Odvirování PC, zrychlení počítače, vzdálená pomoc prostřednictvím služby neslape.cz

kontrola logu

Máte problém s virem? Vložte sem log z FRST nebo RSIT.

Moderátor: Moderátoři

Pravidla fóra
Pokud chcete pomoc, vložte log z FRST [návod zde] nebo RSIT [návod zde]

Jednotlivé thready budou po vyřešení uzamčeny. Stejně tak ty, které budou nečinné déle než 14 dní. Vizte Pravidlo o zamykání témat. Děkujeme za pochopení.

!NOVINKA!
Nově lze využívat služby vzdálené pomoci, kdy se k vašemu počítači připojí odborník a bližší informace o problému si od vás získá telefonicky! Více na www.neslape.cz
Odpovědět
Zpráva
Autor
jindo
Návštěvník
Návštěvník
Příspěvky: 2
Registrován: 22 bře 2021 09:41

kontrola logu

#1 Příspěvek od jindo »

Dobrý den,
prosím o kontrolu logu.
Děkuji.


Scan result of Farbar Recovery Scan Tool (FRST) (x64) Version: 21-03-2021
Ran by Eva (administrator) on LAPTOP-QM24ANEN (HP HP Pavilion Laptop 15-cw1xxx) (22-03-2021 09:45:32)
Running from C:\Users\Eva\Downloads
Loaded Profiles: Eva
Platform: Windows 10 Home Version 2004 19041.867 (X64) Language: Čeština (Česko)
Default browser: Chrome
Boot Mode: Normal

==================== Processes (Whitelisted) =================

(If an entry is included in the fixlist, the process will be closed. The file will not be moved.)

(Adobe Inc. -> Adobe Inc.) C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\armsvc.exe
(Advanced Micro Devices, Inc. -> AMD) C:\Windows\System32\DriverStore\FileRepository\u0345797.inf_amd64_68e6bafc7561cf91\B345344\atieclxx.exe
(Advanced Micro Devices, Inc. -> AMD) C:\Windows\System32\DriverStore\FileRepository\u0345797.inf_amd64_68e6bafc7561cf91\B345344\atiesrxx.exe
(Apple Inc.) C:\Program Files\WindowsApps\AppleInc.iTunes_12110.26.53016.0_x64__nzyj5cx40ttqa\AMDS64\AppleMobileDeviceProcess.exe
(ELAN Microelectronics Corporation -> ELAN Microelectronics Corp.) C:\Windows\System32\ETDCtrl.exe
(ELAN Microelectronics Corporation -> ELAN Microelectronics Corp.) C:\Windows\System32\ETDCtrlHelper.exe
(ELAN Microelectronics Corporation -> ELAN Microelectronics Corp.) C:\Windows\System32\ETDService.exe
(ELAN Microelectronics Corporation -> ELAN Microelectronics Corp.) C:\Windows\System32\ETDTouch.exe
(Garmin International, Inc. -> Garmin Ltd. or its subsidiaries) C:\Program Files (x86)\Garmin\Express\express.exe
(Google LLC -> Google LLC) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe <36>
(HP Inc. -> HP Inc.) C:\Program Files (x86)\HP\HPAudioSwitch\HPAudioSwitch.exe
(HP Inc. -> HP Inc.) C:\Program Files\HPCommRecovery\HPCommRecovery.exe
(HP Inc. -> HP Inc.) C:\Windows\System32\DriverStore\FileRepository\hpanalyticscomp.inf_amd64_f98b15466093b28e\x64\TouchpointAnalyticsClientService.exe
(HP Inc. -> HP Inc.) C:\Windows\System32\DriverStore\FileRepository\hpcustomcapcomp.inf_amd64_5544a2e7dfd0f875\x64\AppHelperCap.exe
(HP Inc. -> HP Inc.) C:\Windows\System32\DriverStore\FileRepository\hpcustomcapcomp.inf_amd64_5544a2e7dfd0f875\x64\BridgeCommunication.exe
(HP Inc. -> HP Inc.) C:\Windows\System32\DriverStore\FileRepository\hpcustomcapcomp.inf_amd64_5544a2e7dfd0f875\x64\NetworkCap.exe
(HP Inc. -> HP Inc.) C:\Windows\System32\DriverStore\FileRepository\hpcustomcapcomp.inf_amd64_5544a2e7dfd0f875\x64\SysInfoCap.exe
(HP Inc.) C:\Program Files\WindowsApps\AD2F1837.HPJumpStarts_1.9.1548.0_x64__v10z8vjag6ke6\HP.JumpStarts.exe
(HP Inc.) C:\Program Files\WindowsApps\AD2F1837.HPSystemEventUtility_1.1.21.0_x64__v10z8vjag6ke6\SystemEventUtility\HPSystemEventUtilityHost.exe
(Microsoft Corporation -> Microsoft Corporation) C:\Users\Eva\AppData\Local\Microsoft\OneDrive\OneDrive.exe
(Microsoft Corporation -> Microsoft Corporation) C:\Users\Eva\AppData\Local\Microsoft\Teams\current\Teams.exe <9>
(Microsoft Corporation) C:\Program Files\WindowsApps\Microsoft.WindowsStore_12011.1001.1.0_x64__8wekyb3d8bbwe\WinStore.App.exe
(Microsoft Windows -> Microsoft Corporation) C:\Windows\ImmersiveControlPanel\SystemSettings.exe
(Microsoft Windows -> Microsoft Corporation) C:\Windows\System32\dllhost.exe
(Microsoft Windows -> Microsoft Corporation) C:\Windows\System32\MoUsoCoreWorker.exe
(Microsoft Windows -> Microsoft Corporation) C:\Windows\System32\oobe\UserOOBEBroker.exe
(Microsoft Windows -> Microsoft Corporation) C:\Windows\System32\smartscreen.exe
(Microsoft Windows -> Microsoft Corporation) C:\Windows\System32\wlanext.exe
(Microsoft Windows -> Microsoft Corporation) C:\Windows\WinSxS\amd64_microsoft-windows-servicingstack_31bf3856ad364e35_10.0.19041.860_none_e73d0c67262f5c28\TiWorker.exe
(Microsoft Windows Publisher -> Microsoft Corporation) C:\ProgramData\Microsoft\Windows Defender\Platform\4.18.2102.4-0\MsMpEng.exe
(Microsoft Windows Publisher -> Microsoft Corporation) C:\ProgramData\Microsoft\Windows Defender\Platform\4.18.2102.4-0\NisSrv.exe
(Realtek Semiconductor Corp. -> Realtek Semiconductor Corp.) C:\Windows\RtkBtManServ.exe
(Realtek Semiconductor Corp. -> Realtek Semiconductor) C:\Windows\System32\RtkAudUService64.exe <2>
(Sound Research Corporation -> Sound Research, Corp.) C:\Windows\System32\SECOMN64.exe
(Trend Micro Inc.) [File not signed] C:\Users\Eva\Downloads\hijackthis.exe

==================== Registry (Whitelisted) ===================

(If an entry is included in the fixlist, the registry item will be restored to default or removed. The file will not be moved.)

HKU\S-1-5-21-174338942-2276456712-52377785-1002\...\Run: [HPSEU_Host_Launcher] => C:\System.sav\util\HpseuHostLauncher.exe [528392 2020-10-09] (HP Inc. -> HP Inc.)
HKU\S-1-5-21-174338942-2276456712-52377785-1002\...\Run: [GarminExpress] => C:\Program Files (x86)\Garmin\Express\express.exe [30885360 2020-01-29] (Garmin International, Inc. -> Garmin Ltd. or its subsidiaries)
HKU\S-1-5-21-174338942-2276456712-52377785-1002\...\Run: [com.squirrel.Teams.Teams] => C:\Users\Eva\AppData\Local\Microsoft\Teams\Update.exe [2453720 2021-03-04] (Microsoft 3rd Party Application Component -> Microsoft Corporation)
HKLM\Software\Microsoft\Active Setup\Installed Components: [{8A69D345-D564-463c-AFF1-A69D9E530F96}] -> C:\Program Files (x86)\Google\Chrome\Application\89.0.4389.90\Installer\chrmstp.exe [2021-03-17] (Google LLC -> Google LLC)

==================== Scheduled Tasks (Whitelisted) ============

(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)

Task: {1223D26C-2129-4771-B3BB-151E78712104} - System32\Tasks\HPAudioSwitch => C:\Program Files (x86)\HP\HPAudioSwitch\HPAudioSwitch.exe [1644472 2019-06-21] (HP Inc. -> HP Inc.)
Task: {25166CA1-0BD8-4176-B5E1-AD144B74C76E} - System32\Tasks\Microsoft\Windows\Windows Defender\Windows Defender Verification => C:\ProgramData\Microsoft\Windows Defender\Platform\4.18.2102.4-0\MpCmdRun.exe [566368 2021-03-16] (Microsoft Windows Publisher -> Microsoft Corporation)
Task: {5634236A-CAA8-48AF-A8E7-7B487639008B} - System32\Tasks\GoogleUpdateTaskMachineCore => C:\Program Files (x86)\Google\Update\GoogleUpdate.exe [154920 2020-02-21] (Google Inc -> Google LLC)
Task: {62B9BDBC-F58F-432F-946D-EF54ECFD8CA4} - System32\Tasks\GarminUpdaterTask => C:\Program Files (x86)\Garmin\Express SelfUpdater\ExpressSelfUpdater.exe [40432 2020-01-29] (Garmin International, Inc. -> )
Task: {6BE920A7-F55A-4EAB-AE8A-5AEE0959BD18} - System32\Tasks\RtkAudUService64_BG => C:\WINDOWS\System32\RtkAudUService64.exe [1084720 2020-05-14] (Realtek Semiconductor Corp. -> Realtek Semiconductor)
Task: {7DD1F116-6B3E-4204-BBFE-B551588CFB42} - System32\Tasks\Microsoft\Windows\Windows Defender\Windows Defender Cache Maintenance => C:\ProgramData\Microsoft\Windows Defender\Platform\4.18.2102.4-0\MpCmdRun.exe [566368 2021-03-16] (Microsoft Windows Publisher -> Microsoft Corporation)
Task: {B3E7399F-DC06-447E-AA8B-7C69057E1D7A} - System32\Tasks\Adobe Acrobat Update Task => C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\AdobeARM.exe [1557200 2021-01-25] (Adobe Inc. -> Adobe Inc.)
Task: {C582D1BC-A570-4B10-9D3D-5D987C7BC4CB} - System32\Tasks\HP\Consent Manager Launcher => sc start hptouchpointanalyticsservice
Task: {C8074B2D-9641-4115-B30C-AC946178BA52} - System32\Tasks\Microsoft\Windows\Windows Defender\Windows Defender Cleanup => C:\ProgramData\Microsoft\Windows Defender\Platform\4.18.2102.4-0\MpCmdRun.exe [566368 2021-03-16] (Microsoft Windows Publisher -> Microsoft Corporation)
Task: {CAB97132-E8A8-48CD-B5FC-2D5C425800E5} - System32\Tasks\GoogleUpdateTaskMachineUA => C:\Program Files (x86)\Google\Update\GoogleUpdate.exe [154920 2020-02-21] (Google Inc -> Google LLC)
Task: {CE44F562-36C5-4A15-8745-198833538A40} - System32\Tasks\Microsoft\Windows\Windows Defender\Windows Defender Scheduled Scan => C:\ProgramData\Microsoft\Windows Defender\Platform\4.18.2102.4-0\MpCmdRun.exe [566368 2021-03-16] (Microsoft Windows Publisher -> Microsoft Corporation)
Task: {F4EFEB2C-3F68-4794-93B1-2455D352D114} - System32\Tasks\Hewlett-Packard\HP Support Assistant\HP Support Solutions Framework Report => C:\Program Files (x86)\HP\HP Support Framework\Resources\HPSFReport.exe [135000 2020-10-09] (HP Inc. -> HP Inc.)

(If an entry is included in the fixlist, the task (.job) file will be moved. The file which is running by the task will not be moved.)


==================== Internet (Whitelisted) ====================

(If an item is included in the fixlist, if it is a registry item it will be removed or restored to default.)

Tcpip\Parameters: [DhcpNameServer] 8.8.8.8
Tcpip\..\Interfaces\{489de7a7-8d0d-4c81-a41d-19c8eb588be4}: [DhcpNameServer] 192.168.10.1
Tcpip\..\Interfaces\{be3bd585-a548-4e69-a9f4-1f3c38bdb1f9}: [DhcpNameServer] 8.8.8.8

Edge:
=======
Edge DefaultProfile: Default
Edge Profile: C:\Users\Eva\AppData\Local\Microsoft\Edge\User Data\Default [2021-03-22]

FireFox:
========
FF Plugin: @microsoft.com/OfficeAuthz,version=14.0 -> C:\PROGRA~1\MICROS~2\Office14\NPAUTHZ.DLL [2010-01-09] (Microsoft Corporation -> Microsoft Corporation)
FF Plugin-x32: @microsoft.com/OfficeAuthz,version=14.0 -> C:\PROGRA~2\MICROS~2\Office14\NPAUTHZ.DLL [2010-01-09] (Microsoft Corporation -> Microsoft Corporation)
FF Plugin-x32: @microsoft.com/SharePoint,version=14.0 -> C:\PROGRA~2\MICROS~2\Office14\NPSPWRAP.DLL [2010-03-24] (Microsoft Corporation -> Microsoft Corporation)
FF Plugin-x32: @videolan.org/vlc,version=3.0.8 -> C:\Program Files (x86)\VideoLAN\VLC\npvlc.dll [2019-08-14] (VideoLAN -> VideoLAN)
FF Plugin-x32: Adobe Reader -> C:\Program Files (x86)\Adobe\Acrobat Reader DC\Reader\AIR\nppdf32.dll [2021-03-06] (Adobe Inc. -> Adobe Systems Inc.)
FF Plugin HKU\S-1-5-21-174338942-2276456712-52377785-1002: @zoom.us/ZoomVideoPlugin -> C:\Users\Eva\AppData\Roaming\Zoom\bin\npzoomplugin.dll [2020-04-03] (Zoom Video Communications, Inc. -> Zoom Video Communications, Inc.)

Chrome:
=======
CHR DefaultProfile: Default
CHR Profile: C:\Users\Eva\AppData\Local\Google\Chrome\User Data\Default [2021-03-22]
CHR Notifications: Default -> hxxps://www.eximtours.cz; hxxps://www.freefilm.to
CHR Extension: (Prezentace) - C:\Users\Eva\AppData\Local\Google\Chrome\User Data\Default\Extensions\aapocclcgogkmnckokdopfmhonfmgoek [2020-02-21]
CHR Extension: (Dokumenty) - C:\Users\Eva\AppData\Local\Google\Chrome\User Data\Default\Extensions\aohghmighlieiainnegkcijnfilokake [2020-02-21]
CHR Extension: (Disk Google) - C:\Users\Eva\AppData\Local\Google\Chrome\User Data\Default\Extensions\apdfllckaahabafndbhieahigkjlhalf [2020-11-01]
CHR Extension: (YouTube) - C:\Users\Eva\AppData\Local\Google\Chrome\User Data\Default\Extensions\blpcfgokakmgnkcojhhkbfbldkacnbeo [2020-02-21]
CHR Extension: (Tabulky) - C:\Users\Eva\AppData\Local\Google\Chrome\User Data\Default\Extensions\felcaaldnbdncclmgdcncolpebgiejap [2020-02-21]
CHR Extension: (Dokumenty Google offline) - C:\Users\Eva\AppData\Local\Google\Chrome\User Data\Default\Extensions\ghbmnnjooekpmoecnnnilnnbdlolhkhi [2021-03-11]
CHR Extension: (Platby Internetového obchodu Chrome) - C:\Users\Eva\AppData\Local\Google\Chrome\User Data\Default\Extensions\nmmhkkegccagdldgiimedpiccmgmieda [2021-02-02]
CHR Extension: (Gmail) - C:\Users\Eva\AppData\Local\Google\Chrome\User Data\Default\Extensions\pjkljhegncpnkpknbcohdijeoejaedia [2020-11-01]
CHR Extension: (Chrome Media Router) - C:\Users\Eva\AppData\Local\Google\Chrome\User Data\Default\Extensions\pkedcjkdefgpdelpbcmbmeomcjbeemfm [2021-03-11]

==================== Services (Whitelisted) ===================

(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)

R2 AdobeARMservice; C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\armsvc.exe [169672 2021-01-25] (Adobe Inc. -> Adobe Inc.)
R2 HP Comm Recover; C:\Program Files\HPCommRecovery\HPCommRecovery.exe [905080 2019-12-19] (HP Inc. -> HP Inc.)
R2 HPAppHelperCap; C:\WINDOWS\System32\DriverStore\FileRepository\hpcustomcapcomp.inf_amd64_5544a2e7dfd0f875\x64\AppHelperCap.exe [693760 2021-01-06] (HP Inc. -> HP Inc.)
R2 HPNetworkCap; C:\WINDOWS\System32\DriverStore\FileRepository\hpcustomcapcomp.inf_amd64_5544a2e7dfd0f875\x64\NetworkCap.exe [692736 2021-01-06] (HP Inc. -> HP Inc.)
R2 HPSysInfoCap; C:\WINDOWS\System32\DriverStore\FileRepository\hpcustomcapcomp.inf_amd64_5544a2e7dfd0f875\x64\SysInfoCap.exe [693760 2021-01-06] (HP Inc. -> HP Inc.)
R2 HpTouchpointAnalyticsService; C:\WINDOWS\System32\DriverStore\FileRepository\hpanalyticscomp.inf_amd64_f98b15466093b28e\x64\TouchpointAnalyticsClientService.exe [479504 2021-01-06] (HP Inc. -> HP Inc.)
R3 WdNisSvc; C:\ProgramData\Microsoft\Windows Defender\Platform\4.18.2102.4-0\NisSrv.exe [2483616 2021-03-16] (Microsoft Windows Publisher -> Microsoft Corporation)
R2 WinDefend; C:\ProgramData\Microsoft\Windows Defender\Platform\4.18.2102.4-0\MsMpEng.exe [128376 2021-03-16] (Microsoft Windows Publisher -> Microsoft Corporation)

===================== Drivers (Whitelisted) ===================

(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)

S3 AppleKmdfFilter; C:\WINDOWS\System32\drivers\AppleKmdfFilter.sys [20032 2020-10-09] (WDKTestCert build,132303256403278908 -> Apple Inc.)
S3 AppleLowerFilter; C:\WINDOWS\System32\drivers\AppleLowerFilter.sys [35976 2020-10-09] (WDKTestCert build,132303256403278908 -> Apple Inc.)
S3 BthA2dp; C:\WINDOWS\System32\drivers\BthA2dp.sys [279040 2019-12-07] (Microsoft Corporation) [File not signed]
S3 GeneStor; C:\WINDOWS\System32\drivers\GeneStor.sys [181072 2019-08-19] (GENESYS LOGIC, INC. -> Genesys Logic)
R3 HPCustomCapDriver; C:\WINDOWS\System32\DriverStore\FileRepository\hpcustomcapdriver.inf_amd64_1f5602eb8a12ac4c\x64\hpcustomcapdriver.sys [25024 2019-04-18] (Microsoft Windows Hardware Compatibility Publisher -> HP Inc.)
S0 WdBoot; C:\WINDOWS\System32\drivers\wd\WdBoot.sys [49560 2021-03-16] (Microsoft Windows Early Launch Anti-malware Publisher -> Microsoft Corporation)
R0 WdFilter; C:\WINDOWS\System32\drivers\wd\WdFilter.sys [420072 2021-03-16] (Microsoft Windows -> Microsoft Corporation)
R3 WdNisDrv; C:\WINDOWS\System32\drivers\wd\WdNisDrv.sys [72952 2021-03-16] (Microsoft Windows -> Microsoft Corporation)
R3 WirelessButtonDriver64; C:\WINDOWS\System32\drivers\WirelessButtonDriver64.sys [35392 2020-06-08] (HP Inc. -> HP)

==================== NetSvcs (Whitelisted) ===================

(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)


==================== One month (created) (Whitelisted) =========

(If an entry is included in the fixlist, the file/folder will be moved.)

2021-03-22 09:45 - 2021-03-22 09:46 - 000014790 _____ C:\Users\Eva\Downloads\FRST.txt
2021-03-22 09:44 - 2021-03-22 09:45 - 000000000 ____D C:\FRST
2021-03-22 09:44 - 2021-03-22 09:44 - 002300928 _____ (Farbar) C:\Users\Eva\Downloads\FRST64.exe
2021-03-22 09:27 - 2021-03-22 09:27 - 000388608 _____ (Trend Micro Inc.) C:\Users\Eva\Downloads\hijackthis.exe
2021-03-16 18:15 - 2021-03-16 18:40 - 000000000 ____D C:\Users\Eva\Desktop\natka_foto
2021-03-15 08:35 - 2021-03-15 08:35 - 002755584 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\mshtml.tlb
2021-03-15 08:35 - 2021-03-15 08:35 - 002755584 _____ (Microsoft Corporation) C:\WINDOWS\system32\mshtml.tlb
2021-03-15 08:35 - 2021-03-15 08:35 - 001822272 _____ (Microsoft Corporation) C:\WINDOWS\system32\winload.efi
2021-03-15 08:35 - 2021-03-15 08:35 - 001394024 _____ (Microsoft Corporation) C:\WINDOWS\system32\winresume.efi
2021-03-15 08:35 - 2021-03-15 08:35 - 001314128 _____ (Microsoft Corporation) C:\WINDOWS\system32\SecConfig.efi
2021-03-15 08:35 - 2021-03-15 08:35 - 001163776 _____ C:\WINDOWS\system32\MBR2GPT.EXE
2021-03-15 08:35 - 2021-03-15 08:35 - 000707016 _____ C:\WINDOWS\system32\TextShaping.dll
2021-03-15 08:35 - 2021-03-15 08:35 - 000611952 _____ C:\WINDOWS\SysWOW64\TextShaping.dll
2021-03-15 08:35 - 2021-03-15 08:35 - 000231248 _____ C:\WINDOWS\system32\containerdevicemanagement.dll
2021-03-15 08:35 - 2021-03-15 08:35 - 000091136 _____ C:\WINDOWS\system32\Drivers\cimfs.sys
2021-03-15 08:35 - 2021-03-15 08:35 - 000011359 _____ C:\WINDOWS\system32\DrtmAuthTxt.wim
2021-03-12 18:40 - 2021-03-12 18:40 - 000000000 ___HD C:\OneDriveTemp
2021-03-11 18:35 - 2021-03-11 18:35 - 000000000 ____D C:\Users\Eva\Apple
2021-03-11 18:34 - 2021-03-11 18:34 - 000000000 ____D C:\ProgramData\Apple Computer
2021-03-11 18:34 - 2021-03-11 18:34 - 000000000 ____D C:\ProgramData\Apple

==================== One month (modified) ==================

(If an entry is included in the fixlist, the file/folder will be moved.)

2021-03-22 09:40 - 2019-12-07 10:14 - 000000000 ____D C:\ProgramData\regid.1991-06.com.microsoft
2021-03-22 09:28 - 2020-02-21 07:23 - 000000000 ____D C:\Users\Eva\AppData\Local\VirtualStore
2021-03-22 09:09 - 2020-02-21 07:24 - 000000000 ___RD C:\Users\Eva\OneDrive
2021-03-22 08:45 - 2020-11-26 16:13 - 000000000 ____D C:\WINDOWS\system32\SleepStudy
2021-03-21 09:49 - 2019-12-07 10:14 - 000000000 ___HD C:\Program Files\WindowsApps
2021-03-21 09:49 - 2019-12-07 10:14 - 000000000 ____D C:\WINDOWS\AppReadiness
2021-03-21 09:46 - 2020-06-19 15:27 - 000002426 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Microsoft Edge.lnk
2021-03-21 09:46 - 2020-06-19 15:27 - 000002264 _____ C:\Users\Public\Desktop\Microsoft Edge.lnk
2021-03-19 11:12 - 2021-01-04 16:16 - 000000000 ____D C:\Users\Eva\AppData\Local\PlaceholderTileLogoFolder
2021-03-17 17:45 - 2020-03-20 12:32 - 000000000 ____D C:\Users\Eva\Desktop\ČJ
2021-03-17 17:40 - 2020-03-20 12:31 - 000000000 ____D C:\Users\Eva\Desktop\angličtina
2021-03-17 13:42 - 2020-02-21 07:09 - 000002308 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Google Chrome.lnk
2021-03-17 13:42 - 2020-02-21 07:09 - 000002267 _____ C:\Users\Public\Desktop\Google Chrome.lnk
2021-03-17 08:15 - 2020-11-26 16:20 - 001707744 _____ C:\WINDOWS\system32\PerfStringBackup.INI
2021-03-17 08:15 - 2019-12-07 15:41 - 000717450 _____ C:\WINDOWS\system32\perfh005.dat
2021-03-17 08:15 - 2019-12-07 15:41 - 000154626 _____ C:\WINDOWS\system32\perfc005.dat
2021-03-17 08:15 - 2019-12-07 10:13 - 000000000 ____D C:\WINDOWS\INF
2021-03-17 08:09 - 2020-11-26 16:22 - 000000006 ____H C:\WINDOWS\Tasks\SA.DAT
2021-03-17 08:09 - 2020-11-26 16:13 - 000008192 ___SH C:\DumpStack.log.tmp
2021-03-16 19:06 - 2020-11-26 16:13 - 000550896 _____ C:\WINDOWS\system32\FNTCACHE.DAT
2021-03-16 19:06 - 2019-12-07 10:14 - 000000000 ____D C:\WINDOWS\ServiceState
2021-03-16 19:06 - 2019-12-07 10:03 - 000786432 _____ C:\WINDOWS\system32\config\BBI
2021-03-16 19:05 - 2019-12-07 10:14 - 000000000 ___RD C:\WINDOWS\ImmersiveControlPanel
2021-03-16 19:05 - 2019-12-07 10:14 - 000000000 ____D C:\WINDOWS\SysWOW64\setup
2021-03-16 19:05 - 2019-12-07 10:14 - 000000000 ____D C:\WINDOWS\SysWOW64\oobe
2021-03-16 19:05 - 2019-12-07 10:14 - 000000000 ____D C:\WINDOWS\SysWOW64\Dism
2021-03-16 19:05 - 2019-12-07 10:14 - 000000000 ____D C:\WINDOWS\SystemResources
2021-03-16 19:05 - 2019-12-07 10:14 - 000000000 ____D C:\WINDOWS\system32\WinBioPlugIns
2021-03-16 19:05 - 2019-12-07 10:14 - 000000000 ____D C:\WINDOWS\system32\SystemResetPlatform
2021-03-16 19:05 - 2019-12-07 10:14 - 000000000 ____D C:\WINDOWS\system32\setup
2021-03-16 19:05 - 2019-12-07 10:14 - 000000000 ____D C:\WINDOWS\system32\oobe
2021-03-16 19:05 - 2019-12-07 10:14 - 000000000 ____D C:\WINDOWS\system32\Dism
2021-03-16 19:05 - 2019-12-07 10:14 - 000000000 ____D C:\WINDOWS\Provisioning
2021-03-16 19:05 - 2019-12-07 10:14 - 000000000 ____D C:\WINDOWS\PolicyDefinitions
2021-03-16 19:05 - 2019-12-07 10:14 - 000000000 ____D C:\WINDOWS\bcastdvr
2021-03-16 18:57 - 2020-02-21 07:23 - 000000000 ____D C:\Users\Eva\AppData\Local\D3DSCache
2021-03-16 18:40 - 2020-02-21 07:25 - 000000000 ____D C:\Users\Eva\AppData\Roaming\vlc
2021-03-16 07:46 - 2019-04-15 16:38 - 000000000 ____D C:\WINDOWS\system32\Drivers\wd
2021-03-15 08:38 - 2019-12-07 10:03 - 000000000 ____D C:\WINDOWS\CbsTemp
2021-03-15 08:30 - 2020-02-21 07:21 - 000002143 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Acrobat Reader DC.lnk
2021-03-15 08:27 - 2020-02-21 06:38 - 000000000 ____D C:\WINDOWS\system32\MRT
2021-03-14 19:34 - 2020-11-26 14:51 - 000000000 ____D C:\Users\Eva\Desktop\pracovní věci_Úřad
2021-03-14 19:32 - 2020-02-21 06:38 - 131005360 ____C (Microsoft Corporation) C:\WINDOWS\system32\MRT.exe
2021-03-12 18:39 - 2020-02-21 07:23 - 000000000 ____D C:\Users\Eva\AppData\Local\ConnectedDevicesPlatform
2021-03-11 18:35 - 2020-11-26 16:14 - 000000000 ____D C:\Users\Eva
2021-03-11 18:34 - 2020-02-21 09:53 - 000000000 ____D C:\Users\Eva\AppData\Local\Publishers
2021-03-11 18:34 - 2020-02-21 07:23 - 000000000 ____D C:\Users\Eva\AppData\Local\Packages
2021-03-11 18:34 - 2020-01-02 15:02 - 000000000 ____D C:\ProgramData\Packages
2021-03-11 18:33 - 2019-04-15 16:39 - 000000000 __RHD C:\Users\Public\AccountPictures
2021-03-06 09:40 - 2020-11-26 16:22 - 000003370 _____ C:\WINDOWS\system32\Tasks\OneDrive Standalone Update Task-S-1-5-21-174338942-2276456712-52377785-1002
2021-03-06 09:40 - 2020-11-26 16:14 - 000002358 _____ C:\Users\Eva\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\OneDrive.lnk
2021-03-04 13:49 - 2020-10-19 16:22 - 000002357 _____ C:\Users\Eva\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Microsoft Teams.lnk
2021-03-04 13:49 - 2020-10-19 16:22 - 000002349 _____ C:\Users\Eva\Desktop\Microsoft Teams.lnk
2021-02-26 08:07 - 2020-11-26 16:22 - 000004562 _____ C:\WINDOWS\system32\Tasks\Adobe Acrobat Update Task
2021-02-26 08:03 - 2021-01-07 08:04 - 000003490 _____ C:\WINDOWS\system32\Tasks\MicrosoftEdgeUpdateTaskMachineCore1d6c4076af492aa
2021-02-26 08:03 - 2020-11-26 16:22 - 000003584 _____ C:\WINDOWS\system32\Tasks\MicrosoftEdgeUpdateTaskMachineUA
2021-02-25 09:34 - 2020-02-21 15:05 - 000000000 ____D C:\Users\Eva\AppData\Local\HP_Inc
2021-02-24 17:12 - 2020-10-02 18:17 - 000000000 ____D C:\Program Files\Microsoft Update Health Tools

==================== Files in the root of some directories ========

2020-11-08 17:04 - 2020-11-23 18:17 - 000000550 _____ () C:\Users\Eva\AppData\Roaming\debug.log
2020-11-26 15:06 - 2020-11-26 15:06 - 000003584 _____ () C:\Users\Eva\AppData\Local\DCBC2A71-70D8-4DAN-EHR8-E0D61DEA3FDF.ini

==================== SigCheck ============================

(There is no automatic fix for files that do not pass verification.)

==================== End of FRST.txt ========================


Additional scan result of Farbar Recovery Scan Tool (x64) Version: 21-03-2021
Ran by Eva (22-03-2021 09:47:10)
Running from C:\Users\Eva\Downloads
Windows 10 Home Version 2004 19041.867 (X64) (2020-11-26 15:22:24)
Boot Mode: Normal
==========================================================


==================== Accounts: =============================

Administrator (S-1-5-21-174338942-2276456712-52377785-500 - Administrator - Disabled)
DefaultAccount (S-1-5-21-174338942-2276456712-52377785-503 - Limited - Disabled)
Eva (S-1-5-21-174338942-2276456712-52377785-1002 - Administrator - Enabled) => C:\Users\Eva
Guest (S-1-5-21-174338942-2276456712-52377785-501 - Limited - Disabled)
WDAGUtilityAccount (S-1-5-21-174338942-2276456712-52377785-504 - Limited - Disabled)

==================== Security Center ========================

(If an entry is included in the fixlist, it will be removed.)

AV: Windows Defender (Enabled - Up to date) {D68DDC3A-831F-4fae-9E44-DA132C1ACF46}

==================== Installed Programs ======================

(Only the adware programs with "Hidden" flag could be added to the fixlist to unhide them. The adware programs should be uninstalled manually.)

Adobe Acrobat Reader DC - Czech (HKLM-x32\...\{AC76BA86-7AD7-1029-7B44-AC0F074E4100}) (Version: 21.001.20145 - Adobe Systems Incorporated)
ANT Drivers Installer x64 (HKLM\...\{6AA82A23-ABAE-4E28-9476-4DF72E67EFE3}) (Version: 2.3.4 - Garmin Ltd or its subsidiaries) Hidden
Balíček ovladače systému Windows - Dynastream Innovations, Inc. ANT LibUSB Drivers (04/11/2012 1.2.40.201) (HKLM\...\F9D2A789F9CFF8CEC36B544F53877C80F1F73C46) (Version: 04/11/2012 1.2.40.201 - Dynastream Innovations, Inc.)
Balíček ovladače systému Windows - Silicon Labs Software (DSI_SiUSBXp_3_1) USB (02/06/2007 3.1) (HKLM\...\D1506E0025B5A3F9EB8270FE81C1EEDD9388B8A2) (Version: 02/06/2007 3.1 - Silicon Labs Software)
DidaktaCZ 1.0.0 (HKLM-x32\...\7e81f6ca-38af-5207-b03c-2ecbe5f1ce8e) (Version: 1.0.0 - SILCOM Multimedia, s.r.o.)
Elevated Installer (HKLM-x32\...\{880D2C38-2835-4328-A11C-32DB9EAE6EA1}) (Version: 6.20.0.0 - Garmin Ltd or its subsidiaries) Hidden
Garmin Express (HKLM-x32\...\{052d79d0-16af-4138-9d84-9f1605c2a26b}) (Version: 6.20.0.0 - Garmin Ltd or its subsidiaries)
Garmin Express (HKLM-x32\...\{7C71E35F-9E7D-4B53-909D-6505C3B6689C}) (Version: 6.20.0.0 - Garmin Ltd or its subsidiaries) Hidden
Google Chrome (HKLM-x32\...\Google Chrome) (Version: 89.0.4389.90 - Google LLC)
HP Audio Switch (HKLM-x32\...\{3A5141D4-47DB-4302-9B1C-272BE585BC8A}) (Version: 1.0.179.0 - HP Inc.)
HP Connection Optimizer (HKLM-x32\...\{6468C4A5-E47E-405F-B675-A70A70983EA6}) (Version: 2.0.16.0 - HP Inc.)
HP Documentation (HKLM\...\HP_Documentation) (Version: 1.0.0.1 - HP Inc.)
IrfanView 4.52 (64-bit) (HKLM\...\IrfanView64) (Version: 4.52 - Irfan Skiljan)
Microsoft Edge (HKLM-x32\...\Microsoft Edge) (Version: 89.0.774.57 - Microsoft Corporation)
Microsoft Office Standard 2010 (HKLM-x32\...\Office14.STANDARD) (Version: 14.0.7015.1000 - Microsoft Corporation)
Microsoft OneDrive (HKU\S-1-5-21-174338942-2276456712-52377785-1002\...\OneDriveSetup.exe) (Version: 21.030.0211.0002 - Microsoft Corporation)
Microsoft Teams (HKU\S-1-5-21-174338942-2276456712-52377785-1002\...\Teams) (Version: 1.4.00.4167 - Microsoft Corporation)
Microsoft Update Health Tools (HKLM\...\{99FAF70F-9B61-4AB0-9EC0-B31F98FFDC4A}) (Version: 2.75.0.0 - Microsoft Corporation)
Microsoft Visual C++ 2010 x64 Redistributable - 10.0.40219 (HKLM\...\{1D8E6291-B0D5-35EC-8441-6616F567A0F7}) (Version: 10.0.40219 - Microsoft Corporation)
Microsoft Visual C++ 2010 x86 Redistributable - 10.0.40219 (HKLM-x32\...\{F0C3E5D1-1ADE-321E-8167-68EF0DE699A5}) (Version: 10.0.40219 - Microsoft Corporation)
Microsoft Visual C++ 2015-2019 Redistributable (x86) - 14.23.27820 (HKLM-x32\...\{45231ab4-69fd-486a-859d-7a59fcd11013}) (Version: 14.23.27820.0 - Microsoft Corporation)
Microsoft Visual Studio 2010 Tools for Office Runtime (x64) (HKLM\...\Microsoft Visual Studio 2010 Tools for Office Runtime (x64)) (Version: 10.0.50903 - Microsoft Corporation)
Service Pack 2 for Microsoft Office 2010 (KB2687455) 32-Bit Edition (HKLM-x32\...\{90140000-0012-0000-0000-0000000FF1CE}_Office14.STANDARD_{DE28B448-32E8-4E8F-84F0-A52B21A49B5B}) (Version: - Microsoft)
VLC media player (HKLM-x32\...\VLC media player) (Version: 3.0.8 - VideoLAN)
Zoom (HKU\S-1-5-21-174338942-2276456712-52377785-1002\...\ZoomUMX) (Version: 4.6 - Zoom Video Communications, Inc.)

Packages:
=========
Amazon -> C:\Program Files\WindowsApps\Amazon.com.Amazon_2018.519.2815.0_x64__343d40qqvtj1t [2020-02-27] (Amazon.com)
AMD Radeon™ Settings Lite -> C:\Program Files\WindowsApps\AdvancedMicroDevicesInc-2.59462344778C5_10.19.10004.0_x64__0a9344xs7nr4m [2021-02-17] (Advanced Micro Devices Inc.)
B&O Audio Control -> C:\Program Files\WindowsApps\AD2F1837.BOAudioControl_1.11.218.0_x64__v10z8vjag6ke6 [2020-12-08] (HP Inc.)
Booking.com EMEA: Big savings on hotels in 96,000 destinations worldwide -> C:\Program Files\WindowsApps\PricelinePartnerNetwork.Booking.comEMEABigsavingso_2.0.5.0_x64__mgae2k3ys4ra0 [2021-02-10] (Priceline Partner Network)
Dropbox promotion -> C:\Program Files\WindowsApps\C27EB4BA.DropboxOEM_20.4.3.0_x64__xbfy0k16fey96 [2020-02-27] (Dropbox Inc.)
ELAN Touchpad Setting -> C:\Program Files\WindowsApps\ELANMicroelectronicsCorpo.ELANTouchpadSetting_11.2.63.0_x64__stws0m115j6hg [2021-03-16] (ELAN Microelectronics Corporation)
Energy Star -> C:\Program Files\WindowsApps\AD2F1837.HPInc.EnergyStar_1.2.0.0_x64__v10z8vjag6ke6 [2020-01-02] (HP Inc.)
HP Audio Control -> C:\Program Files\WindowsApps\RealtekSemiconductorCorp.HPAudioControl_1.7.195.0_x64__dt26b99r8h8gj [2020-01-02] (Realtek Semiconductor Corp)
HP CoolSense -> C:\Program Files\WindowsApps\AD2F1837.HPCoolSense_1.0.6.0_x64__v10z8vjag6ke6 [2020-01-02] (HP Inc.)
HP JumpStarts -> C:\Program Files\WindowsApps\AD2F1837.HPJumpStarts_1.9.1548.0_x64__v10z8vjag6ke6 [2020-12-15] (HP Inc.)
HP PC Hardware Diagnostics Windows -> C:\Program Files\WindowsApps\AD2F1837.HPPCHardwareDiagnosticsWindows_1.6.8.0_x64__v10z8vjag6ke6 [2021-02-02] (HP Inc.)
HP Privacy Settings -> C:\Program Files\WindowsApps\AD2F1837.HPPrivacySettings_1.0.39.0_x64__v10z8vjag6ke6 [2020-10-09] (HP Inc.)
HP Smart -> C:\Program Files\WindowsApps\AD2F1837.HPPrinterControl_122.3.838.0_x64__v10z8vjag6ke6 [2021-03-06] (HP Inc.)
HP Support Assistant -> C:\Program Files\WindowsApps\AD2F1837.HPSupportAssistant_9.7.238.0_x64__v10z8vjag6ke6 [2021-02-24] (HP Inc.)
HP System Event Utility -> C:\Program Files\WindowsApps\AD2F1837.HPSystemEventUtility_1.1.21.0_x64__v10z8vjag6ke6 [2020-10-09] (HP Inc.)
iTunes -> C:\Program Files\WindowsApps\AppleInc.iTunes_12110.26.53016.0_x64__nzyj5cx40ttqa [2021-03-11] (Apple Inc.) [Startup Task]
McAfee® Personal Security -> C:\Program Files\WindowsApps\5A894077.McAfeeSecurity_2.1.60.0_x64__wafk5atnkzcwy [2021-03-01] (McAfee LLC.)
Microsoft Advertising SDK for XAML -> C:\Program Files\WindowsApps\Microsoft.Advertising.Xaml_10.1811.1.0_x64__8wekyb3d8bbwe [2020-01-02] (Microsoft Corporation) [MS Ad]
Microsoft Advertising SDK for XAML -> C:\Program Files\WindowsApps\Microsoft.Advertising.Xaml_10.1811.1.0_x86__8wekyb3d8bbwe [2020-02-27] (Microsoft Corporation) [MS Ad]
Microsoft Solitaire Collection -> C:\Program Files\WindowsApps\Microsoft.MicrosoftSolitaireCollection_4.9.1252.0_x64__8wekyb3d8bbwe [2021-02-07] (Microsoft Studios) [MS Ad]
Simple Solitaire -> C:\Program Files\WindowsApps\26720RandomSaladGamesLLC.SimpleSolitaire_7.1.3.0_x64__kx24dqmazqk8j [2021-03-16] (Random Salad Games LLC)

==================== Custom CLSID (Whitelisted): ==============

(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)

CustomCLSID: HKU\S-1-5-21-174338942-2276456712-52377785-1002_Classes\CLSID\{19A6E644-14E6-4A60-B8D7-DD20610A871D}\InprocServer32 -> C:\Users\Eva\AppData\Local\Microsoft\TeamsMeetingAddin\1.0.20289.5\x64\Microsoft.Teams.AddinLoader.dll (Microsoft Corporation -> Microsoft Corporation)
CustomCLSID: HKU\S-1-5-21-174338942-2276456712-52377785-1002_Classes\CLSID\{CB965DF1-B8EA-49C7-BDAD-5457FDC1BF92}\InprocServer32 -> C:\Users\Eva\AppData\Local\Microsoft\TeamsMeetingAddin\1.0.20244.4\x64\Microsoft.Teams.AddinLoader.dll => No File

==================== Codecs (Whitelisted) ====================

==================== Shortcuts & WMI ========================

==================== Loaded Modules (Whitelisted) =============

2019-09-09 07:13 - 2019-09-09 07:13 - 001364992 _____ () [File not signed] [File is in use] C:\Program Files (x86)\Garmin\Express\CefSharp.Core.dll
2020-01-29 14:31 - 2020-01-29 14:31 - 000073216 _____ () [File not signed] [File is in use] C:\Program Files (x86)\Garmin\Express\FixBootSector.dll
2017-05-08 09:35 - 2017-05-08 09:35 - 000325632 _____ () [File not signed] [File is in use] C:\Program Files (x86)\Garmin\Express\GpsImgWrapper.dll
2019-07-27 08:57 - 2019-07-27 08:57 - 096071680 _____ () [File not signed] C:\Program Files (x86)\Garmin\Express\libcef.dll
2021-01-21 08:25 - 2021-01-21 08:25 - 000138240 _____ () [File not signed] C:\WINDOWS\assembly\NativeImages_v4.0.30319_32\Interop.IWs06dcaa36#\a354c38f659363054b8dbd29ab5fc353\Interop.IWshRuntimeLibrary.ni.dll
2020-01-29 14:31 - 2020-01-29 14:31 - 001976832 _____ (Apache Software Foundation) [File not signed] C:\Program Files (x86)\Garmin\Express\XercesLib.dll
2020-01-29 14:33 - 2020-01-29 14:33 - 000234496 _____ (Dynastream Innovations Inc.) [File not signed] C:\Program Files (x86)\Garmin\Express\ANT_WrappedLib.dll
2020-01-29 14:31 - 2020-01-29 14:31 - 002711552 _____ (Garmin International) [File not signed] [File is in use] C:\Program Files (x86)\Garmin\Express\legacyio.dll
2017-05-08 09:35 - 2017-05-08 09:35 - 000343552 _____ (Garmin International, Inc.) [File not signed] C:\Program Files (x86)\Garmin\Express\IMG_GPSMAP.dll
2020-01-29 14:31 - 2020-01-29 14:31 - 000425472 _____ (Garmin) [File not signed] C:\Program Files (x86)\Garmin\Express\XMLdll.dll
2021-02-15 15:49 - 2021-02-15 15:49 - 000134656 _____ (hardcodet.net) [File not signed] C:\WINDOWS\assembly\NativeImages_v4.0.30319_32\Hardcodet.W6cab32f3#\dad9dd560e38c29da6dfe6688f817cae\Hardcodet.Wpf.TaskbarNotification.ni.dll
2020-06-19 16:07 - 2020-06-19 16:07 - 000014336 _____ (HP Inc.) [File not signed] C:\Program Files\WindowsApps\AD2F1837.HPSystemEventUtility_1.1.21.0_x64__v10z8vjag6ke6\SystemEventUtility\NativeRpcClient.DLL
2021-02-16 09:02 - 2021-02-16 09:02 - 001701888 _____ (Mark Heath & Contributors) [File not signed] C:\WINDOWS\assembly\NativeImages_v4.0.30319_32\NAudio\12976f63c260c230152542f8f43d1f6f\NAudio.ni.dll
2021-02-16 09:02 - 2021-02-16 09:02 - 003060736 _____ (Newtonsoft) [File not signed] C:\WINDOWS\assembly\NativeImages_v4.0.30319_32\Newtonsoft.Json\c8129da97f8be4a90c3d4e569de73f88\Newtonsoft.Json.ni.dll
2020-01-29 14:32 - 2020-01-29 14:32 - 000090112 _____ (Silicon Laboratories, Inc.) [File not signed] C:\Program Files (x86)\Garmin\Express\DSI_SiUSBXp_3_1.DLL
2021-02-16 09:01 - 2021-02-16 09:01 - 000793088 _____ (The Apache Software Foundation) [File not signed] C:\WINDOWS\assembly\NativeImages_v4.0.30319_32\log4net\d6754e112bc586d282a446a3d72d6335\log4net.ni.dll
2019-07-27 08:57 - 2019-07-27 08:57 - 000762368 _____ (The Chromium Authors) [File not signed] C:\Program Files (x86)\Garmin\Express\chrome_elf.dll

==================== Alternate Data Streams (Whitelisted) ========

==================== Safe Mode (Whitelisted) ==================

==================== Association (Whitelisted) =================

==================== Internet Explorer (Whitelisted) ==========

HKLM\Software\Microsoft\Internet Explorer\Main,Start Page = hxxp://www.msn.com/?pc=HCTE
HKLM\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = hxxp://www.msn.com/?pc=HCTE
HKU\S-1-5-21-174338942-2276456712-52377785-1002\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = hxxp://www.msn.com/?pc=HCTE
SearchScopes: HKLM -> {54FA7821-61BF-40A5-8370-8B6B8CF2D7BB} URL = hxxp://www.amazon.co.uk/s/ref=azs_osd_ieauk?ie ... earchTerms}
SearchScopes: HKLM-x32 -> {54FA7821-61BF-40A5-8370-8B6B8CF2D7BB} URL = hxxp://www.amazon.co.uk/s/ref=azs_osd_ieauk?ie ... earchTerms}
BHO: Office Document Cache Handler -> {B4F3A835-0E21-4959-BA22-42B3008E02FF} -> C:\Program Files\Microsoft Office\Office14\URLREDIR.DLL [2013-03-06] (Microsoft Corporation -> Microsoft Corporation)
BHO: HP Network Check Helper -> {E76FD755-C1BA-4DCB-9F13-99BD91223ADE} -> C:\Program Files (x86)\HP\HP Support Framework\Resources\HPNetworkCheck\HPNetworkCheckPluginx64.dll [2020-02-21] (HP Inc. -> HP Inc.)
BHO-x32: Office Document Cache Handler -> {B4F3A835-0E21-4959-BA22-42B3008E02FF} -> C:\Program Files (x86)\Microsoft Office\Office14\URLREDIR.DLL [2013-03-06] (Microsoft Corporation -> Microsoft Corporation)
BHO-x32: HP Network Check Helper -> {E76FD755-C1BA-4DCB-9F13-99BD91223ADE} -> C:\Program Files (x86)\HP\HP Support Framework\Resources\HPNetworkCheck\HPNetworkCheckPlugin.dll [2020-02-21] (HP Inc. -> HP Inc.)

==================== Hosts content: =========================

(If needed Hosts: directive could be included in the fixlist to reset Hosts.)

2019-03-19 05:49 - 2019-03-19 05:49 - 000000824 _____ C:\WINDOWS\system32\drivers\etc\hosts

==================== Other Areas ===========================

(Currently there is no automatic fix for this section.)

HKU\S-1-5-21-174338942-2276456712-52377785-1002\Control Panel\Desktop\\Wallpaper -> c:\windows\web\wallpaper\theme1\img13.jpg
DNS Servers: 8.8.8.8
HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Policies\System => (ConsentPromptBehaviorAdmin: 5) (ConsentPromptBehaviorUser: 3) (EnableLUA: 1)
HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer => (SmartScreenEnabled: )
Windows Firewall is enabled.

==================== MSCONFIG/TASK MANAGER disabled items ==

==================== FirewallRules (Whitelisted) ================

(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)

FirewallRules: [UDP Query User{4A6854ED-9534-4192-AE29-454587352704}C:\users\eva\appdata\local\microsoft\teams\current\teams.exe] => (Block) C:\users\eva\appdata\local\microsoft\teams\current\teams.exe (Microsoft Corporation -> Microsoft Corporation)
FirewallRules: [TCP Query User{54B5A7BD-4D16-49E9-9BFC-C4489C5CC63E}C:\users\eva\appdata\local\microsoft\teams\current\teams.exe] => (Block) C:\users\eva\appdata\local\microsoft\teams\current\teams.exe (Microsoft Corporation -> Microsoft Corporation)
FirewallRules: [UDP Query User{C9877E78-C414-4DE4-94E9-064C8AB38CCF}C:\users\eva\appdata\local\microsoft\teams\current\teams.exe] => (Block) C:\users\eva\appdata\local\microsoft\teams\current\teams.exe (Microsoft Corporation -> Microsoft Corporation)
FirewallRules: [TCP Query User{3E9EA8CF-6009-46FC-B5F7-2293C90C126F}C:\users\eva\appdata\local\microsoft\teams\current\teams.exe] => (Block) C:\users\eva\appdata\local\microsoft\teams\current\teams.exe (Microsoft Corporation -> Microsoft Corporation)
FirewallRules: [{AFA4320E-F980-4097-93CB-83B0CD32240B}] => (Allow) C:\Users\Eva\AppData\Roaming\Zoom\bin\airhost.exe => No File
FirewallRules: [{72758BCD-FAC2-4BDF-AF25-59A22F8FB048}] => (Allow) C:\Users\Eva\AppData\Roaming\Zoom\bin\Zoom.exe (Zoom Video Communications, Inc. -> Zoom Video Communications, Inc.)
FirewallRules: [{DA2C9C6A-EB23-4143-A4D4-96B8E9A5378D}] => (Allow) C:\Program Files\WindowsApps\SpotifyAB.SpotifyMusic_1.126.501.0_x86__zpdnekdrzrea0\Spotify.exe (Spotify AB -> Spotify Ltd)
FirewallRules: [{5385AE29-4500-4E2D-96E6-1661F2E4FD7F}] => (Allow) C:\Program Files\WindowsApps\SpotifyAB.SpotifyMusic_1.126.501.0_x86__zpdnekdrzrea0\Spotify.exe (Spotify AB -> Spotify Ltd)
FirewallRules: [{1B88DE59-807C-43FD-8387-8622E58847E4}] => (Allow) C:\Program Files\WindowsApps\SpotifyAB.SpotifyMusic_1.126.501.0_x86__zpdnekdrzrea0\Spotify.exe (Spotify AB -> Spotify Ltd)
FirewallRules: [{35579EB9-BF8B-4CB7-8592-F4C6D49EB740}] => (Allow) C:\Program Files\WindowsApps\SpotifyAB.SpotifyMusic_1.126.501.0_x86__zpdnekdrzrea0\Spotify.exe (Spotify AB -> Spotify Ltd)
FirewallRules: [{1F6EBDD8-D2EF-4148-A966-027CA2FDAE76}] => (Allow) C:\Program Files\WindowsApps\SpotifyAB.SpotifyMusic_1.126.501.0_x86__zpdnekdrzrea0\Spotify.exe (Spotify AB -> Spotify Ltd)
FirewallRules: [{F8635673-CC0D-46B8-A520-35EBC45083CC}] => (Allow) C:\Program Files\WindowsApps\SpotifyAB.SpotifyMusic_1.126.501.0_x86__zpdnekdrzrea0\Spotify.exe (Spotify AB -> Spotify Ltd)
FirewallRules: [{996995EC-7173-4B5F-9405-BAE99467B433}] => (Allow) C:\Program Files\WindowsApps\SpotifyAB.SpotifyMusic_1.126.501.0_x86__zpdnekdrzrea0\Spotify.exe (Spotify AB -> Spotify Ltd)
FirewallRules: [{55A4015D-9346-4720-82E8-715498BA5DD0}] => (Allow) C:\Program Files\WindowsApps\SpotifyAB.SpotifyMusic_1.126.501.0_x86__zpdnekdrzrea0\Spotify.exe (Spotify AB -> Spotify Ltd)
FirewallRules: [{BF8201A8-E498-486A-983B-CF9BBBFC0044}] => (Allow) C:\Program Files\WindowsApps\Microsoft.SkypeApp_15.68.96.0_x86__kzf8qxf38zg5c\Skype\Skype.exe (Skype Software Sarl -> Skype Technologies S.A.)
FirewallRules: [{80F19253-D3AC-4C9C-B2A9-5EED6688E906}] => (Allow) C:\Program Files\WindowsApps\Microsoft.SkypeApp_15.68.96.0_x86__kzf8qxf38zg5c\Skype\Skype.exe (Skype Software Sarl -> Skype Technologies S.A.)
FirewallRules: [{6C018221-505F-4498-9E29-58480950A8CB}] => (Allow) C:\Program Files\WindowsApps\Microsoft.SkypeApp_15.68.96.0_x86__kzf8qxf38zg5c\Skype\Skype.exe (Skype Software Sarl -> Skype Technologies S.A.)
FirewallRules: [{84F08AF7-06ED-42B2-965C-4B7C2CEF3495}] => (Allow) C:\Program Files\WindowsApps\Microsoft.SkypeApp_15.68.96.0_x86__kzf8qxf38zg5c\Skype\Skype.exe (Skype Software Sarl -> Skype Technologies S.A.)
FirewallRules: [{B82495C2-357D-48B6-ABA3-617B439C83BD}] => (Allow) C:\Program Files\WindowsApps\AppleInc.iTunes_12110.26.53016.0_x64__nzyj5cx40ttqa\iTunes.exe (Apple Inc. -> Apple Inc.)
FirewallRules: [{E31A1266-5EFE-46F0-B280-4C2FFBA74660}] => (Allow) C:\Program Files\WindowsApps\AppleInc.iTunes_12110.26.53016.0_x64__nzyj5cx40ttqa\iTunes.exe (Apple Inc. -> Apple Inc.)
FirewallRules: [{71B71F00-4861-41A7-84CE-CEEFCB221B7C}] => (Allow) C:\Program Files\WindowsApps\AppleInc.iTunes_12110.26.53016.0_x64__nzyj5cx40ttqa\iTunes.exe (Apple Inc. -> Apple Inc.)
FirewallRules: [{48E0F548-1EAC-4E55-B80C-107463E5AFAC}] => (Allow) C:\Program Files\WindowsApps\AppleInc.iTunes_12110.26.53016.0_x64__nzyj5cx40ttqa\iTunes.exe (Apple Inc. -> Apple Inc.)
FirewallRules: [{3C787066-936F-47F1-9B0E-31EC2CA382C1}] => (Allow) C:\Program Files\WindowsApps\AppleInc.iTunes_12110.26.53016.0_x64__nzyj5cx40ttqa\AMDS64\AppleMobileDeviceProcess.exe (Apple Inc. -> Apple Inc.)
FirewallRules: [{47AD5E05-B9C3-46E9-86F9-5A21B306209A}] => (Allow) C:\Program Files\WindowsApps\AppleInc.iTunes_12110.26.53016.0_x64__nzyj5cx40ttqa\AMDS64\AppleMobileDeviceProcess.exe (Apple Inc. -> Apple Inc.)
FirewallRules: [{FCE3D988-BC52-41B6-A603-5116B5EE87EA}] => (Allow) C:\Program Files\WindowsApps\AppleInc.iTunes_12110.26.53016.0_x64__nzyj5cx40ttqa\AMDS64\AppleMobileDeviceProcess.exe (Apple Inc. -> Apple Inc.)
FirewallRules: [{866FCA5F-0417-44D2-BCB8-7B72B4A1F7BC}] => (Allow) C:\Program Files\WindowsApps\AppleInc.iTunes_12110.26.53016.0_x64__nzyj5cx40ttqa\AMDS64\AppleMobileDeviceProcess.exe (Apple Inc. -> Apple Inc.)
FirewallRules: [{5F888C17-0672-4DF4-BC9E-6007D49B2A2E}] => (Allow) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe (Google LLC -> Google LLC)

==================== Restore Points =========================

05-03-2021 09:18:58 Naplánovaný kontrolní bod
15-03-2021 08:27:13 Instalační služba modulů systému Windows

==================== Faulty Device Manager Devices ============


==================== Event log errors: ========================

Application errors:
==================
Error: (03/16/2021 07:06:34 PM) (Source: VSS) (EventID: 8193) (User: )
Description: Chyba služby Stínová kopie svazků: Při volání rutiny CoCreateInstance došlo k neočekávané chybě. hr= 0x8007045b, Probíhá vypnutí systému.
.

Error: (03/16/2021 07:06:34 PM) (Source: VSS) (EventID: 13) (User: )
Description: Informace služby Stínová kopie svazku: Server COM s identifikátorem CLSID {4e14fba2-2e22-11d1-9964-00c04fbbb345} a názvem CEventSystem nelze spustit. [0x8007045b, Probíhá vypnutí systému.
]

Error: (03/16/2021 07:06:34 PM) (Source: VSS) (EventID: 8193) (User: )
Description: Chyba služby Stínová kopie svazků: Při volání rutiny CoCreateInstance došlo k neočekávané chybě. hr= 0x8007045b, Probíhá vypnutí systému.
.

Error: (03/16/2021 07:06:34 PM) (Source: VSS) (EventID: 13) (User: )
Description: Informace služby Stínová kopie svazku: Server COM s identifikátorem CLSID {4e14fba2-2e22-11d1-9964-00c04fbbb345} a názvem CEventSystem nelze spustit. [0x8007045b, Probíhá vypnutí systému.
]

Error: (03/11/2021 06:33:52 PM) (Source: Microsoft-Windows-AppModel-State) (EventID: 10) (User: LAPTOP-QM24ANEN)
Description: Microsoft.VCLibs.140.00_8wekyb3d8bbwe-2147024893

Error: (03/11/2021 06:33:52 PM) (Source: Microsoft-Windows-AppModel-State) (EventID: 10) (User: LAPTOP-QM24ANEN)
Description: Microsoft.VCLibs.140.00.UWPDesktop_8wekyb3d8bbwe-2147024893

Error: (03/11/2021 06:33:52 PM) (Source: Microsoft-Windows-AppModel-State) (EventID: 10) (User: LAPTOP-QM24ANEN)
Description: Microsoft.UI.Xaml.2.5_8wekyb3d8bbwe-2147024893

Error: (03/11/2021 06:33:52 PM) (Source: Microsoft-Windows-AppModel-State) (EventID: 10) (User: LAPTOP-QM24ANEN)
Description: Microsoft.UI.Xaml.2.4_8wekyb3d8bbwe-2147024893


System errors:
=============
Error: (03/19/2021 08:02:51 AM) (Source: BTHUSB) (EventID: 5) (User: )
Description: Ovladač Bluetooth očekával událost HCI s určitou velikostí, ale neobdržel ji.

Error: (03/19/2021 08:00:18 AM) (Source: BTHUSB) (EventID: 5) (User: )
Description: Ovladač Bluetooth očekával událost HCI s určitou velikostí, ale neobdržel ji.

Error: (03/18/2021 11:36:05 AM) (Source: BTHUSB) (EventID: 5) (User: )
Description: Ovladač Bluetooth očekával událost HCI s určitou velikostí, ale neobdržel ji.

Error: (03/18/2021 11:33:18 AM) (Source: BTHUSB) (EventID: 5) (User: )
Description: Ovladač Bluetooth očekával událost HCI s určitou velikostí, ale neobdržel ji.

Error: (03/18/2021 11:31:28 AM) (Source: BTHUSB) (EventID: 5) (User: )
Description: Ovladač Bluetooth očekával událost HCI s určitou velikostí, ale neobdržel ji.

Error: (03/18/2021 11:29:05 AM) (Source: BTHUSB) (EventID: 5) (User: )
Description: Ovladač Bluetooth očekával událost HCI s určitou velikostí, ale neobdržel ji.

Error: (03/18/2021 11:27:15 AM) (Source: BTHUSB) (EventID: 5) (User: )
Description: Ovladač Bluetooth očekával událost HCI s určitou velikostí, ale neobdržel ji.

Error: (03/18/2021 11:23:27 AM) (Source: BTHUSB) (EventID: 5) (User: )
Description: Ovladač Bluetooth očekával událost HCI s určitou velikostí, ale neobdržel ji.


Windows Defender:
================
Date: 2021-03-22 08:09:27
Description:
Prohledávání Antivirová ochrana v programu Microsoft Defender bylo zastaveno před dokončením.
ID prohledávání: {F355598A-5EB2-44A7-B610-C13758EEAE9D}
Typ prohledávání: Antimalwarový program
Parametry prohledávání: Rychlé prohledávání
Uživatel: NT AUTHORITY\SYSTEM

Date: 2021-03-22 07:45:15
Description:
Prohledávání Antivirová ochrana v programu Microsoft Defender bylo zastaveno před dokončením.
ID prohledávání: {47DEAE42-BB4E-416B-ADA2-5C378E015842}
Typ prohledávání: Antimalwarový program
Parametry prohledávání: Rychlé prohledávání
Uživatel: NT AUTHORITY\SYSTEM

Date: 2021-03-18 08:34:58
Description:
Prohledávání Antivirová ochrana v programu Microsoft Defender bylo zastaveno před dokončením.
ID prohledávání: {6C9C6730-8D49-48C1-B264-14E67782E61C}
Typ prohledávání: Antimalwarový program
Parametry prohledávání: Rychlé prohledávání
Uživatel: NT AUTHORITY\SYSTEM

Date: 2021-03-16 11:00:31
Description:
Prohledávání Antivirová ochrana v programu Microsoft Defender bylo zastaveno před dokončením.
ID prohledávání: {15BFF735-33D9-451E-96D1-6F5CA1C5A48A}
Typ prohledávání: Antimalwarový program
Parametry prohledávání: Rychlé prohledávání
Uživatel: NT AUTHORITY\SYSTEM

Date: 2021-03-04 13:39:27
Description:
Prohledávání Antivirová ochrana v programu Microsoft Defender bylo zastaveno před dokončením.
ID prohledávání: {08698209-3B84-4835-9CED-0A5EC3CF238B}
Typ prohledávání: Antimalwarový program
Parametry prohledávání: Rychlé prohledávání
Uživatel: NT AUTHORITY\SYSTEM

Date: 2021-03-11 18:18:54
Description:
Antivirová ochrana v programu Microsoft Defender narazil na chybu při pokusu o aktualizaci bezpečnostních informací.
Nová verze bezpečnostních informací:
Předchozí verze bezpečnostních informací: 1.331.2604.0
Zdroj aktualizace: Server Microsoft Update
Typ bezpečnostních informací: Antivirový program
Typ aktualizace: Úplné
Uživatel: NT AUTHORITY\SYSTEM
Aktuální verze modulu:
Předchozí verze modulu: 1.1.17800.5
Kód chyby: 0x8024402c
Popis chyby: Při zjišťování aktualizací došlo k neočekávaným potížím. Informace o instalaci nebo řešení potíží s aktualizacemi naleznete v nápovědě a podpoře.

==================== Memory info ===========================

BIOS: AMI F.42 11/15/2019
Motherboard: HP 8615
Processor: AMD Ryzen 5 3500U with Radeon Vega Mobile Gfx
Percentage of memory in use: 40%
Total physical RAM: 14249.66 MB
Available physical RAM: 8538 MB
Total Virtual: 16425.66 MB
Available Virtual: 9544.61 MB

==================== Drives ================================

Drive c: (Windows) (Fixed) (Total:476.16 GB) (Free:362.83 GB) NTFS

\\?\Volume{1cec3ff9-ee60-48e9-a4db-4a6795441cd2}\ () (Fixed) (Total:0.5 GB) (Free:0.05 GB) NTFS
\\?\Volume{c65a7696-9a9a-4615-94be-556234069da9}\ (SYSTEM) (Fixed) (Total:0.25 GB) (Free:0.19 GB) FAT32

==================== MBR & Partition Table ====================

==========================================================
Disk: 0 (Size: 476.9 GB) (Disk ID: FFBB5D6D)

Partition: GPT.

==================== End of Addition.txt =======================

Uživatelský avatar
Rudy
Site Admin
Site Admin
Příspěvky: 118197
Registrován: 30 říj 2003 13:42
Bydliště: Plzeň
Kontaktovat uživatele:

Re: kontrola logu

#2 Příspěvek od Rudy »

Zdravím!
Spusťte tuto utilitu:
Ulozte na plochu AdwCleaner https://malwarebytes.com/adwcleaner/ nebo http://www.bleepingcomputer.com/download/adwcleaner/

ukoncete vsechny programy
odsouhlaste licencni podmiky (EULA) klikem na Souhlasim
kliknete pravym na ikonu AdwCleaneru a vyberte Spustit jako spravce (v pripade Win XP spustte obycejne dvojklikem)
kliknete na Skenovat nyni (Scan now), pote na Cisteni a opravy (Clean and Repair)
po restartu na Vas vyskoci log (pripadne jej najdete v C:\AdwCleaner\Logs\AdwCleaner[Cxx].txt), jehoz obsah zkopirujte do pristi odpovedi
Dotazy a logy vkládejte pouze do vašich threadů. Soukromé zprávy, icq a e-maily neslouží k řešení vašich problémů.

Podpořte, prosím, naše fórum : https://platba.viry.cz/payment/.

Navštivte: Obrázek

e-mail: rudy(zavináč)forum.viry.cz

Varování:
Před odvirováním PC si udělejte zálohy svých důležitých dat (pošta, kontakty, dokumenty, fotografie, videa, hudba apod.). Virus mimo svých "viditelných" aktivit může poškodit systém!


Po dořešení vašeho problému bude vlákno zamknuto. Stejně tak tehdy, pokud bude nečinné více než 14dnů. Pokud budete chtít vlákno aktivovat, napište mi na mail uvedený výše.

jindo
Návštěvník
Návštěvník
Příspěvky: 2
Registrován: 22 bře 2021 09:41

Re: kontrola logu

#3 Příspěvek od jindo »

# -------------------------------
# Malwarebytes AdwCleaner 8.1.0.0
# -------------------------------
# Build: 02-15-2021
# Database: 2021-03-09.1 (Cloud)
# Support: https://www.malwarebytes.com/support
#
# -------------------------------
# Mode: Scan
# -------------------------------
# Start: 03-22-2021
# Duration: 00:00:07
# OS: Windows 10 Home
# Scanned: 4755
# Detected: 17


***** [ Services ] *****

No malicious services found.

***** [ Folders ] *****

No malicious folders found.

***** [ Files ] *****

No malicious files found.

***** [ DLL ] *****

No malicious DLLs found.

***** [ WMI ] *****

No malicious WMI found.

***** [ Shortcuts ] *****

No malicious shortcuts found.

***** [ Tasks ] *****

No malicious tasks found.

***** [ Registry ] *****

No malicious registry entries found.

***** [ Chromium (and derivatives) ] *****

No malicious Chromium entries found.

***** [ Chromium URLs ] *****

No malicious Chromium URLs found.

***** [ Firefox (and derivatives) ] *****

No malicious Firefox entries found.

***** [ Firefox URLs ] *****

No malicious Firefox URLs found.

***** [ Hosts File Entries ] *****

No malicious hosts file entries found.

***** [ Preinstalled Software ] *****

Preinstalled.HPAudioSwitch Folder C:\Program Files (x86)\HP\HPAUDIOSWITCH
Preinstalled.HPAudioSwitch Registry HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tasks\{1223D26C-2129-4771-B3BB-151E78712104}
Preinstalled.HPAudioSwitch Registry HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tree\HPAudioSwitch
Preinstalled.HPAudioSwitch Task C:\Windows\System32\Tasks\HPAUDIOSWITCH
Preinstalled.HPCleanFLC Registry HKCU\Software\Microsoft\Windows\CurrentVersion\Run|HPSEU_Host_Launcher
Preinstalled.HPRegistrationService Folder C:\ProgramData\HP\HP REGISTRATION SERVICE
Preinstalled.HPSupportAssistant Folder C:\HP\SUPPORT
Preinstalled.HPSupportAssistant Folder C:\ProgramData\HEWLETT-PACKARD\HP SUPPORT FRAMEWORK
Preinstalled.HPSupportAssistant Folder C:\Users\Eva\AppData\Roaming\HEWLETT-PACKARD\HP SUPPORT FRAMEWORK
Preinstalled.HPSupportAssistant Registry HKLM\Software\Classes\CLSID\{E76FD755-C1BA-4DCB-9F13-99BD91223ADE}
Preinstalled.HPSupportAssistant Registry HKLM\Software\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{E76FD755-C1BA-4DCB-9F13-99BD91223ADE}
Preinstalled.HPSupportAssistant Registry HKLM\Software\Wow6432Node\\Classes\CLSID\{E76FD755-C1BA-4DCB-9F13-99BD91223ADE}
Preinstalled.HPSupportAssistant Registry HKLM\Software\Wow6432Node\\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{E76FD755-C1BA-4DCB-9F13-99BD91223ADE}
Preinstalled.HPSureConnect Folder C:\Program Files\HPCOMMRECOVERY
Preinstalled.HPSureConnect Registry HKLM\Software\Wow6432Node\\Microsoft\Windows\CurrentVersion\Uninstall\{6468C4A5-E47E-405F-B675-A70A70983EA6}
Preinstalled.HPTouchpointAnalyticsClient Folder C:\ProgramData\HP\HP TOUCHPOINT ANALYTICS CLIENT
Preinstalled.HPTouchpointAnalyticsClient Registry HKLM\Software\Microsoft\Windows\CurrentVersion\Uninstall\{E5FB98E0-0784-44F0-8CEC-95CD4690C43F}



########## EOF - C:\AdwCleaner\Logs\AdwCleaner[S00].txt ##########

Uživatelský avatar
Rudy
Site Admin
Site Admin
Příspěvky: 118197
Registrován: 30 říj 2003 13:42
Bydliště: Plzeň
Kontaktovat uživatele:

Re: kontrola logu

#4 Příspěvek od Rudy »

Preinstaled mazat nemusíte, jsou to instalované neškodné utility od HP. Otevřte poznámkový blok a zkopírujte do něj:
Start

CloseProcesses:
Task: {5634236A-CAA8-48AF-A8E7-7B487639008B} - System32\Tasks\GoogleUpdateTaskMachineCore => C:\Program Files (x86)\Google\Update\GoogleUpdate.exe [154920 2020-02-21] (Google Inc -> Google LLC)
Task: {CAB97132-E8A8-48CD-B5FC-2D5C425800E5} - System32\Tasks\GoogleUpdateTaskMachineUA => C:\Program Files (x86)\Google\Update\GoogleUpdate.exe [154920 2020-02-21] (Google Inc -> Google LLC)
C:\DumpStack.log.tmp
C:\Users\Eva\AppData\Local\DCBC2A71-70D8-4DAN-EHR8-E0D61DEA3FDF.ini
FirewallRules: [{AFA4320E-F980-4097-93CB-83B0CD32240B}] => (Allow) C:\Users\Eva\AppData\Roaming\Zoom\bin\airhost.exe => No File

EmptyTemp:
End
Uložte do C:\Users\Eva\Downloads jako fixlist.txt. Spusťte znovu FRST a klikněte na >Fix<. Po skončení akce se objeví log, který sem zkopírujte.
Dotazy a logy vkládejte pouze do vašich threadů. Soukromé zprávy, icq a e-maily neslouží k řešení vašich problémů.

Podpořte, prosím, naše fórum : https://platba.viry.cz/payment/.

Navštivte: Obrázek

e-mail: rudy(zavináč)forum.viry.cz

Varování:
Před odvirováním PC si udělejte zálohy svých důležitých dat (pošta, kontakty, dokumenty, fotografie, videa, hudba apod.). Virus mimo svých "viditelných" aktivit může poškodit systém!


Po dořešení vašeho problému bude vlákno zamknuto. Stejně tak tehdy, pokud bude nečinné více než 14dnů. Pokud budete chtít vlákno aktivovat, napište mi na mail uvedený výše.

Odpovědět