Stránka 1 z 1

Kontrola logu

Napsal: 18 črc 2019 21:56
od danek
Dobrý den,

prosím o kontrolu logu, ve firefoxu se mi objevily nějaké neznámé ikonky, počítač se nějak dlouho spouští a př spuštění Exploreru se objevila modrá smrt. Zkoušel jsem ADW a smazalo to nějaké soubory. Děkuji.

# -------------------------------
# Malwarebytes AdwCleaner 7.3.0.0
# -------------------------------
# Build: 04-04-2019
# Database: 2019-07-15.1 (Cloud)
# Support: https://www.malwarebytes.com/support
#
# -------------------------------
# Mode: Clean
# -------------------------------
# Start: 07-18-2019
# Duration: 00:00:03
# OS: Windows 7 Home Premium
# Cleaned: 3
# Failed: 0


***** [ Services ] *****

No malicious services cleaned.

***** [ Folders ] *****

Deleted C:\Program Files (x86)\Seznam.cz
Deleted C:\Users\Daniel\AppData\Roaming\Seznam.cz

***** [ Files ] *****

No malicious files cleaned.

***** [ DLL ] *****

No malicious DLLs cleaned.

***** [ WMI ] *****

No malicious WMI cleaned.

***** [ Shortcuts ] *****

No malicious shortcuts cleaned.

***** [ Tasks ] *****

No malicious tasks cleaned.

***** [ Registry ] *****

Deleted HKCU\Software\Seznam.cz

***** [ Chromium (and derivatives) ] *****

No malicious Chromium entries cleaned.

***** [ Chromium URLs ] *****

No malicious Chromium URLs cleaned.

***** [ Firefox (and derivatives) ] *****

No malicious Firefox entries cleaned.

***** [ Firefox URLs ] *****

No malicious Firefox URLs cleaned.


*************************

[+] Delete Tracing Keys
[+] Reset Winsock

*************************

AdwCleaner[S00].txt - [1245 octets] - [22/09/2018 22:09:41]
AdwCleaner[S01].txt - [1306 octets] - [22/09/2018 22:10:46]
AdwCleaner[S02].txt - [1379 octets] - [03/11/2018 18:04:57]
AdwCleaner[C02].txt - [1565 octets] - [03/11/2018 18:05:50]
AdwCleaner[S03].txt - [1501 octets] - [03/11/2018 18:10:49]
AdwCleaner[S04].txt - [1693 octets] - [18/07/2019 22:50:07]

########## EOF - C:\AdwCleaner\Logs\AdwCleaner[C04].txt ##########

Re: Kontrola logu

Napsal: 18 črc 2019 23:53
od Conder
Ahoj :)

:arrow: Poprosim o obidva logy z FRST (FRST.txt a Addition.txt) podla tohto navodu: https://forum.viry.cz/viewtopic.php?f=13&t=154679

Re: Kontrola logu

Napsal: 19 črc 2019 22:48
od danek
Ahoj,

přikládám log.

Scan result of Farbar Recovery Scan Tool (FRST) (x64) Version: 15-07-2019 01
Ran by Daniel (administrator) on BOROVICE (LENOVO 11435WG) (19-07-2019 23:25:11)
Running from C:\Users\Daniel\Desktop
Loaded Profiles: Daniel (Available Profiles: Daniel & Hanička)
Platform: Windows 7 Home Premium Service Pack 1 (X64) Language: Čeština (Česká republika)
Internet Explorer Version 11 (Default browser: FF)
Boot Mode: Normal
Tutorial for Farbar Recovery Scan Tool: http://www.geekstogo.com/forum/topic/33 ... scan-tool/

==================== Processes (Whitelisted) =================

(If an entry is included in the fixlist, the process will be closed. The file will not be moved.)

(Advanced Micro Devices Inc.) [File not signed] C:\Program Files (x86)\ATI Technologies\ATI.ACE\Core-Static\MOM.exe
(ATI Technologies Inc.) [File not signed] C:\Program Files (x86)\ATI Technologies\ATI.ACE\Core-Static\CCC.exe
(AVAST Software s.r.o. -> AVAST Software) C:\Program Files (x86)\AVAST Software\Avast Cleanup\TuneupSvc.exe
(AVAST Software s.r.o. -> AVAST Software) C:\Program Files (x86)\AVAST Software\Avast Cleanup\TuneupUI.exe
(AVAST Software s.r.o. -> AVAST Software) C:\Program Files\AVAST Software\Avast\afwServ.exe
(AVAST Software s.r.o. -> AVAST Software) C:\Program Files\AVAST Software\Avast\aswEngSrv.exe
(AVAST Software s.r.o. -> AVAST Software) C:\Program Files\AVAST Software\Avast\aswidsagent.exe
(AVAST Software s.r.o. -> AVAST Software) C:\Program Files\AVAST Software\Avast\AvastSvc.exe
(AVAST Software s.r.o. -> AVAST Software) C:\Program Files\AVAST Software\Avast\AvastUI.exe
(AVAST Software s.r.o. -> AVAST Software) C:\Program Files\AVAST Software\SecureLine\Vpn.exe
(AVAST Software s.r.o. -> AVAST Software) C:\Program Files\AVAST Software\SecureLine\VpnSvc.exe
(Conexant Systems, Inc. -> Conexant Systems, Inc.) C:\Windows\SysWOW64\SASrv.exe
(Intel Corporation -> Intel Corporation) C:\Windows\System32\hkcmd.exe
(Intel Corporation -> Intel Corporation) C:\Windows\System32\igfxpers.exe
(Intel Corporation -> Intel Corporation) C:\Windows\System32\igfxtray.exe
(Intel® Identity Protection Technology Software -> Intel Corporation) C:\Program Files (x86)\Intel\Services\IPT\jhi_service.exe
(Lenovo(Japan)Ltd. -> Lenovo Group Limited) C:\Program Files\Lenovo\HOTKEY\micmute.exe
(Lenovo(Japan)Ltd. -> Lenovo Group Limited) C:\Program Files\Lenovo\HOTKEY\tphkload.exe
(Lenovo(Japan)Ltd. -> Lenovo Group Limited) C:\Program Files\Lenovo\HOTKEY\TPHKSVC.exe
(Lenovo(Japan)Ltd. -> Lenovo Group Limited) C:\Program Files\Lenovo\HOTKEY\tpnumlkd.exe
(Lenovo(Japan)Ltd. -> Lenovo Group Limited) C:\Program Files\Lenovo\HOTKEY\TPONSCR.exe
(Lenovo(Japan)Ltd. -> Lenovo Group Limited) C:\Program Files\Lenovo\VIRTSCRL\lvvsst.exe
(Lenovo(Japan)Ltd. -> Lenovo Group Limited) C:\Program Files\Lenovo\VIRTSCRL\virtscrl.exe
(Lenovo(Japan)Ltd. -> Lenovo.) C:\Windows\System32\ibmpmsvc.exe
(Microsoft Corporation -> Microsoft Corp.) C:\Program Files\Common Files\Microsoft Shared\Windows Live\WLIDSVC.EXE
(Microsoft Corporation -> Microsoft Corp.) C:\Program Files\Common Files\Microsoft Shared\Windows Live\WLIDSVCM.EXE
(Microsoft Corporation -> Microsoft Corporation) C:\Windows\Microsoft.NET\Framework64\v3.0\WPF\PresentationFontCache.exe
(Microsoft Dynamic Code Publisher -> Microsoft Corporation) C:\Windows\Microsoft.NET\Framework\v4.0.30319\mscorsvw.exe
(Microsoft Dynamic Code Publisher -> Microsoft Corporation) C:\Windows\Microsoft.NET\Framework64\v4.0.30319\mscorsvw.exe
(Microsoft Windows -> Microsoft Corporation) C:\Windows\System32\CompatTelRunner.exe
(Microsoft Windows -> Microsoft Corporation) C:\Windows\System32\CompatTelRunner.exe
(Microsoft Windows -> Microsoft Corporation) C:\Windows\System32\rundll32.exe
(Microsoft Windows -> Microsoft Corporation) C:\Windows\System32\wlanext.exe
(Microsoft Windows Hardware Compatibility Publisher -> AMD) C:\Windows\System32\atieclxx.exe
(Microsoft Windows Hardware Compatibility Publisher -> AMD) C:\Windows\System32\atiesrxx.exe
(Mozilla Corporation -> Mozilla Corporation) C:\Program Files\Mozilla Firefox\firefox.exe
(Mozilla Corporation -> Mozilla Corporation) C:\Program Files\Mozilla Firefox\firefox.exe
(Mozilla Corporation -> Mozilla Corporation) C:\Program Files\Mozilla Firefox\firefox.exe
(Mozilla Corporation -> Mozilla Corporation) C:\Program Files\Mozilla Firefox\firefox.exe
(UPEK Inc. -> UPEK Inc.) C:\Program Files\ThinkVantage Fingerprint Software\upeksvr.exe

==================== Registry (Whitelisted) ===========================

(If an entry is included in the fixlist, the registry item will be restored to default or removed. The file will not be moved.)

HKLM\...\Run: [SynTPEnh] => C:\Program Files\Synaptics\SynTP\SynTPEnh.exe [2731304 2011-03-24] (Synaptics Incorporated -> Synaptics Incorporated)
HKLM\...\Run: [IntelWireless] => C:\Program Files\Common Files\Intel\WirelessCommon\iFrmewrk.exe [1933584 2010-12-17] (Intel Corporation - Mobile Wireless Group -> Intel(R) Corporation)
HKLM\...\Run: [ForteConfig] => C:\Program Files\Conexant\ForteConfig\fmapp.exe [49056 2010-10-26] (Fortemedia Inc -> )
HKLM\...\Run: [SmartAudio] => C:\Program Files\CONEXANT\SAII\SAIICpl.exe [307768 2010-04-28] (Conexant Systems, Inc. -> )
HKLM\...\Run: [LENOVO.TPKNRRES] => C:\Program Files\Lenovo\Communications Utility\TPKNRRES.exe [41320 2011-01-27] (Lenovo(Japan)Ltd. -> Lenovo Group Limited)
HKLM\...\Run: [ALCKRESI.EXE] => C:\Program Files\Lenovo\AutoLock\ALCKRESI.EXE [281448 2010-12-17] (Lenovo(Japan)Ltd. -> Lenovo Group Limited)
HKLM\...\Run: [AvastUI.exe] => C:\Program Files\AVAST Software\Avast\AvLaunch.exe [269192 2019-06-25] (AVAST Software s.r.o. -> AVAST Software)
HKLM-x32\...\Run: [RotateImage] => C:\Program Files (x86)\Integrated Camera Driver\X64\RCIMGDIR.exe [55808 2008-10-31] (Ricoh co.,Ltd.) [File not signed]
HKLM-x32\...\Run: [StartCCC] => C:\Program Files (x86)\ATI Technologies\ATI.ACE\Core-Static\CLIStart.exe [336384 2011-02-05] (Advanced Micro Devices, Inc.) [File not signed]
HKLM-x32\...\Run: [Adobe ARM] => C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\AdobeARM.exe [932288 2010-09-20] (Adobe Systems, Incorporated -> Adobe Systems Incorporated)
HKLM-x32\...\Run: [HP Software Update] => C:\Program Files (x86)\Hp\HP Software Update\HPWuSchd2.exe [96056 2013-05-30] (Hewlett-Packard Company -> Hewlett-Packard)
HKLM\SOFTWARE\Policies\Microsoft\Windows Defender: Restriction <==== ATTENTION
HKU\S-1-5-21-960529557-3528276582-3652460945-1001\...\Run: [EpicGamesLauncher] => C:\Program Files (x86)\Epic Games\Launcher\Portal\Binaries\Win64\EpicGamesLauncher.exe [35242384 2019-03-02] (Epic Games Inc. -> Epic Games, Inc.)
HKU\S-1-5-21-960529557-3528276582-3652460945-1001\...\MountPoints2: {c531a2c8-9846-11e9-a049-f0def1792787} - E:\HiSuiteDownLoader.exe
HKU\S-1-5-21-960529557-3528276582-3652460945-1001\...\MountPoints2: {e46f0976-fbb3-11e8-a904-f0def1792787} - E:\HiSuiteDownLoader.exe
HKU\S-1-5-21-960529557-3528276582-3652460945-1001\Control Panel\Desktop\\SCRNSAVE.EXE -> C:\Windows\system32\Mystify.scr [242688 2010-11-21] (Microsoft Windows -> Microsoft Corporation)
HKLM\Software\Wow6432Node\Microsoft\Active Setup\Installed Components: [{8A69D345-D564-463c-AFF1-A69D9E530F96}] -> "C:\Program Files (x86)\Google\Chrome\Application\67.0.3396.99\Installer\chrmstp.exe" --configure-user-settings --verbose-logging --system-level
HKLM\Software\...\Authentication\Credential Providers: [{18CBEEAA-6708-41A1-9379-D08915333CF2}] -> C:\Program Files\ThinkVantage Fingerprint Software\provider.dll [2010-12-08] (UPEK Inc. -> UPEK Inc.)
HKLM\Software\...\Authentication\Credential Providers: [{50968FF7-10C1-4fb3-98B0-CD654D6CB97E}] -> C:\Program Files\ThinkPad\Bluetooth Software\\BtwCP.dll [2010-12-19] (Broadcom Corporation -> Broadcom Corporation.)
HKLM\Software\...\Authentication\Credential Providers: [{F8A0B131-5F68-486c-8040-7E8FC3C85BB6}] -> C:\Program Files\Common Files\Microsoft Shared\Windows Live\WLIDCREDPROV.DLL [2010-09-21] (Microsoft Corporation -> Microsoft Corp.)
HKLM\Software\...\Authentication\Credential Provider Filters: [{AE583D93-8D1B-424F-9858-5623FB7824EE}] -> C:\Program Files\ThinkVantage Fingerprint Software\provider.dll [2010-12-08] (UPEK Inc. -> UPEK Inc.)
IFEO\adwcleaner_7.0.8.0.exe: [Debugger] "C:\Program Files (x86)\AVAST Software\Avast Cleanup\autoreactivator.exe"
IFEO\adwcleaner_7.2.3.1.exe: [Debugger] "C:\Program Files (x86)\AVAST Software\Avast Cleanup\autoreactivator.exe"
IFEO\adwcleaner_7.2.4.0.exe: [Debugger] "C:\Program Files (x86)\AVAST Software\Avast Cleanup\autoreactivator.exe"
IFEO\bttray.exe: [Debugger] "C:\Program Files (x86)\AVAST Software\Avast Cleanup\autoreactivator.exe"
IFEO\iwrap.exe: [Debugger] "C:\Program Files (x86)\AVAST Software\Avast Cleanup\autoreactivator.exe"
IFEO\jrt.exe: [Debugger] "C:\Program Files (x86)\AVAST Software\Avast Cleanup\autoreactivator.exe"
IFEO\panui.exe: [Debugger] "C:\Program Files (x86)\AVAST Software\Avast Cleanup\autoreactivator.exe"
IFEO\pcdlauncher.exe: [Debugger] "C:\Program Files (x86)\AVAST Software\Avast Cleanup\autoreactivator.exe"
IFEO\windvd.exe: [Debugger] "C:\Program Files (x86)\AVAST Software\Avast Cleanup\autoreactivator.exe"
Lsa: [Notification Packages] scecli C:\Program Files\ThinkVantage Fingerprint Software\psqlpwd.dll
Startup: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Startup\Avast Cleanup Premium.lnk [2018-03-18]
ShortcutTarget: Avast Cleanup Premium.lnk -> C:\Program Files (x86)\AVAST Software\Avast Cleanup\TuneupUI.exe (AVAST Software s.r.o. -> AVAST Software)
Startup: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Startup\Avast SecureLine VPN.lnk [2019-05-25]
ShortcutTarget: Avast SecureLine VPN.lnk -> C:\Program Files\AVAST Software\SecureLine\Vpn.exe (AVAST Software s.r.o. -> AVAST Software)
Startup: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Startup\Bluetooth.lnk [2011-08-03]
ShortcutTarget: Bluetooth.lnk -> C:\Program Files\ThinkPad\Bluetooth Software\BTTray.exe (Broadcom Corporation -> Broadcom Corporation.)
Startup: C:\Users\Daniel\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup\Send to OneNote.lnk [2017-12-16]
ShortcutTarget: Send to OneNote.lnk -> C:\Program Files (x86)\Microsoft Office\root\Office16\ONENOTEM.EXE (Microsoft Corporation -> Microsoft Corporation)
FF HKLM\SOFTWARE\Policies\Mozilla\Firefox: Restriction <==== ATTENTION

==================== Scheduled Tasks (Whitelisted) =============

(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)

Task: {272071AA-AEEE-4DF5-B49B-522DB50CF8CE} - System32\Tasks\PCDEventLauncher => C:\Program Files\PC-Doctor\sessionchecker.exe [33872 2010-12-10] (PC-Doctor, Inc. -> )
Task: {36D7CCDA-0ED9-4849-A8C9-602221783403} - System32\Tasks\Avast Emergency Update => C:\Program Files\AVAST Software\Avast\AvEmUpdate.exe [3940232 2019-06-25] (AVAST Software s.r.o. -> AVAST Software)
Task: {3EF827F0-EEA8-450B-93B3-0299FD0662F9} - System32\Tasks\Avast SecureLine VPN Update => C:\Program Files\AVAST Software\SecureLine\VpnUpdate.exe [1392008 2019-07-18] (AVAST Software s.r.o. -> AVAST Software)
Task: {5F8E7189-8B63-43D8-89C8-7A8AF3061C12} - System32\Tasks\MCP => C:\Program Files (x86)\LENOVO\Message Center Plus\MCPLaunch.exe [49976 2009-05-28] (Lenovo Information Products (Shenzhen) Co.,Ltd -> )
Task: {6C1B9C16-CB6C-48D0-9D90-16B881BDB3E6} - System32\Tasks\Microsoft\Windows Live\SOXE\Extractor Definitions Update Task => {3519154C-227E-47F3-9CC9-12C3F05817F1}
Task: {7C14EFA0-AD4D-4EF9-B39F-B96B52489906} - System32\Tasks\Microsoft\Office\OfficeBackgroundTaskHandlerRegistration => C:\Program Files (x86)\Microsoft Office\root\Office16\officebackgroundtaskhandler.exe [1438384 2018-03-16] (Microsoft Corporation -> Microsoft Corporation)
Task: {805F2633-1A50-4B43-B47A-966A374315A1} - System32\Tasks\Microsoft\Office\Office Automatic Updates => C:\Program Files\Common Files\Microsoft Shared\ClickToRun\OfficeC2RClient.exe [23965992 2018-11-03] (Microsoft Corporation -> Microsoft Corporation)
Task: {8937E27E-C6D8-431B-9343-8CE51381134E} - System32\Tasks\PMTask => C:\Program Files (x86)\ThinkPad\Utilities\PWMIDTSV.EXE [525672 2011-02-03] (Lenovo(Japan)Ltd. -> Lenovo Group Limited)
Task: {8A37BB7D-7114-409A-8439-B1862648E26F} - System32\Tasks\AVAST Software\Avast settings backup => C:\Program Files\Common Files\AV\avast! Antivirus\backup.exe
Task: {964CFD15-ADC2-48AC-B1EF-968551E7169A} - System32\Tasks\HPCustParticipation HP Deskjet 3050 J610 series => C:\Program Files\HP\HP Deskjet 3050 J610 series\Bin\HPCustPartic.exe [4119656 2012-10-17] (Hewlett Packard -> Hewlett-Packard Co.)
Task: {A0A76F16-1610-4B3F-A3A6-5AA2253F1261} - System32\Tasks\Microsoft\Office\OfficeBackgroundTaskHandlerLogon => C:\Program Files (x86)\Microsoft Office\root\Office16\officebackgroundtaskhandler.exe [1438384 2018-03-16] (Microsoft Corporation -> Microsoft Corporation)
Task: {C80033B6-4884-42B2-B66D-343DFA7F6263} - System32\Tasks\SystemToolsDailyTest => C:\Program Files\PC-Doctor\pcdrcui.exe [973904 2010-12-10] (PC-Doctor, Inc. -> PC-Doctor, Inc.)
Task: {CB4073A5-4DA3-4091-ABAD-350A6470E49D} - System32\Tasks\Avast TUNEUP Update => C:\Program Files (x86)\AVAST Software\Avast Cleanup\TUNEUpdate.exe [1659000 2019-07-18] (AVAST Software s.r.o. -> AVAST Software)
Task: {D912A71A-817E-4439-A2E2-F0311A3E6628} - System32\Tasks\{085EBD58-2FDB-436C-B017-8F4BC01F9910} => C:\Windows\system32\pcalua.exe -a C:\Users\Daniel\Desktop\vlc-media-player-seznam-listicka.exe -d C:\Users\Daniel\Desktop
Task: {DF04C6B5-4092-4912-8BC6-8AB16B8E79E4} - System32\Tasks\Microsoft\Office\Office ClickToRun Service Monitor => C:\Program Files\Common Files\Microsoft Shared\ClickToRun\OfficeC2RClient.exe [23965992 2018-11-03] (Microsoft Corporation -> Microsoft Corporation)
Task: {EB7ED2C0-60AC-4D50-9DEE-890232A00826} - System32\Tasks\SafeZone scheduled Autoupdate 1493760176 => C:\Program Files\AVAST Software\SZBrowser\launcher.exe
Task: {ED654CBC-D0C1-4B42-AEFF-D3AC82F69434} - System32\Tasks\Avast Software\Overseer => C:\Program Files\Common Files\Avast Software\Overseer\overseer.exe [2281944 2019-06-04] (AVAST Software s.r.o. -> AVAST Software)
Task: {F157D031-D65A-46C1-9121-1D2397185697} - System32\Tasks\HPCustParticipation HP Deskjet 3050A J611 series => C:\Program Files\HP\HP Deskjet 3050A J611 series\Bin\HPCustPartic.exe [4119656 2012-10-17] (Hewlett Packard -> Hewlett-Packard Co.)

(If an entry is included in the fixlist, the task (.job) file will be moved. The file which is running by the task will not be moved.)

Task: C:\Windows\Tasks\SystemToolsDailyTest.job => C:\Program Files\PC-Doctor\pcdrcui.exe

==================== Internet (Whitelisted) ====================

(If an item is included in the fixlist, if it is a registry item it will be removed or restored to default.)

Tcpip\Parameters: [DhcpNameServer] 79.98.72.27 79.98.72.2 8.8.8.8 8.8.4.4
Tcpip\..\Interfaces\{5445CF24-F277-4FDC-BA18-97BA66C8214A}: [DhcpNameServer] 79.98.72.27 79.98.72.2 8.8.8.8 8.8.4.4
Tcpip\..\Interfaces\{9373A2C9-50E9-4FDE-B418-9B7C50FDAC6C}: [NameServer] 100.120.242.1

Internet Explorer:
==================
HKU\S-1-5-21-960529557-3528276582-3652460945-1001\Software\Microsoft\Internet Explorer\Main,Start Page = hxxp://lenovo.msn.com/
HKU\S-1-5-21-960529557-3528276582-3652460945-1001\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = hxxp://lenovo.msn.com
HKU\S-1-5-21-960529557-3528276582-3652460945-1001\Software\Microsoft\Internet Explorer\Main,Secondary Start Pages = hxxp://www.lenovo.com/welcome/thinkpad
SearchScopes: HKLM -> DefaultScope {DFD08979-7A8C-470E-8C45-0F1FD572B07B} URL =
SearchScopes: HKLM -> {0633EE93-D776-472f-A0FF-E1416B8B2E3A} URL =
SearchScopes: HKLM-x32 -> DefaultScope {9E644027-4B5A-4AAF-8BCF-7F27BBD65FFA} URL =
SearchScopes: HKLM-x32 -> {0633EE93-D776-472f-A0FF-E1416B8B2E3A} URL =
SearchScopes: HKU\S-1-5-21-960529557-3528276582-3652460945-1001 -> DefaultScope {DFD08979-7A8C-470E-8C45-0F1FD572B07B} URL = hxxp://www.bing.com/search?q={searchTerms}&for ... -SearchBox
SearchScopes: HKU\S-1-5-21-960529557-3528276582-3652460945-1001 -> {DFD08979-7A8C-470E-8C45-0F1FD572B07B} URL = hxxp://www.bing.com/search?q={searchTerms}&for ... -SearchBox
BHO: Lync Browser Helper -> {31D09BA0-12F5-4CCE-BE8A-2923E76605DA} -> C:\Program Files (x86)\Microsoft Office\root\VFS\ProgramFilesX64\Microsoft Office\Office16\OCHelper.dll [2018-03-03] (Microsoft Corporation -> Microsoft Corporation)
BHO: Windows Live ID Sign-in Helper -> {9030D464-4C02-4ABF-8ECC-5164760863C6} -> C:\Program Files\Common Files\Microsoft Shared\Windows Live\WindowsLiveLogin.dll [2010-09-21] (Microsoft Corporation -> Microsoft Corp.)
BHO: Office Document Cache Handler -> {B4F3A835-0E21-4959-BA22-42B3008E02FF} -> C:\Program Files\Microsoft Office\Office14\URLREDIR.DLL [2013-03-06] (Microsoft Corporation -> Microsoft Corporation)
BHO-x32: Adobe PDF Link Helper -> {18DF081C-E8AD-4283-A596-FA578C2EBDC3} -> C:\Program Files (x86)\Common Files\Adobe\Acrobat\ActiveX\AcroIEHelperShim.dll [2010-09-22] (Adobe Systems, Incorporated -> Adobe Systems Incorporated)
BHO-x32: Windows Live ID Sign-in Helper -> {9030D464-4C02-4ABF-8ECC-5164760863C6} -> C:\Program Files (x86)\Common Files\Microsoft Shared\Windows Live\WindowsLiveLogin.dll [2010-09-21] (Microsoft Corporation -> Microsoft Corp.)
BHO-x32: Office Document Cache Handler -> {B4F3A835-0E21-4959-BA22-42B3008E02FF} -> C:\Program Files (x86)\Microsoft Office\Office14\URLREDIR.DLL [2013-03-06] (Microsoft Corporation -> Microsoft Corporation)
Handler-x32: mso-minsb-roaming.16 - {83C25742-A9F7-49FB-9138-434302C88D07} - C:\Program Files (x86)\Microsoft Office\root\Office16\MSOSB.DLL [2018-03-03] (Microsoft Corporation -> Microsoft Corporation)
Handler-x32: mso-minsb.16 - {42089D2D-912D-4018-9087-2B87803E93FB} - C:\Program Files (x86)\Microsoft Office\root\Office16\MSOSB.DLL [2018-03-03] (Microsoft Corporation -> Microsoft Corporation)
Handler-x32: osf-roaming.16 - {42089D2D-912D-4018-9087-2B87803E93FB} - C:\Program Files (x86)\Microsoft Office\root\Office16\MSOSB.DLL [2018-03-03] (Microsoft Corporation -> Microsoft Corporation)
Handler-x32: osf.16 - {5504BE45-A83B-4808-900A-3A5C36E7F77A} - C:\Program Files (x86)\Microsoft Office\root\Office16\MSOSB.DLL [2018-03-03] (Microsoft Corporation -> Microsoft Corporation)

FireFox:
========
FF DefaultProfile: 0uaxdm9h.default-1558279079982
FF ProfilePath: C:\Users\Daniel\AppData\Roaming\Mozilla\Firefox\Profiles\0uaxdm9h.default-1558279079982 [2019-07-19]
FF Extension: (Facebook Container) - C:\Users\Daniel\AppData\Roaming\Mozilla\Firefox\Profiles\0uaxdm9h.default-1558279079982\Extensions\@contain-facebook.xpi [2019-07-18]
FF Extension: (Ghostery – Privacy Ad Blocker) - C:\Users\Daniel\AppData\Roaming\Mozilla\Firefox\Profiles\0uaxdm9h.default-1558279079982\Extensions\firefox@ghostery.com.xpi [2019-06-25]
FF Extension: (Avast SafePrice | Srovnání, výhodné nabídky, kupóny) - C:\Users\Daniel\AppData\Roaming\Mozilla\Firefox\Profiles\0uaxdm9h.default-1558279079982\Extensions\sp@avast.com.xpi [2019-06-28]
FF Extension: (Avast Online Security) - C:\Users\Daniel\AppData\Roaming\Mozilla\Firefox\Profiles\0uaxdm9h.default-1558279079982\Extensions\wrc@avast.com.xpi [2019-06-28]
FF Plugin: @microsoft.com/GENUINE -> disabled [No File]
FF Plugin: @Microsoft.com/NpCtrl,version=1.0 -> c:\Program Files\Microsoft Silverlight\5.1.50918.0\npctrl.dll [2018-10-23] (Microsoft Corporation -> Microsoft Corporation)
FF Plugin: @microsoft.com/OfficeAuthz,version=14.0 -> C:\PROGRA~1\MICROS~2\Office14\NPAUTHZ.DLL [2010-01-09] (Microsoft Corporation -> Microsoft Corporation)
FF Plugin-x32: @microsoft.com/GENUINE -> disabled [No File]
FF Plugin-x32: @Microsoft.com/NpCtrl,version=1.0 -> c:\Program Files (x86)\Microsoft Silverlight\5.1.50918.0\npctrl.dll [2018-10-23] (Microsoft Corporation -> Microsoft Corporation)
FF Plugin-x32: @microsoft.com/OfficeAuthz,version=14.0 -> C:\PROGRA~2\MICROS~4\Office14\NPAUTHZ.DLL [2010-01-09] (Microsoft Corporation -> Microsoft Corporation)
FF Plugin-x32: @microsoft.com/SharePoint,version=14.0 -> C:\Program Files (x86)\Microsoft Office\root\Office16\NPSPWRAP.DLL [2018-03-03] (Microsoft Corporation -> Microsoft Corporation)
FF Plugin-x32: @microsoft.com/WLPG,version=15.4.3502.0922 -> C:\Program Files (x86)\Windows Live\Photo Gallery\NPWLPG.dll [2010-11-10] (Microsoft Corporation -> Microsoft Corporation)
FF Plugin-x32: @microsoft.com/WLPG,version=15.4.3508.1109 -> C:\Program Files (x86)\Windows Live\Photo Gallery\NPWLPG.dll [2010-11-10] (Microsoft Corporation -> Microsoft Corporation)
FF Plugin-x32: @videolan.org/vlc,version=2.2.4 -> C:\Program Files (x86)\VideoLAN\VLC\npvlc.dll [2019-01-10] (VideoLAN -> VideoLAN)
FF Plugin-x32: @videolan.org/vlc,version=2.2.6 -> C:\Program Files (x86)\VideoLAN\VLC\npvlc.dll [2019-01-10] (VideoLAN -> VideoLAN)
FF Plugin-x32: @videolan.org/vlc,version=2.2.8 -> C:\Program Files (x86)\VideoLAN\VLC\npvlc.dll [2019-01-10] (VideoLAN -> VideoLAN)
FF Plugin-x32: @videolan.org/vlc,version=3.0.0 -> C:\Program Files (x86)\VideoLAN\VLC\npvlc.dll [2019-01-10] (VideoLAN -> VideoLAN)
FF Plugin-x32: @videolan.org/vlc,version=3.0.3 -> C:\Program Files (x86)\VideoLAN\VLC\npvlc.dll [2019-01-10] (VideoLAN -> VideoLAN)
FF Plugin-x32: @videolan.org/vlc,version=3.0.6 -> C:\Program Files (x86)\VideoLAN\VLC\npvlc.dll [2019-01-10] (VideoLAN -> VideoLAN)

Chrome:
=======
CHR HomePage: Default -> hxxp://www.google.com
CHR Profile: C:\Users\Daniel\AppData\Local\Google\Chrome\User Data\Default [2019-02-24]
CHR Extension: (Prezentace) - C:\Users\Daniel\AppData\Local\Google\Chrome\User Data\Default\Extensions\aapocclcgogkmnckokdopfmhonfmgoek [2017-10-16]
CHR Extension: (Dokumenty) - C:\Users\Daniel\AppData\Local\Google\Chrome\User Data\Default\Extensions\aohghmighlieiainnegkcijnfilokake [2017-10-16]
CHR Extension: (Disk Google) - C:\Users\Daniel\AppData\Local\Google\Chrome\User Data\Default\Extensions\apdfllckaahabafndbhieahigkjlhalf [2017-10-16]
CHR Extension: (YouTube) - C:\Users\Daniel\AppData\Local\Google\Chrome\User Data\Default\Extensions\blpcfgokakmgnkcojhhkbfbldkacnbeo [2017-10-16]
CHR Extension: (Dokumenty Google offline) - C:\Users\Daniel\AppData\Local\Google\Chrome\User Data\Default\Extensions\ghbmnnjooekpmoecnnnilnnbdlolhkhi [2018-09-21]
CHR Extension: (Avast Online Security) - C:\Users\Daniel\AppData\Local\Google\Chrome\User Data\Default\Extensions\gomekmidlodglbbmalcneegieacbdmki [2018-09-06]
CHR Extension: (Platby Internetového obchodu Chrome) - C:\Users\Daniel\AppData\Local\Google\Chrome\User Data\Default\Extensions\nmmhkkegccagdldgiimedpiccmgmieda [2018-08-16]
CHR Extension: (Gmail) - C:\Users\Daniel\AppData\Local\Google\Chrome\User Data\Default\Extensions\pjkljhegncpnkpknbcohdijeoejaedia [2017-10-16]
CHR Extension: (Chrome Media Router) - C:\Users\Daniel\AppData\Local\Google\Chrome\User Data\Default\Extensions\pkedcjkdefgpdelpbcmbmeomcjbeemfm [2019-02-06]
CHR HKLM-x32\...\Chrome\Extension: [eofcbnmajmjmplflapaojjnihcjkigck] - hxxps://clients2.google.com/service/update2/crx
CHR HKLM-x32\...\Chrome\Extension: [gomekmidlodglbbmalcneegieacbdmki] - hxxps://clients2.google.com/service/update2/crx

==================== Services (Whitelisted) ====================

(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)

R2 AMD External Events Utility; C:\Windows\system32\atiesrxx.exe [203776 2011-02-05] (Microsoft Windows Hardware Compatibility Publisher -> AMD)
R3 aswbIDSAgent; C:\Program Files\AVAST Software\Avast\aswidsagent.exe [6797008 2019-06-25] (AVAST Software s.r.o. -> AVAST Software)
R2 avast! Antivirus; C:\Program Files\AVAST Software\Avast\AvastSvc.exe [414976 2019-06-25] (AVAST Software s.r.o. -> AVAST Software)
R2 avast! Firewall; C:\Program Files\AVAST Software\Avast\afwServ.exe [423288 2019-06-25] (AVAST Software s.r.o. -> AVAST Software)
R2 CleanupPSvc; C:\Program Files (x86)\AVAST Software\Avast Cleanup\TuneupSvc.exe [10285680 2019-07-18] (AVAST Software s.r.o. -> AVAST Software)
S4 ClickToRunSvc; C:\Program Files\Common Files\Microsoft Shared\ClickToRun\OfficeClickToRun.exe [9662752 2018-11-03] (Microsoft Corporation -> Microsoft Corporation)
S3 EasyAntiCheat; C:\Program Files (x86)\EasyAntiCheat\EasyAntiCheat.exe [784512 2018-09-25] (EasyAntiCheat Oy -> EasyAntiCheat Ltd)
R2 Lenovo.VIRTSCRLSVC; C:\Program Files\LENOVO\VIRTSCRL\lvvsst.exe [93032 2010-04-07] (Lenovo(Japan)Ltd. -> Lenovo Group Limited)
S3 MBAMService; C:\Program Files\Malwarebytes\Anti-Malware\mbamservice.exe [6234056 2017-11-01] (Malwarebytes Corporation -> Malwarebytes)
S4 MyWiFiDHCPDNS; C:\Program Files\Intel\WiFi\bin\PanDhcpDns.exe [340240 2010-12-17] (Intel Corporation - Mobile Wireless Group -> )
R2 SecureLine; C:\Program Files\AVAST Software\SecureLine\VpnSvc.exe [7343496 2019-07-18] (AVAST Software s.r.o. -> AVAST Software)
S4 SUService; C:\Program Files (x86)\Lenovo\System Update\SUService.exe [28672 2010-11-25] (Lenovo Group Limited) [File not signed]
S3 WinDefend; C:\Program Files\Windows Defender\mpsvc.dll [1011712 2013-05-27] (Microsoft Windows -> Microsoft Corporation)

===================== Drivers (Whitelisted) ======================

(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)

R3 5U877; C:\Windows\System32\DRIVERS\5U877.sys [166016 2011-03-05] (Microsoft Windows Hardware Compatibility Publisher -> Ricoh co.,Ltd.)
R3 amdkmdag; C:\Windows\System32\DRIVERS\atikmdag.sys [8283136 2011-02-05] (Microsoft Windows Hardware Compatibility Publisher -> ATI Technologies Inc.)
R3 amdkmdap; C:\Windows\System32\DRIVERS\atikmpag.sys [295424 2011-02-05] (Microsoft Windows Hardware Compatibility Publisher -> Advanced Micro Devices, Inc.)
R1 aswArPot; C:\Windows\System32\drivers\aswArPot.sys [209256 2019-06-25] (AVAST Software s.r.o. -> AVAST Software)
R1 aswbidsdriver; C:\Windows\System32\drivers\aswbidsdriver.sys [263224 2019-06-25] (AVAST Software s.r.o. -> AVAST Software)
R0 aswbidsh; C:\Windows\System32\drivers\aswbidsh.sys [206056 2019-06-25] (AVAST Software s.r.o. -> AVAST Software)
R0 aswbuniv; C:\Windows\System32\drivers\aswbuniv.sys [61688 2019-06-25] (AVAST Software s.r.o. -> AVAST Software)
R1 aswKbd; C:\Windows\System32\drivers\aswKbd.sys [42504 2019-06-25] (AVAST Software s.r.o. -> AVAST Software)
R2 aswMonFlt; C:\Windows\System32\drivers\aswMonFlt.sys [169112 2019-06-25] (AVAST Software s.r.o. -> AVAST Software)
R3 aswNetNd6; C:\Windows\System32\DRIVERS\aswNetNd6.sys [38152 2019-06-09] (AVAST Software s.r.o. -> AVAST Software)
R1 aswNetSec; C:\Windows\System32\drivers\aswNetSec.sys [549416 2019-06-25] (AVAST Software s.r.o. -> AVAST Software)
R1 aswRdr; C:\Windows\System32\drivers\aswRdr2.sys [112520 2019-06-25] (AVAST Software s.r.o. -> AVAST Software)
R0 aswRvrt; C:\Windows\System32\drivers\aswRvrt.sys [88160 2019-06-25] (AVAST Software s.r.o. -> AVAST Software)
R1 aswSnx; C:\Windows\System32\drivers\aswSnx.sys [1030992 2019-06-25] (AVAST Software s.r.o. -> AVAST Software)
R1 aswSP; C:\Windows\System32\drivers\aswSP.sys [477288 2019-06-25] (AVAST Software s.r.o. -> AVAST Software)
R2 aswStm; C:\Windows\System32\drivers\aswStm.sys [225816 2019-06-25] (AVAST Software s.r.o. -> AVAST Software)
S3 aswTap; C:\Windows\System32\DRIVERS\aswTap.sys [53904 2017-05-06] (AVAST Software s.r.o. -> The OpenVPN Project)
R0 aswVmm; C:\Windows\System32\drivers\aswVmm.sys [387392 2019-06-25] (AVAST Software s.r.o. -> AVAST Software)
S3 dg_ssudbus; C:\Windows\System32\DRIVERS\ssudbus.sys [131984 2017-05-18] (Samsung Electronics Co., Ltd. -> Samsung Electronics Co., Ltd.)
S3 MBAMSwissArmy; C:\Windows\System32\Drivers\mbamswissarmy.sys [253880 2018-11-03] (Malwarebytes Corporation -> Malwarebytes)
S3 PCDSRVC{127174DC-C366ED8B-06020101}_0; c:\program files\pc-doctor\pcdsrvc_x64.pkms [25072 2010-12-10] (PC-Doctor, Inc. -> PC-Doctor, Inc.)
R2 risdxc; C:\Windows\System32\DRIVERS\risdxc64.sys [98816 2010-12-15] (Microsoft Windows Hardware Compatibility Publisher -> REDC)
R2 smihlp; C:\Program Files\ThinkVantage Fingerprint Software\smihlp.sys [13840 2009-03-13] (UPEK Inc. -> UPEK Inc.)
S3 ssudmdm; C:\Windows\System32\DRIVERS\ssudmdm.sys [166288 2017-05-18] (Samsung Electronics Co., Ltd. -> Samsung Electronics Co., Ltd.)
R3 wdkmd; C:\Windows\System32\DRIVERS\WDKMD.sys [42392 2011-04-09] (Wireless Display -> Intel Corporation)

==================== NetSvcs (Whitelisted) ===================

(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)


==================== One month (created) ========

(If an entry is included in the fixlist, the file/folder will be moved.)

2019-07-19 23:25 - 2019-07-19 23:31 - 000028953 _____ C:\Users\Daniel\Desktop\FRST.txt
2019-07-19 23:24 - 2019-07-19 23:25 - 000000000 ____D C:\FRST
2019-07-19 23:23 - 2019-07-19 23:23 - 002095104 _____ (Farbar) C:\Users\Daniel\Desktop\FRST64.exe
2019-07-18 22:58 - 2019-07-18 22:58 - 000001821 _____ C:\Users\Daniel\Desktop\ADW 18.7.2019.txt
2019-07-18 22:49 - 2019-07-18 22:49 - 007025360 _____ (Malwarebytes) C:\Users\Daniel\Desktop\adwcleaner_7.3.exe
2019-07-18 22:36 - 2019-07-18 22:36 - 000262144 _____ C:\Windows\Minidump\071819-38079-01.dmp
2019-07-18 22:16 - 2019-07-18 22:16 - 000047485 _____ C:\Users\Daniel\Downloads\1078943630207_7_1132_20190709.pdf
2019-07-18 14:54 - 2019-07-18 21:37 - 000000000 ____D C:\Users\Daniel\Desktop\WhatsApp Images
2019-07-18 13:54 - 2019-07-18 13:56 - 000022862 _____ C:\Users\Daniel\Desktop\Sešit3.xlsx
2019-07-18 12:28 - 2019-07-18 22:33 - 000017622 _____ C:\Users\Daniel\Desktop\Baskicko.xlsx
2019-07-04 19:52 - 2019-07-04 19:53 - 000436632 _____ C:\Windows\system32\FNTCACHE.DAT
2019-07-03 22:53 - 2019-07-03 22:53 - 000184935 _____ C:\Users\Daniel\Downloads\Vypis z uctu 1007671012 za 06-2019.pdf
2019-07-03 22:51 - 2019-07-03 22:51 - 000184932 _____ C:\Users\Daniel\Downloads\Vypis z uctu 1072913022 za 06-2019.pdf
2019-07-03 22:50 - 2019-07-03 22:50 - 000187304 _____ C:\Users\Daniel\Downloads\Vypis z uctu 1072913014 za 06-2019.pdf
2019-06-25 23:07 - 2019-06-25 23:07 - 000363400 _____ (AVAST Software) C:\Windows\system32\aswBoot.exe
2019-06-25 23:07 - 2019-06-25 23:07 - 000225816 _____ (AVAST Software) C:\Windows\system32\Drivers\aswStm.sys
2019-06-25 23:07 - 2019-06-25 23:07 - 000169112 _____ (AVAST Software) C:\Windows\system32\Drivers\aswMonFlt.sys
2019-06-25 22:52 - 2019-06-25 22:52 - 000273185 _____ C:\Users\Daniel\Downloads\Žádost
2019-06-22 23:56 - 2019-06-23 00:04 - 1247066554 _____ C:\Users\Daniel\Downloads\Trhlina 2019 SK film DVDRip AC3 5.1.mkv
2019-06-22 18:05 - 2019-06-22 18:05 - 000035949 _____ C:\Users\Daniel\Downloads\512153471777_5_1142_20190509.pdf
2019-06-22 18:05 - 2019-06-22 18:05 - 000035599 _____ C:\Users\Daniel\Downloads\512153471777_4_1142_20190409.pdf
2019-06-22 18:05 - 2019-06-22 18:05 - 000035407 _____ C:\Users\Daniel\Downloads\512153471777_6_1142_20190607.pdf
2019-06-22 18:04 - 2019-06-22 18:04 - 000048578 _____ C:\Users\Daniel\Downloads\1078943630207_6_1132_20190607.pdf
2019-06-22 18:04 - 2019-06-22 18:04 - 000044409 _____ C:\Users\Daniel\Downloads\1078943630207_5_1132_20190509.pdf
2019-06-22 18:03 - 2019-06-22 18:04 - 000048359 _____ C:\Users\Daniel\Downloads\1078943630207_4_1132_20190409.pdf
2019-06-20 22:43 - 2019-06-20 23:17 - 2306681243 _____ C:\Users\Daniel\Downloads\Gentleman s revolverom (2018) CZ TITULKY(1).mkv
2019-06-20 22:41 - 2019-06-20 23:03 - 1055096028 _____ C:\Users\Daniel\Downloads\Cizinec ve vlaku CZ.avi
2019-06-20 22:38 - 2019-06-20 22:53 - 732370722 _____ C:\Users\Daniel\Downloads\Pianista _ Le Pianiste _ Der Pianist _ The Pianist 2002, CZ.avi
2019-06-20 22:27 - 2019-06-20 22:34 - 841390080 _____ C:\Users\Daniel\Downloads\V KŮŽI JOHNA MALKOVICHE-cz.avi
2019-06-20 21:42 - 2019-06-20 22:01 - 894186496 _____ C:\Users\Daniel\Downloads\Hořící Mississippi.cz.avi
2019-06-20 21:19 - 2019-06-20 22:12 - 1806729216 _____ C:\Users\Daniel\Downloads\Odnikud 2017 CZ dabing Drama Krimi.avi
2019-06-20 21:07 - 2019-06-20 21:38 - 732247396 _____ C:\Users\Daniel\Downloads\Válka Roseových CZ.avi
2019-06-20 21:07 - 2019-06-20 21:29 - 734925080 _____ C:\Users\Daniel\Downloads\Vykoupeni-z-veznice-shawshank-cz-dabing.avi
2019-06-20 21:06 - 2019-06-20 21:30 - 718219264 _____ C:\Users\Daniel\Downloads\Trosecnik CZ.avi

==================== One month (modified) ========

(If an entry is included in the fixlist, the file/folder will be moved.)

2019-07-19 23:28 - 2009-07-14 06:45 - 000024608 ____H C:\Windows\system32\7B296FB0-376B-497e-B012-9C450E1B7327-5P-1.C7483456-A289-439d-8115-601632D005A0
2019-07-19 23:28 - 2009-07-14 06:45 - 000024608 ____H C:\Windows\system32\7B296FB0-376B-497e-B012-9C450E1B7327-5P-0.C7483456-A289-439d-8115-601632D005A0
2019-07-19 23:24 - 2011-08-03 03:29 - 000000382 _____ C:\Windows\Tasks\SystemToolsDailyTest.job
2019-07-19 23:19 - 2017-06-03 11:55 - 000004168 _____ C:\Windows\System32\Tasks\Avast Emergency Update
2019-07-19 23:18 - 2018-07-21 13:31 - 000000000 ____D C:\Users\Daniel\AppData\Local\AVAST Software
2019-07-19 23:18 - 2017-05-02 23:13 - 000000000 ____D C:\Users\Daniel\AppData\LocalLow\Mozilla
2019-07-19 23:15 - 2009-07-14 07:08 - 000000006 ____H C:\Windows\Tasks\SA.DAT
2019-07-19 23:14 - 2018-09-25 20:38 - 000000000 ____D C:\Program Files (x86)\Mozilla Maintenance Service
2019-07-19 23:14 - 2017-05-02 23:12 - 000000000 ____D C:\Program Files\Mozilla Firefox
2019-07-18 23:15 - 2017-05-04 02:30 - 001585334 _____ C:\Windows\SysWOW64\PerfStringBackup.INI
2019-07-18 23:15 - 2011-08-03 02:53 - 000681402 _____ C:\Windows\system32\perfh005.dat
2019-07-18 23:15 - 2011-08-03 02:53 - 000145816 _____ C:\Windows\system32\perfc005.dat
2019-07-18 23:14 - 2009-07-14 07:13 - 001585334 _____ C:\Windows\system32\PerfStringBackup.INI
2019-07-18 23:14 - 2009-07-14 05:20 - 000000000 ____D C:\Windows\inf
2019-07-18 23:10 - 2017-05-03 23:48 - 000000000 ____D C:\Windows\system32\MRT
2019-07-18 23:05 - 2017-05-03 23:47 - 136618864 ____C (Microsoft Corporation) C:\Windows\system32\MRT.exe
2019-07-18 22:36 - 2017-05-09 21:58 - 000000000 ____D C:\Windows\Minidump
2019-07-18 21:22 - 2019-05-25 00:12 - 000004188 _____ C:\Windows\System32\Tasks\Avast SecureLine VPN Update
2019-07-18 14:28 - 2017-05-06 15:33 - 000000000 ____D C:\Users\Daniel\AppData\Roaming\vlc
2019-07-18 10:51 - 2017-08-10 21:43 - 000003176 _____ C:\Windows\System32\Tasks\OneDrive Standalone Update Task-S-1-5-21-960529557-3528276582-3652460945-1001
2019-07-18 10:51 - 2017-05-05 19:47 - 000002169 _____ C:\Users\Daniel\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Microsoft OneDrive.lnk
2019-07-18 10:51 - 2017-05-05 19:47 - 000000000 ___RD C:\Users\Daniel\OneDrive
2019-07-04 23:14 - 2019-01-16 22:09 - 000000000 ____D C:\Users\Daniel\Desktop\CV
2019-07-04 00:13 - 2017-05-06 15:26 - 000003170 _____ C:\Windows\System32\Tasks\{085EBD58-2FDB-436C-B017-8F4BC01F9910}
2019-07-04 00:13 - 2017-05-06 00:05 - 000003892 _____ C:\Windows\System32\Tasks\SafeZone scheduled Autoupdate 1493760176
2019-07-04 00:09 - 2017-05-06 00:02 - 000000000 ____D C:\Windows\System32\Tasks\AVAST Software
2019-06-25 23:07 - 2019-06-09 12:29 - 000549416 _____ (AVAST Software) C:\Windows\system32\Drivers\aswNetSec.sys
2019-06-25 23:07 - 2019-01-29 21:31 - 000263224 _____ (AVAST Software) C:\Windows\system32\Drivers\aswbidsdriver.sys
2019-06-25 23:07 - 2019-01-29 21:26 - 000206056 _____ (AVAST Software) C:\Windows\system32\Drivers\aswbidsh.sys
2019-06-25 23:07 - 2019-01-29 21:26 - 000061688 _____ (AVAST Software) C:\Windows\system32\Drivers\aswbuniv.sys
2019-06-25 23:07 - 2018-10-23 21:12 - 000042504 _____ (AVAST Software) C:\Windows\system32\Drivers\aswKbd.sys
2019-06-25 23:07 - 2017-12-06 00:21 - 000209256 _____ (AVAST Software) C:\Windows\system32\Drivers\aswArPot.sys
2019-06-25 23:07 - 2017-05-06 00:02 - 001030992 _____ (AVAST Software) C:\Windows\system32\Drivers\aswSnx.sys
2019-06-25 23:07 - 2017-05-06 00:02 - 000477288 _____ (AVAST Software) C:\Windows\system32\Drivers\aswSP.sys
2019-06-25 23:07 - 2017-05-06 00:02 - 000387392 _____ (AVAST Software) C:\Windows\system32\Drivers\aswVmm.sys
2019-06-25 23:07 - 2017-05-06 00:02 - 000112520 _____ (AVAST Software) C:\Windows\system32\Drivers\aswRdr2.sys
2019-06-25 23:07 - 2017-05-06 00:02 - 000088160 _____ (AVAST Software) C:\Windows\system32\Drivers\aswRvrt.sys
2019-06-25 22:36 - 2017-05-02 22:46 - 000000000 ____D C:\Users\Daniel
2019-06-24 23:25 - 2019-06-09 12:30 - 000001974 _____ C:\Users\Public\Desktop\Avast Premier.lnk
2019-06-24 23:22 - 2009-07-14 07:08 - 000032588 _____ C:\Windows\Tasks\SCHEDLGU.TXT
2019-06-24 23:21 - 2017-07-02 14:53 - 000000000 ____D C:\Users\Hanička
2019-06-24 23:21 - 2009-07-14 05:20 - 000000000 ____D C:\Windows\registration

==================== SigCheck ===============================

(There is no automatic fix for files that do not pass verification.)


LastRegBack: 2019-07-18 11:37
==================== End of FRST.txt ============================

Additional scan result of Farbar Recovery Scan Tool (x64) Version: 15-07-2019 01
Ran by Daniel (19-07-2019 23:33:19)
Running from C:\Users\Daniel\Desktop
Windows 7 Home Premium Service Pack 1 (X64) (2017-05-02 20:46:06)
Boot Mode: Normal
==========================================================


==================== Accounts: =============================

Administrator (S-1-5-21-960529557-3528276582-3652460945-500 - Administrator - Disabled)
Daniel (S-1-5-21-960529557-3528276582-3652460945-1001 - Administrator - Enabled) => C:\Users\Daniel
Guest (S-1-5-21-960529557-3528276582-3652460945-501 - Limited - Disabled)
Hanička (S-1-5-21-960529557-3528276582-3652460945-1003 - Limited - Enabled) => C:\Users\Hanička
HomeGroupUser$ (S-1-5-21-960529557-3528276582-3652460945-1002 - Limited - Enabled)

==================== Security Center ========================

(If an entry is included in the fixlist, it will be removed.)

AV: Avast Antivirus (Enabled - Up to date) {8EA8924E-BC81-DC44-8BB0-8BAE75D86EBF}
AS: Windows Defender (Disabled - Up to date) {D68DDC3A-831F-4fae-9E44-DA132C1ACF46}
AS: Avast Antivirus (Enabled - Up to date) {35C973AA-9ABB-D3CA-B100-B0DC0E5F2402}
FW: Avast Antivirus (Enabled) {B693136B-F6EE-DD1C-A0EF-229B8B0B29C4}

==================== Installed Programs ======================

(Only the adware programs with "Hidden" flag could be added to the fixlist to unhide them. The adware programs should be uninstalled manually.)

Adobe Flash Player 10 ActiveX (HKLM-x32\...\{B7B3E9B3-FB14-4927-894B-E9124509AF5A}) (Version: 10.0.32.18 - Adobe Systems, Inc.)
Adobe Reader 9.4.0 - Czech (HKLM-x32\...\{AC76BA86-7AD7-1029-7B44-A94000000001}) (Version: 9.4.0 - Adobe Systems Incorporated)
ATI Catalyst Install Manager (HKLM\...\{0D5D01B4-3A34-7E3D-247F-9EFFAC177739}) (Version: 3.0.808.0 - ATI Technologies, Inc.)
ATI Uninstaller (HKLM\...\ATI Uninstaller) (Version: 8.811.1.5-110204a-118071C-Lenovo - ATI Technologies, Inc.)
Avast Cleanup Premium (HKLM-x32\...\{075CC190-59EE-499F-828B-0B5C098C8C15}_is1) (Version: 19.1.7611 - AVAST Software)
Avast Premier (HKLM-x32\...\Avast Antivirus) (Version: 19.6.2383 - AVAST Software)
Avast SecureLine (HKLM\...\{2CD3C92F-EDC5-4B02-9B0A-9C1D37C58EF5}_is1) (Version: 5.2.429 - AVAST Software)
Broadcom InConcert Maestro (HKLM\...\{57DD35E9-D9BB-4089-BB05-EF933C586CB3}) (Version: 1.0.1.1500 - Broadcom Corporation)
ccc-core-static (HKLM-x32\...\{4013505A-6D76-56D4-661D-2E7DC88B9667}) (Version: 2011.0204.1429.25921 - ATI) Hidden
Conexant 20671 SmartAudio HD (HKLM\...\CNXT_AUDIO_HDA) (Version: 8.32.14.51 - Conexant)
Corel WinDVD (HKLM-x32\...\{5C1F18D2-F6B7-4242-B803-B5A78648185D}) (Version: 10.0.5.828 - Corel Inc.)
Create Recovery Media (HKLM-x32\...\{50DC5136-21E8-48BC-97E5-1AD055F6B0B6}) (Version: 1.20.0.00 - Lenovo Group Limited)
D3DX10 (HKLM-x32\...\{E09C4DB7-630C-4F06-A631-8EA7239923AF}) (Version: 15.4.2368.0902 - Microsoft) Hidden
Disable AMT Profile Synchronization Pop-up for Windows XP/Vista/7 (HKLM\...\DisableAMTPopup) (Version: 1.00 - )
Epic Games Launcher (HKLM-x32\...\{E7B62E3F-0F70-4119-89A2-28DE1C3873CC}) (Version: 1.1.163.0 - Epic Games, Inc.)
Epic Games Launcher Prerequisites (x64) (HKLM\...\{66C5838F-B854-4A55-89E6-A6138747A4DF}) (Version: 1.0.0.0 - Epic Games, Inc.) Hidden
Google Update Helper (HKLM-x32\...\{A92DAB39-4E2C-4304-9AB6-BC44E68B55E2}) (Version: 1.3.21.123 - Google Inc.) Hidden
HP Deskjet 3050 J610 series Nápověda (HKLM-x32\...\{F7632A9B-661E-4FD9-B1A4-3B86BC99847F}) (Version: 140.0.63.63 - Hewlett Packard)
HP Deskjet 3050A J611 series Nápověda (HKLM-x32\...\{97DDCAB8-B770-4089-A10F-67568069D78A}) (Version: 140.0.2.2 - Hewlett Packard)
HP Photo Creations (HKLM-x32\...\HP Photo Creations) (Version: 1.0.0.7702 - HP)
HP Update (HKLM-x32\...\{912D30CF-F39E-4B31-AD9A-123C6B794EE2}) (Version: 5.005.002.002 - Hewlett-Packard)
Integrated Camera Driver Installer Package Ver.1.1.0.1147 (HKLM-x32\...\{B2CA6F37-1602-4823-81B5-0384B6888AA6}) (Version: 1.1.0.1147 - RICOH)
Integrated Camera TWAIN (HKLM-x32\...\{9CA0DEE4-E84B-466F-9B96-FC255F3A929F}) (Version: 1.0.11.1223 - Chicony Electronics Co.,Ltd.)
Intel(R) Display Audio Driver (HKLM-x32\...\{F0E3AD40-2BBD-4360-9C76-B9AC9A5886EA}) (Version: 6.14.00.3074 - Intel Corporation)
Intel(R) Identity Protection Technology 1.1.2.0 (HKLM-x32\...\{C01A86F5-56E7-101F-9BC9-E3F1025EB779}) (Version: 1.1.2.0 - Intel Corporation)
Intel(R) Management Engine Components (HKLM-x32\...\{65153EA5-8B6E-43B6-857B-C6E4FC25798A}) (Version: 7.0.0.1144 - Intel Corporation)
Intel(R) PROSet/Wireless WiFi Software (HKLM\...\{290D4DB2-F1B4-4B8E-918D-D71EF29A001B}) (Version: 14.00.1000 - Intel Corporation)
Intel(R) Wireless Display (HKLM\...\{28EF7372-9087-4AC3-9B9F-D9751FCDF830}) (Version: - )
Intel(R) Wireless Display (HKLM-x32\...\{025055FC-779B-42F3-95A5-F6926B2964EF}) (Version: 2.0.31.0 - Intel Corporation)
Junk Mail filter update (HKLM-x32\...\{1F6AB0E7-8CDD-4B93-8A23-AA9EB2FEFCE4}) (Version: 15.4.3502.0922 - Microsoft Corporation) Hidden
Launcher Prerequisites (x64) (HKLM-x32\...\{c6c5a357-c7ca-4a5f-9789-3bb1af579253}) (Version: 1.0.0.0 - Epic Games, Inc.) Hidden
Lenovo Auto Scroll Utility (HKLM\...\LenovoAutoScrollUtility) (Version: 1.00 - )
Lenovo System Interface Driver (HKLM\...\LENOVO.SMIIF) (Version: 1.05 - )
Lenovo ThinkVantage Toolbox (HKLM\...\PC-Doctor for Windows) (Version: 6.0.5717.35 - PC-Doctor, Inc.)
Lenovo User Guide (HKLM-x32\...\{13F59938-C595-479C-B479-F171AB9AF64F}) (Version: 1.0.0008.00 - Lenovo)
Lenovo Warranty Information (HKLM-x32\...\{FD4EC278-C1B1-4496-99ED-C0BE1B0AA521}) (Version: 1.0.0005.00 - Lenovo)
Lenovo Welcome (HKLM-x32\...\Lenovo Welcome_is1) (Version: 2.02.003.0 - Lenovo)
Malwarebytes verze 3.3.1.2183 (HKLM\...\{35065F43-4BB2-439A-BFF7-0F1014F2E0CD}_is1) (Version: 3.3.1.2183 - Malwarebytes)
Mesh Runtime (HKLM-x32\...\{8C6D6116-B724-4810-8F2D-D047E6B7D68E}) (Version: 15.4.5722.2 - Microsoft Corporation) Hidden
Message Center Plus (HKLM-x32\...\{FD331A3B-F7A5-4C31-B8D4-DF413C85AF7A}) (Version: 2.0.0012.00 - Lenovo Group Limited)
Microsoft .NET Framework 4.7.2 (čeština) (HKLM\...\{92FB6C44-E685-45AD-9B20-CADF4CABA132} - 1029) (Version: 4.7.03062 - Microsoft Corporation)
Microsoft .NET Framework 4.7.2 (HKLM\...\{92FB6C44-E685-45AD-9B20-CADF4CABA132} - 1033) (Version: 4.7.03062 - Microsoft Corporation)
Microsoft Office 2010 pro studenty a domácnosti (HKLM-x32\...\Office14.SingleImage) (Version: 14.0.7015.1000 - Microsoft Corporation)
Microsoft Office 365 - en-us (HKLM\...\O365HomePremRetail - en-us) (Version: 16.0.9029.2253 - Microsoft Corporation)
Microsoft OneDrive (HKU\S-1-5-21-960529557-3528276582-3652460945-1001\...\OneDriveSetup.exe) (Version: 19.103.0527.0003 - Microsoft Corporation)
Microsoft Silverlight (HKLM\...\{89F4137D-6C26-4A84-BDB8-2E5A4BB71E00}) (Version: 5.1.50918.0 - Microsoft Corporation)
Microsoft SQL Server 2005 Compact Edition [ENU] (HKLM-x32\...\{F0B430D1-B6AA-473D-9B06-AA3DD01FD0B8}) (Version: 3.1.0000 - Microsoft Corporation)
Microsoft Visual C++ 2005 Redistributable (HKLM-x32\...\{710f4c1c-cc18-4c49-8cbf-51240c89a1a2}) (Version: 8.0.61001 - Microsoft Corporation)
Microsoft Visual C++ 2005 Redistributable (x64) (HKLM\...\{6E8E85E8-CE4B-4FF5-91F7-04999C9FAE6A}) (Version: 8.0.50727.42 - Microsoft Corporation)
Microsoft Visual C++ 2005 Redistributable (x64) (HKLM\...\{ad8a2fa1-06e7-4b0d-927d-6e54b3d31028}) (Version: 8.0.61000 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x64 9.0.30729.17 (HKLM\...\{8220EEFE-38CD-377E-8595-13398D740ACE}) (Version: 9.0.30729 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x64 9.0.30729.4148 (HKLM\...\{4B6C7001-C7D6-3710-913E-5BC23FCE91E6}) (Version: 9.0.30729.4148 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x64 9.0.30729.6161 (HKLM\...\{5FCE6D76-F5DC-37AB-B2B8-22AB8CEDB1D4}) (Version: 9.0.30729.6161 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.17 (HKLM-x32\...\{9A25302D-30C0-39D9-BD6F-21E6EC160475}) (Version: 9.0.30729 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.4148 (HKLM-x32\...\{1F1C2DFC-2D24-3E06-BCB8-725134ADF989}) (Version: 9.0.30729.4148 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.6161 (HKLM-x32\...\{9BE518E6-ECC6-35A9-88E4-87755C07200F}) (Version: 9.0.30729.6161 - Microsoft Corporation)
Microsoft Visual C++ 2010 x64 Redistributable - 10.0.40219 (HKLM\...\{1D8E6291-B0D5-35EC-8441-6616F567A0F7}) (Version: 10.0.40219 - Microsoft Corporation)
Microsoft Visual C++ 2010 x86 Redistributable - 10.0.40219 (HKLM-x32\...\{F0C3E5D1-1ADE-321E-8167-68EF0DE699A5}) (Version: 10.0.40219 - Microsoft Corporation)
Microsoft Visual Studio 2010 Tools for Office Runtime (x64) (HKLM\...\Microsoft Visual Studio 2010 Tools for Office Runtime (x64)) (Version: 10.0.50903 - Microsoft Corporation)
Mozilla Firefox 68.0 (x64 cs) (HKLM\...\Mozilla Firefox 68.0 (x64 cs)) (Version: 68.0 - Mozilla)
Mozilla Maintenance Service (HKLM\...\MozillaMaintenanceService) (Version: 62.0.2 - Mozilla)
MSXML 4.0 SP2 (KB954430) (HKLM-x32\...\{86493ADD-824D-4B8E-BD72-8C5DCDC52A71}) (Version: 4.20.9870.0 - Microsoft Corporation)
MSXML 4.0 SP2 (KB973688) (HKLM-x32\...\{F662A8E6-F4DC-41A2-901E-8C11F044BDEC}) (Version: 4.20.9876.0 - Microsoft Corporation)
Office 16 Click-to-Run Extensibility Component (HKLM-x32\...\{90160000-008C-0000-0000-0000000FF1CE}) (Version: 16.0.9029.2253 - Microsoft Corporation) Hidden
Office 16 Click-to-Run Extensibility Component 64-bit Registration (HKLM\...\{90160000-00DD-0000-1000-0000000FF1CE}) (Version: 16.0.9029.2253 - Microsoft Corporation) Hidden
Office 16 Click-to-Run Licensing Component (HKLM\...\{90160000-008F-0000-1000-0000000FF1CE}) (Version: 16.0.9029.2253 - Microsoft Corporation) Hidden
Office 16 Click-to-Run Localization Component (HKLM-x32\...\{90160000-008C-0409-0000-0000000FF1CE}) (Version: 16.0.9029.2253 - Microsoft Corporation) Hidden
On Screen Display (HKLM\...\OnScreenDisplay) (Version: 6.23.00 - )
Ovládací prvek ActiveX platformy Windows Live Mesh pro vzdálená připojení (HKLM-x32\...\{B6190387-0036-4BEB-8D74-A0AFC5F14706}) (Version: 15.4.5722.2 - Microsoft Corporation)
PowerXpressHybrid (HKLM-x32\...\{C5EB9B5A-2964-D5A3-869A-520448200FC3}) (Version: 1.00.0000 - ATI) Hidden
PX Profile Update (HKLM-x32\...\{F691F42B-5B66-656F-8161-EE8A00DE6CCD}) (Version: 1.00.1. - AMD) Hidden
RapidBoot (HKLM-x32\...\{C83D5AA1-6A1F-4102-8F7F-C0230DD31FC0}) (Version: 1.00 - Lenovo) Hidden
RapidBoot (HKLM-x32\...\InstallShield_{C83D5AA1-6A1F-4102-8F7F-C0230DD31FC0}) (Version: 1.00 - Lenovo)
Realtek Ethernet Controller Driver (HKLM-x32\...\{8833FFB6-5B0C-4764-81AA-06DFEED9A476}) (Version: 7.35.1206.2010 - Realtek)
Registry Patch to Enable Maximum Power Saving on WiFi Adapters for Windows 7 (HKLM\...\EnablePS) (Version: 1.00 - )
RICOH Media Driver v2.10.18.02 (HKLM-x32\...\{FE041B02-234C-4AAA-9511-80DF6482A458}) (Version: 2.10.18.02 - RICOH)
SafeZone Stable 3.55.2393.596 (HKLM-x32\...\SafeZone 3.55.2393.596) (Version: 3.55.2393.596 - Avast Software) Hidden
SafeZone Stable 3.55.2393.596 (HKLM-x32\...\SafeZone 3.55.2393.5961) (Version: 3.55.2393.596 - Avast Software) Hidden
SafeZone Stable 3.55.2393.607 (HKLM-x32\...\SafeZone 3.55.2393.607) (Version: 3.55.2393.607 - Avast Software) Hidden
SafeZone Stable 3.55.2393.607 (HKLM-x32\...\SafeZone 3.55.2393.6071) (Version: 3.55.2393.607 - Avast Software) Hidden
SafeZone Stable 4.58.2552.909 (HKLM-x32\...\SafeZone 4.58.2552.909) (Version: 4.58.2552.909 - Avast Software) Hidden
Service Pack 2 for Microsoft Office 2010 (KB2687455) 32-Bit Edition (HKLM-x32\...\{90140000-003D-0000-0000-0000000FF1CE}_Office14.SingleImage_{DE28B448-32E8-4E8F-84F0-A52B21A49B5B}) (Version: - Microsoft)
System Update (HKLM-x32\...\{25C64847-B900-48AD-A164-1B4F9B774650}) (Version: 4.00.0039 - Lenovo)
ThinkPad Bluetooth with Enhanced Data Rate Software (HKLM\...\{C6C9D5F7-630C-4125-8C4E-94AF77C1896E}) (Version: 6.4.0.1500 - Broadcom Corporation)
ThinkPad Power Management Driver (HKLM\...\Power Management Driver) (Version: 1.61.00.11 - )
ThinkPad Power Manager (HKLM-x32\...\{DAC01CEE-5BAE-42D5-81FC-B687E84E8405}) (Version: 3.44 - )
ThinkPad UltraNav Driver (HKLM\...\SynTPDeinstKey) (Version: 15.2.19.0 - )
ThinkVantage Active Protection System (HKLM\...\{46A84694-59EC-48F0-964C-7E76E9F8A2ED}) (Version: 1.74 - Lenovo)
ThinkVantage AutoLock (HKLM\...\{E224B44B-B5EB-4af3-A80A-A255358E241A}_is1) (Version: 1.00 - Lenovo)
ThinkVantage Communications Utility (HKLM\...\{88C6A6D9-324C-46E8-BA87-563D14021442}_is1) (Version: 2.03 - Lenovo)
ThinkVantage Fingerprint Software (HKLM\...\{502EE63C-9A62-4330-8F8B-1EAB51B7BB46}) (Version: 5.9.4.6882 - UPEK Inc.)
VLC media player (HKLM-x32\...\VLC media player) (Version: 3.0.6 - VideoLAN)
Windows Driver Package - Intel (iaStor) hdc (11/06/2010 10.1.0.1008) (HKLM\...\73C6BE3E3B6FC5418F2B47E6C75F6C8F9552DC12) (Version: 11/06/2010 10.1.0.1008 - Intel)
Windows Driver Package - Lenovo 1.61.00.11 (11/11/2010 1.61.00.11) (HKLM\...\466E9B20D871055D6D3CDA2CDD1D355E978A61AF) (Version: 11/11/2010 1.61.00.11 - Lenovo)
Windows Driver Package - Realtek (RTL8167) Net (12/06/2010 7.035.1206.2010) (HKLM\...\22AF3CC91FBC5231DD5CB8903F03E2AF3E97ADDF) (Version: 12/06/2010 7.035.1206.2010 - Realtek)
Windows Driver Package - Synaptics (SynTP) Mouse (03/24/2011 15.2.19.0) (HKLM\...\5DF942712DC7660AE4A1B04809A1C3F67B0CA27C) (Version: 03/24/2011 15.2.19.0 - Synaptics)
Windows Live Essentials (HKLM-x32\...\WinLiveSuite) (Version: 15.4.3508.1109 - Microsoft Corporation)
Windows Live Mesh ActiveX Control for Remote Connections (HKLM-x32\...\{2902F983-B4C1-44BA-B85D-5C6D52E2C441}) (Version: 15.4.5722.2 - Microsoft Corporation)
WinRAR 5.71 (32-bit) (HKLM-x32\...\WinRAR archiver) (Version: 5.71.0 - win.rar GmbH)
Základní software zařízení HP Deskjet 3050 J610 series (HKLM\...\{A74FCB98-0C9F-4D35-8F81-79BD5AA6A88F}) (Version: 28.0.1315.0 - Hewlett-Packard Co.)
Základní software zařízení HP Deskjet 3050A J611 series (HKLM\...\{E520AF6F-F5E5-4307-B970-84E3B9B6A2B0}) (Version: 28.0.1315.0 - Hewlett-Packard Co.)

==================== Custom CLSID (Whitelisted): ==========================

(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)

CustomCLSID: HKU\S-1-5-21-960529557-3528276582-3652460945-1001_Classes\CLSID\{162C6FB5-44D3-435B-903D-E613FA093FB5}\InprocServer32 -> C:\Users\Daniel\AppData\Local\Microsoft\OneDrive\17.3.6998.0830_1\amd64\FileCoAuthLib64.dll => No File
ShellIconOverlayIdentifiers: [00asw] -> {472083B0-C522-11CF-8763-00608CC02F24} => C:\Program Files\AVAST Software\Avast\ashShell.dll [2019-06-25] (AVAST Software s.r.o. -> AVAST Software)
ContextMenuHandlers1: [avast] -> {472083B0-C522-11CF-8763-00608CC02F24} => C:\Program Files\AVAST Software\Avast\ashShell.dll [2019-06-25] (AVAST Software s.r.o. -> AVAST Software)
ContextMenuHandlers1: [WinRAR] -> {B41DB860-64E4-11D2-9906-E49FADC173CA} => C:\Program Files (x86)\WinRAR\rarext64.dll [2019-04-27] (win.rar GmbH -> Alexander Roshal)
ContextMenuHandlers1-x32: [WinRAR32] -> {B41DB860-8EE4-11D2-9906-E49FADC173CA} => C:\Program Files (x86)\WinRAR\rarext.dll [2019-04-27] (win.rar GmbH -> Alexander Roshal)
ContextMenuHandlers3: [00asw] -> {472083B0-C522-11CF-8763-00608CC02F24} => C:\Program Files\AVAST Software\Avast\ashShell.dll [2019-06-25] (AVAST Software s.r.o. -> AVAST Software)
ContextMenuHandlers3: [MBAMShlExt] -> {57CE581A-0CB6-4266-9CA0-19364C90A0B3} => C:\Program Files\Malwarebytes\Anti-Malware\mbshlext.dll [2017-11-01] (Malwarebytes Corporation -> Malwarebytes)
ContextMenuHandlers5: [ACE] -> {5E2121EE-0300-11D4-8D3B-444553540000} => C:\Program Files (x86)\ATI Technologies\ATI.ACE\Core-Static\atiacm64.dll [2011-02-05] (Advanced Micro Devices, Inc.) [File not signed]
ContextMenuHandlers5: [igfxcui] -> {3AB1675A-CCFF-11D2-8B20-00A0C93CB1F4} => C:\Windows\system32\igfxpph.dll [2011-03-26] (Microsoft Windows Hardware Compatibility Publisher -> Intel Corporation)
ContextMenuHandlers6: [avast] -> {472083B0-C522-11CF-8763-00608CC02F24} => C:\Program Files\AVAST Software\Avast\ashShell.dll [2019-06-25] (AVAST Software s.r.o. -> AVAST Software)
ContextMenuHandlers6: [MBAMShlExt] -> {57CE581A-0CB6-4266-9CA0-19364C90A0B3} => C:\Program Files\Malwarebytes\Anti-Malware\mbshlext.dll [2017-11-01] (Malwarebytes Corporation -> Malwarebytes)
ContextMenuHandlers6: [WinRAR] -> {B41DB860-64E4-11D2-9906-E49FADC173CA} => C:\Program Files (x86)\WinRAR\rarext64.dll [2019-04-27] (win.rar GmbH -> Alexander Roshal)
ContextMenuHandlers6-x32: [WinRAR32] -> {B41DB860-8EE4-11D2-9906-E49FADC173CA} => C:\Program Files (x86)\WinRAR\rarext.dll [2019-04-27] (win.rar GmbH -> Alexander Roshal)

==================== Shortcuts & WMI ========================

(The entries could be listed to be restored or removed.)

WMI:subscription\__FilterToConsumerBinding->CommandLineEventConsumer.Name=\"BVTConsumer\"",Filter="__EventFilter.Name=\"BVTFilter\"::
WMI:subscription\__EventFilter->BVTFilter::[Query => SELECT * FROM __InstanceModificationEvent WITHIN 60 WHERE TargetInstance ISA "Win32_Processor" AND TargetInstance.LoadPercentage > 99]
WMI:subscription\CommandLineEventConsumer->BVTConsumer::[CommandLineTemplate => cscript KernCap.vbs][WorkingDirectory => C:\\tools\\kernrate]

==================== Loaded Modules (Whitelisted) ==============

2009-01-20 23:51 - 2009-01-20 23:51 - 000007168 _____ ( ) [File not signed] C:\Program Files (x86)\ATI Technologies\ATI.ACE\Core-Static\atixclib.dll
2011-03-14 23:21 - 2011-03-14 23:21 - 000016384 _____ () [File not signed] C:\Program Files (x86)\ATI Technologies\ATI.ACE\Branding\Branding.dll
2011-02-05 00:28 - 2011-02-05 00:28 - 000243712 _____ () [File not signed] C:\Program Files (x86)\ATI Technologies\ATI.ACE\Core-Static\CLI.Aspect.CrossDisplay.Graphics.Dashboard.dll
2018-03-18 16:39 - 2016-09-12 15:53 - 048936448 _____ () [File not signed] C:\Program Files (x86)\AVAST Software\Avast Cleanup\libcef.dll
2011-08-03 03:26 - 2011-02-03 20:44 - 000041984 _____ () [File not signed] C:\Program Files (x86)\ThinkPad\Utilities\US\PWMRT64V.DLL
2010-12-17 22:53 - 2010-12-17 22:53 - 001501696 _____ () [File not signed] C:\Program Files\Common Files\Intel\WirelessCommon\Libeay32.dll
2011-02-05 00:23 - 2011-02-05 00:23 - 000008704 _____ (Advanced Micro Devices Inc.) [File not signed] C:\Program Files (x86)\ATI Technologies\ATI.ACE\Core-Static\AEM.Actions.CCAA.Shared.dll
2011-02-05 00:25 - 2011-02-05 00:25 - 000006656 _____ (Advanced Micro Devices Inc.) [File not signed] C:\Program Files (x86)\ATI Technologies\ATI.ACE\Core-Static\AEM.Plugin.DPPE.Shared.dll
2011-02-05 00:23 - 2011-02-05 00:23 - 000005632 _____ (Advanced Micro Devices Inc.) [File not signed] C:\Program Files (x86)\ATI Technologies\ATI.ACE\Core-Static\AEM.Plugin.EEU.Shared.dll
2011-02-05 00:24 - 2011-02-05 00:24 - 000005632 _____ (Advanced Micro Devices Inc.) [File not signed] C:\Program Files (x86)\ATI Technologies\ATI.ACE\Core-Static\AEM.Plugin.GD.Shared.dll
2011-02-05 00:23 - 2011-02-05 00:23 - 000007168 _____ (Advanced Micro Devices Inc.) [File not signed] C:\Program Files (x86)\ATI Technologies\ATI.ACE\Core-Static\AEM.Plugin.Hotkeys.Shared.dll
2011-02-05 00:26 - 2011-02-05 00:26 - 000005632 _____ (Advanced Micro Devices Inc.) [File not signed] C:\Program Files (x86)\ATI Technologies\ATI.ACE\Core-Static\AEM.Plugin.REG.Shared.dll
2011-02-05 00:26 - 2011-02-05 00:26 - 000040448 _____ (Advanced Micro Devices Inc.) [File not signed] C:\Program Files (x86)\ATI Technologies\ATI.ACE\Core-Static\AEM.Plugin.Source.Kit.Server.dll
2011-02-05 00:23 - 2011-02-05 00:23 - 000006656 _____ (Advanced Micro Devices Inc.) [File not signed] C:\Program Files (x86)\ATI Technologies\ATI.ACE\Core-Static\AEM.Plugin.WinMessages.Shared.dll
2011-02-05 00:24 - 2011-02-05 00:24 - 000034816 _____ (Advanced Micro Devices Inc.) [File not signed] C:\Program Files (x86)\ATI Technologies\ATI.ACE\Core-Static\AEM.Server.dll
2011-02-05 00:23 - 2011-02-05 00:23 - 000006144 _____ (Advanced Micro Devices Inc.) [File not signed] C:\Program Files (x86)\ATI Technologies\ATI.ACE\Core-Static\AEM.Server.Shared.dll
2011-02-05 00:23 - 2011-02-05 00:23 - 000024576 _____ (Advanced Micro Devices Inc.) [File not signed] C:\Program Files (x86)\ATI Technologies\ATI.ACE\Core-Static\APM.Foundation.dll
2011-02-05 00:24 - 2011-02-05 00:24 - 000032768 _____ (Advanced Micro Devices Inc.) [File not signed] C:\Program Files (x86)\ATI Technologies\ATI.ACE\Core-Static\ATICCCom.dll
2011-02-05 00:25 - 2011-02-05 00:25 - 000020480 _____ (Advanced Micro Devices Inc.) [File not signed] C:\Program Files (x86)\ATI Technologies\ATI.ACE\Core-Static\CCC.Implementation.dll
2011-02-05 00:28 - 2011-02-05 00:28 - 000035840 _____ (Advanced Micro Devices Inc.) [File not signed] C:\Program Files (x86)\ATI Technologies\ATI.ACE\Core-Static\CLI.Aspect.CrossFireX.Graphics.Dashboard.dll
2011-02-05 00:25 - 2011-02-05 00:25 - 000032768 _____ (Advanced Micro Devices Inc.) [File not signed] C:\Program Files (x86)\ATI Technologies\ATI.ACE\Core-Static\CLI.Aspect.DisplaysOptions.Graphics.Dashboard.dll
2011-02-05 00:25 - 2011-02-05 00:25 - 000020480 _____ (Advanced Micro Devices Inc.) [File not signed] C:\Program Files (x86)\ATI Technologies\ATI.ACE\Core-Static\CLI.Aspect.DisplaysOptions.Graphics.shared.dll
2011-02-05 00:24 - 2011-02-05 00:24 - 000020480 _____ (Advanced Micro Devices Inc.) [File not signed] C:\Program Files (x86)\ATI Technologies\ATI.ACE\Core-Static\CLI.Aspect.HotkeysHandling.Graphics.Shared.dll
2011-02-05 00:25 - 2011-02-05 00:25 - 000065536 _____ (Advanced Micro Devices Inc.) [File not signed] C:\Program Files (x86)\ATI Technologies\ATI.ACE\Core-Static\CLI.Aspect.MMVideo.Graphics.Shared.dll
2011-02-05 00:27 - 2011-02-05 00:27 - 000096768 _____ (Advanced Micro Devices Inc.) [File not signed] C:\Program Files (x86)\ATI Technologies\ATI.ACE\Core-Static\CLI.Aspect.PowerPlayDPPE.Graphics.Dashboard.dll
2011-02-05 00:25 - 2011-02-05 00:25 - 000035840 _____ (Advanced Micro Devices Inc.) [File not signed] C:\Program Files (x86)\ATI Technologies\ATI.ACE\Core-Static\CLI.Aspect.PowerPlayDPPE.Graphics.Runtime.dll
2011-02-05 00:25 - 2011-02-05 00:25 - 000018432 _____ (Advanced Micro Devices Inc.) [File not signed] C:\Program Files (x86)\ATI Technologies\ATI.ACE\Core-Static\CLI.Aspect.PowerPlayDPPE.Graphics.Shared.dll
2011-02-05 00:25 - 2011-02-05 00:25 - 000061440 _____ (Advanced Micro Devices Inc.) [File not signed] C:\Program Files (x86)\ATI Technologies\ATI.ACE\Core-Static\CLI.Aspect.Radeon3D.Graphics.Shared.dll
2011-02-05 00:27 - 2011-02-05 00:27 - 000159744 _____ (Advanced Micro Devices Inc.) [File not signed] C:\Program Files (x86)\ATI Technologies\ATI.ACE\Core-Static\CLI.Aspect.TransCode.Graphics.Dashboard.dll
2011-02-05 00:26 - 2011-02-05 00:26 - 000013824 _____ (Advanced Micro Devices Inc.) [File not signed] C:\Program Files (x86)\ATI Technologies\ATI.ACE\Core-Static\CLI.Aspect.TransCode.Graphics.Runtime.dll
2011-02-05 00:25 - 2011-02-05 00:25 - 000045056 _____ (Advanced Micro Devices Inc.) [File not signed] C:\Program Files (x86)\ATI Technologies\ATI.ACE\Core-Static\CLI.Aspect.TransCode.Graphics.shared.dll
2011-02-05 00:25 - 2011-02-05 00:25 - 000009728 _____ (Advanced Micro Devices Inc.) [File not signed] C:\Program Files (x86)\ATI Technologies\ATI.ACE\Core-Static\CLI.Aspect.Welcome.Graphics.shared.dll
2011-02-05 00:26 - 2011-02-05 00:26 - 000008704 _____ (Advanced Micro Devices Inc.) [File not signed] C:\Program Files (x86)\ATI Technologies\ATI.ACE\Core-Static\CLI.Caste.Fuel.Dashboard.dll
2011-02-05 00:26 - 2011-02-05 00:26 - 000019968 _____ (Advanced Micro Devices Inc.) [File not signed] C:\Program Files (x86)\ATI Technologies\ATI.ACE\Core-Static\CLI.Caste.Fuel.Runtime.dll
2011-02-05 00:26 - 2011-02-05 00:26 - 000010752 _____ (Advanced Micro Devices Inc.) [File not signed] C:\Program Files (x86)\ATI Technologies\ATI.ACE\Core-Static\CLI.Caste.Fuel.Shared.dll
2011-02-05 00:24 - 2011-02-05 00:24 - 000126976 _____ (Advanced Micro Devices Inc.) [File not signed] C:\Program Files (x86)\ATI Technologies\ATI.ACE\Core-Static\CLI.Caste.Graphics.Dashboard.dll
2011-02-05 00:24 - 2011-02-05 00:24 - 000966656 _____ (Advanced Micro Devices Inc.) [File not signed] C:\Program Files (x86)\ATI Technologies\ATI.ACE\Core-Static\CLI.Caste.Graphics.Dashboard.Shared.dll
2011-02-05 00:24 - 2011-02-05 00:24 - 000008704 _____ (Advanced Micro Devices Inc.) [File not signed] C:\Program Files (x86)\ATI Technologies\ATI.ACE\Core-Static\CLI.Caste.Graphics.Runtime.Shared.Private.dll
2011-02-05 00:26 - 2011-02-05 00:26 - 000008192 _____ (Advanced Micro Devices Inc.) [File not signed] C:\Program Files (x86)\ATI Technologies\ATI.ACE\Core-Static\CLI.Caste.HydraVision.Dashboard.dll
2011-02-05 00:26 - 2011-02-05 00:26 - 000011776 _____ (Advanced Micro Devices Inc.) [File not signed] C:\Program Files (x86)\ATI Technologies\ATI.ACE\Core-Static\CLI.Caste.HydraVision.Runtime.dll
2011-02-05 00:26 - 2011-02-05 00:26 - 000008704 _____ (Advanced Micro Devices Inc.) [File not signed] C:\Program Files (x86)\ATI Technologies\ATI.ACE\Core-Static\CLI.Caste.HydraVision.Shared.dll
2011-02-05 00:28 - 2011-02-05 00:28 - 002844672 _____ (Advanced Micro Devices Inc.) [File not signed] C:\Program Files (x86)\ATI Technologies\ATI.ACE\Core-Static\CLI.Combined.Graphics.Aspects1.Dashboard.dll
2011-02-05 00:28 - 2011-02-05 00:28 - 000254976 _____ (Advanced Micro Devices Inc.) [File not signed] C:\Program Files (x86)\ATI Technologies\ATI.ACE\Core-Static\CLI.Combined.Graphics.Aspects1.Runtime.dll
2011-02-05 00:23 - 2011-02-05 00:23 - 000007680 _____ (Advanced Micro Devices Inc.) [File not signed] C:\Program Files (x86)\ATI Technologies\ATI.ACE\Core-Static\CLI.Component.Client.Shared.dll
2011-02-05 00:27 - 2011-02-05 00:27 - 000058368 _____ (Advanced Micro Devices Inc.) [File not signed] C:\Program Files (x86)\ATI Technologies\ATI.ACE\Core-Static\CLI.Component.Dashboard.ProfileManager2.dll
2011-02-05 00:23 - 2011-02-05 00:23 - 000032768 _____ (Advanced Micro Devices Inc.) [File not signed] C:\Program Files (x86)\ATI Technologies\ATI.ACE\Core-Static\CLI.Component.Dashboard.Shared.dll
2011-02-05 00:24 - 2011-02-05 00:24 - 001123840 _____ (Advanced Micro Devices Inc.) [File not signed] C:\Program Files (x86)\ATI Technologies\ATI.ACE\Core-Static\CLI.Component.Dashboard.Shared.Private.dll
2011-02-05 00:25 - 2011-02-05 00:25 - 001003520 _____ (Advanced Micro Devices Inc.) [File not signed] C:\Program Files (x86)\ATI Technologies\ATI.ACE\Core-Static\CLI.Component.Eeu.dll
2011-02-05 00:23 - 2011-02-05 00:23 - 000007168 _____ (Advanced Micro Devices Inc.) [File not signed] C:\Program Files (x86)\ATI Technologies\ATI.ACE\Core-Static\CLI.Component.Runtime.Extension.EEU.dll
2011-02-05 00:23 - 2011-02-05 00:23 - 000005632 _____ (Advanced Micro Devices Inc.) [File not signed] C:\Program Files (x86)\ATI Technologies\ATI.ACE\Core-Static\CLI.Component.Runtime.Shared.dll
2011-02-05 00:23 - 2011-02-05 00:23 - 000037376 _____ (Advanced Micro Devices Inc.) [File not signed] C:\Program Files (x86)\ATI Technologies\ATI.ACE\Core-Static\CLI.Component.Runtime.Shared.Private.dll
2011-02-05 00:24 - 2011-02-05 00:24 - 000253952 _____ (Advanced Micro Devices Inc.) [File not signed] C:\Program Files (x86)\ATI Technologies\ATI.ACE\Core-Static\CLI.Foundation.Client.dll
2011-02-05 00:23 - 2011-02-05 00:23 - 000061440 _____ (Advanced Micro Devices Inc.) [File not signed] C:\Program Files (x86)\ATI Technologies\ATI.ACE\Core-Static\CLI.Foundation.dll
2011-02-05 00:23 - 2011-02-05 00:23 - 000029184 _____ (Advanced Micro Devices Inc.) [File not signed] C:\Program Files (x86)\ATI Technologies\ATI.ACE\Core-Static\CLI.Foundation.Private.dll
2011-02-05 00:25 - 2011-02-05 00:25 - 000018432 _____ (Advanced Micro Devices Inc.) [File not signed] C:\Program Files (x86)\ATI Technologies\ATI.ACE\Core-Static\CLI.Foundation.XManifest.dll
2011-02-05 00:24 - 2011-02-05 00:24 - 000006144 _____ (Advanced Micro Devices Inc.) [File not signed] C:\Program Files (x86)\ATI Technologies\ATI.ACE\Core-Static\DEM.Graphics.dll
2011-02-05 00:26 - 2011-02-05 00:26 - 000012288 _____ (Advanced Micro Devices Inc.) [File not signed] C:\Program Files (x86)\ATI Technologies\ATI.ACE\Core-Static\Fuel.Foundation.dll
2011-02-05 00:23 - 2011-02-05 00:23 - 000020992 _____ (Advanced Micro Devices Inc.) [File not signed] C:\Program Files (x86)\ATI Technologies\ATI.ACE\Core-Static\LOG.Foundation.dll
2011-02-05 00:25 - 2011-02-05 00:25 - 000055296 _____ (Advanced Micro Devices Inc.) [File not signed] C:\Program Files (x86)\ATI Technologies\ATI.ACE\Core-Static\LOG.Foundation.Implementation.dll
2011-02-05 00:23 - 2011-02-05 00:23 - 000020480 _____ (Advanced Micro Devices Inc.) [File not signed] C:\Program Files (x86)\ATI Technologies\ATI.ACE\Core-Static\LOG.Foundation.Implementation.Private.dll
2011-02-05 00:23 - 2011-02-05 00:23 - 000024576 _____ (Advanced Micro Devices Inc.) [File not signed] C:\Program Files (x86)\ATI Technologies\ATI.ACE\Core-Static\LOG.Foundation.Private.dll
2010-08-24 02:11 - 2010-08-24 02:11 - 000299008 _____ (Advanced Micro Devices Inc.) [File not signed] C:\Program Files (x86)\ATI Technologies\ATI.ACE\Core-Static\MOM.exe
2011-02-05 00:23 - 2011-02-05 00:23 - 000005632 _____ (Advanced Micro Devices Inc.) [File not signed] C:\Program Files (x86)\ATI Technologies\ATI.ACE\Core-Static\MOM.Foundation.dll
2011-02-05 00:25 - 2011-02-05 00:25 - 000094720 _____ (Advanced Micro Devices Inc.) [File not signed] C:\Program Files (x86)\ATI Technologies\ATI.ACE\Core-Static\MOM.Implementation.dll
2011-02-05 00:23 - 2011-02-05 00:23 - 000015360 _____ (Advanced Micro Devices Inc.) [File not signed] C:\Program Files (x86)\ATI Technologies\ATI.ACE\Core-Static\NEWAEM.Foundation.dll
2010-10-08 20:50 - 2010-10-08 20:50 - 000081920 _____ (Advanced Micro Devices, Inc.) [File not signed] C:\Program Files (x86)\ATI Technologies\ATI.ACE\Core-Static\ADL.Foundation.dll
2011-02-05 00:24 - 2011-02-05 00:24 - 000065024 _____ (Advanced Micro Devices, Inc.) [File not signed] C:\Program Files (x86)\ATI Technologies\ATI.ACE\Core-Static\APM.Server.dll
2011-02-05 00:28 - 2011-02-05 00:28 - 000263680 _____ (Advanced Micro Devices, Inc.) [File not signed] C:\Program Files (x86)\ATI Technologies\ATI.ACE\Core-Static\CLI.Aspect.PowerXpress.Graphics.Dashboard.dll
2011-02-05 00:26 - 2011-02-05 00:26 - 000044544 _____ (Advanced Micro Devices, Inc.) [File not signed] C:\Program Files (x86)\ATI Technologies\ATI.ACE\Core-Static\CLI.Aspect.PowerXpress.Graphics.Runtime.dll
2011-02-05 00:25 - 2011-02-05 00:25 - 000025088 _____ (Advanced Micro Devices, Inc.) [File not signed] C:\Program Files (x86)\ATI Technologies\ATI.ACE\Core-Static\CLI.Aspect.PowerXpress.Graphics.Shared.dll
2011-02-05 00:24 - 2011-02-05 00:24 - 000037888 _____ (Advanced Micro Devices, Inc.) [File not signed] C:\Program Files (x86)\ATI Technologies\ATI.ACE\Core-Static\CLI.Component.Client.Shared.Private.dll
2011-02-05 00:24 - 2011-02-05 00:24 - 000356352 _____ (Advanced Micro Devices, Inc.) [File not signed] C:\Program Files (x86)\ATI Technologies\ATI.ACE\Core-Static\CLI.Component.Dashboard.dll
2011-02-05 00:24 - 2011-02-05 00:24 - 000057344 _____ (Advanced Micro Devices, Inc.) [File not signed] C:\Program Files (x86)\ATI Technologies\ATI.ACE\Core-Static\CLI.Component.Runtime.dll
2009-04-22 22:13 - 2009-04-22 22:13 - 000016384 _____ (Advanced Micro Devices, Inc.) [File not signed] C:\Program Files (x86)\ATI Technologies\ATI.ACE\Core-Static\DEM.Graphics.I0702.dll
2009-06-17 15:27 - 2009-06-17 15:27 - 000016384 _____ (Advanced Micro Devices, Inc.) [File not signed] C:\Program Files (x86)\ATI Technologies\ATI.ACE\Core-Static\DEM.Graphics.I0709.dll
2007-10-30 00:56 - 2007-10-30 00:56 - 000016384 _____ (Advanced Micro Devices, Inc.) [File not signed] C:\Program Files (x86)\ATI Technologies\ATI.ACE\Core-Static\DEM.Graphics.I0710.dll
2009-06-17 20:24 - 2009-06-17 20:24 - 000016384 _____ (Advanced Micro Devices, Inc.) [File not signed] C:\Program Files (x86)\ATI Technologies\ATI.ACE\Core-Static\DEM.Graphics.I0712.dll
2008-04-04 02:29 - 2008-04-04 02:29 - 000020480 _____ (Advanced Micro Devices, Inc.) [File not signed] C:\Program Files (x86)\ATI Technologies\ATI.ACE\Core-Static\DEM.Graphics.I0804.dll
2009-01-21 00:36 - 2009-01-21 00:36 - 000016384 _____ (Advanced Micro Devices, Inc.) [File not signed] C:\Program Files (x86)\ATI Technologies\ATI.ACE\Core-Static\DEM.Graphics.I0901.dll
2009-06-17 20:24 - 2009-06-17 20:24 - 000016384 _____ (Advanced Micro Devices, Inc.) [File not signed] C:\Program Files (x86)\ATI Technologies\ATI.ACE\Core-Static\DEM.Graphics.I0906.dll
2010-10-07 23:07 - 2010-10-07 23:07 - 000020480 _____ (Advanced Micro Devices, Inc.) [File not signed] C:\Program Files (x86)\ATI Technologies\ATI.ACE\Core-Static\DEM.Graphics.I1010.dll
2010-11-06 00:18 - 2010-11-06 00:18 - 000016384 _____ (Advanced Micro Devices, Inc.) [File not signed] C:\Program Files (x86)\ATI Technologies\ATI.ACE\Core-Static\DEM.Graphics.I1011.dll
2011-02-05 00:23 - 2011-02-05 00:23 - 000106496 _____ (Advanced Micro Devices, Inc.) [File not signed] C:\Program Files (x86)\ATI Technologies\ATI.ACE\Core-Static\Localization.Foundation.Implementation.cs_Localization.dll
2011-02-05 00:23 - 2011-02-05 00:23 - 000151552 _____ (Advanced Micro Devices, Inc.) [File not signed] C:\Program Files (x86)\ATI Technologies\ATI.ACE\Core-Static\Localization.Foundation.Private.dll
2011-02-05 00:26 - 2011-02-05 00:26 - 000735744 _____ (Advanced Micro Devices, Inc.) [File not signed] C:\Program Files (x86)\ATI Technologies\ATI.ACE\Core-Static\ResourceManagement.Foundation.Implementation.dll
2011-02-05 00:24 - 2011-02-05 00:24 - 000008704 _____ (Advanced Micro Devices, Inc.) [File not signed] C:\Program Files (x86)\ATI Technologies\ATI.ACE\Core-Static\ResourceManagement.Foundation.Private.dll
2011-02-05 00:24 - 2011-02-05 00:24 - 000286720 _____ (Advanced Mirco Devices, Inc.) [File not signed] C:\Program Files (x86)\ATI Technologies\ATI.ACE\Core-Static\CLI.Caste.Graphics.Runtime.dll
2011-02-05 00:23 - 2011-02-05 00:23 - 000159744 _____ (Advanced Mirco Devices, Inc.) [File not signed] C:\Program Files (x86)\ATI Technologies\ATI.ACE\Core-Static\CLI.Caste.Graphics.Shared.dll
2010-09-29 01:33 - 2010-09-29 01:33 - 000299008 _____ (ATI Technologies Inc.) [File not signed] C:\Program Files (x86)\ATI Technologies\ATI.ACE\Core-Static\CCC.exe
2010-03-04 10:27 - 2010-03-04 10:27 - 000016384 _____ (ATI Technologies Inc.) [File not signed] C:\Program Files (x86)\ATI Technologies\ATI.ACE\Core-Static\DEM.Foundation.dll
2009-04-22 22:13 - 2009-04-22 22:13 - 000045056 _____ (ATI Technologies Inc.) [File not signed] C:\Program Files (x86)\ATI Technologies\ATI.ACE\Core-Static\DEM.Graphics.I0601.dll
2010-12-17 23:07 - 2010-12-17 23:07 - 000333824 _____ (Intel Corporation) [File not signed] C:\Program Files\Intel\WiFi\bin\P2PSupplicant.dll
2010-12-17 23:27 - 2010-12-17 23:27 - 001070080 _____ (Intel(R) Corporation) [File not signed] C:\Program Files\Common Files\Intel\WirelessCommon\PsRegApi.dll
2010-12-17 23:28 - 2010-12-17 23:28 - 001044992 _____ (Intel(R) Corporation) [File not signed] C:\Program Files\Common Files\Intel\WirelessCommon\TraceApi.dll
2010-12-17 23:28 - 2010-12-17 23:28 - 000831488 _____ (Intel(R) Corporation) [File not signed] C:\Program Files\Intel\WiFi\bin\IntStngs.dll
2010-12-17 23:28 - 2010-12-17 23:28 - 000336896 _____ (Intel(R) Corporation) [File not signed] C:\Program Files\Intel\WiFi\bin\IWMSPROV.DLL
2010-12-17 23:38 - 2010-12-17 23:38 - 001812992 _____ (Intel(R) Corporation) [File not signed] C:\Windows\System32\IWMSSvc.dll
2011-01-17 07:46 - 2010-10-19 11:06 - 000148992 _____ (Lenovo Group Limited) [File not signed] C:\Program Files\LENOVO\HOTKEY\lcdbl.dll
2017-05-03 22:55 - 2017-05-03 22:55 - 001654784 _____ (Microsoft Corporation) [File not signed] C:\Windows\WinSxS\amd64_microsoft.vc80.mfc_1fc8b3b9a1e18e3b_8.0.50727.6195_none_8448b2bd328df189\MFC80U.DLL
2019-03-19 00:16 - 2018-09-05 22:32 - 002095104 _____ (The OpenSSL Project, hxxp://www.openssl.org/) [File not signed] C:\Program Files\AVAST Software\SecureLine\libcrypto-1_1.dll

==================== Alternate Data Streams (Whitelisted) =========

(If an entry is included in the fixlist, only the ADS will be removed.)

AlternateDataStreams: C:\Users\Public\Shared Files:VersionCache [466]

==================== Safe Mode (Whitelisted) ===================

(If an entry is included in the fixlist, it will be removed from the registry. The "AlternateShell" will be restored.)

HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\MBAMService => ""="Service"
HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Network\MBAMService => ""="Service"

==================== Association (Whitelisted) ===============

(If an entry is included in the fixlist, the registry item will be restored to default or removed.)


==================== Internet Explorer trusted/restricted ===============

(If an entry is included in the fixlist, it will be removed from the registry.)


==================== Hosts content: ===============================

(If needed Hosts: directive could be included in the fixlist to reset Hosts.)

2009-07-14 04:34 - 2019-02-16 22:29 - 000000861 _____ C:\Windows\system32\drivers\etc\hosts

127.0.0.1 localhost

==================== Other Areas ============================

(Currently there is no automatic fix for this section.)

HKLM\System\CurrentControlSet\Control\Session Manager\Environment\\Path -> C:\Program Files\Common Files\Microsoft Shared\Windows Live;C:\Program Files (x86)\Common Files\Microsoft Shared\Windows Live;%SystemRoot%\system32;%SystemRoot%;%SystemRoot%\System32\Wbem;%SYSTEMROOT%\System32\WindowsPowerShell\v1.0\;C:\Program Files\ThinkPad\Bluetooth Software\;C:\Program Files\ThinkPad\Bluetooth Software\syswow64;C:\Program Files\Broadcom\WHL\;C:\Program Files\Broadcom\WHL\syswow64;C:\Program Files\Broadcom\WHL\SysWow64\;C:\Program Files\Broadcom\WHL\SysWow64\syswow64;C:\Program Files\Intel\WiFi\bin\;C:\Program Files\Common Files\Intel\WirelessCommon\;C:\Program Files (x86)\ATI Technologies\ATI.ACE\Core-Static;C:\Program Files (x86)\Common Files\Lenovo;C:\Program Files (x86)\Windows Live\Shared;C:\SWTOOLS\ReadyApps;C:\Program Files (x86)\Intel\Services\IPT\
HKU\S-1-5-21-960529557-3528276582-3652460945-1001\Control Panel\Desktop\\Wallpaper -> C:\Users\Daniel\AppData\Roaming\Microsoft\Windows\Themes\TranscodedWallpaper.jpg
DNS Servers: 79.98.72.27 - 79.98.72.2
HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Policies\System => (ConsentPromptBehaviorAdmin: 5) (ConsentPromptBehaviorUser: 3) (EnableLUA: 1)
Windows Firewall is enabled.

==================== MSCONFIG/TASK MANAGER disabled items ==

If an entry is included in the fixlist, it will be removed.


==================== FirewallRules (Whitelisted) ===============

(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)

FirewallRules: [{D6564FDE-E481-4D37-99B2-9022C481AB76}] => (Allow) C:\Program Files\Intel\WiFi\bin\PanDhcpDns.exe (Intel Corporation - Mobile Wireless Group -> )
FirewallRules: [{0B1081D9-2566-4F36-AEB6-2B2FE7EE2875}] => (Allow) C:\Program Files (x86)\Windows Live\Contacts\wlcomm.exe (Microsoft Corporation -> Microsoft Corporation)
FirewallRules: [{5F633DE2-9BD7-43A3-9D8E-31DCFD767C83}] => (Allow) LPort=2869
FirewallRules: [{27BE71AD-E74C-44F5-9E1E-9D4626A1347B}] => (Allow) LPort=1900
FirewallRules: [{C03F6FB9-5FFB-445D-BD0A-9AB4B8A9CBDF}] => (Allow) C:\Program Files (x86)\Windows Live\Messenger\msnmsgr.exe (Microsoft Corporation -> Microsoft Corporation)
FirewallRules: [{4FFD33E4-92AD-49C0-A541-12311C6FFADC}] => (Allow) C:\Program Files (x86)\Windows Live\Mesh\MOE.exe (Microsoft Corporation -> Microsoft Corporation)
FirewallRules: [{DEB12DBC-0B99-45E9-9C0B-7FF22308149C}] => (Allow) C:\Program Files (x86)\Intel Corporation\Intel Wireless Display\WiDiApp.exe (Intel Corporation -> Intel Corporation)
FirewallRules: [{940E1AAF-8418-451F-B643-5105A4ABF066}] => (Allow) C:\Program Files\HP\HP Deskjet 3050 J610 series\Bin\DeviceSetup.exe (Hewlett Packard -> Hewlett-Packard Co.)
FirewallRules: [{DCE0554D-54CA-484D-AE85-9EF304E28A36}] => (Allow) C:\Program Files\HP\HP Deskjet 3050 J610 series\Bin\HPNetworkCommunicator.exe (Hewlett Packard -> Hewlett-Packard Co.)
FirewallRules: [{9F6E9739-2F5E-4F91-ACD4-95DA72A7581C}] => (Allow) C:\Program Files\HP\HP Deskjet 3050 J610 series\Bin\HPNetworkCommunicatorCom.exe (Hewlett Packard -> Hewlett-Packard Co.)
FirewallRules: [{171FA2F7-8EE0-43B5-A167-D862745DD024}] => (Allow) C:\Program Files\AVAST Software\SZBrowser\3.55.2393.596_0\SZBrowser.exe No File
FirewallRules: [{90BC9D4F-4DF1-4187-9930-FD51433C61DF}] => (Allow) C:\Program Files\HP\HP Deskjet 3050A J611 series\Bin\DeviceSetup.exe (Hewlett Packard -> Hewlett-Packard Co.)
FirewallRules: [{E2E91C4C-DF82-4CAC-8DC5-2147DA645BD4}] => (Allow) C:\Program Files\HP\HP Deskjet 3050A J611 series\Bin\HPNetworkCommunicator.exe (Hewlett Packard -> Hewlett-Packard Co.)
FirewallRules: [{C73432E1-A746-4906-90C5-0C49F06F5BE1}] => (Allow) C:\Program Files\HP\HP Deskjet 3050A J611 series\Bin\HPNetworkCommunicatorCom.exe (Hewlett Packard -> Hewlett-Packard Co.)
FirewallRules: [{ADF0C66C-F44C-4B6C-9B95-A69FF4CF20D1}] => (Allow) C:\Program Files\AVAST Software\SZBrowser\3.55.2393.596_1\SZBrowser.exe No File
FirewallRules: [{DF28E645-0C02-4977-9FD3-25852C18DA10}] => (Allow) C:\Program Files\AVAST Software\SZBrowser\3.55.2393.596_4\SZBrowser.exe No File
FirewallRules: [{B67C4348-77F7-491F-BE43-96CE9E9954F7}] => (Allow) C:\Program Files\AVAST Software\SZBrowser\3.55.2393.609_1\SZBrowser.exe No File
FirewallRules: [{36884726-A925-48F0-85E2-5B3C0CBB2BA0}] => (Allow) C:\Program Files\AVAST Software\SZBrowser\4.58.2552.909\SZBrowser.exe No File
FirewallRules: [{C2BF739F-E0C8-436E-8A06-BAD29D480E26}] => (Allow) C:\Program Files\AVAST Software\SZBrowser\3.55.2393.609\SZBrowser.exe No File
FirewallRules: [{CA8F3D43-63A5-4F8D-A342-8CCDA4E680F2}] => (Allow) C:\Program Files\AVAST Software\SZBrowser\4.58.2552.909_1\SZBrowser.exe No File
FirewallRules: [{C42F8961-4B53-43EF-90EC-448879B64332}] => (Allow) C:\Program Files\AVAST Software\SZBrowser\4.58.2552.909_0\SZBrowser.exe No File
FirewallRules: [{16696FC0-2363-4A03-8684-33BDDB4D5754}] => (Allow) C:\Program Files (x86)\Microsoft Office\root\Office16\outlook.exe (Microsoft Corporation -> Microsoft Corporation)
FirewallRules: [TCP Query User{7F28047A-6619-4E21-8477-3E7C76F2451A}C:\program files (x86)\mozilla firefox\firefox.exe] => (Block) C:\program files (x86)\mozilla firefox\firefox.exe No File
FirewallRules: [UDP Query User{54709A8B-1A02-4729-B104-177F54BD2612}C:\program files (x86)\mozilla firefox\firefox.exe] => (Block) C:\program files (x86)\mozilla firefox\firefox.exe No File
FirewallRules: [{70357153-6D28-49A4-BDF7-A67F80DAC959}] => (Allow) C:\Program Files\Mozilla Firefox\firefox.exe (Mozilla Corporation -> Mozilla Corporation)
FirewallRules: [{248C87F8-A75A-4D27-895F-F2702FA4CF6C}] => (Allow) C:\Program Files\Mozilla Firefox\firefox.exe (Mozilla Corporation -> Mozilla Corporation)
FirewallRules: [TCP Query User{B7C99477-9C6C-43B9-B30D-1252CC39AFD8}C:\program files (x86)\epic games\launcher\portal\binaries\win32\epicgameslauncher.exe] => (Allow) C:\program files (x86)\epic games\launcher\portal\binaries\win32\epicgameslauncher.exe (Epic Games Inc. -> Epic Games, Inc.)
FirewallRules: [UDP Query User{9395F6E2-B8B0-4AE3-96A1-122847559F76}C:\program files (x86)\epic games\launcher\portal\binaries\win32\epicgameslauncher.exe] => (Allow) C:\program files (x86)\epic games\launcher\portal\binaries\win32\epicgameslauncher.exe (Epic Games Inc. -> Epic Games, Inc.)
FirewallRules: [TCP Query User{3699C5FF-ECA9-454D-9F29-4574356943A3}C:\program files (x86)\epic games\launcher\portal\binaries\win64\epicgameslauncher.exe] => (Allow) C:\program files (x86)\epic games\launcher\portal\binaries\win64\epicgameslauncher.exe (Epic Games Inc. -> Epic Games, Inc.)
FirewallRules: [UDP Query User{CCF609A7-FDAA-4A17-AE4A-0C33F95659D2}C:\program files (x86)\epic games\launcher\portal\binaries\win64\epicgameslauncher.exe] => (Allow) C:\program files (x86)\epic games\launcher\portal\binaries\win64\epicgameslauncher.exe (Epic Games Inc. -> Epic Games, Inc.)
FirewallRules: [TCP Query User{8E0B3B8E-F761-4DD5-AACA-B1BD3DD2B739}C:\program files\epic games\fortnite\fortnitegame\binaries\win64\fortniteclient-win64-shipping.exe] => (Allow) C:\program files\epic games\fortnite\fortnitegame\binaries\win64\fortniteclient-win64-shipping.exe No File
FirewallRules: [UDP Query User{68EE0A13-0897-49F7-B2F2-71A932CF0FCE}C:\program files\epic games\fortnite\fortnitegame\binaries\win64\fortniteclient-win64-shipping.exe] => (Allow) C:\program files\epic games\fortnite\fortnitegame\binaries\win64\fortniteclient-win64-shipping.exe No File
FirewallRules: [{95E227E6-774E-4380-8782-0943537F6952}] => (Allow) C:\Program Files\AVAST Software\SecureLine\VpnUpdate.exe (AVAST Software s.r.o. -> AVAST Software)
FirewallRules: [{65502A7C-39A3-4048-A4A5-647F9DB26C55}] => (Allow) C:\Program Files\AVAST Software\SecureLine\VpnUpdate.exe (AVAST Software s.r.o. -> AVAST Software)

==================== Restore Points =========================

24-06-2019 23:17:04 Operace obnovení
03-07-2019 21:41:50 Windows Zálohování
18-07-2019 10:44:02 Windows Zálohování
18-07-2019 23:04:42 Windows Update

==================== Faulty Device Manager Devices =============

Name: avast! SecureLine TAP Adapter v3
Description: avast! SecureLine TAP Adapter v3
Class Guid: {4d36e972-e325-11ce-bfc1-08002be10318}
Manufacturer: TAP-Windows Provider V9
Service: aswTap
Problem: : This device is disabled. (Code 22)
Resolution: In Device Manager, click "Action", and then click "Enable Device". This starts the Enable Device wizard. Follow the instructions.


==================== Event log errors: =========================

Application errors:
==================
Error: (07/19/2019 11:15:52 PM) (Source: WinMgmt) (EventID: 10) (User: )
Description: Event filter with query "SELECT * FROM __InstanceModificationEvent WITHIN 60 WHERE TargetInstance ISA "Win32_Processor" AND TargetInstance.LoadPercentage > 99" could not be reactivated in namespace "//./root/CIMV2" because of error 0x80041003. Events cannot be delivered through this filter until the problem is corrected.

Error: (07/18/2019 11:04:21 PM) (Source: ATIeRecord) (EventID: 16398) (User: )
Description: ATI EEU failed to post message to CCC

Error: (07/18/2019 10:51:59 PM) (Source: WinMgmt) (EventID: 10) (User: )
Description: Event filter with query "SELECT * FROM __InstanceModificationEvent WITHIN 60 WHERE TargetInstance ISA "Win32_Processor" AND TargetInstance.LoadPercentage > 99" could not be reactivated in namespace "//./root/CIMV2" because of error 0x80041003. Events cannot be delivered through this filter until the problem is corrected.

Error: (07/18/2019 10:37:55 PM) (Source: WinMgmt) (EventID: 10) (User: )
Description: Event filter with query "SELECT * FROM __InstanceModificationEvent WITHIN 60 WHERE TargetInstance ISA "Win32_Processor" AND TargetInstance.LoadPercentage > 99" could not be reactivated in namespace "//./root/CIMV2" because of error 0x80041003. Events cannot be delivered through this filter until the problem is corrected.

Error: (07/18/2019 10:58:38 AM) (Source: ATIeRecord) (EventID: 16398) (User: )
Description: ATI EEU failed to post message to CCC

Error: (07/18/2019 10:23:01 AM) (Source: WinMgmt) (EventID: 10) (User: )
Description: Event filter with query "SELECT * FROM __InstanceModificationEvent WITHIN 60 WHERE TargetInstance ISA "Win32_Processor" AND TargetInstance.LoadPercentage > 99" could not be reactivated in namespace "//./root/CIMV2" because of error 0x80041003. Events cannot be delivered through this filter until the problem is corrected.

Error: (07/04/2019 11:24:13 PM) (Source: ATIeRecord) (EventID: 16398) (User: )
Description: ATI EEU failed to post message to CCC

Error: (07/04/2019 07:55:56 PM) (Source: Windows Search Service) (EventID: 7042) (User: )
Description: Služba Windows Search byla zastavena, protože došlo k problému s indexovacím modulem The catalog is corrupt.

Podrobnosti:
Katalog indexu obsahu je poškozený. (HRESULT : 0xc0041801) (0xc0041801)


System errors:
=============
Error: (07/18/2019 10:55:41 PM) (Source: Disk) (EventID: 11) (User: )
Description: Ovladač zjistil chybu řadiče na \Device\Harddisk1\DR1.

Error: (07/18/2019 10:55:40 PM) (Source: Disk) (EventID: 11) (User: )
Description: Ovladač zjistil chybu řadiče na \Device\Harddisk1\DR1.

Error: (07/18/2019 10:50:45 PM) (Source: Microsoft-Windows-WLAN-AutoConfig) (EventID: 10003) (User: NT AUTHORITY)
Description: Rozšiřující modul sítě WLAN byl neočekávaně ukončen.

Cesta k modulu: C:\Windows\System32\IWMSSvc.dll

Error: (07/18/2019 10:50:45 PM) (Source: Microsoft-Windows-WLAN-AutoConfig) (EventID: 10003) (User: NT AUTHORITY)
Description: Rozšiřující modul sítě WLAN byl neočekávaně ukončen.

Cesta k modulu: C:\Windows\System32\IWMSSvc.dll

Error: (07/18/2019 10:50:45 PM) (Source: Microsoft-Windows-WLAN-AutoConfig) (EventID: 10003) (User: NT AUTHORITY)
Description: Rozšiřující modul sítě WLAN byl neočekávaně ukončen.

Cesta k modulu: C:\Windows\System32\IWMSSvc.dll

Error: (07/18/2019 10:50:38 PM) (Source: Microsoft-Windows-WLAN-AutoConfig) (EventID: 10003) (User: NT AUTHORITY)
Description: Rozšiřující modul sítě WLAN byl neočekávaně ukončen.

Cesta k modulu: C:\Windows\System32\IWMSSvc.dll

Error: (07/18/2019 10:50:30 PM) (Source: Service Control Manager) (EventID: 7034) (User: )
Description: Služba Lenovo Hotkey Client Loader byla neočekávaně ukončena. Tento stav nastal již 1krát.

Error: (07/18/2019 10:50:30 PM) (Source: Service Control Manager) (EventID: 7031) (User: )
Description: Služba Windows Presentation Foundation Font Cache 3.0.0.0 byla nečekaně ukončena. Stalo se to 1 krát. Následující opravná akce bude spuštěna za 0 milisekund: Restartovat službu.


==================== Memory info ===========================

BIOS: LENOVO LENOVO - 126 08/07/2013
Motherboard: LENOVO 11435WG
Processor: Intel(R) Core(TM) i3-2310M CPU @ 2.10GHz
Percentage of memory in use: 89%
Total physical RAM: 4007.23 MB
Available physical RAM: 425.89 MB
Total Virtual: 8012.61 MB
Available Virtual: 3026.69 MB

==================== Drives ================================

Drive c: (Windows7_OS) (Fixed) (Total:452.87 GB) (Free:55.32 GB) NTFS ==>[system with boot components (obtained from drive)]
Drive q: (Lenovo_Recovery) (Fixed) (Total:11.72 GB) (Free:1.71 GB) NTFS

\\?\Volume{c166b944-bd6b-11e0-bac8-806e6f6e6963}\ (SYSTEM_DRV) (Fixed) (Total:1.17 GB) (Free:0.84 GB) NTFS

==================== MBR & Partition Table ==================

========================================================
Disk: 0 (Size: 465.8 GB) (Disk ID: F46580DE)
Partition 1: (Active) - (Size=1.2 GB) - (Type=07 NTFS)
Partition 2: (Not Active) - (Size=452.9 GB) - (Type=07 NTFS)
Partition 3: (Not Active) - (Size=11.7 GB) - (Type=07 NTFS)

==================== End of Addition.txt ============================

Re: Kontrola logu

Napsal: 19 črc 2019 22:58
od Conder
:arrow: Otvor poznamkovy blok (Win+R -> notepad -> enter)
  • Skopiruj nasledujuci text a vloz ho do poznamkoveho bloku:

    Kód: Vybrat vše

    Start
    CloseProcesses:
    CreateRestorePoint:
    
    PowerShell: Get-ChildItem -Path "$ENV:USERPROFILE\Desktop" -Recurse -Force | Measure-Object -Property Length -Sum
    Zip: C:\Windows\Minidump
    
    HKU\S-1-5-21-960529557-3528276582-3652460945-1001\...\MountPoints2: {c531a2c8-9846-11e9-a049-f0def1792787} - E:\HiSuiteDownLoader.exe
    HKU\S-1-5-21-960529557-3528276582-3652460945-1001\...\MountPoints2: {e46f0976-fbb3-11e8-a904-f0def1792787} - E:\HiSuiteDownLoader.exe
    IFEO\adwcleaner_7.0.8.0.exe: [Debugger] "C:\Program Files (x86)\AVAST Software\Avast Cleanup\autoreactivator.exe"
    IFEO\adwcleaner_7.2.3.1.exe: [Debugger] "C:\Program Files (x86)\AVAST Software\Avast Cleanup\autoreactivator.exe"
    IFEO\adwcleaner_7.2.4.0.exe: [Debugger] "C:\Program Files (x86)\AVAST Software\Avast Cleanup\autoreactivator.exe"
    IFEO\bttray.exe: [Debugger] "C:\Program Files (x86)\AVAST Software\Avast Cleanup\autoreactivator.exe"
    IFEO\iwrap.exe: [Debugger] "C:\Program Files (x86)\AVAST Software\Avast Cleanup\autoreactivator.exe"
    IFEO\jrt.exe: [Debugger] "C:\Program Files (x86)\AVAST Software\Avast Cleanup\autoreactivator.exe"
    IFEO\panui.exe: [Debugger] "C:\Program Files (x86)\AVAST Software\Avast Cleanup\autoreactivator.exe"
    IFEO\pcdlauncher.exe: [Debugger] "C:\Program Files (x86)\AVAST Software\Avast Cleanup\autoreactivator.exe"
    IFEO\windvd.exe: [Debugger] "C:\Program Files (x86)\AVAST Software\Avast Cleanup\autoreactivator.exe"
    Task: {D912A71A-817E-4439-A2E2-F0311A3E6628} - System32\Tasks\{085EBD58-2FDB-436C-B017-8F4BC01F9910} => C:\Windows\system32\pcalua.exe -a C:\Users\Daniel\Desktop\vlc-media-player-seznam-listicka.exe -d C:\Users\Daniel\Desktop
    SearchScopes: HKLM -> DefaultScope {DFD08979-7A8C-470E-8C45-0F1FD572B07B} URL = 
    SearchScopes: HKLM -> {0633EE93-D776-472f-A0FF-E1416B8B2E3A} URL = 
    SearchScopes: HKLM-x32 -> DefaultScope {9E644027-4B5A-4AAF-8BCF-7F27BBD65FFA} URL = 
    SearchScopes: HKLM-x32 -> {0633EE93-D776-472f-A0FF-E1416B8B2E3A} URL = 
    FF Plugin: @microsoft.com/GENUINE -> disabled [No File]
    FF Plugin-x32: @microsoft.com/GENUINE -> disabled [No File]
    CustomCLSID: HKU\S-1-5-21-960529557-3528276582-3652460945-1001_Classes\CLSID\{162C6FB5-44D3-435B-903D-E613FA093FB5}\InprocServer32 -> C:\Users\Daniel\AppData\Local\Microsoft\OneDrive\17.3.6998.0830_1\amd64\FileCoAuthLib64.dll => No File
    AlternateDataStreams: C:\Users\Public\Shared Files:VersionCache [466]
    
    Hosts:
    EmptyTemp:
    End
  • Uloz na plochu s nazvom fixlist.txt
  • Spusti znovu FRST a klikni na Fix
  • Po dokonceni si FRST vyziada restart PC, potvrd kliknutim na OK
  • Po restartovani PC bude na ploche subor Fixlog.txt, jeho obsah sem skopiruj
:arrow: Na ploche by sa mal vytvorit ZIP archiv s aktualnym datumom a casom v nazve, posli ho ako prilohu k dalsiemu prispevku, pripadne ho nahraj napr. na leteckaposta.cz a posli odkaz na stiahnutie.

Re: Kontrola logu

Napsal: 20 črc 2019 13:36
od danek
Zdravím, tak jsem to udělal a vkládám log. Bohužel zip soubor jsem na ploše nenašel, ale ptalo se mě to, že program FRST chce udělat změny v chráněném souboru s nějakými čísly v názvu, tak jsem zakliknul, že ano.

Fix result of Farbar Recovery Scan Tool (x64) Version: 15-07-2019 01
Ran by Daniel (20-07-2019 14:26:13) Run:1
Running from C:\Users\Daniel\Desktop
Loaded Profiles: Daniel (Available Profiles: Daniel & Hanička)
Boot Mode: Normal
==============================================

fixlist content:
*****************
Start
CloseProcesses:
CreateRestorePoint:

PowerShell: Get-ChildItem -Path "$ENV:USERPROFILE\Desktop" -Recurse -Force | Measure-Object -Property Length -Sum
Zip: C:\Windows\Minidump

HKU\S-1-5-21-960529557-3528276582-3652460945-1001\...\MountPoints2: {c531a2c8-9846-11e9-a049-f0def1792787} - E:\HiSuiteDownLoader.exe
HKU\S-1-5-21-960529557-3528276582-3652460945-1001\...\MountPoints2: {e46f0976-fbb3-11e8-a904-f0def1792787} - E:\HiSuiteDownLoader.exe
IFEO\adwcleaner_7.0.8.0.exe: [Debugger] "C:\Program Files (x86)\AVAST Software\Avast Cleanup\autoreactivator.exe"
IFEO\adwcleaner_7.2.3.1.exe: [Debugger] "C:\Program Files (x86)\AVAST Software\Avast Cleanup\autoreactivator.exe"
IFEO\adwcleaner_7.2.4.0.exe: [Debugger] "C:\Program Files (x86)\AVAST Software\Avast Cleanup\autoreactivator.exe"
IFEO\bttray.exe: [Debugger] "C:\Program Files (x86)\AVAST Software\Avast Cleanup\autoreactivator.exe"
IFEO\iwrap.exe: [Debugger] "C:\Program Files (x86)\AVAST Software\Avast Cleanup\autoreactivator.exe"
IFEO\jrt.exe: [Debugger] "C:\Program Files (x86)\AVAST Software\Avast Cleanup\autoreactivator.exe"
IFEO\panui.exe: [Debugger] "C:\Program Files (x86)\AVAST Software\Avast Cleanup\autoreactivator.exe"
IFEO\pcdlauncher.exe: [Debugger] "C:\Program Files (x86)\AVAST Software\Avast Cleanup\autoreactivator.exe"
IFEO\windvd.exe: [Debugger] "C:\Program Files (x86)\AVAST Software\Avast Cleanup\autoreactivator.exe"
Task: {D912A71A-817E-4439-A2E2-F0311A3E6628} - System32\Tasks\{085EBD58-2FDB-436C-B017-8F4BC01F9910} => C:\Windows\system32\pcalua.exe -a C:\Users\Daniel\Desktop\vlc-media-player-seznam-listicka.exe -d C:\Users\Daniel\Desktop
SearchScopes: HKLM -> DefaultScope {DFD08979-7A8C-470E-8C45-0F1FD572B07B} URL =
SearchScopes: HKLM -> {0633EE93-D776-472f-A0FF-E1416B8B2E3A} URL =
SearchScopes: HKLM-x32 -> DefaultScope {9E644027-4B5A-4AAF-8BCF-7F27BBD65FFA} URL =
SearchScopes: HKLM-x32 -> {0633EE93-D776-472f-A0FF-E1416B8B2E3A} URL =
FF Plugin: @microsoft.com/GENUINE -> disabled [No File]
FF Plugin-x32: @microsoft.com/GENUINE -> disabled [No File]
CustomCLSID: HKU\S-1-5-21-960529557-3528276582-3652460945-1001_Classes\CLSID\{162C6FB5-44D3-435B-903D-E613FA093FB5}\InprocServer32 -> C:\Users\Daniel\AppData\Local\Microsoft\OneDrive\17.3.6998.0830_1\amd64\FileCoAuthLib64.dll => No File
AlternateDataStreams: C:\Users\Public\Shared Files:VersionCache [466]

Hosts:
EmptyTemp:
End
*****************

Processes closed successfully.
Restore point was successfully created.

========= Get-ChildItem -Path "$ENV:USERPROFILE\Desktop" -Recurse -Force | Measure-Object -Property Length -Sum =========



Count : 4289
Average :
Sum : 227126905732
Maximum :
Minimum :
Property : Length


========= End of Powershell: =========

Re: Kontrola logu

Napsal: 20 črc 2019 16:56
od Conder
:arrow: Fixlist sa nevykonal cely. Urob predchadzajuci krok este raz.

Re: Kontrola logu

Napsal: 20 črc 2019 19:25
od danek
Tak ještě jednou, vkládám log a v příloze je i ten zip soubor.

Fix result of Farbar Recovery Scan Tool (x64) Version: 15-07-2019 01
Ran by Daniel (20-07-2019 20:11:41) Run:2
Running from C:\Users\Daniel\Desktop
Loaded Profiles: Daniel (Available Profiles: Daniel & Hanička)
Boot Mode: Normal
==============================================

fixlist content:
*****************
Start
CloseProcesses:
CreateRestorePoint:

PowerShell: Get-ChildItem -Path "$ENV:USERPROFILE\Desktop" -Recurse -Force | Measure-Object -Property Length -Sum
Zip: C:\Windows\Minidump

HKU\S-1-5-21-960529557-3528276582-3652460945-1001\...\MountPoints2: {c531a2c8-9846-11e9-a049-f0def1792787} - E:\HiSuiteDownLoader.exe
HKU\S-1-5-21-960529557-3528276582-3652460945-1001\...\MountPoints2: {e46f0976-fbb3-11e8-a904-f0def1792787} - E:\HiSuiteDownLoader.exe
IFEO\adwcleaner_7.0.8.0.exe: [Debugger] "C:\Program Files (x86)\AVAST Software\Avast Cleanup\autoreactivator.exe"
IFEO\adwcleaner_7.2.3.1.exe: [Debugger] "C:\Program Files (x86)\AVAST Software\Avast Cleanup\autoreactivator.exe"
IFEO\adwcleaner_7.2.4.0.exe: [Debugger] "C:\Program Files (x86)\AVAST Software\Avast Cleanup\autoreactivator.exe"
IFEO\bttray.exe: [Debugger] "C:\Program Files (x86)\AVAST Software\Avast Cleanup\autoreactivator.exe"
IFEO\iwrap.exe: [Debugger] "C:\Program Files (x86)\AVAST Software\Avast Cleanup\autoreactivator.exe"
IFEO\jrt.exe: [Debugger] "C:\Program Files (x86)\AVAST Software\Avast Cleanup\autoreactivator.exe"
IFEO\panui.exe: [Debugger] "C:\Program Files (x86)\AVAST Software\Avast Cleanup\autoreactivator.exe"
IFEO\pcdlauncher.exe: [Debugger] "C:\Program Files (x86)\AVAST Software\Avast Cleanup\autoreactivator.exe"
IFEO\windvd.exe: [Debugger] "C:\Program Files (x86)\AVAST Software\Avast Cleanup\autoreactivator.exe"
Task: {D912A71A-817E-4439-A2E2-F0311A3E6628} - System32\Tasks\{085EBD58-2FDB-436C-B017-8F4BC01F9910} => C:\Windows\system32\pcalua.exe -a C:\Users\Daniel\Desktop\vlc-media-player-seznam-listicka.exe -d C:\Users\Daniel\Desktop
SearchScopes: HKLM -> DefaultScope {DFD08979-7A8C-470E-8C45-0F1FD572B07B} URL =
SearchScopes: HKLM -> {0633EE93-D776-472f-A0FF-E1416B8B2E3A} URL =
SearchScopes: HKLM-x32 -> DefaultScope {9E644027-4B5A-4AAF-8BCF-7F27BBD65FFA} URL =
SearchScopes: HKLM-x32 -> {0633EE93-D776-472f-A0FF-E1416B8B2E3A} URL =
FF Plugin: @microsoft.com/GENUINE -> disabled [No File]
FF Plugin-x32: @microsoft.com/GENUINE -> disabled [No File]
CustomCLSID: HKU\S-1-5-21-960529557-3528276582-3652460945-1001_Classes\CLSID\{162C6FB5-44D3-435B-903D-E613FA093FB5}\InprocServer32 -> C:\Users\Daniel\AppData\Local\Microsoft\OneDrive\17.3.6998.0830_1\amd64\FileCoAuthLib64.dll => No File
AlternateDataStreams: C:\Users\Public\Shared Files:VersionCache [466]

Hosts:
EmptyTemp:
End
*****************

Processes closed successfully.
Restore point was successfully created.

========= Get-ChildItem -Path "$ENV:USERPROFILE\Desktop" -Recurse -Force | Measure-Object -Property Length -Sum =========



Count : 4290
Average :
Sum : 227126914838
Maximum :
Minimum :
Property : Length


========= End of Powershell: =========

================== Zip: ===================
C:\Windows\Minidump -> copied successfully to C:\Users\Daniel\Desktop\20.07.2019_20.12.24.zip
=========== Zip: End ===========
HKU\S-1-5-21-960529557-3528276582-3652460945-1001\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\MountPoints2\{c531a2c8-9846-11e9-a049-f0def1792787} => not found
HKLM\Software\Classes\CLSID\{c531a2c8-9846-11e9-a049-f0def1792787} => not found
HKU\S-1-5-21-960529557-3528276582-3652460945-1001\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\MountPoints2\{e46f0976-fbb3-11e8-a904-f0def1792787} => not found
HKLM\Software\Classes\CLSID\{e46f0976-fbb3-11e8-a904-f0def1792787} => not found
HKLM\Software\microsoft\windows nt\currentversion\Image File Execution Options\adwcleaner_7.0.8.0.exe => not found
HKLM\Software\microsoft\windows nt\currentversion\Image File Execution Options\adwcleaner_7.2.3.1.exe => not found
HKLM\Software\microsoft\windows nt\currentversion\Image File Execution Options\adwcleaner_7.2.4.0.exe => not found
HKLM\Software\microsoft\windows nt\currentversion\Image File Execution Options\bttray.exe => not found
HKLM\Software\microsoft\windows nt\currentversion\Image File Execution Options\iwrap.exe => not found
HKLM\Software\microsoft\windows nt\currentversion\Image File Execution Options\jrt.exe => not found
HKLM\Software\microsoft\windows nt\currentversion\Image File Execution Options\panui.exe => not found
HKLM\Software\microsoft\windows nt\currentversion\Image File Execution Options\pcdlauncher.exe => not found
HKLM\Software\microsoft\windows nt\currentversion\Image File Execution Options\windvd.exe => not found
"HKLM\Software\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tasks\{D912A71A-817E-4439-A2E2-F0311A3E6628}" => not found
"C:\Windows\System32\Tasks\{085EBD58-2FDB-436C-B017-8F4BC01F9910}" => not found
"HKLM\Software\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tree\{085EBD58-2FDB-436C-B017-8F4BC01F9910}" => not found
HKLM\SOFTWARE\Microsoft\Internet Explorer\SearchScopes\\DefaultScope => value restored successfully
HKLM\SOFTWARE\Microsoft\Internet Explorer\SearchScopes\{0633EE93-D776-472f-A0FF-E1416B8B2E3A} => not found
HKLM\Software\Classes\CLSID\{0633EE93-D776-472f-A0FF-E1416B8B2E3A} => not found
HKLM\SOFTWARE\Wow6432Node\Microsoft\Internet Explorer\SearchScopes\\DefaultScope => value restored successfully
HKLM\SOFTWARE\Wow6432Node\Microsoft\Internet Explorer\SearchScopes\{0633EE93-D776-472f-A0FF-E1416B8B2E3A} => not found
HKLM\Software\Wow6432Node\Classes\CLSID\{0633EE93-D776-472f-A0FF-E1416B8B2E3A} => not found
HKLM\Software\MozillaPlugins\@microsoft.com/GENUINE => not found
HKLM\Software\Wow6432Node\MozillaPlugins\@microsoft.com/GENUINE => not found
HKU\S-1-5-21-960529557-3528276582-3652460945-1001_Classes\CLSID\{162C6FB5-44D3-435B-903D-E613FA093FB5} => not found
"C:\Users\Public\Shared Files" => ":VersionCache" ADS not found.
C:\Windows\System32\Drivers\etc\hosts => moved successfully
Hosts restored successfully.

=========== EmptyTemp: ==========

BITS transfer queue => 8388608 B
DOMStore, IE Recovery, AppCache, Feeds Cache, Thumbcache, IconCache => 5211179 B
Java, Flash, Steam htmlcache => 0 B
Windows/system/drivers => 8384 B
Edge => 0 B
Chrome => 0 B
Firefox => 31299281 B
Opera => 0 B

Temp, IE cache, history, cookies, recent:
Users => 0 B
Default => 0 B
Public => 0 B
ProgramData => 0 B
systemprofile => 0 B
systemprofile32 => 0 B
LocalService => 0 B
NetworkService => 0 B
Daniel => 44182 B
Hanička => 0 B

RecycleBin => 0 B
EmptyTemp: => 42.9 MB temporary data Removed.

================================


The system needed a reboot.

==== End of Fixlog 20:12:40 ====

Re: Kontrola logu

Napsal: 20 črc 2019 23:38
od Conder
:arrow: Plocha ma vyse 200 GB, co je prilis vela. Presun vsetky subory a zlozky z plochy do dokumentov a na ploche nechaj iba odkazy/zastupcov. Prilis velka velkost plochy moze sposobit spomalenie systemu.

:arrow: Urob v Malwarebytes uplny sken
  • Otvor Malwarebytes a vlavo klikni na "Skenovat"
  • Klikni na "Vlastne skenovanie" a potom na "Nakonfigurovat skenovanie" (Nastavit sken)
  • Vpravo oznac vsetky disky v PC a vlavo oznac moznost "Vyhladavat rootkity"
  • Klikni na Skenovat teraz a pockaj na dokoncenie
  • Po dokonceni klikni na Exportovat zhrnutie -> Skopirovat do schranky
  • Skopirovany log vloz do dalsej odpovede
  • Obrazkovy navod (bohuzial pre starsiu verziu): https://forum.viry.cz/viewtopic.php?f=29&t=144868

Re: Kontrola logu

Napsal: 21 črc 2019 17:57
od danek
Tak jsem to udělal a zde je výsledek: Skenovalo to snad 5 hodin, hlavně ty soubory.

Malwarebytes
www.malwarebytes.com

-Podrobnosti logovacího souboru-
Datum skenování: 21.07.19
Čas skenování: 12:12
Logovací soubor: 13fc1792-aba0-11e9-8a02-f0def1792787.json

-Informace o softwaru-
Verze: 3.8.3.2965
Verze komponentů: 1.0.613
Aktualizovat verzi balíku komponent: 1.0.11654
Licence: Zkušební

-Systémová informace-
OS: Windows 7 Service Pack 1
CPU: x64
Systém souborů: NTFS
Uživatel: Borovice\Daniel

-Shrnutí skenování-
Typ skenování: Vlastní skenování
Spuštění skenování: Ruční
Výsledek: Dokončeno
Skenované objekty: 288613
Zjištěné hrozby: 0
Hrozby umístěné do karantény: 0
Uplynulý čas: 4 hod, 38 min, 56 sek

-Možnosti skenování-
Paměť: Povoleno
Start: Povoleno
Systém souborů: Povoleno
Archivy: Povoleno
Rootkity: Povoleno
Heuristika: Povoleno
Potenciálně nežádoucí program: Detekovat
Potenciálně nežádoucí modifikace: Detekovat

-Podrobnosti skenování-
Proces: 0
(Nebyly zjištěny žádné škodlivé položky)

Modul: 0
(Nebyly zjištěny žádné škodlivé položky)

Klíč registru: 0
(Nebyly zjištěny žádné škodlivé položky)

Hodnota v registru: 0
(Nebyly zjištěny žádné škodlivé položky)

Data registrů: 0
(Nebyly zjištěny žádné škodlivé položky)

Datové proudy: 0
(Nebyly zjištěny žádné škodlivé položky)

Adresář: 0
(Nebyly zjištěny žádné škodlivé položky)

Soubor: 0
(Nebyly zjištěny žádné škodlivé položky)

Fyzický sektor: 0
(Nebyly zjištěny žádné škodlivé položky)

WMI: 0
(Nebyly zjištěny žádné škodlivé položky)


(end)

Re: Kontrola logu

Napsal: 21 črc 2019 20:51
od Conder
:arrow: Ako to vyzera s PC? Nastala nejaka zmena alebo su este problemy?

Re: Kontrola logu

Napsal: 21 črc 2019 22:14
od danek
Zdravím,

děkuji za pomoc. Zdá se mi, že počítač je teď rychlejší :).

Re: Kontrola logu

Napsal: 23 črc 2019 02:59
od Conder
:arrow: To som rad. Tak este upraceme po pouzitych nastrojoch: :arrow: Malwarebytes si uz povodne mal nainstalovany, ak ho vsak uz nepotrebujes, mozes ho tiez odinstalovat.

Re: Kontrola logu

Napsal: 17 zář 2019 08:09
od danek
OK, hotovo, díky.

Re: Kontrola logu

Napsal: 17 zář 2019 15:16
od Conder
Nie je zaco, rad som pomohol :)