Odvirování PC, zrychlení počítače, vzdálená pomoc prostřednictvím služby neslape.cz

Prosím o preventivní kontrolu, email mi rozesílá sám zprávy.

Nemáte v tuto chvíli žádný problém s pc a chcete se jen ujistit, že je vše v pořádku?
Vložte log z FRST nebo RSIT.

Moderátor: Moderátoři

Pravidla fóra
Pokud chcete pomoc, vložte log z FRST [návod zde] nebo RSIT [návod zde]

Jednotlivé thready budou po vyřešení uzamčeny. Stejně tak ty, které budou nečinné déle než 14 dní. Vizte Pravidlo o zamykání témat. Děkujeme za pochopení.

!NOVINKA!
Nově lze využívat služby vzdálené pomoci, kdy se k vašemu počítači připojí odborník a bližší informace o problému si od vás získá telefonicky! Více na www.neslape.cz
Zpráva
Autor
Uživatelský avatar
Rudy
Site Admin
Site Admin
Příspěvky: 118197
Registrován: 30 říj 2003 13:42
Bydliště: Plzeň
Kontaktovat uživatele:

Re: Prosím o preventivní kontrolu, email mi rozesílá sám zprávy.

#16 Příspěvek od Rudy »

Celkem ne, jen pár AdWarů a zbytečnosti. Doporučil bych si změnit heslo na mail
Dotazy a logy vkládejte pouze do vašich threadů. Soukromé zprávy, icq a e-maily neslouží k řešení vašich problémů.

Podpořte, prosím, naše fórum : https://platba.viry.cz/payment/.

Navštivte: Obrázek

e-mail: rudy(zavináč)forum.viry.cz

Varování:
Před odvirováním PC si udělejte zálohy svých důležitých dat (pošta, kontakty, dokumenty, fotografie, videa, hudba apod.). Virus mimo svých "viditelných" aktivit může poškodit systém!


Po dořešení vašeho problému bude vlákno zamknuto. Stejně tak tehdy, pokud bude nečinné více než 14dnů. Pokud budete chtít vlákno aktivovat, napište mi na mail uvedený výše.

Johny2005
Vzorný návštěvník
Vzorný návštěvník
Příspěvky: 41
Registrován: 14 led 2006 12:43

Re: Prosím o preventivní kontrolu, email mi rozesílá sám zprávy.

#17 Příspěvek od Johny2005 »

Tu změnu hesla jsem již dělal, to jsem psal již v předchozím příspěvku. Tak zatím moc děkuji a já sem pak hodím ještě log z toho druhého PC, až budu u něj.
Díky
Avenger --- CCleaner --- Gmer --- Killbox --- MBAM --- OTM --- RSIT --- VirusTotal --- WinXP Manager

Varování !!! [/color][/b]Před odvirováním Vašeho PC si zálohujte svá data, mohlo by dojít ke ztrátě !!!

Podpořte prosím naše forum: PODPOŘTE FORUM

Uživatelský avatar
Rudy
Site Admin
Site Admin
Příspěvky: 118197
Registrován: 30 říj 2003 13:42
Bydliště: Plzeň
Kontaktovat uživatele:

Re: Prosím o preventivní kontrolu, email mi rozesílá sám zprávy.

#18 Příspěvek od Rudy »

Nemáte zač! Nechám to tu otevřené. :)
Dotazy a logy vkládejte pouze do vašich threadů. Soukromé zprávy, icq a e-maily neslouží k řešení vašich problémů.

Podpořte, prosím, naše fórum : https://platba.viry.cz/payment/.

Navštivte: Obrázek

e-mail: rudy(zavináč)forum.viry.cz

Varování:
Před odvirováním PC si udělejte zálohy svých důležitých dat (pošta, kontakty, dokumenty, fotografie, videa, hudba apod.). Virus mimo svých "viditelných" aktivit může poškodit systém!


Po dořešení vašeho problému bude vlákno zamknuto. Stejně tak tehdy, pokud bude nečinné více než 14dnů. Pokud budete chtít vlákno aktivovat, napište mi na mail uvedený výše.

Johny2005
Vzorný návštěvník
Vzorný návštěvník
Příspěvky: 41
Registrován: 14 led 2006 12:43

Re: Prosím o preventivní kontrolu, email mi rozesílá sám zprávy.

#19 Příspěvek od Johny2005 »

Tak jsem se konečně dostal k tomu druhému PC. U tohoto stroje také často vypadává internet, ale může to být způsobené spíše routerem, tak uvidíme. Prosím tedy o kontrolu. Díky

Scan result of Farbar Recovery Scan Tool (FRST) (x64) Version: 08-07-2020 01
Ran by Johnny (administrator) on JOHNNY-PC (MSI MS-7972) (19-07-2020 15:56:11)
Running from C:\Users\Johnny\Desktop
Loaded Profiles: Johnny
Platform: Windows 7 Ultimate N Service Pack 1 (X64) Language: English (United States)
Internet Explorer Version 11 (Default browser: FF)
Boot Mode: Normal
Tutorial for Farbar Recovery Scan Tool: http://www.geekstogo.com/forum/topic/33 ... scan-tool/

==================== Processes (Whitelisted) =================

(If an entry is included in the fixlist, the process will be closed. The file will not be moved.)

(Avira Operations GmbH & Co. KG -> Avira Operations GmbH & Co. KG) C:\Program Files (x86)\Avira\Antivirus\avgnt.exe
(Avira Operations GmbH & Co. KG -> Avira Operations GmbH & Co. KG) C:\Program Files (x86)\Avira\Antivirus\avguard.exe
(Avira Operations GmbH & Co. KG -> Avira Operations GmbH & Co. KG) C:\Program Files (x86)\Avira\Antivirus\avshadow.exe
(Avira Operations GmbH & Co. KG -> Avira Operations GmbH & Co. KG) C:\Program Files (x86)\Avira\Antivirus\sched.exe
(Avira Operations GmbH & Co. KG -> Avira Operations GmbH & Co. KG) C:\Program Files (x86)\Avira\Launcher\Avira.ServiceHost.exe
(Avira Operations GmbH & Co. KG -> Avira Operations GmbH & Co. KG) C:\Program Files (x86)\Avira\Launcher\Avira.Systray.exe
(Avira Operations GmbH & Co. KG -> Avira Operations GmbH & Co. KG) C:\Program Files (x86)\Avira\SoftwareUpdater\Avira.SoftwareUpdater.ServiceHost.exe
(Google LLC -> ) C:\Program Files\Google\Drive\googledrivesync.exe <2>
(Google LLC -> Google LLC) C:\Program Files (x86)\Google\Update\1.3.35.452\GoogleCrashHandler.exe
(Google LLC -> Google LLC) C:\Program Files (x86)\Google\Update\1.3.35.452\GoogleCrashHandler64.exe
(Huawei Software Technologies Co., LTD. -> ) C:\Program Files (x86)\HiSuite\HandSetService\HuaweiHiSuiteService64.exe
(Intel Corporation - Embedded Subsystems and IP Blocks Group -> Intel Corporation) C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\DAL\jhi_service.exe
(Intel Corporation - Embedded Subsystems and IP Blocks Group -> Intel Corporation) C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\LMS\LMS.exe
(Intel(R) pGFX -> Intel Corporation) C:\Windows\System32\igfxCUIService.exe
(Intel(R) pGFX -> Intel Corporation) C:\Windows\System32\igfxEM.exe
(McAfee, Inc. -> McAfee, LLC.) C:\Program Files\McAfee\TrueKey\McAfee.TrueKey.Service.exe
(McAfee, Inc. -> McAfee, LLC.) C:\Program Files\McAfee\TrueKey\McAfee.TrueKey.ServiceHelper.exe
(McAfee, Inc. -> McAfee, LLC.) C:\Program Files\McAfee\TrueKey\McTkSchedulerService.exe
(Microsoft Corporation -> Microsoft Corporation) C:\Program Files\Common Files\Microsoft Shared\OfficeSoftwareProtectionPlatform\OSPPSVC.EXE
(Microsoft Corporation -> Microsoft Corporation) C:\Windows\Microsoft.NET\Framework64\v3.0\WPF\PresentationFontCache.exe
(Microsoft Windows -> Microsoft Corporation) C:\Windows\System32\rundll32.exe
(MICRO-STAR INTERNATIONAL CO., LTD. -> MSI) C:\Program Files (x86)\MSI\Super Charger\ChargeService.exe
(Mozilla Corporation -> Mozilla Corporation) C:\Program Files\Mozilla Firefox\firefox.exe <7>
(Piriform Ltd -> Piriform Ltd) C:\Program Files\CCleaner\CCleaner64.exe

==================== Registry (Whitelisted) ===================

(If an entry is included in the fixlist, the registry item will be restored to default or removed. The file will not be moved.)

HKLM-x32\...\Run: [Avira SystrayStartTrigger] => C:\Program Files (x86)\Avira\Launcher\Avira.SystrayStartTrigger.exe [705720 2020-06-26] (Avira Operations GmbH & Co. KG -> Avira Operations GmbH & Co. KG)
HKLM-x32\...\Run: [QuickTime Task] => C:\Program Files (x86)\QuickTime\QTTask.exe [421888 2010-11-29] (Apple Inc.) [File not signed]
HKU\S-1-5-21-2350607292-2742822079-1077346085-1000\...\Run: [CCleaner Monitoring] => C:\Program Files\CCleaner\CCleaner64.exe [7404312 2015-01-20] (Piriform Ltd -> Piriform Ltd)
HKU\S-1-5-21-2350607292-2742822079-1077346085-1000\...\Run: [GoogleDriveSync] => C:\Program Files\Google\Drive\googledrivesync.exe [48594832 2020-06-15] (Google LLC -> )
HKU\S-1-5-21-2350607292-2742822079-1077346085-1000\...\MountPoints2: {dfdb7522-ada5-11e7-831c-4ccc6a4b57c8} - G:\HiSuiteDownLoader.exe
HKU\S-1-5-21-2350607292-2742822079-1077346085-1000\...\MountPoints2: {e7df6e9a-49d9-11e7-a304-4ccc6a4b57c8} - F:\HiSuiteDownLoader.exe
HKU\S-1-5-21-2350607292-2742822079-1077346085-1000\...\MountPoints2: {e7df6ea8-49d9-11e7-a304-4ccc6a4b57c8} - F:\HiSuiteDownLoader.exe
HKU\S-1-5-18\...\RunOnce: [SPReview] => C:\Windows\System32\SPReview\SPReview.exe [301568 2016-10-13] (Microsoft Windows -> Microsoft Corporation)
HKLM\...\Print\Monitors\HP B011 Status Monitor: C:\Windows\system32\hpinkstsB011LM.dll [328552 2012-01-11] (Hewlett Packard -> Hewlett-Packard Co.)
HKLM\...\Print\Monitors\HP Discovery Port Monitor (HP Deskjet 3520 series): C:\Windows\system32\HPDiscoPMB011.dll [712552 2012-01-31] (Hewlett Packard -> Hewlett-Packard Co.)
HKLM\Software\...\Authentication\Credential Providers: [{B7724AE5-1135-4889-8A5F-CA98BE6CA1ED}] -> C:\Program Files\McAfee\TrueKey\McAfee.TrueKey.CredentialProvider.dll [2019-03-09] (McAfee, Inc. -> McAfee, LLC.)
Lsa: [Notification Packages] scecli C:\Program Files\TrueKey\McAfeeTrueKeyPasswordFilter "C:\Program Files\TrueKey\McAfeeTrueKeyPasswordFilter" "C:\Program Files\McAfee\TrueKey\McAfeeTrueKeyPasswordFilter"
Startup: C:\Users\Johnny\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup\Monitor Ink Alerts - HP Deskjet 3520 series.lnk [2020-07-19]
ShortcutAndArgument: Monitor Ink Alerts - HP Deskjet 3520 series.lnk -> C:\Windows\system32\RunDll32.exe => "C:\Program Files\HP\HP Deskjet 3520 series\bin\HPStatusBL.dll",RunDLLEntry SERIALNUMBER=CN2AG1572005SZ;CONNECTION=USB;MONITOR=1;

==================== Scheduled Tasks (Whitelisted) ============

(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)

Task: {081E696E-C859-424C-AB5B-C8B5433EC2A7} - System32\Tasks\IUM-F1E24CA0-B63E-4F13-A9E3-4ADE3BFF3473 => C:\Program Files (x86)\Intel\Intel(R) Update Manager\bin\iumsvc.exe [177376 2016-08-12] (Intel(R) Update Manager -> Intel Corporation)
Task: {28E15F76-434B-47A4-BE24-A0AB6C71E54F} - System32\Tasks\GoogleUpdateTaskMachineUA => C:\Program Files (x86)\Google\Update\GoogleUpdate.exe [154920 2019-05-25] (Google Inc -> Google LLC)
Task: {46689C52-352C-405C-9394-F9A099D0CFCA} - System32\Tasks\CCleanerSkipUAC => C:\Program Files\CCleaner\CCleaner.exe [5496600 2015-01-20] (Piriform Ltd -> Piriform Ltd)
Task: {6EFA9E4B-2400-4431-9FDE-2C2D28FF0965} - System32\Tasks\Avira_Antivirus_Systray => C:\Program Files (x86)\Avira\Antivirus\avgnt.exe [2758696 2020-07-14] (Avira Operations GmbH & Co. KG -> Avira Operations GmbH & Co. KG)
Task: {7BC036CF-01AA-40F0-88F5-88404D521F47} - System32\Tasks\HPCustParticipation HP Deskjet 3520 series => C:\Program Files\HP\HP Deskjet 3520 series\Bin\HPCustPartic.exe [4078440 2012-01-31] (Hewlett Packard -> Hewlett-Packard Co.)
Task: {7D7B227F-A945-4DC1-96E5-73A3A8C99932} - System32\Tasks\AutoKMS => C:\Windows\AutoKMS.exe [647168 2016-10-12] () [File not signed]
Task: {846E67B5-4C57-48AD-8DA7-FB347894BFE2} - System32\Tasks\McAfee Remediation (Prepare) => C:\Program Files\Common Files\AV\McAfee VirusScan\upgrade.exe [4639280 2018-12-02] (McAfee, Inc. -> McAfee, Inc.)
Task: {AC6E13FB-8B74-4E9C-A6A4-EBB7C91C8614} - System32\Tasks\{D649253E-049B-4DB9-AD7C-B5377A9780C6} => C:\Windows\system32\pcalua.exe -a C:\Users\Johnny\Desktop\Sonic.Projects.OP-X.PRO.II.v1.0.Incl.Keygen-AiR\Setup.exe -d C:\Users\Johnny\Desktop\Sonic.Projects.OP-X.PRO.II.v1.0.Incl.Keygen-AiR
Task: {BD025BC3-F4A3-462A-A203-5A2B075633CC} - System32\Tasks\{585550C6-D85C-496F-9AD0-145358AB9E7A} => C:\Windows\system32\pcalua.exe -a C:\Users\Johnny\Desktop\Superwave\superwave_p8.exe -d C:\Users\Johnny\Desktop\Superwave
Task: {BD617A25-655E-42E9-BA39-143A2DAF4A40} - System32\Tasks\AutoKMSDaily => C:\Windows\AutoKMS.exe [647168 2016-10-12] () [File not signed]
Task: {EE5CE10A-9378-409B-A16B-8A6B160FF6F2} - System32\Tasks\IUM-F1E24CA0-B63E-4F13-A9E3-4ADE3BFF3473-Logon => C:\Program Files (x86)\Intel\Intel(R) Update Manager\bin\iumsvc.exe [177376 2016-08-12] (Intel(R) Update Manager -> Intel Corporation)
Task: {F56E3B6C-70B3-4146-B5CA-6C5E717BC168} - System32\Tasks\GoogleUpdateTaskMachineCore => C:\Program Files (x86)\Google\Update\GoogleUpdate.exe [154920 2019-05-25] (Google Inc -> Google LLC)
Task: {F97C4C9C-9389-41B2-9E30-E590D9707550} - System32\Tasks\Intel PTT EK Recertification => C:\Program Files\Intel\iCLS Client\IntelPTTEKRecertification.exe [855352 2016-02-19] (Intel(R) Trusted Connect Service -> Intel(R) Corporation)

(If an entry is included in the fixlist, the task (.job) file will be moved. The file which is running by the task will not be moved.)

Task: C:\Windows\Tasks\AutoKMS.job => C:\Windows\AutoKMS.exe
Task: C:\Windows\Tasks\AutoKMSDaily.job => C:\Windows\AutoKMS.exe

==================== Internet (Whitelisted) ====================

(If an item is included in the fixlist, if it is a registry item it will be removed or restored to default.)

Tcpip\Parameters: [DhcpNameServer] 192.168.1.1 0.0.0.0
Tcpip\..\Interfaces\{102B50F1-2CA0-45AC-843B-8F31B1D85734}: [DhcpNameServer] 192.168.1.1 0.0.0.0

Internet Explorer:
==================
SearchScopes: HKLM -> DefaultScope {0633EE93-D776-472f-A0FF-E1416B8B2E3A} URL =
SearchScopes: HKLM -> {0633EE93-D776-472f-A0FF-E1416B8B2E3A} URL =
SearchScopes: HKLM-x32 -> DefaultScope {0633EE93-D776-472f-A0FF-E1416B8B2E3A} URL =
SearchScopes: HKLM-x32 -> {0633EE93-D776-472f-A0FF-E1416B8B2E3A} URL =
BHO: True Key Helper -> {0F4B8786-5502-4803-8EBC-F652A1153BB6} -> C:\Program Files\McAfee\TrueKey\MSIE\truekey_ie64.dll [2018-04-23] (McAfee, Inc. -> Intel Security)
BHO: Groove GFS Browser Helper -> {72853161-30C5-4D22-B7F9-0BBC1D38A37E} -> C:\Program Files\Microsoft Office\Office14\GROOVEEX.DLL [2013-12-19] (Microsoft Corporation -> Microsoft Corporation)
BHO: Office Document Cache Handler -> {B4F3A835-0E21-4959-BA22-42B3008E02FF} -> C:\Program Files\Microsoft Office\Office14\URLREDIR.DLL [2013-03-06] (Microsoft Corporation -> Microsoft Corporation)
BHO-x32: True Key Helper -> {0F4B8786-5502-4803-8EBC-F652A1153BB6} -> C:\Program Files\McAfee\TrueKey\MSIE\truekey_ie.dll [2018-04-23] (McAfee, Inc. -> Intel Security)
BHO-x32: Adobe PDF Link Helper -> {18DF081C-E8AD-4283-A596-FA578C2EBDC3} -> C:\Program Files (x86)\Common Files\Adobe\Acrobat\ActiveX\AcroIEHelperShim.dll [2009-02-27] (Adobe Systems, Incorporated -> Adobe Systems Incorporated)
BHO-x32: Groove GFS Browser Helper -> {72853161-30C5-4D22-B7F9-0BBC1D38A37E} -> C:\Program Files (x86)\Microsoft Office\Office14\GROOVEEX.DLL [2013-12-19] (Microsoft Corporation -> Microsoft Corporation)
BHO-x32: Office Document Cache Handler -> {B4F3A835-0E21-4959-BA22-42B3008E02FF} -> C:\Program Files (x86)\Microsoft Office\Office14\URLREDIR.DLL [2013-03-06] (Microsoft Corporation -> Microsoft Corporation)
Toolbar: HKLM - True Key - {4BAAC1B8-0800-42C9-8FA6-08B211F356B8} - C:\Program Files\McAfee\TrueKey\MSIE\truekey_ie64.dll [2018-04-23] (McAfee, Inc. -> Intel Security)
Toolbar: HKLM-x32 - True Key - {4BAAC1B8-0800-42C9-8FA6-08B211F356B8} - C:\Program Files\McAfee\TrueKey\MSIE\truekey_ie.dll [2018-04-23] (McAfee, Inc. -> Intel Security)
Toolbar: HKU\S-1-5-21-2350607292-2742822079-1077346085-1000 -> True Key - {4BAAC1B8-0800-42C9-8FA6-08B211F356B8} - C:\Program Files\McAfee\TrueKey\MSIE\truekey_ie64.dll [2018-04-23] (McAfee, Inc. -> Intel Security)

FireFox:
========
FF DefaultProfile: cwp2avjo.default
FF ProfilePath: C:\Users\Johnny\AppData\Roaming\Mozilla\Firefox\Profiles\cwp2avjo.default [2020-07-19]
FF DownloadDir: C:\Users\Johnny\Desktop
FF Homepage: Mozilla\Firefox\Profiles\cwp2avjo.default -> www.seznam.cz
FF Notifications: Mozilla\Firefox\Profiles\cwp2avjo.default -> hxxps://www.tipsport.cz; hxxps://www.podnikatel.cz
FF Extension: (Avira Browser Safety) - C:\Users\Johnny\AppData\Roaming\Mozilla\Firefox\Profiles\cwp2avjo.default\Extensions\abs@avira.com.xpi [2020-05-27]
FF Extension: (Avira SafeSearch Plus) - C:\Users\Johnny\AppData\Roaming\Mozilla\Firefox\Profiles\cwp2avjo.default\Extensions\safesearchplus2@avira.com.xpi [2019-06-15] [UpdateUrl:hxxps://package.avira.com/package/safesearch/firefox/update-plus2.json]
FF Extension: (Download YouTube Videos as MP4) - C:\Users\Johnny\AppData\Roaming\Mozilla\Firefox\Profiles\cwp2avjo.default\Extensions\{b9bfaf1c-a63f-47cd-8b9a-29526ced9060}.xpi [2017-02-14] [Legacy]
FF Extension: (Video DownloadHelper) - C:\Users\Johnny\AppData\Roaming\Mozilla\Firefox\Profiles\cwp2avjo.default\Extensions\{b9db16a4-6edc-47ec-a1f4-b86292ed211d}.xpi [2020-03-31]
FF Extension: (No Name) - C:\Users\Johnny\AppData\Roaming\Mozilla\Firefox\Profiles\cwp2avjo.default\Extensions\{d10d0bf8-f5b5-c8b4-a8b2-2b9879e08c5d}.xpi [2020-07-14]
FF Plugin: @microsoft.com/GENUINE -> disabled [No File]
FF Plugin: @Microsoft.com/NpCtrl,version=1.0 -> C:\Program Files\Microsoft Silverlight\5.1.50907.0\npctrl.dll [2017-05-03] (Microsoft Corporation -> Microsoft Corporation)
FF Plugin: @microsoft.com/OfficeAuthz,version=14.0 -> C:\PROGRA~1\MICROS~2\Office14\NPAUTHZ.DLL [2010-01-09] (Microsoft Corporation -> Microsoft Corporation)
FF Plugin-x32: @microsoft.com/GENUINE -> disabled [No File]
FF Plugin-x32: @Microsoft.com/NpCtrl,version=1.0 -> C:\Program Files (x86)\Microsoft Silverlight\5.1.50907.0\npctrl.dll [2017-05-03] (Microsoft Corporation -> Microsoft Corporation)
FF Plugin-x32: @microsoft.com/OfficeAuthz,version=14.0 -> C:\PROGRA~2\MICROS~1\Office14\NPAUTHZ.DLL [2010-01-09] (Microsoft Corporation -> Microsoft Corporation)
FF Plugin-x32: @microsoft.com/SharePoint,version=14.0 -> C:\PROGRA~2\MICROS~1\Office14\NPSPWRAP.DLL [2010-03-24] (Microsoft Corporation -> Microsoft Corporation)
FF Plugin-x32: @videolan.org/vlc,version=3.0.1 -> C:\Program Files (x86)\VideoLAN\VLC\npvlc.dll [2018-02-27] (VideoLAN -> VideoLAN)

Chrome:
=======
CHR HKLM\...\Chrome\Extension: [flliilndjeohchalpbbcdekjklbdgfkk]
CHR HKLM\...\Chrome\Extension: [ipmkfpcnmccejididiaagpgchgjfajgp]
CHR HKLM-x32\...\Chrome\Extension: [flliilndjeohchalpbbcdekjklbdgfkk]
CHR HKLM-x32\...\Chrome\Extension: [ipmkfpcnmccejididiaagpgchgjfajgp]

==================== Services (Whitelisted) ===================

(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)

S2 AntiVirMailService; C:\Program Files (x86)\Avira\Antivirus\avmailc7.exe [1208848 2020-07-14] (Avira Operations GmbH & Co. KG -> Avira Operations GmbH & Co. KG)
R2 AntiVirSchedulerService; C:\Program Files (x86)\Avira\Antivirus\sched.exe [484616 2020-07-14] (Avira Operations GmbH & Co. KG -> Avira Operations GmbH & Co. KG)
R2 AntiVirService; C:\Program Files (x86)\Avira\Antivirus\avguard.exe [484616 2020-07-14] (Avira Operations GmbH & Co. KG -> Avira Operations GmbH & Co. KG)
S2 AntiVirWebService; C:\Program Files (x86)\Avira\Antivirus\avwebg7.exe [573944 2020-07-02] (Avira Operations GmbH & Co. KG -> Avira Operations GmbH & Co. KG)
R2 Avira.ServiceHost; C:\Program Files (x86)\Avira\Launcher\Avira.ServiceHost.exe [634064 2020-06-26] (Avira Operations GmbH & Co. KG -> Avira Operations GmbH & Co. KG)
R2 AviraUpdaterService; C:\Program Files (x86)\Avira\SoftwareUpdater\Avira.SoftwareUpdater.ServiceHost.exe [159856 2020-06-19] (Avira Operations GmbH & Co. KG -> Avira Operations GmbH & Co. KG)
R2 HuaweiHiSuiteService64.exe; C:\Program Files (x86)\HiSuite\HandSetService\HuaweiHiSuiteService64.exe [192200 2017-04-11] (Huawei Software Technologies Co., LTD. -> )
S3 IDriverT; C:\Program Files (x86)\Common Files\InstallShield\Driver\11\Intel 32\IDriverT.exe [69632 2005-04-04] (Macrovision Corporation) [File not signed]
R2 igfxCUIService2.0.0.0; C:\Windows\system32\igfxCUIService.exe [341984 2016-12-06] (Intel(R) pGFX -> Intel Corporation)
S3 iumsvc; C:\Program Files (x86)\Intel\Intel(R) Update Manager\bin\iumsvc.exe [177376 2016-08-12] (Intel(R) Update Manager -> Intel Corporation)
R2 MSI_SuperCharger; C:\Program Files (x86)\MSI\Super Charger\ChargeService.exe [163280 2015-05-18] (MICRO-STAR INTERNATIONAL CO., LTD. -> MSI)
R2 TrueKey; C:\Program Files\McAfee\TrueKey\McAfee.TrueKey.Service.exe [421432 2019-03-09] (McAfee, Inc. -> McAfee, LLC.)
R2 TrueKeyScheduler; C:\Program Files\McAfee\TrueKey\McTkSchedulerService.exe [421432 2019-03-09] (McAfee, Inc. -> McAfee, LLC.)
R2 TrueKeyServiceHelper; C:\Program Files\McAfee\TrueKey\McAfee.TrueKey.ServiceHelper.exe [194168 2019-03-09] (McAfee, Inc. -> McAfee, LLC.)
S3 WinDefend; C:\Program Files\Windows Defender\mpsvc.dll [1011712 2013-05-27] (Microsoft Windows -> Microsoft Corporation)

===================== Drivers (Whitelisted) ===================

(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)

R0 avdevprot; C:\Windows\System32\DRIVERS\avdevprot.sys [68152 2019-06-14] (Avira Operations GmbH & Co. KG -> Avira Operations GmbH & Co. KG)
R2 avgntflt; C:\Windows\System32\DRIVERS\avgntflt.sys [222688 2020-06-25] (Avira Operations GmbH & Co. KG -> Avira Operations GmbH & Co. KG)
R1 avipbb; C:\Windows\System32\DRIVERS\avipbb.sys [178720 2020-05-06] (Avira Operations GmbH & Co. KG -> Avira Operations GmbH & Co. KG)
R1 avkmgr; C:\Windows\System32\DRIVERS\avkmgr.sys [36072 2019-02-21] (Avira Operations GmbH & Co. KG -> Avira Operations GmbH & Co. KG)
R2 avnetflt; C:\Windows\System32\DRIVERS\avnetflt.sys [78600 2017-03-28] (Avira Operations GmbH & Co. KG -> Avira Operations GmbH & Co. KG)
R0 avusbflt; C:\Windows\System32\Drivers\avusbflt.sys [35376 2019-02-21] (Avira Operations GmbH & Co. KG -> Avira Operations GmbH & Co. KG)
S3 ew_usbccgpfilter; C:\Windows\System32\DRIVERS\ew_usbccgpfilter.sys [18944 2017-04-11] (Microsoft Windows Hardware Compatibility Publisher -> Huawei Technologies Co., Ltd.)
U5 hw_usbdev; C:\Windows\System32\Drivers\hw_usbdev.sys [116864 2017-04-11] (Microsoft Windows Hardware Compatibility Publisher -> Huawei Technologies Co., Ltd.)
R3 NTIOLib_1_0_3; C:\Program Files (x86)\MSI\Super Charger\NTIOLib_X64.sys [13368 2012-10-25] (MICRO-STAR INTERNATIONAL CO., LTD. -> MSI)
R3 t_mouse.sys; C:\Windows\System32\DRIVERS\t_mouse.sys [6144 2012-12-19] (Microsoft Windows Hardware Compatibility Publisher -> )
S3 WDC_SAM; C:\Windows\System32\DRIVERS\wdcsam64.sys [23200 2015-04-30] (Microsoft Windows Hardware Compatibility Publisher -> Western Digital Technologies)
S3 MSICDSetup; \??\E:\CDriver64.sys [X]
S3 NTIOLib_1_0_C; \??\E:\NTIOLib_X64.sys [X]
S3 Synth3dVsc; System32\drivers\synth3dvsc.sys [X]
S3 tsusbhub; system32\drivers\tsusbhub.sys [X]
S3 VGPU; System32\drivers\rdvgkmd.sys [X]

==================== NetSvcs (Whitelisted) ===================

(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)


==================== One month (created) ===================

(If an entry is included in the fixlist, the file/folder will be moved.)

2020-07-19 15:56 - 2020-07-19 15:56 - 000019230 _____ C:\Users\Johnny\Desktop\FRST.txt
2020-07-19 15:55 - 2020-07-19 15:56 - 000000000 ____D C:\FRST
2020-07-19 15:41 - 2020-07-19 15:41 - 002292736 _____ (Farbar) C:\Users\Johnny\Desktop\FRST64.exe
2020-07-02 15:44 - 2020-07-02 18:37 - 000000000 ____D C:\Program Files (x86)\Mozilla Thunderbird
2020-07-01 15:54 - 2020-07-03 11:12 - 000000000 ____D C:\Users\Johnny\Desktop\Stolní na na prodej
2020-07-01 15:30 - 2020-07-01 15:30 - 000000000 ____D C:\Users\Johnny\Desktop\Skalka

==================== One month (modified) ==================

(If an entry is included in the fixlist, the file/folder will be moved.)

2020-07-19 15:52 - 2016-11-21 20:05 - 000000000 ____D C:\Users\Johnny\AppData\LocalLow\Mozilla
2020-07-19 14:27 - 2009-07-14 06:50 - 000015152 ____H C:\Windows\system32\7B296FB0-376B-497e-B012-9C450E1B7327-5P-1.C7483456-A289-439d-8115-601632D005A0
2020-07-19 14:27 - 2009-07-14 06:50 - 000015152 ____H C:\Windows\system32\7B296FB0-376B-497e-B012-9C450E1B7327-5P-0.C7483456-A289-439d-8115-601632D005A0
2020-07-19 14:26 - 2016-12-22 09:31 - 000668564 _____ C:\Windows\system32\perfh005.dat
2020-07-19 14:26 - 2016-12-22 09:31 - 000141210 _____ C:\Windows\system32\perfc005.dat
2020-07-19 14:26 - 2009-07-14 07:12 - 001583226 _____ C:\Windows\system32\PerfStringBackup.INI
2020-07-19 14:26 - 2009-07-14 05:20 - 000000000 ____D C:\Windows\inf
2020-07-19 14:22 - 2016-10-12 20:36 - 000078848 _____ C:\Windows\KMSEmulator.exe
2020-07-19 14:22 - 2016-10-12 20:36 - 000002740 _____ C:\Windows\system32\Tasks\AutoKMSDaily
2020-07-19 14:22 - 2016-10-12 20:36 - 000000202 _____ C:\Windows\Tasks\AutoKMSDaily.job
2020-07-19 14:22 - 2016-10-12 20:36 - 000000202 _____ C:\Windows\Tasks\AutoKMS.job
2020-07-19 14:22 - 2016-10-12 19:33 - 000000000 __SHD C:\Users\Johnny\IntelGraphicsProfiles
2020-07-19 14:21 - 2019-05-27 11:14 - 000000000 ___RD C:\Users\Johnny\Google Drive
2020-07-19 14:21 - 2009-07-14 07:08 - 000000006 ____H C:\Windows\Tasks\SA.DAT
2020-07-14 11:45 - 2016-12-22 01:30 - 000000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Avira
2020-07-14 11:34 - 2020-04-09 22:47 - 000000000 ____D C:\Program Files\Mozilla Firefox
2020-07-14 11:34 - 2016-10-12 21:00 - 000000000 ____D C:\Program Files (x86)\Mozilla Maintenance Service
2020-07-08 12:57 - 2016-10-12 19:27 - 000000000 ____D C:\ProgramData\Package Cache
2020-07-05 10:05 - 2019-05-25 13:05 - 000002000 _____ C:\Users\Public\Desktop\Google Slides.lnk
2020-07-05 10:05 - 2019-05-25 13:05 - 000001998 _____ C:\Users\Public\Desktop\Google Sheets.lnk
2020-07-05 10:05 - 2019-05-25 13:05 - 000001988 _____ C:\Users\Public\Desktop\Google Docs.lnk
2020-07-05 10:05 - 2019-05-25 13:05 - 000000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Backup and Sync from Google
2020-07-02 15:59 - 2020-06-04 19:11 - 000000000 ____D C:\Users\Johnny\Desktop\Prodej přebytků
2020-07-02 15:40 - 2019-02-14 14:01 - 000000000 ____D C:\Users\Johnny\Desktop\Seznamy
2020-07-01 15:57 - 2016-12-20 13:21 - 000000020 ____H C:\ProgramData\PKP_DLet.DAT
2020-07-01 15:20 - 2019-09-13 09:22 - 000148387 _____ C:\Users\Johnny\Desktop\Tržby Náměstí.xlsx
2020-06-29 17:47 - 2016-10-12 20:46 - 000000000 ___RD C:\Users\Johnny\Desktop\Různé
2020-06-29 17:43 - 2017-06-05 16:36 - 000000000 ____D C:\Users\Johnny\Documents\HiSuite
2020-06-25 11:08 - 2016-12-22 01:38 - 000222688 _____ (Avira Operations GmbH & Co. KG) C:\Windows\system32\Drivers\avgntflt.sys
2020-06-20 13:17 - 2009-07-14 07:08 - 000032564 _____ C:\Windows\Tasks\SCHEDLGU.TXT
2020-06-19 16:31 - 2018-05-15 18:03 - 000000000 ____D C:\Users\Johnny\AppData\Local\CrashDumps

==================== Files in the root of some directories ========

2016-12-20 13:21 - 2016-12-20 13:21 - 000000268 ___RH () C:\Users\Johnny\AppData\Roaming\Helper Scripts
2016-12-20 13:21 - 2016-12-20 13:21 - 000000268 ___RH () C:\Users\Johnny\AppData\Roaming\Hip Hop
2016-12-20 13:21 - 2016-12-20 13:21 - 000000268 ___RH () C:\Users\Johnny\AppData\Roaming\Home
2017-07-24 10:39 - 2017-07-24 10:40 - 000000000 _____ () C:\Users\Johnny\AppData\Local\{F1FD15D2-A3EA-4CAD-9CA0-F13410F7BF21}

==================== SigCheck ============================

(There is no automatic fix for files that do not pass verification.)


LastRegBack: 2020-07-13 18:43
==================== End of FRST.txt ========================
Avenger --- CCleaner --- Gmer --- Killbox --- MBAM --- OTM --- RSIT --- VirusTotal --- WinXP Manager

Varování !!! [/color][/b]Před odvirováním Vašeho PC si zálohujte svá data, mohlo by dojít ke ztrátě !!!

Podpořte prosím naše forum: PODPOŘTE FORUM

Johny2005
Vzorný návštěvník
Vzorný návštěvník
Příspěvky: 41
Registrován: 14 led 2006 12:43

Re: Prosím o preventivní kontrolu, email mi rozesílá sám zprávy.

#20 Příspěvek od Johny2005 »

Additional scan result of Farbar Recovery Scan Tool (x64) Version: 08-07-2020 01
Ran by Johnny (19-07-2020 15:57:01)
Running from C:\Users\Johnny\Desktop
Windows 7 Ultimate N Service Pack 1 (X64) (2016-10-12 17:22:51)
Boot Mode: Normal
==========================================================


==================== Accounts: =============================

Administrator (S-1-5-21-2350607292-2742822079-1077346085-500 - Administrator - Disabled)
Guest (S-1-5-21-2350607292-2742822079-1077346085-501 - Limited - Disabled)
Johnny (S-1-5-21-2350607292-2742822079-1077346085-1000 - Administrator - Enabled) => C:\Users\Johnny

==================== Security Center ========================

(If an entry is included in the fixlist, it will be removed.)

AV: Avira Antivirus (Enabled - Up to date) {8EAC8D5C-B3AA-95AA-3DF1-2845CDD09CBE}
AS: Avira Antivirus (Enabled - Up to date) {35CD6CB8-9590-9A24-0741-1337B657D603}
AS: Windows Defender (Disabled - Out of date) {D68DDC3A-831F-4fae-9E44-DA132C1ACF46}

==================== Installed Programs ======================

(Only the adware programs with "Hidden" flag could be added to the fixlist to unhide them. The adware programs should be uninstalled manually.)

7-Zip 16.03 (x64) (HKLM\...\7-Zip) (Version: 16.03 - Igor Pavlov)
Adobe Reader 9.1 (HKLM-x32\...\{AC76BA86-7AD7-1033-7B44-A91000000001}) (Version: 9.1.0 - Adobe Systems Incorporated)
Apple Application Support (HKLM-x32\...\{EE6097DD-05F4-4178-9719-D3170BF098E8}) (Version: 1.4.1 - Apple Inc.)
ARP2600 V2 2.0 (HKLM-x32\...\ARP2600 V2_is1) (Version: - Arturia)
Arturia Moog Modular V2 v1.0 (HKLM-x32\...\Arturia Moog Modular V2 v1.0) (Version: - )
Arturia Prophet V VSTi RTAS v1.2.1 (HKLM-x32\...\Arturia Prophet V VSTi RTAS_is1) (Version: - )
ASIO4ALL (HKLM-x32\...\ASIO4ALL) (Version: 2.10 - Michael Tippach)
Avira (HKLM-x32\...\{ca8bf656-4912-4f9e-904d-09fd450cf44a}) (Version: 1.2.147.35397 - Avira Operations GmbH & Co. KG)
Avira (HKLM-x32\...\{F45723FF-ED60-422B-AB16-538648BBCD02}) (Version: 1.2.147.35397 - Avira Operations GmbH & Co. KG) Hidden
Avira Antivirus (HKLM-x32\...\Avira Antivirus) (Version: 15.0.2007.1910 - Avira Operations GmbH & Co. KG)
Avira Software Updater (HKLM-x32\...\{BBD09B2A-FCDB-4CDE-8614-8C608EA68E94}) (Version: 2.0.6.34011 - Avira Operations GmbH & Co. KG)
Backup and Sync from Google (HKLM\...\{01D33BEA-673C-439C-A7C7-DE5B236DB842}) (Version: 3.50.3166.0017 - Google, Inc.)
CCleaner (HKLM\...\CCleaner) (Version: 5.02 - Piriform)
ConvertHelper 3.2 (HKLM\...\{27CC6AB1-E72B-4179-AF1A-EAE507EBAF52}}_is1) (Version: - DownloadHelper)
CPUID CPU-Z MSI 1.76 (HKLM\...\CPUID CPU-Z MSI_is1) (Version: 1.76 - CPUID, Inc.)
CS-80 V3 (HKLM\...\CS-80 V3_is1) (Version: 3.3.0.1391 - Arturia & Team V.R)
D-Fend Reloaded 1.4.4 (Odinstalovat) (HKLM-x32\...\D-Fend Reloaded) (Version: 1.4.4 - Alexander Herzog)
eLicenser Control (HKLM-x32\...\eLicenser Control) (Version: - Steinberg Media Technologies GmbH)
FL Studio 10 (HKLM-x32\...\FL Studio 10) (Version: - Image-Line)
GForce - Oddity (HKLM-x32\...\Oddity) (Version: - )
Google Update Helper (HKLM-x32\...\{60EC980A-BDA2-4CB6-A427-B07A5498B4CA}) (Version: 1.3.35.451 - Google LLC) Hidden
HiSuite (HKLM-x32\...\Hi Suite) (Version: 1.0 - Huawei Technologies Co.,Ltd)
HP Deskjet 3520 series Basic Device Software (HKLM\...\{E80963EC-EED7-411A-8AC0-149EC57FB0F9}) (Version: 27.0.847.0 - Hewlett-Packard Co.)
HP Deskjet 3520 series Help (HKLM-x32\...\{C13E1F46-84FE-4D3B-8581-0F2F624C7EEC}) (Version: 27.0.0 - Hewlett Packard)
HP Deskjet 3520 series Product Improvement Study (HKLM\...\{177F4FEE-E119-4AB7-9B32-ECF6A1D03719}) (Version: 27.0.847.0 - Hewlett-Packard Co.)
HP Deskjet 3520 series Setup Guide (HKLM-x32\...\{AEEDCEB7-00B8-4BE1-B492-AB04803D5F1E}) (Version: 27.0.0 - Hewlett Packard)
HP Update (HKLM-x32\...\{6F1C00D2-25C2-4CBA-8126-AE9A6E2E9CD5}) (Version: 5.003.003.001 - Hewlett-Packard)
IL Download Manager (HKLM-x32\...\IL Download Manager) (Version: - Image-Line)
Intel(R) Chipset Device Software (HKLM-x32\...\{c7f54569-0018-439c-809a-48046a4d4ebc}) (Version: 10.1.1.9 - Intel(R) Corporation) Hidden
Intel(R) Management Engine Components (HKLM\...\{1CEAC85D-2590-4760-800F-8DE5E91F3700}) (Version: 11.0.6.1194 - Intel Corporation)
Intel(R) Processor Graphics (HKLM-x32\...\{F0E3AD40-2BBD-4360-9C76-B9AC9A5886EA}) (Version: 21.20.16.4534 - Intel Corporation)
Intel(R) Update Manager (HKLM-x32\...\{7224B7CE-196C-4E2A-A1AE-1D7BF259FD36}) (Version: 3.4.1942 - Intel Corporation)
Intel(R) USB 3.0 eXtensible Host Controller Driver (HKLM-x32\...\{240C3DDD-C5E9-4029-9DF7-95650D040CF2}) (Version: 4.0.0.36 - Intel Corporation)
Jupiter-8V2 2.0 (HKLM-x32\...\Jupiter-8V2_is1) (Version: - Arturia)
M30 Reverb (HKLM-x32\...\M30 Reverb) (Version: 1.0.0.1 - TC Electronic)
McAfee True Key (HKLM\...\TrueKey) (Version: 5.3.138.1 - McAfee, LLC)
Microsoft .NET Framework 4.7 (čeština) (HKLM\...\{92FB6C44-E685-45AD-9B20-CADF4CABA132} - 1029) (Version: 4.7.02053 - Microsoft Corporation)
Microsoft .NET Framework 4.7 (HKLM\...\{92FB6C44-E685-45AD-9B20-CADF4CABA132} - 1033) (Version: 4.7.02053 - Microsoft Corporation)
Microsoft Office Professional Plus 2010 (HKLM\...\Office14.PROPLUSR) (Version: 14.0.7015.1000 - Microsoft Corporation)
Microsoft Silverlight (HKLM\...\{89F4137D-6C26-4A84-BDB8-2E5A4BB71E00}) (Version: 5.1.50907.0 - Microsoft Corporation)
Microsoft Visual C++ 2005 Redistributable (HKLM-x32\...\{710f4c1c-cc18-4c49-8cbf-51240c89a1a2}) (Version: 8.0.61001 - Microsoft Corporation)
Microsoft Visual C++ 2005 Redistributable (HKLM-x32\...\{7299052b-02a4-4627-81f2-1818da5d550d}) (Version: 8.0.56336 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.17 (HKLM-x32\...\{9A25302D-30C0-39D9-BD6F-21E6EC160475}) (Version: 9.0.30729 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.6161 (HKLM-x32\...\{9BE518E6-ECC6-35A9-88E4-87755C07200F}) (Version: 9.0.30729.6161 - Microsoft Corporation)
Microsoft Visual C++ 2010 x64 Redistributable - 10.0.40219 (HKLM\...\{1D8E6291-B0D5-35EC-8441-6616F567A0F7}) (Version: 10.0.40219 - Microsoft Corporation)
Microsoft Visual C++ 2010 x86 Redistributable - 10.0.40219 (HKLM-x32\...\{F0C3E5D1-1ADE-321E-8167-68EF0DE699A5}) (Version: 10.0.40219 - Microsoft Corporation)
Microsoft Visual C++ 2013 Redistributable (x64) - 12.0.30501 (HKLM-x32\...\{050d4fc8-5d48-4b8f-8972-47c82c46020f}) (Version: 12.0.30501.0 - Microsoft Corporation)
Microsoft Visual C++ 2015 Redistributable (x64) - 14.0.23506 (HKLM-x32\...\{3ee5e5bb-b7cc-4556-8861-a00a82977d6c}) (Version: 14.0.23506.0 - Microsoft Corporation)
Microsoft Visual C++ 2015 Redistributable (x86) - 14.0.24215 (HKLM-x32\...\{e2803110-78b3-4664-a479-3611a381656a}) (Version: 14.0.24215.1 - Microsoft Corporation)
Microsoft Visual Studio 2010 Tools for Office Runtime (x64) (HKLM\...\Microsoft Visual Studio 2010 Tools for Office Runtime (x64)) (Version: 10.0.50903 - Microsoft Corporation)
Mozilla Firefox 78.0.2 (x64 cs) (HKLM\...\Mozilla Firefox 78.0.2 (x64 cs)) (Version: 78.0.2 - Mozilla)
Mozilla Maintenance Service (HKLM\...\MozillaMaintenanceService) (Version: 68.4.2 - Mozilla)
Mozilla Thunderbird 68.10.0 (x86 cs) (HKLM-x32\...\Mozilla Thunderbird 68.10.0 (x86 cs)) (Version: 68.10.0 - Mozilla)
MSXML 4.0 SP2 (KB954430) (HKLM-x32\...\{86493ADD-824D-4B8E-BD72-8C5DCDC52A71}) (Version: 4.20.9870.0 - Microsoft Corporation)
MSXML 4.0 SP2 (KB973688) (HKLM-x32\...\{F662A8E6-F4DC-41A2-901E-8C11F044BDEC}) (Version: 4.20.9876.0 - Microsoft Corporation)
N.I Pro-53 v3.0-OxYGeN (HKLM-x32\...\N.I Pro-53 v3.0-OxYGeN) (Version: - )
Native Instruments FM7 (HKLM-x32\...\Native Instruments FM7) (Version: - )
Native Instruments FM8 (HKLM-x32\...\Native Instruments FM8) (Version: - )
Native Instruments Massive v1.0.1.008 VSTi DXi RTAS (HKLM-x32\...\Native Instruments Massive v1.0.1.008 VSTi DXi RTAS) (Version: - )
Picture Control Utility (HKLM-x32\...\{87441A59-5E64-4096-A170-14EFE67200C3}) (Version: 1.2.2 - Nikon)
PSD Codec by Ardfry Imaging, LLC (32 bit) (HKLM-x32\...\{345E25C8-EC20-45D5-A088-C5891FC603D4}) (Version: 1.0.15.0 - Ardfry Imaging, LLC) Hidden
PSD Codec by Ardfry Imaging, LLC (64 bit) (HKLM\...\{AD4E43FF-20E5-4E91-9B10-5BFAB7F66EE2}) (Version: 1.0.15.0 - Ardfry Imaging, LLC) Hidden
PSD CODEC Version 1.6.1.0 (HKLM\...\Ardfry PSD CODEC_is1) (Version: 1.6.1.0 - Ardfry Imaging, LLC)
QuickTime (HKLM-x32\...\{57752979-A1C9-4C02-856B-FBB27AC4E02C}) (Version: 7.69.80.9 - Apple Inc.)
Realtek Ethernet Controller Driver (HKLM-x32\...\{8833FFB6-5B0C-4764-81AA-06DFEED9A476}) (Version: 7.97.1001.2015 - Realtek)
Realtek High Definition Audio Driver (HKLM-x32\...\{F132AF7F-7BCA-4EDE-8A7C-958108FE7DBC}) (Version: 6.0.1.7730 - Realtek Semiconductor Corp.)
rgcAudio z3ta Plus v1.40 (HKLM-x32\...\rgcAudio z3ta Plus v1.40) (Version: - )
Service Pack 2 for Microsoft Office 2010 (KB2687455) 64-Bit Edition (HKLM\...\{91140000-0011-0000-1000-0000000FF1CE}_Office14.PROPLUSR_{A3364707-2F53-4C83-8F68-C9877A9080C7}) (Version: - Microsoft)
SES Driver (HKLM\...\{D8CC254C-C671-4664-9A38-FA368D1E2C97}) (Version: 1.0.0 - Western Digital)
SonicProjects OP-X PRO-II (HKLM\...\OP-X PRO-II_is1) (Version: 1.2.5 - Team V.R)
Total Commander (Remove or Repair) (HKLM-x32\...\Totalcmd) (Version: - )
TubeOhm ANTI-TRANSPIRANT/Stepper4free (HKLM-x32\...\TUBEOHM A-T and Stepper4free_is1) (Version: - )
VdhCoApp 1.3.0 (HKLM\...\weh-iss-net.downloadhelper.coapp_is1) (Version: - DownloadHelper)
ViewNX 2 (HKLM-x32\...\{DDD62492-32A7-412B-8AF1-2CF032AD42E3}) (Version: 2.1.2 - Nikon)
VLC media player (HKLM-x32\...\VLC media player) (Version: 3.0.1 - VideoLAN)
Waldorf PPG Wave 2.V v1.2 (HKLM-x32\...\Waldorf PPG Wave 2.V v1.2) (Version: - )
Windows Driver Package - Western Digital Technologies (WDC_SAM) WDC_SAM (01/19/2011 1.0.0009.0) (HKLM\...\4CA7CFBB29889F25ACB3DF6E3A42BAE29EB43B20) (Version: 01/19/2011 1.0.0009.0 - Western Digital Technologies)
Z3TA+ 2 (HKLM-x32\...\Z3TA+ 2_is1) (Version: 2.1 - Cakewalk Music Software)
Zip Motion Block Video codec (Remove Only) (HKLM-x32\...\ZMBV) (Version: - DOSBox Team)

==================== Custom CLSID (Whitelisted): ==============

(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)

ShellExecuteHooks: Groove GFS Stub Execution Hook - {B5A7F190-DDA6-4420-B3BA-52453494E6CD} - C:\Program Files\Microsoft Office\Office14\GROOVEEX.DLL [6671064 2013-12-19] (Microsoft Corporation -> Microsoft Corporation)
ShellExecuteHooks-x32: Groove GFS Stub Execution Hook - {B5A7F190-DDA6-4420-B3BA-52453494E6CD} - C:\Program Files (x86)\Microsoft Office\Office14\GROOVEEX.DLL [4171480 2013-12-19] (Microsoft Corporation -> Microsoft Corporation)
ShellIconOverlayIdentifiers: [ GoogleDriveBlacklisted] -> {81539FE6-33C7-4CE7-90C7-1C7B8F2F2D42} => C:\Program Files\Google\Drive\googledrivesync64.dll [2020-06-15] (Google LLC -> Google)
ShellIconOverlayIdentifiers: [ GoogleDriveSynced] -> {81539FE6-33C7-4CE7-90C7-1C7B8F2F2D40} => C:\Program Files\Google\Drive\googledrivesync64.dll [2020-06-15] (Google LLC -> Google)
ShellIconOverlayIdentifiers: [ GoogleDriveSyncing] -> {81539FE6-33C7-4CE7-90C7-1C7B8F2F2D41} => C:\Program Files\Google\Drive\googledrivesync64.dll [2020-06-15] (Google LLC -> Google)
ContextMenuHandlers1: [7-Zip] -> {23170F69-40C1-278A-1000-000100020000} => C:\Program Files\7-Zip\7-zip.dll [2016-09-28] (Igor Pavlov) [File not signed]
ContextMenuHandlers1: [GDContextMenu] -> {BB02B294-8425-42E5-983F-41A1FA970CD6} => C:\Program Files\Google\Drive\contextmenu64.dll [2020-06-15] (Google LLC -> Google)
ContextMenuHandlers1: [Shell Extension for Malware scanning] -> {45AC2688-0253-4ED8-97DE-B5370FA7D48A} => C:\Program Files (x86)\Avira\Antivirus\shlext64.dll [2020-07-14] (Avira Operations GmbH & Co. KG -> Avira Operations GmbH & Co. KG)
ContextMenuHandlers4: [7-Zip] -> {23170F69-40C1-278A-1000-000100020000} => C:\Program Files\7-Zip\7-zip.dll [2016-09-28] (Igor Pavlov) [File not signed]
ContextMenuHandlers4: [GDContextMenu] -> {BB02B294-8425-42E5-983F-41A1FA970CD6} => C:\Program Files\Google\Drive\contextmenu64.dll [2020-06-15] (Google LLC -> Google)
ContextMenuHandlers5: [igfxcui] -> {3AB1675A-CCFF-11D2-8B20-00A0C93CB1F4} => -> No File
ContextMenuHandlers5: [igfxDTCM] -> {9B5F5829-A529-4B12-814A-E81BCB8D93FC} => C:\Windows\system32\igfxDTCM.dll [2016-12-06] (Microsoft Windows Hardware Compatibility Publisher -> Intel Corporation)
ContextMenuHandlers6: [7-Zip] -> {23170F69-40C1-278A-1000-000100020000} => C:\Program Files\7-Zip\7-zip.dll [2016-09-28] (Igor Pavlov) [File not signed]
ContextMenuHandlers6: [Shell Extension for Malware scanning] -> {45AC2688-0253-4ED8-97DE-B5370FA7D48A} => C:\Program Files (x86)\Avira\Antivirus\shlext64.dll [2020-07-14] (Avira Operations GmbH & Co. KG -> Avira Operations GmbH & Co. KG)

==================== Codecs (Whitelisted) ====================

(If an entry is included in the fixlist, the registry item will be restored to default or removed. The file will not be moved.)

HKLM\...\Drivers32: [VIDC.ZMBV] => C:\Windows\SysWOW64\zmbv.dll [94208 2010-04-09] () [File not signed]
HKLM\...\Drivers32: [msacm.vorbis] => C:\Windows\SysWOW64\vorbis.acm [1554944 2009-09-15] (HMS hxxp://hp.vector.co.jp/authors/VA012897/) [File not signed]

==================== Shortcuts & WMI ========================

(The entries could be listed to be restored or removed.)

Shortcut: C:\Users\Johnny\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Image-Line\FL Studio 10\Image-Line website.lnk -> hxxp://www.image-line.com
Shortcut: C:\Users\Johnny\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Image-Line\FL Studio 10\Advanced\Diagnostic.lnk -> hxxp://www.image-line.com/diagnosti
Shortcut: C:\Users\Johnny\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Image-Line\FL Studio 10\Additional\Download Deckadance.lnk -> hxxp://www.deckadance.com
Shortcut: C:\Users\Johnny\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Image-Line\FL Studio 10\Additional\SynthMaker website.lnk -> hxxp://www.synthmaker.co.uk

==================== Loaded Modules (Whitelisted) =============

2015-01-21 04:06 - 2015-01-21 04:06 - 000053248 _____ () [File not signed] C:\Program Files\CCleaner\lang\lang-1029.dll
2020-07-19 14:21 - 2020-07-19 14:21 - 000114176 _____ () [File not signed] C:\Users\Johnny\AppData\Local\Temp\_MEI12482\_ctypes.pyd
2020-07-19 14:21 - 2020-07-19 14:21 - 000172544 _____ () [File not signed] C:\Users\Johnny\AppData\Local\Temp\_MEI12482\_elementtree.pyd
2020-07-19 14:21 - 2020-07-19 14:21 - 002250240 _____ () [File not signed] C:\Users\Johnny\AppData\Local\Temp\_MEI12482\_hashlib.pyd
2020-07-19 14:21 - 2020-07-19 14:21 - 000032256 _____ () [File not signed] C:\Users\Johnny\AppData\Local\Temp\_MEI12482\_multiprocessing.pyd
2020-07-19 14:21 - 2020-07-19 14:21 - 000046080 _____ () [File not signed] C:\Users\Johnny\AppData\Local\Temp\_MEI12482\_psutil_windows.pyd
2020-07-19 14:21 - 2020-07-19 14:21 - 000047616 _____ () [File not signed] C:\Users\Johnny\AppData\Local\Temp\_MEI12482\_socket.pyd
2020-07-19 14:21 - 2020-07-19 14:21 - 002819584 _____ () [File not signed] C:\Users\Johnny\AppData\Local\Temp\_MEI12482\_ssl.pyd
2020-07-19 14:21 - 2020-07-19 14:21 - 000026112 _____ () [File not signed] C:\Users\Johnny\AppData\Local\Temp\_MEI12482\_yappi.pyd
2020-07-19 14:21 - 2020-07-19 14:21 - 000080896 _____ () [File not signed] C:\Users\Johnny\AppData\Local\Temp\_MEI12482\bz2.pyd
2020-07-19 14:21 - 2020-07-19 14:21 - 000016384 _____ () [File not signed] C:\Users\Johnny\AppData\Local\Temp\_MEI12482\common.time34.pyd
2020-07-19 14:21 - 2020-07-19 14:21 - 000007680 _____ () [File not signed] C:\Users\Johnny\AppData\Local\Temp\_MEI12482\hashobjs_ext.pyd
2020-07-19 14:21 - 2020-07-19 14:21 - 000301568 _____ () [File not signed] C:\Users\Johnny\AppData\Local\Temp\_MEI12482\PIL._imaging.pyd
2020-07-19 14:21 - 2020-07-19 14:21 - 000168448 _____ () [File not signed] C:\Users\Johnny\AppData\Local\Temp\_MEI12482\pyexpat.pyd
2020-07-19 14:21 - 2020-07-19 14:21 - 001084416 _____ () [File not signed] C:\Users\Johnny\AppData\Local\Temp\_MEI12482\pysqlite2._sqlite.pyd
2020-07-19 14:21 - 2020-07-19 14:21 - 000548864 _____ () [File not signed] C:\Users\Johnny\AppData\Local\Temp\_MEI12482\pythoncom27.dll
2020-07-19 14:21 - 2020-07-19 14:21 - 000137728 _____ () [File not signed] C:\Users\Johnny\AppData\Local\Temp\_MEI12482\pywintypes27.dll
2020-07-19 14:21 - 2020-07-19 14:21 - 000010752 _____ () [File not signed] C:\Users\Johnny\AppData\Local\Temp\_MEI12482\select.pyd
2020-07-19 14:21 - 2020-07-19 14:21 - 000020992 _____ () [File not signed] C:\Users\Johnny\AppData\Local\Temp\_MEI12482\thumbnails_ext.pyd
2020-07-19 14:21 - 2020-07-19 14:21 - 000689664 _____ () [File not signed] C:\Users\Johnny\AppData\Local\Temp\_MEI12482\unicodedata.pyd
2020-07-19 14:21 - 2020-07-19 14:21 - 000119808 _____ () [File not signed] C:\Users\Johnny\AppData\Local\Temp\_MEI12482\usb_ext.pyd
2020-07-19 14:21 - 2020-07-19 14:21 - 000128512 _____ () [File not signed] C:\Users\Johnny\AppData\Local\Temp\_MEI12482\win32api.pyd
2020-07-19 14:21 - 2020-07-19 14:21 - 000438784 _____ () [File not signed] C:\Users\Johnny\AppData\Local\Temp\_MEI12482\win32com.shell.shell.pyd
2020-07-19 14:21 - 2020-07-19 14:21 - 000011776 _____ () [File not signed] C:\Users\Johnny\AppData\Local\Temp\_MEI12482\win32crypt.pyd
2020-07-19 14:21 - 2020-07-19 14:21 - 000023040 _____ () [File not signed] C:\Users\Johnny\AppData\Local\Temp\_MEI12482\win32event.pyd
2020-07-19 14:21 - 2020-07-19 14:21 - 000149504 _____ () [File not signed] C:\Users\Johnny\AppData\Local\Temp\_MEI12482\win32file.pyd
2020-07-19 14:21 - 2020-07-19 14:21 - 000223232 _____ () [File not signed] C:\Users\Johnny\AppData\Local\Temp\_MEI12482\win32gui.pyd
2020-07-19 14:21 - 2020-07-19 14:21 - 000048128 _____ () [File not signed] C:\Users\Johnny\AppData\Local\Temp\_MEI12482\win32inet.pyd
2020-07-19 14:21 - 2020-07-19 14:21 - 000029696 _____ () [File not signed] C:\Users\Johnny\AppData\Local\Temp\_MEI12482\win32pdh.pyd
2020-07-19 14:21 - 2020-07-19 14:21 - 000027648 _____ () [File not signed] C:\Users\Johnny\AppData\Local\Temp\_MEI12482\win32pipe.pyd
2020-07-19 14:21 - 2020-07-19 14:21 - 000044032 _____ () [File not signed] C:\Users\Johnny\AppData\Local\Temp\_MEI12482\win32process.pyd
2020-07-19 14:21 - 2020-07-19 14:21 - 000020480 _____ () [File not signed] C:\Users\Johnny\AppData\Local\Temp\_MEI12482\win32profile.pyd
2020-07-19 14:21 - 2020-07-19 14:21 - 000136192 _____ () [File not signed] C:\Users\Johnny\AppData\Local\Temp\_MEI12482\win32security.pyd
2020-07-19 14:21 - 2020-07-19 14:21 - 000026624 _____ () [File not signed] C:\Users\Johnny\AppData\Local\Temp\_MEI12482\win32ts.pyd
2020-07-19 14:21 - 2020-07-19 14:21 - 000034816 _____ () [File not signed] C:\Users\Johnny\AppData\Local\Temp\_MEI12482\windows.conditional.pyd
2020-07-19 14:21 - 2020-07-19 14:21 - 000038400 _____ () [File not signed] C:\Users\Johnny\AppData\Local\Temp\_MEI12482\windows.connectivity.pyd
2020-07-19 14:21 - 2020-07-19 14:21 - 000071680 _____ () [File not signed] C:\Users\Johnny\AppData\Local\Temp\_MEI12482\windows.device_monitor.pyd
2020-07-19 14:21 - 2020-07-19 14:21 - 000109056 _____ () [File not signed] C:\Users\Johnny\AppData\Local\Temp\_MEI12482\windows.volumes.pyd
2020-07-19 14:21 - 2020-07-19 14:21 - 000020480 _____ () [File not signed] C:\Users\Johnny\AppData\Local\Temp\_MEI12482\windows.winwrap.pyd
2020-07-19 14:21 - 2020-07-19 14:21 - 001325056 _____ () [File not signed] C:\Users\Johnny\AppData\Local\Temp\_MEI12482\wx._controls_.pyd
2020-07-19 14:21 - 2020-07-19 14:21 - 001489408 _____ () [File not signed] C:\Users\Johnny\AppData\Local\Temp\_MEI12482\wx._core_.pyd
2020-07-19 14:21 - 2020-07-19 14:21 - 001007104 _____ () [File not signed] C:\Users\Johnny\AppData\Local\Temp\_MEI12482\wx._gdi_.pyd
2020-07-19 14:21 - 2020-07-19 14:21 - 000103424 _____ () [File not signed] C:\Users\Johnny\AppData\Local\Temp\_MEI12482\wx._html2.pyd
2020-07-19 14:21 - 2020-07-19 14:21 - 000916992 _____ () [File not signed] C:\Users\Johnny\AppData\Local\Temp\_MEI12482\wx._misc_.pyd
2020-07-19 14:21 - 2020-07-19 14:21 - 001039872 _____ () [File not signed] C:\Users\Johnny\AppData\Local\Temp\_MEI12482\wx._windows_.pyd
2016-10-20 20:52 - 2016-09-28 10:54 - 000076800 _____ (Igor Pavlov) [File not signed] C:\Program Files\7-Zip\7-zip.dll
2017-04-21 13:24 - 2017-04-21 13:24 - 000112128 _____ (Microsoft Corporation) [File not signed] [File is in use] C:\Windows\Microsoft.Net\assembly\GAC_32\System.EnterpriseServices\v4.0_4.0.0.0__b03f5f7f11d50a3a\System.EnterpriseServices.Wrapper.dll
2017-04-21 13:26 - 2017-04-21 13:26 - 000126976 _____ (Microsoft Corporation) [File not signed] [File is in use] C:\Windows\Microsoft.Net\assembly\GAC_64\System.EnterpriseServices\v4.0_4.0.0.0__b03f5f7f11d50a3a\System.EnterpriseServices.Wrapper.dll
2020-07-19 14:21 - 2020-07-19 14:21 - 003043328 _____ (Python Software Foundation) [File not signed] C:\Users\Johnny\AppData\Local\Temp\_MEI12482\python27.dll
2020-07-19 14:21 - 2020-07-19 14:21 - 000202240 _____ (wxWidgets development team) [File not signed] C:\Users\Johnny\AppData\Local\Temp\_MEI12482\wxbase30u_net_vc90_x64.dll
2020-07-19 14:21 - 2020-07-19 14:21 - 002831872 _____ (wxWidgets development team) [File not signed] C:\Users\Johnny\AppData\Local\Temp\_MEI12482\wxbase30u_vc90_x64.dll
2020-07-19 14:21 - 2020-07-19 14:21 - 001654784 _____ (wxWidgets development team) [File not signed] C:\Users\Johnny\AppData\Local\Temp\_MEI12482\wxmsw30u_adv_vc90_x64.dll
2020-07-19 14:21 - 2020-07-19 14:21 - 006542336 _____ (wxWidgets development team) [File not signed] C:\Users\Johnny\AppData\Local\Temp\_MEI12482\wxmsw30u_core_vc90_x64.dll
2020-07-19 14:21 - 2020-07-19 14:21 - 000773632 _____ (wxWidgets development team) [File not signed] C:\Users\Johnny\AppData\Local\Temp\_MEI12482\wxmsw30u_html_vc90_x64.dll
2020-07-19 14:21 - 2020-07-19 14:21 - 000137216 _____ (wxWidgets development team) [File not signed] C:\Users\Johnny\AppData\Local\Temp\_MEI12482\wxmsw30u_webview_vc90_x64.dll

==================== Alternate Data Streams (Whitelisted) ========

==================== Safe Mode (Whitelisted) ==================

==================== Association (Whitelisted) =================

==================== Internet Explorer trusted/restricted ==========

==================== Hosts content: =========================

(If needed Hosts: directive could be included in the fixlist to reset Hosts.)

2009-07-14 04:34 - 2009-06-10 23:00 - 000000824 _____ C:\Windows\system32\drivers\etc\hosts

==================== Other Areas ===========================

(Currently there is no automatic fix for this section.)

HKLM\System\CurrentControlSet\Control\Session Manager\Environment\\Path -> C:\Program Files (x86)\Intel\iCLS Client\;C:\Program Files\Intel\iCLS Client\;%SystemRoot%\system32;%SystemRoot%;%SystemRoot%\System32\Wbem;%SYSTEMROOT%\System32\WindowsPowerShell\v1.0\;C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\DAL;C:\Program Files\Intel\Intel(R) Management Engine Components\DAL;C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\IPT;C:\Program Files\Intel\Intel(R) Management Engine Components\IPT;C:\Program Files (x86)\QuickTime\QTSystem\
HKU\S-1-5-21-2350607292-2742822079-1077346085-1000\Control Panel\Desktop\\Wallpaper -> C:\Users\Johnny\AppData\Roaming\Microsoft\Windows\Themes\TranscodedWallpaper.jpg
DNS Servers: 192.168.1.1
HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Policies\System => (ConsentPromptBehaviorAdmin: 5) (ConsentPromptBehaviorUser: 3) (EnableLUA: 1)
Windows Firewall is enabled.

==================== MSCONFIG/TASK MANAGER disabled items ==

==================== FirewallRules (Whitelisted) ================

(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)

FirewallRules: [TCP Query User{14D8EF69-CCD2-4E89-BE3C-03D3F1B60F43}C:\windows\kmsemulator.exe] => (Allow) C:\windows\kmsemulator.exe () [File not signed]
FirewallRules: [UDP Query User{6FD7B68E-E7BC-4E96-97BF-11FFFC3DAA1B}C:\windows\kmsemulator.exe] => (Allow) C:\windows\kmsemulator.exe () [File not signed]
FirewallRules: [{A1D1EC1C-F397-4C20-9D6A-906045B067EA}] => (Allow) C:\Program Files\Mozilla Firefox\firefox.exe (Mozilla Corporation -> Mozilla Corporation)
FirewallRules: [{822E070F-E42B-4087-B2F3-5B57E7DD1138}] => (Allow) C:\Program Files\Mozilla Firefox\firefox.exe (Mozilla Corporation -> Mozilla Corporation)
FirewallRules: [{36B2F014-A755-4AA3-9C36-F8EEC4BE1BC4}] => (Allow) C:\Program Files\HP\HP Deskjet 3520 series\Bin\DeviceSetup.exe (Hewlett Packard -> Hewlett-Packard Co.)
FirewallRules: [{BA947712-39F6-4059-8FD6-32C297759E69}] => (Allow) C:\Program Files\HP\HP Deskjet 3520 series\Bin\HPNetworkCommunicator.exe (Hewlett Packard -> Hewlett-Packard Co.)
FirewallRules: [TCP Query User{3DE8CCDA-4CD4-4A06-9F64-EE2901A439EF}C:\program files\mozilla firefox\firefox.exe] => (Block) C:\program files\mozilla firefox\firefox.exe (Mozilla Corporation -> Mozilla Corporation)
FirewallRules: [UDP Query User{64EF5EE1-5889-4090-9468-A86778719B3F}C:\program files\mozilla firefox\firefox.exe] => (Block) C:\program files\mozilla firefox\firefox.exe (Mozilla Corporation -> Mozilla Corporation)
FirewallRules: [{3689E3A2-02A1-4D67-9686-6763A253491D}] => (Block) C:\Program Files (x86)\Avira\SoftwareUpdater\avirasoftwareupdatertoastnotificationsbridge.exe (Avira Operations GmbH & Co. KG -> Avira Operations GmbH & Co. KG)
FirewallRules: [{5E2C014C-7DDC-4B07-96DA-237725B9CC47}] => (Allow) C:\Program Files (x86)\Avira\SoftwareUpdater\avirasoftwareupdatertoastnotificationsbridge.exe (Avira Operations GmbH & Co. KG -> Avira Operations GmbH & Co. KG)
FirewallRules: [{34A90519-6A68-4D05-9C0D-786DB1F676A2}] => (Allow) C:\Program Files (x86)\Avira\SoftwareUpdater\avirasoftwareupdatertoastnotificationsbridge.exe (Avira Operations GmbH & Co. KG -> Avira Operations GmbH & Co. KG)

==================== Restore Points =========================

14-06-2020 19:00:11 Windows Backup
22-06-2020 11:13:40 Windows Backup
28-06-2020 19:00:10 Windows Backup
05-07-2020 19:36:03 Windows Backup
12-07-2020 19:11:21 Windows Backup

==================== Faulty Device Manager Devices ============

Name:
Description:
Class Guid:
Manufacturer:
Service:
Problem: : The drivers for this device are not installed. (Code 28)
Resolution: To install the drivers for this device, click "Update Driver", which starts the Hardware Update wizard.


==================== Event log errors: ========================

Application errors:
==================
Error: (07/14/2020 06:08:59 PM) (Source: Software Protection Platform Service) (EventID: 8208) (User: )
Description: Acquisition of genuine ticket failed (hr=0x80072EE7) for template Id 66c92734-d682-4d71-983e-d6ec3f16059f

Error: (07/14/2020 06:08:59 PM) (Source: Software Protection Platform Service) (EventID: 8200) (User: )
Description: License acquisition failure details.
hr=0x80072EE7

Error: (06/22/2020 11:02:06 AM) (Source: TrueKey) (EventID: 0) (User: )
Description: Failed to process session change. System.ArgumentNullException: Value cannot be null.
at System.Threading.Monitor.Enter(Object obj)
at McAfee.YAP.Service.Common.UsersManager.GetWindowsUsers(Boolean async)
at McAfee.YAP.Service.Service.OnSessionChange(SessionChangeDescription changeDescription)
at System.ServiceProcess.ServiceBase.DeferredSessionChange(Int32 eventType, Int32 sessionId)

Error: (06/04/2020 10:18:25 AM) (Source: TrueKey) (EventID: 0) (User: )
Description: Failed to process session change. System.ArgumentNullException: Value cannot be null.
at System.Threading.Monitor.Enter(Object obj)
at McAfee.YAP.Service.Common.UsersManager.GetWindowsUsers(Boolean async)
at McAfee.YAP.Service.Service.OnSessionChange(SessionChangeDescription changeDescription)
at System.ServiceProcess.ServiceBase.DeferredSessionChange(Int32 eventType, Int32 sessionId)

Error: (06/02/2020 03:48:39 PM) (Source: TrueKey) (EventID: 0) (User: )
Description: Failed to process session change. System.ArgumentNullException: Value cannot be null.
at System.Threading.Monitor.Enter(Object obj)
at McAfee.YAP.Service.Common.UsersManager.GetWindowsUsers(Boolean async)
at McAfee.YAP.Service.Service.OnSessionChange(SessionChangeDescription changeDescription)
at System.ServiceProcess.ServiceBase.DeferredSessionChange(Int32 eventType, Int32 sessionId)

Error: (06/02/2020 02:36:11 PM) (Source: TrueKey) (EventID: 0) (User: )
Description: Failed to process session change. System.ArgumentNullException: Value cannot be null.
at System.Threading.Monitor.Enter(Object obj)
at McAfee.YAP.Service.Common.UsersManager.GetWindowsUsers(Boolean async)
at McAfee.YAP.Service.Service.OnSessionChange(SessionChangeDescription changeDescription)
at System.ServiceProcess.ServiceBase.DeferredSessionChange(Int32 eventType, Int32 sessionId)

Error: (05/24/2020 02:45:43 PM) (Source: TrueKey) (EventID: 0) (User: )
Description: Failed to process session change. System.ArgumentNullException: Value cannot be null.
at System.Threading.Monitor.Enter(Object obj)
at McAfee.YAP.Service.Common.UsersManager.GetWindowsUsers(Boolean async)
at McAfee.YAP.Service.Service.OnSessionChange(SessionChangeDescription changeDescription)
at System.ServiceProcess.ServiceBase.DeferredSessionChange(Int32 eventType, Int32 sessionId)

Error: (05/16/2020 07:52:55 AM) (Source: Application Error) (EventID: 1000) (User: )
Description: Faulting application name: FL.exe, version: 0.0.0.0, time stamp: 0x4d3574e7
Faulting module name: ntdll.dll, version: 6.1.7601.23915, time stamp: 0x59b94a16
Exception code: 0xc0000374
Fault offset: 0x000ce85b
Faulting process id: 0x1688
Faulting application start time: 0x01d62b45ace503e1
Faulting application path: C:\Program Files (x86)\Image-Line\FL Studio 10\FL.exe
Faulting module path: C:\Windows\SysWOW64\ntdll.dll
Report Id: 7c9ee6a1-9739-11ea-89ec-4ccc6a4b57c8


System errors:
=============
Error: (07/18/2020 08:18:48 PM) (Source: DCOM) (EventID: 10010) (User: )
Description: The server {995C996E-D918-4A8C-A302-45719A6F4EA7} did not register with DCOM within the required timeout.

Error: (07/13/2020 06:45:42 PM) (Source: Microsoft-Windows-HAL) (EventID: 12) (User: )
Description: The platform firmware has corrupted memory across the previous system power transition. Please check for updated firmware for your system.

Error: (07/08/2020 02:56:41 PM) (Source: DCOM) (EventID: 10010) (User: )
Description: The server {7D096C5F-AC08-4F1F-BEB7-5C22C517CE39} did not register with DCOM within the required timeout.

Error: (07/05/2020 11:52:23 AM) (Source: Microsoft-Windows-HAL) (EventID: 12) (User: )
Description: The platform firmware has corrupted memory across the previous system power transition. Please check for updated firmware for your system.

Error: (07/03/2020 03:08:34 PM) (Source: Microsoft-Windows-HAL) (EventID: 12) (User: )
Description: The platform firmware has corrupted memory across the previous system power transition. Please check for updated firmware for your system.

Error: (07/02/2020 04:31:04 PM) (Source: Microsoft-Windows-HAL) (EventID: 12) (User: )
Description: The platform firmware has corrupted memory across the previous system power transition. Please check for updated firmware for your system.

Error: (06/30/2020 06:32:38 PM) (Source: Microsoft-Windows-HAL) (EventID: 12) (User: )
Description: The platform firmware has corrupted memory across the previous system power transition. Please check for updated firmware for your system.

Error: (06/29/2020 07:55:58 PM) (Source: DCOM) (EventID: 10010) (User: )
Description: The server {995C996E-D918-4A8C-A302-45719A6F4EA7} did not register with DCOM within the required timeout.


CodeIntegrity:
===================================

Date: 2016-12-01 12:56:40.510
Description:
Windows is unable to verify the image integrity of the file \Device\HarddiskVolume3\Windows\System32\drivers\wdcsam64.sys because file hash could not be found on the system. A recent hardware or software change might have installed a file that is signed incorrectly or damaged, or that might be malicious software from an unknown source.

Date: 2016-12-01 12:56:40.510
Description:
Windows is unable to verify the image integrity of the file \Device\HarddiskVolume3\Windows\System32\drivers\wdcsam64.sys because file hash could not be found on the system. A recent hardware or software change might have installed a file that is signed incorrectly or damaged, or that might be malicious software from an unknown source.

Date: 2016-11-23 22:22:24.070
Description:
Windows is unable to verify the image integrity of the file \Device\HarddiskVolume3\Windows\System32\drivers\wdcsam64.sys because file hash could not be found on the system. A recent hardware or software change might have installed a file that is signed incorrectly or damaged, or that might be malicious software from an unknown source.

Date: 2016-11-23 22:22:24.070
Description:
Windows is unable to verify the image integrity of the file \Device\HarddiskVolume3\Windows\System32\drivers\wdcsam64.sys because file hash could not be found on the system. A recent hardware or software change might have installed a file that is signed incorrectly or damaged, or that might be malicious software from an unknown source.

Date: 2016-11-14 22:43:43.026
Description:
Windows is unable to verify the image integrity of the file \Device\HarddiskVolume3\Windows\System32\drivers\wdcsam64.sys because file hash could not be found on the system. A recent hardware or software change might have installed a file that is signed incorrectly or damaged, or that might be malicious software from an unknown source.

Date: 2016-11-14 22:43:43.026
Description:
Windows is unable to verify the image integrity of the file \Device\HarddiskVolume3\Windows\System32\drivers\wdcsam64.sys because file hash could not be found on the system. A recent hardware or software change might have installed a file that is signed incorrectly or damaged, or that might be malicious software from an unknown source.

Date: 2016-11-14 20:18:23.425
Description:
Windows is unable to verify the image integrity of the file \Device\HarddiskVolume3\Windows\System32\drivers\wdcsam64.sys because file hash could not be found on the system. A recent hardware or software change might have installed a file that is signed incorrectly or damaged, or that might be malicious software from an unknown source.

Date: 2016-11-14 20:18:23.425
Description:
Windows is unable to verify the image integrity of the file \Device\HarddiskVolume3\Windows\System32\drivers\wdcsam64.sys because file hash could not be found on the system. A recent hardware or software change might have installed a file that is signed incorrectly or damaged, or that might be malicious software from an unknown source.

==================== Memory info ===========================

BIOS: American Megatrends Inc. C.60 07/22/2016
Motherboard: MSI B150M MORTAR (MS-7972)
Processor: Intel(R) Core(TM) i5-6500 CPU @ 3.20GHz
Percentage of memory in use: 31%
Total physical RAM: 16258.88 MB
Available physical RAM: 11171.88 MB
Total Virtual: 32515.93 MB
Available Virtual: 27457.71 MB

==================== Drives ================================

Drive c: () (Fixed) (Total:223.35 GB) (Free:101.64 GB) NTFS
Drive d: () (Fixed) (Total:1863.01 GB) (Free:372.98 GB) NTFS


==================== MBR & Partition Table ====================

==========================================================
Disk: 0 (Protective MBR) (Size: 223.6 GB) (Disk ID: 00000000)

Partition: GPT.

==========================================================
Disk: 1 (MBR Code: Windows 7/8/10) (Size: 1863 GB) (Disk ID: 346FBCB4)
Partition 1: (Not Active) - (Size=1863 GB) - (Type=07 NTFS)

==================== End of Addition.txt =======================
Avenger --- CCleaner --- Gmer --- Killbox --- MBAM --- OTM --- RSIT --- VirusTotal --- WinXP Manager

Varování !!! [/color][/b]Před odvirováním Vašeho PC si zálohujte svá data, mohlo by dojít ke ztrátě !!!

Podpořte prosím naše forum: PODPOŘTE FORUM

Uživatelský avatar
Rudy
Site Admin
Site Admin
Příspěvky: 118197
Registrován: 30 říj 2003 13:42
Bydliště: Plzeň
Kontaktovat uživatele:

Re: Prosím o preventivní kontrolu, email mi rozesílá sám zprávy.

#21 Příspěvek od Rudy »

Vcelku nic zvláštního. Chcete-li, můžeme zkontrolovat i druhý PC. Doporučuji změnit heslo na mail.
Dotazy a logy vkládejte pouze do vašich threadů. Soukromé zprávy, icq a e-maily neslouží k řešení vašich problémů.

Podpořte, prosím, naše fórum : https://platba.viry.cz/payment/.

Navštivte: Obrázek

e-mail: rudy(zavináč)forum.viry.cz

Varování:
Před odvirováním PC si udělejte zálohy svých důležitých dat (pošta, kontakty, dokumenty, fotografie, videa, hudba apod.). Virus mimo svých "viditelných" aktivit může poškodit systém!


Po dořešení vašeho problému bude vlákno zamknuto. Stejně tak tehdy, pokud bude nečinné více než 14dnů. Pokud budete chtít vlákno aktivovat, napište mi na mail uvedený výše.

Johny2005
Vzorný návštěvník
Vzorný návštěvník
Příspěvky: 41
Registrován: 14 led 2006 12:43

Re: Prosím o preventivní kontrolu, email mi rozesílá sám zprávy.

#22 Příspěvek od Johny2005 »

No ten druhý jsme dělali nedavno, to je ten ze začátku tohoto threadu.

Změnu hesla jsem dělal hned poté, co mi rozeslal ten email a od té doby je to ok.
Já si právě myslel, že pokud se rozesílají emaily samovolně, že musí být něco v PC, co je potřeba vyčistit a to je zřejmě mylný předpoklad.

Není potřeba zkusit toto PC ještě nějakým jiným skenem?

Jinak každopádně děkuji za pomoc.
Avenger --- CCleaner --- Gmer --- Killbox --- MBAM --- OTM --- RSIT --- VirusTotal --- WinXP Manager

Varování !!! [/color][/b]Před odvirováním Vašeho PC si zálohujte svá data, mohlo by dojít ke ztrátě !!!

Podpořte prosím naše forum: PODPOŘTE FORUM

Uživatelský avatar
Rudy
Site Admin
Site Admin
Příspěvky: 118197
Registrován: 30 říj 2003 13:42
Bydliště: Plzeň
Kontaktovat uživatele:

Re: Prosím o preventivní kontrolu, email mi rozesílá sám zprávy.

#23 Příspěvek od Rudy »

OK. Nemáte zač! :)
Dotazy a logy vkládejte pouze do vašich threadů. Soukromé zprávy, icq a e-maily neslouží k řešení vašich problémů.

Podpořte, prosím, naše fórum : https://platba.viry.cz/payment/.

Navštivte: Obrázek

e-mail: rudy(zavináč)forum.viry.cz

Varování:
Před odvirováním PC si udělejte zálohy svých důležitých dat (pošta, kontakty, dokumenty, fotografie, videa, hudba apod.). Virus mimo svých "viditelných" aktivit může poškodit systém!


Po dořešení vašeho problému bude vlákno zamknuto. Stejně tak tehdy, pokud bude nečinné více než 14dnů. Pokud budete chtít vlákno aktivovat, napište mi na mail uvedený výše.

Zamčeno