Odvirování PC, zrychlení počítače, vzdálená pomoc prostřednictvím služby neslape.cz

PUADlManager:Win32/Seznam

Máte problém s virem? Vložte sem log z FRST nebo RSIT.

Moderátor: Moderátoři

Pravidla fóra
Pokud chcete pomoc, vložte log z FRST [návod zde] nebo RSIT [návod zde]

Jednotlivé thready budou po vyřešení uzamčeny. Stejně tak ty, které budou nečinné déle než 14 dní. Vizte Pravidlo o zamykání témat. Děkujeme za pochopení.

!NOVINKA!
Nově lze využívat služby vzdálené pomoci, kdy se k vašemu počítači připojí odborník a bližší informace o problému si od vás získá telefonicky! Více na www.neslape.cz
Odpovědět
Zpráva
Autor
vlastas
3. Stupeň Varování
Příspěvky: 66
Registrován: 22 pro 2010 13:16

PUADlManager:Win32/Seznam

#1 Příspěvek od vlastas »

Dobrý den Defender mi píše: Nalezené hrozby "PUADlManager:Win32/Seznam". Prosím o kontrolu logu. Děkuji.

Additional scan result of Farbar Recovery Scan Tool (x64) Version: 18-11-2022
Ran by vlast (25-11-2022 19:01:37)
Running from C:\Users\vlast\Desktop
Microsoft Windows 10 Pro Version 22H2 19045.2311 (X64) (2021-07-05 06:31:39)
Boot Mode: Normal
==========================================================


==================== Accounts: =============================


(If an entry is included in the fixlist, it will be removed.)

Administrator (S-1-5-21-4132436051-199185681-1240583427-500 - Administrator - Disabled)
DefaultAccount (S-1-5-21-4132436051-199185681-1240583427-503 - Limited - Disabled)
Guest (S-1-5-21-4132436051-199185681-1240583427-501 - Limited - Disabled) => C:\Users\Guest
vlast (S-1-5-21-4132436051-199185681-1240583427-1001 - Administrator - Enabled) => C:\Users\vlast
WDAGUtilityAccount (S-1-5-21-4132436051-199185681-1240583427-504 - Limited - Disabled)

==================== Security Center ========================

(If an entry is included in the fixlist, it will be removed.)

AV: Windows Defender (Enabled - Up to date) {D68DDC3A-831F-4fae-9E44-DA132C1ACF46}

==================== Installed Programs ======================

(Only the adware programs with "Hidden" flag could be added to the fixlist to unhide them. The adware programs should be uninstalled manually.)

Adobe Acrobat (64-bit) (HKLM\...\{AC76BA86-1029-1033-7760-BC15014EA700}) (Version: 22.003.20282 - Adobe)
Adobe Refresh Manager (HKLM-x32\...\{AC76BA86-0804-1033-1959-018244601032}) (Version: 1.8.0 - Adobe Systems Incorporated) Hidden
Audacity 2.3.3 (HKLM-x32\...\Audacity_is1) (Version: 2.3.3 - Audacity Team)
Bandicam (HKLM-x32\...\Bandicam) (Version: 5.1.1.1837 - Bandicam.com)
Bandicam MPEG-1 Decoder (HKLM-x32\...\BandiMPEG1) (Version: - Bandicam.com)
EncSpot Pro 2.1 beta 1 (HKLM-x32\...\EncSpot Professional_is1) (Version: - GuerillaSoft)
Google Chrome (HKLM-x32\...\Google Chrome) (Version: 107.0.5304.108 - Google LLC)
HP Deskjet 3540 series Nápověda (HKLM-x32\...\{13EFEB9B-FB50-40C6-9F18-C3F38AAE81D1}) (Version: 30.0.0 - Hewlett Packard)
Intel(R) Computing Improvement Program (HKLM\...\{D17293BC-1678-4281-B94E-DBCF66AE7611}) (Version: 2.4.08919 - Intel Corporation)
Intel(R) SUR QC Software Asset Manager (HKLM\...\{B3804557-9824-4918-AA88-0DFAC94CD3B5}) (Version: 3.5.5033 - Intel Corporation) Hidden
MediaInfo 21.09 (HKLM\...\MediaInfo) (Version: 21.09 - MediaArea.net)
Microsoft Edge (HKLM-x32\...\Microsoft Edge) (Version: 107.0.1418.56 - Microsoft Corporation)
Microsoft Edge WebView2 Runtime (HKLM-x32\...\Microsoft EdgeWebView) (Version: 107.0.1418.56 - Microsoft Corporation)
Microsoft Office Professional 2019 - cs-cz (HKLM\...\Professional2019Retail - cs-cz) (Version: 16.0.15726.20202 - Microsoft Corporation)
Microsoft OneDrive (HKU\S-1-5-21-4132436051-199185681-1240583427-1001\...\OneDriveSetup.exe) (Version: 22.227.1030.0001 - Microsoft Corporation)
Microsoft Update Health Tools (HKLM\...\{80F1AF52-7AC0-42A3-9AF0-689BFB271D1D}) (Version: 3.68.0.0 - Microsoft Corporation)
Microsoft Visual C++ 2015 Redistributable (x86) - 14.0.24215 (HKLM-x32\...\{e2803110-78b3-4664-a479-3611a381656a}) (Version: 14.0.24215.1 - Microsoft Corporation)
Microsoft Visual C++ 2015 x86 Additional Runtime - 14.0.24215 (HKLM-x32\...\{69BCE4AC-9572-3271-A2FB-9423BDA36A43}) (Version: 14.0.24215 - Microsoft Corporation) Hidden
Microsoft Visual C++ 2015 x86 Minimum Runtime - 14.0.24215 (HKLM-x32\...\{BBF2AC74-720C-3CB3-8291-5E34039232FA}) (Version: 14.0.24215 - Microsoft Corporation) Hidden
Mp3tag v3.18 (HKLM\...\Mp3tag) (Version: 3.18 - Florian Heidenreich)
MSVCRT Redists (HKLM\...\{E83D6FA1-B27C-11E9-B0DB-A5146957F833}) (Version: 1.0 - MAGIX Computer Products Intl. Co.) Hidden
NVIDIA Ovladač 3D Vision 391.35 (HKLM\...\{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_Display.3DVision) (Version: 391.35 - NVIDIA Corporation)
NVIDIA Ovladač HD audia 1.3.36.6 (HKLM\...\{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_HDAudio.Driver) (Version: 1.3.36.6 - NVIDIA Corporation)
NVIDIA Ovladače grafiky 391.35 (HKLM\...\{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_Display.Driver) (Version: 391.35 - NVIDIA Corporation)
NVIDIA Stereoscopic 3D Driver (HKLM-x32\...\NVIDIAStereo) (Version: 7.17.13.7500 - NVIDIA Corporation) Hidden
Office 16 Click-to-Run Extensibility Component (HKLM-x32\...\{90160000-008C-0000-0000-0000000FF1CE}) (Version: 16.0.15726.20202 - Microsoft Corporation) Hidden
Office 16 Click-to-Run Extensibility Component 64-bit Registration (HKLM\...\{90160000-00DD-0000-1000-0000000FF1CE}) (Version: 16.0.15726.20202 - Microsoft Corporation) Hidden
Office 16 Click-to-Run Licensing Component (HKLM\...\{90160000-008F-0000-1000-0000000FF1CE}) (Version: 16.0.15726.20202 - Microsoft Corporation) Hidden
Office 16 Click-to-Run Localization Component (HKLM-x32\...\{90160000-008C-0405-0000-0000000FF1CE}) (Version: 16.0.14131.20278 - Microsoft Corporation) Hidden
TotalCMD by Marek410 (HKLM-x32\...\TotalCMD by Marek410) (Version: - )
VEGAS Pro 17.0 (HKLM\...\{E649B5F0-B27C-11E9-B856-A5146957F833}) (Version: 17.0.284 - VEGAS)
VLC media player (HKLM\...\VLC media player) (Version: 3.0.16 - VideoLAN)
Vulkan Run Time Libraries 1.0.65.1 (HKLM\...\VulkanRT1.0.65.1) (Version: 1.0.65.1 - LunarG, Inc.) Hidden
WinRAR 6.00 (64-bit) (HKLM\...\WinRAR archiver) (Version: 6.00.0 - win.rar GmbH)
Základní software zařízení HP Deskjet 3540 series (HKLM\...\{4CCA7410-4D72-4720-87C2-DBB75486E991}) (Version: 32.2.188.47710 - Hewlett-Packard Co.)
Zoner Photo Studio X CS (HKU\S-1-5-21-4132436051-199185681-1240583427-1001\...\ZPS X) (Version: 19.2209.2.409 - ZONER a.s.)
ZPS 19 CZ (HKU\S-1-5-21-4132436051-199185681-1240583427-1001\...\{E83AA227-7862-F115-2E87-46DCA9E3D879}) (Version: v.19.2004.2.262 - 18.08.2020 - libbi)

Packages:
=========
Doplněk multimediálního modulu pro aplikaci Fotografie -> C:\Program Files\WindowsApps\Microsoft.Photos.MediaEngineDLC_1.0.0.0_x64__8wekyb3d8bbwe [2021-08-09] (Microsoft Corporation)
Doplněk pro Fotky -> C:\Program Files\WindowsApps\Microsoft.Windows.Photos.DLC.Main_2021.39122.10110.0_x64__8wekyb3d8bbwe [2022-04-11] (Microsoft Corporation)
Microsoft To Do -> C:\Program Files\WindowsApps\Microsoft.Todos_2.83.53132.0_x64__8wekyb3d8bbwe [2022-11-18] (Microsoft Corporation) [Startup Task]
Microsoft Whiteboard -> C:\Program Files\WindowsApps\Microsoft.Whiteboard_52.11010.438.0_x64__8wekyb3d8bbwe [2022-10-15] (Microsoft Corporation)
Picsart - Photo Studio -> C:\Program Files\WindowsApps\2FE3CB00.PICSART-PHOTOSTUDIO_10.3.1.0_x64__crhqpqs3x1ygc [2022-11-18] (PicsArt Inc.)
TikTok -> C:\Program Files\WindowsApps\BytedancePte.Ltd.TikTok_1.0.5.0_neutral__6yccndn6064se [2022-11-21] (Bytedance Pte. Ltd.)

==================== Custom CLSID (Whitelisted): ==============

(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)

ContextMenuHandlers1: [Mp3tagShell] -> {6351E20C-35FA-4BE3-98FB-4CABF1363E12} => C:\Program Files\Mp3tag\Mp3tagShell64.dll [2022-09-29] (Florian Heidenreich -> Florian Heidenreich)
ContextMenuHandlers1: [WinRAR] -> {B41DB860-64E4-11D2-9906-E49FADC173CA} => C:\Program Files\WinRAR\rarext.dll [2020-12-01] (win.rar GmbH -> Alexander Roshal)
ContextMenuHandlers1-x32: [WinRAR32] -> {B41DB860-8EE4-11D2-9906-E49FADC173CA} => C:\Program Files\WinRAR\rarext32.dll [2020-12-01] (win.rar GmbH -> Alexander Roshal)
ContextMenuHandlers2: [Mp3tagShell] -> {6351E20C-35FA-4BE3-98FB-4CABF1363E12} => C:\Program Files\Mp3tag\Mp3tagShell64.dll [2022-09-29] (Florian Heidenreich -> Florian Heidenreich)
ContextMenuHandlers4: [Mp3tagShell] -> {6351E20C-35FA-4BE3-98FB-4CABF1363E12} => C:\Program Files\Mp3tag\Mp3tagShell64.dll [2022-09-29] (Florian Heidenreich -> Florian Heidenreich)
ContextMenuHandlers5: [NvCplDesktopContext] -> {3D1975AF-48C6-4f8e-A182-BE0E08FA86A9} => C:\Windows\system32\nvshext.dll [2018-03-24] (NVIDIA Corporation -> NVIDIA Corporation)
ContextMenuHandlers6: [WinRAR] -> {B41DB860-64E4-11D2-9906-E49FADC173CA} => C:\Program Files\WinRAR\rarext.dll [2020-12-01] (win.rar GmbH -> Alexander Roshal)
ContextMenuHandlers6-x32: [WinRAR32] -> {B41DB860-8EE4-11D2-9906-E49FADC173CA} => C:\Program Files\WinRAR\rarext32.dll [2020-12-01] (win.rar GmbH -> Alexander Roshal)

==================== Codecs (Whitelisted) ====================

(If an entry is included in the fixlist, the registry item will be restored to default or removed. The file will not be moved.)

HKLM\...\Drivers32: [vidc.mjpg] => C:\Windows\system32\bdmjpeg64.dll [75248 2017-01-26] (Bandicam Company -> )
HKLM\...\Drivers32: [vidc.mpeg] => C:\Windows\system32\bdmpegv64.dll [75272 2017-01-26] (Bandicam Company -> )
HKLM\...\Drivers32: [msacm.bdmpeg] => C:\Windows\system32\bdmpega64.acm [75784 2017-01-26] (Bandicam Company -> )
HKLM\...\Drivers32: [vidc.mjpg] => C:\Windows\SysWOW64\bdmjpeg.dll [71152 2017-01-26] (Bandicam Company -> )
HKLM\...\Drivers32: [vidc.mpeg] => C:\Windows\SysWOW64\bdmpegv.dll [71176 2017-01-26] (Bandicam Company -> )
HKLM\...\Drivers32: [msacm.bdmpeg] => C:\Windows\SysWOW64\bdmpega.acm [71176 2017-01-26] (Bandicam Company -> )

==================== Shortcuts & WMI ========================

(The entries could be listed to be restored or removed.)

ShortcutWithArgument: C:\Users\vlast\AppData\Roaming\Microsoft\Internet Explorer\Quick Launch\User Pinned\ImplicitAppShortcuts\54e4c98ff3d2e220\Bitwarden – Bezplatný správce hesel.lnk -> C:\Program Files\Google\Chrome\Application\chrome_proxy.exe (Google LLC) -> --profile-directory=Default --app-id=nngceckbapebfimnlniiiahkandclblb
ShortcutWithArgument: C:\Users\vlast\AppData\Roaming\Microsoft\Internet Explorer\Quick Launch\User Pinned\ImplicitAppShortcuts\48499db33039e897\Google Chrome.lnk -> C:\Program Files\Google\Chrome\Application\chrome.exe (Google LLC) -> --profile-directory="Profile 4"

==================== Loaded Modules (Whitelisted) =============

2021-07-05 09:03 - 2021-07-05 09:03 - 000000000 ____L (Microsoft Corporation) [simlink -> C:\Program Files\Common Files\Microsoft Shared\ClickToRun\AppvIsvSubsystems32.dll] C:\Program Files (x86)\Microsoft Office\Root\Office16\AppVIsvSubsystems32.dll
2021-07-05 09:03 - 2021-07-05 09:03 - 000000000 ____L (Microsoft Corporation) [simlink -> C:\Program Files\Common Files\Microsoft Shared\ClickToRun\C2R32.dll] C:\Program Files (x86)\Microsoft Office\Root\Office16\c2r32.dll
2021-09-09 20:19 - 2018-03-24 00:05 - 000880024 _____ (NVIDIA Corporation PE Sign v2016 -> NVIDIA Corporation) [File not signed] C:\Program Files (x86)\NVIDIA Corporation\3D Vision\nvSCPAPI64.dll
2021-09-09 20:19 - 2018-03-24 00:05 - 000343728 _____ (NVIDIA Corporation PE Sign v2016 -> NVIDIA Corporation) [File not signed] C:\Program Files\NVIDIA Corporation\Display.NvContainer\plugins\LocalSystem\NvStereo\_nvstapisvr64.dll
2022-05-05 16:44 - 2022-05-05 16:44 - 002122240 _____ (SQLite Development Team) [File not signed] C:\Program Files\Intel\SUR\QUEENCREEK\x64\sqlite3.dll

==================== Alternate Data Streams (Whitelisted) ========

==================== Safe Mode (Whitelisted) ==================

==================== Association (Whitelisted) =================

==================== Internet Explorer (Whitelisted) ==========

BHO: Skype for Business Browser Helper -> {31D09BA0-12F5-4CCE-BE8A-2923E76605DA} -> C:\Program Files (x86)\Microsoft Office\root\VFS\ProgramFilesX64\Microsoft Office\Office16\OCHelper.dll [2022-11-01] (Microsoft Corporation -> Microsoft Corporation)
Handler-x32: mso-minsb-roaming.16 - {83C25742-A9F7-49FB-9138-434302C88D07} - C:\Program Files (x86)\Microsoft Office\root\Office16\MSOSB.DLL [2022-11-01] (Microsoft Corporation -> Microsoft Corporation)
Handler-x32: mso-minsb.16 - {42089D2D-912D-4018-9087-2B87803E93FB} - C:\Program Files (x86)\Microsoft Office\root\Office16\MSOSB.DLL [2022-11-01] (Microsoft Corporation -> Microsoft Corporation)
Handler-x32: osf-roaming.16 - {42089D2D-912D-4018-9087-2B87803E93FB} - C:\Program Files (x86)\Microsoft Office\root\Office16\MSOSB.DLL [2022-11-01] (Microsoft Corporation -> Microsoft Corporation)
Handler-x32: osf.16 - {5504BE45-A83B-4808-900A-3A5C36E7F77A} - C:\Program Files (x86)\Microsoft Office\root\Office16\MSOSB.DLL [2022-11-01] (Microsoft Corporation -> Microsoft Corporation)

==================== Hosts content: =========================

(If needed Hosts: directive could be included in the fixlist to reset Hosts.)

2019-12-07 10:14 - 2022-08-14 08:56 - 000000857 _____ C:\Windows\system32\drivers\etc\hosts

==================== Other Areas ===========================

(Currently there is no automatic fix for this section.)

HKU\S-1-5-21-4132436051-199185681-1240583427-1001\Control Panel\Desktop\\Wallpaper -> C:\Users\vlast\AppData\Local\Microsoft\Windows\Themes\RoamedThemeFiles\DesktopBackground\img13.jpg
HKU\S-1-5-21-4132436051-199185681-1240583427-501\Control Panel\Desktop\\Wallpaper -> C:\Windows\web\wallpaper\Windows\img0.jpg
DNS Servers: 192.168.0.1
HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Policies\System => (ConsentPromptBehaviorAdmin: 5) (ConsentPromptBehaviorUser: 3) (EnableLUA: 1)
HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer => (SmartScreenEnabled: )
Windows Firewall is enabled.

==================== MSCONFIG/TASK MANAGER disabled items ==

(If an entry is included in the fixlist, it will be removed.)

HKU\S-1-5-21-4132436051-199185681-1240583427-1001\...\StartupApproved\Run: => "MicrosoftEdgeAutoLaunch_F993743CA8AD919610DC032EB5C17547"

==================== FirewallRules (Whitelisted) ================

(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)

FirewallRules: [{AAF00C42-05DF-4E93-8F5B-D88BC09AC0F0}] => (Allow) C:\Program Files\HP\HP Deskjet 3540 series\Bin\DeviceSetup.exe (Hewlett Packard -> Hewlett-Packard Co.)
FirewallRules: [{13E3E7C3-5A53-4205-80EB-6572D8BE3A33}] => (Allow) LPort=5357
FirewallRules: [{6C862557-ACE6-4245-8886-E23A04A90789}] => (Allow) C:\Program Files\HP\HP Deskjet 3540 series\Bin\HPNetworkCommunicatorCom.exe (Hewlett Packard -> Hewlett-Packard Co.)
FirewallRules: [{F39A30DB-9133-4D50-8140-07300CCEEC46}] => (Allow) C:\Program Files (x86)\Microsoft Office\root\Office16\outlook.exe (Microsoft Corporation -> Microsoft Corporation)
FirewallRules: [{51BB713F-40A7-4C90-84FE-8B1644CFA4FF}] => (Block) C:\Program Files\Intel\SUR\QUEENCREEK\x64\esrv_svc.exe (Intel Corporation -> )
FirewallRules: [{C8A7308C-A92F-4495-A709-87883757C288}] => (Block) C:\Program Files\Intel\SUR\QUEENCREEK\x64\esrv_svc.exe (Intel Corporation -> )
FirewallRules: [{FE9000FC-C50B-4953-8F68-F35411A8FF36}] => (Allow) C:\Program Files\Intel\SUR\QUEENCREEK\x64\esrv_svc.exe (Intel Corporation -> )
FirewallRules: [{4D62946D-2931-4FD6-B616-86C17C5C75B1}] => (Allow) C:\Program Files\Intel\SUR\QUEENCREEK\x64\esrv_svc.exe (Intel Corporation -> )
FirewallRules: [{B195AEFB-9868-4DEE-9DD3-F9592FB37DD0}] => (Allow) C:\Users\vlast\AppData\Local\Temp\7zS62EB\HP.EasyStart.exe => No File
FirewallRules: [TCP Query User{C7DC3151-3BE8-4EE9-80BA-EB4D2BACA34C}C:\users\vlast\appdata\local\temp\7zs7367\enterprisedu.exe] => (Allow) C:\users\vlast\appdata\local\temp\7zs7367\enterprisedu.exe (Hewlett Packard -> Hewlett-Packard Development Company, LP)
FirewallRules: [UDP Query User{4FB08075-5759-47D0-9381-386064107736}C:\users\vlast\appdata\local\temp\7zs7367\enterprisedu.exe] => (Allow) C:\users\vlast\appdata\local\temp\7zs7367\enterprisedu.exe (Hewlett Packard -> Hewlett-Packard Development Company, LP)
FirewallRules: [{A1A73A92-2EA7-4CF0-A695-B9918312E9E4}] => (Block) C:\users\vlast\appdata\local\temp\7zs7367\enterprisedu.exe (Hewlett Packard -> Hewlett-Packard Development Company, LP)
FirewallRules: [{3877FC35-0F3D-4245-A24C-944E0C4109A9}] => (Block) C:\users\vlast\appdata\local\temp\7zs7367\enterprisedu.exe (Hewlett Packard -> Hewlett-Packard Development Company, LP)
FirewallRules: [TCP Query User{936F4FD6-CF56-4200-9804-8660B3762FC4}C:\users\vlast\appdata\local\temp\7zs7cf6\enterprisedu.exe] => (Allow) C:\users\vlast\appdata\local\temp\7zs7cf6\enterprisedu.exe (Hewlett Packard -> Hewlett-Packard Development Company, LP)
FirewallRules: [UDP Query User{436BBB6F-2A4E-4DA0-AAC9-373D7EA460BF}C:\users\vlast\appdata\local\temp\7zs7cf6\enterprisedu.exe] => (Allow) C:\users\vlast\appdata\local\temp\7zs7cf6\enterprisedu.exe (Hewlett Packard -> Hewlett-Packard Development Company, LP)
FirewallRules: [{FC0DC141-E686-4EB8-AFD0-B988A1A6415E}] => (Allow) C:\HP\Diagnostics\PSDR\HPDiagnosticCoreUI.exe (HP Inc. -> HP Development Company, L.P.)
FirewallRules: [{42A281F3-E661-4D77-9AAF-DA78E683C843}] => (Allow) C:\HP\Diagnostics\PSDR\HPDiagnosticCoreUI.exe (HP Inc. -> HP Development Company, L.P.)
FirewallRules: [TCP Query User{D2C236B5-52E5-40E1-80F5-017CA5EC004F}C:\program files\videolan\vlc\vlc.exe] => (Block) C:\program files\videolan\vlc\vlc.exe (VideoLAN -> VideoLAN)
FirewallRules: [UDP Query User{45A2A6C8-DB5A-429D-BEDF-BB71F98BBACE}C:\program files\videolan\vlc\vlc.exe] => (Block) C:\program files\videolan\vlc\vlc.exe (VideoLAN -> VideoLAN)
FirewallRules: [{17A0ED35-D6BF-4645-83E8-699D35AB0F92}] => (Allow) C:\Program Files\WindowsApps\Microsoft.SkypeApp_15.90.3407.0_x86__kzf8qxf38zg5c\Skype\Skype.exe (Skype Software Sarl -> Skype Technologies S.A.)
FirewallRules: [{3BC880B1-4F5F-49D0-9809-7B3BE8AC7A3C}] => (Allow) C:\Program Files\WindowsApps\Microsoft.SkypeApp_15.90.3407.0_x86__kzf8qxf38zg5c\Skype\Skype.exe (Skype Software Sarl -> Skype Technologies S.A.)
FirewallRules: [{3E5B12A6-80D1-4B0A-AFFB-20F2FAD2ACCA}] => (Allow) C:\Program Files\WindowsApps\Microsoft.SkypeApp_15.90.3407.0_x86__kzf8qxf38zg5c\Skype\Skype.exe (Skype Software Sarl -> Skype Technologies S.A.)
FirewallRules: [{C417A53C-C351-4D3D-B1F2-11C66CCD1EC8}] => (Allow) C:\Program Files\WindowsApps\Microsoft.SkypeApp_15.90.3407.0_x86__kzf8qxf38zg5c\Skype\Skype.exe (Skype Software Sarl -> Skype Technologies S.A.)
FirewallRules: [{D791F00E-33B9-4450-878A-0B7D448058A0}] => (Allow) C:\Program Files (x86)\Microsoft\EdgeWebView\Application\107.0.1418.56\msedgewebview2.exe (Microsoft Corporation -> Microsoft Corporation)
FirewallRules: [{21133BEE-6304-4EEF-9403-9CE183D06A6E}] => (Allow) C:\Program Files\Google\Chrome\Application\chrome.exe (Google LLC -> Google LLC)

==================== Restore Points =========================

18-11-2022 13:57:30 Instalační služba modulů systému Windows
24-11-2022 15:27:25 Removed Kontrola stavu osobního počítače s Windows

==================== Faulty Device Manager Devices ============


==================== Event log errors: ========================

Application errors:
==================
Error: (11/25/2022 03:24:23 PM) (Source: Microsoft-Windows-PerfNet) (EventID: 2004) (User: MOJEPC)
Description: Nelze otevřít objekt výkonu služby serveru. Vrácený kód stavu představují první čtyři bajty (DWORD) datové části.

Error: (11/24/2022 12:25:57 PM) (Source: Microsoft-Windows-Defrag) (EventID: 264) (User: )
Description: Optimalizátor úložiště nemohl dokončit opakovat operaci trim na Data (D:), protože: Požadovaná operace není podporována hardwarem, který zálohuje svazek. (0x8900002A)

Error: (11/24/2022 12:25:28 PM) (Source: Microsoft-Windows-Defrag) (EventID: 264) (User: )
Description: Optimalizátor úložiště nemohl dokončit opakovat operaci trim na \\?\Volume{2bf59d76-0000-0000-0000-100000000000}\, protože: Požadovaná operace není podporována hardwarem, který zálohuje svazek. (0x8900002A)

Error: (11/23/2022 02:39:56 PM) (Source: Microsoft-Windows-Defrag) (EventID: 264) (User: )
Description: Optimalizátor úložiště nemohl dokončit opakovat operaci trim na \\?\Volume{2bf59d76-0000-0000-0000-100000000000}\, protože: Požadovaná operace není podporována hardwarem, který zálohuje svazek. (0x8900002A)

Error: (11/21/2022 12:54:23 PM) (Source: Application Error) (EventID: 1000) (User: )
Description: Název chybující aplikace: Zps.exe, verze: 19.2004.2.262, časové razítko: 0x5f3bc9ca
Název chybujícího modulu: mfc140u.dll, verze: 14.25.28508.3, časové razítko: 0x5e155774
Kód výjimky: 0xc000041d
Posun chyby: 0x00000000002935e4
ID chybujícího procesu: 0x1a28
Čas spuštění chybující aplikace: 0x01d8fd904d788f44
Cesta k chybující aplikaci: C:\Program Files\ZPS 19 CZ\Program64\Zps.exe
Cesta k chybujícímu modulu: C:\Program Files\ZPS 19 CZ\Program64\mfc140u.dll
ID zprávy: 21962bc3-8297-417a-beea-fc08fd9008c2
Úplný název chybujícího balíčku:
ID aplikace související s chybujícím balíčkem:

Error: (11/21/2022 12:54:17 PM) (Source: Application Error) (EventID: 1000) (User: )
Description: Název chybující aplikace: Zps.exe, verze: 19.2004.2.262, časové razítko: 0x5f3bc9ca
Název chybujícího modulu: mfc140u.dll, verze: 14.25.28508.3, časové razítko: 0x5e155774
Kód výjimky: 0xc0000005
Posun chyby: 0x00000000002935e4
ID chybujícího procesu: 0x1a28
Čas spuštění chybující aplikace: 0x01d8fd904d788f44
Cesta k chybující aplikaci: C:\Program Files\ZPS 19 CZ\Program64\Zps.exe
Cesta k chybujícímu modulu: C:\Program Files\ZPS 19 CZ\Program64\mfc140u.dll
ID zprávy: 103f4e10-0312-4a7a-93d4-d49857bcc1da
Úplný název chybujícího balíčku:
ID aplikace související s chybujícím balíčkem:

Error: (11/18/2022 02:42:39 PM) (Source: Microsoft-Windows-PerfNet) (EventID: 2004) (User: MOJEPC)
Description: Nelze otevřít objekt výkonu služby serveru. Vrácený kód stavu představují první čtyři bajty (DWORD) datové části.

Error: (11/16/2022 01:27:59 PM) (Source: Microsoft-Windows-Defrag) (EventID: 264) (User: )
Description: Optimalizátor úložiště nemohl dokončit opakovat operaci trim na Data (D:), protože: Požadovaná operace není podporována hardwarem, který zálohuje svazek. (0x8900002A)


System errors:
=============
Error: (11/25/2022 03:17:56 PM) (Source: Service Control Manager) (EventID: 7023) (User: )
Description: Služba User Energy Server Service queencreek byla ukončena s následující chybou:
{Nahrazení identifikátoru GUID}
Během převodu globálního identifikátoru (GUID) na ID zabezpečení Windows (SID) nebyla nalezena žádná správcem definovaná předpona GUID.
Byla použita náhradní předpona, která nepoškodí zabezpečení systému. Může tím ale dojít k většímu omezení přístupu, než bylo zamýšleno.

Error: (11/25/2022 01:26:33 PM) (Source: Service Control Manager) (EventID: 7034) (User: )
Description: Služba Energy Server Service queencreek byla neočekávaně ukončena. Tento stav nastal již 3krát.

Error: (11/24/2022 12:36:50 PM) (Source: Microsoft-Windows-WindowsUpdateClient) (EventID: 20) (User: NT AUTHORITY)
Description: Instalace se nezdařila: Instalování následující aktualizace se nezdařilo z důvodu chyby (0x80073d02): 9NMPJ99VJBWV-Microsoft.YourPhone.

Error: (11/22/2022 12:47:51 PM) (Source: Service Control Manager) (EventID: 7034) (User: )
Description: Služba Energy Server Service queencreek byla neočekávaně ukončena. Tento stav nastal již 2krát.

Error: (11/21/2022 09:54:44 AM) (Source: Service Control Manager) (EventID: 7034) (User: )
Description: Služba Energy Server Service queencreek byla neočekávaně ukončena. Tento stav nastal již 1krát.

Error: (11/18/2022 02:34:04 PM) (Source: Service Control Manager) (EventID: 7023) (User: )
Description: Služba User Energy Server Service queencreek byla ukončena s následující chybou:
{Nahrazení identifikátoru GUID}
Během převodu globálního identifikátoru (GUID) na ID zabezpečení Windows (SID) nebyla nalezena žádná správcem definovaná předpona GUID.
Byla použita náhradní předpona, která nepoškodí zabezpečení systému. Může tím ale dojít k většímu omezení přístupu, než bylo zamýšleno.

Error: (11/11/2022 03:21:26 PM) (Source: Service Control Manager) (EventID: 7023) (User: )
Description: Služba User Energy Server Service queencreek byla ukončena s následující chybou:
{Nahrazení identifikátoru GUID}
Během převodu globálního identifikátoru (GUID) na ID zabezpečení Windows (SID) nebyla nalezena žádná správcem definovaná předpona GUID.
Byla použita náhradní předpona, která nepoškodí zabezpečení systému. Může tím ale dojít k většímu omezení přístupu, než bylo zamýšleno.

Error: (11/11/2022 03:21:26 PM) (Source: Service Control Manager) (EventID: 7034) (User: )
Description: Služba Energy Server Service queencreek byla neočekávaně ukončena. Tento stav nastal již 2krát.


Windows Defender:
================
Date: 2022-11-24 14:39:56
Description:
Prohledávání Antivirová ochrana v programu Microsoft Defender bylo zastaveno před dokončením.
ID prohledávání: {EC02EAB9-138D-466E-B23A-EACCB846F254}
Typ prohledávání: Antimalwarový program
Parametry prohledávání: Rychlé prohledávání
Uživatel: NT AUTHORITY\SYSTEM

Date: 2022-11-23 14:39:44
Description:
Prohledávání Antivirová ochrana v programu Microsoft Defender bylo zastaveno před dokončením.
ID prohledávání: {672E9F40-A112-44E4-BE46-39D81AF8E01C}
Typ prohledávání: Antimalwarový program
Parametry prohledávání: Rychlé prohledávání
Uživatel: NT AUTHORITY\SYSTEM

Date: 2022-11-21 13:21:22
Description:
Prohledávání Antivirová ochrana v programu Microsoft Defender bylo zastaveno před dokončením.
ID prohledávání: {D4E795A8-2F2C-4085-BC0A-17A8FDE37078}
Typ prohledávání: Antimalwarový program
Parametry prohledávání: Rychlé prohledávání
Uživatel: NT AUTHORITY\SYSTEM

Date: 2022-11-21 11:59:56
Description:
Prohledávání Antivirová ochrana v programu Microsoft Defender bylo zastaveno před dokončením.
ID prohledávání: {08215218-6C35-4EED-920C-AEE05A5D0102}
Typ prohledávání: Antimalwarový program
Parametry prohledávání: Rychlé prohledávání
Uživatel: NT AUTHORITY\SYSTEM

Date: 2022-11-18 10:35:53
Description:
Prohledávání Antivirová ochrana v programu Microsoft Defender bylo zastaveno před dokončením.
ID prohledávání: {AE71CF18-3453-4BEB-9AA7-CA18A908796C}
Typ prohledávání: Antimalwarový program
Parametry prohledávání: Rychlé prohledávání
Uživatel: NT AUTHORITY\SYSTEM

CodeIntegrity:
===============
Date: 2022-11-21 11:56:18
Description:
Code Integrity determined that a process (\Device\HarddiskVolume2\ProgramData\Microsoft\Windows Defender\Platform\4.18.2210.6-0\MsMpEng.exe) attempted to load \Device\HarddiskVolume2\Program Files (x86)\Microsoft Office\root\vfs\ProgramFilesCommonX64\Microsoft Shared\OFFICE16\MSOXMLMF.DLL that did not meet the Custom 3 / Antimalware signing level requirements.

Date: 2022-11-06 09:54:57
Description:
Code Integrity determined that a process (\Device\HarddiskVolume2\ProgramData\Microsoft\Windows Defender\Platform\4.18.2210.5-0\MsMpEng.exe) attempted to load \Device\HarddiskVolume2\Program Files (x86)\Microsoft Office\root\vfs\ProgramFilesCommonX64\Microsoft Shared\OFFICE16\MSOXMLMF.DLL that did not meet the Custom 3 / Antimalware signing level requirements.

Date: 2022-11-03 19:14:46
Description:
Code Integrity determined that a process (\Device\HarddiskVolume2\ProgramData\Microsoft\Windows Defender\Platform\4.18.2210.4-0\MsMpEng.exe) attempted to load \Device\HarddiskVolume2\Program Files (x86)\Microsoft Office\root\vfs\ProgramFilesCommonX64\Microsoft Shared\OFFICE16\MSOXMLMF.DLL that did not meet the Custom 3 / Antimalware signing level requirements.

Date: 2022-10-22 11:58:57
Description:
Code Integrity determined that a process (\Device\HarddiskVolume2\ProgramData\Microsoft\Windows Defender\Platform\4.18.2209.7-0\MsMpEng.exe) attempted to load \Device\HarddiskVolume2\Program Files (x86)\Microsoft Office\root\vfs\ProgramFilesCommonX64\Microsoft Shared\OFFICE16\MSOXMLMF.DLL that did not meet the Custom 3 / Antimalware signing level requirements.

Date: 2022-10-11 11:45:08
Description:
Code Integrity determined that a process (\Device\HarddiskVolume2\ProgramData\Microsoft\Windows Defender\Platform\4.18.2209.4-0\MsMpEng.exe) attempted to load \Device\HarddiskVolume2\Program Files (x86)\Microsoft Office\root\vfs\ProgramFilesCommonX64\Microsoft Shared\OFFICE16\MSOXMLMF.DLL that did not meet the Custom 3 / Antimalware signing level requirements.

Date: 2022-10-09 07:57:43
Description:
Code Integrity determined that a process (\Device\HarddiskVolume2\ProgramData\Microsoft\Windows Defender\Platform\4.18.2207.7-0\MsMpEng.exe) attempted to load \Device\HarddiskVolume2\Program Files (x86)\Microsoft Office\root\vfs\ProgramFilesCommonX64\Microsoft Shared\OFFICE16\MSOXMLMF.DLL that did not meet the Custom 3 / Antimalware signing level requirements.


==================== Memory info ===========================

BIOS: Award Software International, Inc. FD 02/21/2012
Motherboard: Gigabyte Technology Co., Ltd. P67A-D3-B3
Processor: Intel(R) Core(TM) i3-2120 CPU @ 3.30GHz
Percentage of memory in use: 45%
Total physical RAM: 8175.11 MB
Available physical RAM: 4489.53 MB
Total Virtual: 9455.11 MB
Available Virtual: 5248.55 MB

==================== Drives ================================

Drive c: () (Fixed) (Total:145.44 GB) (Free:95.95 GB) (Model: ST1000DM003-9YN162 ATA Device) NTFS
Drive d: (Data) (Fixed) (Total:785.03 GB) (Free:588.9 GB) (Model: ST1000DM003-9YN162 ATA Device) NTFS

\\?\Volume{2bf59d76-0000-0000-0000-100000000000}\ () (Fixed) (Total:0.54 GB) (Free:0.1 GB) NTFS
\\?\Volume{2bf59d76-0000-0000-0000-a07e24000000}\ () (Fixed) (Total:0.51 GB) (Free:0.08 GB) NTFS

==================== MBR & Partition Table ====================

==========================================================
Disk: 0 (MBR Code: Windows 7/8/10) (Size: 931.5 GB) (Disk ID: 2BF59D76)
Partition 1: (Active) - (Size=549 MB) - (Type=07 NTFS)
Partition 2: (Not Active) - (Size=145.4 GB) - (Type=07 NTFS)
Partition 3: (Not Active) - (Size=518 MB) - (Type=27)
Partition 4: (Not Active) - (Size=785 GB) - (Type=07 NTFS)

==================== End of Addition.txt =======================

Scan result of Farbar Recovery Scan Tool (FRST) (x64) Version: 18-11-2022
Ran by vlast (administrator) on MOJEPC (Gigabyte Technology Co., Ltd. P67A-D3-B3) (25-11-2022 18:58:52)
Running from C:\Users\vlast\Desktop
Loaded Profiles: vlast
Platform: Microsoft Windows 10 Pro Version 22H2 19045.2311 (X64) Language: Čeština (Česko)
Default browser: Chrome
Boot Mode: Normal

==================== Processes (Whitelisted) =================

(If an entry is included in the fixlist, the process will be closed. The file will not be moved.)

(C:\ProgramData\Microsoft\Windows Defender\Platform\4.18.2210.6-0\MsMpEng.exe ->) (Microsoft Windows Publisher -> Microsoft Corporation) C:\ProgramData\Microsoft\Windows Defender\Platform\4.18.2210.6-0\MpCopyAccelerator.exe
(explorer.exe ->) (Google LLC -> Google LLC) C:\Program Files\Google\Chrome\Application\chrome.exe <13>
(explorer.exe ->) (Microsoft Windows -> Microsoft Corporation) C:\Windows\System32\rundll32.exe <2>
(Google LLC -> Google LLC) C:\Program Files (x86)\Google\Update\1.3.36.152\GoogleCrashHandler.exe
(Google LLC -> Google LLC) C:\Program Files (x86)\Google\Update\1.3.36.152\GoogleCrashHandler64.exe
(Google LLC -> Google LLC) C:\Program Files (x86)\Google\Update\GoogleUpdate.exe
(Intel Corporation -> ) C:\Program Files\Intel\SUR\QUEENCREEK\x64\esrv.exe
(services.exe ->) (Adobe Inc. -> Adobe Inc.) C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\armsvc.exe
(services.exe ->) (Intel Corporation -> ) C:\Program Files\Intel\SUR\QUEENCREEK\SurSvc.exe
(services.exe ->) (Intel Corporation -> ) C:\Program Files\Intel\SUR\QUEENCREEK\x64\esrv_svc.exe
(services.exe ->) (Microsoft Corporation -> Microsoft Corporation) C:\Program Files\Common Files\microsoft shared\ClickToRun\OfficeClickToRun.exe
(services.exe ->) (Microsoft Windows Publisher -> Microsoft Corporation) C:\ProgramData\Microsoft\Windows Defender\Platform\4.18.2210.6-0\MsMpEng.exe
(services.exe ->) (Microsoft Windows Publisher -> Microsoft Corporation) C:\ProgramData\Microsoft\Windows Defender\Platform\4.18.2210.6-0\NisSrv.exe
(services.exe ->) (NVIDIA Corporation -> NVIDIA Corporation) C:\Program Files\NVIDIA Corporation\Display.NvContainer\NVDisplay.Container.exe <2>
(svchost.exe ->) (Microsoft Corporation -> Microsoft Corporation) C:\Program Files (x86)\Microsoft Office\root\Office16\SDXHelper.exe
(svchost.exe ->) (Microsoft Corporation) C:\Program Files\WindowsApps\Microsoft.BingWeather_4.53.43112.0_x64__8wekyb3d8bbwe\Microsoft.Msn.Weather.exe
(svchost.exe ->) (Microsoft Corporation) C:\Program Files\WindowsApps\Microsoft.YourPhone_1.22092.214.0_x64__8wekyb3d8bbwe\PhoneExperienceHost.exe
(svchost.exe ->) (Microsoft Corporation) C:\Program Files\WindowsApps\Microsoft.ZuneMusic_10.22031.10091.0_x64__8wekyb3d8bbwe\Music.UI.exe
(svchost.exe ->) (Microsoft Windows -> Microsoft Corporation) C:\Windows\ImmersiveControlPanel\SystemSettings.exe
(svchost.exe ->) (Microsoft Windows -> Microsoft Corporation) C:\Windows\System32\dllhost.exe
(svchost.exe ->) (Microsoft Windows -> Microsoft Corporation) C:\Windows\System32\smartscreen.exe

==================== Registry (Whitelisted) ===================

(If an entry is included in the fixlist, the registry item will be restored to default or removed. The file will not be moved.)

HKU\S-1-5-21-4132436051-199185681-1240583427-1001\...\Run: [MicrosoftEdgeAutoLaunch_F993743CA8AD919610DC032EB5C17547] => "C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --no-startup-window --win-session-start /prefetch:5 [3892168 2022-11-21] (Microsoft Corporation -> Microsoft Corporation)
HKU\S-1-5-21-4132436051-199185681-1240583427-1001\Control Panel\Desktop\\SCRNSAVE.EXE -> C:\Windows\system32\Bubbles.scr [809472 2019-12-07] (Microsoft Windows -> Microsoft Corporation)
HKLM\...\Print\Monitors\HP C711 Status Monitor: C:\Windows\system32\hpinkstsC711LM.dll [333496 2012-12-16] (Hewlett Packard -> Hewlett-Packard Co.)
HKLM\...\Print\Monitors\HP Discovery Port Monitor (HP Deskjet 3540 series): C:\Windows\system32\HPDiscoPMC711.dll [763912 2014-03-06] (Hewlett Packard -> Hewlett-Packard Co.)
HKLM\Software\Microsoft\Active Setup\Installed Components: [{8A69D345-D564-463c-AFF1-A69D9E530F96}] -> C:\Program Files\Google\Chrome\Application\107.0.5304.108\Installer\chrmstp.exe [2022-11-24] (Google LLC -> Google LLC)
Startup: C:\Users\vlast\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup\Monitor Ink Alerts - HP Deskjet 3540 series.lnk [2021-08-17]
ShortcutAndArgument: Monitor Ink Alerts - HP Deskjet 3540 series.lnk -> C:\Windows\system32\RunDll32.exe => "C:\Program Files\HP\HP Deskjet 3540 series\bin\HPStatusBL.dll",RunDLLEntry SERIALNUMBER=CN57V3311605X5;CONNECTION=USB;MONITOR=1;
Startup: C:\Users\vlast\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup\Sledovat výstrahy inkoustu - HP Deskjet 3540 series.lnk [2022-11-25]
ShortcutAndArgument: Sledovat výstrahy inkoustu - HP Deskjet 3540 series.lnk -> C:\Windows\system32\RunDll32.exe => "C:\Program Files\HP\HP Deskjet 3540 series\bin\HPStatusBL.dll",RunDLLEntry SERIALNUMBER=CN57V3311605X5;CONNECTION=USB;MONITOR=1;

==================== Scheduled Tasks (Whitelisted) ============

(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)

Task: {0B112892-D5DA-41F7-B9D8-8CA91E58AAA1} - System32\Tasks\USER_ESRV_SVC_QUEENCREEK => "C:\Windows\System32\Wscript.exe" //B //NoLogo "C:\Program Files\Intel\SUR\QUEENCREEK\x64\task.vbs"
Task: {1E1E6BBF-2522-4F5E-A0E0-6C102AE3104A} - System32\Tasks\IntelSURQC-Upgrade-86621605-2a0b-4128-8ffc-15514c247132-Logon => C:\Program Files\Intel\SUR\QUEENCREEK\Updater\bin\IntelSoftwareAssetManagerService.exe [3231104 2022-05-02] (Intel Corporation -> Intel Corporation)
Task: {37D9DEDC-DF4D-4D3F-9589-BA0EB1C0E570} - System32\Tasks\Adobe Acrobat Update Task => C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\AdobeARM.exe [1552376 2022-09-26] (Adobe Inc. -> Adobe Inc.)
Task: {4451607F-4614-4FE7-A9F5-DDB055EB709E} - System32\Tasks\Microsoft\Windows\Windows Defender\Windows Defender Verification => C:\ProgramData\Microsoft\Windows Defender\Platform\4.18.2210.6-0\MpCmdRun.exe [1567360 2022-11-11] (Microsoft Windows Publisher -> Microsoft Corporation)
Task: {528001AE-6270-495E-9642-2059DAF7C502} - System32\Tasks\GoogleUpdateTaskMachineUA => C:\Program Files (x86)\Google\Update\GoogleUpdate.exe [154456 2021-07-05] (Google LLC -> Google LLC)
Task: {7C40AC33-65B8-4695-99EB-AD7BD10CB2A7} - System32\Tasks\Microsoft\Office\Office Automatic Updates 2.0 => C:\Program Files\Common Files\Microsoft Shared\ClickToRun\OfficeC2RClient.exe [26154376 2022-11-16] (Microsoft Corporation -> Microsoft Corporation)
Task: {89CEAD06-F6A1-4DCE-AFF9-09A12DE91E92} - System32\Tasks\Microsoft\Windows\Windows Defender\Windows Defender Cleanup => C:\ProgramData\Microsoft\Windows Defender\Platform\4.18.2210.6-0\MpCmdRun.exe [1567360 2022-11-11] (Microsoft Windows Publisher -> Microsoft Corporation)
Task: {93D2D01C-7C07-4C09-97B1-07A6503B9324} - System32\Tasks\Microsoft\Office\Office Feature Updates Logon => C:\Program Files (x86)\Microsoft Office\root\Office16\sdxhelper.exe [114600 2022-11-16] (Microsoft Corporation -> Microsoft Corporation)
Task: {941FB3F9-8CC2-4F96-A09A-C54F7FF427EF} - System32\Tasks\Zoner.Updater.S-1-5-21-4132436051-199185681-1240583427-1001 => C:\ProgramData\Zoner\Zoner.Installer.Core\Updater.exe [1609008 2022-11-22] (ZONER software, a.s. -> ZONER a.s.)
Task: {9C8099D7-473E-4CE6-ACD1-6D0E475D1C4C} - System32\Tasks\Microsoft\Office\Office ClickToRun Service Monitor => C:\Program Files\Common Files\Microsoft Shared\ClickToRun\OfficeC2RClient.exe [26154376 2022-11-16] (Microsoft Corporation -> Microsoft Corporation)
Task: {A1D57D89-D5CE-421D-A5ED-0F947D65A5FC} - System32\Tasks\IUM-F1E24CA0-B63E-4F13-A9E3-4ADE3BFF3473 => C:\Program Files (x86)\Intel\Intel(R) Update Manager\bin\iumsvc.exe --automatic (No File)
Task: {AFC6E67F-29C3-488C-BE7E-DB19872DE057} - System32\Tasks\Microsoft\Windows\Windows Defender\Windows Defender Cache Maintenance => C:\ProgramData\Microsoft\Windows Defender\Platform\4.18.2210.6-0\MpCmdRun.exe [1567360 2022-11-11] (Microsoft Windows Publisher -> Microsoft Corporation)
Task: {E124F345-BF68-41D1-A6BB-E2BFB257D743} - System32\Tasks\Microsoft\Office\Office Feature Updates => C:\Program Files (x86)\Microsoft Office\root\Office16\sdxhelper.exe [114600 2022-11-16] (Microsoft Corporation -> Microsoft Corporation)
Task: {F333160E-E16A-46E0-88A4-0E4FC7AECAC2} - System32\Tasks\IntelSURQC-Upgrade-86621605-2a0b-4128-8ffc-15514c247132 => C:\Program Files\Intel\SUR\QUEENCREEK\Updater\bin\IntelSoftwareAssetManagerService.exe [3231104 2022-05-02] (Intel Corporation -> Intel Corporation)
Task: {F415667D-8EE3-400B-9D33-D892F32F6EB2} - System32\Tasks\Microsoft\Windows\Windows Defender\Windows Defender Scheduled Scan => C:\ProgramData\Microsoft\Windows Defender\Platform\4.18.2210.6-0\MpCmdRun.exe [1567360 2022-11-11] (Microsoft Windows Publisher -> Microsoft Corporation)
Task: {F5FF8D59-6425-4C73-8C26-FFAA4EBF188F} - System32\Tasks\GoogleUpdateTaskMachineCore => C:\Program Files (x86)\Google\Update\GoogleUpdate.exe [154456 2021-07-05] (Google LLC -> Google LLC)

(If an entry is included in the fixlist, the task (.job) file will be moved. The file which is running by the task will not be moved.)

Task: C:\Windows\Tasks\CreateExplorerShellUnelevatedTask.job => C:\Windows\explorer.exe

==================== Internet (Whitelisted) ====================

(If an item is included in the fixlist, if it is a registry item it will be removed or restored to default.)

Tcpip\Parameters: [DhcpNameServer] 192.168.0.1
Tcpip\..\Interfaces\{955e1025-6fd1-4f01-9a2a-971fe32b1de0}: [DhcpNameServer] 192.168.0.1

Edge:
=======
Edge DefaultProfile: Default
Edge Profile: C:\Users\vlast\AppData\Local\Microsoft\Edge\User Data\Default [2022-11-25]
Edge HKLM-x32\...\Edge\Extension: [ihcjicgdanjaechkgeegckofjjedodee]

FireFox:
========
FF Plugin: @videolan.org/vlc,version=3.0.16 -> C:\Program Files\VideoLAN\VLC\npvlc.dll [2021-06-18] (VideoLAN -> VideoLAN)
FF Plugin: Adobe Acrobat -> C:\Program Files\Adobe\Acrobat DC\Acrobat\Air\nppdf32.dll [2022-11-14] (Adobe Inc. -> Adobe Systems Inc.)
FF Plugin-x32: @microsoft.com/SharePoint,version=14.0 -> C:\Program Files (x86)\Microsoft Office\root\Office16\NPSPWRAP.DLL [2022-11-01] (Microsoft Corporation -> Microsoft Corporation)
FF Plugin-x32: @nvidia.com/3DVision -> C:\Program Files (x86)\NVIDIA Corporation\3D Vision\npnv3dv.dll [2018-03-24] (NVIDIA Corporation PE Sign v2016 -> NVIDIA Corporation) [File not signed]
FF Plugin-x32: @nvidia.com/3DVisionStreaming -> C:\Program Files (x86)\NVIDIA Corporation\3D Vision\npnv3dvstreaming.dll [2018-03-24] (NVIDIA Corporation PE Sign v2016 -> NVIDIA Corporation) [File not signed]

Chrome:
=======
CHR DefaultProfile: Profile 4
CHR Profile: C:\Users\vlast\AppData\Local\Google\Chrome\User Data\Guest Profile [2021-11-02]
CHR Profile: C:\Users\vlast\AppData\Local\Google\Chrome\User Data\Profile 4 [2022-11-25]
CHR Notifications: Profile 4 -> hxxps://calendar.google.com; hxxps://www.pcworld.cz
CHR StartupUrls: Profile 4 -> "hxxp://www.google.com/"
CHR Extension: (Překladač Google) - C:\Users\vlast\AppData\Local\Google\Chrome\User Data\Profile 4\Extensions\aapbdbdomjkkjkaonfhkkikfgjllcleb [2022-09-29]
CHR Extension: (Adblock Plus - free ad blocker) - C:\Users\vlast\AppData\Local\Google\Chrome\User Data\Profile 4\Extensions\cfhdojbkjhnklbpkdaibdccddilifddb [2022-11-24]
CHR Extension: (Dokumenty Google offline) - C:\Users\vlast\AppData\Local\Google\Chrome\User Data\Profile 4\Extensions\ghbmnnjooekpmoecnnnilnnbdlolhkhi [2022-11-22]
CHR Extension: (AdBlock - nejlepší blokátor reklam) - C:\Users\vlast\AppData\Local\Google\Chrome\User Data\Profile 4\Extensions\gighmmpiobklfepjocnamgkkbiglidom [2022-11-17]
CHR Extension: (Platby Internetového obchodu Chrome) - C:\Users\vlast\AppData\Local\Google\Chrome\User Data\Profile 4\Extensions\nmmhkkegccagdldgiimedpiccmgmieda [2022-09-11]
CHR Extension: (Bitwarden – Bezplatný správce hesel) - C:\Users\vlast\AppData\Local\Google\Chrome\User Data\Profile 4\Extensions\nngceckbapebfimnlniiiahkandclblb [2022-10-20]
CHR Profile: C:\Users\vlast\AppData\Local\Google\Chrome\User Data\System Profile [2022-10-27]
CHR HKLM-x32\...\Chrome\Extension: [ihcjicgdanjaechkgeegckofjjedodee]

==================== Services (Whitelisted) ===================

(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)

R2 AdobeARMservice; C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\armsvc.exe [173040 2022-09-26] (Adobe Inc. -> Adobe Inc.)
R2 ClickToRunSvc; C:\Program Files\Common Files\Microsoft Shared\ClickToRun\OfficeClickToRun.exe [12515768 2022-11-16] (Microsoft Corporation -> Microsoft Corporation)
S3 Sense; C:\Program Files\Windows Defender Advanced Threat Protection\MsSense.exe [224184 2022-11-18] (Microsoft Windows Publisher -> Microsoft Corporation)
R3 WdNisSvc; C:\ProgramData\Microsoft\Windows Defender\Platform\4.18.2210.6-0\NisSrv.exe [3191272 2022-11-11] (Microsoft Windows Publisher -> Microsoft Corporation)
R2 WinDefend; C:\ProgramData\Microsoft\Windows Defender\Platform\4.18.2210.6-0\MsMpEng.exe [133544 2022-11-11] (Microsoft Windows Publisher -> Microsoft Corporation)

===================== Drivers (Whitelisted) ===================

(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)

S3 BthA2dp; C:\Windows\System32\drivers\BthA2dp.sys [279040 2019-12-07] (Microsoft Corporation) [File not signed]
S3 BthHFEnum; C:\Windows\System32\drivers\bthhfenum.sys [144896 2019-12-07] (Microsoft Corporation) [File not signed]
S0 WdBoot; C:\Windows\System32\drivers\wd\WdBoot.sys [49616 2022-11-11] (Microsoft Windows Early Launch Anti-malware Publisher -> Microsoft Corporation)
R0 WdFilter; C:\Windows\System32\drivers\wd\WdFilter.sys [469288 2022-11-11] (Microsoft Windows -> Microsoft Corporation)
R3 WdNisDrv; C:\Windows\System32\drivers\wd\WdNisDrv.sys [95520 2022-11-11] (Microsoft Windows -> Microsoft Corporation)

==================== NetSvcs (Whitelisted) ===================

(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)


==================== One month (created) (Whitelisted) =========

(If an entry is included in the fixlist, the file/folder will be moved.)

2022-11-25 18:58 - 2022-11-25 19:00 - 000014516 _____ C:\Users\vlast\Desktop\FRST.txt
2022-11-25 18:57 - 2022-11-25 18:59 - 000000000 ____D C:\FRST
2022-11-25 18:55 - 2022-11-25 18:55 - 002375680 _____ (Farbar) C:\Users\vlast\Desktop\FRST64.exe
2022-11-25 15:27 - 2022-11-25 15:27 - 000000000 ____D C:\AdwCleaner
2022-11-25 15:26 - 2022-11-25 15:26 - 008791352 _____ (Malwarebytes) C:\Users\vlast\Desktop\adwcleaner.exe
2022-11-25 15:17 - 2022-11-25 15:17 - 000001425 _____ C:\Windows\system32\default_error_stack-000030-000000.txt
2022-11-24 14:23 - 2022-11-24 14:23 - 000002378 _____ C:\Users\vlast\Downloads\IMG_20190808_145344.jpg.data-zps
2022-11-23 13:27 - 2022-11-24 21:39 - 000000000 ____D C:\Users\vlast\Downloads\Nová složka
2022-11-22 14:23 - 2022-11-22 14:23 - 000003778 _____ C:\Windows\system32\Tasks\Zoner.Updater.S-1-5-21-4132436051-199185681-1240583427-1001
2022-11-22 14:23 - 2022-11-22 14:23 - 000001595 _____ C:\Users\vlast\AppData\Roaming\Microsoft\Windows\Start Menu\Zoner Photo Studio X.lnk
2022-11-22 14:23 - 2022-11-22 14:23 - 000001593 _____ C:\Users\vlast\Desktop\Zoner Photo Studio X.lnk
2022-11-18 14:34 - 2022-11-18 14:34 - 000001425 _____ C:\Windows\system32\default_error_stack-000029-000000.txt
2022-11-18 14:23 - 2022-11-18 14:23 - 000012261 _____ C:\Windows\system32\DrtmAuthTxt.wim
2022-11-18 14:22 - 2022-11-18 14:22 - 000297472 _____ C:\Windows\system32\Windows.Management.InprocObjects.dll
2022-11-18 13:58 - 2022-11-18 13:58 - 000000000 ___HD C:\$WinREAgent
2022-11-17 15:45 - 2022-11-18 14:03 - 000000000 ____D C:\Users\vlast\Desktop\šedý
2022-11-13 11:30 - 2022-11-13 11:30 - 000001208 _____ C:\Users\vlast\Desktop\6-DOPISŮ-interpunkčním-znaménkům.pdf – zástupce.lnk
2022-11-13 11:30 - 2022-11-13 11:30 - 000001066 _____ C:\Users\vlast\Desktop\Poznámky.docx – zástupce.lnk
2022-11-11 15:21 - 2022-11-11 15:21 - 000001425 _____ C:\Windows\system32\default_error_stack-000028-000000.txt
2022-11-07 12:41 - 2022-11-07 12:41 - 000000000 ____D C:\Users\vlast\Desktop\mapy
2022-11-02 21:20 - 2022-11-02 21:20 - 000001425 _____ C:\Windows\system32\default_error_stack-000027-000000.txt
2022-11-02 20:36 - 2022-11-02 20:36 - 000688128 _____ C:\Windows\system32\FsNVSDeviceSource.dll
2022-11-02 20:36 - 2022-11-02 20:36 - 000073216 _____ C:\Windows\system32\nettraceex.dll
2022-10-29 19:44 - 2022-10-29 19:44 - 000001434 _____ C:\Windows\system32\default_error_stack-000026-000000.txt

==================== One month (modified) ==================

(If an entry is included in the fixlist, the file/folder will be moved.)

2022-11-25 19:00 - 2019-12-07 10:14 - 000000000 ____D C:\ProgramData\regid.1991-06.com.microsoft
2022-11-25 18:46 - 2021-07-05 08:15 - 000000000 ____D C:\Program Files (x86)\Google
2022-11-25 18:46 - 2021-07-05 07:54 - 000000000 ___RD C:\Users\vlast\OneDrive
2022-11-25 15:35 - 2021-07-05 07:37 - 000000000 ____D C:\ProgramData\NVIDIA
2022-11-25 15:24 - 2021-07-05 07:36 - 001605666 _____ C:\Windows\system32\PerfStringBackup.INI
2022-11-25 15:24 - 2019-12-07 15:43 - 000682184 _____ C:\Windows\system32\perfh005.dat
2022-11-25 15:24 - 2019-12-07 15:43 - 000137000 _____ C:\Windows\system32\perfc005.dat
2022-11-25 15:24 - 2019-12-07 10:13 - 000000000 ____D C:\Windows\INF
2022-11-25 15:19 - 2021-07-05 07:24 - 000000006 ____H C:\Windows\Tasks\SA.DAT
2022-11-25 15:19 - 2021-07-05 07:23 - 000008192 ___SH C:\DumpStack.log.tmp
2022-11-25 15:18 - 2019-12-07 10:03 - 001048576 _____ C:\Windows\system32\config\BBI
2022-11-25 13:43 - 2021-07-05 08:25 - 000000000 ____D C:\Users\vlast\AppData\Local\D3DSCache
2022-11-25 12:33 - 2019-12-07 10:14 - 000000000 ____D C:\Windows\AppReadiness
2022-11-24 19:23 - 2021-07-05 08:16 - 000002247 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Google Chrome.lnk
2022-11-24 19:22 - 2019-12-07 10:14 - 000000000 ___HD C:\Program Files\WindowsApps
2022-11-24 15:28 - 2021-07-05 07:52 - 000000000 ____D C:\Users\vlast\AppData\Local\Packages
2022-11-24 12:36 - 2021-07-05 07:23 - 000000000 ____D C:\Windows\system32\SleepStudy
2022-11-23 13:26 - 2021-07-05 07:25 - 000002436 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Microsoft Edge.lnk
2022-11-22 14:22 - 2021-07-05 11:16 - 000000000 ____D C:\ProgramData\Zoner
2022-11-21 22:00 - 2021-07-05 07:37 - 000000000 ____D C:\Users\vlast
2022-11-21 14:41 - 2022-08-14 08:59 - 000000000 ____D C:\Users\vlast\AppData\Roaming\Zoner
2022-11-21 14:41 - 2022-08-14 08:59 - 000000000 ____D C:\Users\vlast\AppData\Local\Zoner
2022-11-21 12:54 - 2021-07-05 17:50 - 000000000 ____D C:\Users\vlast\AppData\Local\CrashDumps
2022-11-21 11:56 - 2021-07-05 07:54 - 000000000 ____D C:\Users\vlast\AppData\Local\PlaceholderTileLogoFolder
2022-11-21 11:33 - 2022-09-11 13:37 - 000000000 ____D C:\Users\vlast\Desktop\foto 22 menší rozlišení
2022-11-18 20:45 - 2022-09-10 20:41 - 000000000 ____D C:\Users\vlast\AppData\Roaming\com.adobe.dunamis
2022-11-18 14:55 - 2022-10-14 09:52 - 000002073 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Adobe Acrobat.lnk
2022-11-18 14:55 - 2021-07-05 21:09 - 000004562 _____ C:\Windows\system32\Tasks\Adobe Acrobat Update Task
2022-11-18 14:36 - 2021-07-05 07:23 - 000438944 _____ C:\Windows\system32\FNTCACHE.DAT
2022-11-18 14:33 - 2019-12-07 15:47 - 000000000 ____D C:\Program Files\Windows Defender Advanced Threat Protection
2022-11-18 14:33 - 2019-12-07 10:14 - 000000000 ___SD C:\Windows\system32\UNP
2022-11-18 14:33 - 2019-12-07 10:14 - 000000000 ____D C:\Windows\SysWOW64\WinMetadata
2022-11-18 14:33 - 2019-12-07 10:14 - 000000000 ____D C:\Windows\SysWOW64\lv-LV
2022-11-18 14:33 - 2019-12-07 10:14 - 000000000 ____D C:\Windows\SysWOW64\lt-LT
2022-11-18 14:33 - 2019-12-07 10:14 - 000000000 ____D C:\Windows\SysWOW64\et-EE
2022-11-18 14:33 - 2019-12-07 10:14 - 000000000 ____D C:\Windows\SysWOW64\es-MX
2022-11-18 14:33 - 2019-12-07 10:14 - 000000000 ____D C:\Windows\SysWOW64\Dism
2022-11-18 14:33 - 2019-12-07 10:14 - 000000000 ____D C:\Windows\SystemResources
2022-11-18 14:33 - 2019-12-07 10:14 - 000000000 ____D C:\Windows\SystemApps
2022-11-18 14:33 - 2019-12-07 10:14 - 000000000 ____D C:\Windows\system32\WinMetadata
2022-11-18 14:33 - 2019-12-07 10:14 - 000000000 ____D C:\Windows\system32\lv-LV
2022-11-18 14:33 - 2019-12-07 10:14 - 000000000 ____D C:\Windows\system32\lt-LT
2022-11-18 14:33 - 2019-12-07 10:14 - 000000000 ____D C:\Windows\system32\et-EE
2022-11-18 14:33 - 2019-12-07 10:14 - 000000000 ____D C:\Windows\system32\es-MX
2022-11-18 14:33 - 2019-12-07 10:14 - 000000000 ____D C:\Windows\system32\Dism
2022-11-18 14:33 - 2019-12-07 10:14 - 000000000 ____D C:\Windows\Provisioning
2022-11-18 14:33 - 2019-12-07 10:14 - 000000000 ____D C:\Windows\bcastdvr
2022-11-18 14:30 - 2019-12-07 10:03 - 000000000 ____D C:\Windows\CbsTemp
2022-11-18 14:22 - 2021-07-05 07:26 - 003014656 _____ (Microsoft Corporation) C:\Windows\SysWOW64\PrintConfig.dll
2022-11-17 20:51 - 2021-08-10 19:16 - 000000000 ____D C:\Users\vlast\AppData\Roaming\vlc
2022-11-17 20:43 - 2021-12-12 19:07 - 000003588 _____ C:\Windows\system32\Tasks\OneDrive Reporting Task-S-1-5-21-4132436051-199185681-1240583427-1001
2022-11-17 20:43 - 2021-07-05 07:54 - 000003360 _____ C:\Windows\system32\Tasks\OneDrive Standalone Update Task-S-1-5-21-4132436051-199185681-1240583427-1001
2022-11-17 20:43 - 2021-07-05 07:37 - 000002413 _____ C:\Users\vlast\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\OneDrive.lnk
2022-11-16 11:51 - 2021-07-05 09:03 - 000000000 ____D C:\Program Files (x86)\Microsoft Office
2022-11-11 13:06 - 2021-07-05 07:24 - 000000000 ____D C:\Windows\system32\Drivers\wd
2022-11-11 11:17 - 2021-07-05 11:49 - 000000000 ____D C:\Windows\system32\MRT
2022-11-11 11:12 - 2021-07-05 11:49 - 146960040 ____C (Microsoft Corporation) C:\Windows\system32\MRT.exe
2022-11-09 13:39 - 2021-07-07 11:04 - 000000000 ____D C:\Users\vlast\OneDrive\Dokumenty\Vlastní šablony Office
2022-11-07 20:36 - 2021-07-05 07:24 - 000003640 _____ C:\Windows\system32\Tasks\MicrosoftEdgeUpdateTaskMachineUA
2022-11-07 20:36 - 2021-07-05 07:24 - 000003516 _____ C:\Windows\system32\Tasks\MicrosoftEdgeUpdateTaskMachineCore
2022-11-06 09:55 - 2021-09-08 10:13 - 000000000 ____D C:\Users\vlast\AppData\Local\ElevatedDiagnostics
2022-11-06 08:55 - 2019-12-07 15:47 - 000000000 ____D C:\Program Files\Windows Photo Viewer
2022-11-06 08:55 - 2019-12-07 15:47 - 000000000 ____D C:\Program Files (x86)\Windows Photo Viewer
2022-11-06 08:55 - 2019-12-07 15:43 - 000000000 ____D C:\Windows\SysWOW64\winrm
2022-11-06 08:55 - 2019-12-07 15:43 - 000000000 ____D C:\Windows\SysWOW64\WCN
2022-11-06 08:55 - 2019-12-07 15:43 - 000000000 ____D C:\Windows\SysWOW64\slmgr
2022-11-06 08:55 - 2019-12-07 15:43 - 000000000 ____D C:\Windows\SysWOW64\Printing_Admin_Scripts
2022-11-06 08:55 - 2019-12-07 15:43 - 000000000 ____D C:\Windows\system32\winrm
2022-11-06 08:55 - 2019-12-07 15:43 - 000000000 ____D C:\Windows\system32\WCN
2022-11-06 08:55 - 2019-12-07 15:43 - 000000000 ____D C:\Windows\system32\slmgr
2022-11-06 08:55 - 2019-12-07 15:43 - 000000000 ____D C:\Windows\system32\Printing_Admin_Scripts
2022-11-06 08:55 - 2019-12-07 10:14 - 000000000 ___SD C:\Windows\SysWOW64\F12
2022-11-06 08:55 - 2019-12-07 10:14 - 000000000 ___SD C:\Windows\SysWOW64\DiagSvcs
2022-11-06 08:55 - 2019-12-07 10:14 - 000000000 ___SD C:\Windows\system32\F12
2022-11-06 08:55 - 2019-12-07 10:14 - 000000000 ___SD C:\Windows\system32\DiagSvcs
2022-11-06 08:55 - 2019-12-07 10:14 - 000000000 ___RD C:\Windows\ImmersiveControlPanel
2022-11-06 08:55 - 2019-12-07 10:14 - 000000000 ____D C:\Windows\system32\WinBioPlugIns
2022-11-06 08:55 - 2019-12-07 10:14 - 000000000 ____D C:\Windows\system32\SystemResetPlatform
2022-11-06 08:55 - 2019-12-07 10:14 - 000000000 ____D C:\Windows\system32\PerceptionSimulation
2022-11-06 08:55 - 2019-12-07 10:14 - 000000000 ____D C:\Windows\system32\migwiz
2022-11-06 08:55 - 2019-12-07 10:14 - 000000000 ____D C:\Program Files\Windows Defender
2022-11-06 08:55 - 2019-12-07 10:14 - 000000000 ____D C:\Program Files (x86)\Windows Defender
2022-11-06 08:55 - 2019-12-07 10:03 - 000000000 ____D C:\Windows\servicing
2022-11-06 08:46 - 2019-12-07 15:45 - 000000000 ____D C:\Windows\OCR
2022-11-02 21:19 - 2019-12-07 10:14 - 000000000 ____D C:\Windows\system32\oobe
2022-11-02 19:41 - 2022-01-04 13:15 - 000000438 _____ C:\Users\vlast\Desktop\Sledování TV.url
2022-11-01 13:40 - 2022-02-07 21:05 - 000000000 ____D C:\Users\vlast\Desktop\PříNaBydlení
2022-10-31 10:30 - 2022-04-13 20:07 - 000000000 ____D C:\Users\vlast\Desktop\NN International
2022-10-30 11:38 - 2021-07-05 11:52 - 000000000 ____D C:\Program Files\Microsoft Update Health Tools
2022-10-30 10:35 - 2021-11-28 15:08 - 000000000 ____D C:\Users\vlast\AppData\Roaming\audacity
2022-10-29 20:43 - 2022-10-21 19:41 - 000001124 _____ C:\Users\vlast\Desktop\mp3DirectCut.lnk
2022-10-27 21:57 - 2022-10-04 10:14 - 000000000 ____D C:\Users\vlast\AppData\Roaming\Mp3tag
2022-10-27 08:09 - 2022-10-21 12:40 - 000000000 ____D C:\Windows\system32\Tasks\NCH Software

==================== SigCheck ============================

(There is no automatic fix for files that do not pass verification.)

==================== End of FRST.txt ========================

Uživatelský avatar
Rudy
Site Admin
Site Admin
Příspěvky: 118200
Registrován: 30 říj 2003 13:42
Bydliště: Plzeň
Kontaktovat uživatele:

Re: PUADlManager:Win32/Seznam

#2 Příspěvek od Rudy »

Zdravím!
Dal jste pouze log FRST. Patří k němu i log Addition. Nejprve spusťte tuto utilitu:
Ulozte na plochu AdwCleaner https://malwarebytes.com/adwcleaner/ nebo http://www.bleepingcomputer.com/download/adwcleaner/

ukoncete vsechny programy
odsouhlaste licencni podmiky (EULA) klikem na Souhlasim
kliknete pravym na ikonu AdwCleaneru a vyberte Spustit jako spravce (v pripade Win XP spustte obycejne dvojklikem)
kliknete na Skenovat nyni (Scan now), pote na Cisteni a opravy (Clean and Repair)
po restartu na Vas vyskoci log (pripadne jej najdete v C:\AdwCleaner\Logs\AdwCleaner[Cxx].txt), jehoz obsah zkopirujte do pristi odpovedi
Dotazy a logy vkládejte pouze do vašich threadů. Soukromé zprávy, icq a e-maily neslouží k řešení vašich problémů.

Podpořte, prosím, naše fórum : https://platba.viry.cz/payment/.

Navštivte: Obrázek

e-mail: rudy(zavináč)forum.viry.cz

Varování:
Před odvirováním PC si udělejte zálohy svých důležitých dat (pošta, kontakty, dokumenty, fotografie, videa, hudba apod.). Virus mimo svých "viditelných" aktivit může poškodit systém!


Po dořešení vašeho problému bude vlákno zamknuto. Stejně tak tehdy, pokud bude nečinné více než 14dnů. Pokud budete chtít vlákno aktivovat, napište mi na mail uvedený výše.

vlastas
3. Stupeň Varování
Příspěvky: 66
Registrován: 22 pro 2010 13:16

Re: PUADlManager:Win32/Seznam

#3 Příspěvek od vlastas »

Additional scan result of Farbar Recovery Scan Tool (x64) Version: 18-11-2022
Ran by vlast (25-11-2022 19:01:37)
Running from C:\Users\vlast\Desktop
Microsoft Windows 10 Pro Version 22H2 19045.2311 (X64) (2021-07-05 06:31:39)
Boot Mode: Normal
==========================================================


==================== Accounts: =============================


(If an entry is included in the fixlist, it will be removed.)

Administrator (S-1-5-21-4132436051-199185681-1240583427-500 - Administrator - Disabled)
DefaultAccount (S-1-5-21-4132436051-199185681-1240583427-503 - Limited - Disabled)
Guest (S-1-5-21-4132436051-199185681-1240583427-501 - Limited - Disabled) => C:\Users\Guest
vlast (S-1-5-21-4132436051-199185681-1240583427-1001 - Administrator - Enabled) => C:\Users\vlast
WDAGUtilityAccount (S-1-5-21-4132436051-199185681-1240583427-504 - Limited - Disabled)

==================== Security Center ========================

(If an entry is included in the fixlist, it will be removed.)

AV: Windows Defender (Enabled - Up to date) {D68DDC3A-831F-4fae-9E44-DA132C1ACF46}

==================== Installed Programs ======================

(Only the adware programs with "Hidden" flag could be added to the fixlist to unhide them. The adware programs should be uninstalled manually.)

Adobe Acrobat (64-bit) (HKLM\...\{AC76BA86-1029-1033-7760-BC15014EA700}) (Version: 22.003.20282 - Adobe)
Adobe Refresh Manager (HKLM-x32\...\{AC76BA86-0804-1033-1959-018244601032}) (Version: 1.8.0 - Adobe Systems Incorporated) Hidden
Audacity 2.3.3 (HKLM-x32\...\Audacity_is1) (Version: 2.3.3 - Audacity Team)
Bandicam (HKLM-x32\...\Bandicam) (Version: 5.1.1.1837 - Bandicam.com)
Bandicam MPEG-1 Decoder (HKLM-x32\...\BandiMPEG1) (Version: - Bandicam.com)
EncSpot Pro 2.1 beta 1 (HKLM-x32\...\EncSpot Professional_is1) (Version: - GuerillaSoft)
Google Chrome (HKLM-x32\...\Google Chrome) (Version: 107.0.5304.108 - Google LLC)
HP Deskjet 3540 series Nápověda (HKLM-x32\...\{13EFEB9B-FB50-40C6-9F18-C3F38AAE81D1}) (Version: 30.0.0 - Hewlett Packard)
Intel(R) Computing Improvement Program (HKLM\...\{D17293BC-1678-4281-B94E-DBCF66AE7611}) (Version: 2.4.08919 - Intel Corporation)
Intel(R) SUR QC Software Asset Manager (HKLM\...\{B3804557-9824-4918-AA88-0DFAC94CD3B5}) (Version: 3.5.5033 - Intel Corporation) Hidden
MediaInfo 21.09 (HKLM\...\MediaInfo) (Version: 21.09 - MediaArea.net)
Microsoft Edge (HKLM-x32\...\Microsoft Edge) (Version: 107.0.1418.56 - Microsoft Corporation)
Microsoft Edge WebView2 Runtime (HKLM-x32\...\Microsoft EdgeWebView) (Version: 107.0.1418.56 - Microsoft Corporation)
Microsoft Office Professional 2019 - cs-cz (HKLM\...\Professional2019Retail - cs-cz) (Version: 16.0.15726.20202 - Microsoft Corporation)
Microsoft OneDrive (HKU\S-1-5-21-4132436051-199185681-1240583427-1001\...\OneDriveSetup.exe) (Version: 22.227.1030.0001 - Microsoft Corporation)
Microsoft Update Health Tools (HKLM\...\{80F1AF52-7AC0-42A3-9AF0-689BFB271D1D}) (Version: 3.68.0.0 - Microsoft Corporation)
Microsoft Visual C++ 2015 Redistributable (x86) - 14.0.24215 (HKLM-x32\...\{e2803110-78b3-4664-a479-3611a381656a}) (Version: 14.0.24215.1 - Microsoft Corporation)
Microsoft Visual C++ 2015 x86 Additional Runtime - 14.0.24215 (HKLM-x32\...\{69BCE4AC-9572-3271-A2FB-9423BDA36A43}) (Version: 14.0.24215 - Microsoft Corporation) Hidden
Microsoft Visual C++ 2015 x86 Minimum Runtime - 14.0.24215 (HKLM-x32\...\{BBF2AC74-720C-3CB3-8291-5E34039232FA}) (Version: 14.0.24215 - Microsoft Corporation) Hidden
Mp3tag v3.18 (HKLM\...\Mp3tag) (Version: 3.18 - Florian Heidenreich)
MSVCRT Redists (HKLM\...\{E83D6FA1-B27C-11E9-B0DB-A5146957F833}) (Version: 1.0 - MAGIX Computer Products Intl. Co.) Hidden
NVIDIA Ovladač 3D Vision 391.35 (HKLM\...\{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_Display.3DVision) (Version: 391.35 - NVIDIA Corporation)
NVIDIA Ovladač HD audia 1.3.36.6 (HKLM\...\{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_HDAudio.Driver) (Version: 1.3.36.6 - NVIDIA Corporation)
NVIDIA Ovladače grafiky 391.35 (HKLM\...\{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_Display.Driver) (Version: 391.35 - NVIDIA Corporation)
NVIDIA Stereoscopic 3D Driver (HKLM-x32\...\NVIDIAStereo) (Version: 7.17.13.7500 - NVIDIA Corporation) Hidden
Office 16 Click-to-Run Extensibility Component (HKLM-x32\...\{90160000-008C-0000-0000-0000000FF1CE}) (Version: 16.0.15726.20202 - Microsoft Corporation) Hidden
Office 16 Click-to-Run Extensibility Component 64-bit Registration (HKLM\...\{90160000-00DD-0000-1000-0000000FF1CE}) (Version: 16.0.15726.20202 - Microsoft Corporation) Hidden
Office 16 Click-to-Run Licensing Component (HKLM\...\{90160000-008F-0000-1000-0000000FF1CE}) (Version: 16.0.15726.20202 - Microsoft Corporation) Hidden
Office 16 Click-to-Run Localization Component (HKLM-x32\...\{90160000-008C-0405-0000-0000000FF1CE}) (Version: 16.0.14131.20278 - Microsoft Corporation) Hidden
TotalCMD by Marek410 (HKLM-x32\...\TotalCMD by Marek410) (Version: - )
VEGAS Pro 17.0 (HKLM\...\{E649B5F0-B27C-11E9-B856-A5146957F833}) (Version: 17.0.284 - VEGAS)
VLC media player (HKLM\...\VLC media player) (Version: 3.0.16 - VideoLAN)
Vulkan Run Time Libraries 1.0.65.1 (HKLM\...\VulkanRT1.0.65.1) (Version: 1.0.65.1 - LunarG, Inc.) Hidden
WinRAR 6.00 (64-bit) (HKLM\...\WinRAR archiver) (Version: 6.00.0 - win.rar GmbH)
Základní software zařízení HP Deskjet 3540 series (HKLM\...\{4CCA7410-4D72-4720-87C2-DBB75486E991}) (Version: 32.2.188.47710 - Hewlett-Packard Co.)
Zoner Photo Studio X CS (HKU\S-1-5-21-4132436051-199185681-1240583427-1001\...\ZPS X) (Version: 19.2209.2.409 - ZONER a.s.)
ZPS 19 CZ (HKU\S-1-5-21-4132436051-199185681-1240583427-1001\...\{E83AA227-7862-F115-2E87-46DCA9E3D879}) (Version: v.19.2004.2.262 - 18.08.2020 - libbi)

Packages:
=========
Doplněk multimediálního modulu pro aplikaci Fotografie -> C:\Program Files\WindowsApps\Microsoft.Photos.MediaEngineDLC_1.0.0.0_x64__8wekyb3d8bbwe [2021-08-09] (Microsoft Corporation)
Doplněk pro Fotky -> C:\Program Files\WindowsApps\Microsoft.Windows.Photos.DLC.Main_2021.39122.10110.0_x64__8wekyb3d8bbwe [2022-04-11] (Microsoft Corporation)
Microsoft To Do -> C:\Program Files\WindowsApps\Microsoft.Todos_2.83.53132.0_x64__8wekyb3d8bbwe [2022-11-18] (Microsoft Corporation) [Startup Task]
Microsoft Whiteboard -> C:\Program Files\WindowsApps\Microsoft.Whiteboard_52.11010.438.0_x64__8wekyb3d8bbwe [2022-10-15] (Microsoft Corporation)
Picsart - Photo Studio -> C:\Program Files\WindowsApps\2FE3CB00.PICSART-PHOTOSTUDIO_10.3.1.0_x64__crhqpqs3x1ygc [2022-11-18] (PicsArt Inc.)
TikTok -> C:\Program Files\WindowsApps\BytedancePte.Ltd.TikTok_1.0.5.0_neutral__6yccndn6064se [2022-11-21] (Bytedance Pte. Ltd.)

==================== Custom CLSID (Whitelisted): ==============

(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)

ContextMenuHandlers1: [Mp3tagShell] -> {6351E20C-35FA-4BE3-98FB-4CABF1363E12} => C:\Program Files\Mp3tag\Mp3tagShell64.dll [2022-09-29] (Florian Heidenreich -> Florian Heidenreich)
ContextMenuHandlers1: [WinRAR] -> {B41DB860-64E4-11D2-9906-E49FADC173CA} => C:\Program Files\WinRAR\rarext.dll [2020-12-01] (win.rar GmbH -> Alexander Roshal)
ContextMenuHandlers1-x32: [WinRAR32] -> {B41DB860-8EE4-11D2-9906-E49FADC173CA} => C:\Program Files\WinRAR\rarext32.dll [2020-12-01] (win.rar GmbH -> Alexander Roshal)
ContextMenuHandlers2: [Mp3tagShell] -> {6351E20C-35FA-4BE3-98FB-4CABF1363E12} => C:\Program Files\Mp3tag\Mp3tagShell64.dll [2022-09-29] (Florian Heidenreich -> Florian Heidenreich)
ContextMenuHandlers4: [Mp3tagShell] -> {6351E20C-35FA-4BE3-98FB-4CABF1363E12} => C:\Program Files\Mp3tag\Mp3tagShell64.dll [2022-09-29] (Florian Heidenreich -> Florian Heidenreich)
ContextMenuHandlers5: [NvCplDesktopContext] -> {3D1975AF-48C6-4f8e-A182-BE0E08FA86A9} => C:\Windows\system32\nvshext.dll [2018-03-24] (NVIDIA Corporation -> NVIDIA Corporation)
ContextMenuHandlers6: [WinRAR] -> {B41DB860-64E4-11D2-9906-E49FADC173CA} => C:\Program Files\WinRAR\rarext.dll [2020-12-01] (win.rar GmbH -> Alexander Roshal)
ContextMenuHandlers6-x32: [WinRAR32] -> {B41DB860-8EE4-11D2-9906-E49FADC173CA} => C:\Program Files\WinRAR\rarext32.dll [2020-12-01] (win.rar GmbH -> Alexander Roshal)

==================== Codecs (Whitelisted) ====================

(If an entry is included in the fixlist, the registry item will be restored to default or removed. The file will not be moved.)

HKLM\...\Drivers32: [vidc.mjpg] => C:\Windows\system32\bdmjpeg64.dll [75248 2017-01-26] (Bandicam Company -> )
HKLM\...\Drivers32: [vidc.mpeg] => C:\Windows\system32\bdmpegv64.dll [75272 2017-01-26] (Bandicam Company -> )
HKLM\...\Drivers32: [msacm.bdmpeg] => C:\Windows\system32\bdmpega64.acm [75784 2017-01-26] (Bandicam Company -> )
HKLM\...\Drivers32: [vidc.mjpg] => C:\Windows\SysWOW64\bdmjpeg.dll [71152 2017-01-26] (Bandicam Company -> )
HKLM\...\Drivers32: [vidc.mpeg] => C:\Windows\SysWOW64\bdmpegv.dll [71176 2017-01-26] (Bandicam Company -> )
HKLM\...\Drivers32: [msacm.bdmpeg] => C:\Windows\SysWOW64\bdmpega.acm [71176 2017-01-26] (Bandicam Company -> )

==================== Shortcuts & WMI ========================

(The entries could be listed to be restored or removed.)

ShortcutWithArgument: C:\Users\vlast\AppData\Roaming\Microsoft\Internet Explorer\Quick Launch\User Pinned\ImplicitAppShortcuts\54e4c98ff3d2e220\Bitwarden – Bezplatný správce hesel.lnk -> C:\Program Files\Google\Chrome\Application\chrome_proxy.exe (Google LLC) -> --profile-directory=Default --app-id=nngceckbapebfimnlniiiahkandclblb
ShortcutWithArgument: C:\Users\vlast\AppData\Roaming\Microsoft\Internet Explorer\Quick Launch\User Pinned\ImplicitAppShortcuts\48499db33039e897\Google Chrome.lnk -> C:\Program Files\Google\Chrome\Application\chrome.exe (Google LLC) -> --profile-directory="Profile 4"

==================== Loaded Modules (Whitelisted) =============

2021-07-05 09:03 - 2021-07-05 09:03 - 000000000 ____L (Microsoft Corporation) [simlink -> C:\Program Files\Common Files\Microsoft Shared\ClickToRun\AppvIsvSubsystems32.dll] C:\Program Files (x86)\Microsoft Office\Root\Office16\AppVIsvSubsystems32.dll
2021-07-05 09:03 - 2021-07-05 09:03 - 000000000 ____L (Microsoft Corporation) [simlink -> C:\Program Files\Common Files\Microsoft Shared\ClickToRun\C2R32.dll] C:\Program Files (x86)\Microsoft Office\Root\Office16\c2r32.dll
2021-09-09 20:19 - 2018-03-24 00:05 - 000880024 _____ (NVIDIA Corporation PE Sign v2016 -> NVIDIA Corporation) [File not signed] C:\Program Files (x86)\NVIDIA Corporation\3D Vision\nvSCPAPI64.dll
2021-09-09 20:19 - 2018-03-24 00:05 - 000343728 _____ (NVIDIA Corporation PE Sign v2016 -> NVIDIA Corporation) [File not signed] C:\Program Files\NVIDIA Corporation\Display.NvContainer\plugins\LocalSystem\NvStereo\_nvstapisvr64.dll
2022-05-05 16:44 - 2022-05-05 16:44 - 002122240 _____ (SQLite Development Team) [File not signed] C:\Program Files\Intel\SUR\QUEENCREEK\x64\sqlite3.dll

==================== Alternate Data Streams (Whitelisted) ========

==================== Safe Mode (Whitelisted) ==================

==================== Association (Whitelisted) =================

==================== Internet Explorer (Whitelisted) ==========

BHO: Skype for Business Browser Helper -> {31D09BA0-12F5-4CCE-BE8A-2923E76605DA} -> C:\Program Files (x86)\Microsoft Office\root\VFS\ProgramFilesX64\Microsoft Office\Office16\OCHelper.dll [2022-11-01] (Microsoft Corporation -> Microsoft Corporation)
Handler-x32: mso-minsb-roaming.16 - {83C25742-A9F7-49FB-9138-434302C88D07} - C:\Program Files (x86)\Microsoft Office\root\Office16\MSOSB.DLL [2022-11-01] (Microsoft Corporation -> Microsoft Corporation)
Handler-x32: mso-minsb.16 - {42089D2D-912D-4018-9087-2B87803E93FB} - C:\Program Files (x86)\Microsoft Office\root\Office16\MSOSB.DLL [2022-11-01] (Microsoft Corporation -> Microsoft Corporation)
Handler-x32: osf-roaming.16 - {42089D2D-912D-4018-9087-2B87803E93FB} - C:\Program Files (x86)\Microsoft Office\root\Office16\MSOSB.DLL [2022-11-01] (Microsoft Corporation -> Microsoft Corporation)
Handler-x32: osf.16 - {5504BE45-A83B-4808-900A-3A5C36E7F77A} - C:\Program Files (x86)\Microsoft Office\root\Office16\MSOSB.DLL [2022-11-01] (Microsoft Corporation -> Microsoft Corporation)

==================== Hosts content: =========================

(If needed Hosts: directive could be included in the fixlist to reset Hosts.)

2019-12-07 10:14 - 2022-08-14 08:56 - 000000857 _____ C:\Windows\system32\drivers\etc\hosts

==================== Other Areas ===========================

(Currently there is no automatic fix for this section.)

HKU\S-1-5-21-4132436051-199185681-1240583427-1001\Control Panel\Desktop\\Wallpaper -> C:\Users\vlast\AppData\Local\Microsoft\Windows\Themes\RoamedThemeFiles\DesktopBackground\img13.jpg
HKU\S-1-5-21-4132436051-199185681-1240583427-501\Control Panel\Desktop\\Wallpaper -> C:\Windows\web\wallpaper\Windows\img0.jpg
DNS Servers: 192.168.0.1
HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Policies\System => (ConsentPromptBehaviorAdmin: 5) (ConsentPromptBehaviorUser: 3) (EnableLUA: 1)
HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer => (SmartScreenEnabled: )
Windows Firewall is enabled.

==================== MSCONFIG/TASK MANAGER disabled items ==

(If an entry is included in the fixlist, it will be removed.)

HKU\S-1-5-21-4132436051-199185681-1240583427-1001\...\StartupApproved\Run: => "MicrosoftEdgeAutoLaunch_F993743CA8AD919610DC032EB5C17547"

==================== FirewallRules (Whitelisted) ================

(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)

FirewallRules: [{AAF00C42-05DF-4E93-8F5B-D88BC09AC0F0}] => (Allow) C:\Program Files\HP\HP Deskjet 3540 series\Bin\DeviceSetup.exe (Hewlett Packard -> Hewlett-Packard Co.)
FirewallRules: [{13E3E7C3-5A53-4205-80EB-6572D8BE3A33}] => (Allow) LPort=5357
FirewallRules: [{6C862557-ACE6-4245-8886-E23A04A90789}] => (Allow) C:\Program Files\HP\HP Deskjet 3540 series\Bin\HPNetworkCommunicatorCom.exe (Hewlett Packard -> Hewlett-Packard Co.)
FirewallRules: [{F39A30DB-9133-4D50-8140-07300CCEEC46}] => (Allow) C:\Program Files (x86)\Microsoft Office\root\Office16\outlook.exe (Microsoft Corporation -> Microsoft Corporation)
FirewallRules: [{51BB713F-40A7-4C90-84FE-8B1644CFA4FF}] => (Block) C:\Program Files\Intel\SUR\QUEENCREEK\x64\esrv_svc.exe (Intel Corporation -> )
FirewallRules: [{C8A7308C-A92F-4495-A709-87883757C288}] => (Block) C:\Program Files\Intel\SUR\QUEENCREEK\x64\esrv_svc.exe (Intel Corporation -> )
FirewallRules: [{FE9000FC-C50B-4953-8F68-F35411A8FF36}] => (Allow) C:\Program Files\Intel\SUR\QUEENCREEK\x64\esrv_svc.exe (Intel Corporation -> )
FirewallRules: [{4D62946D-2931-4FD6-B616-86C17C5C75B1}] => (Allow) C:\Program Files\Intel\SUR\QUEENCREEK\x64\esrv_svc.exe (Intel Corporation -> )
FirewallRules: [{B195AEFB-9868-4DEE-9DD3-F9592FB37DD0}] => (Allow) C:\Users\vlast\AppData\Local\Temp\7zS62EB\HP.EasyStart.exe => No File
FirewallRules: [TCP Query User{C7DC3151-3BE8-4EE9-80BA-EB4D2BACA34C}C:\users\vlast\appdata\local\temp\7zs7367\enterprisedu.exe] => (Allow) C:\users\vlast\appdata\local\temp\7zs7367\enterprisedu.exe (Hewlett Packard -> Hewlett-Packard Development Company, LP)
FirewallRules: [UDP Query User{4FB08075-5759-47D0-9381-386064107736}C:\users\vlast\appdata\local\temp\7zs7367\enterprisedu.exe] => (Allow) C:\users\vlast\appdata\local\temp\7zs7367\enterprisedu.exe (Hewlett Packard -> Hewlett-Packard Development Company, LP)
FirewallRules: [{A1A73A92-2EA7-4CF0-A695-B9918312E9E4}] => (Block) C:\users\vlast\appdata\local\temp\7zs7367\enterprisedu.exe (Hewlett Packard -> Hewlett-Packard Development Company, LP)
FirewallRules: [{3877FC35-0F3D-4245-A24C-944E0C4109A9}] => (Block) C:\users\vlast\appdata\local\temp\7zs7367\enterprisedu.exe (Hewlett Packard -> Hewlett-Packard Development Company, LP)
FirewallRules: [TCP Query User{936F4FD6-CF56-4200-9804-8660B3762FC4}C:\users\vlast\appdata\local\temp\7zs7cf6\enterprisedu.exe] => (Allow) C:\users\vlast\appdata\local\temp\7zs7cf6\enterprisedu.exe (Hewlett Packard -> Hewlett-Packard Development Company, LP)
FirewallRules: [UDP Query User{436BBB6F-2A4E-4DA0-AAC9-373D7EA460BF}C:\users\vlast\appdata\local\temp\7zs7cf6\enterprisedu.exe] => (Allow) C:\users\vlast\appdata\local\temp\7zs7cf6\enterprisedu.exe (Hewlett Packard -> Hewlett-Packard Development Company, LP)
FirewallRules: [{FC0DC141-E686-4EB8-AFD0-B988A1A6415E}] => (Allow) C:\HP\Diagnostics\PSDR\HPDiagnosticCoreUI.exe (HP Inc. -> HP Development Company, L.P.)
FirewallRules: [{42A281F3-E661-4D77-9AAF-DA78E683C843}] => (Allow) C:\HP\Diagnostics\PSDR\HPDiagnosticCoreUI.exe (HP Inc. -> HP Development Company, L.P.)
FirewallRules: [TCP Query User{D2C236B5-52E5-40E1-80F5-017CA5EC004F}C:\program files\videolan\vlc\vlc.exe] => (Block) C:\program files\videolan\vlc\vlc.exe (VideoLAN -> VideoLAN)
FirewallRules: [UDP Query User{45A2A6C8-DB5A-429D-BEDF-BB71F98BBACE}C:\program files\videolan\vlc\vlc.exe] => (Block) C:\program files\videolan\vlc\vlc.exe (VideoLAN -> VideoLAN)
FirewallRules: [{17A0ED35-D6BF-4645-83E8-699D35AB0F92}] => (Allow) C:\Program Files\WindowsApps\Microsoft.SkypeApp_15.90.3407.0_x86__kzf8qxf38zg5c\Skype\Skype.exe (Skype Software Sarl -> Skype Technologies S.A.)
FirewallRules: [{3BC880B1-4F5F-49D0-9809-7B3BE8AC7A3C}] => (Allow) C:\Program Files\WindowsApps\Microsoft.SkypeApp_15.90.3407.0_x86__kzf8qxf38zg5c\Skype\Skype.exe (Skype Software Sarl -> Skype Technologies S.A.)
FirewallRules: [{3E5B12A6-80D1-4B0A-AFFB-20F2FAD2ACCA}] => (Allow) C:\Program Files\WindowsApps\Microsoft.SkypeApp_15.90.3407.0_x86__kzf8qxf38zg5c\Skype\Skype.exe (Skype Software Sarl -> Skype Technologies S.A.)
FirewallRules: [{C417A53C-C351-4D3D-B1F2-11C66CCD1EC8}] => (Allow) C:\Program Files\WindowsApps\Microsoft.SkypeApp_15.90.3407.0_x86__kzf8qxf38zg5c\Skype\Skype.exe (Skype Software Sarl -> Skype Technologies S.A.)
FirewallRules: [{D791F00E-33B9-4450-878A-0B7D448058A0}] => (Allow) C:\Program Files (x86)\Microsoft\EdgeWebView\Application\107.0.1418.56\msedgewebview2.exe (Microsoft Corporation -> Microsoft Corporation)
FirewallRules: [{21133BEE-6304-4EEF-9403-9CE183D06A6E}] => (Allow) C:\Program Files\Google\Chrome\Application\chrome.exe (Google LLC -> Google LLC)

==================== Restore Points =========================

18-11-2022 13:57:30 Instalační služba modulů systému Windows
24-11-2022 15:27:25 Removed Kontrola stavu osobního počítače s Windows

==================== Faulty Device Manager Devices ============


==================== Event log errors: ========================

Application errors:
==================
Error: (11/25/2022 03:24:23 PM) (Source: Microsoft-Windows-PerfNet) (EventID: 2004) (User: MOJEPC)
Description: Nelze otevřít objekt výkonu služby serveru. Vrácený kód stavu představují první čtyři bajty (DWORD) datové části.

Error: (11/24/2022 12:25:57 PM) (Source: Microsoft-Windows-Defrag) (EventID: 264) (User: )
Description: Optimalizátor úložiště nemohl dokončit opakovat operaci trim na Data (D:), protože: Požadovaná operace není podporována hardwarem, který zálohuje svazek. (0x8900002A)

Error: (11/24/2022 12:25:28 PM) (Source: Microsoft-Windows-Defrag) (EventID: 264) (User: )
Description: Optimalizátor úložiště nemohl dokončit opakovat operaci trim na \\?\Volume{2bf59d76-0000-0000-0000-100000000000}\, protože: Požadovaná operace není podporována hardwarem, který zálohuje svazek. (0x8900002A)

Error: (11/23/2022 02:39:56 PM) (Source: Microsoft-Windows-Defrag) (EventID: 264) (User: )
Description: Optimalizátor úložiště nemohl dokončit opakovat operaci trim na \\?\Volume{2bf59d76-0000-0000-0000-100000000000}\, protože: Požadovaná operace není podporována hardwarem, který zálohuje svazek. (0x8900002A)

Error: (11/21/2022 12:54:23 PM) (Source: Application Error) (EventID: 1000) (User: )
Description: Název chybující aplikace: Zps.exe, verze: 19.2004.2.262, časové razítko: 0x5f3bc9ca
Název chybujícího modulu: mfc140u.dll, verze: 14.25.28508.3, časové razítko: 0x5e155774
Kód výjimky: 0xc000041d
Posun chyby: 0x00000000002935e4
ID chybujícího procesu: 0x1a28
Čas spuštění chybující aplikace: 0x01d8fd904d788f44
Cesta k chybující aplikaci: C:\Program Files\ZPS 19 CZ\Program64\Zps.exe
Cesta k chybujícímu modulu: C:\Program Files\ZPS 19 CZ\Program64\mfc140u.dll
ID zprávy: 21962bc3-8297-417a-beea-fc08fd9008c2
Úplný název chybujícího balíčku:
ID aplikace související s chybujícím balíčkem:

Error: (11/21/2022 12:54:17 PM) (Source: Application Error) (EventID: 1000) (User: )
Description: Název chybující aplikace: Zps.exe, verze: 19.2004.2.262, časové razítko: 0x5f3bc9ca
Název chybujícího modulu: mfc140u.dll, verze: 14.25.28508.3, časové razítko: 0x5e155774
Kód výjimky: 0xc0000005
Posun chyby: 0x00000000002935e4
ID chybujícího procesu: 0x1a28
Čas spuštění chybující aplikace: 0x01d8fd904d788f44
Cesta k chybující aplikaci: C:\Program Files\ZPS 19 CZ\Program64\Zps.exe
Cesta k chybujícímu modulu: C:\Program Files\ZPS 19 CZ\Program64\mfc140u.dll
ID zprávy: 103f4e10-0312-4a7a-93d4-d49857bcc1da
Úplný název chybujícího balíčku:
ID aplikace související s chybujícím balíčkem:

Error: (11/18/2022 02:42:39 PM) (Source: Microsoft-Windows-PerfNet) (EventID: 2004) (User: MOJEPC)
Description: Nelze otevřít objekt výkonu služby serveru. Vrácený kód stavu představují první čtyři bajty (DWORD) datové části.

Error: (11/16/2022 01:27:59 PM) (Source: Microsoft-Windows-Defrag) (EventID: 264) (User: )
Description: Optimalizátor úložiště nemohl dokončit opakovat operaci trim na Data (D:), protože: Požadovaná operace není podporována hardwarem, který zálohuje svazek. (0x8900002A)


System errors:
=============
Error: (11/25/2022 03:17:56 PM) (Source: Service Control Manager) (EventID: 7023) (User: )
Description: Služba User Energy Server Service queencreek byla ukončena s následující chybou:
{Nahrazení identifikátoru GUID}
Během převodu globálního identifikátoru (GUID) na ID zabezpečení Windows (SID) nebyla nalezena žádná správcem definovaná předpona GUID.
Byla použita náhradní předpona, která nepoškodí zabezpečení systému. Může tím ale dojít k většímu omezení přístupu, než bylo zamýšleno.

Error: (11/25/2022 01:26:33 PM) (Source: Service Control Manager) (EventID: 7034) (User: )
Description: Služba Energy Server Service queencreek byla neočekávaně ukončena. Tento stav nastal již 3krát.

Error: (11/24/2022 12:36:50 PM) (Source: Microsoft-Windows-WindowsUpdateClient) (EventID: 20) (User: NT AUTHORITY)
Description: Instalace se nezdařila: Instalování následující aktualizace se nezdařilo z důvodu chyby (0x80073d02): 9NMPJ99VJBWV-Microsoft.YourPhone.

Error: (11/22/2022 12:47:51 PM) (Source: Service Control Manager) (EventID: 7034) (User: )
Description: Služba Energy Server Service queencreek byla neočekávaně ukončena. Tento stav nastal již 2krát.

Error: (11/21/2022 09:54:44 AM) (Source: Service Control Manager) (EventID: 7034) (User: )
Description: Služba Energy Server Service queencreek byla neočekávaně ukončena. Tento stav nastal již 1krát.

Error: (11/18/2022 02:34:04 PM) (Source: Service Control Manager) (EventID: 7023) (User: )
Description: Služba User Energy Server Service queencreek byla ukončena s následující chybou:
{Nahrazení identifikátoru GUID}
Během převodu globálního identifikátoru (GUID) na ID zabezpečení Windows (SID) nebyla nalezena žádná správcem definovaná předpona GUID.
Byla použita náhradní předpona, která nepoškodí zabezpečení systému. Může tím ale dojít k většímu omezení přístupu, než bylo zamýšleno.

Error: (11/11/2022 03:21:26 PM) (Source: Service Control Manager) (EventID: 7023) (User: )
Description: Služba User Energy Server Service queencreek byla ukončena s následující chybou:
{Nahrazení identifikátoru GUID}
Během převodu globálního identifikátoru (GUID) na ID zabezpečení Windows (SID) nebyla nalezena žádná správcem definovaná předpona GUID.
Byla použita náhradní předpona, která nepoškodí zabezpečení systému. Může tím ale dojít k většímu omezení přístupu, než bylo zamýšleno.

Error: (11/11/2022 03:21:26 PM) (Source: Service Control Manager) (EventID: 7034) (User: )
Description: Služba Energy Server Service queencreek byla neočekávaně ukončena. Tento stav nastal již 2krát.


Windows Defender:
================
Date: 2022-11-24 14:39:56
Description:
Prohledávání Antivirová ochrana v programu Microsoft Defender bylo zastaveno před dokončením.
ID prohledávání: {EC02EAB9-138D-466E-B23A-EACCB846F254}
Typ prohledávání: Antimalwarový program
Parametry prohledávání: Rychlé prohledávání
Uživatel: NT AUTHORITY\SYSTEM

Date: 2022-11-23 14:39:44
Description:
Prohledávání Antivirová ochrana v programu Microsoft Defender bylo zastaveno před dokončením.
ID prohledávání: {672E9F40-A112-44E4-BE46-39D81AF8E01C}
Typ prohledávání: Antimalwarový program
Parametry prohledávání: Rychlé prohledávání
Uživatel: NT AUTHORITY\SYSTEM

Date: 2022-11-21 13:21:22
Description:
Prohledávání Antivirová ochrana v programu Microsoft Defender bylo zastaveno před dokončením.
ID prohledávání: {D4E795A8-2F2C-4085-BC0A-17A8FDE37078}
Typ prohledávání: Antimalwarový program
Parametry prohledávání: Rychlé prohledávání
Uživatel: NT AUTHORITY\SYSTEM

Date: 2022-11-21 11:59:56
Description:
Prohledávání Antivirová ochrana v programu Microsoft Defender bylo zastaveno před dokončením.
ID prohledávání: {08215218-6C35-4EED-920C-AEE05A5D0102}
Typ prohledávání: Antimalwarový program
Parametry prohledávání: Rychlé prohledávání
Uživatel: NT AUTHORITY\SYSTEM

Date: 2022-11-18 10:35:53
Description:
Prohledávání Antivirová ochrana v programu Microsoft Defender bylo zastaveno před dokončením.
ID prohledávání: {AE71CF18-3453-4BEB-9AA7-CA18A908796C}
Typ prohledávání: Antimalwarový program
Parametry prohledávání: Rychlé prohledávání
Uživatel: NT AUTHORITY\SYSTEM

CodeIntegrity:
===============
Date: 2022-11-21 11:56:18
Description:
Code Integrity determined that a process (\Device\HarddiskVolume2\ProgramData\Microsoft\Windows Defender\Platform\4.18.2210.6-0\MsMpEng.exe) attempted to load \Device\HarddiskVolume2\Program Files (x86)\Microsoft Office\root\vfs\ProgramFilesCommonX64\Microsoft Shared\OFFICE16\MSOXMLMF.DLL that did not meet the Custom 3 / Antimalware signing level requirements.

Date: 2022-11-06 09:54:57
Description:
Code Integrity determined that a process (\Device\HarddiskVolume2\ProgramData\Microsoft\Windows Defender\Platform\4.18.2210.5-0\MsMpEng.exe) attempted to load \Device\HarddiskVolume2\Program Files (x86)\Microsoft Office\root\vfs\ProgramFilesCommonX64\Microsoft Shared\OFFICE16\MSOXMLMF.DLL that did not meet the Custom 3 / Antimalware signing level requirements.

Date: 2022-11-03 19:14:46
Description:
Code Integrity determined that a process (\Device\HarddiskVolume2\ProgramData\Microsoft\Windows Defender\Platform\4.18.2210.4-0\MsMpEng.exe) attempted to load \Device\HarddiskVolume2\Program Files (x86)\Microsoft Office\root\vfs\ProgramFilesCommonX64\Microsoft Shared\OFFICE16\MSOXMLMF.DLL that did not meet the Custom 3 / Antimalware signing level requirements.

Date: 2022-10-22 11:58:57
Description:
Code Integrity determined that a process (\Device\HarddiskVolume2\ProgramData\Microsoft\Windows Defender\Platform\4.18.2209.7-0\MsMpEng.exe) attempted to load \Device\HarddiskVolume2\Program Files (x86)\Microsoft Office\root\vfs\ProgramFilesCommonX64\Microsoft Shared\OFFICE16\MSOXMLMF.DLL that did not meet the Custom 3 / Antimalware signing level requirements.

Date: 2022-10-11 11:45:08
Description:
Code Integrity determined that a process (\Device\HarddiskVolume2\ProgramData\Microsoft\Windows Defender\Platform\4.18.2209.4-0\MsMpEng.exe) attempted to load \Device\HarddiskVolume2\Program Files (x86)\Microsoft Office\root\vfs\ProgramFilesCommonX64\Microsoft Shared\OFFICE16\MSOXMLMF.DLL that did not meet the Custom 3 / Antimalware signing level requirements.

Date: 2022-10-09 07:57:43
Description:
Code Integrity determined that a process (\Device\HarddiskVolume2\ProgramData\Microsoft\Windows Defender\Platform\4.18.2207.7-0\MsMpEng.exe) attempted to load \Device\HarddiskVolume2\Program Files (x86)\Microsoft Office\root\vfs\ProgramFilesCommonX64\Microsoft Shared\OFFICE16\MSOXMLMF.DLL that did not meet the Custom 3 / Antimalware signing level requirements.


==================== Memory info ===========================

BIOS: Award Software International, Inc. FD 02/21/2012
Motherboard: Gigabyte Technology Co., Ltd. P67A-D3-B3
Processor: Intel(R) Core(TM) i3-2120 CPU @ 3.30GHz
Percentage of memory in use: 45%
Total physical RAM: 8175.11 MB
Available physical RAM: 4489.53 MB
Total Virtual: 9455.11 MB
Available Virtual: 5248.55 MB

==================== Drives ================================

Drive c: () (Fixed) (Total:145.44 GB) (Free:95.95 GB) (Model: ST1000DM003-9YN162 ATA Device) NTFS
Drive d: (Data) (Fixed) (Total:785.03 GB) (Free:588.9 GB) (Model: ST1000DM003-9YN162 ATA Device) NTFS

\\?\Volume{2bf59d76-0000-0000-0000-100000000000}\ () (Fixed) (Total:0.54 GB) (Free:0.1 GB) NTFS
\\?\Volume{2bf59d76-0000-0000-0000-a07e24000000}\ () (Fixed) (Total:0.51 GB) (Free:0.08 GB) NTFS

==================== MBR & Partition Table ====================

==========================================================
Disk: 0 (MBR Code: Windows 7/8/10) (Size: 931.5 GB) (Disk ID: 2BF59D76)
Partition 1: (Active) - (Size=549 MB) - (Type=07 NTFS)
Partition 2: (Not Active) - (Size=145.4 GB) - (Type=07 NTFS)
Partition 3: (Not Active) - (Size=518 MB) - (Type=27)
Partition 4: (Not Active) - (Size=785 GB) - (Type=07 NTFS)

==================== End of Addition.txt =======================


# -------------------------------
# Malwarebytes AdwCleaner 8.4.0.0
# -------------------------------
# Build: 08-30-2022
# Database: 2022-10-10.1 (Cloud)
# Support: https://www.malwarebytes.com/support
#
# -------------------------------
# Mode: Scan
# -------------------------------
# Start: 11-25-2022
# Duration: 00:00:08
# OS: Windows 10 (Build 19045.2311)
# Scanned: 32088
# Detected: 0


***** [ Services ] *****

No malicious services found.

***** [ Folders ] *****

No malicious folders found.

***** [ Files ] *****

No malicious files found.

***** [ DLL ] *****

No malicious DLLs found.

***** [ WMI ] *****

No malicious WMI found.

***** [ Shortcuts ] *****

No malicious shortcuts found.

***** [ Tasks ] *****

No malicious tasks found.

***** [ Registry ] *****

No malicious registry entries found.

***** [ Chromium (and derivatives) ] *****

No malicious Chromium entries found.

***** [ Chromium URLs ] *****

No malicious Chromium URLs found.

***** [ Firefox (and derivatives) ] *****

No malicious Firefox entries found.

***** [ Firefox URLs ] *****

No malicious Firefox URLs found.

***** [ Hosts File Entries ] *****

No malicious hosts file entries found.

***** [ Preinstalled Software ] *****

No Preinstalled Software found.



########## EOF - C:\AdwCleaner\Logs\AdwCleaner[S00].txt ##########
Naposledy upravil(a) vlastas dne 25 lis 2022 22:35, celkem upraveno 1 x.

Uživatelský avatar
Rudy
Site Admin
Site Admin
Příspěvky: 118200
Registrován: 30 říj 2003 13:42
Bydliště: Plzeň
Kontaktovat uživatele:

Re: PUADlManager:Win32/Seznam

#4 Příspěvek od Rudy »

Toto je OK. Otevřte poznámkový blok a zkopírujte do něj:
Start

CloseProcesses:
FirewallRules: [{B195AEFB-9868-4DEE-9DD3-F9592FB37DD0}] => (Allow) C:\Users\vlast\AppData\Local\Temp\7zS62EB\HP.EasyStart.exe => No File
Task: {A1D57D89-D5CE-421D-A5ED-0F947D65A5FC} - System32\Tasks\IUM-F1E24CA0-B63E-4F13-A9E3-4ADE3BFF3473 => C:\Program Files (x86)\Intel\Intel(R) Update Manager\bin\iumsvc.exe --automatic (No File)
Task: {F5FF8D59-6425-4C73-8C26-FFAA4EBF188F} - System32\Tasks\GoogleUpdateTaskMachineCore => C:\Program Files (x86)\Google\Update\GoogleUpdate.exe [154456 2021-07-05] (Google LLC -> Google LLC)
Task: {528001AE-6270-495E-9642-2059DAF7C502} - System32\Tasks\GoogleUpdateTaskMachineUA => C:\Program Files (x86)\Google\Update\GoogleUpdate.exe [154456 2021-07-05] (Google LLC -> Google LLC)
C:\DumpStack.log.tmp

EmptyTemp:
End
Uložte na plochu jako fixlist.txt. Spusťte znovu FRST a klikněte na >Fix<. Po skončení akce se objeví log, který sem zkopírujte.
Dotazy a logy vkládejte pouze do vašich threadů. Soukromé zprávy, icq a e-maily neslouží k řešení vašich problémů.

Podpořte, prosím, naše fórum : https://platba.viry.cz/payment/.

Navštivte: Obrázek

e-mail: rudy(zavináč)forum.viry.cz

Varování:
Před odvirováním PC si udělejte zálohy svých důležitých dat (pošta, kontakty, dokumenty, fotografie, videa, hudba apod.). Virus mimo svých "viditelných" aktivit může poškodit systém!


Po dořešení vašeho problému bude vlákno zamknuto. Stejně tak tehdy, pokud bude nečinné více než 14dnů. Pokud budete chtít vlákno aktivovat, napište mi na mail uvedený výše.

vlastas
3. Stupeň Varování
Příspěvky: 66
Registrován: 22 pro 2010 13:16

Re: PUADlManager:Win32/Seznam

#5 Příspěvek od vlastas »

Fix result of Farbar Recovery Scan Tool (x64) Version: 18-11-2022
Ran by vlast (26-11-2022 11:54:34) Run:1
Running from C:\Users\vlast\Desktop
Loaded Profiles: vlast & Guest
Boot Mode: Normal
==============================================

fixlist content:
*****************
Start

CloseProcesses:
FirewallRules: [{B195AEFB-9868-4DEE-9DD3-F9592FB37DD0}] => (Allow) C:\Users\vlast\AppData\Local\Temp\7zS62EB\HP.EasyStart.exe => No File
Task: {A1D57D89-D5CE-421D-A5ED-0F947D65A5FC} - System32\Tasks\IUM-F1E24CA0-B63E-4F13-A9E3-4ADE3BFF3473 => C:\Program Files (x86)\Intel\Intel(R) Update Manager\bin\iumsvc.exe --automatic (No File)
Task: {F5FF8D59-6425-4C73-8C26-FFAA4EBF188F} - System32\Tasks\GoogleUpdateTaskMachineCore => C:\Program Files (x86)\Google\Update\GoogleUpdate.exe [154456 2021-07-05] (Google LLC -> Google LLC)
Task: {528001AE-6270-495E-9642-2059DAF7C502} - System32\Tasks\GoogleUpdateTaskMachineUA => C:\Program Files (x86)\Google\Update\GoogleUpdate.exe [154456 2021-07-05] (Google LLC -> Google LLC)
C:\DumpStack.log.tmp

EmptyTemp:
End
*****************

Processes closed successfully.
"HKLM\SYSTEM\CurrentControlSet\services\SharedAccess\Parameters\FirewallPolicy\FirewallRules\\{B195AEFB-9868-4DEE-9DD3-F9592FB37DD0}" => removed successfully
"HKLM\Software\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Plain\{A1D57D89-D5CE-421D-A5ED-0F947D65A5FC}" => removed successfully
"HKLM\Software\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tasks\{A1D57D89-D5CE-421D-A5ED-0F947D65A5FC}" => removed successfully
C:\Windows\System32\Tasks\IUM-F1E24CA0-B63E-4F13-A9E3-4ADE3BFF3473 => moved successfully
"HKLM\Software\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tree\IUM-F1E24CA0-B63E-4F13-A9E3-4ADE3BFF3473" => removed successfully
"HKLM\Software\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Logon\{F5FF8D59-6425-4C73-8C26-FFAA4EBF188F}" => removed successfully
"HKLM\Software\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tasks\{F5FF8D59-6425-4C73-8C26-FFAA4EBF188F}" => removed successfully
C:\Windows\System32\Tasks\GoogleUpdateTaskMachineCore => moved successfully
"HKLM\Software\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tree\GoogleUpdateTaskMachineCore" => removed successfully
"HKLM\Software\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Plain\{528001AE-6270-495E-9642-2059DAF7C502}" => removed successfully
"HKLM\Software\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tasks\{528001AE-6270-495E-9642-2059DAF7C502}" => removed successfully
C:\Windows\System32\Tasks\GoogleUpdateTaskMachineUA => moved successfully
"HKLM\Software\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tree\GoogleUpdateTaskMachineUA" => removed successfully
Could not move "C:\DumpStack.log.tmp" => Scheduled to move on reboot.

=========== EmptyTemp: ==========

FlushDNS => completed
BITS transfer queue => 1310720 B
DOMStore, IE Recovery, AppCache, Feeds Cache, Thumbcache, IconCache => 49888407 B
Java, Discord, Steam htmlcache, WinHttpAutoProxySvc/winhttp *.cache => 0 B
Windows/system/drivers => 17895354 B
Edge => 0 B
Chrome => 746910534 B
Firefox => 0 B
Opera => 0 B

Temp, IE cache, history, cookies, recent:
Default => 0 B
ProgramData => 0 B
Public => 0 B
systemprofile => 0 B
systemprofile32 => 0 B
LocalService => 38856 B
NetworkService => 5499826 B
vlast => 166174707 B
Guest => 166371494 B

RecycleBin => 0 B
EmptyTemp: => 1.1 GB temporary data Removed.

================================

Result of scheduled files to move (Boot Mode: Normal) (Date&Time: 26-11-2022 12:00:57)

C:\DumpStack.log.tmp => Could not move

==== End of Fixlog 12:00:57 ====

Uživatelský avatar
Rudy
Site Admin
Site Admin
Příspěvky: 118200
Registrován: 30 říj 2003 13:42
Bydliště: Plzeň
Kontaktovat uživatele:

Re: PUADlManager:Win32/Seznam

#6 Příspěvek od Rudy »

Smazáno. Nastala nějaká změna?
Dotazy a logy vkládejte pouze do vašich threadů. Soukromé zprávy, icq a e-maily neslouží k řešení vašich problémů.

Podpořte, prosím, naše fórum : https://platba.viry.cz/payment/.

Navštivte: Obrázek

e-mail: rudy(zavináč)forum.viry.cz

Varování:
Před odvirováním PC si udělejte zálohy svých důležitých dat (pošta, kontakty, dokumenty, fotografie, videa, hudba apod.). Virus mimo svých "viditelných" aktivit může poškodit systém!


Po dořešení vašeho problému bude vlákno zamknuto. Stejně tak tehdy, pokud bude nečinné více než 14dnů. Pokud budete chtít vlákno aktivovat, napište mi na mail uvedený výše.

vlastas
3. Stupeň Varování
Příspěvky: 66
Registrován: 22 pro 2010 13:16

Re: PUADlManager:Win32/Seznam

#7 Příspěvek od vlastas »

Upozornění je tam stále.
PUADIManger.jpg
PUADIManger.jpg (27.76 KiB) Zobrazeno 762 x
Buď to dám do karantény nebo odebrat. Děkuji za snahu.

Uživatelský avatar
Rudy
Site Admin
Site Admin
Příspěvky: 118200
Registrován: 30 říj 2003 13:42
Bydliště: Plzeň
Kontaktovat uživatele:

Re: PUADlManager:Win32/Seznam

#8 Příspěvek od Rudy »

OK. Co se stame, když zatrhnete a potvrdíte Odebrat, nebo karanténa?
Dotazy a logy vkládejte pouze do vašich threadů. Soukromé zprávy, icq a e-maily neslouží k řešení vašich problémů.

Podpořte, prosím, naše fórum : https://platba.viry.cz/payment/.

Navštivte: Obrázek

e-mail: rudy(zavináč)forum.viry.cz

Varování:
Před odvirováním PC si udělejte zálohy svých důležitých dat (pošta, kontakty, dokumenty, fotografie, videa, hudba apod.). Virus mimo svých "viditelných" aktivit může poškodit systém!


Po dořešení vašeho problému bude vlákno zamknuto. Stejně tak tehdy, pokud bude nečinné více než 14dnů. Pokud budete chtít vlákno aktivovat, napište mi na mail uvedený výše.

Odpovědět