Vypni antivir i firewall.
Prosím stáhni příslušnou verzi programu pro Tvůj systém 32-bit/64-bit FarbarRecovery Scan Tool (FrSt)
32bit.:
http://www.bleepingcomputer.com/downloa ... ool/dl/81/
64bit.:
http://www.bleepingcomputer.com/downloa ... ool/dl/82/
další odkaz:
http://www.bleepingcomputer.com/downloa ... scan-tool/
a ulož jej na plochu. ,pak spusť FrSt.
Potvrď způsob užití.
Neměň žádné z výchozích nastavení a klikni na položku „Scan“ („Skenovat“) .Když je skenování dokončeno, ukážou se dva logy = FRST.txt a Addition.txt a uloží se na ploše.Prosím zkopíruj sem celý jejich obsah.
Zítra odpoledne pokračujem.
Prosím o kontrolu logu Vyřešeno
-
jaro3
- člen Security týmu
-
Guru Level 15
- Příspěvky: 43359
- Registrován: červen 07
- Bydliště: Jižní Čechy
- Pohlaví:
- Stav:
Offline
Re: Prosím o kontrolu logu
Při práci s programy HJT, ComboFix,MbAM, SDFix aj. zavřete všechny ostatní aplikace a prohlížeče!
Neposílejte logy do soukromých zpráv.Po dobu mé nepřítomnosti mě zastupuje memphisto , Žbeky a Orcus.
Pokud budete spokojeni , můžete podpořit naše forum:Podpora fóra
Neposílejte logy do soukromých zpráv.Po dobu mé nepřítomnosti mě zastupuje memphisto , Žbeky a Orcus.
Pokud budete spokojeni , můžete podpořit naše forum:Podpora fóra
Re: Prosím o kontrolu logu
Děkuji za odemčení mmmartin. Moje chyba.
Re: Prosím o kontrolu logu
Scan result of Farbar Recovery Scan Tool (FRST) (x64) Version: 24-10-2025
Ran by petrb (administrator) on NOŤAS (LENOVO 20202) (25-10-2025 23:46:53)
Running from C:\Users\petrb\Desktop\FRST64.exe
Loaded Profiles: petrb
Platform: Microsoft Windows 10 Pro Version 22H2 19045.6456 (X64) Language: Čeština (Česko)
Default browser: Brave
Boot Mode: Normal
==================== Processes (Whitelisted) =================
(If an entry is included in the fixlist, the process will be closed. The file will not be moved.)
(C:\Program Files\Elantech\ETDCtrl.exe ->) (ELAN Microelectronics Corporation -> ELAN Microelectronics Corp.) C:\Program Files\Elantech\ETDCtrlHelper.exe
(C:\Program Files\Elantech\ETDService.exe ->) (ELAN Microelectronics Corporation -> ELAN Microelectronics Corp.) C:\Program Files\Elantech\ETDCtrl.exe
(C:\Program Files\Norton\Suite\nllToolsSvc.exe ->) (Microsoft Corporation -> Microsoft Corporation) C:\Program Files\Microsoft OneDrive\OneDrive.exe
(C:\Program Files\Norton\Suite\NortonSvc.exe ->) (Gen Digital Inc. -> Gen Digital Inc.) C:\Program Files\Norton\Suite\aswEngSrv.exe
(C:\Program Files\NVIDIA Corporation\Display.NvContainer\NVDisplay.Container.exe ->) (NVIDIA Corporation -> NVIDIA Corporation) C:\Program Files\NVIDIA Corporation\Display\nvxdsync.exe
(explorer.exe ->) (Intel(R) pGFX -> Intel Corporation) C:\Windows\System32\hkcmd.exe
(explorer.exe ->) (Intel(R) pGFX -> Intel Corporation) C:\Windows\System32\igfxpers.exe
(Gen Digital Inc. -> Gen Digital Inc.) C:\Program Files\Norton\Suite\NortonUI.exe <4>
(services.exe ->) (Adobe Inc. -> Adobe Inc.) C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\armsvc.exe
(services.exe ->) (ELAN Microelectronics Corporation -> ELAN Microelectronics Corp.) C:\Program Files\Elantech\ETDService.exe
(services.exe ->) (Gen Digital Inc. -> Gen Digital Inc.) C:\Program Files\Norton\Suite\afwServ.exe
(services.exe ->) (Gen Digital Inc. -> Gen Digital Inc.) C:\Program Files\Norton\Suite\aswidsagent.exe
(services.exe ->) (Gen Digital Inc. -> Gen Digital Inc.) C:\Program Files\Norton\Suite\AvDump.exe
(services.exe ->) (Gen Digital Inc. -> Gen Digital Inc.) C:\Program Files\Norton\Suite\nllToolsSvc.exe
(services.exe ->) (Gen Digital Inc. -> Gen Digital Inc.) C:\Program Files\Norton\Suite\NortonSvc.exe
(services.exe ->) (Gen Digital Inc. -> Gen Digital Inc.) C:\Program Files\Norton\Suite\VpnSvc.exe
(services.exe ->) (Microsoft Corporation -> Microsoft Corporation) C:\Program Files\Common Files\microsoft shared\ClickToRun\OfficeClickToRun.exe
(services.exe ->) (NortonLifeLock Inc. -> NortonLifeLock Inc.) C:\Program Files\Norton\Suite\wsc_proxy.exe
(services.exe ->) (NVIDIA Corporation -> NVIDIA Corporation) C:\Program Files\NVIDIA Corporation\Display.NvContainer\NVDisplay.Container.exe
(svchost.exe ->) (Brave Software, Inc. -> BraveSoftware Inc.) C:\Program Files (x86)\BraveSoftware\Update\BraveUpdate.exe
(svchost.exe ->) (Microsoft Corporation -> Microsoft Corporation) C:\Program Files\Microsoft Office\root\Office16\SDXHelper.exe
(svchost.exe ->) (Microsoft Corporation -> Microsoft Corporation) C:\Program Files\Microsoft OneDrive\25.189.0928.0002\FileCoAuth.exe
(svchost.exe ->) (Microsoft Windows -> Microsoft Corporation) C:\Windows\System32\dllhost.exe <2>
(svchost.exe ->) (Microsoft Windows -> Microsoft Corporation) C:\Windows\System32\smartscreen.exe
==================== Registry (Whitelisted) ===================
(If an entry is included in the fixlist, the registry item will be restored to default or removed. The file will not be moved.)
HKLM\...\Run: [ETDCtrl] => C:\Program Files\Elantech\ETDCtrl.exe [3242696 2015-10-07] (ELAN Microelectronics Corporation -> ELAN Microelectronics Corp.)
HKLM\...\Run: [NortonUI.exe] => C:\Program Files\Norton\Suite\AvLaunch.exe [847528 2025-10-10] (Gen Digital Inc. -> Gen Digital Inc.)
HKLM\SOFTWARE\Microsoft\Windows Defender: [DisableAntiSpyware] Restriction <==== ATTENTION
HKLM\SOFTWARE\Microsoft\Windows Defender: [DisableAntiVirus] Restriction <==== ATTENTION
HKU\S-1-5-21-2554113077-2074626399-474842529-1001\...\Run: [OneDrive] => C:\Program Files\Microsoft OneDrive\OneDrive.exe [4730744 2025-10-24] (Microsoft Corporation -> Microsoft Corporation)
HKU\S-1-5-21-2554113077-2074626399-474842529-1001\...\Run: [CCleaner Smart Cleaning] => C:\Program Files\CCleaner\CCleaner64.exe [45741280 2025-07-18] (Gen Digital Inc. -> Gen Digital Inc.)
HKU\S-1-5-21-2554113077-2074626399-474842529-1001\...\Run: [MicrosoftEdgeAutoLaunch_3FDE30BECFD206D53F96F7A16F63A897] => "C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --no-startup-window --win-session-start [4265040 2025-10-23] (Microsoft Corporation -> Microsoft Corporation)
HKU\S-1-5-21-2554113077-2074626399-474842529-1001\...\RunOnce: [Application Restart #0] => C:\Program Files\BraveSoftware\Brave-Browser\Application\brave.exe [3338320 2025-10-22] (Brave Software, Inc. -> Brave Software, Inc.)
HKLM\Software\Microsoft\Active Setup\Installed Components: [{AFE6A462-C574-4B8A-AF43-4CC60DF4563B}] -> C:\Program Files\BraveSoftware\Brave-Browser\Application\141.1.83.120\Installer\chrmstp.exe [2025-10-17] (Brave Software, Inc. -> Brave Software, Inc.)
AppInit_DLLs: C:\Windows\system32\DriverStore\FileRepository\nvltwu.inf_amd64_0221ce4ec0827f74\nvinitx.dll => C:\Windows\system32\DriverStore\FileRepository\nvltwu.inf_amd64_0221ce4ec0827f74\nvinitx.dll [183144 2017-01-17] (NVIDIA Corporation PE Sign v2016 -> NVIDIA Corporation)
AppInit_DLLs-x32: C:\Windows\system32\DriverStore\FileRepository\nvltwu.inf_amd64_0221ce4ec0827f74\nvinit.dll => C:\Windows\system32\DriverStore\FileRepository\nvltwu.inf_amd64_0221ce4ec0827f74\nvinit.dll [161016 2017-01-17] (NVIDIA Corporation PE Sign v2016 -> NVIDIA Corporation)
Startup: C:\Users\petrb\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup\Poslat do aplikace OneNote.lnk [2025-04-19]
ShortcutTarget: Poslat do aplikace OneNote.lnk -> C:\Program Files\Microsoft Office\root\Office16\ONENOTEM.EXE (Microsoft Corporation -> Microsoft Corporation)
HKLM\SOFTWARE\Policies\Mozilla\Firefox: Restriction <==== ATTENTION
==================== Scheduled Tasks (Whitelisted) =================
(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)
Task: {0A4F2019-3E69-488A-9172-1699E22B8C67} - System32\Tasks\Adobe Acrobat Update Task => C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\AdobeARM.exe [1581568 2025-08-24] (Adobe Inc. -> Adobe Inc.)
Task: {DAF243B2-5450-49A5-86FE-0434DB45FCB3} - System32\Tasks\AMHelper => C:\Program Files (x86)\Zemana\AntiMalware\AntiMalware.exe [682008 2021-03-30] (Zemana D.O.O. Sarajevo -> Zemana Ltd.)
Task: {46CFE610-DA05-48D8-BA8A-BBCC8B91992E} - System32\Tasks\BraveSoftwareUpdateTaskMachineCore{C336CD3F-B885-43D5-9156-7D3E854587F2} => C:\Program Files (x86)\BraveSoftware\Update\BraveUpdate.exe [167440 2025-01-17] (Brave Software, Inc. -> BraveSoftware Inc.)
Task: {9162BD24-38D5-48CB-9181-AD875BB8561A} - System32\Tasks\BraveSoftwareUpdateTaskMachineUA{7EA8BAF6-AEE5-4662-8E5A-99DCF6F6E914} => C:\Program Files (x86)\BraveSoftware\Update\BraveUpdate.exe [167440 2025-01-17] (Brave Software, Inc. -> BraveSoftware Inc.)
Task: {59B13F74-E0A5-4503-9459-76D3635B1F51} - System32\Tasks\CCleaner Update => C:\Program Files\CCleaner\CCUpdate.exe [3480504 2025-07-18] (Gen Digital Inc. -> Gen Digital Inc.)
Task: {AD22BDC0-8F4E-4588-B643-185B755A577B} - System32\Tasks\CCleanerCrashReporting => C:\Program Files\CCleaner\CCleanerBugReport.exe [6140640 2025-07-18] (Gen Digital Inc. -> Gen Digital Inc.) -> --product 90 --send dumps|report --path "C:\Program Files\CCleaner\LOG" --programpath "C:\Program Files\CCleaner" --guid "3ecef7d3-c4df-4819-9bad-a5729bc41191" --version "6.38.0.11537" --silent
Task: {5EC64433-DE51-4C7F-B864-9922F2BA0638} - System32\Tasks\CCleanerSkipUAC - petrb => C:\Program Files\CCleaner\CCleaner.exe [39575776 2025-07-18] (Gen Digital Inc. -> Gen Digital Inc.)
Task: {67A08F86-86C8-4A84-9DF6-2A0926A7EDA7} - System32\Tasks\Microsoft\Office\Office Actions Server => C:\Program Files\Microsoft Office\root\vfs\ProgramFilesCommonX64\Microsoft Shared\Office16\ActionsServer\ActionsServer.exe [16954704 2025-10-17] (Microsoft Corporation -> Microsoft Corporation)
Task: {53FF9627-F9F5-4132-A89B-23054D72E1F6} - System32\Tasks\Microsoft\Office\Office Automatic Updates 2.0 => C:\Program Files\Common Files\Microsoft Shared\ClickToRun\OfficeC2RClient.exe [29038464 2025-10-17] (Microsoft Corporation -> Microsoft Corporation)
Task: {96E444D9-0EBD-495D-81D0-78FD646DF165} - System32\Tasks\Microsoft\Office\Office Background Push Maintenance => C:\Program Files\Microsoft Office\root\vfs\ProgramFilesCommonx64\Microsoft Shared\Office16\opushutil.exe [70496 2025-10-17] (Microsoft Corporation -> Microsoft Corporation)
Task: {67B9762F-0A89-4F25-B6ED-63F1540CC4D5} - System32\Tasks\Microsoft\Office\Office ClickToRun Service Monitor => C:\Program Files\Common Files\Microsoft Shared\ClickToRun\OfficeC2RClient.exe [29038464 2025-10-17] (Microsoft Corporation -> Microsoft Corporation)
Task: {2755BEA8-6767-4EBE-A033-41F3E3A99334} - System32\Tasks\Microsoft\Office\Office Feature Updates => C:\Program Files\Microsoft Office\root\Office16\sdxhelper.exe [318752 2025-10-17] (Microsoft Corporation -> Microsoft Corporation)
Task: {F12CF3D6-EE50-4AF4-87F9-6AA7BBA2F0D8} - System32\Tasks\Microsoft\Office\Office Feature Updates Logon => C:\Program Files\Microsoft Office\root\Office16\sdxhelper.exe [318752 2025-10-17] (Microsoft Corporation -> Microsoft Corporation)
Task: {F5FB283E-5799-4796-80A7-E060B811BF8E} - System32\Tasks\Microsoft\Office\Office Performance Monitor => C:\Program Files\Microsoft Office\root\vfs\ProgramFilesCommonX64\Microsoft Shared\Office16\operfmon.exe [1365304 2025-10-10] (Microsoft Corporation -> Microsoft Corporation)
Task: {E96202B6-6F4A-4EA9-8461-41CE2D78C7AB} - System32\Tasks\Norton\Norton 360 Patcher => C:\Program Files\Common Files\Norton\Icarus\norton-suite\icarus.exe [9332960 2025-09-12] (Gen Digital Inc. -> Gen Digital Inc.)
Task: {5844A47F-E7E7-4650-9DB1-040F30453400} - System32\Tasks\Norton\Norton VPN Bug Report => C:\Program Files\Norton\Suite\AvBugReport.exe [6172328 2025-10-10] (Gen Digital Inc. -> Gen Digital Inc.) -> --send "dumps|report" --silent --product 187 --programpath "C:\Program Files\Norton\Suite" --configpath "C:\ProgramData\Norton\VPN" --path "C:\ProgramData\Norton\VPN\log" --path "C:\ProgramData\Norton\Icarus\Logs" --logpath "C:\ProgramData\Norton\VPN\log" --guid b3874702-d730-4e31-961c-3a9e6f96b596
Task: {70ED0430-3708-43A1-A4A5-91C78FAA0F45} - System32\Tasks\Norton\Overseer => C:\Program Files\Common Files\Norton\Overseer\overseer.exe [2979552 2025-10-17] (Gen Digital Inc. -> Gen Digital Inc.)
Task: {E048461E-B580-4862-97D9-AC6D68274ABC} - System32\Tasks\Norton\Suite Emergency Update => C:\Program Files\Norton\Suite\AvEmUpdate.exe [5575336 2025-10-10] (Gen Digital Inc. -> Gen Digital Inc.)
Task: {79A0CF4D-C811-4F94-AF67-459E8E469EC5} - System32\Tasks\OneDrive Per-Machine Standalone Update Task => C:\Program Files\Microsoft OneDrive\OneDriveStandaloneUpdater.exe [4394344 2025-10-24] (Microsoft Corporation -> Microsoft Corporation)
Task: {A025623C-08C7-4C0C-9E3A-60479F094EE4} - System32\Tasks\OneDrive Reporting Task-S-1-5-21-2554113077-2074626399-474842529-1001 => C:\Program Files\Microsoft OneDrive\OneDriveStandaloneUpdater.exe [4394344 2025-10-24] (Microsoft Corporation -> Microsoft Corporation)
Task: {8FBE54AA-F7D3-438F-88D0-0976FA0A485C} - System32\Tasks\OneDrive Startup Task-S-1-5-21-2554113077-2074626399-474842529-1001 => C:\Program Files\Microsoft OneDrive\25.189.0928.0002\OneDriveLauncher.exe [725880 2025-10-24] (Microsoft Corporation -> Microsoft Corporation)
(If an entry is included in the fixlist, the task (.job) file will be moved. The file which is running by the task will not be moved.)
Task: C:\Windows\Tasks\CCleanerCrashReporting.job => C:\Program Files\CCleaner\CCleanerBugReport.exe
==================== Internet (Whitelisted) ====================
(If an item is included in the fixlist, if it is a registry item it will be removed or restored to default.)
Tcpip\Parameters: [DhcpNameServer] 192.168.0.1
Tcpip\..\Interfaces\{0a968f64-99de-488b-87ba-d6054858b489}: [NameServer] 10.10.0.1
Tcpip\..\Interfaces\{d7f65249-004c-462c-8ff1-b2f5d13a2801}: [DhcpNameServer] 192.168.0.1
Tcpip\..\Interfaces\{d7f65249-004c-462c-8ff1-b2f5d13a2801}: [DhcpDomain] docsis.vodafone.cz
FireFox:
========
FF Plugin: @microsoft.com/SharePoint,version=14.0 -> C:\Program Files\Microsoft Office\root\Office16\NPSPWRAP.DLL [2025-09-10] (Microsoft Corporation -> Microsoft Corporation)
FF Plugin: @videolan.org/vlc,version=3.0.21 -> C:\Program Files\VideoLAN\VLC\npvlc.dll [2024-06-08] (VideoLAN -> VideoLAN)
FF Plugin: Adobe Acrobat -> C:\Program Files\Adobe\Acrobat DC\Acrobat\Air\nppdf32.dll [2025-10-16] (Adobe Inc. -> Adobe Systems Inc.)
FF Plugin-x32: @microsoft.com/SharePoint,version=14.0 -> C:\Program Files\Microsoft Office\root\VFS\ProgramFilesX86\Microsoft Office\Office16\NPSPWRAP.DLL [2025-09-10] (Microsoft Corporation -> Microsoft Corporation)
Chrome:
=======
CHR HKU\S-1-5-21-2554113077-2074626399-474842529-1001\SOFTWARE\Google\Chrome\Extensions\...\Chrome\Extension: [efaidnbmnnnibpcajpcglclefindmkaj]
CHR HKLM-x32\...\Chrome\Extension: [efaidnbmnnnibpcajpcglclefindmkaj]
Brave:
=======
BRA Profile: C:\Users\petrb\AppData\Local\BraveSoftware\Brave-Browser\User Data\Default [2025-10-25]
BRA Extension: (Adobe Acrobat: PDF edit, convert, sign tools) - C:\Users\petrb\AppData\Local\BraveSoftware\Brave-Browser\User Data\Default\Extensions\efaidnbmnnnibpcajpcglclefindmkaj [2025-10-25]
BRA Extension: (Brave Ad Block Updater (Brave First Party Adblock Filters (plaintext))) - C:\Users\petrb\AppData\Local\BraveSoftware\Brave-Browser\User Data\adcocjohghhfpidemphmcmlmhnfgikei [2025-10-25]
BRA Extension: (Brave Local Data Files Updater) - C:\Users\petrb\AppData\Local\BraveSoftware\Brave-Browser\User Data\afalakplffnnnlkncjhbmahjfjhmlkal [2025-10-25]
BRA Extension: (Brave NTP background images) - C:\Users\petrb\AppData\Local\BraveSoftware\Brave-Browser\User Data\aoojcmojmmcbpfgoecoadbdpnagfchel [2025-10-25]
BRA Extension: (Brave Ad Block Updater (Fanboy's Mobile Notifications (plaintext))) - C:\Users\petrb\AppData\Local\BraveSoftware\Brave-Browser\User Data\bfpgedeaaibpoidldhjcknekahbikncb [2025-10-25]
BRA Extension: (Brave Ad Block Updater (EasyList Cookie (plaintext))) - C:\Users\petrb\AppData\Local\BraveSoftware\Brave-Browser\User Data\cdbbhgbmjhfnhnmgeddbliobbofkgdhe [2025-10-25]
BRA Extension: (Brave NTP sponsored images) - C:\Users\petrb\AppData\Local\BraveSoftware\Brave-Browser\User Data\efkihffiamafhbhefjaljejgdpkelpal [2025-10-25]
BRA Extension: (Brave Ad Block Updater (Regional Catalog)) - C:\Users\petrb\AppData\Local\BraveSoftware\Brave-Browser\User Data\gkboaolpopklhgplhaaiboijnklogmbc [2025-10-25]
BRA Extension: (Brave Ads Resources) - C:\Users\petrb\AppData\Local\BraveSoftware\Brave-Browser\User Data\iejekkikpddbbockoldagmfcdbffomfc [2025-10-25]
BRA Extension: (Brave Ad Block Updater (Brave Default Adblock Filters (plaintext))) - C:\Users\petrb\AppData\Local\BraveSoftware\Brave-Browser\User Data\iodkpdagapdfkphljnddpjlldadblomo [2025-10-25]
BRA Extension: (Brave Ad Block Updater (Brave Default Privacy Filters (plaintext))) - C:\Users\petrb\AppData\Local\BraveSoftware\Brave-Browser\User Data\kihnoaefogbkmblfimmibknnmkllbhlf [2025-10-25]
BRA Extension: (Brave Ad Block Updater (Resources)) - C:\Users\petrb\AppData\Local\BraveSoftware\Brave-Browser\User Data\mfddibmblmbccpadfndgakiopmmhebop [2025-10-25]
BRA Extension: (Brave User Agent) - C:\Users\petrb\AppData\Local\BraveSoftware\Brave-Browser\User Data\nlpaeekllejnmhoonlpcefpfnpbajbpe [2025-10-25]
BRA Extension: (Brave Ad Block Updater (EasyList Czech and Slovak (plaintext))) - C:\Users\petrb\AppData\Local\BraveSoftware\Brave-Browser\User Data\oegebjahecghlckbhkmojgnpcgdeajdi [2025-10-25]
BRA Extension: (P3A Configuration) - C:\Users\petrb\AppData\Local\BraveSoftware\Brave-Browser\User Data\P3AConfig [2025-10-25]
==================== Services (Whitelisted) ===================
(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)
R2 AdobeARMservice; C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\armsvc.exe [174584 2025-08-24] (Adobe Inc. -> Adobe Inc.)
S2 brave; C:\Program Files (x86)\BraveSoftware\Update\BraveUpdate.exe [167440 2025-01-17] (Brave Software, Inc. -> BraveSoftware Inc.)
S3 BraveElevationService; C:\Program Files\BraveSoftware\Brave-Browser\Application\141.1.83.120\elevation_service.exe [3237456 2025-10-22] (Brave Software, Inc. -> Brave Software, Inc.)
S3 bravem; C:\Program Files (x86)\BraveSoftware\Update\BraveUpdate.exe [167440 2025-01-17] (Brave Software, Inc. -> BraveSoftware Inc.)
S3 CCleanerPerformanceOptimizerService; C:\Program Files\CCleaner\CCleanerPerformanceOptimizerService.exe [1080544 2025-07-18] (Gen Digital Inc. -> Gen Digital Inc.)
R2 ClickToRunSvc; C:\Program Files\Common Files\Microsoft Shared\ClickToRun\OfficeClickToRun.exe [13343584 2025-10-17] (Microsoft Corporation -> Microsoft Corporation)
S3 FileSyncHelper; C:\Program Files\Microsoft OneDrive\25.189.0928.0002\FileSyncHelper.exe [3604840 2025-10-24] (Microsoft Corporation -> Microsoft Corporation)
S2 MBAMService; C:\Program Files\Malwarebytes\Anti-Malware\MBAMService.exe [11130144 2025-10-25] (Malwarebytes Inc -> Malwarebytes)
S3 MBVpnTunnelService; C:\Program Files\Malwarebytes\Anti-Malware\MBVpnTunnelService.exe [2788304 2025-10-25] (Malwarebytes Inc. -> Malwarebytes)
S3 MDCoreSvc; C:\ProgramData\Microsoft\Windows Defender\platform\4.18.24090.11-0\MpDefenderCoreService.exe [1447680 2025-01-18] (Microsoft Windows Publisher -> Microsoft Corporation)
R3 nllbIDSAgent; C:\Program Files\Norton\Suite\aswidsagent.exe [8046248 2025-10-10] (Gen Digital Inc. -> Gen Digital Inc.)
R2 Norton Antivirus; C:\Program Files\Norton\Suite\NortonSvc.exe [1037992 2025-10-10] (Gen Digital Inc. -> Gen Digital Inc.)
R2 Norton Firewall; C:\Program Files\Norton\Suite\afwServ.exe [2602152 2025-10-10] (Gen Digital Inc. -> Gen Digital Inc.)
R2 Norton Tools; C:\Program Files\Norton\Suite\nllToolsSvc.exe [1091240 2025-10-10] (Gen Digital Inc. -> Gen Digital Inc.)
R2 nortonAvDumper64; C:\Program Files\Norton\Suite\AvDump.exe [3944104 2025-10-10] (Gen Digital Inc. -> Gen Digital Inc.)
R2 NortonVpn; C:\Program Files\Norton\Suite\VpnSvc.exe [14051496 2025-10-10] (Gen Digital Inc. -> Gen Digital Inc.)
R2 NortonWscReporter; C:\Program Files\Norton\Suite\wsc_proxy.exe [76552 2025-01-18] (NortonLifeLock Inc. -> NortonLifeLock Inc.)
S3 OneDrive Updater Service; C:\Program Files\Microsoft OneDrive\25.189.0928.0002\OneDriveUpdaterService.exe [3888488 2025-10-24] (Microsoft Corporation -> Microsoft Corporation)
S2 rkrtservice; C:\Program Files\RogueKiller\RogueKillerSvc.exe [16033856 2025-10-03] (ADLICE -> )
S3 Sense; C:\Program Files\Windows Defender Advanced Threat Protection\MsSense.exe [803064 2025-10-24] (Microsoft Windows Publisher -> Microsoft Corporation)
S3 WdNisSvc; C:\ProgramData\Microsoft\Windows Defender\platform\4.18.24090.11-0\NisSrv.exe [3199672 2025-01-18] (Microsoft Windows Publisher -> Microsoft Corporation)
S3 WinDefend; C:\ProgramData\Microsoft\Windows Defender\platform\4.18.24090.11-0\MsMpEng.exe [141952 2025-01-18] (Microsoft Windows Publisher -> Microsoft Corporation)
R2 NVDisplay.ContainerLocalSystem; "C:\Program Files\NVIDIA Corporation\Display.NvContainer\NVDisplay.Container.exe" -s NVDisplay.ContainerLocalSystem -f "C:\ProgramData\NVIDIA\NVDisplay.ContainerLocalSystem.log" -l 3 -d "C:\Program Files\NVIDIA Corporation\Display.NvContainer\plugins\LocalSystem"
===================== Drivers (Whitelisted) ===================
(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)
R1 amsdk; C:\Windows\system32\drivers\amsdk.sys [232792 2025-10-25] (Zemana D.O.O. Sarajevo -> Copyright 2018.)
S3 BthA2dp; C:\Windows\System32\drivers\BthA2dp.sys [279040 2019-12-07] (Microsoft Corporation) [File not signed]
S3 BthHFEnum; C:\Windows\System32\drivers\bthhfenum.sys [144896 2019-12-07] (Microsoft Corporation) [File not signed]
S3 BTHMODEM; C:\Windows\System32\drivers\bthmodem.sys [76800 2019-12-07] (Microsoft Corporation) [File not signed]
S0 MbamElam; C:\Windows\System32\DRIVERS\MbamElam.sys [22120 2025-10-25] (Microsoft Windows Early Launch Anti-malware Publisher -> Malwarebytes)
S3 MBAMSwissArmy; C:\Windows\System32\Drivers\mbamswissarmy.sys [245336 2025-10-25] (Microsoft Windows Hardware Compatibility Publisher -> Malwarebytes)
R0 nllArDisk; C:\Windows\System32\drivers\nllArDisk.sys [21088 2025-10-10] (Microsoft Windows Hardware Compatibility Publisher -> Gen Digital Inc.)
R1 nllArPot; C:\Windows\System32\drivers\nllArPot.sys [244832 2025-10-10] (Microsoft Windows Hardware Compatibility Publisher -> Gen Digital Inc.)
R1 nllbidsdriver; C:\Windows\System32\drivers\nllbidsdriver.sys [390752 2025-10-10] (Microsoft Windows Hardware Compatibility Publisher -> Gen Digital Inc.)
R0 nllbidsh; C:\Windows\System32\drivers\nllbidsh.sys [299616 2025-10-10] (Microsoft Windows Hardware Compatibility Publisher -> Gen Digital Inc.)
R0 nllbuniv; C:\Windows\System32\drivers\nllbuniv.sys [85600 2025-10-10] (Microsoft Windows Hardware Compatibility Publisher -> Gen Digital Inc.)
R0 nllElam; C:\Windows\System32\drivers\nllElam.sys [29144 2025-07-30] (Microsoft Windows Early Launch Anti-malware Publisher -> Gen Digital Inc.)
R1 nllKbd; C:\Windows\System32\drivers\nllKbd.sys [29792 2025-10-10] (Microsoft Windows Hardware Compatibility Publisher -> Gen Digital Inc.)
R1 nllMonFlt; C:\Windows\System32\drivers\nllMonFlt.sys [284768 2025-10-10] (Microsoft Windows Hardware Compatibility Publisher -> Gen Digital Inc.)
R1 nllNetHub; C:\Windows\System32\drivers\nllNetHub.sys [574048 2025-10-10] (Microsoft Windows Hardware Compatibility Publisher -> Gen Digital Inc.)
R1 nllRdr; C:\Windows\System32\drivers\nllRdr2.sys [92232 2025-10-10] (Microsoft Windows Hardware Compatibility Publisher -> Gen Digital Inc.)
R0 nllRvrt; C:\Windows\System32\drivers\nllRvrt.sys [71240 2025-10-10] (Microsoft Windows Hardware Compatibility Publisher -> Gen Digital Inc.)
R1 nllSnx; C:\Windows\System32\drivers\nllSnx.sys [876104 2025-10-10] (Microsoft Windows Hardware Compatibility Publisher -> Gen Digital Inc.)
R1 nllSP; C:\Windows\System32\drivers\nllSP.sys [1282632 2025-10-10] (Microsoft Windows Hardware Compatibility Publisher -> Gen Digital Inc.)
R3 nllStm; C:\Windows\System32\drivers\nllStm.sys [201824 2025-10-10] (Microsoft Windows Hardware Compatibility Publisher -> Gen Digital Inc.)
R0 nllVmm; C:\Windows\System32\drivers\nllVmm.sys [391776 2025-10-10] (Microsoft Windows Hardware Compatibility Publisher -> Gen Digital Inc.)
S3 nllVpnRdr; C:\Windows\System32\drivers\nllVpnRdr.sys [85584 2025-02-13] (Microsoft Windows Hardware Compatibility Publisher -> NortonLifelock Inc.)
R3 nllWintun; C:\Windows\System32\drivers\nllWintun.sys [40640 2025-01-18] (Microsoft Windows Hardware Compatibility Publisher -> NortonLifeLock Inc.)
S3 WdBoot; C:\Windows\system32\drivers\wd\WdBoot.sys [22104 2025-01-18] (Microsoft Windows Early Launch Anti-malware Publisher -> Microsoft Corporation)
S3 WdFilter; C:\Windows\system32\drivers\wd\WdFilter.sys [606624 2025-01-18] (Microsoft Windows -> Microsoft Corporation)
S3 WdNisDrv; C:\Windows\System32\drivers\wd\WdNisDrv.sys [105888 2025-01-18] (Microsoft Windows -> Microsoft Corporation)
==================== NetSvcs (Whitelisted) ===================
(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)
==================== One month (created) (Whitelisted) =========
(If an entry is included in the fixlist, the file/folder will be moved.)
2025-10-25 23:46 - 2025-10-25 23:47 - 000024048 _____ C:\Users\petrb\Desktop\FRST.txt
2025-10-25 23:46 - 2025-10-25 23:47 - 000000000 ____D C:\FRST
2025-10-25 23:43 - 2025-10-25 23:43 - 002443264 _____ (Farbar) C:\Users\petrb\Desktop\FRST64.exe
2025-10-25 04:50 - 2025-10-25 04:50 - 000000000 ____D C:\Users\petrb\AppData\Local\PeerDistRepub
2025-10-25 04:37 - 2025-10-25 23:47 - 000980712 _____ C:\Windows\ZAM.krnl.trace
2025-10-25 04:37 - 2025-10-25 04:37 - 000232792 _____ (Copyright 2018.) C:\Windows\system32\Drivers\amsdk.sys
2025-10-25 04:37 - 2025-10-25 04:37 - 000038664 _____ C:\Users\petrb\Desktop\zoek-results.txt
2025-10-25 04:37 - 2025-10-25 04:37 - 000003538 _____ C:\Windows\system32\Tasks\AMHelper
2025-10-25 04:37 - 2025-10-25 04:37 - 000001329 _____ C:\Users\Public\Desktop\Zemana AntiMalware.lnk
2025-10-25 04:37 - 2025-10-25 04:37 - 000000000 ____D C:\Users\petrb\AppData\Local\Zemana
2025-10-25 04:37 - 2025-10-25 04:37 - 000000000 ____D C:\Users\petrb\AppData\Local\AMSDK
2025-10-25 04:37 - 2025-10-25 04:37 - 000000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Zemana AntiMalware
2025-10-25 04:37 - 2025-10-25 04:37 - 000000000 ____D C:\Program Files (x86)\Zemana
2025-10-25 04:35 - 2014-02-13 23:59 - 000024064 _____ C:\Windows\zoek-delete.exe
2025-10-25 03:53 - 2025-10-25 04:29 - 000000000 ____D C:\zoek_backup
2025-10-25 03:53 - 2025-10-25 03:54 - 000000000 ____D C:\Windows\SysWOW64\DATA
2025-10-25 03:50 - 2025-10-25 03:50 - 013922376 _____ (Zemana Ltd. ) C:\Users\petrb\Desktop\Zemana.AntiMalware.Setup.exe
2025-10-25 03:50 - 2025-10-25 03:50 - 002038755 _____ C:\Users\petrb\Desktop\zoek (1).exe
2025-10-25 03:29 - 2025-10-25 03:29 - 000001650 _____ C:\Users\petrb\Desktop\rk.txt
2025-10-25 03:27 - 2025-10-25 03:29 - 000000000 ____D C:\ProgramData\RogueKiller
2025-10-25 03:27 - 2025-10-25 03:27 - 000000899 _____ C:\Users\Public\Desktop\Adlice Protect.lnk
2025-10-25 03:27 - 2025-10-25 03:27 - 000000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\RogueKiller
2025-10-25 03:27 - 2025-10-25 03:27 - 000000000 ____D C:\Program Files\RogueKiller
2025-10-25 03:25 - 2025-10-25 03:25 - 000000877 _____ C:\Users\petrb\Desktop\JRT.txt
2025-10-25 03:19 - 2025-10-25 03:19 - 051767664 _____ (Adlice Software ) C:\Users\petrb\Desktop\RogueKiller_setup.exe
2025-10-25 03:18 - 2025-10-25 03:18 - 001790024 _____ (Malwarebytes) C:\Users\petrb\Desktop\JRT.exe
2025-10-25 02:29 - 2025-10-25 02:29 - 000000000 ____D C:\Users\petrb\AppData\Local\BraveSoftware
2025-10-25 02:28 - 2025-10-25 02:28 - 000001240 _____ C:\Users\petrb\Desktop\Malwarebytes Scan Report 2025-10-25 002706.txt
2025-10-25 02:21 - 2025-10-25 02:21 - 000000000 ____D C:\Users\petrb\AppData\Local\Adobe
2025-10-25 02:20 - 2025-10-25 02:20 - 000000000 ____D C:\Users\petrb\AppData\Local\CEF
2025-10-25 02:16 - 2025-10-25 04:42 - 000000000 ____D C:\Users\petrb\AppData\Local\Malwarebytes
2025-10-25 02:16 - 2025-10-25 02:16 - 000002093 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Malwarebytes.lnk
2025-10-25 02:16 - 2025-10-25 02:16 - 000002081 _____ C:\Users\Public\Desktop\Malwarebytes.lnk
2025-10-25 02:15 - 2025-10-25 02:15 - 000000000 ____D C:\ProgramData\Malwarebytes
2025-10-25 02:15 - 2025-10-25 02:15 - 000000000 ____D C:\Program Files\Malwarebytes
2025-10-25 02:13 - 2025-10-25 02:13 - 000001422 _____ C:\Users\petrb\Desktop\AdwCleaner[S00].txt
2025-10-25 02:09 - 2025-10-25 02:09 - 000000000 ____D C:\Users\petrb\AppData\Local\Backup
2025-10-25 02:05 - 2025-10-25 02:05 - 009566696 _____ (Malwarebytes) C:\Users\petrb\Downloads\AdwCleaner.exe
2025-10-25 02:05 - 2025-10-25 02:05 - 002844952 _____ (Malwarebytes) C:\Users\petrb\Downloads\MBSetup.exe
2025-10-25 02:05 - 2025-10-25 02:05 - 000448512 _____ (OldTimer Tools) C:\Users\petrb\Downloads\TFC.exe
2025-10-25 02:04 - 2025-10-25 02:04 - 000050688 _____ (Atribune.org) C:\Users\petrb\Downloads\ATF-Cleaner.exe
2025-10-17 14:00 - 2025-10-17 14:00 - 000388608 _____ (Trend Micro Inc.) C:\Users\petrb\Downloads\HijackThis.exe
2025-10-17 13:56 - 2025-10-17 13:56 - 000000000 ____D C:\Program Files\Common Files\DESIGNER
2025-10-10 17:40 - 2025-10-10 17:40 - 000000000 ____D C:\Users\petrb\AppData\LocalLow\Temp
2025-10-10 13:38 - 2025-10-10 13:37 - 000322216 _____ (Gen Digital Inc.) C:\Windows\system32\nllBoot.exe
==================== One month (modified) ==================
(If an entry is included in the fixlist, the file/folder will be moved.)
2025-10-25 23:44 - 2025-07-16 21:08 - 000003326 _____ C:\Windows\system32\Tasks\CCleanerCrashReporting
2025-10-25 23:44 - 2025-07-16 21:08 - 000000670 _____ C:\Windows\Tasks\CCleanerCrashReporting.job
2025-10-25 23:43 - 2025-01-17 23:39 - 000003638 _____ C:\Windows\system32\Tasks\MicrosoftEdgeUpdateTaskMachineUA
2025-10-25 23:43 - 2025-01-17 23:39 - 000003512 _____ C:\Windows\system32\Tasks\MicrosoftEdgeUpdateTaskMachineCore
2025-10-25 23:42 - 2023-12-04 04:52 - 000000000 ____D C:\Windows\SystemTemp
2025-10-25 23:41 - 2019-12-07 11:14 - 000000000 ____D C:\ProgramData\regid.1991-06.com.microsoft
2025-10-25 05:47 - 2025-01-17 23:38 - 000000000 ____D C:\Windows\system32\SleepStudy
2025-10-25 04:42 - 2025-01-17 23:45 - 001605602 _____ C:\Windows\system32\PerfStringBackup.INI
2025-10-25 04:42 - 2019-12-07 16:43 - 000683606 _____ C:\Windows\system32\perfh005.dat
2025-10-25 04:42 - 2019-12-07 16:43 - 000137386 _____ C:\Windows\system32\perfc005.dat
2025-10-25 04:42 - 2019-12-07 11:13 - 000000000 ____D C:\Windows\INF
2025-10-25 04:41 - 2025-01-18 00:00 - 000000000 ___RD C:\Users\petrb\OneDrive
2025-10-25 04:36 - 2025-01-18 15:53 - 000000000 ____D C:\ProgramData\Norton
2025-10-25 04:36 - 2025-01-17 23:56 - 000000000 ____D C:\ProgramData\NVIDIA
2025-10-25 04:36 - 2025-01-17 23:38 - 000008192 ___SH C:\DumpStack.log.tmp
2025-10-25 04:36 - 2025-01-17 23:38 - 000000006 ____H C:\Windows\Tasks\SA.DAT
2025-10-25 04:35 - 2019-12-07 11:03 - 000786432 _____ C:\Windows\system32\config\BBI
2025-10-25 02:16 - 2019-12-07 11:14 - 000000000 ___HD C:\Windows\ELAMBKUP
2025-10-25 02:06 - 2025-01-18 00:16 - 000000000 ____D C:\Users\petrb\AppData\Local\Comms
2025-10-24 22:33 - 2019-12-07 11:14 - 000000000 ____D C:\Windows\AppReadiness
2025-10-24 22:31 - 2025-01-18 00:40 - 000000000 ____D C:\Program Files\Microsoft OneDrive
2025-10-24 22:31 - 2025-01-17 23:38 - 000439888 _____ C:\Windows\system32\FNTCACHE.DAT
2025-10-24 22:30 - 2025-01-18 15:39 - 000000000 ____D C:\Windows\system32\compatrel
2025-10-24 22:30 - 2019-12-07 16:47 - 000000000 ____D C:\Program Files\Windows Defender Advanced Threat Protection
2025-10-24 22:30 - 2019-12-07 11:14 - 000000000 ___RD C:\Windows\ImmersiveControlPanel
2025-10-24 22:30 - 2019-12-07 11:14 - 000000000 ____D C:\Windows\SysWOW64\setup
2025-10-24 22:30 - 2019-12-07 11:14 - 000000000 ____D C:\Windows\SysWOW64\Dism
2025-10-24 22:30 - 2019-12-07 11:14 - 000000000 ____D C:\Windows\SystemResources
2025-10-24 22:30 - 2019-12-07 11:14 - 000000000 ____D C:\Windows\system32\setup
2025-10-24 22:30 - 2019-12-07 11:14 - 000000000 ____D C:\Windows\system32\SecureBootUpdates
2025-10-24 22:30 - 2019-12-07 11:14 - 000000000 ____D C:\Windows\system32\oobe
2025-10-24 22:30 - 2019-12-07 11:14 - 000000000 ____D C:\Windows\system32\Dism
2025-10-24 22:30 - 2019-12-07 11:14 - 000000000 ____D C:\Windows\Provisioning
2025-10-24 22:30 - 2019-12-07 11:14 - 000000000 ____D C:\Windows\bcastdvr
2025-10-24 22:28 - 2025-01-30 22:54 - 000002073 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Adobe Acrobat.lnk
2025-10-24 22:28 - 2025-01-18 15:11 - 000000000 ____D C:\Windows\system32\MRT
2025-10-24 22:25 - 2025-01-18 15:11 - 214534944 ____C (Microsoft Corporation) C:\Windows\system32\MRT.exe
2025-10-24 22:25 - 2019-12-07 11:03 - 000000000 ____D C:\Windows\CbsTemp
2025-10-24 22:19 - 2025-01-17 23:40 - 003016192 _____ (Microsoft Corporation) C:\Windows\SysWOW64\PrintConfig.dll
2025-10-24 22:10 - 2019-12-07 11:14 - 000000000 ___HD C:\Program Files\WindowsApps
2025-10-24 22:07 - 2025-02-06 22:34 - 000003546 _____ C:\Windows\system32\Tasks\OneDrive Startup Task-S-1-5-21-2554113077-2074626399-474842529-1001
2025-10-24 22:07 - 2025-01-18 00:29 - 000003194 _____ C:\Windows\system32\Tasks\OneDrive Per-Machine Standalone Update Task
2025-10-24 22:07 - 2025-01-18 00:29 - 000002132 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Programs\OneDrive.lnk
2025-10-24 22:07 - 2025-01-18 00:01 - 000003592 _____ C:\Windows\system32\Tasks\OneDrive Reporting Task-S-1-5-21-2554113077-2074626399-474842529-1001
2025-10-17 14:02 - 2025-01-17 23:58 - 000000000 ____D C:\Users\petrb\AppData\Local\VirtualStore
2025-10-17 13:54 - 2025-01-18 00:23 - 000000000 ____D C:\Program Files\Microsoft Office
2025-10-17 13:54 - 2025-01-18 00:06 - 000002364 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Brave.lnk
2025-10-17 13:54 - 2025-01-17 23:39 - 000002436 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Microsoft Edge.lnk
2025-10-10 23:00 - 2025-01-17 23:55 - 000000000 ____D C:\Users\petrb
2025-10-10 20:03 - 2025-01-18 00:31 - 000000000 ____D C:\Users\petrb\AppData\Roaming\Microsoft\Word
2025-10-10 17:40 - 2025-01-30 22:56 - 000000000 ____D C:\Users\petrb\AppData\LocalLow\Adobe
2025-10-10 13:40 - 2025-01-17 23:58 - 000000000 ____D C:\Users\petrb\AppData\Local\Packages
2025-10-10 13:38 - 2025-01-18 15:55 - 000000000 ____D C:\Windows\system32\Tasks\Norton
2025-10-10 13:37 - 2025-01-18 15:55 - 001282632 _____ (Gen Digital Inc.) C:\Windows\system32\Drivers\nllSP.sys
2025-10-10 13:37 - 2025-01-18 15:55 - 000876104 _____ (Gen Digital Inc.) C:\Windows\system32\Drivers\nllSnx.sys
2025-10-10 13:37 - 2025-01-18 15:55 - 000574048 _____ (Gen Digital Inc.) C:\Windows\system32\Drivers\nllNetHub.sys
2025-10-10 13:37 - 2025-01-18 15:55 - 000391776 _____ (Gen Digital Inc.) C:\Windows\system32\Drivers\nllVmm.sys
2025-10-10 13:37 - 2025-01-18 15:55 - 000390752 _____ (Gen Digital Inc.) C:\Windows\system32\Drivers\nllbidsdriver.sys
2025-10-10 13:37 - 2025-01-18 15:55 - 000299616 _____ (Gen Digital Inc.) C:\Windows\system32\Drivers\nllbidsh.sys
2025-10-10 13:37 - 2025-01-18 15:55 - 000284768 _____ (Gen Digital Inc.) C:\Windows\system32\Drivers\nllMonFlt.sys
2025-10-10 13:37 - 2025-01-18 15:55 - 000244832 _____ (Gen Digital Inc.) C:\Windows\system32\Drivers\nllArPot.sys
2025-10-10 13:37 - 2025-01-18 15:55 - 000092232 _____ (Gen Digital Inc.) C:\Windows\system32\Drivers\nllRdr2.sys
2025-10-10 13:37 - 2025-01-18 15:55 - 000085600 _____ (Gen Digital Inc.) C:\Windows\system32\Drivers\nllbuniv.sys
2025-10-10 13:37 - 2025-01-18 15:55 - 000071240 _____ (Gen Digital Inc.) C:\Windows\system32\Drivers\nllRvrt.sys
2025-10-10 13:37 - 2025-01-18 15:55 - 000029792 _____ (Gen Digital Inc.) C:\Windows\system32\Drivers\nllKbd.sys
2025-10-10 13:37 - 2025-01-18 15:55 - 000021088 _____ (Gen Digital Inc.) C:\Windows\system32\Drivers\nllArDisk.sys
2025-09-25 21:41 - 2019-12-07 11:14 - 000000000 ____D C:\Windows\ShellExperiences
2025-09-25 21:41 - 2019-12-07 11:14 - 000000000 ____D C:\Windows\PolicyDefinitions
==================== SigCheck ============================
(There is no automatic fix for files that do not pass verification.)
==================== End of FRST.txt ========================
Ran by petrb (administrator) on NOŤAS (LENOVO 20202) (25-10-2025 23:46:53)
Running from C:\Users\petrb\Desktop\FRST64.exe
Loaded Profiles: petrb
Platform: Microsoft Windows 10 Pro Version 22H2 19045.6456 (X64) Language: Čeština (Česko)
Default browser: Brave
Boot Mode: Normal
==================== Processes (Whitelisted) =================
(If an entry is included in the fixlist, the process will be closed. The file will not be moved.)
(C:\Program Files\Elantech\ETDCtrl.exe ->) (ELAN Microelectronics Corporation -> ELAN Microelectronics Corp.) C:\Program Files\Elantech\ETDCtrlHelper.exe
(C:\Program Files\Elantech\ETDService.exe ->) (ELAN Microelectronics Corporation -> ELAN Microelectronics Corp.) C:\Program Files\Elantech\ETDCtrl.exe
(C:\Program Files\Norton\Suite\nllToolsSvc.exe ->) (Microsoft Corporation -> Microsoft Corporation) C:\Program Files\Microsoft OneDrive\OneDrive.exe
(C:\Program Files\Norton\Suite\NortonSvc.exe ->) (Gen Digital Inc. -> Gen Digital Inc.) C:\Program Files\Norton\Suite\aswEngSrv.exe
(C:\Program Files\NVIDIA Corporation\Display.NvContainer\NVDisplay.Container.exe ->) (NVIDIA Corporation -> NVIDIA Corporation) C:\Program Files\NVIDIA Corporation\Display\nvxdsync.exe
(explorer.exe ->) (Intel(R) pGFX -> Intel Corporation) C:\Windows\System32\hkcmd.exe
(explorer.exe ->) (Intel(R) pGFX -> Intel Corporation) C:\Windows\System32\igfxpers.exe
(Gen Digital Inc. -> Gen Digital Inc.) C:\Program Files\Norton\Suite\NortonUI.exe <4>
(services.exe ->) (Adobe Inc. -> Adobe Inc.) C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\armsvc.exe
(services.exe ->) (ELAN Microelectronics Corporation -> ELAN Microelectronics Corp.) C:\Program Files\Elantech\ETDService.exe
(services.exe ->) (Gen Digital Inc. -> Gen Digital Inc.) C:\Program Files\Norton\Suite\afwServ.exe
(services.exe ->) (Gen Digital Inc. -> Gen Digital Inc.) C:\Program Files\Norton\Suite\aswidsagent.exe
(services.exe ->) (Gen Digital Inc. -> Gen Digital Inc.) C:\Program Files\Norton\Suite\AvDump.exe
(services.exe ->) (Gen Digital Inc. -> Gen Digital Inc.) C:\Program Files\Norton\Suite\nllToolsSvc.exe
(services.exe ->) (Gen Digital Inc. -> Gen Digital Inc.) C:\Program Files\Norton\Suite\NortonSvc.exe
(services.exe ->) (Gen Digital Inc. -> Gen Digital Inc.) C:\Program Files\Norton\Suite\VpnSvc.exe
(services.exe ->) (Microsoft Corporation -> Microsoft Corporation) C:\Program Files\Common Files\microsoft shared\ClickToRun\OfficeClickToRun.exe
(services.exe ->) (NortonLifeLock Inc. -> NortonLifeLock Inc.) C:\Program Files\Norton\Suite\wsc_proxy.exe
(services.exe ->) (NVIDIA Corporation -> NVIDIA Corporation) C:\Program Files\NVIDIA Corporation\Display.NvContainer\NVDisplay.Container.exe
(svchost.exe ->) (Brave Software, Inc. -> BraveSoftware Inc.) C:\Program Files (x86)\BraveSoftware\Update\BraveUpdate.exe
(svchost.exe ->) (Microsoft Corporation -> Microsoft Corporation) C:\Program Files\Microsoft Office\root\Office16\SDXHelper.exe
(svchost.exe ->) (Microsoft Corporation -> Microsoft Corporation) C:\Program Files\Microsoft OneDrive\25.189.0928.0002\FileCoAuth.exe
(svchost.exe ->) (Microsoft Windows -> Microsoft Corporation) C:\Windows\System32\dllhost.exe <2>
(svchost.exe ->) (Microsoft Windows -> Microsoft Corporation) C:\Windows\System32\smartscreen.exe
==================== Registry (Whitelisted) ===================
(If an entry is included in the fixlist, the registry item will be restored to default or removed. The file will not be moved.)
HKLM\...\Run: [ETDCtrl] => C:\Program Files\Elantech\ETDCtrl.exe [3242696 2015-10-07] (ELAN Microelectronics Corporation -> ELAN Microelectronics Corp.)
HKLM\...\Run: [NortonUI.exe] => C:\Program Files\Norton\Suite\AvLaunch.exe [847528 2025-10-10] (Gen Digital Inc. -> Gen Digital Inc.)
HKLM\SOFTWARE\Microsoft\Windows Defender: [DisableAntiSpyware] Restriction <==== ATTENTION
HKLM\SOFTWARE\Microsoft\Windows Defender: [DisableAntiVirus] Restriction <==== ATTENTION
HKU\S-1-5-21-2554113077-2074626399-474842529-1001\...\Run: [OneDrive] => C:\Program Files\Microsoft OneDrive\OneDrive.exe [4730744 2025-10-24] (Microsoft Corporation -> Microsoft Corporation)
HKU\S-1-5-21-2554113077-2074626399-474842529-1001\...\Run: [CCleaner Smart Cleaning] => C:\Program Files\CCleaner\CCleaner64.exe [45741280 2025-07-18] (Gen Digital Inc. -> Gen Digital Inc.)
HKU\S-1-5-21-2554113077-2074626399-474842529-1001\...\Run: [MicrosoftEdgeAutoLaunch_3FDE30BECFD206D53F96F7A16F63A897] => "C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --no-startup-window --win-session-start [4265040 2025-10-23] (Microsoft Corporation -> Microsoft Corporation)
HKU\S-1-5-21-2554113077-2074626399-474842529-1001\...\RunOnce: [Application Restart #0] => C:\Program Files\BraveSoftware\Brave-Browser\Application\brave.exe [3338320 2025-10-22] (Brave Software, Inc. -> Brave Software, Inc.)
HKLM\Software\Microsoft\Active Setup\Installed Components: [{AFE6A462-C574-4B8A-AF43-4CC60DF4563B}] -> C:\Program Files\BraveSoftware\Brave-Browser\Application\141.1.83.120\Installer\chrmstp.exe [2025-10-17] (Brave Software, Inc. -> Brave Software, Inc.)
AppInit_DLLs: C:\Windows\system32\DriverStore\FileRepository\nvltwu.inf_amd64_0221ce4ec0827f74\nvinitx.dll => C:\Windows\system32\DriverStore\FileRepository\nvltwu.inf_amd64_0221ce4ec0827f74\nvinitx.dll [183144 2017-01-17] (NVIDIA Corporation PE Sign v2016 -> NVIDIA Corporation)
AppInit_DLLs-x32: C:\Windows\system32\DriverStore\FileRepository\nvltwu.inf_amd64_0221ce4ec0827f74\nvinit.dll => C:\Windows\system32\DriverStore\FileRepository\nvltwu.inf_amd64_0221ce4ec0827f74\nvinit.dll [161016 2017-01-17] (NVIDIA Corporation PE Sign v2016 -> NVIDIA Corporation)
Startup: C:\Users\petrb\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup\Poslat do aplikace OneNote.lnk [2025-04-19]
ShortcutTarget: Poslat do aplikace OneNote.lnk -> C:\Program Files\Microsoft Office\root\Office16\ONENOTEM.EXE (Microsoft Corporation -> Microsoft Corporation)
HKLM\SOFTWARE\Policies\Mozilla\Firefox: Restriction <==== ATTENTION
==================== Scheduled Tasks (Whitelisted) =================
(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)
Task: {0A4F2019-3E69-488A-9172-1699E22B8C67} - System32\Tasks\Adobe Acrobat Update Task => C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\AdobeARM.exe [1581568 2025-08-24] (Adobe Inc. -> Adobe Inc.)
Task: {DAF243B2-5450-49A5-86FE-0434DB45FCB3} - System32\Tasks\AMHelper => C:\Program Files (x86)\Zemana\AntiMalware\AntiMalware.exe [682008 2021-03-30] (Zemana D.O.O. Sarajevo -> Zemana Ltd.)
Task: {46CFE610-DA05-48D8-BA8A-BBCC8B91992E} - System32\Tasks\BraveSoftwareUpdateTaskMachineCore{C336CD3F-B885-43D5-9156-7D3E854587F2} => C:\Program Files (x86)\BraveSoftware\Update\BraveUpdate.exe [167440 2025-01-17] (Brave Software, Inc. -> BraveSoftware Inc.)
Task: {9162BD24-38D5-48CB-9181-AD875BB8561A} - System32\Tasks\BraveSoftwareUpdateTaskMachineUA{7EA8BAF6-AEE5-4662-8E5A-99DCF6F6E914} => C:\Program Files (x86)\BraveSoftware\Update\BraveUpdate.exe [167440 2025-01-17] (Brave Software, Inc. -> BraveSoftware Inc.)
Task: {59B13F74-E0A5-4503-9459-76D3635B1F51} - System32\Tasks\CCleaner Update => C:\Program Files\CCleaner\CCUpdate.exe [3480504 2025-07-18] (Gen Digital Inc. -> Gen Digital Inc.)
Task: {AD22BDC0-8F4E-4588-B643-185B755A577B} - System32\Tasks\CCleanerCrashReporting => C:\Program Files\CCleaner\CCleanerBugReport.exe [6140640 2025-07-18] (Gen Digital Inc. -> Gen Digital Inc.) -> --product 90 --send dumps|report --path "C:\Program Files\CCleaner\LOG" --programpath "C:\Program Files\CCleaner" --guid "3ecef7d3-c4df-4819-9bad-a5729bc41191" --version "6.38.0.11537" --silent
Task: {5EC64433-DE51-4C7F-B864-9922F2BA0638} - System32\Tasks\CCleanerSkipUAC - petrb => C:\Program Files\CCleaner\CCleaner.exe [39575776 2025-07-18] (Gen Digital Inc. -> Gen Digital Inc.)
Task: {67A08F86-86C8-4A84-9DF6-2A0926A7EDA7} - System32\Tasks\Microsoft\Office\Office Actions Server => C:\Program Files\Microsoft Office\root\vfs\ProgramFilesCommonX64\Microsoft Shared\Office16\ActionsServer\ActionsServer.exe [16954704 2025-10-17] (Microsoft Corporation -> Microsoft Corporation)
Task: {53FF9627-F9F5-4132-A89B-23054D72E1F6} - System32\Tasks\Microsoft\Office\Office Automatic Updates 2.0 => C:\Program Files\Common Files\Microsoft Shared\ClickToRun\OfficeC2RClient.exe [29038464 2025-10-17] (Microsoft Corporation -> Microsoft Corporation)
Task: {96E444D9-0EBD-495D-81D0-78FD646DF165} - System32\Tasks\Microsoft\Office\Office Background Push Maintenance => C:\Program Files\Microsoft Office\root\vfs\ProgramFilesCommonx64\Microsoft Shared\Office16\opushutil.exe [70496 2025-10-17] (Microsoft Corporation -> Microsoft Corporation)
Task: {67B9762F-0A89-4F25-B6ED-63F1540CC4D5} - System32\Tasks\Microsoft\Office\Office ClickToRun Service Monitor => C:\Program Files\Common Files\Microsoft Shared\ClickToRun\OfficeC2RClient.exe [29038464 2025-10-17] (Microsoft Corporation -> Microsoft Corporation)
Task: {2755BEA8-6767-4EBE-A033-41F3E3A99334} - System32\Tasks\Microsoft\Office\Office Feature Updates => C:\Program Files\Microsoft Office\root\Office16\sdxhelper.exe [318752 2025-10-17] (Microsoft Corporation -> Microsoft Corporation)
Task: {F12CF3D6-EE50-4AF4-87F9-6AA7BBA2F0D8} - System32\Tasks\Microsoft\Office\Office Feature Updates Logon => C:\Program Files\Microsoft Office\root\Office16\sdxhelper.exe [318752 2025-10-17] (Microsoft Corporation -> Microsoft Corporation)
Task: {F5FB283E-5799-4796-80A7-E060B811BF8E} - System32\Tasks\Microsoft\Office\Office Performance Monitor => C:\Program Files\Microsoft Office\root\vfs\ProgramFilesCommonX64\Microsoft Shared\Office16\operfmon.exe [1365304 2025-10-10] (Microsoft Corporation -> Microsoft Corporation)
Task: {E96202B6-6F4A-4EA9-8461-41CE2D78C7AB} - System32\Tasks\Norton\Norton 360 Patcher => C:\Program Files\Common Files\Norton\Icarus\norton-suite\icarus.exe [9332960 2025-09-12] (Gen Digital Inc. -> Gen Digital Inc.)
Task: {5844A47F-E7E7-4650-9DB1-040F30453400} - System32\Tasks\Norton\Norton VPN Bug Report => C:\Program Files\Norton\Suite\AvBugReport.exe [6172328 2025-10-10] (Gen Digital Inc. -> Gen Digital Inc.) -> --send "dumps|report" --silent --product 187 --programpath "C:\Program Files\Norton\Suite" --configpath "C:\ProgramData\Norton\VPN" --path "C:\ProgramData\Norton\VPN\log" --path "C:\ProgramData\Norton\Icarus\Logs" --logpath "C:\ProgramData\Norton\VPN\log" --guid b3874702-d730-4e31-961c-3a9e6f96b596
Task: {70ED0430-3708-43A1-A4A5-91C78FAA0F45} - System32\Tasks\Norton\Overseer => C:\Program Files\Common Files\Norton\Overseer\overseer.exe [2979552 2025-10-17] (Gen Digital Inc. -> Gen Digital Inc.)
Task: {E048461E-B580-4862-97D9-AC6D68274ABC} - System32\Tasks\Norton\Suite Emergency Update => C:\Program Files\Norton\Suite\AvEmUpdate.exe [5575336 2025-10-10] (Gen Digital Inc. -> Gen Digital Inc.)
Task: {79A0CF4D-C811-4F94-AF67-459E8E469EC5} - System32\Tasks\OneDrive Per-Machine Standalone Update Task => C:\Program Files\Microsoft OneDrive\OneDriveStandaloneUpdater.exe [4394344 2025-10-24] (Microsoft Corporation -> Microsoft Corporation)
Task: {A025623C-08C7-4C0C-9E3A-60479F094EE4} - System32\Tasks\OneDrive Reporting Task-S-1-5-21-2554113077-2074626399-474842529-1001 => C:\Program Files\Microsoft OneDrive\OneDriveStandaloneUpdater.exe [4394344 2025-10-24] (Microsoft Corporation -> Microsoft Corporation)
Task: {8FBE54AA-F7D3-438F-88D0-0976FA0A485C} - System32\Tasks\OneDrive Startup Task-S-1-5-21-2554113077-2074626399-474842529-1001 => C:\Program Files\Microsoft OneDrive\25.189.0928.0002\OneDriveLauncher.exe [725880 2025-10-24] (Microsoft Corporation -> Microsoft Corporation)
(If an entry is included in the fixlist, the task (.job) file will be moved. The file which is running by the task will not be moved.)
Task: C:\Windows\Tasks\CCleanerCrashReporting.job => C:\Program Files\CCleaner\CCleanerBugReport.exe
==================== Internet (Whitelisted) ====================
(If an item is included in the fixlist, if it is a registry item it will be removed or restored to default.)
Tcpip\Parameters: [DhcpNameServer] 192.168.0.1
Tcpip\..\Interfaces\{0a968f64-99de-488b-87ba-d6054858b489}: [NameServer] 10.10.0.1
Tcpip\..\Interfaces\{d7f65249-004c-462c-8ff1-b2f5d13a2801}: [DhcpNameServer] 192.168.0.1
Tcpip\..\Interfaces\{d7f65249-004c-462c-8ff1-b2f5d13a2801}: [DhcpDomain] docsis.vodafone.cz
FireFox:
========
FF Plugin: @microsoft.com/SharePoint,version=14.0 -> C:\Program Files\Microsoft Office\root\Office16\NPSPWRAP.DLL [2025-09-10] (Microsoft Corporation -> Microsoft Corporation)
FF Plugin: @videolan.org/vlc,version=3.0.21 -> C:\Program Files\VideoLAN\VLC\npvlc.dll [2024-06-08] (VideoLAN -> VideoLAN)
FF Plugin: Adobe Acrobat -> C:\Program Files\Adobe\Acrobat DC\Acrobat\Air\nppdf32.dll [2025-10-16] (Adobe Inc. -> Adobe Systems Inc.)
FF Plugin-x32: @microsoft.com/SharePoint,version=14.0 -> C:\Program Files\Microsoft Office\root\VFS\ProgramFilesX86\Microsoft Office\Office16\NPSPWRAP.DLL [2025-09-10] (Microsoft Corporation -> Microsoft Corporation)
Chrome:
=======
CHR HKU\S-1-5-21-2554113077-2074626399-474842529-1001\SOFTWARE\Google\Chrome\Extensions\...\Chrome\Extension: [efaidnbmnnnibpcajpcglclefindmkaj]
CHR HKLM-x32\...\Chrome\Extension: [efaidnbmnnnibpcajpcglclefindmkaj]
Brave:
=======
BRA Profile: C:\Users\petrb\AppData\Local\BraveSoftware\Brave-Browser\User Data\Default [2025-10-25]
BRA Extension: (Adobe Acrobat: PDF edit, convert, sign tools) - C:\Users\petrb\AppData\Local\BraveSoftware\Brave-Browser\User Data\Default\Extensions\efaidnbmnnnibpcajpcglclefindmkaj [2025-10-25]
BRA Extension: (Brave Ad Block Updater (Brave First Party Adblock Filters (plaintext))) - C:\Users\petrb\AppData\Local\BraveSoftware\Brave-Browser\User Data\adcocjohghhfpidemphmcmlmhnfgikei [2025-10-25]
BRA Extension: (Brave Local Data Files Updater) - C:\Users\petrb\AppData\Local\BraveSoftware\Brave-Browser\User Data\afalakplffnnnlkncjhbmahjfjhmlkal [2025-10-25]
BRA Extension: (Brave NTP background images) - C:\Users\petrb\AppData\Local\BraveSoftware\Brave-Browser\User Data\aoojcmojmmcbpfgoecoadbdpnagfchel [2025-10-25]
BRA Extension: (Brave Ad Block Updater (Fanboy's Mobile Notifications (plaintext))) - C:\Users\petrb\AppData\Local\BraveSoftware\Brave-Browser\User Data\bfpgedeaaibpoidldhjcknekahbikncb [2025-10-25]
BRA Extension: (Brave Ad Block Updater (EasyList Cookie (plaintext))) - C:\Users\petrb\AppData\Local\BraveSoftware\Brave-Browser\User Data\cdbbhgbmjhfnhnmgeddbliobbofkgdhe [2025-10-25]
BRA Extension: (Brave NTP sponsored images) - C:\Users\petrb\AppData\Local\BraveSoftware\Brave-Browser\User Data\efkihffiamafhbhefjaljejgdpkelpal [2025-10-25]
BRA Extension: (Brave Ad Block Updater (Regional Catalog)) - C:\Users\petrb\AppData\Local\BraveSoftware\Brave-Browser\User Data\gkboaolpopklhgplhaaiboijnklogmbc [2025-10-25]
BRA Extension: (Brave Ads Resources) - C:\Users\petrb\AppData\Local\BraveSoftware\Brave-Browser\User Data\iejekkikpddbbockoldagmfcdbffomfc [2025-10-25]
BRA Extension: (Brave Ad Block Updater (Brave Default Adblock Filters (plaintext))) - C:\Users\petrb\AppData\Local\BraveSoftware\Brave-Browser\User Data\iodkpdagapdfkphljnddpjlldadblomo [2025-10-25]
BRA Extension: (Brave Ad Block Updater (Brave Default Privacy Filters (plaintext))) - C:\Users\petrb\AppData\Local\BraveSoftware\Brave-Browser\User Data\kihnoaefogbkmblfimmibknnmkllbhlf [2025-10-25]
BRA Extension: (Brave Ad Block Updater (Resources)) - C:\Users\petrb\AppData\Local\BraveSoftware\Brave-Browser\User Data\mfddibmblmbccpadfndgakiopmmhebop [2025-10-25]
BRA Extension: (Brave User Agent) - C:\Users\petrb\AppData\Local\BraveSoftware\Brave-Browser\User Data\nlpaeekllejnmhoonlpcefpfnpbajbpe [2025-10-25]
BRA Extension: (Brave Ad Block Updater (EasyList Czech and Slovak (plaintext))) - C:\Users\petrb\AppData\Local\BraveSoftware\Brave-Browser\User Data\oegebjahecghlckbhkmojgnpcgdeajdi [2025-10-25]
BRA Extension: (P3A Configuration) - C:\Users\petrb\AppData\Local\BraveSoftware\Brave-Browser\User Data\P3AConfig [2025-10-25]
==================== Services (Whitelisted) ===================
(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)
R2 AdobeARMservice; C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\armsvc.exe [174584 2025-08-24] (Adobe Inc. -> Adobe Inc.)
S2 brave; C:\Program Files (x86)\BraveSoftware\Update\BraveUpdate.exe [167440 2025-01-17] (Brave Software, Inc. -> BraveSoftware Inc.)
S3 BraveElevationService; C:\Program Files\BraveSoftware\Brave-Browser\Application\141.1.83.120\elevation_service.exe [3237456 2025-10-22] (Brave Software, Inc. -> Brave Software, Inc.)
S3 bravem; C:\Program Files (x86)\BraveSoftware\Update\BraveUpdate.exe [167440 2025-01-17] (Brave Software, Inc. -> BraveSoftware Inc.)
S3 CCleanerPerformanceOptimizerService; C:\Program Files\CCleaner\CCleanerPerformanceOptimizerService.exe [1080544 2025-07-18] (Gen Digital Inc. -> Gen Digital Inc.)
R2 ClickToRunSvc; C:\Program Files\Common Files\Microsoft Shared\ClickToRun\OfficeClickToRun.exe [13343584 2025-10-17] (Microsoft Corporation -> Microsoft Corporation)
S3 FileSyncHelper; C:\Program Files\Microsoft OneDrive\25.189.0928.0002\FileSyncHelper.exe [3604840 2025-10-24] (Microsoft Corporation -> Microsoft Corporation)
S2 MBAMService; C:\Program Files\Malwarebytes\Anti-Malware\MBAMService.exe [11130144 2025-10-25] (Malwarebytes Inc -> Malwarebytes)
S3 MBVpnTunnelService; C:\Program Files\Malwarebytes\Anti-Malware\MBVpnTunnelService.exe [2788304 2025-10-25] (Malwarebytes Inc. -> Malwarebytes)
S3 MDCoreSvc; C:\ProgramData\Microsoft\Windows Defender\platform\4.18.24090.11-0\MpDefenderCoreService.exe [1447680 2025-01-18] (Microsoft Windows Publisher -> Microsoft Corporation)
R3 nllbIDSAgent; C:\Program Files\Norton\Suite\aswidsagent.exe [8046248 2025-10-10] (Gen Digital Inc. -> Gen Digital Inc.)
R2 Norton Antivirus; C:\Program Files\Norton\Suite\NortonSvc.exe [1037992 2025-10-10] (Gen Digital Inc. -> Gen Digital Inc.)
R2 Norton Firewall; C:\Program Files\Norton\Suite\afwServ.exe [2602152 2025-10-10] (Gen Digital Inc. -> Gen Digital Inc.)
R2 Norton Tools; C:\Program Files\Norton\Suite\nllToolsSvc.exe [1091240 2025-10-10] (Gen Digital Inc. -> Gen Digital Inc.)
R2 nortonAvDumper64; C:\Program Files\Norton\Suite\AvDump.exe [3944104 2025-10-10] (Gen Digital Inc. -> Gen Digital Inc.)
R2 NortonVpn; C:\Program Files\Norton\Suite\VpnSvc.exe [14051496 2025-10-10] (Gen Digital Inc. -> Gen Digital Inc.)
R2 NortonWscReporter; C:\Program Files\Norton\Suite\wsc_proxy.exe [76552 2025-01-18] (NortonLifeLock Inc. -> NortonLifeLock Inc.)
S3 OneDrive Updater Service; C:\Program Files\Microsoft OneDrive\25.189.0928.0002\OneDriveUpdaterService.exe [3888488 2025-10-24] (Microsoft Corporation -> Microsoft Corporation)
S2 rkrtservice; C:\Program Files\RogueKiller\RogueKillerSvc.exe [16033856 2025-10-03] (ADLICE -> )
S3 Sense; C:\Program Files\Windows Defender Advanced Threat Protection\MsSense.exe [803064 2025-10-24] (Microsoft Windows Publisher -> Microsoft Corporation)
S3 WdNisSvc; C:\ProgramData\Microsoft\Windows Defender\platform\4.18.24090.11-0\NisSrv.exe [3199672 2025-01-18] (Microsoft Windows Publisher -> Microsoft Corporation)
S3 WinDefend; C:\ProgramData\Microsoft\Windows Defender\platform\4.18.24090.11-0\MsMpEng.exe [141952 2025-01-18] (Microsoft Windows Publisher -> Microsoft Corporation)
R2 NVDisplay.ContainerLocalSystem; "C:\Program Files\NVIDIA Corporation\Display.NvContainer\NVDisplay.Container.exe" -s NVDisplay.ContainerLocalSystem -f "C:\ProgramData\NVIDIA\NVDisplay.ContainerLocalSystem.log" -l 3 -d "C:\Program Files\NVIDIA Corporation\Display.NvContainer\plugins\LocalSystem"
===================== Drivers (Whitelisted) ===================
(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)
R1 amsdk; C:\Windows\system32\drivers\amsdk.sys [232792 2025-10-25] (Zemana D.O.O. Sarajevo -> Copyright 2018.)
S3 BthA2dp; C:\Windows\System32\drivers\BthA2dp.sys [279040 2019-12-07] (Microsoft Corporation) [File not signed]
S3 BthHFEnum; C:\Windows\System32\drivers\bthhfenum.sys [144896 2019-12-07] (Microsoft Corporation) [File not signed]
S3 BTHMODEM; C:\Windows\System32\drivers\bthmodem.sys [76800 2019-12-07] (Microsoft Corporation) [File not signed]
S0 MbamElam; C:\Windows\System32\DRIVERS\MbamElam.sys [22120 2025-10-25] (Microsoft Windows Early Launch Anti-malware Publisher -> Malwarebytes)
S3 MBAMSwissArmy; C:\Windows\System32\Drivers\mbamswissarmy.sys [245336 2025-10-25] (Microsoft Windows Hardware Compatibility Publisher -> Malwarebytes)
R0 nllArDisk; C:\Windows\System32\drivers\nllArDisk.sys [21088 2025-10-10] (Microsoft Windows Hardware Compatibility Publisher -> Gen Digital Inc.)
R1 nllArPot; C:\Windows\System32\drivers\nllArPot.sys [244832 2025-10-10] (Microsoft Windows Hardware Compatibility Publisher -> Gen Digital Inc.)
R1 nllbidsdriver; C:\Windows\System32\drivers\nllbidsdriver.sys [390752 2025-10-10] (Microsoft Windows Hardware Compatibility Publisher -> Gen Digital Inc.)
R0 nllbidsh; C:\Windows\System32\drivers\nllbidsh.sys [299616 2025-10-10] (Microsoft Windows Hardware Compatibility Publisher -> Gen Digital Inc.)
R0 nllbuniv; C:\Windows\System32\drivers\nllbuniv.sys [85600 2025-10-10] (Microsoft Windows Hardware Compatibility Publisher -> Gen Digital Inc.)
R0 nllElam; C:\Windows\System32\drivers\nllElam.sys [29144 2025-07-30] (Microsoft Windows Early Launch Anti-malware Publisher -> Gen Digital Inc.)
R1 nllKbd; C:\Windows\System32\drivers\nllKbd.sys [29792 2025-10-10] (Microsoft Windows Hardware Compatibility Publisher -> Gen Digital Inc.)
R1 nllMonFlt; C:\Windows\System32\drivers\nllMonFlt.sys [284768 2025-10-10] (Microsoft Windows Hardware Compatibility Publisher -> Gen Digital Inc.)
R1 nllNetHub; C:\Windows\System32\drivers\nllNetHub.sys [574048 2025-10-10] (Microsoft Windows Hardware Compatibility Publisher -> Gen Digital Inc.)
R1 nllRdr; C:\Windows\System32\drivers\nllRdr2.sys [92232 2025-10-10] (Microsoft Windows Hardware Compatibility Publisher -> Gen Digital Inc.)
R0 nllRvrt; C:\Windows\System32\drivers\nllRvrt.sys [71240 2025-10-10] (Microsoft Windows Hardware Compatibility Publisher -> Gen Digital Inc.)
R1 nllSnx; C:\Windows\System32\drivers\nllSnx.sys [876104 2025-10-10] (Microsoft Windows Hardware Compatibility Publisher -> Gen Digital Inc.)
R1 nllSP; C:\Windows\System32\drivers\nllSP.sys [1282632 2025-10-10] (Microsoft Windows Hardware Compatibility Publisher -> Gen Digital Inc.)
R3 nllStm; C:\Windows\System32\drivers\nllStm.sys [201824 2025-10-10] (Microsoft Windows Hardware Compatibility Publisher -> Gen Digital Inc.)
R0 nllVmm; C:\Windows\System32\drivers\nllVmm.sys [391776 2025-10-10] (Microsoft Windows Hardware Compatibility Publisher -> Gen Digital Inc.)
S3 nllVpnRdr; C:\Windows\System32\drivers\nllVpnRdr.sys [85584 2025-02-13] (Microsoft Windows Hardware Compatibility Publisher -> NortonLifelock Inc.)
R3 nllWintun; C:\Windows\System32\drivers\nllWintun.sys [40640 2025-01-18] (Microsoft Windows Hardware Compatibility Publisher -> NortonLifeLock Inc.)
S3 WdBoot; C:\Windows\system32\drivers\wd\WdBoot.sys [22104 2025-01-18] (Microsoft Windows Early Launch Anti-malware Publisher -> Microsoft Corporation)
S3 WdFilter; C:\Windows\system32\drivers\wd\WdFilter.sys [606624 2025-01-18] (Microsoft Windows -> Microsoft Corporation)
S3 WdNisDrv; C:\Windows\System32\drivers\wd\WdNisDrv.sys [105888 2025-01-18] (Microsoft Windows -> Microsoft Corporation)
==================== NetSvcs (Whitelisted) ===================
(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)
==================== One month (created) (Whitelisted) =========
(If an entry is included in the fixlist, the file/folder will be moved.)
2025-10-25 23:46 - 2025-10-25 23:47 - 000024048 _____ C:\Users\petrb\Desktop\FRST.txt
2025-10-25 23:46 - 2025-10-25 23:47 - 000000000 ____D C:\FRST
2025-10-25 23:43 - 2025-10-25 23:43 - 002443264 _____ (Farbar) C:\Users\petrb\Desktop\FRST64.exe
2025-10-25 04:50 - 2025-10-25 04:50 - 000000000 ____D C:\Users\petrb\AppData\Local\PeerDistRepub
2025-10-25 04:37 - 2025-10-25 23:47 - 000980712 _____ C:\Windows\ZAM.krnl.trace
2025-10-25 04:37 - 2025-10-25 04:37 - 000232792 _____ (Copyright 2018.) C:\Windows\system32\Drivers\amsdk.sys
2025-10-25 04:37 - 2025-10-25 04:37 - 000038664 _____ C:\Users\petrb\Desktop\zoek-results.txt
2025-10-25 04:37 - 2025-10-25 04:37 - 000003538 _____ C:\Windows\system32\Tasks\AMHelper
2025-10-25 04:37 - 2025-10-25 04:37 - 000001329 _____ C:\Users\Public\Desktop\Zemana AntiMalware.lnk
2025-10-25 04:37 - 2025-10-25 04:37 - 000000000 ____D C:\Users\petrb\AppData\Local\Zemana
2025-10-25 04:37 - 2025-10-25 04:37 - 000000000 ____D C:\Users\petrb\AppData\Local\AMSDK
2025-10-25 04:37 - 2025-10-25 04:37 - 000000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Zemana AntiMalware
2025-10-25 04:37 - 2025-10-25 04:37 - 000000000 ____D C:\Program Files (x86)\Zemana
2025-10-25 04:35 - 2014-02-13 23:59 - 000024064 _____ C:\Windows\zoek-delete.exe
2025-10-25 03:53 - 2025-10-25 04:29 - 000000000 ____D C:\zoek_backup
2025-10-25 03:53 - 2025-10-25 03:54 - 000000000 ____D C:\Windows\SysWOW64\DATA
2025-10-25 03:50 - 2025-10-25 03:50 - 013922376 _____ (Zemana Ltd. ) C:\Users\petrb\Desktop\Zemana.AntiMalware.Setup.exe
2025-10-25 03:50 - 2025-10-25 03:50 - 002038755 _____ C:\Users\petrb\Desktop\zoek (1).exe
2025-10-25 03:29 - 2025-10-25 03:29 - 000001650 _____ C:\Users\petrb\Desktop\rk.txt
2025-10-25 03:27 - 2025-10-25 03:29 - 000000000 ____D C:\ProgramData\RogueKiller
2025-10-25 03:27 - 2025-10-25 03:27 - 000000899 _____ C:\Users\Public\Desktop\Adlice Protect.lnk
2025-10-25 03:27 - 2025-10-25 03:27 - 000000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\RogueKiller
2025-10-25 03:27 - 2025-10-25 03:27 - 000000000 ____D C:\Program Files\RogueKiller
2025-10-25 03:25 - 2025-10-25 03:25 - 000000877 _____ C:\Users\petrb\Desktop\JRT.txt
2025-10-25 03:19 - 2025-10-25 03:19 - 051767664 _____ (Adlice Software ) C:\Users\petrb\Desktop\RogueKiller_setup.exe
2025-10-25 03:18 - 2025-10-25 03:18 - 001790024 _____ (Malwarebytes) C:\Users\petrb\Desktop\JRT.exe
2025-10-25 02:29 - 2025-10-25 02:29 - 000000000 ____D C:\Users\petrb\AppData\Local\BraveSoftware
2025-10-25 02:28 - 2025-10-25 02:28 - 000001240 _____ C:\Users\petrb\Desktop\Malwarebytes Scan Report 2025-10-25 002706.txt
2025-10-25 02:21 - 2025-10-25 02:21 - 000000000 ____D C:\Users\petrb\AppData\Local\Adobe
2025-10-25 02:20 - 2025-10-25 02:20 - 000000000 ____D C:\Users\petrb\AppData\Local\CEF
2025-10-25 02:16 - 2025-10-25 04:42 - 000000000 ____D C:\Users\petrb\AppData\Local\Malwarebytes
2025-10-25 02:16 - 2025-10-25 02:16 - 000002093 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Malwarebytes.lnk
2025-10-25 02:16 - 2025-10-25 02:16 - 000002081 _____ C:\Users\Public\Desktop\Malwarebytes.lnk
2025-10-25 02:15 - 2025-10-25 02:15 - 000000000 ____D C:\ProgramData\Malwarebytes
2025-10-25 02:15 - 2025-10-25 02:15 - 000000000 ____D C:\Program Files\Malwarebytes
2025-10-25 02:13 - 2025-10-25 02:13 - 000001422 _____ C:\Users\petrb\Desktop\AdwCleaner[S00].txt
2025-10-25 02:09 - 2025-10-25 02:09 - 000000000 ____D C:\Users\petrb\AppData\Local\Backup
2025-10-25 02:05 - 2025-10-25 02:05 - 009566696 _____ (Malwarebytes) C:\Users\petrb\Downloads\AdwCleaner.exe
2025-10-25 02:05 - 2025-10-25 02:05 - 002844952 _____ (Malwarebytes) C:\Users\petrb\Downloads\MBSetup.exe
2025-10-25 02:05 - 2025-10-25 02:05 - 000448512 _____ (OldTimer Tools) C:\Users\petrb\Downloads\TFC.exe
2025-10-25 02:04 - 2025-10-25 02:04 - 000050688 _____ (Atribune.org) C:\Users\petrb\Downloads\ATF-Cleaner.exe
2025-10-17 14:00 - 2025-10-17 14:00 - 000388608 _____ (Trend Micro Inc.) C:\Users\petrb\Downloads\HijackThis.exe
2025-10-17 13:56 - 2025-10-17 13:56 - 000000000 ____D C:\Program Files\Common Files\DESIGNER
2025-10-10 17:40 - 2025-10-10 17:40 - 000000000 ____D C:\Users\petrb\AppData\LocalLow\Temp
2025-10-10 13:38 - 2025-10-10 13:37 - 000322216 _____ (Gen Digital Inc.) C:\Windows\system32\nllBoot.exe
==================== One month (modified) ==================
(If an entry is included in the fixlist, the file/folder will be moved.)
2025-10-25 23:44 - 2025-07-16 21:08 - 000003326 _____ C:\Windows\system32\Tasks\CCleanerCrashReporting
2025-10-25 23:44 - 2025-07-16 21:08 - 000000670 _____ C:\Windows\Tasks\CCleanerCrashReporting.job
2025-10-25 23:43 - 2025-01-17 23:39 - 000003638 _____ C:\Windows\system32\Tasks\MicrosoftEdgeUpdateTaskMachineUA
2025-10-25 23:43 - 2025-01-17 23:39 - 000003512 _____ C:\Windows\system32\Tasks\MicrosoftEdgeUpdateTaskMachineCore
2025-10-25 23:42 - 2023-12-04 04:52 - 000000000 ____D C:\Windows\SystemTemp
2025-10-25 23:41 - 2019-12-07 11:14 - 000000000 ____D C:\ProgramData\regid.1991-06.com.microsoft
2025-10-25 05:47 - 2025-01-17 23:38 - 000000000 ____D C:\Windows\system32\SleepStudy
2025-10-25 04:42 - 2025-01-17 23:45 - 001605602 _____ C:\Windows\system32\PerfStringBackup.INI
2025-10-25 04:42 - 2019-12-07 16:43 - 000683606 _____ C:\Windows\system32\perfh005.dat
2025-10-25 04:42 - 2019-12-07 16:43 - 000137386 _____ C:\Windows\system32\perfc005.dat
2025-10-25 04:42 - 2019-12-07 11:13 - 000000000 ____D C:\Windows\INF
2025-10-25 04:41 - 2025-01-18 00:00 - 000000000 ___RD C:\Users\petrb\OneDrive
2025-10-25 04:36 - 2025-01-18 15:53 - 000000000 ____D C:\ProgramData\Norton
2025-10-25 04:36 - 2025-01-17 23:56 - 000000000 ____D C:\ProgramData\NVIDIA
2025-10-25 04:36 - 2025-01-17 23:38 - 000008192 ___SH C:\DumpStack.log.tmp
2025-10-25 04:36 - 2025-01-17 23:38 - 000000006 ____H C:\Windows\Tasks\SA.DAT
2025-10-25 04:35 - 2019-12-07 11:03 - 000786432 _____ C:\Windows\system32\config\BBI
2025-10-25 02:16 - 2019-12-07 11:14 - 000000000 ___HD C:\Windows\ELAMBKUP
2025-10-25 02:06 - 2025-01-18 00:16 - 000000000 ____D C:\Users\petrb\AppData\Local\Comms
2025-10-24 22:33 - 2019-12-07 11:14 - 000000000 ____D C:\Windows\AppReadiness
2025-10-24 22:31 - 2025-01-18 00:40 - 000000000 ____D C:\Program Files\Microsoft OneDrive
2025-10-24 22:31 - 2025-01-17 23:38 - 000439888 _____ C:\Windows\system32\FNTCACHE.DAT
2025-10-24 22:30 - 2025-01-18 15:39 - 000000000 ____D C:\Windows\system32\compatrel
2025-10-24 22:30 - 2019-12-07 16:47 - 000000000 ____D C:\Program Files\Windows Defender Advanced Threat Protection
2025-10-24 22:30 - 2019-12-07 11:14 - 000000000 ___RD C:\Windows\ImmersiveControlPanel
2025-10-24 22:30 - 2019-12-07 11:14 - 000000000 ____D C:\Windows\SysWOW64\setup
2025-10-24 22:30 - 2019-12-07 11:14 - 000000000 ____D C:\Windows\SysWOW64\Dism
2025-10-24 22:30 - 2019-12-07 11:14 - 000000000 ____D C:\Windows\SystemResources
2025-10-24 22:30 - 2019-12-07 11:14 - 000000000 ____D C:\Windows\system32\setup
2025-10-24 22:30 - 2019-12-07 11:14 - 000000000 ____D C:\Windows\system32\SecureBootUpdates
2025-10-24 22:30 - 2019-12-07 11:14 - 000000000 ____D C:\Windows\system32\oobe
2025-10-24 22:30 - 2019-12-07 11:14 - 000000000 ____D C:\Windows\system32\Dism
2025-10-24 22:30 - 2019-12-07 11:14 - 000000000 ____D C:\Windows\Provisioning
2025-10-24 22:30 - 2019-12-07 11:14 - 000000000 ____D C:\Windows\bcastdvr
2025-10-24 22:28 - 2025-01-30 22:54 - 000002073 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Adobe Acrobat.lnk
2025-10-24 22:28 - 2025-01-18 15:11 - 000000000 ____D C:\Windows\system32\MRT
2025-10-24 22:25 - 2025-01-18 15:11 - 214534944 ____C (Microsoft Corporation) C:\Windows\system32\MRT.exe
2025-10-24 22:25 - 2019-12-07 11:03 - 000000000 ____D C:\Windows\CbsTemp
2025-10-24 22:19 - 2025-01-17 23:40 - 003016192 _____ (Microsoft Corporation) C:\Windows\SysWOW64\PrintConfig.dll
2025-10-24 22:10 - 2019-12-07 11:14 - 000000000 ___HD C:\Program Files\WindowsApps
2025-10-24 22:07 - 2025-02-06 22:34 - 000003546 _____ C:\Windows\system32\Tasks\OneDrive Startup Task-S-1-5-21-2554113077-2074626399-474842529-1001
2025-10-24 22:07 - 2025-01-18 00:29 - 000003194 _____ C:\Windows\system32\Tasks\OneDrive Per-Machine Standalone Update Task
2025-10-24 22:07 - 2025-01-18 00:29 - 000002132 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Programs\OneDrive.lnk
2025-10-24 22:07 - 2025-01-18 00:01 - 000003592 _____ C:\Windows\system32\Tasks\OneDrive Reporting Task-S-1-5-21-2554113077-2074626399-474842529-1001
2025-10-17 14:02 - 2025-01-17 23:58 - 000000000 ____D C:\Users\petrb\AppData\Local\VirtualStore
2025-10-17 13:54 - 2025-01-18 00:23 - 000000000 ____D C:\Program Files\Microsoft Office
2025-10-17 13:54 - 2025-01-18 00:06 - 000002364 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Brave.lnk
2025-10-17 13:54 - 2025-01-17 23:39 - 000002436 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Microsoft Edge.lnk
2025-10-10 23:00 - 2025-01-17 23:55 - 000000000 ____D C:\Users\petrb
2025-10-10 20:03 - 2025-01-18 00:31 - 000000000 ____D C:\Users\petrb\AppData\Roaming\Microsoft\Word
2025-10-10 17:40 - 2025-01-30 22:56 - 000000000 ____D C:\Users\petrb\AppData\LocalLow\Adobe
2025-10-10 13:40 - 2025-01-17 23:58 - 000000000 ____D C:\Users\petrb\AppData\Local\Packages
2025-10-10 13:38 - 2025-01-18 15:55 - 000000000 ____D C:\Windows\system32\Tasks\Norton
2025-10-10 13:37 - 2025-01-18 15:55 - 001282632 _____ (Gen Digital Inc.) C:\Windows\system32\Drivers\nllSP.sys
2025-10-10 13:37 - 2025-01-18 15:55 - 000876104 _____ (Gen Digital Inc.) C:\Windows\system32\Drivers\nllSnx.sys
2025-10-10 13:37 - 2025-01-18 15:55 - 000574048 _____ (Gen Digital Inc.) C:\Windows\system32\Drivers\nllNetHub.sys
2025-10-10 13:37 - 2025-01-18 15:55 - 000391776 _____ (Gen Digital Inc.) C:\Windows\system32\Drivers\nllVmm.sys
2025-10-10 13:37 - 2025-01-18 15:55 - 000390752 _____ (Gen Digital Inc.) C:\Windows\system32\Drivers\nllbidsdriver.sys
2025-10-10 13:37 - 2025-01-18 15:55 - 000299616 _____ (Gen Digital Inc.) C:\Windows\system32\Drivers\nllbidsh.sys
2025-10-10 13:37 - 2025-01-18 15:55 - 000284768 _____ (Gen Digital Inc.) C:\Windows\system32\Drivers\nllMonFlt.sys
2025-10-10 13:37 - 2025-01-18 15:55 - 000244832 _____ (Gen Digital Inc.) C:\Windows\system32\Drivers\nllArPot.sys
2025-10-10 13:37 - 2025-01-18 15:55 - 000092232 _____ (Gen Digital Inc.) C:\Windows\system32\Drivers\nllRdr2.sys
2025-10-10 13:37 - 2025-01-18 15:55 - 000085600 _____ (Gen Digital Inc.) C:\Windows\system32\Drivers\nllbuniv.sys
2025-10-10 13:37 - 2025-01-18 15:55 - 000071240 _____ (Gen Digital Inc.) C:\Windows\system32\Drivers\nllRvrt.sys
2025-10-10 13:37 - 2025-01-18 15:55 - 000029792 _____ (Gen Digital Inc.) C:\Windows\system32\Drivers\nllKbd.sys
2025-10-10 13:37 - 2025-01-18 15:55 - 000021088 _____ (Gen Digital Inc.) C:\Windows\system32\Drivers\nllArDisk.sys
2025-09-25 21:41 - 2019-12-07 11:14 - 000000000 ____D C:\Windows\ShellExperiences
2025-09-25 21:41 - 2019-12-07 11:14 - 000000000 ____D C:\Windows\PolicyDefinitions
==================== SigCheck ============================
(There is no automatic fix for files that do not pass verification.)
==================== End of FRST.txt ========================
Re: Prosím o kontrolu logu
Additional scan result of Farbar Recovery Scan Tool (x64) Version: 24-10-2025
Ran by petrb (25-10-2025 23:48:47)
Running from C:\Users\petrb\Desktop
Microsoft Windows 10 Pro Version 22H2 19045.6456 (X64) (2025-01-17 21:41:34)
Boot Mode: Normal
==========================================================
==================== Accounts: =============================
(If an entry is included in the fixlist, it will be removed.)
Administrator (S-1-5-21-2554113077-2074626399-474842529-500 - Administrator - Disabled)
DefaultAccount (S-1-5-21-2554113077-2074626399-474842529-503 - Limited - Disabled)
Guest (S-1-5-21-2554113077-2074626399-474842529-501 - Limited - Disabled)
petrb (S-1-5-21-2554113077-2074626399-474842529-1001 - Administrator - Enabled) => C:\Users\petrb
WDAGUtilityAccount (S-1-5-21-2554113077-2074626399-474842529-504 - Limited - Disabled)
==================== Security Center ========================
(If an entry is included in the fixlist, it will be removed.)
AV: Norton 360 (Enabled - Up to date) {343E1860-FD6F-AB8D-96E4-A5006AA98D2C}
AV: Windows Defender (Disabled - Up to date) {D68DDC3A-831F-4fae-9E44-DA132C1ACF46}
FW: Norton 360 (Enabled) {0C059945-B700-AAD5-BDBB-0C35947ACA57}
==================== Installed Programs ======================
(Only the adware programs with "Hidden" flag could be added to the fixlist to unhide them. The adware programs should be uninstalled manually.)
Adlice Protect version 16.4.1.0 (HKLM\...\8B3D7924-ED89-486B-8322-E8594065D5CB_is1) (Version: 16.4.1.0 - Adlice Software)
Adobe Acrobat (64-bit) (HKLM\...\{AC76BA86-1029-1033-7760-BC15014EA700}) (Version: 25.001.20813 - Adobe)
Adobe Refresh Manager (HKLM-x32\...\{AC76BA86-0804-1033-1959-018244601120}) (Version: 1.8.0 - Adobe Systems Incorporated) Hidden
Brave (HKLM-x32\...\BraveSoftware Brave-Browser) (Version: 141.1.83.120 - Autoři prohlížeče Brave)
CCleaner (HKLM\...\CCleaner) (Version: 6.38 - Piriform)
ELAN Touchpad 11.15.0.18_X64 (HKLM\...\Elantech) (Version: 11.15.0.18 - ELAN Microelectronic Corp.)
Malwarebytes version 5.4.2.217 (HKLM\...\{35065F43-4BB2-439A-BFF7-0F1014F2E0CD}_is1) (Version: 5.4.2.217 - Malwarebytes)
Microsoft Edge (HKLM-x32\...\{9ABA4408-FB9C-3BA1-87D2-C10432A44A67}) (Version: 141.0.3537.99 - Microsoft Corporation)
Microsoft Edge WebView2 Runtime (HKLM-x32\...\Microsoft EdgeWebView) (Version: 141.0.3537.99 - Microsoft Corporation) Hidden
Microsoft Office Professional Plus 2021 - cs-cz (HKLM\...\ProPlus2021Retail - cs-cz) (Version: 16.0.19231.20194 - Microsoft Corporation)
Microsoft OneDrive (HKLM\...\OneDriveSetup.exe) (Version: 25.189.0928.0002 - Microsoft Corporation)
Microsoft Update Health Tools (HKLM\...\{1FC1A6C2-576E-489A-9B4A-92D21F542136}) (Version: 3.74.0.0 - Microsoft Corporation)
Norton 360 (HKLM\...\Norton 360) (Version: 25.9.10453.1989 - Gen Digital Inc.)
NVIDIA Ovladače grafiky 376.54 (HKLM\...\{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_Display.Driver) (Version: 376.54 - NVIDIA Corporation)
Office 16 Click-to-Run Extensibility Component (HKLM\...\{90160000-008C-0000-1000-0000000FF1CE}) (Version: 16.0.19231.20194 - Microsoft Corporation) Hidden
Office 16 Click-to-Run Licensing Component (HKLM\...\{90160000-007E-0000-1000-0000000FF1CE}) (Version: 16.0.19029.20208 - Microsoft Corporation) Hidden
Roblox Player for petrb (HKU\S-1-5-21-2554113077-2074626399-474842529-1001\...\roblox-player) (Version: - Roblox Corporation)
Update for x64-based Windows Systems (KB5001716) (HKLM\...\{B8D93870-98D1-4980-AFCA-E26563CDFB79}) (Version: 8.94.0.0 - Microsoft Corporation)
VLC media player (HKLM\...\VLC media player) (Version: 3.0.21 - VideoLAN)
Vulkan Run Time Libraries 1.0.26.0 (HKLM\...\VulkanRT1.0.26.0) (Version: 1.0.26.0 - LunarG, Inc.)
WinRAR 7.01 (64-bit) (HKLM\...\WinRAR archiver) (Version: 7.01.0 - win.rar GmbH)
Zemana AntiMalware verze 3.2.28 (HKLM-x32\...\{4E1F3677-C72E-4F7D-B66E-85467B1A289E}_is1) (Version: 3.2.28 - Zemana)
Packages:
=========
Local Artificial Intelligence Manager -> C:\Program Files\Microsoft Office\root\vfs\ProgramFilesCommonx64\Microsoft Shared\Office16\AI [2025-10-17] ()
Microsoft.Office.ActionsServer -> C:\Program Files\Microsoft Office\root\vfs\ProgramFilesCommonx64\Microsoft Shared\Office16\ActionsServer [2025-10-17] ()
OfficePushNotificationsUtility -> C:\Program Files\Microsoft Office\root\vfs\ProgramFilesCommonx64\Microsoft Shared\Office16 [2025-10-17] ()
==================== Custom CLSID (Whitelisted): ==============
(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)
CustomCLSID: HKU\S-1-5-21-2554113077-2074626399-474842529-1001_Classes\CLSID\{38142727-3008-9161-1521-349515000000}\localserver32 -> C:\Program Files\Adobe\Acrobat DC\Acrobat\ADNotificationManager.exe (Adobe Inc. -> Adobe)
ShellIconOverlayIdentifiers: [ OneDrive1] -> {BBACC218-34EA-4666-9D7A-C78F2274A524} => C:\Program Files\Microsoft OneDrive\25.189.0928.0002\FileSyncShell64.dll [2025-10-24] (Microsoft Corporation -> Microsoft Corporation)
ShellIconOverlayIdentifiers: [ OneDrive2] -> {5AB7172C-9C11-405C-8DD5-AF20F3606282} => C:\Program Files\Microsoft OneDrive\25.189.0928.0002\FileSyncShell64.dll [2025-10-24] (Microsoft Corporation -> Microsoft Corporation)
ShellIconOverlayIdentifiers: [ OneDrive3] -> {A78ED123-AB77-406B-9962-2A5D9D2F7F30} => C:\Program Files\Microsoft OneDrive\25.189.0928.0002\FileSyncShell64.dll [2025-10-24] (Microsoft Corporation -> Microsoft Corporation)
ShellIconOverlayIdentifiers: [ OneDrive4] -> {F241C880-6982-4CE5-8CF7-7085BA96DA5A} => C:\Program Files\Microsoft OneDrive\25.189.0928.0002\FileSyncShell64.dll [2025-10-24] (Microsoft Corporation -> Microsoft Corporation)
ShellIconOverlayIdentifiers: [ OneDrive5] -> {A0396A93-DC06-4AEF-BEE9-95FFCCAEF20E} => C:\Program Files\Microsoft OneDrive\25.189.0928.0002\FileSyncShell64.dll [2025-10-24] (Microsoft Corporation -> Microsoft Corporation)
ShellIconOverlayIdentifiers: [ OneDrive6] -> {9AA2F32D-362A-42D9-9328-24A483E2CCC3} => C:\Program Files\Microsoft OneDrive\25.189.0928.0002\FileSyncShell64.dll [2025-10-24] (Microsoft Corporation -> Microsoft Corporation)
ShellIconOverlayIdentifiers: [ OneDrive7] -> {C5FF006E-2AE9-408C-B85B-2DFDD5449D9C} => C:\Program Files\Microsoft OneDrive\25.189.0928.0002\FileSyncShell64.dll [2025-10-24] (Microsoft Corporation -> Microsoft Corporation)
ShellIconOverlayIdentifiers: [001BUOverlayProtected] -> {9C11454A-4B5C-4586-B0BB-E51BB6033668} => C:\Program Files\Norton\Suite\ashShell.dll [2025-10-10] (Gen Digital Inc. -> Gen Digital Inc.)
ShellIconOverlayIdentifiers: [002BUOverlayPending] -> {5A4597A9-CC87-4ED2-A7E5-3BC62CF54901} => C:\Program Files\Norton\Suite\ashShell.dll [2025-10-10] (Gen Digital Inc. -> Gen Digital Inc.)
ShellIconOverlayIdentifiers: [003BUOverlayExcluded] -> {42DE06EE-09E4-4808-A8AA-F63B1D3F6CE5} => C:\Program Files\Norton\Suite\ashShell.dll [2025-10-10] (Gen Digital Inc. -> Gen Digital Inc.)
ShellIconOverlayIdentifiers: [00nll] -> {472083B2-C522-11CF-8763-00608CC02F24} => C:\Program Files\Norton\Suite\ashShell.dll [2025-10-10] (Gen Digital Inc. -> Gen Digital Inc.)
ShellIconOverlayIdentifiers-x32: [ OneDrive1] -> {BBACC218-34EA-4666-9D7A-C78F2274A524} => C:\Program Files\Microsoft OneDrive\25.189.0928.0002\FileSyncShell64.dll [2025-10-24] (Microsoft Corporation -> Microsoft Corporation)
ShellIconOverlayIdentifiers-x32: [ OneDrive2] -> {5AB7172C-9C11-405C-8DD5-AF20F3606282} => C:\Program Files\Microsoft OneDrive\25.189.0928.0002\FileSyncShell64.dll [2025-10-24] (Microsoft Corporation -> Microsoft Corporation)
ShellIconOverlayIdentifiers-x32: [ OneDrive3] -> {A78ED123-AB77-406B-9962-2A5D9D2F7F30} => C:\Program Files\Microsoft OneDrive\25.189.0928.0002\FileSyncShell64.dll [2025-10-24] (Microsoft Corporation -> Microsoft Corporation)
ShellIconOverlayIdentifiers-x32: [ OneDrive4] -> {F241C880-6982-4CE5-8CF7-7085BA96DA5A} => C:\Program Files\Microsoft OneDrive\25.189.0928.0002\FileSyncShell64.dll [2025-10-24] (Microsoft Corporation -> Microsoft Corporation)
ShellIconOverlayIdentifiers-x32: [ OneDrive5] -> {A0396A93-DC06-4AEF-BEE9-95FFCCAEF20E} => C:\Program Files\Microsoft OneDrive\25.189.0928.0002\FileSyncShell64.dll [2025-10-24] (Microsoft Corporation -> Microsoft Corporation)
ShellIconOverlayIdentifiers-x32: [ OneDrive6] -> {9AA2F32D-362A-42D9-9328-24A483E2CCC3} => C:\Program Files\Microsoft OneDrive\25.189.0928.0002\FileSyncShell64.dll [2025-10-24] (Microsoft Corporation -> Microsoft Corporation)
ShellIconOverlayIdentifiers-x32: [ OneDrive7] -> {C5FF006E-2AE9-408C-B85B-2DFDD5449D9C} => C:\Program Files\Microsoft OneDrive\25.189.0928.0002\FileSyncShell64.dll [2025-10-24] (Microsoft Corporation -> Microsoft Corporation)
ShellIconOverlayIdentifiers-x32: [00nll] -> {472083B2-C522-11CF-8763-00608CC02F24} => C:\Program Files\Norton\Suite\ashShell.dll [2025-10-10] (Gen Digital Inc. -> Gen Digital Inc.)
ContextMenuHandlers1: [ FileSyncEx] -> {CB3D0F55-BC2C-4C1A-85ED-23ED75B5106B} => C:\Program Files\Microsoft OneDrive\25.189.0928.0002\FileSyncShell64.dll [2025-10-24] (Microsoft Corporation -> Microsoft Corporation)
ContextMenuHandlers1: [2.0 Zemana AntiMalware] -> {6ABB1C11-E261-4CEA-BBB5-3836225689DD} => C:\Program Files (x86)\Zemana\AntiMalware\AM_ShellExt64.dll [2021-03-30] (Zemana D.O.O. Sarajevo -> Advanced Malware Protection. Copyright 2019.)
ContextMenuHandlers1: [Adobe.Acrobat.ContextMenu] -> {A6595CD1-BF77-430A-A452-18696685F7C7} => C:\Program Files\Adobe\Acrobat DC\Acrobat Elements\ContextMenuShim64.dll [2025-09-08] (Adobe Inc. -> Adobe Systems Inc.)
ContextMenuHandlers1: [norton] -> {472083B2-C522-11CF-8763-00608CC02F24} => C:\Program Files\Norton\Suite\ashShell.dll [2025-10-10] (Gen Digital Inc. -> Gen Digital Inc.)
ContextMenuHandlers1: [WinRAR] -> {B41DB860-64E4-11D2-9906-E49FADC173CA} => C:\Program Files\WinRAR\rarext.dll [2024-05-12] (win.rar GmbH -> Alexander Roshal)
ContextMenuHandlers1-x32: [WinRAR32] -> {B41DB860-8EE4-11D2-9906-E49FADC173CA} => C:\Program Files\WinRAR\rarext32.dll [2024-05-12] (win.rar GmbH -> Alexander Roshal)
ContextMenuHandlers3: [00nll] -> {472083B2-C522-11CF-8763-00608CC02F24} => C:\Program Files\Norton\Suite\ashShell.dll [2025-10-10] (Gen Digital Inc. -> Gen Digital Inc.)
ContextMenuHandlers3: [MBAMShlExt] -> {57CE581A-0CB6-4266-9CA0-19364C90A0B3} => C:\Program Files\Malwarebytes\Anti-Malware\mbshlext.dll [2025-10-25] (Malwarebytes Inc -> Malwarebytes)
ContextMenuHandlers4: [ FileSyncEx] -> {CB3D0F55-BC2C-4C1A-85ED-23ED75B5106B} => C:\Program Files\Microsoft OneDrive\25.189.0928.0002\FileSyncShell64.dll [2025-10-24] (Microsoft Corporation -> Microsoft Corporation)
ContextMenuHandlers5: [ FileSyncEx] -> {CB3D0F55-BC2C-4C1A-85ED-23ED75B5106B} => C:\Program Files\Microsoft OneDrive\25.189.0928.0002\FileSyncShell64.dll [2025-10-24] (Microsoft Corporation -> Microsoft Corporation)
ContextMenuHandlers5: [igfxcui] -> {3AB1675A-CCFF-11D2-8B20-00A0C93CB1F4} => C:\Windows\system32\igfxpph.dll [2017-03-09] (Microsoft Windows Hardware Compatibility Publisher -> Intel Corporation)
ContextMenuHandlers5: [NvCplDesktopContext] -> {3D1975AF-48C6-4f8e-A182-BE0E08FA86A9} => C:\Windows\system32\nvshext.dll [2016-12-29] (NVIDIA Corporation -> NVIDIA Corporation)
ContextMenuHandlers6: [2.0 Zemana AntiMalware] -> {6ABB1C11-E261-4CEA-BBB5-3836225689DD} => C:\Program Files (x86)\Zemana\AntiMalware\AM_ShellExt64.dll [2021-03-30] (Zemana D.O.O. Sarajevo -> Advanced Malware Protection. Copyright 2019.)
ContextMenuHandlers6: [MBAMShlExt] -> {57CE581A-0CB6-4266-9CA0-19364C90A0B3} => C:\Program Files\Malwarebytes\Anti-Malware\mbshlext.dll [2025-10-25] (Malwarebytes Inc -> Malwarebytes)
ContextMenuHandlers6: [norton] -> {472083B2-C522-11CF-8763-00608CC02F24} => C:\Program Files\Norton\Suite\ashShell.dll [2025-10-10] (Gen Digital Inc. -> Gen Digital Inc.)
ContextMenuHandlers6: [WinRAR] -> {B41DB860-64E4-11D2-9906-E49FADC173CA} => C:\Program Files\WinRAR\rarext.dll [2024-05-12] (win.rar GmbH -> Alexander Roshal)
ContextMenuHandlers6-x32: [WinRAR32] -> {B41DB860-8EE4-11D2-9906-E49FADC173CA} => C:\Program Files\WinRAR\rarext32.dll [2024-05-12] (win.rar GmbH -> Alexander Roshal)
==================== Codecs (Whitelisted) ====================
==================== Shortcuts & WMI ========================
==================== Loaded Modules (Whitelisted) =============
2025-01-18 00:27 - 2025-01-18 00:27 - 000000000 ___JL (Microsoft Corporation) [symlink -> C:\Program Files\Common Files\Microsoft Shared\ClickToRun\AppvIsvSubsystems64.dll] C:\Program Files\Microsoft Office\Root\Office16\AppVIsvSubsystems64.dll
2025-01-18 00:27 - 2025-01-18 00:27 - 000000000 ___JL (Microsoft Corporation) [symlink -> C:\Program Files\Common Files\Microsoft Shared\ClickToRun\C2R64.dll] C:\Program Files\Microsoft Office\Root\Office16\c2r64.dll
==================== Alternate Data Streams (Whitelisted) ========
==================== Safe Mode (Whitelisted) ==================
(If an entry is included in the fixlist, it will be removed from the registry. The "AlternateShell" will be restored.)
HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\amsdk.sys => ""="Driver"
HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\MBAMService => ""="Service"
HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\nllSP.sys => ""="Driver"
HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Network\amsdk.sys => ""="Driver"
HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Network\MBAMService => ""="Service"
HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Network\nllSP.sys => ""="Driver"
==================== Association (Whitelisted) =================
==================== Internet Explorer (Whitelisted) =============
BHO-x32: Skype for Business Browser Helper -> {31D09BA0-12F5-4CCE-BE8A-2923E76605DA} -> C:\Program Files\Microsoft Office\root\VFS\ProgramFilesX86\Microsoft Office\Office16\OCHelper.dll [2025-10-10] (Microsoft Corporation -> Microsoft Corporation)
Handler: mso-minsb-roaming.16 - {83C25742-A9F7-49FB-9138-434302C88D07} - C:\Program Files\Microsoft Office\root\Office16\MSOSB.DLL [2025-10-10] (Microsoft Corporation -> Microsoft Corporation)
Handler-x32: mso-minsb-roaming.16 - {83C25742-A9F7-49FB-9138-434302C88D07} - C:\Program Files\Microsoft Office\root\VFS\ProgramFilesX86\Microsoft Office\Office16\MSOSB.DLL [2025-10-10] (Microsoft Corporation -> Microsoft Corporation)
Handler: mso-minsb.16 - {42089D2D-912D-4018-9087-2B87803E93FB} - C:\Program Files\Microsoft Office\root\Office16\MSOSB.DLL [2025-10-10] (Microsoft Corporation -> Microsoft Corporation)
Handler-x32: mso-minsb.16 - {42089D2D-912D-4018-9087-2B87803E93FB} - C:\Program Files\Microsoft Office\root\VFS\ProgramFilesX86\Microsoft Office\Office16\MSOSB.DLL [2025-10-10] (Microsoft Corporation -> Microsoft Corporation)
Handler: osf-roaming.16 - {42089D2D-912D-4018-9087-2B87803E93FB} - C:\Program Files\Microsoft Office\root\Office16\MSOSB.DLL [2025-10-10] (Microsoft Corporation -> Microsoft Corporation)
Handler-x32: osf-roaming.16 - {42089D2D-912D-4018-9087-2B87803E93FB} - C:\Program Files\Microsoft Office\root\VFS\ProgramFilesX86\Microsoft Office\Office16\MSOSB.DLL [2025-10-10] (Microsoft Corporation -> Microsoft Corporation)
Handler: osf.16 - {5504BE45-A83B-4808-900A-3A5C36E7F77A} - C:\Program Files\Microsoft Office\root\Office16\MSOSB.DLL [2025-10-10] (Microsoft Corporation -> Microsoft Corporation)
Handler-x32: osf.16 - {5504BE45-A83B-4808-900A-3A5C36E7F77A} - C:\Program Files\Microsoft Office\root\VFS\ProgramFilesX86\Microsoft Office\Office16\MSOSB.DLL [2025-10-10] (Microsoft Corporation -> Microsoft Corporation)
==================== Hosts content: =========================
(If needed Hosts: directive could be included in the fixlist to reset Hosts.)
2019-12-07 11:14 - 2025-10-25 03:57 - 000000841 _____ C:\Windows\system32\drivers\etc\hosts
127.0.0.1 localhost
==================== Network ===========================
(Currently there is no automatic fix for this section.)
DNS Servers: 192.168.0.1
Windows Firewall is enabled.
Network Binding:
=============
Wi-Fi: Intel(R) Centrino(R) Wireless-N 2230 -> NETwew01.sys
Ethernet: Realtek PCIe FE Family Controller -> rt640x64.sys
Norton VPN: Norton VPN Wintun Adapter -> nllWintun.sys
==================== Other Areas ===========================
(Currently there is no automatic fix for this section.)
HKU\S-1-5-21-2554113077-2074626399-474842529-1001\Control Panel\Desktop\\Wallpaper -> c:\users\petrb\desktop\p\hlavní\1. p\ostatní\22b wallpaper.jpg
HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Policies\System => (ConsentPromptBehaviorAdmin: 5) (ConsentPromptBehaviorUser: 3) (EnableLUA: 1)
HKLM\SOFTWARE\Microsoft\Windows Defender\Features => (TamperProtection: 1) (TamperProtectionSource: 5)
HKLM\SOFTWARE\Microsoft\Windows Defender\Real-Time Protection => (DpaDisabled: 0)
==================== MSCONFIG/TASK MANAGER disabled items ==
(If an entry is included in the fixlist, it will be removed.)
HKLM\...\StartupApproved\Run: => "ETDCtrl"
HKU\S-1-5-21-2554113077-2074626399-474842529-1001\...\StartupApproved\StartupFolder: => "Poslat do aplikace OneNote.lnk"
HKU\S-1-5-21-2554113077-2074626399-474842529-1001\...\StartupApproved\Run: => "OneDrive"
HKU\S-1-5-21-2554113077-2074626399-474842529-1001\...\StartupApproved\Run: => "MicrosoftEdgeAutoLaunch_3FDE30BECFD206D53F96F7A16F63A897"
HKU\S-1-5-21-2554113077-2074626399-474842529-1001\...\StartupApproved\Run: => "CCleaner Smart Cleaning"
==================== FirewallRules (Whitelisted) ================
(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)
FirewallRules: [{AC58C336-E486-4D3D-8AE9-18A5134F1989}] => (Allow) C:\Program Files\Norton\Suite\NortonUI.exe (Gen Digital Inc. -> Gen Digital Inc.)
FirewallRules: [{7467CF0E-DB9C-45A0-92F0-5DF85AEF31CB}] => (Allow) C:\Program Files\Norton\Suite\NortonUI.exe (Gen Digital Inc. -> Gen Digital Inc.)
FirewallRules: [{1481F7AF-00B9-4B43-9E76-08F53562E513}] => (Allow) C:\Program Files\Microsoft Office\root\Office16\outlook.exe (Microsoft Corporation -> Microsoft Corporation)
FirewallRules: [{F4AC1B4E-8604-4FBF-8E61-050C50CE3A9A}] => (Allow) C:\Program Files\BraveSoftware\Brave-Browser\Application\brave.exe (Brave Software, Inc. -> Brave Software, Inc.)
==================== Restore Points =========================
10-10-2025 14:09:07 Naplánovaný kontrolní bod
17-10-2025 13:57:28 Instalační služba modulů systému Windows
24-10-2025 22:04:45 Instalační služba modulů systému Windows
24-10-2025 22:09:16 Instalační služba modulů systému Windows
25-10-2025 03:23:49 JRT Pre-Junkware Removal
25-10-2025 03:56:22 zoek.exe restore point
==================== Faulty Device Manager Devices ============
Name: Řadič jednoduché komunikace pro sběrnici PCI
Description: Řadič jednoduché komunikace pro sběrnici PCI
Class Guid:
Manufacturer:
Service:
Problem: : The drivers for this device are not installed. (Code 28)
Resolution: To install the drivers for this device, click "Update Driver", which starts the Hardware Update wizard.
Name:
Description:
Class Guid:
Manufacturer:
Service:
Problem: : The drivers for this device are not installed. (Code 28)
Resolution: To install the drivers for this device, click "Update Driver", which starts the Hardware Update wizard.
Name:
Description:
Class Guid:
Manufacturer:
Service:
Problem: : The drivers for this device are not installed. (Code 28)
Resolution: To install the drivers for this device, click "Update Driver", which starts the Hardware Update wizard.
Name: USB2.0-CRW
Description: USB2.0-CRW
Class Guid:
Manufacturer:
Service:
Problem: : The drivers for this device are not installed. (Code 28)
Resolution: To install the drivers for this device, click "Update Driver", which starts the Hardware Update wizard.
==================== Event log errors: ========================
Application errors:
==================
Error: (10/25/2025 02:08:42 AM) (Source: .NET Runtime) (EventID: 1022) (User: )
Description: .NET Runtime version 4.0.30319.0 - Došlo k chybě při inicializaci infrastruktury připojení profilovacího rozhraní API. Tento proces neumožní připojení profileru. HRESULT: 0x80004005. ID procesu (desítkově): 7880. ID zprávy: [0x2509].
Error: (10/24/2025 10:08:53 PM) (Source: .NET Runtime) (EventID: 1022) (User: )
Description: .NET Runtime version 4.0.30319.0 - Došlo k chybě při inicializaci infrastruktury připojení profilovacího rozhraní API. Tento proces neumožní připojení profileru. HRESULT: 0x80004005. ID procesu (desítkově): 15192. ID zprávy: [0x2509].
Error: (10/24/2025 10:06:50 PM) (Source: .NET Runtime) (EventID: 1022) (User: )
Description: .NET Runtime version 4.0.30319.0 - Došlo k chybě při inicializaci infrastruktury připojení profilovacího rozhraní API. Tento proces neumožní připojení profileru. HRESULT: 0x80004005. ID procesu (desítkově): 14460. ID zprávy: [0x2509].
Error: (10/24/2025 10:06:14 PM) (Source: .NET Runtime) (EventID: 1022) (User: )
Description: .NET Runtime version 4.0.30319.0 - Došlo k chybě při inicializaci infrastruktury připojení profilovacího rozhraní API. Tento proces neumožní připojení profileru. HRESULT: 0x80004005. ID procesu (desítkově): 9080. ID zprávy: [0x2509].
Error: (10/10/2025 11:00:33 PM) (Source: .NET Runtime) (EventID: 1022) (User: )
Description: .NET Runtime version 4.0.30319.0 - Došlo k chybě při inicializaci infrastruktury připojení profilovacího rozhraní API. Tento proces neumožní připojení profileru. HRESULT: 0x80004005. ID procesu (desítkově): 9676. ID zprávy: [0x2509].
Error: (10/10/2025 07:13:36 PM) (Source: .NET Runtime) (EventID: 1022) (User: )
Description: .NET Runtime version 4.0.30319.0 - Došlo k chybě při inicializaci infrastruktury připojení profilovacího rozhraní API. Tento proces neumožní připojení profileru. HRESULT: 0x80004005. ID procesu (desítkově): 7260. ID zprávy: [0x2509].
Error: (10/10/2025 05:46:50 PM) (Source: .NET Runtime) (EventID: 1022) (User: )
Description: .NET Runtime version 4.0.30319.0 - Došlo k chybě při inicializaci infrastruktury připojení profilovacího rozhraní API. Tento proces neumožní připojení profileru. HRESULT: 0x80004005. ID procesu (desítkově): 2512. ID zprávy: [0x2509].
Error: (10/10/2025 05:28:57 PM) (Source: .NET Runtime) (EventID: 1022) (User: )
Description: .NET Runtime version 4.0.30319.0 - Došlo k chybě při inicializaci infrastruktury připojení profilovacího rozhraní API. Tento proces neumožní připojení profileru. HRESULT: 0x80004005. ID procesu (desítkově): 5624. ID zprávy: [0x2509].
System errors:
=============
Error: (10/25/2025 04:41:14 AM) (Source: Microsoft-Windows-TPM-WMI) (EventID: 1801) (User: NT AUTHORITY)
Description: Secure Boot CA/keys need to be updated. This device signature information is included here.
DeviceAttributes: FirmwareVersion:71CN42WW(V1.16);OEMManufacturerName:LENOVO;OEMModelSKU:LENOVO_MT_20202;OSArchitecture:amd64;
BucketId: d82e8e47bd1bab1476f4523d26c71cc3b45d091a5ddb0a4204bca88815aad7bf
BucketConfidenceLevel:
UpdateType: 0
HResult: 0
Error: (10/25/2025 04:35:45 AM) (Source: Service Control Manager) (EventID: 7043) (User: )
Description: Služba nllbIDSAgent se po přijetí pokynu pro vypnutí neukončila správně.
Error: (10/25/2025 04:28:54 AM) (Source: Service Control Manager) (EventID: 7030) (User: )
Description: Služba PEVSystemStart je označena jako interaktivní služba. Avšak systém je nakonfigurován tak, že neumožňuje použití interaktivní služby. Tato služba nebude fungovat správně.
Error: (10/25/2025 04:28:53 AM) (Source: Service Control Manager) (EventID: 7030) (User: )
Description: Služba PEVSystemStart je označena jako interaktivní služba. Avšak systém je nakonfigurován tak, že neumožňuje použití interaktivní služby. Tato služba nebude fungovat správně.
Error: (10/25/2025 04:28:53 AM) (Source: Service Control Manager) (EventID: 7030) (User: )
Description: Služba PEVSystemStart je označena jako interaktivní služba. Avšak systém je nakonfigurován tak, že neumožňuje použití interaktivní služby. Tato služba nebude fungovat správně.
Error: (10/25/2025 04:28:53 AM) (Source: Service Control Manager) (EventID: 7030) (User: )
Description: Služba PEVSystemStart je označena jako interaktivní služba. Avšak systém je nakonfigurován tak, že neumožňuje použití interaktivní služby. Tato služba nebude fungovat správně.
Error: (10/25/2025 04:28:52 AM) (Source: Service Control Manager) (EventID: 7030) (User: )
Description: Služba PEVSystemStart je označena jako interaktivní služba. Avšak systém je nakonfigurován tak, že neumožňuje použití interaktivní služby. Tato služba nebude fungovat správně.
Error: (10/25/2025 03:57:44 AM) (Source: Microsoft-Windows-DNS-Client) (EventID: 1012) (User: NT AUTHORITY)
Description: Při pokusu o načtení souboru místních hostitelů došlo k chybě.
CodeIntegrity:
===============
Date: 2025-07-16 21:05:10
Description:
Code Integrity determined that a process (\Device\HarddiskVolume3\ProgramData\Microsoft\Windows Defender\Platform\4.18.24090.11-0\MpCmdRun.exe) attempted to load \Device\HarddiskVolume3\Program Files\Malwarebytes\Anti-Malware\mbamsi64.dll that did not meet the Microsoft signing level requirements.
Date: 2025-07-16 21:05:09
Description:
Code Integrity determined that a process (\Device\HarddiskVolume3\Windows\System32\svchost.exe) attempted to load \Device\HarddiskVolume3\Program Files\Malwarebytes\Anti-Malware\mbamsi64.dll that did not meet the Windows signing level requirements.
==================== Memory info ===========================
BIOS: LENOVO 71CN42WW(V1.16) 03/14/2013
Motherboard: LENOVO INVALID
Processor: Intel(R) Core(TM) i3-2348M CPU @ 2.30GHz
Percentage of memory in use: 68%
Total physical RAM: 3949.52 MB
Available physical RAM: 1225.53 MB
Total Virtual: 5677.52 MB
Available Virtual: 2818.42 MB
==================== Drives ================================
Drive c: () (Fixed) (Total:465.11 GB) (Free:392.07 GB) (Model: CT500MX500SSD1) NTFS
\\?\Volume{15c1c086-1381-4744-8757-ca160131d94c}\ () (Fixed) (Total:0.53 GB) (Free:0.08 GB) NTFS
\\?\Volume{e6174bfd-f7f2-4c81-ad82-ef9f268ad350}\ () (Fixed) (Total:0.09 GB) (Free:0.07 GB) FAT32
==================== MBR & Partition Table ====================
==========================================================
Disk: 0 (Size: 465.8 GB) (Disk ID: 3BB1537F)
Partition: GPT.
==================== End of Addition.txt =======================
Ran by petrb (25-10-2025 23:48:47)
Running from C:\Users\petrb\Desktop
Microsoft Windows 10 Pro Version 22H2 19045.6456 (X64) (2025-01-17 21:41:34)
Boot Mode: Normal
==========================================================
==================== Accounts: =============================
(If an entry is included in the fixlist, it will be removed.)
Administrator (S-1-5-21-2554113077-2074626399-474842529-500 - Administrator - Disabled)
DefaultAccount (S-1-5-21-2554113077-2074626399-474842529-503 - Limited - Disabled)
Guest (S-1-5-21-2554113077-2074626399-474842529-501 - Limited - Disabled)
petrb (S-1-5-21-2554113077-2074626399-474842529-1001 - Administrator - Enabled) => C:\Users\petrb
WDAGUtilityAccount (S-1-5-21-2554113077-2074626399-474842529-504 - Limited - Disabled)
==================== Security Center ========================
(If an entry is included in the fixlist, it will be removed.)
AV: Norton 360 (Enabled - Up to date) {343E1860-FD6F-AB8D-96E4-A5006AA98D2C}
AV: Windows Defender (Disabled - Up to date) {D68DDC3A-831F-4fae-9E44-DA132C1ACF46}
FW: Norton 360 (Enabled) {0C059945-B700-AAD5-BDBB-0C35947ACA57}
==================== Installed Programs ======================
(Only the adware programs with "Hidden" flag could be added to the fixlist to unhide them. The adware programs should be uninstalled manually.)
Adlice Protect version 16.4.1.0 (HKLM\...\8B3D7924-ED89-486B-8322-E8594065D5CB_is1) (Version: 16.4.1.0 - Adlice Software)
Adobe Acrobat (64-bit) (HKLM\...\{AC76BA86-1029-1033-7760-BC15014EA700}) (Version: 25.001.20813 - Adobe)
Adobe Refresh Manager (HKLM-x32\...\{AC76BA86-0804-1033-1959-018244601120}) (Version: 1.8.0 - Adobe Systems Incorporated) Hidden
Brave (HKLM-x32\...\BraveSoftware Brave-Browser) (Version: 141.1.83.120 - Autoři prohlížeče Brave)
CCleaner (HKLM\...\CCleaner) (Version: 6.38 - Piriform)
ELAN Touchpad 11.15.0.18_X64 (HKLM\...\Elantech) (Version: 11.15.0.18 - ELAN Microelectronic Corp.)
Malwarebytes version 5.4.2.217 (HKLM\...\{35065F43-4BB2-439A-BFF7-0F1014F2E0CD}_is1) (Version: 5.4.2.217 - Malwarebytes)
Microsoft Edge (HKLM-x32\...\{9ABA4408-FB9C-3BA1-87D2-C10432A44A67}) (Version: 141.0.3537.99 - Microsoft Corporation)
Microsoft Edge WebView2 Runtime (HKLM-x32\...\Microsoft EdgeWebView) (Version: 141.0.3537.99 - Microsoft Corporation) Hidden
Microsoft Office Professional Plus 2021 - cs-cz (HKLM\...\ProPlus2021Retail - cs-cz) (Version: 16.0.19231.20194 - Microsoft Corporation)
Microsoft OneDrive (HKLM\...\OneDriveSetup.exe) (Version: 25.189.0928.0002 - Microsoft Corporation)
Microsoft Update Health Tools (HKLM\...\{1FC1A6C2-576E-489A-9B4A-92D21F542136}) (Version: 3.74.0.0 - Microsoft Corporation)
Norton 360 (HKLM\...\Norton 360) (Version: 25.9.10453.1989 - Gen Digital Inc.)
NVIDIA Ovladače grafiky 376.54 (HKLM\...\{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_Display.Driver) (Version: 376.54 - NVIDIA Corporation)
Office 16 Click-to-Run Extensibility Component (HKLM\...\{90160000-008C-0000-1000-0000000FF1CE}) (Version: 16.0.19231.20194 - Microsoft Corporation) Hidden
Office 16 Click-to-Run Licensing Component (HKLM\...\{90160000-007E-0000-1000-0000000FF1CE}) (Version: 16.0.19029.20208 - Microsoft Corporation) Hidden
Roblox Player for petrb (HKU\S-1-5-21-2554113077-2074626399-474842529-1001\...\roblox-player) (Version: - Roblox Corporation)
Update for x64-based Windows Systems (KB5001716) (HKLM\...\{B8D93870-98D1-4980-AFCA-E26563CDFB79}) (Version: 8.94.0.0 - Microsoft Corporation)
VLC media player (HKLM\...\VLC media player) (Version: 3.0.21 - VideoLAN)
Vulkan Run Time Libraries 1.0.26.0 (HKLM\...\VulkanRT1.0.26.0) (Version: 1.0.26.0 - LunarG, Inc.)
WinRAR 7.01 (64-bit) (HKLM\...\WinRAR archiver) (Version: 7.01.0 - win.rar GmbH)
Zemana AntiMalware verze 3.2.28 (HKLM-x32\...\{4E1F3677-C72E-4F7D-B66E-85467B1A289E}_is1) (Version: 3.2.28 - Zemana)
Packages:
=========
Local Artificial Intelligence Manager -> C:\Program Files\Microsoft Office\root\vfs\ProgramFilesCommonx64\Microsoft Shared\Office16\AI [2025-10-17] ()
Microsoft.Office.ActionsServer -> C:\Program Files\Microsoft Office\root\vfs\ProgramFilesCommonx64\Microsoft Shared\Office16\ActionsServer [2025-10-17] ()
OfficePushNotificationsUtility -> C:\Program Files\Microsoft Office\root\vfs\ProgramFilesCommonx64\Microsoft Shared\Office16 [2025-10-17] ()
==================== Custom CLSID (Whitelisted): ==============
(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)
CustomCLSID: HKU\S-1-5-21-2554113077-2074626399-474842529-1001_Classes\CLSID\{38142727-3008-9161-1521-349515000000}\localserver32 -> C:\Program Files\Adobe\Acrobat DC\Acrobat\ADNotificationManager.exe (Adobe Inc. -> Adobe)
ShellIconOverlayIdentifiers: [ OneDrive1] -> {BBACC218-34EA-4666-9D7A-C78F2274A524} => C:\Program Files\Microsoft OneDrive\25.189.0928.0002\FileSyncShell64.dll [2025-10-24] (Microsoft Corporation -> Microsoft Corporation)
ShellIconOverlayIdentifiers: [ OneDrive2] -> {5AB7172C-9C11-405C-8DD5-AF20F3606282} => C:\Program Files\Microsoft OneDrive\25.189.0928.0002\FileSyncShell64.dll [2025-10-24] (Microsoft Corporation -> Microsoft Corporation)
ShellIconOverlayIdentifiers: [ OneDrive3] -> {A78ED123-AB77-406B-9962-2A5D9D2F7F30} => C:\Program Files\Microsoft OneDrive\25.189.0928.0002\FileSyncShell64.dll [2025-10-24] (Microsoft Corporation -> Microsoft Corporation)
ShellIconOverlayIdentifiers: [ OneDrive4] -> {F241C880-6982-4CE5-8CF7-7085BA96DA5A} => C:\Program Files\Microsoft OneDrive\25.189.0928.0002\FileSyncShell64.dll [2025-10-24] (Microsoft Corporation -> Microsoft Corporation)
ShellIconOverlayIdentifiers: [ OneDrive5] -> {A0396A93-DC06-4AEF-BEE9-95FFCCAEF20E} => C:\Program Files\Microsoft OneDrive\25.189.0928.0002\FileSyncShell64.dll [2025-10-24] (Microsoft Corporation -> Microsoft Corporation)
ShellIconOverlayIdentifiers: [ OneDrive6] -> {9AA2F32D-362A-42D9-9328-24A483E2CCC3} => C:\Program Files\Microsoft OneDrive\25.189.0928.0002\FileSyncShell64.dll [2025-10-24] (Microsoft Corporation -> Microsoft Corporation)
ShellIconOverlayIdentifiers: [ OneDrive7] -> {C5FF006E-2AE9-408C-B85B-2DFDD5449D9C} => C:\Program Files\Microsoft OneDrive\25.189.0928.0002\FileSyncShell64.dll [2025-10-24] (Microsoft Corporation -> Microsoft Corporation)
ShellIconOverlayIdentifiers: [001BUOverlayProtected] -> {9C11454A-4B5C-4586-B0BB-E51BB6033668} => C:\Program Files\Norton\Suite\ashShell.dll [2025-10-10] (Gen Digital Inc. -> Gen Digital Inc.)
ShellIconOverlayIdentifiers: [002BUOverlayPending] -> {5A4597A9-CC87-4ED2-A7E5-3BC62CF54901} => C:\Program Files\Norton\Suite\ashShell.dll [2025-10-10] (Gen Digital Inc. -> Gen Digital Inc.)
ShellIconOverlayIdentifiers: [003BUOverlayExcluded] -> {42DE06EE-09E4-4808-A8AA-F63B1D3F6CE5} => C:\Program Files\Norton\Suite\ashShell.dll [2025-10-10] (Gen Digital Inc. -> Gen Digital Inc.)
ShellIconOverlayIdentifiers: [00nll] -> {472083B2-C522-11CF-8763-00608CC02F24} => C:\Program Files\Norton\Suite\ashShell.dll [2025-10-10] (Gen Digital Inc. -> Gen Digital Inc.)
ShellIconOverlayIdentifiers-x32: [ OneDrive1] -> {BBACC218-34EA-4666-9D7A-C78F2274A524} => C:\Program Files\Microsoft OneDrive\25.189.0928.0002\FileSyncShell64.dll [2025-10-24] (Microsoft Corporation -> Microsoft Corporation)
ShellIconOverlayIdentifiers-x32: [ OneDrive2] -> {5AB7172C-9C11-405C-8DD5-AF20F3606282} => C:\Program Files\Microsoft OneDrive\25.189.0928.0002\FileSyncShell64.dll [2025-10-24] (Microsoft Corporation -> Microsoft Corporation)
ShellIconOverlayIdentifiers-x32: [ OneDrive3] -> {A78ED123-AB77-406B-9962-2A5D9D2F7F30} => C:\Program Files\Microsoft OneDrive\25.189.0928.0002\FileSyncShell64.dll [2025-10-24] (Microsoft Corporation -> Microsoft Corporation)
ShellIconOverlayIdentifiers-x32: [ OneDrive4] -> {F241C880-6982-4CE5-8CF7-7085BA96DA5A} => C:\Program Files\Microsoft OneDrive\25.189.0928.0002\FileSyncShell64.dll [2025-10-24] (Microsoft Corporation -> Microsoft Corporation)
ShellIconOverlayIdentifiers-x32: [ OneDrive5] -> {A0396A93-DC06-4AEF-BEE9-95FFCCAEF20E} => C:\Program Files\Microsoft OneDrive\25.189.0928.0002\FileSyncShell64.dll [2025-10-24] (Microsoft Corporation -> Microsoft Corporation)
ShellIconOverlayIdentifiers-x32: [ OneDrive6] -> {9AA2F32D-362A-42D9-9328-24A483E2CCC3} => C:\Program Files\Microsoft OneDrive\25.189.0928.0002\FileSyncShell64.dll [2025-10-24] (Microsoft Corporation -> Microsoft Corporation)
ShellIconOverlayIdentifiers-x32: [ OneDrive7] -> {C5FF006E-2AE9-408C-B85B-2DFDD5449D9C} => C:\Program Files\Microsoft OneDrive\25.189.0928.0002\FileSyncShell64.dll [2025-10-24] (Microsoft Corporation -> Microsoft Corporation)
ShellIconOverlayIdentifiers-x32: [00nll] -> {472083B2-C522-11CF-8763-00608CC02F24} => C:\Program Files\Norton\Suite\ashShell.dll [2025-10-10] (Gen Digital Inc. -> Gen Digital Inc.)
ContextMenuHandlers1: [ FileSyncEx] -> {CB3D0F55-BC2C-4C1A-85ED-23ED75B5106B} => C:\Program Files\Microsoft OneDrive\25.189.0928.0002\FileSyncShell64.dll [2025-10-24] (Microsoft Corporation -> Microsoft Corporation)
ContextMenuHandlers1: [2.0 Zemana AntiMalware] -> {6ABB1C11-E261-4CEA-BBB5-3836225689DD} => C:\Program Files (x86)\Zemana\AntiMalware\AM_ShellExt64.dll [2021-03-30] (Zemana D.O.O. Sarajevo -> Advanced Malware Protection. Copyright 2019.)
ContextMenuHandlers1: [Adobe.Acrobat.ContextMenu] -> {A6595CD1-BF77-430A-A452-18696685F7C7} => C:\Program Files\Adobe\Acrobat DC\Acrobat Elements\ContextMenuShim64.dll [2025-09-08] (Adobe Inc. -> Adobe Systems Inc.)
ContextMenuHandlers1: [norton] -> {472083B2-C522-11CF-8763-00608CC02F24} => C:\Program Files\Norton\Suite\ashShell.dll [2025-10-10] (Gen Digital Inc. -> Gen Digital Inc.)
ContextMenuHandlers1: [WinRAR] -> {B41DB860-64E4-11D2-9906-E49FADC173CA} => C:\Program Files\WinRAR\rarext.dll [2024-05-12] (win.rar GmbH -> Alexander Roshal)
ContextMenuHandlers1-x32: [WinRAR32] -> {B41DB860-8EE4-11D2-9906-E49FADC173CA} => C:\Program Files\WinRAR\rarext32.dll [2024-05-12] (win.rar GmbH -> Alexander Roshal)
ContextMenuHandlers3: [00nll] -> {472083B2-C522-11CF-8763-00608CC02F24} => C:\Program Files\Norton\Suite\ashShell.dll [2025-10-10] (Gen Digital Inc. -> Gen Digital Inc.)
ContextMenuHandlers3: [MBAMShlExt] -> {57CE581A-0CB6-4266-9CA0-19364C90A0B3} => C:\Program Files\Malwarebytes\Anti-Malware\mbshlext.dll [2025-10-25] (Malwarebytes Inc -> Malwarebytes)
ContextMenuHandlers4: [ FileSyncEx] -> {CB3D0F55-BC2C-4C1A-85ED-23ED75B5106B} => C:\Program Files\Microsoft OneDrive\25.189.0928.0002\FileSyncShell64.dll [2025-10-24] (Microsoft Corporation -> Microsoft Corporation)
ContextMenuHandlers5: [ FileSyncEx] -> {CB3D0F55-BC2C-4C1A-85ED-23ED75B5106B} => C:\Program Files\Microsoft OneDrive\25.189.0928.0002\FileSyncShell64.dll [2025-10-24] (Microsoft Corporation -> Microsoft Corporation)
ContextMenuHandlers5: [igfxcui] -> {3AB1675A-CCFF-11D2-8B20-00A0C93CB1F4} => C:\Windows\system32\igfxpph.dll [2017-03-09] (Microsoft Windows Hardware Compatibility Publisher -> Intel Corporation)
ContextMenuHandlers5: [NvCplDesktopContext] -> {3D1975AF-48C6-4f8e-A182-BE0E08FA86A9} => C:\Windows\system32\nvshext.dll [2016-12-29] (NVIDIA Corporation -> NVIDIA Corporation)
ContextMenuHandlers6: [2.0 Zemana AntiMalware] -> {6ABB1C11-E261-4CEA-BBB5-3836225689DD} => C:\Program Files (x86)\Zemana\AntiMalware\AM_ShellExt64.dll [2021-03-30] (Zemana D.O.O. Sarajevo -> Advanced Malware Protection. Copyright 2019.)
ContextMenuHandlers6: [MBAMShlExt] -> {57CE581A-0CB6-4266-9CA0-19364C90A0B3} => C:\Program Files\Malwarebytes\Anti-Malware\mbshlext.dll [2025-10-25] (Malwarebytes Inc -> Malwarebytes)
ContextMenuHandlers6: [norton] -> {472083B2-C522-11CF-8763-00608CC02F24} => C:\Program Files\Norton\Suite\ashShell.dll [2025-10-10] (Gen Digital Inc. -> Gen Digital Inc.)
ContextMenuHandlers6: [WinRAR] -> {B41DB860-64E4-11D2-9906-E49FADC173CA} => C:\Program Files\WinRAR\rarext.dll [2024-05-12] (win.rar GmbH -> Alexander Roshal)
ContextMenuHandlers6-x32: [WinRAR32] -> {B41DB860-8EE4-11D2-9906-E49FADC173CA} => C:\Program Files\WinRAR\rarext32.dll [2024-05-12] (win.rar GmbH -> Alexander Roshal)
==================== Codecs (Whitelisted) ====================
==================== Shortcuts & WMI ========================
==================== Loaded Modules (Whitelisted) =============
2025-01-18 00:27 - 2025-01-18 00:27 - 000000000 ___JL (Microsoft Corporation) [symlink -> C:\Program Files\Common Files\Microsoft Shared\ClickToRun\AppvIsvSubsystems64.dll] C:\Program Files\Microsoft Office\Root\Office16\AppVIsvSubsystems64.dll
2025-01-18 00:27 - 2025-01-18 00:27 - 000000000 ___JL (Microsoft Corporation) [symlink -> C:\Program Files\Common Files\Microsoft Shared\ClickToRun\C2R64.dll] C:\Program Files\Microsoft Office\Root\Office16\c2r64.dll
==================== Alternate Data Streams (Whitelisted) ========
==================== Safe Mode (Whitelisted) ==================
(If an entry is included in the fixlist, it will be removed from the registry. The "AlternateShell" will be restored.)
HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\amsdk.sys => ""="Driver"
HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\MBAMService => ""="Service"
HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\nllSP.sys => ""="Driver"
HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Network\amsdk.sys => ""="Driver"
HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Network\MBAMService => ""="Service"
HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Network\nllSP.sys => ""="Driver"
==================== Association (Whitelisted) =================
==================== Internet Explorer (Whitelisted) =============
BHO-x32: Skype for Business Browser Helper -> {31D09BA0-12F5-4CCE-BE8A-2923E76605DA} -> C:\Program Files\Microsoft Office\root\VFS\ProgramFilesX86\Microsoft Office\Office16\OCHelper.dll [2025-10-10] (Microsoft Corporation -> Microsoft Corporation)
Handler: mso-minsb-roaming.16 - {83C25742-A9F7-49FB-9138-434302C88D07} - C:\Program Files\Microsoft Office\root\Office16\MSOSB.DLL [2025-10-10] (Microsoft Corporation -> Microsoft Corporation)
Handler-x32: mso-minsb-roaming.16 - {83C25742-A9F7-49FB-9138-434302C88D07} - C:\Program Files\Microsoft Office\root\VFS\ProgramFilesX86\Microsoft Office\Office16\MSOSB.DLL [2025-10-10] (Microsoft Corporation -> Microsoft Corporation)
Handler: mso-minsb.16 - {42089D2D-912D-4018-9087-2B87803E93FB} - C:\Program Files\Microsoft Office\root\Office16\MSOSB.DLL [2025-10-10] (Microsoft Corporation -> Microsoft Corporation)
Handler-x32: mso-minsb.16 - {42089D2D-912D-4018-9087-2B87803E93FB} - C:\Program Files\Microsoft Office\root\VFS\ProgramFilesX86\Microsoft Office\Office16\MSOSB.DLL [2025-10-10] (Microsoft Corporation -> Microsoft Corporation)
Handler: osf-roaming.16 - {42089D2D-912D-4018-9087-2B87803E93FB} - C:\Program Files\Microsoft Office\root\Office16\MSOSB.DLL [2025-10-10] (Microsoft Corporation -> Microsoft Corporation)
Handler-x32: osf-roaming.16 - {42089D2D-912D-4018-9087-2B87803E93FB} - C:\Program Files\Microsoft Office\root\VFS\ProgramFilesX86\Microsoft Office\Office16\MSOSB.DLL [2025-10-10] (Microsoft Corporation -> Microsoft Corporation)
Handler: osf.16 - {5504BE45-A83B-4808-900A-3A5C36E7F77A} - C:\Program Files\Microsoft Office\root\Office16\MSOSB.DLL [2025-10-10] (Microsoft Corporation -> Microsoft Corporation)
Handler-x32: osf.16 - {5504BE45-A83B-4808-900A-3A5C36E7F77A} - C:\Program Files\Microsoft Office\root\VFS\ProgramFilesX86\Microsoft Office\Office16\MSOSB.DLL [2025-10-10] (Microsoft Corporation -> Microsoft Corporation)
==================== Hosts content: =========================
(If needed Hosts: directive could be included in the fixlist to reset Hosts.)
2019-12-07 11:14 - 2025-10-25 03:57 - 000000841 _____ C:\Windows\system32\drivers\etc\hosts
127.0.0.1 localhost
==================== Network ===========================
(Currently there is no automatic fix for this section.)
DNS Servers: 192.168.0.1
Windows Firewall is enabled.
Network Binding:
=============
Wi-Fi: Intel(R) Centrino(R) Wireless-N 2230 -> NETwew01.sys
Ethernet: Realtek PCIe FE Family Controller -> rt640x64.sys
Norton VPN: Norton VPN Wintun Adapter -> nllWintun.sys
==================== Other Areas ===========================
(Currently there is no automatic fix for this section.)
HKU\S-1-5-21-2554113077-2074626399-474842529-1001\Control Panel\Desktop\\Wallpaper -> c:\users\petrb\desktop\p\hlavní\1. p\ostatní\22b wallpaper.jpg
HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Policies\System => (ConsentPromptBehaviorAdmin: 5) (ConsentPromptBehaviorUser: 3) (EnableLUA: 1)
HKLM\SOFTWARE\Microsoft\Windows Defender\Features => (TamperProtection: 1) (TamperProtectionSource: 5)
HKLM\SOFTWARE\Microsoft\Windows Defender\Real-Time Protection => (DpaDisabled: 0)
==================== MSCONFIG/TASK MANAGER disabled items ==
(If an entry is included in the fixlist, it will be removed.)
HKLM\...\StartupApproved\Run: => "ETDCtrl"
HKU\S-1-5-21-2554113077-2074626399-474842529-1001\...\StartupApproved\StartupFolder: => "Poslat do aplikace OneNote.lnk"
HKU\S-1-5-21-2554113077-2074626399-474842529-1001\...\StartupApproved\Run: => "OneDrive"
HKU\S-1-5-21-2554113077-2074626399-474842529-1001\...\StartupApproved\Run: => "MicrosoftEdgeAutoLaunch_3FDE30BECFD206D53F96F7A16F63A897"
HKU\S-1-5-21-2554113077-2074626399-474842529-1001\...\StartupApproved\Run: => "CCleaner Smart Cleaning"
==================== FirewallRules (Whitelisted) ================
(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)
FirewallRules: [{AC58C336-E486-4D3D-8AE9-18A5134F1989}] => (Allow) C:\Program Files\Norton\Suite\NortonUI.exe (Gen Digital Inc. -> Gen Digital Inc.)
FirewallRules: [{7467CF0E-DB9C-45A0-92F0-5DF85AEF31CB}] => (Allow) C:\Program Files\Norton\Suite\NortonUI.exe (Gen Digital Inc. -> Gen Digital Inc.)
FirewallRules: [{1481F7AF-00B9-4B43-9E76-08F53562E513}] => (Allow) C:\Program Files\Microsoft Office\root\Office16\outlook.exe (Microsoft Corporation -> Microsoft Corporation)
FirewallRules: [{F4AC1B4E-8604-4FBF-8E61-050C50CE3A9A}] => (Allow) C:\Program Files\BraveSoftware\Brave-Browser\Application\brave.exe (Brave Software, Inc. -> Brave Software, Inc.)
==================== Restore Points =========================
10-10-2025 14:09:07 Naplánovaný kontrolní bod
17-10-2025 13:57:28 Instalační služba modulů systému Windows
24-10-2025 22:04:45 Instalační služba modulů systému Windows
24-10-2025 22:09:16 Instalační služba modulů systému Windows
25-10-2025 03:23:49 JRT Pre-Junkware Removal
25-10-2025 03:56:22 zoek.exe restore point
==================== Faulty Device Manager Devices ============
Name: Řadič jednoduché komunikace pro sběrnici PCI
Description: Řadič jednoduché komunikace pro sběrnici PCI
Class Guid:
Manufacturer:
Service:
Problem: : The drivers for this device are not installed. (Code 28)
Resolution: To install the drivers for this device, click "Update Driver", which starts the Hardware Update wizard.
Name:
Description:
Class Guid:
Manufacturer:
Service:
Problem: : The drivers for this device are not installed. (Code 28)
Resolution: To install the drivers for this device, click "Update Driver", which starts the Hardware Update wizard.
Name:
Description:
Class Guid:
Manufacturer:
Service:
Problem: : The drivers for this device are not installed. (Code 28)
Resolution: To install the drivers for this device, click "Update Driver", which starts the Hardware Update wizard.
Name: USB2.0-CRW
Description: USB2.0-CRW
Class Guid:
Manufacturer:
Service:
Problem: : The drivers for this device are not installed. (Code 28)
Resolution: To install the drivers for this device, click "Update Driver", which starts the Hardware Update wizard.
==================== Event log errors: ========================
Application errors:
==================
Error: (10/25/2025 02:08:42 AM) (Source: .NET Runtime) (EventID: 1022) (User: )
Description: .NET Runtime version 4.0.30319.0 - Došlo k chybě při inicializaci infrastruktury připojení profilovacího rozhraní API. Tento proces neumožní připojení profileru. HRESULT: 0x80004005. ID procesu (desítkově): 7880. ID zprávy: [0x2509].
Error: (10/24/2025 10:08:53 PM) (Source: .NET Runtime) (EventID: 1022) (User: )
Description: .NET Runtime version 4.0.30319.0 - Došlo k chybě při inicializaci infrastruktury připojení profilovacího rozhraní API. Tento proces neumožní připojení profileru. HRESULT: 0x80004005. ID procesu (desítkově): 15192. ID zprávy: [0x2509].
Error: (10/24/2025 10:06:50 PM) (Source: .NET Runtime) (EventID: 1022) (User: )
Description: .NET Runtime version 4.0.30319.0 - Došlo k chybě při inicializaci infrastruktury připojení profilovacího rozhraní API. Tento proces neumožní připojení profileru. HRESULT: 0x80004005. ID procesu (desítkově): 14460. ID zprávy: [0x2509].
Error: (10/24/2025 10:06:14 PM) (Source: .NET Runtime) (EventID: 1022) (User: )
Description: .NET Runtime version 4.0.30319.0 - Došlo k chybě při inicializaci infrastruktury připojení profilovacího rozhraní API. Tento proces neumožní připojení profileru. HRESULT: 0x80004005. ID procesu (desítkově): 9080. ID zprávy: [0x2509].
Error: (10/10/2025 11:00:33 PM) (Source: .NET Runtime) (EventID: 1022) (User: )
Description: .NET Runtime version 4.0.30319.0 - Došlo k chybě při inicializaci infrastruktury připojení profilovacího rozhraní API. Tento proces neumožní připojení profileru. HRESULT: 0x80004005. ID procesu (desítkově): 9676. ID zprávy: [0x2509].
Error: (10/10/2025 07:13:36 PM) (Source: .NET Runtime) (EventID: 1022) (User: )
Description: .NET Runtime version 4.0.30319.0 - Došlo k chybě při inicializaci infrastruktury připojení profilovacího rozhraní API. Tento proces neumožní připojení profileru. HRESULT: 0x80004005. ID procesu (desítkově): 7260. ID zprávy: [0x2509].
Error: (10/10/2025 05:46:50 PM) (Source: .NET Runtime) (EventID: 1022) (User: )
Description: .NET Runtime version 4.0.30319.0 - Došlo k chybě při inicializaci infrastruktury připojení profilovacího rozhraní API. Tento proces neumožní připojení profileru. HRESULT: 0x80004005. ID procesu (desítkově): 2512. ID zprávy: [0x2509].
Error: (10/10/2025 05:28:57 PM) (Source: .NET Runtime) (EventID: 1022) (User: )
Description: .NET Runtime version 4.0.30319.0 - Došlo k chybě při inicializaci infrastruktury připojení profilovacího rozhraní API. Tento proces neumožní připojení profileru. HRESULT: 0x80004005. ID procesu (desítkově): 5624. ID zprávy: [0x2509].
System errors:
=============
Error: (10/25/2025 04:41:14 AM) (Source: Microsoft-Windows-TPM-WMI) (EventID: 1801) (User: NT AUTHORITY)
Description: Secure Boot CA/keys need to be updated. This device signature information is included here.
DeviceAttributes: FirmwareVersion:71CN42WW(V1.16);OEMManufacturerName:LENOVO;OEMModelSKU:LENOVO_MT_20202;OSArchitecture:amd64;
BucketId: d82e8e47bd1bab1476f4523d26c71cc3b45d091a5ddb0a4204bca88815aad7bf
BucketConfidenceLevel:
UpdateType: 0
HResult: 0
Error: (10/25/2025 04:35:45 AM) (Source: Service Control Manager) (EventID: 7043) (User: )
Description: Služba nllbIDSAgent se po přijetí pokynu pro vypnutí neukončila správně.
Error: (10/25/2025 04:28:54 AM) (Source: Service Control Manager) (EventID: 7030) (User: )
Description: Služba PEVSystemStart je označena jako interaktivní služba. Avšak systém je nakonfigurován tak, že neumožňuje použití interaktivní služby. Tato služba nebude fungovat správně.
Error: (10/25/2025 04:28:53 AM) (Source: Service Control Manager) (EventID: 7030) (User: )
Description: Služba PEVSystemStart je označena jako interaktivní služba. Avšak systém je nakonfigurován tak, že neumožňuje použití interaktivní služby. Tato služba nebude fungovat správně.
Error: (10/25/2025 04:28:53 AM) (Source: Service Control Manager) (EventID: 7030) (User: )
Description: Služba PEVSystemStart je označena jako interaktivní služba. Avšak systém je nakonfigurován tak, že neumožňuje použití interaktivní služby. Tato služba nebude fungovat správně.
Error: (10/25/2025 04:28:53 AM) (Source: Service Control Manager) (EventID: 7030) (User: )
Description: Služba PEVSystemStart je označena jako interaktivní služba. Avšak systém je nakonfigurován tak, že neumožňuje použití interaktivní služby. Tato služba nebude fungovat správně.
Error: (10/25/2025 04:28:52 AM) (Source: Service Control Manager) (EventID: 7030) (User: )
Description: Služba PEVSystemStart je označena jako interaktivní služba. Avšak systém je nakonfigurován tak, že neumožňuje použití interaktivní služby. Tato služba nebude fungovat správně.
Error: (10/25/2025 03:57:44 AM) (Source: Microsoft-Windows-DNS-Client) (EventID: 1012) (User: NT AUTHORITY)
Description: Při pokusu o načtení souboru místních hostitelů došlo k chybě.
CodeIntegrity:
===============
Date: 2025-07-16 21:05:10
Description:
Code Integrity determined that a process (\Device\HarddiskVolume3\ProgramData\Microsoft\Windows Defender\Platform\4.18.24090.11-0\MpCmdRun.exe) attempted to load \Device\HarddiskVolume3\Program Files\Malwarebytes\Anti-Malware\mbamsi64.dll that did not meet the Microsoft signing level requirements.
Date: 2025-07-16 21:05:09
Description:
Code Integrity determined that a process (\Device\HarddiskVolume3\Windows\System32\svchost.exe) attempted to load \Device\HarddiskVolume3\Program Files\Malwarebytes\Anti-Malware\mbamsi64.dll that did not meet the Windows signing level requirements.
==================== Memory info ===========================
BIOS: LENOVO 71CN42WW(V1.16) 03/14/2013
Motherboard: LENOVO INVALID
Processor: Intel(R) Core(TM) i3-2348M CPU @ 2.30GHz
Percentage of memory in use: 68%
Total physical RAM: 3949.52 MB
Available physical RAM: 1225.53 MB
Total Virtual: 5677.52 MB
Available Virtual: 2818.42 MB
==================== Drives ================================
Drive c: () (Fixed) (Total:465.11 GB) (Free:392.07 GB) (Model: CT500MX500SSD1) NTFS
\\?\Volume{15c1c086-1381-4744-8757-ca160131d94c}\ () (Fixed) (Total:0.53 GB) (Free:0.08 GB) NTFS
\\?\Volume{e6174bfd-f7f2-4c81-ad82-ef9f268ad350}\ () (Fixed) (Total:0.09 GB) (Free:0.07 GB) FAT32
==================== MBR & Partition Table ====================
==========================================================
Disk: 0 (Size: 465.8 GB) (Disk ID: 3BB1537F)
Partition: GPT.
==================== End of Addition.txt =======================
-
jaro3
- člen Security týmu
-
Guru Level 15
- Příspěvky: 43359
- Registrován: červen 07
- Bydliště: Jižní Čechy
- Pohlaví:
- Stav:
Offline
Re: Prosím o kontrolu logu
Prosím, postupuj následujícím způsobem:
Otevřít poznámkový blok (Start => Všechny programy => Příslušenství => Poznámkový blok).
Prosím, zkopíruj do něj celý obsah níže.
(Můžeš použít funkci „vybrat vše“, klepni pravým tlačítkem myši na levé horní políčko v otevřeném poznámkovém bloku a zvol „ Vložit“).
Ulož jej na na plochu jako fixlist.txt
Spusťt FRST a stiskni tlačítko „Fix“ (Opravit) jen jednou a čekej.
Nástroj vypracuje log na ploše (Fixlog.txt), prosím zkopíruj sem celý jeho obsah.
Otevřít poznámkový blok (Start => Všechny programy => Příslušenství => Poznámkový blok).
Prosím, zkopíruj do něj celý obsah níže.
Kód: Vybrat vše
Start
CreateRestorePoint:
CloseProcesses:
HKLM\SOFTWARE\Microsoft\Windows Defender: [DisableAntiSpyware] Restriction <==== ATTENTION
HKLM\SOFTWARE\Microsoft\Windows Defender: [DisableAntiVirus] Restriction <==== ATTENTION
HKLM\SOFTWARE\Policies\Mozilla\Firefox: Restriction <==== ATTENTION
CHR HKLM-x32\...\Chrome\Extension: [efaidnbmnnnibpcajpcglclefindmkaj]
EmptyTemp:
End(Můžeš použít funkci „vybrat vše“, klepni pravým tlačítkem myši na levé horní políčko v otevřeném poznámkovém bloku a zvol „ Vložit“).
Ulož jej na na plochu jako fixlist.txt
Spusťt FRST a stiskni tlačítko „Fix“ (Opravit) jen jednou a čekej.
Nástroj vypracuje log na ploše (Fixlog.txt), prosím zkopíruj sem celý jeho obsah.
Při práci s programy HJT, ComboFix,MbAM, SDFix aj. zavřete všechny ostatní aplikace a prohlížeče!
Neposílejte logy do soukromých zpráv.Po dobu mé nepřítomnosti mě zastupuje memphisto , Žbeky a Orcus.
Pokud budete spokojeni , můžete podpořit naše forum:Podpora fóra
Neposílejte logy do soukromých zpráv.Po dobu mé nepřítomnosti mě zastupuje memphisto , Žbeky a Orcus.
Pokud budete spokojeni , můžete podpořit naše forum:Podpora fóra
Re: Prosím o kontrolu logu
Fix result of Farbar Recovery Scan Tool (x64) Version: 26-10-2025
Ran by petrb (26-10-2025 02:48:02) Run:1
Running from C:\Users\petrb\Desktop
Loaded Profiles: petrb
Boot Mode: Normal
==============================================
fixlist content:
*****************
Start
CreateRestorePoint:
CloseProcesses:
HKLM\SOFTWARE\Microsoft\Windows Defender: [DisableAntiSpyware] Restriction <==== ATTENTION
HKLM\SOFTWARE\Microsoft\Windows Defender: [DisableAntiVirus] Restriction <==== ATTENTION
HKLM\SOFTWARE\Policies\Mozilla\Firefox: Restriction <==== ATTENTION
CHR HKLM-x32\...\Chrome\Extension: [efaidnbmnnnibpcajpcglclefindmkaj]
EmptyTemp:
End
*****************
Restore point was successfully created.
Processes closed successfully.
HKLM\SOFTWARE\Microsoft\Windows Defender\\"DisableAntiSpyware"="0" => value restored successfully
HKLM\SOFTWARE\Microsoft\Windows Defender\\"DisableAntiVirus"="0" => value restored successfully
HKLM\SOFTWARE\Policies\Mozilla => removed successfully
HKLM\SOFTWARE\Wow6432Node\Google\Chrome\Extensions\efaidnbmnnnibpcajpcglclefindmkaj => removed successfully
=========== EmptyTemp: ==========
FlushDNS => completed
BITS transfer queue => 1310720 B
DOMStore, IE Recovery, AppCache, Feeds Cache, Thumbcache, IconCache => 34996645 B
Java, Discord, Steam htmlcache, WinHttpAutoProxySvc/winhttp *.cache => 0 B
Windows/system/drivers => 2115148 B
Edge => 0 B
Brave => 17664903 B
Firefox => 0 B
Opera => 0 B
Temp, IE cache, history, cookies, recent:
Default => 0 B
ProgramData => 0 B
Public => 0 B
systemprofile => 0 B
systemprofile32 => 0 B
LocalService => 4646 B
NetworkService => 4646 B
petrb => 3161275 B
RecycleBin => 0 B
EmptyTemp: => 56.5 MB temporary data Removed.
================================
The system needed a reboot.
==== End of Fixlog 02:48:31 ====
Ran by petrb (26-10-2025 02:48:02) Run:1
Running from C:\Users\petrb\Desktop
Loaded Profiles: petrb
Boot Mode: Normal
==============================================
fixlist content:
*****************
Start
CreateRestorePoint:
CloseProcesses:
HKLM\SOFTWARE\Microsoft\Windows Defender: [DisableAntiSpyware] Restriction <==== ATTENTION
HKLM\SOFTWARE\Microsoft\Windows Defender: [DisableAntiVirus] Restriction <==== ATTENTION
HKLM\SOFTWARE\Policies\Mozilla\Firefox: Restriction <==== ATTENTION
CHR HKLM-x32\...\Chrome\Extension: [efaidnbmnnnibpcajpcglclefindmkaj]
EmptyTemp:
End
*****************
Restore point was successfully created.
Processes closed successfully.
HKLM\SOFTWARE\Microsoft\Windows Defender\\"DisableAntiSpyware"="0" => value restored successfully
HKLM\SOFTWARE\Microsoft\Windows Defender\\"DisableAntiVirus"="0" => value restored successfully
HKLM\SOFTWARE\Policies\Mozilla => removed successfully
HKLM\SOFTWARE\Wow6432Node\Google\Chrome\Extensions\efaidnbmnnnibpcajpcglclefindmkaj => removed successfully
=========== EmptyTemp: ==========
FlushDNS => completed
BITS transfer queue => 1310720 B
DOMStore, IE Recovery, AppCache, Feeds Cache, Thumbcache, IconCache => 34996645 B
Java, Discord, Steam htmlcache, WinHttpAutoProxySvc/winhttp *.cache => 0 B
Windows/system/drivers => 2115148 B
Edge => 0 B
Brave => 17664903 B
Firefox => 0 B
Opera => 0 B
Temp, IE cache, history, cookies, recent:
Default => 0 B
ProgramData => 0 B
Public => 0 B
systemprofile => 0 B
systemprofile32 => 0 B
LocalService => 4646 B
NetworkService => 4646 B
petrb => 3161275 B
RecycleBin => 0 B
EmptyTemp: => 56.5 MB temporary data Removed.
================================
The system needed a reboot.
==== End of Fixlog 02:48:31 ====
-
jaro3
- člen Security týmu
-
Guru Level 15
- Příspěvky: 43359
- Registrován: červen 07
- Bydliště: Jižní Čechy
- Pohlaví:
- Stav:
Offline
Re: Prosím o kontrolu logu
Čisto.
Stáhni si zde DelFix
https://www.bleepingcomputer.com/download/delfix/
ulož si soubor na plochu.
Poklepáním na ikonu spusť nástroj Delfix.exe
( Ve Windows Vista, Windows 7, 8 a10 musíš spustit soubor pravým tlačítkem myši -> Spustit jako správce .
V hlavním menu, zkontroluj tyto možnosti - Odstranění dezinfekce nástrojů (Remove desinfection tools) – Vyčistit body obnovy (Purge System Restore)
Poté klikněte na tlačítko Spustit (Run) a nech nástroj dělat svoji práci
Poté se zpráva se otevře (DelFix.txt). Vlož celý obsah zprávy sem.Jinak je zpráva zde:
v C: \ DelFix.txt
Pokud nejsou problémy , je to vše a můžeš dát vyřešeno , zelenou fajfku.
Stáhni si zde DelFix
https://www.bleepingcomputer.com/download/delfix/
ulož si soubor na plochu.
Poklepáním na ikonu spusť nástroj Delfix.exe
( Ve Windows Vista, Windows 7, 8 a10 musíš spustit soubor pravým tlačítkem myši -> Spustit jako správce .
V hlavním menu, zkontroluj tyto možnosti - Odstranění dezinfekce nástrojů (Remove desinfection tools) – Vyčistit body obnovy (Purge System Restore)
Poté klikněte na tlačítko Spustit (Run) a nech nástroj dělat svoji práci
Poté se zpráva se otevře (DelFix.txt). Vlož celý obsah zprávy sem.Jinak je zpráva zde:
v C: \ DelFix.txt
Pokud nejsou problémy , je to vše a můžeš dát vyřešeno , zelenou fajfku.
Při práci s programy HJT, ComboFix,MbAM, SDFix aj. zavřete všechny ostatní aplikace a prohlížeče!
Neposílejte logy do soukromých zpráv.Po dobu mé nepřítomnosti mě zastupuje memphisto , Žbeky a Orcus.
Pokud budete spokojeni , můžete podpořit naše forum:Podpora fóra
Neposílejte logy do soukromých zpráv.Po dobu mé nepřítomnosti mě zastupuje memphisto , Žbeky a Orcus.
Pokud budete spokojeni , můžete podpořit naše forum:Podpora fóra
Re: Prosím o kontrolu logu
# DelFix v1.010 - Logfile created 26/10/2025 at 03:06:25
# Updated 26/04/2015 by Xplode
# Username : petrb - NOŤAS
# Operating System : Windows 10 Enterprise (64 bits)
~ Removing disinfection tools ...
Deleted : C:\FRST
Deleted : C:\zoek_backup
Deleted : C:\AdwCleaner
Deleted : C:\Users\petrb\Desktop\FRST-OlderVersion
Deleted : C:\zoek-results.log
Deleted : C:\Users\petrb\Desktop\Addition.txt
Deleted : C:\Users\petrb\Desktop\AdwCleaner.exe
Deleted : C:\Users\petrb\Desktop\AdwCleaner[S00].txt
Deleted : C:\Users\petrb\Desktop\Fixlog.txt
Deleted : C:\Users\petrb\Desktop\FRST.txt
Deleted : C:\Users\petrb\Desktop\FRST64.exe
Deleted : C:\Users\petrb\Desktop\JRT.exe
Deleted : C:\Users\petrb\Desktop\JRT.txt
Deleted : C:\Users\petrb\Desktop\HijackThis.exe
Deleted : C:\Users\petrb\Desktop\hijackthis.log
Deleted : C:\Users\petrb\Desktop\RogueKiller_setup.exe
Deleted : C:\Users\petrb\Desktop\TFC.exe
Deleted : C:\Users\petrb\Desktop\zoek (1).exe
Deleted : C:\Users\petrb\Desktop\zoek-results.txt
Deleted : HKLM\SOFTWARE\OldTimer Tools
~ Cleaning system restore ...
Deleted : RP #30 [Naplánovaný kontrolní bod | 10/10/2025 12:09:07]
Deleted : RP #31 [Instalační služba modulů systému Windows | 10/17/2025 11:57:28]
Deleted : RP #32 [Instalační služba modulů systému Windows | 10/24/2025 20:04:45]
Deleted : RP #33 [Instalační služba modulů systému Windows | 10/24/2025 20:09:16]
Deleted : RP #34 [JRT Pre-Junkware Removal | 10/25/2025 01:23:49]
Deleted : RP #35 [zoek.exe restore point | 10/25/2025 01:56:22]
New restore point created !
########## - EOF - ##########
# Updated 26/04/2015 by Xplode
# Username : petrb - NOŤAS
# Operating System : Windows 10 Enterprise (64 bits)
~ Removing disinfection tools ...
Deleted : C:\FRST
Deleted : C:\zoek_backup
Deleted : C:\AdwCleaner
Deleted : C:\Users\petrb\Desktop\FRST-OlderVersion
Deleted : C:\zoek-results.log
Deleted : C:\Users\petrb\Desktop\Addition.txt
Deleted : C:\Users\petrb\Desktop\AdwCleaner.exe
Deleted : C:\Users\petrb\Desktop\AdwCleaner[S00].txt
Deleted : C:\Users\petrb\Desktop\Fixlog.txt
Deleted : C:\Users\petrb\Desktop\FRST.txt
Deleted : C:\Users\petrb\Desktop\FRST64.exe
Deleted : C:\Users\petrb\Desktop\JRT.exe
Deleted : C:\Users\petrb\Desktop\JRT.txt
Deleted : C:\Users\petrb\Desktop\HijackThis.exe
Deleted : C:\Users\petrb\Desktop\hijackthis.log
Deleted : C:\Users\petrb\Desktop\RogueKiller_setup.exe
Deleted : C:\Users\petrb\Desktop\TFC.exe
Deleted : C:\Users\petrb\Desktop\zoek (1).exe
Deleted : C:\Users\petrb\Desktop\zoek-results.txt
Deleted : HKLM\SOFTWARE\OldTimer Tools
~ Cleaning system restore ...
Deleted : RP #30 [Naplánovaný kontrolní bod | 10/10/2025 12:09:07]
Deleted : RP #31 [Instalační služba modulů systému Windows | 10/17/2025 11:57:28]
Deleted : RP #32 [Instalační služba modulů systému Windows | 10/24/2025 20:04:45]
Deleted : RP #33 [Instalační služba modulů systému Windows | 10/24/2025 20:09:16]
Deleted : RP #34 [JRT Pre-Junkware Removal | 10/25/2025 01:23:49]
Deleted : RP #35 [zoek.exe restore point | 10/25/2025 01:56:22]
New restore point created !
########## - EOF - ##########
Re: Prosím o kontrolu logu Vyřešeno
Děkuji za kontrolu.
Kdo je online
Uživatelé prohlížející si toto fórum: Žádní registrovaní uživatelé a 11 hostů