Dobrý den, malware ujoGkYIfe přejmenoval všechny soubory v počítači (obnoveno ze zálohy onedrive), po nainstalování avastu jej avast hodil do karantény. Ale nevím co ještě jiného za havěť je v tomto počítači. Prosím o kontrolu. Moc Děkuji.
Scan result of Farbar Recovery Scan Tool (FRST) (x64) Version: 20-11-2025
Ran by hojda (administrator) on HOJDA (Dell Inc. OptiPlex 3000) (25-11-2025 08:31:36)
Running from C:\Users\MilošHojda\OneDrive - A.G.Service s.r.o\Plocha\FRST64.exe
Loaded Profiles: hojda
Platform: Microsoft Windows 11 Pro Version 24H2 26100.7171 (X64) Language: Angličtina (Spojené státy) -> Čeština (Česko)
Default browser: Edge
Boot Mode: Normal
==================== Processes (Whitelisted) =================
(If an entry is included in the fixlist, the process will be closed. The file will not be moved.)
(C:\Program Files\AVAST Software\Avast\AvastSvc.exe ->) (Gen Digital Inc. -> Gen Digital Inc.) C:\Program Files\AVAST Software\Avast\aswEngSrv.exe
(C:\Program Files\Dell\DTP\InstrumentationSubAgent\Dell.TechHub.Instrumentation.SubAgent.exe ->) (Dell Technologies Inc. -> Dell, Inc.) C:\Program Files\Dell\DTP\InstrumentationSubAgent\Dell.TechHub.Instrumentation.UserProcess.exe
(C:\Program Files\Dell\TechHub\Dell.TechHub.exe ->) (Dell Technologies Inc. -> ) C:\Program Files (x86)\Dell\UpdateService\DCF\Dell.Update.SubAgent.exe
(C:\Program Files\Dell\TechHub\Dell.TechHub.exe ->) (Dell Technologies Inc. -> ) C:\Program Files\Dell\DTP\DiagnosticsSubAgent\Dell.TechHub.Diagnostics.SubAgent.exe
(C:\Program Files\Dell\TechHub\Dell.TechHub.exe ->) (Dell Technologies Inc. -> Dell) C:\Program Files\Dell\Dell Remediation\Dell.Remediation.Agent.exe
(C:\Program Files\Dell\TechHub\Dell.TechHub.exe ->) (Dell Technologies Inc. -> Dell) C:\Program Files\Dell\TechHub\Dell.CoreServices.Client.exe
(C:\Program Files\Dell\TechHub\Dell.TechHub.exe ->) (Dell Technologies Inc. -> Dell, Inc.) C:\Program Files\Dell\DTP\AnalyticsSubAgent\Dell.TechHub.Analytics.SubAgent.exe
(C:\Program Files\Dell\TechHub\Dell.TechHub.exe ->) (Dell Technologies Inc. -> Dell, Inc.) C:\Program Files\Dell\DTP\DataManagerSubAgent\Dell.TechHub.DataManager.SubAgent.exe
(C:\Program Files\Dell\TechHub\Dell.TechHub.exe ->) (Dell Technologies Inc. -> Dell, Inc.) C:\Program Files\Dell\DTP\InstrumentationSubAgent\Dell.TechHub.Instrumentation.SubAgent.exe
(C:\Program Files\TeamViewer\TeamViewer_Service.exe ->) (TeamViewer Germany GmbH -> ) C:\Program Files\TeamViewer\crashpad_handler.exe <2>
(C:\Program Files\TeamViewer\TeamViewer_Service.exe ->) (TeamViewer Germany GmbH -> TeamViewer Germany GmbH) C:\Program Files\TeamViewer\TeamViewer.exe
(C:\Program Files\TeamViewer\TeamViewer_Service.exe ->) (TeamViewer Germany GmbH -> TeamViewer Germany GmbH) C:\Program Files\TeamViewer\tv_w32.exe
(C:\Program Files\TeamViewer\TeamViewer_Service.exe ->) (TeamViewer Germany GmbH -> TeamViewer Germany GmbH) C:\Program Files\TeamViewer\tv_x64.exe
(C:\Program Files\WindowsApps\AppUp.IntelArcSoftware_25.40.1953.0_x64__8j3eq9eme6ctt\VFS\ProgramFilesX64\Intel\Intel Graphics Software\IntelGraphicsSoftware.Service.exe ->) (EB51A5DA-0E72-4863-82E4-EA21C1F8DFE3 -> Intel(R) Corporation) C:\Program Files\WindowsApps\AppUp.IntelArcSoftware_25.40.1953.0_x64__8j3eq9eme6ctt\VFS\ProgramFilesX64\Intel\Intel Graphics Software\PresentMonService.exe
(DriverStore\FileRepository\ipf_cpu.inf_amd64_049e38a37c46edc4\ipf_uf.exe ->) (Intel Corporation -> Intel Corporation) C:\Windows\System32\DriverStore\FileRepository\ipf_cpu.inf_amd64_049e38a37c46edc4\ipf_helper.exe
(explorer.exe ->) (Microsoft Corporation -> Microsoft Corporation) C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe <16>
(explorer.exe ->) (Microsoft Corporation -> Microsoft Corporation) C:\Program Files\Microsoft OneDrive\OneDrive.exe
(explorer.exe ->) (Waves Inc -> Waves Audio Ltd.) C:\Windows\System32\DriverStore\FileRepository\wavesapo11de.inf_amd64_246e3e0cc5d717fa\WavesSvc64.exe
(Gen Digital Inc. -> Gen Digital Inc.) C:\Program Files\AVAST Software\Avast\AvastUI.exe <4>
(Microsoft Windows -> Microsoft Corporation) C:\Windows\UUS\amd64\MoNotificationUx.exe
(services.exe ->) (Adobe Inc. -> Adobe Inc.) C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\armsvc.exe
(services.exe ->) (Avast Software s.r.o. -> AVAST Software) C:\Program Files\AVAST Software\Avast\wsc_proxy.exe
(services.exe ->) (CANON INC. -> CANON INC.) C:\Program Files\Canon\DIAS\CnxDIAS.exe
(services.exe ->) (Dell Technologies Inc. -> ) C:\Program Files (x86)\Dell Digital Delivery Services\Dell.D3.WinSvc.exe
(services.exe ->) (Dell Technologies Inc. -> ) C:\Program Files (x86)\Dell\UpdateService\ServiceShell.exe
(services.exe ->) (Dell Technologies Inc. -> Dell INC.) C:\Program Files\Dell\SARemediation\agent\DellSupportAssistRemedationService.exe
(services.exe ->) (Dell Technologies Inc. -> Dell Inc.) C:\Program Files\Dell\SupportAssistAgent\bin\SupportAssistAgent.exe
(services.exe ->) (Dell Technologies Inc. -> Dell) C:\Program Files\Dell\TechHub\Dell.TechHub.exe
(services.exe ->) (EB51A5DA-0E72-4863-82E4-EA21C1F8DFE3 -> Intel Corporation) C:\Program Files\WindowsApps\AppUp.IntelArcSoftware_25.40.1953.0_x64__8j3eq9eme6ctt\VFS\ProgramFilesX64\Intel\Intel Graphics Software\IntelGraphicsSoftware.Service.exe
(services.exe ->) (eWay System s.r.o. -> eWay System s.r.o.) C:\Program Files\eWay-CRM\UpdateService.exe
(services.exe ->) (Gen Digital Inc. -> Avast Software) C:\Program Files\AVAST Software\Business Agent\agentsvc.exe
(services.exe ->) (Gen Digital Inc. -> Gen Digital Inc.) C:\Program Files\AVAST Software\Avast\afwServ.exe
(services.exe ->) (Gen Digital Inc. -> Gen Digital Inc.) C:\Program Files\AVAST Software\Avast\aswidsagent.exe
(services.exe ->) (Gen Digital Inc. -> Gen Digital Inc.) C:\Program Files\AVAST Software\Avast\aswToolsSvc.exe
(services.exe ->) (Gen Digital Inc. -> Gen Digital Inc.) C:\Program Files\AVAST Software\Avast\AvastSvc.exe
(services.exe ->) (Gen Digital Inc. -> Gen Digital Inc.) C:\Program Files\AVAST Software\Avast\bcc.exe
(services.exe ->) (Gen Digital Inc. -> Gen Digital Inc.) C:\Program Files\AVAST Software\Avast\bccavsvc.exe
(services.exe ->) (Gen Digital Inc. -> Gen Digital Inc.) C:\Program Files\Piriform\CCleaner 7\CCleaner_service.exe
(services.exe ->) (Intel Corporation -> Intel Corporation) C:\Windows\System32\DriverStore\FileRepository\dal.inf_amd64_8a3f88e34f6b8385\jhi_service.exe
(services.exe ->) (Intel Corporation -> Intel Corporation) C:\Windows\System32\DriverStore\FileRepository\iastorvd.inf_amd64_dcf933055667780a\RstMwService.exe
(services.exe ->) (Intel Corporation -> Intel Corporation) C:\Windows\System32\DriverStore\FileRepository\igcc_dch.inf_amd64_cde08185192dc86d\OneApp.IGCC.WinService.exe
(services.exe ->) (Intel Corporation -> Intel Corporation) C:\Windows\System32\DriverStore\FileRepository\iigd_dch.inf_amd64_abf9ff9884812579\IntelCpHDCPSvc.exe
(services.exe ->) (Intel Corporation -> Intel Corporation) C:\Windows\System32\DriverStore\FileRepository\ipf_cpu.inf_amd64_049e38a37c46edc4\ipf_uf.exe
(services.exe ->) (Intel Corporation -> Intel Corporation) C:\Windows\System32\DriverStore\FileRepository\mewmiprov.inf_amd64_b966ea70c5407e74\WMIRegistrationService.exe
(services.exe ->) (Microsoft Corporation -> Microsoft Corporation) C:\Program Files\Common Files\microsoft shared\ClickToRun\OfficeClickToRun.exe
(services.exe ->) (Microsoft Corporation -> Microsoft Corporation) C:\Program Files\Microsoft OneDrive\25.209.1026.0002\FileSyncHelper.exe
(services.exe ->) (Monet+, a.s. -> Monet+, a.s.) C:\Windows\SysWOW64\xmesrv.exe
(services.exe ->) (Realtek Semiconductor Corp. -> Realtek Semiconductor) C:\Windows\System32\DriverStore\FileRepository\realtekservice.inf_amd64_434f4faf6aa034b3\RtkAudUService64.exe <3>
(services.exe ->) (TeamViewer Germany GmbH -> TeamViewer Germany GmbH) C:\Program Files\TeamViewer\TeamViewer_Service.exe
(services.exe ->) (Waves Inc -> Waves Audio Ltd) C:\Windows\System32\DriverStore\FileRepository\wavesapo11de.inf_amd64_246e3e0cc5d717fa\WavesAudioService.exe
(services.exe ->) (Waves Inc -> Waves Audio Ltd.) C:\Windows\System32\DriverStore\FileRepository\wavesapo11de.inf_amd64_246e3e0cc5d717fa\WavesSysSvc64.exe
(svchost.exe ->) (Gen Digital Inc. -> Gen Digital Inc.) C:\Program Files\Piriform\CCleaner 7\CCleaner.exe
(svchost.exe ->) (Microsoft Corporation -> Microsoft Corporation) C:\Program Files\Microsoft OneDrive\25.209.1026.0002\FileCoAuth.exe
(svchost.exe ->) (Microsoft Corporation -> Microsoft Corporation) C:\Program Files\WindowsApps\Microsoft.StartExperiencesApp_1.168.2.0_x64__8wekyb3d8bbwe\MicrosoftStartFeedProvider\MicrosoftStartFeedProvider.exe
(svchost.exe ->) (Microsoft Windows -> ) C:\Windows\SystemApps\MicrosoftWindows.Client.CBS_cw5n1h2txyewy\AppActions.exe
(svchost.exe ->) (Microsoft Windows -> Microsoft Corporation) C:\Windows\System32\dllhost.exe
(svchost.exe ->) (Microsoft Windows -> Microsoft Corporation) C:\Windows\System32\smartscreen.exe
(svchost.exe ->) (Microsoft Windows -> Microsoft Corporation) C:\Windows\System32\spool\tools\PrintBrmEngine.exe
(svchost.exe ->) (Microsoft Windows -> Microsoft Corporation) C:\Windows\System32\wbem\WMIADAP.exe
==================== Registry (Whitelisted) ===================
(If an entry is included in the fixlist, the registry item will be restored to default or removed. The file will not be moved.)
HKLM\...\Run: [RtkAudUService] => C:\WINDOWS\System32\DriverStore\FileRepository\realtekservice.inf_amd64_434f4faf6aa034b3\RtkAudUService64.exe [2389992 2024-12-30] (Realtek Semiconductor Corp. -> Realtek Semiconductor)
HKLM\...\Run: [WavesSvc] => C:\WINDOWS\System32\DriverStore\FileRepository\wavesapo11de.inf_amd64_246e3e0cc5d717fa\WavesSvc64.exe [5077600 2023-01-04] (Waves Inc -> Waves Audio Ltd.)
HKLM\...\Run: [Logitech Download Assistant] => C:\Windows\system32\rundll32.exe C:\Windows\System32\LogiLDA.dll,LogiFetch [3831808 2021-08-30] (Microsoft Windows Hardware Compatibility Publisher -> Logitech)
HKLM\...\Run: [AvastUI.exe] => C:\Program Files\Avast Software\Avast\AvLaunch.exe [845992 2025-11-24] (Gen Digital Inc. -> Gen Digital Inc.)
HKLM-x32\...\Run: [TeamsMachineInstaller] => C:\Program Files (x86)\Teams Installer\Teams.exe [122427152 2021-07-14] (Microsoft Corporation -> Microsoft Corporation)
HKLM\SOFTWARE\Microsoft\Windows Defender: [DisableAntiSpyware] Restriction <==== ATTENTION
HKLM\SOFTWARE\Microsoft\Windows Defender: [DisableAntiVirus] Restriction <==== ATTENTION
HKLM\SOFTWARE\Policies\Microsoft\Windows Defender: Restriction <==== ATTENTION
HKLM\SYSTEM\...\Terminal Server: [fDenyTSConnections] = 0 <==== ATTENTION
HKU\S-1-5-19\...\RunOnce: [OneDrive] => C:\Program Files\Microsoft OneDrive\OneDrive.exe [4742504 2025-11-20] (Microsoft Corporation -> Microsoft Corporation)
HKU\S-1-5-20\...\RunOnce: [OneDrive] => C:\Program Files\Microsoft OneDrive\OneDrive.exe [4742504 2025-11-20] (Microsoft Corporation -> Microsoft Corporation)
HKU\S-1-5-21-3634511839-436998161-1618319399-1002\...\Run: [com.squirrel.Teams.Teams] => C:\Users\test\AppData\Local\Microsoft\Teams\Update.exe [2583584 2025-11-17] (Microsoft Corporation -> Microsoft Corporation)
HKU\S-1-5-21-3634511839-436998161-1618319399-1002\...\Run: [OneDrive] => C:\Program Files\Microsoft OneDrive\OneDrive.exe [4742504 2025-11-20] (Microsoft Corporation -> Microsoft Corporation)
HKU\S-1-5-21-860714411-3476244459-1309197597-1143\...\Run: [Adobe Acrobat Synchronizer] => C:\Program Files\Adobe\Acrobat DC\Acrobat\AdobeCollabSync.exe [41613784 2025-11-17] (Adobe Inc. -> Adobe Systems Incorporated)
HKU\S-1-5-21-860714411-3476244459-1309197597-1143\...\Run: [Teams] => C:\Users\MilošHojda\AppData\Local\Microsoft\WindowsApps\MSTeams_8wekyb3d8bbwe\ms-teams.exe [0 0] () [symlink -> ]
HKU\S-1-5-21-860714411-3476244459-1309197597-1143\...\Run: [OneDrive] => C:\Program Files\Microsoft OneDrive\OneDrive.exe [4742504 2025-11-20] (Microsoft Corporation -> Microsoft Corporation)
HKLM\...\Windows x64\Print Processors\CnXP0PP: C:\Windows\System32\spool\prtprocs\x64\CnXP0PP.DLL [666624 2022-01-20] (Microsoft Windows Hardware Compatibility Publisher -> CANON INC.)
HKLM\...\Print\Monitors\CPCA Language Monitor4: C:\WINDOWS\system32\CNAS0MPK.DLL [1804288 2021-06-30] (Microsoft Windows Hardware Compatibility Publisher -> CANON INC.)
HKLM\...\Print\Monitors\EPSON L6460 Series 64MonitorBE: C:\WINDOWS\system32\E_YLMBY5E.DLL [187392 2018-06-15] (Microsoft Windows Hardware Compatibility Publisher -> Seiko Epson Corporation)
HKLM\...\Print\Monitors\EpsonNet Print Port: C:\WINDOWS\system32\enppmon.dll [500736 2016-09-14] (SEIKO EPSON CORPORATION) [File not signed]
HKLM\Software\Microsoft\Active Setup\Installed Components: [ForensiT-Migrate-AppxPackage] -> C:\WINDOWS\upwpm2.exe [2022-06-20] (ForensiT Limited -> ForensiT Limited)
HKLM\Software\Microsoft\Active Setup\Installed Components: [{8A69D345-D564-463c-AFF1-A69D9E530F96}] -> C:\Program Files\Google\Chrome\Application\142.0.7444.176\Installer\chrmstp.exe [2025-11-19] (Google LLC -> Google LLC)
IFEO\mpcmdrun.exe: [Debugger] C:\WINDOWS\System32\systray.exe
BootExecute: autocheck autochk * aswBoot.exe /file:bccbts.ini /L:"1029" /IA:0 /KBD:1 /dir:"C:\Program Files\Avast Software\Avast"
GroupPolicy: Restriction ? <==== ATTENTION
Policies: C:\ProgramData\NTUSER.pol: Restriction <==== ATTENTION
HKLM\SOFTWARE\Policies\Mozilla\Firefox: Restriction <==== ATTENTION
HKLM\SOFTWARE\Policies\Google: Restriction <==== ATTENTION
HKLM\SOFTWARE\Policies\Microsoft\Edge: Restriction <==== ATTENTION
==================== Scheduled Tasks (Whitelisted) =================
(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)
Task: {3E6C6262-DFC8-4E18-B4A1-977BF6E15B14} - System32\Tasks\Adobe Acrobat Update Task => C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\AdobeARM.exe [1581568 2025-08-24] (Adobe Inc. -> Adobe Inc.)
Task: {C61F9722-694F-4BC0-B1C0-85CE004BBCD7} - System32\Tasks\Avast Business Watchdog => C:\Program Files\AVAST Software\Business Agent\watchdog.exe [8786144 2025-10-14] (Gen Digital Inc. -> Avast Software)
Task: {A3D6BAC8-FD7F-4076-9CEB-AC2097EDF567} - System32\Tasks\Avast Software\Avast Emergency Update => C:\Program Files\Avast Software\Avast\AvEmUpdate.exe [5573800 2025-11-24] (Gen Digital Inc. -> Gen Digital Inc.)
Task: {3718B14A-0CC6-4080-B161-11D922131965} - System32\Tasks\Avast Software\Overseer => C:\Program Files\Common Files\Avast Software\Overseer\overseer.exe [2977504 2025-11-24] (Gen Digital Inc. -> Gen Digital Inc.)
Task: {365CB4F9-1F3A-41DE-ADBB-E1CF79A18320} - System32\Tasks\Dell SupportAssistAgent AutoUpdate => C:\Program Files\Dell\SupportAssistAgent\bin\FrameworkAgents\SupportAssistInstaller.exe [1260184 2025-09-12] (Dell Technologies Inc. -> Dell Inc.) -> C:\Program Files\Dell\SupportAssistAgent\bin\AutoUpdate
Task: {80735A34-88BD-41AC-93DD-2F35DCDFB728} - System32\Tasks\EPSON L6460 Series Update {36B99AB1-197F-41BB-826B-44A5370F2FE9} => C:\Windows\System32\spool\drivers\x64\3\E_YTSY5E.EXE [680440 2017-06-06] (SEIKO EPSON CORPORATION -> Seiko Epson Corporation)
Task: {C0A398A4-2B94-4947-889F-BF1C1ED4A91E} - System32\Tasks\eWay-CRM => C:\Program Files\eWay-CRM\eWayAgent.exe [68488 2025-01-07] (eWay System s.r.o. -> eWay System s.r.o.)
Task: {A8095E27-26DB-40E5-A9DF-45FFAC9D54E7} - System32\Tasks\GoogleSystem\GoogleUpdater\GoogleUpdaterTaskSystem143.0.7482.0{3D9B4A91-27AD-4EF0-887B-23A963DC673E} => C:\Program Files (x86)\Google\GoogleUpdater\143.0.7482.0\updater.exe [6933656 2025-10-19] (Google LLC -> Google LLC)
Task: {447C76A9-3A0D-4E76-9B65-1CD78F16074C} - System32\Tasks\KB-datove-vypisy => C:\Program Files (x86)\Primy kanal\stazeni-datoveho-vypisu.bat [31 2022-12-21] () [File not signed]
Task: {AF036BA5-A4E9-4CE3-99F2-96DD09DDC04F} - System32\Tasks\KB-tistene-pdf => C:\Program Files (x86)\Primy kanal\stazeni-pdf-vypisu.bat [40 2022-12-21] () [File not signed]
Task: {29720AEA-969C-4BCA-8862-F89C13B4D237} - System32\Tasks\Microsoft\Office\Office Actions Server => C:\Program Files\Microsoft Office\root\vfs\ProgramFilesCommonX64\Microsoft Shared\OFFICE16\ActionsServer\ActionsServer.exe [16961360 2025-11-23] (Microsoft Corporation -> Microsoft Corporation)
Task: {4C1E3F7F-510F-4389-AE17-500FF5689889} - System32\Tasks\Microsoft\Office\Office Automatic Updates 2.0 => C:\Program Files\Common Files\Microsoft Shared\ClickToRun\OfficeC2RClient.exe [29178296 2025-11-20] (Microsoft Corporation -> Microsoft Corporation)
Task: {3D833E17-305E-46F8-B86A-C8FBC68BA378} - System32\Tasks\Microsoft\Office\Office Background Push Maintenance => C:\Program Files\Microsoft Office\root\vfs\ProgramFilesCommonx64\Microsoft Shared\OFFICE16\opushutil.exe [70488 2025-11-23] (Microsoft Corporation -> Microsoft Corporation)
Task: {CEA9B6BC-651F-478D-8174-7E069C24F9A2} - System32\Tasks\Microsoft\Office\Office ClickToRun Service Monitor => C:\Program Files\Common Files\Microsoft Shared\ClickToRun\OfficeC2RClient.exe [29178296 2025-11-20] (Microsoft Corporation -> Microsoft Corporation)
Task: {6ECA387C-5F58-4DDB-8600-E257CD740322} - System32\Tasks\Microsoft\Office\Office Feature Updates => C:\Program Files\Microsoft Office\root\Office16\sdxhelper.exe [316696 2025-11-23] (Microsoft Corporation -> Microsoft Corporation)
Task: {B88C4B49-2371-4D0B-A19E-37A4810EFD2B} - System32\Tasks\Microsoft\Office\Office Feature Updates Logon => C:\Program Files\Microsoft Office\root\Office16\sdxhelper.exe [316696 2025-11-23] (Microsoft Corporation -> Microsoft Corporation)
Task: {9651A0BF-CB60-4F41-AAF1-70325306FBE3} - System32\Tasks\Microsoft\Office\Office Performance Monitor => C:\Program Files\Microsoft Office\root\vfs\ProgramFilesCommonX64\Microsoft Shared\OFFICE16\operfmon.exe [1365280 2025-11-03] (Microsoft Corporation -> Microsoft Corporation)
Task: {1B8CEEC0-C913-4FED-88C7-CB4E0D8FA5DC} - System32\Tasks\Microsoft\Windows\GroupPolicy\{3E0A038B-D834-4930-9981-E89C9BFF83AA} => C:\WINDOWS\system32\gpupdate.exe [86016 2025-11-12] (Microsoft Windows -> Microsoft Corporation)
Task: {DF223887-2860-4040-AE92-6AA089EB0E60} - System32\Tasks\Microsoft\Windows\GroupPolicy\{A7719E0F-10DB-4640-AD8C-490CC6AD5202} => C:\WINDOWS\system32\gpupdate.exe [86016 2025-11-12] (Microsoft Windows -> Microsoft Corporation)
Task: {077BA067-7C15-40F0-B22E-C9DC2A54B4A2} - System32\Tasks\Microsoft\Windows\Location\Notifications => %windir%\System32\LocationNotificationWindows.exe (No File)
Task: {27CE9D59-9D48-4D29-99BC-64657AEBA494} - System32\Tasks\Microsoft\Windows\Security\Pwdless\IntelligentPwdlessTask => {8702A841-D5CA-47C3-812D-9CEDC304C200}
Task: {F3E6E7ED-A196-4E44-8803-55FAB3AD4E29} - System32\Tasks\Microsoft\Windows\UpdateOrchestrator\USO_UxBroker => %systemroot%\system32\MusNotification.exe (No File)
Task: {6EBF5C0D-D18D-4F42-903A-AE41645ED61B} - System32\Tasks\OneDrive Per-Machine Standalone Update Task => C:\Program Files\Microsoft OneDrive\OneDriveStandaloneUpdater.exe [4380008 2025-11-20] (Microsoft Corporation -> Microsoft Corporation)
Task: {9BCF4A24-2845-4280-9D41-5525C33CB183} - System32\Tasks\OneDrive Reporting Task-S-1-5-21-3634511839-436998161-1618319399-1002 => C:\Program Files\Microsoft OneDrive\OneDriveStandaloneUpdater.exe [4380008 2025-11-20] (Microsoft Corporation -> Microsoft Corporation)
Task: {D48FD76C-3F0C-46BC-82C2-C29F999048EB} - System32\Tasks\OneDrive Reporting Task-S-1-5-21-860714411-3476244459-1309197597-1126 => C:\Program Files\Microsoft OneDrive\OneDriveStandaloneUpdater.exe [4380008 2025-11-20] (Microsoft Corporation -> Microsoft Corporation)
Task: {51038D47-A67F-49C0-88A8-5143E0940081} - System32\Tasks\OneDrive Reporting Task-S-1-5-21-860714411-3476244459-1309197597-1143 => C:\Program Files\Microsoft OneDrive\OneDriveStandaloneUpdater.exe [4380008 2025-11-20] (Microsoft Corporation -> Microsoft Corporation)
Task: {51ED85FD-DB86-4291-8F96-E76B87C3ED3C} - System32\Tasks\OneDrive Startup Task-S-1-5-21-3634511839-436998161-1618319399-1002 => C:\Program Files\Microsoft OneDrive\25.209.1026.0002\OneDriveLauncher.exe [727440 2025-11-20] (Microsoft Corporation -> Microsoft Corporation)
Task: {F72711EA-E863-4CA1-972F-5AA5A70D706A} - System32\Tasks\OneDrive Startup Task-S-1-5-21-860714411-3476244459-1309197597-1126 => C:\Program Files\Microsoft OneDrive\25.209.1026.0002\OneDriveLauncher.exe [727440 2025-11-20] (Microsoft Corporation -> Microsoft Corporation)
Task: {BF6CA8A1-6859-48D4-A864-FFB37957E619} - System32\Tasks\OneDrive Startup Task-S-1-5-21-860714411-3476244459-1309197597-1143 => C:\Program Files\Microsoft OneDrive\25.209.1026.0002\OneDriveLauncher.exe [727440 2025-11-20] (Microsoft Corporation -> Microsoft Corporation)
Task: {E6A64256-0899-4888-A949-831C63553CD3} - System32\Tasks\Piriform\CCleaner 7 - S-1-5-21-3634511839-436998161-1618319399-1002 => C:\Program Files\Piriform\CCleaner 7\CCleaner.exe [4771960 2025-11-19] (Gen Digital Inc. -> Gen Digital Inc.)
Task: {4AE850C6-114A-4F2E-91DF-F97ED40D1571} - System32\Tasks\Piriform\CCleaner 7 - S-1-5-21-860714411-3476244459-1309197597-1126 => C:\Program Files\Piriform\CCleaner 7\CCleaner.exe [4771960 2025-11-19] (Gen Digital Inc. -> Gen Digital Inc.)
Task: {08CAAE37-6BA6-412F-ADDE-A5CD6E4770A5} - System32\Tasks\Piriform\CCleaner 7 - S-1-5-21-860714411-3476244459-1309197597-1143 => C:\Program Files\Piriform\CCleaner 7\CCleaner.exe [4771960 2025-11-19] (Gen Digital Inc. -> Gen Digital Inc.)
Task: {9DC55C16-7365-43EF-AD90-66E8CAFDF5E8} - System32\Tasks\Piriform\CCleaner 7 BugReport => C:\Program Files\Piriform\CCleaner 7\CCleanerBugReport.exe [6274680 2025-11-19] (Gen Digital Inc. -> Gen Digital Inc.) -> --send "dumps|report" --product 234 --programpath "C:\Program Files\Piriform\CCleaner 7" --configpath "C:\Program Files\Piriform\CCleaner 7\data" --path "C:\Program Files\Piriform\CCleaner 7\log" --path "C:\Program Files\Piriform\CCleaner 7\data\dumps" --logpath "C:\Program Files\Piriform\CCleaner 7 (the data entry has 58 more characters).
Task: {24AC7FA9-CED7-427A-953A-E335FC87CCD4} - System32\Tasks\Piriform\CCleaner 7 Update => C:\Program Files\Common Files\Piriform\Icarus\piriform-ccl\icarus.exe [9173216 2025-11-14] (Gen Digital Inc. -> Gen Digital Inc.)
(If an entry is included in the fixlist, the task (.job) file will be moved. The file which is running by the task will not be moved.)
Task: C:\WINDOWS\Tasks\EPSON L6460 Series Update {36B99AB1-197F-41BB-826B-44A5370F2FE9}.job => C:\Windows\system32\spool\DRIVERS\x64\3\E_YTSY5E.EXE:/EXE:{36B99AB1-197F-41BB-826B-44A5370F2FE9} /F:UpdateAGS\HOJDA$ĊSearches for EPSON software updates, and notifies you when updates are available.If this task is disabled or stopped, your EPSON software will not be automatically kept up to date.Thi
==================== Internet (Whitelisted) ====================
(If an item is included in the fixlist, if it is a registry item it will be removed or restored to default.)
Tcpip\..\Interfaces\{e80bc943-b9f6-4f42-a84b-5333aa4826b2}: [NameServer] 192.168.2.48,8.8.8.8
Edge:
=======
Edge DefaultProfile: Default
Edge Profile: C:\Users\MilošHojda\AppData\Local\Microsoft\Edge\User Data\Default [2025-11-25]
Edge Notifications: Default -> hxxps://www.eurosport.com
Edge Extension: (Avast Online Security & Privacy) - C:\Users\MilošHojda\AppData\Local\Microsoft\Edge\User Data\Default\Extensions\fdgpikaaheckgdijjmepmdjjkbceakif [2025-09-25]
Edge Extension: (Dokumenty Google offline) - C:\Users\MilošHojda\AppData\Local\Microsoft\Edge\User Data\Default\Extensions\ghbmnnjooekpmoecnnnilnnbdlolhkhi [2025-10-31]
Edge Extension: (HP Dynamic Audio) - C:\Users\MilošHojda\AppData\Local\Microsoft\Edge\User Data\Default\Extensions\iahgjpkfebmcdcaifedofgakoancmoli [2023-01-27]
Edge Extension: (Edge relevant text changes) - C:\Users\MilošHojda\AppData\Local\Microsoft\Edge\User Data\Default\Extensions\jmjflgjpcpepeafmmgdpfkogkghcpiha [2024-01-24]
Edge Extension: (Komponenta pro aplikaci BUSINESS 24) - C:\Users\MilošHojda\AppData\Local\Microsoft\Edge\User Data\Default\Extensions\koefoniljlakompjaegmdiemdajkhccp [2023-06-26]
Edge Extension: (Cryptoplus KB - podepisovací modul) - C:\Users\MilošHojda\AppData\Local\Microsoft\Edge\User Data\Default\Extensions\ldildmkoeoicfkknedfdpjmgjmpkpooc [2022-06-19]
Edge Extension: (Komponenta pro aplikaci MEP) - C:\Users\MilošHojda\AppData\Local\Microsoft\Edge\User Data\Default\Extensions\obehacdnjblkaifidpkgcnhhdfhjkmih [2023-07-24]
FireFox:
========
FF Plugin: @microsoft.com/SharePoint,version=14.0 -> C:\Program Files\Microsoft Office\root\Office16\NPSPWRAP.DLL [2025-11-03] (Microsoft Corporation -> Microsoft Corporation)
FF Plugin: Adobe Acrobat -> C:\Program Files\Adobe\Acrobat DC\Acrobat\Air\nppdf32.dll [2025-11-17] (Adobe Inc. -> Adobe Systems Inc.)
FF Plugin-x32: @microsoft.com/Lync,version=15.0 -> C:\Program Files\Microsoft Office\root\VFS\ProgramFilesX86\Mozilla Firefox\plugins\npmeetingjoinpluginoc.dll [2025-11-03] (Microsoft Corporation -> Microsoft Corporation)
FF Plugin-x32: @microsoft.com/SharePoint,version=14.0 -> C:\Program Files\Microsoft Office\root\VFS\ProgramFilesX86\Microsoft Office\Office16\NPSPWRAP.DLL [2025-11-03] (Microsoft Corporation -> Microsoft Corporation)
FF Plugin HKU\S-1-5-21-860714411-3476244459-1309197597-1143: @kb-ext.cz/PKIComponent -> C:\Users\MilošHojda\AppData\Roaming\KB-ext\lib\x86\npPKIComponentNPAPI-kbext.dll [2022-07-12] (KOMERCNI BANKA A.S. -> Komerční banka, a.s.)
FF Plugin HKU\S-1-5-21-860714411-3476244459-1309197597-1143: @servis24.cz/PKIComponent -> C:\Users\MilošHojda\AppData\Roaming\CSAS\lib\x86\npPKIComponentNPAPI.dll [2025-01-14] (Česká spořitelna a.s. -> Česká spořitelna, a.s.)
FF Plugin HKU\S-1-5-21-860714411-3476244459-1309197597-1143: @servis24.cz/PKIComponent-x64 -> C:\Users\MilošHojda\AppData\Roaming\CSAS\lib\x64\npPKIComponentNPAPI.dll [2022-01-26] (Česká spořitelna a.s. -> Česká spořitelna, a.s.)
Chrome:
=======
CHR Profile: C:\Users\MilošHojda\AppData\Local\Google\Chrome\User Data\Default [2024-05-16]
CHR Extension: (Avast Online Security & Privacy) - C:\Users\MilošHojda\AppData\Local\Google\Chrome\User Data\Default\Extensions\gomekmidlodglbbmalcneegieacbdmki [2023-02-01]
CHR Extension: (Chrome Web Store Payments) - C:\Users\MilošHojda\AppData\Local\Google\Chrome\User Data\Default\Extensions\nmmhkkegccagdldgiimedpiccmgmieda [2023-02-02]
CHR HKU\S-1-5-21-3634511839-436998161-1618319399-1002\SOFTWARE\Google\Chrome\Extensions\...\Chrome\Extension: [efaidnbmnnnibpcajpcglclefindmkaj]
CHR HKU\S-1-5-21-860714411-3476244459-1309197597-1143\SOFTWARE\Google\Chrome\Extensions\...\Chrome\Extension: [efaidnbmnnnibpcajpcglclefindmkaj]
CHR HKLM-x32\...\Chrome\Extension: [efaidnbmnnnibpcajpcglclefindmkaj]
CHR HKLM-x32\...\Chrome\Extension: [gomekmidlodglbbmalcneegieacbdmki]
==================== Services (Whitelisted) ===================
(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)
R2 AdobeARMservice; C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\armsvc.exe [174584 2025-08-24] (Adobe Inc. -> Adobe Inc.)
R2 aswBcc; C:\Program Files\Avast Software\Avast\bcc.exe [1864360 2025-11-24] (Gen Digital Inc. -> Gen Digital Inc.)
R3 aswbIDSAgent; C:\Program Files\Avast Software\Avast\aswidsagent.exe [7785640 2025-11-24] (Gen Digital Inc. -> Gen Digital Inc.)
R2 Avast Business Console Client Antivirus Service; C:\Program Files\Avast Software\Avast\bccavsvc.exe [9363112 2025-11-24] (Gen Digital Inc. -> Gen Digital Inc.)
R2 avast! Antivirus; C:\Program Files\Avast Software\Avast\AvastSvc.exe [1036456 2025-11-24] (Gen Digital Inc. -> Gen Digital Inc.)
R2 avast! Firewall; C:\Program Files\Avast Software\Avast\afwServ.exe [2598568 2025-11-24] (Gen Digital Inc. -> Gen Digital Inc.)
R2 avast! Tools; C:\Program Files\Avast Software\Avast\aswToolsSvc.exe [1089704 2025-11-24] (Gen Digital Inc. -> Gen Digital Inc.)
R2 AvastWscReporter; C:\Program Files\Avast Software\Avast\wsc_proxy.exe [56912 2025-11-24] (Avast Software s.r.o. -> AVAST Software)
R2 Canon Driver Information Assist Service; C:\Program Files\Canon\DIAS\CnxDIAS.exe [4482400 2022-01-11] (CANON INC. -> CANON INC.)
R2 CCleaner7; C:\Program Files\Piriform\CCleaner 7\CCleaner_service.exe [28256888 2025-11-19] (Gen Digital Inc. -> Gen Digital Inc.)
R2 ClickToRunSvc; C:\Program Files\Common Files\Microsoft Shared\ClickToRun\OfficeClickToRun.exe [13366624 2025-11-20] (Microsoft Corporation -> Microsoft Corporation)
R2 ClientManager; C:\Program Files\AVAST Software\Business Agent\agentsvc.exe [1559264 2025-10-14] (Gen Digital Inc. -> Avast Software)
R2 Dell Digital Delivery Services; C:\Program Files (x86)\Dell Digital Delivery Services\Dell.D3.WinSvc.exe [59160 2025-08-29] (Dell Technologies Inc. -> )
R2 Dell SupportAssist Remediation; C:\Program Files\Dell\SARemediation\agent\DellSupportAssistRemedationService.exe [22240 2024-09-26] (Dell Technologies Inc. -> Dell INC.)
R2 DellClientManagementService; C:\Program Files (x86)\Dell\UpdateService\ServiceShell.exe [49952 2025-09-10] (Dell Technologies Inc. -> )
R2 DellTechHub; C:\Program Files\Dell\TechHub\Dell.TechHub.exe [153288 2025-07-03] (Dell Technologies Inc. -> Dell)
R2 eWayUpdateService; C:\Program Files\eWay-CRM\UpdateService.exe [58240 2025-01-07] (eWay System s.r.o. -> eWay System s.r.o.)
R3 FileSyncHelper; C:\Program Files\Microsoft OneDrive\25.209.1026.0002\FileSyncHelper.exe [3608936 2025-11-20] (Microsoft Corporation -> Microsoft Corporation)
S2 Intel(R) Platform License Manager Service; C:\WINDOWS\System32\DriverStore\FileRepository\iclsclient.inf_amd64_c25dbc60ad3b371a\lib\PlatformLicenseManagerService.exe [742904 2024-08-07] (Intel Corporation -> Intel(R) Corporation)
R2 IntelGraphicsSoftwareService; C:\Program Files\WindowsApps\AppUp.IntelArcSoftware_25.40.1953.0_x64__8j3eq9eme6ctt\VFS\ProgramFilesX64\Intel\Intel Graphics Software\IntelGraphicsSoftware.Service.exe [300544 2025-11-20] (EB51A5DA-0E72-4863-82E4-EA21C1F8DFE3 -> Intel Corporation)
R2 ipfsvc; C:\WINDOWS\System32\DriverStore\FileRepository\ipf_cpu.inf_amd64_049e38a37c46edc4\ipf_uf.exe [3115592 2025-05-16] (Intel Corporation -> Intel Corporation)
S3 MDCoreSvc; C:\ProgramData\Microsoft\Windows Defender\Platform\4.18.25100.9008-0\MpDefenderCoreService.exe [2026184 2025-11-18] (Microsoft Windows Publisher -> Microsoft Corporation)
S3 OneDrive Updater Service; C:\Program Files\Microsoft OneDrive\25.209.1026.0002\OneDriveUpdaterService.exe [3891560 2025-11-20] (Microsoft Corporation -> Microsoft Corporation)
R2 SupportAssistAgent; C:\Program Files\Dell\SupportAssistAgent\bin\SupportAssistAgent.exe [162456 2025-09-12] (Dell Technologies Inc. -> Dell Inc.)
R2 TeamViewer; C:\Program Files\TeamViewer\TeamViewer_Service.exe [25764712 2025-10-23] (TeamViewer Germany GmbH -> TeamViewer Germany GmbH)
R2 WavesAudioService; C:\WINDOWS\System32\DriverStore\FileRepository\wavesapo11de.inf_amd64_246e3e0cc5d717fa\WavesAudioService.exe [160896 2023-01-04] (Waves Inc -> Waves Audio Ltd)
S4 WdNisSvc; C:\ProgramData\Microsoft\Windows Defender\Platform\4.18.25100.9008-0\NisSrv.exe [4414480 2025-11-18] (Microsoft Windows Publisher -> Microsoft Corporation)
S4 WinDefend; C:\ProgramData\Microsoft\Windows Defender\Platform\4.18.25100.9008-0\MsMpEng.exe [282440 2025-11-18] (Microsoft Windows Publisher -> Microsoft Corporation)
R2 xmengine service; C:\Windows\SysWOW64\xmesrv.exe [34696 2021-07-12] (Monet+, a.s. -> Monet+, a.s.)
===================== Drivers (Whitelisted) ===================
(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)
R1 aswArPot; C:\WINDOWS\System32\drivers\aswArPot.sys [244832 2025-11-24] (Microsoft Windows Hardware Compatibility Publisher -> Gen Digital Inc.)
R1 aswbidsdriver; C:\WINDOWS\System32\drivers\aswbidsdriver.sys [390752 2025-11-24] (Microsoft Windows Hardware Compatibility Publisher -> Gen Digital Inc.)
R0 aswbidsh; C:\WINDOWS\System32\drivers\aswbidsh.sys [299616 2025-11-24] (Microsoft Windows Hardware Compatibility Publisher -> Gen Digital Inc.)
R0 aswbuniv; C:\WINDOWS\System32\drivers\aswbuniv.sys [85600 2025-11-24] (Microsoft Windows Hardware Compatibility Publisher -> Gen Digital Inc.)
R0 aswElam; C:\WINDOWS\System32\drivers\aswElam.sys [29144 2025-11-24] (Microsoft Windows Early Launch Anti-malware Publisher -> Gen Digital Inc.)
R1 aswKbd; C:\WINDOWS\System32\drivers\aswKbd.sys [29792 2025-11-24] (Microsoft Windows Hardware Compatibility Publisher -> Gen Digital Inc.)
R1 aswMonFlt; C:\WINDOWS\System32\drivers\aswMonFlt.sys [284768 2025-11-24] (Microsoft Windows Hardware Compatibility Publisher -> Gen Digital Inc.)
R1 aswNetHub; C:\WINDOWS\System32\drivers\aswNetHub.sys [574048 2025-11-24] (Microsoft Windows Hardware Compatibility Publisher -> Gen Digital Inc.)
R1 aswRdr; C:\WINDOWS\System32\drivers\aswRdr2.sys [92232 2025-11-24] (Microsoft Windows Hardware Compatibility Publisher -> Gen Digital Inc.)
R0 aswRvrt; C:\WINDOWS\System32\drivers\aswRvrt.sys [71240 2025-11-24] (Microsoft Windows Hardware Compatibility Publisher -> Gen Digital Inc.)
R1 aswSnx; C:\WINDOWS\System32\drivers\aswSnx.sys [876104 2025-11-24] (Microsoft Windows Hardware Compatibility Publisher -> Gen Digital Inc.)
R1 aswSP; C:\WINDOWS\System32\drivers\aswSP.sys [1282632 2025-11-24] (Microsoft Windows Hardware Compatibility Publisher -> Gen Digital Inc.)
R2 aswStm; C:\WINDOWS\System32\drivers\aswStm.sys [201824 2025-11-24] (Microsoft Windows Hardware Compatibility Publisher -> Gen Digital Inc.)
R0 aswVmm; C:\WINDOWS\System32\drivers\aswVmm.sys [391776 2025-11-24] (Microsoft Windows Hardware Compatibility Publisher -> Gen Digital Inc.)
S3 BthA2dp; C:\WINDOWS\System32\drivers\BthA2dp.sys [573440 2025-03-05] (Microsoft Corporation) [File not signed]
S3 BthHFEnum; C:\WINDOWS\System32\drivers\bthhfenum.sys [204800 2025-03-05] (Microsoft Corporation) [File not signed]
S3 BTHMODEM; C:\WINDOWS\System32\drivers\bthmodem.sys [110592 2025-03-05] (Microsoft Corporation) [File not signed]
S3 DDDriver; C:\WINDOWS\System32\drivers\dddriver64Dcsa.sys [43400 2021-09-09] (Microsoft Windows Hardware Compatibility Publisher -> Dell Technologies)
R3 DellInstrumentation; C:\WINDOWS\System32\drivers\DellInstrumentation.sys [35896 2025-02-13] (Microsoft Windows Hardware Compatibility Publisher -> Dell)
R3 GemCCID; C:\WINDOWS\System32\DriverStore\FileRepository\gemccid.inf_amd64_526ec61d10ad09ec\GemCCID.sys [163032 2025-03-25] (Thales DIS CPL USA, Inc. -> Gemalto)
S3 GSCAuxDriver; C:\WINDOWS\System32\DriverStore\FileRepository\gscauxdriver.inf_amd64_47dea9773e9dfab7\GSCAuxDriverx64.sys [78904 2021-11-04] (Intel Corporation -> Intel Corporation)
S3 GSCx64; C:\WINDOWS\System32\DriverStore\FileRepository\gscheci.inf_amd64_1027aa064fe1f3f7\TeeDriverGSCW8x64.sys [258096 2021-11-04] (Intel Corporation -> Intel Corporation)
R3 iaLPSS2_GPIO2_ADL; C:\WINDOWS\System32\DriverStore\FileRepository\ialpss2_gpio2_adl.inf_amd64_e11257f05c0c2f89\iaLPSS2_GPIO2_ADL.sys [139928 2021-07-30] (Intel Corporation -> Intel Corporation)
S3 iaLPSS2_I2C_ADL; C:\WINDOWS\System32\DriverStore\FileRepository\ialpss2_i2c_adl.inf_amd64_778b19a5f4d49cba\iaLPSS2_I2C_ADL.sys [202896 2021-07-30] (Intel Corporation -> Intel Corporation)
S3 iaLPSS2_SPI_ADL; C:\WINDOWS\System32\DriverStore\FileRepository\ialpss2_spi_adl.inf_amd64_64a15de23309ff40\iaLPSS2_SPI_ADL.sys [160920 2021-07-30] (Intel Corporation -> Intel Corporation)
S3 iaLPSS2_UART2_ADL; C:\WINDOWS\System32\DriverStore\FileRepository\ialpss2_uart2_adl.inf_amd64_d2f51baade1b0161\iaLPSS2_UART2_ADL.sys [318624 2021-07-30] (Intel Corporation -> Intel Corporation)
R0 iaStorVD; C:\WINDOWS\System32\drivers\iaStorVD.sys [1623632 2024-12-16] (Intel Corporation -> Intel Corporation)
R3 IntelGNA; C:\WINDOWS\System32\DriverStore\FileRepository\gna.inf_amd64_19ceb7ce67a7cf8b\gna.sys [87208 2021-09-17] (Intel Corporation -> Intel Corporation)
R3 ipf_acpi; C:\WINDOWS\System32\DriverStore\FileRepository\ipf_acpi.inf_amd64_c6eee0207705bc06\ipf_acpi.sys [90184 2025-05-16] (Intel Corporation -> Intel Corporation)
R3 ipf_cpu; C:\WINDOWS\System32\DriverStore\FileRepository\ipf_cpu.inf_amd64_049e38a37c46edc4\ipf_cpu.sys [89672 2025-05-16] (Intel Corporation -> Intel Corporation)
R3 ipf_lf; C:\WINDOWS\System32\DriverStore\FileRepository\ipf_cpu.inf_amd64_049e38a37c46edc4\ipf_lf.sys [504912 2025-05-16] (Intel Corporation -> Intel Corporation)
S3 KslD; C:\WINDOWS\System32\drivers\wd\KslD.sys [333192 2025-11-18] (Microsoft Windows -> Microsoft Corporation)
R2 NPF; C:\Program Files\iVMS-4200 Lite\Drivers\npf64.sys [36600 2018-04-26] (Riverbed Technology, Inc. -> Riverbed Technology, Inc.)
R3 PRI-Driver; C:\WINDOWS\System32\DriverStore\FileRepository\socthermalprovider_sw.inf_amd64_d8d2967b40ed3b12\Intel(R) PRI Driver\PRI-Driver.sys [297080 2024-11-04] (Intel Corporation -> Intel Corporation)
S3 WdBoot; C:\WINDOWS\system32\drivers\wd\WdBoot.sys [20904 2025-11-18] (Microsoft Windows Early Launch Anti-malware Publisher -> Microsoft Corporation)
S4 WdFilter; C:\WINDOWS\system32\drivers\wd\WdFilter.sys [629168 2025-11-18] (Microsoft Windows -> Microsoft Corporation)
S4 WdNisDrv; C:\WINDOWS\System32\drivers\wd\WdNisDrv.sys [102792 2025-11-18] (Microsoft Windows -> Microsoft Corporation)
R3 WiManHu; C:\WINDOWS\System32\DriverStore\FileRepository\wiman.inf_amd64_ed5a224638687261\WiManHu\WiManHu.sys [217400 2024-08-12] (Intel Corporation -> Intel Corporation)
S3 IntelTACD; \??\C:\Windows\System32\drivers\IntelTACD.sys [X]
==================== NetSvcs (Whitelisted) ===================
(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)
==================== One month (created) (Whitelisted) =========
(If an entry is included in the fixlist, the file/folder will be moved.)
2025-11-25 08:31 - 2025-11-25 08:32 - 000037690 _____ C:\Users\MilošHojda\OneDrive - A.G.Service s.r.o\Plocha\FRST.txt
2025-11-25 08:31 - 2025-11-25 08:31 - 000713236 _____ C:\WINDOWS\system32\perfh005.dat
2025-11-25 08:31 - 2025-11-25 08:31 - 000153434 _____ C:\WINDOWS\system32\perfc005.dat
2025-11-25 08:31 - 2025-11-25 08:31 - 000000000 ____D C:\FRST
2025-11-25 08:29 - 2025-11-25 08:29 - 002444288 _____ (Farbar) C:\Users\MilošHojda\OneDrive - A.G.Service s.r.o\Plocha\FRST64.exe
2025-11-24 10:08 - 2025-11-24 10:08 - 000043631 _____ C:\Users\MilošHojda\AppData\LocalLow\b78ff7347d1c0d40a09319932d9938828a918c29a3380308bad9d977e8102d28
2025-11-24 10:08 - 2025-11-24 10:08 - 000000130 _____ C:\Users\MilošHojda\AppData\LocalLow\4f477fb3a2a7b7771df81681449b8ac3db5d5fdce4578baf8eb1d4330697a8c7
2025-11-24 10:04 - 2025-11-24 10:04 - 000000000 ____D C:\Users\MilošHojda\AppData\Roaming\Avast Software
2025-11-24 10:03 - 2025-11-24 10:03 - 000322216 _____ (Gen Digital Inc.) C:\WINDOWS\system32\aswBoot.exe
2025-11-24 10:03 - 2025-11-24 10:03 - 000002090 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Avast Business Security.lnk
2025-11-24 10:03 - 2025-11-24 10:03 - 000000000 ____D C:\WINDOWS\system32\Tasks\Avast Software
2025-11-24 10:03 - 2025-11-24 10:03 - 000000000 ____D C:\Program Files\Common Files\Avast Software
2025-11-24 10:02 - 2025-11-25 08:23 - 000003618 _____ C:\WINDOWS\system32\Tasks\Avast Business Watchdog
2025-11-24 06:57 - 2025-11-24 10:06 - 000000000 ____D C:\Users\MilošHojda\AppData\Roaming\XenoManager
2025-11-23 06:34 - 2025-11-24 06:57 - 000000000 ____D C:\Users\test\AppData\Local\CrashDumps
2025-11-23 06:34 - 2025-11-23 06:34 - 000043617 _____ C:\Users\test\AppData\LocalLow\b78ff7347d1c0d40a09319932d9938828a918c29a3380308bad9d977e8102d28
2025-11-23 06:34 - 2025-11-23 06:34 - 000000026 _____ C:\Users\test\AppData\LocalLow\4f477fb3a2a7b7771df81681449b8ac3db5d5fdce4578baf8eb1d4330697a8c7
2025-11-23 05:31 - 2025-11-24 06:57 - 000006194 _____ C:\Users\test\AppData\LocalLow\MYh8L5r.ujoGkYIfe
2025-11-23 05:31 - 2025-11-24 06:57 - 000000885 _____ C:\Users\MilošHojda\Downloads\ujoGkYIfe.README.txt
2025-11-23 05:31 - 2025-11-24 06:57 - 000000885 _____ C:\Users\MilošHojda\AppData\ujoGkYIfe.README.txt
2025-11-23 05:31 - 2025-11-24 06:57 - 000000885 _____ C:\Users\hojda\ujoGkYIfe.README.txt
2025-11-23 05:31 - 2025-11-24 06:57 - 000000885 _____ C:\Users\dhojda\ujoGkYIfe.README.txt
2025-11-23 05:31 - 2025-11-24 06:57 - 000000328 _____ C:\Users\test\AppData\LocalLow\BBE7izj.ujoGkYIfe
2025-11-23 05:30 - 2025-11-23 05:30 - 000000000 ____D C:\Users\test\AppData\Roaming\Microsoft\Office
2025-11-23 05:30 - 2025-11-23 05:30 - 000000000 ____D C:\Users\test\AppData\Roaming\Microsoft\AddIns
2025-11-23 05:29 - 2025-11-24 06:57 - 000014374 _____ C:\Users\test\AppData\LocalLow\125853172c102d2f5b528cd18dd7b630fdeef1a9b9e21f98d13e0af17ecb2eff.ujoGkYIfe
2025-11-23 05:29 - 2025-11-24 06:57 - 000000885 _____ C:\Users\ujoGkYIfe.README.txt
2025-11-23 05:29 - 2025-11-24 06:57 - 000000885 _____ C:\Users\test\ujoGkYIfe.README.txt
2025-11-23 05:29 - 2025-11-24 06:57 - 000000885 _____ C:\Users\test\Downloads\ujoGkYIfe.README.txt
2025-11-23 05:29 - 2025-11-24 06:57 - 000000885 _____ C:\Users\test\AppData\ujoGkYIfe.README.txt
2025-11-23 05:29 - 2025-11-24 06:57 - 000000885 _____ C:\Users\test\AppData\Roaming\ujoGkYIfe.README.txt
2025-11-23 05:29 - 2025-11-24 06:57 - 000000885 _____ C:\Users\test\AppData\LocalLow\ujoGkYIfe.README.txt
2025-11-23 05:29 - 2025-11-24 06:57 - 000000885 _____ C:\Users\test\AppData\Local\ujoGkYIfe.README.txt
2025-11-23 05:29 - 2025-11-24 06:57 - 000000885 _____ C:\Users\MilošHojda\ujoGkYIfe.README.txt
2025-11-23 05:29 - 2025-11-24 06:57 - 000000885 _____ C:\ujoGkYIfe.README.txt
2025-11-23 05:29 - 2025-11-24 06:57 - 000000324 _____ C:\Users\test\AppData\LocalLow\b6055909ead437b5dcc7db5240ce55e5dbdcdc8ce1d9bd93b70850d0c99c4d7a.ujoGkYIfe
2025-11-23 05:29 - 2025-11-23 05:29 - 000005883 _____ C:\Users\test\AppData\LocalLow\7ea868fd86694840381937df7fbc1ff69ffe96adb2b6ecd7230ab88b6a65b9aa
2025-11-23 05:29 - 2025-11-23 05:29 - 000003492 __RSH C:\ProgramData\ntuser.pol
2025-11-23 05:29 - 2025-11-23 05:29 - 000000026 _____ C:\Users\test\AppData\LocalLow\c36753f5eb40323b64fb5cb12399ddba76e23464ff089e1a711edc95bbed87ab
2025-11-21 09:03 - 2025-11-24 15:31 - 019534611 _____ C:\Users\MilošHojda\OneDrive - A.G.Service s.r.o\Plocha\2vinobraní 2023.mp4
2025-11-21 09:03 - 2025-11-24 15:31 - 000255488 _____ C:\Users\MilošHojda\OneDrive - A.G.Service s.r.o\Plocha\Spotreba 2002-2019.xls
2025-11-21 09:03 - 2025-11-24 15:31 - 000069551 _____ C:\Users\MilošHojda\OneDrive - A.G.Service s.r.o\Plocha\DOC-20250926-WA0002
2025-11-21 09:03 - 2025-11-24 15:31 - 000000049 _____ C:\Users\MilošHojda\OneDrive - A.G.Service s.r.o\Plocha\OnePlay.url
2025-11-21 09:03 - 2025-11-24 15:31 - 000000046 _____ C:\Users\MilošHojda\OneDrive - A.G.Service s.r.o\Plocha\O2 TV 2.0.url
2025-11-21 08:55 - 2025-11-21 08:55 - 000000000 ____D C:\Program Files (x86)\Microsoft OneDrive
2025-11-20 14:03 - 2025-11-23 05:29 - 000000000 ____D C:\Users\test\AppData\Local\PeerDistRepub
2025-11-20 10:24 - 2025-11-23 05:29 - 000000000 ____D C:\Users\test\.eWay-CRM
2025-11-20 10:20 - 2025-11-23 05:29 - 000002562 ____N C:\Users\test\AppData\LocalLow\bac841604a55649dd0f0a0c5446fbbda31caf6d927bd4a777c7f790cdadd54e7.ujoGkYIfe
2025-11-20 09:58 - 2025-11-20 09:59 - 000003592 _____ C:\WINDOWS\system32\Tasks\OneDrive Reporting Task-S-1-5-21-860714411-3476244459-1309197597-1143
2025-11-20 09:58 - 2025-11-20 09:59 - 000003592 _____ C:\WINDOWS\system32\Tasks\OneDrive Reporting Task-S-1-5-21-860714411-3476244459-1309197597-1126
2025-11-20 09:58 - 2025-11-20 09:59 - 000003592 _____ C:\WINDOWS\system32\Tasks\OneDrive Reporting Task-S-1-5-21-3634511839-436998161-1618319399-1002
2025-11-20 09:58 - 2025-11-20 09:59 - 000003546 _____ C:\WINDOWS\system32\Tasks\OneDrive Startup Task-S-1-5-21-860714411-3476244459-1309197597-1143
2025-11-20 09:58 - 2025-11-20 09:59 - 000003546 _____ C:\WINDOWS\system32\Tasks\OneDrive Startup Task-S-1-5-21-860714411-3476244459-1309197597-1126
2025-11-20 09:58 - 2025-11-20 09:59 - 000003546 _____ C:\WINDOWS\system32\Tasks\OneDrive Startup Task-S-1-5-21-3634511839-436998161-1618319399-1002
2025-11-20 09:58 - 2025-11-20 09:59 - 000003194 _____ C:\WINDOWS\system32\Tasks\OneDrive Per-Machine Standalone Update Task
2025-11-20 09:58 - 2025-11-20 09:59 - 000002134 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Programs\OneDrive.lnk
2025-11-20 09:45 - 2025-11-20 10:00 - 000000130 _____ C:\Users\MilošHojda\AppData\LocalLow\b6055909ead437b5dcc7db5240ce55e5dbdcdc8ce1d9bd93b70850d0c99c4d7a
2025-11-20 09:45 - 2025-11-20 09:45 - 000014080 _____ C:\Users\MilošHojda\AppData\LocalLow\125853172c102d2f5b528cd18dd7b630fdeef1a9b9e21f98d13e0af17ecb2eff
2025-11-18 14:38 - 2025-11-24 13:02 - 000000000 ____D C:\WINDOWS\CbsTemp
2025-11-18 08:56 - 2025-11-18 08:56 - 000189907 _____ C:\Users\MilošHojda\Downloads\priloha_1605944944_0_VypisROS.pdf
2025-11-18 08:51 - 2025-11-18 08:51 - 000047940 _____ C:\Users\MilošHojda\Downloads\0000000005304492_20251117_X_252_000_D_C.pdf
2025-11-18 07:08 - 2025-11-18 07:08 - 000061124 _____ C:\Users\MilošHojda\Downloads\17104471_20251117.pdf
2025-11-18 00:45 - 2025-11-23 05:29 - 000058942 ____N C:\Users\test\AppData\LocalLow\b78ff7347d1c0d40a09319932d9938828a918c29a3380308bad9d977e8102d28.ujoGkYIfe
2025-11-18 00:45 - 2025-11-23 05:29 - 000000431 ____N C:\Users\test\AppData\LocalLow\4f477fb3a2a7b7771df81681449b8ac3db5d5fdce4578baf8eb1d4330697a8c7.ujoGkYIfe
2025-11-18 00:39 - 2025-11-24 06:57 - 000006174 _____ C:\Users\test\AppData\LocalLow\094f1b8916eccad37f41db6961cf49f92de192ec72174bfd7bcea2401efcb409.ujoGkYIfe
2025-11-18 00:39 - 2025-11-24 06:57 - 000000428 _____ C:\Users\test\AppData\LocalLow\3bd083430f0f165f38ea3461c2aa4c0528a19d1bb1a9da406fae9a491b5c6e98.ujoGkYIfe
2025-11-18 00:39 - 2025-11-23 05:29 - 000008410 ____N C:\Users\test\AppData\LocalLow\f546012b3d63556bc40173b688cc9e9df1c73f85b9b78063000b9797e2238860.ujoGkYIfe
2025-11-18 00:39 - 2025-11-23 05:29 - 000000328 ____N C:\Users\test\AppData\LocalLow\3a590f852a46e89bbe3ad71340c07669250724beae39d8a22fc7ed284da06ab1.ujoGkYIfe
2025-11-18 00:10 - 2025-11-23 05:29 - 000000000 ____D C:\Users\test\AppData\Roaming\com.adobe.dunamis
2025-11-18 00:10 - 2025-11-23 05:29 - 000000000 ____D C:\Users\test\AppData\LocalLow\Temp
2025-11-18 00:10 - 2025-11-23 05:29 - 000000000 ____D C:\Users\test\AppData\LocalLow\Adobe
2025-11-18 00:10 - 2025-11-23 05:29 - 000000000 ____D C:\Users\test\AppData\Local\SolidDocuments
2025-11-18 00:10 - 2025-11-23 05:29 - 000000000 ____D C:\Users\test\AppData\Local\Adobe
2025-11-18 00:10 - 2025-11-23 05:29 - 000000000 ____D C:\Users\test\.ms-ad
2025-11-18 00:03 - 2025-11-24 06:57 - 000039733 _____ C:\Users\test\AppData\LocalLow\cde4f7db03a52f0e3d59fe111b7b597d56ef2ee3cc2d9b07d0a1ed4f4d4e2603.ujoGkYIfe
2025-11-18 00:03 - 2025-11-24 06:57 - 000000428 _____ C:\Users\test\AppData\LocalLow\f6c9d564d03fa2621a5858a7e45e24568c0b164f1f673f688b3c56faccf925be.ujoGkYIfe
2025-11-17 23:58 - 2025-11-23 05:29 - 000006184 ____N C:\Users\test\AppData\LocalLow\7ea868fd86694840381937df7fbc1ff69ffe96adb2b6ecd7230ab88b6a65b9aa.ujoGkYIfe
2025-11-17 23:58 - 2025-11-23 05:29 - 000002560 ____N C:\Users\test\AppData\LocalLow\775ff28f803d8553714dced1809ef89654e4f79841198d0d54dc5da1f823d913.ujoGkYIfe
2025-11-17 23:58 - 2025-11-23 05:29 - 000000322 ____N C:\Users\test\AppData\LocalLow\c36753f5eb40323b64fb5cb12399ddba76e23464ff089e1a711edc95bbed87ab.ujoGkYIfe
2025-11-17 23:58 - 2025-11-23 05:29 - 000000000 ____D C:\Users\test\AppData\Roaming\CCleaner
2025-11-17 23:58 - 2025-11-23 05:29 - 000000000 ____D C:\Users\test\AppData\Local\VirtualStore
2025-11-17 23:58 - 2025-11-23 05:29 - 000000000 ____D C:\Users\test\AppData\Local\Google
2025-11-17 23:58 - 2025-11-23 05:29 - 000000000 ____D C:\Users\test\AppData\Local\Comms
2025-11-17 23:58 - 2025-11-17 23:58 - 000001821 _____ C:\Users\test\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\MaxxAudio Pro by Waves - Ovládání zvuku reproduktorů a mikrofonů a Nx 3D zvuk.lnk
2025-11-17 23:58 - 2025-11-17 23:58 - 000000020 ___SH C:\Users\test\ntuser.ini
2025-11-14 08:49 - 2025-11-14 08:49 - 000000000 ____D C:\ProgramData\Whesvc
2025-11-12 04:09 - 2025-11-12 04:09 - 000079894 _____ C:\WINDOWS\SysWOW64\ctac.json
2025-11-12 04:09 - 2025-11-12 04:09 - 000079894 _____ C:\WINDOWS\system32\ctac.json
2025-11-12 04:09 - 2025-11-12 04:09 - 000035082 _____ C:\WINDOWS\SysWOW64\IntegratedServicesRegionPolicySet.json
2025-11-12 04:09 - 2025-11-12 04:09 - 000035082 _____ C:\WINDOWS\system32\IntegratedServicesRegionPolicySet.json
2025-11-05 11:05 - 2025-11-05 11:05 - 000000026 _____ C:\Users\MilošHojda\AppData\LocalLow\58541f70ec885d83ebdee75bec159dc8a5d42aaf86b81fc785fc13381ca7d02e
2025-11-03 08:48 - 2025-11-03 08:48 - 000000000 ____D C:\Program Files\Common Files\DESIGNER
2025-10-31 22:58 - 2025-10-31 22:58 - 000000000 _____ C:\WINDOWS\invcol.tmp
2025-10-30 12:42 - 2025-10-30 12:42 - 000052743 _____ C:\Users\MilošHojda\Downloads\0000000010516772_20250930_X_032_000_D_C.pdf
==================== One month (modified) ==================
(If an entry is included in the fixlist, the file/folder will be moved.)
2025-11-25 08:32 - 2022-06-19 13:10 - 000000000 ____D C:\Users\MilošHojda\OneDrive - A.G.Service s.r.o\Plocha\RENČA
2025-11-25 08:32 - 2022-06-19 13:10 - 000000000 ____D C:\Users\MilošHojda\OneDrive - A.G.Service s.r.o\Plocha\Klub 1
2025-11-25 08:32 - 2022-06-19 13:09 - 000000000 ____D C:\Users\MilošHojda\OneDrive - A.G.Service s.r.o\Plocha\soubor souborů
2025-11-25 08:31 - 2025-03-06 12:56 - 001692324 _____ C:\WINDOWS\system32\PerfStringBackup.INI
2025-11-25 08:31 - 2024-04-01 08:26 - 000000000 ____D C:\ProgramData\regid.1991-06.com.microsoft
2025-11-25 08:31 - 2024-04-01 08:24 - 000000000 ____D C:\WINDOWS\INF
2025-11-25 08:29 - 2024-04-01 08:26 - 000000000 ____D C:\WINDOWS\SystemTemp
2025-11-25 08:28 - 2025-09-02 10:51 - 000000130 _____ C:\Users\MilošHojda\AppData\LocalLow\71a02a9e9e516e7aff4b3be52bc96e7899fdbcbb74391c3435f2976983a5fbe0
2025-11-25 08:26 - 2024-01-04 07:34 - 000000000 ____D C:\Users\MilošHojda\OneDrive - A.G.Service s.r.o\Plocha\A.G.2024
2025-11-25 08:26 - 2022-06-19 13:10 - 000000000 ____D C:\Users\MilošHojda\OneDrive - A.G.Service s.r.o\Plocha\PinnacleStudio22
2025-11-25 08:26 - 2022-06-19 13:09 - 000000000 ___RD C:\Users\MilošHojda\OneDrive - A.G.Service s.r.o
2025-11-25 08:25 - 2024-04-01 08:26 - 000000000 ____D C:\WINDOWS\AppReadiness
2025-11-25 08:25 - 2022-06-19 13:19 - 000000000 ____D C:\Users\MilošHojda\AppData\Local\SquirrelTemp
2025-11-25 08:25 - 2022-05-28 00:16 - 000000000 ____D C:\Program Files (x86)\Dell Digital Delivery Services
2025-11-25 08:24 - 2022-06-19 14:29 - 000000000 ____D C:\Users\MilošHojda\AppData\Local\CrashDumps
2025-11-25 08:23 - 2025-03-06 12:54 - 000000006 ____H C:\WINDOWS\Tasks\SA.DAT
2025-11-25 08:23 - 2025-03-06 12:52 - 000008176 _____ C:\WINDOWS\system32\5E37410B-D6F1-471D-AE27-563CEAC0D6B2
2025-11-25 08:23 - 2024-04-01 08:26 - 000000000 ____D C:\WINDOWS\ServiceState
2025-11-25 08:23 - 2024-04-01 08:21 - 000786432 _____ C:\WINDOWS\system32\config\BBI
2025-11-25 08:23 - 2022-06-20 07:19 - 000000104 _____ C:\WINDOWS\system32\config\netlogon.ftl
2025-11-25 08:23 - 2022-06-19 20:21 - 000000000 ____D C:\Program Files\TeamViewer
2025-11-25 08:23 - 2022-06-19 13:30 - 000000000 ____D C:\ProgramData\AVAST Software
2025-11-25 08:23 - 2022-05-28 00:13 - 000012288 ___SH C:\DumpStack.log.tmp
2025-11-24 12:56 - 2025-03-06 12:51 - 000000000 ____D C:\WINDOWS\system32\SleepStudy
2025-11-24 10:07 - 2025-03-06 23:00 - 000001623 _____ C:\WINDOWS\system32\config\VSMIDK
2025-11-24 10:07 - 2025-03-05 23:21 - 000000000 ____D C:\Users\MilošHojda
2025-11-24 10:04 - 2022-06-19 13:30 - 000000000 ____D C:\Program Files\AVAST Software
2025-11-24 10:04 - 2022-06-19 13:30 - 000000000 ____D C:\Program Files (x86)\AVAST Software
2025-11-24 10:03 - 2024-04-01 08:26 - 000000000 ___HD C:\WINDOWS\ELAMBKUP
2025-11-24 10:03 - 2022-06-19 14:48 - 000000000 ____D C:\Users\MilošHojda\AppData\Roaming\Microsoft\Excel
2025-11-24 07:18 - 2022-06-19 13:03 - 000000000 ____D C:\Users\MilošHojda\AppData\Local\D3DSCache
2025-11-24 06:59 - 2025-03-06 12:54 - 000003638 _____ C:\WINDOWS\system32\Tasks\MicrosoftEdgeUpdateTaskMachineUA
2025-11-24 06:59 - 2025-03-06 12:54 - 000003512 _____ C:\WINDOWS\system32\Tasks\MicrosoftEdgeUpdateTaskMachineCore
2025-11-24 06:57 - 2025-03-05 23:21 - 000000000 ____D C:\Users\test
2025-11-24 06:57 - 2022-05-28 00:13 - 000012533 _____ C:\DumpStack.log.ujoGkYIfe
2025-11-24 06:55 - 2024-04-01 08:26 - 000000000 ___HD C:\Program Files\WindowsApps
2025-11-24 06:55 - 2022-06-19 13:03 - 000000000 ____D C:\Users\MilošHojda\AppData\Local\Packages
2025-11-23 05:31 - 2025-06-19 08:58 - 000000000 ____D C:\Users\MilošHojda\iVMS-4200alarmPicture
2025-11-23 05:31 - 2025-06-19 08:58 - 000000000 ____D C:\SadpLog
2025-11-23 05:31 - 2025-04-09 21:29 - 000000000 ____D C:\inetpub
2025-11-23 05:31 - 2025-03-05 23:21 - 000000000 ____D C:\Users\dhojda
2025-11-23 05:31 - 2025-01-02 07:34 - 000000000 ___HD C:\$AV_ASW
2025-11-23 05:31 - 2024-07-25 07:40 - 000000000 ____D C:\Users\MilošHojda
2025-11-23 05:31 - 2024-07-08 10:37 - 000000000 ____D C:\Users\MilošHojda\.eWay-CRM
2025-11-23 05:31 - 2022-06-30 08:46 - 000000000 ____D C:\Users\MilošHojda\.ms-ad
2025-11-23 05:31 - 2022-06-20 07:20 - 000000000 ____D C:\Users\hojda
2025-11-23 05:31 - 2022-06-20 06:49 - 000000000 ____D C:\profwiz
2025-11-23 05:31 - 2022-06-19 14:55 - 000000000 ____D C:\LocalStorage
2025-11-23 05:31 - 2022-06-19 14:53 - 000000000 ____D C:\OEM_Snpashot
2025-11-23 05:31 - 2022-06-19 13:09 - 000000000 ___HD C:\OneDriveTemp
2025-11-23 05:31 - 2022-06-19 13:08 - 000000000 ___RD C:\Users\MilošHojda\OneDrive
2025-11-23 05:31 - 2022-05-28 01:06 - 000000000 ____D C:\e-logo
2025-11-23 05:31 - 2021-06-24 17:23 - 000000000 ____D C:\Dell
2025-11-23 05:30 - 2025-01-28 14:05 - 000001065 _____ C:\Users\MilošHojda\OneDrive - A.G.Service s.r.o\Plocha\BC31.tmp.txt
2025-11-23 05:30 - 2023-08-01 13:25 - 000001515 _____ C:\Users\MilošHojda\OneDrive - A.G.Service s.r.o\Plocha\Pohled_1_8_2023 banka.csv
2025-11-23 05:30 - 2023-04-20 05:56 - 000000301 _____ C:\Users\MilošHojda\OneDrive - A.G.Service s.r.o\Plocha\Zavlaha.url
2025-11-23 05:30 - 2022-06-19 13:10 - 000021929 _____ C:\Users\MilošHojda\OneDrive - A.G.Service s.r.o\Plocha\viewer.html
2025-11-23 05:30 - 2022-06-19 13:10 - 000001363 _____ C:\Users\MilošHojda\OneDrive - A.G.Service s.r.o\Plocha\Osobní kontakty utf.csv
2025-11-23 05:30 - 2022-06-19 13:10 - 000001290 _____ C:\Users\MilošHojda\OneDrive - A.G.Service s.r.o\Plocha\Osobní kontakty.csv
2025-11-23 05:30 - 2022-06-19 13:10 - 000000293 _____ C:\Users\MilošHojda\OneDrive - A.G.Service s.r.o\Plocha\Facebook.url
2025-11-23 05:30 - 2022-06-19 13:09 - 000231188 _____ C:\Users\MilošHojda\OneDrive - A.G.Service s.r.o\Plocha\Šablona pohledávky - Pohledavky_1.15.2.xls
2025-11-23 05:30 - 2022-06-19 13:09 - 000000473 _____ C:\Users\MilošHojda\OneDrive - A.G.Service s.r.o\Plocha\Kurzy devizového trhu - Česká národní banka.url
2025-11-23 05:30 - 2022-06-19 13:09 - 000000438 _____ C:\Users\MilošHojda\OneDrive - A.G.Service s.r.o\Plocha\Vybrané devizové kurzy - grafy - Česká národní banka.url
2025-11-23 05:30 - 2022-06-19 13:09 - 000000437 _____ C:\Users\MilošHojda\OneDrive - A.G.Service s.r.o\Plocha\Česká Spořitelna.url
2025-11-23 05:30 - 2022-06-19 13:09 - 000000410 _____ C:\Users\MilošHojda\OneDrive - A.G.Service s.r.o\Plocha\Počet vzorků ZOL Chotěšov - Tabulky Google.url
2025-11-23 05:30 - 2022-06-19 13:09 - 000000398 _____ C:\Users\MilošHojda\OneDrive - A.G.Service s.r.o\Plocha\MojeBanka Business.url
2025-11-23 05:30 - 2022-06-19 13:09 - 000000392 _____ C:\Users\MilošHojda\OneDrive - A.G.Service s.r.o\Plocha\MojeBanka.url
2025-11-23 05:30 - 2022-06-19 13:09 - 000000389 _____ C:\Users\MilošHojda\OneDrive - A.G.Service s.r.o\Plocha\Kalendář kde je vše.url
2025-11-23 05:30 - 2022-06-19 13:09 - 000000287 _____ C:\Users\MilošHojda\OneDrive - A.G.Service s.r.o\Plocha\FIO.url
2025-11-23 05:29 - 2024-09-09 08:13 - 312213782 ____N C:\Users\MilošHojda\eWay_hojda@agservice.cz_4b912fbc.mdf.ujoGkYIfe
2025-11-23 05:29 - 2024-07-08 10:39 - 050594070 ____N C:\Users\MilošHojda\eWay_hojda@agservice.cz_e43625d9.mdf.ujoGkYIfe
2025-11-23 05:29 - 2022-06-20 07:17 - 000000000 ____D C:\Users\test\AppData\Local\CEF
2025-11-23 05:29 - 2022-06-20 07:16 - 000000000 ____D C:\Users\test\AppData\Roaming\Teams
2025-11-23 05:29 - 2022-06-20 07:16 - 000000000 ____D C:\Users\test\AppData\Local\SquirrelTemp
2025-11-23 05:29 - 2022-06-20 07:16 - 000000000 ____D C:\Users\test\AppData\Local\Publishers
2025-11-23 05:29 - 2022-06-20 07:16 - 000000000 ____D C:\Users\test\AppData\Local\PlaceholderTileLogoFolder
2025-11-23 05:29 - 2022-06-20 07:15 - 000000000 ___RD C:\Users\test\OneDrive
2025-11-23 05:29 - 2022-06-20 07:15 - 000000000 ____D C:\Users\test\AppData\Roaming\Adobe
2025-11-23 05:29 - 2022-06-20 07:15 - 000000000 ____D C:\Users\test\AppData\Local\TeamViewer
2025-11-23 05:29 - 2022-06-20 07:15 - 000000000 ____D C:\Users\test\AppData\Local\Packages
2025-11-23 05:29 - 2022-06-20 07:15 - 000000000 ____D C:\Users\test\AppData\Local\D3DSCache
2025-11-23 05:29 - 2022-06-20 07:15 - 000000000 ____D C:\Users\test\AppData\Local\ConnectedDevicesPlatform
2025-11-23 05:29 - 2022-06-19 14:45 - 000000292 ____N C:\DebugTraceAP.log.ujoGkYIfe
2025-11-23 05:29 - 2022-05-28 01:12 - 000027083 ____N C:\dell.sdr.ujoGkYIfe
2025-11-23 05:29 - 2021-06-05 13:10 - 000000000 ____D C:\WINDOWS\system32\GroupPolicy
2025-11-23 05:28 - 2024-04-01 08:26 - 000000000 ____D C:\PerfLogs
2025-11-23 05:27 - 2022-06-20 07:16 - 000000000 ____D C:\Users\test\AppData\Roaming\Microsoft\Teams
2025-11-23 04:54 - 2022-05-28 00:16 - 000000000 ____D C:\Program Files\Microsoft Office
2025-11-22 14:01 - 2022-05-28 00:14 - 000002440 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Microsoft Edge.lnk
2025-11-21 14:00 - 2022-06-20 08:22 - 000000000 ____D C:\ProgramData\ActiveBackupforBusinessAgent
2025-11-21 12:15 - 2025-09-02 10:51 - 000444721 _____ C:\Users\MilošHojda\AppData\LocalLow\a5f184af9e240087951c9459f358e144a7c806b0c9a06b16dec1f43aa477f539
2025-11-21 09:21 - 2022-06-20 07:17 - 000000000 ____D C:\Program Files\Microsoft OneDrive
2025-11-21 00:34 - 2022-10-12 11:06 - 000002075 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Adobe Acrobat.lnk
2025-11-20 10:02 - 2022-06-19 13:15 - 000000000 ____D C:\Users\MilošHojda\AppData\Roaming\Microsoft\Word
2025-11-20 09:58 - 2022-06-20 07:21 - 000000000 ___RD C:\Users\dhojda\OneDrive
2025-11-20 09:58 - 2022-06-19 13:17 - 000000000 ___RD C:\Users\Default\OneDrive
2025-11-20 09:58 - 2022-05-28 00:23 - 000000000 ____D C:\ProgramData\Packages
2025-11-20 09:51 - 2022-09-08 10:43 - 000000000 ____D C:\Users\MilošHojda\AppData\Roaming\Microsoft\MMC
2025-11-20 09:50 - 2025-03-05 23:21 - 000000000 ____D C:\Users\MilošHojda\AppData\Roaming\Microsoft\Windows
2025-11-20 08:39 - 2025-08-28 07:16 - 001029415 _____ C:\Users\MilošHojda\AppData\LocalLow\10c5d7d1ac703d673f2a02f1c2d01e0068df7c08c578133d58942750dad38630
2025-11-20 00:49 - 2023-01-26 11:16 - 000002249 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Google Chrome.lnk
2025-11-18 14:16 - 2025-08-27 12:16 - 000000130 _____ C:\Users\MilošHojda\AppData\LocalLow\3bd083430f0f165f38ea3461c2aa4c0528a19d1bb1a9da406fae9a491b5c6e98
2025-11-18 10:24 - 2025-08-28 07:16 - 000000802 _____ C:\Users\MilošHojda\AppData\LocalLow\0436998ae5844b7230d4564912146afb61367e1cc3a47495d833f61fd4e25815
2025-11-18 09:37 - 2025-10-02 07:51 - 000090053 _____ C:\Users\MilošHojda\AppData\LocalLow\f4dcbcdf52e36e06b58c17b883d1e9b6ca12ba860f64d478fb85ca103fea2a3e
2025-11-18 09:10 - 2024-04-01 08:26 - 000000000 ___RD C:\Program Files\Windows Defender
2025-11-18 09:10 - 2022-05-28 00:14 - 000000000 ____D C:\WINDOWS\system32\Drivers\wd
2025-11-18 00:41 - 2024-04-01 08:21 - 000032768 _____ C:\WINDOWS\system32\config\ELAM
2025-11-18 00:40 - 2022-06-19 13:17 - 000918944 ____N (Microsoft Corporation) C:\WINDOWS\system32\MpSigStub.exe
2025-11-18 00:24 - 2022-06-20 07:16 - 000002361 _____ C:\Users\test\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Microsoft Teams.lnk
2025-11-17 23:58 - 2025-03-05 23:21 - 000000000 ____D C:\Users\test\AppData\Roaming\Microsoft\Windows
2025-11-17 23:58 - 2025-03-05 23:21 - 000000000 ____D C:\Users\test\AppData\Roaming\Microsoft\Spelling
2025-11-17 23:58 - 2022-05-28 00:28 - 000000000 __RHD C:\Users\Public\AccountPictures
2025-11-14 07:37 - 2025-10-17 07:36 - 000056128 _____ (Gen Digital Inc.) C:\WINDOWS\system32\icarus_rvrt.exe
2025-11-14 06:42 - 2025-10-16 07:17 - 000000130 _____ C:\Users\MilošHojda\AppData\LocalLow\c36753f5eb40323b64fb5cb12399ddba76e23464ff089e1a711edc95bbed87ab
2025-11-13 17:15 - 2025-08-26 13:23 - 000000130 _____ C:\Users\MilošHojda\AppData\LocalLow\6d2affc5d47f8632839c70ff2e861defc97e3bf88e75d57d010b11e41416e00f
2025-11-13 17:15 - 2025-08-25 09:59 - 000000130 _____ C:\Users\MilošHojda\AppData\LocalLow\f6c9d564d03fa2621a5858a7e45e24568c0b164f1f673f688b3c56faccf925be
2025-11-12 12:30 - 2025-03-06 12:51 - 000472584 _____ C:\WINDOWS\system32\FNTCACHE.DAT
2025-11-12 12:29 - 2025-07-08 21:29 - 000000000 ____D C:\WINDOWS\system32\ruxim
2025-11-12 12:29 - 2025-03-05 23:12 - 000000000 ____D C:\WINDOWS\SysWOW64\cs
2025-11-12 12:29 - 2025-03-05 23:12 - 000000000 ____D C:\WINDOWS\system32\cs
2025-11-12 12:29 - 2024-04-01 09:03 - 000000000 ____D C:\WINDOWS\system32\Microsoft-Edge-WebView
2025-11-12 12:29 - 2024-04-01 09:03 - 000000000 ____D C:\WINDOWS\InboxApps
2025-11-12 12:29 - 2024-04-01 09:03 - 000000000 ____D C:\Program Files\Windows Defender Advanced Threat Protection
2025-11-12 12:29 - 2024-04-01 08:26 - 000000000 ___RD C:\WINDOWS\ImmersiveControlPanel
2025-11-12 12:29 - 2024-04-01 08:26 - 000000000 ____D C:\WINDOWS\UUS
2025-11-12 12:29 - 2024-04-01 08:26 - 000000000 ____D C:\WINDOWS\SysWOW64\WinMetadata
2025-11-12 12:29 - 2024-04-01 08:26 - 000000000 ____D C:\WINDOWS\SysWOW64\setup
2025-11-12 12:29 - 2024-04-01 08:26 - 000000000 ____D C:\WINDOWS\SysWOW64\InstallShield
2025-11-12 12:29 - 2024-04-01 08:26 - 000000000 ____D C:\WINDOWS\SysWOW64\Dism
2025-11-12 12:29 - 2024-04-01 08:26 - 000000000 ____D C:\WINDOWS\SystemResources
2025-11-12 12:29 - 2024-04-01 08:26 - 000000000 ____D C:\WINDOWS\system32\WinMetadata
2025-11-12 12:29 - 2024-04-01 08:26 - 000000000 ____D C:\WINDOWS\system32\WinBioPlugIns
2025-11-12 12:29 - 2024-04-01 08:26 - 000000000 ____D C:\WINDOWS\system32\vi-VN
2025-11-12 12:29 - 2024-04-01 08:26 - 000000000 ____D C:\WINDOWS\system32\ur-PK
2025-11-12 12:29 - 2024-04-01 08:26 - 000000000 ____D C:\WINDOWS\system32\ug-CN
2025-11-12 12:29 - 2024-04-01 08:26 - 000000000 ____D C:\WINDOWS\system32\tt-RU
2025-11-12 12:29 - 2024-04-01 08:26 - 000000000 ____D C:\WINDOWS\system32\te-IN
2025-11-12 12:29 - 2024-04-01 08:26 - 000000000 ____D C:\WINDOWS\system32\ta-IN
2025-11-12 12:29 - 2024-04-01 08:26 - 000000000 ____D C:\WINDOWS\system32\sq-AL
2025-11-12 12:29 - 2024-04-01 08:26 - 000000000 ____D C:\WINDOWS\system32\ShellExperiences
2025-11-12 12:29 - 2024-04-01 08:26 - 000000000 ____D C:\WINDOWS\system32\setup
2025-11-12 12:29 - 2024-04-01 08:26 - 000000000 ____D C:\WINDOWS\system32\quz-PE
2025-11-12 12:29 - 2024-04-01 08:26 - 000000000 ____D C:\WINDOWS\system32\qps-plocm
2025-11-12 12:29 - 2024-04-01 08:26 - 000000000 ____D C:\WINDOWS\system32\qps-ploc
2025-11-12 12:29 - 2024-04-01 08:26 - 000000000 ____D C:\WINDOWS\system32\pa-IN
2025-11-12 12:29 - 2024-04-01 08:26 - 000000000 ____D C:\WINDOWS\system32\or-IN
2025-11-12 12:29 - 2024-04-01 08:26 - 000000000 ____D C:\WINDOWS\system32\oobe
2025-11-12 12:29 - 2024-04-01 08:26 - 000000000 ____D C:\WINDOWS\system32\nn-NO
2025-11-12 12:29 - 2024-04-01 08:26 - 000000000 ____D C:\WINDOWS\system32\ne-NP
2025-11-12 12:29 - 2024-04-01 08:26 - 000000000 ____D C:\WINDOWS\system32\mt-MT
2025-11-12 12:29 - 2024-04-01 08:26 - 000000000 ____D C:\WINDOWS\system32\mr-IN
2025-11-12 12:29 - 2024-04-01 08:26 - 000000000 ____D C:\WINDOWS\system32\ml-IN
2025-11-12 12:29 - 2024-04-01 08:26 - 000000000 ____D C:\WINDOWS\system32\mk-MK
2025-11-12 12:29 - 2024-04-01 08:26 - 000000000 ____D C:\WINDOWS\system32\mi-NZ
2025-11-12 12:29 - 2024-04-01 08:26 - 000000000 ____D C:\WINDOWS\system32\migwiz
2025-11-12 12:29 - 2024-04-01 08:26 - 000000000 ____D C:\WINDOWS\system32\lv-LV
2025-11-12 12:29 - 2024-04-01 08:26 - 000000000 ____D C:\WINDOWS\system32\lt-LT
2025-11-12 12:29 - 2024-04-01 08:26 - 000000000 ____D C:\WINDOWS\system32\lo-LA
2025-11-12 12:29 - 2024-04-01 08:26 - 000000000 ____D C:\WINDOWS\system32\lb-LU
2025-11-12 12:29 - 2024-04-01 08:26 - 000000000 ____D C:\WINDOWS\system32\kok-IN
2025-11-12 12:29 - 2024-04-01 08:26 - 000000000 ____D C:\WINDOWS\system32\kn-IN
2025-11-12 12:29 - 2024-04-01 08:26 - 000000000 ____D C:\WINDOWS\system32\km-KH
2025-11-12 12:29 - 2024-04-01 08:26 - 000000000 ____D C:\WINDOWS\system32\kk-KZ
2025-11-12 12:29 - 2024-04-01 08:26 - 000000000 ____D C:\WINDOWS\system32\ka-GE
2025-11-12 12:29 - 2024-04-01 08:26 - 000000000 ____D C:\WINDOWS\system32\is-IS
2025-11-12 12:29 - 2024-04-01 08:26 - 000000000 ____D C:\WINDOWS\system32\id-ID
2025-11-12 12:29 - 2024-04-01 08:26 - 000000000 ____D C:\WINDOWS\system32\hy-AM
2025-11-12 12:29 - 2024-04-01 08:26 - 000000000 ____D C:\WINDOWS\system32\hi-IN
2025-11-12 12:29 - 2024-04-01 08:26 - 000000000 ____D C:\WINDOWS\system32\gu-IN
2025-11-12 12:29 - 2024-04-01 08:26 - 000000000 ____D C:\WINDOWS\system32\gl-ES
2025-11-12 12:29 - 2024-04-01 08:26 - 000000000 ____D C:\WINDOWS\system32\gd-GB
2025-11-12 12:29 - 2024-04-01 08:26 - 000000000 ____D C:\WINDOWS\system32\ga-IE
2025-11-12 12:29 - 2024-04-01 08:26 - 000000000 ____D C:\WINDOWS\system32\fil-PH
2025-11-12 12:29 - 2024-04-01 08:26 - 000000000 ____D C:\WINDOWS\system32\fa-IR
2025-11-12 12:29 - 2024-04-01 08:26 - 000000000 ____D C:\WINDOWS\system32\eu-ES
2025-11-12 12:29 - 2024-04-01 08:26 - 000000000 ____D C:\WINDOWS\system32\et-EE
2025-11-12 12:29 - 2024-04-01 08:26 - 000000000 ____D C:\WINDOWS\system32\es-MX
2025-11-12 12:29 - 2024-04-01 08:26 - 000000000 ____D C:\WINDOWS\system32\Dism
2025-11-12 12:29 - 2024-04-01 08:26 - 000000000 ____D C:\WINDOWS\system32\DDFs
2025-11-12 12:29 - 2024-04-01 08:26 - 000000000 ____D C:\WINDOWS\system32\cy-GB
2025-11-12 12:29 - 2024-04-01 08:26 - 000000000 ____D C:\WINDOWS\system32\ca-ES
2025-11-12 12:29 - 2024-04-01 08:26 - 000000000 ____D C:\WINDOWS\system32\bn-IN
2025-11-12 12:29 - 2024-04-01 08:26 - 000000000 ____D C:\WINDOWS\system32\be-BY
2025-11-12 12:29 - 2024-04-01 08:26 - 000000000 ____D C:\WINDOWS\system32\as-IN
2025-11-12 12:29 - 2024-04-01 08:26 - 000000000 ____D C:\WINDOWS\system32\appraiser
2025-11-12 12:29 - 2024-04-01 08:26 - 000000000 ____D C:\WINDOWS\system32\am-ET
2025-11-12 12:29 - 2024-04-01 08:26 - 000000000 ____D C:\WINDOWS\system32\af-ZA
2025-11-12 12:29 - 2024-04-01 08:26 - 000000000 ____D C:\WINDOWS\ShellExperiences
2025-11-12 12:29 - 2024-04-01 08:26 - 000000000 ____D C:\WINDOWS\ShellComponents
2025-11-12 12:29 - 2024-04-01 08:26 - 000000000 ____D C:\WINDOWS\Provisioning
2025-11-12 12:29 - 2024-04-01 08:26 - 000000000 ____D C:\WINDOWS\PolicyDefinitions
2025-11-12 12:29 - 2024-04-01 08:26 - 000000000 ____D C:\WINDOWS\DiagTrack
2025-11-12 12:29 - 2024-04-01 08:26 - 000000000 ____D C:\WINDOWS\BrowserCore
2025-11-12 12:29 - 2024-04-01 08:26 - 000000000 ____D C:\WINDOWS\bcastdvr
2025-11-12 12:29 - 2024-04-01 08:26 - 000000000 ____D C:\Program Files\Common Files\System
2025-11-12 04:09 - 2025-03-06 12:52 - 003277824 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\PrintConfig.dll
2025-11-12 04:06 - 2022-06-19 13:15 - 000000000 ____D C:\WINDOWS\system32\MRT
2025-11-12 04:04 - 2022-06-19 13:15 - 215625816 ____C (Microsoft Corporation) C:\WINDOWS\system32\MRT.exe
2025-11-06 18:54 - 2022-06-19 13:10 - 000002446 _____ C:\Users\MilošHojda\OneDrive - A.G.Service s.r.o\Dokumenty\Default.rdp
==================== Files in the root of some directories ========
2022-06-20 07:16 - 2022-06-20 07:21 - 000893264 _____ (ForensiT Limited) C:\ProgramData\UserProfileMigrationService.exe
==================== SigCheck ============================
(There is no automatic fix for files that do not pass verification.)
==================== End of FRST.txt ========================
Additional scan result of Farbar Recovery Scan Tool (x64) Version: 20-11-2025
Ran by hojda (25-11-2025 08:33:08)
Running from C:\Users\MilošHojda\OneDrive - A.G.Service s.r.o\Plocha
Microsoft Windows 11 Pro Version 24H2 26100.7171 (X64) (2025-03-06 11:54:07)
Boot Mode: Normal
==========================================================
==================== Accounts: =============================
(If an entry is included in the fixlist, it will be removed.)
Administrator (S-1-5-21-3634511839-436998161-1618319399-500 - Administrator - Disabled)
DefaultAccount (S-1-5-21-3634511839-436998161-1618319399-503 - Limited - Disabled)
Guest (S-1-5-21-3634511839-436998161-1618319399-501 - Limited - Disabled)
test (S-1-5-21-3634511839-436998161-1618319399-1002 - Administrator - Enabled) => C:\Users\test
WDAGUtilityAccount (S-1-5-21-3634511839-436998161-1618319399-504 - Limited - Disabled)
ATTENTION: Domain
==================== Security Center ========================
(If an entry is included in the fixlist, it will be removed.)
AV: Windows Defender (Enabled - Up to date) {D68DDC3A-831F-4fae-9E44-DA132C1ACF46}
==================== Installed Programs ======================
(Only the adware programs with "Hidden" flag could be added to the fixlist to unhide them. The adware programs should be uninstalled manually.)
Adobe Acrobat (64-bit) (HKLM\...\{AC76BA86-1029-1033-7760-BC15014EA700}) (Version: 25.001.20937 - Adobe)
Adobe Refresh Manager (HKLM-x32\...\{AC76BA86-0804-1033-1959-018244601120}) (Version: 1.8.0 - Adobe Systems Incorporated) Hidden
Aplikácie Microsoft 365 pre podnikateľov - sk-sk (HKLM\...\O365BusinessRetail - sk-sk) (Version: 16.0.19328.20244 - Microsoft Corporation)
Aplikacje Microsoft 365 dla firm - pl-pl (HKLM\...\O365BusinessRetail - pl-pl) (Version: 16.0.19328.20244 - Microsoft Corporation)
AUTOPLAN 2014 RE4 (HKLM-x32\...\AUTOPLAN_is1) (Version: - KROB software s.r.o.)
Avast Business (HKLM\...\Avast Business) (Version: 25.4.2757 - Avast Software)
Avast Business Security (HKLM\...\Avast Antivirus) (Version: 25.9.2866 - Avast Software) Hidden
AVC_OCX (HKLM-x32\...\AVC_OCX) (Version: 1.2.1.2 - Avtech)
AVTECH Trident CMS Plus v4.0.0.2 (HKLM-x32\...\AVTECH Trident CMS Plus v4.0.0.2) (Version: 4.0.0.2 - AVTECH Corporation)
CCleaner 7 (HKLM\...\CCleaner 7) (Version: 7.1.1066.1276 - Piriform)
CryptoPlus CS v1.0e (HKLM-x32\...\CryptoPlus CS v1.0e) (Version: 2.0.14 - Monet+,a.s.)
CryptoPlus CS v1.0e x64 (HKLM\...\CryptoPlus CS v1.0e) (Version: 2.0.14 - Monet+,a.s.)
CryptoPlus KB v1.0 (HKLM-x32\...\CryptoPlus KB v1.0) (Version: 2.2.6 - Monet+,a.s.)
CryptoPlus KB v1.0 x64 (HKLM\...\CryptoPlus KB v1.0) (Version: 2.2.6 - Monet+,a.s.)
Dell Command | Update for Windows Universal (HKLM\...\{BBE36CE6-96D6-47C7-9A56-51C20C087914}) (Version: 4.5.0 - Dell Inc.)
Dell Digital Delivery Services (HKLM-x32\...\{87310396-FD49-4108-BBBB-28E1C3EA85E9}) (Version: 5.6.3.0 - Dell Inc.)
Dell SupportAssist (HKLM\...\{0307D6D7-56E0-408C-B8D9-D3C6AFEBDDB9}) (Version: 4.10.1.42635 - Dell Inc.)
Dell SupportAssist OS Recovery Plugin for Dell Update (HKLM\...\{6EBF5DC4-FA0B-4692-A954-E7470146943D}) (Version: 5.5.14.0 - Dell Inc.) Hidden
Dell SupportAssist OS Recovery Plugin for Dell Update (HKLM-x32\...\{d0ab664c-e704-4396-b9bc-ad1a7327731f}) (Version: 5.5.14.0 - Dell Inc.)
Dell SupportAssist Remediation (HKLM\...\{D3EFD276-F67A-45CD-B8A3-7CE38B2FF434}) (Version: 5.5.13.0 - Dell Inc.) Hidden
Dell SupportAssist Remediation (HKLM-x32\...\{c7ccf084-ab05-431c-8474-6b66df04f996}) (Version: 5.5.13.0 - Dell Inc.)
EpsonNet Print (HKLM\...\{96ED1D58-440C-4345-8FEE-C4781366C67F}) (Version: 3.1.4.0 - SEIKO EPSON Corporation)
eWay-CRM (64 bit) 9.1 (HKLM\...\{07747CB3-B1D6-407C-AF51-125E03796E48}) (Version: 9.1.0.177 - eWay System s.r.o.) Hidden
eWay-CRM 9.1 (HKLM-x32\...\{0b310998-ecf1-4989-8905-72cb4b69dc35}) (Version: 9.1.0.177 - eWay System s.r.o.)
Google Chrome (HKLM-x32\...\Google Chrome) (Version: 142.0.7444.176 - Google LLC)
Google Update Helper (HKLM-x32\...\{60EC980A-BDA2-4CB6-A427-B07A5498B4CA}) (Version: 1.3.34.13 - Google LLC) Hidden
iVMS-4200 (HKLM-x32\...\{CE2F96D0-63D2-4B9C-A8D6-0D1A60840BD8}) (Version: 3.12.1.5 - Hangzhou Hikvision Digital Technology Co., Ltd.)
iVMS-4200 Lite(v1.0.0.4) (HKLM-x32\...\{DB03E757-F619-463F-9370-28D16DB168C2}) (Version: 1.0.0.4 - hikvision)
KBSignatureModule (HKU\S-1-5-21-860714411-3476244459-1309197597-1143\...\KBPodpisovyModul) (Version: 0.9.0 - KB)
Microsoft .NET Host - 5.0.17 (x64) (HKLM\...\{E663ED1E-899C-40E8-91D0-8D37B95E3C69}) (Version: 40.68.31213 - Microsoft Corporation) Hidden
Microsoft .NET Host - 6.0.28 (x64) (HKLM\...\{CA84969C-64F9-4606-A998-E692A5DA9B9F}) (Version: 48.112.10439 - Microsoft Corporation) Hidden
Microsoft .NET Host - 7.0.5 (x64) (HKLM\...\{CE8DF750-A582-4D59-A610-478A752481B1}) (Version: 56.23.58437 - Microsoft Corporation) Hidden
Microsoft .NET Host - 8.0.11 (x64) (HKLM\...\{362B4D0D-8438-44DA-86B2-FEC44E000FCA}) (Version: 64.44.23191 - Microsoft Corporation) Hidden
Microsoft .NET Host FX Resolver - 5.0.17 (x64) (HKLM\...\{8BA25391-0BE6-443A-8EBF-86A29BAFC479}) (Version: 40.68.31213 - Microsoft Corporation) Hidden
Microsoft .NET Host FX Resolver - 6.0.20 (x64) (HKLM\...\{76FA02FF-603F-48BB-9E3F-17ED5DB861E8}) (Version: 48.83.63169 - Microsoft Corporation) Hidden
Microsoft .NET Host FX Resolver - 6.0.28 (x64) (HKLM\...\{7C4254A1-17EE-4840-B9D3-7CA9B34C75CD}) (Version: 48.112.10439 - Microsoft Corporation) Hidden
Microsoft .NET Host FX Resolver - 7.0.5 (x64) (HKLM\...\{B6F2958F-0F6F-4CCD-867F-80EC5C333B79}) (Version: 56.23.58437 - Microsoft Corporation) Hidden
Microsoft .NET Host FX Resolver - 8.0.11 (x64) (HKLM\...\{F59C11F0-D73F-452B-8D1D-8C33B82D8507}) (Version: 64.44.23191 - Microsoft Corporation) Hidden
Microsoft .NET Runtime - 5.0.17 (x64) (HKLM\...\{5A66E598-37BD-4C8A-A7CB-A71C32ABCD78}) (Version: 40.68.31213 - Microsoft Corporation) Hidden
Microsoft .NET Runtime - 5.0.17 (x64) (HKLM-x32\...\{a699b48e-5748-4980-ad92-0b61b1d9d718}) (Version: 5.0.17.31213 - Microsoft Corporation)
Microsoft .NET Runtime - 6.0.20 (x64) (HKLM\...\{6CE8AD8C-E6D5-4BF7-91C3-7F8106A5CD93}) (Version: 48.83.63169 - Microsoft Corporation) Hidden
Microsoft .NET Runtime - 6.0.20 (x64) (HKLM-x32\...\{403b0cfe-5969-462d-8eb2-aafde344360e}) (Version: 6.0.20.32620 - Microsoft Corporation)
Microsoft .NET Runtime - 6.0.28 (x64) (HKLM\...\{4BCC5DFD-5D10-4ACC-AAA9-8A1578A9F0C6}) (Version: 48.112.10439 - Microsoft Corporation) Hidden
Microsoft .NET Runtime - 7.0.5 (x64) (HKLM\...\{793FCD19-00AC-4804-B569-782DF3B24A39}) (Version: 56.23.58437 - Microsoft Corporation) Hidden
Microsoft .NET Runtime - 8.0.11 (x64) (HKLM\...\{9C80213E-9079-4561-8D57-1FDD0D62251F}) (Version: 64.44.23191 - Microsoft Corporation) Hidden
Microsoft 365 Apps for business - en-us (HKLM\...\O365BusinessRetail - en-us) (Version: 16.0.19328.20244 - Microsoft Corporation)
Microsoft 365 Apps pro firmy - cs-cz (HKLM\...\O365BusinessRetail - cs-cz) (Version: 16.0.19328.20244 - Microsoft Corporation)
Microsoft Access database engine 2010 (English) (HKLM\...\{90140000-00D1-0409-1000-0000000FF1CE}) (Version: 14.0.7015.1000 - Microsoft Corporation)
Microsoft Edge (HKLM-x32\...\Microsoft Edge) (Version: 142.0.3595.94 - Microsoft Corporation)
Microsoft Edge WebView2 Runtime (HKLM-x32\...\Microsoft EdgeWebView) (Version: 142.0.3595.94 - Microsoft Corporation) Hidden
Microsoft Office Access database engine 2007 (English) (HKLM-x32\...\{90120000-00D1-0409-0000-0000000FF1CE}) (Version: 12.0.6612.1000 - Microsoft Corporation)
Microsoft OLE DB Driver 19 for SQL Server (HKLM\...\{5CF74CA5-BB99-49AF-885C-CEF644E81183}) (Version: 19.1.0.0 - Microsoft Corporation)
Microsoft OneDrive (HKLM\...\OneDriveSetup.exe) (Version: 25.209.1026.0002 - Microsoft Corporation)
Microsoft OneNote - cs-cz (HKLM\...\OneNoteFreeRetail - cs-cz) (Version: 16.0.19328.20244 - Microsoft Corporation)
Microsoft OneNote - en-us (HKLM\...\OneNoteFreeRetail - en-us) (Version: 16.0.19328.20244 - Microsoft Corporation)
Microsoft OneNote - hu-hu (HKLM\...\OneNoteFreeRetail - hu-hu) (Version: 16.0.19328.20244 - Microsoft Corporation)
Microsoft OneNote - pl-pl (HKLM\...\OneNoteFreeRetail - pl-pl) (Version: 16.0.19328.20244 - Microsoft Corporation)
Microsoft OneNote - sk-sk (HKLM\...\OneNoteFreeRetail - sk-sk) (Version: 16.0.19328.20244 - Microsoft Corporation)
Microsoft SQL Server 2022 LocalDB (HKLM\...\{83A54FE1-423D-4DE8-BD80-85593BA94752}) (Version: 16.0.1000.6 - Microsoft Corporation)
Microsoft Teams (HKU\S-1-5-21-3634511839-436998161-1618319399-1002\...\Teams) (Version: 1.8.00.27654 - Microsoft Corporation)
Microsoft Teams Meeting Add-in for Microsoft Office (HKLM\...\{A7AB73A3-CB10-4AA5-9D38-6AEFFBDE4C91}) (Version: 1.25.24601 - Microsoft)
Microsoft Update Health Tools (HKLM\...\{C6FD611E-7EFE-488C-A0E0-974C09EF6473}) (Version: 5.72.0.0 - Microsoft Corporation)
Microsoft Visual C++ 2005 Redistributable (HKLM-x32\...\{7299052b-02a4-4627-81f2-1818da5d550d}) (Version: 8.0.56336 - Microsoft Corporation)
Microsoft Visual C++ 2005 Redistributable (x64) (HKLM\...\{071c9b48-7c32-4621-a0ac-3f809523288f}) (Version: 8.0.56336 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x64 9.0.30729 (HKLM\...\{56F27690-F6EA-3356-980A-02BA379506EE}) (Version: 9.0.30729 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.6161 (HKLM-x32\...\{9BE518E6-ECC6-35A9-88E4-87755C07200F}) (Version: 9.0.30729.6161 - Microsoft Corporation)
Microsoft Visual C++ 2010 x64 Redistributable - 10.0.40219 (HKLM\...\{1D8E6291-B0D5-35EC-8441-6616F567A0F7}) (Version: 10.0.40219 - Microsoft Corporation)
Microsoft Visual C++ 2010 x86 Redistributable - 10.0.40219 (HKLM-x32\...\{F0C3E5D1-1ADE-321E-8167-68EF0DE699A5}) (Version: 10.0.40219 - Microsoft Corporation)
Microsoft Visual C++ 2013 Redistributable (x64) - 12.0.30501 (HKLM-x32\...\{1b103cea-f037-4504-81de-956057b442c3}) (Version: 12.0.30501.0 - Microsoft Corporation)
Microsoft Visual C++ 2013 Redistributable (x86) - 12.0.30501 (HKLM-x32\...\{f65db027-aff3-4070-886a-0d87064aabb1}) (Version: 12.0.30501.0 - Microsoft Corporation)
Microsoft Visual C++ 2013 x64 Additional Runtime - 12.0.21005 (HKLM\...\{929FBD26-9020-399B-9A7A-751D61F0B942}) (Version: 12.0.21005 - Microsoft Corporation) Hidden
Microsoft Visual C++ 2013 x64 Minimum Runtime - 12.0.21005 (HKLM\...\{A749D8E6-B613-3BE3-8F5F-045C84EBA29B}) (Version: 12.0.21005 - Microsoft Corporation) Hidden
Microsoft Visual C++ 2013 x86 Additional Runtime - 12.0.21005 (HKLM-x32\...\{F8CFEB22-A2E7-3971-9EDA-4B11EDEFC185}) (Version: 12.0.21005 - Microsoft Corporation) Hidden
Microsoft Visual C++ 2013 x86 Minimum Runtime - 12.0.21005 (HKLM-x32\...\{13A4EE12-23EA-3371-91EE-EFB36DDFFF3E}) (Version: 12.0.21005 - Microsoft Corporation) Hidden
Microsoft Visual C++ 2015-2019 Redistributable (x64) - 14.28.29914 (HKLM-x32\...\{43d1ce82-6f55-4860-a938-20e5deb28b98}) (Version: 14.28.29914.0 - Microsoft Corporation)
Microsoft Visual C++ 2015-2019 Redistributable (x86) - 14.28.29914 (HKLM-x32\...\{1b5476d9-ab8e-4b0d-b004-059a1bd5568b}) (Version: 14.28.29914.0 - Microsoft Corporation)
Microsoft Visual C++ 2017 Redistributable (x64) - 14.16.27024 (HKLM-x32\...\{5fb2083a-f3cc-4b78-93ff-bd9788b5de01}) (Version: 14.16.27024.1 - Microsoft Corporation)
Microsoft Visual C++ 2017 Redistributable (x86) - 14.16.27024 (HKLM-x32\...\{2ff11a2a-f7ac-4a6c-8cd4-c7bb974f3642}) (Version: 14.16.27024.1 - Microsoft Corporation)
Microsoft Visual C++ 2019 X64 Additional Runtime - 14.28.29914 (HKLM\...\{5A23DBE2-A05C-4A9C-9C17-EA88BF5D7B43}) (Version: 14.28.29914 - Microsoft Corporation) Hidden
Microsoft Visual C++ 2019 X64 Minimum Runtime - 14.28.29914 (HKLM\...\{455DF12C-7D43-4EFF-AE2F-43C8AF2817A3}) (Version: 14.28.29914 - Microsoft Corporation) Hidden
Microsoft Visual C++ 2019 X86 Additional Runtime - 14.28.29914 (HKLM-x32\...\{BD8C6100-7C7D-48DD-93BA-69F6828213FE}) (Version: 14.28.29914 - Microsoft Corporation) Hidden
Microsoft Visual C++ 2019 X86 Minimum Runtime - 14.28.29914 (HKLM-x32\...\{42365A3A-622A-4EED-A727-FE192A794AFD}) (Version: 14.28.29914 - Microsoft Corporation) Hidden
Microsoft Visual Studio 2010 Tools for Office Runtime (x64) (HKLM\...\{FD9D64F4-CAF5-3D23-845A-B843C78CC1A5}) (Version: 10.0.60830 - Microsoft Corporation) Hidden
Microsoft Visual Studio 2010 Tools for Office Runtime (x64) (HKLM\...\Microsoft Visual Studio 2010 Tools for Office Runtime (x64)) (Version: 10.0.60825 - Microsoft Corporation)
Microsoft Windows Desktop Runtime - 6.0.28 (x64) (HKLM\...\{443A7BE8-E5BE-4514-BDAB-0A872E3E846B}) (Version: 48.112.10435 - Microsoft Corporation) Hidden
Microsoft Windows Desktop Runtime - 6.0.28 (x64) (HKLM-x32\...\{bd3c5800-9256-43b9-97a7-eb349fc38d78}) (Version: 6.0.28.33420 - Microsoft Corporation)
Microsoft Windows Desktop Runtime - 7.0.5 (x64) (HKLM\...\{109506AF-BF9E-43E1-87F3-3141B9C3F6BA}) (Version: 56.23.58485 - Microsoft Corporation) Hidden
Microsoft Windows Desktop Runtime - 7.0.5 (x64) (HKLM-x32\...\{c7984cd8-d837-4988-a30d-8da7822bc716}) (Version: 7.0.5.32327 - Microsoft Corporation)
Microsoft Windows Desktop Runtime - 8.0.11 (x64) (HKLM\...\{C0790AA0-0F40-4836-85B2-677B87625E63}) (Version: 64.44.23253 - Microsoft Corporation) Hidden
Microsoft Windows Desktop Runtime - 8.0.11 (x64) (HKLM-x32\...\{bd40e761-3e88-4202-9b53-26c6bed3d467}) (Version: 8.0.11.34221 - Microsoft Corporation)
Odinstalace tiskárny EPSON L6460 Series (HKLM\...\EPSON L6460 Series) (Version: - Seiko Epson Corporation)
Odinstalační program ovladače tiskárny Canon Generic Plus PCL6 (HKLM\...\Canon Generic Plus PCL6) (Version: 7, 6, 0, 0 - Canon Inc.)
Odinstalační program ovladače tiskárny Canon Generic Plus UFR II (HKLM\...\Canon Generic Plus UFR II) (Version: 7, 7, 0, 0 - Canon Inc.)
Office 16 Click-to-Run Extensibility Component (HKLM\...\{90160000-008C-0000-1000-0000000FF1CE}) (Version: 16.0.19328.20106 - Microsoft Corporation) Hidden
Office 16 Click-to-Run Licensing Component (HKLM\...\{90160000-007E-0000-1000-0000000FF1CE}) (Version: 16.0.19029.20208 - Microsoft Corporation) Hidden
Office 16 Click-to-Run Localization Component (HKLM\...\{90160000-008C-0415-1000-0000000FF1CE}) (Version: 16.0.19328.20106 - Microsoft Corporation) Hidden
PDP 2015.01 (HKLM-x32\...\Podnikový a domácí právník 2015_is1) (Version: - )
PDP 2023.01 (HKLM-x32\...\Podnikový a domácí právník 2023_is1) (Version: - )
Přímý kanál (HKLM-x32\...\{3D3E93EE-CA26-453A-8A76-A89535AA7833}) (Version: 29.0.00 - Komerční banka, a.s.)
STORMWARE POHODA E1 Klient CZ Premium (HKLM-x32\...\{3EAB0F71-69A6-4CF2-9D6B-91FB4B40A43B}) (Version: 13801.12 - STORMWARE)
STORMWARE POHODA E1 Klient CZ Premium (HKLM-x32\...\{9B025E82-A7E4-412B-8E49-41708AE0811C}) (Version: 13702.13 - STORMWARE)
STORMWARE POHODA E1 Klient CZ Premium (HKLM-x32\...\{B40C945C-5EAF-439B-A820-8930D5C3EE0D}) (Version: 14000.193 - STORMWARE)
STORMWARE POHODA E1 Klient CZ Premium (HKLM-x32\...\{C366160E-DAA6-4267-9757-A1F4747D512E}) (Version: 13500.176 - STORMWARE)
Synology Active Backup for Business Agent (HKLM-x32\...\{66057888-28A4-4D0D-A4B0-1EFDCB1B41F6}) (Version: 2.3.2153 - Synology)
Teams Machine-Wide Installer (HKLM-x32\...\{731F6BAA-A986-45A4-8936-7C3AAAAA760B}) (Version: 1.4.0.19572 - Microsoft Corporation)
TeamViewer (HKLM\...\TeamViewer) (Version: 15.71.4 - TeamViewer)
Üzleti Microsoft 365-alkalmazások - hu-hu (HKLM\...\O365BusinessRetail - hu-hu) (Version: 16.0.19328.20244 - Microsoft Corporation)
Packages:
=========
@{MicrosoftWindows.55182690.Taskbar_1000.26100.3775.0_x64__cw5n1h2txyewy?ms-resource://MicrosoftWindows.55182690.Taskbar/Resources/ProductPkgDisplayName} -> C:\WINDOWS\SystemApps\SxS\MicrosoftWindows.55182690.Taskbar_cw5n1h2txyewy [2025-06-11] ()
@{MicrosoftWindows.58683691.InpApp_1000.26100.6899.0_x64__cw5n1h2txyewy?ms-resource://MicrosoftWindows.58683691.InpApp/Resources/ProductPkgDisplayName} -> C:\WINDOWS\SystemApps\SxS\MicrosoftWindows.58683691.InpApp_cw5n1h2txyewy [2025-11-12] (Microsoft Windows)
Adobe Acrobat Reader -> C:\Program Files\Adobe\Acrobat DC\Acrobat\Assets [2025-11-20] ()
AppUp.IntelGraphicsExperience -> C:\Program Files\WindowsApps\AppUp.IntelGraphicsExperience_1.100.5688.0_x64__8j3eq9eme6ctt [2024-11-11] (INTEL CORP) [Startup Task]
Balíček prostředí funkcí systému Windows -> C:\WINDOWS\SystemApps\SxS\MicrosoftWindows.58683691.InpApp_cw5n1h2txyewy [2025-11-12] (Microsoft Windows)
Balíček prostředí funkcí systému Windows -> C:\WINDOWS\SystemApps\SxS\MicrosoftWindows.59379618.InpApp_cw5n1h2txyewy [2025-11-12] (Microsoft Windows)
Dell Command | Update -> C:\Program Files\WindowsApps\DellInc.DellCommandUpdate_4.5.36.0_x86__htrsf667h5kn2 [2022-06-20] (Dell Inc)
Dell Digital Delivery -> C:\Program Files\WindowsApps\DellInc.DellDigitalDelivery_5.6.3.0_x64__htrsf667h5kn2 [2025-09-04] (Dell Inc)
Dell SupportAssist -> C:\Program Files\WindowsApps\Dell.SupportAssistforPCs_4.10.3.0_x64__18ctm2993j0dg [2025-10-10] (Dell Inc)
eWay-CRM Online -> C:\Program Files\WindowsApps\server.agservice.cz-DF0561F0_1.0.0.0_neutral__1rsvfrzxn4jkg [2025-11-24] (server.agservice.cz)
Intel® Graphics Software -> C:\Program Files\WindowsApps\AppUp.IntelArcSoftware_25.40.1953.0_x64__8j3eq9eme6ctt [2025-11-20] (INTEL CORP)
Intel® Rapid Storage Technology Application -> C:\Program Files\WindowsApps\AppUp.IntelOptaneMemoryandStorageManagement_20.0.1021.0_x64__8j3eq9eme6ctt [2025-04-27] (INTEL CORP)
Microsoft 365 companion apps -> C:\Program Files\WindowsApps\Microsoft.M365Companions_2.2510.22000.0_x64__8wekyb3d8bbwe [2025-11-05] (Microsoft Corporation)
Microsoft.Office.ActionsServer -> C:\Program Files\Microsoft Office\root\vfs\ProgramFilesCommonx64\Microsoft Shared\Office16\ActionsServer [2025-11-24] ()
OfficePushNotificationsUtility -> C:\Program Files\Microsoft Office\root\vfs\ProgramFilesCommonx64\Microsoft Shared\Office16 [2025-11-24] ()
Translator -> C:\Program Files\WindowsApps\Microsoft.BingTranslator_5.6.0.0_x64__8wekyb3d8bbwe [2022-09-22] (Microsoft Corporation)
Waves MaxxAudio Pro for Dell 2022 -> C:\Program Files\WindowsApps\WavesAudio.MaxxAudioProforDell2022_5.0.59.0_x64__fh4rh281wavaa [2022-10-13] (Waves Audio)
WinAppRuntime.Main.1.5 -> C:\Program Files\WindowsApps\MicrosoftCorporationII.WinAppRuntime.Main.1.5_5001.373.1736.0_x64__8wekyb3d8bbwe [2025-01-15] (Microsoft Corp.)
WinAppRuntime.Singleton -> C:\Program Files\WindowsApps\MicrosoftCorporationII.WinAppRuntime.Singleton_8000.642.119.0_x64__8wekyb3d8bbwe [2025-10-17] (Microsoft Corp.)
==================== Custom CLSID (Whitelisted): ==============
(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)
CustomCLSID: HKU\S-1-5-21-860714411-3476244459-1309197597-1143_Classes\CLSID\{04271989-C4D2-F70F-01AC-9F326B8E17F6} -> [OneDrive - A.G.Service s.r.o] => C:\Users\MilošHojda\OneDrive - A.G.Service s.r.o [2022-06-19 13:09]
CustomCLSID: HKU\S-1-5-21-860714411-3476244459-1309197597-1143_Classes\CLSID\{13357088-9834-0409-1600-134951500000}\localserver32 -> C:\Program Files\Adobe\Acrobat DC\Acrobat\ADNotificationManager.exe (Adobe Inc. -> Adobe)
CustomCLSID: HKU\S-1-5-21-860714411-3476244459-1309197597-1143_Classes\CLSID\{38142727-3008-9161-1521-349515000000}\localserver32 -> C:\Program Files\Adobe\Acrobat DC\Acrobat\ADNotificationManager.exe (Adobe Inc. -> Adobe)
CustomCLSID: HKU\S-1-5-21-860714411-3476244459-1309197597-1143_Classes\CLSID\{6614FE97-812C-4B8B-AD6F-83D07279BF02}\InprocServer32 -> C:\Users\MilošHojda\AppData\Roaming\CSAS\lib\x64\PKIComponentAX.dll (Česká spořitelna a.s. -> Česká spořitelna, a.s.)
CustomCLSID: HKU\S-1-5-21-860714411-3476244459-1309197597-1143_Classes\CLSID\{8616ED07-7CEA-47D2-912D-79BF20C02290}\InprocServer32 -> C:\Users\MilošHojda\AppData\Roaming\CSAS\lib\x64\PKIComponentAX.dll (Česká spořitelna a.s. -> Česká spořitelna, a.s.)
CustomCLSID: HKU\S-1-5-21-860714411-3476244459-1309197597-1143_Classes\CLSID\{d1b22d3d-8585-53a6-acb3-0e803c7e8d2a}\localserver32 -> "C:\Users\MilošHojda\AppData\Local\Microsoft\Teams\current\Teams.exe" --toast => No File
CustomCLSID: HKU\S-1-5-21-860714411-3476244459-1309197597-1143_Classes\CLSID\{EABAE40C-B27C-455A-B672-F234DD780948}\InprocServer32 -> C:\Users\MilošHojda\AppData\Local\Microsoft\TeamsMeetingAdd-in\1.25.24601\x64\Microsoft.Teams.MeetingAddin.DLL (Microsoft Corporation -> Microsoft Corporation)
ShellIconOverlayIdentifiers: [ OneDrive1] -> {BBACC218-34EA-4666-9D7A-C78F2274A524} => C:\Program Files\Microsoft OneDrive\25.209.1026.0002\FileSyncShell64.dll [2025-11-20] (Microsoft Corporation -> Microsoft Corporation)
ShellIconOverlayIdentifiers: [ OneDrive2] -> {5AB7172C-9C11-405C-8DD5-AF20F3606282} => C:\Program Files\Microsoft OneDrive\25.209.1026.0002\FileSyncShell64.dll [2025-11-20] (Microsoft Corporation -> Microsoft Corporation)
ShellIconOverlayIdentifiers: [ OneDrive3] -> {A78ED123-AB77-406B-9962-2A5D9D2F7F30} => C:\Program Files\Microsoft OneDrive\25.209.1026.0002\FileSyncShell64.dll [2025-11-20] (Microsoft Corporation -> Microsoft Corporation)
ShellIconOverlayIdentifiers: [ OneDrive4] -> {F241C880-6982-4CE5-8CF7-7085BA96DA5A} => C:\Program Files\Microsoft OneDrive\25.209.1026.0002\FileSyncShell64.dll [2025-11-20] (Microsoft Corporation -> Microsoft Corporation)
ShellIconOverlayIdentifiers: [ OneDrive5] -> {A0396A93-DC06-4AEF-BEE9-95FFCCAEF20E} => C:\Program Files\Microsoft OneDrive\25.209.1026.0002\FileSyncShell64.dll [2025-11-20] (Microsoft Corporation -> Microsoft Corporation)
ShellIconOverlayIdentifiers: [ OneDrive6] -> {9AA2F32D-362A-42D9-9328-24A483E2CCC3} => C:\Program Files\Microsoft OneDrive\25.209.1026.0002\FileSyncShell64.dll [2025-11-20] (Microsoft Corporation -> Microsoft Corporation)
ShellIconOverlayIdentifiers: [ OneDrive7] -> {C5FF006E-2AE9-408C-B85B-2DFDD5449D9C} => C:\Program Files\Microsoft OneDrive\25.209.1026.0002\FileSyncShell64.dll [2025-11-20] (Microsoft Corporation -> Microsoft Corporation)
ShellIconOverlayIdentifiers: [00asw] -> {472083B0-C522-11CF-8763-00608CC02F24} => C:\Program Files\Avast Software\Avast\ashShell.dll [2025-11-24] (Gen Digital Inc. -> Gen Digital Inc.)
ShellIconOverlayIdentifiers-x32: [ OneDrive1] -> {BBACC218-34EA-4666-9D7A-C78F2274A524} => C:\Program Files\Microsoft OneDrive\25.209.1026.0002\FileSyncShell64.dll [2025-11-20] (Microsoft Corporation -> Microsoft Corporation)
ShellIconOverlayIdentifiers-x32: [ OneDrive2] -> {5AB7172C-9C11-405C-8DD5-AF20F3606282} => C:\Program Files\Microsoft OneDrive\25.209.1026.0002\FileSyncShell64.dll [2025-11-20] (Microsoft Corporation -> Microsoft Corporation)
ShellIconOverlayIdentifiers-x32: [ OneDrive3] -> {A78ED123-AB77-406B-9962-2A5D9D2F7F30} => C:\Program Files\Microsoft OneDrive\25.209.1026.0002\FileSyncShell64.dll [2025-11-20] (Microsoft Corporation -> Microsoft Corporation)
ShellIconOverlayIdentifiers-x32: [ OneDrive4] -> {F241C880-6982-4CE5-8CF7-7085BA96DA5A} => C:\Program Files\Microsoft OneDrive\25.209.1026.0002\FileSyncShell64.dll [2025-11-20] (Microsoft Corporation -> Microsoft Corporation)
ShellIconOverlayIdentifiers-x32: [ OneDrive5] -> {A0396A93-DC06-4AEF-BEE9-95FFCCAEF20E} => C:\Program Files\Microsoft OneDrive\25.209.1026.0002\FileSyncShell64.dll [2025-11-20] (Microsoft Corporation -> Microsoft Corporation)
ShellIconOverlayIdentifiers-x32: [ OneDrive6] -> {9AA2F32D-362A-42D9-9328-24A483E2CCC3} => C:\Program Files\Microsoft OneDrive\25.209.1026.0002\FileSyncShell64.dll [2025-11-20] (Microsoft Corporation -> Microsoft Corporation)
ShellIconOverlayIdentifiers-x32: [ OneDrive7] -> {C5FF006E-2AE9-408C-B85B-2DFDD5449D9C} => C:\Program Files\Microsoft OneDrive\25.209.1026.0002\FileSyncShell64.dll [2025-11-20] (Microsoft Corporation -> Microsoft Corporation)
ShellIconOverlayIdentifiers-x32: [00asw] -> {472083B0-C522-11CF-8763-00608CC02F24} => C:\Program Files\Avast Software\Avast\ashShell.dll [2025-11-24] (Gen Digital Inc. -> Gen Digital Inc.)
ContextMenuHandlers1: [ FileSyncEx] -> {CB3D0F55-BC2C-4C1A-85ED-23ED75B5106B} => C:\Program Files\Microsoft OneDrive\25.209.1026.0002\FileSyncShell64.dll [2025-11-20] (Microsoft Corporation -> Microsoft Corporation)
ContextMenuHandlers1: [Adobe.Acrobat.ContextMenu] -> {A6595CD1-BF77-430A-A452-18696685F7C7} => C:\Program Files\Adobe\Acrobat DC\Acrobat Elements\ContextMenuShim64.dll [2025-09-08] (Adobe Inc. -> Adobe Systems Inc.)
ContextMenuHandlers1: [avast] -> {472083B0-C522-11CF-8763-00608CC02F24} => C:\Program Files\Avast Software\Avast\ashShell.dll [2025-11-24] (Gen Digital Inc. -> Gen Digital Inc.)
ContextMenuHandlers3: [00asw] -> {472083B0-C522-11CF-8763-00608CC02F24} => C:\Program Files\Avast Software\Avast\ashShell.dll [2025-11-24] (Gen Digital Inc. -> Gen Digital Inc.)
ContextMenuHandlers4: [ FileSyncEx] -> {CB3D0F55-BC2C-4C1A-85ED-23ED75B5106B} => C:\Program Files\Microsoft OneDrive\25.209.1026.0002\FileSyncShell64.dll [2025-11-20] (Microsoft Corporation -> Microsoft Corporation)
ContextMenuHandlers5: [ FileSyncEx] -> {CB3D0F55-BC2C-4C1A-85ED-23ED75B5106B} => C:\Program Files\Microsoft OneDrive\25.209.1026.0002\FileSyncShell64.dll [2025-11-20] (Microsoft Corporation -> Microsoft Corporation)
ContextMenuHandlers6: [avast] -> {472083B0-C522-11CF-8763-00608CC02F24} => C:\Program Files\Avast Software\Avast\ashShell.dll [2025-11-24] (Gen Digital Inc. -> Gen Digital Inc.)
==================== Codecs (Whitelisted) ====================
(If an entry is included in the fixlist, the registry item will be restored to default or removed. The file will not be moved.)
HKLM\...\Drivers32: [MidisrvTransferComplete] => 0
==================== Shortcuts & WMI ========================
==================== Loaded Modules (Whitelisted) =============
2025-10-15 13:31 - 2025-10-15 13:31 - 008286208 _____ (eWay System s.r.o.) [File not signed] C:\WINDOWS\assembly\NativeImages_v4.0.30319_64\eWay.Shared\d6c7d3ae8035aa8f5003534f46316117\eWay.Shared.ni.dll
2018-03-08 06:18 - 2018-03-08 06:18 - 000015360 _____ (NHibernate community) [File not signed] C:\Program Files\Dell\SupportAssistAgent\bin\Iesi.Collections.dll
2018-02-06 16:25 - 2018-02-06 16:25 - 000176640 _____ (rubicon IT GmbH) [File not signed] C:\Program Files\Dell\SupportAssistAgent\bin\Remotion.Linq.dll
2018-03-23 11:10 - 2018-03-23 11:10 - 000028160 _____ (rubicon IT GmbH) [File not signed] C:\Program Files\Dell\SupportAssistAgent\bin\Remotion.Linq.EagerFetching.dll
2016-09-14 13:31 - 2016-09-14 13:31 - 000500736 ____S (SEIKO EPSON CORPORATION) [File not signed] C:\WINDOWS\System32\enppmon.dll
2025-10-15 13:32 - 2025-10-15 13:32 - 000915968 _____ (The Apache Software Foundation) [File not signed] C:\WINDOWS\assembly\NativeImages_v4.0.30319_64\log4net\a93e608b23485e625dc6e6726df599fa\log4net.ni.dll
2016-12-18 07:55 - 2016-12-18 07:55 - 000097280 _____ (Tunnel Vision Laboratories, LLC) [File not signed] C:\Program Files\Dell\SupportAssistAgent\bin\Antlr3.Runtime.dll
==================== Alternate Data Streams (Whitelisted) ========
==================== Safe Mode (Whitelisted) ==================
(If an entry is included in the fixlist, it will be removed from the registry. The "AlternateShell" will be restored.)
HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\aswSP.sys => ""="Driver"
HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Network\aswSP.sys => ""="Driver"
HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Network\ClientManager => ""="Service"
==================== Association (Whitelisted) =================
==================== Internet Explorer (Whitelisted) =============
BHO: Skype for Business Browser Helper -> {31D09BA0-12F5-4CCE-BE8A-2923E76605DA} -> C:\Program Files\Microsoft Office\root\Office16\OCHelper.dll [2025-11-03] (Microsoft Corporation -> Microsoft Corporation)
BHO-x32: Skype for Business Browser Helper -> {31D09BA0-12F5-4CCE-BE8A-2923E76605DA} -> C:\Program Files\Microsoft Office\root\VFS\ProgramFilesX86\Microsoft Office\Office16\OCHelper.dll [2025-11-03] (Microsoft Corporation -> Microsoft Corporation)
Handler: mso-minsb-roaming.16 - {83C25742-A9F7-49FB-9138-434302C88D07} - C:\Program Files\Microsoft Office\root\Office16\MSOSB.DLL [2025-11-03] (Microsoft Corporation -> Microsoft Corporation)
Handler-x32: mso-minsb-roaming.16 - {83C25742-A9F7-49FB-9138-434302C88D07} - C:\Program Files\Microsoft Office\root\VFS\ProgramFilesX86\Microsoft Office\Office16\MSOSB.DLL [2025-11-03] (Microsoft Corporation -> Microsoft Corporation)
Handler: mso-minsb.16 - {42089D2D-912D-4018-9087-2B87803E93FB} - C:\Program Files\Microsoft Office\root\Office16\MSOSB.DLL [2025-11-03] (Microsoft Corporation -> Microsoft Corporation)
Handler-x32: mso-minsb.16 - {42089D2D-912D-4018-9087-2B87803E93FB} - C:\Program Files\Microsoft Office\root\VFS\ProgramFilesX86\Microsoft Office\Office16\MSOSB.DLL [2025-11-03] (Microsoft Corporation -> Microsoft Corporation)
Handler: osf-roaming.16 - {42089D2D-912D-4018-9087-2B87803E93FB} - C:\Program Files\Microsoft Office\root\Office16\MSOSB.DLL [2025-11-03] (Microsoft Corporation -> Microsoft Corporation)
Handler-x32: osf-roaming.16 - {42089D2D-912D-4018-9087-2B87803E93FB} - C:\Program Files\Microsoft Office\root\VFS\ProgramFilesX86\Microsoft Office\Office16\MSOSB.DLL [2025-11-03] (Microsoft Corporation -> Microsoft Corporation)
Handler: osf.16 - {5504BE45-A83B-4808-900A-3A5C36E7F77A} - C:\Program Files\Microsoft Office\root\Office16\MSOSB.DLL [2025-11-03] (Microsoft Corporation -> Microsoft Corporation)
Handler-x32: osf.16 - {5504BE45-A83B-4808-900A-3A5C36E7F77A} - C:\Program Files\Microsoft Office\root\VFS\ProgramFilesX86\Microsoft Office\Office16\MSOSB.DLL [2025-11-03] (Microsoft Corporation -> Microsoft Corporation)
(If an entry is included in the fixlist, it will be removed from the registry.)
IE trusted site: HKU\S-1-5-21-860714411-3476244459-1309197597-1143\...\business24.cz -> hxxps://www.business24.cz
IE trusted site: HKU\S-1-5-21-860714411-3476244459-1309197597-1143\...\csas.cz -> hxxps://bezpecnost.csas.cz
IE trusted site: HKU\S-1-5-21-860714411-3476244459-1309197597-1143\...\mojebanka.cz -> hxxps://etrading.mojebanka.cz
IE trusted site: HKU\S-1-5-21-860714411-3476244459-1309197597-1143\...\mojeplatba.cz -> hxxps://www.mojeplatba.cz
IE trusted site: HKU\S-1-5-21-860714411-3476244459-1309197597-1143\...\servis24.cz -> hxxps://www.servis24.cz
IE trusted site: HKU\S-1-5-21-860714411-3476244459-1309197597-1143\...\sharepoint.com -> hxxps://agservice1-files.sharepoint.com
==================== Hosts content: =========================
(If needed Hosts: directive could be included in the fixlist to reset Hosts.)
2021-06-05 13:08 - 2021-06-05 13:08 - 000000824 _____ C:\WINDOWS\system32\drivers\etc\hosts
==================== Network ===========================
(Currently there is no automatic fix for this section.)
DNS Servers: 192.168.2.48 - 8.8.8.8
Windows Firewall is disabled.
Network Binding:
=============
Ethernet: Realtek PCIe GbE Family Controller -> rt640x64.sys
==================== Other Areas ===========================
(Currently there is no automatic fix for this section.)
HKU\S-1-5-21-3634511839-436998161-1618319399-1002\Control Panel\Desktop\\Wallpaper -> C:\Users\test\AppData\Local\Packages\MicrosoftWindows.Client.CBS_cw5n1h2txyewy\LocalCache\Microsoft\IrisService\7927311841280708493\134081041124363845.jpg
HKU\S-1-5-21-860714411-3476244459-1309197597-1143\Control Panel\Desktop\\Wallpaper -> C:\Users\MilošHojda\OneDrive - A.G.Service s.r.o\Obrázky\Vietnam foto 2024 _031.jpg
HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Policies\System => (ConsentPromptBehaviorAdmin: 0) (ConsentPromptBehaviorUser: 3) (EnableLUA: 1)
HKLM\SOFTWARE\Microsoft\Windows Defender\Features => (TamperProtection: 4) (TamperProtectionSource: 2)
HKLM\SOFTWARE\Microsoft\Windows Defender\Real-Time Protection => (DpaDisabled: 0)
HKLM\SOFTWARE\Microsoft\Windows Defender\Exclusions\Paths|C:\
==================== MSCONFIG/TASK MANAGER disabled items ==
(If an entry is included in the fixlist, it will be removed.)
HKLM\...\StartupApproved\Run: => "SecurityHealth"
==================== FirewallRules (Whitelisted) ================
(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)
FirewallRules: [{D9209671-0C09-49DF-A59F-971F3FF9B5C4}] => (Allow) C:\Program Files\WindowsApps\MicrosoftTeams_24334.1103.3302.5694_x64__8wekyb3d8bbwe\msteams.exe (Microsoft Corporation -> Microsoft Corporation)
FirewallRules: [{AD4D49B3-21E0-4816-91C7-3F81763BD808}] => (Allow) C:\Program Files\WindowsApps\MicrosoftTeams_24334.1103.3302.5694_x64__8wekyb3d8bbwe\msteams.exe (Microsoft Corporation -> Microsoft Corporation)
FirewallRules: [{E65856E9-B1D3-477B-A8FE-1757EE07CFA2}] => (Allow) C:\Program Files (x86)\AVAST Software\Business Agent\ClientManager.exe => No File
FirewallRules: [{16E980BF-A0BE-47CF-B80C-443EB700D04B}] => (Allow) C:\Program Files (x86)\AVAST Software\Business Agent\ClientManager.exe => No File
FirewallRules: [{1408B88B-3536-4EEB-99D2-86D78F6CEC16}] => (Allow) C:\Windows\Microsoft.NET\Framework\V3.5\AddInProcess32.exe (Microsoft Corporation -> Microsoft Corporation)
FirewallRules: [{2F014909-39CF-4734-9F99-E6EFDFAE7FD0}] => (Allow) C:\Windows\Microsoft.NET\Framework\V3.5\AddInProcess.exe (Microsoft Corporation -> Microsoft Corporation)
FirewallRules: [{E9F859E8-50C3-4F41-B6FD-8E0FEF411784}] => (Allow) C:\ProgramData\AVTECHCMSLite\VMS\CMS.exe (AVTECH Corporation) [File not signed]
FirewallRules: [{6EC38EC0-EA54-44AB-90A6-C95BDA5A4DF8}] => (Allow) C:\ProgramData\AVTECHCMSLite\VMS\AdvAllinOnePlayback.exe => No File
FirewallRules: [{69507663-8376-453A-AAFA-874B30601659}] => (Allow) C:\ProgramData\AVTECHCMSLite\VMS\AdvFullPlayback.exe (AVTECH Corporation) [File not signed]
FirewallRules: [{AFDE6DB5-1E56-491D-BA86-002D32B5FCC5}] => (Allow) C:\ProgramData\AVTECHCMSLite\VMS\AdvLocalPlayback.exe (AVTECH Corporation) [File not signed]
FirewallRules: [{C88A1D2F-C601-4D48-8250-33C8BFBFFBC7}] => (Allow) C:\ProgramData\AVTECHCMSLite\VMS\QRecord_sd.exe () [File not signed]
FirewallRules: [{EDAC0B46-5D99-41C6-8255-742CF8D8D0AB}] => (Allow) C:\ProgramData\AVTECHCMSLite\VMS\CMSRecordT.exe () [File not signed]
FirewallRules: [{971DFB96-82F5-4B43-B66D-018E200AB1B4}] => (Allow) C:\Program Files\TeamViewer\TeamViewer.exe (TeamViewer Germany GmbH -> TeamViewer Germany GmbH)
FirewallRules: [{D246ECF5-D9D0-41B1-8826-1581D21DFC22}] => (Allow) C:\Program Files\TeamViewer\TeamViewer.exe (TeamViewer Germany GmbH -> TeamViewer Germany GmbH)
FirewallRules: [{3DA679C3-E8F0-4E0B-90F0-01A18D44E9B8}] => (Allow) C:\Program Files\TeamViewer\TeamViewer_Service.exe (TeamViewer Germany GmbH -> TeamViewer Germany GmbH)
FirewallRules: [{8E832AE2-5E67-4125-8740-5FD2E28045BA}] => (Allow) C:\Program Files\TeamViewer\TeamViewer_Service.exe (TeamViewer Germany GmbH -> TeamViewer Germany GmbH)
FirewallRules: [{9068FBAA-B5BA-4B40-8090-39030D9BB053}] => (Allow) C:\Program Files\Canon\DIAS\CnxDIAS.exe (CANON INC. -> CANON INC.)
FirewallRules: [{C0780DF3-14EC-4D8C-B4F2-8AFEEDA3CF98}] => (Allow) C:\Program Files\Microsoft Office\root\Office16\Lync.exe (Microsoft Corporation -> Microsoft Corporation)
FirewallRules: [{DE5313D6-9C92-4739-9997-A60AEE770EBE}] => (Allow) C:\Program Files\Microsoft Office\root\Office16\UcMapi.exe (Microsoft Corporation -> Microsoft Corporation)
FirewallRules: [{7689B9B5-8BD3-4787-97E2-DBCEDF20862C}] => (Allow) C:\Program Files\Microsoft Office\root\Office16\Lync.exe (Microsoft Corporation -> Microsoft Corporation)
FirewallRules: [{721D48D9-AC18-4CE8-AA21-122820D61374}] => (Allow) C:\Program Files\Microsoft Office\root\Office16\UcMapi.exe (Microsoft Corporation -> Microsoft Corporation)
FirewallRules: [{F51531A9-7517-40F7-A9CF-318F2A5CE3D6}] => (Allow) C:\Program Files\Microsoft Office\root\Office16\outlook.exe (Microsoft Corporation -> Microsoft Corporation)
FirewallRules: [{6B77D724-6627-44FC-A657-3BFF814C6851}] => (Allow) C:\Program Files\TeamViewer\TeamViewer.exe (TeamViewer Germany GmbH -> TeamViewer Germany GmbH)
FirewallRules: [{DDA6B533-AE9A-474D-8C34-98C68FD07B56}] => (Allow) C:\Program Files\TeamViewer\TeamViewer.exe (TeamViewer Germany GmbH -> TeamViewer Germany GmbH)
FirewallRules: [{563DE955-B8F9-4B26-8084-EFDBD092ACAC}] => (Allow) C:\Program Files\TeamViewer\TeamViewer_Service.exe (TeamViewer Germany GmbH -> TeamViewer Germany GmbH)
FirewallRules: [{3F9BA06A-F986-455F-B33A-BB4C3CF1764E}] => (Allow) C:\Program Files\TeamViewer\TeamViewer_Service.exe (TeamViewer Germany GmbH -> TeamViewer Germany GmbH)
FirewallRules: [{B8612813-7304-4407-95AB-FC4D7C6E0CB0}] => (Allow) C:\Program Files\WindowsApps\MSTeams_25290.205.4069.4894_x64__8wekyb3d8bbwe\ms-teams_modulehost.exe (Microsoft Corporation -> Microsoft Corporation)
FirewallRules: [{8219CA09-EED9-4570-8446-CB4A087B1A2A}] => (Allow) C:\Program Files\WindowsApps\MSTeams_25290.205.4069.4894_x64__8wekyb3d8bbwe\ms-teams_modulehost.exe (Microsoft Corporation -> Microsoft Corporation)
FirewallRules: [{86D072C3-567E-42F7-8718-40350C656C30}] => (Allow) C:\Program Files\WindowsApps\MSTeams_25290.205.4069.4894_x64__8wekyb3d8bbwe\ms-teams_modulehost.exe (Microsoft Corporation -> Microsoft Corporation)
FirewallRules: [{2D4EF3BD-78F7-40FF-8AA6-6E3788745002}] => (Allow) C:\Program Files\WindowsApps\MSTeams_25290.205.4069.4894_x64__8wekyb3d8bbwe\ms-teams_modulehost.exe (Microsoft Corporation -> Microsoft Corporation)
FirewallRules: [TCP Query User{190C4A47-864F-435B-B4A1-D29F0BC11C69}\\agserver22\pohoda\stwph.exe] => (Allow) \\agserver22\pohoda\stwph.exe => No File
FirewallRules: [UDP Query User{37D92B32-7F33-47FC-93AB-0F9FB556181D}\\agserver22\pohoda\stwph.exe] => (Allow) \\agserver22\pohoda\stwph.exe => No File
FirewallRules: [{7359F84D-8536-4266-8ACA-C458B0426E0A}] => (Allow) C:\Program Files\Google\Chrome\Application\chrome.exe (Google LLC -> Google LLC)
FirewallRules: [{0AE9A3EE-35AE-438B-B435-DB1734D3AC64}] => (Allow) C:\Program Files\WindowsApps\SpotifyAB.SpotifyMusic_1.277.358.0_x64__zpdnekdrzrea0\Spotify.exe (453637B3-4E12-4CDF-B0D3-2A3C863BF6EF -> Spotify Ltd)
FirewallRules: [{9BBF52CB-6266-4DD5-BE67-CBFA33314835}] => (Allow) C:\Program Files\WindowsApps\SpotifyAB.SpotifyMusic_1.277.358.0_x64__zpdnekdrzrea0\Spotify.exe (453637B3-4E12-4CDF-B0D3-2A3C863BF6EF -> Spotify Ltd)
FirewallRules: [{47FBB27A-BC30-4B5F-8C11-608B3B7E9E60}] => (Allow) C:\Program Files\WindowsApps\SpotifyAB.SpotifyMusic_1.277.358.0_x64__zpdnekdrzrea0\Spotify.exe (453637B3-4E12-4CDF-B0D3-2A3C863BF6EF -> Spotify Ltd)
FirewallRules: [{F4C0C314-7135-4AA0-BF66-4267BBB6A0FC}] => (Allow) C:\Program Files\WindowsApps\SpotifyAB.SpotifyMusic_1.277.358.0_x64__zpdnekdrzrea0\Spotify.exe (453637B3-4E12-4CDF-B0D3-2A3C863BF6EF -> Spotify Ltd)
FirewallRules: [{88BCA0FF-6B50-4EA4-BA0E-121D3A94E2DF}] => (Allow) C:\Program Files\WindowsApps\SpotifyAB.SpotifyMusic_1.277.358.0_x64__zpdnekdrzrea0\Spotify.exe (453637B3-4E12-4CDF-B0D3-2A3C863BF6EF -> Spotify Ltd)
FirewallRules: [{DC58B4EE-1A10-4347-95E9-69F194A69AD7}] => (Allow) C:\Program Files\WindowsApps\SpotifyAB.SpotifyMusic_1.277.358.0_x64__zpdnekdrzrea0\Spotify.exe (453637B3-4E12-4CDF-B0D3-2A3C863BF6EF -> Spotify Ltd)
FirewallRules: [{ACDB264A-C278-40CE-A9C9-3AB00CA4E53D}] => (Allow) C:\Program Files\WindowsApps\SpotifyAB.SpotifyMusic_1.277.358.0_x64__zpdnekdrzrea0\Spotify.exe (453637B3-4E12-4CDF-B0D3-2A3C863BF6EF -> Spotify Ltd)
FirewallRules: [{675DA43D-BA73-43BC-AD25-F01358421AAB}] => (Allow) C:\Program Files\WindowsApps\SpotifyAB.SpotifyMusic_1.277.358.0_x64__zpdnekdrzrea0\Spotify.exe (453637B3-4E12-4CDF-B0D3-2A3C863BF6EF -> Spotify Ltd)
FirewallRules: [{DFD9A0A1-9DF5-4542-8D00-471051871CB8}] => (Allow) C:\Program Files\WindowsApps\SpotifyAB.SpotifyMusic_1.277.358.0_x64__zpdnekdrzrea0\Spotify.exe (453637B3-4E12-4CDF-B0D3-2A3C863BF6EF -> Spotify Ltd)
FirewallRules: [{EC682146-D2AC-4FE1-A51F-058B1FF93981}] => (Allow) C:\Program Files\WindowsApps\SpotifyAB.SpotifyMusic_1.277.358.0_x64__zpdnekdrzrea0\Spotify.exe (453637B3-4E12-4CDF-B0D3-2A3C863BF6EF -> Spotify Ltd)
FirewallRules: [{F7B525EE-4431-4A8A-AD67-A1B055E917AE}] => (Allow) C:\Program Files\WindowsApps\SpotifyAB.SpotifyMusic_1.277.358.0_x64__zpdnekdrzrea0\SpotifyLauncher.exe (453637B3-4E12-4CDF-B0D3-2A3C863BF6EF -> Spotify Ltd)
FirewallRules: [{D6CF45FC-F39D-4DA1-AA89-3274E0E59311}] => (Allow) C:\Program Files\WindowsApps\SpotifyAB.SpotifyMusic_1.277.358.0_x64__zpdnekdrzrea0\SpotifyLauncher.exe (453637B3-4E12-4CDF-B0D3-2A3C863BF6EF -> Spotify Ltd)
FirewallRules: [{A3B6C439-8D36-49A2-ADC4-7AC3CAF4C9BB}] => (Allow) C:\Program Files\WindowsApps\SpotifyAB.SpotifyMusic_1.277.358.0_x64__zpdnekdrzrea0\SpotifyLauncher.exe (453637B3-4E12-4CDF-B0D3-2A3C863BF6EF -> Spotify Ltd)
FirewallRules: [{4D1B0A46-4D05-45AF-B81A-3A50D9D66FF1}] => (Allow) C:\Program Files (x86)\AVAST Software\Business Agent\ClientManager.exe => No File
FirewallRules: [{1E081515-9F86-4628-9F82-F0A3CC3FAC9C}] => (Allow) C:\Program Files (x86)\AVAST Software\Business Agent\ClientManager.exe => No File
FirewallRules: [{E754F9A4-1C20-4C51-AF7A-6BD9524313E7}] => (Allow) C:\Program Files\Avast Software\Avast\AvastUI.exe (Gen Digital Inc. -> Gen Digital Inc.)
FirewallRules: [{13ED17C0-08DB-43CD-ABEB-BD4E8051A983}] => (Allow) C:\Program Files\Avast Software\Avast\AvastUI.exe (Gen Digital Inc. -> Gen Digital Inc.)
==================== Restore Points =========================
Check "VSS" service
==================== Faulty Device Manager Devices ============
==================== Event log errors: ========================
Application errors:
==================
Error: (11/25/2025 08:34:01 AM) (Source: VSS) (EventID: 8193) (User: )
Description: Chyba služby Stínová kopie svazků: Při volání rutiny CoCreateInstance došlo k neočekávané chybě. hr= 0x80070424, Zadaná služba není nainstalovaná služba..
Operace:
Vytvoření instance serveru VSS
Error: (11/25/2025 08:34:01 AM) (Source: VSS) (EventID: 13) (User: )
Description: Informace služby Stínová kopie svazku: Server COM s identifikátorem CLSID {e579ab5f-1cc4-44b4-bed9-de0991ff0623} a názvem IVssCoordinatorEx2 nelze spustit. [0x80070424, Zadaná služba není nainstalovaná služba.]
Operace:
Vytvoření instance serveru VSS
Error: (11/25/2025 08:34:01 AM) (Source: VSS) (EventID: 8193) (User: )
Description: Chyba služby Stínová kopie svazků: Při volání rutiny OpenService (shSCManager, 'VSS', SERVICE_QUERY_STATUS) došlo k neočekávané chybě. hr= 0x80070424, Zadaná služba není nainstalovaná služba..
Operace:
Inicializace zálohy
Error: (11/25/2025 08:24:54 AM) (Source: Application Error) (EventID: 1000) (User: AGS)
Description: Název chybující aplikace: AdobeCollabSync.exe, verze: 25.1.20937.0, časové razítko: 0x691b6e8f
Název chybujícího modulu: ucrtbase.dll, verze: 10.0.26100.7019, časové razítko: 0x55eee9bf
Kód výjimky: 0xc0000409
Posun chyby: 0x00000000000a4ace
ID chybujícího procesu: 0x2164
Čas spuštění chybující aplikace: 0x1dc5ddc981ccb42
Cesta k chybující aplikaci: C:\Program Files\Adobe\Acrobat DC\Acrobat\AdobeCollabSync.exe
Cesta k chybujícímu modulu: C:\WINDOWS\System32\ucrtbase.dll
ID sestavy: 6e73eca6-f146-493f-8ff9-87161c649630
Celý název chybujícího balíčku:
ID chybující aplikace relativní vzhledem k balíčku:
Error: (11/25/2025 08:23:47 AM) (Source: VSS) (EventID: 8193) (User: )
Description: Chyba služby Stínová kopie svazků: Při volání rutiny RegCreateKeyExW(-2147483646,SYSTEM\CurrentControlSet\Services\VSS\Diag,...) došlo k neočekávané chybě. hr= 0x80070005, Přístup byl odepřen..
Operace:
Inicializace modulu pro zápis
Kontext:
ID třídy modulu pro zápis: {e8132975-6f93-4464-a53e-1050253ae220}
Název modulu pro zápis: System Writer
ID instance modulu pro zápis: {06c88106-72e1-4eda-bbdd-4b1334a69906}
Error: (11/25/2025 08:20:03 AM) (Source: Application Error) (EventID: 1000) (User: AGS)
Description: Název chybující aplikace: AdobeCollabSync.exe, verze: 25.1.20937.0, časové razítko: 0x691b6e8f
Název chybujícího modulu: ucrtbase.dll, verze: 10.0.26100.7019, časové razítko: 0x55eee9bf
Kód výjimky: 0xc0000409
Posun chyby: 0x00000000000a4ace
ID chybujícího procesu: 0x25ec
Čas spuštění chybující aplikace: 0x1dc5ddbeafb803d
Cesta k chybující aplikaci: C:\Program Files\Adobe\Acrobat DC\Acrobat\AdobeCollabSync.exe
Cesta k chybujícímu modulu: C:\WINDOWS\System32\ucrtbase.dll
ID sestavy: 47bfa86c-7264-4759-9ece-208cd7fd1a7a
Celý název chybujícího balíčku:
ID chybující aplikace relativní vzhledem k balíčku:
Error: (11/25/2025 08:12:18 AM) (Source: Application Error) (EventID: 1000) (User: AGS)
Description: Název chybující aplikace: AdobeCollabSync.exe, verze: 25.1.20937.0, časové razítko: 0x691b6e8f
Název chybujícího modulu: ucrtbase.dll, verze: 10.0.26100.7019, časové razítko: 0x55eee9bf
Kód výjimky: 0xc0000409
Posun chyby: 0x00000000000a4ace
ID chybujícího procesu: 0x3b4c
Čas spuštění chybující aplikace: 0x1dc5ddad56db0df
Cesta k chybující aplikaci: C:\Program Files\Adobe\Acrobat DC\Acrobat\AdobeCollabSync.exe
Cesta k chybujícímu modulu: C:\WINDOWS\System32\ucrtbase.dll
ID sestavy: 7e084829-8183-412c-a624-3276ae6bef79
Celý název chybujícího balíčku:
ID chybující aplikace relativní vzhledem k balíčku:
Error: (11/25/2025 08:11:39 AM) (Source: VSS) (EventID: 8193) (User: )
Description: Chyba služby Stínová kopie svazků: Při volání rutiny RegCreateKeyExW(-2147483646,SYSTEM\CurrentControlSet\Services\VSS\Diag,...) došlo k neočekávané chybě. hr= 0x80070005, Přístup byl odepřen..
Operace:
Inicializace modulu pro zápis
Kontext:
ID třídy modulu pro zápis: {e8132975-6f93-4464-a53e-1050253ae220}
Název modulu pro zápis: System Writer
ID instance modulu pro zápis: {d600da3d-412a-476f-b22a-8e36350f137f}
System errors:
=============
Error: (11/25/2025 08:32:02 AM) (Source: Service Control Manager) (EventID: 7023) (User: )
Description: Služba Služba platformy připojených zařízení byla ukončena s následující chybou:
Nespecifikovaná chyba
Error: (11/25/2025 08:32:02 AM) (Source: DCOM) (EventID: 10010) (User: AGS)
Description: Server {F94358B1-E9AE-4D5C-AF66-CE50E67803C7} se v daném časovém limitu neregistroval u služby DCOM.
Error: (11/25/2025 08:30:02 AM) (Source: Service Control Manager) (EventID: 7023) (User: )
Description: Služba Služba platformy připojených zařízení byla ukončena s následující chybou:
Nespecifikovaná chyba
Error: (11/25/2025 08:30:02 AM) (Source: DCOM) (EventID: 10010) (User: AGS)
Description: Server {88E526C9-718C-410A-981C-7EF7806971E3} se v daném časovém limitu neregistroval u služby DCOM.
Error: (11/25/2025 08:29:17 AM) (Source: NetBT) (EventID: 4321) (User: )
Description: Název AGS :1d nelze zaregistrovat v rozhraní s IP adresou 192.168.2.74.
Počítač s IP adresou 192.168.2.41 nepovolil získání názvu
tímto počítačem.
Error: (11/25/2025 08:28:48 AM) (Source: Microsoft-Windows-TPM-WMI) (EventID: 1801) (User: NT AUTHORITY)
Description: Secure Boot CA/keys need to be updated. This device signature information is included here.
DeviceAttributes: FirmwareManufacturer:Dell Inc.;FirmwareVersion:1.9.0;OEMManufacturerName:Dell Inc.;OEMModelSKU:0AC5;OSArchitecture:amd64;
BucketId: 8a25897d4bdc50a2ea3be1d3610c91553d8dad44bfb4ddb33cb62066969451b0
BucketConfidenceLevel:
UpdateType: 0
HResult: 0
Error: (11/25/2025 08:28:02 AM) (Source: Service Control Manager) (EventID: 7023) (User: )
Description: Služba Služba platformy připojených zařízení byla ukončena s následující chybou:
Nespecifikovaná chyba
Error: (11/25/2025 08:28:02 AM) (Source: DCOM) (EventID: 10010) (User: AGS)
Description: Server {F94358B1-E9AE-4D5C-AF66-CE50E67803C7} se v daném časovém limitu neregistroval u služby DCOM.
Windows Defender:
================
Date: 2025-11-18 00:51:28
Description:
Antivirová ochrana v programu Microsoft Defender zjistil malware nebo jiný potenciálně nežádoucí software.
Další informace:
https://go.microsoft.com/fwlink/?linkid ... terprise=0
Název: VirTool:Win32/DefenderTamperingRestore
Závažnost: Vážné
Kategorie: Nástroj
Cesta: regkeyvalue:_hklm\software\policies\microsoft\windows defender\\DisableAntiSpyware
Původ detekce: Neznámý
Typ detekce: Konkrétní
Zdroj detekce: Systém
Uživatel: NT AUTHORITY\SYSTEM
Název procesu: Unknown
Verze bezpečnostních informací: AV: 1.441.300.0, AS: 1.441.300.0, NIS: 0.0.0.0
Verze modulu: AM: 1.1.25100.9002, NIS: 0.0.0.0
CodeIntegrity:
===============
Date: 2025-11-24 10:03:42
Description:
Code Integrity determined that a process (\Device\HarddiskVolume3\Program Files\AVAST Software\Avast\AvastSvc.exe) attempted to load \Device\HarddiskVolume3\Program Files\Microsoft Office\root\vfs\ProgramFilesCommonX64\Microsoft Shared\OFFICE16\MSOXMLMF.DLL that did not meet the Custom 3 / Antimalware signing level requirements.
Date: 2025-11-18 00:41:27
Description:
Code Integrity determined that a process (\Device\HarddiskVolume3\Program Files\Windows Defender\MsMpEng.exe) attempted to load \Device\HarddiskVolume3\Windows\System32\DriverStore\FileRepository\iigd_dch.inf_amd64_abf9ff9884812579\igd10iumd64.dll that did not meet the Custom 3 / Antimalware signing level requirements.
==================== Memory info ===========================
BIOS: Dell Inc. 1.9.0 12/14/2022
Motherboard: Dell Inc. 03H94W
Processor: 12th Gen Intel(R) Core(TM) i5-12500
Percentage of memory in use: 84%
Total physical RAM: 7880.73 MB
Available physical RAM: 1229.7 MB
Total Virtual: 21704.73 MB
Available Virtual: 12633.71 MB
==================== Drives ================================
Drive c: (OS) (Fixed) (Total:235.8 GB) (Free:92.9 GB) (Model: NVMe BC711 NVMe SK hynix 256GB) NTFS
\\?\Volume{7a3f253b-17ed-4edc-bc8b-2f141229aadb}\ (WINRETOOLS) (Fixed) (Total:0.97 GB) (Free:0.34 GB) NTFS
\\?\Volume{46cb8664-a2ae-4b5e-9263-f6937eb28bca}\ (DELLSUPPORT) (Fixed) (Total:1.37 GB) (Free:0.33 GB) NTFS
\\?\Volume{8120ea54-8744-46b2-abe7-29f8697e2ec1}\ (ESP) (Fixed) (Total:0.19 GB) (Free:0.1 GB) FAT32
==================== MBR & Partition Table ====================
==========================================================
Disk: 0 (Size: 238.5 GB) (Disk ID: 712E05E6)
Partition: GPT.
==================== End of Addition.txt =======================
Odvirování PC, zrychlení počítače, vzdálená pomoc prostřednictvím služby neslape.cz
malware ujoGkYIfe
Moderátor: Moderátoři
Pravidla fóra
Pokud chcete pomoc, vložte log z FRST [návod zde] nebo RSIT [návod zde]
Jednotlivé thready budou po vyřešení uzamčeny. Stejně tak ty, které budou nečinné déle než 14 dní. Vizte Pravidlo o zamykání témat. Děkujeme za pochopení.
!NOVINKA!
Nově lze využívat služby vzdálené pomoci, kdy se k vašemu počítači připojí odborník a bližší informace o problému si od vás získá telefonicky! Více na www.neslape.cz
Pokud chcete pomoc, vložte log z FRST [návod zde] nebo RSIT [návod zde]
Jednotlivé thready budou po vyřešení uzamčeny. Stejně tak ty, které budou nečinné déle než 14 dní. Vizte Pravidlo o zamykání témat. Děkujeme za pochopení.
!NOVINKA!
Nově lze využívat služby vzdálené pomoci, kdy se k vašemu počítači připojí odborník a bližší informace o problému si od vás získá telefonicky! Více na www.neslape.cz
-
Rudy
- Site Admin
- Příspěvky: 119650
- Registrován: 30 říj 2003 13:42
- Bydliště: Plzeň
- Kontaktovat uživatele:
Re: malware ujoGkYIfe
Zdravím!
Buďte rád, že jste tu zálohu měl. Jedná se o Ransomware, jehož odblokování si buď zaplatíte budete žádat Zde: https://www.neslape.cz/?utm_campaign=ne ... ium=banner o odblokování, což je možné jen v případě, že kolegové mají příslušný soft na odblokování a je k tomu třeba přímý přístup do vašeho PC.
Otevřte poznámkový blok a zkopírujte do něj:
Buďte rád, že jste tu zálohu měl. Jedná se o Ransomware, jehož odblokování si buď zaplatíte budete žádat Zde: https://www.neslape.cz/?utm_campaign=ne ... ium=banner o odblokování, což je možné jen v případě, že kolegové mají příslušný soft na odblokování a je k tomu třeba přímý přístup do vašeho PC.
Otevřte poznámkový blok a zkopírujte do něj:
Uložte do C:\Users\MilošHojda\OneDrive - A.G.Service s.r.o\Plocha jako fixlist.txt. Spusťte znovu FRST a klikněte na >Fix<. Po skončení akce se objeví log, který sem zkopírujte.Start
CloseProcesses:
HKLM\SOFTWARE\Microsoft\Windows Defender: [DisableAntiSpyware] Restriction <==== ATTENTION
HKLM\SOFTWARE\Microsoft\Windows Defender: [DisableAntiVirus] Restriction <==== ATTENTION
HKLM\SOFTWARE\Policies\Microsoft\Windows Defender: Restriction <==== ATTENTION
HKLM\SYSTEM\...\Terminal Server: [fDenyTSConnections] = 0 <==== ATTENTION
GroupPolicy: Restriction ? <==== ATTENTION
Policies: C:\ProgramData\NTUSER.pol: Restriction <==== ATTENTION
HKLM\SOFTWARE\Policies\Mozilla\Firefox: Restriction <==== ATTENTION
HKLM\SOFTWARE\Policies\Google: Restriction <==== ATTENTION
HKLM\SOFTWARE\Policies\Microsoft\Edge: Restriction <==== ATTENTION
Task: {077BA067-7C15-40F0-B22E-C9DC2A54B4A2} - System32\Tasks\Microsoft\Windows\Location\Notifications => %windir%\System32\LocationNotificationWindows.exe (No File)
Task: {F3E6E7ED-A196-4E44-8803-55FAB3AD4E29} - System32\Tasks\Microsoft\Windows\UpdateOrchestrator\USO_UxBroker => %systemroot%\system32\MusNotification.exe (No File)
C:\Users\test\AppData\LocalLow\b78ff7347d1c0d40a09319932d9938828a918c29a3380308bad9d977e8102d28
C:\Users\test\AppData\LocalLow\4f477fb3a2a7b7771df81681449b8ac3db5d5fdce4578baf8eb1d4330697a8c7
C:\Users\test\AppData\LocalLow\MYh8L5r.ujoGkYIfe
C:\Users\MilošHojda\Downloads\ujoGkYIfe.README.txt
C:\Users\MilošHojda\AppData\ujoGkYIfe.README.txt
C:\Users\hojda\ujoGkYIfe.README.txt
C:\Users\dhojda\ujoGkYIfe.README.txt
C:\Users\test\AppData\LocalLow\BBE7izj.ujoGkYIfe
C:\Users\test\AppData\LocalLow\125853172c102d2f5b528cd18dd7b630fdeef1a9b9e21f98d13e0af17ecb2eff.ujoGkYIfe
C:\Users\ujoGkYIfe.README.txt
C:\Users\test\ujoGkYIfe.README.txt
C:\Users\test\Downloads\ujoGkYIfe.README.txt
C:\Users\test\AppData\ujoGkYIfe.README.txt
C:\Users\test\AppData\Roaming\ujoGkYIfe.README.txt
C:\Users\test\AppData\LocalLow\ujoGkYIfe.README.txt
C:\Users\test\AppData\Local\ujoGkYIfe.README.txt
C:\Users\MilošHojda\ujoGkYIfe.README.txt
C:\ujoGkYIfe.README.txt
C:\Users\test\AppData\LocalLow\b6055909ead437b5dcc7db5240ce55e5dbdcdc8ce1d9bd93b70850d0c99c4d7a.ujoGkYIfe
C:\Users\test\AppData\LocalLow\7ea868fd86694840381937df7fbc1ff69ffe96adb2b6ecd7230ab88b6a65b9aa
C:\Users\test\AppData\LocalLow\bac841604a55649dd0f0a0c5446fbbda31caf6d927bd4a777c7f790cdadd54e7.ujoGkYIfe
C:\Users\test\AppData\LocalLow\b78ff7347d1c0d40a09319932d9938828a918c29a3380308bad9d977e8102d28.ujoGkYIfe
C:\Users\test\AppData\LocalLow\4f477fb3a2a7b7771df81681449b8ac3db5d5fdce4578baf8eb1d4330697a8c7.ujoGkYIfe
C:\Users\test\AppData\LocalLow\094f1b8916eccad37f41db6961cf49f92de192ec72174bfd7bcea2401efcb409.ujoGkYIfe
C:\Users\test\AppData\LocalLow\3bd083430f0f165f38ea3461c2aa4c0528a19d1bb1a9da406fae9a491b5c6e98.ujoGkYIfe
C:\Users\test\AppData\LocalLow\f546012b3d63556bc40173b688cc9e9df1c73f85b9b78063000b9797e2238860.ujoGkYIfe
C:\Users\test\AppData\LocalLow\3a590f852a46e89bbe3ad71340c07669250724beae39d8a22fc7ed284da06ab1.ujoGkYIfe
C:\Users\test\AppData\LocalLow\b78ff7347d1c0d40a09319932d9938828a918c29a3380308bad9d977e8102d28.ujoGkYIfe
C:\Users\test\AppData\LocalLow\4f477fb3a2a7b7771df81681449b8ac3db5d5fdce4578baf8eb1d4330697a8c7.ujoGkYIfe
C:\Users\test\AppData\LocalLow\094f1b8916eccad37f41db6961cf49f92de192ec72174bfd7bcea2401efcb409.ujoGkYIfe
C:\Users\test\AppData\LocalLow\3bd083430f0f165f38ea3461c2aa4c0528a19d1bb1a9da406fae9a491b5c6e98.ujoGkYIfe
C:\Users\test\AppData\LocalLow\f546012b3d63556bc40173b688cc9e9df1c73f85b9b78063000b9797e2238860.ujoGkYIfe
C:\Users\test\AppData\LocalLow\3a590f852a46e89bbe3ad71340c07669250724beae39d8a22fc7ed284da06ab1.ujoGkYIfe
C:\Users\MilošHojda\AppData\LocalLow\58541f70ec885d83ebdee75bec159dc8a5d42aaf86b81fc785fc13381ca7d02e
C:\Users\MilošHojda\AppData\LocalLow\71a02a9e9e516e7aff4b3be52bc96e7899fdbcbb74391c3435f2976983a5fbe0
C:\WINDOWS\system32\5E37410B-D6F1-471D-AE27-563CEAC0D6B2
C:\DebugTraceAP.log.ujoGkYIfe
C:\dell.sdr.ujoGkYIfe
C:\Users\MilošHojda\AppData\LocalLow\a5f184af9e240087951c9459f358e144a7c806b0c9a06b16dec1f43aa477f539
C:\Users\MilošHojda\AppData\LocalLow\10c5d7d1ac703d673f2a02f1c2d01e0068df7c08c578133d58942750dad38630
C:\Users\MilošHojda\AppData\LocalLow\3bd083430f0f165f38ea3461c2aa4c0528a19d1bb1a9da406fae9a491b5c6e98
C:\Users\MilošHojda\AppData\LocalLow\0436998ae5844b7230d4564912146afb61367e1cc3a47495d833f61fd4e25815
C:\Users\MilošHojda\AppData\LocalLow\f4dcbcdf52e36e06b58c17b883d1e9b6ca12ba860f64d478fb85ca103fea2a3e
C:\Users\MilošHojda\AppData\LocalLow\c36753f5eb40323b64fb5cb12399ddba76e23464ff089e1a711edc95bbed87ab
C:\Users\MilošHojda\AppData\LocalLow\6d2affc5d47f8632839c70ff2e861defc97e3bf88e75d57d010b11e41416e00f
C:\Users\MilošHojda\AppData\LocalLow\f6c9d564d03fa2621a5858a7e45e24568c0b164f1f673f688b3c56faccf925be
CustomCLSID: HKU\S-1-5-21-860714411-3476244459-1309197597-1143_Classes\CLSID\{d1b22d3d-8585-53a6-acb3-0e803c7e8d2a}\localserver32 -> "C:\Users\MilošHojda\AppData\Local\Microsoft\Teams\current\Teams.exe" --toast => No File
FirewallRules: [{E65856E9-B1D3-477B-A8FE-1757EE07CFA2}] => (Allow) C:\Program Files (x86)\AVAST Software\Business Agent\ClientManager.exe => No File
FirewallRules: [{16E980BF-A0BE-47CF-B80C-443EB700D04B}] => (Allow) C:\Program Files (x86)\AVAST Software\Business Agent\ClientManager.exe => No File
FirewallRules: [{6EC38EC0-EA54-44AB-90A6-C95BDA5A4DF8}] => (Allow) C:\ProgramData\AVTECHCMSLite\VMS\AdvAllinOnePlayback.exe => No File
FirewallRules: [TCP Query User{190C4A47-864F-435B-B4A1-D29F0BC11C69}\\agserver22\pohoda\stwph.exe] => (Allow) \\agserver22\pohoda\stwph.exe => No File
FirewallRules: [UDP Query User{37D92B32-7F33-47FC-93AB-0F9FB556181D}\\agserver22\pohoda\stwph.exe] => (Allow) \\agserver22\pohoda\stwph.exe => No File
FirewallRules: [{4D1B0A46-4D05-45AF-B81A-3A50D9D66FF1}] => (Allow) C:\Program Files (x86)\AVAST Software\Business Agent\ClientManager.exe => No File
FirewallRules: [{1E081515-9F86-4628-9F82-F0A3CC3FAC9C}] => (Allow) C:\Program Files (x86)\AVAST Software\Business Agent\ClientManager.exe => No File
regkeyvalue:_hklm\software\policies\microsoft\windows defender\\DisableAntiSpyware
EmptyTemp:
End
Dotazy a logy vkládejte pouze do vašich threadů. Soukromé zprávy, icq a e-maily neslouží k řešení vašich problémů.
Podpořte, prosím, naše fórum : https://platba.viry.cz/payment/.
Navštivte:
e-mail: rudy(zavináč)forum.viry.cz
Varování: Před odvirováním PC si udělejte zálohy svých důležitých dat (pošta, kontakty, dokumenty, fotografie, videa, hudba apod.). Virus mimo svých "viditelných" aktivit může poškodit systém!
Po dořešení vašeho problému bude vlákno zamknuto. Stejně tak tehdy, pokud bude nečinné více než 14dnů. Pokud budete chtít vlákno aktivovat, napište mi na mail uvedený výše.
Podpořte, prosím, naše fórum : https://platba.viry.cz/payment/.
Navštivte:
e-mail: rudy(zavináč)forum.viry.cz
Varování: Před odvirováním PC si udělejte zálohy svých důležitých dat (pošta, kontakty, dokumenty, fotografie, videa, hudba apod.). Virus mimo svých "viditelných" aktivit může poškodit systém!
Po dořešení vašeho problému bude vlákno zamknuto. Stejně tak tehdy, pokud bude nečinné více než 14dnů. Pokud budete chtít vlákno aktivovat, napište mi na mail uvedený výše.
Re: malware ujoGkYIfe
Díky moc, naštěstí vše na onedrive, vše již obnoveno (přejmenovalo to desítky tisíc souborů). Posílám log:
Fix result of Farbar Recovery Scan Tool (x64) Version: 20-11-2025
Ran by hojda (25-11-2025 17:03:00) Run:2
Running from C:\Users\MilošHojda\OneDrive - A.G.Service s.r.o\Plocha
Loaded Profiles: test & hojda
Boot Mode: Normal
==============================================
fixlist content:
*****************
Start
CloseProcesses:
HKLM\SOFTWARE\Microsoft\Windows Defender: [DisableAntiSpyware] Restriction <==== ATTENTION
HKLM\SOFTWARE\Microsoft\Windows Defender: [DisableAntiVirus] Restriction <==== ATTENTION
HKLM\SOFTWARE\Policies\Microsoft\Windows Defender: Restriction <==== ATTENTION
HKLM\SYSTEM\...\Terminal Server: [fDenyTSConnections] = 0 <==== ATTENTION
GroupPolicy: Restriction ? <==== ATTENTION
Policies: C:\ProgramData\NTUSER.pol: Restriction <==== ATTENTION
HKLM\SOFTWARE\Policies\Mozilla\Firefox: Restriction <==== ATTENTION
HKLM\SOFTWARE\Policies\Google: Restriction <==== ATTENTION
HKLM\SOFTWARE\Policies\Microsoft\Edge: Restriction <==== ATTENTION
Task: {077BA067-7C15-40F0-B22E-C9DC2A54B4A2} - System32\Tasks\Microsoft\Windows\Location\Notifications => %windir%\System32\LocationNotificationWindows.exe (No File)
Task: {F3E6E7ED-A196-4E44-8803-55FAB3AD4E29} - System32\Tasks\Microsoft\Windows\UpdateOrchestrator\USO_UxBroker => %systemroot%\system32\MusNotification.exe (No File)
C:\Users\test\AppData\LocalLow\b78ff7347d1c0d40a09319932d9938828a918c29a3380308bad9d977e8102d28
C:\Users\test\AppData\LocalLow\4f477fb3a2a7b7771df81681449b8ac3db5d5fdce4578baf8eb1d4330697a8c7
C:\Users\test\AppData\LocalLow\MYh8L5r.ujoGkYIfe
C:\Users\MilošHojda\Downloads\ujoGkYIfe.README.txt
C:\Users\MilošHojda\AppData\ujoGkYIfe.README.txt
C:\Users\hojda\ujoGkYIfe.README.txt
C:\Users\dhojda\ujoGkYIfe.README.txt
C:\Users\test\AppData\LocalLow\BBE7izj.ujoGkYIfe
C:\Users\test\AppData\LocalLow\125853172c102d2f5b528cd18dd7b630fdeef1a9b9e21f98d13e0af17ecb2eff.ujoGkYIfe
C:\Users\ujoGkYIfe.README.txt
C:\Users\test\ujoGkYIfe.README.txt
C:\Users\test\Downloads\ujoGkYIfe.README.txt
C:\Users\test\AppData\ujoGkYIfe.README.txt
C:\Users\test\AppData\Roaming\ujoGkYIfe.README.txt
C:\Users\test\AppData\LocalLow\ujoGkYIfe.README.txt
C:\Users\test\AppData\Local\ujoGkYIfe.README.txt
C:\Users\MilošHojda\ujoGkYIfe.README.txt
C:\ujoGkYIfe.README.txt
C:\Users\test\AppData\LocalLow\b6055909ead437b5dcc7db5240ce55e5dbdcdc8ce1d9bd93b70850d0c99c4d7a.ujoGkYIfe
C:\Users\test\AppData\LocalLow\7ea868fd86694840381937df7fbc1ff69ffe96adb2b6ecd7230ab88b6a65b9aa
C:\Users\test\AppData\LocalLow\bac841604a55649dd0f0a0c5446fbbda31caf6d927bd4a777c7f790cdadd54e7.ujoGkYIfe
C:\Users\test\AppData\LocalLow\b78ff7347d1c0d40a09319932d9938828a918c29a3380308bad9d977e8102d28.ujoGkYIfe
C:\Users\test\AppData\LocalLow\4f477fb3a2a7b7771df81681449b8ac3db5d5fdce4578baf8eb1d4330697a8c7.ujoGkYIfe
C:\Users\test\AppData\LocalLow\094f1b8916eccad37f41db6961cf49f92de192ec72174bfd7bcea2401efcb409.ujoGkYIfe
C:\Users\test\AppData\LocalLow\3bd083430f0f165f38ea3461c2aa4c0528a19d1bb1a9da406fae9a491b5c6e98.ujoGkYIfe
C:\Users\test\AppData\LocalLow\f546012b3d63556bc40173b688cc9e9df1c73f85b9b78063000b9797e2238860.ujoGkYIfe
C:\Users\test\AppData\LocalLow\3a590f852a46e89bbe3ad71340c07669250724beae39d8a22fc7ed284da06ab1.ujoGkYIfe
C:\Users\test\AppData\LocalLow\b78ff7347d1c0d40a09319932d9938828a918c29a3380308bad9d977e8102d28.ujoGkYIfe
C:\Users\test\AppData\LocalLow\4f477fb3a2a7b7771df81681449b8ac3db5d5fdce4578baf8eb1d4330697a8c7.ujoGkYIfe
C:\Users\test\AppData\LocalLow\094f1b8916eccad37f41db6961cf49f92de192ec72174bfd7bcea2401efcb409.ujoGkYIfe
C:\Users\test\AppData\LocalLow\3bd083430f0f165f38ea3461c2aa4c0528a19d1bb1a9da406fae9a491b5c6e98.ujoGkYIfe
C:\Users\test\AppData\LocalLow\f546012b3d63556bc40173b688cc9e9df1c73f85b9b78063000b9797e2238860.ujoGkYIfe
C:\Users\test\AppData\LocalLow\3a590f852a46e89bbe3ad71340c07669250724beae39d8a22fc7ed284da06ab1.ujoGkYIfe
C:\Users\MilošHojda\AppData\LocalLow\58541f70ec885d83ebdee75bec159dc8a5d42aaf86b81fc785fc13381ca7d02e
C:\Users\MilošHojda\AppData\LocalLow\71a02a9e9e516e7aff4b3be52bc96e7899fdbcbb74391c3435f2976983a5fbe0
C:\WINDOWS\system32\5E37410B-D6F1-471D-AE27-563CEAC0D6B2
C:\DebugTraceAP.log.ujoGkYIfe
C:\dell.sdr.ujoGkYIfe
C:\Users\MilošHojda\AppData\LocalLow\a5f184af9e240087951c9459f358e144a7c806b0c9a06b16dec1f43aa477f539
C:\Users\MilošHojda\AppData\LocalLow\10c5d7d1ac703d673f2a02f1c2d01e0068df7c08c578133d58942750dad38630
C:\Users\MilošHojda\AppData\LocalLow\3bd083430f0f165f38ea3461c2aa4c0528a19d1bb1a9da406fae9a491b5c6e98
C:\Users\MilošHojda\AppData\LocalLow\0436998ae5844b7230d4564912146afb61367e1cc3a47495d833f61fd4e25815
C:\Users\MilošHojda\AppData\LocalLow\f4dcbcdf52e36e06b58c17b883d1e9b6ca12ba860f64d478fb85ca103fea2a3e
C:\Users\MilošHojda\AppData\LocalLow\c36753f5eb40323b64fb5cb12399ddba76e23464ff089e1a711edc95bbed87ab
C:\Users\MilošHojda\AppData\LocalLow\6d2affc5d47f8632839c70ff2e861defc97e3bf88e75d57d010b11e41416e00f
C:\Users\MilošHojda\AppData\LocalLow\f6c9d564d03fa2621a5858a7e45e24568c0b164f1f673f688b3c56faccf925be
CustomCLSID: HKU\S-1-5-21-860714411-3476244459-1309197597-1143_Classes\CLSID\{d1b22d3d-8585-53a6-acb3-0e803c7e8d2a}\localserver32 -> "C:\Users\MilošHojda\AppData\Local\Microsoft\Teams\current\Teams.exe" --toast => No File
FirewallRules: [{E65856E9-B1D3-477B-A8FE-1757EE07CFA2}] => (Allow) C:\Program Files (x86)\AVAST Software\Business Agent\ClientManager.exe => No File
FirewallRules: [{16E980BF-A0BE-47CF-B80C-443EB700D04B}] => (Allow) C:\Program Files (x86)\AVAST Software\Business Agent\ClientManager.exe => No File
FirewallRules: [{6EC38EC0-EA54-44AB-90A6-C95BDA5A4DF8}] => (Allow) C:\ProgramData\AVTECHCMSLite\VMS\AdvAllinOnePlayback.exe => No File
FirewallRules: [TCP Query User{190C4A47-864F-435B-B4A1-D29F0BC11C69}\\agserver22\pohoda\stwph.exe] => (Allow) \\agserver22\pohoda\stwph.exe => No File
FirewallRules: [UDP Query User{37D92B32-7F33-47FC-93AB-0F9FB556181D}\\agserver22\pohoda\stwph.exe] => (Allow) \\agserver22\pohoda\stwph.exe => No File
FirewallRules: [{4D1B0A46-4D05-45AF-B81A-3A50D9D66FF1}] => (Allow) C:\Program Files (x86)\AVAST Software\Business Agent\ClientManager.exe => No File
FirewallRules: [{1E081515-9F86-4628-9F82-F0A3CC3FAC9C}] => (Allow) C:\Program Files (x86)\AVAST Software\Business Agent\ClientManager.exe => No File
regkeyvalue:_hklm\software\policies\microsoft\windows defender\\DisableAntiSpyware
EmptyTemp:
End
*****************
Processes closed successfully.
HKLM\SOFTWARE\Microsoft\Windows Defender\\"DisableAntiSpyware"="0" => value restored successfully
HKLM\SOFTWARE\Microsoft\Windows Defender\\"DisableAntiVirus"="0" => value restored successfully
HKLM\SOFTWARE\Policies\Microsoft\Windows Defender => removed successfully
HKLM\SYSTEM\CurrentControlSet\Control\Terminal Server\\"fDenyTSConnections"="1" => value restored successfully
"C:\WINDOWS\system32\GroupPolicy\Machine" => not found
C:\ProgramData\NTUSER.pol => moved successfully
HKLM\SOFTWARE\Policies\Mozilla => removed successfully
HKLM\SOFTWARE\Policies\Google => removed successfully
HKLM\SOFTWARE\Policies\Microsoft\Edge => removed successfully
"HKLM\Software\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Plain\{077BA067-7C15-40F0-B22E-C9DC2A54B4A2}" => removed successfully
"HKLM\Software\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tasks\{077BA067-7C15-40F0-B22E-C9DC2A54B4A2}" => removed successfully
C:\WINDOWS\System32\Tasks\Microsoft\Windows\Location\Notifications => moved successfully
"HKLM\Software\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tree\Microsoft\Windows\Location\Notifications" => removed successfully
"HKLM\Software\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Plain\{F3E6E7ED-A196-4E44-8803-55FAB3AD4E29}" => removed successfully
"HKLM\Software\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tasks\{F3E6E7ED-A196-4E44-8803-55FAB3AD4E29}" => removed successfully
C:\WINDOWS\System32\Tasks\Microsoft\Windows\UpdateOrchestrator\USO_UxBroker => moved successfully
"HKLM\Software\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tree\Microsoft\Windows\UpdateOrchestrator\USO_UxBroker" => removed successfully
C:\Users\test\AppData\LocalLow\b78ff7347d1c0d40a09319932d9938828a918c29a3380308bad9d977e8102d28 => moved successfully
C:\Users\test\AppData\LocalLow\4f477fb3a2a7b7771df81681449b8ac3db5d5fdce4578baf8eb1d4330697a8c7 => moved successfully
C:\Users\test\AppData\LocalLow\MYh8L5r.ujoGkYIfe => moved successfully
"C:\Users\MilošHojda\Downloads\ujoGkYIfe.README.txt" => not found
C:\Users\MilošHojda\AppData\ujoGkYIfe.README.txt => moved successfully
C:\Users\hojda\ujoGkYIfe.README.txt => moved successfully
C:\Users\dhojda\ujoGkYIfe.README.txt => moved successfully
C:\Users\test\AppData\LocalLow\BBE7izj.ujoGkYIfe => moved successfully
C:\Users\test\AppData\LocalLow\125853172c102d2f5b528cd18dd7b630fdeef1a9b9e21f98d13e0af17ecb2eff.ujoGkYIfe => moved successfully
C:\Users\ujoGkYIfe.README.txt => moved successfully
C:\Users\test\ujoGkYIfe.README.txt => moved successfully
C:\Users\test\Downloads\ujoGkYIfe.README.txt => moved successfully
C:\Users\test\AppData\ujoGkYIfe.README.txt => moved successfully
C:\Users\test\AppData\Roaming\ujoGkYIfe.README.txt => moved successfully
C:\Users\test\AppData\LocalLow\ujoGkYIfe.README.txt => moved successfully
C:\Users\test\AppData\Local\ujoGkYIfe.README.txt => moved successfully
C:\Users\MilošHojda\ujoGkYIfe.README.txt => moved successfully
C:\ujoGkYIfe.README.txt => moved successfully
C:\Users\test\AppData\LocalLow\b6055909ead437b5dcc7db5240ce55e5dbdcdc8ce1d9bd93b70850d0c99c4d7a.ujoGkYIfe => moved successfully
C:\Users\test\AppData\LocalLow\7ea868fd86694840381937df7fbc1ff69ffe96adb2b6ecd7230ab88b6a65b9aa => moved successfully
C:\Users\test\AppData\LocalLow\bac841604a55649dd0f0a0c5446fbbda31caf6d927bd4a777c7f790cdadd54e7.ujoGkYIfe => moved successfully
C:\Users\test\AppData\LocalLow\b78ff7347d1c0d40a09319932d9938828a918c29a3380308bad9d977e8102d28.ujoGkYIfe => moved successfully
C:\Users\test\AppData\LocalLow\4f477fb3a2a7b7771df81681449b8ac3db5d5fdce4578baf8eb1d4330697a8c7.ujoGkYIfe => moved successfully
C:\Users\test\AppData\LocalLow\094f1b8916eccad37f41db6961cf49f92de192ec72174bfd7bcea2401efcb409.ujoGkYIfe => moved successfully
C:\Users\test\AppData\LocalLow\3bd083430f0f165f38ea3461c2aa4c0528a19d1bb1a9da406fae9a491b5c6e98.ujoGkYIfe => moved successfully
C:\Users\test\AppData\LocalLow\f546012b3d63556bc40173b688cc9e9df1c73f85b9b78063000b9797e2238860.ujoGkYIfe => moved successfully
C:\Users\test\AppData\LocalLow\3a590f852a46e89bbe3ad71340c07669250724beae39d8a22fc7ed284da06ab1.ujoGkYIfe => moved successfully
"C:\Users\test\AppData\LocalLow\b78ff7347d1c0d40a09319932d9938828a918c29a3380308bad9d977e8102d28.ujoGkYIfe" => not found
"C:\Users\test\AppData\LocalLow\4f477fb3a2a7b7771df81681449b8ac3db5d5fdce4578baf8eb1d4330697a8c7.ujoGkYIfe" => not found
"C:\Users\test\AppData\LocalLow\094f1b8916eccad37f41db6961cf49f92de192ec72174bfd7bcea2401efcb409.ujoGkYIfe" => not found
"C:\Users\test\AppData\LocalLow\3bd083430f0f165f38ea3461c2aa4c0528a19d1bb1a9da406fae9a491b5c6e98.ujoGkYIfe" => not found
"C:\Users\test\AppData\LocalLow\f546012b3d63556bc40173b688cc9e9df1c73f85b9b78063000b9797e2238860.ujoGkYIfe" => not found
"C:\Users\test\AppData\LocalLow\3a590f852a46e89bbe3ad71340c07669250724beae39d8a22fc7ed284da06ab1.ujoGkYIfe" => not found
C:\Users\MilošHojda\AppData\LocalLow\58541f70ec885d83ebdee75bec159dc8a5d42aaf86b81fc785fc13381ca7d02e => moved successfully
C:\Users\MilošHojda\AppData\LocalLow\71a02a9e9e516e7aff4b3be52bc96e7899fdbcbb74391c3435f2976983a5fbe0 => moved successfully
Could not move "C:\WINDOWS\system32\5E37410B-D6F1-471D-AE27-563CEAC0D6B2" => Scheduled to move on reboot.
C:\DebugTraceAP.log.ujoGkYIfe => moved successfully
C:\dell.sdr.ujoGkYIfe => moved successfully
C:\Users\MilošHojda\AppData\LocalLow\a5f184af9e240087951c9459f358e144a7c806b0c9a06b16dec1f43aa477f539 => moved successfully
C:\Users\MilošHojda\AppData\LocalLow\10c5d7d1ac703d673f2a02f1c2d01e0068df7c08c578133d58942750dad38630 => moved successfully
C:\Users\MilošHojda\AppData\LocalLow\3bd083430f0f165f38ea3461c2aa4c0528a19d1bb1a9da406fae9a491b5c6e98 => moved successfully
C:\Users\MilošHojda\AppData\LocalLow\0436998ae5844b7230d4564912146afb61367e1cc3a47495d833f61fd4e25815 => moved successfully
C:\Users\MilošHojda\AppData\LocalLow\f4dcbcdf52e36e06b58c17b883d1e9b6ca12ba860f64d478fb85ca103fea2a3e => moved successfully
C:\Users\MilošHojda\AppData\LocalLow\c36753f5eb40323b64fb5cb12399ddba76e23464ff089e1a711edc95bbed87ab => moved successfully
C:\Users\MilošHojda\AppData\LocalLow\6d2affc5d47f8632839c70ff2e861defc97e3bf88e75d57d010b11e41416e00f => moved successfully
C:\Users\MilošHojda\AppData\LocalLow\f6c9d564d03fa2621a5858a7e45e24568c0b164f1f673f688b3c56faccf925be => moved successfully
HKU\S-1-5-21-860714411-3476244459-1309197597-1143_Classes\CLSID\{d1b22d3d-8585-53a6-acb3-0e803c7e8d2a} => removed successfully
"HKLM\SYSTEM\CurrentControlSet\services\SharedAccess\Parameters\FirewallPolicy\FirewallRules\\{E65856E9-B1D3-477B-A8FE-1757EE07CFA2}" => removed successfully
"HKLM\SYSTEM\CurrentControlSet\services\SharedAccess\Parameters\FirewallPolicy\FirewallRules\\{16E980BF-A0BE-47CF-B80C-443EB700D04B}" => removed successfully
"HKLM\SYSTEM\CurrentControlSet\services\SharedAccess\Parameters\FirewallPolicy\FirewallRules\\{6EC38EC0-EA54-44AB-90A6-C95BDA5A4DF8}" => removed successfully
"HKLM\SYSTEM\CurrentControlSet\services\SharedAccess\Parameters\FirewallPolicy\FirewallRules\\TCP Query User{190C4A47-864F-435B-B4A1-D29F0BC11C69}\\agserver22\pohoda\stwph.exe" => removed successfully
"HKLM\SYSTEM\CurrentControlSet\services\SharedAccess\Parameters\FirewallPolicy\FirewallRules\\UDP Query User{37D92B32-7F33-47FC-93AB-0F9FB556181D}\\agserver22\pohoda\stwph.exe" => removed successfully
"HKLM\SYSTEM\CurrentControlSet\services\SharedAccess\Parameters\FirewallPolicy\FirewallRules\\{4D1B0A46-4D05-45AF-B81A-3A50D9D66FF1}" => removed successfully
"HKLM\SYSTEM\CurrentControlSet\services\SharedAccess\Parameters\FirewallPolicy\FirewallRules\\{1E081515-9F86-4628-9F82-F0A3CC3FAC9C}" => removed successfully
regkeyvalue:_hklm\software\policies\microsoft\windows defender\\DisableAntiSpyware => Error: No automatic fix found for this entry.
=========== EmptyTemp: ==========
FlushDNS => completed
BITS transfer queue => 0 B
DOMStore, IE Recovery, AppCache, Feeds Cache, Thumbcache, IconCache => 9624217 B
Java, Discord, Steam htmlcache, WinHttpAutoProxySvc/winhttp *.cache => 0 B
Windows/system/drivers => 4568824 B
Edge => 0 B
Chrome => 0 B
Firefox => 0 B
Opera => 0 B
Temp, IE cache, history, cookies, recent:
Default => 0 B
ProgramData => 0 B
Public => 0 B
systemprofile => 0 B
systemprofile32 => 0 B
LocalService => 0 B
NetworkService => 0 B
test => 0 B
dhojda => 0 B
MilošHojda => 3948360 B
RecycleBin => 0 B
EmptyTemp: => 17.3 MB temporary data Removed.
================================
Result of scheduled files to move (Boot Mode: Normal) (Date&Time: 25-11-2025 17:04:16)
C:\WINDOWS\system32\5E37410B-D6F1-471D-AE27-563CEAC0D6B2 => Could not move
==== End of Fixlog 17:04:16 ====
Fix result of Farbar Recovery Scan Tool (x64) Version: 20-11-2025
Ran by hojda (25-11-2025 17:03:00) Run:2
Running from C:\Users\MilošHojda\OneDrive - A.G.Service s.r.o\Plocha
Loaded Profiles: test & hojda
Boot Mode: Normal
==============================================
fixlist content:
*****************
Start
CloseProcesses:
HKLM\SOFTWARE\Microsoft\Windows Defender: [DisableAntiSpyware] Restriction <==== ATTENTION
HKLM\SOFTWARE\Microsoft\Windows Defender: [DisableAntiVirus] Restriction <==== ATTENTION
HKLM\SOFTWARE\Policies\Microsoft\Windows Defender: Restriction <==== ATTENTION
HKLM\SYSTEM\...\Terminal Server: [fDenyTSConnections] = 0 <==== ATTENTION
GroupPolicy: Restriction ? <==== ATTENTION
Policies: C:\ProgramData\NTUSER.pol: Restriction <==== ATTENTION
HKLM\SOFTWARE\Policies\Mozilla\Firefox: Restriction <==== ATTENTION
HKLM\SOFTWARE\Policies\Google: Restriction <==== ATTENTION
HKLM\SOFTWARE\Policies\Microsoft\Edge: Restriction <==== ATTENTION
Task: {077BA067-7C15-40F0-B22E-C9DC2A54B4A2} - System32\Tasks\Microsoft\Windows\Location\Notifications => %windir%\System32\LocationNotificationWindows.exe (No File)
Task: {F3E6E7ED-A196-4E44-8803-55FAB3AD4E29} - System32\Tasks\Microsoft\Windows\UpdateOrchestrator\USO_UxBroker => %systemroot%\system32\MusNotification.exe (No File)
C:\Users\test\AppData\LocalLow\b78ff7347d1c0d40a09319932d9938828a918c29a3380308bad9d977e8102d28
C:\Users\test\AppData\LocalLow\4f477fb3a2a7b7771df81681449b8ac3db5d5fdce4578baf8eb1d4330697a8c7
C:\Users\test\AppData\LocalLow\MYh8L5r.ujoGkYIfe
C:\Users\MilošHojda\Downloads\ujoGkYIfe.README.txt
C:\Users\MilošHojda\AppData\ujoGkYIfe.README.txt
C:\Users\hojda\ujoGkYIfe.README.txt
C:\Users\dhojda\ujoGkYIfe.README.txt
C:\Users\test\AppData\LocalLow\BBE7izj.ujoGkYIfe
C:\Users\test\AppData\LocalLow\125853172c102d2f5b528cd18dd7b630fdeef1a9b9e21f98d13e0af17ecb2eff.ujoGkYIfe
C:\Users\ujoGkYIfe.README.txt
C:\Users\test\ujoGkYIfe.README.txt
C:\Users\test\Downloads\ujoGkYIfe.README.txt
C:\Users\test\AppData\ujoGkYIfe.README.txt
C:\Users\test\AppData\Roaming\ujoGkYIfe.README.txt
C:\Users\test\AppData\LocalLow\ujoGkYIfe.README.txt
C:\Users\test\AppData\Local\ujoGkYIfe.README.txt
C:\Users\MilošHojda\ujoGkYIfe.README.txt
C:\ujoGkYIfe.README.txt
C:\Users\test\AppData\LocalLow\b6055909ead437b5dcc7db5240ce55e5dbdcdc8ce1d9bd93b70850d0c99c4d7a.ujoGkYIfe
C:\Users\test\AppData\LocalLow\7ea868fd86694840381937df7fbc1ff69ffe96adb2b6ecd7230ab88b6a65b9aa
C:\Users\test\AppData\LocalLow\bac841604a55649dd0f0a0c5446fbbda31caf6d927bd4a777c7f790cdadd54e7.ujoGkYIfe
C:\Users\test\AppData\LocalLow\b78ff7347d1c0d40a09319932d9938828a918c29a3380308bad9d977e8102d28.ujoGkYIfe
C:\Users\test\AppData\LocalLow\4f477fb3a2a7b7771df81681449b8ac3db5d5fdce4578baf8eb1d4330697a8c7.ujoGkYIfe
C:\Users\test\AppData\LocalLow\094f1b8916eccad37f41db6961cf49f92de192ec72174bfd7bcea2401efcb409.ujoGkYIfe
C:\Users\test\AppData\LocalLow\3bd083430f0f165f38ea3461c2aa4c0528a19d1bb1a9da406fae9a491b5c6e98.ujoGkYIfe
C:\Users\test\AppData\LocalLow\f546012b3d63556bc40173b688cc9e9df1c73f85b9b78063000b9797e2238860.ujoGkYIfe
C:\Users\test\AppData\LocalLow\3a590f852a46e89bbe3ad71340c07669250724beae39d8a22fc7ed284da06ab1.ujoGkYIfe
C:\Users\test\AppData\LocalLow\b78ff7347d1c0d40a09319932d9938828a918c29a3380308bad9d977e8102d28.ujoGkYIfe
C:\Users\test\AppData\LocalLow\4f477fb3a2a7b7771df81681449b8ac3db5d5fdce4578baf8eb1d4330697a8c7.ujoGkYIfe
C:\Users\test\AppData\LocalLow\094f1b8916eccad37f41db6961cf49f92de192ec72174bfd7bcea2401efcb409.ujoGkYIfe
C:\Users\test\AppData\LocalLow\3bd083430f0f165f38ea3461c2aa4c0528a19d1bb1a9da406fae9a491b5c6e98.ujoGkYIfe
C:\Users\test\AppData\LocalLow\f546012b3d63556bc40173b688cc9e9df1c73f85b9b78063000b9797e2238860.ujoGkYIfe
C:\Users\test\AppData\LocalLow\3a590f852a46e89bbe3ad71340c07669250724beae39d8a22fc7ed284da06ab1.ujoGkYIfe
C:\Users\MilošHojda\AppData\LocalLow\58541f70ec885d83ebdee75bec159dc8a5d42aaf86b81fc785fc13381ca7d02e
C:\Users\MilošHojda\AppData\LocalLow\71a02a9e9e516e7aff4b3be52bc96e7899fdbcbb74391c3435f2976983a5fbe0
C:\WINDOWS\system32\5E37410B-D6F1-471D-AE27-563CEAC0D6B2
C:\DebugTraceAP.log.ujoGkYIfe
C:\dell.sdr.ujoGkYIfe
C:\Users\MilošHojda\AppData\LocalLow\a5f184af9e240087951c9459f358e144a7c806b0c9a06b16dec1f43aa477f539
C:\Users\MilošHojda\AppData\LocalLow\10c5d7d1ac703d673f2a02f1c2d01e0068df7c08c578133d58942750dad38630
C:\Users\MilošHojda\AppData\LocalLow\3bd083430f0f165f38ea3461c2aa4c0528a19d1bb1a9da406fae9a491b5c6e98
C:\Users\MilošHojda\AppData\LocalLow\0436998ae5844b7230d4564912146afb61367e1cc3a47495d833f61fd4e25815
C:\Users\MilošHojda\AppData\LocalLow\f4dcbcdf52e36e06b58c17b883d1e9b6ca12ba860f64d478fb85ca103fea2a3e
C:\Users\MilošHojda\AppData\LocalLow\c36753f5eb40323b64fb5cb12399ddba76e23464ff089e1a711edc95bbed87ab
C:\Users\MilošHojda\AppData\LocalLow\6d2affc5d47f8632839c70ff2e861defc97e3bf88e75d57d010b11e41416e00f
C:\Users\MilošHojda\AppData\LocalLow\f6c9d564d03fa2621a5858a7e45e24568c0b164f1f673f688b3c56faccf925be
CustomCLSID: HKU\S-1-5-21-860714411-3476244459-1309197597-1143_Classes\CLSID\{d1b22d3d-8585-53a6-acb3-0e803c7e8d2a}\localserver32 -> "C:\Users\MilošHojda\AppData\Local\Microsoft\Teams\current\Teams.exe" --toast => No File
FirewallRules: [{E65856E9-B1D3-477B-A8FE-1757EE07CFA2}] => (Allow) C:\Program Files (x86)\AVAST Software\Business Agent\ClientManager.exe => No File
FirewallRules: [{16E980BF-A0BE-47CF-B80C-443EB700D04B}] => (Allow) C:\Program Files (x86)\AVAST Software\Business Agent\ClientManager.exe => No File
FirewallRules: [{6EC38EC0-EA54-44AB-90A6-C95BDA5A4DF8}] => (Allow) C:\ProgramData\AVTECHCMSLite\VMS\AdvAllinOnePlayback.exe => No File
FirewallRules: [TCP Query User{190C4A47-864F-435B-B4A1-D29F0BC11C69}\\agserver22\pohoda\stwph.exe] => (Allow) \\agserver22\pohoda\stwph.exe => No File
FirewallRules: [UDP Query User{37D92B32-7F33-47FC-93AB-0F9FB556181D}\\agserver22\pohoda\stwph.exe] => (Allow) \\agserver22\pohoda\stwph.exe => No File
FirewallRules: [{4D1B0A46-4D05-45AF-B81A-3A50D9D66FF1}] => (Allow) C:\Program Files (x86)\AVAST Software\Business Agent\ClientManager.exe => No File
FirewallRules: [{1E081515-9F86-4628-9F82-F0A3CC3FAC9C}] => (Allow) C:\Program Files (x86)\AVAST Software\Business Agent\ClientManager.exe => No File
regkeyvalue:_hklm\software\policies\microsoft\windows defender\\DisableAntiSpyware
EmptyTemp:
End
*****************
Processes closed successfully.
HKLM\SOFTWARE\Microsoft\Windows Defender\\"DisableAntiSpyware"="0" => value restored successfully
HKLM\SOFTWARE\Microsoft\Windows Defender\\"DisableAntiVirus"="0" => value restored successfully
HKLM\SOFTWARE\Policies\Microsoft\Windows Defender => removed successfully
HKLM\SYSTEM\CurrentControlSet\Control\Terminal Server\\"fDenyTSConnections"="1" => value restored successfully
"C:\WINDOWS\system32\GroupPolicy\Machine" => not found
C:\ProgramData\NTUSER.pol => moved successfully
HKLM\SOFTWARE\Policies\Mozilla => removed successfully
HKLM\SOFTWARE\Policies\Google => removed successfully
HKLM\SOFTWARE\Policies\Microsoft\Edge => removed successfully
"HKLM\Software\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Plain\{077BA067-7C15-40F0-B22E-C9DC2A54B4A2}" => removed successfully
"HKLM\Software\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tasks\{077BA067-7C15-40F0-B22E-C9DC2A54B4A2}" => removed successfully
C:\WINDOWS\System32\Tasks\Microsoft\Windows\Location\Notifications => moved successfully
"HKLM\Software\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tree\Microsoft\Windows\Location\Notifications" => removed successfully
"HKLM\Software\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Plain\{F3E6E7ED-A196-4E44-8803-55FAB3AD4E29}" => removed successfully
"HKLM\Software\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tasks\{F3E6E7ED-A196-4E44-8803-55FAB3AD4E29}" => removed successfully
C:\WINDOWS\System32\Tasks\Microsoft\Windows\UpdateOrchestrator\USO_UxBroker => moved successfully
"HKLM\Software\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tree\Microsoft\Windows\UpdateOrchestrator\USO_UxBroker" => removed successfully
C:\Users\test\AppData\LocalLow\b78ff7347d1c0d40a09319932d9938828a918c29a3380308bad9d977e8102d28 => moved successfully
C:\Users\test\AppData\LocalLow\4f477fb3a2a7b7771df81681449b8ac3db5d5fdce4578baf8eb1d4330697a8c7 => moved successfully
C:\Users\test\AppData\LocalLow\MYh8L5r.ujoGkYIfe => moved successfully
"C:\Users\MilošHojda\Downloads\ujoGkYIfe.README.txt" => not found
C:\Users\MilošHojda\AppData\ujoGkYIfe.README.txt => moved successfully
C:\Users\hojda\ujoGkYIfe.README.txt => moved successfully
C:\Users\dhojda\ujoGkYIfe.README.txt => moved successfully
C:\Users\test\AppData\LocalLow\BBE7izj.ujoGkYIfe => moved successfully
C:\Users\test\AppData\LocalLow\125853172c102d2f5b528cd18dd7b630fdeef1a9b9e21f98d13e0af17ecb2eff.ujoGkYIfe => moved successfully
C:\Users\ujoGkYIfe.README.txt => moved successfully
C:\Users\test\ujoGkYIfe.README.txt => moved successfully
C:\Users\test\Downloads\ujoGkYIfe.README.txt => moved successfully
C:\Users\test\AppData\ujoGkYIfe.README.txt => moved successfully
C:\Users\test\AppData\Roaming\ujoGkYIfe.README.txt => moved successfully
C:\Users\test\AppData\LocalLow\ujoGkYIfe.README.txt => moved successfully
C:\Users\test\AppData\Local\ujoGkYIfe.README.txt => moved successfully
C:\Users\MilošHojda\ujoGkYIfe.README.txt => moved successfully
C:\ujoGkYIfe.README.txt => moved successfully
C:\Users\test\AppData\LocalLow\b6055909ead437b5dcc7db5240ce55e5dbdcdc8ce1d9bd93b70850d0c99c4d7a.ujoGkYIfe => moved successfully
C:\Users\test\AppData\LocalLow\7ea868fd86694840381937df7fbc1ff69ffe96adb2b6ecd7230ab88b6a65b9aa => moved successfully
C:\Users\test\AppData\LocalLow\bac841604a55649dd0f0a0c5446fbbda31caf6d927bd4a777c7f790cdadd54e7.ujoGkYIfe => moved successfully
C:\Users\test\AppData\LocalLow\b78ff7347d1c0d40a09319932d9938828a918c29a3380308bad9d977e8102d28.ujoGkYIfe => moved successfully
C:\Users\test\AppData\LocalLow\4f477fb3a2a7b7771df81681449b8ac3db5d5fdce4578baf8eb1d4330697a8c7.ujoGkYIfe => moved successfully
C:\Users\test\AppData\LocalLow\094f1b8916eccad37f41db6961cf49f92de192ec72174bfd7bcea2401efcb409.ujoGkYIfe => moved successfully
C:\Users\test\AppData\LocalLow\3bd083430f0f165f38ea3461c2aa4c0528a19d1bb1a9da406fae9a491b5c6e98.ujoGkYIfe => moved successfully
C:\Users\test\AppData\LocalLow\f546012b3d63556bc40173b688cc9e9df1c73f85b9b78063000b9797e2238860.ujoGkYIfe => moved successfully
C:\Users\test\AppData\LocalLow\3a590f852a46e89bbe3ad71340c07669250724beae39d8a22fc7ed284da06ab1.ujoGkYIfe => moved successfully
"C:\Users\test\AppData\LocalLow\b78ff7347d1c0d40a09319932d9938828a918c29a3380308bad9d977e8102d28.ujoGkYIfe" => not found
"C:\Users\test\AppData\LocalLow\4f477fb3a2a7b7771df81681449b8ac3db5d5fdce4578baf8eb1d4330697a8c7.ujoGkYIfe" => not found
"C:\Users\test\AppData\LocalLow\094f1b8916eccad37f41db6961cf49f92de192ec72174bfd7bcea2401efcb409.ujoGkYIfe" => not found
"C:\Users\test\AppData\LocalLow\3bd083430f0f165f38ea3461c2aa4c0528a19d1bb1a9da406fae9a491b5c6e98.ujoGkYIfe" => not found
"C:\Users\test\AppData\LocalLow\f546012b3d63556bc40173b688cc9e9df1c73f85b9b78063000b9797e2238860.ujoGkYIfe" => not found
"C:\Users\test\AppData\LocalLow\3a590f852a46e89bbe3ad71340c07669250724beae39d8a22fc7ed284da06ab1.ujoGkYIfe" => not found
C:\Users\MilošHojda\AppData\LocalLow\58541f70ec885d83ebdee75bec159dc8a5d42aaf86b81fc785fc13381ca7d02e => moved successfully
C:\Users\MilošHojda\AppData\LocalLow\71a02a9e9e516e7aff4b3be52bc96e7899fdbcbb74391c3435f2976983a5fbe0 => moved successfully
Could not move "C:\WINDOWS\system32\5E37410B-D6F1-471D-AE27-563CEAC0D6B2" => Scheduled to move on reboot.
C:\DebugTraceAP.log.ujoGkYIfe => moved successfully
C:\dell.sdr.ujoGkYIfe => moved successfully
C:\Users\MilošHojda\AppData\LocalLow\a5f184af9e240087951c9459f358e144a7c806b0c9a06b16dec1f43aa477f539 => moved successfully
C:\Users\MilošHojda\AppData\LocalLow\10c5d7d1ac703d673f2a02f1c2d01e0068df7c08c578133d58942750dad38630 => moved successfully
C:\Users\MilošHojda\AppData\LocalLow\3bd083430f0f165f38ea3461c2aa4c0528a19d1bb1a9da406fae9a491b5c6e98 => moved successfully
C:\Users\MilošHojda\AppData\LocalLow\0436998ae5844b7230d4564912146afb61367e1cc3a47495d833f61fd4e25815 => moved successfully
C:\Users\MilošHojda\AppData\LocalLow\f4dcbcdf52e36e06b58c17b883d1e9b6ca12ba860f64d478fb85ca103fea2a3e => moved successfully
C:\Users\MilošHojda\AppData\LocalLow\c36753f5eb40323b64fb5cb12399ddba76e23464ff089e1a711edc95bbed87ab => moved successfully
C:\Users\MilošHojda\AppData\LocalLow\6d2affc5d47f8632839c70ff2e861defc97e3bf88e75d57d010b11e41416e00f => moved successfully
C:\Users\MilošHojda\AppData\LocalLow\f6c9d564d03fa2621a5858a7e45e24568c0b164f1f673f688b3c56faccf925be => moved successfully
HKU\S-1-5-21-860714411-3476244459-1309197597-1143_Classes\CLSID\{d1b22d3d-8585-53a6-acb3-0e803c7e8d2a} => removed successfully
"HKLM\SYSTEM\CurrentControlSet\services\SharedAccess\Parameters\FirewallPolicy\FirewallRules\\{E65856E9-B1D3-477B-A8FE-1757EE07CFA2}" => removed successfully
"HKLM\SYSTEM\CurrentControlSet\services\SharedAccess\Parameters\FirewallPolicy\FirewallRules\\{16E980BF-A0BE-47CF-B80C-443EB700D04B}" => removed successfully
"HKLM\SYSTEM\CurrentControlSet\services\SharedAccess\Parameters\FirewallPolicy\FirewallRules\\{6EC38EC0-EA54-44AB-90A6-C95BDA5A4DF8}" => removed successfully
"HKLM\SYSTEM\CurrentControlSet\services\SharedAccess\Parameters\FirewallPolicy\FirewallRules\\TCP Query User{190C4A47-864F-435B-B4A1-D29F0BC11C69}\\agserver22\pohoda\stwph.exe" => removed successfully
"HKLM\SYSTEM\CurrentControlSet\services\SharedAccess\Parameters\FirewallPolicy\FirewallRules\\UDP Query User{37D92B32-7F33-47FC-93AB-0F9FB556181D}\\agserver22\pohoda\stwph.exe" => removed successfully
"HKLM\SYSTEM\CurrentControlSet\services\SharedAccess\Parameters\FirewallPolicy\FirewallRules\\{4D1B0A46-4D05-45AF-B81A-3A50D9D66FF1}" => removed successfully
"HKLM\SYSTEM\CurrentControlSet\services\SharedAccess\Parameters\FirewallPolicy\FirewallRules\\{1E081515-9F86-4628-9F82-F0A3CC3FAC9C}" => removed successfully
regkeyvalue:_hklm\software\policies\microsoft\windows defender\\DisableAntiSpyware => Error: No automatic fix found for this entry.
=========== EmptyTemp: ==========
FlushDNS => completed
BITS transfer queue => 0 B
DOMStore, IE Recovery, AppCache, Feeds Cache, Thumbcache, IconCache => 9624217 B
Java, Discord, Steam htmlcache, WinHttpAutoProxySvc/winhttp *.cache => 0 B
Windows/system/drivers => 4568824 B
Edge => 0 B
Chrome => 0 B
Firefox => 0 B
Opera => 0 B
Temp, IE cache, history, cookies, recent:
Default => 0 B
ProgramData => 0 B
Public => 0 B
systemprofile => 0 B
systemprofile32 => 0 B
LocalService => 0 B
NetworkService => 0 B
test => 0 B
dhojda => 0 B
MilošHojda => 3948360 B
RecycleBin => 0 B
EmptyTemp: => 17.3 MB temporary data Removed.
================================
Result of scheduled files to move (Boot Mode: Normal) (Date&Time: 25-11-2025 17:04:16)
C:\WINDOWS\system32\5E37410B-D6F1-471D-AE27-563CEAC0D6B2 => Could not move
==== End of Fixlog 17:04:16 ====
-
Rudy
- Site Admin
- Příspěvky: 119650
- Registrován: 30 říj 2003 13:42
- Bydliště: Plzeň
- Kontaktovat uživatele:
Re: malware ujoGkYIfe
Vše smazáno. Byly tam jen zbytky po ransomware a zbytečnosti, Mělo by to být OK.
Dotazy a logy vkládejte pouze do vašich threadů. Soukromé zprávy, icq a e-maily neslouží k řešení vašich problémů.
Podpořte, prosím, naše fórum : https://platba.viry.cz/payment/.
Navštivte:
e-mail: rudy(zavináč)forum.viry.cz
Varování: Před odvirováním PC si udělejte zálohy svých důležitých dat (pošta, kontakty, dokumenty, fotografie, videa, hudba apod.). Virus mimo svých "viditelných" aktivit může poškodit systém!
Po dořešení vašeho problému bude vlákno zamknuto. Stejně tak tehdy, pokud bude nečinné více než 14dnů. Pokud budete chtít vlákno aktivovat, napište mi na mail uvedený výše.
Podpořte, prosím, naše fórum : https://platba.viry.cz/payment/.
Navštivte:
e-mail: rudy(zavináč)forum.viry.cz
Varování: Před odvirováním PC si udělejte zálohy svých důležitých dat (pošta, kontakty, dokumenty, fotografie, videa, hudba apod.). Virus mimo svých "viditelných" aktivit může poškodit systém!
Po dořešení vašeho problému bude vlákno zamknuto. Stejně tak tehdy, pokud bude nečinné více než 14dnů. Pokud budete chtít vlákno aktivovat, napište mi na mail uvedený výše.
Re: malware ujoGkYIfe
Děkuji za pomoc! Vypadá to OK, jen mi nelze připojit zpátky Outlook přes MS365 a celkově MS365 klient, blikla tu hláška, že nelze spustit centrum zabezpečení - nemůže to být ještě něco s malwarem?
ještě jednou mockrát děkuji
ještě jednou mockrát děkuji
-
Rudy
- Site Admin
- Příspěvky: 119650
- Registrován: 30 říj 2003 13:42
- Bydliště: Plzeň
- Kontaktovat uživatele:
Re: malware ujoGkYIfe
Podle mého ne. Něteré aplikace ale uvádí FRST do defaultu. Zkuste se podívat na nastavení.
Dotazy a logy vkládejte pouze do vašich threadů. Soukromé zprávy, icq a e-maily neslouží k řešení vašich problémů.
Podpořte, prosím, naše fórum : https://platba.viry.cz/payment/.
Navštivte:
e-mail: rudy(zavináč)forum.viry.cz
Varování: Před odvirováním PC si udělejte zálohy svých důležitých dat (pošta, kontakty, dokumenty, fotografie, videa, hudba apod.). Virus mimo svých "viditelných" aktivit může poškodit systém!
Po dořešení vašeho problému bude vlákno zamknuto. Stejně tak tehdy, pokud bude nečinné více než 14dnů. Pokud budete chtít vlákno aktivovat, napište mi na mail uvedený výše.
Podpořte, prosím, naše fórum : https://platba.viry.cz/payment/.
Navštivte:
e-mail: rudy(zavináč)forum.viry.cz
Varování: Před odvirováním PC si udělejte zálohy svých důležitých dat (pošta, kontakty, dokumenty, fotografie, videa, hudba apod.). Virus mimo svých "viditelných" aktivit může poškodit systém!
Po dořešení vašeho problému bude vlákno zamknuto. Stejně tak tehdy, pokud bude nečinné více než 14dnů. Pokud budete chtít vlákno aktivovat, napište mi na mail uvedený výše.
Re: malware ujoGkYIfe
Vše nyní funguje. Moc děkuji za pomoc. Můžete vlákno zavřít.
-
Rudy
- Site Admin
- Příspěvky: 119650
- Registrován: 30 říj 2003 13:42
- Bydliště: Plzeň
- Kontaktovat uživatele:
Re: malware ujoGkYIfe
Rádo se stalo! 
Dotazy a logy vkládejte pouze do vašich threadů. Soukromé zprávy, icq a e-maily neslouží k řešení vašich problémů.
Podpořte, prosím, naše fórum : https://platba.viry.cz/payment/.
Navštivte:
e-mail: rudy(zavináč)forum.viry.cz
Varování: Před odvirováním PC si udělejte zálohy svých důležitých dat (pošta, kontakty, dokumenty, fotografie, videa, hudba apod.). Virus mimo svých "viditelných" aktivit může poškodit systém!
Po dořešení vašeho problému bude vlákno zamknuto. Stejně tak tehdy, pokud bude nečinné více než 14dnů. Pokud budete chtít vlákno aktivovat, napište mi na mail uvedený výše.
Podpořte, prosím, naše fórum : https://platba.viry.cz/payment/.
Navštivte:
e-mail: rudy(zavináč)forum.viry.cz
Varování: Před odvirováním PC si udělejte zálohy svých důležitých dat (pošta, kontakty, dokumenty, fotografie, videa, hudba apod.). Virus mimo svých "viditelných" aktivit může poškodit systém!
Po dořešení vašeho problému bude vlákno zamknuto. Stejně tak tehdy, pokud bude nečinné více než 14dnů. Pokud budete chtít vlákno aktivovat, napište mi na mail uvedený výše.
Přispějete na provoz fóra?