VIRY.CZ

Pomáháme v boji s počítačovou havěti!
https://forum.viry.cz:443/

prosim kontrolu logu, dakujem

https://forum.viry.cz:443/viewtopic.php?t=158044

Stránka 1 z 1

prosim kontrolu logu, dakujem

Napsal: 22 dub 2021 18:42
od talbott
Scan result of Farbar Recovery Scan Tool (FRST) (x64) Version: 17-04-2021
Ran by uzivatel (administrator) on ZERO1 (ASUSTeK COMPUTER INC. UX303LAB) (22-04-2021 19:39:20)
Running from C:\Users\uzivatel\Desktop
Loaded Profiles: uzivatel & SQLTELEMETRY$SQLEXPRESS & SQLTELEMETRY & MSSQLFDLauncher & MSSQLLaunchpad & MSSQL$SQLEXPRESS & MSSQLSERVER & MSSQLLaunchpad$SQLEXPRESS & MSSQLFDLauncher$SQLEXPRESS
Platform: Windows 8.1 Pro (Update) (X64) Language: Slovenčina (Slovensko)
Default browser: FF
Boot Mode: Normal

==================== Processes (Whitelisted) =================

(If an entry is included in the fixlist, the process will be closed. The file will not be moved.)

(Apple Inc. -> Apple Inc.) C:\Program Files\Bonjour\mDNSResponder.exe
(Apple Inc. -> Apple Inc.) C:\Program Files\Common Files\Apple\Mobile Device Support\AppleMobileDeviceService.exe
(ASUSTeK Computer Inc. -> ASUS) C:\Program Files (x86)\ASUS\ATK Package\ATKGFNEX\GFNEXSrv.exe
(ASUSTeK Computer Inc. -> ASUSTek Computer Inc.) C:\Program Files (x86)\ASUS\ATK Package\ATK Hotkey\AsLdrSrv.exe
(ASUSTeK Computer Inc. -> ASUSTek Computer Inc.) C:\Program Files (x86)\ASUS\ATK Package\ATK Hotkey\HControl.exe
(ASUSTeK Computer Inc. -> ASUSTek Computer Inc.) C:\Program Files (x86)\ASUS\ATK Package\ATK Hotkey\KBFiltr.exe
(ASUSTeK Computer Inc. -> ASUSTek Computer Inc.) C:\Program Files (x86)\ASUS\ATK Package\ATK Media\DMedia.exe
(ASUSTeK Computer Inc. -> ASUSTek Computer Inc.) C:\Program Files (x86)\ASUS\ATK Package\ATKOSD2\ATKOSD2.exe
(ASUSTeK Computer Inc. -> ASUSTek Computer Inc.) C:\Program Files (x86)\ASUS\USBChargerPlus\USBChargerPlus.exe
(F.lux Software LLC -> f.lux Software LLC) C:\Users\uzivatel\AppData\Local\FluxSoftware\Flux\flux.exe
(Intel Corporation - Intel® Management Engine Firmware -> Intel Corporation) C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\DAL\jhi_service.exe
(Intel Corporation - Intel® Management Engine Firmware -> Intel Corporation) C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\LMS\LMS.exe
(Intel Corporation - pGFX -> ) C:\Windows\System32\igfxTray.exe
(Intel Corporation - pGFX -> Intel Corporation) C:\Windows\System32\igfxCUIService.exe
(Intel Corporation - pGFX -> Intel Corporation) C:\Windows\System32\igfxEM.exe
(Intel Corporation - pGFX -> Intel Corporation) C:\Windows\System32\igfxHK.exe
(Intel Corporation-Mobile Wireless Group -> Intel Corporation) C:\Program Files (x86)\Intel\Bluetooth\utilities\ibtsiva.exe
(Intel Corporation-Mobile Wireless Group -> Intel(R) Corporation) C:\Program Files\Common Files\Intel\WirelessCommon\RegSrvc.exe
(Intel Corporation-Mobile Wireless Group -> Intel(R) Corporation) C:\Program Files\Intel\WiFi\bin\EvtEng.exe
(Intel Corporation-Mobile Wireless Group -> Intel® Corporation) C:\Program Files\Intel\WiFi\bin\ZeroConfigService.exe
(Intel(R) Software -> Intel Corporation) C:\Windows\SysWOW64\esif_uf.exe
(Intel(R) Software -> Intel Corporation) C:\Windows\Temp\DPTF\esif_assist.exe
(Intel(R) Wireless Display -> Intel) C:\Program Files\Intel Corporation\USB over IP\bin\UoipService.exe
(Microsoft Corporation -> Microsoft Corporation) C:\Program Files\Microsoft SQL Server\90\Shared\sqlwriter.exe
(Microsoft Corporation -> Microsoft Corporation) C:\Program Files\Microsoft SQL Server\MSSQL14.MSSQLSERVER\MSSQL\Binn\fdhost.exe
(Microsoft Corporation -> Microsoft Corporation) C:\Program Files\Microsoft SQL Server\MSSQL14.MSSQLSERVER\MSSQL\Binn\fdlauncher.exe
(Microsoft Corporation -> Microsoft Corporation) C:\Program Files\Microsoft SQL Server\MSSQL14.MSSQLSERVER\MSSQL\Binn\Launchpad.exe
(Microsoft Corporation -> Microsoft Corporation) C:\Program Files\Microsoft SQL Server\MSSQL14.MSSQLSERVER\MSSQL\Binn\sqlceip.exe
(Microsoft Corporation -> Microsoft Corporation) C:\Program Files\Microsoft SQL Server\MSSQL14.MSSQLSERVER\MSSQL\Binn\sqlservr.exe
(Microsoft Corporation -> Microsoft Corporation) C:\Program Files\Microsoft SQL Server\MSSQL14.SQLEXPRESS\MSSQL\Binn\fdhost.exe
(Microsoft Corporation -> Microsoft Corporation) C:\Program Files\Microsoft SQL Server\MSSQL14.SQLEXPRESS\MSSQL\Binn\fdlauncher.exe
(Microsoft Corporation -> Microsoft Corporation) C:\Program Files\Microsoft SQL Server\MSSQL14.SQLEXPRESS\MSSQL\Binn\Launchpad.exe
(Microsoft Corporation -> Microsoft Corporation) C:\Program Files\Microsoft SQL Server\MSSQL14.SQLEXPRESS\MSSQL\Binn\sqlceip.exe
(Microsoft Corporation -> Microsoft Corporation) C:\Program Files\Microsoft SQL Server\MSSQL14.SQLEXPRESS\MSSQL\Binn\sqlservr.exe
(Microsoft Corporation -> Microsoft Corporation) C:\Program Files\Windows Defender\MsMpEng.exe
(Microsoft Corporation -> Microsoft Corporation) C:\Program Files\Windows Defender\NisSrv.exe
(Microsoft Corporation -> Microsoft Corporation) C:\Windows\Microsoft.NET\Framework64\v3.0\WPF\PresentationFontCache.exe
(Microsoft Windows -> Microsoft Corporation) C:\Windows\System32\wlanext.exe
(Microsoft Windows Hardware Compatibility Publisher -> Pixart Imaging Inc) C:\Windows\System32\TiltWheelMouse.exe
(Mozilla Corporation -> Mozilla Corporation) C:\Program Files\Mozilla Firefox\firefox.exe <8>

==================== Registry (Whitelisted) ===================

(If an entry is included in the fixlist, the registry item will be restored to default or removed. The file will not be moved.)

HKLM\...\Run: [MouseDriver] => C:\Windows\system32\TiltWheelMouse.exe [241152 2013-04-09] (Microsoft Windows Hardware Compatibility Publisher -> Pixart Imaging Inc)
HKLM\...\Run: [iTunesHelper] => C:\Program Files\iTunes\iTunesHelper.exe [331064 2020-10-16] (Apple Inc. -> Apple Inc.)
HKLM\...\Run: [WindowsDefender] => "%ProgramFiles%\Windows Defender\MSASCuiL.exe"
HKU\S-1-5-21-4176085001-3363555415-2058170901-1001\...\Run: [f.lux] => C:\Users\uzivatel\AppData\Local\FluxSoftware\Flux\flux.exe [1511824 2021-02-04] (F.lux Software LLC -> f.lux Software LLC)
HKU\S-1-5-21-4176085001-3363555415-2058170901-1001\...\Run: [iCloudServices] => C:\Program Files (x86)\Common Files\Apple\Internet Services\iCloudServices.exe [67384 2020-09-08] (Apple Inc. -> Apple Inc.)
HKU\S-1-5-21-4176085001-3363555415-2058170901-1001\Control Panel\Desktop\\SCRNSAVE.EXE -> C:\Windows\SysWOW64\ACTUAL~1.SCR [111616 2017-06-21] () [File not signed]
HKU\S-1-5-21-4176085001-3363555415-2058170901-500\Control Panel\Desktop\\SCRNSAVE.EXE -> C:\Windows\system32\ACTUAL~1.SCR
HKLM\Software\...\AppCompatFlags\InstalledSDB\{ad846bae-d44b-4722-abad-f7420e08bcd9}: [DatabasePath] -> C:\Windows\AppPatch\Custom\{ad846bae-d44b-4722-abad-f7420e08bcd9}.sdb [2020-01-17]
Policies: C:\ProgramData\NTUSER.pol: Restriction <==== ATTENTION

==================== Scheduled Tasks (Whitelisted) ============

(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)

Task: {1538B8AE-80E7-489B-B1CE-413A645A040A} - System32\Tasks\EOSv3 Scheduler onTime => C:\Users\uzivatel\Downloads\esetonlinescanner.exe
Task: {3D3671FB-B0BE-4ADC-AA3E-8D7BDC848467} - System32\Tasks\Microsoft\Windows\Windows Defender\Windows Defender Cleanup => C:\Program Files\Windows Defender\\MpCmdRun.exe [410792 2017-01-12] (Microsoft Corporation -> Microsoft Corporation)
Task: {41951660-8A51-49D1-A6A8-836722F1AC00} - System32\Tasks\System\SystemCheck => C:\Users\uzivatel\AppData\Roaming\Microsoft\Windows\Helper.exe <==== ATTENTION
Task: {4223C28F-64A5-43C8-8D34-57BCF79ABAB2} - System32\Tasks\{DB60350E-319A-4774-8EFE-E29DBFE64664} => C:\Windows\system32\pcalua.exe -a "C:\Program Files (x86)\GT Interactive\Driver\Config.exe" -d "C:\Program Files (x86)\GT Interactive\Driver"
Task: {55494067-4212-4BE3-B2EF-4D32F12C91D3} - System32\Tasks\Microsoft\Windows\Windows Defender\Windows Defender Verification => C:\Program Files\Windows Defender\\MpCmdRun.exe [410792 2017-01-12] (Microsoft Corporation -> Microsoft Corporation)
Task: {5DDC1DD5-0FB0-4743-A658-062CADB882D4} - System32\Tasks\ASUS USB Charger Plus => C:\Program Files (x86)\ASUS\USBChargerPlus\USBChargerPlus.exe [19853392 2014-09-11] (ASUSTeK Computer Inc. -> ASUSTek Computer Inc.)
Task: {614DEF85-D0FD-41F3-813F-0188AB8594CA} - System32\Tasks\Microsoft\Windows\Windows Defender\Windows Defender Scheduled Scan => C:\Program Files\Windows Defender\\MpCmdRun.exe [410792 2017-01-12] (Microsoft Corporation -> Microsoft Corporation)
Task: {859D6C61-15CF-4F3F-8D70-5B5BC07E0085} - System32\Tasks\EOSv3 Scheduler onLogOn => C:\Users\uzivatel\Downloads\esetonlinescanner.exe
Task: {8F828BE9-8F00-4753-89D6-CD6A2D78E879} - System32\Tasks\ASUS\ASUS Product Register Service => C:\Program Files (x86)\ASUS\APRP\aprp.exe
Task: {ACEA0C20-FAEA-4FA3-A2E3-901FC34C7AD5} - System32\Tasks\Apple\AppleSoftwareUpdate => C:\Program Files (x86)\Apple Software Update\SoftwareUpdate.exe [616832 2019-09-04] (Apple Inc. -> Apple Inc.)
Task: {B38F889E-7831-48F1-B170-90F04B0841FE} - System32\Tasks\UMonitor Task => C:\Windows\SysWOW64\UMonit64.exe
Task: {C66AFCB8-E22F-44FA-A414-A232F8022F46} - System32\Tasks\Microsoft\Windows\Windows Defender\Windows Defender Cache Maintenance => C:\Program Files\Windows Defender\\MpCmdRun.exe [410792 2017-01-12] (Microsoft Corporation -> Microsoft Corporation)
Task: {E134A771-90AD-4CE4-8C0C-5C817A81A772} - System32\Tasks\ATK Package 36D18D69AFC3 => C:\Program Files (x86)\ASUS\ATK Package\ATK Hotkey\SimAppExec.exe [120632 2014-06-11] (ASUSTeK Computer Inc. -> ASUSTek Computer Inc.)
Task: {E92C90F1-1544-42FF-96B8-627660C89D03} - System32\Tasks\Mozilla\Firefox Default Browser Agent 308046B0AF4A39CB => C:\Program Files\Mozilla Firefox\default-browser-agent.exe [696304 2021-04-20] (Mozilla Corporation -> Mozilla Foundation)

(If an entry is included in the fixlist, the task (.job) file will be moved. The file which is running by the task will not be moved.)


==================== Internet (Whitelisted) ====================

(If an item is included in the fixlist, if it is a registry item it will be removed or restored to default.)

Winsock: Catalog5 07 C:\Program Files (x86)\Bonjour\mdnsNSP.dll [122128 2015-08-12] (Apple Inc. -> Apple Inc.)
Winsock: Catalog5-x64 07 C:\Program Files\Bonjour\mdnsNSP.dll [133392 2015-08-12] (Apple Inc. -> Apple Inc.)
Tcpip\Parameters: [DhcpNameServer] 192.168.100.1
Tcpip\..\Interfaces\{A7FA2A4F-F99F-497F-903C-2A96C810688A}: [DhcpNameServer] 172.20.10.1
Tcpip\..\Interfaces\{AE1B6697-3F17-41CD-9040-9266881E316F}: [NameServer] 8.8.8.8
Tcpip\..\Interfaces\{AE1B6697-3F17-41CD-9040-9266881E316F}: [DhcpNameServer] 192.168.100.1

Edge:
=======
Edge DefaultProfile: Default
Edge Profile: C:\Users\uzivatel\AppData\Local\Microsoft\Edge\User Data\Default [2021-04-06]

FireFox:
========
FF DefaultProfile: 7h7ex4z3.default-1552668782976
FF ProfilePath: C:\Users\uzivatel\AppData\Roaming\Mozilla\Firefox\Profiles\7h7ex4z3.default-1552668782976 [2021-04-22]
FF Extension: (Ghostery – Privacy Ad Blocker) - C:\Users\uzivatel\AppData\Roaming\Mozilla\Firefox\Profiles\7h7ex4z3.default-1552668782976\Extensions\firefox@ghostery.com.xpi [2019-06-24]
FF Extension: (HTTPS Everywhere) - C:\Users\uzivatel\AppData\Roaming\Mozilla\Firefox\Profiles\7h7ex4z3.default-1552668782976\Extensions\https-everywhere@eff.org.xpi [2020-04-03]
FF Extension: (Privacy Badger) - C:\Users\uzivatel\AppData\Roaming\Mozilla\Firefox\Profiles\7h7ex4z3.default-1552668782976\Extensions\jid1-MnnxcxisBPnSXQ@jetpack.xpi [2019-12-08]
FF Extension: (clean-youtube) - C:\Users\uzivatel\AppData\Roaming\Mozilla\Firefox\Profiles\7h7ex4z3.default-1552668782976\Extensions\jid1-q4sG8pYhq8KGHs@jetpack.xpi [2020-06-19]
FF Extension: (DuckDuckGo Privacy Essentials) - C:\Users\uzivatel\AppData\Roaming\Mozilla\Firefox\Profiles\7h7ex4z3.default-1552668782976\Extensions\jid1-ZAdIEUB7XOzOJw@jetpack.xpi [2021-01-01]
FF Extension: (uBlock Origin) - C:\Users\uzivatel\AppData\Roaming\Mozilla\Firefox\Profiles\7h7ex4z3.default-1552668782976\Extensions\uBlock0@raymondhill.net.xpi [2020-06-19]
FF Extension: (Adblock) - C:\Users\uzivatel\AppData\Roaming\Mozilla\Firefox\Profiles\7h7ex4z3.default-1552668782976\Extensions\{2d7387e7-05cf-43c0-9096-8fd4699b0b11}.xpi [2020-06-19]
FF Extension: (NoScript) - C:\Users\uzivatel\AppData\Roaming\Mozilla\Firefox\Profiles\7h7ex4z3.default-1552668782976\Extensions\{73a6fe31-595d-460b-a920-fcc0f8843232}.xpi [2019-07-26]
FF Extension: (Picture-In-Picture) - C:\Program Files\Mozilla Firefox\browser\features\pictureinpicture@mozilla.org.xpi [2021-04-20] [not signed]
FF Plugin-x32: @foxitsoftware.com/Foxit Reader Plugin,version=1.0,application/pdf -> C:\Program Files (x86)\Foxit Software\Foxit Reader\plugins\npFoxitReaderPlugin.dll [2019-01-17] (Foxit Software Incorporated -> Foxit Corporation)
FF Plugin-x32: @foxitsoftware.com/Foxit Reader Plugin,version=1.0,application/vnd.fdf -> C:\Program Files (x86)\Foxit Software\Foxit Reader\plugins\npFoxitReaderPlugin.dll [2019-01-17] (Foxit Software Incorporated -> Foxit Corporation)
FF Plugin-x32: @foxitsoftware.com/Foxit Reader Plugin,version=1.0,application/vnd.xdp -> C:\Program Files (x86)\Foxit Software\Foxit Reader\plugins\npFoxitReaderPlugin.dll [2019-01-17] (Foxit Software Incorporated -> Foxit Corporation)
FF Plugin-x32: @foxitsoftware.com/Foxit Reader Plugin,version=1.0,application/vnd.xfdf -> C:\Program Files (x86)\Foxit Software\Foxit Reader\plugins\npFoxitReaderPlugin.dll [2019-01-17] (Foxit Software Incorporated -> Foxit Corporation)
FF Plugin-x32: @intel-webapi.intel.com/Intel WebAPI ipt;version=4.0.56 -> C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\IPT\npIntelWebAPIIPT.dll [2014-09-03] (Intel(R) Identity Protection Technology Software -> Intel Corporation)
FF Plugin-x32: @intel-webapi.intel.com/Intel WebAPI updater -> C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\IPT\npIntelWebAPIUpdater.dll [2014-09-03] (Intel(R) Identity Protection Technology Software -> Intel Corporation)
FF Plugin-x32: @videolan.org/vlc,version=3.0.6 -> C:\Program Files (x86)\VideoLAN\VLC\npvlc.dll [2019-01-10] (VideoLAN -> VideoLAN)

==================== Services (Whitelisted) ===================

(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)

R2 Apple Mobile Device Service; C:\Program Files\Common Files\Apple\Mobile Device Support\AppleMobileDeviceService.exe [96056 2020-09-24] (Apple Inc. -> Apple Inc.)
R2 ibtsiva.exe; C:\Program Files (x86)\Intel\Bluetooth\utilities\ibtsiva.exe [121288 2014-08-13] (Intel Corporation-Mobile Wireless Group -> Intel Corporation)
R2 IntelUSBoverIP; C:\Program Files\Intel Corporation\USB over IP\bin\UoipService.exe [394184 2014-10-15] (Intel(R) Wireless Display -> Intel)
S3 MsMpiLaunchSvc; C:\Program Files\Microsoft MPI\Bin\msmpilaunchsvc.exe [23040 2016-03-04] () [File not signed]
R2 MSSQL$SQLEXPRESS; C:\Program Files\Microsoft SQL Server\MSSQL14.SQLEXPRESS\MSSQL\Binn\sqlservr.exe [484944 2019-06-15] (Microsoft Corporation -> Microsoft Corporation)
R3 MSSQLFDLauncher; C:\Program Files\Microsoft SQL Server\MSSQL14.MSSQLSERVER\MSSQL\Binn\fdlauncher.exe [60488 2019-06-15] (Microsoft Corporation -> Microsoft Corporation)
R3 MSSQLFDLauncher$SQLEXPRESS; C:\Program Files\Microsoft SQL Server\MSSQL14.SQLEXPRESS\MSSQL\Binn\fdlauncher.exe [60488 2019-06-15] (Microsoft Corporation -> Microsoft Corporation)
R2 MSSQLLaunchpad; C:\Program Files\Microsoft SQL Server\MSSQL14.MSSQLSERVER\MSSQL\Binn\launchpad.exe [1121360 2019-06-15] (Microsoft Corporation -> Microsoft Corporation)
R2 MSSQLLaunchpad$SQLEXPRESS; C:\Program Files\Microsoft SQL Server\MSSQL14.SQLEXPRESS\MSSQL\Binn\launchpad.exe [1121360 2019-06-15] (Microsoft Corporation -> Microsoft Corporation)
R2 MSSQLSERVER; C:\Program Files\Microsoft SQL Server\MSSQL14.MSSQLSERVER\MSSQL\Binn\sqlservr.exe [484944 2019-06-15] (Microsoft Corporation -> Microsoft Corporation)
S3 ProtonVPN Service; C:\Program Files (x86)\Proton Technologies\ProtonVPN\ProtonVPNService.exe [102648 2021-01-29] (Proton Technologies AG -> )
S3 ProtonVPN Update Service; C:\Program Files (x86)\Proton Technologies\ProtonVPN\ProtonVPN.UpdateService.exe [62712 2021-01-29] (Proton Technologies AG -> )
S4 SQLAgent$SQLEXPRESS; C:\Program Files\Microsoft SQL Server\MSSQL14.SQLEXPRESS\MSSQL\Binn\SQLAGENT.EXE [578640 2019-06-15] (Microsoft Corporation -> Microsoft Corporation)
S4 SQLSERVERAGENT; C:\Program Files\Microsoft SQL Server\MSSQL14.MSSQLSERVER\MSSQL\Binn\SQLAGENT.EXE [578640 2019-06-15] (Microsoft Corporation -> Microsoft Corporation)
R2 SQLTELEMETRY; C:\Program Files\Microsoft SQL Server\MSSQL14.MSSQLSERVER\MSSQL\Binn\sqlceip.exe [252704 2019-06-15] (Microsoft Corporation -> Microsoft Corporation)
R2 SQLTELEMETRY$SQLEXPRESS; C:\Program Files\Microsoft SQL Server\MSSQL14.SQLEXPRESS\MSSQL\Binn\sqlceip.exe [252704 2019-06-15] (Microsoft Corporation -> Microsoft Corporation)
R3 WdNisSvc; C:\Program Files\Windows Defender\NisSrv.exe [361824 2017-01-12] (Microsoft Corporation -> Microsoft Corporation)
R2 WinDefend; C:\Program Files\Windows Defender\MsMpEng.exe [119872 2017-01-12] (Microsoft Corporation -> Microsoft Corporation)

===================== Drivers (Whitelisted) ===================

(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)

S3 ampa; C:\Windows\system32\ampa.sys [38320 2017-02-28] (CHENGDU AOMEI Tech Co., Ltd. -> )
S3 ATP; C:\Windows\System32\drivers\AsusTP.sys [69904 2014-11-21] (ASUSTeK Computer Inc. -> ASUS Corporation)
S3 AX88772; C:\Windows\system32\DRIVERS\ax88772.sys [113864 2013-07-18] (WDKTestCert asix,130126255272009909 -> ASIX Electronics Corp.)
S3 BthMtpEnum; C:\Windows\system32\DRIVERS\BthMtpEnum.sys [62976 2013-08-22] (Microsoft Windows -> Microsoft Corporation)
S3 ddmdrv; C:\Windows\system32\ddmdrv.sys [35760 2016-12-27] (CHENGDU AOMEI Tech Co., Ltd. -> )
S3 GeneStor; C:\Windows\System32\drivers\GeneStor.sys [130648 2016-08-22] (GENESYS LOGIC, INC. -> GenesysLogic)
S1 ISODisk; C:\Windows\SysWow64\Drivers\ISODisk.sys [9600 2006-04-26] () [File not signed]
R3 kbfiltr; C:\Windows\System32\drivers\kbfiltr.sys [17280 2012-08-06] (ASUSTeK Computer Inc. -> )
S0 mfeelamk; C:\Windows\System32\drivers\mfeelamk.sys [80920 2015-07-02] (Microsoft Windows Early Launch Anti-malware Publisher -> McAfee, Inc.)
R3 MpKsldbbe83c7; C:\ProgramData\Microsoft\Windows Defender\Definition Updates\{79BD9E97-A98C-4A27-BAEB-C26D383D4812}\MpKslDrv.sys [47336 2021-04-22] (Microsoft Windows -> Microsoft Corporation)
S3 Netaapl; C:\Windows\system32\DRIVERS\netaapl64.sys [23040 2016-12-21] (Microsoft Windows Hardware Compatibility Publisher -> Apple Inc.)
S3 ProtonVPNCallout; C:\Program Files (x86)\Proton Technologies\ProtonVPN\x64\Win7\ProtonVPN.CalloutDriver.sys [25824 2021-01-27] (Proton Technologies AG -> Proton Technologies AG)
R0 pwdrvio; C:\Windows\System32\pwdrvio.sys [19152 2019-11-08] (MiniTool Solution Ltd -> )
S3 pwdspio; C:\Windows\system32\pwdspio.sys [12504 2019-11-08] (MiniTool Solution Ltd -> )
S4 RsFx0501; C:\Windows\System32\DRIVERS\RsFx0501.sys [261784 2019-06-15] (Microsoft Corporation -> Microsoft Corporation)
S3 RTLU3E8023-W8-64; C:\Windows\system32\DRIVERS\rtu30x64w8.sys [70656 2013-06-18] (Microsoft Windows -> Realtek)
S4 secdrv; C:\Windows\SysWow64\Drivers\secdrv.sys [11968 2000-06-27] () [File not signed]
S3 tap0901; C:\Windows\system32\DRIVERS\tap0901.sys [27136 2014-11-05] (OpenVPN Technologies, Inc. -> The OpenVPN Project)
R3 tapprotonvpn; C:\Windows\system32\DRIVERS\tapprotonvpn.sys [39696 2020-12-30] (Proton Technologies AG -> The OpenVPN Project)
R3 t_mouse.sys; C:\Windows\system32\DRIVERS\t_mouse.sys [6144 2013-04-09] (Microsoft Windows Hardware Compatibility Publisher -> )
R3 usb3Hub; C:\Windows\System32\drivers\usb3Hub.sys [213296 2014-10-15] (Intel(R) Wireless Display -> Windows (R) Win 7 DDK provider)
S3 USBAAPL64; C:\Windows\System32\Drivers\usbaapl64.sys [54784 2016-12-21] (Microsoft Windows Hardware Compatibility Publisher -> Apple, Inc.)
S3 VBoxNetAdp; C:\Windows\system32\DRIVERS\VBoxNetAdp6.sys [237312 2020-02-19] (Oracle Corporation -> Oracle Corporation)
S0 WdBoot; C:\Windows\System32\drivers\WdBoot.sys [46600 2017-02-10] (Microsoft Windows Early Launch Anti-malware Publisher -> Microsoft Corporation)
R0 WdFilter; C:\Windows\System32\drivers\WdFilter.sys [274776 2017-01-12] (Microsoft Windows -> Microsoft Corporation)
R3 WdNisDrv; C:\Windows\System32\Drivers\WdNisDrv.sys [117592 2017-01-12] (Microsoft Windows -> Microsoft Corporation)
U0 msahci; system32\drivers\msahci.sys [X]
S3 R-ImageDisk; \??\C:\Program Files (x86)\R-Studio\R-ImageDisk64.sys [X]
S3 VirtualDVD; \SystemRoot\system32\DRIVERS\VirtualDVD.sys [X]

==================== NetSvcs (Whitelisted) ===================

(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)


==================== One month (created) (Whitelisted) =========

(If an entry is included in the fixlist, the file/folder will be moved.)

2021-04-22 19:39 - 2021-04-22 19:39 - 000021003 _____ C:\Users\uzivatel\Desktop\FRST.txt
2021-04-22 19:38 - 2021-04-22 19:38 - 000000000 ____D C:\Users\uzivatel\Desktop\FRST-OlderVersion

==================== One month (modified) ==================

(If an entry is included in the fixlist, the file/folder will be moved.)

2021-04-22 19:39 - 2017-07-25 22:18 - 000000000 ____D C:\FRST
2021-04-22 19:38 - 2017-10-03 19:38 - 002298368 _____ (Farbar) C:\Users\uzivatel\Desktop\FRST64.exe
2021-04-22 19:37 - 2019-01-30 17:30 - 000000000 ____D C:\ProgramData\Mozilla
2021-04-22 19:37 - 2016-11-15 19:41 - 000000000 ____D C:\Users\uzivatel\AppData\LocalLow\Mozilla
2021-04-22 19:30 - 2015-09-02 18:48 - 000003600 _____ C:\Windows\system32\Tasks\Optimize Start Menu Cache Files-S-1-5-21-4176085001-3363555415-2058170901-1001
2021-04-22 19:27 - 2014-03-18 17:25 - 001246486 _____ C:\Windows\system32\PerfStringBackup.INI
2021-04-22 19:27 - 2013-08-22 15:36 - 000000000 ____D C:\Windows\Inf
2021-04-22 19:19 - 2013-08-22 16:45 - 000000006 ____H C:\Windows\Tasks\SA.DAT


==================== Files in the root of some directories ========

2015-09-02 18:43 - 2019-10-27 20:27 - 000000125 _____ () C:\Users\uzivatel\AppData\Roaming\sp_data.sys
2015-10-01 15:42 - 2015-10-01 15:42 - 000000017 _____ () C:\Users\uzivatel\AppData\Local\resmon.resmoncfg

==================== SigCheck ============================

(There is no automatic fix for files that do not pass verification.)


LastRegBack: 2021-04-16 19:18
==================== End of FRST.txt ========================

Re: prosim kontrolu logu, dakujem

Napsal: 22 dub 2021 18:44
od talbott
Additional scan result of Farbar Recovery Scan Tool (x64) Version: 17-04-2021
Ran by uzivatel (22-04-2021 19:40:17)
Running from C:\Users\uzivatel\Desktop
Windows 8.1 Pro (Update) (X64) (2015-09-02 16:42:46)
Boot Mode: Normal
==========================================================


==================== Accounts: =============================

Administrator (S-1-5-21-4176085001-3363555415-2058170901-500 - Administrator - Enabled) => C:\Users\Administrator
Guest (S-1-5-21-4176085001-3363555415-2058170901-501 - Limited - Disabled)
MSSQLSERVER00 (S-1-5-21-4176085001-3363555415-2058170901-1026 - Limited - Enabled)
MSSQLSERVER01 (S-1-5-21-4176085001-3363555415-2058170901-1027 - Limited - Enabled)
MSSQLSERVER02 (S-1-5-21-4176085001-3363555415-2058170901-1028 - Limited - Enabled)
MSSQLSERVER03 (S-1-5-21-4176085001-3363555415-2058170901-1029 - Limited - Enabled)
MSSQLSERVER04 (S-1-5-21-4176085001-3363555415-2058170901-1030 - Limited - Enabled)
MSSQLSERVER05 (S-1-5-21-4176085001-3363555415-2058170901-1031 - Limited - Enabled)
MSSQLSERVER06 (S-1-5-21-4176085001-3363555415-2058170901-1032 - Limited - Enabled)
MSSQLSERVER07 (S-1-5-21-4176085001-3363555415-2058170901-1033 - Limited - Enabled)
MSSQLSERVER08 (S-1-5-21-4176085001-3363555415-2058170901-1034 - Limited - Enabled)
MSSQLSERVER09 (S-1-5-21-4176085001-3363555415-2058170901-1035 - Limited - Enabled)
MSSQLSERVER10 (S-1-5-21-4176085001-3363555415-2058170901-1036 - Limited - Enabled)
MSSQLSERVER11 (S-1-5-21-4176085001-3363555415-2058170901-1037 - Limited - Enabled)
MSSQLSERVER12 (S-1-5-21-4176085001-3363555415-2058170901-1038 - Limited - Enabled)
MSSQLSERVER13 (S-1-5-21-4176085001-3363555415-2058170901-1039 - Limited - Enabled)
MSSQLSERVER14 (S-1-5-21-4176085001-3363555415-2058170901-1040 - Limited - Enabled)
MSSQLSERVER15 (S-1-5-21-4176085001-3363555415-2058170901-1041 - Limited - Enabled)
MSSQLSERVER16 (S-1-5-21-4176085001-3363555415-2058170901-1042 - Limited - Enabled)
MSSQLSERVER17 (S-1-5-21-4176085001-3363555415-2058170901-1043 - Limited - Enabled)
MSSQLSERVER18 (S-1-5-21-4176085001-3363555415-2058170901-1044 - Limited - Enabled)
MSSQLSERVER19 (S-1-5-21-4176085001-3363555415-2058170901-1045 - Limited - Enabled)
MSSQLSERVER20 (S-1-5-21-4176085001-3363555415-2058170901-1046 - Limited - Enabled)
SQLEXPRESS00 (S-1-5-21-4176085001-3363555415-2058170901-1004 - Limited - Enabled)
SQLEXPRESS01 (S-1-5-21-4176085001-3363555415-2058170901-1005 - Limited - Enabled)
SQLEXPRESS02 (S-1-5-21-4176085001-3363555415-2058170901-1006 - Limited - Enabled)
SQLEXPRESS03 (S-1-5-21-4176085001-3363555415-2058170901-1007 - Limited - Enabled)
SQLEXPRESS04 (S-1-5-21-4176085001-3363555415-2058170901-1008 - Limited - Enabled)
SQLEXPRESS05 (S-1-5-21-4176085001-3363555415-2058170901-1009 - Limited - Enabled)
SQLEXPRESS06 (S-1-5-21-4176085001-3363555415-2058170901-1010 - Limited - Enabled)
SQLEXPRESS07 (S-1-5-21-4176085001-3363555415-2058170901-1011 - Limited - Enabled)
SQLEXPRESS08 (S-1-5-21-4176085001-3363555415-2058170901-1012 - Limited - Enabled)
SQLEXPRESS09 (S-1-5-21-4176085001-3363555415-2058170901-1013 - Limited - Enabled)
SQLEXPRESS10 (S-1-5-21-4176085001-3363555415-2058170901-1014 - Limited - Enabled)
SQLEXPRESS11 (S-1-5-21-4176085001-3363555415-2058170901-1015 - Limited - Enabled)
SQLEXPRESS12 (S-1-5-21-4176085001-3363555415-2058170901-1016 - Limited - Enabled)
SQLEXPRESS13 (S-1-5-21-4176085001-3363555415-2058170901-1017 - Limited - Enabled)
SQLEXPRESS14 (S-1-5-21-4176085001-3363555415-2058170901-1018 - Limited - Enabled)
SQLEXPRESS15 (S-1-5-21-4176085001-3363555415-2058170901-1019 - Limited - Enabled)
SQLEXPRESS16 (S-1-5-21-4176085001-3363555415-2058170901-1020 - Limited - Enabled)
SQLEXPRESS17 (S-1-5-21-4176085001-3363555415-2058170901-1021 - Limited - Enabled)
SQLEXPRESS18 (S-1-5-21-4176085001-3363555415-2058170901-1022 - Limited - Enabled)
SQLEXPRESS19 (S-1-5-21-4176085001-3363555415-2058170901-1023 - Limited - Enabled)
SQLEXPRESS20 (S-1-5-21-4176085001-3363555415-2058170901-1024 - Limited - Enabled)
uzivatel (S-1-5-21-4176085001-3363555415-2058170901-1001 - Administrator - Enabled) => C:\Users\uzivatel

==================== Security Center ========================

(If an entry is included in the fixlist, it will be removed.)

AV: Windows Defender (Enabled - Up to date) {D68DDC3A-831F-4fae-9E44-DA132C1ACF46}
AS: Windows Defender (Enabled - Up to date) {D68DDC3A-831F-4fae-9E44-DA132C1ACF46}

==================== Installed Programs ======================

(Only the adware programs with "Hidden" flag could be added to the fixlist to unhide them. The adware programs should be uninstalled manually.)

2007 Microsoft Office Suite Service Pack 3 (SP3) (HKLM-x32\...\{90120000-0015-0409-0000-0000000FF1CE}_ENTERPRISE_{AAA19365-932B-49BD-8138-BE28CEE9C4B4}) (Version: - Microsoft) Hidden
2007 Microsoft Office Suite Service Pack 3 (SP3) (HKLM-x32\...\{90120000-0016-0409-0000-0000000FF1CE}_ENTERPRISE_{AAA19365-932B-49BD-8138-BE28CEE9C4B4}) (Version: - Microsoft) Hidden
2007 Microsoft Office Suite Service Pack 3 (SP3) (HKLM-x32\...\{90120000-0018-0409-0000-0000000FF1CE}_ENTERPRISE_{AAA19365-932B-49BD-8138-BE28CEE9C4B4}) (Version: - Microsoft) Hidden
2007 Microsoft Office Suite Service Pack 3 (SP3) (HKLM-x32\...\{90120000-0019-0409-0000-0000000FF1CE}_ENTERPRISE_{AAA19365-932B-49BD-8138-BE28CEE9C4B4}) (Version: - Microsoft) Hidden
2007 Microsoft Office Suite Service Pack 3 (SP3) (HKLM-x32\...\{90120000-001A-0409-0000-0000000FF1CE}_ENTERPRISE_{AAA19365-932B-49BD-8138-BE28CEE9C4B4}) (Version: - Microsoft) Hidden
2007 Microsoft Office Suite Service Pack 3 (SP3) (HKLM-x32\...\{90120000-001B-0409-0000-0000000FF1CE}_ENTERPRISE_{AAA19365-932B-49BD-8138-BE28CEE9C4B4}) (Version: - Microsoft) Hidden
2007 Microsoft Office Suite Service Pack 3 (SP3) (HKLM-x32\...\{90120000-001F-0409-0000-0000000FF1CE}_ENTERPRISE_{1FF96026-A04A-4C3E-B50A-BB7022654D0F}) (Version: - Microsoft) Hidden
2007 Microsoft Office Suite Service Pack 3 (SP3) (HKLM-x32\...\{90120000-001F-040C-0000-0000000FF1CE}_ENTERPRISE_{71F055E8-E2C6-4214-BB3D-BFE03561B89E}) (Version: - Microsoft) Hidden
2007 Microsoft Office Suite Service Pack 3 (SP3) (HKLM-x32\...\{90120000-001F-0C0A-0000-0000000FF1CE}_ENTERPRISE_{2314F9A1-126F-45CC-8A5E-DFAF866F3FBC}) (Version: - Microsoft) Hidden
2007 Microsoft Office Suite Service Pack 3 (SP3) (HKLM-x32\...\{90120000-002A-0000-1000-0000000FF1CE}_ENTERPRISE_{664655D8-B9BB-455D-8A58-7EAF7B0B2862}) (Version: - Microsoft) Hidden
2007 Microsoft Office Suite Service Pack 3 (SP3) (HKLM-x32\...\{90120000-002A-0409-1000-0000000FF1CE}_ENTERPRISE_{98333358-268C-4164-B6D4-C96DF5153727}) (Version: - Microsoft) Hidden
2007 Microsoft Office Suite Service Pack 3 (SP3) (HKLM-x32\...\{90120000-0030-0000-0000-0000000FF1CE}_ENTERPRISE_{6E107EB7-8B55-48BF-ACCB-199F86A2CD93}) (Version: - Microsoft)
2007 Microsoft Office Suite Service Pack 3 (SP3) (HKLM-x32\...\{90120000-0044-0409-0000-0000000FF1CE}_ENTERPRISE_{AAA19365-932B-49BD-8138-BE28CEE9C4B4}) (Version: - Microsoft) Hidden
2007 Microsoft Office Suite Service Pack 3 (SP3) (HKLM-x32\...\{90120000-006E-0409-0000-0000000FF1CE}_ENTERPRISE_{98333358-268C-4164-B6D4-C96DF5153727}) (Version: - Microsoft) Hidden
2007 Microsoft Office Suite Service Pack 3 (SP3) (HKLM-x32\...\{90120000-00A1-0409-0000-0000000FF1CE}_ENTERPRISE_{AAA19365-932B-49BD-8138-BE28CEE9C4B4}) (Version: - Microsoft) Hidden
2007 Microsoft Office Suite Service Pack 3 (SP3) (HKLM-x32\...\{90120000-00BA-0409-0000-0000000FF1CE}_ENTERPRISE_{AAA19365-932B-49BD-8138-BE28CEE9C4B4}) (Version: - Microsoft) Hidden
2007 Microsoft Office Suite Service Pack 3 (SP3) (HKLM-x32\...\{90120000-0114-0409-0000-0000000FF1CE}_ENTERPRISE_{AAA19365-932B-49BD-8138-BE28CEE9C4B4}) (Version: - Microsoft) Hidden
2007 Microsoft Office Suite Service Pack 3 (SP3) (HKLM-x32\...\{90120000-0115-0409-0000-0000000FF1CE}_ENTERPRISE_{98333358-268C-4164-B6D4-C96DF5153727}) (Version: - Microsoft) Hidden
2007 Microsoft Office Suite Service Pack 3 (SP3) (HKLM-x32\...\{90120000-0116-0409-1000-0000000FF1CE}_ENTERPRISE_{98333358-268C-4164-B6D4-C96DF5153727}) (Version: - Microsoft) Hidden
2007 Microsoft Office Suite Service Pack 3 (SP3) (HKLM-x32\...\{90120000-0117-0409-0000-0000000FF1CE}_ENTERPRISE_{AAA19365-932B-49BD-8138-BE28CEE9C4B4}) (Version: - Microsoft) Hidden
AOMEI Partition Assistant 9.1 (HKLM-x32\...\{02F850ED-FD0E-4ED1-BE0B-54981f5BD3D4}_is1) (Version: - AOMEI International Network Limited.)
Apple Mobile Device Support (HKLM\...\{F9CEF01A-3907-4614-824F-CF5D3E4675EF}) (Version: 14.1.0.35 - Apple Inc.)
Apple Software Update (HKLM-x32\...\{A3985C05-7386-411F-A4BF-32A73F37EB44}) (Version: 2.6.3.1 - Apple Inc.)
ASUS USB Charger Plus (HKLM-x32\...\{A859E3E5-C62F-4BFA-AF1D-2B95E03166AF}) (Version: 4.0.2 - ASUS)
ATK Package (HKLM-x32\...\{AB5C933E-5C7D-4D30-B314-9C83A49B94BE}) (Version: 1.0.0037 - ASUS)
AudioWizard (HKLM-x32\...\{57E770A2-2BAF-4CAA-BAA3-BD896E2254D3}) (Version: 1.0.0.31 - ICEpower a/s)
Bonjour (HKLM\...\{56DDDFB8-7F79-4480-89D5-25E1F52AB28F}) (Version: 3.1.0.1 - Apple Inc.)
Browser for SQL Server 2017 (HKLM-x32\...\{CF8EEB96-E7E7-4EF7-A0A1-559F09953156}) (Version: 14.0.1000.169 - Microsoft Corporation)
BS.Player FREE (HKLM-x32\...\BSPlayerf) (Version: 2.71.1081 - AB Team, d.o.o.)
Conexant HD Audio (HKLM\...\CNXT_AUDIO_HDA) (Version: 8.66.52.56 - Conexant)
f.lux (HKU\S-1-5-21-4176085001-3363555415-2058170901-1001\...\Flux) (Version: - f.lux Software LLC)
Foxit Reader (HKLM-x32\...\Foxit Reader_is1) (Version: 9.4.1.16828 - Foxit Software Inc.)
FREE MSG File Viewer version 2.0 (HKLM-x32\...\{2D370F64-93D0-4731-B27B-35869AEEB460}_is1) (Version: 2.0 - SysTools Software)
Fritz 9 (HKLM-x32\...\{4FAA46FA-D8C1-488C-A979-83F41BB1E1DA}_is1) (Version: 9.0 - US - ACTION, s.r.o.)
GDR 2027 for SQL Server 2017 (KB4505224) (64-bit) (HKLM\...\KB4505224) (Version: 14.0.2027.2 - Microsoft Corporation)
ChessBase Reader (HKLM-x32\...\{DE1044D3-B7A3-45F0-AE4C-9F68BDD7B596}) (Version: 12.42.0.0 - ChessBase)
iCloud (HKLM\...\{8808B208-87D1-4725-8192-76D257E9DEAE}) (Version: 7.21.0.23 - Apple Inc.)
IIS 10.0 Express (HKLM\...\{2B8326B6-4202-4239-B9A9-F3EC8812E82D}) (Version: 10.0.03917 - Microsoft Corporation)
IIS Express Application Compatibility Database for x64 (HKLM\...\{08274920-8908-45c2-9258-8ad67ff77b09}.sdb) (Version: - ) Hidden
IIS Express Application Compatibility Database for x86 (HKLM\...\{ad846bae-d44b-4722-abad-f7420e08bcd9}.sdb) (Version: - ) Hidden
Intel Collaborative Processor Performance Control (HKLM-x32\...\0E7DAF70-FB54-4B91-B192-7E771C25AEEB) (Version: 1.0.0.1017 - Intel Corporation)
Intel(R) Dynamic Platform and Thermal Framework (HKLM-x32\...\{654EE65D-FAA4-4EA6-8C07-DC94E6A304D4}) (Version: 8.0.10100.71 - Intel Corporation)
Intel(R) Chipset Device Software (HKLM-x32\...\{f5d71765-7cd1-4e68-998f-5b379e725da3}) (Version: 10.0.22 - Intel(R) Corporation) Hidden
Intel(R) Management Engine Components (HKLM\...\{1CEAC85D-2590-4760-800F-8DE5E91F3700}) (Version: 10.0.28.1006 - Intel Corporation)
Intel(R) Processor Graphics (HKLM-x32\...\{F0E3AD40-2BBD-4360-9C76-B9AC9A5886EA}) (Version: 10.18.10.4013 - Intel Corporation)
Intel(R) WiDi (HKLM\...\{2F97FBC6-7992-4DF7-A7C7-B68455E307F7}) (Version: 5.1.20.0 - Intel Corporation)
Intel(R) Wireless Bluetooth(R) (HKLM-x32\...\{06A5031E-3B1E-4FB9-AC4C-BA0FE2706152}) (Version: 17.1.1433.02 - Intel Corporation)
Intel® PROSet/Wireless Software (HKLM-x32\...\{c78a13fd-4324-4ddb-a613-746d2461441d}) (Version: 17.13.1 - Intel Corporation)
ISODisk 1.1 (HKLM-x32\...\{BF731945-7AAD-45E3-A202-A60C9213915C}_is1) (Version: - ISODisk.com)
iTunes (HKLM\...\{1AF550CE-779C-4653-9B70-9E90799CEB1B}) (Version: 12.10.10.2 - Apple Inc.)
Microsoft Edge (HKLM-x32\...\Microsoft Edge) (Version: 90.0.818.42 - Microsoft Corporation)
Microsoft MPI (7.0.12437.8) (HKLM\...\{8499ACD3-C1E3-45AB-BF96-DA491727EBE1}) (Version: 7.0.12437.8 - Microsoft Corporation)
Microsoft ODBC Driver 13 for SQL Server (HKLM\...\{3B280D1C-02F2-4965-8731-C1614E213D25}) (Version: 14.0.2027.2 - Microsoft Corporation)
Microsoft Office Enterprise 2007 (HKLM-x32\...\ENTERPRISE) (Version: 12.0.6612.1000 - Microsoft Corporation)
Microsoft Office File Validation Add-In (HKLM-x32\...\{90140000-2005-0000-0000-0000000FF1CE}) (Version: 14.0.5130.5003 - Microsoft Corporation)
Microsoft SQL Server 2012 Native Client (HKLM\...\{4D2C56FF-7F36-4B49-A97A-24F0522D41D7}) (Version: 11.3.6540.0 - Microsoft Corporation)
Microsoft SQL Server 2016 LocalDB (HKLM\...\{9097BF1A-13A0-4A4A-A1F8-473E2A669863}) (Version: 13.1.4001.0 - Microsoft Corporation)
Microsoft SQL Server 2017 (64-bit) (HKLM\...\Microsoft SQL Server SQL2017) (Version: - Microsoft Corporation)
Microsoft SQL Server 2017 LocalDB (HKLM\...\{58180BC0-0DA3-4341-A41F-9A3CF7207EE1}) (Version: 14.0.2027.2 - Microsoft Corporation)
Microsoft SQL Server 2017 Setup (English) (HKLM\...\{05C0EF32-CDE2-4E38-92A1-D82CECECFB39}) (Version: 14.0.2027.2 - Microsoft Corporation)
Microsoft SQL Server 2017 T-SQL Language Service (HKLM\...\{C8A51693-98B9-4AB1-91B8-9A1B86729D5F}) (Version: 14.0.1000.169 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x64 9.0.30729.17 (HKLM\...\{8220EEFE-38CD-377E-8595-13398D740ACE}) (Version: 9.0.30729 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x64 9.0.30729.6161 (HKLM\...\{5FCE6D76-F5DC-37AB-B2B8-22AB8CEDB1D4}) (Version: 9.0.30729.6161 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x86 9.0.21022 (HKLM-x32\...\{FF66E9F6-83E7-3A3E-AF14-8DE9A809A6A4}) (Version: 9.0.21022 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.6161 (HKLM-x32\...\{9BE518E6-ECC6-35A9-88E4-87755C07200F}) (Version: 9.0.30729.6161 - Microsoft Corporation)
Microsoft Visual C++ 2012 Redistributable (x86) - 11.0.60610 (HKLM-x32\...\{95716cce-fc71-413f-8ad5-56c2892d4b3a}) (Version: 11.0.60610.1 - Microsoft Corporation)
Microsoft Visual C++ 2013 Redistributable (x64) - 12.0.30501 (HKLM-x32\...\{050d4fc8-5d48-4b8f-8972-47c82c46020f}) (Version: 12.0.30501.0 - Microsoft Corporation)
Microsoft Visual C++ 2013 Redistributable (x86) - 12.0.30501 (HKLM-x32\...\{f65db027-aff3-4070-886a-0d87064aabb1}) (Version: 12.0.30501.0 - Microsoft Corporation)
Microsoft Visual C++ 2015-2019 Redistributable (x64) - 14.25.28508 (HKLM-x32\...\{6913e92a-b64e-41c9-a5e6-cef39207fe89}) (Version: 14.25.28508.3 - Microsoft Corporation)
Microsoft Visual C++ 2015-2019 Redistributable (x86) - 14.25.28508 (HKLM-x32\...\{65e650ff-30be-469d-b63a-418d71ea1765}) (Version: 14.25.28508.3 - Microsoft Corporation)
Microsoft Visual Studio Installer (HKLM\...\{6F320B93-EE3C-4826-85E0-ADF79F8D4C61}) (Version: 2.5.2059.317 - Microsoft Corporation)
Microsoft VSS Writer for SQL Server 2017 (HKLM\...\{20B328C9-C6BB-434A-928A-00F05CD820B8}) (Version: 14.0.1000.169 - Microsoft Corporation)
Microsoft Web Deploy 4.0 (HKLM\...\{BBCDB523-F5B7-4E53-A911-C85191E3BDF0}) (Version: 10.0.2606 - Microsoft Corporation)
MiniTool Power Data Recovery (HKLM-x32\...\MiniTool Power Data Recovery_is1) (Version: - MiniTool Solution Ltd.)
Mozilla Firefox 88.0 (x64 en-US) (HKLM\...\Mozilla Firefox 88.0 (x64 en-US)) (Version: 88.0 - Mozilla)
Mozilla Maintenance Service (HKLM\...\MozillaMaintenanceService) (Version: 55.0.3 - Mozilla)
Mp3tag v2.73 (HKLM-x32\...\Mp3tag) (Version: v2.73 - Florian Heidenreich)
MSVC90_x64 (HKLM\...\{AB071C8B-873C-459F-ACA9-9EBE03C3E89B}) (Version: 1.0.1.2 - Nokia) Hidden
MSVC90_x86 (HKLM-x32\...\{AF111648-99A1-453E-81DD-80DBBF6DAD0D}) (Version: 1.0.1.2 - Nokia) Hidden
NCSS 97 (HKLM-x32\...\NCSS 97) (Version: - )
Podpora Apple aplikácií (32-bit) (HKLM-x32\...\{CCA8C50D-785B-4896-8675-FFE0C4ECCBC3}) (Version: 8.7 - Apple Inc.)
Podpora Apple aplikácií(64-bit) (HKLM\...\{75BEF7E8-4370-4D42-94F3-B5AA77057965}) (Version: 8.7 - Apple Inc.)
ProtonVPN (HKLM-x32\...\{FFAFEA09-E7DA-4710-A278-7F0506C96829}) (Version: 1.18.5 - Proton Technologies AG) Hidden
ProtonVPN (HKLM-x32\...\ProtonVPN 1.18.5) (Version: 1.18.5 - Proton Technologies AG)
ProtonVPNTap (HKLM-x32\...\{5DA710E2-1B81-4675-BFC5-76BAF63AE1F6}) (Version: 1.1.3 - Proton Technologies AG)
Real Time Relativity v1.6.0 (HKLM-x32\...\{0DFC5A30-1D57-4EF6-ABDA-C58C4DC1475B}) (Version: 1.6.0 - Australian National University)
Realtek USB Fast Ethernet Controller All-In-One Windows Driver (HKLM-x32\...\{D2B61BE0-B18B-4091-81B4-F234F4C30DFD}) (Version: 8.13.106.2014 - Realtek)
SQL Server 2017 Advanced Analytics (HKLM\...\{3471E30E-5FFC-4FB1-81BA-43060B3D2B42}) (Version: 14.0.1000.169 - Microsoft Corporation) Hidden
SQL Server 2017 Advanced Analytics (HKLM\...\{826DA700-7B76-49BA-8A83-E55F5FA1301E}) (Version: 14.0.1000.169 - Microsoft Corporation) Hidden
SQL Server 2017 Batch Parser (HKLM\...\{2C6E8311-28BD-4615-9545-6E39E8E83A4B}) (Version: 14.0.1000.169 - Microsoft Corporation) Hidden
SQL Server 2017 Client Tools (HKLM\...\{A6A9EFA1-AFEB-4209-B25D-3CFF2E6FAE2C}) (Version: 14.0.1000.169 - Microsoft Corporation) Hidden
SQL Server 2017 Client Tools (HKLM\...\{BD1502B1-778B-44B6-B2B4-0B77BD0366A1}) (Version: 14.0.1000.169 - Microsoft Corporation) Hidden
SQL Server 2017 Client Tools Extensions (HKLM\...\{06324A5D-66BB-4FAC-8D0B-9FEC1B230FFF}) (Version: 14.0.1000.169 - Microsoft Corporation) Hidden
SQL Server 2017 Client Tools Extensions (HKLM\...\{200F38B2-1492-4576-B08C-78F2C2C953FC}) (Version: 14.0.1000.169 - Microsoft Corporation) Hidden
SQL Server 2017 Common Files (HKLM\...\{9D1C0509-D490-4E9E-ACF5-A73E5C53742D}) (Version: 14.0.1000.169 - Microsoft Corporation) Hidden
SQL Server 2017 Common Files (HKLM\...\{B777C4C0-A1CD-4AB9-99B1-AD5FBED6F8E5}) (Version: 14.0.1000.169 - Microsoft Corporation) Hidden
SQL Server 2017 Connection Info (HKLM\...\{89A7644F-E056-4EC1-BFDE-9D1A531D6855}) (Version: 14.0.1000.169 - Microsoft Corporation) Hidden
SQL Server 2017 Connection Info (HKLM\...\{A9A443F5-56E1-4FC6-937C-5F481345A843}) (Version: 14.0.1000.169 - Microsoft Corporation) Hidden
SQL Server 2017 Database Engine Services (HKLM\...\{28EEF6BA-A23A-42D2-86BA-A6BEE723B969}) (Version: 14.0.1000.169 - Microsoft Corporation) Hidden
SQL Server 2017 Database Engine Services (HKLM\...\{36C9ADEE-91B0-4FFA-9CBA-9164CE6089D5}) (Version: 14.0.1000.169 - Microsoft Corporation) Hidden
SQL Server 2017 Database Engine Services (HKLM\...\{CDFAD32A-7C67-44E2-B4FC-80F2D748A032}) (Version: 14.0.1000.169 - Microsoft Corporation) Hidden
SQL Server 2017 Database Engine Services (HKLM\...\{DED314CA-0EFE-4593-9D66-EF75E5289A4C}) (Version: 14.0.1000.169 - Microsoft Corporation) Hidden
SQL Server 2017 Database Engine Shared (HKLM\...\{0E22DBB4-691B-400C-B52D-8DFE8EC421AA}) (Version: 14.0.1000.169 - Microsoft Corporation) Hidden
SQL Server 2017 Database Engine Shared (HKLM\...\{793F1C1E-5C83-4E33-A29B-6EAA7C1E791C}) (Version: 14.0.1000.169 - Microsoft Corporation) Hidden
SQL Server 2017 DMF (HKLM\...\{B9998A13-5563-496C-B95E-597FFC70B670}) (Version: 14.0.1000.169 - Microsoft Corporation) Hidden
SQL Server 2017 DMF (HKLM\...\{D7D28BBF-3B0E-43F0-A457-331F1CD9E9EB}) (Version: 14.0.1000.169 - Microsoft Corporation) Hidden
SQL Server 2017 Full text search (HKLM\...\{887B9993-3A2F-43B1-B7C1-B6CCF8B0D0FA}) (Version: 14.0.1000.169 - Microsoft Corporation) Hidden
SQL Server 2017 Full text search (HKLM\...\{C37AD300-12CF-4911-9019-A05D66055EB4}) (Version: 14.0.1000.169 - Microsoft Corporation) Hidden
SQL Server 2017 Shared Management Objects (HKLM\...\{10855B1A-F7F2-4D8A-A725-9287C73BED5A}) (Version: 14.0.1000.169 - Microsoft Corporation) Hidden
SQL Server 2017 Shared Management Objects (HKLM\...\{6CBBF624-696C-499E-948D-ADBAFFA2F548}) (Version: 14.0.1000.169 - Microsoft Corporation) Hidden
SQL Server 2017 Shared Management Objects Extensions (HKLM\...\{8C515C22-BE07-4908-985C-0AA9349E1ED4}) (Version: 14.0.1000.169 - Microsoft Corporation) Hidden
SQL Server 2017 Shared Management Objects Extensions (HKLM\...\{C6D92730-3EC0-47B1-8F6C-6F5635D1EFAC}) (Version: 14.0.1000.169 - Microsoft Corporation) Hidden
SQL Server 2017 SQL Diagnostics (HKLM\...\{DFA6A906-3024-49DE-87AD-750EAED2FA49}) (Version: 14.0.1000.169 - Microsoft Corporation) Hidden
SQL Server 2017 sql_inst_mpy (HKLM\...\{86DE7941-F5F3-48DF-A45F-82FA91217B45}) (Version: 14.0.1000.169 - Microsoft Corporation) Hidden
SQL Server 2017 sql_inst_mpy (HKLM\...\{EE93819A-0492-4720-8721-1D06BF78457F}) (Version: 14.0.1000.169 - Microsoft Corporation) Hidden
SQL Server 2017 sql_inst_mr (HKLM\...\{8868BCE1-8084-4035-AE2A-13765BE09D93}) (Version: 14.0.1000.169 - Microsoft Corporation) Hidden
SQL Server 2017 sql_inst_mr (HKLM\...\{F3C3A536-BF8E-467A-8E33-4C508B8BC52F}) (Version: 14.0.1000.169 - Microsoft Corporation) Hidden
SQL Server 2017 XEvent (HKLM\...\{12D2DB8D-80FF-4152-8F51-EDB3BD3C6976}) (Version: 14.0.1000.169 - Microsoft Corporation) Hidden
SQL Server 2017 XEvent (HKLM\...\{AA2A015C-C210-413B-95F6-BF9D3CDD6E0D}) (Version: 14.0.1000.169 - Microsoft Corporation) Hidden
SWF File Player (HKLM-x32\...\{6A86F611-906C-422D-B34A-103662CBC195}_is1) (Version: - swffileplayer.com)
Total Commander 64-bit (Remove or Repair) (HKLM\...\Totalcmd64) (Version: 9.51 - Ghisler Software GmbH)
Update for 2007 Microsoft Office System (KB967642) (HKLM-x32\...\{90120000-0030-0000-0000-0000000FF1CE}_ENTERPRISE_{C444285D-5E4F-48A4-91DD-47AAAA68E92D}) (Version: - Microsoft)
VLC media player (HKLM-x32\...\VLC media player) (Version: 3.0.6 - VideoLAN)
WavePad Sound Editor (HKLM-x32\...\WavePad) (Version: 8.02 - NCH Software)
WinFlash (HKLM-x32\...\{8F21291E-0444-4B1D-B9F9-4370A73E346D}) (Version: 2.42.0 - ASUS)
WinRAR 5.70 (64-bit) (HKLM\...\WinRAR archiver) (Version: 5.70.0 - win.rar GmbH)

Packages:
=========
ASUS WebStorage -> C:\Program Files\WindowsApps\ASUSCloudCorporation.MobileFileExplorer_1.0.23.178_x86__wk4d32h0cvhem [2014-11-16] (ASUS Cloud Corporation)
Flipboard -> C:\Program Files\WindowsApps\Flipboard.Flipboard_2.0.6.0_neutral__3f5azkryzdbc4 [2014-11-16] (Flipboard)
Fresh Paint -> C:\Program Files\WindowsApps\Microsoft.FreshPaint_2.0.14057.1_x86__8wekyb3d8bbwe [2015-09-02] (Microsoft Corporation)
Games -> C:\Program Files\WindowsApps\Microsoft.XboxLIVEGames_2.0.139.0_x64__8wekyb3d8bbwe [2015-05-13] (Microsoft Corporation) [MS Ad]
Kinect for Windows Framework -> C:\Program Files\WindowsApps\Microsoft.WindowsPreview.Kinect.8.0_2.0.1410.19000_x64__8wekyb3d8bbwe [2015-11-07] (Microsoft Corporation)
Kinect for Windows Framework -> C:\Program Files\WindowsApps\Microsoft.WindowsPreview.Kinect.8.0_2.0.1410.19000_x86__8wekyb3d8bbwe [2015-11-07] (Microsoft Corporation)
Kinect for Windows Framework -> C:\Program Files\WindowsApps\Microsoft.WindowsPreview.Kinect.8.1_2.0.1410.19000_x64__8wekyb3d8bbwe [2015-11-07] (Microsoft Corporation)
Kinect for Windows Framework -> C:\Program Files\WindowsApps\Microsoft.WindowsPreview.Kinect.8.1_2.0.1410.19000_x86__8wekyb3d8bbwe [2015-11-07] (Microsoft Corporation)
Knižnica systému Microsoft Windows pre skript JavaScript -> C:\Program Files\WindowsApps\Microsoft.WinJS.2.0.Preview_1.0.9431.0_neutral__8wekyb3d8bbwe [2015-11-07] (Rozšírenia platformy spoločnosti Microsoft)
Knižnica systému Microsoft Windows pre skript JavaScript -> C:\Program Files\WindowsApps\Microsoft.WinJS.Preview.1_1.0.9345.0_neutral__8wekyb3d8bbwe [2015-11-07] (Microsoft Platform Extensions)
Microsoft PlayReady -> C:\Program Files\WindowsApps\Microsoft.Internal.Media.PlayReadyClient_2.3.1678.1_x64__8wekyb3d8bbwe [2015-11-07] (Microsoft Corporation)
Microsoft PlayReady -> C:\Program Files\WindowsApps\Microsoft.Internal.Media.PlayReadyClient_2.3.1678.1_x86__8wekyb3d8bbwe [2015-11-07] (Microsoft Corporation)
Microsoft Visual C++ Runtime Package -> C:\Program Files\WindowsApps\Microsoft.VCLibs.120.00.Preview.Internal_12.0.20222.2_x64__8wekyb3d8bbwe [2015-11-07] (Microsoft Platform Extensions Internal)
Microsoft Visual C++ Runtime Package -> C:\Program Files\WindowsApps\Microsoft.VCLibs.120.00.Preview.Internal_12.0.20222.2_x86__8wekyb3d8bbwe [2015-11-07] (Microsoft Platform Extensions Internal)
Microsoft Windows Library for JavaScript -> C:\Program Files\WindowsApps\Microsoft.WinJS.2.0.Preview.Internal_1.0.9385.3_neutral__8wekyb3d8bbwe [2015-11-07] (Microsoft Platform Extensions)
Music -> C:\Program Files\WindowsApps\Microsoft.ZuneMusic_2.2.903.0_x64__8wekyb3d8bbwe [2015-05-13] (Microsoft Corporation) [MS Ad]
mxtest2 -> C:\Program Files\WindowsApps\24712m1dfmmengesha.mxtest2_2.0.0.0_neutral__x35ns48czryn0 [2015-11-07] (m1df_mmengesha)
Skype -> C:\Program Files\WindowsApps\Microsoft.SkypeApp_3.0.0.1002_x86__kzf8qxf38zg5c [2014-11-16] (Skype) [MS Ad]
Skype WiFi -> C:\Program Files\WindowsApps\Microsoft.SkypeWiFi_1.2.0.5_x86__kzf8qxf38zg5c [2014-11-16] (Skype)
Test_Framework_BP_052015 -> C:\Program Files\WindowsApps\24712m1dfmmengesha.TestFrameworkBP052015_1.0.0.9_neutral__x35ns48czryn0 [2015-11-07] (m1df_mmengesha)
Test_Framework_win81appxneutral_061115 -> C:\Program Files\WindowsApps\24712m1dfmmengesha.TestFrameworkwin81appxneutral06_4.0.0.7_neutral__x35ns48czryn0 [2015-11-07] (M1DF_Mmengesha)
Test_FrameworkBackpublish_050515 -> C:\Program Files\WindowsApps\24712m1dfmmengesha.TestFrameworkBackpublish050515_1.0.0.0_neutral__x35ns48czryn0 [2015-11-07] (m1df_mmengesha)
Video -> C:\Program Files\WindowsApps\Microsoft.ZuneVideo_2.6.183.0_x64__8wekyb3d8bbwe [2015-05-13] (Microsoft Corporation) [MS Ad]

==================== Custom CLSID (Whitelisted): ==============

(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)

ContextMenuHandlers1: [Foxit_ConvertToPDF_Reader] -> {A94757A0-0226-426F-B4F1-4DF381C630D3} => C:\Program Files (x86)\Foxit Software\Foxit Reader\plugins\ConvertToPDFShellExtension_x64.dll [2018-12-25] (Foxit Software Incorporated -> Foxit Software Inc.)
ContextMenuHandlers1: [Mp3tagShell] -> {6351E20C-35FA-4BE3-98FB-4CABF1363E12} => C:\Program Files (x86)\Mp3tag\Mp3tagShell64.dll [2015-12-19] (Florian Heidenreich) [File not signed]
ContextMenuHandlers1: [PeContextMenuExtension] -> {098A124A-AA1C-38C8-A65E-D1199A14516A} => C:\Program Files (x86)\Common Files\Wondershare\PDFelement\AddIns\PEShellExt_x64.dll [2020-03-31] (Wondershare Technology Co.,Ltd -> Wondershare)
ContextMenuHandlers1: [PhotoStreamsExt] -> {89D984B3-813B-406A-8298-118AFA3A22AE} => C:\Program Files\Common Files\Apple\Internet Services\ShellStreams64.dll [2020-09-08] (Apple Inc. -> Apple Inc.)
ContextMenuHandlers1: [WinRAR] -> {B41DB860-64E4-11D2-9906-E49FADC173CA} => C:\Program Files\WinRAR\rarext.dll [2019-02-24] (win.rar GmbH -> Alexander Roshal)
ContextMenuHandlers1-x32: [WinRAR32] -> {B41DB860-8EE4-11D2-9906-E49FADC173CA} => C:\Program Files\WinRAR\rarext32.dll [2019-02-24] (win.rar GmbH -> Alexander Roshal)
ContextMenuHandlers2: [Mp3tagShell] -> {6351E20C-35FA-4BE3-98FB-4CABF1363E12} => C:\Program Files (x86)\Mp3tag\Mp3tagShell64.dll [2015-12-19] (Florian Heidenreich) [File not signed]
ContextMenuHandlers4: [Mp3tagShell] -> {6351E20C-35FA-4BE3-98FB-4CABF1363E12} => C:\Program Files (x86)\Mp3tag\Mp3tagShell64.dll [2015-12-19] (Florian Heidenreich) [File not signed]
ContextMenuHandlers4: [PowerISO] -> {967B2D40-8B7D-4127-9049-61EA0C2C6DCE} => -> No File
ContextMenuHandlers5: [igfxDTCM] -> {9B5F5829-A529-4B12-814A-E81BCB8D93FC} => C:\Windows\system32\igfxDTCM.dll [2014-11-19] (Microsoft Windows Hardware Compatibility Publisher -> Intel Corporation)
ContextMenuHandlers6: [Foxit_ConvertToPDF_Reader] -> {A94757A0-0226-426F-B4F1-4DF381C630D3} => C:\Program Files (x86)\Foxit Software\Foxit Reader\plugins\ConvertToPDFShellExtension_x64.dll [2018-12-25] (Foxit Software Incorporated -> Foxit Software Inc.)
ContextMenuHandlers6: [PowerISO] -> {967B2D40-8B7D-4127-9049-61EA0C2C6DCE} => -> No File
ContextMenuHandlers6: [WinRAR] -> {B41DB860-64E4-11D2-9906-E49FADC173CA} => C:\Program Files\WinRAR\rarext.dll [2019-02-24] (win.rar GmbH -> Alexander Roshal)
ContextMenuHandlers6-x32: [WinRAR32] -> {B41DB860-8EE4-11D2-9906-E49FADC173CA} => C:\Program Files\WinRAR\rarext32.dll [2019-02-24] (win.rar GmbH -> Alexander Roshal)

==================== Codecs (Whitelisted) ====================

(If an entry is included in the fixlist, the registry item will be restored to default or removed. The file will not be moved.)

HKLM\...\Drivers32: [vidc.iv50] => C:\Windows\SysWOW64\ir50_32original.dll [746496 2013-08-22] (Microsoft Windows -> Intel Corporation)
HKLM\...\Drivers32: [msacm.iac2] => C:\Windows\SysWOW64\iac25_32.ax [197632 2013-08-22] (Microsoft Windows -> Intel Corporation)
HKLM\...\Drivers32: [VIDC.IV41] => C:\Windows\SysWOW64\IR41_32.AX [8704 2014-10-29] (Microsoft Windows -> Microsoft Corporation)

==================== Shortcuts & WMI ========================

(The entries could be listed to be restored or removed.)

Shortcut: C:\Users\uzivatel\Favorites\NCH Software Download Site.lnk -> hxxp://www.nch.com.au/index.htm
ShortcutWithArgument: C:\Users\uzivatel\AppData\Roaming\Microsoft\Internet Explorer\Quick Launch\User Pinned\TaskBar\Microsoft Edge (2).lnk -> C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe (Microsoft Corporation) -> --profile-directory=Default

==================== Loaded Modules (Whitelisted) =============

2020-03-27 21:50 - 2017-08-24 03:13 - 000954368 _____ () [File not signed] C:\Program Files\Microsoft SQL Server\MSSQL14.MSSQLSERVER\MSSQL\Binn\Pythonlauncher.dll
2020-03-27 21:33 - 2017-08-24 03:12 - 000954368 _____ () [File not signed] C:\Program Files\Microsoft SQL Server\MSSQL14.MSSQLSERVER\MSSQL\Binn\RLauncher.dll
2018-03-28 17:22 - 2017-08-24 03:13 - 000954368 _____ () [File not signed] C:\Program Files\Microsoft SQL Server\MSSQL14.SQLEXPRESS\MSSQL\Binn\Pythonlauncher.dll
2018-03-28 17:11 - 2017-08-24 03:12 - 000954368 _____ () [File not signed] C:\Program Files\Microsoft SQL Server\MSSQL14.SQLEXPRESS\MSSQL\Binn\RLauncher.dll

==================== Alternate Data Streams (Whitelisted) ========

==================== Safe Mode (Whitelisted) ==================

(If an entry is included in the fixlist, it will be removed from the registry. The "AlternateShell" will be restored.)

HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\MBAMService => ""="Service"
HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Network\MBAMService => ""="Service"

==================== Association (Whitelisted) =================

==================== Internet Explorer (Whitelisted) ==========

HKU\S-1-5-21-4176085001-3363555415-2058170901-1001\Software\Microsoft\Internet Explorer\Main,Start Page = hxxp://asus13.msn.com/?pc=ASJB
HKU\S-1-5-21-4176085001-3363555415-2058170901-1001\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = hxxp://asus13.msn.com/?pc=ASJB
HKU\S-1-5-21-4176085001-3363555415-2058170901-500\Software\Microsoft\Internet Explorer\Main,Start Page = hxxp://asus13.msn.com/?pc=ASJB
HKU\S-1-5-21-4176085001-3363555415-2058170901-500\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = hxxp://asus13.msn.com/?pc=ASJB
URLSearchHook: [S-1-5-80-1985561900-798682989-2213159822-1904180398-3434236965] ATTENTION => Default URLSearchHook is missing
URLSearchHook: [S-1-5-80-2652535364-2169709536-2857650723-2622804123-1107741775] ATTENTION => Default URLSearchHook is missing
URLSearchHook: [S-1-5-80-3263513310-3392720605-1798839546-683002060-3227631582] ATTENTION => Default URLSearchHook is missing
URLSearchHook: [S-1-5-80-3477044410-376262199-2110164357-2030828471-4165405235] ATTENTION => Default URLSearchHook is missing
URLSearchHook: [S-1-5-80-3880006512-4290199581-1648723128-3569869737-3631323133] ATTENTION => Default URLSearchHook is missing
URLSearchHook: [S-1-5-80-3880718306-3832830129-1677859214-2598158968-1052248003] ATTENTION => Default URLSearchHook is missing
URLSearchHook: [S-1-5-80-3919359670-3540430778-4246408611-3681914861-206046543] ATTENTION => Default URLSearchHook is missing
URLSearchHook: [S-1-5-80-997390408-2153310517-3119169589-2253446180-2226563786] ATTENTION => Default URLSearchHook is missing

==================== Hosts content: =========================

(If needed Hosts: directive could be included in the fixlist to reset Hosts.)

2013-08-22 15:25 - 2019-04-28 18:57 - 000000824 _____ C:\Windows\system32\drivers\etc\hosts

==================== Other Areas ===========================

(Currently there is no automatic fix for this section.)

HKLM\System\CurrentControlSet\Control\Session Manager\Environment\\Path -> C:\Program Files\Microsoft MPI\Bin\;C:\Program Files (x86)\Intel\iCLS Client\;C:\Program Files\Intel\iCLS Client\;%SystemRoot%\system32;%SystemRoot%;%SystemRoot%\System32\Wbem;%SYSTEMROOT%\System32\WindowsPowerShell\v1.0\;C:\Program Files\Intel\Intel(R) Management Engine Components\DAL;C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\DAL;C:\Program Files\Intel\Intel(R) Management Engine Components\IPT;C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\IPT;C:\Program Files\Intel\WiFi\bin\;C:\Program Files\Common Files\Intel\WirelessCommon\;C:\Program Files (x86)\Smart Projects\IsoBuster;C:\Program Files (x86)\Microsoft SQL Server\140\Tools\Binn\;C:\Program Files\Microsoft SQL Server\140\Tools\Binn\;C:\Program Files (x86)\Microsoft SQL Server\140\DTS\Binn\;C:\Program Files\Microsoft SQL Server\140\DTS\Binn\;C:\Program Files\Microsoft SQL Server\Client SDK\ODBC\130\Tools\Binn\;C:\Program Files\Microsoft SQL Server\130\Tools\Binn\;C:\Program Files\Microsoft SQL Server\Client SDK\ODBC\170\Tools\Binn\
HKU\S-1-5-21-4176085001-3363555415-2058170901-1001\Control Panel\Desktop\\Wallpaper -> C:\Users\uzivatel\AppData\Roaming\Microsoft\Windows Photo Viewer\Tapeta programu Windows Photo Viewer.jpg
HKU\S-1-5-21-4176085001-3363555415-2058170901-500\Control Panel\Desktop\\Wallpaper -> C:\Windows\asus\wallpapers\asus.jpg
DNS Servers: 8.8.8.8
HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Policies\System => (ConsentPromptBehaviorAdmin: 5) (ConsentPromptBehaviorUser: 3) (EnableLUA: 1)
HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer => (SmartScreenEnabled: RequireAdmin)
Windows Firewall is enabled.

==================== MSCONFIG/TASK MANAGER disabled items ==

(If an entry is included in the fixlist, it will be removed.)

MSCONFIG\Services: AdobeFlashPlayerUpdateSvc => 3
MSCONFIG\Services: Asus WebStorage Windows Service => 2
MSCONFIG\Services: ServiceLayer => 3
MSCONFIG\Services: SkypeUpdate => 2
HKLM\...\StartupApproved\Run: => "iTunesHelper"
HKLM\...\StartupApproved\Run32: => "GrooveMonitor"
HKU\S-1-5-21-4176085001-3363555415-2058170901-1001\...\StartupApproved\Run: => "PC Suite Tray"
HKU\S-1-5-21-4176085001-3363555415-2058170901-1001\...\StartupApproved\Run: => "iCloudServices"

==================== FirewallRules (Whitelisted) ================

(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)

FirewallRules: [{00064B71-B157-4296-B557-1B5790C7A22A}] => (Allow) C:\Program Files\Intel\WiFi\bin\PanDhcpDns.exe (Intel Corporation-Mobile Wireless Group -> )
FirewallRules: [{CDC23CF8-26ED-4146-AF84-C61C5224D039}] => (Allow) C:\Program Files\Intel Corporation\Intel WiDi\WiDiApp.exe (Intel(R) Wireless Display -> Intel Corporation)
FirewallRules: [{44EC8DD0-D4D8-4E65-88F4-A2B4ADC0F6A3}] => (Allow) C:\Program Files\Intel Corporation\USB over IP\bin\UoipService.exe (Intel(R) Wireless Display -> Intel)
FirewallRules: [{D7FFF49A-1F52-4E26-B9A6-E4DA766FEC3D}] => (Allow) C:\Program Files\Mozilla Firefox\firefox.exe (Mozilla Corporation -> Mozilla Corporation)
FirewallRules: [{8E23E35F-F8AE-4C90-8718-E7FD6017DAFA}] => (Allow) C:\Program Files\Mozilla Firefox\firefox.exe (Mozilla Corporation -> Mozilla Corporation)
FirewallRules: [TCP Query User{D2482C71-4345-456B-ACFC-6B5C63FE7E7E}C:\program files\mozilla firefox\firefox.exe] => (Block) C:\program files\mozilla firefox\firefox.exe (Mozilla Corporation -> Mozilla Corporation)
FirewallRules: [UDP Query User{AF2D4A39-57B3-4979-B349-58FCB38A6E6A}C:\program files\mozilla firefox\firefox.exe] => (Block) C:\program files\mozilla firefox\firefox.exe (Mozilla Corporation -> Mozilla Corporation)
FirewallRules: [{1DC6AEFE-FF81-46D4-B274-D2F83EA419B9}] => (Allow) C:\Program Files (x86)\Common Files\Apple\Apple Application Support\APSDaemon.exe (Apple Inc. -> Apple Inc.)
FirewallRules: [{CFB942CC-94F4-49FF-886F-CF2C62D91B98}] => (Allow) C:\Program Files\Microsoft MPI\Bin\msmpilaunchsvc.exe () [File not signed]
FirewallRules: [{C8B507A4-20ED-43EA-883A-52760D526974}] => (Allow) C:\Program Files\Microsoft MPI\Bin\msmpilaunchsvc.exe () [File not signed]
FirewallRules: [{F2D32F0B-74C1-4DD7-AB29-12339BE07A8A}] => (Allow) C:\Program Files\Microsoft MPI\Bin\mpiexec.exe (Microsoft Corporation -> Microsoft Corporation)
FirewallRules: [{7D7B0550-C56E-46FD-BDCA-78FBB6749B16}] => (Allow) C:\Program Files\Microsoft MPI\Bin\mpiexec.exe (Microsoft Corporation -> Microsoft Corporation)
FirewallRules: [{42BEFE17-0576-4BB0-9281-82B806FDF264}] => (Allow) C:\Program Files\Microsoft MPI\Bin\smpd.exe (Microsoft Corporation -> Microsoft Corporation)
FirewallRules: [{F7F5DADB-311C-4209-A324-22437AB8B550}] => (Allow) C:\Program Files\Microsoft MPI\Bin\smpd.exe (Microsoft Corporation -> Microsoft Corporation)
FirewallRules: [{C50432B7-A71F-4386-8DAB-66320D6406CA}] => (Allow) C:\Program Files\Bonjour\mDNSResponder.exe (Apple Inc. -> Apple Inc.)
FirewallRules: [{C5906037-302B-494F-B7C4-547AEF751EDB}] => (Allow) C:\Program Files\Bonjour\mDNSResponder.exe (Apple Inc. -> Apple Inc.)
FirewallRules: [{EE10742C-392D-4081-A4B4-AE5D407D07F0}] => (Allow) C:\Program Files (x86)\Bonjour\mDNSResponder.exe (Apple Inc. -> Apple Inc.)
FirewallRules: [{3EAC0EFC-D28E-4EBF-9057-5F852B5C2739}] => (Allow) C:\Program Files (x86)\Bonjour\mDNSResponder.exe (Apple Inc. -> Apple Inc.)
FirewallRules: [{3281E48D-43E7-42AF-B558-92456C1170FF}] => (Allow) C:\Program Files\iTunes\iTunes.exe (Apple Inc. -> Apple Inc.)
FirewallRules: [{77EDDA08-40AF-44AA-A872-93B19B8A512E}] => (Allow) C:\Program Files (x86)\MiniTool ShadowMaker\AgentService.exe => No File
FirewallRules: [{6ECF7D9C-214B-46A2-939D-E96C305ED9E2}] => (Allow) C:\Program Files (x86)\MiniTool ShadowMaker\AgentService.exe => No File
FirewallRules: [TCP Query User{430F1CC7-79F0-4BF0-8065-BBD2B5884DD2}C:\program files (x86)\videolan\vlc\vlc.exe] => (Block) C:\program files (x86)\videolan\vlc\vlc.exe (VideoLAN -> VideoLAN)
FirewallRules: [UDP Query User{4BA4B603-A7AE-406B-874F-CADC2C8F3CCE}C:\program files (x86)\videolan\vlc\vlc.exe] => (Block) C:\program files (x86)\videolan\vlc\vlc.exe (VideoLAN -> VideoLAN)

==================== Restore Points =========================

29-03-2021 21:59:20 Scheduled Checkpoint
07-04-2021 17:00:41 Scheduled Checkpoint
14-04-2021 17:50:07 Scheduled Checkpoint

==================== Faulty Device Manager Devices ============


==================== Event log errors: ========================

Application errors:
==================
Error: (04/22/2021 07:27:18 PM) (Source: Microsoft-Windows-LoadPerf) (EventID: 3006) (User: NT AUTHORITY)
Description: Unable to read the performance counter strings defined for the 01b language ID. The first DWORD in the Data section contains the Win32 error code.

Error: (04/21/2021 06:57:46 PM) (Source: Microsoft-Windows-LoadPerf) (EventID: 3006) (User: NT AUTHORITY)
Description: Unable to read the performance counter strings defined for the 01b language ID. The first DWORD in the Data section contains the Win32 error code.

Error: (04/21/2021 05:24:50 PM) (Source: Microsoft-Windows-LoadPerf) (EventID: 3006) (User: NT AUTHORITY)
Description: Unable to read the performance counter strings defined for the 01b language ID. The first DWORD in the Data section contains the Win32 error code.

Error: (04/20/2021 07:56:29 PM) (Source: Microsoft-Windows-LoadPerf) (EventID: 3006) (User: NT AUTHORITY)
Description: Unable to read the performance counter strings defined for the 01b language ID. The first DWORD in the Data section contains the Win32 error code.

Error: (04/20/2021 08:39:53 AM) (Source: Microsoft-Windows-LoadPerf) (EventID: 3006) (User: NT AUTHORITY)
Description: Unable to read the performance counter strings defined for the 01b language ID. The first DWORD in the Data section contains the Win32 error code.

Error: (04/19/2021 02:16:32 PM) (Source: Microsoft-Windows-LoadPerf) (EventID: 3006) (User: NT AUTHORITY)
Description: Unable to read the performance counter strings defined for the 01b language ID. The first DWORD in the Data section contains the Win32 error code.

Error: (04/18/2021 09:43:27 AM) (Source: Microsoft-Windows-LoadPerf) (EventID: 3006) (User: NT AUTHORITY)
Description: Unable to read the performance counter strings defined for the 01b language ID. The first DWORD in the Data section contains the Win32 error code.

Error: (04/17/2021 08:15:14 PM) (Source: Microsoft-Windows-LoadPerf) (EventID: 3006) (User: NT AUTHORITY)
Description: Unable to read the performance counter strings defined for the 01b language ID. The first DWORD in the Data section contains the Win32 error code.


System errors:
=============
Error: (04/22/2021 07:31:07 PM) (Source: DCOM) (EventID: 10010) (User: Zero1)
Description: The server {1B1F472E-3221-4826-97DB-2C2324D389AE} did not register with DCOM within the required timeout.

Error: (04/22/2021 07:30:37 PM) (Source: DCOM) (EventID: 10010) (User: Zero1)
Description: The server {BF6C1E47-86EC-4194-9CE5-13C15DCB2001} did not register with DCOM within the required timeout.

Error: (04/22/2021 07:19:40 PM) (Source: Application Popup) (EventID: 1060) (User: )
Description: \SystemRoot\SysWow64\Drivers\ISODisk.SYS

Error: (04/21/2021 06:50:10 PM) (Source: Application Popup) (EventID: 1060) (User: )
Description: \SystemRoot\SysWow64\Drivers\ISODisk.SYS

Error: (04/21/2021 05:17:16 PM) (Source: Application Popup) (EventID: 1060) (User: )
Description: \SystemRoot\SysWow64\Drivers\ISODisk.SYS

Error: (04/20/2021 07:48:52 PM) (Source: Application Popup) (EventID: 1060) (User: )
Description: \SystemRoot\SysWow64\Drivers\ISODisk.SYS

Error: (04/20/2021 05:09:19 PM) (Source: Service Control Manager) (EventID: 7034) (User: )
Description: Služba SQL Server Launchpad (SQLEXPRESS) sa neočakávane ukončila. Služba sa týmto spôsobom ukončila už 1-krát.

Error: (04/20/2021 05:09:19 PM) (Source: Service Control Manager) (EventID: 7034) (User: )
Description: Služba SQL Server Launchpad (MSSQLSERVER) sa neočakávane ukončila. Služba sa týmto spôsobom ukončila už 1-krát.


Windows Defender:
================
Date: 2021-04-04 09:17:00.482
Description:
Windows Defender scan has been stopped before completion.
Scan Type: Antimalware
Scan Parameters: Quick Scan


==================== Memory info ===========================

BIOS: American Megatrends Inc. UX303LAB.210 08/25/2015
Motherboard: ASUSTeK COMPUTER INC. UX303LAB
Processor: Intel(R) Core(TM) i7-5500U CPU @ 2.40GHz
Percentage of memory in use: 27%
Total physical RAM: 12190.62 MB
Available physical RAM: 8792.71 MB
Total Virtual: 14046.62 MB
Available Virtual: 10045.63 MB

==================== Drives ================================

Drive c: (OS) (Fixed) (Total:95.39 GB) (Free:42.36 GB) NTFS ==>[system with boot components (obtained from drive)]
Drive d: (Data) (Fixed) (Total:127.85 GB) (Free:22.81 GB) NTFS

\\?\Volume{b977aa05-4b82-4de1-ac1d-0e7ff201f181}\ (Recovery) (Fixed) (Total:15.01 GB) (Free:3.73 GB) NTFS

==================== MBR & Partition Table ====================

==========================================================
Disk: 0 (Size: 238.5 GB) (Disk ID: 90842B2C)

Partition: GPT.

==================== End of Addition.txt =======================

Re: prosim kontrolu logu, dakujem

Napsal: 25 dub 2021 19:32
od Conder
Ahoj :)

:arrow: Trochu nam tu zapadla tema, kedze si aj sam odpovedal (tym druhym prispevkom s logom).

:arrow: Stiahni AdwCleaner: https://toolslib.net/downloads/finish/1/
  • Uloz na plochu a ukonci vsetky programy
  • Spusti AdwCleaner ako spravca
  • Odsuhlas licencne podmienky
  • Klikni na Spustit skenovani a pockaj na dokoncenie
  • V pripade nalezov nechaj vsetky nalezy oznacene a klikni na Karantena (ak nie su ziadne nalezy, tak na Spustit zakladni opravu)
  • V pripade, ze sa detekuje aj "predinstalovany software", tieto programy mozes, ale nemusis zmazat (toto nie su skodlive programy, ale iba zbytocnosti)
  • Potvrd vyzvu, pockaj na dokoncenie a potvrd restartovanie PC
  • Po restartovani PC sa otvori AdwCleaner, klikni na Zobrazit soubor protokolu
  • Otvori sa log, jeho obsah skopiruj a vloz do dalsej odpovede

Re: prosim kontrolu logu, dakujem

Napsal: 26 dub 2021 16:55
od talbott
Chcel som rozdelit dva subory do dvoch prispevkov :-)
V ponuke bolo zobrazit subor dennika:

# -------------------------------
# Malwarebytes AdwCleaner 8.2.0.0
# -------------------------------
# Build: 03-22-2021
# Database: 2021-04-20.1 (Cloud)
# Support: https://www.malwarebytes.com/support
#
# -------------------------------
# Mode: Clean
# -------------------------------
# Start: 04-26-2021
# Duration: 00:00:01
# OS: Windows 8.1 Pro
# Cleaned: 4
# Failed: 0


***** [ Services ] *****

No malicious services cleaned.

***** [ Folders ] *****

Deleted C:\Users\uzivatel\AppData\Roaming\Smart Clock

***** [ Files ] *****

No malicious files cleaned.

***** [ DLL ] *****

No malicious DLLs cleaned.

***** [ WMI ] *****

No malicious WMI cleaned.

***** [ Shortcuts ] *****

No malicious shortcuts cleaned.

***** [ Tasks ] *****

No malicious tasks cleaned.

***** [ Registry ] *****

Deleted HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Plain\{41951660-8A51-49D1-A6A8-836722F1AC00}
Deleted HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tasks\{41951660-8A51-49D1-A6A8-836722F1AC00}
Deleted HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tree\System\SystemCheck

***** [ Chromium (and derivatives) ] *****

No malicious Chromium entries cleaned.

***** [ Chromium URLs ] *****

No malicious Chromium URLs cleaned.

***** [ Firefox (and derivatives) ] *****

No malicious Firefox entries cleaned.

***** [ Firefox URLs ] *****

No malicious Firefox URLs cleaned.

***** [ Hosts File Entries ] *****

No malicious hosts file entries cleaned.

***** [ Preinstalled Software ] *****

No Preinstalled Software cleaned.


*************************

[+] Delete Tracing Keys
[+] Reset Winsock

*************************

AdwCleaner_Debug.log - [31614 octets] - [27/10/2019 19:33:40]
AdwCleaner[S00].txt - [3840 octets] - [27/10/2019 19:34:06]
AdwCleaner[C00].txt - [4287 octets] - [27/10/2019 19:36:09]
AdwCleaner[S01].txt - [1911 octets] - [29/04/2020 20:19:59]
AdwCleaner[C01].txt - [1964 octets] - [29/04/2020 20:20:20]
AdwCleaner[S02].txt - [1756 octets] - [19/10/2020 18:18:29]
AdwCleaner[S03].txt - [1817 octets] - [19/10/2020 18:19:57]
AdwCleaner[C03].txt - [2018 octets] - [19/10/2020 18:20:29]
AdwCleaner[S04].txt - [2328 octets] - [26/04/2021 17:52:13]

########## EOF - C:\AdwCleaner\Logs\AdwCleaner[C04].txt ##########

Re: prosim kontrolu logu, dakujem

Napsal: 27 dub 2021 23:56
od Conder
Ano, rozdelit logy do viac prispevkov je samozrejme mozne, ale pokial sa to deje pri zakladani novej temy, tak radcovia mozu temu prehliadnut.

Poprosim o obidva nove logy z FRST.

Re: prosim kontrolu logu, dakujem

Napsal: 30 dub 2021 20:58
od talbott
Scan result of Farbar Recovery Scan Tool (FRST) (x64) Version: 28-04-2021
Ran by uzivatel (administrator) on ZERO1 (ASUSTeK COMPUTER INC. UX303LAB) (30-04-2021 21:55:13)
Running from C:\Users\uzivatel\Desktop
Loaded Profiles: uzivatel & SQLTELEMETRY$SQLEXPRESS & SQLTELEMETRY & MSSQLFDLauncher & MSSQLLaunchpad & MSSQL$SQLEXPRESS & MSSQLSERVER & MSSQLLaunchpad$SQLEXPRESS & MSSQLFDLauncher$SQLEXPRESS
Platform: Windows 8.1 Pro (Update) (X64) Language: Slovenčina (Slovensko)
Default browser: FF
Boot Mode: Normal

==================== Processes (Whitelisted) =================

(If an entry is included in the fixlist, the process will be closed. The file will not be moved.)

(Apple Inc. -> Apple Inc.) C:\Program Files\Bonjour\mDNSResponder.exe
(Apple Inc. -> Apple Inc.) C:\Program Files\Common Files\Apple\Mobile Device Support\AppleMobileDeviceService.exe
(ASUSTeK Computer Inc. -> ASUS) C:\Program Files (x86)\ASUS\ATK Package\ATKGFNEX\GFNEXSrv.exe
(ASUSTeK Computer Inc. -> ASUSTek Computer Inc.) C:\Program Files (x86)\ASUS\ATK Package\ATK Hotkey\AsLdrSrv.exe
(ASUSTeK Computer Inc. -> ASUSTek Computer Inc.) C:\Program Files (x86)\ASUS\ATK Package\ATK Hotkey\HControl.exe
(ASUSTeK Computer Inc. -> ASUSTek Computer Inc.) C:\Program Files (x86)\ASUS\ATK Package\ATK Hotkey\KBFiltr.exe
(ASUSTeK Computer Inc. -> ASUSTek Computer Inc.) C:\Program Files (x86)\ASUS\ATK Package\ATK Media\DMedia.exe
(ASUSTeK Computer Inc. -> ASUSTek Computer Inc.) C:\Program Files (x86)\ASUS\ATK Package\ATKOSD2\ATKOSD2.exe
(ASUSTeK Computer Inc. -> ASUSTek Computer Inc.) C:\Program Files (x86)\ASUS\USBChargerPlus\USBChargerPlus.exe
(F.lux Software LLC -> f.lux Software LLC) C:\Users\uzivatel\AppData\Local\FluxSoftware\Flux\flux.exe
(Intel Corporation - Intel® Management Engine Firmware -> Intel Corporation) C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\DAL\jhi_service.exe
(Intel Corporation - Intel® Management Engine Firmware -> Intel Corporation) C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\LMS\LMS.exe
(Intel Corporation - pGFX -> ) C:\Windows\System32\igfxTray.exe
(Intel Corporation - pGFX -> Intel Corporation) C:\Windows\System32\igfxCUIService.exe
(Intel Corporation - pGFX -> Intel Corporation) C:\Windows\System32\igfxEM.exe
(Intel Corporation - pGFX -> Intel Corporation) C:\Windows\System32\igfxHK.exe
(Intel Corporation-Mobile Wireless Group -> Intel Corporation) C:\Program Files (x86)\Intel\Bluetooth\utilities\ibtsiva.exe
(Intel Corporation-Mobile Wireless Group -> Intel(R) Corporation) C:\Program Files\Common Files\Intel\WirelessCommon\RegSrvc.exe
(Intel Corporation-Mobile Wireless Group -> Intel(R) Corporation) C:\Program Files\Intel\WiFi\bin\EvtEng.exe
(Intel Corporation-Mobile Wireless Group -> Intel® Corporation) C:\Program Files\Intel\WiFi\bin\ZeroConfigService.exe
(Intel(R) Software -> Intel Corporation) C:\Windows\SysWOW64\esif_uf.exe
(Intel(R) Software -> Intel Corporation) C:\Windows\Temp\DPTF\esif_assist.exe
(Intel(R) Wireless Display -> Intel) C:\Program Files\Intel Corporation\USB over IP\bin\UoipService.exe
(Microsoft Corporation -> Microsoft Corporation) C:\Program Files\Microsoft SQL Server\90\Shared\sqlwriter.exe
(Microsoft Corporation -> Microsoft Corporation) C:\Program Files\Microsoft SQL Server\MSSQL14.MSSQLSERVER\MSSQL\Binn\fdhost.exe
(Microsoft Corporation -> Microsoft Corporation) C:\Program Files\Microsoft SQL Server\MSSQL14.MSSQLSERVER\MSSQL\Binn\fdlauncher.exe
(Microsoft Corporation -> Microsoft Corporation) C:\Program Files\Microsoft SQL Server\MSSQL14.MSSQLSERVER\MSSQL\Binn\Launchpad.exe
(Microsoft Corporation -> Microsoft Corporation) C:\Program Files\Microsoft SQL Server\MSSQL14.MSSQLSERVER\MSSQL\Binn\sqlceip.exe
(Microsoft Corporation -> Microsoft Corporation) C:\Program Files\Microsoft SQL Server\MSSQL14.MSSQLSERVER\MSSQL\Binn\sqlservr.exe
(Microsoft Corporation -> Microsoft Corporation) C:\Program Files\Microsoft SQL Server\MSSQL14.SQLEXPRESS\MSSQL\Binn\fdhost.exe
(Microsoft Corporation -> Microsoft Corporation) C:\Program Files\Microsoft SQL Server\MSSQL14.SQLEXPRESS\MSSQL\Binn\fdlauncher.exe
(Microsoft Corporation -> Microsoft Corporation) C:\Program Files\Microsoft SQL Server\MSSQL14.SQLEXPRESS\MSSQL\Binn\Launchpad.exe
(Microsoft Corporation -> Microsoft Corporation) C:\Program Files\Microsoft SQL Server\MSSQL14.SQLEXPRESS\MSSQL\Binn\sqlceip.exe
(Microsoft Corporation -> Microsoft Corporation) C:\Program Files\Microsoft SQL Server\MSSQL14.SQLEXPRESS\MSSQL\Binn\sqlservr.exe
(Microsoft Corporation -> Microsoft Corporation) C:\Program Files\Windows Defender\MsMpEng.exe
(Microsoft Corporation -> Microsoft Corporation) C:\Program Files\Windows Defender\NisSrv.exe
(Microsoft Corporation -> Microsoft Corporation) C:\Windows\Microsoft.NET\Framework64\v3.0\WPF\PresentationFontCache.exe
(Microsoft Windows -> Microsoft Corporation) C:\Windows\System32\dllhost.exe
(Microsoft Windows -> Microsoft Corporation) C:\Windows\System32\wlanext.exe
(Microsoft Windows Hardware Compatibility Publisher -> Pixart Imaging Inc) C:\Windows\System32\TiltWheelMouse.exe
(Mozilla Corporation -> Mozilla Corporation) C:\Program Files\Mozilla Firefox\firefox.exe <8>

==================== Registry (Whitelisted) ===================

(If an entry is included in the fixlist, the registry item will be restored to default or removed. The file will not be moved.)

HKLM\...\Run: [MouseDriver] => C:\Windows\system32\TiltWheelMouse.exe [241152 2013-04-09] (Microsoft Windows Hardware Compatibility Publisher -> Pixart Imaging Inc)
HKLM\...\Run: [iTunesHelper] => C:\Program Files\iTunes\iTunesHelper.exe [331064 2020-10-16] (Apple Inc. -> Apple Inc.)
HKLM\...\Run: [WindowsDefender] => "%ProgramFiles%\Windows Defender\MSASCuiL.exe"
HKU\S-1-5-21-4176085001-3363555415-2058170901-1001\...\Run: [f.lux] => C:\Users\uzivatel\AppData\Local\FluxSoftware\Flux\flux.exe [1511824 2021-02-04] (F.lux Software LLC -> f.lux Software LLC)
HKU\S-1-5-21-4176085001-3363555415-2058170901-1001\...\Run: [iCloudServices] => C:\Program Files (x86)\Common Files\Apple\Internet Services\iCloudServices.exe [67384 2020-09-08] (Apple Inc. -> Apple Inc.)
HKU\S-1-5-21-4176085001-3363555415-2058170901-1001\Control Panel\Desktop\\SCRNSAVE.EXE -> C:\Windows\SysWOW64\ACTUAL~1.SCR [111616 2017-06-21] () [File not signed]
HKU\S-1-5-21-4176085001-3363555415-2058170901-500\Control Panel\Desktop\\SCRNSAVE.EXE -> C:\Windows\system32\ACTUAL~1.SCR
HKLM\Software\...\AppCompatFlags\InstalledSDB\{ad846bae-d44b-4722-abad-f7420e08bcd9}: [DatabasePath] -> C:\Windows\AppPatch\Custom\{ad846bae-d44b-4722-abad-f7420e08bcd9}.sdb [2020-01-17]
Policies: C:\ProgramData\NTUSER.pol: Restriction <==== ATTENTION

==================== Scheduled Tasks (Whitelisted) ============

(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)

Task: {1538B8AE-80E7-489B-B1CE-413A645A040A} - System32\Tasks\EOSv3 Scheduler onTime => C:\Users\uzivatel\Downloads\esetonlinescanner.exe
Task: {3D3671FB-B0BE-4ADC-AA3E-8D7BDC848467} - System32\Tasks\Microsoft\Windows\Windows Defender\Windows Defender Cleanup => C:\Program Files\Windows Defender\\MpCmdRun.exe [410792 2017-01-12] (Microsoft Corporation -> Microsoft Corporation)
Task: {4223C28F-64A5-43C8-8D34-57BCF79ABAB2} - System32\Tasks\{DB60350E-319A-4774-8EFE-E29DBFE64664} => C:\Windows\system32\pcalua.exe -a "C:\Program Files (x86)\GT Interactive\Driver\Config.exe" -d "C:\Program Files (x86)\GT Interactive\Driver"
Task: {55494067-4212-4BE3-B2EF-4D32F12C91D3} - System32\Tasks\Microsoft\Windows\Windows Defender\Windows Defender Verification => C:\Program Files\Windows Defender\\MpCmdRun.exe [410792 2017-01-12] (Microsoft Corporation -> Microsoft Corporation)
Task: {5DDC1DD5-0FB0-4743-A658-062CADB882D4} - System32\Tasks\ASUS USB Charger Plus => C:\Program Files (x86)\ASUS\USBChargerPlus\USBChargerPlus.exe [19853392 2014-09-11] (ASUSTeK Computer Inc. -> ASUSTek Computer Inc.)
Task: {614DEF85-D0FD-41F3-813F-0188AB8594CA} - System32\Tasks\Microsoft\Windows\Windows Defender\Windows Defender Scheduled Scan => C:\Program Files\Windows Defender\\MpCmdRun.exe [410792 2017-01-12] (Microsoft Corporation -> Microsoft Corporation)
Task: {859D6C61-15CF-4F3F-8D70-5B5BC07E0085} - System32\Tasks\EOSv3 Scheduler onLogOn => C:\Users\uzivatel\Downloads\esetonlinescanner.exe
Task: {8F828BE9-8F00-4753-89D6-CD6A2D78E879} - System32\Tasks\ASUS\ASUS Product Register Service => C:\Program Files (x86)\ASUS\APRP\aprp.exe
Task: {ACEA0C20-FAEA-4FA3-A2E3-901FC34C7AD5} - System32\Tasks\Apple\AppleSoftwareUpdate => C:\Program Files (x86)\Apple Software Update\SoftwareUpdate.exe [616832 2019-09-04] (Apple Inc. -> Apple Inc.)
Task: {B38F889E-7831-48F1-B170-90F04B0841FE} - System32\Tasks\UMonitor Task => C:\Windows\SysWOW64\UMonit64.exe
Task: {C66AFCB8-E22F-44FA-A414-A232F8022F46} - System32\Tasks\Microsoft\Windows\Windows Defender\Windows Defender Cache Maintenance => C:\Program Files\Windows Defender\\MpCmdRun.exe [410792 2017-01-12] (Microsoft Corporation -> Microsoft Corporation)
Task: {E134A771-90AD-4CE4-8C0C-5C817A81A772} - System32\Tasks\ATK Package 36D18D69AFC3 => C:\Program Files (x86)\ASUS\ATK Package\ATK Hotkey\SimAppExec.exe [120632 2014-06-11] (ASUSTeK Computer Inc. -> ASUSTek Computer Inc.)
Task: {E92C90F1-1544-42FF-96B8-627660C89D03} - System32\Tasks\Mozilla\Firefox Default Browser Agent 308046B0AF4A39CB => C:\Program Files\Mozilla Firefox\default-browser-agent.exe [696304 2021-04-20] (Mozilla Corporation -> Mozilla Foundation)

(If an entry is included in the fixlist, the task (.job) file will be moved. The file which is running by the task will not be moved.)


==================== Internet (Whitelisted) ====================

(If an item is included in the fixlist, if it is a registry item it will be removed or restored to default.)

Winsock: Catalog5 07 C:\Program Files (x86)\Bonjour\mdnsNSP.dll [122128 2015-08-12] (Apple Inc. -> Apple Inc.)
Winsock: Catalog5-x64 07 C:\Program Files\Bonjour\mdnsNSP.dll [133392 2015-08-12] (Apple Inc. -> Apple Inc.)
Tcpip\Parameters: [DhcpNameServer] 192.168.100.1
Tcpip\..\Interfaces\{A7FA2A4F-F99F-497F-903C-2A96C810688A}: [DhcpNameServer] 172.20.10.1
Tcpip\..\Interfaces\{AE1B6697-3F17-41CD-9040-9266881E316F}: [NameServer] 8.8.8.8
Tcpip\..\Interfaces\{AE1B6697-3F17-41CD-9040-9266881E316F}: [DhcpNameServer] 192.168.100.1

Edge:
=======
Edge DefaultProfile: Default
Edge Profile: C:\Users\uzivatel\AppData\Local\Microsoft\Edge\User Data\Default [2021-04-06]

FireFox:
========
FF DefaultProfile: faxt1meo.default-1619357577247
FF ProfilePath: C:\Users\uzivatel\AppData\Roaming\Mozilla\Firefox\Profiles\faxt1meo.default-1619357577247 [2021-04-30]
FF Extension: (Ghostery – Privacy Ad Blocker) - C:\Users\uzivatel\AppData\Roaming\Mozilla\Firefox\Profiles\faxt1meo.default-1619357577247\Extensions\firefox@ghostery.com.xpi [2021-04-27]
FF Extension: (NoScript) - C:\Users\uzivatel\AppData\Roaming\Mozilla\Firefox\Profiles\faxt1meo.default-1619357577247\Extensions\{73a6fe31-595d-460b-a920-fcc0f8843232}.xpi [2021-04-25]
FF Plugin-x32: @foxitsoftware.com/Foxit Reader Plugin,version=1.0,application/pdf -> C:\Program Files (x86)\Foxit Software\Foxit Reader\plugins\npFoxitReaderPlugin.dll [2019-01-17] (Foxit Software Incorporated -> Foxit Corporation)
FF Plugin-x32: @foxitsoftware.com/Foxit Reader Plugin,version=1.0,application/vnd.fdf -> C:\Program Files (x86)\Foxit Software\Foxit Reader\plugins\npFoxitReaderPlugin.dll [2019-01-17] (Foxit Software Incorporated -> Foxit Corporation)
FF Plugin-x32: @foxitsoftware.com/Foxit Reader Plugin,version=1.0,application/vnd.xdp -> C:\Program Files (x86)\Foxit Software\Foxit Reader\plugins\npFoxitReaderPlugin.dll [2019-01-17] (Foxit Software Incorporated -> Foxit Corporation)
FF Plugin-x32: @foxitsoftware.com/Foxit Reader Plugin,version=1.0,application/vnd.xfdf -> C:\Program Files (x86)\Foxit Software\Foxit Reader\plugins\npFoxitReaderPlugin.dll [2019-01-17] (Foxit Software Incorporated -> Foxit Corporation)
FF Plugin-x32: @intel-webapi.intel.com/Intel WebAPI ipt;version=4.0.56 -> C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\IPT\npIntelWebAPIIPT.dll [2014-09-03] (Intel(R) Identity Protection Technology Software -> Intel Corporation)
FF Plugin-x32: @intel-webapi.intel.com/Intel WebAPI updater -> C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\IPT\npIntelWebAPIUpdater.dll [2014-09-03] (Intel(R) Identity Protection Technology Software -> Intel Corporation)
FF Plugin-x32: @videolan.org/vlc,version=3.0.6 -> C:\Program Files (x86)\VideoLAN\VLC\npvlc.dll [2019-01-10] (VideoLAN -> VideoLAN)

==================== Services (Whitelisted) ===================

(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)

R2 Apple Mobile Device Service; C:\Program Files\Common Files\Apple\Mobile Device Support\AppleMobileDeviceService.exe [96056 2020-09-24] (Apple Inc. -> Apple Inc.)
R2 ibtsiva.exe; C:\Program Files (x86)\Intel\Bluetooth\utilities\ibtsiva.exe [121288 2014-08-13] (Intel Corporation-Mobile Wireless Group -> Intel Corporation)
R2 IntelUSBoverIP; C:\Program Files\Intel Corporation\USB over IP\bin\UoipService.exe [394184 2014-10-15] (Intel(R) Wireless Display -> Intel)
S3 MsMpiLaunchSvc; C:\Program Files\Microsoft MPI\Bin\msmpilaunchsvc.exe [23040 2016-03-04] () [File not signed]
R2 MSSQL$SQLEXPRESS; C:\Program Files\Microsoft SQL Server\MSSQL14.SQLEXPRESS\MSSQL\Binn\sqlservr.exe [484944 2019-06-15] (Microsoft Corporation -> Microsoft Corporation)
R3 MSSQLFDLauncher; C:\Program Files\Microsoft SQL Server\MSSQL14.MSSQLSERVER\MSSQL\Binn\fdlauncher.exe [60488 2019-06-15] (Microsoft Corporation -> Microsoft Corporation)
R3 MSSQLFDLauncher$SQLEXPRESS; C:\Program Files\Microsoft SQL Server\MSSQL14.SQLEXPRESS\MSSQL\Binn\fdlauncher.exe [60488 2019-06-15] (Microsoft Corporation -> Microsoft Corporation)
R2 MSSQLLaunchpad; C:\Program Files\Microsoft SQL Server\MSSQL14.MSSQLSERVER\MSSQL\Binn\launchpad.exe [1121360 2019-06-15] (Microsoft Corporation -> Microsoft Corporation)
R2 MSSQLLaunchpad$SQLEXPRESS; C:\Program Files\Microsoft SQL Server\MSSQL14.SQLEXPRESS\MSSQL\Binn\launchpad.exe [1121360 2019-06-15] (Microsoft Corporation -> Microsoft Corporation)
R2 MSSQLSERVER; C:\Program Files\Microsoft SQL Server\MSSQL14.MSSQLSERVER\MSSQL\Binn\sqlservr.exe [484944 2019-06-15] (Microsoft Corporation -> Microsoft Corporation)
S3 ProtonVPN Service; C:\Program Files (x86)\Proton Technologies\ProtonVPN\ProtonVPNService.exe [102648 2021-01-29] (Proton Technologies AG -> )
S3 ProtonVPN Update Service; C:\Program Files (x86)\Proton Technologies\ProtonVPN\ProtonVPN.UpdateService.exe [62712 2021-01-29] (Proton Technologies AG -> )
S4 SQLAgent$SQLEXPRESS; C:\Program Files\Microsoft SQL Server\MSSQL14.SQLEXPRESS\MSSQL\Binn\SQLAGENT.EXE [578640 2019-06-15] (Microsoft Corporation -> Microsoft Corporation)
S4 SQLSERVERAGENT; C:\Program Files\Microsoft SQL Server\MSSQL14.MSSQLSERVER\MSSQL\Binn\SQLAGENT.EXE [578640 2019-06-15] (Microsoft Corporation -> Microsoft Corporation)
R2 SQLTELEMETRY; C:\Program Files\Microsoft SQL Server\MSSQL14.MSSQLSERVER\MSSQL\Binn\sqlceip.exe [252704 2019-06-15] (Microsoft Corporation -> Microsoft Corporation)
R2 SQLTELEMETRY$SQLEXPRESS; C:\Program Files\Microsoft SQL Server\MSSQL14.SQLEXPRESS\MSSQL\Binn\sqlceip.exe [252704 2019-06-15] (Microsoft Corporation -> Microsoft Corporation)
R3 WdNisSvc; C:\Program Files\Windows Defender\NisSrv.exe [361824 2017-01-12] (Microsoft Corporation -> Microsoft Corporation)
R2 WinDefend; C:\Program Files\Windows Defender\MsMpEng.exe [119872 2017-01-12] (Microsoft Corporation -> Microsoft Corporation)

===================== Drivers (Whitelisted) ===================

(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)

S3 ampa; C:\Windows\system32\ampa.sys [38320 2017-02-28] (CHENGDU AOMEI Tech Co., Ltd. -> )
S3 ATP; C:\Windows\System32\drivers\AsusTP.sys [69904 2014-11-21] (ASUSTeK Computer Inc. -> ASUS Corporation)
S3 AX88772; C:\Windows\system32\DRIVERS\ax88772.sys [113864 2013-07-18] (WDKTestCert asix,130126255272009909 -> ASIX Electronics Corp.)
S3 BthMtpEnum; C:\Windows\system32\DRIVERS\BthMtpEnum.sys [62976 2013-08-22] (Microsoft Windows -> Microsoft Corporation)
S3 ddmdrv; C:\Windows\system32\ddmdrv.sys [35760 2016-12-27] (CHENGDU AOMEI Tech Co., Ltd. -> )
S3 GeneStor; C:\Windows\System32\drivers\GeneStor.sys [130648 2016-08-22] (GENESYS LOGIC, INC. -> GenesysLogic)
S1 ISODisk; C:\Windows\SysWow64\Drivers\ISODisk.sys [9600 2006-04-26] () [File not signed]
R3 kbfiltr; C:\Windows\System32\drivers\kbfiltr.sys [17280 2012-08-06] (ASUSTeK Computer Inc. -> )
S0 mfeelamk; C:\Windows\System32\drivers\mfeelamk.sys [80920 2015-07-02] (Microsoft Windows Early Launch Anti-malware Publisher -> McAfee, Inc.)
R3 MpKsl52575ef9; C:\ProgramData\Microsoft\Windows Defender\Definition Updates\{5F2980C0-32E8-489C-86BD-DB51F3B997A6}\MpKslDrv.sys [47336 2021-04-30] (Microsoft Windows -> Microsoft Corporation)
S3 Netaapl; C:\Windows\system32\DRIVERS\netaapl64.sys [23040 2016-12-21] (Microsoft Windows Hardware Compatibility Publisher -> Apple Inc.)
S3 ProtonVPNCallout; C:\Program Files (x86)\Proton Technologies\ProtonVPN\x64\Win7\ProtonVPN.CalloutDriver.sys [25824 2021-01-27] (Proton Technologies AG -> Proton Technologies AG)
R0 pwdrvio; C:\Windows\System32\pwdrvio.sys [19152 2019-11-08] (MiniTool Solution Ltd -> )
S3 pwdspio; C:\Windows\system32\pwdspio.sys [12504 2019-11-08] (MiniTool Solution Ltd -> )
S4 RsFx0501; C:\Windows\System32\DRIVERS\RsFx0501.sys [261784 2019-06-15] (Microsoft Corporation -> Microsoft Corporation)
S3 RTLU3E8023-W8-64; C:\Windows\system32\DRIVERS\rtu30x64w8.sys [70656 2013-06-18] (Microsoft Windows -> Realtek)
S4 secdrv; C:\Windows\SysWow64\Drivers\secdrv.sys [11968 2000-06-27] () [File not signed]
S3 tap0901; C:\Windows\system32\DRIVERS\tap0901.sys [27136 2014-11-05] (OpenVPN Technologies, Inc. -> The OpenVPN Project)
R3 tapprotonvpn; C:\Windows\system32\DRIVERS\tapprotonvpn.sys [39696 2020-12-30] (Proton Technologies AG -> The OpenVPN Project)
S3 t_mouse.sys; C:\Windows\system32\DRIVERS\t_mouse.sys [6144 2013-04-09] (Microsoft Windows Hardware Compatibility Publisher -> )
R3 usb3Hub; C:\Windows\System32\drivers\usb3Hub.sys [213296 2014-10-15] (Intel(R) Wireless Display -> Windows (R) Win 7 DDK provider)
S3 USBAAPL64; C:\Windows\System32\Drivers\usbaapl64.sys [54784 2016-12-21] (Microsoft Windows Hardware Compatibility Publisher -> Apple, Inc.)
S3 VBoxNetAdp; C:\Windows\system32\DRIVERS\VBoxNetAdp6.sys [237312 2020-02-19] (Oracle Corporation -> Oracle Corporation)
S0 WdBoot; C:\Windows\System32\drivers\WdBoot.sys [46600 2017-02-10] (Microsoft Windows Early Launch Anti-malware Publisher -> Microsoft Corporation)
R0 WdFilter; C:\Windows\System32\drivers\WdFilter.sys [274776 2017-01-12] (Microsoft Windows -> Microsoft Corporation)
R3 WdNisDrv; C:\Windows\System32\Drivers\WdNisDrv.sys [117592 2017-01-12] (Microsoft Windows -> Microsoft Corporation)
U0 msahci; system32\drivers\msahci.sys [X]
S3 R-ImageDisk; \??\C:\Program Files (x86)\R-Studio\R-ImageDisk64.sys [X]
S3 VirtualDVD; \SystemRoot\system32\DRIVERS\VirtualDVD.sys [X]

==================== NetSvcs (Whitelisted) ===================

(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)


==================== One month (created) (Whitelisted) =========

(If an entry is included in the fixlist, the file/folder will be moved.)

2021-04-30 21:55 - 2021-04-30 21:55 - 000000000 ____D C:\Users\uzivatel\Desktop\FRST-OlderVersion

2021-04-20 17:08 - 2021-04-20 17:08 - 000000000 ____D C:\Windows\system32\Tasks\Mozilla
2021-04-05 20:08 - 2021-04-05 20:08 - 000000000 ____D C:\Users\uzivatel\AppData\Roaming\PowerISO


==================== One month (modified) ==================

(If an entry is included in the fixlist, the file/folder will be moved.)

2021-04-30 21:55 - 2017-10-03 19:38 - 002298368 _____ (Farbar) C:\Users\uzivatel\Desktop\FRST64.exe
2021-04-30 21:55 - 2017-07-25 22:18 - 000000000 ____D C:\FRST
2021-04-30 15:29 - 2015-09-02 18:48 - 000003600 _____ C:\Windows\system32\Tasks\Optimize Start Menu Cache Files-S-1-5-21-4176085001-3363555415-2058170901-1001
2021-04-30 15:22 - 2019-01-30 17:30 - 000000000 ____D C:\ProgramData\Mozilla
2021-04-30 15:22 - 2016-11-15 19:41 - 000000000 ____D C:\Users\uzivatel\AppData\LocalLow\Mozilla
2021-04-30 14:23 - 2020-11-15 14:10 - 000002251 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Microsoft Edge.lnk
2021-04-30 14:23 - 2020-11-15 14:10 - 000002210 _____ C:\Users\Public\Desktop\Microsoft Edge.lnk
2021-04-30 14:23 - 2020-11-15 14:10 - 000002210 _____ C:\ProgramData\Desktop\Microsoft Edge.lnk
2021-04-30 14:18 - 2014-03-18 17:25 - 001246486 _____ C:\Windows\system32\PerfStringBackup.INI
2021-04-30 14:18 - 2013-08-22 15:36 - 000000000 ____D C:\Windows\Inf
2021-04-30 14:11 - 2013-08-22 16:45 - 000000006 ____H C:\Windows\Tasks\SA.DAT
2021-04-26 18:46 - 2013-08-22 15:25 - 000262144 ___SH C:\Windows\system32\config\BBI
2021-04-26 17:28 - 2020-11-15 14:09 - 000003380 _____ C:\Windows\system32\Tasks\MicrosoftEdgeUpdateTaskMachineUA
2021-04-26 17:28 - 2020-11-15 14:09 - 000003252 _____ C:\Windows\system32\Tasks\MicrosoftEdgeUpdateTaskMachineCore
2021-04-23 15:29 - 2017-06-30 22:07 - 000000000 ____D C:\Users\uzivatel\AppData\Roaming\Mp3tag
2021-04-20 19:48 - 2017-09-24 19:14 - 000000000 ____D C:\Program Files\Mozilla Firefox
2021-04-20 19:48 - 2015-09-02 19:09 - 000000000 ____D C:\Program Files (x86)\Mozilla Maintenance Service
2021-04-20 17:08 - 2015-09-02 19:09 - 000000950 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Firefox.lnk
2021-04-17 18:25 - 2021-03-28 22:05 - 000000000 ____D C:\Users\uzivatel\Downloads\bicykel
2021-04-05 20:11 - 2016-06-12 11:14 - 000000000 ____D C:\Users\uzivatel\AppData\Local\CrashDumps

==================== Files in the root of some directories ========

2015-09-02 18:43 - 2019-10-27 20:27 - 000000125 _____ () C:\Users\uzivatel\AppData\Roaming\sp_data.sys
2015-10-01 15:42 - 2015-10-01 15:42 - 000000017 _____ () C:\Users\uzivatel\AppData\Local\resmon.resmoncfg

==================== SigCheck ============================

(There is no automatic fix for files that do not pass verification.)


LastRegBack: 2021-04-29 18:40
==================== End of FRST.txt ========================

Re: prosim kontrolu logu, dakujem

Napsal: 30 dub 2021 21:00
od talbott
Additional scan result of Farbar Recovery Scan Tool (x64) Version: 28-04-2021
Ran by uzivatel (30-04-2021 21:56:04)
Running from C:\Users\uzivatel\Desktop
Windows 8.1 Pro (Update) (X64) (2015-09-02 16:42:46)
Boot Mode: Normal
==========================================================


==================== Accounts: =============================

Administrator (S-1-5-21-4176085001-3363555415-2058170901-500 - Administrator - Enabled) => C:\Users\Administrator
Guest (S-1-5-21-4176085001-3363555415-2058170901-501 - Limited - Disabled)
MSSQLSERVER00 (S-1-5-21-4176085001-3363555415-2058170901-1026 - Limited - Enabled)
MSSQLSERVER01 (S-1-5-21-4176085001-3363555415-2058170901-1027 - Limited - Enabled)
MSSQLSERVER02 (S-1-5-21-4176085001-3363555415-2058170901-1028 - Limited - Enabled)
MSSQLSERVER03 (S-1-5-21-4176085001-3363555415-2058170901-1029 - Limited - Enabled)
MSSQLSERVER04 (S-1-5-21-4176085001-3363555415-2058170901-1030 - Limited - Enabled)
MSSQLSERVER05 (S-1-5-21-4176085001-3363555415-2058170901-1031 - Limited - Enabled)
MSSQLSERVER06 (S-1-5-21-4176085001-3363555415-2058170901-1032 - Limited - Enabled)
MSSQLSERVER07 (S-1-5-21-4176085001-3363555415-2058170901-1033 - Limited - Enabled)
MSSQLSERVER08 (S-1-5-21-4176085001-3363555415-2058170901-1034 - Limited - Enabled)
MSSQLSERVER09 (S-1-5-21-4176085001-3363555415-2058170901-1035 - Limited - Enabled)
MSSQLSERVER10 (S-1-5-21-4176085001-3363555415-2058170901-1036 - Limited - Enabled)
MSSQLSERVER11 (S-1-5-21-4176085001-3363555415-2058170901-1037 - Limited - Enabled)
MSSQLSERVER12 (S-1-5-21-4176085001-3363555415-2058170901-1038 - Limited - Enabled)
MSSQLSERVER13 (S-1-5-21-4176085001-3363555415-2058170901-1039 - Limited - Enabled)
MSSQLSERVER14 (S-1-5-21-4176085001-3363555415-2058170901-1040 - Limited - Enabled)
MSSQLSERVER15 (S-1-5-21-4176085001-3363555415-2058170901-1041 - Limited - Enabled)
MSSQLSERVER16 (S-1-5-21-4176085001-3363555415-2058170901-1042 - Limited - Enabled)
MSSQLSERVER17 (S-1-5-21-4176085001-3363555415-2058170901-1043 - Limited - Enabled)
MSSQLSERVER18 (S-1-5-21-4176085001-3363555415-2058170901-1044 - Limited - Enabled)
MSSQLSERVER19 (S-1-5-21-4176085001-3363555415-2058170901-1045 - Limited - Enabled)
MSSQLSERVER20 (S-1-5-21-4176085001-3363555415-2058170901-1046 - Limited - Enabled)
SQLEXPRESS00 (S-1-5-21-4176085001-3363555415-2058170901-1004 - Limited - Enabled)
SQLEXPRESS01 (S-1-5-21-4176085001-3363555415-2058170901-1005 - Limited - Enabled)
SQLEXPRESS02 (S-1-5-21-4176085001-3363555415-2058170901-1006 - Limited - Enabled)
SQLEXPRESS03 (S-1-5-21-4176085001-3363555415-2058170901-1007 - Limited - Enabled)
SQLEXPRESS04 (S-1-5-21-4176085001-3363555415-2058170901-1008 - Limited - Enabled)
SQLEXPRESS05 (S-1-5-21-4176085001-3363555415-2058170901-1009 - Limited - Enabled)
SQLEXPRESS06 (S-1-5-21-4176085001-3363555415-2058170901-1010 - Limited - Enabled)
SQLEXPRESS07 (S-1-5-21-4176085001-3363555415-2058170901-1011 - Limited - Enabled)
SQLEXPRESS08 (S-1-5-21-4176085001-3363555415-2058170901-1012 - Limited - Enabled)
SQLEXPRESS09 (S-1-5-21-4176085001-3363555415-2058170901-1013 - Limited - Enabled)
SQLEXPRESS10 (S-1-5-21-4176085001-3363555415-2058170901-1014 - Limited - Enabled)
SQLEXPRESS11 (S-1-5-21-4176085001-3363555415-2058170901-1015 - Limited - Enabled)
SQLEXPRESS12 (S-1-5-21-4176085001-3363555415-2058170901-1016 - Limited - Enabled)
SQLEXPRESS13 (S-1-5-21-4176085001-3363555415-2058170901-1017 - Limited - Enabled)
SQLEXPRESS14 (S-1-5-21-4176085001-3363555415-2058170901-1018 - Limited - Enabled)
SQLEXPRESS15 (S-1-5-21-4176085001-3363555415-2058170901-1019 - Limited - Enabled)
SQLEXPRESS16 (S-1-5-21-4176085001-3363555415-2058170901-1020 - Limited - Enabled)
SQLEXPRESS17 (S-1-5-21-4176085001-3363555415-2058170901-1021 - Limited - Enabled)
SQLEXPRESS18 (S-1-5-21-4176085001-3363555415-2058170901-1022 - Limited - Enabled)
SQLEXPRESS19 (S-1-5-21-4176085001-3363555415-2058170901-1023 - Limited - Enabled)
SQLEXPRESS20 (S-1-5-21-4176085001-3363555415-2058170901-1024 - Limited - Enabled)
uzivatel (S-1-5-21-4176085001-3363555415-2058170901-1001 - Administrator - Enabled) => C:\Users\uzivatel

==================== Security Center ========================

(If an entry is included in the fixlist, it will be removed.)

AV: Windows Defender (Enabled - Up to date) {D68DDC3A-831F-4fae-9E44-DA132C1ACF46}
AS: Windows Defender (Enabled - Up to date) {D68DDC3A-831F-4fae-9E44-DA132C1ACF46}

==================== Installed Programs ======================

(Only the adware programs with "Hidden" flag could be added to the fixlist to unhide them. The adware programs should be uninstalled manually.)

2007 Microsoft Office Suite Service Pack 3 (SP3) (HKLM-x32\...\{90120000-0015-0409-0000-0000000FF1CE}_ENTERPRISE_{AAA19365-932B-49BD-8138-BE28CEE9C4B4}) (Version: - Microsoft) Hidden
2007 Microsoft Office Suite Service Pack 3 (SP3) (HKLM-x32\...\{90120000-0016-0409-0000-0000000FF1CE}_ENTERPRISE_{AAA19365-932B-49BD-8138-BE28CEE9C4B4}) (Version: - Microsoft) Hidden
2007 Microsoft Office Suite Service Pack 3 (SP3) (HKLM-x32\...\{90120000-0018-0409-0000-0000000FF1CE}_ENTERPRISE_{AAA19365-932B-49BD-8138-BE28CEE9C4B4}) (Version: - Microsoft) Hidden
2007 Microsoft Office Suite Service Pack 3 (SP3) (HKLM-x32\...\{90120000-0019-0409-0000-0000000FF1CE}_ENTERPRISE_{AAA19365-932B-49BD-8138-BE28CEE9C4B4}) (Version: - Microsoft) Hidden
2007 Microsoft Office Suite Service Pack 3 (SP3) (HKLM-x32\...\{90120000-001A-0409-0000-0000000FF1CE}_ENTERPRISE_{AAA19365-932B-49BD-8138-BE28CEE9C4B4}) (Version: - Microsoft) Hidden
2007 Microsoft Office Suite Service Pack 3 (SP3) (HKLM-x32\...\{90120000-001B-0409-0000-0000000FF1CE}_ENTERPRISE_{AAA19365-932B-49BD-8138-BE28CEE9C4B4}) (Version: - Microsoft) Hidden
2007 Microsoft Office Suite Service Pack 3 (SP3) (HKLM-x32\...\{90120000-001F-0409-0000-0000000FF1CE}_ENTERPRISE_{1FF96026-A04A-4C3E-B50A-BB7022654D0F}) (Version: - Microsoft) Hidden
2007 Microsoft Office Suite Service Pack 3 (SP3) (HKLM-x32\...\{90120000-001F-040C-0000-0000000FF1CE}_ENTERPRISE_{71F055E8-E2C6-4214-BB3D-BFE03561B89E}) (Version: - Microsoft) Hidden
2007 Microsoft Office Suite Service Pack 3 (SP3) (HKLM-x32\...\{90120000-001F-0C0A-0000-0000000FF1CE}_ENTERPRISE_{2314F9A1-126F-45CC-8A5E-DFAF866F3FBC}) (Version: - Microsoft) Hidden
2007 Microsoft Office Suite Service Pack 3 (SP3) (HKLM-x32\...\{90120000-002A-0000-1000-0000000FF1CE}_ENTERPRISE_{664655D8-B9BB-455D-8A58-7EAF7B0B2862}) (Version: - Microsoft) Hidden
2007 Microsoft Office Suite Service Pack 3 (SP3) (HKLM-x32\...\{90120000-002A-0409-1000-0000000FF1CE}_ENTERPRISE_{98333358-268C-4164-B6D4-C96DF5153727}) (Version: - Microsoft) Hidden
2007 Microsoft Office Suite Service Pack 3 (SP3) (HKLM-x32\...\{90120000-0030-0000-0000-0000000FF1CE}_ENTERPRISE_{6E107EB7-8B55-48BF-ACCB-199F86A2CD93}) (Version: - Microsoft)
2007 Microsoft Office Suite Service Pack 3 (SP3) (HKLM-x32\...\{90120000-0044-0409-0000-0000000FF1CE}_ENTERPRISE_{AAA19365-932B-49BD-8138-BE28CEE9C4B4}) (Version: - Microsoft) Hidden
2007 Microsoft Office Suite Service Pack 3 (SP3) (HKLM-x32\...\{90120000-006E-0409-0000-0000000FF1CE}_ENTERPRISE_{98333358-268C-4164-B6D4-C96DF5153727}) (Version: - Microsoft) Hidden
2007 Microsoft Office Suite Service Pack 3 (SP3) (HKLM-x32\...\{90120000-00A1-0409-0000-0000000FF1CE}_ENTERPRISE_{AAA19365-932B-49BD-8138-BE28CEE9C4B4}) (Version: - Microsoft) Hidden
2007 Microsoft Office Suite Service Pack 3 (SP3) (HKLM-x32\...\{90120000-00BA-0409-0000-0000000FF1CE}_ENTERPRISE_{AAA19365-932B-49BD-8138-BE28CEE9C4B4}) (Version: - Microsoft) Hidden
2007 Microsoft Office Suite Service Pack 3 (SP3) (HKLM-x32\...\{90120000-0114-0409-0000-0000000FF1CE}_ENTERPRISE_{AAA19365-932B-49BD-8138-BE28CEE9C4B4}) (Version: - Microsoft) Hidden
2007 Microsoft Office Suite Service Pack 3 (SP3) (HKLM-x32\...\{90120000-0115-0409-0000-0000000FF1CE}_ENTERPRISE_{98333358-268C-4164-B6D4-C96DF5153727}) (Version: - Microsoft) Hidden
2007 Microsoft Office Suite Service Pack 3 (SP3) (HKLM-x32\...\{90120000-0116-0409-1000-0000000FF1CE}_ENTERPRISE_{98333358-268C-4164-B6D4-C96DF5153727}) (Version: - Microsoft) Hidden
2007 Microsoft Office Suite Service Pack 3 (SP3) (HKLM-x32\...\{90120000-0117-0409-0000-0000000FF1CE}_ENTERPRISE_{AAA19365-932B-49BD-8138-BE28CEE9C4B4}) (Version: - Microsoft) Hidden
AOMEI Partition Assistant 9.1 (HKLM-x32\...\{02F850ED-FD0E-4ED1-BE0B-54981f5BD3D4}_is1) (Version: - AOMEI International Network Limited.)
Apple Mobile Device Support (HKLM\...\{F9CEF01A-3907-4614-824F-CF5D3E4675EF}) (Version: 14.1.0.35 - Apple Inc.)
Apple Software Update (HKLM-x32\...\{A3985C05-7386-411F-A4BF-32A73F37EB44}) (Version: 2.6.3.1 - Apple Inc.)
ASUS USB Charger Plus (HKLM-x32\...\{A859E3E5-C62F-4BFA-AF1D-2B95E03166AF}) (Version: 4.0.2 - ASUS)
ATK Package (HKLM-x32\...\{AB5C933E-5C7D-4D30-B314-9C83A49B94BE}) (Version: 1.0.0037 - ASUS)
AudioWizard (HKLM-x32\...\{57E770A2-2BAF-4CAA-BAA3-BD896E2254D3}) (Version: 1.0.0.31 - ICEpower a/s)
Bonjour (HKLM\...\{56DDDFB8-7F79-4480-89D5-25E1F52AB28F}) (Version: 3.1.0.1 - Apple Inc.)
Browser for SQL Server 2017 (HKLM-x32\...\{CF8EEB96-E7E7-4EF7-A0A1-559F09953156}) (Version: 14.0.1000.169 - Microsoft Corporation)
BS.Player FREE (HKLM-x32\...\BSPlayerf) (Version: 2.71.1081 - AB Team, d.o.o.)
Conexant HD Audio (HKLM\...\CNXT_AUDIO_HDA) (Version: 8.66.52.56 - Conexant)
f.lux (HKU\S-1-5-21-4176085001-3363555415-2058170901-1001\...\Flux) (Version: - f.lux Software LLC)
Foxit Reader (HKLM-x32\...\Foxit Reader_is1) (Version: 9.4.1.16828 - Foxit Software Inc.)
FREE MSG File Viewer version 2.0 (HKLM-x32\...\{2D370F64-93D0-4731-B27B-35869AEEB460}_is1) (Version: 2.0 - SysTools Software)
Fritz 9 (HKLM-x32\...\{4FAA46FA-D8C1-488C-A979-83F41BB1E1DA}_is1) (Version: 9.0 - US - ACTION, s.r.o.)
GDR 2027 for SQL Server 2017 (KB4505224) (64-bit) (HKLM\...\KB4505224) (Version: 14.0.2027.2 - Microsoft Corporation)
ChessBase Reader (HKLM-x32\...\{DE1044D3-B7A3-45F0-AE4C-9F68BDD7B596}) (Version: 12.42.0.0 - ChessBase)
iCloud (HKLM\...\{8808B208-87D1-4725-8192-76D257E9DEAE}) (Version: 7.21.0.23 - Apple Inc.)
IIS 10.0 Express (HKLM\...\{2B8326B6-4202-4239-B9A9-F3EC8812E82D}) (Version: 10.0.03917 - Microsoft Corporation)
IIS Express Application Compatibility Database for x64 (HKLM\...\{08274920-8908-45c2-9258-8ad67ff77b09}.sdb) (Version: - ) Hidden
IIS Express Application Compatibility Database for x86 (HKLM\...\{ad846bae-d44b-4722-abad-f7420e08bcd9}.sdb) (Version: - ) Hidden
Intel Collaborative Processor Performance Control (HKLM-x32\...\0E7DAF70-FB54-4B91-B192-7E771C25AEEB) (Version: 1.0.0.1017 - Intel Corporation)
Intel(R) Dynamic Platform and Thermal Framework (HKLM-x32\...\{654EE65D-FAA4-4EA6-8C07-DC94E6A304D4}) (Version: 8.0.10100.71 - Intel Corporation)
Intel(R) Chipset Device Software (HKLM-x32\...\{f5d71765-7cd1-4e68-998f-5b379e725da3}) (Version: 10.0.22 - Intel(R) Corporation) Hidden
Intel(R) Management Engine Components (HKLM\...\{1CEAC85D-2590-4760-800F-8DE5E91F3700}) (Version: 10.0.28.1006 - Intel Corporation)
Intel(R) Processor Graphics (HKLM-x32\...\{F0E3AD40-2BBD-4360-9C76-B9AC9A5886EA}) (Version: 10.18.10.4013 - Intel Corporation)
Intel(R) WiDi (HKLM\...\{2F97FBC6-7992-4DF7-A7C7-B68455E307F7}) (Version: 5.1.20.0 - Intel Corporation)
Intel(R) Wireless Bluetooth(R) (HKLM-x32\...\{06A5031E-3B1E-4FB9-AC4C-BA0FE2706152}) (Version: 17.1.1433.02 - Intel Corporation)
Intel® PROSet/Wireless Software (HKLM-x32\...\{c78a13fd-4324-4ddb-a613-746d2461441d}) (Version: 17.13.1 - Intel Corporation)
ISODisk 1.1 (HKLM-x32\...\{BF731945-7AAD-45E3-A202-A60C9213915C}_is1) (Version: - ISODisk.com)
iTunes (HKLM\...\{1AF550CE-779C-4653-9B70-9E90799CEB1B}) (Version: 12.10.10.2 - Apple Inc.)
Microsoft Edge (HKLM-x32\...\Microsoft Edge) (Version: 90.0.818.51 - Microsoft Corporation)
Microsoft MPI (7.0.12437.8) (HKLM\...\{8499ACD3-C1E3-45AB-BF96-DA491727EBE1}) (Version: 7.0.12437.8 - Microsoft Corporation)
Microsoft ODBC Driver 13 for SQL Server (HKLM\...\{3B280D1C-02F2-4965-8731-C1614E213D25}) (Version: 14.0.2027.2 - Microsoft Corporation)
Microsoft Office Enterprise 2007 (HKLM-x32\...\ENTERPRISE) (Version: 12.0.6612.1000 - Microsoft Corporation)
Microsoft Office File Validation Add-In (HKLM-x32\...\{90140000-2005-0000-0000-0000000FF1CE}) (Version: 14.0.5130.5003 - Microsoft Corporation)
Microsoft SQL Server 2012 Native Client (HKLM\...\{4D2C56FF-7F36-4B49-A97A-24F0522D41D7}) (Version: 11.3.6540.0 - Microsoft Corporation)
Microsoft SQL Server 2016 LocalDB (HKLM\...\{9097BF1A-13A0-4A4A-A1F8-473E2A669863}) (Version: 13.1.4001.0 - Microsoft Corporation)
Microsoft SQL Server 2017 (64-bit) (HKLM\...\Microsoft SQL Server SQL2017) (Version: - Microsoft Corporation)
Microsoft SQL Server 2017 LocalDB (HKLM\...\{58180BC0-0DA3-4341-A41F-9A3CF7207EE1}) (Version: 14.0.2027.2 - Microsoft Corporation)
Microsoft SQL Server 2017 Setup (English) (HKLM\...\{05C0EF32-CDE2-4E38-92A1-D82CECECFB39}) (Version: 14.0.2027.2 - Microsoft Corporation)
Microsoft SQL Server 2017 T-SQL Language Service (HKLM\...\{C8A51693-98B9-4AB1-91B8-9A1B86729D5F}) (Version: 14.0.1000.169 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x64 9.0.30729.17 (HKLM\...\{8220EEFE-38CD-377E-8595-13398D740ACE}) (Version: 9.0.30729 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x64 9.0.30729.6161 (HKLM\...\{5FCE6D76-F5DC-37AB-B2B8-22AB8CEDB1D4}) (Version: 9.0.30729.6161 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x86 9.0.21022 (HKLM-x32\...\{FF66E9F6-83E7-3A3E-AF14-8DE9A809A6A4}) (Version: 9.0.21022 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.6161 (HKLM-x32\...\{9BE518E6-ECC6-35A9-88E4-87755C07200F}) (Version: 9.0.30729.6161 - Microsoft Corporation)
Microsoft Visual C++ 2012 Redistributable (x86) - 11.0.60610 (HKLM-x32\...\{95716cce-fc71-413f-8ad5-56c2892d4b3a}) (Version: 11.0.60610.1 - Microsoft Corporation)
Microsoft Visual C++ 2013 Redistributable (x64) - 12.0.30501 (HKLM-x32\...\{050d4fc8-5d48-4b8f-8972-47c82c46020f}) (Version: 12.0.30501.0 - Microsoft Corporation)
Microsoft Visual C++ 2013 Redistributable (x86) - 12.0.30501 (HKLM-x32\...\{f65db027-aff3-4070-886a-0d87064aabb1}) (Version: 12.0.30501.0 - Microsoft Corporation)
Microsoft Visual C++ 2015-2019 Redistributable (x64) - 14.25.28508 (HKLM-x32\...\{6913e92a-b64e-41c9-a5e6-cef39207fe89}) (Version: 14.25.28508.3 - Microsoft Corporation)
Microsoft Visual C++ 2015-2019 Redistributable (x86) - 14.25.28508 (HKLM-x32\...\{65e650ff-30be-469d-b63a-418d71ea1765}) (Version: 14.25.28508.3 - Microsoft Corporation)
Microsoft Visual Studio Installer (HKLM\...\{6F320B93-EE3C-4826-85E0-ADF79F8D4C61}) (Version: 2.5.2059.317 - Microsoft Corporation)
Microsoft VSS Writer for SQL Server 2017 (HKLM\...\{20B328C9-C6BB-434A-928A-00F05CD820B8}) (Version: 14.0.1000.169 - Microsoft Corporation)
Microsoft Web Deploy 4.0 (HKLM\...\{BBCDB523-F5B7-4E53-A911-C85191E3BDF0}) (Version: 10.0.2606 - Microsoft Corporation)
MiniTool Power Data Recovery (HKLM-x32\...\MiniTool Power Data Recovery_is1) (Version: - MiniTool Solution Ltd.)
Mozilla Firefox 88.0 (x64 en-US) (HKLM\...\Mozilla Firefox 88.0 (x64 en-US)) (Version: 88.0 - Mozilla)
Mozilla Maintenance Service (HKLM\...\MozillaMaintenanceService) (Version: 55.0.3 - Mozilla)
Mp3tag v2.73 (HKLM-x32\...\Mp3tag) (Version: v2.73 - Florian Heidenreich)
MSVC90_x64 (HKLM\...\{AB071C8B-873C-459F-ACA9-9EBE03C3E89B}) (Version: 1.0.1.2 - Nokia) Hidden
MSVC90_x86 (HKLM-x32\...\{AF111648-99A1-453E-81DD-80DBBF6DAD0D}) (Version: 1.0.1.2 - Nokia) Hidden
NCSS 97 (HKLM-x32\...\NCSS 97) (Version: - )
Podpora Apple aplikácií (32-bit) (HKLM-x32\...\{CCA8C50D-785B-4896-8675-FFE0C4ECCBC3}) (Version: 8.7 - Apple Inc.)
Podpora Apple aplikácií(64-bit) (HKLM\...\{75BEF7E8-4370-4D42-94F3-B5AA77057965}) (Version: 8.7 - Apple Inc.)
ProtonVPN (HKLM-x32\...\{FFAFEA09-E7DA-4710-A278-7F0506C96829}) (Version: 1.18.5 - Proton Technologies AG) Hidden
ProtonVPN (HKLM-x32\...\ProtonVPN 1.18.5) (Version: 1.18.5 - Proton Technologies AG)
ProtonVPNTap (HKLM-x32\...\{5DA710E2-1B81-4675-BFC5-76BAF63AE1F6}) (Version: 1.1.3 - Proton Technologies AG)
Real Time Relativity v1.6.0 (HKLM-x32\...\{0DFC5A30-1D57-4EF6-ABDA-C58C4DC1475B}) (Version: 1.6.0 - Australian National University)
Realtek USB Fast Ethernet Controller All-In-One Windows Driver (HKLM-x32\...\{D2B61BE0-B18B-4091-81B4-F234F4C30DFD}) (Version: 8.13.106.2014 - Realtek)
SQL Server 2017 Advanced Analytics (HKLM\...\{3471E30E-5FFC-4FB1-81BA-43060B3D2B42}) (Version: 14.0.1000.169 - Microsoft Corporation) Hidden
SQL Server 2017 Advanced Analytics (HKLM\...\{826DA700-7B76-49BA-8A83-E55F5FA1301E}) (Version: 14.0.1000.169 - Microsoft Corporation) Hidden
SQL Server 2017 Batch Parser (HKLM\...\{2C6E8311-28BD-4615-9545-6E39E8E83A4B}) (Version: 14.0.1000.169 - Microsoft Corporation) Hidden
SQL Server 2017 Client Tools (HKLM\...\{A6A9EFA1-AFEB-4209-B25D-3CFF2E6FAE2C}) (Version: 14.0.1000.169 - Microsoft Corporation) Hidden
SQL Server 2017 Client Tools (HKLM\...\{BD1502B1-778B-44B6-B2B4-0B77BD0366A1}) (Version: 14.0.1000.169 - Microsoft Corporation) Hidden
SQL Server 2017 Client Tools Extensions (HKLM\...\{06324A5D-66BB-4FAC-8D0B-9FEC1B230FFF}) (Version: 14.0.1000.169 - Microsoft Corporation) Hidden
SQL Server 2017 Client Tools Extensions (HKLM\...\{200F38B2-1492-4576-B08C-78F2C2C953FC}) (Version: 14.0.1000.169 - Microsoft Corporation) Hidden
SQL Server 2017 Common Files (HKLM\...\{9D1C0509-D490-4E9E-ACF5-A73E5C53742D}) (Version: 14.0.1000.169 - Microsoft Corporation) Hidden
SQL Server 2017 Common Files (HKLM\...\{B777C4C0-A1CD-4AB9-99B1-AD5FBED6F8E5}) (Version: 14.0.1000.169 - Microsoft Corporation) Hidden
SQL Server 2017 Connection Info (HKLM\...\{89A7644F-E056-4EC1-BFDE-9D1A531D6855}) (Version: 14.0.1000.169 - Microsoft Corporation) Hidden
SQL Server 2017 Connection Info (HKLM\...\{A9A443F5-56E1-4FC6-937C-5F481345A843}) (Version: 14.0.1000.169 - Microsoft Corporation) Hidden
SQL Server 2017 Database Engine Services (HKLM\...\{28EEF6BA-A23A-42D2-86BA-A6BEE723B969}) (Version: 14.0.1000.169 - Microsoft Corporation) Hidden
SQL Server 2017 Database Engine Services (HKLM\...\{36C9ADEE-91B0-4FFA-9CBA-9164CE6089D5}) (Version: 14.0.1000.169 - Microsoft Corporation) Hidden
SQL Server 2017 Database Engine Services (HKLM\...\{CDFAD32A-7C67-44E2-B4FC-80F2D748A032}) (Version: 14.0.1000.169 - Microsoft Corporation) Hidden
SQL Server 2017 Database Engine Services (HKLM\...\{DED314CA-0EFE-4593-9D66-EF75E5289A4C}) (Version: 14.0.1000.169 - Microsoft Corporation) Hidden
SQL Server 2017 Database Engine Shared (HKLM\...\{0E22DBB4-691B-400C-B52D-8DFE8EC421AA}) (Version: 14.0.1000.169 - Microsoft Corporation) Hidden
SQL Server 2017 Database Engine Shared (HKLM\...\{793F1C1E-5C83-4E33-A29B-6EAA7C1E791C}) (Version: 14.0.1000.169 - Microsoft Corporation) Hidden
SQL Server 2017 DMF (HKLM\...\{B9998A13-5563-496C-B95E-597FFC70B670}) (Version: 14.0.1000.169 - Microsoft Corporation) Hidden
SQL Server 2017 DMF (HKLM\...\{D7D28BBF-3B0E-43F0-A457-331F1CD9E9EB}) (Version: 14.0.1000.169 - Microsoft Corporation) Hidden
SQL Server 2017 Full text search (HKLM\...\{887B9993-3A2F-43B1-B7C1-B6CCF8B0D0FA}) (Version: 14.0.1000.169 - Microsoft Corporation) Hidden
SQL Server 2017 Full text search (HKLM\...\{C37AD300-12CF-4911-9019-A05D66055EB4}) (Version: 14.0.1000.169 - Microsoft Corporation) Hidden
SQL Server 2017 Shared Management Objects (HKLM\...\{10855B1A-F7F2-4D8A-A725-9287C73BED5A}) (Version: 14.0.1000.169 - Microsoft Corporation) Hidden
SQL Server 2017 Shared Management Objects (HKLM\...\{6CBBF624-696C-499E-948D-ADBAFFA2F548}) (Version: 14.0.1000.169 - Microsoft Corporation) Hidden
SQL Server 2017 Shared Management Objects Extensions (HKLM\...\{8C515C22-BE07-4908-985C-0AA9349E1ED4}) (Version: 14.0.1000.169 - Microsoft Corporation) Hidden
SQL Server 2017 Shared Management Objects Extensions (HKLM\...\{C6D92730-3EC0-47B1-8F6C-6F5635D1EFAC}) (Version: 14.0.1000.169 - Microsoft Corporation) Hidden
SQL Server 2017 SQL Diagnostics (HKLM\...\{DFA6A906-3024-49DE-87AD-750EAED2FA49}) (Version: 14.0.1000.169 - Microsoft Corporation) Hidden
SQL Server 2017 sql_inst_mpy (HKLM\...\{86DE7941-F5F3-48DF-A45F-82FA91217B45}) (Version: 14.0.1000.169 - Microsoft Corporation) Hidden
SQL Server 2017 sql_inst_mpy (HKLM\...\{EE93819A-0492-4720-8721-1D06BF78457F}) (Version: 14.0.1000.169 - Microsoft Corporation) Hidden
SQL Server 2017 sql_inst_mr (HKLM\...\{8868BCE1-8084-4035-AE2A-13765BE09D93}) (Version: 14.0.1000.169 - Microsoft Corporation) Hidden
SQL Server 2017 sql_inst_mr (HKLM\...\{F3C3A536-BF8E-467A-8E33-4C508B8BC52F}) (Version: 14.0.1000.169 - Microsoft Corporation) Hidden
SQL Server 2017 XEvent (HKLM\...\{12D2DB8D-80FF-4152-8F51-EDB3BD3C6976}) (Version: 14.0.1000.169 - Microsoft Corporation) Hidden
SQL Server 2017 XEvent (HKLM\...\{AA2A015C-C210-413B-95F6-BF9D3CDD6E0D}) (Version: 14.0.1000.169 - Microsoft Corporation) Hidden
SWF File Player (HKLM-x32\...\{6A86F611-906C-422D-B34A-103662CBC195}_is1) (Version: - swffileplayer.com)
Total Commander 64-bit (Remove or Repair) (HKLM\...\Totalcmd64) (Version: 9.51 - Ghisler Software GmbH)
Update for 2007 Microsoft Office System (KB967642) (HKLM-x32\...\{90120000-0030-0000-0000-0000000FF1CE}_ENTERPRISE_{C444285D-5E4F-48A4-91DD-47AAAA68E92D}) (Version: - Microsoft)
VLC media player (HKLM-x32\...\VLC media player) (Version: 3.0.6 - VideoLAN)
WavePad Sound Editor (HKLM-x32\...\WavePad) (Version: 8.02 - NCH Software)
WinFlash (HKLM-x32\...\{8F21291E-0444-4B1D-B9F9-4370A73E346D}) (Version: 2.42.0 - ASUS)
WinRAR 5.70 (64-bit) (HKLM\...\WinRAR archiver) (Version: 5.70.0 - win.rar GmbH)

Packages:
=========
ASUS WebStorage -> C:\Program Files\WindowsApps\ASUSCloudCorporation.MobileFileExplorer_1.0.23.178_x86__wk4d32h0cvhem [2014-11-16] (ASUS Cloud Corporation)
Flipboard -> C:\Program Files\WindowsApps\Flipboard.Flipboard_2.0.6.0_neutral__3f5azkryzdbc4 [2014-11-16] (Flipboard)
Fresh Paint -> C:\Program Files\WindowsApps\Microsoft.FreshPaint_2.0.14057.1_x86__8wekyb3d8bbwe [2015-09-02] (Microsoft Corporation)
Games -> C:\Program Files\WindowsApps\Microsoft.XboxLIVEGames_2.0.139.0_x64__8wekyb3d8bbwe [2015-05-13] (Microsoft Corporation) [MS Ad]
Kinect for Windows Framework -> C:\Program Files\WindowsApps\Microsoft.WindowsPreview.Kinect.8.0_2.0.1410.19000_x64__8wekyb3d8bbwe [2015-11-07] (Microsoft Corporation)
Kinect for Windows Framework -> C:\Program Files\WindowsApps\Microsoft.WindowsPreview.Kinect.8.0_2.0.1410.19000_x86__8wekyb3d8bbwe [2015-11-07] (Microsoft Corporation)
Kinect for Windows Framework -> C:\Program Files\WindowsApps\Microsoft.WindowsPreview.Kinect.8.1_2.0.1410.19000_x64__8wekyb3d8bbwe [2015-11-07] (Microsoft Corporation)
Kinect for Windows Framework -> C:\Program Files\WindowsApps\Microsoft.WindowsPreview.Kinect.8.1_2.0.1410.19000_x86__8wekyb3d8bbwe [2015-11-07] (Microsoft Corporation)
Knižnica systému Microsoft Windows pre skript JavaScript -> C:\Program Files\WindowsApps\Microsoft.WinJS.2.0.Preview_1.0.9431.0_neutral__8wekyb3d8bbwe [2015-11-07] (Rozšírenia platformy spoločnosti Microsoft)
Knižnica systému Microsoft Windows pre skript JavaScript -> C:\Program Files\WindowsApps\Microsoft.WinJS.Preview.1_1.0.9345.0_neutral__8wekyb3d8bbwe [2015-11-07] (Microsoft Platform Extensions)
Microsoft PlayReady -> C:\Program Files\WindowsApps\Microsoft.Internal.Media.PlayReadyClient_2.3.1678.1_x64__8wekyb3d8bbwe [2015-11-07] (Microsoft Corporation)
Microsoft PlayReady -> C:\Program Files\WindowsApps\Microsoft.Internal.Media.PlayReadyClient_2.3.1678.1_x86__8wekyb3d8bbwe [2015-11-07] (Microsoft Corporation)
Microsoft Visual C++ Runtime Package -> C:\Program Files\WindowsApps\Microsoft.VCLibs.120.00.Preview.Internal_12.0.20222.2_x64__8wekyb3d8bbwe [2015-11-07] (Microsoft Platform Extensions Internal)
Microsoft Visual C++ Runtime Package -> C:\Program Files\WindowsApps\Microsoft.VCLibs.120.00.Preview.Internal_12.0.20222.2_x86__8wekyb3d8bbwe [2015-11-07] (Microsoft Platform Extensions Internal)
Microsoft Windows Library for JavaScript -> C:\Program Files\WindowsApps\Microsoft.WinJS.2.0.Preview.Internal_1.0.9385.3_neutral__8wekyb3d8bbwe [2015-11-07] (Microsoft Platform Extensions)
Music -> C:\Program Files\WindowsApps\Microsoft.ZuneMusic_2.2.903.0_x64__8wekyb3d8bbwe [2015-05-13] (Microsoft Corporation) [MS Ad]
mxtest2 -> C:\Program Files\WindowsApps\24712m1dfmmengesha.mxtest2_2.0.0.0_neutral__x35ns48czryn0 [2015-11-07] (m1df_mmengesha)
Skype -> C:\Program Files\WindowsApps\Microsoft.SkypeApp_3.0.0.1002_x86__kzf8qxf38zg5c [2014-11-16] (Skype) [MS Ad]
Skype WiFi -> C:\Program Files\WindowsApps\Microsoft.SkypeWiFi_1.2.0.5_x86__kzf8qxf38zg5c [2014-11-16] (Skype)
Test_Framework_BP_052015 -> C:\Program Files\WindowsApps\24712m1dfmmengesha.TestFrameworkBP052015_1.0.0.9_neutral__x35ns48czryn0 [2015-11-07] (m1df_mmengesha)
Test_Framework_win81appxneutral_061115 -> C:\Program Files\WindowsApps\24712m1dfmmengesha.TestFrameworkwin81appxneutral06_4.0.0.7_neutral__x35ns48czryn0 [2015-11-07] (M1DF_Mmengesha)
Test_FrameworkBackpublish_050515 -> C:\Program Files\WindowsApps\24712m1dfmmengesha.TestFrameworkBackpublish050515_1.0.0.0_neutral__x35ns48czryn0 [2015-11-07] (m1df_mmengesha)
Video -> C:\Program Files\WindowsApps\Microsoft.ZuneVideo_2.6.183.0_x64__8wekyb3d8bbwe [2015-05-13] (Microsoft Corporation) [MS Ad]

==================== Custom CLSID (Whitelisted): ==============

(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)

ContextMenuHandlers1: [Foxit_ConvertToPDF_Reader] -> {A94757A0-0226-426F-B4F1-4DF381C630D3} => C:\Program Files (x86)\Foxit Software\Foxit Reader\plugins\ConvertToPDFShellExtension_x64.dll [2018-12-25] (Foxit Software Incorporated -> Foxit Software Inc.)
ContextMenuHandlers1: [Mp3tagShell] -> {6351E20C-35FA-4BE3-98FB-4CABF1363E12} => C:\Program Files (x86)\Mp3tag\Mp3tagShell64.dll [2015-12-19] (Florian Heidenreich) [File not signed]
ContextMenuHandlers1: [PeContextMenuExtension] -> {098A124A-AA1C-38C8-A65E-D1199A14516A} => C:\Program Files (x86)\Common Files\Wondershare\PDFelement\AddIns\PEShellExt_x64.dll [2020-03-31] (Wondershare Technology Co.,Ltd -> Wondershare)
ContextMenuHandlers1: [PhotoStreamsExt] -> {89D984B3-813B-406A-8298-118AFA3A22AE} => C:\Program Files\Common Files\Apple\Internet Services\ShellStreams64.dll [2020-09-08] (Apple Inc. -> Apple Inc.)
ContextMenuHandlers1: [WinRAR] -> {B41DB860-64E4-11D2-9906-E49FADC173CA} => C:\Program Files\WinRAR\rarext.dll [2019-02-24] (win.rar GmbH -> Alexander Roshal)
ContextMenuHandlers1-x32: [WinRAR32] -> {B41DB860-8EE4-11D2-9906-E49FADC173CA} => C:\Program Files\WinRAR\rarext32.dll [2019-02-24] (win.rar GmbH -> Alexander Roshal)
ContextMenuHandlers2: [Mp3tagShell] -> {6351E20C-35FA-4BE3-98FB-4CABF1363E12} => C:\Program Files (x86)\Mp3tag\Mp3tagShell64.dll [2015-12-19] (Florian Heidenreich) [File not signed]
ContextMenuHandlers4: [Mp3tagShell] -> {6351E20C-35FA-4BE3-98FB-4CABF1363E12} => C:\Program Files (x86)\Mp3tag\Mp3tagShell64.dll [2015-12-19] (Florian Heidenreich) [File not signed]
ContextMenuHandlers4: [PowerISO] -> {967B2D40-8B7D-4127-9049-61EA0C2C6DCE} => -> No File
ContextMenuHandlers5: [igfxDTCM] -> {9B5F5829-A529-4B12-814A-E81BCB8D93FC} => C:\Windows\system32\igfxDTCM.dll [2014-11-19] (Microsoft Windows Hardware Compatibility Publisher -> Intel Corporation)
ContextMenuHandlers6: [Foxit_ConvertToPDF_Reader] -> {A94757A0-0226-426F-B4F1-4DF381C630D3} => C:\Program Files (x86)\Foxit Software\Foxit Reader\plugins\ConvertToPDFShellExtension_x64.dll [2018-12-25] (Foxit Software Incorporated -> Foxit Software Inc.)
ContextMenuHandlers6: [PowerISO] -> {967B2D40-8B7D-4127-9049-61EA0C2C6DCE} => -> No File
ContextMenuHandlers6: [WinRAR] -> {B41DB860-64E4-11D2-9906-E49FADC173CA} => C:\Program Files\WinRAR\rarext.dll [2019-02-24] (win.rar GmbH -> Alexander Roshal)
ContextMenuHandlers6-x32: [WinRAR32] -> {B41DB860-8EE4-11D2-9906-E49FADC173CA} => C:\Program Files\WinRAR\rarext32.dll [2019-02-24] (win.rar GmbH -> Alexander Roshal)

==================== Codecs (Whitelisted) ====================

(If an entry is included in the fixlist, the registry item will be restored to default or removed. The file will not be moved.)

HKLM\...\Drivers32: [vidc.iv50] => C:\Windows\SysWOW64\ir50_32original.dll [746496 2013-08-22] (Microsoft Windows -> Intel Corporation)
HKLM\...\Drivers32: [msacm.iac2] => C:\Windows\SysWOW64\iac25_32.ax [197632 2013-08-22] (Microsoft Windows -> Intel Corporation)
HKLM\...\Drivers32: [VIDC.IV41] => C:\Windows\SysWOW64\IR41_32.AX [8704 2014-10-29] (Microsoft Windows -> Microsoft Corporation)

==================== Shortcuts & WMI ========================

(The entries could be listed to be restored or removed.)

Shortcut: C:\Users\uzivatel\Favorites\NCH Software Download Site.lnk -> hxxp://www.nch.com.au/index.htm
ShortcutWithArgument: C:\Users\uzivatel\AppData\Roaming\Microsoft\Internet Explorer\Quick Launch\User Pinned\TaskBar\Microsoft Edge (2).lnk -> C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe (Microsoft Corporation) -> --profile-directory=Default

==================== Loaded Modules (Whitelisted) =============

2020-03-27 21:50 - 2017-08-24 03:13 - 000954368 _____ () [File not signed] C:\Program Files\Microsoft SQL Server\MSSQL14.MSSQLSERVER\MSSQL\Binn\Pythonlauncher.dll
2020-03-27 21:33 - 2017-08-24 03:12 - 000954368 _____ () [File not signed] C:\Program Files\Microsoft SQL Server\MSSQL14.MSSQLSERVER\MSSQL\Binn\RLauncher.dll
2018-03-28 17:22 - 2017-08-24 03:13 - 000954368 _____ () [File not signed] C:\Program Files\Microsoft SQL Server\MSSQL14.SQLEXPRESS\MSSQL\Binn\Pythonlauncher.dll
2018-03-28 17:11 - 2017-08-24 03:12 - 000954368 _____ () [File not signed] C:\Program Files\Microsoft SQL Server\MSSQL14.SQLEXPRESS\MSSQL\Binn\RLauncher.dll

==================== Alternate Data Streams (Whitelisted) ========

==================== Safe Mode (Whitelisted) ==================

(If an entry is included in the fixlist, it will be removed from the registry. The "AlternateShell" will be restored.)

HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\MBAMService => ""="Service"
HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Network\MBAMService => ""="Service"

==================== Association (Whitelisted) =================

==================== Internet Explorer (Whitelisted) ==========

HKU\S-1-5-21-4176085001-3363555415-2058170901-1001\Software\Microsoft\Internet Explorer\Main,Start Page = hxxp://asus13.msn.com/?pc=ASJB
HKU\S-1-5-21-4176085001-3363555415-2058170901-1001\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = hxxp://asus13.msn.com/?pc=ASJB
HKU\S-1-5-21-4176085001-3363555415-2058170901-500\Software\Microsoft\Internet Explorer\Main,Start Page = hxxp://asus13.msn.com/?pc=ASJB
HKU\S-1-5-21-4176085001-3363555415-2058170901-500\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = hxxp://asus13.msn.com/?pc=ASJB
URLSearchHook: [S-1-5-80-1985561900-798682989-2213159822-1904180398-3434236965] ATTENTION => Default URLSearchHook is missing
URLSearchHook: [S-1-5-80-2652535364-2169709536-2857650723-2622804123-1107741775] ATTENTION => Default URLSearchHook is missing
URLSearchHook: [S-1-5-80-3263513310-3392720605-1798839546-683002060-3227631582] ATTENTION => Default URLSearchHook is missing
URLSearchHook: [S-1-5-80-3477044410-376262199-2110164357-2030828471-4165405235] ATTENTION => Default URLSearchHook is missing
URLSearchHook: [S-1-5-80-3880006512-4290199581-1648723128-3569869737-3631323133] ATTENTION => Default URLSearchHook is missing
URLSearchHook: [S-1-5-80-3880718306-3832830129-1677859214-2598158968-1052248003] ATTENTION => Default URLSearchHook is missing
URLSearchHook: [S-1-5-80-3919359670-3540430778-4246408611-3681914861-206046543] ATTENTION => Default URLSearchHook is missing
URLSearchHook: [S-1-5-80-997390408-2153310517-3119169589-2253446180-2226563786] ATTENTION => Default URLSearchHook is missing

==================== Hosts content: =========================

(If needed Hosts: directive could be included in the fixlist to reset Hosts.)

2013-08-22 15:25 - 2019-04-28 18:57 - 000000824 _____ C:\Windows\system32\drivers\etc\hosts

==================== Other Areas ===========================

(Currently there is no automatic fix for this section.)

HKLM\System\CurrentControlSet\Control\Session Manager\Environment\\Path -> C:\Program Files\Microsoft MPI\Bin\;C:\Program Files (x86)\Intel\iCLS Client\;C:\Program Files\Intel\iCLS Client\;%SystemRoot%\system32;%SystemRoot%;%SystemRoot%\System32\Wbem;%SYSTEMROOT%\System32\WindowsPowerShell\v1.0\;C:\Program Files\Intel\Intel(R) Management Engine Components\DAL;C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\DAL;C:\Program Files\Intel\Intel(R) Management Engine Components\IPT;C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\IPT;C:\Program Files\Intel\WiFi\bin\;C:\Program Files\Common Files\Intel\WirelessCommon\;C:\Program Files (x86)\Smart Projects\IsoBuster;C:\Program Files (x86)\Microsoft SQL Server\140\Tools\Binn\;C:\Program Files\Microsoft SQL Server\140\Tools\Binn\;C:\Program Files (x86)\Microsoft SQL Server\140\DTS\Binn\;C:\Program Files\Microsoft SQL Server\140\DTS\Binn\;C:\Program Files\Microsoft SQL Server\Client SDK\ODBC\130\Tools\Binn\;C:\Program Files\Microsoft SQL Server\130\Tools\Binn\;C:\Program Files\Microsoft SQL Server\Client SDK\ODBC\170\Tools\Binn\
HKU\S-1-5-21-4176085001-3363555415-2058170901-1001\Control Panel\Desktop\\Wallpaper -> C:\Users\uzivatel\AppData\Roaming\Microsoft\Windows Photo Viewer\Tapeta programu Windows Photo Viewer.jpg
HKU\S-1-5-21-4176085001-3363555415-2058170901-500\Control Panel\Desktop\\Wallpaper -> C:\Windows\asus\wallpapers\asus.jpg
DNS Servers: 8.8.8.8
HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Policies\System => (ConsentPromptBehaviorAdmin: 5) (ConsentPromptBehaviorUser: 3) (EnableLUA: 1)
HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer => (SmartScreenEnabled: RequireAdmin)
Windows Firewall is enabled.

==================== MSCONFIG/TASK MANAGER disabled items ==

(If an entry is included in the fixlist, it will be removed.)

MSCONFIG\Services: AdobeFlashPlayerUpdateSvc => 3
MSCONFIG\Services: Asus WebStorage Windows Service => 2
MSCONFIG\Services: ServiceLayer => 3
MSCONFIG\Services: SkypeUpdate => 2
HKLM\...\StartupApproved\Run: => "iTunesHelper"
HKLM\...\StartupApproved\Run32: => "GrooveMonitor"
HKU\S-1-5-21-4176085001-3363555415-2058170901-1001\...\StartupApproved\Run: => "PC Suite Tray"
HKU\S-1-5-21-4176085001-3363555415-2058170901-1001\...\StartupApproved\Run: => "iCloudServices"

==================== FirewallRules (Whitelisted) ================

(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)

FirewallRules: [{00064B71-B157-4296-B557-1B5790C7A22A}] => (Allow) C:\Program Files\Intel\WiFi\bin\PanDhcpDns.exe (Intel Corporation-Mobile Wireless Group -> )
FirewallRules: [{CDC23CF8-26ED-4146-AF84-C61C5224D039}] => (Allow) C:\Program Files\Intel Corporation\Intel WiDi\WiDiApp.exe (Intel(R) Wireless Display -> Intel Corporation)
FirewallRules: [{44EC8DD0-D4D8-4E65-88F4-A2B4ADC0F6A3}] => (Allow) C:\Program Files\Intel Corporation\USB over IP\bin\UoipService.exe (Intel(R) Wireless Display -> Intel)
FirewallRules: [{D7FFF49A-1F52-4E26-B9A6-E4DA766FEC3D}] => (Allow) C:\Program Files\Mozilla Firefox\firefox.exe (Mozilla Corporation -> Mozilla Corporation)
FirewallRules: [{8E23E35F-F8AE-4C90-8718-E7FD6017DAFA}] => (Allow) C:\Program Files\Mozilla Firefox\firefox.exe (Mozilla Corporation -> Mozilla Corporation)
FirewallRules: [TCP Query User{D2482C71-4345-456B-ACFC-6B5C63FE7E7E}C:\program files\mozilla firefox\firefox.exe] => (Block) C:\program files\mozilla firefox\firefox.exe (Mozilla Corporation -> Mozilla Corporation)
FirewallRules: [UDP Query User{AF2D4A39-57B3-4979-B349-58FCB38A6E6A}C:\program files\mozilla firefox\firefox.exe] => (Block) C:\program files\mozilla firefox\firefox.exe (Mozilla Corporation -> Mozilla Corporation)
FirewallRules: [{1DC6AEFE-FF81-46D4-B274-D2F83EA419B9}] => (Allow) C:\Program Files (x86)\Common Files\Apple\Apple Application Support\APSDaemon.exe (Apple Inc. -> Apple Inc.)
FirewallRules: [{CFB942CC-94F4-49FF-886F-CF2C62D91B98}] => (Allow) C:\Program Files\Microsoft MPI\Bin\msmpilaunchsvc.exe () [File not signed]
FirewallRules: [{C8B507A4-20ED-43EA-883A-52760D526974}] => (Allow) C:\Program Files\Microsoft MPI\Bin\msmpilaunchsvc.exe () [File not signed]
FirewallRules: [{F2D32F0B-74C1-4DD7-AB29-12339BE07A8A}] => (Allow) C:\Program Files\Microsoft MPI\Bin\mpiexec.exe (Microsoft Corporation -> Microsoft Corporation)
FirewallRules: [{7D7B0550-C56E-46FD-BDCA-78FBB6749B16}] => (Allow) C:\Program Files\Microsoft MPI\Bin\mpiexec.exe (Microsoft Corporation -> Microsoft Corporation)
FirewallRules: [{42BEFE17-0576-4BB0-9281-82B806FDF264}] => (Allow) C:\Program Files\Microsoft MPI\Bin\smpd.exe (Microsoft Corporation -> Microsoft Corporation)
FirewallRules: [{F7F5DADB-311C-4209-A324-22437AB8B550}] => (Allow) C:\Program Files\Microsoft MPI\Bin\smpd.exe (Microsoft Corporation -> Microsoft Corporation)
FirewallRules: [{C50432B7-A71F-4386-8DAB-66320D6406CA}] => (Allow) C:\Program Files\Bonjour\mDNSResponder.exe (Apple Inc. -> Apple Inc.)
FirewallRules: [{C5906037-302B-494F-B7C4-547AEF751EDB}] => (Allow) C:\Program Files\Bonjour\mDNSResponder.exe (Apple Inc. -> Apple Inc.)
FirewallRules: [{EE10742C-392D-4081-A4B4-AE5D407D07F0}] => (Allow) C:\Program Files (x86)\Bonjour\mDNSResponder.exe (Apple Inc. -> Apple Inc.)
FirewallRules: [{3EAC0EFC-D28E-4EBF-9057-5F852B5C2739}] => (Allow) C:\Program Files (x86)\Bonjour\mDNSResponder.exe (Apple Inc. -> Apple Inc.)
FirewallRules: [{3281E48D-43E7-42AF-B558-92456C1170FF}] => (Allow) C:\Program Files\iTunes\iTunes.exe (Apple Inc. -> Apple Inc.)
FirewallRules: [{77EDDA08-40AF-44AA-A872-93B19B8A512E}] => (Allow) C:\Program Files (x86)\MiniTool ShadowMaker\AgentService.exe => No File
FirewallRules: [{6ECF7D9C-214B-46A2-939D-E96C305ED9E2}] => (Allow) C:\Program Files (x86)\MiniTool ShadowMaker\AgentService.exe => No File
FirewallRules: [TCP Query User{430F1CC7-79F0-4BF0-8065-BBD2B5884DD2}C:\program files (x86)\videolan\vlc\vlc.exe] => (Block) C:\program files (x86)\videolan\vlc\vlc.exe (VideoLAN -> VideoLAN)
FirewallRules: [UDP Query User{4BA4B603-A7AE-406B-874F-CADC2C8F3CCE}C:\program files (x86)\videolan\vlc\vlc.exe] => (Block) C:\program files (x86)\videolan\vlc\vlc.exe (VideoLAN -> VideoLAN)

==================== Restore Points =========================

14-04-2021 17:50:07 Scheduled Checkpoint
23-04-2021 19:01:57 Scheduled Checkpoint

==================== Faulty Device Manager Devices ============


==================== Event log errors: ========================

Application errors:
==================
Error: (04/30/2021 02:18:50 PM) (Source: Microsoft-Windows-LoadPerf) (EventID: 3006) (User: NT AUTHORITY)
Description: Unable to read the performance counter strings defined for the 01b language ID. The first DWORD in the Data section contains the Win32 error code.

Error: (04/29/2021 06:24:23 PM) (Source: Microsoft-Windows-LoadPerf) (EventID: 3006) (User: NT AUTHORITY)
Description: Unable to read the performance counter strings defined for the 01b language ID. The first DWORD in the Data section contains the Win32 error code.

Error: (04/28/2021 08:10:25 PM) (Source: Microsoft-Windows-LoadPerf) (EventID: 3006) (User: NT AUTHORITY)
Description: Unable to read the performance counter strings defined for the 01b language ID. The first DWORD in the Data section contains the Win32 error code.

Error: (04/27/2021 07:37:43 PM) (Source: Microsoft-Windows-LoadPerf) (EventID: 3006) (User: NT AUTHORITY)
Description: Unable to read the performance counter strings defined for the 01b language ID. The first DWORD in the Data section contains the Win32 error code.

Error: (04/27/2021 05:14:06 PM) (Source: Microsoft-Windows-LoadPerf) (EventID: 3006) (User: NT AUTHORITY)
Description: Unable to read the performance counter strings defined for the 01b language ID. The first DWORD in the Data section contains the Win32 error code.

Error: (04/26/2021 05:25:39 PM) (Source: Microsoft-Windows-LoadPerf) (EventID: 3006) (User: NT AUTHORITY)
Description: Unable to read the performance counter strings defined for the 01b language ID. The first DWORD in the Data section contains the Win32 error code.

Error: (04/25/2021 08:56:48 PM) (Source: Microsoft-Windows-LoadPerf) (EventID: 3006) (User: NT AUTHORITY)
Description: Unable to read the performance counter strings defined for the 01b language ID. The first DWORD in the Data section contains the Win32 error code.

Error: (04/25/2021 05:05:16 PM) (Source: Microsoft-Windows-LoadPerf) (EventID: 3006) (User: NT AUTHORITY)
Description: Unable to read the performance counter strings defined for the 01b language ID. The first DWORD in the Data section contains the Win32 error code.


System errors:
=============
Error: (04/30/2021 02:46:46 PM) (Source: DCOM) (EventID: 10010) (User: Zero1)
Description: The server {BF6C1E47-86EC-4194-9CE5-13C15DCB2001} did not register with DCOM within the required timeout.

Error: (04/30/2021 02:46:16 PM) (Source: DCOM) (EventID: 10010) (User: Zero1)
Description: The server {1B1F472E-3221-4826-97DB-2C2324D389AE} did not register with DCOM within the required timeout.

Error: (04/30/2021 02:11:16 PM) (Source: Application Popup) (EventID: 1060) (User: )
Description: \SystemRoot\SysWow64\Drivers\ISODisk.SYS

Error: (04/29/2021 06:41:16 PM) (Source: DCOM) (EventID: 10010) (User: Zero1)
Description: The server {1B1F472E-3221-4826-97DB-2C2324D389AE} did not register with DCOM within the required timeout.

Error: (04/29/2021 06:40:46 PM) (Source: DCOM) (EventID: 10010) (User: Zero1)
Description: The server {BF6C1E47-86EC-4194-9CE5-13C15DCB2001} did not register with DCOM within the required timeout.

Error: (04/29/2021 06:16:58 PM) (Source: Microsoft-Windows-Kernel-General) (EventID: 5) (User: NT AUTHORITY)
Description: 0x8000002a45\??\C:\Windows\AppCompat\Programs\Amcache.hve

Error: (04/29/2021 06:16:47 PM) (Source: Application Popup) (EventID: 1060) (User: )
Description: \SystemRoot\SysWow64\Drivers\ISODisk.SYS

Error: (04/28/2021 08:02:47 PM) (Source: Application Popup) (EventID: 1060) (User: )
Description: \SystemRoot\SysWow64\Drivers\ISODisk.SYS


Windows Defender:
================
Date: 2021-04-04 09:17:00.482
Description:
Windows Defender scan has been stopped before completion.
Scan Type: Antimalware
Scan Parameters: Quick Scan

Date: 2021-03-14 13:23:01.441
Description:
Windows Defender scan has been stopped before completion.
Scan Type: Antimalware
Scan Parameters: Quick Scan

Date: 2021-03-08 18:00:20.465
Description:
Windows Defender scan has been stopped before completion.
Scan Type: Antimalware
Scan Parameters: Quick Scan

Date: 2021-03-06 10:26:27.806
Description:
Windows Defender scan has been stopped before completion.
Scan Type: Antimalware
Scan Parameters: Quick Scan

Date: 2021-03-05 22:59:34.263
Description:
Windows Defender scan has been stopped before completion.
Scan Type: Antimalware
Scan Parameters: Quick Scan

Date: 2020-04-30 19:03:30.700
Description:
Windows Defender Real-Time Protection feature has encountered an error and failed.
Feature: On Access
Error Code: 0x8007043c
Error description: Túto službu nie je možné spustiť v núdzovom režime.
Reason: Antimalware protection has stopped functioning for an unknown reason. In some instances, restarting the service may resolve the problem.

Date: 2015-09-10 20:06:23.538
Description:
Windows Defender has encountered an error trying to load signatures and will attempt reverting back to a known-good set of signatures.
Signatures Attempted: Current
Error Code: 0x80073aba
Error description: Prostriedok je príliš starý, takže nemôže byť kompatibilný.
Signature version: 1.179.381.0;1.179.381.0
Engine version: 1.1.10802.0

==================== Memory info ===========================

BIOS: American Megatrends Inc. UX303LAB.210 08/25/2015
Motherboard: ASUSTeK COMPUTER INC. UX303LAB
Processor: Intel(R) Core(TM) i7-5500U CPU @ 2.40GHz
Percentage of memory in use: 33%
Total physical RAM: 12190.62 MB
Available physical RAM: 8050.05 MB
Total Virtual: 14046.62 MB
Available Virtual: 9534.3 MB

==================== Drives ================================

Drive c: (OS) (Fixed) (Total:95.39 GB) (Free:42.46 GB) NTFS ==>[system with boot components (obtained from drive)]
Drive d: (Data) (Fixed) (Total:127.85 GB) (Free:22.8 GB) NTFS

\\?\Volume{b977aa05-4b82-4de1-ac1d-0e7ff201f181}\ (Recovery) (Fixed) (Total:15.01 GB) (Free:3.73 GB) NTFS

==================== MBR & Partition Table ====================

==========================================================
Disk: 0 (Size: 238.5 GB) (Disk ID: 90842B2C)

Partition: GPT.

==================== End of Addition.txt =======================

Re: prosim kontrolu logu, dakujem

Napsal: 02 kvě 2021 02:24
od Conder
:arrow: Otvor poznamkovy blok (Win+R -> notepad -> enter)
  • Skopiruj nasledujuci text a vloz ho do poznamkoveho bloku:

    Kód: Vybrat vše

    Start
CloseProcesses:
CreateRestorePoint:

PowerShell: Get-ChildItem -Path "$ENV:USERPROFILE\Desktop" -Recurse -Force | Measure-Object -Property Length -Sum
Task: {4223C28F-64A5-43C8-8D34-57BCF79ABAB2} - System32\Tasks\{DB60350E-319A-4774-8EFE-E29DBFE64664} => C:\Windows\system32\pcalua.exe -a "C:\Program Files (x86)\GT Interactive\Driver\Config.exe" -d "C:\Program Files (x86)\GT Interactive\Driver"
U0 msahci; system32\drivers\msahci.sys [X]
S3 R-ImageDisk; \??\C:\Program Files (x86)\R-Studio\R-ImageDisk64.sys [X]
S3 VirtualDVD; \SystemRoot\system32\DRIVERS\VirtualDVD.sys [X]
2021-04-30 21:55 - 2021-04-30 21:55 - 000000000 ____D C:\Users\uzivatel\Desktop\FRST-OlderVersion
ContextMenuHandlers4: [PowerISO] -> {967B2D40-8B7D-4127-9049-61EA0C2C6DCE} =>  -> No File
ContextMenuHandlers6: [PowerISO] -> {967B2D40-8B7D-4127-9049-61EA0C2C6DCE} =>  -> No File
FirewallRules: [TCP Query User{D2482C71-4345-456B-ACFC-6B5C63FE7E7E}C:\program files\mozilla firefox\firefox.exe] => (Block) C:\program files\mozilla firefox\firefox.exe (Mozilla Corporation -> Mozilla Corporation)
FirewallRules: [UDP Query User{AF2D4A39-57B3-4979-B349-58FCB38A6E6A}C:\program files\mozilla firefox\firefox.exe] => (Block) C:\program files\mozilla firefox\firefox.exe (Mozilla Corporation -> Mozilla Corporation)

Hosts:
EmptyTemp:
End
  • Uloz na plochu s nazvom fixlist.txt
  • Spusti znovu FRST a klikni na Fix
  • Po dokonceni si FRST vyziada restart PC, potvrd kliknutim na OK
  • Po restartovani PC bude na ploche subor Fixlog.txt, jeho obsah skopiruj a vloz do dalsej odpovede

Re: prosim kontrolu logu, dakujem

Napsal: 04 kvě 2021 19:05
od talbott
Fix result of Farbar Recovery Scan Tool (x64) Version: 28-04-2021
Ran by uzivatel (04-05-2021 20:03:15) Run:2
Running from C:\Users\uzivatel\Desktop
Loaded Profiles: uzivatel & Administrator & SQLTELEMETRY$SQLEXPRESS & SQLTELEMETRY & MSSQLFDLauncher & MSSQLLaunchpad & MSSQL$SQLEXPRESS & MSSQLSERVER & MSSQLLaunchpad$SQLEXPRESS & MSSQLFDLauncher$SQLEXPRESS
Boot Mode: Normal
==============================================

fixlist content:
*****************
Start
CloseProcesses:
CreateRestorePoint:

PowerShell: Get-ChildItem -Path "$ENV:USERPROFILE\Desktop" -Recurse -Force | Measure-Object -Property Length -Sum
Task: {4223C28F-64A5-43C8-8D34-57BCF79ABAB2} - System32\Tasks\{DB60350E-319A-4774-8EFE-E29DBFE64664} => C:\Windows\system32\pcalua.exe -a "C:\Program Files (x86)\GT Interactive\Driver\Config.exe" -d "C:\Program Files (x86)\GT Interactive\Driver"
U0 msahci; system32\drivers\msahci.sys [X]
S3 R-ImageDisk; \??\C:\Program Files (x86)\R-Studio\R-ImageDisk64.sys [X]
S3 VirtualDVD; \SystemRoot\system32\DRIVERS\VirtualDVD.sys [X]
2021-04-30 21:55 - 2021-04-30 21:55 - 000000000 ____D C:\Users\uzivatel\Desktop\FRST-OlderVersion
ContextMenuHandlers4: [PowerISO] -> {967B2D40-8B7D-4127-9049-61EA0C2C6DCE} => -> No File
ContextMenuHandlers6: [PowerISO] -> {967B2D40-8B7D-4127-9049-61EA0C2C6DCE} => -> No File
FirewallRules: [TCP Query User{D2482C71-4345-456B-ACFC-6B5C63FE7E7E}C:\program files\mozilla firefox\firefox.exe] => (Block) C:\program files\mozilla firefox\firefox.exe (Mozilla Corporation -> Mozilla Corporation)
FirewallRules: [UDP Query User{AF2D4A39-57B3-4979-B349-58FCB38A6E6A}C:\program files\mozilla firefox\firefox.exe] => (Block) C:\program files\mozilla firefox\firefox.exe (Mozilla Corporation -> Mozilla Corporation)

Hosts:
EmptyTemp:
End
*****************

Processes closed successfully.
Restore point was successfully created.

========= Get-ChildItem -Path "$ENV:USERPROFILE\Desktop" -Recurse -Force | Measure-Object -Property Length -Sum =========



Count : 13
Average :
Sum : 10847911
Maximum :
Minimum :
Property : Length




========= End of Powershell: =========

HKLM\Software\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Plain\{4223C28F-64A5-43C8-8D34-57BCF79ABAB2} => removed successfully
HKLM\Software\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tasks\{4223C28F-64A5-43C8-8D34-57BCF79ABAB2} => removed successfully
C:\Windows\System32\Tasks\{DB60350E-319A-4774-8EFE-E29DBFE64664} => moved successfully
HKLM\Software\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tree\{DB60350E-319A-4774-8EFE-E29DBFE64664} => removed successfully
HKLM\System\CurrentControlSet\Services\msahci => removed successfully
msahci => service removed successfully
HKLM\System\CurrentControlSet\Services\R-ImageDisk => removed successfully
R-ImageDisk => service removed successfully
HKLM\System\CurrentControlSet\Services\VirtualDVD => removed successfully
VirtualDVD => service removed successfully
"C:\Users\uzivatel\Desktop\FRST-OlderVersion" => not found
HKLM\Software\Classes\Directory\ShellEx\ContextMenuHandlers\PowerISO => removed successfully
HKLM\Software\Classes\Folder\ShellEx\ContextMenuHandlers\PowerISO => removed successfully
"HKLM\SYSTEM\CurrentControlSet\services\SharedAccess\Parameters\FirewallPolicy\FirewallRules\\TCP Query User{D2482C71-4345-456B-ACFC-6B5C63FE7E7E}C:\program files\mozilla firefox\firefox.exe" => removed successfully
"HKLM\SYSTEM\CurrentControlSet\services\SharedAccess\Parameters\FirewallPolicy\FirewallRules\\UDP Query User{AF2D4A39-57B3-4979-B349-58FCB38A6E6A}C:\program files\mozilla firefox\firefox.exe" => removed successfully
C:\Windows\System32\Drivers\etc\hosts => moved successfully
Hosts restored successfully.

=========== EmptyTemp: ==========

BITS transfer queue => 8388608 B
DOMStore, IE Recovery, AppCache, Feeds Cache, Thumbcache, IconCache => 11580558 B
Java, Flash, Steam htmlcache => 1168 B
Windows/system/drivers => 966610863 B
Edge => 0 B
Firefox => 24138518 B
Opera => 0 B

Temp, IE cache, history, cookies, recent:
Default => 0 B
ProgramData => 0 B
Public => 0 B
systemprofile => 128 B
systemprofile32 => 256 B
LocalService => 62136 B
NetworkService => 566652 B
uzivatel => 100769532 B
Administrator => 100769532 B
SQLTELEMETRY$SQLEXPRESS => 100769532 B
SQLTELEMETRY => 100769532 B
MSSQLFDLauncher => 100769532 B
MSSQLLaunchpad => 100769532 B
MSSQL$SQLEXPRESS => 100769532 B
MSSQLSERVER => 100769532 B
MSSQLLaunchpad$SQLEXPRESS => 100769532 B
MSSQLFDLauncher$SQLEXPRESS => 100769532 B

RecycleBin => 0 B
EmptyTemp: => 1.9 GB temporary data Removed.

================================


The system needed a reboot.

==== End of Fixlog 20:03:31 ====

Re: prosim kontrolu logu, dakujem

Napsal: 04 kvě 2021 23:04
od Conder
Zopar drobnosti sme precistili, inak logy vyzeraju OK. Su s PC nejake problemy?

Re: prosim kontrolu logu, dakujem

Napsal: 08 kvě 2021 16:34
od talbott
Vyzera to byt bez problemov.
Dakujem.

Re: prosim kontrolu logu, dakujem

Napsal: 10 kvě 2021 01:44
od Conder
:arrow: Tak este upraceme po pouzitych nastrojoch:
Všechny časy jsou v UTC+01:00
Stránka 1 z 1

Založeno na phpBB® Forum Software © phpBB Limited

Český překlad – phpBB.cz