Odvirování PC, zrychlení počítače, vzdálená pomoc prostřednictvím služby neslape.cz

prosím, prosím o kontrolu logu

Nemáte v tuto chvíli žádný problém s pc a chcete se jen ujistit, že je vše v pořádku?
Vložte log z FRST nebo RSIT.

Moderátor: Moderátoři

Pravidla fóra
Pokud chcete pomoc, vložte log z FRST [návod zde] nebo RSIT [návod zde]

Jednotlivé thready budou po vyřešení uzamčeny. Stejně tak ty, které budou nečinné déle než 14 dní. Vizte Pravidlo o zamykání témat. Děkujeme za pochopení.

!NOVINKA!
Nově lze využívat služby vzdálené pomoci, kdy se k vašemu počítači připojí odborník a bližší informace o problému si od vás získá telefonicky! Více na www.neslape.cz
Zamčeno
Zpráva
Autor
matti.sin
Návštěvník
Návštěvník
Příspěvky: 41
Registrován: 16 bře 2018 23:27

prosím, prosím o kontrolu logu

#1 Příspěvek od matti.sin »

prosím o překontrolování, zase mi v mozille vyskakuji 3a vice stejnych oken, dekuji

Scan result of Farbar Recovery Scan Tool (FRST) (x64) Version: 27-01-2021
Ran by absender (administrator) on DESKTOP-L1E66R6 (Gigabyte Technology Co., Ltd. B250M-DS3H) (30-01-2021 15:39:42)
Running from C:\Users\absen\OneDrive\Desktop
Loaded Profiles: absender
Platform: Windows 10 Pro Version 20H2 19042.746 (X64) Language: Čeština (Česko)
Default browser: Edge
Boot Mode: Normal

==================== Processes (Whitelisted) =================

(If an entry is included in the fixlist, the process will be closed. The file will not be moved.)

() [File not signed] C:\Program Files (x86)\GIGABYTE\AppCenter\AdjustService.exe
(Adobe Inc. -> Adobe Systems, Incorporated) C:\Program Files (x86)\Common Files\Adobe\AdobeGCClient\AGMService.exe
(Adobe Inc. -> Adobe Systems, Incorporated) C:\Program Files (x86)\Common Files\Adobe\AdobeGCClient\AGSService.exe
(Avast Software s.r.o. -> AVAST Software) C:\Program Files\Avast Software\Avast\aswEngSrv.exe
(Avast Software s.r.o. -> AVAST Software) C:\Program Files\Avast Software\Avast\aswToolsSvc.exe
(Avast Software s.r.o. -> AVAST Software) C:\Program Files\Avast Software\Avast\AvastSvc.exe
(Avast Software s.r.o. -> AVAST Software) C:\Program Files\Avast Software\Avast\AvastUI.exe <3>
(Avast Software s.r.o. -> AVAST Software) C:\Program Files\Avast Software\Avast\wsc_proxy.exe
(Avast Software s.r.o. -> AVAST Software) C:\Program Files\Avast Software\Cleanup\TuneupSvc.exe
(Avast Software s.r.o. -> AVAST Software) C:\Program Files\Avast Software\Cleanup\TuneupUI.exe <2>
(Avast Software s.r.o. -> AVAST Software) C:\Program Files\Avast Software\Driver Updater\DriverUpdSvc.exe
(GIGA-BYTE TECHNOLOGY CO., LTD. -> ) C:\Program Files (x86)\GIGABYTE\AppCenter\ApCent.exe
(GIGA-BYTE TECHNOLOGY CO., LTD. -> ) C:\Program Files (x86)\GIGABYTE\RGBFusion\RGBFusion.exe
(GIGA-BYTE TECHNOLOGY CO., LTD. -> Gigabyte Technology CO.) C:\Program Files\GIGABYTE\Smart Backup\RPMDaemon.exe
(Google LLC -> Google LLC) C:\Program Files (x86)\Google\Update\1.3.36.52\GoogleCrashHandler.exe
(Google LLC -> Google LLC) C:\Program Files (x86)\Google\Update\1.3.36.52\GoogleCrashHandler64.exe
(Intel(R) Rapid Storage Technology -> Intel Corporation) C:\Windows\System32\DriverStore\FileRepository\iaahcic.inf_amd64_48973fc6c96c696a\RstMwService.exe
(Microsoft Corporation -> Microsoft Corporation) C:\Program Files (x86)\Microsoft\EdgeUpdate\MicrosoftEdgeUpdate.exe
(Microsoft Corporation) C:\Program Files\WindowsApps\Microsoft.WindowsCalculator_10.2012.21.0_x64__8wekyb3d8bbwe\Calculator.exe
(Microsoft Corporation) C:\Program Files\WindowsApps\microsoft.windowscommunicationsapps_16005.13426.20566.0_x64__8wekyb3d8bbwe\HxAccounts.exe
(Microsoft Corporation) C:\Program Files\WindowsApps\microsoft.windowscommunicationsapps_16005.13426.20566.0_x64__8wekyb3d8bbwe\HxOutlook.exe
(Microsoft Corporation) C:\Program Files\WindowsApps\microsoft.windowscommunicationsapps_16005.13426.20566.0_x64__8wekyb3d8bbwe\HxTsr.exe
(Microsoft Corporation) C:\Program Files\WindowsApps\Microsoft.WindowsStore_12011.1001.1.0_x64__8wekyb3d8bbwe\WinStore.App.exe
(Microsoft Windows -> Microsoft Corporation) C:\Windows\ImmersiveControlPanel\SystemSettings.exe
(Microsoft Windows -> Microsoft Corporation) C:\Windows\System32\dllhost.exe <2>
(Microsoft Windows -> Microsoft Corporation) C:\Windows\System32\oobe\UserOOBEBroker.exe
(Microsoft Windows -> Microsoft Corporation) C:\Windows\System32\smartscreen.exe
(Microsoft Windows -> Microsoft Corporation) C:\Windows\System32\WWAHost.exe
(NVIDIA Corporation -> NVIDIA Corporation) C:\Program Files\NVIDIA Corporation\Display.NvContainer\NVDisplay.Container.exe <2>
(Realtek Semiconductor Corp. -> Realtek Semiconductor) C:\Windows\System32\DriverStore\FileRepository\realtekservice.inf_amd64_74518f403e753586\RtkAudUService64.exe <2>
(TeamViewer Germany GmbH -> TeamViewer Germany GmbH) C:\Program Files (x86)\TeamViewer\TeamViewer_Service.exe

==================== Registry (Whitelisted) ===================

(If an entry is included in the fixlist, the registry item will be restored to default or removed. The file will not be moved.)

HKLM\...\Run: [RtkAudUService] => C:\WINDOWS\System32\DriverStore\FileRepository\realtekservice.inf_amd64_74518f403e753586\RtkAudUService64.exe [1219312 2020-12-24] (Realtek Semiconductor Corp. -> Realtek Semiconductor)
HKLM\...\Run: [AvastUI.exe] => C:\Program Files\Avast Software\Avast\AvLaunch.exe [117352 2020-12-18] (Avast Software s.r.o. -> AVAST Software)
HKLM\...\Run: [AdobeGCInvoker-1.0] => C:\Program Files (x86)\Common Files\Adobe\AdobeGCClient\AGCInvokerUtility.exe [3402832 2020-09-23] (Adobe Inc. -> Adobe Systems, Incorporated)
HKLM\...\Run: [AdobeAAMUpdater-1.0] => C:\Program Files (x86)\Common Files\Adobe\OOBE\PDApp\UWA\UpdaterStartupUtility.exe [509936 2018-04-10] (Adobe Systems Incorporated -> Adobe Systems Incorporated)
HKLM\...\Run: [TuneupUI.exe] => C:\Program Files\Avast Software\Cleanup\TuneupUI.exe [2596704 2021-01-09] (Avast Software s.r.o. -> AVAST Software)
HKLM\...\Run: [DriverUpdUI.exe] => C:\Program Files\Avast Software\Driver Updater\DriverUpdUI.exe [2863840 2021-01-24] (Avast Software s.r.o. -> AVAST Software)
HKLM\...\Run: [IAStorIcon] => C:\Program Files\Intel\Intel(R) Rapid Storage Technology\IAStorIcon.exe [321112 2019-12-09] (Intel(R) Rapid Storage Technology -> Intel Corporation)
HKLM-x32\...\Run: [GrooveMonitor] => C:\Program Files (x86)\Microsoft Office\Office12\GrooveMonitor.exe [30040 2009-02-26] (Microsoft Corporation -> Microsoft Corporation)
HKLM-x32\...\Run: [Acrobat Assistant 8.0] => C:\Program Files (x86)\Adobe\Acrobat DC\Acrobat\Acrotray.exe [5641776 2020-07-31] (Adobe Inc. -> Adobe Systems Inc.)
HKLM\...\RunOnce: [RPMKickstart] => C:\Program Files\GIGABYTE\Smart Backup\RPMKickstartEx.exe [2320384 2014-04-01] (TODO: <Company name>) [File not signed]
HKLM-x32\...\RunOnce: [DualBiosRescue] => C:\Program Files (x86)\GIGABYTE\GigabyteFirmwareUpdateUtility\dbrro.exe [12096 2015-08-19] (GIGA-BYTE TECHNOLOGY CO., LTD. -> )
HKLM-x32\...\RunOnce: [SelLed] => C:\Program Files (x86)\GIGABYTE\RGBFusion\RunLed.exe [50096 2019-04-29] (GIGA-BYTE TECHNOLOGY CO., LTD. -> )
HKU\S-1-5-19\...\RunOnce: [WAB Migrate] => C:\Program Files\Windows Mail\wab.exe [518656 2019-12-07] (Microsoft Windows -> Microsoft Corporation)
HKU\S-1-5-20\...\RunOnce: [WAB Migrate] => C:\Program Files\Windows Mail\wab.exe [518656 2019-12-07] (Microsoft Windows -> Microsoft Corporation)
HKU\S-1-5-21-1975070713-3845745136-328932001-1001\...\MountPoints2: {e904fb9b-ea10-11ea-9635-e0d55e1a247e} - "G:\HiSuiteDownLoader.exe"
HKLM\...\Print\Monitors\Adobe PDF Port Monitor: C:\WINDOWS\system32\AdobePDF.dll [65488 2020-03-05] (Adobe Inc. -> Adobe Systems Inc)
HKLM\Software\Microsoft\Active Setup\Installed Components: [{8A69D345-D564-463c-AFF1-A69D9E530F96}] -> C:\Program Files\Google\Chrome\Application\88.0.4324.104\Installer\chrmstp.exe [2021-01-30] (Google LLC -> Google LLC)
BootExecute: autocheck autochk * icarus_rvrt.exe
HKLM\SOFTWARE\Policies\Mozilla\Firefox: Restriction <==== ATTENTION

==================== Scheduled Tasks (Whitelisted) ============

(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)

Task: {04A9D8DD-C805-46F5-9B76-7EEFD442947E} - System32\Tasks\GoogleUpdateTaskMachineCore => C:\Program Files (x86)\Google\Update\GoogleUpdate.exe [155592 2020-10-15] (Google LLC -> Google LLC)
Task: {1B44D5D6-76F9-402D-95F0-5F4BAEF9B316} - System32\Tasks\Adobe Acrobat Update Task => C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\AdobeARM.exe [1349200 2020-11-03] (Adobe Inc. -> Adobe Inc.)
Task: {20266CA5-1927-466B-8CE9-7DA746BDBF90} - System32\Tasks\LiquidSensord => C:\Program Files (x86)\GIGABYTE\EasyTuneEngineService\LiquidSensord.exe [251616 2020-11-03] (GIGA-BYTE TECHNOLOGY CO., LTD. -> GIGA-BYTE TECHNOLOGY CO., LTD.)
Task: {2CD0BA19-9626-417D-A6F8-09F1DA2326F0} - System32\Tasks\Intel PTT EK Recertification => C:\Program Files\Intel\Intel(R) Management Engine Components\iCLS\IntelPTTEKRecertification.exe [837344 2018-09-14] (Intel(R) Trust Services -> Intel(R) Corporation)
Task: {429A9758-1C9D-4D04-AD8E-1A4DF813D85C} - System32\Tasks\Avast Software\Avast Cleanup Update => C:\Program Files\Common Files\Avast Software\Icarus\avast-tu\icarus.exe [5442656 2020-11-25] (Avast Software s.r.o. -> Avast Software)
Task: {43B3FFBA-0447-4C2B-B2BE-6D70D2E9DC9B} - System32\Tasks\Avast Software\Avast Cleanup Update BugReport => C:\Program Files\Avast Software\Cleanup\AvBugReport.exe [2812624 2021-01-09] (Avast Software s.r.o. -> AVAST Software) -> --send "dumps|report" --silent --product 62 --programpath "C:\Program Files\Avast Software\Cleanup\Setup\.." --configpath "C:\Program Files\Avast Software\Cleanup\Setup" --path "C:\ProgramData\Avast Software\Cleanup\log" --path "C:\ProgramData\Avast Software\Icarus\Logs" --guid b45ffe40-578f-40a3-a30d-182011146df5
Task: {509F768F-4A31-4417-9C20-C1B3B413FBDB} - System32\Tasks\Avast Software\Overseer => C:\Program Files\Common Files\AVAST Software\Overseer\overseer.exe [1741416 2020-09-19] (Avast Software s.r.o. -> Avast Software)
Task: {56138744-24F0-4AD7-8CE9-C75DD61612D2} - System32\Tasks\Avast Software\Avast Driver Updater Update => C:\Program Files\Common Files\Avast Software\Icarus\avast-du\icarus.exe [5491424 2021-01-04] (Avast Software s.r.o. -> Avast Software)
Task: {6AAB2ABA-5067-433C-B358-B15DB919E7F8} - System32\Tasks\Avast Software\Avast Driver Updater BugReport => C:\Program Files\Avast Software\Driver Updater\AvBugReport.exe [4648160 2021-01-24] (Avast Software s.r.o. -> AVAST Software) -> --send "dumps|report" --silent --product 148 --programpath "C:\Program Files\Avast Software\Driver Updater\Setup\.." --configpath "C:\Program Files\Avast Software\Driver Updater\Setup" --path "C:\ProgramData\Avast Software\Driver Updater\log" --path "C:\ProgramData\Avast Software\Icarus\Logs" --guid df2e2187-a078-4784-a3bf-6fb742189837
Task: {81C72E17-01F9-402F-A9DA-9EA65F41D783} - System32\Tasks\EasyTune 1 => C:\Program Files (x86)\GIGABYTE\EasyTune\etocfile.exe [18144 2020-02-14] (GIGA-BYTE TECHNOLOGY CO., LTD. -> GIGA-BYTE TECHNOLOGY CO., LTD.)
Task: {9E1A6831-8B8E-43CB-B6BD-6CB79FE857CD} - System32\Tasks\SIV-VGA => C:\Program Files (x86)\GIGABYTE\SIV\sensord.exe [254176 2020-11-03] (GIGA-BYTE TECHNOLOGY CO., LTD. -> GIGA-BYTE TECHNOLOGY CO., LTD.)
Task: {A58872EC-F761-4894-8ACE-2FB94CC9E7AF} - System32\Tasks\EasyTune => C:\Program Files (x86)\GIGABYTE\EasyTune\etinit.exe [15792 2019-02-21] (GIGA-BYTE TECHNOLOGY CO., LTD. -> GIGA-BYTE TECHNOLOGY CO., LTD.)
Task: {BDB5C631-0FCA-40D5-B19C-578A028286CD} - System32\Tasks\GoogleUpdateTaskMachineUA => C:\Program Files (x86)\Google\Update\GoogleUpdate.exe [155592 2020-10-15] (Google LLC -> Google LLC)
Task: {CFE24438-54B8-43F7-B7B0-C8204E08FDE8} - System32\Tasks\GraphicsCardEngine => C:\Program Files (x86)\GIGABYTE\EasyTuneEngineService\GraphicsCardEngineStarter.exe [233184 2020-10-16] (GIGA-BYTE TECHNOLOGY CO., LTD. -> GIGA-BYTE TECHNOLOGY CO., LTD.)
Task: {EE3D005B-A587-4B34-968B-4FD0F83C2DA2} - System32\Tasks\Avast Emergency Update => C:\Program Files\Avast Software\Avast\AvEmUpdate.exe [4621920 2020-12-18] (Avast Software s.r.o. -> AVAST Software)
Task: {F58F2464-91F8-4FFC-B09F-D3B11F4A2AB4} - System32\Tasks\SIV => C:\Program Files (x86)\GIGABYTE\SIV\thermald.exe [387808 2020-11-03] (GIGA-BYTE TECHNOLOGY CO., LTD. -> GIGA-BYTE TECHNOLOGY CO., LTD.)
Task: {FE80DFE9-FDB9-422E-BCB3-2050641C9150} - System32\Tasks\AdobeGCInvoker-1.0 => C:\Program Files (x86)\Common Files\Adobe\AdobeGCClient\AGCInvokerUtility.exe [3402832 2020-09-23] (Adobe Inc. -> Adobe Systems, Incorporated)

(If an entry is included in the fixlist, the task (.job) file will be moved. The file which is running by the task will not be moved.)


==================== Internet (Whitelisted) ====================

(If an item is included in the fixlist, if it is a registry item it will be removed or restored to default.)

Hosts: There are more than one entry in Hosts. See Hosts section of Addition.txt
Tcpip\Parameters: [DhcpNameServer] 192.168.0.1
Tcpip\..\Interfaces\{d425a2fe-1aa1-4b2a-84a4-5f965c9a6349}: [DhcpNameServer] 192.168.0.1

Edge:
=======
Edge DefaultProfile: Default
Edge Profile: C:\Users\absen\AppData\Local\Microsoft\Edge\User Data\Default [2021-01-30]

FireFox:
========
FF DefaultProfile: ykb1veku.default
FF ProfilePath: C:\Users\absen\AppData\Roaming\Mozilla\Firefox\Profiles\ykb1veku.default [2020-08-02]
FF ProfilePath: C:\Users\absen\AppData\Roaming\Mozilla\Firefox\Profiles\3p7qohr9.default-release [2021-01-30]
FF Homepage: Mozilla\Firefox\Profiles\3p7qohr9.default-release -> seznam.cz
FF Notifications: Mozilla\Firefox\Profiles\3p7qohr9.default-release -> hxxps://web.whatsapp.com
FF Extension: (youtube-flash-html) - C:\Users\absen\AppData\Roaming\Mozilla\Firefox\Profiles\3p7qohr9.default-release\Extensions\jid1-o2qEVrZ4t5FJWu@jetpack.xpi [2020-12-31]
FF Extension: (Stylish - Custom themes for any website) - C:\Users\absen\AppData\Roaming\Mozilla\Firefox\Profiles\3p7qohr9.default-release\Extensions\{46551EC9-40F0-4e47-8E18-8E5CF550CFB8}.xpi [2020-08-02]
FF Extension: (Dark Theme for Facebook™) - C:\Users\absen\AppData\Roaming\Mozilla\Firefox\Profiles\3p7qohr9.default-release\Extensions\{a2ededde-8633-4305-92f0-46676a0784a3}.xpi [2020-08-02]
FF Extension: (HTML5 Video Player) - C:\Users\absen\AppData\Roaming\Mozilla\Firefox\Profiles\3p7qohr9.default-release\Extensions\{b9601b48-2ef5-4384-b831-565b4d08a5b4}.xpi [2020-12-31]
FF HKLM\...\Firefox\Extensions: [web2pdfextension.17@acrobat.adobe.com] - C:\Program Files (x86)\Adobe\Acrobat DC\Acrobat\Browser\WCFirefoxExtn\WebExtn\signed_extn\adobe_acrobat-1.0-windows.xpi
FF Extension: (Adobe Acrobat) - C:\Program Files (x86)\Adobe\Acrobat DC\Acrobat\Browser\WCFirefoxExtn\WebExtn\signed_extn\adobe_acrobat-1.0-windows.xpi [2020-03-05]
FF HKLM-x32\...\Firefox\Extensions: [web2pdfextension.17@acrobat.adobe.com] - C:\Program Files (x86)\Adobe\Acrobat DC\Acrobat\Browser\WCFirefoxExtn\WebExtn\signed_extn\adobe_acrobat-1.0-windows.xpi
FF Plugin: @videolan.org/vlc,version=2.1.0 -> C:\Program Files\VideoLAN\VLC\npvlc.dll [2020-06-04] (VideoLAN -> VideoLAN)
FF Plugin: @videolan.org/vlc,version=3.0.11 -> C:\Program Files\VideoLAN\VLC\npvlc.dll [2020-06-04] (VideoLAN -> VideoLAN)
FF Plugin: adobe.com/AdobeAAMDetect -> C:\Program Files (x86)\Common Files\Adobe\OOBE\PDApp\CCM\Utilities\npAdobeAAMDetect64.dll [2015-01-23] (Adobe Systems Incorporated -> Adobe Systems)
FF Plugin-x32: Adobe Acrobat -> C:\Program Files (x86)\Adobe\Acrobat DC\Acrobat\Air\nppdf32.dll [2020-07-31] (Adobe Inc. -> Adobe Systems Inc.)
FF Plugin-x32: adobe.com/AdobeAAMDetect -> C:\Program Files (x86)\Common Files\Adobe\OOBE\PDApp\CCM\Utilities\npAdobeAAMDetect32.dll [2015-01-23] (Adobe Systems Incorporated -> Adobe Systems)

Chrome:
=======
CHR Profile: C:\Users\absen\AppData\Local\Google\Chrome\User Data\Default [2021-01-09]
CHR Extension: (Prezentace) - C:\Users\absen\AppData\Local\Google\Chrome\User Data\Default\Extensions\aapocclcgogkmnckokdopfmhonfmgoek [2020-10-15]
CHR Extension: (Dokumenty) - C:\Users\absen\AppData\Local\Google\Chrome\User Data\Default\Extensions\aohghmighlieiainnegkcijnfilokake [2020-10-15]
CHR Extension: (Disk Google) - C:\Users\absen\AppData\Local\Google\Chrome\User Data\Default\Extensions\apdfllckaahabafndbhieahigkjlhalf [2020-10-15]
CHR Extension: (YouTube) - C:\Users\absen\AppData\Local\Google\Chrome\User Data\Default\Extensions\blpcfgokakmgnkcojhhkbfbldkacnbeo [2020-10-15]
CHR Extension: (Adobe Acrobat) - C:\Users\absen\AppData\Local\Google\Chrome\User Data\Default\Extensions\efaidnbmnnnibpcajpcglclefindmkaj [2020-10-15]
CHR Extension: (Tabulky) - C:\Users\absen\AppData\Local\Google\Chrome\User Data\Default\Extensions\felcaaldnbdncclmgdcncolpebgiejap [2020-10-15]
CHR Extension: (Dokumenty Google offline) - C:\Users\absen\AppData\Local\Google\Chrome\User Data\Default\Extensions\ghbmnnjooekpmoecnnnilnnbdlolhkhi [2020-10-15]
CHR Extension: (Platby Internetového obchodu Chrome) - C:\Users\absen\AppData\Local\Google\Chrome\User Data\Default\Extensions\nmmhkkegccagdldgiimedpiccmgmieda [2020-10-15]
CHR Extension: (Gmail) - C:\Users\absen\AppData\Local\Google\Chrome\User Data\Default\Extensions\pjkljhegncpnkpknbcohdijeoejaedia [2020-10-15]
CHR Extension: (Chrome Media Router) - C:\Users\absen\AppData\Local\Google\Chrome\User Data\Default\Extensions\pkedcjkdefgpdelpbcmbmeomcjbeemfm [2020-10-15]
CHR HKLM-x32\...\Chrome\Extension: [efaidnbmnnnibpcajpcglclefindmkaj]

==================== Services (Whitelisted) ===================

(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)

S4 AdobeARMservice; C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\armsvc.exe [170056 2020-11-03] (Adobe Inc. -> Adobe Inc.)
R2 AGMService; C:\Program Files (x86)\Common Files\Adobe\AdobeGCClient\AGMService.exe [3739728 2020-09-23] (Adobe Inc. -> Adobe Systems, Incorporated)
R2 AGSService; C:\Program Files (x86)\Common Files\Adobe\AdobeGCClient\AGSService.exe [3511376 2020-09-23] (Adobe Inc. -> Adobe Systems, Incorporated)
S3 AppleChargerSrv; C:\WINDOWS\System32\AppleChargerSrv.exe [31272 2010-04-06] (Giga-Byte Technology -> )
S3 aswbIDSAgent; C:\Program Files\Avast Software\Avast\aswidsagent.exe [8477080 2020-12-18] (Avast Software s.r.o. -> AVAST Software)
R2 avast! Antivirus; C:\Program Files\Avast Software\Avast\AvastSvc.exe [621728 2020-12-18] (Avast Software s.r.o. -> AVAST Software)
R2 avast! Tools; C:\Program Files\Avast Software\Avast\aswToolsSvc.exe [351848 2020-12-18] (Avast Software s.r.o. -> AVAST Software)
R2 AvastWscReporter; C:\Program Files\Avast Software\Avast\wsc_proxy.exe [58048 2020-12-18] (Avast Software s.r.o. -> AVAST Software)
R2 CleanupPSvc; C:\Program Files\Avast Software\Cleanup\TuneupSvc.exe [12968552 2021-01-09] (Avast Software s.r.o. -> AVAST Software)
R2 DriverUpdSvc; C:\Program Files\Avast Software\Driver Updater\DriverUpdSvc.exe [5986528 2021-01-24] (Avast Software s.r.o. -> AVAST Software)
S4 EasyTuneEngineService; C:\Program Files (x86)\GIGABYTE\EasyTuneEngineService\EasyTuneEngineService.exe [144608 2020-11-05] (GIGA-BYTE TECHNOLOGY CO., LTD. -> GIGA-BYTE TECHNOLOGY CO., LTD.)
S3 FvSvc; C:\Program Files\NVIDIA Corporation\FrameViewSDK\nvfvsdksvc_x64.exe [287720 2020-12-31] (NVIDIA Corporation -> NVIDIA)
R2 gadjservice; C:\Program Files (x86)\GIGABYTE\AppCenter\AdjustService.exe [17920 2015-06-25] () [File not signed]
S4 Gservice; C:\Program Files (x86)\GIGABYTE\GService\GCloud.exe [19888 2016-12-02] (GIGA-BYTE TECHNOLOGY CO., LTD. -> Microsoft)
S4 HwmRecordService; C:\Program Files (x86)\GIGABYTE\SIV\HwmRecordService.exe [128736 2020-11-03] (GIGA-BYTE TECHNOLOGY CO., LTD. -> GIGA-BYTE TECHNOLOGY CO., LTD.)
S4 OcButtonService; C:\Program Files (x86)\GIGABYTE\EasyTuneEngineService\OcButtonService.exe [125664 2020-11-03] (GIGA-BYTE TECHNOLOGY CO., LTD. -> GIGA-BYTE TECHNOLOGY CO., LTD.)
R2 RtkAudioUniversalService; C:\WINDOWS\System32\DriverStore\FileRepository\realtekservice.inf_amd64_74518f403e753586\RtkAudUService64.exe [1219312 2020-12-24] (Realtek Semiconductor Corp. -> Realtek Semiconductor)
S3 Sense; C:\Program Files\Windows Defender Advanced Threat Protection\MsSense.exe [5198064 2021-01-13] (Microsoft Windows Publisher -> Microsoft Corporation)
R2 TeamViewer; C:\Program Files (x86)\TeamViewer\TeamViewer_Service.exe [12834584 2021-01-22] (TeamViewer Germany GmbH -> TeamViewer Germany GmbH)
S3 WdNisSvc; C:\Program Files\Windows Defender\NisSrv.exe [3004048 2019-12-07] (Microsoft Windows Publisher -> Microsoft Corporation)
S3 WinDefend; C:\Program Files\Windows Defender\MsMpEng.exe [103384 2019-12-07] (Microsoft Windows Publisher -> Microsoft Corporation)

===================== Drivers (Whitelisted) ===================

(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)

R1 AppleCharger; C:\WINDOWS\System32\DRIVERS\AppleCharger.sys [22240 2013-10-28] (GIGA-BYTE TECHNOLOGY CO., LTD. -> )
R0 aswArDisk; C:\WINDOWS\System32\drivers\aswArDisk.sys [36792 2020-12-18] (Avast Software s.r.o. -> AVAST Software)
R1 aswArPot; C:\WINDOWS\System32\drivers\aswArPot.sys [208672 2020-12-18] (Avast Software s.r.o. -> AVAST Software)
R1 aswbidsdriver; C:\WINDOWS\System32\drivers\aswbidsdriver.sys [332880 2020-12-18] (Avast Software s.r.o. -> AVAST Software)
R0 aswbidsh; C:\WINDOWS\System32\drivers\aswbidsh.sys [247888 2020-12-18] (Avast Software s.r.o. -> AVAST Software)
R0 aswbuniv; C:\WINDOWS\System32\drivers\aswbuniv.sys [97360 2020-12-18] (Avast Software s.r.o. -> AVAST Software)
R0 aswElam; C:\WINDOWS\System32\drivers\aswElam.sys [16832 2020-12-18] (Microsoft Windows Early Launch Anti-malware Publisher -> AVAST Software)
R1 aswKbd; C:\WINDOWS\System32\drivers\aswKbd.sys [42424 2020-12-18] (Avast Software s.r.o. -> AVAST Software)
R1 aswMonFlt; C:\WINDOWS\System32\drivers\aswMonFlt.sys [176384 2020-12-18] (Avast Software s.r.o. -> AVAST Software)
R1 aswNetHub; C:\WINDOWS\System32\drivers\aswNetHub.sys [522480 2020-12-18] (Avast Software s.r.o. -> AVAST Software)
R1 aswRdr; C:\WINDOWS\System32\drivers\aswRdr2.sys [108928 2020-12-18] (Avast Software s.r.o. -> AVAST Software)
R0 aswRvrt; C:\WINDOWS\System32\drivers\aswRvrt.sys [84496 2020-12-18] (Avast Software s.r.o. -> AVAST Software)
R1 aswSnx; C:\WINDOWS\System32\drivers\aswSnx.sys [851256 2020-12-18] (Avast Software s.r.o. -> AVAST Software)
R1 aswSP; C:\WINDOWS\System32\drivers\aswSP.sys [468888 2021-01-09] (Avast Software s.r.o. -> AVAST Software)
S2 aswStm; C:\WINDOWS\System32\drivers\aswStm.sys [214808 2021-01-09] (Avast Software s.r.o. -> AVAST Software)
R0 aswVmm; C:\WINDOWS\System32\drivers\aswVmm.sys [324904 2021-01-09] (Avast Software s.r.o. -> AVAST Software)
S3 BthA2dp; C:\WINDOWS\System32\drivers\BthA2dp.sys [279040 2019-12-07] (Microsoft Corporation) [File not signed]
R1 EneTechIo; C:\WINDOWS\system32\drivers\ene.sys [20992 2020-05-12] (Microsoft Windows Hardware Compatibility Publisher -> )
R3 gdrv2; C:\WINDOWS\gdrv2.sys [32600 2021-01-24] (GIGA-BYTE Technology Co., Ltd. -> GIGA-BYTE TECHNOLOGY CO., LTD.)
R3 int0800; C:\WINDOWS\System32\drivers\flashud.sys [62984 2019-08-28] (Intel Corporation -> Intel Corporation)
S3 SWDUMon; C:\WINDOWS\system32\DRIVERS\SWDUMon.sys [25608 2020-08-02] (AVG Technologies CZ, s.r.o. -> SlimWare Utilities, Inc.)
S1 UsbCharger; C:\WINDOWS\System32\DRIVERS\UsbCharger.sys [22240 2013-10-24] (GIGA-BYTE TECHNOLOGY CO., LTD. -> )
S3 WdBoot; C:\WINDOWS\system32\drivers\WdBoot.sys [46688 2019-12-07] (Microsoft Windows Early Launch Anti-malware Publisher -> Microsoft Corporation)
S3 WdFilter; C:\WINDOWS\system32\drivers\WdFilter.sys [350136 2019-12-07] (Microsoft Windows -> Microsoft Corporation)
S3 WdNisDrv; C:\WINDOWS\System32\Drivers\WdNisDrv.sys [54200 2019-12-07] (Microsoft Windows -> Microsoft Corporation)

==================== NetSvcs (Whitelisted) ===================

(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)


==================== One month (created) (Whitelisted) =========

(If an entry is included in the fixlist, the file/folder will be moved.)

2021-01-30 15:39 - 2021-01-30 15:39 - 000000000 ____D C:\FRST
2021-01-30 14:00 - 2021-01-30 14:33 - 000000000 ____D C:\Program Files (x86)\TeamViewer
2021-01-30 14:00 - 2021-01-30 14:22 - 000000000 ____D C:\Users\absen\AppData\Local\TeamViewer
2021-01-30 14:00 - 2021-01-30 14:15 - 000000000 ____D C:\Users\absen\AppData\Roaming\TeamViewer
2021-01-30 14:00 - 2021-01-30 14:00 - 029349096 _____ (TeamViewer Germany GmbH) C:\Users\absen\Downloads\TeamViewer_Setup.exe
2021-01-30 14:00 - 2021-01-30 14:00 - 000001112 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Programs\TeamViewer.lnk
2021-01-30 14:00 - 2021-01-30 14:00 - 000001100 _____ C:\Users\Public\Desktop\TeamViewer.lnk
2021-01-30 14:00 - 2021-01-30 14:00 - 000001100 _____ C:\ProgramData\Desktop\TeamViewer.lnk
2021-01-27 11:19 - 2021-01-27 11:19 - 000460896 _____ C:\WINDOWS\system32\FNTCACHE.DAT
2021-01-25 00:08 - 2021-01-25 00:08 - 000000000 ____D C:\Users\absen\OneDrive\Dokumenty\temp
2021-01-25 00:07 - 2021-01-25 00:07 - 000003794 _____ C:\WINDOWS\system32\Tasks\Intel PTT EK Recertification
2021-01-25 00:04 - 2021-01-25 00:04 - 000002206 _____ C:\Users\Public\Desktop\RGBFusion 2.0.lnk
2021-01-25 00:04 - 2021-01-25 00:04 - 000002206 _____ C:\ProgramData\Desktop\RGBFusion 2.0.lnk
2021-01-25 00:04 - 2021-01-25 00:04 - 000000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\AORUS
2021-01-25 00:04 - 2021-01-25 00:04 - 000000000 ____D C:\Program Files\Patriot
2021-01-25 00:04 - 2021-01-25 00:04 - 000000000 ____D C:\Program Files\ENE
2021-01-25 00:04 - 2021-01-25 00:04 - 000000000 ____D C:\Program Files (x86)\ENE
2021-01-25 00:04 - 2020-05-12 01:28 - 000020992 _____ C:\WINDOWS\system32\Drivers\ene.sys
2021-01-25 00:01 - 2021-01-26 12:16 - 000002660 _____ C:\WINDOWS\system32\Tasks\GraphicsCardEngine
2021-01-25 00:01 - 2021-01-26 10:51 - 000002676 _____ C:\WINDOWS\system32\Tasks\EasyTune 1
2021-01-25 00:01 - 2021-01-26 10:51 - 000002576 _____ C:\WINDOWS\system32\Tasks\EasyTune
2021-01-25 00:01 - 2021-01-26 10:51 - 000002566 _____ C:\WINDOWS\system32\Tasks\SIV-VGA
2021-01-25 00:01 - 2021-01-26 10:51 - 000002560 _____ C:\WINDOWS\system32\Tasks\SIV
2021-01-25 00:01 - 2021-01-25 00:02 - 000000000 ____D C:\Program Files\GIGABYTE
2021-01-25 00:01 - 2013-10-28 10:02 - 000022240 _____ C:\WINDOWS\system32\Drivers\AppleCharger.sys
2021-01-25 00:01 - 2013-10-24 17:29 - 000022240 _____ C:\WINDOWS\system32\Drivers\UsbCharger.sys
2021-01-25 00:01 - 2010-04-06 16:30 - 000031272 _____ C:\WINDOWS\system32\AppleChargerSrv.exe
2021-01-25 00:00 - 2021-01-25 00:00 - 000000000 ___RD C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Intel
2021-01-25 00:00 - 2021-01-25 00:00 - 000000000 ____D C:\Users\absen\AppData\Roaming\Intel Corporation
2021-01-25 00:00 - 2021-01-25 00:00 - 000000000 ____D C:\Program Files\Common Files\Intel Corporation
2021-01-25 00:00 - 2021-01-25 00:00 - 000000000 ____D C:\Program Files\Common Files\Intel
2021-01-24 23:59 - 2021-01-25 00:00 - 000000000 ____D C:\Program Files (x86)\Intel
2021-01-24 23:59 - 2021-01-24 23:59 - 000000000 ___HD C:\Program Files (x86)\Temp
2021-01-24 23:59 - 2021-01-24 23:59 - 000000000 ____D C:\Users\absen\Intel
2021-01-24 23:59 - 2021-01-24 23:59 - 000000000 ____D C:\ProgramData\Intel
2021-01-24 23:59 - 2021-01-24 23:59 - 000000000 ____D C:\Program Files (x86)\Realtek
2021-01-24 23:59 - 2020-01-15 14:02 - 038215254 _____ C:\WINDOWS\system32\Drivers\RTAIODAT.DAT
2021-01-24 23:59 - 2019-12-19 08:07 - 002877104 ____R (Realtek Semiconductor Corp.) C:\WINDOWS\RtlExUpd.dll
2021-01-24 23:58 - 2021-01-25 00:00 - 000000000 ____D C:\Program Files\Intel
2021-01-24 23:57 - 2021-01-25 00:02 - 000000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\GIGABYTE
2021-01-24 23:56 - 2021-01-24 23:56 - 000032600 ____N (GIGA-BYTE TECHNOLOGY CO., LTD.) C:\WINDOWS\gdrv2.sys
2021-01-24 23:54 - 2021-01-26 12:16 - 000002624 _____ C:\WINDOWS\system32\Tasks\LiquidSensord
2021-01-24 23:54 - 2021-01-25 00:04 - 000000000 ___HD C:\Program Files (x86)\InstallShield Installation Information
2021-01-24 23:54 - 2021-01-25 00:04 - 000000000 ____D C:\Users\absen\AppData\Local\Downloaded Installations
2021-01-24 23:54 - 2021-01-25 00:04 - 000000000 ____D C:\ProgramData\Package Cache
2021-01-24 23:54 - 2021-01-25 00:04 - 000000000 ____D C:\Program Files (x86)\GIGABYTE
2021-01-24 23:54 - 2021-01-24 23:54 - 000000000 ____D C:\Users\absen\Downloads\mb_utility_app_center_B20.0506.1
2021-01-24 23:54 - 2015-06-02 10:50 - 000005120 _____ (Windows (R) Win 7 DDK provider) C:\WINDOWS\system32\acpimof_ocpanel.dll
2021-01-24 23:53 - 2021-01-24 23:53 - 054106693 _____ C:\Users\absen\Downloads\mb_utility_app_center_B20.0506.1.zip
2021-01-24 23:40 - 2021-01-24 23:40 - 002738087 _____ C:\Users\absen\Downloads\mb_driver_chipset_intel_10.1.18243.8188.zip
2021-01-24 23:39 - 2021-01-24 23:39 - 034998662 _____ C:\Users\absen\Downloads\mb_driver_audio_realtek_8703.zip
2021-01-24 23:39 - 2021-01-24 23:39 - 005655597 _____ C:\Users\absen\Downloads\mb_bios_ga-b250m-ds3h_f9.zip
2021-01-24 23:30 - 2021-01-24 23:30 - 000000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\FinalWire
2021-01-24 23:30 - 2021-01-24 23:30 - 000000000 ____D C:\Program Files (x86)\FinalWire
2021-01-24 23:14 - 2020-12-31 15:03 - 000069608 _____ C:\WINDOWS\system32\FvSDK_x64.dll
2021-01-24 23:14 - 2020-12-31 15:03 - 000058344 _____ C:\WINDOWS\SysWOW64\FvSDK_x86.dll
2021-01-24 23:08 - 2021-01-24 23:08 - 000002283 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Avast Driver Updater.lnk
2021-01-24 23:08 - 2021-01-24 23:08 - 000002271 _____ C:\Users\Public\Desktop\Avast Driver Updater.lnk
2021-01-24 23:08 - 2021-01-24 23:08 - 000002271 _____ C:\ProgramData\Desktop\Avast Driver Updater.lnk
2021-01-24 23:05 - 2021-01-24 23:05 - 001093336 _____ (Avast Software) C:\Users\absen\Downloads\avast_driver_updater_online_setup.exe
2021-01-20 21:26 - 2021-01-20 21:26 - 000057648 _____ C:\Users\absen\Downloads\A200115_VEN_028_DANE_2019_MALY_1.XLSX
2021-01-20 12:07 - 2021-01-20 12:08 - 000294291 _____ C:\Users\absen\Downloads\IF_5405_26.pdf
2021-01-20 12:02 - 2021-01-20 12:02 - 000057379 _____ C:\Users\absen\Downloads\A210113_VEN_004_DANE_2020_MALY1.XLSX
2021-01-13 01:40 - 2021-01-13 01:40 - 000729600 _____ (Microsoft Corporation) C:\WINDOWS\system32\hhctrl.ocx
2021-01-13 01:40 - 2021-01-13 01:40 - 000595968 _____ (Microsoft Corporation) C:\WINDOWS\system32\appwiz.cpl
2021-01-13 01:40 - 2021-01-13 01:40 - 000581120 _____ (Microsoft Corporation) C:\WINDOWS\system32\PhotoScreensaver.scr
2021-01-13 01:40 - 2021-01-13 01:40 - 000575488 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\hhctrl.ocx
2021-01-13 01:40 - 2021-01-13 01:40 - 000499200 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\PhotoScreensaver.scr
2021-01-13 01:40 - 2021-01-13 01:40 - 000469504 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\appwiz.cpl
2021-01-13 01:40 - 2021-01-13 01:40 - 000467968 _____ C:\WINDOWS\system32\AssignedAccessCsp.dll
2021-01-13 01:40 - 2021-01-13 01:40 - 000304128 _____ (Microsoft Corporation) C:\WINDOWS\system32\ksproxy.ax
2021-01-13 01:40 - 2021-01-13 01:40 - 000234496 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\ksproxy.ax
2021-01-13 01:40 - 2021-01-13 01:40 - 000170496 _____ (Microsoft Corporation) C:\WINDOWS\system32\VBICodec.ax
2021-01-13 01:40 - 2021-01-13 01:40 - 000157184 _____ C:\WINDOWS\system32\uwfcsp.dll
2021-01-13 01:40 - 2021-01-13 01:40 - 000138056 _____ C:\WINDOWS\system32\HvsiManagementApi.dll
2021-01-13 01:40 - 2021-01-13 01:40 - 000135168 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\VBICodec.ax
2021-01-13 01:40 - 2021-01-13 01:40 - 000101704 _____ C:\WINDOWS\SysWOW64\HvsiManagementApi.dll
2021-01-13 01:40 - 2021-01-13 01:40 - 000095744 _____ C:\WINDOWS\system32\VirtualMonitorManager.dll
2021-01-13 01:40 - 2021-01-13 01:40 - 000087552 _____ (Microsoft Corporation) C:\WINDOWS\system32\tdc.ocx
2021-01-13 01:40 - 2021-01-13 01:40 - 000084992 _____ (Microsoft Corporation) C:\WINDOWS\system32\wscui.cpl
2021-01-13 01:40 - 2021-01-13 01:40 - 000072704 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\tdc.ocx
2021-01-13 01:40 - 2021-01-13 01:40 - 000067584 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\wscui.cpl
2021-01-13 01:40 - 2021-01-13 01:40 - 000067072 _____ C:\WINDOWS\system32\BWContextHandler.dll
2021-01-13 01:40 - 2021-01-13 01:40 - 000053760 _____ C:\WINDOWS\SysWOW64\BWContextHandler.dll
2021-01-13 01:39 - 2021-01-13 01:39 - 002260992 _____ C:\WINDOWS\system32\TextInputMethodFormatter.dll
2021-01-13 01:39 - 2021-01-13 01:39 - 002254336 _____ C:\WINDOWS\system32\dwmscene.dll
2021-01-13 01:39 - 2021-01-13 01:39 - 001333760 _____ C:\WINDOWS\SysWOW64\TextInputMethodFormatter.dll
2021-01-13 01:39 - 2021-01-13 01:39 - 001162240 _____ C:\WINDOWS\system32\MBR2GPT.EXE
2021-01-13 01:39 - 2021-01-13 01:39 - 000643072 _____ C:\WINDOWS\system32\WindowManagementAPI.dll
2021-01-13 01:39 - 2021-01-13 01:39 - 000544768 _____ (Microsoft Corporation) C:\WINDOWS\system32\mmsys.cpl
2021-01-13 01:39 - 2021-01-13 01:39 - 000455680 _____ C:\WINDOWS\SysWOW64\WindowManagementAPI.dll
2021-01-13 01:39 - 2021-01-13 01:39 - 000446976 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\mmsys.cpl
2021-01-13 01:39 - 2021-01-13 01:39 - 000422912 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\winspool.drv
2021-01-13 01:39 - 2021-01-13 01:39 - 000330752 _____ C:\WINDOWS\SysWOW64\ssdm.dll
2021-01-13 01:39 - 2021-01-13 01:39 - 000306688 _____ C:\WINDOWS\system32\HeatCore.dll
2021-01-13 01:39 - 2021-01-13 01:39 - 000238592 _____ (Microsoft Corporation) C:\WINDOWS\system32\intl.cpl
2021-01-13 01:39 - 2021-01-13 01:39 - 000235520 _____ C:\WINDOWS\SysWOW64\HeatCore.dll
2021-01-13 01:39 - 2021-01-13 01:39 - 000190976 _____ C:\WINDOWS\system32\BthpanContextHandler.dll
2021-01-13 01:39 - 2021-01-13 01:39 - 000182272 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\timedate.cpl
2021-01-13 01:39 - 2021-01-13 01:39 - 000178688 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\intl.cpl
2021-01-13 01:39 - 2021-01-13 01:39 - 000152064 _____ C:\WINDOWS\system32\EoAExperiences.exe
2021-01-13 01:39 - 2021-01-13 01:39 - 000010894 _____ C:\WINDOWS\system32\DrtmAuthTxt.wim
2021-01-13 01:38 - 2021-01-13 01:38 - 000562688 _____ (Microsoft Corporation) C:\WINDOWS\system32\winspool.drv
2021-01-13 01:38 - 2021-01-13 01:38 - 000455168 _____ C:\WINDOWS\system32\ssdm.dll
2021-01-13 01:38 - 2021-01-13 01:38 - 000243200 _____ (Microsoft Corporation) C:\WINDOWS\system32\timedate.cpl
2021-01-13 01:38 - 2021-01-13 01:38 - 000165888 _____ C:\WINDOWS\system32\DataStoreCacheDumpTool.exe
2021-01-13 01:38 - 2021-01-13 01:38 - 000074240 _____ C:\WINDOWS\system32\rdsxvmaudio.dll
2021-01-09 15:31 - 2021-01-30 13:50 - 000000000 ____D C:\Program Files\Mozilla Firefox
2021-01-09 15:31 - 2021-01-09 15:31 - 000002197 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Avast Cleanup Premium.lnk
2021-01-09 15:31 - 2021-01-09 15:31 - 000002185 _____ C:\Users\Public\Desktop\Avast Cleanup Premium.lnk
2021-01-09 15:31 - 2021-01-09 15:31 - 000002185 _____ C:\ProgramData\Desktop\Avast Cleanup Premium.lnk
2021-01-09 15:30 - 2021-01-09 15:30 - 001093304 _____ (Avast Software) C:\Users\absen\Downloads\avast_cleanup_online_setup.exe
2021-01-09 15:30 - 2021-01-04 14:52 - 000081632 _____ (Avast Software) C:\WINDOWS\system32\icarus_rvrt.exe
2021-01-04 15:28 - 2021-01-04 15:28 - 001855192 _____ C:\WINDOWS\system32\vulkaninfo-1-999-0-0-0.exe
2021-01-04 15:28 - 2021-01-04 15:28 - 001855192 _____ C:\WINDOWS\system32\vulkaninfo.exe
2021-01-04 15:28 - 2021-01-04 15:28 - 001454488 _____ (Khronos Group) C:\WINDOWS\system32\OpenCL.dll
2021-01-04 15:28 - 2021-01-04 15:28 - 001435864 _____ C:\WINDOWS\SysWOW64\vulkaninfo-1-999-0-0-0.exe
2021-01-04 15:28 - 2021-01-04 15:28 - 001435864 _____ C:\WINDOWS\SysWOW64\vulkaninfo.exe
2021-01-04 15:28 - 2021-01-04 15:28 - 001193880 _____ (Khronos Group) C:\WINDOWS\SysWOW64\OpenCL.dll
2021-01-04 15:28 - 2021-01-04 15:28 - 001094880 _____ C:\WINDOWS\system32\vulkan-1-999-0-0-0.dll
2021-01-04 15:28 - 2021-01-04 15:28 - 001094880 _____ C:\WINDOWS\system32\vulkan-1.dll
2021-01-04 15:28 - 2021-01-04 15:28 - 000948952 _____ C:\WINDOWS\SysWOW64\vulkan-1-999-0-0-0.dll
2021-01-04 15:28 - 2021-01-04 15:28 - 000948952 _____ C:\WINDOWS\SysWOW64\vulkan-1.dll
2021-01-04 15:26 - 2021-01-04 15:26 - 002104216 _____ (NVIDIA Corporation) C:\WINDOWS\system32\NvFBC64.dll
2021-01-04 15:26 - 2021-01-04 15:26 - 001589144 _____ (NVIDIA Corporation) C:\WINDOWS\SysWOW64\NvFBC.dll
2021-01-04 15:26 - 2021-01-04 15:26 - 001512856 _____ (NVIDIA Corporation) C:\WINDOWS\system32\NvIFR64.dll
2021-01-04 15:26 - 2021-01-04 15:26 - 001165720 _____ (NVIDIA Corporation) C:\WINDOWS\SysWOW64\NvIFR.dll
2021-01-04 15:26 - 2021-01-04 15:26 - 000813976 _____ (NVIDIA Corporation) C:\WINDOWS\system32\nvEncodeAPI64.dll
2021-01-04 15:26 - 2021-01-04 15:26 - 000680856 _____ C:\WINDOWS\system32\nvofapi64.dll
2021-01-04 15:26 - 2021-01-04 15:26 - 000673688 _____ (NVIDIA Corporation) C:\WINDOWS\system32\NvIFROpenGL.dll
2021-01-04 15:26 - 2021-01-04 15:26 - 000657816 _____ (NVIDIA Corporation) C:\WINDOWS\SysWOW64\nvEncodeAPI.dll
2021-01-04 15:26 - 2021-01-04 15:26 - 000559000 _____ (NVIDIA Corporation) C:\WINDOWS\SysWOW64\NvIFROpenGL.dll
2021-01-04 15:26 - 2021-01-04 15:26 - 000548248 _____ C:\WINDOWS\SysWOW64\nvofapi.dll
2021-01-04 15:25 - 2021-01-04 15:25 - 008262552 _____ (NVIDIA Corporation) C:\WINDOWS\system32\nvcuvid.dll
2021-01-04 15:25 - 2021-01-04 15:25 - 007393176 _____ (NVIDIA Corporation) C:\WINDOWS\SysWOW64\nvcuvid.dll
2021-01-04 15:25 - 2021-01-04 15:25 - 004612504 _____ (NVIDIA Corporation) C:\WINDOWS\SysWOW64\nvcuda.dll
2021-01-04 15:25 - 2021-01-04 15:25 - 002731928 _____ (NVIDIA Corporation) C:\WINDOWS\system32\nvcuda.dll
2021-01-04 15:25 - 2021-01-04 15:25 - 001733016 _____ (NVIDIA Corporation) C:\WINDOWS\system32\nvdispco6446109.dll
2021-01-04 15:25 - 2021-01-04 15:25 - 001492376 _____ (NVIDIA Corporation) C:\WINDOWS\system32\nvdispgenco6446109.dll
2021-01-04 15:23 - 2021-01-04 15:23 - 006071032 _____ (NVIDIA Corporation) C:\WINDOWS\SysWOW64\nvapi.dll

==================== One month (modified) ==================

(If an entry is included in the fixlist, the file/folder will be moved.)

2021-01-30 15:39 - 2019-12-07 10:14 - 000000000 ____D C:\ProgramData\regid.1991-06.com.microsoft
2021-01-30 15:38 - 2020-08-02 14:04 - 000000000 ____D C:\Users\absen\AppData\LocalLow\Mozilla
2021-01-30 15:31 - 2020-10-15 10:25 - 000000000 ____D C:\Program Files (x86)\Google
2021-01-30 13:51 - 2020-08-02 14:04 - 000000000 ____D C:\ProgramData\Mozilla
2021-01-30 13:49 - 2020-08-02 14:04 - 000001005 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Firefox.lnk
2021-01-30 13:06 - 2020-09-16 17:23 - 000000000 ____D C:\WINDOWS\system32\SleepStudy
2021-01-30 09:59 - 2020-08-02 14:49 - 000000000 ____D C:\ProgramData\Avast Software
2021-01-30 09:55 - 2020-08-02 13:48 - 000000000 ____D C:\Users\absen\AppData\Local\Packages
2021-01-30 09:55 - 2019-12-07 10:14 - 000000000 ___HD C:\Program Files\WindowsApps
2021-01-30 09:55 - 2019-12-07 10:14 - 000000000 ____D C:\WINDOWS\AppReadiness
2021-01-30 09:53 - 2020-10-15 10:25 - 000002247 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Google Chrome.lnk
2021-01-30 09:53 - 2020-10-15 10:25 - 000002206 _____ C:\Users\Public\Desktop\Google Chrome.lnk
2021-01-30 09:53 - 2020-10-15 10:25 - 000002206 _____ C:\ProgramData\Desktop\Google Chrome.lnk
2021-01-30 09:53 - 2020-09-16 17:30 - 001609024 _____ C:\WINDOWS\system32\PerfStringBackup.INI
2021-01-30 09:53 - 2019-12-07 15:43 - 000683272 _____ C:\WINDOWS\system32\perfh005.dat
2021-01-30 09:53 - 2019-12-07 15:43 - 000137586 _____ C:\WINDOWS\system32\perfc005.dat
2021-01-30 09:53 - 2019-12-07 10:13 - 000000000 ____D C:\WINDOWS\INF
2021-01-30 09:51 - 2020-08-15 21:38 - 000002436 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Microsoft Edge.lnk
2021-01-30 09:51 - 2020-08-15 21:38 - 000002274 _____ C:\Users\Public\Desktop\Microsoft Edge.lnk
2021-01-30 09:51 - 2020-08-15 21:38 - 000002274 _____ C:\ProgramData\Desktop\Microsoft Edge.lnk
2021-01-30 09:49 - 2020-09-16 17:26 - 000000006 ____H C:\WINDOWS\Tasks\SA.DAT
2021-01-30 09:49 - 2020-09-16 17:23 - 000008192 ___SH C:\DumpStack.log.tmp
2021-01-30 09:49 - 2020-08-02 13:53 - 000000000 ____D C:\ProgramData\NVIDIA
2021-01-27 11:40 - 2019-12-07 10:03 - 000524288 _____ C:\WINDOWS\system32\config\BBI
2021-01-26 10:51 - 2020-09-16 17:26 - 000003572 _____ C:\WINDOWS\system32\Tasks\MicrosoftEdgeUpdateTaskMachineUA
2021-01-26 10:51 - 2020-09-16 17:26 - 000003348 _____ C:\WINDOWS\system32\Tasks\MicrosoftEdgeUpdateTaskMachineCore
2021-01-26 10:51 - 2020-08-02 17:05 - 000000000 ____D C:\Users\absen\AppData\Local\CrashDumps
2021-01-24 23:59 - 2020-09-16 17:16 - 000000000 ____D C:\Users\absen
2021-01-24 23:14 - 2020-08-02 13:53 - 000000000 ____D C:\Program Files\NVIDIA Corporation
2021-01-24 23:14 - 2020-08-02 13:53 - 000000000 ____D C:\Program Files (x86)\NVIDIA Corporation
2021-01-24 23:08 - 2020-09-16 17:26 - 000000000 ____D C:\WINDOWS\system32\Tasks\Avast Software
2021-01-24 23:08 - 2020-08-02 16:11 - 000000000 ____D C:\Program Files\Avast Software
2021-01-24 23:08 - 2020-08-02 14:51 - 000000000 ____D C:\Users\absen\AppData\Roaming\Avast Software
2021-01-24 13:22 - 2020-08-02 17:43 - 000000000 ____D C:\Users\absen\AppData\Local\Adobe
2021-01-17 10:24 - 2019-12-07 10:14 - 000000000 ____D C:\WINDOWS\SysWOW64\Macromed
2021-01-17 10:24 - 2019-12-07 10:14 - 000000000 ____D C:\WINDOWS\system32\Macromed
2021-01-17 06:11 - 2020-10-15 10:25 - 000003400 _____ C:\WINDOWS\system32\Tasks\GoogleUpdateTaskMachineUA
2021-01-17 06:11 - 2020-10-15 10:25 - 000003176 _____ C:\WINDOWS\system32\Tasks\GoogleUpdateTaskMachineCore
2021-01-17 06:11 - 2020-09-16 17:26 - 000002858 _____ C:\WINDOWS\system32\Tasks\OneDrive Standalone Update Task-S-1-5-21-1975070713-3845745136-328932001-1001
2021-01-13 02:06 - 2019-12-07 15:47 - 000000000 ____D C:\Program Files\Windows Photo Viewer
2021-01-13 02:06 - 2019-12-07 15:47 - 000000000 ____D C:\Program Files\Windows Defender Advanced Threat Protection
2021-01-13 02:06 - 2019-12-07 15:47 - 000000000 ____D C:\Program Files (x86)\Windows Photo Viewer
2021-01-13 02:06 - 2019-12-07 10:14 - 000000000 ___SD C:\WINDOWS\SysWOW64\F12
2021-01-13 02:06 - 2019-12-07 10:14 - 000000000 ___SD C:\WINDOWS\SysWOW64\DiagSvcs
2021-01-13 02:06 - 2019-12-07 10:14 - 000000000 ___SD C:\WINDOWS\system32\UNP
2021-01-13 02:06 - 2019-12-07 10:14 - 000000000 ___SD C:\WINDOWS\system32\F12
2021-01-13 02:06 - 2019-12-07 10:14 - 000000000 ___SD C:\WINDOWS\system32\DiagSvcs
2021-01-13 02:06 - 2019-12-07 10:14 - 000000000 ___RD C:\WINDOWS\PrintDialog
2021-01-13 02:06 - 2019-12-07 10:14 - 000000000 ___RD C:\WINDOWS\ImmersiveControlPanel
2021-01-13 02:06 - 2019-12-07 10:14 - 000000000 ____D C:\WINDOWS\SysWOW64\setup
2021-01-13 02:06 - 2019-12-07 10:14 - 000000000 ____D C:\WINDOWS\SysWOW64\PerceptionSimulation
2021-01-13 02:06 - 2019-12-07 10:14 - 000000000 ____D C:\WINDOWS\SysWOW64\oobe
2021-01-13 02:06 - 2019-12-07 10:14 - 000000000 ____D C:\WINDOWS\SysWOW64\Dism
2021-01-13 02:06 - 2019-12-07 10:14 - 000000000 ____D C:\WINDOWS\SysWOW64\Com
2021-01-13 02:06 - 2019-12-07 10:14 - 000000000 ____D C:\WINDOWS\SysWOW64\AdvancedInstallers
2021-01-13 02:06 - 2019-12-07 10:14 - 000000000 ____D C:\WINDOWS\SystemResources
2021-01-13 02:06 - 2019-12-07 10:14 - 000000000 ____D C:\WINDOWS\system32\WinBioPlugIns
2021-01-13 02:06 - 2019-12-07 10:14 - 000000000 ____D C:\WINDOWS\system32\SystemResetPlatform
2021-01-13 02:06 - 2019-12-07 10:14 - 000000000 ____D C:\WINDOWS\system32\Sysprep
2021-01-13 02:06 - 2019-12-07 10:14 - 000000000 ____D C:\WINDOWS\system32\setup
2021-01-13 02:06 - 2019-12-07 10:14 - 000000000 ____D C:\WINDOWS\system32\PerceptionSimulation
2021-01-13 02:06 - 2019-12-07 10:14 - 000000000 ____D C:\WINDOWS\system32\oobe
2021-01-13 02:06 - 2019-12-07 10:14 - 000000000 ____D C:\WINDOWS\system32\Dism
2021-01-13 02:06 - 2019-12-07 10:14 - 000000000 ____D C:\WINDOWS\system32\Com
2021-01-13 02:06 - 2019-12-07 10:14 - 000000000 ____D C:\WINDOWS\system32\AdvancedInstallers
2021-01-13 02:06 - 2019-12-07 10:14 - 000000000 ____D C:\WINDOWS\ShellExperiences
2021-01-13 02:06 - 2019-12-07 10:14 - 000000000 ____D C:\WINDOWS\ShellComponents
2021-01-13 02:06 - 2019-12-07 10:14 - 000000000 ____D C:\WINDOWS\Provisioning
2021-01-13 02:06 - 2019-12-07 10:14 - 000000000 ____D C:\WINDOWS\PolicyDefinitions
2021-01-13 02:06 - 2019-12-07 10:14 - 000000000 ____D C:\WINDOWS\IME
2021-01-13 02:06 - 2019-12-07 10:14 - 000000000 ____D C:\WINDOWS\bcastdvr
2021-01-13 02:06 - 2019-12-07 10:14 - 000000000 ____D C:\Program Files\Windows Defender
2021-01-13 01:42 - 2019-12-07 10:03 - 000000000 ____D C:\WINDOWS\CbsTemp
2021-01-13 01:38 - 2020-09-16 17:26 - 002877952 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\PrintConfig.dll
2021-01-13 01:33 - 2020-08-02 15:50 - 000000000 ____D C:\WINDOWS\system32\MRT
2021-01-13 01:32 - 2020-08-02 15:50 - 135062968 ____C (Microsoft Corporation) C:\WINDOWS\system32\MRT.exe
2021-01-11 08:42 - 2020-08-02 14:04 - 000000000 ____D C:\Program Files (x86)\Mozilla Maintenance Service
2021-01-09 23:22 - 2020-09-16 17:26 - 000003542 _____ C:\WINDOWS\system32\Tasks\Adobe Acrobat Update Task
2021-01-09 15:32 - 2020-09-16 17:26 - 000002672 _____ C:\WINDOWS\system32\Tasks\AdobeGCInvoker-1.0
2021-01-09 15:32 - 2020-09-15 22:23 - 000000000 ___DC C:\WINDOWS\Panther
2021-01-09 15:32 - 2020-08-02 14:40 - 000000000 ____D C:\Users\absen\AppData\Roaming\uTorrent
2021-01-09 15:30 - 2020-08-02 15:35 - 000000000 ____D C:\Program Files\Common Files\AVAST Software
2021-01-09 15:25 - 2020-09-16 17:26 - 000004264 _____ C:\WINDOWS\system32\Tasks\Avast Emergency Update
2021-01-09 15:22 - 2020-12-18 20:44 - 000214808 _____ (AVAST Software) C:\WINDOWS\system32\Drivers\aswStm.sys
2021-01-09 15:22 - 2020-09-16 17:16 - 000002361 _____ C:\Users\absen\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\OneDrive.lnk
2021-01-09 15:22 - 2020-08-02 16:11 - 000468888 _____ (AVAST Software) C:\WINDOWS\system32\Drivers\aswSP.sys
2021-01-09 15:22 - 2020-08-02 16:11 - 000324904 _____ (AVAST Software) C:\WINDOWS\system32\Drivers\aswVmm.sys
2021-01-09 15:22 - 2020-08-02 13:50 - 000000000 ___RD C:\Users\absen\OneDrive
2021-01-08 03:21 - 2019-11-20 04:00 - 001147352 _____ (Realtek ) C:\WINDOWS\system32\Drivers\rt640x64.sys
2021-01-05 00:16 - 2020-08-02 15:21 - 000000000 ____D C:\Users\absen\AppData\Roaming\vlc
2021-01-04 15:23 - 2019-10-04 15:51 - 007115280 _____ (NVIDIA Corporation) C:\WINDOWS\system32\nvapi64.dll
2020-12-31 15:03 - 2019-10-04 15:32 - 000060966 _____ C:\WINDOWS\system32\nvinfo.pb
2020-12-31 14:19 - 2019-12-07 10:18 - 000842296 _____ (Adobe) C:\WINDOWS\SysWOW64\FlashPlayerApp.exe
2020-12-31 14:19 - 2019-12-07 10:18 - 000175160 _____ (Adobe) C:\WINDOWS\SysWOW64\FlashPlayerCPLApp.cpl
2020-12-31 10:48 - 2020-08-02 13:53 - 005623272 _____ (NVIDIA Corporation) C:\WINDOWS\system32\nvcpl.dll
2020-12-31 10:48 - 2020-08-02 13:53 - 002637800 _____ (NVIDIA Corporation) C:\WINDOWS\system32\nvsvc64.dll
2020-12-31 10:48 - 2020-08-02 13:53 - 001760232 _____ (NVIDIA Corporation) C:\WINDOWS\system32\nvsvcr.dll
2020-12-31 10:48 - 2020-08-02 13:53 - 000992232 _____ (NVIDIA Corporation) C:\WINDOWS\system32\nv3dappshext.dll
2020-12-31 10:48 - 2020-08-02 13:53 - 000122344 _____ (NVIDIA Corporation) C:\WINDOWS\system32\nvshext.dll
2020-12-31 10:48 - 2020-08-02 13:53 - 000084456 _____ (NVIDIA Corporation) C:\WINDOWS\system32\nv3dappshextr.dll

==================== Files in the root of some directories ========

2020-08-16 14:29 - 2015-03-17 10:08 - 000025589 _____ () C:\Program Files (x86)\Berime.htm
2020-08-16 14:29 - 2015-03-17 10:08 - 000026079 _____ () C:\Program Files (x86)\Leame.htm
2020-08-16 14:29 - 2015-03-17 10:08 - 000025973 _____ () C:\Program Files (x86)\LeesMij.htm
2020-08-16 14:29 - 2015-03-17 10:08 - 000026230 _____ () C:\Program Files (x86)\Leggimi.htm
2020-08-16 14:29 - 2015-03-17 10:08 - 000025616 _____ () C:\Program Files (x86)\LeiaMe.htm
2020-08-16 14:29 - 2015-03-17 10:08 - 000026450 _____ () C:\Program Files (x86)\Liesmich.htm
2020-08-16 14:29 - 2015-03-17 10:08 - 000027104 _____ () C:\Program Files (x86)\Lisezmoi.htm
2020-08-16 14:29 - 2015-03-17 10:08 - 000025665 _____ () C:\Program Files (x86)\LueMinut.htm
2020-08-16 14:29 - 2015-03-17 10:08 - 000024876 _____ () C:\Program Files (x86)\ReadMe.htm
2020-08-16 14:29 - 2015-03-17 10:08 - 000024716 _____ () C:\Program Files (x86)\ReadMeCS.htm
2020-08-16 14:29 - 2015-03-17 10:08 - 000024661 _____ () C:\Program Files (x86)\ReadMeCT.htm
2020-08-16 14:29 - 2015-03-17 10:08 - 000027559 _____ () C:\Program Files (x86)\ReadMeCZE.htm
2020-08-16 14:29 - 2015-03-17 10:08 - 000028458 _____ () C:\Program Files (x86)\ReadMeHUN.htm
2020-08-16 14:29 - 2015-03-17 10:08 - 000027583 _____ () C:\Program Files (x86)\ReadMeJ.htm
2020-08-16 14:29 - 2015-03-17 10:08 - 000025709 _____ () C:\Program Files (x86)\ReadMeK.htm
2020-08-16 14:29 - 2015-03-17 10:08 - 000024407 _____ () C:\Program Files (x86)\ReadMeMEA.htm
2020-08-16 14:29 - 2015-03-17 10:08 - 000024388 _____ () C:\Program Files (x86)\ReadMeMEH.htm
2020-08-16 14:29 - 2015-03-17 10:08 - 000026073 _____ () C:\Program Files (x86)\ReadMePOL.htm
2020-08-16 14:29 - 2015-03-17 10:08 - 000025790 _____ () C:\Program Files (x86)\ReadMeRUS.htm
2020-08-16 14:29 - 2015-03-17 10:08 - 000028250 _____ () C:\Program Files (x86)\ReadMeSKY.htm
2020-08-16 14:29 - 2015-03-17 10:08 - 000026679 _____ () C:\Program Files (x86)\ReadMeTUR.htm
2020-08-16 14:29 - 2015-03-17 10:08 - 000025802 _____ () C:\Program Files (x86)\ReadMeUKR.htm
2020-08-16 14:29 - 2015-03-17 10:08 - 000025463 _____ () C:\Program Files (x86)\Vigtigt.htm
2020-08-16 14:29 - 2015-03-17 10:08 - 000025419 _____ () C:\Program Files (x86)\Viktig.htm
2020-08-16 14:29 - 2015-03-17 10:08 - 000025587 _____ () C:\Program Files (x86)\Viktigt.htm
2020-08-16 14:54 - 2020-08-16 14:54 - 000000000 _____ () C:\Users\absen\AppData\Local\oobelibMkey.log

==================== SigCheck ============================

(There is no automatic fix for files that do not pass verification.)

==================== End of FRST.txt ========================

Additional scan result of Farbar Recovery Scan Tool (x64) Version: 27-01-2021
Ran by absender (30-01-2021 15:41:10)
Running from C:\Users\absen\OneDrive\Desktop
Windows 10 Pro Version 20H2 19042.746 (X64) (2020-09-16 16:27:01)
Boot Mode: Normal
==========================================================


==================== Accounts: =============================

absender (S-1-5-21-1975070713-3845745136-328932001-1001 - Administrator - Enabled) => C:\Users\absen
Administrator (S-1-5-21-1975070713-3845745136-328932001-500 - Administrator - Disabled)
DefaultAccount (S-1-5-21-1975070713-3845745136-328932001-503 - Limited - Disabled)
Guest (S-1-5-21-1975070713-3845745136-328932001-501 - Limited - Disabled)
WDAGUtilityAccount (S-1-5-21-1975070713-3845745136-328932001-504 - Limited - Disabled)

==================== Security Center ========================

(If an entry is included in the fixlist, it will be removed.)

AV: Windows Defender (Disabled - Up to date) {D68DDC3A-831F-4fae-9E44-DA132C1ACF46}
AV: Avast Antivirus (Disabled - Up to date) {EB19B86E-3998-C706-90EF-92B41EB091AF}
AS: Windows Defender (Disabled - Up to date) {D68DDC3A-831F-4fae-9E44-DA132C1ACF46}
AS: Avast Antivirus (Enabled - Up to date) {5078598A-1FA2-C888-AA5F-A9C66537DB12}

==================== Installed Programs ======================

(Only the adware programs with "Hidden" flag could be added to the fixlist to unhide them. The adware programs should be uninstalled manually.)

@BIOS (HKLM-x32\...\{C9D46F25-5F9D-4E25-B24F-BC00E9EDF529}) (Version: 4.20.0518.1 - GIGABYTE) Hidden
@BIOS (HKLM-x32\...\InstallShield_{C9D46F25-5F9D-4E25-B24F-BC00E9EDF529}) (Version: 4.20.0518.1 - GIGABYTE)
µTorrent (HKLM-x32\...\uTorrent) (Version: 2.2.1 - )
Active@ Partition Recovery Ultimate 15 (HKLM\...\{E39DC614-0CB1-41E3-8457-87D58DF29029}_is1) (Version: 15 - LSoft Technologies Inc)
Adobe Acrobat DC (HKLM-x32\...\{AC76BA86-1033-FFFF-7760-0C0F074E4100}) (Version: 20.012.20041 - Adobe Systems Incorporated)
AIDA64 Extreme v6.32 (HKLM-x32\...\AIDA64 Extreme_is1) (Version: 6.32 - FinalWire Ltd.)
Aktualizace produktu Microsoft Office Excel 2007 Help (KB963678) (HKLM-x32\...\{90120000-0016-0405-0000-0000000FF1CE}_ENTERPRISE_{0A1FAC46-B899-421D-B1A2-470896DC45DB}) (Version: - Microsoft)
Aktualizace produktu Microsoft Office Powerpoint 2007 Help (KB963669) (HKLM-x32\...\{90120000-0018-0405-0000-0000000FF1CE}_ENTERPRISE_{5260BB53-C1F7-4A3B-9AEB-3EC9B37FF194}) (Version: - Microsoft)
Aktualizace produktu Microsoft Office Word 2007 Help (KB963665) (HKLM-x32\...\{90120000-001B-0405-0000-0000000FF1CE}_ENTERPRISE_{E68DD413-B834-4923-8181-0A03B7555187}) (Version: - Microsoft)
APP Center (HKLM-x32\...\{D50BEE9A-0EC6-4A58-BF90-35BDC6D6495D}) (Version: 3.20.00803.1 - GIGABYTE) Hidden
APP Center (HKLM-x32\...\InstallShield_{D50BEE9A-0EC6-4A58-BF90-35BDC6D6495D}) (Version: 3.20.00803.1 - GIGABYTE)
Avast Cleanup Premium (HKLM\...\Avast Cleanup) (Version: 20.1.9481.1346 - Avast Software)
Avast Driver Updater (HKLM\...\Avast Driver Updater) (Version: 20.2.1042.2978 - Avast Software)
Avast Free Antivirus (HKLM-x32\...\Avast Antivirus) (Version: 20.10.2442 - Avast Software)
EasyTune (HKLM-x32\...\{7F635314-EE21-4E4B-A68D-69AE70BA0E9B}) (Version: 1.20.1030.1 - GIGABYTE) Hidden
EasyTune (HKLM-x32\...\InstallShield_{7F635314-EE21-4E4B-A68D-69AE70BA0E9B}) (Version: 1.20.1030.1 - GIGABYTE)
EasyTuneEngineService (HKLM-x32\...\{964575C3-5820-4642-A89A-754255B5EFE1}) (Version: 1.20.1105.1 - GIGABYTE) Hidden
EasyTuneEngineService (HKLM-x32\...\InstallShield_{964575C3-5820-4642-A89A-754255B5EFE1}) (Version: 1.20.1105.1 - GIGABYTE)
ENE IO Driver (HKLM-x32\...\{D0512FFD-6194-4D2E-967E-25B82A3322FF}) (Version: 3.3.0 - ENE TECHNOLOGY INC.) Hidden
ENE_AIC_Marvell_HAL (HKLM\...\{085E2365-0A70-4230-B664-02D5E4FE7E9C}) (Version: 1.0.7.0 - ENE TECHNOLOGY INC.) Hidden
ENE_AIC_Marvell_HAL (HKLM-x32\...\{887e18fb-6bc3-4cd4-b34e-32d9ff71bbae}) (Version: 1.0.7.0 - ENE TECHNOLOGY INC.) Hidden
ENE_DRAM_RGB_AIO (HKLM\...\{1745D314-9077-46C9-8562-1C62BAE189B7}) (Version: 1.0.0.9 - Ene Tech.) Hidden
ENE_DRAM_RGB_AIO (HKLM-x32\...\{8bcd6161-a822-4c5a-9711-472cb32c7adf}) (Version: 1.0.0.9 - Ene Tech.) Hidden
ENE_EHD_M2_HAL (HKLM\...\{37A48B7F-D4EA-4863-844E-A284E2AA3C5D}) (Version: 1.0.6.0 - ENE TECHNOLOGY INC.) Hidden
ENE_EHD_M2_HAL (HKLM-x32\...\{d8516682-de60-4332-ad6f-49373754b677}) (Version: 1.0.6.0 - ENE TECHNOLOGY INC.) Hidden
ENE_EHD_SSS_HAL (HKLM\...\{CF703694-01C6-4062-B797-84DB215662BC}) (Version: 1.0.2.0 - ENE TECHNOLOGY INC.) Hidden
ENE_EHD_SSS_HAL (HKLM-x32\...\{9eeadf99-713b-4ab5-9ccd-bf9c1c4d9daf}) (Version: 1.0.2.0 - ENE TECHNOLOGY INC.) Hidden
Fast Boot (HKLM-x32\...\{FA8FB4F2-F524-48E1-A06C-45602FBF26CD}) (Version: 1.20.0420.1 - GIGABYTE) Hidden
Fast Boot (HKLM-x32\...\InstallShield_{FA8FB4F2-F524-48E1-A06C-45602FBF26CD}) (Version: 1.20.0420.1 - GIGABYTE)
Game Boost (HKLM-x32\...\{644B5310-D2AA-42A8-9F3B-7B92C856C8D7}) (Version: 1.00.0006 - Gigabyte) Hidden
Game Boost (HKLM-x32\...\InstallShield_{644B5310-D2AA-42A8-9F3B-7B92C856C8D7}) (Version: 1.00.0006 - Gigabyte)
GigabyteFirmwareUpdateUtility (HKLM-x32\...\{1CBA99CE-1AB3-4366-AFB4-7F7B75EBBE35}) (Version: 1.20.0406.1 - GIGABYTE) Hidden
GigabyteFirmwareUpdateUtility (HKLM-x32\...\InstallShield_{1CBA99CE-1AB3-4366-AFB4-7F7B75EBBE35}) (Version: 1.20.0406.1 - GIGABYTE)
Google Chrome (HKLM-x32\...\Google Chrome) (Version: 88.0.4324.104 - Google LLC)
Google Update Helper (HKLM-x32\...\{60EC980A-BDA2-4CB6-A427-B07A5498B4CA}) (Version: 1.3.36.51 - Google LLC) Hidden
GService (HKLM-x32\...\{D9CB4282-7B2A-4840-AD1D-9DA72B973DD9}) (Version: 1.19.0624.1 - GIGABYTE)
Intel(R) Management Engine Components (HKLM\...\{1CEAC85D-2590-4760-800F-8DE5E91F3700}) (Version: 1846.12.0.1177 - Intel Corporation)
Intel(R) Rapid Storage Technology (HKLM\...\{409CB30E-E457-4008-9B1A-ED1B9EA21140}) (Version: 17.8.0.1065 - Intel Corporation)
Intel(R) Trusted Connect Service Client x86 (HKLM-x32\...\{C9552825-7BF2-4344-BA91-D3CD46F4C441}) (Version: 1.50.638.1 - Intel Corporation) Hidden
Intel(R) Trusted Connect Services Client (HKLM-x32\...\{99ee3c29-c7cd-450f-8db9-d43cc49de1c7}) (Version: 1.50.638.1 - Intel Corporation) Hidden
Intel® Chipset Device Software (HKLM-x32\...\{49bc1e38-39b4-4728-9e75-cbe67ba9a329}) (Version: 10.1.1.42 - Intel(R) Corporation) Hidden
Microsoft Edge (HKLM-x32\...\Microsoft Edge) (Version: 88.0.705.56 - Microsoft Corporation)
Microsoft Edge Update (HKLM-x32\...\Microsoft Edge Update) (Version: 1.3.139.71 - )
Microsoft Office 2007 Service Pack 3 (SP3) (HKLM-x32\...\{90120000-0030-0000-0000-0000000FF1CE}_ENTERPRISE_{6E107EB7-8B55-48BF-ACCB-199F86A2CD93}) (Version: - Microsoft)
Microsoft Office Enterprise 2007 (HKLM-x32\...\ENTERPRISE) (Version: 12.0.6612.1000 - Microsoft Corporation)
Microsoft Office File Validation Add-In (HKLM-x32\...\{90140000-2005-0000-0000-0000000FF1CE}) (Version: 14.0.5130.5003 - Microsoft Corporation)
Microsoft OneDrive (HKU\S-1-5-21-1975070713-3845745136-328932001-1001\...\OneDriveSetup.exe) (Version: 20.219.1029.0007 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.17 (HKLM-x32\...\{9A25302D-30C0-39D9-BD6F-21E6EC160475}) (Version: 9.0.30729 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.6161 (HKLM-x32\...\{9BE518E6-ECC6-35A9-88E4-87755C07200F}) (Version: 9.0.30729.6161 - Microsoft Corporation)
Microsoft Visual C++ 2012 Redistributable (x64) - 11.0.61030 (HKLM-x32\...\{ca67548a-5ebe-413a-b50c-4b9ceb6d66c6}) (Version: 11.0.61030.0 - Microsoft Corporation)
Microsoft Visual C++ 2012 Redistributable (x64) - 11.0.61030 (HKLM-x32\...\{d491dd9d-2eda-4d75-b504-1a201436e7fd}) (Version: 11.0.61030.0 - Microsoft Corporation)
Microsoft Visual C++ 2012 Redistributable (x86) - 11.0.61030 (HKLM-x32\...\{33d1fd90-4274-48a1-9bc1-97e33d9c2d6f}) (Version: 11.0.61030.0 - Microsoft Corporation)
Microsoft Visual C++ 2012 Redistributable (x86) - 11.0.61030 (HKLM-x32\...\{3994d355-238a-4612-af93-26d13deddef1}) (Version: 11.0.61030.0 - Microsoft Corporation)
Microsoft Visual C++ 2015 Redistributable (x86) - 14.0.23026 (HKLM-x32\...\{74d0e5db-b326-4dae-a6b2-445b9de1836e}) (Version: 14.0.23026.0 - Microsoft Corporation)
Mozilla Firefox 85.0 (x64 cs) (HKLM\...\Mozilla Firefox 85.0 (x64 cs)) (Version: 85.0 - Mozilla)
Mozilla Maintenance Service (HKLM\...\MozillaMaintenanceService) (Version: 79.0 - Mozilla)
NVIDIA FrameView SDK 1.1.4923.29214634 (HKLM\...\{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_FrameViewSdk) (Version: 1.1.4923.29214634 - NVIDIA Corporation)
NVIDIA Ovladač HD audia 1.3.38.35 (HKLM\...\{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_HDAudio.Driver) (Version: 1.3.38.35 - NVIDIA Corporation)
NVIDIA Ovladače grafiky 461.09 (HKLM\...\{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_Display.Driver) (Version: 461.09 - NVIDIA Corporation)
NVIDIA Systémový software PhysX 9.19.0218 (HKLM\...\{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_Display.PhysX) (Version: 9.19.0218 - NVIDIA Corporation)
ON_OFF Charge 2 B15.0709.1 (HKLM-x32\...\{6B4ED6F7-BB88-4945-B0C6-01410E1BAC3A}) (Version: 1.00.0000 - GIGABYTE) Hidden
ON_OFF Charge 2 B15.0709.1 (HKLM-x32\...\InstallShield_{6B4ED6F7-BB88-4945-B0C6-01410E1BAC3A}) (Version: 1.00.0000 - GIGABYTE)
Ovládací panel NVIDIA 461.09 (HKLM\...\{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_Display.ControlPanel) (Version: 461.09 - NVIDIA Corporation) Hidden
Patriot Viper M2 SSD RGB (HKLM\...\{0886A906-0625-4A43-930D-AA92F6665AF4}) (Version: 1.00.04 - Patriot Memory) Hidden
Patriot Viper M2 SSD RGB (HKLM-x32\...\{ebb7013c-0b03-497c-bed1-1e48e806a593}) (Version: 1.00.04 - Patriot Memory)
Realtek Audio Driver (HKLM-x32\...\{F132AF7F-7BCA-4EDE-8A7C-958108FE7DBC}) (Version: 6.0.8881.1 - Realtek Semiconductor Corp.)
Realtek Ethernet Controller Driver (HKLM-x32\...\{8833FFB6-5B0C-4764-81AA-06DFEED9A476}) (Version: 10.38.1118.2019 - Realtek)
RGB Fusion (HKLM-x32\...\{FFA8F1FA-3C2C-4A94-AC0B-0DF47272C25F}) (Version: 3.20.1015.1 - GIGABYTE)
SIV (HKLM-x32\...\{AAA057C3-10DC-4EB9-A3D6-8208C1BB7411}) (Version: 1.20.1105.1 - GIGABYTE) Hidden
SIV (HKLM-x32\...\InstallShield_{AAA057C3-10DC-4EB9-A3D6-8208C1BB7411}) (Version: 1.20.1105.1 - GIGABYTE)
Smart Backup (x64) (HKLM-x32\...\{BC1FA5CF-A36F-4C61-9638-09D0B431B006}) (Version: 3.18.0911.1 - GIGABYTE)
TeamViewer (HKLM-x32\...\TeamViewer) (Version: 15.14.3 - TeamViewer)
Update for 2007 Microsoft Office System (KB967642) (HKLM-x32\...\{90120000-0030-0000-0000-0000000FF1CE}_ENTERPRISE_{C444285D-5E4F-48A4-91DD-47AAAA68E92D}) (Version: - Microsoft)
VLC media player (HKLM\...\VLC media player) (Version: 3.0.11 - VideoLAN)
WinRAR 5.91 (64-bit) (HKLM\...\WinRAR archiver) (Version: 5.91.0 - win.rar GmbH)

Packages:
=========
Microsoft Advertising SDK for XAML -> C:\Program Files\WindowsApps\Microsoft.Advertising.Xaml_10.1811.1.0_x64__8wekyb3d8bbwe [2020-08-02] (Microsoft Corporation) [MS Ad]
Microsoft Advertising SDK for XAML -> C:\Program Files\WindowsApps\Microsoft.Advertising.Xaml_10.1811.1.0_x86__8wekyb3d8bbwe [2020-08-02] (Microsoft Corporation) [MS Ad]
Microsoft Solitaire Collection -> C:\Program Files\WindowsApps\Microsoft.MicrosoftSolitaireCollection_4.9.1102.0_x64__8wekyb3d8bbwe [2021-01-14] (Microsoft Studios) [MS Ad]
Netflix -> C:\Program Files\WindowsApps\4DF9E0F8.Netflix_6.97.752.0_x64__mcm4njqhnhss8 [2020-08-02] (Netflix, Inc.)
Realtek Audio Control -> C:\Program Files\WindowsApps\RealtekSemiconductorCorp.RealtekAudioControl_1.22.240.0_x64__dt26b99r8h8gj [2021-01-25] (Realtek Semiconductor Corp)
Spotify Music -> C:\Program Files\WindowsApps\SpotifyAB.SpotifyMusic_1.151.382.0_x86__zpdnekdrzrea0 [2021-01-30] (Spotify AB) [Startup Task]

==================== Custom CLSID (Whitelisted): ==============

(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)

ShellExecuteHooks-x32: Groove GFS Stub Execution Hook - {B5A7F190-DDA6-4420-B3BA-52453494E6CD} - C:\Program Files (x86)\Microsoft Office\Office12\GrooveShellExtensions.dll [2217832 2009-02-26] (Microsoft Corporation -> Microsoft Corporation)
ShellIconOverlayIdentifiers: [00asw] -> {472083B0-C522-11CF-8763-00608CC02F24} => C:\Program Files\Avast Software\Avast\ashShell.dll [2020-12-18] (Avast Software s.r.o. -> AVAST Software)
ContextMenuHandlers1: [Adobe.Acrobat.ContextMenu] -> {A6595CD1-BF77-430A-A452-18696685F7C7} => C:\Program Files (x86)\Adobe\Acrobat DC\Acrobat Elements\ContextMenuShim64.dll [2020-07-31] (Adobe Inc. -> Adobe Systems Inc.)
ContextMenuHandlers1: [avast] -> {472083B0-C522-11CF-8763-00608CC02F24} => C:\Program Files\Avast Software\Avast\ashShell.dll [2020-12-18] (Avast Software s.r.o. -> AVAST Software)
ContextMenuHandlers1: [WinRAR] -> {B41DB860-64E4-11D2-9906-E49FADC173CA} => C:\Program Files\WinRAR\rarext.dll [2020-06-25] (win.rar GmbH -> Alexander Roshal)
ContextMenuHandlers1-x32: [WinRAR32] -> {B41DB860-8EE4-11D2-9906-E49FADC173CA} => C:\Program Files\WinRAR\rarext32.dll [2020-06-25] (win.rar GmbH -> Alexander Roshal)
ContextMenuHandlers3: [00asw] -> {472083B0-C522-11CF-8763-00608CC02F24} => C:\Program Files\Avast Software\Avast\ashShell.dll [2020-12-18] (Avast Software s.r.o. -> AVAST Software)
ContextMenuHandlers5: [NvCplDesktopContext] -> {3D1975AF-48C6-4f8e-A182-BE0E08FA86A9} => C:\WINDOWS\system32\nvshext.dll [2020-12-31] (NVIDIA Corporation -> NVIDIA Corporation)
ContextMenuHandlers6: [Adobe.Acrobat.ContextMenu] -> {A6595CD1-BF77-430A-A452-18696685F7C7} => C:\Program Files (x86)\Adobe\Acrobat DC\Acrobat Elements\ContextMenuShim64.dll [2020-07-31] (Adobe Inc. -> Adobe Systems Inc.)
ContextMenuHandlers6: [avast] -> {472083B0-C522-11CF-8763-00608CC02F24} => C:\Program Files\Avast Software\Avast\ashShell.dll [2020-12-18] (Avast Software s.r.o. -> AVAST Software)
ContextMenuHandlers6: [WinRAR] -> {B41DB860-64E4-11D2-9906-E49FADC173CA} => C:\Program Files\WinRAR\rarext.dll [2020-06-25] (win.rar GmbH -> Alexander Roshal)
ContextMenuHandlers6-x32: [WinRAR32] -> {B41DB860-8EE4-11D2-9906-E49FADC173CA} => C:\Program Files\WinRAR\rarext32.dll [2020-06-25] (win.rar GmbH -> Alexander Roshal)

==================== Codecs (Whitelisted) ====================

==================== Shortcuts & WMI ========================

==================== Loaded Modules (Whitelisted) =============

2020-04-30 15:28 - 2020-04-30 15:28 - 001866752 _____ () [File not signed] C:\Program Files (x86)\GIGABYTE\AppCenter\BDR_info.dll
2019-08-05 19:50 - 2019-08-05 19:50 - 000009216 _____ () [File not signed] C:\Program Files (x86)\GIGABYTE\RGBFusion\Phison.dll
2020-03-05 23:11 - 2020-03-05 23:11 - 000021504 _____ (Adobe Systems Inc.) [File not signed] C:\Program Files (x86)\Adobe\Acrobat DC\Acrobat\locale\cs_cz\Acrobat Elements\ContextMenuShim64.cze
2019-04-15 16:24 - 2019-04-15 16:24 - 000155648 _____ (GIGA-BYTE TECHNOLOGY CO., LTD.) [File not signed] C:\Program Files (x86)\GIGABYTE\AppCenter\yccV2.dll
2019-04-15 16:24 - 2019-04-15 16:24 - 000155648 _____ (GIGA-BYTE TECHNOLOGY CO., LTD.) [File not signed] C:\Program Files (x86)\GIGABYTE\RGBFusion\yccV2.DLL
2021-01-25 00:02 - 2013-03-08 11:28 - 000187392 _____ (Gigabyte Technology CO., LTD.) [File not signed] C:\Program Files\Gigabyte\Smart Backup\RescuePlan.dll
2021-01-25 00:02 - 2014-09-15 16:52 - 000705536 _____ (Gigabyte Technology CO., LTD.) [File not signed] C:\Program Files\Gigabyte\Smart Backup\srpCore.dll
2020-07-08 10:49 - 2020-07-08 10:49 - 000474624 _____ (GIGABYTE Technology Co.,Ltd.) [File not signed] C:\Program Files (x86)\GIGABYTE\RGBFusion\GVDisplay.dll
2018-09-11 19:53 - 2018-09-11 19:53 - 000237056 _____ (GIGABYTE Technology Co.,Ltd.) [File not signed] C:\Program Files (x86)\GIGABYTE\RGBFusion\GvIllumLib.dll
2020-08-04 06:02 - 2020-08-04 06:02 - 002057728 _____ (GIGABYTE) [File not signed] C:\Program Files (x86)\GIGABYTE\RGBFusion\AACPCIeSSD_Lib.dll
2020-08-04 06:02 - 2020-08-04 06:02 - 002057728 _____ (GIGABYTE) [File not signed] C:\Program Files (x86)\GIGABYTE\RGBFusion\AACSSD_Lib.dll
2019-02-26 16:03 - 2019-02-26 16:03 - 001690112 _____ (TODO: <Company name>) [File not signed] C:\Program Files (x86)\GIGABYTE\AppCenter\FBIOS.dll
2020-07-23 11:48 - 2020-07-23 11:48 - 002102272 _____ (TODO: <Company name>) [File not signed] C:\Program Files (x86)\GIGABYTE\AppCenter\flash.dll
2015-10-14 01:15 - 2015-10-14 01:15 - 002042368 _____ (TODO: <Company name>) [File not signed] C:\Program Files (x86)\GIGABYTE\AppCenter\osvi.dll
2017-10-05 15:26 - 2017-10-05 15:26 - 002247168 _____ (TODO: <Company name>) [File not signed] C:\Program Files (x86)\GIGABYTE\RGBFusion\CRtive.dll
2018-12-08 08:22 - 2018-12-08 08:22 - 002059264 _____ (TODO: <Company name>) [File not signed] C:\Program Files (x86)\GIGABYTE\RGBFusion\GHidApi.dll
2020-10-12 10:47 - 2020-10-12 10:47 - 000486912 _____ (TODO: <Company name>) [File not signed] C:\Program Files (x86)\GIGABYTE\RGBFusion\GvLedLib.dll
2020-10-06 10:47 - 2020-10-06 10:47 - 002107392 _____ (TODO: <Company name>) [File not signed] C:\Program Files (x86)\GIGABYTE\RGBFusion\SMBCtrl.dll

==================== Alternate Data Streams (Whitelisted) ========

==================== Safe Mode (Whitelisted) ==================

==================== Association (Whitelisted) =================

==================== Internet Explorer (Whitelisted) ==========

BHO: GBHO.BHO -> {45d30484-7ded-43d9-957a-d2fd1f046511} -> C:\WINDOWS\system32\mscoree.dll [2019-12-07] (Microsoft Windows -> Microsoft Corporation)
BHO: Adobe Acrobat Create PDF Helper -> {AE7CD045-E861-484f-8273-0445EE161910} -> C:\Program Files (x86)\Common Files\Adobe\Acrobat\WCIEActiveX\DC\x64\AcroIEFavStub.dll [2020-03-05] (Adobe Systems, Incorporated -> Adobe Systems Incorporated)
BHO: Adobe Acrobat Create PDF from Selection -> {F4971EE7-DAA0-4053-9964-665D8EE6A077} -> C:\Program Files (x86)\Common Files\Adobe\Acrobat\WCIEActiveX\DC\x64\AcroIEFavStub.dll [2020-03-05] (Adobe Systems, Incorporated -> Adobe Systems Incorporated)
BHO-x32: Groove GFS Browser Helper -> {72853161-30C5-4D22-B7F9-0BBC1D38A37E} -> C:\Program Files (x86)\Microsoft Office\Office12\GrooveShellExtensions.dll [2009-02-26] (Microsoft Corporation -> Microsoft Corporation)
BHO-x32: Adobe Acrobat Create PDF Helper -> {AE7CD045-E861-484f-8273-0445EE161910} -> C:\Program Files (x86)\Common Files\Adobe\Acrobat\WCIEActiveX\DC\AcroIEFavStub.dll [2020-03-05] (Adobe Systems, Incorporated -> Adobe Systems Incorporated)
BHO-x32: Adobe Acrobat Create PDF from Selection -> {F4971EE7-DAA0-4053-9964-665D8EE6A077} -> C:\Program Files (x86)\Common Files\Adobe\Acrobat\WCIEActiveX\DC\AcroIEFavStub.dll [2020-03-05] (Adobe Systems, Incorporated -> Adobe Systems Incorporated)
Toolbar: HKLM - Adobe Acrobat Create PDF Toolbar - {47833539-D0C5-4125-9FA8-0819E2EAAC93} - C:\Program Files (x86)\Common Files\Adobe\Acrobat\WCIEActiveX\DC\x64\AcroIEFavStub.dll [2020-03-05] (Adobe Systems, Incorporated -> Adobe Systems Incorporated)
Toolbar: HKLM - Smart Backup - {1d09c093-f71e-43c3-b948-19316cbd695e} - C:\WINDOWS\system32\mscoree.dll [2019-12-07] (Microsoft Windows -> Microsoft Corporation)
Toolbar: HKLM-x32 - Adobe Acrobat Create PDF Toolbar - {47833539-D0C5-4125-9FA8-0819E2EAAC93} - C:\Program Files (x86)\Common Files\Adobe\Acrobat\WCIEActiveX\DC\AcroIEFavStub.dll [2020-03-05] (Adobe Systems, Incorporated -> Adobe Systems Incorporated)

==================== Hosts content: =========================

(If needed Hosts: directive could be included in the fixlist to reset Hosts.)

2017-09-29 14:46 - 2020-08-02 15:53 - 000000990 _____ C:\WINDOWS\system32\drivers\etc\hosts
127.0.0.1 75.126.120.203
127.0.0.1 46.4.58.71
127.0.0.1 46.4.62.150
127.0.0.1 46.4.28.80

==================== Other Areas ===========================

(Currently there is no automatic fix for this section.)

HKU\S-1-5-21-1975070713-3845745136-328932001-1001\Control Panel\Desktop\\Wallpaper -> C:\Users\absen\AppData\Local\Microsoft\Windows\Themes\RoamedThemeFiles\DesktopBackground\img0.jpg
DNS Servers: 192.168.0.1
HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Policies\System => (ConsentPromptBehaviorAdmin: 5) (ConsentPromptBehaviorUser: 3) (EnableLUA: 1)
HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer => (SmartScreenEnabled: )
Windows Firewall is enabled.

==================== MSCONFIG/TASK MANAGER disabled items ==

(If an entry is included in the fixlist, it will be removed.)

HKLM\...\StartupApproved\Run: => "AdobeAAMUpdater-1.0"
HKLM\...\StartupApproved\Run: => "AdobeGCInvoker-1.0"
HKLM\...\StartupApproved\Run: => "IAStorIcon"
HKLM\...\StartupApproved\Run32: => "GrooveMonitor"
HKLM\...\StartupApproved\Run32: => "Acrobat Assistant 8.0"
HKU\S-1-5-21-1975070713-3845745136-328932001-1001\...\StartupApproved\Run: => "OneDrive"

==================== FirewallRules (Whitelisted) ================

(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)

FirewallRules: [{D0FC4857-01EA-4F85-ACCF-3F7BB7596950}] => (Allow) C:\Program Files\Mozilla Firefox\firefox.exe (Mozilla Corporation -> Mozilla Corporation)
FirewallRules: [{A3EB1886-6DA5-46F1-AF82-E065A4532F50}] => (Allow) C:\Program Files\Mozilla Firefox\firefox.exe (Mozilla Corporation -> Mozilla Corporation)
FirewallRules: [{650C6E36-EEC5-4144-9DE8-24D6776C3CE9}] => (Allow) C:\Program Files (x86)\uTorrent\uTorrent.exe (BitTorrent Inc -> BitTorrent, Inc.)
FirewallRules: [{9604BE7E-99F6-43BA-96C7-2B4ABE5186EB}] => (Allow) C:\Program Files (x86)\uTorrent\uTorrent.exe (BitTorrent Inc -> BitTorrent, Inc.)
FirewallRules: [TCP Query User{10632098-5C61-4388-A376-E484AB7FB380}C:\program files\videolan\vlc\vlc.exe] => (Allow) C:\program files\videolan\vlc\vlc.exe (VideoLAN -> VideoLAN)
FirewallRules: [UDP Query User{EE2B15BD-BB1A-4AFC-8B71-EA9FF04C007A}C:\program files\videolan\vlc\vlc.exe] => (Allow) C:\program files\videolan\vlc\vlc.exe (VideoLAN -> VideoLAN)
FirewallRules: [{1F814002-E2AF-41E4-8E90-CBD6C666BCEE}] => (Allow) C:\Program Files (x86)\GIGABYTE\AppCenter\ApCent.exe (GIGA-BYTE TECHNOLOGY CO., LTD. -> )
FirewallRules: [{FF046793-038F-4E29-8F50-CAA3878B766F}] => (Allow) C:\Program Files (x86)\GIGABYTE\AppCenter\gcupd.exe (GIGA-BYTE TECHNOLOGY CO., LTD. -> )
FirewallRules: [{06C53832-A07A-4844-A228-3B6D250C16B0}] => (Allow) C:\Program Files (x86)\GIGABYTE\AppCenter\ApCent.exe (GIGA-BYTE TECHNOLOGY CO., LTD. -> )
FirewallRules: [{5559C675-8382-4F4C-A212-3AE6775A3BC5}] => (Allow) C:\Program Files (x86)\GIGABYTE\AppCenter\gcupd.exe (GIGA-BYTE TECHNOLOGY CO., LTD. -> )
FirewallRules: [{1E29E840-8D34-43AA-94D2-DB4167ABB39E}] => (Allow) LPort=9009
FirewallRules: [{9C6901C5-F9B6-4589-9632-459FE393ED6C}] => (Allow) LPort=9009
FirewallRules: [{FAA455DA-165A-480E-8473-9CB204C0BDCD}] => (Allow) LPort=9009
FirewallRules: [{5C643DA4-6D95-4B19-9139-19DDCCB9610C}] => (Allow) LPort=9009
FirewallRules: [{196D6A50-C2AD-4313-B21B-390B96B422AE}] => (Allow) C:\Program Files\WindowsApps\Microsoft.SkypeApp_15.68.96.0_x86__kzf8qxf38zg5c\Skype\Skype.exe (Skype Software Sarl -> Skype Technologies S.A.)
FirewallRules: [{607FEFB5-271C-4DCB-9BD5-C3F4B96E7901}] => (Allow) C:\Program Files\WindowsApps\Microsoft.SkypeApp_15.68.96.0_x86__kzf8qxf38zg5c\Skype\Skype.exe (Skype Software Sarl -> Skype Technologies S.A.)
FirewallRules: [{87C4CA69-1F15-45C1-A924-088B20DDA7E8}] => (Allow) C:\Program Files\WindowsApps\Microsoft.SkypeApp_15.68.96.0_x86__kzf8qxf38zg5c\Skype\Skype.exe (Skype Software Sarl -> Skype Technologies S.A.)
FirewallRules: [{F96455BA-FB41-4175-A53F-B07010796BE8}] => (Allow) C:\Program Files\WindowsApps\Microsoft.SkypeApp_15.68.96.0_x86__kzf8qxf38zg5c\Skype\Skype.exe (Skype Software Sarl -> Skype Technologies S.A.)
FirewallRules: [{2AD99580-927E-4FE3-AC8D-328ABABB6B00}] => (Allow) C:\Program Files\Google\Chrome\Application\chrome.exe (Google LLC -> Google LLC)
FirewallRules: [{DD8E987D-26BA-49F6-8205-82C1791CDBC2}] => (Allow) C:\Program Files\WindowsApps\SpotifyAB.SpotifyMusic_1.151.382.0_x86__zpdnekdrzrea0\Spotify.exe (Spotify AB -> Spotify Ltd)
FirewallRules: [{3474238D-0977-4202-BF62-82309AB76D54}] => (Allow) C:\Program Files\WindowsApps\SpotifyAB.SpotifyMusic_1.151.382.0_x86__zpdnekdrzrea0\Spotify.exe (Spotify AB -> Spotify Ltd)
FirewallRules: [{795C2288-837B-464A-AE78-E3D3A272702C}] => (Allow) C:\Program Files\WindowsApps\SpotifyAB.SpotifyMusic_1.151.382.0_x86__zpdnekdrzrea0\Spotify.exe (Spotify AB -> Spotify Ltd)
FirewallRules: [{6EA7A791-A40D-41DA-8D34-E2A0FCE1FC43}] => (Allow) C:\Program Files\WindowsApps\SpotifyAB.SpotifyMusic_1.151.382.0_x86__zpdnekdrzrea0\Spotify.exe (Spotify AB -> Spotify Ltd)
FirewallRules: [{04293312-474C-4B34-B862-D46FDC9BFA4E}] => (Allow) C:\Program Files\WindowsApps\SpotifyAB.SpotifyMusic_1.151.382.0_x86__zpdnekdrzrea0\Spotify.exe (Spotify AB -> Spotify Ltd)
FirewallRules: [{CD9381AE-44C3-4E0D-AF95-D5B13A7A2409}] => (Allow) C:\Program Files\WindowsApps\SpotifyAB.SpotifyMusic_1.151.382.0_x86__zpdnekdrzrea0\Spotify.exe (Spotify AB -> Spotify Ltd)
FirewallRules: [{F48473EA-3C00-4892-90CB-2776F477D671}] => (Allow) C:\Program Files\WindowsApps\SpotifyAB.SpotifyMusic_1.151.382.0_x86__zpdnekdrzrea0\Spotify.exe (Spotify AB -> Spotify Ltd)
FirewallRules: [{81D6B86A-4206-4FB4-98B9-E9D5739B6AF8}] => (Allow) C:\Program Files\WindowsApps\SpotifyAB.SpotifyMusic_1.151.382.0_x86__zpdnekdrzrea0\Spotify.exe (Spotify AB -> Spotify Ltd)
FirewallRules: [{8AE2542E-6B44-46D4-B14E-BC9A64CD60D0}] => (Allow) C:\Program Files (x86)\TeamViewer\TeamViewer.exe (TeamViewer Germany GmbH -> TeamViewer Germany GmbH)
FirewallRules: [{35DF1A6A-DCC0-4767-9451-E5C6C09093FB}] => (Allow) C:\Program Files (x86)\TeamViewer\TeamViewer.exe (TeamViewer Germany GmbH -> TeamViewer Germany GmbH)
FirewallRules: [{61673F63-0016-4851-B10D-6D54D1DB0DF2}] => (Allow) C:\Program Files (x86)\TeamViewer\TeamViewer_Service.exe (TeamViewer Germany GmbH -> TeamViewer Germany GmbH)
FirewallRules: [{8199B76F-E8CF-42D0-9CFA-540ED87C6143}] => (Allow) C:\Program Files (x86)\TeamViewer\TeamViewer_Service.exe (TeamViewer Germany GmbH -> TeamViewer Germany GmbH)

==================== Restore Points =========================

25-01-2021 00:26:56 Avast Driver Updater - Update 2 Device(s)

==================== Faulty Device Manager Devices ============


==================== Event log errors: ========================

Application errors:
==================
Error: (01/30/2021 09:59:35 AM) (Source: Microsoft-Windows-Defrag) (EventID: 264) (User: )
Description: Optimalizátor úložiště nemohl dokončit opakovat operaci trim na Data (D:), protože: Požadovaná operace není podporována hardwarem, který zálohuje svazek. (0x8900002A)

Error: (01/26/2021 10:34:56 AM) (Source: Application Error) (EventID: 1000) (User: )
Description: Název chybující aplikace: etinit.exe, verze: 8.0.0.10, časové razítko: 0x5c6e5df7
Název chybujícího modulu: KERNELBASE.dll, verze: 10.0.19041.746, časové razítko: 0x197b16c5
Kód výjimky: 0xe0434352
Posun chyby: 0x0012a842
ID chybujícího procesu: 0xd4c
Čas spuštění chybující aplikace: 0x01d6f3c68010ed01
Cesta k chybující aplikaci: C:\Program Files (x86)\GIGABYTE\EasyTune\etinit.exe
Cesta k chybujícímu modulu: C:\WINDOWS\System32\KERNELBASE.dll
ID zprávy: 2b2267a3-5783-4525-ae2b-fe900d1602c7
Úplný název chybujícího balíčku:
ID aplikace související s chybujícím balíčkem:

Error: (01/26/2021 10:34:56 AM) (Source: Application Error) (EventID: 1000) (User: )
Description: Název chybující aplikace: etocfile.exe, verze: 8.0.0.16, časové razítko: 0x5e4663a1
Název chybujícího modulu: KERNELBASE.dll, verze: 10.0.19041.746, časové razítko: 0x197b16c5
Kód výjimky: 0xe0434352
Posun chyby: 0x0012a842
ID chybujícího procesu: 0x27f0
Čas spuštění chybující aplikace: 0x01d6f3c6800a6cc0
Cesta k chybující aplikaci: C:\Program Files (x86)\GIGABYTE\EasyTune\etocfile.exe
Cesta k chybujícímu modulu: C:\WINDOWS\System32\KERNELBASE.dll
ID zprávy: 3b508876-7aa2-4ce6-a64f-5833d2360ee9
Úplný název chybujícího balíčku:
ID aplikace související s chybujícím balíčkem:

Error: (01/26/2021 10:34:56 AM) (Source: .NET Runtime) (EventID: 1026) (User: )
Description: Aplikace: etinit.exe
Verze Framework: v4.0.30319
Popis: Proces byl ukončen z důvodu neošetřené výjimky.
Informace o výjimce: System.IO.FileLoadException
na etinit.Program.Main(System.String[])

Error: (01/26/2021 10:34:56 AM) (Source: .NET Runtime) (EventID: 1026) (User: )
Description: Aplikace: etocfile.exe
Verze Framework: v4.0.30319
Popis: Proces byl ukončen z důvodu neošetřené výjimky.
Informace o výjimce: System.IO.FileLoadException
na etocfile.Program.Main(System.String[])

Error: (01/25/2021 09:58:29 AM) (Source: Application Error) (EventID: 1000) (User: )
Description: Název chybující aplikace: etocfile.exe, verze: 8.0.0.16, časové razítko: 0x5e4663a1
Název chybujícího modulu: KERNELBASE.dll, verze: 10.0.19041.746, časové razítko: 0x197b16c5
Kód výjimky: 0xe0434352
Posun chyby: 0x0012a842
ID chybujícího procesu: 0x27d0
Čas spuštění chybující aplikace: 0x01d6f2f83e785912
Cesta k chybující aplikaci: C:\Program Files (x86)\GIGABYTE\EasyTune\etocfile.exe
Cesta k chybujícímu modulu: C:\WINDOWS\System32\KERNELBASE.dll
ID zprávy: db136a6e-9301-48b2-a03d-c32c1f0a2d91
Úplný název chybujícího balíčku:
ID aplikace související s chybujícím balíčkem:

Error: (01/25/2021 09:58:29 AM) (Source: Application Error) (EventID: 1000) (User: )
Description: Název chybující aplikace: etinit.exe, verze: 8.0.0.10, časové razítko: 0x5c6e5df7
Název chybujícího modulu: KERNELBASE.dll, verze: 10.0.19041.746, časové razítko: 0x197b16c5
Kód výjimky: 0xe0434352
Posun chyby: 0x0012a842
ID chybujícího procesu: 0x27e8
Čas spuštění chybující aplikace: 0x01d6f2f83e7bc944
Cesta k chybující aplikaci: C:\Program Files (x86)\GIGABYTE\EasyTune\etinit.exe
Cesta k chybujícímu modulu: C:\WINDOWS\System32\KERNELBASE.dll
ID zprávy: b71dfcdd-55a2-4499-9602-f81ddd06a8bd
Úplný název chybujícího balíčku:
ID aplikace související s chybujícím balíčkem:

Error: (01/25/2021 09:58:28 AM) (Source: .NET Runtime) (EventID: 1026) (User: )
Description: Aplikace: etocfile.exe
Verze Framework: v4.0.30319
Popis: Proces byl ukončen z důvodu neošetřené výjimky.
Informace o výjimce: System.IO.FileLoadException
na etocfile.Program.Main(System.String[])


System errors:
=============
Error: (01/27/2021 11:40:06 AM) (Source: DCOM) (EventID: 10010) (User: DESKTOP-L1E66R6)
Description: Server {FD06603A-2BDF-4BB1-B7DF-5DC68F353601} se v daném časovém limitu neregistroval u služby DCOM.

Error: (01/25/2021 12:04:54 AM) (Source: Service Control Manager) (EventID: 7030) (User: )
Description: Služba Gservice je označena jako interaktivní služba. Avšak systém je nakonfigurován tak, že neumožňuje použití interaktivní služby. Tato služba nebude fungovat správně.

Error: (01/17/2021 10:24:21 AM) (Source: Service Control Manager) (EventID: 7023) (User: )
Description: Služba SysMain byla ukončena s následující chybou:
Parametr není správný.

Error: (01/05/2021 12:17:00 AM) (Source: DCOM) (EventID: 10010) (User: DESKTOP-L1E66R6)
Description: Server Microsoft.WindowsCalculator_10.2011.16.0_x64__8wekyb3d8bbwe!App se v daném časovém limitu neregistroval u služby DCOM.

Error: (12/26/2020 12:41:53 AM) (Source: Microsoft-Windows-WHEA-Logger) (EventID: 1) (User: NT AUTHORITY)
Description: Došlo k závažné chybě hardwaru. Záznam chyby s popisem stavu je obsažen v datové části této události.

Error: (12/15/2020 12:15:50 PM) (Source: DCOM) (EventID: 10010) (User: DESKTOP-L1E66R6)
Description: Server {FD06603A-2BDF-4BB1-B7DF-5DC68F353601} se v daném časovém limitu neregistroval u služby DCOM.

Error: (12/05/2020 12:09:26 PM) (Source: Microsoft-Windows-WHEA-Logger) (EventID: 1) (User: NT AUTHORITY)
Description: Došlo k závažné chybě hardwaru. Záznam chyby s popisem stavu je obsažen v datové části této události.

Error: (12/05/2020 12:08:59 PM) (Source: Service Control Manager) (EventID: 7043) (User: )
Description: Služba Avast Antivirus se po přijetí pokynu pro vypnutí neukončila správně.


CodeIntegrity:
===================================

Date: 2021-01-30 15:39:13.2850000Z
Description:
Code Integrity determined that a process (\Device\HarddiskVolume4\Windows\System32\svchost.exe) attempted to load \Device\HarddiskVolume4\Program Files\Avast Software\Avast\aswAMSI.dll that did not meet the Windows signing level requirements.

Date: 2021-01-30 13:16:28.8190000Z
Description:
Code Integrity determined that a process (\Device\HarddiskVolume4\Program Files (x86)\Microsoft\Edge\Application\msedge.exe) attempted to load \Device\HarddiskVolume4\Program Files\Avast Software\Avast\aswhook.dll that did not meet the Microsoft signing level requirements.

Date: 2021-01-30 13:16:10.0310000Z
Description:
Code Integrity determined that a process (\Device\HarddiskVolume4\Program Files (x86)\Microsoft\Edge\Application\msedge.exe) attempted to load \Device\HarddiskVolume4\Program Files\Avast Software\Avast\aswhook.dll that did not meet the Microsoft signing level requirements.

Date: 2021-01-30 13:16:07.3980000Z
Description:
Code Integrity determined that a process (\Device\HarddiskVolume4\Program Files (x86)\Microsoft\Edge\Application\msedge.exe) attempted to load \Device\HarddiskVolume4\Program Files\Avast Software\Avast\aswhook.dll that did not meet the Microsoft signing level requirements.

Date: 2021-01-30 13:16:05.1970000Z
Description:
Code Integrity determined that a process (\Device\HarddiskVolume4\Program Files (x86)\Microsoft\Edge\Application\msedge.exe) attempted to load \Device\HarddiskVolume4\Program Files\Avast Software\Avast\aswhook.dll that did not meet the Microsoft signing level requirements.

Date: 2021-01-30 13:15:59.5440000Z
Description:
Code Integrity determined that a process (\Device\HarddiskVolume4\Program Files (x86)\Microsoft\Edge\Application\msedge.exe) attempted to load \Device\HarddiskVolume4\Program Files\Avast Software\Avast\aswhook.dll that did not meet the Microsoft signing level requirements.

Date: 2021-01-30 13:15:59.3830000Z
Description:
Code Integrity determined that a process (\Device\HarddiskVolume4\Program Files (x86)\Microsoft\Edge\Application\msedge.exe) attempted to load \Device\HarddiskVolume4\Program Files\Avast Software\Avast\aswhook.dll that did not meet the Microsoft signing level requirements.

Date: 2021-01-30 13:15:57.7040000Z
Description:
Code Integrity determined that a process (\Device\HarddiskVolume4\Program Files (x86)\Microsoft\Edge\Application\msedge.exe) attempted to load \Device\HarddiskVolume4\Program Files\Avast Software\Avast\aswhook.dll that did not meet the Microsoft signing level requirements.

==================== Memory info ===========================

BIOS: American Megatrends Inc. F9 04/10/2018
Motherboard: Gigabyte Technology Co., Ltd. B250M-DS3H-CF
Processor: Intel(R) Core(TM) i5-7400 CPU @ 3.00GHz
Percentage of memory in use: 27%
Total physical RAM: 16344.08 MB
Available physical RAM: 11854.77 MB
Total Virtual: 18776.08 MB
Available Virtual: 12019.63 MB

==================== Drives ================================

Drive c: () (Fixed) (Total:237.87 GB) (Free:189.81 GB) NTFS
Drive d: (Data) (Fixed) (Total:931.39 GB) (Free:929.19 GB) NTFS

\\?\Volume{c9995cf1-9ee5-4cfd-a40f-fd59eac485dd}\ (Obnovení) (Fixed) (Total:0.49 GB) (Free:0.06 GB) NTFS
\\?\Volume{ab6c7d13-5fb0-4c46-9987-9d6b51296447}\ () (Fixed) (Total:0.09 GB) (Free:0.07 GB) FAT32

==================== MBR & Partition Table ====================

==================== End of Addition.txt =======================
Nahoru
Uživatelský avatar
Diallix
Rádce
Rádce
Příspěvky: 2760
Registrován: 27 dub 2008 10:34
Kontaktovat uživatele:
Kontaktovat uživatele Diallix

Re: prosím, prosím o kontrolu logu

#2 Příspěvek od Diallix »

Dobry den.

:arrow: Stiahnite si na plochu nastroj AdwCleaner, link. na stiahnutie tu: https://toolslib.net/downloads/finish/1/
Pred spustenim nastroja povypinajte vsetke beziace okna programov, to su vsetke beziace programy pod desktopom.
Kliknite pravym tlacidlom mysi na program -> spustit ako Administrator.
Pokracujte kliknutim na tlacidlo Prehladaj teraz (Scan now) a pockajte, kym sa system doskenuje.
Po skene nechajte oznacene vsetky chlieviky, pripadne najdene hrozieby a pokracujte v dolnom pravom rohu tlacidlom Vycistit Teraz (Clean and Repair).
Po restartovani PC sa spusti nastroj AdwCleaner, kliknite na Zobrazit soubor protokolu.
Spusti sa log, jeho obsah skopirujte sem.
Vyšla moja nová kniha BOTNETY! :173: Informácie o nej nájdete tu: >> BOTNETY <<

¯­­­¯­­­¯­­­¯­­­¯­­­¯­­­¯­­­¯­­­¯­­­¯­­­¯­­­¯­­­¯­­­¯­­­¯­­­¯­­­¯­­­¯­­­¯­­­¯­­­¯­­­¯­­­¯­­­¯­­­¯­­­¯­­­¯­­­¯­­­¯­­­¯­­­¯­­­¯­­­¯­­­¯­­­¯­­­¯­­­¯­­­¯­­­¯­­­¯­­­¯­­­¯­­­¯­­­¯­­­¯­­­¯­­­¯­­­¯­­­¯­­­¯­­­¯­­­¯­­­¯­­­¯­­­¯­­­¯­­­¯­­­¯­­­¯­­­¯­­­¯­­­¯­­­¯­­­¯­­­¯­­­¯­­­¯­­­¯­­­¯­­­¯­­­¯­­­¯­­­¯­­­¯­­­¯­­­¯­­­¯­­­¯­­­¯­­­¯­­­¯­­­¯­­­¯­­­¯­­­¯­­­¯­­­¯­­­¯­­­¯­­­¯­­­¯­­­¯­­­¯­­­¯­­­¯­­­¯­­­¯­­­¯­­­¯­­­¯­­­¯­­­¯­­­¯­­­¯­­­¯­­­¯­­­¯­­­¯­­­¯­­­¯­­­¯­­­¯­­­¯­­­¯­­­¯­­­¯­­­¯­­­¯­­­¯­­­¯­­­¯­­­¯­­­¯­­­¯­­­¯­­­¯­­­¯­­­¯­­­¯­­­¯­­­¯­­­¯­­­¯­­­¯­­­¯­­­¯­­­¯­­­¯­­­¯­­­¯­­­¯­­­
---
Obrázek Hľadáme nové posily do nášej CyberSecurity UNIT jednotky. Viac informácií o tom, čo to obnáša a ako sa pripojiť nájdete tu: >> CyberSecurity UNIT << Obrázek
----
Nízkoúrovňový, Vysokoúrovňový programátor - profilová karta tu: card <<
----
Háveťárna - UPLOAD Malwaru: >> upload <<
---
Ak sa Vám ľúbi moja práca a ste sňou spokojný, môžete ma kontaktovať na: diallix@centrum.sk, info@diallix.net alebo diallix@forum.viry.cz .
---
Momentálne aktívny ako:
- konzultant, vývojár a tutor výskumu inteligentného malwaru.
- tutor v oblasti dotazovacích jazykoch SQL (TSQL, PLSQL), objektového programovania (c++,c#,php) pre študentov.

Na fóre pôsobím ako:
- Bezpečnostná autorita viry.cz
- Zástupca tutora pre vzdelávanie nováčikov
- Zakladateľ Cyber Security jednotky
Nahoru
matti.sin
Návštěvník
Návštěvník
Příspěvky: 41
Registrován: 16 bře 2018 23:27

Re: prosím, prosím o kontrolu logu

#3 Příspěvek od matti.sin »

# -------------------------------
# Malwarebytes AdwCleaner 8.0.9.1
# -------------------------------
# Build: 01-20-2021
# Database: 2021-01-26.1 (Cloud)
# Support: https://www.malwarebytes.com/support
#
# -------------------------------
# Mode: Clean
# -------------------------------
# Start: 01-30-2021
# Duration: 00:00:01
# OS: Windows 10 Pro
# Cleaned: 4
# Failed: 0


***** [ Services ] *****

No malicious services cleaned.

***** [ Folders ] *****

Deleted C:\Users\Public\Documents\Downloaded Installers
Deleted C:\Users\absen\AppData\Local\slimware utilities inc

***** [ Files ] *****

Deleted C:\Windows\System32\drivers\swdumon.sys

***** [ DLL ] *****

No malicious DLLs cleaned.

***** [ WMI ] *****

No malicious WMI cleaned.

***** [ Shortcuts ] *****

No malicious shortcuts cleaned.

***** [ Tasks ] *****

No malicious tasks cleaned.

***** [ Registry ] *****

Deleted HKLM\SYSTEM\Setup\FirstBoot\Services\SWDUMon

***** [ Chromium (and derivatives) ] *****

No malicious Chromium entries cleaned.

***** [ Chromium URLs ] *****

No malicious Chromium URLs cleaned.

***** [ Firefox (and derivatives) ] *****

No malicious Firefox entries cleaned.

***** [ Firefox URLs ] *****

No malicious Firefox URLs cleaned.

***** [ Hosts File Entries ] *****

No malicious hosts file entries cleaned.

***** [ Preinstalled Software ] *****

No Preinstalled Software cleaned.


*************************

[+] Delete Tracing Keys
[+] Reset Winsock

*************************

AdwCleaner[S00].txt - [1628 octets] - [30/01/2021 18:34:57]

########## EOF - C:\AdwCleaner\Logs\AdwCleaner[C00].txt ##########
Nahoru
Uživatelský avatar
Diallix
Rádce
Rádce
Příspěvky: 2760
Registrován: 27 dub 2008 10:34
Kontaktovat uživatele:
Kontaktovat uživatele Diallix

Re: prosím, prosím o kontrolu logu

#4 Příspěvek od Diallix »

Dobre. Poprosim o nove logy FRST + ADDITION.
Vyšla moja nová kniha BOTNETY! :173: Informácie o nej nájdete tu: >> BOTNETY <<

¯­­­¯­­­¯­­­¯­­­¯­­­¯­­­¯­­­¯­­­¯­­­¯­­­¯­­­¯­­­¯­­­¯­­­¯­­­¯­­­¯­­­¯­­­¯­­­¯­­­¯­­­¯­­­¯­­­¯­­­¯­­­¯­­­¯­­­¯­­­¯­­­¯­­­¯­­­¯­­­¯­­­¯­­­¯­­­¯­­­¯­­­¯­­­¯­­­¯­­­¯­­­¯­­­¯­­­¯­­­¯­­­¯­­­¯­­­¯­­­¯­­­¯­­­¯­­­¯­­­¯­­­¯­­­¯­­­¯­­­¯­­­¯­­­¯­­­¯­­­¯­­­¯­­­¯­­­¯­­­¯­­­¯­­­¯­­­¯­­­¯­­­¯­­­¯­­­¯­­­¯­­­¯­­­¯­­­¯­­­¯­­­¯­­­¯­­­¯­­­¯­­­¯­­­¯­­­¯­­­¯­­­¯­­­¯­­­¯­­­¯­­­¯­­­¯­­­¯­­­¯­­­¯­­­¯­­­¯­­­¯­­­¯­­­¯­­­¯­­­¯­­­¯­­­¯­­­¯­­­¯­­­¯­­­¯­­­¯­­­¯­­­¯­­­¯­­­¯­­­¯­­­¯­­­¯­­­¯­­­¯­­­¯­­­¯­­­¯­­­¯­­­¯­­­¯­­­¯­­­¯­­­¯­­­¯­­­¯­­­¯­­­¯­­­¯­­­¯­­­¯­­­¯­­­¯­­­¯­­­¯­­­¯­­­¯­­­¯­­­¯­­­
---
Obrázek Hľadáme nové posily do nášej CyberSecurity UNIT jednotky. Viac informácií o tom, čo to obnáša a ako sa pripojiť nájdete tu: >> CyberSecurity UNIT << Obrázek
----
Nízkoúrovňový, Vysokoúrovňový programátor - profilová karta tu: card <<
----
Háveťárna - UPLOAD Malwaru: >> upload <<
---
Ak sa Vám ľúbi moja práca a ste sňou spokojný, môžete ma kontaktovať na: diallix@centrum.sk, info@diallix.net alebo diallix@forum.viry.cz .
---
Momentálne aktívny ako:
- konzultant, vývojár a tutor výskumu inteligentného malwaru.
- tutor v oblasti dotazovacích jazykoch SQL (TSQL, PLSQL), objektového programovania (c++,c#,php) pre študentov.

Na fóre pôsobím ako:
- Bezpečnostná autorita viry.cz
- Zástupca tutora pre vzdelávanie nováčikov
- Zakladateľ Cyber Security jednotky
Nahoru
matti.sin
Návštěvník
Návštěvník
Příspěvky: 41
Registrován: 16 bře 2018 23:27

Re: prosím, prosím o kontrolu logu

#5 Příspěvek od matti.sin »

Scan result of Farbar Recovery Scan Tool (FRST) (x64) Version: 27-01-2021
Ran by absender (administrator) on DESKTOP-L1E66R6 (Gigabyte Technology Co., Ltd. B250M-DS3H) (30-01-2021 19:07:34)
Running from C:\Users\absen\OneDrive\Desktop
Loaded Profiles: absender
Platform: Windows 10 Pro Version 20H2 19042.746 (X64) Language: Čeština (Česko)
Default browser: Edge
Boot Mode: Normal

==================== Processes (Whitelisted) =================

(If an entry is included in the fixlist, the process will be closed. The file will not be moved.)

(Avast Software s.r.o. -> AVAST Software) C:\Program Files\Avast Software\Avast\aswEngSrv.exe
(Avast Software s.r.o. -> AVAST Software) C:\Program Files\Avast Software\Avast\aswToolsSvc.exe
(Avast Software s.r.o. -> AVAST Software) C:\Program Files\Avast Software\Avast\AvastSvc.exe
(Avast Software s.r.o. -> AVAST Software) C:\Program Files\Avast Software\Avast\AvastUI.exe <3>
(Avast Software s.r.o. -> AVAST Software) C:\Program Files\Avast Software\Avast\wsc_proxy.exe
(Avast Software s.r.o. -> AVAST Software) C:\Program Files\Avast Software\Cleanup\TuneupSvc.exe
(Avast Software s.r.o. -> AVAST Software) C:\Program Files\Avast Software\Driver Updater\DriverUpdSvc.exe
(Microsoft Corporation) C:\Program Files\WindowsApps\Microsoft.WindowsCalculator_10.2012.21.0_x64__8wekyb3d8bbwe\Calculator.exe
(Microsoft Windows -> Microsoft Corporation) C:\Windows\ImmersiveControlPanel\SystemSettings.exe
(Microsoft Windows -> Microsoft Corporation) C:\Windows\System32\dllhost.exe
(Microsoft Windows -> Microsoft Corporation) C:\Windows\System32\oobe\UserOOBEBroker.exe
(Microsoft Windows -> Microsoft Corporation) C:\Windows\System32\smartscreen.exe
(Microsoft Windows -> Microsoft Corporation) C:\Windows\SysWOW64\dllhost.exe
(NVIDIA Corporation -> NVIDIA Corporation) C:\Program Files\NVIDIA Corporation\Display.NvContainer\NVDisplay.Container.exe <2>
(Realtek Semiconductor Corp. -> Realtek Semiconductor) C:\Windows\System32\DriverStore\FileRepository\realtekservice.inf_amd64_74518f403e753586\RtkAudUService64.exe
(TeamViewer Germany GmbH -> TeamViewer Germany GmbH) C:\Program Files (x86)\TeamViewer\TeamViewer_Service.exe

==================== Registry (Whitelisted) ===================

(If an entry is included in the fixlist, the registry item will be restored to default or removed. The file will not be moved.)

HKLM\...\Run: [RtkAudUService] => C:\WINDOWS\System32\DriverStore\FileRepository\realtekservice.inf_amd64_74518f403e753586\RtkAudUService64.exe [1219312 2020-12-24] (Realtek Semiconductor Corp. -> Realtek Semiconductor)
HKLM\...\Run: [AvastUI.exe] => C:\Program Files\Avast Software\Avast\AvLaunch.exe [117352 2020-12-18] (Avast Software s.r.o. -> AVAST Software)
HKLM\...\Run: [AdobeGCInvoker-1.0] => C:\Program Files (x86)\Common Files\Adobe\AdobeGCClient\AGCInvokerUtility.exe [3402832 2020-09-23] (Adobe Inc. -> Adobe Systems, Incorporated)
HKLM\...\Run: [AdobeAAMUpdater-1.0] => C:\Program Files (x86)\Common Files\Adobe\OOBE\PDApp\UWA\UpdaterStartupUtility.exe [509936 2018-04-10] (Adobe Systems Incorporated -> Adobe Systems Incorporated)
HKLM\...\Run: [TuneupUI.exe] => C:\Program Files\Avast Software\Cleanup\TuneupUI.exe [2596704 2021-01-09] (Avast Software s.r.o. -> AVAST Software)
HKLM\...\Run: [DriverUpdUI.exe] => C:\Program Files\Avast Software\Driver Updater\DriverUpdUI.exe [2863840 2021-01-24] (Avast Software s.r.o. -> AVAST Software)
HKLM\...\Run: [IAStorIcon] => C:\Program Files\Intel\Intel(R) Rapid Storage Technology\IAStorIcon.exe [321112 2019-12-09] (Intel(R) Rapid Storage Technology -> Intel Corporation)
HKLM-x32\...\Run: [GrooveMonitor] => C:\Program Files (x86)\Microsoft Office\Office12\GrooveMonitor.exe [30040 2009-02-26] (Microsoft Corporation -> Microsoft Corporation)
HKLM-x32\...\Run: [Acrobat Assistant 8.0] => C:\Program Files (x86)\Adobe\Acrobat DC\Acrobat\Acrotray.exe [5641776 2020-07-31] (Adobe Inc. -> Adobe Systems Inc.)
HKLM\...\RunOnce: [RPMKickstart] => C:\Program Files\GIGABYTE\Smart Backup\RPMKickstartEx.exe [2320384 2014-04-01] (TODO: <Company name>) [File not signed]
HKLM-x32\...\RunOnce: [DualBiosRescue] => C:\Program Files (x86)\GIGABYTE\GigabyteFirmwareUpdateUtility\dbrro.exe [12096 2015-08-19] (GIGA-BYTE TECHNOLOGY CO., LTD. -> )
HKLM-x32\...\RunOnce: [SelLed] => C:\Program Files (x86)\GIGABYTE\RGBFusion\RunLed.exe [50096 2019-04-29] (GIGA-BYTE TECHNOLOGY CO., LTD. -> )
HKU\S-1-5-19\...\RunOnce: [WAB Migrate] => C:\Program Files\Windows Mail\wab.exe [518656 2019-12-07] (Microsoft Windows -> Microsoft Corporation)
HKU\S-1-5-20\...\RunOnce: [WAB Migrate] => C:\Program Files\Windows Mail\wab.exe [518656 2019-12-07] (Microsoft Windows -> Microsoft Corporation)
HKU\S-1-5-21-1975070713-3845745136-328932001-1001\...\MountPoints2: {e904fb9b-ea10-11ea-9635-e0d55e1a247e} - "G:\HiSuiteDownLoader.exe"
HKLM\...\Print\Monitors\Adobe PDF Port Monitor: C:\WINDOWS\system32\AdobePDF.dll [65488 2020-03-05] (Adobe Inc. -> Adobe Systems Inc)
HKLM\Software\Microsoft\Active Setup\Installed Components: [{8A69D345-D564-463c-AFF1-A69D9E530F96}] -> C:\Program Files\Google\Chrome\Application\88.0.4324.104\Installer\chrmstp.exe [2021-01-30] (Google LLC -> Google LLC)
BootExecute: autocheck autochk * icarus_rvrt.exe
HKLM\SOFTWARE\Policies\Mozilla\Firefox: Restriction <==== ATTENTION

==================== Scheduled Tasks (Whitelisted) ============

(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)

Task: {04A9D8DD-C805-46F5-9B76-7EEFD442947E} - System32\Tasks\GoogleUpdateTaskMachineCore => C:\Program Files (x86)\Google\Update\GoogleUpdate.exe [155592 2020-10-15] (Google LLC -> Google LLC)
Task: {1B44D5D6-76F9-402D-95F0-5F4BAEF9B316} - System32\Tasks\Adobe Acrobat Update Task => C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\AdobeARM.exe [1349200 2020-11-03] (Adobe Inc. -> Adobe Inc.)
Task: {20266CA5-1927-466B-8CE9-7DA746BDBF90} - System32\Tasks\LiquidSensord => C:\Program Files (x86)\GIGABYTE\EasyTuneEngineService\LiquidSensord.exe [251616 2020-11-03] (GIGA-BYTE TECHNOLOGY CO., LTD. -> GIGA-BYTE TECHNOLOGY CO., LTD.)
Task: {2CD0BA19-9626-417D-A6F8-09F1DA2326F0} - System32\Tasks\Intel PTT EK Recertification => C:\Program Files\Intel\Intel(R) Management Engine Components\iCLS\IntelPTTEKRecertification.exe [837344 2018-09-14] (Intel(R) Trust Services -> Intel(R) Corporation)
Task: {429A9758-1C9D-4D04-AD8E-1A4DF813D85C} - System32\Tasks\Avast Software\Avast Cleanup Update => C:\Program Files\Common Files\Avast Software\Icarus\avast-tu\icarus.exe [5442656 2020-11-25] (Avast Software s.r.o. -> Avast Software)
Task: {43B3FFBA-0447-4C2B-B2BE-6D70D2E9DC9B} - System32\Tasks\Avast Software\Avast Cleanup Update BugReport => C:\Program Files\Avast Software\Cleanup\AvBugReport.exe [2812624 2021-01-09] (Avast Software s.r.o. -> AVAST Software) -> --send "dumps|report" --silent --product 62 --programpath "C:\Program Files\Avast Software\Cleanup\Setup\.." --configpath "C:\Program Files\Avast Software\Cleanup\Setup" --path "C:\ProgramData\Avast Software\Cleanup\log" --path "C:\ProgramData\Avast Software\Icarus\Logs" --guid b45ffe40-578f-40a3-a30d-182011146df5
Task: {509F768F-4A31-4417-9C20-C1B3B413FBDB} - System32\Tasks\Avast Software\Overseer => C:\Program Files\Common Files\AVAST Software\Overseer\overseer.exe [1741416 2020-09-19] (Avast Software s.r.o. -> Avast Software)
Task: {56138744-24F0-4AD7-8CE9-C75DD61612D2} - System32\Tasks\Avast Software\Avast Driver Updater Update => C:\Program Files\Common Files\Avast Software\Icarus\avast-du\icarus.exe [5491424 2021-01-04] (Avast Software s.r.o. -> Avast Software)
Task: {6AAB2ABA-5067-433C-B358-B15DB919E7F8} - System32\Tasks\Avast Software\Avast Driver Updater BugReport => C:\Program Files\Avast Software\Driver Updater\AvBugReport.exe [4648160 2021-01-24] (Avast Software s.r.o. -> AVAST Software) -> --send "dumps|report" --silent --product 148 --programpath "C:\Program Files\Avast Software\Driver Updater\Setup\.." --configpath "C:\Program Files\Avast Software\Driver Updater\Setup" --path "C:\ProgramData\Avast Software\Driver Updater\log" --path "C:\ProgramData\Avast Software\Icarus\Logs" --guid df2e2187-a078-4784-a3bf-6fb742189837
Task: {81C72E17-01F9-402F-A9DA-9EA65F41D783} - System32\Tasks\EasyTune 1 => C:\Program Files (x86)\GIGABYTE\EasyTune\etocfile.exe [18144 2020-02-14] (GIGA-BYTE TECHNOLOGY CO., LTD. -> GIGA-BYTE TECHNOLOGY CO., LTD.)
Task: {9E1A6831-8B8E-43CB-B6BD-6CB79FE857CD} - System32\Tasks\SIV-VGA => C:\Program Files (x86)\GIGABYTE\SIV\sensord.exe [254176 2020-11-03] (GIGA-BYTE TECHNOLOGY CO., LTD. -> GIGA-BYTE TECHNOLOGY CO., LTD.)
Task: {A58872EC-F761-4894-8ACE-2FB94CC9E7AF} - System32\Tasks\EasyTune => C:\Program Files (x86)\GIGABYTE\EasyTune\etinit.exe [15792 2019-02-21] (GIGA-BYTE TECHNOLOGY CO., LTD. -> GIGA-BYTE TECHNOLOGY CO., LTD.)
Task: {BDB5C631-0FCA-40D5-B19C-578A028286CD} - System32\Tasks\GoogleUpdateTaskMachineUA => C:\Program Files (x86)\Google\Update\GoogleUpdate.exe [155592 2020-10-15] (Google LLC -> Google LLC)
Task: {CFE24438-54B8-43F7-B7B0-C8204E08FDE8} - System32\Tasks\GraphicsCardEngine => C:\Program Files (x86)\GIGABYTE\EasyTuneEngineService\GraphicsCardEngineStarter.exe [233184 2020-10-16] (GIGA-BYTE TECHNOLOGY CO., LTD. -> GIGA-BYTE TECHNOLOGY CO., LTD.)
Task: {EE3D005B-A587-4B34-968B-4FD0F83C2DA2} - System32\Tasks\Avast Emergency Update => C:\Program Files\Avast Software\Avast\AvEmUpdate.exe [4621920 2020-12-18] (Avast Software s.r.o. -> AVAST Software)
Task: {F58F2464-91F8-4FFC-B09F-D3B11F4A2AB4} - System32\Tasks\SIV => C:\Program Files (x86)\GIGABYTE\SIV\thermald.exe [387808 2020-11-03] (GIGA-BYTE TECHNOLOGY CO., LTD. -> GIGA-BYTE TECHNOLOGY CO., LTD.)
Task: {FE80DFE9-FDB9-422E-BCB3-2050641C9150} - System32\Tasks\AdobeGCInvoker-1.0 => C:\Program Files (x86)\Common Files\Adobe\AdobeGCClient\AGCInvokerUtility.exe [3402832 2020-09-23] (Adobe Inc. -> Adobe Systems, Incorporated)

(If an entry is included in the fixlist, the task (.job) file will be moved. The file which is running by the task will not be moved.)


==================== Internet (Whitelisted) ====================

(If an item is included in the fixlist, if it is a registry item it will be removed or restored to default.)

Hosts: There are more than one entry in Hosts. See Hosts section of Addition.txt
Tcpip\Parameters: [DhcpNameServer] 192.168.0.1
Tcpip\..\Interfaces\{d425a2fe-1aa1-4b2a-84a4-5f965c9a6349}: [DhcpNameServer] 192.168.0.1

Edge:
=======
Edge DefaultProfile: Default
Edge Profile: C:\Users\absen\AppData\Local\Microsoft\Edge\User Data\Default [2021-01-30]

FireFox:
========
FF DefaultProfile: ykb1veku.default
FF ProfilePath: C:\Users\absen\AppData\Roaming\Mozilla\Firefox\Profiles\ykb1veku.default [2020-08-02]
FF ProfilePath: C:\Users\absen\AppData\Roaming\Mozilla\Firefox\Profiles\3p7qohr9.default-release [2021-01-30]
FF Homepage: Mozilla\Firefox\Profiles\3p7qohr9.default-release -> seznam.cz
FF Notifications: Mozilla\Firefox\Profiles\3p7qohr9.default-release -> hxxps://web.whatsapp.com
FF Extension: (youtube-flash-html) - C:\Users\absen\AppData\Roaming\Mozilla\Firefox\Profiles\3p7qohr9.default-release\Extensions\jid1-o2qEVrZ4t5FJWu@jetpack.xpi [2020-12-31]
FF Extension: (Stylish - Custom themes for any website) - C:\Users\absen\AppData\Roaming\Mozilla\Firefox\Profiles\3p7qohr9.default-release\Extensions\{46551EC9-40F0-4e47-8E18-8E5CF550CFB8}.xpi [2020-08-02]
FF Extension: (Dark Theme for Facebook™) - C:\Users\absen\AppData\Roaming\Mozilla\Firefox\Profiles\3p7qohr9.default-release\Extensions\{a2ededde-8633-4305-92f0-46676a0784a3}.xpi [2020-08-02]
FF Extension: (HTML5 Video Player) - C:\Users\absen\AppData\Roaming\Mozilla\Firefox\Profiles\3p7qohr9.default-release\Extensions\{b9601b48-2ef5-4384-b831-565b4d08a5b4}.xpi [2020-12-31]
FF HKLM\...\Firefox\Extensions: [web2pdfextension.17@acrobat.adobe.com] - C:\Program Files (x86)\Adobe\Acrobat DC\Acrobat\Browser\WCFirefoxExtn\WebExtn\signed_extn\adobe_acrobat-1.0-windows.xpi
FF Extension: (Adobe Acrobat) - C:\Program Files (x86)\Adobe\Acrobat DC\Acrobat\Browser\WCFirefoxExtn\WebExtn\signed_extn\adobe_acrobat-1.0-windows.xpi [2020-03-05]
FF HKLM-x32\...\Firefox\Extensions: [web2pdfextension.17@acrobat.adobe.com] - C:\Program Files (x86)\Adobe\Acrobat DC\Acrobat\Browser\WCFirefoxExtn\WebExtn\signed_extn\adobe_acrobat-1.0-windows.xpi
FF Plugin: @videolan.org/vlc,version=2.1.0 -> C:\Program Files\VideoLAN\VLC\npvlc.dll [2020-06-04] (VideoLAN -> VideoLAN)
FF Plugin: @videolan.org/vlc,version=3.0.11 -> C:\Program Files\VideoLAN\VLC\npvlc.dll [2020-06-04] (VideoLAN -> VideoLAN)
FF Plugin: adobe.com/AdobeAAMDetect -> C:\Program Files (x86)\Common Files\Adobe\OOBE\PDApp\CCM\Utilities\npAdobeAAMDetect64.dll [2015-01-23] (Adobe Systems Incorporated -> Adobe Systems)
FF Plugin-x32: Adobe Acrobat -> C:\Program Files (x86)\Adobe\Acrobat DC\Acrobat\Air\nppdf32.dll [2020-07-31] (Adobe Inc. -> Adobe Systems Inc.)
FF Plugin-x32: adobe.com/AdobeAAMDetect -> C:\Program Files (x86)\Common Files\Adobe\OOBE\PDApp\CCM\Utilities\npAdobeAAMDetect32.dll [2015-01-23] (Adobe Systems Incorporated -> Adobe Systems)

Chrome:
=======
CHR Profile: C:\Users\absen\AppData\Local\Google\Chrome\User Data\Default [2021-01-09]
CHR Extension: (Prezentace) - C:\Users\absen\AppData\Local\Google\Chrome\User Data\Default\Extensions\aapocclcgogkmnckokdopfmhonfmgoek [2020-10-15]
CHR Extension: (Dokumenty) - C:\Users\absen\AppData\Local\Google\Chrome\User Data\Default\Extensions\aohghmighlieiainnegkcijnfilokake [2020-10-15]
CHR Extension: (Disk Google) - C:\Users\absen\AppData\Local\Google\Chrome\User Data\Default\Extensions\apdfllckaahabafndbhieahigkjlhalf [2020-10-15]
CHR Extension: (YouTube) - C:\Users\absen\AppData\Local\Google\Chrome\User Data\Default\Extensions\blpcfgokakmgnkcojhhkbfbldkacnbeo [2020-10-15]
CHR Extension: (Adobe Acrobat) - C:\Users\absen\AppData\Local\Google\Chrome\User Data\Default\Extensions\efaidnbmnnnibpcajpcglclefindmkaj [2020-10-15]
CHR Extension: (Tabulky) - C:\Users\absen\AppData\Local\Google\Chrome\User Data\Default\Extensions\felcaaldnbdncclmgdcncolpebgiejap [2020-10-15]
CHR Extension: (Dokumenty Google offline) - C:\Users\absen\AppData\Local\Google\Chrome\User Data\Default\Extensions\ghbmnnjooekpmoecnnnilnnbdlolhkhi [2020-10-15]
CHR Extension: (Platby Internetového obchodu Chrome) - C:\Users\absen\AppData\Local\Google\Chrome\User Data\Default\Extensions\nmmhkkegccagdldgiimedpiccmgmieda [2020-10-15]
CHR Extension: (Gmail) - C:\Users\absen\AppData\Local\Google\Chrome\User Data\Default\Extensions\pjkljhegncpnkpknbcohdijeoejaedia [2020-10-15]
CHR Extension: (Chrome Media Router) - C:\Users\absen\AppData\Local\Google\Chrome\User Data\Default\Extensions\pkedcjkdefgpdelpbcmbmeomcjbeemfm [2020-10-15]
CHR HKLM-x32\...\Chrome\Extension: [efaidnbmnnnibpcajpcglclefindmkaj]

==================== Services (Whitelisted) ===================

(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)

S4 AdobeARMservice; C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\armsvc.exe [170056 2020-11-03] (Adobe Inc. -> Adobe Inc.)
S2 AGMService; C:\Program Files (x86)\Common Files\Adobe\AdobeGCClient\AGMService.exe [3739728 2020-09-23] (Adobe Inc. -> Adobe Systems, Incorporated)
S2 AGSService; C:\Program Files (x86)\Common Files\Adobe\AdobeGCClient\AGSService.exe [3511376 2020-09-23] (Adobe Inc. -> Adobe Systems, Incorporated)
S3 AppleChargerSrv; C:\WINDOWS\System32\AppleChargerSrv.exe [31272 2010-04-06] (Giga-Byte Technology -> )
S3 aswbIDSAgent; C:\Program Files\Avast Software\Avast\aswidsagent.exe [8477080 2020-12-18] (Avast Software s.r.o. -> AVAST Software)
R2 avast! Antivirus; C:\Program Files\Avast Software\Avast\AvastSvc.exe [621728 2020-12-18] (Avast Software s.r.o. -> AVAST Software)
R2 avast! Tools; C:\Program Files\Avast Software\Avast\aswToolsSvc.exe [351848 2020-12-18] (Avast Software s.r.o. -> AVAST Software)
R2 AvastWscReporter; C:\Program Files\Avast Software\Avast\wsc_proxy.exe [58048 2020-12-18] (Avast Software s.r.o. -> AVAST Software)
R2 CleanupPSvc; C:\Program Files\Avast Software\Cleanup\TuneupSvc.exe [12968552 2021-01-09] (Avast Software s.r.o. -> AVAST Software)
R2 DriverUpdSvc; C:\Program Files\Avast Software\Driver Updater\DriverUpdSvc.exe [5986528 2021-01-24] (Avast Software s.r.o. -> AVAST Software)
S4 EasyTuneEngineService; C:\Program Files (x86)\GIGABYTE\EasyTuneEngineService\EasyTuneEngineService.exe [144608 2020-11-05] (GIGA-BYTE TECHNOLOGY CO., LTD. -> GIGA-BYTE TECHNOLOGY CO., LTD.)
S3 FvSvc; C:\Program Files\NVIDIA Corporation\FrameViewSDK\nvfvsdksvc_x64.exe [287720 2020-12-31] (NVIDIA Corporation -> NVIDIA)
S4 gadjservice; C:\Program Files (x86)\GIGABYTE\AppCenter\AdjustService.exe [17920 2015-06-25] () [File not signed]
S4 Gservice; C:\Program Files (x86)\GIGABYTE\GService\GCloud.exe [19888 2016-12-02] (GIGA-BYTE TECHNOLOGY CO., LTD. -> Microsoft)
S4 HwmRecordService; C:\Program Files (x86)\GIGABYTE\SIV\HwmRecordService.exe [128736 2020-11-03] (GIGA-BYTE TECHNOLOGY CO., LTD. -> GIGA-BYTE TECHNOLOGY CO., LTD.)
S4 OcButtonService; C:\Program Files (x86)\GIGABYTE\EasyTuneEngineService\OcButtonService.exe [125664 2020-11-03] (GIGA-BYTE TECHNOLOGY CO., LTD. -> GIGA-BYTE TECHNOLOGY CO., LTD.)
R2 RtkAudioUniversalService; C:\WINDOWS\System32\DriverStore\FileRepository\realtekservice.inf_amd64_74518f403e753586\RtkAudUService64.exe [1219312 2020-12-24] (Realtek Semiconductor Corp. -> Realtek Semiconductor)
S3 Sense; C:\Program Files\Windows Defender Advanced Threat Protection\MsSense.exe [5198064 2021-01-13] (Microsoft Windows Publisher -> Microsoft Corporation)
R2 TeamViewer; C:\Program Files (x86)\TeamViewer\TeamViewer_Service.exe [12834584 2021-01-22] (TeamViewer Germany GmbH -> TeamViewer Germany GmbH)
S3 WdNisSvc; C:\Program Files\Windows Defender\NisSrv.exe [3004048 2019-12-07] (Microsoft Windows Publisher -> Microsoft Corporation)
S3 WinDefend; C:\Program Files\Windows Defender\MsMpEng.exe [103384 2019-12-07] (Microsoft Windows Publisher -> Microsoft Corporation)

===================== Drivers (Whitelisted) ===================

(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)

R1 AppleCharger; C:\WINDOWS\System32\DRIVERS\AppleCharger.sys [22240 2013-10-28] (GIGA-BYTE TECHNOLOGY CO., LTD. -> )
R0 aswArDisk; C:\WINDOWS\System32\drivers\aswArDisk.sys [36792 2020-12-18] (Avast Software s.r.o. -> AVAST Software)
R1 aswArPot; C:\WINDOWS\System32\drivers\aswArPot.sys [208672 2020-12-18] (Avast Software s.r.o. -> AVAST Software)
R1 aswbidsdriver; C:\WINDOWS\System32\drivers\aswbidsdriver.sys [332880 2020-12-18] (Avast Software s.r.o. -> AVAST Software)
R0 aswbidsh; C:\WINDOWS\System32\drivers\aswbidsh.sys [247888 2020-12-18] (Avast Software s.r.o. -> AVAST Software)
R0 aswbuniv; C:\WINDOWS\System32\drivers\aswbuniv.sys [97360 2020-12-18] (Avast Software s.r.o. -> AVAST Software)
R0 aswElam; C:\WINDOWS\System32\drivers\aswElam.sys [16832 2020-12-18] (Microsoft Windows Early Launch Anti-malware Publisher -> AVAST Software)
R1 aswKbd; C:\WINDOWS\System32\drivers\aswKbd.sys [42424 2020-12-18] (Avast Software s.r.o. -> AVAST Software)
R1 aswMonFlt; C:\WINDOWS\System32\drivers\aswMonFlt.sys [176384 2020-12-18] (Avast Software s.r.o. -> AVAST Software)
R1 aswNetHub; C:\WINDOWS\System32\drivers\aswNetHub.sys [522480 2020-12-18] (Avast Software s.r.o. -> AVAST Software)
R1 aswRdr; C:\WINDOWS\System32\drivers\aswRdr2.sys [108928 2020-12-18] (Avast Software s.r.o. -> AVAST Software)
R0 aswRvrt; C:\WINDOWS\System32\drivers\aswRvrt.sys [84496 2020-12-18] (Avast Software s.r.o. -> AVAST Software)
R1 aswSnx; C:\WINDOWS\System32\drivers\aswSnx.sys [851256 2020-12-18] (Avast Software s.r.o. -> AVAST Software)
R1 aswSP; C:\WINDOWS\System32\drivers\aswSP.sys [468888 2021-01-09] (Avast Software s.r.o. -> AVAST Software)
S2 aswStm; C:\WINDOWS\System32\drivers\aswStm.sys [214808 2021-01-09] (Avast Software s.r.o. -> AVAST Software)
R0 aswVmm; C:\WINDOWS\System32\drivers\aswVmm.sys [324904 2021-01-09] (Avast Software s.r.o. -> AVAST Software)
S3 BthA2dp; C:\WINDOWS\System32\drivers\BthA2dp.sys [279040 2019-12-07] (Microsoft Corporation) [File not signed]
R1 EneTechIo; C:\WINDOWS\system32\drivers\ene.sys [20992 2020-05-12] (Microsoft Windows Hardware Compatibility Publisher -> )
R3 gdrv2; C:\WINDOWS\gdrv2.sys [32600 2021-01-24] (GIGA-BYTE Technology Co., Ltd. -> GIGA-BYTE TECHNOLOGY CO., LTD.)
R3 int0800; C:\WINDOWS\System32\drivers\flashud.sys [62984 2019-08-28] (Intel Corporation -> Intel Corporation)
S1 UsbCharger; C:\WINDOWS\System32\DRIVERS\UsbCharger.sys [22240 2013-10-24] (GIGA-BYTE TECHNOLOGY CO., LTD. -> )
S3 WdBoot; C:\WINDOWS\system32\drivers\WdBoot.sys [46688 2019-12-07] (Microsoft Windows Early Launch Anti-malware Publisher -> Microsoft Corporation)
S3 WdFilter; C:\WINDOWS\system32\drivers\WdFilter.sys [350136 2019-12-07] (Microsoft Windows -> Microsoft Corporation)
S3 WdNisDrv; C:\WINDOWS\System32\Drivers\WdNisDrv.sys [54200 2019-12-07] (Microsoft Windows -> Microsoft Corporation)
S3 SWDUMon; \SystemRoot\system32\DRIVERS\SWDUMon.sys [X]

==================== NetSvcs (Whitelisted) ===================

(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)


==================== One month (created) (Whitelisted) =========

(If an entry is included in the fixlist, the file/folder will be moved.)

2021-01-30 18:34 - 2021-01-30 18:36 - 000000000 ____D C:\AdwCleaner
2021-01-30 15:39 - 2021-01-30 19:07 - 000000000 ____D C:\FRST
2021-01-30 14:00 - 2021-01-30 14:33 - 000000000 ____D C:\Program Files (x86)\TeamViewer
2021-01-30 14:00 - 2021-01-30 14:22 - 000000000 ____D C:\Users\absen\AppData\Local\TeamViewer
2021-01-30 14:00 - 2021-01-30 14:15 - 000000000 ____D C:\Users\absen\AppData\Roaming\TeamViewer
2021-01-30 14:00 - 2021-01-30 14:00 - 029349096 _____ (TeamViewer Germany GmbH) C:\Users\absen\Downloads\TeamViewer_Setup.exe
2021-01-30 14:00 - 2021-01-30 14:00 - 000001112 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Programs\TeamViewer.lnk
2021-01-30 14:00 - 2021-01-30 14:00 - 000001100 _____ C:\Users\Public\Desktop\TeamViewer.lnk
2021-01-30 14:00 - 2021-01-30 14:00 - 000001100 _____ C:\ProgramData\Desktop\TeamViewer.lnk
2021-01-27 11:19 - 2021-01-27 11:19 - 000460896 _____ C:\WINDOWS\system32\FNTCACHE.DAT
2021-01-25 00:08 - 2021-01-25 00:08 - 000000000 ____D C:\Users\absen\OneDrive\Dokumenty\temp
2021-01-25 00:07 - 2021-01-25 00:07 - 000003794 _____ C:\WINDOWS\system32\Tasks\Intel PTT EK Recertification
2021-01-25 00:04 - 2021-01-25 00:04 - 000002206 _____ C:\Users\Public\Desktop\RGBFusion 2.0.lnk
2021-01-25 00:04 - 2021-01-25 00:04 - 000002206 _____ C:\ProgramData\Desktop\RGBFusion 2.0.lnk
2021-01-25 00:04 - 2021-01-25 00:04 - 000000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\AORUS
2021-01-25 00:04 - 2021-01-25 00:04 - 000000000 ____D C:\Program Files\Patriot
2021-01-25 00:04 - 2021-01-25 00:04 - 000000000 ____D C:\Program Files\ENE
2021-01-25 00:04 - 2021-01-25 00:04 - 000000000 ____D C:\Program Files (x86)\ENE
2021-01-25 00:04 - 2020-05-12 01:28 - 000020992 _____ C:\WINDOWS\system32\Drivers\ene.sys
2021-01-25 00:01 - 2021-01-26 12:16 - 000002660 _____ C:\WINDOWS\system32\Tasks\GraphicsCardEngine
2021-01-25 00:01 - 2021-01-26 10:51 - 000002676 _____ C:\WINDOWS\system32\Tasks\EasyTune 1
2021-01-25 00:01 - 2021-01-26 10:51 - 000002576 _____ C:\WINDOWS\system32\Tasks\EasyTune
2021-01-25 00:01 - 2021-01-26 10:51 - 000002566 _____ C:\WINDOWS\system32\Tasks\SIV-VGA
2021-01-25 00:01 - 2021-01-26 10:51 - 000002560 _____ C:\WINDOWS\system32\Tasks\SIV
2021-01-25 00:01 - 2021-01-25 00:02 - 000000000 ____D C:\Program Files\GIGABYTE
2021-01-25 00:01 - 2013-10-28 10:02 - 000022240 _____ C:\WINDOWS\system32\Drivers\AppleCharger.sys
2021-01-25 00:01 - 2013-10-24 17:29 - 000022240 _____ C:\WINDOWS\system32\Drivers\UsbCharger.sys
2021-01-25 00:01 - 2010-04-06 16:30 - 000031272 _____ C:\WINDOWS\system32\AppleChargerSrv.exe
2021-01-25 00:00 - 2021-01-25 00:00 - 000000000 ___RD C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Intel
2021-01-25 00:00 - 2021-01-25 00:00 - 000000000 ____D C:\Users\absen\AppData\Roaming\Intel Corporation
2021-01-25 00:00 - 2021-01-25 00:00 - 000000000 ____D C:\Program Files\Common Files\Intel Corporation
2021-01-25 00:00 - 2021-01-25 00:00 - 000000000 ____D C:\Program Files\Common Files\Intel
2021-01-24 23:59 - 2021-01-25 00:00 - 000000000 ____D C:\Program Files (x86)\Intel
2021-01-24 23:59 - 2021-01-24 23:59 - 000000000 ___HD C:\Program Files (x86)\Temp
2021-01-24 23:59 - 2021-01-24 23:59 - 000000000 ____D C:\Users\absen\Intel
2021-01-24 23:59 - 2021-01-24 23:59 - 000000000 ____D C:\ProgramData\Intel
2021-01-24 23:59 - 2021-01-24 23:59 - 000000000 ____D C:\Program Files (x86)\Realtek
2021-01-24 23:59 - 2020-01-15 14:02 - 038215254 _____ C:\WINDOWS\system32\Drivers\RTAIODAT.DAT
2021-01-24 23:59 - 2019-12-19 08:07 - 002877104 ____R (Realtek Semiconductor Corp.) C:\WINDOWS\RtlExUpd.dll
2021-01-24 23:58 - 2021-01-25 00:00 - 000000000 ____D C:\Program Files\Intel
2021-01-24 23:57 - 2021-01-25 00:02 - 000000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\GIGABYTE
2021-01-24 23:56 - 2021-01-24 23:56 - 000032600 ____N (GIGA-BYTE TECHNOLOGY CO., LTD.) C:\WINDOWS\gdrv2.sys
2021-01-24 23:54 - 2021-01-26 12:16 - 000002624 _____ C:\WINDOWS\system32\Tasks\LiquidSensord
2021-01-24 23:54 - 2021-01-25 00:04 - 000000000 ___HD C:\Program Files (x86)\InstallShield Installation Information
2021-01-24 23:54 - 2021-01-25 00:04 - 000000000 ____D C:\Users\absen\AppData\Local\Downloaded Installations
2021-01-24 23:54 - 2021-01-25 00:04 - 000000000 ____D C:\ProgramData\Package Cache
2021-01-24 23:54 - 2021-01-25 00:04 - 000000000 ____D C:\Program Files (x86)\GIGABYTE
2021-01-24 23:54 - 2021-01-24 23:54 - 000000000 ____D C:\Users\absen\Downloads\mb_utility_app_center_B20.0506.1
2021-01-24 23:54 - 2015-06-02 10:50 - 000005120 _____ (Windows (R) Win 7 DDK provider) C:\WINDOWS\system32\acpimof_ocpanel.dll
2021-01-24 23:53 - 2021-01-24 23:53 - 054106693 _____ C:\Users\absen\Downloads\mb_utility_app_center_B20.0506.1.zip
2021-01-24 23:40 - 2021-01-24 23:40 - 002738087 _____ C:\Users\absen\Downloads\mb_driver_chipset_intel_10.1.18243.8188.zip
2021-01-24 23:39 - 2021-01-24 23:39 - 034998662 _____ C:\Users\absen\Downloads\mb_driver_audio_realtek_8703.zip
2021-01-24 23:39 - 2021-01-24 23:39 - 005655597 _____ C:\Users\absen\Downloads\mb_bios_ga-b250m-ds3h_f9.zip
2021-01-24 23:30 - 2021-01-24 23:30 - 000000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\FinalWire
2021-01-24 23:30 - 2021-01-24 23:30 - 000000000 ____D C:\Program Files (x86)\FinalWire
2021-01-24 23:14 - 2020-12-31 15:03 - 000069608 _____ C:\WINDOWS\system32\FvSDK_x64.dll
2021-01-24 23:14 - 2020-12-31 15:03 - 000058344 _____ C:\WINDOWS\SysWOW64\FvSDK_x86.dll
2021-01-24 23:08 - 2021-01-24 23:08 - 000002283 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Avast Driver Updater.lnk
2021-01-24 23:08 - 2021-01-24 23:08 - 000002271 _____ C:\Users\Public\Desktop\Avast Driver Updater.lnk
2021-01-24 23:08 - 2021-01-24 23:08 - 000002271 _____ C:\ProgramData\Desktop\Avast Driver Updater.lnk
2021-01-24 23:05 - 2021-01-24 23:05 - 001093336 _____ (Avast Software) C:\Users\absen\Downloads\avast_driver_updater_online_setup.exe
2021-01-20 21:26 - 2021-01-20 21:26 - 000057648 _____ C:\Users\absen\Downloads\A200115_VEN_028_DANE_2019_MALY_1.XLSX
2021-01-20 12:07 - 2021-01-20 12:08 - 000294291 _____ C:\Users\absen\Downloads\IF_5405_26.pdf
2021-01-20 12:02 - 2021-01-20 12:02 - 000057379 _____ C:\Users\absen\Downloads\A210113_VEN_004_DANE_2020_MALY1.XLSX
2021-01-13 01:40 - 2021-01-13 01:40 - 000729600 _____ (Microsoft Corporation) C:\WINDOWS\system32\hhctrl.ocx
2021-01-13 01:40 - 2021-01-13 01:40 - 000595968 _____ (Microsoft Corporation) C:\WINDOWS\system32\appwiz.cpl
2021-01-13 01:40 - 2021-01-13 01:40 - 000581120 _____ (Microsoft Corporation) C:\WINDOWS\system32\PhotoScreensaver.scr
2021-01-13 01:40 - 2021-01-13 01:40 - 000575488 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\hhctrl.ocx
2021-01-13 01:40 - 2021-01-13 01:40 - 000499200 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\PhotoScreensaver.scr
2021-01-13 01:40 - 2021-01-13 01:40 - 000469504 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\appwiz.cpl
2021-01-13 01:40 - 2021-01-13 01:40 - 000467968 _____ C:\WINDOWS\system32\AssignedAccessCsp.dll
2021-01-13 01:40 - 2021-01-13 01:40 - 000304128 _____ (Microsoft Corporation) C:\WINDOWS\system32\ksproxy.ax
2021-01-13 01:40 - 2021-01-13 01:40 - 000234496 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\ksproxy.ax
2021-01-13 01:40 - 2021-01-13 01:40 - 000170496 _____ (Microsoft Corporation) C:\WINDOWS\system32\VBICodec.ax
2021-01-13 01:40 - 2021-01-13 01:40 - 000157184 _____ C:\WINDOWS\system32\uwfcsp.dll
2021-01-13 01:40 - 2021-01-13 01:40 - 000138056 _____ C:\WINDOWS\system32\HvsiManagementApi.dll
2021-01-13 01:40 - 2021-01-13 01:40 - 000135168 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\VBICodec.ax
2021-01-13 01:40 - 2021-01-13 01:40 - 000101704 _____ C:\WINDOWS\SysWOW64\HvsiManagementApi.dll
2021-01-13 01:40 - 2021-01-13 01:40 - 000095744 _____ C:\WINDOWS\system32\VirtualMonitorManager.dll
2021-01-13 01:40 - 2021-01-13 01:40 - 000087552 _____ (Microsoft Corporation) C:\WINDOWS\system32\tdc.ocx
2021-01-13 01:40 - 2021-01-13 01:40 - 000084992 _____ (Microsoft Corporation) C:\WINDOWS\system32\wscui.cpl
2021-01-13 01:40 - 2021-01-13 01:40 - 000072704 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\tdc.ocx
2021-01-13 01:40 - 2021-01-13 01:40 - 000067584 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\wscui.cpl
2021-01-13 01:40 - 2021-01-13 01:40 - 000067072 _____ C:\WINDOWS\system32\BWContextHandler.dll
2021-01-13 01:40 - 2021-01-13 01:40 - 000053760 _____ C:\WINDOWS\SysWOW64\BWContextHandler.dll
2021-01-13 01:39 - 2021-01-13 01:39 - 002260992 _____ C:\WINDOWS\system32\TextInputMethodFormatter.dll
2021-01-13 01:39 - 2021-01-13 01:39 - 002254336 _____ C:\WINDOWS\system32\dwmscene.dll
2021-01-13 01:39 - 2021-01-13 01:39 - 001333760 _____ C:\WINDOWS\SysWOW64\TextInputMethodFormatter.dll
2021-01-13 01:39 - 2021-01-13 01:39 - 001162240 _____ C:\WINDOWS\system32\MBR2GPT.EXE
2021-01-13 01:39 - 2021-01-13 01:39 - 000643072 _____ C:\WINDOWS\system32\WindowManagementAPI.dll
2021-01-13 01:39 - 2021-01-13 01:39 - 000544768 _____ (Microsoft Corporation) C:\WINDOWS\system32\mmsys.cpl
2021-01-13 01:39 - 2021-01-13 01:39 - 000455680 _____ C:\WINDOWS\SysWOW64\WindowManagementAPI.dll
2021-01-13 01:39 - 2021-01-13 01:39 - 000446976 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\mmsys.cpl
2021-01-13 01:39 - 2021-01-13 01:39 - 000422912 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\winspool.drv
2021-01-13 01:39 - 2021-01-13 01:39 - 000330752 _____ C:\WINDOWS\SysWOW64\ssdm.dll
2021-01-13 01:39 - 2021-01-13 01:39 - 000306688 _____ C:\WINDOWS\system32\HeatCore.dll
2021-01-13 01:39 - 2021-01-13 01:39 - 000238592 _____ (Microsoft Corporation) C:\WINDOWS\system32\intl.cpl
2021-01-13 01:39 - 2021-01-13 01:39 - 000235520 _____ C:\WINDOWS\SysWOW64\HeatCore.dll
2021-01-13 01:39 - 2021-01-13 01:39 - 000190976 _____ C:\WINDOWS\system32\BthpanContextHandler.dll
2021-01-13 01:39 - 2021-01-13 01:39 - 000182272 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\timedate.cpl
2021-01-13 01:39 - 2021-01-13 01:39 - 000178688 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\intl.cpl
2021-01-13 01:39 - 2021-01-13 01:39 - 000152064 _____ C:\WINDOWS\system32\EoAExperiences.exe
2021-01-13 01:39 - 2021-01-13 01:39 - 000010894 _____ C:\WINDOWS\system32\DrtmAuthTxt.wim
2021-01-13 01:38 - 2021-01-13 01:38 - 000562688 _____ (Microsoft Corporation) C:\WINDOWS\system32\winspool.drv
2021-01-13 01:38 - 2021-01-13 01:38 - 000455168 _____ C:\WINDOWS\system32\ssdm.dll
2021-01-13 01:38 - 2021-01-13 01:38 - 000243200 _____ (Microsoft Corporation) C:\WINDOWS\system32\timedate.cpl
2021-01-13 01:38 - 2021-01-13 01:38 - 000165888 _____ C:\WINDOWS\system32\DataStoreCacheDumpTool.exe
2021-01-13 01:38 - 2021-01-13 01:38 - 000074240 _____ C:\WINDOWS\system32\rdsxvmaudio.dll
2021-01-09 15:31 - 2021-01-30 13:50 - 000000000 ____D C:\Program Files\Mozilla Firefox
2021-01-09 15:31 - 2021-01-09 15:31 - 000002197 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Avast Cleanup Premium.lnk
2021-01-09 15:31 - 2021-01-09 15:31 - 000002185 _____ C:\Users\Public\Desktop\Avast Cleanup Premium.lnk
2021-01-09 15:31 - 2021-01-09 15:31 - 000002185 _____ C:\ProgramData\Desktop\Avast Cleanup Premium.lnk
2021-01-09 15:30 - 2021-01-09 15:30 - 001093304 _____ (Avast Software) C:\Users\absen\Downloads\avast_cleanup_online_setup.exe
2021-01-09 15:30 - 2021-01-04 14:52 - 000081632 _____ (Avast Software) C:\WINDOWS\system32\icarus_rvrt.exe
2021-01-04 15:28 - 2021-01-04 15:28 - 001855192 _____ C:\WINDOWS\system32\vulkaninfo-1-999-0-0-0.exe
2021-01-04 15:28 - 2021-01-04 15:28 - 001855192 _____ C:\WINDOWS\system32\vulkaninfo.exe
2021-01-04 15:28 - 2021-01-04 15:28 - 001454488 _____ (Khronos Group) C:\WINDOWS\system32\OpenCL.dll
2021-01-04 15:28 - 2021-01-04 15:28 - 001435864 _____ C:\WINDOWS\SysWOW64\vulkaninfo-1-999-0-0-0.exe
2021-01-04 15:28 - 2021-01-04 15:28 - 001435864 _____ C:\WINDOWS\SysWOW64\vulkaninfo.exe
2021-01-04 15:28 - 2021-01-04 15:28 - 001193880 _____ (Khronos Group) C:\WINDOWS\SysWOW64\OpenCL.dll
2021-01-04 15:28 - 2021-01-04 15:28 - 001094880 _____ C:\WINDOWS\system32\vulkan-1-999-0-0-0.dll
2021-01-04 15:28 - 2021-01-04 15:28 - 001094880 _____ C:\WINDOWS\system32\vulkan-1.dll
2021-01-04 15:28 - 2021-01-04 15:28 - 000948952 _____ C:\WINDOWS\SysWOW64\vulkan-1-999-0-0-0.dll
2021-01-04 15:28 - 2021-01-04 15:28 - 000948952 _____ C:\WINDOWS\SysWOW64\vulkan-1.dll
2021-01-04 15:26 - 2021-01-04 15:26 - 002104216 _____ (NVIDIA Corporation) C:\WINDOWS\system32\NvFBC64.dll
2021-01-04 15:26 - 2021-01-04 15:26 - 001589144 _____ (NVIDIA Corporation) C:\WINDOWS\SysWOW64\NvFBC.dll
2021-01-04 15:26 - 2021-01-04 15:26 - 001512856 _____ (NVIDIA Corporation) C:\WINDOWS\system32\NvIFR64.dll
2021-01-04 15:26 - 2021-01-04 15:26 - 001165720 _____ (NVIDIA Corporation) C:\WINDOWS\SysWOW64\NvIFR.dll
2021-01-04 15:26 - 2021-01-04 15:26 - 000813976 _____ (NVIDIA Corporation) C:\WINDOWS\system32\nvEncodeAPI64.dll
2021-01-04 15:26 - 2021-01-04 15:26 - 000680856 _____ C:\WINDOWS\system32\nvofapi64.dll
2021-01-04 15:26 - 2021-01-04 15:26 - 000673688 _____ (NVIDIA Corporation) C:\WINDOWS\system32\NvIFROpenGL.dll
2021-01-04 15:26 - 2021-01-04 15:26 - 000657816 _____ (NVIDIA Corporation) C:\WINDOWS\SysWOW64\nvEncodeAPI.dll
2021-01-04 15:26 - 2021-01-04 15:26 - 000559000 _____ (NVIDIA Corporation) C:\WINDOWS\SysWOW64\NvIFROpenGL.dll
2021-01-04 15:26 - 2021-01-04 15:26 - 000548248 _____ C:\WINDOWS\SysWOW64\nvofapi.dll
2021-01-04 15:25 - 2021-01-04 15:25 - 008262552 _____ (NVIDIA Corporation) C:\WINDOWS\system32\nvcuvid.dll
2021-01-04 15:25 - 2021-01-04 15:25 - 007393176 _____ (NVIDIA Corporation) C:\WINDOWS\SysWOW64\nvcuvid.dll
2021-01-04 15:25 - 2021-01-04 15:25 - 004612504 _____ (NVIDIA Corporation) C:\WINDOWS\SysWOW64\nvcuda.dll
2021-01-04 15:25 - 2021-01-04 15:25 - 002731928 _____ (NVIDIA Corporation) C:\WINDOWS\system32\nvcuda.dll
2021-01-04 15:25 - 2021-01-04 15:25 - 001733016 _____ (NVIDIA Corporation) C:\WINDOWS\system32\nvdispco6446109.dll
2021-01-04 15:25 - 2021-01-04 15:25 - 001492376 _____ (NVIDIA Corporation) C:\WINDOWS\system32\nvdispgenco6446109.dll
2021-01-04 15:23 - 2021-01-04 15:23 - 006071032 _____ (NVIDIA Corporation) C:\WINDOWS\SysWOW64\nvapi.dll

==================== One month (modified) ==================

(If an entry is included in the fixlist, the file/folder will be moved.)

2021-01-30 19:07 - 2019-12-07 10:14 - 000000000 ____D C:\ProgramData\regid.1991-06.com.microsoft
2021-01-30 19:06 - 2020-08-02 14:04 - 000000000 ____D C:\Users\absen\AppData\LocalLow\Mozilla
2021-01-30 18:55 - 2020-09-16 17:23 - 000000000 ____D C:\WINDOWS\system32\SleepStudy
2021-01-30 18:51 - 2020-08-02 14:04 - 000000000 ____D C:\ProgramData\Mozilla
2021-01-30 18:36 - 2020-08-02 13:53 - 000000000 ____D C:\ProgramData\NVIDIA
2021-01-30 15:31 - 2020-10-15 10:25 - 000000000 ____D C:\Program Files (x86)\Google
2021-01-30 13:49 - 2020-08-02 14:04 - 000001005 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Firefox.lnk
2021-01-30 09:59 - 2020-08-02 14:49 - 000000000 ____D C:\ProgramData\Avast Software
2021-01-30 09:55 - 2020-08-02 13:48 - 000000000 ____D C:\Users\absen\AppData\Local\Packages
2021-01-30 09:55 - 2019-12-07 10:14 - 000000000 ___HD C:\Program Files\WindowsApps
2021-01-30 09:55 - 2019-12-07 10:14 - 000000000 ____D C:\WINDOWS\AppReadiness
2021-01-30 09:53 - 2020-10-15 10:25 - 000002247 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Google Chrome.lnk
2021-01-30 09:53 - 2020-10-15 10:25 - 000002206 _____ C:\Users\Public\Desktop\Google Chrome.lnk
2021-01-30 09:53 - 2020-10-15 10:25 - 000002206 _____ C:\ProgramData\Desktop\Google Chrome.lnk
2021-01-30 09:53 - 2020-09-16 17:30 - 001609024 _____ C:\WINDOWS\system32\PerfStringBackup.INI
2021-01-30 09:53 - 2019-12-07 15:43 - 000683272 _____ C:\WINDOWS\system32\perfh005.dat
2021-01-30 09:53 - 2019-12-07 15:43 - 000137586 _____ C:\WINDOWS\system32\perfc005.dat
2021-01-30 09:53 - 2019-12-07 10:13 - 000000000 ____D C:\WINDOWS\INF
2021-01-30 09:51 - 2020-08-15 21:38 - 000002436 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Microsoft Edge.lnk
2021-01-30 09:51 - 2020-08-15 21:38 - 000002274 _____ C:\Users\Public\Desktop\Microsoft Edge.lnk
2021-01-30 09:51 - 2020-08-15 21:38 - 000002274 _____ C:\ProgramData\Desktop\Microsoft Edge.lnk
2021-01-30 09:49 - 2020-09-16 17:26 - 000000006 ____H C:\WINDOWS\Tasks\SA.DAT
2021-01-30 09:49 - 2020-09-16 17:23 - 000008192 ___SH C:\DumpStack.log.tmp
2021-01-27 11:40 - 2019-12-07 10:03 - 000524288 _____ C:\WINDOWS\system32\config\BBI
2021-01-26 10:51 - 2020-09-16 17:26 - 000003572 _____ C:\WINDOWS\system32\Tasks\MicrosoftEdgeUpdateTaskMachineUA
2021-01-26 10:51 - 2020-09-16 17:26 - 000003348 _____ C:\WINDOWS\system32\Tasks\MicrosoftEdgeUpdateTaskMachineCore
2021-01-26 10:51 - 2020-08-02 17:05 - 000000000 ____D C:\Users\absen\AppData\Local\CrashDumps
2021-01-24 23:59 - 2020-09-16 17:16 - 000000000 ____D C:\Users\absen
2021-01-24 23:14 - 2020-08-02 13:53 - 000000000 ____D C:\Program Files\NVIDIA Corporation
2021-01-24 23:14 - 2020-08-02 13:53 - 000000000 ____D C:\Program Files (x86)\NVIDIA Corporation
2021-01-24 23:08 - 2020-09-16 17:26 - 000000000 ____D C:\WINDOWS\system32\Tasks\Avast Software
2021-01-24 23:08 - 2020-08-02 16:11 - 000000000 ____D C:\Program Files\Avast Software
2021-01-24 23:08 - 2020-08-02 14:51 - 000000000 ____D C:\Users\absen\AppData\Roaming\Avast Software
2021-01-24 13:22 - 2020-08-02 17:43 - 000000000 ____D C:\Users\absen\AppData\Local\Adobe
2021-01-17 10:24 - 2019-12-07 10:14 - 000000000 ____D C:\WINDOWS\SysWOW64\Macromed
2021-01-17 10:24 - 2019-12-07 10:14 - 000000000 ____D C:\WINDOWS\system32\Macromed
2021-01-17 06:11 - 2020-10-15 10:25 - 000003400 _____ C:\WINDOWS\system32\Tasks\GoogleUpdateTaskMachineUA
2021-01-17 06:11 - 2020-10-15 10:25 - 000003176 _____ C:\WINDOWS\system32\Tasks\GoogleUpdateTaskMachineCore
2021-01-17 06:11 - 2020-09-16 17:26 - 000002858 _____ C:\WINDOWS\system32\Tasks\OneDrive Standalone Update Task-S-1-5-21-1975070713-3845745136-328932001-1001
2021-01-13 02:06 - 2019-12-07 15:47 - 000000000 ____D C:\Program Files\Windows Photo Viewer
2021-01-13 02:06 - 2019-12-07 15:47 - 000000000 ____D C:\Program Files\Windows Defender Advanced Threat Protection
2021-01-13 02:06 - 2019-12-07 15:47 - 000000000 ____D C:\Program Files (x86)\Windows Photo Viewer
2021-01-13 02:06 - 2019-12-07 10:14 - 000000000 ___SD C:\WINDOWS\SysWOW64\F12
2021-01-13 02:06 - 2019-12-07 10:14 - 000000000 ___SD C:\WINDOWS\SysWOW64\DiagSvcs
2021-01-13 02:06 - 2019-12-07 10:14 - 000000000 ___SD C:\WINDOWS\system32\UNP
2021-01-13 02:06 - 2019-12-07 10:14 - 000000000 ___SD C:\WINDOWS\system32\F12
2021-01-13 02:06 - 2019-12-07 10:14 - 000000000 ___SD C:\WINDOWS\system32\DiagSvcs
2021-01-13 02:06 - 2019-12-07 10:14 - 000000000 ___RD C:\WINDOWS\PrintDialog
2021-01-13 02:06 - 2019-12-07 10:14 - 000000000 ___RD C:\WINDOWS\ImmersiveControlPanel
2021-01-13 02:06 - 2019-12-07 10:14 - 000000000 ____D C:\WINDOWS\SysWOW64\setup
2021-01-13 02:06 - 2019-12-07 10:14 - 000000000 ____D C:\WINDOWS\SysWOW64\PerceptionSimulation
2021-01-13 02:06 - 2019-12-07 10:14 - 000000000 ____D C:\WINDOWS\SysWOW64\oobe
2021-01-13 02:06 - 2019-12-07 10:14 - 000000000 ____D C:\WINDOWS\SysWOW64\Dism
2021-01-13 02:06 - 2019-12-07 10:14 - 000000000 ____D C:\WINDOWS\SysWOW64\Com
2021-01-13 02:06 - 2019-12-07 10:14 - 000000000 ____D C:\WINDOWS\SysWOW64\AdvancedInstallers
2021-01-13 02:06 - 2019-12-07 10:14 - 000000000 ____D C:\WINDOWS\SystemResources
2021-01-13 02:06 - 2019-12-07 10:14 - 000000000 ____D C:\WINDOWS\system32\WinBioPlugIns
2021-01-13 02:06 - 2019-12-07 10:14 - 000000000 ____D C:\WINDOWS\system32\SystemResetPlatform
2021-01-13 02:06 - 2019-12-07 10:14 - 000000000 ____D C:\WINDOWS\system32\Sysprep
2021-01-13 02:06 - 2019-12-07 10:14 - 000000000 ____D C:\WINDOWS\system32\setup
2021-01-13 02:06 - 2019-12-07 10:14 - 000000000 ____D C:\WINDOWS\system32\PerceptionSimulation
2021-01-13 02:06 - 2019-12-07 10:14 - 000000000 ____D C:\WINDOWS\system32\oobe
2021-01-13 02:06 - 2019-12-07 10:14 - 000000000 ____D C:\WINDOWS\system32\Dism
2021-01-13 02:06 - 2019-12-07 10:14 - 000000000 ____D C:\WINDOWS\system32\Com
2021-01-13 02:06 - 2019-12-07 10:14 - 000000000 ____D C:\WINDOWS\system32\AdvancedInstallers
2021-01-13 02:06 - 2019-12-07 10:14 - 000000000 ____D C:\WINDOWS\ShellExperiences
2021-01-13 02:06 - 2019-12-07 10:14 - 000000000 ____D C:\WINDOWS\ShellComponents
2021-01-13 02:06 - 2019-12-07 10:14 - 000000000 ____D C:\WINDOWS\Provisioning
2021-01-13 02:06 - 2019-12-07 10:14 - 000000000 ____D C:\WINDOWS\PolicyDefinitions
2021-01-13 02:06 - 2019-12-07 10:14 - 000000000 ____D C:\WINDOWS\IME
2021-01-13 02:06 - 2019-12-07 10:14 - 000000000 ____D C:\WINDOWS\bcastdvr
2021-01-13 02:06 - 2019-12-07 10:14 - 000000000 ____D C:\Program Files\Windows Defender
2021-01-13 01:42 - 2019-12-07 10:03 - 000000000 ____D C:\WINDOWS\CbsTemp
2021-01-13 01:38 - 2020-09-16 17:26 - 002877952 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\PrintConfig.dll
2021-01-13 01:33 - 2020-08-02 15:50 - 000000000 ____D C:\WINDOWS\system32\MRT
2021-01-13 01:32 - 2020-08-02 15:50 - 135062968 ____C (Microsoft Corporation) C:\WINDOWS\system32\MRT.exe
2021-01-11 08:42 - 2020-08-02 14:04 - 000000000 ____D C:\Program Files (x86)\Mozilla Maintenance Service
2021-01-09 23:22 - 2020-09-16 17:26 - 000003542 _____ C:\WINDOWS\system32\Tasks\Adobe Acrobat Update Task
2021-01-09 15:32 - 2020-09-16 17:26 - 000002672 _____ C:\WINDOWS\system32\Tasks\AdobeGCInvoker-1.0
2021-01-09 15:32 - 2020-09-15 22:23 - 000000000 ___DC C:\WINDOWS\Panther
2021-01-09 15:32 - 2020-08-02 14:40 - 000000000 ____D C:\Users\absen\AppData\Roaming\uTorrent
2021-01-09 15:30 - 2020-08-02 15:35 - 000000000 ____D C:\Program Files\Common Files\AVAST Software
2021-01-09 15:25 - 2020-09-16 17:26 - 000004264 _____ C:\WINDOWS\system32\Tasks\Avast Emergency Update
2021-01-09 15:22 - 2020-12-18 20:44 - 000214808 _____ (AVAST Software) C:\WINDOWS\system32\Drivers\aswStm.sys
2021-01-09 15:22 - 2020-09-16 17:16 - 000002361 _____ C:\Users\absen\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\OneDrive.lnk
2021-01-09 15:22 - 2020-08-02 16:11 - 000468888 _____ (AVAST Software) C:\WINDOWS\system32\Drivers\aswSP.sys
2021-01-09 15:22 - 2020-08-02 16:11 - 000324904 _____ (AVAST Software) C:\WINDOWS\system32\Drivers\aswVmm.sys
2021-01-09 15:22 - 2020-08-02 13:50 - 000000000 ___RD C:\Users\absen\OneDrive
2021-01-08 03:21 - 2019-11-20 04:00 - 001147352 _____ (Realtek ) C:\WINDOWS\system32\Drivers\rt640x64.sys
2021-01-05 00:16 - 2020-08-02 15:21 - 000000000 ____D C:\Users\absen\AppData\Roaming\vlc
2021-01-04 15:23 - 2019-10-04 15:51 - 007115280 _____ (NVIDIA Corporation) C:\WINDOWS\system32\nvapi64.dll
2020-12-31 15:03 - 2019-10-04 15:32 - 000060966 _____ C:\WINDOWS\system32\nvinfo.pb
2020-12-31 14:19 - 2019-12-07 10:18 - 000842296 _____ (Adobe) C:\WINDOWS\SysWOW64\FlashPlayerApp.exe
2020-12-31 14:19 - 2019-12-07 10:18 - 000175160 _____ (Adobe) C:\WINDOWS\SysWOW64\FlashPlayerCPLApp.cpl
2020-12-31 10:48 - 2020-08-02 13:53 - 005623272 _____ (NVIDIA Corporation) C:\WINDOWS\system32\nvcpl.dll
2020-12-31 10:48 - 2020-08-02 13:53 - 002637800 _____ (NVIDIA Corporation) C:\WINDOWS\system32\nvsvc64.dll
2020-12-31 10:48 - 2020-08-02 13:53 - 001760232 _____ (NVIDIA Corporation) C:\WINDOWS\system32\nvsvcr.dll
2020-12-31 10:48 - 2020-08-02 13:53 - 000992232 _____ (NVIDIA Corporation) C:\WINDOWS\system32\nv3dappshext.dll
2020-12-31 10:48 - 2020-08-02 13:53 - 000122344 _____ (NVIDIA Corporation) C:\WINDOWS\system32\nvshext.dll
2020-12-31 10:48 - 2020-08-02 13:53 - 000084456 _____ (NVIDIA Corporation) C:\WINDOWS\system32\nv3dappshextr.dll

==================== Files in the root of some directories ========

2020-08-16 14:29 - 2015-03-17 10:08 - 000025589 _____ () C:\Program Files (x86)\Berime.htm
2020-08-16 14:29 - 2015-03-17 10:08 - 000026079 _____ () C:\Program Files (x86)\Leame.htm
2020-08-16 14:29 - 2015-03-17 10:08 - 000025973 _____ () C:\Program Files (x86)\LeesMij.htm
2020-08-16 14:29 - 2015-03-17 10:08 - 000026230 _____ () C:\Program Files (x86)\Leggimi.htm
2020-08-16 14:29 - 2015-03-17 10:08 - 000025616 _____ () C:\Program Files (x86)\LeiaMe.htm
2020-08-16 14:29 - 2015-03-17 10:08 - 000026450 _____ () C:\Program Files (x86)\Liesmich.htm
2020-08-16 14:29 - 2015-03-17 10:08 - 000027104 _____ () C:\Program Files (x86)\Lisezmoi.htm
2020-08-16 14:29 - 2015-03-17 10:08 - 000025665 _____ () C:\Program Files (x86)\LueMinut.htm
2020-08-16 14:29 - 2015-03-17 10:08 - 000024876 _____ () C:\Program Files (x86)\ReadMe.htm
2020-08-16 14:29 - 2015-03-17 10:08 - 000024716 _____ () C:\Program Files (x86)\ReadMeCS.htm
2020-08-16 14:29 - 2015-03-17 10:08 - 000024661 _____ () C:\Program Files (x86)\ReadMeCT.htm
2020-08-16 14:29 - 2015-03-17 10:08 - 000027559 _____ () C:\Program Files (x86)\ReadMeCZE.htm
2020-08-16 14:29 - 2015-03-17 10:08 - 000028458 _____ () C:\Program Files (x86)\ReadMeHUN.htm
2020-08-16 14:29 - 2015-03-17 10:08 - 000027583 _____ () C:\Program Files (x86)\ReadMeJ.htm
2020-08-16 14:29 - 2015-03-17 10:08 - 000025709 _____ () C:\Program Files (x86)\ReadMeK.htm
2020-08-16 14:29 - 2015-03-17 10:08 - 000024407 _____ () C:\Program Files (x86)\ReadMeMEA.htm
2020-08-16 14:29 - 2015-03-17 10:08 - 000024388 _____ () C:\Program Files (x86)\ReadMeMEH.htm
2020-08-16 14:29 - 2015-03-17 10:08 - 000026073 _____ () C:\Program Files (x86)\ReadMePOL.htm
2020-08-16 14:29 - 2015-03-17 10:08 - 000025790 _____ () C:\Program Files (x86)\ReadMeRUS.htm
2020-08-16 14:29 - 2015-03-17 10:08 - 000028250 _____ () C:\Program Files (x86)\ReadMeSKY.htm
2020-08-16 14:29 - 2015-03-17 10:08 - 000026679 _____ () C:\Program Files (x86)\ReadMeTUR.htm
2020-08-16 14:29 - 2015-03-17 10:08 - 000025802 _____ () C:\Program Files (x86)\ReadMeUKR.htm
2020-08-16 14:29 - 2015-03-17 10:08 - 000025463 _____ () C:\Program Files (x86)\Vigtigt.htm
2020-08-16 14:29 - 2015-03-17 10:08 - 000025419 _____ () C:\Program Files (x86)\Viktig.htm
2020-08-16 14:29 - 2015-03-17 10:08 - 000025587 _____ () C:\Program Files (x86)\Viktigt.htm
2020-08-16 14:54 - 2020-08-16 14:54 - 000000000 _____ () C:\Users\absen\AppData\Local\oobelibMkey.log

==================== SigCheck ============================

(There is no automatic fix for files that do not pass verification.)

==================== End of FRST.txt ========================



Additional scan result of Farbar Recovery Scan Tool (x64) Version: 27-01-2021
Ran by absender (30-01-2021 19:08:54)
Running from C:\Users\absen\OneDrive\Desktop
Windows 10 Pro Version 20H2 19042.746 (X64) (2020-09-16 16:27:01)
Boot Mode: Normal
==========================================================


==================== Accounts: =============================

absender (S-1-5-21-1975070713-3845745136-328932001-1001 - Administrator - Enabled) => C:\Users\absen
Administrator (S-1-5-21-1975070713-3845745136-328932001-500 - Administrator - Disabled)
DefaultAccount (S-1-5-21-1975070713-3845745136-328932001-503 - Limited - Disabled)
Guest (S-1-5-21-1975070713-3845745136-328932001-501 - Limited - Disabled)
WDAGUtilityAccount (S-1-5-21-1975070713-3845745136-328932001-504 - Limited - Disabled)

==================== Security Center ========================

(If an entry is included in the fixlist, it will be removed.)

AV: Windows Defender (Disabled - Up to date) {D68DDC3A-831F-4fae-9E44-DA132C1ACF46}
AV: Avast Antivirus (Disabled - Up to date) {EB19B86E-3998-C706-90EF-92B41EB091AF}
AS: Windows Defender (Disabled - Up to date) {D68DDC3A-831F-4fae-9E44-DA132C1ACF46}
AS: Avast Antivirus (Enabled - Up to date) {5078598A-1FA2-C888-AA5F-A9C66537DB12}

==================== Installed Programs ======================

(Only the adware programs with "Hidden" flag could be added to the fixlist to unhide them. The adware programs should be uninstalled manually.)

@BIOS (HKLM-x32\...\{C9D46F25-5F9D-4E25-B24F-BC00E9EDF529}) (Version: 4.20.0518.1 - GIGABYTE) Hidden
@BIOS (HKLM-x32\...\InstallShield_{C9D46F25-5F9D-4E25-B24F-BC00E9EDF529}) (Version: 4.20.0518.1 - GIGABYTE)
µTorrent (HKLM-x32\...\uTorrent) (Version: 2.2.1 - )
Active@ Partition Recovery Ultimate 15 (HKLM\...\{E39DC614-0CB1-41E3-8457-87D58DF29029}_is1) (Version: 15 - LSoft Technologies Inc)
Adobe Acrobat DC (HKLM-x32\...\{AC76BA86-1033-FFFF-7760-0C0F074E4100}) (Version: 20.012.20041 - Adobe Systems Incorporated)
AIDA64 Extreme v6.32 (HKLM-x32\...\AIDA64 Extreme_is1) (Version: 6.32 - FinalWire Ltd.)
Aktualizace produktu Microsoft Office Excel 2007 Help (KB963678) (HKLM-x32\...\{90120000-0016-0405-0000-0000000FF1CE}_ENTERPRISE_{0A1FAC46-B899-421D-B1A2-470896DC45DB}) (Version: - Microsoft)
Aktualizace produktu Microsoft Office Powerpoint 2007 Help (KB963669) (HKLM-x32\...\{90120000-0018-0405-0000-0000000FF1CE}_ENTERPRISE_{5260BB53-C1F7-4A3B-9AEB-3EC9B37FF194}) (Version: - Microsoft)
Aktualizace produktu Microsoft Office Word 2007 Help (KB963665) (HKLM-x32\...\{90120000-001B-0405-0000-0000000FF1CE}_ENTERPRISE_{E68DD413-B834-4923-8181-0A03B7555187}) (Version: - Microsoft)
APP Center (HKLM-x32\...\{D50BEE9A-0EC6-4A58-BF90-35BDC6D6495D}) (Version: 3.20.00803.1 - GIGABYTE) Hidden
APP Center (HKLM-x32\...\InstallShield_{D50BEE9A-0EC6-4A58-BF90-35BDC6D6495D}) (Version: 3.20.00803.1 - GIGABYTE)
Avast Cleanup Premium (HKLM\...\Avast Cleanup) (Version: 20.1.9481.1346 - Avast Software)
Avast Driver Updater (HKLM\...\Avast Driver Updater) (Version: 20.2.1042.2978 - Avast Software)
Avast Free Antivirus (HKLM-x32\...\Avast Antivirus) (Version: 20.10.2442 - Avast Software)
EasyTune (HKLM-x32\...\{7F635314-EE21-4E4B-A68D-69AE70BA0E9B}) (Version: 1.20.1030.1 - GIGABYTE) Hidden
EasyTune (HKLM-x32\...\InstallShield_{7F635314-EE21-4E4B-A68D-69AE70BA0E9B}) (Version: 1.20.1030.1 - GIGABYTE)
EasyTuneEngineService (HKLM-x32\...\{964575C3-5820-4642-A89A-754255B5EFE1}) (Version: 1.20.1105.1 - GIGABYTE) Hidden
EasyTuneEngineService (HKLM-x32\...\InstallShield_{964575C3-5820-4642-A89A-754255B5EFE1}) (Version: 1.20.1105.1 - GIGABYTE)
ENE IO Driver (HKLM-x32\...\{D0512FFD-6194-4D2E-967E-25B82A3322FF}) (Version: 3.3.0 - ENE TECHNOLOGY INC.) Hidden
ENE_AIC_Marvell_HAL (HKLM\...\{085E2365-0A70-4230-B664-02D5E4FE7E9C}) (Version: 1.0.7.0 - ENE TECHNOLOGY INC.) Hidden
ENE_AIC_Marvell_HAL (HKLM-x32\...\{887e18fb-6bc3-4cd4-b34e-32d9ff71bbae}) (Version: 1.0.7.0 - ENE TECHNOLOGY INC.) Hidden
ENE_DRAM_RGB_AIO (HKLM\...\{1745D314-9077-46C9-8562-1C62BAE189B7}) (Version: 1.0.0.9 - Ene Tech.) Hidden
ENE_DRAM_RGB_AIO (HKLM-x32\...\{8bcd6161-a822-4c5a-9711-472cb32c7adf}) (Version: 1.0.0.9 - Ene Tech.) Hidden
ENE_EHD_M2_HAL (HKLM\...\{37A48B7F-D4EA-4863-844E-A284E2AA3C5D}) (Version: 1.0.6.0 - ENE TECHNOLOGY INC.) Hidden
ENE_EHD_M2_HAL (HKLM-x32\...\{d8516682-de60-4332-ad6f-49373754b677}) (Version: 1.0.6.0 - ENE TECHNOLOGY INC.) Hidden
ENE_EHD_SSS_HAL (HKLM\...\{CF703694-01C6-4062-B797-84DB215662BC}) (Version: 1.0.2.0 - ENE TECHNOLOGY INC.) Hidden
ENE_EHD_SSS_HAL (HKLM-x32\...\{9eeadf99-713b-4ab5-9ccd-bf9c1c4d9daf}) (Version: 1.0.2.0 - ENE TECHNOLOGY INC.) Hidden
Fast Boot (HKLM-x32\...\{FA8FB4F2-F524-48E1-A06C-45602FBF26CD}) (Version: 1.20.0420.1 - GIGABYTE) Hidden
Fast Boot (HKLM-x32\...\InstallShield_{FA8FB4F2-F524-48E1-A06C-45602FBF26CD}) (Version: 1.20.0420.1 - GIGABYTE)
Game Boost (HKLM-x32\...\{644B5310-D2AA-42A8-9F3B-7B92C856C8D7}) (Version: 1.00.0006 - Gigabyte) Hidden
Game Boost (HKLM-x32\...\InstallShield_{644B5310-D2AA-42A8-9F3B-7B92C856C8D7}) (Version: 1.00.0006 - Gigabyte)
GigabyteFirmwareUpdateUtility (HKLM-x32\...\{1CBA99CE-1AB3-4366-AFB4-7F7B75EBBE35}) (Version: 1.20.0406.1 - GIGABYTE) Hidden
GigabyteFirmwareUpdateUtility (HKLM-x32\...\InstallShield_{1CBA99CE-1AB3-4366-AFB4-7F7B75EBBE35}) (Version: 1.20.0406.1 - GIGABYTE)
Google Chrome (HKLM-x32\...\Google Chrome) (Version: 88.0.4324.104 - Google LLC)
Google Update Helper (HKLM-x32\...\{60EC980A-BDA2-4CB6-A427-B07A5498B4CA}) (Version: 1.3.36.51 - Google LLC) Hidden
GService (HKLM-x32\...\{D9CB4282-7B2A-4840-AD1D-9DA72B973DD9}) (Version: 1.19.0624.1 - GIGABYTE)
Intel(R) Management Engine Components (HKLM\...\{1CEAC85D-2590-4760-800F-8DE5E91F3700}) (Version: 1846.12.0.1177 - Intel Corporation)
Intel(R) Rapid Storage Technology (HKLM\...\{409CB30E-E457-4008-9B1A-ED1B9EA21140}) (Version: 17.8.0.1065 - Intel Corporation)
Intel(R) Trusted Connect Service Client x86 (HKLM-x32\...\{C9552825-7BF2-4344-BA91-D3CD46F4C441}) (Version: 1.50.638.1 - Intel Corporation) Hidden
Intel(R) Trusted Connect Services Client (HKLM-x32\...\{99ee3c29-c7cd-450f-8db9-d43cc49de1c7}) (Version: 1.50.638.1 - Intel Corporation) Hidden
Intel® Chipset Device Software (HKLM-x32\...\{49bc1e38-39b4-4728-9e75-cbe67ba9a329}) (Version: 10.1.1.42 - Intel(R) Corporation) Hidden
Microsoft Edge (HKLM-x32\...\Microsoft Edge) (Version: 88.0.705.56 - Microsoft Corporation)
Microsoft Edge Update (HKLM-x32\...\Microsoft Edge Update) (Version: 1.3.139.71 - )
Microsoft Office 2007 Service Pack 3 (SP3) (HKLM-x32\...\{90120000-0030-0000-0000-0000000FF1CE}_ENTERPRISE_{6E107EB7-8B55-48BF-ACCB-199F86A2CD93}) (Version: - Microsoft)
Microsoft Office Enterprise 2007 (HKLM-x32\...\ENTERPRISE) (Version: 12.0.6612.1000 - Microsoft Corporation)
Microsoft Office File Validation Add-In (HKLM-x32\...\{90140000-2005-0000-0000-0000000FF1CE}) (Version: 14.0.5130.5003 - Microsoft Corporation)
Microsoft OneDrive (HKU\S-1-5-21-1975070713-3845745136-328932001-1001\...\OneDriveSetup.exe) (Version: 20.219.1029.0007 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.17 (HKLM-x32\...\{9A25302D-30C0-39D9-BD6F-21E6EC160475}) (Version: 9.0.30729 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.6161 (HKLM-x32\...\{9BE518E6-ECC6-35A9-88E4-87755C07200F}) (Version: 9.0.30729.6161 - Microsoft Corporation)
Microsoft Visual C++ 2012 Redistributable (x64) - 11.0.61030 (HKLM-x32\...\{ca67548a-5ebe-413a-b50c-4b9ceb6d66c6}) (Version: 11.0.61030.0 - Microsoft Corporation)
Microsoft Visual C++ 2012 Redistributable (x64) - 11.0.61030 (HKLM-x32\...\{d491dd9d-2eda-4d75-b504-1a201436e7fd}) (Version: 11.0.61030.0 - Microsoft Corporation)
Microsoft Visual C++ 2012 Redistributable (x86) - 11.0.61030 (HKLM-x32\...\{33d1fd90-4274-48a1-9bc1-97e33d9c2d6f}) (Version: 11.0.61030.0 - Microsoft Corporation)
Microsoft Visual C++ 2012 Redistributable (x86) - 11.0.61030 (HKLM-x32\...\{3994d355-238a-4612-af93-26d13deddef1}) (Version: 11.0.61030.0 - Microsoft Corporation)
Microsoft Visual C++ 2015 Redistributable (x86) - 14.0.23026 (HKLM-x32\...\{74d0e5db-b326-4dae-a6b2-445b9de1836e}) (Version: 14.0.23026.0 - Microsoft Corporation)
Mozilla Firefox 85.0 (x64 cs) (HKLM\...\Mozilla Firefox 85.0 (x64 cs)) (Version: 85.0 - Mozilla)
Mozilla Maintenance Service (HKLM\...\MozillaMaintenanceService) (Version: 79.0 - Mozilla)
NVIDIA FrameView SDK 1.1.4923.29214634 (HKLM\...\{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_FrameViewSdk) (Version: 1.1.4923.29214634 - NVIDIA Corporation)
NVIDIA Ovladač HD audia 1.3.38.35 (HKLM\...\{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_HDAudio.Driver) (Version: 1.3.38.35 - NVIDIA Corporation)
NVIDIA Ovladače grafiky 461.09 (HKLM\...\{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_Display.Driver) (Version: 461.09 - NVIDIA Corporation)
NVIDIA Systémový software PhysX 9.19.0218 (HKLM\...\{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_Display.PhysX) (Version: 9.19.0218 - NVIDIA Corporation)
ON_OFF Charge 2 B15.0709.1 (HKLM-x32\...\{6B4ED6F7-BB88-4945-B0C6-01410E1BAC3A}) (Version: 1.00.0000 - GIGABYTE) Hidden
ON_OFF Charge 2 B15.0709.1 (HKLM-x32\...\InstallShield_{6B4ED6F7-BB88-4945-B0C6-01410E1BAC3A}) (Version: 1.00.0000 - GIGABYTE)
Ovládací panel NVIDIA 461.09 (HKLM\...\{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_Display.ControlPanel) (Version: 461.09 - NVIDIA Corporation) Hidden
Patriot Viper M2 SSD RGB (HKLM\...\{0886A906-0625-4A43-930D-AA92F6665AF4}) (Version: 1.00.04 - Patriot Memory) Hidden
Patriot Viper M2 SSD RGB (HKLM-x32\...\{ebb7013c-0b03-497c-bed1-1e48e806a593}) (Version: 1.00.04 - Patriot Memory)
Realtek Audio Driver (HKLM-x32\...\{F132AF7F-7BCA-4EDE-8A7C-958108FE7DBC}) (Version: 6.0.8881.1 - Realtek Semiconductor Corp.)
Realtek Ethernet Controller Driver (HKLM-x32\...\{8833FFB6-5B0C-4764-81AA-06DFEED9A476}) (Version: 10.38.1118.2019 - Realtek)
RGB Fusion (HKLM-x32\...\{FFA8F1FA-3C2C-4A94-AC0B-0DF47272C25F}) (Version: 3.20.1015.1 - GIGABYTE)
SIV (HKLM-x32\...\{AAA057C3-10DC-4EB9-A3D6-8208C1BB7411}) (Version: 1.20.1105.1 - GIGABYTE) Hidden
SIV (HKLM-x32\...\InstallShield_{AAA057C3-10DC-4EB9-A3D6-8208C1BB7411}) (Version: 1.20.1105.1 - GIGABYTE)
Smart Backup (x64) (HKLM-x32\...\{BC1FA5CF-A36F-4C61-9638-09D0B431B006}) (Version: 3.18.0911.1 - GIGABYTE)
TeamViewer (HKLM-x32\...\TeamViewer) (Version: 15.14.3 - TeamViewer)
Update for 2007 Microsoft Office System (KB967642) (HKLM-x32\...\{90120000-0030-0000-0000-0000000FF1CE}_ENTERPRISE_{C444285D-5E4F-48A4-91DD-47AAAA68E92D}) (Version: - Microsoft)
VLC media player (HKLM\...\VLC media player) (Version: 3.0.11 - VideoLAN)
WinRAR 5.91 (64-bit) (HKLM\...\WinRAR archiver) (Version: 5.91.0 - win.rar GmbH)

Packages:
=========
Microsoft Advertising SDK for XAML -> C:\Program Files\WindowsApps\Microsoft.Advertising.Xaml_10.1811.1.0_x64__8wekyb3d8bbwe [2020-08-02] (Microsoft Corporation) [MS Ad]
Microsoft Advertising SDK for XAML -> C:\Program Files\WindowsApps\Microsoft.Advertising.Xaml_10.1811.1.0_x86__8wekyb3d8bbwe [2020-08-02] (Microsoft Corporation) [MS Ad]
Microsoft Solitaire Collection -> C:\Program Files\WindowsApps\Microsoft.MicrosoftSolitaireCollection_4.9.1102.0_x64__8wekyb3d8bbwe [2021-01-14] (Microsoft Studios) [MS Ad]
Netflix -> C:\Program Files\WindowsApps\4DF9E0F8.Netflix_6.97.752.0_x64__mcm4njqhnhss8 [2020-08-02] (Netflix, Inc.)
Realtek Audio Control -> C:\Program Files\WindowsApps\RealtekSemiconductorCorp.RealtekAudioControl_1.22.240.0_x64__dt26b99r8h8gj [2021-01-25] (Realtek Semiconductor Corp)
Spotify Music -> C:\Program Files\WindowsApps\SpotifyAB.SpotifyMusic_1.151.382.0_x86__zpdnekdrzrea0 [2021-01-30] (Spotify AB) [Startup Task]

==================== Custom CLSID (Whitelisted): ==============

(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)

ShellExecuteHooks-x32: Groove GFS Stub Execution Hook - {B5A7F190-DDA6-4420-B3BA-52453494E6CD} - C:\Program Files (x86)\Microsoft Office\Office12\GrooveShellExtensions.dll [2217832 2009-02-26] (Microsoft Corporation -> Microsoft Corporation)
ShellIconOverlayIdentifiers: [00asw] -> {472083B0-C522-11CF-8763-00608CC02F24} => C:\Program Files\Avast Software\Avast\ashShell.dll [2020-12-18] (Avast Software s.r.o. -> AVAST Software)
ContextMenuHandlers1: [Adobe.Acrobat.ContextMenu] -> {A6595CD1-BF77-430A-A452-18696685F7C7} => C:\Program Files (x86)\Adobe\Acrobat DC\Acrobat Elements\ContextMenuShim64.dll [2020-07-31] (Adobe Inc. -> Adobe Systems Inc.)
ContextMenuHandlers1: [avast] -> {472083B0-C522-11CF-8763-00608CC02F24} => C:\Program Files\Avast Software\Avast\ashShell.dll [2020-12-18] (Avast Software s.r.o. -> AVAST Software)
ContextMenuHandlers1: [WinRAR] -> {B41DB860-64E4-11D2-9906-E49FADC173CA} => C:\Program Files\WinRAR\rarext.dll [2020-06-25] (win.rar GmbH -> Alexander Roshal)
ContextMenuHandlers1-x32: [WinRAR32] -> {B41DB860-8EE4-11D2-9906-E49FADC173CA} => C:\Program Files\WinRAR\rarext32.dll [2020-06-25] (win.rar GmbH -> Alexander Roshal)
ContextMenuHandlers3: [00asw] -> {472083B0-C522-11CF-8763-00608CC02F24} => C:\Program Files\Avast Software\Avast\ashShell.dll [2020-12-18] (Avast Software s.r.o. -> AVAST Software)
ContextMenuHandlers5: [NvCplDesktopContext] -> {3D1975AF-48C6-4f8e-A182-BE0E08FA86A9} => C:\WINDOWS\system32\nvshext.dll [2020-12-31] (NVIDIA Corporation -> NVIDIA Corporation)
ContextMenuHandlers6: [Adobe.Acrobat.ContextMenu] -> {A6595CD1-BF77-430A-A452-18696685F7C7} => C:\Program Files (x86)\Adobe\Acrobat DC\Acrobat Elements\ContextMenuShim64.dll [2020-07-31] (Adobe Inc. -> Adobe Systems Inc.)
ContextMenuHandlers6: [avast] -> {472083B0-C522-11CF-8763-00608CC02F24} => C:\Program Files\Avast Software\Avast\ashShell.dll [2020-12-18] (Avast Software s.r.o. -> AVAST Software)
ContextMenuHandlers6: [WinRAR] -> {B41DB860-64E4-11D2-9906-E49FADC173CA} => C:\Program Files\WinRAR\rarext.dll [2020-06-25] (win.rar GmbH -> Alexander Roshal)
ContextMenuHandlers6-x32: [WinRAR32] -> {B41DB860-8EE4-11D2-9906-E49FADC173CA} => C:\Program Files\WinRAR\rarext32.dll [2020-06-25] (win.rar GmbH -> Alexander Roshal)

==================== Codecs (Whitelisted) ====================

==================== Shortcuts & WMI ========================

==================== Loaded Modules (Whitelisted) =============

2020-03-05 23:11 - 2020-03-05 23:11 - 000021504 _____ (Adobe Systems Inc.) [File not signed] C:\Program Files (x86)\Adobe\Acrobat DC\Acrobat\locale\cs_cz\Acrobat Elements\ContextMenuShim64.cze

==================== Alternate Data Streams (Whitelisted) ========

==================== Safe Mode (Whitelisted) ==================

==================== Association (Whitelisted) =================

==================== Internet Explorer (Whitelisted) ==========

BHO: GBHO.BHO -> {45d30484-7ded-43d9-957a-d2fd1f046511} -> C:\WINDOWS\system32\mscoree.dll [2019-12-07] (Microsoft Windows -> Microsoft Corporation)
BHO: Adobe Acrobat Create PDF Helper -> {AE7CD045-E861-484f-8273-0445EE161910} -> C:\Program Files (x86)\Common Files\Adobe\Acrobat\WCIEActiveX\DC\x64\AcroIEFavStub.dll [2020-03-05] (Adobe Systems, Incorporated -> Adobe Systems Incorporated)
BHO: Adobe Acrobat Create PDF from Selection -> {F4971EE7-DAA0-4053-9964-665D8EE6A077} -> C:\Program Files (x86)\Common Files\Adobe\Acrobat\WCIEActiveX\DC\x64\AcroIEFavStub.dll [2020-03-05] (Adobe Systems, Incorporated -> Adobe Systems Incorporated)
BHO-x32: Groove GFS Browser Helper -> {72853161-30C5-4D22-B7F9-0BBC1D38A37E} -> C:\Program Files (x86)\Microsoft Office\Office12\GrooveShellExtensions.dll [2009-02-26] (Microsoft Corporation -> Microsoft Corporation)
BHO-x32: Adobe Acrobat Create PDF Helper -> {AE7CD045-E861-484f-8273-0445EE161910} -> C:\Program Files (x86)\Common Files\Adobe\Acrobat\WCIEActiveX\DC\AcroIEFavStub.dll [2020-03-05] (Adobe Systems, Incorporated -> Adobe Systems Incorporated)
BHO-x32: Adobe Acrobat Create PDF from Selection -> {F4971EE7-DAA0-4053-9964-665D8EE6A077} -> C:\Program Files (x86)\Common Files\Adobe\Acrobat\WCIEActiveX\DC\AcroIEFavStub.dll [2020-03-05] (Adobe Systems, Incorporated -> Adobe Systems Incorporated)
Toolbar: HKLM - Adobe Acrobat Create PDF Toolbar - {47833539-D0C5-4125-9FA8-0819E2EAAC93} - C:\Program Files (x86)\Common Files\Adobe\Acrobat\WCIEActiveX\DC\x64\AcroIEFavStub.dll [2020-03-05] (Adobe Systems, Incorporated -> Adobe Systems Incorporated)
Toolbar: HKLM - Smart Backup - {1d09c093-f71e-43c3-b948-19316cbd695e} - C:\WINDOWS\system32\mscoree.dll [2019-12-07] (Microsoft Windows -> Microsoft Corporation)
Toolbar: HKLM-x32 - Adobe Acrobat Create PDF Toolbar - {47833539-D0C5-4125-9FA8-0819E2EAAC93} - C:\Program Files (x86)\Common Files\Adobe\Acrobat\WCIEActiveX\DC\AcroIEFavStub.dll [2020-03-05] (Adobe Systems, Incorporated -> Adobe Systems Incorporated)

==================== Hosts content: =========================

(If needed Hosts: directive could be included in the fixlist to reset Hosts.)

2017-09-29 14:46 - 2020-08-02 15:53 - 000000990 _____ C:\WINDOWS\system32\drivers\etc\hosts
127.0.0.1 75.126.120.203
127.0.0.1 46.4.58.71
127.0.0.1 46.4.62.150
127.0.0.1 46.4.28.80

==================== Other Areas ===========================

(Currently there is no automatic fix for this section.)

HKU\S-1-5-21-1975070713-3845745136-328932001-1001\Control Panel\Desktop\\Wallpaper -> C:\Users\absen\AppData\Local\Microsoft\Windows\Themes\RoamedThemeFiles\DesktopBackground\img0.jpg
DNS Servers: 192.168.0.1
HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Policies\System => (ConsentPromptBehaviorAdmin: 5) (ConsentPromptBehaviorUser: 3) (EnableLUA: 1)
HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer => (SmartScreenEnabled: )
Windows Firewall is enabled.

==================== MSCONFIG/TASK MANAGER disabled items ==

(If an entry is included in the fixlist, it will be removed.)

HKLM\...\StartupApproved\Run: => "AdobeAAMUpdater-1.0"
HKLM\...\StartupApproved\Run: => "AdobeGCInvoker-1.0"
HKLM\...\StartupApproved\Run: => "IAStorIcon"
HKLM\...\StartupApproved\Run32: => "GrooveMonitor"
HKLM\...\StartupApproved\Run32: => "Acrobat Assistant 8.0"
HKU\S-1-5-21-1975070713-3845745136-328932001-1001\...\StartupApproved\Run: => "OneDrive"

==================== FirewallRules (Whitelisted) ================

(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)

FirewallRules: [{D0FC4857-01EA-4F85-ACCF-3F7BB7596950}] => (Allow) C:\Program Files\Mozilla Firefox\firefox.exe (Mozilla Corporation -> Mozilla Corporation)
FirewallRules: [{A3EB1886-6DA5-46F1-AF82-E065A4532F50}] => (Allow) C:\Program Files\Mozilla Firefox\firefox.exe (Mozilla Corporation -> Mozilla Corporation)
FirewallRules: [{650C6E36-EEC5-4144-9DE8-24D6776C3CE9}] => (Allow) C:\Program Files (x86)\uTorrent\uTorrent.exe (BitTorrent Inc -> BitTorrent, Inc.)
FirewallRules: [{9604BE7E-99F6-43BA-96C7-2B4ABE5186EB}] => (Allow) C:\Program Files (x86)\uTorrent\uTorrent.exe (BitTorrent Inc -> BitTorrent, Inc.)
FirewallRules: [TCP Query User{10632098-5C61-4388-A376-E484AB7FB380}C:\program files\videolan\vlc\vlc.exe] => (Allow) C:\program files\videolan\vlc\vlc.exe (VideoLAN -> VideoLAN)
FirewallRules: [UDP Query User{EE2B15BD-BB1A-4AFC-8B71-EA9FF04C007A}C:\program files\videolan\vlc\vlc.exe] => (Allow) C:\program files\videolan\vlc\vlc.exe (VideoLAN -> VideoLAN)
FirewallRules: [{1F814002-E2AF-41E4-8E90-CBD6C666BCEE}] => (Allow) C:\Program Files (x86)\GIGABYTE\AppCenter\ApCent.exe (GIGA-BYTE TECHNOLOGY CO., LTD. -> )
FirewallRules: [{FF046793-038F-4E29-8F50-CAA3878B766F}] => (Allow) C:\Program Files (x86)\GIGABYTE\AppCenter\gcupd.exe (GIGA-BYTE TECHNOLOGY CO., LTD. -> )
FirewallRules: [{06C53832-A07A-4844-A228-3B6D250C16B0}] => (Allow) C:\Program Files (x86)\GIGABYTE\AppCenter\ApCent.exe (GIGA-BYTE TECHNOLOGY CO., LTD. -> )
FirewallRules: [{5559C675-8382-4F4C-A212-3AE6775A3BC5}] => (Allow) C:\Program Files (x86)\GIGABYTE\AppCenter\gcupd.exe (GIGA-BYTE TECHNOLOGY CO., LTD. -> )
FirewallRules: [{1E29E840-8D34-43AA-94D2-DB4167ABB39E}] => (Allow) LPort=9009
FirewallRules: [{9C6901C5-F9B6-4589-9632-459FE393ED6C}] => (Allow) LPort=9009
FirewallRules: [{FAA455DA-165A-480E-8473-9CB204C0BDCD}] => (Allow) LPort=9009
FirewallRules: [{5C643DA4-6D95-4B19-9139-19DDCCB9610C}] => (Allow) LPort=9009
FirewallRules: [{196D6A50-C2AD-4313-B21B-390B96B422AE}] => (Allow) C:\Program Files\WindowsApps\Microsoft.SkypeApp_15.68.96.0_x86__kzf8qxf38zg5c\Skype\Skype.exe (Skype Software Sarl -> Skype Technologies S.A.)
FirewallRules: [{607FEFB5-271C-4DCB-9BD5-C3F4B96E7901}] => (Allow) C:\Program Files\WindowsApps\Microsoft.SkypeApp_15.68.96.0_x86__kzf8qxf38zg5c\Skype\Skype.exe (Skype Software Sarl -> Skype Technologies S.A.)
FirewallRules: [{87C4CA69-1F15-45C1-A924-088B20DDA7E8}] => (Allow) C:\Program Files\WindowsApps\Microsoft.SkypeApp_15.68.96.0_x86__kzf8qxf38zg5c\Skype\Skype.exe (Skype Software Sarl -> Skype Technologies S.A.)
FirewallRules: [{F96455BA-FB41-4175-A53F-B07010796BE8}] => (Allow) C:\Program Files\WindowsApps\Microsoft.SkypeApp_15.68.96.0_x86__kzf8qxf38zg5c\Skype\Skype.exe (Skype Software Sarl -> Skype Technologies S.A.)
FirewallRules: [{2AD99580-927E-4FE3-AC8D-328ABABB6B00}] => (Allow) C:\Program Files\Google\Chrome\Application\chrome.exe (Google LLC -> Google LLC)
FirewallRules: [{DD8E987D-26BA-49F6-8205-82C1791CDBC2}] => (Allow) C:\Program Files\WindowsApps\SpotifyAB.SpotifyMusic_1.151.382.0_x86__zpdnekdrzrea0\Spotify.exe (Spotify AB -> Spotify Ltd)
FirewallRules: [{3474238D-0977-4202-BF62-82309AB76D54}] => (Allow) C:\Program Files\WindowsApps\SpotifyAB.SpotifyMusic_1.151.382.0_x86__zpdnekdrzrea0\Spotify.exe (Spotify AB -> Spotify Ltd)
FirewallRules: [{795C2288-837B-464A-AE78-E3D3A272702C}] => (Allow) C:\Program Files\WindowsApps\SpotifyAB.SpotifyMusic_1.151.382.0_x86__zpdnekdrzrea0\Spotify.exe (Spotify AB -> Spotify Ltd)
FirewallRules: [{6EA7A791-A40D-41DA-8D34-E2A0FCE1FC43}] => (Allow) C:\Program Files\WindowsApps\SpotifyAB.SpotifyMusic_1.151.382.0_x86__zpdnekdrzrea0\Spotify.exe (Spotify AB -> Spotify Ltd)
FirewallRules: [{04293312-474C-4B34-B862-D46FDC9BFA4E}] => (Allow) C:\Program Files\WindowsApps\SpotifyAB.SpotifyMusic_1.151.382.0_x86__zpdnekdrzrea0\Spotify.exe (Spotify AB -> Spotify Ltd)
FirewallRules: [{CD9381AE-44C3-4E0D-AF95-D5B13A7A2409}] => (Allow) C:\Program Files\WindowsApps\SpotifyAB.SpotifyMusic_1.151.382.0_x86__zpdnekdrzrea0\Spotify.exe (Spotify AB -> Spotify Ltd)
FirewallRules: [{F48473EA-3C00-4892-90CB-2776F477D671}] => (Allow) C:\Program Files\WindowsApps\SpotifyAB.SpotifyMusic_1.151.382.0_x86__zpdnekdrzrea0\Spotify.exe (Spotify AB -> Spotify Ltd)
FirewallRules: [{81D6B86A-4206-4FB4-98B9-E9D5739B6AF8}] => (Allow) C:\Program Files\WindowsApps\SpotifyAB.SpotifyMusic_1.151.382.0_x86__zpdnekdrzrea0\Spotify.exe (Spotify AB -> Spotify Ltd)
FirewallRules: [{8AE2542E-6B44-46D4-B14E-BC9A64CD60D0}] => (Allow) C:\Program Files (x86)\TeamViewer\TeamViewer.exe (TeamViewer Germany GmbH -> TeamViewer Germany GmbH)
FirewallRules: [{35DF1A6A-DCC0-4767-9451-E5C6C09093FB}] => (Allow) C:\Program Files (x86)\TeamViewer\TeamViewer.exe (TeamViewer Germany GmbH -> TeamViewer Germany GmbH)
FirewallRules: [{61673F63-0016-4851-B10D-6D54D1DB0DF2}] => (Allow) C:\Program Files (x86)\TeamViewer\TeamViewer_Service.exe (TeamViewer Germany GmbH -> TeamViewer Germany GmbH)
FirewallRules: [{8199B76F-E8CF-42D0-9CFA-540ED87C6143}] => (Allow) C:\Program Files (x86)\TeamViewer\TeamViewer_Service.exe (TeamViewer Germany GmbH -> TeamViewer Germany GmbH)

==================== Restore Points =========================

25-01-2021 00:26:56 Avast Driver Updater - Update 2 Device(s)

==================== Faulty Device Manager Devices ============


==================== Event log errors: ========================

Application errors:
==================
Error: (01/30/2021 09:59:35 AM) (Source: Microsoft-Windows-Defrag) (EventID: 264) (User: )
Description: Optimalizátor úložiště nemohl dokončit opakovat operaci trim na Data (D:), protože: Požadovaná operace není podporována hardwarem, který zálohuje svazek. (0x8900002A)

Error: (01/26/2021 10:34:56 AM) (Source: Application Error) (EventID: 1000) (User: )
Description: Název chybující aplikace: etinit.exe, verze: 8.0.0.10, časové razítko: 0x5c6e5df7
Název chybujícího modulu: KERNELBASE.dll, verze: 10.0.19041.746, časové razítko: 0x197b16c5
Kód výjimky: 0xe0434352
Posun chyby: 0x0012a842
ID chybujícího procesu: 0xd4c
Čas spuštění chybující aplikace: 0x01d6f3c68010ed01
Cesta k chybující aplikaci: C:\Program Files (x86)\GIGABYTE\EasyTune\etinit.exe
Cesta k chybujícímu modulu: C:\WINDOWS\System32\KERNELBASE.dll
ID zprávy: 2b2267a3-5783-4525-ae2b-fe900d1602c7
Úplný název chybujícího balíčku:
ID aplikace související s chybujícím balíčkem:

Error: (01/26/2021 10:34:56 AM) (Source: Application Error) (EventID: 1000) (User: )
Description: Název chybující aplikace: etocfile.exe, verze: 8.0.0.16, časové razítko: 0x5e4663a1
Název chybujícího modulu: KERNELBASE.dll, verze: 10.0.19041.746, časové razítko: 0x197b16c5
Kód výjimky: 0xe0434352
Posun chyby: 0x0012a842
ID chybujícího procesu: 0x27f0
Čas spuštění chybující aplikace: 0x01d6f3c6800a6cc0
Cesta k chybující aplikaci: C:\Program Files (x86)\GIGABYTE\EasyTune\etocfile.exe
Cesta k chybujícímu modulu: C:\WINDOWS\System32\KERNELBASE.dll
ID zprávy: 3b508876-7aa2-4ce6-a64f-5833d2360ee9
Úplný název chybujícího balíčku:
ID aplikace související s chybujícím balíčkem:

Error: (01/26/2021 10:34:56 AM) (Source: .NET Runtime) (EventID: 1026) (User: )
Description: Aplikace: etinit.exe
Verze Framework: v4.0.30319
Popis: Proces byl ukončen z důvodu neošetřené výjimky.
Informace o výjimce: System.IO.FileLoadException
na etinit.Program.Main(System.String[])

Error: (01/26/2021 10:34:56 AM) (Source: .NET Runtime) (EventID: 1026) (User: )
Description: Aplikace: etocfile.exe
Verze Framework: v4.0.30319
Popis: Proces byl ukončen z důvodu neošetřené výjimky.
Informace o výjimce: System.IO.FileLoadException
na etocfile.Program.Main(System.String[])

Error: (01/25/2021 09:58:29 AM) (Source: Application Error) (EventID: 1000) (User: )
Description: Název chybující aplikace: etocfile.exe, verze: 8.0.0.16, časové razítko: 0x5e4663a1
Název chybujícího modulu: KERNELBASE.dll, verze: 10.0.19041.746, časové razítko: 0x197b16c5
Kód výjimky: 0xe0434352
Posun chyby: 0x0012a842
ID chybujícího procesu: 0x27d0
Čas spuštění chybující aplikace: 0x01d6f2f83e785912
Cesta k chybující aplikaci: C:\Program Files (x86)\GIGABYTE\EasyTune\etocfile.exe
Cesta k chybujícímu modulu: C:\WINDOWS\System32\KERNELBASE.dll
ID zprávy: db136a6e-9301-48b2-a03d-c32c1f0a2d91
Úplný název chybujícího balíčku:
ID aplikace související s chybujícím balíčkem:

Error: (01/25/2021 09:58:29 AM) (Source: Application Error) (EventID: 1000) (User: )
Description: Název chybující aplikace: etinit.exe, verze: 8.0.0.10, časové razítko: 0x5c6e5df7
Název chybujícího modulu: KERNELBASE.dll, verze: 10.0.19041.746, časové razítko: 0x197b16c5
Kód výjimky: 0xe0434352
Posun chyby: 0x0012a842
ID chybujícího procesu: 0x27e8
Čas spuštění chybující aplikace: 0x01d6f2f83e7bc944
Cesta k chybující aplikaci: C:\Program Files (x86)\GIGABYTE\EasyTune\etinit.exe
Cesta k chybujícímu modulu: C:\WINDOWS\System32\KERNELBASE.dll
ID zprávy: b71dfcdd-55a2-4499-9602-f81ddd06a8bd
Úplný název chybujícího balíčku:
ID aplikace související s chybujícím balíčkem:

Error: (01/25/2021 09:58:28 AM) (Source: .NET Runtime) (EventID: 1026) (User: )
Description: Aplikace: etocfile.exe
Verze Framework: v4.0.30319
Popis: Proces byl ukončen z důvodu neošetřené výjimky.
Informace o výjimce: System.IO.FileLoadException
na etocfile.Program.Main(System.String[])


System errors:
=============
Error: (01/30/2021 06:36:48 PM) (Source: Service Control Manager) (EventID: 7034) (User: )
Description: Služba Intel(R) Storage Middleware Service byla neočekávaně ukončena. Tento stav nastal již 1krát.

Error: (01/30/2021 06:36:48 PM) (Source: Service Control Manager) (EventID: 7034) (User: )
Description: Služba GIGABYTE Adjust byla neočekávaně ukončena. Tento stav nastal již 1krát.

Error: (01/30/2021 06:36:48 PM) (Source: Service Control Manager) (EventID: 7031) (User: )
Description: Služba Realtek Audio Universal Service byla nečekaně ukončena. Stalo se to 1 krát. Následující opravná akce bude spuštěna za 0 milisekund: Restartovat službu.

Error: (01/30/2021 06:36:48 PM) (Source: Service Control Manager) (EventID: 7034) (User: )
Description: Služba Adobe Genuine Software Integrity Service byla neočekávaně ukončena. Tento stav nastal již 1krát.

Error: (01/30/2021 06:36:48 PM) (Source: Service Control Manager) (EventID: 7031) (User: )
Description: Služba NVIDIA Display Container LS byla nečekaně ukončena. Stalo se to 1 krát. Následující opravná akce bude spuštěna za 6000 milisekund: Restartovat službu.

Error: (01/30/2021 06:36:48 PM) (Source: Service Control Manager) (EventID: 7034) (User: )
Description: Služba Adobe Genuine Monitor Service byla neočekávaně ukončena. Tento stav nastal již 1krát.

Error: (01/27/2021 11:40:06 AM) (Source: DCOM) (EventID: 10010) (User: DESKTOP-L1E66R6)
Description: Server {FD06603A-2BDF-4BB1-B7DF-5DC68F353601} se v daném časovém limitu neregistroval u služby DCOM.

Error: (01/25/2021 12:04:54 AM) (Source: Service Control Manager) (EventID: 7030) (User: )
Description: Služba Gservice je označena jako interaktivní služba. Avšak systém je nakonfigurován tak, že neumožňuje použití interaktivní služby. Tato služba nebude fungovat správně.


CodeIntegrity:
===================================

Date: 2021-01-30 19:07:10.3890000Z
Description:
Code Integrity determined that a process (\Device\HarddiskVolume4\Windows\System32\svchost.exe) attempted to load \Device\HarddiskVolume4\Program Files\Avast Software\Avast\aswAMSI.dll that did not meet the Windows signing level requirements.

Date: 2021-01-30 19:04:59.2730000Z
Description:
Code Integrity is unable to verify the image integrity of the file \Device\HarddiskVolume4\Windows\System32\WindowManagementAPI.dll because the set of per-page image hashes could not be found on the system.

Date: 2021-01-30 19:04:58.5910000Z
Description:
Code Integrity is unable to verify the image integrity of the file \Device\HarddiskVolume4\Windows\System32\cryptnet.dll because the set of per-page image hashes could not be found on the system.

Date: 2021-01-30 19:04:58.4710000Z
Description:
Code Integrity is unable to verify the image integrity of the file \Device\HarddiskVolume4\Windows\System32\cryptnet.dll because the set of per-page image hashes could not be found on the system.

Date: 2021-01-30 18:45:51.8140000Z
Description:
Code Integrity is unable to verify the image integrity of the file \Device\HarddiskVolume4\Windows\System32\WindowManagementAPI.dll because the set of per-page image hashes could not be found on the system.

Date: 2021-01-30 18:45:51.1640000Z
Description:
Code Integrity is unable to verify the image integrity of the file \Device\HarddiskVolume4\Windows\System32\cryptnet.dll because the set of per-page image hashes could not be found on the system.

Date: 2021-01-30 18:45:51.0350000Z
Description:
Code Integrity is unable to verify the image integrity of the file \Device\HarddiskVolume4\Windows\System32\cryptnet.dll because the set of per-page image hashes could not be found on the system.

Date: 2021-01-30 18:38:02.3430000Z
Description:
Code Integrity determined that a process (\Device\HarddiskVolume4\Windows\System32\SecurityHealthService.exe) attempted to load \Device\HarddiskVolume4\Program Files\Avast Software\Avast\aswAMSI.dll that did not meet the Windows signing level requirements.

==================== Memory info ===========================

BIOS: American Megatrends Inc. F9 04/10/2018
Motherboard: Gigabyte Technology Co., Ltd. B250M-DS3H-CF
Processor: Intel(R) Core(TM) i5-7400 CPU @ 3.00GHz
Percentage of memory in use: 25%
Total physical RAM: 16344.08 MB
Available physical RAM: 12140.59 MB
Total Virtual: 18776.08 MB
Available Virtual: 12978.15 MB

==================== Drives ================================

Drive c: () (Fixed) (Total:237.87 GB) (Free:188.84 GB) NTFS
Drive d: (Data) (Fixed) (Total:931.39 GB) (Free:929.19 GB) NTFS

\\?\Volume{c9995cf1-9ee5-4cfd-a40f-fd59eac485dd}\ (Obnovení) (Fixed) (Total:0.49 GB) (Free:0.06 GB) NTFS
\\?\Volume{ab6c7d13-5fb0-4c46-9987-9d6b51296447}\ () (Fixed) (Total:0.09 GB) (Free:0.07 GB) FAT32

==================== MBR & Partition Table ====================

==========================================================
Disk: 0 (Protective MBR) (Size: 238.5 GB) (Disk ID: 00000000)

Partition: GPT.

==========================================================
Disk: 1 (Size: 931.5 GB) (Disk ID: 80B49758)

Partition: GPT.

==================== End of Addition.txt =======================
Nahoru
Uživatelský avatar
Diallix
Rádce
Rádce
Příspěvky: 2760
Registrován: 27 dub 2008 10:34
Kontaktovat uživatele:
Kontaktovat uživatele Diallix

Re: prosím, prosím o kontrolu logu

#6 Příspěvek od Diallix »

Do poznamkoveho bloku skopirujte obsah dole:

Kód: Vybrat vše

CloseProcesses:
CreateRestorePoint:

HKLM\...\Run: [AdobeAAMUpdater-1.0] => C:\Program Files (x86)\Common Files\Adobe\OOBE\PDApp\UWA\UpdaterStartupUtility.exe [509936 2018-04-10] (Adobe Systems Incorporated -> Adobe Systems Incorporated)
HKU\S-1-5-21-1975070713-3845745136-328932001-1001\...\MountPoints2: {e904fb9b-ea10-11ea-9635-e0d55e1a247e} - "G:\HiSuiteDownLoader.exe"
HKLM\SOFTWARE\Policies\Mozilla\Firefox: Restriction <==== ATTENTION
Task: {04A9D8DD-C805-46F5-9B76-7EEFD442947E} - System32\Tasks\GoogleUpdateTaskMachineCore => C:\Program Files (x86)\Google\Update\GoogleUpdate.exe [155592 2020-10-15] (Google LLC -> Google LLC)
Task: {1B44D5D6-76F9-402D-95F0-5F4BAEF9B316} - System32\Tasks\Adobe Acrobat Update Task => C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\AdobeARM.exe [1349200 2020-11-03] (Adobe Inc. -> Adobe Inc.)
S3 SWDUMon; \SystemRoot\system32\DRIVERS\SWDUMon.sys [X]
2020-08-16 14:29 - 2015-03-17 10:08 - 000025589 _____ () C:\Program Files (x86)\Berime.htm
2020-08-16 14:29 - 2015-03-17 10:08 - 000026079 _____ () C:\Program Files (x86)\Leame.htm
2020-08-16 14:29 - 2015-03-17 10:08 - 000025973 _____ () C:\Program Files (x86)\LeesMij.htm
2020-08-16 14:29 - 2015-03-17 10:08 - 000026230 _____ () C:\Program Files (x86)\Leggimi.htm
2020-08-16 14:29 - 2015-03-17 10:08 - 000025616 _____ () C:\Program Files (x86)\LeiaMe.htm
2020-08-16 14:29 - 2015-03-17 10:08 - 000026450 _____ () C:\Program Files (x86)\Liesmich.htm
2020-08-16 14:29 - 2015-03-17 10:08 - 000027104 _____ () C:\Program Files (x86)\Lisezmoi.htm
2020-08-16 14:29 - 2015-03-17 10:08 - 000025665 _____ () C:\Program Files (x86)\LueMinut.htm
2020-08-16 14:29 - 2015-03-17 10:08 - 000024876 _____ () C:\Program Files (x86)\ReadMe.htm
2020-08-16 14:29 - 2015-03-17 10:08 - 000024716 _____ () C:\Program Files (x86)\ReadMeCS.htm
2020-08-16 14:29 - 2015-03-17 10:08 - 000024661 _____ () C:\Program Files (x86)\ReadMeCT.htm
2020-08-16 14:29 - 2015-03-17 10:08 - 000027559 _____ () C:\Program Files (x86)\ReadMeCZE.htm
2020-08-16 14:29 - 2015-03-17 10:08 - 000028458 _____ () C:\Program Files (x86)\ReadMeHUN.htm
2020-08-16 14:29 - 2015-03-17 10:08 - 000027583 _____ () C:\Program Files (x86)\ReadMeJ.htm
2020-08-16 14:29 - 2015-03-17 10:08 - 000025709 _____ () C:\Program Files (x86)\ReadMeK.htm
2020-08-16 14:29 - 2015-03-17 10:08 - 000024407 _____ () C:\Program Files (x86)\ReadMeMEA.htm
2020-08-16 14:29 - 2015-03-17 10:08 - 000024388 _____ () C:\Program Files (x86)\ReadMeMEH.htm
2020-08-16 14:29 - 2015-03-17 10:08 - 000026073 _____ () C:\Program Files (x86)\ReadMePOL.htm
2020-08-16 14:29 - 2015-03-17 10:08 - 000025790 _____ () C:\Program Files (x86)\ReadMeRUS.htm
2020-08-16 14:29 - 2015-03-17 10:08 - 000028250 _____ () C:\Program Files (x86)\ReadMeSKY.htm
2020-08-16 14:29 - 2015-03-17 10:08 - 000026679 _____ () C:\Program Files (x86)\ReadMeTUR.htm
2020-08-16 14:29 - 2015-03-17 10:08 - 000025802 _____ () C:\Program Files (x86)\ReadMeUKR.htm
2020-08-16 14:29 - 2015-03-17 10:08 - 000025463 _____ () C:\Program Files (x86)\Vigtigt.htm
2020-08-16 14:29 - 2015-03-17 10:08 - 000025419 _____ () C:\Program Files (x86)\Viktig.htm
2020-08-16 14:29 - 2015-03-17 10:08 - 000025587 _____ () C:\Program Files (x86)\Viktigt.htm
FirewallRules: [{1E29E840-8D34-43AA-94D2-DB4167ABB39E}] => (Allow) LPort=9009
FirewallRules: [{9C6901C5-F9B6-4589-9632-459FE393ED6C}] => (Allow) LPort=9009
FirewallRules: [{FAA455DA-165A-480E-8473-9CB204C0BDCD}] => (Allow) LPort=9009
FirewallRules: [{5C643DA4-6D95-4B19-9139-19DDCCB9610C}] => (Allow) LPort=9009
2021-01-17 06:11 - 2020-10-15 10:25 - 000003400 _____ C:\WINDOWS\system32\Tasks\GoogleUpdateTaskMachineUA
2021-01-17 06:11 - 2020-10-15 10:25 - 000003176 _____ C:\WINDOWS\system32\Tasks\GoogleUpdateTaskMachineCore

EmptyTemp:
Hosts:
Poznamkovy blok ulozte pod nazvom fixlist.txt do umiestnenia kde je FRST.
Spustite FRST a odkliknite tlacidlo: Fix
Vykona sa funkcionalita po ktorej sa pocitac rebootuje. Po reboote sem vlozte obsah logu: fixlog.txt ulozeneho v umiestneni FRST.
Vyšla moja nová kniha BOTNETY! :173: Informácie o nej nájdete tu: >> BOTNETY <<

¯­­­¯­­­¯­­­¯­­­¯­­­¯­­­¯­­­¯­­­¯­­­¯­­­¯­­­¯­­­¯­­­¯­­­¯­­­¯­­­¯­­­¯­­­¯­­­¯­­­¯­­­¯­­­¯­­­¯­­­¯­­­¯­­­¯­­­¯­­­¯­­­¯­­­¯­­­¯­­­¯­­­¯­­­¯­­­¯­­­¯­­­¯­­­¯­­­¯­­­¯­­­¯­­­¯­­­¯­­­¯­­­¯­­­¯­­­¯­­­¯­­­¯­­­¯­­­¯­­­¯­­­¯­­­¯­­­¯­­­¯­­­¯­­­¯­­­¯­­­¯­­­¯­­­¯­­­¯­­­¯­­­¯­­­¯­­­¯­­­¯­­­¯­­­¯­­­¯­­­¯­­­¯­­­¯­­­¯­­­¯­­­¯­­­¯­­­¯­­­¯­­­¯­­­¯­­­¯­­­¯­­­¯­­­¯­­­¯­­­¯­­­¯­­­¯­­­¯­­­¯­­­¯­­­¯­­­¯­­­¯­­­¯­­­¯­­­¯­­­¯­­­¯­­­¯­­­¯­­­¯­­­¯­­­¯­­­¯­­­¯­­­¯­­­¯­­­¯­­­¯­­­¯­­­¯­­­¯­­­¯­­­¯­­­¯­­­¯­­­¯­­­¯­­­¯­­­¯­­­¯­­­¯­­­¯­­­¯­­­¯­­­¯­­­¯­­­¯­­­¯­­­¯­­­¯­­­¯­­­¯­­­¯­­­¯­­­¯­­­¯­­­
---
Obrázek Hľadáme nové posily do nášej CyberSecurity UNIT jednotky. Viac informácií o tom, čo to obnáša a ako sa pripojiť nájdete tu: >> CyberSecurity UNIT << Obrázek
----
Nízkoúrovňový, Vysokoúrovňový programátor - profilová karta tu: card <<
----
Háveťárna - UPLOAD Malwaru: >> upload <<
---
Ak sa Vám ľúbi moja práca a ste sňou spokojný, môžete ma kontaktovať na: diallix@centrum.sk, info@diallix.net alebo diallix@forum.viry.cz .
---
Momentálne aktívny ako:
- konzultant, vývojár a tutor výskumu inteligentného malwaru.
- tutor v oblasti dotazovacích jazykoch SQL (TSQL, PLSQL), objektového programovania (c++,c#,php) pre študentov.

Na fóre pôsobím ako:
- Bezpečnostná autorita viry.cz
- Zástupca tutora pre vzdelávanie nováčikov
- Zakladateľ Cyber Security jednotky
Nahoru
matti.sin
Návštěvník
Návštěvník
Příspěvky: 41
Registrován: 16 bře 2018 23:27

Re: prosím, prosím o kontrolu logu

#7 Příspěvek od matti.sin »

Fix result of Farbar Recovery Scan Tool (x64) Version: 27-01-2021
Ran by absender (30-01-2021 19:43:07) Run:1
Running from C:\Users\absen\OneDrive\Desktop
Loaded Profiles: absender
Boot Mode: Normal
==============================================

fixlist content:
*****************
CloseProcesses:
CreateRestorePoint:

HKLM\...\Run: [AdobeAAMUpdater-1.0] => C:\Program Files (x86)\Common Files\Adobe\OOBE\PDApp\UWA\UpdaterStartupUtility.exe [509936 2018-04-10] (Adobe Systems Incorporated -> Adobe Systems Incorporated)
HKU\S-1-5-21-1975070713-3845745136-328932001-1001\...\MountPoints2: {e904fb9b-ea10-11ea-9635-e0d55e1a247e} - "G:\HiSuiteDownLoader.exe"
HKLM\SOFTWARE\Policies\Mozilla\Firefox: Restriction <==== ATTENTION
Task: {04A9D8DD-C805-46F5-9B76-7EEFD442947E} - System32\Tasks\GoogleUpdateTaskMachineCore => C:\Program Files (x86)\Google\Update\GoogleUpdate.exe [155592 2020-10-15] (Google LLC -> Google LLC)
Task: {1B44D5D6-76F9-402D-95F0-5F4BAEF9B316} - System32\Tasks\Adobe Acrobat Update Task => C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\AdobeARM.exe [1349200 2020-11-03] (Adobe Inc. -> Adobe Inc.)
S3 SWDUMon; \SystemRoot\system32\DRIVERS\SWDUMon.sys [X]
2020-08-16 14:29 - 2015-03-17 10:08 - 000025589 _____ () C:\Program Files (x86)\Berime.htm
2020-08-16 14:29 - 2015-03-17 10:08 - 000026079 _____ () C:\Program Files (x86)\Leame.htm
2020-08-16 14:29 - 2015-03-17 10:08 - 000025973 _____ () C:\Program Files (x86)\LeesMij.htm
2020-08-16 14:29 - 2015-03-17 10:08 - 000026230 _____ () C:\Program Files (x86)\Leggimi.htm
2020-08-16 14:29 - 2015-03-17 10:08 - 000025616 _____ () C:\Program Files (x86)\LeiaMe.htm
2020-08-16 14:29 - 2015-03-17 10:08 - 000026450 _____ () C:\Program Files (x86)\Liesmich.htm
2020-08-16 14:29 - 2015-03-17 10:08 - 000027104 _____ () C:\Program Files (x86)\Lisezmoi.htm
2020-08-16 14:29 - 2015-03-17 10:08 - 000025665 _____ () C:\Program Files (x86)\LueMinut.htm
2020-08-16 14:29 - 2015-03-17 10:08 - 000024876 _____ () C:\Program Files (x86)\ReadMe.htm
2020-08-16 14:29 - 2015-03-17 10:08 - 000024716 _____ () C:\Program Files (x86)\ReadMeCS.htm
2020-08-16 14:29 - 2015-03-17 10:08 - 000024661 _____ () C:\Program Files (x86)\ReadMeCT.htm
2020-08-16 14:29 - 2015-03-17 10:08 - 000027559 _____ () C:\Program Files (x86)\ReadMeCZE.htm
2020-08-16 14:29 - 2015-03-17 10:08 - 000028458 _____ () C:\Program Files (x86)\ReadMeHUN.htm
2020-08-16 14:29 - 2015-03-17 10:08 - 000027583 _____ () C:\Program Files (x86)\ReadMeJ.htm
2020-08-16 14:29 - 2015-03-17 10:08 - 000025709 _____ () C:\Program Files (x86)\ReadMeK.htm
2020-08-16 14:29 - 2015-03-17 10:08 - 000024407 _____ () C:\Program Files (x86)\ReadMeMEA.htm
2020-08-16 14:29 - 2015-03-17 10:08 - 000024388 _____ () C:\Program Files (x86)\ReadMeMEH.htm
2020-08-16 14:29 - 2015-03-17 10:08 - 000026073 _____ () C:\Program Files (x86)\ReadMePOL.htm
2020-08-16 14:29 - 2015-03-17 10:08 - 000025790 _____ () C:\Program Files (x86)\ReadMeRUS.htm
2020-08-16 14:29 - 2015-03-17 10:08 - 000028250 _____ () C:\Program Files (x86)\ReadMeSKY.htm
2020-08-16 14:29 - 2015-03-17 10:08 - 000026679 _____ () C:\Program Files (x86)\ReadMeTUR.htm
2020-08-16 14:29 - 2015-03-17 10:08 - 000025802 _____ () C:\Program Files (x86)\ReadMeUKR.htm
2020-08-16 14:29 - 2015-03-17 10:08 - 000025463 _____ () C:\Program Files (x86)\Vigtigt.htm
2020-08-16 14:29 - 2015-03-17 10:08 - 000025419 _____ () C:\Program Files (x86)\Viktig.htm
2020-08-16 14:29 - 2015-03-17 10:08 - 000025587 _____ () C:\Program Files (x86)\Viktigt.htm
FirewallRules: [{1E29E840-8D34-43AA-94D2-DB4167ABB39E}] => (Allow) LPort=9009
FirewallRules: [{9C6901C5-F9B6-4589-9632-459FE393ED6C}] => (Allow) LPort=9009
FirewallRules: [{FAA455DA-165A-480E-8473-9CB204C0BDCD}] => (Allow) LPort=9009
FirewallRules: [{5C643DA4-6D95-4B19-9139-19DDCCB9610C}] => (Allow) LPort=9009
2021-01-17 06:11 - 2020-10-15 10:25 - 000003400 _____ C:\WINDOWS\system32\Tasks\GoogleUpdateTaskMachineUA
2021-01-17 06:11 - 2020-10-15 10:25 - 000003176 _____ C:\WINDOWS\system32\Tasks\GoogleUpdateTaskMachineCore

EmptyTemp:
Hosts:
*****************

Processes closed successfully.
Restore point was successfully created.
"HKLM\Software\Microsoft\Windows\CurrentVersion\Run\\AdobeAAMUpdater-1.0" => removed successfully
HKU\S-1-5-21-1975070713-3845745136-328932001-1001\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\MountPoints2\{e904fb9b-ea10-11ea-9635-e0d55e1a247e} => removed successfully
HKLM\SOFTWARE\Policies\Mozilla => removed successfully
"HKLM\Software\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Logon\{04A9D8DD-C805-46F5-9B76-7EEFD442947E}" => removed successfully
"HKLM\Software\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tasks\{04A9D8DD-C805-46F5-9B76-7EEFD442947E}" => removed successfully
C:\WINDOWS\System32\Tasks\GoogleUpdateTaskMachineCore => moved successfully
"HKLM\Software\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tree\GoogleUpdateTaskMachineCore" => removed successfully
"HKLM\Software\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Logon\{1B44D5D6-76F9-402D-95F0-5F4BAEF9B316}" => removed successfully
"HKLM\Software\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tasks\{1B44D5D6-76F9-402D-95F0-5F4BAEF9B316}" => removed successfully
C:\WINDOWS\System32\Tasks\Adobe Acrobat Update Task => moved successfully
"HKLM\Software\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tree\Adobe Acrobat Update Task" => removed successfully
HKLM\System\CurrentControlSet\Services\SWDUMon => removed successfully
SWDUMon => service removed successfully
C:\Program Files (x86)\Berime.htm => moved successfully
C:\Program Files (x86)\Leame.htm => moved successfully
C:\Program Files (x86)\LeesMij.htm => moved successfully
C:\Program Files (x86)\Leggimi.htm => moved successfully
C:\Program Files (x86)\LeiaMe.htm => moved successfully
C:\Program Files (x86)\Liesmich.htm => moved successfully
C:\Program Files (x86)\Lisezmoi.htm => moved successfully
C:\Program Files (x86)\LueMinut.htm => moved successfully
C:\Program Files (x86)\ReadMe.htm => moved successfully
C:\Program Files (x86)\ReadMeCS.htm => moved successfully
C:\Program Files (x86)\ReadMeCT.htm => moved successfully
C:\Program Files (x86)\ReadMeCZE.htm => moved successfully
C:\Program Files (x86)\ReadMeHUN.htm => moved successfully
C:\Program Files (x86)\ReadMeJ.htm => moved successfully
C:\Program Files (x86)\ReadMeK.htm => moved successfully
C:\Program Files (x86)\ReadMeMEA.htm => moved successfully
C:\Program Files (x86)\ReadMeMEH.htm => moved successfully
C:\Program Files (x86)\ReadMePOL.htm => moved successfully
C:\Program Files (x86)\ReadMeRUS.htm => moved successfully
C:\Program Files (x86)\ReadMeSKY.htm => moved successfully
C:\Program Files (x86)\ReadMeTUR.htm => moved successfully
C:\Program Files (x86)\ReadMeUKR.htm => moved successfully
C:\Program Files (x86)\Vigtigt.htm => moved successfully
C:\Program Files (x86)\Viktig.htm => moved successfully
C:\Program Files (x86)\Viktigt.htm => moved successfully
"HKLM\SYSTEM\CurrentControlSet\services\SharedAccess\Parameters\FirewallPolicy\FirewallRules\\{1E29E840-8D34-43AA-94D2-DB4167ABB39E}" => removed successfully
"HKLM\SYSTEM\CurrentControlSet\services\SharedAccess\Parameters\FirewallPolicy\FirewallRules\\{9C6901C5-F9B6-4589-9632-459FE393ED6C}" => removed successfully
"HKLM\SYSTEM\CurrentControlSet\services\SharedAccess\Parameters\FirewallPolicy\FirewallRules\\{FAA455DA-165A-480E-8473-9CB204C0BDCD}" => removed successfully
"HKLM\SYSTEM\CurrentControlSet\services\SharedAccess\Parameters\FirewallPolicy\FirewallRules\\{5C643DA4-6D95-4B19-9139-19DDCCB9610C}" => removed successfully
C:\WINDOWS\system32\Tasks\GoogleUpdateTaskMachineUA => moved successfully
"C:\WINDOWS\system32\Tasks\GoogleUpdateTaskMachineCore" => not found
C:\Windows\System32\Drivers\etc\hosts => moved successfully
Hosts restored successfully.

=========== EmptyTemp: ==========

BITS transfer queue => 7626752 B
DOMStore, IE Recovery, AppCache, Feeds Cache, Thumbcache, IconCache => 13857279 B
Java, Flash, Steam htmlcache => 1451 B
Windows/system/drivers => 45241228 B
Edge => 88236 B
Chrome => 1385184 B
Firefox => 1127370486 B
Opera => 0 B

Temp, IE cache, history, cookies, recent:
Default => 0 B
Users => 0 B
ProgramData => 0 B
Public => 0 B
systemprofile => 0 B
systemprofile32 => 0 B
LocalService => 93266 B
NetworkService => 93266 B
absen => 610250188 B

RecycleBin => 47992117 B
EmptyTemp: => 1.7 GB temporary data Removed.

================================


The system needed a reboot.

==== End of Fixlog 19:43:37 ====
Nahoru
Uživatelský avatar
Diallix
Rádce
Rádce
Příspěvky: 2760
Registrován: 27 dub 2008 10:34
Kontaktovat uživatele:
Kontaktovat uživatele Diallix

Re: prosím, prosím o kontrolu logu

#8 Příspěvek od Diallix »

Ok, ako je na tom pocitac?
Vyšla moja nová kniha BOTNETY! :173: Informácie o nej nájdete tu: >> BOTNETY <<

¯­­­¯­­­¯­­­¯­­­¯­­­¯­­­¯­­­¯­­­¯­­­¯­­­¯­­­¯­­­¯­­­¯­­­¯­­­¯­­­¯­­­¯­­­¯­­­¯­­­¯­­­¯­­­¯­­­¯­­­¯­­­¯­­­¯­­­¯­­­¯­­­¯­­­¯­­­¯­­­¯­­­¯­­­¯­­­¯­­­¯­­­¯­­­¯­­­¯­­­¯­­­¯­­­¯­­­¯­­­¯­­­¯­­­¯­­­¯­­­¯­­­¯­­­¯­­­¯­­­¯­­­¯­­­¯­­­¯­­­¯­­­¯­­­¯­­­¯­­­¯­­­¯­­­¯­­­¯­­­¯­­­¯­­­¯­­­¯­­­¯­­­¯­­­¯­­­¯­­­¯­­­¯­­­¯­­­¯­­­¯­­­¯­­­¯­­­¯­­­¯­­­¯­­­¯­­­¯­­­¯­­­¯­­­¯­­­¯­­­¯­­­¯­­­¯­­­¯­­­¯­­­¯­­­¯­­­¯­­­¯­­­¯­­­¯­­­¯­­­¯­­­¯­­­¯­­­¯­­­¯­­­¯­­­¯­­­¯­­­¯­­­¯­­­¯­­­¯­­­¯­­­¯­­­¯­­­¯­­­¯­­­¯­­­¯­­­¯­­­¯­­­¯­­­¯­­­¯­­­¯­­­¯­­­¯­­­¯­­­¯­­­¯­­­¯­­­¯­­­¯­­­¯­­­¯­­­¯­­­¯­­­¯­­­¯­­­¯­­­¯­­­
---
Obrázek Hľadáme nové posily do nášej CyberSecurity UNIT jednotky. Viac informácií o tom, čo to obnáša a ako sa pripojiť nájdete tu: >> CyberSecurity UNIT << Obrázek
----
Nízkoúrovňový, Vysokoúrovňový programátor - profilová karta tu: card <<
----
Háveťárna - UPLOAD Malwaru: >> upload <<
---
Ak sa Vám ľúbi moja práca a ste sňou spokojný, môžete ma kontaktovať na: diallix@centrum.sk, info@diallix.net alebo diallix@forum.viry.cz .
---
Momentálne aktívny ako:
- konzultant, vývojár a tutor výskumu inteligentného malwaru.
- tutor v oblasti dotazovacích jazykoch SQL (TSQL, PLSQL), objektového programovania (c++,c#,php) pre študentov.

Na fóre pôsobím ako:
- Bezpečnostná autorita viry.cz
- Zástupca tutora pre vzdelávanie nováčikov
- Zakladateľ Cyber Security jednotky
Nahoru
matti.sin
Návštěvník
Návštěvník
Příspěvky: 41
Registrován: 16 bře 2018 23:27

Re: prosím, prosím o kontrolu logu

#9 Příspěvek od matti.sin »

na mozille je klid jen se mi sam otevira microsoft edge i kdyz jej nepouzivam avast sice uspava
Nahoru
matti.sin
Návštěvník
Návštěvník
Příspěvky: 41
Registrován: 16 bře 2018 23:27

Re: prosím, prosím o kontrolu logu

#10 Příspěvek od matti.sin »

tak jeden den byl klid a opetu tu je zase vyskakovani praznych oken v mozille :(
Nahoru
Uživatelský avatar
Diallix
Rádce
Rádce
Příspěvky: 2760
Registrován: 27 dub 2008 10:34
Kontaktovat uživatele:
Kontaktovat uživatele Diallix

Re: prosím, prosím o kontrolu logu

#11 Příspěvek od Diallix »

Dajte, prosim sem nove logy FRST+ ADDITION
Vyšla moja nová kniha BOTNETY! :173: Informácie o nej nájdete tu: >> BOTNETY <<

¯­­­¯­­­¯­­­¯­­­¯­­­¯­­­¯­­­¯­­­¯­­­¯­­­¯­­­¯­­­¯­­­¯­­­¯­­­¯­­­¯­­­¯­­­¯­­­¯­­­¯­­­¯­­­¯­­­¯­­­¯­­­¯­­­¯­­­¯­­­¯­­­¯­­­¯­­­¯­­­¯­­­¯­­­¯­­­¯­­­¯­­­¯­­­¯­­­¯­­­¯­­­¯­­­¯­­­¯­­­¯­­­¯­­­¯­­­¯­­­¯­­­¯­­­¯­­­¯­­­¯­­­¯­­­¯­­­¯­­­¯­­­¯­­­¯­­­¯­­­¯­­­¯­­­¯­­­¯­­­¯­­­¯­­­¯­­­¯­­­¯­­­¯­­­¯­­­¯­­­¯­­­¯­­­¯­­­¯­­­¯­­­¯­­­¯­­­¯­­­¯­­­¯­­­¯­­­¯­­­¯­­­¯­­­¯­­­¯­­­¯­­­¯­­­¯­­­¯­­­¯­­­¯­­­¯­­­¯­­­¯­­­¯­­­¯­­­¯­­­¯­­­¯­­­¯­­­¯­­­¯­­­¯­­­¯­­­¯­­­¯­­­¯­­­¯­­­¯­­­¯­­­¯­­­¯­­­¯­­­¯­­­¯­­­¯­­­¯­­­¯­­­¯­­­¯­­­¯­­­¯­­­¯­­­¯­­­¯­­­¯­­­¯­­­¯­­­¯­­­¯­­­¯­­­¯­­­¯­­­¯­­­¯­­­¯­­­¯­­­¯­­­
---
Obrázek Hľadáme nové posily do nášej CyberSecurity UNIT jednotky. Viac informácií o tom, čo to obnáša a ako sa pripojiť nájdete tu: >> CyberSecurity UNIT << Obrázek
----
Nízkoúrovňový, Vysokoúrovňový programátor - profilová karta tu: card <<
----
Háveťárna - UPLOAD Malwaru: >> upload <<
---
Ak sa Vám ľúbi moja práca a ste sňou spokojný, môžete ma kontaktovať na: diallix@centrum.sk, info@diallix.net alebo diallix@forum.viry.cz .
---
Momentálne aktívny ako:
- konzultant, vývojár a tutor výskumu inteligentného malwaru.
- tutor v oblasti dotazovacích jazykoch SQL (TSQL, PLSQL), objektového programovania (c++,c#,php) pre študentov.

Na fóre pôsobím ako:
- Bezpečnostná autorita viry.cz
- Zástupca tutora pre vzdelávanie nováčikov
- Zakladateľ Cyber Security jednotky
Nahoru
matti.sin
Návštěvník
Návštěvník
Příspěvky: 41
Registrován: 16 bře 2018 23:27

Re: prosím, prosím o kontrolu logu

#12 Příspěvek od matti.sin »

Scan result of Farbar Recovery Scan Tool (FRST) (x64) Version: 03-02-2021
Ran by absender (administrator) on DESKTOP-L1E66R6 (Gigabyte Technology Co., Ltd. B250M-DS3H) (04-02-2021 18:05:57)
Running from C:\Users\absen\OneDrive\Desktop
Loaded Profiles: absender
Platform: Windows 10 Pro Version 20H2 19042.789 (X64) Language: Čeština (Česko)
Default browser: Edge
Boot Mode: Normal

==================== Processes (Whitelisted) =================

(If an entry is included in the fixlist, the process will be closed. The file will not be moved.)

(Adobe Inc. -> Adobe Systems, Incorporated) C:\Program Files (x86)\Common Files\Adobe\AdobeGCClient\AGMService.exe
(Adobe Inc. -> Adobe Systems, Incorporated) C:\Program Files (x86)\Common Files\Adobe\AdobeGCClient\AGSService.exe
(Avast Software s.r.o. -> AVAST Software) C:\Program Files\Avast Software\Avast\aswEngSrv.exe
(Avast Software s.r.o. -> AVAST Software) C:\Program Files\Avast Software\Avast\aswToolsSvc.exe
(Avast Software s.r.o. -> AVAST Software) C:\Program Files\Avast Software\Avast\AvastSvc.exe
(Avast Software s.r.o. -> AVAST Software) C:\Program Files\Avast Software\Avast\AvastUI.exe <4>
(Avast Software s.r.o. -> AVAST Software) C:\Program Files\Avast Software\Avast\wsc_proxy.exe
(Avast Software s.r.o. -> AVAST Software) C:\Program Files\Avast Software\Cleanup\TuneupSvc.exe
(Avast Software s.r.o. -> AVAST Software) C:\Program Files\Avast Software\Cleanup\TuneupUI.exe <2>
(Avast Software s.r.o. -> AVAST Software) C:\Program Files\Avast Software\Driver Updater\DriverUpdSvc.exe
(Avast Software s.r.o. -> AVAST Software) C:\Program Files\Avast Software\Driver Updater\DriverUpdUI.exe <3>
(GIGA-BYTE TECHNOLOGY CO., LTD. -> ) C:\Program Files (x86)\GIGABYTE\RGBFusion\RGBFusion.exe
(GIGA-BYTE TECHNOLOGY CO., LTD. -> Gigabyte Technology CO.) C:\Program Files\GIGABYTE\Smart Backup\RPMDaemon.exe
(Google LLC -> Google LLC) C:\Program Files (x86)\Google\Update\1.3.36.52\GoogleCrashHandler.exe
(Google LLC -> Google LLC) C:\Program Files (x86)\Google\Update\1.3.36.52\GoogleCrashHandler64.exe
(Intel(R) Embedded Subsystems and IP Blocks Group -> Intel Corporation) C:\Windows\System32\DriverStore\FileRepository\dal.inf_amd64_ffc75848a6342fdf\jhi_service.exe
(Intel(R) Rapid Storage Technology -> Intel Corporation) C:\Windows\System32\DriverStore\FileRepository\iaahcic.inf_amd64_186a3f5e688b24d7\RstMwService.exe
(Microsoft Corporation -> Microsoft Corporation) C:\Program Files (x86)\Microsoft\EdgeUpdate\MicrosoftEdgeUpdate.exe
(Microsoft Corporation -> Microsoft Corporation) C:\Users\absen\AppData\Local\Microsoft\OneDrive\OneDrive.exe
(Microsoft Corporation) C:\Program Files\WindowsApps\Microsoft.WindowsCalculator_10.2012.21.0_x64__8wekyb3d8bbwe\Calculator.exe
(Microsoft Corporation) C:\Program Files\WindowsApps\Microsoft.WindowsStore_12011.1001.1.0_x64__8wekyb3d8bbwe\WinStore.App.exe
(Microsoft Windows -> Microsoft Corporation) C:\Windows\ImmersiveControlPanel\SystemSettings.exe
(Microsoft Windows -> Microsoft Corporation) C:\Windows\splwow64.exe
(Microsoft Windows -> Microsoft Corporation) C:\Windows\System32\dllhost.exe <2>
(Microsoft Windows -> Microsoft Corporation) C:\Windows\System32\oobe\UserOOBEBroker.exe
(Microsoft Windows -> Microsoft Corporation) C:\Windows\System32\smartscreen.exe
(Microsoft Windows -> Microsoft Corporation) C:\Windows\System32\WWAHost.exe
(Microsoft Windows -> Microsoft Corporation) C:\Windows\SysWOW64\dllhost.exe
(NVIDIA Corporation -> NVIDIA Corporation) C:\Program Files\NVIDIA Corporation\Display.NvContainer\NVDisplay.Container.exe <2>
(Realtek Semiconductor Corp. -> Realtek Semiconductor) C:\Windows\System32\DriverStore\FileRepository\realtekservice.inf_amd64_bc81681eb27bc1ae\RtkAudUService64.exe <2>

==================== Registry (Whitelisted) ===================

(If an entry is included in the fixlist, the registry item will be restored to default or removed. The file will not be moved.)

HKLM\...\Run: [RtkAudUService] => C:\WINDOWS\System32\DriverStore\FileRepository\realtekservice.inf_amd64_bc81681eb27bc1ae\RtkAudUService64.exe [1223224 2021-01-12] (Realtek Semiconductor Corp. -> Realtek Semiconductor)
HKLM\...\Run: [AvastUI.exe] => C:\Program Files\Avast Software\Avast\AvLaunch.exe [117352 2020-12-18] (Avast Software s.r.o. -> AVAST Software)
HKLM\...\Run: [AdobeGCInvoker-1.0] => C:\Program Files (x86)\Common Files\Adobe\AdobeGCClient\AGCInvokerUtility.exe [3402832 2020-09-23] (Adobe Inc. -> Adobe Systems, Incorporated)
HKLM\...\Run: [TuneupUI.exe] => C:\Program Files\Avast Software\Cleanup\TuneupUI.exe [2596704 2021-01-09] (Avast Software s.r.o. -> AVAST Software)
HKLM\...\Run: [DriverUpdUI.exe] => C:\Program Files\Avast Software\Driver Updater\DriverUpdUI.exe [2863840 2021-01-24] (Avast Software s.r.o. -> AVAST Software)
HKLM\...\Run: [IAStorIcon] => C:\Program Files\Intel\Intel(R) Rapid Storage Technology\IAStorIcon.exe [321112 2019-12-09] (Intel(R) Rapid Storage Technology -> Intel Corporation)
HKLM-x32\...\Run: [GrooveMonitor] => C:\Program Files (x86)\Microsoft Office\Office12\GrooveMonitor.exe [30040 2009-02-26] (Microsoft Corporation -> Microsoft Corporation)
HKLM-x32\...\Run: [Acrobat Assistant 8.0] => C:\Program Files (x86)\Adobe\Acrobat DC\Acrobat\Acrotray.exe [5641776 2020-07-31] (Adobe Inc. -> Adobe Systems Inc.)
HKLM\...\RunOnce: [RPMKickstart] => C:\Program Files\GIGABYTE\Smart Backup\RPMKickstartEx.exe [2320384 2014-04-01] (TODO: <Company name>) [File not signed]
HKLM-x32\...\RunOnce: [DualBiosRescue] => C:\Program Files (x86)\GIGABYTE\GigabyteFirmwareUpdateUtility\dbrro.exe [12096 2015-08-19] (GIGA-BYTE TECHNOLOGY CO., LTD. -> )
HKLM-x32\...\RunOnce: [SelLed] => C:\Program Files (x86)\GIGABYTE\RGBFusion\RunLed.exe [50096 2019-04-29] (GIGA-BYTE TECHNOLOGY CO., LTD. -> )
HKU\S-1-5-19\...\RunOnce: [WAB Migrate] => C:\Program Files\Windows Mail\wab.exe [518656 2019-12-07] (Microsoft Windows -> Microsoft Corporation)
HKU\S-1-5-20\...\RunOnce: [WAB Migrate] => C:\Program Files\Windows Mail\wab.exe [518656 2019-12-07] (Microsoft Windows -> Microsoft Corporation)
HKLM\...\Print\Monitors\Adobe PDF Port Monitor: C:\WINDOWS\system32\AdobePDF.dll [65488 2020-03-05] (Adobe Inc. -> Adobe Systems Inc)
HKLM\Software\Microsoft\Active Setup\Installed Components: [{8A69D345-D564-463c-AFF1-A69D9E530F96}] -> C:\Program Files\Google\Chrome\Application\88.0.4324.104\Installer\chrmstp.exe [2021-01-30] (Google LLC -> Google LLC)
BootExecute: autocheck autochk * icarus_rvrt.exe
HKLM\SOFTWARE\Policies\Mozilla\Firefox: Restriction <==== ATTENTION

==================== Scheduled Tasks (Whitelisted) ============

(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)

Task: {20266CA5-1927-466B-8CE9-7DA746BDBF90} - System32\Tasks\LiquidSensord => C:\Program Files (x86)\GIGABYTE\EasyTuneEngineService\LiquidSensord.exe [251616 2020-11-03] (GIGA-BYTE TECHNOLOGY CO., LTD. -> GIGA-BYTE TECHNOLOGY CO., LTD.)
Task: {2CD0BA19-9626-417D-A6F8-09F1DA2326F0} - System32\Tasks\Intel PTT EK Recertification => C:\WINDOWS\System32\DriverStore\FileRepository\iclsclient.inf_amd64_75ffca5eec865b4b\lib\IntelPTTEKRecertification.exe [918288 2020-04-22] (Intel(R) Trust Services -> Intel(R) Corporation)
Task: {429A9758-1C9D-4D04-AD8E-1A4DF813D85C} - System32\Tasks\Avast Software\Avast Cleanup Update => C:\Program Files\Common Files\Avast Software\Icarus\avast-tu\icarus.exe [5442656 2020-11-25] (Avast Software s.r.o. -> Avast Software)
Task: {43B3FFBA-0447-4C2B-B2BE-6D70D2E9DC9B} - System32\Tasks\Avast Software\Avast Cleanup Update BugReport => C:\Program Files\Avast Software\Cleanup\AvBugReport.exe [2812624 2021-01-09] (Avast Software s.r.o. -> AVAST Software) -> --send "dumps|report" --silent --product 62 --programpath "C:\Program Files\Avast Software\Cleanup\Setup\.." --configpath "C:\Program Files\Avast Software\Cleanup\Setup" --path "C:\ProgramData\Avast Software\Cleanup\log" --path "C:\ProgramData\Avast Software\Icarus\Logs" --guid b45ffe40-578f-40a3-a30d-182011146df5
Task: {509F768F-4A31-4417-9C20-C1B3B413FBDB} - System32\Tasks\Avast Software\Overseer => C:\Program Files\Common Files\AVAST Software\Overseer\overseer.exe [1741416 2020-09-19] (Avast Software s.r.o. -> Avast Software)
Task: {56138744-24F0-4AD7-8CE9-C75DD61612D2} - System32\Tasks\Avast Software\Avast Driver Updater Update => C:\Program Files\Common Files\Avast Software\Icarus\avast-du\icarus.exe [5491424 2021-01-04] (Avast Software s.r.o. -> Avast Software)
Task: {6AAB2ABA-5067-433C-B358-B15DB919E7F8} - System32\Tasks\Avast Software\Avast Driver Updater BugReport => C:\Program Files\Avast Software\Driver Updater\AvBugReport.exe [4648160 2021-01-24] (Avast Software s.r.o. -> AVAST Software) -> --send "dumps|report" --silent --product 148 --programpath "C:\Program Files\Avast Software\Driver Updater\Setup\.." --configpath "C:\Program Files\Avast Software\Driver Updater\Setup" --path "C:\ProgramData\Avast Software\Driver Updater\log" --path "C:\ProgramData\Avast Software\Icarus\Logs" --guid df2e2187-a078-4784-a3bf-6fb742189837
Task: {81C72E17-01F9-402F-A9DA-9EA65F41D783} - System32\Tasks\EasyTune 1 => C:\Program Files (x86)\GIGABYTE\EasyTune\etocfile.exe [18144 2020-02-14] (GIGA-BYTE TECHNOLOGY CO., LTD. -> GIGA-BYTE TECHNOLOGY CO., LTD.)
Task: {9E1A6831-8B8E-43CB-B6BD-6CB79FE857CD} - System32\Tasks\SIV-VGA => C:\Program Files (x86)\GIGABYTE\SIV\sensord.exe [254176 2020-11-03] (GIGA-BYTE TECHNOLOGY CO., LTD. -> GIGA-BYTE TECHNOLOGY CO., LTD.)
Task: {A58872EC-F761-4894-8ACE-2FB94CC9E7AF} - System32\Tasks\EasyTune => C:\Program Files (x86)\GIGABYTE\EasyTune\etinit.exe [15792 2019-02-21] (GIGA-BYTE TECHNOLOGY CO., LTD. -> GIGA-BYTE TECHNOLOGY CO., LTD.)
Task: {BDB5C631-0FCA-40D5-B19C-578A028286CD} - \GoogleUpdateTaskMachineUA -> No File <==== ATTENTION
Task: {CFE24438-54B8-43F7-B7B0-C8204E08FDE8} - System32\Tasks\GraphicsCardEngine => C:\Program Files (x86)\GIGABYTE\EasyTuneEngineService\GraphicsCardEngineStarter.exe [233184 2020-10-16] (GIGA-BYTE TECHNOLOGY CO., LTD. -> GIGA-BYTE TECHNOLOGY CO., LTD.)
Task: {EE3D005B-A587-4B34-968B-4FD0F83C2DA2} - System32\Tasks\Avast Emergency Update => C:\Program Files\Avast Software\Avast\AvEmUpdate.exe [4621920 2020-12-18] (Avast Software s.r.o. -> AVAST Software)
Task: {F58F2464-91F8-4FFC-B09F-D3B11F4A2AB4} - System32\Tasks\SIV => C:\Program Files (x86)\GIGABYTE\SIV\thermald.exe [387808 2020-11-03] (GIGA-BYTE TECHNOLOGY CO., LTD. -> GIGA-BYTE TECHNOLOGY CO., LTD.)
Task: {FE80DFE9-FDB9-422E-BCB3-2050641C9150} - System32\Tasks\AdobeGCInvoker-1.0 => C:\Program Files (x86)\Common Files\Adobe\AdobeGCClient\AGCInvokerUtility.exe [3402832 2020-09-23] (Adobe Inc. -> Adobe Systems, Incorporated)

(If an entry is included in the fixlist, the task (.job) file will be moved. The file which is running by the task will not be moved.)


==================== Internet (Whitelisted) ====================

(If an item is included in the fixlist, if it is a registry item it will be removed or restored to default.)

Tcpip\Parameters: [DhcpNameServer] 192.168.0.1
Tcpip\..\Interfaces\{d425a2fe-1aa1-4b2a-84a4-5f965c9a6349}: [DhcpNameServer] 192.168.0.1

Edge:
=======
Edge DefaultProfile: Default
Edge Profile: C:\Users\absen\AppData\Local\Microsoft\Edge\User Data\Default [2021-02-04]

FireFox:
========
FF DefaultProfile: ykb1veku.default
FF ProfilePath: C:\Users\absen\AppData\Roaming\Mozilla\Firefox\Profiles\ykb1veku.default [2021-01-30]
FF ProfilePath: C:\Users\absen\AppData\Roaming\Mozilla\Firefox\Profiles\3p7qohr9.default-release [2021-02-04]
FF Homepage: Mozilla\Firefox\Profiles\3p7qohr9.default-release -> seznam.cz
FF Notifications: Mozilla\Firefox\Profiles\3p7qohr9.default-release -> hxxps://web.whatsapp.com
FF Extension: (Stylish - Custom themes for any website) - C:\Users\absen\AppData\Roaming\Mozilla\Firefox\Profiles\3p7qohr9.default-release\Extensions\{46551EC9-40F0-4e47-8E18-8E5CF550CFB8}.xpi [2020-08-02]
FF Extension: (Dark Theme for Facebook™) - C:\Users\absen\AppData\Roaming\Mozilla\Firefox\Profiles\3p7qohr9.default-release\Extensions\{a2ededde-8633-4305-92f0-46676a0784a3}.xpi [2020-08-02]
FF Extension: (HTML5 Video Player) - C:\Users\absen\AppData\Roaming\Mozilla\Firefox\Profiles\3p7qohr9.default-release\Extensions\{b9601b48-2ef5-4384-b831-565b4d08a5b4}.xpi [2020-12-31]
FF HKLM\...\Firefox\Extensions: [web2pdfextension.17@acrobat.adobe.com] - C:\Program Files (x86)\Adobe\Acrobat DC\Acrobat\Browser\WCFirefoxExtn\WebExtn\signed_extn\adobe_acrobat-1.0-windows.xpi
FF Extension: (Adobe Acrobat) - C:\Program Files (x86)\Adobe\Acrobat DC\Acrobat\Browser\WCFirefoxExtn\WebExtn\signed_extn\adobe_acrobat-1.0-windows.xpi [2020-03-05]
FF HKLM-x32\...\Firefox\Extensions: [web2pdfextension.17@acrobat.adobe.com] - C:\Program Files (x86)\Adobe\Acrobat DC\Acrobat\Browser\WCFirefoxExtn\WebExtn\signed_extn\adobe_acrobat-1.0-windows.xpi
FF Plugin: @videolan.org/vlc,version=2.1.0 -> C:\Program Files\VideoLAN\VLC\npvlc.dll [2021-01-04] (VideoLAN -> VideoLAN)
FF Plugin: @videolan.org/vlc,version=3.0.11 -> C:\Program Files\VideoLAN\VLC\npvlc.dll [2021-01-04] (VideoLAN -> VideoLAN)
FF Plugin: @videolan.org/vlc,version=3.0.12 -> C:\Program Files\VideoLAN\VLC\npvlc.dll [2021-01-04] (VideoLAN -> VideoLAN)
FF Plugin: adobe.com/AdobeAAMDetect -> C:\Program Files (x86)\Common Files\Adobe\OOBE\PDApp\CCM\Utilities\npAdobeAAMDetect64.dll [2015-01-23] (Adobe Systems Incorporated -> Adobe Systems)
FF Plugin-x32: Adobe Acrobat -> C:\Program Files (x86)\Adobe\Acrobat DC\Acrobat\Air\nppdf32.dll [2020-07-31] (Adobe Inc. -> Adobe Systems Inc.)
FF Plugin-x32: adobe.com/AdobeAAMDetect -> C:\Program Files (x86)\Common Files\Adobe\OOBE\PDApp\CCM\Utilities\npAdobeAAMDetect32.dll [2015-01-23] (Adobe Systems Incorporated -> Adobe Systems)

Chrome:
=======
CHR Profile: C:\Users\absen\AppData\Local\Google\Chrome\User Data\Default [2021-01-30]
CHR Extension: (Prezentace) - C:\Users\absen\AppData\Local\Google\Chrome\User Data\Default\Extensions\aapocclcgogkmnckokdopfmhonfmgoek [2020-10-15]
CHR Extension: (Dokumenty) - C:\Users\absen\AppData\Local\Google\Chrome\User Data\Default\Extensions\aohghmighlieiainnegkcijnfilokake [2020-10-15]
CHR Extension: (Disk Google) - C:\Users\absen\AppData\Local\Google\Chrome\User Data\Default\Extensions\apdfllckaahabafndbhieahigkjlhalf [2020-10-15]
CHR Extension: (YouTube) - C:\Users\absen\AppData\Local\Google\Chrome\User Data\Default\Extensions\blpcfgokakmgnkcojhhkbfbldkacnbeo [2020-10-15]
CHR Extension: (Adobe Acrobat) - C:\Users\absen\AppData\Local\Google\Chrome\User Data\Default\Extensions\efaidnbmnnnibpcajpcglclefindmkaj [2020-10-15]
CHR Extension: (Tabulky) - C:\Users\absen\AppData\Local\Google\Chrome\User Data\Default\Extensions\felcaaldnbdncclmgdcncolpebgiejap [2020-10-15]
CHR Extension: (Dokumenty Google offline) - C:\Users\absen\AppData\Local\Google\Chrome\User Data\Default\Extensions\ghbmnnjooekpmoecnnnilnnbdlolhkhi [2020-10-15]
CHR Extension: (Platby Internetového obchodu Chrome) - C:\Users\absen\AppData\Local\Google\Chrome\User Data\Default\Extensions\nmmhkkegccagdldgiimedpiccmgmieda [2020-10-15]
CHR Extension: (Gmail) - C:\Users\absen\AppData\Local\Google\Chrome\User Data\Default\Extensions\pjkljhegncpnkpknbcohdijeoejaedia [2020-10-15]
CHR Extension: (Chrome Media Router) - C:\Users\absen\AppData\Local\Google\Chrome\User Data\Default\Extensions\pkedcjkdefgpdelpbcmbmeomcjbeemfm [2020-10-15]
CHR HKLM-x32\...\Chrome\Extension: [efaidnbmnnnibpcajpcglclefindmkaj]

==================== Services (Whitelisted) ===================

(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)

S4 AdobeARMservice; C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\armsvc.exe [170056 2020-11-03] (Adobe Inc. -> Adobe Inc.)
R2 AGMService; C:\Program Files (x86)\Common Files\Adobe\AdobeGCClient\AGMService.exe [3739728 2020-09-23] (Adobe Inc. -> Adobe Systems, Incorporated)
R2 AGSService; C:\Program Files (x86)\Common Files\Adobe\AdobeGCClient\AGSService.exe [3511376 2020-09-23] (Adobe Inc. -> Adobe Systems, Incorporated)
S3 AppleChargerSrv; C:\WINDOWS\System32\AppleChargerSrv.exe [31272 2010-04-06] (Giga-Byte Technology -> )
S3 aswbIDSAgent; C:\Program Files\Avast Software\Avast\aswidsagent.exe [8477080 2020-12-18] (Avast Software s.r.o. -> AVAST Software)
R2 avast! Antivirus; C:\Program Files\Avast Software\Avast\AvastSvc.exe [621728 2020-12-18] (Avast Software s.r.o. -> AVAST Software)
R2 avast! Tools; C:\Program Files\Avast Software\Avast\aswToolsSvc.exe [351848 2020-12-18] (Avast Software s.r.o. -> AVAST Software)
R2 AvastWscReporter; C:\Program Files\Avast Software\Avast\wsc_proxy.exe [58048 2020-12-18] (Avast Software s.r.o. -> AVAST Software)
R2 CleanupPSvc; C:\Program Files\Avast Software\Cleanup\TuneupSvc.exe [12968552 2021-01-09] (Avast Software s.r.o. -> AVAST Software)
R2 DriverUpdSvc; C:\Program Files\Avast Software\Driver Updater\DriverUpdSvc.exe [5986528 2021-01-24] (Avast Software s.r.o. -> AVAST Software)
S4 EasyTuneEngineService; C:\Program Files (x86)\GIGABYTE\EasyTuneEngineService\EasyTuneEngineService.exe [144608 2020-11-05] (GIGA-BYTE TECHNOLOGY CO., LTD. -> GIGA-BYTE TECHNOLOGY CO., LTD.)
S3 FvSvc; C:\Program Files\NVIDIA Corporation\FrameViewSDK\nvfvsdksvc_x64.exe [287720 2020-12-31] (NVIDIA Corporation -> NVIDIA)
S4 gadjservice; C:\Program Files (x86)\GIGABYTE\AppCenter\AdjustService.exe [17920 2015-06-25] () [File not signed]
S4 Gservice; C:\Program Files (x86)\GIGABYTE\GService\GCloud.exe [19888 2016-12-02] (GIGA-BYTE TECHNOLOGY CO., LTD. -> Microsoft)
S4 HwmRecordService; C:\Program Files (x86)\GIGABYTE\SIV\HwmRecordService.exe [128736 2020-11-03] (GIGA-BYTE TECHNOLOGY CO., LTD. -> GIGA-BYTE TECHNOLOGY CO., LTD.)
S4 OcButtonService; C:\Program Files (x86)\GIGABYTE\EasyTuneEngineService\OcButtonService.exe [125664 2020-11-03] (GIGA-BYTE TECHNOLOGY CO., LTD. -> GIGA-BYTE TECHNOLOGY CO., LTD.)
R2 RtkAudioUniversalService; C:\WINDOWS\System32\DriverStore\FileRepository\realtekservice.inf_amd64_bc81681eb27bc1ae\RtkAudUService64.exe [1223224 2021-01-12] (Realtek Semiconductor Corp. -> Realtek Semiconductor)
S3 Sense; C:\Program Files\Windows Defender Advanced Threat Protection\MsSense.exe [5198064 2021-01-13] (Microsoft Windows Publisher -> Microsoft Corporation)
S4 TeamViewer; C:\Program Files (x86)\TeamViewer\TeamViewer_Service.exe [12834584 2021-01-22] (TeamViewer Germany GmbH -> TeamViewer Germany GmbH)
S3 WdNisSvc; C:\Program Files\Windows Defender\NisSrv.exe [3004048 2019-12-07] (Microsoft Windows Publisher -> Microsoft Corporation)
S3 WinDefend; C:\Program Files\Windows Defender\MsMpEng.exe [103384 2019-12-07] (Microsoft Windows Publisher -> Microsoft Corporation)

===================== Drivers (Whitelisted) ===================

(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)

R1 AppleCharger; C:\WINDOWS\System32\DRIVERS\AppleCharger.sys [22240 2013-10-28] (GIGA-BYTE TECHNOLOGY CO., LTD. -> )
R0 aswArDisk; C:\WINDOWS\System32\drivers\aswArDisk.sys [36792 2020-12-18] (Avast Software s.r.o. -> AVAST Software)
R1 aswArPot; C:\WINDOWS\System32\drivers\aswArPot.sys [208672 2020-12-18] (Avast Software s.r.o. -> AVAST Software)
R1 aswbidsdriver; C:\WINDOWS\System32\drivers\aswbidsdriver.sys [332880 2020-12-18] (Avast Software s.r.o. -> AVAST Software)
R0 aswbidsh; C:\WINDOWS\System32\drivers\aswbidsh.sys [247888 2020-12-18] (Avast Software s.r.o. -> AVAST Software)
R0 aswbuniv; C:\WINDOWS\System32\drivers\aswbuniv.sys [97360 2020-12-18] (Avast Software s.r.o. -> AVAST Software)
R0 aswElam; C:\WINDOWS\System32\drivers\aswElam.sys [16832 2020-12-18] (Microsoft Windows Early Launch Anti-malware Publisher -> AVAST Software)
R1 aswKbd; C:\WINDOWS\System32\drivers\aswKbd.sys [42424 2020-12-18] (Avast Software s.r.o. -> AVAST Software)
R1 aswMonFlt; C:\WINDOWS\System32\drivers\aswMonFlt.sys [176384 2020-12-18] (Avast Software s.r.o. -> AVAST Software)
R1 aswNetHub; C:\WINDOWS\System32\drivers\aswNetHub.sys [522480 2020-12-18] (Avast Software s.r.o. -> AVAST Software)
R1 aswRdr; C:\WINDOWS\System32\drivers\aswRdr2.sys [108928 2020-12-18] (Avast Software s.r.o. -> AVAST Software)
R0 aswRvrt; C:\WINDOWS\System32\drivers\aswRvrt.sys [84496 2020-12-18] (Avast Software s.r.o. -> AVAST Software)
R1 aswSnx; C:\WINDOWS\System32\drivers\aswSnx.sys [851256 2020-12-18] (Avast Software s.r.o. -> AVAST Software)
R1 aswSP; C:\WINDOWS\System32\drivers\aswSP.sys [468888 2021-01-09] (Avast Software s.r.o. -> AVAST Software)
S2 aswStm; C:\WINDOWS\System32\drivers\aswStm.sys [214808 2021-01-09] (Avast Software s.r.o. -> AVAST Software)
R0 aswVmm; C:\WINDOWS\System32\drivers\aswVmm.sys [324904 2021-01-09] (Avast Software s.r.o. -> AVAST Software)
S3 BthA2dp; C:\WINDOWS\System32\drivers\BthA2dp.sys [279040 2019-12-07] (Microsoft Corporation) [File not signed]
R1 EneTechIo; C:\WINDOWS\system32\drivers\ene.sys [20992 2020-05-12] (Microsoft Windows Hardware Compatibility Publisher -> )
R3 gdrv2; C:\WINDOWS\gdrv2.sys [32600 2021-01-24] (GIGA-BYTE Technology Co., Ltd. -> GIGA-BYTE TECHNOLOGY CO., LTD.)
R3 int0800; C:\WINDOWS\System32\drivers\flashud.sys [62984 2019-08-28] (Intel Corporation -> Intel Corporation)
S1 UsbCharger; C:\WINDOWS\System32\DRIVERS\UsbCharger.sys [22240 2013-10-24] (GIGA-BYTE TECHNOLOGY CO., LTD. -> )
S3 WdBoot; C:\WINDOWS\system32\drivers\WdBoot.sys [46688 2019-12-07] (Microsoft Windows Early Launch Anti-malware Publisher -> Microsoft Corporation)
S3 WdFilter; C:\WINDOWS\system32\drivers\WdFilter.sys [350136 2019-12-07] (Microsoft Windows -> Microsoft Corporation)
S3 WdNisDrv; C:\WINDOWS\System32\Drivers\WdNisDrv.sys [54200 2019-12-07] (Microsoft Windows -> Microsoft Corporation)

==================== NetSvcs (Whitelisted) ===================

(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)


==================== One month (created) (Whitelisted) =========

(If an entry is included in the fixlist, the file/folder will be moved.)

2021-02-04 18:03 - 2021-02-04 18:03 - 000000000 ___HD C:\$AV_ASW
2021-02-04 16:17 - 2021-02-04 16:17 - 000000000 ____D C:\ProgramData\HP
2021-02-04 16:17 - 2020-09-18 05:20 - 007326528 _____ (HP Inc.) C:\WINDOWS\system32\HPScanTEDrv_x64.dll
2021-02-04 16:17 - 2020-09-18 05:20 - 005129536 _____ (HP Inc.) C:\WINDOWS\SysWOW64\HPScanTEDrv.dll
2021-02-04 16:17 - 2020-09-18 05:20 - 001328960 _____ (HP Inc.) C:\WINDOWS\system32\HPScanTEDrv_x64_DiscoveryLibDyn.dll
2021-02-04 16:17 - 2020-09-18 05:20 - 000963392 _____ (HP Inc.) C:\WINDOWS\SysWOW64\DiscoveryLibDyn.dll
2021-02-04 16:17 - 2020-09-18 05:20 - 000665408 _____ (HP Inc., LP) C:\WINDOWS\system32\HPWia2Drv.dll
2021-02-04 16:17 - 2020-09-18 03:08 - 000003487 _____ C:\WINDOWS\SysWOW64\HPScanDrvConfig.xml
2021-02-04 16:17 - 2020-09-18 03:08 - 000003487 _____ C:\WINDOWS\system32\HPScanDrvConfig.xml
2021-02-03 11:12 - 2021-02-03 11:12 - 002755584 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\mshtml.tlb
2021-02-03 11:12 - 2021-02-03 11:12 - 002755584 _____ (Microsoft Corporation) C:\WINDOWS\system32\mshtml.tlb
2021-02-03 11:12 - 2021-02-03 11:12 - 001314112 _____ (Microsoft Corporation) C:\WINDOWS\system32\SecConfig.efi
2021-02-03 11:12 - 2021-02-03 11:12 - 000010908 _____ C:\WINDOWS\system32\DrtmAuthTxt.wim
2021-02-03 11:11 - 2021-02-03 11:11 - 000231232 _____ C:\WINDOWS\system32\containerdevicemanagement.dll
2021-02-01 14:53 - 2021-02-01 14:54 - 000249224 _____ C:\Users\absen\Downloads\A200311_VEN_004_DANE_2019_VELKY_43.XLSX
2021-01-30 18:34 - 2021-01-30 18:36 - 000000000 ____D C:\AdwCleaner
2021-01-30 15:39 - 2021-02-04 18:06 - 000000000 ____D C:\FRST
2021-01-30 14:00 - 2021-02-04 00:21 - 000000000 ____D C:\Users\absen\AppData\Roaming\TeamViewer
2021-01-30 14:00 - 2021-02-04 00:21 - 000000000 ____D C:\Program Files (x86)\TeamViewer
2021-01-30 14:00 - 2021-01-30 14:22 - 000000000 ____D C:\Users\absen\AppData\Local\TeamViewer
2021-01-30 14:00 - 2021-01-30 14:00 - 029349096 _____ (TeamViewer Germany GmbH) C:\Users\absen\Downloads\TeamViewer_Setup.exe
2021-01-30 14:00 - 2021-01-30 14:00 - 000001112 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Programs\TeamViewer.lnk
2021-01-30 14:00 - 2021-01-30 14:00 - 000001100 _____ C:\Users\Public\Desktop\TeamViewer.lnk
2021-01-30 14:00 - 2021-01-30 14:00 - 000001100 _____ C:\ProgramData\Desktop\TeamViewer.lnk
2021-01-25 00:08 - 2021-01-25 00:08 - 000000000 ____D C:\Users\absen\OneDrive\Dokumenty\temp
2021-01-25 00:07 - 2021-02-01 15:23 - 000003840 _____ C:\WINDOWS\system32\Tasks\Intel PTT EK Recertification
2021-01-25 00:04 - 2021-01-25 00:04 - 000002206 _____ C:\Users\Public\Desktop\RGBFusion 2.0.lnk
2021-01-25 00:04 - 2021-01-25 00:04 - 000002206 _____ C:\ProgramData\Desktop\RGBFusion 2.0.lnk
2021-01-25 00:04 - 2021-01-25 00:04 - 000000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\AORUS
2021-01-25 00:04 - 2021-01-25 00:04 - 000000000 ____D C:\Program Files\Patriot
2021-01-25 00:04 - 2021-01-25 00:04 - 000000000 ____D C:\Program Files\ENE
2021-01-25 00:04 - 2021-01-25 00:04 - 000000000 ____D C:\Program Files (x86)\ENE
2021-01-25 00:04 - 2020-05-12 01:28 - 000020992 _____ C:\WINDOWS\system32\Drivers\ene.sys
2021-01-25 00:01 - 2021-01-26 12:16 - 000002660 _____ C:\WINDOWS\system32\Tasks\GraphicsCardEngine
2021-01-25 00:01 - 2021-01-26 10:51 - 000002676 _____ C:\WINDOWS\system32\Tasks\EasyTune 1
2021-01-25 00:01 - 2021-01-26 10:51 - 000002576 _____ C:\WINDOWS\system32\Tasks\EasyTune
2021-01-25 00:01 - 2021-01-26 10:51 - 000002566 _____ C:\WINDOWS\system32\Tasks\SIV-VGA
2021-01-25 00:01 - 2021-01-26 10:51 - 000002560 _____ C:\WINDOWS\system32\Tasks\SIV
2021-01-25 00:01 - 2021-01-25 00:02 - 000000000 ____D C:\Program Files\GIGABYTE
2021-01-25 00:01 - 2013-10-28 10:02 - 000022240 _____ C:\WINDOWS\system32\Drivers\AppleCharger.sys
2021-01-25 00:01 - 2013-10-24 17:29 - 000022240 _____ C:\WINDOWS\system32\Drivers\UsbCharger.sys
2021-01-25 00:01 - 2010-04-06 16:30 - 000031272 _____ C:\WINDOWS\system32\AppleChargerSrv.exe
2021-01-25 00:00 - 2021-01-25 00:00 - 000000000 ___RD C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Intel
2021-01-25 00:00 - 2021-01-25 00:00 - 000000000 ____D C:\Users\absen\AppData\Roaming\Intel Corporation
2021-01-25 00:00 - 2021-01-25 00:00 - 000000000 ____D C:\Program Files\Common Files\Intel Corporation
2021-01-25 00:00 - 2021-01-25 00:00 - 000000000 ____D C:\Program Files\Common Files\Intel
2021-01-24 23:59 - 2021-01-25 00:00 - 000000000 ____D C:\Program Files (x86)\Intel
2021-01-24 23:59 - 2021-01-24 23:59 - 000000000 ___HD C:\Program Files (x86)\Temp
2021-01-24 23:59 - 2021-01-24 23:59 - 000000000 ____D C:\Users\absen\Intel
2021-01-24 23:59 - 2021-01-24 23:59 - 000000000 ____D C:\ProgramData\Intel
2021-01-24 23:59 - 2021-01-24 23:59 - 000000000 ____D C:\Program Files (x86)\Realtek
2021-01-24 23:59 - 2020-01-15 14:02 - 038215254 _____ C:\WINDOWS\system32\Drivers\RTAIODAT.DAT
2021-01-24 23:59 - 2019-12-19 08:07 - 002877104 ____R (Realtek Semiconductor Corp.) C:\WINDOWS\RtlExUpd.dll
2021-01-24 23:58 - 2021-01-25 00:00 - 000000000 ____D C:\Program Files\Intel
2021-01-24 23:57 - 2021-01-25 00:02 - 000000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\GIGABYTE
2021-01-24 23:56 - 2021-01-24 23:56 - 000032600 ____N (GIGA-BYTE TECHNOLOGY CO., LTD.) C:\WINDOWS\gdrv2.sys
2021-01-24 23:54 - 2021-01-26 12:16 - 000002624 _____ C:\WINDOWS\system32\Tasks\LiquidSensord
2021-01-24 23:54 - 2021-01-25 00:04 - 000000000 ___HD C:\Program Files (x86)\InstallShield Installation Information
2021-01-24 23:54 - 2021-01-25 00:04 - 000000000 ____D C:\Users\absen\AppData\Local\Downloaded Installations
2021-01-24 23:54 - 2021-01-25 00:04 - 000000000 ____D C:\ProgramData\Package Cache
2021-01-24 23:54 - 2021-01-25 00:04 - 000000000 ____D C:\Program Files (x86)\GIGABYTE
2021-01-24 23:54 - 2021-01-24 23:54 - 000000000 ____D C:\Users\absen\Downloads\mb_utility_app_center_B20.0506.1
2021-01-24 23:54 - 2015-06-02 10:50 - 000005120 _____ (Windows (R) Win 7 DDK provider) C:\WINDOWS\system32\acpimof_ocpanel.dll
2021-01-24 23:53 - 2021-01-24 23:53 - 054106693 _____ C:\Users\absen\Downloads\mb_utility_app_center_B20.0506.1.zip
2021-01-24 23:40 - 2021-01-24 23:40 - 002738087 _____ C:\Users\absen\Downloads\mb_driver_chipset_intel_10.1.18243.8188.zip
2021-01-24 23:39 - 2021-01-24 23:39 - 034998662 _____ C:\Users\absen\Downloads\mb_driver_audio_realtek_8703.zip
2021-01-24 23:39 - 2021-01-24 23:39 - 005655597 _____ C:\Users\absen\Downloads\mb_bios_ga-b250m-ds3h_f9.zip
2021-01-24 23:30 - 2021-01-24 23:30 - 000000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\FinalWire
2021-01-24 23:30 - 2021-01-24 23:30 - 000000000 ____D C:\Program Files (x86)\FinalWire
2021-01-24 23:14 - 2020-12-31 15:03 - 000069608 _____ C:\WINDOWS\system32\FvSDK_x64.dll
2021-01-24 23:14 - 2020-12-31 15:03 - 000058344 _____ C:\WINDOWS\SysWOW64\FvSDK_x86.dll
2021-01-24 23:08 - 2021-01-24 23:08 - 000002283 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Avast Driver Updater.lnk
2021-01-24 23:08 - 2021-01-24 23:08 - 000002271 _____ C:\Users\Public\Desktop\Avast Driver Updater.lnk
2021-01-24 23:08 - 2021-01-24 23:08 - 000002271 _____ C:\ProgramData\Desktop\Avast Driver Updater.lnk
2021-01-24 23:05 - 2021-01-24 23:05 - 001093336 _____ (Avast Software) C:\Users\absen\Downloads\avast_driver_updater_online_setup.exe
2021-01-20 21:26 - 2021-01-20 21:26 - 000057648 _____ C:\Users\absen\Downloads\A200115_VEN_028_DANE_2019_MALY_1.XLSX
2021-01-20 12:07 - 2021-01-20 12:08 - 000294291 _____ C:\Users\absen\Downloads\IF_5405_26.pdf
2021-01-20 12:02 - 2021-01-20 12:02 - 000057379 _____ C:\Users\absen\Downloads\A210113_VEN_004_DANE_2020_MALY1.XLSX
2021-01-13 01:40 - 2021-01-13 01:40 - 000729600 _____ (Microsoft Corporation) C:\WINDOWS\system32\hhctrl.ocx
2021-01-13 01:40 - 2021-01-13 01:40 - 000595968 _____ (Microsoft Corporation) C:\WINDOWS\system32\appwiz.cpl
2021-01-13 01:40 - 2021-01-13 01:40 - 000581120 _____ (Microsoft Corporation) C:\WINDOWS\system32\PhotoScreensaver.scr
2021-01-13 01:40 - 2021-01-13 01:40 - 000575488 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\hhctrl.ocx
2021-01-13 01:40 - 2021-01-13 01:40 - 000499200 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\PhotoScreensaver.scr
2021-01-13 01:40 - 2021-01-13 01:40 - 000469504 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\appwiz.cpl
2021-01-13 01:40 - 2021-01-13 01:40 - 000467968 _____ C:\WINDOWS\system32\AssignedAccessCsp.dll
2021-01-13 01:40 - 2021-01-13 01:40 - 000304128 _____ (Microsoft Corporation) C:\WINDOWS\system32\ksproxy.ax
2021-01-13 01:40 - 2021-01-13 01:40 - 000234496 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\ksproxy.ax
2021-01-13 01:40 - 2021-01-13 01:40 - 000170496 _____ (Microsoft Corporation) C:\WINDOWS\system32\VBICodec.ax
2021-01-13 01:40 - 2021-01-13 01:40 - 000157184 _____ C:\WINDOWS\system32\uwfcsp.dll
2021-01-13 01:40 - 2021-01-13 01:40 - 000138056 _____ C:\WINDOWS\system32\HvsiManagementApi.dll
2021-01-13 01:40 - 2021-01-13 01:40 - 000135168 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\VBICodec.ax
2021-01-13 01:40 - 2021-01-13 01:40 - 000101704 _____ C:\WINDOWS\SysWOW64\HvsiManagementApi.dll
2021-01-13 01:40 - 2021-01-13 01:40 - 000095744 _____ C:\WINDOWS\system32\VirtualMonitorManager.dll
2021-01-13 01:40 - 2021-01-13 01:40 - 000087552 _____ (Microsoft Corporation) C:\WINDOWS\system32\tdc.ocx
2021-01-13 01:40 - 2021-01-13 01:40 - 000084992 _____ (Microsoft Corporation) C:\WINDOWS\system32\wscui.cpl
2021-01-13 01:40 - 2021-01-13 01:40 - 000072704 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\tdc.ocx
2021-01-13 01:40 - 2021-01-13 01:40 - 000067584 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\wscui.cpl
2021-01-13 01:40 - 2021-01-13 01:40 - 000067072 _____ C:\WINDOWS\system32\BWContextHandler.dll
2021-01-13 01:40 - 2021-01-13 01:40 - 000053760 _____ C:\WINDOWS\SysWOW64\BWContextHandler.dll
2021-01-13 01:39 - 2021-01-13 01:39 - 002260992 _____ C:\WINDOWS\system32\TextInputMethodFormatter.dll
2021-01-13 01:39 - 2021-01-13 01:39 - 002254336 _____ C:\WINDOWS\system32\dwmscene.dll
2021-01-13 01:39 - 2021-01-13 01:39 - 001333760 _____ C:\WINDOWS\SysWOW64\TextInputMethodFormatter.dll
2021-01-13 01:39 - 2021-01-13 01:39 - 001162240 _____ C:\WINDOWS\system32\MBR2GPT.EXE
2021-01-13 01:39 - 2021-01-13 01:39 - 000643072 _____ C:\WINDOWS\system32\WindowManagementAPI.dll
2021-01-13 01:39 - 2021-01-13 01:39 - 000544768 _____ (Microsoft Corporation) C:\WINDOWS\system32\mmsys.cpl
2021-01-13 01:39 - 2021-01-13 01:39 - 000455680 _____ C:\WINDOWS\SysWOW64\WindowManagementAPI.dll
2021-01-13 01:39 - 2021-01-13 01:39 - 000446976 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\mmsys.cpl
2021-01-13 01:39 - 2021-01-13 01:39 - 000422912 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\winspool.drv
2021-01-13 01:39 - 2021-01-13 01:39 - 000330752 _____ C:\WINDOWS\SysWOW64\ssdm.dll
2021-01-13 01:39 - 2021-01-13 01:39 - 000306688 _____ C:\WINDOWS\system32\HeatCore.dll
2021-01-13 01:39 - 2021-01-13 01:39 - 000238592 _____ (Microsoft Corporation) C:\WINDOWS\system32\intl.cpl
2021-01-13 01:39 - 2021-01-13 01:39 - 000235520 _____ C:\WINDOWS\SysWOW64\HeatCore.dll
2021-01-13 01:39 - 2021-01-13 01:39 - 000190976 _____ C:\WINDOWS\system32\BthpanContextHandler.dll
2021-01-13 01:39 - 2021-01-13 01:39 - 000182272 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\timedate.cpl
2021-01-13 01:39 - 2021-01-13 01:39 - 000178688 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\intl.cpl
2021-01-13 01:39 - 2021-01-13 01:39 - 000152064 _____ C:\WINDOWS\system32\EoAExperiences.exe
2021-01-13 01:38 - 2021-01-13 01:38 - 000562688 _____ (Microsoft Corporation) C:\WINDOWS\system32\winspool.drv
2021-01-13 01:38 - 2021-01-13 01:38 - 000455168 _____ C:\WINDOWS\system32\ssdm.dll
2021-01-13 01:38 - 2021-01-13 01:38 - 000243200 _____ (Microsoft Corporation) C:\WINDOWS\system32\timedate.cpl
2021-01-13 01:38 - 2021-01-13 01:38 - 000165888 _____ C:\WINDOWS\system32\DataStoreCacheDumpTool.exe
2021-01-13 01:38 - 2021-01-13 01:38 - 000074240 _____ C:\WINDOWS\system32\rdsxvmaudio.dll
2021-01-09 15:31 - 2021-01-30 13:50 - 000000000 ____D C:\Program Files\Mozilla Firefox
2021-01-09 15:31 - 2021-01-09 15:31 - 000002197 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Avast Cleanup Premium.lnk
2021-01-09 15:31 - 2021-01-09 15:31 - 000002185 _____ C:\Users\Public\Desktop\Avast Cleanup Premium.lnk
2021-01-09 15:31 - 2021-01-09 15:31 - 000002185 _____ C:\ProgramData\Desktop\Avast Cleanup Premium.lnk
2021-01-09 15:30 - 2021-01-09 15:30 - 001093304 _____ (Avast Software) C:\Users\absen\Downloads\avast_cleanup_online_setup.exe
2021-01-09 15:30 - 2021-01-04 14:52 - 000081632 _____ (Avast Software) C:\WINDOWS\system32\icarus_rvrt.exe

==================== One month (modified) ==================

(If an entry is included in the fixlist, the file/folder will be moved.)

2021-02-04 18:05 - 2020-08-02 14:04 - 000000000 ____D C:\Users\absen\AppData\LocalLow\Mozilla
2021-02-04 18:05 - 2020-08-02 14:04 - 000000000 ____D C:\ProgramData\Mozilla
2021-02-04 18:04 - 2019-12-07 10:14 - 000000000 ____D C:\ProgramData\regid.1991-06.com.microsoft
2021-02-04 16:42 - 2020-08-02 13:53 - 000000000 ____D C:\Users\absen\AppData\Local\PlaceholderTileLogoFolder
2021-02-04 16:42 - 2019-12-07 10:13 - 000000000 ____D C:\WINDOWS\INF
2021-02-04 16:19 - 2020-08-02 13:48 - 000000000 ____D C:\Users\absen\AppData\Local\Packages
2021-02-04 15:02 - 2020-09-16 17:23 - 000000000 ____D C:\WINDOWS\system32\SleepStudy
2021-02-04 13:41 - 2019-12-07 10:14 - 000000000 ____D C:\WINDOWS\AppReadiness
2021-02-04 13:34 - 2020-08-02 17:26 - 000000000 ____D C:\ProgramData\Packages
2021-02-04 13:34 - 2019-12-07 10:14 - 000000000 ___HD C:\Program Files\WindowsApps
2021-02-04 13:28 - 2020-08-02 14:15 - 000000916 _____ C:\Users\Public\Desktop\VLC media player.lnk
2021-02-04 13:28 - 2020-08-02 14:15 - 000000916 _____ C:\ProgramData\Desktop\VLC media player.lnk
2021-02-04 13:28 - 2020-08-02 14:14 - 000000000 ____D C:\Users\absen\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\WinRAR
2021-02-04 13:28 - 2020-08-02 14:14 - 000000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\WinRAR
2021-02-04 13:28 - 2020-08-02 14:14 - 000000000 ____D C:\Program Files\WinRAR
2021-02-03 11:29 - 2020-08-02 14:49 - 000000000 ____D C:\ProgramData\Avast Software
2021-02-03 11:25 - 2020-09-16 17:30 - 001609024 _____ C:\WINDOWS\system32\PerfStringBackup.INI
2021-02-03 11:25 - 2019-12-07 15:43 - 000683272 _____ C:\WINDOWS\system32\perfh005.dat
2021-02-03 11:25 - 2019-12-07 15:43 - 000137586 _____ C:\WINDOWS\system32\perfc005.dat
2021-02-03 11:19 - 2020-09-16 17:26 - 000000006 ____H C:\WINDOWS\Tasks\SA.DAT
2021-02-03 11:19 - 2020-09-16 17:23 - 000008192 ___SH C:\DumpStack.log.tmp
2021-02-03 11:19 - 2020-08-02 13:53 - 000000000 ____D C:\ProgramData\NVIDIA
2021-02-03 11:19 - 2019-12-07 10:03 - 000524288 _____ C:\WINDOWS\system32\config\BBI
2021-02-03 11:18 - 2019-12-07 10:03 - 000000000 ____D C:\WINDOWS\CbsTemp
2021-02-03 11:16 - 2019-12-07 10:14 - 000000000 ___RD C:\WINDOWS\ImmersiveControlPanel
2021-02-03 11:16 - 2019-12-07 10:14 - 000000000 ____D C:\WINDOWS\SysWOW64\Keywords
2021-02-03 11:16 - 2019-12-07 10:14 - 000000000 ____D C:\WINDOWS\SystemResources
2021-02-03 11:16 - 2019-12-07 10:14 - 000000000 ____D C:\WINDOWS\system32\oobe
2021-02-03 11:16 - 2019-12-07 10:14 - 000000000 ____D C:\WINDOWS\system32\Keywords
2021-02-03 11:16 - 2019-12-07 10:14 - 000000000 ____D C:\WINDOWS\system32\es-MX
2021-02-03 11:16 - 2019-12-07 10:14 - 000000000 ____D C:\WINDOWS\PolicyDefinitions
2021-02-03 11:16 - 2019-12-07 10:14 - 000000000 ____D C:\WINDOWS\bcastdvr
2021-02-03 11:16 - 2019-12-07 10:03 - 000000000 ____D C:\WINDOWS\servicing
2021-02-01 18:26 - 2020-10-15 10:25 - 000000000 ____D C:\Program Files (x86)\Google
2021-01-30 19:44 - 2020-09-16 17:26 - 000003384 _____ C:\WINDOWS\system32\Tasks\OneDrive Standalone Update Task-S-1-5-21-1975070713-3845745136-328932001-1001
2021-01-30 19:44 - 2020-09-16 17:16 - 000002361 _____ C:\Users\absen\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\OneDrive.lnk
2021-01-30 19:44 - 2020-08-02 13:50 - 000000000 ___RD C:\Users\absen\OneDrive
2021-01-30 13:49 - 2020-08-02 14:04 - 000001005 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Firefox.lnk
2021-01-30 09:53 - 2020-10-15 10:25 - 000002247 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Google Chrome.lnk
2021-01-30 09:53 - 2020-10-15 10:25 - 000002206 _____ C:\Users\Public\Desktop\Google Chrome.lnk
2021-01-30 09:53 - 2020-10-15 10:25 - 000002206 _____ C:\ProgramData\Desktop\Google Chrome.lnk
2021-01-30 09:51 - 2020-08-15 21:38 - 000002436 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Microsoft Edge.lnk
2021-01-30 09:51 - 2020-08-15 21:38 - 000002274 _____ C:\Users\Public\Desktop\Microsoft Edge.lnk
2021-01-30 09:51 - 2020-08-15 21:38 - 000002274 _____ C:\ProgramData\Desktop\Microsoft Edge.lnk
2021-01-26 10:51 - 2020-09-16 17:26 - 000003572 _____ C:\WINDOWS\system32\Tasks\MicrosoftEdgeUpdateTaskMachineUA
2021-01-26 10:51 - 2020-09-16 17:26 - 000003348 _____ C:\WINDOWS\system32\Tasks\MicrosoftEdgeUpdateTaskMachineCore
2021-01-26 10:51 - 2020-08-02 17:05 - 000000000 ____D C:\Users\absen\AppData\Local\CrashDumps
2021-01-24 23:59 - 2020-09-16 17:16 - 000000000 ____D C:\Users\absen
2021-01-24 23:14 - 2020-08-02 13:53 - 000000000 ____D C:\Program Files\NVIDIA Corporation
2021-01-24 23:14 - 2020-08-02 13:53 - 000000000 ____D C:\Program Files (x86)\NVIDIA Corporation
2021-01-24 23:08 - 2020-09-16 17:26 - 000000000 ____D C:\WINDOWS\system32\Tasks\Avast Software
2021-01-24 23:08 - 2020-08-02 16:11 - 000000000 ____D C:\Program Files\Avast Software
2021-01-24 23:08 - 2020-08-02 14:51 - 000000000 ____D C:\Users\absen\AppData\Roaming\Avast Software
2021-01-24 13:22 - 2020-08-02 17:43 - 000000000 ____D C:\Users\absen\AppData\Local\Adobe
2021-01-17 10:24 - 2019-12-07 10:14 - 000000000 ____D C:\WINDOWS\SysWOW64\Macromed
2021-01-17 10:24 - 2019-12-07 10:14 - 000000000 ____D C:\WINDOWS\system32\Macromed
2021-01-13 02:06 - 2019-12-07 15:47 - 000000000 ____D C:\Program Files\Windows Photo Viewer
2021-01-13 02:06 - 2019-12-07 15:47 - 000000000 ____D C:\Program Files\Windows Defender Advanced Threat Protection
2021-01-13 02:06 - 2019-12-07 15:47 - 000000000 ____D C:\Program Files (x86)\Windows Photo Viewer
2021-01-13 02:06 - 2019-12-07 10:14 - 000000000 ___SD C:\WINDOWS\SysWOW64\F12
2021-01-13 02:06 - 2019-12-07 10:14 - 000000000 ___SD C:\WINDOWS\SysWOW64\DiagSvcs
2021-01-13 02:06 - 2019-12-07 10:14 - 000000000 ___SD C:\WINDOWS\system32\UNP
2021-01-13 02:06 - 2019-12-07 10:14 - 000000000 ___SD C:\WINDOWS\system32\F12
2021-01-13 02:06 - 2019-12-07 10:14 - 000000000 ___SD C:\WINDOWS\system32\DiagSvcs
2021-01-13 02:06 - 2019-12-07 10:14 - 000000000 ___RD C:\WINDOWS\PrintDialog
2021-01-13 02:06 - 2019-12-07 10:14 - 000000000 ____D C:\WINDOWS\SysWOW64\setup
2021-01-13 02:06 - 2019-12-07 10:14 - 000000000 ____D C:\WINDOWS\SysWOW64\PerceptionSimulation
2021-01-13 02:06 - 2019-12-07 10:14 - 000000000 ____D C:\WINDOWS\SysWOW64\oobe
2021-01-13 02:06 - 2019-12-07 10:14 - 000000000 ____D C:\WINDOWS\SysWOW64\Dism
2021-01-13 02:06 - 2019-12-07 10:14 - 000000000 ____D C:\WINDOWS\SysWOW64\Com
2021-01-13 02:06 - 2019-12-07 10:14 - 000000000 ____D C:\WINDOWS\SysWOW64\AdvancedInstallers
2021-01-13 02:06 - 2019-12-07 10:14 - 000000000 ____D C:\WINDOWS\system32\WinBioPlugIns
2021-01-13 02:06 - 2019-12-07 10:14 - 000000000 ____D C:\WINDOWS\system32\SystemResetPlatform
2021-01-13 02:06 - 2019-12-07 10:14 - 000000000 ____D C:\WINDOWS\system32\Sysprep
2021-01-13 02:06 - 2019-12-07 10:14 - 000000000 ____D C:\WINDOWS\system32\setup
2021-01-13 02:06 - 2019-12-07 10:14 - 000000000 ____D C:\WINDOWS\system32\PerceptionSimulation
2021-01-13 02:06 - 2019-12-07 10:14 - 000000000 ____D C:\WINDOWS\system32\Dism
2021-01-13 02:06 - 2019-12-07 10:14 - 000000000 ____D C:\WINDOWS\system32\Com
2021-01-13 02:06 - 2019-12-07 10:14 - 000000000 ____D C:\WINDOWS\system32\AdvancedInstallers
2021-01-13 02:06 - 2019-12-07 10:14 - 000000000 ____D C:\WINDOWS\ShellExperiences
2021-01-13 02:06 - 2019-12-07 10:14 - 000000000 ____D C:\WINDOWS\ShellComponents
2021-01-13 02:06 - 2019-12-07 10:14 - 000000000 ____D C:\WINDOWS\Provisioning
2021-01-13 02:06 - 2019-12-07 10:14 - 000000000 ____D C:\WINDOWS\IME
2021-01-13 02:06 - 2019-12-07 10:14 - 000000000 ____D C:\Program Files\Windows Defender
2021-01-13 01:38 - 2020-09-16 17:26 - 002877952 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\PrintConfig.dll
2021-01-13 01:33 - 2020-08-02 15:50 - 000000000 ____D C:\WINDOWS\system32\MRT
2021-01-13 01:32 - 2020-08-02 15:50 - 135062968 ____C (Microsoft Corporation) C:\WINDOWS\system32\MRT.exe
2021-01-11 08:42 - 2020-08-02 14:04 - 000000000 ____D C:\Program Files (x86)\Mozilla Maintenance Service
2021-01-09 15:32 - 2020-09-16 17:26 - 000002672 _____ C:\WINDOWS\system32\Tasks\AdobeGCInvoker-1.0
2021-01-09 15:32 - 2020-09-15 22:23 - 000000000 ___DC C:\WINDOWS\Panther
2021-01-09 15:32 - 2020-08-02 14:40 - 000000000 ____D C:\Users\absen\AppData\Roaming\uTorrent
2021-01-09 15:30 - 2020-08-02 15:35 - 000000000 ____D C:\Program Files\Common Files\AVAST Software
2021-01-09 15:25 - 2020-09-16 17:26 - 000004264 _____ C:\WINDOWS\system32\Tasks\Avast Emergency Update
2021-01-09 15:22 - 2020-12-18 20:44 - 000214808 _____ (AVAST Software) C:\WINDOWS\system32\Drivers\aswStm.sys
2021-01-09 15:22 - 2020-08-02 16:11 - 000468888 _____ (AVAST Software) C:\WINDOWS\system32\Drivers\aswSP.sys
2021-01-09 15:22 - 2020-08-02 16:11 - 000324904 _____ (AVAST Software) C:\WINDOWS\system32\Drivers\aswVmm.sys
2021-01-08 03:21 - 2019-11-20 04:00 - 001147352 _____ (Realtek ) C:\WINDOWS\system32\Drivers\rt640x64.sys
2021-01-05 00:16 - 2020-08-02 15:21 - 000000000 ____D C:\Users\absen\AppData\Roaming\vlc

==================== Files in the root of some directories ========

2020-08-16 14:54 - 2020-08-16 14:54 - 000000000 _____ () C:\Users\absen\AppData\Local\oobelibMkey.log

==================== SigCheck ============================

(There is no automatic fix for files that do not pass verification.)

==================== End of FRST.txt ========================



Additional scan result of Farbar Recovery Scan Tool (x64) Version: 03-02-2021
Ran by absender (04-02-2021 18:07:27)
Running from C:\Users\absen\OneDrive\Desktop
Windows 10 Pro Version 20H2 19042.789 (X64) (2020-09-16 16:27:01)
Boot Mode: Normal
==========================================================


==================== Accounts: =============================

absender (S-1-5-21-1975070713-3845745136-328932001-1001 - Administrator - Enabled) => C:\Users\absen
Administrator (S-1-5-21-1975070713-3845745136-328932001-500 - Administrator - Disabled)
DefaultAccount (S-1-5-21-1975070713-3845745136-328932001-503 - Limited - Disabled)
Guest (S-1-5-21-1975070713-3845745136-328932001-501 - Limited - Disabled)
WDAGUtilityAccount (S-1-5-21-1975070713-3845745136-328932001-504 - Limited - Disabled)

==================== Security Center ========================

(If an entry is included in the fixlist, it will be removed.)

AV: Windows Defender (Disabled - Up to date) {D68DDC3A-831F-4fae-9E44-DA132C1ACF46}
AV: Avast Antivirus (Disabled - Up to date) {EB19B86E-3998-C706-90EF-92B41EB091AF}
AS: Windows Defender (Disabled - Up to date) {D68DDC3A-831F-4fae-9E44-DA132C1ACF46}
AS: Avast Antivirus (Enabled - Up to date) {5078598A-1FA2-C888-AA5F-A9C66537DB12}

==================== Installed Programs ======================

(Only the adware programs with "Hidden" flag could be added to the fixlist to unhide them. The adware programs should be uninstalled manually.)

@BIOS (HKLM-x32\...\{C9D46F25-5F9D-4E25-B24F-BC00E9EDF529}) (Version: 4.20.0518.1 - GIGABYTE) Hidden
@BIOS (HKLM-x32\...\InstallShield_{C9D46F25-5F9D-4E25-B24F-BC00E9EDF529}) (Version: 4.20.0518.1 - GIGABYTE)
µTorrent (HKLM-x32\...\uTorrent) (Version: 2.2.1 - )
Active@ Partition Recovery Ultimate 15 (HKLM\...\{E39DC614-0CB1-41E3-8457-87D58DF29029}_is1) (Version: 15 - LSoft Technologies Inc)
Adobe Acrobat DC (HKLM-x32\...\{AC76BA86-1033-FFFF-7760-0C0F074E4100}) (Version: 20.012.20041 - Adobe Systems Incorporated)
AIDA64 Extreme v6.32 (HKLM-x32\...\AIDA64 Extreme_is1) (Version: 6.32 - FinalWire Ltd.)
Aktualizace produktu Microsoft Office Excel 2007 Help (KB963678) (HKLM-x32\...\{90120000-0016-0405-0000-0000000FF1CE}_ENTERPRISE_{0A1FAC46-B899-421D-B1A2-470896DC45DB}) (Version: - Microsoft)
Aktualizace produktu Microsoft Office Powerpoint 2007 Help (KB963669) (HKLM-x32\...\{90120000-0018-0405-0000-0000000FF1CE}_ENTERPRISE_{5260BB53-C1F7-4A3B-9AEB-3EC9B37FF194}) (Version: - Microsoft)
Aktualizace produktu Microsoft Office Word 2007 Help (KB963665) (HKLM-x32\...\{90120000-001B-0405-0000-0000000FF1CE}_ENTERPRISE_{E68DD413-B834-4923-8181-0A03B7555187}) (Version: - Microsoft)
APP Center (HKLM-x32\...\{D50BEE9A-0EC6-4A58-BF90-35BDC6D6495D}) (Version: 3.20.00803.1 - GIGABYTE) Hidden
APP Center (HKLM-x32\...\InstallShield_{D50BEE9A-0EC6-4A58-BF90-35BDC6D6495D}) (Version: 3.20.00803.1 - GIGABYTE)
Avast Cleanup Premium (HKLM\...\Avast Cleanup) (Version: 20.1.9481.1346 - Avast Software)
Avast Driver Updater (HKLM\...\Avast Driver Updater) (Version: 20.2.1042.2978 - Avast Software)
Avast Free Antivirus (HKLM-x32\...\Avast Antivirus) (Version: 20.10.2442 - Avast Software)
EasyTune (HKLM-x32\...\{7F635314-EE21-4E4B-A68D-69AE70BA0E9B}) (Version: 1.20.1030.1 - GIGABYTE) Hidden
EasyTune (HKLM-x32\...\InstallShield_{7F635314-EE21-4E4B-A68D-69AE70BA0E9B}) (Version: 1.20.1030.1 - GIGABYTE)
EasyTuneEngineService (HKLM-x32\...\{964575C3-5820-4642-A89A-754255B5EFE1}) (Version: 1.20.1105.1 - GIGABYTE) Hidden
EasyTuneEngineService (HKLM-x32\...\InstallShield_{964575C3-5820-4642-A89A-754255B5EFE1}) (Version: 1.20.1105.1 - GIGABYTE)
ENE IO Driver (HKLM-x32\...\{D0512FFD-6194-4D2E-967E-25B82A3322FF}) (Version: 3.3.0 - ENE TECHNOLOGY INC.) Hidden
ENE_AIC_Marvell_HAL (HKLM\...\{085E2365-0A70-4230-B664-02D5E4FE7E9C}) (Version: 1.0.7.0 - ENE TECHNOLOGY INC.) Hidden
ENE_AIC_Marvell_HAL (HKLM-x32\...\{887e18fb-6bc3-4cd4-b34e-32d9ff71bbae}) (Version: 1.0.7.0 - ENE TECHNOLOGY INC.) Hidden
ENE_DRAM_RGB_AIO (HKLM\...\{1745D314-9077-46C9-8562-1C62BAE189B7}) (Version: 1.0.0.9 - Ene Tech.) Hidden
ENE_DRAM_RGB_AIO (HKLM-x32\...\{8bcd6161-a822-4c5a-9711-472cb32c7adf}) (Version: 1.0.0.9 - Ene Tech.) Hidden
ENE_EHD_M2_HAL (HKLM\...\{37A48B7F-D4EA-4863-844E-A284E2AA3C5D}) (Version: 1.0.6.0 - ENE TECHNOLOGY INC.) Hidden
ENE_EHD_M2_HAL (HKLM-x32\...\{d8516682-de60-4332-ad6f-49373754b677}) (Version: 1.0.6.0 - ENE TECHNOLOGY INC.) Hidden
ENE_EHD_SSS_HAL (HKLM\...\{CF703694-01C6-4062-B797-84DB215662BC}) (Version: 1.0.2.0 - ENE TECHNOLOGY INC.) Hidden
ENE_EHD_SSS_HAL (HKLM-x32\...\{9eeadf99-713b-4ab5-9ccd-bf9c1c4d9daf}) (Version: 1.0.2.0 - ENE TECHNOLOGY INC.) Hidden
Fast Boot (HKLM-x32\...\{FA8FB4F2-F524-48E1-A06C-45602FBF26CD}) (Version: 1.20.0420.1 - GIGABYTE) Hidden
Fast Boot (HKLM-x32\...\InstallShield_{FA8FB4F2-F524-48E1-A06C-45602FBF26CD}) (Version: 1.20.0420.1 - GIGABYTE)
Game Boost (HKLM-x32\...\{644B5310-D2AA-42A8-9F3B-7B92C856C8D7}) (Version: 1.00.0006 - Gigabyte) Hidden
Game Boost (HKLM-x32\...\InstallShield_{644B5310-D2AA-42A8-9F3B-7B92C856C8D7}) (Version: 1.00.0006 - Gigabyte)
GigabyteFirmwareUpdateUtility (HKLM-x32\...\{1CBA99CE-1AB3-4366-AFB4-7F7B75EBBE35}) (Version: 1.20.0406.1 - GIGABYTE) Hidden
GigabyteFirmwareUpdateUtility (HKLM-x32\...\InstallShield_{1CBA99CE-1AB3-4366-AFB4-7F7B75EBBE35}) (Version: 1.20.0406.1 - GIGABYTE)
Google Chrome (HKLM-x32\...\Google Chrome) (Version: 88.0.4324.104 - Google LLC)
Google Update Helper (HKLM-x32\...\{60EC980A-BDA2-4CB6-A427-B07A5498B4CA}) (Version: 1.3.36.51 - Google LLC) Hidden
GService (HKLM-x32\...\{D9CB4282-7B2A-4840-AD1D-9DA72B973DD9}) (Version: 1.19.0624.1 - GIGABYTE)
Intel(R) Management Engine Components (HKLM\...\{1CEAC85D-2590-4760-800F-8DE5E91F3700}) (Version: 1846.12.0.1177 - Intel Corporation)
Intel(R) Rapid Storage Technology (HKLM\...\{409CB30E-E457-4008-9B1A-ED1B9EA21140}) (Version: 17.8.0.1065 - Intel Corporation)
Intel(R) Trusted Connect Service Client x86 (HKLM-x32\...\{C9552825-7BF2-4344-BA91-D3CD46F4C441}) (Version: 1.50.638.1 - Intel Corporation) Hidden
Intel(R) Trusted Connect Services Client (HKLM-x32\...\{99ee3c29-c7cd-450f-8db9-d43cc49de1c7}) (Version: 1.50.638.1 - Intel Corporation) Hidden
Intel® Chipset Device Software (HKLM-x32\...\{49bc1e38-39b4-4728-9e75-cbe67ba9a329}) (Version: 10.1.1.42 - Intel(R) Corporation) Hidden
Microsoft Edge (HKLM-x32\...\Microsoft Edge) (Version: 88.0.705.56 - Microsoft Corporation)
Microsoft Edge Update (HKLM-x32\...\Microsoft Edge Update) (Version: 1.3.139.71 - )
Microsoft Office 2007 Service Pack 3 (SP3) (HKLM-x32\...\{90120000-0030-0000-0000-0000000FF1CE}_ENTERPRISE_{6E107EB7-8B55-48BF-ACCB-199F86A2CD93}) (Version: - Microsoft)
Microsoft Office Enterprise 2007 (HKLM-x32\...\ENTERPRISE) (Version: 12.0.6612.1000 - Microsoft Corporation)
Microsoft Office File Validation Add-In (HKLM-x32\...\{90140000-2005-0000-0000-0000000FF1CE}) (Version: 14.0.5130.5003 - Microsoft Corporation)
Microsoft OneDrive (HKU\S-1-5-21-1975070713-3845745136-328932001-1001\...\OneDriveSetup.exe) (Version: 21.002.0104.0005 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.17 (HKLM-x32\...\{9A25302D-30C0-39D9-BD6F-21E6EC160475}) (Version: 9.0.30729 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.6161 (HKLM-x32\...\{9BE518E6-ECC6-35A9-88E4-87755C07200F}) (Version: 9.0.30729.6161 - Microsoft Corporation)
Microsoft Visual C++ 2012 Redistributable (x64) - 11.0.61030 (HKLM-x32\...\{ca67548a-5ebe-413a-b50c-4b9ceb6d66c6}) (Version: 11.0.61030.0 - Microsoft Corporation)
Microsoft Visual C++ 2012 Redistributable (x64) - 11.0.61030 (HKLM-x32\...\{d491dd9d-2eda-4d75-b504-1a201436e7fd}) (Version: 11.0.61030.0 - Microsoft Corporation)
Microsoft Visual C++ 2012 Redistributable (x86) - 11.0.61030 (HKLM-x32\...\{33d1fd90-4274-48a1-9bc1-97e33d9c2d6f}) (Version: 11.0.61030.0 - Microsoft Corporation)
Microsoft Visual C++ 2012 Redistributable (x86) - 11.0.61030 (HKLM-x32\...\{3994d355-238a-4612-af93-26d13deddef1}) (Version: 11.0.61030.0 - Microsoft Corporation)
Microsoft Visual C++ 2015 Redistributable (x86) - 14.0.23026 (HKLM-x32\...\{74d0e5db-b326-4dae-a6b2-445b9de1836e}) (Version: 14.0.23026.0 - Microsoft Corporation)
Mozilla Firefox 85.0 (x64 cs) (HKLM\...\Mozilla Firefox 85.0 (x64 cs)) (Version: 85.0 - Mozilla)
Mozilla Maintenance Service (HKLM\...\MozillaMaintenanceService) (Version: 79.0 - Mozilla)
NVIDIA FrameView SDK 1.1.4923.29214634 (HKLM\...\{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_FrameViewSdk) (Version: 1.1.4923.29214634 - NVIDIA Corporation)
NVIDIA Ovladač HD audia 1.3.38.35 (HKLM\...\{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_HDAudio.Driver) (Version: 1.3.38.35 - NVIDIA Corporation)
NVIDIA Ovladače grafiky 461.09 (HKLM\...\{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_Display.Driver) (Version: 461.09 - NVIDIA Corporation)
NVIDIA Systémový software PhysX 9.19.0218 (HKLM\...\{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_Display.PhysX) (Version: 9.19.0218 - NVIDIA Corporation)
ON_OFF Charge 2 B15.0709.1 (HKLM-x32\...\{6B4ED6F7-BB88-4945-B0C6-01410E1BAC3A}) (Version: 1.00.0000 - GIGABYTE) Hidden
ON_OFF Charge 2 B15.0709.1 (HKLM-x32\...\InstallShield_{6B4ED6F7-BB88-4945-B0C6-01410E1BAC3A}) (Version: 1.00.0000 - GIGABYTE)
Ovládací panel NVIDIA 461.09 (HKLM\...\{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_Display.ControlPanel) (Version: 461.09 - NVIDIA Corporation) Hidden
Patriot Viper M2 SSD RGB (HKLM\...\{0886A906-0625-4A43-930D-AA92F6665AF4}) (Version: 1.00.04 - Patriot Memory) Hidden
Patriot Viper M2 SSD RGB (HKLM-x32\...\{ebb7013c-0b03-497c-bed1-1e48e806a593}) (Version: 1.00.04 - Patriot Memory)
Realtek Audio Driver (HKLM-x32\...\{F132AF7F-7BCA-4EDE-8A7C-958108FE7DBC}) (Version: 6.0.8881.1 - Realtek Semiconductor Corp.)
Realtek Ethernet Controller Driver (HKLM-x32\...\{8833FFB6-5B0C-4764-81AA-06DFEED9A476}) (Version: 10.38.1118.2019 - Realtek)
RGB Fusion (HKLM-x32\...\{FFA8F1FA-3C2C-4A94-AC0B-0DF47272C25F}) (Version: 3.20.1015.1 - GIGABYTE)
SIV (HKLM-x32\...\{AAA057C3-10DC-4EB9-A3D6-8208C1BB7411}) (Version: 1.20.1105.1 - GIGABYTE) Hidden
SIV (HKLM-x32\...\InstallShield_{AAA057C3-10DC-4EB9-A3D6-8208C1BB7411}) (Version: 1.20.1105.1 - GIGABYTE)
Smart Backup (x64) (HKLM-x32\...\{BC1FA5CF-A36F-4C61-9638-09D0B431B006}) (Version: 3.18.0911.1 - GIGABYTE)
TeamViewer (HKLM-x32\...\TeamViewer) (Version: 15.14.3 - TeamViewer)
Update for 2007 Microsoft Office System (KB967642) (HKLM-x32\...\{90120000-0030-0000-0000-0000000FF1CE}_ENTERPRISE_{C444285D-5E4F-48A4-91DD-47AAAA68E92D}) (Version: - Microsoft)
VLC media player (HKLM\...\VLC media player) (Version: 3.0.12 - VideoLAN)
WinRAR 6.00 (64-bit) (HKLM\...\WinRAR archiver) (Version: 6.00.0 - win.rar GmbH)

Packages:
=========
HP Smart -> C:\Program Files\WindowsApps\AD2F1837.HPPrinterControl_122.2.830.0_x64__v10z8vjag6ke6 [2021-02-04] (HP Inc.)
Microsoft Advertising SDK for XAML -> C:\Program Files\WindowsApps\Microsoft.Advertising.Xaml_10.1811.1.0_x64__8wekyb3d8bbwe [2020-08-02] (Microsoft Corporation) [MS Ad]
Microsoft Advertising SDK for XAML -> C:\Program Files\WindowsApps\Microsoft.Advertising.Xaml_10.1811.1.0_x86__8wekyb3d8bbwe [2020-08-02] (Microsoft Corporation) [MS Ad]
Microsoft Solitaire Collection -> C:\Program Files\WindowsApps\Microsoft.MicrosoftSolitaireCollection_4.9.1252.0_x64__8wekyb3d8bbwe [2021-02-01] (Microsoft Studios) [MS Ad]
Netflix -> C:\Program Files\WindowsApps\4DF9E0F8.Netflix_6.97.752.0_x64__mcm4njqhnhss8 [2020-08-02] (Netflix, Inc.)
Realtek Audio Control -> C:\Program Files\WindowsApps\RealtekSemiconductorCorp.RealtekAudioControl_1.22.240.0_x64__dt26b99r8h8gj [2021-01-25] (Realtek Semiconductor Corp)
Spotify Music -> C:\Program Files\WindowsApps\SpotifyAB.SpotifyMusic_1.151.382.0_x86__zpdnekdrzrea0 [2021-01-30] (Spotify AB) [Startup Task]

==================== Custom CLSID (Whitelisted): ==============

(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)

ShellExecuteHooks-x32: Groove GFS Stub Execution Hook - {B5A7F190-DDA6-4420-B3BA-52453494E6CD} - C:\Program Files (x86)\Microsoft Office\Office12\GrooveShellExtensions.dll [2217832 2009-02-26] (Microsoft Corporation -> Microsoft Corporation)
ShellIconOverlayIdentifiers: [00asw] -> {472083B0-C522-11CF-8763-00608CC02F24} => C:\Program Files\Avast Software\Avast\ashShell.dll [2020-12-18] (Avast Software s.r.o. -> AVAST Software)
ContextMenuHandlers1: [Adobe.Acrobat.ContextMenu] -> {A6595CD1-BF77-430A-A452-18696685F7C7} => C:\Program Files (x86)\Adobe\Acrobat DC\Acrobat Elements\ContextMenuShim64.dll [2020-07-31] (Adobe Inc. -> Adobe Systems Inc.)
ContextMenuHandlers1: [avast] -> {472083B0-C522-11CF-8763-00608CC02F24} => C:\Program Files\Avast Software\Avast\ashShell.dll [2020-12-18] (Avast Software s.r.o. -> AVAST Software)
ContextMenuHandlers1: [WinRAR] -> {B41DB860-64E4-11D2-9906-E49FADC173CA} => C:\Program Files\WinRAR\rarext.dll [2020-12-01] (win.rar GmbH -> Alexander Roshal)
ContextMenuHandlers1-x32: [WinRAR32] -> {B41DB860-8EE4-11D2-9906-E49FADC173CA} => C:\Program Files\WinRAR\rarext32.dll [2020-12-01] (win.rar GmbH -> Alexander Roshal)
ContextMenuHandlers3: [00asw] -> {472083B0-C522-11CF-8763-00608CC02F24} => C:\Program Files\Avast Software\Avast\ashShell.dll [2020-12-18] (Avast Software s.r.o. -> AVAST Software)
ContextMenuHandlers5: [NvCplDesktopContext] -> {3D1975AF-48C6-4f8e-A182-BE0E08FA86A9} => C:\WINDOWS\system32\nvshext.dll [2020-12-31] (NVIDIA Corporation -> NVIDIA Corporation)
ContextMenuHandlers6: [Adobe.Acrobat.ContextMenu] -> {A6595CD1-BF77-430A-A452-18696685F7C7} => C:\Program Files (x86)\Adobe\Acrobat DC\Acrobat Elements\ContextMenuShim64.dll [2020-07-31] (Adobe Inc. -> Adobe Systems Inc.)
ContextMenuHandlers6: [avast] -> {472083B0-C522-11CF-8763-00608CC02F24} => C:\Program Files\Avast Software\Avast\ashShell.dll [2020-12-18] (Avast Software s.r.o. -> AVAST Software)
ContextMenuHandlers6: [WinRAR] -> {B41DB860-64E4-11D2-9906-E49FADC173CA} => C:\Program Files\WinRAR\rarext.dll [2020-12-01] (win.rar GmbH -> Alexander Roshal)
ContextMenuHandlers6-x32: [WinRAR32] -> {B41DB860-8EE4-11D2-9906-E49FADC173CA} => C:\Program Files\WinRAR\rarext32.dll [2020-12-01] (win.rar GmbH -> Alexander Roshal)

==================== Codecs (Whitelisted) ====================

==================== Shortcuts & WMI ========================

==================== Loaded Modules (Whitelisted) =============

2019-08-05 19:50 - 2019-08-05 19:50 - 000009216 _____ () [File not signed] C:\Program Files (x86)\GIGABYTE\RGBFusion\Phison.dll
2020-03-05 23:11 - 2020-03-05 23:11 - 000021504 _____ (Adobe Systems Inc.) [File not signed] C:\Program Files (x86)\Adobe\Acrobat DC\Acrobat\locale\cs_cz\Acrobat Elements\ContextMenuShim64.cze
2019-04-15 16:24 - 2019-04-15 16:24 - 000155648 _____ (GIGA-BYTE TECHNOLOGY CO., LTD.) [File not signed] C:\Program Files (x86)\GIGABYTE\RGBFusion\yccV2.DLL
2021-01-25 00:02 - 2013-03-08 11:28 - 000187392 _____ (Gigabyte Technology CO., LTD.) [File not signed] C:\Program Files\Gigabyte\Smart Backup\RescuePlan.dll
2021-01-25 00:02 - 2014-09-15 16:52 - 000705536 _____ (Gigabyte Technology CO., LTD.) [File not signed] C:\Program Files\Gigabyte\Smart Backup\srpCore.dll
2020-07-08 10:49 - 2020-07-08 10:49 - 000474624 _____ (GIGABYTE Technology Co.,Ltd.) [File not signed] C:\Program Files (x86)\GIGABYTE\RGBFusion\GVDisplay.dll
2018-09-11 19:53 - 2018-09-11 19:53 - 000237056 _____ (GIGABYTE Technology Co.,Ltd.) [File not signed] C:\Program Files (x86)\GIGABYTE\RGBFusion\GvIllumLib.dll
2020-08-04 06:02 - 2020-08-04 06:02 - 002057728 _____ (GIGABYTE) [File not signed] C:\Program Files (x86)\GIGABYTE\RGBFusion\AACPCIeSSD_Lib.dll
2020-08-04 06:02 - 2020-08-04 06:02 - 002057728 _____ (GIGABYTE) [File not signed] C:\Program Files (x86)\GIGABYTE\RGBFusion\AACSSD_Lib.dll
2017-10-05 15:26 - 2017-10-05 15:26 - 002247168 _____ (TODO: <Company name>) [File not signed] C:\Program Files (x86)\GIGABYTE\RGBFusion\CRtive.dll
2018-12-08 08:22 - 2018-12-08 08:22 - 002059264 _____ (TODO: <Company name>) [File not signed] C:\Program Files (x86)\GIGABYTE\RGBFusion\GHidApi.dll
2020-10-12 10:47 - 2020-10-12 10:47 - 000486912 _____ (TODO: <Company name>) [File not signed] C:\Program Files (x86)\GIGABYTE\RGBFusion\GvLedLib.dll
2020-10-06 10:47 - 2020-10-06 10:47 - 002107392 _____ (TODO: <Company name>) [File not signed] C:\Program Files (x86)\GIGABYTE\RGBFusion\SMBCtrl.dll

==================== Alternate Data Streams (Whitelisted) ========

==================== Safe Mode (Whitelisted) ==================

==================== Association (Whitelisted) =================

==================== Internet Explorer (Whitelisted) ==========

BHO: GBHO.BHO -> {45d30484-7ded-43d9-957a-d2fd1f046511} -> C:\WINDOWS\system32\mscoree.dll [2019-12-07] (Microsoft Windows -> Microsoft Corporation)
BHO: Adobe Acrobat Create PDF Helper -> {AE7CD045-E861-484f-8273-0445EE161910} -> C:\Program Files (x86)\Common Files\Adobe\Acrobat\WCIEActiveX\DC\x64\AcroIEFavStub.dll [2020-03-05] (Adobe Systems, Incorporated -> Adobe Systems Incorporated)
BHO: Adobe Acrobat Create PDF from Selection -> {F4971EE7-DAA0-4053-9964-665D8EE6A077} -> C:\Program Files (x86)\Common Files\Adobe\Acrobat\WCIEActiveX\DC\x64\AcroIEFavStub.dll [2020-03-05] (Adobe Systems, Incorporated -> Adobe Systems Incorporated)
BHO-x32: Groove GFS Browser Helper -> {72853161-30C5-4D22-B7F9-0BBC1D38A37E} -> C:\Program Files (x86)\Microsoft Office\Office12\GrooveShellExtensions.dll [2009-02-26] (Microsoft Corporation -> Microsoft Corporation)
BHO-x32: Adobe Acrobat Create PDF Helper -> {AE7CD045-E861-484f-8273-0445EE161910} -> C:\Program Files (x86)\Common Files\Adobe\Acrobat\WCIEActiveX\DC\AcroIEFavStub.dll [2020-03-05] (Adobe Systems, Incorporated -> Adobe Systems Incorporated)
BHO-x32: Adobe Acrobat Create PDF from Selection -> {F4971EE7-DAA0-4053-9964-665D8EE6A077} -> C:\Program Files (x86)\Common Files\Adobe\Acrobat\WCIEActiveX\DC\AcroIEFavStub.dll [2020-03-05] (Adobe Systems, Incorporated -> Adobe Systems Incorporated)
Toolbar: HKLM - Adobe Acrobat Create PDF Toolbar - {47833539-D0C5-4125-9FA8-0819E2EAAC93} - C:\Program Files (x86)\Common Files\Adobe\Acrobat\WCIEActiveX\DC\x64\AcroIEFavStub.dll [2020-03-05] (Adobe Systems, Incorporated -> Adobe Systems Incorporated)
Toolbar: HKLM - Smart Backup - {1d09c093-f71e-43c3-b948-19316cbd695e} - C:\WINDOWS\system32\mscoree.dll [2019-12-07] (Microsoft Windows -> Microsoft Corporation)
Toolbar: HKLM-x32 - Adobe Acrobat Create PDF Toolbar - {47833539-D0C5-4125-9FA8-0819E2EAAC93} - C:\Program Files (x86)\Common Files\Adobe\Acrobat\WCIEActiveX\DC\AcroIEFavStub.dll [2020-03-05] (Adobe Systems, Incorporated -> Adobe Systems Incorporated)

==================== Hosts content: =========================

(If needed Hosts: directive could be included in the fixlist to reset Hosts.)

2017-09-29 14:46 - 2021-01-30 19:43 - 000000027 _____ C:\WINDOWS\system32\drivers\etc\hosts
127.0.0.1 localhost

==================== Other Areas ===========================

(Currently there is no automatic fix for this section.)

HKU\S-1-5-21-1975070713-3845745136-328932001-1001\Control Panel\Desktop\\Wallpaper -> C:\Users\absen\AppData\Local\Microsoft\Windows\Themes\RoamedThemeFiles\DesktopBackground\img0.jpg
DNS Servers: 192.168.0.1
HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Policies\System => (ConsentPromptBehaviorAdmin: 5) (ConsentPromptBehaviorUser: 3) (EnableLUA: 1)
HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer => (SmartScreenEnabled: )
Windows Firewall is enabled.

==================== MSCONFIG/TASK MANAGER disabled items ==

(If an entry is included in the fixlist, it will be removed.)

HKLM\...\StartupApproved\Run: => "AdobeAAMUpdater-1.0"
HKLM\...\StartupApproved\Run: => "AdobeGCInvoker-1.0"
HKLM\...\StartupApproved\Run: => "IAStorIcon"
HKLM\...\StartupApproved\Run32: => "GrooveMonitor"
HKLM\...\StartupApproved\Run32: => "Acrobat Assistant 8.0"

==================== FirewallRules (Whitelisted) ================

(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)

FirewallRules: [{D0FC4857-01EA-4F85-ACCF-3F7BB7596950}] => (Allow) C:\Program Files\Mozilla Firefox\firefox.exe (Mozilla Corporation -> Mozilla Corporation)
FirewallRules: [{A3EB1886-6DA5-46F1-AF82-E065A4532F50}] => (Allow) C:\Program Files\Mozilla Firefox\firefox.exe (Mozilla Corporation -> Mozilla Corporation)
FirewallRules: [{650C6E36-EEC5-4144-9DE8-24D6776C3CE9}] => (Allow) C:\Program Files (x86)\uTorrent\uTorrent.exe (BitTorrent Inc -> BitTorrent, Inc.)
FirewallRules: [{9604BE7E-99F6-43BA-96C7-2B4ABE5186EB}] => (Allow) C:\Program Files (x86)\uTorrent\uTorrent.exe (BitTorrent Inc -> BitTorrent, Inc.)
FirewallRules: [TCP Query User{10632098-5C61-4388-A376-E484AB7FB380}C:\program files\videolan\vlc\vlc.exe] => (Allow) C:\program files\videolan\vlc\vlc.exe (VideoLAN -> VideoLAN)
FirewallRules: [UDP Query User{EE2B15BD-BB1A-4AFC-8B71-EA9FF04C007A}C:\program files\videolan\vlc\vlc.exe] => (Allow) C:\program files\videolan\vlc\vlc.exe (VideoLAN -> VideoLAN)
FirewallRules: [{1F814002-E2AF-41E4-8E90-CBD6C666BCEE}] => (Allow) C:\Program Files (x86)\GIGABYTE\AppCenter\ApCent.exe (GIGA-BYTE TECHNOLOGY CO., LTD. -> )
FirewallRules: [{FF046793-038F-4E29-8F50-CAA3878B766F}] => (Allow) C:\Program Files (x86)\GIGABYTE\AppCenter\gcupd.exe (GIGA-BYTE TECHNOLOGY CO., LTD. -> )
FirewallRules: [{06C53832-A07A-4844-A228-3B6D250C16B0}] => (Allow) C:\Program Files (x86)\GIGABYTE\AppCenter\ApCent.exe (GIGA-BYTE TECHNOLOGY CO., LTD. -> )
FirewallRules: [{5559C675-8382-4F4C-A212-3AE6775A3BC5}] => (Allow) C:\Program Files (x86)\GIGABYTE\AppCenter\gcupd.exe (GIGA-BYTE TECHNOLOGY CO., LTD. -> )
FirewallRules: [{196D6A50-C2AD-4313-B21B-390B96B422AE}] => (Allow) C:\Program Files\WindowsApps\Microsoft.SkypeApp_15.68.96.0_x86__kzf8qxf38zg5c\Skype\Skype.exe (Skype Software Sarl -> Skype Technologies S.A.)
FirewallRules: [{607FEFB5-271C-4DCB-9BD5-C3F4B96E7901}] => (Allow) C:\Program Files\WindowsApps\Microsoft.SkypeApp_15.68.96.0_x86__kzf8qxf38zg5c\Skype\Skype.exe (Skype Software Sarl -> Skype Technologies S.A.)
FirewallRules: [{87C4CA69-1F15-45C1-A924-088B20DDA7E8}] => (Allow) C:\Program Files\WindowsApps\Microsoft.SkypeApp_15.68.96.0_x86__kzf8qxf38zg5c\Skype\Skype.exe (Skype Software Sarl -> Skype Technologies S.A.)
FirewallRules: [{F96455BA-FB41-4175-A53F-B07010796BE8}] => (Allow) C:\Program Files\WindowsApps\Microsoft.SkypeApp_15.68.96.0_x86__kzf8qxf38zg5c\Skype\Skype.exe (Skype Software Sarl -> Skype Technologies S.A.)
FirewallRules: [{2AD99580-927E-4FE3-AC8D-328ABABB6B00}] => (Allow) C:\Program Files\Google\Chrome\Application\chrome.exe (Google LLC -> Google LLC)
FirewallRules: [{DD8E987D-26BA-49F6-8205-82C1791CDBC2}] => (Allow) C:\Program Files\WindowsApps\SpotifyAB.SpotifyMusic_1.151.382.0_x86__zpdnekdrzrea0\Spotify.exe (Spotify AB -> Spotify Ltd)
FirewallRules: [{3474238D-0977-4202-BF62-82309AB76D54}] => (Allow) C:\Program Files\WindowsApps\SpotifyAB.SpotifyMusic_1.151.382.0_x86__zpdnekdrzrea0\Spotify.exe (Spotify AB -> Spotify Ltd)
FirewallRules: [{795C2288-837B-464A-AE78-E3D3A272702C}] => (Allow) C:\Program Files\WindowsApps\SpotifyAB.SpotifyMusic_1.151.382.0_x86__zpdnekdrzrea0\Spotify.exe (Spotify AB -> Spotify Ltd)
FirewallRules: [{6EA7A791-A40D-41DA-8D34-E2A0FCE1FC43}] => (Allow) C:\Program Files\WindowsApps\SpotifyAB.SpotifyMusic_1.151.382.0_x86__zpdnekdrzrea0\Spotify.exe (Spotify AB -> Spotify Ltd)
FirewallRules: [{04293312-474C-4B34-B862-D46FDC9BFA4E}] => (Allow) C:\Program Files\WindowsApps\SpotifyAB.SpotifyMusic_1.151.382.0_x86__zpdnekdrzrea0\Spotify.exe (Spotify AB -> Spotify Ltd)
FirewallRules: [{CD9381AE-44C3-4E0D-AF95-D5B13A7A2409}] => (Allow) C:\Program Files\WindowsApps\SpotifyAB.SpotifyMusic_1.151.382.0_x86__zpdnekdrzrea0\Spotify.exe (Spotify AB -> Spotify Ltd)
FirewallRules: [{F48473EA-3C00-4892-90CB-2776F477D671}] => (Allow) C:\Program Files\WindowsApps\SpotifyAB.SpotifyMusic_1.151.382.0_x86__zpdnekdrzrea0\Spotify.exe (Spotify AB -> Spotify Ltd)
FirewallRules: [{81D6B86A-4206-4FB4-98B9-E9D5739B6AF8}] => (Allow) C:\Program Files\WindowsApps\SpotifyAB.SpotifyMusic_1.151.382.0_x86__zpdnekdrzrea0\Spotify.exe (Spotify AB -> Spotify Ltd)
FirewallRules: [{8AE2542E-6B44-46D4-B14E-BC9A64CD60D0}] => (Allow) C:\Program Files (x86)\TeamViewer\TeamViewer.exe (TeamViewer Germany GmbH -> TeamViewer Germany GmbH)
FirewallRules: [{35DF1A6A-DCC0-4767-9451-E5C6C09093FB}] => (Allow) C:\Program Files (x86)\TeamViewer\TeamViewer.exe (TeamViewer Germany GmbH -> TeamViewer Germany GmbH)
FirewallRules: [{61673F63-0016-4851-B10D-6D54D1DB0DF2}] => (Allow) C:\Program Files (x86)\TeamViewer\TeamViewer_Service.exe (TeamViewer Germany GmbH -> TeamViewer Germany GmbH)
FirewallRules: [{8199B76F-E8CF-42D0-9CFA-540ED87C6143}] => (Allow) C:\Program Files (x86)\TeamViewer\TeamViewer_Service.exe (TeamViewer Germany GmbH -> TeamViewer Germany GmbH)

==================== Restore Points =========================

25-01-2021 00:26:56 Avast Driver Updater - Update 2 Device(s)
01-02-2021 14:43:22 Avast Driver Updater - Update 4 Device(s)
03-02-2021 11:08:12 Instalační služba modulů systému Windows
03-02-2021 11:18:24 Instalační služba modulů systému Windows

==================== Faulty Device Manager Devices ============


==================== Event log errors: ========================

Application errors:
==================
Error: (02/01/2021 03:23:10 PM) (Source: Microsoft-Windows-User Profiles Service) (EventID: 1552) (User: NT AUTHORITY)
Description: Uživatelský podregistr načetl jiný proces (zámek registru). Název procesu: C:\Program Files\Avast Software\Cleanup\TuneupSvc.exe, identifikátor PID: 4604, identifikátor PID ProfSvc: 1396.

Error: (01/30/2021 07:44:18 PM) (Source: Microsoft-Windows-User Profiles Service) (EventID: 1552) (User: NT AUTHORITY)
Description: Uživatelský podregistr načetl jiný proces (zámek registru). Název procesu: C:\Program Files\Avast Software\Cleanup\TuneupSvc.exe, identifikátor PID: 4144, identifikátor PID ProfSvc: 1460.

Error: (01/30/2021 07:43:20 PM) (Source: VSS) (EventID: 8193) (User: )
Description: Chyba služby Stínová kopie svazků: Při volání rutiny QueryFullProcessImageNameW došlo k neočekávané chybě. hr= 0x80070006, Neplatný popisovač.
.


Operace:
Spouštění asynchronní operace

Kontext:
Aktuální stav: DoSnapshotSet

Error: (01/30/2021 07:43:08 PM) (Source: VSS) (EventID: 8194) (User: )
Description: Chyba služby Stínová kopie svazků: Při dotazu na rozhraní IVssWriterCallback došlo k neočekávané chybě. hr = 0x80070005, Přístup byl odepřen.
.
To je často způsobeno nesprávným nastavením zabezpečení v modulu pro zápis nebo žadateli.


Operace:
Shromažďování dat modulu pro zápis

Kontext:
ID třídy modulu pro zápis: {e8132975-6f93-4464-a53e-1050253ae220}
Název modulu pro zápis: System Writer
ID instance modulu pro zápis: {e6c24d13-f460-4391-af9c-e4d3d98fc1be}

Error: (01/30/2021 09:59:35 AM) (Source: Microsoft-Windows-Defrag) (EventID: 264) (User: )
Description: Optimalizátor úložiště nemohl dokončit opakovat operaci trim na Data (D:), protože: Požadovaná operace není podporována hardwarem, který zálohuje svazek. (0x8900002A)

Error: (01/26/2021 10:34:56 AM) (Source: Application Error) (EventID: 1000) (User: )
Description: Název chybující aplikace: etinit.exe, verze: 8.0.0.10, časové razítko: 0x5c6e5df7
Název chybujícího modulu: KERNELBASE.dll, verze: 10.0.19041.746, časové razítko: 0x197b16c5
Kód výjimky: 0xe0434352
Posun chyby: 0x0012a842
ID chybujícího procesu: 0xd4c
Čas spuštění chybující aplikace: 0x01d6f3c68010ed01
Cesta k chybující aplikaci: C:\Program Files (x86)\GIGABYTE\EasyTune\etinit.exe
Cesta k chybujícímu modulu: C:\WINDOWS\System32\KERNELBASE.dll
ID zprávy: 2b2267a3-5783-4525-ae2b-fe900d1602c7
Úplný název chybujícího balíčku:
ID aplikace související s chybujícím balíčkem:

Error: (01/26/2021 10:34:56 AM) (Source: Application Error) (EventID: 1000) (User: )
Description: Název chybující aplikace: etocfile.exe, verze: 8.0.0.16, časové razítko: 0x5e4663a1
Název chybujícího modulu: KERNELBASE.dll, verze: 10.0.19041.746, časové razítko: 0x197b16c5
Kód výjimky: 0xe0434352
Posun chyby: 0x0012a842
ID chybujícího procesu: 0x27f0
Čas spuštění chybující aplikace: 0x01d6f3c6800a6cc0
Cesta k chybující aplikaci: C:\Program Files (x86)\GIGABYTE\EasyTune\etocfile.exe
Cesta k chybujícímu modulu: C:\WINDOWS\System32\KERNELBASE.dll
ID zprávy: 3b508876-7aa2-4ce6-a64f-5833d2360ee9
Úplný název chybujícího balíčku:
ID aplikace související s chybujícím balíčkem:

Error: (01/26/2021 10:34:56 AM) (Source: .NET Runtime) (EventID: 1026) (User: )
Description: Aplikace: etinit.exe
Verze Framework: v4.0.30319
Popis: Proces byl ukončen z důvodu neošetřené výjimky.
Informace o výjimce: System.IO.FileLoadException
na etinit.Program.Main(System.String[])


System errors:
=============
Error: (02/03/2021 11:16:27 AM) (Source: DCOM) (EventID: 10010) (User: DESKTOP-L1E66R6)
Description: Server {FD06603A-2BDF-4BB1-B7DF-5DC68F353601} se v daném časovém limitu neregistroval u služby DCOM.

Error: (02/01/2021 08:07:28 PM) (Source: DCOM) (EventID: 10010) (User: DESKTOP-L1E66R6)
Description: Server {9BA05972-F6A8-11CF-A442-00A0C90A8F39} se v daném časovém limitu neregistroval u služby DCOM.

Error: (02/01/2021 08:07:28 PM) (Source: DCOM) (EventID: 10010) (User: DESKTOP-L1E66R6)
Description: Server {9BA05972-F6A8-11CF-A442-00A0C90A8F39} se v daném časovém limitu neregistroval u služby DCOM.

Error: (01/30/2021 07:43:08 PM) (Source: Service Control Manager) (EventID: 7031) (User: )
Description: Služba NVIDIA Display Container LS byla nečekaně ukončena. Stalo se to 1 krát. Následující opravná akce bude spuštěna za 6000 milisekund: Restartovat službu.

Error: (01/30/2021 07:43:08 PM) (Source: Service Control Manager) (EventID: 7031) (User: )
Description: Služba Realtek Audio Universal Service byla nečekaně ukončena. Stalo se to 1 krát. Následující opravná akce bude spuštěna za 0 milisekund: Restartovat službu.

Error: (01/30/2021 07:43:08 PM) (Source: Service Control Manager) (EventID: 7031) (User: )
Description: Služba TeamViewer byla nečekaně ukončena. Stalo se to 1 krát. Následující opravná akce bude spuštěna za 2000 milisekund: Restartovat službu.

Error: (01/30/2021 07:43:07 PM) (Source: Service Control Manager) (EventID: 7031) (User: )
Description: Služba Windows Search byla nečekaně ukončena. Stalo se to 1 krát. Následující opravná akce bude spuštěna za 30000 milisekund: Restartovat službu.

Error: (01/30/2021 06:36:48 PM) (Source: Service Control Manager) (EventID: 7034) (User: )
Description: Služba Intel(R) Storage Middleware Service byla neočekávaně ukončena. Tento stav nastal již 1krát.


CodeIntegrity:
===================================

Date: 2021-02-04 18:03:33.2040000Z
Description:
Code Integrity determined that a process (\Device\HarddiskVolume4\Windows\System32\svchost.exe) attempted to load \Device\HarddiskVolume4\Program Files\Avast Software\Avast\aswAMSI.dll that did not meet the Windows signing level requirements.

Date: 2021-02-04 16:39:23.9050000Z
Description:
Code Integrity determined that a process (\Device\HarddiskVolume4\Program Files (x86)\Microsoft\Edge\Application\msedge.exe) attempted to load \Device\HarddiskVolume4\Program Files\Avast Software\Avast\aswhook.dll that did not meet the Microsoft signing level requirements.

Date: 2021-02-04 16:39:23.7780000Z
Description:
Code Integrity determined that a process (\Device\HarddiskVolume4\Program Files (x86)\Microsoft\Edge\Application\msedge.exe) attempted to load \Device\HarddiskVolume4\Program Files\Avast Software\Avast\aswhook.dll that did not meet the Microsoft signing level requirements.

Date: 2021-02-04 16:39:23.7270000Z
Description:
Code Integrity determined that a process (\Device\HarddiskVolume4\Program Files (x86)\Microsoft\Edge\Application\msedge.exe) attempted to load \Device\HarddiskVolume4\Program Files\Avast Software\Avast\aswhook.dll that did not meet the Microsoft signing level requirements.

Date: 2021-02-04 16:39:16.4530000Z
Description:
Code Integrity determined that a process (\Device\HarddiskVolume4\Program Files (x86)\Microsoft\Edge\Application\msedge.exe) attempted to load \Device\HarddiskVolume4\Program Files\Avast Software\Avast\aswhook.dll that did not meet the Microsoft signing level requirements.

Date: 2021-02-04 16:39:16.1330000Z
Description:
Code Integrity determined that a process (\Device\HarddiskVolume4\Program Files (x86)\Microsoft\Edge\Application\msedge.exe) attempted to load \Device\HarddiskVolume4\Program Files\Avast Software\Avast\aswhook.dll that did not meet the Microsoft signing level requirements.

Date: 2021-02-04 16:25:17.7880000Z
Description:
Code Integrity determined that a process (\Device\HarddiskVolume4\Program Files (x86)\Microsoft\Edge\Application\msedge.exe) attempted to load \Device\HarddiskVolume4\Program Files\Avast Software\Avast\aswhook.dll that did not meet the Microsoft signing level requirements.

Date: 2021-02-04 16:25:16.7540000Z
Description:
Code Integrity determined that a process (\Device\HarddiskVolume4\Program Files (x86)\Microsoft\Edge\Application\msedge.exe) attempted to load \Device\HarddiskVolume4\Program Files\Avast Software\Avast\aswhook.dll that did not meet the Microsoft signing level requirements.

==================== Memory info ===========================

BIOS: American Megatrends Inc. F9 04/10/2018
Motherboard: Gigabyte Technology Co., Ltd. B250M-DS3H-CF
Processor: Intel(R) Core(TM) i5-7400 CPU @ 3.00GHz
Percentage of memory in use: 29%
Total physical RAM: 16344.08 MB
Available physical RAM: 11565.2 MB
Total Virtual: 18776.08 MB
Available Virtual: 12102.44 MB

==================== Drives ================================

Drive c: () (Fixed) (Total:237.87 GB) (Free:179.48 GB) NTFS
Drive d: (Data) (Fixed) (Total:931.39 GB) (Free:929.19 GB) NTFS

\\?\Volume{c9995cf1-9ee5-4cfd-a40f-fd59eac485dd}\ (Obnovení) (Fixed) (Total:0.49 GB) (Free:0.06 GB) NTFS
\\?\Volume{ab6c7d13-5fb0-4c46-9987-9d6b51296447}\ () (Fixed) (Total:0.09 GB) (Free:0.07 GB) FAT32

==================== MBR & Partition Table ====================

==================== End of Addition.txt =======================
Nahoru
Uživatelský avatar
Diallix
Rádce
Rádce
Příspěvky: 2760
Registrován: 27 dub 2008 10:34
Kontaktovat uživatele:
Kontaktovat uživatele Diallix

Re: prosím, prosím o kontrolu logu

#13 Příspěvek od Diallix »

Do poznamkoveho bloku skopirujte obsah dole:

Kód: Vybrat vše

HKLM\SOFTWARE\Policies\Mozilla\Firefox: Restriction <==== ATTENTION
FF Homepage: Mozilla\Firefox\Profiles\3p7qohr9.default-release -> seznam.cz
FF Notifications: Mozilla\Firefox\Profiles\3p7qohr9.default-release -> hxxps://web.whatsapp.com

EmptyTemp:
Poznamkovy blok ulozte pod nazvom fixlist.txt do umiestnenia kde je FRST.
Spustite FRST a odkliknite tlacidlo: Fix
Vykona sa funkcionalita po ktorej sa pocitac rebootuje. Po reboote sem vlozte obsah logu: fixlog.txt ulozeneho v umiestneni FRST.
Vyšla moja nová kniha BOTNETY! :173: Informácie o nej nájdete tu: >> BOTNETY <<

¯­­­¯­­­¯­­­¯­­­¯­­­¯­­­¯­­­¯­­­¯­­­¯­­­¯­­­¯­­­¯­­­¯­­­¯­­­¯­­­¯­­­¯­­­¯­­­¯­­­¯­­­¯­­­¯­­­¯­­­¯­­­¯­­­¯­­­¯­­­¯­­­¯­­­¯­­­¯­­­¯­­­¯­­­¯­­­¯­­­¯­­­¯­­­¯­­­¯­­­¯­­­¯­­­¯­­­¯­­­¯­­­¯­­­¯­­­¯­­­¯­­­¯­­­¯­­­¯­­­¯­­­¯­­­¯­­­¯­­­¯­­­¯­­­¯­­­¯­­­¯­­­¯­­­¯­­­¯­­­¯­­­¯­­­¯­­­¯­­­¯­­­¯­­­¯­­­¯­­­¯­­­¯­­­¯­­­¯­­­¯­­­¯­­­¯­­­¯­­­¯­­­¯­­­¯­­­¯­­­¯­­­¯­­­¯­­­¯­­­¯­­­¯­­­¯­­­¯­­­¯­­­¯­­­¯­­­¯­­­¯­­­¯­­­¯­­­¯­­­¯­­­¯­­­¯­­­¯­­­¯­­­¯­­­¯­­­¯­­­¯­­­¯­­­¯­­­¯­­­¯­­­¯­­­¯­­­¯­­­¯­­­¯­­­¯­­­¯­­­¯­­­¯­­­¯­­­¯­­­¯­­­¯­­­¯­­­¯­­­¯­­­¯­­­¯­­­¯­­­¯­­­¯­­­¯­­­¯­­­¯­­­¯­­­¯­­­¯­­­¯­­­
---
Obrázek Hľadáme nové posily do nášej CyberSecurity UNIT jednotky. Viac informácií o tom, čo to obnáša a ako sa pripojiť nájdete tu: >> CyberSecurity UNIT << Obrázek
----
Nízkoúrovňový, Vysokoúrovňový programátor - profilová karta tu: card <<
----
Háveťárna - UPLOAD Malwaru: >> upload <<
---
Ak sa Vám ľúbi moja práca a ste sňou spokojný, môžete ma kontaktovať na: diallix@centrum.sk, info@diallix.net alebo diallix@forum.viry.cz .
---
Momentálne aktívny ako:
- konzultant, vývojár a tutor výskumu inteligentného malwaru.
- tutor v oblasti dotazovacích jazykoch SQL (TSQL, PLSQL), objektového programovania (c++,c#,php) pre študentov.

Na fóre pôsobím ako:
- Bezpečnostná autorita viry.cz
- Zástupca tutora pre vzdelávanie nováčikov
- Zakladateľ Cyber Security jednotky
Nahoru
matti.sin
Návštěvník
Návštěvník
Příspěvky: 41
Registrován: 16 bře 2018 23:27

Re: prosím, prosím o kontrolu logu

#14 Příspěvek od matti.sin »

Fix result of Farbar Recovery Scan Tool (x64) Version: 04-02-2021
Ran by absender (05-02-2021 13:18:54) Run:2
Running from C:\Users\absen\OneDrive\Desktop
Loaded Profiles: absender
Boot Mode: Normal
==============================================

fixlist content:
*****************
HKLM\SOFTWARE\Policies\Mozilla\Firefox: Restriction <==== ATTENTION
FF Homepage: Mozilla\Firefox\Profiles\3p7qohr9.default-release -> seznam.cz
FF Notifications: Mozilla\Firefox\Profiles\3p7qohr9.default-release -> hxxps://web.whatsapp.com

EmptyTemp:



*****************

HKLM\SOFTWARE\Policies\Mozilla => removed successfully
"Firefox homepage" => removed successfully
"FF Notifications:" => removed successfully

=========== EmptyTemp: ==========

BITS transfer queue => 7626752 B
DOMStore, IE Recovery, AppCache, Feeds Cache, Thumbcache, IconCache => 11759850 B
Java, Flash, Steam htmlcache => 0 B
Windows/system/drivers => 46204583 B
Edge => 0 B
Chrome => 0 B
Firefox => 1082787931 B
Opera => 0 B

Temp, IE cache, history, cookies, recent:
Default => 0 B
Users => 0 B
ProgramData => 0 B
Public => 0 B
systemprofile => 0 B
systemprofile32 => 0 B
LocalService => 27204 B
NetworkService => 27204 B
absen => 95851534 B

RecycleBin => 2655628 B
EmptyTemp: => 1.2 GB temporary data Removed.

================================


The system needed a reboot.

==== End 2 Fixlog 13:19:02 ====
Nahoru
Uživatelský avatar
Diallix
Rádce
Rádce
Příspěvky: 2760
Registrován: 27 dub 2008 10:34
Kontaktovat uživatele:
Kontaktovat uživatele Diallix

Re: prosím, prosím o kontrolu logu

#15 Příspěvek od Diallix »

Skacu stale notifikacie?
Vyšla moja nová kniha BOTNETY! :173: Informácie o nej nájdete tu: >> BOTNETY <<

¯­­­¯­­­¯­­­¯­­­¯­­­¯­­­¯­­­¯­­­¯­­­¯­­­¯­­­¯­­­¯­­­¯­­­¯­­­¯­­­¯­­­¯­­­¯­­­¯­­­¯­­­¯­­­¯­­­¯­­­¯­­­¯­­­¯­­­¯­­­¯­­­¯­­­¯­­­¯­­­¯­­­¯­­­¯­­­¯­­­¯­­­¯­­­¯­­­¯­­­¯­­­¯­­­¯­­­¯­­­¯­­­¯­­­¯­­­¯­­­¯­­­¯­­­¯­­­¯­­­¯­­­¯­­­¯­­­¯­­­¯­­­¯­­­¯­­­¯­­­¯­­­¯­­­¯­­­¯­­­¯­­­¯­­­¯­­­¯­­­¯­­­¯­­­¯­­­¯­­­¯­­­¯­­­¯­­­¯­­­¯­­­¯­­­¯­­­¯­­­¯­­­¯­­­¯­­­¯­­­¯­­­¯­­­¯­­­¯­­­¯­­­¯­­­¯­­­¯­­­¯­­­¯­­­¯­­­¯­­­¯­­­¯­­­¯­­­¯­­­¯­­­¯­­­¯­­­¯­­­¯­­­¯­­­¯­­­¯­­­¯­­­¯­­­¯­­­¯­­­¯­­­¯­­­¯­­­¯­­­¯­­­¯­­­¯­­­¯­­­¯­­­¯­­­¯­­­¯­­­¯­­­¯­­­¯­­­¯­­­¯­­­¯­­­¯­­­¯­­­¯­­­¯­­­¯­­­¯­­­¯­­­¯­­­¯­­­¯­­­¯­­­
---
Obrázek Hľadáme nové posily do nášej CyberSecurity UNIT jednotky. Viac informácií o tom, čo to obnáša a ako sa pripojiť nájdete tu: >> CyberSecurity UNIT << Obrázek
----
Nízkoúrovňový, Vysokoúrovňový programátor - profilová karta tu: card <<
----
Háveťárna - UPLOAD Malwaru: >> upload <<
---
Ak sa Vám ľúbi moja práca a ste sňou spokojný, môžete ma kontaktovať na: diallix@centrum.sk, info@diallix.net alebo diallix@forum.viry.cz .
---
Momentálne aktívny ako:
- konzultant, vývojár a tutor výskumu inteligentného malwaru.
- tutor v oblasti dotazovacích jazykoch SQL (TSQL, PLSQL), objektového programovania (c++,c#,php) pre študentov.

Na fóre pôsobím ako:
- Bezpečnostná autorita viry.cz
- Zástupca tutora pre vzdelávanie nováčikov
- Zakladateľ Cyber Security jednotky
Nahoru
Zamčeno

Zpět na „Preventivní kontroly logů“