Odvirování PC, zrychlení počítače, vzdálená pomoc prostřednictvím služby neslape.cz

Preventivka

Patříte mezi Vzorné návštěvníky? Pak je tato sekce pro vás.

Moderátor: Moderátoři

Pravidla fóra
Jednotlivé thready budou po vyřešení uzamčeny. Stejně tak ty, které budou nečinné déle než 14 dní. Vizte Pravidlo o zamykání témat. Děkujeme za pochopení.
Zamčeno
Zpráva
Autor
Uživatelský avatar
ALEXUSS
Vzorný návštěvník
Vzorný návštěvník
Příspěvky: 75
Registrován: 08 led 2009 09:31
Bydliště: Praha7
Kontaktovat uživatele:

Preventivka

#1 Příspěvek od ALEXUSS »

Po delší době zdravím a chtěl bych poprosit o kontrolu logu.

Scan result of Farbar Recovery Scan Tool (FRST) (x64) Version: 03-02-2023
Ran by uživatel pc (administrator) on SUCHOŠ (ASUSTeK COMPUTER INC. GL753VE) (04-02-2023 23:20:38)
Running from C:\Users\uživatel pc\Desktop
Loaded Profiles: uživatel pc
Platform: Microsoft Windows 10 Home Version 22H2 19045.2486 (X64) Language: Čeština (Česko)
Default browser: Chrome
Boot Mode: Normal

==================== Processes (Whitelisted) =================

(If an entry is included in the fixlist, the process will be closed. The file will not be moved.)

(ASUSTeK Computer Inc. -> ASUSTek Computer Inc.) C:\Program Files (x86)\ASUS\ATK Package\ATK Media\DMedia.exe
(ASUSTeK Computer Inc. -> ASUSTek Computer Inc.) C:\Program Files (x86)\ASUS\ATK Package\ATKOSD2\ATKOSD2.exe
(C:\Program Files (x86)\ASUS\ATK Package\ATK Hotkey\AsLdrSrv.exe ->) (ASUSTeK Computer Inc. -> ASUSTek Computer Inc.) C:\Program Files (x86)\ASUS\ATK Package\ATK Hotkey\HControl.exe
(C:\Program Files\NVIDIA Corporation\NvContainer\nvcontainer.exe ->) (Nvidia Corporation -> NVIDIA Corporation) C:\Program Files\NVIDIA Corporation\NVIDIA GeForce Experience\NVIDIA Share.exe <3>
(C:\Program Files\NVIDIA Corporation\NvContainer\nvcontainer.exe ->) (Nvidia Corporation -> NVIDIA Corporation) C:\Program Files\NVIDIA Corporation\ShadowPlay\nvsphelper64.exe
(C:\ProgramData\Microsoft\Windows Defender\Platform\4.18.2211.5-0\MsMpEng.exe ->) (Microsoft Windows Publisher -> Microsoft Corporation) C:\ProgramData\Microsoft\Windows Defender\Platform\4.18.2211.5-0\MpCopyAccelerator.exe
(DriverStore\FileRepository\igdlh64.inf_amd64_ceba516baea4bed9\igfxCUIService.exe ->) (Intel(R) pGFX -> Intel Corporation) C:\Windows\System32\DriverStore\FileRepository\igdlh64.inf_amd64_ceba516baea4bed9\igfxEM.exe
(explorer.exe ->) (ASUSTeK COMPUTER INC.) C:\Program Files\WindowsApps\B9ECED6F.ROGAuraCore_2.1.30.0_x86__qmba6cd70vzyy\AuraListen.exe
(explorer.exe ->) (Google LLC -> Google LLC) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe <10>
(explorer.exe ->) (Microsoft Corporation -> Microsoft Corporation) C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe <7>
(Nvidia Corporation -> Node.js) C:\Program Files (x86)\NVIDIA Corporation\NvNode\NVIDIA Web Helper.exe
(PIRIFORM SOFTWARE LIMITED -> Piriform Software Ltd) C:\Program Files\CCleaner\CCleaner64.exe
(services.exe ->) () [File not signed] C:\Program Files\OpenVPN Connect\agent_ovpnconnect_1603802913401.exe
(services.exe ->) () [File not signed] C:\Program Files\OpenVPN Connect\ovpnhelper_service.exe
(services.exe ->) (Adobe Inc. -> Adobe Inc.) C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\armsvc.exe
(services.exe ->) (ASUSTeK Computer Inc. -> ASUSTek Computer Inc.) C:\Program Files (x86)\ASUS\ATK Package\ATK Hotkey\AsHidSrv.exe
(services.exe ->) (ASUSTeK Computer Inc. -> ASUSTek Computer Inc.) C:\Program Files (x86)\ASUS\ATK Package\ATK Hotkey\AsLdrSrv.exe
(services.exe ->) (ASUSTeK Computer Inc. -> ASUSTeK Computer Inc.) C:\Program Files (x86)\ASUS\AXSP\4.00.13\atkexComSvc.exe
(services.exe ->) (ASUSTeK COMPUTER INC.) [File not signed] C:\Program Files (x86)\ASUSTeK COMPUTER INC\ROG Gaming Center\ROGGamingCenterService.exe
(services.exe ->) (ICEpower a/s -> ICEpower) C:\Windows\System32\ICEsoundService64.exe
(services.exe ->) (Intel Corporation -> Intel Corporation) C:\Windows\System32\DriverStore\FileRepository\mewmiprov.inf_amd64_cad1db73e8c782a6\WMIRegistrationService.exe
(services.exe ->) (Intel(R) Embedded Subsystems and IP Blocks Group -> Intel Corporation) C:\Windows\System32\DriverStore\FileRepository\dal.inf_amd64_b5484efd38adbe8d\jhi_service.exe
(services.exe ->) (Intel(R) Extreme Tuning Utility -> Intel(R) Corporation) C:\Program Files (x86)\Intel\Intel(R) Extreme Tuning Utility\XtuService.exe
(services.exe ->) (Intel(R) pGFX -> Intel Corporation) C:\Windows\System32\DriverStore\FileRepository\igdlh64.inf_amd64_ceba516baea4bed9\igfxCUIService.exe
(services.exe ->) (Intel(R) pGFX -> Intel Corporation) C:\Windows\System32\DriverStore\FileRepository\igdlh64.inf_amd64_ceba516baea4bed9\IntelCpHDCPSvc.exe
(services.exe ->) (Intel(R) pGFX -> Intel Corporation) C:\Windows\System32\DriverStore\FileRepository\igdlh64.inf_amd64_ceba516baea4bed9\IntelCpHeciSvc.exe
(services.exe ->) (Intel(R) Wireless Connectivity Solutions -> Intel Corporation) C:\Windows\System32\ibtsiva.exe
(services.exe ->) (Microsoft Corporation -> Microsoft Corporation) C:\Windows\Microsoft.NET\Framework64\v3.0\WPF\PresentationFontCache.exe
(services.exe ->) (Microsoft Windows Publisher -> Microsoft Corporation) C:\ProgramData\Microsoft\Windows Defender\Platform\4.18.2211.5-0\MsMpEng.exe
(services.exe ->) (Microsoft Windows Publisher -> Microsoft Corporation) C:\ProgramData\Microsoft\Windows Defender\Platform\4.18.2211.5-0\NisSrv.exe
(services.exe ->) (Nvidia Corporation -> NVIDIA Corporation) C:\Program Files\NVIDIA Corporation\NvContainer\nvcontainer.exe <3>
(services.exe ->) (Nvidia Corporation -> NVIDIA Corporation) C:\Windows\System32\DriverStore\FileRepository\nvami.inf_amd64_cb8516b2a1164875\Display.NvContainer\NVDisplay.Container.exe <2>
(services.exe ->) (PIRIFORM SOFTWARE LIMITED -> Piriform Software Ltd) C:\Program Files\CCleaner\CCleanerPerformanceOptimizerService.exe
(services.exe ->) (TeamViewer Germany GmbH -> TeamViewer Germany GmbH) C:\Program Files (x86)\TeamViewer\TeamViewer_Service.exe
(spoolsv.exe ->) (CANON INC. -> CANON INC.) C:\Windows\System32\CNAB4RPD.EXE
(svchost.exe ->) (ASUSTeK Computer Inc. -> ASUSTek Computer Inc.) C:\Program Files (x86)\ASUSTeK COMPUTER INC\ROG Gaming Center\ROGGamingKey.exe
(svchost.exe ->) (Microsoft Corporation) C:\Program Files\WindowsApps\Microsoft.YourPhone_1.22112.142.0_x64__8wekyb3d8bbwe\PhoneExperienceHost.exe
(svchost.exe ->) (Microsoft Windows -> Microsoft Corporation) C:\Windows\System32\dllhost.exe <2>
(svchost.exe ->) (Microsoft Windows -> Microsoft Corporation) C:\Windows\System32\smartscreen.exe
(svchost.exe ->) (Microsoft Windows -> Microsoft Corporation) C:\Windows\System32\wlanext.exe
(svchost.exe ->) (Realtek Semiconductor Corp. -> Realtek Semiconductor) C:\Program Files\Realtek\Audio\HDA\RAVBg64.exe
(svchost.exe ->) (Realtek Semiconductor Corp. -> Realtek Semiconductor) C:\Program Files\Realtek\Audio\HDA\RtkNGUI64.exe

==================== Registry (Whitelisted) ===================

(If an entry is included in the fixlist, the registry item will be restored to default or removed. The file will not be moved.)

HKU\S-1-5-21-1591190220-3334559388-2249055275-1001\...\Run: [CCleaner Smart Cleaning] => C:\Program Files\CCleaner\CCleaner64.exe [38935376 2023-01-11] (PIRIFORM SOFTWARE LIMITED -> Piriform Software Ltd)
HKU\S-1-5-21-1591190220-3334559388-2249055275-1001\...\Run: [MicrosoftEdgeAutoLaunch_72B650366FF18DF8306D6085C0B4FA76] => "C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --no-startup-window --win-session-start /prefetch:5 [4188576 2023-02-02] (Microsoft Corporation -> Microsoft Corporation)
HKU\S-1-5-21-1591190220-3334559388-2249055275-1001\...\MountPoints2: {74c58b48-7c07-11eb-81cb-6045cb2775ca} - "F:\HiSuiteDownLoader.exe"
HKU\S-1-5-21-1591190220-3334559388-2249055275-1001\...\MountPoints2: {829a534b-2db5-11ec-81e3-6045cb2775ca} - "F:\HiSuiteDownLoader.exe"
HKU\S-1-5-21-1591190220-3334559388-2249055275-1001\...\MountPoints2: {8749e045-a3fe-11ed-822e-c821588e7aa0} - "G:\Setup.exe"
HKLM\...\Print\Monitors\CNAB4 Monitor: C:\Windows\system32\CNAB4LMD.DLL [58880 2012-10-10] (Microsoft Windows Hardware Compatibility Publisher -> CANON INC.)
HKLM\Software\Microsoft\Active Setup\Installed Components: [{8A69D345-D564-463c-AFF1-A69D9E530F96}] -> C:\Program Files (x86)\Google\Chrome\Application\109.0.5414.120\Installer\chrmstp.exe [2023-01-26] (Google LLC -> Google LLC)
Startup: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Startup\Canon LBP2900 Status Window.lnk [2021-03-03]
ShortcutTarget: Canon LBP2900 Status Window.lnk -> C:\Windows\System32\spool\drivers\x64\3\CNAB4LAD.EXE (CANON INC. -> CANON INC.)

==================== Scheduled Tasks (Whitelisted) ============

(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)

Task: {026A95B4-42F1-4093-832A-2B40ADB0CDF8} - System32\Tasks\NVIDIA GeForce Experience SelfUpdate_{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8} => C:\Program Files\NVIDIA Corporation\NVIDIA GeForce Experience\NVIDIA GeForce Experience.exe [3342080 2022-03-30] (Nvidia Corporation -> NVIDIA Corporation)
Task: {05AD8C79-3E0B-4993-8844-535512CD8CDA} - System32\Tasks\NvTmRep_CrashReport1_{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8} => C:\Program Files\NVIDIA Corporation\NvBackend\NvTmRep.exe [1654272 2022-03-30] (Nvidia Corporation -> NVIDIA Corporation)
Task: {12B00EA5-99D1-47B9-941A-2301D7F1AC20} - System32\Tasks\CCleaner Update => C:\Program Files\CCleaner\CCUpdate.exe [684976 2023-01-11] (Piriform Software Ltd -> Piriform)
Task: {154F84AB-63B9-4068-8226-EA7AB3A0DC38} - System32\Tasks\NvDriverUpdateCheckDaily_{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8} => C:\Program Files\NVIDIA Corporation\NvContainer\nvcontainer.exe [1003128 2022-03-01] (Nvidia Corporation -> NVIDIA Corporation) -> -d "C:\Program Files\NVIDIA Corporation\NvDriverUpdateCheck" -l 3 -f C:\ProgramData\NVIDIA\NvContainerDriverUpdateCheck.log
Task: {26ED46A3-566B-4C5E-B288-98B7B9879AD2} - System32\Tasks\Mozilla\Firefox Default Browser Agent 308046B0AF4A39CB => C:\Program Files\Mozilla Firefox\default-browser-agent.exe [711072 2023-01-23] (Mozilla Corporation -> Mozilla Foundation)
Task: {3152BCF6-8AE2-48E9-B2D4-8F5C398460EE} - System32\Tasks\RTKCPL => C:\Program Files\Realtek\Audio\HDA\RtkNGUI64.exe [9269120 2018-11-01] (Realtek Semiconductor Corp. -> Realtek Semiconductor)
Task: {38E0D96A-F8D3-4B4C-A04D-D13123715393} - System32\Tasks\Adobe Acrobat Update Task => C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\AdobeARM.exe [1552376 2022-09-26] (Adobe Inc. -> Adobe Inc.)
Task: {3BB25BF5-5379-4887-9F97-B86F2DE8D4FD} - System32\Tasks\NvTmRep_CrashReport2_{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8} => C:\Program Files\NVIDIA Corporation\NvBackend\NvTmRep.exe [1654272 2022-03-30] (Nvidia Corporation -> NVIDIA Corporation)
Task: {3C7127B2-7DBB-4FBB-85F8-E4E24055880A} - System32\Tasks\NvProfileUpdaterOnLogon_{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8} => C:\Program Files\NVIDIA Corporation\Update Core\NvProfileUpdater64.exe [906752 2022-03-30] (Nvidia Corporation -> NVIDIA Corporation)
Task: {48FB1D86-2ABE-476B-9772-6A816EC284BB} - System32\Tasks\NvNodeLauncher_{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8} => C:\Program Files (x86)\NVIDIA Corporation\NvNode\nvnodejslauncher.exe [646344 2022-03-30] (Nvidia Corporation -> NVIDIA Corporation)
Task: {542E305A-215B-445F-BE31-65C586CE555A} - System32\Tasks\Update Checker => C:\Program Files (x86)\ASUS\ASUS Live Update\UpdateChecker.exe (No File)
Task: {5A95A093-48E9-4E5B-BF86-735F919E8E09} - System32\Tasks\ATK Package A22126881260 => C:\Program Files (x86)\ASUS\ATK Package\ATK Hotkey\SimAppExec.exe [122008 2015-09-22] (ASUSTeK Computer Inc. -> ASUSTek Computer Inc.)
Task: {5E43721A-E07F-44CA-B429-422C6A5AACD6} - System32\Tasks\CCleanerSkipUAC - uživatel pc => C:\Program Files\CCleaner\CCleaner.exe [32617808 2023-01-11] (PIRIFORM SOFTWARE LIMITED -> Piriform Software Ltd)
Task: {6225D82C-8F29-4749-B4DD-7EA8EF16D181} - System32\Tasks\Microsoft\Windows\Windows Defender\Windows Defender Scheduled Scan => C:\ProgramData\Microsoft\Windows Defender\Platform\4.18.2211.5-0\MpCmdRun.exe [1592184 2022-12-09] (Microsoft Windows Publisher -> Microsoft Corporation)
Task: {63A3B5D5-D966-44F3-A445-AF08C5782AEF} - System32\Tasks\CCleanerCrashReporting => C:\Program Files\CCleaner\CCleanerBugReport.exe [4713808 2023-01-11] (PIRIFORM SOFTWARE LIMITED -> Piriform Software) -> --product 90 --send dumps|report --path "C:\Program Files\CCleaner\LOG" --programpath "C:\Program Files\CCleaner" --configpath "C:\Program Files\CCleaner\Setup" --guid "2b74c29c-b501-4524-8ffc-1e6d9eced821" --version "6.08.10255" --silent
Task: {6FC2FD6A-6A96-4B47-A4F2-E395D01BB640} - System32\Tasks\RtHDVBg_ListenToDevice => C:\Program Files\Realtek\Audio\HDA\RAVBg64.exe [1506176 2018-11-01] (Realtek Semiconductor Corp. -> Realtek Semiconductor)
Task: {74B027DC-E3CA-421B-A291-170B749F5456} - System32\Tasks\Microsoft\Windows\Windows Defender\Windows Defender Cleanup => C:\ProgramData\Microsoft\Windows Defender\Platform\4.18.2211.5-0\MpCmdRun.exe [1592184 2022-12-09] (Microsoft Windows Publisher -> Microsoft Corporation)
Task: {8B379FAB-ACB6-4AD1-B828-F90F4936E04A} - System32\Tasks\ATK Package 36D18D69AFC3 => C:\Program Files (x86)\ASUS\ATK Package\ATK Hotkey\SimAppExec.exe [122008 2015-09-22] (ASUSTeK Computer Inc. -> ASUSTek Computer Inc.)
Task: {8D3BACCA-F936-4269-B595-89C867B5379B} - System32\Tasks\Microsoft\Windows\Windows Defender\Windows Defender Verification => C:\ProgramData\Microsoft\Windows Defender\Platform\4.18.2211.5-0\MpCmdRun.exe [1592184 2022-12-09] (Microsoft Windows Publisher -> Microsoft Corporation)
Task: {91057CA0-0A47-41D2-A49E-B0812D7D43F0} - System32\Tasks\NvTmRep_CrashReport4_{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8} => C:\Program Files\NVIDIA Corporation\NvBackend\NvTmRep.exe [1654272 2022-03-30] (Nvidia Corporation -> NVIDIA Corporation)
Task: {967E18BA-C609-49C0-9362-156D338C1536} - System32\Tasks\NvProfileUpdaterDaily_{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8} => C:\Program Files\NVIDIA Corporation\Update Core\NvProfileUpdater64.exe [906752 2022-03-30] (Nvidia Corporation -> NVIDIA Corporation)
Task: {96C78F30-3D69-4B75-B548-DD1C12C85153} - System32\Tasks\Microsoft\Windows\Windows Defender\Windows Defender Cache Maintenance => C:\ProgramData\Microsoft\Windows Defender\Platform\4.18.2211.5-0\MpCmdRun.exe [1592184 2022-12-09] (Microsoft Windows Publisher -> Microsoft Corporation)
Task: {A5867833-33FE-4588-B67B-9F8F40E2D5BC} - System32\Tasks\GoogleUpdateTaskMachineCore => C:\Program Files (x86)\Google\Update\GoogleUpdate.exe [153168 2018-10-08] (Google Inc -> Google Inc.)
Task: {B9DF20C7-E6DE-4626-9991-0FFA2351B0AC} - System32\Tasks\Mozilla\Firefox Background Update 308046B0AF4A39CB => C:\Program Files\Mozilla Firefox\firefox.exe [661408 2023-01-23] (Mozilla Corporation -> Mozilla Corporation) -> --MOZ_LOG sync,prependheader,timestamp,append,maxsize:1,Dump:5 --MOZ_LOG_FILE C:\ProgramData\Mozilla-1de4eec8-1241-4177-a864-e594e8d1fb38\updates\308046B0AF4A39CB\backgroundupdate.moz_log --backgroundtask backgroundupdate
Task: {BD068DCD-3607-44CD-9E68-C6AB77DAECFD} - System32\Tasks\NvTmRep_CrashReport3_{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8} => C:\Program Files\NVIDIA Corporation\NvBackend\NvTmRep.exe [1654272 2022-03-30] (Nvidia Corporation -> NVIDIA Corporation)
Task: {D8B7E761-F6DC-42A1-8A18-A5D093848900} - System32\Tasks\GoogleUpdateTaskMachineUA => C:\Program Files (x86)\Google\Update\GoogleUpdate.exe [153168 2018-10-08] (Google Inc -> Google Inc.)
Task: {E498AB39-5F68-4031-AC54-94805171CC30} - System32\Tasks\ROG Gaming Center => C:\Program Files (x86)\ASUSTeK COMPUTER INC\ROG Gaming Center\ROGGamingKey.exe [4702168 2017-09-11] (ASUSTeK Computer Inc. -> ASUSTek Computer Inc.)

(If an entry is included in the fixlist, the task (.job) file will be moved. The file which is running by the task will not be moved.)

Task: C:\WINDOWS\Tasks\CCleanerCrashReporting.job => C:\Program Files\CCleaner\CCleanerBugReport.exe

==================== Internet (Whitelisted) ====================

(If an item is included in the fixlist, if it is a registry item it will be removed or restored to default.)

Tcpip\Parameters: [DhcpNameServer] 217.168.208.20 217.168.208.21
Tcpip\..\Interfaces\{98a07365-d77e-4ef1-ac74-974ea9490e94}: [DhcpNameServer] 217.168.208.20 217.168.208.21
Tcpip\..\Interfaces\{d2a14414-af80-45a0-9b00-c293e50d88d9}: [DhcpNameServer] 192.168.1.1

Edge:
=======
DownloadDir: C:\Users\uživatel pc\Downloads
Edge Extension: (No Name) -> AutoFormFill_5ED10D46BD7E47DEB1F3685D2C0FCE08 => C:\Windows\SystemApps\Microsoft.MicrosoftEdge_8wekyb3d8bbwe\Assets\HostExtensions\AutoFormFill [not found]
Edge Extension: (No Name) -> BookReader_B171F20233094AC88D05A8EF7B9763E8 => C:\Windows\SystemApps\Microsoft.MicrosoftEdge_8wekyb3d8bbwe\Assets\BookViewer [not found]
Edge Extension: (No Name) -> LearningTools_7706F933-971C-41D1-9899-8A026EB5D824 => C:\Windows\SystemApps\Microsoft.MicrosoftEdge_8wekyb3d8bbwe\Assets\HostExtensions\LearningTools [not found]
Edge Extension: (No Name) -> PinJSAPI_EC01B57063BE468FAB6DB7EBFC3BF368 => C:\Windows\SystemApps\Microsoft.MicrosoftEdge_8wekyb3d8bbwe\Assets\HostExtensions\PinJSAPI [not found]
Edge DefaultProfile: Default
Edge Profile: C:\Users\uživatel pc\AppData\Local\Microsoft\Edge\User Data\Default [2023-02-04]
Edge DownloadDir: Default -> C:\Users\uživatel pc\Downloads

FireFox:
========
FF DefaultProfile: 1u9hsrar.default
FF ProfilePath: C:\Users\uživatel pc\AppData\Roaming\Mozilla\Firefox\Profiles\1u9hsrar.default [2021-08-14]
FF ProfilePath: C:\Users\uživatel pc\AppData\Roaming\Mozilla\Firefox\Profiles\561pyxn5.default-release [2023-02-03]
FF Plugin: @videolan.org/vlc,version=3.0.6 -> D:\VLC\npvlc.dll [2019-01-10] (VideoLAN -> VideoLAN)
FF Plugin: Adobe Acrobat -> C:\Program Files\Adobe\Acrobat DC\Acrobat\Air\nppdf32.dll [2023-01-21] (Adobe Inc. -> Adobe Systems Inc.)

Chrome:
=======
CHR DefaultProfile: Default
CHR Profile: C:\Users\uživatel pc\AppData\Local\Google\Chrome\User Data\Default [2023-02-04]
CHR Notifications: Default -> hxxps://meet.google.com; hxxps://www.netflix.com; hxxps://www.youtube.com
CHR HomePage: Default -> hxxp://seznam.cz/
CHR Extension: (Dokumenty Google offline) - C:\Users\uživatel pc\AppData\Local\Google\Chrome\User Data\Default\Extensions\ghbmnnjooekpmoecnnnilnnbdlolhkhi [2023-01-14]
CHR Extension: (Platby Internetového obchodu Chrome) - C:\Users\uživatel pc\AppData\Local\Google\Chrome\User Data\Default\Extensions\nmmhkkegccagdldgiimedpiccmgmieda [2021-01-29]
CHR Profile: C:\Users\uživatel pc\AppData\Local\Google\Chrome\User Data\Guest Profile [2023-02-03]
CHR Profile: C:\Users\uživatel pc\AppData\Local\Google\Chrome\User Data\System Profile [2023-02-03]

==================== Services (Whitelisted) ===================

(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)

R2 AdobeARMservice; C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\armsvc.exe [173040 2022-09-26] (Adobe Inc. -> Adobe Inc.)
R2 agent_ovpnconnect; C:\Program Files\OpenVPN Connect\agent_ovpnconnect_1603802913401.exe [2445312 2020-10-27] () [File not signed]
R2 asComSvc; C:\Program Files (x86)\ASUS\AXSP\4.00.13\atkexComSvc.exe [415680 2018-12-17] (ASUSTeK Computer Inc. -> ASUSTeK Computer Inc.)
R2 AsHidService; C:\Program Files (x86)\ASUS\ATK Package\ATK Hotkey\AsHidSrv.exe [126648 2016-06-16] (ASUSTeK Computer Inc. -> ASUSTek Computer Inc.)
R3 CCleanerPerformanceOptimizerService; C:\Program Files\CCleaner\CCleanerPerformanceOptimizerService.exe [1003344 2023-01-11] (PIRIFORM SOFTWARE LIMITED -> Piriform Software Ltd)
R2 ovpnhelper_service; C:\Program Files\OpenVPN Connect\ovpnhelper_service.exe [2280448 2020-10-27] () [File not signed]
R3 ROGGamingCenterService; C:\Program Files (x86)\ASUSTeK COMPUTER INC\ROG Gaming Center\ROGGamingCenterService.exe [31744 2017-09-11] (ASUSTeK COMPUTER INC.) [File not signed]
S3 ss_conn_launcher_service; C:\WINDOWS\System32\Samsung\EasySetup\ss_conn_launcher.exe [182128 2020-11-11] (Samsung Electronics Co., Ltd. -> Samsung Electronics Co., Ltd.)
R2 TeamViewer; C:\Program Files (x86)\TeamViewer\TeamViewer_Service.exe [13172752 2020-01-22] (TeamViewer Germany GmbH -> TeamViewer Germany GmbH)
R3 WdNisSvc; C:\ProgramData\Microsoft\Windows Defender\Platform\4.18.2211.5-0\NisSrv.exe [3191264 2022-12-09] (Microsoft Windows Publisher -> Microsoft Corporation)
R2 WinDefend; C:\ProgramData\Microsoft\Windows Defender\Platform\4.18.2211.5-0\MsMpEng.exe [133592 2022-12-09] (Microsoft Windows Publisher -> Microsoft Corporation)
R2 NVDisplay.ContainerLocalSystem; C:\WINDOWS\System32\DriverStore\FileRepository\nvami.inf_amd64_cb8516b2a1164875\Display.NvContainer\NVDisplay.Container.exe -s NVDisplay.ContainerLocalSystem -f %ProgramData%\NVIDIA\NVDisplay.ContainerLocalSystem.log -l 3 -d C:\WINDOWS\System32\DriverStore\FileRepository\nvami.inf_amd64_cb8516b2a1164875\Display.NvContainer\plugins\LocalSystem -r -p 30000 -cfg NVDisplay.ContainerLocalSystem\LocalSystem

===================== Drivers (Whitelisted) ===================

(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)

S3 AppleKmdfFilter; C:\WINDOWS\System32\drivers\AppleKmdfFilter.sys [20640 2018-05-10] (WDKTestCert build,131474841775766162 -> Apple Inc.)
S3 AppleLowerFilter; C:\WINDOWS\System32\drivers\AppleLowerFilter.sys [35560 2018-05-10] (WDKTestCert build,131474841775766162 -> Apple Inc.)
R1 AsIO; C:\Windows\SysWow64\drivers\AsIO.sys [15232 2018-10-03] (ASUSTeK Computer Inc. -> )
R3 AsusPTPDrv; C:\WINDOWS\System32\drivers\AsusPTPFilter.sys [108504 2019-04-24] (ASUSTek Computer Inc. -> ASUSTek COMPUTER INC.)
R1 ATKWMIACPIIO; C:\Program Files (x86)\ASUS\ATK Package\ATK WMIACPI\atkwmiacpi64.sys [20096 2015-05-08] (Microsoft Windows Hardware Compatibility Publisher -> ASUSTek Computer Inc.)
S3 dg_ssudbus; C:\WINDOWS\system32\DRIVERS\ssudbus2.sys [160376 2021-10-08] (Samsung Electronics Co., Ltd. -> Samsung Electronics Co., Ltd.)
R1 GLCKIO2; C:\Windows\system32\drivers\GLCKIO2.sys [19392 2018-04-23] (ASUSTeK Computer Inc. -> )
R3 HIDSwitch; C:\WINDOWS\System32\drivers\AsRadioControl.sys [32696 2020-11-19] (ASUSTek Computer Inc. -> ASUS)
R3 MpKsl907e5e36; C:\ProgramData\Microsoft\Windows Defender\Definition Updates\{EC47485C-1CFE-456B-AC1C-5EADE22939F7}\MpKslDrv.sys [214280 2023-02-04] (Microsoft Windows -> Microsoft Corporation)
R3 nvvad_WaveExtensible; C:\WINDOWS\system32\drivers\nvvad64v.sys [48552 2021-11-01] (Microsoft Windows Hardware Compatibility Publisher -> NVIDIA Corporation)
R3 RSP2STOR; C:\WINDOWS\System32\drivers\RtsP2Stor.sys [338368 2017-12-12] (Realtek Semiconductor Corp. -> Realtek Semiconductor Corp.)
S3 ssudmdm; C:\WINDOWS\system32\DRIVERS\ssudmdm.sys [167544 2021-10-08] (Samsung Electronics Co., Ltd. -> Samsung Electronics Co., Ltd.)
S3 ss_conn_usb_driver2; C:\WINDOWS\System32\Drivers\ss_conn_usb_driver2.sys [43376 2020-11-11] (Samsung Electronics Co., Ltd. -> Samsung Electronics Co., Ltd.)
R3 tap_ovpnconnect; C:\WINDOWS\System32\drivers\tap_ovpnconnect.sys [40128 2020-10-27] (Microsoft Windows Hardware Compatibility Publisher -> The OpenVPN Project)
S0 WdBoot; C:\WINDOWS\System32\drivers\wd\WdBoot.sys [49568 2022-12-09] (Microsoft Windows Early Launch Anti-malware Publisher -> Microsoft Corporation)
R0 WdFilter; C:\WINDOWS\System32\drivers\wd\WdFilter.sys [473376 2022-12-09] (Microsoft Windows -> Microsoft Corporation)
R3 WdNisDrv; C:\WINDOWS\System32\drivers\wd\WdNisDrv.sys [99616 2022-12-09] (Microsoft Windows -> Microsoft Corporation)

==================== NetSvcs (Whitelisted) ===================

(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)


==================== One month (created) (Whitelisted) =========

(If an entry is included in the fixlist, the file/folder will be moved.)

2023-02-04 23:20 - 2023-02-04 23:21 - 000023444 _____ C:\Users\uživatel pc\Desktop\FRST.txt
2023-02-04 23:20 - 2023-02-04 23:20 - 000000000 ____D C:\Users\uživatel pc\Desktop\FRST-OlderVersion
2023-02-04 23:19 - 2023-02-04 23:19 - 002376704 _____ (Farbar) C:\Users\uživatel pc\Downloads\FRST64.exe
2023-02-04 23:11 - 2023-02-04 23:11 - 000000000 ____D C:\AdwCleaner
2023-02-03 21:39 - 2023-02-03 21:46 - 000000000 ____D C:\Users\uživatel pc\AppData\Roaming\Disc-Soft
2023-02-03 21:38 - 2023-02-03 21:46 - 000000000 ____D C:\ProgramData\Disc-Soft
2023-02-03 21:31 - 2023-02-03 21:31 - 000000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Geeks3D
2023-02-03 21:31 - 2023-02-03 21:31 - 000000000 ____D C:\Program Files (x86)\Geeks3D
2023-02-03 21:29 - 2023-02-03 21:29 - 014888691 _____ (Geeks3D ) C:\Users\uživatel pc\Downloads\FurMark_1.33.0.0_Setup.exe
2023-01-23 00:01 - 2023-01-23 21:30 - 000000000 ____D C:\Program Files\Mozilla Firefox
2023-01-22 18:22 - 2023-01-22 18:22 - 000000000 ____D C:\ProgramData\Piriform
2023-01-11 19:37 - 2023-01-11 19:37 - 000000000 ___HD C:\$WinREAgent

==================== One month (modified) ==================

(If an entry is included in the fixlist, the file/folder will be moved.)

2023-02-04 23:20 - 2020-08-18 16:12 - 000000000 ____D C:\FRST
2023-02-04 23:20 - 2020-08-18 13:01 - 002376704 _____ (Farbar) C:\Users\uživatel pc\Desktop\FRST64.exe
2023-02-04 23:09 - 2019-12-07 10:14 - 000000000 ____D C:\ProgramData\regid.1991-06.com.microsoft
2023-02-04 23:09 - 2018-12-17 20:54 - 000000000 ____D C:\Program Files\CCleaner
2023-02-04 23:06 - 2018-12-17 18:38 - 000000000 ____D C:\Users\uživatel pc\AppData\Local\Battle.net
2023-02-04 23:05 - 2018-12-17 18:43 - 000000000 ____D C:\Program Files (x86)\World of Warcraft
2023-02-04 23:02 - 2018-12-17 18:37 - 000000000 ____D C:\Program Files (x86)\Battle.net
2023-02-04 23:00 - 2021-08-14 22:54 - 000000000 ____D C:\Users\uživatel pc\AppData\LocalLow\Mozilla
2023-02-04 22:57 - 2018-10-08 17:09 - 000000000 ____D C:\Program Files (x86)\Google
2023-02-04 22:57 - 2018-10-08 16:38 - 000000000 ____D C:\ProgramData\NVIDIA
2023-02-04 22:57 - 2018-10-08 16:35 - 000000000 __SHD C:\Users\uživatel pc\IntelGraphicsProfiles
2023-02-03 22:41 - 2018-12-17 19:46 - 000000000 ____D C:\Users\uživatel pc\AppData\Local\D3DSCache
2023-02-03 22:39 - 2019-11-26 19:00 - 000000000 ____D C:\Users\uživatel pc\AppData\Local\Ubisoft Game Launcher
2023-02-03 21:54 - 2020-07-31 23:45 - 001693140 _____ C:\WINDOWS\system32\PerfStringBackup.INI
2023-02-03 21:54 - 2019-12-07 15:41 - 000718024 _____ C:\WINDOWS\system32\perfh005.dat
2023-02-03 21:54 - 2019-12-07 15:41 - 000145166 _____ C:\WINDOWS\system32\perfc005.dat
2023-02-03 21:54 - 2019-12-07 10:13 - 000000000 ____D C:\WINDOWS\INF
2023-02-03 21:47 - 2020-07-31 23:48 - 000000006 ____H C:\WINDOWS\Tasks\SA.DAT
2023-02-03 21:47 - 2020-07-31 23:42 - 000008192 ___SH C:\DumpStack.log.tmp
2023-02-03 21:47 - 2019-12-07 10:03 - 000786432 _____ C:\WINDOWS\system32\config\BBI
2023-02-03 21:47 - 2018-12-19 18:54 - 000000000 ____D C:\Program Files (x86)\TeamViewer
2023-02-03 21:10 - 2019-04-28 20:15 - 000000000 ____D C:\Users\uživatel pc\AppData\Roaming\Discord
2023-02-03 21:09 - 2019-04-28 20:15 - 000000000 ____D C:\Users\uživatel pc\AppData\Local\Discord
2023-02-03 21:03 - 2019-12-07 10:14 - 000000000 ____D C:\WINDOWS\AppReadiness
2023-02-03 19:49 - 2020-07-31 23:42 - 000000000 ____D C:\WINDOWS\system32\SleepStudy
2023-02-03 16:16 - 2022-02-12 20:19 - 000001431 _____ C:\Users\uživatel pc\Desktop\Roblox Player.lnk
2023-02-03 16:16 - 2022-02-12 20:19 - 000001254 _____ C:\Users\uživatel pc\Desktop\Roblox Studio.lnk
2023-02-03 16:16 - 2022-02-12 20:19 - 000000000 ____D C:\Users\uživatel pc\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Roblox
2023-02-03 13:45 - 2019-12-07 10:14 - 000000000 ___HD C:\Program Files\WindowsApps
2023-02-03 12:49 - 2020-08-26 17:16 - 000002436 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Microsoft Edge.lnk
2023-02-03 12:46 - 2019-12-07 10:03 - 000000000 ____D C:\WINDOWS\CbsTemp
2023-02-01 18:55 - 2019-03-15 15:30 - 000000000 ____D C:\Users\uživatel pc\AppData\Roaming\vlc
2023-01-29 13:12 - 2022-02-08 23:17 - 000000000 ____D C:\ProgramData\Mozilla-1de4eec8-1241-4177-a864-e594e8d1fb38
2023-01-27 18:19 - 2022-08-24 12:54 - 000000000 ____D C:\Users\uživatel pc\AppData\Roaming\ViberPC
2023-01-26 23:48 - 2018-10-08 17:09 - 000002301 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Google Chrome.lnk
2023-01-26 19:55 - 2021-01-25 12:08 - 000000000 ____D C:\Program Files\Microsoft Update Health Tools
2023-01-26 17:07 - 2022-10-13 18:01 - 000002073 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Adobe Acrobat.lnk
2023-01-26 17:07 - 2022-10-13 18:01 - 000002061 _____ C:\Users\Public\Desktop\Adobe Acrobat.lnk
2023-01-26 17:07 - 2022-08-25 10:07 - 000004562 _____ C:\WINDOWS\system32\Tasks\Adobe Acrobat Update Task
2023-01-25 19:37 - 2022-08-24 12:54 - 000000000 ____D C:\Users\uživatel pc\Documents\ViberDownloads
2023-01-23 22:29 - 2018-12-17 18:02 - 000000000 ____D C:\Users\uživatel pc\AppData\Local\ElevatedDiagnostics
2023-01-23 21:30 - 2022-09-20 19:10 - 000000760 _____ C:\WINDOWS\Tasks\CCleanerCrashReporting.job
2023-01-23 21:30 - 2021-08-14 22:54 - 000000000 ____D C:\Program Files (x86)\Mozilla Maintenance Service
2023-01-23 00:13 - 2021-09-28 23:49 - 000000000 ____D C:\WINDOWS\system32\Tasks\Mozilla
2023-01-23 00:13 - 2021-08-14 22:54 - 000001005 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Firefox.lnk
2023-01-22 18:22 - 2021-02-17 22:25 - 000000000 ____D C:\Users\uživatel pc\AppData\Roaming\TS3Client
2023-01-20 13:17 - 2020-08-18 16:12 - 000102866 ____H C:\Users\uživatel pc\AppData\Local\IconCache.db.backup
2023-01-18 14:55 - 2022-09-20 19:10 - 000003476 _____ C:\WINDOWS\system32\Tasks\CCleanerCrashReporting
2023-01-18 14:55 - 2020-07-31 23:48 - 000003936 _____ C:\WINDOWS\system32\Tasks\CCleaner Update
2023-01-13 19:12 - 2022-08-29 13:10 - 000000000 ____D C:\Users\uživatel pc\AppData\Local\Viber
2023-01-11 19:50 - 2020-07-31 23:42 - 000293960 _____ C:\WINDOWS\system32\FNTCACHE.DAT
2023-01-11 19:49 - 2019-12-07 10:14 - 000000000 ____D C:\WINDOWS\SystemResources
2023-01-11 19:49 - 2019-12-07 10:14 - 000000000 ____D C:\WINDOWS\system32\oobe
2023-01-11 19:49 - 2019-12-07 10:14 - 000000000 ____D C:\WINDOWS\system32\migwiz
2023-01-11 19:49 - 2019-12-07 10:14 - 000000000 ____D C:\WINDOWS\bcastdvr
2023-01-11 19:40 - 2020-07-31 23:44 - 003014656 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\PrintConfig.dll
2023-01-11 19:34 - 2018-10-08 16:37 - 000000000 ____D C:\WINDOWS\system32\MRT
2023-01-11 19:33 - 2018-10-08 16:37 - 150199536 ____C (Microsoft Corporation) C:\WINDOWS\system32\MRT.exe
2023-01-09 21:41 - 2019-12-07 10:14 - 000000000 ____D C:\WINDOWS\LiveKernelReports
2023-01-09 16:22 - 2019-12-07 10:14 - 000000000 ___RD C:\WINDOWS\ImmersiveControlPanel

==================== SigCheck ============================

(There is no automatic fix for files that do not pass verification.)

==================== End of FRST.txt ========================
ALEXUSS

Uživatelský avatar
Rudy
Site Admin
Site Admin
Příspěvky: 118198
Registrován: 30 říj 2003 13:42
Bydliště: Plzeň
Kontaktovat uživatele:

Re: Preventivka

#2 Příspěvek od Rudy »

Zdravím!
Abych mohl provést kompletní kontrolu, potřebuji ještě vidět obsah souboru addition.txt. Měl by být na pološe. Děkuji.
Dotazy a logy vkládejte pouze do vašich threadů. Soukromé zprávy, icq a e-maily neslouží k řešení vašich problémů.

Podpořte, prosím, naše fórum : https://platba.viry.cz/payment/.

Navštivte: Obrázek

e-mail: rudy(zavináč)forum.viry.cz

Varování:
Před odvirováním PC si udělejte zálohy svých důležitých dat (pošta, kontakty, dokumenty, fotografie, videa, hudba apod.). Virus mimo svých "viditelných" aktivit může poškodit systém!


Po dořešení vašeho problému bude vlákno zamknuto. Stejně tak tehdy, pokud bude nečinné více než 14dnů. Pokud budete chtít vlákno aktivovat, napište mi na mail uvedený výše.

Uživatelský avatar
ALEXUSS
Vzorný návštěvník
Vzorný návštěvník
Příspěvky: 75
Registrován: 08 led 2009 09:31
Bydliště: Praha7
Kontaktovat uživatele:

Re: Preventivka

#3 Příspěvek od ALEXUSS »

Additional scan result of Farbar Recovery Scan Tool (x64) Version: 03-02-2023
Ran by uživatel pc (04-02-2023 23:21:34)
Running from C:\Users\uživatel pc\Desktop
Microsoft Windows 10 Home Version 22H2 19045.2486 (X64) (2020-07-31 22:49:05)
Boot Mode: Normal
==========================================================


==================== Accounts: =============================


(If an entry is included in the fixlist, it will be removed.)

Administrator (S-1-5-21-1591190220-3334559388-2249055275-500 - Administrator - Disabled)
DefaultAccount (S-1-5-21-1591190220-3334559388-2249055275-503 - Limited - Disabled)
Guest (S-1-5-21-1591190220-3334559388-2249055275-501 - Limited - Disabled)
uživatel pc (S-1-5-21-1591190220-3334559388-2249055275-1001 - Administrator - Enabled) => C:\Users\uživatel pc
WDAGUtilityAccount (S-1-5-21-1591190220-3334559388-2249055275-504 - Limited - Disabled)

==================== Security Center ========================

(If an entry is included in the fixlist, it will be removed.)

AV: Windows Defender (Enabled - Up to date) {D68DDC3A-831F-4fae-9E44-DA132C1ACF46}
AS: Windows Defender (Enabled - Up to date) {D68DDC3A-831F-4fae-9E44-DA132C1ACF46}

==================== Installed Programs ======================

(Only the adware programs with "Hidden" flag could be added to the fixlist to unhide them. The adware programs should be uninstalled manually.)

Adobe Acrobat (64-bit) (HKLM\...\{AC76BA86-1033-1033-7760-BC15014EA700}) (Version: 22.003.20314 - Adobe)
Adobe Refresh Manager (HKLM-x32\...\{AC76BA86-0804-1033-1959-018244601032}) (Version: 1.8.0 - Adobe Systems Incorporated) Hidden
ASUS Aac_NBDT HAL (HKLM\...\{01D3B7AA-D078-4506-B460-60877FCDDBD6}) (Version: 2.2.7.0 - ASUSTek COMPUTER INC.) Hidden
ASUS Aac_NBDT HAL (HKLM-x32\...\{a287c686-e02e-4d5a-8e7b-4e1da1c906dd}) (Version: 2.2.7.0 - ASUSTek COMPUTER INC.) Hidden
ASUS AURA Display Component (HKLM\...\{AFD1CF98-FE97-434C-A095-9F27C5BEA53C}) (Version: 1.1.19 - ASUSTek COMPUTER INC. ) Hidden
ASUS AURA Display Component (HKLM-x32\...\{36aa03d4-9606-4f04-bf3e-a70ebe6650f3}) (Version: 1.1.19 - ASUSTek COMPUTER INC. ) Hidden
ASUS AURA Extension Card HAL (HKLM\...\{2C39FF80-1BB2-42C5-A58D-DC90EFF048F6}) (Version: 1.0.7 - ASUSTeK COMPUTER INC.) Hidden
ASUS AURA Extension Card HAL (HKLM-x32\...\{ae175b21-505d-4f2f-bc21-4a07415e8b7d}) (Version: 1.0.7 - ASUSTeK COMPUTER INC.) Hidden
ASUS AURA Headset Component (HKLM\...\{A3C4120D-8096-4307-91A2-FFE37EBD5A3D}) (Version: 1.1.12 - ASUSTek COMPUTER INC.) Hidden
ASUS AURA Headset Component (HKLM-x32\...\{d24837ba-2990-457b-bb70-b72614e03845}) (Version: 1.1.12 - ASUSTek COMPUTER INC.) Hidden
ASUS AURA Motherboard HAL (HKLM\...\{D800D836-DE15-4B00-8273-521F022CD837}) (Version: 1.0.28 - ASUSTeK COMPUTER INC.) Hidden
ASUS AURA Motherboard HAL (HKLM-x32\...\{6121958f-8f20-44ab-b168-5fb4c336866d}) (Version: 1.0.28 - ASUSTeK COMPUTER INC.) Hidden
ASUS AURA Odd Component (HKLM\...\{B5E322FB-C191-463E-BDDD-4F22290EDFDB}) (Version: 1.0.7 - ASUSTeK COMPUTER INC.) Hidden
ASUS AURA Odd Component (HKLM-x32\...\{a29279dc-f417-4442-8225-4db77f7d35b5}) (Version: 1.0.7 - ASUSTeK COMPUTER INC.) Hidden
ASUS AURA VGA Component (HKLM\...\{71BB96A6-EAC4-45AE-A17D-D3ED43FF1D14}) (Version: 0.0.1.6 - ASUSTek COMPUTER INC. ) Hidden
ASUS AURA VGA Component (HKLM-x32\...\{ddf1d23c-e505-47e4-8108-60af9b29a845}) (Version: 0.0.1.6 - ASUSTek COMPUTER INC. ) Hidden
ASUS GLCKIO2 Driver (HKLM-x32\...\{548dd834-70c5-4426-8065-fbeabdd2bb5d}) (Version: 1.0.10 - ASUSTeK Computer Inc.) Hidden
ASUS GLCKIO2 Driver (HKLM-x32\...\{5960FD0F-BB3B-49AF-B175-F77DC91E995A}) (Version: 1.0.10 - ASUSTeK Computer Inc.) Hidden
ASUS Keyboard HAL (HKLM\...\{0FA0CDEE-5DC8-421E-A97D-C74FA6E66FC3}) (Version: 1.0.24 - ASUSTek COMPUTER INC.) Hidden
ASUS Keyboard HAL (HKLM-x32\...\{84f71ba0-a021-48b9-ab12-4990572f697b}) (Version: 1.0.24 - ASUSTek COMPUTER INC.) Hidden
ASUS MB Peripheral Products (HKLM\...\{BFED9861-7D96-4528-89F1-B090ABBF11A7}) (Version: 1.0.20 - ASUSTeK Computer Inc.) Hidden
ASUS MB Peripheral Products (HKLM-x32\...\{3e9b91eb-5bb0-4272-8670-f88d353eb68b}) (Version: 1.0.20 - ASUSTeK Computer Inc.) Hidden
ASUS Mouse HAL (HKLM\...\{1838F91B-D481-45AA-B92F-071C62D0A19A}) (Version: 1.0.21 - ASUSTek COMPUTER INC.) Hidden
ASUS Mouse HAL (HKLM-x32\...\{be8aef12-2bc5-4b18-90c4-75276c3eb3a1}) (Version: 1.0.21 - ASUSTek COMPUTER INC.) Hidden
ASUS MousePad HAL (HKLM\...\{723B40A4-5BF2-4DC6-834A-2ADF75F3CF7E}) (Version: 1.0.0.3 - ASUSTek COMPUTER INC.) Hidden
ASUS MousePad HAL (HKLM-x32\...\{a020e026-ac75-4f13-9b0b-bb4d8ccc1dc7}) (Version: 1.0.0.3 - ASUSTek COMPUTER INC.) Hidden
ATK Package (HKLM-x32\...\{AB5C933E-5C7D-4D30-B314-9C83A49B94BE}) (Version: 1.0.0050 - ASUS)
AURA DRAM Component (HKLM\...\{3881F403-B6B7-4D2F-BDAC-7901EB677F52}) (Version: 1.0.21 - ASUS) Hidden
AURA DRAM Component (HKLM-x32\...\{abb56118-25ed-4613-b3c7-c36bb1695c67}) (Version: 1.0.21 - ASUS) Hidden
Battle.net (HKLM-x32\...\Battle.net) (Version: - Blizzard Entertainment)
Canon LBP2900 (HKLM\...\Canon LBP2900) (Version: - )
CCleaner (HKLM\...\CCleaner) (Version: 6.08 - Piriform)
Corsair AURA DRAM Component (HKLM\...\{376E0869-A4F1-4DC7-A1FD-EBF3AFFEB832}) (Version: 1.0.4 - CORSAIR COMPONENTS INC.) Hidden
Corsair AURA DRAM Component (HKLM-x32\...\{6f09b03f-dfb3-4bfc-be78-e7e5b00f2182}) (Version: 1.0.4 - CORSAIR COMPONENTS INC.) Hidden
Discord (HKU\S-1-5-21-1591190220-3334559388-2249055275-1001\...\Discord) (Version: 0.0.309 - Discord Inc.)
GALAX GAMER RGB (HKLM\...\{06A16AA8-BBA7-4362-962E-16651962D87C}) (Version: 1.00.02 - Galaxy Microsystems Ltd.) Hidden
GALAX GAMER RGB (HKLM-x32\...\{1257fdeb-ffa3-4e17-9d4b-189075ea3656}) (Version: 1.00.02 - Galaxy Microsystems Ltd.)
Geeks3D FurMark 1.33.0.0 (HKLM-x32\...\{2397CAD4-2263-4CD0-96BE-E43A980B9C9A}_is1) (Version: 1.33.0.0 - Geeks3D)
Google Chrome (HKLM-x32\...\Google Chrome) (Version: 109.0.5414.120 - Google LLC)
Intel(R) Chipset Device Software (HKLM\...\{94E05108-3E4E-4F2E-AC5F-33A1B22B779C}) (Version: 10.1.1.44 - Intel Corporation) Hidden
Intel(R) Processor Graphics (HKLM-x32\...\{F0E3AD40-2BBD-4360-9C76-B9AC9A5886EA}) (Version: 26.20.100.7325 - Intel Corporation)
Intel® Chipset Device Software (HKLM-x32\...\{17408817-d415-4768-a160-ae6d46d6bdb0}) (Version: 10.1.1.44 - Intel(R) Corporation) Hidden
Kingston AURA DRAM Component (HKLM\...\{6D2D2DAF-BFE4-45A6-BF40-8A9F7FF54F42}) (Version: 1.0.7 - KINGSTON COMPONENTS INC.) Hidden
Kingston AURA DRAM Component (HKLM-x32\...\{c43fd2d2-c80f-48c7-95e2-1986bd0922e8}) (Version: 1.0.7 - KINGSTON COMPONENTS INC.) Hidden
Kontrola stavu osobního počítače s Windows (HKLM\...\{D1F15F7A-707A-42BD-BE6B-3380616F796D}) (Version: 3.6.2204.08001 - Microsoft Corporation)
Microsoft Edge (HKLM-x32\...\Microsoft Edge) (Version: 109.0.1518.78 - Microsoft Corporation)
Microsoft Edge WebView2 Runtime (HKLM-x32\...\Microsoft EdgeWebView) (Version: 109.0.1518.70 - Microsoft Corporation)
Microsoft SQL Server Compact 3.5 SP2 ENU (HKLM-x32\...\{3A9FC03D-C685-4831-94CF-4EDFD3749497}) (Version: 3.5.8080.0 - Microsoft Corporation)
Microsoft SQL Server Compact 3.5 SP2 x64 ENU (HKLM\...\{D4AD39AD-091E-4D33-BB2B-59F6FCB8ADC3}) (Version: 3.5.8080.0 - Microsoft Corporation)
Microsoft Update Health Tools (HKLM\...\{89581302-705F-42C5-99B0-E368A845DAD5}) (Version: 3.70.0.0 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x64 9.0.30729.6161 (HKLM\...\{5FCE6D76-F5DC-37AB-B2B8-22AB8CEDB1D4}) (Version: 9.0.30729.6161 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.17 (HKLM-x32\...\{9A25302D-30C0-39D9-BD6F-21E6EC160475}) (Version: 9.0.30729 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.6161 (HKLM-x32\...\{9BE518E6-ECC6-35A9-88E4-87755C07200F}) (Version: 9.0.30729.6161 - Microsoft Corporation)
Microsoft Visual C++ 2010 x64 Redistributable - 10.0.40219 (HKLM\...\{1D8E6291-B0D5-35EC-8441-6616F567A0F7}) (Version: 10.0.40219 - Microsoft Corporation)
Microsoft Visual C++ 2010 x86 Redistributable - 10.0.30319 (HKLM-x32\...\{196BB40D-1578-3D01-B289-BEFC77A11A1E}) (Version: 10.0.30319 - Microsoft Corporation)
Microsoft Visual C++ 2012 Redistributable (x64) - 11.0.61030 (HKLM-x32\...\{ca67548a-5ebe-413a-b50c-4b9ceb6d66c6}) (Version: 11.0.61030.0 - Microsoft Corporation)
Microsoft Visual C++ 2012 Redistributable (x86) - 11.0.61030 (HKLM-x32\...\{33d1fd90-4274-48a1-9bc1-97e33d9c2d6f}) (Version: 11.0.61030.0 - Microsoft Corporation)
Microsoft Visual C++ 2012 x64 Additional Runtime - 11.0.61030 (HKLM\...\{37B8F9C7-03FB-3253-8781-2517C99D7C00}) (Version: 11.0.61030 - Microsoft Corporation) Hidden
Microsoft Visual C++ 2012 x64 Minimum Runtime - 11.0.61030 (HKLM\...\{CF2BEA3C-26EA-32F8-AA9B-331F7E34BA97}) (Version: 11.0.61030 - Microsoft Corporation) Hidden
Microsoft Visual C++ 2012 x86 Additional Runtime - 11.0.61030 (HKLM-x32\...\{B175520C-86A2-35A7-8619-86DC379688B9}) (Version: 11.0.61030 - Microsoft Corporation) Hidden
Microsoft Visual C++ 2012 x86 Minimum Runtime - 11.0.61030 (HKLM-x32\...\{BD95A8CD-1D9F-35AD-981A-3E7925026EBB}) (Version: 11.0.61030 - Microsoft Corporation) Hidden
Microsoft Visual C++ 2013 Redistributable (x64) - 12.0.30501 (HKLM-x32\...\{050d4fc8-5d48-4b8f-8972-47c82c46020f}) (Version: 12.0.30501.0 - Microsoft Corporation)
Microsoft Visual C++ 2013 Redistributable (x86) - 12.0.30501 (HKLM-x32\...\{f65db027-aff3-4070-886a-0d87064aabb1}) (Version: 12.0.30501.0 - Microsoft Corporation)
Microsoft Visual C++ 2013 x64 Additional Runtime - 12.0.21005 (HKLM\...\{929FBD26-9020-399B-9A7A-751D61F0B942}) (Version: 12.0.21005 - Microsoft Corporation) Hidden
Microsoft Visual C++ 2013 x64 Minimum Runtime - 12.0.21005 (HKLM\...\{A749D8E6-B613-3BE3-8F5F-045C84EBA29B}) (Version: 12.0.21005 - Microsoft Corporation) Hidden
Microsoft Visual C++ 2013 x86 Additional Runtime - 12.0.21005 (HKLM-x32\...\{F8CFEB22-A2E7-3971-9EDA-4B11EDEFC185}) (Version: 12.0.21005 - Microsoft Corporation) Hidden
Microsoft Visual C++ 2013 x86 Minimum Runtime - 12.0.21005 (HKLM-x32\...\{13A4EE12-23EA-3371-91EE-EFB36DDFFF3E}) (Version: 12.0.21005 - Microsoft Corporation) Hidden
Microsoft Visual C++ 2015-2019 Redistributable (x64) - 14.22.27821 (HKLM-x32\...\{6361b579-2795-4886-b2a8-53d5239b6452}) (Version: 14.22.27821.0 - Microsoft Corporation)
Microsoft Visual C++ 2015-2019 Redistributable (x86) - 14.22.27821 (HKLM-x32\...\{5bfc1380-fd35-4b85-9715-7351535d077e}) (Version: 14.22.27821.0 - Microsoft Corporation)
Microsoft Visual C++ 2019 X64 Additional Runtime - 14.22.27821 (HKLM\...\{6E2C7A8E-B17A-4637-9CE9-F0B1157CF378}) (Version: 14.22.27821 - Microsoft Corporation) Hidden
Microsoft Visual C++ 2019 X64 Minimum Runtime - 14.22.27821 (HKLM\...\{0093C20C-273D-4397-B623-515CB8616CB9}) (Version: 14.22.27821 - Microsoft Corporation) Hidden
Microsoft Visual C++ 2019 X86 Additional Runtime - 14.22.27821 (HKLM-x32\...\{3BDE80F7-7EC9-448E-8160-4ADA0CDA8879}) (Version: 14.22.27821 - Microsoft Corporation) Hidden
Microsoft Visual C++ 2019 X86 Minimum Runtime - 14.22.27821 (HKLM-x32\...\{1E6FC929-567E-4D22-9206-C5B83F0A21B9}) (Version: 14.22.27821 - Microsoft Corporation) Hidden
Might and Magic Heroes VII (HKLM-x32\...\Uplay Install 1176) (Version: - Ubisoft)
Mozilla Firefox (x64 cs) (HKLM\...\Mozilla Firefox 109.0 (x64 cs)) (Version: 109.0 - Mozilla)
Mozilla Maintenance Service (HKLM\...\MozillaMaintenanceService) (Version: 91.0 - Mozilla)
NVIDIA FrameView SDK 1.2.7704.31296923 (HKLM\...\{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_FrameViewSdk) (Version: 1.2.7704.31296923 - NVIDIA Corporation)
NVIDIA GeForce Experience 3.25.1.27 (HKLM\...\{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_Display.GFExperience) (Version: 3.25.1.27 - NVIDIA Corporation)
NVIDIA Ovladače grafiky 512.77 (HKLM\...\{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_Display.Driver) (Version: 512.77 - NVIDIA Corporation)
NVIDIA Systémový software PhysX 9.21.0713 (HKLM\...\{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_Display.PhysX) (Version: 9.21.0713 - NVIDIA Corporation)
OpenOffice 4.1.5 (HKLM-x32\...\{2FEA9841-64DE-4FA5-A36F-1CD23E2790EB}) (Version: 4.15.9789 - Apache Software Foundation)
OpenVPN Connect (HKLM\...\{E4B78C05-60F9-4DC7-BEF9-FB42EEF51FD9}) (Version: 3.2.2 - OpenVPN Technologies)
Patriot Viper RGB (HKLM\...\{E42E13B0-071E-49C1-B1CC-58198E82F302}) (Version: 1.00.05 - Patriot Memory) Hidden
Patriot Viper RGB (HKLM-x32\...\{0ea44351-5397-43b0-a9c7-c4c53d9948ef}) (Version: 1.00.05 - Patriot Memory)
qBittorrent 4.4.0 (HKLM-x32\...\qBittorrent) (Version: 4.4.0 - The qBittorrent project)
Realtek High Definition Audio Driver (HKLM-x32\...\{F132AF7F-7BCA-4EDE-8A7C-958108FE7DBC}) (Version: 6.0.1.8564 - Realtek Semiconductor Corp.)
Roblox Player for uživatel pc (HKU\S-1-5-21-1591190220-3334559388-2249055275-1001\...\roblox-player) (Version: - Roblox Corporation)
Roblox Studio for uživatel pc (HKU\S-1-5-21-1591190220-3334559388-2249055275-1001\...\roblox-studio) (Version: - Roblox Corporation)
ROG Gaming Center (HKLM\...\{CC182DBF-FC67-4F79-9930-6A2682E60BDD}) (Version: 2.1.5 - ASUSTeK COMPUTER INC.)
Signal 5.57.0 (HKU\S-1-5-21-1591190220-3334559388-2249055275-1001\...\7d96caee-06e6-597c-9f2f-c7bb2e0948b4) (Version: 5.57.0 - Signal Messenger, LLC)
Steam (HKLM-x32\...\Steam) (Version: 2.10.91.91 - Valve Corporation)
TeamSpeak 3 Client (HKLM\...\TeamSpeak 3 Client) (Version: 3.5.6 - TeamSpeak Systems GmbH)
TeamViewer (HKLM-x32\...\TeamViewer) (Version: 15.2.2756 - TeamViewer)
Twitch (HKU\S-1-5-21-1591190220-3334559388-2249055275-1001\...\{DEE70742-F4E9-44CA-B2B9-EE95DCF37295}) (Version: 8.0.0 - Twitch Interactive, Inc.)
Ubisoft Connect (HKLM-x32\...\Uplay) (Version: 124.3.10571 - Ubisoft)
Update for Windows 10 for x64-based Systems (KB4023057) (HKLM\...\{16AD6161-2E47-4BF1-AA77-0946EFE93E08}) (Version: 2.61.0.0 - Microsoft Corporation)
Viber (HKLM-x32\...\{46126103-14F9-4964-BF04-8EBCC52F2C8B}) (Version: 18.2.0.1 - 2010-2022 Viber Media S.a.r.l) Hidden
Viber (HKU\S-1-5-21-1591190220-3334559388-2249055275-1001\...\{fa411437-54ce-4d0c-9568-c5ed485078a4}) (Version: 18.2.0.1 - 2010-2022 Viber Media S.a.r.l)
VLC media player (HKLM\...\VLC media player) (Version: 3.0.6 - VideoLAN)
WhatsApp (HKU\S-1-5-21-1591190220-3334559388-2249055275-1001\...\WhatsApp) (Version: 2.2218.8 - WhatsApp)
WinRAR 5.61 (64-bit) (HKLM\...\WinRAR archiver) (Version: 5.61.0 - win.rar GmbH)

Packages:
=========
Doplněk multimediálního modulu pro aplikaci Fotografie -> C:\Program Files\WindowsApps\Microsoft.Photos.MediaEngineDLC_1.0.0.0_x64__8wekyb3d8bbwe [2019-09-09] (Microsoft Corporation)
Doplněk pro Fotky -> C:\Program Files\WindowsApps\Microsoft.Windows.Photos.DLC.Main_2021.39122.10110.0_x64__8wekyb3d8bbwe [2021-03-13] (Microsoft Corporation)
Forza Horizon 3 -> C:\Program Files\WindowsApps\Microsoft.OpusPG_1.0.125.2_x64__8wekyb3d8bbwe [2019-11-16] (Microsoft Studios)
Microsoft Advertising SDK for XAML -> C:\Program Files\WindowsApps\Microsoft.Advertising.Xaml_10.1811.1.0_x64__8wekyb3d8bbwe [2019-01-13] (Microsoft Corporation) [MS Ad]
Microsoft Advertising SDK for XAML -> C:\Program Files\WindowsApps\Microsoft.Advertising.Xaml_10.1811.1.0_x86__8wekyb3d8bbwe [2019-01-13] (Microsoft Corporation) [MS Ad]
NVIDIA Control Panel -> C:\Program Files\WindowsApps\NVIDIACorp.NVIDIAControlPanel_8.1.963.0_x64__56jybvy8sckqj [2022-10-17] (NVIDIA Corp.)
ROG Aura Core -> C:\Program Files\WindowsApps\B9ECED6F.ROGAuraCore_2.1.30.0_x86__qmba6cd70vzyy [2018-12-17] (ASUSTeK COMPUTER INC.) [Startup Task]
Solitaire & Casual Games -> C:\Program Files\WindowsApps\Microsoft.MicrosoftSolitaireCollection_4.15.12020.0_x64__8wekyb3d8bbwe [2022-12-09] (Microsoft Studios) [MS Ad]

==================== Custom CLSID (Whitelisted): ==============

(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)

ContextMenuHandlers1: [WinRAR] -> {B41DB860-64E4-11D2-9906-E49FADC173CA} => D:\WinRAR\rarext.dll [2018-09-30] (win.rar GmbH -> Alexander Roshal)
ContextMenuHandlers1-x32: [WinRAR32] -> {B41DB860-8EE4-11D2-9906-E49FADC173CA} => D:\WinRAR\rarext32.dll [2018-09-30] (win.rar GmbH -> Alexander Roshal)
ContextMenuHandlers5: [igfxcui] -> {3AB1675A-CCFF-11D2-8B20-00A0C93CB1F4} => -> No File
ContextMenuHandlers5: [igfxDTCM] -> {9B5F5829-A529-4B12-814A-E81BCB8D93FC} => C:\WINDOWS\System32\DriverStore\FileRepository\igdlh64.inf_amd64_ceba516baea4bed9\igfxDTCM.dll [2020-04-29] (Microsoft Windows Hardware Compatibility Publisher -> Intel Corporation)
ContextMenuHandlers5: [NvCplDesktopContext] -> {3D1975AF-48C6-4f8e-A182-BE0E08FA86A9} => C:\WINDOWS\System32\DriverStore\FileRepository\nvami.inf_amd64_cb8516b2a1164875\nvshext.dll [2022-05-05] (Nvidia Corporation -> NVIDIA Corporation)
ContextMenuHandlers6: [WinRAR] -> {B41DB860-64E4-11D2-9906-E49FADC173CA} => D:\WinRAR\rarext.dll [2018-09-30] (win.rar GmbH -> Alexander Roshal)
ContextMenuHandlers6-x32: [WinRAR32] -> {B41DB860-8EE4-11D2-9906-E49FADC173CA} => D:\WinRAR\rarext32.dll [2018-09-30] (win.rar GmbH -> Alexander Roshal)

==================== Codecs (Whitelisted) ====================

==================== Shortcuts & WMI ========================

==================== Loaded Modules (Whitelisted) =============

2018-12-17 22:11 - 2018-12-17 22:11 - 000019456 _____ (TODO: <Company name>) [File not signed] C:\Program Files\WindowsApps\B9ECED6F.ROGAuraCore_2.1.30.0_x86__qmba6cd70vzyy\Hook.dll

==================== Alternate Data Streams (Whitelisted) ========

==================== Safe Mode (Whitelisted) ==================

==================== Association (Whitelisted) =================

==================== Internet Explorer (Whitelisted) ==========


==================== Hosts content: =========================

(If needed Hosts: directive could be included in the fixlist to reset Hosts.)

2018-04-12 00:38 - 2020-01-01 16:58 - 000000027 _____ C:\WINDOWS\system32\drivers\etc\hosts
127.0.0.1 localhost

==================== Other Areas ===========================

(Currently there is no automatic fix for this section.)

HKU\S-1-5-21-1591190220-3334559388-2249055275-1001\Control Panel\Desktop\\Wallpaper -> C:\Users\uživatel pc\Downloads\4k-asus-rog-strix-logo-189.jpg
DNS Servers: 217.168.208.20 - 217.168.208.21
HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Policies\System => (ConsentPromptBehaviorAdmin: 5) (ConsentPromptBehaviorUser: 3) (EnableLUA: 1)
HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer => (SmartScreenEnabled: )
Windows Firewall is enabled.

==================== MSCONFIG/TASK MANAGER disabled items ==

==================== FirewallRules (Whitelisted) ================

(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)

FirewallRules: [{9B598E00-9E03-41D1-B5F9-F1C847C0BEF2}] => (Allow) C:\Windows\System32\CNAB4RPD.EXE (CANON INC. -> CANON INC.)
FirewallRules: [{51A025EE-E4CE-4ED5-8999-BEE5BB3C3FE0}] => (Allow) C:\Windows\System32\CNAB4RPD.EXE (CANON INC. -> CANON INC.)
FirewallRules: [{0F5C88D4-3F8E-4354-9708-7BBB372953B9}] => (Allow) D:\Steam\steamapps\common\Frostpunk\Frostpunk.exe (11 bit studios S.A.) [File not signed]
FirewallRules: [{1912BA58-84E2-48B9-8359-5D00DA8DE5AC}] => (Allow) D:\Steam\steamapps\common\Frostpunk\Frostpunk.exe (11 bit studios S.A.) [File not signed]
FirewallRules: [{BAF474B3-FA7C-4C4E-B49C-7E33DF5AD8FB}] => (Allow) D:\Ubisoft Game Launcher\games\Might and Magic Heroes VII\Binaries\Win64\MMH7Game-Win64-Shipping.exe (Limbic Entertainment GmbH -> Ubisoft, Inc.)
FirewallRules: [{D68E5A10-6F29-4702-B850-1CCA407E3FFB}] => (Allow) D:\Steam\steamapps\common\KingdomComeDeliverance\Bin\Win64\KingdomCome.exe (Warhorse Studios sro) [File not signed]
FirewallRules: [{A8408ADB-7C6E-480E-8969-C0C7750FA808}] => (Allow) D:\Steam\steamapps\common\KingdomComeDeliverance\Bin\Win64\KingdomCome.exe (Warhorse Studios sro) [File not signed]
FirewallRules: [UDP Query User{811A2DBA-6CF5-4AD4-9599-F66AA6054FC8}C:\program files (x86)\battle.net\battle.net.exe] => (Allow) C:\program files (x86)\battle.net\battle.net.exe (Blizzard Entertainment, Inc. -> Blizzard Entertainment)
FirewallRules: [TCP Query User{21058CC7-F489-470D-80E9-42C4278780C0}C:\program files (x86)\battle.net\battle.net.exe] => (Allow) C:\program files (x86)\battle.net\battle.net.exe (Blizzard Entertainment, Inc. -> Blizzard Entertainment)
FirewallRules: [UDP Query User{57F4FC4D-7E1A-46F6-BA27-52B3CD38A2D8}C:\program files (x86)\world of warcraft\_classic_\utils\wowvoiceproxy.exe] => (Allow) C:\program files (x86)\world of warcraft\_classic_\utils\wowvoiceproxy.exe => No File
FirewallRules: [TCP Query User{33057C6A-D93F-4BC6-88A7-C0062D64D356}C:\program files (x86)\world of warcraft\_classic_\utils\wowvoiceproxy.exe] => (Allow) C:\program files (x86)\world of warcraft\_classic_\utils\wowvoiceproxy.exe => No File
FirewallRules: [UDP Query User{5AA8A60B-25FD-47B7-B758-4AD68C5217B8}C:\program files (x86)\world of warcraft\_classic_\utils\wowvoiceproxy.exe] => (Allow) C:\program files (x86)\world of warcraft\_classic_\utils\wowvoiceproxy.exe => No File
FirewallRules: [TCP Query User{485252D1-2306-413D-8E5F-3990F2BECA94}C:\program files (x86)\world of warcraft\_classic_\utils\wowvoiceproxy.exe] => (Allow) C:\program files (x86)\world of warcraft\_classic_\utils\wowvoiceproxy.exe => No File
FirewallRules: [{AAF63F1B-6471-43DE-B404-53A6A5F7AB40}] => (Allow) C:\Program Files\NVIDIA Corporation\NvContainer\nvcontainer.exe (Nvidia Corporation -> NVIDIA Corporation)
FirewallRules: [{FFA17419-36EA-4D06-A165-4B388C5272BE}] => (Allow) C:\Program Files\NVIDIA Corporation\NvContainer\nvcontainer.exe (Nvidia Corporation -> NVIDIA Corporation)
FirewallRules: [{EEA683B7-640F-4344-955C-8A48CA34100C}] => (Allow) D:\Steam\Steam.exe (Valve Corp. -> Valve Corporation)
FirewallRules: [{DACD4BFC-A749-4D89-8CCE-7D184EA2CA04}] => (Allow) D:\Steam\Steam.exe (Valve Corp. -> Valve Corporation)
FirewallRules: [{218674F9-9533-457B-BE66-70B64F2C6797}] => (Allow) C:\Program Files (x86)\ASUSTeK COMPUTER INC\ROG Gaming Center\ROGGCAndroidService.exe (ASUSTeK Computer Inc. -> ASUSTeK COMPUTER INC.)
FirewallRules: [TCP Query User{E3A3C90F-167A-4DE4-9026-E6A73B8BD920}C:\program files (x86)\world of warcraft\_retail_\utils\wowvoiceproxy.exe] => (Allow) C:\program files (x86)\world of warcraft\_retail_\utils\wowvoiceproxy.exe => No File
FirewallRules: [UDP Query User{9565E01B-01E7-4FEB-9A71-733138E88FB5}C:\program files (x86)\world of warcraft\_retail_\utils\wowvoiceproxy.exe] => (Allow) C:\program files (x86)\world of warcraft\_retail_\utils\wowvoiceproxy.exe => No File
FirewallRules: [{3E8F4244-643F-478C-BB11-A500AE0A6BA4}] => (Allow) D:\Steam\bin\cef\cef.win7x64\steamwebhelper.exe (Valve Corp. -> Valve Corporation)
FirewallRules: [{1D8D612A-0E9E-4A12-A32C-A23FFC398909}] => (Allow) D:\Steam\bin\cef\cef.win7x64\steamwebhelper.exe (Valve Corp. -> Valve Corporation)
FirewallRules: [TCP Query User{09A7FD5D-7883-4F32-9A3C-C6F5FBE9E61F}C:\program files (x86)\world of warcraft\_retail_\utils\wowvoiceproxy.exe] => (Allow) C:\program files (x86)\world of warcraft\_retail_\utils\wowvoiceproxy.exe => No File
FirewallRules: [UDP Query User{5786F7D2-7AA4-4536-811C-4A4A675666B5}C:\program files (x86)\world of warcraft\_retail_\utils\wowvoiceproxy.exe] => (Allow) C:\program files (x86)\world of warcraft\_retail_\utils\wowvoiceproxy.exe => No File
FirewallRules: [{CF8C6DC9-FEC5-4837-82E3-E45D9E23E07F}] => (Allow) C:\Program Files\CCleaner\CCUpdate.exe (Piriform Software Ltd -> Piriform)
FirewallRules: [{8F9A8BB9-DE3A-4984-8B24-53D8A4631307}] => (Allow) C:\Program Files\CCleaner\CCUpdate.exe (Piriform Software Ltd -> Piriform)
FirewallRules: [{9165E687-28DB-4862-B2BF-9C9261A3D654}] => (Allow) C:\Program Files (x86)\TeamViewer\TeamViewer.exe (TeamViewer Germany GmbH -> TeamViewer Germany GmbH)
FirewallRules: [{D7C58536-0E4F-4CD9-BB99-E9E8A9EE4A1F}] => (Allow) C:\Program Files (x86)\TeamViewer\TeamViewer.exe (TeamViewer Germany GmbH -> TeamViewer Germany GmbH)
FirewallRules: [{5D7D5CAF-D168-41D7-BC10-8538F679CFC1}] => (Allow) C:\Program Files (x86)\TeamViewer\TeamViewer_Service.exe (TeamViewer Germany GmbH -> TeamViewer Germany GmbH)
FirewallRules: [{20F7C94B-7ECB-4023-AFF9-3A650F250CB0}] => (Allow) C:\Program Files (x86)\TeamViewer\TeamViewer_Service.exe (TeamViewer Germany GmbH -> TeamViewer Germany GmbH)
FirewallRules: [{243887EA-1E3C-4C78-97F5-DC1F0AFC64AD}] => (Allow) C:\Program Files\Mozilla Firefox\firefox.exe (Mozilla Corporation -> Mozilla Corporation)
FirewallRules: [{1FB1D659-E082-4435-88BD-3AB2975A7C97}] => (Allow) C:\Program Files\Mozilla Firefox\firefox.exe (Mozilla Corporation -> Mozilla Corporation)
FirewallRules: [{BAF56644-99D4-450B-8ED4-2B19B2DB5C21}] => (Allow) C:\Program Files\qBittorrent\qbittorrent.exe (The qBittorrent Project) [File not signed]
FirewallRules: [{43193DC8-3492-4119-91FC-10A12AC11358}] => (Allow) C:\Program Files\qBittorrent\qbittorrent.exe (The qBittorrent Project) [File not signed]
FirewallRules: [{D3687620-DFB4-4379-ACAE-9E98EEB548FE}] => (Allow) C:\Program Files\NVIDIA Corporation\NvContainer\nvcontainer.exe (Nvidia Corporation -> NVIDIA Corporation)
FirewallRules: [{3B720529-A72A-4346-BD94-32CEC19517C1}] => (Allow) C:\Program Files\NVIDIA Corporation\NvContainer\nvcontainer.exe (Nvidia Corporation -> NVIDIA Corporation)
FirewallRules: [{07416FD3-F266-4898-998C-2B84E065F528}] => (Allow) C:\Program Files\NVIDIA Corporation\NvStreamSrv\nvstreamer.exe (Nvidia Corporation -> NVIDIA Corporation)
FirewallRules: [{58C10C6F-B719-4491-882C-1AF87268B586}] => (Allow) C:\Program Files\NVIDIA Corporation\NvStreamSrv\nvstreamer.exe (Nvidia Corporation -> NVIDIA Corporation)
FirewallRules: [{E31C44A8-EAC5-4821-9F19-F39192CCAAE5}] => (Allow) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe (Google LLC -> Google LLC)
FirewallRules: [{453DCA5B-5DE9-49E4-826F-C10E9F10B0C4}] => (Allow) C:\Program Files (x86)\Microsoft\EdgeWebView\Application\109.0.1518.70\msedgewebview2.exe (Microsoft Corporation -> Microsoft Corporation)

==================== Restore Points =========================

11-01-2023 19:37:30 Instalační služba modulů systému Windows
03-02-2023 12:46:26 Instalační služba modulů systému Windows

==================== Faulty Device Manager Devices ============


==================== Event log errors: ========================

Application errors:
==================
Error: (02/04/2023 11:12:52 PM) (Source: Application Hang) (EventID: 1002) (User: )
Description: Program AdwCleaner.exe verze 8.0.7.0 přestal spolupracovat s Windows a byl ukončen. Pokud chcete zjistit, jestli je k dispozici více informací o tomto problému, vyhledejte historii problému na ovládacím panelu Zabezpečení a údržba.

ID procesu: 1dc4

Čas spuštění: 01d938e5b1b44775

Čas ukončení: 4294967295

Cesta k aplikaci: C:\Users\uživatel pc\Desktop\AdwCleaner.exe

ID hlášení: 6a5fc14c-8820-43dc-8e9e-48dddf959af3

Úplný název balíčku s chybou:

ID aplikace relativní podle balíčku s chybou:

Typ zablokování: Top level window is idle

Error: (01/29/2023 01:18:52 PM) (Source: Microsoft-Windows-Defrag) (EventID: 264) (User: )
Description: Optimalizátor úložiště nemohl dokončit opakovat operaci trim na Nový svazek (D:), protože: Požadovaná operace není podporována hardwarem, který zálohuje svazek. (0x8900002A)

Error: (01/22/2023 06:23:42 PM) (Source: DbxSvc) (EventID: 281) (User: )
Description: (-2146885628) Objekt nebo vlastnost nebyly nalezeny.

Error: (01/22/2023 06:23:42 PM) (Source: DbxSvc) (EventID: 281) (User: )
Description: (-2146885628) Objekt nebo vlastnost nebyly nalezeny.

Error: (01/22/2023 03:25:11 PM) (Source: Microsoft-Windows-Defrag) (EventID: 264) (User: )
Description: Optimalizátor úložiště nemohl dokončit opakovat operaci trim na Nový svazek (D:), protože: Požadovaná operace není podporována hardwarem, který zálohuje svazek. (0x8900002A)

Error: (01/22/2023 01:01:33 PM) (Source: Microsoft-Windows-CertificateServicesClient) (EventID: 1003) (User: NT AUTHORITY)
Description: U klienta Certifikační služby se nezdařilo vyvolat poskytovatele jako odpověď na událost 256. Kód chyby 2147942593.

Error: (01/22/2023 01:01:33 PM) (Source: Microsoft-Windows-CertificateServicesClient) (EventID: 1001) (User: NT AUTHORITY)
Description: U klienta Certifikační služby se nezdařilo načíst poskytovatele pautoenr.dll. Kód chyby 193.

Error: (01/16/2023 12:20:58 AM) (Source: Application Error) (EventID: 1000) (User: )
Description: Název chybující aplikace: AUDIODG.EXE, verze: 10.0.19041.1865, časové razítko: 0x61fdcc50
Název chybujícího modulu: ICEsoundAPO64.dll, verze: 1.0.0.39, časové razítko: 0x5bd6e5e4
Kód výjimky: 0xc0000005
Posun chyby: 0x000000000003cda7
ID chybujícího procesu: 0x1ae0
Čas spuštění chybující aplikace: 0x01d929085c1c50b4
Cesta k chybující aplikaci: C:\WINDOWS\system32\AUDIODG.EXE
Cesta k chybujícímu modulu: C:\WINDOWS\system32\ICEsoundAPO64.dll
ID zprávy: 3560670d-02a0-4c00-a1b4-e17e48c7a079
Úplný název chybujícího balíčku:
ID aplikace související s chybujícím balíčkem:


System errors:
=============
Error: (02/03/2023 10:28:46 PM) (Source: DCOM) (EventID: 10010) (User: NT AUTHORITY)
Description: Server {E60687F7-01A1-40AA-86AC-DB1CBF673334} se v daném časovém limitu neregistroval u služby DCOM.

Error: (02/03/2023 10:26:46 PM) (Source: DCOM) (EventID: 10010) (User: NT AUTHORITY)
Description: Server {E60687F7-01A1-40AA-86AC-DB1CBF673334} se v daném časovém limitu neregistroval u služby DCOM.

Error: (02/03/2023 09:53:09 PM) (Source: Service Control Manager) (EventID: 7000) (User: )
Description: Služba Steam Client Service neuspěla při spuštění v důsledku následující chyby:
Služba neodpověděla na řídicí nebo zahajovací požadavek dostatečně včas.

Error: (02/03/2023 09:53:09 PM) (Source: Service Control Manager) (EventID: 7009) (User: )
Description: Při čekání na připojení služby Steam Client Service bylo dosaženo časového limitu (30000 ms).

Error: (02/03/2023 09:24:57 PM) (Source: DCOM) (EventID: 10000) (User: SUCHOŠ)
Description: Nelze spustit server DCOM: {0358B920-0AC7-461F-98F4-58E32CD89148}. Došlo k chybě:
2147942767
při provádění příkazu:
C:\WINDOWS\system32\DllHost.exe /Processid:{3EB3C877-1F16-487C-9050-104DBCD66683}

Error: (02/03/2023 09:00:26 PM) (Source: DCOM) (EventID: 10005) (User: SUCHOŠ)
Description: Služba DCOM zjistila chybu 1053 při pokusu o spuštění služby BcastDVRUserService_538ccf7 s argumenty Není k dispozici za účelem spuštění serveru:
Windows.Media.Capture.Internal.AppCaptureShell

Error: (02/03/2023 09:00:26 PM) (Source: Service Control Manager) (EventID: 7000) (User: )
Description: Služba Uživatelská služba pro GameDVR a vysílání her_538ccf7 neuspěla při spuštění v důsledku následující chyby:
Služba neodpověděla na řídicí nebo zahajovací požadavek dostatečně včas.

Error: (02/03/2023 09:00:26 PM) (Source: Service Control Manager) (EventID: 7009) (User: )
Description: Při čekání na připojení služby Uživatelská služba pro GameDVR a vysílání her_538ccf7 bylo dosaženo časového limitu (30000 ms).


Windows Defender:
================
Date: 2023-02-03 21:44:00
Description:
Antivirová ochrana v programu Microsoft Defender zjistil malware nebo jiný potenciálně nežádoucí software.
Další informace:
https://go.microsoft.com/fwlink/?linkid ... terprise=0
Název: Trojan:Win32/Tiggre!rfn
Závažnost: Vážné
Kategorie: Trojský kůň
Cesta: file:_D:\Age of Empires II HD - Complete\EoE-HD\steam_api.dll
Původ detekce: Místní počítač
Typ detekce: Konkrétní
Zdroj detekce: Ochrana v reálném čase
Uživatel: SUCHOŠ\uživatel pc
Název procesu: D:\Age of Empires II HD - Complete\EoE-HD\AoK HD.exe
Verze bezpečnostních informací: AV: 1.381.3081.0, AS: 1.381.3081.0, NIS: 1.381.3081.0
Verze modulu: AM: 1.1.19900.2, NIS: 1.1.19900.2

Date: 2023-02-03 21:30:20
Description:
Prohledávání Antivirová ochrana v programu Microsoft Defender bylo zastaveno před dokončením.
ID prohledávání: {F2792175-D5D2-4259-A90D-60DEAEFE4D1D}
Typ prohledávání: Antimalwarový program
Parametry prohledávání: Úplné prohledávání
Uživatel: SUCHOŠ\uživatel pc

Date: 2023-02-03 13:10:43
Description:
Prohledávání Antivirová ochrana v programu Microsoft Defender bylo zastaveno před dokončením.
ID prohledávání: {29CE1321-C263-413E-B877-2AFA809764B9}
Typ prohledávání: Antimalwarový program
Parametry prohledávání: Rychlé prohledávání
Uživatel: NT AUTHORITY\SYSTEM

Date: 2023-02-01 17:32:47
Description:
Prohledávání Antivirová ochrana v programu Microsoft Defender bylo zastaveno před dokončením.
ID prohledávání: {B1E3C8B5-B3C1-4430-997B-27BEA0D0E2D1}
Typ prohledávání: Antimalwarový program
Parametry prohledávání: Rychlé prohledávání
Uživatel: NT AUTHORITY\SYSTEM

Date: 2023-01-31 17:25:59
Description:
Prohledávání Antivirová ochrana v programu Microsoft Defender bylo zastaveno před dokončením.
ID prohledávání: {D5B6242C-4FE6-48F2-BE71-4E6EC0492793}
Typ prohledávání: Antimalwarový program
Parametry prohledávání: Rychlé prohledávání
Uživatel: NT AUTHORITY\SYSTEM

CodeIntegrity:
===============
Date: 2023-02-04 15:47:30
Description:
Code Integrity determined that a process (\Device\HarddiskVolume4\ProgramData\Microsoft\Windows Defender\Platform\4.18.2211.5-0\MsMpEng.exe) attempted to load \Device\HarddiskVolume4\Windows\System32\DriverStore\FileRepository\igdlh64.inf_amd64_ceba516baea4bed9\igd10iumd64.dll that did not meet the Custom 3 / Antimalware signing level requirements.


==================== Memory info ===========================

BIOS: American Megatrends Inc. GL753VE.308 04/29/2019
Motherboard: ASUSTeK COMPUTER INC. GL753VE
Processor: Intel(R) Core(TM) i7-7700HQ CPU @ 2.80GHz
Percentage of memory in use: 14%
Total physical RAM: 32652.82 MB
Available physical RAM: 27846.1 MB
Total Virtual: 37516.82 MB
Available Virtual: 31760.44 MB

==================== Drives ================================

Drive c: () (Fixed) (Total:237.87 GB) (Free:153.95 GB) (Model: Micron_1100_MTFDDAV256TBN) NTFS
Drive d: (Nový svazek) (Fixed) (Total:931.51 GB) (Free:109.99 GB) (Model: HGST HTS721010A9E630) NTFS

\\?\Volume{262e8d1a-121f-49e9-92af-23fff9a3bda5}\ (Obnovení) (Fixed) (Total:0.49 GB) (Free:0.06 GB) NTFS
\\?\Volume{8a3c370a-4692-46e2-b23f-a12e2d5b54f9}\ () (Fixed) (Total:0.09 GB) (Free:0.07 GB) FAT32

==================== MBR & Partition Table ====================

==========================================================
Disk: 0 (Size: 238.5 GB) (Disk ID: 5DE8EAA4)

Partition: GPT.

==========================================================
Disk: 1 (Size: 931.5 GB) (Disk ID: 899AFF08)

Partition: GPT.

==================== End of Addition.txt =======================
ALEXUSS

Uživatelský avatar
Rudy
Site Admin
Site Admin
Příspěvky: 118198
Registrován: 30 říj 2003 13:42
Bydliště: Plzeň
Kontaktovat uživatele:

Re: Preventivka

#4 Příspěvek od Rudy »

Otevřte poznámkový blok a zkopírujte do něj:
Start

CloseProcesses:
ContextMenuHandlers5: [igfxcui] -> {3AB1675A-CCFF-11D2-8B20-00A0C93CB1F4} => -> No File
FirewallRules: [UDP Query User{57F4FC4D-7E1A-46F6-BA27-52B3CD38A2D8}C:\program files (x86)\world of warcraft\_classic_\utils\wowvoiceproxy.exe] => (Allow) C:\program files (x86)\world of warcraft\_classic_\utils\wowvoiceproxy.exe => No File
FirewallRules: [TCP Query User{33057C6A-D93F-4BC6-88A7-C0062D64D356}C:\program files (x86)\world of warcraft\_classic_\utils\wowvoiceproxy.exe] => (Allow) C:\program files (x86)\world of warcraft\_classic_\utils\wowvoiceproxy.exe => No File
FirewallRules: [UDP Query User{5AA8A60B-25FD-47B7-B758-4AD68C5217B8}C:\program files (x86)\world of warcraft\_classic_\utils\wowvoiceproxy.exe] => (Allow) C:\program files (x86)\world of warcraft\_classic_\utils\wowvoiceproxy.exe => No File
FirewallRules: [TCP Query User{485252D1-2306-413D-8E5F-3990F2BECA94}C:\program files (x86)\world of warcraft\_classic_\utils\wowvoiceproxy.exe] => (Allow) C:\program files (x86)\world of warcraft\_classic_\utils\wowvoiceproxy.exe => No File
FirewallRules: [TCP Query User{E3A3C90F-167A-4DE4-9026-E6A73B8BD920}C:\program files (x86)\world of warcraft\_retail_\utils\wowvoiceproxy.exe] => (Allow) C:\program files (x86)\world of warcraft\_retail_\utils\wowvoiceproxy.exe => No File
FirewallRules: [UDP Query User{9565E01B-01E7-4FEB-9A71-733138E88FB5}C:\program files (x86)\world of warcraft\_retail_\utils\wowvoiceproxy.exe] => (Allow) C:\program files (x86)\world of warcraft\_retail_\utils\wowvoiceproxy.exe => No File
FirewallRules: [TCP Query User{09A7FD5D-7883-4F32-9A3C-C6F5FBE9E61F}C:\program files (x86)\world of warcraft\_retail_\utils\wowvoiceproxy.exe] => (Allow) C:\program files (x86)\world of warcraft\_retail_\utils\wowvoiceproxy.exe => No File
FirewallRules: [UDP Query User{5786F7D2-7AA4-4536-811C-4A4A675666B5}C:\program files (x86)\world of warcraft\_retail_\utils\wowvoiceproxy.exe] => (Allow) C:\program files (x86)\world of warcraft\_retail_\utils\wowvoiceproxy.exe => No File
D:\Age of Empires II HD - Complete\EoE-HD\steam_api.dll
Task: {542E305A-215B-445F-BE31-65C586CE555A} - System32\Tasks\Update Checker => C:\Program Files (x86)\ASUS\ASUS Live Update\UpdateChecker.exe (No File)
Edge Extension: (No Name) -> AutoFormFill_5ED10D46BD7E47DEB1F3685D2C0FCE08 => C:\Windows\SystemApps\Microsoft.MicrosoftEdge_8wekyb3d8bbwe\Assets\HostExtensions\AutoFormFill [not found]
Edge Extension: (No Name) -> BookReader_B171F20233094AC88D05A8EF7B9763E8 => C:\Windows\SystemApps\Microsoft.MicrosoftEdge_8wekyb3d8bbwe\Assets\BookViewer [not found]
Edge Extension: (No Name) -> LearningTools_7706F933-971C-41D1-9899-8A026EB5D824 => C:\Windows\SystemApps\Microsoft.MicrosoftEdge_8wekyb3d8bbwe\Assets\HostExtensions\LearningTools [not found]
Edge Extension: (No Name) -> PinJSAPI_EC01B57063BE468FAB6DB7EBFC3BF368 => C:\Windows\SystemApps\Microsoft.MicrosoftEdge_8wekyb3d8bbwe\Assets\HostExtensions\PinJSAPI [not found]

EmptyTemp:
End
Uložte na plochu jako fixlist.txt. Spusťte znovu FRST a klikněte na >Fix<. Po skončení akce se objeví log, který sem zkopírujte.
Dotazy a logy vkládejte pouze do vašich threadů. Soukromé zprávy, icq a e-maily neslouží k řešení vašich problémů.

Podpořte, prosím, naše fórum : https://platba.viry.cz/payment/.

Navštivte: Obrázek

e-mail: rudy(zavináč)forum.viry.cz

Varování:
Před odvirováním PC si udělejte zálohy svých důležitých dat (pošta, kontakty, dokumenty, fotografie, videa, hudba apod.). Virus mimo svých "viditelných" aktivit může poškodit systém!


Po dořešení vašeho problému bude vlákno zamknuto. Stejně tak tehdy, pokud bude nečinné více než 14dnů. Pokud budete chtít vlákno aktivovat, napište mi na mail uvedený výše.

Uživatelský avatar
ALEXUSS
Vzorný návštěvník
Vzorný návštěvník
Příspěvky: 75
Registrován: 08 led 2009 09:31
Bydliště: Praha7
Kontaktovat uživatele:

Re: Preventivka

#5 Příspěvek od ALEXUSS »

Fix result of Farbar Recovery Scan Tool (x64) Version: 03-02-2023
Ran by uživatel pc (05-02-2023 16:46:48) Run:2
Running from C:\Users\uživatel pc\Desktop
Loaded Profiles: uživatel pc
Boot Mode: Normal
==============================================

fixlist content:
*****************
Start

CloseProcesses:
ContextMenuHandlers5: [igfxcui] -> {3AB1675A-CCFF-11D2-8B20-00A0C93CB1F4} => -> No File
FirewallRules: [UDP Query User{57F4FC4D-7E1A-46F6-BA27-52B3CD38A2D8}C:\program files (x86)\world of warcraft\_classic_\utils\wowvoiceproxy.exe] => (Allow) C:\program files (x86)\world of warcraft\_classic_\utils\wowvoiceproxy.exe => No File
FirewallRules: [TCP Query User{33057C6A-D93F-4BC6-88A7-C0062D64D356}C:\program files (x86)\world of warcraft\_classic_\utils\wowvoiceproxy.exe] => (Allow) C:\program files (x86)\world of warcraft\_classic_\utils\wowvoiceproxy.exe => No File
FirewallRules: [UDP Query User{5AA8A60B-25FD-47B7-B758-4AD68C5217B8}C:\program files (x86)\world of warcraft\_classic_\utils\wowvoiceproxy.exe] => (Allow) C:\program files (x86)\world of warcraft\_classic_\utils\wowvoiceproxy.exe => No File
FirewallRules: [TCP Query User{485252D1-2306-413D-8E5F-3990F2BECA94}C:\program files (x86)\world of warcraft\_classic_\utils\wowvoiceproxy.exe] => (Allow) C:\program files (x86)\world of warcraft\_classic_\utils\wowvoiceproxy.exe => No File
FirewallRules: [TCP Query User{E3A3C90F-167A-4DE4-9026-E6A73B8BD920}C:\program files (x86)\world of warcraft\_retail_\utils\wowvoiceproxy.exe] => (Allow) C:\program files (x86)\world of warcraft\_retail_\utils\wowvoiceproxy.exe => No File
FirewallRules: [UDP Query User{9565E01B-01E7-4FEB-9A71-733138E88FB5}C:\program files (x86)\world of warcraft\_retail_\utils\wowvoiceproxy.exe] => (Allow) C:\program files (x86)\world of warcraft\_retail_\utils\wowvoiceproxy.exe => No File
FirewallRules: [TCP Query User{09A7FD5D-7883-4F32-9A3C-C6F5FBE9E61F}C:\program files (x86)\world of warcraft\_retail_\utils\wowvoiceproxy.exe] => (Allow) C:\program files (x86)\world of warcraft\_retail_\utils\wowvoiceproxy.exe => No File
FirewallRules: [UDP Query User{5786F7D2-7AA4-4536-811C-4A4A675666B5}C:\program files (x86)\world of warcraft\_retail_\utils\wowvoiceproxy.exe] => (Allow) C:\program files (x86)\world of warcraft\_retail_\utils\wowvoiceproxy.exe => No File
D:\Age of Empires II HD - Complete\EoE-HD\steam_api.dll
Task: {542E305A-215B-445F-BE31-65C586CE555A} - System32\Tasks\Update Checker => C:\Program Files (x86)\ASUS\ASUS Live Update\UpdateChecker.exe (No File)
Edge Extension: (No Name) -> AutoFormFill_5ED10D46BD7E47DEB1F3685D2C0FCE08 => C:\Windows\SystemApps\Microsoft.MicrosoftEdge_8wekyb3d8bbwe\Assets\HostExtensions\AutoFormFill [not found]
Edge Extension: (No Name) -> BookReader_B171F20233094AC88D05A8EF7B9763E8 => C:\Windows\SystemApps\Microsoft.MicrosoftEdge_8wekyb3d8bbwe\Assets\BookViewer [not found]
Edge Extension: (No Name) -> LearningTools_7706F933-971C-41D1-9899-8A026EB5D824 => C:\Windows\SystemApps\Microsoft.MicrosoftEdge_8wekyb3d8bbwe\Assets\HostExtensions\LearningTools [not found]
Edge Extension: (No Name) -> PinJSAPI_EC01B57063BE468FAB6DB7EBFC3BF368 => C:\Windows\SystemApps\Microsoft.MicrosoftEdge_8wekyb3d8bbwe\Assets\HostExtensions\PinJSAPI [not found]

EmptyTemp:
End
*****************

Processes closed successfully.
HKLM\Software\Classes\Directory\Background\ShellEx\ContextMenuHandlers\igfxcui => removed successfully
"HKLM\SYSTEM\CurrentControlSet\services\SharedAccess\Parameters\FirewallPolicy\FirewallRules\\UDP Query User{57F4FC4D-7E1A-46F6-BA27-52B3CD38A2D8}C:\program files (x86)\world of warcraft\_classic_\utils\wowvoiceproxy.exe" => removed successfully
"HKLM\SYSTEM\CurrentControlSet\services\SharedAccess\Parameters\FirewallPolicy\FirewallRules\\TCP Query User{33057C6A-D93F-4BC6-88A7-C0062D64D356}C:\program files (x86)\world of warcraft\_classic_\utils\wowvoiceproxy.exe" => removed successfully
"HKLM\SYSTEM\CurrentControlSet\services\SharedAccess\Parameters\FirewallPolicy\FirewallRules\\UDP Query User{5AA8A60B-25FD-47B7-B758-4AD68C5217B8}C:\program files (x86)\world of warcraft\_classic_\utils\wowvoiceproxy.exe" => removed successfully
"HKLM\SYSTEM\CurrentControlSet\services\SharedAccess\Parameters\FirewallPolicy\FirewallRules\\TCP Query User{485252D1-2306-413D-8E5F-3990F2BECA94}C:\program files (x86)\world of warcraft\_classic_\utils\wowvoiceproxy.exe" => removed successfully
"HKLM\SYSTEM\CurrentControlSet\services\SharedAccess\Parameters\FirewallPolicy\FirewallRules\\TCP Query User{E3A3C90F-167A-4DE4-9026-E6A73B8BD920}C:\program files (x86)\world of warcraft\_retail_\utils\wowvoiceproxy.exe" => removed successfully
"HKLM\SYSTEM\CurrentControlSet\services\SharedAccess\Parameters\FirewallPolicy\FirewallRules\\UDP Query User{9565E01B-01E7-4FEB-9A71-733138E88FB5}C:\program files (x86)\world of warcraft\_retail_\utils\wowvoiceproxy.exe" => removed successfully
"HKLM\SYSTEM\CurrentControlSet\services\SharedAccess\Parameters\FirewallPolicy\FirewallRules\\TCP Query User{09A7FD5D-7883-4F32-9A3C-C6F5FBE9E61F}C:\program files (x86)\world of warcraft\_retail_\utils\wowvoiceproxy.exe" => removed successfully
"HKLM\SYSTEM\CurrentControlSet\services\SharedAccess\Parameters\FirewallPolicy\FirewallRules\\UDP Query User{5786F7D2-7AA4-4536-811C-4A4A675666B5}C:\program files (x86)\world of warcraft\_retail_\utils\wowvoiceproxy.exe" => removed successfully
"D:\Age of Empires II HD - Complete\EoE-HD\steam_api.dll" => not found
"HKLM\Software\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Logon\{542E305A-215B-445F-BE31-65C586CE555A}" => removed successfully
"HKLM\Software\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tasks\{542E305A-215B-445F-BE31-65C586CE555A}" => removed successfully
C:\WINDOWS\System32\Tasks\Update Checker => moved successfully
"HKLM\Software\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tree\Update Checker" => removed successfully
HKCU\Software\Classes\Local Settings\Software\Microsoft\Windows\CurrentVersion\AppContainer\Storage\microsoft.microsoftedge_8wekyb3d8bbwe\MicrosoftEdge\ExtensionsStore\datastore\Config\AutoFormFill_5ED10D46BD7E47DEB1F3685D2C0FCE08 => removed successfully
HKCU\Software\Classes\Local Settings\Software\Microsoft\Windows\CurrentVersion\AppContainer\Storage\microsoft.microsoftedge_8wekyb3d8bbwe\MicrosoftEdge\ExtensionsStore\datastore\Config\BookReader_B171F20233094AC88D05A8EF7B9763E8 => removed successfully
HKCU\Software\Classes\Local Settings\Software\Microsoft\Windows\CurrentVersion\AppContainer\Storage\microsoft.microsoftedge_8wekyb3d8bbwe\MicrosoftEdge\ExtensionsStore\datastore\Config\LearningTools_7706F933-971C-41D1-9899-8A026EB5D824 => removed successfully
HKCU\Software\Classes\Local Settings\Software\Microsoft\Windows\CurrentVersion\AppContainer\Storage\microsoft.microsoftedge_8wekyb3d8bbwe\MicrosoftEdge\ExtensionsStore\datastore\Config\PinJSAPI_EC01B57063BE468FAB6DB7EBFC3BF368 => removed successfully

=========== EmptyTemp: ==========

FlushDNS => completed
BITS transfer queue => 1572864 B
DOMStore, IE Recovery, AppCache, Feeds Cache, Thumbcache, IconCache => 107342514 B
Java, Discord, Steam htmlcache, WinHttpAutoProxySvc/winhttp *.cache => 996620977 B
Windows/system/drivers => 7596843 B
Edge => 54875 B
Chrome => 442329978 B
Firefox => 19161897 B
Opera => 0 B

Temp, IE cache, history, cookies, recent:
Default => 0 B
ProgramData => 0 B
Public => 0 B
systemprofile => 0 B
systemprofile32 => 0 B
LocalService => 0 B
NetworkService => 8741484 B
uživatel pc => 604609141 B

RecycleBin => 0 B
EmptyTemp: => 2 GB temporary data Removed.

================================


The system needed a reboot.

==== End of Fixlog 16:47:17 ====
ALEXUSS

Uživatelský avatar
Rudy
Site Admin
Site Admin
Příspěvky: 118198
Registrován: 30 říj 2003 13:42
Bydliště: Plzeň
Kontaktovat uživatele:

Re: Preventivka

#6 Příspěvek od Rudy »

Smazáno, log je již OK.
Dotazy a logy vkládejte pouze do vašich threadů. Soukromé zprávy, icq a e-maily neslouží k řešení vašich problémů.

Podpořte, prosím, naše fórum : https://platba.viry.cz/payment/.

Navštivte: Obrázek

e-mail: rudy(zavináč)forum.viry.cz

Varování:
Před odvirováním PC si udělejte zálohy svých důležitých dat (pošta, kontakty, dokumenty, fotografie, videa, hudba apod.). Virus mimo svých "viditelných" aktivit může poškodit systém!


Po dořešení vašeho problému bude vlákno zamknuto. Stejně tak tehdy, pokud bude nečinné více než 14dnů. Pokud budete chtít vlákno aktivovat, napište mi na mail uvedený výše.

Uživatelský avatar
ALEXUSS
Vzorný návštěvník
Vzorný návštěvník
Příspěvky: 75
Registrován: 08 led 2009 09:31
Bydliště: Praha7
Kontaktovat uživatele:

Re: Preventivka

#7 Příspěvek od ALEXUSS »

Super, díky moc za rychlost a ochotu.
ALEXUSS

Uživatelský avatar
Rudy
Site Admin
Site Admin
Příspěvky: 118198
Registrován: 30 říj 2003 13:42
Bydliště: Plzeň
Kontaktovat uživatele:

Re: Preventivka

#8 Příspěvek od Rudy »

Rádo se stalo! :)
Dotazy a logy vkládejte pouze do vašich threadů. Soukromé zprávy, icq a e-maily neslouží k řešení vašich problémů.

Podpořte, prosím, naše fórum : https://platba.viry.cz/payment/.

Navštivte: Obrázek

e-mail: rudy(zavináč)forum.viry.cz

Varování:
Před odvirováním PC si udělejte zálohy svých důležitých dat (pošta, kontakty, dokumenty, fotografie, videa, hudba apod.). Virus mimo svých "viditelných" aktivit může poškodit systém!


Po dořešení vašeho problému bude vlákno zamknuto. Stejně tak tehdy, pokud bude nečinné více než 14dnů. Pokud budete chtít vlákno aktivovat, napište mi na mail uvedený výše.

Zamčeno