Odvirování PC, zrychlení počítače, vzdálená pomoc prostřednictvím služby neslape.cz

prosim o kontrolu

Nemáte v tuto chvíli žádný problém s pc a chcete se jen ujistit, že je vše v pořádku?
Vložte log z FRST nebo RSIT.

Moderátor: Moderátoři

Pravidla fóra
Pokud chcete pomoc, vložte log z FRST [návod zde] nebo RSIT [návod zde]

Jednotlivé thready budou po vyřešení uzamčeny. Stejně tak ty, které budou nečinné déle než 14 dní. Vizte Pravidlo o zamykání témat. Děkujeme za pochopení.

!NOVINKA!
Nově lze využívat služby vzdálené pomoci, kdy se k vašemu počítači připojí odborník a bližší informace o problému si od vás získá telefonicky! Více na www.neslape.cz
Zamčeno
Zpráva
Autor
talbott
Návštěvník
Návštěvník
Příspěvky: 44
Registrován: 15 pro 2016 19:22

prosim o kontrolu

#1 Příspěvek od talbott »

Scan result of Farbar Recovery Scan Tool (FRST) (x64) Version: 15-09-2021
Ran by uzivatel (administrator) on ZERO1 (ASUSTeK COMPUTER INC. UX303LAB) (17-09-2021 21:30:45)
Running from C:\Users\uzivatel\Desktop
Loaded Profiles: uzivatel & SQLTELEMETRY$SQLEXPRESS & SQLTELEMETRY & MSSQLFDLauncher & MSSQLLaunchpad & MSSQL$SQLEXPRESS & MSSQLSERVER & MSSQLLaunchpad$SQLEXPRESS & MSSQLFDLauncher$SQLEXPRESS
Platform: Windows 8.1 Pro (Update) (X64) Language: Slovenčina (Slovensko)
Default browser: FF
Boot Mode: Normal

==================== Processes (Whitelisted) =================

(If an entry is included in the fixlist, the process will be closed. The file will not be moved.)

(Apple Inc. -> Apple Inc.) C:\Program Files\Bonjour\mDNSResponder.exe
(Apple Inc. -> Apple Inc.) C:\Program Files\Common Files\Apple\Mobile Device Support\AppleMobileDeviceService.exe
(ASUSTeK Computer Inc. -> ASUS) C:\Program Files (x86)\ASUS\ATK Package\ATKGFNEX\GFNEXSrv.exe
(ASUSTeK Computer Inc. -> ASUSTek Computer Inc.) C:\Program Files (x86)\ASUS\ATK Package\ATK Hotkey\AsLdrSrv.exe
(ASUSTeK Computer Inc. -> ASUSTek Computer Inc.) C:\Program Files (x86)\ASUS\ATK Package\ATK Hotkey\HControl.exe
(ASUSTeK Computer Inc. -> ASUSTek Computer Inc.) C:\Program Files (x86)\ASUS\ATK Package\ATK Hotkey\KBFiltr.exe
(ASUSTeK Computer Inc. -> ASUSTek Computer Inc.) C:\Program Files (x86)\ASUS\ATK Package\ATK Media\DMedia.exe
(ASUSTeK Computer Inc. -> ASUSTek Computer Inc.) C:\Program Files (x86)\ASUS\ATK Package\ATKOSD2\ATKOSD2.exe
(ASUSTeK Computer Inc. -> ASUSTek Computer Inc.) C:\Program Files (x86)\ASUS\USBChargerPlus\USBChargerPlus.exe
(F.lux Software LLC -> f.lux Software LLC) C:\Users\uzivatel\AppData\Local\FluxSoftware\Flux\flux.exe
(Intel Corporation - Intel® Management Engine Firmware -> Intel Corporation) C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\DAL\jhi_service.exe
(Intel Corporation - Intel® Management Engine Firmware -> Intel Corporation) C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\LMS\LMS.exe
(Intel Corporation - pGFX -> ) C:\Windows\System32\igfxTray.exe
(Intel Corporation - pGFX -> Intel Corporation) C:\Windows\System32\igfxCUIService.exe
(Intel Corporation - pGFX -> Intel Corporation) C:\Windows\System32\igfxEM.exe
(Intel Corporation - pGFX -> Intel Corporation) C:\Windows\System32\igfxHK.exe
(Intel Corporation-Mobile Wireless Group -> Intel Corporation) C:\Program Files (x86)\Intel\Bluetooth\utilities\ibtsiva.exe
(Intel Corporation-Mobile Wireless Group -> Intel(R) Corporation) C:\Program Files\Common Files\Intel\WirelessCommon\RegSrvc.exe
(Intel Corporation-Mobile Wireless Group -> Intel(R) Corporation) C:\Program Files\Intel\WiFi\bin\EvtEng.exe
(Intel Corporation-Mobile Wireless Group -> Intel® Corporation) C:\Program Files\Intel\WiFi\bin\ZeroConfigService.exe
(Intel(R) Software -> Intel Corporation) C:\Windows\SysWOW64\esif_uf.exe
(Intel(R) Software -> Intel Corporation) C:\Windows\Temp\DPTF\esif_assist.exe
(Intel(R) Wireless Display -> Intel) C:\Program Files\Intel Corporation\USB over IP\bin\UoipService.exe
(Microsoft Corporation -> Microsoft Corporation) C:\Program Files\Microsoft SQL Server\90\Shared\sqlwriter.exe
(Microsoft Corporation -> Microsoft Corporation) C:\Program Files\Microsoft SQL Server\MSSQL14.MSSQLSERVER\MSSQL\Binn\fdhost.exe
(Microsoft Corporation -> Microsoft Corporation) C:\Program Files\Microsoft SQL Server\MSSQL14.MSSQLSERVER\MSSQL\Binn\fdlauncher.exe
(Microsoft Corporation -> Microsoft Corporation) C:\Program Files\Microsoft SQL Server\MSSQL14.MSSQLSERVER\MSSQL\Binn\Launchpad.exe
(Microsoft Corporation -> Microsoft Corporation) C:\Program Files\Microsoft SQL Server\MSSQL14.MSSQLSERVER\MSSQL\Binn\sqlceip.exe
(Microsoft Corporation -> Microsoft Corporation) C:\Program Files\Microsoft SQL Server\MSSQL14.MSSQLSERVER\MSSQL\Binn\sqlservr.exe
(Microsoft Corporation -> Microsoft Corporation) C:\Program Files\Microsoft SQL Server\MSSQL14.SQLEXPRESS\MSSQL\Binn\fdhost.exe
(Microsoft Corporation -> Microsoft Corporation) C:\Program Files\Microsoft SQL Server\MSSQL14.SQLEXPRESS\MSSQL\Binn\fdlauncher.exe
(Microsoft Corporation -> Microsoft Corporation) C:\Program Files\Microsoft SQL Server\MSSQL14.SQLEXPRESS\MSSQL\Binn\Launchpad.exe
(Microsoft Corporation -> Microsoft Corporation) C:\Program Files\Microsoft SQL Server\MSSQL14.SQLEXPRESS\MSSQL\Binn\sqlceip.exe
(Microsoft Corporation -> Microsoft Corporation) C:\Program Files\Microsoft SQL Server\MSSQL14.SQLEXPRESS\MSSQL\Binn\sqlservr.exe
(Microsoft Corporation -> Microsoft Corporation) C:\Program Files\Windows Defender\MsMpEng.exe
(Microsoft Corporation -> Microsoft Corporation) C:\Program Files\Windows Defender\NisSrv.exe
(Microsoft Corporation -> Microsoft Corporation) C:\Windows\Microsoft.NET\Framework64\v3.0\WPF\PresentationFontCache.exe
(Microsoft Windows -> Microsoft Corporation) C:\Windows\System32\wlanext.exe
(Microsoft Windows Hardware Compatibility Publisher -> Pixart Imaging Inc) C:\Windows\System32\TiltWheelMouse.exe
(Mozilla Corporation -> Mozilla Corporation) C:\Program Files\Mozilla Firefox\firefox.exe <7>
(Sanem Application Tools Limited -> ChronoSpeedup Works) [File not signed] C:\Users\uzivatel\AppData\Local\ChronoSpeedup\ChronoSpeedup.exe

==================== Registry (Whitelisted) ===================

(If an entry is included in the fixlist, the registry item will be restored to default or removed. The file will not be moved.)

HKLM\...\Run: [MouseDriver] => C:\Windows\system32\TiltWheelMouse.exe [241152 2013-04-09] (Microsoft Windows Hardware Compatibility Publisher -> Pixart Imaging Inc)
HKLM\...\Run: [WindowsDefender] => "%ProgramFiles%\Windows Defender\MSASCuiL.exe"
HKLM\...\Run: [iTunesHelper] => C:\Program Files\iTunes\iTunesHelper.exe [333784 2021-03-31] (Apple Inc. -> Apple Inc.)
HKU\S-1-5-21-4176085001-3363555415-2058170901-1001\...\Run: [f.lux] => C:\Users\uzivatel\AppData\Local\FluxSoftware\Flux\flux.exe [1515848 2021-06-18] (F.lux Software LLC -> f.lux Software LLC)
HKU\S-1-5-21-4176085001-3363555415-2058170901-1001\...\Run: [iCloudServices] => C:\Program Files (x86)\Common Files\Apple\Internet Services\iCloudServices.exe [67384 2020-09-08] (Apple Inc. -> Apple Inc.)
HKU\S-1-5-21-4176085001-3363555415-2058170901-1001\...\Run: [ChronoSpeedup] => C:\Users\uzivatel\AppData\Local\ChronoSpeedup\ChronoSpeedup.exe [32909656 2021-08-08] (Sanem Application Tools Limited -> ChronoSpeedup Works) [File not signed]
HKU\S-1-5-21-4176085001-3363555415-2058170901-1001\Control Panel\Desktop\\SCRNSAVE.EXE -> C:\Windows\SysWOW64\ACTUAL~1.SCR [111616 2017-06-21] () [File not signed]
HKU\S-1-5-21-4176085001-3363555415-2058170901-500\Control Panel\Desktop\\SCRNSAVE.EXE -> C:\Windows\system32\ACTUAL~1.SCR
HKLM\Software\...\AppCompatFlags\InstalledSDB\{ad846bae-d44b-4722-abad-f7420e08bcd9}: [DatabasePath] -> C:\Windows\AppPatch\Custom\{ad846bae-d44b-4722-abad-f7420e08bcd9}.sdb [2020-01-17]
GroupPolicy: Restriction ? <==== ATTENTION
Policies: C:\ProgramData\NTUSER.pol: Restriction <==== ATTENTION

==================== Scheduled Tasks (Whitelisted) ============

(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)

Task: {1538B8AE-80E7-489B-B1CE-413A645A040A} - System32\Tasks\EOSv3 Scheduler onTime => C:\Users\uzivatel\Downloads\esetonlinescanner.exe
Task: {3D3671FB-B0BE-4ADC-AA3E-8D7BDC848467} - System32\Tasks\Microsoft\Windows\Windows Defender\Windows Defender Cleanup => C:\Program Files\Windows Defender\\MpCmdRun.exe [356968 2021-05-18] (Microsoft Corporation -> Microsoft Corporation)
Task: {55494067-4212-4BE3-B2EF-4D32F12C91D3} - System32\Tasks\Microsoft\Windows\Windows Defender\Windows Defender Verification => C:\Program Files\Windows Defender\\MpCmdRun.exe [356968 2021-05-18] (Microsoft Corporation -> Microsoft Corporation)
Task: {5DDC1DD5-0FB0-4743-A658-062CADB882D4} - System32\Tasks\ASUS USB Charger Plus => C:\Program Files (x86)\ASUS\USBChargerPlus\USBChargerPlus.exe [19853392 2014-09-11] (ASUSTeK Computer Inc. -> ASUSTek Computer Inc.)
Task: {614DEF85-D0FD-41F3-813F-0188AB8594CA} - System32\Tasks\Microsoft\Windows\Windows Defender\Windows Defender Scheduled Scan => C:\Program Files\Windows Defender\\MpCmdRun.exe [356968 2021-05-18] (Microsoft Corporation -> Microsoft Corporation)
Task: {859D6C61-15CF-4F3F-8D70-5B5BC07E0085} - System32\Tasks\EOSv3 Scheduler onLogOn => C:\Users\uzivatel\Downloads\esetonlinescanner.exe
Task: {8B221021-F383-4115-8F9B-3F73B491CA24} - System32\Tasks\Mozilla\Firefox Default Browser Agent 308046B0AF4A39CB => C:\Program Files\Mozilla Firefox\default-browser-agent.exe [680888 2021-09-10] (Mozilla Corporation -> Mozilla Foundation)
Task: {8F828BE9-8F00-4753-89D6-CD6A2D78E879} - System32\Tasks\ASUS\ASUS Product Register Service => C:\Program Files (x86)\ASUS\APRP\aprp.exe
Task: {ACEA0C20-FAEA-4FA3-A2E3-901FC34C7AD5} - System32\Tasks\Apple\AppleSoftwareUpdate => C:\Program Files (x86)\Apple Software Update\SoftwareUpdate.exe [616832 2019-09-04] (Apple Inc. -> Apple Inc.)
Task: {B38F889E-7831-48F1-B170-90F04B0841FE} - System32\Tasks\UMonitor Task => C:\Windows\SysWOW64\UMonit64.exe
Task: {C66AFCB8-E22F-44FA-A414-A232F8022F46} - System32\Tasks\Microsoft\Windows\Windows Defender\Windows Defender Cache Maintenance => C:\Program Files\Windows Defender\\MpCmdRun.exe [356968 2021-05-18] (Microsoft Corporation -> Microsoft Corporation)
Task: {E134A771-90AD-4CE4-8C0C-5C817A81A772} - System32\Tasks\ATK Package 36D18D69AFC3 => C:\Program Files (x86)\ASUS\ATK Package\ATK Hotkey\SimAppExec.exe [120632 2014-06-11] (ASUSTeK Computer Inc. -> ASUSTek Computer Inc.)

(If an entry is included in the fixlist, the task (.job) file will be moved. The file which is running by the task will not be moved.)


==================== Internet (Whitelisted) ====================

(If an item is included in the fixlist, if it is a registry item it will be removed or restored to default.)

Winsock: Catalog5 07 C:\Program Files (x86)\Bonjour\mdnsNSP.dll [122128 2015-08-12] (Apple Inc. -> Apple Inc.)
Winsock: Catalog5-x64 07 C:\Program Files\Bonjour\mdnsNSP.dll [133392 2015-08-12] (Apple Inc. -> Apple Inc.)
Tcpip\Parameters: [DhcpNameServer] 192.168.100.1
Tcpip\..\Interfaces\{AE1B6697-3F17-41CD-9040-9266881E316F}: [NameServer] 8.8.8.8
Tcpip\..\Interfaces\{AE1B6697-3F17-41CD-9040-9266881E316F}: [DhcpNameServer] 192.168.100.1

Edge:
=======
Edge DefaultProfile: Default
Edge Profile: C:\Users\uzivatel\AppData\Local\Microsoft\Edge\User Data\Default [2021-09-16]

FireFox:
========
FF DefaultProfile: faxt1meo.default-1619357577247
FF ProfilePath: C:\Users\uzivatel\AppData\Roaming\Mozilla\Firefox\Profiles\faxt1meo.default-1619357577247 [2021-09-17]
FF Extension: (Facebook Container) - C:\Users\uzivatel\AppData\Roaming\Mozilla\Firefox\Profiles\faxt1meo.default-1619357577247\Extensions\@contain-facebook.xpi [2021-08-03]
FF Extension: (Ghostery – Privacy Ad Blocker) - C:\Users\uzivatel\AppData\Roaming\Mozilla\Firefox\Profiles\faxt1meo.default-1619357577247\Extensions\firefox@ghostery.com.xpi [2021-06-29]
FF Extension: (NoScript) - C:\Users\uzivatel\AppData\Roaming\Mozilla\Firefox\Profiles\faxt1meo.default-1619357577247\Extensions\{73a6fe31-595d-460b-a920-fcc0f8843232}.xpi [2021-07-28]
FF Plugin-x32: @foxitsoftware.com/Foxit Reader Plugin,version=1.0,application/pdf -> C:\Program Files (x86)\Foxit Software\Foxit Reader\plugins\npFoxitReaderPlugin.dll [2019-01-17] (Foxit Software Incorporated -> Foxit Corporation)
FF Plugin-x32: @foxitsoftware.com/Foxit Reader Plugin,version=1.0,application/vnd.fdf -> C:\Program Files (x86)\Foxit Software\Foxit Reader\plugins\npFoxitReaderPlugin.dll [2019-01-17] (Foxit Software Incorporated -> Foxit Corporation)
FF Plugin-x32: @foxitsoftware.com/Foxit Reader Plugin,version=1.0,application/vnd.xdp -> C:\Program Files (x86)\Foxit Software\Foxit Reader\plugins\npFoxitReaderPlugin.dll [2019-01-17] (Foxit Software Incorporated -> Foxit Corporation)
FF Plugin-x32: @foxitsoftware.com/Foxit Reader Plugin,version=1.0,application/vnd.xfdf -> C:\Program Files (x86)\Foxit Software\Foxit Reader\plugins\npFoxitReaderPlugin.dll [2019-01-17] (Foxit Software Incorporated -> Foxit Corporation)
FF Plugin-x32: @intel-webapi.intel.com/Intel WebAPI ipt;version=4.0.56 -> C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\IPT\npIntelWebAPIIPT.dll [2014-09-03] (Intel(R) Identity Protection Technology Software -> Intel Corporation)
FF Plugin-x32: @intel-webapi.intel.com/Intel WebAPI updater -> C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\IPT\npIntelWebAPIUpdater.dll [2014-09-03] (Intel(R) Identity Protection Technology Software -> Intel Corporation)
FF Plugin-x32: @videolan.org/vlc,version=3.0.6 -> C:\Program Files (x86)\VideoLAN\VLC\npvlc.dll [2019-01-10] (VideoLAN -> VideoLAN)

==================== Services (Whitelisted) ===================

(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)

R2 Apple Mobile Device Service; C:\Program Files\Common Files\Apple\Mobile Device Support\AppleMobileDeviceService.exe [99104 2021-03-16] (Apple Inc. -> Apple Inc.)
R2 ibtsiva.exe; C:\Program Files (x86)\Intel\Bluetooth\utilities\ibtsiva.exe [121288 2014-08-13] (Intel Corporation-Mobile Wireless Group -> Intel Corporation)
R2 IntelUSBoverIP; C:\Program Files\Intel Corporation\USB over IP\bin\UoipService.exe [394184 2014-10-15] (Intel(R) Wireless Display -> Intel)
S3 MsMpiLaunchSvc; C:\Program Files\Microsoft MPI\Bin\msmpilaunchsvc.exe [23040 2016-03-04] () [File not signed]
R2 MSSQL$SQLEXPRESS; C:\Program Files\Microsoft SQL Server\MSSQL14.SQLEXPRESS\MSSQL\Binn\sqlservr.exe [484944 2019-06-15] (Microsoft Corporation -> Microsoft Corporation)
R3 MSSQLFDLauncher; C:\Program Files\Microsoft SQL Server\MSSQL14.MSSQLSERVER\MSSQL\Binn\fdlauncher.exe [60488 2019-06-15] (Microsoft Corporation -> Microsoft Corporation)
R3 MSSQLFDLauncher$SQLEXPRESS; C:\Program Files\Microsoft SQL Server\MSSQL14.SQLEXPRESS\MSSQL\Binn\fdlauncher.exe [60488 2019-06-15] (Microsoft Corporation -> Microsoft Corporation)
R2 MSSQLLaunchpad; C:\Program Files\Microsoft SQL Server\MSSQL14.MSSQLSERVER\MSSQL\Binn\launchpad.exe [1121360 2019-06-15] (Microsoft Corporation -> Microsoft Corporation)
R2 MSSQLLaunchpad$SQLEXPRESS; C:\Program Files\Microsoft SQL Server\MSSQL14.SQLEXPRESS\MSSQL\Binn\launchpad.exe [1121360 2019-06-15] (Microsoft Corporation -> Microsoft Corporation)
R2 MSSQLSERVER; C:\Program Files\Microsoft SQL Server\MSSQL14.MSSQLSERVER\MSSQL\Binn\sqlservr.exe [484944 2019-06-15] (Microsoft Corporation -> Microsoft Corporation)
S3 ProtonVPN Service; C:\Program Files (x86)\Proton Technologies\ProtonVPN\ProtonVPNService.exe [102648 2021-01-29] (Proton Technologies AG -> )
S3 ProtonVPN Update Service; C:\Program Files (x86)\Proton Technologies\ProtonVPN\ProtonVPN.UpdateService.exe [62712 2021-01-29] (Proton Technologies AG -> )
S4 SQLAgent$SQLEXPRESS; C:\Program Files\Microsoft SQL Server\MSSQL14.SQLEXPRESS\MSSQL\Binn\SQLAGENT.EXE [578640 2019-06-15] (Microsoft Corporation -> Microsoft Corporation)
S4 SQLSERVERAGENT; C:\Program Files\Microsoft SQL Server\MSSQL14.MSSQLSERVER\MSSQL\Binn\SQLAGENT.EXE [578640 2019-06-15] (Microsoft Corporation -> Microsoft Corporation)
R2 SQLTELEMETRY; C:\Program Files\Microsoft SQL Server\MSSQL14.MSSQLSERVER\MSSQL\Binn\sqlceip.exe [252704 2019-06-15] (Microsoft Corporation -> Microsoft Corporation)
R2 SQLTELEMETRY$SQLEXPRESS; C:\Program Files\Microsoft SQL Server\MSSQL14.SQLEXPRESS\MSSQL\Binn\sqlceip.exe [252704 2019-06-15] (Microsoft Corporation -> Microsoft Corporation)
R3 WdNisSvc; C:\Program Files\Windows Defender\NisSrv.exe [361824 2017-01-12] (Microsoft Corporation -> Microsoft Corporation)
R2 WinDefend; C:\Program Files\Windows Defender\MsMpEng.exe [112144 2021-05-18] (Microsoft Corporation -> Microsoft Corporation)

===================== Drivers (Whitelisted) ===================

(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)

S3 ampa; C:\Windows\system32\ampa.sys [38320 2017-02-28] (CHENGDU AOMEI Tech Co., Ltd. -> )
S3 ATP; C:\Windows\System32\drivers\AsusTP.sys [69904 2014-11-21] (ASUSTeK Computer Inc. -> ASUS Corporation)
S3 AX88772; C:\Windows\system32\DRIVERS\ax88772.sys [113864 2013-07-18] (WDKTestCert asix,130126255272009909 -> ASIX Electronics Corp.)
S3 BthMtpEnum; C:\Windows\system32\DRIVERS\BthMtpEnum.sys [62976 2013-08-22] (Microsoft Windows -> Microsoft Corporation)
S3 ddmdrv; C:\Windows\system32\ddmdrv.sys [35760 2016-12-27] (CHENGDU AOMEI Tech Co., Ltd. -> )
S3 GeneStor; C:\Windows\System32\drivers\GeneStor.sys [130648 2016-08-22] (GENESYS LOGIC, INC. -> GenesysLogic)
S1 ISODisk; C:\Windows\SysWow64\Drivers\ISODisk.sys [9600 2006-04-26] () [File not signed]
R3 kbfiltr; C:\Windows\System32\drivers\kbfiltr.sys [17280 2012-08-06] (ASUSTeK Computer Inc. -> )
S0 mfeelamk; C:\Windows\System32\drivers\mfeelamk.sys [80920 2015-07-02] (Microsoft Windows Early Launch Anti-malware Publisher -> McAfee, Inc.)
S3 Netaapl; C:\Windows\system32\DRIVERS\netaapl64.sys [23040 2016-12-21] (Microsoft Windows Hardware Compatibility Publisher -> Apple Inc.)
S3 ProtonVPNCallout; C:\Program Files (x86)\Proton Technologies\ProtonVPN\x64\Win7\ProtonVPN.CalloutDriver.sys [25824 2021-01-27] (Proton Technologies AG -> Proton Technologies AG)
R0 pwdrvio; C:\Windows\System32\pwdrvio.sys [19152 2019-11-08] (MiniTool Solution Ltd -> )
S3 pwdspio; C:\Windows\system32\pwdspio.sys [12504 2019-11-08] (MiniTool Solution Ltd -> )
S4 RsFx0501; C:\Windows\System32\DRIVERS\RsFx0501.sys [261784 2019-06-15] (Microsoft Corporation -> Microsoft Corporation)
S3 RTLU3E8023-W8-64; C:\Windows\system32\DRIVERS\rtu30x64w8.sys [70656 2013-06-18] (Microsoft Windows -> Realtek)
S4 secdrv; C:\Windows\SysWow64\Drivers\secdrv.sys [11968 2000-06-27] () [File not signed]
S3 tap0901; C:\Windows\system32\DRIVERS\tap0901.sys [27136 2014-11-05] (OpenVPN Technologies, Inc. -> The OpenVPN Project)
R3 tapprotonvpn; C:\Windows\system32\DRIVERS\tapprotonvpn.sys [39696 2020-12-30] (Proton Technologies AG -> The OpenVPN Project)
S3 t_mouse.sys; C:\Windows\system32\DRIVERS\t_mouse.sys [6144 2013-04-09] (Microsoft Windows Hardware Compatibility Publisher -> )
R3 usb3Hub; C:\Windows\System32\drivers\usb3Hub.sys [213296 2014-10-15] (Intel(R) Wireless Display -> Windows (R) Win 7 DDK provider)
S3 USBAAPL64; C:\Windows\System32\Drivers\usbaapl64.sys [54784 2016-12-21] (Microsoft Windows Hardware Compatibility Publisher -> Apple, Inc.)
S3 VBoxNetAdp; C:\Windows\system32\DRIVERS\VBoxNetAdp6.sys [237312 2020-02-19] (Oracle Corporation -> Oracle Corporation)
S0 WdBoot; C:\Windows\System32\drivers\WdBoot.sys [46600 2017-02-10] (Microsoft Windows Early Launch Anti-malware Publisher -> Microsoft Corporation)
R0 WdFilter; C:\Windows\System32\drivers\WdFilter.sys [274776 2017-01-12] (Microsoft Windows -> Microsoft Corporation)
R3 WdNisDrv; C:\Windows\System32\Drivers\WdNisDrv.sys [117592 2017-01-12] (Microsoft Windows -> Microsoft Corporation)

==================== NetSvcs (Whitelisted) ===================

(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)


==================== One month (created) (Whitelisted) =========

(If an entry is included in the fixlist, the file/folder will be moved.)

2021-09-17 21:30 - 2021-09-17 21:31 - 000019483 _____ C:\Users\uzivatel\Desktop\FRST.txt
2021-09-17 21:30 - 2021-09-17 21:30 - 000000000 ____D C:\Users\uzivatel\Desktop\FRST-OlderVersion
2021-09-17 21:26 - 2021-09-17 21:27 - 000000000 ____D C:\Users\uzivatel\AppData\Local\ChronoSpeedup
2021-09-17 21:26 - 2021-09-17 21:26 - 000000000 ____D C:\Users\uzivatel\AppData\Local\TaskbarSystem
2021-09-10 15:51 - 2021-09-10 15:51 - 000000000 ____D C:\Windows\system32\Tasks\Mozilla
2021-09-10 14:44 - 2021-09-11 08:49 - 000000000 ____D C:\Program Files\Mozilla Firefox
2021-08-21 13:22 - 2021-07-13 08:34 - 000376072 _____ (Adobe Systems Incorporated) C:\Windows\system32\atmfd.dll
2021-08-21 13:22 - 2021-07-13 08:23 - 000317176 _____ (Adobe Systems Incorporated) C:\Windows\SysWOW64\atmfd.dll
2021-08-21 13:22 - 2021-06-05 07:23 - 000417280 _____ (Microsoft Corporation) C:\Windows\system32\html.iec
2021-08-21 13:22 - 2021-06-05 06:42 - 002132992 _____ (Microsoft Corporation) C:\Windows\system32\inetcpl.cpl
2021-08-21 13:22 - 2021-06-05 06:30 - 002058752 _____ (Microsoft Corporation) C:\Windows\SysWOW64\inetcpl.cpl
2021-08-21 13:22 - 2021-04-06 08:51 - 001678056 _____ (Microsoft Corporation) C:\Windows\system32\winload.efi
2021-08-21 13:22 - 2021-02-13 04:47 - 000088064 _____ (Microsoft Corporation) C:\Windows\system32\tdc.ocx
2021-08-21 13:22 - 2021-02-13 04:24 - 000073728 _____ (Microsoft Corporation) C:\Windows\SysWOW64\tdc.ocx
2021-08-21 13:22 - 2021-01-08 03:21 - 000514048 _____ (Microsoft Corporation) C:\Windows\system32\winspool.drv
2021-08-21 13:22 - 2021-01-08 03:13 - 000399360 _____ (Microsoft Corporation) C:\Windows\SysWOW64\winspool.drv

==================== One month (modified) ==================

(If an entry is included in the fixlist, the file/folder will be moved.)

2021-09-17 21:31 - 2017-07-25 22:18 - 000000000 ____D C:\FRST
2021-09-17 21:30 - 2017-10-03 19:38 - 002304000 _____ (Farbar) C:\Users\uzivatel\Desktop\FRST64.exe
2021-09-17 21:28 - 2016-11-15 19:41 - 000000000 ____D C:\Users\uzivatel\AppData\LocalLow\Mozilla
2021-09-17 21:28 - 2013-08-22 16:45 - 000000006 ____H C:\Windows\Tasks\SA.DAT
2021-09-17 20:04 - 2015-09-02 18:48 - 000003600 _____ C:\Windows\system32\Tasks\Optimize Start Menu Cache Files-S-1-5-21-4176085001-3363555415-2058170901-1001
2021-09-17 19:58 - 2020-11-15 14:10 - 000002251 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Microsoft Edge.lnk
2021-09-17 19:58 - 2020-11-15 14:10 - 000002210 _____ C:\Users\Public\Desktop\Microsoft Edge.lnk
2021-09-17 19:54 - 2014-03-18 17:25 - 001246486 _____ C:\Windows\system32\PerfStringBackup.INI
2021-09-17 19:54 - 2013-08-22 15:36 - 000000000 ____D C:\Windows\Inf
2021-09-12 17:28 - 2013-08-22 15:25 - 000262144 ___SH C:\Windows\system32\config\BBI
2021-09-11 08:49 - 2015-09-02 19:09 - 000000000 ____D C:\Program Files (x86)\Mozilla Maintenance Service
2021-09-10 15:51 - 2015-09-02 19:09 - 000000950 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Firefox.lnk
2021-08-30 22:45 - 2017-10-14 13:27 - 000803176 ____N (Microsoft Corporation) C:\Windows\system32\MpSigStub.exe
2021-08-26 18:53 - 2013-08-22 17:36 - 000000000 ____D C:\Windows\rescache
2021-08-24 19:20 - 2018-06-01 16:01 - 000508176 _____ C:\Windows\system32\FNTCACHE.DAT
2021-08-21 13:27 - 2013-08-22 17:36 - 000000000 ___RD C:\Windows\ToastData
2021-08-21 13:27 - 2013-08-22 17:36 - 000000000 ____D C:\Windows\SysWOW64\setup
2021-08-21 13:27 - 2013-08-22 17:36 - 000000000 ____D C:\Windows\system32\setup
2021-08-21 13:27 - 2013-08-22 17:36 - 000000000 ____D C:\Windows\PolicyDefinitions
2021-08-21 13:27 - 2013-08-22 17:36 - 000000000 ____D C:\Program Files\Windows Defender
2021-08-21 13:27 - 2013-08-22 17:36 - 000000000 ____D C:\Program Files\Common Files\System
2021-08-21 13:25 - 2018-03-28 17:05 - 000000000 ____D C:\Program Files (x86)\Microsoft SQL Server
2021-08-21 13:25 - 2018-03-28 16:52 - 000000000 ____D C:\Program Files\Microsoft SQL Server
2021-08-21 13:25 - 2013-08-22 17:20 - 000000000 ____D C:\Windows\CbsTemp
2021-08-18 20:02 - 2020-11-15 14:09 - 000003380 _____ C:\Windows\system32\Tasks\MicrosoftEdgeUpdateTaskMachineUA
2021-08-18 20:02 - 2020-11-15 14:09 - 000003252 _____ C:\Windows\system32\Tasks\MicrosoftEdgeUpdateTaskMachineCore

==================== Files in the root of some directories ========

2015-09-02 18:43 - 2019-10-27 20:27 - 000000125 _____ () C:\Users\uzivatel\AppData\Roaming\sp_data.sys
2021-05-12 20:20 - 2021-05-12 20:30 - 000000615 _____ () C:\Users\uzivatel\AppData\Local\oobelibMkey.log
2015-10-01 15:42 - 2015-10-01 15:42 - 000000017 _____ () C:\Users\uzivatel\AppData\Local\resmon.resmoncfg

==================== SigCheck ============================

(There is no automatic fix for files that do not pass verification.)


LastRegBack: 2021-09-12 21:47
==================== End of FRST.txt ========================

Uživatelský avatar
Rudy
Site Admin
Site Admin
Příspěvky: 118200
Registrován: 30 říj 2003 13:42
Bydliště: Plzeň
Kontaktovat uživatele:

Re: prosim o kontrolu

#2 Příspěvek od Rudy »

Zdravím!
Aby kontrola byla kompletní, přidejte, prosím, ještě log Addirion. Je v souboru addition.txt na ploše. Děkuji.
Dotazy a logy vkládejte pouze do vašich threadů. Soukromé zprávy, icq a e-maily neslouží k řešení vašich problémů.

Podpořte, prosím, naše fórum : https://platba.viry.cz/payment/.

Navštivte: Obrázek

e-mail: rudy(zavináč)forum.viry.cz

Varování:
Před odvirováním PC si udělejte zálohy svých důležitých dat (pošta, kontakty, dokumenty, fotografie, videa, hudba apod.). Virus mimo svých "viditelných" aktivit může poškodit systém!


Po dořešení vašeho problému bude vlákno zamknuto. Stejně tak tehdy, pokud bude nečinné více než 14dnů. Pokud budete chtít vlákno aktivovat, napište mi na mail uvedený výše.

talbott
Návštěvník
Návštěvník
Příspěvky: 44
Registrován: 15 pro 2016 19:22

Re: prosim o kontrolu

#3 Příspěvek od talbott »

Additional scan result of Farbar Recovery Scan Tool (x64) Version: 15-09-2021
Ran by uzivatel (17-09-2021 21:32:05)
Running from C:\Users\uzivatel\Desktop
Windows 8.1 Pro (Update) (X64) (2015-09-02 16:42:46)
Boot Mode: Normal
==========================================================


==================== Accounts: =============================


(If an entry is included in the fixlist, it will be removed.)

Administrator (S-1-5-21-4176085001-3363555415-2058170901-500 - Administrator - Enabled) => C:\Users\Administrator
Guest (S-1-5-21-4176085001-3363555415-2058170901-501 - Limited - Disabled)
MSSQLSERVER00 (S-1-5-21-4176085001-3363555415-2058170901-1026 - Limited - Enabled)
MSSQLSERVER01 (S-1-5-21-4176085001-3363555415-2058170901-1027 - Limited - Enabled)
MSSQLSERVER02 (S-1-5-21-4176085001-3363555415-2058170901-1028 - Limited - Enabled)
MSSQLSERVER03 (S-1-5-21-4176085001-3363555415-2058170901-1029 - Limited - Enabled)
MSSQLSERVER04 (S-1-5-21-4176085001-3363555415-2058170901-1030 - Limited - Enabled)
MSSQLSERVER05 (S-1-5-21-4176085001-3363555415-2058170901-1031 - Limited - Enabled)
MSSQLSERVER06 (S-1-5-21-4176085001-3363555415-2058170901-1032 - Limited - Enabled)
MSSQLSERVER07 (S-1-5-21-4176085001-3363555415-2058170901-1033 - Limited - Enabled)
MSSQLSERVER08 (S-1-5-21-4176085001-3363555415-2058170901-1034 - Limited - Enabled)
MSSQLSERVER09 (S-1-5-21-4176085001-3363555415-2058170901-1035 - Limited - Enabled)
MSSQLSERVER10 (S-1-5-21-4176085001-3363555415-2058170901-1036 - Limited - Enabled)
MSSQLSERVER11 (S-1-5-21-4176085001-3363555415-2058170901-1037 - Limited - Enabled)
MSSQLSERVER12 (S-1-5-21-4176085001-3363555415-2058170901-1038 - Limited - Enabled)
MSSQLSERVER13 (S-1-5-21-4176085001-3363555415-2058170901-1039 - Limited - Enabled)
MSSQLSERVER14 (S-1-5-21-4176085001-3363555415-2058170901-1040 - Limited - Enabled)
MSSQLSERVER15 (S-1-5-21-4176085001-3363555415-2058170901-1041 - Limited - Enabled)
MSSQLSERVER16 (S-1-5-21-4176085001-3363555415-2058170901-1042 - Limited - Enabled)
MSSQLSERVER17 (S-1-5-21-4176085001-3363555415-2058170901-1043 - Limited - Enabled)
MSSQLSERVER18 (S-1-5-21-4176085001-3363555415-2058170901-1044 - Limited - Enabled)
MSSQLSERVER19 (S-1-5-21-4176085001-3363555415-2058170901-1045 - Limited - Enabled)
MSSQLSERVER20 (S-1-5-21-4176085001-3363555415-2058170901-1046 - Limited - Enabled)
SQLEXPRESS00 (S-1-5-21-4176085001-3363555415-2058170901-1004 - Limited - Enabled)
SQLEXPRESS01 (S-1-5-21-4176085001-3363555415-2058170901-1005 - Limited - Enabled)
SQLEXPRESS02 (S-1-5-21-4176085001-3363555415-2058170901-1006 - Limited - Enabled)
SQLEXPRESS03 (S-1-5-21-4176085001-3363555415-2058170901-1007 - Limited - Enabled)
SQLEXPRESS04 (S-1-5-21-4176085001-3363555415-2058170901-1008 - Limited - Enabled)
SQLEXPRESS05 (S-1-5-21-4176085001-3363555415-2058170901-1009 - Limited - Enabled)
SQLEXPRESS06 (S-1-5-21-4176085001-3363555415-2058170901-1010 - Limited - Enabled)
SQLEXPRESS07 (S-1-5-21-4176085001-3363555415-2058170901-1011 - Limited - Enabled)
SQLEXPRESS08 (S-1-5-21-4176085001-3363555415-2058170901-1012 - Limited - Enabled)
SQLEXPRESS09 (S-1-5-21-4176085001-3363555415-2058170901-1013 - Limited - Enabled)
SQLEXPRESS10 (S-1-5-21-4176085001-3363555415-2058170901-1014 - Limited - Enabled)
SQLEXPRESS11 (S-1-5-21-4176085001-3363555415-2058170901-1015 - Limited - Enabled)
SQLEXPRESS12 (S-1-5-21-4176085001-3363555415-2058170901-1016 - Limited - Enabled)
SQLEXPRESS13 (S-1-5-21-4176085001-3363555415-2058170901-1017 - Limited - Enabled)
SQLEXPRESS14 (S-1-5-21-4176085001-3363555415-2058170901-1018 - Limited - Enabled)
SQLEXPRESS15 (S-1-5-21-4176085001-3363555415-2058170901-1019 - Limited - Enabled)
SQLEXPRESS16 (S-1-5-21-4176085001-3363555415-2058170901-1020 - Limited - Enabled)
SQLEXPRESS17 (S-1-5-21-4176085001-3363555415-2058170901-1021 - Limited - Enabled)
SQLEXPRESS18 (S-1-5-21-4176085001-3363555415-2058170901-1022 - Limited - Enabled)
SQLEXPRESS19 (S-1-5-21-4176085001-3363555415-2058170901-1023 - Limited - Enabled)
SQLEXPRESS20 (S-1-5-21-4176085001-3363555415-2058170901-1024 - Limited - Enabled)
uzivatel (S-1-5-21-4176085001-3363555415-2058170901-1001 - Administrator - Enabled) => C:\Users\uzivatel

==================== Security Center ========================

(If an entry is included in the fixlist, it will be removed.)

AV: Windows Defender (Enabled - Up to date) {D68DDC3A-831F-4fae-9E44-DA132C1ACF46}
AS: Windows Defender (Enabled - Up to date) {D68DDC3A-831F-4fae-9E44-DA132C1ACF46}

==================== Installed Programs ======================

(Only the adware programs with "Hidden" flag could be added to the fixlist to unhide them. The adware programs should be uninstalled manually.)

2007 Microsoft Office Suite Service Pack 3 (SP3) (HKLM-x32\...\{90120000-0015-0409-0000-0000000FF1CE}_ENTERPRISE_{AAA19365-932B-49BD-8138-BE28CEE9C4B4}) (Version: - Microsoft) Hidden
2007 Microsoft Office Suite Service Pack 3 (SP3) (HKLM-x32\...\{90120000-0016-0409-0000-0000000FF1CE}_ENTERPRISE_{AAA19365-932B-49BD-8138-BE28CEE9C4B4}) (Version: - Microsoft) Hidden
2007 Microsoft Office Suite Service Pack 3 (SP3) (HKLM-x32\...\{90120000-0018-0409-0000-0000000FF1CE}_ENTERPRISE_{AAA19365-932B-49BD-8138-BE28CEE9C4B4}) (Version: - Microsoft) Hidden
2007 Microsoft Office Suite Service Pack 3 (SP3) (HKLM-x32\...\{90120000-0019-0409-0000-0000000FF1CE}_ENTERPRISE_{AAA19365-932B-49BD-8138-BE28CEE9C4B4}) (Version: - Microsoft) Hidden
2007 Microsoft Office Suite Service Pack 3 (SP3) (HKLM-x32\...\{90120000-001A-0409-0000-0000000FF1CE}_ENTERPRISE_{AAA19365-932B-49BD-8138-BE28CEE9C4B4}) (Version: - Microsoft) Hidden
2007 Microsoft Office Suite Service Pack 3 (SP3) (HKLM-x32\...\{90120000-001B-0409-0000-0000000FF1CE}_ENTERPRISE_{AAA19365-932B-49BD-8138-BE28CEE9C4B4}) (Version: - Microsoft) Hidden
2007 Microsoft Office Suite Service Pack 3 (SP3) (HKLM-x32\...\{90120000-001F-0409-0000-0000000FF1CE}_ENTERPRISE_{1FF96026-A04A-4C3E-B50A-BB7022654D0F}) (Version: - Microsoft) Hidden
2007 Microsoft Office Suite Service Pack 3 (SP3) (HKLM-x32\...\{90120000-001F-040C-0000-0000000FF1CE}_ENTERPRISE_{71F055E8-E2C6-4214-BB3D-BFE03561B89E}) (Version: - Microsoft) Hidden
2007 Microsoft Office Suite Service Pack 3 (SP3) (HKLM-x32\...\{90120000-001F-0C0A-0000-0000000FF1CE}_ENTERPRISE_{2314F9A1-126F-45CC-8A5E-DFAF866F3FBC}) (Version: - Microsoft) Hidden
2007 Microsoft Office Suite Service Pack 3 (SP3) (HKLM-x32\...\{90120000-002A-0000-1000-0000000FF1CE}_ENTERPRISE_{664655D8-B9BB-455D-8A58-7EAF7B0B2862}) (Version: - Microsoft) Hidden
2007 Microsoft Office Suite Service Pack 3 (SP3) (HKLM-x32\...\{90120000-002A-0409-1000-0000000FF1CE}_ENTERPRISE_{98333358-268C-4164-B6D4-C96DF5153727}) (Version: - Microsoft) Hidden
2007 Microsoft Office Suite Service Pack 3 (SP3) (HKLM-x32\...\{90120000-0030-0000-0000-0000000FF1CE}_ENTERPRISE_{6E107EB7-8B55-48BF-ACCB-199F86A2CD93}) (Version: - Microsoft)
2007 Microsoft Office Suite Service Pack 3 (SP3) (HKLM-x32\...\{90120000-0044-0409-0000-0000000FF1CE}_ENTERPRISE_{AAA19365-932B-49BD-8138-BE28CEE9C4B4}) (Version: - Microsoft) Hidden
2007 Microsoft Office Suite Service Pack 3 (SP3) (HKLM-x32\...\{90120000-006E-0409-0000-0000000FF1CE}_ENTERPRISE_{98333358-268C-4164-B6D4-C96DF5153727}) (Version: - Microsoft) Hidden
2007 Microsoft Office Suite Service Pack 3 (SP3) (HKLM-x32\...\{90120000-00A1-0409-0000-0000000FF1CE}_ENTERPRISE_{AAA19365-932B-49BD-8138-BE28CEE9C4B4}) (Version: - Microsoft) Hidden
2007 Microsoft Office Suite Service Pack 3 (SP3) (HKLM-x32\...\{90120000-00BA-0409-0000-0000000FF1CE}_ENTERPRISE_{AAA19365-932B-49BD-8138-BE28CEE9C4B4}) (Version: - Microsoft) Hidden
2007 Microsoft Office Suite Service Pack 3 (SP3) (HKLM-x32\...\{90120000-0114-0409-0000-0000000FF1CE}_ENTERPRISE_{AAA19365-932B-49BD-8138-BE28CEE9C4B4}) (Version: - Microsoft) Hidden
2007 Microsoft Office Suite Service Pack 3 (SP3) (HKLM-x32\...\{90120000-0115-0409-0000-0000000FF1CE}_ENTERPRISE_{98333358-268C-4164-B6D4-C96DF5153727}) (Version: - Microsoft) Hidden
2007 Microsoft Office Suite Service Pack 3 (SP3) (HKLM-x32\...\{90120000-0116-0409-1000-0000000FF1CE}_ENTERPRISE_{98333358-268C-4164-B6D4-C96DF5153727}) (Version: - Microsoft) Hidden
2007 Microsoft Office Suite Service Pack 3 (SP3) (HKLM-x32\...\{90120000-0117-0409-0000-0000000FF1CE}_ENTERPRISE_{AAA19365-932B-49BD-8138-BE28CEE9C4B4}) (Version: - Microsoft) Hidden
AOMEI Partition Assistant 9.1 (HKLM-x32\...\{02F850ED-FD0E-4ED1-BE0B-54981f5BD3D4}_is1) (Version: - AOMEI International Network Limited.)
Apple Mobile Device Support (HKLM\...\{74CC99EB-7DC0-4CB0-847A-F8C2FE39690C}) (Version: 14.5.0.7 - Apple Inc.)
Apple Software Update (HKLM-x32\...\{A3985C05-7386-411F-A4BF-32A73F37EB44}) (Version: 2.6.3.1 - Apple Inc.)
ASUS USB Charger Plus (HKLM-x32\...\{A859E3E5-C62F-4BFA-AF1D-2B95E03166AF}) (Version: 4.0.2 - ASUS)
ATK Package (HKLM-x32\...\{AB5C933E-5C7D-4D30-B314-9C83A49B94BE}) (Version: 1.0.0037 - ASUS)
Audacity 3.0.2 (HKLM-x32\...\Audacity_is1) (Version: 3.0.2 - Audacity Team)
AudioWizard (HKLM-x32\...\{57E770A2-2BAF-4CAA-BAA3-BD896E2254D3}) (Version: 1.0.0.31 - ICEpower a/s)
Bonjour (HKLM\...\{56DDDFB8-7F79-4480-89D5-25E1F52AB28F}) (Version: 3.1.0.1 - Apple Inc.)
Browser for SQL Server 2017 (HKLM-x32\...\{CF8EEB96-E7E7-4EF7-A0A1-559F09953156}) (Version: 14.0.1000.169 - Microsoft Corporation)
BS.Player FREE (HKLM-x32\...\BSPlayerf) (Version: 2.71.1081 - AB Team, d.o.o.)
Conexant HD Audio (HKLM\...\CNXT_AUDIO_HDA) (Version: 8.66.52.56 - Conexant)
f.lux (HKU\S-1-5-21-4176085001-3363555415-2058170901-1001\...\Flux) (Version: - f.lux Software LLC)
FairStars CD Ripper 2.01 (HKLM-x32\...\FairStars CD Ripper_is1) (Version: - FairStars Soft)
Foxit Reader (HKLM-x32\...\Foxit Reader_is1) (Version: 9.4.1.16828 - Foxit Software Inc.)
FREE MSG File Viewer version 2.0 (HKLM-x32\...\{2D370F64-93D0-4731-B27B-35869AEEB460}_is1) (Version: 2.0 - SysTools Software)
Fritz 9 (HKLM-x32\...\{4FAA46FA-D8C1-488C-A979-83F41BB1E1DA}_is1) (Version: 9.0 - US - ACTION, s.r.o.)
GDR 2027 for SQL Server 2017 (KB4505224) (64-bit) (HKLM\...\KB4505224) (Version: 14.0.2027.2 - Microsoft Corporation)
ChessBase Reader (HKLM-x32\...\{DE1044D3-B7A3-45F0-AE4C-9F68BDD7B596}) (Version: 12.42.0.0 - ChessBase)
iCloud (HKLM\...\{8808B208-87D1-4725-8192-76D257E9DEAE}) (Version: 7.21.0.23 - Apple Inc.)
IIS 10.0 Express (HKLM\...\{2B8326B6-4202-4239-B9A9-F3EC8812E82D}) (Version: 10.0.03917 - Microsoft Corporation)
IIS Express Application Compatibility Database for x64 (HKLM\...\{08274920-8908-45c2-9258-8ad67ff77b09}.sdb) (Version: - ) Hidden
IIS Express Application Compatibility Database for x86 (HKLM\...\{ad846bae-d44b-4722-abad-f7420e08bcd9}.sdb) (Version: - ) Hidden
Intel Collaborative Processor Performance Control (HKLM-x32\...\0E7DAF70-FB54-4B91-B192-7E771C25AEEB) (Version: 1.0.0.1017 - Intel Corporation)
Intel(R) Dynamic Platform and Thermal Framework (HKLM-x32\...\{654EE65D-FAA4-4EA6-8C07-DC94E6A304D4}) (Version: 8.0.10100.71 - Intel Corporation)
Intel(R) Chipset Device Software (HKLM-x32\...\{f5d71765-7cd1-4e68-998f-5b379e725da3}) (Version: 10.0.22 - Intel(R) Corporation) Hidden
Intel(R) Management Engine Components (HKLM\...\{1CEAC85D-2590-4760-800F-8DE5E91F3700}) (Version: 10.0.28.1006 - Intel Corporation)
Intel(R) Processor Graphics (HKLM-x32\...\{F0E3AD40-2BBD-4360-9C76-B9AC9A5886EA}) (Version: 10.18.10.4013 - Intel Corporation)
Intel(R) WiDi (HKLM\...\{2F97FBC6-7992-4DF7-A7C7-B68455E307F7}) (Version: 5.1.20.0 - Intel Corporation)
Intel(R) Wireless Bluetooth(R) (HKLM-x32\...\{06A5031E-3B1E-4FB9-AC4C-BA0FE2706152}) (Version: 17.1.1433.02 - Intel Corporation)
Intel® PROSet/Wireless Software (HKLM-x32\...\{c78a13fd-4324-4ddb-a613-746d2461441d}) (Version: 17.13.1 - Intel Corporation)
ISODisk 1.1 (HKLM-x32\...\{BF731945-7AAD-45E3-A202-A60C9213915C}_is1) (Version: - ISODisk.com)
iTunes (HKLM\...\{E7314A31-2B85-444A-AE8C-A4FD4BA42040}) (Version: 12.10.11.2 - Apple Inc.)
Microsoft Edge (HKLM-x32\...\Microsoft Edge) (Version: 93.0.961.52 - Microsoft Corporation)
Microsoft MPI (7.0.12437.8) (HKLM\...\{8499ACD3-C1E3-45AB-BF96-DA491727EBE1}) (Version: 7.0.12437.8 - Microsoft Corporation)
Microsoft ODBC Driver 13 for SQL Server (HKLM\...\{3B280D1C-02F2-4965-8731-C1614E213D25}) (Version: 14.0.2027.2 - Microsoft Corporation)
Microsoft Office Enterprise 2007 (HKLM-x32\...\ENTERPRISE) (Version: 12.0.6612.1000 - Microsoft Corporation)
Microsoft Office File Validation Add-In (HKLM-x32\...\{90140000-2005-0000-0000-0000000FF1CE}) (Version: 14.0.5130.5003 - Microsoft Corporation)
Microsoft SQL Server 2012 Native Client (HKLM\...\{4D2C56FF-7F36-4B49-A97A-24F0522D41D7}) (Version: 11.3.6540.0 - Microsoft Corporation)
Microsoft SQL Server 2016 LocalDB (HKLM\...\{9097BF1A-13A0-4A4A-A1F8-473E2A669863}) (Version: 13.1.4001.0 - Microsoft Corporation)
Microsoft SQL Server 2017 (64-bit) (HKLM\...\Microsoft SQL Server SQL2017) (Version: - Microsoft Corporation)
Microsoft SQL Server 2017 LocalDB (HKLM\...\{58180BC0-0DA3-4341-A41F-9A3CF7207EE1}) (Version: 14.0.2027.2 - Microsoft Corporation)
Microsoft SQL Server 2017 Setup (English) (HKLM\...\{05C0EF32-CDE2-4E38-92A1-D82CECECFB39}) (Version: 14.0.2027.2 - Microsoft Corporation)
Microsoft SQL Server 2017 T-SQL Language Service (HKLM\...\{C8A51693-98B9-4AB1-91B8-9A1B86729D5F}) (Version: 14.0.1000.169 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x64 9.0.30729.17 (HKLM\...\{8220EEFE-38CD-377E-8595-13398D740ACE}) (Version: 9.0.30729 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x64 9.0.30729.6161 (HKLM\...\{5FCE6D76-F5DC-37AB-B2B8-22AB8CEDB1D4}) (Version: 9.0.30729.6161 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x86 9.0.21022 (HKLM-x32\...\{FF66E9F6-83E7-3A3E-AF14-8DE9A809A6A4}) (Version: 9.0.21022 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.6161 (HKLM-x32\...\{9BE518E6-ECC6-35A9-88E4-87755C07200F}) (Version: 9.0.30729.6161 - Microsoft Corporation)
Microsoft Visual C++ 2012 Redistributable (x86) - 11.0.60610 (HKLM-x32\...\{95716cce-fc71-413f-8ad5-56c2892d4b3a}) (Version: 11.0.60610.1 - Microsoft Corporation)
Microsoft Visual C++ 2013 Redistributable (x64) - 12.0.30501 (HKLM-x32\...\{050d4fc8-5d48-4b8f-8972-47c82c46020f}) (Version: 12.0.30501.0 - Microsoft Corporation)
Microsoft Visual C++ 2013 Redistributable (x86) - 12.0.30501 (HKLM-x32\...\{f65db027-aff3-4070-886a-0d87064aabb1}) (Version: 12.0.30501.0 - Microsoft Corporation)
Microsoft Visual C++ 2015-2019 Redistributable (x64) - 14.25.28508 (HKLM-x32\...\{6913e92a-b64e-41c9-a5e6-cef39207fe89}) (Version: 14.25.28508.3 - Microsoft Corporation)
Microsoft Visual C++ 2015-2019 Redistributable (x86) - 14.25.28508 (HKLM-x32\...\{65e650ff-30be-469d-b63a-418d71ea1765}) (Version: 14.25.28508.3 - Microsoft Corporation)
Microsoft Visual Studio Installer (HKLM\...\{6F320B93-EE3C-4826-85E0-ADF79F8D4C61}) (Version: 2.5.2059.317 - Microsoft Corporation)
Microsoft VSS Writer for SQL Server 2017 (HKLM\...\{20B328C9-C6BB-434A-928A-00F05CD820B8}) (Version: 14.0.1000.169 - Microsoft Corporation)
Microsoft Web Deploy 4.0 (HKLM\...\{BBCDB523-F5B7-4E53-A911-C85191E3BDF0}) (Version: 10.0.2606 - Microsoft Corporation)
MiniTool Power Data Recovery (HKLM-x32\...\MiniTool Power Data Recovery_is1) (Version: - MiniTool Solution Ltd.)
Mozilla Firefox (x64 en-US) (HKLM\...\Mozilla Firefox 92.0 (x64 en-US)) (Version: 92.0 - Mozilla)
Mozilla Maintenance Service (HKLM\...\MozillaMaintenanceService) (Version: 55.0.3 - Mozilla)
Mp3tag v2.73 (HKLM-x32\...\Mp3tag) (Version: v2.73 - Florian Heidenreich)
MSVC90_x64 (HKLM\...\{AB071C8B-873C-459F-ACA9-9EBE03C3E89B}) (Version: 1.0.1.2 - Nokia) Hidden
MSVC90_x86 (HKLM-x32\...\{AF111648-99A1-453E-81DD-80DBBF6DAD0D}) (Version: 1.0.1.2 - Nokia) Hidden
NCSS 97 (HKLM-x32\...\NCSS 97) (Version: - )
Podpora Apple aplikácií (32-bit) (HKLM-x32\...\{CCA8C50D-785B-4896-8675-FFE0C4ECCBC3}) (Version: 8.7 - Apple Inc.)
Podpora Apple aplikácií(64-bit) (HKLM\...\{75BEF7E8-4370-4D42-94F3-B5AA77057965}) (Version: 8.7 - Apple Inc.)
ProtonVPN (HKLM-x32\...\{FFAFEA09-E7DA-4710-A278-7F0506C96829}) (Version: 1.18.5 - Proton Technologies AG) Hidden
ProtonVPN (HKLM-x32\...\ProtonVPN 1.18.5) (Version: 1.18.5 - Proton Technologies AG)
ProtonVPNTap (HKLM-x32\...\{5DA710E2-1B81-4675-BFC5-76BAF63AE1F6}) (Version: 1.1.3 - Proton Technologies AG)
Real Time Relativity v1.6.0 (HKLM-x32\...\{0DFC5A30-1D57-4EF6-ABDA-C58C4DC1475B}) (Version: 1.6.0 - Australian National University)
Realtek USB Fast Ethernet Controller All-In-One Windows Driver (HKLM-x32\...\{D2B61BE0-B18B-4091-81B4-F234F4C30DFD}) (Version: 8.13.106.2014 - Realtek)
SQL Server 2017 Advanced Analytics (HKLM\...\{3471E30E-5FFC-4FB1-81BA-43060B3D2B42}) (Version: 14.0.1000.169 - Microsoft Corporation) Hidden
SQL Server 2017 Advanced Analytics (HKLM\...\{826DA700-7B76-49BA-8A83-E55F5FA1301E}) (Version: 14.0.1000.169 - Microsoft Corporation) Hidden
SQL Server 2017 Batch Parser (HKLM\...\{2C6E8311-28BD-4615-9545-6E39E8E83A4B}) (Version: 14.0.1000.169 - Microsoft Corporation) Hidden
SQL Server 2017 Client Tools (HKLM\...\{A6A9EFA1-AFEB-4209-B25D-3CFF2E6FAE2C}) (Version: 14.0.1000.169 - Microsoft Corporation) Hidden
SQL Server 2017 Client Tools (HKLM\...\{BD1502B1-778B-44B6-B2B4-0B77BD0366A1}) (Version: 14.0.1000.169 - Microsoft Corporation) Hidden
SQL Server 2017 Client Tools Extensions (HKLM\...\{06324A5D-66BB-4FAC-8D0B-9FEC1B230FFF}) (Version: 14.0.1000.169 - Microsoft Corporation) Hidden
SQL Server 2017 Client Tools Extensions (HKLM\...\{200F38B2-1492-4576-B08C-78F2C2C953FC}) (Version: 14.0.1000.169 - Microsoft Corporation) Hidden
SQL Server 2017 Common Files (HKLM\...\{9D1C0509-D490-4E9E-ACF5-A73E5C53742D}) (Version: 14.0.1000.169 - Microsoft Corporation) Hidden
SQL Server 2017 Common Files (HKLM\...\{B777C4C0-A1CD-4AB9-99B1-AD5FBED6F8E5}) (Version: 14.0.1000.169 - Microsoft Corporation) Hidden
SQL Server 2017 Connection Info (HKLM\...\{89A7644F-E056-4EC1-BFDE-9D1A531D6855}) (Version: 14.0.1000.169 - Microsoft Corporation) Hidden
SQL Server 2017 Connection Info (HKLM\...\{A9A443F5-56E1-4FC6-937C-5F481345A843}) (Version: 14.0.1000.169 - Microsoft Corporation) Hidden
SQL Server 2017 Database Engine Services (HKLM\...\{28EEF6BA-A23A-42D2-86BA-A6BEE723B969}) (Version: 14.0.1000.169 - Microsoft Corporation) Hidden
SQL Server 2017 Database Engine Services (HKLM\...\{36C9ADEE-91B0-4FFA-9CBA-9164CE6089D5}) (Version: 14.0.1000.169 - Microsoft Corporation) Hidden
SQL Server 2017 Database Engine Services (HKLM\...\{CDFAD32A-7C67-44E2-B4FC-80F2D748A032}) (Version: 14.0.1000.169 - Microsoft Corporation) Hidden
SQL Server 2017 Database Engine Services (HKLM\...\{DED314CA-0EFE-4593-9D66-EF75E5289A4C}) (Version: 14.0.1000.169 - Microsoft Corporation) Hidden
SQL Server 2017 Database Engine Shared (HKLM\...\{0E22DBB4-691B-400C-B52D-8DFE8EC421AA}) (Version: 14.0.1000.169 - Microsoft Corporation) Hidden
SQL Server 2017 Database Engine Shared (HKLM\...\{793F1C1E-5C83-4E33-A29B-6EAA7C1E791C}) (Version: 14.0.1000.169 - Microsoft Corporation) Hidden
SQL Server 2017 DMF (HKLM\...\{B9998A13-5563-496C-B95E-597FFC70B670}) (Version: 14.0.1000.169 - Microsoft Corporation) Hidden
SQL Server 2017 DMF (HKLM\...\{D7D28BBF-3B0E-43F0-A457-331F1CD9E9EB}) (Version: 14.0.1000.169 - Microsoft Corporation) Hidden
SQL Server 2017 Full text search (HKLM\...\{887B9993-3A2F-43B1-B7C1-B6CCF8B0D0FA}) (Version: 14.0.1000.169 - Microsoft Corporation) Hidden
SQL Server 2017 Full text search (HKLM\...\{C37AD300-12CF-4911-9019-A05D66055EB4}) (Version: 14.0.1000.169 - Microsoft Corporation) Hidden
SQL Server 2017 Shared Management Objects (HKLM\...\{10855B1A-F7F2-4D8A-A725-9287C73BED5A}) (Version: 14.0.1000.169 - Microsoft Corporation) Hidden
SQL Server 2017 Shared Management Objects (HKLM\...\{6CBBF624-696C-499E-948D-ADBAFFA2F548}) (Version: 14.0.1000.169 - Microsoft Corporation) Hidden
SQL Server 2017 Shared Management Objects Extensions (HKLM\...\{8C515C22-BE07-4908-985C-0AA9349E1ED4}) (Version: 14.0.1000.169 - Microsoft Corporation) Hidden
SQL Server 2017 Shared Management Objects Extensions (HKLM\...\{C6D92730-3EC0-47B1-8F6C-6F5635D1EFAC}) (Version: 14.0.1000.169 - Microsoft Corporation) Hidden
SQL Server 2017 SQL Diagnostics (HKLM\...\{DFA6A906-3024-49DE-87AD-750EAED2FA49}) (Version: 14.0.1000.169 - Microsoft Corporation) Hidden
SQL Server 2017 sql_inst_mpy (HKLM\...\{86DE7941-F5F3-48DF-A45F-82FA91217B45}) (Version: 14.0.1000.169 - Microsoft Corporation) Hidden
SQL Server 2017 sql_inst_mpy (HKLM\...\{EE93819A-0492-4720-8721-1D06BF78457F}) (Version: 14.0.1000.169 - Microsoft Corporation) Hidden
SQL Server 2017 sql_inst_mr (HKLM\...\{8868BCE1-8084-4035-AE2A-13765BE09D93}) (Version: 14.0.1000.169 - Microsoft Corporation) Hidden
SQL Server 2017 sql_inst_mr (HKLM\...\{F3C3A536-BF8E-467A-8E33-4C508B8BC52F}) (Version: 14.0.1000.169 - Microsoft Corporation) Hidden
SQL Server 2017 XEvent (HKLM\...\{12D2DB8D-80FF-4152-8F51-EDB3BD3C6976}) (Version: 14.0.1000.169 - Microsoft Corporation) Hidden
SQL Server 2017 XEvent (HKLM\...\{AA2A015C-C210-413B-95F6-BF9D3CDD6E0D}) (Version: 14.0.1000.169 - Microsoft Corporation) Hidden
SWF File Player (HKLM-x32\...\{6A86F611-906C-422D-B34A-103662CBC195}_is1) (Version: - swffileplayer.com)
Total Commander 64-bit (Remove or Repair) (HKLM\...\Totalcmd64) (Version: 9.51 - Ghisler Software GmbH)
Update for 2007 Microsoft Office System (KB967642) (HKLM-x32\...\{90120000-0030-0000-0000-0000000FF1CE}_ENTERPRISE_{C444285D-5E4F-48A4-91DD-47AAAA68E92D}) (Version: - Microsoft)
VLC media player (HKLM-x32\...\VLC media player) (Version: 3.0.6 - VideoLAN)
WavePad Sound Editor (HKLM-x32\...\WavePad) (Version: 8.02 - NCH Software)
WinFlash (HKLM-x32\...\{8F21291E-0444-4B1D-B9F9-4370A73E346D}) (Version: 2.42.0 - ASUS)
WinRAR 5.70 (64-bit) (HKLM\...\WinRAR archiver) (Version: 5.70.0 - win.rar GmbH)

Packages:
=========
ASUS WebStorage -> C:\Program Files\WindowsApps\ASUSCloudCorporation.MobileFileExplorer_1.0.23.178_x86__wk4d32h0cvhem [2014-11-16] (ASUS Cloud Corporation)
Flipboard -> C:\Program Files\WindowsApps\Flipboard.Flipboard_2.0.6.0_neutral__3f5azkryzdbc4 [2014-11-16] (Flipboard)
Fresh Paint -> C:\Program Files\WindowsApps\Microsoft.FreshPaint_2.0.14057.1_x86__8wekyb3d8bbwe [2015-09-02] (Microsoft Corporation)
Games -> C:\Program Files\WindowsApps\Microsoft.XboxLIVEGames_2.0.139.0_x64__8wekyb3d8bbwe [2015-05-13] (Microsoft Corporation) [MS Ad]
Kinect for Windows Framework -> C:\Program Files\WindowsApps\Microsoft.WindowsPreview.Kinect.8.0_2.0.1410.19000_x64__8wekyb3d8bbwe [2015-11-07] (Microsoft Corporation)
Kinect for Windows Framework -> C:\Program Files\WindowsApps\Microsoft.WindowsPreview.Kinect.8.0_2.0.1410.19000_x86__8wekyb3d8bbwe [2015-11-07] (Microsoft Corporation)
Kinect for Windows Framework -> C:\Program Files\WindowsApps\Microsoft.WindowsPreview.Kinect.8.1_2.0.1410.19000_x64__8wekyb3d8bbwe [2015-11-07] (Microsoft Corporation)
Kinect for Windows Framework -> C:\Program Files\WindowsApps\Microsoft.WindowsPreview.Kinect.8.1_2.0.1410.19000_x86__8wekyb3d8bbwe [2015-11-07] (Microsoft Corporation)
Knižnica systému Microsoft Windows pre skript JavaScript -> C:\Program Files\WindowsApps\Microsoft.WinJS.2.0.Preview_1.0.9431.0_neutral__8wekyb3d8bbwe [2015-11-07] (Rozšírenia platformy spoločnosti Microsoft)
Knižnica systému Microsoft Windows pre skript JavaScript -> C:\Program Files\WindowsApps\Microsoft.WinJS.Preview.1_1.0.9345.0_neutral__8wekyb3d8bbwe [2015-11-07] (Microsoft Platform Extensions)
Microsoft PlayReady -> C:\Program Files\WindowsApps\Microsoft.Internal.Media.PlayReadyClient_2.3.1678.1_x64__8wekyb3d8bbwe [2015-11-07] (Microsoft Corporation)
Microsoft PlayReady -> C:\Program Files\WindowsApps\Microsoft.Internal.Media.PlayReadyClient_2.3.1678.1_x86__8wekyb3d8bbwe [2015-11-07] (Microsoft Corporation)
Microsoft Visual C++ Runtime Package -> C:\Program Files\WindowsApps\Microsoft.VCLibs.120.00.Preview.Internal_12.0.20222.2_x64__8wekyb3d8bbwe [2015-11-07] (Microsoft Platform Extensions Internal)
Microsoft Visual C++ Runtime Package -> C:\Program Files\WindowsApps\Microsoft.VCLibs.120.00.Preview.Internal_12.0.20222.2_x86__8wekyb3d8bbwe [2015-11-07] (Microsoft Platform Extensions Internal)
Microsoft Windows Library for JavaScript -> C:\Program Files\WindowsApps\Microsoft.WinJS.2.0.Preview.Internal_1.0.9385.3_neutral__8wekyb3d8bbwe [2015-11-07] (Microsoft Platform Extensions)
Music -> C:\Program Files\WindowsApps\Microsoft.ZuneMusic_2.2.903.0_x64__8wekyb3d8bbwe [2015-05-13] (Microsoft Corporation) [MS Ad]
mxtest2 -> C:\Program Files\WindowsApps\24712m1dfmmengesha.mxtest2_2.0.0.0_neutral__x35ns48czryn0 [2015-11-07] (m1df_mmengesha)
Skype -> C:\Program Files\WindowsApps\Microsoft.SkypeApp_3.0.0.1002_x86__kzf8qxf38zg5c [2014-11-16] (Skype) [MS Ad]
Skype WiFi -> C:\Program Files\WindowsApps\Microsoft.SkypeWiFi_1.2.0.5_x86__kzf8qxf38zg5c [2014-11-16] (Skype)
Test_Framework_BP_052015 -> C:\Program Files\WindowsApps\24712m1dfmmengesha.TestFrameworkBP052015_1.0.0.9_neutral__x35ns48czryn0 [2015-11-07] (m1df_mmengesha)
Test_Framework_win81appxneutral_061115 -> C:\Program Files\WindowsApps\24712m1dfmmengesha.TestFrameworkwin81appxneutral06_4.0.0.7_neutral__x35ns48czryn0 [2015-11-07] (M1DF_Mmengesha)
Test_FrameworkBackpublish_050515 -> C:\Program Files\WindowsApps\24712m1dfmmengesha.TestFrameworkBackpublish050515_1.0.0.0_neutral__x35ns48czryn0 [2015-11-07] (m1df_mmengesha)
Video -> C:\Program Files\WindowsApps\Microsoft.ZuneVideo_2.6.183.0_x64__8wekyb3d8bbwe [2015-05-13] (Microsoft Corporation) [MS Ad]

==================== Custom CLSID (Whitelisted): ==============

(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)

ContextMenuHandlers1: [Foxit_ConvertToPDF_Reader] -> {A94757A0-0226-426F-B4F1-4DF381C630D3} => C:\Program Files (x86)\Foxit Software\Foxit Reader\plugins\ConvertToPDFShellExtension_x64.dll [2018-12-25] (Foxit Software Incorporated -> Foxit Software Inc.)
ContextMenuHandlers1: [Mp3tagShell] -> {6351E20C-35FA-4BE3-98FB-4CABF1363E12} => C:\Program Files (x86)\Mp3tag\Mp3tagShell64.dll [2015-12-19] (Florian Heidenreich) [File not signed]
ContextMenuHandlers1: [PeContextMenuExtension] -> {098A124A-AA1C-38C8-A65E-D1199A14516A} => C:\Program Files (x86)\Common Files\Wondershare\PDFelement\AddIns\PEShellExt_x64.dll [2020-03-31] (Wondershare Technology Co.,Ltd -> Wondershare)
ContextMenuHandlers1: [PhotoStreamsExt] -> {89D984B3-813B-406A-8298-118AFA3A22AE} => C:\Program Files\Common Files\Apple\Internet Services\ShellStreams64.dll [2020-09-08] (Apple Inc. -> Apple Inc.)
ContextMenuHandlers1: [WinRAR] -> {B41DB860-64E4-11D2-9906-E49FADC173CA} => C:\Program Files\WinRAR\rarext.dll [2019-02-24] (win.rar GmbH -> Alexander Roshal)
ContextMenuHandlers1-x32: [WinRAR32] -> {B41DB860-8EE4-11D2-9906-E49FADC173CA} => C:\Program Files\WinRAR\rarext32.dll [2019-02-24] (win.rar GmbH -> Alexander Roshal)
ContextMenuHandlers2: [Mp3tagShell] -> {6351E20C-35FA-4BE3-98FB-4CABF1363E12} => C:\Program Files (x86)\Mp3tag\Mp3tagShell64.dll [2015-12-19] (Florian Heidenreich) [File not signed]
ContextMenuHandlers4: [Mp3tagShell] -> {6351E20C-35FA-4BE3-98FB-4CABF1363E12} => C:\Program Files (x86)\Mp3tag\Mp3tagShell64.dll [2015-12-19] (Florian Heidenreich) [File not signed]
ContextMenuHandlers5: [igfxDTCM] -> {9B5F5829-A529-4B12-814A-E81BCB8D93FC} => C:\Windows\system32\igfxDTCM.dll [2014-11-19] (Microsoft Windows Hardware Compatibility Publisher -> Intel Corporation)
ContextMenuHandlers6: [Foxit_ConvertToPDF_Reader] -> {A94757A0-0226-426F-B4F1-4DF381C630D3} => C:\Program Files (x86)\Foxit Software\Foxit Reader\plugins\ConvertToPDFShellExtension_x64.dll [2018-12-25] (Foxit Software Incorporated -> Foxit Software Inc.)
ContextMenuHandlers6: [WinRAR] -> {B41DB860-64E4-11D2-9906-E49FADC173CA} => C:\Program Files\WinRAR\rarext.dll [2019-02-24] (win.rar GmbH -> Alexander Roshal)
ContextMenuHandlers6-x32: [WinRAR32] -> {B41DB860-8EE4-11D2-9906-E49FADC173CA} => C:\Program Files\WinRAR\rarext32.dll [2019-02-24] (win.rar GmbH -> Alexander Roshal)

==================== Codecs (Whitelisted) ====================

(If an entry is included in the fixlist, the registry item will be restored to default or removed. The file will not be moved.)

HKLM\...\Drivers32: [vidc.iv50] => C:\Windows\SysWOW64\ir50_32original.dll [746496 2013-08-22] (Microsoft Windows -> Intel Corporation)
HKLM\...\Drivers32: [msacm.iac2] => C:\Windows\SysWOW64\iac25_32.ax [197632 2013-08-22] (Microsoft Windows -> Intel Corporation)
HKLM\...\Drivers32: [VIDC.IV41] => C:\Windows\SysWOW64\IR41_32.AX [8704 2014-10-29] (Microsoft Windows -> Microsoft Corporation)

==================== Shortcuts & WMI ========================

(The entries could be listed to be restored or removed.)

Shortcut: C:\Users\uzivatel\Favorites\NCH Software Download Site.lnk -> hxxp://www.nch.com.au/index.htm
ShortcutWithArgument: C:\Users\uzivatel\AppData\Roaming\Microsoft\Internet Explorer\Quick Launch\User Pinned\TaskBar\Microsoft Edge (2).lnk -> C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe (Microsoft Corporation) -> --profile-directory=Default

==================== Loaded Modules (Whitelisted) =============

2020-03-27 21:50 - 2017-08-24 03:13 - 000954368 _____ () [File not signed] C:\Program Files\Microsoft SQL Server\MSSQL14.MSSQLSERVER\MSSQL\Binn\Pythonlauncher.dll
2020-03-27 21:33 - 2017-08-24 03:12 - 000954368 _____ () [File not signed] C:\Program Files\Microsoft SQL Server\MSSQL14.MSSQLSERVER\MSSQL\Binn\RLauncher.dll
2018-03-28 17:22 - 2017-08-24 03:13 - 000954368 _____ () [File not signed] C:\Program Files\Microsoft SQL Server\MSSQL14.SQLEXPRESS\MSSQL\Binn\Pythonlauncher.dll
2018-03-28 17:11 - 2017-08-24 03:12 - 000954368 _____ () [File not signed] C:\Program Files\Microsoft SQL Server\MSSQL14.SQLEXPRESS\MSSQL\Binn\RLauncher.dll
2015-12-19 14:44 - 2015-12-19 14:44 - 000401920 _____ (Florian Heidenreich) [File not signed] C:\Program Files (x86)\Mp3tag\Mp3tagShell64.dll
2021-08-08 18:44 - 2021-08-08 18:44 - 000203096 _____ (Sanem Application Tools Limited -> ChronoSpeedup Works) [File not signed] C:\Users\uzivatel\AppData\Local\ChronoSpeedup\avs.dll

==================== Alternate Data Streams (Whitelisted) ========

==================== Safe Mode (Whitelisted) ==================

(If an entry is included in the fixlist, it will be removed from the registry. The "AlternateShell" will be restored.)

HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\MBAMService => ""="Service"
HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Network\MBAMService => ""="Service"

==================== Association (Whitelisted) =================

==================== Internet Explorer (Whitelisted) ==========

HKU\S-1-5-21-4176085001-3363555415-2058170901-1001\Software\Microsoft\Internet Explorer\Main,Start Page = hxxp://asus13.msn.com/?pc=ASJB
HKU\S-1-5-21-4176085001-3363555415-2058170901-1001\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = hxxp://asus13.msn.com/?pc=ASJB
HKU\S-1-5-21-4176085001-3363555415-2058170901-500\Software\Microsoft\Internet Explorer\Main,Start Page = hxxp://asus13.msn.com/?pc=ASJB
HKU\S-1-5-21-4176085001-3363555415-2058170901-500\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = hxxp://asus13.msn.com/?pc=ASJB
URLSearchHook: [S-1-5-80-1985561900-798682989-2213159822-1904180398-3434236965] ATTENTION => Default URLSearchHook is missing
URLSearchHook: [S-1-5-80-2652535364-2169709536-2857650723-2622804123-1107741775] ATTENTION => Default URLSearchHook is missing
URLSearchHook: [S-1-5-80-3263513310-3392720605-1798839546-683002060-3227631582] ATTENTION => Default URLSearchHook is missing
URLSearchHook: [S-1-5-80-3477044410-376262199-2110164357-2030828471-4165405235] ATTENTION => Default URLSearchHook is missing
URLSearchHook: [S-1-5-80-3880006512-4290199581-1648723128-3569869737-3631323133] ATTENTION => Default URLSearchHook is missing
URLSearchHook: [S-1-5-80-3880718306-3832830129-1677859214-2598158968-1052248003] ATTENTION => Default URLSearchHook is missing
URLSearchHook: [S-1-5-80-3919359670-3540430778-4246408611-3681914861-206046543] ATTENTION => Default URLSearchHook is missing
URLSearchHook: [S-1-5-80-997390408-2153310517-3119169589-2253446180-2226563786] ATTENTION => Default URLSearchHook is missing

==================== Hosts content: =========================

(If needed Hosts: directive could be included in the fixlist to reset Hosts.)

2013-08-22 15:25 - 2021-05-04 20:03 - 000000027 _____ C:\Windows\system32\drivers\etc\hosts
127.0.0.1 localhost

==================== Other Areas ===========================

(Currently there is no automatic fix for this section.)

HKLM\System\CurrentControlSet\Control\Session Manager\Environment\\Path -> C:\Program Files\Microsoft MPI\Bin\;C:\Program Files (x86)\Intel\iCLS Client\;C:\Program Files\Intel\iCLS Client\;%SystemRoot%\system32;%SystemRoot%;%SystemRoot%\System32\Wbem;%SYSTEMROOT%\System32\WindowsPowerShell\v1.0\;C:\Program Files\Intel\Intel(R) Management Engine Components\DAL;C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\DAL;C:\Program Files\Intel\Intel(R) Management Engine Components\IPT;C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\IPT;C:\Program Files\Intel\WiFi\bin\;C:\Program Files\Common Files\Intel\WirelessCommon\;C:\Program Files (x86)\Smart Projects\IsoBuster;C:\Program Files (x86)\Microsoft SQL Server\140\Tools\Binn\;C:\Program Files\Microsoft SQL Server\140\Tools\Binn\;C:\Program Files (x86)\Microsoft SQL Server\140\DTS\Binn\;C:\Program Files\Microsoft SQL Server\140\DTS\Binn\;C:\Program Files\Microsoft SQL Server\Client SDK\ODBC\130\Tools\Binn\;C:\Program Files\Microsoft SQL Server\130\Tools\Binn\;C:\Program Files\Microsoft SQL Server\Client SDK\ODBC\170\Tools\Binn\
HKU\S-1-5-21-4176085001-3363555415-2058170901-1001\Control Panel\Desktop\\Wallpaper -> C:\Users\uzivatel\AppData\Roaming\Microsoft\Windows Photo Viewer\Tapeta programu Windows Photo Viewer.jpg
HKU\S-1-5-21-4176085001-3363555415-2058170901-500\Control Panel\Desktop\\Wallpaper -> C:\Windows\asus\wallpapers\asus.jpg
DNS Servers: 8.8.8.8
HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Policies\System => (ConsentPromptBehaviorAdmin: 5) (ConsentPromptBehaviorUser: 3) (EnableLUA: 1)
HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer => (SmartScreenEnabled: RequireAdmin)
Windows Firewall is enabled.

==================== MSCONFIG/TASK MANAGER disabled items ==

(If an entry is included in the fixlist, it will be removed.)

MSCONFIG\Services: AdobeFlashPlayerUpdateSvc => 3
MSCONFIG\Services: Asus WebStorage Windows Service => 2
MSCONFIG\Services: ServiceLayer => 3
MSCONFIG\Services: SkypeUpdate => 2
HKLM\...\StartupApproved\Run: => "iTunesHelper"
HKLM\...\StartupApproved\Run32: => "GrooveMonitor"
HKU\S-1-5-21-4176085001-3363555415-2058170901-1001\...\StartupApproved\Run: => "PC Suite Tray"
HKU\S-1-5-21-4176085001-3363555415-2058170901-1001\...\StartupApproved\Run: => "iCloudServices"

==================== FirewallRules (Whitelisted) ================

(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)

FirewallRules: [{00064B71-B157-4296-B557-1B5790C7A22A}] => (Allow) C:\Program Files\Intel\WiFi\bin\PanDhcpDns.exe (Intel Corporation-Mobile Wireless Group -> )
FirewallRules: [{CDC23CF8-26ED-4146-AF84-C61C5224D039}] => (Allow) C:\Program Files\Intel Corporation\Intel WiDi\WiDiApp.exe (Intel(R) Wireless Display -> Intel Corporation)
FirewallRules: [{44EC8DD0-D4D8-4E65-88F4-A2B4ADC0F6A3}] => (Allow) C:\Program Files\Intel Corporation\USB over IP\bin\UoipService.exe (Intel(R) Wireless Display -> Intel)
FirewallRules: [{D7FFF49A-1F52-4E26-B9A6-E4DA766FEC3D}] => (Allow) C:\Program Files\Mozilla Firefox\firefox.exe (Mozilla Corporation -> Mozilla Corporation)
FirewallRules: [{8E23E35F-F8AE-4C90-8718-E7FD6017DAFA}] => (Allow) C:\Program Files\Mozilla Firefox\firefox.exe (Mozilla Corporation -> Mozilla Corporation)
FirewallRules: [{1DC6AEFE-FF81-46D4-B274-D2F83EA419B9}] => (Allow) C:\Program Files (x86)\Common Files\Apple\Apple Application Support\APSDaemon.exe (Apple Inc. -> Apple Inc.)
FirewallRules: [{CFB942CC-94F4-49FF-886F-CF2C62D91B98}] => (Allow) C:\Program Files\Microsoft MPI\Bin\msmpilaunchsvc.exe () [File not signed]
FirewallRules: [{C8B507A4-20ED-43EA-883A-52760D526974}] => (Allow) C:\Program Files\Microsoft MPI\Bin\msmpilaunchsvc.exe () [File not signed]
FirewallRules: [{F2D32F0B-74C1-4DD7-AB29-12339BE07A8A}] => (Allow) C:\Program Files\Microsoft MPI\Bin\mpiexec.exe (Microsoft Corporation -> Microsoft Corporation)
FirewallRules: [{7D7B0550-C56E-46FD-BDCA-78FBB6749B16}] => (Allow) C:\Program Files\Microsoft MPI\Bin\mpiexec.exe (Microsoft Corporation -> Microsoft Corporation)
FirewallRules: [{42BEFE17-0576-4BB0-9281-82B806FDF264}] => (Allow) C:\Program Files\Microsoft MPI\Bin\smpd.exe (Microsoft Corporation -> Microsoft Corporation)
FirewallRules: [{F7F5DADB-311C-4209-A324-22437AB8B550}] => (Allow) C:\Program Files\Microsoft MPI\Bin\smpd.exe (Microsoft Corporation -> Microsoft Corporation)
FirewallRules: [{C50432B7-A71F-4386-8DAB-66320D6406CA}] => (Allow) C:\Program Files\Bonjour\mDNSResponder.exe (Apple Inc. -> Apple Inc.)
FirewallRules: [{C5906037-302B-494F-B7C4-547AEF751EDB}] => (Allow) C:\Program Files\Bonjour\mDNSResponder.exe (Apple Inc. -> Apple Inc.)
FirewallRules: [{EE10742C-392D-4081-A4B4-AE5D407D07F0}] => (Allow) C:\Program Files (x86)\Bonjour\mDNSResponder.exe (Apple Inc. -> Apple Inc.)
FirewallRules: [{3EAC0EFC-D28E-4EBF-9057-5F852B5C2739}] => (Allow) C:\Program Files (x86)\Bonjour\mDNSResponder.exe (Apple Inc. -> Apple Inc.)
FirewallRules: [{77EDDA08-40AF-44AA-A872-93B19B8A512E}] => (Allow) C:\Program Files (x86)\MiniTool ShadowMaker\AgentService.exe => No File
FirewallRules: [{6ECF7D9C-214B-46A2-939D-E96C305ED9E2}] => (Allow) C:\Program Files (x86)\MiniTool ShadowMaker\AgentService.exe => No File
FirewallRules: [TCP Query User{430F1CC7-79F0-4BF0-8065-BBD2B5884DD2}C:\program files (x86)\videolan\vlc\vlc.exe] => (Block) C:\program files (x86)\videolan\vlc\vlc.exe (VideoLAN -> VideoLAN)
FirewallRules: [UDP Query User{4BA4B603-A7AE-406B-874F-CADC2C8F3CCE}C:\program files (x86)\videolan\vlc\vlc.exe] => (Block) C:\program files (x86)\videolan\vlc\vlc.exe (VideoLAN -> VideoLAN)
FirewallRules: [{B4B97788-5B36-403F-92EB-C7C280E5B228}] => (Allow) C:\Program Files\iTunes\iTunes.exe (Apple Inc. -> Apple Inc.)
FirewallRules: [TCP Query User{E65DF8D3-A827-4D9E-9424-FBAD8CE26A5A}C:\program files\mozilla firefox\firefox.exe] => (Block) C:\program files\mozilla firefox\firefox.exe (Mozilla Corporation -> Mozilla Corporation)
FirewallRules: [UDP Query User{C6016B80-EB72-45A7-AD1A-F8B39C6842C9}C:\program files\mozilla firefox\firefox.exe] => (Block) C:\program files\mozilla firefox\firefox.exe (Mozilla Corporation -> Mozilla Corporation)

==================== Restore Points =========================

05-09-2021 22:18:43 Scheduled Checkpoint
14-09-2021 16:59:12 Scheduled Checkpoint

==================== Faulty Device Manager Devices ============


==================== Event log errors: ========================

Application errors:
==================
Error: (09/17/2021 07:54:02 PM) (Source: Microsoft-Windows-LoadPerf) (EventID: 3006) (User: NT AUTHORITY)
Description: Unable to read the performance counter strings defined for the 01b language ID. The first DWORD in the Data section contains the Win32 error code.

Error: (09/17/2021 08:00:03 AM) (Source: Microsoft-Windows-LoadPerf) (EventID: 3006) (User: NT AUTHORITY)
Description: Unable to read the performance counter strings defined for the 01b language ID. The first DWORD in the Data section contains the Win32 error code.

Error: (09/16/2021 08:04:00 PM) (Source: Microsoft-Windows-LoadPerf) (EventID: 3006) (User: NT AUTHORITY)
Description: Unable to read the performance counter strings defined for the 01b language ID. The first DWORD in the Data section contains the Win32 error code.

Error: (09/16/2021 04:41:37 PM) (Source: Microsoft-Windows-LoadPerf) (EventID: 3006) (User: NT AUTHORITY)
Description: Unable to read the performance counter strings defined for the 01b language ID. The first DWORD in the Data section contains the Win32 error code.

Error: (09/15/2021 06:01:58 PM) (Source: Microsoft-Windows-LoadPerf) (EventID: 3006) (User: NT AUTHORITY)
Description: Unable to read the performance counter strings defined for the 01b language ID. The first DWORD in the Data section contains the Win32 error code.

Error: (09/15/2021 10:00:14 AM) (Source: Microsoft-Windows-LoadPerf) (EventID: 3006) (User: NT AUTHORITY)
Description: Unable to read the performance counter strings defined for the 01b language ID. The first DWORD in the Data section contains the Win32 error code.

Error: (09/14/2021 04:17:30 PM) (Source: Microsoft-Windows-LoadPerf) (EventID: 3006) (User: NT AUTHORITY)
Description: Unable to read the performance counter strings defined for the 01b language ID. The first DWORD in the Data section contains the Win32 error code.

Error: (09/13/2021 06:22:28 PM) (Source: Microsoft-Windows-LoadPerf) (EventID: 3006) (User: NT AUTHORITY)
Description: Unable to read the performance counter strings defined for the 01b language ID. The first DWORD in the Data section contains the Win32 error code.


System errors:
=============
Error: (09/17/2021 09:28:04 PM) (Source: Application Popup) (EventID: 1060) (User: )
Description: \SystemRoot\SysWow64\Drivers\ISODisk.SYS

Error: (09/17/2021 07:46:53 PM) (Source: Application Popup) (EventID: 1060) (User: )
Description: \SystemRoot\SysWow64\Drivers\ISODisk.SYS

Error: (09/17/2021 02:42:52 PM) (Source: Service Control Manager) (EventID: 7034) (User: )
Description: Služba SQL Server Launchpad (SQLEXPRESS) sa neočakávane ukončila. Služba sa týmto spôsobom ukončila už 1-krát.

Error: (09/17/2021 02:42:52 PM) (Source: Service Control Manager) (EventID: 7034) (User: )
Description: Služba SQL Server Launchpad (MSSQLSERVER) sa neočakávane ukončila. Služba sa týmto spôsobom ukončila už 1-krát.

Error: (09/17/2021 07:52:41 AM) (Source: Application Popup) (EventID: 1060) (User: )
Description: \SystemRoot\SysWow64\Drivers\ISODisk.SYS

Error: (09/16/2021 07:57:17 PM) (Source: Microsoft-Windows-Kernel-General) (EventID: 5) (User: NT AUTHORITY)
Description: 0x8000002a45\??\C:\Windows\AppCompat\Programs\Amcache.hve

Error: (09/16/2021 07:57:01 PM) (Source: Application Popup) (EventID: 1060) (User: )
Description: \SystemRoot\SysWow64\Drivers\ISODisk.SYS

Error: (09/16/2021 04:33:59 PM) (Source: Application Popup) (EventID: 1060) (User: )
Description: \SystemRoot\SysWow64\Drivers\ISODisk.SYS


Windows Defender:
================
Date: 2021-09-01 11:29:07.747
Description:
Windows Defender scan has been stopped before completion.
Scan Type: Antimalware
Scan Parameters: Quick Scan

Date: 2021-08-26 18:40:18.778
Description:
Windows Defender scan has been stopped before completion.
Scan Type: Antimalware
Scan Parameters: Quick Scan

Date: 2021-08-20 21:06:25.874
Description:
Windows Defender scan has been stopped before completion.
Scan Type: Antimalware
Scan Parameters: Quick Scan

Date: 2021-08-17 20:15:31.795
Description:
Windows Defender scan has been stopped before completion.
Scan Type: Antimalware
Scan Parameters: Quick Scan

Date: 2021-08-10 17:48:32.482
Description:
Windows Defender scan has been stopped before completion.
Scan Type: Antimalware
Scan Parameters: Quick Scan

Date: 2021-06-29 17:38:46.130
Description:
Windows Defender has encountered an error trying to update signatures.
New Signature Version:
Previous Signature Version: 1.341.1235.0
Update Source: Microsoft Update Server
Signature Type: AntiVirus
Update Type: Full
Current Engine Version:
Previous Engine Version: 1.1.18200.4
Error code: 0x80070643
Error description: Počas inštalácie sa vyskytla kritická chyba.

Date: 2021-06-29 17:38:46.086
Description:
Windows Defender has encountered an error trying to update signatures.
New Signature Version: 1.343.25.0
Previous Signature Version: 1.341.1235.0
Update Source: User
Signature Type: AntiSpyware
Update Type: Delta
Current Engine Version: 1.1.18300.4
Previous Engine Version: 1.1.18200.4
Error code: 0x80070666
Error description: Už je nainštalovaná iná verzia produktu. Inštaláciu tejto verzie nemožno dokončiť. Ak chcete existujúcu verziu produktu nakonfigurovať alebo odstrániť, použite ovládací panel Pridať alebo odstrániť programy.

Date: 2021-06-29 17:38:46.086
Description:
Windows Defender has encountered an error trying to update signatures.
New Signature Version: 1.343.25.0
Previous Signature Version: 1.341.1235.0
Update Source: User
Signature Type: AntiVirus
Update Type: Delta
Current Engine Version: 1.1.18300.4
Previous Engine Version: 1.1.18200.4
Error code: 0x80070666
Error description: Už je nainštalovaná iná verzia produktu. Inštaláciu tejto verzie nemožno dokončiť. Ak chcete existujúcu verziu produktu nakonfigurovať alebo odstrániť, použite ovládací panel Pridať alebo odstrániť programy.

Date: 2021-06-29 17:38:46.086
Description:
Windows Defender has encountered an error trying to update the engine.
New Engine Version: 1.1.18300.4
Previous Engine Version: 1.1.18200.4
Error Code: 0x80070666
Error description: Už je nainštalovaná iná verzia produktu. Inštaláciu tejto verzie nemožno dokončiť. Ak chcete existujúcu verziu produktu nakonfigurovať alebo odstrániť, použite ovládací panel Pridať alebo odstrániť programy.

Date: 2021-06-07 20:22:41.415
Description:
Windows Defender has encountered an error trying to update signatures.
New Signature Version:
Previous Signature Version: 1.339.1754.0
Update Source: Microsoft Update Server
Signature Type: AntiVirus
Update Type: Full
Current Engine Version:
Previous Engine Version: 1.1.18100.6
Error code: 0x80070643
Error description: Počas inštalácie sa vyskytla kritická chyba.

==================== Memory info ===========================

BIOS: American Megatrends Inc. UX303LAB.210 08/25/2015
Motherboard: ASUSTeK COMPUTER INC. UX303LAB
Processor: Intel(R) Core(TM) i7-5500U CPU @ 2.40GHz
Percentage of memory in use: 25%
Total physical RAM: 12190.62 MB
Available physical RAM: 9135.16 MB
Total Virtual: 14046.62 MB
Available Virtual: 10567.01 MB

==================== Drives ================================

Drive c: (OS) (Fixed) (Total:95.39 GB) (Free:41.45 GB) NTFS ==>[system with boot components (obtained from drive)]
Drive d: (Data) (Fixed) (Total:127.85 GB) (Free:22.29 GB) NTFS

\\?\Volume{b977aa05-4b82-4de1-ac1d-0e7ff201f181}\ (Recovery) (Fixed) (Total:15.01 GB) (Free:3.73 GB) NTFS

==================== MBR & Partition Table ====================

==========================================================
Disk: 0 (Size: 238.5 GB) (Disk ID: 90842B2C)

Partition: GPT.

==================== End of Addition.txt =======================

Uživatelský avatar
Rudy
Site Admin
Site Admin
Příspěvky: 118200
Registrován: 30 říj 2003 13:42
Bydliště: Plzeň
Kontaktovat uživatele:

Re: prosim o kontrolu

#4 Příspěvek od Rudy »

Otevřte poznámkový blok a zkopírujte do něj:
Start

CloseProcesses:
URLSearchHook: [S-1-5-80-1985561900-798682989-2213159822-1904180398-3434236965] ATTENTION => Default URLSearchHook is missing
URLSearchHook: [S-1-5-80-2652535364-2169709536-2857650723-2622804123-1107741775] ATTENTION => Default URLSearchHook is missing
URLSearchHook: [S-1-5-80-3263513310-3392720605-1798839546-683002060-3227631582] ATTENTION => Default URLSearchHook is missing
URLSearchHook: [S-1-5-80-3477044410-376262199-2110164357-2030828471-4165405235] ATTENTION => Default URLSearchHook is missing
URLSearchHook: [S-1-5-80-3880006512-4290199581-1648723128-3569869737-3631323133] ATTENTION => Default URLSearchHook is missing
URLSearchHook: [S-1-5-80-3880718306-3832830129-1677859214-2598158968-1052248003] ATTENTION => Default URLSearchHook is missing
URLSearchHook: [S-1-5-80-3919359670-3540430778-4246408611-3681914861-206046543] ATTENTION => Default URLSearchHook is missing
URLSearchHook: [S-1-5-80-997390408-2153310517-3119169589-2253446180-2226563786] ATTENTION => Default URLSearchHook is missing
FirewallRules: [{77EDDA08-40AF-44AA-A872-93B19B8A512E}] => (Allow) C:\Program Files (x86)\MiniTool ShadowMaker\AgentService.exe => No File
FirewallRules: [{6ECF7D9C-214B-46A2-939D-E96C305ED9E2}] => (Allow) C:\Program Files (x86)\MiniTool ShadowMaker\AgentService.exe => No File
C:\Program Files\Bonjour
GroupPolicy: Restriction ? <==== ATTENTION
Policies: C:\ProgramData\NTUSER.pol: Restriction <==== ATTENTION

EmptyTemp:
End
Uložte na plochu jako fixlist.txt. Spusťte znovu FRST a klikněte na >Fix<. Po skončení akce se objeví log, který sem zkopírujte.
Dotazy a logy vkládejte pouze do vašich threadů. Soukromé zprávy, icq a e-maily neslouží k řešení vašich problémů.

Podpořte, prosím, naše fórum : https://platba.viry.cz/payment/.

Navštivte: Obrázek

e-mail: rudy(zavináč)forum.viry.cz

Varování:
Před odvirováním PC si udělejte zálohy svých důležitých dat (pošta, kontakty, dokumenty, fotografie, videa, hudba apod.). Virus mimo svých "viditelných" aktivit může poškodit systém!


Po dořešení vašeho problému bude vlákno zamknuto. Stejně tak tehdy, pokud bude nečinné více než 14dnů. Pokud budete chtít vlákno aktivovat, napište mi na mail uvedený výše.

talbott
Návštěvník
Návštěvník
Příspěvky: 44
Registrován: 15 pro 2016 19:22

Re: prosim o kontrolu

#5 Příspěvek od talbott »

Fix result of Farbar Recovery Scan Tool (x64) Version: 20-09-2021
Ran by uzivatel (20-09-2021 20:16:27) Run:3
Running from C:\Users\uzivatel\Desktop
Loaded Profiles: uzivatel & Administrator & SQLTELEMETRY$SQLEXPRESS & SQLTELEMETRY & MSSQLFDLauncher & MSSQLLaunchpad & MSSQL$SQLEXPRESS & MSSQLSERVER & MSSQLLaunchpad$SQLEXPRESS & MSSQLFDLauncher$SQLEXPRESS
Boot Mode: Normal
==============================================

fixlist content:
*****************
Start

CloseProcesses:
URLSearchHook: [S-1-5-80-1985561900-798682989-2213159822-1904180398-3434236965] ATTENTION => Default URLSearchHook is missing
URLSearchHook: [S-1-5-80-2652535364-2169709536-2857650723-2622804123-1107741775] ATTENTION => Default URLSearchHook is missing
URLSearchHook: [S-1-5-80-3263513310-3392720605-1798839546-683002060-3227631582] ATTENTION => Default URLSearchHook is missing
URLSearchHook: [S-1-5-80-3477044410-376262199-2110164357-2030828471-4165405235] ATTENTION => Default URLSearchHook is missing
URLSearchHook: [S-1-5-80-3880006512-4290199581-1648723128-3569869737-3631323133] ATTENTION => Default URLSearchHook is missing
URLSearchHook: [S-1-5-80-3880718306-3832830129-1677859214-2598158968-1052248003] ATTENTION => Default URLSearchHook is missing
URLSearchHook: [S-1-5-80-3919359670-3540430778-4246408611-3681914861-206046543] ATTENTION => Default URLSearchHook is missing
URLSearchHook: [S-1-5-80-997390408-2153310517-3119169589-2253446180-2226563786] ATTENTION => Default URLSearchHook is missing
FirewallRules: [{77EDDA08-40AF-44AA-A872-93B19B8A512E}] => (Allow) C:\Program Files (x86)\MiniTool ShadowMaker\AgentService.exe => No File
FirewallRules: [{6ECF7D9C-214B-46A2-939D-E96C305ED9E2}] => (Allow) C:\Program Files (x86)\MiniTool ShadowMaker\AgentService.exe => No File
C:\Program Files\Bonjour
GroupPolicy: Restriction ? <==== ATTENTION
Policies: C:\ProgramData\NTUSER.pol: Restriction <==== ATTENTION

EmptyTemp:
End
*****************

Processes closed successfully.
Could not restore Default URLSearchHook.
Could not restore Default URLSearchHook.
Could not restore Default URLSearchHook.
Could not restore Default URLSearchHook.
Could not restore Default URLSearchHook.
Could not restore Default URLSearchHook.
Could not restore Default URLSearchHook.
Could not restore Default URLSearchHook.
"HKLM\SYSTEM\CurrentControlSet\services\SharedAccess\Parameters\FirewallPolicy\FirewallRules\\{77EDDA08-40AF-44AA-A872-93B19B8A512E}" => removed successfully
"HKLM\SYSTEM\CurrentControlSet\services\SharedAccess\Parameters\FirewallPolicy\FirewallRules\\{6ECF7D9C-214B-46A2-939D-E96C305ED9E2}" => removed successfully
C:\Program Files\Bonjour => moved successfully
C:\Windows\system32\GroupPolicy\Machine => moved successfully
C:\Windows\system32\GroupPolicy\GPT.ini => moved successfully
C:\Windows\SysWOW64\GroupPolicy\GPT.ini => moved successfully
C:\ProgramData\NTUSER.pol => moved successfully

=========== EmptyTemp: ==========

BITS transfer queue => 8388608 B
DOMStore, IE Recovery, AppCache, Feeds Cache, Thumbcache, IconCache => 28382976 B
Java, Flash, Steam htmlcache => 291 B
Windows/system/drivers => 9275595 B
Edge => 0 B
Firefox => 56354369 B
Opera => 0 B

Temp, IE cache, history, cookies, recent:
Default => 0 B
ProgramData => 0 B
Public => 0 B
systemprofile => 128 B
systemprofile32 => 256 B
LocalService => 15804 B
NetworkService => 503654 B
uzivatel => 10219551 B
Administrator => 10219551 B
SQLTELEMETRY$SQLEXPRESS => 10219551 B
SQLTELEMETRY => 10219551 B
MSSQLFDLauncher => 10219551 B
MSSQLLaunchpad => 10219551 B
MSSQL$SQLEXPRESS => 10219551 B
MSSQLSERVER => 10219551 B
MSSQLLaunchpad$SQLEXPRESS => 10219551 B
MSSQLFDLauncher$SQLEXPRESS => 10219551 B

RecycleBin => 0 B
EmptyTemp: => 195.6 MB temporary data Removed.

================================


The system needed a reboot.

==== End of Fixlog 20:16:32 ====

Uživatelský avatar
Rudy
Site Admin
Site Admin
Příspěvky: 118200
Registrován: 30 říj 2003 13:42
Bydliště: Plzeň
Kontaktovat uživatele:

Re: prosim o kontrolu

#6 Příspěvek od Rudy »

Smazáno. Log již vypadá OK.
Dotazy a logy vkládejte pouze do vašich threadů. Soukromé zprávy, icq a e-maily neslouží k řešení vašich problémů.

Podpořte, prosím, naše fórum : https://platba.viry.cz/payment/.

Navštivte: Obrázek

e-mail: rudy(zavináč)forum.viry.cz

Varování:
Před odvirováním PC si udělejte zálohy svých důležitých dat (pošta, kontakty, dokumenty, fotografie, videa, hudba apod.). Virus mimo svých "viditelných" aktivit může poškodit systém!


Po dořešení vašeho problému bude vlákno zamknuto. Stejně tak tehdy, pokud bude nečinné více než 14dnů. Pokud budete chtít vlákno aktivovat, napište mi na mail uvedený výše.

talbott
Návštěvník
Návštěvník
Příspěvky: 44
Registrován: 15 pro 2016 19:22

Re: prosim o kontrolu

#7 Příspěvek od talbott »

dakujem!

Uživatelský avatar
Rudy
Site Admin
Site Admin
Příspěvky: 118200
Registrován: 30 říj 2003 13:42
Bydliště: Plzeň
Kontaktovat uživatele:

Re: prosim o kontrolu

#8 Příspěvek od Rudy »

Nemáte zač! :-)
Dotazy a logy vkládejte pouze do vašich threadů. Soukromé zprávy, icq a e-maily neslouží k řešení vašich problémů.

Podpořte, prosím, naše fórum : https://platba.viry.cz/payment/.

Navštivte: Obrázek

e-mail: rudy(zavináč)forum.viry.cz

Varování:
Před odvirováním PC si udělejte zálohy svých důležitých dat (pošta, kontakty, dokumenty, fotografie, videa, hudba apod.). Virus mimo svých "viditelných" aktivit může poškodit systém!


Po dořešení vašeho problému bude vlákno zamknuto. Stejně tak tehdy, pokud bude nečinné více než 14dnů. Pokud budete chtít vlákno aktivovat, napište mi na mail uvedený výše.

Zamčeno