Odvirování PC, zrychlení počítače, vzdálená pomoc prostřednictvím služby neslape.cz

Prosím o prevenci

Nemáte v tuto chvíli žádný problém s pc a chcete se jen ujistit, že je vše v pořádku?
Vložte log z FRST nebo RSIT.

Moderátor: Moderátoři

Pravidla fóra
Pokud chcete pomoc, vložte log z FRST [návod zde] nebo RSIT [návod zde]

Jednotlivé thready budou po vyřešení uzamčeny. Stejně tak ty, které budou nečinné déle než 14 dní. Vizte Pravidlo o zamykání témat. Děkujeme za pochopení.

!NOVINKA!
Nově lze využívat služby vzdálené pomoci, kdy se k vašemu počítači připojí odborník a bližší informace o problému si od vás získá telefonicky! Více na www.neslape.cz
Zamčeno
Zpráva
Autor
ceasare
Návštěvník
Návštěvník
Příspěvky: 62
Registrován: 29 říj 2011 21:22

Prosím o prevenci

#1 Příspěvek od ceasare »

Kód: Vybrat vše

Scan result of Farbar Recovery Scan Tool (FRST) (x64) Version: 29-12-2022
Ran by evamr (administrator) on DESKTOP-P745MGV (MSI MS-7817) (04-01-2023 18:53:32)
Running from C:\Users\evamr\Desktop
Loaded Profiles: evamr
Platform: Microsoft Windows 10 Home Version 21H2 19044.2364 (X64) Language: Slovenčina (Slovensko)
Default browser: Chrome
Boot Mode: Normal

==================== Processes (Whitelisted) =================

(If an entry is included in the fixlist, the process will be closed. The file will not be moved.)

(Access Denied)  [File not signed] C:\XboxGames\Minecraft Launcher\Content\Minecraft.exe <5>
(C:\Program Files\WindowsApps\FACEBOOK.317180B0BB486_1720.28.215.0_x64__8xx8rvfyw5nnt\app\Messenger.exe ->) (Meta) C:\Program Files\WindowsApps\FACEBOOK.317180B0BB486_1720.28.215.0_x64__8xx8rvfyw5nnt\app\CrashpadHandlerWindows.exe
(C:\ProgramData\Microsoft\Windows Defender\Platform\4.18.2211.5-0\MsMpEng.exe ->) (Microsoft Windows Publisher -> Microsoft Corporation) C:\ProgramData\Microsoft\Windows Defender\Platform\4.18.2211.5-0\MpCopyAccelerator.exe
(C:\Users\evamr\AppData\Local\Microsoft\Teams\current\Teams.exe ->) (Google LLC -> Google LLC) C:\Program Files (x86)\Google\Update\1.3.36.152\GoogleCrashHandler.exe
(C:\Users\evamr\AppData\Local\Microsoft\Teams\current\Teams.exe ->) (Google LLC -> Google LLC) C:\Program Files (x86)\Google\Update\1.3.36.152\GoogleCrashHandler64.exe
(C:\XboxGames\Minecraft Launcher\Content\Minecraft.exe ->) (Microsoft) [File not signed] C:\Users\evamr\AppData\Local\Packages\Microsoft.4297127D64EC6_8wekyb3d8bbwe\LocalCache\Local\runtime\java-runtime-gamma\windows-x64\java-runtime-gamma\bin\javaw.exe
(explorer.exe ->) (Google LLC -> Google LLC) C:\Program Files\Google\Chrome\Application\chrome.exe <35>
(explorer.exe ->) (Meta) C:\Program Files\WindowsApps\FACEBOOK.317180B0BB486_1720.28.215.0_x64__8xx8rvfyw5nnt\app\Messenger.exe
(explorer.exe ->) (Microsoft Corporation -> Microsoft Corporation) C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe <6>
(Microsoft Corporation -> Microsoft Corporation) C:\Users\evamr\AppData\Local\Microsoft\Teams\current\Teams.exe <12>
(Oracle America, Inc. -> Oracle Corporation) C:\Program Files (x86)\Common Files\Java\Java Update\jusched.exe
(services.exe ->) (Adobe Inc. -> Adobe Inc.) C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\armsvc.exe
(services.exe ->) (DITEC, a.s. -> ) C:\Program Files (x86)\Ditec\DLauncher\dLauncherLoopback.exe
(services.exe ->) (HP Inc. -> HP Inc.) C:\Program Files\HPPrintScanDoctor\HPPrintScanDoctorService.exe
(services.exe ->) (Microsoft Corporation -> Microsoft Corporation) C:\Program Files (x86)\Microsoft GameInput\x64\gameinputsvc.exe <2>
(services.exe ->) (Microsoft Corporation) C:\Program Files\WindowsApps\Microsoft.GamingServices_8.71.12001.0_x64__8wekyb3d8bbwe\gamingservices.exe
(services.exe ->) (Microsoft Corporation) C:\Program Files\WindowsApps\Microsoft.GamingServices_8.71.12001.0_x64__8wekyb3d8bbwe\gamingservicesnet.exe
(services.exe ->) (Microsoft Windows Publisher -> Microsoft Corporation) C:\ProgramData\Microsoft\Windows Defender\Platform\4.18.2211.5-0\MsMpEng.exe
(services.exe ->) (Microsoft Windows Publisher -> Microsoft Corporation) C:\ProgramData\Microsoft\Windows Defender\Platform\4.18.2211.5-0\NisSrv.exe
(services.exe ->) (Newyu) [File not signed] C:\Program Files (x86)\LibreView Device Drivers\LibreViewMASMonitor.exe
(services.exe ->) (NVIDIA Corporation -> NVIDIA Corporation) C:\Windows\System32\DriverStore\FileRepository\nv_dispi.inf_amd64_1c83a5d7cffd7bff\Display.NvContainer\NVDisplay.Container.exe <2>
(svchost.exe ->) (Microsoft Corporation) C:\Program Files\WindowsApps\Microsoft.WindowsCalculator_11.2210.0.0_x64__8wekyb3d8bbwe\CalculatorApp.exe
(svchost.exe ->) (Microsoft Corporation) C:\Program Files\WindowsApps\Microsoft.XboxApp_48.89.25001.0_x64__8wekyb3d8bbwe\XboxApp.exe
(svchost.exe ->) (Microsoft Windows -> Microsoft Corporation) C:\Windows\ImmersiveControlPanel\SystemSettings.exe
(svchost.exe ->) (Microsoft Windows -> Microsoft Corporation) C:\Windows\System32\dllhost.exe
(svchost.exe ->) (Microsoft Windows -> Microsoft Corporation) C:\Windows\System32\GameBarPresenceWriter.exe
(svchost.exe ->) (Microsoft Windows -> Microsoft Corporation) C:\Windows\System32\MoUsoCoreWorker.exe
(svchost.exe ->) (Microsoft Windows -> Microsoft Corporation) C:\Windows\System32\smartscreen.exe

==================== Registry (Whitelisted) ===================

(If an entry is included in the fixlist, the registry item will be restored to default or removed. The file will not be moved.)

HKLM\...\Run: [AdobeAAMUpdater-1.0] => C:\Program Files (x86)\Common Files\Adobe\OOBE\PDApp\UWA\UpdaterStartupUtility.exe [509936 2018-04-11] (Adobe Systems Incorporated -> Adobe Systems Incorporated)
HKLM-x32\...\Run: [Adobe CCXProcess] => C:\Program Files (x86)\Adobe\Adobe Creative Cloud Experience\CCXProcess.exe [129288 2021-08-04] (Adobe Inc. -> )
HKLM-x32\...\Run: [eID_Client] => C:\Program Files (x86)\eID_klient\eID_Client.exe [20895528 2022-09-28] (Ministerstvo vnútra Slovenskej republiky -> )
HKLM-x32\...\Run: [SunJavaUpdateSched] => C:\Program Files (x86)\Common Files\Java\Java Update\jusched.exe [711288 2022-09-15] (Oracle America, Inc. -> Oracle Corporation)
HKU\S-1-5-21-3760653307-1901750747-4286733701-1001\...\Run: [MicrosoftEdgeAutoLaunch_047DBF7B84C518AB47BF9DC9D7BC701E] => "C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --no-startup-window --win-session-start /prefetch:5 [3879848 2022-12-15] (Microsoft Corporation -> Microsoft Corporation)
HKU\S-1-5-21-3760653307-1901750747-4286733701-1001\...\Run: [com.squirrel.Teams.Teams] => C:\Users\evamr\AppData\Local\Microsoft\Teams\Update.exe [2587416 2022-12-13] (Microsoft 3rd Party Application Component -> Microsoft Corporation)
HKU\S-1-5-21-3760653307-1901750747-4286733701-1001\...\Run: [Disig Web Signer] => C:\Program Files (x86)\Disig\Web Signer\WebSignerTray.exe [254080 2021-02-04] (Disig a.s. -> Disig a.s.)
HKLM\Software\Microsoft\Active Setup\Installed Components: [{8A69D345-D564-463c-AFF1-A69D9E530F96}] -> C:\Program Files\Google\Chrome\Application\108.0.5359.125\Installer\chrmstp.exe [2022-12-16] (Google LLC -> Google LLC)

==================== Scheduled Tasks (Whitelisted) ============

(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)

Task: {1C017E83-E88E-4DBB-89BC-217AD2D62B71} - System32\Tasks\GoogleUpdateTaskMachineCore{93F6EF78-AB65-4374-8360-1587B0F97AD9} => C:\Program Files (x86)\Google\Update\GoogleUpdate.exe [171480 2022-10-03] (Google LLC -> Google LLC)
Task: {39A87554-F300-4C90-825E-4E968F944870} - System32\Tasks\DUpdaterTask => C:\Program Files (x86)\Ditec\DUpdater\DUpdater.exe [4176216 2022-10-25] (DITEC, a.s. -> DITEC, a.s.)
Task: {4440E75A-7508-447C-9464-CD8B09C153F5} - System32\Tasks\Microsoft\Windows\Windows Defender\Windows Defender Scheduled Scan => C:\ProgramData\Microsoft\Windows Defender\Platform\4.18.2211.5-0\MpCmdRun.exe [1592184 2022-12-09] (Microsoft Windows Publisher -> Microsoft Corporation)
Task: {51502359-7F5F-4060-BAFC-4D3D8582402B} - System32\Tasks\HP\HP Print Scan Doctor\Printer Health Monitor => C:\Program Files\HPPrintScanDoctor\HPPrinterHealthMonitor.exe [56816 2022-12-04] (HP Inc. -> HP Inc.)
Task: {5D0AB52C-3EE3-44B2-BD77-4F30EA57E860} - System32\Tasks\Meta\Messenger-WSP-Helper-S-1-5-21-3760653307-1901750747-4286733701-1001 => C:\Program Files\WindowsApps\FACEBOOK.317180B0BB486_1720.28.215.0_x64__8xx8rvfyw5nnt\app\MessengerHelper.exe [2149112 2022-12-18] (Facebook, Inc. -> Meta Platforms, Inc.)
Task: {6A73D675-AD51-4838-9A60-665E1CEC3696} - System32\Tasks\GoogleUpdateTaskMachineUA{A8BE8C8F-AC99-4434-A840-BD7DD0D4C665} => C:\Program Files (x86)\Google\Update\GoogleUpdate.exe [171480 2022-10-03] (Google LLC -> Google LLC)
Task: {6EBE6119-04FE-4046-A405-2C42C4343B8D} - System32\Tasks\Microsoft\Windows\Windows Defender\Windows Defender Verification => C:\ProgramData\Microsoft\Windows Defender\Platform\4.18.2211.5-0\MpCmdRun.exe [1592184 2022-12-09] (Microsoft Windows Publisher -> Microsoft Corporation)
Task: {A3C4E04B-3336-4B01-8C9E-5F3E004DD741} - System32\Tasks\Adobe Acrobat Update Task => C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\AdobeARM.exe [1552376 2022-09-26] (Adobe Inc. -> Adobe Inc.)
Task: {C87215C0-1379-4EE3-87BC-B5DD6F8C8886} - System32\Tasks\Microsoft\Windows\Windows Defender\Windows Defender Cleanup => C:\ProgramData\Microsoft\Windows Defender\Platform\4.18.2211.5-0\MpCmdRun.exe [1592184 2022-12-09] (Microsoft Windows Publisher -> Microsoft Corporation)
Task: {F8D617A9-653B-407C-8B0A-8239B375DD5F} - System32\Tasks\HP\HP Print Scan Doctor\Printer Health Monitor Logon => C:\Program Files\HPPrintScanDoctor\HPPrinterHealthMonitor.exe [56816 2022-12-04] (HP Inc. -> HP Inc.)
Task: {FC5BD7C4-DA06-47BA-B7D5-EB1AF5679B92} - System32\Tasks\Opera scheduled Autoupdate 1664829031 => C:\Users\evamr\AppData\Local\Programs\Opera\launcher.exe [2607560 2022-12-20] (Opera Norway AS -> Opera Software)
Task: {FFADB4B2-1FE6-469A-9E63-731428113191} - System32\Tasks\Microsoft\Windows\Windows Defender\Windows Defender Cache Maintenance => C:\ProgramData\Microsoft\Windows Defender\Platform\4.18.2211.5-0\MpCmdRun.exe [1592184 2022-12-09] (Microsoft Windows Publisher -> Microsoft Corporation)

(If an entry is included in the fixlist, the task (.job) file will be moved. The file which is running by the task will not be moved.)


==================== Internet (Whitelisted) ====================

(If an item is included in the fixlist, if it is a registry item it will be removed or restored to default.)

Tcpip\Parameters: [DhcpNameServer] 192.168.1.1
Tcpip\..\Interfaces\{8e7251e4-ba57-4db1-ba27-4b48cd6c84e7}: [DhcpNameServer] 192.168.1.1

Edge: 
=======
Edge Profile: C:\Users\evamr\AppData\Local\Microsoft\Edge\User Data\Default [2023-01-04]

FireFox:
========
FF Plugin: @java.com/DTPlugin,version=11.351.2 -> C:\Program Files\Java\jre1.8.0_351\bin\dtplugin\npDeployJava1.dll [2022-11-18] (Oracle America, Inc. -> Oracle Corporation)
FF Plugin: @java.com/JavaPlugin,version=11.351.2 -> C:\Program Files\Java\jre1.8.0_351\bin\plugin2\npjp2.dll [2022-11-18] (Oracle America, Inc. -> Oracle Corporation)
FF Plugin: Adobe Acrobat -> C:\Program Files\Adobe\Acrobat DC\Acrobat\Air\nppdf32.dll [2022-11-14] (Adobe Inc. -> Adobe Systems Inc.)
FF Plugin-x32: ditec.sk/DAsicFac -> C:\PROGRA~2\Ditec\DSIGNE~2.NET\NPDITE~1.DLL [2022-08-15] (DITEC, a.s. -> Ditec,a.s.)
FF Plugin-x32: ditec.sk/DitecNMc -> C:\PROGRA~2\Ditec\DLAUNC~2\NPDITE~1.DLL [2022-05-06] (DITEC, a.s. -> DITEC, a.s.)
FF Plugin-x32: ditec.sk/DitecZepDViewerFb -> C:\PROGRA~2\Ditec\DViewer\NPDITE~1.DLL [2022-12-16] (DITEC, a.s. -> Ditec, a.s.)
FF Plugin-x32: ditec.sk/DSigMessageContainer -> C:\PROGRA~2\Ditec\DSIGNE~2.NET\NPDITE~2.DLL [2022-08-15] (DITEC, a.s. -> Ditec, a.s.)
FF Plugin-x32: ditec.sk/DSigXadesExtender -> C:\PROGRA~2\Ditec\DSIGNE~2.NET\NPDITE~3.DLL [2022-08-15] (DITEC, a.s. -> Ditec, a.s.)
FF Plugin-x32: ditec.sk/DSigXadesFb -> C:\PROGRA~2\Ditec\DSIGNE~1.NET\NPDITE~1.DLL [2022-12-23] (DITEC, a.s. -> Ditec,a.s.)
FF Plugin-x32: ditec.sk/XmlDataContainerFb -> C:\PROGRA~2\Ditec\DSIGNE~1.NET\NPDITE~2.DLL [2022-12-23] (DITEC, a.s. -> Ditec,a.s.)

Chrome: 
=======
CHR Profile: C:\Users\evamr\AppData\Local\Google\Chrome\User Data\Default [2023-01-04]
CHR Notifications: Default -> hxxps://trovo.live
CHR HomePage: Default -> hxxp://google.sk/
CHR StartupUrls: Default -> "hxxp://mystart.incredibar.com/mb187?a=6OyT6MPidt&i=26","hxxp://us.yahoo.com?fr=fpc-comodo","hxxp://www.delta-search.com/?affID=119816&tt=190313_wo1&babsrc=HP_ss&mntrId=00FD1C6F654A0286","hxxps://www.google.com/","hxxp://www.google.com/","hxxps://www.google.com/","hxxps://www.google.com/"
CHR Session Restore: Default -> is enabled.
CHR Extension: (Prekladač Google) - C:\Users\evamr\AppData\Local\Google\Chrome\User Data\Default\Extensions\aapbdbdomjkkjkaonfhkkikfgjllcleb [2022-10-03]
CHR Extension: (uBlock Origin) - C:\Users\evamr\AppData\Local\Google\Chrome\User Data\Default\Extensions\cjpalhdlnbpafiamejdnhcphjbkeiagm [2022-12-31]
CHR Extension: (alerabat.com | kupony i cashback) - C:\Users\evamr\AppData\Local\Google\Chrome\User Data\Default\Extensions\dacdinoicboceafielngnmjjplncljhj [2022-12-15]
CHR Extension: (WebCRX) - C:\Users\evamr\AppData\Local\Google\Chrome\User Data\Default\Extensions\ddgilliopjknmglnpkegbjpoilgachlm [2022-10-03]
CHR Extension: (Tampermonkey) - C:\Users\evamr\AppData\Local\Google\Chrome\User Data\Default\Extensions\dhdgffkkebhmkfjojejmpbldmpobfkfo [2022-11-25]
CHR Extension: (AHA Music - Song Finder for Browser) - C:\Users\evamr\AppData\Local\Google\Chrome\User Data\Default\Extensions\dpacanjfikmhoddligfbehkpomnbgblf [2022-10-03]
CHR Extension: (Adobe Acrobat: nástroje na upravovanie, prevádzanie a podpisovanie súborov PDF) - C:\Users\evamr\AppData\Local\Google\Chrome\User Data\Default\Extensions\efaidnbmnnnibpcajpcglclefindmkaj [2022-12-23]
CHR Extension: (Kaspersky Protection 20.0) - C:\Users\evamr\AppData\Local\Google\Chrome\User Data\Default\Extensions\elhpdacimkjpccooodognopfhbdgnpbk [2022-10-03]
CHR Extension: (Dokumenty Google v režime offline) - C:\Users\evamr\AppData\Local\Google\Chrome\User Data\Default\Extensions\ghbmnnjooekpmoecnnnilnnbdlolhkhi [2022-11-23]
CHR Extension: (TinEye Reverse Image Search) - C:\Users\evamr\AppData\Local\Google\Chrome\User Data\Default\Extensions\haebnnbpedcbhciplfhjjkbafijpncjl [2022-12-08]
CHR Extension: (Context Menu Search) - C:\Users\evamr\AppData\Local\Google\Chrome\User Data\Default\Extensions\idpcgabojogahgmhdgnjkmdliaeeofka [2022-10-03]
CHR Extension: (Rozšírenie na kopírovanie a prilepovanie v Office Online) - C:\Users\evamr\AppData\Local\Google\Chrome\User Data\Default\Extensions\ifbmcpbgkhlpfcodhjhdbllhiaomkdej [2022-10-03]
CHR Extension: (The West) - C:\Users\evamr\AppData\Local\Google\Chrome\User Data\Default\Extensions\ilkgeioneoemibpddeiamfgiofnpjifm [2022-10-03]
CHR Extension: (EPUBReader) - C:\Users\evamr\AppData\Local\Google\Chrome\User Data\Default\Extensions\jhhclmfgfllimlhabjkgkeebkbiadflb [2022-10-03]
CHR Extension: (ESET Password Manager) - C:\Users\evamr\AppData\Local\Google\Chrome\User Data\Default\Extensions\khhapgacijodhjokkcjmleaempmchlem [2022-11-29]
CHR Extension: (Fair AdBlocker) - C:\Users\evamr\AppData\Local\Google\Chrome\User Data\Default\Extensions\lgblnfidahcdcjddiepkckcfdhpknnjh [2022-12-30]
CHR Extension: (Platby Internetového obchodu Chrome) - C:\Users\evamr\AppData\Local\Google\Chrome\User Data\Default\Extensions\nmmhkkegccagdldgiimedpiccmgmieda [2022-10-03]
CHR Extension: (CSFD Vyhľadávanie & Rozšírenia) - C:\Users\evamr\AppData\Local\Google\Chrome\User Data\Default\Extensions\ookhejngpnlkejplknjeligcfnegimip [2022-10-03]
CHR HKLM-x32\...\Chrome\Extension: [efaidnbmnnnibpcajpcglclefindmkaj]

Opera: 
=======
OPR Profile: C:\Users\evamr\AppData\Roaming\Opera Software\Opera Stable [2023-01-04]
OPR DefaultSuggestURL: Opera Stable -> hxxps://www.google.com/complete/search?client=opera&q={searchTerms}&ie={inputEncoding}&oe={outputEncoding}
OPR Extension: (Rich Hints Agent) - C:\Users\evamr\AppData\Roaming\Opera Software\Opera Stable\Extensions\enegjkbbakeegngfapepobipndnebkdk [2022-11-21]
OPR Extension: (Opera Wallet) - C:\Users\evamr\AppData\Roaming\Opera Software\Opera Stable\Extensions\gojhcdgcpbpfigcaejpfhfegekdgiblk [2022-12-22]
OPR Extension: (Amazon Assistant Promotion) - C:\Users\evamr\AppData\Roaming\Opera Software\Opera Stable\Extensions\kbmoiomgmchbpihhdpabemajcbjpcijk [2022-10-03]

==================== Services (Whitelisted) ===================

(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)

R2 AdobeARMservice; C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\armsvc.exe [173040 2022-09-26] (Adobe Inc. -> Adobe Inc.)
R2 dLauncherLoopback; C:\Program Files (x86)\Ditec\DLauncher\dLauncherLoopback.exe [154960 2019-08-02] (DITEC, a.s. -> )
S3 FACEITService; C:\Program Files\FACEIT AC\faceitservice.exe [24814984 2022-11-23] (FACE IT LIMITED -> )
R2 HPPrintScanDoctorService; C:\Program Files\HPPrintScanDoctor\HPPrintScanDoctorService.exe [229360 2022-12-04] (HP Inc. -> HP Inc.)
R2 LibreViewMASMonitor; C:\Program Files (x86)\LibreView Device Drivers\LibreViewMASMonitor.exe [17920 2022-01-17] (Newyu) [File not signed]
R3 WdNisSvc; C:\ProgramData\Microsoft\Windows Defender\Platform\4.18.2211.5-0\NisSrv.exe [3191264 2022-12-09] (Microsoft Windows Publisher -> Microsoft Corporation)
R2 WinDefend; C:\ProgramData\Microsoft\Windows Defender\Platform\4.18.2211.5-0\MsMpEng.exe [133592 2022-12-09] (Microsoft Windows Publisher -> Microsoft Corporation)
R2 NVDisplay.ContainerLocalSystem; C:\Windows\System32\DriverStore\FileRepository\nv_dispi.inf_amd64_1c83a5d7cffd7bff\Display.NvContainer\NVDisplay.Container.exe -s NVDisplay.ContainerLocalSystem -f %ProgramData%\NVIDIA\NVDisplay.ContainerLocalSystem.log -l 3 -d C:\Windows\System32\DriverStore\FileRepository\nv_dispi.inf_amd64_1c83a5d7cffd7bff\Display.NvContainer\plugins\LocalSystem -r -p 30000 -cfg NVDisplay.ContainerLocalSystem\LocalSystem

===================== Drivers (Whitelisted) ===================

(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)

S3 BthA2dp; C:\Windows\System32\drivers\BthA2dp.sys [279040 2019-12-07] (Microsoft Corporation) [File not signed]
S3 BthHFEnum; C:\Windows\System32\drivers\bthhfenum.sys [144896 2019-12-07] (Microsoft Corporation) [File not signed]
S3 dg_ssudbus; C:\Windows\system32\DRIVERS\ssudbus2.sys [167440 2022-09-30] (Samsung Electronics CO., LTD. -> Samsung Electronics Co., Ltd.)
R1 FACEIT; C:\Windows\System32\Drivers\FACEIT.sys [16837136 2022-11-23] (Microsoft Windows Hardware Compatibility Publisher -> )
S3 RvNetMP60; C:\Windows\System32\drivers\RvNetMP60.sys [69048 2021-12-20] (Famatech Corp. -> Famatech Corp.)
R3 tap0901; C:\Windows\System32\drivers\tap0901.sys [39920 2019-10-23] (Microsoft Windows Hardware Compatibility Publisher -> The OpenVPN Project)
S0 WdBoot; C:\Windows\System32\drivers\wd\WdBoot.sys [49568 2022-12-09] (Microsoft Windows Early Launch Anti-malware Publisher -> Microsoft Corporation)
R0 WdFilter; C:\Windows\System32\drivers\wd\WdFilter.sys [473376 2022-12-09] (Microsoft Windows -> Microsoft Corporation)
R3 WdNisDrv; C:\Windows\System32\drivers\wd\WdNisDrv.sys [99616 2022-12-09] (Microsoft Windows -> Microsoft Corporation)

==================== NetSvcs (Whitelisted) ===================

(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)


==================== One month (created) (Whitelisted) =========

(If an entry is included in the fixlist, the file/folder will be moved.)

2023-01-04 18:53 - 2023-01-04 18:54 - 000018925 _____ C:\Users\evamr\Desktop\FRST.txt
2023-01-04 18:53 - 2023-01-04 18:53 - 000000000 ____D C:\FRST
2023-01-04 18:52 - 2023-01-04 18:52 - 002376192 _____ (Farbar) C:\Users\evamr\Desktop\FRST64.exe
2023-01-04 11:26 - 2023-01-04 11:26 - 000030773 _____ C:\Users\evamr\Desktop\25035_00_13800_2023-01-01.pdf
2023-01-04 11:25 - 2023-01-04 11:25 - 000098802 _____ C:\Users\evamr\Desktop\Informacny_formular_pre_vkladatela.pdf
2023-01-02 21:04 - 2023-01-02 21:04 - 001127327 _____ C:\Users\evamr\Desktop\7_krokov_k_nastartovaniu_zmeny_v_tvojom_zivote.pdf
2023-01-02 20:59 - 2023-01-02 20:59 - 000000681 _____ C:\Users\evamr\Desktop\žemberák histori.txt
2023-01-01 23:30 - 2023-01-01 23:30 - 000003678 _____ C:\Users\evamr\Desktop\vinše.txt
2023-01-01 11:19 - 2023-01-01 11:19 - 000046898 _____ C:\Users\evamr\Desktop\3fc0d7ce-e94c-4d76-8a89-ef5b6381e8ec.avif
2023-01-01 08:34 - 2023-01-01 12:08 - 000000000 ____D C:\Users\evamr\Documents\Tomáš minecraft
2022-12-31 15:55 - 2022-12-31 15:55 - 000088024 _____ C:\Users\evamr\Desktop\2008a9cb-c2f1-4385-a768-45ca6c17645b.avif
2022-12-31 15:54 - 2022-12-31 15:54 - 000088607 _____ C:\Users\evamr\Desktop\50c9045b-4399-43fe-a637-17c56d91e556.avif
2022-12-30 16:47 - 2022-12-30 16:47 - 000039285 _____ C:\Users\evamr\Desktop\8c7c787d-51c5-4bff-8c8d-7daedacc2517.avif
2022-12-27 09:11 - 2022-12-27 09:11 - 000000042 _____ C:\Users\evamr\Desktop\heslo msng.txt
2022-12-26 18:13 - 2022-12-26 18:14 - 000000000 ____D C:\Users\evamr\Documents\Evka mobil zaloha
2022-12-26 09:53 - 2022-12-26 09:53 - 000000000 ____D C:\Users\evamr\Desktop\Oli a babka s dedkom
2022-12-25 11:11 - 2022-12-25 11:11 - 000059981 _____ C:\Users\evamr\Desktop\9040c8a4-e835-48a4-b633-6816d60d9f17.avif
2022-12-24 18:58 - 2022-12-24 18:58 - 000054812 _____ C:\Users\evamr\Desktop\vianocny-vins-do-SMS.webp
2022-12-24 06:31 - 2022-12-24 07:09 - 000000000 ____D C:\Users\evamr\Downloads\vecteezy_christmas-holiday-party-background-happy-new-year-and-merry_3755142_864
2022-12-24 06:31 - 2022-12-24 06:31 - 009686877 _____ C:\Users\evamr\Downloads\vecteezy_christmas-holiday-party-background-happy-new-year-and-merry_3755142_864.zip
2022-12-24 06:27 - 2022-12-24 06:27 - 000000000 ____D C:\Users\evamr\Downloads\vecteezy_merry-christmas-greeting-card-colorful-background-vector_249340
2022-12-23 08:15 - 2022-12-23 08:15 - 000507599 _____ C:\Users\evamr\Desktop\2929072197.pdf
2022-12-22 11:27 - 2022-12-22 11:27 - 000164853 _____ C:\Users\evamr\Desktop\2022.12.12_006_EK_2022_IM_Info_KEP_eID.pdf
2022-12-22 11:02 - 2022-12-22 11:02 - 000040467 _____ C:\Users\evamr\Desktop\faktura.pdf
2022-12-22 10:59 - 2022-12-22 10:59 - 000067318 _____ C:\Users\evamr\Desktop\c801cd9f-5f59-44bc-8719-8769c3608481.avif
2022-12-22 10:51 - 2022-12-22 10:51 - 000884658 _____ C:\Users\evamr\Desktop\472789470.pdf
2022-12-20 08:45 - 2022-12-20 08:45 - 000166132 _____ C:\Users\evamr\Desktop\eb964119-8124-4a7a-9735-b77b6b68b68d.avif
2022-12-20 08:45 - 2022-12-20 08:45 - 000106613 _____ C:\Users\evamr\Desktop\ef9c3147-b905-4b69-bd1f-258a0750c505.avif
2022-12-19 09:39 - 2022-12-19 09:39 - 000022077 _____ C:\Users\evamr\Desktop\K_Ošetřovné_2022.xlsx
2022-12-18 21:47 - 2022-12-18 21:47 - 000114409 _____ C:\Users\evamr\Desktop\ae9901cd-8225-44de-90c8-ebd877e4c652.avif
2022-12-17 08:32 - 2022-12-17 08:32 - 000067000 _____ C:\Users\evamr\Desktop\b615f2e8-aeb9-4ab1-85d6-3e58ee2db69f.avif
2022-12-15 14:00 - 2022-12-15 14:00 - 000000000 ___HD C:\$WinREAgent
2022-12-14 15:12 - 2022-12-14 15:12 - 000102136 _____ C:\Users\evamr\Desktop\Výplatní lístek.pdf
2022-12-14 07:44 - 2022-09-30 05:23 - 000167440 _____ (Samsung Electronics Co., Ltd.) C:\Windows\system32\Drivers\ssudbus2.sys
2022-12-13 22:20 - 2022-12-13 22:20 - 000106564 _____ C:\Users\evamr\Desktop\e6a04df7-e1f1-40b5-be16-c092f54c6323.avif
2022-12-12 00:39 - 2022-12-12 00:39 - 000156421 _____ C:\Users\evamr\Desktop\a12920e8-066a-4938-bd53-b703d468efdf.avif
2022-12-11 15:17 - 2022-12-11 15:17 - 000000219 _____ C:\Users\evamr\Desktop\Portal.url
2022-12-10 01:55 - 2022-12-10 01:55 - 000313798 _____ C:\Users\evamr\Desktop\FVLA-85044-2022.pdf
2022-12-09 20:43 - 2022-12-09 20:43 - 000064716 _____ C:\Users\evamr\Desktop\noname
2022-12-09 07:56 - 2022-12-09 07:56 - 000102977 _____ C:\Users\evamr\Desktop\02a12ec3-32e2-432f-8080-a12b1e5e6201.avif
2022-12-07 12:41 - 2022-12-07 12:41 - 000143624 _____ C:\Users\evamr\Desktop\DĚJEPISNÁ OLYMPIÁDA 52.pdf
2022-12-06 08:40 - 2022-12-06 08:40 - 000059455 _____ C:\Users\evamr\Desktop\a2bb7c3f-4453-465e-af94-406c3e37e18d.avif

==================== One month (modified) ==================

(If an entry is included in the fixlist, the file/folder will be moved.)

2023-01-04 18:49 - 2019-12-07 10:14 - 000000000 ____D C:\ProgramData\regid.1991-06.com.microsoft
2023-01-04 18:12 - 2022-10-03 06:06 - 000000000 ____D C:\Program Files (x86)\Google
2023-01-04 16:59 - 2022-10-03 07:03 - 000000000 ____D C:\Users\evamr\AppData\Roaming\.minecraft
2023-01-04 16:53 - 2022-10-20 15:28 - 000000000 ____D C:\Users\evamr\.ditec
2023-01-04 16:49 - 2022-10-03 05:48 - 000000000 ____D C:\Windows\system32\SleepStudy
2023-01-04 13:31 - 2022-10-03 06:02 - 000000000 ___RD C:\Users\evamr\OneDrive
2023-01-04 12:09 - 2022-10-03 07:27 - 000000000 ____D C:\ProgramData\NVIDIA
2023-01-04 08:59 - 2019-12-07 10:14 - 000000000 ___HD C:\Program Files\WindowsApps
2023-01-04 08:59 - 2019-12-07 10:14 - 000000000 ____D C:\Windows\AppReadiness
2023-01-04 03:46 - 2022-10-03 06:00 - 000000000 ____D C:\Users\evamr\AppData\Local\Packages
2023-01-04 03:34 - 2022-10-03 05:48 - 000003632 _____ C:\Windows\system32\Tasks\MicrosoftEdgeUpdateTaskMachineUA
2023-01-04 03:34 - 2022-10-03 05:48 - 000003508 _____ C:\Windows\system32\Tasks\MicrosoftEdgeUpdateTaskMachineCore
2022-12-30 22:51 - 2022-10-08 14:02 - 000000000 ____D C:\Users\evamr\AppData\Roaming\.tlauncher
2022-12-30 17:52 - 2022-10-20 08:20 - 000001456 _____ C:\Users\evamr\AppData\Local\Adobe Save for Web 13.0 Prefs
2022-12-30 16:51 - 2022-10-20 15:28 - 000003916 _____ C:\Windows\system32\Tasks\DUpdaterTask
2022-12-30 16:51 - 2022-10-20 15:27 - 000000000 ____D C:\ProgramData\Ditec
2022-12-30 16:51 - 2022-10-20 15:26 - 000000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Ditec
2022-12-30 16:51 - 2022-10-20 15:26 - 000000000 ____D C:\Program Files (x86)\Ditec
2022-12-30 16:51 - 2022-10-06 21:38 - 000000000 ____D C:\ProgramData\Package Cache
2022-12-23 22:13 - 2022-10-03 05:53 - 000795738 _____ C:\Windows\system32\PerfStringBackup.INI
2022-12-23 22:13 - 2019-12-07 10:13 - 000000000 ____D C:\Windows\INF
2022-12-23 22:09 - 2022-10-03 05:48 - 000008192 ___SH C:\DumpStack.log.tmp
2022-12-23 22:09 - 2022-10-03 05:48 - 000000006 ____H C:\Windows\Tasks\SA.DAT
2022-12-23 22:08 - 2019-12-07 10:03 - 000524288 _____ C:\Windows\system32\config\BBI
2022-12-23 22:01 - 2019-12-07 10:14 - 000000000 ____D C:\Windows\system32\NDF
2022-12-23 04:16 - 2022-10-03 21:30 - 000004218 _____ C:\Windows\system32\Tasks\Opera scheduled Autoupdate 1664829031
2022-12-23 04:16 - 2022-10-03 21:30 - 000001409 _____ C:\Users\evamr\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Prehliadač Opera.lnk
2022-12-22 09:55 - 2022-10-03 06:00 - 000000000 ____D C:\Users\evamr\AppData\Local\D3DSCache
2022-12-21 13:08 - 2022-10-06 21:39 - 000000000 ____D C:\Program Files\Adobe
2022-12-21 13:08 - 2022-10-03 06:00 - 000000000 ____D C:\Users\evamr\AppData\Roaming\Adobe
2022-12-21 11:39 - 2022-10-20 15:29 - 000000000 ____D C:\Users\evamr\AppData\Local\eID_klient
2022-12-20 13:26 - 2022-10-15 08:08 - 000000000 ____D C:\Program Files (x86)\Steam
2022-12-17 23:26 - 2022-10-03 05:54 - 000000000 ____D C:\Users\evamr
2022-12-17 17:26 - 2022-10-03 05:48 - 000002444 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Microsoft Edge.lnk
2022-12-16 23:19 - 2022-11-03 20:40 - 000000000 _____ C:\Users\evamr\Documents\HPSmartPrintingPort
2022-12-16 10:34 - 2022-10-03 06:07 - 000002259 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Google Chrome.lnk
2022-12-16 10:34 - 2022-10-03 06:07 - 000002218 _____ C:\Users\Public\Desktop\Google Chrome.lnk
2022-12-15 21:01 - 2022-10-03 05:48 - 000258088 _____ C:\Windows\system32\FNTCACHE.DAT
2022-12-15 21:01 - 2019-12-07 10:14 - 000000000 ___SD C:\Windows\system32\UNP
2022-12-15 21:01 - 2019-12-07 10:14 - 000000000 ____D C:\Windows\SysWOW64\WinMetadata
2022-12-15 21:01 - 2019-12-07 10:14 - 000000000 ____D C:\Windows\SysWOW64\lv-LV
2022-12-15 21:01 - 2019-12-07 10:14 - 000000000 ____D C:\Windows\SysWOW64\lt-LT
2022-12-15 21:01 - 2019-12-07 10:14 - 000000000 ____D C:\Windows\SysWOW64\et-EE
2022-12-15 21:01 - 2019-12-07 10:14 - 000000000 ____D C:\Windows\SysWOW64\es-MX
2022-12-15 21:01 - 2019-12-07 10:14 - 000000000 ____D C:\Windows\SysWOW64\Dism
2022-12-15 21:01 - 2019-12-07 10:14 - 000000000 ____D C:\Windows\SystemResources
2022-12-15 21:01 - 2019-12-07 10:14 - 000000000 ____D C:\Windows\SystemApps
2022-12-15 21:01 - 2019-12-07 10:14 - 000000000 ____D C:\Windows\system32\WinMetadata
2022-12-15 21:01 - 2019-12-07 10:14 - 000000000 ____D C:\Windows\system32\lv-LV
2022-12-15 21:01 - 2019-12-07 10:14 - 000000000 ____D C:\Windows\system32\lt-LT
2022-12-15 21:01 - 2019-12-07 10:14 - 000000000 ____D C:\Windows\system32\et-EE
2022-12-15 21:01 - 2019-12-07 10:14 - 000000000 ____D C:\Windows\system32\es-MX
2022-12-15 21:01 - 2019-12-07 10:14 - 000000000 ____D C:\Windows\system32\Dism
2022-12-15 21:01 - 2019-12-07 10:14 - 000000000 ____D C:\Windows\Provisioning
2022-12-15 21:01 - 2019-12-07 10:14 - 000000000 ____D C:\Windows\bcastdvr
2022-12-15 21:01 - 2019-12-07 10:14 - 000000000 ____D C:\Program Files\Common Files\System
2022-12-15 14:08 - 2019-12-07 10:03 - 000000000 ____D C:\Windows\CbsTemp
2022-12-15 14:06 - 2022-10-03 06:39 - 000415650 __RSH C:\bootmgr
2022-12-15 14:05 - 2022-10-03 05:50 - 003014656 _____ (Microsoft Corporation) C:\Windows\SysWOW64\PrintConfig.dll
2022-12-15 13:58 - 2022-10-03 13:28 - 000000000 ____D C:\Windows\system32\MRT
2022-12-15 13:55 - 2022-10-03 13:28 - 148633544 ____C (Microsoft Corporation) C:\Windows\system32\MRT.exe
2022-12-13 21:57 - 2022-10-03 06:22 - 000002368 _____ C:\Users\evamr\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Microsoft Teams.lnk
2022-12-11 15:17 - 2022-10-15 08:14 - 000000000 ____D C:\Users\evamr\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Steam
2022-12-11 13:10 - 2022-10-02 07:44 - 000000000 ____D C:\Users\evamr\Desktop\upratať
2022-12-10 06:17 - 2022-10-03 06:02 - 000003592 _____ C:\Windows\system32\Tasks\OneDrive Reporting Task-S-1-5-21-3760653307-1901750747-4286733701-1001
2022-12-10 06:17 - 2022-10-03 06:02 - 000003380 _____ C:\Windows\system32\Tasks\OneDrive Standalone Update Task-S-1-5-21-3760653307-1901750747-4286733701-1001
2022-12-10 06:17 - 2022-10-03 05:54 - 000002371 _____ C:\Users\evamr\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\OneDrive.lnk
2022-12-09 18:45 - 2022-10-03 05:48 - 000000000 ____D C:\Windows\system32\Drivers\wd
2022-12-05 03:08 - 2022-10-06 13:22 - 000000000 ____D C:\Program Files\HPPrintScanDoctor
2022-12-05 03:07 - 2022-10-06 13:22 - 000000000 ____D C:\Windows\system32\Tasks\HP

==================== Files in the root of some directories ========

2022-10-20 08:20 - 2022-12-30 17:52 - 000001456 _____ () C:\Users\evamr\AppData\Local\Adobe Save for Web 13.0 Prefs
2022-11-12 18:06 - 2022-11-12 18:06 - 000001480 _____ () C:\Users\evamr\AppData\Local\Adobe Uložit pro web 13.0 Prefs

==================== SigCheck ============================

(There is no automatic fix for files that do not pass verification.)

==================== End of FRST.txt ========================

ceasare
Návštěvník
Návštěvník
Příspěvky: 62
Registrován: 29 říj 2011 21:22

Re: Prosím o prevenci

#2 Příspěvek od ceasare »

Kód: Vybrat vše

Additional scan result of Farbar Recovery Scan Tool (x64) Version: 29-12-2022
Ran by evamr (04-01-2023 18:55:09)
Running from C:\Users\evamr\Desktop
Microsoft Windows 10 Home Version 21H2 19044.2364 (X64) (2022-10-03 04:50:24)
Boot Mode: Normal
==========================================================


==================== Accounts: =============================


(If an entry is included in the fixlist, it will be removed.)

Administrator (S-1-5-21-3760653307-1901750747-4286733701-500 - Administrator - Disabled)
DefaultAccount (S-1-5-21-3760653307-1901750747-4286733701-503 - Limited - Disabled)
evamr (S-1-5-21-3760653307-1901750747-4286733701-1001 - Administrator - Enabled) => C:\Users\evamr
Guest (S-1-5-21-3760653307-1901750747-4286733701-501 - Limited - Disabled)
WDAGUtilityAccount (S-1-5-21-3760653307-1901750747-4286733701-504 - Limited - Disabled)

==================== Security Center ========================

(If an entry is included in the fixlist, it will be removed.)

AV: Windows Defender (Enabled - Up to date) {D68DDC3A-831F-4fae-9E44-DA132C1ACF46}

==================== Installed Programs ======================

(Only the adware programs with "Hidden" flag could be added to the fixlist to unhide them. The adware programs should be uninstalled manually.)

7-Zip 22.01 (x64) (HKLM\...\7-Zip) (Version: 22.01 - Igor Pavlov)
Adobe Acrobat (64-bit) (HKLM\...\{AC76BA86-1029-1033-7760-BC15014EA700}) (Version: 22.003.20282 - Adobe)
Adobe Photoshop 2022 (HKLM-x32\...\PHSP_23_4) (Version: 23.4.0.529 - Adobe Inc.)
Adobe Refresh Manager (HKLM-x32\...\{AC76BA86-0804-1033-1959-018244601032}) (Version: 1.8.0 - Adobe Systems Incorporated) Hidden
aTube Catcher version 3.8 (HKLM-x32\...\{D43B360E-722D-421B-BC77-20B9E0F8B6CD}_is1) (Version: 3.8 - DsNET Corp)
Bit4id - miniLector (HKLM-x32\...\Bit4id - miniLector) (Version: 3.7 - Bit4id)
D.Launcher (x86) (HKLM-x32\...\{3B49CE17-83A8-4F21-83D4-56074380D564}) (Version: 1.2.0.2 - DITEC, a.s.)
D.Launcher 2 (x86) (HKLM-x32\...\{7F016758-37E6-4DD1-BA47-0E4DA837F3E8}) (Version: 2.0.0.3 - DITEC, a.s.)
D.Signer/XAdES .NET so zásuvnými modulmi (x86) (HKLM-x32\...\{38575A18-C728-4879-A007-080716D927AF}) (Version: 4.0.29 - DITEC, a.s.)
D.Signer/XAdES .NET Tools (x86) (HKLM-x32\...\{957C566F-9CEE-48E8-8F4D-83CA0A231A6E}) (Version: 4.0.20 - DITEC, a.s.)
D.Suite/eIDAS (x86) (HKLM-x32\...\{3c79a514-43bf-4833-84eb-fdd9c958a37a}) (Version: 1.1.4 - DITEC, a.s.)
D.Updater (x86) (HKLM-x32\...\{F4BCE5F9-9614-422C-A322-45D473EB8F20}) (Version: 1.0.3 - DITEC, a.s.)
D.Viewer .NET (x86) (HKLM-x32\...\{E671D2FE-BA1C-42FF-97F0-1D3633B45AD1}) (Version: 4.0.2037 - DITEC, a.s.)
Disig Web Signer (HKLM-x32\...\{41C0F02D-2389-4AB5-975C-C2363E7C554C}) (Version: 2.0.7 - Disig)
eID Klient (HKLM-x32\...\{7B559ED6-C47E-4A5A-9BE4-A5CD56FEE59C}) (Version: 4.1.0 - MV SR)
FACEIT (HKU\S-1-5-21-3760653307-1901750747-4286733701-1001\...\FACEIT) (Version: 1.31.7 - FACEIT Ltd.)
FACEIT Anti-Cheat (HKLM\...\{1419E44C-0EF4-4822-9194-9F1A4D43973D}_is1) (Version: 2.1 - FACEIT LTD)
Google Chrome (HKLM-x32\...\Google Chrome) (Version: 108.0.5359.125 - Google LLC)
Java 8 Update 351 (64-bit) (HKLM\...\{26A24AE4-039D-4CA4-87B4-2F64180351F0}) (Version: 8.0.3510.10 - Oracle Corporation)
Java(TM) SE Development Kit 19.0.1 (64-bit) (HKLM\...\{E4838A94-3448-5F9E-B1FE-696C1DC1F772}) (Version: 19.0.1.0 - Oracle Corporation)
JDownloader 2 (HKLM-x32\...\jdownloader2) (Version: 2.0.1 - AppWork GmbH)
LibreView Device Drivers3.3.3 (HKLM-x32\...\{D2200BF1-9BF0-4C1C-9282-A727FFCC5046}) (Version: 3.3.3 - Newyu)
Microsoft Edge (HKLM-x32\...\Microsoft Edge) (Version: 108.0.1462.54 - Microsoft Corporation)
Microsoft Edge WebView2 Runtime (HKLM-x32\...\Microsoft EdgeWebView) (Version: 108.0.1462.54 - Microsoft Corporation)
Microsoft GameInput (HKLM-x32\...\{6BBE9278-659F-FA16-E4B8-C2D60DE0DCC7}) (Version: 10.1.22621.1863 - Microsoft Corporation)
Microsoft OneDrive (HKU\S-1-5-21-3760653307-1901750747-4286733701-1001\...\OneDriveSetup.exe) (Version: 22.238.1114.0002 - Microsoft Corporation)
Microsoft Teams (HKU\S-1-5-21-3760653307-1901750747-4286733701-1001\...\Teams) (Version: 1.5.00.33362 - Microsoft Corporation)
Microsoft Update Health Tools (HKLM\...\{7B1FCD52-8F6B-4F12-A143-361EA39F5E7C}) (Version: 3.67.0.0 - Microsoft Corporation)
Microsoft Visual C++ 2010  x64 Redistributable - 10.0.40219 (HKLM\...\{1D8E6291-B0D5-35EC-8441-6616F567A0F7}) (Version: 10.0.40219 - Microsoft Corporation)
Microsoft Visual C++ 2010  x86 Redistributable - 10.0.40219 (HKLM-x32\...\{F0C3E5D1-1ADE-321E-8167-68EF0DE699A5}) (Version: 10.0.40219 - Microsoft Corporation)
Microsoft Visual C++ 2012 Redistributable (x64) - 11.0.61030 (HKLM-x32\...\{ca67548a-5ebe-413a-b50c-4b9ceb6d66c6}) (Version: 11.0.61030.0 - Microsoft Corporation)
Microsoft Visual C++ 2012 Redistributable (x86) - 11.0.61030 (HKLM-x32\...\{33d1fd90-4274-48a1-9bc1-97e33d9c2d6f}) (Version: 11.0.61030.0 - Microsoft Corporation)
Microsoft Visual C++ 2012 x64 Additional Runtime - 11.0.61030 (HKLM\...\{37B8F9C7-03FB-3253-8781-2517C99D7C00}) (Version: 11.0.61030 - Microsoft Corporation) Hidden
Microsoft Visual C++ 2012 x64 Minimum Runtime - 11.0.61030 (HKLM\...\{CF2BEA3C-26EA-32F8-AA9B-331F7E34BA97}) (Version: 11.0.61030 - Microsoft Corporation) Hidden
Microsoft Visual C++ 2012 x86 Additional Runtime - 11.0.61030 (HKLM-x32\...\{B175520C-86A2-35A7-8619-86DC379688B9}) (Version: 11.0.61030 - Microsoft Corporation) Hidden
Microsoft Visual C++ 2012 x86 Minimum Runtime - 11.0.61030 (HKLM-x32\...\{BD95A8CD-1D9F-35AD-981A-3E7925026EBB}) (Version: 11.0.61030 - Microsoft Corporation) Hidden
Microsoft Visual C++ 2013 Redistributable (x64) - 12.0.40664 (HKLM-x32\...\{042d26ef-3dbe-4c25-95d3-4c1b11b235a7}) (Version: 12.0.40664.0 - Microsoft Corporation)
Microsoft Visual C++ 2013 Redistributable (x86) - 12.0.40664 (HKLM-x32\...\{9dff3540-fc85-4ed5-ac84-9e3c7fd8bece}) (Version: 12.0.40664.0 - Microsoft Corporation)
Microsoft Visual C++ 2013 x64 Additional Runtime - 12.0.40664 (HKLM\...\{010792BA-551A-3AC0-A7EF-0FAB4156C382}) (Version: 12.0.40664 - Microsoft Corporation) Hidden
Microsoft Visual C++ 2013 x64 Minimum Runtime - 12.0.40664 (HKLM\...\{53CF6934-A98D-3D84-9146-FC4EDF3D5641}) (Version: 12.0.40664 - Microsoft Corporation) Hidden
Microsoft Visual C++ 2013 x86 Additional Runtime - 12.0.40664 (HKLM-x32\...\{D401961D-3A20-3AC7-943B-6139D5BD490A}) (Version: 12.0.40664 - Microsoft Corporation) Hidden
Microsoft Visual C++ 2013 x86 Minimum Runtime - 12.0.40664 (HKLM-x32\...\{8122DAB1-ED4D-3676-BB0A-CA368196543E}) (Version: 12.0.40664 - Microsoft Corporation) Hidden
Microsoft Visual C++ 2015-2019 Redistributable (x64) - 14.28.29334 (HKLM-x32\...\{a9cfe9c7-e54f-46cd-9c5c-542ff8e3e8c4}) (Version: 14.28.29334.0 - Microsoft Corporation)
Microsoft Visual C++ 2015-2019 Redistributable (x86) - 14.28.29914 (HKLM-x32\...\{1b5476d9-ab8e-4b0d-b004-059a1bd5568b}) (Version: 14.28.29914.0 - Microsoft Corporation)
Microsoft Visual C++ 2019 X64 Additional Runtime - 14.28.29334 (HKLM\...\{2E11EF4E-901F-4B2D-B68E-3DB2A566C857}) (Version: 14.28.29334 - Microsoft Corporation) Hidden
Microsoft Visual C++ 2019 X64 Minimum Runtime - 14.28.29334 (HKLM\...\{8A3F7D5B-422D-49D9-84F7-8DC1B7782967}) (Version: 14.28.29334 - Microsoft Corporation) Hidden
Microsoft Visual C++ 2019 X86 Additional Runtime - 14.28.29914 (HKLM-x32\...\{BD8C6100-7C7D-48DD-93BA-69F6828213FE}) (Version: 14.28.29914 - Microsoft Corporation) Hidden
Microsoft Visual C++ 2019 X86 Minimum Runtime - 14.28.29914 (HKLM-x32\...\{42365A3A-622A-4EED-A727-FE192A794AFD}) (Version: 14.28.29914 - Microsoft Corporation) Hidden
Mp3tag v3.18 (HKLM\...\Mp3tag) (Version: 3.18 - Florian Heidenreich)
MPC-HC 1.9.23 (64-bit) (HKLM\...\{2ACBF1FA-F5C3-4B19-A774-B22A31F231B9}_is1) (Version: 1.9.23 - MPC-HC Team)
NVIDIA Grafický ovládač 456.71 (HKLM\...\{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_Display.Driver) (Version: 456.71 - NVIDIA Corporation)
Opera Stable 94.0.4606.38 (HKU\S-1-5-21-3760653307-1901750747-4286733701-1001\...\Opera 94.0.4606.38) (Version: 94.0.4606.38 - Opera Software)
Steam (HKLM-x32\...\Steam) (Version: 2.10.91.91 - Valve Corporation)
TAP-Windows 9.24.2 (HKLM\...\TAP-Windows) (Version: 9.24.2 - OpenVPN Technologies, Inc.)
TLauncher (HKLM-x32\...\TLauncher) (Version: 2.86 - TLauncher Inc.)
UXP WebView Support (HKLM-x32\...\UXPW_1_1_0) (Version: 1.1.0 - Adobe Inc.)
Windows Kontrola stavu počítača (HKLM\...\{8D6B9DC1-A437-41E0-8DF1-9F37748394AE}) (Version: 3.6.2204.08001 - Microsoft Corporation)
WinRAR 6.11 (64-bit) (HKLM\...\WinRAR archiver) (Version: 6.11.0 - win.rar GmbH)

Packages:
=========
AV1 Video Extension -> C:\Program Files\WindowsApps\Microsoft.AV1VideoExtension_1.1.52851.0_x64__8wekyb3d8bbwe [2022-12-07] (Microsoft Corporation)
Disney+ -> C:\Program Files\WindowsApps\Disney.37853FC22B2CE_1.44.2.0_x64__6rarf9sa4v8jt [2022-12-22] (Disney)
Doplnok mediálneho nástroja pre Fotografie -> C:\Program Files\WindowsApps\Microsoft.Photos.MediaEngineDLC_1.0.0.0_x64__8wekyb3d8bbwe [2022-10-15] (Microsoft Corporation)
HP Smart -> C:\Program Files\WindowsApps\AD2F1837.HPPrinterControl_141.2.441.0_x64__v10z8vjag6ke6 [2022-12-04] (HP Inc.)
Messenger -> C:\Program Files\WindowsApps\FACEBOOK.317180B0BB486_1720.28.215.0_x64__8xx8rvfyw5nnt [2022-12-19] (Meta) [Startup Task]
Microsoft To Do -> C:\Program Files\WindowsApps\Microsoft.Todos_2.86.53503.0_x64__8wekyb3d8bbwe [2022-12-30] (Microsoft Corporation) [Startup Task]
Minecraft Launcher -> C:\Program Files\WindowsApps\Microsoft.4297127D64EC6_1.1.28.0_x64__8wekyb3d8bbwe [2022-10-03] (Microsoft Studios)
NVIDIA Control Panel -> C:\Program Files\WindowsApps\NVIDIACorp.NVIDIAControlPanel_8.1.963.0_x64__56jybvy8sckqj [2022-10-18] (NVIDIA Corp.)
Solitaire & Casual Games -> C:\Program Files\WindowsApps\Microsoft.MicrosoftSolitaireCollection_4.15.12020.0_x64__8wekyb3d8bbwe [2022-12-09] (Microsoft Studios) [MS Ad]
Spotify Music -> C:\Program Files\WindowsApps\SpotifyAB.SpotifyMusic_1.200.1165.0_x86__zpdnekdrzrea0 [2022-12-09] (Spotify AB) [Startup Task]

==================== Custom CLSID (Whitelisted): ==============

(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)

CustomCLSID: HKU\S-1-5-21-3760653307-1901750747-4286733701-1001_Classes\CLSID\{19A6E644-14E6-4A60-B8D7-DD20610A871D}\InprocServer32 -> C:\Users\evamr\AppData\Local\Microsoft\TeamsMeetingAddin\1.0.22304.2\x64\Microsoft.Teams.AddinLoader.dll (Microsoft Corporation -> Microsoft Corporation)
ShellIconOverlayIdentifiers: [   AccExtIco1] -> {AB9CF9F8-8A96-4F9D-BF21-CE85714C3A47} => C:\Program Files (x86)\Common Files\Adobe\CoreSyncExtension\CoreSync_x64.dll [2022-04-27] (Adobe Inc. -> )
ShellIconOverlayIdentifiers: [   AccExtIco2] -> {853B7E05-C47D-4985-909A-D0DC5C6D7303} => C:\Program Files (x86)\Common Files\Adobe\CoreSyncExtension\CoreSync_x64.dll [2022-04-27] (Adobe Inc. -> )
ShellIconOverlayIdentifiers: [   AccExtIco3] -> {42D38F2E-98E9-4382-B546-E24E4D6D04BB} => C:\Program Files (x86)\Common Files\Adobe\CoreSyncExtension\CoreSync_x64.dll [2022-04-27] (Adobe Inc. -> )
ContextMenuHandlers1: [7-Zip] -> {23170F69-40C1-278A-1000-000100020000} => C:\Program Files\7-Zip\7-zip.dll [2022-07-15] (Igor Pavlov) [File not signed]
ContextMenuHandlers1: [AccExt] -> {2A118EB5-5797-4F5E-8B3D-F4ECBA3C98E4} => C:\Program Files (x86)\Common Files\Adobe\CoreSyncExtension\CoreSync_x64.dll [2022-04-27] (Adobe Inc. -> )
ContextMenuHandlers1: [Mp3tagShell] -> {6351E20C-35FA-4BE3-98FB-4CABF1363E12} => C:\Program Files\Mp3tag\Mp3tagShell64.dll [2022-09-29] (Florian Heidenreich -> Florian Heidenreich)
ContextMenuHandlers1: [WinRAR] -> {B41DB860-64E4-11D2-9906-E49FADC173CA} => C:\Program Files\WinRAR\rarext.dll [2022-03-03] (win.rar GmbH -> Alexander Roshal)
ContextMenuHandlers1-x32: [WinRAR32] -> {B41DB860-8EE4-11D2-9906-E49FADC173CA} => C:\Program Files\WinRAR\rarext32.dll [2022-03-03] (win.rar GmbH -> Alexander Roshal)
ContextMenuHandlers2: [Mp3tagShell] -> {6351E20C-35FA-4BE3-98FB-4CABF1363E12} => C:\Program Files\Mp3tag\Mp3tagShell64.dll [2022-09-29] (Florian Heidenreich -> Florian Heidenreich)
ContextMenuHandlers4: [7-Zip] -> {23170F69-40C1-278A-1000-000100020000} => C:\Program Files\7-Zip\7-zip.dll [2022-07-15] (Igor Pavlov) [File not signed]
ContextMenuHandlers4: [Mp3tagShell] -> {6351E20C-35FA-4BE3-98FB-4CABF1363E12} => C:\Program Files\Mp3tag\Mp3tagShell64.dll [2022-09-29] (Florian Heidenreich -> Florian Heidenreich)
ContextMenuHandlers5: [NvCplDesktopContext] -> {3D1975AF-48C6-4f8e-A182-BE0E08FA86A9} => C:\Windows\System32\DriverStore\FileRepository\nv_dispi.inf_amd64_1c83a5d7cffd7bff\nvshext.dll [2020-10-07] (NVIDIA Corporation -> NVIDIA Corporation)
ContextMenuHandlers6: [7-Zip] -> {23170F69-40C1-278A-1000-000100020000} => C:\Program Files\7-Zip\7-zip.dll [2022-07-15] (Igor Pavlov) [File not signed]
ContextMenuHandlers6: [AccExt] -> {2A118EB5-5797-4F5E-8B3D-F4ECBA3C98E4} => C:\Program Files (x86)\Common Files\Adobe\CoreSyncExtension\CoreSync_x64.dll [2022-04-27] (Adobe Inc. -> )
ContextMenuHandlers6: [WinRAR] -> {B41DB860-64E4-11D2-9906-E49FADC173CA} => C:\Program Files\WinRAR\rarext.dll [2022-03-03] (win.rar GmbH -> Alexander Roshal)
ContextMenuHandlers6-x32: [WinRAR32] -> {B41DB860-8EE4-11D2-9906-E49FADC173CA} => C:\Program Files\WinRAR\rarext32.dll [2022-03-03] (win.rar GmbH -> Alexander Roshal)

==================== Codecs (Whitelisted) ====================

(If an entry is included in the fixlist, the registry item will be restored to default or removed. The file will not be moved.)

HKLM\...\Drivers32: [VIDC.FMVC] => C:\Windows\SysWOW64\fmcodec.dll [77824 2008-08-18] (Fox Magic Software) [File not signed]

==================== Shortcuts & WMI ========================

==================== Loaded Modules (Whitelisted) =============

2018-03-19 14:12 - 2018-03-19 14:12 - 000113678 _____ () [File not signed] C:\Program Files (x86)\Ditec\DLauncher\libgcc_s_dw2-1.dll
2018-03-19 14:12 - 2018-03-19 14:12 - 001542158 _____ () [File not signed] C:\Program Files (x86)\Ditec\DLauncher\libstdc++-6.dll
2023-01-04 16:56 - 2023-01-04 16:56 - 000085504 ____N () [File not signed] C:\Users\evamr\AppData\Local\Temp\jna-96887669\jna1314099148671443004.dll
2022-10-03 07:07 - 2022-10-03 07:07 - 000281600 _____ () [File not signed] C:\Users\evamr\AppData\Local\Temp\lwjglevamr\3.3.1-build-7\jemalloc.dll
2022-10-03 07:07 - 2022-10-03 07:07 - 000457216 _____ () [File not signed] C:\Users\evamr\AppData\Local\Temp\lwjglevamr\3.3.1-build-7\lwjgl.dll
2022-10-03 07:07 - 2022-10-03 07:07 - 000362496 _____ () [File not signed] C:\Users\evamr\AppData\Local\Temp\lwjglevamr\3.3.1-build-7\lwjgl_opengl.dll
2022-10-03 07:07 - 2022-10-03 07:07 - 000506368 _____ () [File not signed] C:\Users\evamr\AppData\Local\Temp\lwjglevamr\3.3.1-build-7\lwjgl_stb.dll
2022-10-03 07:07 - 2022-10-03 07:07 - 001131008 _____ () [File not signed] C:\Users\evamr\AppData\Local\Temp\lwjglevamr\3.3.1-build-7\OpenAL.dll
2022-10-03 07:07 - 2022-10-03 07:07 - 000365568 _____ (GLFW) [File not signed] C:\Users\evamr\AppData\Local\Temp\lwjglevamr\3.3.1-build-7\glfw.dll
2022-11-05 13:33 - 2022-07-15 15:00 - 000094720 _____ (Igor Pavlov) [File not signed] C:\Program Files\7-Zip\7-zip.dll
2023-01-04 16:56 - 2023-01-04 16:56 - 000235008 ____N (Java(TM) Native Access (JNA)) [File not signed] C:\Users\evamr\AppData\Local\Temp\jna-96887669\jna13145236469054982881.dll
2022-10-03 07:06 - 2022-10-03 07:06 - 000136192 _____ (Microsoft) [File not signed] C:\Users\evamr\AppData\Local\Packages\Microsoft.4297127D64EC6_8wekyb3d8bbwe\LocalCache\Local\runtime\java-runtime-gamma\windows-x64\java-runtime-gamma\bin\java.dll
2022-10-03 07:06 - 2022-10-03 07:06 - 000023040 _____ (Microsoft) [File not signed] C:\Users\evamr\AppData\Local\Packages\Microsoft.4297127D64EC6_8wekyb3d8bbwe\LocalCache\Local\runtime\java-runtime-gamma\windows-x64\java-runtime-gamma\bin\jimage.dll
2022-10-03 07:06 - 2022-10-03 07:06 - 000077312 _____ (Microsoft) [File not signed] C:\Users\evamr\AppData\Local\Packages\Microsoft.4297127D64EC6_8wekyb3d8bbwe\LocalCache\Local\runtime\java-runtime-gamma\windows-x64\java-runtime-gamma\bin\jli.dll
2022-10-03 07:06 - 2022-10-03 07:06 - 000859648 _____ (Microsoft) [File not signed] C:\Users\evamr\AppData\Local\Packages\Microsoft.4297127D64EC6_8wekyb3d8bbwe\LocalCache\Local\runtime\java-runtime-gamma\windows-x64\java-runtime-gamma\bin\jsvml.dll
2022-10-03 07:06 - 2022-10-03 07:06 - 000018432 _____ (Microsoft) [File not signed] C:\Users\evamr\AppData\Local\Packages\Microsoft.4297127D64EC6_8wekyb3d8bbwe\LocalCache\Local\runtime\java-runtime-gamma\windows-x64\java-runtime-gamma\bin\management.dll
2022-10-03 07:06 - 2022-10-03 07:06 - 000025600 _____ (Microsoft) [File not signed] C:\Users\evamr\AppData\Local\Packages\Microsoft.4297127D64EC6_8wekyb3d8bbwe\LocalCache\Local\runtime\java-runtime-gamma\windows-x64\java-runtime-gamma\bin\management_ext.dll
2022-10-03 07:06 - 2022-10-03 07:06 - 000086528 _____ (Microsoft) [File not signed] C:\Users\evamr\AppData\Local\Packages\Microsoft.4297127D64EC6_8wekyb3d8bbwe\LocalCache\Local\runtime\java-runtime-gamma\windows-x64\java-runtime-gamma\bin\net.dll
2022-10-03 07:06 - 2022-10-03 07:06 - 000069632 _____ (Microsoft) [File not signed] C:\Users\evamr\AppData\Local\Packages\Microsoft.4297127D64EC6_8wekyb3d8bbwe\LocalCache\Local\runtime\java-runtime-gamma\windows-x64\java-runtime-gamma\bin\nio.dll
2022-10-03 07:06 - 2022-10-03 07:06 - 012613632 _____ (Microsoft) [File not signed] C:\Users\evamr\AppData\Local\Packages\Microsoft.4297127D64EC6_8wekyb3d8bbwe\LocalCache\Local\runtime\java-runtime-gamma\windows-x64\java-runtime-gamma\bin\server\jvm.dll
2022-10-03 07:06 - 2022-10-03 07:06 - 000036352 _____ (Microsoft) [File not signed] C:\Users\evamr\AppData\Local\Packages\Microsoft.4297127D64EC6_8wekyb3d8bbwe\LocalCache\Local\runtime\java-runtime-gamma\windows-x64\java-runtime-gamma\bin\sunmscapi.dll
2022-10-03 07:06 - 2022-10-03 07:06 - 000044544 _____ (Microsoft) [File not signed] C:\Users\evamr\AppData\Local\Packages\Microsoft.4297127D64EC6_8wekyb3d8bbwe\LocalCache\Local\runtime\java-runtime-gamma\windows-x64\java-runtime-gamma\bin\verify.dll
2022-10-03 07:06 - 2022-10-03 07:06 - 000076288 _____ (Microsoft) [File not signed] C:\Users\evamr\AppData\Local\Packages\Microsoft.4297127D64EC6_8wekyb3d8bbwe\LocalCache\Local\runtime\java-runtime-gamma\windows-x64\java-runtime-gamma\bin\zip.dll
2018-03-19 14:12 - 2018-03-19 14:12 - 000047104 _____ (MingW-W64 Project. All rights reserved.) [File not signed] C:\Program Files (x86)\Ditec\DLauncher\libwinpthread-1.dll
2019-07-01 13:51 - 2019-07-01 13:51 - 006623384 _____ (The Qt Company Oy -> The Qt Company Ltd.) [File not signed] C:\Program Files (x86)\Ditec\DLauncher\Qt5Core.dll

==================== Alternate Data Streams (Whitelisted) ========

==================== Safe Mode (Whitelisted) ==================

==================== Association (Whitelisted) =================

==================== Internet Explorer (Whitelisted) ==========

BHO: Java(tm) Plug-In SSV Helper -> {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} -> C:\Program Files\Java\jre1.8.0_351\bin\ssv.dll [2022-11-18] (Oracle America, Inc. -> Oracle Corporation)
BHO: Java(tm) Plug-In 2 SSV Helper -> {DBC80044-A445-435b-BC74-9C25C1C588A9} -> C:\Program Files\Java\jre1.8.0_351\bin\jp2ssv.dll [2022-11-18] (Oracle America, Inc. -> Oracle Corporation)

(If an entry is included in the fixlist, it will be removed from the registry.)

IE trusted site: HKU\.DEFAULT\...\localhost -> localhost
IE trusted site: HKU\.DEFAULT\...\webcompanion.com -> hxxp://webcompanion.com
IE trusted site: HKU\S-1-5-21-3760653307-1901750747-4286733701-1001\...\localhost -> localhost
IE trusted site: HKU\S-1-5-21-3760653307-1901750747-4286733701-1001\...\webcompanion.com -> hxxp://webcompanion.com

==================== Hosts content: =========================

(If needed Hosts: directive could be included in the fixlist to reset Hosts.)

2019-12-07 10:14 - 2019-12-07 10:12 - 000000824 _____ C:\Windows\system32\drivers\etc\hosts

==================== Other Areas ===========================

(Currently there is no automatic fix for this section.)

HKLM\System\CurrentControlSet\Control\Session Manager\Environment\\Path -> C:\Program Files\Common Files\Oracle\Java\javapath;C:\Program Files (x86)\Common Files\Oracle\Java\javapath;C:\ProgramData\Oracle\Java\javapath;%SystemRoot%\system32;%SystemRoot%;%SystemRoot%\System32\Wbem;%SYSTEMROOT%\System32\WindowsPowerShell\v1.0\;%SYSTEMROOT%\System32\OpenSSH\;C:\Program Files (x86)\eID_klient\
HKU\S-1-5-21-3760653307-1901750747-4286733701-1001\Control Panel\Desktop\\Wallpaper -> C:\Users\evamr\AppData\Local\Microsoft\Windows\Themes\RoamedThemeFiles\DesktopBackground\pozadie.jpg
DNS Servers: 192.168.1.1
HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Policies\System => (ConsentPromptBehaviorAdmin: 5) (ConsentPromptBehaviorUser: 3) (EnableLUA: 1)
HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer => (SmartScreenEnabled: )
Windows Firewall is enabled.

==================== MSCONFIG/TASK MANAGER disabled items ==

(If an entry is included in the fixlist, it will be removed.)

HKLM\...\StartupApproved\Run32: => "Adobe CCXProcess"
HKLM\...\StartupApproved\Run32: => "RadminVPN"
HKLM\...\StartupApproved\Run32: => "eID_Client"
HKU\S-1-5-21-3760653307-1901750747-4286733701-1001\...\StartupApproved\Run: => "Disig Web Signer"

==================== FirewallRules (Whitelisted) ================

(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)

FirewallRules: [TCP Query User{28AE79B0-C1E4-4483-898D-F15568F617AA}C:\users\evamr\appdata\local\packages\microsoft.4297127d64ec6_8wekyb3d8bbwe\localcache\local\runtime\java-runtime-gamma\windows-x64\java-runtime-gamma\bin\javaw.exe] => (Allow) C:\users\evamr\appdata\local\packages\microsoft.4297127d64ec6_8wekyb3d8bbwe\localcache\local\runtime\java-runtime-gamma\windows-x64\java-runtime-gamma\bin\javaw.exe
FirewallRules: [UDP Query User{CBEB3250-26CA-4644-AFA7-AB3047A464AF}C:\users\evamr\appdata\local\packages\microsoft.4297127d64ec6_8wekyb3d8bbwe\localcache\local\runtime\java-runtime-gamma\windows-x64\java-runtime-gamma\bin\javaw.exe] => (Allow) C:\users\evamr\appdata\local\packages\microsoft.4297127d64ec6_8wekyb3d8bbwe\localcache\local\runtime\java-runtime-gamma\windows-x64\java-runtime-gamma\bin\javaw.exe
FirewallRules: [TCP Query User{0EA447FB-E085-488A-B0B6-73C402A45263}C:\users\evamr\appdata\roaming\.tlauncher\jvms\jre1.8.0_281\bin\javaw.exe] => (Allow) C:\users\evamr\appdata\roaming\.tlauncher\jvms\jre1.8.0_281\bin\javaw.exe
FirewallRules: [UDP Query User{FAA7DB1E-DDBF-4545-B481-7A9122666604}C:\users\evamr\appdata\roaming\.tlauncher\jvms\jre1.8.0_281\bin\javaw.exe] => (Allow) C:\users\evamr\appdata\roaming\.tlauncher\jvms\jre1.8.0_281\bin\javaw.exe
FirewallRules: [{A8240B27-B3E5-4CA9-8818-CB3A1ED3DE95}] => (Block) C:\users\evamr\appdata\roaming\.tlauncher\jvms\jre1.8.0_281\bin\javaw.exe
FirewallRules: [{06EE5CB3-7C77-4048-9B61-D6AD86261ABA}] => (Block) C:\users\evamr\appdata\roaming\.tlauncher\jvms\jre1.8.0_281\bin\javaw.exe
FirewallRules: [TCP Query User{F7385C83-7F7D-494A-9E02-0125DC9B003B}C:\users\evamr\appdata\roaming\.minecraft\runtime\java-runtime-gamma\windows\java-runtime-gamma\bin\javaw.exe] => (Allow) C:\users\evamr\appdata\roaming\.minecraft\runtime\java-runtime-gamma\windows\java-runtime-gamma\bin\javaw.exe
FirewallRules: [UDP Query User{6B4F2888-F5A5-48F7-A109-9285B5DC6CB6}C:\users\evamr\appdata\roaming\.minecraft\runtime\java-runtime-gamma\windows\java-runtime-gamma\bin\javaw.exe] => (Allow) C:\users\evamr\appdata\roaming\.minecraft\runtime\java-runtime-gamma\windows\java-runtime-gamma\bin\javaw.exe
FirewallRules: [{45812794-F357-4AA9-8817-4FE13E9BCC87}] => (Block) C:\users\evamr\appdata\roaming\.minecraft\runtime\java-runtime-gamma\windows\java-runtime-gamma\bin\javaw.exe
FirewallRules: [{C1924348-B974-42A1-939B-E1A86C8F9A53}] => (Block) C:\users\evamr\appdata\roaming\.minecraft\runtime\java-runtime-gamma\windows\java-runtime-gamma\bin\javaw.exe
FirewallRules: [{57D9B99B-C030-4E93-AED8-63B19DF0BAA4}] => (Allow) C:\Program Files (x86)\Steam\Steam.exe (Valve Corp. -> Valve Corporation)
FirewallRules: [{5070059E-739E-4D63-8CF3-1C411F4843D6}] => (Allow) C:\Program Files (x86)\Steam\Steam.exe (Valve Corp. -> Valve Corporation)
FirewallRules: [{7B9C0F68-2F3E-4C12-9484-F074BE63A599}] => (Allow) C:\Program Files (x86)\Steam\bin\cef\cef.win7x64\steamwebhelper.exe (Valve Corp. -> Valve Corporation)
FirewallRules: [{6D4F522B-3247-4DB1-BB4D-D2929CDFEF7A}] => (Allow) C:\Program Files (x86)\Steam\bin\cef\cef.win7x64\steamwebhelper.exe (Valve Corp. -> Valve Corporation)
FirewallRules: [{032247F3-2337-4F53-AD5D-256CE90BB0DD}] => (Allow) C:\Program Files (x86)\Steam\steamapps\common\Counter-Strike Global Offensive\csgo.exe (Valve Corp. -> )
FirewallRules: [{67C83388-638A-4CE7-AE25-935BDF7E7CC4}] => (Allow) C:\Program Files (x86)\Steam\steamapps\common\Counter-Strike Global Offensive\csgo.exe (Valve Corp. -> )
FirewallRules: [TCP Query User{FFAFC30A-F0D1-4AC3-9C3B-D0F96A34E709}C:\users\evamr\appdata\local\faceit\app-1.31.7\faceit.exe] => (Allow) C:\users\evamr\appdata\local\faceit\app-1.31.7\faceit.exe (FACE IT LIMITED -> FACEIT Ltd.)
FirewallRules: [UDP Query User{035957EF-6711-4A9D-9DFF-446FA3365C83}C:\users\evamr\appdata\local\faceit\app-1.31.7\faceit.exe] => (Allow) C:\users\evamr\appdata\local\faceit\app-1.31.7\faceit.exe (FACE IT LIMITED -> FACEIT Ltd.)
FirewallRules: [{979630AF-A9AD-4AD3-8DEF-D827A45B4EE6}] => (Block) C:\users\evamr\appdata\local\faceit\app-1.31.7\faceit.exe (FACE IT LIMITED -> FACEIT Ltd.)
FirewallRules: [{8503F2C9-05E0-43A2-8750-1F1CE2FD32D8}] => (Block) C:\users\evamr\appdata\local\faceit\app-1.31.7\faceit.exe (FACE IT LIMITED -> FACEIT Ltd.)
FirewallRules: [{58342267-EF39-462F-8E82-9C6DAD14B94E}] => (Allow) C:\Program Files (x86)\Steam\steamapps\common\Hearts of Iron IV\dowser.exe (Paradox Interactive AB (publ) -> )
FirewallRules: [{31AF66BB-BF8C-47D2-88E6-8E1E8B65BAB2}] => (Allow) C:\Program Files (x86)\Steam\steamapps\common\Hearts of Iron IV\dowser.exe (Paradox Interactive AB (publ) -> )
FirewallRules: [{D6BEDCD5-F475-41D5-BD9B-87233C74736A}] => (Allow) C:\Program Files (x86)\Steam\steamapps\common\Hearts of Iron IV\hoi4.exe (Paradox Interactive AB (publ) -> Paradox Interactive)
FirewallRules: [{4C412B55-F9FE-4A64-85DF-956B500726C0}] => (Allow) C:\Program Files (x86)\Steam\steamapps\common\Hearts of Iron IV\hoi4.exe (Paradox Interactive AB (publ) -> Paradox Interactive)
FirewallRules: [TCP Query User{813A474E-3DED-400D-8DBD-172025970AB0}C:\program files\java\jdk-19\bin\javaw.exe] => (Allow) C:\program files\java\jdk-19\bin\javaw.exe
FirewallRules: [UDP Query User{6A8CF1BE-43EA-459C-87B2-39E25964BCC7}C:\program files\java\jdk-19\bin\javaw.exe] => (Allow) C:\program files\java\jdk-19\bin\javaw.exe
FirewallRules: [TCP Query User{17F806AB-A22B-48C4-AA05-FF5B2C0E863D}C:\program files\java\jdk-19\bin\java.exe] => (Allow) C:\program files\java\jdk-19\bin\java.exe
FirewallRules: [UDP Query User{F45219B2-E032-4B77-9713-5D76355A2C46}C:\program files\java\jdk-19\bin\java.exe] => (Allow) C:\program files\java\jdk-19\bin\java.exe
FirewallRules: [{960B469F-6E48-40CE-9730-0C8A24196E46}] => (Allow) C:\Program Files\WindowsApps\SpotifyAB.SpotifyMusic_1.200.1165.0_x86__zpdnekdrzrea0\Spotify.exe (Spotify AB -> Spotify Ltd)
FirewallRules: [{4284FD7A-1FF1-42BC-AF99-F9B696A3A203}] => (Allow) C:\Program Files\WindowsApps\SpotifyAB.SpotifyMusic_1.200.1165.0_x86__zpdnekdrzrea0\Spotify.exe (Spotify AB -> Spotify Ltd)
FirewallRules: [{DD29205B-D013-45E4-9F0B-2626CB9904B3}] => (Allow) C:\Program Files\WindowsApps\SpotifyAB.SpotifyMusic_1.200.1165.0_x86__zpdnekdrzrea0\Spotify.exe (Spotify AB -> Spotify Ltd)
FirewallRules: [{006DA0CE-37B4-4807-B599-B2148E2130E2}] => (Allow) C:\Program Files\WindowsApps\SpotifyAB.SpotifyMusic_1.200.1165.0_x86__zpdnekdrzrea0\Spotify.exe (Spotify AB -> Spotify Ltd)
FirewallRules: [{A3E8376C-2647-45FB-A099-C8F7520473CC}] => (Allow) C:\Program Files\WindowsApps\SpotifyAB.SpotifyMusic_1.200.1165.0_x86__zpdnekdrzrea0\Spotify.exe (Spotify AB -> Spotify Ltd)
FirewallRules: [{BD352CCF-7CC8-4533-AA63-04687ABDEBCC}] => (Allow) C:\Program Files\WindowsApps\SpotifyAB.SpotifyMusic_1.200.1165.0_x86__zpdnekdrzrea0\Spotify.exe (Spotify AB -> Spotify Ltd)
FirewallRules: [{D6F7D8E4-60C3-409E-B93C-6BB39E178F60}] => (Allow) C:\Program Files\WindowsApps\SpotifyAB.SpotifyMusic_1.200.1165.0_x86__zpdnekdrzrea0\Spotify.exe (Spotify AB -> Spotify Ltd)
FirewallRules: [{AAA75CDB-51CC-4236-95B0-921EC4967B26}] => (Allow) C:\Program Files\WindowsApps\SpotifyAB.SpotifyMusic_1.200.1165.0_x86__zpdnekdrzrea0\Spotify.exe (Spotify AB -> Spotify Ltd)
FirewallRules: [{2A42FF22-7511-4CDE-8F57-A2D234F464DD}] => (Allow) C:\Program Files\WindowsApps\Microsoft.SkypeApp_15.92.3204.0_x86__kzf8qxf38zg5c\Skype\Skype.exe (Skype Software Sarl -> Skype Technologies S.A.)
FirewallRules: [{A454AAA5-7813-4834-AA47-3106BA0B24BF}] => (Allow) C:\Program Files\WindowsApps\Microsoft.SkypeApp_15.92.3204.0_x86__kzf8qxf38zg5c\Skype\Skype.exe (Skype Software Sarl -> Skype Technologies S.A.)
FirewallRules: [{AC49DAA2-4EB2-4371-977F-2FC1511ED3C2}] => (Allow) C:\Program Files\WindowsApps\Microsoft.SkypeApp_15.92.3204.0_x86__kzf8qxf38zg5c\Skype\Skype.exe (Skype Software Sarl -> Skype Technologies S.A.)
FirewallRules: [{E6334E85-C0E4-4E64-82DF-88CB7C2540C7}] => (Allow) C:\Program Files\WindowsApps\Microsoft.SkypeApp_15.92.3204.0_x86__kzf8qxf38zg5c\Skype\Skype.exe (Skype Software Sarl -> Skype Technologies S.A.)
FirewallRules: [{E9D42DB3-5F85-43CC-9EE2-F5DB0EB7EE6F}] => (Allow) C:\Program Files (x86)\Steam\steamapps\common\Portal\hl2.exe (Valve Corp. -> )
FirewallRules: [{397E000B-0DE8-49DA-8D50-8627D1FC07B0}] => (Allow) C:\Program Files (x86)\Steam\steamapps\common\Portal\hl2.exe (Valve Corp. -> )
FirewallRules: [{47C635F2-FECC-4B2A-AB0F-8EC079DD2393}] => (Allow) C:\Program Files\Google\Chrome\Application\chrome.exe (Google LLC -> Google LLC)
FirewallRules: [{10D96BE2-A846-4931-8FE6-3F60640E8D3F}] => (Allow) C:\Program Files (x86)\Microsoft\EdgeWebView\Application\108.0.1462.54\msedgewebview2.exe (Microsoft Corporation -> Microsoft Corporation)

==================== Restore Points =========================

15-12-2022 13:58:18 Inštalátor modulov systému Windows
20-12-2022 12:11:45 Windows Update
30-12-2022 13:23:20 Scheduled Checkpoint

==================== Faulty Device Manager Devices ============

Name: SM Bus Controller
Description: SM Bus Controller
Class Guid: 
Manufacturer: 
Service: 
Problem: : The drivers for this device are not installed. (Code 28)
Resolution: To install the drivers for this device, click "Update Driver", which starts the Hardware Update wizard.

Name: 
Description: 
Class Guid: 
Manufacturer: 
Service: 
Problem: : The drivers for this device are not installed. (Code 28)
Resolution: To install the drivers for this device, click "Update Driver", which starts the Hardware Update wizard.


==================== Event log errors: ========================

Application errors:
==================
Error: (12/26/2022 09:37:56 AM) (Source: Application Error) (EventID: 1000) (User: )
Description: Názov chybujúcej aplikácie: RuntimeBroker.exe, verzia: 10.0.19041.746, časová značka: 0x5b78739c
Názov chybujúceho modulu: ntdll.dll, verzia: 10.0.19041.2130, časová značka: 0xb5ced1c6
Kód výnimky: 0xc0000374
Odstup chyby: 0x00000000000ff6a9
Identifikácia chybujúceho procesu: 0x24d8
Čas spustenia chybujúcej aplikácie: 0x01d918e957f1ea10
Cesta chybujúcej aplikácie: C:\Windows\System32\RuntimeBroker.exe
Cesta chybujúceho modulu: C:\Windows\SYSTEM32\ntdll.dll
Identifikácia hlásenia: 500fa401-5e95-47ef-b3b6-a931e5a93246
Celé meno chybujúceho balíka: Microsoft.Windows.Search_1.14.7.19041_neutral_neutral_cw5n1h2txyewy
Identifikácia chybujúcej aplikácie vzhľadom na balík: runtimebroker07f4358a809ac99a64a67c1

Error: (12/23/2022 09:47:14 PM) (Source: dLauncherLoopback) (EventID: 0) (User: )
Description: Event-ID 0

Error: (12/13/2022 03:11:55 PM) (Source: dLauncherLoopback) (EventID: 0) (User: )
Description: Event-ID 0

Error: (12/08/2022 03:22:55 AM) (Source: Application Error) (EventID: 1000) (User: )
Description: Názov chybujúcej aplikácie: HPPrintScanDoctorService.exe, verzia: 6.0.0.0, časová značka: 0x637723f5
Názov chybujúceho modulu: ntdll.dll, verzia: 10.0.19041.2130, časová značka: 0xb5ced1c6
Kód výnimky: 0xc0000374
Odstup chyby: 0x00000000000ff6a9
Identifikácia chybujúceho procesu: 0x355c
Čas spustenia chybujúcej aplikácie: 0x01d9084e7e0db906
Cesta chybujúcej aplikácie: C:\Program Files\HPPrintScanDoctor\HPPrintScanDoctorService.exe
Cesta chybujúceho modulu: C:\Windows\SYSTEM32\ntdll.dll
Identifikácia hlásenia: 9714d2c4-2092-4dcc-983d-845a313ec0fa
Celé meno chybujúceho balíka: 
Identifikácia chybujúcej aplikácie vzhľadom na balík:

Error: (12/02/2022 12:17:21 PM) (Source: Application Error) (EventID: 1000) (User: )
Description: Názov chybujúcej aplikácie: Ditec.Zep.DSigXadesStandalone.exe, verzia: 1.0.0.4, časová značka: 0x636399fe
Názov chybujúceho modulu: eIDCsp_x86.dll, verzia: 0.0.0.0, časová značka: 0x6334731e
Kód výnimky: 0xc0000005
Odstup chyby: 0x00006700
Identifikácia chybujúceho procesu: 0x3b24
Čas spustenia chybujúcej aplikácie: 0x01d9063f7d1bee1d
Cesta chybujúcej aplikácie: C:\Program Files (x86)\Ditec\DSigner .NET\Ditec.Zep.DSigXadesStandalone.exe
Cesta chybujúceho modulu: C:\Program Files (x86)\eID_klient\eIDCsp_x86.dll
Identifikácia hlásenia: 658916b2-8bcb-4efb-9a30-74e73d0e1c3d
Celé meno chybujúceho balíka: 
Identifikácia chybujúcej aplikácie vzhľadom na balík:

Error: (11/29/2022 10:15:46 PM) (Source: Application Error) (EventID: 1000) (User: )
Description: Názov chybujúcej aplikácie: libreviewdevicedrivers.exe, verzia: 3.3.3.0, časová značka: 0x61e594d4
Názov chybujúceho modulu: LibreReaderInterface.dll, verzia: 0.0.0.0, časová značka: 0x625f39c8
Kód výnimky: 0xc0000005
Odstup chyby: 0x00149f81
Identifikácia chybujúceho procesu: 0x11ec
Čas spustenia chybujúcej aplikácie: 0x01d904375e0e6dce
Cesta chybujúcej aplikácie: C:\Program Files (x86)\LibreView Device Drivers\libreviewdevicedrivers.exe
Cesta chybujúceho modulu: C:\Program Files (x86)\LibreView Device Drivers\LibreReaderInterface.dll
Identifikácia hlásenia: 34cfa57d-65a6-4d0b-bd45-8b22627876df
Celé meno chybujúceho balíka: 
Identifikácia chybujúcej aplikácie vzhľadom na balík:

Error: (11/29/2022 10:15:46 PM) (Source: .NET Runtime) (EventID: 1026) (User: )
Description: Application: libreviewdevicedrivers.exe
Framework Version: v4.0.30319
Description: The process was terminated due to an unhandled exception.
Exception Info: exception code c0000005, exception address 6C879F81
Stack:

Error: (11/27/2022 07:28:10 AM) (Source: Application Error) (EventID: 1000) (User: )
Description: Názov chybujúcej aplikácie: Microsoft.SharePoint.exe, verzia: 22.227.1030.1, časová značka: 0x45351236
Názov chybujúceho modulu: ntdll.dll, verzia: 10.0.19041.2130, časová značka: 0xb5ced1c6
Kód výnimky: 0xc0000409
Odstup chyby: 0x000000000008c67f
Identifikácia chybujúceho procesu: 0x27e8
Čas spustenia chybujúcej aplikácie: 0x01d9022965c4efbd
Cesta chybujúcej aplikácie: C:\Users\evamr\AppData\Local\Microsoft\OneDrive\22.227.1030.0001\Microsoft.SharePoint.exe
Cesta chybujúceho modulu: C:\Windows\SYSTEM32\ntdll.dll
Identifikácia hlásenia: a6f1eb18-683f-41cc-9468-ca6a60679300
Celé meno chybujúceho balíka: 
Identifikácia chybujúcej aplikácie vzhľadom na balík:


System errors:
=============
Error: (12/20/2022 05:14:30 PM) (Source: DCOM) (EventID: 10010) (User: DESKTOP-P745MGV)
Description: The server Windows.Media.Capture.Internal.AppCaptureShell did not register with DCOM within the required timeout.

Error: (12/18/2022 03:39:16 PM) (Source: Microsoft-Windows-WindowsUpdateClient) (EventID: 20) (User: NT AUTHORITY)
Description: Zlyhanie inštalácie: Systému Windows sa nepodarilo nainštalovať nasledujúcu aktualizáciu. Vyskytla sa chyba 0x80073d02: 9WZDNCRF0083-FACEBOOK.317180B0BB486.

Error: (12/17/2022 12:13:18 PM) (Source: EventLog) (EventID: 6008) (User: )
Description: The previous system shutdown at 11:00:37 on ‎17. ‎12. ‎2022 was unexpected.

Error: (12/11/2022 03:11:43 PM) (Source: Service Control Manager) (EventID: 7000) (User: )
Description: Spustenie služby Steam Client Service zlyhalo kvôli nasledujúcej chybe: 
The service did not respond to the start or control request in a timely fashion.

Error: (12/11/2022 03:11:43 PM) (Source: Service Control Manager) (EventID: 7009) (User: )
Description: Počas čakania na pripojenie služby Steam Client Service bol dosiahnutý časový limit (30000 ms).

Error: (12/10/2022 04:04:54 PM) (Source: Microsoft-Windows-WindowsUpdateClient) (EventID: 20) (User: NT AUTHORITY)
Description: Zlyhanie inštalácie: Systému Windows sa nepodarilo nainštalovať nasledujúcu aktualizáciu. Vyskytla sa chyba 0x80073d02: 9WZDNCRF0083-FACEBOOK.317180B0BB486.

Error: (12/09/2022 10:52:28 AM) (Source: Microsoft-Windows-WindowsUpdateClient) (EventID: 20) (User: NT AUTHORITY)
Description: Zlyhanie inštalácie: Systému Windows sa nepodarilo nainštalovať nasledujúcu aktualizáciu. Vyskytla sa chyba 0x80073d02: 9WZDNCRF0083-FACEBOOK.317180B0BB486.

Error: (12/08/2022 03:22:56 AM) (Source: Service Control Manager) (EventID: 7031) (User: )
Description: Služba HP Print Scan Doctor Service sa neočakávane ukončila. Služba sa týmto spôsobom ukončila už 1 krát. O 5000 ms bude vykonaná nasledujúca opravná akcia: Reštartovať službu.


Windows Defender:
================
Date: 2023-01-04 13:58:04
Description: 
Microsoft Defender Antivirus scan has been stopped before completion.
Scan Type: Antimalware
Scan Parameters: Quick Scan

Date: 2023-01-03 07:14:28
Description: 
Microsoft Defender Antivirus scan has been stopped before completion.
Scan Type: Antimalware
Scan Parameters: Quick Scan

Date: 2022-12-31 21:27:09
Description: 
Microsoft Defender Antivirus scan has been stopped before completion.
Scan Type: Antimalware
Scan Parameters: Quick Scan

Date: 2022-12-30 19:07:12
Description: 
Microsoft Defender Antivirus scan has been stopped before completion.
Scan Type: Antimalware
Scan Parameters: Quick Scan

Date: 2022-12-30 13:20:17
Description: 
Microsoft Defender Antivirus scan has been stopped before completion.
Scan Type: Antimalware
Scan Parameters: Quick Scan

==================== Memory info =========================== 

BIOS: American Megatrends Inc. V1.1 08/19/2013
Motherboard: MSI H81M-P33 (MS-7817)
Processor: Intel(R) Core(TM) i3-4130 CPU @ 3.40GHz
Percentage of memory in use: 91%
Total physical RAM: 8136.07 MB
Available physical RAM: 700.29 MB
Total Virtual: 16975.04 MB
Available Virtual: 2597.46 MB

==================== Drives ================================

Drive c: () (Fixed) (Total:237.97 GB) (Free:36.38 GB) (Model: KINGSTON SKC600256G) NTFS ==>[drive with boot components (obtained from BCD)]

\\?\Volume{833efe45-0000-0000-0000-007e3b000000}\ () (Fixed) (Total:0.5 GB) (Free:0.08 GB) NTFS

==================== MBR & Partition Table ====================

==========================================================
Disk: 0 (MBR Code: Windows 7/8/10) (Size: 238.5 GB) (Disk ID: 833EFE45)
Partition 1: (Active) - (Size=238 GB) - (Type=07 NTFS)
Partition 2: (Not Active) - (Size=516 MB) - (Type=27)

==================== End of Addition.txt =======================

Uživatelský avatar
JaRon
Moderátor
Moderátor
Příspěvky: 15192
Registrován: 29 bře 2005 13:39
Bydliště: BB-SK

Re: Prosím o prevenci

#3 Příspěvek od JaRon »

ahoj,
nejak to tu ostalo opustene :(
1. nevkladaj prispevky do code - zle sa to cita
2. pozri velkost adresra plocha\desktop - ak presahuje 1GB uprac
3. vycisti PC s ADWCleanerom - log sem
4. s prikazoveho riadku spusteneho ako spravca spust sfc /scannow
FRST |ADWCleaner |MBAM |CCleaner |AVPTool

V prípade spokojnosti je možné podporiť fórum
https://platba.viry.cz/payment/

ceasare
Návštěvník
Návštěvník
Příspěvky: 62
Registrován: 29 říj 2011 21:22

Re: Prosím o prevenci

#4 Příspěvek od ceasare »

log z ADW

# -------------------------------
# Malwarebytes AdwCleaner 8.4.0.0
# -------------------------------
# Build: 08-30-2022
# Database: 2022-10-10.1 (Cloud)
# Support: https://www.malwarebytes.com/support
#
# -------------------------------
# Mode: Clean
# -------------------------------
# Start: 01-09-2023
# Duration: 00:00:02
# OS: Windows 10 (Build 19044.2364)
# Cleaned: 9
# Failed: 0


***** [ Services ] *****

No malicious services cleaned.

***** [ Folders ] *****

Deleted C:\Program Files (x86)\GreenTree Applications

***** [ Files ] *****

No malicious files cleaned.

***** [ DLL ] *****

No malicious DLLs cleaned.

***** [ WMI ] *****

No malicious WMI cleaned.

***** [ Shortcuts ] *****

No malicious shortcuts cleaned.

***** [ Tasks ] *****

No malicious tasks cleaned.

***** [ Registry ] *****

Deleted HKCU\Software\Lavasoft\Web Companion
Deleted HKCU\Software\Microsoft\Windows\CurrentVersion\Internet Settings\ZoneMap\Domains\webcompanion.com
Deleted HKLM\Software\Wow6432Node\Lavasoft\Web Companion
Deleted HKLM\Software\Wow6432Node\{DAF8B7E5-449D-4180-8281-10E536E597F2}
Deleted HKU\.DEFAULT\Software\Microsoft\Windows\CurrentVersion\Internet Settings\ZoneMap\Domains\webcompanion.com
Deleted HKU\S-1-5-18\Software\Microsoft\Windows\CurrentVersion\Internet Settings\ZoneMap\Domains\webcompanion.com

***** [ Chromium (and derivatives) ] *****

No malicious Chromium entries cleaned.

***** [ Chromium URLs ] *****

Deleted http://mystart.incredibar.com/mb187?a=6OyT6MPidt&i=26
Deleted http://mystart.incredibar.com/mb187?a=6OyT6MPidt&i=26

***** [ Firefox (and derivatives) ] *****

No malicious Firefox entries cleaned.

***** [ Firefox URLs ] *****

No malicious Firefox URLs cleaned.

***** [ Hosts File Entries ] *****

No malicious hosts file entries cleaned.

***** [ Preinstalled Software ] *****

No Preinstalled Software cleaned.


*************************

[+] Delete Tracing Keys
[+] Reset Winsock

*************************

AdwCleaner[S00].txt - [2230 octets] - [09/01/2023 11:05:58]

########## EOF - C:\AdwCleaner\Logs\AdwCleaner[C00].txt ##########

ceasare
Návštěvník
Návštěvník
Příspěvky: 62
Registrován: 29 říj 2011 21:22

Re: Prosím o prevenci

#5 Příspěvek od ceasare »

Ten 4 bod som uskutočnil len neviem či si chcel nejaký "log" čo mi po skončení napísalo :)

Uživatelský avatar
JaRon
Moderátor
Moderátor
Příspěvky: 15192
Registrován: 29 bře 2005 13:39
Bydliště: BB-SK

Re: Prosím o prevenci

#6 Příspěvek od JaRon »

takze mame hotovo :) log mi netreba
FRST |ADWCleaner |MBAM |CCleaner |AVPTool

V prípade spokojnosti je možné podporiť fórum
https://platba.viry.cz/payment/

ceasare
Návštěvník
Návštěvník
Příspěvky: 62
Registrován: 29 říj 2011 21:22

Re: Prosím o prevenci

#7 Příspěvek od ceasare »

JaRon píše: 09 led 2023 11:37 takze mame hotovo :) log mi netreba
Ďakujem pekne :)

Uživatelský avatar
JaRon
Moderátor
Moderátor
Příspěvky: 15192
Registrován: 29 bře 2005 13:39
Bydliště: BB-SK

Re: Prosím o prevenci

#8 Příspěvek od JaRon »

rado sa stalo :)
FRST |ADWCleaner |MBAM |CCleaner |AVPTool

V prípade spokojnosti je možné podporiť fórum
https://platba.viry.cz/payment/

Zamčeno