Odvirování PC, zrychlení počítače, vzdálená pomoc prostřednictvím služby neslape.cz

nestandardně se chová myš

Máte problém s virem? Vložte sem log z FRST nebo RSIT.

Moderátor: Moderátoři

Pravidla fóra
Pokud chcete pomoc, vložte log z FRST [návod zde] nebo RSIT [návod zde]

Jednotlivé thready budou po vyřešení uzamčeny. Stejně tak ty, které budou nečinné déle než 14 dní. Vizte Pravidlo o zamykání témat. Děkujeme za pochopení.

!NOVINKA!
Nově lze využívat služby vzdálené pomoci, kdy se k vašemu počítači připojí odborník a bližší informace o problému si od vás získá telefonicky! Více na www.neslape.cz
Odpovědět
Zpráva
Autor
jarda.otta
Návštěvník
Návštěvník
Příspěvky: 538
Registrován: 25 bře 2005 21:21

nestandardně se chová myš

#1 Příspěvek od jarda.otta »

Zdravím. V poslední době se mě chová nestandardně chová myš. Při kliknutí psaní najednou napíše několik stejných písmen i číslic a to samé i smaže několik. Při výběru musím několikrát kliknout pro výběr čehokoliv. Někdy z ničeho nic ujede nastranu. Bylo by možné že je to způsobeno tím, že je souběžně zapnutá i bluetooth myš? Drátovou mám aktivní když sedím u stolu s compem a bluetooth když jsem třeba v křesle na sedačce. Mám propjený com s tv a tak využívám současně obrazovku tv jako pc.
V poslední době mě Avast free bral hodně prostředků a zpomaloval comp. Tak jsem ho odinstaloval a aktivoval defender. Nevím jestli jsem udělal dobře. Po odinstalování Avastu comp svižnější. Mám W 10
Prosím o kontrolu logu. Prozatím děkuji
Scan result of Farbar Recovery Scan Tool (FRST) (x64) Version: 20-11-2025
Ran by hp (administrator) on DESKTOP-V512I58 (HP HP Pavilion Power Desktop 580-0xx) (26-11-2025 17:01:01)
Running from C:\Users\hp\Desktop\FRST64.exe
Loaded Profiles: hp
Platform: Microsoft Windows 10 Pro Version 22H2 19045.6575 (X64) Language: Čeština (Česko)
Default browser: FF
Boot Mode: Normal

==================== Processes (Whitelisted) =================

(If an entry is included in the fixlist, the process will be closed. The file will not be moved.)

(553ADC34-E6D7-49F5-B450-3BCAE6182ACB -> PSExpressBroker) C:\Program Files\WindowsApps\AdobeSystemsIncorporated.AdobePhotoshopExpress_3.22.35.0_x64__ynb6jyjzte8ga\PSExpressBroker.exe
(553ADC34-E6D7-49F5-B450-3BCAE6182ACB -> PSExpressCore) C:\Program Files\WindowsApps\AdobeSystemsIncorporated.AdobePhotoshopExpress_3.22.35.0_x64__ynb6jyjzte8ga\PSExpressCore.exe
(ABBYY Production LLC -> ABBYY Production LLC.) [File not signed] C:\Program Files (x86)\ABBYY FineReader 15\FineReader.exe
(Brio) [File not signed] C:\Program Files\FolderSize\FolderSize.exe
(C:\Program Files (x86)\TechSmith\Snagit 12\Snagit32.exe ->) (TechSmith Corporation -> TechSmith Corporation) C:\Program Files (x86)\TechSmith\Snagit 12\SnagPriv.exe
(C:\Program Files\Google\NearbyShare\nearby_share.exe ->) (Google LLC -> ) C:\Program Files\Google\NearbyShare\crashpad_handler.exe
(C:\Program Files\Microsoft Office\root\Office16\WINWORD.EXE ->) (Microsoft Windows -> Microsoft Corporation) C:\Windows\splwow64.exe
(C:\Program Files\Mozilla Firefox\firefox.exe ->) (Mozilla Corporation -> Mozilla Foundation) C:\Program Files\Mozilla Firefox\crashhelper.exe
(C:\Program Files\NVIDIA Corporation\NvContainer\nvcontainer.exe ->) (NVIDIA Corporation -> NVIDIA Corporation) C:\Program Files\NVIDIA Corporation\NVIDIA App\CEF\NVIDIA Overlay.exe <5>
(C:\Program Files\NVIDIA Corporation\NvContainer\nvcontainer.exe ->) (NVIDIA Corporation -> NVIDIA Corporation) C:\Program Files\NVIDIA Corporation\NVIDIA App\ShadowPlay\nvsphelper64.exe
(C:\Program Files\Realtek\Audio\HDA\RtkAudioService64.exe ->) (Realtek Semiconductor Corp. -> Realtek Semiconductor) C:\Program Files\Realtek\Audio\HDA\RAVBg64.exe <2>
(C:\Program Files\WindowsApps\AdobeSystemsIncorporated.AdobePhotoshopExpress_3.22.35.0_x64__ynb6jyjzte8ga\PSExpressCore.exe ->) (553ADC34-E6D7-49F5-B450-3BCAE6182ACB -> Adobe Inc.) C:\Program Files\WindowsApps\AdobeSystemsIncorporated.AdobePhotoshopExpress_3.22.35.0_x64__ynb6jyjzte8ga\Adobe Crash Processor_low.exe
(C:\Program Files\WindowsApps\Microsoft.YourPhone_1.25072.79.0_x64__8wekyb3d8bbwe\PhoneExperienceHost.exe ->) (Microsoft Corporation -> Microsoft Corporation) C:\Program Files\WindowsApps\Microsoft.YourPhone_1.25072.79.0_x64__8wekyb3d8bbwe\YourPhoneAppProxy.exe
(Crystal Rich Ltd -> ) C:\Program Files (x86)\InternetOff\InternetOff.exe
(Google LLC -> Google) C:\Program Files\Google\NearbyShare\nearby_share.exe
(Microsoft Corporation -> Microsoft Corporation) C:\Program Files\Microsoft Office\root\Office16\WINWORD.EXE
(Microsoft Windows -> Microsoft Corporation) C:\Windows\System32\osk.exe
(Microsoft Windows -> Microsoft Corporation) C:\Windows\WinSxS\amd64_microsoft-windows-servicingstack_31bf3856ad364e35_10.0.19041.6575_none_7e05e59a7c9315d9\TiWorker.exe
(Mozilla Corporation -> Mozilla Corporation) C:\Program Files\Mozilla Firefox\firefox.exe <22>
(MPC-HC Team) [File not signed] C:\Program Files\MPC-HC\mpc-hc64.exe <3>
(services.exe ->) (ABBYY Production LLC -> ABBYY Production LLC) C:\Program Files (x86)\Common Files\ABBYY\FineReader\15\Licensing\NetworkLicenseServer.exe
(services.exe ->) (Apple Inc. -> Apple Inc.) C:\Program Files\Bonjour\mDNSResponder.exe
(services.exe ->) (Brio) [File not signed] C:\Program Files\FolderSize\FolderSizeSvc.exe
(services.exe ->) (Crystal Rich Ltd -> ) C:\Program Files (x86)\InternetOff\IOffSvc.exe
(services.exe ->) (Crystal Rich Ltd -> Crystal Rich Ltd) C:\Program Files (x86)\USB Safely Remove\USBSRService.exe
(services.exe ->) (Google LLC -> Google LLC) C:\Program Files (x86)\Google\Chrome Remote Desktop\143.0.7499.7\remoting_host.exe <2>
(services.exe ->) (HP Development Company, L.P.) [File not signed] C:\Windows\System32\spool\drivers\x64\3\NetFaxServer64.exe
(services.exe ->) (HP Inc. -> HP Inc.) C:\Program Files\HPPrintScanDoctor\HPPrintScanDoctorService.exe
(services.exe ->) (Intel Corporation -> Intel Corporation) C:\Windows\System32\DriverStore\FileRepository\dal.inf_amd64_af50fdb80983f7bc\jhi_service.exe
(services.exe ->) (Intel Corporation -> Intel Corporation) C:\Windows\System32\DriverStore\FileRepository\mewmiprov.inf_amd64_d51901c26227fb29\WMIRegistrationService.exe
(services.exe ->) (Intel Corporation -> Intel Corporation) C:\Windows\System32\DriverStore\FileRepository\piecomponent.inf_amd64_3f588d3320db982f\Intel_PIE_Service.exe
(services.exe ->) (Intel Corporation -> Intel(R) Corporation) C:\Windows\SysWOW64\XtuService.exe
(services.exe ->) (Intel(R) Rapid Storage Technology -> Intel Corporation) C:\Windows\System32\DriverStore\FileRepository\iaahcic.inf_amd64_7ed3bacbb0a8cc67\RstMwService.exe
(services.exe ->) (Intel(R) Wireless Connectivity Solutions -> Intel Corporation) C:\Windows\System32\ibtsiva.exe
(services.exe ->) (Microsoft Corporation -> Microsoft Corporation) C:\Program Files\Common Files\microsoft shared\ClickToRun\OfficeClickToRun.exe
(services.exe ->) (Microsoft Windows Publisher -> Microsoft Corporation) C:\ProgramData\Microsoft\Windows Defender\Platform\4.18.25100.9008-0\MpDefenderCoreService.exe
(services.exe ->) (Microsoft Windows Publisher -> Microsoft Corporation) C:\ProgramData\Microsoft\Windows Defender\Platform\4.18.25100.9008-0\MsMpEng.exe
(services.exe ->) (Microsoft Windows Publisher -> Microsoft Corporation) C:\ProgramData\Microsoft\Windows Defender\Platform\4.18.25100.9008-0\NisSrv.exe
(services.exe ->) (Microsoft Windows Publisher -> Microsoft Corporation) C:\Windows\SysWOW64\svchost.exe <2>
(services.exe ->) (NVIDIA Corporation -> NVIDIA Corporation) C:\Program Files\NVIDIA Corporation\NvContainer\nvcontainer.exe <4>
(services.exe ->) (NVIDIA Corporation -> NVIDIA Corporation) C:\Windows\System32\DriverStore\FileRepository\nvhdc.inf_amd64_28c1ca1ab551c546\Display.NvContainer\NVDisplay.Container.exe <2>
(services.exe ->) (Realtek Semiconductor Corp. -> Realtek Semiconductor) C:\Program Files\Realtek\Audio\HDA\RtkAudioService64.exe
(services.exe ->) (Samsung Electronics CO., LTD. -> ) C:\Windows\SysWOW64\SecUPDUtilSvc.exe
(services.exe ->) (TechSmith Corporation) [File not signed] C:\Program Files (x86)\Common Files\TechSmith Shared\Uploader\UploaderService.exe
(services.exe ->) (voidtools PTY LTD -> voidtools) C:\Program Files\Everything 1.5a\Everything.exe <2>
(svchost.exe ->) (Microsoft Windows -> Microsoft Corporation) C:\Windows\System32\dllhost.exe <3>
(svchost.exe ->) (Microsoft Windows -> Microsoft Corporation) C:\Windows\System32\MoUsoCoreWorker.exe
(svchost.exe ->) (Microsoft Windows -> Microsoft Corporation) C:\Windows\System32\smartscreen.exe
(svchost.exe ->) (Realtek Semiconductor Corp. -> Realtek Semiconductor) C:\Program Files\Realtek\Audio\HDA\RtkNGUI64.exe
(TechSmith Corporation -> TechSmith Corporation) C:\Program Files (x86)\TechSmith\Snagit 12\Snagit32.exe
(TechSmith Corporation -> TechSmith Corporation) C:\Program Files (x86)\TechSmith\Snagit 12\SnagitEditor.exe
(TechSmith Corporation) [File not signed] C:\Program Files (x86)\TechSmith\Snagit 12\TscHelp.exe
(The qBittorrent Project) [File not signed] C:\Program Files\qBittorrent\qbittorrent.exe

==================== Registry (Whitelisted) ===================

(If an entry is included in the fixlist, the registry item will be restored to default or removed. The file will not be moved.)

HKLM\...\Run: [CDAServer] => C:\Program Files\Common Files\Common Desktop Agent\CDASrv.exe [464608 2014-09-08] (Samsung Electronics CO., LTD. -> )
HKLM\...\Run: [Nearby Share] => C:\Program Files\Google\NearbyShare\nearby_share_launcher.exe [2908824 2025-10-31] (Google LLC -> Google)
HKLM-x32\...\Run: [PWRISOVM.EXE] => C:\Program Files\PowerISO\PWRISOVM.EXE [455872 2020-02-09] (Power Software Limited -> Power Software Ltd)
HKLM-x32\...\Run: [HP Software Update] => C:\Program Files (x86)\HP\HP Software Update\HPWuSchd2.exe [96056 2013-05-30] (Hewlett-Packard Company -> Hewlett-Packard)
HKLM\SYSTEM\...\Terminal Server: [fDenyTSConnections] = 0 <==== ATTENTION
HKU\S-1-5-21-4110395000-121095619-2023355872-1001\...\Run: [Folder Size] => C:\Program Files\FolderSize\FolderSize.exe [169472 2013-02-12] (Brio) [File not signed]
HKU\S-1-5-21-4110395000-121095619-2023355872-1001\...\Run: [InternetOff] => C:\Program Files (x86)\InternetOff\InternetOff.exe [3182360 2016-05-25] (Crystal Rich Ltd -> )
HKU\S-1-5-21-4110395000-121095619-2023355872-1001\...\Run: [MicrosoftEdgeAutoLaunch_F072E8F080C5A31FE150A3CA4B35FB6A] => "C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --no-startup-window --win-session-start [4253736 2025-11-20] (Microsoft Corporation -> Microsoft Corporation)
HKU\S-1-5-21-4110395000-121095619-2023355872-1001\...\Run: [Everything 1.5a] => C:\Program Files\Everything 1.5a\Everything.exe [5832360 2025-10-09] (voidtools PTY LTD -> voidtools)
HKU\S-1-5-21-4110395000-121095619-2023355872-1001\...\Policies\Explorer: [DisableFolderTypeAutoDiscovery] 1
HKU\S-1-5-21-4110395000-121095619-2023355872-1001\...\Policies\Explorer: [NolowDiskSpaceChecks] 1
HKU\S-1-5-21-4110395000-121095619-2023355872-1001\...\MountPoints2: {026f5bab-a851-11f0-a177-f49634e5fc94} - "J:\HiSuiteDownLoader.exe"
HKU\S-1-5-18\...\RunOnce: [Application Restart #1] => C:\Windows\System32\osk.exe [674304 2025-06-18] (Microsoft Windows -> Microsoft Corporation)
HKLM\...\Windows x64\Print Processors\hpzppw71: C:\Windows\System32\spool\prtprocs\x64\hpzppw71.dll [230400 2009-07-14] (Microsoft Windows -> Hewlett-Packard Corporation)
HKLM\...\Windows x64\Print Processors\Samsung Network PC Fax Print Processor: C:\Windows\System32\spool\prtprocs\x64\NetFaxProc64.dll [146944 2021-04-14] (HP Development Company, L.P.) [File not signed]
HKLM\...\Windows x64\Print Processors\us015PC: C:\Windows\System32\spool\prtprocs\x64\us015pc.dll [52088 2019-08-26] (Microsoft Windows Hardware Compatibility Publisher -> Windows (R) Codename Longhorn DDK provider)
HKLM\...\Windows x64\Print Processors\us016PC: C:\Windows\System32\spool\prtprocs\x64\us016pc.dll [61736 2022-03-24] (Microsoft Windows Hardware Compatibility Publisher -> Windows (R) Codename Longhorn DDK provider)
HKLM\...\Print\Monitors\LIDIL hpzllw71: C:\WINDOWS\system32\hpzllw71.dll [53248 2009-07-14] (Microsoft Windows -> Hewlett-Packard Corporation)
HKLM\...\Print\Monitors\PDF-XChange5-ABBYY-FR15: C:\WINDOWS\system32\pxc50pmaf15.dll [57328 2018-12-04] (Tracker Software Products (Canada) Ltd. -> Tracker Software Products (Canada) Ltd.)
HKLM\...\Print\Monitors\Samsung Network PC Fax Port: C:\WINDOWS\system32\NetFaxPort64.dll [586240 2021-04-14] (HP Development Company, L.P.) [File not signed]
HKLM\...\Print\Monitors\us015 Langmon: C:\WINDOWS\system32\us015lm.dll [31096 2019-08-26] (Microsoft Windows Hardware Compatibility Publisher -> )
HKLM\...\Print\Monitors\us016 Langmon: C:\WINDOWS\system32\us016lm.dll [40744 2022-03-24] (Microsoft Windows Hardware Compatibility Publisher -> )
HKLM\Software\Microsoft\Active Setup\Installed Components: [{49210152-871f-4ffa-961d-a172abcbc09d}] -> C:\Program Files\Google\Chrome\Application\PlatformExperienceHelper\platform_experience_helper.exe [2025-11-06] (Google LLC -> Google LLC)
HKLM\Software\Microsoft\Active Setup\Installed Components: [{8A69D345-D564-463c-AFF1-A69D9E530F96}] -> C:\Program Files\Google\Chrome\Application\142.0.7444.176\Installer\chrmstp.exe [2025-11-21] (Google LLC -> Google LLC)
HKLM\Software\Microsoft\Active Setup\Installed Components: [{AFE6A462-C574-4B8A-AF43-4CC60DF4563B}] -> C:\Program Files\BraveSoftware\Brave-Browser\Application\142.1.84.141\Installer\chrmstp.exe [2025-11-18] (Brave Software, Inc. -> Brave Software, Inc.)
Startup: C:\Users\hp\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup\hpqtra08.exe [2011-04-29] (Hewlett Packard -> Hewlett-Packard Co.)
Startup: C:\Users\hp\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup\ShutdownTimer.lnk [2023-08-17]
ShortcutTarget: ShutdownTimer.lnk -> C:\Program Files (x86)\ShutdownTimer\ShutdownProc.exe (HP Inc.) [File not signed]
Startup: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Startup\HP Digital Imaging Monitor.lnk [2021-03-14]
ShortcutTarget: HP Digital Imaging Monitor.lnk -> C:\Program Files (x86)\HP\Digital Imaging\bin\hpqtra08.exe (Hewlett Packard -> Hewlett-Packard Co.)
Startup: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Startup\Samsung Network PC Fax.lnk [2025-06-10]
ShortcutTarget: Samsung Network PC Fax.lnk -> C:\Windows\System32\spool\drivers\x64\3\NetFaxTray64.exe (HP Development Company, L.P.) [File not signed]
Startup: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Startup\Snagit 12.lnk [2022-04-09]
ShortcutTarget: Snagit 12.lnk -> C:\Program Files (x86)\TechSmith\Snagit 12\Snagit32.exe (TechSmith Corporation -> TechSmith Corporation)
BootExecute: autocheck autochk /p \??\J:autocheck autochk *
HKLM\SOFTWARE\Policies\Mozilla\Firefox: Restriction <==== ATTENTION
HKU\S-1-5-21-4110395000-121095619-2023355872-1001\SOFTWARE\Policies\Microsoft\Edge: Restriction <==== ATTENTION

==================== Scheduled Tasks (Whitelisted) =================

(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)

Task: {A2525D0E-06D7-4141-9652-C57836F0D0C3} - System32\Tasks\BraveSoftwareUpdateTaskMachineCore{A100E0A8-886C-4DF4-88D0-35A94C19C017} => C:\Program Files (x86)\BraveSoftware\Update\BraveUpdate.exe [167504 2025-07-24] (Brave Software, Inc. -> BraveSoftware Inc.)
Task: {769E1E85-1D10-4847-9BF5-10776C2264FD} - System32\Tasks\BraveSoftwareUpdateTaskMachineUA{1BCE85BE-0891-4377-A9DC-A7320A57E1AC} => C:\Program Files (x86)\BraveSoftware\Update\BraveUpdate.exe [167504 2025-07-24] (Brave Software, Inc. -> BraveSoftware Inc.)
Task: {BEC08388-EB31-472C-8A2C-552501FD5BA0} - System32\Tasks\CCleaner Update => C:\Program Files\CCleaner\CCUpdate.exe (No File)
Task: {26C29A18-01E3-435B-966F-929EFF9D56EB} - System32\Tasks\CreateExplorerShellUnelevatedTask => C:\Windows\explorer.exe [6089624 2025-11-12] (Microsoft Windows -> Microsoft Corporation)
Task: {BC4C8A15-7318-4338-9F37-B83675B30BE8} - System32\Tasks\EOSv3 Scheduler onLogOn => C:\Users\hp\AppData\Local\ESET\ESETOnlineScanner\ESETOnlineScanner.exe [19989464 2022-01-14] (ESET, spol. s r.o. -> ESET)
Task: {3F84779F-E184-4327-8349-5D7D6493FF89} - System32\Tasks\EOSv3 Scheduler onTime => C:\Users\hp\AppData\Local\ESET\ESETOnlineScanner\ESETOnlineScanner.exe [19989464 2022-01-14] (ESET, spol. s r.o. -> ESET)
Task: {0F06F4AB-44D5-47D7-B210-CBF15D63E1FF} - System32\Tasks\Google\Quick Share Relaunch => C:\Program Files\Google\NearbyShare\nearby_share_launcher.exe [2908824 2025-10-31] (Google LLC -> Google)
Task: {B0BA5DEB-D942-4BA0-9A6D-B0D005C151AA} - System32\Tasks\GoogleSystem\GoogleUpdater\GoogleUpdaterTaskSystem143.0.7482.0{241A8211-9403-4DA7-B25E-52B7A363A407} => C:\Program Files (x86)\Google\GoogleUpdater\143.0.7482.0\updater.exe [6933656 2025-10-19] (Google LLC -> Google LLC)
Task: {DAA2AA21-2B75-4FE0-A169-388FE57FE57A} - System32\Tasks\HP\HP Print Scan Doctor\Printer Health Monitor => C:\Program Files\HPPrintScanDoctor\HPPrinterHealthMonitor.exe [91144 2025-08-26] (HP Inc. -> HP Inc.)
Task: {D99C6912-19B1-4C49-B1C9-DFB076259D80} - System32\Tasks\HP\HP Print Scan Doctor\Printer Health Monitor Logon => C:\Program Files\HPPrintScanDoctor\HPPrinterHealthMonitor.exe [91144 2025-08-26] (HP Inc. -> HP Inc.)
Task: {C917F841-5470-4013-ADC2-86C266168304} - System32\Tasks\klcp_update => C:\Program Files (x86)\K-Lite Codec Pack\Tools\CodecTweakTool.exe [2118144 2024-10-05] () [File not signed]
Task: {3EB5A1A4-0457-4391-8D2B-DF73F5D19422} - System32\Tasks\Microsoft\Office\Office Automatic Updates 2.0 => C:\Program Files\Common Files\Microsoft Shared\ClickToRun\OfficeC2RClient.exe [23124336 2021-05-21] (Microsoft Corporation -> Microsoft Corporation)
Task: {5E67FAFD-C1FB-42AD-9AEF-EB45834EBB0A} - System32\Tasks\Microsoft\Office\Office ClickToRun Service Monitor => C:\Program Files\Common Files\Microsoft Shared\ClickToRun\OfficeC2RClient.exe [23124336 2021-05-21] (Microsoft Corporation -> Microsoft Corporation)
Task: {8C60B873-D08F-400F-9825-9A503A19C8FD} - System32\Tasks\Microsoft\Office\Office Feature Updates => C:\Program Files\Microsoft Office\root\Office16\sdxhelper.exe [147288 2021-05-26] (Microsoft Corporation -> Microsoft Corporation)
Task: {B2DA6797-872C-4CEE-935B-CACDA35657D8} - System32\Tasks\Microsoft\Office\Office Feature Updates Logon => C:\Program Files\Microsoft Office\root\Office16\sdxhelper.exe [147288 2021-05-26] (Microsoft Corporation -> Microsoft Corporation)
Task: {B5621BFB-5A7D-433A-A6EB-3045FFB3EA63} - System32\Tasks\Microsoft\Office\OfficeTelemetryAgentFallBack2016 => C:\Program Files\Microsoft Office\root\Office16\msoia.exe [5275568 2021-05-26] (Microsoft Corporation -> Microsoft Corporation)
Task: {A987CBFC-7C9A-4B77-8C6A-D5869DC9E8DA} - System32\Tasks\Microsoft\Office\OfficeTelemetryAgentLogOn2016 => C:\Program Files\Microsoft Office\root\Office16\msoia.exe [5275568 2021-05-26] (Microsoft Corporation -> Microsoft Corporation)
Task: {EE9BB00C-7BFB-422F-986F-A8A435AE43C8} - System32\Tasks\Microsoft\Windows\Windows Defender\Windows Defender Cache Maintenance => C:\ProgramData\Microsoft\Windows Defender\Platform\4.18.25100.9008-0\MpCmdRun.exe [1790656 2025-11-18] (Microsoft Windows Publisher -> Microsoft Corporation)
Task: {7AE1F1D5-7226-48F5-95E0-F5FCABB5B5AA} - System32\Tasks\Microsoft\Windows\Windows Defender\Windows Defender Cleanup => C:\ProgramData\Microsoft\Windows Defender\Platform\4.18.25100.9008-0\MpCmdRun.exe [1790656 2025-11-18] (Microsoft Windows Publisher -> Microsoft Corporation)
Task: {94879C4C-6EF7-4AB4-8A1D-F7EF77330F3A} - System32\Tasks\Microsoft\Windows\Windows Defender\Windows Defender Scheduled Scan => C:\ProgramData\Microsoft\Windows Defender\Platform\4.18.25100.9008-0\MpCmdRun.exe [1790656 2025-11-18] (Microsoft Windows Publisher -> Microsoft Corporation)
Task: {4E586FCC-E853-41F7-BFBA-4DFB91496751} - System32\Tasks\Microsoft\Windows\Windows Defender\Windows Defender Verification => C:\ProgramData\Microsoft\Windows Defender\Platform\4.18.25100.9008-0\MpCmdRun.exe [1790656 2025-11-18] (Microsoft Windows Publisher -> Microsoft Corporation)
Task: {B955661E-A553-41E6-AB9A-18E6B03FCBCE} - System32\Tasks\Mozilla\Firefox Default Browser Agent 308046B0AF4A39CB => C:\Program Files\Mozilla Firefox\default-browser-agent.exe [34944 2025-11-26] (Mozilla Corporation -> Mozilla Foundation)
Task: {0CBD99AF-66BB-4477-9C06-5310A5C076F2} - System32\Tasks\NVIDIA App SelfUpdate_{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8} => C:\Program Files\NVIDIA Corporation\NVIDIA App\CEF\NVIDIA App.exe [3322400 2025-06-13] (NVIDIA Corporation -> NVIDIA Corporation)
Task: {83F8306B-55C3-46BB-883B-6779486C0116} - System32\Tasks\RTKCPL => C:\Program Files\Realtek\Audio\HDA\RtkNGUI64.exe [11102816 2025-06-17] (Realtek Semiconductor Corp. -> Realtek Semiconductor)
Task: {AAC35BD5-0672-4204-974B-3FB585CED1AF} - System32\Tasks\TechSmith Updater => C:\Program Files (x86)\Common Files\TechSmith Shared\Updater\TSCUpdClt.exe [56704 2014-07-31] (TechSmith Corporation -> TechSmith Corporation) -> C:\Program Files (x86)\Common Files\TechSmith Shared\Updater\all

(If an entry is included in the fixlist, the task (.job) file will be moved. The file which is running by the task will not be moved.)

Task: C:\WINDOWS\Tasks\WebReg HP Deskjet F2100 series.job => C:\Program Files (x86)\HP\Digital Imaging\bin\hpqwrg.exe

==================== Internet (Whitelisted) ====================

(If an item is included in the fixlist, if it is a registry item it will be removed or restored to default.)

Hosts: There are more than one entry in Hosts. See Hosts section of Addition.txt
Tcpip\Parameters: [DhcpNameServer] 31.30.90.11 31.30.90.12
Tcpip\..\Interfaces\{3fb4a9ab-3432-45f0-ad4b-3ec89180f33e}: [DhcpNameServer] 31.30.90.11 31.30.90.12
Tcpip\..\Interfaces\{3fb4a9ab-3432-45f0-ad4b-3ec89180f33e}: [DhcpDomain] home

Edge:
=======
Edge DefaultProfile: Default
Edge Profile: C:\Users\hp\AppData\Local\Microsoft\Edge\User Data\Default [2025-10-31]
Edge HomePage: Default -> hxxp://www.seznam.cz/
Edge Extension: (Dokumenty Google offline) - C:\Users\hp\AppData\Local\Microsoft\Edge\User Data\Default\Extensions\ghbmnnjooekpmoecnnnilnnbdlolhkhi [2025-06-01]
Edge Extension: (Edge relevant text changes) - C:\Users\hp\AppData\Local\Microsoft\Edge\User Data\Default\Extensions\jmjflgjpcpepeafmmgdpfkogkghcpiha [2024-01-24]
Edge HKLM\...\Edge\Extension: [bojobppfploabceghnmlahpoonbcbacn]
Edge HKLM-x32\...\Edge\Extension: [bojobppfploabceghnmlahpoonbcbacn]

FireFox:
========
FF DefaultProfile: k904rfea.default
FF ProfilePath: C:\Users\hp\AppData\Roaming\Mozilla\Firefox\Profiles\k904rfea.default [2025-07-24]
FF user.js: detected! => C:\Users\hp\AppData\Roaming\Mozilla\Firefox\Profiles\k904rfea.default\user.js [2025-06-17]
FF Homepage: Mozilla\Firefox\Profiles\k904rfea.default -> about:home
FF NewTab: Mozilla\Firefox\Profiles\k904rfea.default -> about:newtab
FF ProfilePath: C:\Users\hp\AppData\Roaming\Mozilla\Firefox\Profiles\icbt817x.default-release [2025-11-26]
FF user.js: detected! => C:\Users\hp\AppData\Roaming\Mozilla\Firefox\Profiles\icbt817x.default-release\user.js [2025-06-17]
FF DownloadDir: E:\Stažené soubory
FF Homepage: Mozilla\Firefox\Profiles\icbt817x.default-release -> www.seznam.cz
FF NewTab: Mozilla\Firefox\Profiles\icbt817x.default-release -> hxxps://securesearch.org/homepage?hp=2&pId=BT170902&iDate=2022-05-08 07:21:08&iid=1f144dc4-68bd-43e3-949c-532a95b786c7&bName=
FF NetworkProxy: Mozilla\Firefox\Profiles\icbt817x.default-release -> type", 0
FF Session Restore: Mozilla\Firefox\Profiles\icbt817x.default-release -> is enabled.
FF Notifications: Mozilla\Firefox\Profiles\icbt817x.default-release -> hxxps://www.alirecenze.cz; hxxps://cs.xhamsterlive.com; hxxps://tr.aliexpress.com; hxxps://www.instagram.com; hxxps://twitter.com; hxxps://web.skype.com; hxxps://filmstock.wondershare.com; hxxps://best.aliexpress.com; hxxps://web.whatsapp.com; hxxps://www.youtube.com; hxxps://photos.google.com; hxxps://calendar.google.com; hxxps://www.limetorrents.lol; hxxps://mail.google.com; hxxps://stranapro.cz; hxxps://kofyesmbwdhqv7.baseauthenticity.co.in; hxxps://cq2nfbu071bc739alvo0.baseauthenticity.co.in; hxxps://x-minus.pro; hxxps://web.airdroid.com; hxxps://www.lupa.cz; hxxps://r6uwcac7yfwndx.steadychainconnection.co.in; hxxps://d14vatm071bc73dkbtp0.stabilenetwork.co.in; hxxps://pab4yrw9kzwd4g.stabilenetwork.co.in
FF Extension: (SEO Yoast) - C:\Users\hp\AppData\Roaming\Mozilla\Firefox\Profiles\icbt817x.default-release\Extensions\addon@seoyoast.com.xpi [2024-11-06]
FF Extension: (Enhancer for YouTube™) - C:\Users\hp\AppData\Roaming\Mozilla\Firefox\Profiles\icbt817x.default-release\Extensions\enhancerforyoutube@maximerf.addons.mozilla.org.xpi [2024-12-08]
FF Extension: (DeepL: AI překladač a editor textů) - C:\Users\hp\AppData\Roaming\Mozilla\Firefox\Profiles\icbt817x.default-release\Extensions\firefox-extension@deepl.com.xpi [2025-11-25]
FF Extension: (AdBlocker for YouTube™) - C:\Users\hp\AppData\Roaming\Mozilla\Firefox\Profiles\icbt817x.default-release\Extensions\jid1-q4sG8pYhq8KGHs@jetpack.xpi [2025-06-12]
FF Extension: (DuckDuckGo Privacy Essentials) - C:\Users\hp\AppData\Roaming\Mozilla\Firefox\Profiles\icbt817x.default-release\Extensions\jid1-ZAdIEUB7XOzOJw@jetpack.xpi [2025-11-12]
FF Extension: (Lush – Soft) - C:\Users\hp\AppData\Roaming\Mozilla\Firefox\Profiles\icbt817x.default-release\Extensions\lush-soft-colorway@mozilla.org.xpi [2023-03-21]
FF Extension: (Chrome Remote Desktop) - C:\Users\hp\AppData\Roaming\Mozilla\Firefox\Profiles\icbt817x.default-release\Extensions\remotedesktop@google.com.xpi [2024-07-03] [UpdateUrl:hxxps://www.gstatic.com/chromoting/firefox_exte ... pdate.json]
FF Extension: (TinEye Reverse Image Search) - C:\Users\hp\AppData\Roaming\Mozilla\Firefox\Profiles\icbt817x.default-release\Extensions\tineye@ideeinc.com.xpi [2025-03-26]
FF Extension: (uBlock Origin) - C:\Users\hp\AppData\Roaming\Mozilla\Firefox\Profiles\icbt817x.default-release\Extensions\uBlock0@raymondhill.net.xpi [2025-10-26]
FF Extension: (WebP \/ Avif image converter) - C:\Users\hp\AppData\Roaming\Mozilla\Firefox\Profiles\icbt817x.default-release\Extensions\webpconverter@hilberteikelboom.nl.xpi [2024-06-20]
FF Extension: (TWP - Translate Web Pages) - C:\Users\hp\AppData\Roaming\Mozilla\Firefox\Profiles\icbt817x.default-release\Extensions\{036a55b4-5e72-4d05-a06c-cba2dfcc134a}.xpi [2025-03-28]
FF Extension: (Search by Image) - C:\Users\hp\AppData\Roaming\Mozilla\Firefox\Profiles\icbt817x.default-release\Extensions\{2e5ff8c8-32fe-46d0-9fc8-6b8986621f3c}.xpi [2025-10-16]
FF Extension: (Download All Images) - C:\Users\hp\AppData\Roaming\Mozilla\Firefox\Profiles\icbt817x.default-release\Extensions\{32af1358-428a-446d-873e-5f8eb5f2a72e}.xpi [2025-05-30]
FF Extension: (Aliexpress SuperStar česky, Historie cen) - C:\Users\hp\AppData\Roaming\Mozilla\Firefox\Profiles\icbt817x.default-release\Extensions\{49756ccc-44ea-4661-bc1f-2baba64cca2f}.xpi [2025-11-22]
FF Extension: (CSFD Magnets) - C:\Users\hp\AppData\Roaming\Mozilla\Firefox\Profiles\icbt817x.default-release\Extensions\{5dcbc3c3-318a-4f86-9ae4-9bb4de536c7a}.xpi [2025-01-05]
FF Extension: (URL Shortener) - C:\Users\hp\AppData\Roaming\Mozilla\Firefox\Profiles\icbt817x.default-release\Extensions\{61ca75f9-d75a-4c04-9246-03f0e75a7786}.xpi [2025-11-22]
FF Extension: (Fenrir Red Perfection) - C:\Users\hp\AppData\Roaming\Mozilla\Firefox\Profiles\icbt817x.default-release\Extensions\{8f36e4f9-12b6-48d1-ad49-317c0b917478}.xpi [2021-10-14]
FF Extension: (TinyURL) - C:\Users\hp\AppData\Roaming\Mozilla\Firefox\Profiles\icbt817x.default-release\Extensions\{c6d7e675-b8a1-4e3f-9a5c-28a11166b834}.xpi [2024-07-23]
FF Extension: (No Name) - C:\Users\hp\AppData\Roaming\Mozilla\Firefox\Profiles\icbt817x.default-release\Extensions\{d10d0bf8-f5b5-c8b4-a8b2-2b9879e08c5d}.xpi [2025-11-24]
FF Extension: (Green Parallel Space World) - C:\Users\hp\AppData\Roaming\Mozilla\Firefox\Profiles\icbt817x.default-release\Extensions\{d2bb4a2d-2bee-4fae-9f9c-7cab0d64ce13}.xpi [2021-07-12]
FF Extension: (Web Apps by 123apps) - C:\Users\hp\AppData\Roaming\Mozilla\Firefox\Profiles\icbt817x.default-release\Extensions\{e662576a-2f73-4069-bcca-ddf440fea62b}.xpi [2023-02-22]
FF Extension: (Seznam Doplněk – Email) - C:\Users\hp\AppData\Roaming\Mozilla\Firefox\Profiles\icbt817x.default-release\Extensions\{ea614400-e918-4741-9a97-7a972ff7c30b}.xpi [2025-02-11]
FF Extension: (Aliexpress SuperStar česky, Historie cen) - C:\Users\hp\AppData\Roaming\Mozilla\Firefox\Profiles\icbt817x.default-release\Extensions\{ee0c7fbe-ee67-40b9-a6b5-21ec240ca8ae}.xpi [2025-10-22]
FF Plugin: @microsoft.com/SharePoint,version=14.0 -> C:\Program Files\Microsoft Office\root\Office16\NPSPWRAP.DLL [2021-05-26] (Microsoft Corporation -> Microsoft Corporation)
FF Plugin: @videolan.org/vlc,version=3.0.12 -> C:\Program Files\VideoLAN\VLC\npvlc.dll [2024-06-08] (VideoLAN -> VideoLAN)
FF Plugin: @videolan.org/vlc,version=3.0.17.4 -> C:\Program Files\VideoLAN\VLC\npvlc.dll [2024-06-08] (VideoLAN -> VideoLAN)
FF Plugin: @videolan.org/vlc,version=3.0.18 -> C:\Program Files\VideoLAN\VLC\npvlc.dll [2024-06-08] (VideoLAN -> VideoLAN)
FF Plugin: @videolan.org/vlc,version=3.0.20 -> C:\Program Files\VideoLAN\VLC\npvlc.dll [2024-06-08] (VideoLAN -> VideoLAN)
FF Plugin: @videolan.org/vlc,version=3.0.21 -> C:\Program Files\VideoLAN\VLC\npvlc.dll [2024-06-08] (VideoLAN -> VideoLAN)
FF Plugin-x32: @microsoft.com/Lync,version=15.0 -> C:\Program Files\Microsoft Office\root\VFS\ProgramFilesX86\Mozilla Firefox\plugins\npmeetingjoinpluginoc.dll [2021-05-26] (Microsoft Corporation -> Microsoft Corporation)
FF Plugin-x32: @microsoft.com/SharePoint,version=14.0 -> C:\Program Files\Microsoft Office\root\VFS\ProgramFilesX86\Microsoft Office\Office16\NPSPWRAP.DLL [2021-05-26] (Microsoft Corporation -> Microsoft Corporation)

Chrome:
=======
CHR DefaultProfile: Default
CHR Profile: C:\Users\hp\AppData\Local\Google\Chrome\User Data\Default [2025-11-24]
CHR DownloadDir: E:\Stažené soubory
CHR Notifications: Default -> hxxps://web.whatsapp.com; hxxps://www.ceskyali.cz; hxxps://www.facebook.com
CHR HomePage: Default -> hxxp://www.seznam.cz/
CHR StartupUrls: Default -> "hxxp://www.seznam.cz/"
CHR Extension: (Zkrácení adresy URL pro Google Chrome ™) - C:\Users\hp\AppData\Local\Google\Chrome\User Data\Default\Extensions\aacgdipdhmilcpcpbdcloifondogabco [2024-07-23]
CHR Extension: (Torrent Scanner) - C:\Users\hp\AppData\Local\Google\Chrome\User Data\Default\Extensions\aegnopegbbhjeeiganiajffnalhlkkjb [2024-01-16]
CHR Extension: (uBlock Origin Lite) - C:\Users\hp\AppData\Local\Google\Chrome\User Data\Default\Extensions\ddkjiahejlhfcafbddmgiahcphecmpfh [2025-11-14]
CHR Extension: (Filmtoro - kde je film online) - C:\Users\hp\AppData\Local\Google\Chrome\User Data\Default\Extensions\elpopnockfmdhlkillehaopbnbodnkcd [2023-05-17]
CHR Extension: (Aliexpress SuperStar česky, Historie cen) - C:\Users\hp\AppData\Local\Google\Chrome\User Data\Default\Extensions\eodaonbgmhniagpgfepdflgjhmmkbnfi [2025-10-27]
CHR Extension: (Dokumenty Google offline) - C:\Users\hp\AppData\Local\Google\Chrome\User Data\Default\Extensions\ghbmnnjooekpmoecnnnilnnbdlolhkhi [2025-10-27]
CHR Extension: (Malwarebytes Browser Guard) - C:\Users\hp\AppData\Local\Google\Chrome\User Data\Default\Extensions\ihcjicgdanjaechkgeegckofjjedodee [2025-11-18]
CHR Extension: (Chrome Remote Desktop) - C:\Users\hp\AppData\Local\Google\Chrome\User Data\Default\Extensions\inomeogfingihgjfjlpeplalcfajhgai [2024-06-18]
CHR Extension: (Převod řeči na text) - C:\Users\hp\AppData\Local\Google\Chrome\User Data\Default\Extensions\jdcdafhjjjfnkoeilnjmnadadaoehgdc [2023-07-01]
CHR Extension: (Temu image search) - C:\Users\hp\AppData\Local\Google\Chrome\User Data\Default\Extensions\kmhjedddeligclkfcfbghcgngkhokdee [2025-11-09]
CHR Extension: (Video Downloader PLUS) - C:\Users\hp\AppData\Local\Google\Chrome\User Data\Default\Extensions\njgehaondchbmjmajphnhlojfnbfokng [2024-08-02]
CHR Extension: (Platby Internetového obchodu Chrome) - C:\Users\hp\AppData\Local\Google\Chrome\User Data\Default\Extensions\nmmhkkegccagdldgiimedpiccmgmieda [2022-10-24]
CHR Extension: (Transkriptor Transcribe Audio to Text) - C:\Users\hp\AppData\Local\Google\Chrome\User Data\Default\Extensions\pbajmiiebklfjhkeahpgjdlgclelihjh [2025-08-11]
CHR Profile: C:\Users\hp\AppData\Local\Google\Chrome\User Data\Guest Profile [2025-06-17]
CHR Profile: C:\Users\hp\AppData\Local\Google\Chrome\User Data\System Profile [2023-12-11]
CHR HKLM\...\Chrome\Extension: [ihcjicgdanjaechkgeegckofjjedodee]
CHR HKLM-x32\...\Chrome\Extension: [aegnopegbbhjeeiganiajffnalhlkkjb]
CHR HKLM-x32\...\Chrome\Extension: [ihcjicgdanjaechkgeegckofjjedodee]

Opera:
=======
OPR DefaultProfile: Default

Brave:
=======
BRA DefaultProfile: Default
BRA Profile: C:\Users\hp\AppData\Local\BraveSoftware\Brave-Browser\User Data\Default [2025-11-11]
BRA Extension: (Malwarebytes Browser Guard) - C:\Users\hp\AppData\Local\BraveSoftware\Brave-Browser\User Data\Default\Extensions\ihcjicgdanjaechkgeegckofjjedodee [2025-10-28]
BRA Profile: C:\Users\hp\AppData\Local\BraveSoftware\Brave-Browser\User Data\Profile 1 [2025-07-24]
BRA Extension: (Malwarebytes Browser Guard) - C:\Users\hp\AppData\Local\BraveSoftware\Brave-Browser\User Data\Profile 1\Extensions\ihcjicgdanjaechkgeegckofjjedodee [2025-07-24]
BRA Profile: C:\Users\hp\AppData\Local\BraveSoftware\Brave-Browser\User Data\Profile 2 [2025-07-24]
BRA Extension: (Malwarebytes Browser Guard) - C:\Users\hp\AppData\Local\BraveSoftware\Brave-Browser\User Data\Profile 2\Extensions\ihcjicgdanjaechkgeegckofjjedodee [2025-07-24]
BRA Extension: (Brave Ad Block Updater (Brave First Party Adblock Filters (plaintext))) - C:\Users\hp\AppData\Local\BraveSoftware\Brave-Browser\User Data\adcocjohghhfpidemphmcmlmhnfgikei [2025-10-28]
BRA Extension: (Brave Local Data Files Updater) - C:\Users\hp\AppData\Local\BraveSoftware\Brave-Browser\User Data\afalakplffnnnlkncjhbmahjfjhmlkal [2025-11-11]
BRA Extension: (Brave NTP background images) - C:\Users\hp\AppData\Local\BraveSoftware\Brave-Browser\User Data\aoojcmojmmcbpfgoecoadbdpnagfchel [2025-11-11]
BRA Extension: (Brave Ad Block Updater (Fanboy's Mobile Notifications (plaintext))) - C:\Users\hp\AppData\Local\BraveSoftware\Brave-Browser\User Data\bfpgedeaaibpoidldhjcknekahbikncb [2025-11-11]
BRA Extension: (Brave Ad Block Updater (EasyList Cookie (plaintext))) - C:\Users\hp\AppData\Local\BraveSoftware\Brave-Browser\User Data\cdbbhgbmjhfnhnmgeddbliobbofkgdhe [2025-11-11]
BRA Extension: (Brave NTP sponsored images) - C:\Users\hp\AppData\Local\BraveSoftware\Brave-Browser\User Data\efkihffiamafhbhefjaljejgdpkelpal [2025-11-11]
BRA Extension: (Brave Ad Block Updater (Regional Catalog)) - C:\Users\hp\AppData\Local\BraveSoftware\Brave-Browser\User Data\gkboaolpopklhgplhaaiboijnklogmbc [2025-11-11]
BRA Extension: (Brave Ads Resources) - C:\Users\hp\AppData\Local\BraveSoftware\Brave-Browser\User Data\iejekkikpddbbockoldagmfcdbffomfc [2025-07-24]
BRA Extension: (Brave Ad Block Updater (Brave Default Adblock Filters (plaintext))) - C:\Users\hp\AppData\Local\BraveSoftware\Brave-Browser\User Data\iodkpdagapdfkphljnddpjlldadblomo [2025-11-11]
BRA Extension: (Brave Ad Block Updater (Brave Default Privacy Filters (plaintext))) - C:\Users\hp\AppData\Local\BraveSoftware\Brave-Browser\User Data\kihnoaefogbkmblfimmibknnmkllbhlf [2025-11-11]
BRA Extension: (Brave Ad Block Updater (Resources)) - C:\Users\hp\AppData\Local\BraveSoftware\Brave-Browser\User Data\mfddibmblmbccpadfndgakiopmmhebop [2025-11-11]
BRA Extension: (Brave User Agent) - C:\Users\hp\AppData\Local\BraveSoftware\Brave-Browser\User Data\nlpaeekllejnmhoonlpcefpfnpbajbpe [2025-11-11]
BRA Extension: (Brave Ad Block Updater (EasyList Czech and Slovak (plaintext))) - C:\Users\hp\AppData\Local\BraveSoftware\Brave-Browser\User Data\oegebjahecghlckbhkmojgnpcgdeajdi [2025-07-24]
BRA Extension: (P3A Configuration) - C:\Users\hp\AppData\Local\BraveSoftware\Brave-Browser\User Data\P3AConfig [2025-08-12]

==================== Services (Whitelisted) ===================

(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)

R2 ABBYY.Licensing.FineReader.15.0; C:\Program Files (x86)\Common Files\ABBYY\FineReader\15\Licensing\NetworkLicenseServer.exe [1058032 2019-07-29] (ABBYY Production LLC -> ABBYY Production LLC)
S2 brave; C:\Program Files (x86)\BraveSoftware\Update\BraveUpdate.exe [167504 2025-07-24] (Brave Software, Inc. -> BraveSoftware Inc.)
S3 BraveElevationService; C:\Program Files\BraveSoftware\Brave-Browser\Application\142.1.84.141\elevation_service.exe [3255376 2025-11-18] (Brave Software, Inc. -> Brave Software, Inc.)
S3 bravem; C:\Program Files (x86)\BraveSoftware\Update\BraveUpdate.exe [167504 2025-07-24] (Brave Software, Inc. -> BraveSoftware Inc.)
S3 brlapi; C:\WINDOWS\brltty\bin\brltty.exe [847886 2025-06-18] (Microsoft Windows -> )
R2 chromoting; C:\Program Files (x86)\Google\Chrome Remote Desktop\143.0.7499.7\remoting_host.exe [74392 2025-10-31] (Google LLC -> Google LLC)
R2 ClickToRunSvc; C:\Program Files\Common Files\Microsoft Shared\ClickToRun\OfficeClickToRun.exe [11279752 2021-05-21] (Microsoft Corporation -> Microsoft Corporation)
R2 Everything (1.5a); C:\Program Files\Everything 1.5a\Everything.exe [5832360 2025-10-09] (voidtools PTY LTD -> voidtools)
R2 FolderSize; C:\Program Files\FolderSize\FolderSizeSvc.exe [163840 2013-02-12] (Brio) [File not signed]
R2 HPPrintScanDoctorService; C:\Program Files\HPPrintScanDoctor\HPPrintScanDoctorService.exe [243720 2025-08-26] (HP Inc. -> HP Inc.)
R2 InternetOffService; C:\Program Files (x86)\InternetOff\IOffSvc.exe [1634072 2016-05-25] (Crystal Rich Ltd -> )
R2 MDCoreSvc; C:\ProgramData\Microsoft\Windows Defender\Platform\4.18.25100.9008-0\MpDefenderCoreService.exe [2026184 2025-11-18] (Microsoft Windows Publisher -> Microsoft Corporation)
R2 Net Driver HPZ12; C:\Windows\System32\HPZinw12.dll [71680 2010-08-06] (Hewlett-Packard) [File not signed]
R2 NVDisplay.ContainerLocalSystem; C:\WINDOWS\System32\DriverStore\FileRepository\nvhdc.inf_amd64_28c1ca1ab551c546\Display.NvContainer\NVDisplay.Container.exe [1275624 2025-11-03] (NVIDIA Corporation -> NVIDIA Corporation)
R2 Pml Driver HPZ12; C:\Windows\System32\HPZipm12.dll [89600 2010-08-06] (Hewlett-Packard) [File not signed]
R2 Samsung Network Fax Server; C:\WINDOWS\system32\spool\drivers\x64\3\NetFaxServer64.exe [700928 2021-04-14] (HP Development Company, L.P.) [File not signed]
R2 SamsungUPDUtilSvc; C:\WINDOWS\SysWOW64\SecUPDUtilSvc.exe [143664 2022-02-19] (Samsung Electronics CO., LTD. -> )
S3 Sense; C:\Program Files\Windows Defender Advanced Threat Protection\MsSense.exe [803080 2025-11-12] (Microsoft Windows Publisher -> Microsoft Corporation)
R2 TechSmith Uploader Service; C:\Program Files (x86)\Common Files\TechSmith Shared\Uploader\UploaderService.exe [3408384 2015-01-26] (TechSmith Corporation) [File not signed]
R2 USBSafelyRemoveService; C:\Program Files (x86)\USB Safely Remove\USBSRService.exe [1416848 2025-05-06] (Crystal Rich Ltd -> Crystal Rich Ltd)
R3 WdNisSvc; C:\ProgramData\Microsoft\Windows Defender\Platform\4.18.25100.9008-0\NisSrv.exe [4414480 2025-11-18] (Microsoft Windows Publisher -> Microsoft Corporation)
R2 WinDefend; C:\ProgramData\Microsoft\Windows Defender\Platform\4.18.25100.9008-0\MsMpEng.exe [282440 2025-11-18] (Microsoft Windows Publisher -> Microsoft Corporation)

===================== Drivers (Whitelisted) ===================

(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)

S3 AppleKmdfFilter; C:\WINDOWS\System32\drivers\AppleKmdfFilter.sys [20032 2020-10-09] (WDKTestCert build,132303256403278908 -> Apple Inc.)
S3 AppleLowerFilter; C:\WINDOWS\System32\drivers\AppleLowerFilter.sys [35976 2020-10-09] (WDKTestCert build,132303256403278908 -> Apple Inc.)
R3 AX88179A; C:\WINDOWS\System32\DriverStore\FileRepository\axusbeth.inf_amd64_7737caa225c4a27f\AxUsbEth.sys [163784 2024-06-11] (WDKTestCert AndyChen,132652806163117881 -> ASIX Electronics Corp.)
S3 btathprot; C:\WINDOWS\system32\DRIVERS\btathprot.sys [637088 2011-02-28] (Atheros Communications Inc. -> Atheros)
S3 btathUSB; C:\WINDOWS\system32\DRIVERS\btathusb.sys [93856 2011-02-28] (Atheros Communications Inc. -> Atheros)
S3 dg_ssudbus; C:\WINDOWS\system32\DRIVERS\ssudbus2.sys [167440 2022-09-30] (Samsung Electronics CO., LTD. -> Samsung Electronics Co., Ltd.)
R0 FlashBoot; C:\WINDOWS\System32\drivers\FlashBoot.sys [17616 2014-04-02] (Challenger Backup Solutions, LLC -> Challenger Backup Solutions, LLC)
S3 GeneStor; C:\WINDOWS\System32\drivers\GeneStor.sys [200064 2017-12-24] (Genesys Logic, Inc. -> Genesys Logic)
R3 IntelReadyModeDriver; C:\WINDOWS\System32\drivers\IntelReadyModeDriver.sys [34952 2016-03-28] (Intel(R) RMT -> Intel Corporation)
R3 KslD; C:\WINDOWS\System32\drivers\wd\KslD.sys [333192 2025-11-18] (Microsoft Windows -> Microsoft Corporation)
R2 mbamchameleon; C:\WINDOWS\System32\Drivers\MbamChameleon.sys [234072 2025-06-16] (Microsoft Windows Hardware Compatibility Publisher -> Malwarebytes)
S0 MbamElam; C:\WINDOWS\System32\DRIVERS\MbamElam.sys [22120 2025-03-07] (Microsoft Windows Early Launch Anti-malware Publisher -> Malwarebytes)
S3 MBAMSwissArmy; C:\WINDOWS\System32\Drivers\mbamswissarmy.sys [242752 2025-06-08] (Microsoft Windows Hardware Compatibility Publisher -> Malwarebytes)
S3 MDA_NTDRV; C:\WINDOWS\system32\MDA_NTDRV.sys [43664 2024-01-30] (Chongqing NIUBI Technology Co., Ltd. -> )
R1 MEmuDrv; C:\WINDOWS\system32\DRIVERS\MEmuDrv.sys [320360 2021-01-04] (Shanghai Microvirt Software Technology Co., Ltd. -> Maiwei Corporation)
R3 MonitorFunction; C:\WINDOWS\System32\drivers\lockscr.sys [24560 2019-01-21] (Remote Utilities LLC -> )
R0 pwdrvio; C:\WINDOWS\System32\pwdrvio.sys [37336 2021-03-09] (MiniTool Solution Ltd -> )
S3 pwdspio; C:\WINDOWS\system32\pwdspio.sys [12504 2019-11-08] (MiniTool Solution Ltd -> )
S3 Revoflt; C:\WINDOWS\System32\DRIVERS\revoflt.sys [38400 2021-11-17] (Microsoft Windows Hardware Compatibility Publisher -> VS Revo Group)
R2 SSPORT; C:\WINDOWS\system32\Drivers\SSPORT.sys [14224 2021-04-01] (Microsoft Windows Hardware Compatibility Publisher -> HP Inc)
S3 ssudmdm; C:\WINDOWS\system32\DRIVERS\ssudmdm.sys [174112 2022-09-30] (Samsung Electronics CO., LTD. -> Samsung Electronics Co., Ltd.)
S3 tap0901; C:\WINDOWS\System32\drivers\tap0901.sys [40664 2013-08-22] (OpenVPN Technologies, Inc. -> The OpenVPN Project)
S3 trufos; C:\WINDOWS\System32\drivers\trufos.sys [641736 2023-07-10] (Bitdefender SRL -> Bitdefender)
R1 vbdenum; C:\WINDOWS\System32\drivers\vbdenum.sys [119432 2020-04-14] (Citrix Systems, Inc. -> Citrix Systems, Inc.)
S0 WdBoot; C:\WINDOWS\System32\drivers\wd\WdBoot.sys [20904 2025-11-18] (Microsoft Windows Early Launch Anti-malware Publisher -> Microsoft Corporation)
R0 WdFilter; C:\WINDOWS\System32\drivers\wd\WdFilter.sys [629168 2025-11-18] (Microsoft Windows -> Microsoft Corporation)
R3 WdNisDrv; C:\WINDOWS\System32\drivers\wd\WdNisDrv.sys [102792 2025-11-18] (Microsoft Windows -> Microsoft Corporation)
R3 whfltr2k; C:\WINDOWS\System32\drivers\whfltr2k.sys [10368 2009-09-16] (Microsoft Windows Hardware Compatibility Publisher -> )
R2 WiseFs; C:\WINDOWS\WiseFs64.sys [48152 2023-04-10] (Microsoft Windows Hardware Compatibility Publisher -> WiseCleaner.com)

==================== NetSvcs (Whitelisted) ===================

(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)


==================== One month (created) (Whitelisted) =========

(If an entry is included in the fixlist, the file/folder will be moved.)

2025-11-26 17:01 - 2025-11-26 17:02 - 000042486 _____ C:\Users\hp\Desktop\FRST.txt
2025-11-26 17:00 - 2025-11-26 17:00 - 002444288 _____ (Farbar) C:\Users\hp\Desktop\FRST64.exe
2025-11-26 17:00 - 2025-11-26 17:00 - 000000000 ____D C:\Users\hp\Desktop\FRST-OlderVersion
2025-11-26 15:59 - 2025-11-26 15:59 - 000000000 ____D C:\Program Files (x86)\trend micro
2025-11-18 14:21 - 2025-11-18 14:21 - 000000000 ____D C:\Users\hp\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Python 3.14
2025-11-17 00:51 - 2025-11-17 00:51 - 000001703 _____ C:\Users\Public\Desktop\MPC-HC x64.lnk
2025-11-17 00:11 - 2025-11-03 05:00 - 002402704 _____ C:\WINDOWS\system32\vulkaninfo-1-999-0-0-0.exe
2025-11-17 00:11 - 2025-11-03 05:00 - 002402704 _____ C:\WINDOWS\system32\vulkaninfo.exe
2025-11-17 00:11 - 2025-11-03 05:00 - 001908104 _____ C:\WINDOWS\SysWOW64\vulkaninfo-1-999-0-0-0.exe
2025-11-17 00:11 - 2025-11-03 05:00 - 001908104 _____ C:\WINDOWS\SysWOW64\vulkaninfo.exe
2025-11-17 00:11 - 2025-11-03 05:00 - 001581968 _____ C:\WINDOWS\system32\vulkan-1-999-0-0-0.dll
2025-11-17 00:11 - 2025-11-03 05:00 - 001581968 _____ C:\WINDOWS\system32\vulkan-1.dll
2025-11-17 00:11 - 2025-11-03 05:00 - 001395600 _____ C:\WINDOWS\SysWOW64\vulkan-1-999-0-0-0.dll
2025-11-17 00:11 - 2025-11-03 05:00 - 001395600 _____ C:\WINDOWS\SysWOW64\vulkan-1.dll
2025-11-17 00:11 - 2025-11-03 05:00 - 000478440 _____ (Khronos Group) C:\WINDOWS\system32\OpenCL.dll
2025-11-17 00:11 - 2025-11-03 05:00 - 000375016 _____ (Khronos Group) C:\WINDOWS\SysWOW64\OpenCL.dll
2025-11-17 00:11 - 2025-11-03 04:56 - 110559464 _____ (NVIDIA Corporation) C:\WINDOWS\system32\Drivers\nvlddmkm.sys
2025-11-17 00:11 - 2025-11-03 04:56 - 026354920 _____ C:\WINDOWS\system32\nvidia-pcc.exe
2025-11-17 00:11 - 2025-11-03 04:56 - 001599720 _____ (NVIDIA Corporation) C:\WINDOWS\system32\nvidia-smi.exe
2025-11-17 00:11 - 2025-11-03 04:56 - 001572584 _____ (NVIDIA Corporation) C:\WINDOWS\system32\NvIFR64.dll
2025-11-17 00:11 - 2025-11-03 04:56 - 001322216 _____ (NVIDIA Corporation) C:\WINDOWS\system32\nvml.dll
2025-11-17 00:11 - 2025-11-03 04:56 - 001223400 _____ (NVIDIA Corporation) C:\WINDOWS\SysWOW64\NvIFR.dll
2025-11-17 00:11 - 2025-11-03 04:56 - 000675048 _____ (NVIDIA Corporation) C:\WINDOWS\system32\nvofapi64.dll
2025-11-17 00:11 - 2025-11-03 04:56 - 000509160 _____ (NVIDIA Corporation) C:\WINDOWS\SysWOW64\nvofapi.dll
2025-11-17 00:11 - 2025-11-03 04:56 - 000135888 _____ (NVIDIA Corporation) C:\WINDOWS\system32\Drivers\nvhda64v.sys
2025-11-17 00:11 - 2025-11-03 04:55 - 024676584 _____ (NVIDIA Corporation) C:\WINDOWS\system32\nvcuvid.dll
2025-11-17 00:11 - 2025-11-03 04:55 - 021714152 _____ (NVIDIA Corporation) C:\WINDOWS\SysWOW64\nvcuvid.dll
2025-11-17 00:11 - 2025-11-03 04:55 - 007683304 _____ (NVIDIA Corporation) C:\WINDOWS\SysWOW64\nvcuda.dll
2025-11-17 00:11 - 2025-11-03 04:55 - 004175080 _____ (NVIDIA Corporation) C:\WINDOWS\system32\nvcuda.dll
2025-11-17 00:11 - 2025-11-03 04:55 - 002317544 _____ (NVIDIA Corporation) C:\WINDOWS\system32\NvFBC64.dll
2025-11-17 00:11 - 2025-11-03 04:55 - 001715944 _____ (NVIDIA Corporation) C:\WINDOWS\SysWOW64\NvFBC.dll
2025-11-17 00:11 - 2025-11-03 04:55 - 001057512 _____ (NVIDIA Corporation) C:\WINDOWS\system32\nvEncodeAPI64.dll
2025-11-17 00:11 - 2025-11-03 04:55 - 000813288 _____ (NVIDIA Corporation) C:\WINDOWS\SysWOW64\nvEncodeAPI.dll
2025-11-17 00:11 - 2025-11-03 04:55 - 000468712 _____ (NVIDIA Corporation) C:\WINDOWS\system32\nvdebugdump.exe
2025-11-17 00:11 - 2025-11-03 04:54 - 005918952 _____ (NVIDIA Corporation) C:\WINDOWS\system32\nvcpl.dll
2025-11-17 00:11 - 2025-11-03 04:54 - 005469928 _____ (NVIDIA Corporation) C:\WINDOWS\system32\nvcudadebugger.dll
2025-11-17 00:11 - 2025-11-03 04:54 - 000853736 _____ (NVIDIA Corporation) C:\WINDOWS\system32\MCU.exe
2025-11-17 00:11 - 2025-11-03 04:53 - 005625560 _____ (NVIDIA Corporation) C:\WINDOWS\system32\nvapi64.dll
2025-11-17 00:11 - 2025-11-03 04:53 - 004924160 _____ (NVIDIA Corporation) C:\WINDOWS\SysWOW64\nvapi.dll
2025-11-17 00:11 - 2025-11-03 04:09 - 000148966 _____ C:\WINDOWS\system32\nvinfo.pb
2025-11-14 11:10 - 2025-11-14 11:10 - 000002761 _____ C:\Users\hp\Desktop\Správce hesel Google.lnk
2025-11-13 19:18 - 2025-11-13 19:18 - 000000000 ____D C:\WINDOWS\system32\appmgmt
2025-11-04 01:35 - 2025-11-04 01:35 - 000001143 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Quick Share.lnk
2025-11-02 15:12 - 2025-11-02 15:12 - 000000000 ____D C:\Users\hp\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Webová aplikace Firefoxu
2025-10-28 10:54 - 2025-10-28 10:54 - 002932940 _____ C:\Users\hp\Downloads\VID-20251028-WA0008.mp4
2025-10-28 10:52 - 2025-10-28 10:52 - 039641329 _____ C:\Users\hp\Downloads\VID_20251028_094008_100751.mp4
2025-10-28 09:42 - 2025-10-28 09:46 - 039641329 _____ C:\Users\hp\Downloads\VID_20251028_094008.mp4
2025-10-27 00:46 - 2025-11-18 18:16 - 000000000 ____D C:\Users\hp\MATTING
2025-10-27 00:43 - 2025-10-27 00:45 - 000000000 ____D C:\ProgramData\Aiarty
2025-10-27 00:42 - 2025-11-18 18:20 - 000000000 ____D C:\Program Files (x86)\Aiarty

==================== One month (modified) ==================

(If an entry is included in the fixlist, the file/folder will be moved.)

2025-11-26 17:01 - 2023-08-27 09:44 - 000000000 ____D C:\FRST
2025-11-26 17:01 - 2022-10-17 20:10 - 000000000 ____D C:\Users\hp\AppData\Roaming\qBittorrent
2025-11-26 17:01 - 2022-01-16 00:22 - 000000000 ____D C:\ProgramData\Wondershare Filmora
2025-11-26 17:00 - 2024-03-17 21:35 - 000000000 ____D C:\Users\hp\AppData\Roaming\Everything
2025-11-26 16:51 - 2019-12-07 10:14 - 000000000 ____D C:\ProgramData\regid.1991-06.com.microsoft
2025-11-26 16:16 - 2023-12-04 03:52 - 000000000 ____D C:\WINDOWS\SystemTemp
2025-11-26 16:05 - 2021-01-14 11:57 - 000000000 ___SD C:\Users\hp\AppData\Roaming\Microsoft\Credentials
2025-11-26 14:36 - 2023-07-01 10:42 - 000000000 ____D C:\Users\hp\AppData\Roaming\audacity
2025-11-26 14:33 - 2021-01-17 10:08 - 000000000 ____D C:\Users\hp\AppData\Local\D3DSCache
2025-11-26 14:30 - 2021-03-15 19:53 - 000000000 ____D C:\Program Files (x86)\Mozilla Maintenance Service
2025-11-26 14:30 - 2021-03-11 17:14 - 000001073 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Firefox.lnk
2025-11-26 14:30 - 2021-03-11 17:14 - 000000000 ____D C:\Program Files\Mozilla Firefox
2025-11-26 11:58 - 2024-09-20 09:32 - 000018960 _____ (Logitech, Inc.) C:\WINDOWS\system32\Drivers\LNonPnP.sys
2025-11-26 10:37 - 2025-06-18 01:33 - 000000000 ____D C:\WINDOWS\system32\SleepStudy
2025-11-26 04:15 - 2019-12-07 10:14 - 000000000 ___HD C:\Program Files\WindowsApps
2025-11-26 04:15 - 2019-12-07 10:14 - 000000000 ____D C:\WINDOWS\AppReadiness
2025-11-26 04:00 - 2024-03-18 04:00 - 000000000 ____D C:\Users\hp\AppData\Local\Everything
2025-11-25 23:08 - 2021-01-16 21:43 - 000000000 ____D C:\Users\hp\AppData\Roaming\Microsoft\Word
2025-11-23 10:13 - 2022-10-06 12:21 - 000000000 ____D C:\Users\hp\Documents\Zdravotní dokumentace
2025-11-22 14:39 - 2025-06-18 01:40 - 000003638 _____ C:\WINDOWS\system32\Tasks\MicrosoftEdgeUpdateTaskMachineUA
2025-11-22 14:39 - 2025-06-18 01:40 - 000003512 _____ C:\WINDOWS\system32\Tasks\MicrosoftEdgeUpdateTaskMachineCore
2025-11-22 12:32 - 2021-01-29 01:23 - 000000000 ____D C:\Users\hp\AppData\Roaming\vlc
2025-11-22 03:40 - 2023-01-16 22:00 - 000002436 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Microsoft Edge.lnk
2025-11-22 03:40 - 2023-01-16 22:00 - 000002274 _____ C:\Users\Public\Desktop\Microsoft Edge.lnk
2025-11-21 10:08 - 2024-12-21 07:58 - 000333479 _____ C:\Users\hp\Desktop\urget páteř Motol 28.2.2023.pdf
2025-11-21 04:14 - 2021-03-02 10:13 - 000000000 ____D C:\Users\hp\AppData\Roaming\Microsoft\Excel
2025-11-21 04:10 - 2025-06-18 01:41 - 001693204 _____ C:\WINDOWS\system32\PerfStringBackup.INI
2025-11-21 04:10 - 2019-12-07 15:43 - 000716770 _____ C:\WINDOWS\system32\perfh005.dat
2025-11-21 04:10 - 2019-12-07 15:43 - 000144948 _____ C:\WINDOWS\system32\perfc005.dat
2025-11-21 04:10 - 2019-12-07 10:13 - 000000000 ____D C:\WINDOWS\INF
2025-11-21 04:07 - 2021-01-16 09:01 - 000000000 ____D C:\Users\hp\AppData\Local\Google
2025-11-21 04:06 - 2025-06-18 01:40 - 000000006 ____H C:\WINDOWS\Tasks\SA.DAT
2025-11-21 04:06 - 2021-02-07 20:19 - 000000000 ____D C:\ProgramData\NVIDIA
2025-11-21 04:06 - 2019-12-07 10:14 - 000000000 ____D C:\WINDOWS\ServiceState
2025-11-21 04:05 - 2025-07-10 02:03 - 000008192 ___SH C:\DumpStack.log.tmp
2025-11-21 04:05 - 2021-03-21 22:01 - 000000000 ____D C:\Program Files\Mozilla Thunderbird
2025-11-21 04:05 - 2019-12-07 10:03 - 000524288 _____ C:\WINDOWS\system32\config\BBI
2025-11-21 01:34 - 2021-01-16 09:01 - 000002207 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Google Chrome.lnk
2025-11-21 01:34 - 2021-01-16 09:01 - 000002166 _____ C:\Users\Public\Desktop\Google Chrome.lnk
2025-11-20 21:10 - 2021-01-16 18:36 - 000000000 ____D C:\Users\hp\AppData\Local\CrashDumps
2025-11-18 23:57 - 2021-03-21 22:01 - 000001055 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Thunderbird.lnk
2025-11-18 21:38 - 2019-12-07 10:03 - 000000000 ____D C:\WINDOWS\CbsTemp
2025-11-18 20:40 - 2021-11-09 14:02 - 000000000 ____D C:\Users\hp\AppData\Roaming\Mp3tag
2025-11-18 18:17 - 2025-07-24 06:12 - 000002334 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Brave.lnk
2025-11-18 18:17 - 2025-07-24 06:12 - 000002293 _____ C:\Users\Public\Desktop\Brave.lnk
2025-11-18 18:16 - 2023-04-17 11:39 - 000000000 ____D C:\ProgramData\Package Cache
2025-11-18 15:06 - 2023-10-04 10:04 - 000000000 ____D C:\Users\hp\AppData\Local\Package Cache
2025-11-18 14:23 - 2022-10-17 20:10 - 000000000 ____D C:\Users\hp\AppData\Local\qBittorrent
2025-11-18 14:15 - 2021-01-14 11:57 - 000000000 ____D C:\Users\hp\AppData\Local\Packages
2025-11-18 14:15 - 2021-01-14 11:57 - 000000000 ____D C:\ProgramData\Packages
2025-11-18 01:00 - 2021-01-14 10:47 - 000000000 ____D C:\WINDOWS\system32\Drivers\wd
2025-11-17 00:51 - 2025-09-28 22:28 - 000000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\MPC-HC x64
2025-11-17 00:51 - 2025-03-16 21:43 - 000000000 ____D C:\Program Files\MPC-HC
2025-11-17 00:47 - 2021-01-26 22:13 - 000000000 ____D C:\Users\hp\AppData\Local\ElevatedDiagnostics
2025-11-14 11:10 - 2024-06-18 19:09 - 000000000 ____D C:\Users\hp\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Aplikace Chrome
2025-11-13 01:45 - 2025-06-18 01:33 - 005533456 _____ C:\WINDOWS\system32\FNTCACHE.DAT
2025-11-13 01:44 - 2019-12-07 15:47 - 000000000 ____D C:\Program Files\Windows Portable Devices
2025-11-13 01:44 - 2019-12-07 15:47 - 000000000 ____D C:\Program Files\Windows Multimedia Platform
2025-11-13 01:44 - 2019-12-07 15:47 - 000000000 ____D C:\Program Files\Windows Defender Advanced Threat Protection
2025-11-13 01:44 - 2019-12-07 15:47 - 000000000 ____D C:\Program Files (x86)\Windows Portable Devices
2025-11-13 01:44 - 2019-12-07 15:47 - 000000000 ____D C:\Program Files (x86)\Windows Multimedia Platform
2025-11-13 01:44 - 2019-12-07 10:14 - 000000000 ____D C:\WINDOWS\SysWOW64\setup
2025-11-13 01:44 - 2019-12-07 10:14 - 000000000 ____D C:\WINDOWS\SystemResources
2025-11-13 01:44 - 2019-12-07 10:14 - 000000000 ____D C:\WINDOWS\system32\setup
2025-11-13 01:44 - 2019-12-07 10:14 - 000000000 ____D C:\WINDOWS\system32\oobe
2025-11-13 01:44 - 2019-12-07 10:14 - 000000000 ____D C:\WINDOWS\bcastdvr
2025-11-12 10:18 - 2025-06-18 01:35 - 003016192 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\PrintConfig.dll
2025-11-12 10:12 - 2021-01-17 01:57 - 000000000 ____D C:\WINDOWS\system32\MRT
2025-11-12 10:07 - 2021-01-17 01:57 - 215625816 ____C (Microsoft Corporation) C:\WINDOWS\system32\MRT.exe
2025-11-12 03:34 - 2021-01-16 09:01 - 000000000 ____D C:\Program Files (x86)\Google
2025-11-04 01:35 - 2025-07-06 13:54 - 000000000 ____D C:\WINDOWS\system32\Tasks\Google
2025-11-04 01:35 - 2021-01-16 09:01 - 000000000 ____D C:\Program Files\Google
2025-10-30 09:20 - 2024-02-11 19:02 - 000000000 ____D C:\Users\hp\Documents\Recepty
2025-10-27 00:52 - 2019-12-07 10:14 - 000000000 ____D C:\WINDOWS\LiveKernelReports
2025-10-27 00:46 - 2025-06-18 01:22 - 000000000 ____D C:\Users\hp

==================== Files in the root of some directories ========

2024-05-09 22:11 - 2024-05-09 22:11 - 000195296 _____ () C:\Users\hp\comcat5.dll
2021-03-01 11:31 - 2021-03-01 11:31 - 000000207 _____ () C:\Users\hp\AppData\Roaming\DESKTOP-V512I58.MTBF.txt
2025-10-03 10:09 - 2025-10-03 10:09 - 000000028 _____ () C:\Users\hp\AppData\Roaming\epm_user.ini
2021-10-01 16:17 - 2023-07-22 11:50 - 000099384 _____ () C:\Users\hp\AppData\Roaming\inst.exe
2021-01-18 09:00 - 2021-01-19 10:30 - 002106893 _____ () C:\Users\hp\AppData\Roaming\langInstall.exe
2021-10-01 16:17 - 2023-07-22 11:50 - 000007859 _____ () C:\Users\hp\AppData\Roaming\pcouffin.cat
2021-10-01 16:17 - 2023-07-22 11:50 - 000001167 _____ () C:\Users\hp\AppData\Roaming\pcouffin.inf
2021-10-01 16:17 - 2023-07-22 11:50 - 000082816 _____ (VSO Software) C:\Users\hp\AppData\Roaming\pcouffin.sys
2022-11-22 09:51 - 2025-03-07 22:50 - 000007607 _____ () C:\Users\hp\AppData\Local\resmon.resmoncfg

==================== SigCheck ============================

(There is no automatic fix for files that do not pass verification.)

==================== End of FRST.txt ========================



Additional scan result of Farbar Recovery Scan Tool (x64) Version: 20-11-2025
Ran by hp (26-11-2025 17:03:08)
Running from C:\Users\hp\Desktop
Microsoft Windows 10 Pro Version 22H2 19045.6575 (X64) (2025-06-18 00:41:21)
Boot Mode: Normal
==========================================================


==================== Accounts: =============================

(If an entry is included in the fixlist, it will be removed.)

Administrator (S-1-5-21-4110395000-121095619-2023355872-500 - Administrator - Disabled)
DefaultAccount (S-1-5-21-4110395000-121095619-2023355872-503 - Limited - Disabled)
Guest (S-1-5-21-4110395000-121095619-2023355872-501 - Limited - Disabled)
hp (S-1-5-21-4110395000-121095619-2023355872-1001 - Administrator - Enabled) => C:\Users\hp
WDAGUtilityAccount (S-1-5-21-4110395000-121095619-2023355872-504 - Limited - Disabled)

==================== Security Center ========================

(If an entry is included in the fixlist, it will be removed.)

AV: Windows Defender (Enabled - Up to date) {D68DDC3A-831F-4fae-9E44-DA132C1ACF46}

==================== Installed Programs ======================

(Only the adware programs with "Hidden" flag could be added to the fixlist to unhide them. The adware programs should be uninstalled manually.)

µTorrent (HKU\S-1-5-21-4110395000-121095619-2023355872-1001\...\uTorrent) (Version: 3.5.5.46206 - BitTorrent Inc.)
64 Bit HP CIO Components Installer (HKLM\...\{FF21C3E6-97FD-474F-9518-8DCBE94C2854}) (Version: 7.2.8 - Hewlett-Packard) Hidden
ABBYY FineReader 15 (HKLM\...\{F15000FE-0001-6400-0000-074957833700}) (Version: 15.0.1496 - ABBYY Production LLC)
Abrosoft FantaMorph 5.4.8 (HKLM-x32\...\Abrosoft FantaMorph_is1) (Version: 5.4.8 - Abrosoft)
Adios - Shudown Timer version 1.2.8.8 (HKLM-x32\...\{54828AC4-6EA5-4DBF-853C-D02DCBE4C0DF}_is1) (Version: 1.2.8.8 - Bernd Haendel)
Adobe Flash Player 10 ActiveX (HKLM-x32\...\{B7B3E9B3-FB14-4927-894B-E9124509AF5A}) (Version: 10.0.32.18 - Adobe Systems, Inc.)
AMP Font Viewer (HKLM-x32\...\AMP Font Viewer) (Version: - )
AnyMP4 Video Converter Ultimate 8.5.20 (HKLM-x32\...\{B77ACAAE-53EE-43c3-86F1-4AEA52F6CDD5}_is1) (Version: 8.5.20 - AnyMP4 Studio)
ApowerMirror V1.5.9.9 (HKLM-x32\...\{a9482532-9c34-478c-80c3-85bdccbb981f}_is1) (Version: 1.5.9.9 - APOWERSOFT LIMITED)
Ashampoo Burning Studio 6 FREE v.6.84 (HKLM-x32\...\{91B33C97-3ED1-03EA-A67B-244AA4D7B559}_is1) (Version: 6.8.4 - Ashampoo GmbH & Co. KG)
Aspell 0.6 Dictionary (Language: cs) (HKU\S-1-5-21-4110395000-121095619-2023355872-1001\...\Aspell6-Dictionary-cs) (Version: - )
Audacity 3.7.0 (HKLM\...\Audacity_is1) (Version: 3.7.0 - Audacity Team)
Bonjour (HKLM\...\{56DDDFB8-7F79-4480-89D5-25E1F52AB28F}) (Version: 3.1.0.1 - Apple Inc.)
Brave (HKLM-x32\...\BraveSoftware Brave-Browser) (Version: 142.1.84.141 - Autoři prohlížeče Brave)
BurnInTest v8.1 Pro (HKLM\...\BurnInTest_is1) (Version: 8.1.1001.0 - Passmark Software)
BusinessCards MX (HKLM-x32\...\{0D5B5ED2-3E38-4585-B1F3-64B2A9EA95D6}_is1) (Version: 5.0 - MOJOSOFT)
Common Desktop Agent (HKLM\...\{031A0E14-0413-4C97-9772-2639B782F46F}) (Version: 1.62.0 - OEM) Hidden
CrystalDiskInfo 8.9.0a (HKLM\...\CrystalDiskInfo_is1) (Version: 8.9.0a - Crystal Dew World)
Documentation Manager (HKLM\...\{C8ACA6BC-A7AF-4FAA-AE86-90E4AB2535C4}) (Version: 23.20.0.4 - Intel Corporation) Hidden
EVEREST Ultimate Edition v5.50 (HKLM-x32\...\EVEREST Ultimate Edition_is1) (Version: 5.50 - Lavalys, Inc.)
Everything 1.5.0.1400a (x64) (HKLM\...\Everything 1.5a) (Version: 1.5.0.1400 - voidtools)
FFmpeg 5.0.0 for Audacity - x86_64 (HKLM\...\FFmpeg for Audacity_is1) (Version: - )
Folder Size (64-bit) (HKLM\...\{F24FF688-7138-4CCF-A83F-71E9FB01170E}) (Version: 2.6 - Brio)
FormatFactory 3.00 (HKLM-x32\...\FormatFactory) (Version: 3.00 - Free Time)
Google Earth Pro (HKLM\...\{8D42B7EA-0BF8-4E13-B646-652FE578F998}) (Version: 7.3.6.10441 - Google)
Google Chrome (HKLM-x32\...\Google Chrome) (Version: 142.0.7444.176 - Google LLC)
HandBrake 1.9.0 (HKLM-x32\...\HandBrake) (Version: 1.9.0 - )
HD Tune Pro 5.00 (HKLM-x32\...\HD Tune Pro_is1) (Version: - EFD Software)
HDD Regenerator (HKLM-x32\...\{2445981B-A23B-4A0E-AD15-3D391BDAEC3E}) (Version: 1.71.0012 - Abstradrome)
HP Customer Participation Program 14.0 (HKLM\...\HPExtendedCapabilities) (Version: 14.0 - HP)
HP Deskjet All-In-One Software (HKLM\...\{2CB8566A-8EA6-417A-BAB1-1B10A88C79BB}) (Version: 14.0 - HP)
HP Imaging Device Functions 14.0 (HKLM\...\HP Imaging Device Functions) (Version: 14.0 - HP)
HP Solution Center 14.0 (HKLM\...\HP Solution Center & Imaging Support Tools) (Version: 14.0 - HP)
HP Update (HKLM-x32\...\{912D30CF-F39E-4B31-AD9A-123C6B794EE2}) (Version: 5.005.002.002 - Hewlett-Packard)
Chrome Remote Desktop Host (HKLM-x32\...\{55E2698F-22F7-4AAF-8F5B-5CB55252BB37}) (Version: 143.0.7499.7 - Google LLC)
Infix PDF Editor verze 5.2.7.0 (HKLM-x32\...\D42C36B3-E36B-43EC-A8B4-B613D7B92782_is1) (Version: 5.2.7.0 - Iceni Technology)
Intel® Software Installer (HKLM-x32\...\{48d2407e-bac9-4790-8956-80a8f0f7b142}) (Version: 22.250.1.2 - Intel Corporation) Hidden
Intel® Software Installer (HKLM-x32\...\{acc5d32f-fbf7-4d75-8943-2f70e698123d}) (Version: 23.20.0.4 - Intel Corporation) Hidden
InternetOff 3.0, 32\64 bit edition (HKLM-x32\...\InternetOff_is1) (Version: - Crystal Rich, Ltd)
IrfanView 4.70 (64-bit) (HKLM\...\IrfanView64) (Version: 4.70 - Irfan Skiljan)
IsoBuster [32bit] (HKLM-x32\...\IsoBuster_is1) (Version: 5.1 - Smart Projects)
K-Lite Codec Pack 18.6.0 Basic (HKLM-x32\...\KLiteCodecPack_is1) (Version: 18.6.0 - KLCP)
Kontrola stavu osobního počítače s Windows (HKLM\...\{7DED818B-F556-4115-9CC0-ACE3F614CE63}) (Version: 4.0.2410.23001 - Microsoft Corporation)
Kontrola stavu osobního počítače s Windows (HKLM\...\{D18FE9D2-2F54-4C68-A2DE-A59D4A80A9BC}) (Version: 3.1.2109.29003 - Microsoft Corporation)
Kontrola stavu osobního počítače s Windows (HKLM\...\{D1F15F7A-707A-42BD-BE6B-3380616F796D}) (Version: 3.6.2204.08001 - Microsoft Corporation)
Kutools for Word (HKLM-x32\...\{7219A63B-3059-47AD-9EA8-0A645A0A05BE}) (Version: 15.00.00 - ExtendOffice.com) Hidden
Kutools for Word (HKLM-x32\...\Kutools for Word 15.00.00) (Version: 15.00.00 - ExtendOffice.com)
LAV Filters 0.74.1 (HKLM-x32\...\lavfilters_is1) (Version: 0.74.1 - Hendrik Leppkes)
Media Preview (HKLM\...\{52AFC3E1-0FAA-4C05-88FF-373911EA68F5}) (Version: 1.4.3.429 - BabelSoft)
Microsoft .NET Host - 8.0.12 (x64) (HKLM\...\{C4C6E39D-48AE-426C-960C-46ED3447DDEB}) (Version: 64.48.26165 - Microsoft Corporation) Hidden
Microsoft .NET Host FX Resolver - 8.0.12 (x64) (HKLM\...\{C9C872D5-3CA9-4E0E-AF90-1B85325F9243}) (Version: 64.48.26165 - Microsoft Corporation) Hidden
Microsoft .NET Runtime - 8.0.12 (x64) (HKLM\...\{1E606649-7E56-452F-8AC4-495C70D1E341}) (Version: 64.48.26165 - Microsoft Corporation) Hidden
Microsoft Edge (HKLM-x32\...\Microsoft Edge) (Version: 142.0.3595.94 - Microsoft Corporation)
Microsoft Edge WebView2 Runtime (HKLM-x32\...\Microsoft EdgeWebView) (Version: 142.0.3595.94 - Microsoft Corporation) Hidden
Microsoft Office Professional Plus 2019 - cs-cz (HKLM\...\ProPlus2019Volume - cs-cz) (Version: 16.0.14026.20246 - Microsoft Corporation)
Microsoft Teams Meeting Add-in for Microsoft Office (HKLM\...\{A7AB73A3-CB10-4AA5-9D38-6AEFFBDE4C91}) (Version: 1.25.14205 - Microsoft)
Microsoft Update Health Tools (HKLM\...\{1FC1A6C2-576E-489A-9B4A-92D21F542136}) (Version: 3.74.0.0 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x64 9.0.30729.4148 (HKLM\...\{4B6C7001-C7D6-3710-913E-5BC23FCE91E6}) (Version: 9.0.30729.4148 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.6161 (HKLM-x32\...\{9BE518E6-ECC6-35A9-88E4-87755C07200F}) (Version: 9.0.30729.6161 - Microsoft Corporation)
Microsoft Visual C++ 2015-2022 Redistributable (x64) - 14.40.33816 (HKLM-x32\...\{77169412-f642-45e7-b533-0c6f48de12f9}) (Version: 14.40.33816.0 - Microsoft Corporation)
Microsoft Visual C++ 2015-2022 Redistributable (x86) - 14.40.33816 (HKLM-x32\...\{4373d0b5-4457-4a80-bad9-029de8df097b}) (Version: 14.40.33816.0 - Microsoft Corporation)
Microsoft Visual C++ 2022 X64 Additional Runtime - 14.40.33816 (HKLM\...\{5904914B-9FC8-44C2-AE48-5C7F30A603EC}) (Version: 14.40.33816 - Microsoft Corporation) Hidden
Microsoft Visual C++ 2022 X64 Minimum Runtime - 14.40.33816 (HKLM\...\{560D2DA4-096E-4868-B22A-DA6418FDE6FB}) (Version: 14.40.33816 - Microsoft Corporation) Hidden
Microsoft Visual C++ 2022 X86 Additional Runtime - 14.40.33816 (HKLM-x32\...\{0DF1D9F9-6038-4641-AB6D-13DD654758A7}) (Version: 14.40.33816 - Microsoft Corporation) Hidden
Microsoft Visual C++ 2022 X86 Minimum Runtime - 14.40.33816 (HKLM-x32\...\{D7A66DA5-B103-45C1-A0A7-736C08E2F464}) (Version: 14.40.33816 - Microsoft Corporation) Hidden
Microsoft Windows Desktop Runtime - 8.0.12 (x64) (HKLM\...\{71CD19D6-C448-4B5D-9A38-018741753290}) (Version: 64.48.26178 - Microsoft Corporation) Hidden
Microsoft Windows Desktop Runtime - 8.0.12 (x64) (HKLM-x32\...\{aafaa0cc-b975-4ffa-ba33-8690e64683c4}) (Version: 8.0.12.34404 - Microsoft Corporation)
MozBackup 1.5.1 (HKLM-x32\...\MozBackup) (Version: - Pavel Cvrcek)
Mozilla Firefox (x64 cs) (HKLM\...\Mozilla Firefox) (Version: 145.0.2 - Mozilla)
Mozilla Maintenance Service (HKLM\...\MozillaMaintenanceService) (Version: 128.4.0 - Mozilla)
Mozilla Thunderbird ESR (x64 cs) (HKLM\...\Mozilla Thunderbird 140.5.0 ESR (x64 cs)) (Version: 140.5.0 - Mozilla)
MP3Resizer 1.8.3 (HKLM-x32\...\MP3Resizer_is1) (Version: - Skyshape Software)
Mp3tag v3.11 (HKLM-x32\...\Mp3tag) (Version: 3.11 - Florian Heidenreich)
MPC-HC 2.5.5 (64-bit) (HKLM\...\{2ACBF1FA-F5C3-4B19-A774-B22A31F231B9}_is1) (Version: 2.5.5 - MPC-HC Team)
NAPS2 (HKLM\...\NAPS2 - Not Another PDF Scanner_is1) (Version: 7.5.3 - NAPS2 Software)
NVIDIA App 11.0.4.159 (HKLM\...\{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_Display.NvApp) (Version: 11.0.4.159 - NVIDIA Corporation)
NVIDIA FrameView SDK 1.5.10920.35420203 (HKLM\...\{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_FrameViewSdk) (Version: 1.5.10920.35420203 - NVIDIA Corporation)
NVIDIA Ovladače grafiky 581.63 (HKLM\...\{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_Display.Driver) (Version: 581.63 - NVIDIA Corporation)
NVIDIA Systémový software PhysX 9.23.1019 (HKLM\...\{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_Display.PhysX) (Version: 9.23.1019 - NVIDIA Corporation)
OCR Software by I.R.I.S. 14.0 (HKLM\...\HPOCR) (Version: 14.0 - HP)
Office 16 Click-to-Run Extensibility Component (HKLM\...\{90160000-008C-0000-1000-0000000FF1CE}) (Version: 16.0.14026.20246 - Microsoft Corporation) Hidden
Office 16 Click-to-Run Licensing Component (HKLM\...\{90160000-007E-0000-1000-0000000FF1CE}) (Version: 16.0.14026.20246 - Microsoft Corporation) Hidden
Office 16 Click-to-Run Localization Component (HKLM\...\{90160000-008C-0405-1000-0000000FF1CE}) (Version: 16.0.14026.20246 - Microsoft Corporation) Hidden
PhotoFiltre Studio X (HKU\S-1-5-21-4110395000-121095619-2023355872-1001\...\PhotoFiltre Studio X) (Version: - )
PowerISO (HKLM-x32\...\PowerISO) (Version: 7.6 - Power Software Ltd)
Python 3.13.0 Core Interpreter (64-bit) (HKLM\...\{92D06D2A-683D-4E16-8ACC-E7F7FC30AB32}) (Version: 3.13.150.0 - Python Software Foundation) Hidden
Python 3.13.0 Development Libraries (64-bit) (HKLM\...\{71542EB9-2FED-406F-9CB7-027ABBD8BBDB}) (Version: 3.13.150.0 - Python Software Foundation) Hidden
Python 3.13.0 Documentation (64-bit) (HKLM\...\{D0B9B0AE-74FD-4CA6-9404-91F0433C6CB2}) (Version: 3.13.150.0 - Python Software Foundation) Hidden
Python 3.13.0 Executables (64-bit) (HKLM\...\{006F742B-DED7-478D-93DD-4B975444DABE}) (Version: 3.13.150.0 - Python Software Foundation) Hidden
Python 3.13.0 pip Bootstrap (64-bit) (HKLM\...\{1239D9CA-8A9B-4A20-8361-0C6990D08FD8}) (Version: 3.13.150.0 - Python Software Foundation) Hidden
Python 3.13.0 Standard Library (64-bit) (HKLM\...\{09D95048-E91D-4F33-9197-1182FCA17B16}) (Version: 3.13.150.0 - Python Software Foundation) Hidden
Python 3.13.0 Tcl/Tk Support (64-bit) (HKLM\...\{C8DC7BA8-9A89-42A6-9ACA-04ACA6448612}) (Version: 3.13.150.0 - Python Software Foundation) Hidden
Python 3.13.0 Test Suite (64-bit) (HKLM\...\{D1F9D9AE-E7E2-48AA-BA3A-6E760D2B5F7D}) (Version: 3.13.150.0 - Python Software Foundation) Hidden
qBittorrent (HKLM-x32\...\qBittorrent) (Version: 5.1.0 - The qBittorrent project)
Quick Share (HKLM\...\{0B3A0BA3-6484-4A07-AB71-2D8821C8E925}) (Version: 1.0.2399.1 - Google LLC)
Realtek High Definition Audio Driver (HKLM-x32\...\{F132AF7F-7BCA-4EDE-8A7C-958108FE7DBC}) (Version: 6.0.9239.1 - Realtek Semiconductor Corp.)
Revo Uninstaller Pro 5.2.0 (HKLM\...\{67579783-0FB7-4F7B-B881-E5BE47C9DBE0}_is1) (Version: 5.2.0 - VS Revo Group, Ltd.)
Samsung Easy Printer Manager (HKLM-x32\...\Samsung Easy Printer Manager) (Version: 2.00.01.36 - HP Inc.)
Samsung Network PC Fax (HKLM-x32\...\Samsung Network PC Fax) (Version: 2.02.34 (14.04.2021) - HP Development Company, L.P.)
Samsung Scan Process Machine (HKLM-x32\...\Samsung Scan Process Machine) (Version: 1.03.05.32 - Samsung Electronics Co., Ltd.) Hidden
SetIP (HKLM-x32\...\SetIP) (Version: 1.05.08.00 - Samsung Electronics Co., Ltd.)
Snagit 12 (HKLM-x32\...\{BDFD9ADC-3F97-4A8A-A533-987B21776449}) (Version: 12.4.0 - TechSmith Corporation) Hidden
Stellar Data Recovery (HKLM\...\Stellar Data Recovery_is1) (Version: 10.0.0.0 - Stellar Information Technology Pvt Ltd.)
Subtitle Edit 3.6.1 (HKLM\...\SubtitleEdit_is1) (Version: 3.6.1.0 - Nikse)
Total Commander (Remove or Repair) (HKLM-x32\...\Totalcmd) (Version: 11.03 - Ghisler Software GmbH)
Total Commander 64-bit (Remove or Repair) (HKLM\...\Totalcmd64) (Version: 11.03 - Ghisler Software GmbH)
Uninstall Samsung Printer Software (HKLM-x32\...\TotalUninstaller) (Version: 4.0.0.8 - Samsung Electronics CO., LTD.)
Update for x64-based Windows Systems (KB5001716) (HKLM\...\{B8D93870-98D1-4980-AFCA-E26563CDFB79}) (Version: 8.94.0.0 - Microsoft Corporation)
USB Safely Remove 7.1 (HKLM-x32\...\USB Safely Remove_is1) (Version: 7.1.2.1327 - Crystal Rich Ltd)
VLC media player (HKLM\...\VLC media player) (Version: 3.0.21 - VideoLAN)
VSO ConvertXToDVD 6 (HKLM-x32\...\{8FC36FA6-C508-44FB-B137-1CB46D8258B2}_is1) (Version: 6.0.0.80 - VSO Software)
Windows Driver Package - Qualcomm Atheros Communications (AthBTPort) BluetoothVirtual (06/22/2016 4.0.0.688) (HKLM\...\01069D6802A68D1F83307E6BCAE2264CE16C91D4) (Version: 06/22/2016 4.0.0.688 - Qualcomm Atheros Communications)
WinRAR 7.01 (64-bit) (HKLM\...\WinRAR archiver) (Version: 7.01.0 - win.rar GmbH)
Wise Folder Hider (HKLM-x32\...\Wise Folder Hider_is1) (Version: 4.4.3 - WiseCleaner.com, Inc.)
Wondershare Filmora9(Build 9.3.6) (HKLM\...\Wondershare Filmora9_is1) (Version: - Wondershare Software)

Chrome apps:
============
Správce hesel Google (HKU\S-1-5-21-4110395000-121095619-2023355872-1001\...\3efb3d139e32b2fe76a48c4f1dc6980a) (Version: 1.0 - Google\Chrome)
Vzdálená plocha Chrome (HKU\S-1-5-21-4110395000-121095619-2023355872-1001\...\17f05f6a5acc4ab9be346ee2a80a4569) (Version: 1.0 - Google\Chrome)

Packages:
=========
Adobe Photoshop Express -> C:\Program Files\WindowsApps\AdobeSystemsIncorporated.AdobePhotoshopExpress_3.22.35.0_x64__ynb6jyjzte8ga [2025-11-13] (Adobe Inc.) [Startup Task]
Aliexpres SALE -> C:\Program Files\WindowsApps\l.corp.ALIEXPRESSSALE_7.0.7.0_x64__wmejf3b8kpde4 [2025-06-18] (AU MFC VMP)
Dolby Access -> C:\Program Files\WindowsApps\DolbyLaboratories.DolbyAccess_3.27.5760.0_x64__rz1tebttyb220 [2025-11-11] (Dolby Laboratories)
Doplněk multimediálního modulu pro aplikaci Fotografie -> C:\Program Files\WindowsApps\Microsoft.Photos.MediaEngineDLC_1.0.0.0_x64__8wekyb3d8bbwe [2024-12-21] (Microsoft Corporation)
Doplněk pro Fotky -> C:\Program Files\WindowsApps\Microsoft.Windows.Photos.DLC.Main_2021.39122.10110.0_x64__8wekyb3d8bbwe [2024-12-21] (Microsoft Corporation)
HP Smart -> C:\Program Files\WindowsApps\AD2F1837.HPPrinterControl_162.2.1122.0_x64__v10z8vjag6ke6 [2025-11-26] (HP Inc.)
iVysílání -> C:\Program Files\WindowsApps\Ceskatelevize.iVysln_1.2.0.0_x64__ndqbq1wc819cy [2024-12-21] (Ceska televize)
Microsoft Mahjong -> C:\Program Files\WindowsApps\Microsoft.MicrosoftMahjong_4.8.11051.0_x64__8wekyb3d8bbwe [2025-11-14] (Microsoft Studios)
Microsoft Remote Desktop -> C:\Program Files\WindowsApps\Microsoft.RemoteDesktop_10.2.4012.0_x64__8wekyb3d8bbwe [2025-09-17] (Microsoft Corporation)
Netflix -> C:\Program Files\WindowsApps\4DF9E0F8.Netflix_7.0.8.0_neutral__mcm4njqhnhss8 [2024-12-21] (Netflix, Inc.)
NVIDIA Control Panel -> C:\Program Files\WindowsApps\NVIDIACorp.NVIDIAControlPanel_8.1.969.0_x64__56jybvy8sckqj [2025-11-09] (NVIDIA Corp.)
Python Install Manager -> C:\Program Files\WindowsApps\PythonSoftwareFoundation.PythonManager_25.0.240.0_x64__3847v3x7pw1km [2025-11-18] (Python Software Foundation)
Quick Share -> C:\Program Files\Google\NearbyShare [2025-11-04] (Google LLC)
Spotify – hudba a podcasty -> C:\Program Files\WindowsApps\SpotifyAB.SpotifyMusic_1.277.358.0_x64__zpdnekdrzrea0 [2025-11-22] (Spotify AB) [Startup Task]
The Northern Lights -> C:\Program Files\WindowsApps\Microsoft.TheNorthernLights_1.0.0.0_neutral__8wekyb3d8bbwe [2024-12-21] (Microsoft Corporation)
TikTok -> C:\Program Files\WindowsApps\BytedancePte.Ltd.TikTok_1.0.5.0_neutral__6yccndn6064se [2025-01-16] (Bytedance Pte. Ltd.)
TikTok -> C:\Program Files\WindowsApps\www.tiktok.com-4C63E479_1.0.5.1_neutral__s5gx0acfdhdxa [2024-12-21] (www.tiktok.com)
WinAppRuntime.Main.1.8 -> C:\Program Files\WindowsApps\MicrosoftCorporationII.WinAppRuntime.Main.1.8_8000.675.1142.0_x64__8wekyb3d8bbwe [2025-11-18] (Microsoft Corp.)
WinAppRuntime.Singleton -> C:\Program Files\WindowsApps\MicrosoftCorporationII.WinAppRuntime.Singleton_8000.675.1142.0_x64__8wekyb3d8bbwe [2025-11-18] (Microsoft Corp.)

==================== Custom CLSID (Whitelisted): ==============

(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)

CustomCLSID: HKU\S-1-5-21-4110395000-121095619-2023355872-1001_Classes\CLSID\{05a1ff18-75e3-4f07-8900-b99d53b103f3}\InprocServer32 -> C:\Program Files\Mozilla Thunderbird\notificationserver.dll (Mozilla Corporation -> Mozilla Foundation)
CustomCLSID: HKU\S-1-5-21-4110395000-121095619-2023355872-1001_Classes\CLSID\{19230D16-6A9E-A74A-926A-B707B3576E0A}\InprocServer32 -> C:\Program Files (x86)\Common Files\System\ole32.dll => No File
CustomCLSID: HKU\S-1-5-21-4110395000-121095619-2023355872-1001_Classes\CLSID\{1a46400f-4c81-802a-c2c1-1e9a687a9340}\localserver32 -> C:\Program Files\HandBrake\HandBrake.exe (HandBrake Team) [File not signed]
CustomCLSID: HKU\S-1-5-21-4110395000-121095619-2023355872-1001_Classes\CLSID\{4211C739-4137-470C-BE6A-2AE9D710DB53}\InprocServer32 -> C:\Program Files\Mozilla Thunderbird\notificationserver.dll (Mozilla Corporation -> Mozilla Foundation)
CustomCLSID: HKU\S-1-5-21-4110395000-121095619-2023355872-1001_Classes\CLSID\{72F6A03F-7B17-4E65-AE37-666FC9024FA2}\InprocServer32 -> C:\ProgramData\AllDup\KuShellExtension64.dll => No File
CustomCLSID: HKU\S-1-5-21-4110395000-121095619-2023355872-1001_Classes\CLSID\{DFF20505-B08F-455B-AD70-4FBD055088E0}\localserver32 -> C:\Program Files\Google\Chrome\Application\PlatformExperienceHelper\platform_experience_helper.exe (Google LLC -> Google LLC)
CustomCLSID: HKU\S-1-5-21-4110395000-121095619-2023355872-1001_Classes\CLSID\{EABAE40C-B27C-455A-B672-F234DD780948}\InprocServer32 -> C:\Users\hp\AppData\Local\Microsoft\TeamsMeetingAdd-in\1.25.14205\x64\Microsoft.Teams.MeetingAddin.DLL (Microsoft Corporation -> Microsoft Corporation)
ContextMenuHandlers1: [!NetFax0] -> {35308360-D4A6-436D-B701-1FEC7E96BA48} => C:\WINDOWS\system32\spool\drivers\x64\3\NetFaxShell64.dll [2021-04-14] (HP Development Company, L.P.) [File not signed]
ContextMenuHandlers1: [!NetFax1] -> {35308360-D4A6-436D-B701-1FEC7E96BA48} => C:\WINDOWS\system32\spool\drivers\x64\3\NetFaxShell64.dll [2021-04-14] (HP Development Company, L.P.) [File not signed]
ContextMenuHandlers1: [!NetFax2] -> {35308360-D4A6-436D-B701-1FEC7E96BA48} => C:\WINDOWS\system32\spool\drivers\x64\3\NetFaxShell64.dll [2021-04-14] (HP Development Company, L.P.) [File not signed]
ContextMenuHandlers1: [!NetFax3] -> {35308360-D4A6-436D-B701-1FEC7E96BA48} => C:\WINDOWS\system32\spool\drivers\x64\3\NetFaxShell64.dll [2021-04-14] (HP Development Company, L.P.) [File not signed]
ContextMenuHandlers1: [!NetFax4] -> {35308360-D4A6-436D-B701-1FEC7E96BA48} => C:\WINDOWS\system32\spool\drivers\x64\3\NetFaxShell64.dll [2021-04-14] (HP Development Company, L.P.) [File not signed]
ContextMenuHandlers1: [!NetFax5] -> {35308360-D4A6-436D-B701-1FEC7E96BA48} => C:\WINDOWS\system32\spool\drivers\x64\3\NetFaxShell64.dll [2021-04-14] (HP Development Company, L.P.) [File not signed]
ContextMenuHandlers1: [!NetFax6] -> {35308360-D4A6-436D-B701-1FEC7E96BA48} => C:\WINDOWS\system32\spool\drivers\x64\3\NetFaxShell64.dll [2021-04-14] (HP Development Company, L.P.) [File not signed]
ContextMenuHandlers1: [!NetFax7] -> {35308360-D4A6-436D-B701-1FEC7E96BA48} => C:\WINDOWS\system32\spool\drivers\x64\3\NetFaxShell64.dll [2021-04-14] (HP Development Company, L.P.) [File not signed]
ContextMenuHandlers1: [FineReader15ContextMenu] -> {53339754-4DD1-438B-8D24-0D0730F1A591} => C:\Program Files (x86)\ABBYY FineReader 15\x64\FRIntegration.x64.dll [2019-08-22] (ABBYY Production LLC -> ABBYY Production LLC.)
ContextMenuHandlers1: [Mp3tagShell] -> {6351E20C-35FA-4BE3-98FB-4CABF1363E12} => C:\Program Files (x86)\Mp3tag\Mp3tagShell64.dll [2021-10-29] (Florian Heidenreich) [File not signed]
ContextMenuHandlers1: [PowerISO] -> {967B2D40-8B7D-4127-9049-61EA0C2C6DCE} => C:\Program Files\PowerISO\PWRISOSH.DLL [2020-02-09] (Power Software Limited -> Power Software Ltd)
ContextMenuHandlers1: [SnagItMainShellExt] -> {CF74B903-3389-469c-B3B6-0204D204FCBD} => C:\Program Files (x86)\TechSmith\Snagit 12\DLLx64\SnagitShellExt64.dll [2015-06-16] (TechSmith Corporation -> TechSmith Corporation)
ContextMenuHandlers1: [WinRAR] -> {B41DB860-64E4-11D2-9906-E49FADC173CA} => C:\Program Files\WinRAR\rarext.dll [2024-05-12] (win.rar GmbH -> Alexander Roshal)
ContextMenuHandlers1-x32: [WinRAR32] -> {B41DB860-8EE4-11D2-9906-E49FADC173CA} => C:\Program Files\WinRAR\rarext32.dll [2024-05-12] (win.rar GmbH -> Alexander Roshal)
ContextMenuHandlers2: [Mp3tagShell] -> {6351E20C-35FA-4BE3-98FB-4CABF1363E12} => C:\Program Files (x86)\Mp3tag\Mp3tagShell64.dll [2021-10-29] (Florian Heidenreich) [File not signed]
ContextMenuHandlers4: [Mp3tagShell] -> {6351E20C-35FA-4BE3-98FB-4CABF1363E12} => C:\Program Files (x86)\Mp3tag\Mp3tagShell64.dll [2021-10-29] (Florian Heidenreich) [File not signed]
ContextMenuHandlers4: [PowerISO] -> {967B2D40-8B7D-4127-9049-61EA0C2C6DCE} => C:\Program Files\PowerISO\PWRISOSH.DLL [2020-02-09] (Power Software Limited -> Power Software Ltd)
ContextMenuHandlers4: [SnagItMainShellExt] -> {CF74B903-3389-469c-B3B6-0204D204FCBD} => C:\Program Files (x86)\TechSmith\Snagit 12\DLLx64\SnagitShellExt64.dll [2015-06-16] (TechSmith Corporation -> TechSmith Corporation)
ContextMenuHandlers5: [NvCplDesktopContext] -> {3D1975AF-48C6-4f8e-A182-BE0E08FA86A9} => C:\WINDOWS\System32\DriverStore\FileRepository\nvhdc.inf_amd64_28c1ca1ab551c546\nvshext.dll [2025-11-03] (NVIDIA Corporation -> NVIDIA Corporation)
ContextMenuHandlers6: [Fast Explorer] -> {693BE9C0-BEC3-11D2-B4C1-C33BBD3AD64B} => C:\ProgramData\AllDup\FEShlExt.dll -> No File
ContextMenuHandlers6: [FineReader15ContextMenu] -> {53339754-4DD1-438B-8D24-0D0730F1A591} => C:\Program Files (x86)\ABBYY FineReader 15\x64\FRIntegration.x64.dll [2019-08-22] (ABBYY Production LLC -> ABBYY Production LLC.)
ContextMenuHandlers6: [PowerISO] -> {967B2D40-8B7D-4127-9049-61EA0C2C6DCE} => C:\Program Files\PowerISO\PWRISOSH.DLL [2020-02-09] (Power Software Limited -> Power Software Ltd)
ContextMenuHandlers6: [RUShellExt] -> {2C5515DC-2A7E-4BFD-B813-CACC2B685EB7} => C:\Program Files\VS Revo Group\Revo Uninstaller Pro\RUExt.dll [2022-04-04] (VS Revo Group Ltd. -> VS Revo Group)
ContextMenuHandlers6: [WinRAR] -> {B41DB860-64E4-11D2-9906-E49FADC173CA} => C:\Program Files\WinRAR\rarext.dll [2024-05-12] (win.rar GmbH -> Alexander Roshal)
ContextMenuHandlers6-x32: [WinRAR32] -> {B41DB860-8EE4-11D2-9906-E49FADC173CA} => C:\Program Files\WinRAR\rarext32.dll [2024-05-12] (win.rar GmbH -> Alexander Roshal)
ContextMenuHandlers1_S-1-5-21-4110395000-121095619-2023355872-1001: [!!KuShellExtension-{72F6A03F-7B17-4E65-AE37-666FC9024FA2}] -> {72F6A03F-7B17-4E65-AE37-666FC9024FA2} => C:\ProgramData\AllDup\KuShellExtension64.dll -> No File
ContextMenuHandlers2_S-1-5-21-4110395000-121095619-2023355872-1001: [!!KuShellExtension-{72F6A03F-7B17-4E65-AE37-666FC9024FA2}] -> {72F6A03F-7B17-4E65-AE37-666FC9024FA2} => C:\ProgramData\AllDup\KuShellExtension64.dll -> No File
ContextMenuHandlers4_S-1-5-21-4110395000-121095619-2023355872-1001: [!!KuShellExtension-{72F6A03F-7B17-4E65-AE37-666FC9024FA2}] -> {72F6A03F-7B17-4E65-AE37-666FC9024FA2} => C:\ProgramData\AllDup\KuShellExtension64.dll -> No File
ContextMenuHandlers5_S-1-5-21-4110395000-121095619-2023355872-1001: [!!KuShellExtension-{72F6A03F-7B17-4E65-AE37-666FC9024FA2}] -> {72F6A03F-7B17-4E65-AE37-666FC9024FA2} => C:\ProgramData\AllDup\KuShellExtension64.dll -> No File

==================== Codecs (Whitelisted) ====================

(If an entry is included in the fixlist, the registry item will be restored to default or removed. The file will not be moved.)

HKLM\...\Drivers32: [vidc.pDAD] => C:\Windows\SysWOW64\prodad-codec.dll [506312 2020-06-29] (proDAD GmbH -> proDAD GmbH)

==================== Shortcuts & WMI ========================

(The entries could be listed to be restored or removed.)

ShortcutWithArgument: C:\Users\hp\Desktop\Práce - Brave.lnk -> C:\Program Files\BraveSoftware\Brave-Browser\Application\brave.exe (Brave Software, Inc.) -> --profile-directory="Default"
ShortcutWithArgument: C:\Users\hp\Desktop\Správce hesel Google.lnk -> C:\Program Files\Google\Chrome\Application\chrome_proxy.exe (Google LLC) -> --profile-directory=Default --app-id=kajebgjangihfbkjfejcanhanjmmbcfd
ShortcutWithArgument: C:\Users\hp\Desktop\TikTok.lnk -> C:\Program Files (x86)\Microsoft\Edge\Application\msedge_proxy.exe (Microsoft Corporation) -> --profile-directory=Default --app-id=nlalbmkafgmoifbeooblidblkmlhhpnc --app-url=hxxps://www.tiktok.com/foryou --app-launch-source=4
ShortcutWithArgument: C:\Users\hp\Desktop\Vzdálená plocha Chrome.lnk -> C:\Program Files\Google\Chrome\Application\chrome_proxy.exe (Google LLC) -> --profile-directory=Default --app-id=cmkncekebbebpfilplodngbpllndjkfo
ShortcutWithArgument: C:\Users\hp\AppData\Local\Microsoft\Edge\User Data\Default\Web Applications\_crx__nlalbmkafgmoifbeooblidblkmlhhpnc\TikTok.lnk -> C:\Program Files (x86)\Microsoft\Edge\Application\msedge_proxy.exe (Microsoft Corporation) -> --profile-directory=Default --app-id=nlalbmkafgmoifbeooblidblkmlhhpnc --app-url=hxxps://www.tiktok.com/foryou --app-launch-source=4
ShortcutWithArgument: C:\Users\hp\AppData\Local\Google\Chrome\User Data\Default\Web Applications\_crx_kajebgjangihfbkjfejcanhanjmmbcfd\Správce hesel Google.lnk -> C:\Program Files\Google\Chrome\Application\chrome_proxy.exe (Google LLC) -> --profile-directory=Default --app-id=kajebgjangihfbkjfejcanhanjmmbcfd
ShortcutWithArgument: C:\Users\hp\AppData\Local\Google\Chrome\User Data\Default\Web Applications\_crx_cmkncekebbebpfilplodngbpllndjkfo\Vzdálená plocha Chrome.lnk -> C:\Program Files\Google\Chrome\Application\chrome_proxy.exe (Google LLC) -> --profile-directory=Default --app-id=cmkncekebbebpfilplodngbpllndjkfo
ShortcutWithArgument: C:\Users\hp\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Webová aplikace Firefoxu\Facebook.lnk -> C:\Program Files\Mozilla Firefox\firefox.exe (Mozilla Corporation) -> "-taskbar-tab" "d0190841-79a7-41d5-90cf-9027c7c7d8e9" "-new-window" "hxxps://www.facebook.com/?ref=homescreenpwa" "-profile" "C:\Users\hp\AppData\Roaming\Mozilla\Firefox\Profiles\icbt817x.default-release" "-container" "0"
ShortcutWithArgument: C:\Users\hp\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Aplikace Chrome\Správce hesel Google.lnk -> C:\Program Files\Google\Chrome\Application\chrome_proxy.exe (Google LLC) -> --profile-directory=Default --app-id=kajebgjangihfbkjfejcanhanjmmbcfd
ShortcutWithArgument: C:\Users\hp\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Aplikace Chrome\Vzdálená plocha Chrome.lnk -> C:\Program Files\Google\Chrome\Application\chrome_proxy.exe (Google LLC) -> --profile-directory=Default --app-id=cmkncekebbebpfilplodngbpllndjkfo
ShortcutWithArgument: C:\Users\hp\AppData\Roaming\Microsoft\Internet Explorer\Quick Launch\User Pinned\TaskBar\Facebook.lnk -> C:\Program Files\Mozilla Firefox\firefox.exe (Mozilla Corporation) -> "-taskbar-tab" "d0190841-79a7-41d5-90cf-9027c7c7d8e9" "-new-window" "hxxps://www.facebook.com/?ref=homescreenpwa" "-profile" "C:\Users\hp\AppData\Roaming\Mozilla\Firefox\Profiles\icbt817x.default-release" "-container" "0"
ShortcutWithArgument: C:\Users\hp\AppData\Roaming\Microsoft\Internet Explorer\Quick Launch\User Pinned\TaskBar\Správce hesel Google.lnk -> C:\Program Files\Google\Chrome\Application\chrome_proxy.exe (Google LLC) -> --profile-directory=Default --app-id=kajebgjangihfbkjfejcanhanjmmbcfd
ShortcutWithArgument: C:\Users\hp\AppData\Roaming\Microsoft\Internet Explorer\Quick Launch\User Pinned\TaskBar\Vzdálená plocha Chrome.lnk -> C:\Program Files\Google\Chrome\Application\chrome_proxy.exe (Google LLC) -> --profile-directory=Default --app-id=cmkncekebbebpfilplodngbpllndjkfo

==================== Loaded Modules (Whitelisted) =============

2015-06-16 16:50 - 2015-06-16 16:50 - 002099200 _____ () [File not signed] C:\Program Files (x86)\TechSmith\Snagit 12\opencv_core249.dll
2015-06-16 16:50 - 2015-06-16 16:50 - 001914368 _____ () [File not signed] C:\Program Files (x86)\TechSmith\Snagit 12\opencv_imgproc249.dll
2014-04-12 22:34 - 2014-04-12 22:34 - 006527488 _____ () [File not signed] C:\Program Files\Media Preview\avcodec-mp-55.dll
2014-04-12 22:34 - 2014-04-12 22:34 - 001059840 _____ () [File not signed] C:\Program Files\Media Preview\avformat-mp-55.dll
2014-04-12 22:34 - 2014-04-12 22:34 - 000387584 _____ () [File not signed] C:\Program Files\Media Preview\avutil-mp-52.dll
2014-03-24 01:47 - 2014-03-24 01:47 - 000279040 _____ () [File not signed] C:\Program Files\Media Preview\libpng16.dll
2014-04-12 22:34 - 2014-04-12 22:34 - 000460288 _____ () [File not signed] C:\Program Files\Media Preview\swscale-mp-2.dll
2014-03-23 23:06 - 2014-03-23 23:06 - 000134144 _____ () [File not signed] C:\Program Files\Media Preview\zlib.dll
2025-11-17 00:51 - 2025-10-31 08:00 - 000403968 _____ () [File not signed] C:\Program Files\MPC-HC\LAVFilters64\libbluray.dll
2025-11-17 00:51 - 2025-10-31 08:00 - 000322560 _____ (1f0.de - Hendrik Leppkes) [File not signed] C:\Program Files\MPC-HC\LAVFilters64\LAVAudio.ax
2025-11-17 00:51 - 2025-10-31 08:00 - 000667136 _____ (1f0.de - Hendrik Leppkes) [File not signed] C:\Program Files\MPC-HC\LAVFilters64\LAVSplitter.ax
2025-11-17 00:51 - 2025-10-31 08:00 - 001259008 _____ (1f0.de - Hendrik Leppkes) [File not signed] C:\Program Files\MPC-HC\LAVFilters64\LAVVideo.ax
2014-04-12 23:33 - 2014-04-12 23:33 - 000323072 _____ (BabelSoft) [File not signed] C:\Program Files\Media Preview\VideoPreview.dll
2025-11-17 00:51 - 2025-10-31 08:00 - 015763020 _____ (FFmpeg Project) [File not signed] C:\Program Files\MPC-HC\LAVFilters64\avcodec-lav-62.dll
2025-11-17 00:51 - 2025-10-31 08:00 - 000255052 _____ (FFmpeg Project) [File not signed] C:\Program Files\MPC-HC\LAVFilters64\avfilter-lav-11.dll
2025-11-17 00:51 - 2025-10-31 08:00 - 005603404 _____ (FFmpeg Project) [File not signed] C:\Program Files\MPC-HC\LAVFilters64\avformat-lav-62.dll
2025-11-17 00:51 - 2025-10-31 08:00 - 001087564 _____ (FFmpeg Project) [File not signed] C:\Program Files\MPC-HC\LAVFilters64\avutil-lav-60.dll
2025-11-17 00:51 - 2025-10-31 08:00 - 000124492 _____ (FFmpeg Project) [File not signed] C:\Program Files\MPC-HC\LAVFilters64\swresample-lav-6.dll
2025-11-17 00:51 - 2025-10-31 08:00 - 001015372 _____ (FFmpeg Project) [File not signed] C:\Program Files\MPC-HC\LAVFilters64\swscale-lav-9.dll
2021-10-29 16:44 - 2021-10-29 16:44 - 000466944 _____ (Florian Heidenreich) [File not signed] C:\Program Files (x86)\Mp3tag\Mp3tagShell64.dll
2010-08-06 11:15 - 2010-08-06 11:15 - 000071680 _____ (Hewlett-Packard) [File not signed] c:\windows\system32\hpzinw12.dll
2010-08-06 11:15 - 2010-08-06 11:15 - 000089600 _____ (Hewlett-Packard) [File not signed] c:\windows\system32\hpzipm12.dll
2025-06-10 18:21 - 2021-04-14 10:11 - 000586240 _____ (HP Development Company, L.P.) [File not signed] C:\WINDOWS\System32\NetFaxPort64.dll
2025-06-10 18:21 - 2021-04-14 10:09 - 001050112 _____ (HP Development Company, L.P.) [File not signed] C:\WINDOWS\system32\spool\drivers\x64\3\NetFaxDataBase64.dll
2025-06-10 18:21 - 2021-04-14 10:10 - 001863680 _____ (HP Development Company, L.P.) [File not signed] C:\WINDOWS\system32\spool\drivers\x64\3\NetFaxEngine64.dll
2025-06-10 18:21 - 2021-04-14 10:10 - 000193024 _____ (HP Development Company, L.P.) [File not signed] C:\WINDOWS\system32\spool\drivers\x64\3\NetFaxShell64.dll
2025-06-10 18:21 - 2021-04-14 10:09 - 000324608 _____ (HP Development Company, L.P.) [File not signed] C:\WINDOWS\system32\spool\drivers\x64\3\NetFaxUser64.dll
2025-06-10 18:21 - 2021-04-14 10:10 - 000146944 _____ (HP Development Company, L.P.) [File not signed] C:\WINDOWS\system32\spool\PRTPROCS\x64\NetFaxProc64.dll
2015-06-16 16:50 - 2015-06-16 16:50 - 000480256 _____ (hxxp://hunspell.sourceforge.net/) [File not signed] C:\Program Files (x86)\TechSmith\Snagit 12\libhunspell.dll
2025-11-17 00:51 - 2024-02-15 15:18 - 000180224 _____ (Idol Software) [File not signed] C:\Program Files\MPC-HC\CrashReporter\crashrpt.dll
2015-06-16 16:50 - 2015-06-16 16:50 - 000066192 ____R (LEAD Technologies, Inc -> LEAD Technologies, Inc.) [File not signed] C:\Program Files (x86)\TechSmith\Snagit 12\LFJbg15U.DLL
2015-06-16 16:50 - 2015-06-16 16:50 - 000126096 ____R (LEAD Technologies, Inc -> LEAD Technologies, Inc.) [File not signed] C:\Program Files (x86)\TechSmith\Snagit 12\LFPng15U.DLL
2015-06-16 16:50 - 2015-06-16 16:50 - 000212112 _____ (LEAD Technologies, Inc -> LEAD Technologies, Inc.) [File not signed] C:\Program Files (x86)\TechSmith\Snagit 12\Ltimgclr15u.dll
2015-06-16 16:50 - 2015-06-16 16:50 - 000208016 _____ (LEAD Technologies, Inc -> LEAD Technologies, Inc.) [File not signed] C:\Program Files (x86)\TechSmith\Snagit 12\Ltimgefx15u.dll
2015-06-16 16:50 - 2015-06-16 16:50 - 000134288 _____ (LEAD Technologies, Inc -> LEAD Technologies, Inc.) [File not signed] C:\Program Files (x86)\TechSmith\Snagit 12\Ltimgutl15u.dll
2015-06-16 16:50 - 2015-06-16 16:50 - 000122000 _____ (LEAD Technologies, Inc -> LEAD Technologies, Inc.) [File not signed] C:\Program Files (x86)\TechSmith\Snagit 12\Lttwn15u.dll
2025-11-17 00:51 - 2020-05-28 16:43 - 004296704 _____ (Microsoft Corporation) [File not signed] C:\Program Files\MPC-HC\d3dcompiler_47.dll
2021-01-16 21:26 - 2021-01-16 21:26 - 000000000 ___JL (Microsoft Corporation) [symlink -> C:\Program Files\Common Files\Microsoft Shared\ClickToRun\AppvIsvSubsystems64.dll] C:\Program Files\Microsoft Office\root\Office16\AppVIsvSubsystems64.dll
2021-01-16 21:26 - 2021-01-16 21:26 - 000000000 ___JL (Microsoft Corporation) [symlink -> C:\Program Files\Common Files\Microsoft Shared\ClickToRun\C2R64.dll] C:\Program Files\Microsoft Office\root\Office16\c2r64.dll
2025-11-17 00:51 - 2025-10-31 08:00 - 000186880 _____ (MPC-HC Team) [File not signed] C:\Program Files\MPC-HC\Lang\mpcresources.cs.dll
2025-07-02 13:53 - 2025-07-02 13:53 - 000000000 ___JL (NVIDIA Corporation) [symlink -> C:\Program Files\NVIDIA Corporation\NVIDIA App\CEF\PlugIns\NVIDIA App\MessageBusRouter.dll] C:\Program Files\NVIDIA Corporation\NVIDIA App\CEF\plugins\NVIDIA Overlay\MessageBusRouter.dll
2025-07-02 13:53 - 2025-07-02 13:53 - 000000000 ___JL (NVIDIA Corporation) [symlink -> C:\Program Files\NVIDIA Corporation\NVIDIA App\MessageBus\NvMessageBusBroadcast.dll] C:\Program Files\NVIDIA Corporation\NvContainer\plugins\LocalSystem\NvMessageBusBroadcast.dll
2015-06-16 17:05 - 2015-06-25 19:27 - 006934848 _____ (TechSmith Corporation -> TechSmith Corporation) [File not signed] C:\Program Files (x86)\TechSmith\Snagit 12\SnagItEditorRes.dll
2015-06-16 17:05 - 2015-06-28 10:13 - 004794688 _____ (TechSmith Corporation) [File not signed] C:\Program Files (x86)\TechSmith\Snagit 12\SnagItres.dll
2015-06-16 17:03 - 2015-06-16 17:03 - 000165888 _____ (TechSmith Corporation) [File not signed] C:\Program Files (x86)\TechSmith\Snagit 12\TSCREC3.dll

==================== Alternate Data Streams (Whitelisted) ========

(If an entry is included in the fixlist, only the ADS will be removed.)

AlternateDataStreams: C:\ProgramData\TEMP:1AAB2E68 [183]

==================== Safe Mode (Whitelisted) ==================

==================== Association (Whitelisted) =================

==================== Internet Explorer (Whitelisted) =============

BHO: Skype for Business Browser Helper -> {31D09BA0-12F5-4CCE-BE8A-2923E76605DA} -> C:\Program Files\Microsoft Office\root\Office16\OCHelper.dll [2021-05-26] (Microsoft Corporation -> Microsoft Corporation)
BHO-x32: Skype for Business Browser Helper -> {31D09BA0-12F5-4CCE-BE8A-2923E76605DA} -> C:\Program Files\Microsoft Office\root\VFS\ProgramFilesX86\Microsoft Office\Office16\OCHelper.dll [2021-05-26] (Microsoft Corporation -> Microsoft Corporation)
Handler: mso-minsb-roaming.16 - {83C25742-A9F7-49FB-9138-434302C88D07} - C:\Program Files\Microsoft Office\root\Office16\MSOSB.DLL [2021-05-26] (Microsoft Corporation -> Microsoft Corporation)
Handler-x32: mso-minsb-roaming.16 - {83C25742-A9F7-49FB-9138-434302C88D07} - C:\Program Files\Microsoft Office\root\VFS\ProgramFilesX86\Microsoft Office\Office16\MSOSB.DLL [2021-05-26] (Microsoft Corporation -> Microsoft Corporation)
Handler: mso-minsb.16 - {42089D2D-912D-4018-9087-2B87803E93FB} - C:\Program Files\Microsoft Office\root\Office16\MSOSB.DLL [2021-05-26] (Microsoft Corporation -> Microsoft Corporation)
Handler-x32: mso-minsb.16 - {42089D2D-912D-4018-9087-2B87803E93FB} - C:\Program Files\Microsoft Office\root\VFS\ProgramFilesX86\Microsoft Office\Office16\MSOSB.DLL [2021-05-26] (Microsoft Corporation -> Microsoft Corporation)
Handler: osf-roaming.16 - {42089D2D-912D-4018-9087-2B87803E93FB} - C:\Program Files\Microsoft Office\root\Office16\MSOSB.DLL [2021-05-26] (Microsoft Corporation -> Microsoft Corporation)
Handler-x32: osf-roaming.16 - {42089D2D-912D-4018-9087-2B87803E93FB} - C:\Program Files\Microsoft Office\root\VFS\ProgramFilesX86\Microsoft Office\Office16\MSOSB.DLL [2021-05-26] (Microsoft Corporation -> Microsoft Corporation)
Handler: osf.16 - {5504BE45-A83B-4808-900A-3A5C36E7F77A} - C:\Program Files\Microsoft Office\root\Office16\MSOSB.DLL [2021-05-26] (Microsoft Corporation -> Microsoft Corporation)
Handler-x32: osf.16 - {5504BE45-A83B-4808-900A-3A5C36E7F77A} - C:\Program Files\Microsoft Office\root\VFS\ProgramFilesX86\Microsoft Office\Office16\MSOSB.DLL [2021-05-26] (Microsoft Corporation -> Microsoft Corporation)

(If an entry is included in the fixlist, it will be removed from the registry.)

IE trusted site: HKU\S-1-5-21-4110395000-121095619-2023355872-1001\...\localhost -> localhost

==================== Hosts content: =========================

(If needed Hosts: directive could be included in the fixlist to reset Hosts.)

2021-01-14 10:42 - 2024-03-15 01:43 - 000000307 _____ C:\WINDOWS\system32\drivers\etc\hosts
127.0.0.1 localhost
127.0.0.1 https://gasurvey.gemius.com/recruiting/ ... 0460910135

2023-08-22 21:28 - 2025-09-16 15:45 - 000000446 _____ C:\WINDOWS\system32\drivers\etc\hosts.ics
192.168.137.1 DESKTOP-V512I58.mshome.net # 2030 7 5 5 14 1 34 327

==================== Network ===========================

(Currently there is no automatic fix for this section.)

DNS Servers: 31.30.90.11 - 31.30.90.12
Windows Firewall is enabled.

Network Binding:
=============
Ethernet 2: ASIX USB to Gigabit Ethernet Family Adapter -> AxUsbEth.sys
Síťové připojení Bluetooth: Bluetooth Device (Personal Area Network) -> bthpan.sys
Ethernet: Realtek PCIe GbE Family Controller -> rt640x64.sys
Wi-Fi: Intel(R) Dual Band Wireless-AC 3168 -> Netwtw04.sys

==================== Other Areas ===========================

(Currently there is no automatic fix for this section.)

HKU\S-1-5-21-4110395000-121095619-2023355872-1001\Control Panel\Desktop\\Wallpaper -> C:\Users\hp\Pictures\window10.jpg
HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Policies\System => (ConsentPromptBehaviorAdmin: 0) (ConsentPromptBehaviorUser: 3) (EnableLUA: 1)
HKLM\SOFTWARE\Microsoft\Windows Defender\Features => (TamperProtection: 1) (TamperProtectionSource: 5)
HKLM\SOFTWARE\Microsoft\Windows Defender\Real-Time Protection => (DpaDisabled: 0)


==================== MSCONFIG/TASK MANAGER disabled items ==

(If an entry is included in the fixlist, it will be removed.)

HKLM\...\StartupApproved\StartupFolder: => "HP Digital Imaging Monitor.lnk"
HKLM\...\StartupApproved\StartupFolder: => "Samsung Network PC Fax.lnk"
HKLM\...\StartupApproved\Run: => "SecurityHealth"
HKLM\...\StartupApproved\Run: => "Everything"
HKLM\...\StartupApproved\Run: => "CDAServer"
HKLM\...\StartupApproved\Run32: => "PWRISOVM.EXE"
HKLM\...\StartupApproved\Run32: => "HP Software Update"
HKLM\...\StartupApproved\Run32: => "Wondershare Helper Compact.exe"
HKU\S-1-5-21-4110395000-121095619-2023355872-1001\...\StartupApproved\StartupFolder: => "hpqtra08.exe"
HKU\S-1-5-21-4110395000-121095619-2023355872-1001\...\StartupApproved\StartupFolder: => "ShutdownTimer.lnk"
HKU\S-1-5-21-4110395000-121095619-2023355872-1001\...\StartupApproved\Run: => "OneDrive"
HKU\S-1-5-21-4110395000-121095619-2023355872-1001\...\StartupApproved\Run: => "Skype for Desktop"
HKU\S-1-5-21-4110395000-121095619-2023355872-1001\...\StartupApproved\Run: => "CCleaner Smart Cleaning"
HKU\S-1-5-21-4110395000-121095619-2023355872-1001\...\StartupApproved\Run: => "STUISpeedLauncher"
HKU\S-1-5-21-4110395000-121095619-2023355872-1001\...\StartupApproved\Run: => "uTorrent"
HKU\S-1-5-21-4110395000-121095619-2023355872-1001\...\StartupApproved\Run: => "qBittorrent"
HKU\S-1-5-21-4110395000-121095619-2023355872-1001\...\StartupApproved\Run: => "MicrosoftEdgeAutoLaunch_F072E8F080C5A31FE150A3CA4B35FB6A"

==================== FirewallRules (Whitelisted) ================

(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)

FirewallRules: [{D860E858-C11D-4EF1-A2F3-1C5A191AC95F}] => (Allow) C:\WINDOWS\system32\spool\drivers\x64\3\NetFaxMon64.exe (HP Development Company, L.P.) [File not signed]
FirewallRules: [{FE16B713-2598-42FD-A78F-324C8AEB5FEF}] => (Allow) C:\Program Files (x86)\Samsung\Network PC Fax\drv\NetFaxMon.exe (HP Development Company, L.P.) [File not signed]
FirewallRules: [{EAC81E0E-4E95-42A6-B869-329B3C22BE62}] => (Allow) C:\Program Files (x86)\Samsung\Network PC Fax\drv\NetFaxMon64.exe (HP Development Company, L.P.) [File not signed]
FirewallRules: [{05750999-EDC1-4F33-9323-2E44013A579E}] => (Allow) C:\Program Files (x86)\Samsung\Samsung Universal Scan Driver\ScanCDLM.exe (Samsung Electronics CO., LTD. -> )
FirewallRules: [{E8664508-098E-4F2E-B4D3-2B1F2385BE29}] => (Allow) C:\Program Files\qBittorrent\qbittorrent.exe (The qBittorrent Project) [File not signed]
FirewallRules: [{A26C16D7-5AD6-4871-85B6-C74D8E58CA15}] => (Allow) C:\Program Files\qBittorrent\qbittorrent.exe (The qBittorrent Project) [File not signed]
FirewallRules: [UDP Query User{43E63E7F-1F47-4D88-B0A6-3239FBA074A1}C:\program files\naps2\naps2.exe] => (Block) C:\program files\naps2\naps2.exe (NAPS2 Software -> NAPS2)
FirewallRules: [TCP Query User{1F5D4B92-E9B8-463B-9D42-3D3A11631324}C:\program files\naps2\naps2.exe] => (Block) C:\program files\naps2\naps2.exe (NAPS2 Software -> NAPS2)
FirewallRules: [{D06570D0-0E65-430C-AFDA-840C89E4F3E2}] => (Allow) C:\HP\Diagnostics\PSDR\HPDiagnosticCoreUI.exe (HP Inc. -> HP Development Company, L.P.)
FirewallRules: [{903DCA13-94FD-4934-B7AC-61A6ED833875}] => (Allow) C:\HP\Diagnostics\PSDR\HPDiagnosticCoreUI.exe (HP Inc. -> HP Development Company, L.P.)
FirewallRules: [UDP Query User{7DE608D8-3116-4BE2-BE8E-3F366FFF750E}C:\program files\videolan\vlc\vlc.exe] => (Allow) C:\program files\videolan\vlc\vlc.exe (VideoLAN -> VideoLAN)
FirewallRules: [TCP Query User{E3258870-2BB3-4630-8792-57D6BF86EA8D}C:\program files\videolan\vlc\vlc.exe] => (Allow) C:\program files\videolan\vlc\vlc.exe (VideoLAN -> VideoLAN)
FirewallRules: [{E7CAA71A-5363-450F-B4BC-A41E46869C16}] => (Allow) C:\Program Files (x86)\Apowersoft\ApowerMirror\ApowerMirror.exe (Apowersoft Ltd -> Apowersoft)
FirewallRules: [{6FAEF4C6-C02C-4D94-BB6F-65B310804A98}] => (Allow) C:\Program Files (x86)\Apowersoft\ApowerMirror\ApowerMirror.exe (Apowersoft Ltd -> Apowersoft)
FirewallRules: [{F633D7EE-B2E9-4FA9-A8CE-1E642A041CA5}] => (Allow) C:\Program Files (x86)\Bonjour\mDNSResponder.exe (Apple Inc. -> Apple Inc.)
FirewallRules: [{CDA95A66-D8A6-4932-8CF2-2A94DE44DAAF}] => (Allow) C:\Program Files (x86)\Bonjour\mDNSResponder.exe (Apple Inc. -> Apple Inc.)
FirewallRules: [{1AEB5222-EA0B-4AFC-B693-40970ECEC367}] => (Allow) C:\Program Files\Bonjour\mDNSResponder.exe (Apple Inc. -> Apple Inc.)
FirewallRules: [{519F9B3C-CE9F-4A4C-A0E4-E6D30DD9700A}] => (Allow) C:\Program Files\Bonjour\mDNSResponder.exe (Apple Inc. -> Apple Inc.)
FirewallRules: [UDP Query User{3B0EB794-14EE-445E-8CC8-65EDEA845B69}C:\program files\common files\common desktop agent\cdasrv.exe] => (Allow) C:\program files\common files\common desktop agent\cdasrv.exe (Samsung Electronics CO., LTD. -> )
FirewallRules: [TCP Query User{2BA129FC-3EB8-4CE1-B36F-B453B2C58D17}C:\program files\common files\common desktop agent\cdasrv.exe] => (Allow) C:\program files\common files\common desktop agent\cdasrv.exe (Samsung Electronics CO., LTD. -> )
FirewallRules: [{D24B6855-1C60-40E6-A536-59CB57BB27FC}] => (Block) C:\Program Files\VS Revo Group\Revo Uninstaller Pro\RevoUninPro.exe (VS Revo Group Ltd. -> VS Revo Group)
FirewallRules: [{C779F467-069A-4BB3-8B6E-66FB298963FC}] => (Block) C:\Program Files\VS Revo Group\Revo Uninstaller Pro\RevoUninPro.exe (VS Revo Group Ltd. -> VS Revo Group)
FirewallRules: [{D11023DC-EEB0-4240-AE3C-4E62B3D0F6FC}] => (Allow) C:\Program Files\Common Files\Common Desktop Agent\CDASrv.exe (Samsung Electronics CO., LTD. -> )
FirewallRules: [{D872EE71-988F-435D-91CC-F3C0D2BD5AAB}] => (Allow) C:\Program Files (x86)\Samsung\Easy Printer Manager\EPM2Migrator.exe (HP Development Company, L.P.) [File not signed]
FirewallRules: [{D3FA5104-3677-4D84-98B7-221AC2EF056E}] => (Allow) C:\Program Files (x86)\Samsung\Easy Printer Manager\EPM2AlertList.exe (HP Development Company, L.P.) [File not signed]
FirewallRules: [{6EDC8A59-4A8F-4E6E-8ED0-F969352316D3}] => (Allow) C:\Program Files (x86)\Samsung\Easy Printer Manager\OrderSupplies.exe (HP Development Company, L.P.) [File not signed]
FirewallRules: [{5EC05BFE-D614-4BC6-93CB-1C0D43B324E7}] => (Allow) C:\Program Files (x86)\Samsung\Easy Printer Manager\EasyPrinterManagerV2.exe (HP Development Company, L.P.) [File not signed]
FirewallRules: [{C101C695-69C3-4D59-888E-B4C92A73E40E}] => (Allow) C:\Program Files\Common Files\Common Desktop Agent\CDASrv.exe (Samsung Electronics CO., LTD. -> )
FirewallRules: [{0C7E4EDE-9CBA-45BF-B477-F3F0659449CD}] => (Allow) C:\Program Files\Common Files\Common Desktop Agent\CDASrv.exe (Samsung Electronics CO., LTD. -> )
FirewallRules: [UDP Query User{88026862-240F-4AE6-BFAE-9366462F64A0}C:\program files\qbittorrent\qbittorrent.exe] => (Allow) C:\program files\qbittorrent\qbittorrent.exe (The qBittorrent Project) [File not signed]
FirewallRules: [TCP Query User{75BCCB7C-5AF3-4782-8FF1-06124353BC4F}C:\program files\qbittorrent\qbittorrent.exe] => (Allow) C:\program files\qbittorrent\qbittorrent.exe (The qBittorrent Project) [File not signed]
FirewallRules: [{023019D5-23D1-4EDB-A32A-EA80760D7EDA}] => (Allow) LPort=57209
FirewallRules: [{3A8DB3FA-73D9-40A4-88B7-2B40D210A1A2}] => (Allow) LPort=57209
FirewallRules: [{6C570EBA-1756-4701-9DDE-FCB1CE0FFA48}] => (Allow) C:\Program Files (x86)\Samsung\Samsung Printer Center\SamsungPrinterCenter.exe (Samsung Electronics CO., LTD. -> Samsung Electronics Co., Ltd.)
FirewallRules: [UDP Query User{4C1A79D9-B1A6-48E9-B87A-C565F400A4B1}C:\program files (x86)\common files\scan process machine\imageeng.exe] => (Allow) C:\program files (x86)\common files\scan process machine\imageeng.exe (Samsung Electronics CO., LTD. -> )
FirewallRules: [TCP Query User{40808B03-6346-4BF9-82F5-128FAD13BF3F}C:\program files (x86)\common files\scan process machine\imageeng.exe] => (Allow) C:\program files (x86)\common files\scan process machine\imageeng.exe (Samsung Electronics CO., LTD. -> )
FirewallRules: [{E59FA2BA-F2D5-4C1F-B20C-F640F40D0D76}] => (Allow) C:\HP\Diagnostics\PSDR\HPDiagnosticCoreUI.exe (HP Inc. -> HP Development Company, L.P.)
FirewallRules: [{25131BA1-383D-4EEF-8A65-772AD88E9F32}] => (Allow) C:\HP\Diagnostics\PSDR\HPDiagnosticCoreUI.exe (HP Inc. -> HP Development Company, L.P.)
FirewallRules: [{C1EE6046-6F91-40BF-9141-BF42EAB7673E}] => (Allow) C:\Program Files (x86)\HP\Diagnostics\PSDR\SoftPaq\Binaries\HPDiagnosticCoreUI.exe (HP Inc. -> HP Development Company, L.P.)
FirewallRules: [{2F95E6A6-EF0E-4B99-9FBA-FA0EEE15BD21}] => (Allow) C:\Program Files (x86)\HP\Diagnostics\PSDR\SoftPaq\Binaries\HPDiagnosticCoreUI.exe (HP Inc. -> HP Development Company, L.P.)
FirewallRules: [{4AEF1025-A375-488B-91A3-1DC5A751DB34}] => (Allow) C:\Program Files\Microsoft Office\root\Office16\UcMapi.exe (Microsoft Corporation -> Microsoft Corporation)
FirewallRules: [{D60C7DC7-F6BE-4E71-B14F-39DE87837375}] => (Allow) C:\Program Files\Microsoft Office\root\Office16\Lync.exe (Microsoft Corporation -> Microsoft Corporation)
FirewallRules: [{689AF843-A4F1-4AD2-B792-26572012A77F}] => (Allow) C:\Program Files\Microsoft Office\root\Office16\outlook.exe (Microsoft Corporation -> Microsoft Corporation)
FirewallRules: [{2EE96C8F-9282-4316-8CA8-B3D8BC166615}] => (Allow) C:\Program Files\Mozilla Firefox\firefox.exe (Mozilla Corporation -> Mozilla Corporation)
FirewallRules: [{FAFA95E1-68AC-4746-8506-2946CC66690A}] => (Allow) C:\Program Files\Mozilla Firefox\firefox.exe (Mozilla Corporation -> Mozilla Corporation)
FirewallRules: [{F684DBD3-FCC4-43D5-B26E-70D8ECEAA064}] => (Allow) C:\Program Files\Microsoft Office\root\Office16\UcMapi.exe (Microsoft Corporation -> Microsoft Corporation)
FirewallRules: [{0C3EE6AD-04D1-4EA0-8E61-4264121EB308}] => (Allow) C:\Program Files\Microsoft Office\root\Office16\Lync.exe (Microsoft Corporation -> Microsoft Corporation)
FirewallRules: [UDP Query User{6A85BFC3-F27E-4B13-9056-A5E7A79C8094}C:\program files\mozilla firefox\firefox.exe] => (Allow) C:\program files\mozilla firefox\firefox.exe (Mozilla Corporation -> Mozilla Corporation)
FirewallRules: [TCP Query User{FDB098BF-1506-49D9-BDDF-50D75A2DE41C}C:\program files\mozilla firefox\firefox.exe] => (Allow) C:\program files\mozilla firefox\firefox.exe (Mozilla Corporation -> Mozilla Corporation)
FirewallRules: [{EDBFF13A-0E02-4E15-B731-985DBD3CE9D9}] => (Allow) C:\Program Files\WindowsApps\Microsoft.SkypeApp_15.68.96.0_x86__kzf8qxf38zg5c\Skype\Skype.exe (Skype Software Sarl -> Skype Technologies S.A.)
FirewallRules: [{E06B70AC-9F5B-4FE2-B178-D28A6322732F}] => (Allow) C:\Program Files\WindowsApps\Microsoft.SkypeApp_15.68.96.0_x86__kzf8qxf38zg5c\Skype\Skype.exe (Skype Software Sarl -> Skype Technologies S.A.)
FirewallRules: [{2E40ADB5-334A-41AE-A616-E89FC046AEB4}] => (Allow) C:\Program Files\WindowsApps\Microsoft.SkypeApp_15.68.96.0_x86__kzf8qxf38zg5c\Skype\Skype.exe (Skype Software Sarl -> Skype Technologies S.A.)
FirewallRules: [{EEC9909B-3046-498F-A36A-98BCB92862D6}] => (Allow) C:\Program Files\WindowsApps\Microsoft.SkypeApp_15.68.96.0_x86__kzf8qxf38zg5c\Skype\Skype.exe (Skype Software Sarl -> Skype Technologies S.A.)
FirewallRules: [{E2B79466-8370-4B6C-AE25-EBFAC2C134B6}] => (Allow) LPort=8298
FirewallRules: [TCP Query User{CAA970FD-8C12-4CDE-BC71-B70A8B10D53A}E:\stažené soubory\filetransfer.exe] => (Block) E:\stažené soubory\filetransfer.exe => No File
FirewallRules: [UDP Query User{F58B0E2D-855F-4EB6-BFA2-7DBF45F9D8F8}E:\stažené soubory\filetransfer.exe] => (Block) E:\stažené soubory\filetransfer.exe => No File
FirewallRules: [{5B85B711-905A-430F-8B7A-D0CE59FFCBCC}] => (Allow) C:\Program Files\Google\NearbyShare\nearby_share.exe (Google LLC -> Google)
FirewallRules: [{0BA6C685-BD26-45C1-B182-4A1F9C0D5D27}] => (Allow) C:\Program Files\Google\NearbyShare\nearby_share.exe (Google LLC -> Google)
FirewallRules: [{C4AF9787-FA50-47DB-8688-C24FC832A489}] => (Allow) C:\Program Files (x86)\Google\Chrome Remote Desktop\143.0.7499.7\remoting_host.exe (Google LLC -> Google LLC)
FirewallRules: [{D1B21A1A-8011-476D-96D7-92D55D1F0E24}] => (Allow) C:\Program Files\BraveSoftware\Brave-Browser\Application\brave.exe (Brave Software, Inc. -> Brave Software, Inc.)
FirewallRules: [{AF190915-2CD6-4C23-A7E7-1966403F1AA2}] => (Allow) C:\Program Files\Google\Chrome\Application\chrome.exe (Google LLC -> Google LLC)
FirewallRules: [{3FF16D97-E1A1-4159-AC0D-863C53FB67D0}] => (Allow) C:\Program Files\WindowsApps\SpotifyAB.SpotifyMusic_1.277.358.0_x64__zpdnekdrzrea0\Spotify.exe (453637B3-4E12-4CDF-B0D3-2A3C863BF6EF -> Spotify Ltd)
FirewallRules: [{085FF1AF-8EEF-483D-A1AC-9C19336F7755}] => (Allow) C:\Program Files\WindowsApps\SpotifyAB.SpotifyMusic_1.277.358.0_x64__zpdnekdrzrea0\Spotify.exe (453637B3-4E12-4CDF-B0D3-2A3C863BF6EF -> Spotify Ltd)
FirewallRules: [{32880FAF-57FF-4E81-93E4-BAD9E9A19AA6}] => (Allow) C:\Program Files\WindowsApps\SpotifyAB.SpotifyMusic_1.277.358.0_x64__zpdnekdrzrea0\Spotify.exe (453637B3-4E12-4CDF-B0D3-2A3C863BF6EF -> Spotify Ltd)
FirewallRules: [{F6332E0F-65F1-4FD4-9461-3F1CC171D9B8}] => (Allow) C:\Program Files\WindowsApps\SpotifyAB.SpotifyMusic_1.277.358.0_x64__zpdnekdrzrea0\Spotify.exe (453637B3-4E12-4CDF-B0D3-2A3C863BF6EF -> Spotify Ltd)
FirewallRules: [{12227ECD-41F1-4A13-AE57-88832547056E}] => (Allow) C:\Program Files\WindowsApps\SpotifyAB.SpotifyMusic_1.277.358.0_x64__zpdnekdrzrea0\Spotify.exe (453637B3-4E12-4CDF-B0D3-2A3C863BF6EF -> Spotify Ltd)
FirewallRules: [{6511F192-3472-4CA5-977E-133B283644B4}] => (Allow) C:\Program Files\WindowsApps\SpotifyAB.SpotifyMusic_1.277.358.0_x64__zpdnekdrzrea0\Spotify.exe (453637B3-4E12-4CDF-B0D3-2A3C863BF6EF -> Spotify Ltd)
FirewallRules: [{659DB473-6280-4B3C-BE1A-BF452DB410EE}] => (Allow) C:\Program Files\WindowsApps\SpotifyAB.SpotifyMusic_1.277.358.0_x64__zpdnekdrzrea0\Spotify.exe (453637B3-4E12-4CDF-B0D3-2A3C863BF6EF -> Spotify Ltd)
FirewallRules: [{9A95AA10-F498-4856-B2B9-DE6E5A103B7F}] => (Allow) C:\Program Files\WindowsApps\SpotifyAB.SpotifyMusic_1.277.358.0_x64__zpdnekdrzrea0\Spotify.exe (453637B3-4E12-4CDF-B0D3-2A3C863BF6EF -> Spotify Ltd)
FirewallRules: [{FFF0A87F-FA14-42BD-8506-F7F54832FCF3}] => (Allow) C:\Program Files\WindowsApps\SpotifyAB.SpotifyMusic_1.277.358.0_x64__zpdnekdrzrea0\Spotify.exe (453637B3-4E12-4CDF-B0D3-2A3C863BF6EF -> Spotify Ltd)
FirewallRules: [{6D8A1067-13C9-458D-919E-A394F1A1DFA0}] => (Allow) C:\Program Files\WindowsApps\SpotifyAB.SpotifyMusic_1.277.358.0_x64__zpdnekdrzrea0\Spotify.exe (453637B3-4E12-4CDF-B0D3-2A3C863BF6EF -> Spotify Ltd)
FirewallRules: [{663454F5-3DDD-45EE-B7B7-A59C58164984}] => (Allow) C:\Program Files\WindowsApps\SpotifyAB.SpotifyMusic_1.277.358.0_x64__zpdnekdrzrea0\SpotifyLauncher.exe (453637B3-4E12-4CDF-B0D3-2A3C863BF6EF -> Spotify Ltd)
FirewallRules: [{AAA8D718-A548-44B2-8CC3-B9E357B8ACF6}] => (Allow) C:\Program Files\WindowsApps\SpotifyAB.SpotifyMusic_1.277.358.0_x64__zpdnekdrzrea0\SpotifyLauncher.exe (453637B3-4E12-4CDF-B0D3-2A3C863BF6EF -> Spotify Ltd)
FirewallRules: [{7BDC3544-A22F-4736-90CF-A0CA14DC7D3C}] => (Allow) C:\Program Files\WindowsApps\SpotifyAB.SpotifyMusic_1.277.358.0_x64__zpdnekdrzrea0\SpotifyLauncher.exe (453637B3-4E12-4CDF-B0D3-2A3C863BF6EF -> Spotify Ltd)

==================== Restore Points =========================

23-11-2025 19:00:23 Windows Zálohování

==================== Faulty Device Manager Devices ============

==================== Event log errors: ========================

Application errors:
==================
Error: (11/26/2025 02:30:50 PM) (Source: Firefox Default Browser Agent) (EventID: 1140) (User: )
Description: Event-ID 1140

Error: (11/26/2025 02:30:50 PM) (Source: Firefox Default Browser Agent) (EventID: 1140) (User: )
Description: Event-ID 1140

Error: (11/26/2025 02:20:32 PM) (Source: FolderSize) (EventID: 0) (User: )
Description: Event-ID 0

Error: (11/21/2025 10:04:42 PM) (Source: FolderSize) (EventID: 0) (User: )
Description: Event-ID 0

Error: (11/21/2025 10:24:52 AM) (Source: FolderSize) (EventID: 0) (User: )
Description: Event-ID 0

Error: (11/20/2025 09:10:38 PM) (Source: Application Error) (EventID: 1000) (User: )
Description: Název chybující aplikace: PhoneExperienceHost.exe, verze: 1.25072.79.0, časové razítko: 0x68a40000
Název chybujícího modulu: Microsoft.UI.Xaml.dll, verze: 3.1.7.0, časové razítko: 0x1822598a
Kód výjimky: 0xc000027b
Posun chyby: 0x000000000039ce55
ID chybujícího procesu: 0x36a8
Čas spuštění chybující aplikace: 0x01dc5753c5fd220e
Cesta k chybující aplikaci: C:\Program Files\WindowsApps\Microsoft.YourPhone_1.25072.79.0_x64__8wekyb3d8bbwe\PhoneExperienceHost.exe
Cesta k chybujícímu modulu: C:\Program Files\WindowsApps\Microsoft.WindowsAppRuntime.1.7_7000.676.1651.0_x64__8wekyb3d8bbwe\Microsoft.UI.Xaml.dll
ID zprávy: 7e1f0dba-1f2d-4fa9-a365-5480ef6d585f
Úplný název chybujícího balíčku: Microsoft.YourPhone_1.25072.79.0_x64__8wekyb3d8bbwe
ID aplikace související s chybujícím balíčkem: App

Error: (11/20/2025 03:28:27 AM) (Source: Microsoft-Windows-Defrag) (EventID: 264) (User: )
Description: Optimalizátor úložiště nemohl dokončit opakovat operaci trim na Nový svazek (H:), protože: Požadovaná operace není podporována hardwarem, který zálohuje svazek. (0x8900002A)

Error: (11/20/2025 03:28:04 AM) (Source: Microsoft-Windows-Defrag) (EventID: 264) (User: )
Description: Optimalizátor úložiště nemohl dokončit opakovat operaci trim na (G:), protože: Požadovaná operace není podporována hardwarem, který zálohuje svazek. (0x8900002A)


System errors:
=============
Error: (11/26/2025 04:14:49 AM) (Source: Microsoft-Windows-WindowsUpdateClient) (EventID: 20) (User: NT AUTHORITY)
Description: Instalace se nezdařila: Instalování následující aktualizace se nezdařilo z důvodu chyby (0x80073d02): 9WZDNCRD29V9-MICROSOFT.MICROSOFTOFFICEHUB.

Error: (11/24/2025 09:01:07 PM) (Source: Microsoft-Windows-WindowsUpdateClient) (EventID: 20) (User: NT AUTHORITY)
Description: Instalace se nezdařila: Instalování následující aktualizace se nezdařilo z důvodu chyby (0x80073d02): 9WZDNCRD29V9-MICROSOFT.MICROSOFTOFFICEHUB.

Error: (11/24/2025 04:55:02 PM) (Source: disk) (EventID: 7) (User: )
Description: Zařízení \Device\Harddisk5\DR17 má chybný blok.

Error: (11/24/2025 04:54:58 PM) (Source: disk) (EventID: 7) (User: )
Description: Zařízení \Device\Harddisk5\DR17 má chybný blok.

Error: (11/24/2025 04:48:22 PM) (Source: Virtual Disk Service) (EventID: 10) (User: )
Description: Během operace čištění se službě VDS nezdařilo na disk zapsat spouštěcí kód. Kód chyby: 80070015@02070008

Error: (11/24/2025 04:48:00 PM) (Source: Virtual Disk Service) (EventID: 10) (User: )
Description: Během operace čištění se službě VDS nezdařilo na disk zapsat spouštěcí kód. Kód chyby: 80070015@02070008

Error: (11/23/2025 09:46:55 PM) (Source: Microsoft-Windows-FilterManager) (EventID: 3) (User: NT AUTHORITY)
Description: Připojení správce filtrů ke svazku \Device\HarddiskVolume23 se nezdařilo. Tento svazek nebude až do restartování k dispozici pro filtrování. Konečný stav: 0xc03a001c.

Error: (11/23/2025 09:10:57 PM) (Source: Microsoft-Windows-FilterManager) (EventID: 3) (User: NT AUTHORITY)
Description: Připojení správce filtrů ke svazku \Device\HarddiskVolume20 se nezdařilo. Tento svazek nebude až do restartování k dispozici pro filtrování. Konečný stav: 0xc03a001c.


Windows Defender:
================
Date: 2025-11-26 01:31:48
Description:
Antivirová ochrana v programu Microsoft Defender šċąή ħаѕ ъёёи ѕťθрρёð ьеƒθяė ĉõмρļěťīθή.%ŋ %тŜċăи ΪÐ:%в{2B923BC2-F5E8-452E-8615-EC1E24FF4D95}%й %ťŠ¢ąņ Ťŷрέ:%ьAntimalwarový program%й %ţŚćдл Ρдгâmεтзřš:%вRychlé prohledávání%й %ŧŪšёг:%вNT AUTHORITY\SYSTEM%и %ŧŚтθр Ŗēαŝøŋ:%ъŠčђёďûľзδ śćªŋ шâš şќïрφėð ьє¢аűšέ ŧħë ŀåşŧ śцčċεśšƒцļ ѕčαη щăś ώίŧнΐп ťћз ļąšт 7 ďдỳş

Date: 2025-11-25 01:55:01
Description:
Antivirová ochrana v programu Microsoft Defender šċąή ħаѕ ъёёи ѕťθрρёð ьеƒθяė ĉõмρļěťīθή.%ŋ %тŜċăи ΪÐ:%в{E3D095F1-9D96-4649-A1FD-F111B90B1F87}%й %ťŠ¢ąņ Ťŷрέ:%ьAntimalwarový program%й %ţŚćдл Ρдгâmεтзřš:%вRychlé prohledávání%й %ŧŪšёг:%вNT AUTHORITY\SYSTEM%и %ŧŚтθр Ŗēαŝøŋ:%ъŠčђёďûľзδ śćªŋ шâš şќïрφėð ьє¢аűšέ ŧħë ŀåşŧ śцčċεśšƒцļ ѕčαη щăś ώίŧнΐп ťћз ļąšт 7 ďдỳş

Date: 2025-11-24 02:06:03
Description:
Antivirová ochrana v programu Microsoft Defender šċąή ħаѕ ъёёи ѕťθрρёð ьеƒθяė ĉõмρļěťīθή.%ŋ %тŜċăи ΪÐ:%в{A9ED4136-C752-4FAB-8F02-E7F719511482}%й %ťŠ¢ąņ Ťŷрέ:%ьAntimalwarový program%й %ţŚćдл Ρдгâmεтзřš:%вRychlé prohledávání%й %ŧŪšёг:%вNT AUTHORITY\SYSTEM%и %ŧŚтθр Ŗēαŝøŋ:%ъŠčђёďûľзδ śćªŋ шâš şќïрφėð ьє¢аűšέ ŧħë ŀåşŧ śцčċεśšƒцļ ѕčαη щăś ώίŧнΐп ťћз ļąšт 7 ďдỳş

Date: 2025-11-23 23:22:12
Description:
Antivirová ochrana v programu Microsoft Defender zjistil malware nebo jiný potenciálně nežádoucí software.
Další informace:
https://go.microsoft.com/fwlink/?linkid ... terprise=0
Název: PUA:Win32/Vigua.A
Závažnost: Nízké
Kategorie: Potenciálně nežádoucí software
Cesta: file:_H:\Stažené soubory C\TechSmith Snagit v2023.0.2 Build 24665 (x64)\TechSmithSnagit2023.0.2Build24665x64.exe
Původ detekce: Místní počítač
Typ detekce: FastPath
Zdroj detekce: Ochrana v reálném čase
Uživatel: DESKTOP-V512I58\hp
Název procesu: C:\Windows\explorer.exe
Verze bezpečnostních informací: AV: 1.441.432.0, AS: 1.441.432.0, NIS: 1.441.432.0
Verze modulu: AM: 1.1.25100.9002, NIS: 1.1.25100.9002

Date: 2025-11-23 19:35:05
Description:
Antivirová ochrana v programu Microsoft Defender zjistil malware nebo jiný potenciálně nežádoucí software.
Další informace:
https://go.microsoft.com/fwlink/?linkid ... terprise=0
Název: PUA:Win32/Packunwan
Závažnost: Nízké
Kategorie: Potenciálně nežádoucí software
Cesta: file:_\Device\HarddiskVolumeShadowCopy8\Users\hp\AppData\Local\Turbo.net\Sandbox\Wondershare Filmora 11\11.5.7\local\modified\@APPDATALOCAL@\Wondershare\Wondershare Filmora\11.5.9.579\FFWsRegister.dll
Původ detekce: Neznámý
Typ detekce: Konkrétní
Zdroj detekce: Ochrana v reálném čase
Uživatel: NT AUTHORITY\SYSTEM
Název procesu: C:\Windows\System32\svchost.exe
Verze bezpečnostních informací: AV: 1.441.432.0, AS: 1.441.432.0, NIS: 1.441.432.0
Verze modulu: AM: 1.1.25100.9002, NIS: 1.1.25100.9002
Event[0]:

Date: 2025-10-05 22:27:03
Description:
Antivirová ochrana v programu Microsoft Defender narazil na kritickou chybu při provádění akce s malwarem nebo jiným potenciálně nežádoucím softwarem.
Další informace:
https://go.microsoft.com/fwlink/?linkid ... terprise=0
Název: HackTool:Win32/AutoKMS!pz
Závažnost: Vysoké
Kategorie: Nástroj
Cesta: file:_H:\Software\Microsoft Office 2010 Professional Plus CZ 64bit\Aktivace\Office 2010 Toolkit.exe
Původ detekce: Místní počítač
Typ detekce: Konkrétní
Zdroj detekce: Ochrana v reálném čase
Uživatel: NT AUTHORITY\SYSTEM
Název procesu: C:\Users\hp\AppData\Local\ESET\ESETOnlineScanner\ESETOnlineScanner.exe
Akce: Karanténa
Stav akce: No additional actions required
Kód chyby: 0x80070013
Popis chyby: Médium je chráněno proti zápisu.
Verze bezpečnostních informací: AV: 1.437.328.0, AS: 1.437.328.0, NIS: 1.437.328.0
Verze modulu: AM: 1.1.25080.5, NIS: 1.1.25080.5

Date: 2025-10-05 22:26:43
Description:
Antivirová ochrana v programu Microsoft Defender narazil na kritickou chybu při provádění akce s malwarem nebo jiným potenciálně nežádoucím softwarem.
Další informace:
https://go.microsoft.com/fwlink/?linkid ... terprise=0
Název: HackTool:Win32/Keygen
Závažnost: Vysoké
Kategorie: Nástroj
Cesta: file:_H:\Software\AnyMP4 Video Converter Ultimate\8.5.20\Patch\Patch.exe
Původ detekce: Místní počítač
Typ detekce: Konkrétní
Zdroj detekce: Ochrana v reálném čase
Uživatel: NT AUTHORITY\SYSTEM
Název procesu: C:\Users\hp\AppData\Local\ESET\ESETOnlineScanner\ESETOnlineScanner.exe
Akce: Karanténa
Stav akce: No additional actions required
Kód chyby: 0x80070013
Popis chyby: Médium je chráněno proti zápisu.
Verze bezpečnostních informací: AV: 1.437.328.0, AS: 1.437.328.0, NIS: 1.437.328.0
Verze modulu: AM: 1.1.25080.5, NIS: 1.1.25080.5

Date: 2025-10-04 10:01:11
Description:
Antivirová ochrana v programu Microsoft Defender narazil na kritickou chybu při provádění akce s malwarem nebo jiným potenciálně nežádoucím softwarem.
Další informace:
https://go.microsoft.com/fwlink/?linkid ... terprise=0
Název: HackTool:Win32/Keygen
Závažnost: Vysoké
Kategorie: Nástroj
Cesta: containerfile:_F:\SOFTWARE Z E\Infix PDF Editor Pro v7.6.6 Multilingual Portable.7z; containerfile:_F:\SOFTWARE Z E\Infix PDF Editor Pro v7.6.6 Multilingual Portable\Infix PDF Editor Pro v7.6.6 Multilingual Portable\Infix.7.6.6.Portable.rar; containerfile:_F:\SOFTWARE\IncrediMail 6.29 build 5036 CZ Premium\Incredimail 6.29_5036 + čeština.rar; containerfile:_F:\SOFTWARE\Infix PDF Editor Pro v7.6.6 Multilingual Portable\Infix PDF Editor Pro v7.6.6 Multilingual Portable\Infix.7.6.6.Portable.rar; file:_F:\SOFTWARE Z E\Infix PDF Editor Pro v7.6.6 Multilingual Portable.7z->Infix PDF Editor Pro v7.6.6 Multilingual Portable/Infix.7.6.6.Portable.rar->App\ProgramFiles\infix.pro.pdf.editor.7.xx-patch.exe; file:_F:\SOFTWARE Z E\Infix PDF Editor Pro v7.6.6 Multilingual Portable\Infix PDF Editor Pro v7.6.6 Multilingual Portable\Infix.7.6.6.Portable.rar->App\ProgramFiles\infix.pro.pdf.editor.7.xx-patch.exe; file:_F:\SOFTWARE Z E\uTorrent Pro 3.5.5 Build 45311 [CRACK]\uTorrent Pro 3.5.5 Build 45311 [CRACK]\Pro.rar; file:_F:
Původ detekce: Místní počítač
Typ detekce: Konkrétní
Zdroj detekce: Uživatel
Uživatel: DESKTOP-V512I58\hp
Název procesu: Unknown
Akce: Karanténa
Stav akce: No additional actions required
Kód chyby: 0x80070013
Popis chyby: Médium je chráněno proti zápisu.
Verze bezpečnostních informací: AV: 1.437.307.0, AS: 1.437.307.0, NIS: 1.437.307.0
Verze modulu: AM: 1.1.25080.5, NIS: 1.1.25080.5

Date: 2025-10-04 09:45:55
Description:
Antivirová ochrana v programu Microsoft Defender narazil na kritickou chybu při provádění akce s malwarem nebo jiným potenciálně nežádoucím softwarem.
Další informace:
https://go.microsoft.com/fwlink/?linkid ... terprise=0
Název: HackTool:Win32/AutoKMS!pz
Závažnost: Vysoké
Kategorie: Nástroj
Cesta: containerfile:_F:\SOFTWARE\Microsoft Office 2010 Professional Plus CZ 64bit.rar; containerfile:_I:\SOFTWARE\Soft2025 flash\Microsoft Office 2010 Professional Plus CZ 64bit.rar; file:_F:\SOFTWARE Z E\Microsoft Office 2010 Professional Plus CZ 64bit\Aktivace\Office 2010 Toolkit.exe; file:_F:\SOFTWARE Z E\Office 2010 Toolkit.exe; file:_F:\SOFTWARE\Microsoft Office 2010 Professional Plus CZ 64bit.rar->Microsoft Office 2010 Professional Plus CZ 64bit\Aktivace\Office 2010 Toolkit.exe; file:_F:\SOFTWARE\Microsoft Office 2010 Professional Plus CZ 64bit\Aktivace\Office 2010 Toolkit.exe; file:_F:\SOFTWARE\MS OFFICE\Microsoft Office 2010 Professional Plus CZ 64bit\Aktivace\Office 2010 Toolkit.exe; file:_F:\SOFTWARE\Office 2010 Toolkit.exe; file:_H:\Software\Microsoft Office 2010 Professional Plus CZ 64bit\Aktivace\Office 2010 Toolkit.exe; file:_I:\SOFTWARE\Microsoft Office 2013 Professional Plus CZ x86\Microsoft Toolkit stable 2.4.1\Microsoft Toolkit.exe; file:_I:\SOFTWARE\Soft2025 flash\Microsoft Office 2010 Professio
Původ detekce: Místní počítač
Typ detekce: Konkrétní
Zdroj detekce: Uživatel
Uživatel: DESKTOP-V512I58\hp
Název procesu: Unknown
Akce: Karanténa
Stav akce: No additional actions required
Kód chyby: 0x80070013
Popis chyby: Médium je chráněno proti zápisu.
Verze bezpečnostních informací: AV: 1.437.307.0, AS: 1.437.307.0, NIS: 1.437.307.0
Verze modulu: AM: 1.1.25080.5, NIS: 1.1.25080.5

CodeIntegrity:
===============
Date: 2025-08-30 13:15:39
Description:
Code Integrity determined that a process (\Device\HarddiskVolume3\Program Files\Avast Software\Avast\AvastSvc.exe) attempted to load \Device\HarddiskVolume3\Program Files\Microsoft Office\root\vfs\ProgramFilesCommonX64\Microsoft Shared\OFFICE16\MSOXMLMF.DLL that did not meet the Custom 3 / Antimalware signing level requirements.


==================== Memory info ===========================

BIOS: AMI F.26 10/25/2018
Motherboard: HP 82F1
Processor: Intel(R) Core(TM) i5-7400 CPU @ 3.00GHz
Percentage of memory in use: 50%
Total physical RAM: 16312.7 MB
Available physical RAM: 8114.13 MB
Total Virtual: 18744.7 MB
Available Virtual: 7460.05 MB

==================== Drives ================================

Drive c: () (Fixed) (Total:476.26 GB) (Free:222.37 GB) (Model: SAMSUNG MZ7LN512HAJQ-00000) NTFS
Drive d: (Fotky Jana) (CDROM) (Total:0.14 GB) (Free:0 GB) CDFS
Drive e: () (Fixed) (Total:931.51 GB) (Free:54.12 GB) (Model: ST1000VN002-2EY102) NTFS
Drive f: (Elements) (Fixed) (Total:4657.49 GB) (Free:53.29 GB) (Model: WD Elements 2620 USB Device) NTFS
Drive g: () (Fixed) (Total:1862.89 GB) (Free:1725.14 GB) (Model: ADATA HD650 SCSI Disk Device) NTFS
Drive h: (Nový svazek) (Fixed) (Total:111.77 GB) (Free:61.78 GB) (Model: USB3.0 high speed USB Device) NTFS
Drive i: (Elements) (Fixed) (Total:3725.99 GB) (Free:58.55 GB) (Model: WD Elements 2621 USB Device) NTFS

\\?\Volume{f2416c34-388e-4f75-861c-0515b95dc246}\ () (Fixed) (Total:0.56 GB) (Free:0.08 GB) NTFS
\\?\Volume{45bb97ba-9d7d-435c-8d76-4f7753cbce91}\ () (Fixed) (Total:0.09 GB) (Free:0.07 GB) FAT32

==================== MBR & Partition Table ====================

==========================================================
Disk: 0 (Size: 476.9 GB) (Disk ID: DE247BC7)

Partition: GPT.

==========================================================
Disk: 1 (Size: 931.5 GB) (Disk ID: 1273DDBF)
Partition 1: (Not Active) - (Size=931.5 GB) - (Type=07 NTFS)

==========================================================
Disk: 2 (Size: 4657.5 GB) (Disk ID: 16F2A91F)

Partition: GPT.

==========================================================
Disk: 3 (Size: 3726 GB) (Disk ID: 16F2A91F)

Partition: GPT.

==========================================================
Disk: 4 (Size: 1863 GB) (Disk ID: 2AE809C7)

Partition: GPT.

==========================================================
Disk: 6 (Protective MBR) (Size: 111.8 GB) (Disk ID: 00000000)

Partition: GPT.

==================== End of Addition.txt =======================
Nahoru
Uživatelský avatar
Rudy
Site Admin
Site Admin
Příspěvky: 119650
Registrován: 30 říj 2003 13:42
Bydliště: Plzeň
Kontaktovat uživatele:
Kontaktovat uživatele Rudy

Re: nestandardně se chová myš

#2 Příspěvek od Rudy »

Zdravím!
Určitě by nebylo od věci vyzkoušet jinou myš. Proč jste tu bluetooth myš alespoň na zkoušku nevypnul? Pamatuji i na virtus, který takto s myší hýbal. Jinak spusťte tuto utilitu:
Ulozte na plochu AdwCleaner https://malwarebytes.com/adwcleaner/ nebo http://www.bleepingcomputer.com/download/adwcleaner/

ukoncete vsechny programy
odsouhlaste licencni podmiky (EULA) klikem na Souhlasim
kliknete pravym na ikonu AdwCleaneru a vyberte Spustit jako spravce (v pripade Win XP spustte obycejne dvojklikem)
kliknete na Skenovat nyni (Scan now), pote na Cisteni a opravy (Clean and Repair)
po restartu na Vas vyskoci log (pripadne jej najdete v C:\AdwCleaner\Logs\AdwCleaner[Cxx].txt), jehoz obsah zkopirujte do pristi odpovedi
Dotazy a logy vkládejte pouze do vašich threadů. Soukromé zprávy, icq a e-maily neslouží k řešení vašich problémů.

Podpořte, prosím, naše fórum : https://platba.viry.cz/payment/.

Navštivte: Obrázek

e-mail: rudy(zavináč)forum.viry.cz

Varování: Před odvirováním PC si udělejte zálohy svých důležitých dat (pošta, kontakty, dokumenty, fotografie, videa, hudba apod.). Virus mimo svých "viditelných" aktivit může poškodit systém!


Po dořešení vašeho problému bude vlákno zamknuto. Stejně tak tehdy, pokud bude nečinné více než 14dnů. Pokud budete chtít vlákno aktivovat, napište mi na mail uvedený výše.
Nahoru
jarda.otta
Návštěvník
Návštěvník
Příspěvky: 538
Registrován: 25 bře 2005 21:21

Re: nestandardně se chová myš

#3 Příspěvek od jarda.otta »

# -------------------------------
# Malwarebytes AdwCleaner 8.6.0.613
# -------------------------------
# Build: 08-19-2025
# Database: 2025-08-19.3 (Local)
# Support: https://www.malwarebytes.com/support
#
# -------------------------------
# Mode: Scan
# -------------------------------
# Start: 11-27-2025
# Duration: 00:00:15
# OS: Windows 10 (Build 19045.6575)
# Scanned: 32083
# Detected: 0


***** [ Services ] *****

No malicious services found.

***** [ Folders ] *****

No malicious folders found.

***** [ Files ] *****

No malicious files found.

***** [ DLL ] *****

No malicious DLLs found.

***** [ WMI ] *****

No malicious WMI found.

***** [ Shortcuts ] *****

No malicious shortcuts found.

***** [ Tasks ] *****

No malicious tasks found.

***** [ Registry ] *****

No malicious registry entries found.

***** [ Chromium (and derivatives) ] *****

No malicious Chromium entries found.

***** [ Chromium URLs ] *****

No malicious Chromium URLs found.

***** [ Firefox (and derivatives) ] *****

No malicious Firefox entries found.

***** [ Firefox URLs ] *****

No malicious Firefox URLs found.

***** [ Hosts File Entries ] *****

No malicious hosts file entries found.

***** [ Preinstalled Software ] *****

No Preinstalled Software found.


AdwCleaner[S00].txt - [1840 octets] - [19/11/2024 11:17:46]
AdwCleaner[C00].txt - [1954 octets] - [19/11/2024 11:18:42]
AdwCleaner[S01].txt - [1542 octets] - [28/11/2024 16:09:58]
AdwCleaner[S02].txt - [1603 octets] - [07/12/2024 10:17:23]
AdwCleaner[S03].txt - [1664 octets] - [09/12/2024 02:31:51]
AdwCleaner[S04].txt - [1725 octets] - [20/12/2024 20:29:17]
AdwCleaner[S05].txt - [1786 octets] - [20/12/2024 20:35:41]
AdwCleaner[S06].txt - [1847 octets] - [20/12/2024 20:38:52]
AdwCleaner[S07].txt - [1908 octets] - [20/12/2024 20:49:18]
AdwCleaner[S08].txt - [2033 octets] - [19/02/2025 01:08:45]
AdwCleaner[C08].txt - [2234 octets] - [19/02/2025 01:17:23]
AdwCleaner[S09].txt - [2155 octets] - [19/02/2025 01:20:54]
AdwCleaner[C09].txt - [2356 octets] - [19/02/2025 01:21:39]
AdwCleaner[S10].txt - [2213 octets] - [25/02/2025 02:19:33]
AdwCleaner[S11].txt - [2274 octets] - [27/02/2025 00:07:45]
AdwCleaner[S12].txt - [2335 octets] - [06/03/2025 00:58:42]
AdwCleaner[S13].txt - [2398 octets] - [12/03/2025 00:19:43]
AdwCleaner[S14].txt - [2517 octets] - [09/08/2025 22:54:51]
AdwCleaner[C14].txt - [2687 octets] - [09/08/2025 22:57:28]
AdwCleaner[S15].txt - [2581 octets] - [11/08/2025 10:34:46]
AdwCleaner[S16].txt - [2642 octets] - [16/08/2025 01:38:24]
AdwCleaner[S17].txt - [2703 octets] - [16/08/2025 01:38:40]
AdwCleaner[S18].txt - [2764 octets] - [16/08/2025 08:44:39]
AdwCleaner[S19].txt - [2825 octets] - [24/08/2025 15:18:02]
AdwCleaner[S20].txt - [2886 octets] - [01/10/2025 10:39:04]
AdwCleaner[S21].txt - [2947 octets] - [03/10/2025 11:19:31]
AdwCleaner[S22].txt - [3008 octets] - [03/10/2025 11:19:48]
AdwCleaner[S23].txt - [3069 octets] - [09/10/2025 01:40:44]
AdwCleaner[S24].txt - [3130 octets] - [14/10/2025 00:07:44]

########## EOF - C:\AdwCleaner\Logs\AdwCleaner[S25].txt ##########
Nahoru
Uživatelský avatar
Rudy
Site Admin
Site Admin
Příspěvky: 119650
Registrován: 30 říj 2003 13:42
Bydliště: Plzeň
Kontaktovat uživatele:
Kontaktovat uživatele Rudy

Re: nestandardně se chová myš

#4 Příspěvek od Rudy »

Toto je OK. Otevřte poznámkový blok a zkopírujte do něj:
Start

CloseProcesses:
C:\Program Files\Bonjour
HKLM\SYSTEM\...\Terminal Server: [fDenyTSConnections] = 0 <==== ATTENTION
HKLM\SOFTWARE\Policies\Mozilla\Firefox: Restriction <==== ATTENTION
HKU\S-1-5-21-4110395000-121095619-2023355872-1001\SOFTWARE\Policies\Microsoft\Edge: Restriction <==== ATTENTION
Task: {BEC08388-EB31-472C-8A2C-552501FD5BA0} - System32\Tasks\CCleaner Update => C:\Program Files\CCleaner\CCUpdate.exe (No File)
C:\DumpStack.log.tmp
CustomCLSID: HKU\S-1-5-21-4110395000-121095619-2023355872-1001_Classes\CLSID\{19230D16-6A9E-A74A-926A-B707B3576E0A}\InprocServer32 -> C:\Program Files (x86)\Common Files\System\ole32.dll => No File
CustomCLSID: HKU\S-1-5-21-4110395000-121095619-2023355872-1001_Classes\CLSID\{72F6A03F-7B17-4E65-AE37-666FC9024FA2}\InprocServer32 -> C:\ProgramData\AllDup\KuShellExtension64.dll => No File
ContextMenuHandlers6: [Fast Explorer] -> {693BE9C0-BEC3-11D2-B4C1-C33BBD3AD64B} => C:\ProgramData\AllDup\FEShlExt.dll -> No File
ContextMenuHandlers1_S-1-5-21-4110395000-121095619-2023355872-1001: [!!KuShellExtension-{72F6A03F-7B17-4E65-AE37-666FC9024FA2}] -> {72F6A03F-7B17-4E65-AE37-666FC9024FA2} => C:\ProgramData\AllDup\KuShellExtension64.dll -> No File
ContextMenuHandlers2_S-1-5-21-4110395000-121095619-2023355872-1001: [!!KuShellExtension-{72F6A03F-7B17-4E65-AE37-666FC9024FA2}] -> {72F6A03F-7B17-4E65-AE37-666FC9024FA2} => C:\ProgramData\AllDup\KuShellExtension64.dll -> No File
ContextMenuHandlers4_S-1-5-21-4110395000-121095619-2023355872-1001: [!!KuShellExtension-{72F6A03F-7B17-4E65-AE37-666FC9024FA2}] -> {72F6A03F-7B17-4E65-AE37-666FC9024FA2} => C:\ProgramData\AllDup\KuShellExtension64.dll -> No File
ContextMenuHandlers5_S-1-5-21-4110395000-121095619-2023355872-1001: [!!KuShellExtension-{72F6A03F-7B17-4E65-AE37-666FC9024FA2}] -> {72F6A03F-7B17-4E65-AE37-666FC9024FA2} => C:\ProgramData\AllDup\KuShellExtension64.dll -> No File
AlternateDataStreams: C:\ProgramData\TEMP:1AAB2E68 [183]
FirewallRules: [TCP Query User{CAA970FD-8C12-4CDE-BC71-B70A8B10D53A}E:\stažené soubory\filetransfer.exe] => (Block) E:\stažené soubory\filetransfer.exe => No File
FirewallRules: [UDP Query User{F58B0E2D-855F-4EB6-BFA2-7DBF45F9D8F8}E:\stažené soubory\filetransfer.exe] => (Block) E:\stažené soubory\filetransfer.exe => No File
H:\Stažené soubory C\TechSmith Snagit v2023.0.2 Build 24665 (x64)\TechSmithSnagit2023.0.2Build24665x64.exe
_\Device\HarddiskVolumeShadowCopy8\Users\hp\AppData\Local\Turbo.net\Sandbox\Wondershare Filmora 11\11.5.7\local\modified\@APPDATALOCAL@\Wondershare\Wondershare Filmora\11.5.9.579\FFWsRegister.dll
H:\Software\Microsoft Office 2010 Professional Plus CZ 64bit\Aktivace\Office 2010 Toolkit.exe
H:\Software\AnyMP4 Video Converter Ultimate\8.5.20\Patch\Patch.exe
F:\SOFTWARE Z E\Infix PDF Editor Pro v7.6.6 Multilingual Portable.7z; containerfile:_F:\SOFTWARE Z E\Infix PDF Editor Pro v7.6.6 Multilingual Portable\Infix PDF Editor Pro v7.6.6 Multilingual Portable\Infix.7.6.6.Portable.rar; containerfile:_F:\SOFTWARE\IncrediMail 6.29 build 5036 CZ Premium\Incredimail 6.29_5036 + čeština.rar; containerfile:_F:\SOFTWARE\Infix PDF Editor Pro v7.6.6 Multilingual Portable\Infix PDF Editor Pro v7.6.6 Multilingual Portable\Infix.7.6.6.Portable.rar; file:_F:\SOFTWARE Z E\Infix PDF Editor Pro v7.6.6 Multilingual Portable.7z->Infix PDF Editor Pro v7.6.6 Multilingual Portable/Infix.7.6.6.Portable.rar->App\ProgramFiles\infix.pro.pdf.editor.7.xx-patch.exe; file:_F:\SOFTWARE Z E\Infix PDF Editor Pro v7.6.6 Multilingual Portable\Infix PDF Editor Pro v7.6.6 Multilingual Portable\Infix.7.6.6.Portable.rar->App\ProgramFiles\infix.pro.pdf.editor.7.xx-patch.exe; file:_F:\SOFTWARE Z E\uTorrent Pro 3.5.5 Build 45311 [CRACK]\uTorrent Pro 3.5.5 Build 45311 [CRACK]\Pro.rar; file:_F:
F:\SOFTWARE\Microsoft Office 2010 Professional Plus CZ 64bit.rar; containerfile:_I:\SOFTWARE\Soft2025 flash\Microsoft Office 2010 Professional Plus CZ 64bit.rar; file:_F:\SOFTWARE Z E\Microsoft Office 2010 Professional Plus CZ 64bit\Aktivace\Office 2010 Toolkit.exe; file:_F:\SOFTWARE Z E\Office 2010 Toolkit.exe; file:_F:\SOFTWARE\Microsoft Office 2010 Professional Plus CZ 64bit.rar->Microsoft Office 2010 Professional Plus CZ 64bit\Aktivace\Office 2010 Toolkit.exe; file:_F:\SOFTWARE\Microsoft Office 2010 Professional Plus CZ 64bit\Aktivace\Office 2010 Toolkit.exe; file:_F:\SOFTWARE\MS OFFICE\Microsoft Office 2010 Professional Plus CZ 64bit\Aktivace\Office 2010 Toolkit.exe; file:_F:\SOFTWARE\Office 2010 Toolkit.exe; file:_H:\Software\Microsoft Office 2010 Professional Plus CZ 64bit\Aktivace\Office 2010 Toolkit.exe; file:_I:\SOFTWARE\Microsoft Office 2013 Professional Plus CZ x86\Microsoft Toolkit stable 2.4.1\Microsoft Toolkit.exe

EmptyTemp:
Hosts:

End
Uložte na plochu jako fixlist.txt. Spusťte znovu FRST a klikněte na >Fix<. Po skončení akce se objeví log, který sem zkopírujte.
Dotazy a logy vkládejte pouze do vašich threadů. Soukromé zprávy, icq a e-maily neslouží k řešení vašich problémů.

Podpořte, prosím, naše fórum : https://platba.viry.cz/payment/.

Navštivte: Obrázek

e-mail: rudy(zavináč)forum.viry.cz

Varování: Před odvirováním PC si udělejte zálohy svých důležitých dat (pošta, kontakty, dokumenty, fotografie, videa, hudba apod.). Virus mimo svých "viditelných" aktivit může poškodit systém!


Po dořešení vašeho problému bude vlákno zamknuto. Stejně tak tehdy, pokud bude nečinné více než 14dnů. Pokud budete chtít vlákno aktivovat, napište mi na mail uvedený výše.
Nahoru
jarda.otta
Návštěvník
Návštěvník
Příspěvky: 538
Registrován: 25 bře 2005 21:21

Re: nestandardně se chová myš

#5 Příspěvek od jarda.otta »

Fix result of Farbar Recovery Scan Tool (x64) Version: 20-11-2025
Ran by hp (27-11-2025 18:21:19) Run:5
Running from C:\Users\hp\Desktop
Loaded Profiles: hp
Boot Mode: Normal
==============================================

fixlist content:
*****************
Start

ZavřítProcesy:
C:\Program Files\Bonjour
HKLM\SYSTEM\...\Terminálový server: [fDenyTSConnections] = 0 <==== POZOR
HKLM\SOFTWARE\Policies\Mozilla\Firefox: Omezení <==== POZOR
HKU\S-1-5-21-4110395000-121095619-2023355872-1001\SOFTWARE\Policies\Microsoft\Edge: Omezení <==== POZOR
Úkol: {BEC08388-EB31-472C-8A2C-552501FD5BA0} - System32\Tasks\CCleaner Update => C:\Program Files\CCleaner\CCUpdate.exe (Žádný soubor)
C:\DumpStack.log.tmp
Vlastní identifikátor CLS: HKU\S-1-5-21-4110395000-121095619-2023355872-1001_Classes\CLSID\{19230D16-6A9E-A74A-926A-B707B3576E0A}\InprocServer32 -> C:\Program Files (x86)\Common Files\System\ole32.dll => Žádný soubor
Vlastní identifikátor CLSID: HKU\S-1-5-21-4110395000-121095619-2023355872-1001_Classes\CLSID\{72F6A03F-7B17-4E65-AE37-666FC9024FA2}\InprocServer32 -> C:\ProgramData\AllDup\KuShellExtension64.dll => Žádný soubor
ContextMenuHandlers6: [Rychlý průzkumník] -> {693BE9C0-BEC3-11D2-B4C1-C33BBD3AD64B} => C:\ProgramData\AllDup\FEShlExt.dll -> Žádný soubor
ContextMenuHandlers1_S-1-5-21-4110395000-121095619-2023355872-1001: [!!KuShellExtension-{72F6A03F-7B17-4E65-AE37-666FC}902 {72F6A03F-7B17-4E65-AE37-666FC9024FA2} => C:\ProgramData\AllDup\KuShellExtension64.dll -> Žádný soubor
ContextMenuHandlers2_S-1-5-21-4110395000-121095619-2023355872-1001: [!!KuShellExtension-{72F6A03F-7B17-4E65-AE37-666FC}902 {72F6A03F-7B17-4E65-AE37-666FC9024FA2} => C:\ProgramData\AllDup\KuShellExtension64.dll -> Žádný soubor
ContextMenuHandlers4_S-1-5-21-4110395000-121095619-2023355872-1001: [!!KuShellExtension-{72F6A03F-7B17-4E65-AE37-666FC}902 {72F6A03F-7B17-4E65-AE37-666FC9024FA2} => C:\ProgramData\AllDup\KuShellExtension64.dll -> Žádný soubor
ContextMenuHandlers5_S-1-5-21-4110395000-121095619-2023355872-1001: [!!KuShellExtension-{72F6A03F-7B17-4E65-AE37-666FC}902 {72F6A03F-7B17-4E65-AE37-666FC9024FA2} => C:\ProgramData\AllDup\KuShellExtension64.dll -> Žádný soubor
Alternativní datové proudy: C:\ProgramData\TEMP:1AAB2E68 [183]
FirewallRules: [TCP Query User{CAA970FD-8C12-4CDE-BC71-B70A8B10D53A}E:\stažené soubory\filetransfer.exe] => (Block) E:\stažené soubory\filetransfer.exe => No File
FirewallRules: [UDP Query User{F58B0E2D-855F-4EB6-BFA2-7DBF45F9D8F8}E:\stažené soubory\filetransfer.exe] => (Block) E:\stažené soubory\filetransfer.exe => No File
H:\Stažené soubory C\TechSmith Snagit v2023.0.2 Build 24665 (x64)\TechSmithSnagit2023.0.2Build24665x64.exe
_\Zařízení\HarddiskVolumeShadowCopy8\Uživatelé\hp\AppData\Local\Turbo.net\Sandbox\Wondershare Filmora 11\11.5.7\local\modified\@APPDATALOCAL@\Wondershare\Wondershare Filmora\11.5.9.579\FFWsRegister.dll
H:\Software\Microsoft Office 2010 Professional Plus CZ 64bit\Aktivace\Office 2010 Toolkit.exe
H:\Software\AnyMP4 Video Converter Ultimate\8.5.20\Patch\Patch.exe
F:\SOFTWARE ZE\Infix PDF Editor Pro v7.6.6 Vícejazyčný přenosný.7z; soubor kontejneru:_F:\SOFTWARE ZE\Infix PDF Editor Pro v7.6.6 Vícejazyčný přenosný\Infix PDF Editor Pro v7.6.6 Vícejazyčný přenosný\Infix.7.6.6.Portable.rar; soubor kontejneru:_F:\SOFTWARE\IncrediMail 6.29 build 5036 CZ Premium\Incredimail 6.29_5036 + čeština.rar; soubor kontejneru:_F:\SOFTWARE\Infix PDF Editor Pro v7.6.6 Vícejazyčný přenosný\Infix PDF Editor Pro v7.6.6 Vícejazyčný přenosný\Infix.7.6.6.Portable.rar; soubor:_F:\SOFTWARE ZE\Infix PDF Editor Pro v7.6.6 Vícejazyčný přenosný.7z->Infix PDF Editor Pro v7.6.6 Vícejazyčný přenosný/Infix.7.6.6.Portable.rar->App\ProgramFiles\infix.pro.pdf.editor.7.xx-patch.exe; soubor:_F:\SOFTWARE ZE\Infix PDF Editor Pro v7.6.6 Vícejazyčný přenosný\Infix PDF Editor Pro v7.6.6 Vícejazyčný přenosný\Infix.7.6.6.Portable.rar->App\ProgramFiles\infix.pro.pdf.editor.7.xx-patch.exe; soubor:_F:\SOFTWARE ZE\uTorrent Pro 3.5.5 Build 45311 [CRACK]\uTorrent Pro 3.5.5 Build 45311 [CRACK]\Pro.rar; soubor:_F:
F:\SOFTWARE\Microsoft Office 2010 Professional Plus CZ 64bit.rar; kontejner_soubor:_I:\SOFTWARE\Soft2025 flash\Microsoft Office 2010 Professional Plus CZ 64bit.rar; soubor:_F:\SOFTWARE ZE\Microsoft Office 2010 Professional Plus CZ 64bit\Aktivace\Office 2010 Toolkit.exe; soubor:_F:\SOFTWARE ZE\Office 2010 Toolkit.exe; soubor:_F:\SOFTWARE\Microsoft Office 2010 Professional Plus CZ 64bit.rar->Microsoft Office 2010 Professional Plus CZ 64bit\Aktivace\Office 2010 Toolkit.exe; soubor:_F:\SOFTWARE\Microsoft Office 2010 Professional Plus CZ 64bit\Aktivace\Office 2010 Toolkit.exe; soubor:_F:\SOFTWARE\MS OFFICE\Microsoft Office 2010 Professional Plus CZ 64bit\Aktivace\Office 2010 Toolkit.exe; soubor:_F:\SOFTWARE\Office 2010 Toolkit.exe; soubor:_H:\Software\Microsoft Office 2010 Professional Plus CZ 64bit\Aktivace\Office 2010 Toolkit.exe; soubor:_I:\SOFTWARE\Microsoft Office 2013 Professional Plus CZ x86\Microsoft Toolkit stable 2.4.1\Microsoft Toolkit.exe

Prázdná teplota:
Hostitelé:

Konec
*****************

ZavřítProcesy: => Error: No automatic fix found for this entry.

"C:\Program Files\Bonjour" Folder move:

C:\Program Files\Bonjour => moved successfully
HKLM\SYSTEM\...\Terminálový server: [fDenyTSConnections] = 0 <==== POZOR => Error: No automatic fix found for this entry.
HKLM\SOFTWARE\Policies\Mozilla => removed successfully
HKU\S-1-5-21-4110395000-121095619-2023355872-1001\SOFTWARE\Policies\Microsoft\Edge => removed successfully
Úkol: {BEC08388-EB31-472C-8A2C-552501FD5BA0} - System32\Tasks\CCleaner Update => C:\Program Files\CCleaner\CCUpdate.exe (Žádný soubor) => Error: No automatic fix found for this entry.
Could not move "C:\DumpStack.log.tmp" => Scheduled to move on reboot.
Vlastní identifikátor CLS: HKU\S-1-5-21-4110395000-121095619-2023355872-1001_Classes\CLSID\{19230D16-6A9E-A74A-926A-B707B3576E0A}\InprocServer32 -> C:\Program Files (x86)\Common Files\System\ole32.dll => Žádný soubor => Error: No automatic fix found for this entry.
Vlastní identifikátor CLSID: HKU\S-1-5-21-4110395000-121095619-2023355872-1001_Classes\CLSID\{72F6A03F-7B17-4E65-AE37-666FC9024FA2}\InprocServer32 -> C:\ProgramData\AllDup\KuShellExtension64.dll => Žádný soubor => Error: No automatic fix found for this entry.
HKLM\Software\Classes\Folder\ShellEx\ContextMenuHandlers\Rychlý průzkumník => not found
HKLM\Software\Classes\CLSID\{693BE9C0-BEC3-11D2-B4C1-C33BBD3AD64B} => removed successfully
"HKU\S-1-5-21-4110395000-121095619-2023355872-1001\Software\Classes\*\ShellEx\ContextMenuHandlers\ContextMenuHandlers1_S-1-5-21-4110395000-121095619-2023355872-1001: [!!KuShellExtension-{72F6A03F-7B17-4E65-AE37-666FC}902 {72F6A03F-7B17-4E65-AE37-666FC9024FA2} => C:\ProgramData\AllDup\KuShellExtension64.dll -> Žádný soubor" => not found
"HKU\S-1-5-21-4110395000-121095619-2023355872-1001\Software\Classes\Drive\ShellEx\ContextMenuHandlers\ContextMenuHandlers2_S-1-5-21-4110395000-121095619-2023355872-1001: [!!KuShellExtension-{72F6A03F-7B17-4E65-AE37-666FC}902 {72F6A03F-7B17-4E65-AE37-666FC9024FA2} => C:\ProgramData\AllDup\KuShellExtension64.dll -> Žádný soubor" => not found
"HKU\S-1-5-21-4110395000-121095619-2023355872-1001\Software\Classes\Directory\ShellEx\ContextMenuHandlers\ContextMenuHandlers4_S-1-5-21-4110395000-121095619-2023355872-1001: [!!KuShellExtension-{72F6A03F-7B17-4E65-AE37-666FC}902 {72F6A03F-7B17-4E65-AE37-666FC9024FA2} => C:\ProgramData\AllDup\KuShellExtension64.dll -> Žádný soubor" => not found
"HKU\S-1-5-21-4110395000-121095619-2023355872-1001\Software\Classes\Directory\Background\ShellEx\ContextMenuHandlers\ContextMenuHandlers5_S-1-5-21-4110395000-121095619-2023355872-1001: [!!KuShellExtension-{72F6A03F-7B17-4E65-AE37-666FC}902 {72F6A03F-7B17-4E65-AE37-666FC9024FA2} => C:\ProgramData\AllDup\KuShellExtension64.dll -> Žádný soubor" => not found
Alternativní datové proudy: C:\ProgramData\TEMP:1AAB2E68 [183] => Error: No automatic fix found for this entry.
"HKLM\SYSTEM\CurrentControlSet\services\SharedAccess\Parameters\FirewallPolicy\FirewallRules\\TCP Query User{CAA970FD-8C12-4CDE-BC71-B70A8B10D53A}E:\stažené soubory\filetransfer.exe" => removed successfully
"HKLM\SYSTEM\CurrentControlSet\services\SharedAccess\Parameters\FirewallPolicy\FirewallRules\\UDP Query User{F58B0E2D-855F-4EB6-BFA2-7DBF45F9D8F8}E:\stažené soubory\filetransfer.exe" => removed successfully
H:\Stažené soubory C\TechSmith Snagit v2023.0.2 Build 24665 (x64)\TechSmithSnagit2023.0.2Build24665x64.exe => moved successfully
_\Zařízení\HarddiskVolumeShadowCopy8\Uživatelé\hp\AppData\Local\Turbo.net\Sandbox\Wondershare Filmora 11\11.5.7\local\modified\@APPDATALOCAL@\Wondershare\Wondershare Filmora\11.5.9.579\FFWsRegister.dll => Error: No automatic fix found for this entry.
"H:\Software\Microsoft Office 2010 Professional Plus CZ 64bit\Aktivace\Office 2010 Toolkit.exe" => not found
"H:\Software\AnyMP4 Video Converter Ultimate\8.5.20\Patch\Patch.exe" => not found
"F:\SOFTWARE ZE\Infix PDF Editor Pro v7.6.6 Vícejazyčný přenosný.7z; soubor kontejneru:_F:\SOFTWARE ZE\Infix PDF Editor Pro v7.6.6 Vícejazyčný přenosný\Infix PDF Editor Pro v7.6.6 Vícejazyčný přenosný\Infix.7.6.6.Portable.rar; soubor kontejneru:_F:\SOFTWARE\IncrediMail 6.29 build 5036 CZ Premium\Incredimail 6.29_5036 + čeština.rar; soubor kontejneru:_F:\SOFTWARE\Infix PDF Editor Pro v7.6.6 Vícejazyčný přenosný\Infix PDF Editor Pro v7.6.6 Vícejazyčný přenosný\Infix.7.6.6.Portable.rar; soubor:_F:\SOFTWARE ZE\Infix PDF Editor Pro v7.6.6 Vícejazyčný přenosný.7z->Infix PDF Editor Pro v7.6.6 Vícejazyčný přenosný\Infix.7.6.6.Portable.rar->App\ProgramFiles\infix.pro.pdf.editor.7.xx-patch.exe; soubor:_F:\SOFTWARE ZE\Infix PDF Editor Pro v7.6.6 Vícejazyčný přenosný\Infix PDF Editor Pro v7.6.6 Vícejazyčný přenosný\Infix.7.6.6.Portable.rar->App\ProgramFiles\infix.pro.pdf.editor.7.xx-patch.exe; soubor:_F:\SOFTWARE ZE\uTorrent Pro 3.5.5 Build 45311 [CRACK]\uTorrent Pro 3.5.5 Build 45311 [CRACK]\Pro.rar; soubor:_F:" => not found
"F:\SOFTWARE\Microsoft Office 2010 Professional Plus CZ 64bit.rar; kontejner_soubor:_I:\SOFTWARE\Soft2025 flash\Microsoft Office 2010 Professional Plus CZ 64bit.rar; soubor:_F:\SOFTWARE ZE\Microsoft Office 2010 Professional Plus CZ 64bit\Aktivace\Office 2010 Toolkit.exe; soubor:_F:\SOFTWARE ZE\Office 2010 Toolkit.exe; soubor:_F:\SOFTWARE\Microsoft Office 2010 Professional Plus CZ 64bit.rar->Microsoft Office 2010 Professional Plus CZ 64bit\Aktivace\Office 2010 Toolkit.exe; soubor:_F:\SOFTWARE\Microsoft Office 2010 Professional Plus CZ 64bit\Aktivace\Office 2010 Toolkit.exe; soubor:_F:\SOFTWARE\MS OFFICE\Microsoft Office 2010 Professional Plus CZ 64bit\Aktivace\Office 2010 Toolkit.exe; soubor:_F:\SOFTWARE\Office 2010 Toolkit.exe; soubor:_H:\Software\Microsoft Office 2010 Professional Plus CZ 64bit\Aktivace\Office 2010 Toolkit.exe; soubor:_I:\SOFTWARE\Microsoft Office 2013 Professional Plus CZ x86\Microsoft Toolkit stable 2.4.1\Microsoft Toolkit.exe" => not found
Prázdná teplota: => Error: No automatic fix found for this entry.
Hostitelé: => Error: No automatic fix found for this entry.
Konec => Error: No automatic fix found for this entry.

Result of scheduled files to move (Boot Mode: Normal) (Date&Time: 27-11-2025 18:24:32)

C:\DumpStack.log.tmp => Could not move

==== End of Fixlog 18:24:32 ====
Nahoru
Uživatelský avatar
Rudy
Site Admin
Site Admin
Příspěvky: 119650
Registrován: 30 říj 2003 13:42
Bydliště: Plzeň
Kontaktovat uživatele:
Kontaktovat uživatele Rudy

Re: nestandardně se chová myš

#6 Příspěvek od Rudy »

OK. Nastasla nějaká změna k lepšímu?
Dotazy a logy vkládejte pouze do vašich threadů. Soukromé zprávy, icq a e-maily neslouží k řešení vašich problémů.

Podpořte, prosím, naše fórum : https://platba.viry.cz/payment/.

Navštivte: Obrázek

e-mail: rudy(zavináč)forum.viry.cz

Varování: Před odvirováním PC si udělejte zálohy svých důležitých dat (pošta, kontakty, dokumenty, fotografie, videa, hudba apod.). Virus mimo svých "viditelných" aktivit může poškodit systém!


Po dořešení vašeho problému bude vlákno zamknuto. Stejně tak tehdy, pokud bude nečinné více než 14dnů. Pokud budete chtít vlákno aktivovat, napište mi na mail uvedený výše.
Nahoru
jarda.otta
Návštěvník
Návštěvník
Příspěvky: 538
Registrován: 25 bře 2005 21:21

Re: nestandardně se chová myš

#7 Příspěvek od jarda.otta »

Ta drátová myš se chová stále stejně i při vypnuté bluetooth myši. Množi při sebemenším tuknutí písmena. Napíšu jedno a jsou tam i tři. Musím neustále umazávat. Vyzkusím nějakou jinou, nebo se pokusím odinstalovat ovlaače a nainstalovat nové. Je divné že to dělá až poslední měsíc. Jinak vám děkuji za pomoc a pošlu příspěvek.
Nahoru
Uživatelský avatar
Rudy
Site Admin
Site Admin
Příspěvky: 119650
Registrován: 30 říj 2003 13:42
Bydliště: Plzeň
Kontaktovat uživatele:
Kontaktovat uživatele Rudy

Re: nestandardně se chová myš

#8 Příspěvek od Rudy »

Myš je elektromechanické zařízení a jako takové je pochopitelně náchylnější ik všelijakým problémům. Vyzkoušejte a uvidíte. Ve své pryxi jsem kromě mech. vady a nalomeného kabelu, neviděl na myši jinou závadu. Jinak děkujeme za příspěvek a dejte vědět, jak jste dopadl. :)
Dotazy a logy vkládejte pouze do vašich threadů. Soukromé zprávy, icq a e-maily neslouží k řešení vašich problémů.

Podpořte, prosím, naše fórum : https://platba.viry.cz/payment/.

Navštivte: Obrázek

e-mail: rudy(zavináč)forum.viry.cz

Varování: Před odvirováním PC si udělejte zálohy svých důležitých dat (pošta, kontakty, dokumenty, fotografie, videa, hudba apod.). Virus mimo svých "viditelných" aktivit může poškodit systém!


Po dořešení vašeho problému bude vlákno zamknuto. Stejně tak tehdy, pokud bude nečinné více než 14dnů. Pokud budete chtít vlákno aktivovat, napište mi na mail uvedený výše.
Nahoru
Odpovědět

Zpět na „Řešení problémů, logy“