VIRY.CZ

Dobrý den, prosím o kontrolu, vyskakují mi okna Firefoxu a virech, systému atd.
Zase jsem lezl někam, kam jsem neměl.
děkuji

Scan result of Farbar Recovery Scan Tool (FRST) (x64) Version: 11-10-2025
Ran by Admin (administrator) on SUBOTNIKOVA (LENOVO 10NS000DMC) (16-10-2025 16:33:41)
Running from C:\Users\Admin\Desktop\FRST64.exe
Loaded Profiles: Admin
Platform: Microsoft Windows 10 Pro Version 22H2 19045.6396 (X64) Language: Čeština (Česko)
Default browser: FF
Boot Mode: Normal

==================== Processes (Whitelisted) =================

(If an entry is included in the fixlist, the process will be closed. The file will not be moved.)

(C:\Program Files\LGHUB\system_tray\lghub_system_tray.exe ->) (Logitech Inc -> Logitech, Inc.) C:\Program Files\LGHUB\lghub_agent.exe
(C:\Program Files\Mozilla Firefox\firefox.exe ->) (Mozilla Corporation -> Mozilla Foundation) C:\Program Files\Mozilla Firefox\crashhelper.exe
(C:\Program Files\Realtek\Audio\HDA\RtkAudioService64.exe ->) (Realtek Semiconductor Corp. -> Realtek Semiconductor) C:\Program Files\Realtek\Audio\HDA\RAVBg64.exe
(explorer.exe ->) (Adobe Inc. -> Adobe Systems Incorporated) C:\Program Files\Adobe\Acrobat DC\Acrobat\AdobeCollabSync.exe <2>
(explorer.exe ->) (Logitech Inc -> Logitech, Inc.) C:\Program Files\LGHUB\system_tray\lghub_system_tray.exe
(Intel(R) pGFX -> Intel Corporation) C:\Windows\System32\DriverStore\FileRepository\igdlh64.inf_amd64_d44295a98a21a376\igfxEM.exe
(Mozilla Corporation -> Mozilla Corporation) C:\Program Files\Mozilla Firefox\firefox.exe <13>
(services.exe ->) (Adobe Inc. -> Adobe Inc.) C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\armsvc.exe
(services.exe ->) (Dolby Laboratories, Inc. -> Dolby Laboratories, Inc.) C:\Program Files\Dolby\Dolby DAX2\DAX2_API\DolbyDAX2API.exe
(services.exe ->) (HP Inc. -> HP Inc.) C:\Program Files\HPPrintScanDoctor\HPPrintScanDoctorService.exe
(services.exe ->) (Intel Corporation -> Intel Corporation) C:\Windows\System32\DriverStore\FileRepository\dal.inf_amd64_af50fdb80983f7bc\jhi_service.exe
(services.exe ->) (Intel Corporation -> Intel Corporation) C:\Windows\System32\DriverStore\FileRepository\lms.inf_amd64_a55aa2cd52a3429d\LMS.exe
(services.exe ->) (Intel(R) pGFX -> Intel Corporation) C:\Windows\System32\DriverStore\FileRepository\igdlh64.inf_amd64_d44295a98a21a376\igfxCUIService.exe
(services.exe ->) (Intel(R) pGFX -> Intel Corporation) C:\Windows\System32\DriverStore\FileRepository\igdlh64.inf_amd64_d44295a98a21a376\IntelCpHDCPSvc.exe
(services.exe ->) (Intel(R) pGFX -> Intel Corporation) C:\Windows\System32\DriverStore\FileRepository\igdlh64.inf_amd64_d44295a98a21a376\IntelCpHeciSvc.exe
(services.exe ->) (Intel(R) Rapid Storage Technology -> Intel Corporation) C:\Windows\System32\DriverStore\FileRepository\iaahcic.inf_amd64_f222132bfa8270de\RstMwService.exe
(services.exe ->) (Intel(R) Wireless Connectivity Solutions -> Intel Corporation) C:\Windows\System32\DriverStore\FileRepository\piecomponent.inf_amd64_47a3c840f4f369ff\Intel_PIE_Service.exe
(services.exe ->) (Logitech Inc -> Logitech, Inc.) C:\Program Files\LGHUB\lghub_updater.exe
(services.exe ->) (Microsoft Corporation -> Microsoft Corporation) C:\Windows\Microsoft.NET\Framework64\v3.0\WPF\PresentationFontCache.exe
(services.exe ->) (Microsoft Windows Publisher -> Microsoft Corporation) C:\ProgramData\Microsoft\Windows Defender\Platform\4.18.25080.5-0\MpDefenderCoreService.exe
(services.exe ->) (Microsoft Windows Publisher -> Microsoft Corporation) C:\ProgramData\Microsoft\Windows Defender\Platform\4.18.25080.5-0\MsMpEng.exe
(services.exe ->) (Microsoft Windows Publisher -> Microsoft Corporation) C:\ProgramData\Microsoft\Windows Defender\Platform\4.18.25080.5-0\NisSrv.exe
(services.exe ->) (Realtek Semiconductor Corp. -> Realtek Semiconductor) C:\Program Files\Realtek\Audio\HDA\RtkAudioService64.exe
(svchost.exe ->) (24803D75-212C-471A-BC57-9EF86AB91435 -> ) C:\Program Files\WindowsApps\5319275A.WhatsAppDesktop_2.2541.3.0_x64__cv1g1gvanyjgm\WhatsApp.exe
(svchost.exe ->) (Microsoft Windows -> Microsoft Corporation) C:\Windows\System32\dllhost.exe <3>
(svchost.exe ->) (Microsoft Windows -> Microsoft Corporation) C:\Windows\System32\smartscreen.exe

==================== Registry (Whitelisted) ===================

(If an entry is included in the fixlist, the registry item will be restored to default or removed. The file will not be moved.)

HKLM\...\Run: [RTHDVCPL] => C:\Program Files\Realtek\Audio\HDA\RAVCpl64.exe [19677472 2020-06-30] (Realtek Semiconductor Corp. -> Realtek Semiconductor)
HKLM\...\Run: [RtHDVBg_Dolby] => C:\Program Files\Realtek\Audio\HDA\RAVBg64.exe [3618080 2020-06-30] (Realtek Semiconductor Corp. -> Realtek Semiconductor)
HKLM\...\Run: [RtsCM] => C:\Windows\RTSCM64.EXE [210688 2015-10-13] (Realtek Semiconductor Corp -> Realtek Semiconductor Corp.)
HKLM\...\Run: [AdobeAAMUpdater-1.0] => C:\Program Files (x86)\Common Files\Adobe\OOBE\PDApp\UWA\UpdaterStartupUtility.exe [509936 2018-04-10] (Adobe Systems Incorporated -> Adobe Systems Incorporated)
HKLM-x32\...\Run: [Adobe CCXProcess] => C:\Program Files (x86)\Adobe\Adobe Creative Cloud Experience\CCXProcess.exe [129288 2023-12-04] (Adobe Inc. -> )
HKLM-x32\...\Run: [Wondershare Helper Compact.exe] => C:\Program Files (x86)\Common Files\Wondershare\Wondershare Helper Compact\WSHelper.exe [2133728 2017-09-12] (Wondershare Technology Co.,Ltd -> Wondershare)
HKLM-x32\...\Run: [ControlCenter4] => C:\Program Files (x86)\ControlCenter4\BrCcBoot.exe [139264 2013-04-08] (Brother Industries, Ltd.) [File not signed]
HKLM-x32\...\Run: [BrStsMon00] => C:\Program Files (x86)\Browny02\Brother\BrStMonW.exe [4522496 2013-03-22] (Brother Industries, Ltd.) [File not signed]
HKLM-x32\...\Run: [BrHelp] => C:\Program Files (x86)\Brother\Brother Help\BrotherHelp.exe [1944576 2013-03-07] (Brother Industries, Ltd.) [File not signed]
HKU\S-1-5-21-3260051251-3003698751-2184876508-1001\...\Run: [Microsoft Edge Update] => C:\Users\Admin\AppData\Local\Microsoft\EdgeUpdate\1.3.203.13\MicrosoftEdgeUpdateCore.exe [277048 2025-10-12] (Microsoft Corporation -> Microsoft Corporation)
HKU\S-1-5-21-3260051251-3003698751-2184876508-1001\...\Run: [MicrosoftEdgeAutoLaunch_5EFC0ECB77A7585FE9DCDD0B2E946A2B] => "C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --no-startup-window --win-session-start [4265000 2025-10-09] (Microsoft Corporation -> Microsoft Corporation)
HKU\S-1-5-21-3260051251-3003698751-2184876508-1001\...\Run: [LGHUB] => C:\Program Files\LGHUB\system_tray\lghub_system_tray.exe [24378192 2025-09-16] (Logitech Inc -> Logitech, Inc.)
HKU\S-1-5-21-3260051251-3003698751-2184876508-1001\...\Run: [Adobe Acrobat Synchronizer] => C:\Program Files\Adobe\Acrobat DC\Acrobat\AdobeCollabSync.exe [41579480 2025-09-29] (Adobe Inc. -> Adobe Systems Incorporated)
HKLM\Software\Microsoft\Active Setup\Installed Components: [{8A69D345-D564-463c-AFF1-A69D9E530F96}] -> C:\Program Files\Google\Chrome\Application\141.0.7390.54\Installer\chrmstp.exe [2025-10-04] (Google LLC -> Google LLC)

==================== Scheduled Tasks (Whitelisted) =================

(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)

Task: {35A45D80-5F78-4986-BCF4-1C315BE46FD8} - System32\Tasks\Adobe Acrobat Update Task => C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\AdobeARM.exe [1581568 2025-08-24] (Adobe Inc. -> Adobe Inc.)
Task: {76BBF751-47B5-4AF5-A715-E6DBC9BA7D62} - System32\Tasks\GoogleSystem\GoogleUpdater\GoogleUpdaterTaskSystem142.0.7416.0{F05CE0D0-29A6-459A-9988-B1B958CC9540} => C:\Program Files (x86)\Google\GoogleUpdater\142.0.7416.0\updater.exe [6863512 2025-09-15] (Google LLC -> Google LLC)
Task: {9C0F3D65-0FB9-4462-B5C5-76E61A2B22E8} - System32\Tasks\Microsoft\Office\Office 15 Subscription Heartbeat => C:\Program Files\Common Files\Microsoft Shared\Office16\OLicenseHeartbeat.exe [316632 2015-07-31] (Microsoft Corporation -> Microsoft Corporation)
Task: {5676E42E-83BC-4017-B61D-F2569C0E5D42} - System32\Tasks\Microsoft\Office\OfficeTelemetryAgentFallBack2016 => C:\Program Files\Microsoft Office\Office16\msoia.exe [416432 2015-07-31] (Microsoft Corporation -> Microsoft Corporation)
Task: {AE0A42B0-3DE2-470D-959F-F5797ED08086} - System32\Tasks\Microsoft\Office\OfficeTelemetryAgentLogOn2016 => C:\Program Files\Microsoft Office\Office16\msoia.exe [416432 2015-07-31] (Microsoft Corporation -> Microsoft Corporation)
Task: {6D47A28B-E6E7-4BEF-8BA2-8485D40AC8AE} - System32\Tasks\Microsoft\Windows\Windows Defender\Windows Defender Cache Maintenance => C:\ProgramData\Microsoft\Windows Defender\Platform\4.18.25080.5-0\MpCmdRun.exe [1778248 2025-09-18] (Microsoft Windows Publisher -> Microsoft Corporation)
Task: {04E4C331-3FAC-46E4-821E-7E530C0BBD83} - System32\Tasks\Microsoft\Windows\Windows Defender\Windows Defender Cleanup => C:\ProgramData\Microsoft\Windows Defender\Platform\4.18.25080.5-0\MpCmdRun.exe [1778248 2025-09-18] (Microsoft Windows Publisher -> Microsoft Corporation)
Task: {C220D288-B989-4AD1-A160-14D40E13FF34} - System32\Tasks\Microsoft\Windows\Windows Defender\Windows Defender Scheduled Scan => C:\ProgramData\Microsoft\Windows Defender\Platform\4.18.25080.5-0\MpCmdRun.exe [1778248 2025-09-18] (Microsoft Windows Publisher -> Microsoft Corporation)
Task: {143FA415-398D-4B67-A72C-44B36D10F765} - System32\Tasks\Microsoft\Windows\Windows Defender\Windows Defender Verification => C:\ProgramData\Microsoft\Windows Defender\Platform\4.18.25080.5-0\MpCmdRun.exe [1778248 2025-09-18] (Microsoft Windows Publisher -> Microsoft Corporation)
Task: {47517ABE-3A89-4F20-9C0E-412C4085E3FB} - System32\Tasks\MicrosoftEdgeUpdateTaskUserS-1-5-21-3260051251-3003698751-2184876508-1001Core{345A1CD2-8F45-4CFA-9785-0D4EAC18957A} => C:\Users\Admin\AppData\Local\Microsoft\EdgeUpdate\MicrosoftEdgeUpdate.exe [205880 2023-12-01] (Microsoft Corporation -> Microsoft Corporation)
Task: {51836913-F8DB-4088-B56B-1588D612C189} - System32\Tasks\MicrosoftEdgeUpdateTaskUserS-1-5-21-3260051251-3003698751-2184876508-1001UA{152E6660-A07E-4644-B395-8FEB8768CA9A} => C:\Users\Admin\AppData\Local\Microsoft\EdgeUpdate\MicrosoftEdgeUpdate.exe [205880 2023-12-01] (Microsoft Corporation -> Microsoft Corporation)
Task: {6AFA0292-089B-4818-8090-11752BF4A6B0} - System32\Tasks\Mozilla\Firefox Background Update 308046B0AF4A39CB => C:\Program Files\Mozilla Firefox\firefox.exe [693376 2025-10-15] (Mozilla Corporation -> Mozilla Corporation) -> C:\ProgramData\Mozilla-1de4eec8-1241-4177-a864-e594e8d1fb38\updates\308046B0AF4A39CB\--MOZ_LOG sync,prependheader,timestamp,append,maxsize:1,Dump:5 --MOZ_LOG_FILE C:\ProgramData\Mozilla-1de4eec8-1241-4177-a864-e594e8d1fb38\updates\308046B0AF4A39CB\backgroundupdate.moz_log --backgroundtask background (the data entry has 6 more characters).
Task: {F5CE98CF-A801-4C06-8C34-9E0214F21F95} - System32\Tasks\Mozilla\Firefox Background Update S-1-5-21-3260051251-3003698751-2184876508-1001 308046B0AF4A39CB => C:\Program Files\Mozilla Firefox\firefox.exe [693376 2025-10-15] (Mozilla Corporation -> Mozilla Corporation) -> C:\ProgramData\Mozilla-1de4eec8-1241-4177-a864-e594e8d1fb38\updates\308046B0AF4A39CB\--MOZ_LOG sync,prependheader,timestamp,append,maxsize:1,Dump:5 --MOZ_LOG_FILE C:\ProgramData\Mozilla-1de4eec8-1241-4177-a864-e594e8d1fb38\updates\308046B0AF4A39CB\backgroundupdate.moz_log --backgroundtask background (the data entry has 6 more characters).
Task: {C716E195-8057-47FB-B56F-41552D46CBE2} - System32\Tasks\Mozilla\Firefox Default Browser Agent 308046B0AF4A39CB => C:\Program Files\Mozilla Firefox\default-browser-agent.exe [34944 2025-10-15] (Mozilla Corporation -> Mozilla Foundation)
Task: {325D2C8B-4A3D-477F-974B-4B4AAF2CB6C2} - System32\Tasks\OneDrive Startup Task-S-1-5-21-3260051251-3003698751-2184876508-1001 => C:\Users\Admin\AppData\Local\Microsoft\OneDrive\25.179.0914.0003\OneDriveLauncher.exe [725864 2025-10-14] (Microsoft Corporation -> Microsoft Corporation)

(If an entry is included in the fixlist, the task (.job) file will be moved. The file which is running by the task will not be moved.)


==================== Internet (Whitelisted) ====================

(If an item is included in the fixlist, if it is a registry item it will be removed or restored to default.)

Tcpip\Parameters: [DhcpNameServer] 192.168.0.1
Tcpip\..\Interfaces\{03e0243e-6962-44b1-81f3-eeee08e9f5bb}: [DhcpNameServer] 192.168.0.1
Tcpip\..\Interfaces\{cadf30ae-5751-4815-9b4c-5da544af023b}: [DhcpNameServer] 192.168.0.1

Edge:
=======
Edge DefaultProfile: Default
Edge Profile: C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default [2025-10-11]
Edge Extension: (Malwarebytes Browser Guard) - C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\Extensions\bojobppfploabceghnmlahpoonbcbacn [2025-09-12]
Edge Extension: (Dokumenty Google offline) - C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\Extensions\ghbmnnjooekpmoecnnnilnnbdlolhkhi [2025-09-20]
Edge Extension: (Edge relevant text changes) - C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\Extensions\jmjflgjpcpepeafmmgdpfkogkghcpiha [2024-01-24]
Edge HKLM\...\Edge\Extension: [bojobppfploabceghnmlahpoonbcbacn]
Edge HKLM-x32\...\Edge\Extension: [bojobppfploabceghnmlahpoonbcbacn]

FireFox:
========
FF DefaultProfile: wecs4sq7.default
FF ProfilePath: C:\Users\Admin\AppData\Roaming\Mozilla\Firefox\Profiles\wecs4sq7.default [2024-11-19]
FF ProfilePath: C:\Users\Admin\AppData\Roaming\Mozilla\Firefox\Profiles\s82nlhr8.default-release-1720340111013 [2025-10-16]
FF Homepage: Mozilla\Firefox\Profiles\s82nlhr8.default-release-1720340111013 -> hxxps://www.seznam.cz/
FF Notifications: Mozilla\Firefox\Profiles\s82nlhr8.default-release-1720340111013 -> hxxps://www.blancheporte.cz; hxxps://csuange071bc738pvdcg.enhanceconnection.co.in; hxxps://csupkhu071bc739s22t0.enhanceconnection.co.in; hxxps://csuplv6071bc739s4n6g.enhanceprotocol.co.in; hxxps://csupmom071bc739s67b0.enhanceconnection.co.in; hxxps://84b7wjb8o9qv2g.enhanceconnection.co.in; hxxps://cvpbjq6071bc73ahmb0g.stabilizeconnection.co.in; hxxps://d3ofqlm071bc73824tb0.vynexbotshield.co.in
FF Extension: (New Tab) - C:\Users\Admin\AppData\Roaming\Mozilla\Firefox\Profiles\s82nlhr8.default-release-1720340111013\Extensions\newtab@mozilla.org.xpi [2025-10-02]
FF Extension: (Advanced Image Search) - C:\Users\Admin\AppData\Roaming\Mozilla\Firefox\Profiles\s82nlhr8.default-release-1720340111013\Extensions\{9191eef4-82e8-4da5-81a1-dbba6fc650ea}.xpi [2024-07-07]
FF Extension: (Dark Tranquillity Angels) - C:\Users\Admin\AppData\Roaming\Mozilla\Firefox\Profiles\s82nlhr8.default-release-1720340111013\Extensions\{b106e190-78cc-404b-b621-2d37c7769801}.xpi [2024-07-07]
FF Extension: (Data Leak Blocker) - C:\Users\Admin\AppData\Roaming\Mozilla\Firefox\Profiles\s82nlhr8.default-release-1720340111013\features\{4b4c5cf6-ce3a-47b1-9488-522277e99195}\data-leak-blocker@mozilla.com.xpi [2025-10-04]
FF Plugin: @microsoft.com/SharePoint,version=14.0 -> C:\PROGRA~1\MICROS~2\Office16\NPSPWRAP.DLL [2015-07-31] (Microsoft Corporation -> Microsoft Corporation)
FF Plugin: @videolan.org/vlc,version=3.0.20 -> C:\Program Files\VideoLAN\VLC\npvlc.dll [2023-10-30] (VideoLAN -> VideoLAN)
FF Plugin: Adobe Acrobat -> C:\Program Files\Adobe\Acrobat DC\Acrobat\Air\nppdf32.dll [2025-09-29] (Adobe Inc. -> Adobe Systems Inc.)
FF Plugin-x32: @microsoft.com/Lync,version=15.0 -> C:\Program Files (x86)\Mozilla Firefox\plugins\npmeetingjoinpluginoc.dll [2015-07-31] (Microsoft Corporation -> Microsoft Corporation)
FF Plugin-x32: @microsoft.com/SharePoint,version=14.0 -> C:\PROGRA~2\MICROS~2\Office16\NPSPWRAP.DLL [2015-07-31] (Microsoft Corporation -> Microsoft Corporation)

Chrome:
=======
CHR Profile: C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default [2025-09-16]
CHR Extension: (Adobe Acrobat: PDF edit, convert, sign tools) - C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Extensions\efaidnbmnnnibpcajpcglclefindmkaj [2025-09-16]
CHR Extension: (Dokumenty Google offline) - C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Extensions\ghbmnnjooekpmoecnnnilnnbdlolhkhi [2025-09-07]
CHR Extension: (Malwarebytes Browser Guard) - C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Extensions\ihcjicgdanjaechkgeegckofjjedodee [2025-09-09]
CHR Extension: (Platby Internetového obchodu Chrome) - C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Extensions\nmmhkkegccagdldgiimedpiccmgmieda [2025-07-01]
CHR HKLM\...\Chrome\Extension: [ihcjicgdanjaechkgeegckofjjedodee]
CHR HKU\S-1-5-21-3260051251-3003698751-2184876508-1001\SOFTWARE\Google\Chrome\Extensions\...\Chrome\Extension: [efaidnbmnnnibpcajpcglclefindmkaj]
CHR HKLM-x32\...\Chrome\Extension: [ihcjicgdanjaechkgeegckofjjedodee]

==================== Services (Whitelisted) ===================

(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)

R2 AdobeARMservice; C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\armsvc.exe [174584 2025-08-24] (Adobe Inc. -> Adobe Inc.)
S3 BrYNSvc; C:\Program Files (x86)\Browny02\BrYNSvc.exe [282112 2012-10-26] (Brother Industries, Ltd.) [File not signed]
R2 Dolby DAX2 API Service; C:\Program Files\Dolby\Dolby DAX2\DAX2_API\DolbyDAX2API.exe [189464 2020-06-02] (Dolby Laboratories, Inc. -> Dolby Laboratories, Inc.)
R2 HPPrintScanDoctorService; C:\Program Files\HPPrintScanDoctor\HPPrintScanDoctorService.exe [243720 2025-08-26] (HP Inc. -> HP Inc.)
R2 LGHUBUpdaterService; C:\Program Files\LGHUB\lghub_updater.exe [18843472 2025-09-16] (Logitech Inc -> Logitech, Inc.)
R2 MDCoreSvc; C:\ProgramData\Microsoft\Windows Defender\Platform\4.18.25080.5-0\MpDefenderCoreService.exe [2009656 2025-09-18] (Microsoft Windows Publisher -> Microsoft Corporation)
S3 Sense; C:\Program Files\Windows Defender Advanced Threat Protection\MsSense.exe [803064 2025-10-14] (Microsoft Windows Publisher -> Microsoft Corporation)
R3 WdNisSvc; C:\ProgramData\Microsoft\Windows Defender\Platform\4.18.25080.5-0\NisSrv.exe [4414464 2025-09-18] (Microsoft Windows Publisher -> Microsoft Corporation)
R2 WinDefend; C:\ProgramData\Microsoft\Windows Defender\Platform\4.18.25080.5-0\MsMpEng.exe [282480 2025-09-18] (Microsoft Windows Publisher -> Microsoft Corporation)
S2 AGSService; "C:\Program Files (x86)\Common Files\Adobe\AdobeGCClient\AGSService.exe" [X]

===================== Drivers (Whitelisted) ===================

(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)

S3 BthHFEnum; C:\Windows\System32\drivers\bthhfenum.sys [144896 2019-12-07] (Microsoft Corporation) [File not signed]
S3 BTHMODEM; C:\Windows\System32\drivers\bthmodem.sys [76800 2019-12-07] (Microsoft Corporation) [File not signed]
S3 dg_ssudbus; C:\Windows\system32\DRIVERS\ssudbus2.sys [167440 2022-09-30] (Samsung Electronics CO., LTD. -> Samsung Electronics Co., Ltd.)
R3 KslD; C:\Windows\System32\drivers\wd\KslD.sys [333216 2025-09-18] (Microsoft Windows -> Microsoft Corporation)
R3 LBAI; C:\Windows\System32\Drivers\LBAI.sys [23208 2017-11-13] (WDKTestCert Win10P64US,131547553407012624 -> Lenovo)
R3 logi_joy_bus_enum; C:\Windows\system32\drivers\logi_joy_bus_enum.sys [44992 2025-04-10] (Logitech Inc -> Logitech)
R3 logi_joy_vir_hid; C:\Windows\system32\drivers\logi_joy_vir_hid.sys [32200 2025-04-10] (Logitech Inc -> Logitech)
R3 logi_joy_xlcore; C:\Windows\system32\drivers\logi_joy_xlcore.sys [73152 2025-04-10] (Logitech Inc -> Logitech)
S3 ssudmdm; C:\Windows\system32\DRIVERS\ssudmdm.sys [174112 2022-09-30] (Samsung Electronics CO., LTD. -> Samsung Electronics Co., Ltd.)
S3 ss_conn_usb_driver2; C:\Windows\System32\Drivers\ss_conn_usb_driver2.sys [50720 2022-09-30] (Samsung Electronics CO., LTD. -> Samsung Electronics Co., Ltd.)
S0 WdBoot; C:\Windows\System32\drivers\wd\WdBoot.sys [20880 2025-09-18] (Microsoft Windows Early Launch Anti-malware Publisher -> Microsoft Corporation)
R0 WdFilter; C:\Windows\System32\drivers\wd\WdFilter.sys [627104 2025-09-18] (Microsoft Windows -> Microsoft Corporation)
R3 WdNisDrv; C:\Windows\System32\drivers\wd\WdNisDrv.sys [102816 2025-09-18] (Microsoft Windows -> Microsoft Corporation)

==================== NetSvcs (Whitelisted) ===================

(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)


==================== One month (created) (Whitelisted) =========

(If an entry is included in the fixlist, the file/folder will be moved.)

2025-10-16 16:33 - 2025-10-16 16:34 - 000020477 _____ C:\Users\Admin\Desktop\FRST.txt
2025-10-16 16:32 - 2025-10-16 16:32 - 002442752 _____ (Farbar) C:\Users\Admin\Desktop\FRST64.exe
2025-10-16 10:10 - 2025-10-16 10:10 - 000645477 _____ C:\Users\Admin\Desktop\zápočtový list 2025-10-16_100950.pdf
2025-10-16 10:08 - 2025-10-16 10:08 - 000560265 _____ C:\Users\Admin\Desktop\doklad o výdělku.pdf
2025-10-15 13:43 - 2025-10-16 14:06 - 000000000 ____D C:\Program Files\Mozilla Firefox
2025-10-14 18:14 - 2025-10-14 18:14 - 000181515 _____ C:\Users\Admin\Desktop\zruseni-ve-zd-ze-strany-zamestnance.pdf
2025-10-14 12:48 - 2025-10-14 12:48 - 000000000 ____D C:\Users\Admin\AppData\Local\Backup
2025-10-14 09:13 - 2025-10-14 09:13 - 000001260 _____ C:\Users\Admin\Desktop\cover – zástupce.lnk
2025-10-13 19:22 - 2025-10-13 19:22 - 006942829 _____ C:\Users\Admin\Downloads\Kutnar_Dejepisectvi_RanyStredovek.pdf
2025-10-13 11:25 - 2025-10-13 11:25 - 000998959 _____ C:\Users\Admin\Downloads\podaci_listek-2025-13-10-09-25-31.pdf
2025-10-12 12:38 - 2025-10-12 12:38 - 000000000 ____D C:\Users\Admin\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Webová aplikace Firefoxu
2025-10-10 13:56 - 2025-10-10 13:56 - 000415776 _____ C:\Users\Admin\Downloads\Hnilica_Kognitivní a metakognitivní strategie autoregulovaného učení.pdf
2025-10-10 13:55 - 2025-10-10 13:55 - 000618756 _____ C:\Users\Admin\Downloads\Úkol 1_metakognice_zadání.pdf
2025-10-10 08:55 - 2025-10-10 08:55 - 000126191 _____ C:\Users\Admin\Downloads\Faktury_email_Oleška_250991_2025_09.pdf
2025-10-02 18:52 - 2025-10-02 18:52 - 000070415 _____ C:\Users\Admin\Desktop\Směny 20252.xlsx
2025-09-30 16:33 - 2025-09-30 16:34 - 073654029 _____ C:\Users\Admin\Desktop\zasilka-TPKETN2Z33N4ULN8.zip
2025-09-23 15:31 - 2025-09-23 15:31 - 000068540 _____ C:\Users\Admin\Desktop\Směny 2025.xlsx
2025-09-21 21:07 - 2025-09-21 21:07 - 000000000 ____D C:\Users\Admin\AppData\LocalLow\Temp
2025-09-21 21:05 - 2025-10-03 18:35 - 000002033 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Adobe Acrobat.lnk
2025-09-19 21:28 - 2025-09-25 09:32 - 000000000 ____D C:\Users\Admin\Desktop\aparath singl
2025-09-19 08:08 - 2025-09-19 14:02 - 000012053 _____ C:\Users\Admin\Desktop\Tabulka_XYZ.xlsx
2025-09-17 13:11 - 2025-09-17 13:11 - 000000029 _____ C:\Users\Admin\Desktop\cubase kod.txt
2025-09-17 08:02 - 2025-09-17 08:02 - 000000856 _____ C:\Users\Public\Desktop\Logitech G HUB.lnk
2025-09-17 08:02 - 2025-09-17 08:02 - 000000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Logi
2025-09-17 08:02 - 2025-09-17 08:02 - 000000000 ____D C:\Program Files\LGHUB

==================== One month (modified) ==================

(If an entry is included in the fixlist, the file/folder will be moved.)

2025-10-16 16:34 - 2024-11-19 18:00 - 000000000 ____D C:\FRST
2025-10-16 16:30 - 2023-12-01 15:17 - 000000000 ____D C:\ProgramData\Mozilla-1de4eec8-1241-4177-a864-e594e8d1fb38
2025-10-16 16:27 - 2019-12-07 11:14 - 000000000 ____D C:\ProgramData\regid.1991-06.com.microsoft
2025-10-16 15:08 - 2023-11-27 17:12 - 000000000 ____D C:\Windows\system32\SleepStudy
2025-10-16 14:15 - 2019-12-07 11:14 - 000000000 ___HD C:\Program Files\WindowsApps
2025-10-16 14:15 - 2019-12-07 11:14 - 000000000 ____D C:\Windows\AppReadiness
2025-10-16 14:10 - 2023-11-27 16:21 - 001694140 _____ C:\Windows\system32\PerfStringBackup.INI
2025-10-16 14:10 - 2019-12-07 16:43 - 000717008 _____ C:\Windows\system32\perfh005.dat
2025-10-16 14:10 - 2019-12-07 16:43 - 000145186 _____ C:\Windows\system32\perfc005.dat
2025-10-16 14:10 - 2019-12-07 11:13 - 000000000 ____D C:\Windows\INF
2025-10-16 14:06 - 2023-12-01 15:17 - 000000000 ____D C:\Program Files (x86)\Mozilla Maintenance Service
2025-10-16 14:06 - 2023-11-27 17:12 - 000008192 ___SH C:\DumpStack.log.tmp
2025-10-16 14:06 - 2023-11-27 17:12 - 000000006 ____H C:\Windows\Tasks\SA.DAT
2025-10-16 14:06 - 2023-11-27 16:38 - 000000000 __SHD C:\Users\Admin\IntelGraphicsProfiles
2025-10-16 14:06 - 2023-11-27 16:16 - 000000000 ____D C:\Users\Admin
2025-10-16 14:06 - 2019-12-07 11:14 - 000000000 ____D C:\Windows\ServiceState
2025-10-16 13:37 - 2023-12-04 17:11 - 000000000 ____D C:\Users\Admin\AppData\Roaming\Mp3tag
2025-10-16 13:22 - 2023-11-27 16:16 - 000000000 ____D C:\Users\Admin\AppData\Local\D3DSCache
2025-10-16 06:32 - 2023-05-05 14:28 - 000000000 ____D C:\Windows\SystemTemp
2025-10-16 06:24 - 2024-04-15 18:53 - 000000000 ____D C:\Users\Admin\AppData\Local\LGHUB
2025-10-15 13:57 - 2023-12-01 15:17 - 000001073 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Firefox.lnk
2025-10-15 13:57 - 2023-12-01 15:17 - 000000000 ____D C:\Windows\system32\Tasks\Mozilla
2025-10-14 19:40 - 2023-12-01 16:30 - 000000000 ____D C:\Users\Admin\AppData\Roaming\Microsoft\Word
2025-10-14 18:07 - 2023-11-27 16:16 - 000000000 ____D C:\Users\Admin\AppData\Local\Packages
2025-10-14 12:51 - 2025-02-06 21:59 - 000003576 _____ C:\Windows\system32\Tasks\OneDrive Startup Task-S-1-5-21-3260051251-3003698751-2184876508-1001
2025-10-14 12:51 - 2023-11-27 16:18 - 000003592 _____ C:\Windows\system32\Tasks\OneDrive Reporting Task-S-1-5-21-3260051251-3003698751-2184876508-1001
2025-10-14 12:51 - 2023-11-27 16:18 - 000003372 _____ C:\Windows\system32\Tasks\OneDrive Standalone Update Task-S-1-5-21-3260051251-3003698751-2184876508-1001
2025-10-14 12:51 - 2023-11-27 16:16 - 000002424 _____ C:\Users\Admin\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\OneDrive.lnk
2025-10-14 12:47 - 2019-12-07 11:03 - 000524288 _____ C:\Windows\system32\config\BBI
2025-10-14 11:33 - 2023-11-27 16:16 - 000000000 __RHD C:\Users\Public\AccountPictures
2025-10-14 11:33 - 2023-11-27 16:16 - 000000000 ____D C:\Users\Admin\AppData\Local\ConnectedDevicesPlatform
2025-10-14 10:42 - 2025-08-07 08:32 - 000000000 ____D C:\Users\Admin\AppData\Roaming\Silverjuke
2025-10-14 08:39 - 2024-07-10 17:58 - 000000000 ____D C:\Windows\system32\compatrel
2025-10-14 08:39 - 2019-12-07 16:47 - 000000000 ____D C:\Program Files\Windows Defender Advanced Threat Protection
2025-10-14 08:39 - 2019-12-07 11:14 - 000000000 ___RD C:\Windows\ImmersiveControlPanel
2025-10-14 08:39 - 2019-12-07 11:14 - 000000000 ____D C:\Windows\SystemResources
2025-10-14 08:39 - 2019-12-07 11:14 - 000000000 ____D C:\Windows\system32\oobe
2025-10-14 08:39 - 2019-12-07 11:14 - 000000000 ____D C:\Windows\Provisioning
2025-10-14 08:39 - 2019-12-07 11:14 - 000000000 ____D C:\Windows\bcastdvr
2025-10-14 08:17 - 2019-12-07 11:03 - 000000000 ____D C:\Windows\CbsTemp
2025-10-14 08:16 - 2023-11-27 16:14 - 003016192 _____ (Microsoft Corporation) C:\Windows\SysWOW64\PrintConfig.dll
2025-10-13 20:25 - 2024-01-04 19:29 - 000000000 ____D C:\Users\Admin\AppData\Roaming\Microsoft\Excel
2025-10-13 19:32 - 2023-12-01 16:30 - 000000000 ____D C:\Users\Admin\AppData\Roaming\Microsoft\Office
2025-10-13 08:43 - 2023-12-01 16:45 - 000000000 ____D C:\ProgramData\TEMP
2025-10-13 07:54 - 2023-11-27 17:12 - 000003640 _____ C:\Windows\system32\Tasks\MicrosoftEdgeUpdateTaskMachineUA
2025-10-13 07:54 - 2023-11-27 17:12 - 000003514 _____ C:\Windows\system32\Tasks\MicrosoftEdgeUpdateTaskMachineCore
2025-10-12 09:40 - 2023-12-01 14:39 - 000003980 _____ C:\Windows\system32\Tasks\MicrosoftEdgeUpdateTaskUserS-1-5-21-3260051251-3003698751-2184876508-1001UA{152E6660-A07E-4644-B395-8FEB8768CA9A}
2025-10-12 09:40 - 2023-12-01 14:39 - 000003914 _____ C:\Windows\system32\Tasks\MicrosoftEdgeUpdateTaskUserS-1-5-21-3260051251-3003698751-2184876508-1001Core{345A1CD2-8F45-4CFA-9785-0D4EAC18957A}
2025-10-11 06:55 - 2023-11-27 17:12 - 000002436 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Microsoft Edge.lnk
2025-10-11 06:55 - 2023-11-27 17:12 - 000002274 _____ C:\Users\Public\Desktop\Microsoft Edge.lnk
2025-10-10 21:22 - 2025-04-28 09:46 - 000000000 ____D C:\Users\Admin\Downloads\Ondra-Destroy!
2025-10-10 10:42 - 2023-11-27 17:12 - 000437848 _____ C:\Windows\system32\FNTCACHE.DAT
2025-10-07 20:40 - 2023-12-26 23:04 - 000000000 ____D C:\Users\Admin\AppData\Roaming\vlc
2025-10-06 18:34 - 2024-09-11 09:59 - 000000000 ____D C:\Users\Admin\Downloads\APARATH
2025-10-04 19:47 - 2025-07-01 21:50 - 000002207 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Google Chrome.lnk
2025-10-04 19:47 - 2025-07-01 21:50 - 000002166 _____ C:\Users\Public\Desktop\Google Chrome.lnk
2025-09-26 08:13 - 2024-01-26 15:49 - 000012448 _____ C:\Users\Admin\Desktop\Voda.xlsx
2025-09-24 09:33 - 2019-12-07 11:14 - 000000000 ____D C:\Windows\system32\NDF
2025-09-23 07:57 - 2023-12-19 00:15 - 000000000 ____D C:\Users\Admin\AppData\Local\CrashDumps
2025-09-21 21:07 - 2023-12-02 10:52 - 000000000 ____D C:\Users\Admin\AppData\LocalLow\Adobe
2025-09-21 21:06 - 2023-12-01 16:34 - 000000000 ____D C:\Users\Admin\AppData\Roaming\com.adobe.dunamis
2025-09-21 21:06 - 2023-12-01 16:33 - 000000000 ____D C:\Users\Admin\AppData\Local\Adobe
2025-09-21 21:05 - 2024-06-18 11:04 - 000004562 _____ C:\Windows\system32\Tasks\Adobe Acrobat Update Task
2025-09-21 21:04 - 2023-12-01 16:34 - 000000000 ____D C:\Program Files\Common Files\Adobe
2025-09-21 20:59 - 2023-12-01 16:33 - 000000000 ____D C:\ProgramData\Adobe
2025-09-18 12:04 - 2023-11-27 17:12 - 000000000 ____D C:\Windows\system32\Drivers\wd
2025-09-18 10:38 - 2024-05-15 08:38 - 000000000 ____D C:\Users\Admin\Downloads\PROG
2025-09-18 09:44 - 2023-12-01 16:34 - 000000000 ____D C:\ProgramData\Package Cache
2025-09-17 08:03 - 2024-04-15 18:53 - 000000000 ____D C:\Users\Admin\AppData\Roaming\G HUB
2025-09-17 08:02 - 2025-04-25 13:36 - 000000000 ____D C:\Users\Admin\AppData\Roaming\lghub

==================== Files in the root of some directories ========

2023-12-01 17:48 - 2025-09-21 21:00 - 000000820 _____ () C:\Users\Admin\AppData\Local\oobelibMkey.log
2024-02-12 23:28 - 2024-02-12 23:28 - 000000017 _____ () C:\Users\Admin\AppData\Local\resmon.resmoncfg

==================== SigCheck ============================

(There is no automatic fix for files that do not pass verification.)

==================== End of FRST.txt ========================


Additional scan result of Farbar Recovery Scan Tool (x64) Version: 11-10-2025
Ran by Admin (16-10-2025 16:35:29)
Running from C:\Users\Admin\Desktop
Microsoft Windows 10 Pro Version 22H2 19045.6396 (X64) (2023-11-27 14:14:16)
Boot Mode: Normal
==========================================================


==================== Accounts: =============================

(If an entry is included in the fixlist, it will be removed.)

Admin (S-1-5-21-3260051251-3003698751-2184876508-1001 - Administrator - Enabled) => C:\Users\Admin
Administrator (S-1-5-21-3260051251-3003698751-2184876508-500 - Administrator - Disabled)
DefaultAccount (S-1-5-21-3260051251-3003698751-2184876508-503 - Limited - Disabled)
Guest (S-1-5-21-3260051251-3003698751-2184876508-501 - Limited - Disabled)
WDAGUtilityAccount (S-1-5-21-3260051251-3003698751-2184876508-504 - Limited - Disabled)

==================== Security Center ========================

(If an entry is included in the fixlist, it will be removed.)

AV: Windows Defender (Enabled - Up to date) {D68DDC3A-831F-4fae-9E44-DA132C1ACF46}

==================== Installed Programs ======================

(Only the adware programs with "Hidden" flag could be added to the fixlist to unhide them. The adware programs should be uninstalled manually.)

Adobe Acrobat (64-bit) (HKLM\...\{AC76BA86-1029-1033-7760-BC15014EA700}) (Version: 25.001.20756 - Adobe)
Adobe Audition 2023 (HKLM-x32\...\AUDT_23_3) (Version: 23.3 - Adobe Inc.)
Adobe Illustrator 2021 (HKLM-x32\...\ILST_25_4_1) (Version: 25.4.1 - Adobe Inc.)
Adobe Photoshop 2024 (HKLM-x32\...\PHSP_25_1) (Version: 25.1.0.120 - Adobe Inc.)
Adobe Refresh Manager (HKLM-x32\...\{AC76BA86-0804-1033-1959-018244601120}) (Version: 1.8.0 - Adobe Systems Incorporated) Hidden
Brother MFL-Pro Suite MFC-J6520DW (HKLM-x32\...\{6A367B4D-2E1C-4843-9FF0-A1DF1DEAB1E6}) (Version: 1.0.0.0 - Brother Industries, Ltd.)
Dolby Audio X2 Windows API SDK (HKLM\...\{FA0735B6-9E18-437A-A1CD-9152650FC52B}) (Version: 0.8.8.90 - Dolby Laboratories, Inc.)
EZ CD Audio Converter (HKLM-x32\...\EZ CD Audio Converter) (Version: 11.0.2 - Poikosoft)
FontLab 8 (64-bit) (HKLM-x32\...\{F7851B69-FE71-44D2-9698-7E9BF5AF390F}_is1) (Version: 8.0 - FontLab)
Google Chrome (HKLM-x32\...\Google Chrome) (Version: 141.0.7390.54 - Google LLC)
Integrated Camera (HKLM-x32\...\{E399A5B3-ED53-4DEA-AF04-8011E1EB1EAC}) (Version: 10.0.10120.11107 - Realtek Semiconductor Corp.)
Intel(R) Processor Graphics (HKLM-x32\...\{F0E3AD40-2BBD-4360-9C76-B9AC9A5886EA}) (Version: 22.20.16.4708 - Intel Corporation)
Logitech G HUB (HKLM\...\{521c89be-637f-4274-a840-baaf7460c2b2}) (Version: 2025.7.768359 - Logitech)
Microsoft Access MUI (Czech) 2016 (HKLM\...\{90160000-0015-0405-1000-0000000FF1CE}) (Version: 16.0.4266.1001 - Microsoft Corporation) Hidden
Microsoft DCF MUI (Czech) 2016 (HKLM\...\{90160000-0090-0405-1000-0000000FF1CE}) (Version: 16.0.4266.1001 - Microsoft Corporation) Hidden
Microsoft Edge (HKLM-x32\...\Microsoft Edge) (Version: 141.0.3537.71 - Microsoft Corporation)
Microsoft Edge WebView2 Runtime (HKLM-x32\...\Microsoft EdgeWebView) (Version: 141.0.3537.71 - Microsoft Corporation) Hidden
Microsoft Excel MUI (Czech) 2016 (HKLM\...\{90160000-0016-0405-1000-0000000FF1CE}) (Version: 16.0.4266.1001 - Microsoft Corporation) Hidden
Microsoft Groove MUI (Czech) 2016 (HKLM\...\{90160000-00BA-0405-1000-0000000FF1CE}) (Version: 16.0.4266.1001 - Microsoft Corporation) Hidden
Microsoft InfoPath MUI (Czech) 2016 (HKLM\...\{90160000-0044-0405-1000-0000000FF1CE}) (Version: 16.0.4266.1001 - Microsoft Corporation) Hidden
Microsoft Office 32-bit Components 2016 (HKLM\...\{90160000-00C1-0000-1000-0000000FF1CE}) (Version: 16.0.4266.1001 - Microsoft Corporation) Hidden
Microsoft Office Korrekturhilfen 2016 – Deutsch (HKLM\...\{90160000-001F-0407-1000-0000000FF1CE}) (Version: 16.0.4266.1001 - Microsoft Corporation) Hidden
Microsoft Office OSM MUI (Czech) 2016 (HKLM\...\{90160000-00E1-0405-1000-0000000FF1CE}) (Version: 16.0.4266.1001 - Microsoft Corporation) Hidden
Microsoft Office OSM UX MUI (Czech) 2016 (HKLM\...\{90160000-00E2-0405-1000-0000000FF1CE}) (Version: 16.0.4266.1001 - Microsoft Corporation) Hidden
Microsoft Office Professional Plus 2016 (HKLM\...\{90160000-0011-0000-1000-0000000FF1CE}) (Version: 16.0.4266.1001 - Microsoft Corporation) Hidden
Microsoft Office Professional Plus 2016 (HKLM\...\Office16.PROPLUS) (Version: 16.0.4266.1001 - Microsoft Corporation)
Microsoft Office Proofing (Czech) 2016 (HKLM\...\{90160000-002C-0405-1000-0000000FF1CE}) (Version: 16.0.4266.1001 - Microsoft Corporation) Hidden
Microsoft Office Proofing Tools 2016 - English (HKLM\...\{90160000-001F-0409-1000-0000000FF1CE}) (Version: 16.0.4266.1001 - Microsoft Corporation) Hidden
Microsoft Office Shared 32-bit MUI (Czech) 2016 (HKLM\...\{90160000-00C1-0405-1000-0000000FF1CE}) (Version: 16.0.4266.1001 - Microsoft Corporation) Hidden
Microsoft Office Shared MUI (Czech) 2016 (HKLM\...\{90160000-006E-0405-1000-0000000FF1CE}) (Version: 16.0.4266.1001 - Microsoft Corporation) Hidden
Microsoft OneDrive (HKU\S-1-5-21-3260051251-3003698751-2184876508-1001\...\OneDriveSetup.exe) (Version: 25.179.0914.0003 - Microsoft Corporation)
Microsoft OneNote MUI (Czech) 2016 (HKLM\...\{90160000-00A1-0405-1000-0000000FF1CE}) (Version: 16.0.4266.1001 - Microsoft Corporation) Hidden
Microsoft Outlook MUI (Czech) 2016 (HKLM\...\{90160000-001A-0405-1000-0000000FF1CE}) (Version: 16.0.4266.1001 - Microsoft Corporation) Hidden
Microsoft PowerPoint MUI (Czech) 2016 (HKLM\...\{90160000-0018-0405-1000-0000000FF1CE}) (Version: 16.0.4266.1001 - Microsoft Corporation) Hidden
Microsoft Publisher MUI (Czech) 2016 (HKLM\...\{90160000-0019-0405-1000-0000000FF1CE}) (Version: 16.0.4266.1001 - Microsoft Corporation) Hidden
Microsoft Skype for Business MUI (Czech) 2016 (HKLM\...\{90160000-012B-0405-1000-0000000FF1CE}) (Version: 16.0.4266.1001 - Microsoft Corporation) Hidden
Microsoft Update Health Tools (HKLM\...\{1FC1A6C2-576E-489A-9B4A-92D21F542136}) (Version: 3.74.0.0 - Microsoft Corporation)
Microsoft Visual C++ 2005 Redistributable (HKLM-x32\...\{710f4c1c-cc18-4c49-8cbf-51240c89a1a2}) (Version: 8.0.61001 - Microsoft Corporation)
Microsoft Visual C++ 2005 Redistributable (x64) (HKLM\...\{ad8a2fa1-06e7-4b0d-927d-6e54b3d31028}) (Version: 8.0.61000 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x64 9.0.30729.4148 (HKLM\...\{4B6C7001-C7D6-3710-913E-5BC23FCE91E6}) (Version: 9.0.30729.4148 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x64 9.0.30729.6161 (HKLM\...\{5FCE6D76-F5DC-37AB-B2B8-22AB8CEDB1D4}) (Version: 9.0.30729.6161 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.6161 (HKLM-x32\...\{9BE518E6-ECC6-35A9-88E4-87755C07200F}) (Version: 9.0.30729.6161 - Microsoft Corporation)
Microsoft Visual C++ 2010 x64 Redistributable - 10.0.40219 (HKLM\...\{1D8E6291-B0D5-35EC-8441-6616F567A0F7}) (Version: 10.0.40219 - Microsoft Corporation)
Microsoft Visual C++ 2010 x86 Redistributable - 10.0.40219 (HKLM-x32\...\{F0C3E5D1-1ADE-321E-8167-68EF0DE699A5}) (Version: 10.0.40219 - Microsoft Corporation)
Microsoft Visual C++ 2012 Redistributable (x64) - 11.0.61030 (HKLM-x32\...\{ca67548a-5ebe-413a-b50c-4b9ceb6d66c6}) (Version: 11.0.61030.0 - Microsoft Corporation)
Microsoft Visual C++ 2012 Redistributable (x86) - 11.0.61030 (HKLM-x32\...\{33d1fd90-4274-48a1-9bc1-97e33d9c2d6f}) (Version: 11.0.61030.0 - Microsoft Corporation)
Microsoft Visual C++ 2012 x64 Additional Runtime - 11.0.61030 (HKLM\...\{37B8F9C7-03FB-3253-8781-2517C99D7C00}) (Version: 11.0.61030 - Microsoft Corporation) Hidden
Microsoft Visual C++ 2012 x64 Minimum Runtime - 11.0.61030 (HKLM\...\{CF2BEA3C-26EA-32F8-AA9B-331F7E34BA97}) (Version: 11.0.61030 - Microsoft Corporation) Hidden
Microsoft Visual C++ 2012 x86 Additional Runtime - 11.0.61030 (HKLM-x32\...\{B175520C-86A2-35A7-8619-86DC379688B9}) (Version: 11.0.61030 - Microsoft Corporation) Hidden
Microsoft Visual C++ 2012 x86 Minimum Runtime - 11.0.61030 (HKLM-x32\...\{BD95A8CD-1D9F-35AD-981A-3E7925026EBB}) (Version: 11.0.61030 - Microsoft Corporation) Hidden
Microsoft Visual C++ 2013 Redistributable (x64) - 12.0.40664 (HKLM-x32\...\{042d26ef-3dbe-4c25-95d3-4c1b11b235a7}) (Version: 12.0.40664.0 - Microsoft Corporation)
Microsoft Visual C++ 2013 Redistributable (x86) - 12.0.40664 (HKLM-x32\...\{9dff3540-fc85-4ed5-ac84-9e3c7fd8bece}) (Version: 12.0.40664.0 - Microsoft Corporation)
Microsoft Visual C++ 2013 x64 Additional Runtime - 12.0.40664 (HKLM\...\{010792BA-551A-3AC0-A7EF-0FAB4156C382}) (Version: 12.0.40664 - Microsoft Corporation) Hidden
Microsoft Visual C++ 2013 x64 Minimum Runtime - 12.0.40664 (HKLM\...\{53CF6934-A98D-3D84-9146-FC4EDF3D5641}) (Version: 12.0.40664 - Microsoft Corporation) Hidden
Microsoft Visual C++ 2013 x86 Additional Runtime - 12.0.40664 (HKLM-x32\...\{D401961D-3A20-3AC7-943B-6139D5BD490A}) (Version: 12.0.40664 - Microsoft Corporation) Hidden
Microsoft Visual C++ 2013 x86 Minimum Runtime - 12.0.40664 (HKLM-x32\...\{8122DAB1-ED4D-3676-BB0A-CA368196543E}) (Version: 12.0.40664 - Microsoft Corporation) Hidden
Microsoft Visual C++ 2015-2022 Redistributable (x64) - 14.38.33135 (HKLM-x32\...\{c649ede4-f16a-4486-a117-dcc2f2a35165}) (Version: 14.38.33135.0 - Microsoft Corporation)
Microsoft Visual C++ 2015-2022 Redistributable (x86) - 14.38.33135 (HKLM-x32\...\{46c3b171-c15c-4137-8e1d-67eeb2985b44}) (Version: 14.38.33135.0 - Microsoft Corporation)
Microsoft Visual C++ 2022 X64 Additional Runtime - 14.38.33135 (HKLM\...\{19AFE054-CA83-45D5-A9DB-4108EF4BD391}) (Version: 14.38.33135 - Microsoft Corporation) Hidden
Microsoft Visual C++ 2022 X64 Minimum Runtime - 14.38.33135 (HKLM\...\{AA0C8AB5-7297-4D46-A0D9-08096FE59E46}) (Version: 14.38.33135 - Microsoft Corporation) Hidden
Microsoft Visual C++ 2022 X86 Additional Runtime - 14.38.33135 (HKLM-x32\...\{9C19C103-7DB1-44D1-A039-2C076A633A38}) (Version: 14.38.33135 - Microsoft Corporation) Hidden
Microsoft Visual C++ 2022 X86 Minimum Runtime - 14.38.33135 (HKLM-x32\...\{286DC39B-5FB7-4AFF-9DD4-22DB47664CD7}) (Version: 14.38.33135 - Microsoft Corporation) Hidden
Microsoft Word MUI (Czech) 2016 (HKLM\...\{90160000-001B-0405-1000-0000000FF1CE}) (Version: 16.0.4266.1001 - Microsoft Corporation) Hidden
MixMeister BPM Analyzer 1.0 (HKLM-x32\...\MixMeister BPM Analyzer_is1) (Version: - MixMeister Technology LLC)
Mozilla Firefox (x64 cs) (HKLM\...\Mozilla Firefox) (Version: 144.0 - Mozilla)
Mozilla Maintenance Service (HKLM\...\MozillaMaintenanceService) (Version: 120.0.1 - Mozilla)
Mp3tag v3.31a (HKLM\...\Mp3tag) (Version: 3.31a - Florian Heidenreich)
Nástroje kontroly pravopisu pro Microsoft Office 2016 – čeština (HKLM\...\{90160000-001F-0405-1000-0000000FF1CE}) (Version: 16.0.4266.1001 - Microsoft Corporation) Hidden
Nástroje korektúry balíka Microsoft Office 2016 - slovenčina (HKLM\...\{90160000-001F-041B-1000-0000000FF1CE}) (Version: 16.0.4266.1001 - Microsoft Corporation) Hidden
Navigation Updater (HKU\S-1-5-21-3260051251-3003698751-2184876508-1001\...\{cc421fe9-06b3-474a-809a-80908170203b}) (Version: 2.2.3.8 - HYUNDAI MOTOR GROUP)
Realtek Card Reader (HKLM-x32\...\{5BC2B5AB-80DE-4E83-B8CF-426902051D0A}) (Version: 10.0.16299.31239 - Realtek Semiconductor Corp.)
Silverjuke 16.5.3 (HKLM-x32\...\Silverjuke) (Version: 16.5.3 - Bjoern Petersen Software Design and Development)
TIDAL (HKU\S-1-5-21-3260051251-3003698751-2184876508-1001\...\TIDAL) (Version: 2.36.2 - TIDAL Music AS)
Update for x64-based Windows Systems (KB5001716) (HKLM\...\{B8D93870-98D1-4980-AFCA-E26563CDFB79}) (Version: 8.94.0.0 - Microsoft Corporation)
UXP WebView Support (HKLM-x32\...\UXPW_1_1_0) (Version: 1.1.0 - Adobe Inc.)
VLC media player (HKLM\...\VLC media player) (Version: 3.0.20 - VideoLAN)
Vulkan Run Time Libraries 1.0.42.0 (HKLM\...\VulkanRT1.0.42.0) (Version: 1.0.42.0 - LunarG, Inc.)
WinRAR 6.20 (64-bit) (HKLM\...\WinRAR archiver) (Version: 6.20.0 - win.rar GmbH)
Wondershare Helper Compact 2.6.0 (HKLM-x32\...\{5363CE84-5F09-48A1-8B6C-6BB590FFEDF2}_is1) (Version: 2.6.0 - Wondershare)

Packages:
=========
HP Smart -> C:\Program Files\WindowsApps\AD2F1837.HPPrinterControl_161.1.1087.0_x64__v10z8vjag6ke6 [2025-08-26] (HP Inc.)
Spotify – hudba a podcasty -> C:\Program Files\WindowsApps\SpotifyAB.SpotifyMusic_1.274.477.0_x64__zpdnekdrzrea0 [2025-10-08] (Spotify AB) [Startup Task]
WhatsApp -> C:\Program Files\WindowsApps\5319275A.WhatsAppDesktop_2.2541.3.0_x64__cv1g1gvanyjgm [2025-10-16] (WhatsApp Inc.) [Startup Task]

==================== Custom CLSID (Whitelisted): ==============

(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)

CustomCLSID: HKU\S-1-5-21-3260051251-3003698751-2184876508-1001_Classes\CLSID\{1C67DF85-7959-43C0-92F8-2CAD0314C31C}\InprocServer32 -> C:\Users\Admin\AppData\Local\Microsoft\EdgeUpdate\1.3.201.11\psuser_64.dll => No File
CustomCLSID: HKU\S-1-5-21-3260051251-3003698751-2184876508-1001_Classes\CLSID\{38142727-3008-9161-1521-349515000000}\localserver32 -> C:\Program Files\Adobe\Acrobat DC\Acrobat\ADNotificationManager.exe (Adobe Inc. -> Adobe)
CustomCLSID: HKU\S-1-5-21-3260051251-3003698751-2184876508-1001_Classes\CLSID\{41B09861-5409-4D44-8CA4-D49FBFAA2E6F}\InprocServer32 -> C:\Users\Admin\AppData\Local\Microsoft\EdgeUpdate\1.3.195.49\psuser_64.dll => No File
CustomCLSID: HKU\S-1-5-21-3260051251-3003698751-2184876508-1001_Classes\CLSID\{47E6DCAF-41F8-441C-BD0E-A50D5FE6C4D1}\localserver32 -> C:\Users\Admin\AppData\Local\Microsoft\OneDrive\25.179.0914.0003\OneDrive.Sync.Service.exe (Microsoft Corporation -> Microsoft Corporation)
CustomCLSID: HKU\S-1-5-21-3260051251-3003698751-2184876508-1001_Classes\CLSID\{5EA43877-C6D8-4885-B77A-C0BB27E94372}\InprocServer32 -> C:\Users\Admin\AppData\Local\Microsoft\EdgeUpdate\1.3.203.13\psuser_64.dll (Microsoft Corporation -> Microsoft Corporation)
CustomCLSID: HKU\S-1-5-21-3260051251-3003698751-2184876508-1001_Classes\CLSID\{6A49690B-7DB6-424B-81CE-F51078F2A58D}\InprocServer32 -> C:\Users\Admin\AppData\Local\Microsoft\EdgeUpdate\1.3.203.13\psuser_64.dll (Microsoft Corporation -> Microsoft Corporation)
CustomCLSID: HKU\S-1-5-21-3260051251-3003698751-2184876508-1001_Classes\CLSID\{79F05C14-E714-4C12-9924-93C812894CB0}\InprocServer32 -> C:\Users\Admin\AppData\Local\Microsoft\EdgeUpdate\1.3.195.57\psuser_64.dll => No File
CustomCLSID: HKU\S-1-5-21-3260051251-3003698751-2184876508-1001_Classes\CLSID\{7EFB4924-4B93-4C43-9832-9C3D05E85214}\InprocServer32 -> C:\Users\Admin\AppData\Local\Microsoft\EdgeUpdate\1.3.195.59\psuser_64.dll => No File
CustomCLSID: HKU\S-1-5-21-3260051251-3003698751-2184876508-1001_Classes\CLSID\{81093D63-7825-417B-BFC8-ADC63FA4E53D}\InprocServer32 -> C:\Users\Admin\AppData\Local\Microsoft\EdgeUpdate\1.3.203.13\psuser_64.dll (Microsoft Corporation -> Microsoft Corporation)
CustomCLSID: HKU\S-1-5-21-3260051251-3003698751-2184876508-1001_Classes\CLSID\{917E8742-AA3B-7318-FA12-10485FB322A2}\localserver32 -> C:\Users\Admin\AppData\Local\Microsoft\OneDrive\25.179.0914.0003\OneDrive.Sync.Service.exe (Microsoft Corporation -> Microsoft Corporation)
CustomCLSID: HKU\S-1-5-21-3260051251-3003698751-2184876508-1001_Classes\CLSID\{C88B3957-621C-415B-8EE5-B688FC7EF924}\InprocServer32 -> C:\Users\Admin\AppData\Local\Microsoft\EdgeUpdate\1.3.195.61\psuser_64.dll => No File
CustomCLSID: HKU\S-1-5-21-3260051251-3003698751-2184876508-1001_Classes\CLSID\{D2188EEC-2B0F-488C-8ECA-5285E8ECD87D}\InprocServer32 -> C:\Users\Admin\AppData\Local\Microsoft\EdgeUpdate\1.3.195.69\psuser_64.dll => No File
CustomCLSID: HKU\S-1-5-21-3260051251-3003698751-2184876508-1001_Classes\CLSID\{D8599F80-3D26-46D2-8CF1-0AD21B0ECF31}\InprocServer32 -> C:\Users\Admin\AppData\Local\Microsoft\EdgeUpdate\1.3.195.65\psuser_64.dll => No File
CustomCLSID: HKU\S-1-5-21-3260051251-3003698751-2184876508-1001_Classes\CLSID\{ECCE2756-C45D-4E13-BC2D-EC9F138997E6}\InprocServer32 -> C:\Users\Admin\AppData\Local\Microsoft\EdgeUpdate\1.3.199.11\psuser_64.dll => No File
ShellIconOverlayIdentifiers: [ AccExtIco1] -> {AB9CF9F8-8A96-4F9D-BF21-CE85714C3A47} => C:\Program Files (x86)\Common Files\Adobe\CoreSyncExtension\CoreSync_x64.dll [2023-12-04] (Adobe Inc. -> )
ShellIconOverlayIdentifiers: [ AccExtIco2] -> {853B7E05-C47D-4985-909A-D0DC5C6D7303} => C:\Program Files (x86)\Common Files\Adobe\CoreSyncExtension\CoreSync_x64.dll [2023-12-04] (Adobe Inc. -> )
ShellIconOverlayIdentifiers: [ AccExtIco3] -> {42D38F2E-98E9-4382-B546-E24E4D6D04BB} => C:\Program Files (x86)\Common Files\Adobe\CoreSyncExtension\CoreSync_x64.dll [2023-12-04] (Adobe Inc. -> )
ContextMenuHandlers1: [AccExt] -> {2A118EB5-5797-4F5E-8B3D-F4ECBA3C98E4} => C:\Program Files (x86)\Common Files\Adobe\CoreSyncExtension\CoreSync_x64.dll [2023-12-04] (Adobe Inc. -> )
ContextMenuHandlers1: [Adobe.Acrobat.ContextMenu] -> {A6595CD1-BF77-430A-A452-18696685F7C7} => C:\Program Files\Adobe\Acrobat DC\Acrobat Elements\ContextMenuShim64.dll [2025-09-07] (Adobe Inc. -> Adobe Systems Inc.)
ContextMenuHandlers1: [EzCd] -> {E46D6DC6-9707-43a9-BDBB-0BDBDD096F90} => C:\Program Files\EZ CD Audio Converter\ezcd64.dll [2022-09-23] (Poikosoft -> Poikosoft)
ContextMenuHandlers1: [Mp3tagShell] -> {6351E20C-35FA-4BE3-98FB-4CABF1363E12} => C:\Program Files\Mp3tag\Mp3tagShell64.dll [2025-08-18] (Florian Heidenreich -> Florian Heidenreich)
ContextMenuHandlers1: [WinRAR] -> {B41DB860-64E4-11D2-9906-E49FADC173CA} => C:\Program Files\WinRAR\rarext.dll [2023-01-17] (win.rar GmbH -> Alexander Roshal)
ContextMenuHandlers1-x32: [WinRAR32] -> {B41DB860-8EE4-11D2-9906-E49FADC173CA} => C:\Program Files\WinRAR\rarext32.dll [2023-01-17] (win.rar GmbH -> Alexander Roshal)
ContextMenuHandlers2: [Mp3tagShell] -> {6351E20C-35FA-4BE3-98FB-4CABF1363E12} => C:\Program Files\Mp3tag\Mp3tagShell64.dll [2025-08-18] (Florian Heidenreich -> Florian Heidenreich)
ContextMenuHandlers4: [EzCd] -> {E46D6DC6-9707-43a9-BDBB-0BDBDD096F90} => C:\Program Files\EZ CD Audio Converter\ezcd64.dll [2022-09-23] (Poikosoft -> Poikosoft)
ContextMenuHandlers4: [Mp3tagShell] -> {6351E20C-35FA-4BE3-98FB-4CABF1363E12} => C:\Program Files\Mp3tag\Mp3tagShell64.dll [2025-08-18] (Florian Heidenreich -> Florian Heidenreich)
ContextMenuHandlers5: [igfxDTCM] -> {9B5F5829-A529-4B12-814A-E81BCB8D93FC} => C:\Windows\System32\DriverStore\FileRepository\igdlh64.inf_amd64_d44295a98a21a376\igfxDTCM.dll [2017-06-22] (Microsoft Windows Hardware Compatibility Publisher -> Intel Corporation)
ContextMenuHandlers6: [AccExt] -> {2A118EB5-5797-4F5E-8B3D-F4ECBA3C98E4} => C:\Program Files (x86)\Common Files\Adobe\CoreSyncExtension\CoreSync_x64.dll [2023-12-04] (Adobe Inc. -> )
ContextMenuHandlers6: [WinRAR] -> {B41DB860-64E4-11D2-9906-E49FADC173CA} => C:\Program Files\WinRAR\rarext.dll [2023-01-17] (win.rar GmbH -> Alexander Roshal)
ContextMenuHandlers6-x32: [WinRAR32] -> {B41DB860-8EE4-11D2-9906-E49FADC173CA} => C:\Program Files\WinRAR\rarext32.dll [2023-01-17] (win.rar GmbH -> Alexander Roshal)

==================== Codecs (Whitelisted) ====================

==================== Shortcuts & WMI ========================

(The entries could be listed to be restored or removed.)

Shortcut: C:\Users\Admin\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Silverjuke\Silverjuke on the web.lnk -> hxxp://www.silverjuke.net%C:\Program Files (x86)\Silverjuke\vi

==================== Loaded Modules (Whitelisted) =============

2025-06-20 11:09 - 2005-04-22 06:36 - 000143360 _____ () [File not signed] C:\Windows\system32\BrSNMP64.dll
2025-06-20 11:09 - 2013-01-07 02:53 - 000087040 _____ (Brother Industries, Ltd.) [File not signed] C:\Windows\system32\BrNetSti.dll

==================== Alternate Data Streams (Whitelisted) ========

(If an entry is included in the fixlist, only the ADS will be removed.)

AlternateDataStreams: C:\ProgramData\TEMP:8934AEBA [138]

==================== Safe Mode (Whitelisted) ==================

==================== Association (Whitelisted) =================

==================== Internet Explorer (Whitelisted) =============

BHO: Skype for Business Browser Helper -> {31D09BA0-12F5-4CCE-BE8A-2923E76605DA} -> C:\Program Files\Microsoft Office\Office16\OCHelper.dll [2015-07-31] (Microsoft Corporation -> Microsoft Corporation)
BHO: Microsoft OneDrive for Business Browser Helper -> {D0498E0A-45B7-42AE-A9AA-ABA463DBD3BF} -> C:\Program Files\Microsoft Office\Office16\GROOVEEX.DLL [2015-07-31] (Microsoft Corporation -> Microsoft Corporation)
BHO-x32: Skype for Business Browser Helper -> {31D09BA0-12F5-4CCE-BE8A-2923E76605DA} -> C:\Program Files (x86)\Microsoft Office\Office16\OCHelper.dll [2015-07-31] (Microsoft Corporation -> Microsoft Corporation)
BHO-x32: Microsoft OneDrive for Business Browser Helper -> {D0498E0A-45B7-42AE-A9AA-ABA463DBD3BF} -> C:\Program Files (x86)\Microsoft Office\Office16\GROOVEEX.DLL [2015-07-31] (Microsoft Corporation -> Microsoft Corporation)
Handler: mso-minsb.16 - {3459B272-CC19-4448-86C9-DDC3B4B2FAD3} - C:\Program Files\Microsoft Office\Office16\MSOSB.DLL [2015-07-31] (Microsoft Corporation -> Microsoft Corporation)
Handler-x32: mso-minsb.16 - {3459B272-CC19-4448-86C9-DDC3B4B2FAD3} - C:\Program Files (x86)\Microsoft Office\Office16\MSOSB.DLL [2015-07-31] (Microsoft Corporation -> Microsoft Corporation)
Handler: osf.16 - {5504BE45-A83B-4808-900A-3A5C36E7F77A} - C:\Program Files\Microsoft Office\Office16\MSOSB.DLL [2015-07-31] (Microsoft Corporation -> Microsoft Corporation)
Handler-x32: osf.16 - {5504BE45-A83B-4808-900A-3A5C36E7F77A} - C:\Program Files (x86)\Microsoft Office\Office16\MSOSB.DLL [2015-07-31] (Microsoft Corporation -> Microsoft Corporation)

==================== Hosts content: =========================

(If needed Hosts: directive could be included in the fixlist to reset Hosts.)

2019-12-07 11:14 - 2024-11-20 11:31 - 000000027 _____ C:\Windows\system32\drivers\etc\hosts
127.0.0.1 localhost

==================== Network ===========================

(Currently there is no automatic fix for this section.)

DNS Servers: 192.168.0.1
Windows Firewall is enabled.

Network Binding:
=============
Ethernet: Intel(R) Ethernet Connection (5) I219-LM -> e1d68x64.sys
Wi-Fi: Intel(R) Dual Band Wireless-AC 8265 -> Netwtw06.sys

==================== Other Areas ===========================

(Currently there is no automatic fix for this section.)

HKU\S-1-5-21-3260051251-3003698751-2184876508-1001\Control Panel\Desktop\\Wallpaper -> c:\windows\web\wallpaper\windows\img0.jpg
HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Policies\System => (ConsentPromptBehaviorAdmin: 5) (ConsentPromptBehaviorUser: 3) (EnableLUA: 1)
HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer => (SmartScreenEnabled: Warn)
HKLM\SOFTWARE\Microsoft\Windows Defender\Features => (TamperProtection: 5) (TamperProtectionSource: 2)
HKLM\SOFTWARE\Microsoft\Windows Defender\Real-Time Protection => (DpaDisabled: 0)


==================== MSCONFIG/TASK MANAGER disabled items ==

(If an entry is included in the fixlist, it will be removed.)

HKLM\...\StartupApproved\Run: => "AdobeAAMUpdater-1.0"
HKLM\...\StartupApproved\Run: => "AdobeGCInvoker-1.0"
HKLM\...\StartupApproved\Run: => "RtHDVBg_Dolby"
HKLM\...\StartupApproved\Run: => "RtsCM"
HKLM\...\StartupApproved\Run: => "Logitech Download Assistant"
HKLM\...\StartupApproved\Run: => "RTHDVCPL"
HKLM\...\StartupApproved\Run32: => "Adobe CCXProcess"
HKLM\...\StartupApproved\Run32: => "Wondershare Helper Compact.exe"
HKLM\...\StartupApproved\Run32: => "BrHelp"
HKLM\...\StartupApproved\Run32: => "ControlCenter4"
HKLM\...\StartupApproved\Run32: => "BrStsMon00"
HKU\S-1-5-21-3260051251-3003698751-2184876508-1001\...\StartupApproved\Run: => "MicrosoftEdgeAutoLaunch_5EFC0ECB77A7585FE9DCDD0B2E946A2B"
HKU\S-1-5-21-3260051251-3003698751-2184876508-1001\...\StartupApproved\Run: => "Microsoft Edge Update"
HKU\S-1-5-21-3260051251-3003698751-2184876508-1001\...\StartupApproved\Run: => "OneDrive"

==================== FirewallRules (Whitelisted) ================

(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)

FirewallRules: [{C7FB50D1-BC78-4825-88D4-3E09FA63E69F}] => (Allow) C:\Program Files\Mozilla Firefox\firefox.exe (Mozilla Corporation -> Mozilla Corporation)
FirewallRules: [{A6E10C3A-A21B-408F-9C8F-1B69042A1EC0}] => (Allow) C:\Program Files\Mozilla Firefox\firefox.exe (Mozilla Corporation -> Mozilla Corporation)
FirewallRules: [{540B133E-829B-4D85-BAEE-5BC28B52D6D6}] => (Allow) C:\Program Files\Microsoft Office\Office16\lync.exe (Microsoft Corporation -> Microsoft Corporation)
FirewallRules: [{62D4249A-6E78-4F84-9004-21FAE461849E}] => (Allow) C:\Program Files\Microsoft Office\Office16\lync.exe (Microsoft Corporation -> Microsoft Corporation)
FirewallRules: [{FF74FB05-0D42-45B3-A267-CD31C1F97F82}] => (Allow) C:\Program Files\Microsoft Office\Office16\UcMapi.exe (Microsoft Corporation -> Microsoft Corporation)
FirewallRules: [{6FB41EE1-8A74-499A-8265-73ABDB6EC6DC}] => (Allow) C:\Program Files\Microsoft Office\Office16\UcMapi.exe (Microsoft Corporation -> Microsoft Corporation)
FirewallRules: [{6E0C8B92-196C-4E04-B5A2-2CC4897A2AFB}] => (Block) C:\Program Files\Adobe\Adobe Photoshop 2024\Photoshop.exe (Adobe Inc. -> Adobe) [File not signed]
FirewallRules: [{DB04B26E-B4DE-495E-B254-F5396EEB2C7F}] => (Block) C:\Program Files\Adobe\Adobe Photoshop 2024\Photoshop.exe (Adobe Inc. -> Adobe) [File not signed]
FirewallRules: [TCP Query User{0C3CA86C-FB5C-41D6-8BE5-9E2C01E5A1F0}C:\users\admin\appdata\local\tidal\app-2.36.2\tidal.exe] => (Allow) C:\users\admin\appdata\local\tidal\app-2.36.2\tidal.exe (TIDAL Music AS -> TIDAL Music AS)
FirewallRules: [UDP Query User{0EC0C7DD-376C-499B-865D-FD3569A107F7}C:\users\admin\appdata\local\tidal\app-2.36.2\tidal.exe] => (Allow) C:\users\admin\appdata\local\tidal\app-2.36.2\tidal.exe (TIDAL Music AS -> TIDAL Music AS)
FirewallRules: [{615ABAB5-389E-4E92-B1EC-9DE0321A0E74}] => (Block) C:\Program Files\Adobe\Adobe Audition 2023\Adobe Audition.exe (Adobe Inc. -> Adobe)
FirewallRules: [{614A2360-1566-428E-AFBC-656D47A9EDB2}] => (Block) C:\Program Files\Adobe\Adobe Audition 2023\Adobe Audition.exe (Adobe Inc. -> Adobe)
FirewallRules: [{F1E80103-3E86-4AE2-83B6-6F2CAD12FE78}] => (Block) C:\Program Files\Adobe\Adobe Audition 2023\AdobeCrashReport.exe (Adobe Inc. -> Adobe)
FirewallRules: [{85739B14-C9B9-4B42-A9F6-5F146381920D}] => (Block) C:\Program Files\Adobe\Adobe Audition 2023\AdobeCrashReport.exe (Adobe Inc. -> Adobe)
FirewallRules: [{F40957CA-C45C-4EA9-82D1-69F4C6AE7DD2}] => (Block) C:\Program Files\Adobe\Adobe Creative Cloud Experience\CCXProcess.exe (Adobe Inc. -> Adobe Inc.)
FirewallRules: [{A36C7630-3F11-4D8B-A669-F45A93CC2AA4}] => (Block) C:\Program Files\Adobe\Adobe Creative Cloud Experience\CCXProcess.exe (Adobe Inc. -> Adobe Inc.)
FirewallRules: [TCP Query User{28A5E507-0A58-4EC5-ADA7-B73D962F9A6A}C:\program files\mozilla firefox\firefox.exe] => (Block) C:\program files\mozilla firefox\firefox.exe (Mozilla Corporation -> Mozilla Corporation)
FirewallRules: [UDP Query User{61B900CC-DBF2-4937-9E07-DCF1372A7801}C:\program files\mozilla firefox\firefox.exe] => (Block) C:\program files\mozilla firefox\firefox.exe (Mozilla Corporation -> Mozilla Corporation)
FirewallRules: [{0FB55194-E415-43DF-87E8-978B391A44F1}] => (Block) C:\Program Files\Adobe\Adobe Illustrator 2021\Support Files\Contents\Windows\Illustrator.exe (Adobe Inc. -> Adobe Inc.) [File not signed]
FirewallRules: [{856D172B-A223-40CC-A00C-2C07400B36E7}] => (Block) C:\Program Files\Adobe\Adobe Illustrator 2021\Support Files\Contents\Windows\Illustrator.exe (Adobe Inc. -> Adobe Inc.) [File not signed]
FirewallRules: [{AFB8E45A-BD81-46C9-A75E-3DCC9C8F9FEA}] => (Block) C:\Program Files\Adobe\Adobe Illustrator 2021\Support Files\Contents\Windows\AIRobin.exe (Adobe Inc. -> Adobe Inc.)
FirewallRules: [{A664574D-962A-4465-AA2D-04AE4F9CE4F3}] => (Block) C:\Program Files\Adobe\Adobe Illustrator 2021\Support Files\Contents\Windows\AIRobin.exe (Adobe Inc. -> Adobe Inc.)
FirewallRules: [{94B394EC-6572-474E-8591-C002F66F9A69}] => (Allow) C:\Program Files (x86)\Brother\Brmfl13c\FAXRX.EXE (Brother Industries, Ltd.) [File not signed]
FirewallRules: [{D4DD0422-BD0A-40FF-933B-E5EAFD864213}] => (Allow) LPort=54925
FirewallRules: [TCP Query User{134A117D-F910-467F-BBE8-16419B3DBA53}C:\program files (x86)\silverjuke\silverjuke.exe] => (Block) C:\program files (x86)\silverjuke\silverjuke.exe (Björn Petersen Software Design and Development) [File not signed]
FirewallRules: [UDP Query User{654D3EC8-D003-47CE-818E-9506B2B61E10}C:\program files (x86)\silverjuke\silverjuke.exe] => (Block) C:\program files (x86)\silverjuke\silverjuke.exe (Björn Petersen Software Design and Development) [File not signed]
FirewallRules: [{4C05636F-9BEB-4C9D-A5D2-F692F3C0A4A9}] => (Allow) C:\Program Files\Google\Chrome\Application\chrome.exe (Google LLC -> Google LLC)
FirewallRules: [{F4B0491B-6FE5-4D62-8A86-C627A58D5FC6}] => (Allow) C:\Program Files\WindowsApps\SpotifyAB.SpotifyMusic_1.274.477.0_x64__zpdnekdrzrea0\Spotify.exe (453637B3-4E12-4CDF-B0D3-2A3C863BF6EF -> Spotify Ltd)
FirewallRules: [{EABE6C08-2F72-44F3-B63D-98549E4C05D6}] => (Allow) C:\Program Files\WindowsApps\SpotifyAB.SpotifyMusic_1.274.477.0_x64__zpdnekdrzrea0\Spotify.exe (453637B3-4E12-4CDF-B0D3-2A3C863BF6EF -> Spotify Ltd)
FirewallRules: [{ABCE577C-4209-4E1E-AA8C-48CE17DEDBA4}] => (Allow) C:\Program Files\WindowsApps\SpotifyAB.SpotifyMusic_1.274.477.0_x64__zpdnekdrzrea0\Spotify.exe (453637B3-4E12-4CDF-B0D3-2A3C863BF6EF -> Spotify Ltd)
FirewallRules: [{52938F72-B0B1-4D61-BEE9-A35348BA0F14}] => (Allow) C:\Program Files\WindowsApps\SpotifyAB.SpotifyMusic_1.274.477.0_x64__zpdnekdrzrea0\Spotify.exe (453637B3-4E12-4CDF-B0D3-2A3C863BF6EF -> Spotify Ltd)
FirewallRules: [{048C098D-0526-4359-A877-8D59494FDD68}] => (Allow) C:\Program Files\WindowsApps\SpotifyAB.SpotifyMusic_1.274.477.0_x64__zpdnekdrzrea0\Spotify.exe (453637B3-4E12-4CDF-B0D3-2A3C863BF6EF -> Spotify Ltd)
FirewallRules: [{5270EF0E-1B87-4E50-A35A-20929358872C}] => (Allow) C:\Program Files\WindowsApps\SpotifyAB.SpotifyMusic_1.274.477.0_x64__zpdnekdrzrea0\Spotify.exe (453637B3-4E12-4CDF-B0D3-2A3C863BF6EF -> Spotify Ltd)
FirewallRules: [{AB3C9627-81F1-4717-8F56-5D06551657E7}] => (Allow) C:\Program Files\WindowsApps\SpotifyAB.SpotifyMusic_1.274.477.0_x64__zpdnekdrzrea0\Spotify.exe (453637B3-4E12-4CDF-B0D3-2A3C863BF6EF -> Spotify Ltd)
FirewallRules: [{BADCD3B2-1DA9-4B05-9184-BFDA5400419E}] => (Allow) C:\Program Files\WindowsApps\SpotifyAB.SpotifyMusic_1.274.477.0_x64__zpdnekdrzrea0\Spotify.exe (453637B3-4E12-4CDF-B0D3-2A3C863BF6EF -> Spotify Ltd)
FirewallRules: [{8B715C0E-0D79-4587-B480-C0CDBD5C2498}] => (Allow) C:\Program Files\WindowsApps\SpotifyAB.SpotifyMusic_1.274.477.0_x64__zpdnekdrzrea0\Spotify.exe (453637B3-4E12-4CDF-B0D3-2A3C863BF6EF -> Spotify Ltd)
FirewallRules: [{AD315674-AE3A-43DC-BE3A-1553E2A7EB99}] => (Allow) C:\Program Files\WindowsApps\SpotifyAB.SpotifyMusic_1.274.477.0_x64__zpdnekdrzrea0\Spotify.exe (453637B3-4E12-4CDF-B0D3-2A3C863BF6EF -> Spotify Ltd)
FirewallRules: [{7864BF21-9D65-43A8-A8D5-69762B19CA20}] => (Allow) C:\Program Files\WindowsApps\SpotifyAB.SpotifyMusic_1.274.477.0_x64__zpdnekdrzrea0\SpotifyLauncher.exe (453637B3-4E12-4CDF-B0D3-2A3C863BF6EF -> Spotify Ltd)
FirewallRules: [{4A95CF09-07E8-41B8-A983-324FC247B7E1}] => (Allow) C:\Program Files\WindowsApps\SpotifyAB.SpotifyMusic_1.274.477.0_x64__zpdnekdrzrea0\SpotifyLauncher.exe (453637B3-4E12-4CDF-B0D3-2A3C863BF6EF -> Spotify Ltd)
FirewallRules: [{76394BC6-8669-492F-8754-48AC0B019F45}] => (Allow) C:\Program Files\WindowsApps\SpotifyAB.SpotifyMusic_1.274.477.0_x64__zpdnekdrzrea0\SpotifyLauncher.exe (453637B3-4E12-4CDF-B0D3-2A3C863BF6EF -> Spotify Ltd)

==================== Restore Points =========================

27-09-2025 17:31:13 Naplánovaný kontrolní bod
06-10-2025 17:30:57 Naplánovaný kontrolní bod
14-10-2025 08:11:59 Instalační služba modulů systému Windows

==================== Faulty Device Manager Devices ============

==================== Event log errors: ========================

Application errors:
==================
Error: (10/15/2025 08:10:51 AM) (Source: Microsoft-Windows-Defrag) (EventID: 264) (User: )
Description: Optimalizátor úložiště nemohl dokončit opakovat operaci trim na darkane (X:), protože: Požadovaná operace není podporována hardwarem, který zálohuje svazek. (0x8900002A)

Error: (10/14/2025 03:59:37 PM) (Source: Application Hang) (EventID: 1002) (User: )
Description: Program foobar2000.exe verze 1.4.4.0 přestal spolupracovat s Windows a byl ukončen. Pokud chcete zjistit, jestli je k dispozici více informací o tomto problému, vyhledejte historii problému na ovládacím panelu Zabezpečení a údržba.

ID procesu: 2a84

Čas spuštění: 01dc3d0d3794af8b

Čas ukončení: 13

Cesta k aplikaci: X:\TECHDAT\jukebox\Program File HDD\foobar2000\foobar2000.exe

ID hlášení: ffe56170-ae78-4676-a11b-4ab8c737c068

Úplný název balíčku s chybou:

ID aplikace relativní podle balíčku s chybou:

Typ zablokování: Unknown

Error: (10/08/2025 07:17:06 PM) (Source: Microsoft-Windows-Defrag) (EventID: 264) (User: )
Description: Optimalizátor úložiště nemohl dokončit opakovat operaci trim na darkane (X:), protože: Požadovaná operace není podporována hardwarem, který zálohuje svazek. (0x8900002A)

Error: (10/01/2025 08:00:35 AM) (Source: Microsoft-Windows-Defrag) (EventID: 264) (User: )
Description: Optimalizátor úložiště nemohl dokončit opakovat operaci trim na darkane (X:), protože: Požadovaná operace není podporována hardwarem, který zálohuje svazek. (0x8900002A)

Error: (09/24/2025 06:25:47 PM) (Source: Application Hang) (EventID: 1002) (User: )
Description: Program EXCEL.EXE verze 16.0.4266.1001 přestal spolupracovat s Windows a byl ukončen. Pokud chcete zjistit, jestli je k dispozici více informací o tomto problému, vyhledejte historii problému na ovládacím panelu Zabezpečení a údržba.

ID procesu: 2d34

Čas spuštění: 01dc2d6fcb026580

Čas ukončení: 16

Cesta k aplikaci: C:\Program Files\Microsoft Office\Office16\EXCEL.EXE

ID hlášení: b22a9f84-11f6-40a2-935f-60b10452ae55

Úplný název balíčku s chybou:

ID aplikace relativní podle balíčku s chybou:

Typ zablokování: Unknown

Error: (09/24/2025 08:37:18 AM) (Source: Microsoft-Windows-Defrag) (EventID: 264) (User: )
Description: Optimalizátor úložiště nemohl dokončit opakovat operaci trim na darkane (X:), protože: Požadovaná operace není podporována hardwarem, který zálohuje svazek. (0x8900002A)

Error: (09/23/2025 07:57:56 AM) (Source: Application Error) (EventID: 1000) (User: )
Description: Název chybující aplikace: AdobeCollabSync.exe, verze: 25.1.20693.0, časové razítko: 0x68bdf30f
Název chybujícího modulu: ucrtbase.dll, verze: 10.0.19041.3636, časové razítko: 0x81cf5d89
Kód výjimky: 0xc0000409
Posun chyby: 0x000000000007286e
ID chybujícího procesu: 0x1a74
Čas spuštění chybující aplikace: 0x01dc2c4f01b87a76
Cesta k chybující aplikaci: C:\Program Files\Adobe\Acrobat DC\Acrobat\AdobeCollabSync.exe
Cesta k chybujícímu modulu: C:\Windows\System32\ucrtbase.dll
ID zprávy: 5547249e-ed08-49c8-b615-6980986d9f12
Úplný název chybujícího balíčku:
ID aplikace související s chybujícím balíčkem:

Error: (09/19/2025 08:13:25 PM) (Source: Application Error) (EventID: 1000) (User: )
Description: Název chybující aplikace: svchost.exe_FrameServer, verze: 10.0.19041.5794, časové razítko: 0x11bd0919
Název chybujícího modulu: RsProvider.dll, verze: 1.12.0.0, časové razítko: 0x55819a12
Kód výjimky: 0xc0000005
Posun chyby: 0x0000000000024bda
ID chybujícího procesu: 0x5dc
Čas spuštění chybující aplikace: 0x01dc299108c887f7
Cesta k chybující aplikaci: C:\Windows\System32\svchost.exe
Cesta k chybujícímu modulu: C:\Analog\Providers\RsProvider.dll
ID zprávy: 9be332ac-2839-4580-9329-f169edb8c291
Úplný název chybujícího balíčku:
ID aplikace související s chybujícím balíčkem:


System errors:
=============
Error: (10/16/2025 02:06:05 PM) (Source: Service Control Manager) (EventID: 7000) (User: )
Description: Služba AGSService neuspěla při spuštění v důsledku následující chyby:
Systém nemůže nalézt uvedený soubor.

Error: (10/16/2025 02:06:04 PM) (Source: EventLog) (EventID: 6008) (User: )
Description: Předchozí vypnutí systému (13:56:35, ‎16.‎10.‎2025) bylo neočekávané.

Error: (10/15/2025 01:19:09 PM) (Source: Service Control Manager) (EventID: 7000) (User: )
Description: Služba AGSService neuspěla při spuštění v důsledku následující chyby:
Systém nemůže nalézt uvedený soubor.

Error: (10/15/2025 01:19:08 PM) (Source: EventLog) (EventID: 6008) (User: )
Description: Předchozí vypnutí systému (12:39:46, ‎15.‎10.‎2025) bylo neočekávané.

Error: (10/14/2025 09:47:21 PM) (Source: DCOM) (EventID: 10010) (User: SUBOTNIKOVA)
Description: Server Microsoft.Windows.ContentDeliveryManager_10.0.19041.4239_neutral_neutral_cw5n1h2txyewy!App.AppXwdz8g2fxr36xz0tdtagygnvemf85s7gg.mca se v daném časovém limitu neregistroval u služby DCOM.

Error: (10/14/2025 12:47:53 PM) (Source: Service Control Manager) (EventID: 7000) (User: )
Description: Služba AGSService neuspěla při spuštění v důsledku následující chyby:
Systém nemůže nalézt uvedený soubor.

Error: (10/14/2025 08:40:16 AM) (Source: Service Control Manager) (EventID: 7000) (User: )
Description: Služba AGSService neuspěla při spuštění v důsledku následující chyby:
Systém nemůže nalézt uvedený soubor.

Error: (10/11/2025 10:34:55 PM) (Source: DCOM) (EventID: 10010) (User: SUBOTNIKOVA)
Description: Server Microsoft.Windows.ContentDeliveryManager_10.0.19041.4239_neutral_neutral_cw5n1h2txyewy!App.AppXwdz8g2fxr36xz0tdtagygnvemf85s7gg.mca se v daném časovém limitu neregistroval u služby DCOM.


Windows Defender:
================
Date: 2025-10-16 16:27:15
Description:
Antivirová ochrana v programu Microsoft Defender šĉàŋ ђåŝ ъėëп şţǿрρєđ ъεƒõŕė ςόмφℓеŧιοл.%ñ %ŧЅċǻⁿ ĨĎ:%ъ{A8E89D79-AAF3-402C-8CF5-358D2E7308C2}%и %ţŠ¢åή Ŧγρэ:%ьAntimalwarový program%ñ %τŜčдⁿ Рâŕǻмет℮гş:%ъRychlé prohledávání%л %тŮŝέя:%ъSUBOTNIKOVA\Admin%ⁿ %ţŞťορ Ŗèǻśõп:%вΑвοѓŧ℮ď ъγ τħë ĉĺіэпŧ

Date: 2025-10-16 13:14:09
Description:
Antivirová ochrana v programu Microsoft Defender šĉàŋ ђåŝ ъėëп şţǿрρєđ ъεƒõŕė ςόмφℓеŧιοл.%ñ %ŧЅċǻⁿ ĨĎ:%ъ{215F9645-ED1B-4AA1-84FB-4D176A6866F7}%и %ţŠ¢åή Ŧγρэ:%ьAntimalwarový program%ñ %τŜčдⁿ Рâŕǻмет℮гş:%ъRychlé prohledávání%л %тŮŝέя:%ъNT AUTHORITY\SYSTEM%ⁿ %ţŞťορ Ŗèǻśõп:%вЯΡĊ ¢óņпęçτϊõп гůńđоẁπ

Date: 2025-10-15 12:16:15
Description:
Antivirová ochrana v programu Microsoft Defender šĉàŋ ђåŝ ъėëп şţǿрρєđ ъεƒõŕė ςόмφℓеŧιοл.%ñ %ŧЅċǻⁿ ĨĎ:%ъ{BCE0B349-BBE2-48C2-B995-BFB5C554C9B6}%и %ţŠ¢åή Ŧγρэ:%ьAntimalwarový program%ñ %τŜčдⁿ Рâŕǻмет℮гş:%ъRychlé prohledávání%л %тŮŝέя:%ъNT AUTHORITY\SYSTEM%ⁿ %ţŞťορ Ŗèǻśõп:%вЯΡĊ ¢óņпęçτϊõп гůńđоẁπ

Date: 2025-10-13 12:20:00
Description:
Antivirová ochrana v programu Microsoft Defender šĉàŋ ђåŝ ъėëп şţǿрρєđ ъεƒõŕė ςόмφℓеŧιοл.%ñ %ŧЅċǻⁿ ĨĎ:%ъ{9AC7B08F-ADBB-437D-A66A-02B56DCA9341}%и %ţŠ¢åή Ŧγρэ:%ьAntimalwarový program%ñ %τŜčдⁿ Рâŕǻмет℮гş:%ъRychlé prohledávání%л %тŮŝέя:%ъNT AUTHORITY\SYSTEM%ⁿ %ţŞťορ Ŗèǻśõп:%вŠĉђэδџŀêđ śĉąŋ щªѕ ŝќïрρęđ ъęćâџŝĕ ţħĕ ℓάšť ѕµ¢¢ëšśƒùļ ѕсǻπ ẃāš ẅīтђĭń τћз ļàśť 7 δαýŝ

Date: 2025-10-12 12:47:16
Description:
Antivirová ochrana v programu Microsoft Defender šĉàŋ ђåŝ ъėëп şţǿрρєđ ъεƒõŕė ςόмφℓеŧιοл.%ñ %ŧЅċǻⁿ ĨĎ:%ъ{048EEDD6-8658-4300-927C-D29316B55CAC}%и %ţŠ¢åή Ŧγρэ:%ьAntimalwarový program%ñ %τŜčдⁿ Рâŕǻмет℮гş:%ъRychlé prohledávání%л %тŮŝέя:%ъNT AUTHORITY\SYSTEM%ⁿ %ţŞťορ Ŗèǻśõп:%вŠĉђэδџŀêđ śĉąŋ щªѕ ŝќïрρęđ ъęćâџŝĕ ţħĕ ℓάšť ѕµ¢¢ëšśƒùļ ѕсǻπ ẃāš ẅīтђĭń τћз ļàśť 7 δαýŝ
Event[0]:

Date: 2025-06-05 08:00:28
Description:
Antivirová ochrana v programu Microsoft Defender narazil na chybu při pokusu o aktualizaci bezpečnostních informací.
Nová verze bezpečnostních informací:
Předchozí verze bezpečnostních informací: 1.429.327.0
Zdroj aktualizace: Server Microsoft Update
Typ bezpečnostních informací: Antivirový program
Typ aktualizace: Úplné
Uživatel: NT AUTHORITY\SYSTEM
Aktuální verze modulu:
Předchozí verze modulu: 1.1.25040.1
Kód chyby: 0x8024402c
Popis chyby: Při zjišťování aktualizací došlo k neočekávaným potížím. Informace o instalaci nebo řešení potíží s aktualizacemi naleznete v nápovědě a podpoře.

Date: 2025-04-23 09:24:00
Description:
Microsoft Defender Antivirus narazil na chybu při pokusu o aktualizaci bezpečnostních informací.
Nová verze bezpečnostních informací:
Předchozí verze bezpečnostních informací: 1.427.361.0
Zdroj aktualizace: Microsoft Update Server
Typ bezpečnostních informací: AntiVirus
Typ aktualizace: Full
Uživatel: NT AUTHORITY\SYSTEM
Aktuální verze modulu:
Předchozí verze modulu: 1.1.25030.1
Kód chyby: 0x8024402c
Popis chyby: An unexpected problem occurred while checking for updates. For information on installing or troubleshooting updates, see Help and Support.

CodeIntegrity:
===============
Date: 2025-04-01 07:52:40
Description:
Code Integrity determined that a process (\Device\HarddiskVolume3\ProgramData\Microsoft\Windows Defender\Platform\4.18.25010.11-0\MsMpEng.exe) attempted to load \Device\HarddiskVolume3\Windows\System32\DriverStore\FileRepository\igdlh64.inf_amd64_d44295a98a21a376\igd10iumd64.dll that did not meet the Custom 3 / Antimalware signing level requirements.


==================== Memory info ===========================

BIOS: LENOVO M1BKT39A 06/21/2018
Motherboard: LENOVO 3110
Processor: Intel(R) Core(TM) i5-7500 CPU @ 3.40GHz
Percentage of memory in use: 53%
Total physical RAM: 8085.54 MB
Available physical RAM: 3744.67 MB
Total Virtual: 9365.54 MB
Available Virtual: 4998.01 MB

==================== Drives ================================

Drive c: () (Fixed) (Total:237.85 GB) (Free:33.35 GB) (Model: SAMSUNG MZVLB256HAHQ-000L7) NTFS

\\?\Volume{8144f54e-3bbb-42c6-83fd-da2c9438b167}\ () (Fixed) (Total:0.51 GB) (Free:0.08 GB) NTFS
\\?\Volume{d2e7f574-4665-4502-9997-dfa479443cd8}\ () (Fixed) (Total:0.09 GB) (Free:0.07 GB) FAT32

==================== MBR & Partition Table ====================

==========================================================
Disk: 0 (Size: 238.5 GB) (Disk ID: 4596D9D7)

Partition: GPT.

==================== End of Addition.txt =======================

Zdravím!
Spusťte nejprve tuto utilitu:

Ulozte na plochu AdwCleaner https://malwarebytes.com/adwcleaner/ nebo http://www.bleepingcomputer.com/download/adwcleaner/

ukoncete vsechny programy
odsouhlaste licencni podmiky (EULA) klikem na Souhlasim
kliknete pravym na ikonu AdwCleaneru a vyberte Spustit jako spravce (v pripade Win XP spustte obycejne dvojklikem)
kliknete na Skenovat nyni (Scan now), pote na Cisteni a opravy (Clean and Repair)
po restartu na Vas vyskoci log (pripadne jej najdete v C:\AdwCleaner\Logs\AdwCleaner[Cxx].txt), jehoz obsah zkopirujte do pristi odpovedi

# -------------------------------
# Malwarebytes AdwCleaner 8.6.0.613
# -------------------------------
# Build: 08-19-2025
# Database: 2025-08-19.3 (Cloud)
# Support: https://www.malwarebytes.com/support
#
# -------------------------------
# Mode: Clean
# -------------------------------
# Start: 10-16-2025
# Duration: 00:00:00
# OS: Windows 10 (Build 19045.6396)
# Cleaned: 0
# Failed: 0


***** [ Services ] *****

No malicious services cleaned.

***** [ Folders ] *****

No malicious folders cleaned.

***** [ Files ] *****

No malicious files cleaned.

***** [ DLL ] *****

No malicious DLLs cleaned.

***** [ WMI ] *****

No malicious WMI cleaned.

***** [ Shortcuts ] *****

No malicious shortcuts cleaned.

***** [ Tasks ] *****

No malicious tasks cleaned.

***** [ Registry ] *****

No malicious registry entries cleaned.

***** [ Chromium (and derivatives) ] *****

No malicious Chromium entries cleaned.

***** [ Chromium URLs ] *****

No malicious Chromium URLs cleaned.

***** [ Firefox (and derivatives) ] *****

No malicious Firefox entries cleaned.

***** [ Firefox URLs ] *****

No malicious Firefox URLs cleaned.

***** [ Hosts File Entries ] *****

No malicious hosts file entries cleaned.

***** [ Preinstalled Software ] *****

No Preinstalled Software cleaned.


*************************

[+] Delete Tracing Keys
[+] Reset Winsock

*************************

AdwCleaner[S00].txt - [1422 octets] - [16/10/2025 17:33:24]
AdwCleaner[S01].txt - [1483 octets] - [16/10/2025 17:34:48]

########## EOF - C:\AdwCleaner\Logs\AdwCleaner[C01].txt ##########

Toto je OK. Otevřte poznámkový blok a zkopírujte do něj:

Start

CloseProcesses:
FF Notifications: Mozilla\Firefox\Profiles\s82nlhr8.default-release-1720340111013 -> hxxps://www.blancheporte.cz; hxxps://csuange071bc738pvdcg.enhanceconnection.co.in; hxxps://csupkhu071bc739s22t0.enhanceconnection.co.in; hxxps://csuplv6071bc739s4n6g.enhanceprotocol.co.in; hxxps://csupmom071bc739s67b0.enhanceconnection.co.in; hxxps://84b7wjb8o9qv2g.enhanceconnection.co.in; hxxps://cvpbjq6071bc73ahmb0g.stabilizeconnection.co.in; hxxps://d3ofqlm071bc73824tb0.vynexbotshield.co.in
C:\DumpStack.log.tmp
CustomCLSID: HKU\S-1-5-21-3260051251-3003698751-2184876508-1001_Classes\CLSID\{1C67DF85-7959-43C0-92F8-2CAD0314C31C}\InprocServer32 -> C:\Users\Admin\AppData\Local\Microsoft\EdgeUpdate\1.3.201.11\psuser_64.dll => No File
CustomCLSID: HKU\S-1-5-21-3260051251-3003698751-2184876508-1001_Classes\CLSID\{41B09861-5409-4D44-8CA4-D49FBFAA2E6F}\InprocServer32 -> C:\Users\Admin\AppData\Local\Microsoft\EdgeUpdate\1.3.195.49\psuser_64.dll => No File
CustomCLSID: HKU\S-1-5-21-3260051251-3003698751-2184876508-1001_Classes\CLSID\{79F05C14-E714-4C12-9924-93C812894CB0}\InprocServer32 -> C:\Users\Admin\AppData\Local\Microsoft\EdgeUpdate\1.3.195.57\psuser_64.dll => No File
CustomCLSID: HKU\S-1-5-21-3260051251-3003698751-2184876508-1001_Classes\CLSID\{7EFB4924-4B93-4C43-9832-9C3D05E85214}\InprocServer32 -> C:\Users\Admin\AppData\Local\Microsoft\EdgeUpdate\1.3.195.59\psuser_64.dll => No File
CustomCLSID: HKU\S-1-5-21-3260051251-3003698751-2184876508-1001_Classes\CLSID\{C88B3957-621C-415B-8EE5-B688FC7EF924}\InprocServer32 -> C:\Users\Admin\AppData\Local\Microsoft\EdgeUpdate\1.3.195.61\psuser_64.dll => No File
CustomCLSID: HKU\S-1-5-21-3260051251-3003698751-2184876508-1001_Classes\CLSID\{D2188EEC-2B0F-488C-8ECA-5285E8ECD87D}\InprocServer32 -> C:\Users\Admin\AppData\Local\Microsoft\EdgeUpdate\1.3.195.69\psuser_64.dll => No File
CustomCLSID: HKU\S-1-5-21-3260051251-3003698751-2184876508-1001_Classes\CLSID\{D8599F80-3D26-46D2-8CF1-0AD21B0ECF31}\InprocServer32 -> C:\Users\Admin\AppData\Local\Microsoft\EdgeUpdate\1.3.195.65\psuser_64.dll => No File
CustomCLSID: HKU\S-1-5-21-3260051251-3003698751-2184876508-1001_Classes\CLSID\{ECCE2756-C45D-4E13-BC2D-EC9F138997E6}\InprocServer32 -> C:\Users\Admin\AppData\Local\Microsoft\EdgeUpdate\1.3.199.11\psuser_64.dll => No File
AlternateDataStreams: C:\ProgramData\TEMP:8934AEBA [138]

EmptyTemp:
End

Uložte na plochu jako fixlist.txt. Spusťte znovu FRST a klikněte na >Fix<. Po skončení akce se objeví log, který sem zkopírujte.

Fix result of Farbar Recovery Scan Tool (x64) Version: 11-10-2025
Ran by Admin (16-10-2025 17:59:49) Run:5
Running from C:\Users\Admin\Desktop
Loaded Profiles: Admin
Boot Mode: Normal
==============================================

fixlist content:
*****************
Start

CloseProcesses:
FF Notifications: Mozilla\Firefox\Profiles\s82nlhr8.default-release-1720340111013 -> hxxps://www.blancheporte.cz; hxxps://csuange071bc738pvdcg.enhanceconnection.co.in; hxxps://csupkhu071bc739s22t0.enhanceconnection.co.in; hxxps://csuplv6071bc739s4n6g.enhanceprotocol.co.in; hxxps://csupmom071bc739s67b0.enhanceconnection.co.in; hxxps://84b7wjb8o9qv2g.enhanceconnection.co.in; hxxps://cvpbjq6071bc73ahmb0g.stabilizeconnection.co.in; hxxps://d3ofqlm071bc73824tb0.vynexbotshield.co.in
C:\DumpStack.log.tmp
CustomCLSID: HKU\S-1-5-21-3260051251-3003698751-2184876508-1001_Classes\CLSID\{1C67DF85-7959-43C0-92F8-2CAD0314C31C}\InprocServer32 -> C:\Users\Admin\AppData\Local\Microsoft\EdgeUpdate\1.3.201.11\psuser_64.dll => No File
CustomCLSID: HKU\S-1-5-21-3260051251-3003698751-2184876508-1001_Classes\CLSID\{41B09861-5409-4D44-8CA4-D49FBFAA2E6F}\InprocServer32 -> C:\Users\Admin\AppData\Local\Microsoft\EdgeUpdate\1.3.195.49\psuser_64.dll => No File
CustomCLSID: HKU\S-1-5-21-3260051251-3003698751-2184876508-1001_Classes\CLSID\{79F05C14-E714-4C12-9924-93C812894CB0}\InprocServer32 -> C:\Users\Admin\AppData\Local\Microsoft\EdgeUpdate\1.3.195.57\psuser_64.dll => No File
CustomCLSID: HKU\S-1-5-21-3260051251-3003698751-2184876508-1001_Classes\CLSID\{7EFB4924-4B93-4C43-9832-9C3D05E85214}\InprocServer32 -> C:\Users\Admin\AppData\Local\Microsoft\EdgeUpdate\1.3.195.59\psuser_64.dll => No File
CustomCLSID: HKU\S-1-5-21-3260051251-3003698751-2184876508-1001_Classes\CLSID\{C88B3957-621C-415B-8EE5-B688FC7EF924}\InprocServer32 -> C:\Users\Admin\AppData\Local\Microsoft\EdgeUpdate\1.3.195.61\psuser_64.dll => No File
CustomCLSID: HKU\S-1-5-21-3260051251-3003698751-2184876508-1001_Classes\CLSID\{D2188EEC-2B0F-488C-8ECA-5285E8ECD87D}\InprocServer32 -> C:\Users\Admin\AppData\Local\Microsoft\EdgeUpdate\1.3.195.69\psuser_64.dll => No File
CustomCLSID: HKU\S-1-5-21-3260051251-3003698751-2184876508-1001_Classes\CLSID\{D8599F80-3D26-46D2-8CF1-0AD21B0ECF31}\InprocServer32 -> C:\Users\Admin\AppData\Local\Microsoft\EdgeUpdate\1.3.195.65\psuser_64.dll => No File
CustomCLSID: HKU\S-1-5-21-3260051251-3003698751-2184876508-1001_Classes\CLSID\{ECCE2756-C45D-4E13-BC2D-EC9F138997E6}\InprocServer32 -> C:\Users\Admin\AppData\Local\Microsoft\EdgeUpdate\1.3.199.11\psuser_64.dll => No File
AlternateDataStreams: C:\ProgramData\TEMP:8934AEBA [138]

EmptyTemp:
End
*****************

Processes closed successfully.
"FF Notifications:" => removed successfully
Could not move "C:\DumpStack.log.tmp" => Scheduled to move on reboot.
HKU\S-1-5-21-3260051251-3003698751-2184876508-1001_Classes\CLSID\{1C67DF85-7959-43C0-92F8-2CAD0314C31C} => removed successfully
HKU\S-1-5-21-3260051251-3003698751-2184876508-1001_Classes\CLSID\{41B09861-5409-4D44-8CA4-D49FBFAA2E6F} => removed successfully
HKU\S-1-5-21-3260051251-3003698751-2184876508-1001_Classes\CLSID\{79F05C14-E714-4C12-9924-93C812894CB0} => removed successfully
HKU\S-1-5-21-3260051251-3003698751-2184876508-1001_Classes\CLSID\{7EFB4924-4B93-4C43-9832-9C3D05E85214} => removed successfully
HKU\S-1-5-21-3260051251-3003698751-2184876508-1001_Classes\CLSID\{C88B3957-621C-415B-8EE5-B688FC7EF924} => removed successfully
HKU\S-1-5-21-3260051251-3003698751-2184876508-1001_Classes\CLSID\{D2188EEC-2B0F-488C-8ECA-5285E8ECD87D} => removed successfully
HKU\S-1-5-21-3260051251-3003698751-2184876508-1001_Classes\CLSID\{D8599F80-3D26-46D2-8CF1-0AD21B0ECF31} => removed successfully
HKU\S-1-5-21-3260051251-3003698751-2184876508-1001_Classes\CLSID\{ECCE2756-C45D-4E13-BC2D-EC9F138997E6} => removed successfully
C:\ProgramData\TEMP => ":8934AEBA" ADS removed successfully

=========== EmptyTemp: ==========

FlushDNS => completed
BITS transfer queue => 1572864 B
DOMStore, IE Recovery, AppCache, Feeds Cache, Thumbcache, IconCache => 1342326911 B
Java, Discord, Steam htmlcache, WinHttpAutoProxySvc/winhttp *.cache => 0 B
Windows/system/drivers => 35143237 B
Edge => 0 B
Chrome => 341362125 B
Firefox => 1694976256 B
Opera => 0 B

Temp, IE cache, history, cookies, recent:
Default => 0 B
ProgramData => 0 B
Public => 0 B
systemprofile => 87550718 B
systemprofile32 => 87550718 B
LocalService => 87550718 B
NetworkService => 87717510 B
Admin => 414385016 B

RecycleBin => 6307951 B
EmptyTemp: => 3.9 GB temporary data Removed.

================================

Result of scheduled files to move (Boot Mode: Normal) (Date&Time: 16-10-2025 18:10:36)

C:\DumpStack.log.tmp => Could not move

==== End of Fixlog 18:10:36 ====

Smazáno. Nastala nějaká změna?

Vypadá to, že je vše v pořádku. Mockrát děkuji za pomoc.
Ještě otázečka dal by se tento fix použít, kdyby se mi to stalo znovu.
Ještě jednou děkuji

Samozřejmě dal, ale musí tam být obsaženy autentické položky, které se budou v daném případě v PC vyskytovat. jinak řečeno - musí být sestaven zcela nový mazací skript. Skript je stále stejny (má stejné schéma, jen položky mohou být jiné). Nemáte zač!