Odvirování PC, zrychlení počítače, vzdálená pomoc prostřednictvím služby neslape.cz

Prosím o kontrolu logu

Patříte mezi Vzorné návštěvníky? Pak je tato sekce pro vás.

Moderátor: Moderátoři

Pravidla fóra
Jednotlivé thready budou po vyřešení uzamčeny. Stejně tak ty, které budou nečinné déle než 14 dní. Vizte Pravidlo o zamykání témat. Děkujeme za pochopení.
Zamčeno
Zpráva
Autor
Pitrisek
Vzorný návštěvník
Vzorný návštěvník
Příspěvky: 149
Registrován: 17 bře 2006 11:56

Prosím o kontrolu logu

#1 Příspěvek od Pitrisek »

Zdravím, prosím o kontrolu logu z FRST. PC mého tchána je velmi pomalé a seká se. Děkuji

Scan result of Farbar Recovery Scan Tool (FRST) (x64) Version: 20-10-2021
Ran by Miloš Švrček (administrator) on MILOSSVRCEK-PC (Acer Aspire 5742G) (28-10-2021 11:22:40)
Running from C:\Users\Miloš Švrček\Desktop
Loaded Profiles: UpdatusUser & Miloš Švrček
Platform: Microsoft Windows 10 Home Version 2004 19041.1165 (X64) Language: Čeština (Česko)
Default browser: FF
Boot Mode: Normal

==================== Processes (Whitelisted) =================

(If an entry is included in the fixlist, the process will be closed. The file will not be moved.)

(Acer Incorporated -> Acer Incorporated) C:\Program Files\Acer\Acer ePower Management\ePowerSvc.exe
(Acer Incorporated -> Acer Incorporated) C:\Program Files\Acer\Acer Updater\UpdaterService.exe
(Dritek System Inc. -> Dritek System Inc.) C:\Program Files (x86)\Launch Manager\dsiwmis.exe
(Intel Corporation -> Intel Corporation) C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\LMS\LMS.exe
(Intel Corporation -> Intel Corporation) C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\UNS\UNS.exe
(Microsoft Corporation -> Microsoft Corporation) C:\Windows\Microsoft.NET\Framework64\v4.0.30319\SMSvcHost.exe <2>
(Microsoft Corporation) C:\Program Files\WindowsApps\Microsoft.549981C3F5F10_2.2101.15643.0_x64__8wekyb3d8bbwe\Cortana.exe
(Microsoft Windows -> Microsoft Corporation) C:\Windows\System32\dllhost.exe
(Microsoft Windows -> Microsoft Corporation) C:\Windows\System32\MoUsoCoreWorker.exe
(Microsoft Windows -> Microsoft Corporation) C:\Windows\WinSxS\amd64_microsoft-windows-servicingstack_31bf3856ad364e35_10.0.19041.1220_none_7e21bc567c7ed16b\TiWorker.exe
(Microsoft Windows Publisher -> Microsoft Corporation) C:\ProgramData\Microsoft\Windows Defender\Platform\4.18.2109.6-0\MpCopyAccelerator.exe
(Microsoft Windows Publisher -> Microsoft Corporation) C:\ProgramData\Microsoft\Windows Defender\Platform\4.18.2109.6-0\MsMpEng.exe
(Microsoft Windows Publisher -> Microsoft Corporation) C:\ProgramData\Microsoft\Windows Defender\Platform\4.18.2109.6-0\NisSrv.exe
(Mozilla Corporation -> Mozilla Corporation) C:\Program Files (x86)\Mozilla Firefox\firefox.exe <9>
(NewTech Infosystems, Inc -> NewTech Infosystems, Inc.) C:\Program Files (x86)\NewTech Infosystems\Acer Backup Manager\IScheduleSvc.exe
(NVIDIA Corporation -> NVIDIA Corporation) C:\Program Files (x86)\NVIDIA Corporation\NVIDIA Updatus\daemonu.exe
(NVIDIA Corporation -> NVIDIA Corporation) C:\Program Files\NVIDIA Corporation\Display.NvContainer\NVDisplay.Container.exe
(NVIDIA Corporation -> NVIDIA Corporation) C:\Program Files\NVIDIA Corporation\Display\nvtray.exe
(NVIDIA Corporation -> NVIDIA Corporation) C:\Program Files\NVIDIA Corporation\Display\nvxdsync.exe
(Realtek Semiconductor Corp -> Realtek Semiconductor) C:\Program Files\Realtek\Audio\HDA\RAVCpl64.exe
(Software602 a.s. -> Software602 a.s.) C:\Program Files (x86)\Common Files\soft602\602updsvc\602updsvc.exe

==================== Registry (Whitelisted) ===================

(If an entry is included in the fixlist, the registry item will be restored to default or removed. The file will not be moved.)

HKLM\...\Run: [RtHDVCpl] => C:\Program Files\Realtek\Audio\HDA\RAVCpl64.exe [10920552 2010-06-22] (Realtek Semiconductor Corp -> Realtek Semiconductor)
HKLM\...\Run: [ETDWare] => C:\Program Files\Elantech\ETDCtrl.exe [649608 2010-04-13] (ELAN Microelectronics Corporation -> ELAN Microelectronic Corp.)
HKLM-x32\...\Run: [LManager] => C:\Program Files (x86)\Launch Manager\LManager.exe [975952 2010-08-10] (Dritek System Inc. -> Dritek System Inc.)
HKLM-x32\...\Run: [OM2_Monitor] => C:\Program Files (x86)\OLYMPUS\OLYMPUS Master 2\FirstStart.exe [54576 2009-04-17] (OLYMPUS IMAGING CORP. -> OLYMPUS IMAGING CORP.)
HKU\S-1-5-21-3587155836-1829602570-1434191566-1000\Control Panel\Desktop\\SCRNSAVE.EXE -> C:\Windows\system32\Acer.scr [456224 2010-07-29] (Acer Incorporated -> )
HKU\S-1-5-21-3587155836-1829602570-1434191566-1001\...\Run: [OM2_Monitor] => C:\Program Files (x86)\OLYMPUS\OLYMPUS Master 2\MMonitor.exe [95536 2009-04-17] (OLYMPUS IMAGING CORP. -> OLYMPUS IMAGING CORP.)
HKU\S-1-5-21-3587155836-1829602570-1434191566-1001\Control Panel\Desktop\\SCRNSAVE.EXE -> C:\Windows\System32\Acer.scr [456224 2010-07-29] (Acer Incorporated -> )
HKLM\...\Windows x64\Print Processors\hpzpplhn: C:\Windows\System32\spool\prtprocs\x64\hpzpplhn.dll [109288 2018-10-12] (Microsoft Windows Hardware Compatibility Publisher -> Hewlett-Packard Corporation)
HKLM\...\Print\Monitors\Software602 XPS port monitor: C:\WINDOWS\system32\602localmon.dll [54864 2018-05-31] (Software602 a.s. -> Windows (R) Win 7 DDK provider)
HKLM\Software\...\Authentication\Credential Providers: [{503739d0-4c5e-4cfd-b3ba-d881334f0df2}] ->
AppInit_DLLs: C:\WINDOWS\system32\DriverStore\FileRepository\nvacwu.inf_amd64_bdd6ea477d4e2fba\nvinitx.dll => C:\WINDOWS\system32\DriverStore\FileRepository\nvacwu.inf_amd64_bdd6ea477d4e2fba\nvinitx.dll [183144 2017-01-17] (NVIDIA Corporation PE Sign v2016 -> NVIDIA Corporation)
AppInit_DLLs-x32: C:\WINDOWS\system32\DriverStore\FileRepository\nvacwu.inf_amd64_bdd6ea477d4e2fba\nvinit.dll => C:\WINDOWS\system32\DriverStore\FileRepository\nvacwu.inf_amd64_bdd6ea477d4e2fba\nvinit.dll [161016 2017-01-17] (NVIDIA Corporation PE Sign v2016 -> NVIDIA Corporation)
HKLM\SOFTWARE\Policies\Mozilla\Firefox: Restriction <==== ATTENTION

==================== Scheduled Tasks (Whitelisted) ============

(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)

Task: {0B96453E-AE7B-440D-B24B-E9C77AA108A1} - System32\Tasks\Microsoft\Windows\Media Center\PBDADiscovery => C:\WINDOWS\ehome\ehPrivJob.exe
Task: {1723D7BF-0BE1-4E8C-ADCD-BAB7B150E099} - System32\Tasks\Microsoft\Windows\Windows Defender\Windows Defender Scheduled Scan => C:\ProgramData\Microsoft\Windows Defender\Platform\4.18.2109.6-0\MpCmdRun.exe [884544 2021-10-18] (Microsoft Windows Publisher -> Microsoft Corporation)
Task: {17DE4457-3918-4A0B-B9C5-F8BD1D85AD8C} - \Microsoft\Windows\Setup\GWXTriggers\Time-5d -> No File <==== ATTENTION
Task: {1F2345FF-7A09-4671-99B0-2B1BBA3EEAED} - System32\Tasks\Microsoft\Windows\SideShow\GadgetManager => {FF87090D-4A9A-4F47-879B-29A80C355D61}
Task: {22C4E66F-8F4A-4A41-A03A-E04616AFD2C4} - System32\Tasks\Microsoft\Windows\Media Center\PBDADiscoveryW2 => C:\WINDOWS\ehome\ehPrivJob.exe
Task: {298B5E20-D43C-4BD8-A832-FAFCE9D9A225} - System32\Tasks\Microsoft\Windows\MobilePC\HotStart => {06DA0625-9701-43DA-BFD7-FBEEA2180A1E}
Task: {2B16955E-D0C9-40C9-B8D3-F0FBDBC31134} - System32\Tasks\Mozilla\Firefox Default Browser Agent E7CF176E110C211B => C:\Program Files (x86)\Mozilla Firefox\default-browser-agent.exe [680888 2021-10-18] (Mozilla Corporation -> Mozilla Foundation)
Task: {32258A9A-E058-4E69-9D2E-94D2218F0DDF} - \CCleanerSkipUAC -> No File <==== ATTENTION
Task: {39D7430E-578D-4389-96D8-380A077D1A70} - System32\Tasks\Microsoft\Windows\Media Center\mcupdate => C:\WINDOWS\ehome\mcupdate.exe
Task: {3A67E328-0409-4D48-B5D0-4989810B417E} - System32\Tasks\Microsoft\Windows\Media Center\DispatchRecoveryTasks => C:\WINDOWS\ehome\ehPrivJob.exe
Task: {3DB505EE-ADFF-4CFD-B13A-51733FA6A856} - \Microsoft\Windows\Setup\GWXTriggers\OnIdle-5d -> No File <==== ATTENTION
Task: {3F9EB34B-1327-4B74-B9A1-563BF44BF8A7} - \Microsoft\Windows\Setup\GWXTriggers\MachineUnlock-5d -> No File <==== ATTENTION
Task: {41C61E50-0D74-4D35-9BE0-1D52260A543E} - System32\Tasks\Adobe Flash Player NPAPI Notifier => C:\WINDOWS\SysWOW64\Macromed\Flash\FlashUtil32_31_0_0_122_Plugin.exe [1454592 2018-11-07] (Adobe Systems Incorporated -> Adobe Systems Incorporated)
Task: {426CECC7-B358-4704-B72D-B955873AC47C} - \Microsoft\Windows\Setup\gwx\rundetector -> No File <==== ATTENTION
Task: {440AFBDE-50C6-4E02-AA03-9E1C2C627793} - \Microsoft\Windows\Setup\gwx\refreshgwxconfigandcontent -> No File <==== ATTENTION
Task: {486D715E-6AA2-44CF-BC48-B6990CBB53C6} - System32\Tasks\Microsoft\Windows\Shell\WindowsParentalControlsMigration => {343D770D-7788-47C2-B62A-B7C4CED925CB}
Task: {4DB3DAFF-E386-4BAE-A5DC-B566BADC5675} - System32\Tasks\Microsoft\Windows\Media Center\PvrRecoveryTask => C:\WINDOWS\ehome\mcupdate.exe
Task: {4DFDA5FA-3752-47CC-BD23-CEE9BD9A694E} - System32\Tasks\Microsoft\Windows\Media Center\InstallPlayReady => C:\WINDOWS\ehome\ehPrivJob.exe
Task: {4F37EBEF-4909-4F88-9DAE-D7160FDACEBA} - System32\Tasks\Microsoft\Windows\Media Center\PvrScheduleTask => C:\WINDOWS\ehome\mcupdate.exe
Task: {5AA15D01-53B7-4B3C-A195-CA8C537F1A4F} - System32\Tasks\Microsoft\Windows\SideShow\SystemDataProviders => {7CCA6768-8373-4D28-8876-83E8B4E3A969}
Task: {5B42DD9C-5A26-4F27-BB95-34603F0997E5} - System32\Tasks\Microsoft\Windows\Shell\WindowsParentalControls => {DFA14C43-F385-4170-99CC-1B7765FA0E4A}
Task: {5C3D7346-36E0-4229-AC69-7EF480388C4F} - \Microsoft\Windows\Setup\GWXTriggers\Logon-5d -> No File <==== ATTENTION
Task: {630A953C-DD28-4062-9B6B-59891823BB79} - \Microsoft\Windows\UNP\RunCampaignManager -> No File <==== ATTENTION
Task: {683370BA-146D-4BC5-A27F-C4F4510A64A9} - System32\Tasks\Microsoft\Windows\Media Center\mcupdate_scheduled => C:\WINDOWS\ehome\mcupdate.exe
Task: {72D345AC-42E2-426E-A8A0-FB27523EAC7A} - System32\Tasks\Microsoft\Windows\Media Center\ReindexSearchRoot => C:\WINDOWS\ehome\ehPrivJob.exe
Task: {73B38C1E-E61D-44B8-A633-8707FE14F81D} - System32\Tasks\Microsoft\Windows\Media Center\ActivateWindowsSearch => C:\WINDOWS\ehome\ehPrivJob.exe
Task: {7FA8548E-914B-45D7-8BC0-552261854B0A} - System32\Tasks\Microsoft\Windows\Media Center\ehDRMInit => C:\WINDOWS\ehome\ehPrivJob.exe
Task: {8168B0F3-8937-42E4-8074-9420F6E2185A} - System32\Tasks\Microsoft\Windows\Setup\EOSNotify => C:\WINDOWS\system32\EOSNotify.exe
Task: {8BA40CA5-E532-4343-81C2-348C4803C3CB} - System32\Tasks\Microsoft\Windows\Media Center\RegisterSearch => C:\WINDOWS\ehome\ehPrivJob.exe
Task: {97C4B3D0-7BAF-4AFD-B801-65775B8C2736} - \Microsoft\Windows\Setup\GWXTriggers\ScheduleUpgradeTime -> No File <==== ATTENTION
Task: {98CACF22-8626-4E2D-AD81-8782632A5C7E} - \Microsoft\Windows\Setup\GWXTriggers\OutOfSleep-5d -> No File <==== ATTENTION
Task: {A1DF1EE6-EC76-4A21-92B7-BD15448863FB} - System32\Tasks\Microsoft\Windows Live\SOXE\Extractor Definitions Update Task => {3519154C-227E-47F3-9CC9-12C3F05817F1}
Task: {A305004B-69AD-4263-A240-6718B89FAC53} - \Microsoft\Windows\Setup\gwx\refreshgwxcontent -> No File <==== ATTENTION
Task: {A68A1BAB-E414-4DCE-BF3C-54ABA6F2064D} - System32\Tasks\Microsoft\Windows\Windows Defender\Windows Defender Cache Maintenance => C:\ProgramData\Microsoft\Windows Defender\Platform\4.18.2109.6-0\MpCmdRun.exe [884544 2021-10-18] (Microsoft Windows Publisher -> Microsoft Corporation)
Task: {AB95C8CE-9AA5-4AC6-800C-6DB11E07E1B0} - System32\Tasks\Microsoft\Windows\Windows Defender\Windows Defender Verification => C:\ProgramData\Microsoft\Windows Defender\Platform\4.18.2109.6-0\MpCmdRun.exe [884544 2021-10-18] (Microsoft Windows Publisher -> Microsoft Corporation)
Task: {AFB25BEF-068E-4B8C-BEEB-A7DF3C9E4457} - System32\Tasks\Microsoft\Windows\SideShow\SessionAgent => {45F26E9E-6199-477F-85DA-AF1EDFE067B1}
Task: {B0CBAB43-44FC-469B-A4CE-87426761FDCE} - System32\Tasks\Microsoft\Windows\PerfTrack\BackgroundConfigSurveyor => {EA9155A3-8A39-40B4-8963-D3C761B18371}
Task: {B58FF814-5BCD-4134-8D9A-8306730221B0} - System32\Tasks\Microsoft\Windows\Media Center\PBDADiscoveryW1 => C:\WINDOWS\ehome\ehPrivJob.exe
Task: {B8433DAE-E6B1-4A65-9BCC-517D291CAB5D} - \Microsoft\Windows\Setup\GWXTriggers\ScheduleUpgradeReminderTime -> No File <==== ATTENTION
Task: {C0E89374-6130-4A3C-8037-AA476758CB52} - System32\Tasks\Microsoft\Windows\Media Center\SqlLiteRecoveryTask => C:\WINDOWS\ehome\mcupdate.exe
Task: {C2297531-A7CF-4372-A52A-2C64264AC04E} - \Microsoft\Windows\Setup\gwx\launchtrayprocess -> No File <==== ATTENTION
Task: {CABE7186-1E90-4E33-90DC-283C6799BD09} - System32\Tasks\Adobe Flash Player Updater => C:\Windows\SysWOW64\Macromed\Flash\FlashPlayerUpdateService.exe [335872 2018-11-07] (Adobe Systems Incorporated -> Adobe Systems Incorporated)
Task: {D4EB7A14-37E1-4672-9717-AEE5A9B42AC2} - System32\Tasks\Microsoft\Windows\Media Center\OCURDiscovery => C:\WINDOWS\ehome\ehPrivJob.exe
Task: {DB376CBD-0C15-4945-89A9-BFB063ADA68D} - System32\Tasks\Adobe Reader Speed Launcher => C:\Program Files (x86)\Adobe\Reader 10.0\Reader\Reader_sl.exe [40336 2015-09-24] (Adobe Systems, Incorporated -> Adobe Systems Incorporated)
Task: {DCB97122-A9B3-489F-B58C-A761EB24D342} - System32\Tasks\Microsoft\Windows\Media Center\ConfigureInternetTimeService => C:\WINDOWS\ehome\ehPrivJob.exe
Task: {E04884FF-9CD1-450C-AF0B-35592A70C89F} - System32\Tasks\Adobe Acrobat Update Task => C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\AdobeARM.exe [1085656 2015-12-14] (Adobe Systems, Incorporated -> Adobe Systems Incorporated)
Task: {E2B3A6F7-6170-4ED5-ACFE-D3B0D789D3E6} - System32\Tasks\Microsoft\Windows\Media Center\RecordingRestart => C:\WINDOWS\ehome\ehrec.exe
Task: {E3C9680D-BA2B-4BFA-AC08-377FEB061A5C} - System32\Tasks\Microsoft\Windows\Media Center\MediaCenterRecoveryTask => C:\WINDOWS\ehome\mcupdate.exe
Task: {E75DD301-97BC-4832-868B-76224494B252} - System32\Tasks\Microsoft\Windows\Media Center\OCURActivate => C:\WINDOWS\ehome\ehPrivJob.exe
Task: {EBC2468D-5A47-4458-8E38-4784B770306D} - System32\Tasks\avastBCLRestartS-1-5-21-3587155836-1829602570-1434191566-1001 => C:\Program Files (x86)\Mozilla Firefox\firefox.exe 0
Task: {EBDE37A3-9B4C-4BA1-8B18-A1462CC2B1DF} - System32\Tasks\Microsoft\Windows\Media Center\UpdateRecordPath => C:\WINDOWS\ehome\ehPrivJob.exe
Task: {EC9EA234-361A-42E3-9CEC-DF89ECC2C57B} - \Microsoft\Windows\Setup\gwx\refreshgwxconfig -> No File <==== ATTENTION
Task: {ECC3E516-3FA9-4915-9011-5F763FA1E137} - System32\Tasks\Microsoft\Windows\Media Center\PeriodicScanRetry => C:\WINDOWS\ehome\MCUpdate.exe
Task: {EE57812C-AA69-4D49-BBDE-F35856272F99} - \Microsoft\Windows\Setup\GWXTriggers\OutOfIdle-5d -> No File <==== ATTENTION
Task: {F2AAFC01-53A3-4AB7-AD71-D4F62D052626} - System32\Tasks\Microsoft\Windows\Windows Defender\Windows Defender Cleanup => C:\ProgramData\Microsoft\Windows Defender\Platform\4.18.2109.6-0\MpCmdRun.exe [884544 2021-10-18] (Microsoft Windows Publisher -> Microsoft Corporation)
Task: {F34961B0-D940-4F3F-A108-AA7D3FC0BFD1} - \Microsoft\Windows\Setup\GWXTriggers\refreshgwxconfig-B -> No File <==== ATTENTION
Task: {F956E7AC-F47F-427A-BC20-6AA441246A9C} - System32\Tasks\Microsoft\Windows\Media Center\ObjectStoreRecoveryTask => C:\WINDOWS\ehome\mcupdate.exe
Task: {F976E112-A7A0-4DF6-8B5C-967B49383AC9} - System32\Tasks\Adobe ARM => C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\AdobeARM.exe [1085656 2015-12-14] (Adobe Systems, Incorporated -> Adobe Systems Incorporated)
Task: {FFE0F2AD-E7D5-40E7-8467-E56E7E116899} - System32\Tasks\Microsoft\Windows\SideShow\AutoWake => {E51DFD48-AA36-4B45-BB52-E831F02E8316}

(If an entry is included in the fixlist, the task (.job) file will be moved. The file which is running by the task will not be moved.)


==================== Internet (Whitelisted) ====================

(If an item is included in the fixlist, if it is a registry item it will be removed or restored to default.)

Tcpip\Parameters: [DhcpNameServer] 192.168.2.254
Tcpip\..\Interfaces\{c5ae8c20-2cd8-4fd7-84df-388791f15ee1}: [DhcpNameServer] 192.168.2.254
Tcpip\..\Interfaces\{df9442e7-9059-45dc-8f14-1859f69e6b51}: [DhcpNameServer] 192.168.2.254

Edge:
=======
Edge Extension: (No Name) -> AutoFormFill_5ED10D46BD7E47DEB1F3685D2C0FCE08 => C:\Windows\SystemApps\Microsoft.MicrosoftEdge_8wekyb3d8bbwe\Assets\HostExtensions\AutoFormFill [not found]
Edge Extension: (No Name) -> BookReader_B171F20233094AC88D05A8EF7B9763E8 => C:\Windows\SystemApps\Microsoft.MicrosoftEdge_8wekyb3d8bbwe\Assets\BookViewer [not found]
Edge Extension: (No Name) -> LearningTools_7706F933-971C-41D1-9899-8A026EB5D824 => C:\Windows\SystemApps\Microsoft.MicrosoftEdge_8wekyb3d8bbwe\Assets\HostExtensions\LearningTools [not found]
Edge Extension: (No Name) -> PinJSAPI_EC01B57063BE468FAB6DB7EBFC3BF368 => C:\Windows\SystemApps\Microsoft.MicrosoftEdge_8wekyb3d8bbwe\Assets\HostExtensions\PinJSAPI [not found]
Edge DefaultProfile: Default
Edge Profile: C:\Users\Miloš Švrček\AppData\Local\Microsoft\Edge\User Data\Default [2021-10-28]

FireFox:
========
FF DefaultProfile: wpa7prw8.default
FF ProfilePath: C:\Users\Miloš Švrček\AppData\Roaming\Mozilla\Firefox\Profiles\wpa7prw8.default [2021-10-28]
FF Homepage: Mozilla\Firefox\Profiles\wpa7prw8.default -> hxxps//www.seznam.cz/?clid=22668
FF Extension: (Komponenta I.CA PKI Service) - C:\Users\Miloš Švrček\AppData\Roaming\Mozilla\Firefox\Profiles\wpa7prw8.default\Extensions\icapkiservice@ica.cz.xpi [2021-08-03]
FF Extension: (Avast SafePrice | Srovnání, výhodné nabídky, kupóny) - C:\Users\Miloš Švrček\AppData\Roaming\Mozilla\Firefox\Profiles\wpa7prw8.default\Extensions\sp@avast.com.xpi [2019-03-29] [UpdateUrl:hxxps//firefoxext.avcdn.net/firefoxext/avast/sp/update.json]
FF Extension: (Avast Online Security & Privacy) - C:\Users\Miloš Švrček\AppData\Roaming\Mozilla\Firefox\Profiles\wpa7prw8.default\Extensions\wrc@avast.com.xpi [2021-10-28]
FF SearchPlugin: C:\Users\Miloš Švrček\AppData\Roaming\Mozilla\Firefox\Profiles\wpa7prw8.default\searchplugins\seznam-avast.xml [2015-02-08]
FF Plugin: @adobe.com/FlashPlayer -> C:\WINDOWS\system32\Macromed\Flash\NPSWF64_31_0_0_122.dll [2018-11-07] (Adobe Systems Incorporated -> )
FF Plugin: @Microsoft.com/NpCtrl,version=1.0 -> c:\Program Files\Microsoft Silverlight\5.1.50428.0\npctrl.dll [2016-04-27] (Microsoft Corporation -> Microsoft Corporation)
FF Plugin: @microsoft.com/OfficeAuthz,version=14.0 -> C:\PROGRA~1\MICROS~2\Office14\NPAUTHZ.DLL [2010-01-09] (Microsoft Corporation -> Microsoft Corporation)
FF Plugin-x32: @adobe.com/FlashPlayer -> C:\WINDOWS\SysWOW64\Macromed\Flash\NPSWF32_31_0_0_122.dll [2018-11-07] (Adobe Systems Incorporated -> )
FF Plugin-x32: @Microsoft.com/NpCtrl,version=1.0 -> c:\Program Files (x86)\Microsoft Silverlight\5.1.50428.0\npctrl.dll [2016-04-27] (Microsoft Corporation -> Microsoft Corporation)
FF Plugin-x32: @microsoft.com/OfficeAuthz,version=14.0 -> C:\PROGRA~2\MICROS~4\Office14\NPAUTHZ.DLL [2010-01-09] (Microsoft Corporation -> Microsoft Corporation)
FF Plugin-x32: @microsoft.com/SharePoint,version=14.0 -> C:\PROGRA~2\MICROS~4\Office14\NPSPWRAP.DLL [2010-03-24] (Microsoft Corporation -> Microsoft Corporation)
FF Plugin-x32: @microsoft.com/WLPG,version=15.4.3502.0922 -> C:\Program Files (x86)\Windows Live\Photo Gallery\NPWLPG.dll [2010-11-10] (Microsoft Corporation -> Microsoft Corporation)
FF Plugin-x32: @microsoft.com/WLPG,version=15.4.3508.1109 -> C:\Program Files (x86)\Windows Live\Photo Gallery\NPWLPG.dll [2010-11-10] (Microsoft Corporation -> Microsoft Corporation)
FF Plugin-x32: @software602.cz/602XML Filler -> C:\Program Files (x86)\Software602\602XML\Filler\npfiller.dll [2018-01-08] (Software602 a.s. -> Software602 a.s.)
FF Plugin-x32: Adobe Reader -> C:\Program Files (x86)\Adobe\Reader 10.0\Reader\AIR\nppdf32.dll [2015-09-24] (Adobe Systems, Incorporated -> Adobe Systems Inc.)

Chrome:
=======
CHR HKLM-x32\...\Chrome\Extension: [eofcbnmajmjmplflapaojjnihcjkigck]
CHR HKLM-x32\...\Chrome\Extension: [gomekmidlodglbbmalcneegieacbdmki]

==================== Services (Whitelisted) ===================

(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)

R2 602XML Updater; C:\Program Files (x86)\Common Files\soft602\602updsvc\602updsvc.exe [85344 2011-10-10] (Software602 a.s. -> Software602 a.s.)
S4 AdobeARMservice; C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\armsvc.exe [82128 2015-12-14] (Adobe Systems, Incorporated -> Adobe Systems Incorporated)
S4 AdobeFlashPlayerUpdateSvc; C:\Windows\SysWOW64\Macromed\Flash\FlashPlayerUpdateService.exe [335872 2018-11-07] (Adobe Systems Incorporated -> Adobe Systems Incorporated)
S3 I.CA Maintenance Service; C:\Program Files (x86)\I.CA\I.CA Maintenance\ICAMaintenance.exe [283904 2019-08-02] (Prvni certifikacni autorita, a.s. -> I.CA, a.s.)
R3 WdNisSvc; C:\ProgramData\Microsoft\Windows Defender\Platform\4.18.2109.6-0\NisSrv.exe [2855512 2021-10-18] (Microsoft Windows Publisher -> Microsoft Corporation)
R2 WinDefend; C:\ProgramData\Microsoft\Windows Defender\Platform\4.18.2109.6-0\MsMpEng.exe [128392 2021-10-18] (Microsoft Windows Publisher -> Microsoft Corporation)
R2 NVDisplay.ContainerLocalSystem; "C:\Program Files\NVIDIA Corporation\Display.NvContainer\NVDisplay.Container.exe" -s NVDisplay.ContainerLocalSystem -f "C:\ProgramData\NVIDIA\NVDisplay.ContainerLocalSystem.log" -l 3 -d "C:\Program Files\NVIDIA Corporation\Display.NvContainer\plugins\LocalSystem"

===================== Drivers (Whitelisted) ===================

(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)

S3 BthA2dp; C:\WINDOWS\System32\drivers\BthA2dp.sys [279040 2019-12-07] (Microsoft Corporation) [File not signed]
S3 BthHFEnum; C:\WINDOWS\System32\drivers\bthhfenum.sys [144896 2019-12-07] (Microsoft Corporation) [File not signed]
R1 eamonm; C:\WINDOWS\System32\DRIVERS\eamonm.sys [264552 2016-02-09] (ESET, spol. s r.o. -> ESET)
R1 ehdrv; C:\WINDOWS\System32\DRIVERS\ehdrv.sys [186784 2016-02-09] (ESET, spol. s r.o. -> ESET)
R2 epfwwfpr; C:\WINDOWS\system32\DRIVERS\epfwwfpr.sys [170792 2016-02-09] (ESET, spol. s r.o. -> ESET)
S0 WdBoot; C:\WINDOWS\System32\drivers\wd\WdBoot.sys [48520 2021-10-18] (Microsoft Windows Early Launch Anti-malware Publisher -> Microsoft Corporation)
R0 WdFilter; C:\WINDOWS\System32\drivers\wd\WdFilter.sys [434424 2021-10-18] (Microsoft Windows -> Microsoft Corporation)
R3 WdNisDrv; C:\WINDOWS\System32\drivers\wd\WdNisDrv.sys [86264 2021-10-18] (Microsoft Windows -> Microsoft Corporation)
U3 idsvc; no ImagePath
S3 MpKsl98fb3925; \??\C:\ProgramData\Microsoft\Windows Defender\Definition Updates\{9698A336-BBC2-48C5-9E73-860EDF934ABC}\MpKslDrv.sys [X]

==================== NetSvcs (Whitelisted) ===================

(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)


==================== One month (created) (Whitelisted) =========

(If an entry is included in the fixlist, the file/folder will be moved.)

2021-10-28 11:16 - 2021-10-28 11:22 - 000037794 _____ C:\Users\Miloš Švrček\Desktop\Addition.txt
2021-10-28 11:02 - 2021-10-28 11:27 - 000022483 _____ C:\Users\Miloš Švrček\Desktop\FRST.txt
2021-10-28 11:00 - 2021-10-28 11:25 - 000000000 ____D C:\FRST
2021-10-28 10:48 - 2021-10-28 10:57 - 002310656 _____ (Farbar) C:\Users\Miloš Švrček\Desktop\FRST64.exe
2021-10-28 10:39 - 2021-10-28 10:39 - 000000000 ___HD C:\$WinREAgent
2021-10-28 10:08 - 2021-10-28 10:08 - 000000020 ___SH C:\Users\DefaultAppPool\ntuser.ini
2021-10-28 10:03 - 2021-10-28 10:03 - 000000000 ____D C:\Users\Miloš Švrček\AppData\Local\OneDrive
2021-10-18 19:42 - 2021-10-18 19:42 - 000000000 ____D C:\WINDOWS\system32\Tasks\Mozilla

==================== One month (modified) ==================

(If an entry is included in the fixlist, the file/folder will be moved.)

2021-10-28 11:22 - 2019-12-07 11:13 - 000000000 ____D C:\WINDOWS\INF
2021-10-28 11:13 - 2019-12-07 11:14 - 000000000 ____D C:\ProgramData\regid.1991-06.com.microsoft
2021-10-28 10:39 - 2019-12-07 11:03 - 000000000 ____D C:\WINDOWS\CbsTemp
2021-10-28 10:32 - 2014-02-09 10:06 - 000000000 ____D C:\ProgramData\Mozilla
2021-10-28 10:31 - 2016-11-20 01:23 - 000000000 ____D C:\Users\Miloš Švrček\AppData\LocalLow\Mozilla
2021-10-28 10:27 - 2021-01-04 22:33 - 001875876 _____ C:\WINDOWS\system32\PerfStringBackup.INI
2021-10-28 10:27 - 2019-12-07 16:41 - 000783098 _____ C:\WINDOWS\system32\perfh005.dat
2021-10-28 10:27 - 2019-12-07 16:41 - 000172796 _____ C:\WINDOWS\system32\perfc005.dat
2021-10-28 10:20 - 2021-01-04 22:45 - 000000006 ____H C:\WINDOWS\Tasks\SA.DAT
2021-10-28 10:20 - 2016-05-14 10:53 - 000000000 ____D C:\ProgramData\NVIDIA
2021-10-28 10:19 - 2021-01-04 22:14 - 000008192 ___SH C:\DumpStack.log.tmp
2021-10-28 10:19 - 2019-12-07 11:03 - 000524288 _____ C:\WINDOWS\system32\config\BBI
2021-10-28 10:08 - 2021-01-04 22:21 - 000000000 ____D C:\Users\DefaultAppPool
2021-10-28 09:52 - 2018-03-30 12:51 - 000000000 ____D C:\WINDOWS\system32\Drivers\wd
2021-10-28 09:52 - 2016-05-10 19:15 - 000000000 ____D C:\Program Files (x86)\Mozilla Firefox
2021-10-28 09:52 - 2014-02-09 10:06 - 000000000 ____D C:\Program Files (x86)\Mozilla Maintenance Service
2021-10-28 09:51 - 2019-12-07 11:14 - 000000000 ___HD C:\Program Files\WindowsApps
2021-10-28 09:50 - 2019-12-07 11:14 - 000000000 ____D C:\WINDOWS\AppReadiness
2021-10-28 09:49 - 2013-08-15 06:50 - 000000000 ____D C:\WINDOWS\system32\MRT
2021-10-28 09:49 - 2012-05-06 13:33 - 139806512 ____C (Microsoft Corporation) C:\WINDOWS\system32\MRT.exe
2021-10-28 09:47 - 2021-01-16 08:35 - 000003490 _____ C:\WINDOWS\system32\Tasks\MicrosoftEdgeUpdateTaskMachineCore1d6e2d860b9fabc
2021-10-28 09:47 - 2021-01-04 22:45 - 000003584 _____ C:\WINDOWS\system32\Tasks\MicrosoftEdgeUpdateTaskMachineUA
2021-10-18 19:42 - 2015-06-02 23:10 - 000005102 _____ C:\WINDOWS\wininit.ini
2021-10-18 19:42 - 2011-11-29 17:07 - 000001236 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Firefox.lnk
2021-10-18 19:39 - 2019-12-07 11:14 - 000000000 ____D C:\WINDOWS\LiveKernelReports
2021-10-11 08:16 - 2020-12-13 00:45 - 000000000 ____D C:\Program Files\Microsoft Update Health Tools

==================== Files in the root of some directories ========

2016-03-07 00:18 - 2016-03-07 00:18 - 000000000 _____ () C:\Users\Miloš Švrček\AppData\Local\{E9CFEC60-559C-4D18-AE4C-AB665352B7BB}

==================== SigCheck ============================

(There is no automatic fix for files that do not pass verification.)

Additional scan result of Farbar Recovery Scan Tool (x64) Version: 20-10-2021
Ran by Miloš Švrček (28-10-2021 11:29:51)
Running from C:\Users\Miloš Švrček\Desktop
Microsoft Windows 10 Home Version 2004 19041.1165 (X64) (2021-01-04 20:46:08)
Boot Mode: Normal
==========================================================


==================== Accounts: =============================


(If an entry is included in the fixlist, it will be removed.)

Administrator (S-1-5-21-3587155836-1829602570-1434191566-500 - Administrator - Disabled)
DefaultAccount (S-1-5-21-3587155836-1829602570-1434191566-503 - Limited - Disabled)
Guest (S-1-5-21-3587155836-1829602570-1434191566-501 - Limited - Disabled)
HomeGroupUser$ (S-1-5-21-3587155836-1829602570-1434191566-1063 - Limited - Enabled)
Miloš Švrček (S-1-5-21-3587155836-1829602570-1434191566-1001 - Administrator - Enabled) => C:\Users\Miloš Švrček
UpdatusUser (S-1-5-21-3587155836-1829602570-1434191566-1000 - Limited - Enabled) => C:\Users\UpdatusUser
WDAGUtilityAccount (S-1-5-21-3587155836-1829602570-1434191566-504 - Limited - Disabled)

==================== Security Center ========================

(If an entry is included in the fixlist, it will be removed.)

AV: Windows Defender (Enabled - Up to date) {D68DDC3A-831F-4fae-9E44-DA132C1ACF46}
AS: Windows Defender (Enabled - Up to date) {D68DDC3A-831F-4fae-9E44-DA132C1ACF46}

==================== Installed Programs ======================

(Only the adware programs with "Hidden" flag could be added to the fixlist to unhide them. The adware programs should be uninstalled manually.)

Adobe Flash Player 31 NPAPI (HKLM-x32\...\Adobe Flash Player NPAPI) (Version: 31.0.0.122 - Adobe Systems Incorporated)
Adobe Reader X (10.1.16) MUI (HKLM-x32\...\{AC76BA86-7AD7-FFFF-7B44-AA0000000001}) (Version: 10.1.16 - Adobe Systems Incorporated)
ETDWare PS/2-x64 7.0.6.5_WHQL (HKLM\...\Elantech) (Version: 7.0.6.5 - ELAN Microelectronics Corp.)
Fotogalerija Windows Live (HKLM-x32\...\{E59969EA-3B5B-4B24-8B94-43842A7FBFE9}) (Version: 15.4.3502.0922 - Microsoft Corporation) Hidden
Galeria de Fotografias do Windows Live (HKLM-x32\...\{0EC0B576-90F9-43C3-8FAD-A4902DF4B8F4}) (Version: 15.4.3502.0922 - Microsoft Corporation) Hidden
Galería fotográfica de Windows Live (HKLM-x32\...\{E85A4EFC-82F2-4CEE-8A8E-62FDAD353A66}) (Version: 15.4.3502.0922 - Microsoft Corporation) Hidden
Galeria fotogràfica del Windows Live (HKLM-x32\...\{4736B0ED-F6A1-48EC-A1B7-C053027648F1}) (Version: 15.4.3502.0922 - Microsoft Corporation) Hidden
Galeria fotografii usługi Windows Live (HKLM-x32\...\{CB3F59BB-7858-41A1-A7EA-4B8A6FC7D431}) (Version: 15.4.3502.0922 - Microsoft Corporation) Hidden
Galerie de photos Windows Live (HKLM-x32\...\{488F0347-C4A7-4374-91A7-30818BEDA710}) (Version: 15.4.3502.0922 - Microsoft Corporation) Hidden
Galerie foto Windows Live (HKLM-x32\...\{CB66242D-12B1-4494-82D2-6F53A7E024A3}) (Version: 15.4.3502.0922 - Microsoft Corporation) Hidden
Google Update Helper (HKLM-x32\...\{A92DAB39-4E2C-4304-9AB6-BC44E68B55E2}) (Version: 1.3.25.11 - Google Inc.) Hidden
I.CA Maintenance (HKLM-x32\...\{A26EE07C-9196-4BB9-BB81-1608D0A99887}) (Version: 1.3.2.0 - První certifikační autorita, a.s.) Hidden
I.CA Maintenance (HKLM-x32\...\I.CA Maintenance 1.3.2.0) (Version: 1.3.2.0 - První certifikační autorita, a.s.)
I.CA PKIServiceHost (HKLM\...\{A14460AC-0A70-4AE6-B159-1D4EEA921896}) (Version: 1.4.0.0 - První certifikační autorita, a.s.) Hidden
I.CA PKIServiceHost (HKLM-x32\...\I.CA PKIServiceHost 1.4.0.0) (Version: 1.4.0.0 - První certifikační autorita, a.s.)
Microsoft Edge (HKLM-x32\...\Microsoft Edge) (Version: 93.0.961.47 - Microsoft Corporation)
Microsoft Office 2010 pro studenty a domácnosti (HKLM-x32\...\Office14.SingleImage) (Version: 14.0.7015.1000 - Microsoft Corporation)
Microsoft OneDrive (HKU\S-1-5-21-3587155836-1829602570-1434191566-1001\...\OneDriveSetup.exe) (Version: 21.160.0808.0002 - Microsoft Corporation)
Microsoft Silverlight (HKLM\...\{89F4137D-6C26-4A84-BDB8-2E5A4BB71E00}) (Version: 5.1.50428.0 - Microsoft Corporation)
Microsoft SQL Server 2005 Compact Edition [ENU] (HKLM-x32\...\{F0B430D1-B6AA-473D-9B06-AA3DD01FD0B8}) (Version: 3.1.0000 - Microsoft Corporation)
Microsoft Update Health Tools (HKLM\...\{29B15818-E79F-4AB0-8938-9410C807AD76}) (Version: 2.84.0.0 - Microsoft Corporation)
Microsoft Visual C++ 2005 Redistributable (HKLM-x32\...\{710f4c1c-cc18-4c49-8cbf-51240c89a1a2}) (Version: 8.0.61001 - Microsoft Corporation)
Microsoft Visual C++ 2005 Redistributable (HKLM-x32\...\{A49F249F-0C91-497F-86DF-B2585E8E76B7}) (Version: 8.0.50727.42 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.17 (HKLM-x32\...\{9A25302D-30C0-39D9-BD6F-21E6EC160475}) (Version: 9.0.30729 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.4148 (HKLM-x32\...\{1F1C2DFC-2D24-3E06-BCB8-725134ADF989}) (Version: 9.0.30729.4148 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.6161 (HKLM-x32\...\{9BE518E6-ECC6-35A9-88E4-87755C07200F}) (Version: 9.0.30729.6161 - Microsoft Corporation)
Microsoft Visual C++ 2010 x64 Redistributable - 10.0.40219 (HKLM\...\{1D8E6291-B0D5-35EC-8441-6616F567A0F7}) (Version: 10.0.40219 - Microsoft Corporation)
Microsoft Visual C++ 2010 x86 Redistributable - 10.0.40219 (HKLM-x32\...\{F0C3E5D1-1ADE-321E-8167-68EF0DE699A5}) (Version: 10.0.40219 - Microsoft Corporation)
Microsoft Visual C++ 2015 Redistributable (x86) - 14.0.24212 (HKLM-x32\...\{462f63a8-6347-4894-a1b3-dbfe3a4c981d}) (Version: 14.0.24212.0 - Microsoft Corporation)
Microsoft Visual Studio 2010 Tools for Office Runtime (x64) (HKLM\...\Microsoft Visual Studio 2010 Tools for Office Runtime (x64)) (Version: 10.0.50903 - Microsoft Corporation)
Mozilla Firefox (x64 cs) (HKLM\...\Mozilla Firefox 93.0 (x64 cs)) (Version: 93.0 - Mozilla)
Mozilla Maintenance Service (HKLM\...\MozillaMaintenanceService) (Version: 64.0 - Mozilla)
osrss (HKLM-x32\...\{1BA1133B-1C7A-41A0-8CBF-9B993E63D296}) (Version: 1.0.0 - Microsoft Corporation) Hidden
Poczta usługi Windows Live (HKLM-x32\...\{64376910-1860-4CEF-8B34-AA5D205FC5F1}) (Version: 15.4.3502.0922 - Microsoft Corporation) Hidden
Podstawowe programy Windows Live (HKLM-x32\...\{7A9D47BA-6D50-4087-866F-0800D8B89383}) (Version: 15.4.3502.0922 - Microsoft Corporation) Hidden
Pomocník s aktualizací Windows 10 (HKLM-x32\...\{D5C69738-B486-402E-85AC-2456D98A64E4}) (Version: 1.4.9200.22532 - Microsoft Corporation)
Pošta Windows Live (HKLM-x32\...\{7BA19818-F717-4DFB-BC11-FAF17B2B8AEE}) (Version: 15.4.3502.0922 - Microsoft Corporation) Hidden
Raccolta foto di Windows Live (HKLM-x32\...\{ED16B700-D91F-44B0-867C-7EB5253CA38D}) (Version: 15.4.3502.0922 - Microsoft Corporation) Hidden
Realtek High Definition Audio Driver (HKLM-x32\...\{F132AF7F-7BCA-4EDE-8A7C-958108FE7DBC}) (Version: 6.0.1.6141 - Realtek Semiconductor Corp.)
Service Pack 2 for Microsoft Office 2010 (KB2687455) 32-Bit Edition (HKLM-x32\...\{90140000-003D-0000-0000-0000000FF1CE}_Office14.SingleImage_{DE28B448-32E8-4E8F-84F0-A52B21A49B5B}) (Version: - Microsoft)
Skype™ 7.0 (HKLM-x32\...\{24991BA0-F0EE-44AD-9CC8-5EC50AECF6B7}) (Version: 7.0.102 - Skype Technologies S.A.)
Software602 Form Filler (HKLM-x32\...\{9210AEE3-6ECB-4271-A125-1039E94A6A51}) (Version: 4.75 - Software602 a.s.)
Update for Windows 10 for x64-based Systems (KB4023057) (HKLM\...\{32DC821E-4A7D-4878-BEE8-337FA153D7F2}) (Version: 2.63.0.0 - Microsoft Corporation) Hidden
UpdateAssistant (HKLM\...\{F339C545-24DC-4870-AA32-6EB6B0500B95}) (Version: 1.24.0.0 - Microsoft Corporation) Hidden
Vulkan Run Time Libraries 1.0.26.0 (HKLM\...\VulkanRT1.0.26.0) (Version: 1.0.26.0 - LunarG, Inc.)
Windows Live Essentials (HKLM-x32\...\WinLiveSuite) (Version: 15.4.3508.1109 - Microsoft Corporation)
Windows Setup Remediations (x64) (KB4023057) (HKLM\...\{5534e02f-0f5d-40dd-ba92-bea38d22384d}.sdb) (Version: - )
Συλλογή φωτογραφιών του Windows Live (HKLM-x32\...\{C00C2A91-6CB3-483F-80B3-2958E29468F1}) (Version: 15.4.3502.0922 - Microsoft Corporation) Hidden
Основные компоненты Windows Live (HKLM-x32\...\{E83DC314-C926-4214-AD58-147691D6FE9F}) (Version: 15.4.3502.0922 - Microsoft Corporation) Hidden
Почта Windows Live (HKLM-x32\...\{B63F0CE3-CCD0-490A-9A9C-E1A3B3A17137}) (Version: 15.4.3502.0922 - Корпорация Майкрософт) Hidden
Фотоальбом Windows Live (HKLM-x32\...\{77F69CA1-E53D-4D77-8BA3-FA07606CC851}) (Version: 15.4.3502.0922 - Microsoft Corporation) Hidden
Фотогалерия на Windows Live (HKLM-x32\...\{4444F27C-B1A8-464E-9486-4C37BAB39A09}) (Version: 15.4.3502.0922 - Microsoft Corporation) Hidden
גלריית התמונות של Windows Live (HKLM-x32\...\{CE929F09-3853-4180-BD90-30764BFF7136}) (Version: 15.4.3502.0922 - Microsoft Corporation) Hidden
بريد Windows Live (HKLM-x32\...\{0A4C4B29-5A9D-4910-A13C-B920D5758744}) (Version: 15.4.3502.0922 - Microsoft Corporation) Hidden
معرض صور Windows Live (HKLM-x32\...\{FBCA06D2-4642-4F33-B20A-A7AB3F0D2E69}) (Version: 15.4.3502.0922 - Microsoft Corporation) Hidden

Packages:
=========
Doplněk multimediálního modulu pro aplikaci Fotografie -> C:\Program Files\WindowsApps\Microsoft.Photos.MediaEngineDLC_1.0.0.0_x64__8wekyb3d8bbwe [2021-02-17] (Microsoft Corporation)
Microsoft Advertising SDK for XAML -> C:\Program Files\WindowsApps\Microsoft.Advertising.Xaml_10.1811.1.0_x64__8wekyb3d8bbwe [2019-02-01] (Microsoft Corporation) [MS Ad]
Microsoft Advertising SDK for XAML -> C:\Program Files\WindowsApps\Microsoft.Advertising.Xaml_10.1811.1.0_x86__8wekyb3d8bbwe [2019-02-01] (Microsoft Corporation) [MS Ad]
Microsoft Solitaire Collection -> C:\Program Files\WindowsApps\Microsoft.MicrosoftSolitaireCollection_4.9.1252.0_x64__8wekyb3d8bbwe [2021-02-06] (Microsoft Studios) [MS Ad]
MSN Sports -> C:\Program Files\WindowsApps\Microsoft.BingSports_4.36.20714.0_x64__8wekyb3d8bbwe [2020-04-01] (Microsoft Corporation) [MS Ad]
Twitter -> C:\Program Files\WindowsApps\9E2F88E3.TWITTER_7.0.1.0_neutral__wgeqdkkx372wm [2021-09-17] (Twitter Inc.)
WindowsDVDPlayer -> C:\Program Files\WindowsApps\Microsoft.WindowsDVDPlayer_3.6.13291.0_x64__8wekyb3d8bbwe [2016-05-20] (Microsoft Corporation)

==================== Custom CLSID (Whitelisted): ==============

(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)

ShellIconOverlayIdentifiers: [00asw] -> {472083B0-C522-11CF-8763-00608CC02F24} => -> No File
ShellIconOverlayIdentifiers: [00avast] -> {472083B0-C522-11CF-8763-00608CC02F24} => -> No File
ContextMenuHandlers3: [MWLIVShellExt] -> {B1B294FE-EC1E-4fef-AF68-D34CE3E38157} => -> No File
ContextMenuHandlers4: [Offline Files] -> {474C98EE-CF3D-41f5-80E3-4AAB0AB04301} => -> No File
ContextMenuHandlers5: [Gadgets] -> {6B9228DA-9C15-419e-856C-19E768A13BDC} => -> No File
ContextMenuHandlers5: [igfxcui] -> {3AB1675A-CCFF-11D2-8B20-00A0C93CB1F4} => C:\WINDOWS\system32\igfxpph.dll [2012-11-26] (Microsoft Windows Hardware Compatibility Publisher -> Intel Corporation)
ContextMenuHandlers5: [NvCplDesktopContext] -> {3D1975AF-48C6-4f8e-A182-BE0E08FA86A9} => C:\WINDOWS\system32\nvshext.dll [2016-12-29] (NVIDIA Corporation -> NVIDIA Corporation)
ContextMenuHandlers6: [Offline Files] -> {474C98EE-CF3D-41f5-80E3-4AAB0AB04301} => -> No File

==================== Codecs (Whitelisted) ====================

==================== Shortcuts & WMI ========================

(The entries could be listed to be restored or removed.)

WMI:subscription\__FilterToConsumerBinding->CommandLineEventConsumer.Name=\"BVTConsumer\"",Filter="__EventFilter.Name=\"BVTFilter\"::
WMI:subscription\__EventFilter->BVTFilter::[Query => SELECT * FROM __InstanceModificationEvent WITHIN 60 WHERE TargetInstance ISA "Win32_Processor" AND TargetInstance.LoadPercentage > 99]
WMI:subscription\CommandLineEventConsumer->BVTConsumer::[CommandLineTemplate => cscript KernCap.vbs][WorkingDirectory => C:\\tools\\kernrate]

==================== Loaded Modules (Whitelisted) =============

2011-07-21 14:44 - 2010-03-03 08:37 - 001892352 _____ (Apache Software Foundation) [File not signed] C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\UNS\xerces-c_2_7.dll
2011-07-21 14:44 - 2010-03-03 08:37 - 000077824 _____ (Intel Corporation) [File not signed] C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\UNS\DTMessageLib.dll
2011-07-21 14:44 - 2010-03-03 08:32 - 000069632 _____ (Intel Corporation) [File not signed] C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\UNS\StatusStrings.dll
2011-06-17 01:31 - 2011-06-17 01:31 - 000044544 _____ (NewTech Infosystems, Inc.) [File not signed] C:\Program Files (x86)\NewTech Infosystems\Acer Backup Manager\agent_stub.dll
2011-06-17 02:14 - 2011-06-17 02:14 - 000327680 _____ (NewTech Infosystems, Inc.) [File not signed] C:\Program Files (x86)\NewTech Infosystems\Acer Backup Manager\IShadowS3.dll
2011-06-17 01:39 - 2011-06-17 01:39 - 000405504 _____ (NewTech Infosystems, Inc.) [File not signed] C:\Program Files (x86)\NewTech Infosystems\Acer Backup Manager\ISchedule.DLL
2011-06-17 01:38 - 2011-06-17 01:38 - 000044544 _____ (NewTech Infosystems, Inc.) [File not signed] C:\Program Files (x86)\NewTech Infosystems\Acer Backup Manager\Pehook.DLL
2011-06-17 01:41 - 2011-06-17 01:41 - 000355328 _____ (NewTech Infosystems, Inc.) [File not signed] C:\Program Files (x86)\NewTech Infosystems\Acer Backup Manager\SyncDll.DLL
2011-06-17 01:30 - 2011-06-17 01:30 - 000058368 _____ (NewTech Infosystems, Inc.) [File not signed] C:\Program Files (x86)\NewTech Infosystems\Acer Backup Manager\VssAgent.dll

==================== Alternate Data Streams (Whitelisted) ========

==================== Safe Mode (Whitelisted) ==================

==================== Association (Whitelisted) =================

==================== Internet Explorer (Whitelisted) ==========

HKLM\Software\Microsoft\Internet Explorer\Main,Start Page = hxxp//go.microsoft.com/fwlink/p/?LinkId=255141
HKLM\Software\Wow6432Node\Microsoft\Internet Explorer\Main,Start Page = hxxp//go.microsoft.com/fwlink/p/?LinkId=255141
HKLM\Software\Microsoft\Internet Explorer\Main,Search Page = hxxp//go.microsoft.com/fwlink/?LinkId=54896
HKLM\Software\Wow6432Node\Microsoft\Internet Explorer\Main,Search Page = hxxp//go.microsoft.com/fwlink/?LinkId=54896
HKLM\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = hxxp//go.microsoft.com/fwlink/p/?LinkId=255141
HKLM\Software\Wow6432Node\Microsoft\Internet Explorer\Main,Default_Page_URL = hxxp//go.microsoft.com/fwlink/p/?LinkId=255141
HKLM\Software\Microsoft\Internet Explorer\Main,Default_Search_URL = hxxp//go.microsoft.com/fwlink/?LinkId=54896
HKLM\Software\Wow6432Node\Microsoft\Internet Explorer\Main,Default_Search_URL = hxxp//go.microsoft.com/fwlink/?LinkId=54896
HKU\S-1-5-19\Software\Microsoft\Internet Explorer\Main,Search Page = hxxp//go.microsoft.com/fwlink/?LinkId=54896
HKU\S-1-5-20\Software\Microsoft\Internet Explorer\Main,Search Page = hxxp//go.microsoft.com/fwlink/?LinkId=54896
HKU\S-1-5-21-3587155836-1829602570-1434191566-1000\Software\Microsoft\Internet Explorer\Main,Search Page = hxxp//go.microsoft.com/fwlink/?LinkId=54896
HKU\S-1-5-21-3587155836-1829602570-1434191566-1001\Software\Microsoft\Internet Explorer\Main,Search Page = hxxp//go.microsoft.com/fwlink/?LinkId=54896
HKU\S-1-5-21-3587155836-1829602570-1434191566-1001\Software\Microsoft\Internet Explorer\Main,Start Page = hxxps//go.microsoft.com/fwlink/p/?LinkId=619797&pc=UE01&ocid=UE01DHP
HKU\S-1-5-21-3587155836-1829602570-1434191566-1001\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = hxxp//acer.msn.com
SearchScopes: HKLM -> DefaultScope {0633EE93-D776-472f-A0FF-E1416B8B2E3A} URL = hxxp//www.bing.com/search?q={searchTerms}&for ... -SearchBox
SearchScopes: HKLM -> {0633EE93-D776-472f-A0FF-E1416B8B2E3A} URL = hxxp//www.bing.com/search?q={searchTerms}&for ... -SearchBox
SearchScopes: HKLM-x32 -> DefaultScope {0633EE93-D776-472f-A0FF-E1416B8B2E3A} URL = hxxp//www.bing.com/search?q={searchTerms}&for ... -SearchBox
SearchScopes: HKLM-x32 -> {0633EE93-D776-472f-A0FF-E1416B8B2E3A} URL = hxxp//www.bing.com/search?q={searchTerms}&for ... -SearchBox
SearchScopes: HKU\S-1-5-21-3587155836-1829602570-1434191566-1001 -> DefaultScope {0633EE93-D776-472f-A0FF-E1416B8B2E3A} URL =
SearchScopes: HKU\S-1-5-21-3587155836-1829602570-1434191566-1001 -> {0633EE93-D776-472f-A0FF-E1416B8B2E3A} URL =
BHO: Office Document Cache Handler -> {B4F3A835-0E21-4959-BA22-42B3008E02FF} -> C:\Program Files\Microsoft Office\Office14\URLREDIR.DLL [2013-03-06] (Microsoft Corporation -> Microsoft Corporation)
BHO-x32: Office Document Cache Handler -> {B4F3A835-0E21-4959-BA22-42B3008E02FF} -> C:\Program Files (x86)\Microsoft Office\Office14\URLREDIR.DLL [2013-03-06] (Microsoft Corporation -> Microsoft Corporation)
Toolbar: HKLM - avast! Online Security - {318A227B-5E9F-45bd-8999-7F8F10CA4CF5} - No File
Toolbar: HKLM - No Name - {CC1A175A-E45B-41ED-A30C-C9B1D7A0C02F} - No File

(If an entry is included in the fixlist, it will be removed from the registry.)

IE trusted site: HKU\S-1-5-21-3587155836-1829602570-1434191566-1001\...\*.capgemini.com -> hxxp://*.capgemini.com
IE trusted site: HKU\S-1-5-21-3587155836-1829602570-1434191566-1001\...\*.capgemini.com -> hxxps://*.capgemini.com
IE trusted site: HKU\S-1-5-21-3587155836-1829602570-1434191566-1001\...\*.csob.cz -> hxxps://*.csob.cz
IE trusted site: HKU\S-1-5-21-3587155836-1829602570-1434191566-1001\...\*.csob.sk -> hxxps://*.csob.sk
IE trusted site: HKU\S-1-5-21-3587155836-1829602570-1434191566-1001\...\*.erasvet.cz -> hxxps://*.erasvet.cz
IE trusted site: HKU\S-1-5-21-3587155836-1829602570-1434191566-1001\...\*.ica.cz -> hxxp://*.ica.cz
IE trusted site: HKU\S-1-5-21-3587155836-1829602570-1434191566-1001\...\*.ica.cz -> hxxps://*.ica.cz
IE trusted site: HKU\S-1-5-21-3587155836-1829602570-1434191566-1001\...\*.postovnisporitelna.cz -> hxxps://*.postovnisporitelna.cz
IE trusted site: HKU\S-1-5-21-3587155836-1829602570-1434191566-1001\...\*.proebiz.com -> hxxp://*.proebiz.com
IE trusted site: HKU\S-1-5-21-3587155836-1829602570-1434191566-1001\...\*.proebiz.com -> hxxps://*.proebiz.com

==================== Hosts content: =========================

(If needed Hosts: directive could be included in the fixlist to reset Hosts.)

2009-07-14 04:34 - 2019-01-07 09:13 - 000000826 _____ C:\WINDOWS\system32\drivers\etc\hosts

==================== Other Areas ===========================

(Currently there is no automatic fix for this section.)

HKLM\System\CurrentControlSet\Control\Session Manager\Environment\\Path -> C:\Program Files (x86)\NVIDIA Corporation\PhysX\Common;C:\Program Files\Common Files\Microsoft Shared\Windows Live;C:\Program Files (x86)\Common Files\Microsoft Shared\Windows Live;%SystemRoot%\system32;%SystemRoot%;%SystemRoot%\System32\Wbem;%SYSTEMROOT%\System32\WindowsPowerShell\v1.0\;C:\Program Files (x86)\Windows Live\Shared;%SYSTEMROOT%\System32\OpenSSH\
HKU\S-1-5-21-3587155836-1829602570-1434191566-1000\Control Panel\Desktop\\Wallpaper ->
HKU\S-1-5-21-3587155836-1829602570-1434191566-1001\Control Panel\Desktop\\Wallpaper -> C:\Windows\web\wallpaper\Acer01.jpg
DNS Servers: 192.168.2.254
HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Policies\System => (ConsentPromptBehaviorAdmin: 0) (ConsentPromptBehaviorUser: 3) (EnableLUA: 1)
HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer => (SmartScreenEnabled: RequireAdmin)
HKLM\software\microsoft\Windows\CurrentVersion\Telephony\Providers => ProviderFileName2 -> ndptsp.tsp (No File)
Windows Firewall is enabled.

Uživatelský avatar
Rudy
Site Admin
Site Admin
Příspěvky: 118715
Registrován: 30 říj 2003 13:42
Bydliště: Plzeň
Kontaktovat uživatele:

Re: Prosím o kontrolu logu

#2 Příspěvek od Rudy »

Zdravím!
Spusťte tuto utilitu:
Ulozte na plochu AdwCleaner https://malwarebytes.com/adwcleaner/ nebo http://www.bleepingcomputer.com/download/adwcleaner/

ukoncete vsechny programy
odsouhlaste licencni podmiky (EULA) klikem na Souhlasim
kliknete pravym na ikonu AdwCleaneru a vyberte Spustit jako spravce (v pripade Win XP spustte obycejne dvojklikem)
kliknete na Skenovat nyni (Scan now), pote na Cisteni a opravy (Clean and Repair)
po restartu na Vas vyskoci log (pripadne jej najdete v C:\AdwCleaner\Logs\AdwCleaner[Cxx].txt), jehoz obsah zkopirujte do pristi odpovedi
Dotazy a logy vkládejte pouze do vašich threadů. Soukromé zprávy, icq a e-maily neslouží k řešení vašich problémů.

Podpořte, prosím, naše fórum : https://platba.viry.cz/payment/.

Navštivte: Obrázek

e-mail: rudy(zavináč)forum.viry.cz

Varování:
Před odvirováním PC si udělejte zálohy svých důležitých dat (pošta, kontakty, dokumenty, fotografie, videa, hudba apod.). Virus mimo svých "viditelných" aktivit může poškodit systém!


Po dořešení vašeho problému bude vlákno zamknuto. Stejně tak tehdy, pokud bude nečinné více než 14dnů. Pokud budete chtít vlákno aktivovat, napište mi na mail uvedený výše.

Pitrisek
Vzorný návštěvník
Vzorný návštěvník
Příspěvky: 149
Registrován: 17 bře 2006 11:56

Re: Prosím o kontrolu logu

#3 Příspěvek od Pitrisek »

Zasílám foto AdwCleaner po scanu. Bohužel se neobjevilo tlařítko Clean and Repair.

Zasílám log z AdwCleaner:

# -------------------------------
# Malwarebytes AdwCleaner 8.3.0.0
# -------------------------------
# Build: 06-29-2021
# Database: 2021-10-26.1 (Cloud)
# Support: https://www.malwarebytes.com/support
#
# -------------------------------
# Mode: Scan
# -------------------------------
# Start: 10-28-2021
# Duration: 00:00:40
# OS: Windows 10 Home
# Scanned: 32013
# Detected: 10


***** [ Services ] *****

No malicious services found.

***** [ Folders ] *****

No malicious folders found.

***** [ Files ] *****

No malicious files found.

***** [ DLL ] *****

No malicious DLLs found.

***** [ WMI ] *****

No malicious WMI found.

***** [ Shortcuts ] *****

No malicious shortcuts found.

***** [ Tasks ] *****

No malicious tasks found.

***** [ Registry ] *****

No malicious registry entries found.

***** [ Chromium (and derivatives) ] *****

No malicious Chromium entries found.

***** [ Chromium URLs ] *****

No malicious Chromium URLs found.

***** [ Firefox (and derivatives) ] *****

No malicious Firefox entries found.

***** [ Firefox URLs ] *****

No malicious Firefox URLs found.

***** [ Hosts File Entries ] *****

No malicious hosts file entries found.

***** [ Preinstalled Software ] *****

Preinstalled.AcerGames Folder C:\Program Files (x86)\ACER GAMES
Preinstalled.AcerIdentityCard Folder C:\Program Files (x86)\ACER\IDENTITY CARD
Preinstalled.AcerPowerManagement Folder C:\Program Files\ACER\ACER EPOWER MANAGEMENT
Preinstalled.AcerUpdater Folder C:\Program Files\ACER\ACER UPDATER
Preinstalled.AcerUpdater Folder C:\ProgramData\ACER\ACER UPDATER
Preinstalled.GatewayMyBackup Folder C:\Program Files (x86)\NEWTECH INFOSYSTEMS
Preinstalled.GatewayMyBackup Registry HKLM\Software\Microsoft\Shared Tools\MSConfig\startupreg\BackupManagerTray
Preinstalled.WildTangentGamesBundle Folder C:\Program Files (x86)\WILDTANGENT GAMES
Preinstalled.WildTangentGamesBundle Registry HKLM\Software\Wow6432Node\\Microsoft\Windows\CurrentVersion\Uninstall\WildTangentGameProvider-acer-main
Preinstalled.WildTangentGamesBundle Registry HKU\S-1-5-21-3587155836-1829602570-1434191566-1000\Software\Microsoft\Internet Explorer\Low Rights\ElevationPolicy\{7A97880C-7DD3-4C6E-8DE0-881B1FC02BE6}



########## EOF - C:\AdwCleaner\Logs\AdwCleaner[S00].txt ##########
Přílohy
AdwCleaner.jpg
AdwCleaner.jpg (45.31 KiB) Zobrazeno 7161 x

Uživatelský avatar
Rudy
Site Admin
Site Admin
Příspěvky: 118715
Registrován: 30 říj 2003 13:42
Bydliště: Plzeň
Kontaktovat uživatele:

Re: Prosím o kontrolu logu

#4 Příspěvek od Rudy »

Preinstalled jsou neškodné utility od Aceru a jinak nic nenašel. Otevřte poznámkový blok a zkopírujte do něj:
Start

CloseProcesses:
HKLM\Software\...\Authentication\Credential Providers: [{503739d0-4c5e-4cfd-b3ba-d881334f0df2}] ->
HKLM\SOFTWARE\Policies\Mozilla\Firefox: Restriction <==== ATTENTION
Task: {17DE4457-3918-4A0B-B9C5-F8BD1D85AD8C} - \Microsoft\Windows\Setup\GWXTriggers\Time-5d -> No File <==== ATTENTION
Task: {32258A9A-E058-4E69-9D2E-94D2218F0DDF} - \CCleanerSkipUAC -> No File <==== ATTENTION
Task: {3DB505EE-ADFF-4CFD-B13A-51733FA6A856} - \Microsoft\Windows\Setup\GWXTriggers\OnIdle-5d -> No File <==== ATTENTION
Task: {3F9EB34B-1327-4B74-B9A1-563BF44BF8A7} - \Microsoft\Windows\Setup\GWXTriggers\MachineUnlock-5d -> No File <==== ATTENTION
Task: {426CECC7-B358-4704-B72D-B955873AC47C} - \Microsoft\Windows\Setup\gwx\rundetector -> No File <==== ATTENTION
Task: {440AFBDE-50C6-4E02-AA03-9E1C2C627793} - \Microsoft\Windows\Setup\gwx\refreshgwxconfigandcontent -> No File <==== ATTENTION
Task: {5C3D7346-36E0-4229-AC69-7EF480388C4F} - \Microsoft\Windows\Setup\GWXTriggers\Logon-5d -> No File <==== ATTENTION
Task: {630A953C-DD28-4062-9B6B-59891823BB79} - \Microsoft\Windows\UNP\RunCampaignManager -> No File <==== ATTENTION
Task: {97C4B3D0-7BAF-4AFD-B801-65775B8C2736} - \Microsoft\Windows\Setup\GWXTriggers\ScheduleUpgradeTime -> No File <==== ATTENTION
Task: {98CACF22-8626-4E2D-AD81-8782632A5C7E} - \Microsoft\Windows\Setup\GWXTriggers\OutOfSleep-5d -> No File <==== ATTENTION
Task: {A305004B-69AD-4263-A240-6718B89FAC53} - \Microsoft\Windows\Setup\gwx\refreshgwxcontent -> No File <==== ATTENTION
Task: {B8433DAE-E6B1-4A65-9BCC-517D291CAB5D} - \Microsoft\Windows\Setup\GWXTriggers\ScheduleUpgradeReminderTime -> No File <==== ATTENTION
Task: {C2297531-A7CF-4372-A52A-2C64264AC04E} - \Microsoft\Windows\Setup\gwx\launchtrayprocess -> No File <==== ATTENTION
Task: {EC9EA234-361A-42E3-9CEC-DF89ECC2C57B} - \Microsoft\Windows\Setup\gwx\refreshgwxconfig -> No File <==== ATTENTION
Task: {EE57812C-AA69-4D49-BBDE-F35856272F99} - \Microsoft\Windows\Setup\GWXTriggers\OutOfIdle-5d -> No File <==== ATTENTION
Task: {F34961B0-D940-4F3F-A108-AA7D3FC0BFD1} - \Microsoft\Windows\Setup\GWXTriggers\refreshgwxconfig-B -> No File <==== ATTENTION
Edge Extension: (No Name) -> AutoFormFill_5ED10D46BD7E47DEB1F3685D2C0FCE08 => C:\Windows\SystemApps\Microsoft.MicrosoftEdge_8wekyb3d8bbwe\Assets\HostExtensions\AutoFormFill [not found]
Edge Extension: (No Name) -> BookReader_B171F20233094AC88D05A8EF7B9763E8 => C:\Windows\SystemApps\Microsoft.MicrosoftEdge_8wekyb3d8bbwe\Assets\BookViewer [not found]
Edge Extension: (No Name) -> LearningTools_7706F933-971C-41D1-9899-8A026EB5D824 => C:\Windows\SystemApps\Microsoft.MicrosoftEdge_8wekyb3d8bbwe\Assets\HostExtensions\LearningTools [not found]
Edge Extension: (No Name) -> PinJSAPI_EC01B57063BE468FAB6DB7EBFC3BF368 => C:\Windows\SystemApps\Microsoft.MicrosoftEdge_8wekyb3d8bbwe\Assets\HostExtensions\PinJSAPI [not found]
U3 idsvc; no ImagePath
C:\DumpStack.log.tmp
ShellIconOverlayIdentifiers: [00asw] -> {472083B0-C522-11CF-8763-00608CC02F24} => -> No File
ShellIconOverlayIdentifiers: [00avast] -> {472083B0-C522-11CF-8763-00608CC02F24} => -> No File
ContextMenuHandlers3: [MWLIVShellExt] -> {B1B294FE-EC1E-4fef-AF68-D34CE3E38157} => -> No File
ContextMenuHandlers4: [Offline Files] -> {474C98EE-CF3D-41f5-80E3-4AAB0AB04301} => -> No File
ContextMenuHandlers5: [Gadgets] -> {6B9228DA-9C15-419e-856C-19E768A13BDC} => -> No File
ContextMenuHandlers6: [Offline Files] -> {474C98EE-CF3D-41f5-80E3-4AAB0AB04301} => -> No File
SearchScopes: HKLM -> DefaultScope {0633EE93-D776-472f-A0FF-E1416B8B2E3A} URL = hxxp//www.bing.com/search?q={searchTerms}&for ... -SearchBox
SearchScopes: HKLM -> {0633EE93-D776-472f-A0FF-E1416B8B2E3A} URL = hxxp//www.bing.com/search?q={searchTerms}&for ... -SearchBox
SearchScopes: HKLM-x32 -> DefaultScope {0633EE93-D776-472f-A0FF-E1416B8B2E3A} URL = hxxp//www.bing.com/search?q={searchTerms}&for ... -SearchBox
SearchScopes: HKLM-x32 -> {0633EE93-D776-472f-A0FF-E1416B8B2E3A} URL = hxxp//www.bing.com/search?q={searchTerms}&for ... -SearchBox
SearchScopes: HKU\S-1-5-21-3587155836-1829602570-1434191566-1001 -> DefaultScope {0633EE93-D776-472f-A0FF-E1416B8B2E3A} URL =
SearchScopes: HKU\S-1-5-21-3587155836-1829602570-1434191566-1001 -> {0633EE93-D776-472f-A0FF-E1416B8B2E3A} URL =
HKLM\software\microsoft\Windows\CurrentVersion\Telephony\Providers => ProviderFileName2 -> ndptsp.tsp (No File)

EmptyTemp:
End
Uložte na plochu jako fixlist.txt. Spusťte znovu FRST a klikněte na >Fix<. Po skončení akce se objeví log, který sem zkopírujte.
Dotazy a logy vkládejte pouze do vašich threadů. Soukromé zprávy, icq a e-maily neslouží k řešení vašich problémů.

Podpořte, prosím, naše fórum : https://platba.viry.cz/payment/.

Navštivte: Obrázek

e-mail: rudy(zavináč)forum.viry.cz

Varování:
Před odvirováním PC si udělejte zálohy svých důležitých dat (pošta, kontakty, dokumenty, fotografie, videa, hudba apod.). Virus mimo svých "viditelných" aktivit může poškodit systém!


Po dořešení vašeho problému bude vlákno zamknuto. Stejně tak tehdy, pokud bude nečinné více než 14dnů. Pokud budete chtít vlákno aktivovat, napište mi na mail uvedený výše.

Pitrisek
Vzorný návštěvník
Vzorný návštěvník
Příspěvky: 149
Registrován: 17 bře 2006 11:56

Re: Prosím o kontrolu logu

#5 Příspěvek od Pitrisek »

Log po fixu v FRST:

Fix result of Farbar Recovery Scan Tool (x64) Version: 20-10-2021
Ran by Miloš Švrček (28-10-2021 18:13:00) Run:1
Running from C:\Users\Miloš Švrček\Desktop
Loaded Profiles: UpdatusUser & Miloš Švrček
Boot Mode: Normal
==============================================

fixlist content:
*****************
Start

CloseProcesses:
HKLM\Software\...\Authentication\Credential Providers: [{503739d0-4c5e-4cfd-b3ba-d881334f0df2}] ->
HKLM\SOFTWARE\Policies\Mozilla\Firefox: Restriction <==== ATTENTION
Task: {17DE4457-3918-4A0B-B9C5-F8BD1D85AD8C} - \Microsoft\Windows\Setup\GWXTriggers\Time-5d -> No File <==== ATTENTION
Task: {32258A9A-E058-4E69-9D2E-94D2218F0DDF} - \CCleanerSkipUAC -> No File <==== ATTENTION
Task: {3DB505EE-ADFF-4CFD-B13A-51733FA6A856} - \Microsoft\Windows\Setup\GWXTriggers\OnIdle-5d -> No File <==== ATTENTION
Task: {3F9EB34B-1327-4B74-B9A1-563BF44BF8A7} - \Microsoft\Windows\Setup\GWXTriggers\MachineUnlock-5d -> No File <==== ATTENTION
Task: {426CECC7-B358-4704-B72D-B955873AC47C} - \Microsoft\Windows\Setup\gwx\rundetector -> No File <==== ATTENTION
Task: {440AFBDE-50C6-4E02-AA03-9E1C2C627793} - \Microsoft\Windows\Setup\gwx\refreshgwxconfigandcontent -> No File <==== ATTENTION
Task: {5C3D7346-36E0-4229-AC69-7EF480388C4F} - \Microsoft\Windows\Setup\GWXTriggers\Logon-5d -> No File <==== ATTENTION
Task: {630A953C-DD28-4062-9B6B-59891823BB79} - \Microsoft\Windows\UNP\RunCampaignManager -> No File <==== ATTENTION
Task: {97C4B3D0-7BAF-4AFD-B801-65775B8C2736} - \Microsoft\Windows\Setup\GWXTriggers\ScheduleUpgradeTime -> No File <==== ATTENTION
Task: {98CACF22-8626-4E2D-AD81-8782632A5C7E} - \Microsoft\Windows\Setup\GWXTriggers\OutOfSleep-5d -> No File <==== ATTENTION
Task: {A305004B-69AD-4263-A240-6718B89FAC53} - \Microsoft\Windows\Setup\gwx\refreshgwxcontent -> No File <==== ATTENTION
Task: {B8433DAE-E6B1-4A65-9BCC-517D291CAB5D} - \Microsoft\Windows\Setup\GWXTriggers\ScheduleUpgradeReminderTime -> No File <==== ATTENTION
Task: {C2297531-A7CF-4372-A52A-2C64264AC04E} - \Microsoft\Windows\Setup\gwx\launchtrayprocess -> No File <==== ATTENTION
Task: {EC9EA234-361A-42E3-9CEC-DF89ECC2C57B} - \Microsoft\Windows\Setup\gwx\refreshgwxconfig -> No File <==== ATTENTION
Task: {EE57812C-AA69-4D49-BBDE-F35856272F99} - \Microsoft\Windows\Setup\GWXTriggers\OutOfIdle-5d -> No File <==== ATTENTION
Task: {F34961B0-D940-4F3F-A108-AA7D3FC0BFD1} - \Microsoft\Windows\Setup\GWXTriggers\refreshgwxconfig-B -> No File <==== ATTENTION
Edge Extension: (No Name) -> AutoFormFill_5ED10D46BD7E47DEB1F3685D2C0FCE08 => C:\Windows\SystemApps\Microsoft.MicrosoftEdge_8wekyb3d8bbwe\Assets\HostExtensions\AutoFormFill [not found]
Edge Extension: (No Name) -> BookReader_B171F20233094AC88D05A8EF7B9763E8 => C:\Windows\SystemApps\Microsoft.MicrosoftEdge_8wekyb3d8bbwe\Assets\BookViewer [not found]
Edge Extension: (No Name) -> LearningTools_7706F933-971C-41D1-9899-8A026EB5D824 => C:\Windows\SystemApps\Microsoft.MicrosoftEdge_8wekyb3d8bbwe\Assets\HostExtensions\LearningTools [not found]
Edge Extension: (No Name) -> PinJSAPI_EC01B57063BE468FAB6DB7EBFC3BF368 => C:\Windows\SystemApps\Microsoft.MicrosoftEdge_8wekyb3d8bbwe\Assets\HostExtensions\PinJSAPI [not found]
U3 idsvc; no ImagePath
C:\DumpStack.log.tmp
ShellIconOverlayIdentifiers: [00asw] -> {472083B0-C522-11CF-8763-00608CC02F24} => -> No File
ShellIconOverlayIdentifiers: [00avast] -> {472083B0-C522-11CF-8763-00608CC02F24} => -> No File
ContextMenuHandlers3: [MWLIVShellExt] -> {B1B294FE-EC1E-4fef-AF68-D34CE3E38157} => -> No File
ContextMenuHandlers4: [Offline Files] -> {474C98EE-CF3D-41f5-80E3-4AAB0AB04301} => -> No File
ContextMenuHandlers5: [Gadgets] -> {6B9228DA-9C15-419e-856C-19E768A13BDC} => -> No File
ContextMenuHandlers6: [Offline Files] -> {474C98EE-CF3D-41f5-80E3-4AAB0AB04301} => -> No File
SearchScopes: HKLM -> DefaultScope {0633EE93-D776-472f-A0FF-E1416B8B2E3A} URL = hxxp//www.bing.com/search?q={searchTerms}&for ... -SearchBox
SearchScopes: HKLM -> {0633EE93-D776-472f-A0FF-E1416B8B2E3A} URL = hxxp//www.bing.com/search?q={searchTerms}&for ... -SearchBox
SearchScopes: HKLM-x32 -> DefaultScope {0633EE93-D776-472f-A0FF-E1416B8B2E3A} URL = hxxp//www.bing.com/search?q={searchTerms}&for ... -SearchBox
SearchScopes: HKLM-x32 -> {0633EE93-D776-472f-A0FF-E1416B8B2E3A} URL = hxxp//www.bing.com/search?q={searchTerms}&for ... -SearchBox
SearchScopes: HKU\S-1-5-21-3587155836-1829602570-1434191566-1001 -> DefaultScope {0633EE93-D776-472f-A0FF-E1416B8B2E3A} URL =
SearchScopes: HKU\S-1-5-21-3587155836-1829602570-1434191566-1001 -> {0633EE93-D776-472f-A0FF-E1416B8B2E3A} URL =
HKLM\software\microsoft\Windows\CurrentVersion\Telephony\Providers => ProviderFileName2 -> ndptsp.tsp (No File)

EmptyTemp:
End
*****************

Processes closed successfully.
"HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Authentication\Credential Providers\{503739d0-4c5e-4cfd-b3ba-d881334f0df2}" => removed successfully
HKLM\SOFTWARE\Policies\Mozilla => removed successfully
"HKLM\Software\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Plain\{17DE4457-3918-4A0B-B9C5-F8BD1D85AD8C}" => removed successfully
"HKLM\Software\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tasks\{17DE4457-3918-4A0B-B9C5-F8BD1D85AD8C}" => removed successfully
"HKLM\Software\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tree\Microsoft\Windows\Setup\GWXTriggers\Time-5d" => removed successfully
"HKLM\Software\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Plain\{32258A9A-E058-4E69-9D2E-94D2218F0DDF}" => removed successfully
"HKLM\Software\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tasks\{32258A9A-E058-4E69-9D2E-94D2218F0DDF}" => removed successfully
"HKLM\Software\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tree\CCleanerSkipUAC" => not found
"HKLM\Software\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Plain\{3DB505EE-ADFF-4CFD-B13A-51733FA6A856}" => removed successfully
"HKLM\Software\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tasks\{3DB505EE-ADFF-4CFD-B13A-51733FA6A856}" => removed successfully
"HKLM\Software\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tree\Microsoft\Windows\Setup\GWXTriggers\OnIdle-5d" => removed successfully
"HKLM\Software\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Plain\{3F9EB34B-1327-4B74-B9A1-563BF44BF8A7}" => removed successfully
"HKLM\Software\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tasks\{3F9EB34B-1327-4B74-B9A1-563BF44BF8A7}" => removed successfully
"HKLM\Software\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tree\Microsoft\Windows\Setup\GWXTriggers\MachineUnlock-5d" => removed successfully
"HKLM\Software\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Plain\{426CECC7-B358-4704-B72D-B955873AC47C}" => removed successfully
"HKLM\Software\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tasks\{426CECC7-B358-4704-B72D-B955873AC47C}" => removed successfully
"HKLM\Software\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tree\Microsoft\Windows\Setup\gwx\rundetector" => removed successfully
"HKLM\Software\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Plain\{440AFBDE-50C6-4E02-AA03-9E1C2C627793}" => removed successfully
"HKLM\Software\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tasks\{440AFBDE-50C6-4E02-AA03-9E1C2C627793}" => removed successfully
"HKLM\Software\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tree\Microsoft\Windows\Setup\gwx\refreshgwxconfigandcontent" => removed successfully
"HKLM\Software\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Logon\{5C3D7346-36E0-4229-AC69-7EF480388C4F}" => removed successfully
"HKLM\Software\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tasks\{5C3D7346-36E0-4229-AC69-7EF480388C4F}" => removed successfully
"HKLM\Software\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tree\Microsoft\Windows\Setup\GWXTriggers\Logon-5d" => removed successfully
"HKLM\Software\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Plain\{630A953C-DD28-4062-9B6B-59891823BB79}" => removed successfully
"HKLM\Software\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tasks\{630A953C-DD28-4062-9B6B-59891823BB79}" => removed successfully
"HKLM\Software\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tree\Microsoft\Windows\UNP\RunCampaignManager" => not found
"HKLM\Software\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Plain\{97C4B3D0-7BAF-4AFD-B801-65775B8C2736}" => removed successfully
"HKLM\Software\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tasks\{97C4B3D0-7BAF-4AFD-B801-65775B8C2736}" => removed successfully
"HKLM\Software\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tree\Microsoft\Windows\Setup\GWXTriggers\ScheduleUpgradeTime" => removed successfully
"HKLM\Software\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Plain\{98CACF22-8626-4E2D-AD81-8782632A5C7E}" => removed successfully
"HKLM\Software\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tasks\{98CACF22-8626-4E2D-AD81-8782632A5C7E}" => removed successfully
"HKLM\Software\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tree\Microsoft\Windows\Setup\GWXTriggers\OutOfSleep-5d" => removed successfully
"HKLM\Software\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Plain\{A305004B-69AD-4263-A240-6718B89FAC53}" => removed successfully
"HKLM\Software\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tasks\{A305004B-69AD-4263-A240-6718B89FAC53}" => removed successfully
"HKLM\Software\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tree\Microsoft\Windows\Setup\gwx\refreshgwxcontent" => removed successfully
"HKLM\Software\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Plain\{B8433DAE-E6B1-4A65-9BCC-517D291CAB5D}" => removed successfully
"HKLM\Software\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tasks\{B8433DAE-E6B1-4A65-9BCC-517D291CAB5D}" => removed successfully
"HKLM\Software\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tree\Microsoft\Windows\Setup\GWXTriggers\ScheduleUpgradeReminderTime" => removed successfully
"HKLM\Software\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Logon\{C2297531-A7CF-4372-A52A-2C64264AC04E}" => removed successfully
"HKLM\Software\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tasks\{C2297531-A7CF-4372-A52A-2C64264AC04E}" => removed successfully
"HKLM\Software\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tree\Microsoft\Windows\Setup\gwx\launchtrayprocess" => removed successfully
"HKLM\Software\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Plain\{EC9EA234-361A-42E3-9CEC-DF89ECC2C57B}" => removed successfully
"HKLM\Software\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tasks\{EC9EA234-361A-42E3-9CEC-DF89ECC2C57B}" => removed successfully
"HKLM\Software\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tree\Microsoft\Windows\Setup\gwx\refreshgwxconfig" => removed successfully
"HKLM\Software\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Plain\{EE57812C-AA69-4D49-BBDE-F35856272F99}" => removed successfully
"HKLM\Software\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tasks\{EE57812C-AA69-4D49-BBDE-F35856272F99}" => removed successfully
"HKLM\Software\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tree\Microsoft\Windows\Setup\GWXTriggers\OutOfIdle-5d" => removed successfully
"HKLM\Software\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Plain\{F34961B0-D940-4F3F-A108-AA7D3FC0BFD1}" => removed successfully
"HKLM\Software\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tasks\{F34961B0-D940-4F3F-A108-AA7D3FC0BFD1}" => removed successfully
"HKLM\Software\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tree\Microsoft\Windows\Setup\GWXTriggers\refreshgwxconfig-B" => removed successfully
HKCU\Software\Classes\Local Settings\Software\Microsoft\Windows\CurrentVersion\AppContainer\Storage\microsoft.microsoftedge_8wekyb3d8bbwe\MicrosoftEdge\ExtensionsStore\datastore\Config\AutoFormFill_5ED10D46BD7E47DEB1F3685D2C0FCE08 => removed successfully
HKCU\Software\Classes\Local Settings\Software\Microsoft\Windows\CurrentVersion\AppContainer\Storage\microsoft.microsoftedge_8wekyb3d8bbwe\MicrosoftEdge\ExtensionsStore\datastore\Config\BookReader_B171F20233094AC88D05A8EF7B9763E8 => removed successfully
HKCU\Software\Classes\Local Settings\Software\Microsoft\Windows\CurrentVersion\AppContainer\Storage\microsoft.microsoftedge_8wekyb3d8bbwe\MicrosoftEdge\ExtensionsStore\datastore\Config\LearningTools_7706F933-971C-41D1-9899-8A026EB5D824 => removed successfully
HKCU\Software\Classes\Local Settings\Software\Microsoft\Windows\CurrentVersion\AppContainer\Storage\microsoft.microsoftedge_8wekyb3d8bbwe\MicrosoftEdge\ExtensionsStore\datastore\Config\PinJSAPI_EC01B57063BE468FAB6DB7EBFC3BF368 => removed successfully
HKLM\System\CurrentControlSet\Services\idsvc => removed successfully
idsvc => service removed successfully
Could not move "C:\DumpStack.log.tmp" => Scheduled to move on reboot.
HKLM\Software\Microsoft\Windows\CurrentVersion\Explorer\ShellIconOverlayIdentifiers\00asw => removed successfully
HKLM\Software\Classes\CLSID\{472083B0-C522-11CF-8763-00608CC02F24} => could not remove, key could be protected
HKLM\Software\Microsoft\Windows\CurrentVersion\Explorer\ShellIconOverlayIdentifiers\00avast => not found
HKLM\Software\Classes\CLSID\{472083B0-C522-11CF-8763-00608CC02F24} => could not remove, key could be protected
HKLM\Software\Classes\AllFileSystemObjects\ShellEx\ContextMenuHandlers\MWLIVShellExt => removed successfully
HKLM\Software\Classes\Directory\ShellEx\ContextMenuHandlers\Offline Files => removed successfully
HKLM\Software\Classes\Directory\Background\ShellEx\ContextMenuHandlers\Gadgets => removed successfully
HKLM\Software\Classes\Folder\ShellEx\ContextMenuHandlers\Offline Files => removed successfully
HKLM\SOFTWARE\Microsoft\Internet Explorer\SearchScopes\\"DefaultScope"="{0633EE93-D776-472f-A0FF-E1416B8B2E3A}" => value restored successfully
HKLM\SOFTWARE\Microsoft\Internet Explorer\SearchScopes\{0633EE93-D776-472f-A0FF-E1416B8B2E3A} => removed successfully
HKLM\SOFTWARE\Wow6432Node\Microsoft\Internet Explorer\SearchScopes\\"DefaultScope"="{0633EE93-D776-472f-A0FF-E1416B8B2E3A}" => value restored successfully
HKLM\SOFTWARE\Wow6432Node\Microsoft\Internet Explorer\SearchScopes\{0633EE93-D776-472f-A0FF-E1416B8B2E3A} => removed successfully
"HKU\S-1-5-21-3587155836-1829602570-1434191566-1001\SOFTWARE\Microsoft\Internet Explorer\SearchScopes\\DefaultScope" => removed successfully
HKU\S-1-5-21-3587155836-1829602570-1434191566-1001\SOFTWARE\Microsoft\Internet Explorer\SearchScopes\{0633EE93-D776-472f-A0FF-E1416B8B2E3A} => removed successfully
HKLM\software\microsoft\Windows\CurrentVersion\Telephony\Providers => ProviderFileName2 -> ndptsp.tsp (No File) => Error: No automatic fix found for this entry.

=========== EmptyTemp: ==========

BITS transfer queue => 1310720 B
DOMStore, IE Recovery, AppCache, Feeds Cache, Thumbcache, IconCache => 29466641 B
Java, Flash, Steam htmlcache => 1199 B
Windows/system/drivers => 22089080 B
Edge => 3363781 B
Firefox => 205865036 B
Opera => 0 B

Temp, IE cache, history, cookies, recent:
Default => 0 B
ProgramData => 0 B
Public => 0 B
systemprofile => 0 B
systemprofile32 => 0 B
LocalService => 8144 B
NetworkService => 588197982 B
UpdatusUser => 588197982 B
Miloš Švrček => 749973883 B
DefaultAppPool => 749973883 B

RecycleBin => 1971 B
EmptyTemp: => 2.7 GB temporary data Removed.

================================

Result of scheduled files to move (Boot Mode: Normal) (Date&Time: 28-10-2021 18:19:04)

C:\DumpStack.log.tmp => Could not move

Result of scheduled keys to remove after reboot:

HKLM\Software\Classes\CLSID\{472083B0-C522-11CF-8763-00608CC02F24} => could not remove, key could be protected
HKLM\Software\Classes\CLSID\{472083B0-C522-11CF-8763-00608CC02F24} => could not remove, key could be protected

==== End of Fixlog 18:19:45 ====

Uživatelský avatar
Rudy
Site Admin
Site Admin
Příspěvky: 118715
Registrován: 30 říj 2003 13:42
Bydliště: Plzeň
Kontaktovat uživatele:

Re: Prosím o kontrolu logu

#6 Příspěvek od Rudy »

Smazáno. Zrychlil se PC?
Dotazy a logy vkládejte pouze do vašich threadů. Soukromé zprávy, icq a e-maily neslouží k řešení vašich problémů.

Podpořte, prosím, naše fórum : https://platba.viry.cz/payment/.

Navštivte: Obrázek

e-mail: rudy(zavináč)forum.viry.cz

Varování:
Před odvirováním PC si udělejte zálohy svých důležitých dat (pošta, kontakty, dokumenty, fotografie, videa, hudba apod.). Virus mimo svých "viditelných" aktivit může poškodit systém!


Po dořešení vašeho problému bude vlákno zamknuto. Stejně tak tehdy, pokud bude nečinné více než 14dnů. Pokud budete chtít vlákno aktivovat, napište mi na mail uvedený výše.

Pitrisek
Vzorný návštěvník
Vzorný návštěvník
Příspěvky: 149
Registrován: 17 bře 2006 11:56

Re: Prosím o kontrolu logu

#7 Příspěvek od Pitrisek »

Ano, PC zapínání, vypínání, otevírání složek se zrychlilo, bohužel otevírání webového prohlížeče Firefox trvá velmi dlouho. Děkuji

Uživatelský avatar
Rudy
Site Admin
Site Admin
Příspěvky: 118715
Registrován: 30 říj 2003 13:42
Bydliště: Plzeň
Kontaktovat uživatele:

Re: Prosím o kontrolu logu

#8 Příspěvek od Rudy »

Spusťte postupně tyto utility:

1. Stahnete Zoek.exe https://www.edisk.cz/stahni/21334/zoek.rar_1.3MB.html/ a ulozte jej na plochu

Pokud pouzivate Win Vista ci W7, kliknete na Zoek pravym a dejte Run As Administrator ci Spustit jako spravce
Do okna vlozte skript nize




autoclean;
resethosts;
emptyclsid;
IEdefaults;
FFdefaults;
CHRdefaults;
emptyIEcache;
emptyFFcache;
emptyCHRcache;
emptyalltemp;
emptyflash;
emptyjava;
emptyrecycle.bin;




Nasledne kliknete na Run Script
PC provede opravu, restartuje se a da Vam log, jeho obsah vlozte sem.

a

2. Junkware removal tool: https://www.stahuj.cz/utility_a_ostatni ... oval-tool/
•Ulozte nejlepe na plochu
•Po spusteni se zobrazi licencni podminky, stisknete libovolnou klavesu
•Probehne vytvoreni zalohy a nasledne prohledavani
•Probehne skenovani a pak se objevi log, pripadne bude ulozen v c:\JRT jako JRT.txt, ten sem vlozte.
Dotazy a logy vkládejte pouze do vašich threadů. Soukromé zprávy, icq a e-maily neslouží k řešení vašich problémů.

Podpořte, prosím, naše fórum : https://platba.viry.cz/payment/.

Navštivte: Obrázek

e-mail: rudy(zavináč)forum.viry.cz

Varování:
Před odvirováním PC si udělejte zálohy svých důležitých dat (pošta, kontakty, dokumenty, fotografie, videa, hudba apod.). Virus mimo svých "viditelných" aktivit může poškodit systém!


Po dořešení vašeho problému bude vlákno zamknuto. Stejně tak tehdy, pokud bude nečinné více než 14dnů. Pokud budete chtít vlákno aktivovat, napište mi na mail uvedený výše.

Pitrisek
Vzorný návštěvník
Vzorný návštěvník
Příspěvky: 149
Registrován: 17 bře 2006 11:56

Re: Prosím o kontrolu logu

#9 Příspěvek od Pitrisek »

Log z zoek:

Zoek.exe v5.0.0.0 Updated 04-May-2015
Tool run by Miloç ćvrźek on p  29.10.2021 at 13:41:42,56.
Microsoft Windows 10 Home 10.0.19041 x64
Running in: Normal Mode No Internet Access Detected
Launched: C:\Users\MILOVR~1\Desktop\zoek.exe [Scan all users] [Script inserted]

==== System Restore Info ======================

29.10.2021 14:10:03 Zoek.exe System Restore Point Created Successfully.

==== Reset Hosts File ======================

# Copyright (c) 1993-2006 Microsoft Corp.
#
# This is a sample HOSTS file used by Microsoft TCP/IP for Windows.
#
# This file contains the mappings of IP addresses to host names. Each
# entry should be kept on an individual line. The IP address should
# be placed in the first column followed by the corresponding host name.
# The IP address and the host name should be separated by at least one
# space.
#
# Additionally, comments (such as these) may be inserted on individual
# lines or following the machine name denoted by a '#' symbol.
#
# For example:
#
# 102.54.94.97 rhino.acme.com # source server
# 38.25.63.10 x.acme.com # x client host

127.0.0.1 localhost

==== Empty Folders Check ======================

C:\PROGRA~2\MSXML 4.0 deleted successfully
C:\PROGRA~3\Comms deleted successfully
C:\PROGRA~3\SoftwareDistribution deleted successfully
C:\PROGRA~3\ssh deleted successfully
C:\PROGRA~3\Symantec deleted successfully
C:\Users\DefaultAppPool\AppData\LocalLow deleted successfully
C:\Users\MILOVR~1\AppData\Local\ActiveSync deleted successfully
C:\Users\MILOVR~1\AppData\Local\DBG deleted successfully
C:\Users\MILOVR~1\AppData\Local\EmieBrowserModeList deleted successfully
C:\Users\MILOVR~1\AppData\Local\EmieSiteList deleted successfully
C:\Users\MILOVR~1\AppData\Local\EmieUserList deleted successfully
C:\Users\MILOVR~1\AppData\Local\NetworkTiles deleted successfully
C:\Users\MILOVR~1\AppData\Local\PlaceholderTileLogoFolder deleted successfully
C:\WINDOWS\serviceprofiles\networkservice\AppData\Local\Maps deleted successfully
C:\WINDOWS\serviceprofiles\Localservice\AppData\Local\NetworkTiles deleted successfully

==== Deleting CLSID Registry Keys ======================

HKEY_USERS\S-1-5-21-3587155836-1829602570-1434191566-1001\SOFTWARE\Microsoft\Windows\CurrentVersion\Ext\Settings\{318A227B-5E9F-45BD-8999-7F8F10CA4CF5} deleted successfully
HKEY_USERS\S-1-5-21-3587155836-1829602570-1434191566-1000\SOFTWARE\Microsoft\Internet Explorer\Low Rights\ElevationPolicy\{7A97880C-7DD3-4C6E-8DE0-881B1FC02BE6} deleted successfully
HKEY_CLASSES_ROOT\CLSID\{318A227B-5E9F-45BD-8999-7F8F10CA4CF5} deleted successfully

==== Deleting CLSID Registry Values ======================

HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Internet Explorer\Toolbar\{318A227B-5E9F-45BD-8999-7F8F10CA4CF5} deleted successfully

==== Deleting Services ======================


==== FireFox Fix ======================

Deleted from C:\Users\MILOVR~1\AppData\Roaming\Mozilla\Firefox\Profiles\wpa7prw8.default\prefs.js:
user_pref("browser.startup.homepage", "https://www.seznam.cz/?clid=22668");
user_pref("browser.search.defaulturl", "http://search.seznam.cz/?sourceid=quick ... earchTerms}&");
user_pref("browser.search.defaultengine", "Seznam");
user_pref("browser.search.selectedEngine", "Seznam");
user_pref("browser.search.order.1", "Seznam");
user_pref("keyword.URL", "http://search.seznam.cz/?sourceid=quick ... earchTerms}&");

Added to C:\Users\MILOVR~1\AppData\Roaming\Mozilla\Firefox\Profiles\wpa7prw8.default\prefs.js:
user_pref("browser.startup.homepage", "about:home");
user_pref("browser.newtab.url", "about:newtab");

ProfilePath: C:\Users\MILOVR~1\AppData\Roaming\Mozilla\Firefox\Profiles\wpa7prw8.default

user.js not found
---- Lines searches removed from prefs.js ----
user_pref("browser.urlbar.suggest.searches", false);
---- FireFox user.js and prefs.js backups ----

prefs_29.10.2021_1448_.backup

==== Deleting Files \ Folders ======================

C:\PROGRA~3\Package Cache deleted
C:\Users\MILOVR~1\AppData\Local\cache deleted
C:\WINDOWS\SysNative\config\systemprofile\AppData\Local\CM2B110.tmp deleted
C:\WINDOWS\SysNative\config\systemprofile\AppData\Local\CM2D8CF.tmp deleted
C:\WINDOWS\SysNative\config\systemprofile\AppData\Local\CM2E4F2.tmp deleted
C:\WINDOWS\SysNative\config\systemprofile\AppData\Local\tw-1114-1f8-1cc885.tmp deleted
C:\WINDOWS\SysNative\config\systemprofile\AppData\Local\tw-1114-1f8-1cc952.tmp deleted
C:\WINDOWS\SysNative\config\systemprofile\AppData\Local\tw-1114-1f8-1cc983.tmp deleted
C:\WINDOWS\SysNative\config\systemprofile\AppData\Local\tw-1114-1f8-1cc9a4.tmp deleted
C:\WINDOWS\SysNative\config\systemprofile\AppData\Local\tw-1114-1f8-1cc9d5.tmp deleted
C:\WINDOWS\SysNative\config\systemprofile\AppData\Local\tw-1114-1f8-1cca06.tmp deleted
C:\WINDOWS\SysNative\config\systemprofile\AppData\Local\tw-1114-1f8-1cca56.tmp deleted
C:\WINDOWS\SysNative\config\systemprofile\AppData\Local\tw-1114-1f8-1ccaa6.tmp deleted
C:\WINDOWS\SysNative\config\systemprofile\AppData\Local\tw-1114-1f8-1ccae7.tmp deleted
C:\WINDOWS\SysNative\config\systemprofile\AppData\Local\tw-1114-1f8-1ccb08.tmp deleted
C:\WINDOWS\SysNative\config\systemprofile\AppData\Local\tw-1114-1f8-1ccbc6.tmp deleted
C:\WINDOWS\SysNative\config\systemprofile\AppData\Local\tw-1114-1f8-1ccbe7.tmp deleted
C:\WINDOWS\SysNative\config\systemprofile\AppData\Local\tw-1114-1f8-1ccc18.tmp deleted
C:\WINDOWS\SysNative\config\systemprofile\AppData\Local\tw-1114-1f8-1ccc39.tmp deleted
C:\WINDOWS\SysNative\config\systemprofile\AppData\Local\tw-1114-1f8-1ccc5a.tmp deleted
C:\WINDOWS\SysNative\config\systemprofile\AppData\Local\tw-1114-1f8-1cccaa.tmp deleted
C:\WINDOWS\SysNative\config\systemprofile\AppData\Local\tw-1114-1f8-1cccbc.tmp deleted
C:\WINDOWS\SysNative\config\systemprofile\AppData\Local\tw-1114-1f8-1ccd4b.tmp deleted
C:\WINDOWS\SysNative\config\systemprofile\AppData\Local\tw-1114-1f8-1ccdca.tmp deleted
C:\WINDOWS\SysNative\config\systemprofile\AppData\Local\tw-12a4-1378-e78b5c0.tmp deleted
C:\WINDOWS\SysNative\config\systemprofile\AppData\Local\tw-12a4-1378-e78b5e2.tmp deleted
C:\WINDOWS\SysNative\config\systemprofile\AppData\Local\tw-12a4-1378-e78b5f3.tmp deleted
C:\WINDOWS\SysNative\config\systemprofile\AppData\Local\tw-12a4-1378-e78b624.tmp deleted
C:\WINDOWS\SysNative\config\systemprofile\AppData\Local\tw-12a4-1378-e78b645.tmp deleted
C:\WINDOWS\SysNative\config\systemprofile\AppData\Local\tw-12a4-1378-e78b667.tmp deleted
C:\WINDOWS\SysNative\config\systemprofile\AppData\Local\tw-12a4-1378-e78b688.tmp deleted
C:\WINDOWS\SysNative\config\systemprofile\AppData\Local\tw-12a4-1378-e78b69a.tmp deleted
C:\WINDOWS\SysNative\config\systemprofile\AppData\Local\tw-12a4-1378-e78b69c.tmp deleted
C:\WINDOWS\SysNative\config\systemprofile\AppData\Local\tw-12a4-1378-e78b6bd.tmp deleted
C:\WINDOWS\SysNative\config\systemprofile\AppData\Local\tw-12a4-1378-e78b6ce.tmp deleted
C:\WINDOWS\SysNative\config\systemprofile\AppData\Local\tw-12a4-1378-e78b6f0.tmp deleted
C:\WINDOWS\SysNative\config\systemprofile\AppData\Local\tw-12a4-1378-e78b711.tmp deleted
C:\WINDOWS\SysNative\config\systemprofile\AppData\Local\tw-12a4-1378-e78b723.tmp deleted
C:\WINDOWS\SysNative\config\systemprofile\AppData\Local\tw-12a4-1378-e78b753.tmp deleted
C:\WINDOWS\SysNative\config\systemprofile\AppData\Local\tw-12a4-1378-e78b755.tmp deleted
C:\WINDOWS\SysNative\config\systemprofile\AppData\Local\tw-12a4-1378-e78b767.tmp deleted
C:\WINDOWS\SysNative\config\systemprofile\AppData\Local\tw-12a4-1378-e78b779.tmp deleted
C:\WINDOWS\SysNative\config\systemprofile\AppData\Local\tw-12a4-1378-e78b78a.tmp deleted
C:\WINDOWS\SysNative\config\systemprofile\AppData\Local\tw-182c-300c-3c35843.tmp deleted
C:\WINDOWS\SysNative\config\systemprofile\AppData\Local\tw-182c-300c-3c359fb.tmp deleted
C:\WINDOWS\SysNative\config\systemprofile\AppData\Local\tw-182c-300c-3c35a3b.tmp deleted
C:\WINDOWS\SysNative\config\systemprofile\AppData\Local\tw-182c-300c-3c35a6c.tmp deleted
C:\WINDOWS\SysNative\config\systemprofile\AppData\Local\tw-182c-300c-3c35a9d.tmp deleted
C:\WINDOWS\SysNative\config\systemprofile\AppData\Local\tw-182c-300c-3c35ace.tmp deleted
C:\WINDOWS\SysNative\config\systemprofile\AppData\Local\tw-182c-300c-3c35aef.tmp deleted
C:\WINDOWS\SysNative\config\systemprofile\AppData\Local\tw-182c-300c-3c35b01.tmp deleted
C:\WINDOWS\SysNative\config\systemprofile\AppData\Local\tw-182c-300c-3c35b22.tmp deleted
C:\WINDOWS\SysNative\config\systemprofile\AppData\Local\tw-182c-300c-3c35b33.tmp deleted
C:\WINDOWS\SysNative\config\systemprofile\AppData\Local\tw-182c-300c-3c35b74.tmp deleted
C:\WINDOWS\SysNative\config\systemprofile\AppData\Local\tw-182c-300c-3c35b95.tmp deleted
C:\WINDOWS\SysNative\config\systemprofile\AppData\Local\tw-182c-300c-3c35bd6.tmp deleted
C:\WINDOWS\SysNative\config\systemprofile\AppData\Local\tw-182c-300c-3c35bf7.tmp deleted
C:\WINDOWS\SysNative\config\systemprofile\AppData\Local\tw-182c-300c-3c35d31.tmp deleted
C:\WINDOWS\SysNative\config\systemprofile\AppData\Local\tw-182c-300c-3c35f66.tmp deleted
C:\WINDOWS\SysNative\config\systemprofile\AppData\Local\tw-182c-300c-3c35fa6.tmp deleted
C:\WINDOWS\SysNative\config\systemprofile\AppData\Local\tw-182c-300c-3c35fe7.tmp deleted
C:\WINDOWS\SysNative\config\systemprofile\AppData\Local\tw-182c-300c-3c36018.tmp deleted
C:\WINDOWS\SysNative\config\systemprofile\AppData\Local\tw-1eb4-ad4-fac61.tmp deleted
C:\WINDOWS\SysNative\config\systemprofile\AppData\Local\tw-1eb4-ad4-facc1.tmp deleted
C:\WINDOWS\SysNative\config\systemprofile\AppData\Local\tw-1eb4-ad4-fad21.tmp deleted
C:\WINDOWS\SysNative\config\systemprofile\AppData\Local\tw-1eb4-ad4-fad71.tmp deleted
C:\WINDOWS\SysNative\config\systemprofile\AppData\Local\tw-1eb4-ad4-fadc1.tmp deleted
C:\WINDOWS\SysNative\config\systemprofile\AppData\Local\tw-1eb4-ad4-fadd3.tmp deleted
C:\WINDOWS\SysNative\config\systemprofile\AppData\Local\tw-1eb4-ad4-fae32.tmp deleted
C:\WINDOWS\SysNative\config\systemprofile\AppData\Local\tw-1eb4-ad4-fae83.tmp deleted
C:\WINDOWS\SysNative\config\systemprofile\AppData\Local\tw-1eb4-ad4-faf21.tmp deleted
C:\WINDOWS\SysNative\config\systemprofile\AppData\Local\tw-1eb4-ad4-fafcf.tmp deleted
C:\WINDOWS\SysNative\config\systemprofile\AppData\Local\tw-1eb4-ad4-fb03e.tmp deleted
C:\WINDOWS\SysNative\config\systemprofile\AppData\Local\tw-1eb4-ad4-fb040.tmp deleted
C:\WINDOWS\SysNative\config\systemprofile\AppData\Local\tw-1eb4-ad4-fb052.tmp deleted
C:\WINDOWS\SysNative\config\systemprofile\AppData\Local\tw-1eb4-ad4-fb063.tmp deleted
C:\WINDOWS\SysNative\config\systemprofile\AppData\Local\tw-1eb4-ad4-fb065.tmp deleted
C:\WINDOWS\SysNative\config\systemprofile\AppData\Local\tw-1eb4-ad4-fb077.tmp deleted
C:\WINDOWS\SysNative\config\systemprofile\AppData\Local\tw-1eb4-ad4-fb0b7.tmp deleted
C:\WINDOWS\SysNative\config\systemprofile\AppData\Local\tw-1eb4-ad4-fb0d9.tmp deleted
C:\WINDOWS\SysNative\config\systemprofile\AppData\Local\tw-1eb4-ad4-fb0ea.tmp deleted
C:\WINDOWS\SysNative\config\systemprofile\AppData\Local\tw-25f4-1bfc-cca75c5.tmp deleted
C:\WINDOWS\SysNative\config\systemprofile\AppData\Local\tw-25f4-1bfc-cca75e6.tmp deleted
C:\WINDOWS\SysNative\config\systemprofile\AppData\Local\tw-25f4-1bfc-cca75f8.tmp deleted
C:\WINDOWS\SysNative\config\systemprofile\AppData\Local\tw-25f4-1bfc-cca760a.tmp deleted
C:\WINDOWS\SysNative\config\systemprofile\AppData\Local\tw-25f4-1bfc-cca761b.tmp deleted
C:\WINDOWS\SysNative\config\systemprofile\AppData\Local\tw-25f4-1bfc-cca762d.tmp deleted
C:\WINDOWS\SysNative\config\systemprofile\AppData\Local\tw-25f4-1bfc-cca762f.tmp deleted
C:\WINDOWS\SysNative\config\systemprofile\AppData\Local\tw-25f4-1bfc-cca7640.tmp deleted
C:\WINDOWS\SysNative\config\systemprofile\AppData\Local\tw-25f4-1bfc-cca7652.tmp deleted
C:\WINDOWS\SysNative\config\systemprofile\AppData\Local\tw-25f4-1bfc-cca7664.tmp deleted
C:\WINDOWS\SysNative\config\systemprofile\AppData\Local\tw-25f4-1bfc-cca7675.tmp deleted
C:\WINDOWS\SysNative\config\systemprofile\AppData\Local\tw-25f4-1bfc-cca7677.tmp deleted
C:\WINDOWS\SysNative\config\systemprofile\AppData\Local\tw-25f4-1bfc-cca7689.tmp deleted
C:\WINDOWS\SysNative\config\systemprofile\AppData\Local\tw-25f4-1bfc-cca769b.tmp deleted
C:\WINDOWS\SysNative\config\systemprofile\AppData\Local\tw-25f4-1bfc-cca76ac.tmp deleted
C:\WINDOWS\SysNative\config\systemprofile\AppData\Local\tw-25f4-1bfc-cca76be.tmp deleted
C:\WINDOWS\SysNative\config\systemprofile\AppData\Local\tw-25f4-1bfc-cca76ef.tmp deleted
C:\WINDOWS\SysNative\config\systemprofile\AppData\Local\tw-25f4-1bfc-cca7700.tmp deleted
C:\WINDOWS\SysNative\config\systemprofile\AppData\Local\tw-25f4-1bfc-cca7712.tmp deleted
C:\WINDOWS\SysNative\config\systemprofile\AppData\Local\tw-27f0-2858-12041d.tmp deleted
C:\WINDOWS\SysNative\config\systemprofile\AppData\Local\tw-27f0-2858-12042e.tmp deleted
C:\WINDOWS\SysNative\config\systemprofile\AppData\Local\tw-27f0-2858-120430.tmp deleted
C:\WINDOWS\SysNative\config\systemprofile\AppData\Local\tw-27f0-2858-120461.tmp deleted
C:\WINDOWS\SysNative\config\systemprofile\AppData\Local\tw-27f0-2858-120473.tmp deleted
C:\WINDOWS\SysNative\config\systemprofile\AppData\Local\tw-27f0-2858-120484.tmp deleted
C:\WINDOWS\SysNative\config\systemprofile\AppData\Local\tw-27f0-2858-120496.tmp deleted
C:\WINDOWS\SysNative\config\systemprofile\AppData\Local\tw-27f0-2858-120498.tmp deleted
C:\WINDOWS\SysNative\config\systemprofile\AppData\Local\tw-27f0-2858-1204aa.tmp deleted
C:\WINDOWS\SysNative\config\systemprofile\AppData\Local\tw-27f0-2858-1204bb.tmp deleted
C:\WINDOWS\SysNative\config\systemprofile\AppData\Local\tw-27f0-2858-1204cd.tmp deleted
C:\WINDOWS\SysNative\config\systemprofile\AppData\Local\tw-27f0-2858-1204cf.tmp deleted
C:\WINDOWS\SysNative\config\systemprofile\AppData\Local\tw-27f0-2858-12051f.tmp deleted
C:\WINDOWS\SysNative\config\systemprofile\AppData\Local\tw-27f0-2858-120531.tmp deleted
C:\WINDOWS\SysNative\config\systemprofile\AppData\Local\tw-27f0-2858-120542.tmp deleted
C:\WINDOWS\SysNative\config\systemprofile\AppData\Local\tw-27f0-2858-120544.tmp deleted
C:\WINDOWS\SysNative\config\systemprofile\AppData\Local\tw-27f0-2858-120556.tmp deleted
C:\WINDOWS\SysNative\config\systemprofile\AppData\Local\tw-27f0-2858-120577.tmp deleted
C:\WINDOWS\SysNative\config\systemprofile\AppData\Local\tw-27f0-2858-120579.tmp deleted
C:\WINDOWS\SysNative\config\systemprofile\AppData\Local\tw-312c-40e8-aa070096.tmp deleted
C:\WINDOWS\SysNative\config\systemprofile\AppData\Local\tw-312c-40e8-aa070740.tmp deleted
C:\WINDOWS\SysNative\config\systemprofile\AppData\Local\tw-312c-40e8-aa070c52.tmp deleted
C:\WINDOWS\SysNative\config\systemprofile\AppData\Local\tw-312c-40e8-aa070cd1.tmp deleted
C:\WINDOWS\SysNative\config\systemprofile\AppData\Local\tw-312c-40e8-aa070d60.tmp deleted
C:\WINDOWS\SysNative\config\systemprofile\AppData\Local\tw-312c-40e8-aa070f85.tmp deleted
C:\WINDOWS\SysNative\config\systemprofile\AppData\Local\tw-312c-40e8-aa070fc5.tmp deleted
C:\WINDOWS\SysNative\config\systemprofile\AppData\Local\tw-312c-40e8-aa071054.tmp deleted
C:\WINDOWS\SysNative\config\systemprofile\AppData\Local\tw-312c-40e8-aa071121.tmp deleted
C:\WINDOWS\SysNative\config\systemprofile\AppData\Local\tw-312c-40e8-aa0711fe.tmp deleted
C:\WINDOWS\SysNative\config\systemprofile\AppData\Local\tw-312c-40e8-aa07126d.tmp deleted
C:\WINDOWS\SysNative\config\systemprofile\AppData\Local\tw-312c-40e8-aa071369.tmp deleted
C:\WINDOWS\SysNative\config\systemprofile\AppData\Local\tw-312c-40e8-aa07138b.tmp deleted
C:\WINDOWS\SysNative\config\systemprofile\AppData\Local\tw-312c-40e8-aa071561.tmp deleted
C:\WINDOWS\SysNative\config\systemprofile\AppData\Local\tw-312c-40e8-aa07195b.tmp deleted
C:\WINDOWS\SysNative\config\systemprofile\AppData\Local\tw-312c-40e8-aa0719ca.tmp deleted
C:\WINDOWS\SysNative\config\systemprofile\AppData\Local\tw-312c-40e8-aa071b63.tmp deleted
C:\WINDOWS\SysNative\config\systemprofile\AppData\Local\tw-312c-40e8-aa071c20.tmp deleted
C:\WINDOWS\SysNative\config\systemprofile\AppData\Local\tw-312c-40e8-aa071e06.tmp deleted
C:\WINDOWS\SysNative\config\systemprofile\AppData\Local\tw-520-524-f95fb.tmp deleted
C:\WINDOWS\SysNative\config\systemprofile\AppData\Local\tw-520-524-f960d.tmp deleted
C:\WINDOWS\SysNative\config\systemprofile\AppData\Local\tw-520-524-f960f.tmp deleted
C:\WINDOWS\SysNative\config\systemprofile\AppData\Local\tw-520-524-f9611.tmp deleted
C:\WINDOWS\SysNative\config\systemprofile\AppData\Local\tw-520-524-f9622.tmp deleted
C:\WINDOWS\SysNative\config\systemprofile\AppData\Local\tw-520-524-f9624.tmp deleted
C:\WINDOWS\SysNative\config\systemprofile\AppData\Local\tw-520-524-f9626.tmp deleted
C:\WINDOWS\SysNative\config\systemprofile\AppData\Local\tw-520-524-f9638.tmp deleted
C:\WINDOWS\SysNative\config\systemprofile\AppData\Local\tw-520-524-f963a.tmp deleted
C:\WINDOWS\SysNative\config\systemprofile\AppData\Local\tw-520-524-f963c.tmp deleted
C:\WINDOWS\SysNative\config\systemprofile\AppData\Local\tw-520-524-f966d.tmp deleted
C:\WINDOWS\SysNative\config\systemprofile\AppData\Local\tw-520-524-f966f.tmp deleted
C:\WINDOWS\SysNative\config\systemprofile\AppData\Local\tw-520-524-f9671.tmp deleted
C:\WINDOWS\SysNative\config\systemprofile\AppData\Local\tw-520-524-f9692.tmp deleted
C:\WINDOWS\SysNative\config\systemprofile\AppData\Local\tw-520-524-f9694.tmp deleted
C:\WINDOWS\SysNative\config\systemprofile\AppData\Local\tw-520-524-f9696.tmp deleted
C:\WINDOWS\SysNative\config\systemprofile\AppData\Local\tw-520-524-f96a8.tmp deleted
C:\WINDOWS\SysNative\config\systemprofile\AppData\Local\tw-520-524-f96aa.tmp deleted
C:\WINDOWS\SysNative\config\systemprofile\AppData\Local\tw-520-524-f96bb.tmp deleted
C:\windows\SysNative\Tasks\avastBCLRestartS-1-5-21-3587155836-1829602570-1434191566-1001 deleted
C:\WINDOWS\wininit.ini deleted
C:\WINDOWS\Syswow64\SET8865.tmp deleted
"C:\Users\MILOVR~1\AppData\Local\{E9CFEC60-559C-4D18-AE4C-AB665352B7BB}" deleted
"C:\DumpStack.log.tmp" not deleted
"C:\Users\MILOVR~1\AppData\Local\AVAST Software\Avast\datascan.json" not deleted
"C:\Users\MILOVR~1\AppData\Local\AVAST Software" not deleted
"C:\Users\MILOVR~1\AppData\Local\AVAST Software\Avast" not deleted
"C:\Users\MILOVR~1\AppData\Local\AVAST Software\Avast\Bodyguard" not deleted

==== Firefox Start and Search pages ======================

ProfilePath: C:\Users\MILOVR~1\AppData\Roaming\Mozilla\Firefox\Profiles\wpa7prw8.default
user_pref("browser.startup.homepage", "about:home");
user_pref("browser.newtab.url", "about:newtab");

==== Firefox Extensions ======================

ProfilePath: C:\Users\MILOVR~1\AppData\Roaming\Mozilla\Firefox\Profiles\wpa7prw8.default
- Undetermined - %ProfilePath%\extensions\icapkiservice@ica.cz.xpi
- Undetermined - %ProfilePath%\extensions\wrc@avast.com.xpi

==== Firefox Plugins ======================


==== Chromium Look ======================

HKEY_LOCAL_MACHINE\SOFTWARE\Google\Chrome\Extensions
eofcbnmajmjmplflapaojjnihcjkigck - No path found[]
gomekmidlodglbbmalcneegieacbdmki - No path found[]

==== Set IE to Default ======================

Old Values:
[HKEY_CURRENT_USER\Software\Microsoft\Internet Explorer\Main]
"Start Page"="https://go.microsoft.com/fwlink/p/?Link ... id=UE01DHP"
[HKEY_CURRENT_USER\SOFTWARE\Microsoft\Internet Explorer\SearchScopes]
No DefaultScope Set For HKCU

New Values:
[HKEY_CURRENT_USER\Software\Microsoft\Internet Explorer\Main]
"Start Page"="https://go.microsoft.com/fwlink/p/?Link ... id=UE01DHP"
[HKEY_CURRENT_USER\SOFTWARE\Microsoft\Internet Explorer\SearchScopes]
"DefaultScope"="{012E1000-F331-11DB-8314-0800200C9A66}"

==== All HKCU SearchScopes ======================

HKEY_CURRENT_USER\SOFTWARE\Microsoft\Internet Explorer\SearchScopes
{012E1000-F331-11DB-8314-0800200C9A66} Google Url="http://www.google.com/search?q={searchTerms}"
{0633EE93-D776-472f-A0FF-E1416B8B2E3A} Bing Url="http://www.bing.com/search?q={searchTer ... ORM=IE8SRC"

==== Reset Google Chrome ======================

C:\Users\MILOVR~1\AppData\Local\Microsoft\Edge\User Data\Default\Preferences was reset successfully
C:\Users\MILOVR~1\AppData\Local\Microsoft\Edge\User Data\Default\Secure Preferences was reset successfully
C:\Users\MILOVR~1\AppData\Local\Microsoft\Edge\User Data\Default\Web Data was reset successfully
C:\Users\MILOVR~1\AppData\Local\Microsoft\Edge\User Data\Default\Web Data-journal was reset successfully

==== Deleting Registry Keys ======================

HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\EgisTecPMMUpdate deleted successfully
HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\EgisUpdate deleted successfully
HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\Norton Online Backup deleted successfully

==== Empty IE Cache ======================

C:\WINDOWS\system32\config\systemprofile\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5 emptied successfully
C:\Users\MILOVR~1\AppData\Local\Microsoft\Windows\INetCache\Content.IE5 emptied successfully
C:\WINDOWS\SysNative\config\systemprofile\AppData\Local\Microsoft\Windows\INetCache\Content.IE5 emptied successfully
C:\Users\MILOVR~1\AppData\Local\Microsoft\Windows\INetCache\IE emptied successfully
C:\WINDOWS\SysNative\config\systemprofile\AppData\Local\Microsoft\Windows\INetCache\IE emptied successfully

==== Empty FireFox Cache ======================

C:\Users\MILOVR~1\AppData\Local\Mozilla\Firefox\Profiles\wpa7prw8.default\cache2 emptied successfully

==== Empty Chrome Cache ======================

C:\Users\MILOVR~1\AppData\Local\Microsoft\Edge\User Data\Default\Cache emptied successfully

==== Empty All Flash Cache ======================

No Flash Cache Found

==== Empty All Java Cache ======================

No Java Cache Found

==== C:\zoek_backup content ======================

C:\zoek_backup (files=42 folders=165 7901011 bytes)

==== Empty Temp Folders ======================

C:\WINDOWS\Temp will be emptied at reboot

Log z JRT:
~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~
Junkware Removal Tool (JRT) by Malwarebytes
Version: 8.1.4 (07.09.2017)
Operating System: Windows 10 Home x64
Ran by Miloç ćvrźek (Administrator) on p  29.10.2021 at 16:18:59,02
~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~




File System: 0




Registry: 2

Successfully deleted: HKLM\Software\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{1FD49718-1D00-4B19-AF5F-070AF6D5D54C} (Registry Key)
Successfully deleted: HKLM\Software\Wow6432Node\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{1FD49718-1D00-4B19-AF5F-070AF6D5D54C} (Registry Key)




~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~
Scan was completed on p  29.10.2021 at 16:22:05,37
End of JRT log
~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~

Uživatelský avatar
Rudy
Site Admin
Site Admin
Příspěvky: 118715
Registrován: 30 říj 2003 13:42
Bydliště: Plzeň
Kontaktovat uživatele:

Re: Prosím o kontrolu logu

#10 Příspěvek od Rudy »

Promazáno. Zlepšíl se stav?
Dotazy a logy vkládejte pouze do vašich threadů. Soukromé zprávy, icq a e-maily neslouží k řešení vašich problémů.

Podpořte, prosím, naše fórum : https://platba.viry.cz/payment/.

Navštivte: Obrázek

e-mail: rudy(zavináč)forum.viry.cz

Varování:
Před odvirováním PC si udělejte zálohy svých důležitých dat (pošta, kontakty, dokumenty, fotografie, videa, hudba apod.). Virus mimo svých "viditelných" aktivit může poškodit systém!


Po dořešení vašeho problému bude vlákno zamknuto. Stejně tak tehdy, pokud bude nečinné více než 14dnů. Pokud budete chtít vlákno aktivovat, napište mi na mail uvedený výše.

Pitrisek
Vzorný návštěvník
Vzorný návštěvník
Příspěvky: 149
Registrován: 17 bře 2006 11:56

Re: Prosím o kontrolu logu

#11 Příspěvek od Pitrisek »

Ano stav PC se výrazně zlepšil, i když AVAST zachytil nějaký vir. Děkuji moc za pomoc

Uživatelský avatar
Rudy
Site Admin
Site Admin
Příspěvky: 118715
Registrován: 30 říj 2003 13:42
Bydliště: Plzeň
Kontaktovat uživatele:

Re: Prosím o kontrolu logu

#12 Příspěvek od Rudy »

Jaký virus Avast zachytil?
Dotazy a logy vkládejte pouze do vašich threadů. Soukromé zprávy, icq a e-maily neslouží k řešení vašich problémů.

Podpořte, prosím, naše fórum : https://platba.viry.cz/payment/.

Navštivte: Obrázek

e-mail: rudy(zavináč)forum.viry.cz

Varování:
Před odvirováním PC si udělejte zálohy svých důležitých dat (pošta, kontakty, dokumenty, fotografie, videa, hudba apod.). Virus mimo svých "viditelných" aktivit může poškodit systém!


Po dořešení vašeho problému bude vlákno zamknuto. Stejně tak tehdy, pokud bude nečinné více než 14dnů. Pokud budete chtít vlákno aktivovat, napište mi na mail uvedený výše.

Pitrisek
Vzorný návštěvník
Vzorný návštěvník
Příspěvky: 149
Registrován: 17 bře 2006 11:56

Re: Prosím o kontrolu logu

#13 Příspěvek od Pitrisek »

Zdravím, velmi se omlouvám, že jsem se neozval dříve, jelikož je tchán z druhého konce republiky, vyřešili jsem náhradním řešením.

Moc děkuji za pomoc

Uživatelský avatar
Rudy
Site Admin
Site Admin
Příspěvky: 118715
Registrován: 30 říj 2003 13:42
Bydliště: Plzeň
Kontaktovat uživatele:

Re: Prosím o kontrolu logu

#14 Příspěvek od Rudy »

OK a rádo se stalo! :)
Dotazy a logy vkládejte pouze do vašich threadů. Soukromé zprávy, icq a e-maily neslouží k řešení vašich problémů.

Podpořte, prosím, naše fórum : https://platba.viry.cz/payment/.

Navštivte: Obrázek

e-mail: rudy(zavináč)forum.viry.cz

Varování:
Před odvirováním PC si udělejte zálohy svých důležitých dat (pošta, kontakty, dokumenty, fotografie, videa, hudba apod.). Virus mimo svých "viditelných" aktivit může poškodit systém!


Po dořešení vašeho problému bude vlákno zamknuto. Stejně tak tehdy, pokud bude nečinné více než 14dnů. Pokud budete chtít vlákno aktivovat, napište mi na mail uvedený výše.

Zamčeno