VIRY.CZ

Posledný deň počitač začal byť pomalší a wifi odpája a pripája pomerne dosť často. Ďakujem za bližšie info.

Zdravím!
Dejte logy FRST+Addition: https://forum.viry.cz/viewtopic.php?f=13&t=154679 .

Scan result of Farbar Recovery Scan Tool (FRST) (x64) Version: 26-07-2020
Ran by Patrik (administrator) on DESKTOP-0VE0488 (MICRO-STAR INTERNATIONAL CO.,LTD MS-AC71) (26-07-2020 17:34:33)
Running from C:\Users\Patrik\Desktop
Loaded Profiles: Patrik
Platform: Windows 10 Home Version 1909 18363.836 (X64) Language: Slovenčina (Slovensko)
Default browser: "C:\Program Files (x86)\BraveSoftware\Brave-Browser\Application\brave.exe" -- "%1"
Boot Mode: Normal
Tutorial for Farbar Recovery Scan Tool: http://www.geekstogo.com/forum/topic/33 ... scan-tool/

==================== Processes (Whitelisted) =================

(If an entry is included in the fixlist, the process will be closed. The file will not be moved.)

(Adobe Inc. -> Adobe Inc.) C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\armsvc.exe
(Brave Software, Inc. -> Brave Software, Inc.) C:\Program Files (x86)\BraveSoftware\Brave-Browser\Application\brave.exe <36>
(Intel Corporation -> Intel Corporation) C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\LMS\LMS.exe
(Intel Corporation -> Intel Corporation) C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\UNS\UNS.exe
(Intel® Upgrade Service -> Intel(R) Corporation) C:\Program Files\Intel\iCLS Client\HeciServer.exe
(Microsoft Windows -> Microsoft Corporation) C:\Windows\System32\dllhost.exe <2>
(Microsoft Windows -> Microsoft Corporation) C:\Windows\System32\SecurityHealthHost.exe
(Microsoft Windows -> Microsoft Corporation) C:\Windows\System32\smartscreen.exe
(Microsoft Windows Publisher -> Microsoft Corporation) C:\ProgramData\Microsoft\Windows Defender\Platform\4.18.2006.10-0\MsMpEng.exe
(Microsoft Windows Publisher -> Microsoft Corporation) C:\ProgramData\Microsoft\Windows Defender\Platform\4.18.2006.10-0\NisSrv.exe
(Mozilla Corporation -> Mozilla Corporation) C:\Program Files (x86)\Mozilla Thunderbird\thunderbird.exe
(TeamViewer Germany GmbH -> TeamViewer Germany GmbH) C:\Program Files (x86)\TeamViewer\TeamViewer_Service.exe

==================== Registry (Whitelisted) ===================

(If an entry is included in the fixlist, the registry item will be restored to default or removed. The file will not be moved.)

HKLM\...\Run: [AdobeAAMUpdater-1.0] => C:\Program Files (x86)\Common Files\Adobe\OOBE\PDApp\UWA\UpdaterStartupUtility.exe [509936 2018-04-11] (Adobe Systems Incorporated -> Adobe Systems Incorporated)
HKU\S-1-5-19\...\RunOnce: [WAB Migrate] => C:\Program Files\Windows Mail\wab.exe [518656 2019-03-19] (Microsoft Windows -> Microsoft Corporation)
HKU\S-1-5-20\...\RunOnce: [WAB Migrate] => C:\Program Files\Windows Mail\wab.exe [518656 2019-03-19] (Microsoft Windows -> Microsoft Corporation)
HKU\S-1-5-21-2643388380-1025555211-3956825347-1001\...\RunOnce: [Application Restart #0] => C:\Program Files (x86)\BraveSoftware\Brave-Browser\Application\brave.exe [2120872 2020-07-15] (Brave Software, Inc. -> Brave Software, Inc.)
HKU\S-1-5-21-2643388380-1025555211-3956825347-1001\...\MountPoints2: {bc44bac0-a50a-11ea-96c6-6c626deb08c3} - "E:\HiSuiteDownLoader.exe"
HKLM\...\Windows x64\Print Processors\HPM1210PrintProc: C:\Windows\System32\spool\prtprocs\x64\HPM1210PP.dll [74240 2012-09-29] () [File not signed]
HKLM\...\Print\Monitors\HPM1210LM: HPM1210LM.DLL
HKLM\...\Print\Monitors\PDF-XChange Lite Port Monitor: C:\WINDOWS\system32\pxcpmL.dll [2187520 2019-04-22] (Tracker Software Products (Canada) Ltd. -> Tracker Software Products (Canada) Ltd.)
HKLM\Software\Microsoft\Active Setup\Installed Components: [{8A69D345-D564-463c-AFF1-A69D9E530F96}] -> C:\Program Files (x86)\Google\Chrome\Application\84.0.4147.89\Installer\chrmstp.exe [2020-07-21] (Google LLC -> Google LLC)
HKLM\Software\Microsoft\Active Setup\Installed Components: [{AFE6A462-C574-4B8A-AF43-4CC60DF4563B}] -> C:\Program Files (x86)\BraveSoftware\Brave-Browser\Application\84.1.11.101\Installer\chrmstp.exe [2020-07-24] (Brave Software, Inc.) [File not signed]

==================== Scheduled Tasks (Whitelisted) ============

(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)

Task: {056BC6A8-CC2C-463E-8B03-65AB5CFBD21B} - System32\Tasks\Microsoft\Windows\Windows Defender\Windows Defender Cleanup => C:\ProgramData\Microsoft\Windows Defender\platform\4.18.2006.10-0\MpCmdRun.exe [512272 2020-07-14] (Microsoft Windows Publisher -> Microsoft Corporation)
Task: {19475FD5-F18C-47BA-AF74-DF57EFDABB3C} - System32\Tasks\GoogleUpdateTaskMachineUA => C:\Program Files (x86)\Google\Update\GoogleUpdate.exe [156456 2019-04-17] (Google Inc -> Google LLC)
Task: {58C6F9BC-9CF2-4795-85C5-05A256C33F2A} - System32\Tasks\CCleanerSkipUAC => C:\Program Files\CCleaner\CCleaner.exe [24910520 2020-07-09] (Piriform Software Ltd -> Piriform Software Ltd)
Task: {795C8558-C37E-4316-A07E-99FF15CD47AE} - System32\Tasks\BraveSoftwareUpdateTaskMachineUA => C:\Program Files (x86)\BraveSoftware\Update\BraveUpdate.exe [157320 2020-01-10] (Brave Software, Inc. -> BraveSoftware Inc.)
Task: {7B0059D3-5AFB-429F-AD22-432D447723EC} - System32\Tasks\BraveSoftwareUpdateTaskMachineCore => C:\Program Files (x86)\BraveSoftware\Update\BraveUpdate.exe [157320 2020-01-10] (Brave Software, Inc. -> BraveSoftware Inc.)
Task: {7E5ECD54-9CBA-4BAB-A242-BA20B62A3919} - System32\Tasks\Adobe Flash Player Updater => C:\Windows\SysWOW64\Macromed\Flash\FlashPlayerUpdateService.exe [335416 2020-07-15] (Adobe Inc. -> Adobe)
Task: {8EF34A37-FF75-4106-8A9D-1046D4DC792F} - System32\Tasks\Adobe Acrobat Update Task => C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\AdobeARM.exe [1331792 2020-05-07] (Adobe Inc. -> Adobe Inc.)
Task: {9905072C-83BD-49AA-B0BB-33042AA378CE} - System32\Tasks\Microsoft\Windows\Windows Defender\Windows Defender Scheduled Scan => C:\ProgramData\Microsoft\Windows Defender\platform\4.18.2006.10-0\MpCmdRun.exe [512272 2020-07-14] (Microsoft Windows Publisher -> Microsoft Corporation)
Task: {9E647783-5A24-4140-9100-857BBE1B0371} - System32\Tasks\CCleaner Update => C:\Program Files\CCleaner\CCUpdate.exe [686384 2020-07-09] (Piriform Software Ltd -> Piriform Software Ltd)
Task: {C8EDABE8-D6B9-4924-A3FC-1A200FFE1887} - System32\Tasks\GoogleUpdateTaskMachineCore => C:\Program Files (x86)\Google\Update\GoogleUpdate.exe [156456 2019-04-17] (Google Inc -> Google LLC)
Task: {E06432A7-5A4A-485C-8D64-C98E67583289} - System32\Tasks\Microsoft\Windows\Windows Defender\Windows Defender Cache Maintenance => C:\ProgramData\Microsoft\Windows Defender\platform\4.18.2006.10-0\MpCmdRun.exe [512272 2020-07-14] (Microsoft Windows Publisher -> Microsoft Corporation)
Task: {E91DCE26-D00F-4C3A-AE3A-F8BD02BED7BE} - System32\Tasks\Adobe Flash Player PPAPI Notifier => C:\WINDOWS\SysWOW64\Macromed\Flash\FlashUtil32_32_0_0_403_pepper.exe [1471032 2020-07-15] (Adobe Inc. -> Adobe)
Task: {EAB849A4-E76C-4FE7-8E01-061C1D776308} - System32\Tasks\Microsoft\Windows\Windows Defender\Windows Defender Verification => C:\ProgramData\Microsoft\Windows Defender\platform\4.18.2006.10-0\MpCmdRun.exe [512272 2020-07-14] (Microsoft Windows Publisher -> Microsoft Corporation)

(If an entry is included in the fixlist, the task (.job) file will be moved. The file which is running by the task will not be moved.)


==================== Internet (Whitelisted) ====================

(If an item is included in the fixlist, if it is a registry item it will be removed or restored to default.)

Tcpip\Parameters: [DhcpNameServer] 192.168.1.1 0.0.0.0
Tcpip\..\Interfaces\{0e1f012a-a63c-42a3-a85c-496197391a98}: [DhcpNameServer] 192.168.1.1 0.0.0.0

Internet Explorer:
==================
BHO: Java(tm) Plug-In SSV Helper -> {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} -> C:\Program Files\Java\jre1.8.0_211\bin\ssv.dll [2019-04-17] (Oracle America, Inc. -> Oracle Corporation)
BHO: Java(tm) Plug-In 2 SSV Helper -> {DBC80044-A445-435b-BC74-9C25C1C588A9} -> C:\Program Files\Java\jre1.8.0_211\bin\jp2ssv.dll [2019-04-17] (Oracle America, Inc. -> Oracle Corporation)
DPF: HKLM-x32 {62789780-B744-11D0-986B-00609731A21D} hxxps://mapa.katasterportal.sk/kapor2/lib/mgaxctrl.cab

Edge:
======
DownloadDir: C:\Users\Patrik\Downloads
Edge Profile: C:\Users\Patrik\AppData\Local\Microsoft\Edge\User Data\Default [2020-07-23]
Edge DownloadDir: C:\Users\Patrik\Downloads

FireFox:
========
FF DefaultProfile: 6qt5wsey.default
FF ProfilePath: C:\Users\Patrik\AppData\Roaming\Mozilla\Firefox\Profiles\6qt5wsey.default [2020-07-23]
FF DownloadDir: C:\Users\Patrik\Desktop
FF Extension: (To Google Translate) - C:\Users\Patrik\AppData\Roaming\Mozilla\Firefox\Profiles\6qt5wsey.default\Extensions\jid1-93WyvpgvxzGATw@jetpack.xpi [2019-11-26]
FF Plugin: @java.com/DTPlugin,version=11.211.2 -> C:\Program Files\Java\jre1.8.0_211\bin\dtplugin\npDeployJava1.dll [2019-04-17] (Oracle America, Inc. -> Oracle Corporation)
FF Plugin: @java.com/JavaPlugin,version=11.211.2 -> C:\Program Files\Java\jre1.8.0_211\bin\plugin2\npjp2.dll [2019-04-17] (Oracle America, Inc. -> Oracle Corporation)
FF Plugin: @tracker-software.com/PDF-XChange Editor Plugin,version=1.0,application/vnd.adobe.xfdf -> C:\Program Files\Tracker Software\PDF Editor\npPDFXEditPlugin.x64.dll [No File]
FF Plugin: @tracker-software.com/PDF-XChange Editor Plugin,version=1.0,application/vnd.fdf -> C:\Program Files\Tracker Software\PDF Editor\npPDFXEditPlugin.x64.dll [No File]
FF Plugin: @videolan.org/vlc,version=3.0.10 -> C:\Program Files\VideoLAN\VLC\npvlc.dll [2020-06-04] (VideoLAN -> VideoLAN)
FF Plugin: @videolan.org/vlc,version=3.0.11 -> C:\Program Files\VideoLAN\VLC\npvlc.dll [2020-06-04] (VideoLAN -> VideoLAN)
FF Plugin: @videolan.org/vlc,version=3.0.7.1 -> C:\Program Files\VideoLAN\VLC\npvlc.dll [2020-06-04] (VideoLAN -> VideoLAN)
FF Plugin: @videolan.org/vlc,version=3.0.8 -> C:\Program Files\VideoLAN\VLC\npvlc.dll [2020-06-04] (VideoLAN -> VideoLAN)
FF Plugin-x32: @tools.brave.com/BraveSoftware Update;version=3 -> C:\Program Files (x86)\BraveSoftware\Update\1.3.99.0\npBraveUpdate3.dll [2020-01-10] (Brave Software, Inc. -> BraveSoftware Inc.)
FF Plugin-x32: @tools.brave.com/BraveSoftware Update;version=9 -> C:\Program Files (x86)\BraveSoftware\Update\1.3.99.0\npBraveUpdate3.dll [2020-01-10] (Brave Software, Inc. -> BraveSoftware Inc.)
FF Plugin-x32: @tracker-software.com/PDF-XChange Editor Plugin,version=1.0,application/vnd.adobe.xfdf -> C:\Program Files\Tracker Software\PDF Editor\npPDFXEditPlugin.x86.dll [No File]
FF Plugin-x32: @tracker-software.com/PDF-XChange Editor Plugin,version=1.0,application/vnd.fdf -> C:\Program Files\Tracker Software\PDF Editor\npPDFXEditPlugin.x86.dll [No File]
FF Plugin-x32: Adobe Reader -> C:\Program Files (x86)\Adobe\Acrobat Reader DC\Reader\AIR\nppdf32.dll [2020-05-04] (Adobe Inc. -> Adobe Systems Inc.)
FF Plugin-x32: ditec.sk/DAsicFac -> C:\PROGRA~2\Ditec\DSIGNE~2.NET\NPDITE~1.DLL [2019-03-06] (DITEC, a.s. -> Ditec,a.s.)
FF Plugin-x32: ditec.sk/DitecZepDViewerFb -> C:\PROGRA~2\Ditec\DViewer\NPDITE~1.DLL [2019-04-16] (DITEC, a.s. -> Ditec, a.s.)
FF Plugin-x32: ditec.sk/DSigMessageContainer -> C:\PROGRA~2\Ditec\DSIGNE~2.NET\NPDITE~2.DLL [2016-12-15] (DITEC, a.s. -> Ditec, a.s.)
FF Plugin-x32: ditec.sk/DSigXadesExtender -> C:\PROGRA~2\Ditec\DSIGNE~2.NET\NPDITE~3.DLL [2016-12-15] (DITEC, a.s. -> Ditec, a.s.)
FF Plugin-x32: ditec.sk/DSigXadesFb -> C:\PROGRA~2\Ditec\DSIGNE~1.NET\NPDITE~1.DLL [2019-03-25] (DITEC, a.s. -> Ditec,a.s.)
FF Plugin-x32: ditec.sk/XmlDataContainerFb -> C:\PROGRA~2\Ditec\DSIGNE~1.NET\NPDITE~2.DLL [2019-03-25] (DITEC, a.s. -> Ditec,a.s.)
FF Plugin HKU\.DEFAULT: @tracker-software.com/PDF-XChange Editor Plugin,version=1.0,application/pdf -> C:\Program Files\Tracker Software\PDF Editor\npPDFXEditPlugin.x64.dll [No File]
FF Plugin HKU\.DEFAULT: @tracker-software.com/PDF-XChange Editor Plugin,version=1.0,application/vnd.adobe.xfdf -> C:\Program Files\Tracker Software\PDF Editor\npPDFXEditPlugin.x64.dll [No File]
FF Plugin HKU\.DEFAULT: @tracker-software.com/PDF-XChange Editor Plugin,version=1.0,application/vnd.fdf -> C:\Program Files\Tracker Software\PDF Editor\npPDFXEditPlugin.x64.dll [No File]
FF Plugin HKU\S-1-5-21-2643388380-1025555211-3956825347-1001: @tracker-software.com/PDF-XChange Editor Plugin,version=1.0,application/pdf -> C:\Program Files\Tracker Software\PDF Editor\npPDFXEditPlugin.x64.dll [No File]
FF Plugin HKU\S-1-5-21-2643388380-1025555211-3956825347-1001: @tracker-software.com/PDF-XChange Editor Plugin,version=1.0,application/vnd.adobe.xfdf -> C:\Program Files\Tracker Software\PDF Editor\npPDFXEditPlugin.x64.dll [No File]
FF Plugin HKU\S-1-5-21-2643388380-1025555211-3956825347-1001: @tracker-software.com/PDF-XChange Editor Plugin,version=1.0,application/vnd.fdf -> C:\Program Files\Tracker Software\PDF Editor\npPDFXEditPlugin.x64.dll [No File]

Chrome:
=======
CHR DefaultProfile: Default
CHR Profile: C:\Users\Patrik\AppData\Local\Google\Chrome\User Data\Default [2020-07-26]
CHR DownloadDir: C:\Users\Patrik\Desktop
CHR StartupUrls: Default -> "hxxp://www.inmail.sk/"
CHR DefaultSearchURL: Default -> hxxps://www.instagram.com/static/images/ico/xxh ... 09d459.png
CHR Extension: (Prezentácie) - C:\Users\Patrik\AppData\Local\Google\Chrome\User Data\Default\Extensions\aapocclcgogkmnckokdopfmhonfmgoek [2019-04-17]
CHR Extension: (Webpage Screenshot - Entire page screenshot!) - C:\Users\Patrik\AppData\Local\Google\Chrome\User Data\Default\Extensions\akgpcdalpfphjmfifkmfbpdmgdmeeaeo [2020-04-18]
CHR Extension: (Dokumenty) - C:\Users\Patrik\AppData\Local\Google\Chrome\User Data\Default\Extensions\aohghmighlieiainnegkcijnfilokake [2019-04-17]
CHR Extension: (Disk Google) - C:\Users\Patrik\AppData\Local\Google\Chrome\User Data\Default\Extensions\apdfllckaahabafndbhieahigkjlhalf [2019-04-17]
CHR Extension: (YouTube) - C:\Users\Patrik\AppData\Local\Google\Chrome\User Data\Default\Extensions\blpcfgokakmgnkcojhhkbfbldkacnbeo [2019-04-17]
CHR Extension: (Adblock Plus - free ad blocker) - C:\Users\Patrik\AppData\Local\Google\Chrome\User Data\Default\Extensions\cfhdojbkjhnklbpkdaibdccddilifddb [2020-07-23]
CHR Extension: (Tabuľky) - C:\Users\Patrik\AppData\Local\Google\Chrome\User Data\Default\Extensions\felcaaldnbdncclmgdcncolpebgiejap [2019-04-17]
CHR Extension: (Dokumenty Google v režime offline) - C:\Users\Patrik\AppData\Local\Google\Chrome\User Data\Default\Extensions\ghbmnnjooekpmoecnnnilnnbdlolhkhi [2020-05-26]
CHR Extension: (Refundo Toolbar) - C:\Users\Patrik\AppData\Local\Google\Chrome\User Data\Default\Extensions\hbjmbmcpeaglnnglogmcnhcdagdaepep [2020-01-27]
CHR Extension: (Instagram) - C:\Users\Patrik\AppData\Local\Google\Chrome\User Data\Default\Extensions\maonlnecdeecdljpahhnnlmhbmalehlm [2020-04-30]
CHR Extension: (Tipli do prehliadača) - C:\Users\Patrik\AppData\Local\Google\Chrome\User Data\Default\Extensions\mpijoellhiljjmeeloljbehhhjkpijpb [2019-04-17]
CHR Extension: (MetaMask) - C:\Users\Patrik\AppData\Local\Google\Chrome\User Data\Default\Extensions\nkbihfbeogaeaoehlefnkodbefgpgknn [2020-07-23]
CHR Extension: (Platby Internetového obchodu Chrome) - C:\Users\Patrik\AppData\Local\Google\Chrome\User Data\Default\Extensions\nmmhkkegccagdldgiimedpiccmgmieda [2019-10-10]
CHR Extension: (Disig Web Signer 1.0.7) - C:\Users\Patrik\AppData\Local\Google\Chrome\User Data\Default\Extensions\odbdbcaekkgabdfaabepfjgiooilmaoe [2019-11-20]
CHR Extension: (Gmail) - C:\Users\Patrik\AppData\Local\Google\Chrome\User Data\Default\Extensions\pjkljhegncpnkpknbcohdijeoejaedia [2019-04-17]
CHR Extension: (Chrome Media Router) - C:\Users\Patrik\AppData\Local\Google\Chrome\User Data\Default\Extensions\pkedcjkdefgpdelpbcmbmeomcjbeemfm [2020-07-21]
CHR Profile: C:\Users\Patrik\AppData\Local\Google\Chrome\User Data\Guest Profile [2020-07-23]
CHR HKLM-x32\...\Chrome\Extension: [odbdbcaekkgabdfaabepfjgiooilmaoe]

==================== Services (Whitelisted) ===================

(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)

S4 AdobeFlashPlayerUpdateSvc; C:\Windows\SysWOW64\Macromed\Flash\FlashPlayerUpdateService.exe [335416 2020-07-15] (Adobe Inc. -> Adobe)
S2 brave; C:\Program Files (x86)\BraveSoftware\Update\BraveUpdate.exe [157320 2020-01-10] (Brave Software, Inc. -> BraveSoftware Inc.)
S3 bravem; C:\Program Files (x86)\BraveSoftware\Update\BraveUpdate.exe [157320 2020-01-10] (Brave Software, Inc. -> BraveSoftware Inc.)
S4 dLauncherLoopback; C:\Program Files (x86)\Ditec\DLauncher\dLauncherLoopback.exe [156984 2017-09-29] (DITEC, a.s. -> )
R2 Intel(R) Capability Licensing Service Interface; C:\Program Files\Intel\iCLS Client\HeciServer.exe [635104 2012-04-20] (Intel® Upgrade Service -> Intel(R) Corporation)
S4 ssh-agent; C:\WINDOWS\System32\OpenSSH\ssh-agent.exe [384512 2019-03-19] (Microsoft Windows -> )
R3 TeamViewer; C:\Program Files (x86)\TeamViewer\TeamViewer_Service.exe [13088784 2020-05-25] (TeamViewer Germany GmbH -> TeamViewer Germany GmbH)
R3 WdNisSvc; C:\ProgramData\Microsoft\Windows Defender\platform\4.18.2006.10-0\NisSrv.exe [2496144 2020-07-14] (Microsoft Windows Publisher -> Microsoft Corporation)
R2 WinDefend; C:\ProgramData\Microsoft\Windows Defender\platform\4.18.2006.10-0\MsMpEng.exe [104192 2020-07-14] (Microsoft Windows Publisher -> Microsoft Corporation)

===================== Drivers (Whitelisted) ===================

(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)

S3 BthA2dp; C:\WINDOWS\System32\drivers\BthA2dp.sys [231936 2019-09-12] (Microsoft Corporation) [File not signed]
R3 FintekCIR; C:\WINDOWS\system32\DRIVERS\FintekCIR.sys [33064 2013-07-24] (Feature Integration Technology Inc. -> Fintek)
S3 GemCCID; C:\WINDOWS\System32\drivers\GemCCID.sys [130944 2014-11-10] (Microsoft Windows Hardware Compatibility Publisher -> Gemalto)
S3 mvusbews; C:\WINDOWS\System32\Drivers\mvusbews.sys [19968 2012-11-08] (Microsoft Windows Hardware Compatibility Publisher -> Marvell Semiconductor, Inc.)
R3 tap0901; C:\WINDOWS\System32\drivers\tap0901.sys [27136 2016-04-21] (OpenVPN Technologies, Inc. -> The OpenVPN Project)
S0 WdBoot; C:\WINDOWS\System32\drivers\wd\WdBoot.sys [45976 2020-07-14] (Microsoft Windows Early Launch Anti-malware Publisher -> Microsoft Corporation)
R0 WdFilter; C:\WINDOWS\System32\drivers\wd\WdFilter.sys [408816 2020-07-14] (Microsoft Windows -> Microsoft Corporation)
R3 WdNisDrv; C:\WINDOWS\System32\drivers\wd\WdNisDrv.sys [64224 2020-07-14] (Microsoft Windows -> Microsoft Corporation)

==================== NetSvcs (Whitelisted) ===================

(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)


==================== One month (created) ===================

(If an entry is included in the fixlist, the file/folder will be moved.)

2020-07-26 17:34 - 2020-07-26 17:35 - 000018887 _____ C:\Users\Patrik\Desktop\FRST.txt
2020-07-26 17:34 - 2020-07-26 17:35 - 000000000 ____D C:\FRST
2020-07-26 17:33 - 2020-07-26 17:33 - 002295808 _____ (Farbar) C:\Users\Patrik\Desktop\FRST64.exe
2020-07-15 09:59 - 2020-07-15 10:07 - 000000000 ____D C:\Users\Patrik\Desktop\Zaloha 14.07.2020
2020-07-14 23:43 - 2020-07-25 17:48 - 000000000 ____D C:\Program Files (x86)\Mozilla Thunderbird

==================== One month (modified) ==================

(If an entry is included in the fixlist, the file/folder will be moved.)

2020-07-26 17:02 - 2019-03-19 06:52 - 000000000 ____D C:\ProgramData\regid.1991-06.com.microsoft
2020-07-26 16:28 - 2019-08-16 21:11 - 000000000 ____D C:\WINDOWS\system32\SleepStudy
2020-07-25 20:14 - 2019-08-01 00:04 - 000000000 ____D C:\Users\Patrik\AppData\Roaming\vlc
2020-07-25 20:08 - 2019-03-19 06:50 - 000000000 ____D C:\WINDOWS\INF
2020-07-24 21:42 - 2019-08-01 00:02 - 000000916 _____ C:\Users\Public\Desktop\VLC media player.lnk
2020-07-24 21:42 - 2019-08-01 00:02 - 000000916 _____ C:\ProgramData\Desktop\VLC media player.lnk
2020-07-24 20:27 - 2020-01-10 20:17 - 000002430 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Brave.lnk
2020-07-24 20:27 - 2020-01-10 20:17 - 000002389 _____ C:\Users\Public\Desktop\Brave.lnk
2020-07-24 20:27 - 2020-01-10 20:17 - 000002389 _____ C:\ProgramData\Desktop\Brave.lnk
2020-07-24 20:25 - 2020-06-05 09:38 - 000002444 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Microsoft Edge.lnk
2020-07-24 20:25 - 2020-06-05 09:37 - 000002282 _____ C:\Users\Public\Desktop\Microsoft Edge.lnk
2020-07-24 20:25 - 2020-06-05 09:37 - 000002282 _____ C:\ProgramData\Desktop\Microsoft Edge.lnk
2020-07-23 12:58 - 2019-04-28 14:29 - 000000000 ____D C:\Users\Patrik\AppData\LocalLow\Mozilla
2020-07-23 12:33 - 2019-08-16 21:19 - 000003936 _____ C:\WINDOWS\system32\Tasks\CCleaner Update
2020-07-23 12:33 - 2019-04-17 16:53 - 000000863 _____ C:\Users\Public\Desktop\CCleaner.lnk
2020-07-23 12:33 - 2019-04-17 16:53 - 000000863 _____ C:\ProgramData\Desktop\CCleaner.lnk
2020-07-22 21:05 - 2019-03-19 06:52 - 000000000 ___HD C:\Program Files\WindowsApps
2020-07-22 21:05 - 2019-03-19 06:52 - 000000000 ____D C:\WINDOWS\AppReadiness
2020-07-22 00:28 - 2020-03-17 13:53 - 000000000 ____D C:\Users\Patrik\AppData\Roaming\WhatsApp
2020-07-21 12:55 - 2019-04-17 16:52 - 000002313 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Google Chrome.lnk
2020-07-21 12:55 - 2019-04-17 16:52 - 000002272 _____ C:\Users\Public\Desktop\Google Chrome.lnk
2020-07-21 12:55 - 2019-04-17 16:52 - 000002272 _____ C:\ProgramData\Desktop\Google Chrome.lnk
2020-07-21 07:56 - 2019-09-16 11:46 - 000048826 _____ C:\WINDOWS\system32\perfh01B.dat
2020-07-21 07:56 - 2019-09-16 11:46 - 000011968 _____ C:\WINDOWS\system32\perfc01B.dat
2020-07-21 07:56 - 2019-08-16 21:20 - 000884446 _____ C:\WINDOWS\system32\PerfStringBackup.INI
2020-07-20 23:56 - 2019-08-16 21:19 - 000000006 ____H C:\WINDOWS\Tasks\SA.DAT
2020-07-20 23:56 - 2019-08-07 19:53 - 000000000 ____D C:\Program Files (x86)\TeamViewer
2020-07-20 23:56 - 2019-03-19 06:37 - 000262144 _____ C:\WINDOWS\system32\config\BBI
2020-07-20 18:32 - 2020-03-17 13:53 - 000000000 ____D C:\Users\Patrik\AppData\Local\WhatsApp
2020-07-15 20:04 - 2020-06-05 09:37 - 000003574 _____ C:\WINDOWS\system32\Tasks\MicrosoftEdgeUpdateTaskMachineUA
2020-07-15 20:04 - 2020-06-05 09:37 - 000003450 _____ C:\WINDOWS\system32\Tasks\MicrosoftEdgeUpdateTaskMachineCore
2020-07-15 15:49 - 2019-12-05 22:11 - 000000000 ____D C:\Program Files\Mozilla Firefox
2020-07-15 15:49 - 2019-04-28 14:29 - 000001005 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Firefox.lnk
2020-07-15 12:44 - 2019-04-17 20:36 - 000000000 ____D C:\Users\Patrik\AppData\Local\Adobe
2020-07-15 12:39 - 2019-08-16 21:19 - 000004560 _____ C:\WINDOWS\system32\Tasks\Adobe Flash Player PPAPI Notifier
2020-07-15 12:39 - 2019-04-17 19:19 - 000001282 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Mozilla Thunderbird.lnk
2020-07-15 12:39 - 2019-03-19 06:52 - 000000000 ____D C:\WINDOWS\SysWOW64\Macromed
2020-07-15 12:39 - 2019-03-19 06:52 - 000000000 ____D C:\WINDOWS\system32\Macromed
2020-07-15 01:27 - 2019-04-17 16:48 - 000000000 ____D C:\Users\Patrik\AppData\Local\Packages
2020-07-14 23:41 - 2019-08-16 21:19 - 000004562 _____ C:\WINDOWS\system32\Tasks\Adobe Acrobat Update Task
2020-07-14 23:41 - 2019-04-18 10:15 - 000002136 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Acrobat Reader DC.lnk
2020-07-14 23:36 - 2019-04-17 16:41 - 000000000 ____D C:\WINDOWS\system32\Drivers\wd
2020-07-14 23:34 - 2019-08-16 21:11 - 000464168 _____ C:\WINDOWS\system32\FNTCACHE.DAT

==================== SigCheck ============================

(There is no automatic fix for files that do not pass verification.)

==================== End of FRST.txt ========================






Additional scan result of Farbar Recovery Scan Tool (x64) Version: 26-07-2020
Ran by Patrik (26-07-2020 17:36:11)
Running from C:\Users\Patrik\Desktop
Windows 10 Home Version 1909 18363.836 (X64) (2019-08-16 19:20:03)
Boot Mode: Normal
==========================================================


==================== Accounts: =============================

Administrator (S-1-5-21-2643388380-1025555211-3956825347-500 - Administrator - Disabled)
DefaultAccount (S-1-5-21-2643388380-1025555211-3956825347-503 - Limited - Disabled)
Guest (S-1-5-21-2643388380-1025555211-3956825347-501 - Limited - Disabled)
Patrik (S-1-5-21-2643388380-1025555211-3956825347-1001 - Administrator - Enabled) => C:\Users\Patrik
WDAGUtilityAccount (S-1-5-21-2643388380-1025555211-3956825347-504 - Limited - Disabled)

==================== Security Center ========================

(If an entry is included in the fixlist, it will be removed.)

AV: Windows Defender (Enabled - Up to date) {D68DDC3A-831F-4fae-9E44-DA132C1ACF46}
AS: Windows Defender (Enabled - Up to date) {D68DDC3A-831F-4fae-9E44-DA132C1ACF46}

==================== Installed Programs ======================

(Only the adware programs with "Hidden" flag could be added to the fixlist to unhide them. The adware programs should be uninstalled manually.)

Adobe Acrobat Reader DC - Slovak (HKLM-x32\...\{AC76BA86-7AD7-1051-7B44-AC0F074E4100}) (Version: 20.009.20074 - Adobe Systems Incorporated)
Adobe Flash Player 32 PPAPI (HKLM-x32\...\Adobe Flash Player PPAPI) (Version: 32.0.0.403 - Adobe)
Adobe Photoshop CC 2019 (HKLM-x32\...\PHSP_20_0_5) (Version: 20.0.5 - Adobe Systems Incorporated)
Autodesk MapGuide(R) Viewer ActiveX Control Release 6.5 (HKLM-x32\...\{E031338C-839D-4EDD-9537-99B653C39D81}) (Version: 6.5.5.24 - Autodesk, Inc.)
Balík softvéru eID (HKLM-x32\...\{27fcb623-2a19-4570-ab03-96077bc85e1d}) (Version: 1.0.0.0 - Ministerstvo vnútra Slovenskej republiky) Hidden
Balík softvéru eID (HKLM-x32\...\{69aff1f0-e530-4ac2-ab4f-88cb85aef940}) (Version: 1.0.0.0 - Ministerstvo vnútra Slovenskej republiky) Hidden
Bit4id - miniLector (HKLM-x32\...\Bit4id - miniLector) (Version: 3.7 - Bit4id)
Brave (HKLM-x32\...\BraveSoftware Brave-Browser) (Version: 84.1.11.101 - Autori prehliadača Brave)
CCleaner (HKLM\...\CCleaner) (Version: 5.69 - Piriform)
D.Launcher (x86) (HKLM-x32\...\{1401073B-CE49-4251-810F-B27D8AE07463}) (Version: 1.1.0.0 - DITEC, a.s.)
D.Signer/XAdES .NET so zásuvnými modulmi (x86) (HKLM-x32\...\{AC8431AB-196B-4C72-94A7-B7E25DBAF68A}) (Version: 4.0.14 - DITEC, a.s.)
D.Signer/XAdES .NET Tools (x86) (HKLM-x32\...\{9AC462A0-23E1-4DAE-8B8E-A0E45E999A28}) (Version: 4.0.10 - DITEC, a.s.)
D.Suite/eIDAS (x86) (HKLM-x32\...\{74c2a79d-8a49-4adc-9d09-aadded8c7e66}) (Version: 1.0.16 - DITEC, a.s.)
D.Viewer .NET (x86) (HKLM-x32\...\{E9F647D6-D1D1-43D8-883A-54058B67B322}) (Version: 4.0.2026 - DITEC, a.s.)
Disig Web Signer 1.0.7 (HKLM-x32\...\{21859B7E-5E38-4892-A480-FA8B180ADE72}) (Version: 1.1.8 - Disig)
EAC MW klient (HKLM-x32\...\{92879DFD-B281-447B-AC54-ED065B0BBB17}) (Version: 3.3.0 - Ministerstvo vnútra Slovenskej republiky)
GemPcCCID (HKLM\...\{C2C14C20-A217-4FCA-B668-89B6C70B6EFF}) (Version: 2.0.7 - Gemalto)
Google Chrome (HKLM-x32\...\Google Chrome) (Version: 84.0.4147.89 - Google LLC)
Google Update Helper (HKLM-x32\...\{60EC980A-BDA2-4CB6-A427-B07A5498B4CA}) (Version: 1.3.35.451 - Google LLC) Hidden
gpedt.msc 1.0 (HKLM-x32\...\{10B9C608-BF7C-4CCF-A658-C01D969DCA21}_is1) (Version: - Richard)
HP Dropbox Plugin (HKLM-x32\...\{EF65265C-816D-4992-A8CC-C91CDEC9ED33}) (Version: 36.0.102.68541 - HP)
HP EmailSMTP Plugin (HKLM-x32\...\{858E7C53-B406-4798-B4CA-761420FF2B5F}) (Version: 43.0.0.0 - HP)
HP FTP Plugin (HKLM-x32\...\{07DA4F28-63FA-43F7-A554-B159E9A7E649}) (Version: 43.0.0.0 - HP)
HP Google Drive Plugin (HKLM-x32\...\{CF634681-E024-430C-AFF2-B9EE43A7E452}) (Version: 36.0.102.68541 - HP)
HP LaserJet MFP M129-M134 Basic Device Software (HKLM\...\{B162F8E1-52A3-4D42-B119-3580C8D7FC62}) (Version: 44.3.2667.18234 - HP Inc.)
HP OneDrive Plugin (HKLM-x32\...\{1E191DFB-7B91-4B11-AB95-884D59ECE599}) (Version: 36.0.0.0 - HP)
HP SharePoint Plugin (HKLM-x32\...\{1ED7BE66-39E7-4A65-8EEF-68CE80F3416C}) (Version: 43.0.0.0 - HP)
I.R.I.S OCR (HKLM-x32\...\{3913CCF7-436B-4A7A-A265-62E9FFDD03D9}) (Version: 15.2.10.1114 - HP Inc.)
Instant Eyedropper 1.9.1.0 (HKLM-x32\...\Instant Eyedropper_is1) (Version: - Spicebrains)
Intel(R) Management Engine Components (HKLM-x32\...\{65153EA5-8B6E-43B6-857B-C6E4FC25798A}) (Version: 8.1.0.1252 - Intel Corporation)
Java 8 Update 211 (64-bit) (HKLM\...\{26A24AE4-039D-4CA4-87B4-2F64180211F0}) (Version: 8.0.2110.12 - Oracle Corporation)
LAME v3.99.3 (for Windows) (HKLM-x32\...\LAME_is1) (Version: - )
LibreOffice 6.4.1.2 (HKLM\...\{F420EC75-FB16-4786-951E-67CAC0FB9B86}) (Version: 6.4.1.2 - The Document Foundation)
LM129 (HKLM-x32\...\{A2D25501-6F44-4CE2-9EFA-C9E5A0658FA9}) (Version: 0.00.0005 - HP)
Microsoft Edge (HKLM-x32\...\Microsoft Edge) (Version: 84.0.522.44 - Microsoft Corporation)
Microsoft Edge Update (HKLM-x32\...\Microsoft Edge Update) (Version: 1.3.133.5 - )
Microsoft Visual C++ 2005 Redistributable (HKLM-x32\...\{7299052b-02a4-4627-81f2-1818da5d550d}) (Version: 8.0.56336 - Microsoft Corporation)
Microsoft Visual C++ 2005 Redistributable (x64) (HKLM\...\{071c9b48-7c32-4621-a0ac-3f809523288f}) (Version: 8.0.56336 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x64 9.0.30729.17 (HKLM\...\{8220EEFE-38CD-377E-8595-13398D740ACE}) (Version: 9.0.30729 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x64 9.0.30729.6161 (HKLM\...\{5FCE6D76-F5DC-37AB-B2B8-22AB8CEDB1D4}) (Version: 9.0.30729.6161 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.17 (HKLM-x32\...\{9A25302D-30C0-39D9-BD6F-21E6EC160475}) (Version: 9.0.30729 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.6161 (HKLM-x32\...\{9BE518E6-ECC6-35A9-88E4-87755C07200F}) (Version: 9.0.30729.6161 - Microsoft Corporation)
Microsoft Visual C++ 2010 x64 Redistributable - 10.0.40219 (HKLM\...\{1D8E6291-B0D5-35EC-8441-6616F567A0F7}) (Version: 10.0.40219 - Microsoft Corporation)
Microsoft Visual C++ 2010 x86 Redistributable - 10.0.40219 (HKLM-x32\...\{F0C3E5D1-1ADE-321E-8167-68EF0DE699A5}) (Version: 10.0.40219 - Microsoft Corporation)
Microsoft Visual C++ 2012 Redistributable (x64) - 11.0.61030 (HKLM-x32\...\{ca67548a-5ebe-413a-b50c-4b9ceb6d66c6}) (Version: 11.0.61030.0 - Microsoft Corporation)
Microsoft Visual C++ 2012 Redistributable (x86) - 11.0.61030 (HKLM-x32\...\{33d1fd90-4274-48a1-9bc1-97e33d9c2d6f}) (Version: 11.0.61030.0 - Microsoft Corporation)
Microsoft Visual C++ 2013 Redistributable (x64) - 12.0.21005 (HKLM-x32\...\{7f51bdb9-ee21-49ee-94d6-90afc321780e}) (Version: 12.0.21005.1 - Microsoft Corporation)
Microsoft Visual C++ 2013 Redistributable (x64) - 12.0.40660 (HKLM-x32\...\{ef6b00ec-13e1-4c25-9064-b2f383cb8412}) (Version: 12.0.40660.0 - Microsoft Corporation)
Microsoft Visual C++ 2013 Redistributable (x86) - 12.0.21005 (HKLM-x32\...\{ce085a78-074e-4823-8dc1-8a721b94b76d}) (Version: 12.0.21005.1 - Microsoft Corporation)
Microsoft Visual C++ 2013 Redistributable (x86) - 12.0.40660 (HKLM-x32\...\{61087a79-ac85-455c-934d-1fa22cc64f36}) (Version: 12.0.40660.0 - Microsoft Corporation)
Microsoft Visual C++ 2017 Redistributable (x64) - 14.15.26706 (HKLM-x32\...\{95ac1cfa-f4fb-4d1b-8912-7f9d5fbb140d}) (Version: 14.15.26706.0 - Microsoft Corporation)
Microsoft Visual C++ 2017 Redistributable (x86) - 14.15.26706 (HKLM-x32\...\{7e9fae12-5bbf-47fb-b944-09c49e75c061}) (Version: 14.15.26706.0 - Microsoft Corporation)
Mozilla Firefox 78.0.2 (x64 sk) (HKLM\...\Mozilla Firefox 78.0.2 (x64 sk)) (Version: 78.0.2 - Mozilla)
Mozilla Thunderbird 68.10.0 (x86 sk) (HKLM-x32\...\Mozilla Thunderbird 68.10.0 (x86 sk)) (Version: 68.10.0 - Mozilla)
MP3 Joiner Pro 5.0.0 (HKLM-x32\...\C9C71225-0456-4596-AC3B-84FCDB9AB04C_is1) (Version: - Accmeware Corporation)
NVIDIA Grafický ovládač 337.88 (HKLM\...\{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_Display.Driver) (Version: 337.88 - NVIDIA Corporation)
NVIDIA Ovládač zvuku HD 1.3.30.1 (HKLM\...\{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_HDAudio.Driver) (Version: 1.3.30.1 - NVIDIA Corporation)
oCam 버전 515.0 (HKLM-x32\...\oCam_is1) (Version: 515.0 - hxxp://ohsoft.net/)
Ovládací panel NVIDIA 337.88 (HKLM\...\{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_Display.ControlPanel) (Version: 337.88 - NVIDIA Corporation) Hidden
TAP-Windows 9.21.2 (HKLM\...\TAP-Windows) (Version: 9.21.2 - )
TeamViewer (HKLM-x32\...\TeamViewer) (Version: 15.6.7 - TeamViewer)
Total Commander 64-bit (Remove or Repair) (HKLM\...\Totalcmd64) (Version: 9.22a - Ghisler Software GmbH)
VLC media player (HKLM\...\VLC media player) (Version: 3.0.11 - VideoLAN)
Vulkan Run Time Libraries 1.0.65.0 (HKLM\...\VulkanRT1.0.65.0) (Version: 1.0.65.0 - LunarG, Inc.) Hidden
Vypínač na dobrou noc verze 2.0 (HKLM-x32\...\Vypínač na dobrou noc_is1) (Version: - )
WhatsApp (HKU\S-1-5-21-2643388380-1025555211-3956825347-1001\...\WhatsApp) (Version: 2.2029.4 - WhatsApp)
WinRAR 5.71 (32-bitová verzia) (HKLM-x32\...\WinRAR archiver) (Version: 5.71.0 - win.rar GmbH)

Packages:
=========
BreeZip -> C:\Program Files\WindowsApps\3138AweZip.AweZip_1.3.18.0_x86__ffd303wmbhcjt [2020-07-18] (BreeZip) [MS Ad]
HP Smart -> C:\Program Files\WindowsApps\AD2F1837.HPPrinterControl_115.1.152.0_x64__v10z8vjag6ke6 [2020-05-28] (HP Inc.)
Microsoft Advertising SDK for XAML -> C:\Program Files\WindowsApps\Microsoft.Advertising.Xaml_10.1811.1.0_x64__8wekyb3d8bbwe [2019-09-10] (Microsoft Corporation) [MS Ad]
Microsoft Advertising SDK for XAML -> C:\Program Files\WindowsApps\Microsoft.Advertising.Xaml_10.1811.1.0_x86__8wekyb3d8bbwe [2019-09-10] (Microsoft Corporation) [MS Ad]
RAR Opener -> C:\Program Files\WindowsApps\DeviceDoctor.RAROpener_1.3.48.0_x64__mkdtfchztkfbm [2019-09-10] (Tiny Opener)

==================== Custom CLSID (Whitelisted): ==============

(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)

ShellIconOverlayIdentifiers: [ OneDrive1] -> {BBACC218-34EA-4666-9D7A-C78F2274A524} => -> No File
ShellIconOverlayIdentifiers: [ OneDrive2] -> {5AB7172C-9C11-405C-8DD5-AF20F3606282} => -> No File
ShellIconOverlayIdentifiers: [ OneDrive3] -> {A78ED123-AB77-406B-9962-2A5D9D2F7F30} => -> No File
ShellIconOverlayIdentifiers: [ OneDrive4] -> {F241C880-6982-4CE5-8CF7-7085BA96DA5A} => -> No File
ShellIconOverlayIdentifiers: [ OneDrive5] -> {A0396A93-DC06-4AEF-BEE9-95FFCCAEF20E} => -> No File
ShellIconOverlayIdentifiers: [ OneDrive6] -> {9AA2F32D-362A-42D9-9328-24A483E2CCC3} => -> No File
ShellIconOverlayIdentifiers: [ OneDrive7] -> {C5FF006E-2AE9-408C-B85B-2DFDD5449D9C} => -> No File
ShellIconOverlayIdentifiers-x32: [ OneDrive1] -> {BBACC218-34EA-4666-9D7A-C78F2274A524} => -> No File
ShellIconOverlayIdentifiers-x32: [ OneDrive2] -> {5AB7172C-9C11-405C-8DD5-AF20F3606282} => -> No File
ShellIconOverlayIdentifiers-x32: [ OneDrive3] -> {A78ED123-AB77-406B-9962-2A5D9D2F7F30} => -> No File
ShellIconOverlayIdentifiers-x32: [ OneDrive4] -> {F241C880-6982-4CE5-8CF7-7085BA96DA5A} => -> No File
ShellIconOverlayIdentifiers-x32: [ OneDrive5] -> {A0396A93-DC06-4AEF-BEE9-95FFCCAEF20E} => -> No File
ShellIconOverlayIdentifiers-x32: [ OneDrive6] -> {9AA2F32D-362A-42D9-9328-24A483E2CCC3} => -> No File
ShellIconOverlayIdentifiers-x32: [ OneDrive7] -> {C5FF006E-2AE9-408C-B85B-2DFDD5449D9C} => -> No File
ContextMenuHandlers1: [WinRAR] -> {B41DB860-64E4-11D2-9906-E49FADC173CA} => C:\Program Files (x86)\WinRAR\rarext64.dll [2019-04-27] (win.rar GmbH -> Alexander Roshal)
ContextMenuHandlers1-x32: [WinRAR32] -> {B41DB860-8EE4-11D2-9906-E49FADC173CA} => C:\Program Files (x86)\WinRAR\rarext.dll [2019-04-27] (win.rar GmbH -> Alexander Roshal)
ContextMenuHandlers5: [NvCplDesktopContext] -> {3D1975AF-48C6-4f8e-A182-BE0E08FA86A9} => C:\WINDOWS\system32\nvshext.dll [2014-05-20] (NVIDIA Corporation -> NVIDIA Corporation)
ContextMenuHandlers6: [WinRAR] -> {B41DB860-64E4-11D2-9906-E49FADC173CA} => C:\Program Files (x86)\WinRAR\rarext64.dll [2019-04-27] (win.rar GmbH -> Alexander Roshal)
ContextMenuHandlers6-x32: [WinRAR32] -> {B41DB860-8EE4-11D2-9906-E49FADC173CA} => C:\Program Files (x86)\WinRAR\rarext.dll [2019-04-27] (win.rar GmbH -> Alexander Roshal)

==================== Codecs (Whitelisted) ====================

==================== Shortcuts & WMI ========================

==================== Loaded Modules (Whitelisted) =============

2019-04-18 10:46 - 2012-09-29 13:25 - 000074240 _____ () [File not signed] C:\WINDOWS\system32\spool\PRTPROCS\x64\HPM1210PP.dll

==================== Alternate Data Streams (Whitelisted) ========

==================== Safe Mode (Whitelisted) ==================

==================== Association (Whitelisted) =================

==================== Internet Explorer trusted/restricted ==========

==================== Hosts content: =========================

(If needed Hosts: directive could be included in the fixlist to reset Hosts.)

2018-09-15 09:31 - 2018-09-15 09:31 - 000000824 _____ C:\WINDOWS\system32\drivers\etc\hosts

==================== Other Areas ===========================

(Currently there is no automatic fix for this section.)

HKLM\System\CurrentControlSet\Control\Session Manager\Environment\\Path -> C:\Program Files (x86)\NVIDIA Corporation\PhysX\Common;C:\Program Files (x86)\Intel\iCLS Client\;C:\Program Files\Intel\iCLS Client\;C:\Program Files (x86)\Common Files\Oracle\Java\javapath;C:\WINDOWS\system32;C:\WINDOWS;C:\WINDOWS\System32\Wbem;C:\WINDOWS\System32\WindowsPowerShell\v1.0\;C:\WINDOWS\System32\OpenSSH\;C:\Program Files (x86)\HP\IdrsOCR_15.2.10.1114\;C:\Program Files (x86)\EAC MW klient\
HKU\S-1-5-21-2643388380-1025555211-3956825347-1001\Control Panel\Desktop\\Wallpaper -> c:\windows\web\wallpaper\windows\img0.jpg
DNS Servers: 192.168.1.1
HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Policies\System => (ConsentPromptBehaviorAdmin: 5) (ConsentPromptBehaviorUser: 3) (EnableLUA: 1)
HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer => (SmartScreenEnabled: )
Windows Firewall is enabled.

==================== MSCONFIG/TASK MANAGER disabled items ==

(If an entry is included in the fixlist, it will be removed.)

MSCONFIG\Services: AdobeARMservice => 2
MSCONFIG\Services: AdobeFlashPlayerUpdateSvc => 3
MSCONFIG\Services: dLauncherLoopback => 2
MSCONFIG\Services: GoogleChromeElevationService => 3
MSCONFIG\Services: gupdate => 2
MSCONFIG\Services: gupdatem => 3
MSCONFIG\Services: LMS => 2
MSCONFIG\Services: MozillaMaintenance => 3
MSCONFIG\Services: NvNetworkService => 2
MSCONFIG\Services: NvStreamSvc => 2
MSCONFIG\Services: nvsvc => 2
MSCONFIG\Services: Stereo Service => 2
MSCONFIG\Services: UNS => 2
HKLM\...\StartupApproved\Run: => "SecurityHealth"
HKU\S-1-5-21-2643388380-1025555211-3956825347-1001\...\StartupApproved\Run: => "CCleaner Smart Cleaning"

==================== FirewallRules (Whitelisted) ================

(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)

FirewallRules: [UDP Query User{CC248DDB-4E30-47DE-847A-320DE0FBD583}C:\totalcmd\totalcmd64.exe] => (Allow) C:\totalcmd\totalcmd64.exe (Ghisler Software GmbH -> Ghisler Software GmbH)
FirewallRules: [TCP Query User{B37602F9-3728-44C4-8F53-961E67750EDE}C:\totalcmd\totalcmd64.exe] => (Allow) C:\totalcmd\totalcmd64.exe (Ghisler Software GmbH -> Ghisler Software GmbH)
FirewallRules: [{BC752B4B-CFD4-4F98-AAF6-80C0D59302C7}] => (Allow) C:\Program Files\Mozilla Firefox\firefox.exe (Mozilla Corporation -> Mozilla Corporation)
FirewallRules: [{F3403402-CB03-4E04-A2B3-85A9162A641B}] => (Allow) C:\Program Files\Mozilla Firefox\firefox.exe (Mozilla Corporation -> Mozilla Corporation)
FirewallRules: [TCP Query User{8B0FF414-35D0-47DF-B867-6F6E8EFACC3C}C:\users\patrik\appdata\roaming\xiaomi\miphonemanager\plugin\xunlei\download\minithunderplatform.exe] => (Allow) C:\users\patrik\appdata\roaming\xiaomi\miphonemanager\plugin\xunlei\download\minithunderplatform.exe (ShenZhen Thunder Networking Technologies Ltd. -> 深圳市迅雷网络技术有限公司)
FirewallRules: [UDP Query User{60BB24B9-A496-48FF-A905-E9CC064239C3}C:\users\patrik\appdata\roaming\xiaomi\miphonemanager\plugin\xunlei\download\minithunderplatform.exe] => (Allow) C:\users\patrik\appdata\roaming\xiaomi\miphonemanager\plugin\xunlei\download\minithunderplatform.exe (ShenZhen Thunder Networking Technologies Ltd. -> 深圳市迅雷网络技术有限公司)
FirewallRules: [TCP Query User{7918A027-B936-47F9-87DB-0AD988E5233C}C:\users\patrik\appdata\roaming\xiaomi\miphonemanager\plugin\xunlei\download\minithunderplatform.exe] => (Allow) C:\users\patrik\appdata\roaming\xiaomi\miphonemanager\plugin\xunlei\download\minithunderplatform.exe (ShenZhen Thunder Networking Technologies Ltd. -> 深圳市迅雷网络技术有限公司)
FirewallRules: [UDP Query User{503C161F-9381-4027-BE20-FE76B7D546D1}C:\users\patrik\appdata\roaming\xiaomi\miphonemanager\plugin\xunlei\download\minithunderplatform.exe] => (Allow) C:\users\patrik\appdata\roaming\xiaomi\miphonemanager\plugin\xunlei\download\minithunderplatform.exe (ShenZhen Thunder Networking Technologies Ltd. -> 深圳市迅雷网络技术有限公司)
FirewallRules: [{CE654000-87B8-4B0F-82C4-A7DD235409DC}] => (Allow) C:\Program Files\HP\HP LaserJet MFP M129-M134\bin\EWSProxy.exe (Hewlett Packard -> HP Inc.)
FirewallRules: [{DAD6A5E6-1E31-4BB9-ABAA-5ACE7EE1C008}] => (Allow) C:\Program Files\HP\HP LaserJet MFP M129-M134\Bin\DeviceSetup.exe (Hewlett Packard -> HP Inc.)
FirewallRules: [{03C2ECD6-C5BF-49FA-A312-A92E939A6205}] => (Allow) LPort=5357
FirewallRules: [{79A33302-8719-4112-87B6-3973296579C7}] => (Allow) C:\Program Files\HP\HP LaserJet MFP M129-M134\Bin\HPNetworkCommunicatorCom.exe (Hewlett Packard -> HP Inc.)
FirewallRules: [{FE3F8130-556C-4A8A-AB2A-95228799C92E}] => (Allow) C:\Program Files\HP\HP LaserJet MFP M129-M134\bin\DigitalWizards.exe (Hewlett Packard -> HP Inc.)
FirewallRules: [{EC9F32A1-0BFD-47C8-BB5A-BE566225B692}] => (Allow) C:\Program Files\HP\HP LaserJet MFP M129-M134\bin\FaxPrinterUtility.exe (Hewlett Packard -> HP Inc.)
FirewallRules: [TCP Query User{BECA5655-ABDD-42A4-9BFD-B1A1F9381143}C:\program files\videolan\vlc\vlc.exe] => (Allow) C:\program files\videolan\vlc\vlc.exe (VideoLAN -> VideoLAN)
FirewallRules: [UDP Query User{9518FCD2-C736-4FC6-B224-451502842DC2}C:\program files\videolan\vlc\vlc.exe] => (Allow) C:\program files\videolan\vlc\vlc.exe (VideoLAN -> VideoLAN)
FirewallRules: [{7830D4FD-A2AB-4E5B-93A3-10C536124849}] => (Allow) C:\Program Files (x86)\TeamViewer\TeamViewer.exe (TeamViewer Germany GmbH -> TeamViewer Germany GmbH)
FirewallRules: [{3CAEF230-55C7-4E63-BBDD-E85EFAB5E117}] => (Allow) C:\Program Files (x86)\TeamViewer\TeamViewer.exe (TeamViewer Germany GmbH -> TeamViewer Germany GmbH)
FirewallRules: [{E05A92D0-492D-4D28-85A7-75C8BA046A8A}] => (Allow) C:\Program Files (x86)\TeamViewer\TeamViewer_Service.exe (TeamViewer Germany GmbH -> TeamViewer Germany GmbH)
FirewallRules: [{6350C711-86A9-48F2-9C1D-30812A76F352}] => (Allow) C:\Program Files (x86)\TeamViewer\TeamViewer_Service.exe (TeamViewer Germany GmbH -> TeamViewer Germany GmbH)
FirewallRules: [{55CE4727-E4CC-411E-9836-C9FFA53FB1D8}] => (Allow) C:\Program Files\WindowsApps\Microsoft.SkypeApp_15.61.100.0_x86__kzf8qxf38zg5c\Skype\Skype.exe (Skype Software Sarl -> Skype Technologies S.A.)
FirewallRules: [{336822F4-270C-4BF1-A19D-4F308E66A183}] => (Allow) C:\Program Files\WindowsApps\Microsoft.SkypeApp_15.61.100.0_x86__kzf8qxf38zg5c\Skype\Skype.exe (Skype Software Sarl -> Skype Technologies S.A.)
FirewallRules: [{C9D93DEB-201D-4095-9F0E-44BD6AB23DD9}] => (Allow) C:\Program Files\WindowsApps\Microsoft.SkypeApp_15.61.100.0_x86__kzf8qxf38zg5c\Skype\Skype.exe (Skype Software Sarl -> Skype Technologies S.A.)
FirewallRules: [{C3B6014E-A3A9-4F98-B288-EDB912A5B6AC}] => (Allow) C:\Program Files\WindowsApps\Microsoft.SkypeApp_15.61.100.0_x86__kzf8qxf38zg5c\Skype\Skype.exe (Skype Software Sarl -> Skype Technologies S.A.)
FirewallRules: [{6A0C36D4-17D1-482E-B98C-E72C3E3D496C}] => (Allow) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe (Google LLC -> Google LLC)
FirewallRules: [{CC360892-35E0-4E15-B259-19F2F65A38AF}] => (Allow) C:\Program Files (x86)\BraveSoftware\Brave-Browser\Application\brave.exe (Brave Software, Inc. -> Brave Software, Inc.)

==================== Restore Points =========================

15-06-2020 10:45:33 Scheduled Checkpoint
15-07-2020 02:30:44 Scheduled Checkpoint
25-07-2020 15:55:17 Scheduled Checkpoint

==================== Faulty Device Manager Devices ============


==================== Event log errors: ========================

Application errors:
==================
Error: (07/26/2020 05:09:49 PM) (Source: ESENT) (EventID: 455) (User: )
Description: svchost (2064,R,98) TILEREPOSITORYS-1-5-18: Error -1023 (0xfffffc01) occurred while opening logfile C:\WINDOWS\system32\config\systemprofile\AppData\Local\TileDataLayer\Database\EDB.log.

Error: (07/26/2020 10:23:03 AM) (Source: ESENT) (EventID: 455) (User: )
Description: svchost (6364,R,98) TILEREPOSITORYS-1-5-18: Error -1023 (0xfffffc01) occurred while opening logfile C:\WINDOWS\system32\config\systemprofile\AppData\Local\TileDataLayer\Database\EDB.log.

Error: (07/25/2020 01:24:27 PM) (Source: ESENT) (EventID: 455) (User: )
Description: svchost (10668,R,98) TILEREPOSITORYS-1-5-18: Error -1023 (0xfffffc01) occurred while opening logfile C:\WINDOWS\system32\config\systemprofile\AppData\Local\TileDataLayer\Database\EDB.log.

Error: (07/25/2020 10:17:14 AM) (Source: ESENT) (EventID: 455) (User: )
Description: svchost (9676,R,98) TILEREPOSITORYS-1-5-18: Error -1023 (0xfffffc01) occurred while opening logfile C:\WINDOWS\system32\config\systemprofile\AppData\Local\TileDataLayer\Database\EDB.log.

Error: (07/24/2020 09:52:02 PM) (Source: ESENT) (EventID: 455) (User: )
Description: svchost (6108,R,98) TILEREPOSITORYS-1-5-18: Error -1023 (0xfffffc01) occurred while opening logfile C:\WINDOWS\system32\config\systemprofile\AppData\Local\TileDataLayer\Database\EDB.log.

Error: (07/24/2020 05:50:52 PM) (Source: ESENT) (EventID: 455) (User: )
Description: svchost (2584,R,98) TILEREPOSITORYS-1-5-18: Error -1023 (0xfffffc01) occurred while opening logfile C:\WINDOWS\system32\config\systemprofile\AppData\Local\TileDataLayer\Database\EDB.log.

Error: (07/24/2020 09:56:07 AM) (Source: ESENT) (EventID: 455) (User: )
Description: svchost (5884,R,98) TILEREPOSITORYS-1-5-18: Error -1023 (0xfffffc01) occurred while opening logfile C:\WINDOWS\system32\config\systemprofile\AppData\Local\TileDataLayer\Database\EDB.log.

Error: (07/23/2020 11:12:37 PM) (Source: ESENT) (EventID: 455) (User: )
Description: svchost (5544,R,98) TILEREPOSITORYS-1-5-18: Error -1023 (0xfffffc01) occurred while opening logfile C:\WINDOWS\system32\config\systemprofile\AppData\Local\TileDataLayer\Database\EDB.log.


System errors:
=============
Error: (07/23/2020 12:44:09 PM) (Source: DCOM) (EventID: 10000) (User: DESKTOP-0VE0488)
Description: Unable to start a DCOM Server: {0358B920-0AC7-461F-98F4-58E32CD89148}. The error:
"2147942767"
Happened while starting this command:
C:\WINDOWS\system32\DllHost.exe /Processid:{3EB3C877-1F16-487C-9050-104DBCD66683}

Error: (07/15/2020 12:36:43 PM) (Source: EventLog) (EventID: 6008) (User: )
Description: The previous system shutdown at 11:51:50 on ‎15. ‎7. ‎2020 was unexpected.

Error: (07/14/2020 11:34:32 PM) (Source: EventLog) (EventID: 6008) (User: )
Description: The previous system shutdown at 21:53:31 on ‎21. ‎6. ‎2020 was unexpected.

Error: (06/21/2020 10:24:23 PM) (Source: DCOM) (EventID: 10000) (User: DESKTOP-0VE0488)
Description: Unable to start a DCOM Server: {0358B920-0AC7-461F-98F4-58E32CD89148}. The error:
"2147942767"
Happened while starting this command:
C:\WINDOWS\system32\DllHost.exe /Processid:{3EB3C877-1F16-487C-9050-104DBCD66683}

Error: (06/21/2020 10:22:40 PM) (Source: DCOM) (EventID: 10000) (User: DESKTOP-0VE0488)
Description: Unable to start a DCOM Server: {0358B920-0AC7-461F-98F4-58E32CD89148}. The error:
"2147942767"
Happened while starting this command:
C:\WINDOWS\system32\DllHost.exe /Processid:{3EB3C877-1F16-487C-9050-104DBCD66683}

Error: (06/18/2020 01:37:14 PM) (Source: EventLog) (EventID: 6008) (User: )
Description: The previous system shutdown at 11:26:21 on ‎18. ‎6. ‎2020 was unexpected.

Error: (06/11/2020 03:20:12 PM) (Source: DCOM) (EventID: 10000) (User: DESKTOP-0VE0488)
Description: Unable to start a DCOM Server: {0358B920-0AC7-461F-98F4-58E32CD89148}. The error:
"2147942767"
Happened while starting this command:
C:\WINDOWS\system32\DllHost.exe /Processid:{3EB3C877-1F16-487C-9050-104DBCD66683}

Error: (06/07/2020 06:02:04 PM) (Source: EventLog) (EventID: 6008) (User: )
Description: The previous system shutdown at 17:47:16 on ‎7. ‎6. ‎2020 was unexpected.


Windows Defender:
===================================
Date: 2020-06-19 12:14:00.471
Description:
Windows Defender Antivirus scan has been stopped before completion.
Scan ID: {C888D315-E218-4160-A7A6-ED917EDC03B8}
Scan Type: Antimalware
Scan Parameters: Quick Scan

Date: 2020-06-17 10:13:40.171
Description:
Windows Defender Antivirus scan has been stopped before completion.
Scan ID: {990BB433-CB5B-4429-B62F-C18195BB3DFD}
Scan Type: Antimalware
Scan Parameters: Quick Scan

Date: 2020-06-09 17:10:48.096
Description:
Windows Defender Antivirus scan has been stopped before completion.
Scan ID: {55460A71-8F57-42A1-B136-81826AD2A619}
Scan Type: Antimalware
Scan Parameters: Quick Scan

Date: 2020-06-08 13:40:46.436
Description:
Windows Defender Antivirus scan has been stopped before completion.
Scan ID: {503F555D-022A-4652-99AA-AA0EC08BC653}
Scan Type: Antimalware
Scan Parameters: Quick Scan

Date: 2020-06-08 12:44:24.932
Description:
Windows Defender Antivirus scan has been stopped before completion.
Scan ID: {720821AF-AE4E-42DC-ADEA-45F104758DBB}
Scan Type: Antimalware
Scan Parameters: Quick Scan

Date: 2020-07-14 23:34:50.806
Description:
Windows Defender Antivirus has encountered an error trying to update security intelligence.
New security intelligence Version:
Previous security intelligence Version: 1.317.1860.0
Update Source: Microsoft Malware Protection Center
Security intelligence Type: AntiVirus
Update Type: Full
Current Engine Version:
Previous Engine Version: 1.1.17100.2
Error code: 0x80072ee7
Error description: The server name or address could not be resolved

Date: 2020-07-14 23:34:50.806
Description:
Windows Defender Antivirus has encountered an error trying to update security intelligence.
New security intelligence Version:
Previous security intelligence Version: 1.317.1860.0
Update Source: Microsoft Malware Protection Center
Security intelligence Type: AntiSpyware
Update Type: Full
Current Engine Version:
Previous Engine Version: 1.1.17100.2
Error code: 0x80072ee7
Error description: The server name or address could not be resolved

Date: 2020-07-14 23:34:50.805
Description:
Windows Defender Antivirus has encountered an error trying to update security intelligence.
New security intelligence Version:
Previous security intelligence Version: 1.317.1860.0
Update Source: Microsoft Malware Protection Center
Security intelligence Type: AntiVirus
Update Type: Full
Current Engine Version:
Previous Engine Version: 1.1.17100.2
Error code: 0x80072ee7
Error description: The server name or address could not be resolved

Date: 2020-07-14 23:34:50.795
Description:
Windows Defender Antivirus has encountered an error trying to update security intelligence.
New security intelligence Version:
Previous security intelligence Version: 1.317.1860.0
Update Source: Microsoft Malware Protection Center
Security intelligence Type: AntiVirus
Update Type: Full
Current Engine Version:
Previous Engine Version: 1.1.17100.2
Error code: 0x80072ee7
Error description: The server name or address could not be resolved

Date: 2020-07-14 23:34:50.794
Description:
Windows Defender Antivirus has encountered an error trying to update security intelligence.
New security intelligence Version:
Previous security intelligence Version: 1.317.1860.0
Update Source: Microsoft Malware Protection Center
Security intelligence Type: AntiSpyware
Update Type: Full
Current Engine Version:
Previous Engine Version: 1.1.17100.2
Error code: 0x80072ee7
Error description: The server name or address could not be resolved

CodeIntegrity:
===================================

Date: 2019-08-18 08:56:13.932
Description:
Code Integrity determined that a process (\Device\HarddiskVolume2\Program Files (x86)\Google\Chrome\Application\chrome.exe) attempted to load \Device\HarddiskVolume2\Windows\System32\nvspcap64.dll that did not meet the Microsoft signing level requirements.

Date: 2019-08-18 08:56:13.917
Description:
Code Integrity determined that a process (\Device\HarddiskVolume2\Program Files (x86)\Google\Chrome\Application\chrome.exe) attempted to load \Device\HarddiskVolume2\Windows\System32\nvspcap64.dll that did not meet the Microsoft signing level requirements.

Date: 2019-08-18 08:55:58.322
Description:
Code Integrity determined that a process (\Device\HarddiskVolume2\Program Files (x86)\Google\Chrome\Application\chrome.exe) attempted to load \Device\HarddiskVolume2\Windows\System32\nvspcap64.dll that did not meet the Microsoft signing level requirements.

Date: 2019-08-18 08:55:58.306
Description:
Code Integrity determined that a process (\Device\HarddiskVolume2\Program Files (x86)\Google\Chrome\Application\chrome.exe) attempted to load \Device\HarddiskVolume2\Windows\System32\nvspcap64.dll that did not meet the Microsoft signing level requirements.

==================== Memory info ===========================

BIOS: American Megatrends Inc. EAC71130 03/14/2011
Motherboard: MICRO-STAR INTERNATIONAL CO.,LTD MS-AC71
Processor: Intel(R) Core(TM) i3-2100 CPU @ 3.10GHz
Percentage of memory in use: 59%
Total physical RAM: 8174.64 MB
Available physical RAM: 3301.48 MB
Total Virtual: 9454.64 MB
Available Virtual: 3041.54 MB

==================== Drives ================================

Drive c: () (Fixed) (Total:222.53 GB) (Free:168.93 GB) NTFS

\\?\Volume{d25b8eee-0000-0000-0000-100000000000}\ (Vyhradené systémom) (Fixed) (Total:0.54 GB) (Free:0.5 GB) NTFS
\\?\Volume{d25b8eee-0000-0000-0000-10c437000000}\ () (Fixed) (Total:0.5 GB) (Free:0.08 GB) NTFS

==================== MBR & Partition Table ====================

==========================================================
Disk: 0 (MBR Code: Windows 7/8/10) (Size: 223.6 GB) (Disk ID: D25B8EEE)
Partition 1: (Active) - (Size=549 MB) - (Type=07 NTFS)
Partition 2: (Not Active) - (Size=222.5 GB) - (Type=07 NTFS)
Partition 3: (Not Active) - (Size=517 MB) - (Type=27)

==================== End of Addition.txt =======================

Teď spusťte tuto utilitu:

Ulozte na plochu AdwCleaner https://malwarebytes.com/adwcleaner/ nebo http://www.bleepingcomputer.com/download/adwcleaner/

ukoncete vsechny programy
odsouhlaste licencni podmiky (EULA) klikem na Souhlasim
kliknete pravym na ikonu AdwCleaneru a vyberte Spustit jako spravce (v pripade Win XP spustte obycejne dvojklikem)
kliknete na Skenovat nyni (Scan now), pote na Cisteni a opravy (Clean and Repair)
po restartu na Vas vyskoci log (pripadne jej najdete v C:\AdwCleaner\Logs\AdwCleaner[Cxx].txt), jehoz obsah zkopirujte do pristi odpovedi

Nenašlo nič

# -------------------------------
# Malwarebytes AdwCleaner 8.0.7.0
# -------------------------------
# Build: 07-22-2020
# Database: 2020-07-20.1 (Cloud)
# Support: https://www.malwarebytes.com/support
#
# -------------------------------
# Mode: Scan
# -------------------------------
# Start: 07-26-2020
# Duration: 00:00:25
# OS: Windows 10 Home
# Scanned: 31837
# Detected: 0


***** [ Services ] *****

No malicious services found.

***** [ Folders ] *****

No malicious folders found.

***** [ Files ] *****

No malicious files found.

***** [ DLL ] *****

No malicious DLLs found.

***** [ WMI ] *****

No malicious WMI found.

***** [ Shortcuts ] *****

No malicious shortcuts found.

***** [ Tasks ] *****

No malicious tasks found.

***** [ Registry ] *****

No malicious registry entries found.

***** [ Chromium (and derivatives) ] *****

No malicious Chromium entries found.

***** [ Chromium URLs ] *****

No malicious Chromium URLs found.

***** [ Firefox (and derivatives) ] *****

No malicious Firefox entries found.

***** [ Firefox URLs ] *****

No malicious Firefox URLs found.

***** [ Hosts File Entries ] *****

No malicious hosts file entries found.

***** [ Preinstalled Software ] *****

No Preinstalled Software found.


AdwCleaner[S00].txt - [1406 octets] - [26/07/2020 19:00:21]
AdwCleaner[S01].txt - [1467 octets] - [26/07/2020 19:01:30]

########## EOF - C:\AdwCleaner\Logs\AdwCleaner[S02].txt ##########

Toto je OK. Otevřte poznámkový blok a zkopírujte do něj:

Start

CloseProcesses:
Task: {19475FD5-F18C-47BA-AF74-DF57EFDABB3C} - System32\Tasks\GoogleUpdateTaskMachineUA => C:\Program Files (x86)\Google\Update\GoogleUpdate.exe [156456 2019-04-17] (Google Inc -> Google LLC)
Task: {C8EDABE8-D6B9-4924-A3FC-1A200FFE1887} - System32\Tasks\GoogleUpdateTaskMachineCore => C:\Program Files (x86)\Google\Update\GoogleUpdate.exe [156456 2019-04-17] (Google Inc -> Google LLC)
ShellIconOverlayIdentifiers: [ OneDrive1] -> {BBACC218-34EA-4666-9D7A-C78F2274A524} => -> No File
ShellIconOverlayIdentifiers: [ OneDrive2] -> {5AB7172C-9C11-405C-8DD5-AF20F3606282} => -> No File
ShellIconOverlayIdentifiers: [ OneDrive3] -> {A78ED123-AB77-406B-9962-2A5D9D2F7F30} => -> No File
ShellIconOverlayIdentifiers: [ OneDrive4] -> {F241C880-6982-4CE5-8CF7-7085BA96DA5A} => -> No File
ShellIconOverlayIdentifiers: [ OneDrive5] -> {A0396A93-DC06-4AEF-BEE9-95FFCCAEF20E} => -> No File
ShellIconOverlayIdentifiers: [ OneDrive6] -> {9AA2F32D-362A-42D9-9328-24A483E2CCC3} => -> No File
ShellIconOverlayIdentifiers: [ OneDrive7] -> {C5FF006E-2AE9-408C-B85B-2DFDD5449D9C} => -> No File
ShellIconOverlayIdentifiers-x32: [ OneDrive1] -> {BBACC218-34EA-4666-9D7A-C78F2274A524} => -> No File
ShellIconOverlayIdentifiers-x32: [ OneDrive2] -> {5AB7172C-9C11-405C-8DD5-AF20F3606282} => -> No File
ShellIconOverlayIdentifiers-x32: [ OneDrive3] -> {A78ED123-AB77-406B-9962-2A5D9D2F7F30} => -> No File
ShellIconOverlayIdentifiers-x32: [ OneDrive4] -> {F241C880-6982-4CE5-8CF7-7085BA96DA5A} => -> No File
ShellIconOverlayIdentifiers-x32: [ OneDrive5] -> {A0396A93-DC06-4AEF-BEE9-95FFCCAEF20E} => -> No File
ShellIconOverlayIdentifiers-x32: [ OneDrive6] -> {9AA2F32D-362A-42D9-9328-24A483E2CCC3} => -> No File
ShellIconOverlayIdentifiers-x32: [ OneDrive7] -> {C5FF006E-2AE9-408C-B85B-2DFDD5449D9C} => -> No File

EmptyTemp:
End

Uložte na plochu jako fixlist.txt. Spusťte znovu FRST a klikněte na >Fix<. Po skončení akce se objeví log, který sem zkopírujte.

Fix result of Farbar Recovery Scan Tool (x64) Version: 26-07-2020
Ran by Patrik (26-07-2020 21:43:37) Run:1
Running from C:\Users\Patrik\Desktop
Loaded Profiles: Patrik
Boot Mode: Normal
==============================================

fixlist content:
*****************
Start

CloseProcesses:
Task: {19475FD5-F18C-47BA-AF74-DF57EFDABB3C} - System32\Tasks\GoogleUpdateTaskMachineUA => C:\Program Files (x86)\Google\Update\GoogleUpdate.exe [156456 2019-04-17] (Google Inc -> Google LLC)
Task: {C8EDABE8-D6B9-4924-A3FC-1A200FFE1887} - System32\Tasks\GoogleUpdateTaskMachineCore => C:\Program Files (x86)\Google\Update\GoogleUpdate.exe [156456 2019-04-17] (Google Inc -> Google LLC)
ShellIconOverlayIdentifiers: [ OneDrive1] -> {BBACC218-34EA-4666-9D7A-C78F2274A524} => -> No File
ShellIconOverlayIdentifiers: [ OneDrive2] -> {5AB7172C-9C11-405C-8DD5-AF20F3606282} => -> No File
ShellIconOverlayIdentifiers: [ OneDrive3] -> {A78ED123-AB77-406B-9962-2A5D9D2F7F30} => -> No File
ShellIconOverlayIdentifiers: [ OneDrive4] -> {F241C880-6982-4CE5-8CF7-7085BA96DA5A} => -> No File
ShellIconOverlayIdentifiers: [ OneDrive5] -> {A0396A93-DC06-4AEF-BEE9-95FFCCAEF20E} => -> No File
ShellIconOverlayIdentifiers: [ OneDrive6] -> {9AA2F32D-362A-42D9-9328-24A483E2CCC3} => -> No File
ShellIconOverlayIdentifiers: [ OneDrive7] -> {C5FF006E-2AE9-408C-B85B-2DFDD5449D9C} => -> No File
ShellIconOverlayIdentifiers-x32: [ OneDrive1] -> {BBACC218-34EA-4666-9D7A-C78F2274A524} => -> No File
ShellIconOverlayIdentifiers-x32: [ OneDrive2] -> {5AB7172C-9C11-405C-8DD5-AF20F3606282} => -> No File
ShellIconOverlayIdentifiers-x32: [ OneDrive3] -> {A78ED123-AB77-406B-9962-2A5D9D2F7F30} => -> No File
ShellIconOverlayIdentifiers-x32: [ OneDrive4] -> {F241C880-6982-4CE5-8CF7-7085BA96DA5A} => -> No File
ShellIconOverlayIdentifiers-x32: [ OneDrive5] -> {A0396A93-DC06-4AEF-BEE9-95FFCCAEF20E} => -> No File
ShellIconOverlayIdentifiers-x32: [ OneDrive6] -> {9AA2F32D-362A-42D9-9328-24A483E2CCC3} => -> No File
ShellIconOverlayIdentifiers-x32: [ OneDrive7] -> {C5FF006E-2AE9-408C-B85B-2DFDD5449D9C} => -> No File

EmptyTemp:
End
*****************

Processes closed successfully.
"HKLM\Software\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Plain\{19475FD5-F18C-47BA-AF74-DF57EFDABB3C}" => removed successfully
"HKLM\Software\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tasks\{19475FD5-F18C-47BA-AF74-DF57EFDABB3C}" => removed successfully
C:\WINDOWS\System32\Tasks\GoogleUpdateTaskMachineUA => moved successfully
"HKLM\Software\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tree\GoogleUpdateTaskMachineUA" => removed successfully
"HKLM\Software\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Logon\{C8EDABE8-D6B9-4924-A3FC-1A200FFE1887}" => removed successfully
"HKLM\Software\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tasks\{C8EDABE8-D6B9-4924-A3FC-1A200FFE1887}" => removed successfully
C:\WINDOWS\System32\Tasks\GoogleUpdateTaskMachineCore => moved successfully
"HKLM\Software\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tree\GoogleUpdateTaskMachineCore" => removed successfully
HKLM\Software\Microsoft\Windows\CurrentVersion\Explorer\ShellIconOverlayIdentifiers\ OneDrive1 => removed successfully
HKLM\Software\Microsoft\Windows\CurrentVersion\Explorer\ShellIconOverlayIdentifiers\ OneDrive2 => removed successfully
HKLM\Software\Microsoft\Windows\CurrentVersion\Explorer\ShellIconOverlayIdentifiers\ OneDrive3 => removed successfully
HKLM\Software\Microsoft\Windows\CurrentVersion\Explorer\ShellIconOverlayIdentifiers\ OneDrive4 => removed successfully
HKLM\Software\Microsoft\Windows\CurrentVersion\Explorer\ShellIconOverlayIdentifiers\ OneDrive5 => removed successfully
HKLM\Software\Microsoft\Windows\CurrentVersion\Explorer\ShellIconOverlayIdentifiers\ OneDrive6 => removed successfully
HKLM\Software\Microsoft\Windows\CurrentVersion\Explorer\ShellIconOverlayIdentifiers\ OneDrive7 => removed successfully
HKLM\Software\Wow6432Node\Microsoft\Windows\CurrentVersion\Explorer\ShellIconOverlayIdentifiers\ OneDrive1 => removed successfully
HKLM\Software\Wow6432Node\Microsoft\Windows\CurrentVersion\Explorer\ShellIconOverlayIdentifiers\ OneDrive2 => removed successfully
HKLM\Software\Wow6432Node\Microsoft\Windows\CurrentVersion\Explorer\ShellIconOverlayIdentifiers\ OneDrive3 => removed successfully
HKLM\Software\Wow6432Node\Microsoft\Windows\CurrentVersion\Explorer\ShellIconOverlayIdentifiers\ OneDrive4 => removed successfully
HKLM\Software\Wow6432Node\Microsoft\Windows\CurrentVersion\Explorer\ShellIconOverlayIdentifiers\ OneDrive5 => removed successfully
HKLM\Software\Wow6432Node\Microsoft\Windows\CurrentVersion\Explorer\ShellIconOverlayIdentifiers\ OneDrive6 => removed successfully
HKLM\Software\Wow6432Node\Microsoft\Windows\CurrentVersion\Explorer\ShellIconOverlayIdentifiers\ OneDrive7 => removed successfully

=========== EmptyTemp: ==========

BITS transfer queue => 10510336 B
DOMStore, IE Recovery, AppCache, Feeds Cache, Thumbcache, IconCache => 11528272 B
Java, Flash, Steam htmlcache => 1124 B
Windows/system/drivers => 8547417 B
Edge => 46093 B
Chrome => 34552969 B
Firefox => 22088016 B
Opera => 0 B

Temp, IE cache, history, cookies, recent:
Default => 0 B
Users => 0 B
ProgramData => 0 B
Public => 0 B
systemprofile => 0 B
systemprofile32 => 0 B
LocalService => 0 B
NetworkService => 4843364 B
Patrik => 55476681 B

RecycleBin => 1924484 B
EmptyTemp: => 142.6 MB temporary data Removed.

================================


The system needed a reboot.

==== End of Fixlog 21:44:05 ====

Smazáno. Nastala nějaká změna?

Testoval som to ešte a vyzerá že áno Ďakujem

Nemáte zač!