VIRY.CZ

prosim o kontrolu pc,
podozrenie na vkladanie zavadoveho obsahu do emailov

log FRST:

FireFox:
========
FF DefaultProfile: 7h7ex4z3.default-1552668782976
FF ProfilePath: C:\Users\uzivatel\AppData\Roaming\Mozilla\Firefox\Profiles\7h7ex4z3.default-1552668782976 [2020-10-19]
FF Extension: (Ghostery – Privacy Ad Blocker) - C:\Users\uzivatel\AppData\Roaming\Mozilla\Firefox\Profiles\7h7ex4z3.default-1552668782976\Extensions\firefox@ghostery.com.xpi [2019-06-24]
FF Extension: (HTTPS Everywhere) - C:\Users\uzivatel\AppData\Roaming\Mozilla\Firefox\Profiles\7h7ex4z3.default-1552668782976\Extensions\https-everywhere@eff.org.xpi [2020-04-03]
FF Extension: (Privacy Badger) - C:\Users\uzivatel\AppData\Roaming\Mozilla\Firefox\Profiles\7h7ex4z3.default-1552668782976\Extensions\jid1-MnnxcxisBPnSXQ@jetpack.xpi [2019-12-08]
FF Extension: (clean-youtube) - C:\Users\uzivatel\AppData\Roaming\Mozilla\Firefox\Profiles\7h7ex4z3.default-1552668782976\Extensions\jid1-q4sG8pYhq8KGHs@jetpack.xpi [2020-06-19]
FF Extension: (uBlock Origin) - C:\Users\uzivatel\AppData\Roaming\Mozilla\Firefox\Profiles\7h7ex4z3.default-1552668782976\Extensions\uBlock0@raymondhill.net.xpi [2020-06-19]
FF Extension: (Adblock) - C:\Users\uzivatel\AppData\Roaming\Mozilla\Firefox\Profiles\7h7ex4z3.default-1552668782976\Extensions\{2d7387e7-05cf-43c0-9096-8fd4699b0b11}.xpi [2020-06-19]
FF Extension: (NoScript) - C:\Users\uzivatel\AppData\Roaming\Mozilla\Firefox\Profiles\7h7ex4z3.default-1552668782976\Extensions\{73a6fe31-595d-460b-a920-fcc0f8843232}.xpi [2019-07-26]
FF Plugin: @adobe.com/FlashPlayer -> C:\Windows\system32\Macromed\Flash\NPSWF64_32_0_0_433.dll [2020-09-12] (Adobe Inc. -> )
FF Plugin-x32: @adobe.com/FlashPlayer -> C:\Windows\SysWOW64\Macromed\Flash\NPSWF32_32_0_0_433.dll [2020-09-12] (Adobe Inc. -> )
FF Plugin-x32: @foxitsoftware.com/Foxit PhantomPDF Plugin,version=1.0,application/vnd.xdp -> C:\Program Files (x86)\Foxit PhantomPDF\plugins\npFoxitPhantomPDFPlugin.dll [No File]
FF Plugin-x32: @foxitsoftware.com/Foxit PhantomPDF Plugin,version=1.0,application/vnd.xfdf -> C:\Program Files (x86)\Foxit PhantomPDF\plugins\npFoxitPhantomPDFPlugin.dll [No File]
FF Plugin-x32: @foxitsoftware.com/Foxit Reader Plugin,version=1.0,application/pdf -> C:\Program Files (x86)\Foxit Software\Foxit Reader\plugins\npFoxitReaderPlugin.dll [2019-01-17] (Foxit Software Incorporated -> Foxit Corporation)
FF Plugin-x32: @foxitsoftware.com/Foxit Reader Plugin,version=1.0,application/vnd.fdf -> C:\Program Files (x86)\Foxit Software\Foxit Reader\plugins\npFoxitReaderPlugin.dll [2019-01-17] (Foxit Software Incorporated -> Foxit Corporation)
FF Plugin-x32: @foxitsoftware.com/Foxit Reader Plugin,version=1.0,application/vnd.xdp -> C:\Program Files (x86)\Foxit Software\Foxit Reader\plugins\npFoxitReaderPlugin.dll [2019-01-17] (Foxit Software Incorporated -> Foxit Corporation)
FF Plugin-x32: @foxitsoftware.com/Foxit Reader Plugin,version=1.0,application/vnd.xfdf -> C:\Program Files (x86)\Foxit Software\Foxit Reader\plugins\npFoxitReaderPlugin.dll [2019-01-17] (Foxit Software Incorporated -> Foxit Corporation)
FF Plugin-x32: @intel-webapi.intel.com/Intel WebAPI ipt;version=4.0.56 -> C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\IPT\npIntelWebAPIIPT.dll [2014-09-03] (Intel(R) Identity Protection Technology Software -> Intel Corporation)
FF Plugin-x32: @intel-webapi.intel.com/Intel WebAPI updater -> C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\IPT\npIntelWebAPIUpdater.dll [2014-09-03] (Intel(R) Identity Protection Technology Software -> Intel Corporation)
FF Plugin-x32: @videolan.org/vlc,version=3.0.6 -> C:\Program Files (x86)\VideoLAN\VLC\npvlc.dll [2019-01-10] (VideoLAN -> VideoLAN)

==================== Services (Whitelisted) ===================

(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)

S4 AdobeFlashPlayerUpdateSvc; C:\Windows\SysWOW64\Macromed\Flash\FlashPlayerUpdateService.exe [335416 2020-09-12] (Adobe Inc. -> Adobe)
R2 Apple Mobile Device Service; C:\Program Files\Common Files\Apple\Mobile Device Support\AppleMobileDeviceService.exe [96056 2020-09-09] (Apple Inc. -> Apple Inc.)
R2 ibtsiva.exe; C:\Program Files (x86)\Intel\Bluetooth\utilities\ibtsiva.exe [121288 2014-08-13] (Intel Corporation-Mobile Wireless Group -> Intel Corporation)
R2 IntelUSBoverIP; C:\Program Files\Intel Corporation\USB over IP\bin\UoipService.exe [394184 2014-10-15] (Intel(R) Wireless Display -> Intel)
S3 MsMpiLaunchSvc; C:\Program Files\Microsoft MPI\Bin\msmpilaunchsvc.exe [23040 2016-03-04] () [File not signed]
R2 MSSQL$SQLEXPRESS; C:\Program Files\Microsoft SQL Server\MSSQL14.SQLEXPRESS\MSSQL\Binn\sqlservr.exe [485048 2017-08-22] (Microsoft Corporation -> Microsoft Corporation)
R3 MSSQLFDLauncher; C:\Program Files\Microsoft SQL Server\MSSQL14.MSSQLSERVER\MSSQL\Binn\fdlauncher.exe [60592 2017-08-22] (Microsoft Corporation -> Microsoft Corporation)
R3 MSSQLFDLauncher$SQLEXPRESS; C:\Program Files\Microsoft SQL Server\MSSQL14.SQLEXPRESS\MSSQL\Binn\fdlauncher.exe [60592 2017-08-22] (Microsoft Corporation -> Microsoft Corporation)
R2 MSSQLLaunchpad; C:\Program Files\Microsoft SQL Server\MSSQL14.MSSQLSERVER\MSSQL\Binn\launchpad.exe [1121464 2017-08-22] (Microsoft Corporation -> Microsoft Corporation)
R2 MSSQLLaunchpad$SQLEXPRESS; C:\Program Files\Microsoft SQL Server\MSSQL14.SQLEXPRESS\MSSQL\Binn\launchpad.exe [1121464 2017-08-22] (Microsoft Corporation -> Microsoft Corporation)
R2 MSSQLSERVER; C:\Program Files\Microsoft SQL Server\MSSQL14.MSSQLSERVER\MSSQL\Binn\sqlservr.exe [485048 2017-08-22] (Microsoft Corporation -> Microsoft Corporation)
S4 SQLAgent$SQLEXPRESS; C:\Program Files\Microsoft SQL Server\MSSQL14.SQLEXPRESS\MSSQL\Binn\SQLAGENT.EXE [578744 2017-08-22] (Microsoft Corporation -> Microsoft Corporation)
S4 SQLSERVERAGENT; C:\Program Files\Microsoft SQL Server\MSSQL14.MSSQLSERVER\MSSQL\Binn\SQLAGENT.EXE [578744 2017-08-22] (Microsoft Corporation -> Microsoft Corporation)
R2 SQLTELEMETRY; C:\Program Files\Microsoft SQL Server\MSSQL14.MSSQLSERVER\MSSQL\Binn\sqlceip.exe [246968 2017-08-22] (Microsoft Corporation -> Microsoft Corporation)
R2 SQLTELEMETRY$SQLEXPRESS; C:\Program Files\Microsoft SQL Server\MSSQL14.SQLEXPRESS\MSSQL\Binn\sqlceip.exe [246968 2017-08-22] (Microsoft Corporation -> Microsoft Corporation)
R3 WdNisSvc; C:\Program Files\Windows Defender\NisSrv.exe [361824 2017-01-12] (Microsoft Corporation -> Microsoft Corporation)
R2 WinDefend; C:\Program Files\Windows Defender\MsMpEng.exe [119872 2017-01-12] (Microsoft Corporation -> Microsoft Corporation)

===================== Drivers (Whitelisted) ===================

(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)

S3 ATP; C:\Windows\System32\drivers\AsusTP.sys [69904 2014-11-21] (ASUSTeK Computer Inc. -> ASUS Corporation)
S3 AX88772; C:\Windows\system32\DRIVERS\ax88772.sys [113864 2013-07-18] (WDKTestCert asix,130126255272009909 -> ASIX Electronics Corp.)
S3 BthMtpEnum; C:\Windows\system32\DRIVERS\BthMtpEnum.sys [62976 2013-08-22] (Microsoft Windows -> Microsoft Corporation)
S3 GeneStor; C:\Windows\System32\drivers\GeneStor.sys [130648 2016-08-22] (GENESYS LOGIC, INC. -> GenesysLogic)
S1 ISODisk; C:\Windows\SysWow64\Drivers\ISODisk.sys [9600 2006-04-26] () [File not signed]
R3 kbfiltr; C:\Windows\System32\drivers\kbfiltr.sys [17280 2012-08-06] (ASUSTeK Computer Inc. -> )
S0 mfeelamk; C:\Windows\System32\drivers\mfeelamk.sys [80920 2015-07-02] (Microsoft Windows Early Launch Anti-malware Publisher -> McAfee, Inc.)
S3 Netaapl; C:\Windows\system32\DRIVERS\netaapl64.sys [23040 2016-12-21] (Microsoft Windows Hardware Compatibility Publisher -> Apple Inc.)
R0 pwdrvio; C:\Windows\System32\pwdrvio.sys [19152 2013-09-30] (MiniTool Solution Ltd -> )
S3 pwdspio; C:\Windows\system32\pwdspio.sys [12504 2013-09-30] (MiniTool Solution Ltd -> )
S4 RsFx0500; C:\Windows\System32\DRIVERS\RsFx0500.sys [261848 2017-08-22] (Microsoft Corporation -> Microsoft Corporation)
S3 RTLU3E8023-W8-64; C:\Windows\system32\DRIVERS\rtu30x64w8.sys [70656 2013-06-18] (Microsoft Windows -> Realtek)
S4 secdrv; C:\Windows\SysWow64\Drivers\secdrv.sys [11968 2000-06-27] () [File not signed]
S3 tap0901; C:\Windows\system32\DRIVERS\tap0901.sys [27136 2014-11-05] (OpenVPN Technologies, Inc. -> The OpenVPN Project)
R3 t_mouse.sys; C:\Windows\system32\DRIVERS\t_mouse.sys [6144 2013-04-09] (Microsoft Windows Hardware Compatibility Publisher -> )
R3 usb3Hub; C:\Windows\System32\drivers\usb3Hub.sys [213296 2014-10-15] (Intel(R) Wireless Display -> Windows (R) Win 7 DDK provider)
S3 USBAAPL64; C:\Windows\System32\Drivers\usbaapl64.sys [54784 2016-12-21] (Microsoft Windows Hardware Compatibility Publisher -> Apple, Inc.)
S3 VBoxNetAdp; C:\Windows\system32\DRIVERS\VBoxNetAdp6.sys [237312 2020-02-19] (Oracle Corporation -> Oracle Corporation)
S0 WdBoot; C:\Windows\System32\drivers\WdBoot.sys [46600 2017-02-10] (Microsoft Windows Early Launch Anti-malware Publisher -> Microsoft Corporation)
R0 WdFilter; C:\Windows\System32\drivers\WdFilter.sys [274776 2017-01-12] (Microsoft Windows -> Microsoft Corporation)
R3 WdNisDrv; C:\Windows\System32\Drivers\WdNisDrv.sys [117592 2017-01-12] (Microsoft Windows -> Microsoft Corporation)
U0 msahci; system32\drivers\msahci.sys [X]
S3 VirtualDVD; \SystemRoot\system32\DRIVERS\VirtualDVD.sys [X]

==================== NetSvcs (Whitelisted) ===================

(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)


==================== One month (created) ===================

(If an entry is included in the fixlist, the file/folder will be moved.)

2020-10-19 14:58 - 2020-10-19 15:02 - 000009629 _____ C:\Users\uzivatel\Desktop\FRST.txt
2020-10-13 19:06 - 2020-10-13 19:06 - 000000000 ____D C:\Windows\system32\Tasks\Mozilla
2020-09-27 18:37 - 2020-09-27 18:37 - 000001091 _____ C:\Users\Administrator\Desktop\Wolfenstein (Multiplayer).lnk
2020-09-27 18:04 - 2020-09-29 19:55 - 000000000 ____D C:\Users\uzivatel\AppData\Local\ElevatedDiagnostics
2020-09-27 17:45 - 2020-09-27 17:48 - 000000000 ____D C:\Users\uzivatel\AppData\Roaming\windows95
2020-09-27 17:44 - 2020-09-27 17:45 - 000000000 ____D C:\Users\uzivatel\AppData\Local\SquirrelTemp
2020-09-22 20:29 - 2020-09-22 20:29 - 000001761 _____ C:\Users\Public\Desktop\iTunes.lnk
2020-09-22 20:29 - 2020-09-22 20:29 - 000001761 _____ C:\ProgramData\Desktop\iTunes.lnk
2020-09-22 20:29 - 2020-09-22 20:29 - 000000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\iTunes
2020-09-22 20:29 - 2020-09-22 20:29 - 000000000 ____D C:\Program Files\iTunes
2020-09-22 20:29 - 2020-09-22 20:29 - 000000000 ____D C:\Program Files\iPod

==================== One month (modified) ==================

(If an entry is included in the fixlist, the file/folder will be moved.)

2020-10-19 15:02 - 2017-07-25 22:18 - 000000000 ____D C:\FRST
2020-10-19 14:58 - 2020-04-09 22:13 - 000003380 _____ C:\Windows\system32\Tasks\MicrosoftEdgeUpdateTaskMachineUA
2020-10-19 14:58 - 2020-04-09 22:13 - 000003252 _____ C:\Windows\system32\Tasks\MicrosoftEdgeUpdateTaskMachineCore
2020-10-19 14:58 - 2017-10-03 19:38 - 002299904 _____ (Farbar) C:\Users\uzivatel\Desktop\FRST64.exe
2020-10-19 14:58 - 2014-03-18 17:25 - 001243990 _____ C:\Windows\system32\PerfStringBackup.INI
2020-10-19 14:58 - 2013-08-22 15:36 - 000000000 ____D C:\Windows\Inf
2020-10-19 14:51 - 2016-11-15 19:41 - 000000000 ____D C:\Users\uzivatel\AppData\LocalLow\Mozilla
2020-10-19 14:51 - 2013-08-22 16:45 - 000000006 ____H C:\Windows\Tasks\SA.DAT
2020-10-17 21:24 - 2013-08-22 15:25 - 000262144 ___SH C:\Windows\system32\config\BBI
2020-10-17 20:48 - 2015-09-02 18:48 - 000003600 _____ C:\Windows\system32\Tasks\Optimize Start Menu Cache Files-S-1-5-21-4176085001-3363555415-2058170901-1001
2020-10-17 12:26 - 2020-04-09 22:14 - 000002251 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Microsoft Edge.lnk
2020-10-17 12:26 - 2020-04-09 22:14 - 000002210 _____ C:\Users\Public\Desktop\Microsoft Edge.lnk
2020-10-17 12:26 - 2020-04-09 22:14 - 000002210 _____ C:\ProgramData\Desktop\Microsoft Edge.lnk
2020-10-14 18:58 - 2017-09-24 19:14 - 000000000 ____D C:\Program Files\Mozilla Firefox
2020-10-14 18:58 - 2015-09-02 19:09 - 000000000 ____D C:\Program Files (x86)\Mozilla Maintenance Service
2020-10-13 19:06 - 2015-09-02 19:09 - 000000950 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Firefox.lnk
2020-10-08 06:50 - 2013-08-22 17:36 - 000000000 ____D C:\Windows\system32\NDF
2020-10-06 17:49 - 2019-07-07 17:04 - 000000000 ____D C:\Program Files\Recuva
2020-10-06 17:44 - 2015-09-02 18:42 - 000000000 ____D C:\Users\uzivatel
2020-09-27 18:40 - 2020-04-09 22:20 - 000000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Return to Castle Wolfenstein
2020-09-27 18:40 - 2020-04-09 22:15 - 000000600 _____ C:\Windows\Rtcw.INI
2020-09-27 18:27 - 2020-04-15 20:33 - 000000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Return to Castle Wolfenstein DEMO
2020-09-27 18:03 - 2016-06-12 11:14 - 000000000 ____D C:\Users\uzivatel\AppData\Local\CrashDumps
2020-09-27 17:52 - 2020-04-07 22:47 - 000000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\NCSS 97
2020-09-27 17:52 - 2020-04-07 22:46 - 000000000 ____D C:\Program Files (x86)\NCSS97
2020-09-27 17:50 - 2019-11-27 21:07 - 000001391 _____ C:\Windows\WINTRAN.INI
2020-09-27 17:50 - 2019-11-27 21:07 - 000000546 _____ C:\Windows\WDICT32.INI
2020-09-27 17:50 - 2019-11-27 21:07 - 000000065 _____ C:\Windows\STXKBD.INI
2020-09-27 17:50 - 2019-11-27 21:07 - 000000013 _____ C:\Windows\WTRDCTM.INI
2020-09-25 15:58 - 2019-01-30 17:30 - 000000000 ____D C:\ProgramData\Mozilla

==================== Files in the root of some directories ========

2015-09-02 18:43 - 2019-10-27 20:27 - 000000125 _____ () C:\Users\uzivatel\AppData\Roaming\sp_data.sys
2015-10-01 15:42 - 2015-10-01 15:42 - 000000017 _____ () C:\Users\uzivatel\AppData\Local\resmon.resmoncfg

==================== SigCheck ============================

(There is no automatic fix for files that do not pass verification.)


LastRegBack: 2020-10-18 10:51
==================== End of FRST.txt ========================

addition txt

Additional scan result of Farbar Recovery Scan Tool (x64) Version: 14-10-2020
Ran by uzivatel (19-10-2020 15:02:59)
Running from C:\Users\uzivatel\Desktop
Windows 8.1 Pro (Update) (X64) (2015-09-02 16:42:46)
Boot Mode: Normal
==========================================================


==================== Accounts: =============================

Administrator (S-1-5-21-4176085001-3363555415-2058170901-500 - Administrator - Enabled) => C:\Users\Administrator
Guest (S-1-5-21-4176085001-3363555415-2058170901-501 - Limited - Disabled)
MSSQLSERVER00 (S-1-5-21-4176085001-3363555415-2058170901-1026 - Limited - Enabled)
MSSQLSERVER01 (S-1-5-21-4176085001-3363555415-2058170901-1027 - Limited - Enabled)
MSSQLSERVER02 (S-1-5-21-4176085001-3363555415-2058170901-1028 - Limited - Enabled)
MSSQLSERVER03 (S-1-5-21-4176085001-3363555415-2058170901-1029 - Limited - Enabled)
MSSQLSERVER04 (S-1-5-21-4176085001-3363555415-2058170901-1030 - Limited - Enabled)
MSSQLSERVER05 (S-1-5-21-4176085001-3363555415-2058170901-1031 - Limited - Enabled)
MSSQLSERVER06 (S-1-5-21-4176085001-3363555415-2058170901-1032 - Limited - Enabled)
MSSQLSERVER07 (S-1-5-21-4176085001-3363555415-2058170901-1033 - Limited - Enabled)
MSSQLSERVER08 (S-1-5-21-4176085001-3363555415-2058170901-1034 - Limited - Enabled)
MSSQLSERVER09 (S-1-5-21-4176085001-3363555415-2058170901-1035 - Limited - Enabled)
MSSQLSERVER10 (S-1-5-21-4176085001-3363555415-2058170901-1036 - Limited - Enabled)
MSSQLSERVER11 (S-1-5-21-4176085001-3363555415-2058170901-1037 - Limited - Enabled)
MSSQLSERVER12 (S-1-5-21-4176085001-3363555415-2058170901-1038 - Limited - Enabled)
MSSQLSERVER13 (S-1-5-21-4176085001-3363555415-2058170901-1039 - Limited - Enabled)
MSSQLSERVER14 (S-1-5-21-4176085001-3363555415-2058170901-1040 - Limited - Enabled)
MSSQLSERVER15 (S-1-5-21-4176085001-3363555415-2058170901-1041 - Limited - Enabled)
MSSQLSERVER16 (S-1-5-21-4176085001-3363555415-2058170901-1042 - Limited - Enabled)
MSSQLSERVER17 (S-1-5-21-4176085001-3363555415-2058170901-1043 - Limited - Enabled)
MSSQLSERVER18 (S-1-5-21-4176085001-3363555415-2058170901-1044 - Limited - Enabled)
MSSQLSERVER19 (S-1-5-21-4176085001-3363555415-2058170901-1045 - Limited - Enabled)
MSSQLSERVER20 (S-1-5-21-4176085001-3363555415-2058170901-1046 - Limited - Enabled)
SQLEXPRESS00 (S-1-5-21-4176085001-3363555415-2058170901-1004 - Limited - Enabled)
SQLEXPRESS01 (S-1-5-21-4176085001-3363555415-2058170901-1005 - Limited - Enabled)
SQLEXPRESS02 (S-1-5-21-4176085001-3363555415-2058170901-1006 - Limited - Enabled)
SQLEXPRESS03 (S-1-5-21-4176085001-3363555415-2058170901-1007 - Limited - Enabled)
SQLEXPRESS04 (S-1-5-21-4176085001-3363555415-2058170901-1008 - Limited - Enabled)
SQLEXPRESS05 (S-1-5-21-4176085001-3363555415-2058170901-1009 - Limited - Enabled)
SQLEXPRESS06 (S-1-5-21-4176085001-3363555415-2058170901-1010 - Limited - Enabled)
SQLEXPRESS07 (S-1-5-21-4176085001-3363555415-2058170901-1011 - Limited - Enabled)
SQLEXPRESS08 (S-1-5-21-4176085001-3363555415-2058170901-1012 - Limited - Enabled)
SQLEXPRESS09 (S-1-5-21-4176085001-3363555415-2058170901-1013 - Limited - Enabled)
SQLEXPRESS10 (S-1-5-21-4176085001-3363555415-2058170901-1014 - Limited - Enabled)
SQLEXPRESS11 (S-1-5-21-4176085001-3363555415-2058170901-1015 - Limited - Enabled)
SQLEXPRESS12 (S-1-5-21-4176085001-3363555415-2058170901-1016 - Limited - Enabled)
SQLEXPRESS13 (S-1-5-21-4176085001-3363555415-2058170901-1017 - Limited - Enabled)
SQLEXPRESS14 (S-1-5-21-4176085001-3363555415-2058170901-1018 - Limited - Enabled)
SQLEXPRESS15 (S-1-5-21-4176085001-3363555415-2058170901-1019 - Limited - Enabled)
SQLEXPRESS16 (S-1-5-21-4176085001-3363555415-2058170901-1020 - Limited - Enabled)
SQLEXPRESS17 (S-1-5-21-4176085001-3363555415-2058170901-1021 - Limited - Enabled)
SQLEXPRESS18 (S-1-5-21-4176085001-3363555415-2058170901-1022 - Limited - Enabled)
SQLEXPRESS19 (S-1-5-21-4176085001-3363555415-2058170901-1023 - Limited - Enabled)
SQLEXPRESS20 (S-1-5-21-4176085001-3363555415-2058170901-1024 - Limited - Enabled)
uzivatel (S-1-5-21-4176085001-3363555415-2058170901-1001 - Administrator - Enabled) => C:\Users\uzivatel

==================== Security Center ========================

(If an entry is included in the fixlist, it will be removed.)

AV: Windows Defender (Enabled - Up to date) {D68DDC3A-831F-4fae-9E44-DA132C1ACF46}
AS: Windows Defender (Enabled - Up to date) {D68DDC3A-831F-4fae-9E44-DA132C1ACF46}

==================== Installed Programs ======================

(Only the adware programs with "Hidden" flag could be added to the fixlist to unhide them. The adware programs should be uninstalled manually.)

2007 Microsoft Office Suite Service Pack 3 (SP3) (HKLM-x32\...\{90120000-0015-0409-0000-0000000FF1CE}_ENTERPRISE_{AAA19365-932B-49BD-8138-BE28CEE9C4B4}) (Version: - Microsoft) Hidden
2007 Microsoft Office Suite Service Pack 3 (SP3) (HKLM-x32\...\{90120000-0016-0409-0000-0000000FF1CE}_ENTERPRISE_{AAA19365-932B-49BD-8138-BE28CEE9C4B4}) (Version: - Microsoft) Hidden
2007 Microsoft Office Suite Service Pack 3 (SP3) (HKLM-x32\...\{90120000-0018-0409-0000-0000000FF1CE}_ENTERPRISE_{AAA19365-932B-49BD-8138-BE28CEE9C4B4}) (Version: - Microsoft) Hidden
2007 Microsoft Office Suite Service Pack 3 (SP3) (HKLM-x32\...\{90120000-0019-0409-0000-0000000FF1CE}_ENTERPRISE_{AAA19365-932B-49BD-8138-BE28CEE9C4B4}) (Version: - Microsoft) Hidden
2007 Microsoft Office Suite Service Pack 3 (SP3) (HKLM-x32\...\{90120000-001A-0409-0000-0000000FF1CE}_ENTERPRISE_{AAA19365-932B-49BD-8138-BE28CEE9C4B4}) (Version: - Microsoft) Hidden
2007 Microsoft Office Suite Service Pack 3 (SP3) (HKLM-x32\...\{90120000-001B-0409-0000-0000000FF1CE}_ENTERPRISE_{AAA19365-932B-49BD-8138-BE28CEE9C4B4}) (Version: - Microsoft) Hidden
2007 Microsoft Office Suite Service Pack 3 (SP3) (HKLM-x32\...\{90120000-001F-0409-0000-0000000FF1CE}_ENTERPRISE_{1FF96026-A04A-4C3E-B50A-BB7022654D0F}) (Version: - Microsoft) Hidden
2007 Microsoft Office Suite Service Pack 3 (SP3) (HKLM-x32\...\{90120000-001F-040C-0000-0000000FF1CE}_ENTERPRISE_{71F055E8-E2C6-4214-BB3D-BFE03561B89E}) (Version: - Microsoft) Hidden
2007 Microsoft Office Suite Service Pack 3 (SP3) (HKLM-x32\...\{90120000-001F-0C0A-0000-0000000FF1CE}_ENTERPRISE_{2314F9A1-126F-45CC-8A5E-DFAF866F3FBC}) (Version: - Microsoft) Hidden
2007 Microsoft Office Suite Service Pack 3 (SP3) (HKLM-x32\...\{90120000-002A-0000-1000-0000000FF1CE}_ENTERPRISE_{664655D8-B9BB-455D-8A58-7EAF7B0B2862}) (Version: - Microsoft) Hidden
2007 Microsoft Office Suite Service Pack 3 (SP3) (HKLM-x32\...\{90120000-002A-0409-1000-0000000FF1CE}_ENTERPRISE_{98333358-268C-4164-B6D4-C96DF5153727}) (Version: - Microsoft) Hidden
2007 Microsoft Office Suite Service Pack 3 (SP3) (HKLM-x32\...\{90120000-0030-0000-0000-0000000FF1CE}_ENTERPRISE_{6E107EB7-8B55-48BF-ACCB-199F86A2CD93}) (Version: - Microsoft)
2007 Microsoft Office Suite Service Pack 3 (SP3) (HKLM-x32\...\{90120000-0044-0409-0000-0000000FF1CE}_ENTERPRISE_{AAA19365-932B-49BD-8138-BE28CEE9C4B4}) (Version: - Microsoft) Hidden
2007 Microsoft Office Suite Service Pack 3 (SP3) (HKLM-x32\...\{90120000-006E-0409-0000-0000000FF1CE}_ENTERPRISE_{98333358-268C-4164-B6D4-C96DF5153727}) (Version: - Microsoft) Hidden
2007 Microsoft Office Suite Service Pack 3 (SP3) (HKLM-x32\...\{90120000-00A1-0409-0000-0000000FF1CE}_ENTERPRISE_{AAA19365-932B-49BD-8138-BE28CEE9C4B4}) (Version: - Microsoft) Hidden
2007 Microsoft Office Suite Service Pack 3 (SP3) (HKLM-x32\...\{90120000-00BA-0409-0000-0000000FF1CE}_ENTERPRISE_{AAA19365-932B-49BD-8138-BE28CEE9C4B4}) (Version: - Microsoft) Hidden
2007 Microsoft Office Suite Service Pack 3 (SP3) (HKLM-x32\...\{90120000-0114-0409-0000-0000000FF1CE}_ENTERPRISE_{AAA19365-932B-49BD-8138-BE28CEE9C4B4}) (Version: - Microsoft) Hidden
2007 Microsoft Office Suite Service Pack 3 (SP3) (HKLM-x32\...\{90120000-0115-0409-0000-0000000FF1CE}_ENTERPRISE_{98333358-268C-4164-B6D4-C96DF5153727}) (Version: - Microsoft) Hidden
2007 Microsoft Office Suite Service Pack 3 (SP3) (HKLM-x32\...\{90120000-0116-0409-1000-0000000FF1CE}_ENTERPRISE_{98333358-268C-4164-B6D4-C96DF5153727}) (Version: - Microsoft) Hidden
2007 Microsoft Office Suite Service Pack 3 (SP3) (HKLM-x32\...\{90120000-0117-0409-0000-0000000FF1CE}_ENTERPRISE_{AAA19365-932B-49BD-8138-BE28CEE9C4B4}) (Version: - Microsoft) Hidden
Adobe Flash Player 32 NPAPI (HKLM-x32\...\Adobe Flash Player NPAPI) (Version: 32.0.0.433 - Adobe)
Apple Mobile Device Support (HKLM\...\{2504ACC6-F5B6-4F18-B4A9-2AAF48D89D85}) (Version: 14.0.0.29 - Apple Inc.)
Apple Software Update (HKLM-x32\...\{A3985C05-7386-411F-A4BF-32A73F37EB44}) (Version: 2.6.3.1 - Apple Inc.)
ASUS USB Charger Plus (HKLM-x32\...\{A859E3E5-C62F-4BFA-AF1D-2B95E03166AF}) (Version: 4.0.2 - ASUS)
ATK Package (HKLM-x32\...\{AB5C933E-5C7D-4D30-B314-9C83A49B94BE}) (Version: 1.0.0037 - ASUS)
AudioWizard (HKLM-x32\...\{57E770A2-2BAF-4CAA-BAA3-BD896E2254D3}) (Version: 1.0.0.31 - ICEpower a/s)
Bonjour (HKLM\...\{56DDDFB8-7F79-4480-89D5-25E1F52AB28F}) (Version: 3.1.0.1 - Apple Inc.)
Browser for SQL Server 2017 (HKLM-x32\...\{CF8EEB96-E7E7-4EF7-A0A1-559F09953156}) (Version: 14.0.1000.169 - Microsoft Corporation)
BS.Player FREE (HKLM-x32\...\BSPlayerf) (Version: 2.71.1081 - AB Team, d.o.o.)
ClamWin Free Antivirus 0.99.4 (HKLM-x32\...\ClamWin Free Antivirus_is1) (Version: - alch)
Conexant HD Audio (HKLM\...\CNXT_AUDIO_HDA) (Version: 8.66.52.56 - Conexant)
f.lux (HKU\S-1-5-21-4176085001-3363555415-2058170901-1001\...\Flux) (Version: - f.lux Software LLC)
Foxit Reader (HKLM-x32\...\Foxit Reader_is1) (Version: 9.4.1.16828 - Foxit Software Inc.)
FREE MSG File Viewer version 2.0 (HKLM-x32\...\{2D370F64-93D0-4731-B27B-35869AEEB460}_is1) (Version: 2.0 - SysTools Software)
Fritz 9 (HKLM-x32\...\{4FAA46FA-D8C1-488C-A979-83F41BB1E1DA}_is1) (Version: 9.0 - US - ACTION, s.r.o.)
ChessBase Reader (HKLM-x32\...\{DE1044D3-B7A3-45F0-AE4C-9F68BDD7B596}) (Version: 12.42.0.0 - ChessBase)
iCloud (HKLM\...\{A3616230-EF97-44F3-83D3-1AE29DC639D3}) (Version: 7.18.0.22 - Apple Inc.)
IIS 10.0 Express (HKLM\...\{2B8326B6-4202-4239-B9A9-F3EC8812E82D}) (Version: 10.0.03917 - Microsoft Corporation)
IIS Express Application Compatibility Database for x64 (HKLM\...\{08274920-8908-45c2-9258-8ad67ff77b09}.sdb) (Version: - ) Hidden
IIS Express Application Compatibility Database for x86 (HKLM\...\{ad846bae-d44b-4722-abad-f7420e08bcd9}.sdb) (Version: - ) Hidden
Intel Collaborative Processor Performance Control (HKLM-x32\...\0E7DAF70-FB54-4B91-B192-7E771C25AEEB) (Version: 1.0.0.1017 - Intel Corporation)
Intel(R) Dynamic Platform and Thermal Framework (HKLM-x32\...\{654EE65D-FAA4-4EA6-8C07-DC94E6A304D4}) (Version: 8.0.10100.71 - Intel Corporation)
Intel(R) Chipset Device Software (HKLM-x32\...\{f5d71765-7cd1-4e68-998f-5b379e725da3}) (Version: 10.0.22 - Intel(R) Corporation) Hidden
Intel(R) Management Engine Components (HKLM\...\{1CEAC85D-2590-4760-800F-8DE5E91F3700}) (Version: 10.0.28.1006 - Intel Corporation)
Intel(R) Processor Graphics (HKLM-x32\...\{F0E3AD40-2BBD-4360-9C76-B9AC9A5886EA}) (Version: 10.18.10.4013 - Intel Corporation)
Intel(R) WiDi (HKLM\...\{2F97FBC6-7992-4DF7-A7C7-B68455E307F7}) (Version: 5.1.20.0 - Intel Corporation)
Intel(R) Wireless Bluetooth(R) (HKLM-x32\...\{06A5031E-3B1E-4FB9-AC4C-BA0FE2706152}) (Version: 17.1.1433.02 - Intel Corporation)
Intel® PROSet/Wireless Software (HKLM-x32\...\{c78a13fd-4324-4ddb-a613-746d2461441d}) (Version: 17.13.1 - Intel Corporation)
ISODisk 1.1 (HKLM-x32\...\{BF731945-7AAD-45E3-A202-A60C9213915C}_is1) (Version: - ISODisk.com)
iTunes (HKLM\...\{E5053BC7-E8F4-4D28-A47F-C448084306A3}) (Version: 12.10.9.3 - Apple Inc.)
Microsoft Edge (HKLM-x32\...\Microsoft Edge) (Version: 86.0.622.43 - Microsoft Corporation)
Microsoft Edge Update (HKLM-x32\...\Microsoft Edge Update) (Version: 1.3.135.49 - )
Microsoft MPI (7.0.12437.8) (HKLM\...\{8499ACD3-C1E3-45AB-BF96-DA491727EBE1}) (Version: 7.0.12437.8 - Microsoft Corporation)
Microsoft ODBC Driver 13 for SQL Server (HKLM\...\{76CF9EF4-ABA0-484E-8042-12B99499AF5F}) (Version: 14.0.1000.169 - Microsoft Corporation)
Microsoft Office Enterprise 2007 (HKLM-x32\...\ENTERPRISE) (Version: 12.0.6612.1000 - Microsoft Corporation)
Microsoft Office File Validation Add-In (HKLM-x32\...\{90140000-2005-0000-0000-0000000FF1CE}) (Version: 14.0.5130.5003 - Microsoft Corporation)
Microsoft SQL Server 2012 Native Client (HKLM\...\{4D2C56FF-7F36-4B49-A97A-24F0522D41D7}) (Version: 11.3.6540.0 - Microsoft Corporation)
Microsoft SQL Server 2016 LocalDB (HKLM\...\{9097BF1A-13A0-4A4A-A1F8-473E2A669863}) (Version: 13.1.4001.0 - Microsoft Corporation)
Microsoft SQL Server 2017 (64-bit) (HKLM\...\Microsoft SQL Server SQL2017) (Version: - Microsoft Corporation)
Microsoft SQL Server 2017 LocalDB (HKLM\...\{216778FC-CC9A-4D47-AF5E-8223A37626D4}) (Version: 14.0.1000.169 - Microsoft Corporation)
Microsoft SQL Server 2017 Setup (English) (HKLM\...\{405252DC-ADF7-4BC8-95F5-F89DE513DD62}) (Version: 14.0.1000.169 - Microsoft Corporation)
Microsoft SQL Server 2017 T-SQL Language Service (HKLM\...\{C8A51693-98B9-4AB1-91B8-9A1B86729D5F}) (Version: 14.0.1000.169 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x64 9.0.30729.17 (HKLM\...\{8220EEFE-38CD-377E-8595-13398D740ACE}) (Version: 9.0.30729 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x64 9.0.30729.6161 (HKLM\...\{5FCE6D76-F5DC-37AB-B2B8-22AB8CEDB1D4}) (Version: 9.0.30729.6161 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x86 9.0.21022 (HKLM-x32\...\{FF66E9F6-83E7-3A3E-AF14-8DE9A809A6A4}) (Version: 9.0.21022 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.6161 (HKLM-x32\...\{9BE518E6-ECC6-35A9-88E4-87755C07200F}) (Version: 9.0.30729.6161 - Microsoft Corporation)
Microsoft Visual C++ 2012 Redistributable (x86) - 11.0.60610 (HKLM-x32\...\{95716cce-fc71-413f-8ad5-56c2892d4b3a}) (Version: 11.0.60610.1 - Microsoft Corporation)
Microsoft Visual C++ 2013 Redistributable (x64) - 12.0.30501 (HKLM-x32\...\{050d4fc8-5d48-4b8f-8972-47c82c46020f}) (Version: 12.0.30501.0 - Microsoft Corporation)
Microsoft Visual C++ 2013 Redistributable (x86) - 12.0.30501 (HKLM-x32\...\{f65db027-aff3-4070-886a-0d87064aabb1}) (Version: 12.0.30501.0 - Microsoft Corporation)
Microsoft Visual C++ 2015-2019 Redistributable (x64) - 14.25.28508 (HKLM-x32\...\{6913e92a-b64e-41c9-a5e6-cef39207fe89}) (Version: 14.25.28508.3 - Microsoft Corporation)
Microsoft Visual C++ 2015-2019 Redistributable (x86) - 14.25.28508 (HKLM-x32\...\{65e650ff-30be-469d-b63a-418d71ea1765}) (Version: 14.25.28508.3 - Microsoft Corporation)
Microsoft Visual Studio Installer (HKLM\...\{6F320B93-EE3C-4826-85E0-ADF79F8D4C61}) (Version: 2.5.2059.317 - Microsoft Corporation)
Microsoft VSS Writer for SQL Server 2017 (HKLM\...\{20B328C9-C6BB-434A-928A-00F05CD820B8}) (Version: 14.0.1000.169 - Microsoft Corporation)
Microsoft Web Deploy 4.0 (HKLM\...\{BBCDB523-F5B7-4E53-A911-C85191E3BDF0}) (Version: 10.0.2606 - Microsoft Corporation)
MiniTool Power Data Recovery (HKLM-x32\...\MiniTool Power Data Recovery_is1) (Version: - MiniTool Solution Ltd.)
Mozilla Firefox 81.0.2 (x64 en-US) (HKLM\...\Mozilla Firefox 81.0.2 (x64 en-US)) (Version: 81.0.2 - Mozilla)
Mozilla Maintenance Service (HKLM\...\MozillaMaintenanceService) (Version: 55.0.3 - Mozilla)
Mp3tag v2.73 (HKLM-x32\...\Mp3tag) (Version: v2.73 - Florian Heidenreich)
MSVC90_x64 (HKLM\...\{AB071C8B-873C-459F-ACA9-9EBE03C3E89B}) (Version: 1.0.1.2 - Nokia) Hidden
MSVC90_x86 (HKLM-x32\...\{AF111648-99A1-453E-81DD-80DBBF6DAD0D}) (Version: 1.0.1.2 - Nokia) Hidden
NCSS 97 (HKLM-x32\...\NCSS 97) (Version: - )
Podpora Apple aplikácií (32-bit) (HKLM-x32\...\{9738288C-21BC-4F54-AB4F-72F059339376}) (Version: 8.6 - Apple Inc.)
Podpora Apple aplikácií(64-bit) (HKLM\...\{DEB339C1-2687-43AB-816A-8714F3E26846}) (Version: 8.6 - Apple Inc.)
Realtek USB Fast Ethernet Controller All-In-One Windows Driver (HKLM-x32\...\{D2B61BE0-B18B-4091-81B4-F234F4C30DFD}) (Version: 8.13.106.2014 - Realtek)
Recuva (HKLM\...\Recuva) (Version: 1.53 - Piriform)
SQL Server 2017 Advanced Analytics (HKLM\...\{3471E30E-5FFC-4FB1-81BA-43060B3D2B42}) (Version: 14.0.1000.169 - Microsoft Corporation) Hidden
SQL Server 2017 Advanced Analytics (HKLM\...\{826DA700-7B76-49BA-8A83-E55F5FA1301E}) (Version: 14.0.1000.169 - Microsoft Corporation) Hidden
SQL Server 2017 Batch Parser (HKLM\...\{2C6E8311-28BD-4615-9545-6E39E8E83A4B}) (Version: 14.0.1000.169 - Microsoft Corporation) Hidden
SQL Server 2017 Client Tools (HKLM\...\{A6A9EFA1-AFEB-4209-B25D-3CFF2E6FAE2C}) (Version: 14.0.1000.169 - Microsoft Corporation) Hidden
SQL Server 2017 Client Tools (HKLM\...\{BD1502B1-778B-44B6-B2B4-0B77BD0366A1}) (Version: 14.0.1000.169 - Microsoft Corporation) Hidden
SQL Server 2017 Client Tools Extensions (HKLM\...\{06324A5D-66BB-4FAC-8D0B-9FEC1B230FFF}) (Version: 14.0.1000.169 - Microsoft Corporation) Hidden
SQL Server 2017 Client Tools Extensions (HKLM\...\{200F38B2-1492-4576-B08C-78F2C2C953FC}) (Version: 14.0.1000.169 - Microsoft Corporation) Hidden
SQL Server 2017 Common Files (HKLM\...\{9D1C0509-D490-4E9E-ACF5-A73E5C53742D}) (Version: 14.0.1000.169 - Microsoft Corporation) Hidden
SQL Server 2017 Common Files (HKLM\...\{B777C4C0-A1CD-4AB9-99B1-AD5FBED6F8E5}) (Version: 14.0.1000.169 - Microsoft Corporation) Hidden
SQL Server 2017 Connection Info (HKLM\...\{89A7644F-E056-4EC1-BFDE-9D1A531D6855}) (Version: 14.0.1000.169 - Microsoft Corporation) Hidden
SQL Server 2017 Connection Info (HKLM\...\{A9A443F5-56E1-4FC6-937C-5F481345A843}) (Version: 14.0.1000.169 - Microsoft Corporation) Hidden
SQL Server 2017 Database Engine Services (HKLM\...\{28EEF6BA-A23A-42D2-86BA-A6BEE723B969}) (Version: 14.0.1000.169 - Microsoft Corporation) Hidden
SQL Server 2017 Database Engine Services (HKLM\...\{36C9ADEE-91B0-4FFA-9CBA-9164CE6089D5}) (Version: 14.0.1000.169 - Microsoft Corporation) Hidden
SQL Server 2017 Database Engine Services (HKLM\...\{CDFAD32A-7C67-44E2-B4FC-80F2D748A032}) (Version: 14.0.1000.169 - Microsoft Corporation) Hidden
SQL Server 2017 Database Engine Services (HKLM\...\{DED314CA-0EFE-4593-9D66-EF75E5289A4C}) (Version: 14.0.1000.169 - Microsoft Corporation) Hidden
SQL Server 2017 Database Engine Shared (HKLM\...\{0E22DBB4-691B-400C-B52D-8DFE8EC421AA}) (Version: 14.0.1000.169 - Microsoft Corporation) Hidden
SQL Server 2017 Database Engine Shared (HKLM\...\{793F1C1E-5C83-4E33-A29B-6EAA7C1E791C}) (Version: 14.0.1000.169 - Microsoft Corporation) Hidden
SQL Server 2017 DMF (HKLM\...\{B9998A13-5563-496C-B95E-597FFC70B670}) (Version: 14.0.1000.169 - Microsoft Corporation) Hidden
SQL Server 2017 DMF (HKLM\...\{D7D28BBF-3B0E-43F0-A457-331F1CD9E9EB}) (Version: 14.0.1000.169 - Microsoft Corporation) Hidden
SQL Server 2017 Full text search (HKLM\...\{887B9993-3A2F-43B1-B7C1-B6CCF8B0D0FA}) (Version: 14.0.1000.169 - Microsoft Corporation) Hidden
SQL Server 2017 Full text search (HKLM\...\{C37AD300-12CF-4911-9019-A05D66055EB4}) (Version: 14.0.1000.169 - Microsoft Corporation) Hidden
SQL Server 2017 Shared Management Objects (HKLM\...\{10855B1A-F7F2-4D8A-A725-9287C73BED5A}) (Version: 14.0.1000.169 - Microsoft Corporation) Hidden
SQL Server 2017 Shared Management Objects (HKLM\...\{6CBBF624-696C-499E-948D-ADBAFFA2F548}) (Version: 14.0.1000.169 - Microsoft Corporation) Hidden
SQL Server 2017 Shared Management Objects Extensions (HKLM\...\{8C515C22-BE07-4908-985C-0AA9349E1ED4}) (Version: 14.0.1000.169 - Microsoft Corporation) Hidden
SQL Server 2017 Shared Management Objects Extensions (HKLM\...\{C6D92730-3EC0-47B1-8F6C-6F5635D1EFAC}) (Version: 14.0.1000.169 - Microsoft Corporation) Hidden
SQL Server 2017 SQL Diagnostics (HKLM\...\{DFA6A906-3024-49DE-87AD-750EAED2FA49}) (Version: 14.0.1000.169 - Microsoft Corporation) Hidden
SQL Server 2017 sql_inst_mpy (HKLM\...\{86DE7941-F5F3-48DF-A45F-82FA91217B45}) (Version: 14.0.1000.169 - Microsoft Corporation) Hidden
SQL Server 2017 sql_inst_mpy (HKLM\...\{EE93819A-0492-4720-8721-1D06BF78457F}) (Version: 14.0.1000.169 - Microsoft Corporation) Hidden
SQL Server 2017 sql_inst_mr (HKLM\...\{8868BCE1-8084-4035-AE2A-13765BE09D93}) (Version: 14.0.1000.169 - Microsoft Corporation) Hidden
SQL Server 2017 sql_inst_mr (HKLM\...\{F3C3A536-BF8E-467A-8E33-4C508B8BC52F}) (Version: 14.0.1000.169 - Microsoft Corporation) Hidden
SQL Server 2017 XEvent (HKLM\...\{12D2DB8D-80FF-4152-8F51-EDB3BD3C6976}) (Version: 14.0.1000.169 - Microsoft Corporation) Hidden
SQL Server 2017 XEvent (HKLM\...\{AA2A015C-C210-413B-95F6-BF9D3CDD6E0D}) (Version: 14.0.1000.169 - Microsoft Corporation) Hidden
SWF File Player (HKLM-x32\...\{6A86F611-906C-422D-B34A-103662CBC195}_is1) (Version: - swffileplayer.com)
Update for 2007 Microsoft Office System (KB967642) (HKLM-x32\...\{90120000-0030-0000-0000-0000000FF1CE}_ENTERPRISE_{C444285D-5E4F-48A4-91DD-47AAAA68E92D}) (Version: - Microsoft)
VLC media player (HKLM-x32\...\VLC media player) (Version: 3.0.6 - VideoLAN)
WavePad Sound Editor (HKLM-x32\...\WavePad) (Version: 8.02 - NCH Software)
WinFlash (HKLM-x32\...\{8F21291E-0444-4B1D-B9F9-4370A73E346D}) (Version: 2.42.0 - ASUS)
WinRAR 5.70 (64-bit) (HKLM\...\WinRAR archiver) (Version: 5.70.0 - win.rar GmbH)

Packages:
=========
ASUS WebStorage -> C:\Program Files\WindowsApps\ASUSCloudCorporation.MobileFileExplorer_1.0.23.178_x86__wk4d32h0cvhem [2014-11-16] (ASUS Cloud Corporation)
Flipboard -> C:\Program Files\WindowsApps\Flipboard.Flipboard_2.0.6.0_neutral__3f5azkryzdbc4 [2014-11-16] (Flipboard)
Fresh Paint -> C:\Program Files\WindowsApps\Microsoft.FreshPaint_2.0.14057.1_x86__8wekyb3d8bbwe [2015-09-02] (Microsoft Corporation)
Games -> C:\Program Files\WindowsApps\Microsoft.XboxLIVEGames_2.0.139.0_x64__8wekyb3d8bbwe [2015-05-13] (Microsoft Corporation) [MS Ad]
Kinect for Windows Framework -> C:\Program Files\WindowsApps\Microsoft.WindowsPreview.Kinect.8.0_2.0.1410.19000_x64__8wekyb3d8bbwe [2015-11-07] (Microsoft Corporation)
Kinect for Windows Framework -> C:\Program Files\WindowsApps\Microsoft.WindowsPreview.Kinect.8.0_2.0.1410.19000_x86__8wekyb3d8bbwe [2015-11-07] (Microsoft Corporation)
Kinect for Windows Framework -> C:\Program Files\WindowsApps\Microsoft.WindowsPreview.Kinect.8.1_2.0.1410.19000_x64__8wekyb3d8bbwe [2015-11-07] (Microsoft Corporation)
Kinect for Windows Framework -> C:\Program Files\WindowsApps\Microsoft.WindowsPreview.Kinect.8.1_2.0.1410.19000_x86__8wekyb3d8bbwe [2015-11-07] (Microsoft Corporation)
Knižnica systému Microsoft Windows pre skript JavaScript -> C:\Program Files\WindowsApps\Microsoft.WinJS.2.0.Preview_1.0.9431.0_neutral__8wekyb3d8bbwe [2015-11-07] (Rozšírenia platformy spoločnosti Microsoft)
Knižnica systému Microsoft Windows pre skript JavaScript -> C:\Program Files\WindowsApps\Microsoft.WinJS.Preview.1_1.0.9345.0_neutral__8wekyb3d8bbwe [2015-11-07] (Microsoft Platform Extensions)
Microsoft PlayReady -> C:\Program Files\WindowsApps\Microsoft.Internal.Media.PlayReadyClient_2.3.1678.1_x64__8wekyb3d8bbwe [2015-11-07] (Microsoft Corporation)
Microsoft PlayReady -> C:\Program Files\WindowsApps\Microsoft.Internal.Media.PlayReadyClient_2.3.1678.1_x86__8wekyb3d8bbwe [2015-11-07] (Microsoft Corporation)
Microsoft Visual C++ Runtime Package -> C:\Program Files\WindowsApps\Microsoft.VCLibs.120.00.Preview.Internal_12.0.20222.2_x64__8wekyb3d8bbwe [2015-11-07] (Microsoft Platform Extensions Internal)
Microsoft Visual C++ Runtime Package -> C:\Program Files\WindowsApps\Microsoft.VCLibs.120.00.Preview.Internal_12.0.20222.2_x86__8wekyb3d8bbwe [2015-11-07] (Microsoft Platform Extensions Internal)
Microsoft Windows Library for JavaScript -> C:\Program Files\WindowsApps\Microsoft.WinJS.2.0.Preview.Internal_1.0.9385.3_neutral__8wekyb3d8bbwe [2015-11-07] (Microsoft Platform Extensions)
Music -> C:\Program Files\WindowsApps\Microsoft.ZuneMusic_2.2.903.0_x64__8wekyb3d8bbwe [2015-05-13] (Microsoft Corporation) [MS Ad]
mxtest2 -> C:\Program Files\WindowsApps\24712m1dfmmengesha.mxtest2_2.0.0.0_neutral__x35ns48czryn0 [2015-11-07] (m1df_mmengesha)
Skype -> C:\Program Files\WindowsApps\Microsoft.SkypeApp_3.0.0.1002_x86__kzf8qxf38zg5c [2014-11-16] (Skype) [MS Ad]
Skype WiFi -> C:\Program Files\WindowsApps\Microsoft.SkypeWiFi_1.2.0.5_x86__kzf8qxf38zg5c [2014-11-16] (Skype)
Test_Framework_BP_052015 -> C:\Program Files\WindowsApps\24712m1dfmmengesha.TestFrameworkBP052015_1.0.0.9_neutral__x35ns48czryn0 [2015-11-07] (m1df_mmengesha)
Test_Framework_win81appxneutral_061115 -> C:\Program Files\WindowsApps\24712m1dfmmengesha.TestFrameworkwin81appxneutral06_4.0.0.7_neutral__x35ns48czryn0 [2015-11-07] (M1DF_Mmengesha)
Test_FrameworkBackpublish_050515 -> C:\Program Files\WindowsApps\24712m1dfmmengesha.TestFrameworkBackpublish050515_1.0.0.0_neutral__x35ns48czryn0 [2015-11-07] (m1df_mmengesha)
Video -> C:\Program Files\WindowsApps\Microsoft.ZuneVideo_2.6.183.0_x64__8wekyb3d8bbwe [2015-05-13] (Microsoft Corporation) [MS Ad]

==================== Custom CLSID (Whitelisted): ==============

(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)

ContextMenuHandlers1: [ClamWin] -> {65713842-C410-4f44-8383-BFE01A398C90} => C:\Program Files (x86)\ClamWin\bin\ExpShell64.dll [2008-04-19] () [File not signed]
ContextMenuHandlers1: [Foxit_ConvertToPDF_Reader] -> {A94757A0-0226-426F-B4F1-4DF381C630D3} => C:\Program Files (x86)\Foxit Software\Foxit Reader\plugins\ConvertToPDFShellExtension_x64.dll [2018-12-25] (Foxit Software Incorporated -> Foxit Software Inc.)
ContextMenuHandlers1: [Mp3tagShell] -> {6351E20C-35FA-4BE3-98FB-4CABF1363E12} => C:\Program Files (x86)\Mp3tag\Mp3tagShell64.dll [2015-12-19] (Florian Heidenreich) [File not signed]
ContextMenuHandlers1: [PeContextMenuExtension] -> {098A124A-AA1C-38C8-A65E-D1199A14516A} => C:\Program Files (x86)\Common Files\Wondershare\PDFelement\AddIns\PEShellExt_x64.dll [2020-03-31] (Wondershare Technology Co.,Ltd -> Wondershare)
ContextMenuHandlers1: [PhotoStreamsExt] -> {89D984B3-813B-406A-8298-118AFA3A22AE} => C:\Program Files\Common Files\Apple\Internet Services\ShellStreams64.dll [2020-03-22] (Apple Inc. -> Apple Inc.)
ContextMenuHandlers1: [WinRAR] -> {B41DB860-64E4-11D2-9906-E49FADC173CA} => C:\Program Files\WinRAR\rarext.dll [2019-02-24] (win.rar GmbH -> Alexander Roshal)
ContextMenuHandlers1-x32: [WinRAR32] -> {B41DB860-8EE4-11D2-9906-E49FADC173CA} => C:\Program Files\WinRAR\rarext32.dll [2019-02-24] (win.rar GmbH -> Alexander Roshal)
ContextMenuHandlers2: [Mp3tagShell] -> {6351E20C-35FA-4BE3-98FB-4CABF1363E12} => C:\Program Files (x86)\Mp3tag\Mp3tagShell64.dll [2015-12-19] (Florian Heidenreich) [File not signed]
ContextMenuHandlers4: [Mp3tagShell] -> {6351E20C-35FA-4BE3-98FB-4CABF1363E12} => C:\Program Files (x86)\Mp3tag\Mp3tagShell64.dll [2015-12-19] (Florian Heidenreich) [File not signed]
ContextMenuHandlers4: [RecuvaShellExt] -> {435E5DF5-2510-463C-B223-BDA47006D002} => C:\Program Files\Recuva\RecuvaShell64.dll [2016-06-06] (Piriform Ltd -> Piriform Ltd)
ContextMenuHandlers5: [igfxDTCM] -> {9B5F5829-A529-4B12-814A-E81BCB8D93FC} => C:\Windows\system32\igfxDTCM.dll [2014-11-19] (Microsoft Windows Hardware Compatibility Publisher -> Intel Corporation)
ContextMenuHandlers6: [ClamWin] -> {65713842-C410-4f44-8383-BFE01A398C90} => C:\Program Files (x86)\ClamWin\bin\ExpShell64.dll [2008-04-19] () [File not signed]
ContextMenuHandlers6: [Foxit_ConvertToPDF_Reader] -> {A94757A0-0226-426F-B4F1-4DF381C630D3} => C:\Program Files (x86)\Foxit Software\Foxit Reader\plugins\ConvertToPDFShellExtension_x64.dll [2018-12-25] (Foxit Software Incorporated -> Foxit Software Inc.)
ContextMenuHandlers6: [RecuvaShellExt] -> {435E5DF5-2510-463C-B223-BDA47006D002} => C:\Program Files\Recuva\RecuvaShell64.dll [2016-06-06] (Piriform Ltd -> Piriform Ltd)
ContextMenuHandlers6: [WinRAR] -> {B41DB860-64E4-11D2-9906-E49FADC173CA} => C:\Program Files\WinRAR\rarext.dll [2019-02-24] (win.rar GmbH -> Alexander Roshal)
ContextMenuHandlers6-x32: [WinRAR32] -> {B41DB860-8EE4-11D2-9906-E49FADC173CA} => C:\Program Files\WinRAR\rarext32.dll [2019-02-24] (win.rar GmbH -> Alexander Roshal)

==================== Codecs (Whitelisted) ====================

(If an entry is included in the fixlist, the registry item will be restored to default or removed. The file will not be moved.)

HKLM\...\Drivers32: [vidc.iv50] => C:\Windows\SysWOW64\ir50_32original.dll [746496 2013-08-22] (Microsoft Windows -> Intel Corporation)
HKLM\...\Drivers32: [msacm.iac2] => C:\Windows\SysWOW64\iac25_32.ax [197632 2013-08-22] (Microsoft Windows -> Intel Corporation)
HKLM\...\Drivers32: [VIDC.IV41] => C:\Windows\SysWOW64\IR41_32.AX [8704 2014-10-29] (Microsoft Windows -> Microsoft Corporation)

==================== Shortcuts & WMI ========================

(The entries could be listed to be restored or removed.)

Shortcut: C:\Users\uzivatel\Favorites\NCH Software Download Site.lnk -> hxxp://www.nch.com.au/index.htm

==================== Loaded Modules (Whitelisted) =============

2020-02-01 19:43 - 2008-04-19 18:35 - 000080384 _____ () [File not signed] C:\Program Files (x86)\ClamWin\bin\ExpShell64.dll
2020-02-01 19:43 - 2005-02-08 18:23 - 000979005 _____ () [File not signed] C:\Program Files (x86)\ClamWin\bin\python23.dll
2020-02-01 19:43 - 2004-05-25 22:17 - 000622651 _____ () [File not signed] C:\Program Files (x86)\ClamWin\lib\_bsddb.pyd
2020-02-01 19:43 - 2004-01-15 15:45 - 000061440 _____ () [File not signed] C:\Program Files (x86)\ClamWin\lib\_ctypes.pyd
2020-02-01 19:43 - 2004-05-25 22:18 - 000049212 _____ () [File not signed] C:\Program Files (x86)\ClamWin\lib\_socket.pyd
2020-02-01 19:43 - 2004-05-25 22:18 - 000057401 _____ () [File not signed] C:\Program Files (x86)\ClamWin\lib\_sre.pyd
2020-02-01 19:43 - 2004-05-25 22:18 - 000495616 _____ () [File not signed] C:\Program Files (x86)\ClamWin\lib\_ssl.pyd
2020-02-01 19:43 - 2004-05-25 22:20 - 000036864 _____ () [File not signed] C:\Program Files (x86)\ClamWin\lib\_winreg.pyd
2020-02-01 19:43 - 2004-05-25 22:19 - 000045117 _____ () [File not signed] C:\Program Files (x86)\ClamWin\lib\datetime.pyd
2020-02-01 19:43 - 2003-08-10 10:14 - 000061440 _____ () [File not signed] C:\Program Files (x86)\ClamWin\lib\mxDateTime.pyd
2020-02-01 19:43 - 2004-10-11 21:22 - 000315392 _____ () [File not signed] C:\Program Files (x86)\ClamWin\lib\pythoncom23.dll
2020-02-01 19:43 - 2004-10-11 21:21 - 000094208 _____ () [File not signed] C:\Program Files (x86)\ClamWin\lib\pywintypes23.dll
2020-02-01 19:43 - 2004-11-20 04:27 - 000106496 _____ () [File not signed] C:\Program Files (x86)\ClamWin\lib\shell.pyd
2020-02-01 19:43 - 2004-11-20 04:27 - 000069632 _____ () [File not signed] C:\Program Files (x86)\ClamWin\lib\win32api.pyd
2020-02-01 19:43 - 2004-11-20 04:27 - 000024576 _____ () [File not signed] C:\Program Files (x86)\ClamWin\lib\win32event.pyd
2020-02-01 19:43 - 2004-11-20 04:27 - 000077824 _____ () [File not signed] C:\Program Files (x86)\ClamWin\lib\win32file.pyd
2020-02-01 19:43 - 2004-11-20 04:27 - 000086016 _____ () [File not signed] C:\Program Files (x86)\ClamWin\lib\win32gui.pyd
2020-02-01 19:43 - 2004-11-20 04:27 - 000024576 _____ () [File not signed] C:\Program Files (x86)\ClamWin\lib\win32pipe.pyd
2020-02-01 19:43 - 2004-11-20 04:27 - 000036864 _____ () [File not signed] C:\Program Files (x86)\ClamWin\lib\win32process.pyd
2020-02-01 19:43 - 2004-11-20 04:27 - 000065536 _____ () [File not signed] C:\Program Files (x86)\ClamWin\lib\win32security.pyd
2020-02-01 19:43 - 2003-10-01 14:40 - 002240512 _____ () [File not signed] C:\Program Files (x86)\ClamWin\lib\wxc.pyd
2020-02-01 19:43 - 2003-10-01 12:43 - 003239936 _____ () [File not signed] C:\Program Files (x86)\ClamWin\lib\wxmsw24h.dll
2020-03-27 21:50 - 2017-08-24 03:13 - 000954368 _____ () [File not signed] C:\Program Files\Microsoft SQL Server\MSSQL14.MSSQLSERVER\MSSQL\Binn\Pythonlauncher.dll
2020-03-27 21:33 - 2017-08-24 03:12 - 000954368 _____ () [File not signed] C:\Program Files\Microsoft SQL Server\MSSQL14.MSSQLSERVER\MSSQL\Binn\RLauncher.dll
2018-03-28 17:22 - 2017-08-24 03:13 - 000954368 _____ () [File not signed] C:\Program Files\Microsoft SQL Server\MSSQL14.SQLEXPRESS\MSSQL\Binn\Pythonlauncher.dll
2018-03-28 17:11 - 2017-08-24 03:12 - 000954368 _____ () [File not signed] C:\Program Files\Microsoft SQL Server\MSSQL14.SQLEXPRESS\MSSQL\Binn\RLauncher.dll
2015-12-19 14:44 - 2015-12-19 14:44 - 000401920 _____ (Florian Heidenreich) [File not signed] C:\Program Files (x86)\Mp3tag\Mp3tagShell64.dll

==================== Alternate Data Streams (Whitelisted) ========

==================== Safe Mode (Whitelisted) ==================

(If an entry is included in the fixlist, it will be removed from the registry. The "AlternateShell" will be restored.)

HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\MBAMService => ""="Service"
HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Network\MBAMService => ""="Service"

==================== Association (Whitelisted) =================

==================== Internet Explorer (Whitelisted) ==========

HKU\S-1-5-21-4176085001-3363555415-2058170901-1001\Software\Microsoft\Internet Explorer\Main,Start Page = hxxp://asus13.msn.com/?pc=ASJB
HKU\S-1-5-21-4176085001-3363555415-2058170901-1001\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = hxxp://asus13.msn.com/?pc=ASJB
URLSearchHook: [S-1-5-80-1985561900-798682989-2213159822-1904180398-3434236965] ATTENTION => Default URLSearchHook is missing
URLSearchHook: [S-1-5-80-2652535364-2169709536-2857650723-2622804123-1107741775] ATTENTION => Default URLSearchHook is missing
URLSearchHook: [S-1-5-80-3263513310-3392720605-1798839546-683002060-3227631582] ATTENTION => Default URLSearchHook is missing
URLSearchHook: [S-1-5-80-3477044410-376262199-2110164357-2030828471-4165405235] ATTENTION => Default URLSearchHook is missing
URLSearchHook: [S-1-5-80-3880006512-4290199581-1648723128-3569869737-3631323133] ATTENTION => Default URLSearchHook is missing
URLSearchHook: [S-1-5-80-3880718306-3832830129-1677859214-2598158968-1052248003] ATTENTION => Default URLSearchHook is missing
URLSearchHook: [S-1-5-80-3919359670-3540430778-4246408611-3681914861-206046543] ATTENTION => Default URLSearchHook is missing
URLSearchHook: [S-1-5-80-997390408-2153310517-3119169589-2253446180-2226563786] ATTENTION => Default URLSearchHook is missing

==================== Hosts content: =========================

(If needed Hosts: directive could be included in the fixlist to reset Hosts.)

2013-08-22 15:25 - 2019-04-28 18:57 - 000000824 _____ C:\Windows\system32\drivers\etc\hosts

==================== Other Areas ===========================

(Currently there is no automatic fix for this section.)

HKLM\System\CurrentControlSet\Control\Session Manager\Environment\\Path -> C:\Program Files\Microsoft MPI\Bin\;C:\Program Files (x86)\Intel\iCLS Client\;C:\Program Files\Intel\iCLS Client\;%SystemRoot%\system32;%SystemRoot%;%SystemRoot%\System32\Wbem;%SYSTEMROOT%\System32\WindowsPowerShell\v1.0\;C:\Program Files\Intel\Intel(R) Management Engine Components\DAL;C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\DAL;C:\Program Files\Intel\Intel(R) Management Engine Components\IPT;C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\IPT;C:\Program Files\Intel\WiFi\bin\;C:\Program Files\Common Files\Intel\WirelessCommon\;C:\Program Files (x86)\Smart Projects\IsoBuster;C:\Program Files (x86)\Microsoft SQL Server\140\Tools\Binn\;C:\Program Files\Microsoft SQL Server\140\Tools\Binn\;C:\Program Files (x86)\Microsoft SQL Server\140\DTS\Binn\;C:\Program Files\Microsoft SQL Server\140\DTS\Binn\;C:\Program Files\Microsoft SQL Server\Client SDK\ODBC\130\Tools\Binn\;C:\Program Files\Microsoft SQL Server\130\Tools\Binn\;C:\Program Files\Microsoft SQL Server\Client SDK\ODBC\170\Tools\Binn\
HKU\S-1-5-21-4176085001-3363555415-2058170901-1001\Control Panel\Desktop\\Wallpaper -> C:\Users\uzivatel\AppData\Roaming\Microsoft\Windows Photo Viewer\Tapeta programu Windows Photo Viewer.jpg
DNS Servers: 8.8.8.8
HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Policies\System => (ConsentPromptBehaviorAdmin: 5) (ConsentPromptBehaviorUser: 3) (EnableLUA: 1)
HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer => (SmartScreenEnabled: RequireAdmin)
Windows Firewall is enabled.

==================== MSCONFIG/TASK MANAGER disabled items ==

(If an entry is included in the fixlist, it will be removed.)

MSCONFIG\Services: AdobeFlashPlayerUpdateSvc => 3
MSCONFIG\Services: Asus WebStorage Windows Service => 2
MSCONFIG\Services: ServiceLayer => 3
MSCONFIG\Services: SkypeUpdate => 2
HKLM\...\StartupApproved\Run: => "iTunesHelper"
HKLM\...\StartupApproved\Run32: => "GrooveMonitor"
HKU\S-1-5-21-4176085001-3363555415-2058170901-1001\...\StartupApproved\Run: => "PC Suite Tray"
HKU\S-1-5-21-4176085001-3363555415-2058170901-1001\...\StartupApproved\Run: => "iCloudServices"

==================== FirewallRules (Whitelisted) ================

(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)

FirewallRules: [{00064B71-B157-4296-B557-1B5790C7A22A}] => (Allow) C:\Program Files\Intel\WiFi\bin\PanDhcpDns.exe (Intel Corporation-Mobile Wireless Group -> )
FirewallRules: [{CDC23CF8-26ED-4146-AF84-C61C5224D039}] => (Allow) C:\Program Files\Intel Corporation\Intel WiDi\WiDiApp.exe (Intel(R) Wireless Display -> Intel Corporation)
FirewallRules: [{44EC8DD0-D4D8-4E65-88F4-A2B4ADC0F6A3}] => (Allow) C:\Program Files\Intel Corporation\USB over IP\bin\UoipService.exe (Intel(R) Wireless Display -> Intel)
FirewallRules: [{D7FFF49A-1F52-4E26-B9A6-E4DA766FEC3D}] => (Allow) C:\Program Files\Mozilla Firefox\firefox.exe (Mozilla Corporation -> Mozilla Corporation)
FirewallRules: [{8E23E35F-F8AE-4C90-8718-E7FD6017DAFA}] => (Allow) C:\Program Files\Mozilla Firefox\firefox.exe (Mozilla Corporation -> Mozilla Corporation)
FirewallRules: [TCP Query User{D2482C71-4345-456B-ACFC-6B5C63FE7E7E}C:\program files\mozilla firefox\firefox.exe] => (Block) C:\program files\mozilla firefox\firefox.exe (Mozilla Corporation -> Mozilla Corporation)
FirewallRules: [UDP Query User{AF2D4A39-57B3-4979-B349-58FCB38A6E6A}C:\program files\mozilla firefox\firefox.exe] => (Block) C:\program files\mozilla firefox\firefox.exe (Mozilla Corporation -> Mozilla Corporation)
FirewallRules: [{1DC6AEFE-FF81-46D4-B274-D2F83EA419B9}] => (Allow) C:\Program Files (x86)\Common Files\Apple\Apple Application Support\APSDaemon.exe (Apple Inc. -> Apple Inc.)
FirewallRules: [{CFB942CC-94F4-49FF-886F-CF2C62D91B98}] => (Allow) C:\Program Files\Microsoft MPI\Bin\msmpilaunchsvc.exe () [File not signed]
FirewallRules: [{C8B507A4-20ED-43EA-883A-52760D526974}] => (Allow) C:\Program Files\Microsoft MPI\Bin\msmpilaunchsvc.exe () [File not signed]
FirewallRules: [{F2D32F0B-74C1-4DD7-AB29-12339BE07A8A}] => (Allow) C:\Program Files\Microsoft MPI\Bin\mpiexec.exe (Microsoft Corporation -> Microsoft Corporation)
FirewallRules: [{7D7B0550-C56E-46FD-BDCA-78FBB6749B16}] => (Allow) C:\Program Files\Microsoft MPI\Bin\mpiexec.exe (Microsoft Corporation -> Microsoft Corporation)
FirewallRules: [{42BEFE17-0576-4BB0-9281-82B806FDF264}] => (Allow) C:\Program Files\Microsoft MPI\Bin\smpd.exe (Microsoft Corporation -> Microsoft Corporation)
FirewallRules: [{F7F5DADB-311C-4209-A324-22437AB8B550}] => (Allow) C:\Program Files\Microsoft MPI\Bin\smpd.exe (Microsoft Corporation -> Microsoft Corporation)
FirewallRules: [{C50432B7-A71F-4386-8DAB-66320D6406CA}] => (Allow) C:\Program Files\Bonjour\mDNSResponder.exe (Apple Inc. -> Apple Inc.)
FirewallRules: [{C5906037-302B-494F-B7C4-547AEF751EDB}] => (Allow) C:\Program Files\Bonjour\mDNSResponder.exe (Apple Inc. -> Apple Inc.)
FirewallRules: [{EE10742C-392D-4081-A4B4-AE5D407D07F0}] => (Allow) C:\Program Files (x86)\Bonjour\mDNSResponder.exe (Apple Inc. -> Apple Inc.)
FirewallRules: [{3EAC0EFC-D28E-4EBF-9057-5F852B5C2739}] => (Allow) C:\Program Files (x86)\Bonjour\mDNSResponder.exe (Apple Inc. -> Apple Inc.)
FirewallRules: [{DD039779-E73C-4409-89F6-7909AD4C7CC4}] => (Allow) C:\Program Files\iTunes\iTunes.exe (Apple Inc. -> Apple Inc.)
FirewallRules: [TCP Query User{0E11D40A-3883-46FC-B516-3808ED6D0063}C:\program files (x86)\microsoft games\age of empires ii trial\empires2.exe] => (Block) C:\program files (x86)\microsoft games\age of empires ii trial\empires2.exe => No File
FirewallRules: [UDP Query User{2D87C5AE-E4D0-4B36-8141-55AD2039E2A8}C:\program files (x86)\microsoft games\age of empires ii trial\empires2.exe] => (Block) C:\program files (x86)\microsoft games\age of empires ii trial\empires2.exe => No File
FirewallRules: [TCP Query User{214613AF-51F7-42A3-91B8-8F79BE9A3563}C:\program files (x86)\microsoft games\age of empires ii\empires2.exe] => (Block) C:\program files (x86)\microsoft games\age of empires ii\empires2.exe => No File
FirewallRules: [UDP Query User{5C7B146C-BDE2-4E1C-9898-3CC4F91C80E4}C:\program files (x86)\microsoft games\age of empires ii\empires2.exe] => (Block) C:\program files (x86)\microsoft games\age of empires ii\empires2.exe => No File
FirewallRules: [TCP Query User{F9257C3C-C199-47E8-A903-FEEEE6F0C48F}C:\program files (x86)\microsoft games\age of empires ii\age2_x1.exe] => (Block) C:\program files (x86)\microsoft games\age of empires ii\age2_x1.exe => No File
FirewallRules: [UDP Query User{C6A12FF6-A375-48FE-9FE0-50A53AAF4ECC}C:\program files (x86)\microsoft games\age of empires ii\age2_x1.exe] => (Block) C:\program files (x86)\microsoft games\age of empires ii\age2_x1.exe => No File

==================== Restore Points =========================

24-09-2020 18:19:21 Scheduled Checkpoint
08-10-2020 17:21:35 Scheduled Checkpoint
18-10-2020 10:50:21 Scheduled Checkpoint

==================== Faulty Device Manager Devices ============


==================== Event log errors: ========================

Application errors:
==================
Error: (10/19/2020 02:58:45 PM) (Source: Microsoft-Windows-LoadPerf) (EventID: 3006) (User: NT AUTHORITY)
Description: Unable to read the performance counter strings defined for the 01b language ID. The first DWORD in the Data section contains the Win32 error code.

Error: (10/18/2020 10:47:07 AM) (Source: Microsoft-Windows-LoadPerf) (EventID: 3006) (User: NT AUTHORITY)
Description: Unable to read the performance counter strings defined for the 01b language ID. The first DWORD in the Data section contains the Win32 error code.

Error: (10/18/2020 09:45:59 AM) (Source: Microsoft-Windows-LoadPerf) (EventID: 3006) (User: NT AUTHORITY)
Description: Unable to read the performance counter strings defined for the 01b language ID. The first DWORD in the Data section contains the Win32 error code.

Error: (10/17/2020 12:24:51 PM) (Source: Microsoft-Windows-LoadPerf) (EventID: 3006) (User: NT AUTHORITY)
Description: Unable to read the performance counter strings defined for the 01b language ID. The first DWORD in the Data section contains the Win32 error code.

Error: (10/16/2020 05:36:33 PM) (Source: Microsoft-Windows-LoadPerf) (EventID: 3006) (User: NT AUTHORITY)
Description: Unable to read the performance counter strings defined for the 01b language ID. The first DWORD in the Data section contains the Win32 error code.

Error: (10/15/2020 07:32:47 PM) (Source: Microsoft-Windows-LoadPerf) (EventID: 3006) (User: NT AUTHORITY)
Description: Unable to read the performance counter strings defined for the 01b language ID. The first DWORD in the Data section contains the Win32 error code.

Error: (10/15/2020 07:37:50 AM) (Source: Microsoft-Windows-LoadPerf) (EventID: 3006) (User: NT AUTHORITY)
Description: Unable to read the performance counter strings defined for the 01b language ID. The first DWORD in the Data section contains the Win32 error code.

Error: (10/14/2020 07:06:25 PM) (Source: Microsoft-Windows-LoadPerf) (EventID: 3006) (User: NT AUTHORITY)
Description: Unable to read the performance counter strings defined for the 01b language ID. The first DWORD in the Data section contains the Win32 error code.


System errors:
=============
Error: (10/19/2020 02:51:10 PM) (Source: Application Popup) (EventID: 1060) (User: )
Description: \SystemRoot\SysWow64\Drivers\ISODisk.SYS

Error: (10/18/2020 10:14:12 PM) (Source: Service Control Manager) (EventID: 7034) (User: )
Description: Služba SQL Server Launchpad (MSSQLSERVER) sa neočakávane ukončila. Služba sa týmto spôsobom ukončila už 1-krát.

Error: (10/18/2020 10:14:12 PM) (Source: Service Control Manager) (EventID: 7034) (User: )
Description: Služba SQL Server Launchpad (SQLEXPRESS) sa neočakávane ukončila. Služba sa týmto spôsobom ukončila už 1-krát.

Error: (10/18/2020 10:52:25 AM) (Source: DCOM) (EventID: 10010) (User: Zero1)
Description: The server {1B1F472E-3221-4826-97DB-2C2324D389AE} did not register with DCOM within the required timeout.

Error: (10/18/2020 10:51:58 AM) (Source: DCOM) (EventID: 10010) (User: Zero1)
Description: The server {BF6C1E47-86EC-4194-9CE5-13C15DCB2001} did not register with DCOM within the required timeout.

Error: (10/18/2020 09:38:32 AM) (Source: Microsoft-Windows-Kernel-General) (EventID: 5) (User: NT AUTHORITY)
Description: 0x8000002a45\??\C:\Windows\AppCompat\Programs\Amcache.hve

Error: (10/18/2020 09:38:20 AM) (Source: Application Popup) (EventID: 1060) (User: )
Description: \SystemRoot\SysWow64\Drivers\ISODisk.SYS

Error: (10/17/2020 12:47:19 PM) (Source: DCOM) (EventID: 10010) (User: Zero1)
Description: The server {1B1F472E-3221-4826-97DB-2C2324D389AE} did not register with DCOM within the required timeout.


Windows Defender:
===================================
Date: 2020-10-10 18:02:38.227
Description:
Windows Defender scan has been stopped before completion.
Scan ID: {D18FD7D2-6DAC-4BA3-BDBD-A30CDC832584}
Scan Type: Antimalware
Scan Parameters: Quick Scan

Date: 2020-09-30 22:28:59.219
Description:
Windows Defender scan has been stopped before completion.
Scan ID: {DA889D20-A639-475A-AB5C-335FBDB6E1FE}
Scan Type: Antimalware
Scan Parameters: Quick Scan

Date: 2020-09-15 14:56:01.410
Description:
Windows Defender scan has been stopped before completion.
Scan ID: {24D19263-F799-4B36-9EBC-4BE5C32CEBC1}
Scan Type: Antimalware
Scan Parameters: Quick Scan

Date: 2020-09-02 20:47:55.773
Description:
Windows Defender scan has been stopped before completion.
Scan ID: {882A88B0-33C6-40CE-91C6-E1632F411C94}
Scan Type: Antimalware
Scan Parameters: Quick Scan

Date: 2020-08-22 08:35:37.500
Description:
Windows Defender scan has been stopped before completion.
Scan ID: {FE7B7AA5-2CBD-4333-936B-49219F853517}
Scan Type: Antimalware
Scan Parameters: Quick Scan

Date: 2020-04-30 19:03:30.700
Description:
Windows Defender Real-Time Protection feature has encountered an error and failed.
Feature: On Access
Error Code: 0x8007043c
Error description: Túto službu nie je možné spustit v núdzovom režime.
Reason: Antimalware protection has stopped functioning for an unknown reason. In some instances, restarting the service may resolve the problem.

Date: 2015-09-10 20:06:23.538
Description:
Windows Defender has encountered an error trying to load signatures and will attempt reverting back to a known-good set of signatures.
Signatures Attempted: Current
Error Code: 0x80073aba
Error description: Prostriedok je príliš starý, takže nemôže byt kompatibilný.
Signature version: 1.179.381.0;1.179.381.0
Engine version: 1.1.10802.0

CodeIntegrity:
===================================

Date: 2020-10-18 10:51:44.172
Description:
Code Integrity determined that a process (\Device\HarddiskVolume3\Program Files\Windows Defender\MsMpEng.exe) attempted to load \Device\HarddiskVolume3\PROGRA~1\COMMON~1\MICROS~1\OFFICE12\MSOXMLMF.DLL that did not meet the Custom 3 / Antimalware signing level requirements.

Date: 2020-10-17 12:46:35.256
Description:
Code Integrity determined that a process (\Device\HarddiskVolume3\Program Files\Windows Defender\MsMpEng.exe) attempted to load \Device\HarddiskVolume3\PROGRA~1\COMMON~1\MICROS~1\OFFICE12\MSOXMLMF.DLL that did not meet the Custom 3 / Antimalware signing level requirements.

Date: 2020-10-13 22:02:31.217
Description:
Code Integrity determined that a process (\Device\HarddiskVolume3\Program Files\Windows Defender\MsMpEng.exe) attempted to load \Device\HarddiskVolume3\PROGRA~1\COMMON~1\MICROS~1\OFFICE12\MSOXMLMF.DLL that did not meet the Custom 3 / Antimalware signing level requirements.

Date: 2020-10-11 16:25:54.609
Description:
Code Integrity determined that a process (\Device\HarddiskVolume3\Program Files\Windows Defender\MsMpEng.exe) attempted to load \Device\HarddiskVolume3\PROGRA~1\COMMON~1\MICROS~1\OFFICE12\MSOXMLMF.DLL that did not meet the Custom 3 / Antimalware signing level requirements.

Date: 2020-10-10 16:32:50.905
Description:
Code Integrity determined that a process (\Device\HarddiskVolume3\Program Files\Windows Defender\MsMpEng.exe) attempted to load \Device\HarddiskVolume3\PROGRA~1\COMMON~1\MICROS~1\OFFICE12\MSOXMLMF.DLL that did not meet the Custom 3 / Antimalware signing level requirements.

Date: 2020-10-08 16:35:34.252
Description:
Code Integrity determined that a process (\Device\HarddiskVolume3\Program Files\Windows Defender\MsMpEng.exe) attempted to load \Device\HarddiskVolume3\PROGRA~1\COMMON~1\MICROS~1\OFFICE12\MSOXMLMF.DLL that did not meet the Custom 3 / Antimalware signing level requirements.

Date: 2020-10-01 18:47:38.520
Description:
Code Integrity determined that a process (\Device\HarddiskVolume3\Program Files\Windows Defender\MsMpEng.exe) attempted to load \Device\HarddiskVolume3\PROGRA~1\COMMON~1\MICROS~1\OFFICE12\MSOXMLMF.DLL that did not meet the Custom 3 / Antimalware signing level requirements.

Date: 2020-09-30 22:24:53.177
Description:
Code Integrity determined that a process (\Device\HarddiskVolume3\Program Files\Windows Defender\MsMpEng.exe) attempted to load \Device\HarddiskVolume3\PROGRA~1\COMMON~1\MICROS~1\OFFICE12\MSOXMLMF.DLL that did not meet the Custom 3 / Antimalware signing level requirements.

==================== Memory info ===========================

BIOS: American Megatrends Inc. UX303LAB.210 08/25/2015
Motherboard: ASUSTeK COMPUTER INC. UX303LAB
Processor: Intel(R) Core(TM) i7-5500U CPU @ 2.40GHz
Percentage of memory in use: 29%
Total physical RAM: 12190.62 MB
Available physical RAM: 8540.29 MB
Total Virtual: 14046.62 MB
Available Virtual: 9844.6 MB

==================== Drives ================================

Drive c: (OS) (Fixed) (Total:95.39 GB) (Free:45.27 GB) NTFS ==>[system with boot components (obtained from drive)]
Drive d: (Data) (Fixed) (Total:127.85 GB) (Free:93.58 GB) NTFS

\\?\Volume{b977aa05-4b82-4de1-ac1d-0e7ff201f181}\ (Recovery) (Fixed) (Total:15.01 GB) (Free:3.73 GB) NTFS

==================== MBR & Partition Table ====================

==========================================================
Disk: 0 (Size: 238.5 GB) (Disk ID: 90842B2C)

Partition: GPT.

==================== End of Addition.txt =======================

Zdravím!
Spusťte tuto utilitu:

Ulozte na plochu AdwCleaner https://malwarebytes.com/adwcleaner/ nebo http://www.bleepingcomputer.com/download/adwcleaner/

ukoncete vsechny programy
odsouhlaste licencni podmiky (EULA) klikem na Souhlasim
kliknete pravym na ikonu AdwCleaneru a vyberte Spustit jako spravce (v pripade Win XP spustte obycejne dvojklikem)
kliknete na Skenovat nyni (Scan now), pote na Cisteni a opravy (Clean and Repair)
po restartu na Vas vyskoci log (pripadne jej najdete v C:\AdwCleaner\Logs\AdwCleaner[Cxx].txt), jehoz obsah zkopirujte do pristi odpovedi

# -------------------------------
# Malwarebytes AdwCleaner 8.0.8.0
# -------------------------------
# Build: 10-08-2020
# Database: 2020-09-29.1 (Local)
# Support: https://www.malwarebytes.com/support
#
# -------------------------------
# Mode: Clean
# -------------------------------
# Start: 10-19-2020
# Duration: 00:00:01
# OS: Windows 8.1 Pro
# Cleaned: 1
# Failed: 0


***** [ Services ] *****

No malicious services cleaned.

***** [ Folders ] *****

No malicious folders cleaned.

***** [ Files ] *****

No malicious files cleaned.

***** [ DLL ] *****

No malicious DLLs cleaned.

***** [ WMI ] *****

No malicious WMI cleaned.

***** [ Shortcuts ] *****

No malicious shortcuts cleaned.

***** [ Tasks ] *****

No malicious tasks cleaned.

***** [ Registry ] *****

No malicious registry entries cleaned.

***** [ Chromium (and derivatives) ] *****

No malicious Chromium entries cleaned.

***** [ Chromium URLs ] *****

No malicious Chromium URLs cleaned.

***** [ Firefox (and derivatives) ] *****

No malicious Firefox entries cleaned.

***** [ Firefox URLs ] *****

No malicious Firefox URLs cleaned.

***** [ Hosts File Entries ] *****

No malicious hosts file entries cleaned.

***** [ Preinstalled Software ] *****

Deleted Preinstalled.ASUSSplendid Folder C:\Program Files (x86)\ASUS\SPLENDID


*************************

[+] Delete Tracing Keys
[+] Reset Winsock

*************************

AdwCleaner_Debug.log - [31614 octets] - [27/10/2019 19:33:40]
AdwCleaner[S00].txt - [3840 octets] - [27/10/2019 19:34:06]
AdwCleaner[C00].txt - [4287 octets] - [27/10/2019 19:36:09]
AdwCleaner[S01].txt - [1911 octets] - [29/04/2020 20:19:59]
AdwCleaner[C01].txt - [1964 octets] - [29/04/2020 20:20:20]
AdwCleaner[S02].txt - [1756 octets] - [19/10/2020 18:18:29]
AdwCleaner[S03].txt - [1817 octets] - [19/10/2020 18:19:57]

########## EOF - C:\AdwCleaner\Logs\AdwCleaner[C03].txt ##########

Dejte nové logy FRST+Addition.

FRST

Scan result of Farbar Recovery Scan Tool (FRST) (x64) Version: 14-10-2020
Ran by uzivatel (administrator) on ZERO1 (ASUSTeK COMPUTER INC. UX303LAB) (19-10-2020 18:58:02)
Running from C:\Users\uzivatel\Desktop
Loaded Profiles: uzivatel & SQLTELEMETRY$SQLEXPRESS & SQLTELEMETRY & MSSQLFDLauncher & MSSQLLaunchpad & MSSQL$SQLEXPRESS & MSSQLSERVER & MSSQLLaunchpad$SQLEXPRESS & MSSQLFDLauncher$SQLEXPRESS
Platform: Windows 8.1 Pro (Update) (X64) Language: Slovenčina (Slovensko)
Default browser: FF
Boot Mode: Normal
Tutorial for Farbar Recovery Scan Tool: http://www.geekstogo.com/forum/topic/33 ... scan-tool/

==================== Processes (Whitelisted) =================

(If an entry is included in the fixlist, the process will be closed. The file will not be moved.)

(alch) [File not signed] C:\Program Files (x86)\ClamWin\bin\ClamTray.exe
(Apple Inc. -> Apple Inc.) C:\Program Files\Bonjour\mDNSResponder.exe
(Apple Inc. -> Apple Inc.) C:\Program Files\Common Files\Apple\Mobile Device Support\AppleMobileDeviceService.exe
(ASUSTeK Computer Inc. -> ASUS) C:\Program Files (x86)\ASUS\ATK Package\ATKGFNEX\GFNEXSrv.exe
(ASUSTeK Computer Inc. -> ASUSTek Computer Inc.) C:\Program Files (x86)\ASUS\ATK Package\ATK Hotkey\AsLdrSrv.exe
(ASUSTeK Computer Inc. -> ASUSTek Computer Inc.) C:\Program Files (x86)\ASUS\ATK Package\ATK Hotkey\HControl.exe
(ASUSTeK Computer Inc. -> ASUSTek Computer Inc.) C:\Program Files (x86)\ASUS\ATK Package\ATK Hotkey\KBFiltr.exe
(ASUSTeK Computer Inc. -> ASUSTek Computer Inc.) C:\Program Files (x86)\ASUS\ATK Package\ATK Media\DMedia.exe
(ASUSTeK Computer Inc. -> ASUSTek Computer Inc.) C:\Program Files (x86)\ASUS\ATK Package\ATKOSD2\ATKOSD2.exe
(ASUSTeK Computer Inc. -> ASUSTek Computer Inc.) C:\Program Files (x86)\ASUS\USBChargerPlus\USBChargerPlus.exe
(F.lux Software LLC -> f.lux Software LLC) C:\Users\uzivatel\AppData\Local\FluxSoftware\Flux\flux.exe
(Intel Corporation - Intel® Management Engine Firmware -> Intel Corporation) C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\DAL\jhi_service.exe
(Intel Corporation - Intel® Management Engine Firmware -> Intel Corporation) C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\LMS\LMS.exe
(Intel Corporation - pGFX -> ) C:\Windows\System32\igfxTray.exe
(Intel Corporation - pGFX -> Intel Corporation) C:\Windows\System32\igfxCUIService.exe
(Intel Corporation - pGFX -> Intel Corporation) C:\Windows\System32\igfxEM.exe
(Intel Corporation - pGFX -> Intel Corporation) C:\Windows\System32\igfxHK.exe
(Intel Corporation-Mobile Wireless Group -> Intel Corporation) C:\Program Files (x86)\Intel\Bluetooth\utilities\ibtsiva.exe
(Intel Corporation-Mobile Wireless Group -> Intel(R) Corporation) C:\Program Files\Common Files\Intel\WirelessCommon\RegSrvc.exe
(Intel Corporation-Mobile Wireless Group -> Intel(R) Corporation) C:\Program Files\Intel\WiFi\bin\EvtEng.exe
(Intel Corporation-Mobile Wireless Group -> Intel® Corporation) C:\Program Files\Intel\WiFi\bin\ZeroConfigService.exe
(Intel(R) Software -> Intel Corporation) C:\Windows\SysWOW64\esif_uf.exe
(Intel(R) Software -> Intel Corporation) C:\Windows\Temp\DPTF\esif_assist.exe
(Intel(R) Wireless Display -> Intel) C:\Program Files\Intel Corporation\USB over IP\bin\UoipService.exe
(Microsoft Corporation -> Microsoft Corporation) C:\Program Files\Microsoft SQL Server\90\Shared\sqlwriter.exe
(Microsoft Corporation -> Microsoft Corporation) C:\Program Files\Microsoft SQL Server\MSSQL14.MSSQLSERVER\MSSQL\Binn\fdhost.exe
(Microsoft Corporation -> Microsoft Corporation) C:\Program Files\Microsoft SQL Server\MSSQL14.MSSQLSERVER\MSSQL\Binn\fdlauncher.exe
(Microsoft Corporation -> Microsoft Corporation) C:\Program Files\Microsoft SQL Server\MSSQL14.MSSQLSERVER\MSSQL\Binn\Launchpad.exe
(Microsoft Corporation -> Microsoft Corporation) C:\Program Files\Microsoft SQL Server\MSSQL14.MSSQLSERVER\MSSQL\Binn\sqlceip.exe
(Microsoft Corporation -> Microsoft Corporation) C:\Program Files\Microsoft SQL Server\MSSQL14.MSSQLSERVER\MSSQL\Binn\sqlservr.exe
(Microsoft Corporation -> Microsoft Corporation) C:\Program Files\Microsoft SQL Server\MSSQL14.SQLEXPRESS\MSSQL\Binn\fdhost.exe
(Microsoft Corporation -> Microsoft Corporation) C:\Program Files\Microsoft SQL Server\MSSQL14.SQLEXPRESS\MSSQL\Binn\fdlauncher.exe
(Microsoft Corporation -> Microsoft Corporation) C:\Program Files\Microsoft SQL Server\MSSQL14.SQLEXPRESS\MSSQL\Binn\Launchpad.exe
(Microsoft Corporation -> Microsoft Corporation) C:\Program Files\Microsoft SQL Server\MSSQL14.SQLEXPRESS\MSSQL\Binn\sqlceip.exe
(Microsoft Corporation -> Microsoft Corporation) C:\Program Files\Microsoft SQL Server\MSSQL14.SQLEXPRESS\MSSQL\Binn\sqlservr.exe
(Microsoft Corporation -> Microsoft Corporation) C:\Program Files\Windows Defender\MsMpEng.exe
(Microsoft Corporation -> Microsoft Corporation) C:\Program Files\Windows Defender\NisSrv.exe
(Microsoft Corporation -> Microsoft Corporation) C:\Windows\Microsoft.NET\Framework64\v3.0\WPF\PresentationFontCache.exe
(Microsoft Windows -> Microsoft Corporation) C:\Windows\System32\dllhost.exe <2>
(Microsoft Windows -> Microsoft Corporation) C:\Windows\System32\wlanext.exe
(Microsoft Windows Hardware Compatibility Publisher -> Pixart Imaging Inc) C:\Windows\System32\TiltWheelMouse.exe
(Mozilla Corporation -> Mozilla Corporation) C:\Program Files\Mozilla Firefox\firefox.exe <7>

==================== Registry (Whitelisted) ===================

(If an entry is included in the fixlist, the registry item will be restored to default or removed. The file will not be moved.)

HKLM\...\Run: [MouseDriver] => C:\Windows\system32\TiltWheelMouse.exe [241152 2013-04-09] (Microsoft Windows Hardware Compatibility Publisher -> Pixart Imaging Inc)
HKLM\...\Run: [WindowsDefender] => "%ProgramFiles%\Windows Defender\MSASCuiL.exe"
HKLM\...\Run: [iTunesHelper] => C:\Program Files\iTunes\iTunesHelper.exe [331064 2020-09-09] (Apple Inc. -> Apple Inc.)
HKLM-x32\...\Run: [ClamWin] => C:\Program Files (x86)\ClamWin\bin\ClamTray.exe [86016 2018-03-03] (alch) [File not signed]
HKU\S-1-5-21-4176085001-3363555415-2058170901-1001\...\Run: [f.lux] => C:\Users\uzivatel\AppData\Local\FluxSoftware\Flux\flux.exe [1469968 2020-06-17] (F.lux Software LLC -> f.lux Software LLC)
HKU\S-1-5-21-4176085001-3363555415-2058170901-1001\...\Run: [iCloudServices] => C:\Program Files (x86)\Common Files\Apple\Internet Services\iCloudServices.exe [67384 2020-03-22] (Apple Inc. -> Apple Inc.)
HKU\S-1-5-21-4176085001-3363555415-2058170901-1001\Control Panel\Desktop\\SCRNSAVE.EXE -> C:\Windows\SysWOW64\ACTUAL~1.SCR [111616 2017-06-21] () [File not signed]
HKU\S-1-5-18\Control Panel\Desktop\\SCRNSAVE.EXE ->
HKLM\Software\...\AppCompatFlags\InstalledSDB\{ad846bae-d44b-4722-abad-f7420e08bcd9}: [DatabasePath] -> C:\Windows\AppPatch\Custom\{ad846bae-d44b-4722-abad-f7420e08bcd9}.sdb [2020-01-17]
GroupPolicy: Restriction ? <==== ATTENTION
HKLM\SOFTWARE\Policies\Mozilla\Firefox: Restriction <==== ATTENTION

==================== Scheduled Tasks (Whitelisted) ============

(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)

Task: {1E42491B-FF4F-4072-9C31-8EEBDCD06FF7} - System32\Tasks\Microsoft\Windows\Windows Defender\Windows Defender Scheduled Scan => C:\Program Files\Windows Defender\\MpCmdRun.exe [410792 2017-01-12] (Microsoft Corporation -> Microsoft Corporation)
Task: {1F3766D5-FDA3-405E-94DE-11D8CC033CB6} - System32\Tasks\Adobe Flash Player NPAPI Notifier => C:\Windows\SysWOW64\Macromed\Flash\FlashUtil32_32_0_0_433_Plugin.exe [1502264 2020-09-12] (Adobe Inc. -> Adobe)
Task: {27A7C62D-CEA7-4907-BF93-9423C61D6BD7} - System32\Tasks\Microsoft\Windows\Windows Defender\Windows Defender Cleanup => C:\Program Files\Windows Defender\\MpCmdRun.exe [410792 2017-01-12] (Microsoft Corporation -> Microsoft Corporation)
Task: {373B82C6-0C6A-4000-9629-06576883574D} - System32\Tasks\Microsoft\Windows\Windows Defender\Windows Defender Cache Maintenance => C:\Program Files\Windows Defender\\MpCmdRun.exe [410792 2017-01-12] (Microsoft Corporation -> Microsoft Corporation)
Task: {4223C28F-64A5-43C8-8D34-57BCF79ABAB2} - System32\Tasks\{DB60350E-319A-4774-8EFE-E29DBFE64664} => C:\Windows\system32\pcalua.exe -a "C:\Program Files (x86)\GT Interactive\Driver\Config.exe" -d "C:\Program Files (x86)\GT Interactive\Driver"
Task: {5DDC1DD5-0FB0-4743-A658-062CADB882D4} - System32\Tasks\ASUS USB Charger Plus => C:\Program Files (x86)\ASUS\USBChargerPlus\USBChargerPlus.exe [19853392 2014-09-11] (ASUSTeK Computer Inc. -> ASUSTek Computer Inc.)
Task: {7C763278-5DF2-4D86-8BBA-8C0119183B01} - System32\Tasks\Mozilla\Firefox Default Browser Agent 308046B0AF4A39CB => C:\Program Files\Mozilla Firefox\default-browser-agent.exe [660688 2020-10-13] (Mozilla Corporation -> Mozilla Foundation)
Task: {8F828BE9-8F00-4753-89D6-CD6A2D78E879} - System32\Tasks\ASUS\ASUS Product Register Service => C:\Program Files (x86)\ASUS\APRP\aprp.exe
Task: {9E18FA8E-0FFE-4F8F-92DC-689D5B0D42CC} - System32\Tasks\Microsoft\Windows\Windows Defender\Windows Defender Verification => C:\Program Files\Windows Defender\\MpCmdRun.exe [410792 2017-01-12] (Microsoft Corporation -> Microsoft Corporation)
Task: {ACEA0C20-FAEA-4FA3-A2E3-901FC34C7AD5} - System32\Tasks\Apple\AppleSoftwareUpdate => C:\Program Files (x86)\Apple Software Update\SoftwareUpdate.exe [616832 2019-09-04] (Apple Inc. -> Apple Inc.)
Task: {B38F889E-7831-48F1-B170-90F04B0841FE} - System32\Tasks\UMonitor Task => C:\Windows\SysWOW64\UMonit64.exe
Task: {D54DF9DB-019F-4075-A408-0658B53598D0} - System32\Tasks\{C01FDCB7-76D8-42C6-BA18-7BC5F6149E70} => C:\Windows\system32\pcalua.exe -a "E:\Robo\_games\Duke_3d_atomic\duke nukem 3d atomic edition for windows.exe" -d E:\Robo\_games\Duke_3d_atomic
Task: {E134A771-90AD-4CE4-8C0C-5C817A81A772} - System32\Tasks\ATK Package 36D18D69AFC3 => C:\Program Files (x86)\ASUS\ATK Package\ATK Hotkey\SimAppExec.exe [120632 2014-06-11] (ASUSTeK Computer Inc. -> ASUSTek Computer Inc.)
Task: {F8DC1AF1-F03D-425D-B9C2-C43C7F495DFA} - System32\Tasks\Adobe Flash Player Updater => C:\Windows\SysWOW64\Macromed\Flash\FlashPlayerUpdateService.exe [335416 2020-09-12] (Adobe Inc. -> Adobe)

(If an entry is included in the fixlist, the task (.job) file will be moved. The file which is running by the task will not be moved.)


==================== Internet (Whitelisted) ====================

(If an item is included in the fixlist, if it is a registry item it will be removed or restored to default.)

Winsock: Catalog5 08 C:\Program Files (x86)\Bonjour\mdnsNSP.dll [122128 2015-08-12] (Apple Inc. -> Apple Inc.)
Winsock: Catalog5-x64 08 C:\Program Files\Bonjour\mdnsNSP.dll [133392 2015-08-12] (Apple Inc. -> Apple Inc.)
Tcpip\Parameters: [DhcpNameServer] 192.168.100.1
Tcpip\..\Interfaces\{084947B4-F59C-4536-B3F9-4A4859CEA09A}: [DhcpNameServer] 172.20.10.1
Tcpip\..\Interfaces\{AE1B6697-3F17-41CD-9040-9266881E316F}: [NameServer] 8.8.8.8
Tcpip\..\Interfaces\{AE1B6697-3F17-41CD-9040-9266881E316F}: [DhcpNameServer] 192.168.100.1

Edge:
======
Edge DefaultProfile: Default
Edge Profile: C:\Users\uzivatel\AppData\Local\Microsoft\Edge\User Data\Default [2020-10-12]

FireFox:
========
FF DefaultProfile: 7h7ex4z3.default-1552668782976
FF ProfilePath: C:\Users\uzivatel\AppData\Roaming\Mozilla\Firefox\Profiles\7h7ex4z3.default-1552668782976 [2020-10-19]
FF Extension: (Ghostery – Privacy Ad Blocker) - C:\Users\uzivatel\AppData\Roaming\Mozilla\Firefox\Profiles\7h7ex4z3.default-1552668782976\Extensions\firefox@ghostery.com.xpi [2019-06-24]
FF Extension: (HTTPS Everywhere) - C:\Users\uzivatel\AppData\Roaming\Mozilla\Firefox\Profiles\7h7ex4z3.default-1552668782976\Extensions\https-everywhere@eff.org.xpi [2020-04-03]
FF Extension: (Privacy Badger) - C:\Users\uzivatel\AppData\Roaming\Mozilla\Firefox\Profiles\7h7ex4z3.default-1552668782976\Extensions\jid1-MnnxcxisBPnSXQ@jetpack.xpi [2019-12-08]
FF Extension: (clean-youtube) - C:\Users\uzivatel\AppData\Roaming\Mozilla\Firefox\Profiles\7h7ex4z3.default-1552668782976\Extensions\jid1-q4sG8pYhq8KGHs@jetpack.xpi [2020-06-19]
FF Extension: (uBlock Origin) - C:\Users\uzivatel\AppData\Roaming\Mozilla\Firefox\Profiles\7h7ex4z3.default-1552668782976\Extensions\uBlock0@raymondhill.net.xpi [2020-06-19]
FF Extension: (Adblock) - C:\Users\uzivatel\AppData\Roaming\Mozilla\Firefox\Profiles\7h7ex4z3.default-1552668782976\Extensions\{2d7387e7-05cf-43c0-9096-8fd4699b0b11}.xpi [2020-06-19]
FF Extension: (NoScript) - C:\Users\uzivatel\AppData\Roaming\Mozilla\Firefox\Profiles\7h7ex4z3.default-1552668782976\Extensions\{73a6fe31-595d-460b-a920-fcc0f8843232}.xpi [2019-07-26]
FF Plugin: @adobe.com/FlashPlayer -> C:\Windows\system32\Macromed\Flash\NPSWF64_32_0_0_433.dll [2020-09-12] (Adobe Inc. -> )
FF Plugin-x32: @adobe.com/FlashPlayer -> C:\Windows\SysWOW64\Macromed\Flash\NPSWF32_32_0_0_433.dll [2020-09-12] (Adobe Inc. -> )
FF Plugin-x32: @foxitsoftware.com/Foxit PhantomPDF Plugin,version=1.0,application/vnd.xdp -> C:\Program Files (x86)\Foxit PhantomPDF\plugins\npFoxitPhantomPDFPlugin.dll [No File]
FF Plugin-x32: @foxitsoftware.com/Foxit PhantomPDF Plugin,version=1.0,application/vnd.xfdf -> C:\Program Files (x86)\Foxit PhantomPDF\plugins\npFoxitPhantomPDFPlugin.dll [No File]
FF Plugin-x32: @foxitsoftware.com/Foxit Reader Plugin,version=1.0,application/pdf -> C:\Program Files (x86)\Foxit Software\Foxit Reader\plugins\npFoxitReaderPlugin.dll [2019-01-17] (Foxit Software Incorporated -> Foxit Corporation)
FF Plugin-x32: @foxitsoftware.com/Foxit Reader Plugin,version=1.0,application/vnd.fdf -> C:\Program Files (x86)\Foxit Software\Foxit Reader\plugins\npFoxitReaderPlugin.dll [2019-01-17] (Foxit Software Incorporated -> Foxit Corporation)
FF Plugin-x32: @foxitsoftware.com/Foxit Reader Plugin,version=1.0,application/vnd.xdp -> C:\Program Files (x86)\Foxit Software\Foxit Reader\plugins\npFoxitReaderPlugin.dll [2019-01-17] (Foxit Software Incorporated -> Foxit Corporation)
FF Plugin-x32: @foxitsoftware.com/Foxit Reader Plugin,version=1.0,application/vnd.xfdf -> C:\Program Files (x86)\Foxit Software\Foxit Reader\plugins\npFoxitReaderPlugin.dll [2019-01-17] (Foxit Software Incorporated -> Foxit Corporation)
FF Plugin-x32: @intel-webapi.intel.com/Intel WebAPI ipt;version=4.0.56 -> C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\IPT\npIntelWebAPIIPT.dll [2014-09-03] (Intel(R) Identity Protection Technology Software -> Intel Corporation)
FF Plugin-x32: @intel-webapi.intel.com/Intel WebAPI updater -> C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\IPT\npIntelWebAPIUpdater.dll [2014-09-03] (Intel(R) Identity Protection Technology Software -> Intel Corporation)
FF Plugin-x32: @videolan.org/vlc,version=3.0.6 -> C:\Program Files (x86)\VideoLAN\VLC\npvlc.dll [2019-01-10] (VideoLAN -> VideoLAN)

==================== Services (Whitelisted) ===================

(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)

S4 AdobeFlashPlayerUpdateSvc; C:\Windows\SysWOW64\Macromed\Flash\FlashPlayerUpdateService.exe [335416 2020-09-12] (Adobe Inc. -> Adobe)
R2 Apple Mobile Device Service; C:\Program Files\Common Files\Apple\Mobile Device Support\AppleMobileDeviceService.exe [96056 2020-09-09] (Apple Inc. -> Apple Inc.)
R2 ibtsiva.exe; C:\Program Files (x86)\Intel\Bluetooth\utilities\ibtsiva.exe [121288 2014-08-13] (Intel Corporation-Mobile Wireless Group -> Intel Corporation)
R2 IntelUSBoverIP; C:\Program Files\Intel Corporation\USB over IP\bin\UoipService.exe [394184 2014-10-15] (Intel(R) Wireless Display -> Intel)
S3 MsMpiLaunchSvc; C:\Program Files\Microsoft MPI\Bin\msmpilaunchsvc.exe [23040 2016-03-04] () [File not signed]
R2 MSSQL$SQLEXPRESS; C:\Program Files\Microsoft SQL Server\MSSQL14.SQLEXPRESS\MSSQL\Binn\sqlservr.exe [485048 2017-08-22] (Microsoft Corporation -> Microsoft Corporation)
R3 MSSQLFDLauncher; C:\Program Files\Microsoft SQL Server\MSSQL14.MSSQLSERVER\MSSQL\Binn\fdlauncher.exe [60592 2017-08-22] (Microsoft Corporation -> Microsoft Corporation)
R3 MSSQLFDLauncher$SQLEXPRESS; C:\Program Files\Microsoft SQL Server\MSSQL14.SQLEXPRESS\MSSQL\Binn\fdlauncher.exe [60592 2017-08-22] (Microsoft Corporation -> Microsoft Corporation)
R2 MSSQLLaunchpad; C:\Program Files\Microsoft SQL Server\MSSQL14.MSSQLSERVER\MSSQL\Binn\launchpad.exe [1121464 2017-08-22] (Microsoft Corporation -> Microsoft Corporation)
R2 MSSQLLaunchpad$SQLEXPRESS; C:\Program Files\Microsoft SQL Server\MSSQL14.SQLEXPRESS\MSSQL\Binn\launchpad.exe [1121464 2017-08-22] (Microsoft Corporation -> Microsoft Corporation)
R2 MSSQLSERVER; C:\Program Files\Microsoft SQL Server\MSSQL14.MSSQLSERVER\MSSQL\Binn\sqlservr.exe [485048 2017-08-22] (Microsoft Corporation -> Microsoft Corporation)
S4 SQLAgent$SQLEXPRESS; C:\Program Files\Microsoft SQL Server\MSSQL14.SQLEXPRESS\MSSQL\Binn\SQLAGENT.EXE [578744 2017-08-22] (Microsoft Corporation -> Microsoft Corporation)
S4 SQLSERVERAGENT; C:\Program Files\Microsoft SQL Server\MSSQL14.MSSQLSERVER\MSSQL\Binn\SQLAGENT.EXE [578744 2017-08-22] (Microsoft Corporation -> Microsoft Corporation)
R2 SQLTELEMETRY; C:\Program Files\Microsoft SQL Server\MSSQL14.MSSQLSERVER\MSSQL\Binn\sqlceip.exe [246968 2017-08-22] (Microsoft Corporation -> Microsoft Corporation)
R2 SQLTELEMETRY$SQLEXPRESS; C:\Program Files\Microsoft SQL Server\MSSQL14.SQLEXPRESS\MSSQL\Binn\sqlceip.exe [246968 2017-08-22] (Microsoft Corporation -> Microsoft Corporation)
R3 WdNisSvc; C:\Program Files\Windows Defender\NisSrv.exe [361824 2017-01-12] (Microsoft Corporation -> Microsoft Corporation)
R2 WinDefend; C:\Program Files\Windows Defender\MsMpEng.exe [119872 2017-01-12] (Microsoft Corporation -> Microsoft Corporation)

===================== Drivers (Whitelisted) ===================

(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)

S3 ATP; C:\Windows\System32\drivers\AsusTP.sys [69904 2014-11-21] (ASUSTeK Computer Inc. -> ASUS Corporation)
S3 AX88772; C:\Windows\system32\DRIVERS\ax88772.sys [113864 2013-07-18] (WDKTestCert asix,130126255272009909 -> ASIX Electronics Corp.)
S3 BthMtpEnum; C:\Windows\system32\DRIVERS\BthMtpEnum.sys [62976 2013-08-22] (Microsoft Windows -> Microsoft Corporation)
S3 GeneStor; C:\Windows\System32\drivers\GeneStor.sys [130648 2016-08-22] (GENESYS LOGIC, INC. -> GenesysLogic)
S1 ISODisk; C:\Windows\SysWow64\Drivers\ISODisk.sys [9600 2006-04-26] () [File not signed]
R3 kbfiltr; C:\Windows\System32\drivers\kbfiltr.sys [17280 2012-08-06] (ASUSTeK Computer Inc. -> )
S0 mfeelamk; C:\Windows\System32\drivers\mfeelamk.sys [80920 2015-07-02] (Microsoft Windows Early Launch Anti-malware Publisher -> McAfee, Inc.)
S3 Netaapl; C:\Windows\system32\DRIVERS\netaapl64.sys [23040 2016-12-21] (Microsoft Windows Hardware Compatibility Publisher -> Apple Inc.)
R0 pwdrvio; C:\Windows\System32\pwdrvio.sys [19152 2013-09-30] (MiniTool Solution Ltd -> )
S3 pwdspio; C:\Windows\system32\pwdspio.sys [12504 2013-09-30] (MiniTool Solution Ltd -> )
S4 RsFx0500; C:\Windows\System32\DRIVERS\RsFx0500.sys [261848 2017-08-22] (Microsoft Corporation -> Microsoft Corporation)
S3 RTLU3E8023-W8-64; C:\Windows\system32\DRIVERS\rtu30x64w8.sys [70656 2013-06-18] (Microsoft Windows -> Realtek)
S4 secdrv; C:\Windows\SysWow64\Drivers\secdrv.sys [11968 2000-06-27] () [File not signed]
S3 tap0901; C:\Windows\system32\DRIVERS\tap0901.sys [27136 2014-11-05] (OpenVPN Technologies, Inc. -> The OpenVPN Project)
R3 t_mouse.sys; C:\Windows\system32\DRIVERS\t_mouse.sys [6144 2013-04-09] (Microsoft Windows Hardware Compatibility Publisher -> )
R3 usb3Hub; C:\Windows\System32\drivers\usb3Hub.sys [213296 2014-10-15] (Intel(R) Wireless Display -> Windows (R) Win 7 DDK provider)
S3 USBAAPL64; C:\Windows\System32\Drivers\usbaapl64.sys [54784 2016-12-21] (Microsoft Windows Hardware Compatibility Publisher -> Apple, Inc.)
S3 VBoxNetAdp; C:\Windows\system32\DRIVERS\VBoxNetAdp6.sys [237312 2020-02-19] (Oracle Corporation -> Oracle Corporation)
S0 WdBoot; C:\Windows\System32\drivers\WdBoot.sys [46600 2017-02-10] (Microsoft Windows Early Launch Anti-malware Publisher -> Microsoft Corporation)
R0 WdFilter; C:\Windows\System32\drivers\WdFilter.sys [274776 2017-01-12] (Microsoft Windows -> Microsoft Corporation)
R3 WdNisDrv; C:\Windows\System32\Drivers\WdNisDrv.sys [117592 2017-01-12] (Microsoft Windows -> Microsoft Corporation)
U0 msahci; system32\drivers\msahci.sys [X]
S3 VirtualDVD; \SystemRoot\system32\DRIVERS\VirtualDVD.sys [X]

==================== NetSvcs (Whitelisted) ===================

(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)


==================== One month (created) ===================

(If an entry is included in the fixlist, the file/folder will be moved.)

2020-10-19 18:17 - 2020-10-19 18:17 - 008447152 _____ (Malwarebytes) C:\Users\uzivatel\Desktop\adwcleaner_8.0.8.exe
2020-10-19 16:35 - 2020-10-19 16:35 - 034667768 _____ (Microsoft Corporation) C:\Users\uzivatel\Downloads\Windows-KB890830-x64-V5.83.exe
2020-10-19 15:02 - 2020-10-19 15:03 - 000051402 _____ C:\Users\uzivatel\Desktop\Addition.txt
2020-10-19 14:58 - 2020-10-19 18:58 - 000020948 _____ C:\Users\uzivatel\Desktop\FRST.txt
2020-10-13 19:06 - 2020-10-13 19:06 - 000000000 ____D C:\Windows\system32\Tasks\Mozilla
2020-10-10 15:00 - 2020-10-10 15:00 - 012764344 _____ C:\Users\uzivatel\Downloads\SPV_UaSC_SK.pdf
2020-09-27 18:37 - 2020-09-27 18:37 - 000001091 _____ C:\Users\Administrator\Desktop\Wolfenstein (Multiplayer).lnk
2020-09-27 18:04 - 2020-09-29 19:55 - 000000000 ____D C:\Users\uzivatel\AppData\Local\ElevatedDiagnostics
2020-09-27 17:45 - 2020-09-27 17:48 - 000000000 ____D C:\Users\uzivatel\AppData\Roaming\windows95
2020-09-27 17:44 - 2020-09-27 17:45 - 000000000 ____D C:\Users\uzivatel\AppData\Local\SquirrelTemp
2020-09-22 20:29 - 2020-09-22 20:29 - 000001761 _____ C:\Users\Public\Desktop\iTunes.lnk
2020-09-22 20:29 - 2020-09-22 20:29 - 000001761 _____ C:\ProgramData\Desktop\iTunes.lnk
2020-09-22 20:29 - 2020-09-22 20:29 - 000000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\iTunes
2020-09-22 20:29 - 2020-09-22 20:29 - 000000000 ____D C:\Program Files\iTunes
2020-09-22 20:29 - 2020-09-22 20:29 - 000000000 ____D C:\Program Files\iPod

==================== One month (modified) ==================

(If an entry is included in the fixlist, the file/folder will be moved.)

2020-10-19 18:58 - 2017-07-25 22:18 - 000000000 ____D C:\FRST
2020-10-19 18:29 - 2016-11-15 19:41 - 000000000 ____D C:\Users\uzivatel\AppData\LocalLow\Mozilla
2020-10-19 18:28 - 2014-03-18 17:25 - 001243990 _____ C:\Windows\system32\PerfStringBackup.INI
2020-10-19 18:28 - 2013-08-22 15:36 - 000000000 ____D C:\Windows\Inf
2020-10-19 18:27 - 2020-04-09 22:13 - 000003380 _____ C:\Windows\system32\Tasks\MicrosoftEdgeUpdateTaskMachineUA
2020-10-19 18:27 - 2020-04-09 22:13 - 000003252 _____ C:\Windows\system32\Tasks\MicrosoftEdgeUpdateTaskMachineCore
2020-10-19 18:20 - 2014-11-16 08:55 - 000000000 ____D C:\Program Files (x86)\ASUS
2020-10-19 18:20 - 2013-08-22 16:45 - 000000006 ____H C:\Windows\Tasks\SA.DAT
2020-10-19 17:08 - 2015-09-05 11:54 - 129170736 ____C (Microsoft Corporation) C:\Windows\system32\MRT.exe
2020-10-19 14:58 - 2017-10-03 19:38 - 002299904 _____ (Farbar) C:\Users\uzivatel\Desktop\FRST64.exe
2020-10-17 21:24 - 2013-08-22 15:25 - 000262144 ___SH C:\Windows\system32\config\BBI
2020-10-17 20:48 - 2015-09-02 18:48 - 000003600 _____ C:\Windows\system32\Tasks\Optimize Start Menu Cache Files-S-1-5-21-4176085001-3363555415-2058170901-1001
2020-10-17 12:26 - 2020-04-09 22:14 - 000002251 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Microsoft Edge.lnk
2020-10-17 12:26 - 2020-04-09 22:14 - 000002210 _____ C:\Users\Public\Desktop\Microsoft Edge.lnk
2020-10-17 12:26 - 2020-04-09 22:14 - 000002210 _____ C:\ProgramData\Desktop\Microsoft Edge.lnk
2020-10-14 18:58 - 2017-09-24 19:14 - 000000000 ____D C:\Program Files\Mozilla Firefox
2020-10-14 18:58 - 2015-09-02 19:09 - 000000000 ____D C:\Program Files (x86)\Mozilla Maintenance Service
2020-10-13 19:06 - 2015-09-02 19:09 - 000000950 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Firefox.lnk
2020-10-08 06:50 - 2013-08-22 17:36 - 000000000 ____D C:\Windows\system32\NDF
2020-10-06 17:49 - 2019-07-07 17:04 - 000000000 ____D C:\Program Files\Recuva
2020-10-06 17:44 - 2015-09-02 18:42 - 000000000 ____D C:\Users\uzivatel
2020-09-27 18:40 - 2020-04-09 22:20 - 000000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Return to Castle Wolfenstein
2020-09-27 18:40 - 2020-04-09 22:15 - 000000600 _____ C:\Windows\Rtcw.INI
2020-09-27 18:27 - 2020-04-15 20:33 - 000000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Return to Castle Wolfenstein DEMO
2020-09-27 18:03 - 2016-06-12 11:14 - 000000000 ____D C:\Users\uzivatel\AppData\Local\CrashDumps
2020-09-27 17:52 - 2020-04-07 22:47 - 000000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\NCSS 97
2020-09-27 17:52 - 2020-04-07 22:46 - 000000000 ____D C:\Program Files (x86)\NCSS97
2020-09-27 17:50 - 2019-11-27 21:07 - 000001391 _____ C:\Windows\WINTRAN.INI
2020-09-27 17:50 - 2019-11-27 21:07 - 000000546 _____ C:\Windows\WDICT32.INI
2020-09-27 17:50 - 2019-11-27 21:07 - 000000065 _____ C:\Windows\STXKBD.INI
2020-09-27 17:50 - 2019-11-27 21:07 - 000000013 _____ C:\Windows\WTRDCTM.INI
2020-09-25 15:58 - 2019-01-30 17:30 - 000000000 ____D C:\ProgramData\Mozilla

==================== Files in the root of some directories ========

2015-09-02 18:43 - 2019-10-27 20:27 - 000000125 _____ () C:\Users\uzivatel\AppData\Roaming\sp_data.sys
2015-10-01 15:42 - 2015-10-01 15:42 - 000000017 _____ () C:\Users\uzivatel\AppData\Local\resmon.resmoncfg

==================== SigCheck ============================

(There is no automatic fix for files that do not pass verification.)


LastRegBack: 2020-10-18 10:51
==================== End of FRST.txt ========================

Additional scan result of Farbar Recovery Scan Tool (x64) Version: 14-10-2020
Ran by uzivatel (19-10-2020 18:58:53)
Running from C:\Users\uzivatel\Desktop
Windows 8.1 Pro (Update) (X64) (2015-09-02 16:42:46)
Boot Mode: Normal
==========================================================


==================== Accounts: =============================

Administrator (S-1-5-21-4176085001-3363555415-2058170901-500 - Administrator - Enabled) => C:\Users\Administrator
Guest (S-1-5-21-4176085001-3363555415-2058170901-501 - Limited - Disabled)
MSSQLSERVER00 (S-1-5-21-4176085001-3363555415-2058170901-1026 - Limited - Enabled)
MSSQLSERVER01 (S-1-5-21-4176085001-3363555415-2058170901-1027 - Limited - Enabled)
MSSQLSERVER02 (S-1-5-21-4176085001-3363555415-2058170901-1028 - Limited - Enabled)
MSSQLSERVER03 (S-1-5-21-4176085001-3363555415-2058170901-1029 - Limited - Enabled)
MSSQLSERVER04 (S-1-5-21-4176085001-3363555415-2058170901-1030 - Limited - Enabled)
MSSQLSERVER05 (S-1-5-21-4176085001-3363555415-2058170901-1031 - Limited - Enabled)
MSSQLSERVER06 (S-1-5-21-4176085001-3363555415-2058170901-1032 - Limited - Enabled)
MSSQLSERVER07 (S-1-5-21-4176085001-3363555415-2058170901-1033 - Limited - Enabled)
MSSQLSERVER08 (S-1-5-21-4176085001-3363555415-2058170901-1034 - Limited - Enabled)
MSSQLSERVER09 (S-1-5-21-4176085001-3363555415-2058170901-1035 - Limited - Enabled)
MSSQLSERVER10 (S-1-5-21-4176085001-3363555415-2058170901-1036 - Limited - Enabled)
MSSQLSERVER11 (S-1-5-21-4176085001-3363555415-2058170901-1037 - Limited - Enabled)
MSSQLSERVER12 (S-1-5-21-4176085001-3363555415-2058170901-1038 - Limited - Enabled)
MSSQLSERVER13 (S-1-5-21-4176085001-3363555415-2058170901-1039 - Limited - Enabled)
MSSQLSERVER14 (S-1-5-21-4176085001-3363555415-2058170901-1040 - Limited - Enabled)
MSSQLSERVER15 (S-1-5-21-4176085001-3363555415-2058170901-1041 - Limited - Enabled)
MSSQLSERVER16 (S-1-5-21-4176085001-3363555415-2058170901-1042 - Limited - Enabled)
MSSQLSERVER17 (S-1-5-21-4176085001-3363555415-2058170901-1043 - Limited - Enabled)
MSSQLSERVER18 (S-1-5-21-4176085001-3363555415-2058170901-1044 - Limited - Enabled)
MSSQLSERVER19 (S-1-5-21-4176085001-3363555415-2058170901-1045 - Limited - Enabled)
MSSQLSERVER20 (S-1-5-21-4176085001-3363555415-2058170901-1046 - Limited - Enabled)
SQLEXPRESS00 (S-1-5-21-4176085001-3363555415-2058170901-1004 - Limited - Enabled)
SQLEXPRESS01 (S-1-5-21-4176085001-3363555415-2058170901-1005 - Limited - Enabled)
SQLEXPRESS02 (S-1-5-21-4176085001-3363555415-2058170901-1006 - Limited - Enabled)
SQLEXPRESS03 (S-1-5-21-4176085001-3363555415-2058170901-1007 - Limited - Enabled)
SQLEXPRESS04 (S-1-5-21-4176085001-3363555415-2058170901-1008 - Limited - Enabled)
SQLEXPRESS05 (S-1-5-21-4176085001-3363555415-2058170901-1009 - Limited - Enabled)
SQLEXPRESS06 (S-1-5-21-4176085001-3363555415-2058170901-1010 - Limited - Enabled)
SQLEXPRESS07 (S-1-5-21-4176085001-3363555415-2058170901-1011 - Limited - Enabled)
SQLEXPRESS08 (S-1-5-21-4176085001-3363555415-2058170901-1012 - Limited - Enabled)
SQLEXPRESS09 (S-1-5-21-4176085001-3363555415-2058170901-1013 - Limited - Enabled)
SQLEXPRESS10 (S-1-5-21-4176085001-3363555415-2058170901-1014 - Limited - Enabled)
SQLEXPRESS11 (S-1-5-21-4176085001-3363555415-2058170901-1015 - Limited - Enabled)
SQLEXPRESS12 (S-1-5-21-4176085001-3363555415-2058170901-1016 - Limited - Enabled)
SQLEXPRESS13 (S-1-5-21-4176085001-3363555415-2058170901-1017 - Limited - Enabled)
SQLEXPRESS14 (S-1-5-21-4176085001-3363555415-2058170901-1018 - Limited - Enabled)
SQLEXPRESS15 (S-1-5-21-4176085001-3363555415-2058170901-1019 - Limited - Enabled)
SQLEXPRESS16 (S-1-5-21-4176085001-3363555415-2058170901-1020 - Limited - Enabled)
SQLEXPRESS17 (S-1-5-21-4176085001-3363555415-2058170901-1021 - Limited - Enabled)
SQLEXPRESS18 (S-1-5-21-4176085001-3363555415-2058170901-1022 - Limited - Enabled)
SQLEXPRESS19 (S-1-5-21-4176085001-3363555415-2058170901-1023 - Limited - Enabled)
SQLEXPRESS20 (S-1-5-21-4176085001-3363555415-2058170901-1024 - Limited - Enabled)
uzivatel (S-1-5-21-4176085001-3363555415-2058170901-1001 - Administrator - Enabled) => C:\Users\uzivatel

==================== Security Center ========================

(If an entry is included in the fixlist, it will be removed.)

AV: Windows Defender (Enabled - Up to date) {D68DDC3A-831F-4fae-9E44-DA132C1ACF46}
AS: Windows Defender (Enabled - Up to date) {D68DDC3A-831F-4fae-9E44-DA132C1ACF46}

==================== Installed Programs ======================

(Only the adware programs with "Hidden" flag could be added to the fixlist to unhide them. The adware programs should be uninstalled manually.)

2007 Microsoft Office Suite Service Pack 3 (SP3) (HKLM-x32\...\{90120000-0015-0409-0000-0000000FF1CE}_ENTERPRISE_{AAA19365-932B-49BD-8138-BE28CEE9C4B4}) (Version: - Microsoft) Hidden
2007 Microsoft Office Suite Service Pack 3 (SP3) (HKLM-x32\...\{90120000-0016-0409-0000-0000000FF1CE}_ENTERPRISE_{AAA19365-932B-49BD-8138-BE28CEE9C4B4}) (Version: - Microsoft) Hidden
2007 Microsoft Office Suite Service Pack 3 (SP3) (HKLM-x32\...\{90120000-0018-0409-0000-0000000FF1CE}_ENTERPRISE_{AAA19365-932B-49BD-8138-BE28CEE9C4B4}) (Version: - Microsoft) Hidden
2007 Microsoft Office Suite Service Pack 3 (SP3) (HKLM-x32\...\{90120000-0019-0409-0000-0000000FF1CE}_ENTERPRISE_{AAA19365-932B-49BD-8138-BE28CEE9C4B4}) (Version: - Microsoft) Hidden
2007 Microsoft Office Suite Service Pack 3 (SP3) (HKLM-x32\...\{90120000-001A-0409-0000-0000000FF1CE}_ENTERPRISE_{AAA19365-932B-49BD-8138-BE28CEE9C4B4}) (Version: - Microsoft) Hidden
2007 Microsoft Office Suite Service Pack 3 (SP3) (HKLM-x32\...\{90120000-001B-0409-0000-0000000FF1CE}_ENTERPRISE_{AAA19365-932B-49BD-8138-BE28CEE9C4B4}) (Version: - Microsoft) Hidden
2007 Microsoft Office Suite Service Pack 3 (SP3) (HKLM-x32\...\{90120000-001F-0409-0000-0000000FF1CE}_ENTERPRISE_{1FF96026-A04A-4C3E-B50A-BB7022654D0F}) (Version: - Microsoft) Hidden
2007 Microsoft Office Suite Service Pack 3 (SP3) (HKLM-x32\...\{90120000-001F-040C-0000-0000000FF1CE}_ENTERPRISE_{71F055E8-E2C6-4214-BB3D-BFE03561B89E}) (Version: - Microsoft) Hidden
2007 Microsoft Office Suite Service Pack 3 (SP3) (HKLM-x32\...\{90120000-001F-0C0A-0000-0000000FF1CE}_ENTERPRISE_{2314F9A1-126F-45CC-8A5E-DFAF866F3FBC}) (Version: - Microsoft) Hidden
2007 Microsoft Office Suite Service Pack 3 (SP3) (HKLM-x32\...\{90120000-002A-0000-1000-0000000FF1CE}_ENTERPRISE_{664655D8-B9BB-455D-8A58-7EAF7B0B2862}) (Version: - Microsoft) Hidden
2007 Microsoft Office Suite Service Pack 3 (SP3) (HKLM-x32\...\{90120000-002A-0409-1000-0000000FF1CE}_ENTERPRISE_{98333358-268C-4164-B6D4-C96DF5153727}) (Version: - Microsoft) Hidden
2007 Microsoft Office Suite Service Pack 3 (SP3) (HKLM-x32\...\{90120000-0030-0000-0000-0000000FF1CE}_ENTERPRISE_{6E107EB7-8B55-48BF-ACCB-199F86A2CD93}) (Version: - Microsoft)
2007 Microsoft Office Suite Service Pack 3 (SP3) (HKLM-x32\...\{90120000-0044-0409-0000-0000000FF1CE}_ENTERPRISE_{AAA19365-932B-49BD-8138-BE28CEE9C4B4}) (Version: - Microsoft) Hidden
2007 Microsoft Office Suite Service Pack 3 (SP3) (HKLM-x32\...\{90120000-006E-0409-0000-0000000FF1CE}_ENTERPRISE_{98333358-268C-4164-B6D4-C96DF5153727}) (Version: - Microsoft) Hidden
2007 Microsoft Office Suite Service Pack 3 (SP3) (HKLM-x32\...\{90120000-00A1-0409-0000-0000000FF1CE}_ENTERPRISE_{AAA19365-932B-49BD-8138-BE28CEE9C4B4}) (Version: - Microsoft) Hidden
2007 Microsoft Office Suite Service Pack 3 (SP3) (HKLM-x32\...\{90120000-00BA-0409-0000-0000000FF1CE}_ENTERPRISE_{AAA19365-932B-49BD-8138-BE28CEE9C4B4}) (Version: - Microsoft) Hidden
2007 Microsoft Office Suite Service Pack 3 (SP3) (HKLM-x32\...\{90120000-0114-0409-0000-0000000FF1CE}_ENTERPRISE_{AAA19365-932B-49BD-8138-BE28CEE9C4B4}) (Version: - Microsoft) Hidden
2007 Microsoft Office Suite Service Pack 3 (SP3) (HKLM-x32\...\{90120000-0115-0409-0000-0000000FF1CE}_ENTERPRISE_{98333358-268C-4164-B6D4-C96DF5153727}) (Version: - Microsoft) Hidden
2007 Microsoft Office Suite Service Pack 3 (SP3) (HKLM-x32\...\{90120000-0116-0409-1000-0000000FF1CE}_ENTERPRISE_{98333358-268C-4164-B6D4-C96DF5153727}) (Version: - Microsoft) Hidden
2007 Microsoft Office Suite Service Pack 3 (SP3) (HKLM-x32\...\{90120000-0117-0409-0000-0000000FF1CE}_ENTERPRISE_{AAA19365-932B-49BD-8138-BE28CEE9C4B4}) (Version: - Microsoft) Hidden
Adobe Flash Player 32 NPAPI (HKLM-x32\...\Adobe Flash Player NPAPI) (Version: 32.0.0.433 - Adobe)
Apple Mobile Device Support (HKLM\...\{2504ACC6-F5B6-4F18-B4A9-2AAF48D89D85}) (Version: 14.0.0.29 - Apple Inc.)
Apple Software Update (HKLM-x32\...\{A3985C05-7386-411F-A4BF-32A73F37EB44}) (Version: 2.6.3.1 - Apple Inc.)
ASUS USB Charger Plus (HKLM-x32\...\{A859E3E5-C62F-4BFA-AF1D-2B95E03166AF}) (Version: 4.0.2 - ASUS)
ATK Package (HKLM-x32\...\{AB5C933E-5C7D-4D30-B314-9C83A49B94BE}) (Version: 1.0.0037 - ASUS)
AudioWizard (HKLM-x32\...\{57E770A2-2BAF-4CAA-BAA3-BD896E2254D3}) (Version: 1.0.0.31 - ICEpower a/s)
Bonjour (HKLM\...\{56DDDFB8-7F79-4480-89D5-25E1F52AB28F}) (Version: 3.1.0.1 - Apple Inc.)
Browser for SQL Server 2017 (HKLM-x32\...\{CF8EEB96-E7E7-4EF7-A0A1-559F09953156}) (Version: 14.0.1000.169 - Microsoft Corporation)
BS.Player FREE (HKLM-x32\...\BSPlayerf) (Version: 2.71.1081 - AB Team, d.o.o.)
ClamWin Free Antivirus 0.99.4 (HKLM-x32\...\ClamWin Free Antivirus_is1) (Version: - alch)
Conexant HD Audio (HKLM\...\CNXT_AUDIO_HDA) (Version: 8.66.52.56 - Conexant)
f.lux (HKU\S-1-5-21-4176085001-3363555415-2058170901-1001\...\Flux) (Version: - f.lux Software LLC)
Foxit Reader (HKLM-x32\...\Foxit Reader_is1) (Version: 9.4.1.16828 - Foxit Software Inc.)
FREE MSG File Viewer version 2.0 (HKLM-x32\...\{2D370F64-93D0-4731-B27B-35869AEEB460}_is1) (Version: 2.0 - SysTools Software)
Fritz 9 (HKLM-x32\...\{4FAA46FA-D8C1-488C-A979-83F41BB1E1DA}_is1) (Version: 9.0 - US - ACTION, s.r.o.)
ChessBase Reader (HKLM-x32\...\{DE1044D3-B7A3-45F0-AE4C-9F68BDD7B596}) (Version: 12.42.0.0 - ChessBase)
iCloud (HKLM\...\{A3616230-EF97-44F3-83D3-1AE29DC639D3}) (Version: 7.18.0.22 - Apple Inc.)
IIS 10.0 Express (HKLM\...\{2B8326B6-4202-4239-B9A9-F3EC8812E82D}) (Version: 10.0.03917 - Microsoft Corporation)
IIS Express Application Compatibility Database for x64 (HKLM\...\{08274920-8908-45c2-9258-8ad67ff77b09}.sdb) (Version: - ) Hidden
IIS Express Application Compatibility Database for x86 (HKLM\...\{ad846bae-d44b-4722-abad-f7420e08bcd9}.sdb) (Version: - ) Hidden
Intel Collaborative Processor Performance Control (HKLM-x32\...\0E7DAF70-FB54-4B91-B192-7E771C25AEEB) (Version: 1.0.0.1017 - Intel Corporation)
Intel(R) Dynamic Platform and Thermal Framework (HKLM-x32\...\{654EE65D-FAA4-4EA6-8C07-DC94E6A304D4}) (Version: 8.0.10100.71 - Intel Corporation)
Intel(R) Chipset Device Software (HKLM-x32\...\{f5d71765-7cd1-4e68-998f-5b379e725da3}) (Version: 10.0.22 - Intel(R) Corporation) Hidden
Intel(R) Management Engine Components (HKLM\...\{1CEAC85D-2590-4760-800F-8DE5E91F3700}) (Version: 10.0.28.1006 - Intel Corporation)
Intel(R) Processor Graphics (HKLM-x32\...\{F0E3AD40-2BBD-4360-9C76-B9AC9A5886EA}) (Version: 10.18.10.4013 - Intel Corporation)
Intel(R) WiDi (HKLM\...\{2F97FBC6-7992-4DF7-A7C7-B68455E307F7}) (Version: 5.1.20.0 - Intel Corporation)
Intel(R) Wireless Bluetooth(R) (HKLM-x32\...\{06A5031E-3B1E-4FB9-AC4C-BA0FE2706152}) (Version: 17.1.1433.02 - Intel Corporation)
Intel® PROSet/Wireless Software (HKLM-x32\...\{c78a13fd-4324-4ddb-a613-746d2461441d}) (Version: 17.13.1 - Intel Corporation)
ISODisk 1.1 (HKLM-x32\...\{BF731945-7AAD-45E3-A202-A60C9213915C}_is1) (Version: - ISODisk.com)
iTunes (HKLM\...\{E5053BC7-E8F4-4D28-A47F-C448084306A3}) (Version: 12.10.9.3 - Apple Inc.)
Microsoft Edge (HKLM-x32\...\Microsoft Edge) (Version: 86.0.622.43 - Microsoft Corporation)
Microsoft Edge Update (HKLM-x32\...\Microsoft Edge Update) (Version: 1.3.135.49 - )
Microsoft MPI (7.0.12437.8) (HKLM\...\{8499ACD3-C1E3-45AB-BF96-DA491727EBE1}) (Version: 7.0.12437.8 - Microsoft Corporation)
Microsoft ODBC Driver 13 for SQL Server (HKLM\...\{76CF9EF4-ABA0-484E-8042-12B99499AF5F}) (Version: 14.0.1000.169 - Microsoft Corporation)
Microsoft Office Enterprise 2007 (HKLM-x32\...\ENTERPRISE) (Version: 12.0.6612.1000 - Microsoft Corporation)
Microsoft Office File Validation Add-In (HKLM-x32\...\{90140000-2005-0000-0000-0000000FF1CE}) (Version: 14.0.5130.5003 - Microsoft Corporation)
Microsoft SQL Server 2012 Native Client (HKLM\...\{4D2C56FF-7F36-4B49-A97A-24F0522D41D7}) (Version: 11.3.6540.0 - Microsoft Corporation)
Microsoft SQL Server 2016 LocalDB (HKLM\...\{9097BF1A-13A0-4A4A-A1F8-473E2A669863}) (Version: 13.1.4001.0 - Microsoft Corporation)
Microsoft SQL Server 2017 (64-bit) (HKLM\...\Microsoft SQL Server SQL2017) (Version: - Microsoft Corporation)
Microsoft SQL Server 2017 LocalDB (HKLM\...\{216778FC-CC9A-4D47-AF5E-8223A37626D4}) (Version: 14.0.1000.169 - Microsoft Corporation)
Microsoft SQL Server 2017 Setup (English) (HKLM\...\{405252DC-ADF7-4BC8-95F5-F89DE513DD62}) (Version: 14.0.1000.169 - Microsoft Corporation)
Microsoft SQL Server 2017 T-SQL Language Service (HKLM\...\{C8A51693-98B9-4AB1-91B8-9A1B86729D5F}) (Version: 14.0.1000.169 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x64 9.0.30729.17 (HKLM\...\{8220EEFE-38CD-377E-8595-13398D740ACE}) (Version: 9.0.30729 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x64 9.0.30729.6161 (HKLM\...\{5FCE6D76-F5DC-37AB-B2B8-22AB8CEDB1D4}) (Version: 9.0.30729.6161 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x86 9.0.21022 (HKLM-x32\...\{FF66E9F6-83E7-3A3E-AF14-8DE9A809A6A4}) (Version: 9.0.21022 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.6161 (HKLM-x32\...\{9BE518E6-ECC6-35A9-88E4-87755C07200F}) (Version: 9.0.30729.6161 - Microsoft Corporation)
Microsoft Visual C++ 2012 Redistributable (x86) - 11.0.60610 (HKLM-x32\...\{95716cce-fc71-413f-8ad5-56c2892d4b3a}) (Version: 11.0.60610.1 - Microsoft Corporation)
Microsoft Visual C++ 2013 Redistributable (x64) - 12.0.30501 (HKLM-x32\...\{050d4fc8-5d48-4b8f-8972-47c82c46020f}) (Version: 12.0.30501.0 - Microsoft Corporation)
Microsoft Visual C++ 2013 Redistributable (x86) - 12.0.30501 (HKLM-x32\...\{f65db027-aff3-4070-886a-0d87064aabb1}) (Version: 12.0.30501.0 - Microsoft Corporation)
Microsoft Visual C++ 2015-2019 Redistributable (x64) - 14.25.28508 (HKLM-x32\...\{6913e92a-b64e-41c9-a5e6-cef39207fe89}) (Version: 14.25.28508.3 - Microsoft Corporation)
Microsoft Visual C++ 2015-2019 Redistributable (x86) - 14.25.28508 (HKLM-x32\...\{65e650ff-30be-469d-b63a-418d71ea1765}) (Version: 14.25.28508.3 - Microsoft Corporation)
Microsoft Visual Studio Installer (HKLM\...\{6F320B93-EE3C-4826-85E0-ADF79F8D4C61}) (Version: 2.5.2059.317 - Microsoft Corporation)
Microsoft VSS Writer for SQL Server 2017 (HKLM\...\{20B328C9-C6BB-434A-928A-00F05CD820B8}) (Version: 14.0.1000.169 - Microsoft Corporation)
Microsoft Web Deploy 4.0 (HKLM\...\{BBCDB523-F5B7-4E53-A911-C85191E3BDF0}) (Version: 10.0.2606 - Microsoft Corporation)
MiniTool Power Data Recovery (HKLM-x32\...\MiniTool Power Data Recovery_is1) (Version: - MiniTool Solution Ltd.)
Mozilla Firefox 81.0.2 (x64 en-US) (HKLM\...\Mozilla Firefox 81.0.2 (x64 en-US)) (Version: 81.0.2 - Mozilla)
Mozilla Maintenance Service (HKLM\...\MozillaMaintenanceService) (Version: 55.0.3 - Mozilla)
Mp3tag v2.73 (HKLM-x32\...\Mp3tag) (Version: v2.73 - Florian Heidenreich)
MSVC90_x64 (HKLM\...\{AB071C8B-873C-459F-ACA9-9EBE03C3E89B}) (Version: 1.0.1.2 - Nokia) Hidden
MSVC90_x86 (HKLM-x32\...\{AF111648-99A1-453E-81DD-80DBBF6DAD0D}) (Version: 1.0.1.2 - Nokia) Hidden
NCSS 97 (HKLM-x32\...\NCSS 97) (Version: - )
Podpora Apple aplikácií (32-bit) (HKLM-x32\...\{9738288C-21BC-4F54-AB4F-72F059339376}) (Version: 8.6 - Apple Inc.)
Podpora Apple aplikácií(64-bit) (HKLM\...\{DEB339C1-2687-43AB-816A-8714F3E26846}) (Version: 8.6 - Apple Inc.)
Realtek USB Fast Ethernet Controller All-In-One Windows Driver (HKLM-x32\...\{D2B61BE0-B18B-4091-81B4-F234F4C30DFD}) (Version: 8.13.106.2014 - Realtek)
Recuva (HKLM\...\Recuva) (Version: 1.53 - Piriform)
SQL Server 2017 Advanced Analytics (HKLM\...\{3471E30E-5FFC-4FB1-81BA-43060B3D2B42}) (Version: 14.0.1000.169 - Microsoft Corporation) Hidden
SQL Server 2017 Advanced Analytics (HKLM\...\{826DA700-7B76-49BA-8A83-E55F5FA1301E}) (Version: 14.0.1000.169 - Microsoft Corporation) Hidden
SQL Server 2017 Batch Parser (HKLM\...\{2C6E8311-28BD-4615-9545-6E39E8E83A4B}) (Version: 14.0.1000.169 - Microsoft Corporation) Hidden
SQL Server 2017 Client Tools (HKLM\...\{A6A9EFA1-AFEB-4209-B25D-3CFF2E6FAE2C}) (Version: 14.0.1000.169 - Microsoft Corporation) Hidden
SQL Server 2017 Client Tools (HKLM\...\{BD1502B1-778B-44B6-B2B4-0B77BD0366A1}) (Version: 14.0.1000.169 - Microsoft Corporation) Hidden
SQL Server 2017 Client Tools Extensions (HKLM\...\{06324A5D-66BB-4FAC-8D0B-9FEC1B230FFF}) (Version: 14.0.1000.169 - Microsoft Corporation) Hidden
SQL Server 2017 Client Tools Extensions (HKLM\...\{200F38B2-1492-4576-B08C-78F2C2C953FC}) (Version: 14.0.1000.169 - Microsoft Corporation) Hidden
SQL Server 2017 Common Files (HKLM\...\{9D1C0509-D490-4E9E-ACF5-A73E5C53742D}) (Version: 14.0.1000.169 - Microsoft Corporation) Hidden
SQL Server 2017 Common Files (HKLM\...\{B777C4C0-A1CD-4AB9-99B1-AD5FBED6F8E5}) (Version: 14.0.1000.169 - Microsoft Corporation) Hidden
SQL Server 2017 Connection Info (HKLM\...\{89A7644F-E056-4EC1-BFDE-9D1A531D6855}) (Version: 14.0.1000.169 - Microsoft Corporation) Hidden
SQL Server 2017 Connection Info (HKLM\...\{A9A443F5-56E1-4FC6-937C-5F481345A843}) (Version: 14.0.1000.169 - Microsoft Corporation) Hidden
SQL Server 2017 Database Engine Services (HKLM\...\{28EEF6BA-A23A-42D2-86BA-A6BEE723B969}) (Version: 14.0.1000.169 - Microsoft Corporation) Hidden
SQL Server 2017 Database Engine Services (HKLM\...\{36C9ADEE-91B0-4FFA-9CBA-9164CE6089D5}) (Version: 14.0.1000.169 - Microsoft Corporation) Hidden
SQL Server 2017 Database Engine Services (HKLM\...\{CDFAD32A-7C67-44E2-B4FC-80F2D748A032}) (Version: 14.0.1000.169 - Microsoft Corporation) Hidden
SQL Server 2017 Database Engine Services (HKLM\...\{DED314CA-0EFE-4593-9D66-EF75E5289A4C}) (Version: 14.0.1000.169 - Microsoft Corporation) Hidden
SQL Server 2017 Database Engine Shared (HKLM\...\{0E22DBB4-691B-400C-B52D-8DFE8EC421AA}) (Version: 14.0.1000.169 - Microsoft Corporation) Hidden
SQL Server 2017 Database Engine Shared (HKLM\...\{793F1C1E-5C83-4E33-A29B-6EAA7C1E791C}) (Version: 14.0.1000.169 - Microsoft Corporation) Hidden
SQL Server 2017 DMF (HKLM\...\{B9998A13-5563-496C-B95E-597FFC70B670}) (Version: 14.0.1000.169 - Microsoft Corporation) Hidden
SQL Server 2017 DMF (HKLM\...\{D7D28BBF-3B0E-43F0-A457-331F1CD9E9EB}) (Version: 14.0.1000.169 - Microsoft Corporation) Hidden
SQL Server 2017 Full text search (HKLM\...\{887B9993-3A2F-43B1-B7C1-B6CCF8B0D0FA}) (Version: 14.0.1000.169 - Microsoft Corporation) Hidden
SQL Server 2017 Full text search (HKLM\...\{C37AD300-12CF-4911-9019-A05D66055EB4}) (Version: 14.0.1000.169 - Microsoft Corporation) Hidden
SQL Server 2017 Shared Management Objects (HKLM\...\{10855B1A-F7F2-4D8A-A725-9287C73BED5A}) (Version: 14.0.1000.169 - Microsoft Corporation) Hidden
SQL Server 2017 Shared Management Objects (HKLM\...\{6CBBF624-696C-499E-948D-ADBAFFA2F548}) (Version: 14.0.1000.169 - Microsoft Corporation) Hidden
SQL Server 2017 Shared Management Objects Extensions (HKLM\...\{8C515C22-BE07-4908-985C-0AA9349E1ED4}) (Version: 14.0.1000.169 - Microsoft Corporation) Hidden
SQL Server 2017 Shared Management Objects Extensions (HKLM\...\{C6D92730-3EC0-47B1-8F6C-6F5635D1EFAC}) (Version: 14.0.1000.169 - Microsoft Corporation) Hidden
SQL Server 2017 SQL Diagnostics (HKLM\...\{DFA6A906-3024-49DE-87AD-750EAED2FA49}) (Version: 14.0.1000.169 - Microsoft Corporation) Hidden
SQL Server 2017 sql_inst_mpy (HKLM\...\{86DE7941-F5F3-48DF-A45F-82FA91217B45}) (Version: 14.0.1000.169 - Microsoft Corporation) Hidden
SQL Server 2017 sql_inst_mpy (HKLM\...\{EE93819A-0492-4720-8721-1D06BF78457F}) (Version: 14.0.1000.169 - Microsoft Corporation) Hidden
SQL Server 2017 sql_inst_mr (HKLM\...\{8868BCE1-8084-4035-AE2A-13765BE09D93}) (Version: 14.0.1000.169 - Microsoft Corporation) Hidden
SQL Server 2017 sql_inst_mr (HKLM\...\{F3C3A536-BF8E-467A-8E33-4C508B8BC52F}) (Version: 14.0.1000.169 - Microsoft Corporation) Hidden
SQL Server 2017 XEvent (HKLM\...\{12D2DB8D-80FF-4152-8F51-EDB3BD3C6976}) (Version: 14.0.1000.169 - Microsoft Corporation) Hidden
SQL Server 2017 XEvent (HKLM\...\{AA2A015C-C210-413B-95F6-BF9D3CDD6E0D}) (Version: 14.0.1000.169 - Microsoft Corporation) Hidden
SWF File Player (HKLM-x32\...\{6A86F611-906C-422D-B34A-103662CBC195}_is1) (Version: - swffileplayer.com)
Update for 2007 Microsoft Office System (KB967642) (HKLM-x32\...\{90120000-0030-0000-0000-0000000FF1CE}_ENTERPRISE_{C444285D-5E4F-48A4-91DD-47AAAA68E92D}) (Version: - Microsoft)
VLC media player (HKLM-x32\...\VLC media player) (Version: 3.0.6 - VideoLAN)
WavePad Sound Editor (HKLM-x32\...\WavePad) (Version: 8.02 - NCH Software)
WinFlash (HKLM-x32\...\{8F21291E-0444-4B1D-B9F9-4370A73E346D}) (Version: 2.42.0 - ASUS)
WinRAR 5.70 (64-bit) (HKLM\...\WinRAR archiver) (Version: 5.70.0 - win.rar GmbH)

Packages:
=========
ASUS WebStorage -> C:\Program Files\WindowsApps\ASUSCloudCorporation.MobileFileExplorer_1.0.23.178_x86__wk4d32h0cvhem [2014-11-16] (ASUS Cloud Corporation)
Flipboard -> C:\Program Files\WindowsApps\Flipboard.Flipboard_2.0.6.0_neutral__3f5azkryzdbc4 [2014-11-16] (Flipboard)
Fresh Paint -> C:\Program Files\WindowsApps\Microsoft.FreshPaint_2.0.14057.1_x86__8wekyb3d8bbwe [2015-09-02] (Microsoft Corporation)
Games -> C:\Program Files\WindowsApps\Microsoft.XboxLIVEGames_2.0.139.0_x64__8wekyb3d8bbwe [2015-05-13] (Microsoft Corporation) [MS Ad]
Kinect for Windows Framework -> C:\Program Files\WindowsApps\Microsoft.WindowsPreview.Kinect.8.0_2.0.1410.19000_x64__8wekyb3d8bbwe [2015-11-07] (Microsoft Corporation)
Kinect for Windows Framework -> C:\Program Files\WindowsApps\Microsoft.WindowsPreview.Kinect.8.0_2.0.1410.19000_x86__8wekyb3d8bbwe [2015-11-07] (Microsoft Corporation)
Kinect for Windows Framework -> C:\Program Files\WindowsApps\Microsoft.WindowsPreview.Kinect.8.1_2.0.1410.19000_x64__8wekyb3d8bbwe [2015-11-07] (Microsoft Corporation)
Kinect for Windows Framework -> C:\Program Files\WindowsApps\Microsoft.WindowsPreview.Kinect.8.1_2.0.1410.19000_x86__8wekyb3d8bbwe [2015-11-07] (Microsoft Corporation)
Knižnica systému Microsoft Windows pre skript JavaScript -> C:\Program Files\WindowsApps\Microsoft.WinJS.2.0.Preview_1.0.9431.0_neutral__8wekyb3d8bbwe [2015-11-07] (Rozšírenia platformy spoločnosti Microsoft)
Knižnica systému Microsoft Windows pre skript JavaScript -> C:\Program Files\WindowsApps\Microsoft.WinJS.Preview.1_1.0.9345.0_neutral__8wekyb3d8bbwe [2015-11-07] (Microsoft Platform Extensions)
Microsoft PlayReady -> C:\Program Files\WindowsApps\Microsoft.Internal.Media.PlayReadyClient_2.3.1678.1_x64__8wekyb3d8bbwe [2015-11-07] (Microsoft Corporation)
Microsoft PlayReady -> C:\Program Files\WindowsApps\Microsoft.Internal.Media.PlayReadyClient_2.3.1678.1_x86__8wekyb3d8bbwe [2015-11-07] (Microsoft Corporation)
Microsoft Visual C++ Runtime Package -> C:\Program Files\WindowsApps\Microsoft.VCLibs.120.00.Preview.Internal_12.0.20222.2_x64__8wekyb3d8bbwe [2015-11-07] (Microsoft Platform Extensions Internal)
Microsoft Visual C++ Runtime Package -> C:\Program Files\WindowsApps\Microsoft.VCLibs.120.00.Preview.Internal_12.0.20222.2_x86__8wekyb3d8bbwe [2015-11-07] (Microsoft Platform Extensions Internal)
Microsoft Windows Library for JavaScript -> C:\Program Files\WindowsApps\Microsoft.WinJS.2.0.Preview.Internal_1.0.9385.3_neutral__8wekyb3d8bbwe [2015-11-07] (Microsoft Platform Extensions)
Music -> C:\Program Files\WindowsApps\Microsoft.ZuneMusic_2.2.903.0_x64__8wekyb3d8bbwe [2015-05-13] (Microsoft Corporation) [MS Ad]
mxtest2 -> C:\Program Files\WindowsApps\24712m1dfmmengesha.mxtest2_2.0.0.0_neutral__x35ns48czryn0 [2015-11-07] (m1df_mmengesha)
Skype -> C:\Program Files\WindowsApps\Microsoft.SkypeApp_3.0.0.1002_x86__kzf8qxf38zg5c [2014-11-16] (Skype) [MS Ad]
Skype WiFi -> C:\Program Files\WindowsApps\Microsoft.SkypeWiFi_1.2.0.5_x86__kzf8qxf38zg5c [2014-11-16] (Skype)
Test_Framework_BP_052015 -> C:\Program Files\WindowsApps\24712m1dfmmengesha.TestFrameworkBP052015_1.0.0.9_neutral__x35ns48czryn0 [2015-11-07] (m1df_mmengesha)
Test_Framework_win81appxneutral_061115 -> C:\Program Files\WindowsApps\24712m1dfmmengesha.TestFrameworkwin81appxneutral06_4.0.0.7_neutral__x35ns48czryn0 [2015-11-07] (M1DF_Mmengesha)
Test_FrameworkBackpublish_050515 -> C:\Program Files\WindowsApps\24712m1dfmmengesha.TestFrameworkBackpublish050515_1.0.0.0_neutral__x35ns48czryn0 [2015-11-07] (m1df_mmengesha)
Video -> C:\Program Files\WindowsApps\Microsoft.ZuneVideo_2.6.183.0_x64__8wekyb3d8bbwe [2015-05-13] (Microsoft Corporation) [MS Ad]

==================== Custom CLSID (Whitelisted): ==============

(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)

ContextMenuHandlers1: [ClamWin] -> {65713842-C410-4f44-8383-BFE01A398C90} => C:\Program Files (x86)\ClamWin\bin\ExpShell64.dll [2008-04-19] () [File not signed]
ContextMenuHandlers1: [Foxit_ConvertToPDF_Reader] -> {A94757A0-0226-426F-B4F1-4DF381C630D3} => C:\Program Files (x86)\Foxit Software\Foxit Reader\plugins\ConvertToPDFShellExtension_x64.dll [2018-12-25] (Foxit Software Incorporated -> Foxit Software Inc.)
ContextMenuHandlers1: [Mp3tagShell] -> {6351E20C-35FA-4BE3-98FB-4CABF1363E12} => C:\Program Files (x86)\Mp3tag\Mp3tagShell64.dll [2015-12-19] (Florian Heidenreich) [File not signed]
ContextMenuHandlers1: [PeContextMenuExtension] -> {098A124A-AA1C-38C8-A65E-D1199A14516A} => C:\Program Files (x86)\Common Files\Wondershare\PDFelement\AddIns\PEShellExt_x64.dll [2020-03-31] (Wondershare Technology Co.,Ltd -> Wondershare)
ContextMenuHandlers1: [PhotoStreamsExt] -> {89D984B3-813B-406A-8298-118AFA3A22AE} => C:\Program Files\Common Files\Apple\Internet Services\ShellStreams64.dll [2020-03-22] (Apple Inc. -> Apple Inc.)
ContextMenuHandlers1: [WinRAR] -> {B41DB860-64E4-11D2-9906-E49FADC173CA} => C:\Program Files\WinRAR\rarext.dll [2019-02-24] (win.rar GmbH -> Alexander Roshal)
ContextMenuHandlers1-x32: [WinRAR32] -> {B41DB860-8EE4-11D2-9906-E49FADC173CA} => C:\Program Files\WinRAR\rarext32.dll [2019-02-24] (win.rar GmbH -> Alexander Roshal)
ContextMenuHandlers2: [Mp3tagShell] -> {6351E20C-35FA-4BE3-98FB-4CABF1363E12} => C:\Program Files (x86)\Mp3tag\Mp3tagShell64.dll [2015-12-19] (Florian Heidenreich) [File not signed]
ContextMenuHandlers4: [Mp3tagShell] -> {6351E20C-35FA-4BE3-98FB-4CABF1363E12} => C:\Program Files (x86)\Mp3tag\Mp3tagShell64.dll [2015-12-19] (Florian Heidenreich) [File not signed]
ContextMenuHandlers4: [RecuvaShellExt] -> {435E5DF5-2510-463C-B223-BDA47006D002} => C:\Program Files\Recuva\RecuvaShell64.dll [2016-06-06] (Piriform Ltd -> Piriform Ltd)
ContextMenuHandlers5: [igfxDTCM] -> {9B5F5829-A529-4B12-814A-E81BCB8D93FC} => C:\Windows\system32\igfxDTCM.dll [2014-11-19] (Microsoft Windows Hardware Compatibility Publisher -> Intel Corporation)
ContextMenuHandlers6: [ClamWin] -> {65713842-C410-4f44-8383-BFE01A398C90} => C:\Program Files (x86)\ClamWin\bin\ExpShell64.dll [2008-04-19] () [File not signed]
ContextMenuHandlers6: [Foxit_ConvertToPDF_Reader] -> {A94757A0-0226-426F-B4F1-4DF381C630D3} => C:\Program Files (x86)\Foxit Software\Foxit Reader\plugins\ConvertToPDFShellExtension_x64.dll [2018-12-25] (Foxit Software Incorporated -> Foxit Software Inc.)
ContextMenuHandlers6: [RecuvaShellExt] -> {435E5DF5-2510-463C-B223-BDA47006D002} => C:\Program Files\Recuva\RecuvaShell64.dll [2016-06-06] (Piriform Ltd -> Piriform Ltd)
ContextMenuHandlers6: [WinRAR] -> {B41DB860-64E4-11D2-9906-E49FADC173CA} => C:\Program Files\WinRAR\rarext.dll [2019-02-24] (win.rar GmbH -> Alexander Roshal)
ContextMenuHandlers6-x32: [WinRAR32] -> {B41DB860-8EE4-11D2-9906-E49FADC173CA} => C:\Program Files\WinRAR\rarext32.dll [2019-02-24] (win.rar GmbH -> Alexander Roshal)

==================== Codecs (Whitelisted) ====================

(If an entry is included in the fixlist, the registry item will be restored to default or removed. The file will not be moved.)

HKLM\...\Drivers32: [vidc.iv50] => C:\Windows\SysWOW64\ir50_32original.dll [746496 2013-08-22] (Microsoft Windows -> Intel Corporation)
HKLM\...\Drivers32: [msacm.iac2] => C:\Windows\SysWOW64\iac25_32.ax [197632 2013-08-22] (Microsoft Windows -> Intel Corporation)
HKLM\...\Drivers32: [VIDC.IV41] => C:\Windows\SysWOW64\IR41_32.AX [8704 2014-10-29] (Microsoft Windows -> Microsoft Corporation)

==================== Shortcuts & WMI ========================

(The entries could be listed to be restored or removed.)

Shortcut: C:\Users\uzivatel\Favorites\NCH Software Download Site.lnk -> hxxp://www.nch.com.au/index.htm

==================== Loaded Modules (Whitelisted) =============

2020-02-01 19:43 - 2008-04-19 18:35 - 000080384 _____ () [File not signed] C:\Program Files (x86)\ClamWin\bin\ExpShell64.dll
2020-02-01 19:43 - 2005-02-08 18:23 - 000979005 _____ () [File not signed] C:\Program Files (x86)\ClamWin\bin\python23.dll
2020-02-01 19:43 - 2004-05-25 22:17 - 000622651 _____ () [File not signed] C:\Program Files (x86)\ClamWin\lib\_bsddb.pyd
2020-02-01 19:43 - 2004-01-15 15:45 - 000061440 _____ () [File not signed] C:\Program Files (x86)\ClamWin\lib\_ctypes.pyd
2020-02-01 19:43 - 2004-05-25 22:18 - 000049212 _____ () [File not signed] C:\Program Files (x86)\ClamWin\lib\_socket.pyd
2020-02-01 19:43 - 2004-05-25 22:18 - 000057401 _____ () [File not signed] C:\Program Files (x86)\ClamWin\lib\_sre.pyd
2020-02-01 19:43 - 2004-05-25 22:18 - 000495616 _____ () [File not signed] C:\Program Files (x86)\ClamWin\lib\_ssl.pyd
2020-02-01 19:43 - 2004-05-25 22:20 - 000036864 _____ () [File not signed] C:\Program Files (x86)\ClamWin\lib\_winreg.pyd
2020-02-01 19:43 - 2004-05-25 22:19 - 000045117 _____ () [File not signed] C:\Program Files (x86)\ClamWin\lib\datetime.pyd
2020-02-01 19:43 - 2003-08-10 10:14 - 000061440 _____ () [File not signed] C:\Program Files (x86)\ClamWin\lib\mxDateTime.pyd
2020-02-01 19:43 - 2004-10-11 21:22 - 000315392 _____ () [File not signed] C:\Program Files (x86)\ClamWin\lib\pythoncom23.dll
2020-02-01 19:43 - 2004-10-11 21:21 - 000094208 _____ () [File not signed] C:\Program Files (x86)\ClamWin\lib\pywintypes23.dll
2020-02-01 19:43 - 2004-11-20 04:27 - 000106496 _____ () [File not signed] C:\Program Files (x86)\ClamWin\lib\shell.pyd
2020-02-01 19:43 - 2004-11-20 04:27 - 000069632 _____ () [File not signed] C:\Program Files (x86)\ClamWin\lib\win32api.pyd
2020-02-01 19:43 - 2004-11-20 04:27 - 000024576 _____ () [File not signed] C:\Program Files (x86)\ClamWin\lib\win32event.pyd
2020-02-01 19:43 - 2004-11-20 04:27 - 000077824 _____ () [File not signed] C:\Program Files (x86)\ClamWin\lib\win32file.pyd
2020-02-01 19:43 - 2004-11-20 04:27 - 000086016 _____ () [File not signed] C:\Program Files (x86)\ClamWin\lib\win32gui.pyd
2020-02-01 19:43 - 2004-11-20 04:27 - 000024576 _____ () [File not signed] C:\Program Files (x86)\ClamWin\lib\win32pipe.pyd
2020-02-01 19:43 - 2004-11-20 04:27 - 000036864 _____ () [File not signed] C:\Program Files (x86)\ClamWin\lib\win32process.pyd
2020-02-01 19:43 - 2004-11-20 04:27 - 000065536 _____ () [File not signed] C:\Program Files (x86)\ClamWin\lib\win32security.pyd
2020-02-01 19:43 - 2003-10-01 14:40 - 002240512 _____ () [File not signed] C:\Program Files (x86)\ClamWin\lib\wxc.pyd
2020-02-01 19:43 - 2003-10-01 12:43 - 003239936 _____ () [File not signed] C:\Program Files (x86)\ClamWin\lib\wxmsw24h.dll
2020-03-27 21:50 - 2017-08-24 03:13 - 000954368 _____ () [File not signed] C:\Program Files\Microsoft SQL Server\MSSQL14.MSSQLSERVER\MSSQL\Binn\Pythonlauncher.dll
2020-03-27 21:33 - 2017-08-24 03:12 - 000954368 _____ () [File not signed] C:\Program Files\Microsoft SQL Server\MSSQL14.MSSQLSERVER\MSSQL\Binn\RLauncher.dll
2018-03-28 17:22 - 2017-08-24 03:13 - 000954368 _____ () [File not signed] C:\Program Files\Microsoft SQL Server\MSSQL14.SQLEXPRESS\MSSQL\Binn\Pythonlauncher.dll
2018-03-28 17:11 - 2017-08-24 03:12 - 000954368 _____ () [File not signed] C:\Program Files\Microsoft SQL Server\MSSQL14.SQLEXPRESS\MSSQL\Binn\RLauncher.dll
2015-12-19 14:44 - 2015-12-19 14:44 - 000401920 _____ (Florian Heidenreich) [File not signed] C:\Program Files (x86)\Mp3tag\Mp3tagShell64.dll

==================== Alternate Data Streams (Whitelisted) ========

==================== Safe Mode (Whitelisted) ==================

(If an entry is included in the fixlist, it will be removed from the registry. The "AlternateShell" will be restored.)

HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\MBAMService => ""="Service"
HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Network\MBAMService => ""="Service"

==================== Association (Whitelisted) =================

==================== Internet Explorer (Whitelisted) ==========

HKU\S-1-5-21-4176085001-3363555415-2058170901-1001\Software\Microsoft\Internet Explorer\Main,Start Page = hxxp://asus13.msn.com/?pc=ASJB
HKU\S-1-5-21-4176085001-3363555415-2058170901-1001\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = hxxp://asus13.msn.com/?pc=ASJB
URLSearchHook: [S-1-5-80-1985561900-798682989-2213159822-1904180398-3434236965] ATTENTION => Default URLSearchHook is missing
URLSearchHook: [S-1-5-80-2652535364-2169709536-2857650723-2622804123-1107741775] ATTENTION => Default URLSearchHook is missing
URLSearchHook: [S-1-5-80-3263513310-3392720605-1798839546-683002060-3227631582] ATTENTION => Default URLSearchHook is missing
URLSearchHook: [S-1-5-80-3477044410-376262199-2110164357-2030828471-4165405235] ATTENTION => Default URLSearchHook is missing
URLSearchHook: [S-1-5-80-3880006512-4290199581-1648723128-3569869737-3631323133] ATTENTION => Default URLSearchHook is missing
URLSearchHook: [S-1-5-80-3880718306-3832830129-1677859214-2598158968-1052248003] ATTENTION => Default URLSearchHook is missing
URLSearchHook: [S-1-5-80-3919359670-3540430778-4246408611-3681914861-206046543] ATTENTION => Default URLSearchHook is missing
URLSearchHook: [S-1-5-80-997390408-2153310517-3119169589-2253446180-2226563786] ATTENTION => Default URLSearchHook is missing

==================== Hosts content: =========================

(If needed Hosts: directive could be included in the fixlist to reset Hosts.)

2013-08-22 15:25 - 2019-04-28 18:57 - 000000824 _____ C:\Windows\system32\drivers\etc\hosts

==================== Other Areas ===========================

(Currently there is no automatic fix for this section.)

HKLM\System\CurrentControlSet\Control\Session Manager\Environment\\Path -> C:\Program Files\Microsoft MPI\Bin\;C:\Program Files (x86)\Intel\iCLS Client\;C:\Program Files\Intel\iCLS Client\;%SystemRoot%\system32;%SystemRoot%;%SystemRoot%\System32\Wbem;%SYSTEMROOT%\System32\WindowsPowerShell\v1.0\;C:\Program Files\Intel\Intel(R) Management Engine Components\DAL;C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\DAL;C:\Program Files\Intel\Intel(R) Management Engine Components\IPT;C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\IPT;C:\Program Files\Intel\WiFi\bin\;C:\Program Files\Common Files\Intel\WirelessCommon\;C:\Program Files (x86)\Smart Projects\IsoBuster;C:\Program Files (x86)\Microsoft SQL Server\140\Tools\Binn\;C:\Program Files\Microsoft SQL Server\140\Tools\Binn\;C:\Program Files (x86)\Microsoft SQL Server\140\DTS\Binn\;C:\Program Files\Microsoft SQL Server\140\DTS\Binn\;C:\Program Files\Microsoft SQL Server\Client SDK\ODBC\130\Tools\Binn\;C:\Program Files\Microsoft SQL Server\130\Tools\Binn\;C:\Program Files\Microsoft SQL Server\Client SDK\ODBC\170\Tools\Binn\
HKU\S-1-5-21-4176085001-3363555415-2058170901-1001\Control Panel\Desktop\\Wallpaper -> C:\Users\uzivatel\AppData\Roaming\Microsoft\Windows Photo Viewer\Tapeta programu Windows Photo Viewer.jpg
DNS Servers: 8.8.8.8
HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Policies\System => (ConsentPromptBehaviorAdmin: 5) (ConsentPromptBehaviorUser: 3) (EnableLUA: 1)
HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer => (SmartScreenEnabled: RequireAdmin)
Windows Firewall is enabled.

==================== MSCONFIG/TASK MANAGER disabled items ==

(If an entry is included in the fixlist, it will be removed.)

MSCONFIG\Services: AdobeFlashPlayerUpdateSvc => 3
MSCONFIG\Services: Asus WebStorage Windows Service => 2
MSCONFIG\Services: ServiceLayer => 3
MSCONFIG\Services: SkypeUpdate => 2
HKLM\...\StartupApproved\Run: => "iTunesHelper"
HKLM\...\StartupApproved\Run32: => "GrooveMonitor"
HKU\S-1-5-21-4176085001-3363555415-2058170901-1001\...\StartupApproved\Run: => "PC Suite Tray"
HKU\S-1-5-21-4176085001-3363555415-2058170901-1001\...\StartupApproved\Run: => "iCloudServices"

==================== FirewallRules (Whitelisted) ================

(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)

FirewallRules: [{00064B71-B157-4296-B557-1B5790C7A22A}] => (Allow) C:\Program Files\Intel\WiFi\bin\PanDhcpDns.exe (Intel Corporation-Mobile Wireless Group -> )
FirewallRules: [{CDC23CF8-26ED-4146-AF84-C61C5224D039}] => (Allow) C:\Program Files\Intel Corporation\Intel WiDi\WiDiApp.exe (Intel(R) Wireless Display -> Intel Corporation)
FirewallRules: [{44EC8DD0-D4D8-4E65-88F4-A2B4ADC0F6A3}] => (Allow) C:\Program Files\Intel Corporation\USB over IP\bin\UoipService.exe (Intel(R) Wireless Display -> Intel)
FirewallRules: [{D7FFF49A-1F52-4E26-B9A6-E4DA766FEC3D}] => (Allow) C:\Program Files\Mozilla Firefox\firefox.exe (Mozilla Corporation -> Mozilla Corporation)
FirewallRules: [{8E23E35F-F8AE-4C90-8718-E7FD6017DAFA}] => (Allow) C:\Program Files\Mozilla Firefox\firefox.exe (Mozilla Corporation -> Mozilla Corporation)
FirewallRules: [TCP Query User{D2482C71-4345-456B-ACFC-6B5C63FE7E7E}C:\program files\mozilla firefox\firefox.exe] => (Block) C:\program files\mozilla firefox\firefox.exe (Mozilla Corporation -> Mozilla Corporation)
FirewallRules: [UDP Query User{AF2D4A39-57B3-4979-B349-58FCB38A6E6A}C:\program files\mozilla firefox\firefox.exe] => (Block) C:\program files\mozilla firefox\firefox.exe (Mozilla Corporation -> Mozilla Corporation)
FirewallRules: [{1DC6AEFE-FF81-46D4-B274-D2F83EA419B9}] => (Allow) C:\Program Files (x86)\Common Files\Apple\Apple Application Support\APSDaemon.exe (Apple Inc. -> Apple Inc.)
FirewallRules: [{CFB942CC-94F4-49FF-886F-CF2C62D91B98}] => (Allow) C:\Program Files\Microsoft MPI\Bin\msmpilaunchsvc.exe () [File not signed]
FirewallRules: [{C8B507A4-20ED-43EA-883A-52760D526974}] => (Allow) C:\Program Files\Microsoft MPI\Bin\msmpilaunchsvc.exe () [File not signed]
FirewallRules: [{F2D32F0B-74C1-4DD7-AB29-12339BE07A8A}] => (Allow) C:\Program Files\Microsoft MPI\Bin\mpiexec.exe (Microsoft Corporation -> Microsoft Corporation)
FirewallRules: [{7D7B0550-C56E-46FD-BDCA-78FBB6749B16}] => (Allow) C:\Program Files\Microsoft MPI\Bin\mpiexec.exe (Microsoft Corporation -> Microsoft Corporation)
FirewallRules: [{42BEFE17-0576-4BB0-9281-82B806FDF264}] => (Allow) C:\Program Files\Microsoft MPI\Bin\smpd.exe (Microsoft Corporation -> Microsoft Corporation)
FirewallRules: [{F7F5DADB-311C-4209-A324-22437AB8B550}] => (Allow) C:\Program Files\Microsoft MPI\Bin\smpd.exe (Microsoft Corporation -> Microsoft Corporation)
FirewallRules: [{C50432B7-A71F-4386-8DAB-66320D6406CA}] => (Allow) C:\Program Files\Bonjour\mDNSResponder.exe (Apple Inc. -> Apple Inc.)
FirewallRules: [{C5906037-302B-494F-B7C4-547AEF751EDB}] => (Allow) C:\Program Files\Bonjour\mDNSResponder.exe (Apple Inc. -> Apple Inc.)
FirewallRules: [{EE10742C-392D-4081-A4B4-AE5D407D07F0}] => (Allow) C:\Program Files (x86)\Bonjour\mDNSResponder.exe (Apple Inc. -> Apple Inc.)
FirewallRules: [{3EAC0EFC-D28E-4EBF-9057-5F852B5C2739}] => (Allow) C:\Program Files (x86)\Bonjour\mDNSResponder.exe (Apple Inc. -> Apple Inc.)
FirewallRules: [{DD039779-E73C-4409-89F6-7909AD4C7CC4}] => (Allow) C:\Program Files\iTunes\iTunes.exe (Apple Inc. -> Apple Inc.)
FirewallRules: [TCP Query User{0E11D40A-3883-46FC-B516-3808ED6D0063}C:\program files (x86)\microsoft games\age of empires ii trial\empires2.exe] => (Block) C:\program files (x86)\microsoft games\age of empires ii trial\empires2.exe => No File
FirewallRules: [UDP Query User{2D87C5AE-E4D0-4B36-8141-55AD2039E2A8}C:\program files (x86)\microsoft games\age of empires ii trial\empires2.exe] => (Block) C:\program files (x86)\microsoft games\age of empires ii trial\empires2.exe => No File
FirewallRules: [TCP Query User{214613AF-51F7-42A3-91B8-8F79BE9A3563}C:\program files (x86)\microsoft games\age of empires ii\empires2.exe] => (Block) C:\program files (x86)\microsoft games\age of empires ii\empires2.exe => No File
FirewallRules: [UDP Query User{5C7B146C-BDE2-4E1C-9898-3CC4F91C80E4}C:\program files (x86)\microsoft games\age of empires ii\empires2.exe] => (Block) C:\program files (x86)\microsoft games\age of empires ii\empires2.exe => No File
FirewallRules: [TCP Query User{F9257C3C-C199-47E8-A903-FEEEE6F0C48F}C:\program files (x86)\microsoft games\age of empires ii\age2_x1.exe] => (Block) C:\program files (x86)\microsoft games\age of empires ii\age2_x1.exe => No File
FirewallRules: [UDP Query User{C6A12FF6-A375-48FE-9FE0-50A53AAF4ECC}C:\program files (x86)\microsoft games\age of empires ii\age2_x1.exe] => (Block) C:\program files (x86)\microsoft games\age of empires ii\age2_x1.exe => No File

==================== Restore Points =========================

24-09-2020 18:19:21 Scheduled Checkpoint
08-10-2020 17:21:35 Scheduled Checkpoint
18-10-2020 10:50:21 Scheduled Checkpoint
19-10-2020 18:20:20 AdwCleaner_BeforeCleaning_19/10/2020_18:20:20

==================== Faulty Device Manager Devices ============


==================== Event log errors: ========================

Application errors:
==================
Error: (10/19/2020 06:28:22 PM) (Source: Microsoft-Windows-LoadPerf) (EventID: 3006) (User: NT AUTHORITY)
Description: Unable to read the performance counter strings defined for the 01b language ID. The first DWORD in the Data section contains the Win32 error code.

Error: (10/19/2020 06:20:22 PM) (Source: Microsoft-Windows-CAPI2) (EventID: 513) (User: )
Description: Služba Cryptographic Services zlyhala pri spracovávaní volania OnIdentity() v objekte System Writer.

Details:
AddLegacyDriverFiles: Unable to back up image of binary Microsoft Link-Layer Discovery Protocol.

System Error:
Prístup je odmietnutý.
.

Error: (10/19/2020 02:58:45 PM) (Source: Microsoft-Windows-LoadPerf) (EventID: 3006) (User: NT AUTHORITY)
Description: Unable to read the performance counter strings defined for the 01b language ID. The first DWORD in the Data section contains the Win32 error code.

Error: (10/18/2020 10:47:07 AM) (Source: Microsoft-Windows-LoadPerf) (EventID: 3006) (User: NT AUTHORITY)
Description: Unable to read the performance counter strings defined for the 01b language ID. The first DWORD in the Data section contains the Win32 error code.

Error: (10/18/2020 09:45:59 AM) (Source: Microsoft-Windows-LoadPerf) (EventID: 3006) (User: NT AUTHORITY)
Description: Unable to read the performance counter strings defined for the 01b language ID. The first DWORD in the Data section contains the Win32 error code.

Error: (10/17/2020 12:24:51 PM) (Source: Microsoft-Windows-LoadPerf) (EventID: 3006) (User: NT AUTHORITY)
Description: Unable to read the performance counter strings defined for the 01b language ID. The first DWORD in the Data section contains the Win32 error code.

Error: (10/16/2020 05:36:33 PM) (Source: Microsoft-Windows-LoadPerf) (EventID: 3006) (User: NT AUTHORITY)
Description: Unable to read the performance counter strings defined for the 01b language ID. The first DWORD in the Data section contains the Win32 error code.

Error: (10/15/2020 07:32:47 PM) (Source: Microsoft-Windows-LoadPerf) (EventID: 3006) (User: NT AUTHORITY)
Description: Unable to read the performance counter strings defined for the 01b language ID. The first DWORD in the Data section contains the Win32 error code.


System errors:
=============
Error: (10/19/2020 06:20:44 PM) (Source: Application Popup) (EventID: 1060) (User: )
Description: \SystemRoot\SysWow64\Drivers\ISODisk.SYS

Error: (10/19/2020 06:20:37 PM) (Source: Microsoft-Windows-WLAN-AutoConfig) (EventID: 10003) (User: NT AUTHORITY)
Description: Modul WLAN Extensibility Module sa neočakávane zastavil.

Cesta k modulu: C:\Windows\System32\IWMSSvc.dll

Error: (10/19/2020 06:20:37 PM) (Source: Microsoft-Windows-WLAN-AutoConfig) (EventID: 10003) (User: NT AUTHORITY)
Description: Modul WLAN Extensibility Module sa neočakávane zastavil.

Cesta k modulu: C:\Windows\System32\IWMSSvc.dll

Error: (10/19/2020 06:20:36 PM) (Source: Microsoft-Windows-WLAN-AutoConfig) (EventID: 10003) (User: NT AUTHORITY)
Description: Modul WLAN Extensibility Module sa neočakávane zastavil.

Cesta k modulu: C:\Windows\System32\IWMSSvc.dll

Error: (10/19/2020 06:20:29 PM) (Source: Service Control Manager) (EventID: 7034) (User: )
Description: Služba SQL Server (MSSQLSERVER) sa neočakávane ukončila. Služba sa týmto spôsobom ukončila už 1-krát.

Error: (10/19/2020 06:20:29 PM) (Source: Service Control Manager) (EventID: 7034) (User: )
Description: Služba SQL Server (SQLEXPRESS) sa neočakávane ukončila. Služba sa týmto spôsobom ukončila už 1-krát.

Error: (10/19/2020 06:20:29 PM) (Source: Service Control Manager) (EventID: 7031) (User: )
Description: Služba SQL Server CEIP service (MSSQLSERVER) sa neočakávane ukončila. Služba sa týmto spôsobom ukončila už 1 krát. O 60000 ms bude vykonaná nasledujúca opravná akcia: Reštartovať službu.

Error: (10/19/2020 06:20:29 PM) (Source: Service Control Manager) (EventID: 7031) (User: )
Description: Služba SQL Server CEIP service (SQLEXPRESS) sa neočakávane ukončila. Služba sa týmto spôsobom ukončila už 1 krát. O 60000 ms bude vykonaná nasledujúca opravná akcia: Reštartovať službu.


Windows Defender:
===================================
Date: 2020-10-10 18:02:38.227
Description:
Windows Defender scan has been stopped before completion.
Scan ID: {D18FD7D2-6DAC-4BA3-BDBD-A30CDC832584}
Scan Type: Antimalware
Scan Parameters: Quick Scan

Date: 2020-09-30 22:28:59.219
Description:
Windows Defender scan has been stopped before completion.
Scan ID: {DA889D20-A639-475A-AB5C-335FBDB6E1FE}
Scan Type: Antimalware
Scan Parameters: Quick Scan

Date: 2020-09-15 14:56:01.410
Description:
Windows Defender scan has been stopped before completion.
Scan ID: {24D19263-F799-4B36-9EBC-4BE5C32CEBC1}
Scan Type: Antimalware
Scan Parameters: Quick Scan

Date: 2020-09-02 20:47:55.773
Description:
Windows Defender scan has been stopped before completion.
Scan ID: {882A88B0-33C6-40CE-91C6-E1632F411C94}
Scan Type: Antimalware
Scan Parameters: Quick Scan

Date: 2020-08-22 08:35:37.500
Description:
Windows Defender scan has been stopped before completion.
Scan ID: {FE7B7AA5-2CBD-4333-936B-49219F853517}
Scan Type: Antimalware
Scan Parameters: Quick Scan

Date: 2020-04-30 19:03:30.700
Description:
Windows Defender Real-Time Protection feature has encountered an error and failed.
Feature: On Access
Error Code: 0x8007043c
Error description: Túto službu nie je možné spustit v núdzovom režime.
Reason: Antimalware protection has stopped functioning for an unknown reason. In some instances, restarting the service may resolve the problem.

Date: 2015-09-10 20:06:23.538
Description:
Windows Defender has encountered an error trying to load signatures and will attempt reverting back to a known-good set of signatures.
Signatures Attempted: Current
Error Code: 0x80073aba
Error description: Prostriedok je príliš starý, takže nemôže byt kompatibilný.
Signature version: 1.179.381.0;1.179.381.0
Engine version: 1.1.10802.0

CodeIntegrity:
===================================

Date: 2020-10-18 10:51:44.172
Description:
Code Integrity determined that a process (\Device\HarddiskVolume3\Program Files\Windows Defender\MsMpEng.exe) attempted to load \Device\HarddiskVolume3\PROGRA~1\COMMON~1\MICROS~1\OFFICE12\MSOXMLMF.DLL that did not meet the Custom 3 / Antimalware signing level requirements.

Date: 2020-10-17 12:46:35.256
Description:
Code Integrity determined that a process (\Device\HarddiskVolume3\Program Files\Windows Defender\MsMpEng.exe) attempted to load \Device\HarddiskVolume3\PROGRA~1\COMMON~1\MICROS~1\OFFICE12\MSOXMLMF.DLL that did not meet the Custom 3 / Antimalware signing level requirements.

Date: 2020-10-13 22:02:31.217
Description:
Code Integrity determined that a process (\Device\HarddiskVolume3\Program Files\Windows Defender\MsMpEng.exe) attempted to load \Device\HarddiskVolume3\PROGRA~1\COMMON~1\MICROS~1\OFFICE12\MSOXMLMF.DLL that did not meet the Custom 3 / Antimalware signing level requirements.

Date: 2020-10-11 16:25:54.609
Description:
Code Integrity determined that a process (\Device\HarddiskVolume3\Program Files\Windows Defender\MsMpEng.exe) attempted to load \Device\HarddiskVolume3\PROGRA~1\COMMON~1\MICROS~1\OFFICE12\MSOXMLMF.DLL that did not meet the Custom 3 / Antimalware signing level requirements.

Date: 2020-10-10 16:32:50.905
Description:
Code Integrity determined that a process (\Device\HarddiskVolume3\Program Files\Windows Defender\MsMpEng.exe) attempted to load \Device\HarddiskVolume3\PROGRA~1\COMMON~1\MICROS~1\OFFICE12\MSOXMLMF.DLL that did not meet the Custom 3 / Antimalware signing level requirements.

Date: 2020-10-08 16:35:34.252
Description:
Code Integrity determined that a process (\Device\HarddiskVolume3\Program Files\Windows Defender\MsMpEng.exe) attempted to load \Device\HarddiskVolume3\PROGRA~1\COMMON~1\MICROS~1\OFFICE12\MSOXMLMF.DLL that did not meet the Custom 3 / Antimalware signing level requirements.

Date: 2020-10-01 18:47:38.520
Description:
Code Integrity determined that a process (\Device\HarddiskVolume3\Program Files\Windows Defender\MsMpEng.exe) attempted to load \Device\HarddiskVolume3\PROGRA~1\COMMON~1\MICROS~1\OFFICE12\MSOXMLMF.DLL that did not meet the Custom 3 / Antimalware signing level requirements.

Date: 2020-09-30 22:24:53.177
Description:
Code Integrity determined that a process (\Device\HarddiskVolume3\Program Files\Windows Defender\MsMpEng.exe) attempted to load \Device\HarddiskVolume3\PROGRA~1\COMMON~1\MICROS~1\OFFICE12\MSOXMLMF.DLL that did not meet the Custom 3 / Antimalware signing level requirements.

==================== Memory info ===========================

BIOS: American Megatrends Inc. UX303LAB.210 08/25/2015
Motherboard: ASUSTeK COMPUTER INC. UX303LAB
Processor: Intel(R) Core(TM) i7-5500U CPU @ 2.40GHz
Percentage of memory in use: 28%
Total physical RAM: 12190.62 MB
Available physical RAM: 8763.07 MB
Total Virtual: 14046.62 MB
Available Virtual: 10214.81 MB

==================== Drives ================================

Drive c: (OS) (Fixed) (Total:95.39 GB) (Free:45.03 GB) NTFS ==>[system with boot components (obtained from drive)]
Drive d: (Data) (Fixed) (Total:127.85 GB) (Free:93.58 GB) NTFS

\\?\Volume{b977aa05-4b82-4de1-ac1d-0e7ff201f181}\ (Recovery) (Fixed) (Total:15.01 GB) (Free:3.73 GB) NTFS

==================== MBR & Partition Table ====================

==========================================================
Disk: 0 (Size: 238.5 GB) (Disk ID: 90842B2C)

Partition: GPT.

==================== End of Addition.txt =======================

Otevřte poznámkový blok a zkopírujte do něj:

Start

CloseProcesses:
URLSearchHook: [S-1-5-80-1985561900-798682989-2213159822-1904180398-3434236965] ATTENTION => Default URLSearchHook is missing
URLSearchHook: [S-1-5-80-2652535364-2169709536-2857650723-2622804123-1107741775] ATTENTION => Default URLSearchHook is missing
URLSearchHook: [S-1-5-80-3263513310-3392720605-1798839546-683002060-3227631582] ATTENTION => Default URLSearchHook is missing
URLSearchHook: [S-1-5-80-3477044410-376262199-2110164357-2030828471-4165405235] ATTENTION => Default URLSearchHook is missing
URLSearchHook: [S-1-5-80-3880006512-4290199581-1648723128-3569869737-3631323133] ATTENTION => Default URLSearchHook is missing
URLSearchHook: [S-1-5-80-3880718306-3832830129-1677859214-2598158968-1052248003] ATTENTION => Default URLSearchHook is missing
URLSearchHook: [S-1-5-80-3919359670-3540430778-4246408611-3681914861-206046543] ATTENTION => Default URLSearchHook is missing
URLSearchHook: [S-1-5-80-997390408-2153310517-3119169589-2253446180-2226563786] ATTENTION => Default URLSearchHook is missing
FirewallRules: [TCP Query User{0E11D40A-3883-46FC-B516-3808ED6D0063}C:\program files (x86)\microsoft games\age of empires ii trial\empires2.exe] => (Block) C:\program files (x86)\microsoft games\age of empires ii trial\empires2.exe => No File
FirewallRules: [UDP Query User{2D87C5AE-E4D0-4B36-8141-55AD2039E2A8}C:\program files (x86)\microsoft games\age of empires ii trial\empires2.exe] => (Block) C:\program files (x86)\microsoft games\age of empires ii trial\empires2.exe => No File
FirewallRules: [TCP Query User{214613AF-51F7-42A3-91B8-8F79BE9A3563}C:\program files (x86)\microsoft games\age of empires ii\empires2.exe] => (Block) C:\program files (x86)\microsoft games\age of empires ii\empires2.exe => No File
FirewallRules: [UDP Query User{5C7B146C-BDE2-4E1C-9898-3CC4F91C80E4}C:\program files (x86)\microsoft games\age of empires ii\empires2.exe] => (Block) C:\program files (x86)\microsoft games\age of empires ii\empires2.exe => No File
FirewallRules: [TCP Query User{F9257C3C-C199-47E8-A903-FEEEE6F0C48F}C:\program files (x86)\microsoft games\age of empires ii\age2_x1.exe] => (Block) C:\program files (x86)\microsoft games\age of empires ii\age2_x1.exe => No File
FirewallRules: [UDP Query User{C6A12FF6-A375-48FE-9FE0-50A53AAF4ECC}C:\program files (x86)\microsoft games\age of empires ii\age2_x1.exe] => (Block) C:\program files (x86)\microsoft games\age of empires ii\age2_x1.exe => No File
GroupPolicy: Restriction ? <==== ATTENTION
HKLM\SOFTWARE\Policies\Mozilla\Firefox: Restriction <==== ATTENTION
Task: {D54DF9DB-019F-4075-A408-0658B53598D0} - System32\Tasks\{C01FDCB7-76D8-42C6-BA18-7BC5F6149E70} => C:\Windows\system32\pcalua.exe -a "E:\Robo\_games\Duke_3d_atomic\duke nukem 3d atomic edition for windows.exe" -d E:\Robo\_games\Duke_3d_atomic
FF Plugin-x32: @foxitsoftware.com/Foxit PhantomPDF Plugin,version=1.0,application/vnd.xdp -> C:\Program Files (x86)\Foxit PhantomPDF\plugins\npFoxitPhantomPDFPlugin.dll [No File]
FF Plugin-x32: @foxitsoftware.com/Foxit PhantomPDF Plugin,version=1.0,application/vnd.xfdf -> C:\Program Files (x86)\Foxit PhantomPDF\plugins\npFoxitPhantomPDFPlugin.dll [No File]

EmptyTemp:
End

Uložte na plochu jako fixlist.txt. Spusťte znovu FRST a klikněte na >Fix<. Po skončení akce se objeví log, který sem zkopírujte.

Fix result of Farbar Recovery Scan Tool (x64) Version: 14-10-2020
Ran by uzivatel (19-10-2020 21:06:45) Run:1
Running from C:\Users\uzivatel\Desktop
Loaded Profiles: uzivatel & SQLTELEMETRY$SQLEXPRESS & SQLTELEMETRY & MSSQLFDLauncher & MSSQLLaunchpad & MSSQL$SQLEXPRESS & MSSQLSERVER & MSSQLLaunchpad$SQLEXPRESS & MSSQLFDLauncher$SQLEXPRESS
Boot Mode: Normal
==============================================

fixlist content:
*****************
Start

CloseProcesses:
URLSearchHook: [S-1-5-80-1985561900-798682989-2213159822-1904180398-3434236965] ATTENTION => Default URLSearchHook is missing
URLSearchHook: [S-1-5-80-2652535364-2169709536-2857650723-2622804123-1107741775] ATTENTION => Default URLSearchHook is missing
URLSearchHook: [S-1-5-80-3263513310-3392720605-1798839546-683002060-3227631582] ATTENTION => Default URLSearchHook is missing
URLSearchHook: [S-1-5-80-3477044410-376262199-2110164357-2030828471-4165405235] ATTENTION => Default URLSearchHook is missing
URLSearchHook: [S-1-5-80-3880006512-4290199581-1648723128-3569869737-3631323133] ATTENTION => Default URLSearchHook is missing
URLSearchHook: [S-1-5-80-3880718306-3832830129-1677859214-2598158968-1052248003] ATTENTION => Default URLSearchHook is missing
URLSearchHook: [S-1-5-80-3919359670-3540430778-4246408611-3681914861-206046543] ATTENTION => Default URLSearchHook is missing
URLSearchHook: [S-1-5-80-997390408-2153310517-3119169589-2253446180-2226563786] ATTENTION => Default URLSearchHook is missing
FirewallRules: [TCP Query User{0E11D40A-3883-46FC-B516-3808ED6D0063}C:\program files (x86)\microsoft games\age of empires ii trial\empires2.exe] => (Block) C:\program files (x86)\microsoft games\age of empires ii trial\empires2.exe => No File
FirewallRules: [UDP Query User{2D87C5AE-E4D0-4B36-8141-55AD2039E2A8}C:\program files (x86)\microsoft games\age of empires ii trial\empires2.exe] => (Block) C:\program files (x86)\microsoft games\age of empires ii trial\empires2.exe => No File
FirewallRules: [TCP Query User{214613AF-51F7-42A3-91B8-8F79BE9A3563}C:\program files (x86)\microsoft games\age of empires ii\empires2.exe] => (Block) C:\program files (x86)\microsoft games\age of empires ii\empires2.exe => No File
FirewallRules: [UDP Query User{5C7B146C-BDE2-4E1C-9898-3CC4F91C80E4}C:\program files (x86)\microsoft games\age of empires ii\empires2.exe] => (Block) C:\program files (x86)\microsoft games\age of empires ii\empires2.exe => No File
FirewallRules: [TCP Query User{F9257C3C-C199-47E8-A903-FEEEE6F0C48F}C:\program files (x86)\microsoft games\age of empires ii\age2_x1.exe] => (Block) C:\program files (x86)\microsoft games\age of empires ii\age2_x1.exe => No File
FirewallRules: [UDP Query User{C6A12FF6-A375-48FE-9FE0-50A53AAF4ECC}C:\program files (x86)\microsoft games\age of empires ii\age2_x1.exe] => (Block) C:\program files (x86)\microsoft games\age of empires ii\age2_x1.exe => No File
GroupPolicy: Restriction ? <==== ATTENTION
HKLM\SOFTWARE\Policies\Mozilla\Firefox: Restriction <==== ATTENTION
Task: {D54DF9DB-019F-4075-A408-0658B53598D0} - System32\Tasks\{C01FDCB7-76D8-42C6-BA18-7BC5F6149E70} => C:\Windows\system32\pcalua.exe -a "E:\Robo\_games\Duke_3d_atomic\duke nukem 3d atomic edition for windows.exe" -d E:\Robo\_games\Duke_3d_atomic
FF Plugin-x32: @foxitsoftware.com/Foxit PhantomPDF Plugin,version=1.0,application/vnd.xdp -> C:\Program Files (x86)\Foxit PhantomPDF\plugins\npFoxitPhantomPDFPlugin.dll [No File]
FF Plugin-x32: @foxitsoftware.com/Foxit PhantomPDF Plugin,version=1.0,application/vnd.xfdf -> C:\Program Files (x86)\Foxit PhantomPDF\plugins\npFoxitPhantomPDFPlugin.dll [No File]

EmptyTemp:
End
*****************

Processes closed successfully.
Could not restore Default URLSearchHook.
Could not restore Default URLSearchHook.
Could not restore Default URLSearchHook.
Could not restore Default URLSearchHook.
Could not restore Default URLSearchHook.
Could not restore Default URLSearchHook.
Could not restore Default URLSearchHook.
Could not restore Default URLSearchHook.
"HKLM\SYSTEM\CurrentControlSet\services\SharedAccess\Parameters\FirewallPolicy\FirewallRules\\TCP Query User{0E11D40A-3883-46FC-B516-3808ED6D0063}C:\program files (x86)\microsoft games\age of empires ii trial\empires2.exe" => removed successfully
"HKLM\SYSTEM\CurrentControlSet\services\SharedAccess\Parameters\FirewallPolicy\FirewallRules\\UDP Query User{2D87C5AE-E4D0-4B36-8141-55AD2039E2A8}C:\program files (x86)\microsoft games\age of empires ii trial\empires2.exe" => removed successfully
"HKLM\SYSTEM\CurrentControlSet\services\SharedAccess\Parameters\FirewallPolicy\FirewallRules\\TCP Query User{214613AF-51F7-42A3-91B8-8F79BE9A3563}C:\program files (x86)\microsoft games\age of empires ii\empires2.exe" => removed successfully
"HKLM\SYSTEM\CurrentControlSet\services\SharedAccess\Parameters\FirewallPolicy\FirewallRules\\UDP Query User{5C7B146C-BDE2-4E1C-9898-3CC4F91C80E4}C:\program files (x86)\microsoft games\age of empires ii\empires2.exe" => removed successfully
"HKLM\SYSTEM\CurrentControlSet\services\SharedAccess\Parameters\FirewallPolicy\FirewallRules\\TCP Query User{F9257C3C-C199-47E8-A903-FEEEE6F0C48F}C:\program files (x86)\microsoft games\age of empires ii\age2_x1.exe" => removed successfully
"HKLM\SYSTEM\CurrentControlSet\services\SharedAccess\Parameters\FirewallPolicy\FirewallRules\\UDP Query User{C6A12FF6-A375-48FE-9FE0-50A53AAF4ECC}C:\program files (x86)\microsoft games\age of empires ii\age2_x1.exe" => removed successfully
C:\Windows\system32\GroupPolicy\Machine => moved successfully
C:\Windows\system32\GroupPolicy\GPT.ini => moved successfully
C:\Windows\SysWOW64\GroupPolicy\GPT.ini => moved successfully
HKLM\SOFTWARE\Policies\Mozilla => removed successfully
HKLM\Software\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Plain\{D54DF9DB-019F-4075-A408-0658B53598D0} => removed successfully
HKLM\Software\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tasks\{D54DF9DB-019F-4075-A408-0658B53598D0} => removed successfully
C:\Windows\System32\Tasks\{C01FDCB7-76D8-42C6-BA18-7BC5F6149E70} => moved successfully
HKLM\Software\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tree\{C01FDCB7-76D8-42C6-BA18-7BC5F6149E70} => removed successfully
HKLM\Software\Wow6432Node\MozillaPlugins\@foxitsoftware.com/Foxit PhantomPDF Plugin,version=1.0,application/vnd.xdp => removed successfully
HKLM\Software\Wow6432Node\MozillaPlugins\@foxitsoftware.com/Foxit PhantomPDF Plugin,version=1.0,application/vnd.xfdf => removed successfully

=========== EmptyTemp: ==========

BITS transfer queue => 8388608 B
DOMStore, IE Recovery, AppCache, Feeds Cache, Thumbcache, IconCache => 13736431 B
Java, Flash, Steam htmlcache => 1172 B
Windows/system/drivers => 7464447 B
Edge => 0 B
Chrome => 0 B
Firefox => 33327856 B
Opera => 0 B

Temp, IE cache, history, cookies, recent:
Default => 0 B
Users => 0 B
ProgramData => 0 B
Public => 0 B
systemprofile => 128 B
systemprofile32 => 256 B
LocalService => 256 B
NetworkService => 136204 B
uzivatel => 1984597 B
Administrator => 1984597 B
SQLTELEMETRY$SQLEXPRESS => 1984597 B
SQLTELEMETRY => 1984597 B
MSSQLFDLauncher => 1984597 B
MSSQLLaunchpad => 1984597 B
MSSQL$SQLEXPRESS => 1984597 B
MSSQLSERVER => 1984597 B
MSSQLLaunchpad$SQLEXPRESS => 1984597 B
MSSQLFDLauncher$SQLEXPRESS => 1984597 B

RecycleBin => 13165179 B
EmptyTemp: => 91.6 MB temporary data Removed.

================================


The system needed a reboot.

==== End of Fixlog 21:06:50 ====

Smazáno, log by již měl být OK.

dakujem za vycistenie
(urcity problem s odosielanim e-mailov pretrvava)
chcel som Vam napisat sukromnu spravu, ale neda sa to

SZ jeou pro běžné uživateke zakázány, stalo se nám, že si uživatelé radili mezi sebou v rozopru s našimi zásadami a pak sváděli chyby na nás. anemáte zač! Maily posíláte z webu, nebo máte klienta?

su to pracovne emaily z webu (len prehliadac), ako keby sa z pocitaca siril zavadovy obsah (pridaval do e-mailov)
z telefonu alebo ineho pc je to ok
ine maily funguju
vcera bola spravena kontrola aj antivirom (plne funkcna verzia, vyliecil niekolko veci, ale bez zmeny)

OK. Spusťte tedy ještě tuto utilitu: http://www.viry.cz/forum/viewtopic.php?f=29&t=58179 . Stáhněte, uložte a spusťte, nechte pracovat a po skončení akce smažte vše, co najde.

nenaslo ziadne hrozby.
a mozno bude problem este inde.
kazdopadne vdaka za ochotu.

ak by som chcel poslat prispevok na forum postovym poukazom, koho mam uviest ako prijemcu (prevadzkovatel, adresa)?