Odvirování PC, zrychlení počítače, vzdálená pomoc prostřednictvím služby neslape.cz

Kontrola logů, špatně se mi načítají stránky, některé vůbec,

Máte problém s virem? Vložte sem log z FRST nebo RSIT.

Moderátor: Moderátoři

Pravidla fóra
Pokud chcete pomoc, vložte log z FRST [návod zde] nebo RSIT [návod zde]

Jednotlivé thready budou po vyřešení uzamčeny. Stejně tak ty, které budou nečinné déle než 14 dní. Vizte Pravidlo o zamykání témat. Děkujeme za pochopení.

!NOVINKA!
Nově lze využívat služby vzdálené pomoci, kdy se k vašemu počítači připojí odborník a bližší informace o problému si od vás získá telefonicky! Více na www.neslape.cz
Zamčeno
Zpráva
Autor
F7R
Návštěvník
Návštěvník
Příspěvky: 49
Registrován: 17 bře 2016 12:26

Kontrola logů, špatně se mi načítají stránky, některé vůbec,

#1 Příspěvek od F7R »

Zdravím. Špatně se mi načítají stránky, některé vůbec, píše že server neodpovědel v čase apod.
Nepoužívám antivir, myslel jsem že je to v dnešní době zbytečné když neklikam na nějaký porno clickbait

Scan result of Farbar Recovery Scan Tool (FRST) (x64) Version: 20-09-2021
Ran by XXX (administrator) on XXX-PC (LENOVO 4384FV7) (21-09-2021 16:13:40)
Running from C:\Users\XXX\Desktop
Loaded Profiles: XXX & UpdatusUser
Platform: Windows 7 Home Premium Service Pack 1 (X64) Language: Čeština (Česká republika)
Default browser: "C:\Users\XXX\AppData\Local\Maxthon\Application\Maxthon.exe" --single-argument %1
Boot Mode: Normal

==================== Processes (Whitelisted) =================

(If an entry is included in the fixlist, the process will be closed. The file will not be moved.)

(DISPLAYLINK -> DisplayLink Corp.) C:\Program Files\DisplayLink Core Software\8.0.778.0\DisplayLinkManager.exe
(DISPLAYLINK -> DisplayLink Corp.) C:\Program Files\DisplayLink Core Software\8.0.778.0\DisplayLinkUI.exe
(DISPLAYLINK -> DisplayLink Corp.) C:\Program Files\DisplayLink Core Software\8.0.778.0\DisplayLinkUserAgent.exe
(Intel Corporation - Mobile Wireless Group -> Intel(R) Corporation) C:\Program Files\Common Files\Intel\WirelessCommon\RegSrvc.exe
(Intel Corporation -> Intel Corporation) C:\Windows\System32\hkcmd.exe
(Intel Corporation -> Intel Corporation) C:\Windows\System32\igfxpers.exe
(Intel Corporation -> Intel Corporation) C:\Windows\System32\igfxtray.exe
(Lavasoft Software Canada Inc. -> ) C:\Program Files (x86)\Lavasoft\Web Companion\Application\Lavasoft.WCAssistant.WinService.exe
(Lavasoft Software Canada Inc. -> ) C:\Program Files (x86)\Lavasoft\Web Companion\Service\x64\DCIService.exe
(Lavasoft Software Canada Inc. -> Lavasoft) C:\Program Files (x86)\Lavasoft\Web Companion\Application\WebCompanion.exe
(Lenovo -> Lenovo) C:\Program Files (x86)\Lenovo\Connect2\Connect2.Service.exe
(Lenovo -> Lenovo.) C:\Windows\System32\ibmpmsvc.exe
(Lenovo -> Lenovo.) C:\Windows\System32\LPlatSvc.exe <2>
(LITE-ON TECHNOLOGY CORP.) [File not signed] C:\Program Files\Lenovo\USB Enhanced Performance Keyboard\Skdaemon.exe
(Maxthon Technology Co, Ltd. -> Maxthon Ltd.) C:\Users\XXX\AppData\Local\Maxthon\Application\Maxthon.exe <13>
(Microsoft Corporation -> Microsoft Corporation) C:\Windows\Microsoft.NET\Framework64\v3.0\WPF\PresentationFontCache.exe
(Microsoft Windows -> Microsoft Corporation) C:\Windows\splwow64.exe
(Microsoft Windows -> Microsoft Corporation) C:\Windows\System32\dllhost.exe <2>
(NVIDIA Corporation -> NVIDIA Corporation) C:\Program Files (x86)\NVIDIA Corporation\NVIDIA Update Core\daemonu.exe
(NVIDIA Corporation -> NVIDIA Corporation) C:\Program Files\NVIDIA Corporation\Display\nvxdsync.exe
(NVIDIA Corporation -> NVIDIA Corporation) C:\Windows\System32\nvvsvc.exe <2>
(Piriform Ltd -> Piriform Ltd) C:\Program Files\CCleaner\CCleaner64.exe
(Power Software Limited -> Power Software Ltd) C:\Program Files\PowerISO\PWRISOVM.EXE
(Qualcomm Inc -> QUALCOMM, Inc.) C:\Program Files (x86)\QUALCOMM\QDLService2k\QDLService2kLenovo.exe
(Samsung Electronics CO., LTD. -> DEVGURU Co., LTD.) C:\Program Files (x86)\Samsung\USB Drivers\27_ssconn\conn\ss_conn_service.exe
(Samsung Electronics Co., Ltd. -> DEVGURU Co., LTD.) C:\Program Files (x86)\Samsung\USB Drivers\28_ssconn2\conn\ss_conn_service2.exe
(SEIKO EPSON CORPORATION -> Seiko Epson Corporation) C:\Program Files (x86)\EPSON Software\Epson Printer Connection Checker\EPPCCMON.EXE
(SEIKO EPSON CORPORATION -> SEIKO EPSON CORPORATION) C:\Program Files (x86)\EPSON Software\Event Manager\EEventManager.exe
(SEIKO EPSON Corporation -> SEIKO EPSON CORPORATION) C:\Program Files\Common Files\EPSON\EPW!3 SSRP\E_S60RPB.EXE
(SEIKO EPSON CORPORATION -> SEIKO EPSON CORPORATION) C:\Program Files\EPSON\EpsonCustomerResearchParticipation\EPCP.exe
(SEIKO EPSON Corporation -> Seiko Epson Corporation) C:\Windows\System32\escsvc64.exe
(SEIKO EPSON CORPORATION -> SEIKO EPSON CORPORATION) C:\Windows\System32\spool\drivers\x64\3\E_YATIPLE.EXE <3>
(Synaptics Incorporated -> Synaptics Incorporated) C:\Program Files\Synaptics\SynTP\SynTPEnh.exe
(Synaptics Incorporated -> Synaptics Incorporated) C:\Program Files\Synaptics\SynTP\SynTPHelper.exe
(Synaptics Incorporated -> Synaptics Incorporated) C:\Program Files\Synaptics\SynTP\SynTPLpr.exe
(TeamViewer Germany GmbH -> TeamViewer Germany GmbH) C:\Program Files (x86)\TeamViewer\TeamViewer.exe
(TeamViewer Germany GmbH -> TeamViewer Germany GmbH) C:\Program Files (x86)\TeamViewer\TeamViewer_Service.exe
(TeamViewer Germany GmbH -> TeamViewer Germany GmbH) C:\Program Files (x86)\TeamViewer\tv_w32.exe
(TeamViewer Germany GmbH -> TeamViewer Germany GmbH) C:\Program Files (x86)\TeamViewer\tv_x64.exe

==================== Registry (Whitelisted) ===================

(If an entry is included in the fixlist, the registry item will be restored to default or removed. The file will not be moved.)

HKLM\...\Run: [EPPCCMON] => C:\Program Files (x86)\EPSON Software\Epson Printer Connection Checker\EPPCCMON.EXE [442936 2020-10-22] (SEIKO EPSON CORPORATION -> Seiko Epson Corporation)
HKLM\...\Run: [Enhanced Performance Keyboard] => C:\Program Files\Lenovo\USB Enhanced Performance Keyboard\SKDaemon.exe [4013056 2014-08-17] (LITE-ON TECHNOLOGY CORP.) [File not signed]
HKLM\...\Run: [SmartAudio] => C:\Program Files\CONEXANT\SAII\SAIICpl.exe [307768 2009-11-15] (Conexant Systems, Inc. -> )
HKLM-x32\...\Run: [EEventManager] => C:\Program Files (x86)\Epson Software\Event Manager\EEventManager.exe [1087184 2016-01-20] (SEIKO EPSON CORPORATION -> SEIKO EPSON CORPORATION)
HKLM-x32\...\Run: [PWRISOVM.EXE] => C:\Program Files\PowerISO\PWRISOVM.EXE [455872 2020-02-09] (Power Software Limited -> Power Software Ltd)
HKLM-x32\...\Run: [] => [X]
HKU\S-1-5-21-555042887-2286466740-3098252512-1000\...\Run: [EPLTarget\P0000000000000000] => C:\Windows\system32\spool\DRIVERS\x64\3\E_YATIPLE.EXE [417776 2014-11-14] (SEIKO EPSON CORPORATION -> SEIKO EPSON CORPORATION)
HKU\S-1-5-21-555042887-2286466740-3098252512-1000\...\Run: [EPLTarget\P0000000000000001] => C:\Windows\system32\spool\DRIVERS\x64\3\E_YATIPLE.EXE [417776 2014-11-14] (SEIKO EPSON CORPORATION -> SEIKO EPSON CORPORATION)
HKU\S-1-5-21-555042887-2286466740-3098252512-1000\...\Run: [Web Companion] => C:\Program Files (x86)\Lavasoft\Web Companion\Application\WebCompanion.exe [9123248 2021-09-20] (Lavasoft Software Canada Inc. -> Lavasoft)
HKU\S-1-5-21-555042887-2286466740-3098252512-1000\...\Run: [EPSDNMON] => ""
HKU\S-1-5-21-555042887-2286466740-3098252512-1000\...\Run: [EPLTarget\P0000000000000002] => C:\Windows\system32\spool\DRIVERS\x64\3\E_YATIPLE.EXE [417776 2014-11-14] (SEIKO EPSON CORPORATION -> SEIKO EPSON CORPORATION)
HKU\S-1-5-21-555042887-2286466740-3098252512-1000\...\Run: [CCleaner Monitoring] => C:\Program Files\CCleaner\CCleaner64.exe [8619224 2016-01-15] (Piriform Ltd -> Piriform Ltd)
HKU\S-1-5-21-555042887-2286466740-3098252512-1000\Control Panel\Desktop\\SCRNSAVE.EXE -> C:\Windows\yowindow.scr
HKU\S-1-5-18\...\RunOnce: [SPReview] => C:\Windows\System32\SPReview\SPReview.exe [301568 2020-02-12] (Microsoft Windows -> Microsoft Corporation)
HKLM\...\Print\Monitors\EPSON XP-630 Series 64MonitorBE: C:\Windows\system32\E_YLMBPLE.DLL [180224 2014-03-05] (Microsoft Windows Hardware Compatibility Publisher -> SEIKO EPSON CORPORATION)
HKLM\...\Print\Monitors\EpsonNet Print Port: C:\Windows\system32\enppmon.dll [500736 2016-09-14] (SEIKO EPSON CORPORATION) [File not signed]
AppInit_DLLs: C:\Windows\system32\nvinitx.dll => C:\Windows\system32\nvinitx.dll [245872 2013-10-29] (NVIDIA CORPORATION -> NVIDIA Corporation)
AppInit_DLLs-x32: C:\Windows\SysWOW64\nvinit.dll => C:\Windows\SysWOW64\nvinit.dll [201576 2013-10-29] (NVIDIA CORPORATION -> NVIDIA Corporation)

==================== Scheduled Tasks (Whitelisted) ============

(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)

Task: {07F9EF7A-1F22-4511-B818-EE6362BBBCAC} - System32\Tasks\Games\UpdateCheck_S-1-5-21-555042887-2286466740-3098252512-1000 => {CA22F5B1-E06F-4A2B-94FC-21E87FE53781} C:\Windows\System32\gameux.dll [2746368 2012-12-07] (Microsoft Windows -> Microsoft Corporation)
Task: {29FF17AC-EA42-4AEB-BE92-127890972074} - System32\Tasks\TVT\ChangePWD => C:\Program Files (x86)\Lenovo\Rescue and Recovery\rrcmd.exe [1272168 2013-09-25] (Lenovo Information Products (Shenzhen) Co.,Ltd -> Lenovo Limited Group Corporation)
Task: {2F81CFBE-2693-40B6-9754-B4FAB9153B89} - System32\Tasks\{72473BEC-643F-463F-AFB7-46DED0B91711} => C:\Windows\system32\pcalua.exe -a C:\Users\XXX\Desktop\DialogysInstall_PC.exe -d C:\Users\XXX\Desktop
Task: {3B91FC34-0AB6-4843-9DCE-5731B3407464} - System32\Tasks\Adobe Flash Player Updater => C:\Windows\SysWOW64\Macromed\Flash\FlashPlayerUpdateService.exe
Task: {46249C69-1762-409D-8318-3279892DBA49} - System32\Tasks\EPSON XP-630 Series Update {326805B2-8C58-4D3D-A4E5-E90D3768C8D5} => C:\Windows\system32\spool\DRIVERS\x64\3\E_YTSPLE.EXE [690536 2013-11-22] (SEIKO EPSON CORPORATION -> SEIKO EPSON CORPORATION)
Task: {49517535-8100-4FA3-AD29-D9AB16CF6F46} - System32\Tasks\CCleanerSkipUAC => C:\Program Files\CCleaner\CCleaner.exe [6628056 2016-01-15] (Piriform Ltd -> Piriform Ltd)
Task: {50110C47-559A-4DD3-8B4B-D80E5195AFAD} - System32\Tasks\EPSON XP-630 Series Update {4AAB39D2-890A-4DC4-B515-785176BC5786} => C:\Windows\system32\spool\DRIVERS\x64\3\E_YTSPLE.EXE [690536 2013-11-22] (SEIKO EPSON CORPORATION -> SEIKO EPSON CORPORATION)
Task: {58DC4A38-9466-443F-B8AA-903E49316E4C} - System32\Tasks\EPSON XP-630 Series Update {C5E4CE44-5ED1-48B5-8A3C-4952643C058B} => C:\Windows\system32\spool\DRIVERS\x64\3\E_YTSPLE.EXE [690536 2013-11-22] (SEIKO EPSON CORPORATION -> SEIKO EPSON CORPORATION)
Task: {5B3FAEDE-8B3A-4273-AAEE-2B1C331B9CCB} - System32\Tasks\{34A296ED-6081-4403-A8B5-F7E8F256225C} => C:\Windows\system32\pcalua.exe -a C:\Users\XXX\AppData\Local\Temp\7zS806E4871\GenericSetup.exe -d C:\Users\XXX\AppData\Local\Temp\7zS806E4871 -c C:\Users\XXX\AppData\Local\Temp\7zS806E4871\GenericSetup.exe hhwnd=9832342 hasync hthankyoupage="http://www.gomlab.com/gom/installThanks ... r&lang=eng" title="GOM Player Setup" -> -a C:\Users\XXX\AppData\Local\Temp\7zS806E4871\GenericSetup.exe -d C:\Users\XXX\AppData\Local\Temp\7zS806E4871 -c C:\Users\XXX\AppData\Local\Temp\7zS806E4871\GenericSetup.exe hhwnd=9832342 hasync hthankyoupage="hxxp://www.gomlab.com/gom/installThanks.gom?pr ... r&lang=eng" title="GOM Player (the data entry has 7 more characters). <==== ATTENTION
Task: {968F1CAD-5227-4345-9FA0-6C6F5E95C3B4} - System32\Tasks\TVT\LaunchRnR => C:\Program Files (x86)\Lenovo\Rescue and Recovery\rrcmd.exe [1272168 2013-09-25] (Lenovo Information Products (Shenzhen) Co.,Ltd -> Lenovo Limited Group Corporation)
Task: {B0C00EAD-68F6-44BB-88EC-A2302D4B1D30} - System32\Tasks\{5CC936AD-914B-404D-B40F-5FC717E65481} => C:\Windows\system32\pcalua.exe -a "C:\Program Files (x86)\KONAMI\MetalGearSolid2 Substance\bin\MGS2SSetup.exe" -d "C:\Program Files (x86)\KONAMI\MetalGearSolid2 Substance\bin"
Task: {B2ABA462-A170-4CEC-9206-31F92E4AD5F7} - System32\Tasks\Synaptics TouchPad Enhancements => \Program Files\Synaptics\SynTP\SynTPEnh.exe [2916592 2014-07-28] (Synaptics Incorporated -> Synaptics Incorporated)
Task: {B95E45FA-6E22-4186-8D04-AE8DB0A689AA} - System32\Tasks\TVT\UpdateRnR => C:\Program Files (x86)\Common Files\Lenovo\Scheduler\tvtsetsched.exe [593920 2013-09-25] () [File not signed]

(If an entry is included in the fixlist, the task (.job) file will be moved. The file which is running by the task will not be moved.)

Task: C:\Windows\Tasks\EPSON XP-630 Series Update {326805B2-8C58-4D3D-A4E5-E90D3768C8D5}.job => C:\Windows\system32\spool\DRIVERS\x64\3\E_YTSPLE.EXE:/EXE:{326805B2-8C58-4D3D-A4E5-E90D3768C8D5} /F:UpdateSYSTEMĊSearches for EPSON software updates, and notifies you when updates are available.If this task is disabled or stopped, your EPSON software will not be automatically kept up to date.Thi
Task: C:\Windows\Tasks\EPSON XP-630 Series Update {4AAB39D2-890A-4DC4-B515-785176BC5786}.job => C:\Windows\system32\spool\DRIVERS\x64\3\E_YTSPLE.EXE:/EXE:{4AAB39D2-890A-4DC4-B515-785176BC5786} /F:UpdateSYSTEMĊSearches for EPSON software updates, and notifies you when updates are available.If this task is disabled or stopped, your EPSON software will not be automatically kept up to date.Thi
Task: C:\Windows\Tasks\EPSON XP-630 Series Update {C5E4CE44-5ED1-48B5-8A3C-4952643C058B}.job => C:\Windows\system32\spool\DRIVERS\x64\3\E_YTSPLE.EXE:/EXE:{C5E4CE44-5ED1-48B5-8A3C-4952643C058B} /F:UpdateSYSTEMĊSearches for EPSON software updates, and notifies you when updates are available.If this task is disabled or stopped, your EPSON software will not be automatically kept up to date.Thi

==================== Internet (Whitelisted) ====================

(If an item is included in the fixlist, if it is a registry item it will be removed or restored to default.)

Tcpip\Parameters: [DhcpNameServer] 192.168.0.1
Tcpip\..\Interfaces\{362D3F70-6BF6-47E7-B731-78954894A20C}: [DhcpNameServer] 192.168.0.1

Edge:
=======
Edge DefaultProfile: Profile 1
Edge Profile: C:\Users\XXX\AppData\Local\Microsoft\Edge\User Data\Profile 1 [2021-09-21]
Edge Notifications: Profile 1 -> hxxps://meet.google.com

FireFox:
========
FF HKLM-x32\...\Firefox\Extensions: [e-webprint@epson.com] - C:\Program Files (x86)\Epson Software\E-Web Print\Firefox Add-on
FF Extension: (E-Web Print) - C:\Program Files (x86)\Epson Software\E-Web Print\Firefox Add-on [2020-02-24] [Legacy] [not signed]
FF Plugin: @microsoft.com/GENUINE -> disabled [No File]
FF Plugin-x32: @microsoft.com/GENUINE -> disabled [No File]
FF Plugin-x32: @update.ccleanerbrowser.com/CCleaner Browser;version=3 -> C:\Program Files (x86)\CCleaner Browser\Update\1.7.848.0\npCCleanerBrowserUpdate3.dll [No File]
FF Plugin-x32: @update.ccleanerbrowser.com/CCleaner Browser;version=9 -> C:\Program Files (x86)\CCleaner Browser\Update\1.7.848.0\npCCleanerBrowserUpdate3.dll [No File]

==================== Services (Whitelisted) ===================

(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)

R2 connect2hotspot; C:\Program Files (x86)\Lenovo\Connect2\Connect2.Service.exe [100680 2017-02-08] (Lenovo -> Lenovo)
R2 DCIService; C:\Program Files (x86)\Lavasoft\Web Companion\Service\x64\DCIService.exe [3413424 2021-09-20] (Lavasoft Software Canada Inc. -> )
R2 DisplayLinkService; C:\Program Files\DisplayLink Core Software\8.0.778.0\DisplayLinkManager.exe [11871976 2016-08-23] (DISPLAYLINK -> DisplayLink Corp.)
R2 EpsonCustomerResearchParticipation; C:\Program Files\EPSON\EpsonCustomerResearchParticipation\EPCP.exe [685496 2019-05-08] (SEIKO EPSON CORPORATION -> SEIKO EPSON CORPORATION)
R2 EpsonScanSvc; C:\Windows\system32\EscSvc64.exe [144560 2012-05-17] (SEIKO EPSON Corporation -> Seiko Epson Corporation)
R2 EPSON_PM_RPCV4_06; C:\Program Files\Common Files\EPSON\EPW!3 SSRP\E_S60RPB.EXE [152640 2013-04-15] (SEIKO EPSON Corporation -> SEIKO EPSON CORPORATION)
R2 LPlatSvc; C:\Windows\system32\LPlatSvc.exe [711248 2017-04-01] (Lenovo -> Lenovo.)
R2 QDLService2kLenovo; C:\Program Files (x86)\QUALCOMM\QDLService2k\QDLService2kLenovo.exe [1688384 2011-05-23] (Qualcomm Inc -> QUALCOMM, Inc.)
S3 ss_conn_launcher_service; C:\Windows\system32\Samsung\EasySetup\ss_conn_launcher.exe [182328 2020-04-27] (Samsung Electronics Co., Ltd. -> Samsung Electronics Co., Ltd.)
R2 ss_conn_service; C:\Program Files (x86)\Samsung\USB Drivers\27_ssconn\conn\ss_conn_service.exe [752224 2020-04-27] (Samsung Electronics CO., LTD. -> DEVGURU Co., LTD.)
R2 ss_conn_service2; C:\Program Files (x86)\Samsung\USB Drivers\28_ssconn2\conn\ss_conn_service2.exe [934328 2020-04-27] (Samsung Electronics Co., Ltd. -> DEVGURU Co., LTD.)
R2 TeamViewer; C:\Program Files (x86)\TeamViewer\TeamViewer_Service.exe [13271336 2021-09-02] (TeamViewer Germany GmbH -> TeamViewer Germany GmbH)
S4 ThinkVantage Registry Monitor Service; C:\Program Files (x86)\Common Files\Lenovo\tvt_reg_monitor_svc.exe [1028096 2010-08-31] (Lenovo Group Limited) [File not signed]
S3 TVT Backup Service; C:\Program Files (x86)\Lenovo\Rescue and Recovery\rrservice.exe [1526120 2013-09-25] (Lenovo Information Products (Shenzhen) Co.,Ltd -> Lenovo Group Limited)
R2 WCAssistantService; C:\Program Files (x86)\Lavasoft\Web Companion\Application\Lavasoft.WCAssistant.WinService.exe [22960 2021-09-20] (Lavasoft Software Canada Inc. -> )
R2 WinDefend; C:\Program Files\Windows Defender\mpsvc.dll [1011712 2013-05-27] (Microsoft Windows -> Microsoft Corporation)

===================== Drivers (Whitelisted) ===================

(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)

R2 BdDci; C:\Windows\System32\DRIVERS\bddci.sys [367096 2021-09-20] (Bitdefender SRL -> Bitdefender)
R2 rimspci; C:\Windows\System32\DRIVERS\rimspe64.sys [61952 2009-10-26] (Microsoft Windows Hardware Compatibility Publisher -> REDC)
R3 SrvHsfHDA; C:\Windows\System32\DRIVERS\VSTAZL6.SYS [292864 2009-06-10] (Microsoft Windows -> Conexant Systems, Inc.)
R3 SrvHsfV92; C:\Windows\System32\DRIVERS\VSTDPV6.SYS [1485312 2009-06-10] (Microsoft Windows -> Conexant Systems, Inc.)
R3 SrvHsfWinac; C:\Windows\System32\DRIVERS\VSTCNXT6.SYS [740864 2009-06-10] (Microsoft Windows -> Conexant Systems, Inc.)
S3 ssudmdm; C:\Windows\System32\DRIVERS\ssudmdm.sys [166760 2020-04-27] (Samsung Electronics Co., Ltd. -> Samsung Electronics Co., Ltd.)
S3 ss_conn_usb_driver2; C:\Windows\System32\Drivers\ss_conn_usb_driver2.sys [43368 2020-04-27] (Samsung Electronics Co., Ltd. -> Samsung Electronics Co., Ltd.)
R3 TVTI2C; C:\Windows\System32\DRIVERS\Tvti2c.sys [40248 2011-05-30] (Lenovo Information Products (Shenzhen) Co.,Ltd -> Lenovo Information Product(ShenZhen China) Inc.)

==================== NetSvcs (Whitelisted) ===================

(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)


==================== One month (created) (Whitelisted) =========

(If an entry is included in the fixlist, the file/folder will be moved.)

2021-09-21 16:14 - 2021-09-21 16:15 - 000000000 ____D C:\rsit
2021-09-21 16:14 - 2021-09-21 16:15 - 000000000 ____D C:\Program Files\trend micro
2021-09-21 16:13 - 2021-09-21 16:18 - 000018118 _____ C:\Users\XXX\Desktop\FRST.txt
2021-09-21 16:13 - 2021-09-21 16:13 - 001222144 _____ C:\Users\XXX\Desktop\RSITx64.exe
2021-09-21 16:09 - 2021-09-21 16:09 - 002304512 _____ (Farbar) C:\Users\XXX\Desktop\FRST64.exe
2021-09-21 15:53 - 2021-09-21 16:16 - 000000000 ____D C:\FRST
2021-09-21 15:39 - 2021-09-21 15:39 - 000388608 _____ (Trend Micro Inc.) C:\Users\XXX\Downloads\HijackThis.exe
2021-09-21 14:58 - 2021-09-21 14:58 - 000002296 _____ C:\Users\XXX\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Maxthon.lnk
2021-09-21 14:58 - 2021-09-21 14:58 - 000002259 _____ C:\Users\XXX\Desktop\Maxthon.lnk
2021-09-21 14:58 - 2021-09-21 14:58 - 000000000 ____D C:\Users\XXX\AppData\Roaming\VBox
2021-09-21 14:58 - 2021-09-21 14:58 - 000000000 ____D C:\Users\XXX\AppData\Local\vback
2021-09-21 14:57 - 2021-09-21 14:58 - 000000000 ____D C:\Users\XXX\AppData\Local\Maxthon
2021-09-20 07:44 - 2021-09-20 07:44 - 000367096 _____ (Bitdefender) C:\Windows\system32\Drivers\bddci.sys
2021-09-19 14:18 - 2021-09-19 15:53 - 000000000 ____D C:\Users\XXX\Downloads\Alphaville - First Harvest 1984 1992
2021-09-19 10:27 - 2021-09-19 09:33 - 124298470 _____ C:\Users\XXX\Desktop\06.-New Year's Day.flac
2021-09-02 09:27 - 2021-09-02 09:27 - 000001054 _____ C:\Users\Public\Desktop\BurnAware Free.lnk
2021-09-02 09:27 - 2021-09-02 09:27 - 000000000 ____D C:\Users\XXX\AppData\Roaming\Burnaware
2021-09-02 09:27 - 2021-09-02 09:27 - 000000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\BurnAware Free
2021-09-02 09:27 - 2021-09-02 09:27 - 000000000 ____D C:\Program Files (x86)\BurnAware Free

==================== One month (modified) ==================

(If an entry is included in the fixlist, the file/folder will be moved.)

2021-09-21 16:02 - 2020-02-24 14:59 - 000000000 ____D C:\Program Files (x86)\TeamViewer
2021-09-21 16:02 - 2020-02-24 14:02 - 000000911 _____ C:\Windows\Tasks\EPSON XP-630 Series Update {4AAB39D2-890A-4DC4-B515-785176BC5786}.job
2021-09-21 16:01 - 2009-07-14 07:08 - 000000006 ____H C:\Windows\Tasks\SA.DAT
2021-09-21 15:45 - 2020-11-08 22:45 - 000000911 _____ C:\Windows\Tasks\EPSON XP-630 Series Update {C5E4CE44-5ED1-48B5-8A3C-4952643C058B}.job
2021-09-21 15:39 - 2020-02-08 19:16 - 000000000 ____D C:\Users\XXX\AppData\Local\VirtualStore
2021-09-21 14:57 - 2020-02-24 13:57 - 000000911 _____ C:\Windows\Tasks\EPSON XP-630 Series Update {326805B2-8C58-4D3D-A4E5-E90D3768C8D5}.job
2021-09-21 14:48 - 2009-07-14 06:45 - 000026176 ____H C:\Windows\system32\7B296FB0-376B-497e-B012-9C450E1B7327-5P-1.C7483456-A289-439d-8115-601632D005A0
2021-09-21 14:48 - 2009-07-14 06:45 - 000026176 ____H C:\Windows\system32\7B296FB0-376B-497e-B012-9C450E1B7327-5P-0.C7483456-A289-439d-8115-601632D005A0
2021-09-21 14:27 - 2020-02-20 14:08 - 000000000 ____D C:\Users\XXX\AppData\Roaming\Maxthon5
2021-09-21 14:15 - 2009-07-14 05:20 - 000000000 ____D C:\Windows\system32\NDF
2021-09-21 13:59 - 2009-07-14 05:20 - 000000000 ____D C:\Windows\inf
2021-09-19 16:01 - 2020-02-25 13:42 - 000001491 _____ C:\Users\XXX\Desktop\AudioExtractor.ini
2021-09-19 15:56 - 2021-04-26 11:13 - 000000000 ____D C:\Users\XXX\AppData\Roaming\uTorrent
2021-09-19 09:01 - 2020-07-01 16:29 - 000002221 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Microsoft Edge.lnk
2021-09-19 09:01 - 2020-07-01 16:29 - 000002180 _____ C:\Users\Public\Desktop\Microsoft Edge.lnk
2021-09-15 15:34 - 2020-02-24 19:29 - 000000000 ____D C:\Windows\system32\MRT
2021-09-15 15:29 - 2020-02-24 19:29 - 135637312 ____C (Microsoft Corporation) C:\Windows\system32\MRT.exe
2021-09-06 14:19 - 2020-02-09 12:03 - 000000000 ____D C:\Users\XXX\My Drivers
2021-09-01 12:00 - 2020-12-23 14:18 - 000000000 ____D C:\SWSHARE
2021-08-30 22:45 - 2020-02-24 17:56 - 000803176 ____N (Microsoft Corporation) C:\Windows\system32\MpSigStub.exe
2021-08-24 16:40 - 2009-07-14 17:18 - 000668376 _____ C:\Windows\system32\perfh005.dat
2021-08-24 16:40 - 2009-07-14 17:18 - 000141004 _____ C:\Windows\system32\perfc005.dat
2021-08-24 16:40 - 2009-07-14 07:13 - 001582262 _____ C:\Windows\system32\PerfStringBackup.INI

==================== Files in the root of some directories ========

2020-09-18 11:27 - 2020-09-18 11:27 - 000195296 _____ () C:\Users\XXX\comcat5.dll
2020-04-08 11:23 - 2020-04-08 13:25 - 000001576 _____ () C:\Program Files (x86)\DialogysUninstWPS.bat
2020-04-08 11:23 - 2020-04-08 11:23 - 000000840 _____ () C:\Program Files (x86)\INSTALL.LOG
2020-04-08 11:23 - 2014-09-12 13:01 - 000176055 _____ () C:\Program Files (x86)\UninstScript.EXE
2020-12-23 11:55 - 2020-12-23 12:18 - 000013797 _____ () C:\Users\XXX\AppData\Local\WiDiSetupLog.20201223.105508.wdl

==================== FLock ==============================

2020-12-23 14:37 C:\RRbackups

==================== SigCheck ============================

(There is no automatic fix for files that do not pass verification.)


LastRegBack: 2021-09-19 16:22
==================== End of FRST.txt ========================


Logfile of random's system information tool 1.10 (written by random/random)
Run by XXX at 2021-09-21 16:14:28
Microsoft Windows 7 Home Premium Service Pack 1
System drive C: has 90 GB (30%) free of 303 GB
Total RAM: 5940 MB (65% free)

Logfile of Trend Micro HijackThis v2.0.4
Scan saved at 16:15:29, on 21.9.2021
Platform: Windows 7 SP1 (WinNT 6.00.3505)
MSIE: Internet Explorer v11.0 (11.00.9600.19597)
Boot mode: Normal

Running processes:
C:\Program Files (x86)\EPSON Software\Epson Printer Connection Checker\EPPCCMON.EXE
C:\Program Files (x86)\Lavasoft\Web Companion\Application\WebCompanion.exe
C:\Program Files (x86)\EPSON Software\Event Manager\EEventManager.exe
C:\Program Files (x86)\TeamViewer\TeamViewer.exe
C:\Program Files\trend micro\XXX.exe

R1 - HKCU\Software\Microsoft\Internet Explorer\Main,Search Page = http://go.microsoft.com/fwlink/?LinkId=54896
R0 - HKCU\Software\Microsoft\Internet Explorer\Main,Start Page = http://go.microsoft.com/fwlink/?LinkId=69157
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = http://go.microsoft.com/fwlink/p/?LinkId=255141
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Search_URL = http://go.microsoft.com/fwlink/?LinkId=54896
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Search Page = http://go.microsoft.com/fwlink/?LinkId=54896
R0 - HKLM\Software\Microsoft\Internet Explorer\Main,Start Page = http://go.microsoft.com/fwlink/p/?LinkId=255141
R0 - HKLM\Software\Microsoft\Internet Explorer\Search,SearchAssistant =
R0 - HKLM\Software\Microsoft\Internet Explorer\Search,CustomizeSearch =
R0 - HKLM\Software\Microsoft\Internet Explorer\Main,Local Page = C:\Windows\SysWOW64\blank.htm
R0 - HKCU\Software\Microsoft\Internet Explorer\Toolbar,LinksFolderName =
F2 - REG:system.ini: UserInit=userinit.exe
O2 - BHO: IEToEdge BHO - {1FD49718-1D00-4B19-AF5F-070AF6D5D54C} - C:\Program Files (x86)\Microsoft\Edge\Application\93.0.961.52\BHO\ie_to_edge_bho.dll
O2 - BHO: E-Web Print - {201CF130-E29C-4E5C-A73F-CD197DEFA6AE} - C:\Program Files (x86)\Epson Software\E-Web Print\ewps_tb.dll
O3 - Toolbar: E-Web Print - {201CF130-E29C-4E5C-A73F-CD197DEFA6AE} - C:\Program Files (x86)\Epson Software\E-Web Print\ewps_tb.dll
O4 - HKLM\..\Run: [EEventManager] "C:\Program Files (x86)\Epson Software\Event Manager\EEventManager.exe"
O4 - HKLM\..\Run: [PWRISOVM.EXE] C:\Program Files\PowerISO\PWRISOVM.EXE -startup
O4 - HKCU\..\Run: [EPLTarget\P0000000000000000] C:\Windows\system32\spool\DRIVERS\x64\3\E_YATIPLE.EXE /EPT "EPLTarget\P0000000000000000" /M "XP-630 Series"
O4 - HKCU\..\Run: [EPLTarget\P0000000000000001] C:\Windows\system32\spool\DRIVERS\x64\3\E_YATIPLE.EXE /EPT "EPLTarget\P0000000000000001" /M "XP-630 Series"
O4 - HKCU\..\Run: [Web Companion] C:\Program Files (x86)\Lavasoft\Web Companion\Application\WebCompanion.exe --minimize
O4 - HKCU\..\Run: [EPSDNMON] ""
O4 - HKCU\..\Run: [EPLTarget\P0000000000000002] C:\Windows\system32\spool\DRIVERS\x64\3\E_YATIPLE.EXE /EPT "EPLTarget\P0000000000000002" /M "XP-630 Series"
O4 - HKCU\..\Run: [CCleaner Monitoring] "C:\Program Files\CCleaner\CCleaner64.exe" /MONITOR
O4 - HKUS\S-1-5-19\..\Run: [Sidebar] %ProgramFiles%\Windows Sidebar\Sidebar.exe /autoRun (User 'LOCAL SERVICE')
O4 - HKUS\S-1-5-19\..\RunOnce: [mctadmin] C:\Windows\System32\mctadmin.exe (User 'LOCAL SERVICE')
O4 - HKUS\S-1-5-20\..\Run: [Sidebar] %ProgramFiles%\Windows Sidebar\Sidebar.exe /autoRun (User 'NETWORK SERVICE')
O4 - HKUS\S-1-5-20\..\RunOnce: [mctadmin] C:\Windows\System32\mctadmin.exe (User 'NETWORK SERVICE')
O4 - HKUS\S-1-5-21-555042887-2286466740-3098252512-1003\..\Run: [Sidebar] %ProgramFiles%\Windows Sidebar\Sidebar.exe /autoRun (User 'UpdatusUser')
O4 - HKUS\S-1-5-21-555042887-2286466740-3098252512-1003\..\RunOnce: [mctadmin] C:\Windows\System32\mctadmin.exe (User 'UpdatusUser')
O4 - HKUS\S-1-5-18\..\RunOnce: [SPReview] "C:\Windows\System32\SPReview\SPReview.exe" /sp:1 /errorfwlink:"http://go.microsoft.com/fwlink/?LinkID=122915" /build:7601 (User 'SYSTEM')
O4 - HKUS\.DEFAULT\..\RunOnce: [SPReview] "C:\Windows\System32\SPReview\SPReview.exe" /sp:1 /errorfwlink:"http://go.microsoft.com/fwlink/?LinkID=122915" /build:7601 (User 'Default user')
O11 - Options group: [ACCELERATED_GRAPHICS] Accelerated graphics
O15 - Trusted Zone: http://*.webcompanion.com
O20 - AppInit_DLLs: C:\Windows\SysWOW64\nvinit.dll
O23 - Service: @%SystemRoot%\system32\Alg.exe,-112 (ALG) - Unknown owner - C:\Windows\System32\alg.exe (file missing)
O23 - Service: Connect2 Hotspot Service (connect2hotspot) - Lenovo - C:\Program Files (x86)\Lenovo\Connect2\Connect2.Service.exe
O23 - Service: DCIService - - C:\Program Files (x86)\Lavasoft\Web Companion\Service\x64\DCIService.exe
O23 - Service: DisplayLinkManager (DisplayLinkService) - DisplayLink Corp. - C:\Program Files\DisplayLink Core Software\8.0.778.0\DisplayLinkManager.exe
O23 - Service: @%SystemRoot%\system32\efssvc.dll,-100 (EFS) - Unknown owner - C:\Windows\System32\lsass.exe (file missing)
O23 - Service: EpsonCustomerResearchParticipation - SEIKO EPSON CORPORATION - C:\Program Files\EPSON\EpsonCustomerResearchParticipation\EPCP.exe
O23 - Service: Epson Scanner Service (EpsonScanSvc) - Unknown owner - C:\Windows\system32\EscSvc64.exe (file missing)
O23 - Service: EPSON V3 Service4(06) (EPSON_PM_RPCV4_06) - SEIKO EPSON CORPORATION - C:\Program Files\Common Files\EPSON\EPW!3 SSRP\E_S60RPB.EXE
O23 - Service: @%systemroot%\system32\fxsresm.dll,-118 (Fax) - Unknown owner - C:\Windows\system32\fxssvc.exe (file missing)
O23 - Service: Lenovo PM Service (IBMPMSVC) - Unknown owner - C:\Windows\system32\ibmpmsvc.exe (file missing)
O23 - Service: @%SystemRoot%\system32\ieetwcollectorres.dll,-1000 (IEEtwCollectorService) - Unknown owner - C:\Windows\system32\IEEtwCollector.exe (file missing)
O23 - Service: @keyiso.dll,-100 (KeyIso) - Unknown owner - C:\Windows\system32\lsass.exe (file missing)
O23 - Service: Lenovo Platform Service (LPlatSvc) - Unknown owner - C:\Windows\system32\LPlatSvc.exe (file missing)
O23 - Service: @comres.dll,-2797 (MSDTC) - Unknown owner - C:\Windows\System32\msdtc.exe (file missing)
O23 - Service: @%SystemRoot%\System32\netlogon.dll,-102 (Netlogon) - Unknown owner - C:\Windows\system32\lsass.exe (file missing)
O23 - Service: NVIDIA Display Driver Service (nvsvc) - Unknown owner - C:\Windows\system32\nvvsvc.exe (file missing)
O23 - Service: NVIDIA Update Service Daemon (nvUpdatusService) - NVIDIA Corporation - C:\Program Files (x86)\NVIDIA Corporation\NVIDIA Update Core\daemonu.exe
O23 - Service: @%systemroot%\system32\psbase.dll,-300 (ProtectedStorage) - Unknown owner - C:\Windows\system32\lsass.exe (file missing)
O23 - Service: Qualcomm Gobi 2000 Download Service (Lenovo) (QDLService2kLenovo) - QUALCOMM, Inc. - C:\Program Files (x86)\QUALCOMM\QDLService2k\QDLService2kLenovo.exe
O23 - Service: Intel(R) PROSet/Wireless Registry Service (RegSrvc) - Intel(R) Corporation - C:\Program Files\Common Files\Intel\WirelessCommon\RegSrvc.exe
O23 - Service: @%systemroot%\system32\Locator.exe,-2 (RpcLocator) - Unknown owner - C:\Windows\system32\locator.exe (file missing)
O23 - Service: @%SystemRoot%\system32\samsrv.dll,-1 (SamSs) - Unknown owner - C:\Windows\system32\lsass.exe (file missing)
O23 - Service: @%SystemRoot%\system32\snmptrap.exe,-3 (SNMPTRAP) - Unknown owner - C:\Windows\System32\snmptrap.exe (file missing)
O23 - Service: @%systemroot%\system32\spoolsv.exe,-1 (Spooler) - Unknown owner - C:\Windows\System32\spoolsv.exe (file missing)
O23 - Service: @%SystemRoot%\system32\sppsvc.exe,-101 (sppsvc) - Unknown owner - C:\Windows\system32\sppsvc.exe (file missing)
O23 - Service: SAMSUNG Mobile USB Connectivity Launcher (ss_conn_launcher_service) - Unknown owner - C:\Windows\system32\Samsung\EasySetup\ss_conn_launcher.exe (file missing)
O23 - Service: SAMSUNG Mobile Connectivity Service (ss_conn_service) - DEVGURU Co., LTD. - C:\Program Files (x86)\Samsung\USB Drivers\27_ssconn\conn\ss_conn_service.exe
O23 - Service: SAMSUNG Mobile Connectivity Service V2 (ss_conn_service2) - DEVGURU Co., LTD. - C:\Program Files (x86)\Samsung\USB Drivers\28_ssconn2\conn\ss_conn_service2.exe
O23 - Service: TeamViewer - TeamViewer Germany GmbH - C:\Program Files (x86)\TeamViewer\TeamViewer_Service.exe
O23 - Service: TVT Backup Service - Lenovo Group Limited - C:\Program Files (x86)\Lenovo\Rescue and Recovery\rrservice.exe
O23 - Service: @%SystemRoot%\system32\ui0detect.exe,-101 (UI0Detect) - Unknown owner - C:\Windows\system32\UI0Detect.exe (file missing)
O23 - Service: @%SystemRoot%\system32\vaultsvc.dll,-1003 (VaultSvc) - Unknown owner - C:\Windows\system32\lsass.exe (file missing)
O23 - Service: @%SystemRoot%\system32\vds.exe,-100 (vds) - Unknown owner - C:\Windows\System32\vds.exe (file missing)
O23 - Service: @%systemroot%\system32\vssvc.exe,-102 (VSS) - Unknown owner - C:\Windows\system32\vssvc.exe (file missing)
O23 - Service: @%SystemRoot%\system32\Wat\WatUX.exe,-601 (WatAdminSvc) - Unknown owner - C:\Windows\system32\Wat\WatAdminSvc.exe (file missing)
O23 - Service: @%systemroot%\system32\wbengine.exe,-104 (wbengine) - Unknown owner - C:\Windows\system32\wbengine.exe (file missing)
O23 - Service: WC Assistant (WCAssistantService) - Unknown owner - C:\Program Files (x86)\Lavasoft\Web Companion\Application\Lavasoft.WCAssistant.WinService.exe
O23 - Service: @%Systemroot%\system32\wbem\wmiapsrv.exe,-110 (wmiApSrv) - Unknown owner - C:\Windows\system32\wbem\WmiApSrv.exe (file missing)
O23 - Service: @%PROGRAMFILES%\Windows Media Player\wmpnetwk.exe,-101 (WMPNetworkSvc) - Unknown owner - C:\Program Files (x86)\Windows Media Player\wmpnetwk.exe (file missing)

--
End of file - 9501 bytes

======Listing Processes======



\SystemRoot\System32\smss.exe
%SystemRoot%\system32\csrss.exe ObjectDirectory=\Windows SharedSection=1024,20480,768 Windows=On SubSystemType=Windows ServerDll=basesrv,1 ServerDll=winsrv:UserServerDllInitialization,3 ServerDll=winsrv:ConServerDllInitialization,2 ServerDll=sxssrv,4 ProfileControl=Off MaxRequestThreads=16
wininit.exe
%SystemRoot%\system32\csrss.exe ObjectDirectory=\Windows SharedSection=1024,20480,768 Windows=On SubSystemType=Windows ServerDll=basesrv,1 ServerDll=winsrv:UserServerDllInitialization,3 ServerDll=winsrv:ConServerDllInitialization,2 ServerDll=sxssrv,4 ProfileControl=Off MaxRequestThreads=16
C:\Windows\system32\services.exe
C:\Windows\system32\lsass.exe
C:\Windows\system32\lsm.exe
C:\Windows\system32\svchost.exe -k DcomLaunch
winlogon.exe
C:\Windows\system32\ibmpmsvc.exe
C:\Windows\system32\LPlatSvc.exe
"C:\Windows\system32\nvvsvc.exe"
C:\Windows\system32\svchost.exe -k RPCSS
C:\Windows\System32\svchost.exe -k LocalServiceNetworkRestricted
C:\Windows\System32\svchost.exe -k LocalSystemNetworkRestricted
C:\Windows\system32\svchost.exe -k LocalService
C:\Windows\system32\svchost.exe -k netsvcs
C:\Windows\system32\svchost.exe -k GPSvcGroup
"C:\Program Files\DisplayLink Core Software\8.0.778.0\DisplayLinkManager.exe"
"C:\Program Files\NVIDIA Corporation\Display\nvxdsync.exe"
C:\Windows\system32\nvvsvc.exe -session -first
"C:\Windows\system32\LPlatSvc.exe" -EM
"C:\Windows\System32\WUDFHost.exe" -HostGUID:{193a1820-d9ac-4997-8c55-be817523f6aa} -IoEventPortName:HostProcess-9a01b958-501c-4daa-8c9b-9def8f5a808f -SystemEventPortName:HostProcess-ecc18278-3157-48fc-b254-dbd69059ac1a -IoCancelEventPortName:HostProcess-2ecade95-2d3d-42d8-b764-fc8d6e8c2d50 -NonStateChangingEventPortName:HostProcess-748a65b5-8859-49f5-9aa5-ab9ebf9cb178 -ServiceSID:S-1-5-80-2652678385-582572993-1835434367-1344795993-749280709 -LifetimeId:3e908f06-1663-4c3e-bbce-653bd355d5c5 -DeviceGroupId:
C:\Windows\system32\svchost.exe -k NetworkService
"C:\Program Files\DisplayLink Core Software\8.0.778.0\DisplayLinkUserAgent.exe" -dluPipeName dl.dlu.s3PULntKOo89YaUZMvXzmyW5g2TwTUr3u2xtQ1XWzu4CD0Ox2dPv1S1faO2hdea8 -monitorableAppPipeName dl.monitorable.app.SLAOKuflbxYTIiGqOeNjQSG8GfwHN42Mx2onFSeho0IeRiFB53Caq11dEifI0vt9
"taskhost.exe"
C:\Windows\System32\spoolsv.exe
C:\Windows\system32\svchost.exe -k LocalServiceNoNetwork
"C:\Program Files\DisplayLink Core Software\8.0.778.0\DisplayLinkUI.exe" -monitorableAppPipeName dl.monitorable.app.CnIrvWT7Qnctdvn6JtlpeQYEh5d97aadYVFV1LYc6u27NEDxyCgZd2GNMZxZkqtp
"C:\Program Files (x86)\Lenovo\Connect2\Connect2.Service.exe"
taskeng.exe {98D61294-A45F-494C-9D3C-60AE83103CF1}
"\Program Files\Synaptics\SynTP\SynTPEnh.exe"
"C:\Program Files\Synaptics\SynTP\SynTPLpr.exe"
"C:\Windows\system32\Dwm.exe"
C:\Windows\Explorer.EXE
"C:\Program Files (x86)\EPSON Software\Epson Printer Connection Checker\EPPCCMON.EXE"
"C:\Windows\System32\igfxtray.exe"
"C:\Windows\System32\hkcmd.exe"
"C:\Program Files (x86)\Lavasoft\Web Companion\Service\x64\DCIService.exe"
"C:\Windows\System32\igfxpers.exe"
C:\Windows\splwow64.exe 8192
"C:\Program Files\Lenovo\USB Enhanced Performance Keyboard\Skdaemon.exe"
"C:\Windows\System32\spool\drivers\x64\3\E_YATIPLE.EXE" /EPT "EPLTarget\P0000000000000000" /M "XP-630 Series"
"C:\Windows\System32\spool\drivers\x64\3\E_YATIPLE.EXE" /EPT "EPLTarget\P0000000000000001" /M "XP-630 Series"
"C:\Program Files (x86)\Lavasoft\Web Companion\Application\WebCompanion.exe" --minimize
"C:\Windows\System32\spool\drivers\x64\3\E_YATIPLE.EXE" /EPT "EPLTarget\P0000000000000002" /M "XP-630 Series"
C:\Windows\System32\svchost.exe -k utcsvc
"C:\Program Files\EPSON\EpsonCustomerResearchParticipation\EPCP.exe"
"C:\Program Files (x86)\EPSON Software\Event Manager\EEventManager.exe"
"C:\Program Files\CCleaner\CCleaner.exe" /MONITOR /uac
C:\Windows\system32\EscSvc64.exe
"C:\Program Files\Common Files\EPSON\EPW!3 SSRP\E_S60RPB.EXE"
"C:\Program Files (x86)\QUALCOMM\QDLService2k\QDLService2kLenovo.exe"
"C:\Program Files\Common Files\Intel\WirelessCommon\RegSrvc.exe"
"C:\Program Files\PowerISO\PWRISOVM.EXE" -startup
"C:\Program Files (x86)\Samsung\USB Drivers\27_ssconn\conn\ss_conn_service.exe"
"C:\Program Files (x86)\Samsung\USB Drivers\28_ssconn2\conn\ss_conn_service2.exe"
C:\Windows\system32\svchost.exe -k imgsvc
"C:\Program Files (x86)\TeamViewer\TeamViewer_Service.exe"
"C:\Program Files (x86)\Lavasoft\Web Companion\Application\Lavasoft.WCAssistant.WinService.exe"
C:\Windows\system32\wbem\wmiprvse.exe
C:\Windows\system32\SearchIndexer.exe /Embedding
C:\Windows\system32\svchost.exe -k bthsvcs
"C:\Program Files\Windows Media Player\wmpnetwk.exe"
"C:\PROGRAM FILES\SYNAPTICS\SYNTP\SYNTPHELPER.EXE"
"C:\Users\XXX\AppData\Local\Maxthon\Application\Maxthon.exe"
C:\Windows\Microsoft.Net\Framework64\v3.0\WPF\PresentationFontCache.exe
C:\Users\XXX\AppData\Local\Maxthon\Application\Maxthon.exe --type=crashpad-handler "--user-data-dir=C:\Users\XXX\AppData\Local\Maxthon\Application\User Data" /prefetch:7 --monitor-self-annotation=ptype=crashpad-handler "--database=C:\Users\XXX\AppData\Local\Maxthon\Application\User Data\Crashpad" "--metrics-dir=C:\Users\XXX\AppData\Local\Maxthon\Application\User Data" --annotation=plat=Win64 --annotation=prod=Maxthon --annotation=ver=6.1.2.1000 --initial-client-data=0xc4,0xc8,0xcc,0x98,0xd0,0x7fee49170c8,0x7fee49170d8,0x7fee49170e8
"C:\Users\XXX\AppData\Local\Maxthon\Application\Maxthon.exe" --type=gpu-process --field-trial-handle=1120,4344957839458997396,2002663198858407903,131072 --no-sandbox --start-stack-profiler --gpu-preferences=SAAAAAAAAADgAAAwAAAAAAAAAAAAAAAAAABgAAAAAAAoAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAB4AAAAAAAAAHgAAAAAAAAAKAAAAAQAAAAgAAAAAAAAACgAAAAAAAAAMAAAAAAAAAA4AAAAAAAAABAAAAAAAAAAAAAAAAUAAAAQAAAAAAAAAAAAAAAGAAAAEAAAAAAAAAABAAAABQAAABAAAAAAAAAAAQAAAAYAAAAIAAAAAAAAAAgAAAAAAAAA --mojo-platform-channel-handle=1124 /prefetch:2
"C:\Users\XXX\AppData\Local\Maxthon\Application\Maxthon.exe" --type=utility --utility-sub-type=network.mojom.NetworkService --field-trial-handle=1120,4344957839458997396,2002663198858407903,131072 --lang=cs --service-sandbox-type=network --no-sandbox --mojo-platform-channel-handle=1328 /prefetch:8
"C:\Users\XXX\AppData\Local\Maxthon\Application\Maxthon.exe" --type=utility --utility-sub-type=storage.mojom.StorageService --field-trial-handle=1120,4344957839458997396,2002663198858407903,131072 --lang=cs --service-sandbox-type=utility --no-sandbox --mojo-platform-channel-handle=1760 /prefetch:8
C:\Windows\system32\svchost.exe -k LocalServiceAndNoImpersonation
"C:\Users\XXX\AppData\Local\Maxthon\Application\Maxthon.exe" --type=utility --utility-sub-type=data_decoder.mojom.DataDecoderService --field-trial-handle=1120,4344957839458997396,2002663198858407903,131072 --lang=cs --service-sandbox-type=utility --no-sandbox --mojo-platform-channel-handle=2312 /prefetch:8
C:\Windows\System32\svchost.exe -k LocalServicePeerNet
"C:\Users\XXX\AppData\Local\Maxthon\Application\Maxthon.exe" --type=renderer --no-sandbox --field-trial-handle=1120,4344957839458997396,2002663198858407903,131072 --lang=cs --extension-process --device-scale-factor=1.25 --num-raster-threads=2 --enable-main-frame-before-activation --renderer-client-id=5 --no-v8-untrusted-code-mitigations --mojo-platform-channel-handle=3152 /prefetch:1
"C:\Users\XXX\AppData\Local\Maxthon\Application\Maxthon.exe" --type=renderer --no-sandbox --field-trial-handle=1120,4344957839458997396,2002663198858407903,131072 --lang=cs --device-scale-factor=1.25 --num-raster-threads=2 --enable-main-frame-before-activation --renderer-client-id=13 --no-v8-untrusted-code-mitigations --mojo-platform-channel-handle=3848 /prefetch:1
"C:\Program Files (x86)\NVIDIA Corporation\NVIDIA Update Core\daemonu.exe"
"C:\Program Files (x86)\TeamViewer\TeamViewer.exe"

"C:\Program Files (x86)\TeamViewer\tv_w32.exe" --action hooks --log C:\Program Files (x86)\TeamViewer\TeamViewer15_Logfile.log
"C:\Program Files (x86)\TeamViewer\tv_x64.exe" --action hooks --log C:\Program Files (x86)\TeamViewer\TeamViewer15_Logfile.log
"C:\Users\XXX\AppData\Local\Maxthon\Application\Maxthon.exe" --type=renderer --no-sandbox --field-trial-handle=1120,4344957839458997396,2002663198858407903,131072 --lang=cs --device-scale-factor=1.25 --num-raster-threads=2 --enable-main-frame-before-activation --renderer-client-id=19 --no-v8-untrusted-code-mitigations --mojo-platform-channel-handle=5000 /prefetch:1
C:\Windows\system32\sppsvc.exe
"C:\Users\XXX\AppData\Local\Maxthon\Application\Maxthon.exe" --type=renderer --no-sandbox --field-trial-handle=1120,4344957839458997396,2002663198858407903,131072 --lang=cs --device-scale-factor=1.25 --num-raster-threads=2 --enable-main-frame-before-activation --renderer-client-id=32 --no-v8-untrusted-code-mitigations --mojo-platform-channel-handle=5904 /prefetch:1
C:\Windows\system32\DllHost.exe /Processid:{F9717507-6651-4EDB-BFF7-AE615179BCCF}
"C:\Users\XXX\Desktop\FRST64.exe"
C:\Windows\System32\svchost.exe -k secsvcs
C:\Windows\System32\svchost.exe -k swprv
"C:\Users\XXX\AppData\Local\Maxthon\Application\Maxthon.exe" --type=renderer --no-sandbox --field-trial-handle=1120,4344957839458997396,2002663198858407903,131072 --lang=cs --device-scale-factor=1.25 --num-raster-threads=2 --enable-main-frame-before-activation --renderer-client-id=37 --no-v8-untrusted-code-mitigations --mojo-platform-channel-handle=1424 /prefetch:1
"C:\Users\XXX\AppData\Local\Maxthon\Application\Maxthon.exe" --type=renderer --no-sandbox --field-trial-handle=1120,4344957839458997396,2002663198858407903,131072 --lang=cs --device-scale-factor=1.25 --num-raster-threads=2 --enable-main-frame-before-activation --renderer-client-id=39 --no-v8-untrusted-code-mitigations --mojo-platform-channel-handle=3876 /prefetch:1
"C:\Windows\system32\SearchProtocolHost.exe" Global\UsGthrFltPipeMssGthrPipe4_ Global\UsGthrCtrlFltPipeMssGthrPipe4 1 -2147483646 "Software\Microsoft\Windows Search" "Mozilla/4.0 (compatible; MSIE 6.0; Windows NT; MS Search 4.0 Robot)" "C:\ProgramData\Microsoft\Search\Data\Temp\usgthrsvc" "DownLevelDaemon"
"C:\Windows\system32\SearchFilterHost.exe" 0 524 528 536 65536 532
"C:\Users\XXX\Desktop\RSITx64.exe"
C:\Windows\System32\svchost.exe -k WerSvcGroup
C:\Windows\system32\DllHost.exe /Processid:{AB8902B4-09CA-4BB6-B78D-A8F59079A8D5}

======Scheduled tasks folder======

C:\Windows\tasks\EPSON XP-630 Series Update {326805B2-8C58-4D3D-A4E5-E90D3768C8D5}.job - C:\Windows\system32\spool\DRIVERS\x64\3\E_YTSPLE.EXE /EXE:"{326805B2-8C58-4D3D-A4E5-E90D3768C8D5}" /F:"Update"
C:\Windows\tasks\EPSON XP-630 Series Update {4AAB39D2-890A-4DC4-B515-785176BC5786}.job - C:\Windows\system32\spool\DRIVERS\x64\3\E_YTSPLE.EXE /EXE:"{4AAB39D2-890A-4DC4-B515-785176BC5786}" /F:"Update"
C:\Windows\tasks\EPSON XP-630 Series Update {C5E4CE44-5ED1-48B5-8A3C-4952643C058B}.job - C:\Windows\system32\spool\DRIVERS\x64\3\E_YTSPLE.EXE /EXE:"{C5E4CE44-5ED1-48B5-8A3C-4952643C058B}" /F:"Update"

======Registry dump======

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{1FD49718-1D00-4B19-AF5F-070AF6D5D54C}]
IEToEdge BHO - C:\Program Files (x86)\Microsoft\Edge\Application\93.0.961.52\BHO\ie_to_edge_bho_64.dll [2021-09-16 524176]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{9421DD08-935F-4701-A9CA-22DF90AC4EA6}]
Easy Photo Print - C:\Program Files (x86)\Epson Software\Easy Photo Print\EPTBL.dll [2015-07-31 471536]

[HKEY_LOCAL_MACHINE\SOFTWARE\wow6432node\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{1FD49718-1D00-4B19-AF5F-070AF6D5D54C}]
IEToEdge BHO - C:\Program Files (x86)\Microsoft\Edge\Application\93.0.961.52\BHO\ie_to_edge_bho.dll [2021-09-16 406928]

[HKEY_LOCAL_MACHINE\SOFTWARE\wow6432node\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{201CF130-E29C-4E5C-A73F-CD197DEFA6AE}]
E-Web Print - C:\Program Files (x86)\Epson Software\E-Web Print\ewps_tb.dll [2014-11-27 238576]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Internet Explorer\Toolbar]
{9421DD08-935F-4701-A9CA-22DF90AC4EA6} - Easy Photo Print - C:\Program Files (x86)\Epson Software\Easy Photo Print\EPTBL.dll [2015-07-31 471536]

[HKEY_LOCAL_MACHINE\SOFTWARE\wow6432node\Microsoft\Internet Explorer\Toolbar]
{201CF130-E29C-4E5C-A73F-CD197DEFA6AE} - E-Web Print - C:\Program Files (x86)\Epson Software\E-Web Print\ewps_tb.dll [2014-11-27 238576]

[HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Run]
"EPPCCMON"=C:\Program Files (x86)\EPSON Software\Epson Printer Connection Checker\EPPCCMON.EXE [2020-10-22 442936]
"IgfxTray"=C:\Windows\system32\igfxtray.exe [2011-12-22 168216]
"HotKeysCmds"=C:\Windows\system32\hkcmd.exe [2011-12-22 392472]
"Persistence"=C:\Windows\system32\igfxpers.exe [2011-12-22 416024]
"Enhanced Performance Keyboard"=C:\Program Files\Lenovo\USB Enhanced Performance Keyboard\SKDaemon.exe [2014-08-17 4013056]
"SmartAudio"=C:\Program Files\CONEXANT\SAII\SAIICpl.exe [2009-11-15 307768]

[HKEY_CURRENT_USER\Software\Microsoft\Windows\CurrentVersion\Run]
"EPLTarget\P0000000000000000"=C:\Windows\system32\spool\DRIVERS\x64\3\E_YATIPLE.EXE [2014-11-14 417776]
"EPLTarget\P0000000000000001"=C:\Windows\system32\spool\DRIVERS\x64\3\E_YATIPLE.EXE [2014-11-14 417776]
"Web Companion"=C:\Program Files (x86)\Lavasoft\Web Companion\Application\WebCompanion.exe [2021-09-20 9123248]
"EPSDNMON"= []
"EPLTarget\P0000000000000002"=C:\Windows\system32\spool\DRIVERS\x64\3\E_YATIPLE.EXE [2014-11-14 417776]
"CCleaner Monitoring"=C:\Program Files\CCleaner\CCleaner64.exe [2016-01-15 8619224]

[HKEY_LOCAL_MACHINE\Software\wow6432node\Microsoft\Windows\CurrentVersion\Run]
"EEventManager"=C:\Program Files (x86)\Epson Software\Event Manager\EEventManager.exe [2016-01-20 1087184]
"PWRISOVM.EXE"=C:\Program Files\PowerISO\PWRISOVM.EXE [2020-02-09 455872]
""= []

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Windows]
"AppInit_DLLs"="C:\Windows\system32\nvinitx.dll"

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Winlogon\Notify\igfxcui]
C:\Windows\system32\igfxdev.dll [2011-05-21 389632]

[HKEY_LOCAL_MACHINE\system\currentcontrolset\control\securityproviders]
"SecurityProviders"=credssp.dll

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\network\AFD]

[HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Policies\System]
"ConsentPromptBehaviorAdmin"=5
"ConsentPromptBehaviorUser"=3
"EnableUIADesktopToggle"=0
"dontdisplaylastusername"=0
"legalnoticecaption"=
"legalnoticetext"=
"shutdownwithoutlogon"=1
"undockwithoutlogon"=1

[HKEY_CURRENT_USER\Software\Microsoft\Windows\CurrentVersion\Policies\explorer]
"NoDriveTypeAutoRun"=145
"NoDriveAutoRun"=0

[HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Policies\explorer]
"NoActiveDesktop"=1
"NoActiveDesktopChanges"=1
"ForceActiveDesktopOn"=0
"NoDriveTypeAutoRun"=145
"NoDriveAutoRun"=0

[HKEY_LOCAL_MACHINE\system\currentcontrolset\services\sharedaccess\parameters\firewallpolicy\standardprofile\authorizedapplications\list]

[HKEY_LOCAL_MACHINE\system\currentcontrolset\services\sharedaccess\parameters\firewallpolicy\domainprofile\authorizedapplications\list]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Drivers32]
"vidc.mrle"=msrle32.dll
"vidc.msvc"=msvidc32.dll
"msacm.imaadpcm"=imaadp32.acm
"msacm.msg711"=msg711.acm
"msacm.msgsm610"=msgsm32.acm
"msacm.msadpcm"=msadp32.acm
"midimapper"=midimap.dll
"wavemapper"=msacm32.drv
"VIDC.UYVY"=msyuv.dll
"VIDC.YUY2"=msyuv.dll
"VIDC.YVYU"=msyuv.dll
"VIDC.IYUV"=iyuv_32.dll
"vidc.i420"=iyuv_32.dll
"VIDC.YVU9"=tsbyuv.dll
"msacm.l3acm"=C:\Windows\System32\l3codeca.acm
"wave2"=wdmaud.drv
"midi2"=wdmaud.drv
"mixer2"=wdmaud.drv
"wave1"=wdmaud.drv
"midi1"=wdmaud.drv
"mixer1"=wdmaud.drv
"aux1"=wdmaud.drv
"wave"=wdmaud.drv
"midi"=wdmaud.drv
"mixer"=wdmaud.drv
"aux"=wdmaud.drv
"MSVideo8"=VfWWDM32.dll

======File associations======

.js - edit - C:\Windows\System32\Notepad.exe %1
.js - open - C:\Windows\System32\WScript.exe "%1" %*

======List of files/folders created in the last 1 month======

2021-09-21 16:14:28 ----D---- C:\rsit
2021-09-21 16:14:28 ----D---- C:\Program Files\trend micro
2021-09-21 15:53:09 ----D---- C:\FRST
2021-09-21 14:58:41 ----D---- C:\Users\XXX\AppData\Roaming\VBox
2021-09-20 07:44:04 ----A---- C:\Windows\system32\drivers\bddci.sys
2021-09-02 09:27:24 ----D---- C:\Users\XXX\AppData\Roaming\Burnaware
2021-09-02 09:27:02 ----D---- C:\Program Files (x86)\BurnAware Free

======List of files/folders modified in the last 1 month======

2021-09-21 16:14:28 ----RD---- C:\Program Files
2021-09-21 16:10:55 ----SHD---- C:\System Volume Information
2021-09-21 16:07:18 ----D---- C:\Windows\Temp
2021-09-21 16:02:16 ----D---- C:\Program Files (x86)\TeamViewer
2021-09-21 15:55:33 ----D---- C:\Windows\system32\config
2021-09-21 14:37:16 ----D---- C:\Windows
2021-09-21 14:27:59 ----D---- C:\Users\XXX\AppData\Roaming\Maxthon5
2021-09-21 14:27:40 ----RD---- C:\Program Files (x86)
2021-09-21 14:27:28 ----D---- C:\Windows\system32\Tasks
2021-09-21 14:15:17 ----D---- C:\Windows\system32\NDF
2021-09-21 14:15:17 ----D---- C:\Windows\Prefetch
2021-09-21 13:59:51 ----D---- C:\Windows\inf
2021-09-21 09:19:01 ----D---- C:\Windows\debug
2021-09-20 07:44:07 ----D---- C:\Windows\system32\drivers
2021-09-20 07:40:09 ----D---- C:\Windows\system32\wdi
2021-09-19 15:56:26 ----D---- C:\Users\XXX\AppData\Roaming\uTorrent
2021-09-19 15:55:40 ----D---- C:\Windows\SysWOW64
2021-09-19 15:55:40 ----D---- C:\Windows\System32
2021-09-15 15:30:09 ----D---- C:\Windows\system32\MRT
2021-09-15 15:29:41 ----AC---- C:\Windows\system32\MRT.exe
2021-09-01 12:00:18 ----D---- C:\SWSHARE
2021-08-30 22:45:38 ----N---- C:\Windows\system32\MpSigStub.exe
2021-08-24 16:40:24 ----A---- C:\Windows\system32\PerfStringBackup.INI

======List of drivers (R=Running, S=Stopped, 0=Boot, 1=System, 2=Auto, 3=Demand, 4=Disabled)======

R0 dlkmdldr;dlkmdldr; C:\Windows\system32\drivers\dlkmdldr.sys [2016-08-23 27920]
R0 nvpciflt;nvpciflt; C:\Windows\system32\DRIVERS\nvpciflt.sys [2013-10-29 30496]
R0 rdyboost;ReadyBoost; C:\Windows\System32\drivers\rdyboost.sys [2018-01-01 213736]
R1 SCDEmu;SCDEmu; C:\Windows\system32\drivers\SCDEmu.sys [2017-06-07 138296]
R1 vwififlt;Virtual WiFi Filter Driver; C:\Windows\system32\DRIVERS\vwififlt.sys [2009-07-14 59904]
R2 BdDci;BdDci Service; C:\Windows\system32\DRIVERS\bddci.sys [2021-09-20 367096]
R2 rimspci;rimspci; C:\Windows\system32\DRIVERS\rimspe64.sys [2009-10-26 61952]
R3 bpenum;Intel(R) Centrino(R) WiMAX Enumerator; C:\Windows\system32\DRIVERS\bpenum.sys [2012-07-03 84480]
R3 BthEnum;Ovladač pro Bluetooth Request Block; C:\Windows\system32\drivers\BthEnum.sys [2019-07-30 41984]
R3 BthPan;Zařízení Bluetooth (síť PAN); C:\Windows\system32\drivers\bthpan.sys [2017-07-06 119296]
R3 BTHUSB;Ovladač rozhraní USB radiostanice Bluetooth; C:\Windows\System32\Drivers\BTHUSB.sys [2019-07-30 80384]
R3 btusbflt;Bluetooth USB Filter; C:\Windows\system32\drivers\btusbflt.sys [2020-02-25 54824]
R3 CnxtHdAudService;Conexant UAA Function Driver for High Definition Audio Service; C:\Windows\system32\drivers\CHDRT64.sys [2010-08-25 682624]
R3 dlkmd;dlkmd; C:\Windows\system32\drivers\dlkmd.sys [2016-08-23 457488]
R3 e1kexpress;Intel(R) PRO/1000 PCI Express Network Connection Driver K; C:\Windows\system32\DRIVERS\e1k62x64.sys [2011-07-20 342704]
R3 HECIx64;Intel(R) Management Engine Interface; C:\Windows\system32\DRIVERS\HECIx64.sys [2013-02-19 57848]
R3 IBMPMDRV;IBMPMDRV; C:\Windows\system32\DRIVERS\ibmpmdrv.sys [2017-04-01 82816]
R3 igfx;igfx; C:\Windows\system32\DRIVERS\igdkmd64.sys [2011-05-21 12229664]
R3 Impcd;Impcd; C:\Windows\system32\DRIVERS\Impcd.sys [2010-02-27 158976]
R3 IntcDAud;Intel(R) Display Audio; C:\Windows\system32\DRIVERS\IntcDAud.sys [2010-10-15 317440]
R3 psadd;Lenovo Parties Service Access Device Driver; C:\Windows\system32\DRIVERS\psadd.sys [2020-12-23 40248]
R3 RFCOMM;Zařízení Bluetooth (RFCOMM protokol TDI); C:\Windows\system32\DRIVERS\rfcomm.sys [2009-07-14 158720]
R3 rtl8192se;Realtek Wireless LAN 802.11n PCI-E NIC NT Driver; C:\Windows\system32\DRIVERS\rtl8192se.sys [2011-08-30 1225832]
R3 sdbus;sdbus; C:\Windows\system32\drivers\sdbus.sys [2010-11-20 109056]
R3 SmbDrvI;SmbDrvI; C:\Windows\system32\DRIVERS\Smb_driver_Intel.sys [2014-07-28 45296]
R3 SrvHsfHDA;SrvHsfHDA; C:\Windows\system32\DRIVERS\VSTAZL6.SYS [2009-06-10 292864]
R3 SrvHsfV92;SrvHsfV92; C:\Windows\system32\DRIVERS\VSTDPV6.SYS [2009-06-10 1485312]
R3 SrvHsfWinac;SrvHsfWinac; C:\Windows\system32\DRIVERS\VSTCNXT6.SYS [2009-06-10 740864]
R3 SynTP;Synaptics TouchPad Driver; C:\Windows\system32\DRIVERS\SynTP.sys [2014-07-28 461552]
R3 TPM;Čip TPM; C:\Windows\system32\drivers\tpm.sys [2016-02-05 147904]
R3 TVTI2C;Lenovo SM bus driver; C:\Windows\system32\DRIVERS\Tvti2c.sys [2011-05-30 40248]
R3 vwifimp;Microsoft Virtual WiFi Miniport Service; C:\Windows\system32\DRIVERS\vwifimp.sys [2009-07-14 17920]
R3 WinUsb;WinUSB Driver; C:\Windows\system32\DRIVERS\WinUsb.sys [2010-11-20 41984]
S3 BTHPORT;Ovladač portu Bluetooth; C:\Windows\System32\Drivers\BTHport.sys [2019-07-30 556032]
S3 dg_ssudbus;SAMSUNG Mobile USB Composite Device Driver (DEVGURU Ver.); C:\Windows\system32\DRIVERS\ssudbus.sys [2020-04-27 136040]
S3 NVHDA;Service for NVIDIA High Definition Audio Driver; C:\Windows\system32\drivers\nvhda64v.sys [2015-02-25 197408]
S3 pciide;pciide; C:\Windows\system32\drivers\pciide.sys [2009-07-14 12352]
S3 RdpVideoMiniport;Remote Desktop Video Miniport Driver; C:\Windows\System32\drivers\rdpvideominiport.sys [2012-08-23 19456]
S3 ss_conn_usb_driver2;SAMSUNG Mobile USB Connectivity Device Driver V2; C:\Windows\System32\Drivers\ss_conn_usb_driver2.sys [2020-04-27 43368]
S3 ssudmdm;SAMSUNG Mobile USB Modem Drivers (DEVGURU Ver.); C:\Windows\system32\DRIVERS\ssudmdm.sys [2020-04-27 166760]
S3 TsUsbFlt;TsUsbFlt; C:\Windows\system32\drivers\tsusbflt.sys [2012-08-23 57856]
S3 usbscan;Ovladač skeneru USB; C:\Windows\system32\DRIVERS\usbscan.sys [2019-12-10 42496]

======List of services (R=Running, S=Stopped, 0=Boot, 1=System, 2=Auto, 3=Demand, 4=Disabled)======

R2 connect2hotspot;Connect2 Hotspot Service; C:\Program Files (x86)\Lenovo\Connect2\Connect2.Service.exe [2017-02-08 100680]
R2 DCIService;DCIService; C:\Program Files (x86)\Lavasoft\Web Companion\Service\x64\DCIService.exe [2021-09-20 3413424]
R2 DiagTrack;@%SystemRoot%\system32\UtcResources.dll,-3001; C:\Windows\System32\svchost.exe [2009-07-14 27136]
R2 DisplayLinkService;DisplayLinkManager; C:\Program Files\DisplayLink Core Software\8.0.778.0\DisplayLinkManager.exe [2016-08-23 11871976]
R2 EPSON_PM_RPCV4_06;EPSON V3 Service4(06); C:\Program Files\Common Files\EPSON\EPW!3 SSRP\E_S60RPB.EXE [2013-04-15 152640]
R2 EpsonCustomerResearchParticipation;EpsonCustomerResearchParticipation; C:\Program Files\EPSON\EpsonCustomerResearchParticipation\EPCP.exe [2019-05-08 685496]
R2 EpsonScanSvc;Epson Scanner Service; C:\Windows\system32\EscSvc64.exe [2012-05-17 144560]
R2 IBMPMSVC;Lenovo PM Service; C:\Windows\system32\ibmpmsvc.exe [2017-04-01 187984]
R2 LPlatSvc;Lenovo Platform Service; C:\Windows\system32\LPlatSvc.exe [2017-04-01 711248]
R2 nvsvc;NVIDIA Display Driver Service; C:\Windows\system32\nvvsvc.exe [2013-10-29 893216]
R2 nvUpdatusService;NVIDIA Update Service Daemon; C:\Program Files (x86)\NVIDIA Corporation\NVIDIA Update Core\daemonu.exe [2013-10-29 1260320]
R2 QDLService2kLenovo;Qualcomm Gobi 2000 Download Service (Lenovo); C:\Program Files (x86)\QUALCOMM\QDLService2k\QDLService2kLenovo.exe [2011-05-23 1688384]
R2 RegSrvc;Intel(R) PROSet/Wireless Registry Service; C:\Program Files\Common Files\Intel\WirelessCommon\RegSrvc.exe [2010-10-19 838928]
R2 ss_conn_service;SAMSUNG Mobile Connectivity Service; C:\Program Files (x86)\Samsung\USB Drivers\27_ssconn\conn\ss_conn_service.exe [2020-04-27 752224]
R2 ss_conn_service2;SAMSUNG Mobile Connectivity Service V2; C:\Program Files (x86)\Samsung\USB Drivers\28_ssconn2\conn\ss_conn_service2.exe [2020-04-27 934328]
R2 TeamViewer;TeamViewer; C:\Program Files (x86)\TeamViewer\TeamViewer_Service.exe [2021-09-02 13271336]
R2 WCAssistantService;WC Assistant; C:\Program Files (x86)\Lavasoft\Web Companion\Application\Lavasoft.WCAssistant.WinService.exe [2021-09-20 22960]
S2 clr_optimization_v4.0.30319_32;Microsoft .NET Framework NGEN v4.0.30319_X86; C:\Windows\Microsoft.NET\Framework\v4.0.30319\mscorsvw.exe [2019-03-28 132792]
S2 clr_optimization_v4.0.30319_64;Microsoft .NET Framework NGEN v4.0.30319_X64; C:\Windows\Microsoft.NET\Framework64\v4.0.30319\mscorsvw.exe [2019-03-28 158912]
S2 edgeupdate;Služba Microsoft Edge Update (edgeupdate); C:\Program Files (x86)\Microsoft\EdgeUpdate\MicrosoftEdgeUpdate.exe [2020-07-01 224152]
S3 edgeupdatem;Služba Microsoft Edge Update (edgeupdatem); C:\Program Files (x86)\Microsoft\EdgeUpdate\MicrosoftEdgeUpdate.exe [2020-07-01 224152]
S3 IEEtwCollectorService;@%SystemRoot%\system32\ieetwcollectorres.dll,-1000; C:\Windows\system32\IEEtwCollector.exe [2019-12-17 116224]
S3 MicrosoftEdgeElevationService;Microsoft Edge Elevation Service (MicrosoftEdgeElevationService); C:\Program Files (x86)\Microsoft\Edge\Application\93.0.961.52\elevation_service.exe [2021-09-16 1651616]
S3 ss_conn_launcher_service;SAMSUNG Mobile USB Connectivity Launcher; C:\Windows\system32\Samsung\EasySetup\ss_conn_launcher.exe [2020-04-27 182328]
S3 TVT Backup Service;TVT Backup Service; C:\Program Files (x86)\Lenovo\Rescue and Recovery\rrservice.exe [2013-09-25 1526120]
S3 WatAdminSvc;@%SystemRoot%\system32\Wat\WatUX.exe,-601; C:\Windows\system32\Wat\WatAdminSvc.exe [2020-02-24 1255736]
S3 WiaRpc;@%SystemRoot%\system32\wiarpc.dll,-2; C:\Windows\system32\svchost.exe [2009-07-14 27136]
S4 aspnet_state;Stavová služba ASP.NET; C:\Windows\Microsoft.NET\Framework64\v4.0.30319\aspnet_state.exe [2019-03-28 54912]
S4 NetMsmqActivator;@C:\Windows\Microsoft.NET\Framework64\v4.0.30319\\ServiceModelInstallRC.dll,-8195; C:\Windows\Microsoft.NET\Framework64\v4.0.30319\SMSvcHost.exe [2019-03-28 136256]
S4 NetPipeActivator;@C:\Windows\Microsoft.NET\Framework64\v4.0.30319\\ServiceModelInstallRC.dll,-8197; C:\Windows\Microsoft.NET\Framework64\v4.0.30319\SMSvcHost.exe [2019-03-28 136256]
S4 NetTcpActivator;@C:\Windows\Microsoft.NET\Framework64\v4.0.30319\\ServiceModelInstallRC.dll,-8199; C:\Windows\Microsoft.NET\Framework64\v4.0.30319\SMSvcHost.exe [2019-03-28 136256]
S4 ThinkVantage Registry Monitor Service;ThinkVantage Registry Monitor Service; C:\Program Files (x86)\Common Files\Lenovo\tvt_reg_monitor_svc.exe [2010-08-31 1028096]

-----------------EOF-----------------

Uživatelský avatar
Rudy
Site Admin
Site Admin
Příspěvky: 118191
Registrován: 30 říj 2003 13:42
Bydliště: Plzeň
Kontaktovat uživatele:

Re: Kontrola logů, špatně se mi načítají stránky, některé vůbec,

#2 Příspěvek od Rudy »

Zdravím!
Přidejte ještě log Addition ( je na ploše v souboru addition.txt). Děkuji.
Dotazy a logy vkládejte pouze do vašich threadů. Soukromé zprávy, icq a e-maily neslouží k řešení vašich problémů.

Podpořte, prosím, naše fórum : https://platba.viry.cz/payment/.

Navštivte: Obrázek

e-mail: rudy(zavináč)forum.viry.cz

Varování:
Před odvirováním PC si udělejte zálohy svých důležitých dat (pošta, kontakty, dokumenty, fotografie, videa, hudba apod.). Virus mimo svých "viditelných" aktivit může poškodit systém!


Po dořešení vašeho problému bude vlákno zamknuto. Stejně tak tehdy, pokud bude nečinné více než 14dnů. Pokud budete chtít vlákno aktivovat, napište mi na mail uvedený výše.

F7R
Návštěvník
Návštěvník
Příspěvky: 49
Registrován: 17 bře 2016 12:26

Re: Kontrola logů, špatně se mi načítají stránky, některé vůbec,

#3 Příspěvek od F7R »

Additional scan result of Farbar Recovery Scan Tool (x64) Version: 20-09-2021
Ran by XXX (21-09-2021 16:26:09)
Running from C:\Users\XXX\Desktop
Windows 7 Home Premium Service Pack 1 (X64) (2020-02-08 17:15:53)
Boot Mode: Normal
==========================================================


==================== Accounts: =============================


(If an entry is included in the fixlist, it will be removed.)

Administrator (S-1-5-21-555042887-2286466740-3098252512-500 - Administrator - Disabled)
Guest (S-1-5-21-555042887-2286466740-3098252512-501 - Limited - Disabled)
HomeGroupUser$ (S-1-5-21-555042887-2286466740-3098252512-1002 - Limited - Enabled)
UpdatusUser (S-1-5-21-555042887-2286466740-3098252512-1003 - Limited - Enabled) => C:\Users\UpdatusUser
XXX (S-1-5-21-555042887-2286466740-3098252512-1000 - Administrator - Enabled) => C:\Users\XXX

==================== Security Center ========================

(If an entry is included in the fixlist, it will be removed.)

AS: Windows Defender (Enabled - Up to date) {D68DDC3A-831F-4fae-9E44-DA132C1ACF46}

==================== Installed Programs ======================

(Only the adware programs with "Hidden" flag could be added to the fixlist to unhide them. The adware programs should be uninstalled manually.)

AGEIA PhysX v7.07.09 (HKLM-x32\...\{65F1CF63-31E0-450B-96F3-4A88BE7361A6}) (Version: 7.07.09 - AGEIA Technologies, Inc.)
AT&T Service Activation (HKLM-x32\...\{D81486A1-2371-4059-AC70-1AB894AC96E6}) (Version: 1.8.7.0 - AT&T)
BurnAware Free 14.6 (HKLM-x32\...\BurnAware Free_is1) (Version: - Burnaware)
CCleaner (HKLM\...\CCleaner) (Version: 5.14 - Piriform)
CCleaner Update Helper (HKLM-x32\...\{A92DAB39-4E2C-4304-9AB6-BC44E68B55E2}) (Version: 1.7.848.0 - Piriform Software) Hidden
Cisco EAP-FAST Module (HKLM-x32\...\{64BF0187-F3D2-498B-99EA-163AF9AE6EC9}) (Version: 2.2.14 - Cisco Systems, Inc.)
Cisco LEAP Module (HKLM-x32\...\{51C7AD07-C3F6-4635-8E8A-231306D810FE}) (Version: 1.0.19 - Cisco Systems, Inc.)
Cisco PEAP Module (HKLM-x32\...\{ED5776D5-59B4-46B7-AF81-5F2D94D7C640}) (Version: 1.1.6 - Cisco Systems, Inc.)
Conexant 20585 SmartAudio HD (HKLM\...\CNXT_AUDIO_HDA) (Version: 4.95.48.50 - Conexant)
Connect2 (HKLM-x32\...\Connect2_is1) (Version: 4.2.1.3973 - Lenovo)
Defraggler (HKLM\...\Defraggler) (Version: 2.22 - Piriform)
DisplayLink Core Software (HKLM\...\{89AEA34A-171E-4753-B888-C0D410C2CE44}) (Version: 8.0.778.0 - DisplayLink Corp.)
Easy Photo Scan (HKLM-x32\...\{9E3F2EC3-7E4F-4F20-A56F-7A24D6E3D39B}) (Version: 1.00.0017 - Seiko Epson Corporation)
Epson Customer Research Participation (HKLM\...\{B26449A6-6007-4460-B4FE-C4776115BCEA}) (Version: 1.84.0000 - Seiko Epson Corporation)
Epson Easy Photo Print 2 (HKLM-x32\...\{7E0261C4-8495-4365-BE48-647701D8B9BD}) (Version: 2.8.3.0 - Seiko Epson Corporation)
Epson Event Manager (HKLM-x32\...\{9F205E94-9E42-4486-A92A-DF3F6CB85444}) (Version: 3.10.0061 - Seiko Epson Corporation)
Epson E-Web Print (HKLM-x32\...\{6BF9F374-EC67-4808-A90C-F127DE6D989D}) (Version: 1.23.0000 - SEIKO EPSON CORPORATION)
Epson Print CD (HKLM-x32\...\{D16A31F9-276D-4968-A753-FFEAC56995D0}) (Version: 2.50.00 - Seiko Epson Corporation)
Epson Printer Connection Checker (HKLM-x32\...\{189DE071-E0BC-4BA5-8E34-83D5ED12600B}) (Version: 3.2.0.0 - Seiko Epson Corporation)
EPSON Scan (HKLM-x32\...\EPSON Scanner) (Version: - Seiko Epson Corporation)
Epson Software Updater (HKLM-x32\...\{28C66F35-69BF-4376-BC80-4D5F4808FF3C}) (Version: 4.6.1 - Seiko Epson Corporation)
EPSON XP-630 Series Printer Uninstall (HKLM\...\EPSON XP-630 Series) (Version: - Seiko Epson Corporation)
EpsonNet Print (HKLM\...\{96ED1D58-440C-4345-8FEE-C4781366C67F}) (Version: 3.1.4.0 - SEIKO EPSON Corporation)
Google Update Helper (HKLM-x32\...\{60EC980A-BDA2-4CB6-A427-B07A5498B4CA}) (Version: 1.3.36.31 - Google LLC) Hidden
Intel(R) Control Center (HKLM-x32\...\{F8A9085D-4C7A-41a9-8A77-C8998A96C421}) (Version: 1.2.1.1007 - Intel Corporation)
Intel(R) Processor Graphics (HKLM-x32\...\{F0E3AD40-2BBD-4360-9C76-B9AC9A5886EA}) (Version: 8.15.10.2401 - Intel Corporation)
Intel® PROSet/Wireless WiMAX Software (HKLM\...\{5F588B19-C575-4750-86FD-6ED2B76E61F1}) (Version: 7.50.0000 - Intel Corporation)
IUWEshare USB Flash Drive Data Recovery 7.9.9.9 (HKLM-x32\...\IUWEshare USB Flash Drive Data Recovery 7.9.9.9_is1) (Version: - IUWEshare)
Lenovo Power Management Driver (HKLM\...\Power Management Driver) (Version: 1.67.12.24 - Lenovo) Hidden
Lenovo USB Graphics (HKLM\...\{933E6021-BC9A-4B18-B6D9-46A5F5FC4115}) (Version: 8.0.835.0 - Lenovo)
LibreOffice 7.0.3.1 (HKLM\...\{3C4801FF-3D7B-4804-877E-3A322C00524C}) (Version: 7.0.3.1 - The Document Foundation)
Maxthon (HKU\S-1-5-21-555042887-2286466740-3098252512-1000\...\Maxthon) (Version: 6.1.2.1000 - The Maxthon Authors)
Microsoft .NET Framework 4.8 (čeština) (HKLM\...\{92FB6C44-E685-45AD-9B20-CADF4CABA132} - 1029) (Version: 4.8.03761 - Microsoft Corporation)
Microsoft .NET Framework 4.8 (HKLM\...\{92FB6C44-E685-45AD-9B20-CADF4CABA132} - 1033) (Version: 4.8.03761 - Microsoft Corporation)
Microsoft Edge (HKLM-x32\...\Microsoft Edge) (Version: 93.0.961.52 - Microsoft Corporation)
Microsoft Visual C++ 2005 Redistributable (HKLM-x32\...\{710f4c1c-cc18-4c49-8cbf-51240c89a1a2}) (Version: 8.0.61001 - Microsoft Corporation)
Microsoft Visual C++ 2005 Redistributable (HKLM-x32\...\{7299052b-02a4-4627-81f2-1818da5d550d}) (Version: 8.0.56336 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729 (HKLM-x32\...\{402ED4A1-8F5B-387A-8688-997ABF58B8F2}) (Version: 9.0.30729 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.17 (HKLM-x32\...\{9A25302D-30C0-39D9-BD6F-21E6EC160475}) (Version: 9.0.30729 - Microsoft Corporation)
Microsoft Visual C++ 2010 x86 Redistributable - 10.0.30319 (HKLM-x32\...\{196BB40D-1578-3D01-B289-BEFC77A11A1E}) (Version: 10.0.30319 - Microsoft Corporation)
Microsoft Visual C++ 2013 Redistributable (x64) - 12.0.40660 (HKLM-x32\...\{ef6b00ec-13e1-4c25-9064-b2f383cb8412}) (Version: 12.0.40660.0 - Microsoft Corporation)
Microsoft Visual C++ 2015-2019 Redistributable (x64) - 14.24.28127 (HKLM-x32\...\{282975d8-55fe-4991-bbbb-06a72581ce58}) (Version: 14.24.28127.4 - Microsoft Corporation)
Mobile Broadband Connect (HKLM-x32\...\{91B7B957-0F45-4BDC-85BA-08F80D49B9BC}) (Version: 3.5.0011 - Lenovo)
NVIDIA Ovladače grafiky 312.69 (HKLM\...\{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_Display.Driver) (Version: 312.69 - NVIDIA Corporation)
PotPlayer (HKLM-x32\...\PotPlayer) (Version: 1.7.16572 - Kakao Corp.)
PowerISO (HKLM-x32\...\PowerISO) (Version: 7.6 - Power Software Ltd)
Příručky společnosti EPSON (HKLM-x32\...\{84CECC1B-21EF-41B1-9A91-3E724E5D99D3}) (Version: 1.57.0.0 - Seiko Epson Corporation)
Qualcomm Gobi 2000 Package for Lenovo (HKLM-x32\...\{666C9123-1AEC-446F-8AA8-28256B1953D4}) (Version: 1.1.250 - QUALCOMM)
Rescue and Recovery (HKLM-x32\...\{BDB3E73F-5ECA-441D-96E1-F1CFCF3D427D}) (Version: 4.52.0005.00 - Lenovo Group Limited)
Revo Uninstaller 2.1.7 (HKLM\...\{A28DBDA2-3CC7-4ADC-8BFE-66D7743C6C97}_is1) (Version: 2.1.7 - VS Revo Group, Ltd.)
Samsung USB Driver for Mobile Phones (HKLM\...\{D0795B21-0CDA-4a92-AB9E-6E92D8111E44}) (Version: 1.7.28.0 - Samsung Electronics Co., Ltd.)
Smart Switch (HKLM-x32\...\{74FA5314-85C8-4E2A-907D-D9ECCCB770A7}) (Version: 4.2.20113.5 - Samsung Electronics Co., Ltd.) Hidden
Smart Switch (HKLM-x32\...\InstallShield_{74FA5314-85C8-4E2A-907D-D9ECCCB770A7}) (Version: 4.2.20113.5 - Samsung Electronics Co., Ltd.)
SumatraPDF (HKLM\...\SumatraPDF) (Version: 3.1.2 - Krzysztof Kowalczyk)
TeamViewer (HKLM-x32\...\TeamViewer) (Version: 15.21.8 - TeamViewer)
ThinkPad UltraNav Driver (HKLM\...\SynTPDeinstKey) (Version: 16.2.19.14 - )
ThinkPad UltraNav Utility (HKLM-x32\...\{17CBC505-D1AE-459D-B445-3D2000A85842}) (Version: 2.13.0 - Lenovo)
ThinkPad Wireless LAN Adapter Software (HKLM-x32\...\{9D3D2C60-A55F-4fed-B2B9-17394396DF01}) (Version: 1.00.0029.8 - REALTEK Semiconductor Corp.)
USB Enhanced Performance Keyboard (HKLM\...\{989DC5D9-A776-430D-9E16-D36E5B81CD86}) (Version: 2.0.2.2 - Lenovo)
Verizon Wireless Mobile Broadband Self Activation (HKLM-x32\...\{C64A877E-DF8D-4017-AA82-000A77C6D809}) (Version: 3.1.4 - Smith Micro Software, Inc.)
Web Companion (HKLM-x32\...\{def7532f-2660-4e43-b706-f4dfdf250720}) (Version: 8.5.0.312 - Lavasoft)
Windows Driver Package - Broadcom (BTHUSB) Bluetooth (04/08/2010 6.3.5.430) (HKLM\...\DE7217D2A8B057F15EC6E52329FDAB84231521E8) (Version: 04/08/2010 6.3.5.430 - Broadcom)
Windows Driver Package - Broadcom HIDClass (07/28/2009 6.2.0.9800) (HKLM\...\3BA80AB4C7E9F8497C115C844953A3D4BEB84D21) (Version: 07/28/2009 6.2.0.9800 - Broadcom)
WinRAR 5.80 (64-bit) (HKLM\...\WinRAR archiver) (Version: 5.80.0 - win.rar GmbH)
Zoom (HKU\S-1-5-21-555042887-2286466740-3098252512-1000\...\ZoomUMX) (Version: 5.5.2 (12494.0204) - Zoom Video Communications, Inc.)

==================== Custom CLSID (Whitelisted): ==============

(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)

CustomCLSID: HKU\S-1-5-21-555042887-2286466740-3098252512-1000_Classes\CLSID\{635EFA6F-08D6-4EC9-BD14-8A0FDE975159}\localserver32 -> C:\Users\XXX\AppData\Local\Maxthon\Application\6.1.2.1000\notification_helper.exe (Maxthon Technology Co, Ltd. -> Maxthon Ltd.)
ContextMenuHandlers1: [DefragglerShellExtension] -> {4380C993-0C43-4E02-9A7A-0D40B6EA7590} => C:\Program Files\Defraggler\DefragglerShell64.dll [2018-05-02] (Piriform Ltd -> Piriform Ltd)
ContextMenuHandlers1: [PowerISO] -> {967B2D40-8B7D-4127-9049-61EA0C2C6DCE} => C:\Program Files\PowerISO\PWRISOSH.DLL [2020-02-09] (Power Software Limited -> Power Software Ltd)
ContextMenuHandlers1: [WinRAR] -> {B41DB860-64E4-11D2-9906-E49FADC173CA} => C:\Program Files\WinRAR\rarext.dll [2019-12-05] (win.rar GmbH -> Alexander Roshal)
ContextMenuHandlers1-x32: [WinRAR32] -> {B41DB860-8EE4-11D2-9906-E49FADC173CA} => C:\Program Files\WinRAR\rarext32.dll [2019-12-05] (win.rar GmbH -> Alexander Roshal)
ContextMenuHandlers4: [PowerISO] -> {967B2D40-8B7D-4127-9049-61EA0C2C6DCE} => C:\Program Files\PowerISO\PWRISOSH.DLL [2020-02-09] (Power Software Limited -> Power Software Ltd)
ContextMenuHandlers5: [igfxcui] -> {3AB1675A-CCFF-11D2-8B20-00A0C93CB1F4} => C:\Windows\system32\igfxpph.dll [2011-05-21] (Microsoft Windows Hardware Compatibility Publisher -> Intel Corporation)
ContextMenuHandlers5: [NvCplDesktopContext] -> {3D1975AF-48C6-4f8e-A182-BE0E08FA86A9} => C:\Windows\system32\nvshext.dll [2013-10-29] (NVIDIA Corporation -> NVIDIA Corporation)
ContextMenuHandlers6: [DefragglerShellExtension] -> {4380C993-0C43-4E02-9A7A-0D40B6EA7590} => C:\Program Files\Defraggler\DefragglerShell64.dll [2018-05-02] (Piriform Ltd -> Piriform Ltd)
ContextMenuHandlers6: [PowerISO] -> {967B2D40-8B7D-4127-9049-61EA0C2C6DCE} => C:\Program Files\PowerISO\PWRISOSH.DLL [2020-02-09] (Power Software Limited -> Power Software Ltd)
ContextMenuHandlers6: [WinRAR] -> {B41DB860-64E4-11D2-9906-E49FADC173CA} => C:\Program Files\WinRAR\rarext.dll [2019-12-05] (win.rar GmbH -> Alexander Roshal)
ContextMenuHandlers6-x32: [WinRAR32] -> {B41DB860-8EE4-11D2-9906-E49FADC173CA} => C:\Program Files\WinRAR\rarext32.dll [2019-12-05] (win.rar GmbH -> Alexander Roshal)

==================== Codecs (Whitelisted) ====================

(If an entry is included in the fixlist, the registry item will be restored to default or removed. The file will not be moved.)

HKLM\...\Drivers32-x32: [vidc.XVID] => xvidvfw.dll
HKLM\...\Drivers32-x32: [VIDC.VP80] => vp8vfw.dll

==================== Shortcuts & WMI ========================

(The entries could be listed to be restored or removed.)

ShortcutWithArgument: C:\Users\XXX\AppData\Roaming\Microsoft\Internet Explorer\Quick Launch\User Pinned\ImplicitAppShortcuts\188f5ec9d11ded56\Microsoft Edge.lnk -> C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe (Microsoft Corporation) -> --profile-directory="Profile 1"

==================== Loaded Modules (Whitelisted) =============

2016-01-15 22:44 - 2016-01-15 22:44 - 000047616 _____ () [File not signed] C:\Program Files\CCleaner\lang\lang-1029.dll
2015-02-25 15:36 - 2015-02-25 15:36 - 000058880 _____ (LITE-ON Corp.) [File not signed] C:\Program Files\Lenovo\USB Enhanced Performance Keyboard\skhooks.dll
2014-08-15 16:25 - 2014-08-15 16:25 - 000057856 _____ (LITE-ON TECHNOLOGY CORP.) [File not signed] C:\Program Files\Lenovo\USB Enhanced Performance Keyboard\SKHidKbd.dll
2006-12-05 15:40 - 2006-12-05 15:40 - 000059904 _____ (LITE-ON TECHNOLOGY CORP.) [File not signed] C:\Program Files\Lenovo\USB Enhanced Performance Keyboard\skosd.dll
2008-10-22 16:20 - 2008-10-22 16:20 - 000138240 _____ (LITE-ON TECHNOLOGY CORP.) [File not signed] C:\Program Files\Lenovo\USB Enhanced Performance Keyboard\SKUtil.DLL
2015-12-17 12:11 - 2015-12-17 12:11 - 000132096 _____ (Seiko Epson Corporation) [File not signed] C:\Program Files (x86)\EPSON Software\Event Manager\epnsm.dll
2009-10-21 18:39 - 2009-10-21 18:39 - 000291328 _____ (SEIKO EPSON CORPORATION) [File not signed] C:\Program Files (x86)\EPSON Software\Event Manager\LcMgr.dll
2016-09-14 15:31 - 2016-09-14 15:31 - 000500736 ____S (SEIKO EPSON CORPORATION) [File not signed] C:\Windows\System32\enppmon.dll

==================== Alternate Data Streams (Whitelisted) ========

==================== Safe Mode (Whitelisted) ==================

==================== Association (Whitelisted) =================

==================== Internet Explorer (Version 11) (Whitelisted) ==========

SearchScopes: HKU\S-1-5-21-555042887-2286466740-3098252512-1000 -> {993F5746-4C15-42BC-99C1-064A1764271B} URL = hxxps://securesearch.org?q={searchTerms}
BHO: Easy Photo Print -> {9421DD08-935F-4701-A9CA-22DF90AC4EA6} -> C:\Program Files (x86)\Epson Software\Easy Photo Print\EPTBL.dll [2015-07-31] (SEIKO EPSON CORPORATION -> Seiko Epson Corporation)
BHO-x32: E-Web Print -> {201CF130-E29C-4E5C-A73F-CD197DEFA6AE} -> C:\Program Files (x86)\Epson Software\E-Web Print\ewps_tb.dll [2014-11-27] (SEIKO EPSON CORPORATION -> SEIKO EPSON CORPORATION)
Toolbar: HKLM - Easy Photo Print - {9421DD08-935F-4701-A9CA-22DF90AC4EA6} - C:\Program Files (x86)\Epson Software\Easy Photo Print\EPTBL.dll [2015-07-31] (SEIKO EPSON CORPORATION -> Seiko Epson Corporation)
Toolbar: HKLM-x32 - E-Web Print - {201CF130-E29C-4E5C-A73F-CD197DEFA6AE} - C:\Program Files (x86)\Epson Software\E-Web Print\ewps_tb.dll [2014-11-27] (SEIKO EPSON CORPORATION -> SEIKO EPSON CORPORATION)

(If an entry is included in the fixlist, it will be removed from the registry.)

IE trusted site: HKU\.DEFAULT\...\localhost -> localhost
IE trusted site: HKU\.DEFAULT\...\webcompanion.com -> hxxp://webcompanion.com
IE trusted site: HKU\S-1-5-21-555042887-2286466740-3098252512-1000\...\localhost -> localhost
IE trusted site: HKU\S-1-5-21-555042887-2286466740-3098252512-1000\...\webcompanion.com -> hxxp://webcompanion.com

==================== Hosts content: =========================

(If needed Hosts: directive could be included in the fixlist to reset Hosts.)

2009-07-14 04:34 - 2009-06-10 23:00 - 000000824 _____ C:\Windows\system32\drivers\etc\hosts

==================== Other Areas ===========================

(Currently there is no automatic fix for this section.)

HKU\S-1-5-21-555042887-2286466740-3098252512-1000\Control Panel\Desktop\\Wallpaper -> C:\Users\XXX\AppData\Roaming\Microsoft\Windows\Themes\TranscodedWallpaper.jpg
DNS Servers: 192.168.0.1
HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Policies\System => (ConsentPromptBehaviorAdmin: 5) (ConsentPromptBehaviorUser: 3) (EnableLUA: 1)
Windows Firewall is enabled.

==================== MSCONFIG/TASK MANAGER disabled items ==

==================== FirewallRules (Whitelisted) ================

(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)

FirewallRules: [{32FB940B-CD78-4151-A1E9-3C6E857E3869}] => (Allow) C:\Program Files (x86)\Maxthon5\Bin\Maxthon.exe => No File
FirewallRules: [{DDB3BA3A-96B2-45F2-BB14-D82DFF716694}] => (Allow) C:\Program Files (x86)\Maxthon5\Bin\Maxthon.exe => No File
FirewallRules: [{7D67F62F-2BA0-4FF9-80AE-D326D4BE690C}] => (Allow) C:\Program Files (x86)\Epson Software\Event Manager\EEventManager.exe (SEIKO EPSON CORPORATION -> SEIKO EPSON CORPORATION)
FirewallRules: [{6926BE57-48E6-49FA-A296-335F146D96DF}] => (Allow) C:\Program Files (x86)\Epson Software\Event Manager\EEventManager.exe (SEIKO EPSON CORPORATION -> SEIKO EPSON CORPORATION)
FirewallRules: [{7DFE09C3-6864-495A-A3EF-77D3A2DB763D}] => (Allow) C:\Program Files (x86)\Lenovo\Connect2\Connect2.exe (Lenovo -> Lenovo)
FirewallRules: [{86A09A9A-60A6-462E-A762-49AED13893D5}] => (Allow) C:\Program Files (x86)\Lenovo\Connect2\Connect2.exe (Lenovo -> Lenovo)
FirewallRules: [{284C3D9C-4A25-4A13-A982-3B2198FC8D58}] => (Allow) C:\Program Files (x86)\Lenovo\Connect2\Connect2.exe (Lenovo -> Lenovo)
FirewallRules: [{13927131-E4F9-41C2-93DD-04950FEB769C}] => (Allow) C:\Users\XXX\AppData\Roaming\Zoom\bin\Zoom.exe (Zoom Video Communications, Inc. -> Zoom Video Communications, Inc.)
FirewallRules: [{871ED391-5A71-48B8-9B9E-2B98A6CC8FBB}] => (Allow) C:\Program Files (x86)\TeamViewer\TeamViewer.exe (TeamViewer Germany GmbH -> TeamViewer Germany GmbH)
FirewallRules: [{00E9DC41-460F-4024-989A-11D109BB2856}] => (Allow) C:\Program Files (x86)\TeamViewer\TeamViewer.exe (TeamViewer Germany GmbH -> TeamViewer Germany GmbH)
FirewallRules: [{9E40D386-7F7B-448B-B81C-AD814D2E733B}] => (Allow) C:\Program Files (x86)\TeamViewer\TeamViewer_Service.exe (TeamViewer Germany GmbH -> TeamViewer Germany GmbH)
FirewallRules: [{8A7F456D-4E01-468F-851A-74EF3684B5D3}] => (Allow) C:\Program Files (x86)\TeamViewer\TeamViewer_Service.exe (TeamViewer Germany GmbH -> TeamViewer Germany GmbH)
FirewallRules: [TCP Query User{3BEA038D-1B59-40E9-B551-25B5EC161D11}C:\users\xxx\appdata\roaming\utorrent\utorrent.exe] => (Allow) C:\users\xxx\appdata\roaming\utorrent\utorrent.exe (uTorrent.CZ -> BitTorrent, Inc.) [File not signed]
FirewallRules: [UDP Query User{76BE50F8-1CA5-43B6-BCC6-C17D70467229}C:\users\xxx\appdata\roaming\utorrent\utorrent.exe] => (Allow) C:\users\xxx\appdata\roaming\utorrent\utorrent.exe (uTorrent.CZ -> BitTorrent, Inc.) [File not signed]
FirewallRules: [{CBB7380F-9FEC-424E-9164-8F9522F4C7E1}] => (Allow) C:\Program Files (x86)\TeamViewer\TeamViewer.exe (TeamViewer Germany GmbH -> TeamViewer Germany GmbH)
FirewallRules: [{ADC17498-BC38-4EBE-B66C-64F047C35FD2}] => (Allow) C:\Program Files (x86)\TeamViewer\TeamViewer.exe (TeamViewer Germany GmbH -> TeamViewer Germany GmbH)
FirewallRules: [{6CEF79BF-0736-446B-8F26-DE16769CCF0E}] => (Allow) C:\Program Files (x86)\TeamViewer\TeamViewer_Service.exe (TeamViewer Germany GmbH -> TeamViewer Germany GmbH)
FirewallRules: [{BF6FAF57-AC1C-408F-9001-6BF71500492A}] => (Allow) C:\Program Files (x86)\TeamViewer\TeamViewer_Service.exe (TeamViewer Germany GmbH -> TeamViewer Germany GmbH)
FirewallRules: [{F61E3A6F-ACB2-4B20-8C5E-5D54B2DF1376}] => (Allow) C:\Users\XXX\AppData\Local\Maxthon\Application\Maxthon.exe (Maxthon Technology Co, Ltd. -> Maxthon Ltd.)
FirewallRules: [{71BA67F0-E50F-4CD5-BB0E-CEC2C1DB2FA2}] => (Allow) C:\Users\XXX\AppData\Local\Maxthon\Application\Maxthon.exe (Maxthon Technology Co, Ltd. -> Maxthon Ltd.)
FirewallRules: [{10DC4035-8F5D-447A-973D-4F7964259756}] => (Allow) C:\Users\XXX\AppData\Local\Maxthon\Application\Maxthon.exe (Maxthon Technology Co, Ltd. -> Maxthon Ltd.)
FirewallRules: [{69C00D4E-C50E-4D13-A252-B662624C36E5}] => (Allow) C:\Users\XXX\AppData\Local\Maxthon\Application\Maxthon.exe (Maxthon Technology Co, Ltd. -> Maxthon Ltd.)

==================== Restore Points =========================

14-09-2021 15:38:44 Naplánovaný kontrolní bod
15-09-2021 15:28:45 Windows Update
19-09-2021 08:43:24 Windows Update
21-09-2021 14:25:47 Revo Uninstaller's restore point - MX5

==================== Faulty Device Manager Devices ============


==================== Event log errors: ========================

Application errors:
==================
Error: (09/21/2021 04:01:29 PM) (Source: Microsoft-Windows-EapHost) (EventID: 2002) (User: NT AUTHORITY)
Description: Přeskočení: Ověření Eap method DLL path name se nezdařilo. Chyba: ID typu=23, ID autora=8086, ID dodavatele=0, typ dodavatele=0

Error: (09/21/2021 04:01:29 PM) (Source: Microsoft-Windows-EapHost) (EventID: 2002) (User: NT AUTHORITY)
Description: Přeskočení: Ověření Eap method DLL path name se nezdařilo. Chyba: ID typu=21, ID autora=8086, ID dodavatele=0, typ dodavatele=0

Error: (09/21/2021 04:01:29 PM) (Source: Microsoft-Windows-EapHost) (EventID: 2002) (User: NT AUTHORITY)
Description: Přeskočení: Ověření Eap method DLL path name se nezdařilo. Chyba: ID typu=18, ID autora=8086, ID dodavatele=0, typ dodavatele=0

Error: (09/21/2021 03:54:11 PM) (Source: Application Hang) (EventID: 1002) (User: )
Description: Program FRST64.exe verze 20.9.2021.0 přestal spolupracovat se systémem Windows a byl ukončen. Chcete-li zjistit, zda je k dispozici více informací o tomto problému, vyhledejte historii problému v ovládacím panelu Centrum akcí.

ID procesu: 13c4

Čas spuštění: 01d7aef00028420a

Čas ukončení: 2

Cesta k aplikaci: C:\Users\XXX\Downloads\FRST64.exe

ID hlášení: 6375dab9-1ae3-11ec-abda-889ffaf583f8

Error: (09/21/2021 02:37:44 PM) (Source: Microsoft-Windows-EapHost) (EventID: 2002) (User: NT AUTHORITY)
Description: Přeskočení: Ověření Eap method DLL path name se nezdařilo. Chyba: ID typu=23, ID autora=8086, ID dodavatele=0, typ dodavatele=0

Error: (09/21/2021 02:37:44 PM) (Source: Microsoft-Windows-EapHost) (EventID: 2002) (User: NT AUTHORITY)
Description: Přeskočení: Ověření Eap method DLL path name se nezdařilo. Chyba: ID typu=21, ID autora=8086, ID dodavatele=0, typ dodavatele=0

Error: (09/21/2021 02:37:44 PM) (Source: Microsoft-Windows-EapHost) (EventID: 2002) (User: NT AUTHORITY)
Description: Přeskočení: Ověření Eap method DLL path name se nezdařilo. Chyba: ID typu=18, ID autora=8086, ID dodavatele=0, typ dodavatele=0

Error: (09/21/2021 02:33:22 PM) (Source: Microsoft-Windows-EapHost) (EventID: 2002) (User: NT AUTHORITY)
Description: Přeskočení: Ověření Eap method DLL path se nezdařilo. Chyba: ID typu=23, ID autora=8086, ID dodavatele=0, typ dodavatele=0


System errors:
=============
Error: (09/21/2021 04:13:54 PM) (Source: Service Control Manager) (EventID: 7022) (User: )
Description: Služba Windows Update přestala během spouštění reagovat.

Error: (09/21/2021 04:13:33 PM) (Source: Schannel) (EventID: 4119) (User: NT AUTHORITY)
Description: Byla přijata následující výstraha o závažné chybě: 70.

Error: (09/21/2021 04:08:51 PM) (Source: Service Control Manager) (EventID: 7022) (User: )
Description: Služba NVIDIA Update Service Daemon přestala během spouštění reagovat.

Error: (09/21/2021 03:42:05 PM) (Source: Schannel) (EventID: 4119) (User: NT AUTHORITY)
Description: Byla přijata následující výstraha o závažné chybě: 40.

Error: (09/21/2021 03:42:04 PM) (Source: Schannel) (EventID: 4119) (User: NT AUTHORITY)
Description: Byla přijata následující výstraha o závažné chybě: 70.

Error: (09/21/2021 02:50:19 PM) (Source: Schannel) (EventID: 4119) (User: NT AUTHORITY)
Description: Byla přijata následující výstraha o závažné chybě: 70.

Error: (09/21/2021 02:38:18 PM) (Source: Service Control Manager) (EventID: 7000) (User: )
Description: Služba Connect2 Hotspot Service neuspěla při spuštění v důsledku následující chyby:
Služba neodpověděla na řídicí nebo zahajovací požadavek dostatečně včas.

Error: (09/21/2021 02:38:18 PM) (Source: Service Control Manager) (EventID: 7009) (User: )
Description: Při čekání na připojení služby Connect2 Hotspot Service bylo dosaženo časového limitu (30000 ms).


Windows Defender:
================
Date: 2021-04-26 09:38:50.500
Description:
Prohledávání Windows Defender bylo zastaveno před dokončením.
ID prohledávání:{A0077DBA-7632-4B8B-AE90-ECCE7E5F0E3E}
Typ prohledávání:Antispywarový program
Parametry prohledávání:Rychlé prohledávání
Uživatel:NT AUTHORITY\NETWORK SERVICE

Date: 2020-07-08 13:46:11.190
Description:
Prohledávání Windows Defender bylo zastaveno před dokončením.
ID prohledávání:{BC9E8BC5-61A9-4A91-959B-3899005B7795}
Typ prohledávání:Antispywarový program
Parametry prohledávání:Rychlé prohledávání
Uživatel:NT AUTHORITY\NETWORK SERVICE

Date: 2020-02-24 21:21:02.063
Description:
Prohledávání Windows Defender bylo zastaveno před dokončením.
ID prohledávání:{D1E1630B-ED6F-4590-BF61-76DFED615DED}
Typ prohledávání:Antispywarový program
Parametry prohledávání:Rychlé prohledávání
Uživatel:XXX-PC\XXX

Date: 2021-06-30 14:11:50.934
Description:
Program Windows Defender zjistil chybu při pokusu o aktualizaci.
Nová verze podpisu:1.343.25.0
Předchozí verze podpisu:1.341.1435.0
Zdroj aktualizace:Složka aktualizace podpisů
Typ podpisu:Antispywarový program
Typ aktualizace:Delta
Uživatel:NT AUTHORITY\SYSTEM
Aktuální verze modulu:1.1.18300.4
Předchozí verze modulu:1.1.18200.4
Kód chyby:0x80070666
Popis chyby:Již je nainstalována jiná verze tohoto produktu. Instalaci této verze nelze dokončit. Chcete-li znovu nakonfigurovat nebo odebrat existující verzi produktu, použijte ovládací panel Přidat nebo odebrat programy.

Date: 2021-06-30 14:11:50.934
Description:
Program Windows Defender zjistil chybu při pokusu o aktualizaci modulu
Nová verze modulu:1.1.18300.4
Předchozí verze modulu:1.1.18200.4
Zdroj aktualizace:Složka aktualizace podpisů
Uživatel:NT AUTHORITY\SYSTEM
Kód chyby:0x80070666
Popis chyby:Již je nainstalována jiná verze tohoto produktu. Instalaci této verze nelze dokončit. Chcete-li znovu nakonfigurovat nebo odebrat existující verzi produktu, použijte ovládací panel Přidat nebo odebrat programy.

Date: 2021-06-29 17:26:17.228
Description:
Program Windows Defender zjistil chybu při pokusu o aktualizaci.
Nová verze podpisu:1.343.25.0
Předchozí verze podpisu:1.341.1435.0
Zdroj aktualizace:Složka aktualizace podpisů
Typ podpisu:Antispywarový program
Typ aktualizace:Delta
Uživatel:NT AUTHORITY\SYSTEM
Aktuální verze modulu:1.1.18300.4
Předchozí verze modulu:1.1.18200.4
Kód chyby:0x80070666
Popis chyby:Již je nainstalována jiná verze tohoto produktu. Instalaci této verze nelze dokončit. Chcete-li znovu nakonfigurovat nebo odebrat existující verzi produktu, použijte ovládací panel Přidat nebo odebrat programy.

Date: 2021-06-29 17:26:17.227
Description:
Program Windows Defender zjistil chybu při pokusu o aktualizaci modulu
Nová verze modulu:1.1.18300.4
Předchozí verze modulu:1.1.18200.4
Zdroj aktualizace:Složka aktualizace podpisů
Uživatel:NT AUTHORITY\SYSTEM
Kód chyby:0x80070666
Popis chyby:Již je nainstalována jiná verze tohoto produktu. Instalaci této verze nelze dokončit. Chcete-li znovu nakonfigurovat nebo odebrat existující verzi produktu, použijte ovládací panel Přidat nebo odebrat programy.

Date: 2021-06-29 17:20:40.239
Description:
Program Windows Defender zjistil chybu při pokusu o aktualizaci.
Nová verze podpisu:1.343.25.0
Předchozí verze podpisu:1.341.1435.0
Zdroj aktualizace:Složka aktualizace podpisů
Typ podpisu:Antispywarový program
Typ aktualizace:Delta
Uživatel:NT AUTHORITY\SYSTEM
Aktuální verze modulu:1.1.18300.4
Předchozí verze modulu:1.1.18200.4
Kód chyby:0x80070666
Popis chyby:Již je nainstalována jiná verze tohoto produktu. Instalaci této verze nelze dokončit. Chcete-li znovu nakonfigurovat nebo odebrat existující verzi produktu, použijte ovládací panel Přidat nebo odebrat programy.

==================== Memory info ===========================

BIOS: LENOVO 6MET81WW (1.41 ) 10/26/2010
Motherboard: LENOVO 4384FV7
Processor: Intel(R) Core(TM) i5 CPU M 520 @ 2.40GHz
Percentage of memory in use: 83%
Total physical RAM: 5939.67 MB
Available physical RAM: 950.97 MB
Total Virtual: 11877.49 MB
Available Virtual: 6480.6 MB

==================== Drives ================================

Drive c: () (Fixed) (Total:295.98 GB) (Free:87.77 GB) NTFS
Drive d: (HP_TOOLS) (Fixed) (Total:2 GB) (Free:1.64 GB) NTFS

\\?\Volume{e4a7b4c5-4a95-11ea-ad6d-806e6f6e6963}\ (Rezervováno systémem) (Fixed) (Total:0.1 GB) (Free:0.07 GB) NTFS

==================== MBR & Partition Table ====================

==========================================================
Disk: 0 (Size: 298.1 GB) (Disk ID: 6479A2B6)
Partition 1: (Active) - (Size=100 MB) - (Type=07 NTFS)
Partition 2: (Not Active) - (Size=296 GB) - (Type=07 NTFS)
Partition 3: (Not Active) - (Size=2 GB) - (Type=07 NTFS)

==================== End of Addition.txt =======================

Uživatelský avatar
Rudy
Site Admin
Site Admin
Příspěvky: 118191
Registrován: 30 říj 2003 13:42
Bydliště: Plzeň
Kontaktovat uživatele:

Re: Kontrola logů, špatně se mi načítají stránky, některé vůbec,

#4 Příspěvek od Rudy »

OK. Teď spusťte tuto utilitu:
Ulozte na plochu AdwCleaner https://malwarebytes.com/adwcleaner/ nebo http://www.bleepingcomputer.com/download/adwcleaner/

ukoncete vsechny programy
odsouhlaste licencni podmiky (EULA) klikem na Souhlasim
kliknete pravym na ikonu AdwCleaneru a vyberte Spustit jako spravce (v pripade Win XP spustte obycejne dvojklikem)
kliknete na Skenovat nyni (Scan now), pote na Cisteni a opravy (Clean and Repair)
po restartu na Vas vyskoci log (pripadne jej najdete v C:\AdwCleaner\Logs\AdwCleaner[Cxx].txt), jehoz obsah zkopirujte do pristi odpovedi
Dotazy a logy vkládejte pouze do vašich threadů. Soukromé zprávy, icq a e-maily neslouží k řešení vašich problémů.

Podpořte, prosím, naše fórum : https://platba.viry.cz/payment/.

Navštivte: Obrázek

e-mail: rudy(zavináč)forum.viry.cz

Varování:
Před odvirováním PC si udělejte zálohy svých důležitých dat (pošta, kontakty, dokumenty, fotografie, videa, hudba apod.). Virus mimo svých "viditelných" aktivit může poškodit systém!


Po dořešení vašeho problému bude vlákno zamknuto. Stejně tak tehdy, pokud bude nečinné více než 14dnů. Pokud budete chtít vlákno aktivovat, napište mi na mail uvedený výše.

F7R
Návštěvník
Návštěvník
Příspěvky: 49
Registrován: 17 bře 2016 12:26

Re: Kontrola logů, špatně se mi načítají stránky, některé vůbec,

#5 Příspěvek od F7R »

logovací soubor tam byl po čištění

# -------------------------------
# Malwarebytes AdwCleaner 8.3.0.0
# -------------------------------
# Build: 06-29-2021
# Database: 2021-09-09.1 (Cloud)
# Support: https://www.malwarebytes.com/support
#
# -------------------------------
# Mode: Clean
# -------------------------------
# Start: 09-21-2021
# Duration: 00:01:08
# OS: Windows 7 Home Premium
# Cleaned: 36
# Failed: 0


***** [ Services ] *****

Deleted WCAssistantService

***** [ Folders ] *****

Deleted C:\Program Files (x86)\Lavasoft\Web Companion
Deleted C:\ProgramData\Application Data\Lavasoft\Web Companion
Deleted C:\ProgramData\Lavasoft\Web Companion
Deleted C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Lavasoft\WebCompanion
Deleted C:\Users\XXX\AppData\Local\Lavasoft\WEBCOMPANION.EXE_URL_SIQ0LWF3TZGXP2KHFKLLYBK3IDTBEHNG
Deleted C:\Users\XXX\AppData\Roaming\DRPSu
Deleted C:\Users\XXX\AppData\Roaming\Lavasoft\Web Companion

***** [ Files ] *****

Deleted C:\END

***** [ DLL ] *****

No malicious DLLs cleaned.

***** [ WMI ] *****

No malicious WMI cleaned.

***** [ Shortcuts ] *****

No malicious shortcuts cleaned.

***** [ Tasks ] *****

No malicious tasks cleaned.

***** [ Registry ] *****

Deleted HKCU\Software\Lavasoft\Web Companion
Deleted HKCU\Software\Microsoft\Internet Explorer\SearchScopes\{993F5746-4C15-42BC-99C1-064A1764271B}
Deleted HKCU\Software\Microsoft\Windows\CurrentVersion\Internet Settings\ZoneMap\Domains\webcompanion.com
Deleted HKCU\Software\Microsoft\Windows\CurrentVersion\Internet Settings\zonemap\domains\drp.su
Deleted HKCU\Software\Microsoft\Windows\CurrentVersion\Run|Web Companion
Deleted HKCU\Software\drpsu
Deleted HKLM\Software\Wow6432Node\Lavasoft\Web Companion
Deleted HKLM\Software\Wow6432Node\Microsoft\Windows\CurrentVersion\Uninstall\{def7532f-2660-4e43-b706-f4dfdf250720}|DisplayIcon
Deleted HKLM\Software\Wow6432Node\Microsoft\Windows\CurrentVersion\Uninstall\{def7532f-2660-4e43-b706-f4dfdf250720}|DisplayName
Deleted HKLM\Software\Wow6432Node\Microsoft\Windows\CurrentVersion\Uninstall\{def7532f-2660-4e43-b706-f4dfdf250720}|UninstallString
Deleted HKLM\Software\Wow6432Node\drpsu
Deleted HKU\.DEFAULT\Software\Microsoft\Windows\CurrentVersion\Internet Settings\ZoneMap\Domains\webcompanion.com
Deleted HKU\.DEFAULT\Software\Mozilla\NativeMessagingHosts\com.webcompanion.native
Deleted HKU\S-1-5-18\SOFTWARE\Mozilla\NativeMessagingHosts\com.webcompanion.native
Deleted HKU\S-1-5-18\Software\Microsoft\Windows\CurrentVersion\Internet Settings\ZoneMap\Domains\webcompanion.com

***** [ Chromium (and derivatives) ] *****

No malicious Chromium entries cleaned.

***** [ Chromium URLs ] *****

No malicious Chromium URLs cleaned.

***** [ Firefox (and derivatives) ] *****

No malicious Firefox entries cleaned.

***** [ Firefox URLs ] *****

No malicious Firefox URLs cleaned.

***** [ Hosts File Entries ] *****

No malicious hosts file entries cleaned.

***** [ Preinstalled Software ] *****

Deleted Preinstalled.EpsonCustomerResearchParticipation Folder C:\Program Files\EPSON\EPSONCUSTOMERRESEARCHPARTICIPATION
Deleted Preinstalled.EpsonCustomerResearchParticipation Folder C:\ProgramData\EPSON\EPSONCUSTOMERRESEARCHPARTICIPATION
Deleted Preinstalled.EpsonCustomerResearchParticipation Registry HKLM\Software\Microsoft\Windows\CurrentVersion\Uninstall\{B26449A6-6007-4460-B4FE-C4776115BCEA}
Deleted Preinstalled.LenovoUpdate Folder C:\Program Files (x86)\LENOVO\ACTIVE UPDATE
Deleted Preinstalled.LenovoUpdate Registry HKLM\Software\Wow6432Node\\Microsoft\Windows\CurrentVersion\Uninstall\{BDB3E73F-5ECA-441D-96E1-F1CFCF3D427D}
Deleted Preinstalled.SamsungSmartSwitch File C:\Users\Public\Desktop\Smart Switch.lnk
Deleted Preinstalled.SamsungSmartSwitch File C:\Users\XXX\AppData\Roaming\Microsoft\Internet Explorer\Quick Launch\Smart Switch.lnk
Deleted Preinstalled.SamsungSmartSwitch Folder C:\Program Files (x86)\SAMSUNG\SMART SWITCH PC
Deleted Preinstalled.SamsungSmartSwitch Folder C:\ProgramData\Microsoft\Windows\Start Menu\Programs\SAMSUNG\SMART SWITCH PC
Deleted Preinstalled.SamsungSmartSwitch Folder C:\Users\XXX\AppData\Roaming\SAMSUNG\SMART SWITCH PC
Deleted Preinstalled.SamsungSmartSwitch Registry HKLM\Software\Wow6432Node\\Microsoft\Windows\CurrentVersion\Uninstall\InstallShield_{74FA5314-85C8-4E2A-907D-D9ECCCB770A7}
Deleted Preinstalled.SamsungSmartSwitch Registry HKLM\Software\Wow6432Node\\Microsoft\Windows\CurrentVersion\Uninstall\{74FA5314-85C8-4E2A-907D-D9ECCCB770A7}


*************************

[+] Delete Tracing Keys
[+] Reset Winsock

*************************

AdwCleaner[S00].txt - [5158 octets] - [21/09/2021 18:03:25]

########## EOF - C:\AdwCleaner\Logs\AdwCleaner[C00].txt ##########

Uživatelský avatar
Rudy
Site Admin
Site Admin
Příspěvky: 118191
Registrován: 30 říj 2003 13:42
Bydliště: Plzeň
Kontaktovat uživatele:

Re: Kontrola logů, špatně se mi načítají stránky, některé vůbec,

#6 Příspěvek od Rudy »

OK. Dejte nové logy FRST+Addition.
Dotazy a logy vkládejte pouze do vašich threadů. Soukromé zprávy, icq a e-maily neslouží k řešení vašich problémů.

Podpořte, prosím, naše fórum : https://platba.viry.cz/payment/.

Navštivte: Obrázek

e-mail: rudy(zavináč)forum.viry.cz

Varování:
Před odvirováním PC si udělejte zálohy svých důležitých dat (pošta, kontakty, dokumenty, fotografie, videa, hudba apod.). Virus mimo svých "viditelných" aktivit může poškodit systém!


Po dořešení vašeho problému bude vlákno zamknuto. Stejně tak tehdy, pokud bude nečinné více než 14dnů. Pokud budete chtít vlákno aktivovat, napište mi na mail uvedený výše.

F7R
Návštěvník
Návštěvník
Příspěvky: 49
Registrován: 17 bře 2016 12:26

Re: Kontrola logů, špatně se mi načítají stránky, některé vůbec,

#7 Příspěvek od F7R »

Scan result of Farbar Recovery Scan Tool (FRST) (x64) Version: 20-09-2021
Ran by XXX (administrator) on XXX-PC (LENOVO 4384FV7) (21-09-2021 19:27:22)
Running from C:\Users\XXX\Desktop
Loaded Profiles: XXX & UpdatusUser
Platform: Windows 7 Home Premium Service Pack 1 (X64) Language: Čeština (Česká republika)
Default browser: "C:\Users\XXX\AppData\Local\Maxthon\Application\Maxthon.exe" --single-argument %1
Boot Mode: Normal

==================== Processes (Whitelisted) =================

(If an entry is included in the fixlist, the process will be closed. The file will not be moved.)

(DISPLAYLINK -> DisplayLink Corp.) C:\Program Files\DisplayLink Core Software\8.0.778.0\DisplayLinkManager.exe
(DISPLAYLINK -> DisplayLink Corp.) C:\Program Files\DisplayLink Core Software\8.0.778.0\DisplayLinkUI.exe
(DISPLAYLINK -> DisplayLink Corp.) C:\Program Files\DisplayLink Core Software\8.0.778.0\DisplayLinkUserAgent.exe
(Intel Corporation - Mobile Wireless Group -> Intel(R) Corporation) C:\Program Files\Common Files\Intel\WirelessCommon\RegSrvc.exe
(Intel Corporation -> Intel Corporation) C:\Windows\System32\hkcmd.exe
(Intel Corporation -> Intel Corporation) C:\Windows\System32\igfxpers.exe
(Intel Corporation -> Intel Corporation) C:\Windows\System32\igfxtray.exe
(Lenovo -> Lenovo) C:\Program Files (x86)\Lenovo\Connect2\Connect2.Service.exe
(Lenovo -> Lenovo.) C:\Windows\System32\ibmpmsvc.exe
(Lenovo -> Lenovo.) C:\Windows\System32\LPlatSvc.exe <2>
(LITE-ON TECHNOLOGY CORP.) [File not signed] C:\Program Files\Lenovo\USB Enhanced Performance Keyboard\Skdaemon.exe
(Maxthon Technology Co, Ltd. -> Maxthon Ltd.) C:\Users\XXX\AppData\Local\Maxthon\Application\Maxthon.exe <12>
(Microsoft Windows -> Microsoft Corporation) C:\Windows\splwow64.exe
(Microsoft Windows -> Microsoft Corporation) C:\Windows\System32\dllhost.exe <3>
(NVIDIA Corporation -> NVIDIA Corporation) C:\Program Files (x86)\NVIDIA Corporation\NVIDIA Update Core\daemonu.exe
(NVIDIA Corporation -> NVIDIA Corporation) C:\Program Files\NVIDIA Corporation\Display\nvxdsync.exe
(NVIDIA Corporation -> NVIDIA Corporation) C:\Windows\System32\nvvsvc.exe <2>
(Piriform Ltd -> Piriform Ltd) C:\Program Files\CCleaner\CCleaner64.exe
(Power Software Limited -> Power Software Ltd) C:\Program Files\PowerISO\PWRISOVM.EXE
(Qualcomm Inc -> QUALCOMM, Inc.) C:\Program Files (x86)\QUALCOMM\QDLService2k\QDLService2kLenovo.exe
(Samsung Electronics CO., LTD. -> DEVGURU Co., LTD.) C:\Program Files (x86)\Samsung\USB Drivers\27_ssconn\conn\ss_conn_service.exe
(Samsung Electronics Co., Ltd. -> DEVGURU Co., LTD.) C:\Program Files (x86)\Samsung\USB Drivers\28_ssconn2\conn\ss_conn_service2.exe
(SEIKO EPSON CORPORATION -> Seiko Epson Corporation) C:\Program Files (x86)\EPSON Software\Epson Printer Connection Checker\EPPCCMON.EXE
(SEIKO EPSON CORPORATION -> SEIKO EPSON CORPORATION) C:\Program Files (x86)\EPSON Software\Event Manager\EEventManager.exe
(SEIKO EPSON Corporation -> SEIKO EPSON CORPORATION) C:\Program Files\Common Files\EPSON\EPW!3 SSRP\E_S60RPB.EXE
(SEIKO EPSON Corporation -> Seiko Epson Corporation) C:\Windows\System32\escsvc64.exe
(SEIKO EPSON CORPORATION -> SEIKO EPSON CORPORATION) C:\Windows\System32\spool\drivers\x64\3\E_YATIPLE.EXE <3>
(Synaptics Incorporated -> Synaptics Incorporated) C:\Program Files\Synaptics\SynTP\SynTPEnh.exe
(Synaptics Incorporated -> Synaptics Incorporated) C:\Program Files\Synaptics\SynTP\SynTPHelper.exe
(Synaptics Incorporated -> Synaptics Incorporated) C:\Program Files\Synaptics\SynTP\SynTPLpr.exe
(TeamViewer Germany GmbH -> TeamViewer Germany GmbH) C:\Program Files (x86)\TeamViewer\TeamViewer.exe
(TeamViewer Germany GmbH -> TeamViewer Germany GmbH) C:\Program Files (x86)\TeamViewer\TeamViewer_Service.exe
(TeamViewer Germany GmbH -> TeamViewer Germany GmbH) C:\Program Files (x86)\TeamViewer\tv_w32.exe
(TeamViewer Germany GmbH -> TeamViewer Germany GmbH) C:\Program Files (x86)\TeamViewer\tv_x64.exe

==================== Registry (Whitelisted) ===================

(If an entry is included in the fixlist, the registry item will be restored to default or removed. The file will not be moved.)

HKLM\...\Run: [EPPCCMON] => C:\Program Files (x86)\EPSON Software\Epson Printer Connection Checker\EPPCCMON.EXE [442936 2020-10-22] (SEIKO EPSON CORPORATION -> Seiko Epson Corporation)
HKLM\...\Run: [Enhanced Performance Keyboard] => C:\Program Files\Lenovo\USB Enhanced Performance Keyboard\SKDaemon.exe [4013056 2014-08-17] (LITE-ON TECHNOLOGY CORP.) [File not signed]
HKLM\...\Run: [SmartAudio] => C:\Program Files\CONEXANT\SAII\SAIICpl.exe [307768 2009-11-15] (Conexant Systems, Inc. -> )
HKLM-x32\...\Run: [EEventManager] => C:\Program Files (x86)\Epson Software\Event Manager\EEventManager.exe [1087184 2016-01-20] (SEIKO EPSON CORPORATION -> SEIKO EPSON CORPORATION)
HKLM-x32\...\Run: [PWRISOVM.EXE] => C:\Program Files\PowerISO\PWRISOVM.EXE [455872 2020-02-09] (Power Software Limited -> Power Software Ltd)
HKLM-x32\...\Run: [] => [X]
HKU\S-1-5-21-555042887-2286466740-3098252512-1000\...\Run: [EPLTarget\P0000000000000000] => C:\Windows\system32\spool\DRIVERS\x64\3\E_YATIPLE.EXE [417776 2014-11-14] (SEIKO EPSON CORPORATION -> SEIKO EPSON CORPORATION)
HKU\S-1-5-21-555042887-2286466740-3098252512-1000\...\Run: [EPLTarget\P0000000000000001] => C:\Windows\system32\spool\DRIVERS\x64\3\E_YATIPLE.EXE [417776 2014-11-14] (SEIKO EPSON CORPORATION -> SEIKO EPSON CORPORATION)
HKU\S-1-5-21-555042887-2286466740-3098252512-1000\...\Run: [EPSDNMON] => ""
HKU\S-1-5-21-555042887-2286466740-3098252512-1000\...\Run: [EPLTarget\P0000000000000002] => C:\Windows\system32\spool\DRIVERS\x64\3\E_YATIPLE.EXE [417776 2014-11-14] (SEIKO EPSON CORPORATION -> SEIKO EPSON CORPORATION)
HKU\S-1-5-21-555042887-2286466740-3098252512-1000\...\Run: [CCleaner Monitoring] => C:\Program Files\CCleaner\CCleaner64.exe [8619224 2016-01-15] (Piriform Ltd -> Piriform Ltd)
HKU\S-1-5-21-555042887-2286466740-3098252512-1000\Control Panel\Desktop\\SCRNSAVE.EXE -> C:\Windows\yowindow.scr
HKU\S-1-5-18\...\RunOnce: [SPReview] => C:\Windows\System32\SPReview\SPReview.exe [301568 2020-02-12] (Microsoft Windows -> Microsoft Corporation)
HKLM\...\Print\Monitors\EPSON XP-630 Series 64MonitorBE: C:\Windows\system32\E_YLMBPLE.DLL [180224 2014-03-05] (Microsoft Windows Hardware Compatibility Publisher -> SEIKO EPSON CORPORATION)
HKLM\...\Print\Monitors\EpsonNet Print Port: C:\Windows\system32\enppmon.dll [500736 2016-09-14] (SEIKO EPSON CORPORATION) [File not signed]
AppInit_DLLs: C:\Windows\system32\nvinitx.dll => C:\Windows\system32\nvinitx.dll [245872 2013-10-29] (NVIDIA CORPORATION -> NVIDIA Corporation)
AppInit_DLLs-x32: C:\Windows\SysWOW64\nvinit.dll => C:\Windows\SysWOW64\nvinit.dll [201576 2013-10-29] (NVIDIA CORPORATION -> NVIDIA Corporation)

==================== Scheduled Tasks (Whitelisted) ============

(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)

Task: {07F9EF7A-1F22-4511-B818-EE6362BBBCAC} - System32\Tasks\Games\UpdateCheck_S-1-5-21-555042887-2286466740-3098252512-1000 => {CA22F5B1-E06F-4A2B-94FC-21E87FE53781} C:\Windows\System32\gameux.dll [2746368 2012-12-07] (Microsoft Windows -> Microsoft Corporation)
Task: {29FF17AC-EA42-4AEB-BE92-127890972074} - System32\Tasks\TVT\ChangePWD => C:\Program Files (x86)\Lenovo\Rescue and Recovery\rrcmd.exe [1272168 2013-09-25] (Lenovo Information Products (Shenzhen) Co.,Ltd -> Lenovo Limited Group Corporation)
Task: {2F81CFBE-2693-40B6-9754-B4FAB9153B89} - System32\Tasks\{72473BEC-643F-463F-AFB7-46DED0B91711} => C:\Windows\system32\pcalua.exe -a C:\Users\XXX\Desktop\DialogysInstall_PC.exe -d C:\Users\XXX\Desktop
Task: {3B91FC34-0AB6-4843-9DCE-5731B3407464} - System32\Tasks\Adobe Flash Player Updater => C:\Windows\SysWOW64\Macromed\Flash\FlashPlayerUpdateService.exe
Task: {46249C69-1762-409D-8318-3279892DBA49} - System32\Tasks\EPSON XP-630 Series Update {326805B2-8C58-4D3D-A4E5-E90D3768C8D5} => C:\Windows\system32\spool\DRIVERS\x64\3\E_YTSPLE.EXE [690536 2013-11-22] (SEIKO EPSON CORPORATION -> SEIKO EPSON CORPORATION)
Task: {49517535-8100-4FA3-AD29-D9AB16CF6F46} - System32\Tasks\CCleanerSkipUAC => C:\Program Files\CCleaner\CCleaner.exe [6628056 2016-01-15] (Piriform Ltd -> Piriform Ltd)
Task: {50110C47-559A-4DD3-8B4B-D80E5195AFAD} - System32\Tasks\EPSON XP-630 Series Update {4AAB39D2-890A-4DC4-B515-785176BC5786} => C:\Windows\system32\spool\DRIVERS\x64\3\E_YTSPLE.EXE [690536 2013-11-22] (SEIKO EPSON CORPORATION -> SEIKO EPSON CORPORATION)
Task: {58DC4A38-9466-443F-B8AA-903E49316E4C} - System32\Tasks\EPSON XP-630 Series Update {C5E4CE44-5ED1-48B5-8A3C-4952643C058B} => C:\Windows\system32\spool\DRIVERS\x64\3\E_YTSPLE.EXE [690536 2013-11-22] (SEIKO EPSON CORPORATION -> SEIKO EPSON CORPORATION)
Task: {5B3FAEDE-8B3A-4273-AAEE-2B1C331B9CCB} - System32\Tasks\{34A296ED-6081-4403-A8B5-F7E8F256225C} => C:\Windows\system32\pcalua.exe -a C:\Users\XXX\AppData\Local\Temp\7zS806E4871\GenericSetup.exe -d C:\Users\XXX\AppData\Local\Temp\7zS806E4871 -c C:\Users\XXX\AppData\Local\Temp\7zS806E4871\GenericSetup.exe hhwnd=9832342 hasync hthankyoupage="http://www.gomlab.com/gom/installThanks ... r&lang=eng" title="GOM Player Setup" -> -a C:\Users\XXX\AppData\Local\Temp\7zS806E4871\GenericSetup.exe -d C:\Users\XXX\AppData\Local\Temp\7zS806E4871 -c C:\Users\XXX\AppData\Local\Temp\7zS806E4871\GenericSetup.exe hhwnd=9832342 hasync hthankyoupage="hxxp://www.gomlab.com/gom/installThanks.gom?pr ... r&lang=eng" title="GOM Player (the data entry has 7 more characters). <==== ATTENTION
Task: {968F1CAD-5227-4345-9FA0-6C6F5E95C3B4} - System32\Tasks\TVT\LaunchRnR => C:\Program Files (x86)\Lenovo\Rescue and Recovery\rrcmd.exe [1272168 2013-09-25] (Lenovo Information Products (Shenzhen) Co.,Ltd -> Lenovo Limited Group Corporation)
Task: {B0C00EAD-68F6-44BB-88EC-A2302D4B1D30} - System32\Tasks\{5CC936AD-914B-404D-B40F-5FC717E65481} => C:\Windows\system32\pcalua.exe -a "C:\Program Files (x86)\KONAMI\MetalGearSolid2 Substance\bin\MGS2SSetup.exe" -d "C:\Program Files (x86)\KONAMI\MetalGearSolid2 Substance\bin"
Task: {B2ABA462-A170-4CEC-9206-31F92E4AD5F7} - System32\Tasks\Synaptics TouchPad Enhancements => \Program Files\Synaptics\SynTP\SynTPEnh.exe [2916592 2014-07-28] (Synaptics Incorporated -> Synaptics Incorporated)
Task: {B95E45FA-6E22-4186-8D04-AE8DB0A689AA} - System32\Tasks\TVT\UpdateRnR => C:\Program Files (x86)\Common Files\Lenovo\Scheduler\tvtsetsched.exe [593920 2013-09-25] () [File not signed]

(If an entry is included in the fixlist, the task (.job) file will be moved. The file which is running by the task will not be moved.)

Task: C:\Windows\Tasks\EPSON XP-630 Series Update {326805B2-8C58-4D3D-A4E5-E90D3768C8D5}.job => C:\Windows\system32\spool\DRIVERS\x64\3\E_YTSPLE.EXE:/EXE:{326805B2-8C58-4D3D-A4E5-E90D3768C8D5} /F:UpdateSYSTEMĊSearches for EPSON software updates, and notifies you when updates are available.If this task is disabled or stopped, your EPSON software will not be automatically kept up to date.Thi
Task: C:\Windows\Tasks\EPSON XP-630 Series Update {4AAB39D2-890A-4DC4-B515-785176BC5786}.job => C:\Windows\system32\spool\DRIVERS\x64\3\E_YTSPLE.EXE:/EXE:{4AAB39D2-890A-4DC4-B515-785176BC5786} /F:UpdateSYSTEMĊSearches for EPSON software updates, and notifies you when updates are available.If this task is disabled or stopped, your EPSON software will not be automatically kept up to date.Thi
Task: C:\Windows\Tasks\EPSON XP-630 Series Update {C5E4CE44-5ED1-48B5-8A3C-4952643C058B}.job => C:\Windows\system32\spool\DRIVERS\x64\3\E_YTSPLE.EXE:/EXE:{C5E4CE44-5ED1-48B5-8A3C-4952643C058B} /F:UpdateSYSTEMĊSearches for EPSON software updates, and notifies you when updates are available.If this task is disabled or stopped, your EPSON software will not be automatically kept up to date.Thi

==================== Internet (Whitelisted) ====================

(If an item is included in the fixlist, if it is a registry item it will be removed or restored to default.)

Tcpip\Parameters: [DhcpNameServer] 192.168.0.1
Tcpip\..\Interfaces\{362D3F70-6BF6-47E7-B731-78954894A20C}: [DhcpNameServer] 192.168.0.1

Edge:
=======
Edge DefaultProfile: Profile 1
Edge Profile: C:\Users\XXX\AppData\Local\Microsoft\Edge\User Data\Profile 1 [2021-09-21]
Edge Notifications: Profile 1 -> hxxps://meet.google.com

FireFox:
========
FF HKLM-x32\...\Firefox\Extensions: [e-webprint@epson.com] - C:\Program Files (x86)\Epson Software\E-Web Print\Firefox Add-on
FF Extension: (E-Web Print) - C:\Program Files (x86)\Epson Software\E-Web Print\Firefox Add-on [2020-02-24] [Legacy] [not signed]
FF Plugin: @microsoft.com/GENUINE -> disabled [No File]
FF Plugin-x32: @microsoft.com/GENUINE -> disabled [No File]
FF Plugin-x32: @update.ccleanerbrowser.com/CCleaner Browser;version=3 -> C:\Program Files (x86)\CCleaner Browser\Update\1.7.848.0\npCCleanerBrowserUpdate3.dll [No File]
FF Plugin-x32: @update.ccleanerbrowser.com/CCleaner Browser;version=9 -> C:\Program Files (x86)\CCleaner Browser\Update\1.7.848.0\npCCleanerBrowserUpdate3.dll [No File]

==================== Services (Whitelisted) ===================

(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)

R2 connect2hotspot; C:\Program Files (x86)\Lenovo\Connect2\Connect2.Service.exe [100680 2017-02-08] (Lenovo -> Lenovo)
R2 DisplayLinkService; C:\Program Files\DisplayLink Core Software\8.0.778.0\DisplayLinkManager.exe [11871976 2016-08-23] (DISPLAYLINK -> DisplayLink Corp.)
R2 EpsonScanSvc; C:\Windows\system32\EscSvc64.exe [144560 2012-05-17] (SEIKO EPSON Corporation -> Seiko Epson Corporation)
R2 EPSON_PM_RPCV4_06; C:\Program Files\Common Files\EPSON\EPW!3 SSRP\E_S60RPB.EXE [152640 2013-04-15] (SEIKO EPSON Corporation -> SEIKO EPSON CORPORATION)
R2 LPlatSvc; C:\Windows\system32\LPlatSvc.exe [711248 2017-04-01] (Lenovo -> Lenovo.)
R2 QDLService2kLenovo; C:\Program Files (x86)\QUALCOMM\QDLService2k\QDLService2kLenovo.exe [1688384 2011-05-23] (Qualcomm Inc -> QUALCOMM, Inc.)
S3 ss_conn_launcher_service; C:\Windows\system32\Samsung\EasySetup\ss_conn_launcher.exe [182328 2020-04-27] (Samsung Electronics Co., Ltd. -> Samsung Electronics Co., Ltd.)
R2 ss_conn_service; C:\Program Files (x86)\Samsung\USB Drivers\27_ssconn\conn\ss_conn_service.exe [752224 2020-04-27] (Samsung Electronics CO., LTD. -> DEVGURU Co., LTD.)
R2 ss_conn_service2; C:\Program Files (x86)\Samsung\USB Drivers\28_ssconn2\conn\ss_conn_service2.exe [934328 2020-04-27] (Samsung Electronics Co., Ltd. -> DEVGURU Co., LTD.)
R2 TeamViewer; C:\Program Files (x86)\TeamViewer\TeamViewer_Service.exe [13271336 2021-09-02] (TeamViewer Germany GmbH -> TeamViewer Germany GmbH)
S4 ThinkVantage Registry Monitor Service; C:\Program Files (x86)\Common Files\Lenovo\tvt_reg_monitor_svc.exe [1028096 2010-08-31] (Lenovo Group Limited) [File not signed]
S3 TVT Backup Service; C:\Program Files (x86)\Lenovo\Rescue and Recovery\rrservice.exe [1526120 2013-09-25] (Lenovo Information Products (Shenzhen) Co.,Ltd -> Lenovo Group Limited)
R2 WinDefend; C:\Program Files\Windows Defender\mpsvc.dll [1011712 2013-05-27] (Microsoft Windows -> Microsoft Corporation)
S2 DCIService; C:\Program Files (x86)\Lavasoft\Web Companion\Service\x64\DCIService.exe [X]
S2 EpsonCustomerResearchParticipation; "C:\Program Files\EPSON\EpsonCustomerResearchParticipation\EPCP.exe" [X]

===================== Drivers (Whitelisted) ===================

(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)

R2 BdDci; C:\Windows\System32\DRIVERS\bddci.sys [367096 2021-09-20] (Bitdefender SRL -> Bitdefender)
R2 rimspci; C:\Windows\System32\DRIVERS\rimspe64.sys [61952 2009-10-26] (Microsoft Windows Hardware Compatibility Publisher -> REDC)
R3 SrvHsfHDA; C:\Windows\System32\DRIVERS\VSTAZL6.SYS [292864 2009-06-10] (Microsoft Windows -> Conexant Systems, Inc.)
R3 SrvHsfV92; C:\Windows\System32\DRIVERS\VSTDPV6.SYS [1485312 2009-06-10] (Microsoft Windows -> Conexant Systems, Inc.)
R3 SrvHsfWinac; C:\Windows\System32\DRIVERS\VSTCNXT6.SYS [740864 2009-06-10] (Microsoft Windows -> Conexant Systems, Inc.)
S3 ssudmdm; C:\Windows\System32\DRIVERS\ssudmdm.sys [166760 2020-04-27] (Samsung Electronics Co., Ltd. -> Samsung Electronics Co., Ltd.)
S3 ss_conn_usb_driver2; C:\Windows\System32\Drivers\ss_conn_usb_driver2.sys [43368 2020-04-27] (Samsung Electronics Co., Ltd. -> Samsung Electronics Co., Ltd.)
R3 TVTI2C; C:\Windows\System32\DRIVERS\Tvti2c.sys [40248 2011-05-30] (Lenovo Information Products (Shenzhen) Co.,Ltd -> Lenovo Information Product(ShenZhen China) Inc.)

==================== NetSvcs (Whitelisted) ===================

(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)


==================== One month (created) (Whitelisted) =========

(If an entry is included in the fixlist, the file/folder will be moved.)

2021-09-21 18:02 - 2021-09-21 18:04 - 000000000 ____D C:\AdwCleaner
2021-09-21 18:01 - 2021-09-21 18:02 - 008553680 _____ (Malwarebytes) C:\Users\XXX\Desktop\adwcleaner_8.3.0.exe
2021-09-21 17:07 - 2021-09-21 17:07 - 001342296 _____ (Google LLC) C:\Users\XXX\Desktop\ChromeSetup.exe
2021-09-21 16:19 - 2021-09-21 16:28 - 000029277 _____ C:\Users\XXX\Desktop\Addition.txt
2021-09-21 16:14 - 2021-09-21 16:15 - 000000000 ____D C:\rsit
2021-09-21 16:14 - 2021-09-21 16:15 - 000000000 ____D C:\Program Files\trend micro
2021-09-21 16:13 - 2021-09-21 19:29 - 000017002 _____ C:\Users\XXX\Desktop\FRST.txt
2021-09-21 16:13 - 2021-09-21 16:13 - 001222144 _____ C:\Users\XXX\Desktop\RSITx64.exe
2021-09-21 16:09 - 2021-09-21 16:09 - 002304512 _____ (Farbar) C:\Users\XXX\Desktop\FRST64.exe
2021-09-21 15:53 - 2021-09-21 19:27 - 000000000 ____D C:\FRST
2021-09-21 15:39 - 2021-09-21 15:39 - 000388608 _____ (Trend Micro Inc.) C:\Users\XXX\Downloads\HijackThis.exe
2021-09-21 14:58 - 2021-09-21 14:58 - 000002296 _____ C:\Users\XXX\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Maxthon.lnk
2021-09-21 14:58 - 2021-09-21 14:58 - 000002259 _____ C:\Users\XXX\Desktop\Maxthon.lnk
2021-09-21 14:58 - 2021-09-21 14:58 - 000000000 ____D C:\Users\XXX\AppData\Roaming\VBox
2021-09-21 14:58 - 2021-09-21 14:58 - 000000000 ____D C:\Users\XXX\AppData\Local\vback
2021-09-21 14:57 - 2021-09-21 14:58 - 000000000 ____D C:\Users\XXX\AppData\Local\Maxthon
2021-09-20 07:44 - 2021-09-20 07:44 - 000367096 _____ (Bitdefender) C:\Windows\system32\Drivers\bddci.sys
2021-09-19 14:18 - 2021-09-19 15:53 - 000000000 ____D C:\Users\XXX\Downloads\Alphaville - First Harvest 1984 1992
2021-09-19 10:27 - 2021-09-19 09:33 - 124298470 _____ C:\Users\XXX\Desktop\06.-New Year's Day.flac
2021-09-02 09:27 - 2021-09-02 09:27 - 000001054 _____ C:\Users\Public\Desktop\BurnAware Free.lnk
2021-09-02 09:27 - 2021-09-02 09:27 - 000000000 ____D C:\Users\XXX\AppData\Roaming\Burnaware
2021-09-02 09:27 - 2021-09-02 09:27 - 000000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\BurnAware Free
2021-09-02 09:27 - 2021-09-02 09:27 - 000000000 ____D C:\Program Files (x86)\BurnAware Free

==================== One month (modified) ==================

(If an entry is included in the fixlist, the file/folder will be moved.)

2021-09-21 19:02 - 2020-02-24 14:02 - 000000911 _____ C:\Windows\Tasks\EPSON XP-630 Series Update {4AAB39D2-890A-4DC4-B515-785176BC5786}.job
2021-09-21 18:57 - 2020-02-24 13:57 - 000000911 _____ C:\Windows\Tasks\EPSON XP-630 Series Update {326805B2-8C58-4D3D-A4E5-E90D3768C8D5}.job
2021-09-21 18:45 - 2020-11-08 22:45 - 000000911 _____ C:\Windows\Tasks\EPSON XP-630 Series Update {C5E4CE44-5ED1-48B5-8A3C-4952643C058B}.job
2021-09-21 18:20 - 2009-07-14 06:45 - 000026176 ____H C:\Windows\system32\7B296FB0-376B-497e-B012-9C450E1B7327-5P-1.C7483456-A289-439d-8115-601632D005A0
2021-09-21 18:20 - 2009-07-14 06:45 - 000026176 ____H C:\Windows\system32\7B296FB0-376B-497e-B012-9C450E1B7327-5P-0.C7483456-A289-439d-8115-601632D005A0
2021-09-21 18:14 - 2020-12-23 12:18 - 000000000 ____D C:\Users\UpdatusUser
2021-09-21 18:12 - 2020-02-24 14:59 - 000000000 ____D C:\Program Files (x86)\TeamViewer
2021-09-21 18:11 - 2009-07-14 07:08 - 000000006 ____H C:\Windows\Tasks\SA.DAT
2021-09-21 18:05 - 2020-12-23 13:15 - 000000000 ____D C:\Program Files (x86)\Lenovo
2021-09-21 18:05 - 2020-06-26 17:01 - 000000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Samsung
2021-09-21 18:05 - 2020-04-01 10:25 - 000000000 ____D C:\Users\XXX\AppData\Local\Lavasoft
2021-09-21 18:05 - 2020-04-01 10:25 - 000000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Lavasoft
2021-09-21 18:05 - 2020-04-01 10:24 - 000000000 ____D C:\Users\XXX\AppData\Roaming\Lavasoft
2021-09-21 18:05 - 2020-04-01 10:24 - 000000000 ____D C:\ProgramData\Lavasoft
2021-09-21 18:05 - 2020-04-01 10:24 - 000000000 ____D C:\Program Files (x86)\Lavasoft
2021-09-21 18:05 - 2020-02-24 18:05 - 000000000 ____D C:\Program Files\EPSON
2021-09-21 18:05 - 2020-02-24 12:56 - 000000000 ____D C:\ProgramData\Epson
2021-09-21 18:04 - 2020-06-26 17:00 - 000000000 ____D C:\Users\XXX\AppData\Roaming\Samsung
2021-09-21 18:04 - 2020-06-26 16:59 - 000000000 ____D C:\Program Files (x86)\Samsung
2021-09-21 17:24 - 2020-10-24 11:59 - 000000000 ____D C:\Program Files (x86)\Google
2021-09-21 17:17 - 2020-10-24 11:59 - 000000000 ____D C:\Users\XXX\AppData\Local\Google
2021-09-21 15:39 - 2020-02-08 19:16 - 000000000 ____D C:\Users\XXX\AppData\Local\VirtualStore
2021-09-21 14:27 - 2020-02-20 14:08 - 000000000 ____D C:\Users\XXX\AppData\Roaming\Maxthon5
2021-09-21 14:15 - 2009-07-14 05:20 - 000000000 ____D C:\Windows\system32\NDF
2021-09-21 13:59 - 2009-07-14 05:20 - 000000000 ____D C:\Windows\inf
2021-09-19 16:01 - 2020-02-25 13:42 - 000001491 _____ C:\Users\XXX\Desktop\AudioExtractor.ini
2021-09-19 15:56 - 2021-04-26 11:13 - 000000000 ____D C:\Users\XXX\AppData\Roaming\uTorrent
2021-09-19 09:01 - 2020-07-01 16:29 - 000002221 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Microsoft Edge.lnk
2021-09-19 09:01 - 2020-07-01 16:29 - 000002180 _____ C:\Users\Public\Desktop\Microsoft Edge.lnk
2021-09-15 15:34 - 2020-02-24 19:29 - 000000000 ____D C:\Windows\system32\MRT
2021-09-15 15:29 - 2020-02-24 19:29 - 135637312 ____C (Microsoft Corporation) C:\Windows\system32\MRT.exe
2021-09-06 14:19 - 2020-02-09 12:03 - 000000000 ____D C:\Users\XXX\My Drivers
2021-09-01 12:00 - 2020-12-23 14:18 - 000000000 ____D C:\SWSHARE
2021-08-30 22:45 - 2020-02-24 17:56 - 000803176 ____N (Microsoft Corporation) C:\Windows\system32\MpSigStub.exe
2021-08-24 16:40 - 2009-07-14 17:18 - 000668376 _____ C:\Windows\system32\perfh005.dat
2021-08-24 16:40 - 2009-07-14 17:18 - 000141004 _____ C:\Windows\system32\perfc005.dat
2021-08-24 16:40 - 2009-07-14 07:13 - 001582262 _____ C:\Windows\system32\PerfStringBackup.INI

==================== Files in the root of some directories ========

2020-09-18 11:27 - 2020-09-18 11:27 - 000195296 _____ () C:\Users\XXX\comcat5.dll
2020-04-08 11:23 - 2020-04-08 13:25 - 000001576 _____ () C:\Program Files (x86)\DialogysUninstWPS.bat
2020-04-08 11:23 - 2020-04-08 11:23 - 000000840 _____ () C:\Program Files (x86)\INSTALL.LOG
2020-04-08 11:23 - 2014-09-12 13:01 - 000176055 _____ () C:\Program Files (x86)\UninstScript.EXE
2020-12-23 11:55 - 2020-12-23 12:18 - 000013797 _____ () C:\Users\XXX\AppData\Local\WiDiSetupLog.20201223.105508.wdl

==================== FLock ==============================

2020-12-23 14:37 C:\RRbackups

==================== SigCheck ============================

(There is no automatic fix for files that do not pass verification.)


LastRegBack: 2021-09-19 16:22
==================== End of FRST.txt ========================

F7R
Návštěvník
Návštěvník
Příspěvky: 49
Registrován: 17 bře 2016 12:26

Re: Kontrola logů, špatně se mi načítají stránky, některé vůbec,

#8 Příspěvek od F7R »

Additional scan result of Farbar Recovery Scan Tool (x64) Version: 20-09-2021
Ran by XXX (21-09-2021 19:29:45)
Running from C:\Users\XXX\Desktop
Windows 7 Home Premium Service Pack 1 (X64) (2020-02-08 17:15:53)
Boot Mode: Normal
==========================================================


==================== Accounts: =============================


(If an entry is included in the fixlist, it will be removed.)

Administrator (S-1-5-21-555042887-2286466740-3098252512-500 - Administrator - Disabled)
Guest (S-1-5-21-555042887-2286466740-3098252512-501 - Limited - Disabled)
HomeGroupUser$ (S-1-5-21-555042887-2286466740-3098252512-1002 - Limited - Enabled)
UpdatusUser (S-1-5-21-555042887-2286466740-3098252512-1003 - Limited - Enabled) => C:\Users\UpdatusUser
XXX (S-1-5-21-555042887-2286466740-3098252512-1000 - Administrator - Enabled) => C:\Users\XXX

==================== Security Center ========================

(If an entry is included in the fixlist, it will be removed.)

AS: Windows Defender (Enabled - Up to date) {D68DDC3A-831F-4fae-9E44-DA132C1ACF46}

==================== Installed Programs ======================

(Only the adware programs with "Hidden" flag could be added to the fixlist to unhide them. The adware programs should be uninstalled manually.)

AGEIA PhysX v7.07.09 (HKLM-x32\...\{65F1CF63-31E0-450B-96F3-4A88BE7361A6}) (Version: 7.07.09 - AGEIA Technologies, Inc.)
AT&T Service Activation (HKLM-x32\...\{D81486A1-2371-4059-AC70-1AB894AC96E6}) (Version: 1.8.7.0 - AT&T)
BurnAware Free 14.6 (HKLM-x32\...\BurnAware Free_is1) (Version: - Burnaware)
CCleaner (HKLM\...\CCleaner) (Version: 5.14 - Piriform)
CCleaner Update Helper (HKLM-x32\...\{A92DAB39-4E2C-4304-9AB6-BC44E68B55E2}) (Version: 1.7.848.0 - Piriform Software) Hidden
Cisco EAP-FAST Module (HKLM-x32\...\{64BF0187-F3D2-498B-99EA-163AF9AE6EC9}) (Version: 2.2.14 - Cisco Systems, Inc.)
Cisco LEAP Module (HKLM-x32\...\{51C7AD07-C3F6-4635-8E8A-231306D810FE}) (Version: 1.0.19 - Cisco Systems, Inc.)
Cisco PEAP Module (HKLM-x32\...\{ED5776D5-59B4-46B7-AF81-5F2D94D7C640}) (Version: 1.1.6 - Cisco Systems, Inc.)
Conexant 20585 SmartAudio HD (HKLM\...\CNXT_AUDIO_HDA) (Version: 4.95.48.50 - Conexant)
Connect2 (HKLM-x32\...\Connect2_is1) (Version: 4.2.1.3973 - Lenovo)
Defraggler (HKLM\...\Defraggler) (Version: 2.22 - Piriform)
DisplayLink Core Software (HKLM\...\{89AEA34A-171E-4753-B888-C0D410C2CE44}) (Version: 8.0.778.0 - DisplayLink Corp.)
Easy Photo Scan (HKLM-x32\...\{9E3F2EC3-7E4F-4F20-A56F-7A24D6E3D39B}) (Version: 1.00.0017 - Seiko Epson Corporation)
Epson Easy Photo Print 2 (HKLM-x32\...\{7E0261C4-8495-4365-BE48-647701D8B9BD}) (Version: 2.8.3.0 - Seiko Epson Corporation)
Epson Event Manager (HKLM-x32\...\{9F205E94-9E42-4486-A92A-DF3F6CB85444}) (Version: 3.10.0061 - Seiko Epson Corporation)
Epson E-Web Print (HKLM-x32\...\{6BF9F374-EC67-4808-A90C-F127DE6D989D}) (Version: 1.23.0000 - SEIKO EPSON CORPORATION)
Epson Print CD (HKLM-x32\...\{D16A31F9-276D-4968-A753-FFEAC56995D0}) (Version: 2.50.00 - Seiko Epson Corporation)
Epson Printer Connection Checker (HKLM-x32\...\{189DE071-E0BC-4BA5-8E34-83D5ED12600B}) (Version: 3.2.0.0 - Seiko Epson Corporation)
EPSON Scan (HKLM-x32\...\EPSON Scanner) (Version: - Seiko Epson Corporation)
Epson Software Updater (HKLM-x32\...\{28C66F35-69BF-4376-BC80-4D5F4808FF3C}) (Version: 4.6.1 - Seiko Epson Corporation)
EPSON XP-630 Series Printer Uninstall (HKLM\...\EPSON XP-630 Series) (Version: - Seiko Epson Corporation)
EpsonNet Print (HKLM\...\{96ED1D58-440C-4345-8FEE-C4781366C67F}) (Version: 3.1.4.0 - SEIKO EPSON Corporation)
Google Update Helper (HKLM-x32\...\{60EC980A-BDA2-4CB6-A427-B07A5498B4CA}) (Version: 1.3.36.31 - Google LLC) Hidden
Intel(R) Control Center (HKLM-x32\...\{F8A9085D-4C7A-41a9-8A77-C8998A96C421}) (Version: 1.2.1.1007 - Intel Corporation)
Intel(R) Processor Graphics (HKLM-x32\...\{F0E3AD40-2BBD-4360-9C76-B9AC9A5886EA}) (Version: 8.15.10.2401 - Intel Corporation)
Intel® PROSet/Wireless WiMAX Software (HKLM\...\{5F588B19-C575-4750-86FD-6ED2B76E61F1}) (Version: 7.50.0000 - Intel Corporation)
IUWEshare USB Flash Drive Data Recovery 7.9.9.9 (HKLM-x32\...\IUWEshare USB Flash Drive Data Recovery 7.9.9.9_is1) (Version: - IUWEshare)
Lenovo Power Management Driver (HKLM\...\Power Management Driver) (Version: 1.67.12.24 - Lenovo) Hidden
Lenovo USB Graphics (HKLM\...\{933E6021-BC9A-4B18-B6D9-46A5F5FC4115}) (Version: 8.0.835.0 - Lenovo)
LibreOffice 7.0.3.1 (HKLM\...\{3C4801FF-3D7B-4804-877E-3A322C00524C}) (Version: 7.0.3.1 - The Document Foundation)
Maxthon (HKU\S-1-5-21-555042887-2286466740-3098252512-1000\...\Maxthon) (Version: 6.1.2.1000 - The Maxthon Authors)
Microsoft .NET Framework 4.8 (čeština) (HKLM\...\{92FB6C44-E685-45AD-9B20-CADF4CABA132} - 1029) (Version: 4.8.03761 - Microsoft Corporation)
Microsoft .NET Framework 4.8 (HKLM\...\{92FB6C44-E685-45AD-9B20-CADF4CABA132} - 1033) (Version: 4.8.03761 - Microsoft Corporation)
Microsoft Edge (HKLM-x32\...\Microsoft Edge) (Version: 93.0.961.52 - Microsoft Corporation)
Microsoft Visual C++ 2005 Redistributable (HKLM-x32\...\{710f4c1c-cc18-4c49-8cbf-51240c89a1a2}) (Version: 8.0.61001 - Microsoft Corporation)
Microsoft Visual C++ 2005 Redistributable (HKLM-x32\...\{7299052b-02a4-4627-81f2-1818da5d550d}) (Version: 8.0.56336 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729 (HKLM-x32\...\{402ED4A1-8F5B-387A-8688-997ABF58B8F2}) (Version: 9.0.30729 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.17 (HKLM-x32\...\{9A25302D-30C0-39D9-BD6F-21E6EC160475}) (Version: 9.0.30729 - Microsoft Corporation)
Microsoft Visual C++ 2010 x86 Redistributable - 10.0.30319 (HKLM-x32\...\{196BB40D-1578-3D01-B289-BEFC77A11A1E}) (Version: 10.0.30319 - Microsoft Corporation)
Microsoft Visual C++ 2013 Redistributable (x64) - 12.0.40660 (HKLM-x32\...\{ef6b00ec-13e1-4c25-9064-b2f383cb8412}) (Version: 12.0.40660.0 - Microsoft Corporation)
Microsoft Visual C++ 2015-2019 Redistributable (x64) - 14.24.28127 (HKLM-x32\...\{282975d8-55fe-4991-bbbb-06a72581ce58}) (Version: 14.24.28127.4 - Microsoft Corporation)
Mobile Broadband Connect (HKLM-x32\...\{91B7B957-0F45-4BDC-85BA-08F80D49B9BC}) (Version: 3.5.0011 - Lenovo)
NVIDIA Ovladače grafiky 312.69 (HKLM\...\{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_Display.Driver) (Version: 312.69 - NVIDIA Corporation)
PotPlayer (HKLM-x32\...\PotPlayer) (Version: 1.7.16572 - Kakao Corp.)
PowerISO (HKLM-x32\...\PowerISO) (Version: 7.6 - Power Software Ltd)
Příručky společnosti EPSON (HKLM-x32\...\{84CECC1B-21EF-41B1-9A91-3E724E5D99D3}) (Version: 1.57.0.0 - Seiko Epson Corporation)
Qualcomm Gobi 2000 Package for Lenovo (HKLM-x32\...\{666C9123-1AEC-446F-8AA8-28256B1953D4}) (Version: 1.1.250 - QUALCOMM)
Revo Uninstaller 2.1.7 (HKLM\...\{A28DBDA2-3CC7-4ADC-8BFE-66D7743C6C97}_is1) (Version: 2.1.7 - VS Revo Group, Ltd.)
Samsung USB Driver for Mobile Phones (HKLM\...\{D0795B21-0CDA-4a92-AB9E-6E92D8111E44}) (Version: 1.7.28.0 - Samsung Electronics Co., Ltd.)
SumatraPDF (HKLM\...\SumatraPDF) (Version: 3.1.2 - Krzysztof Kowalczyk)
TeamViewer (HKLM-x32\...\TeamViewer) (Version: 15.21.8 - TeamViewer)
ThinkPad UltraNav Driver (HKLM\...\SynTPDeinstKey) (Version: 16.2.19.14 - )
ThinkPad UltraNav Utility (HKLM-x32\...\{17CBC505-D1AE-459D-B445-3D2000A85842}) (Version: 2.13.0 - Lenovo)
ThinkPad Wireless LAN Adapter Software (HKLM-x32\...\{9D3D2C60-A55F-4fed-B2B9-17394396DF01}) (Version: 1.00.0029.8 - REALTEK Semiconductor Corp.)
USB Enhanced Performance Keyboard (HKLM\...\{989DC5D9-A776-430D-9E16-D36E5B81CD86}) (Version: 2.0.2.2 - Lenovo)
Verizon Wireless Mobile Broadband Self Activation (HKLM-x32\...\{C64A877E-DF8D-4017-AA82-000A77C6D809}) (Version: 3.1.4 - Smith Micro Software, Inc.)
Windows Driver Package - Broadcom (BTHUSB) Bluetooth (04/08/2010 6.3.5.430) (HKLM\...\DE7217D2A8B057F15EC6E52329FDAB84231521E8) (Version: 04/08/2010 6.3.5.430 - Broadcom)
Windows Driver Package - Broadcom HIDClass (07/28/2009 6.2.0.9800) (HKLM\...\3BA80AB4C7E9F8497C115C844953A3D4BEB84D21) (Version: 07/28/2009 6.2.0.9800 - Broadcom)
WinRAR 5.80 (64-bit) (HKLM\...\WinRAR archiver) (Version: 5.80.0 - win.rar GmbH)
Zoom (HKU\S-1-5-21-555042887-2286466740-3098252512-1000\...\ZoomUMX) (Version: 5.5.2 (12494.0204) - Zoom Video Communications, Inc.)

==================== Custom CLSID (Whitelisted): ==============

(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)

CustomCLSID: HKU\S-1-5-21-555042887-2286466740-3098252512-1000_Classes\CLSID\{635EFA6F-08D6-4EC9-BD14-8A0FDE975159}\localserver32 -> C:\Users\XXX\AppData\Local\Maxthon\Application\6.1.2.1000\notification_helper.exe (Maxthon Technology Co, Ltd. -> Maxthon Ltd.)
ContextMenuHandlers1: [DefragglerShellExtension] -> {4380C993-0C43-4E02-9A7A-0D40B6EA7590} => C:\Program Files\Defraggler\DefragglerShell64.dll [2018-05-02] (Piriform Ltd -> Piriform Ltd)
ContextMenuHandlers1: [PowerISO] -> {967B2D40-8B7D-4127-9049-61EA0C2C6DCE} => C:\Program Files\PowerISO\PWRISOSH.DLL [2020-02-09] (Power Software Limited -> Power Software Ltd)
ContextMenuHandlers1: [WinRAR] -> {B41DB860-64E4-11D2-9906-E49FADC173CA} => C:\Program Files\WinRAR\rarext.dll [2019-12-05] (win.rar GmbH -> Alexander Roshal)
ContextMenuHandlers1-x32: [WinRAR32] -> {B41DB860-8EE4-11D2-9906-E49FADC173CA} => C:\Program Files\WinRAR\rarext32.dll [2019-12-05] (win.rar GmbH -> Alexander Roshal)
ContextMenuHandlers4: [PowerISO] -> {967B2D40-8B7D-4127-9049-61EA0C2C6DCE} => C:\Program Files\PowerISO\PWRISOSH.DLL [2020-02-09] (Power Software Limited -> Power Software Ltd)
ContextMenuHandlers5: [igfxcui] -> {3AB1675A-CCFF-11D2-8B20-00A0C93CB1F4} => C:\Windows\system32\igfxpph.dll [2011-05-21] (Microsoft Windows Hardware Compatibility Publisher -> Intel Corporation)
ContextMenuHandlers5: [NvCplDesktopContext] -> {3D1975AF-48C6-4f8e-A182-BE0E08FA86A9} => C:\Windows\system32\nvshext.dll [2013-10-29] (NVIDIA Corporation -> NVIDIA Corporation)
ContextMenuHandlers6: [DefragglerShellExtension] -> {4380C993-0C43-4E02-9A7A-0D40B6EA7590} => C:\Program Files\Defraggler\DefragglerShell64.dll [2018-05-02] (Piriform Ltd -> Piriform Ltd)
ContextMenuHandlers6: [PowerISO] -> {967B2D40-8B7D-4127-9049-61EA0C2C6DCE} => C:\Program Files\PowerISO\PWRISOSH.DLL [2020-02-09] (Power Software Limited -> Power Software Ltd)
ContextMenuHandlers6: [WinRAR] -> {B41DB860-64E4-11D2-9906-E49FADC173CA} => C:\Program Files\WinRAR\rarext.dll [2019-12-05] (win.rar GmbH -> Alexander Roshal)
ContextMenuHandlers6-x32: [WinRAR32] -> {B41DB860-8EE4-11D2-9906-E49FADC173CA} => C:\Program Files\WinRAR\rarext32.dll [2019-12-05] (win.rar GmbH -> Alexander Roshal)

==================== Codecs (Whitelisted) ====================

(If an entry is included in the fixlist, the registry item will be restored to default or removed. The file will not be moved.)

HKLM\...\Drivers32-x32: [vidc.XVID] => xvidvfw.dll
HKLM\...\Drivers32-x32: [VIDC.VP80] => vp8vfw.dll

==================== Shortcuts & WMI ========================

(The entries could be listed to be restored or removed.)

ShortcutWithArgument: C:\Users\XXX\AppData\Roaming\Microsoft\Internet Explorer\Quick Launch\User Pinned\ImplicitAppShortcuts\188f5ec9d11ded56\Microsoft Edge.lnk -> C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe (Microsoft Corporation) -> --profile-directory="Profile 1"

==================== Loaded Modules (Whitelisted) =============

2016-01-15 22:44 - 2016-01-15 22:44 - 000047616 _____ () [File not signed] C:\Program Files\CCleaner\lang\lang-1029.dll
2015-02-25 15:36 - 2015-02-25 15:36 - 000058880 _____ (LITE-ON Corp.) [File not signed] C:\Program Files\Lenovo\USB Enhanced Performance Keyboard\skhooks.dll
2014-08-15 16:25 - 2014-08-15 16:25 - 000057856 _____ (LITE-ON TECHNOLOGY CORP.) [File not signed] C:\Program Files\Lenovo\USB Enhanced Performance Keyboard\SKHidKbd.dll
2006-12-05 15:40 - 2006-12-05 15:40 - 000059904 _____ (LITE-ON TECHNOLOGY CORP.) [File not signed] C:\Program Files\Lenovo\USB Enhanced Performance Keyboard\skosd.dll
2008-10-22 16:20 - 2008-10-22 16:20 - 000138240 _____ (LITE-ON TECHNOLOGY CORP.) [File not signed] C:\Program Files\Lenovo\USB Enhanced Performance Keyboard\SKUtil.DLL
2015-12-17 12:11 - 2015-12-17 12:11 - 000132096 _____ (Seiko Epson Corporation) [File not signed] C:\Program Files (x86)\EPSON Software\Event Manager\epnsm.dll
2009-10-21 18:39 - 2009-10-21 18:39 - 000291328 _____ (SEIKO EPSON CORPORATION) [File not signed] C:\Program Files (x86)\EPSON Software\Event Manager\LcMgr.dll
2016-09-14 15:31 - 2016-09-14 15:31 - 000500736 ____S (SEIKO EPSON CORPORATION) [File not signed] C:\Windows\System32\enppmon.dll

==================== Alternate Data Streams (Whitelisted) ========

==================== Safe Mode (Whitelisted) ==================

==================== Association (Whitelisted) =================

==================== Internet Explorer (Version 11) (Whitelisted) ==========

BHO: Easy Photo Print -> {9421DD08-935F-4701-A9CA-22DF90AC4EA6} -> C:\Program Files (x86)\Epson Software\Easy Photo Print\EPTBL.dll [2015-07-31] (SEIKO EPSON CORPORATION -> Seiko Epson Corporation)
BHO-x32: E-Web Print -> {201CF130-E29C-4E5C-A73F-CD197DEFA6AE} -> C:\Program Files (x86)\Epson Software\E-Web Print\ewps_tb.dll [2014-11-27] (SEIKO EPSON CORPORATION -> SEIKO EPSON CORPORATION)
Toolbar: HKLM - Easy Photo Print - {9421DD08-935F-4701-A9CA-22DF90AC4EA6} - C:\Program Files (x86)\Epson Software\Easy Photo Print\EPTBL.dll [2015-07-31] (SEIKO EPSON CORPORATION -> Seiko Epson Corporation)
Toolbar: HKLM-x32 - E-Web Print - {201CF130-E29C-4E5C-A73F-CD197DEFA6AE} - C:\Program Files (x86)\Epson Software\E-Web Print\ewps_tb.dll [2014-11-27] (SEIKO EPSON CORPORATION -> SEIKO EPSON CORPORATION)

(If an entry is included in the fixlist, it will be removed from the registry.)

IE trusted site: HKU\.DEFAULT\...\localhost -> localhost
IE trusted site: HKU\S-1-5-21-555042887-2286466740-3098252512-1000\...\localhost -> localhost

==================== Hosts content: =========================

(If needed Hosts: directive could be included in the fixlist to reset Hosts.)

2009-07-14 04:34 - 2009-06-10 23:00 - 000000824 _____ C:\Windows\system32\drivers\etc\hosts

==================== Other Areas ===========================

(Currently there is no automatic fix for this section.)

HKU\S-1-5-21-555042887-2286466740-3098252512-1000\Control Panel\Desktop\\Wallpaper -> C:\Users\XXX\AppData\Roaming\Microsoft\Windows\Themes\TranscodedWallpaper.jpg
DNS Servers: 192.168.0.1
HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Policies\System => (ConsentPromptBehaviorAdmin: 5) (ConsentPromptBehaviorUser: 3) (EnableLUA: 1)
Windows Firewall is enabled.

==================== MSCONFIG/TASK MANAGER disabled items ==

==================== FirewallRules (Whitelisted) ================

(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)

FirewallRules: [{32FB940B-CD78-4151-A1E9-3C6E857E3869}] => (Allow) C:\Program Files (x86)\Maxthon5\Bin\Maxthon.exe => No File
FirewallRules: [{DDB3BA3A-96B2-45F2-BB14-D82DFF716694}] => (Allow) C:\Program Files (x86)\Maxthon5\Bin\Maxthon.exe => No File
FirewallRules: [{7D67F62F-2BA0-4FF9-80AE-D326D4BE690C}] => (Allow) C:\Program Files (x86)\Epson Software\Event Manager\EEventManager.exe (SEIKO EPSON CORPORATION -> SEIKO EPSON CORPORATION)
FirewallRules: [{6926BE57-48E6-49FA-A296-335F146D96DF}] => (Allow) C:\Program Files (x86)\Epson Software\Event Manager\EEventManager.exe (SEIKO EPSON CORPORATION -> SEIKO EPSON CORPORATION)
FirewallRules: [{7DFE09C3-6864-495A-A3EF-77D3A2DB763D}] => (Allow) C:\Program Files (x86)\Lenovo\Connect2\Connect2.exe (Lenovo -> Lenovo)
FirewallRules: [{86A09A9A-60A6-462E-A762-49AED13893D5}] => (Allow) C:\Program Files (x86)\Lenovo\Connect2\Connect2.exe (Lenovo -> Lenovo)
FirewallRules: [{284C3D9C-4A25-4A13-A982-3B2198FC8D58}] => (Allow) C:\Program Files (x86)\Lenovo\Connect2\Connect2.exe (Lenovo -> Lenovo)
FirewallRules: [{13927131-E4F9-41C2-93DD-04950FEB769C}] => (Allow) C:\Users\XXX\AppData\Roaming\Zoom\bin\Zoom.exe (Zoom Video Communications, Inc. -> Zoom Video Communications, Inc.)
FirewallRules: [{871ED391-5A71-48B8-9B9E-2B98A6CC8FBB}] => (Allow) C:\Program Files (x86)\TeamViewer\TeamViewer.exe (TeamViewer Germany GmbH -> TeamViewer Germany GmbH)
FirewallRules: [{00E9DC41-460F-4024-989A-11D109BB2856}] => (Allow) C:\Program Files (x86)\TeamViewer\TeamViewer.exe (TeamViewer Germany GmbH -> TeamViewer Germany GmbH)
FirewallRules: [{9E40D386-7F7B-448B-B81C-AD814D2E733B}] => (Allow) C:\Program Files (x86)\TeamViewer\TeamViewer_Service.exe (TeamViewer Germany GmbH -> TeamViewer Germany GmbH)
FirewallRules: [{8A7F456D-4E01-468F-851A-74EF3684B5D3}] => (Allow) C:\Program Files (x86)\TeamViewer\TeamViewer_Service.exe (TeamViewer Germany GmbH -> TeamViewer Germany GmbH)
FirewallRules: [TCP Query User{3BEA038D-1B59-40E9-B551-25B5EC161D11}C:\users\xxx\appdata\roaming\utorrent\utorrent.exe] => (Allow) C:\users\xxx\appdata\roaming\utorrent\utorrent.exe (uTorrent.CZ -> BitTorrent, Inc.) [File not signed]
FirewallRules: [UDP Query User{76BE50F8-1CA5-43B6-BCC6-C17D70467229}C:\users\xxx\appdata\roaming\utorrent\utorrent.exe] => (Allow) C:\users\xxx\appdata\roaming\utorrent\utorrent.exe (uTorrent.CZ -> BitTorrent, Inc.) [File not signed]
FirewallRules: [{CBB7380F-9FEC-424E-9164-8F9522F4C7E1}] => (Allow) C:\Program Files (x86)\TeamViewer\TeamViewer.exe (TeamViewer Germany GmbH -> TeamViewer Germany GmbH)
FirewallRules: [{ADC17498-BC38-4EBE-B66C-64F047C35FD2}] => (Allow) C:\Program Files (x86)\TeamViewer\TeamViewer.exe (TeamViewer Germany GmbH -> TeamViewer Germany GmbH)
FirewallRules: [{6CEF79BF-0736-446B-8F26-DE16769CCF0E}] => (Allow) C:\Program Files (x86)\TeamViewer\TeamViewer_Service.exe (TeamViewer Germany GmbH -> TeamViewer Germany GmbH)
FirewallRules: [{BF6FAF57-AC1C-408F-9001-6BF71500492A}] => (Allow) C:\Program Files (x86)\TeamViewer\TeamViewer_Service.exe (TeamViewer Germany GmbH -> TeamViewer Germany GmbH)
FirewallRules: [{F61E3A6F-ACB2-4B20-8C5E-5D54B2DF1376}] => (Allow) C:\Users\XXX\AppData\Local\Maxthon\Application\Maxthon.exe (Maxthon Technology Co, Ltd. -> Maxthon Ltd.)
FirewallRules: [{71BA67F0-E50F-4CD5-BB0E-CEC2C1DB2FA2}] => (Allow) C:\Users\XXX\AppData\Local\Maxthon\Application\Maxthon.exe (Maxthon Technology Co, Ltd. -> Maxthon Ltd.)
FirewallRules: [{10DC4035-8F5D-447A-973D-4F7964259756}] => (Allow) C:\Users\XXX\AppData\Local\Maxthon\Application\Maxthon.exe (Maxthon Technology Co, Ltd. -> Maxthon Ltd.)
FirewallRules: [{69C00D4E-C50E-4D13-A252-B662624C36E5}] => (Allow) C:\Users\XXX\AppData\Local\Maxthon\Application\Maxthon.exe (Maxthon Technology Co, Ltd. -> Maxthon Ltd.)

==================== Restore Points =========================

14-09-2021 15:38:44 Naplánovaný kontrolní bod
15-09-2021 15:28:45 Windows Update
19-09-2021 08:43:24 Windows Update
21-09-2021 14:25:47 Revo Uninstaller's restore point - MX5
21-09-2021 17:14:20 Revo Uninstaller's restore point - Google Chrome
21-09-2021 18:04:02 AdwCleaner_BeforeCleaning_21/09/2021_18:04:02

==================== Faulty Device Manager Devices ============


==================== Event log errors: ========================

Application errors:
==================
Error: (09/21/2021 06:11:19 PM) (Source: Microsoft-Windows-EapHost) (EventID: 2002) (User: NT AUTHORITY)
Description: Přeskočení: Ověření Eap method DLL path name se nezdařilo. Chyba: ID typu=23, ID autora=8086, ID dodavatele=0, typ dodavatele=0

Error: (09/21/2021 06:11:19 PM) (Source: Microsoft-Windows-EapHost) (EventID: 2002) (User: NT AUTHORITY)
Description: Přeskočení: Ověření Eap method DLL path name se nezdařilo. Chyba: ID typu=21, ID autora=8086, ID dodavatele=0, typ dodavatele=0

Error: (09/21/2021 06:11:19 PM) (Source: Microsoft-Windows-EapHost) (EventID: 2002) (User: NT AUTHORITY)
Description: Přeskočení: Ověření Eap method DLL path name se nezdařilo. Chyba: ID typu=18, ID autora=8086, ID dodavatele=0, typ dodavatele=0

Error: (09/21/2021 05:14:20 PM) (Source: VSS) (EventID: 8194) (User: )
Description: Chyba služby Stínová kopie svazků: Při dotazu na rozhraní IVssWriterCallback došlo k neočekávané chybě. hr = 0x80070005, Přístup byl odepřen.
.
To je často způsobeno nesprávným nastavením zabezpečení v modulu pro zápis nebo žadateli.


Operace:
Shromažďování dat modulu pro zápis

Kontext:
ID třídy modulu pro zápis: {e8132975-6f93-4464-a53e-1050253ae220}
Název modulu pro zápis: System Writer
ID instance modulu pro zápis: {de77b411-4f17-4f57-abb6-aa2c42d93fb6}

Error: (09/21/2021 04:35:33 PM) (Source: Microsoft-Windows-EapHost) (EventID: 2002) (User: NT AUTHORITY)
Description: Přeskočení: Ověření Eap method DLL path name se nezdařilo. Chyba: ID typu=23, ID autora=8086, ID dodavatele=0, typ dodavatele=0

Error: (09/21/2021 04:35:33 PM) (Source: Microsoft-Windows-EapHost) (EventID: 2002) (User: NT AUTHORITY)
Description: Přeskočení: Ověření Eap method DLL path name se nezdařilo. Chyba: ID typu=21, ID autora=8086, ID dodavatele=0, typ dodavatele=0

Error: (09/21/2021 04:35:33 PM) (Source: Microsoft-Windows-EapHost) (EventID: 2002) (User: NT AUTHORITY)
Description: Přeskočení: Ověření Eap method DLL path name se nezdařilo. Chyba: ID typu=18, ID autora=8086, ID dodavatele=0, typ dodavatele=0

Error: (09/21/2021 04:01:29 PM) (Source: Microsoft-Windows-EapHost) (EventID: 2002) (User: NT AUTHORITY)
Description: Přeskočení: Ověření Eap method DLL path name se nezdařilo. Chyba: ID typu=23, ID autora=8086, ID dodavatele=0, typ dodavatele=0


System errors:
=============
Error: (09/21/2021 06:11:34 PM) (Source: Service Control Manager) (EventID: 7000) (User: )
Description: Služba EpsonCustomerResearchParticipation neuspěla při spuštění v důsledku následující chyby:
Systém nemůže nalézt uvedený soubor.

Error: (09/21/2021 06:11:34 PM) (Source: Service Control Manager) (EventID: 7000) (User: )
Description: Služba DCIService neuspěla při spuštění v důsledku následující chyby:
Systém nemůže nalézt uvedený soubor.

Error: (09/21/2021 06:04:12 PM) (Source: Service Control Manager) (EventID: 7031) (User: )
Description: Služba Služba Windows Media Player Network Sharing byla nečekaně ukončena. Stalo se to 1 krát. Následující opravná akce bude spuštěna za 30000 milisekund: Restartovat službu.

Error: (09/21/2021 06:04:12 PM) (Source: Service Control Manager) (EventID: 7031) (User: )
Description: Služba Instalační služba modulů systému Windows byla nečekaně ukončena. Stalo se to 1 krát. Následující opravná akce bude spuštěna za 120000 milisekund: Restartovat službu.

Error: (09/21/2021 06:04:12 PM) (Source: Service Control Manager) (EventID: 7034) (User: )
Description: Služba SAMSUNG Mobile Connectivity Service byla neočekávaně ukončena. Tento stav nastal již 1krát.

Error: (09/21/2021 06:04:12 PM) (Source: Service Control Manager) (EventID: 7034) (User: )
Description: Služba Qualcomm Gobi 2000 Download Service (Lenovo) byla neočekávaně ukončena. Tento stav nastal již 1krát.

Error: (09/21/2021 06:04:12 PM) (Source: Service Control Manager) (EventID: 7031) (User: )
Description: Služba DisplayLinkManager byla nečekaně ukončena. Stalo se to 1 krát. Následující opravná akce bude spuštěna za 1000 milisekund: Restartovat službu.

Error: (09/21/2021 06:04:12 PM) (Source: Service Control Manager) (EventID: 7034) (User: )
Description: Služba EpsonCustomerResearchParticipation byla neočekávaně ukončena. Tento stav nastal již 1krát.


Windows Defender:
================
Date: 2021-04-26 09:38:50.500
Description:
Prohledávání Windows Defender bylo zastaveno před dokončením.
ID prohledávání:{A0077DBA-7632-4B8B-AE90-ECCE7E5F0E3E}
Typ prohledávání:Antispywarový program
Parametry prohledávání:Rychlé prohledávání
Uživatel:NT AUTHORITY\NETWORK SERVICE

Date: 2020-07-08 13:46:11.190
Description:
Prohledávání Windows Defender bylo zastaveno před dokončením.
ID prohledávání:{BC9E8BC5-61A9-4A91-959B-3899005B7795}
Typ prohledávání:Antispywarový program
Parametry prohledávání:Rychlé prohledávání
Uživatel:NT AUTHORITY\NETWORK SERVICE

Date: 2020-02-24 21:21:02.063
Description:
Prohledávání Windows Defender bylo zastaveno před dokončením.
ID prohledávání:{D1E1630B-ED6F-4590-BF61-76DFED615DED}
Typ prohledávání:Antispywarový program
Parametry prohledávání:Rychlé prohledávání
Uživatel:XXX-PC\XXX

Date: 2021-06-30 14:11:50.934
Description:
Program Windows Defender zjistil chybu při pokusu o aktualizaci.
Nová verze podpisu:1.343.25.0
Předchozí verze podpisu:1.341.1435.0
Zdroj aktualizace:Složka aktualizace podpisů
Typ podpisu:Antispywarový program
Typ aktualizace:Delta
Uživatel:NT AUTHORITY\SYSTEM
Aktuální verze modulu:1.1.18300.4
Předchozí verze modulu:1.1.18200.4
Kód chyby:0x80070666
Popis chyby:Již je nainstalována jiná verze tohoto produktu. Instalaci této verze nelze dokončit. Chcete-li znovu nakonfigurovat nebo odebrat existující verzi produktu, použijte ovládací panel Přidat nebo odebrat programy.

Date: 2021-06-30 14:11:50.934
Description:
Program Windows Defender zjistil chybu při pokusu o aktualizaci modulu
Nová verze modulu:1.1.18300.4
Předchozí verze modulu:1.1.18200.4
Zdroj aktualizace:Složka aktualizace podpisů
Uživatel:NT AUTHORITY\SYSTEM
Kód chyby:0x80070666
Popis chyby:Již je nainstalována jiná verze tohoto produktu. Instalaci této verze nelze dokončit. Chcete-li znovu nakonfigurovat nebo odebrat existující verzi produktu, použijte ovládací panel Přidat nebo odebrat programy.

Date: 2021-06-29 17:26:17.228
Description:
Program Windows Defender zjistil chybu při pokusu o aktualizaci.
Nová verze podpisu:1.343.25.0
Předchozí verze podpisu:1.341.1435.0
Zdroj aktualizace:Složka aktualizace podpisů
Typ podpisu:Antispywarový program
Typ aktualizace:Delta
Uživatel:NT AUTHORITY\SYSTEM
Aktuální verze modulu:1.1.18300.4
Předchozí verze modulu:1.1.18200.4
Kód chyby:0x80070666
Popis chyby:Již je nainstalována jiná verze tohoto produktu. Instalaci této verze nelze dokončit. Chcete-li znovu nakonfigurovat nebo odebrat existující verzi produktu, použijte ovládací panel Přidat nebo odebrat programy.

Date: 2021-06-29 17:26:17.227
Description:
Program Windows Defender zjistil chybu při pokusu o aktualizaci modulu
Nová verze modulu:1.1.18300.4
Předchozí verze modulu:1.1.18200.4
Zdroj aktualizace:Složka aktualizace podpisů
Uživatel:NT AUTHORITY\SYSTEM
Kód chyby:0x80070666
Popis chyby:Již je nainstalována jiná verze tohoto produktu. Instalaci této verze nelze dokončit. Chcete-li znovu nakonfigurovat nebo odebrat existující verzi produktu, použijte ovládací panel Přidat nebo odebrat programy.

Date: 2021-06-29 17:20:40.239
Description:
Program Windows Defender zjistil chybu při pokusu o aktualizaci.
Nová verze podpisu:1.343.25.0
Předchozí verze podpisu:1.341.1435.0
Zdroj aktualizace:Složka aktualizace podpisů
Typ podpisu:Antispywarový program
Typ aktualizace:Delta
Uživatel:NT AUTHORITY\SYSTEM
Aktuální verze modulu:1.1.18300.4
Předchozí verze modulu:1.1.18200.4
Kód chyby:0x80070666
Popis chyby:Již je nainstalována jiná verze tohoto produktu. Instalaci této verze nelze dokončit. Chcete-li znovu nakonfigurovat nebo odebrat existující verzi produktu, použijte ovládací panel Přidat nebo odebrat programy.

==================== Memory info ===========================

BIOS: LENOVO 6MET81WW (1.41 ) 10/26/2010
Motherboard: LENOVO 4384FV7
Processor: Intel(R) Core(TM) i5 CPU M 520 @ 2.40GHz
Percentage of memory in use: 55%
Total physical RAM: 5939.67 MB
Available physical RAM: 2672.59 MB
Total Virtual: 11877.49 MB
Available Virtual: 8288.91 MB

==================== Drives ================================

Drive c: () (Fixed) (Total:295.98 GB) (Free:86.27 GB) NTFS
Drive d: (HP_TOOLS) (Fixed) (Total:2 GB) (Free:1.64 GB) NTFS

\\?\Volume{e4a7b4c5-4a95-11ea-ad6d-806e6f6e6963}\ (Rezervováno systémem) (Fixed) (Total:0.1 GB) (Free:0.07 GB) NTFS

==================== MBR & Partition Table ====================

==========================================================
Disk: 0 (Size: 298.1 GB) (Disk ID: 6479A2B6)
Partition 1: (Active) - (Size=100 MB) - (Type=07 NTFS)
Partition 2: (Not Active) - (Size=296 GB) - (Type=07 NTFS)
Partition 3: (Not Active) - (Size=2 GB) - (Type=07 NTFS)

==================== End of Addition.txt =======================

F7R
Návštěvník
Návštěvník
Příspěvky: 49
Registrován: 17 bře 2016 12:26

Re: Kontrola logů, špatně se mi načítají stránky, některé vůbec,

#9 Příspěvek od F7R »

Můžu nějak smazat tohle?

C:\Users\XXX\AppData\Local\Temp\7zS806E4871\GenericSetup.exe -d C:\Users\XXX\AppData\Local\Temp\7zS806E4871 -c C:\Users\XXX\AppData\Local\Temp\7zS806E4871\GenericSetup.exe hhwnd=9832342 hasync hthankyoupage="http://www.gomlab.com/gom/installThanks ... r&lang=eng" title="GOM Player Setup" -> -a C:\Users\XXX\AppData\Local\Temp\7zS806E4871\GenericSetup.exe -d C:\Users\XXX\AppData\Local\Temp\7zS806E4871 -c C:\Users\XXX\AppData\Local\Temp\7zS806E4871\GenericSetup.exe hhwnd=9832342 hasync hthankyoupage="hxxp://www.gomlab.com/gom/installThanks.gom?pr ... r&lang=eng" title="GOM Player (the data entry has 7 more characters). <==== ATTENTION

Uživatelský avatar
Rudy
Site Admin
Site Admin
Příspěvky: 118191
Registrován: 30 říj 2003 13:42
Bydliště: Plzeň
Kontaktovat uživatele:

Re: Kontrola logů, špatně se mi načítají stránky, některé vůbec,

#10 Příspěvek od Rudy »

Zkusíme. Otevřte poznámkový blok a zkopírujte do něj:
Start

CloseProcesses:
FirewallRules: [{32FB940B-CD78-4151-A1E9-3C6E857E3869}] => (Allow) C:\Program Files (x86)\Maxthon5\Bin\Maxthon.exe => No File
FirewallRules: [{DDB3BA3A-96B2-45F2-BB14-D82DFF716694}] => (Allow) C:\Program Files (x86)\Maxthon5\Bin\Maxthon.exe => No File
HKLM-x32\...\Run: [] => [X]
Task: {5B3FAEDE-8B3A-4273-AAEE-2B1C331B9CCB} - System32\Tasks\{34A296ED-6081-4403-A8B5-F7E8F256225C} => C:\Windows\system32\pcalua.exe -a C:\Users\XXX\AppData\Local\Temp\7zS806E4871\GenericSetup.exe -d C:\Users\XXX\AppData\Local\Temp\7zS806E4871 -c C:\Users\XXX\AppData\Local\Temp\7zS806E4871\GenericSetup.exe hhwnd=9832342 hasync hthankyoupage="http://www.gomlab.com/gom/installThanks ... r&lang=eng" title="GOM Player Setup" -> -a C:\Users\XXX\AppData\Local\Temp\7zS806E4871\GenericSetup.exe -d C:\Users\XXX\AppData\Local\Temp\7zS806E4871 -c C:\Users\XXX\AppData\Local\Temp\7zS806E4871\GenericSetup.exe hhwnd=9832342 hasync hthankyoupage="hxxp://www.gomlab.com/gom/installThanks.gom?pr ... r&lang=eng" title="GOM Player (the data entry has 7 more characters). <==== ATTENTION
FF Plugin: @microsoft.com/GENUINE -> disabled [No File]
FF Plugin-x32: @microsoft.com/GENUINE -> disabled [No File]
FF Plugin-x32: @update.ccleanerbrowser.com/CCleaner Browser;version=3 -> C:\Program Files (x86)\CCleaner Browser\Update\1.7.848.0\npCCleanerBrowserUpdate3.dll [No File]
FF Plugin-x32: @update.ccleanerbrowser.com/CCleaner Browser;version=9 -> C:\Program Files (x86)\CCleaner Browser\Update\1.7.848.0\npCCleanerBrowserUpdate3.dll [No File]

EmptyTemp:
End
Uložte na plochu jako fixlist.txt. Spusťte znovu FRST a klikněte na >Fix<. Po skončení akce se objeví log, který sem zkopírujte.
Dotazy a logy vkládejte pouze do vašich threadů. Soukromé zprávy, icq a e-maily neslouží k řešení vašich problémů.

Podpořte, prosím, naše fórum : https://platba.viry.cz/payment/.

Navštivte: Obrázek

e-mail: rudy(zavináč)forum.viry.cz

Varování:
Před odvirováním PC si udělejte zálohy svých důležitých dat (pošta, kontakty, dokumenty, fotografie, videa, hudba apod.). Virus mimo svých "viditelných" aktivit může poškodit systém!


Po dořešení vašeho problému bude vlákno zamknuto. Stejně tak tehdy, pokud bude nečinné více než 14dnů. Pokud budete chtít vlákno aktivovat, napište mi na mail uvedený výše.

F7R
Návštěvník
Návštěvník
Příspěvky: 49
Registrován: 17 bře 2016 12:26

Re: Kontrola logů, špatně se mi načítají stránky, některé vůbec,

#11 Příspěvek od F7R »

Fix result of Farbar Recovery Scan Tool (x64) Version: 20-09-2021
Ran by XXX (21-09-2021 20:04:52) Run:1
Running from C:\Users\XXX\Desktop
Loaded Profiles: XXX & UpdatusUser
Boot Mode: Normal
==============================================

fixlist content:
*****************
Start

CloseProcesses:
FirewallRules: [{32FB940B-CD78-4151-A1E9-3C6E857E3869}] => (Allow) C:\Program Files (x86)\Maxthon5\Bin\Maxthon.exe => No File
FirewallRules: [{DDB3BA3A-96B2-45F2-BB14-D82DFF716694}] => (Allow) C:\Program Files (x86)\Maxthon5\Bin\Maxthon.exe => No File
HKLM-x32\...\Run: [] => [X]
Task: {5B3FAEDE-8B3A-4273-AAEE-2B1C331B9CCB} - System32\Tasks\{34A296ED-6081-4403-A8B5-F7E8F256225C} => C:\Windows\system32\pcalua.exe -a C:\Users\XXX\AppData\Local\Temp\7zS806E4871\GenericSetup.exe -d C:\Users\XXX\AppData\Local\Temp\7zS806E4871 -c C:\Users\XXX\AppData\Local\Temp\7zS806E4871\GenericSetup.exe hhwnd=9832342 hasync hthankyoupage="http://www.gomlab.com/gom/installThanks ... r&lang=eng" title="GOM Player Setup" -> -a C:\Users\XXX\AppData\Local\Temp\7zS806E4871\GenericSetup.exe -d C:\Users\XXX\AppData\Local\Temp\7zS806E4871 -c C:\Users\XXX\AppData\Local\Temp\7zS806E4871\GenericSetup.exe hhwnd=9832342 hasync hthankyoupage="hxxp://www.gomlab.com/gom/installThanks.gom?pr ... r&lang=eng" title="GOM Player (the data entry has 7 more characters). <==== ATTENTION
FF Plugin: @microsoft.com/GENUINE -> disabled [No File]
FF Plugin-x32: @microsoft.com/GENUINE -> disabled [No File]
FF Plugin-x32: @update.ccleanerbrowser.com/CCleaner Browser;version=3 -> C:\Program Files (x86)\CCleaner Browser\Update\1.7.848.0\npCCleanerBrowserUpdate3.dll [No File]
FF Plugin-x32: @update.ccleanerbrowser.com/CCleaner Browser;version=9 -> C:\Program Files (x86)\CCleaner Browser\Update\1.7.848.0\npCCleanerBrowserUpdate3.dll [No File]

EmptyTemp:
End
*****************

Processes closed successfully.
"HKLM\SYSTEM\CurrentControlSet\services\SharedAccess\Parameters\FirewallPolicy\FirewallRules\\{32FB940B-CD78-4151-A1E9-3C6E857E3869}" => removed successfully
"HKLM\SYSTEM\CurrentControlSet\services\SharedAccess\Parameters\FirewallPolicy\FirewallRules\\{DDB3BA3A-96B2-45F2-BB14-D82DFF716694}" => removed successfully
"HKLM\Software\WOW6432Node\Microsoft\Windows\CurrentVersion\Run\\" => removed successfully
"HKLM\Software\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Plain\{5B3FAEDE-8B3A-4273-AAEE-2B1C331B9CCB}" => removed successfully
"HKLM\Software\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tasks\{5B3FAEDE-8B3A-4273-AAEE-2B1C331B9CCB}" => removed successfully
C:\Windows\System32\Tasks\{34A296ED-6081-4403-A8B5-F7E8F256225C} => moved successfully
"HKLM\Software\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tree\{34A296ED-6081-4403-A8B5-F7E8F256225C}" => removed successfully
HKLM\Software\MozillaPlugins\@microsoft.com/GENUINE => removed successfully
HKLM\Software\Wow6432Node\MozillaPlugins\@microsoft.com/GENUINE => removed successfully
HKLM\Software\Wow6432Node\MozillaPlugins\@update.ccleanerbrowser.com/CCleaner Browser;version=3 => removed successfully
HKLM\Software\Wow6432Node\MozillaPlugins\@update.ccleanerbrowser.com/CCleaner Browser;version=9 => removed successfully

=========== EmptyTemp: ==========

BITS transfer queue => 8388608 B
DOMStore, IE Recovery, AppCache, Feeds Cache, Thumbcache, IconCache => 23642674 B
Java, Flash, Steam htmlcache => 0 B
Windows/system/drivers => 562625 B
Edge => 0 B
Firefox => 0 B
Opera => 0 B

Temp, IE cache, history, cookies, recent:
Default => 0 B
Public => 0 B
ProgramData => 0 B
systemprofile => 58558406 B
systemprofile32 => 58649373 B
LocalService => 58715601 B
NetworkService => 58781829 B
XXX => 335888577 B
UpdatusUser => 335888577 B

RecycleBin => 30938577 B
EmptyTemp: => 925.1 MB temporary data Removed.

================================


The system needed a reboot.

==== End of Fixlog 20:05:26 ====

Uživatelský avatar
Rudy
Site Admin
Site Admin
Příspěvky: 118191
Registrován: 30 říj 2003 13:42
Bydliště: Plzeň
Kontaktovat uživatele:

Re: Kontrola logů, špatně se mi načítají stránky, některé vůbec,

#12 Příspěvek od Rudy »

Smazáno. Nastala nějaká změna?
Dotazy a logy vkládejte pouze do vašich threadů. Soukromé zprávy, icq a e-maily neslouží k řešení vašich problémů.

Podpořte, prosím, naše fórum : https://platba.viry.cz/payment/.

Navštivte: Obrázek

e-mail: rudy(zavináč)forum.viry.cz

Varování:
Před odvirováním PC si udělejte zálohy svých důležitých dat (pošta, kontakty, dokumenty, fotografie, videa, hudba apod.). Virus mimo svých "viditelných" aktivit může poškodit systém!


Po dořešení vašeho problému bude vlákno zamknuto. Stejně tak tehdy, pokud bude nečinné více než 14dnů. Pokud budete chtít vlákno aktivovat, napište mi na mail uvedený výše.

F7R
Návštěvník
Návštěvník
Příspěvky: 49
Registrován: 17 bře 2016 12:26

Re: Kontrola logů, špatně se mi načítají stránky, některé vůbec,

#13 Příspěvek od F7R »

Je to v pořádku! Problémy s načítáním zmizely.
Moc děkuji :)

Uživatelský avatar
Rudy
Site Admin
Site Admin
Příspěvky: 118191
Registrován: 30 říj 2003 13:42
Bydliště: Plzeň
Kontaktovat uživatele:

Re: Kontrola logů, špatně se mi načítají stránky, některé vůbec,

#14 Příspěvek od Rudy »

Rádo se stalo! :)
Dotazy a logy vkládejte pouze do vašich threadů. Soukromé zprávy, icq a e-maily neslouží k řešení vašich problémů.

Podpořte, prosím, naše fórum : https://platba.viry.cz/payment/.

Navštivte: Obrázek

e-mail: rudy(zavináč)forum.viry.cz

Varování:
Před odvirováním PC si udělejte zálohy svých důležitých dat (pošta, kontakty, dokumenty, fotografie, videa, hudba apod.). Virus mimo svých "viditelných" aktivit může poškodit systém!


Po dořešení vašeho problému bude vlákno zamknuto. Stejně tak tehdy, pokud bude nečinné více než 14dnů. Pokud budete chtít vlákno aktivovat, napište mi na mail uvedený výše.

Zamčeno