semiconductor Corp. -> Realtek Semiconductor)
HKLM\...\Run: [RtHDVBg_Dolby] => C:\Program Files\Realtek\Audio\HDA\RAVBg64.exe [3618080 2020-06-30] (Realtek Semiconductor Corp. -> Realtek Semiconductor)
HKLM\...\Run: [RtsCM] => C:\Windows\RTSCM64.EXE [210688 2015-10-13] (Realtek Semiconductor Corp -> Realtek Semiconductor Corp.)
HKLM\...\Run: [AdobeAAMUpdater-1.0] => C:\Program Files (x86)\Common Files\Adobe\OOBE\PDApp\UWA\UpdaterStartupUtility.exe [509936 2018-04-10] (Adobe Systems Incorporated -> Adobe Systems Incorporated)
HKLM-x32\...\Run: [Adobe CCXProcess] => C:\Program Files (x86)\Adobe\Adobe Creative Cloud Experience\CCXProcess.exe [129288 2023-12-04] (Adobe Inc. -> )
HKLM-x32\...\Run: [Wondershare Helper Compact.exe] => C:\Program Files (x86)\Common Files\Wondershare\Wondershare Helper Compact\WSHelper.exe [2133728 2017-09-12] (Wondershare Technology Co.,Ltd -> Wondershare)
HKLM-x32\...\Run: [ControlCenter4] => C:\Program Files (x86)\ControlCenter4\BrCcBoot.exe [139264 2013-04-08] (Brother Industries, Ltd.) [File not signed]
HKLM-x32\...\Run: [BrStsMon00] => C:\Program Files (x86)\Browny02\Brother\BrStMonW.exe [4522496 2013-03-22] (Brother Industries, Ltd.) [File not signed]
HKLM-x32\...\Run: [BrHelp] => C:\Program Files (x86)\Brother\Brother Help\BrotherHelp.exe [1944576 2013-03-07] (Brother Industries, Ltd.) [File not signed]
HKU\S-1-5-21-3260051251-3003698751-2184876508-1001\...\Run: [Microsoft Edge Update] => C:\Users\Admin\AppData\Local\Microsoft\EdgeUpdate\1.3.203.13\MicrosoftEdgeUpdateCore.exe [277048 2025-10-12] (Microsoft Corporation -> Microsoft Corporation)
HKU\S-1-5-21-3260051251-3003698751-2184876508-1001\...\Run: [MicrosoftEdgeAutoLaunch_5EFC0ECB77A7585FE9DCDD0B2E946A2B] => "C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --no-startup-window --win-session-start [4265000 2025-10-09] (Microsoft Corporation -> Microsoft Corporation)
HKU\S-1-5-21-3260051251-3003698751-2184876508-1001\...\Run: [LGHUB] => C:\Program Files\LGHUB\system_tray\lghub_system_tray.exe [24378192 2025-09-16] (Logitech Inc -> Logitech, Inc.)
HKU\S-1-5-21-3260051251-3003698751-2184876508-1001\...\Run: [Adobe Acrobat Synchronizer] => C:\Program Files\Adobe\Acrobat DC\Acrobat\AdobeCollabSync.exe [41579480 2025-09-29] (Adobe Inc. -> Adobe Systems Incorporated)
HKLM\Software\Microsoft\Active Setup\Installed Components: [{8A69D345-D564-463c-AFF1-A69D9E530F96}] -> C:\Program Files\Google\Chrome\Application\141.0.7390.54\Installer\chrmstp.exe [2025-10-04] (Google LLC -> Google LLC)

==================== Scheduled Tasks (Whitelisted) =================

(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)

Task: {35A45D80-5F78-4986-BCF4-1C315BE46FD8} - System32\Tasks\Adobe Acrobat Update Task => C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\AdobeARM.exe [1581568 2025-08-24] (Adobe Inc. -> Adobe Inc.)
Task: {76BBF751-47B5-4AF5-A715-E6DBC9BA7D62} - System32\Tasks\GoogleSystem\GoogleUpdater\GoogleUpdaterTaskSystem142.0.7416.0{F05CE0D0-29A6-459A-9988-B1B958CC9540} => C:\Program Files (x86)\Google\GoogleUpdater\142.0.7416.0\updater.exe [6863512 2025-09-15] (Google LLC -> Google LLC)
Task: {9C0F3D65-0FB9-4462-B5C5-76E61A2B22E8} - System32\Tasks\Microsoft\Office\Office 15 Subscription Heartbeat => C:\Program Files\Common Files\Microsoft Shared\Office16\OLicenseHeartbeat.exe [316632 2015-07-31] (Microsoft Corporation -> Microsoft Corporation)
Task: {5676E42E-83BC-4017-B61D-F2569C0E5D42} - System32\Tasks\Microsoft\Office\OfficeTelemetryAgentFallBack2016 => C:\Program Files\Microsoft Office\Office16\msoia.exe [416432 2015-07-31] (Microsoft Corporation -> Microsoft Corporation)
Task: {AE0A42B0-3DE2-470D-959F-F5797ED08086} - System32\Tasks\Microsoft\Office\OfficeTelemetryAgentLogOn2016 => C:\Program Files\Microsoft Office\Office16\msoia.exe [416432 2015-07-31] (Microsoft Corporation -> Microsoft Corporation)
Task: {6D47A28B-E6E7-4BEF-8BA2-8485D40AC8AE} - System32\Tasks\Microsoft\Windows\Windows Defender\Windows Defender Cache Maintenance => C:\ProgramData\Microsoft\Windows Defender\Platform\4.18.25080.5-0\MpCmdRun.exe [1778248 2025-09-18] (Microsoft Windows Publisher -> Microsoft Corporation)
Task: {04E4C331-3FAC-46E4-821E-7E530C0BBD83} - System32\Tasks\Microsoft\Windows\Windows Defender\Windows Defender Cleanup => C:\ProgramData\Microsoft\Windows Defender\Platform\4.18.25080.5-0\MpCmdRun.exe [1778248 2025-09-18] (Microsoft Windows Publisher -> Microsoft Corporation)
Task: {C220D288-B989-4AD1-A160-14D40E13FF34} - System32\Tasks\Microsoft\Windows\Windows Defender\Windows Defender Scheduled Scan => C:\ProgramData\Microsoft\Windows Defender\Platform\4.18.25080.5-0\MpCmdRun.exe [1778248 2025-09-18] (Microsoft Windows Publisher -> Microsoft Corporation)
Task: {143FA415-398D-4B67-A72C-44B36D10F765} - System32\Tasks\Microsoft\Windows\Windows Defender\Windows Defender Verification => C:\ProgramData\Microsoft\Windows Defender\Platform\4.18.25080.5-0\MpCmdRun.exe [1778248 2025-09-18] (Microsoft Windows Publisher -> Microsoft Corporation)
Task: {47517ABE-3A89-4F20-9C0E-412C4085E3FB} - System32\Tasks\MicrosoftEdgeUpdateTaskUserS-1-5-21-3260051251-3003698751-2184876508-1001Core{345A1CD2-8F45-4CFA-9785-0D4EAC18957A} => C:\Users\Admin\AppData\Local\Microsoft\EdgeUpdate\MicrosoftEdgeUpdate.exe [205880 2023-12-01] (Microsoft Corporation -> Microsoft Corporation)
Task: {51836913-F8DB-4088-B56B-1588D612C189} - System32\Tasks\MicrosoftEdgeUpdateTaskUserS-1-5-21-3260051251-3003698751-2184876508-1001UA{152E6660-A07E-4644-B395-8FEB8768CA9A} => C:\Users\Admin\AppData\Local\Microsoft\EdgeUpdate\MicrosoftEdgeUpdate.exe [205880 2023-12-01] (Microsoft Corporation -> Microsoft Corporation)
Task: {6AFA0292-089B-4818-8090-11752BF4A6B0} - System32\Tasks\Mozilla\Firefox Background Update 308046B0AF4A39CB => C:\Program Files\Mozilla Firefox\firefox.exe [693376 2025-10-15] (Mozilla Corporation -> Mozilla Corporation) -> C:\ProgramData\Mozilla-1de4eec8-1241-4177-a864-e594e8d1fb38\updates\308046B0AF4A39CB\--MOZ_LOG sync,prependheader,timestamp,append,maxsize:1,Dump:5 --MOZ_LOG_FILE C:\ProgramData\Mozilla-1de4eec8-1241-4177-a864-e594e8d1fb38\updates\308046B0AF4A39CB\backgroundupdate.moz_log --backgroundtask background (the data entry has 6 more characters).
Task: {F5CE98CF-A801-4C06-8C34-9E0214F21F95} - System32\Tasks\Mozilla\Firefox Background Update S-1-5-21-3260051251-3003698751-2184876508-1001 308046B0AF4A39CB => C:\Program Files\Mozilla Firefox\firefox.exe [693376 2025-10-15] (Mozilla Corporation -> Mozilla Corporation) -> C:\ProgramData\Mozilla-1de4eec8-1241-4177-a864-e594e8d1fb38\updates\308046B0AF4A39CB\--MOZ_LOG sync,prependheader,timestamp,append,maxsize:1,Dump:5 --MOZ_LOG_FILE C:\ProgramData\Mozilla-1de4eec8-1241-4177-a864-e594e8d1fb38\updates\308046B0AF4A39CB\backgroundupdate.moz_log --backgroundtask background (the data entry has 6 more characters).
Task: {C716E195-8057-47FB-B56F-41552D46CBE2} - System32\Tasks\Mozilla\Firefox Default Browser Agent 308046B0AF4A39CB => C:\Program Files\Mozilla Firefox\default-browser-agent.exe [34944 2025-10-15] (Mozilla Corporation -> Mozilla Foundation)
Task: {325D2C8B-4A3D-477F-974B-4B4AAF2CB6C2} - System32\Tasks\OneDrive Startup Task-S-1-5-21-3260051251-3003698751-2184876508-1001 => C:\Users\Admin\AppData\Local\Microsoft\OneDrive\25.179.0914.0003\OneDriveLauncher.exe [725864 2025-10-14] (Microsoft Corporation -> Microsoft Corporation)

(If an entry is included in the fixlist, the task (.job) file will be moved. The file which is running by the task will not be moved.)


==================== Internet (Whitelisted) ====================

(If an item is included in the fixlist, if it is a registry item it will be removed or restored to default.)

Tcpip\Parameters: [DhcpNameServer] 192.168.0.1
Tcpip\..\Interfaces\{03e0243e-6962-44b1-81f3-eeee08e9f5bb}: [DhcpNameServer] 192.168.0.1
Tcpip\..\Interfaces\{cadf30ae-5751-4815-9b4c-5da544af023b}: [DhcpNameServer] 192.168.0.1

Edge:
=======
Edge DefaultProfile: Default
Edge Profile: C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default [2025-10-11]
Edge Extension: (Malwarebytes Browser Guard) - C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\Extensions\bojobppfploabceghnmlahpoonbcbacn [2025-09-12]
Edge Extension: (Dokumenty Google offline) - C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\Extensions\ghbmnnjooekpmoecnnnilnnbdlolhkhi [2025-09-20]
Edge Extension: (Edge relevant text changes) - C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\Extensions\jmjflgjpcpepeafmmgdpfkogkghcpiha [2024-01-24]
Edge HKLM\...\Edge\Extension: [bojobppfploabceghnmlahpoonbcbacn]
Edge HKLM-x32\...\Edge\Extension: [bojobppfploabceghnmlahpoonbcbacn]

FireFox:
========
FF DefaultProfile: wecs4sq7.default
FF ProfilePath: C:\Users\Admin\AppData\Roaming\Mozilla\Firefox\Profiles\wecs4sq7.default [2024-11-19]
FF ProfilePath: C:\Users\Admin\AppData\Roaming\Mozilla\Firefox\Profiles\s82nlhr8.default-release-1720340111013 [2025-10-16]
FF Homepage: Mozilla\Firefox\Profiles\s82nlhr8.default-release-1720340111013 -> hxxps://www.seznam.cz/
FF Notifications: Mozilla\Firefox\Profiles\s82nlhr8.default-release-1720340111013 -> hxxps://www.blancheporte.cz; hxxps://csuange071bc738pvdcg.enhanceconnection.co.in; hxxps://csupkhu071bc739s22t0.enhanceconnection.co.in; hxxps://csuplv6071bc739s4n6g.enhanceprotocol.co.in; hxxps://csupmom071bc739s67b0.enhanceconnection.co.in; hxxps://84b7wjb8o9qv2g.enhanceconnection.co.in; hxxps://cvpbjq6071bc73ahmb0g.stabilizeconnection.co.in; hxxps://d3ofqlm071bc73824tb0.vynexbotshield.co.in
FF Extension: (New Tab) - C:\Users\Admin\AppData\Roaming\Mozilla\Firefox\Profiles\s82nlhr8.default-release-1720340111013\Extensions\newtab@mozilla.org.xpi [2025-10-02]
FF Extension: (Advanced Image Search) - C:\Users\Admin\AppData\Roaming\Mozilla\Firefox\Profiles\s82nlhr8.default-release-1720340111013\Extensions\{9191eef4-82e8-4da5-81a1-dbba6fc650ea}.xpi [2024-07-07]
FF Extension: (Dark Tranquillity Angels) - C:\Users\Admin\AppData\Roaming\Mozilla\Firefox\Profiles\s82nlhr8.default-release-1720340111013\Extensions\{b106e190-78cc-404b-b621-2d37c7769801}.xpi [2024-07-07]
FF Extension: (Data Leak Blocker) - C:\Users\Admin\AppData\Roaming\Mozilla\Firefox\Profiles\s82nlhr8.default-release-1720340111013\features\{4b4c5cf6-ce3a-47b1-9488-522277e99195}\data-leak-blocker@mozilla.com.xpi [2025-10-04]
FF Plugin: @microsoft.com/SharePoint,version=14.0 -> C:\PROGRA~1\MICROS~2\Office16\NPSPWRAP.DLL [2015-07-31] (Microsoft Corporation -> Microsoft Corporation)
FF Plugin: @videolan.org/vlc,version=3.0.20 -> C:\Program Files\VideoLAN\VLC\npvlc.dll [2023-10-30] (VideoLAN -> VideoLAN)
FF Plugin: Adobe Acrobat -> C:\Program Files\Adobe\Acrobat DC\Acrobat\Air\nppdf32.dll [2025-09-29] (Adobe Inc. -> Adobe Systems Inc.)
FF Plugin-x32: @microsoft.com/Lync,version=15.0 -> C:\Program Files (x86)\Mozilla Firefox\plugins\npmeetingjoinpluginoc.dll [2015-07-31] (Microsoft Corporation -> Microsoft Corporation)
FF Plugin-x32: @microsoft.com/SharePoint,version=14.0 -> C:\PROGRA~2\MICROS~2\Office16\NPSPWRAP.DLL [2015-07-31] (Microsoft Corporation -> Microsoft Corporation)

Chrome:
=======
CHR Profile: C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default [2025-09-16]
CHR Extension: (Adobe Acrobat: PDF edit, convert, sign tools) - C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Extensions\efaidnbmnnnibpcajpcglclefindmkaj [2025-09-16]
CHR Extension: (Dokumenty Google offline) - C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Extensions\ghbmnnjooekpmoecnnnilnnbdlolhkhi [2025-09-07]
CHR Extension: (Malwarebytes Browser Guard) - C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Extensions\ihcjicgdanjaechkgeegckofjjedodee [2025-09-09]
CHR Extension: (Platby Internetového obchodu Chrome) - C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Extensions\nmmhkkegccagdldgiimedpiccmgmieda [2025-07-01]
CHR HKLM\...\Chrome\Extension: [ihcjicgdanjaechkgeegckofjjedodee]
CHR HKU\S-1-5-21-3260051251-3003698751-2184876508-1001\SOFTWARE\Google\Chrome\Extensions\...\Chrome\Extension: [efaidnbmnnnibpcajpcglclefindmkaj]
CHR HKLM-x32\...\Chrome\Extension: [ihcjicgdanjaechkgeegckofjjedodee]

==================== Services (Whitelisted) ===================

(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)

R2 AdobeARMservice; C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\armsvc.exe [174584 2025-08-24] (Adobe Inc. -> Adobe Inc.)
S3 BrYNSvc; C:\Program Files (x86)\Browny02\BrYNSvc.exe [282112 2012-10-26] (Brother Industries, Ltd.) [File not signed]
R2 Dolby DAX2 API Service; C:\Program Files\Dolby\Dolby DAX2\DAX2_API\DolbyDAX2API.exe [189464 2020-06-02] (Dolby Laboratories, Inc. -> Dolby Laboratories, Inc.)
R2 HPPrintScanDoctorService; C:\Program Files\HPPrintScanDoctor\HPPrintScanDoctorService.exe [243720 2025-08-26] (HP Inc. -> HP Inc.)
R2 LGHUBUpdaterService; C:\Program Files\LGHUB\lghub_updater.exe [18843472 2025-09-16] (Logitech Inc -> Logitech, Inc.)
R2 MDCoreSvc; C:\ProgramData\Microsoft\Windows Defender\Platform\4.18.25080.5-0\MpDefenderCoreService.exe [2009656 2025-09-18] (Microsoft Windows Publisher -> Microsoft Corporation)
S3 Sense; C:\Program Files\Windows Defender Advanced Threat Protection\MsSense.exe [803064 2025-10-14] (Microsoft Windows Publisher -> Microsoft Corporation)
R3 WdNisSvc; C:\ProgramData\Microsoft\Windows Defender\Platform\4.18.25080.5-0\NisSrv.exe [4414464 2025-09-18] (Microsoft Windows Publisher -> Microsoft Corporation)
R2 WinDefend; C:\ProgramData\Microsoft\Windows Defender\Platform\4.18.25080.5-0\MsMpEng.exe [282480 2025-09-18] (Microsoft Windows Publisher -> Microsoft Corporation)
S2 AGSService; "C:\Program Files (x86)\Common Files\Adobe\AdobeGCClient\AGSService.exe" [X]

===================== Drivers (Whitelisted) ===================

(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)

S3 BthHFEnum; C:\Windows\System32\drivers\bthhfenum.sys [144896 2019-12-07] (Microsoft Corporation) [File not signed]
S3 BTHMODEM; C:\Windows\System32\drivers\bthmodem.sys [76800 2019-12-07] (Microsoft Corporation) [File not signed]
S3 dg_ssudbus; C:\Windows\system32\DRIVERS\ssudbus2.sys [167440 2022-09-30] (Samsung Electronics CO., LTD. -> Samsung Electronics Co., Ltd.)
R3 KslD; C:\Windows\System32\drivers\wd\KslD.sys [333216 2025-09-18] (Microsoft Windows -> Microsoft Corporation)
R3 LBAI; C:\Windows\System32\Drivers\LBAI.sys [23208 2017-11-13] (WDKTestCert Win10P64US,131547553407012624 -> Lenovo)
R3 logi_joy_bus_enum; C:\Windows\system32\drivers\logi_joy_bus_enum.sys [44992 2025-04-10] (Logitech Inc -> Logitech)
R3 logi_joy_vir_hid; C:\Windows\system32\drivers\logi_joy_vir_hid.sys [32200 2025-04-10] (Logitech Inc -> Logitech)
R3 logi_joy_xlcore; C:\Windows\system32\drivers\logi_joy_xlcore.sys [73152 2025-04-10] (Logitech Inc -> Logitech)
S3 ssudmdm; C:\Windows\system32\DRIVERS\ssudmdm.sys [174112 2022-09-30] (Samsung Electronics CO., LTD. -> Samsung Electronics Co., Ltd.)
S3 ss_conn_usb_driver2; C:\Windows\System32\Drivers\ss_conn_usb_driver2.sys [50720 2022-09-30] (Samsung Electronics CO., LTD. -> Samsung Electronics Co., Ltd.)
S0 WdBoot; C:\Windows\System32\drivers\wd\WdBoot.sys [20880 2025-09-18] (Microsoft Windows Early Launch Anti-malware Publisher -> Microsoft Corporation)
R0 WdFilter; C:\Windows\System32\drivers\wd\WdFilter.sys [627104 2025-09-18] (Microsoft Windows -> Microsoft Corporation)
R3 WdNisDrv; C:\Windows\System32\drivers\wd\WdNisDrv.sys [102816 2025-09-18] (Microsoft Windows -> Microsoft Corporation)

==================== NetSvcs (Whitelisted) ===================

(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)


==================== One month (created) (Whitelisted) =========

(If an entry is included in the fixlist, the file/folder will be moved.)

2025-10-16 16:33 - 2025-10-16 16:34 - 000020477 _____ C:\Users\Admin\Desktop\FRST.txt
2025-10-16 16:32 - 2025-10-16 16:32 - 002442752 _____ (Farbar) C:\Users\Admin\Desktop\FRST64.exe
2025-10-16 10:10 - 2025-10-16 10:10 - 000645477 _____ C:\Users\Admin\Desktop\zápočtový list 2025-10-16_100950.pdf
2025-10-16 10:08 - 2025-10-16 10:08 - 000560265 _____ C:\Users\Admin\Desktop\doklad o výdělku.pdf
2025-10-15 13:43 - 2025-10-16 14:06 - 000000000 ____D C:\Program Files\Mozilla Firefox
2025-10-14 18:14 - 2025-10-14 18:14 - 000181515 _____ C:\Users\Admin\Desktop\zruseni-ve-zd-ze-strany-zamestnance.pdf
2025-10-14 12:48 - 2025-10-14 12:48 - 000000000 ____D C:\Users\Admin\AppData\Local\Backup
2025-10-14 09:13 - 2025-10-14 09:13 - 000001260 _____ C:\Users\Admin\Desktop\cover – zástupce.lnk
2025-10-13 19:22 - 2025-10-13 19:22 - 006942829 _____ C:\Users\Admin\Downloads\Kutnar_Dejepisectvi_RanyStredovek.pdf
2025-10-13 11:25 - 2025-10-13 11:25 - 000998959 _____ C:\Users\Admin\Downloads\podaci_listek-2025-13-10-09-25-31.pdf
2025-10-12 12:38 - 2025-10-12 12:38 - 000000000 ____D C:\Users\Admin\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Webová aplikace Firefoxu
2025-10-10 13:56 - 2025-10-10 13:56 - 000415776 _____ C:\Users\Admin\Downloads\Hnilica_Kognitivní a metakognitivní strategie autoregulovaného učení.pdf
2025-10-10 13:55 - 2025-10-10 13:55 - 000618756 _____ C:\Users\Admin\Downloads\Úkol 1_metakognice_zadání.pdf
2025-10-10 08:55 - 2025-10-10 08:55 - 000126191 _____ C:\Users\Admin\Downloads\Faktury_email_Oleška_250991_2025_09.pdf
2025-10-02 18:52 - 2025-10-02 18:52 - 000070415 _____ C:\Users\Admin\Desktop\Směny 20252.xlsx
2025-09-30 16:33 - 2025-09-30 16:34 - 073654029 _____ C:\Users\Admin\Desktop\zasilka-TPKETN2Z33N4ULN8.zip
2025-09-23 15:31 - 2025-09-23 15:31 - 000068540 _____ C:\Users\Admin\Desktop\Směny 2025.xlsx
2025-09-21 21:07 - 2025-09-21 21:07 - 000000000 ____D C:\Users\Admin\AppData\LocalLow\Temp
2025-09-21 21:05 - 2025-10-03 18:35 - 000002033 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Adobe Acrobat.lnk
2025-09-19 21:28 - 2025-09-25 09:32 - 000000000 ____D C:\Users\Admin\Desktop\aparath singl
2025-09-19 08:08 - 2025-09-19 14:02 - 000012053 _____ C:\Users\Admin\Desktop\Tabulka_XYZ.xlsx
2025-09-17 13:11 - 2025-09-17 13:11 - 000000029 _____ C:\Users\Admin\Desktop\cubase kod.txt
2025-09-17 08:02 - 2025-09-17 08:02 - 000000856 _____ C:\Users\Public\Desktop\Logitech G HUB.lnk
2025-09-17 08:02 - 2025-09-17 08:02 - 000000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Logi
2025-09-17 08:02 - 2025-09-17 08:02 - 000000000 ____D C:\Program Files\LGHUB

==================== One month (modified) ==================

(If an entry is included in the fixlist, the file/folder will be moved.)

2025-10-16 16:34 - 2024-11-19 18:00 - 000000000 ____D C:\FRST
2025-10-16 16:30 - 2023-12-01 15:17 - 000000000 ____D C:\ProgramData\Mozilla-1de4eec8-1241-4177-a864-e594e8d1fb38
2025-10-16 16:27 - 2019-12-07 11:14 - 000000000 ____D C:\ProgramData\regid.1991-06.com.microsoft
2025-10-16 15:08 - 2023-11-27 17:12 - 000000000 ____D C:\Windows\system32\SleepStudy
2025-10-16 14:15 - 2019-12-07 11:14 - 000000000 ___HD C:\Program Files\WindowsApps
2025-10-16 14:15 - 2019-12-07 11:14 - 000000000 ____D C:\Windows\AppReadiness
2025-10-16 14:10 - 2023-11-27 16:21 - 001694140 _____ C:\Windows\system32\PerfStringBackup.INI
2025-10-16 14:10 - 2019-12-07 16:43 - 000717008 _____ C:\Windows\system32\perfh005.dat
2025-10-16 14:10 - 2019-12-07 16:43 - 000145186 _____ C:\Windows\system32\perfc005.dat
2025-10-16 14:10 - 2019-12-07 11:13 - 000000000 ____D C:\Windows\INF
2025-10-16 14:06 - 2023-12-01 15:17 - 000000000 ____D C:\Program Files (x86)\Mozilla Maintenance Service
2025-10-16 14:06 - 2023-11-27 17:12 - 000008192 ___SH C:\DumpStack.log.tmp
2025-10-16 14:06 - 2023-11-27 17:12 - 000000006 ____H C:\Windows\Tasks\SA.DAT
2025-10-16 14:06 - 2023-11-27 16:38 - 000000000 __SHD C:\Users\Admin\IntelGraphicsProfiles
2025-10-16 14:06 - 2023-11-27 16:16 - 000000000 ____D C:\Users\Admin
2025-10-16 14:06 - 2019-12-07 11:14 - 000000000 ____D C:\Windows\ServiceState
2025-10-16 13:37 - 2023-12-04 17:11 - 000000000 ____D C:\Users\Admin\AppData\Roaming\Mp3tag
2025-10-16 13:22 - 2023-11-27 16:16 - 000000000 ____D C:\Users\Admin\AppData\Local\D3DSCache
2025-10-16 06:32 - 2023-05-05 14:28 - 000000000 ____D C:\Windows\SystemTemp
2025-10-16 06:24 - 2024-04-15 18:53 - 000000000 ____D C:\Users\Admin\AppData\Local\LGHUB
2025-10-15 13:57 - 2023-12-01 15:17 - 000001073 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Firefox.lnk
2025-10-15 13:57 - 2023-12-01 15:17 - 000000000 ____D C:\Windows\system32\Tasks\Mozilla
2025-10-14 19:40 - 2023-12-01 16:30 - 000000000 ____D C:\Users\Admin\AppData\Roaming\Microsoft\Word
2025-10-14 18:07 - 2023-11-27 16:16 - 000000000 ____D C:\Users\Admin\AppData\Local\Packages
2025-10-14 12:51 - 2025-02-06 21:59 - 000003576 _____ C:\Windows\system32\Tasks\OneDrive Startup Task-S-1-5-21-3260051251-3003698751-2184876508-1001
2025-10-14 12:51 - 2023-11-27 16:18 - 000003592 _____ C:\Windows\system32\Tasks\OneDrive Reporting Task-S-1-5-21-3260051251-3003698751-2184876508-1001
2025-10-14 12:51 - 2023-11-27 16:18 - 000003372 _____ C:\Windows\system32\Tasks\OneDrive Standalone Update Task-S-1-5-21-3260051251-3003698751-2184876508-1001
2025-10-14 12:51 - 2023-11-27 16:16 - 000002424 _____ C:\Users\Admin\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\OneDrive.lnk
2025-10-14 12:47 - 2019-12-07 11:03 - 000524288 _____ C:\Windows\system32\config\BBI
2025-10-14 11:33 - 2023-11-27 16:16 - 000000000 __RHD C:\Users\Public\AccountPictures
2025-10-14 11:33 - 2023-11-27 16:16 - 000000000 ____D C:\Users\Admin\AppData\Local\ConnectedDevicesPlatform
2025-10-14 10:42 - 2025-08-07 08:32 - 000000000 ____D C:\Users\Admin\AppData\Roaming\Silverjuke
2025-10-14 08:39 - 2024-07-10 17:58 - 000000000 ____D C:\Windows\system32\compatrel
2025-10-14 08:39 - 2019-12-07 16:47 - 000000000 ____D C:\Program Files\Windows Defender Advanced Threat Protection
2025-10-14 08:39 - 2019-12-07 11:14 - 000000000 ___RD C:\Windows\ImmersiveControlPanel
2025-10-14 08:39 - 2019-12-07 11:14 - 000000000 ____D C:\Windows\SystemResources
2025-10-14 08:39 - 2019-12-07 11:14 - 000000000 ____D C:\Windows\system32\oobe
2025-10-14 08:39 - 2019-12-07 11:14 - 000000000 ____D C:\Windows\Provisioning
2025-10-14 08:39 - 2019-12-07 11:14 - 000000000 ____D C:\Windows\bcastdvr
2025-10-14 08:17 - 2019-12-07 11:03 - 000000000 ____D C:\Windows\CbsTemp
2025-10-14 08:16 - 2023-11-27 16:14 - 003016192 _____ (Microsoft Corporation) C:\Windows\SysWOW64\PrintConfig.dll
2025-10-13 20:25 - 2024-01-04 19:29 - 000000000 ____D C:\Users\Admin\AppData\Roaming\Microsoft\Excel
2025-10-13 19:32 - 2023-12-01 16:30 - 000000000 ____D C:\Users\Admin\AppData\Roaming\Microsoft\Office
2025-10-13 08:43 - 2023-12-01 16:45 - 000000000 ____D C:\ProgramData\TEMP
2025-10-13 07:54 - 2023-11-27 17:12 - 000003640 _____ C:\Windows\system32\Tasks\MicrosoftEdgeUpdateTaskMachineUA
2025-10-13 07:54 - 2023-11-27 17:12 - 000003514 _____ C:\Windows\system32\Tasks\MicrosoftEdgeUpdateTaskMachineCore
2025-10-12 09:40 - 2023-12-01 14:39 - 000003980 _____ C:\Windows\system32\Tasks\MicrosoftEdgeUpdateTaskUserS-1-5-21-3260051251-3003698751-2184876508-1001UA{152E6660-A07E-4644-B395-8FEB8768CA9A}
2025-10-12 09:40 - 2023-12-01 14:39 - 000003914 _____ C:\Windows\system32\Tasks\MicrosoftEdgeUpdateTaskUserS-1-5-21-3260051251-3003698751-2184876508-1001Core{345A1CD2-8F45-4CFA-9785-0D4EAC18957A}
2025-10-11 06:55 - 2023-11-27 17:12 - 000002436 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Microsoft Edge.lnk
2025-10-11 06:55 - 2023-11-27 17:12 - 000002274 _____ C:\Users\Public\Desktop\Microsoft Edge.lnk
2025-10-10 21:22 - 2025-04-28 09:46 - 000000000 ____D C:\Users\Admin\Downloads\Ondra-Destroy!
2025-10-10 10:42 - 2023-11-27 17:12 - 000437848 _____ C:\Windows\system32\FNTCACHE.DAT
2025-10-07 20:40 - 2023-12-26 23:04 - 000000000 ____D C:\Users\Admin\AppData\Roaming\vlc
2025-10-06 18:34 - 2024-09-11 09:59 - 000000000 ____D C:\Users\Admin\Downloads\APARATH
2025-10-04 19:47 - 2025-07-01 21:50 - 000002207 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Google Chrome.lnk
2025-10-04 19:47 - 2025-07-01 21:50 - 000002166 _____ C:\Users\Public\Desktop\Google Chrome.lnk
2025-09-26 08:13 - 2024-01-26 15:49 - 000012448 _____ C:\Users\Admin\Desktop\Voda.xlsx
2025-09-24 09:33 - 2019-12-07 11:14 - 000000000 ____D C:\Windows\system32\NDF
2025-09-23 07:57 - 2023-12-19 00:15 - 000000000 ____D C:\Users\Admin\AppData\Local\CrashDumps
2025-09-21 21:07 - 2023-12-02 10:52 - 000000000 ____D C:\Users\Admin\AppData\LocalLow\Adobe
2025-09-21 21:06 - 2023-12-01 16:34 - 000000000 ____D C:\Users\Admin\AppData\Roaming\com.adobe.dunamis
2025-09-21 21:06 - 2023-12-01 16:33 - 000000000 ____D C:\Users\Admin\AppData\Local\Adobe
2025-09-21 21:05 - 2024-06-18 11:04 - 000004562 _____ C:\Windows\system32\Tasks\Adobe Acrobat Update Task
2025-09-21 21:04 - 2023-12-01 16:34 - 000000000 ____D C:\Program Files\Common Files\Adobe
2025-09-21 20:59 - 2023-12-01 16:33 - 000000000 ____D C:\ProgramData\Adobe
2025-09-18 12:04 - 2023-11-27 17:12 - 000000000 ____D C:\Windows\system32\Drivers\wd
2025-09-18 10:38 - 2024-05-15 08:38 - 000000000 ____D C:\Users\Admin\Downloads\PROG
2025-09-18 09:44 - 2023-12-01 16:34 - 000000000 ____D C:\ProgramData\Package Cache
2025-09-17 08:03 - 2024-04-15 18:53 - 000000000 ____D C:\Users\Admin\AppData\Roaming\G HUB
2025-09-17 08:02 - 2025-04-25 13:36 - 000000000 ____D C:\Users\Admin\AppData\Roaming\lghub

==================== Files in the root of some directories ========

2023-12-01 17:48 - 2025-09-21 21:00 - 000000820 _____ () C:\Users\Admin\AppData\Local\oobelibMkey.log
2024-02-12 23:28 - 2024-02-12 23:28 - 000000017 _____ () C:\Users\Admin\AppData\Local\resmon.resmoncfg

==================== SigCheck ============================

(There is no automatic fix for files that do not pass verification.)

==================== End of FRST.txt ========================


Additional scan result of Farbar Recovery Scan Tool (x64) Version: 11-10-2025
Ran by Admin (16-10-2025 16:35:29)
Running from C:\Users\Admin\Desktop
Microsoft Windows 10 Pro Version 22H2 19045.6396 (X64) (2023-11-27 14:14:16)
Boot Mode: Normal
==========================================================


==================== Accounts: =============================

(If an entry is included in the fixlist, it will be removed.)

Admin (S-1-5-21-3260051251-3003698751-2184876508-1001 - Administrator - Enabled) => C:\Users\Admin
Administrator (S-1-5-21-3260051251-3003698751-2184876508-500 - Administrator - Disabled)
DefaultAccount (S-1-5-21-3260051251-3003698751-2184876508-503 - Limited - Disabled)
Guest (S-1-5-21-3260051251-3003698751-2184876508-501 - Limited - Disabled)
WDAGUtilityAccount (S-1-5-21-3260051251-3003698751-2184876508-504 - Limited - Disabled)

==================== Security Center ========================

(If an entry is included in the fixlist, it will be removed.)

AV: Windows Defender (Enabled - Up to date) {D68DDC3A-831F-4fae-9E44-DA132C1ACF46}

==================== Installed Programs ======================

(Only the adware programs with "Hidden" flag could be added to the fixlist to unhide them. The adware programs should be uninstalled manually.)

Adobe Acrobat (64-bit) (HKLM\...\{AC76BA86-1029-1033-7760-BC15014EA700}) (Version: 25.001.20756 - Adobe)
Adobe Audition 2023 (HKLM-x32\...\AUDT_23_3) (Version: 23.3 - Adobe Inc.)
Adobe Illustrator 2021 (HKLM-x32\...\ILST_25_4_1) (Version: 25.4.1 - Adobe Inc.)
Adobe Photoshop 2024 (HKLM-x32\...\PHSP_25_1) (Version: 25.1.0.120 - Adobe Inc.)
Adobe Refresh Manager (HKLM-x32\...\{AC76BA86-0804-1033-1959-018244601120}) (Version: 1.8.0 - Adobe Systems Incorporated) Hidden
Brother MFL-Pro Suite MFC-J6520DW (HKLM-x32\...\{6A367B4D-2E1C-4843-9FF0-A1DF1DEAB1E6}) (Version: 1.0.0.0 - Brother Industries, Ltd.)
Dolby Audio X2 Windows API SDK (HKLM\...\{FA0735B6-9E18-437A-A1CD-9152650FC52B}) (Version: 0.8.8.90 - Dolby Laboratories, Inc.)
EZ CD Audio Converter (HKLM-x32\...\EZ CD Audio Converter) (Version: 11.0.2 - Poikosoft)
FontLab 8 (64-bit) (HKLM-x32\...\{F7851B69-FE71-44D2-9698-7E9BF5AF390F}_is1) (Version: 8.0 - FontLab)
Google Chrome (HKLM-x32\...\Google Chrome) (Version: 141.0.7390.54 - Google LLC)
Integrated Camera (HKLM-x32\...\{E399A5B3-ED53-4DEA-AF04-8011E1EB1EAC}) (Version: 10.0.10120.11107 - Realtek Semiconductor Corp.)
Intel(R) Processor Graphics (HKLM-x32\...\{F0E3AD40-2BBD-4360-9C76-B9AC9A5886EA}) (Version: 22.20.16.4708 - Intel Corporation)
Logitech G HUB (HKLM\...\{521c89be-637f-4274-a840-baaf7460c2b2}) (Version: 2025.7.768359 - Logitech)
Microsoft Access MUI (Czech) 2016 (HKLM\...\{90160000-0015-0405-1000-0000000FF1CE}) (Version: 16.0.4266.1001 - Microsoft Corporation) Hidden
Microsoft DCF MUI (Czech) 2016 (HKLM\...\{90160000-0090-0405-1000-0000000FF1CE}) (Version: 16.0.4266.1001 - Microsoft Corporation) Hidden
Microsoft Edge (HKLM-x32\...\Microsoft Edge) (Version: 141.0.3537.71 - Microsoft Corporation)
Microsoft Edge WebView2 Runtime (HKLM-x32\...\Microsoft EdgeWebView) (Version: 141.0.3537.71 - Microsoft Corporation) Hidden
Microsoft Excel MUI (Czech) 2016 (HKLM\...\{90160000-0016-0405-1000-0000000FF1CE}) (Version: 16.0.4266.1001 - Microsoft Corporation) Hidden
Microsoft Groove MUI (Czech) 2016 (HKLM\...\{90160000-00BA-0405-1000-0000000FF1CE}) (Version: 16.0.4266.1001 - Microsoft Corporation) Hidden
Microsoft InfoPath MUI (Czech) 2016 (HKLM\...\{90160000-0044-0405-1000-0000000FF1CE}) (Version: 16.0.4266.1001 - Microsoft Corporation) Hidden
Microsoft Office 32-bit Components 2016 (HKLM\...\{90160000-00C1-0000-1000-0000000FF1CE}) (Version: 16.0.4266.1001 - Microsoft Corporation) Hidden
Microsoft Office Korrekturhilfen 2016 – Deutsch (HKLM\...\{90160000-001F-0407-1000-0000000FF1CE}) (Version: 16.0.4266.1001 - Microsoft Corporation) Hidden
Microsoft Office OSM MUI (Czech) 2016 (HKLM\...\{90160000-00E1-0405-1000-0000000FF1CE}) (Version: 16.0.4266.1001 - Microsoft Corporation) Hidden
Microsoft Office OSM UX MUI (Czech) 2016 (HKLM\...\{90160000-00E2-0405-1000-0000000FF1CE}) (Version: 16.0.4266.1001 - Microsoft Corporation) Hidden
Microsoft Office Professional Plus 2016 (HKLM\...\{90160000-0011-0000-1000-0000000FF1CE}) (Version: 16.0.4266.1001 - Microsoft Corporation) Hidden
Microsoft Office Professional Plus 2016 (HKLM\...\Office16.PROPLUS) (Version: 16.0.4266.1001 - Microsoft Corporation)
Microsoft Office Proofing (Czech) 2016 (HKLM\...\{90160000-002C-0405-1000-0000000FF1CE}) (Version: 16.0.4266.1001 - Microsoft Corporation) Hidden
Microsoft Office Proofing Tools 2016 - English (HKLM\...\{90160000-001F-0409-1000-0000000FF1CE}) (Version: 16.0.4266.1001 - Microsoft Corporation) Hidden
Microsoft Office Shared 32-bit MUI (Czech) 2016 (HKLM\...\{90160000-00C1-0405-1000-0000000FF1CE}) (Version: 16.0.4266.1001 - Microsoft Corporation) Hidden
Microsoft Office Shared MUI (Czech) 2016 (HKLM\...\{90160000-006E-0405-1000-0000000FF1CE}) (Version: 16.0.4266.1001 - Microsoft Corporation) Hidden
Microsoft OneDrive (HKU\S-1-5-21-3260051251-3003698751-2184876508-1001\...\OneDriveSetup.exe) (Version: 25.179.0914.0003 - Microsoft Corporation)
Microsoft OneNote MUI (Czech) 2016 (HKLM\...\{90160000-00A1-0405-1000-0000000FF1CE}) (Version: 16.0.4266.1001 - Microsoft Corporation) Hidden
Microsoft Outlook MUI (Czech) 2016 (HKLM\...\{90160000-001A-0405-1000-0000000FF1CE}) (Version: 16.0.4266.1001 - Microsoft Corporation) Hidden
Microsoft PowerPoint MUI (Czech) 2016 (HKLM\...\{90160000-0018-0405-1000-0000000FF1CE}) (Version: 16.0.4266.1001 - Microsoft Corporation) Hidden
Microsoft Publisher MUI (Czech) 2016 (HKLM\...\{90160000-0019-0405-1000-0000000FF1CE}) (Version: 16.0.4266.1001 - Microsoft Corporation) Hidden
Microsoft Skype for Business MUI (Czech) 2016 (HKLM\...\{90160000-012B-0405-1000-0000000FF1CE}) (Version: 16.0.4266.1001 - Microsoft Corporation) Hidden
Microsoft Update Health Tools (HKLM\...\{1FC1A6C2-576E-489A-9B4A-92D21F542136}) (Version: 3.74.0.0 - Microsoft Corporation)
Microsoft Visual C++ 2005 Redistributable (HKLM-x32\...\{710f4c1c-cc18-4c49-8cbf-51240c89a1a2}) (Version: 8.0.61001 - Microsoft Corporation)
Microsoft Visual C++ 2005 Redistributable (x64) (HKLM\...\{ad8a2fa1-06e7-4b0d-927d-6e54b3d31028}) (Version: 8.0.61000 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x64 9.0.30729.4148 (HKLM\...\{4B6C7001-C7D6-3710-913E-5BC23FCE91E6}) (Version: 9.0.30729.4148 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x64 9.0.30729.6161 (HKLM\...\{5FCE6D76-F5DC-37AB-B2B8-22AB8CEDB1D4}) (Version: 9.0.30729.6161 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.6161 (HKLM-x32\...\{9BE518E6-ECC6-35A9-88E4-87755C07200F}) (Version: 9.0.30729.6161 - Microsoft Corporation)
Microsoft Visual C++ 2010 x64 Redistributable - 10.0.40219 (HKLM\...\{1D8E6291-B0D5-35EC-8441-6616F567A0F7}) (Version: 10.0.40219 - Microsoft Corporation)
Microsoft Visual C++ 2010 x86 Redistributable - 10.0.40219 (HKLM-x32\...\{F0C3E5D1-1ADE-321E-8167-68EF0DE699A5}) (Version: 10.0.40219 - Microsoft Corporation)
Microsoft Visual C++ 2012 Redistributable (x64) - 11.0.61030 (HKLM-x32\...\{ca67548a-5ebe-413a-b50c-4b9ceb6d66c6}) (Version: 11.0.61030.0 - Microsoft Corporation)
Microsoft Visual C++ 2012 Redistributable (x86) - 11.0.61030 (HKLM-x32\...\{33d1fd90-4274-48a1-9bc1-97e33d9c2d6f}) (Version: 11.0.61030.0 - Microsoft Corporation)
Microsoft Visual C++ 2012 x64 Additional Runtime - 11.0.61030 (HKLM\...\{37B8F9C7-03FB-3253-8781-2517C99D7C00}) (Version: 11.0.61030 - Microsoft Corporation) Hidden
Microsoft Visual C++ 2012 x64 Minimum Runtime - 11.0.61030 (HKLM\...\{CF2BEA3C-26EA-32F8-AA9B-331F7E34BA97}) (Version: 11.0.61030 - Microsoft Corporation) Hidden
Microsoft Visual C++ 2012 x86 Additional Runtime - 11.0.61030 (HKLM-x32\...\{B175520C-86A2-35A7-8619-86DC379688B9}) (Version: 11.0.61030 - Microsoft Corporation) Hidden
Microsoft Visual C++ 2012 x86 Minimum Runtime - 11.0.61030 (HKLM-x32\...\{BD95A8CD-1D9F-35AD-981A-3E7925026EBB}) (Version: 11.0.61030 - Microsoft Corporation) Hidden
Microsoft Visual C++ 2013 Redistributable (x64) - 12.0.40664 (HKLM-x32\...\{042d26ef-3dbe-4c25-95d3-4c1b11b235a7}) (Version: 12.0.40664.0 - Microsoft Corporation)
Microsoft Visual C++ 2013 Redistributable (x86) - 12.0.40664 (HKLM-x32\...\{9dff3540-fc85-4ed5-ac84-9e3c7fd8bece}) (Version: 12.0.40664.0 - Microsoft Corporation)
Microsoft Visual C++ 2013 x64 Additional Runtime - 12.0.40664 (HKLM\...\{010792BA-551A-3AC0-A7EF-0FAB4156C382}) (Version: 12.0.40664 - Microsoft Corporation) Hidden
Microsoft Visual C++ 2013 x64 Minimum Runtime - 12.0.40664 (HKLM\...\{53CF6934-A98D-3D84-9146-FC4EDF3D5641}) (Version: 12.0.40664 - Microsoft Corporation) Hidden
Microsoft Visual C++ 2013 x86 Additional Runtime - 12.0.40664 (HKLM-x32\...\{D401961D-3A20-3AC7-943B-6139D5BD490A}) (Version: 12.0.40664 - Microsoft Corporation) Hidden
Microsoft Visual C++ 2013 x86 Minimum Runtime - 12.0.40664 (HKLM-x32\...\{8122DAB1-ED4D-3676-BB0A-CA368196543E}) (Version: 12.0.40664 - Microsoft Corporation) Hidden
Microsoft Visual C++ 2015-2022 Redistributable (x64) - 14.38.33135 (HKLM-x32\...\{c649ede4-f16a-4486-a117-dcc2f2a35165}) (Version: 14.38.33135.0 - Microsoft Corporation)
Microsoft Visual C++ 2015-2022 Redistributable (x86) - 14.38.33135 (HKLM-x32\...\{46c3b171-c15c-4137-8e1d-67eeb2985b44}) (Version: 14.38.33135.0 - Microsoft Corporation)
Microsoft Visual C++ 2022 X64 Additional Runtime - 14.38.33135 (HKLM\...\{19AFE054-CA83-45D5-A9DB-4108EF4BD391}) (Version: 14.38.33135 - Microsoft Corporation) Hidden
Microsoft Visual C++ 2022 X64 Minimum Runtime - 14.38.33135 (HKLM\...\{AA0C8AB5-7297-4D46-A0D9-08096FE59E46}) (Version: 14.38.33135 - Microsoft Corporation) Hidden
Microsoft Visual C++ 2022 X86 Additional Runtime - 14.38.33135 (HKLM-x32\...\{9C19C103-7DB1-44D1-A039-2C076A633A38}) (Version: 14.38.33135 - Microsoft Corporation) Hidden
Microsoft Visual C++ 2022 X86 Minimum Runtime - 14.38.33135 (HKLM-x32\...\{286DC39B-5FB7-4AFF-9DD4-22DB47664CD7}) (Version: 14.38.33135 - Microsoft Corporation) Hidden
Microsoft Word MUI (Czech) 2016 (HKLM\...\{90160000-001B-0405-1000-0000000FF1CE}) (Version: 16.0.4266.1001 - Microsoft Corporation) Hidden
MixMeister BPM Analyzer 1.0 (HKLM-x32\...\MixMeister BPM Analyzer_is1) (Version: - MixMeister Technology LLC)
Mozilla Firefox (x64 cs) (HKLM\...\Mozilla Firefox) (Version: 144.0 - Mozilla)
Mozilla Maintenance Service (HKLM\...\MozillaMaintenanceService) (Version: 120.0.1 - Mozilla)
Mp3tag v3.31a (HKLM\...\Mp3tag) (Version: 3.31a - Florian Heidenreich)
Nástroje kontroly pravopisu pro Microsoft Office 2016 – čeština (HKLM\...\{90160000-001F-0405-1000-0000000FF1CE}) (Version: 16.0.4266.1001 - Microsoft Corporation) Hidden
Nástroje korektúry balíka Microsoft Office 2016 - slovenčina (HKLM\...\{90160000-001F-041B-1000-0000000FF1CE}) (Version: 16.0.4266.1001 - Microsoft Corporation) Hidden
Navigation Updater (HKU\S-1-5-21-3260051251-3003698751-2184876508-1001\...\{cc421fe9-06b3-474a-809a-80908170203b}) (Version: 2.2.3.8 - HYUNDAI MOTOR GROUP)
Realtek Card Reader (HKLM-x32\...\{5BC2B5AB-80DE-4E83-B8CF-426902051D0A}) (Version: 10.0.16299.31239 - Realtek Semiconductor Corp.)
Silverjuke 16.5.3 (HKLM-x32\...\Silverjuke) (Version: 16.5.3 - Bjoern Petersen Software Design and Development)
TIDAL (HKU\S-1-5-21-3260051251-3003698751-2184876508-1001\...\TIDAL) (Version: 2.36.2 - TIDAL Music AS)
Update for x64-based Windows Systems (KB5001716) (HKLM\...\{B8D93870-98D1-4980-AFCA-E26563CDFB79}) (Version: 8.94.0.0 - Microsoft Corporation)
UXP WebView Support (HKLM-x32\...\UXPW_1_1_0) (Version: 1.1.0 - Adobe Inc.)
VLC media player (HKLM\...\VLC media player) (Version: 3.0.20 - VideoLAN)
Vulkan Run Time Libraries 1.0.42.0 (HKLM\...\VulkanRT1.0.42.0) (Version: 1.0.42.0 - LunarG, Inc.)
WinRAR 6.20 (64-bit) (HKLM\...\WinRAR archiver) (Version: 6.20.0 - win.rar GmbH)
Wondershare Helper Compact 2.6.0 (HKLM-x32\...\{5363CE84-5F09-48A1-8B6C-6BB590FFEDF2}_is1) (Version: 2.6.0 - Wondershare)

Packages:
=========
HP Smart -> C:\Program Files\WindowsApps\AD2F1837.HPPrinterControl_161.1.1087.0_x64__v10z8vjag6ke6 [2025-08-26] (HP Inc.)
Spotify – hudba a podcasty -> C:\Program Files\WindowsApps\SpotifyAB.SpotifyMusic_1.274.477.0_x64__zpdnekdrzrea0 [2025-10-08] (Spotify AB) [Startup Task]
WhatsApp -> C:\Program Files\WindowsApps\5319275A.WhatsAppDesktop_2.2541.3.0_x64__cv1g1gvanyjgm [2025-10-16] (WhatsApp Inc.) [Startup Task]

==================== Custom CLSID (Whitelisted): ==============

(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)

CustomCLSID: HKU\S-1-5-21-3260051251-3003698751-2184876508-1001_Classes\CLSID\{1C67DF85-7959-43C0-92F8-2CAD0314C31C}\InprocServer32 -> C:\Users\Admin\AppData\Local\Microsoft\EdgeUpdate\1.3.201.11\psuser_64.dll => No File
CustomCLSID: HKU\S-1-5-21-3260051251-3003698751-2184876508-1001_Classes\CLSID\{38142727-3008-9161-1521-349515000000}\localserver32 -> C:\Program Files\Adobe\Acrobat DC\Acrobat\ADNotificationManager.exe (Adobe Inc. -> Adobe)
CustomCLSID: HKU\S-1-5-21-3260051251-3003698751-2184876508-1001_Classes\CLSID\{41B09861-5409-4D44-8CA4-D49FBFAA2E6F}\InprocServer32 -> C:\Users\Admin\AppData\Local\Microsoft\EdgeUpdate\1.3.195.49\psuser_64.dll => No File
CustomCLSID: HKU\S-1-5-21-3260051251-3003698751-2184876508-1001_Classes\CLSID\{47E6DCAF-41F8-441C-BD0E-A50D5FE6C4D1}\localserver32 -> C:\Users\Admin\AppData\Local\Microsoft\OneDrive\25.179.0914.0003\OneDrive.Sync.Service.exe (Microsoft Corporation -> Microsoft Corporation)
CustomCLSID: HKU\S-1-5-21-3260051251-3003698751-2184876508-1001_Classes\CLSID\{5EA43877-C6D8-4885-B77A-C0BB27E94372}\InprocServer32 -> C:\Users\Admin\AppData\Local\Microsoft\EdgeUpdate\1.3.203.13\psuser_64.dll (Microsoft Corporation -> Microsoft Corporation)
CustomCLSID: HKU\S-1-5-21-3260051251-3003698751-2184876508-1001_Classes\CLSID\{6A49690B-7DB6-424B-81CE-F51078F2A58D}\InprocServer32 -> C:\Users\Admin\AppData\Local\Microsoft\EdgeUpdate\1.3.203.13\psuser_64.dll (Microsoft Corporation -> Microsoft Corporation)
CustomCLSID: HKU\S-1-5-21-3260051251-3003698751-2184876508-1001_Classes\CLSID\{79F05C14-E714-4C12-9924-93C812894CB0}\InprocServer32 -> C:\Users\Admin\AppData\Local\Microsoft\EdgeUpdate\1.3.195.57\psuser_64.dll => No File
CustomCLSID: HKU\S-1-5-21-3260051251-3003698751-2184876508-1001_Classes\CLSID\{7EFB4924-4B93-4C43-9832-9C3D05E85214}\InprocServer32 -> C:\Users\Admin\AppData\Local\Microsoft\EdgeUpdate\1.3.195.59\psuser_64.dll => No File
CustomCLSID: HKU\S-1-5-21-3260051251-3003698751-2184876508-1001_Classes\CLSID\{81093D63-7825-417B-BFC8-ADC63FA4E53D}\InprocServer32 -> C:\Users\Admin\AppData\Local\Microsoft\EdgeUpdate\1.3.203.13\psuser_64.dll (Microsoft Corporation -> Microsoft Corporation)
CustomCLSID: HKU\S-1-5-21-3260051251-3003698751-2184876508-1001_Classes\CLSID\{917E8742-AA3B-7318-FA12-10485FB322A2}\localserver32 -> C:\Users\Admin\AppData\Local\Microsoft\OneDrive\25.179.0914.0003\OneDrive.Sync.Service.exe (Microsoft Corporation -> Microsoft Corporation)
CustomCLSID: HKU\S-1-5-21-3260051251-3003698751-2184876508-1001_Classes\CLSID\{C88B3957-621C-415B-8EE5-B688FC7EF924}\InprocServer32 -> C:\Users\Admin\AppData\Local\Microsoft\EdgeUpdate\1.3.195.61\psuser_64.dll => No File
CustomCLSID: HKU\S-1-5-21-3260051251-3003698751-2184876508-1001_Classes\CLSID\{D2188EEC-2B0F-488C-8ECA-5285E8ECD87D}\InprocServer32 -> C:\Users\Admin\AppData\Local\Microsoft\EdgeUpdate\1.3.195.69\psuser_64.dll => No File
CustomCLSID: HKU\S-1-5-21-3260051251-3003698751-2184876508-1001_Classes\CLSID\{D8599F80-3D26-46D2-8CF1-0AD21B0ECF31}\InprocServer32 -> C:\Users\Admin\AppData\Local\Microsoft\EdgeUpdate\1.3.195.65\psuser_64.dll => No File
CustomCLSID: HKU\S-1-5-21-3260051251-3003698751-2184876508-1001_Classes\CLSID\{ECCE2756-C45D-4E13-BC2D-EC9F138997E6}\InprocServer32 -> C:\Users\Admin\AppData\Local\Microsoft\EdgeUpdate\1.3.199.11\psuser_64.dll => No File
ShellIconOverlayIdentifiers: [ AccExtIco1] -> {AB9CF9F8-8A96-4F9D-BF21-CE85714C3A47} => C:\Program Files (x86)\Common Files\Adobe\CoreSyncExtension\CoreSync_x64.dll [2023-12-04] (Adobe Inc. -> )
ShellIconOverlayIdentifiers: [ AccExtIco2] -> {853B7E05-C47D-4985-909A-D0DC5C6D7303} => C:\Program Files (x86)\Common Files\Adobe\CoreSyncExtension\CoreSync_x64.dll [2023-12-04] (Adobe Inc. -> )
ShellIconOverlayIdentifiers: [ AccExtIco3] -> {42D38F2E-98E9-4382-B546-E24E4D6D04BB} => C:\Program Files (x86)\Common Files\Adobe\CoreSyncExtension\CoreSync_x64.dll [2023-12-04] (Adobe Inc. -> )
ContextMenuHandlers1: [AccExt] -> {2A118EB5-5797-4F5E-8B3D-F4ECBA3C98E4} => C:\Program Files (x86)\Common Files\Adobe\CoreSyncExtension\CoreSync_x64.dll [2023-12-04] (Adobe Inc. -> )
ContextMenuHandlers1: [Adobe.Acrobat.ContextMenu] -> {A6595CD1-BF77-430A-A452-18696685F7C7} => C:\Program Files\Adobe\Acrobat DC\Acrobat Elements\ContextMenuShim64.dll [2025-09-07] (Adobe Inc. -> Adobe Systems Inc.)
ContextMenuHandlers1: [EzCd] -> {E46D6DC6-9707-43a9-BDBB-0BDBDD096F90} => C:\Program Files\EZ CD Audio Converter\ezcd64.dll [2022-09-23] (Poikosoft -> Poikosoft)
ContextMenuHandlers1: [Mp3tagShell] -> {6351E20C-35FA-4BE3-98FB-4CABF1363E12} => C:\Program Files\Mp3tag\Mp3tagShell64.dll [2025-08-18] (Florian Heidenreich -> Florian Heidenreich)
ContextMenuHandlers1: [WinRAR] -> {B41DB860-64E4-11D2-9906-E49FADC173CA} => C:\Program Files\WinRAR\rarext.dll [2023-01-17] (win.rar GmbH -> Alexander Roshal)
ContextMenuHandlers1-x32: [WinRAR32] -> {B41DB860-8EE4-11D2-9906-E49FADC173CA} => C:\Program Files\WinRAR\rarext32.dll [2023-01-17] (win.rar GmbH -> Alexander Roshal)
ContextMenuHandlers2: [Mp3tagShell] -> {6351E20C-35FA-4BE3-98FB-4CABF1363E12} => C:\Program Files\Mp3tag\Mp3tagShell64.dll [2025-08-18] (Florian Heidenreich -> Florian Heidenreich)
ContextMenuHandlers4: [EzCd] -> {E46D6DC6-9707-43a9-BDBB-0BDBDD096F90} => C:\Program Files\EZ CD Audio Converter\ezcd64.dll [2022-09-23] (Poikosoft -> Poikosoft)
ContextMenuHandlers4: [Mp3tagShell] -> {6351E20C-35FA-4BE3-98FB-4CABF1363E12} => C:\Program Files\Mp3tag\Mp3tagShell64.dll [2025-08-18] (Florian Heidenreich -> Florian Heidenreich)
ContextMenuHandlers5: [igfxDTCM] -> {9B5F5829-A529-4B12-814A-E81BCB8D93FC} => C:\Windows\System32\DriverStore\FileRepository\igdlh64.inf_amd64_d44295a98a21a376\igfxDTCM.dll [2017-06-22] (Microsoft Windows Hardware Compatibility Publisher -> Intel Corporation)
ContextMenuHandlers6: [AccExt] -> {2A118EB5-5797-4F5E-8B3D-F4ECBA3C98E4} => C:\Program Files (x86)\Common Files\Adobe\CoreSyncExtension\CoreSync_x64.dll [2023-12-04] (Adobe Inc. -> )
ContextMenuHandlers6: [WinRAR] -> {B41DB860-64E4-11D2-9906-E49FADC173CA} => C:\Program Files\WinRAR\rarext.dll [2023-01-17] (win.rar GmbH -> Alexander Roshal)
ContextMenuHandlers6-x32: [WinRAR32] -> {B41DB860-8EE4-11D2-9906-E49FADC173CA} => C:\Program Files\WinRAR\rarext32.dll [2023-01-17] (win.rar GmbH -> Alexander Roshal)

==================== Codecs (Whitelisted) ====================

==================== Shortcuts & WMI ========================

(The entries could be listed to be restored or removed.)

Shortcut: C:\Users\Admin\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Silverjuke\Silverjuke on the web.lnk -> hxxp://www.silverjuke.net%C:\Program Files (x86)\Silverjuke\vi

==================== Loaded Modules (Whitelisted) =============

2025-06-20 11:09 - 2005-04-22 06:36 - 000143360 _____ () [File not signed] C:\Windows\system32\BrSNMP64.dll
2025-06-20 11:09 - 2013-01-07 02:53 - 000087040 _____ (Brother Industries, Ltd.) [File not signed] C:\Windows\system32\BrNetSti.dll

==================== Alternate Data Streams (Whitelisted) ========

(If an entry is included in the fixlist, only the ADS will be removed.)

AlternateDataStreams: C:\ProgramData\TEMP:8934AEBA [138]

==================== Safe Mode (Whitelisted) ==================

==================== Association (Whitelisted) =================

==================== Internet Explorer (Whitelisted) =============

BHO: Skype for Business Browser Helper -> {31D09BA0-12F5-4CCE-BE8A-2923E76605DA} -> C:\Program Files\Microsoft Office\Office16\OCHelper.dll [2015-07-31] (Microsoft Corporation -> Microsoft Corporation)
BHO: Microsoft OneDrive for Business Browser Helper -> {D0498E0A-45B7-42AE-A9AA-ABA463DBD3BF} -> C:\Program Files\Microsoft Office\Office16\GROOVEEX.DLL [2015-07-31] (Microsoft Corporation -> Microsoft Corporation)
BHO-x32: Skype for Business Browser Helper -> {31D09BA0-12F5-4CCE-BE8A-2923E76605DA} -> C:\Program Files (x86)\Microsoft Office\Office16\OCHelper.dll [2015-07-31] (Microsoft Corporation -> Microsoft Corporation)
BHO-x32: Microsoft OneDrive for Business Browser Helper -> {D0498E0A-45B7-42AE-A9AA-ABA463DBD3BF} -> C:\Program Files (x86)\Microsoft Office\Office16\GROOVEEX.DLL [2015-07-31] (Microsoft Corporation -> Microsoft Corporation)
Handler: mso-minsb.16 - {3459B272-CC19-4448-86C9-DDC3B4B2FAD3} - C:\Program Files\Microsoft Office\Office16\MSOSB.DLL [2015-07-31] (Microsoft Corporation -> Microsoft Corporation)
Handler-x32: mso-minsb.16 - {3459B272-CC19-4448-86C9-DDC3B4B2FAD3} - C:\Program Files (x86)\Microsoft Office\Office16\MSOSB.DLL [2015-07-31] (Microsoft Corporation -> Microsoft Corporation)
Handler: osf.16 - {5504BE45-A83B-4808-900A-3A5C36E7F77A} - C:\Program Files\Microsoft Office\Office16\MSOSB.DLL [2015-07-31] (Microsoft Corporation -> Microsoft Corporation)
Handler-x32: osf.16 - {5504BE45-A83B-4808-900A-3A5C36E7F77A} - C:\Program Files (x86)\Microsoft Office\Office16\MSOSB.DLL [2015-07-31] (Microsoft Corporation -> Microsoft Corporation)

==================== Hosts content: =========================

(If needed Hosts: directive could be included in the fixlist to reset Hosts.)

2019-12-07 11:14 - 2024-11-20 11:31 - 000000027 _____ C:\Windows\system32\drivers\etc\hosts
127.0.0.1 localhost

==================== Network ===========================

(Currently there is no automatic fix for this section.)

DNS Servers: 192.168.0.1
Windows Firewall is enabled.

Network Binding:
=============
Ethernet: Intel(R) Ethernet Connection (5) I219-LM -> e1d68x64.sys
Wi-Fi: Intel(R) Dual Band Wireless-AC 8265 -> Netwtw06.sys

==================== Other Areas ===========================

(Currently there is no automatic fix for this section.)

HKU\S-1-5-21-3260051251-3003698751-2184876508-1001\Control Panel\Desktop\\Wallpaper -> c:\windows\web\wallpaper\windows\img0.jpg
HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Policies\System => (ConsentPromptBehaviorAdmin: 5) (ConsentPromptBehaviorUser: 3) (EnableLUA: 1)
HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer => (SmartScreenEnabled: Warn)
HKLM\SOFTWARE\Microsoft\Windows Defender\Features => (TamperProtection: 5) (TamperProtectionSource: 2)
HKLM\SOFTWARE\Microsoft\Windows Defender\Real-Time Protection => (DpaDisabled: 0)


==================== MSCONFIG/TASK MANAGER disabled items ==

(If an entry is included in the fixlist, it will be removed.)

HKLM\...\StartupApproved\Run: => "AdobeAAMUpdater-1.0"
HKLM\...\StartupApproved\Run: => "AdobeGCInvoker-1.0"
HKLM\...\StartupApproved\Run: => "RtHDVBg_Dolby"
HKLM\...\StartupApproved\Run: => "RtsCM"
HKLM\...\StartupApproved\Run: => "Logitech Download Assistant"
HKLM\...\StartupApproved\Run: => "RTHDVCPL"
HKLM\...\StartupApproved\Run32: => "Adobe CCXProcess"
HKLM\...\StartupApproved\Run32: => "Wondershare Helper Compact.exe"
HKLM\...\StartupApproved\Run32: => "BrHelp"
HKLM\...\StartupApproved\Run32: => "ControlCenter4"
HKLM\...\StartupApproved\Run32: => "BrStsMon00"
HKU\S-1-5-21-3260051251-3003698751-2184876508-1001\...\StartupApproved\Run: => "MicrosoftEdgeAutoLaunch_5EFC0ECB77A7585FE9DCDD0B2E946A2B"
HKU\S-1-5-21-3260051251-3003698751-2184876508-1001\...\StartupApproved\Run: => "Microsoft Edge Update"
HKU\S-1-5-21-3260051251-3003698751-2184876508-1001\...\StartupApproved\Run: => "OneDrive"

==================== FirewallRules (Whitelisted) ================

(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)

FirewallRules: [{C7FB50D1-BC78-4825-88D4-3E09FA63E69F}] => (Allow) C:\Program Files\Mozilla Firefox\firefox.exe (Mozilla Corporation -> Mozilla Corporation)
FirewallRules: [{A6E10C3A-A21B-408F-9C8F-1B69042A1EC0}] => (Allow) C:\Program Files\Mozilla Firefox\firefox.exe (Mozilla Corporation -> Mozilla Corporation)
FirewallRules: [{540B133E-829B-4D85-BAEE-5BC28B52D6D6}] => (Allow) C:\Program Files\Microsoft Office\Office16\lync.exe (Microsoft Corporation -> Microsoft Corporation)
FirewallRules: [{62D4249A-6E78-4F84-9004-21FAE461849E}] => (Allow) C:\Program Files\Microsoft Office\Office16\lync.exe (Microsoft Corporation -> Microsoft Corporation)
FirewallRules: [{FF74FB05-0D42-45B3-A267-CD31C1F97F82}] => (Allow) C:\Program Files\Microsoft Office\Office16\UcMapi.exe (Microsoft Corporation -> Microsoft Corporation)
FirewallRules: [{6FB41EE1-8A74-499A-8265-73ABDB6EC6DC}] => (Allow) C:\Program Files\Microsoft Office\Office16\UcMapi.exe (Microsoft Corporation -> Microsoft Corporation)
FirewallRules: [{6E0C8B92-196C-4E04-B5A2-2CC4897A2AFB}] => (Block) C:\Program Files\Adobe\Adobe Photoshop 2024\Photoshop.exe (Adobe Inc. -> Adobe) [File not signed]
FirewallRules: [{DB04B26E-B4DE-495E-B254-F5396EEB2C7F}] => (Block) C:\Program Files\Adobe\Adobe Photoshop 2024\Photoshop.exe (Adobe Inc. -> Adobe) [File not signed]
FirewallRules: [TCP Query User{0C3CA86C-FB5C-41D6-8BE5-9E2C01E5A1F0}C:\users\admin\appdata\local\tidal\app-2.36.2\tidal.exe] => (Allow) C:\users\admin\appdata\local\tidal\app-2.36.2\tidal.exe (TIDAL Music AS -> TIDAL Music AS)
FirewallRules: [UDP Query User{0EC0C7DD-376C-499B-865D-FD3569A107F7}C:\users\admin\appdata\local\tidal\app-2.36.2\tidal.exe] => (Allow) C:\users\admin\appdata\local\tidal\app-2.36.2\tidal.exe (TIDAL Music AS -> TIDAL Music AS)
FirewallRules: [{615ABAB5-389E-4E92-B1EC-9DE0321A0E74}] => (Block) C:\Program Files\Adobe\Adobe Audition 2023\Adobe Audition.exe (Adobe Inc. -> Adobe)
FirewallRules: [{614A2360-1566-428E-AFBC-656D47A9EDB2}] => (Block) C:\Program Files\Adobe\Adobe Audition 2023\Adobe Audition.exe (Adobe Inc. -> Adobe)
FirewallRules: [{F1E80103-3E86-4AE2-83B6-6F2CAD12FE78}] => (Block) C:\Program Files\Adobe\Adobe Audition 2023\AdobeCrashReport.exe (Adobe Inc. -> Adobe)
FirewallRules: [{85739B14-C9B9-4B42-A9F6-5F146381920D}] => (Block) C:\Program Files\Adobe\Adobe Audition 2023\AdobeCrashReport.exe (Adobe Inc. -> Adobe)
FirewallRules: [{F40957CA-C45C-4EA9-82D1-69F4C6AE7DD2}] => (Block) C:\Program Files\Adobe\Adobe Creative Cloud Experience\CCXProcess.exe (Adobe Inc. -> Adobe Inc.)
FirewallRules: [{A36C7630-3F11-4D8B-A669-F45A93CC2AA4}] => (Block) C:\Program Files\Adobe\Adobe Creative Cloud Experience\CCXProcess.exe (Adobe Inc. -> Adobe Inc.)
FirewallRules: [TCP Query User{28A5E507-0A58-4EC5-ADA7-B73D962F9A6A}C:\program files\mozilla firefox\firefox.exe] => (Block) C:\program files\mozilla firefox\firefox.exe (Mozilla Corporation -> Mozilla Corporation)
FirewallRules: [UDP Query User{61B900CC-DBF2-4937-9E07-DCF1372A7801}C:\program files\mozilla firefox\firefox.exe] => (Block) C:\program files\mozilla firefox\firefox.exe (Mozilla Corporation -> Mozilla Corporation)
FirewallRules: [{0FB55194-E415-43DF-87E8-978B391A44F1}] => (Block) C:\Program Files\Adobe\Adobe Illustrator 2021\Support Files\Contents\Windows\Illustrator.exe (Adobe Inc. -> Adobe Inc.) [File not signed]
FirewallRules: [{856D172B-A223-40CC-A00C-2C07400B36E7}] => (Block) C:\Program Files\Adobe\Adobe Illustrator 2021\Support Files\Contents\Windows\Illustrator.exe (Adobe Inc. -> Adobe Inc.) [File not signed]
FirewallRules: [{AFB8E45A-BD81-46C9-A75E-3DCC9C8F9FEA}] => (Block) C:\Program Files\Adobe\Adobe Illustrator 2021\Support Files\Contents\Windows\AIRobin.exe (Adobe Inc. -> Adobe Inc.)
FirewallRules: [{A664574D-962A-4465-AA2D-04AE4F9CE4F3}] => (Block) C:\Program Files\Adobe\Adobe Illustrator 2021\Support Files\Contents\Windows\AIRobin.exe (Adobe Inc. -> Adobe Inc.)
FirewallRules: [{94B394EC-6572-474E-8591-C002F66F9A69}] => (Allow) C:\Program Files (x86)\Brother\Brmfl13c\FAXRX.EXE (Brother Industries, Ltd.) [File not signed]
FirewallRules: [{D4DD0422-BD0A-40FF-933B-E5EAFD864213}] => (Allow) LPort=54925
FirewallRules: [TCP Query User{134A117D-F910-467F-BBE8-16419B3DBA53}C:\program files (x86)\silverjuke\silverjuke.exe] => (Block) C:\program files (x86)\silverjuke\silverjuke.exe (Björn Petersen Software Design and Development) [File not signed]
FirewallRules: [UDP Query User{654D3EC8-D003-47CE-818E-9506B2B61E10}C:\program files (x86)\silverjuke\silverjuke.exe] => (Block) C:\program files (x86)\silverjuke\silverjuke.exe (Björn Petersen Software Design and Development) [File not signed]
FirewallRules: [{4C05636F-9BEB-4C9D-A5D2-F692F3C0A4A9}] => (Allow) C:\Program Files\Google\Chrome\Application\chrome.exe (Google LLC -> Google LLC)
FirewallRules: [{F4B0491B-6FE5-4D62-8A86-C627A58D5FC6}] => (Allow) C:\Program Files\WindowsApps\SpotifyAB.SpotifyMusic_1.274.477.0_x64__zpdnekdrzrea0\Spotify.exe (453637B3-4E12-4CDF-B0D3-2A3C863BF6EF -> Spotify Ltd)
FirewallRules: [{EABE6C08-2F72-44F3-B63D-98549E4C05D6}] => (Allow) C:\Program Files\WindowsApps\SpotifyAB.SpotifyMusic_1.274.477.0_x64__zpdnekdrzrea0\Spotify.exe (453637B3-4E12-4CDF-B0D3-2A3C863BF6EF -> Spotify Ltd)
FirewallRules: [{ABCE577C-4209-4E1E-AA8C-48CE17DEDBA4}] => (Allow) C:\Program Files\WindowsApps\SpotifyAB.SpotifyMusic_1.274.477.0_x64__zpdnekdrzrea0\Spotify.exe (453637B3-4E12-4CDF-B0D3-2A3C863BF6EF -> Spotify Ltd)
FirewallRules: [{52938F72-B0B1-4D61-BEE9-A35348BA0F14}] => (Allow) C:\Program Files\WindowsApps\SpotifyAB.SpotifyMusic_1.274.477.0_x64__zpdnekdrzrea0\Spotify.exe (453637B3-4E12-4CDF-B0D3-2A3C863BF6EF -> Spotify Ltd)
FirewallRules: [{048C098D-0526-4359-A877-8D59494FDD68}] => (Allow) C:\Program Files\WindowsApps\SpotifyAB.SpotifyMusic_1.274.477.0_x64__zpdnekdrzrea0\Spotify.exe (453637B3-4E12-4CDF-B0D3-2A3C863BF6EF -> Spotify Ltd)
FirewallRules: [{5270EF0E-1B87-4E50-A35A-20929358872C}] => (Allow) C:\Program Files\WindowsApps\SpotifyAB.SpotifyMusic_1.274.477.0_x64__zpdnekdrzrea0\Spotify.exe (453637B3-4E12-4CDF-B0D3-2A3C863BF6EF -> Spotify Ltd)
FirewallRules: [{AB3C9627-81F1-4717-8F56-5D06551657E7}] => (Allow) C:\Program Files\WindowsApps\SpotifyAB.SpotifyMusic_1.274.477.0_x64__zpdnekdrzrea0\Spotify.exe (453637B3-4E12-4CDF-B0D3-2A3C863BF6EF -> Spotify Ltd)
FirewallRules: [{BADCD3B2-1DA9-4B05-9184-BFDA5400419E}] => (Allow) C:\Program Files\WindowsApps\SpotifyAB.SpotifyMusic_1.274.477.0_x64__zpdnekdrzrea0\Spotify.exe (453637B3-4E12-4CDF-B0D3-2A3C863BF6EF -> Spotify Ltd)
FirewallRules: [{8B715C0E-0D79-4587-B480-C0CDBD5C2498}] => (Allow) C:\Program Files\WindowsApps\SpotifyAB.SpotifyMusic_1.274.477.0_x64__zpdnekdrzrea0\Spotify.exe (453637B3-4E12-4CDF-B0D3-2A3C863BF6EF -> Spotify Ltd)
FirewallRules: [{AD315674-AE3A-43DC-BE3A-1553E2A7EB99}] => (Allow) C:\Program Files\WindowsApps\SpotifyAB.SpotifyMusic_1.274.477.0_x64__zpdnekdrzrea0\Spotify.exe (453637B3-4E12-4CDF-B0D3-2A3C863BF6EF -> Spotify Ltd)
FirewallRules: [{7864BF21-9D65-43A8-A8D5-69762B19CA20}] => (Allow) C:\Program Files\WindowsApps\SpotifyAB.SpotifyMusic_1.274.477.0_x64__zpdnekdrzrea0\SpotifyLauncher.exe (453637B3-4E12-4CDF-B0D3-2A3C863BF6EF -> Spotify Ltd)
FirewallRules: [{4A95CF09-07E8-41B8-A983-324FC247B7E1}] => (Allow) C:\Program Files\WindowsApps\SpotifyAB.SpotifyMusic_1.274.477.0_x64__zpdnekdrzrea0\SpotifyLauncher.exe (453637B3-4E12-4CDF-B0D3-2A3C863BF6EF -> Spotify Ltd)
FirewallRules: [{76394BC6-8669-492F-8754-48AC0B019F45}] => (Allow) C:\Program Files\WindowsApps\SpotifyAB.SpotifyMusic_1.274.477.0_x64__zpdnekdrzrea0\SpotifyLauncher.exe (453637B3-4E12-4CDF-B0D3-2A3C863BF6EF -> Spotify Ltd)

==================== Restore Points =========================

27-09-2025 17:31:13 Naplánovaný kontrolní bod
06-10-2025 17:30:57 Naplánovaný kontrolní bod
14-10-2025 08:11:59 Instalační služba modulů systému Windows

==================== Faulty Device Manager Devices ============

==================== Event log errors: ========================

Application errors:
==================
Error: (10/15/2025 08:10:51 AM) (Source: Microsoft-Windows-Defrag) (EventID: 264) (User: )
Description: Optimalizátor úložiště nemohl dokončit opakovat operaci trim na darkane (X:), protože: Požadovaná operace není podporována hardwarem, který zálohuje svazek. (0x8900002A)

Error: (10/14/2025 03:59:37 PM) (Source: Application Hang) (EventID: 1002) (User: )
Description: Program foobar2000.exe verze 1.4.4.0 přestal spolupracovat s Windows a byl ukončen. Pokud chcete zjistit, jestli je k dispozici více informací o tomto problému, vyhledejte historii problému na ovládacím panelu Zabezpečení a údržba.

ID procesu: 2a84

Čas spuštění: 01dc3d0d3794af8b

Čas ukončení: 13

Cesta k aplikaci: X:\TECHDAT\jukebox\Program File HDD\foobar2000\foobar2000.exe

ID hlášení: ffe56170-ae78-4676-a11b-4ab8c737c068

Úplný název balíčku s chybou:

ID aplikace relativní podle balíčku s chybou:

Typ zablokování: Unknown

Error: (10/08/2025 07:17:06 PM) (Source: Microsoft-Windows-Defrag) (EventID: 264) (User: )
Description: Optimalizátor úložiště nemohl dokončit opakovat operaci trim na darkane (X:), protože: Požadovaná operace není podporována hardwarem, který zálohuje svazek. (0x8900002A)

Error: (10/01/2025 08:00:35 AM) (Source: Microsoft-Windows-Defrag) (EventID: 264) (User: )
Description: Optimalizátor úložiště nemohl dokončit opakovat operaci trim na darkane (X:), protože: Požadovaná operace není podporována hardwarem, který zálohuje svazek. (0x8900002A)

Error: (09/24/2025 06:25:47 PM) (Source: Application Hang) (EventID: 1002) (User: )
Description: Program EXCEL.EXE verze 16.0.4266.1001 přestal spolupracovat s Windows a byl ukončen. Pokud chcete zjistit, jestli je k dispozici více informací o tomto problému, vyhledejte historii problému na ovládacím panelu Zabezpečení a údržba.

ID procesu: 2d34

Čas spuštění: 01dc2d6fcb026580

Čas ukončení: 16

Cesta k aplikaci: C:\Program Files\Microsoft Office\Office16\EXCEL.EXE

ID hlášení: b22a9f84-11f6-40a2-935f-60b10452ae55

Úplný název balíčku s chybou:

ID aplikace relativní podle balíčku s chybou:

Typ zablokování: Unknown

Error: (09/24/2025 08:37:18 AM) (Source: Microsoft-Windows-Defrag) (EventID: 264) (User: )
Description: Optimalizátor úložiště nemohl dokončit opakovat operaci trim na darkane (X:), protože: Požadovaná operace není podporována hardwarem, který zálohuje svazek. (0x8900002A)

Error: (09/23/2025 07:57:56 AM) (Source: Application Error) (EventID: 1000) (User: )
Description: Název chybující aplikace: AdobeCollabSync.exe, verze: 25.1.20693.0, časové razítko: 0x68bdf30f
Název chybujícího modulu: ucrtbase.dll, verze: 10.0.19041.3636, časové razítko: 0x81cf5d89
Kód výjimky: 0xc0000409
Posun chyby: 0x000000000007286e
ID chybujícího procesu: 0x1a74
Čas spuštění chybující aplikace: 0x01dc2c4f01b87a76
Cesta k chybující aplikaci: C:\Program Files\Adobe\Acrobat DC\Acrobat\AdobeCollabSync.exe
Cesta k chybujícímu modulu: C:\Windows\System32\ucrtbase.dll
ID zprávy: 5547249e-ed08-49c8-b615-6980986d9f12
Úplný název chybujícího balíčku:
ID aplikace související s chybujícím balíčkem:

Error: (09/19/2025 08:13:25 PM) (Source: Application Error) (EventID: 1000) (User: )
Description: Název chybující aplikace: svchost.exe_FrameServer, verze: 10.0.19041.5794, časové razítko: 0x11bd0919
Název chybujícího modulu: RsProvider.dll, verze: 1.12.0.0, časové razítko: 0x55819a12
Kód výjimky: 0xc0000005
Posun chyby: 0x0000000000024bda
ID chybujícího procesu: 0x5dc
Čas spuštění chybující aplikace: 0x01dc299108c887f7
Cesta k chybující aplikaci: C:\Windows\System32\svchost.exe
Cesta k chybujícímu modulu: C:\Analog\Providers\RsProvider.dll
ID zprávy: 9be332ac-2839-4580-9329-f169edb8c291
Úplný název chybujícího balíčku:
ID aplikace související s chybujícím balíčkem:


System errors:
=============
Error: (10/16/2025 02:06:05 PM) (Source: Service Control Manager) (EventID: 7000) (User: )
Description: Služba AGSService neuspěla při spuštění v důsledku následující chyby:
Systém nemůže nalézt uvedený soubor.

Error: (10/16/2025 02:06:04 PM) (Source: EventLog) (EventID: 6008) (User: )
Description: Předchozí vypnutí systému (13:56:35, ‎16.‎10.‎2025) bylo neočekávané.

Error: (10/15/2025 01:19:09 PM) (Source: Service Control Manager) (EventID: 7000) (User: )
Description: Služba AGSService neuspěla při spuštění v důsledku následující chyby:
Systém nemůže nalézt uvedený soubor.

Error: (10/15/2025 01:19:08 PM) (Source: EventLog) (EventID: 6008) (User: )
Description: Předchozí vypnutí systému (12:39:46, ‎15.‎10.‎2025) bylo neočekávané.

Error: (10/14/2025 09:47:21 PM) (Source: DCOM) (EventID: 10010) (User: SUBOTNIKOVA)
Description: Server Microsoft.Windows.ContentDeliveryManager_10.0.19041.4239_neutral_neutral_cw5n1h2txyewy!App.AppXwdz8g2fxr36xz0tdtagygnvemf85s7gg.mca se v daném časovém limitu neregistroval u služby DCOM.

Error: (10/14/2025 12:47:53 PM) (Source: Service Control Manager) (EventID: 7000) (User: )
Description: Služba AGSService neuspěla při spuštění v důsledku následující chyby:
Systém nemůže nalézt uvedený soubor.

Error: (10/14/2025 08:40:16 AM) (Source: Service Control Manager) (EventID: 7000) (User: )
Description: Služba AGSService neuspěla při spuštění v důsledku následující chyby:
Systém nemůže nalézt uvedený soubor.

Error: (10/11/2025 10:34:55 PM) (Source: DCOM) (EventID: 10010) (User: SUBOTNIKOVA)
Description: Server Microsoft.Windows.ContentDeliveryManager_10.0.19041.4239_neutral_neutral_cw5n1h2txyewy!App.AppXwdz8g2fxr36xz0tdtagygnvemf85s7gg.mca se v daném časovém limitu neregistroval u služby DCOM.


Windows Defender:
================
Date: 2025-10-16 16:27:15
Description:
Antivirová ochrana v programu Microsoft Defender šĉàŋ ђåŝ ъėëп şţǿрρєđ ъεƒõŕė ςόмφℓеŧιοл.%ñ %ŧЅċǻⁿ ĨĎ:%ъ{A8E89D79-AAF3-402C-8CF5-358D2E7308C2}%и %ţŠ¢åή Ŧγρэ:%ьAntimalwarový program%ñ %τŜčдⁿ Рâŕǻмет℮гş:%ъRychlé prohledávání%л %тŮŝέя:%ъSUBOTNIKOVA\Admin%ⁿ %ţŞťορ Ŗèǻśõп:%вΑвοѓŧ℮ď ъγ τħë ĉĺіэпŧ

Date: 2025-10-16 13:14:09
Description:
Antivirová ochrana v programu Microsoft Defender šĉàŋ ђåŝ ъėëп şţǿрρєđ ъεƒõŕė ςόмφℓеŧιοл.%ñ %ŧЅċǻⁿ ĨĎ:%ъ{215F9645-ED1B-4AA1-84FB-4D176A6866F7}%и %ţŠ¢åή Ŧγρэ:%ьAntimalwarový program%ñ %τŜčдⁿ Рâŕǻмет℮гş:%ъRychlé prohledávání%л %тŮŝέя:%ъNT AUTHORITY\SYSTEM%ⁿ %ţŞťορ Ŗèǻśõп:%вЯΡĊ ¢óņпęçτϊõп гůńđоẁπ

Date: 2025-10-15 12:16:15
Description:
Antivirová ochrana v programu Microsoft Defender šĉàŋ ђåŝ ъėëп şţǿрρєđ ъεƒõŕė ςόмφℓеŧιοл.%ñ %ŧЅċǻⁿ ĨĎ:%ъ{BCE0B349-BBE2-48C2-B995-BFB5C554C9B6}%и %ţŠ¢åή Ŧγρэ:%ьAntimalwarový program%ñ %τŜčдⁿ Рâŕǻмет℮гş:%ъRychlé prohledávání%л %тŮŝέя:%ъNT AUTHORITY\SYSTEM%ⁿ %ţŞťορ Ŗèǻśõп:%вЯΡĊ ¢óņпęçτϊõп гůńđоẁπ

Date: 2025-10-13 12:20:00
Description:
Antivirová ochrana v programu Microsoft Defender šĉàŋ ђåŝ ъėëп şţǿрρєđ ъεƒõŕė ςόмφℓеŧιοл.%ñ %ŧЅċǻⁿ ĨĎ:%ъ{9AC7B08F-ADBB-437D-A66A-02B56DCA9341}%и %ţŠ¢åή Ŧγρэ:%ьAntimalwarový program%ñ %τŜčдⁿ Рâŕǻмет℮гş:%ъRychlé prohledávání%л %тŮŝέя:%ъNT AUTHORITY\SYSTEM%ⁿ %ţŞťορ Ŗèǻśõп:%вŠĉђэδџŀêđ śĉąŋ щªѕ ŝќïрρęđ ъęćâџŝĕ ţħĕ ℓάšť ѕµ¢¢ëšśƒùļ ѕсǻπ ẃāš ẅīтђĭń τћз ļàśť 7 δαýŝ

Date: 2025-10-12 12:47:16
Description:
Antivirová ochrana v programu Microsoft Defender šĉàŋ ђåŝ ъėëп şţǿрρєđ ъεƒõŕė ςόмφℓеŧιοл.%ñ %ŧЅċǻⁿ ĨĎ:%ъ{048EEDD6-8658-4300-927C-D29316B55CAC}%и %ţŠ¢åή Ŧγρэ:%ьAntimalwarový program%ñ %τŜčдⁿ Рâŕǻмет℮гş:%ъRychlé prohledávání%л %тŮŝέя:%ъNT AUTHORITY\SYSTEM%ⁿ %ţŞťορ Ŗèǻśõп:%вŠĉђэδџŀêđ śĉąŋ щªѕ ŝќïрρęđ ъęćâџŝĕ ţħĕ ℓάšť ѕµ¢¢ëšśƒùļ ѕсǻπ ẃāš ẅīтђĭń τћз ļàśť 7 δαýŝ
Event[0]:

Date: 2025-06-05 08:00:28
Description:
Antivirová ochrana v programu Microsoft Defender narazil na chybu při pokusu o aktualizaci bezpečnostních informací.
Nová verze bezpečnostních informací:
Předchozí verze bezpečnostních informací: 1.429.327.0
Zdroj aktualizace: Server Microsoft Update
Typ bezpečnostních informací: Antivirový program
Typ aktualizace: Úplné
Uživatel: NT AUTHORITY\SYSTEM
Aktuální verze modulu:
Předchozí verze modulu: 1.1.25040.1
Kód chyby: 0x8024402c
Popis chyby: Při zjišťování aktualizací došlo k neočekávaným potížím. Informace o instalaci nebo řešení potíží s aktualizacemi naleznete v nápovědě a podpoře.

Date: 2025-04-23 09:24:00
Description:
Microsoft Defender Antivirus narazil na chybu při pokusu o aktualizaci bezpečnostních informací.
Nová verze bezpečnostních informací:
Předchozí verze bezpečnostních informací: 1.427.361.0
Zdroj aktualizace: Microsoft Update Server
Typ bezpečnostních informací: AntiVirus
Typ aktualizace: Full
Uživatel: NT AUTHORITY\SYSTEM
Aktuální verze modulu:
Předchozí verze modulu: 1.1.25030.1
Kód chyby: 0x8024402c
Popis chyby: An unexpected problem occurred while checking for updates. For information on installing or troubleshooting updates, see Help and Support.

CodeIntegrity:
===============
Date: 2025-04-01 07:52:40
Description:
Code Integrity determined that a process (\Device\HarddiskVolume3\ProgramData\Microsoft\Windows Defender\Platform\4.18.25010.11-0\MsMpEng.exe) attempted to load \Device\HarddiskVolume3\Windows\System32\DriverStore\FileRepository\igdlh64.inf_amd64_d44295a98a21a376\igd10iumd64.dll that did not meet the Custom 3 / Antimalware signing level requirements.


==================== Memory info ===========================

BIOS: LENOVO M1BKT39A 06/21/2018
Motherboard: LENOVO 3110
Processor: Intel(R) Core(TM) i5-7500 CPU @ 3.40GHz
Percentage of memory in use: 53%
Total physical RAM: 8085.54 MB
Available physical RAM: 3744.67 MB
Total Virtual: 9365.54 MB
Available Virtual: 4998.01 MB

==================== Drives ================================

Drive c: () (Fixed) (Total:237.85 GB) (Free:33.35 GB) (Model: SAMSUNG MZVLB256HAHQ-000L7) NTFS

\\?\Volume{8144f54e-3bbb-42c6-83fd-da2c9438b167}\ () (Fixed) (Total:0.51 GB) (Free:0.08 GB) NTFS
\\?\Volume{d2e7f574-4665-4502-9997-dfa479443cd8}\ () (Fixed) (Total:0.09 GB) (Free:0.07 GB) FAT32

==================== MBR & Partition Table ====================

==========================================================
Disk: 0 (Size: 238.5 GB) (Disk ID: 4596D9D7)

Partition: GPT.

==================== End of Addition.txt =======================

[Rudy]

Zdravím!
Spusťte nejprve tuto utilitu:

Ulozte na plochu AdwCleaner https://malwarebytes.com/adwcleaner/ nebo http://www.bleepingcomputer.com/download/adwcleaner/

ukoncete vsechny programy
odsouhlaste licencni podmiky (EULA) klikem na Souhlasim
kliknete pravym na ikonu AdwCleaneru a vyberte Spustit jako spravce (v pripade Win XP spustte obycejne dvojklikem)
kliknete na Skenovat nyni (Scan now), pote na Cisteni a opravy (Clean and Repair)
po restartu na Vas vyskoci log (pripadne jej najdete v C:\AdwCleaner\Logs\AdwCleaner[Cxx].txt), jehoz obsah zkopirujte do pristi odpovedi

[darkane]

# -------------------------------
# Malwarebytes AdwCleaner 8.6.0.613
# -------------------------------
# Build: 08-19-2025
# Database: 2025-08-19.3 (Cloud)
# Support: https://www.malwarebytes.com/support
#
# -------------------------------
# Mode: Clean
# -------------------------------
# Start: 10-16-2025
# Duration: 00:00:00
# OS: Windows 10 (Build 19045.6396)
# Cleaned: 0
# Failed: 0


***** [ Services ] *****

No malicious services cleaned.

***** [ Folders ] *****

No malicious folders cleaned.

***** [ Files ] *****

No malicious files cleaned.

***** [ DLL ] *****

No malicious DLLs cleaned.

***** [ WMI ] *****

No malicious WMI cleaned.

***** [ Shortcuts ] *****

No malicious shortcuts cleaned.

***** [ Tasks ] *****

No malicious tasks cleaned.

***** [ Registry ] *****

No malicious registry entries cleaned.

***** [ Chromium (and derivatives) ] *****

No malicious Chromium entries cleaned.

***** [ Chromium URLs ] *****

No malicious Chromium URLs cleaned.

***** [ Firefox (and derivatives) ] *****

No malicious Firefox entries cleaned.

***** [ Firefox URLs ] *****

No malicious Firefox URLs cleaned.

***** [ Hosts File Entries ] *****

No malicious hosts file entries cleaned.

***** [ Preinstalled Software ] *****

No Preinstalled Software cleaned.


*************************

[+] Delete Tracing Keys
[+] Reset Winsock

*************************

AdwCleaner[S00].txt - [1422 octets] - [16/10/2025 17:33:24]
AdwCleaner[S01].txt - [1483 octets] - [16/10/2025 17:34:48]

########## EOF - C:\AdwCleaner\Logs\AdwCleaner[C01].txt ##########

[Rudy]

Toto je OK. Otevřte poznámkový blok a zkopírujte do něj:

Start

CloseProcesses:
FF Notifications: Mozilla\Firefox\Profiles\s82nlhr8.default-release-1720340111013 -> hxxps://www.blancheporte.cz; hxxps://csuange071bc738pvdcg.enhanceconnection.co.in; hxxps://csupkhu071bc739s22t0.enhanceconnection.co.in; hxxps://csuplv6071bc739s4n6g.enhanceprotocol.co.in; hxxps://csupmom071bc739s67b0.enhanceconnection.co.in; hxxps://84b7wjb8o9qv2g.enhanceconnection.co.in; hxxps://cvpbjq6071bc73ahmb0g.stabilizeconnection.co.in; hxxps://d3ofqlm071bc73824tb0.vynexbotshield.co.in
C:\DumpStack.log.tmp
CustomCLSID: HKU\S-1-5-21-3260051251-3003698751-2184876508-1001_Classes\CLSID\{1C67DF85-7959-43C0-92F8-2CAD0314C31C}\InprocServer32 -> C:\Users\Admin\AppData\Local\Microsoft\EdgeUpdate\1.3.201.11\psuser_64.dll => No File
CustomCLSID: HKU\S-1-5-21-3260051251-3003698751-2184876508-1001_Classes\CLSID\{41B09861-5409-4D44-8CA4-D49FBFAA2E6F}\InprocServer32 -> C:\Users\Admin\AppData\Local\Microsoft\EdgeUpdate\1.3.195.49\psuser_64.dll => No File
CustomCLSID: HKU\S-1-5-21-3260051251-3003698751-2184876508-1001_Classes\CLSID\{79F05C14-E714-4C12-9924-93C812894CB0}\InprocServer32 -> C:\Users\Admin\AppData\Local\Microsoft\EdgeUpdate\1.3.195.57\psuser_64.dll => No File
CustomCLSID: HKU\S-1-5-21-3260051251-3003698751-2184876508-1001_Classes\CLSID\{7EFB4924-4B93-4C43-9832-9C3D05E85214}\InprocServer32 -> C:\Users\Admin\AppData\Local\Microsoft\EdgeUpdate\1.3.195.59\psuser_64.dll => No File
CustomCLSID: HKU\S-1-5-21-3260051251-3003698751-2184876508-1001_Classes\CLSID\{C88B3957-621C-415B-8EE5-B688FC7EF924}\InprocServer32 -> C:\Users\Admin\AppData\Local\Microsoft\EdgeUpdate\1.3.195.61\psuser_64.dll => No File
CustomCLSID: HKU\S-1-5-21-3260051251-3003698751-2184876508-1001_Classes\CLSID\{D2188EEC-2B0F-488C-8ECA-5285E8ECD87D}\InprocServer32 -> C:\Users\Admin\AppData\Local\Microsoft\EdgeUpdate\1.3.195.69\psuser_64.dll => No File
CustomCLSID: HKU\S-1-5-21-3260051251-3003698751-2184876508-1001_Classes\CLSID\{D8599F80-3D26-46D2-8CF1-0AD21B0ECF31}\InprocServer32 -> C:\Users\Admin\AppData\Local\Microsoft\EdgeUpdate\1.3.195.65\psuser_64.dll => No File
CustomCLSID: HKU\S-1-5-21-3260051251-3003698751-2184876508-1001_Classes\CLSID\{ECCE2756-C45D-4E13-BC2D-EC9F138997E6}\InprocServer32 -> C:\Users\Admin\AppData\Local\Microsoft\EdgeUpdate\1.3.199.11\psuser_64.dll => No File
AlternateDataStreams: C:\ProgramData\TEMP:8934AEBA [138]

EmptyTemp:
End

Uložte na plochu jako fixlist.txt. Spusťte znovu FRST a klikněte na >Fix<. Po skončení akce se objeví log, který sem zkopírujte.

[darkane]

Fix result of Farbar Recovery Scan Tool (x64) Version: 11-10-2025
Ran by Admin (16-10-2025 17:59:49) Run:5
Running from C:\Users\Admin\Desktop
Loaded Profiles: Admin
Boot Mode: Normal
==============================================

fixlist content:
*****************
Start

CloseProcesses:
FF Notifications: Mozilla\Firefox\Profiles\s82nlhr8.default-release-1720340111013 -> hxxps://www.blancheporte.cz; hxxps://csuange071bc738pvdcg.enhanceconnection.co.in; hxxps://csupkhu071bc739s22t0.enhanceconnection.co.in; hxxps://csuplv6071bc739s4n6g.enhanceprotocol.co.in; hxxps://csupmom071bc739s67b0.enhanceconnection.co.in; hxxps://84b7wjb8o9qv2g.enhanceconnection.co.in; hxxps://cvpbjq6071bc73ahmb0g.stabilizeconnection.co.in; hxxps://d3ofqlm071bc73824tb0.vynexbotshield.co.in
C:\DumpStack.log.tmp
CustomCLSID: HKU\S-1-5-21-3260051251-3003698751-2184876508-1001_Classes\CLSID\{1C67DF85-7959-43C0-92F8-2CAD0314C31C}\InprocServer32 -> C:\Users\Admin\AppData\Local\Microsoft\EdgeUpdate\1.3.201.11\psuser_64.dll => No File
CustomCLSID: HKU\S-1-5-21-3260051251-3003698751-2184876508-1001_Classes\CLSID\{41B09861-5409-4D44-8CA4-D49FBFAA2E6F}\InprocServer32 -> C:\Users\Admin\AppData\Local\Microsoft\EdgeUpdate\1.3.195.49\psuser_64.dll => No File
CustomCLSID: HKU\S-1-5-21-3260051251-3003698751-2184876508-1001_Classes\CLSID\{79F05C14-E714-4C12-9924-93C812894CB0}\InprocServer32 -> C:\Users\Admin\AppData\Local\Microsoft\EdgeUpdate\1.3.195.57\psuser_64.dll => No File
CustomCLSID: HKU\S-1-5-21-3260051251-3003698751-2184876508-1001_Classes\CLSID\{7EFB4924-4B93-4C43-9832-9C3D05E85214}\InprocServer32 -> C:\Users\Admin\AppData\Local\Microsoft\EdgeUpdate\1.3.195.59\psuser_64.dll => No File
CustomCLSID: HKU\S-1-5-21-3260051251-3003698751-2184876508-1001_Classes\CLSID\{C88B3957-621C-415B-8EE5-B688FC7EF924}\InprocServer32 -> C:\Users\Admin\AppData\Local\Microsoft\EdgeUpdate\1.3.195.61\psuser_64.dll => No File
CustomCLSID: HKU\S-1-5-21-3260051251-3003698751-2184876508-1001_Classes\CLSID\{D2188EEC-2B0F-488C-8ECA-5285E8ECD87D}\InprocServer32 -> C:\Users\Admin\AppData\Local\Microsoft\EdgeUpdate\1.3.195.69\psuser_64.dll => No File
CustomCLSID: HKU\S-1-5-21-3260051251-3003698751-2184876508-1001_Classes\CLSID\{D8599F80-3D26-46D2-8CF1-0AD21B0ECF31}\InprocServer32 -> C:\Users\Admin\AppData\Local\Microsoft\EdgeUpdate\1.3.195.65\psuser_64.dll => No File
CustomCLSID: HKU\S-1-5-21-3260051251-3003698751-2184876508-1001_Classes\CLSID\{ECCE2756-C45D-4E13-BC2D-EC9F138997E6}\InprocServer32 -> C:\Users\Admin\AppData\Local\Microsoft\EdgeUpdate\1.3.199.11\psuser_64.dll => No File
AlternateDataStreams: C:\ProgramData\TEMP:8934AEBA [138]

EmptyTemp:
End
*****************

Processes closed successfully.
"FF Notifications:" => removed successfully
Could not move "C:\DumpStack.log.tmp" => Scheduled to move on reboot.
HKU\S-1-5-21-3260051251-3003698751-2184876508-1001_Classes\CLSID\{1C67DF85-7959-43C0-92F8-2CAD0314C31C} => removed successfully
HKU\S-1-5-21-3260051251-3003698751-2184876508-1001_Classes\CLSID\{41B09861-5409-4D44-8CA4-D49FBFAA2E6F} => removed successfully
HKU\S-1-5-21-3260051251-3003698751-2184876508-1001_Classes\CLSID\{79F05C14-E714-4C12-9924-93C812894CB0} => removed successfully
HKU\S-1-5-21-3260051251-3003698751-2184876508-1001_Classes\CLSID\{7EFB4924-4B93-4C43-9832-9C3D05E85214} => removed successfully
HKU\S-1-5-21-3260051251-3003698751-2184876508-1001_Classes\CLSID\{C88B3957-621C-415B-8EE5-B688FC7EF924} => removed successfully
HKU\S-1-5-21-3260051251-3003698751-2184876508-1001_Classes\CLSID\{D2188EEC-2B0F-488C-8ECA-5285E8ECD87D} => removed successfully
HKU\S-1-5-21-3260051251-3003698751-2184876508-1001_Classes\CLSID\{D8599F80-3D26-46D2-8CF1-0AD21B0ECF31} => removed successfully
HKU\S-1-5-21-3260051251-3003698751-2184876508-1001_Classes\CLSID\{ECCE2756-C45D-4E13-BC2D-EC9F138997E6} => removed successfully
C:\ProgramData\TEMP => ":8934AEBA" ADS removed successfully

=========== EmptyTemp: ==========

FlushDNS => completed
BITS transfer queue => 1572864 B
DOMStore, IE Recovery, AppCache, Feeds Cache, Thumbcache, IconCache => 1342326911 B
Java, Discord, Steam htmlcache, WinHttpAutoProxySvc/winhttp *.cache => 0 B
Windows/system/drivers => 35143237 B
Edge => 0 B
Chrome => 341362125 B
Firefox => 1694976256 B
Opera => 0 B

Temp, IE cache, history, cookies, recent:
Default => 0 B
ProgramData => 0 B
Public => 0 B
systemprofile => 87550718 B
systemprofile32 => 87550718 B
LocalService => 87550718 B
NetworkService => 87717510 B
Admin => 414385016 B

RecycleBin => 6307951 B
EmptyTemp: => 3.9 GB temporary data Removed.

================================

Result of scheduled files to move (Boot Mode: Normal) (Date&Time: 16-10-2025 18:10:36)

C:\DumpStack.log.tmp => Could not move

==== End of Fixlog 18:10:36 ====

[Rudy]

Smazáno. Nastala nějaká změna?

[darkane]

Vypadá to, že je vše v pořádku. Mockrát děkuji za pomoc.
Ještě otázečka dal by se tento fix použít, kdyby se mi to stalo znovu.
Ještě jednou děkuji

[Rudy]

Samozřejmě dal, ale musí tam být obsaženy autentické položky, které se budou v daném případě v PC vyskytovat. jinak řečeno - musí být sestaven zcela nový mazací skript. Skript je stále stejny (má stejné schéma, jen položky mohou být jiné). Nemáte zač!