Dobrý den, prosím o konrolu logu.
Neustále vyskakující info okna v pravo dole z Firefoxu, že je pc infikován, viru atd.
Zkoušel jsem Malwarebytes a nic.
Děkuji Jarda
Scan result of Farbar Recovery Scan Tool (FRST) (x64) Version: 18-11-2024
Ran by Admin (administrator) on SUBOTNIKOVA (LENOVO 10NS000DMC) (19-11-2024 17:01:03)
Running from C:\Users\Admin\Desktop\FRST64.exe
Loaded Profiles: Admin
Platform: Microsoft Windows 10 Pro Version 22H2 19045.5131 (X64) Language: Čeština (Česko)
Default browser: FF
Boot Mode: Normal
==================== Processes (Whitelisted) =================
(If an entry is included in the fixlist, the process will be closed. The file will not be moved.)
(C:\Program Files\Malwarebytes\Anti-Malware\MBAMService.exe ->) (Malwarebytes Inc. -> ) C:\Program Files\Malwarebytes\Anti-Malware\MBAMCrashHandler.exe
(C:\Program Files\Malwarebytes\Anti-Malware\MBAMService.exe ->) (Malwarebytes Inc. -> Malwarebytes) C:\Program Files\Malwarebytes\Anti-Malware\Malwarebytes.exe
(C:\Program Files\Realtek\Audio\HDA\RtkAudioService64.exe ->) (Realtek Semiconductor Corp. -> Realtek Semiconductor) C:\Program Files\Realtek\Audio\HDA\RAVBg64.exe
(Mozilla Corporation -> Mozilla Corporation) C:\Program Files\Mozilla Firefox\firefox.exe <14>
(services.exe ->) (HP Inc. -> HP Inc.) C:\Program Files\HPPrintScanDoctor\HPPrintScanDoctorService.exe
(services.exe ->) (Intel Corporation -> Intel Corporation) C:\Windows\System32\DriverStore\FileRepository\lms.inf_amd64_a55aa2cd52a3429d\LMS.exe
(services.exe ->) (Logitech Inc -> Logitech, Inc.) C:\Program Files\LGHUB\lghub_updater.exe
(services.exe ->) (Malwarebytes Inc. -> Malwarebytes) C:\Program Files\Malwarebytes\Anti-Malware\MBAMService.exe
(services.exe ->) (Microsoft Corporation -> Microsoft Corporation) C:\Windows\Microsoft.NET\Framework64\v3.0\WPF\PresentationFontCache.exe
(services.exe ->) (Realtek Semiconductor Corp. -> Realtek Semiconductor) C:\Program Files\Realtek\Audio\HDA\RtkAudioService64.exe
(sihost.exe ->) (Microsoft Corporation -> Microsoft Corporation) C:\Program Files\WindowsApps\Microsoft.WindowsCalculator_11.2409.0.0_x64__8wekyb3d8bbwe\CalculatorApp.exe
(svchost.exe ->) (Microsoft Windows -> Microsoft Corporation) C:\Windows\ImmersiveControlPanel\SystemSettings.exe
(svchost.exe ->) (Microsoft Windows -> Microsoft Corporation) C:\Windows\System32\smartscreen.exe
==================== Registry (Whitelisted) ===================
(If an entry is included in the fixlist, the registry item will be restored to default or removed. The file will not be moved.)
HKLM\...\Run: [RTHDVCPL] => C:\Program Files\Realtek\Audio\HDA\RAVCpl64.exe [19677472 2020-06-30] (Realtek Semiconductor Corp. -> Realtek Semiconductor)
HKLM\...\Run: [RtHDVBg_Dolby] => C:\Program Files\Realtek\Audio\HDA\RAVBg64.exe [3618080 2020-06-30] (Realtek Semiconductor Corp. -> Realtek Semiconductor)
HKLM\...\Run: [RtsCM] => C:\Windows\RTSCM64.EXE [210688 2015-10-13] (Realtek Semiconductor Corp -> Realtek Semiconductor Corp.)
HKLM\...\Run: [Logitech Download Assistant] => C:\Windows\system32\rundll32.exe C:\Windows\System32\LogiLDA.dll,LogiFetch [3831808 2021-08-30] (Microsoft Windows Hardware Compatibility Publisher -> Logitech)
HKLM\...\Run: [AdobeAAMUpdater-1.0] => C:\Program Files (x86)\Common Files\Adobe\OOBE\PDApp\UWA\UpdaterStartupUtility.exe [509936 2018-04-11] (Adobe Systems Incorporated -> Adobe Systems Incorporated)
HKLM\...\Run: [AdobeGCInvoker-1.0] => "C:\Program Files (x86)\Common Files\Adobe\AdobeGCClient\AGCInvokerUtility.exe" (No File)
HKLM-x32\...\Run: [Adobe CCXProcess] => C:\Program Files (x86)\Adobe\Adobe Creative Cloud Experience\CCXProcess.exe [129288 2023-12-04] (Adobe Inc. -> )
HKLM-x32\...\Run: [Wondershare Helper Compact.exe] => C:\Program Files (x86)\Common Files\Wondershare\Wondershare Helper Compact\WSHelper.exe [2133728 2017-09-12] (Wondershare Technology Co.,Ltd -> Wondershare)
HKLM\SOFTWARE\Microsoft\Windows Defender: [DisableAntiSpyware] Restriction <==== ATTENTION
HKLM\SOFTWARE\Microsoft\Windows Defender: [DisableAntiVirus] Restriction <==== ATTENTION
HKU\S-1-5-21-3260051251-3003698751-2184876508-1001\...\Run: [Microsoft Edge Update] => C:\Users\Admin\AppData\Local\Microsoft\EdgeUpdate\1.3.195.35\MicrosoftEdgeUpdateCore.exe [268368 2024-11-09] (Microsoft Corporation -> Microsoft Corporation)
HKU\S-1-5-21-3260051251-3003698751-2184876508-1001\...\Run: [MicrosoftEdgeAutoLaunch_5EFC0ECB77A7585FE9DCDD0B2E946A2B] => "C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --no-startup-window --win-session-start [3911248 2024-11-15] (Microsoft Corporation -> Microsoft Corporation)
HKU\S-1-5-21-3260051251-3003698751-2184876508-1001\...\Run: [LGHUB] => C:\Program Files\LGHUB\system_tray\lghub_system_tray.exe [46525336 2024-09-18] (Logitech Inc -> Logitech, Inc.)
HKLM\...\Print\Monitors\Adobe PDF Port Monitor: C:\Windows\system32\AdobePDF.dll [203936 2024-08-23] (Adobe Inc. -> Adobe Systems Inc)
==================== Scheduled Tasks (Whitelisted) =================
(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)
Task: {73AFF84F-BC25-40CE-9741-CC5D41D10C8A} - System32\Tasks\Adobe Acrobat Update Task => C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\AdobeARM.exe [1574856 2024-09-25] (Adobe Inc. -> Adobe Inc.)
Task: {B6266A86-629C-4BB7-9138-4664933983AA} - System32\Tasks\AdobeGCInvoker-1.0 => C:\Program Files (x86)\Common Files\Adobe\AdobeGCClient\AGCInvokerUtility.exe -mode=scheduled (No File)
Task: {4B8FDACC-D932-4A3B-BAF2-40A938330993} - System32\Tasks\Adobe-Genuine-Software-Integrity-Scheduler-1.0 => C:\Program Files (x86)\Common Files\Adobe\AdobeGCClient\AGSService.exe (No File)
Task: {02627AB1-E914-45E9-A7A8-858D01B2FDEC} - System32\Tasks\HP\HP Print Scan Doctor\Printer Health Monitor => C:\Program Files\HPPrintScanDoctor\HPPrinterHealthMonitor.exe [64976 2024-10-16] (HP Inc. -> HP Inc.)
Task: {C95517C4-90F8-4705-B9E1-EB3A8D66B695} - System32\Tasks\HP\HP Print Scan Doctor\Printer Health Monitor Logon => C:\Program Files\HPPrintScanDoctor\HPPrinterHealthMonitor.exe [64976 2024-10-16] (HP Inc. -> HP Inc.)
Task: {9C0F3D65-0FB9-4462-B5C5-76E61A2B22E8} - System32\Tasks\Microsoft\Office\Office 15 Subscription Heartbeat => C:\Program Files\Common Files\Microsoft Shared\Office16\OLicenseHeartbeat.exe [316632 2015-07-31] (Microsoft Corporation -> Microsoft Corporation)
Task: {5676E42E-83BC-4017-B61D-F2569C0E5D42} - System32\Tasks\Microsoft\Office\OfficeTelemetryAgentFallBack2016 => C:\Program Files\Microsoft Office\Office16\msoia.exe [416432 2015-07-31] (Microsoft Corporation -> Microsoft Corporation)
Task: {AE0A42B0-3DE2-470D-959F-F5797ED08086} - System32\Tasks\Microsoft\Office\OfficeTelemetryAgentLogOn2016 => C:\Program Files\Microsoft Office\Office16\msoia.exe [416432 2015-07-31] (Microsoft Corporation -> Microsoft Corporation)
Task: {47517ABE-3A89-4F20-9C0E-412C4085E3FB} - System32\Tasks\MicrosoftEdgeUpdateTaskUserS-1-5-21-3260051251-3003698751-2184876508-1001Core{345A1CD2-8F45-4CFA-9785-0D4EAC18957A} => C:\Users\Admin\AppData\Local\Microsoft\EdgeUpdate\MicrosoftEdgeUpdate.exe [205880 2023-12-01] (Microsoft Corporation -> Microsoft Corporation)
Task: {51836913-F8DB-4088-B56B-1588D612C189} - System32\Tasks\MicrosoftEdgeUpdateTaskUserS-1-5-21-3260051251-3003698751-2184876508-1001UA{152E6660-A07E-4644-B395-8FEB8768CA9A} => C:\Users\Admin\AppData\Local\Microsoft\EdgeUpdate\MicrosoftEdgeUpdate.exe [205880 2023-12-01] (Microsoft Corporation -> Microsoft Corporation)
Task: {6AFA0292-089B-4818-8090-11752BF4A6B0} - System32\Tasks\Mozilla\Firefox Background Update 308046B0AF4A39CB => C:\Program Files\Mozilla Firefox\firefox.exe [671808 2024-11-13] (Mozilla Corporation -> Mozilla Corporation) -> C:\ProgramData\Mozilla-1de4eec8-1241-4177-a864-e594e8d1fb38\updates\308046B0AF4A39CB\--MOZ_LOG sync,prependheader,timestamp,append,maxsize:1,Dump:5 --MOZ_LOG_FILE C:\ProgramData\Mozilla-1de4eec8-1241-4177-a864-e594e8d1fb38\updates\308046B0AF4A39CB\backgroundupdate.moz_log --backgroundtask background (the data entry has 6 more characters).
Task: {F5CE98CF-A801-4C06-8C34-9E0214F21F95} - System32\Tasks\Mozilla\Firefox Background Update S-1-5-21-3260051251-3003698751-2184876508-1001 308046B0AF4A39CB => C:\Program Files\Mozilla Firefox\firefox.exe [671808 2024-11-13] (Mozilla Corporation -> Mozilla Corporation) -> C:\ProgramData\Mozilla-1de4eec8-1241-4177-a864-e594e8d1fb38\updates\308046B0AF4A39CB\--MOZ_LOG sync,prependheader,timestamp,append,maxsize:1,Dump:5 --MOZ_LOG_FILE C:\ProgramData\Mozilla-1de4eec8-1241-4177-a864-e594e8d1fb38\updates\308046B0AF4A39CB\backgroundupdate.moz_log --backgroundtask background (the data entry has 6 more characters).
Task: {97E7813E-6112-4A54-AF6E-2AA755CC1AB0} - System32\Tasks\Mozilla\Firefox Default Browser Agent 308046B0AF4A39CB => C:\Program Files\Mozilla Firefox\default-browser-agent.exe [34368 2024-11-13] (Mozilla Corporation -> Mozilla Foundation)
(If an entry is included in the fixlist, the task (.job) file will be moved. The file which is running by the task will not be moved.)
==================== Internet (Whitelisted) ====================
(If an item is included in the fixlist, if it is a registry item it will be removed or restored to default.)
Hosts: There are more than one entry in Hosts. See Hosts section of Addition.txt
Tcpip\Parameters: [DhcpNameServer] 10.0.1.1 8.8.8.8 1.1.1.1
Tcpip\..\Interfaces\{6b3ac2e9-1049-4fb1-a102-8a589bddfa08}: [DhcpNameServer] 10.0.1.1 8.8.8.8 1.1.1.1
Edge:
=======
Edge DefaultProfile: Default
Edge Profile: C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default [2024-10-13]
Edge Extension: (Dokumenty Google offline) - C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\Extensions\ghbmnnjooekpmoecnnnilnnbdlolhkhi [2024-03-26]
Edge Extension: (Edge relevant text changes) - C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\Extensions\jmjflgjpcpepeafmmgdpfkogkghcpiha [2024-01-24]
Edge HKLM\...\Edge\Extension: [bojobppfploabceghnmlahpoonbcbacn]
Edge HKLM-x32\...\Edge\Extension: [bojobppfploabceghnmlahpoonbcbacn]
FireFox:
========
FF DefaultProfile: wecs4sq7.default
FF ProfilePath: C:\Users\Admin\AppData\Roaming\Mozilla\Firefox\Profiles\wecs4sq7.default [2023-12-01]
FF ProfilePath: C:\Users\Admin\AppData\Roaming\Mozilla\Firefox\Profiles\s82nlhr8.default-release-1720340111013 [2024-11-19]
FF Homepage: Mozilla\Firefox\Profiles\s82nlhr8.default-release-1720340111013 -> hxxps://www.seznam.cz/
FF Notifications: Mozilla\Firefox\Profiles\s82nlhr8.default-release-1720340111013 -> hxxps://www.blancheporte.cz; hxxps://csuange071bc738pvdcg.enhanceconnection.co.in
FF Extension: (Advanced Image Search) - C:\Users\Admin\AppData\Roaming\Mozilla\Firefox\Profiles\s82nlhr8.default-release-1720340111013\Extensions\{9191eef4-82e8-4da5-81a1-dbba6fc650ea}.xpi [2024-07-07]
FF Extension: (Dark Tranquillity Angels) - C:\Users\Admin\AppData\Roaming\Mozilla\Firefox\Profiles\s82nlhr8.default-release-1720340111013\Extensions\{b106e190-78cc-404b-b621-2d37c7769801}.xpi [2024-07-07]
FF HKLM\...\Firefox\Extensions: [web2pdfextension.17@acrobat.adobe.com] - C:\Program Files\Adobe\Acrobat DC\Acrobat\Browser\WCFirefoxExtn\WebExtn\signed_extn\adobe_acrobat-1.0-windows.xpi
FF Extension: (Adobe Acrobat) - C:\Program Files\Adobe\Acrobat DC\Acrobat\Browser\WCFirefoxExtn\WebExtn\signed_extn\adobe_acrobat-1.0-windows.xpi [2021-02-01]
FF HKLM-x32\...\Firefox\Extensions: [web2pdfextension.17@acrobat.adobe.com] - C:\Program Files\Adobe\Acrobat DC\Acrobat\Browser\WCFirefoxExtn\WebExtn\signed_extn\adobe_acrobat-1.0-windows.xpi
FF Plugin: @microsoft.com/SharePoint,version=14.0 -> C:\PROGRA~1\MICROS~2\Office16\NPSPWRAP.DLL [2015-07-31] (Microsoft Corporation -> Microsoft Corporation)
FF Plugin: @videolan.org/vlc,version=3.0.20 -> C:\Program Files\VideoLAN\VLC\npvlc.dll [2023-10-30] (VideoLAN -> VideoLAN)
FF Plugin: Adobe Acrobat -> C:\Program Files\Adobe\Acrobat DC\Acrobat\Air\nppdf32.dll [2024-08-23] (Adobe Inc. -> Adobe Systems Inc.)
FF Plugin-x32: @microsoft.com/Lync,version=15.0 -> C:\Program Files (x86)\Mozilla Firefox\plugins\npmeetingjoinpluginoc.dll [2015-07-31] (Microsoft Corporation -> Microsoft Corporation)
FF Plugin-x32: @microsoft.com/SharePoint,version=14.0 -> C:\PROGRA~2\MICROS~2\Office16\NPSPWRAP.DLL [2015-07-31] (Microsoft Corporation -> Microsoft Corporation)
Chrome:
=======
CHR HKLM\...\Chrome\Extension: [ihcjicgdanjaechkgeegckofjjedodee]
CHR HKU\S-1-5-21-3260051251-3003698751-2184876508-1001\SOFTWARE\Google\Chrome\Extensions\...\Chrome\Extension: [efaidnbmnnnibpcajpcglclefindmkaj]
CHR HKLM-x32\...\Chrome\Extension: [efaidnbmnnnibpcajpcglclefindmkaj]
CHR HKLM-x32\...\Chrome\Extension: [ihcjicgdanjaechkgeegckofjjedodee]
==================== Services (Whitelisted) ===================
(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)
S2 AdobeARMservice; C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\armsvc.exe [172992 2024-09-25] (Adobe Inc. -> Adobe Inc.)
S2 Dolby DAX2 API Service; C:\Program Files\Dolby\Dolby DAX2\DAX2_API\DolbyDAX2API.exe [189464 2020-06-02] (Dolby Laboratories, Inc. -> Dolby Laboratories, Inc.)
R2 HPPrintScanDoctorService; C:\Program Files\HPPrintScanDoctor\HPPrintScanDoctorService.exe [243664 2024-10-16] (HP Inc. -> HP Inc.)
R2 LGHUBUpdaterService; C:\Program Files\LGHUB\lghub_updater.exe [11335576 2024-09-18] (Logitech Inc -> Logitech, Inc.)
R2 MBAMService; C:\Program Files\Malwarebytes\Anti-Malware\MBAMService.exe [9433496 2024-11-19] (Malwarebytes Inc. -> Malwarebytes)
S3 MBVpnTunnelService; C:\Program Files\Malwarebytes\Anti-Malware\MBVpnTunnelService.exe [3073888 2024-11-19] (Malwarebytes Inc. -> Malwarebytes)
S3 MDCoreSvc; C:\ProgramData\Microsoft\Windows Defender\Platform\4.18.24090.11-0\MpDefenderCoreService.exe [1447680 2024-10-31] (Microsoft Windows Publisher -> Microsoft Corporation)
S3 Sense; C:\Program Files\Windows Defender Advanced Threat Protection\MsSense.exe [559368 2024-11-12] (Microsoft Windows Publisher -> Microsoft Corporation)
S3 WdNisSvc; C:\ProgramData\Microsoft\Windows Defender\Platform\4.18.24090.11-0\NisSrv.exe [3199672 2024-10-31] (Microsoft Windows Publisher -> Microsoft Corporation)
S3 WinDefend; C:\ProgramData\Microsoft\Windows Defender\Platform\4.18.24090.11-0\MsMpEng.exe [141952 2024-10-31] (Microsoft Windows Publisher -> Microsoft Corporation)
===================== Drivers (Whitelisted) ===================
(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)
S3 BthHFEnum; C:\Windows\System32\drivers\bthhfenum.sys [144896 2019-12-07] (Microsoft Corporation) [File not signed]
S3 dg_ssudbus; C:\Windows\system32\DRIVERS\ssudbus2.sys [167440 2022-09-30] (Samsung Electronics CO., LTD. -> Samsung Electronics Co., Ltd.)
R1 ESProtectionDriver; C:\Windows\system32\drivers\mbae64.sys [158640 2024-11-19] (Microsoft Windows Hardware Compatibility Publisher -> Malwarebytes)
R3 LBAI; C:\Windows\System32\Drivers\LBAI.sys [23208 2017-11-13] (WDKTestCert Win10P64US,131547553407012624 -> Lenovo)
R3 logi_joy_bus_enum; C:\Windows\system32\drivers\logi_joy_bus_enum.sys [44880 2024-09-21] (Logitech Inc -> Logitech)
S3 logi_joy_vir_hid; C:\Windows\system32\drivers\logi_joy_vir_hid.sys [32080 2024-04-15] (Logitech Inc -> Logitech)
R3 logi_joy_xlcore; C:\Windows\system32\drivers\logi_joy_xlcore.sys [73040 2024-09-21] (Logitech Inc -> Logitech)
R2 mbamchameleon; C:\Windows\System32\Drivers\MbamChameleon.sys [232024 2024-11-19] (Microsoft Windows Hardware Compatibility Publisher -> Malwarebytes)
S0 MbamElam; C:\Windows\System32\DRIVERS\MbamElam.sys [21480 2024-11-19] (Microsoft Windows Early Launch Anti-malware Publisher -> Malwarebytes)
R3 MBAMFarflt; C:\Windows\system32\DRIVERS\farflt.sys [201280 2024-11-19] (Microsoft Windows Hardware Compatibility Publisher -> Malwarebytes)
R3 MBAMProtection; C:\Windows\system32\DRIVERS\mbam.sys [80448 2024-11-19] (Microsoft Windows Hardware Compatibility Publisher -> Malwarebytes)
R3 MBAMSwissArmy; C:\Windows\System32\Drivers\mbamswissarmy.sys [239568 2024-11-19] (Microsoft Windows Hardware Compatibility Publisher -> Malwarebytes)
R3 MBAMWebProtection; C:\Windows\system32\DRIVERS\mwac.sys [189776 2024-11-19] (Malwarebytes Inc. -> Malwarebytes)
S3 ssudmdm; C:\Windows\system32\DRIVERS\ssudmdm.sys [174112 2022-09-30] (Samsung Electronics CO., LTD. -> Samsung Electronics Co., Ltd.)
S3 ss_conn_usb_driver2; C:\Windows\System32\Drivers\ss_conn_usb_driver2.sys [50720 2022-09-30] (Samsung Electronics CO., LTD. -> Samsung Electronics Co., Ltd.)
S3 WdBoot; C:\Windows\system32\drivers\wd\WdBoot.sys [22104 2024-10-31] (Microsoft Windows Early Launch Anti-malware Publisher -> Microsoft Corporation)
S3 WdFilter; C:\Windows\system32\drivers\wd\WdFilter.sys [606624 2024-10-31] (Microsoft Windows -> Microsoft Corporation)
S3 WdNisDrv; C:\Windows\System32\drivers\wd\WdNisDrv.sys [105888 2024-10-31] (Microsoft Windows -> Microsoft Corporation)
==================== NetSvcs (Whitelisted) ===================
(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)
==================== One month (created) (Whitelisted) =========
(If an entry is included in the fixlist, the file/folder will be moved.)
2024-11-19 17:01 - 2024-11-19 17:01 - 000017261 _____ C:\Users\Admin\Desktop\FRST.txt
2024-11-19 17:00 - 2024-11-19 17:01 - 000000000 ____D C:\FRST
2024-11-19 16:56 - 2024-11-19 17:00 - 002402816 _____ (Farbar) C:\Users\Admin\Desktop\FRST64.exe
2024-11-19 16:56 - 2024-11-19 16:56 - 000000000 ____D C:\AdwCleaner
2024-11-19 16:43 - 2024-11-19 16:43 - 000189776 _____ (Malwarebytes) C:\Windows\system32\Drivers\mwac.sys
2024-11-19 16:39 - 2024-11-19 17:00 - 000000000 ____D C:\Users\Admin\AppData\Local\Malwarebytes
2024-11-19 16:39 - 2024-11-19 16:39 - 000002053 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Malwarebytes.lnk
2024-11-19 16:39 - 2024-11-19 16:39 - 000002041 _____ C:\Users\Public\Desktop\Malwarebytes.lnk
2024-11-19 16:39 - 2024-11-19 16:39 - 000000000 ____D C:\ProgramData\Malwarebytes
2024-11-19 16:39 - 2024-11-19 16:39 - 000000000 ____D C:\Program Files\Malwarebytes
2024-11-19 15:23 - 2024-11-19 15:23 - 002441738 _____ C:\Users\Admin\Desktop\m.psd
2024-11-18 11:30 - 2024-11-18 11:30 - 000000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Mp3tag
2024-11-16 20:24 - 2024-11-16 20:24 - 000211974 _____ C:\Users\Admin\Downloads\Faktura_0014631688_4797202100_2443047202.PDF
2024-11-13 07:58 - 2024-11-17 19:57 - 000000000 ____D C:\Program Files\Mozilla Firefox
2024-11-12 19:41 - 2024-11-12 19:41 - 000000000 ___HD C:\$WinREAgent
2024-11-07 18:35 - 2024-11-07 18:35 - 000001195 _____ C:\Users\Admin\Desktop\Kia Sportage_Návod k obsluze.lnk
2024-11-04 21:21 - 2024-11-04 21:23 - 000078522 _____ C:\Users\Admin\Desktop\Rozvrh-ZS_2024.pdf
==================== One month (modified) ==================
(If an entry is included in the fixlist, the file/folder will be moved.)
2024-11-19 16:58 - 2023-12-01 14:17 - 000000000 ____D C:\ProgramData\Mozilla-1de4eec8-1241-4177-a864-e594e8d1fb38
2024-11-19 16:55 - 2019-12-07 10:14 - 000000000 ____D C:\ProgramData\regid.1991-06.com.microsoft
2024-11-19 16:42 - 2023-12-01 15:45 - 000000000 ____D C:\Program Files\EZ CD Audio Converter
2024-11-19 16:39 - 2019-12-07 10:14 - 000000000 ___HD C:\Windows\ELAMBKUP
2024-11-19 16:39 - 2019-12-07 10:13 - 000000000 ____D C:\Windows\INF
2024-11-19 16:27 - 2023-12-01 15:45 - 000000000 ____D C:\ProgramData\TEMP
2024-11-19 16:22 - 2023-11-27 16:12 - 000000000 ____D C:\Windows\system32\SleepStudy
2024-11-19 16:22 - 2023-11-27 15:16 - 000000000 ____D C:\Users\Admin\AppData\Local\D3DSCache
2024-11-19 08:13 - 2023-11-27 15:38 - 000000000 __SHD C:\Users\Admin\IntelGraphicsProfiles
2024-11-18 22:42 - 2023-12-04 16:11 - 000000000 ____D C:\Users\Admin\AppData\Roaming\Mp3tag
2024-11-18 17:07 - 2019-12-07 10:14 - 000000000 ____D C:\Windows\AppReadiness
2024-11-18 11:30 - 2023-12-04 16:11 - 000000000 ____D C:\Program Files\Mp3tag
2024-11-18 11:23 - 2023-12-18 23:15 - 000000000 ____D C:\Users\Admin\AppData\Local\CrashDumps
2024-11-17 20:04 - 2023-11-27 15:21 - 001694140 _____ C:\Windows\system32\PerfStringBackup.INI
2024-11-17 20:04 - 2019-12-07 15:43 - 000717008 _____ C:\Windows\system32\perfh005.dat
2024-11-17 20:04 - 2019-12-07 15:43 - 000145186 _____ C:\Windows\system32\perfc005.dat
2024-11-17 19:57 - 2023-12-01 14:17 - 000000000 ____D C:\Program Files (x86)\Mozilla Maintenance Service
2024-11-17 19:57 - 2023-11-27 16:12 - 000008192 ___SH C:\DumpStack.log.tmp
2024-11-17 19:57 - 2023-11-27 16:12 - 000000006 ____H C:\Windows\Tasks\SA.DAT
2024-11-17 19:57 - 2023-05-05 13:28 - 000000000 ____D C:\Windows\SystemTemp
2024-11-17 19:57 - 2019-12-07 10:14 - 000000000 ____D C:\Windows\ServiceState
2024-11-17 19:57 - 2019-12-07 10:03 - 000524288 _____ C:\Windows\system32\config\BBI
2024-11-17 15:29 - 2023-12-01 15:30 - 000000000 ____D C:\Users\Admin\AppData\Roaming\Microsoft\Word
2024-11-17 14:56 - 2023-11-27 15:16 - 000000000 ____D C:\Users\Admin\AppData\Local\Packages
2024-11-17 09:09 - 2023-11-27 16:12 - 000002436 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Microsoft Edge.lnk
2024-11-17 09:09 - 2023-11-27 16:12 - 000002274 _____ C:\Users\Public\Desktop\Microsoft Edge.lnk
2024-11-16 17:58 - 2019-12-07 10:14 - 000000000 ___HD C:\Program Files\WindowsApps
2024-11-14 07:51 - 2023-11-27 15:18 - 000003592 _____ C:\Windows\system32\Tasks\OneDrive Reporting Task-S-1-5-21-3260051251-3003698751-2184876508-1001
2024-11-14 07:51 - 2023-11-27 15:18 - 000003372 _____ C:\Windows\system32\Tasks\OneDrive Standalone Update Task-S-1-5-21-3260051251-3003698751-2184876508-1001
2024-11-14 07:51 - 2023-11-27 15:16 - 000002422 _____ C:\Users\Admin\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\OneDrive.lnk
2024-11-13 15:55 - 2023-12-01 15:30 - 000000000 ____D C:\Users\Admin\AppData\Roaming\Microsoft\Office
2024-11-13 09:46 - 2023-12-01 14:17 - 000000000 ____D C:\Windows\system32\Tasks\Mozilla
2024-11-13 09:45 - 2023-12-01 14:17 - 000001005 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Firefox.lnk
2024-11-12 21:20 - 2023-11-27 16:12 - 000437832 _____ C:\Windows\system32\FNTCACHE.DAT
2024-11-12 21:20 - 2019-12-07 15:47 - 000000000 ____D C:\Program Files\Windows Defender Advanced Threat Protection
2024-11-12 21:20 - 2019-12-07 10:14 - 000000000 ___RD C:\Windows\ImmersiveControlPanel
2024-11-12 21:20 - 2019-12-07 10:14 - 000000000 ____D C:\Windows\SysWOW64\Dism
2024-11-12 21:20 - 2019-12-07 10:14 - 000000000 ____D C:\Windows\SystemResources
2024-11-12 21:20 - 2019-12-07 10:14 - 000000000 ____D C:\Windows\system32\setup
2024-11-12 21:20 - 2019-12-07 10:14 - 000000000 ____D C:\Windows\system32\SecureBootUpdates
2024-11-12 21:20 - 2019-12-07 10:14 - 000000000 ____D C:\Windows\system32\oobe
2024-11-12 21:20 - 2019-12-07 10:14 - 000000000 ____D C:\Windows\system32\Dism
2024-11-12 21:20 - 2019-12-07 10:14 - 000000000 ____D C:\Windows\system32\appraiser
2024-11-12 21:20 - 2019-12-07 10:14 - 000000000 ____D C:\Windows\ShellExperiences
2024-11-12 21:20 - 2019-12-07 10:14 - 000000000 ____D C:\Windows\DiagTrack
2024-11-12 21:20 - 2019-12-07 10:14 - 000000000 ____D C:\Windows\bcastdvr
2024-11-12 19:46 - 2019-12-07 10:03 - 000000000 ____D C:\Windows\CbsTemp
2024-11-12 19:44 - 2023-11-27 15:14 - 003016192 _____ (Microsoft Corporation) C:\Windows\SysWOW64\PrintConfig.dll
2024-11-12 19:36 - 2023-11-27 15:18 - 000000000 ____D C:\Windows\system32\MRT
2024-11-12 19:35 - 2023-11-27 15:18 - 202035632 ____C (Microsoft Corporation) C:\Windows\system32\MRT.exe
2024-11-10 09:55 - 2023-11-27 16:12 - 000003640 _____ C:\Windows\system32\Tasks\MicrosoftEdgeUpdateTaskMachineUA
2024-11-10 09:55 - 2023-11-27 16:12 - 000003516 _____ C:\Windows\system32\Tasks\MicrosoftEdgeUpdateTaskMachineCore
2024-11-09 20:07 - 2023-12-01 13:39 - 000003980 _____ C:\Windows\system32\Tasks\MicrosoftEdgeUpdateTaskUserS-1-5-21-3260051251-3003698751-2184876508-1001UA{152E6660-A07E-4644-B395-8FEB8768CA9A}
2024-11-09 20:07 - 2023-12-01 13:39 - 000003916 _____ C:\Windows\system32\Tasks\MicrosoftEdgeUpdateTaskUserS-1-5-21-3260051251-3003698751-2184876508-1001Core{345A1CD2-8F45-4CFA-9785-0D4EAC18957A}
2024-11-04 16:02 - 2024-04-12 07:22 - 000001614 _____ C:\darkaneH2.rar
2024-11-03 20:08 - 2024-06-18 11:04 - 000000000 ____D C:\Users\Admin\Desktop\faktury
2024-11-03 10:11 - 2024-08-30 08:23 - 000000000 ____D C:\Users\Admin\Downloads\kosma
2024-11-03 10:10 - 2024-06-27 06:05 - 000000000 ____D C:\Users\Admin\Downloads\Tyršova 402
2024-11-01 14:53 - 2019-12-07 10:14 - 000000000 ____D C:\Windows\system32\NDF
2024-10-31 13:40 - 2024-07-28 18:36 - 000000837 _____ C:\Users\Admin\Desktop\kia kola.txt
2024-10-31 07:26 - 2023-11-27 16:12 - 000000000 ____D C:\Windows\system32\Drivers\wd
2024-10-26 08:06 - 2024-06-18 10:04 - 000004562 _____ C:\Windows\system32\Tasks\Adobe Acrobat Update Task
2024-10-21 16:44 - 2019-12-07 10:14 - 000000000 ____D C:\Windows\appcompat
==================== Files in the root of some directories ========
2023-12-01 16:48 - 2023-12-01 16:48 - 000000410 _____ () C:\Users\Admin\AppData\Local\oobelibMkey.log
2024-02-12 22:28 - 2024-02-12 22:28 - 000000017 _____ () C:\Users\Admin\AppData\Local\resmon.resmoncfg
==================== SigCheck ============================
(There is no automatic fix for files that do not pass verification.)
==================== End of FRST.txt ========================
Additional scan result of Farbar Recovery Scan Tool (x64) Version: 18-11-2024
Ran by Admin (19-11-2024 17:01:52)
Running from C:\Users\Admin\Desktop
Microsoft Windows 10 Pro Version 22H2 19045.5131 (X64) (2023-11-27 14:14:16)
Boot Mode: Normal
==========================================================
==================== Accounts: =============================
(If an entry is included in the fixlist, it will be removed.)
Admin (S-1-5-21-3260051251-3003698751-2184876508-1001 - Administrator - Enabled) => C:\Users\Admin
Administrator (S-1-5-21-3260051251-3003698751-2184876508-500 - Administrator - Disabled)
DefaultAccount (S-1-5-21-3260051251-3003698751-2184876508-503 - Limited - Disabled)
Guest (S-1-5-21-3260051251-3003698751-2184876508-501 - Limited - Disabled)
WDAGUtilityAccount (S-1-5-21-3260051251-3003698751-2184876508-504 - Limited - Disabled)
==================== Security Center ========================
(If an entry is included in the fixlist, it will be removed.)
AV: Malwarebytes (Enabled - Up to date) {0D452135-A081-B000-D6B6-132E52638543}
AV: Windows Defender (Disabled - Up to date) {D68DDC3A-831F-4fae-9E44-DA132C1ACF46}
==================== Installed Programs ======================
(Only the adware programs with "Hidden" flag could be added to the fixlist to unhide them. The adware programs should be uninstalled manually.)
Adobe Acrobat (64-bit) (HKLM\...\{AC76BA86-1033-FFFF-7760-BC15014EA700}) (Version: 24.003.20054 - Adobe)
Adobe Audition 2023 (HKLM-x32\...\AUDT_23_3) (Version: 23.3 - Adobe Inc.)
Adobe Genuine Service (HKLM-x32\...\AdobeGenuineService) (Version: 8.4.0.63 - Adobe Inc.)
Adobe Illustrator 2021 (HKLM-x32\...\ILST_25_4_1) (Version: 25.4.1 - Adobe Inc.)
Adobe Photoshop 2024 (HKLM-x32\...\PHSP_25_1) (Version: 25.1.0.120 - Adobe Inc.)
Adobe Refresh Manager (HKLM-x32\...\{AC76BA86-0804-1033-1959-018244601102}) (Version: 1.8.0 - Adobe Systems Incorporated) Hidden
Dolby Audio X2 Windows API SDK (HKLM\...\{FA0735B6-9E18-437A-A1CD-9152650FC52B}) (Version: 0.8.8.90 - Dolby Laboratories, Inc.)
eLicenser Control (HKLM-x32\...\eLicenser Control) (Version: 6.12.8.4321 - Steinberg Media Technologies GmbH)
EZ CD Audio Converter (HKLM-x32\...\EZ CD Audio Converter) (Version: 11.0.2 - Poikosoft)
Integrated Camera (HKLM-x32\...\{E399A5B3-ED53-4DEA-AF04-8011E1EB1EAC}) (Version: 10.0.10120.11107 - Realtek Semiconductor Corp.)
Intel(R) Processor Graphics (HKLM-x32\...\{F0E3AD40-2BBD-4360-9C76-B9AC9A5886EA}) (Version: 22.20.16.4708 - Intel Corporation)
Logitech G HUB (HKLM\...\{521c89be-637f-4274-a840-baaf7460c2b2}) (Version: 2024.7.621167 - Logitech)
Malwarebytes version 5.2.2.154 (HKLM\...\{35065F43-4BB2-439A-BFF7-0F1014F2E0CD}_is1) (Version: 5.2.2.154 - Malwarebytes)
Microsoft Access MUI (Czech) 2016 (HKLM\...\{90160000-0015-0405-1000-0000000FF1CE}) (Version: 16.0.4266.1001 - Microsoft Corporation) Hidden
Microsoft DCF MUI (Czech) 2016 (HKLM\...\{90160000-0090-0405-1000-0000000FF1CE}) (Version: 16.0.4266.1001 - Microsoft Corporation) Hidden
Microsoft Edge (HKLM-x32\...\Microsoft Edge) (Version: 131.0.2903.51 - Microsoft Corporation)
Microsoft Edge WebView2 Runtime (HKLM-x32\...\Microsoft EdgeWebView) (Version: 130.0.2849.80 - Microsoft Corporation)
Microsoft Excel MUI (Czech) 2016 (HKLM\...\{90160000-0016-0405-1000-0000000FF1CE}) (Version: 16.0.4266.1001 - Microsoft Corporation) Hidden
Microsoft Groove MUI (Czech) 2016 (HKLM\...\{90160000-00BA-0405-1000-0000000FF1CE}) (Version: 16.0.4266.1001 - Microsoft Corporation) Hidden
Microsoft InfoPath MUI (Czech) 2016 (HKLM\...\{90160000-0044-0405-1000-0000000FF1CE}) (Version: 16.0.4266.1001 - Microsoft Corporation) Hidden
Microsoft Office 32-bit Components 2016 (HKLM\...\{90160000-00C1-0000-1000-0000000FF1CE}) (Version: 16.0.4266.1001 - Microsoft Corporation) Hidden
Microsoft Office Korrekturhilfen 2016 – Deutsch (HKLM\...\{90160000-001F-0407-1000-0000000FF1CE}) (Version: 16.0.4266.1001 - Microsoft Corporation) Hidden
Microsoft Office OSM MUI (Czech) 2016 (HKLM\...\{90160000-00E1-0405-1000-0000000FF1CE}) (Version: 16.0.4266.1001 - Microsoft Corporation) Hidden
Microsoft Office OSM UX MUI (Czech) 2016 (HKLM\...\{90160000-00E2-0405-1000-0000000FF1CE}) (Version: 16.0.4266.1001 - Microsoft Corporation) Hidden
Microsoft Office Professional Plus 2016 (HKLM\...\{90160000-0011-0000-1000-0000000FF1CE}) (Version: 16.0.4266.1001 - Microsoft Corporation) Hidden
Microsoft Office Professional Plus 2016 (HKLM\...\Office16.PROPLUS) (Version: 16.0.4266.1001 - Microsoft Corporation)
Microsoft Office Proofing (Czech) 2016 (HKLM\...\{90160000-002C-0405-1000-0000000FF1CE}) (Version: 16.0.4266.1001 - Microsoft Corporation) Hidden
Microsoft Office Proofing Tools 2016 - English (HKLM\...\{90160000-001F-0409-1000-0000000FF1CE}) (Version: 16.0.4266.1001 - Microsoft Corporation) Hidden
Microsoft Office Shared 32-bit MUI (Czech) 2016 (HKLM\...\{90160000-00C1-0405-1000-0000000FF1CE}) (Version: 16.0.4266.1001 - Microsoft Corporation) Hidden
Microsoft Office Shared MUI (Czech) 2016 (HKLM\...\{90160000-006E-0405-1000-0000000FF1CE}) (Version: 16.0.4266.1001 - Microsoft Corporation) Hidden
Microsoft OneDrive (HKU\S-1-5-21-3260051251-3003698751-2184876508-1001\...\OneDriveSetup.exe) (Version: 24.211.1020.0001 - Microsoft Corporation)
Microsoft OneNote MUI (Czech) 2016 (HKLM\...\{90160000-00A1-0405-1000-0000000FF1CE}) (Version: 16.0.4266.1001 - Microsoft Corporation) Hidden
Microsoft Outlook MUI (Czech) 2016 (HKLM\...\{90160000-001A-0405-1000-0000000FF1CE}) (Version: 16.0.4266.1001 - Microsoft Corporation) Hidden
Microsoft PowerPoint MUI (Czech) 2016 (HKLM\...\{90160000-0018-0405-1000-0000000FF1CE}) (Version: 16.0.4266.1001 - Microsoft Corporation) Hidden
Microsoft Publisher MUI (Czech) 2016 (HKLM\...\{90160000-0019-0405-1000-0000000FF1CE}) (Version: 16.0.4266.1001 - Microsoft Corporation) Hidden
Microsoft Skype for Business MUI (Czech) 2016 (HKLM\...\{90160000-012B-0405-1000-0000000FF1CE}) (Version: 16.0.4266.1001 - Microsoft Corporation) Hidden
Microsoft Update Health Tools (HKLM\...\{1FC1A6C2-576E-489A-9B4A-92D21F542136}) (Version: 3.74.0.0 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x64 9.0.30729.4148 (HKLM\...\{4B6C7001-C7D6-3710-913E-5BC23FCE91E6}) (Version: 9.0.30729.4148 - Microsoft Corporation)
Microsoft Visual C++ 2012 Redistributable (x64) - 11.0.61030 (HKLM-x32\...\{ca67548a-5ebe-413a-b50c-4b9ceb6d66c6}) (Version: 11.0.61030.0 - Microsoft Corporation)
Microsoft Visual C++ 2012 Redistributable (x86) - 11.0.61030 (HKLM-x32\...\{33d1fd90-4274-48a1-9bc1-97e33d9c2d6f}) (Version: 11.0.61030.0 - Microsoft Corporation)
Microsoft Visual C++ 2012 x64 Additional Runtime - 11.0.61030 (HKLM\...\{37B8F9C7-03FB-3253-8781-2517C99D7C00}) (Version: 11.0.61030 - Microsoft Corporation) Hidden
Microsoft Visual C++ 2012 x64 Minimum Runtime - 11.0.61030 (HKLM\...\{CF2BEA3C-26EA-32F8-AA9B-331F7E34BA97}) (Version: 11.0.61030 - Microsoft Corporation) Hidden
Microsoft Visual C++ 2012 x86 Additional Runtime - 11.0.61030 (HKLM-x32\...\{B175520C-86A2-35A7-8619-86DC379688B9}) (Version: 11.0.61030 - Microsoft Corporation) Hidden
Microsoft Visual C++ 2012 x86 Minimum Runtime - 11.0.61030 (HKLM-x32\...\{BD95A8CD-1D9F-35AD-981A-3E7925026EBB}) (Version: 11.0.61030 - Microsoft Corporation) Hidden
Microsoft Visual C++ 2013 Redistributable (x64) - 12.0.40664 (HKLM-x32\...\{042d26ef-3dbe-4c25-95d3-4c1b11b235a7}) (Version: 12.0.40664.0 - Microsoft Corporation)
Microsoft Visual C++ 2013 Redistributable (x86) - 12.0.40664 (HKLM-x32\...\{9dff3540-fc85-4ed5-ac84-9e3c7fd8bece}) (Version: 12.0.40664.0 - Microsoft Corporation)
Microsoft Visual C++ 2013 x64 Additional Runtime - 12.0.40664 (HKLM\...\{010792BA-551A-3AC0-A7EF-0FAB4156C382}) (Version: 12.0.40664 - Microsoft Corporation) Hidden
Microsoft Visual C++ 2013 x64 Minimum Runtime - 12.0.40664 (HKLM\...\{53CF6934-A98D-3D84-9146-FC4EDF3D5641}) (Version: 12.0.40664 - Microsoft Corporation) Hidden
Microsoft Visual C++ 2013 x86 Additional Runtime - 12.0.40664 (HKLM-x32\...\{D401961D-3A20-3AC7-943B-6139D5BD490A}) (Version: 12.0.40664 - Microsoft Corporation) Hidden
Microsoft Visual C++ 2013 x86 Minimum Runtime - 12.0.40664 (HKLM-x32\...\{8122DAB1-ED4D-3676-BB0A-CA368196543E}) (Version: 12.0.40664 - Microsoft Corporation) Hidden
Microsoft Visual C++ 2015-2022 Redistributable (x64) - 14.34.31931 (HKLM-x32\...\{d4cecf3b-b68f-4995-8840-52ea0fab646e}) (Version: 14.34.31931.0 - Microsoft Corporation)
Microsoft Visual C++ 2015-2022 Redistributable (x86) - 14.32.31326 (HKLM-x32\...\{817e21c1-6b3a-4bc1-8c49-67e4e1887b3a}) (Version: 14.32.31326.0 - Microsoft Corporation)
Microsoft Visual C++ 2022 X64 Additional Runtime - 14.34.31931 (HKLM\...\{EAE242B1-0A26-485A-BFEB-0292EE9F03CB}) (Version: 14.34.31931 - Microsoft Corporation) Hidden
Microsoft Visual C++ 2022 X64 Minimum Runtime - 14.34.31931 (HKLM\...\{CF4C347D-954E-4543-88D2-EC17F07F466F}) (Version: 14.34.31931 - Microsoft Corporation) Hidden
Microsoft Visual C++ 2022 X86 Additional Runtime - 14.32.31326 (HKLM-x32\...\{A250E750-DB3F-40C1-8460-8EF77C7582DA}) (Version: 14.32.31326 - Microsoft Corporation) Hidden
Microsoft Visual C++ 2022 X86 Minimum Runtime - 14.32.31326 (HKLM-x32\...\{46E11E7F-01E1-44D0-BB86-C67342D253DD}) (Version: 14.32.31326 - Microsoft Corporation) Hidden
Microsoft Word MUI (Czech) 2016 (HKLM\...\{90160000-001B-0405-1000-0000000FF1CE}) (Version: 16.0.4266.1001 - Microsoft Corporation) Hidden
Mozilla Firefox (x64 cs) (HKLM\...\Mozilla Firefox 132.0.2 (x64 cs)) (Version: 132.0.2 - Mozilla)
Mozilla Maintenance Service (HKLM\...\MozillaMaintenanceService) (Version: 120.0.1 - Mozilla)
Mp3tag v3.28 (HKLM\...\Mp3tag) (Version: 3.28 - Florian Heidenreich)
Nástroje kontroly pravopisu pro Microsoft Office 2016 – čeština (HKLM\...\{90160000-001F-0405-1000-0000000FF1CE}) (Version: 16.0.4266.1001 - Microsoft Corporation) Hidden
Nástroje korektúry balíka Microsoft Office 2016 - slovenčina (HKLM\...\{90160000-001F-041B-1000-0000000FF1CE}) (Version: 16.0.4266.1001 - Microsoft Corporation) Hidden
Navigation Updater (HKU\S-1-5-21-3260051251-3003698751-2184876508-1001\...\{cc421fe9-06b3-474a-809a-80908170203b}) (Version: 2.2.3.8 - HYUNDAI MOTOR GROUP)
Steinberg Activation Manager (HKLM\...\{0224CA8C-FD43-4397-94CE-319B9471016A}) (Version: 1.4.40 - Steinberg Media Technologies GmbH)
Steinberg Cubase 13 (HKLM\...\{2B68F691-AC02-46E5-B548-70C95A995DD9}) (Version: 13.0.20 - Steinberg Media Technologies GmbH)
Steinberg Download Assistant (HKLM-x32\...\Steinberg Download Assistant) (Version: 1.35.0 - Steinberg Media Technologies GmbH)
Steinberg Generic Lower Latency ASIO Driver 64bit (HKLM\...\{16D5A798-10BE-4FF3-BB71-54C012CD0D7D}) (Version: 1.0.30 - Steinberg Media Technologies GmbH)
Steinberg Groove Agent SE 5 (HKLM\...\{A5AB0D21-21BD-4DB8-F097-02E8FC8C486A}) (Version: 5.1.20 - Steinberg Media Technologies GmbH)
Steinberg HALion Sonic 7 (HKLM\...\{69043884-EB60-4C9A-9C41-3303C319E1A8}) (Version: 7.0.20 - Steinberg Media Technologies GmbH)
Steinberg Install Assistant (HKLM\...\{2E7DF371-6034-4FC7-AE30-100AC21A1003}) (Version: 1.2.2 - Steinberg Media Technologies GmbH)
Steinberg Library Manager (HKLM\...\{AA78592A-F13C-4C8E-B849-7A398001FA7F}) (Version: 3.2.40 - Steinberg Media Technologies GmbH)
Steinberg MediaBay (HKLM\...\{9529D195-8127-42F5-BA54-8D862E941920}) (Version: 1.1.20 - Steinberg Media Technologies GmbH)
Steinberg Padshop 2 (HKLM\...\{6FBAF5EF-816E-4D80-BFBE-8B237EEA4CD4}) (Version: 2.2.0 - Steinberg Media Technologies GmbH)
Steinberg Retrologue 64bit (HKLM\...\{4D65ECE6-131D-4B5F-8470-2750D3161619}) (Version: 2.4.0 - Steinberg Media Technologies GmbH)
Steinberg SpectraLayers 10 (HKLM\...\424abc1e-aca9-452c-8b47-4klc6fh21b36_is1) (Version: 10.0.40.339 - Steinberg)
TIDAL (HKU\S-1-5-21-3260051251-3003698751-2184876508-1001\...\TIDAL) (Version: 2.36.2 - TIDAL Music AS)
Update for x64-based Windows Systems (KB5001716) (HKLM\...\{DA80A019-4C3B-4DAA-ACA1-6937D7CAAF9E}) (Version: 8.94.0.0 - Microsoft Corporation)
UXP WebView Support (HKLM-x32\...\UXPW_1_1_0) (Version: 1.1.0 - Adobe Inc.)
VLC media player (HKLM\...\VLC media player) (Version: 3.0.20 - VideoLAN)
Vulkan Run Time Libraries 1.0.42.0 (HKLM\...\VulkanRT1.0.42.0) (Version: 1.0.42.0 - LunarG, Inc.)
WinRAR 6.20 (64-bit) (HKLM\...\WinRAR archiver) (Version: 6.20.0 - win.rar GmbH)
Wondershare Helper Compact 2.6.0 (HKLM-x32\...\{5363CE84-5F09-48A1-8B6C-6BB590FFEDF2}_is1) (Version: 2.6.0 - Wondershare)
Packages:
=========
HP Smart -> C:\Program Files\WindowsApps\AD2F1837.HPPrinterControl_156.1.1125.0_x64__v10z8vjag6ke6 [2024-10-16] (HP Inc.)
Spotify – hudba a podcasty -> C:\Program Files\WindowsApps\SpotifyAB.SpotifyMusic_1.250.335.0_x64__zpdnekdrzrea0 [2024-11-15] (Spotify AB) [Startup Task]
WhatsApp -> C:\Program Files\WindowsApps\5319275A.WhatsAppDesktop_2.2445.7.0_x64__cv1g1gvanyjgm [2024-11-14] (WhatsApp Inc.) [Startup Task]
==================== Custom CLSID (Whitelisted): ==============
(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)
CustomCLSID: HKU\S-1-5-21-3260051251-3003698751-2184876508-1001_Classes\CLSID\{1108FD1C-492F-4251-B9DB-77F0274267B2}\InprocServer32 -> C:\Users\Admin\AppData\Local\Microsoft\EdgeUpdate\1.3.187.37\psuser_64.dll => No File
CustomCLSID: HKU\S-1-5-21-3260051251-3003698751-2184876508-1001_Classes\CLSID\{14100442-9664-1407-2647-000000000000}\localserver32 -> "C:\Users\Admin\AppData\Local\Wondershare\Wondershare NativePush\WsToastNotification.exe" -ToastActivated => No File
CustomCLSID: HKU\S-1-5-21-3260051251-3003698751-2184876508-1001_Classes\CLSID\{4FFB4BD8-A109-4F25-A4DB-313678B19417}\InprocServer32 -> C:\Users\Admin\AppData\Local\Microsoft\EdgeUpdate\1.3.195.31\psuser_64.dll => No File
CustomCLSID: HKU\S-1-5-21-3260051251-3003698751-2184876508-1001_Classes\CLSID\{5EA43877-C6D8-4885-B77A-C0BB27E94372}\InprocServer32 -> C:\Users\Admin\AppData\Local\Microsoft\EdgeUpdate\1.3.195.35\psuser_64.dll (Microsoft Corporation -> Microsoft Corporation)
CustomCLSID: HKU\S-1-5-21-3260051251-3003698751-2184876508-1001_Classes\CLSID\{5FC44EBC-3A1F-4FBB-85E5-34405788C8D7}\InprocServer32 -> C:\Users\Admin\AppData\Local\Microsoft\EdgeUpdate\1.3.187.41\psuser_64.dll => No File
CustomCLSID: HKU\S-1-5-21-3260051251-3003698751-2184876508-1001_Classes\CLSID\{6DD6748E-7DAE-47EF-B4D5-03AA1B06D697}\InprocServer32 -> C:\Users\Admin\AppData\Local\Microsoft\EdgeUpdate\1.3.187.39\psuser_64.dll => No File
CustomCLSID: HKU\S-1-5-21-3260051251-3003698751-2184876508-1001_Classes\CLSID\{72726D01-426C-4B35-8266-B4496CAA889E}\InprocServer32 -> C:\Users\Admin\AppData\Local\Microsoft\EdgeUpdate\1.3.183.29\psuser_64.dll => No File
CustomCLSID: HKU\S-1-5-21-3260051251-3003698751-2184876508-1001_Classes\CLSID\{78C1ADF4-6DAE-4164-AEFA-4E3EAD9E750A}\InprocServer32 -> C:\Users\Admin\AppData\Local\Microsoft\EdgeUpdate\1.3.195.19\psuser_64.dll => No File
CustomCLSID: HKU\S-1-5-21-3260051251-3003698751-2184876508-1001_Classes\CLSID\{81093D63-7825-417B-BFC8-ADC63FA4E53D}\InprocServer32 -> C:\Users\Admin\AppData\Local\Microsoft\EdgeUpdate\1.3.195.35\psuser_64.dll (Microsoft Corporation -> Microsoft Corporation)
CustomCLSID: HKU\S-1-5-21-3260051251-3003698751-2184876508-1001_Classes\CLSID\{83F21C4B-8643-4A08-A29A-822AFD835037}\InprocServer32 -> C:\Users\Admin\AppData\Local\Microsoft\EdgeUpdate\1.3.193.5\psuser_64.dll => No File
CustomCLSID: HKU\S-1-5-21-3260051251-3003698751-2184876508-1001_Classes\CLSID\{A087E49F-1F8E-4603-A200-55537B737421}\InprocServer32 -> C:\Users\Admin\AppData\Local\Microsoft\EdgeUpdate\1.3.195.25\psuser_64.dll => No File
CustomCLSID: HKU\S-1-5-21-3260051251-3003698751-2184876508-1001_Classes\CLSID\{AE1542A7-3989-481B-93A9-1500C5F56B14}\InprocServer32 -> C:\Users\Admin\AppData\Local\Microsoft\EdgeUpdate\1.3.185.27\psuser_64.dll => No File
CustomCLSID: HKU\S-1-5-21-3260051251-3003698751-2184876508-1001_Classes\CLSID\{B258532D-3529-4BEB-BF38-F08F98B3968C}\InprocServer32 -> C:\Users\Admin\AppData\Local\Microsoft\EdgeUpdate\1.3.195.15\psuser_64.dll => No File
CustomCLSID: HKU\S-1-5-21-3260051251-3003698751-2184876508-1001_Classes\CLSID\{BC4C72EF-3055-4A6D-86E1-AE4D24DB63CA}\InprocServer32 -> C:\Users\Admin\AppData\Local\Microsoft\EdgeUpdate\1.3.195.35\psuser_64.dll (Microsoft Corporation -> Microsoft Corporation)
CustomCLSID: HKU\S-1-5-21-3260051251-3003698751-2184876508-1001_Classes\CLSID\{CAE1760A-CB07-481B-8F9A-BC65510AF5D5}\InprocServer32 -> C:\Users\Admin\AppData\Local\Microsoft\EdgeUpdate\1.3.185.21\psuser_64.dll => No File
CustomCLSID: HKU\S-1-5-21-3260051251-3003698751-2184876508-1001_Classes\CLSID\{DAA7499A-B3AC-4419-A89B-124318504051}\InprocServer32 -> C:\Users\Admin\AppData\Local\Microsoft\EdgeUpdate\1.3.185.29\psuser_64.dll => No File
CustomCLSID: HKU\S-1-5-21-3260051251-3003698751-2184876508-1001_Classes\CLSID\{E3D57E77-FE71-4D06-BD34-D48820074909}\InprocServer32 -> C:\Users\Admin\AppData\Local\Microsoft\EdgeUpdate\1.3.181.5\psuser_64.dll => No File
CustomCLSID: HKU\S-1-5-21-3260051251-3003698751-2184876508-1001_Classes\CLSID\{E76F97B1-1AE9-497C-9FA4-F57BBABAD54A}\InprocServer32 -> C:\Users\Admin\AppData\Local\Microsoft\EdgeUpdate\1.3.185.17\psuser_64.dll => No File
CustomCLSID: HKU\S-1-5-21-3260051251-3003698751-2184876508-1001_Classes\CLSID\{F1658933-2997-4DDB-869C-061D53A9718E}\InprocServer32 -> C:\Users\Admin\AppData\Local\Microsoft\EdgeUpdate\1.3.195.21\psuser_64.dll => No File
ShellIconOverlayIdentifiers: [ AccExtIco1] -> {AB9CF9F8-8A96-4F9D-BF21-CE85714C3A47} => C:\Program Files (x86)\Common Files\Adobe\CoreSyncExtension\CoreSync_x64.dll [2023-12-04] (Adobe Inc. -> )
ShellIconOverlayIdentifiers: [ AccExtIco2] -> {853B7E05-C47D-4985-909A-D0DC5C6D7303} => C:\Program Files (x86)\Common Files\Adobe\CoreSyncExtension\CoreSync_x64.dll [2023-12-04] (Adobe Inc. -> )
ShellIconOverlayIdentifiers: [ AccExtIco3] -> {42D38F2E-98E9-4382-B546-E24E4D6D04BB} => C:\Program Files (x86)\Common Files\Adobe\CoreSyncExtension\CoreSync_x64.dll [2023-12-04] (Adobe Inc. -> )
ContextMenuHandlers1: [AccExt] -> {2A118EB5-5797-4F5E-8B3D-F4ECBA3C98E4} => C:\Program Files (x86)\Common Files\Adobe\CoreSyncExtension\CoreSync_x64.dll [2023-12-04] (Adobe Inc. -> )
ContextMenuHandlers1: [Adobe.Acrobat.ContextMenu] -> {A6595CD1-BF77-430A-A452-18696685F7C7} => C:\Program Files\Adobe\Acrobat DC\Acrobat Elements\ContextMenuShim64.dll [2024-08-23] (Adobe Inc. -> Adobe Systems Inc.)
ContextMenuHandlers1: [EzCd] -> {E46D6DC6-9707-43a9-BDBB-0BDBDD096F90} => C:\Program Files\EZ CD Audio Converter\ezcd64.dll [2022-09-23] (Poikosoft -> Poikosoft)
ContextMenuHandlers1: [Mp3tagShell] -> {6351E20C-35FA-4BE3-98FB-4CABF1363E12} => C:\Program Files\Mp3tag\Mp3tagShell64.dll [2024-08-08] (Florian Heidenreich -> Florian Heidenreich)
ContextMenuHandlers1: [WinRAR] -> {B41DB860-64E4-11D2-9906-E49FADC173CA} => C:\Program Files\WinRAR\rarext.dll [2023-01-17] (win.rar GmbH -> Alexander Roshal)
ContextMenuHandlers1-x32: [WinRAR32] -> {B41DB860-8EE4-11D2-9906-E49FADC173CA} => C:\Program Files\WinRAR\rarext32.dll [2023-01-17] (win.rar GmbH -> Alexander Roshal)
ContextMenuHandlers2: [Mp3tagShell] -> {6351E20C-35FA-4BE3-98FB-4CABF1363E12} => C:\Program Files\Mp3tag\Mp3tagShell64.dll [2024-08-08] (Florian Heidenreich -> Florian Heidenreich)
ContextMenuHandlers3: [MBAMShlExt] -> {57CE581A-0CB6-4266-9CA0-19364C90A0B3} => C:\Program Files\Malwarebytes\Anti-Malware\mbshlext.dll [2024-11-19] (Malwarebytes Inc. -> Malwarebytes)
ContextMenuHandlers4: [EzCd] -> {E46D6DC6-9707-43a9-BDBB-0BDBDD096F90} => C:\Program Files\EZ CD Audio Converter\ezcd64.dll [2022-09-23] (Poikosoft -> Poikosoft)
ContextMenuHandlers4: [Mp3tagShell] -> {6351E20C-35FA-4BE3-98FB-4CABF1363E12} => C:\Program Files\Mp3tag\Mp3tagShell64.dll [2024-08-08] (Florian Heidenreich -> Florian Heidenreich)
ContextMenuHandlers5: [igfxcui] -> {3AB1675A-CCFF-11D2-8B20-00A0C93CB1F4} => -> No File
ContextMenuHandlers5: [igfxDTCM] -> {9B5F5829-A529-4B12-814A-E81BCB8D93FC} => C:\Windows\System32\DriverStore\FileRepository\igdlh64.inf_amd64_d44295a98a21a376\igfxDTCM.dll [2017-06-22] (Microsoft Windows Hardware Compatibility Publisher -> Intel Corporation)
ContextMenuHandlers6: [AccExt] -> {2A118EB5-5797-4F5E-8B3D-F4ECBA3C98E4} => C:\Program Files (x86)\Common Files\Adobe\CoreSyncExtension\CoreSync_x64.dll [2023-12-04] (Adobe Inc. -> )
ContextMenuHandlers6: [Adobe.Acrobat.ContextMenu] -> {A6595CD1-BF77-430A-A452-18696685F7C7} => C:\Program Files\Adobe\Acrobat DC\Acrobat Elements\ContextMenuShim64.dll [2024-08-23] (Adobe Inc. -> Adobe Systems Inc.)
ContextMenuHandlers6: [MBAMShlExt] -> {57CE581A-0CB6-4266-9CA0-19364C90A0B3} => C:\Program Files\Malwarebytes\Anti-Malware\mbshlext.dll [2024-11-19] (Malwarebytes Inc. -> Malwarebytes)
ContextMenuHandlers6: [WinRAR] -> {B41DB860-64E4-11D2-9906-E49FADC173CA} => C:\Program Files\WinRAR\rarext.dll [2023-01-17] (win.rar GmbH -> Alexander Roshal)
ContextMenuHandlers6-x32: [WinRAR32] -> {B41DB860-8EE4-11D2-9906-E49FADC173CA} => C:\Program Files\WinRAR\rarext32.dll [2023-01-17] (win.rar GmbH -> Alexander Roshal)
==================== Codecs (Whitelisted) ====================
==================== Shortcuts & WMI ========================
==================== Loaded Modules (Whitelisted) =============
2024-08-23 11:19 - 2024-08-23 11:19 - 000021504 _____ (Adobe Systems Inc.) [File not signed] C:\Program Files\Adobe\Acrobat DC\Acrobat\locale\cs_cz\Acrobat Elements\ContextMenuShim64.cze
==================== Alternate Data Streams (Whitelisted) ========
(If an entry is included in the fixlist, only the ADS will be removed.)
AlternateDataStreams: C:\Users\Admin\Desktop\FRST64.exe:MBAM.Zone.Identifier [193]
AlternateDataStreams: C:\ProgramData\TEMP:8934AEBA [138]
==================== Safe Mode (Whitelisted) ==================
(If an entry is included in the fixlist, it will be removed from the registry. The "AlternateShell" will be restored.)
HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\MBAMService => ""="Service"
HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Network\MBAMService => ""="Service"
==================== Association (Whitelisted) =================
==================== Internet Explorer (Whitelisted) =============
BHO: Skype for Business Browser Helper -> {31D09BA0-12F5-4CCE-BE8A-2923E76605DA} -> C:\Program Files\Microsoft Office\Office16\OCHelper.dll [2015-07-31] (Microsoft Corporation -> Microsoft Corporation)
BHO: Adobe Acrobat Create PDF Helper -> {AE7CD045-E861-484f-8273-0445EE161910} -> C:\Program Files\Common Files\Adobe\Acrobat\WCIEActiveX\DC\x64\AcroIEFavStub.dll [2024-08-23] (Adobe Inc. -> Adobe Systems Incorporated)
BHO: Microsoft OneDrive for Business Browser Helper -> {D0498E0A-45B7-42AE-A9AA-ABA463DBD3BF} -> C:\Program Files\Microsoft Office\Office16\GROOVEEX.DLL [2015-07-31] (Microsoft Corporation -> Microsoft Corporation)
BHO: Adobe Acrobat Create PDF from Selection -> {F4971EE7-DAA0-4053-9964-665D8EE6A077} -> C:\Program Files\Common Files\Adobe\Acrobat\WCIEActiveX\DC\x64\AcroIEFavStub.dll [2024-08-23] (Adobe Inc. -> Adobe Systems Incorporated)
BHO-x32: Skype for Business Browser Helper -> {31D09BA0-12F5-4CCE-BE8A-2923E76605DA} -> C:\Program Files (x86)\Microsoft Office\Office16\OCHelper.dll [2015-07-31] (Microsoft Corporation -> Microsoft Corporation)
BHO-x32: Adobe Acrobat Create PDF Helper -> {AE7CD045-E861-484f-8273-0445EE161910} -> C:\Program Files\Common Files\Adobe\Acrobat\WCIEActiveX\DC\AcroIEFavStub.dll [2024-08-23] (Adobe Inc. -> Adobe Systems Incorporated)
BHO-x32: Microsoft OneDrive for Business Browser Helper -> {D0498E0A-45B7-42AE-A9AA-ABA463DBD3BF} -> C:\Program Files (x86)\Microsoft Office\Office16\GROOVEEX.DLL [2015-07-31] (Microsoft Corporation -> Microsoft Corporation)
BHO-x32: Adobe Acrobat Create PDF from Selection -> {F4971EE7-DAA0-4053-9964-665D8EE6A077} -> C:\Program Files\Common Files\Adobe\Acrobat\WCIEActiveX\DC\AcroIEFavStub.dll [2024-08-23] (Adobe Inc. -> Adobe Systems Incorporated)
Toolbar: HKLM - Adobe Acrobat Create PDF Toolbar - {47833539-D0C5-4125-9FA8-0819E2EAAC93} - C:\Program Files\Common Files\Adobe\Acrobat\WCIEActiveX\DC\x64\AcroIEFavStub.dll [2024-08-23] (Adobe Inc. -> Adobe Systems Incorporated)
Toolbar: HKLM-x32 - Adobe Acrobat Create PDF Toolbar - {47833539-D0C5-4125-9FA8-0819E2EAAC93} - C:\Program Files\Common Files\Adobe\Acrobat\WCIEActiveX\DC\AcroIEFavStub.dll [2024-08-23] (Adobe Inc. -> Adobe Systems Incorporated)
Handler: mso-minsb.16 - {3459B272-CC19-4448-86C9-DDC3B4B2FAD3} - C:\Program Files\Microsoft Office\Office16\MSOSB.DLL [2015-07-31] (Microsoft Corporation -> Microsoft Corporation)
Handler-x32: mso-minsb.16 - {3459B272-CC19-4448-86C9-DDC3B4B2FAD3} - C:\Program Files (x86)\Microsoft Office\Office16\MSOSB.DLL [2015-07-31] (Microsoft Corporation -> Microsoft Corporation)
Handler: osf.16 - {5504BE45-A83B-4808-900A-3A5C36E7F77A} - C:\Program Files\Microsoft Office\Office16\MSOSB.DLL [2015-07-31] (Microsoft Corporation -> Microsoft Corporation)
Handler-x32: osf.16 - {5504BE45-A83B-4808-900A-3A5C36E7F77A} - C:\Program Files (x86)\Microsoft Office\Office16\MSOSB.DLL [2015-07-31] (Microsoft Corporation -> Microsoft Corporation)
==================== Hosts content: =========================
(If needed Hosts: directive could be included in the fixlist to reset Hosts.)
2019-12-07 10:14 - 2024-09-10 13:25 - 000003164 _____ C:\Windows\system32\drivers\etc\hosts
127.0.0.1 lm.licenses.adobe.com
127.0.0.1 lmlicenses.wip4.adobe.com
127.0.0.1 lm-prd-da1.licenses.adobe.com
127.0.0.1 activate.adobe.com
127.0.0.1 activate.wip4.adobe.com
127.0.0.1 practivate.adobe.com
127.0.0.1 practivate-da1.adobe.com
127.0.0.1 na1r.services.adobe.com
127.0.0.1 hlrcv.stage.adobe.com
127.0.0.1 uds.licenses.adobe.com
127.0.0.1 license.adobe.com
127.0.0.1 helpexamples.com
127.0.0.1 activate-sea.adobe.com
127.0.0.1 activate-sjc0.adobe.com
127.0.0.1 ereg.adobe.com
127.0.0.1 activate.wip3.adobe.com
127.0.0.1 ereg.wip3.adobe.com
127.0.0.1 wwis-dubc1-vip60.adobe.com
127.0.0.1 genuine.adobe.com
127.0.0.1 prod.adobegenuine.com
127.0.0.1 lm.licenses.adobe.com
127.0.0.1 lmlicenses.wip4.adobe.com
127.0.0.1 lm-prd-da1.licenses.adobe.com
127.0.0.1 activate.adobe.com
127.0.0.1 activate.wip4.adobe.com
127.0.0.1 practivate.adobe.com
127.0.0.1 practivate-da1.adobe.com
127.0.0.1 na1r.services.adobe.com
127.0.0.1 hlrcv.stage.adobe.com
127.0.0.1 uds.licenses.adobe.com
==================== Other Areas ===========================
(Currently there is no automatic fix for this section.)
HKU\S-1-5-21-3260051251-3003698751-2184876508-1001\Control Panel\Desktop\\Wallpaper -> c:\windows\web\wallpaper\windows\img0.jpg
DNS Servers: 10.0.1.1 - 8.8.8.8
HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Policies\System => (ConsentPromptBehaviorAdmin: 5) (ConsentPromptBehaviorUser: 3) (EnableLUA: 1)
HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer => (SmartScreenEnabled: Warn)
Windows Firewall is enabled.
Network Binding:
=============
Wi-Fi: Intel(R) Dual Band Wireless-AC 8265 -> Netwtw06.sys
Ethernet: Intel(R) Ethernet Connection (5) I219-LM -> e1d68x64.sys
==================== MSCONFIG/TASK MANAGER disabled items ==
(If an entry is included in the fixlist, it will be removed.)
HKLM\...\StartupApproved\Run: => "AdobeAAMUpdater-1.0"
HKLM\...\StartupApproved\Run: => "AdobeGCInvoker-1.0"
HKLM\...\StartupApproved\Run: => "RtHDVBg_Dolby"
HKLM\...\StartupApproved\Run: => "RtsCM"
HKLM\...\StartupApproved\Run: => "Logitech Download Assistant"
HKLM\...\StartupApproved\Run: => "RTHDVCPL"
HKLM\...\StartupApproved\Run32: => "Adobe CCXProcess"
HKU\S-1-5-21-3260051251-3003698751-2184876508-1001\...\StartupApproved\Run: => "MicrosoftEdgeAutoLaunch_5EFC0ECB77A7585FE9DCDD0B2E946A2B"
HKU\S-1-5-21-3260051251-3003698751-2184876508-1001\...\StartupApproved\Run: => "Microsoft Edge Update"
HKU\S-1-5-21-3260051251-3003698751-2184876508-1001\...\StartupApproved\Run: => "LGHUB"
==================== FirewallRules (Whitelisted) ================
(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)
FirewallRules: [{C7FB50D1-BC78-4825-88D4-3E09FA63E69F}] => (Allow) C:\Program Files\Mozilla Firefox\firefox.exe (Mozilla Corporation -> Mozilla Corporation)
FirewallRules: [{A6E10C3A-A21B-408F-9C8F-1B69042A1EC0}] => (Allow) C:\Program Files\Mozilla Firefox\firefox.exe (Mozilla Corporation -> Mozilla Corporation)
FirewallRules: [{540B133E-829B-4D85-BAEE-5BC28B52D6D6}] => (Allow) C:\Program Files\Microsoft Office\Office16\lync.exe (Microsoft Corporation -> Microsoft Corporation)
FirewallRules: [{62D4249A-6E78-4F84-9004-21FAE461849E}] => (Allow) C:\Program Files\Microsoft Office\Office16\lync.exe (Microsoft Corporation -> Microsoft Corporation)
FirewallRules: [{FF74FB05-0D42-45B3-A267-CD31C1F97F82}] => (Allow) C:\Program Files\Microsoft Office\Office16\UcMapi.exe (Microsoft Corporation -> Microsoft Corporation)
FirewallRules: [{6FB41EE1-8A74-499A-8265-73ABDB6EC6DC}] => (Allow) C:\Program Files\Microsoft Office\Office16\UcMapi.exe (Microsoft Corporation -> Microsoft Corporation)
FirewallRules: [{04E08BFB-0733-40BE-ACDF-D75D6A1A68D7}] => (Allow) LPort=51111
FirewallRules: [{E6172851-7891-4212-AEA7-23B2560818CC}] => (Allow) LPort=51112
FirewallRules: [{51E55083-E014-4BE8-97DD-8EC008244560}] => (Allow) LPort=51113
FirewallRules: [{8AE1A497-5CAF-4B37-A95A-CB19B07263C1}] => (Allow) C:\Program Files\Steinberg\Cubase 13\Cubase13.exe (Steinberg Media Technologies GmbH -> Steinberg Media Technologies)
FirewallRules: [{6E0C8B92-196C-4E04-B5A2-2CC4897A2AFB}] => (Block) C:\Program Files\Adobe\Adobe Photoshop 2024\Photoshop.exe (Adobe Inc. -> Adobe) [File not signed]
FirewallRules: [{DB04B26E-B4DE-495E-B254-F5396EEB2C7F}] => (Block) C:\Program Files\Adobe\Adobe Photoshop 2024\Photoshop.exe (Adobe Inc. -> Adobe) [File not signed]
FirewallRules: [TCP Query User{0C3CA86C-FB5C-41D6-8BE5-9E2C01E5A1F0}C:\users\admin\appdata\local\tidal\app-2.36.2\tidal.exe] => (Allow) C:\users\admin\appdata\local\tidal\app-2.36.2\tidal.exe (TIDAL Music AS -> TIDAL Music AS)
FirewallRules: [UDP Query User{0EC0C7DD-376C-499B-865D-FD3569A107F7}C:\users\admin\appdata\local\tidal\app-2.36.2\tidal.exe] => (Allow) C:\users\admin\appdata\local\tidal\app-2.36.2\tidal.exe (TIDAL Music AS -> TIDAL Music AS)
FirewallRules: [{7F06F154-D562-479D-ABBA-688B5550A8AB}] => (Block) C:\Program Files\Adobe\Acrobat DC\Acrobat\Acrobat.exe (Adobe Inc. -> Adobe Systems Incorporated)
FirewallRules: [{26169149-D6EE-4CB6-9982-F574CE060612}] => (Block) C:\Program Files\Adobe\Acrobat DC\Acrobat\Acrobat.exe (Adobe Inc. -> Adobe Systems Incorporated)
FirewallRules: [{615ABAB5-389E-4E92-B1EC-9DE0321A0E74}] => (Block) C:\Program Files\Adobe\Adobe Audition 2023\Adobe Audition.exe (Adobe Inc. -> Adobe)
FirewallRules: [{614A2360-1566-428E-AFBC-656D47A9EDB2}] => (Block) C:\Program Files\Adobe\Adobe Audition 2023\Adobe Audition.exe (Adobe Inc. -> Adobe)
FirewallRules: [{F1E80103-3E86-4AE2-83B6-6F2CAD12FE78}] => (Block) C:\Program Files\Adobe\Adobe Audition 2023\AdobeCrashReport.exe (Adobe Inc. -> Adobe)
FirewallRules: [{85739B14-C9B9-4B42-A9F6-5F146381920D}] => (Block) C:\Program Files\Adobe\Adobe Audition 2023\AdobeCrashReport.exe (Adobe Inc. -> Adobe)
FirewallRules: [{F40957CA-C45C-4EA9-82D1-69F4C6AE7DD2}] => (Block) C:\Program Files\Adobe\Adobe Creative Cloud Experience\CCXProcess.exe (Adobe Inc. -> Adobe Inc.)
FirewallRules: [{A36C7630-3F11-4D8B-A669-F45A93CC2AA4}] => (Block) C:\Program Files\Adobe\Adobe Creative Cloud Experience\CCXProcess.exe (Adobe Inc. -> Adobe Inc.)
FirewallRules: [TCP Query User{28A5E507-0A58-4EC5-ADA7-B73D962F9A6A}C:\program files\mozilla firefox\firefox.exe] => (Block) C:\program files\mozilla firefox\firefox.exe (Mozilla Corporation -> Mozilla Corporation)
FirewallRules: [UDP Query User{61B900CC-DBF2-4937-9E07-DCF1372A7801}C:\program files\mozilla firefox\firefox.exe] => (Block) C:\program files\mozilla firefox\firefox.exe (Mozilla Corporation -> Mozilla Corporation)
FirewallRules: [{44C47485-6A04-4B2C-B880-213BA4CFD196}] => (Allow) C:\Users\Admin\Downloads\A\hitpaw-edimakor_11722359572270139901.exe => No File
FirewallRules: [{FD18C406-BBFA-47EE-91F4-F4A0DA426297}] => (Allow) C:\Users\Admin\Downloads\A\hitpaw-edimakor_11722359572270139901.exe => No File
FirewallRules: [{E0D85741-E5A5-4CEC-B65A-396697BEE711}] => (Allow) C:\Users\Admin\AppData\Local\Wondershare\Wondershare NativePush\WsToastNotification.exe => No File
FirewallRules: [{A1A5C4AD-34CC-404A-BF6C-6552A75324BA}] => (Block) C:\Program Files\Adobe\Acrobat DC\Acrobat\Acrobat.exe (Adobe Inc. -> Adobe Systems Incorporated)
FirewallRules: [{88A9B3FC-FE86-491A-996E-C54BB956DF51}] => (Block) C:\Program Files\Adobe\Acrobat DC\Acrobat\Acrobat.exe (Adobe Inc. -> Adobe Systems Incorporated)
FirewallRules: [{21D5BF93-665C-4E01-8B6D-681FDC12D93E}] => (Allow) C:\Program Files\Adobe\Acrobat DC\Acrobat\acrocef_1\AcroCEF.exe (Adobe Inc. -> Adobe Systems Incorporated)
FirewallRules: [{5A7638CC-5C35-435C-8704-C9740234DDD0}] => (Block) C:\Program Files\Adobe\Acrobat DC\Acrobat\acrocef_1\AcroCEF.exe (Adobe Inc. -> Adobe Systems Incorporated)
FirewallRules: [{151BB3CA-C26F-4342-BA03-A0C26EE94602}] => (Allow) C:\Program Files (x86)\Microsoft\EdgeWebView\Application\130.0.2849.80\msedgewebview2.exe (Microsoft Corporation -> Microsoft Corporation)
FirewallRules: [{7BEFEB57-61F8-46A9-93EE-1DF9DDE50117}] => (Allow) C:\Program Files\WindowsApps\Microsoft.SkypeApp_15.132.3201.0_x64__kzf8qxf38zg5c\Skype\Skype.exe (Skype Software Sarl -> Skype Technologies S.A.)
FirewallRules: [{C2E99019-B4FF-43C8-B948-F41DC2EF33A5}] => (Allow) C:\Program Files\WindowsApps\Microsoft.SkypeApp_15.132.3201.0_x64__kzf8qxf38zg5c\Skype\Skype.exe (Skype Software Sarl -> Skype Technologies S.A.)
FirewallRules: [{5B9424A9-132F-419F-A62C-0AD3BC54B29F}] => (Allow) C:\Program Files\WindowsApps\Microsoft.SkypeApp_15.132.3201.0_x64__kzf8qxf38zg5c\Skype\Skype.exe (Skype Software Sarl -> Skype Technologies S.A.)
FirewallRules: [{526FF2CF-A304-448C-93ED-B161B966C65F}] => (Allow) C:\Program Files\WindowsApps\Microsoft.SkypeApp_15.132.3201.0_x64__kzf8qxf38zg5c\Skype\Skype.exe (Skype Software Sarl -> Skype Technologies S.A.)
FirewallRules: [{4DFCA0BA-49C7-478E-8CFD-8F6C9C47659C}] => (Allow) C:\Program Files\WindowsApps\SpotifyAB.SpotifyMusic_1.250.335.0_x64__zpdnekdrzrea0\Spotify.exe (453637B3-4E12-4CDF-B0D3-2A3C863BF6EF -> Spotify Ltd)
FirewallRules: [{C5B337BC-ACC6-4B12-ABE4-99BB35626BB6}] => (Allow) C:\Program Files\WindowsApps\SpotifyAB.SpotifyMusic_1.250.335.0_x64__zpdnekdrzrea0\Spotify.exe (453637B3-4E12-4CDF-B0D3-2A3C863BF6EF -> Spotify Ltd)
FirewallRules: [{9B508153-F164-4A6F-AC6F-19266A94C661}] => (Allow) C:\Program Files\WindowsApps\SpotifyAB.SpotifyMusic_1.250.335.0_x64__zpdnekdrzrea0\Spotify.exe (453637B3-4E12-4CDF-B0D3-2A3C863BF6EF -> Spotify Ltd)
FirewallRules: [{8A57A6B7-DBDB-4770-97D9-57E4D5D6374B}] => (Allow) C:\Program Files\WindowsApps\SpotifyAB.SpotifyMusic_1.250.335.0_x64__zpdnekdrzrea0\Spotify.exe (453637B3-4E12-4CDF-B0D3-2A3C863BF6EF -> Spotify Ltd)
FirewallRules: [{E7588D31-4C1A-42BF-B418-1FC9D9672DD8}] => (Allow) C:\Program Files\WindowsApps\SpotifyAB.SpotifyMusic_1.250.335.0_x64__zpdnekdrzrea0\Spotify.exe (453637B3-4E12-4CDF-B0D3-2A3C863BF6EF -> Spotify Ltd)
FirewallRules: [{E60F40D5-0496-4F39-BAC9-42201B58D1BA}] => (Allow) C:\Program Files\WindowsApps\SpotifyAB.SpotifyMusic_1.250.335.0_x64__zpdnekdrzrea0\Spotify.exe (453637B3-4E12-4CDF-B0D3-2A3C863BF6EF -> Spotify Ltd)
FirewallRules: [{27BE8CD0-D32F-44AA-A14D-6D00C60DFACF}] => (Allow) C:\Program Files\WindowsApps\SpotifyAB.SpotifyMusic_1.250.335.0_x64__zpdnekdrzrea0\Spotify.exe (453637B3-4E12-4CDF-B0D3-2A3C863BF6EF -> Spotify Ltd)
FirewallRules: [{1506B091-2EC1-4341-AC96-C46C8629E920}] => (Allow) C:\Program Files\WindowsApps\SpotifyAB.SpotifyMusic_1.250.335.0_x64__zpdnekdrzrea0\Spotify.exe (453637B3-4E12-4CDF-B0D3-2A3C863BF6EF -> Spotify Ltd)
FirewallRules: [{0549674B-F355-4C4B-8694-E83B66E55D4D}] => (Allow) C:\Program Files\WindowsApps\SpotifyAB.SpotifyMusic_1.250.335.0_x64__zpdnekdrzrea0\Spotify.exe (453637B3-4E12-4CDF-B0D3-2A3C863BF6EF -> Spotify Ltd)
FirewallRules: [{845186AB-6AEB-4BE7-8126-DE0D3E42450D}] => (Allow) C:\Program Files\WindowsApps\SpotifyAB.SpotifyMusic_1.250.335.0_x64__zpdnekdrzrea0\Spotify.exe (453637B3-4E12-4CDF-B0D3-2A3C863BF6EF -> Spotify Ltd)
==================== Restore Points =========================
12-11-2024 19:38:09 Instalační služba modulů systému Windows
==================== Faulty Device Manager Devices ============
==================== Event log errors: ========================
Application errors:
==================
Error: (11/18/2024 11:23:51 AM) (Source: Application Error) (EventID: 1000) (User: )
Description: Název chybující aplikace: Photos.exe, verze: 0.0.0.0, časové razítko: 0x67105e8f
Název chybujícího modulu: ntdll.dll, verze: 10.0.19041.5007, časové razítko: 0x688f8c4b
Kód výjimky: 0xc0000005
Posun chyby: 0x000000000002a9c0
ID chybujícího procesu: 0x24a8
Čas spuštění chybující aplikace: 0x01db39a3c586c8e2
Cesta k chybující aplikaci: C:\Program Files\WindowsApps\Microsoft.Windows.Photos_2024.11100.16009.0_x64__8wekyb3d8bbwe\Photos.exe
Cesta k chybujícímu modulu: C:\Windows\SYSTEM32\ntdll.dll
ID zprávy: 35d1cd7c-3369-41c7-a829-891e43ff6aa9
Úplný název chybujícího balíčku: Microsoft.Windows.Photos_2024.11100.16009.0_x64__8wekyb3d8bbwe
ID aplikace související s chybujícím balíčkem: App
Error: (11/13/2024 04:06:59 PM) (Source: Application Hang) (EventID: 1002) (User: )
Description: Program explorer.exe verze 10.0.19041.5129 přestal spolupracovat s Windows a byl ukončen. Pokud chcete zjistit, jestli je k dispozici více informací o tomto problému, vyhledejte historii problému na ovládacím panelu Zabezpečení a údržba.
ID procesu: 18a8
Čas spuštění: 01db359884fd3789
Čas ukončení: 0
Cesta k aplikaci: C:\Windows\explorer.exe
ID hlášení: d0f86ee8-c37f-405b-ab0a-bc23a6dbd8f3
Úplný název balíčku s chybou:
ID aplikace relativní podle balíčku s chybou:
Typ zablokování: Cross-thread
Error: (11/13/2024 08:18:28 AM) (Source: Microsoft-Windows-Defrag) (EventID: 264) (User: )
Description: Optimalizátor úložiště nemohl dokončit opakovat operaci trim na darkane (X:), protože: Požadovaná operace není podporována hardwarem, který zálohuje svazek. (0x8900002A)
Error: (11/06/2024 08:51:51 AM) (Source: Microsoft-Windows-Defrag) (EventID: 264) (User: )
Description: Optimalizátor úložiště nemohl dokončit opakovat operaci trim na darkane (X:), protože: Požadovaná operace není podporována hardwarem, který zálohuje svazek. (0x8900002A)
Error: (11/03/2024 08:54:46 AM) (Source: Application Hang) (EventID: 1002) (User: )
Description: Program Acrobat.exe verze 24.3.20054.0 přestal spolupracovat s Windows a byl ukončen. Pokud chcete zjistit, jestli je k dispozici více informací o tomto problému, vyhledejte historii problému na ovládacím panelu Zabezpečení a údržba.
ID procesu: 1d70
Čas spuštění: 01db2dc59d9b2ab8
Čas ukončení: 17
Cesta k aplikaci: C:\Program Files\Adobe\Acrobat DC\Acrobat\Acrobat.exe
ID hlášení: b8f505af-a99e-4e39-87cb-f5ec6bc1c6b9
Úplný název balíčku s chybou:
ID aplikace relativní podle balíčku s chybou:
Typ zablokování: Unknown
Error: (10/30/2024 08:03:20 AM) (Source: Microsoft-Windows-Defrag) (EventID: 264) (User: )
Description: Optimalizátor úložiště nemohl dokončit opakovat operaci trim na darkane (X:), protože: Požadovaná operace není podporována hardwarem, který zálohuje svazek. (0x8900002A)
Error: (10/23/2024 09:45:12 AM) (Source: Microsoft-Windows-Defrag) (EventID: 264) (User: )
Description: Optimalizátor úložiště nemohl dokončit opakovat operaci trim na darkane (X:), protože: Požadovaná operace není podporována hardwarem, který zálohuje svazek. (0x8900002A)
Error: (10/18/2024 05:40:29 PM) (Source: Application Error) (EventID: 1000) (User: )
Description: Název chybující aplikace: HPPrintScanDoctorService.exe, verze: 6.1.0.0, časové razítko: 0x66f3a61f
Název chybujícího modulu: ntdll.dll, verze: 10.0.19041.5007, časové razítko: 0x688f8c4b
Kód výjimky: 0xc0000374
Posun chyby: 0x00000000000ff3c9
ID chybujícího procesu: 0x21c0
Čas spuštění chybující aplikace: 0x01db1fe24c859de8
Cesta k chybující aplikaci: C:\Program Files\HPPrintScanDoctor\HPPrintScanDoctorService.exe
Cesta k chybujícímu modulu: C:\Windows\SYSTEM32\ntdll.dll
ID zprávy: 510c30d8-df6e-4f45-893e-8f67da9193c2
Úplný název chybujícího balíčku:
ID aplikace související s chybujícím balíčkem:
System errors:
=============
Error: (11/19/2024 04:57:17 PM) (Source: Service Control Manager) (EventID: 7031) (User: )
Description: Služba Windows Presentation Foundation Font Cache 3.0.0.0 byla nečekaně ukončena. Stalo se to 1 krát. Následující opravná akce bude spuštěna za 0 milisekund: Restartovat službu.
Error: (11/19/2024 04:57:17 PM) (Source: Service Control Manager) (EventID: 7034) (User: )
Description: Služba Intel(R) Content Protection HECI Service byla neočekávaně ukončena. Tento stav nastal již 1krát.
Error: (11/19/2024 04:57:17 PM) (Source: Service Control Manager) (EventID: 7034) (User: )
Description: Služba Dolby DAX2 API Service byla neočekávaně ukončena. Tento stav nastal již 1krát.
Error: (11/19/2024 04:57:17 PM) (Source: Service Control Manager) (EventID: 7031) (User: )
Description: Služba LGHUB Updater Service byla nečekaně ukončena. Stalo se to 1 krát. Následující opravná akce bude spuštěna za 5000 milisekund: Restartovat službu.
Error: (11/19/2024 04:57:17 PM) (Source: Service Control Manager) (EventID: 7031) (User: )
Description: Služba Služba Zabezpečení Windows byla nečekaně ukončena. Stalo se to 1 krát. Následující opravná akce bude spuštěna za 60000 milisekund: Restartovat službu.
Error: (11/19/2024 04:57:17 PM) (Source: Service Control Manager) (EventID: 7034) (User: )
Description: Služba Intel(R) Storage Middleware Service byla neočekávaně ukončena. Tento stav nastal již 1krát.
Error: (11/19/2024 04:57:17 PM) (Source: Service Control Manager) (EventID: 7034) (User: )
Description: Služba Intel(R) Dynamic Application Loader Host Interface Service byla neočekávaně ukončena. Tento stav nastal již 1krát.
Error: (11/19/2024 04:57:17 PM) (Source: Service Control Manager) (EventID: 7031) (User: )
Description: Služba HP Print Scan Doctor Service byla nečekaně ukončena. Stalo se to 1 krát. Následující opravná akce bude spuštěna za 5000 milisekund: Restartovat službu.
Windows Defender:
================
Date: 2024-11-19 08:24:13
Description:
Prohledávání Antivirová ochrana v programu Microsoft Defender bylo zastaveno před dokončením.
ID prohledávání: {1F70A28C-0D96-4A05-8FF4-A90F2F251A02}
Typ prohledávání: Antimalwarový program
Parametry prohledávání: Rychlé prohledávání
Uživatel: NT AUTHORITY\SYSTEM
Date: 2024-11-17 09:42:38
Description:
Prohledávání Antivirová ochrana v programu Microsoft Defender bylo zastaveno před dokončením.
ID prohledávání: {7663B7CA-56D2-4997-9AED-C53F2D185D96}
Typ prohledávání: Antimalwarový program
Parametry prohledávání: Rychlé prohledávání
Uživatel: NT AUTHORITY\SYSTEM
Date: 2024-11-16 15:18:03
Description:
Prohledávání Antivirová ochrana v programu Microsoft Defender bylo zastaveno před dokončením.
ID prohledávání: {6036481A-ED6E-434A-A7ED-027787ABCACE}
Typ prohledávání: Antimalwarový program
Parametry prohledávání: Rychlé prohledávání
Uživatel: NT AUTHORITY\SYSTEM
Date: 2024-11-15 07:58:00
Description:
Prohledávání Antivirová ochrana v programu Microsoft Defender bylo zastaveno před dokončením.
ID prohledávání: {8B578602-2E08-4ACE-95EA-92A60A4C2A35}
Typ prohledávání: Antimalwarový program
Parametry prohledávání: Rychlé prohledávání
Uživatel: NT AUTHORITY\SYSTEM
Date: 2024-11-14 08:05:57
Description:
Prohledávání Antivirová ochrana v programu Microsoft Defender bylo zastaveno před dokončením.
ID prohledávání: {35F9E5F4-EA5F-4A9E-B8FA-135CFD96770F}
Typ prohledávání: Antimalwarový program
Parametry prohledávání: Rychlé prohledávání
Uživatel: NT AUTHORITY\SYSTEM
CodeIntegrity:
===============
Date: 2024-11-19 16:43:34
Description:
Code Integrity determined that a process (\Device\HarddiskVolume3\ProgramData\Microsoft\Windows Defender\Platform\4.18.24090.11-0\MpCmdRun.exe) attempted to load \Device\HarddiskVolume3\Program Files\Malwarebytes\Anti-Malware\mbamsi64.dll that did not meet the Microsoft signing level requirements.
Date: 2024-11-19 16:43:33
Description:
Code Integrity determined that a process (\Device\HarddiskVolume3\Program Files\Mozilla Firefox\firefox.exe) attempted to load \Device\HarddiskVolume3\Program Files\Malwarebytes\Anti-Malware\mbae64.dll that did not meet the Microsoft signing level requirements.
Date: 2024-11-19 14:48:53
Description:
Code Integrity determined that a process (\Device\HarddiskVolume3\ProgramData\Microsoft\Windows Defender\Platform\4.18.24090.11-0\MsMpEng.exe) attempted to load \Device\HarddiskVolume3\Windows\System32\DriverStore\FileRepository\igdlh64.inf_amd64_d44295a98a21a376\igd10iumd64.dll that did not meet the Custom 3 / Antimalware signing level requirements.
==================== Memory info ===========================
BIOS: LENOVO M1BKT39A 06/21/2018
Motherboard: LENOVO 3110
Processor: Intel(R) Core(TM) i5-7500 CPU @ 3.40GHz
Percentage of memory in use: 52%
Total physical RAM: 8085.54 MB
Available physical RAM: 3870.6 MB
Total Virtual: 9365.54 MB
Available Virtual: 4909.56 MB
==================== Drives ================================
Drive c: () (Fixed) (Total:237.85 GB) (Free:60.64 GB) (Model: SAMSUNG MZVLB256HAHQ-000L7) NTFS
\\?\Volume{8144f54e-3bbb-42c6-83fd-da2c9438b167}\ () (Fixed) (Total:0.51 GB) (Free:0.08 GB) NTFS
\\?\Volume{d2e7f574-4665-4502-9997-dfa479443cd8}\ () (Fixed) (Total:0.09 GB) (Free:0.07 GB) FAT32
==================== MBR & Partition Table ====================
==========================================================
Disk: 0 (Size: 238.5 GB) (Disk ID: 4596D9D7)
Partition: GPT.
==================== End of Addition.txt =======================
Odvirování PC, zrychlení počítače, vzdálená pomoc prostřednictvím služby neslape.cz
kontrola logu-virus
Moderátor: Moderátoři
Pravidla fóra
Pokud chcete pomoc, vložte log z FRST [návod zde] nebo RSIT [návod zde]
Jednotlivé thready budou po vyřešení uzamčeny. Stejně tak ty, které budou nečinné déle než 14 dní. Vizte Pravidlo o zamykání témat. Děkujeme za pochopení.
!NOVINKA!
Nově lze využívat služby vzdálené pomoci, kdy se k vašemu počítači připojí odborník a bližší informace o problému si od vás získá telefonicky! Více na www.neslape.cz
Pokud chcete pomoc, vložte log z FRST [návod zde] nebo RSIT [návod zde]
Jednotlivé thready budou po vyřešení uzamčeny. Stejně tak ty, které budou nečinné déle než 14 dní. Vizte Pravidlo o zamykání témat. Děkujeme za pochopení.
!NOVINKA!
Nově lze využívat služby vzdálené pomoci, kdy se k vašemu počítači připojí odborník a bližší informace o problému si od vás získá telefonicky! Více na www.neslape.cz
-
Rudy
- Site Admin
- Příspěvky: 119314
- Registrován: 30 říj 2003 13:42
- Bydliště: Plzeň
- Kontaktovat uživatele:
Re: kontrola logu-virus
Otevřte poznámkový blok a zkopírujte do něj:
Uložte na plochu jako fixlist.txt. Spusťte znovu FRST a klikněte na >Fix<. Po skončení akce se objeví log, který sem zkopírujte.Start
CloseProcesses:
HKLM\SOFTWARE\Microsoft\Windows Defender: [DisableAntiSpyware] Restriction <==== ATTENTION
HKLM\SOFTWARE\Microsoft\Windows Defender: [DisableAntiVirus] Restriction <==== ATTENTION
CustomCLSID: HKU\S-1-5-21-3260051251-3003698751-2184876508-1001_Classes\CLSID\{1108FD1C-492F-4251-B9DB-77F0274267B2}\InprocServer32 -> C:\Users\Admin\AppData\Local\Microsoft\EdgeUpdate\1.3.187.37\psuser_64.dll => No File
CustomCLSID: HKU\S-1-5-21-3260051251-3003698751-2184876508-1001_Classes\CLSID\{14100442-9664-1407-2647-000000000000}\localserver32 -> "C:\Users\Admin\AppData\Local\Wondershare\Wondershare NativePush\WsToastNotification.exe" -ToastActivated => No File
CustomCLSID: HKU\S-1-5-21-3260051251-3003698751-2184876508-1001_Classes\CCustomCLSID: HKU\S-1-5-21-3260051251-3003698751-2184876508-1001_Classes\CLSID\{5FC44EBC-3A1F-4FBB-85E5-34405788C8D7}\InprocServer32 -> C:\Users\Admin\AppData\Local\Microsoft\EdgeUpdate\1.3.187.41\psuser_64.dll => No File
CustomCLSID: HKU\S-1-5-21-3260051251-3003698751-2184876508-1001_Classes\CLSID\{6DD6748E-7DAE-47EF-B4D5-03AA1B06D697}\InprocServer32 -> C:\Users\Admin\AppData\Local\Microsoft\EdgeUpdate\1.3.187.39\psuser_64.dll => No File
CustomCLSID: HKU\S-1-5-21-3260051251-3003698751-2184876508-1001_Classes\CLSID\{72726D01-426C-4B35-8266-B4496CAA889E}\InprocServer32 -> C:\Users\Admin\AppData\Local\Microsoft\EdgeUpdate\1.3.183.29\psuser_64.dll => No File
CustomCLSID: HKU\S-1-5-21-3260051251-3003698751-2184876508-1001_Classes\CLSID\{78C1ADF4-6DAE-4164-AEFA-4E3EAD9E750A}\InprocServer32 -> C:\Users\Admin\AppData\Local\Microsoft\EdgeUpdate\1.3.195.19\psuser_64.dll => No File
CLSID\{4FFB4BD8-A109-4F25-A4DB-313678B19417}\InprocServer32 -> C:\Users\Admin\AppData\Local\Microsoft\EdgeUpdate\1.3.195.31\psuser_64.dll => No File
CustomCLSID: HKU\S-1-5-21-3260051251-3003698751-2184876508-1001_Classes\CLSID\{83F21C4B-8643-4A08-A29A-822AFD835037}\InprocServer32 -> C:\Users\Admin\AppData\Local\Microsoft\EdgeUpdate\1.3.193.5\psuser_64.dll => No File
CustomCLSID: HKU\S-1-5-21-3260051251-3003698751-2184876508-1001_Classes\CLSID\{A087E49F-1F8E-4603-A200-55537B737421}\InprocServer32 -> C:\Users\Admin\AppData\Local\Microsoft\EdgeUpdate\1.3.195.25\psuser_64.dll => No File
CustomCLSID: HKU\S-1-5-21-3260051251-3003698751-2184876508-1001_Classes\CLSID\{AE1542A7-3989-481B-93A9-1500C5F56B14}\InprocServer32 -> C:\Users\Admin\AppData\Local\Microsoft\EdgeUpdate\1.3.185.27\psuser_64.dll => No File
CustomCLSID: HKU\S-1-5-21-3260051251-3003698751-2184876508-1001_Classes\CLSID\{B258532D-3529-4BEB-BF38-F08F98B3968C}\InprocServer32 -> C:\Users\Admin\AppData\Local\Microsoft\EdgeUpdate\1.3.195.15\psuser_64.dll => No File
ustomCLSID: HKU\S-1-5-21-3260051251-3003698751-2184876508-1001_Classes\CLSID\{83F21C4B-8643-4A08-A29A-822AFD835037}\InprocServer32 -> C:\Users\Admin\AppData\Local\Microsoft\EdgeUpdate\1.3.193.5\psuser_64.dll => No File
CustomCLSID: HKU\S-1-5-21-3260051251-3003698751-2184876508-1001_Classes\CLSID\{A087E49F-1F8E-4603-A200-55537B737421}\InprocServer32 -> C:\Users\Admin\AppData\Local\Microsoft\EdgeUpdate\1.3.195.25\psuser_64.dll => No File
CustomCLSID: HKU\S-1-5-21-3260051251-3003698751-2184876508-1001_Classes\CLSID\{AE1542A7-3989-481B-93A9-1500C5F56B14}\InprocServer32 -> C:\Users\Admin\AppData\Local\Microsoft\EdgeUpdate\1.3.185.27\psuser_64.dll => No File
CustomCLSID: HKU\S-1-5-21-3260051251-3003698751-2184876508-1001_Classes\CLSID\{B258532D-3529-4BEB-BF38-F08F98B3968C}\InprocServer32 -> C:\Users\Admin\AppData\Local\Microsoft\EdgeUpdate\1.3.195.15\psuser_64.dll => No File
CustomCLSID: HKU\S-1-5-21-3260051251-3003698751-2184876508-1001_Classes\CLSID\{83F21C4B-8643-4A08-A29A-822AFD835037}\InprocServer32 -> C:\Users\Admin\AppData\Local\Microsoft\EdgeUpdate\1.3.193.5\psuser_64.dll => No File
CustomCLSID: HKU\S-1-5-21-3260051251-3003698751-2184876508-1001_Classes\CLSID\{A087E49F-1F8E-4603-A200-55537B737421}\InprocServer32 -> C:\Users\Admin\AppData\Local\Microsoft\EdgeUpdate\1.3.195.25\psuser_64.dll => No File
CustomCLSID: HKU\S-1-5-21-3260051251-3003698751-2184876508-1001_Classes\CLSID\{AE1542A7-3989-481B-93A9-1500C5F56B14}\InprocServer32 -> C:\Users\Admin\AppData\Local\Microsoft\EdgeUpdate\1.3.185.27\psuser_64.dll => No File
CustomCLSID: HKU\S-1-5-21-3260051251-3003698751-2184876508-1001_Classes\CLSID\{B258532D-3529-4BEB-BF38-F08F98B3968C}\InprocServer32 -> C:\Users\Admin\AppData\Local\Microsoft\EdgeUpdate\1.3.195.15\psuser_64.dll => No File
CustomCLSID: HKU\S-1-5-21-3260051251-3003698751-2184876508-1001_Classes\CLSID\{CAE1760A-CB07-481B-8F9A-BC65510AF5D5}\InprocServer32 -> C:\Users\Admin\AppData\Local\Microsoft\EdgeUpdate\1.3.185.21\psuser_64.dll => No File
CustomCLSID: HKU\S-1-5-21-3260051251-3003698751-2184876508-1001_Classes\CLSID\{DAA7499A-B3AC-4419-A89B-124318504051}\InprocServer32 -> C:\Users\Admin\AppData\Local\Microsoft\EdgeUpdate\1.3.185.29\psuser_64.dll => No File
CustomCLSID: HKU\S-1-5-21-3260051251-3003698751-2184876508-1001_Classes\CLSID\{E3D57E77-FE71-4D06-BD34-D48820074909}\InprocServer32 -> C:\Users\Admin\AppData\Local\Microsoft\EdgeUpdate\1.3.181.5\psuser_64.dll => No File
CustomCLSID: HKU\S-1-5-21-3260051251-3003698751-2184876508-1001_Classes\CLSID\{E76F97B1-1AE9-497C-9FA4-F57BBABAD54A}\InprocServer32 -> C:\Users\Admin\AppData\Local\Microsoft\EdgeUpdate\1.3.185.17\psuser_64.dll => No File
CustomCLSID: HKU\S-1-5-21-3260051251-3003698751-2184876508-1001_Classes\CLSID\{F1658933-2997-4DDB-869C-061D53A9718E}\InprocServer32 -> C:\Users\Admin\AppData\Local\Microsoft\EdgeUpdate\1.3.195.21\psuser_64.dll => No File
ContextMenuHandlers5: [igfxcui] -> {3AB1675A-CCFF-11D2-8B20-00A0C93CB1F4} => -> No File
AlternateDataStreams: C:\Users\Admin\Desktop\FRST64.exe:MBAM.Zone.Identifier [193]
AlternateDataStreams: C:\ProgramData\TEMP:8934AEBA [138]
FirewallRules: [{44C47485-6A04-4B2C-B880-213BA4CFD196}] => (Allow) C:\Users\Admin\Downloads\A\hitpaw-edimakor_11722359572270139901.exe => No File
FirewallRules: [{FD18C406-BBFA-47EE-91F4-F4A0DA426297}] => (Allow) C:\Users\Admin\Downloads\A\hitpaw-edimakor_11722359572270139901.exe => No File
FirewallRules: [{E0D85741-E5A5-4CEC-B65A-396697BEE711}] => (Allow) C:\Users\Admin\AppData\Local\Wondershare\Wondershare NativePush\WsToastNotification.exe => No File
EmptyTemp:
Hosts:
End
Dotazy a logy vkládejte pouze do vašich threadů. Soukromé zprávy, icq a e-maily neslouží k řešení vašich problémů.
Podpořte, prosím, naše fórum : https://platba.viry.cz/payment/.
Navštivte:
e-mail: rudy(zavináč)forum.viry.cz
Varování: Před odvirováním PC si udělejte zálohy svých důležitých dat (pošta, kontakty, dokumenty, fotografie, videa, hudba apod.). Virus mimo svých "viditelných" aktivit může poškodit systém!
Po dořešení vašeho problému bude vlákno zamknuto. Stejně tak tehdy, pokud bude nečinné více než 14dnů. Pokud budete chtít vlákno aktivovat, napište mi na mail uvedený výše.
Podpořte, prosím, naše fórum : https://platba.viry.cz/payment/.
Navštivte:
e-mail: rudy(zavináč)forum.viry.cz
Varování: Před odvirováním PC si udělejte zálohy svých důležitých dat (pošta, kontakty, dokumenty, fotografie, videa, hudba apod.). Virus mimo svých "viditelných" aktivit může poškodit systém!
Po dořešení vašeho problému bude vlákno zamknuto. Stejně tak tehdy, pokud bude nečinné více než 14dnů. Pokud budete chtít vlákno aktivovat, napište mi na mail uvedený výše.
Re: kontrola logu-virus
Fix result of Farbar Recovery Scan Tool (x64) Version: 18-11-2024
Ran by Admin (19-11-2024 20:29:56) Run:1
Running from C:\Users\Admin\Desktop
Loaded Profiles: Admin
Boot Mode: Normal
==============================================
fixlist content:
*****************
Start
CloseProcesses:
HKLM\SOFTWARE\Microsoft\Windows Defender: [DisableAntiSpyware] Restriction <==== ATTENTION
HKLM\SOFTWARE\Microsoft\Windows Defender: [DisableAntiVirus] Restriction <==== ATTENTION
CustomCLSID: HKU\S-1-5-21-3260051251-3003698751-2184876508-1001_Classes\CLSID\{1108FD1C-492F-4251-B9DB-77F0274267B2}\InprocServer32 -> C:\Users\Admin\AppData\Local\Microsoft\EdgeUpdate\1.3.187.37\psuser_64.dll => No File
CustomCLSID: HKU\S-1-5-21-3260051251-3003698751-2184876508-1001_Classes\CLSID\{14100442-9664-1407-2647-000000000000}\localserver32 -> "C:\Users\Admin\AppData\Local\Wondershare\Wondershare NativePush\WsToastNotification.exe" -ToastActivated => No File
CustomCLSID: HKU\S-1-5-21-3260051251-3003698751-2184876508-1001_Classes\CCustomCLSID: HKU\S-1-5-21-3260051251-3003698751-2184876508-1001_Classes\CLSID\{5FC44EBC-3A1F-4FBB-85E5-34405788C8D7}\InprocServer32 -> C:\Users\Admin\AppData\Local\Microsoft\EdgeUpdate\1.3.187.41\psuser_64.dll => No File
CustomCLSID: HKU\S-1-5-21-3260051251-3003698751-2184876508-1001_Classes\CLSID\{6DD6748E-7DAE-47EF-B4D5-03AA1B06D697}\InprocServer32 -> C:\Users\Admin\AppData\Local\Microsoft\EdgeUpdate\1.3.187.39\psuser_64.dll => No File
CustomCLSID: HKU\S-1-5-21-3260051251-3003698751-2184876508-1001_Classes\CLSID\{72726D01-426C-4B35-8266-B4496CAA889E}\InprocServer32 -> C:\Users\Admin\AppData\Local\Microsoft\EdgeUpdate\1.3.183.29\psuser_64.dll => No File
CustomCLSID: HKU\S-1-5-21-3260051251-3003698751-2184876508-1001_Classes\CLSID\{78C1ADF4-6DAE-4164-AEFA-4E3EAD9E750A}\InprocServer32 -> C:\Users\Admin\AppData\Local\Microsoft\EdgeUpdate\1.3.195.19\psuser_64.dll => No File
CLSID\{4FFB4BD8-A109-4F25-A4DB-313678B19417}\InprocServer32 -> C:\Users\Admin\AppData\Local\Microsoft\EdgeUpdate\1.3.195.31\psuser_64.dll => No File
CustomCLSID: HKU\S-1-5-21-3260051251-3003698751-2184876508-1001_Classes\CLSID\{83F21C4B-8643-4A08-A29A-822AFD835037}\InprocServer32 -> C:\Users\Admin\AppData\Local\Microsoft\EdgeUpdate\1.3.193.5\psuser_64.dll => No File
CustomCLSID: HKU\S-1-5-21-3260051251-3003698751-2184876508-1001_Classes\CLSID\{A087E49F-1F8E-4603-A200-55537B737421}\InprocServer32 -> C:\Users\Admin\AppData\Local\Microsoft\EdgeUpdate\1.3.195.25\psuser_64.dll => No File
CustomCLSID: HKU\S-1-5-21-3260051251-3003698751-2184876508-1001_Classes\CLSID\{AE1542A7-3989-481B-93A9-1500C5F56B14}\InprocServer32 -> C:\Users\Admin\AppData\Local\Microsoft\EdgeUpdate\1.3.185.27\psuser_64.dll => No File
CustomCLSID: HKU\S-1-5-21-3260051251-3003698751-2184876508-1001_Classes\CLSID\{B258532D-3529-4BEB-BF38-F08F98B3968C}\InprocServer32 -> C:\Users\Admin\AppData\Local\Microsoft\EdgeUpdate\1.3.195.15\psuser_64.dll => No File
ustomCLSID: HKU\S-1-5-21-3260051251-3003698751-2184876508-1001_Classes\CLSID\{83F21C4B-8643-4A08-A29A-822AFD835037}\InprocServer32 -> C:\Users\Admin\AppData\Local\Microsoft\EdgeUpdate\1.3.193.5\psuser_64.dll => No File
CustomCLSID: HKU\S-1-5-21-3260051251-3003698751-2184876508-1001_Classes\CLSID\{A087E49F-1F8E-4603-A200-55537B737421}\InprocServer32 -> C:\Users\Admin\AppData\Local\Microsoft\EdgeUpdate\1.3.195.25\psuser_64.dll => No File
CustomCLSID: HKU\S-1-5-21-3260051251-3003698751-2184876508-1001_Classes\CLSID\{AE1542A7-3989-481B-93A9-1500C5F56B14}\InprocServer32 -> C:\Users\Admin\AppData\Local\Microsoft\EdgeUpdate\1.3.185.27\psuser_64.dll => No File
CustomCLSID: HKU\S-1-5-21-3260051251-3003698751-2184876508-1001_Classes\CLSID\{B258532D-3529-4BEB-BF38-F08F98B3968C}\InprocServer32 -> C:\Users\Admin\AppData\Local\Microsoft\EdgeUpdate\1.3.195.15\psuser_64.dll => No File
CustomCLSID: HKU\S-1-5-21-3260051251-3003698751-2184876508-1001_Classes\CLSID\{83F21C4B-8643-4A08-A29A-822AFD835037}\InprocServer32 -> C:\Users\Admin\AppData\Local\Microsoft\EdgeUpdate\1.3.193.5\psuser_64.dll => No File
CustomCLSID: HKU\S-1-5-21-3260051251-3003698751-2184876508-1001_Classes\CLSID\{A087E49F-1F8E-4603-A200-55537B737421}\InprocServer32 -> C:\Users\Admin\AppData\Local\Microsoft\EdgeUpdate\1.3.195.25\psuser_64.dll => No File
CustomCLSID: HKU\S-1-5-21-3260051251-3003698751-2184876508-1001_Classes\CLSID\{AE1542A7-3989-481B-93A9-1500C5F56B14}\InprocServer32 -> C:\Users\Admin\AppData\Local\Microsoft\EdgeUpdate\1.3.185.27\psuser_64.dll => No File
CustomCLSID: HKU\S-1-5-21-3260051251-3003698751-2184876508-1001_Classes\CLSID\{B258532D-3529-4BEB-BF38-F08F98B3968C}\InprocServer32 -> C:\Users\Admin\AppData\Local\Microsoft\EdgeUpdate\1.3.195.15\psuser_64.dll => No File
CustomCLSID: HKU\S-1-5-21-3260051251-3003698751-2184876508-1001_Classes\CLSID\{CAE1760A-CB07-481B-8F9A-BC65510AF5D5}\InprocServer32 -> C:\Users\Admin\AppData\Local\Microsoft\EdgeUpdate\1.3.185.21\psuser_64.dll => No File
CustomCLSID: HKU\S-1-5-21-3260051251-3003698751-2184876508-1001_Classes\CLSID\{DAA7499A-B3AC-4419-A89B-124318504051}\InprocServer32 -> C:\Users\Admin\AppData\Local\Microsoft\EdgeUpdate\1.3.185.29\psuser_64.dll => No File
CustomCLSID: HKU\S-1-5-21-3260051251-3003698751-2184876508-1001_Classes\CLSID\{E3D57E77-FE71-4D06-BD34-D48820074909}\InprocServer32 -> C:\Users\Admin\AppData\Local\Microsoft\EdgeUpdate\1.3.181.5\psuser_64.dll => No File
CustomCLSID: HKU\S-1-5-21-3260051251-3003698751-2184876508-1001_Classes\CLSID\{E76F97B1-1AE9-497C-9FA4-F57BBABAD54A}\InprocServer32 -> C:\Users\Admin\AppData\Local\Microsoft\EdgeUpdate\1.3.185.17\psuser_64.dll => No File
CustomCLSID: HKU\S-1-5-21-3260051251-3003698751-2184876508-1001_Classes\CLSID\{F1658933-2997-4DDB-869C-061D53A9718E}\InprocServer32 -> C:\Users\Admin\AppData\Local\Microsoft\EdgeUpdate\1.3.195.21\psuser_64.dll => No File
ContextMenuHandlers5: [igfxcui] -> {3AB1675A-CCFF-11D2-8B20-00A0C93CB1F4} => -> No File
AlternateDataStreams: C:\Users\Admin\Desktop\FRST64.exe:MBAM.Zone.Identifier [193]
AlternateDataStreams: C:\ProgramData\TEMP:8934AEBA [138]
FirewallRules: [{44C47485-6A04-4B2C-B880-213BA4CFD196}] => (Allow) C:\Users\Admin\Downloads\A\hitpaw-edimakor_11722359572270139901.exe => No File
FirewallRules: [{FD18C406-BBFA-47EE-91F4-F4A0DA426297}] => (Allow) C:\Users\Admin\Downloads\A\hitpaw-edimakor_11722359572270139901.exe => No File
FirewallRules: [{E0D85741-E5A5-4CEC-B65A-396697BEE711}] => (Allow) C:\Users\Admin\AppData\Local\Wondershare\Wondershare NativePush\WsToastNotification.exe => No File
EmptyTemp:
Hosts:
End
*****************
Processes closed successfully.
HKLM\SOFTWARE\Microsoft\Windows Defender\\"DisableAntiSpyware"="0" => value restored successfully
HKLM\SOFTWARE\Microsoft\Windows Defender\\"DisableAntiVirus"="0" => value restored successfully
HKU\S-1-5-21-3260051251-3003698751-2184876508-1001_Classes\CLSID\{1108FD1C-492F-4251-B9DB-77F0274267B2} => removed successfully
HKU\S-1-5-21-3260051251-3003698751-2184876508-1001_Classes\CLSID\{14100442-9664-1407-2647-000000000000} => removed successfully
"HKU\S-1-5-21-3260051251-3003698751-2184876508-1001_Classes\CCustomCLSID: HKU\S-1-5-21-3260051251-3003698751-2184876508-1001_Classes\CLSID\{5FC44EBC-3A1F-4FBB-85E5-34405788C8D7}" => not found
HKU\S-1-5-21-3260051251-3003698751-2184876508-1001_Classes\CLSID\{6DD6748E-7DAE-47EF-B4D5-03AA1B06D697} => removed successfully
HKU\S-1-5-21-3260051251-3003698751-2184876508-1001_Classes\CLSID\{72726D01-426C-4B35-8266-B4496CAA889E} => removed successfully
HKU\S-1-5-21-3260051251-3003698751-2184876508-1001_Classes\CLSID\{78C1ADF4-6DAE-4164-AEFA-4E3EAD9E750A} => removed successfully
CLSID\{4FFB4BD8-A109-4F25-A4DB-313678B19417}\InprocServer32 -> C:\Users\Admin\AppData\Local\Microsoft\EdgeUpdate\1.3.195.31\psuser_64.dll => No File => Error: No automatic fix found for this entry.
HKU\S-1-5-21-3260051251-3003698751-2184876508-1001_Classes\CLSID\{83F21C4B-8643-4A08-A29A-822AFD835037} => removed successfully
HKU\S-1-5-21-3260051251-3003698751-2184876508-1001_Classes\CLSID\{A087E49F-1F8E-4603-A200-55537B737421} => removed successfully
HKU\S-1-5-21-3260051251-3003698751-2184876508-1001_Classes\CLSID\{AE1542A7-3989-481B-93A9-1500C5F56B14} => removed successfully
HKU\S-1-5-21-3260051251-3003698751-2184876508-1001_Classes\CLSID\{B258532D-3529-4BEB-BF38-F08F98B3968C} => removed successfully
ustomCLSID: HKU\S-1-5-21-3260051251-3003698751-2184876508-1001_Classes\CLSID\{83F21C4B-8643-4A08-A29A-822AFD835037}\InprocServer32 -> C:\Users\Admin\AppData\Local\Microsoft\EdgeUpdate\1.3.193.5\psuser_64.dll => No File => Error: No automatic fix found for this entry.
HKU\S-1-5-21-3260051251-3003698751-2184876508-1001_Classes\CLSID\{A087E49F-1F8E-4603-A200-55537B737421} => not found
HKU\S-1-5-21-3260051251-3003698751-2184876508-1001_Classes\CLSID\{AE1542A7-3989-481B-93A9-1500C5F56B14} => not found
HKU\S-1-5-21-3260051251-3003698751-2184876508-1001_Classes\CLSID\{B258532D-3529-4BEB-BF38-F08F98B3968C} => not found
HKU\S-1-5-21-3260051251-3003698751-2184876508-1001_Classes\CLSID\{83F21C4B-8643-4A08-A29A-822AFD835037} => not found
HKU\S-1-5-21-3260051251-3003698751-2184876508-1001_Classes\CLSID\{A087E49F-1F8E-4603-A200-55537B737421} => not found
HKU\S-1-5-21-3260051251-3003698751-2184876508-1001_Classes\CLSID\{AE1542A7-3989-481B-93A9-1500C5F56B14} => not found
HKU\S-1-5-21-3260051251-3003698751-2184876508-1001_Classes\CLSID\{B258532D-3529-4BEB-BF38-F08F98B3968C} => not found
HKU\S-1-5-21-3260051251-3003698751-2184876508-1001_Classes\CLSID\{CAE1760A-CB07-481B-8F9A-BC65510AF5D5} => removed successfully
HKU\S-1-5-21-3260051251-3003698751-2184876508-1001_Classes\CLSID\{DAA7499A-B3AC-4419-A89B-124318504051} => removed successfully
HKU\S-1-5-21-3260051251-3003698751-2184876508-1001_Classes\CLSID\{E3D57E77-FE71-4D06-BD34-D48820074909} => removed successfully
HKU\S-1-5-21-3260051251-3003698751-2184876508-1001_Classes\CLSID\{E76F97B1-1AE9-497C-9FA4-F57BBABAD54A} => removed successfully
HKU\S-1-5-21-3260051251-3003698751-2184876508-1001_Classes\CLSID\{F1658933-2997-4DDB-869C-061D53A9718E} => removed successfully
HKLM\Software\Classes\Directory\Background\ShellEx\ContextMenuHandlers\igfxcui => removed successfully
C:\Users\Admin\Desktop\FRST64.exe => ":MBAM.Zone.Identifier" ADS removed successfully
C:\ProgramData\TEMP => ":8934AEBA" ADS removed successfully
"HKLM\SYSTEM\CurrentControlSet\services\SharedAccess\Parameters\FirewallPolicy\FirewallRules\\{44C47485-6A04-4B2C-B880-213BA4CFD196}" => removed successfully
"HKLM\SYSTEM\CurrentControlSet\services\SharedAccess\Parameters\FirewallPolicy\FirewallRules\\{FD18C406-BBFA-47EE-91F4-F4A0DA426297}" => removed successfully
"HKLM\SYSTEM\CurrentControlSet\services\SharedAccess\Parameters\FirewallPolicy\FirewallRules\\{E0D85741-E5A5-4CEC-B65A-396697BEE711}" => removed successfully
C:\Windows\System32\Drivers\etc\hosts => moved successfully
Hosts restored successfully.
=========== EmptyTemp: ==========
FlushDNS => completed
BITS transfer queue => 1572864 B
DOMStore, IE Recovery, AppCache, Feeds Cache, Thumbcache, IconCache => 467944115 B
Java, Discord, Steam htmlcache, WinHttpAutoProxySvc/winhttp *.cache => 0 B
Windows/system/drivers => 16727301 B
Edge => 0 B
Firefox => 1409558005 B
Opera => 0 B
Temp, IE cache, history, cookies, recent:
Default => 5120 B
ProgramData => 5120 B
Public => 5120 B
systemprofile => 22159 B
systemprofile32 => 22159 B
LocalService => 26411 B
NetworkService => 323545 B
Admin => 231555722 B
RecycleBin => 1225 B
EmptyTemp: => 2 GB temporary data Removed.
================================
The system needed a reboot.
==== End of Fixlog 20:53:21 ====
Ran by Admin (19-11-2024 20:29:56) Run:1
Running from C:\Users\Admin\Desktop
Loaded Profiles: Admin
Boot Mode: Normal
==============================================
fixlist content:
*****************
Start
CloseProcesses:
HKLM\SOFTWARE\Microsoft\Windows Defender: [DisableAntiSpyware] Restriction <==== ATTENTION
HKLM\SOFTWARE\Microsoft\Windows Defender: [DisableAntiVirus] Restriction <==== ATTENTION
CustomCLSID: HKU\S-1-5-21-3260051251-3003698751-2184876508-1001_Classes\CLSID\{1108FD1C-492F-4251-B9DB-77F0274267B2}\InprocServer32 -> C:\Users\Admin\AppData\Local\Microsoft\EdgeUpdate\1.3.187.37\psuser_64.dll => No File
CustomCLSID: HKU\S-1-5-21-3260051251-3003698751-2184876508-1001_Classes\CLSID\{14100442-9664-1407-2647-000000000000}\localserver32 -> "C:\Users\Admin\AppData\Local\Wondershare\Wondershare NativePush\WsToastNotification.exe" -ToastActivated => No File
CustomCLSID: HKU\S-1-5-21-3260051251-3003698751-2184876508-1001_Classes\CCustomCLSID: HKU\S-1-5-21-3260051251-3003698751-2184876508-1001_Classes\CLSID\{5FC44EBC-3A1F-4FBB-85E5-34405788C8D7}\InprocServer32 -> C:\Users\Admin\AppData\Local\Microsoft\EdgeUpdate\1.3.187.41\psuser_64.dll => No File
CustomCLSID: HKU\S-1-5-21-3260051251-3003698751-2184876508-1001_Classes\CLSID\{6DD6748E-7DAE-47EF-B4D5-03AA1B06D697}\InprocServer32 -> C:\Users\Admin\AppData\Local\Microsoft\EdgeUpdate\1.3.187.39\psuser_64.dll => No File
CustomCLSID: HKU\S-1-5-21-3260051251-3003698751-2184876508-1001_Classes\CLSID\{72726D01-426C-4B35-8266-B4496CAA889E}\InprocServer32 -> C:\Users\Admin\AppData\Local\Microsoft\EdgeUpdate\1.3.183.29\psuser_64.dll => No File
CustomCLSID: HKU\S-1-5-21-3260051251-3003698751-2184876508-1001_Classes\CLSID\{78C1ADF4-6DAE-4164-AEFA-4E3EAD9E750A}\InprocServer32 -> C:\Users\Admin\AppData\Local\Microsoft\EdgeUpdate\1.3.195.19\psuser_64.dll => No File
CLSID\{4FFB4BD8-A109-4F25-A4DB-313678B19417}\InprocServer32 -> C:\Users\Admin\AppData\Local\Microsoft\EdgeUpdate\1.3.195.31\psuser_64.dll => No File
CustomCLSID: HKU\S-1-5-21-3260051251-3003698751-2184876508-1001_Classes\CLSID\{83F21C4B-8643-4A08-A29A-822AFD835037}\InprocServer32 -> C:\Users\Admin\AppData\Local\Microsoft\EdgeUpdate\1.3.193.5\psuser_64.dll => No File
CustomCLSID: HKU\S-1-5-21-3260051251-3003698751-2184876508-1001_Classes\CLSID\{A087E49F-1F8E-4603-A200-55537B737421}\InprocServer32 -> C:\Users\Admin\AppData\Local\Microsoft\EdgeUpdate\1.3.195.25\psuser_64.dll => No File
CustomCLSID: HKU\S-1-5-21-3260051251-3003698751-2184876508-1001_Classes\CLSID\{AE1542A7-3989-481B-93A9-1500C5F56B14}\InprocServer32 -> C:\Users\Admin\AppData\Local\Microsoft\EdgeUpdate\1.3.185.27\psuser_64.dll => No File
CustomCLSID: HKU\S-1-5-21-3260051251-3003698751-2184876508-1001_Classes\CLSID\{B258532D-3529-4BEB-BF38-F08F98B3968C}\InprocServer32 -> C:\Users\Admin\AppData\Local\Microsoft\EdgeUpdate\1.3.195.15\psuser_64.dll => No File
ustomCLSID: HKU\S-1-5-21-3260051251-3003698751-2184876508-1001_Classes\CLSID\{83F21C4B-8643-4A08-A29A-822AFD835037}\InprocServer32 -> C:\Users\Admin\AppData\Local\Microsoft\EdgeUpdate\1.3.193.5\psuser_64.dll => No File
CustomCLSID: HKU\S-1-5-21-3260051251-3003698751-2184876508-1001_Classes\CLSID\{A087E49F-1F8E-4603-A200-55537B737421}\InprocServer32 -> C:\Users\Admin\AppData\Local\Microsoft\EdgeUpdate\1.3.195.25\psuser_64.dll => No File
CustomCLSID: HKU\S-1-5-21-3260051251-3003698751-2184876508-1001_Classes\CLSID\{AE1542A7-3989-481B-93A9-1500C5F56B14}\InprocServer32 -> C:\Users\Admin\AppData\Local\Microsoft\EdgeUpdate\1.3.185.27\psuser_64.dll => No File
CustomCLSID: HKU\S-1-5-21-3260051251-3003698751-2184876508-1001_Classes\CLSID\{B258532D-3529-4BEB-BF38-F08F98B3968C}\InprocServer32 -> C:\Users\Admin\AppData\Local\Microsoft\EdgeUpdate\1.3.195.15\psuser_64.dll => No File
CustomCLSID: HKU\S-1-5-21-3260051251-3003698751-2184876508-1001_Classes\CLSID\{83F21C4B-8643-4A08-A29A-822AFD835037}\InprocServer32 -> C:\Users\Admin\AppData\Local\Microsoft\EdgeUpdate\1.3.193.5\psuser_64.dll => No File
CustomCLSID: HKU\S-1-5-21-3260051251-3003698751-2184876508-1001_Classes\CLSID\{A087E49F-1F8E-4603-A200-55537B737421}\InprocServer32 -> C:\Users\Admin\AppData\Local\Microsoft\EdgeUpdate\1.3.195.25\psuser_64.dll => No File
CustomCLSID: HKU\S-1-5-21-3260051251-3003698751-2184876508-1001_Classes\CLSID\{AE1542A7-3989-481B-93A9-1500C5F56B14}\InprocServer32 -> C:\Users\Admin\AppData\Local\Microsoft\EdgeUpdate\1.3.185.27\psuser_64.dll => No File
CustomCLSID: HKU\S-1-5-21-3260051251-3003698751-2184876508-1001_Classes\CLSID\{B258532D-3529-4BEB-BF38-F08F98B3968C}\InprocServer32 -> C:\Users\Admin\AppData\Local\Microsoft\EdgeUpdate\1.3.195.15\psuser_64.dll => No File
CustomCLSID: HKU\S-1-5-21-3260051251-3003698751-2184876508-1001_Classes\CLSID\{CAE1760A-CB07-481B-8F9A-BC65510AF5D5}\InprocServer32 -> C:\Users\Admin\AppData\Local\Microsoft\EdgeUpdate\1.3.185.21\psuser_64.dll => No File
CustomCLSID: HKU\S-1-5-21-3260051251-3003698751-2184876508-1001_Classes\CLSID\{DAA7499A-B3AC-4419-A89B-124318504051}\InprocServer32 -> C:\Users\Admin\AppData\Local\Microsoft\EdgeUpdate\1.3.185.29\psuser_64.dll => No File
CustomCLSID: HKU\S-1-5-21-3260051251-3003698751-2184876508-1001_Classes\CLSID\{E3D57E77-FE71-4D06-BD34-D48820074909}\InprocServer32 -> C:\Users\Admin\AppData\Local\Microsoft\EdgeUpdate\1.3.181.5\psuser_64.dll => No File
CustomCLSID: HKU\S-1-5-21-3260051251-3003698751-2184876508-1001_Classes\CLSID\{E76F97B1-1AE9-497C-9FA4-F57BBABAD54A}\InprocServer32 -> C:\Users\Admin\AppData\Local\Microsoft\EdgeUpdate\1.3.185.17\psuser_64.dll => No File
CustomCLSID: HKU\S-1-5-21-3260051251-3003698751-2184876508-1001_Classes\CLSID\{F1658933-2997-4DDB-869C-061D53A9718E}\InprocServer32 -> C:\Users\Admin\AppData\Local\Microsoft\EdgeUpdate\1.3.195.21\psuser_64.dll => No File
ContextMenuHandlers5: [igfxcui] -> {3AB1675A-CCFF-11D2-8B20-00A0C93CB1F4} => -> No File
AlternateDataStreams: C:\Users\Admin\Desktop\FRST64.exe:MBAM.Zone.Identifier [193]
AlternateDataStreams: C:\ProgramData\TEMP:8934AEBA [138]
FirewallRules: [{44C47485-6A04-4B2C-B880-213BA4CFD196}] => (Allow) C:\Users\Admin\Downloads\A\hitpaw-edimakor_11722359572270139901.exe => No File
FirewallRules: [{FD18C406-BBFA-47EE-91F4-F4A0DA426297}] => (Allow) C:\Users\Admin\Downloads\A\hitpaw-edimakor_11722359572270139901.exe => No File
FirewallRules: [{E0D85741-E5A5-4CEC-B65A-396697BEE711}] => (Allow) C:\Users\Admin\AppData\Local\Wondershare\Wondershare NativePush\WsToastNotification.exe => No File
EmptyTemp:
Hosts:
End
*****************
Processes closed successfully.
HKLM\SOFTWARE\Microsoft\Windows Defender\\"DisableAntiSpyware"="0" => value restored successfully
HKLM\SOFTWARE\Microsoft\Windows Defender\\"DisableAntiVirus"="0" => value restored successfully
HKU\S-1-5-21-3260051251-3003698751-2184876508-1001_Classes\CLSID\{1108FD1C-492F-4251-B9DB-77F0274267B2} => removed successfully
HKU\S-1-5-21-3260051251-3003698751-2184876508-1001_Classes\CLSID\{14100442-9664-1407-2647-000000000000} => removed successfully
"HKU\S-1-5-21-3260051251-3003698751-2184876508-1001_Classes\CCustomCLSID: HKU\S-1-5-21-3260051251-3003698751-2184876508-1001_Classes\CLSID\{5FC44EBC-3A1F-4FBB-85E5-34405788C8D7}" => not found
HKU\S-1-5-21-3260051251-3003698751-2184876508-1001_Classes\CLSID\{6DD6748E-7DAE-47EF-B4D5-03AA1B06D697} => removed successfully
HKU\S-1-5-21-3260051251-3003698751-2184876508-1001_Classes\CLSID\{72726D01-426C-4B35-8266-B4496CAA889E} => removed successfully
HKU\S-1-5-21-3260051251-3003698751-2184876508-1001_Classes\CLSID\{78C1ADF4-6DAE-4164-AEFA-4E3EAD9E750A} => removed successfully
CLSID\{4FFB4BD8-A109-4F25-A4DB-313678B19417}\InprocServer32 -> C:\Users\Admin\AppData\Local\Microsoft\EdgeUpdate\1.3.195.31\psuser_64.dll => No File => Error: No automatic fix found for this entry.
HKU\S-1-5-21-3260051251-3003698751-2184876508-1001_Classes\CLSID\{83F21C4B-8643-4A08-A29A-822AFD835037} => removed successfully
HKU\S-1-5-21-3260051251-3003698751-2184876508-1001_Classes\CLSID\{A087E49F-1F8E-4603-A200-55537B737421} => removed successfully
HKU\S-1-5-21-3260051251-3003698751-2184876508-1001_Classes\CLSID\{AE1542A7-3989-481B-93A9-1500C5F56B14} => removed successfully
HKU\S-1-5-21-3260051251-3003698751-2184876508-1001_Classes\CLSID\{B258532D-3529-4BEB-BF38-F08F98B3968C} => removed successfully
ustomCLSID: HKU\S-1-5-21-3260051251-3003698751-2184876508-1001_Classes\CLSID\{83F21C4B-8643-4A08-A29A-822AFD835037}\InprocServer32 -> C:\Users\Admin\AppData\Local\Microsoft\EdgeUpdate\1.3.193.5\psuser_64.dll => No File => Error: No automatic fix found for this entry.
HKU\S-1-5-21-3260051251-3003698751-2184876508-1001_Classes\CLSID\{A087E49F-1F8E-4603-A200-55537B737421} => not found
HKU\S-1-5-21-3260051251-3003698751-2184876508-1001_Classes\CLSID\{AE1542A7-3989-481B-93A9-1500C5F56B14} => not found
HKU\S-1-5-21-3260051251-3003698751-2184876508-1001_Classes\CLSID\{B258532D-3529-4BEB-BF38-F08F98B3968C} => not found
HKU\S-1-5-21-3260051251-3003698751-2184876508-1001_Classes\CLSID\{83F21C4B-8643-4A08-A29A-822AFD835037} => not found
HKU\S-1-5-21-3260051251-3003698751-2184876508-1001_Classes\CLSID\{A087E49F-1F8E-4603-A200-55537B737421} => not found
HKU\S-1-5-21-3260051251-3003698751-2184876508-1001_Classes\CLSID\{AE1542A7-3989-481B-93A9-1500C5F56B14} => not found
HKU\S-1-5-21-3260051251-3003698751-2184876508-1001_Classes\CLSID\{B258532D-3529-4BEB-BF38-F08F98B3968C} => not found
HKU\S-1-5-21-3260051251-3003698751-2184876508-1001_Classes\CLSID\{CAE1760A-CB07-481B-8F9A-BC65510AF5D5} => removed successfully
HKU\S-1-5-21-3260051251-3003698751-2184876508-1001_Classes\CLSID\{DAA7499A-B3AC-4419-A89B-124318504051} => removed successfully
HKU\S-1-5-21-3260051251-3003698751-2184876508-1001_Classes\CLSID\{E3D57E77-FE71-4D06-BD34-D48820074909} => removed successfully
HKU\S-1-5-21-3260051251-3003698751-2184876508-1001_Classes\CLSID\{E76F97B1-1AE9-497C-9FA4-F57BBABAD54A} => removed successfully
HKU\S-1-5-21-3260051251-3003698751-2184876508-1001_Classes\CLSID\{F1658933-2997-4DDB-869C-061D53A9718E} => removed successfully
HKLM\Software\Classes\Directory\Background\ShellEx\ContextMenuHandlers\igfxcui => removed successfully
C:\Users\Admin\Desktop\FRST64.exe => ":MBAM.Zone.Identifier" ADS removed successfully
C:\ProgramData\TEMP => ":8934AEBA" ADS removed successfully
"HKLM\SYSTEM\CurrentControlSet\services\SharedAccess\Parameters\FirewallPolicy\FirewallRules\\{44C47485-6A04-4B2C-B880-213BA4CFD196}" => removed successfully
"HKLM\SYSTEM\CurrentControlSet\services\SharedAccess\Parameters\FirewallPolicy\FirewallRules\\{FD18C406-BBFA-47EE-91F4-F4A0DA426297}" => removed successfully
"HKLM\SYSTEM\CurrentControlSet\services\SharedAccess\Parameters\FirewallPolicy\FirewallRules\\{E0D85741-E5A5-4CEC-B65A-396697BEE711}" => removed successfully
C:\Windows\System32\Drivers\etc\hosts => moved successfully
Hosts restored successfully.
=========== EmptyTemp: ==========
FlushDNS => completed
BITS transfer queue => 1572864 B
DOMStore, IE Recovery, AppCache, Feeds Cache, Thumbcache, IconCache => 467944115 B
Java, Discord, Steam htmlcache, WinHttpAutoProxySvc/winhttp *.cache => 0 B
Windows/system/drivers => 16727301 B
Edge => 0 B
Firefox => 1409558005 B
Opera => 0 B
Temp, IE cache, history, cookies, recent:
Default => 5120 B
ProgramData => 5120 B
Public => 5120 B
systemprofile => 22159 B
systemprofile32 => 22159 B
LocalService => 26411 B
NetworkService => 323545 B
Admin => 231555722 B
RecycleBin => 1225 B
EmptyTemp: => 2 GB temporary data Removed.
================================
The system needed a reboot.
==== End of Fixlog 20:53:21 ====
-
Rudy
- Site Admin
- Příspěvky: 119314
- Registrován: 30 říj 2003 13:42
- Bydliště: Plzeň
- Kontaktovat uživatele:
Re: kontrola logu-virus
Smazáno. Ještě se to ozývá?
Dotazy a logy vkládejte pouze do vašich threadů. Soukromé zprávy, icq a e-maily neslouží k řešení vašich problémů.
Podpořte, prosím, naše fórum : https://platba.viry.cz/payment/.
Navštivte:
e-mail: rudy(zavináč)forum.viry.cz
Varování: Před odvirováním PC si udělejte zálohy svých důležitých dat (pošta, kontakty, dokumenty, fotografie, videa, hudba apod.). Virus mimo svých "viditelných" aktivit může poškodit systém!
Po dořešení vašeho problému bude vlákno zamknuto. Stejně tak tehdy, pokud bude nečinné více než 14dnů. Pokud budete chtít vlákno aktivovat, napište mi na mail uvedený výše.
Podpořte, prosím, naše fórum : https://platba.viry.cz/payment/.
Navštivte:
e-mail: rudy(zavináč)forum.viry.cz
Varování: Před odvirováním PC si udělejte zálohy svých důležitých dat (pošta, kontakty, dokumenty, fotografie, videa, hudba apod.). Virus mimo svých "viditelných" aktivit může poškodit systém!
Po dořešení vašeho problému bude vlákno zamknuto. Stejně tak tehdy, pokud bude nečinné více než 14dnů. Pokud budete chtít vlákno aktivovat, napište mi na mail uvedený výše.
Re: kontrola logu-virus
Už se nic neobjevuje, je klid. 
super, mockrát děkuji
jarda
super, mockrát děkuji
jarda
-
Rudy
- Site Admin
- Příspěvky: 119314
- Registrován: 30 říj 2003 13:42
- Bydliště: Plzeň
- Kontaktovat uživatele:
Re: kontrola logu-virus
To jsem rád a nemáte zač!
Dotazy a logy vkládejte pouze do vašich threadů. Soukromé zprávy, icq a e-maily neslouží k řešení vašich problémů.
Podpořte, prosím, naše fórum : https://platba.viry.cz/payment/.
Navštivte:
e-mail: rudy(zavináč)forum.viry.cz
Varování: Před odvirováním PC si udělejte zálohy svých důležitých dat (pošta, kontakty, dokumenty, fotografie, videa, hudba apod.). Virus mimo svých "viditelných" aktivit může poškodit systém!
Po dořešení vašeho problému bude vlákno zamknuto. Stejně tak tehdy, pokud bude nečinné více než 14dnů. Pokud budete chtít vlákno aktivovat, napište mi na mail uvedený výše.
Podpořte, prosím, naše fórum : https://platba.viry.cz/payment/.
Navštivte:
e-mail: rudy(zavináč)forum.viry.cz
Varování: Před odvirováním PC si udělejte zálohy svých důležitých dat (pošta, kontakty, dokumenty, fotografie, videa, hudba apod.). Virus mimo svých "viditelných" aktivit může poškodit systém!
Po dořešení vašeho problému bude vlákno zamknuto. Stejně tak tehdy, pokud bude nečinné více než 14dnů. Pokud budete chtít vlákno aktivovat, napište mi na mail uvedený výše.
Přispějete na provoz fóra?