VIRY.CZ

Pomáháme v boji s počítačovou havěti!
https://forum.viry.cz:443/

kontrola logu-virus

https://forum.viry.cz:443/viewtopic.php?t=160135

Stránka 1 z 1

kontrola logu-virus

Napsal: 19 lis 2024 17:11
od darkane
Dobrý den, prosím o konrolu logu.
Neustále vyskakující info okna v pravo dole z Firefoxu, že je pc infikován, viru atd.
Zkoušel jsem Malwarebytes a nic.
Děkuji Jarda


Scan result of Farbar Recovery Scan Tool (FRST) (x64) Version: 18-11-2024
Ran by Admin (administrator) on SUBOTNIKOVA (LENOVO 10NS000DMC) (19-11-2024 17:01:03)
Running from C:\Users\Admin\Desktop\FRST64.exe
Loaded Profiles: Admin
Platform: Microsoft Windows 10 Pro Version 22H2 19045.5131 (X64) Language: Čeština (Česko)
Default browser: FF
Boot Mode: Normal

==================== Processes (Whitelisted) =================

(If an entry is included in the fixlist, the process will be closed. The file will not be moved.)

(C:\Program Files\Malwarebytes\Anti-Malware\MBAMService.exe ->) (Malwarebytes Inc. -> ) C:\Program Files\Malwarebytes\Anti-Malware\MBAMCrashHandler.exe
(C:\Program Files\Malwarebytes\Anti-Malware\MBAMService.exe ->) (Malwarebytes Inc. -> Malwarebytes) C:\Program Files\Malwarebytes\Anti-Malware\Malwarebytes.exe
(C:\Program Files\Realtek\Audio\HDA\RtkAudioService64.exe ->) (Realtek Semiconductor Corp. -> Realtek Semiconductor) C:\Program Files\Realtek\Audio\HDA\RAVBg64.exe
(Mozilla Corporation -> Mozilla Corporation) C:\Program Files\Mozilla Firefox\firefox.exe <14>
(services.exe ->) (HP Inc. -> HP Inc.) C:\Program Files\HPPrintScanDoctor\HPPrintScanDoctorService.exe
(services.exe ->) (Intel Corporation -> Intel Corporation) C:\Windows\System32\DriverStore\FileRepository\lms.inf_amd64_a55aa2cd52a3429d\LMS.exe
(services.exe ->) (Logitech Inc -> Logitech, Inc.) C:\Program Files\LGHUB\lghub_updater.exe
(services.exe ->) (Malwarebytes Inc. -> Malwarebytes) C:\Program Files\Malwarebytes\Anti-Malware\MBAMService.exe
(services.exe ->) (Microsoft Corporation -> Microsoft Corporation) C:\Windows\Microsoft.NET\Framework64\v3.0\WPF\PresentationFontCache.exe
(services.exe ->) (Realtek Semiconductor Corp. -> Realtek Semiconductor) C:\Program Files\Realtek\Audio\HDA\RtkAudioService64.exe
(sihost.exe ->) (Microsoft Corporation -> Microsoft Corporation) C:\Program Files\WindowsApps\Microsoft.WindowsCalculator_11.2409.0.0_x64__8wekyb3d8bbwe\CalculatorApp.exe
(svchost.exe ->) (Microsoft Windows -> Microsoft Corporation) C:\Windows\ImmersiveControlPanel\SystemSettings.exe
(svchost.exe ->) (Microsoft Windows -> Microsoft Corporation) C:\Windows\System32\smartscreen.exe

==================== Registry (Whitelisted) ===================

(If an entry is included in the fixlist, the registry item will be restored to default or removed. The file will not be moved.)

HKLM\...\Run: [RTHDVCPL] => C:\Program Files\Realtek\Audio\HDA\RAVCpl64.exe [19677472 2020-06-30] (Realtek Semiconductor Corp. -> Realtek Semiconductor)
HKLM\...\Run: [RtHDVBg_Dolby] => C:\Program Files\Realtek\Audio\HDA\RAVBg64.exe [3618080 2020-06-30] (Realtek Semiconductor Corp. -> Realtek Semiconductor)
HKLM\...\Run: [RtsCM] => C:\Windows\RTSCM64.EXE [210688 2015-10-13] (Realtek Semiconductor Corp -> Realtek Semiconductor Corp.)
HKLM\...\Run: [Logitech Download Assistant] => C:\Windows\system32\rundll32.exe C:\Windows\System32\LogiLDA.dll,LogiFetch [3831808 2021-08-30] (Microsoft Windows Hardware Compatibility Publisher -> Logitech)
HKLM\...\Run: [AdobeAAMUpdater-1.0] => C:\Program Files (x86)\Common Files\Adobe\OOBE\PDApp\UWA\UpdaterStartupUtility.exe [509936 2018-04-11] (Adobe Systems Incorporated -> Adobe Systems Incorporated)
HKLM\...\Run: [AdobeGCInvoker-1.0] => "C:\Program Files (x86)\Common Files\Adobe\AdobeGCClient\AGCInvokerUtility.exe" (No File)
HKLM-x32\...\Run: [Adobe CCXProcess] => C:\Program Files (x86)\Adobe\Adobe Creative Cloud Experience\CCXProcess.exe [129288 2023-12-04] (Adobe Inc. -> )
HKLM-x32\...\Run: [Wondershare Helper Compact.exe] => C:\Program Files (x86)\Common Files\Wondershare\Wondershare Helper Compact\WSHelper.exe [2133728 2017-09-12] (Wondershare Technology Co.,Ltd -> Wondershare)
HKLM\SOFTWARE\Microsoft\Windows Defender: [DisableAntiSpyware] Restriction <==== ATTENTION
HKLM\SOFTWARE\Microsoft\Windows Defender: [DisableAntiVirus] Restriction <==== ATTENTION
HKU\S-1-5-21-3260051251-3003698751-2184876508-1001\...\Run: [Microsoft Edge Update] => C:\Users\Admin\AppData\Local\Microsoft\EdgeUpdate\1.3.195.35\MicrosoftEdgeUpdateCore.exe [268368 2024-11-09] (Microsoft Corporation -> Microsoft Corporation)
HKU\S-1-5-21-3260051251-3003698751-2184876508-1001\...\Run: [MicrosoftEdgeAutoLaunch_5EFC0ECB77A7585FE9DCDD0B2E946A2B] => "C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --no-startup-window --win-session-start [3911248 2024-11-15] (Microsoft Corporation -> Microsoft Corporation)
HKU\S-1-5-21-3260051251-3003698751-2184876508-1001\...\Run: [LGHUB] => C:\Program Files\LGHUB\system_tray\lghub_system_tray.exe [46525336 2024-09-18] (Logitech Inc -> Logitech, Inc.)
HKLM\...\Print\Monitors\Adobe PDF Port Monitor: C:\Windows\system32\AdobePDF.dll [203936 2024-08-23] (Adobe Inc. -> Adobe Systems Inc)

==================== Scheduled Tasks (Whitelisted) =================

(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)

Task: {73AFF84F-BC25-40CE-9741-CC5D41D10C8A} - System32\Tasks\Adobe Acrobat Update Task => C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\AdobeARM.exe [1574856 2024-09-25] (Adobe Inc. -> Adobe Inc.)
Task: {B6266A86-629C-4BB7-9138-4664933983AA} - System32\Tasks\AdobeGCInvoker-1.0 => C:\Program Files (x86)\Common Files\Adobe\AdobeGCClient\AGCInvokerUtility.exe -mode=scheduled (No File)
Task: {4B8FDACC-D932-4A3B-BAF2-40A938330993} - System32\Tasks\Adobe-Genuine-Software-Integrity-Scheduler-1.0 => C:\Program Files (x86)\Common Files\Adobe\AdobeGCClient\AGSService.exe (No File)
Task: {02627AB1-E914-45E9-A7A8-858D01B2FDEC} - System32\Tasks\HP\HP Print Scan Doctor\Printer Health Monitor => C:\Program Files\HPPrintScanDoctor\HPPrinterHealthMonitor.exe [64976 2024-10-16] (HP Inc. -> HP Inc.)
Task: {C95517C4-90F8-4705-B9E1-EB3A8D66B695} - System32\Tasks\HP\HP Print Scan Doctor\Printer Health Monitor Logon => C:\Program Files\HPPrintScanDoctor\HPPrinterHealthMonitor.exe [64976 2024-10-16] (HP Inc. -> HP Inc.)
Task: {9C0F3D65-0FB9-4462-B5C5-76E61A2B22E8} - System32\Tasks\Microsoft\Office\Office 15 Subscription Heartbeat => C:\Program Files\Common Files\Microsoft Shared\Office16\OLicenseHeartbeat.exe [316632 2015-07-31] (Microsoft Corporation -> Microsoft Corporation)
Task: {5676E42E-83BC-4017-B61D-F2569C0E5D42} - System32\Tasks\Microsoft\Office\OfficeTelemetryAgentFallBack2016 => C:\Program Files\Microsoft Office\Office16\msoia.exe [416432 2015-07-31] (Microsoft Corporation -> Microsoft Corporation)
Task: {AE0A42B0-3DE2-470D-959F-F5797ED08086} - System32\Tasks\Microsoft\Office\OfficeTelemetryAgentLogOn2016 => C:\Program Files\Microsoft Office\Office16\msoia.exe [416432 2015-07-31] (Microsoft Corporation -> Microsoft Corporation)
Task: {47517ABE-3A89-4F20-9C0E-412C4085E3FB} - System32\Tasks\MicrosoftEdgeUpdateTaskUserS-1-5-21-3260051251-3003698751-2184876508-1001Core{345A1CD2-8F45-4CFA-9785-0D4EAC18957A} => C:\Users\Admin\AppData\Local\Microsoft\EdgeUpdate\MicrosoftEdgeUpdate.exe [205880 2023-12-01] (Microsoft Corporation -> Microsoft Corporation)
Task: {51836913-F8DB-4088-B56B-1588D612C189} - System32\Tasks\MicrosoftEdgeUpdateTaskUserS-1-5-21-3260051251-3003698751-2184876508-1001UA{152E6660-A07E-4644-B395-8FEB8768CA9A} => C:\Users\Admin\AppData\Local\Microsoft\EdgeUpdate\MicrosoftEdgeUpdate.exe [205880 2023-12-01] (Microsoft Corporation -> Microsoft Corporation)
Task: {6AFA0292-089B-4818-8090-11752BF4A6B0} - System32\Tasks\Mozilla\Firefox Background Update 308046B0AF4A39CB => C:\Program Files\Mozilla Firefox\firefox.exe [671808 2024-11-13] (Mozilla Corporation -> Mozilla Corporation) -> C:\ProgramData\Mozilla-1de4eec8-1241-4177-a864-e594e8d1fb38\updates\308046B0AF4A39CB\--MOZ_LOG sync,prependheader,timestamp,append,maxsize:1,Dump:5 --MOZ_LOG_FILE C:\ProgramData\Mozilla-1de4eec8-1241-4177-a864-e594e8d1fb38\updates\308046B0AF4A39CB\backgroundupdate.moz_log --backgroundtask background (the data entry has 6 more characters).
Task: {F5CE98CF-A801-4C06-8C34-9E0214F21F95} - System32\Tasks\Mozilla\Firefox Background Update S-1-5-21-3260051251-3003698751-2184876508-1001 308046B0AF4A39CB => C:\Program Files\Mozilla Firefox\firefox.exe [671808 2024-11-13] (Mozilla Corporation -> Mozilla Corporation) -> C:\ProgramData\Mozilla-1de4eec8-1241-4177-a864-e594e8d1fb38\updates\308046B0AF4A39CB\--MOZ_LOG sync,prependheader,timestamp,append,maxsize:1,Dump:5 --MOZ_LOG_FILE C:\ProgramData\Mozilla-1de4eec8-1241-4177-a864-e594e8d1fb38\updates\308046B0AF4A39CB\backgroundupdate.moz_log --backgroundtask background (the data entry has 6 more characters).
Task: {97E7813E-6112-4A54-AF6E-2AA755CC1AB0} - System32\Tasks\Mozilla\Firefox Default Browser Agent 308046B0AF4A39CB => C:\Program Files\Mozilla Firefox\default-browser-agent.exe [34368 2024-11-13] (Mozilla Corporation -> Mozilla Foundation)

(If an entry is included in the fixlist, the task (.job) file will be moved. The file which is running by the task will not be moved.)


==================== Internet (Whitelisted) ====================

(If an item is included in the fixlist, if it is a registry item it will be removed or restored to default.)

Hosts: There are more than one entry in Hosts. See Hosts section of Addition.txt
Tcpip\Parameters: [DhcpNameServer] 10.0.1.1 8.8.8.8 1.1.1.1
Tcpip\..\Interfaces\{6b3ac2e9-1049-4fb1-a102-8a589bddfa08}: [DhcpNameServer] 10.0.1.1 8.8.8.8 1.1.1.1

Edge:
=======
Edge DefaultProfile: Default
Edge Profile: C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default [2024-10-13]
Edge Extension: (Dokumenty Google offline) - C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\Extensions\ghbmnnjooekpmoecnnnilnnbdlolhkhi [2024-03-26]
Edge Extension: (Edge relevant text changes) - C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\Extensions\jmjflgjpcpepeafmmgdpfkogkghcpiha [2024-01-24]
Edge HKLM\...\Edge\Extension: [bojobppfploabceghnmlahpoonbcbacn]
Edge HKLM-x32\...\Edge\Extension: [bojobppfploabceghnmlahpoonbcbacn]

FireFox:
========
FF DefaultProfile: wecs4sq7.default
FF ProfilePath: C:\Users\Admin\AppData\Roaming\Mozilla\Firefox\Profiles\wecs4sq7.default [2023-12-01]
FF ProfilePath: C:\Users\Admin\AppData\Roaming\Mozilla\Firefox\Profiles\s82nlhr8.default-release-1720340111013 [2024-11-19]
FF Homepage: Mozilla\Firefox\Profiles\s82nlhr8.default-release-1720340111013 -> hxxps://www.seznam.cz/
FF Notifications: Mozilla\Firefox\Profiles\s82nlhr8.default-release-1720340111013 -> hxxps://www.blancheporte.cz; hxxps://csuange071bc738pvdcg.enhanceconnection.co.in
FF Extension: (Advanced Image Search) - C:\Users\Admin\AppData\Roaming\Mozilla\Firefox\Profiles\s82nlhr8.default-release-1720340111013\Extensions\{9191eef4-82e8-4da5-81a1-dbba6fc650ea}.xpi [2024-07-07]
FF Extension: (Dark Tranquillity Angels) - C:\Users\Admin\AppData\Roaming\Mozilla\Firefox\Profiles\s82nlhr8.default-release-1720340111013\Extensions\{b106e190-78cc-404b-b621-2d37c7769801}.xpi [2024-07-07]
FF HKLM\...\Firefox\Extensions: [web2pdfextension.17@acrobat.adobe.com] - C:\Program Files\Adobe\Acrobat DC\Acrobat\Browser\WCFirefoxExtn\WebExtn\signed_extn\adobe_acrobat-1.0-windows.xpi
FF Extension: (Adobe Acrobat) - C:\Program Files\Adobe\Acrobat DC\Acrobat\Browser\WCFirefoxExtn\WebExtn\signed_extn\adobe_acrobat-1.0-windows.xpi [2021-02-01]
FF HKLM-x32\...\Firefox\Extensions: [web2pdfextension.17@acrobat.adobe.com] - C:\Program Files\Adobe\Acrobat DC\Acrobat\Browser\WCFirefoxExtn\WebExtn\signed_extn\adobe_acrobat-1.0-windows.xpi
FF Plugin: @microsoft.com/SharePoint,version=14.0 -> C:\PROGRA~1\MICROS~2\Office16\NPSPWRAP.DLL [2015-07-31] (Microsoft Corporation -> Microsoft Corporation)
FF Plugin: @videolan.org/vlc,version=3.0.20 -> C:\Program Files\VideoLAN\VLC\npvlc.dll [2023-10-30] (VideoLAN -> VideoLAN)
FF Plugin: Adobe Acrobat -> C:\Program Files\Adobe\Acrobat DC\Acrobat\Air\nppdf32.dll [2024-08-23] (Adobe Inc. -> Adobe Systems Inc.)
FF Plugin-x32: @microsoft.com/Lync,version=15.0 -> C:\Program Files (x86)\Mozilla Firefox\plugins\npmeetingjoinpluginoc.dll [2015-07-31] (Microsoft Corporation -> Microsoft Corporation)
FF Plugin-x32: @microsoft.com/SharePoint,version=14.0 -> C:\PROGRA~2\MICROS~2\Office16\NPSPWRAP.DLL [2015-07-31] (Microsoft Corporation -> Microsoft Corporation)

Chrome:
=======
CHR HKLM\...\Chrome\Extension: [ihcjicgdanjaechkgeegckofjjedodee]
CHR HKU\S-1-5-21-3260051251-3003698751-2184876508-1001\SOFTWARE\Google\Chrome\Extensions\...\Chrome\Extension: [efaidnbmnnnibpcajpcglclefindmkaj]
CHR HKLM-x32\...\Chrome\Extension: [efaidnbmnnnibpcajpcglclefindmkaj]
CHR HKLM-x32\...\Chrome\Extension: [ihcjicgdanjaechkgeegckofjjedodee]

==================== Services (Whitelisted) ===================

(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)

S2 AdobeARMservice; C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\armsvc.exe [172992 2024-09-25] (Adobe Inc. -> Adobe Inc.)
S2 Dolby DAX2 API Service; C:\Program Files\Dolby\Dolby DAX2\DAX2_API\DolbyDAX2API.exe [189464 2020-06-02] (Dolby Laboratories, Inc. -> Dolby Laboratories, Inc.)
R2 HPPrintScanDoctorService; C:\Program Files\HPPrintScanDoctor\HPPrintScanDoctorService.exe [243664 2024-10-16] (HP Inc. -> HP Inc.)
R2 LGHUBUpdaterService; C:\Program Files\LGHUB\lghub_updater.exe [11335576 2024-09-18] (Logitech Inc -> Logitech, Inc.)
R2 MBAMService; C:\Program Files\Malwarebytes\Anti-Malware\MBAMService.exe [9433496 2024-11-19] (Malwarebytes Inc. -> Malwarebytes)
S3 MBVpnTunnelService; C:\Program Files\Malwarebytes\Anti-Malware\MBVpnTunnelService.exe [3073888 2024-11-19] (Malwarebytes Inc. -> Malwarebytes)
S3 MDCoreSvc; C:\ProgramData\Microsoft\Windows Defender\Platform\4.18.24090.11-0\MpDefenderCoreService.exe [1447680 2024-10-31] (Microsoft Windows Publisher -> Microsoft Corporation)
S3 Sense; C:\Program Files\Windows Defender Advanced Threat Protection\MsSense.exe [559368 2024-11-12] (Microsoft Windows Publisher -> Microsoft Corporation)
S3 WdNisSvc; C:\ProgramData\Microsoft\Windows Defender\Platform\4.18.24090.11-0\NisSrv.exe [3199672 2024-10-31] (Microsoft Windows Publisher -> Microsoft Corporation)
S3 WinDefend; C:\ProgramData\Microsoft\Windows Defender\Platform\4.18.24090.11-0\MsMpEng.exe [141952 2024-10-31] (Microsoft Windows Publisher -> Microsoft Corporation)

===================== Drivers (Whitelisted) ===================

(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)

S3 BthHFEnum; C:\Windows\System32\drivers\bthhfenum.sys [144896 2019-12-07] (Microsoft Corporation) [File not signed]
S3 dg_ssudbus; C:\Windows\system32\DRIVERS\ssudbus2.sys [167440 2022-09-30] (Samsung Electronics CO., LTD. -> Samsung Electronics Co., Ltd.)
R1 ESProtectionDriver; C:\Windows\system32\drivers\mbae64.sys [158640 2024-11-19] (Microsoft Windows Hardware Compatibility Publisher -> Malwarebytes)
R3 LBAI; C:\Windows\System32\Drivers\LBAI.sys [23208 2017-11-13] (WDKTestCert Win10P64US,131547553407012624 -> Lenovo)
R3 logi_joy_bus_enum; C:\Windows\system32\drivers\logi_joy_bus_enum.sys [44880 2024-09-21] (Logitech Inc -> Logitech)
S3 logi_joy_vir_hid; C:\Windows\system32\drivers\logi_joy_vir_hid.sys [32080 2024-04-15] (Logitech Inc -> Logitech)
R3 logi_joy_xlcore; C:\Windows\system32\drivers\logi_joy_xlcore.sys [73040 2024-09-21] (Logitech Inc -> Logitech)
R2 mbamchameleon; C:\Windows\System32\Drivers\MbamChameleon.sys [232024 2024-11-19] (Microsoft Windows Hardware Compatibility Publisher -> Malwarebytes)
S0 MbamElam; C:\Windows\System32\DRIVERS\MbamElam.sys [21480 2024-11-19] (Microsoft Windows Early Launch Anti-malware Publisher -> Malwarebytes)
R3 MBAMFarflt; C:\Windows\system32\DRIVERS\farflt.sys [201280 2024-11-19] (Microsoft Windows Hardware Compatibility Publisher -> Malwarebytes)
R3 MBAMProtection; C:\Windows\system32\DRIVERS\mbam.sys [80448 2024-11-19] (Microsoft Windows Hardware Compatibility Publisher -> Malwarebytes)
R3 MBAMSwissArmy; C:\Windows\System32\Drivers\mbamswissarmy.sys [239568 2024-11-19] (Microsoft Windows Hardware Compatibility Publisher -> Malwarebytes)
R3 MBAMWebProtection; C:\Windows\system32\DRIVERS\mwac.sys [189776 2024-11-19] (Malwarebytes Inc. -> Malwarebytes)
S3 ssudmdm; C:\Windows\system32\DRIVERS\ssudmdm.sys [174112 2022-09-30] (Samsung Electronics CO., LTD. -> Samsung Electronics Co., Ltd.)
S3 ss_conn_usb_driver2; C:\Windows\System32\Drivers\ss_conn_usb_driver2.sys [50720 2022-09-30] (Samsung Electronics CO., LTD. -> Samsung Electronics Co., Ltd.)
S3 WdBoot; C:\Windows\system32\drivers\wd\WdBoot.sys [22104 2024-10-31] (Microsoft Windows Early Launch Anti-malware Publisher -> Microsoft Corporation)
S3 WdFilter; C:\Windows\system32\drivers\wd\WdFilter.sys [606624 2024-10-31] (Microsoft Windows -> Microsoft Corporation)
S3 WdNisDrv; C:\Windows\System32\drivers\wd\WdNisDrv.sys [105888 2024-10-31] (Microsoft Windows -> Microsoft Corporation)

==================== NetSvcs (Whitelisted) ===================

(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)


==================== One month (created) (Whitelisted) =========

(If an entry is included in the fixlist, the file/folder will be moved.)

2024-11-19 17:01 - 2024-11-19 17:01 - 000017261 _____ C:\Users\Admin\Desktop\FRST.txt
2024-11-19 17:00 - 2024-11-19 17:01 - 000000000 ____D C:\FRST
2024-11-19 16:56 - 2024-11-19 17:00 - 002402816 _____ (Farbar) C:\Users\Admin\Desktop\FRST64.exe
2024-11-19 16:56 - 2024-11-19 16:56 - 000000000 ____D C:\AdwCleaner
2024-11-19 16:43 - 2024-11-19 16:43 - 000189776 _____ (Malwarebytes) C:\Windows\system32\Drivers\mwac.sys
2024-11-19 16:39 - 2024-11-19 17:00 - 000000000 ____D C:\Users\Admin\AppData\Local\Malwarebytes
2024-11-19 16:39 - 2024-11-19 16:39 - 000002053 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Malwarebytes.lnk
2024-11-19 16:39 - 2024-11-19 16:39 - 000002041 _____ C:\Users\Public\Desktop\Malwarebytes.lnk
2024-11-19 16:39 - 2024-11-19 16:39 - 000000000 ____D C:\ProgramData\Malwarebytes
2024-11-19 16:39 - 2024-11-19 16:39 - 000000000 ____D C:\Program Files\Malwarebytes
2024-11-19 15:23 - 2024-11-19 15:23 - 002441738 _____ C:\Users\Admin\Desktop\m.psd
2024-11-18 11:30 - 2024-11-18 11:30 - 000000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Mp3tag
2024-11-16 20:24 - 2024-11-16 20:24 - 000211974 _____ C:\Users\Admin\Downloads\Faktura_0014631688_4797202100_2443047202.PDF
2024-11-13 07:58 - 2024-11-17 19:57 - 000000000 ____D C:\Program Files\Mozilla Firefox
2024-11-12 19:41 - 2024-11-12 19:41 - 000000000 ___HD C:\$WinREAgent
2024-11-07 18:35 - 2024-11-07 18:35 - 000001195 _____ C:\Users\Admin\Desktop\Kia Sportage_Návod k obsluze.lnk
2024-11-04 21:21 - 2024-11-04 21:23 - 000078522 _____ C:\Users\Admin\Desktop\Rozvrh-ZS_2024.pdf

==================== One month (modified) ==================

(If an entry is included in the fixlist, the file/folder will be moved.)

2024-11-19 16:58 - 2023-12-01 14:17 - 000000000 ____D C:\ProgramData\Mozilla-1de4eec8-1241-4177-a864-e594e8d1fb38
2024-11-19 16:55 - 2019-12-07 10:14 - 000000000 ____D C:\ProgramData\regid.1991-06.com.microsoft
2024-11-19 16:42 - 2023-12-01 15:45 - 000000000 ____D C:\Program Files\EZ CD Audio Converter
2024-11-19 16:39 - 2019-12-07 10:14 - 000000000 ___HD C:\Windows\ELAMBKUP
2024-11-19 16:39 - 2019-12-07 10:13 - 000000000 ____D C:\Windows\INF
2024-11-19 16:27 - 2023-12-01 15:45 - 000000000 ____D C:\ProgramData\TEMP
2024-11-19 16:22 - 2023-11-27 16:12 - 000000000 ____D C:\Windows\system32\SleepStudy
2024-11-19 16:22 - 2023-11-27 15:16 - 000000000 ____D C:\Users\Admin\AppData\Local\D3DSCache
2024-11-19 08:13 - 2023-11-27 15:38 - 000000000 __SHD C:\Users\Admin\IntelGraphicsProfiles
2024-11-18 22:42 - 2023-12-04 16:11 - 000000000 ____D C:\Users\Admin\AppData\Roaming\Mp3tag
2024-11-18 17:07 - 2019-12-07 10:14 - 000000000 ____D C:\Windows\AppReadiness
2024-11-18 11:30 - 2023-12-04 16:11 - 000000000 ____D C:\Program Files\Mp3tag
2024-11-18 11:23 - 2023-12-18 23:15 - 000000000 ____D C:\Users\Admin\AppData\Local\CrashDumps
2024-11-17 20:04 - 2023-11-27 15:21 - 001694140 _____ C:\Windows\system32\PerfStringBackup.INI
2024-11-17 20:04 - 2019-12-07 15:43 - 000717008 _____ C:\Windows\system32\perfh005.dat
2024-11-17 20:04 - 2019-12-07 15:43 - 000145186 _____ C:\Windows\system32\perfc005.dat
2024-11-17 19:57 - 2023-12-01 14:17 - 000000000 ____D C:\Program Files (x86)\Mozilla Maintenance Service
2024-11-17 19:57 - 2023-11-27 16:12 - 000008192 ___SH C:\DumpStack.log.tmp
2024-11-17 19:57 - 2023-11-27 16:12 - 000000006 ____H C:\Windows\Tasks\SA.DAT
2024-11-17 19:57 - 2023-05-05 13:28 - 000000000 ____D C:\Windows\SystemTemp
2024-11-17 19:57 - 2019-12-07 10:14 - 000000000 ____D C:\Windows\ServiceState
2024-11-17 19:57 - 2019-12-07 10:03 - 000524288 _____ C:\Windows\system32\config\BBI
2024-11-17 15:29 - 2023-12-01 15:30 - 000000000 ____D C:\Users\Admin\AppData\Roaming\Microsoft\Word
2024-11-17 14:56 - 2023-11-27 15:16 - 000000000 ____D C:\Users\Admin\AppData\Local\Packages
2024-11-17 09:09 - 2023-11-27 16:12 - 000002436 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Microsoft Edge.lnk
2024-11-17 09:09 - 2023-11-27 16:12 - 000002274 _____ C:\Users\Public\Desktop\Microsoft Edge.lnk
2024-11-16 17:58 - 2019-12-07 10:14 - 000000000 ___HD C:\Program Files\WindowsApps
2024-11-14 07:51 - 2023-11-27 15:18 - 000003592 _____ C:\Windows\system32\Tasks\OneDrive Reporting Task-S-1-5-21-3260051251-3003698751-2184876508-1001
2024-11-14 07:51 - 2023-11-27 15:18 - 000003372 _____ C:\Windows\system32\Tasks\OneDrive Standalone Update Task-S-1-5-21-3260051251-3003698751-2184876508-1001
2024-11-14 07:51 - 2023-11-27 15:16 - 000002422 _____ C:\Users\Admin\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\OneDrive.lnk
2024-11-13 15:55 - 2023-12-01 15:30 - 000000000 ____D C:\Users\Admin\AppData\Roaming\Microsoft\Office
2024-11-13 09:46 - 2023-12-01 14:17 - 000000000 ____D C:\Windows\system32\Tasks\Mozilla
2024-11-13 09:45 - 2023-12-01 14:17 - 000001005 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Firefox.lnk
2024-11-12 21:20 - 2023-11-27 16:12 - 000437832 _____ C:\Windows\system32\FNTCACHE.DAT
2024-11-12 21:20 - 2019-12-07 15:47 - 000000000 ____D C:\Program Files\Windows Defender Advanced Threat Protection
2024-11-12 21:20 - 2019-12-07 10:14 - 000000000 ___RD C:\Windows\ImmersiveControlPanel
2024-11-12 21:20 - 2019-12-07 10:14 - 000000000 ____D C:\Windows\SysWOW64\Dism
2024-11-12 21:20 - 2019-12-07 10:14 - 000000000 ____D C:\Windows\SystemResources
2024-11-12 21:20 - 2019-12-07 10:14 - 000000000 ____D C:\Windows\system32\setup
2024-11-12 21:20 - 2019-12-07 10:14 - 000000000 ____D C:\Windows\system32\SecureBootUpdates
2024-11-12 21:20 - 2019-12-07 10:14 - 000000000 ____D C:\Windows\system32\oobe
2024-11-12 21:20 - 2019-12-07 10:14 - 000000000 ____D C:\Windows\system32\Dism
2024-11-12 21:20 - 2019-12-07 10:14 - 000000000 ____D C:\Windows\system32\appraiser
2024-11-12 21:20 - 2019-12-07 10:14 - 000000000 ____D C:\Windows\ShellExperiences
2024-11-12 21:20 - 2019-12-07 10:14 - 000000000 ____D C:\Windows\DiagTrack
2024-11-12 21:20 - 2019-12-07 10:14 - 000000000 ____D C:\Windows\bcastdvr
2024-11-12 19:46 - 2019-12-07 10:03 - 000000000 ____D C:\Windows\CbsTemp
2024-11-12 19:44 - 2023-11-27 15:14 - 003016192 _____ (Microsoft Corporation) C:\Windows\SysWOW64\PrintConfig.dll
2024-11-12 19:36 - 2023-11-27 15:18 - 000000000 ____D C:\Windows\system32\MRT
2024-11-12 19:35 - 2023-11-27 15:18 - 202035632 ____C (Microsoft Corporation) C:\Windows\system32\MRT.exe
2024-11-10 09:55 - 2023-11-27 16:12 - 000003640 _____ C:\Windows\system32\Tasks\MicrosoftEdgeUpdateTaskMachineUA
2024-11-10 09:55 - 2023-11-27 16:12 - 000003516 _____ C:\Windows\system32\Tasks\MicrosoftEdgeUpdateTaskMachineCore
2024-11-09 20:07 - 2023-12-01 13:39 - 000003980 _____ C:\Windows\system32\Tasks\MicrosoftEdgeUpdateTaskUserS-1-5-21-3260051251-3003698751-2184876508-1001UA{152E6660-A07E-4644-B395-8FEB8768CA9A}
2024-11-09 20:07 - 2023-12-01 13:39 - 000003916 _____ C:\Windows\system32\Tasks\MicrosoftEdgeUpdateTaskUserS-1-5-21-3260051251-3003698751-2184876508-1001Core{345A1CD2-8F45-4CFA-9785-0D4EAC18957A}
2024-11-04 16:02 - 2024-04-12 07:22 - 000001614 _____ C:\darkaneH2.rar
2024-11-03 20:08 - 2024-06-18 11:04 - 000000000 ____D C:\Users\Admin\Desktop\faktury
2024-11-03 10:11 - 2024-08-30 08:23 - 000000000 ____D C:\Users\Admin\Downloads\kosma
2024-11-03 10:10 - 2024-06-27 06:05 - 000000000 ____D C:\Users\Admin\Downloads\Tyršova 402
2024-11-01 14:53 - 2019-12-07 10:14 - 000000000 ____D C:\Windows\system32\NDF
2024-10-31 13:40 - 2024-07-28 18:36 - 000000837 _____ C:\Users\Admin\Desktop\kia kola.txt
2024-10-31 07:26 - 2023-11-27 16:12 - 000000000 ____D C:\Windows\system32\Drivers\wd
2024-10-26 08:06 - 2024-06-18 10:04 - 000004562 _____ C:\Windows\system32\Tasks\Adobe Acrobat Update Task
2024-10-21 16:44 - 2019-12-07 10:14 - 000000000 ____D C:\Windows\appcompat

==================== Files in the root of some directories ========

2023-12-01 16:48 - 2023-12-01 16:48 - 000000410 _____ () C:\Users\Admin\AppData\Local\oobelibMkey.log
2024-02-12 22:28 - 2024-02-12 22:28 - 000000017 _____ () C:\Users\Admin\AppData\Local\resmon.resmoncfg

==================== SigCheck ============================

(There is no automatic fix for files that do not pass verification.)

==================== End of FRST.txt ========================


Additional scan result of Farbar Recovery Scan Tool (x64) Version: 18-11-2024
Ran by Admin (19-11-2024 17:01:52)
Running from C:\Users\Admin\Desktop
Microsoft Windows 10 Pro Version 22H2 19045.5131 (X64) (2023-11-27 14:14:16)
Boot Mode: Normal
==========================================================


==================== Accounts: =============================

(If an entry is included in the fixlist, it will be removed.)

Admin (S-1-5-21-3260051251-3003698751-2184876508-1001 - Administrator - Enabled) => C:\Users\Admin
Administrator (S-1-5-21-3260051251-3003698751-2184876508-500 - Administrator - Disabled)
DefaultAccount (S-1-5-21-3260051251-3003698751-2184876508-503 - Limited - Disabled)
Guest (S-1-5-21-3260051251-3003698751-2184876508-501 - Limited - Disabled)
WDAGUtilityAccount (S-1-5-21-3260051251-3003698751-2184876508-504 - Limited - Disabled)

==================== Security Center ========================

(If an entry is included in the fixlist, it will be removed.)

AV: Malwarebytes (Enabled - Up to date) {0D452135-A081-B000-D6B6-132E52638543}
AV: Windows Defender (Disabled - Up to date) {D68DDC3A-831F-4fae-9E44-DA132C1ACF46}

==================== Installed Programs ======================

(Only the adware programs with "Hidden" flag could be added to the fixlist to unhide them. The adware programs should be uninstalled manually.)

Adobe Acrobat (64-bit) (HKLM\...\{AC76BA86-1033-FFFF-7760-BC15014EA700}) (Version: 24.003.20054 - Adobe)
Adobe Audition 2023 (HKLM-x32\...\AUDT_23_3) (Version: 23.3 - Adobe Inc.)
Adobe Genuine Service (HKLM-x32\...\AdobeGenuineService) (Version: 8.4.0.63 - Adobe Inc.)
Adobe Illustrator 2021 (HKLM-x32\...\ILST_25_4_1) (Version: 25.4.1 - Adobe Inc.)
Adobe Photoshop 2024 (HKLM-x32\...\PHSP_25_1) (Version: 25.1.0.120 - Adobe Inc.)
Adobe Refresh Manager (HKLM-x32\...\{AC76BA86-0804-1033-1959-018244601102}) (Version: 1.8.0 - Adobe Systems Incorporated) Hidden
Dolby Audio X2 Windows API SDK (HKLM\...\{FA0735B6-9E18-437A-A1CD-9152650FC52B}) (Version: 0.8.8.90 - Dolby Laboratories, Inc.)
eLicenser Control (HKLM-x32\...\eLicenser Control) (Version: 6.12.8.4321 - Steinberg Media Technologies GmbH)
EZ CD Audio Converter (HKLM-x32\...\EZ CD Audio Converter) (Version: 11.0.2 - Poikosoft)
Integrated Camera (HKLM-x32\...\{E399A5B3-ED53-4DEA-AF04-8011E1EB1EAC}) (Version: 10.0.10120.11107 - Realtek Semiconductor Corp.)
Intel(R) Processor Graphics (HKLM-x32\...\{F0E3AD40-2BBD-4360-9C76-B9AC9A5886EA}) (Version: 22.20.16.4708 - Intel Corporation)
Logitech G HUB (HKLM\...\{521c89be-637f-4274-a840-baaf7460c2b2}) (Version: 2024.7.621167 - Logitech)
Malwarebytes version 5.2.2.154 (HKLM\...\{35065F43-4BB2-439A-BFF7-0F1014F2E0CD}_is1) (Version: 5.2.2.154 - Malwarebytes)
Microsoft Access MUI (Czech) 2016 (HKLM\...\{90160000-0015-0405-1000-0000000FF1CE}) (Version: 16.0.4266.1001 - Microsoft Corporation) Hidden
Microsoft DCF MUI (Czech) 2016 (HKLM\...\{90160000-0090-0405-1000-0000000FF1CE}) (Version: 16.0.4266.1001 - Microsoft Corporation) Hidden
Microsoft Edge (HKLM-x32\...\Microsoft Edge) (Version: 131.0.2903.51 - Microsoft Corporation)
Microsoft Edge WebView2 Runtime (HKLM-x32\...\Microsoft EdgeWebView) (Version: 130.0.2849.80 - Microsoft Corporation)
Microsoft Excel MUI (Czech) 2016 (HKLM\...\{90160000-0016-0405-1000-0000000FF1CE}) (Version: 16.0.4266.1001 - Microsoft Corporation) Hidden
Microsoft Groove MUI (Czech) 2016 (HKLM\...\{90160000-00BA-0405-1000-0000000FF1CE}) (Version: 16.0.4266.1001 - Microsoft Corporation) Hidden
Microsoft InfoPath MUI (Czech) 2016 (HKLM\...\{90160000-0044-0405-1000-0000000FF1CE}) (Version: 16.0.4266.1001 - Microsoft Corporation) Hidden
Microsoft Office 32-bit Components 2016 (HKLM\...\{90160000-00C1-0000-1000-0000000FF1CE}) (Version: 16.0.4266.1001 - Microsoft Corporation) Hidden
Microsoft Office Korrekturhilfen 2016 – Deutsch (HKLM\...\{90160000-001F-0407-1000-0000000FF1CE}) (Version: 16.0.4266.1001 - Microsoft Corporation) Hidden
Microsoft Office OSM MUI (Czech) 2016 (HKLM\...\{90160000-00E1-0405-1000-0000000FF1CE}) (Version: 16.0.4266.1001 - Microsoft Corporation) Hidden
Microsoft Office OSM UX MUI (Czech) 2016 (HKLM\...\{90160000-00E2-0405-1000-0000000FF1CE}) (Version: 16.0.4266.1001 - Microsoft Corporation) Hidden
Microsoft Office Professional Plus 2016 (HKLM\...\{90160000-0011-0000-1000-0000000FF1CE}) (Version: 16.0.4266.1001 - Microsoft Corporation) Hidden
Microsoft Office Professional Plus 2016 (HKLM\...\Office16.PROPLUS) (Version: 16.0.4266.1001 - Microsoft Corporation)
Microsoft Office Proofing (Czech) 2016 (HKLM\...\{90160000-002C-0405-1000-0000000FF1CE}) (Version: 16.0.4266.1001 - Microsoft Corporation) Hidden
Microsoft Office Proofing Tools 2016 - English (HKLM\...\{90160000-001F-0409-1000-0000000FF1CE}) (Version: 16.0.4266.1001 - Microsoft Corporation) Hidden
Microsoft Office Shared 32-bit MUI (Czech) 2016 (HKLM\...\{90160000-00C1-0405-1000-0000000FF1CE}) (Version: 16.0.4266.1001 - Microsoft Corporation) Hidden
Microsoft Office Shared MUI (Czech) 2016 (HKLM\...\{90160000-006E-0405-1000-0000000FF1CE}) (Version: 16.0.4266.1001 - Microsoft Corporation) Hidden
Microsoft OneDrive (HKU\S-1-5-21-3260051251-3003698751-2184876508-1001\...\OneDriveSetup.exe) (Version: 24.211.1020.0001 - Microsoft Corporation)
Microsoft OneNote MUI (Czech) 2016 (HKLM\...\{90160000-00A1-0405-1000-0000000FF1CE}) (Version: 16.0.4266.1001 - Microsoft Corporation) Hidden
Microsoft Outlook MUI (Czech) 2016 (HKLM\...\{90160000-001A-0405-1000-0000000FF1CE}) (Version: 16.0.4266.1001 - Microsoft Corporation) Hidden
Microsoft PowerPoint MUI (Czech) 2016 (HKLM\...\{90160000-0018-0405-1000-0000000FF1CE}) (Version: 16.0.4266.1001 - Microsoft Corporation) Hidden
Microsoft Publisher MUI (Czech) 2016 (HKLM\...\{90160000-0019-0405-1000-0000000FF1CE}) (Version: 16.0.4266.1001 - Microsoft Corporation) Hidden
Microsoft Skype for Business MUI (Czech) 2016 (HKLM\...\{90160000-012B-0405-1000-0000000FF1CE}) (Version: 16.0.4266.1001 - Microsoft Corporation) Hidden
Microsoft Update Health Tools (HKLM\...\{1FC1A6C2-576E-489A-9B4A-92D21F542136}) (Version: 3.74.0.0 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x64 9.0.30729.4148 (HKLM\...\{4B6C7001-C7D6-3710-913E-5BC23FCE91E6}) (Version: 9.0.30729.4148 - Microsoft Corporation)
Microsoft Visual C++ 2012 Redistributable (x64) - 11.0.61030 (HKLM-x32\...\{ca67548a-5ebe-413a-b50c-4b9ceb6d66c6}) (Version: 11.0.61030.0 - Microsoft Corporation)
Microsoft Visual C++ 2012 Redistributable (x86) - 11.0.61030 (HKLM-x32\...\{33d1fd90-4274-48a1-9bc1-97e33d9c2d6f}) (Version: 11.0.61030.0 - Microsoft Corporation)
Microsoft Visual C++ 2012 x64 Additional Runtime - 11.0.61030 (HKLM\...\{37B8F9C7-03FB-3253-8781-2517C99D7C00}) (Version: 11.0.61030 - Microsoft Corporation) Hidden
Microsoft Visual C++ 2012 x64 Minimum Runtime - 11.0.61030 (HKLM\...\{CF2BEA3C-26EA-32F8-AA9B-331F7E34BA97}) (Version: 11.0.61030 - Microsoft Corporation) Hidden
Microsoft Visual C++ 2012 x86 Additional Runtime - 11.0.61030 (HKLM-x32\...\{B175520C-86A2-35A7-8619-86DC379688B9}) (Version: 11.0.61030 - Microsoft Corporation) Hidden
Microsoft Visual C++ 2012 x86 Minimum Runtime - 11.0.61030 (HKLM-x32\...\{BD95A8CD-1D9F-35AD-981A-3E7925026EBB}) (Version: 11.0.61030 - Microsoft Corporation) Hidden
Microsoft Visual C++ 2013 Redistributable (x64) - 12.0.40664 (HKLM-x32\...\{042d26ef-3dbe-4c25-95d3-4c1b11b235a7}) (Version: 12.0.40664.0 - Microsoft Corporation)
Microsoft Visual C++ 2013 Redistributable (x86) - 12.0.40664 (HKLM-x32\...\{9dff3540-fc85-4ed5-ac84-9e3c7fd8bece}) (Version: 12.0.40664.0 - Microsoft Corporation)
Microsoft Visual C++ 2013 x64 Additional Runtime - 12.0.40664 (HKLM\...\{010792BA-551A-3AC0-A7EF-0FAB4156C382}) (Version: 12.0.40664 - Microsoft Corporation) Hidden
Microsoft Visual C++ 2013 x64 Minimum Runtime - 12.0.40664 (HKLM\...\{53CF6934-A98D-3D84-9146-FC4EDF3D5641}) (Version: 12.0.40664 - Microsoft Corporation) Hidden
Microsoft Visual C++ 2013 x86 Additional Runtime - 12.0.40664 (HKLM-x32\...\{D401961D-3A20-3AC7-943B-6139D5BD490A}) (Version: 12.0.40664 - Microsoft Corporation) Hidden
Microsoft Visual C++ 2013 x86 Minimum Runtime - 12.0.40664 (HKLM-x32\...\{8122DAB1-ED4D-3676-BB0A-CA368196543E}) (Version: 12.0.40664 - Microsoft Corporation) Hidden
Microsoft Visual C++ 2015-2022 Redistributable (x64) - 14.34.31931 (HKLM-x32\...\{d4cecf3b-b68f-4995-8840-52ea0fab646e}) (Version: 14.34.31931.0 - Microsoft Corporation)
Microsoft Visual C++ 2015-2022 Redistributable (x86) - 14.32.31326 (HKLM-x32\...\{817e21c1-6b3a-4bc1-8c49-67e4e1887b3a}) (Version: 14.32.31326.0 - Microsoft Corporation)
Microsoft Visual C++ 2022 X64 Additional Runtime - 14.34.31931 (HKLM\...\{EAE242B1-0A26-485A-BFEB-0292EE9F03CB}) (Version: 14.34.31931 - Microsoft Corporation) Hidden
Microsoft Visual C++ 2022 X64 Minimum Runtime - 14.34.31931 (HKLM\...\{CF4C347D-954E-4543-88D2-EC17F07F466F}) (Version: 14.34.31931 - Microsoft Corporation) Hidden
Microsoft Visual C++ 2022 X86 Additional Runtime - 14.32.31326 (HKLM-x32\...\{A250E750-DB3F-40C1-8460-8EF77C7582DA}) (Version: 14.32.31326 - Microsoft Corporation) Hidden
Microsoft Visual C++ 2022 X86 Minimum Runtime - 14.32.31326 (HKLM-x32\...\{46E11E7F-01E1-44D0-BB86-C67342D253DD}) (Version: 14.32.31326 - Microsoft Corporation) Hidden
Microsoft Word MUI (Czech) 2016 (HKLM\...\{90160000-001B-0405-1000-0000000FF1CE}) (Version: 16.0.4266.1001 - Microsoft Corporation) Hidden
Mozilla Firefox (x64 cs) (HKLM\...\Mozilla Firefox 132.0.2 (x64 cs)) (Version: 132.0.2 - Mozilla)
Mozilla Maintenance Service (HKLM\...\MozillaMaintenanceService) (Version: 120.0.1 - Mozilla)
Mp3tag v3.28 (HKLM\...\Mp3tag) (Version: 3.28 - Florian Heidenreich)
Nástroje kontroly pravopisu pro Microsoft Office 2016 – čeština (HKLM\...\{90160000-001F-0405-1000-0000000FF1CE}) (Version: 16.0.4266.1001 - Microsoft Corporation) Hidden
Nástroje korektúry balíka Microsoft Office 2016 - slovenčina (HKLM\...\{90160000-001F-041B-1000-0000000FF1CE}) (Version: 16.0.4266.1001 - Microsoft Corporation) Hidden
Navigation Updater (HKU\S-1-5-21-3260051251-3003698751-2184876508-1001\...\{cc421fe9-06b3-474a-809a-80908170203b}) (Version: 2.2.3.8 - HYUNDAI MOTOR GROUP)
Steinberg Activation Manager (HKLM\...\{0224CA8C-FD43-4397-94CE-319B9471016A}) (Version: 1.4.40 - Steinberg Media Technologies GmbH)
Steinberg Cubase 13 (HKLM\...\{2B68F691-AC02-46E5-B548-70C95A995DD9}) (Version: 13.0.20 - Steinberg Media Technologies GmbH)
Steinberg Download Assistant (HKLM-x32\...\Steinberg Download Assistant) (Version: 1.35.0 - Steinberg Media Technologies GmbH)
Steinberg Generic Lower Latency ASIO Driver 64bit (HKLM\...\{16D5A798-10BE-4FF3-BB71-54C012CD0D7D}) (Version: 1.0.30 - Steinberg Media Technologies GmbH)
Steinberg Groove Agent SE 5 (HKLM\...\{A5AB0D21-21BD-4DB8-F097-02E8FC8C486A}) (Version: 5.1.20 - Steinberg Media Technologies GmbH)
Steinberg HALion Sonic 7 (HKLM\...\{69043884-EB60-4C9A-9C41-3303C319E1A8}) (Version: 7.0.20 - Steinberg Media Technologies GmbH)
Steinberg Install Assistant (HKLM\...\{2E7DF371-6034-4FC7-AE30-100AC21A1003}) (Version: 1.2.2 - Steinberg Media Technologies GmbH)
Steinberg Library Manager (HKLM\...\{AA78592A-F13C-4C8E-B849-7A398001FA7F}) (Version: 3.2.40 - Steinberg Media Technologies GmbH)
Steinberg MediaBay (HKLM\...\{9529D195-8127-42F5-BA54-8D862E941920}) (Version: 1.1.20 - Steinberg Media Technologies GmbH)
Steinberg Padshop 2 (HKLM\...\{6FBAF5EF-816E-4D80-BFBE-8B237EEA4CD4}) (Version: 2.2.0 - Steinberg Media Technologies GmbH)
Steinberg Retrologue 64bit (HKLM\...\{4D65ECE6-131D-4B5F-8470-2750D3161619}) (Version: 2.4.0 - Steinberg Media Technologies GmbH)
Steinberg SpectraLayers 10 (HKLM\...\424abc1e-aca9-452c-8b47-4klc6fh21b36_is1) (Version: 10.0.40.339 - Steinberg)
TIDAL (HKU\S-1-5-21-3260051251-3003698751-2184876508-1001\...\TIDAL) (Version: 2.36.2 - TIDAL Music AS)
Update for x64-based Windows Systems (KB5001716) (HKLM\...\{DA80A019-4C3B-4DAA-ACA1-6937D7CAAF9E}) (Version: 8.94.0.0 - Microsoft Corporation)
UXP WebView Support (HKLM-x32\...\UXPW_1_1_0) (Version: 1.1.0 - Adobe Inc.)
VLC media player (HKLM\...\VLC media player) (Version: 3.0.20 - VideoLAN)
Vulkan Run Time Libraries 1.0.42.0 (HKLM\...\VulkanRT1.0.42.0) (Version: 1.0.42.0 - LunarG, Inc.)
WinRAR 6.20 (64-bit) (HKLM\...\WinRAR archiver) (Version: 6.20.0 - win.rar GmbH)
Wondershare Helper Compact 2.6.0 (HKLM-x32\...\{5363CE84-5F09-48A1-8B6C-6BB590FFEDF2}_is1) (Version: 2.6.0 - Wondershare)

Packages:
=========
HP Smart -> C:\Program Files\WindowsApps\AD2F1837.HPPrinterControl_156.1.1125.0_x64__v10z8vjag6ke6 [2024-10-16] (HP Inc.)
Spotify – hudba a podcasty -> C:\Program Files\WindowsApps\SpotifyAB.SpotifyMusic_1.250.335.0_x64__zpdnekdrzrea0 [2024-11-15] (Spotify AB) [Startup Task]
WhatsApp -> C:\Program Files\WindowsApps\5319275A.WhatsAppDesktop_2.2445.7.0_x64__cv1g1gvanyjgm [2024-11-14] (WhatsApp Inc.) [Startup Task]

==================== Custom CLSID (Whitelisted): ==============

(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)

CustomCLSID: HKU\S-1-5-21-3260051251-3003698751-2184876508-1001_Classes\CLSID\{1108FD1C-492F-4251-B9DB-77F0274267B2}\InprocServer32 -> C:\Users\Admin\AppData\Local\Microsoft\EdgeUpdate\1.3.187.37\psuser_64.dll => No File
CustomCLSID: HKU\S-1-5-21-3260051251-3003698751-2184876508-1001_Classes\CLSID\{14100442-9664-1407-2647-000000000000}\localserver32 -> "C:\Users\Admin\AppData\Local\Wondershare\Wondershare NativePush\WsToastNotification.exe" -ToastActivated => No File
CustomCLSID: HKU\S-1-5-21-3260051251-3003698751-2184876508-1001_Classes\CLSID\{4FFB4BD8-A109-4F25-A4DB-313678B19417}\InprocServer32 -> C:\Users\Admin\AppData\Local\Microsoft\EdgeUpdate\1.3.195.31\psuser_64.dll => No File
CustomCLSID: HKU\S-1-5-21-3260051251-3003698751-2184876508-1001_Classes\CLSID\{5EA43877-C6D8-4885-B77A-C0BB27E94372}\InprocServer32 -> C:\Users\Admin\AppData\Local\Microsoft\EdgeUpdate\1.3.195.35\psuser_64.dll (Microsoft Corporation -> Microsoft Corporation)
CustomCLSID: HKU\S-1-5-21-3260051251-3003698751-2184876508-1001_Classes\CLSID\{5FC44EBC-3A1F-4FBB-85E5-34405788C8D7}\InprocServer32 -> C:\Users\Admin\AppData\Local\Microsoft\EdgeUpdate\1.3.187.41\psuser_64.dll => No File
CustomCLSID: HKU\S-1-5-21-3260051251-3003698751-2184876508-1001_Classes\CLSID\{6DD6748E-7DAE-47EF-B4D5-03AA1B06D697}\InprocServer32 -> C:\Users\Admin\AppData\Local\Microsoft\EdgeUpdate\1.3.187.39\psuser_64.dll => No File
CustomCLSID: HKU\S-1-5-21-3260051251-3003698751-2184876508-1001_Classes\CLSID\{72726D01-426C-4B35-8266-B4496CAA889E}\InprocServer32 -> C:\Users\Admin\AppData\Local\Microsoft\EdgeUpdate\1.3.183.29\psuser_64.dll => No File
CustomCLSID: HKU\S-1-5-21-3260051251-3003698751-2184876508-1001_Classes\CLSID\{78C1ADF4-6DAE-4164-AEFA-4E3EAD9E750A}\InprocServer32 -> C:\Users\Admin\AppData\Local\Microsoft\EdgeUpdate\1.3.195.19\psuser_64.dll => No File
CustomCLSID: HKU\S-1-5-21-3260051251-3003698751-2184876508-1001_Classes\CLSID\{81093D63-7825-417B-BFC8-ADC63FA4E53D}\InprocServer32 -> C:\Users\Admin\AppData\Local\Microsoft\EdgeUpdate\1.3.195.35\psuser_64.dll (Microsoft Corporation -> Microsoft Corporation)
CustomCLSID: HKU\S-1-5-21-3260051251-3003698751-2184876508-1001_Classes\CLSID\{83F21C4B-8643-4A08-A29A-822AFD835037}\InprocServer32 -> C:\Users\Admin\AppData\Local\Microsoft\EdgeUpdate\1.3.193.5\psuser_64.dll => No File
CustomCLSID: HKU\S-1-5-21-3260051251-3003698751-2184876508-1001_Classes\CLSID\{A087E49F-1F8E-4603-A200-55537B737421}\InprocServer32 -> C:\Users\Admin\AppData\Local\Microsoft\EdgeUpdate\1.3.195.25\psuser_64.dll => No File
CustomCLSID: HKU\S-1-5-21-3260051251-3003698751-2184876508-1001_Classes\CLSID\{AE1542A7-3989-481B-93A9-1500C5F56B14}\InprocServer32 -> C:\Users\Admin\AppData\Local\Microsoft\EdgeUpdate\1.3.185.27\psuser_64.dll => No File
CustomCLSID: HKU\S-1-5-21-3260051251-3003698751-2184876508-1001_Classes\CLSID\{B258532D-3529-4BEB-BF38-F08F98B3968C}\InprocServer32 -> C:\Users\Admin\AppData\Local\Microsoft\EdgeUpdate\1.3.195.15\psuser_64.dll => No File
CustomCLSID: HKU\S-1-5-21-3260051251-3003698751-2184876508-1001_Classes\CLSID\{BC4C72EF-3055-4A6D-86E1-AE4D24DB63CA}\InprocServer32 -> C:\Users\Admin\AppData\Local\Microsoft\EdgeUpdate\1.3.195.35\psuser_64.dll (Microsoft Corporation -> Microsoft Corporation)
CustomCLSID: HKU\S-1-5-21-3260051251-3003698751-2184876508-1001_Classes\CLSID\{CAE1760A-CB07-481B-8F9A-BC65510AF5D5}\InprocServer32 -> C:\Users\Admin\AppData\Local\Microsoft\EdgeUpdate\1.3.185.21\psuser_64.dll => No File
CustomCLSID: HKU\S-1-5-21-3260051251-3003698751-2184876508-1001_Classes\CLSID\{DAA7499A-B3AC-4419-A89B-124318504051}\InprocServer32 -> C:\Users\Admin\AppData\Local\Microsoft\EdgeUpdate\1.3.185.29\psuser_64.dll => No File
CustomCLSID: HKU\S-1-5-21-3260051251-3003698751-2184876508-1001_Classes\CLSID\{E3D57E77-FE71-4D06-BD34-D48820074909}\InprocServer32 -> C:\Users\Admin\AppData\Local\Microsoft\EdgeUpdate\1.3.181.5\psuser_64.dll => No File
CustomCLSID: HKU\S-1-5-21-3260051251-3003698751-2184876508-1001_Classes\CLSID\{E76F97B1-1AE9-497C-9FA4-F57BBABAD54A}\InprocServer32 -> C:\Users\Admin\AppData\Local\Microsoft\EdgeUpdate\1.3.185.17\psuser_64.dll => No File
CustomCLSID: HKU\S-1-5-21-3260051251-3003698751-2184876508-1001_Classes\CLSID\{F1658933-2997-4DDB-869C-061D53A9718E}\InprocServer32 -> C:\Users\Admin\AppData\Local\Microsoft\EdgeUpdate\1.3.195.21\psuser_64.dll => No File
ShellIconOverlayIdentifiers: [ AccExtIco1] -> {AB9CF9F8-8A96-4F9D-BF21-CE85714C3A47} => C:\Program Files (x86)\Common Files\Adobe\CoreSyncExtension\CoreSync_x64.dll [2023-12-04] (Adobe Inc. -> )
ShellIconOverlayIdentifiers: [ AccExtIco2] -> {853B7E05-C47D-4985-909A-D0DC5C6D7303} => C:\Program Files (x86)\Common Files\Adobe\CoreSyncExtension\CoreSync_x64.dll [2023-12-04] (Adobe Inc. -> )
ShellIconOverlayIdentifiers: [ AccExtIco3] -> {42D38F2E-98E9-4382-B546-E24E4D6D04BB} => C:\Program Files (x86)\Common Files\Adobe\CoreSyncExtension\CoreSync_x64.dll [2023-12-04] (Adobe Inc. -> )
ContextMenuHandlers1: [AccExt] -> {2A118EB5-5797-4F5E-8B3D-F4ECBA3C98E4} => C:\Program Files (x86)\Common Files\Adobe\CoreSyncExtension\CoreSync_x64.dll [2023-12-04] (Adobe Inc. -> )
ContextMenuHandlers1: [Adobe.Acrobat.ContextMenu] -> {A6595CD1-BF77-430A-A452-18696685F7C7} => C:\Program Files\Adobe\Acrobat DC\Acrobat Elements\ContextMenuShim64.dll [2024-08-23] (Adobe Inc. -> Adobe Systems Inc.)
ContextMenuHandlers1: [EzCd] -> {E46D6DC6-9707-43a9-BDBB-0BDBDD096F90} => C:\Program Files\EZ CD Audio Converter\ezcd64.dll [2022-09-23] (Poikosoft -> Poikosoft)
ContextMenuHandlers1: [Mp3tagShell] -> {6351E20C-35FA-4BE3-98FB-4CABF1363E12} => C:\Program Files\Mp3tag\Mp3tagShell64.dll [2024-08-08] (Florian Heidenreich -> Florian Heidenreich)
ContextMenuHandlers1: [WinRAR] -> {B41DB860-64E4-11D2-9906-E49FADC173CA} => C:\Program Files\WinRAR\rarext.dll [2023-01-17] (win.rar GmbH -> Alexander Roshal)
ContextMenuHandlers1-x32: [WinRAR32] -> {B41DB860-8EE4-11D2-9906-E49FADC173CA} => C:\Program Files\WinRAR\rarext32.dll [2023-01-17] (win.rar GmbH -> Alexander Roshal)
ContextMenuHandlers2: [Mp3tagShell] -> {6351E20C-35FA-4BE3-98FB-4CABF1363E12} => C:\Program Files\Mp3tag\Mp3tagShell64.dll [2024-08-08] (Florian Heidenreich -> Florian Heidenreich)
ContextMenuHandlers3: [MBAMShlExt] -> {57CE581A-0CB6-4266-9CA0-19364C90A0B3} => C:\Program Files\Malwarebytes\Anti-Malware\mbshlext.dll [2024-11-19] (Malwarebytes Inc. -> Malwarebytes)
ContextMenuHandlers4: [EzCd] -> {E46D6DC6-9707-43a9-BDBB-0BDBDD096F90} => C:\Program Files\EZ CD Audio Converter\ezcd64.dll [2022-09-23] (Poikosoft -> Poikosoft)
ContextMenuHandlers4: [Mp3tagShell] -> {6351E20C-35FA-4BE3-98FB-4CABF1363E12} => C:\Program Files\Mp3tag\Mp3tagShell64.dll [2024-08-08] (Florian Heidenreich -> Florian Heidenreich)
ContextMenuHandlers5: [igfxcui] -> {3AB1675A-CCFF-11D2-8B20-00A0C93CB1F4} => -> No File
ContextMenuHandlers5: [igfxDTCM] -> {9B5F5829-A529-4B12-814A-E81BCB8D93FC} => C:\Windows\System32\DriverStore\FileRepository\igdlh64.inf_amd64_d44295a98a21a376\igfxDTCM.dll [2017-06-22] (Microsoft Windows Hardware Compatibility Publisher -> Intel Corporation)
ContextMenuHandlers6: [AccExt] -> {2A118EB5-5797-4F5E-8B3D-F4ECBA3C98E4} => C:\Program Files (x86)\Common Files\Adobe\CoreSyncExtension\CoreSync_x64.dll [2023-12-04] (Adobe Inc. -> )
ContextMenuHandlers6: [Adobe.Acrobat.ContextMenu] -> {A6595CD1-BF77-430A-A452-18696685F7C7} => C:\Program Files\Adobe\Acrobat DC\Acrobat Elements\ContextMenuShim64.dll [2024-08-23] (Adobe Inc. -> Adobe Systems Inc.)
ContextMenuHandlers6: [MBAMShlExt] -> {57CE581A-0CB6-4266-9CA0-19364C90A0B3} => C:\Program Files\Malwarebytes\Anti-Malware\mbshlext.dll [2024-11-19] (Malwarebytes Inc. -> Malwarebytes)
ContextMenuHandlers6: [WinRAR] -> {B41DB860-64E4-11D2-9906-E49FADC173CA} => C:\Program Files\WinRAR\rarext.dll [2023-01-17] (win.rar GmbH -> Alexander Roshal)
ContextMenuHandlers6-x32: [WinRAR32] -> {B41DB860-8EE4-11D2-9906-E49FADC173CA} => C:\Program Files\WinRAR\rarext32.dll [2023-01-17] (win.rar GmbH -> Alexander Roshal)

==================== Codecs (Whitelisted) ====================

==================== Shortcuts & WMI ========================

==================== Loaded Modules (Whitelisted) =============

2024-08-23 11:19 - 2024-08-23 11:19 - 000021504 _____ (Adobe Systems Inc.) [File not signed] C:\Program Files\Adobe\Acrobat DC\Acrobat\locale\cs_cz\Acrobat Elements\ContextMenuShim64.cze

==================== Alternate Data Streams (Whitelisted) ========

(If an entry is included in the fixlist, only the ADS will be removed.)

AlternateDataStreams: C:\Users\Admin\Desktop\FRST64.exe:MBAM.Zone.Identifier [193]
AlternateDataStreams: C:\ProgramData\TEMP:8934AEBA [138]

==================== Safe Mode (Whitelisted) ==================

(If an entry is included in the fixlist, it will be removed from the registry. The "AlternateShell" will be restored.)

HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\MBAMService => ""="Service"
HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Network\MBAMService => ""="Service"

==================== Association (Whitelisted) =================

==================== Internet Explorer (Whitelisted) =============

BHO: Skype for Business Browser Helper -> {31D09BA0-12F5-4CCE-BE8A-2923E76605DA} -> C:\Program Files\Microsoft Office\Office16\OCHelper.dll [2015-07-31] (Microsoft Corporation -> Microsoft Corporation)
BHO: Adobe Acrobat Create PDF Helper -> {AE7CD045-E861-484f-8273-0445EE161910} -> C:\Program Files\Common Files\Adobe\Acrobat\WCIEActiveX\DC\x64\AcroIEFavStub.dll [2024-08-23] (Adobe Inc. -> Adobe Systems Incorporated)
BHO: Microsoft OneDrive for Business Browser Helper -> {D0498E0A-45B7-42AE-A9AA-ABA463DBD3BF} -> C:\Program Files\Microsoft Office\Office16\GROOVEEX.DLL [2015-07-31] (Microsoft Corporation -> Microsoft Corporation)
BHO: Adobe Acrobat Create PDF from Selection -> {F4971EE7-DAA0-4053-9964-665D8EE6A077} -> C:\Program Files\Common Files\Adobe\Acrobat\WCIEActiveX\DC\x64\AcroIEFavStub.dll [2024-08-23] (Adobe Inc. -> Adobe Systems Incorporated)
BHO-x32: Skype for Business Browser Helper -> {31D09BA0-12F5-4CCE-BE8A-2923E76605DA} -> C:\Program Files (x86)\Microsoft Office\Office16\OCHelper.dll [2015-07-31] (Microsoft Corporation -> Microsoft Corporation)
BHO-x32: Adobe Acrobat Create PDF Helper -> {AE7CD045-E861-484f-8273-0445EE161910} -> C:\Program Files\Common Files\Adobe\Acrobat\WCIEActiveX\DC\AcroIEFavStub.dll [2024-08-23] (Adobe Inc. -> Adobe Systems Incorporated)
BHO-x32: Microsoft OneDrive for Business Browser Helper -> {D0498E0A-45B7-42AE-A9AA-ABA463DBD3BF} -> C:\Program Files (x86)\Microsoft Office\Office16\GROOVEEX.DLL [2015-07-31] (Microsoft Corporation -> Microsoft Corporation)
BHO-x32: Adobe Acrobat Create PDF from Selection -> {F4971EE7-DAA0-4053-9964-665D8EE6A077} -> C:\Program Files\Common Files\Adobe\Acrobat\WCIEActiveX\DC\AcroIEFavStub.dll [2024-08-23] (Adobe Inc. -> Adobe Systems Incorporated)
Toolbar: HKLM - Adobe Acrobat Create PDF Toolbar - {47833539-D0C5-4125-9FA8-0819E2EAAC93} - C:\Program Files\Common Files\Adobe\Acrobat\WCIEActiveX\DC\x64\AcroIEFavStub.dll [2024-08-23] (Adobe Inc. -> Adobe Systems Incorporated)
Toolbar: HKLM-x32 - Adobe Acrobat Create PDF Toolbar - {47833539-D0C5-4125-9FA8-0819E2EAAC93} - C:\Program Files\Common Files\Adobe\Acrobat\WCIEActiveX\DC\AcroIEFavStub.dll [2024-08-23] (Adobe Inc. -> Adobe Systems Incorporated)
Handler: mso-minsb.16 - {3459B272-CC19-4448-86C9-DDC3B4B2FAD3} - C:\Program Files\Microsoft Office\Office16\MSOSB.DLL [2015-07-31] (Microsoft Corporation -> Microsoft Corporation)
Handler-x32: mso-minsb.16 - {3459B272-CC19-4448-86C9-DDC3B4B2FAD3} - C:\Program Files (x86)\Microsoft Office\Office16\MSOSB.DLL [2015-07-31] (Microsoft Corporation -> Microsoft Corporation)
Handler: osf.16 - {5504BE45-A83B-4808-900A-3A5C36E7F77A} - C:\Program Files\Microsoft Office\Office16\MSOSB.DLL [2015-07-31] (Microsoft Corporation -> Microsoft Corporation)
Handler-x32: osf.16 - {5504BE45-A83B-4808-900A-3A5C36E7F77A} - C:\Program Files (x86)\Microsoft Office\Office16\MSOSB.DLL [2015-07-31] (Microsoft Corporation -> Microsoft Corporation)

==================== Hosts content: =========================

(If needed Hosts: directive could be included in the fixlist to reset Hosts.)

2019-12-07 10:14 - 2024-09-10 13:25 - 000003164 _____ C:\Windows\system32\drivers\etc\hosts
127.0.0.1 lm.licenses.adobe.com
127.0.0.1 lmlicenses.wip4.adobe.com
127.0.0.1 lm-prd-da1.licenses.adobe.com
127.0.0.1 activate.adobe.com
127.0.0.1 activate.wip4.adobe.com
127.0.0.1 practivate.adobe.com
127.0.0.1 practivate-da1.adobe.com
127.0.0.1 na1r.services.adobe.com
127.0.0.1 hlrcv.stage.adobe.com
127.0.0.1 uds.licenses.adobe.com
127.0.0.1 license.adobe.com
127.0.0.1 helpexamples.com
127.0.0.1 activate-sea.adobe.com
127.0.0.1 activate-sjc0.adobe.com
127.0.0.1 ereg.adobe.com
127.0.0.1 activate.wip3.adobe.com
127.0.0.1 ereg.wip3.adobe.com
127.0.0.1 wwis-dubc1-vip60.adobe.com
127.0.0.1 genuine.adobe.com
127.0.0.1 prod.adobegenuine.com
127.0.0.1 lm.licenses.adobe.com
127.0.0.1 lmlicenses.wip4.adobe.com
127.0.0.1 lm-prd-da1.licenses.adobe.com
127.0.0.1 activate.adobe.com
127.0.0.1 activate.wip4.adobe.com
127.0.0.1 practivate.adobe.com
127.0.0.1 practivate-da1.adobe.com
127.0.0.1 na1r.services.adobe.com
127.0.0.1 hlrcv.stage.adobe.com
127.0.0.1 uds.licenses.adobe.com

==================== Other Areas ===========================

(Currently there is no automatic fix for this section.)

HKU\S-1-5-21-3260051251-3003698751-2184876508-1001\Control Panel\Desktop\\Wallpaper -> c:\windows\web\wallpaper\windows\img0.jpg
DNS Servers: 10.0.1.1 - 8.8.8.8
HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Policies\System => (ConsentPromptBehaviorAdmin: 5) (ConsentPromptBehaviorUser: 3) (EnableLUA: 1)
HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer => (SmartScreenEnabled: Warn)
Windows Firewall is enabled.

Network Binding:
=============
Wi-Fi: Intel(R) Dual Band Wireless-AC 8265 -> Netwtw06.sys
Ethernet: Intel(R) Ethernet Connection (5) I219-LM -> e1d68x64.sys

==================== MSCONFIG/TASK MANAGER disabled items ==

(If an entry is included in the fixlist, it will be removed.)

HKLM\...\StartupApproved\Run: => "AdobeAAMUpdater-1.0"
HKLM\...\StartupApproved\Run: => "AdobeGCInvoker-1.0"
HKLM\...\StartupApproved\Run: => "RtHDVBg_Dolby"
HKLM\...\StartupApproved\Run: => "RtsCM"
HKLM\...\StartupApproved\Run: => "Logitech Download Assistant"
HKLM\...\StartupApproved\Run: => "RTHDVCPL"
HKLM\...\StartupApproved\Run32: => "Adobe CCXProcess"
HKU\S-1-5-21-3260051251-3003698751-2184876508-1001\...\StartupApproved\Run: => "MicrosoftEdgeAutoLaunch_5EFC0ECB77A7585FE9DCDD0B2E946A2B"
HKU\S-1-5-21-3260051251-3003698751-2184876508-1001\...\StartupApproved\Run: => "Microsoft Edge Update"
HKU\S-1-5-21-3260051251-3003698751-2184876508-1001\...\StartupApproved\Run: => "LGHUB"

==================== FirewallRules (Whitelisted) ================

(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)

FirewallRules: [{C7FB50D1-BC78-4825-88D4-3E09FA63E69F}] => (Allow) C:\Program Files\Mozilla Firefox\firefox.exe (Mozilla Corporation -> Mozilla Corporation)
FirewallRules: [{A6E10C3A-A21B-408F-9C8F-1B69042A1EC0}] => (Allow) C:\Program Files\Mozilla Firefox\firefox.exe (Mozilla Corporation -> Mozilla Corporation)
FirewallRules: [{540B133E-829B-4D85-BAEE-5BC28B52D6D6}] => (Allow) C:\Program Files\Microsoft Office\Office16\lync.exe (Microsoft Corporation -> Microsoft Corporation)
FirewallRules: [{62D4249A-6E78-4F84-9004-21FAE461849E}] => (Allow) C:\Program Files\Microsoft Office\Office16\lync.exe (Microsoft Corporation -> Microsoft Corporation)
FirewallRules: [{FF74FB05-0D42-45B3-A267-CD31C1F97F82}] => (Allow) C:\Program Files\Microsoft Office\Office16\UcMapi.exe (Microsoft Corporation -> Microsoft Corporation)
FirewallRules: [{6FB41EE1-8A74-499A-8265-73ABDB6EC6DC}] => (Allow) C:\Program Files\Microsoft Office\Office16\UcMapi.exe (Microsoft Corporation -> Microsoft Corporation)
FirewallRules: [{04E08BFB-0733-40BE-ACDF-D75D6A1A68D7}] => (Allow) LPort=51111
FirewallRules: [{E6172851-7891-4212-AEA7-23B2560818CC}] => (Allow) LPort=51112
FirewallRules: [{51E55083-E014-4BE8-97DD-8EC008244560}] => (Allow) LPort=51113
FirewallRules: [{8AE1A497-5CAF-4B37-A95A-CB19B07263C1}] => (Allow) C:\Program Files\Steinberg\Cubase 13\Cubase13.exe (Steinberg Media Technologies GmbH -> Steinberg Media Technologies)
FirewallRules: [{6E0C8B92-196C-4E04-B5A2-2CC4897A2AFB}] => (Block) C:\Program Files\Adobe\Adobe Photoshop 2024\Photoshop.exe (Adobe Inc. -> Adobe) [File not signed]
FirewallRules: [{DB04B26E-B4DE-495E-B254-F5396EEB2C7F}] => (Block) C:\Program Files\Adobe\Adobe Photoshop 2024\Photoshop.exe (Adobe Inc. -> Adobe) [File not signed]
FirewallRules: [TCP Query User{0C3CA86C-FB5C-41D6-8BE5-9E2C01E5A1F0}C:\users\admin\appdata\local\tidal\app-2.36.2\tidal.exe] => (Allow) C:\users\admin\appdata\local\tidal\app-2.36.2\tidal.exe (TIDAL Music AS -> TIDAL Music AS)
FirewallRules: [UDP Query User{0EC0C7DD-376C-499B-865D-FD3569A107F7}C:\users\admin\appdata\local\tidal\app-2.36.2\tidal.exe] => (Allow) C:\users\admin\appdata\local\tidal\app-2.36.2\tidal.exe (TIDAL Music AS -> TIDAL Music AS)
FirewallRules: [{7F06F154-D562-479D-ABBA-688B5550A8AB}] => (Block) C:\Program Files\Adobe\Acrobat DC\Acrobat\Acrobat.exe (Adobe Inc. -> Adobe Systems Incorporated)
FirewallRules: [{26169149-D6EE-4CB6-9982-F574CE060612}] => (Block) C:\Program Files\Adobe\Acrobat DC\Acrobat\Acrobat.exe (Adobe Inc. -> Adobe Systems Incorporated)
FirewallRules: [{615ABAB5-389E-4E92-B1EC-9DE0321A0E74}] => (Block) C:\Program Files\Adobe\Adobe Audition 2023\Adobe Audition.exe (Adobe Inc. -> Adobe)
FirewallRules: [{614A2360-1566-428E-AFBC-656D47A9EDB2}] => (Block) C:\Program Files\Adobe\Adobe Audition 2023\Adobe Audition.exe (Adobe Inc. -> Adobe)
FirewallRules: [{F1E80103-3E86-4AE2-83B6-6F2CAD12FE78}] => (Block) C:\Program Files\Adobe\Adobe Audition 2023\AdobeCrashReport.exe (Adobe Inc. -> Adobe)
FirewallRules: [{85739B14-C9B9-4B42-A9F6-5F146381920D}] => (Block) C:\Program Files\Adobe\Adobe Audition 2023\AdobeCrashReport.exe (Adobe Inc. -> Adobe)
FirewallRules: [{F40957CA-C45C-4EA9-82D1-69F4C6AE7DD2}] => (Block) C:\Program Files\Adobe\Adobe Creative Cloud Experience\CCXProcess.exe (Adobe Inc. -> Adobe Inc.)
FirewallRules: [{A36C7630-3F11-4D8B-A669-F45A93CC2AA4}] => (Block) C:\Program Files\Adobe\Adobe Creative Cloud Experience\CCXProcess.exe (Adobe Inc. -> Adobe Inc.)
FirewallRules: [TCP Query User{28A5E507-0A58-4EC5-ADA7-B73D962F9A6A}C:\program files\mozilla firefox\firefox.exe] => (Block) C:\program files\mozilla firefox\firefox.exe (Mozilla Corporation -> Mozilla Corporation)
FirewallRules: [UDP Query User{61B900CC-DBF2-4937-9E07-DCF1372A7801}C:\program files\mozilla firefox\firefox.exe] => (Block) C:\program files\mozilla firefox\firefox.exe (Mozilla Corporation -> Mozilla Corporation)
FirewallRules: [{44C47485-6A04-4B2C-B880-213BA4CFD196}] => (Allow) C:\Users\Admin\Downloads\A\hitpaw-edimakor_11722359572270139901.exe => No File
FirewallRules: [{FD18C406-BBFA-47EE-91F4-F4A0DA426297}] => (Allow) C:\Users\Admin\Downloads\A\hitpaw-edimakor_11722359572270139901.exe => No File
FirewallRules: [{E0D85741-E5A5-4CEC-B65A-396697BEE711}] => (Allow) C:\Users\Admin\AppData\Local\Wondershare\Wondershare NativePush\WsToastNotification.exe => No File
FirewallRules: [{A1A5C4AD-34CC-404A-BF6C-6552A75324BA}] => (Block) C:\Program Files\Adobe\Acrobat DC\Acrobat\Acrobat.exe (Adobe Inc. -> Adobe Systems Incorporated)
FirewallRules: [{88A9B3FC-FE86-491A-996E-C54BB956DF51}] => (Block) C:\Program Files\Adobe\Acrobat DC\Acrobat\Acrobat.exe (Adobe Inc. -> Adobe Systems Incorporated)
FirewallRules: [{21D5BF93-665C-4E01-8B6D-681FDC12D93E}] => (Allow) C:\Program Files\Adobe\Acrobat DC\Acrobat\acrocef_1\AcroCEF.exe (Adobe Inc. -> Adobe Systems Incorporated)
FirewallRules: [{5A7638CC-5C35-435C-8704-C9740234DDD0}] => (Block) C:\Program Files\Adobe\Acrobat DC\Acrobat\acrocef_1\AcroCEF.exe (Adobe Inc. -> Adobe Systems Incorporated)
FirewallRules: [{151BB3CA-C26F-4342-BA03-A0C26EE94602}] => (Allow) C:\Program Files (x86)\Microsoft\EdgeWebView\Application\130.0.2849.80\msedgewebview2.exe (Microsoft Corporation -> Microsoft Corporation)
FirewallRules: [{7BEFEB57-61F8-46A9-93EE-1DF9DDE50117}] => (Allow) C:\Program Files\WindowsApps\Microsoft.SkypeApp_15.132.3201.0_x64__kzf8qxf38zg5c\Skype\Skype.exe (Skype Software Sarl -> Skype Technologies S.A.)
FirewallRules: [{C2E99019-B4FF-43C8-B948-F41DC2EF33A5}] => (Allow) C:\Program Files\WindowsApps\Microsoft.SkypeApp_15.132.3201.0_x64__kzf8qxf38zg5c\Skype\Skype.exe (Skype Software Sarl -> Skype Technologies S.A.)
FirewallRules: [{5B9424A9-132F-419F-A62C-0AD3BC54B29F}] => (Allow) C:\Program Files\WindowsApps\Microsoft.SkypeApp_15.132.3201.0_x64__kzf8qxf38zg5c\Skype\Skype.exe (Skype Software Sarl -> Skype Technologies S.A.)
FirewallRules: [{526FF2CF-A304-448C-93ED-B161B966C65F}] => (Allow) C:\Program Files\WindowsApps\Microsoft.SkypeApp_15.132.3201.0_x64__kzf8qxf38zg5c\Skype\Skype.exe (Skype Software Sarl -> Skype Technologies S.A.)
FirewallRules: [{4DFCA0BA-49C7-478E-8CFD-8F6C9C47659C}] => (Allow) C:\Program Files\WindowsApps\SpotifyAB.SpotifyMusic_1.250.335.0_x64__zpdnekdrzrea0\Spotify.exe (453637B3-4E12-4CDF-B0D3-2A3C863BF6EF -> Spotify Ltd)
FirewallRules: [{C5B337BC-ACC6-4B12-ABE4-99BB35626BB6}] => (Allow) C:\Program Files\WindowsApps\SpotifyAB.SpotifyMusic_1.250.335.0_x64__zpdnekdrzrea0\Spotify.exe (453637B3-4E12-4CDF-B0D3-2A3C863BF6EF -> Spotify Ltd)
FirewallRules: [{9B508153-F164-4A6F-AC6F-19266A94C661}] => (Allow) C:\Program Files\WindowsApps\SpotifyAB.SpotifyMusic_1.250.335.0_x64__zpdnekdrzrea0\Spotify.exe (453637B3-4E12-4CDF-B0D3-2A3C863BF6EF -> Spotify Ltd)
FirewallRules: [{8A57A6B7-DBDB-4770-97D9-57E4D5D6374B}] => (Allow) C:\Program Files\WindowsApps\SpotifyAB.SpotifyMusic_1.250.335.0_x64__zpdnekdrzrea0\Spotify.exe (453637B3-4E12-4CDF-B0D3-2A3C863BF6EF -> Spotify Ltd)
FirewallRules: [{E7588D31-4C1A-42BF-B418-1FC9D9672DD8}] => (Allow) C:\Program Files\WindowsApps\SpotifyAB.SpotifyMusic_1.250.335.0_x64__zpdnekdrzrea0\Spotify.exe (453637B3-4E12-4CDF-B0D3-2A3C863BF6EF -> Spotify Ltd)
FirewallRules: [{E60F40D5-0496-4F39-BAC9-42201B58D1BA}] => (Allow) C:\Program Files\WindowsApps\SpotifyAB.SpotifyMusic_1.250.335.0_x64__zpdnekdrzrea0\Spotify.exe (453637B3-4E12-4CDF-B0D3-2A3C863BF6EF -> Spotify Ltd)
FirewallRules: [{27BE8CD0-D32F-44AA-A14D-6D00C60DFACF}] => (Allow) C:\Program Files\WindowsApps\SpotifyAB.SpotifyMusic_1.250.335.0_x64__zpdnekdrzrea0\Spotify.exe (453637B3-4E12-4CDF-B0D3-2A3C863BF6EF -> Spotify Ltd)
FirewallRules: [{1506B091-2EC1-4341-AC96-C46C8629E920}] => (Allow) C:\Program Files\WindowsApps\SpotifyAB.SpotifyMusic_1.250.335.0_x64__zpdnekdrzrea0\Spotify.exe (453637B3-4E12-4CDF-B0D3-2A3C863BF6EF -> Spotify Ltd)
FirewallRules: [{0549674B-F355-4C4B-8694-E83B66E55D4D}] => (Allow) C:\Program Files\WindowsApps\SpotifyAB.SpotifyMusic_1.250.335.0_x64__zpdnekdrzrea0\Spotify.exe (453637B3-4E12-4CDF-B0D3-2A3C863BF6EF -> Spotify Ltd)
FirewallRules: [{845186AB-6AEB-4BE7-8126-DE0D3E42450D}] => (Allow) C:\Program Files\WindowsApps\SpotifyAB.SpotifyMusic_1.250.335.0_x64__zpdnekdrzrea0\Spotify.exe (453637B3-4E12-4CDF-B0D3-2A3C863BF6EF -> Spotify Ltd)

==================== Restore Points =========================

12-11-2024 19:38:09 Instalační služba modulů systému Windows

==================== Faulty Device Manager Devices ============

==================== Event log errors: ========================

Application errors:
==================
Error: (11/18/2024 11:23:51 AM) (Source: Application Error) (EventID: 1000) (User: )
Description: Název chybující aplikace: Photos.exe, verze: 0.0.0.0, časové razítko: 0x67105e8f
Název chybujícího modulu: ntdll.dll, verze: 10.0.19041.5007, časové razítko: 0x688f8c4b
Kód výjimky: 0xc0000005
Posun chyby: 0x000000000002a9c0
ID chybujícího procesu: 0x24a8
Čas spuštění chybující aplikace: 0x01db39a3c586c8e2
Cesta k chybující aplikaci: C:\Program Files\WindowsApps\Microsoft.Windows.Photos_2024.11100.16009.0_x64__8wekyb3d8bbwe\Photos.exe
Cesta k chybujícímu modulu: C:\Windows\SYSTEM32\ntdll.dll
ID zprávy: 35d1cd7c-3369-41c7-a829-891e43ff6aa9
Úplný název chybujícího balíčku: Microsoft.Windows.Photos_2024.11100.16009.0_x64__8wekyb3d8bbwe
ID aplikace související s chybujícím balíčkem: App

Error: (11/13/2024 04:06:59 PM) (Source: Application Hang) (EventID: 1002) (User: )
Description: Program explorer.exe verze 10.0.19041.5129 přestal spolupracovat s Windows a byl ukončen. Pokud chcete zjistit, jestli je k dispozici více informací o tomto problému, vyhledejte historii problému na ovládacím panelu Zabezpečení a údržba.

ID procesu: 18a8

Čas spuštění: 01db359884fd3789

Čas ukončení: 0

Cesta k aplikaci: C:\Windows\explorer.exe

ID hlášení: d0f86ee8-c37f-405b-ab0a-bc23a6dbd8f3

Úplný název balíčku s chybou:

ID aplikace relativní podle balíčku s chybou:

Typ zablokování: Cross-thread

Error: (11/13/2024 08:18:28 AM) (Source: Microsoft-Windows-Defrag) (EventID: 264) (User: )
Description: Optimalizátor úložiště nemohl dokončit opakovat operaci trim na darkane (X:), protože: Požadovaná operace není podporována hardwarem, který zálohuje svazek. (0x8900002A)

Error: (11/06/2024 08:51:51 AM) (Source: Microsoft-Windows-Defrag) (EventID: 264) (User: )
Description: Optimalizátor úložiště nemohl dokončit opakovat operaci trim na darkane (X:), protože: Požadovaná operace není podporována hardwarem, který zálohuje svazek. (0x8900002A)

Error: (11/03/2024 08:54:46 AM) (Source: Application Hang) (EventID: 1002) (User: )
Description: Program Acrobat.exe verze 24.3.20054.0 přestal spolupracovat s Windows a byl ukončen. Pokud chcete zjistit, jestli je k dispozici více informací o tomto problému, vyhledejte historii problému na ovládacím panelu Zabezpečení a údržba.

ID procesu: 1d70

Čas spuštění: 01db2dc59d9b2ab8

Čas ukončení: 17

Cesta k aplikaci: C:\Program Files\Adobe\Acrobat DC\Acrobat\Acrobat.exe

ID hlášení: b8f505af-a99e-4e39-87cb-f5ec6bc1c6b9

Úplný název balíčku s chybou:

ID aplikace relativní podle balíčku s chybou:

Typ zablokování: Unknown

Error: (10/30/2024 08:03:20 AM) (Source: Microsoft-Windows-Defrag) (EventID: 264) (User: )
Description: Optimalizátor úložiště nemohl dokončit opakovat operaci trim na darkane (X:), protože: Požadovaná operace není podporována hardwarem, který zálohuje svazek. (0x8900002A)

Error: (10/23/2024 09:45:12 AM) (Source: Microsoft-Windows-Defrag) (EventID: 264) (User: )
Description: Optimalizátor úložiště nemohl dokončit opakovat operaci trim na darkane (X:), protože: Požadovaná operace není podporována hardwarem, který zálohuje svazek. (0x8900002A)

Error: (10/18/2024 05:40:29 PM) (Source: Application Error) (EventID: 1000) (User: )
Description: Název chybující aplikace: HPPrintScanDoctorService.exe, verze: 6.1.0.0, časové razítko: 0x66f3a61f
Název chybujícího modulu: ntdll.dll, verze: 10.0.19041.5007, časové razítko: 0x688f8c4b
Kód výjimky: 0xc0000374
Posun chyby: 0x00000000000ff3c9
ID chybujícího procesu: 0x21c0
Čas spuštění chybující aplikace: 0x01db1fe24c859de8
Cesta k chybující aplikaci: C:\Program Files\HPPrintScanDoctor\HPPrintScanDoctorService.exe
Cesta k chybujícímu modulu: C:\Windows\SYSTEM32\ntdll.dll
ID zprávy: 510c30d8-df6e-4f45-893e-8f67da9193c2
Úplný název chybujícího balíčku:
ID aplikace související s chybujícím balíčkem:


System errors:
=============
Error: (11/19/2024 04:57:17 PM) (Source: Service Control Manager) (EventID: 7031) (User: )
Description: Služba Windows Presentation Foundation Font Cache 3.0.0.0 byla nečekaně ukončena. Stalo se to 1 krát. Následující opravná akce bude spuštěna za 0 milisekund: Restartovat službu.

Error: (11/19/2024 04:57:17 PM) (Source: Service Control Manager) (EventID: 7034) (User: )
Description: Služba Intel(R) Content Protection HECI Service byla neočekávaně ukončena. Tento stav nastal již 1krát.

Error: (11/19/2024 04:57:17 PM) (Source: Service Control Manager) (EventID: 7034) (User: )
Description: Služba Dolby DAX2 API Service byla neočekávaně ukončena. Tento stav nastal již 1krát.

Error: (11/19/2024 04:57:17 PM) (Source: Service Control Manager) (EventID: 7031) (User: )
Description: Služba LGHUB Updater Service byla nečekaně ukončena. Stalo se to 1 krát. Následující opravná akce bude spuštěna za 5000 milisekund: Restartovat službu.

Error: (11/19/2024 04:57:17 PM) (Source: Service Control Manager) (EventID: 7031) (User: )
Description: Služba Služba Zabezpečení Windows byla nečekaně ukončena. Stalo se to 1 krát. Následující opravná akce bude spuštěna za 60000 milisekund: Restartovat službu.

Error: (11/19/2024 04:57:17 PM) (Source: Service Control Manager) (EventID: 7034) (User: )
Description: Služba Intel(R) Storage Middleware Service byla neočekávaně ukončena. Tento stav nastal již 1krát.

Error: (11/19/2024 04:57:17 PM) (Source: Service Control Manager) (EventID: 7034) (User: )
Description: Služba Intel(R) Dynamic Application Loader Host Interface Service byla neočekávaně ukončena. Tento stav nastal již 1krát.

Error: (11/19/2024 04:57:17 PM) (Source: Service Control Manager) (EventID: 7031) (User: )
Description: Služba HP Print Scan Doctor Service byla nečekaně ukončena. Stalo se to 1 krát. Následující opravná akce bude spuštěna za 5000 milisekund: Restartovat službu.


Windows Defender:
================
Date: 2024-11-19 08:24:13
Description:
Prohledávání Antivirová ochrana v programu Microsoft Defender bylo zastaveno před dokončením.
ID prohledávání: {1F70A28C-0D96-4A05-8FF4-A90F2F251A02}
Typ prohledávání: Antimalwarový program
Parametry prohledávání: Rychlé prohledávání
Uživatel: NT AUTHORITY\SYSTEM

Date: 2024-11-17 09:42:38
Description:
Prohledávání Antivirová ochrana v programu Microsoft Defender bylo zastaveno před dokončením.
ID prohledávání: {7663B7CA-56D2-4997-9AED-C53F2D185D96}
Typ prohledávání: Antimalwarový program
Parametry prohledávání: Rychlé prohledávání
Uživatel: NT AUTHORITY\SYSTEM

Date: 2024-11-16 15:18:03
Description:
Prohledávání Antivirová ochrana v programu Microsoft Defender bylo zastaveno před dokončením.
ID prohledávání: {6036481A-ED6E-434A-A7ED-027787ABCACE}
Typ prohledávání: Antimalwarový program
Parametry prohledávání: Rychlé prohledávání
Uživatel: NT AUTHORITY\SYSTEM

Date: 2024-11-15 07:58:00
Description:
Prohledávání Antivirová ochrana v programu Microsoft Defender bylo zastaveno před dokončením.
ID prohledávání: {8B578602-2E08-4ACE-95EA-92A60A4C2A35}
Typ prohledávání: Antimalwarový program
Parametry prohledávání: Rychlé prohledávání
Uživatel: NT AUTHORITY\SYSTEM

Date: 2024-11-14 08:05:57
Description:
Prohledávání Antivirová ochrana v programu Microsoft Defender bylo zastaveno před dokončením.
ID prohledávání: {35F9E5F4-EA5F-4A9E-B8FA-135CFD96770F}
Typ prohledávání: Antimalwarový program
Parametry prohledávání: Rychlé prohledávání
Uživatel: NT AUTHORITY\SYSTEM

CodeIntegrity:
===============
Date: 2024-11-19 16:43:34
Description:
Code Integrity determined that a process (\Device\HarddiskVolume3\ProgramData\Microsoft\Windows Defender\Platform\4.18.24090.11-0\MpCmdRun.exe) attempted to load \Device\HarddiskVolume3\Program Files\Malwarebytes\Anti-Malware\mbamsi64.dll that did not meet the Microsoft signing level requirements.

Date: 2024-11-19 16:43:33
Description:
Code Integrity determined that a process (\Device\HarddiskVolume3\Program Files\Mozilla Firefox\firefox.exe) attempted to load \Device\HarddiskVolume3\Program Files\Malwarebytes\Anti-Malware\mbae64.dll that did not meet the Microsoft signing level requirements.

Date: 2024-11-19 14:48:53
Description:
Code Integrity determined that a process (\Device\HarddiskVolume3\ProgramData\Microsoft\Windows Defender\Platform\4.18.24090.11-0\MsMpEng.exe) attempted to load \Device\HarddiskVolume3\Windows\System32\DriverStore\FileRepository\igdlh64.inf_amd64_d44295a98a21a376\igd10iumd64.dll that did not meet the Custom 3 / Antimalware signing level requirements.


==================== Memory info ===========================

BIOS: LENOVO M1BKT39A 06/21/2018
Motherboard: LENOVO 3110
Processor: Intel(R) Core(TM) i5-7500 CPU @ 3.40GHz
Percentage of memory in use: 52%
Total physical RAM: 8085.54 MB
Available physical RAM: 3870.6 MB
Total Virtual: 9365.54 MB
Available Virtual: 4909.56 MB

==================== Drives ================================

Drive c: () (Fixed) (Total:237.85 GB) (Free:60.64 GB) (Model: SAMSUNG MZVLB256HAHQ-000L7) NTFS

\\?\Volume{8144f54e-3bbb-42c6-83fd-da2c9438b167}\ () (Fixed) (Total:0.51 GB) (Free:0.08 GB) NTFS
\\?\Volume{d2e7f574-4665-4502-9997-dfa479443cd8}\ () (Fixed) (Total:0.09 GB) (Free:0.07 GB) FAT32

==================== MBR & Partition Table ====================

==========================================================
Disk: 0 (Size: 238.5 GB) (Disk ID: 4596D9D7)

Partition: GPT.

==================== End of Addition.txt =======================

Re: kontrola logu-virus

Napsal: 19 lis 2024 20:19
od Rudy
Otevřte poznámkový blok a zkopírujte do něj:
Start

CloseProcesses:
HKLM\SOFTWARE\Microsoft\Windows Defender: [DisableAntiSpyware] Restriction <==== ATTENTION
HKLM\SOFTWARE\Microsoft\Windows Defender: [DisableAntiVirus] Restriction <==== ATTENTION
CustomCLSID: HKU\S-1-5-21-3260051251-3003698751-2184876508-1001_Classes\CLSID\{1108FD1C-492F-4251-B9DB-77F0274267B2}\InprocServer32 -> C:\Users\Admin\AppData\Local\Microsoft\EdgeUpdate\1.3.187.37\psuser_64.dll => No File
CustomCLSID: HKU\S-1-5-21-3260051251-3003698751-2184876508-1001_Classes\CLSID\{14100442-9664-1407-2647-000000000000}\localserver32 -> "C:\Users\Admin\AppData\Local\Wondershare\Wondershare NativePush\WsToastNotification.exe" -ToastActivated => No File
CustomCLSID: HKU\S-1-5-21-3260051251-3003698751-2184876508-1001_Classes\CCustomCLSID: HKU\S-1-5-21-3260051251-3003698751-2184876508-1001_Classes\CLSID\{5FC44EBC-3A1F-4FBB-85E5-34405788C8D7}\InprocServer32 -> C:\Users\Admin\AppData\Local\Microsoft\EdgeUpdate\1.3.187.41\psuser_64.dll => No File
CustomCLSID: HKU\S-1-5-21-3260051251-3003698751-2184876508-1001_Classes\CLSID\{6DD6748E-7DAE-47EF-B4D5-03AA1B06D697}\InprocServer32 -> C:\Users\Admin\AppData\Local\Microsoft\EdgeUpdate\1.3.187.39\psuser_64.dll => No File
CustomCLSID: HKU\S-1-5-21-3260051251-3003698751-2184876508-1001_Classes\CLSID\{72726D01-426C-4B35-8266-B4496CAA889E}\InprocServer32 -> C:\Users\Admin\AppData\Local\Microsoft\EdgeUpdate\1.3.183.29\psuser_64.dll => No File
CustomCLSID: HKU\S-1-5-21-3260051251-3003698751-2184876508-1001_Classes\CLSID\{78C1ADF4-6DAE-4164-AEFA-4E3EAD9E750A}\InprocServer32 -> C:\Users\Admin\AppData\Local\Microsoft\EdgeUpdate\1.3.195.19\psuser_64.dll => No File
CLSID\{4FFB4BD8-A109-4F25-A4DB-313678B19417}\InprocServer32 -> C:\Users\Admin\AppData\Local\Microsoft\EdgeUpdate\1.3.195.31\psuser_64.dll => No File
CustomCLSID: HKU\S-1-5-21-3260051251-3003698751-2184876508-1001_Classes\CLSID\{83F21C4B-8643-4A08-A29A-822AFD835037}\InprocServer32 -> C:\Users\Admin\AppData\Local\Microsoft\EdgeUpdate\1.3.193.5\psuser_64.dll => No File
CustomCLSID: HKU\S-1-5-21-3260051251-3003698751-2184876508-1001_Classes\CLSID\{A087E49F-1F8E-4603-A200-55537B737421}\InprocServer32 -> C:\Users\Admin\AppData\Local\Microsoft\EdgeUpdate\1.3.195.25\psuser_64.dll => No File
CustomCLSID: HKU\S-1-5-21-3260051251-3003698751-2184876508-1001_Classes\CLSID\{AE1542A7-3989-481B-93A9-1500C5F56B14}\InprocServer32 -> C:\Users\Admin\AppData\Local\Microsoft\EdgeUpdate\1.3.185.27\psuser_64.dll => No File
CustomCLSID: HKU\S-1-5-21-3260051251-3003698751-2184876508-1001_Classes\CLSID\{B258532D-3529-4BEB-BF38-F08F98B3968C}\InprocServer32 -> C:\Users\Admin\AppData\Local\Microsoft\EdgeUpdate\1.3.195.15\psuser_64.dll => No File
ustomCLSID: HKU\S-1-5-21-3260051251-3003698751-2184876508-1001_Classes\CLSID\{83F21C4B-8643-4A08-A29A-822AFD835037}\InprocServer32 -> C:\Users\Admin\AppData\Local\Microsoft\EdgeUpdate\1.3.193.5\psuser_64.dll => No File
CustomCLSID: HKU\S-1-5-21-3260051251-3003698751-2184876508-1001_Classes\CLSID\{A087E49F-1F8E-4603-A200-55537B737421}\InprocServer32 -> C:\Users\Admin\AppData\Local\Microsoft\EdgeUpdate\1.3.195.25\psuser_64.dll => No File
CustomCLSID: HKU\S-1-5-21-3260051251-3003698751-2184876508-1001_Classes\CLSID\{AE1542A7-3989-481B-93A9-1500C5F56B14}\InprocServer32 -> C:\Users\Admin\AppData\Local\Microsoft\EdgeUpdate\1.3.185.27\psuser_64.dll => No File
CustomCLSID: HKU\S-1-5-21-3260051251-3003698751-2184876508-1001_Classes\CLSID\{B258532D-3529-4BEB-BF38-F08F98B3968C}\InprocServer32 -> C:\Users\Admin\AppData\Local\Microsoft\EdgeUpdate\1.3.195.15\psuser_64.dll => No File
CustomCLSID: HKU\S-1-5-21-3260051251-3003698751-2184876508-1001_Classes\CLSID\{83F21C4B-8643-4A08-A29A-822AFD835037}\InprocServer32 -> C:\Users\Admin\AppData\Local\Microsoft\EdgeUpdate\1.3.193.5\psuser_64.dll => No File
CustomCLSID: HKU\S-1-5-21-3260051251-3003698751-2184876508-1001_Classes\CLSID\{A087E49F-1F8E-4603-A200-55537B737421}\InprocServer32 -> C:\Users\Admin\AppData\Local\Microsoft\EdgeUpdate\1.3.195.25\psuser_64.dll => No File
CustomCLSID: HKU\S-1-5-21-3260051251-3003698751-2184876508-1001_Classes\CLSID\{AE1542A7-3989-481B-93A9-1500C5F56B14}\InprocServer32 -> C:\Users\Admin\AppData\Local\Microsoft\EdgeUpdate\1.3.185.27\psuser_64.dll => No File
CustomCLSID: HKU\S-1-5-21-3260051251-3003698751-2184876508-1001_Classes\CLSID\{B258532D-3529-4BEB-BF38-F08F98B3968C}\InprocServer32 -> C:\Users\Admin\AppData\Local\Microsoft\EdgeUpdate\1.3.195.15\psuser_64.dll => No File
CustomCLSID: HKU\S-1-5-21-3260051251-3003698751-2184876508-1001_Classes\CLSID\{CAE1760A-CB07-481B-8F9A-BC65510AF5D5}\InprocServer32 -> C:\Users\Admin\AppData\Local\Microsoft\EdgeUpdate\1.3.185.21\psuser_64.dll => No File
CustomCLSID: HKU\S-1-5-21-3260051251-3003698751-2184876508-1001_Classes\CLSID\{DAA7499A-B3AC-4419-A89B-124318504051}\InprocServer32 -> C:\Users\Admin\AppData\Local\Microsoft\EdgeUpdate\1.3.185.29\psuser_64.dll => No File
CustomCLSID: HKU\S-1-5-21-3260051251-3003698751-2184876508-1001_Classes\CLSID\{E3D57E77-FE71-4D06-BD34-D48820074909}\InprocServer32 -> C:\Users\Admin\AppData\Local\Microsoft\EdgeUpdate\1.3.181.5\psuser_64.dll => No File
CustomCLSID: HKU\S-1-5-21-3260051251-3003698751-2184876508-1001_Classes\CLSID\{E76F97B1-1AE9-497C-9FA4-F57BBABAD54A}\InprocServer32 -> C:\Users\Admin\AppData\Local\Microsoft\EdgeUpdate\1.3.185.17\psuser_64.dll => No File
CustomCLSID: HKU\S-1-5-21-3260051251-3003698751-2184876508-1001_Classes\CLSID\{F1658933-2997-4DDB-869C-061D53A9718E}\InprocServer32 -> C:\Users\Admin\AppData\Local\Microsoft\EdgeUpdate\1.3.195.21\psuser_64.dll => No File
ContextMenuHandlers5: [igfxcui] -> {3AB1675A-CCFF-11D2-8B20-00A0C93CB1F4} => -> No File
AlternateDataStreams: C:\Users\Admin\Desktop\FRST64.exe:MBAM.Zone.Identifier [193]
AlternateDataStreams: C:\ProgramData\TEMP:8934AEBA [138]
FirewallRules: [{44C47485-6A04-4B2C-B880-213BA4CFD196}] => (Allow) C:\Users\Admin\Downloads\A\hitpaw-edimakor_11722359572270139901.exe => No File
FirewallRules: [{FD18C406-BBFA-47EE-91F4-F4A0DA426297}] => (Allow) C:\Users\Admin\Downloads\A\hitpaw-edimakor_11722359572270139901.exe => No File
FirewallRules: [{E0D85741-E5A5-4CEC-B65A-396697BEE711}] => (Allow) C:\Users\Admin\AppData\Local\Wondershare\Wondershare NativePush\WsToastNotification.exe => No File

EmptyTemp:
Hosts:
End
Uložte na plochu jako fixlist.txt. Spusťte znovu FRST a klikněte na >Fix<. Po skončení akce se objeví log, který sem zkopírujte.

Re: kontrola logu-virus

Napsal: 19 lis 2024 20:56
od darkane
Fix result of Farbar Recovery Scan Tool (x64) Version: 18-11-2024
Ran by Admin (19-11-2024 20:29:56) Run:1
Running from C:\Users\Admin\Desktop
Loaded Profiles: Admin
Boot Mode: Normal
==============================================

fixlist content:
*****************
Start

CloseProcesses:
HKLM\SOFTWARE\Microsoft\Windows Defender: [DisableAntiSpyware] Restriction <==== ATTENTION
HKLM\SOFTWARE\Microsoft\Windows Defender: [DisableAntiVirus] Restriction <==== ATTENTION
CustomCLSID: HKU\S-1-5-21-3260051251-3003698751-2184876508-1001_Classes\CLSID\{1108FD1C-492F-4251-B9DB-77F0274267B2}\InprocServer32 -> C:\Users\Admin\AppData\Local\Microsoft\EdgeUpdate\1.3.187.37\psuser_64.dll => No File
CustomCLSID: HKU\S-1-5-21-3260051251-3003698751-2184876508-1001_Classes\CLSID\{14100442-9664-1407-2647-000000000000}\localserver32 -> "C:\Users\Admin\AppData\Local\Wondershare\Wondershare NativePush\WsToastNotification.exe" -ToastActivated => No File
CustomCLSID: HKU\S-1-5-21-3260051251-3003698751-2184876508-1001_Classes\CCustomCLSID: HKU\S-1-5-21-3260051251-3003698751-2184876508-1001_Classes\CLSID\{5FC44EBC-3A1F-4FBB-85E5-34405788C8D7}\InprocServer32 -> C:\Users\Admin\AppData\Local\Microsoft\EdgeUpdate\1.3.187.41\psuser_64.dll => No File
CustomCLSID: HKU\S-1-5-21-3260051251-3003698751-2184876508-1001_Classes\CLSID\{6DD6748E-7DAE-47EF-B4D5-03AA1B06D697}\InprocServer32 -> C:\Users\Admin\AppData\Local\Microsoft\EdgeUpdate\1.3.187.39\psuser_64.dll => No File
CustomCLSID: HKU\S-1-5-21-3260051251-3003698751-2184876508-1001_Classes\CLSID\{72726D01-426C-4B35-8266-B4496CAA889E}\InprocServer32 -> C:\Users\Admin\AppData\Local\Microsoft\EdgeUpdate\1.3.183.29\psuser_64.dll => No File
CustomCLSID: HKU\S-1-5-21-3260051251-3003698751-2184876508-1001_Classes\CLSID\{78C1ADF4-6DAE-4164-AEFA-4E3EAD9E750A}\InprocServer32 -> C:\Users\Admin\AppData\Local\Microsoft\EdgeUpdate\1.3.195.19\psuser_64.dll => No File
CLSID\{4FFB4BD8-A109-4F25-A4DB-313678B19417}\InprocServer32 -> C:\Users\Admin\AppData\Local\Microsoft\EdgeUpdate\1.3.195.31\psuser_64.dll => No File
CustomCLSID: HKU\S-1-5-21-3260051251-3003698751-2184876508-1001_Classes\CLSID\{83F21C4B-8643-4A08-A29A-822AFD835037}\InprocServer32 -> C:\Users\Admin\AppData\Local\Microsoft\EdgeUpdate\1.3.193.5\psuser_64.dll => No File
CustomCLSID: HKU\S-1-5-21-3260051251-3003698751-2184876508-1001_Classes\CLSID\{A087E49F-1F8E-4603-A200-55537B737421}\InprocServer32 -> C:\Users\Admin\AppData\Local\Microsoft\EdgeUpdate\1.3.195.25\psuser_64.dll => No File
CustomCLSID: HKU\S-1-5-21-3260051251-3003698751-2184876508-1001_Classes\CLSID\{AE1542A7-3989-481B-93A9-1500C5F56B14}\InprocServer32 -> C:\Users\Admin\AppData\Local\Microsoft\EdgeUpdate\1.3.185.27\psuser_64.dll => No File
CustomCLSID: HKU\S-1-5-21-3260051251-3003698751-2184876508-1001_Classes\CLSID\{B258532D-3529-4BEB-BF38-F08F98B3968C}\InprocServer32 -> C:\Users\Admin\AppData\Local\Microsoft\EdgeUpdate\1.3.195.15\psuser_64.dll => No File
ustomCLSID: HKU\S-1-5-21-3260051251-3003698751-2184876508-1001_Classes\CLSID\{83F21C4B-8643-4A08-A29A-822AFD835037}\InprocServer32 -> C:\Users\Admin\AppData\Local\Microsoft\EdgeUpdate\1.3.193.5\psuser_64.dll => No File
CustomCLSID: HKU\S-1-5-21-3260051251-3003698751-2184876508-1001_Classes\CLSID\{A087E49F-1F8E-4603-A200-55537B737421}\InprocServer32 -> C:\Users\Admin\AppData\Local\Microsoft\EdgeUpdate\1.3.195.25\psuser_64.dll => No File
CustomCLSID: HKU\S-1-5-21-3260051251-3003698751-2184876508-1001_Classes\CLSID\{AE1542A7-3989-481B-93A9-1500C5F56B14}\InprocServer32 -> C:\Users\Admin\AppData\Local\Microsoft\EdgeUpdate\1.3.185.27\psuser_64.dll => No File
CustomCLSID: HKU\S-1-5-21-3260051251-3003698751-2184876508-1001_Classes\CLSID\{B258532D-3529-4BEB-BF38-F08F98B3968C}\InprocServer32 -> C:\Users\Admin\AppData\Local\Microsoft\EdgeUpdate\1.3.195.15\psuser_64.dll => No File
CustomCLSID: HKU\S-1-5-21-3260051251-3003698751-2184876508-1001_Classes\CLSID\{83F21C4B-8643-4A08-A29A-822AFD835037}\InprocServer32 -> C:\Users\Admin\AppData\Local\Microsoft\EdgeUpdate\1.3.193.5\psuser_64.dll => No File
CustomCLSID: HKU\S-1-5-21-3260051251-3003698751-2184876508-1001_Classes\CLSID\{A087E49F-1F8E-4603-A200-55537B737421}\InprocServer32 -> C:\Users\Admin\AppData\Local\Microsoft\EdgeUpdate\1.3.195.25\psuser_64.dll => No File
CustomCLSID: HKU\S-1-5-21-3260051251-3003698751-2184876508-1001_Classes\CLSID\{AE1542A7-3989-481B-93A9-1500C5F56B14}\InprocServer32 -> C:\Users\Admin\AppData\Local\Microsoft\EdgeUpdate\1.3.185.27\psuser_64.dll => No File
CustomCLSID: HKU\S-1-5-21-3260051251-3003698751-2184876508-1001_Classes\CLSID\{B258532D-3529-4BEB-BF38-F08F98B3968C}\InprocServer32 -> C:\Users\Admin\AppData\Local\Microsoft\EdgeUpdate\1.3.195.15\psuser_64.dll => No File
CustomCLSID: HKU\S-1-5-21-3260051251-3003698751-2184876508-1001_Classes\CLSID\{CAE1760A-CB07-481B-8F9A-BC65510AF5D5}\InprocServer32 -> C:\Users\Admin\AppData\Local\Microsoft\EdgeUpdate\1.3.185.21\psuser_64.dll => No File
CustomCLSID: HKU\S-1-5-21-3260051251-3003698751-2184876508-1001_Classes\CLSID\{DAA7499A-B3AC-4419-A89B-124318504051}\InprocServer32 -> C:\Users\Admin\AppData\Local\Microsoft\EdgeUpdate\1.3.185.29\psuser_64.dll => No File
CustomCLSID: HKU\S-1-5-21-3260051251-3003698751-2184876508-1001_Classes\CLSID\{E3D57E77-FE71-4D06-BD34-D48820074909}\InprocServer32 -> C:\Users\Admin\AppData\Local\Microsoft\EdgeUpdate\1.3.181.5\psuser_64.dll => No File
CustomCLSID: HKU\S-1-5-21-3260051251-3003698751-2184876508-1001_Classes\CLSID\{E76F97B1-1AE9-497C-9FA4-F57BBABAD54A}\InprocServer32 -> C:\Users\Admin\AppData\Local\Microsoft\EdgeUpdate\1.3.185.17\psuser_64.dll => No File
CustomCLSID: HKU\S-1-5-21-3260051251-3003698751-2184876508-1001_Classes\CLSID\{F1658933-2997-4DDB-869C-061D53A9718E}\InprocServer32 -> C:\Users\Admin\AppData\Local\Microsoft\EdgeUpdate\1.3.195.21\psuser_64.dll => No File
ContextMenuHandlers5: [igfxcui] -> {3AB1675A-CCFF-11D2-8B20-00A0C93CB1F4} => -> No File
AlternateDataStreams: C:\Users\Admin\Desktop\FRST64.exe:MBAM.Zone.Identifier [193]
AlternateDataStreams: C:\ProgramData\TEMP:8934AEBA [138]
FirewallRules: [{44C47485-6A04-4B2C-B880-213BA4CFD196}] => (Allow) C:\Users\Admin\Downloads\A\hitpaw-edimakor_11722359572270139901.exe => No File
FirewallRules: [{FD18C406-BBFA-47EE-91F4-F4A0DA426297}] => (Allow) C:\Users\Admin\Downloads\A\hitpaw-edimakor_11722359572270139901.exe => No File
FirewallRules: [{E0D85741-E5A5-4CEC-B65A-396697BEE711}] => (Allow) C:\Users\Admin\AppData\Local\Wondershare\Wondershare NativePush\WsToastNotification.exe => No File

EmptyTemp:
Hosts:
End
*****************

Processes closed successfully.
HKLM\SOFTWARE\Microsoft\Windows Defender\\"DisableAntiSpyware"="0" => value restored successfully
HKLM\SOFTWARE\Microsoft\Windows Defender\\"DisableAntiVirus"="0" => value restored successfully
HKU\S-1-5-21-3260051251-3003698751-2184876508-1001_Classes\CLSID\{1108FD1C-492F-4251-B9DB-77F0274267B2} => removed successfully
HKU\S-1-5-21-3260051251-3003698751-2184876508-1001_Classes\CLSID\{14100442-9664-1407-2647-000000000000} => removed successfully
"HKU\S-1-5-21-3260051251-3003698751-2184876508-1001_Classes\CCustomCLSID: HKU\S-1-5-21-3260051251-3003698751-2184876508-1001_Classes\CLSID\{5FC44EBC-3A1F-4FBB-85E5-34405788C8D7}" => not found
HKU\S-1-5-21-3260051251-3003698751-2184876508-1001_Classes\CLSID\{6DD6748E-7DAE-47EF-B4D5-03AA1B06D697} => removed successfully
HKU\S-1-5-21-3260051251-3003698751-2184876508-1001_Classes\CLSID\{72726D01-426C-4B35-8266-B4496CAA889E} => removed successfully
HKU\S-1-5-21-3260051251-3003698751-2184876508-1001_Classes\CLSID\{78C1ADF4-6DAE-4164-AEFA-4E3EAD9E750A} => removed successfully
CLSID\{4FFB4BD8-A109-4F25-A4DB-313678B19417}\InprocServer32 -> C:\Users\Admin\AppData\Local\Microsoft\EdgeUpdate\1.3.195.31\psuser_64.dll => No File => Error: No automatic fix found for this entry.
HKU\S-1-5-21-3260051251-3003698751-2184876508-1001_Classes\CLSID\{83F21C4B-8643-4A08-A29A-822AFD835037} => removed successfully
HKU\S-1-5-21-3260051251-3003698751-2184876508-1001_Classes\CLSID\{A087E49F-1F8E-4603-A200-55537B737421} => removed successfully
HKU\S-1-5-21-3260051251-3003698751-2184876508-1001_Classes\CLSID\{AE1542A7-3989-481B-93A9-1500C5F56B14} => removed successfully
HKU\S-1-5-21-3260051251-3003698751-2184876508-1001_Classes\CLSID\{B258532D-3529-4BEB-BF38-F08F98B3968C} => removed successfully
ustomCLSID: HKU\S-1-5-21-3260051251-3003698751-2184876508-1001_Classes\CLSID\{83F21C4B-8643-4A08-A29A-822AFD835037}\InprocServer32 -> C:\Users\Admin\AppData\Local\Microsoft\EdgeUpdate\1.3.193.5\psuser_64.dll => No File => Error: No automatic fix found for this entry.
HKU\S-1-5-21-3260051251-3003698751-2184876508-1001_Classes\CLSID\{A087E49F-1F8E-4603-A200-55537B737421} => not found
HKU\S-1-5-21-3260051251-3003698751-2184876508-1001_Classes\CLSID\{AE1542A7-3989-481B-93A9-1500C5F56B14} => not found
HKU\S-1-5-21-3260051251-3003698751-2184876508-1001_Classes\CLSID\{B258532D-3529-4BEB-BF38-F08F98B3968C} => not found
HKU\S-1-5-21-3260051251-3003698751-2184876508-1001_Classes\CLSID\{83F21C4B-8643-4A08-A29A-822AFD835037} => not found
HKU\S-1-5-21-3260051251-3003698751-2184876508-1001_Classes\CLSID\{A087E49F-1F8E-4603-A200-55537B737421} => not found
HKU\S-1-5-21-3260051251-3003698751-2184876508-1001_Classes\CLSID\{AE1542A7-3989-481B-93A9-1500C5F56B14} => not found
HKU\S-1-5-21-3260051251-3003698751-2184876508-1001_Classes\CLSID\{B258532D-3529-4BEB-BF38-F08F98B3968C} => not found
HKU\S-1-5-21-3260051251-3003698751-2184876508-1001_Classes\CLSID\{CAE1760A-CB07-481B-8F9A-BC65510AF5D5} => removed successfully
HKU\S-1-5-21-3260051251-3003698751-2184876508-1001_Classes\CLSID\{DAA7499A-B3AC-4419-A89B-124318504051} => removed successfully
HKU\S-1-5-21-3260051251-3003698751-2184876508-1001_Classes\CLSID\{E3D57E77-FE71-4D06-BD34-D48820074909} => removed successfully
HKU\S-1-5-21-3260051251-3003698751-2184876508-1001_Classes\CLSID\{E76F97B1-1AE9-497C-9FA4-F57BBABAD54A} => removed successfully
HKU\S-1-5-21-3260051251-3003698751-2184876508-1001_Classes\CLSID\{F1658933-2997-4DDB-869C-061D53A9718E} => removed successfully
HKLM\Software\Classes\Directory\Background\ShellEx\ContextMenuHandlers\igfxcui => removed successfully
C:\Users\Admin\Desktop\FRST64.exe => ":MBAM.Zone.Identifier" ADS removed successfully
C:\ProgramData\TEMP => ":8934AEBA" ADS removed successfully
"HKLM\SYSTEM\CurrentControlSet\services\SharedAccess\Parameters\FirewallPolicy\FirewallRules\\{44C47485-6A04-4B2C-B880-213BA4CFD196}" => removed successfully
"HKLM\SYSTEM\CurrentControlSet\services\SharedAccess\Parameters\FirewallPolicy\FirewallRules\\{FD18C406-BBFA-47EE-91F4-F4A0DA426297}" => removed successfully
"HKLM\SYSTEM\CurrentControlSet\services\SharedAccess\Parameters\FirewallPolicy\FirewallRules\\{E0D85741-E5A5-4CEC-B65A-396697BEE711}" => removed successfully
C:\Windows\System32\Drivers\etc\hosts => moved successfully
Hosts restored successfully.

=========== EmptyTemp: ==========

FlushDNS => completed
BITS transfer queue => 1572864 B
DOMStore, IE Recovery, AppCache, Feeds Cache, Thumbcache, IconCache => 467944115 B
Java, Discord, Steam htmlcache, WinHttpAutoProxySvc/winhttp *.cache => 0 B
Windows/system/drivers => 16727301 B
Edge => 0 B
Firefox => 1409558005 B
Opera => 0 B

Temp, IE cache, history, cookies, recent:
Default => 5120 B
ProgramData => 5120 B
Public => 5120 B
systemprofile => 22159 B
systemprofile32 => 22159 B
LocalService => 26411 B
NetworkService => 323545 B
Admin => 231555722 B

RecycleBin => 1225 B
EmptyTemp: => 2 GB temporary data Removed.

================================


The system needed a reboot.

==== End of Fixlog 20:53:21 ====

Re: kontrola logu-virus

Napsal: 19 lis 2024 21:41
od Rudy
Smazáno. Ještě se to ozývá?

Re: kontrola logu-virus

Napsal: 19 lis 2024 21:46
od darkane
Už se nic neobjevuje, je klid. :)
super, mockrát děkuji :thumbsup:
jarda

Re: kontrola logu-virus

Napsal: 19 lis 2024 21:54
od Rudy
To jsem rád a nemáte zač! :-)
Všechny časy jsou v UTC+01:00
Stránka 1 z 1

Založeno na phpBB® Forum Software © phpBB Limited

Český překlad – phpBB.cz