Děkuji za pomoc
Scan result of Farbar Recovery Scan Tool (FRST) (x64) Version: 27-10-2025
Ran by Josef (administrator) on DESKTOP-48IIME6 (28-10-2025 16:37:47)
Running from C:\Users\Josef\Downloads\FRST64.exe
Loaded Profiles: Josef
Platform: Microsoft Windows 10 Home Version 22H2 19045.6456 (X64) Language: Čeština (Česko)
Default browser: Edge
Boot Mode: Normal
==================== Processes (Whitelisted) =================
(If an entry is included in the fixlist, the process will be closed. The file will not be moved.)
(Advanced Micro Devices, Inc. -> Advanced Micro Devices, Inc.) C:\Program Files\AMD\CNext\CNext\AMDRSServ.exe
(Advanced Micro Devices, Inc. -> Advanced Micro Devices, Inc.) C:\Program Files\AMD\CNext\CNext\RadeonSettings.exe
(C:\Program Files\AMD\CNext\CNext\AMDRSServ.exe ->) (Advanced Micro Devices, Inc. -> Advanced Micro Devices, Inc.) C:\Program Files\AMD\CNext\CNext\amdow.exe
(C:\Program Files\AVAST Software\Avast\AvastSvc.exe ->) (Gen Digital Inc. -> Gen Digital Inc.) C:\Program Files\AVAST Software\Avast\aswEngSrv.exe
(DriverStore\FileRepository\u0376209.inf_amd64_b3bdffadea4def3f\B374968\atiesrxx.exe ->) (Advanced Micro Devices Inc. -> AMD) C:\Windows\System32\DriverStore\FileRepository\u0376209.inf_amd64_b3bdffadea4def3f\B374968\atieclxx.exe
(explorer.exe ->) (Google LLC -> Google LLC) C:\Program Files\Google\Chrome\Application\chrome.exe <48>
(explorer.exe ->) (Microsoft Corporation -> Microsoft Corporation) C:\Program Files (x86)\Microsoft Office\Office14\MSOSYNC.EXE
(Gen Digital Inc. -> Gen Digital Inc.) C:\Program Files\AVAST Software\Avast\AvastUI.exe <4>
(Microsoft Windows -> Microsoft Corporation) C:\Windows\System32\schtasks.exe
(services.exe ->) (Adobe Inc. -> Adobe Inc.) C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\armsvc.exe
(services.exe ->) (Advanced Micro Devices Inc. -> AMD) C:\Windows\System32\DriverStore\FileRepository\u0376209.inf_amd64_b3bdffadea4def3f\B374968\atiesrxx.exe
(services.exe ->) (Avast Software s.r.o. -> AVAST Software) C:\Program Files\AVAST Software\Avast\wsc_proxy.exe
(services.exe ->) (Gen Digital Inc. -> Gen Digital Inc.) C:\Program Files\AVAST Software\Avast\aswidsagent.exe
(services.exe ->) (Gen Digital Inc. -> Gen Digital Inc.) C:\Program Files\AVAST Software\Avast\aswToolsSvc.exe
(services.exe ->) (Gen Digital Inc. -> Gen Digital Inc.) C:\Program Files\AVAST Software\Avast\AvastSvc.exe
(services.exe ->) (Hewlett-Packard Company -> HP) C:\Windows\System32\HPSIsvc.exe
(services.exe ->) (HP) [File not signed] C:\Program Files (x86)\HP\HPLaserJetService\HPLaserJetService.exe
(services.exe ->) (Nero AG -> Nero AG) C:\Program Files (x86)\Common Files\Nero\Nero BackItUp 4\NBService.exe
(svchost.exe ->) (Microsoft Windows -> Microsoft Corporation) C:\Windows\System32\dllhost.exe
(svchost.exe ->) (Microsoft Windows -> Microsoft Corporation) C:\Windows\System32\smartscreen.exe
==================== Registry (Whitelisted) ===================
(If an entry is included in the fixlist, the registry item will be restored to default or removed. The file will not be moved.)
HKLM\...\Run: [AvastUI.exe] => C:\Program Files\Avast Software\Avast\AvLaunch.exe [860840 2025-10-23] (Gen Digital Inc. -> Gen Digital Inc.)
HKLM-x32\...\Run: [BCSSync] => C:\Program Files (x86)\Microsoft Office\Office14\BCSSync.exe [91520 2010-03-13] (Microsoft Corporation -> Microsoft Corporation)
HKLM-x32\...\Run: [] => [X]
HKLM-x32\...\Run: [HPUsageTrackingLEDM] => "C:\Program Files (x86)\HP\HP UT LEDM\bin\hppusg.exe" "C:\Program Files (x86)\HP\HP UT LEDM\" [0 2020-09-25] () <==== ATTENTION [zero byte File/Folder]
HKLM\SOFTWARE\Microsoft\Windows Defender: [DisableAntiSpyware] Restriction <==== ATTENTION
HKLM\SOFTWARE\Microsoft\Windows Defender: [DisableAntiVirus] Restriction <==== ATTENTION
HKU\S-1-5-21-1013055450-3175268133-1421200633-1002\...\Run: [OfficeSyncProcess] => C:\Program Files (x86)\Microsoft Office\Office14\MSOSYNC.EXE [718208 2010-03-16] (Microsoft Corporation -> Microsoft Corporation)
HKU\S-1-5-21-1013055450-3175268133-1421200633-1002\...\Run: [AvastBrowserAutoLaunch_BD060EC42275EA2576C87351A14E6DA1] => C:\Program Files (x86)\AVAST Software\Browser\Application\AvastBrowser.exe [3728592 2025-10-14] (Gen Digital Inc. -> Gen Digital Inc.)
HKU\S-1-5-21-1013055450-3175268133-1421200633-1002\...\Run: [Adobe Acrobat Synchronizer] => C:\Program Files\Adobe\Acrobat DC\Acrobat\AdobeCollabSync.exe [41579480 2025-09-29] (Adobe Inc. -> Adobe Systems Incorporated)
HKLM\...\Windows x64\Print Processors\HPM1210PrintProc: C:\Windows\System32\spool\prtprocs\x64\HPM1210PP.dll [74240 2012-09-29] (Microsoft Windows Hardware Compatibility Publisher -> )
HKLM\...\Print\Monitors\HPM1210LM: C:\WINDOWS\system32\HPM1210LM.DLL [409088 2012-09-29] (Microsoft Windows Hardware Compatibility Publisher -> )
HKLM\Software\Microsoft\Active Setup\Installed Components: [{49210152-871f-4ffa-961d-a172abcbc09d}] -> C:\Program Files\Google\Chrome\Application\PlatformExperienceHelper\platform_experience_helper.exe [2025-10-27] (Google LLC -> Google LLC)
HKLM\Software\Microsoft\Active Setup\Installed Components: [{8A69D345-D564-463c-AFF1-A69D9E530F96}] -> C:\Program Files\Google\Chrome\Application\141.0.7390.123\Installer\chrmstp.exe [2025-10-25] (Google LLC -> Google LLC)
HKLM\Software\Microsoft\Active Setup\Installed Components: [{A8504530-742B-42BC-895D-2BAD6406F698}] -> C:\Program Files (x86)\AVAST Software\Browser\Application\140.0.32350.210\Installer\chrmstp.exe [2025-10-17] (Gen Digital Inc. -> Gen Digital Inc.)
HKLM\SOFTWARE\Policies\Mozilla\Firefox: Restriction <==== ATTENTION
HKLM\SOFTWARE\Policies\Google: Restriction <==== ATTENTION
==================== Scheduled Tasks (Whitelisted) =================
(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)
Task: {6A00F207-13DE-4858-866B-02C3F3F559F0} - System32\Tasks\Adobe Acrobat Update Task => C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\AdobeARM.exe [1581568 2025-08-24] (Adobe Inc. -> Adobe Inc.)
Task: {5DFD4CAA-FBF0-431C-9792-1907FD71D4BA} - System32\Tasks\AMD ThankingURL => C:\Program Files\AMD\CIM\Bin64\Setup.exe [891576 2019-07-24] (Advanced Micro Devices, Inc. -> Advanced Micro Devices, Inc.)
Task: {B4BA56BD-7C57-4D0A-AF55-A78A649550C8} - System32\Tasks\AMDInstallUEP => C:\Program Files\AMD\InstallUEP\AMDInstallUEP.exe [2356736 2019-04-15] () [File not signed]
Task: {2BE72EAC-CFEC-425B-A470-69F83736CEC9} - System32\Tasks\AMDLinkUpdate => C:\Program Files\AMD\CIM\BIN64\InstallManagerApp.exe [468992 2019-07-24] (Advanced Micro Devices, Inc.) [File not signed]
Task: {F52164E3-7588-481E-9AC2-E1FB3E8E33D8} - System32\Tasks\Avast Secure Browser Heartbeat Task (Hourly) => C:\Program Files (x86)\AVAST Software\Browser\Application\AvastBrowser.exe [3728592 2025-10-14] (Gen Digital Inc. -> Gen Digital Inc.)
Task: {7E87F638-A68A-41FA-A69A-8893D4FD943A} - System32\Tasks\Avast Secure Browser Heartbeat Task (Logon) => C:\Program Files (x86)\AVAST Software\Browser\Application\AvastBrowser.exe [3728592 2025-10-14] (Gen Digital Inc. -> Gen Digital Inc.)
Task: {5CC6488F-A0E0-481A-980B-EB275060CF53} - System32\Tasks\Avast Secure Browser VPS Differential Update => C:\Program Files (x86)\AVAST Software\Browser\Application\vps_helper.exe [1872304 2025-10-14] (Gen Digital Inc. -> Gen Digital Inc.)
Task: {DE7E7082-1C01-44B9-B583-47703037D488} - System32\Tasks\Avast Software\Avast Antivirus Patcher => C:\Program Files\Common Files\Avast Software\Icarus\avast-av\icarus.exe [9146080 2025-10-07] (Gen Digital Inc. -> Gen Digital Inc.)
Task: {6A40B53B-9172-4561-AE1F-9B82DB74B435} - System32\Tasks\Avast Software\Avast Emergency Update => C:\Program Files\Avast Software\Avast\AvEmUpdate.exe [5612712 2025-10-23] (Gen Digital Inc. -> Gen Digital Inc.)
Task: {BEB56111-308D-4310-BAC9-0525B66BADFD} - System32\Tasks\Avast Software\Overseer => C:\Program Files\Common Files\AVAST Software\Overseer\overseer.exe [2977504 2025-10-13] (Gen Digital Inc. -> Gen Digital Inc.)
Task: {946633F1-7FBF-4A47-83B0-363DBD658FDF} - System32\Tasks\AvastBrowserProtectS-1-5-21-1013055450-3175268133-1421200633-1002 => C:\Program Files (x86)\AVAST Software\Browser\Application\AvastBrowserProtect.exe [1762528 2025-09-11] (Gen Digital Inc. -> Gen Digital Inc.)
Task: {829C345E-D09D-484E-9DB1-E901A9C9964A} - System32\Tasks\AvastUpdateTaskMachineCore => C:\Program Files (x86)\AVAST Software\Browser\Update\AvastBrowserUpdate.exe [191120 2022-12-13] (Avast Software s.r.o. -> AVAST Software)
Task: {CC7BB785-36EE-4D49-A62A-F33B69E5402D} - System32\Tasks\AvastUpdateTaskMachineUA => C:\Program Files (x86)\AVAST Software\Browser\Update\AvastBrowserUpdate.exe [191120 2022-12-13] (Avast Software s.r.o. -> AVAST Software)
Task: {853525F8-B947-410B-A08A-9FDCA7D344F4} - System32\Tasks\GoogleSystem\GoogleUpdater\GoogleUpdaterTaskSystem143.0.7482.0{F7BA238E-A0AD-4C6A-9291-B58F847C73F2} => C:\Program Files (x86)\Google\GoogleUpdater\143.0.7482.0\updater.exe [6933656 2025-10-19] (Google LLC -> Google LLC)
Task: {D6C493F2-047D-40DE-B937-0174BF123003} - System32\Tasks\ModifyLinkUpdate => C:\Program Files\AMD\CIM\Bin64\InstallManagerApp.exe [468992 2019-07-24] (Advanced Micro Devices, Inc.) [File not signed]
Task: {3330B5A3-3DF1-413E-BB8E-236C4CB1C54D} - System32\Tasks\Mozilla\Firefox Background Update S-1-5-21-1013055450-3175268133-1421200633-1002 D326208B1CBD9B99 => C:\Users\Josef\AppData\Local\Mozilla Firefox\firefox.exe [692864 2025-09-17] (Mozilla Corporation -> Mozilla Corporation) -> C:\ProgramData\Mozilla-1de4eec8-1241-4177-a864-e594e8d1fb38\updates\D326208B1CBD9B99\--MOZ_LOG sync,prependheader,timestamp,append,maxsize:1,Dump:5 --MOZ_LOG_FILE C:\ProgramData\Mozilla-1de4eec8-1241-4177-a864-e594e8d1fb38\updates\D326208B1CBD9B99\backgroundupdate.moz_log --backgroundtask background (the data entry has 6 more characters). <==== ATTENTION
Task: {73CD3859-1408-4B3A-808C-CE7FE3C2BC12} - System32\Tasks\Mozilla\Firefox Default Browser Agent D326208B1CBD9B99 => C:\Users\Josef\AppData\Local\Mozilla Firefox\default-browser-agent.exe [34944 2025-09-17] (Mozilla Corporation -> Mozilla Foundation) <==== ATTENTION
Task: {40EAF276-AC9C-4EEB-BBE0-CA320F8BC8CF} - System32\Tasks\Mozilla\Firefox Default Browser Agent E7CF176E110C211B => C:\Program Files (x86)\Mozilla Firefox\default-browser-agent.exe [796600 2022-03-14] (Mozilla Corporation -> Mozilla Foundation)
Task: {37C74B02-3B57-45EE-8141-FD0DE3C9709E} - System32\Tasks\OneDrive Startup Task-S-1-5-21-1013055450-3175268133-1421200633-1002 => C:\Users\Josef\AppData\Local\Microsoft\OneDrive\25.189.0928.0002\OneDriveLauncher.exe [725880 2025-10-27] (Microsoft Corporation -> Microsoft Corporation) <==== ATTENTION
Task: {5FE921D0-04E5-4CBE-93CF-88A0E5ECD82B} - System32\Tasks\StartCN => C:\Program Files\AMD\CNext\CNext\cncmd.exe [61112 2019-07-24] (Advanced Micro Devices, Inc. -> Advanced Micro Devices, Inc.)
Task: {3C597222-898E-4DD5-9B46-24E2A22D2DA5} - System32\Tasks\StartDVR => C:\Program Files\AMD\CNext\CNext\RSServCmd.exe [68280 2019-07-24] (Advanced Micro Devices, Inc. -> Advanced Micro Devices, Inc.)
(If an entry is included in the fixlist, the task (.job) file will be moved. The file which is running by the task will not be moved.)
==================== Internet (Whitelisted) ====================
(If an item is included in the fixlist, if it is a registry item it will be removed or restored to default.)
Tcpip\Parameters: [DhcpNameServer] 192.168.0.1 0.0.0.0
Tcpip\..\Interfaces\{3a262a91-35dc-448b-a021-f5654950372a}: [DhcpNameServer] 192.168.0.1 0.0.0.0
Edge:
=======
Edge DefaultProfile: Default
Edge Profile: C:\Users\Josef\AppData\Local\Microsoft\Edge\User Data\Default [2025-10-28]
Edge DownloadDir: Default -> C:\Users\Josef\Downloads
Edge Extension: (Dokumenty Google offline) - C:\Users\Josef\AppData\Local\Microsoft\Edge\User Data\Default\Extensions\ghbmnnjooekpmoecnnnilnnbdlolhkhi [2025-09-22]
Edge Extension: (Edge relevant text changes) - C:\Users\Josef\AppData\Local\Microsoft\Edge\User Data\Default\Extensions\jmjflgjpcpepeafmmgdpfkogkghcpiha [2024-02-06]
FireFox:
========
FF DefaultProfile: tndwz0ab.default
FF ProfilePath: C:\Users\Josef\AppData\Roaming\Mozilla\Firefox\Profiles\knw5xco3.default-release-1 [2025-10-24]
FF Homepage: Mozilla\Firefox\Profiles\knw5xco3.default-release-1 -> hxxps://www.google.cz/
FF Notifications: Mozilla\Firefox\Profiles\knw5xco3.default-release-1 -> hxxps://bl.dates2flirt.com; hxxps://www.heureka.cz; hxxps://www.knihcentrum.cz
FF Extension: (AdBlocker Ultimate) - C:\Users\Josef\AppData\Roaming\Mozilla\Firefox\Profiles\knw5xco3.default-release-1\Extensions\adblockultimate@adblockultimate.net.xpi [2025-04-18]
FF ProfilePath: C:\Users\Josef\AppData\Roaming\Mozilla\Firefox\Profiles\tndwz0ab.default [2019-10-17]
FF Extension: (Avast SafePrice | Srovnání, výhodné nabídky, kupóny) - C:\Users\Josef\AppData\Roaming\Mozilla\Firefox\Profiles\tndwz0ab.default\Extensions\sp@avast.com.xpi [2019-10-17]
FF ProfilePath: C:\Users\Josef\AppData\Roaming\Mozilla\Firefox\Profiles\j9wzxwor.default-release [2024-04-02]
FF Homepage: Mozilla\Firefox\Profiles\j9wzxwor.default-release -> hxxps://www.google.cz/
FF Notifications: Mozilla\Firefox\Profiles\j9wzxwor.default-release -> hxxps://notification-centar.com; hxxps://www1.premiumpushnotification.com; hxxps://www2.premiumpushnotification.com; hxxps://www.sport.cz; hxxps://www.chess.com; hxxps://www.seniorpasy.cz; hxxps://www.kurzy.cz; hxxps://www.hollywoodreporter.com
FF Extension: (Czech (CZ) Language Pack) - C:\Users\Josef\AppData\Roaming\Mozilla\Firefox\Profiles\j9wzxwor.default-release\Extensions\langpack-cs@firefox.mozilla.org.xpi [2022-03-13]
FF HKLM-x32\...\Firefox\Extensions: [quickprint@hp.com] - C:\Program Files (x86)\Hewlett-Packard\SmartPrint\QPExtension
FF Extension: (SmartPrintButton) - C:\Program Files (x86)\Hewlett-Packard\SmartPrint\QPExtension [2011-01-26] [Legacy] [not signed]
FF Plugin: @microsoft.com/OfficeAuthz,version=14.0 -> C:\PROGRA~1\MICROS~1\Office14\NPAUTHZ.DLL [2010-01-09] (Microsoft Corporation -> Microsoft Corporation)
FF Plugin: Adobe Acrobat -> C:\Program Files\Adobe\Acrobat DC\Acrobat\Air\nppdf32.dll [2025-09-29] (Adobe Inc. -> Adobe Systems Inc.)
FF Plugin-x32: @microsoft.com/OfficeAuthz,version=14.0 -> C:\PROGRA~2\MICROS~1\Office14\NPAUTHZ.DLL [2010-01-09] (Microsoft Corporation -> Microsoft Corporation)
FF Plugin-x32: @microsoft.com/SharePoint,version=14.0 -> C:\PROGRA~2\MICROS~1\Office14\NPSPWRAP.DLL [2010-03-24] (Microsoft Corporation -> Microsoft Corporation)
FF Plugin-x32: @update.avastbrowser.com/Avast Browser;version=3 -> C:\Program Files (x86)\AVAST Software\Browser\Update\1.8.1579.3\npAvastBrowserUpdate3.dll [2022-12-13] (Avast Software s.r.o. -> AVAST Software)
FF Plugin-x32: @update.avastbrowser.com/Avast Browser;version=9 -> C:\Program Files (x86)\AVAST Software\Browser\Update\1.8.1579.3\npAvastBrowserUpdate3.dll [2022-12-13] (Avast Software s.r.o. -> AVAST Software)
Chrome:
=======
CHR DefaultProfile: Default
CHR Profile: C:\Users\Josef\AppData\Local\Google\Chrome\User Data\Default [2025-10-28]
CHR Notifications: Default -> hxxps://6neg7ohy4o94x8.solarisbotshield.co.in; hxxps://buffstreams.vip; hxxps://d3sht6u071bc73872tjg.solarisbotshield.co.in; hxxps://www.chess.com; hxxps://www.letakomat.cz
CHR HomePage: Default -> hxxp://www.google.com
CHR StartupUrls: Default -> "hxxps://www.google.com/"
CHR Extension: (Seznam Doplněk – Email) - C:\Users\Josef\AppData\Local\Google\Chrome\User Data\Default\Extensions\bgjpfhpjcgdppjbgnpnjllokbmcdllig [2025-02-11]
CHR Extension: (Adobe Acrobat: PDF edit, convert, sign tools) - C:\Users\Josef\AppData\Local\Google\Chrome\User Data\Default\Extensions\efaidnbmnnnibpcajpcglclefindmkaj [2025-10-17]
CHR Extension: (Avast SafePrice) - C:\Users\Josef\AppData\Local\Google\Chrome\User Data\Default\Extensions\eofcbnmajmjmplflapaojjnihcjkigck [2025-07-22]
CHR Extension: (Dokumenty Google offline) - C:\Users\Josef\AppData\Local\Google\Chrome\User Data\Default\Extensions\ghbmnnjooekpmoecnnnilnnbdlolhkhi [2025-10-23]
CHR Extension: (Platby Internetového obchodu Chrome) - C:\Users\Josef\AppData\Local\Google\Chrome\User Data\Default\Extensions\nmmhkkegccagdldgiimedpiccmgmieda [2021-02-09]
CHR Extension: (Seznam.cz) - C:\Users\Josef\AppData\Local\Google\Chrome\User Data\Default\Extensions\olfeabkoenfaoljndfecamgilllcpiak [2025-03-14]
CHR Profile: C:\Users\Josef\AppData\Local\Google\Chrome\User Data\System Profile [2025-09-17]
CHR HKU\S-1-5-21-1013055450-3175268133-1421200633-1002\SOFTWARE\Google\Chrome\Extensions\...\Chrome\Extension: [efaidnbmnnnibpcajpcglclefindmkaj]
CHR HKLM-x32\...\Chrome\Extension: [efaidnbmnnnibpcajpcglclefindmkaj]
CHR HKLM-x32\...\Chrome\Extension: [eofcbnmajmjmplflapaojjnihcjkigck]
==================== Services (Whitelisted) ===================
(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)
R2 AdobeARMservice; C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\armsvc.exe [174584 2025-08-24] (Adobe Inc. -> Adobe Inc.)
R3 aswbIDSAgent; C:\Program Files\Avast Software\Avast\aswidsagent.exe [7812264 2025-10-23] (Gen Digital Inc. -> Gen Digital Inc.)
S2 avast; C:\Program Files (x86)\AVAST Software\Browser\Update\AvastBrowserUpdate.exe [191120 2022-12-13] (Avast Software s.r.o. -> AVAST Software)
R2 avast! Antivirus; C:\Program Files\Avast Software\Avast\AvastSvc.exe [1035944 2025-10-23] (Gen Digital Inc. -> Gen Digital Inc.)
R2 avast! Tools; C:\Program Files\AVAST Software\Avast\aswToolsSvc.exe [1089192 2025-10-23] (Gen Digital Inc. -> Gen Digital Inc.)
S3 avastm; C:\Program Files (x86)\AVAST Software\Browser\Update\AvastBrowserUpdate.exe [191120 2022-12-13] (Avast Software s.r.o. -> AVAST Software)
S3 AvastSecureBrowserElevationService; C:\Program Files (x86)\AVAST Software\Browser\Application\140.0.32350.210\elevation_service.exe [2637712 2025-10-14] (Gen Digital Inc. -> Gen Digital Inc.)
R2 AvastWscReporter; C:\Program Files\AVAST Software\Avast\wsc_proxy.exe [56912 2021-06-01] (Avast Software s.r.o. -> AVAST Software)
R2 HP LaserJet Service; C:\Program Files (x86)\HP\HPLaserJetService\HPLaserJetService.exe [136192 2009-10-15] (HP) [File not signed]
R2 HPSIService; C:\WINDOWS\system32\HPSIsvc.exe [126856 2012-11-08] (Hewlett-Packard Company -> HP)
S3 WdNisSvc; C:\Program Files\Windows Defender\NisSrv.exe [3004048 2019-12-07] (Microsoft Windows Publisher -> Microsoft Corporation)
S3 WinDefend; C:\Program Files\Windows Defender\MsMpEng.exe [103384 2019-12-07] (Microsoft Windows Publisher -> Microsoft Corporation)
===================== Drivers (Whitelisted) ===================
(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)
R3 amdwddmg; C:\WINDOWS\System32\DriverStore\FileRepository\u0376209.inf_amd64_b3bdffadea4def3f\B374968\amdkmdag.sys [80540576 2022-01-28] (Advanced Micro Devices Inc. -> Advanced Micro Devices, Inc.)
R0 aswArDisk; C:\WINDOWS\System32\drivers\aswArDisk.sys [21048 2025-10-23] (Microsoft Windows Hardware Compatibility Publisher -> Gen Digital Inc.)
R1 aswArPot; C:\WINDOWS\System32\drivers\aswArPot.sys [245816 2025-10-23] (Microsoft Windows Hardware Compatibility Publisher -> Gen Digital Inc.)
R1 aswbidsdriver; C:\WINDOWS\System32\drivers\aswbidsdriver.sys [390712 2025-10-23] (Microsoft Windows Hardware Compatibility Publisher -> Gen Digital Inc.)
R0 aswbidsh; C:\WINDOWS\System32\drivers\aswbidsh.sys [302648 2025-10-23] (Microsoft Windows Hardware Compatibility Publisher -> Gen Digital Inc.)
R0 aswbuniv; C:\WINDOWS\System32\drivers\aswbuniv.sys [85560 2025-10-23] (Microsoft Windows Hardware Compatibility Publisher -> Gen Digital Inc.)
R0 aswElam; C:\WINDOWS\System32\drivers\aswElam.sys [29144 2025-07-30] (Microsoft Windows Early Launch Anti-malware Publisher -> Gen Digital Inc.)
R1 aswKbd; C:\WINDOWS\System32\drivers\aswKbd.sys [31288 2025-10-23] (Microsoft Windows Hardware Compatibility Publisher -> Gen Digital Inc.)
R1 aswMonFlt; C:\WINDOWS\System32\drivers\aswMonFlt.sys [285240 2025-10-23] (Microsoft Windows Hardware Compatibility Publisher -> Gen Digital Inc.)
R1 aswNetHub; C:\WINDOWS\System32\drivers\aswNetHub.sys [580664 2025-10-23] (Microsoft Windows Hardware Compatibility Publisher -> Gen Digital Inc.)
R1 aswRdr; C:\WINDOWS\System32\drivers\aswRdr2.sys [92216 2025-10-23] (Microsoft Windows Hardware Compatibility Publisher -> Gen Digital Inc.)
R0 aswRvrt; C:\WINDOWS\System32\drivers\aswRvrt.sys [71224 2025-10-23] (Microsoft Windows Hardware Compatibility Publisher -> Gen Digital Inc.)
R1 aswSnx; C:\WINDOWS\System32\drivers\aswSnx.sys [878136 2025-10-23] (Microsoft Windows Hardware Compatibility Publisher -> Gen Digital Inc.)
R1 aswSP; C:\WINDOWS\System32\drivers\aswSP.sys [1283640 2025-10-23] (Microsoft Windows Hardware Compatibility Publisher -> Gen Digital Inc.)
R3 aswStm; C:\WINDOWS\System32\drivers\aswStm.sys [213560 2025-10-23] (Microsoft Windows Hardware Compatibility Publisher -> Gen Digital Inc.)
R0 aswVmm; C:\WINDOWS\System32\drivers\aswVmm.sys [391736 2025-10-23] (Microsoft Windows Hardware Compatibility Publisher -> Gen Digital Inc.)
R3 athur; C:\WINDOWS\System32\drivers\athuw8x.sys [2919936 2013-06-02] (Microsoft Windows Hardware Compatibility Publisher -> Qualcomm Atheros Communications, Inc.)
S3 BthA2dp; C:\WINDOWS\System32\drivers\BthA2dp.sys [279040 2019-12-07] (Microsoft Corporation) [File not signed]
S3 BthHFEnum; C:\WINDOWS\System32\drivers\bthhfenum.sys [144896 2019-12-07] (Microsoft Corporation) [File not signed]
S3 BTHMODEM; C:\WINDOWS\System32\drivers\bthmodem.sys [76800 2019-12-07] (Microsoft Corporation) [File not signed]
S3 mvusbews; C:\WINDOWS\System32\Drivers\mvusbews.sys [19968 2012-11-08] (Microsoft Windows Hardware Compatibility Publisher -> Marvell Semiconductor, Inc.)
S3 WdBoot; C:\WINDOWS\system32\drivers\WdBoot.sys [46688 2019-12-07] (Microsoft Windows Early Launch Anti-malware Publisher -> Microsoft Corporation)
S3 WdFilter; C:\WINDOWS\system32\drivers\WdFilter.sys [350136 2019-12-07] (Microsoft Windows -> Microsoft Corporation)
S3 WdNisDrv; C:\WINDOWS\System32\Drivers\WdNisDrv.sys [54200 2019-12-07] (Microsoft Windows -> Microsoft Corporation)
==================== NetSvcs (Whitelisted) ===================
(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)
==================== One month (created) (Whitelisted) =========
(If an entry is included in the fixlist, the file/folder will be moved.)
2025-10-28 16:37 - 2025-10-28 16:38 - 000022652 _____ C:\Users\Josef\Downloads\FRST.txt
2025-10-28 16:37 - 2025-10-28 16:38 - 000000000 ____D C:\FRST
2025-10-28 16:37 - 2025-10-28 16:37 - 002443264 _____ (Farbar) C:\Users\Josef\Downloads\FRST64.exe
2025-10-28 15:50 - 2025-10-28 15:50 - 007724460 _____ C:\Users\Josef\Documents\DESKTOP-48IIME6.arn
2025-10-28 15:43 - 2025-10-28 15:43 - 000000000 ____D C:\Users\Josef\Downloads\Autoruns
2025-10-28 15:42 - 2025-10-28 15:42 - 002932380 _____ C:\Users\Josef\Downloads\Autoruns.zip
2025-10-23 19:41 - 2025-10-23 19:41 - 000323240 _____ (Gen Digital Inc.) C:\WINDOWS\system32\aswBoot.exe
2025-10-18 18:04 - 2025-10-18 18:06 - 000000000 ____D C:\WINDOWS\system32\Tasks\GoogleUserPEH
2025-10-17 18:00 - 2025-10-17 18:00 - 000003654 _____ C:\WINDOWS\system32\Tasks\Avast Secure Browser VPS Differential Update
2025-10-01 17:57 - 2025-10-01 17:57 - 000291795 _____ C:\Users\Josef\Downloads\CST065_6590.pdf
==================== One month (modified) ==================
(If an entry is included in the fixlist, the file/folder will be moved.)
2025-10-28 16:32 - 2020-09-04 19:54 - 000000000 ____D C:\WINDOWS\system32\SleepStudy
2025-10-28 16:03 - 2022-01-04 16:31 - 000000000 ____D C:\WINDOWS\SystemTemp
2025-10-28 16:01 - 2019-12-07 10:14 - 000000000 ____D C:\ProgramData\regid.1991-06.com.microsoft
2025-10-28 15:55 - 2020-09-04 20:04 - 001693140 _____ C:\WINDOWS\system32\PerfStringBackup.INI
2025-10-28 15:55 - 2019-12-07 15:41 - 000716770 _____ C:\WINDOWS\system32\perfh005.dat
2025-10-28 15:55 - 2019-12-07 15:41 - 000144948 _____ C:\WINDOWS\system32\perfc005.dat
2025-10-28 15:55 - 2019-12-07 10:13 - 000000000 ____D C:\WINDOWS\INF
2025-10-28 15:51 - 2025-01-02 09:58 - 000003112 _____ C:\WINDOWS\system32\Tasks\AMDLinkUpdate
2025-10-28 15:51 - 2020-09-04 20:01 - 000000006 ____H C:\WINDOWS\Tasks\SA.DAT
2025-10-28 15:51 - 2020-09-04 19:54 - 000008192 ___SH C:\DumpStack.log.tmp
2025-10-28 15:51 - 2019-10-17 19:05 - 000000000 ____D C:\ProgramData\AVAST Software
2025-10-28 15:50 - 2019-12-07 10:03 - 000786432 _____ C:\WINDOWS\system32\config\BBI
2025-10-28 15:50 - 2019-10-08 13:43 - 000065536 _____ C:\WINDOWS\system32\spu_storage.bin
2025-10-27 18:40 - 2025-02-06 21:03 - 000003576 _____ C:\WINDOWS\system32\Tasks\OneDrive Startup Task-S-1-5-21-1013055450-3175268133-1421200633-1002
2025-10-27 18:40 - 2021-12-13 15:01 - 000003592 _____ C:\WINDOWS\system32\Tasks\OneDrive Reporting Task-S-1-5-21-1013055450-3175268133-1421200633-1002
2025-10-27 18:40 - 2020-09-04 20:01 - 000003380 _____ C:\WINDOWS\system32\Tasks\OneDrive Standalone Update Task-S-1-5-21-1013055450-3175268133-1421200633-1002
2025-10-27 18:40 - 2020-09-04 19:55 - 000002383 _____ C:\Users\Josef\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\OneDrive.lnk
2025-10-27 18:40 - 2019-12-07 10:14 - 000000000 ___HD C:\Program Files\WindowsApps
2025-10-27 18:40 - 2019-12-07 10:14 - 000000000 ____D C:\WINDOWS\AppReadiness
2025-10-25 19:01 - 2020-12-31 15:23 - 000002247 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Google Chrome.lnk
2025-10-25 10:52 - 2020-06-05 17:50 - 000002436 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Microsoft Edge.lnk
2025-10-25 10:46 - 2020-09-04 20:01 - 000003638 _____ C:\WINDOWS\system32\Tasks\MicrosoftEdgeUpdateTaskMachineUA
2025-10-25 10:46 - 2020-09-04 20:01 - 000003512 _____ C:\WINDOWS\system32\Tasks\MicrosoftEdgeUpdateTaskMachineCore
2025-10-24 17:36 - 2019-12-07 10:14 - 000000000 ___HD C:\WINDOWS\ELAMBKUP
2025-10-23 19:41 - 2020-10-18 09:11 - 000285240 _____ (Gen Digital Inc.) C:\WINDOWS\system32\Drivers\aswMonFlt.sys
2025-10-23 19:41 - 2020-09-04 20:01 - 000000000 ____D C:\WINDOWS\system32\Tasks\Avast Software
2025-10-23 19:41 - 2020-04-15 05:21 - 000580664 _____ (Gen Digital Inc.) C:\WINDOWS\system32\Drivers\aswNetHub.sys
2025-10-23 19:41 - 2019-10-17 19:07 - 001283640 _____ (Gen Digital Inc.) C:\WINDOWS\system32\Drivers\aswSP.sys
2025-10-23 19:41 - 2019-10-17 19:07 - 000878136 _____ (Gen Digital Inc.) C:\WINDOWS\system32\Drivers\aswSnx.sys
2025-10-23 19:41 - 2019-10-17 19:07 - 000391736 _____ (Gen Digital Inc.) C:\WINDOWS\system32\Drivers\aswVmm.sys
2025-10-23 19:41 - 2019-10-17 19:07 - 000390712 _____ (Gen Digital Inc.) C:\WINDOWS\system32\Drivers\aswbidsdriver.sys
2025-10-23 19:41 - 2019-10-17 19:07 - 000302648 _____ (Gen Digital Inc.) C:\WINDOWS\system32\Drivers\aswbidsh.sys
2025-10-23 19:41 - 2019-10-17 19:07 - 000245816 _____ (Gen Digital Inc.) C:\WINDOWS\system32\Drivers\aswArPot.sys
2025-10-23 19:41 - 2019-10-17 19:07 - 000092216 _____ (Gen Digital Inc.) C:\WINDOWS\system32\Drivers\aswRdr2.sys
2025-10-23 19:41 - 2019-10-17 19:07 - 000085560 _____ (Gen Digital Inc.) C:\WINDOWS\system32\Drivers\aswbuniv.sys
2025-10-23 19:41 - 2019-10-17 19:07 - 000071224 _____ (Gen Digital Inc.) C:\WINDOWS\system32\Drivers\aswRvrt.sys
2025-10-23 19:41 - 2019-10-17 19:07 - 000031288 _____ (Gen Digital Inc.) C:\WINDOWS\system32\Drivers\aswKbd.sys
2025-10-23 19:41 - 2019-10-17 19:07 - 000021048 _____ (Gen Digital Inc.) C:\WINDOWS\system32\Drivers\aswArDisk.sys
2025-10-22 19:32 - 2020-09-04 19:54 - 000442192 _____ C:\WINDOWS\system32\FNTCACHE.DAT
2025-10-22 19:31 - 2020-09-04 20:42 - 000000000 ____D C:\WINDOWS\system32\Drivers\en-GB
2025-10-22 19:31 - 2019-12-07 10:14 - 000000000 ___RD C:\WINDOWS\ImmersiveControlPanel
2025-10-22 19:31 - 2019-12-07 10:14 - 000000000 ____D C:\WINDOWS\SysWOW64\setup
2025-10-22 19:31 - 2019-12-07 10:14 - 000000000 ____D C:\WINDOWS\SysWOW64\Dism
2025-10-22 19:31 - 2019-12-07 10:14 - 000000000 ____D C:\WINDOWS\SystemResources
2025-10-22 19:31 - 2019-12-07 10:14 - 000000000 ____D C:\WINDOWS\system32\setup
2025-10-22 19:31 - 2019-12-07 10:14 - 000000000 ____D C:\WINDOWS\system32\SecureBootUpdates
2025-10-22 19:31 - 2019-12-07 10:14 - 000000000 ____D C:\WINDOWS\system32\oobe
2025-10-22 19:31 - 2019-12-07 10:14 - 000000000 ____D C:\WINDOWS\system32\Dism
2025-10-22 19:31 - 2019-12-07 10:14 - 000000000 ____D C:\WINDOWS\bcastdvr
2025-10-17 18:00 - 2022-08-08 09:18 - 000002498 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Avast Secure Browser.lnk
2025-10-17 18:00 - 2022-08-08 09:18 - 000002463 _____ C:\Users\Public\Desktop\Avast Secure Browser.lnk
2025-10-15 18:10 - 2019-10-22 05:07 - 000000000 ____D C:\WINDOWS\system32\MRT
2025-10-15 18:08 - 2019-12-07 10:03 - 000000000 ____D C:\WINDOWS\CbsTemp
2025-10-15 18:08 - 2019-10-22 05:06 - 214534944 ____C (Microsoft Corporation) C:\WINDOWS\system32\MRT.exe
2025-10-15 18:05 - 2020-09-04 19:59 - 003016192 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\PrintConfig.dll
2025-10-15 17:57 - 2019-10-17 18:25 - 000000000 ____D C:\Users\Josef\AppData\Local\D3DSCache
2025-10-15 10:47 - 2020-09-04 19:55 - 000000000 ____D C:\Users\Josef
2025-10-14 16:23 - 2020-09-04 20:01 - 000003482 _____ C:\WINDOWS\system32\Tasks\Adobe Acrobat Update Task
2025-10-14 16:23 - 2020-09-04 20:01 - 000002858 _____ C:\WINDOWS\system32\Tasks\OneDrive Standalone Update Task-S-1-5-21-1013055450-3175268133-1421200633-500
2025-10-14 16:23 - 2020-09-04 20:01 - 000002686 _____ C:\WINDOWS\system32\Tasks\AMDInstallUEP
2025-10-14 16:23 - 2020-09-04 20:01 - 000002654 _____ C:\WINDOWS\system32\Tasks\AMD ThankingURL
2025-10-14 16:23 - 2020-09-04 20:01 - 000002392 _____ C:\WINDOWS\system32\Tasks\ModifyLinkUpdate
2025-10-14 16:23 - 2020-09-04 20:01 - 000002202 _____ C:\WINDOWS\system32\Tasks\StartCN
2025-10-14 16:23 - 2020-09-04 20:01 - 000002122 _____ C:\WINDOWS\system32\Tasks\StartDVR
2025-10-05 19:44 - 2021-06-01 13:42 - 000000000 ____D C:\Users\Josef\AppData\Local\Avast Software
2025-10-05 19:41 - 2023-12-07 21:00 - 000002073 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Adobe Acrobat.lnk
==================== Files in the root of some directories ========
2025-04-04 20:01 - 2025-04-04 20:02 - 000005632 _____ () C:\Users\Josef\AppData\Local\DCBC2A71-70D8-4DAN-EHR8-E0D61DEA3FDF.ini
==================== SigCheck ============================
(There is no automatic fix for files that do not pass verification.)
==================== End of FRST.txt ========================
Additional scan result of Farbar Recovery Scan Tool (x64) Version: 27-10-2025
Ran by Josef (28-10-2025 16:39:00)
Running from C:\Users\Josef\Downloads
Microsoft Windows 10 Home Version 22H2 19045.6456 (X64) (2020-09-04 19:01:23)
Boot Mode: Normal
==========================================================
==================== Accounts: =============================
(If an entry is included in the fixlist, it will be removed.)
Administrator (S-1-5-21-1013055450-3175268133-1421200633-500 - Administrator - Disabled)
DefaultAccount (S-1-5-21-1013055450-3175268133-1421200633-503 - Limited - Disabled)
Guest (S-1-5-21-1013055450-3175268133-1421200633-501 - Limited - Disabled)
Josef (S-1-5-21-1013055450-3175268133-1421200633-1002 - Administrator - Enabled) => C:\Users\Josef
WDAGUtilityAccount (S-1-5-21-1013055450-3175268133-1421200633-504 - Limited - Disabled)
==================== Security Center ========================
(If an entry is included in the fixlist, it will be removed.)
AV: Windows Defender (Disabled - Up to date) {D68DDC3A-831F-4fae-9E44-DA132C1ACF46}
AV: Avast Antivirus (Enabled - Up to date) {EB19B86E-3998-C706-90EF-92B41EB091AF}
==================== Installed Programs ======================
(Only the adware programs with "Hidden" flag could be added to the fixlist to unhide them. The adware programs should be uninstalled manually.)
7-Zip 18.05 (x64) (HKLM\...\7-Zip) (Version: 18.05 - Igor Pavlov)
7-Zip 22.00 (x64 edition) (HKLM\...\{23170F69-40C1-2702-2200-000001000000}) (Version: 22.00.00.0 - Igor Pavlov)
Adobe Acrobat (64-bit) (HKLM\...\{AC76BA86-1029-1033-7760-BC15014EA700}) (Version: 25.001.20756 - Adobe)
Adobe Refresh Manager (HKLM-x32\...\{AC76BA86-0804-1033-1959-018244601120}) (Version: 1.8.0 - Adobe Systems Incorporated) Hidden
Advertising Center (HKLM-x32\...\{b2ec4a38-b545-4a00-8214-13fe0e915e6d}) (Version: 0.0.0.1 - Nero AG) Hidden
AMD GPIO2 Driver (HKLM-x32\...\{E9DD399F-21A3-479E-A7DF-D6CF4B2ADBF3}) (Version: 2.2.0.115 - Advanced Micro Devices, Inc.) Hidden
AMD PCI Driver (HKLM-x32\...\{80EC3CEE-2940-42A1-A776-B5D810D39F1E}) (Version: 1.0.0.67 - Advanced Micro Devices, Inc.) Hidden
AMD Problem Report Wizard (HKLM\...\{E7A5ACED-6584-4E41-9FF9-06315FEDD9D7}) (Version: 3.1.723 - Advanced Micro Devices, Inc.) Hidden
AMD PSP Driver (HKLM-x32\...\{988F14B8-79A8-475D-BAC7-83F96AD3D821}) (Version: 4.10.0.0 - Advanced Micro Devices, Inc.) Hidden
AMD Ryzen Balanced Driver (HKLM-x32\...\{A171D320-C42C-4F3B-A2D8-C6A09F6788CC}) (Version: 4.0.0.0 - Advanced Micro Devices, Inc.) Hidden
AMD SBxxx SMBus Driver Alpha (HKLM-x32\...\{AAE0E27D-C88A-49BA-8715-77ADCD4286A3}) (Version: 5.12.0.38 - Advanced Micro Devices, Inc.) Hidden
AMD Software (HKLM\...\AMD Catalyst Install Manager) (Version: 19.7.3 - Advanced Micro Devices, Inc.)
AMD_Chipset_Drivers (HKLM-x32\...\{5D15C874-3E6B-4F55-AFB2-E73560F2F44F}) (Version: 1.07.07.0725 - Advanced Micro Devices, Inc.) Hidden
AMD_Chipset_Drivers (HKLM-x32\...\AMD_Chipset_IODrivers) (Version: 1.07.07.0725 - Advanced Micro Devices, Inc.)
Avast Free Antivirus (HKLM\...\Avast Antivirus) (Version: 25.10.10528.3189 - Gen Digital Inc.)
Avast Secure Browser (HKLM-x32\...\Avast Secure Browser) (Version: 140.0.32350.210 - Autoři prohlížeče Avast Secure Browser)
Avast Update Helper (HKLM-x32\...\{19C3AB22-3718-4E4D-B203-242F5001565B}) (Version: 1.8.1579.3 - AVAST Software) Hidden
Branding64 (HKLM\...\{EE2AFCE4-0238-4DE0-A140-1647021627C1}) (Version: 1.00.0001 - Advanced Micro Devices, Inc.) Hidden
CZC startovač (HKLM-x32\...\CZC_startovac) (Version: 1.0.0 - CZC.cz)
Excel (HKU\S-1-5-21-1013055450-3175268133-1421200633-1002\...\1fc5b090eab9aa41f8a2f5987367e6da) (Version: 1.0 - Excel)
Fakturky 5.3F (HKLM-x32\...\%Product_Name% 5.3F ) (Version: 5.3F - Milan Bánovský)
FORM studio (HKLM-x32\...\FSCZ_is1) (Version: - KASTNER software s.r.o.)
Google Chrome (HKLM-x32\...\Google Chrome) (Version: 141.0.7390.123 - Google LLC)
HP LaserJet Professional M1130-M1210 MFP Series (HKLM\...\HP LaserJet Professional M1130-M1210 MFP Series) (Version: - )
HPSSupply (HKLM-x32\...\{7902E313-FF0F-4493-ACB1-A8147B78DCD0}) (Version: 2.1.1.0000 - Hewlett Packard Development Company L.P.)
IrfanView 4.66 (64-bit) (HKLM\...\IrfanView64) (Version: 4.66 - Irfan Skiljan)
Kontrola stavu osobního počítače s Windows (HKLM\...\{D1F15F7A-707A-42BD-BE6B-3380616F796D}) (Version: 3.6.2204.08001 - Microsoft Corporation)
Microsoft Edge (HKLM-x32\...\Microsoft Edge) (Version: 141.0.3537.99 - Microsoft Corporation)
Microsoft Edge WebView2 Runtime (HKLM-x32\...\Microsoft EdgeWebView) (Version: 141.0.3537.99 - Microsoft Corporation) Hidden
Microsoft Office Access MUI (Czech) 2010 (HKLM-x32\...\{90140000-0015-0405-0000-0000000FF1CE}) (Version: 14.0.4763.1011 - Microsoft Corporation) Hidden
Microsoft Office Excel MUI (Czech) 2010 (HKLM-x32\...\{90140000-0016-0405-0000-0000000FF1CE}) (Version: 14.0.4763.1011 - Microsoft Corporation) Hidden
Microsoft Office Groove MUI (Czech) 2010 (HKLM-x32\...\{90140000-00BA-0405-0000-0000000FF1CE}) (Version: 14.0.4763.1011 - Microsoft Corporation) Hidden
Microsoft Office InfoPath MUI (Czech) 2010 (HKLM-x32\...\{90140000-0044-0405-0000-0000000FF1CE}) (Version: 14.0.4763.1011 - Microsoft Corporation) Hidden
Microsoft Office Office 64-bit Components 2010 (HKLM\...\{90140000-002A-0000-1000-0000000FF1CE}) (Version: 14.0.4763.1000 - Microsoft Corporation) Hidden
Microsoft Office OneNote MUI (Czech) 2010 (HKLM-x32\...\{90140000-00A1-0405-0000-0000000FF1CE}) (Version: 14.0.4763.1011 - Microsoft Corporation) Hidden
Microsoft Office Outlook MUI (Czech) 2010 (HKLM-x32\...\{90140000-001A-0405-0000-0000000FF1CE}) (Version: 14.0.4763.1011 - Microsoft Corporation) Hidden
Microsoft Office PowerPoint MUI (Czech) 2010 (HKLM-x32\...\{90140000-0018-0405-0000-0000000FF1CE}) (Version: 14.0.4763.1011 - Microsoft Corporation) Hidden
Microsoft Office Professional Plus 2010 (HKLM-x32\...\{91140000-0011-0000-0000-0000000FF1CE}) (Version: 14.0.4763.1000 - Microsoft Corporation) Hidden
Microsoft Office Professional Plus 2010 (HKLM-x32\...\Office14.PROPLUSR) (Version: 14.0.4763.1000 - Microsoft Corporation)
Microsoft Office Proof (Czech) 2010 (HKLM-x32\...\{90140000-001F-0405-0000-0000000FF1CE}) (Version: 14.0.4763.1011 - Microsoft Corporation) Hidden
Microsoft Office Proof (English) 2010 (HKLM-x32\...\{90140000-001F-0409-0000-0000000FF1CE}) (Version: 14.0.4763.1000 - Microsoft Corporation) Hidden
Microsoft Office Proof (German) 2010 (HKLM-x32\...\{90140000-001F-0407-0000-0000000FF1CE}) (Version: 14.0.4763.1000 - Microsoft Corporation) Hidden
Microsoft Office Proof (Slovak) 2010 (HKLM-x32\...\{90140000-001F-041B-0000-0000000FF1CE}) (Version: 14.0.4763.1011 - Microsoft Corporation) Hidden
Microsoft Office Proofing (Czech) 2010 (HKLM-x32\...\{90140000-002C-0405-0000-0000000FF1CE}) (Version: 14.0.4763.1011 - Microsoft Corporation) Hidden
Microsoft Office Publisher MUI (Czech) 2010 (HKLM-x32\...\{90140000-0019-0405-0000-0000000FF1CE}) (Version: 14.0.4763.1011 - Microsoft Corporation) Hidden
Microsoft Office Shared 64-bit MUI (Czech) 2010 (HKLM\...\{90140000-002A-0405-1000-0000000FF1CE}) (Version: 14.0.4763.1011 - Microsoft Corporation) Hidden
Microsoft Office Shared MUI (Czech) 2010 (HKLM-x32\...\{90140000-006E-0405-0000-0000000FF1CE}) (Version: 14.0.4763.1011 - Microsoft Corporation) Hidden
Microsoft Office Word MUI (Czech) 2010 (HKLM-x32\...\{90140000-001B-0405-0000-0000000FF1CE}) (Version: 14.0.4763.1011 - Microsoft Corporation) Hidden
Microsoft OneDrive (HKU\S-1-5-21-1013055450-3175268133-1421200633-1002\...\OneDriveSetup.exe) (Version: 25.189.0928.0002 - Microsoft Corporation)
Microsoft Update Health Tools (HKLM\...\{1FC1A6C2-576E-489A-9B4A-92D21F542136}) (Version: 3.74.0.0 - Microsoft Corporation)
Microsoft Visual C++ 2005 Redistributable (HKLM-x32\...\{7299052b-02a4-4627-81f2-1818da5d550d}) (Version: 8.0.56336 - Microsoft Corporation)
Microsoft Visual C++ 2005 Redistributable (x64) (HKLM\...\{6E8E85E8-CE4B-4FF5-91F7-04999C9FAE6A}) (Version: 8.0.50727.42 - Microsoft Corporation)
Microsoft Visual C++ 2015 Redistributable (x86) - 14.0.24212 (HKLM-x32\...\{462f63a8-6347-4894-a1b3-dbfe3a4c981d}) (Version: 14.0.24212.0 - Microsoft Corporation)
Microsoft Visual C++ 2015 x86 Additional Runtime - 14.0.24212 (HKLM-x32\...\{844ECB74-9B63-3D5C-958C-30BD23F19EE4}) (Version: 14.0.24212 - Microsoft Corporation) Hidden
Microsoft Visual C++ 2015 x86 Minimum Runtime - 14.0.24212 (HKLM-x32\...\{37B55901-995A-3650-80B1-BBFD047E2911}) (Version: 14.0.24212 - Microsoft Corporation) Hidden
Microsoft Visual C++ 2017 Redistributable (x64) - 14.14.26429 (HKLM-x32\...\{80586c77-db42-44bb-bfc8-7aebbb220c00}) (Version: 14.14.26429.4 - Microsoft Corporation)
Microsoft Visual C++ 2017 x64 Additional Runtime - 14.14.26429 (HKLM\...\{B12F584A-DE7A-3EE3-8EC4-8A64DBC0F2A7}) (Version: 14.14.26429 - Microsoft Corporation) Hidden
Microsoft Visual C++ 2017 x64 Minimum Runtime - 14.14.26429 (HKLM\...\{03EBF679-E886-38AD-8E70-28658449F7F9}) (Version: 14.14.26429 - Microsoft Corporation) Hidden
Mozilla Firefox (x64 cs) (HKU\S-1-5-21-1013055450-3175268133-1421200633-1002\...\Mozilla Firefox 143.0 (x64 cs)) (Version: 143.0 - Mozilla)
Mozilla Firefox (x86 en-US) (HKLM-x32\...\Mozilla Firefox 98.0.1 (x86 en-US)) (Version: 98.0.1 - Mozilla)
Mozilla Maintenance Service (HKLM\...\MozillaMaintenanceService) (Version: 69.0.3 - Mozilla)
Nero 9 Essentials (HKLM-x32\...\{53a7b4f4-89ff-44a2-811b-24f1542f381b}) (Version: - Nero AG)
Nero ControlCenter (HKLM-x32\...\{bd5ca0da-71ad-43da-b19e-6eee0c9adc9a}) (Version: 9.0.0.1 - Nero AG) Hidden
Nero Installer (HKLM-x32\...\{e8a80433-302b-4ff1-815d-fcc8eac482ff}) (Version: 4.4.9.0 - Nero AG) Hidden
Nero Online Upgrade (HKLM-x32\...\{dba84796-8503-4ff0-af57-1747dd9a166d}) (Version: 1.3.0.0 - Nero AG) Hidden
Nero StartSmart (HKLM-x32\...\{7748ac8c-18e3-43bb-959b-088faea16fb2}) (Version: 9.4.12.100 - Nero AG) Hidden
Nero StartSmart OEM (HKLM-x32\...\{4D43D635-6FDA-4fa5-AA9B-23CF73D058EA}) (Version: 9.4.10.100 - Nero AG) Hidden
neroxml (HKLM-x32\...\{56C049BE-79E9-4502-BEA7-9754A3E60F9B}) (Version: 1.0.0 - Nero AG) Hidden
Outlook (HKU\S-1-5-21-1013055450-3175268133-1421200633-1002\...\6b0f23e57a39ebfbf2814acb1a24293d) (Version: 1.0 - Outlook)
PowerPoint (HKU\S-1-5-21-1013055450-3175268133-1421200633-1002\...\319814cb56b667dff88f54e08be8f51f) (Version: 1.0 - PowerPoint)
Promontory_GPIO Driver (HKLM-x32\...\{B5512BCC-F4CD-4159-86A4-B2AD7D38FFA9}) (Version: 2.0.1.0 - Advanced Micro Devices, Inc.) Hidden
Scan To (HKLM\...\{E8A34AC8-0137-4515-A94B-0A0946DDC251}) (Version: 2.0.1 - HP)
Scan to PDF (HKLM-x32\...\Scan to PDF) (Version: 2.50 - Softi Software)
Total Commander 64-bit (Remove or Repair) (HKLM\...\Totalcmd64) (Version: 8.51a - Ghisler Software GmbH)
TP-LINK TL-WN721N_TL-WN722N Driver (HKLM-x32\...\{86A7EED0-02D0-4D91-8183-8D2F23F5E6AE}) (Version: 1.3.1 - TP-LINK)
Update for x64-based Windows Systems (KB5001716) (HKLM\...\{B8D93870-98D1-4980-AFCA-E26563CDFB79}) (Version: 8.94.0.0 - Microsoft Corporation)
WinRAR 5.71 (32-bit) (HKLM-x32\...\WinRAR archiver) (Version: 5.71.0 - win.rar GmbH)
WinRAR 5.71 (64-bit) (HKLM\...\WinRAR archiver) (Version: 5.71.0 - win.rar GmbH)
Word (HKU\S-1-5-21-1013055450-3175268133-1421200633-1002\...\1b837d0bf93d01407352736c91b7bf50) (Version: 1.0 - Word)
Chrome apps:
============
Centrum (HKU\S-1-5-21-1013055450-3175268133-1421200633-1002\...\23f1054b37799f2f13ba2fb1c1bc3e3b) (Version: 1.0 - Google\Chrome)
Packages:
=========
Adobe Acrobat Reader -> C:\Program Files\Adobe\Acrobat DC [2025-10-05] ()
Bubble Witch 3 Saga -> C:\Program Files\WindowsApps\king.com.BubbleWitch3Saga_10.7.2.0_x64__kgqvnymyfvs32 [2025-10-15] (king.com)
Candy Crush Friends -> C:\Program Files\WindowsApps\king.com.CandyCrushFriends_4.17.2.0_x64__kgqvnymyfvs32 [2025-10-27] (king.com)
Doplněk multimediálního modulu pro aplikaci Fotografie -> C:\Program Files\WindowsApps\Microsoft.Photos.MediaEngineDLC_1.0.0.0_x64__8wekyb3d8bbwe [2019-11-03] (Microsoft Corporation)
Doplněk pro Fotky -> C:\Program Files\WindowsApps\Microsoft.Windows.Photos.DLC.Main_2021.39122.10110.0_x64__8wekyb3d8bbwe [2021-12-04] (Microsoft Corporation)
Microsoft Advertising SDK for XAML -> C:\Program Files\WindowsApps\Microsoft.Advertising.Xaml_10.1811.1.0_x64__8wekyb3d8bbwe [2019-10-17] (Microsoft Corporation) [MS Ad]
Microsoft Advertising SDK for XAML -> C:\Program Files\WindowsApps\Microsoft.Advertising.Xaml_10.1811.1.0_x86__8wekyb3d8bbwe [2019-10-17] (Microsoft Corporation) [MS Ad]
Spotify – hudba a podcasty -> C:\Program Files\WindowsApps\SpotifyAB.SpotifyMusic_1.275.510.0_x64__zpdnekdrzrea0 [2025-10-27] (Spotify AB) [Startup Task]
Wings of War: Space shooter -> C:\Program Files\WindowsApps\XDEVS.WingsofWarGame_3.30.5.0_x64__7yw2516a0mwqy [2025-07-29] (XDEVS LIMITED)
==================== Custom CLSID (Whitelisted): ==============
(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)
CustomCLSID: HKU\S-1-5-21-1013055450-3175268133-1421200633-1002_Classes\CLSID\{13357088-9834-0409-1600-134951500000}\localserver32 -> C:\Program Files\Adobe\Acrobat DC\Acrobat\ADNotificationManager.exe (Adobe Inc. -> Adobe)
CustomCLSID: HKU\S-1-5-21-1013055450-3175268133-1421200633-1002_Classes\CLSID\{38142727-3008-9161-1521-349515000000}\localserver32 -> C:\Program Files\Adobe\Acrobat DC\Acrobat\ADNotificationManager.exe (Adobe Inc. -> Adobe)
CustomCLSID: HKU\S-1-5-21-1013055450-3175268133-1421200633-1002_Classes\CLSID\{47E6DCAF-41F8-441C-BD0E-A50D5FE6C4D1}\localserver32 -> C:\Users\Josef\AppData\Local\Microsoft\OneDrive\25.189.0928.0002\OneDrive.Sync.Service.exe (Microsoft Corporation -> Microsoft Corporation)
CustomCLSID: HKU\S-1-5-21-1013055450-3175268133-1421200633-1002_Classes\CLSID\{917E8742-AA3B-7318-FA12-10485FB322A2}\localserver32 -> C:\Users\Josef\AppData\Local\Microsoft\OneDrive\25.189.0928.0002\OneDrive.Sync.Service.exe (Microsoft Corporation -> Microsoft Corporation)
CustomCLSID: HKU\S-1-5-21-1013055450-3175268133-1421200633-1002_Classes\CLSID\{DFF20505-B08F-455B-AD70-4FBD055088E0}\localserver32 -> C:\Program Files\Google\Chrome\Application\PlatformExperienceHelper\platform_experience_helper.exe (Google LLC -> Google LLC)
ShellExecuteHooks: Groove GFS Stub Execution Hook - {B5A7F190-DDA6-4420-B3BA-52453494E6CD} - C:\Program Files\Microsoft Office\Office14\GROOVEEX.DLL [6722448 2010-03-25] (Microsoft Corporation -> Microsoft Corporation)
ShellExecuteHooks-x32: Groove GFS Stub Execution Hook - {B5A7F190-DDA6-4420-B3BA-52453494E6CD} - C:\Program Files (x86)\Microsoft Office\Office14\GROOVEEX.DLL [4222864 2010-03-25] (Microsoft Corporation -> Microsoft Corporation)
ShellIconOverlayIdentifiers: [00asw] -> {472083B0-C522-11CF-8763-00608CC02F24} => C:\Program Files\Avast Software\Avast\ashShell.dll [2025-10-23] (Gen Digital Inc. -> Gen Digital Inc.)
ShellIconOverlayIdentifiers-x32: [00asw] -> {472083B0-C522-11CF-8763-00608CC02F24} => C:\Program Files\Avast Software\Avast\ashShell.dll [2025-10-23] (Gen Digital Inc. -> Gen Digital Inc.)
ContextMenuHandlers1: [7-Zip] -> {23170F69-40C1-278A-1000-000100020000} => C:\Program Files\7-Zip\7-zip.dll [2022-06-15] (Igor Pavlov) [File not signed]
ContextMenuHandlers1: [Adobe.Acrobat.ContextMenu] -> {A6595CD1-BF77-430A-A452-18696685F7C7} => C:\Program Files\Adobe\Acrobat DC\Acrobat Elements\ContextMenuShim64.dll [2025-09-07] (Adobe Inc. -> Adobe Systems Inc.)
ContextMenuHandlers1: [avast] -> {472083B0-C522-11CF-8763-00608CC02F24} => C:\Program Files\Avast Software\Avast\ashShell.dll [2025-10-23] (Gen Digital Inc. -> Gen Digital Inc.)
ContextMenuHandlers1: [WinRAR] -> {B41DB860-64E4-11D2-9906-E49FADC173CA} => C:\Program Files\WinRAR\rarext.dll [2019-04-27] (win.rar GmbH -> Alexander Roshal)
ContextMenuHandlers1-x32: [WinRAR32] -> {B41DB860-8EE4-11D2-9906-E49FADC173CA} => C:\Program Files\WinRAR\rarext32.dll [2019-04-27] (win.rar GmbH -> Alexander Roshal)
ContextMenuHandlers3: [00asw] -> {472083B0-C522-11CF-8763-00608CC02F24} => C:\Program Files\Avast Software\Avast\ashShell.dll [2025-10-23] (Gen Digital Inc. -> Gen Digital Inc.)
ContextMenuHandlers4: [7-Zip] -> {23170F69-40C1-278A-1000-000100020000} => C:\Program Files\7-Zip\7-zip.dll [2022-06-15] (Igor Pavlov) [File not signed]
ContextMenuHandlers5: [ACE] -> {5E2121EE-0300-11D4-8D3B-444553540000} => C:\WINDOWS\System32\atiacm64.dll [2022-01-28] (Advanced Micro Devices Inc. -> Advanced Micro Devices, Inc.)
ContextMenuHandlers6: [7-Zip] -> {23170F69-40C1-278A-1000-000100020000} => C:\Program Files\7-Zip\7-zip.dll [2022-06-15] (Igor Pavlov) [File not signed]
ContextMenuHandlers6: [avast] -> {472083B0-C522-11CF-8763-00608CC02F24} => C:\Program Files\Avast Software\Avast\ashShell.dll [2025-10-23] (Gen Digital Inc. -> Gen Digital Inc.)
ContextMenuHandlers6: [WinRAR] -> {B41DB860-64E4-11D2-9906-E49FADC173CA} => C:\Program Files\WinRAR\rarext.dll [2019-04-27] (win.rar GmbH -> Alexander Roshal)
ContextMenuHandlers6-x32: [WinRAR32] -> {B41DB860-8EE4-11D2-9906-E49FADC173CA} => C:\Program Files\WinRAR\rarext32.dll [2019-04-27] (win.rar GmbH -> Alexander Roshal)
==================== Codecs (Whitelisted) ====================
==================== Shortcuts & WMI ========================
(The entries could be listed to be restored or removed.)
ShortcutWithArgument: C:\Users\Josef\Desktop\Centrum.lnk -> C:\Program Files\Google\Chrome\Application\chrome_proxy.exe (Google LLC) -> --profile-directory=Default --app-id=gafhdfohddhkcbifoalagkjndhmdnapa
ShortcutWithArgument: C:\Users\Josef\Desktop\Google Chrome.lnk -> C:\Program Files\Google\Chrome\Application\chrome.exe (Google LLC) -> --profile-directory="Default"
ShortcutWithArgument: C:\Users\Josef\AppData\Local\Google\Chrome\User Data\Default\Web Applications\_crx_gafhdfohddhkcbifoalagkjndhmdnapa\Centrum.lnk -> C:\Program Files\Google\Chrome\Application\chrome_proxy.exe (Google LLC) -> --profile-directory=Default --app-id=gafhdfohddhkcbifoalagkjndhmdnapa
ShortcutWithArgument: C:\Users\Josef\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Excel.lnk -> C:\Program Files (x86)\Microsoft\Edge\Application\msedge_proxy.exe (Microsoft Corporation) -> --profile-directory=Default --app-id=leffmjdabcgaflkikcefahmlgpodjkdm --app-url=hxxps://excel.office.com/
ShortcutWithArgument: C:\Users\Josef\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Outlook.lnk -> C:\Program Files (x86)\Microsoft\Edge\Application\msedge_proxy.exe (Microsoft Corporation) -> --profile-directory=Default --app-id=bjhmmnoficofgoiacjaajpkfndojknpb --app-url=hxxps://outlook.com/
ShortcutWithArgument: C:\Users\Josef\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\PowerPoint.lnk -> C:\Program Files (x86)\Microsoft\Edge\Application\msedge_proxy.exe (Microsoft Corporation) -> --profile-directory=Default --app-id=opfacbhaojodjaojgocnibmklknchehf --app-url=hxxps://powerpoint.office.com/
ShortcutWithArgument: C:\Users\Josef\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Word.lnk -> C:\Program Files (x86)\Microsoft\Edge\Application\msedge_proxy.exe (Microsoft Corporation) -> --profile-directory=Default --app-id=hikhggiobiflkdfdgdajcfklmcibbopi --app-url=hxxps://word.office.com/
ShortcutWithArgument: C:\Users\Josef\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Aplikace Chrome\Centrum.lnk -> C:\Program Files\Google\Chrome\Application\chrome_proxy.exe (Google LLC) -> --profile-directory=Default --app-id=gafhdfohddhkcbifoalagkjndhmdnapa
ShortcutWithArgument: C:\Users\Josef\AppData\Roaming\Microsoft\Internet Explorer\Quick Launch\User Pinned\TaskBar\Centrum.lnk -> C:\Program Files\Google\Chrome\Application\chrome_proxy.exe (Google LLC) -> --profile-directory=Default --app-id=gafhdfohddhkcbifoalagkjndhmdnapa
==================== Loaded Modules (Whitelisted) =============
2009-10-15 10:13 - 2009-10-15 10:13 - 000061440 _____ () [File not signed] [File is in use] C:\Program Files (x86)\HP\HPLaserJetService\HPTools.dll
2009-10-15 10:13 - 2009-10-15 10:13 - 000964096 _____ () [File not signed] [File is in use] C:\Program Files (x86)\HP\HPLaserJetService\LEDMXMLObjects.dll
2019-01-08 11:57 - 2019-01-08 11:57 - 000017920 _____ () [File not signed] C:\Program Files\AMD\CNext\CNext\libEGL.dll
2019-01-08 11:57 - 2019-01-08 11:57 - 003598336 _____ () [File not signed] C:\Program Files\AMD\CNext\CNext\libGLESv2.dll
2009-10-15 10:13 - 2009-10-15 10:13 - 000032768 _____ (HP) [File not signed] [File is in use] C:\Program Files (x86)\HP\HPLaserJetService\HPHTTPProxy.dll
2009-10-15 10:13 - 2009-10-15 10:13 - 000031744 _____ (HP) [File not signed] [File is in use] C:\Program Files (x86)\HP\HPLaserJetService\HPServiceCommunicator.dll
2019-01-08 11:58 - 2019-01-08 11:58 - 001441280 _____ (The Qt Company Ltd.) [File not signed] C:\Program Files\AMD\CNext\CNext\platforms\qwindows.dll
2019-07-24 17:24 - 2019-07-24 17:24 - 005999104 _____ (The Qt Company Ltd.) [File not signed] C:\Program Files\AMD\CNext\CNext\Qt5Core.dll
2019-01-08 11:57 - 2019-01-08 11:57 - 006413824 _____ (The Qt Company Ltd.) [File not signed] C:\Program Files\AMD\CNext\CNext\Qt5Gui.dll
2019-01-08 11:57 - 2019-01-08 11:57 - 001141760 _____ (The Qt Company Ltd.) [File not signed] C:\Program Files\AMD\CNext\CNext\Qt5Network.dll
2019-01-08 11:57 - 2019-01-08 11:57 - 000339968 _____ (The Qt Company Ltd.) [File not signed] C:\Program Files\AMD\CNext\CNext\Qt5Positioning.dll
2019-01-08 11:57 - 2019-01-08 11:57 - 004143104 _____ (The Qt Company Ltd.) [File not signed] C:\Program Files\AMD\CNext\CNext\Qt5Qml.dll
2019-01-08 11:57 - 2019-01-08 11:57 - 003840000 _____ (The Qt Company Ltd.) [File not signed] C:\Program Files\AMD\CNext\CNext\Qt5Quick.dll
2019-01-08 11:57 - 2019-01-08 11:57 - 000332800 _____ (The Qt Company Ltd.) [File not signed] C:\Program Files\AMD\CNext\CNext\Qt5Svg.dll
2019-01-08 11:57 - 2019-01-08 11:57 - 000349184 _____ (The Qt Company Ltd.) [File not signed] C:\Program Files\AMD\CNext\CNext\Qt5WebEngine.dll
2019-01-08 11:57 - 2019-01-08 11:57 - 080959488 _____ (The Qt Company Ltd.) [File not signed] C:\Program Files\AMD\CNext\CNext\Qt5WebEngineCore.dll
2019-01-08 11:57 - 2019-01-08 11:57 - 000113152 _____ (The Qt Company Ltd.) [File not signed] C:\Program Files\AMD\CNext\CNext\Qt5WebChannel.dll
2019-01-08 11:57 - 2019-01-08 11:57 - 005622272 _____ (The Qt Company Ltd.) [File not signed] C:\Program Files\AMD\CNext\CNext\Qt5Widgets.dll
2019-01-08 11:57 - 2019-01-08 11:57 - 000463360 _____ (The Qt Company Ltd.) [File not signed] C:\Program Files\AMD\CNext\CNext\Qt5WinExtras.dll
2019-01-08 11:57 - 2019-01-08 11:57 - 000190464 _____ (The Qt Company Ltd.) [File not signed] C:\Program Files\AMD\CNext\CNext\Qt5Xml.dll
2019-01-08 11:57 - 2019-01-08 11:57 - 002825216 _____ (The Qt Company Ltd.) [File not signed] C:\Program Files\AMD\CNext\CNext\Qt5XmlPatterns.dll
2019-01-08 11:58 - 2019-01-08 11:58 - 000053760 _____ (The Qt Company Ltd.) [File not signed] C:\Program Files\AMD\CNext\CNext\QtGraphicalEffects\private\qtgraphicaleffectsprivate.dll
2019-01-08 11:58 - 2019-01-08 11:58 - 000059392 _____ (The Qt Company Ltd.) [File not signed] C:\Program Files\AMD\CNext\CNext\QtGraphicalEffects\qtgraphicaleffectsplugin.dll
2019-01-08 11:58 - 2019-01-08 11:58 - 000017408 _____ (The Qt Company Ltd.) [File not signed] C:\Program Files\AMD\CNext\CNext\QtQuick.2\qtquick2plugin.dll
2019-01-08 11:58 - 2019-01-08 11:58 - 000330752 _____ (The Qt Company Ltd.) [File not signed] C:\Program Files\AMD\CNext\CNext\QtQuick\Controls\qtquickcontrolsplugin.dll
2019-01-08 11:58 - 2019-01-08 11:58 - 000137216 _____ (The Qt Company Ltd.) [File not signed] C:\Program Files\AMD\CNext\CNext\QtQuick\Dialogs\dialogplugin.dll
2019-01-08 11:58 - 2019-01-08 11:58 - 000090112 _____ (The Qt Company Ltd.) [File not signed] C:\Program Files\AMD\CNext\CNext\QtQuick\Layouts\qquicklayoutsplugin.dll
2019-01-08 11:58 - 2019-01-08 11:58 - 000017920 _____ (The Qt Company Ltd.) [File not signed] C:\Program Files\AMD\CNext\CNext\QtQuick\Window.2\windowplugin.dll
==================== Alternate Data Streams (Whitelisted) ========
==================== Safe Mode (Whitelisted) ==================
(If an entry is included in the fixlist, it will be removed from the registry. The "AlternateShell" will be restored.)
HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\aswSP.sys => ""="Driver"
HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Network\aswSP.sys => ""="Driver"
==================== Association (Whitelisted) =================
==================== Internet Explorer (Whitelisted) =============
BHO: Groove GFS Browser Helper -> {72853161-30C5-4D22-B7F9-0BBC1D38A37E} -> C:\Program Files\Microsoft Office\Office14\GROOVEEX.DLL [2010-03-25] (Microsoft Corporation -> Microsoft Corporation)
BHO: Office Document Cache Handler -> {B4F3A835-0E21-4959-BA22-42B3008E02FF} -> C:\Program Files\Microsoft Office\Office14\URLREDIR.DLL [2010-02-28] (Microsoft Corporation -> Microsoft Corporation)
BHO-x32: Groove GFS Browser Helper -> {72853161-30C5-4D22-B7F9-0BBC1D38A37E} -> C:\Program Files (x86)\Microsoft Office\Office14\GROOVEEX.DLL [2010-03-25] (Microsoft Corporation -> Microsoft Corporation)
BHO-x32: Office Document Cache Handler -> {B4F3A835-0E21-4959-BA22-42B3008E02FF} -> C:\Program Files (x86)\Microsoft Office\Office14\URLREDIR.DLL [2010-02-28] (Microsoft Corporation -> Microsoft Corporation)
==================== Hosts content: =========================
(If needed Hosts: directive could be included in the fixlist to reset Hosts.)
2019-03-19 05:49 - 2019-03-19 05:49 - 000000824 _____ C:\WINDOWS\system32\drivers\etc\hosts
==================== Network ===========================
(Currently there is no automatic fix for this section.)
DNS Servers: 192.168.0.1
Windows Firewall is enabled.
Network Binding:
=============
Ethernet: Realtek PCIe GbE Family Controller -> rt640x64.sys
Wi-Fi: TP-LINK Wireless USB Adapter -> athuw8x.sys
==================== Other Areas ===========================
(Currently there is no automatic fix for this section.)
HKLM\System\CurrentControlSet\Control\Session Manager\Environment\\Path -> C:\ProgramData\Oracle\Java\javapath;%SystemRoot%\system32;%SystemRoot%;%SystemRoot%\System32\Wbem;%SYSTEMROOT%\System32\WindowsPowerShell\v1.0\;%SYSTEMROOT%\System32\OpenSSH\
HKU\S-1-5-21-1013055450-3175268133-1421200633-1002\Control Panel\Desktop\\Wallpaper -> c:\windows\web\wallpaper\windows\img0.jpg
HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Policies\System => (ConsentPromptBehaviorAdmin: 5) (ConsentPromptBehaviorUser: 3) (EnableLUA: 1)
HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer => (SmartScreenEnabled: Warn)
HKLM\SOFTWARE\Microsoft\Windows Defender\Features => (TamperProtection: 0) (TamperProtectionSource: )
HKLM\SOFTWARE\Microsoft\Windows Defender\Real-Time Protection => (DpaDisabled: 0)
==================== MSCONFIG/TASK MANAGER disabled items ==
==================== FirewallRules (Whitelisted) ================
(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)
FirewallRules: [UDP Query User{FD066045-0B1E-4823-AD0D-1F6F8018BCF2}C:\program files (x86)\mozilla firefox\firefox.exe] => (Block) C:\program files (x86)\mozilla firefox\firefox.exe (Mozilla Corporation -> Mozilla Corporation)
FirewallRules: [TCP Query User{A366D502-16A0-4430-A540-BBDA0ABD001F}C:\program files (x86)\mozilla firefox\firefox.exe] => (Block) C:\program files (x86)\mozilla firefox\firefox.exe (Mozilla Corporation -> Mozilla Corporation)
FirewallRules: [UDP Query User{9F0B36BF-4BF6-4A60-8BB1-4CC2E1F588F2}D:\cfg\ieembed.exe] => (Allow) D:\cfg\ieembed.exe => No File
FirewallRules: [TCP Query User{38FE7738-048C-4BED-98C6-B35E0D22E914}D:\cfg\ieembed.exe] => (Allow) D:\cfg\ieembed.exe => No File
FirewallRules: [UDP Query User{0AC9FA5F-49A9-4E28-B679-AC199B962510}C:\windows\kmsemulator.exe] => (Block) C:\windows\kmsemulator.exe => No File
FirewallRules: [TCP Query User{6FC6251B-0BC4-4B4C-B6F9-BE9D26674473}C:\windows\kmsemulator.exe] => (Block) C:\windows\kmsemulator.exe => No File
FirewallRules: [UDP Query User{2B5FEB38-BAE6-47B8-97D2-CBDED1DF1775}C:\windows\microsoft.net\framework\v2.0.50727\vbc.exe] => (Allow) C:\windows\microsoft.net\framework\v2.0.50727\vbc.exe (Microsoft Corporation -> Microsoft Corporation)
FirewallRules: [TCP Query User{1E504421-39B8-477D-AD3D-ED4B8E1258BB}C:\windows\microsoft.net\framework\v2.0.50727\vbc.exe] => (Allow) C:\windows\microsoft.net\framework\v2.0.50727\vbc.exe (Microsoft Corporation -> Microsoft Corporation)
FirewallRules: [{C2F40F03-73E3-48BD-B33B-44CC35EB2DC5}] => (Allow) C:\Program Files (x86)\Mozilla Firefox\firefox.exe (Mozilla Corporation -> Mozilla Corporation)
FirewallRules: [{E13CA724-0D35-40D6-B91E-2B8E27499278}] => (Allow) C:\Program Files (x86)\Mozilla Firefox\firefox.exe (Mozilla Corporation -> Mozilla Corporation)
FirewallRules: [{4BFF3012-0351-4E3B-B0BD-C247B1C0177C}] => (Allow) C:\Program Files\AVAST Software\Avast\AvastUI.exe (Gen Digital Inc. -> Gen Digital Inc.)
FirewallRules: [{13934955-6237-4386-8FF6-851E43CCDBAE}] => (Allow) C:\Program Files\AVAST Software\Avast\AvastUI.exe (Gen Digital Inc. -> Gen Digital Inc.)
FirewallRules: [TCP Query User{55AF18C8-961F-4153-9C4F-1EB4C47904BC}C:\users\josef\appdata\local\mozilla firefox\firefox.exe] => (Block) C:\users\josef\appdata\local\mozilla firefox\firefox.exe (Mozilla Corporation -> Mozilla Corporation)
FirewallRules: [UDP Query User{EEF667CE-172C-4519-AD87-09241EBE982A}C:\users\josef\appdata\local\mozilla firefox\firefox.exe] => (Block) C:\users\josef\appdata\local\mozilla firefox\firefox.exe (Mozilla Corporation -> Mozilla Corporation)
FirewallRules: [{80611AF7-77E9-47BE-87B2-E23985AF9813}] => (Allow) C:\Program Files (x86)\AVAST Software\Browser\Application\AvastBrowser.exe (Gen Digital Inc. -> Gen Digital Inc.)
FirewallRules: [{A1DD3F34-CB3A-4459-B57F-4627FEC61E27}] => (Allow) C:\Program Files\Google\Chrome\Application\chrome.exe (Google LLC -> Google LLC)
FirewallRules: [{656D2D56-1583-4286-B26A-64CCBA1D4F5C}] => (Allow) C:\Program Files\WindowsApps\SpotifyAB.SpotifyMusic_1.275.510.0_x64__zpdnekdrzrea0\Spotify.exe (453637B3-4E12-4CDF-B0D3-2A3C863BF6EF -> Spotify Ltd)
FirewallRules: [{3A20FFFC-FE7B-48B0-AB14-D442F307D289}] => (Allow) C:\Program Files\WindowsApps\SpotifyAB.SpotifyMusic_1.275.510.0_x64__zpdnekdrzrea0\Spotify.exe (453637B3-4E12-4CDF-B0D3-2A3C863BF6EF -> Spotify Ltd)
FirewallRules: [{EE8C5F83-7B9E-4922-9986-6823C8EAEBF3}] => (Allow) C:\Program Files\WindowsApps\SpotifyAB.SpotifyMusic_1.275.510.0_x64__zpdnekdrzrea0\Spotify.exe (453637B3-4E12-4CDF-B0D3-2A3C863BF6EF -> Spotify Ltd)
FirewallRules: [{DE49EF03-C2AD-45B9-B177-CCA0A2985D43}] => (Allow) C:\Program Files\WindowsApps\SpotifyAB.SpotifyMusic_1.275.510.0_x64__zpdnekdrzrea0\Spotify.exe (453637B3-4E12-4CDF-B0D3-2A3C863BF6EF -> Spotify Ltd)
FirewallRules: [{8BA7F45E-D333-40A0-8533-52C74D871EB7}] => (Allow) C:\Program Files\WindowsApps\SpotifyAB.SpotifyMusic_1.275.510.0_x64__zpdnekdrzrea0\Spotify.exe (453637B3-4E12-4CDF-B0D3-2A3C863BF6EF -> Spotify Ltd)
FirewallRules: [{641B24DB-E771-478A-9241-D24093FD33FE}] => (Allow) C:\Program Files\WindowsApps\SpotifyAB.SpotifyMusic_1.275.510.0_x64__zpdnekdrzrea0\Spotify.exe (453637B3-4E12-4CDF-B0D3-2A3C863BF6EF -> Spotify Ltd)
FirewallRules: [{61B23FA0-821E-4787-89DC-87C0BA8D8927}] => (Allow) C:\Program Files\WindowsApps\SpotifyAB.SpotifyMusic_1.275.510.0_x64__zpdnekdrzrea0\Spotify.exe (453637B3-4E12-4CDF-B0D3-2A3C863BF6EF -> Spotify Ltd)
FirewallRules: [{EA01671E-9AB7-47EC-BF2F-3927B3CC7041}] => (Allow) C:\Program Files\WindowsApps\SpotifyAB.SpotifyMusic_1.275.510.0_x64__zpdnekdrzrea0\Spotify.exe (453637B3-4E12-4CDF-B0D3-2A3C863BF6EF -> Spotify Ltd)
FirewallRules: [{9A897C3D-EF5B-4F2F-94C0-A443E5A25EDA}] => (Allow) C:\Program Files\WindowsApps\SpotifyAB.SpotifyMusic_1.275.510.0_x64__zpdnekdrzrea0\Spotify.exe (453637B3-4E12-4CDF-B0D3-2A3C863BF6EF -> Spotify Ltd)
FirewallRules: [{0C9C2ACF-7754-4D70-B6A6-93F5D67511C9}] => (Allow) C:\Program Files\WindowsApps\SpotifyAB.SpotifyMusic_1.275.510.0_x64__zpdnekdrzrea0\Spotify.exe (453637B3-4E12-4CDF-B0D3-2A3C863BF6EF -> Spotify Ltd)
FirewallRules: [{EA61137B-05FE-4FFE-854F-2FE1C13A078B}] => (Allow) C:\Program Files\WindowsApps\SpotifyAB.SpotifyMusic_1.275.510.0_x64__zpdnekdrzrea0\SpotifyLauncher.exe (453637B3-4E12-4CDF-B0D3-2A3C863BF6EF -> Spotify Ltd)
FirewallRules: [{DED42D9E-0835-48DE-ABBC-E8EB400B68D2}] => (Allow) C:\Program Files\WindowsApps\SpotifyAB.SpotifyMusic_1.275.510.0_x64__zpdnekdrzrea0\SpotifyLauncher.exe (453637B3-4E12-4CDF-B0D3-2A3C863BF6EF -> Spotify Ltd)
FirewallRules: [{D69793F2-7B0A-4095-9B6A-7A855A7BB21E}] => (Allow) C:\Program Files\WindowsApps\SpotifyAB.SpotifyMusic_1.275.510.0_x64__zpdnekdrzrea0\SpotifyLauncher.exe (453637B3-4E12-4CDF-B0D3-2A3C863BF6EF -> Spotify Ltd)
==================== Restore Points =========================
15-10-2025 17:47:28 Instalační služba modulů systému Windows
15-10-2025 17:57:42 Instalační služba modulů systému Windows
15-10-2025 18:00:03 Instalační služba modulů systému Windows
28-10-2025 16:04:49 Naplánovaný kontrolní bod
==================== Faulty Device Manager Devices ============
==================== Event log errors: ========================
Application errors:
==================
Error: (10/28/2025 03:43:16 PM) (Source: SideBySide) (EventID: 78) (User: )
Description: Generování kontextu aktivace pro C:\Users\Josef\Downloads\Autoruns\Autoruns.exe se nezdařilo. Chyba v souboru manifestu nebo zásad na řádku .
Verze součásti požadovaná aplikací je v konfliktu s jinou verzí součásti, která je již aktivní.
Konfliktní součásti:
Součást 1: C:\WINDOWS\WinSxS\manifests\x86_microsoft.windows.common-controls_6595b64144ccf1df_6.0.19041.6456_none_a865dda286726b5c.manifest.
Součást 2: C:\WINDOWS\WinSxS\manifests\amd64_microsoft.windows.common-controls_6595b64144ccf1df_6.0.19041.6456_none_60b8a6cb71f64256.manifest.
Error: (10/14/2025 04:26:49 PM) (Source: Application Hang) (EventID: 1002) (User: )
Description: Program explorer.exe verze 10.0.19041.6392 přestal spolupracovat s Windows a byl ukončen. Pokud chcete zjistit, jestli je k dispozici více informací o tomto problému, vyhledejte historii problému na ovládacím panelu Zabezpečení a údržba.
ID procesu: dc
Čas spuštění: 01dc3d187568d3ca
Čas ukončení: 0
Cesta k aplikaci: C:\Windows\explorer.exe
ID hlášení: 456f30ab-ed78-49dc-abc0-8ef31d307923
Úplný název balíčku s chybou:
ID aplikace relativní podle balíčku s chybou:
Typ zablokování: Unknown
Error: (10/14/2025 04:25:35 PM) (Source: Application Hang) (EventID: 1002) (User: )
Description: Program TOTALCMD64.EXE verze 8.5.1.1 přestal spolupracovat s Windows a byl ukončen. Pokud chcete zjistit, jestli je k dispozici více informací o tomto problému, vyhledejte historii problému na ovládacím panelu Zabezpečení a údržba.
ID procesu: 34a0
Čas spuštění: 01dc3d1d744a485a
Čas ukončení: 26
Cesta k aplikaci: C:\totalcmd\TOTALCMD64.EXE
ID hlášení: c9480496-4740-4ad0-a43d-92655eefeb76
Úplný název balíčku s chybou:
ID aplikace relativní podle balíčku s chybou:
Typ zablokování: Unknown
Error: (09/18/2025 09:06:55 PM) (Source: VSS) (EventID: 13) (User: )
Description: Informace služby Stínová kopie svazku: Server COM s identifikátorem CLSID {4e14fba2-2e22-11d1-9964-00c04fbbb345} a názvem CEventSystem nelze spustit. [0x8007045b, Probíhá vypnutí systému.]
Error: (09/18/2025 09:06:55 PM) (Source: VSS) (EventID: 8193) (User: )
Description: Chyba služby Stínová kopie svazků: Při volání rutiny CoCreateInstance došlo k neočekávané chybě. hr= 0x8007045b, Probíhá vypnutí systému..
Error: (09/18/2025 09:06:55 PM) (Source: VSS) (EventID: 13) (User: )
Description: Informace služby Stínová kopie svazku: Server COM s identifikátorem CLSID {4e14fba2-2e22-11d1-9964-00c04fbbb345} a názvem CEventSystem nelze spustit. [0x8007045b, Probíhá vypnutí systému.]
Error: (09/07/2025 03:13:48 PM) (Source: Application Error) (EventID: 1000) (User: )
Description: Název chybující aplikace: Setup.exe_Microsoft Setup Bootstrapper, verze: 14.0.4755.1000, časové razítko: 0x4b989df1
Název chybujícího modulu: combase.dll, verze: 10.0.19041.6093, časové razítko: 0xbaebc921
Kód výjimky: 0xc0000005
Posun chyby: 0x00102644
ID chybujícího procesu: 0x271c
Čas spuštění chybující aplikace: 0x01dc20017b631736
Cesta k chybující aplikaci: C:\Program Files (x86)\Common Files\Microsoft Shared\OFFICE14\Office Setup Controller\Setup.exe
Cesta k chybujícímu modulu: C:\WINDOWS\System32\combase.dll
ID zprávy: 57b8e889-6ab8-4760-904a-69c1e4c14d20
Úplný název chybujícího balíčku:
ID aplikace související s chybujícím balíčkem:
Error: (08/24/2025 04:27:21 PM) (Source: VSS) (EventID: 8193) (User: )
Description: Chyba služby Stínová kopie svazků: Při volání rutiny CoCreateInstance došlo k neočekávané chybě. hr= 0x8007045b, Probíhá vypnutí systému..
System errors:
=============
Error: (10/28/2025 03:56:09 PM) (Source: Microsoft-Windows-TPM-WMI) (EventID: 1801) (User: NT AUTHORITY)
Description: Secure Boot CA/keys need to be updated. This device signature information is included here.
DeviceAttributes: BaseBoardManufacturer:ASUSTeK COMPUTER INC.;FirmwareManufacturer:American Megatrends Inc.;FirmwareVersion:1804;OEMModelNumber:System Product Name;OEMModelBaseBoard:TUF B450-PRO GAMING;OEMModelSystemFamily:To be filled by O.E.M.;OEMManufacturerName:System manufacturer;OEMModelSKU:SKU;OSArchitecture:amd64;
BucketId: aedfe27782d4d78aed57c90325b0929a5c1933cf09378dfb10a3a439f0a931b7
BucketConfidenceLevel:
UpdateType: 0
HResult: 0
Error: (10/28/2025 03:53:13 PM) (Source: Service Control Manager) (EventID: 7000) (User: )
Description: Služba Služba Aktualizace Google (gupdate) neuspěla při spuštění v důsledku následující chyby:
Služba neodpověděla na řídicí nebo zahajovací požadavek dostatečně včas.
Error: (10/28/2025 03:53:13 PM) (Source: Service Control Manager) (EventID: 7009) (User: )
Description: Při čekání na připojení služby Služba Aktualizace Google (gupdate) bylo dosaženo časového limitu (30000 ms).
Error: (10/28/2025 03:50:39 PM) (Source: Microsoft-Windows-Bits-Client) (EventID: 16392) (User: NT AUTHORITY)
Description: Službu BITS se nezdařilo spustit. Chyba 2147500053.
Error: (10/24/2025 06:07:31 PM) (Source: Schannel) (EventID: 4103) (User: NT AUTHORITY)
Description: Při vytváření přihlašovacích údajů TLS Klient se stala závažná chyba. Stav interní chyby je 10013.
Error: (10/24/2025 06:07:31 PM) (Source: Schannel) (EventID: 4103) (User: NT AUTHORITY)
Description: Při vytváření přihlašovacích údajů TLS Klient se stala závažná chyba. Stav interní chyby je 10013.
Error: (10/24/2025 06:07:31 PM) (Source: Schannel) (EventID: 4103) (User: NT AUTHORITY)
Description: Při vytváření přihlašovacích údajů TLS Klient se stala závažná chyba. Stav interní chyby je 10013.
Error: (10/24/2025 06:07:31 PM) (Source: Schannel) (EventID: 4103) (User: NT AUTHORITY)
Description: Při vytváření přihlašovacích údajů TLS Klient se stala závažná chyba. Stav interní chyby je 10013.
CodeIntegrity:
===============
Date: 2025-10-15 11:47:23
Description:
Code Integrity determined that a process (\Device\HarddiskVolume4\Program Files\AVAST Software\Avast\AvastSvc.exe) attempted to load \Device\HarddiskVolume4\Program Files\Common Files\microsoft shared\OFFICE14\MSOXMLMF.DLL that did not meet the Custom 3 / Antimalware signing level requirements.
==================== Memory info ===========================
BIOS: American Megatrends Inc. 1804 07/29/2019
Motherboard: ASUSTeK COMPUTER INC. TUF B450-PRO GAMING
Processor: AMD Ryzen 3 2200G with Radeon Vega Graphics
Percentage of memory in use: 65%
Total physical RAM: 8117.57 MB
Available physical RAM: 2814.35 MB
Total Virtual: 10352.92 MB
Available Virtual: 2120.8 MB
==================== Drives ================================
Drive c: () (Fixed) (Total:476.31 GB) (Free:291.36 GB) (Model: ADATA SX6000LNP) NTFS
\\?\Volume{94f877b3-ce1b-4d90-b581-d96ea7c0cec3}\ (Obnovení) (Fixed) (Total:0.52 GB) (Free:0.09 GB) NTFS
\\?\Volume{feed145c-9292-4c42-955e-f508c710ef6d}\ () (Fixed) (Total:0.09 GB) (Free:0.07 GB) FAT32
==================== MBR & Partition Table ====================
==========================================================
Disk: 0 (Protective MBR) (Size: 476.9 GB) (Disk ID: 00000000)
Partition: GPT.
==================== End of Addition.txt =======================
Odvirování PC, zrychlení počítače, vzdálená pomoc prostřednictvím služby neslape.cz
Vyskakující okna v prohlížeči
Moderátor: Moderátoři
Pravidla fóra
Pokud chcete pomoc, vložte log z FRST [návod zde] nebo RSIT [návod zde]
Jednotlivé thready budou po vyřešení uzamčeny. Stejně tak ty, které budou nečinné déle než 14 dní. Vizte Pravidlo o zamykání témat. Děkujeme za pochopení.
!NOVINKA!
Nově lze využívat služby vzdálené pomoci, kdy se k vašemu počítači připojí odborník a bližší informace o problému si od vás získá telefonicky! Více na www.neslape.cz
Pokud chcete pomoc, vložte log z FRST [návod zde] nebo RSIT [návod zde]
Jednotlivé thready budou po vyřešení uzamčeny. Stejně tak ty, které budou nečinné déle než 14 dní. Vizte Pravidlo o zamykání témat. Děkujeme za pochopení.
!NOVINKA!
Nově lze využívat služby vzdálené pomoci, kdy se k vašemu počítači připojí odborník a bližší informace o problému si od vás získá telefonicky! Více na www.neslape.cz
-
Rudy
- Site Admin
- Příspěvky: 119609
- Registrován: 30 říj 2003 13:42
- Bydliště: Plzeň
- Kontaktovat uživatele:
Re: Vyskakující okna v prohlížeči
Zdravím!
Otevřte poznámkový blok a zkopírujte do něj:
Otevřte poznámkový blok a zkopírujte do něj:
Uložte do C:\Users\Josef\Downloads jako fixlist.txt. Spusťte znovu FRST a klikněte na >Fix<. Po skončení akce se objeví log, který sem zkopírujte.Start
CloseProcesses:
HKLM-x32\...\Run: [] => [X]
HKLM-x32\...\Run: [HPUsageTrackingLEDM] => "C:\Program Files (x86)\HP\HP UT LEDM\bin\hppusg.exe" "C:\Program Files (x86)\HP\HP UT LEDM\" [0 2020-09-25] () <==== ATTENTION [zero byte File/Folder]
HKLM\SOFTWARE\Microsoft\Windows Defender: [DisableAntiSpyware] Restriction <==== ATTENTION
HKLM\SOFTWARE\Microsoft\Windows Defender: [DisableAntiVirus] Restriction <==== ATTENTION
HKLM\SOFTWARE\Policies\Mozilla\Firefox: Restriction <==== ATTENTION
HKLM\SOFTWARE\Policies\Google: Restriction <==== ATTENTION
C:\ProgramData\Mozilla-1de4eec8-1241-4177-a864-e594e8d1fb38\updates\D326208B1CBD9B99\--MOZ_LOG sync,prependheader,timestamp,append,maxsize:1,Dump:5 --MOZ_LOG_FILE C:\ProgramData\Mozilla-1de4eec8-1241-4177-a864-e594e8d1fb38\updates\D326208B1CBD9B99\backgroundupdate.moz_log --backgroundtask background (the data entry has 6 more characters). <==== ATTENTION
Task: {73CD3859-1408-4B3A-808C-CE7FE3C2BC12} - System32\Tasks\Mozilla\Firefox Default Browser Agent D326208B1CBD9B99 => C:\Users\Josef\AppData\Local\Mozilla Firefox\default-browser-agent.exe [34944 2025-09-17] (Mozilla Corporation -> Mozilla Foundation) <==== ATTENTION
C:\Users\Josef\AppData\Local\DCBC2A71-70D8-4DAN-EHR8-E0D61DEA3FDF.ini
FirewallRules: [UDP Query User{9F0B36BF-4BF6-4A60-8BB1-4CC2E1F588F2}D:\cfg\ieembed.exe] => (Allow) D:\cfg\ieembed.exe => No File
FirewallRules: [TCP Query User{38FE7738-048C-4BED-98C6-B35E0D22E914}D:\cfg\ieembed.exe] => (Allow) D:\cfg\ieembed.exe => No File
FirewallRules: [UDP Query User{0AC9FA5F-49A9-4E28-B679-AC199B962510}C:\windows\kmsemulator.exe] => (Block) C:\windows\kmsemulator.exe => No File
FirewallRules: [TCP Query User{6FC6251B-0BC4-4B4C-B6F9-BE9D26674473}C:\windows\kmsemulator.exe] => (Block) C:\windows\kmsemulator.exe => No File
EmptyTemp:
End
Dotazy a logy vkládejte pouze do vašich threadů. Soukromé zprávy, icq a e-maily neslouží k řešení vašich problémů.
Podpořte, prosím, naše fórum : https://platba.viry.cz/payment/.
Navštivte:
e-mail: rudy(zavináč)forum.viry.cz
Varování: Před odvirováním PC si udělejte zálohy svých důležitých dat (pošta, kontakty, dokumenty, fotografie, videa, hudba apod.). Virus mimo svých "viditelných" aktivit může poškodit systém!
Po dořešení vašeho problému bude vlákno zamknuto. Stejně tak tehdy, pokud bude nečinné více než 14dnů. Pokud budete chtít vlákno aktivovat, napište mi na mail uvedený výše.
Podpořte, prosím, naše fórum : https://platba.viry.cz/payment/.
Navštivte:
e-mail: rudy(zavináč)forum.viry.cz
Varování: Před odvirováním PC si udělejte zálohy svých důležitých dat (pošta, kontakty, dokumenty, fotografie, videa, hudba apod.). Virus mimo svých "viditelných" aktivit může poškodit systém!
Po dořešení vašeho problému bude vlákno zamknuto. Stejně tak tehdy, pokud bude nečinné více než 14dnů. Pokud budete chtít vlákno aktivovat, napište mi na mail uvedený výše.
Re: Vyskakující okna v prohlížeči
Fix result of Farbar Recovery Scan Tool (x64) Version: 27-10-2025
Ran by Josef (28-10-2025 17:29:36) Run:1
Running from C:\Users\Josef\Downloads
Loaded Profiles: Josef
Boot Mode: Normal
==============================================
fixlist content:
*****************
Start
CloseProcesses:
HKLM-x32\...\Run: [] => [X]
HKLM-x32\...\Run: [HPUsageTrackingLEDM] => "C:\Program Files (x86)\HP\HP UT LEDM\bin\hppusg.exe" "C:\Program Files (x86)\HP\HP UT LEDM\" [0 2020-09-25] () <==== ATTENTION [zero byte File/Folder]
HKLM\SOFTWARE\Microsoft\Windows Defender: [DisableAntiSpyware] Restriction <==== ATTENTION
HKLM\SOFTWARE\Microsoft\Windows Defender: [DisableAntiVirus] Restriction <==== ATTENTION
HKLM\SOFTWARE\Policies\Mozilla\Firefox: Restriction <==== ATTENTION
HKLM\SOFTWARE\Policies\Google: Restriction <==== ATTENTION
C:\ProgramData\Mozilla-1de4eec8-1241-4177-a864-e594e8d1fb38\updates\D326208B1CBD9B99\--MOZ_LOG sync,prependheader,timestamp,append,maxsize:1,Dump:5 --MOZ_LOG_FILE C:\ProgramData\Mozilla-1de4eec8-1241-4177-a864-e594e8d1fb38\updates\D326208B1CBD9B99\backgroundupdate.moz_log --backgroundtask background (the data entry has 6 more characters). <==== ATTENTION
Task: {73CD3859-1408-4B3A-808C-CE7FE3C2BC12} - System32\Tasks\Mozilla\Firefox Default Browser Agent D326208B1CBD9B99 => C:\Users\Josef\AppData\Local\Mozilla Firefox\default-browser-agent.exe [34944 2025-09-17] (Mozilla Corporation -> Mozilla Foundation) <==== ATTENTION
C:\Users\Josef\AppData\Local\DCBC2A71-70D8-4DAN-EHR8-E0D61DEA3FDF.ini
FirewallRules: [UDP Query User{9F0B36BF-4BF6-4A60-8BB1-4CC2E1F588F2}D:\cfg\ieembed.exe] => (Allow) D:\cfg\ieembed.exe => No File
FirewallRules: [TCP Query User{38FE7738-048C-4BED-98C6-B35E0D22E914}D:\cfg\ieembed.exe] => (Allow) D:\cfg\ieembed.exe => No File
FirewallRules: [UDP Query User{0AC9FA5F-49A9-4E28-B679-AC199B962510}C:\windows\kmsemulator.exe] => (Block) C:\windows\kmsemulator.exe => No File
FirewallRules: [TCP Query User{6FC6251B-0BC4-4B4C-B6F9-BE9D26674473}C:\windows\kmsemulator.exe] => (Block) C:\windows\kmsemulator.exe => No File
EmptyTemp:
End
*****************
Processes closed successfully.
"HKLM\Software\WOW6432Node\Microsoft\Windows\CurrentVersion\Run\\" => removed successfully
"HKLM\Software\WOW6432Node\Microsoft\Windows\CurrentVersion\Run\\HPUsageTrackingLEDM" => removed successfully
HKLM\SOFTWARE\Microsoft\Windows Defender\\"DisableAntiSpyware"="0" => value restored successfully
HKLM\SOFTWARE\Microsoft\Windows Defender\\"DisableAntiVirus"="0" => value restored successfully
HKLM\SOFTWARE\Policies\Mozilla => removed successfully
HKLM\SOFTWARE\Policies\Google => removed successfully
"C:\ProgramData\Mozilla-1de4eec8-1241-4177-a864-e594e8d1fb38\updates\D326208B1CBD9B99\--MOZ_LOG sync,prependheader,timestamp,append,maxsize:1,Dump:5 --MOZ_LOG_FILE C:\ProgramData\Mozilla-1de4eec8-1241-4177-a864-e594e8d1fb38\updates\D326208B1CBD9B99\backgroundupdate.moz_log --backgroundtask background (the data entry has 6 more characters). <==== ATTENTION" => not found
"HKLM\Software\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Plain\{73CD3859-1408-4B3A-808C-CE7FE3C2BC12}" => removed successfully
"HKLM\Software\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tasks\{73CD3859-1408-4B3A-808C-CE7FE3C2BC12}" => removed successfully
C:\WINDOWS\System32\Tasks\Mozilla\Firefox Default Browser Agent D326208B1CBD9B99 => moved successfully
"HKLM\Software\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tree\Mozilla\Firefox Default Browser Agent D326208B1CBD9B99" => removed successfully
C:\Users\Josef\AppData\Local\DCBC2A71-70D8-4DAN-EHR8-E0D61DEA3FDF.ini => moved successfully
"HKLM\SYSTEM\CurrentControlSet\services\SharedAccess\Parameters\FirewallPolicy\FirewallRules\\UDP Query User{9F0B36BF-4BF6-4A60-8BB1-4CC2E1F588F2}D:\cfg\ieembed.exe" => removed successfully
"HKLM\SYSTEM\CurrentControlSet\services\SharedAccess\Parameters\FirewallPolicy\FirewallRules\\TCP Query User{38FE7738-048C-4BED-98C6-B35E0D22E914}D:\cfg\ieembed.exe" => removed successfully
"HKLM\SYSTEM\CurrentControlSet\services\SharedAccess\Parameters\FirewallPolicy\FirewallRules\\UDP Query User{0AC9FA5F-49A9-4E28-B679-AC199B962510}C:\windows\kmsemulator.exe" => removed successfully
"HKLM\SYSTEM\CurrentControlSet\services\SharedAccess\Parameters\FirewallPolicy\FirewallRules\\TCP Query User{6FC6251B-0BC4-4B4C-B6F9-BE9D26674473}C:\windows\kmsemulator.exe" => removed successfully
=========== EmptyTemp: ==========
FlushDNS => completed
BITS transfer queue => 2621440 B
DOMStore, IE Recovery, AppCache, Feeds Cache, Thumbcache, IconCache => 452857441 B
Java, Discord, Steam htmlcache, WinHttpAutoProxySvc/winhttp *.cache => 0 B
Windows/system/drivers => 364 B
Edge => 0 B
Chrome => 2597788613 B
Firefox => 3075745138 B
Opera => 0 B
Temp, IE cache, history, cookies, recent:
Default => 0 B
ProgramData => 0 B
Public => 0 B
systemprofile => 453 B
systemprofile32 => 461 B
LocalService => 1823699 B
NetworkService => 1826043 B
Josef => 199899368 B
RecycleBin => 30870 B
EmptyTemp: => 5.9 GB temporary data Removed.
================================
The system needed a reboot.
==== End of Fixlog 17:32:14 ====
Ran by Josef (28-10-2025 17:29:36) Run:1
Running from C:\Users\Josef\Downloads
Loaded Profiles: Josef
Boot Mode: Normal
==============================================
fixlist content:
*****************
Start
CloseProcesses:
HKLM-x32\...\Run: [] => [X]
HKLM-x32\...\Run: [HPUsageTrackingLEDM] => "C:\Program Files (x86)\HP\HP UT LEDM\bin\hppusg.exe" "C:\Program Files (x86)\HP\HP UT LEDM\" [0 2020-09-25] () <==== ATTENTION [zero byte File/Folder]
HKLM\SOFTWARE\Microsoft\Windows Defender: [DisableAntiSpyware] Restriction <==== ATTENTION
HKLM\SOFTWARE\Microsoft\Windows Defender: [DisableAntiVirus] Restriction <==== ATTENTION
HKLM\SOFTWARE\Policies\Mozilla\Firefox: Restriction <==== ATTENTION
HKLM\SOFTWARE\Policies\Google: Restriction <==== ATTENTION
C:\ProgramData\Mozilla-1de4eec8-1241-4177-a864-e594e8d1fb38\updates\D326208B1CBD9B99\--MOZ_LOG sync,prependheader,timestamp,append,maxsize:1,Dump:5 --MOZ_LOG_FILE C:\ProgramData\Mozilla-1de4eec8-1241-4177-a864-e594e8d1fb38\updates\D326208B1CBD9B99\backgroundupdate.moz_log --backgroundtask background (the data entry has 6 more characters). <==== ATTENTION
Task: {73CD3859-1408-4B3A-808C-CE7FE3C2BC12} - System32\Tasks\Mozilla\Firefox Default Browser Agent D326208B1CBD9B99 => C:\Users\Josef\AppData\Local\Mozilla Firefox\default-browser-agent.exe [34944 2025-09-17] (Mozilla Corporation -> Mozilla Foundation) <==== ATTENTION
C:\Users\Josef\AppData\Local\DCBC2A71-70D8-4DAN-EHR8-E0D61DEA3FDF.ini
FirewallRules: [UDP Query User{9F0B36BF-4BF6-4A60-8BB1-4CC2E1F588F2}D:\cfg\ieembed.exe] => (Allow) D:\cfg\ieembed.exe => No File
FirewallRules: [TCP Query User{38FE7738-048C-4BED-98C6-B35E0D22E914}D:\cfg\ieembed.exe] => (Allow) D:\cfg\ieembed.exe => No File
FirewallRules: [UDP Query User{0AC9FA5F-49A9-4E28-B679-AC199B962510}C:\windows\kmsemulator.exe] => (Block) C:\windows\kmsemulator.exe => No File
FirewallRules: [TCP Query User{6FC6251B-0BC4-4B4C-B6F9-BE9D26674473}C:\windows\kmsemulator.exe] => (Block) C:\windows\kmsemulator.exe => No File
EmptyTemp:
End
*****************
Processes closed successfully.
"HKLM\Software\WOW6432Node\Microsoft\Windows\CurrentVersion\Run\\" => removed successfully
"HKLM\Software\WOW6432Node\Microsoft\Windows\CurrentVersion\Run\\HPUsageTrackingLEDM" => removed successfully
HKLM\SOFTWARE\Microsoft\Windows Defender\\"DisableAntiSpyware"="0" => value restored successfully
HKLM\SOFTWARE\Microsoft\Windows Defender\\"DisableAntiVirus"="0" => value restored successfully
HKLM\SOFTWARE\Policies\Mozilla => removed successfully
HKLM\SOFTWARE\Policies\Google => removed successfully
"C:\ProgramData\Mozilla-1de4eec8-1241-4177-a864-e594e8d1fb38\updates\D326208B1CBD9B99\--MOZ_LOG sync,prependheader,timestamp,append,maxsize:1,Dump:5 --MOZ_LOG_FILE C:\ProgramData\Mozilla-1de4eec8-1241-4177-a864-e594e8d1fb38\updates\D326208B1CBD9B99\backgroundupdate.moz_log --backgroundtask background (the data entry has 6 more characters). <==== ATTENTION" => not found
"HKLM\Software\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Plain\{73CD3859-1408-4B3A-808C-CE7FE3C2BC12}" => removed successfully
"HKLM\Software\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tasks\{73CD3859-1408-4B3A-808C-CE7FE3C2BC12}" => removed successfully
C:\WINDOWS\System32\Tasks\Mozilla\Firefox Default Browser Agent D326208B1CBD9B99 => moved successfully
"HKLM\Software\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tree\Mozilla\Firefox Default Browser Agent D326208B1CBD9B99" => removed successfully
C:\Users\Josef\AppData\Local\DCBC2A71-70D8-4DAN-EHR8-E0D61DEA3FDF.ini => moved successfully
"HKLM\SYSTEM\CurrentControlSet\services\SharedAccess\Parameters\FirewallPolicy\FirewallRules\\UDP Query User{9F0B36BF-4BF6-4A60-8BB1-4CC2E1F588F2}D:\cfg\ieembed.exe" => removed successfully
"HKLM\SYSTEM\CurrentControlSet\services\SharedAccess\Parameters\FirewallPolicy\FirewallRules\\TCP Query User{38FE7738-048C-4BED-98C6-B35E0D22E914}D:\cfg\ieembed.exe" => removed successfully
"HKLM\SYSTEM\CurrentControlSet\services\SharedAccess\Parameters\FirewallPolicy\FirewallRules\\UDP Query User{0AC9FA5F-49A9-4E28-B679-AC199B962510}C:\windows\kmsemulator.exe" => removed successfully
"HKLM\SYSTEM\CurrentControlSet\services\SharedAccess\Parameters\FirewallPolicy\FirewallRules\\TCP Query User{6FC6251B-0BC4-4B4C-B6F9-BE9D26674473}C:\windows\kmsemulator.exe" => removed successfully
=========== EmptyTemp: ==========
FlushDNS => completed
BITS transfer queue => 2621440 B
DOMStore, IE Recovery, AppCache, Feeds Cache, Thumbcache, IconCache => 452857441 B
Java, Discord, Steam htmlcache, WinHttpAutoProxySvc/winhttp *.cache => 0 B
Windows/system/drivers => 364 B
Edge => 0 B
Chrome => 2597788613 B
Firefox => 3075745138 B
Opera => 0 B
Temp, IE cache, history, cookies, recent:
Default => 0 B
ProgramData => 0 B
Public => 0 B
systemprofile => 453 B
systemprofile32 => 461 B
LocalService => 1823699 B
NetworkService => 1826043 B
Josef => 199899368 B
RecycleBin => 30870 B
EmptyTemp: => 5.9 GB temporary data Removed.
================================
The system needed a reboot.
==== End of Fixlog 17:32:14 ====
-
Rudy
- Site Admin
- Příspěvky: 119609
- Registrován: 30 říj 2003 13:42
- Bydliště: Plzeň
- Kontaktovat uživatele:
Re: Vyskakující okna v prohlížeči
Smazáno. Nastala nějaká změna?
Dotazy a logy vkládejte pouze do vašich threadů. Soukromé zprávy, icq a e-maily neslouží k řešení vašich problémů.
Podpořte, prosím, naše fórum : https://platba.viry.cz/payment/.
Navštivte:
e-mail: rudy(zavináč)forum.viry.cz
Varování: Před odvirováním PC si udělejte zálohy svých důležitých dat (pošta, kontakty, dokumenty, fotografie, videa, hudba apod.). Virus mimo svých "viditelných" aktivit může poškodit systém!
Po dořešení vašeho problému bude vlákno zamknuto. Stejně tak tehdy, pokud bude nečinné více než 14dnů. Pokud budete chtít vlákno aktivovat, napište mi na mail uvedený výše.
Podpořte, prosím, naše fórum : https://platba.viry.cz/payment/.
Navštivte:
e-mail: rudy(zavináč)forum.viry.cz
Varování: Před odvirováním PC si udělejte zálohy svých důležitých dat (pošta, kontakty, dokumenty, fotografie, videa, hudba apod.). Virus mimo svých "viditelných" aktivit může poškodit systém!
Po dořešení vašeho problému bude vlákno zamknuto. Stejně tak tehdy, pokud bude nečinné více než 14dnů. Pokud budete chtít vlákno aktivovat, napište mi na mail uvedený výše.
Re: Vyskakující okna v prohlížeči
Vse vypada v poradku.Diky !
-
Rudy
- Site Admin
- Příspěvky: 119609
- Registrován: 30 říj 2003 13:42
- Bydliště: Plzeň
- Kontaktovat uživatele:
Re: Vyskakující okna v prohlížeči
OK. Rádo se stalo! 
Dotazy a logy vkládejte pouze do vašich threadů. Soukromé zprávy, icq a e-maily neslouží k řešení vašich problémů.
Podpořte, prosím, naše fórum : https://platba.viry.cz/payment/.
Navštivte:
e-mail: rudy(zavináč)forum.viry.cz
Varování: Před odvirováním PC si udělejte zálohy svých důležitých dat (pošta, kontakty, dokumenty, fotografie, videa, hudba apod.). Virus mimo svých "viditelných" aktivit může poškodit systém!
Po dořešení vašeho problému bude vlákno zamknuto. Stejně tak tehdy, pokud bude nečinné více než 14dnů. Pokud budete chtít vlákno aktivovat, napište mi na mail uvedený výše.
Podpořte, prosím, naše fórum : https://platba.viry.cz/payment/.
Navštivte:
e-mail: rudy(zavináč)forum.viry.cz
Varování: Před odvirováním PC si udělejte zálohy svých důležitých dat (pošta, kontakty, dokumenty, fotografie, videa, hudba apod.). Virus mimo svých "viditelných" aktivit může poškodit systém!
Po dořešení vašeho problému bude vlákno zamknuto. Stejně tak tehdy, pokud bude nečinné více než 14dnů. Pokud budete chtít vlákno aktivovat, napište mi na mail uvedený výše.
Přispějete na provoz fóra?