Odvirování PC, zrychlení počítače, vzdálená pomoc prostřednictvím služby neslape.cz

Prosím o preventivní kontrolu

Nemáte v tuto chvíli žádný problém s pc a chcete se jen ujistit, že je vše v pořádku?
Vložte log z FRST nebo RSIT.

Moderátor: Moderátoři

Pravidla fóra
Pokud chcete pomoc, vložte log z FRST [návod zde] nebo RSIT [návod zde]

Jednotlivé thready budou po vyřešení uzamčeny. Stejně tak ty, které budou nečinné déle než 14 dní. Vizte Pravidlo o zamykání témat. Děkujeme za pochopení.

!NOVINKA!
Nově lze využívat služby vzdálené pomoci, kdy se k vašemu počítači připojí odborník a bližší informace o problému si od vás získá telefonicky! Více na www.neslape.cz
Zpráva
Autor
kemgura07
Návštěvník
Návštěvník
Příspěvky: 43
Registrován: 26 lis 2019 22:56

Prosím o preventivní kontrolu

#1 Příspěvek od kemgura07 »

PC pomalé načítání..
Logfile of random's system information tool 1.10 (written by random/random)
Run by Kengura at 2021-02-11 13:32:35
Microsoft Windows 10 Pro
System drive C: has 428 GB (87%) free of 494 GB
Total RAM: 3839 MB (53% free)

Logfile of Trend Micro HijackThis v2.0.4
Scan saved at 13:32:41, on 11.02.2021
Platform: Unknown Windows (WinNT 6.02.1008)
MSIE: Internet Explorer v11.0 (11.00.19041.0001)
Boot mode: Normal

Running processes:
C:\Program Files\trend micro\Kengura.exe

R0 - HKCU\Software\Microsoft\Internet Explorer\Main,Start Page = http://go.microsoft.com/fwlink/?LinkId=69157
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Search Page = http://go.microsoft.com/fwlink/?LinkId=54896
R0 - HKLM\Software\Microsoft\Internet Explorer\Main,Start Page = about:blank
R0 - HKLM\Software\Microsoft\Internet Explorer\Search,SearchAssistant =
R0 - HKLM\Software\Microsoft\Internet Explorer\Search,CustomizeSearch =
R0 - HKCU\Software\Microsoft\Internet Explorer\Main,Local Page = %11%\blank.htm
R0 - HKLM\Software\Microsoft\Internet Explorer\Main,Local Page = C:\Windows\SysWOW64\blank.htm
R0 - HKCU\Software\Microsoft\Internet Explorer\Toolbar,LinksFolderName =
F2 - REG:system.ini: UserInit=userinit.exe,
O2 - BHO: Skype for Business Click to Call BHO - {31D09BA0-12F5-4CCE-BE8A-2923E76605DA} - C:\Program Files (x86)\Microsoft Office\Office15\OCHelper.dll
O2 - BHO: Microsoft SkyDrive Pro Browser Helper - {D0498E0A-45B7-42AE-A9AA-ABA463DBD3BF} - C:\PROGRA~2\MICROS~1\Office15\GROOVEEX.DLL
O4 - HKLM\..\Run: [PowerDVD20Agent] "C:\Program Files\CyberLink\PowerDVD20\PowerDVD20Agent.exe"
O4 - HKCU\..\Run: [CCleaner Smart Cleaning] "C:\Program Files\CCleaner\CCleaner64.exe" /MONITOR
O4 - HKCU\..\Run: [CyberlinkPowerPlayerMediaServer] C:\Program Files\CyberLink\PowerDVD20\Common\CLMediaServer\clmediaserver.exe
O4 - HKCU\..\Run: [Zoner Photo Studio Autoupdate] "C:\PROGRAM FILES\ZONER\PHOTO STUDIO 16\Program32\ZPSTRAY.EXE"
O4 - HKUS\S-1-5-19\..\Run: [OneDriveSetup] C:\Windows\SysWOW64\OneDriveSetup.exe /thfirstsetup (User 'LOCAL SERVICE')
O4 - HKUS\S-1-5-19\..\RunOnce: [WAB Migrate] %ProgramFiles%\Windows Mail\wab.exe /Upgrade (User 'LOCAL SERVICE')
O4 - HKUS\S-1-5-20\..\Run: [OneDriveSetup] C:\Windows\SysWOW64\OneDriveSetup.exe /thfirstsetup (User 'NETWORK SERVICE')
O4 - HKUS\S-1-5-20\..\RunOnce: [WAB Migrate] %ProgramFiles%\Windows Mail\wab.exe /Upgrade (User 'NETWORK SERVICE')
O8 - Extra context menu item: Od&eslat do OneNotu - res://C:\PROGRA~1\MICROS~1\Office15\ONBttnIE.dll/105
O9 - Extra button: Odeslat do OneNotu - {2670000A-7350-4f3c-8081-5663EE0C6C49} - C:\Program Files (x86)\Microsoft Office\Office15\ONBttnIE.dll
O9 - Extra 'Tools' menuitem: Od&eslat do OneNotu - {2670000A-7350-4f3c-8081-5663EE0C6C49} - C:\Program Files (x86)\Microsoft Office\Office15\ONBttnIE.dll
O9 - Extra button: Volání kliknutím v Lyncu - {31D09BA0-12F5-4CCE-BE8A-2923E76605DA} - C:\Program Files (x86)\Microsoft Office\Office15\OCHelper.dll
O9 - Extra 'Tools' menuitem: Volání kliknutím v Lyncu - {31D09BA0-12F5-4CCE-BE8A-2923E76605DA} - C:\Program Files (x86)\Microsoft Office\Office15\OCHelper.dll
O9 - Extra button: P&ropojené poznámky aplikace OneNote - {789FE86F-6FC4-46A1-9849-EDE0DB0C95CA} - C:\Program Files (x86)\Microsoft Office\Office15\ONBttnIELinkedNotes.dll
O9 - Extra 'Tools' menuitem: P&ropojené poznámky aplikace OneNote - {789FE86F-6FC4-46A1-9849-EDE0DB0C95CA} - C:\Program Files (x86)\Microsoft Office\Office15\ONBttnIELinkedNotes.dll
O11 - Options group: [ACCELERATED_GRAPHICS] Accelerated graphics
O18 - Protocol: tbauth - {14654CA6-5711-491D-B89A-58E571679951} - C:\Windows\SysWOW64\tbauth.dll
O18 - Protocol: windows.tbauth - {14654CA6-5711-491D-B89A-58E571679951} - C:\Windows\SysWOW64\tbauth.dll
O23 - Service: @%SystemRoot%\system32\Alg.exe,-112 (ALG) - Unknown owner - C:\WINDOWS\System32\alg.exe (file missing)
O23 - Service: AMD Crash Defender Service - Unknown owner - C:\WINDOWS\system32\amdfendrsr.exe (file missing)
O23 - Service: aswbIDSAgent - AVAST Software - C:\Program Files\Avast Software\Avast\aswidsagent.exe
O23 - Service: Avast Antivirus (avast! Antivirus) - AVAST Software - C:\Program Files\Avast Software\Avast\AvastSvc.exe
O23 - Service: Avast Firewall Service (avast! Firewall) - AVAST Software - C:\Program Files\Avast Software\Avast\afwServ.exe
O23 - Service: Avast Tools (avast! Tools) - AVAST Software - C:\Program Files\Avast Software\Avast\aswToolsSvc.exe
O23 - Service: AvastWscReporter - AVAST Software - C:\Program Files\Avast Software\Avast\wsc_proxy.exe
O23 - Service: @%SystemRoot%\system32\CredentialEnrollmentManager.exe,-100 (CredentialEnrollmentManagerUserSvc) - Unknown owner - C:\WINDOWS\system32\CredentialEnrollmentManager.exe (file missing)
O23 - Service: CredentialEnrollmentManagerUserSvc_57a46 - Unknown owner - C:\WINDOWS\system32\CredentialEnrollmentManager.exe (file missing)
O23 - Service: @%SystemRoot%\system32\DiagSvcs\DiagnosticsHub.StandardCollector.ServiceRes.dll,-1000 (diagnosticshub.standardcollector.service) - Unknown owner - C:\WINDOWS\system32\DiagSvcs\DiagnosticsHub.StandardCollector.Service.exe (file missing)
O23 - Service: Avast Driver Updater (DriverUpdSvc) - AVAST Software - C:\Program Files\Avast Software\Driver Updater\DriverUpdSvc.exe
O23 - Service: @%SystemRoot%\system32\efssvc.dll,-100 (EFS) - Unknown owner - C:\WINDOWS\System32\lsass.exe (file missing)
O23 - Service: @%systemroot%\system32\fxsresm.dll,-118 (Fax) - Unknown owner - C:\WINDOWS\system32\fxssvc.exe (file missing)
O23 - Service: NVIDIA FrameView SDK service (FvSvc) - NVIDIA - C:\Program Files\NVIDIA Corporation\FrameViewSDK\nvfvsdksvc_x64.exe
O23 - Service: Google Chrome Elevation Service (GoogleChromeElevationService) (GoogleChromeElevationService) - Google LLC - C:\Program Files\Google\Chrome\Application\88.0.4324.150\elevation_service.exe
O23 - Service: Služba Aktualizace Google (gupdate) (gupdate) - Google LLC - C:\Program Files (x86)\Google\Update\GoogleUpdate.exe
O23 - Service: Služba Aktualizace Google (gupdatem) (gupdatem) - Google LLC - C:\Program Files (x86)\Google\Update\GoogleUpdate.exe
O23 - Service: @keyiso.dll,-100 (KeyIso) - Unknown owner - C:\WINDOWS\system32\lsass.exe (file missing)
O23 - Service: @comres.dll,-2797 (MSDTC) - Unknown owner - C:\WINDOWS\System32\msdtc.exe (file missing)
O23 - Service: @%SystemRoot%\System32\netlogon.dll,-102 (Netlogon) - Unknown owner - C:\WINDOWS\system32\lsass.exe (file missing)
O23 - Service: NVIDIA LocalSystem Container (NvContainerLocalSystem) - NVIDIA Corporation - C:\Program Files\NVIDIA Corporation\NvContainer\nvcontainer.exe
O23 - Service: NVIDIA Display Driver Service (nvsvc) - Unknown owner - C:\Windows\system32\nvvsvc.exe (file missing)
O23 - Service: @%systemroot%\system32\PerceptionSimulation\PerceptionSimulationService.exe,-101 (perceptionsimulation) - Unknown owner - C:\WINDOWS\system32\PerceptionSimulation\PerceptionSimulationService.exe (file missing)
O23 - Service: @%systemroot%\system32\Locator.exe,-2 (RpcLocator) - Unknown owner - C:\WINDOWS\system32\locator.exe (file missing)
O23 - Service: @%SystemRoot%\system32\samsrv.dll,-1 (SamSs) - Unknown owner - C:\WINDOWS\system32\lsass.exe (file missing)
O23 - Service: @%systemroot%\system32\SecurityHealthAgent.dll,-1002 (SecurityHealthService) - Unknown owner - C:\WINDOWS\system32\SecurityHealthService.exe (file missing)
O23 - Service: @%ProgramFiles%\Windows Defender Advanced Threat Protection\MsSense.exe,-1001 (Sense) - Unknown owner - C:\Program Files (x86)\Windows Defender Advanced Threat Protection\MsSense.exe (file missing)
O23 - Service: @%SystemRoot%\system32\SensorDataService.exe,-101 (SensorDataService) - Unknown owner - C:\WINDOWS\System32\SensorDataService.exe (file missing)
O23 - Service: @%SystemRoot%\System32\SgrmBroker.exe,-100 (SgrmBroker) - Unknown owner - C:\WINDOWS\system32\SgrmBroker.exe (file missing)
O23 - Service: @firewallapi.dll,-50323 (SNMPTRAP) - Unknown owner - C:\WINDOWS\System32\snmptrap.exe (file missing)
O23 - Service: @%systemroot%\system32\spectrum.exe,-101 (spectrum) - Unknown owner - C:\WINDOWS\system32\spectrum.exe (file missing)
O23 - Service: @%systemroot%\system32\spoolsv.exe,-1 (Spooler) - Unknown owner - C:\WINDOWS\System32\spoolsv.exe (file missing)
O23 - Service: @%SystemRoot%\system32\sppsvc.exe,-101 (sppsvc) - Unknown owner - C:\WINDOWS\system32\sppsvc.exe (file missing)
O23 - Service: NVIDIA Stereoscopic 3D Driver Service (Stereo Service) - NVIDIA Corporation - C:\Program Files (x86)\NVIDIA Corporation\3D Vision\nvSCPAPISvr.exe
O23 - Service: @%SystemRoot%\system32\TieringEngineService.exe,-702 (TieringEngineService) - Unknown owner - C:\WINDOWS\system32\TieringEngineService.exe (file missing)
O23 - Service: @%SystemRoot%\system32\vaultsvc.dll,-1003 (VaultSvc) - Unknown owner - C:\WINDOWS\system32\lsass.exe (file missing)
O23 - Service: @%SystemRoot%\system32\vds.exe,-100 (vds) - Unknown owner - C:\WINDOWS\System32\vds.exe (file missing)
O23 - Service: @%systemroot%\system32\vssvc.exe,-102 (VSS) - Unknown owner - C:\WINDOWS\system32\vssvc.exe (file missing)
O23 - Service: @%systemroot%\system32\wbengine.exe,-104 (wbengine) - Unknown owner - C:\WINDOWS\system32\wbengine.exe (file missing)
O23 - Service: @%Systemroot%\system32\wbem\wmiapsrv.exe,-110 (wmiApSrv) - Unknown owner - C:\WINDOWS\system32\wbem\WmiApSrv.exe (file missing)
O23 - Service: @%PROGRAMFILES%\Windows Media Player\wmpnetwk.exe,-101 (WMPNetworkSvc) - Unknown owner - C:\Program Files (x86)\Windows Media Player\wmpnetwk.exe (file missing)

--
End of file - 9405 bytes

======Listing Processes======









C:\WINDOWS\system32\lsass.exe
winlogon.exe
"fontdrvhost.exe"
"fontdrvhost.exe"
C:\WINDOWS\system32\svchost.exe -k DcomLaunch -p
C:\WINDOWS\system32\svchost.exe -k RPCSS -p
C:\WINDOWS\system32\svchost.exe -k DcomLaunch -p -s LSM
"dwm.exe"
C:\WINDOWS\system32\svchost.exe -k netsvcs -p -s gpsvc
C:\WINDOWS\system32\svchost.exe -k LocalServiceNoNetwork -p
C:\WINDOWS\System32\svchost.exe -k LocalServiceNetworkRestricted -p -s lmhosts
C:\WINDOWS\System32\svchost.exe -k LocalSystemNetworkRestricted -p -s NcbService
C:\WINDOWS\system32\svchost.exe -k LocalServiceNetworkRestricted -p -s TimeBrokerSvc
C:\WINDOWS\system32\svchost.exe -k netsvcs -p -s Schedule
C:\WINDOWS\system32\svchost.exe -k LocalService -p -s DispBrokerDesktopSvc
C:\WINDOWS\system32\svchost.exe -k netsvcs -p -s ProfSvc
C:\WINDOWS\System32\svchost.exe -k LocalServiceNetworkRestricted -p -s EventLog
C:\WINDOWS\system32\svchost.exe -k netsvcs -p -s UserManager
C:\WINDOWS\system32\svchost.exe -k LocalSystemNetworkRestricted -p -s hidserv
C:\WINDOWS\system32\svchost.exe -k LocalService -p -s nsi
C:\WINDOWS\system32\svchost.exe -k LocalServiceNetworkRestricted -p -s Dhcp
"C:\Windows\system32\nvvsvc.exe"
"C:\Program Files (x86)\NVIDIA Corporation\3D Vision\nvSCPAPISvr.exe"
C:\WINDOWS\System32\svchost.exe -k NetworkService -p -s NlaSvc
"C:\Windows\System32\WUDFHost.exe" -HostGUID:{193a1820-d9ac-4997-8c55-be817523f6aa} -IoEventPortName:\UMDFCommunicationPorts\WUDF\HostProcess-27f705cf-84b8-47e4-95b0-7a0bacd1b24c -SystemEventPortName:\UMDFCommunicationPorts\WUDF\HostProcess-56ef133c-ad5f-4d12-9667-845e4a276743 -IoCancelEventPortName:\UMDFCommunicationPorts\WUDF\HostProcess-c0eaf628-95a6-411e-90b9-29f53ad68fd2 -NonStateChangingEventPortName:\UMDFCommunicationPorts\WUDF\HostProcess-e3a3b108-4892-4b8d-ba2b-3e54e3b902d3 -LifetimeId:e0e5eea2-9ea8-48f7-a823-ba99a7519812 -DeviceGroupId:WpdFsGroup -HostArg:0
C:\WINDOWS\system32\amdfendrsr.exe

"C:\Program Files\NVIDIA Corporation\Display\nvxdsync.exe"
C:\WINDOWS\system32\nvvsvc.exe -session -first
C:\WINDOWS\system32\svchost.exe -k LocalService -p -s EventSystem
C:\WINDOWS\system32\svchost.exe -k LocalSystemNetworkRestricted -p -s SysMain
C:\WINDOWS\System32\svchost.exe -k netsvcs -p -s Themes
C:\WINDOWS\System32\svchost.exe -k LocalService -p -s netprofm
C:\WINDOWS\system32\svchost.exe -k netsvcs -p -s SENS

C:\WINDOWS\System32\svchost.exe -k LocalSystemNetworkRestricted -p -s AudioEndpointBuilder
C:\WINDOWS\system32\svchost.exe -k LocalService -p -s FontCache
C:\WINDOWS\system32\svchost.exe -k LocalServiceNetworkRestricted -p -s WinHttpAutoProxySvc
C:\WINDOWS\system32\svchost.exe -k NetworkService -p -s Dnscache
C:\WINDOWS\System32\svchost.exe -k LocalServiceNetworkRestricted -p
C:\WINDOWS\system32\svchost.exe -k appmodel -p -s StateRepository
C:\WINDOWS\System32\svchost.exe -k LocalServiceNetworkRestricted -p
C:\WINDOWS\system32\svchost.exe -k LocalServiceNetworkRestricted -p

C:\WINDOWS\System32\svchost.exe -k netsvcs -p -s ShellHWDetection
"C:\Program Files\Avast Software\Avast\aswToolsSvc.exe" /runassvc
C:\WINDOWS\System32\spoolsv.exe
C:\WINDOWS\system32\svchost.exe -k LocalServiceNoNetworkFirewall -p
C:\WINDOWS\System32\svchost.exe -k NetworkService -p -s LanmanWorkstation

"C:\Program Files\Avast Software\Avast\afwServ.exe"
C:\WINDOWS\system32\svchost.exe -k NetworkService -p -s CryptSvc
C:\WINDOWS\System32\svchost.exe -k utcsvc -p
C:\WINDOWS\System32\svchost.exe -k LocalServiceNoNetwork -p -s DPS
C:\WINDOWS\system32\svchost.exe -k netsvcs -p -s Winmgmt
C:\WINDOWS\system32\svchost.exe -k netsvcs -p -s IKEEXT
C:\WINDOWS\system32\svchost.exe -k netsvcs -p -s LanmanServer
C:\WINDOWS\system32\svchost.exe -k LocalService -p -s SstpSvc
C:\WINDOWS\system32\svchost.exe -k imgsvc
C:\WINDOWS\system32\svchost.exe -k netsvcs -p -s WpnService
C:\WINDOWS\System32\svchost.exe -k LocalSystemNetworkRestricted -p -s TrkWks
C:\WINDOWS\System32\svchost.exe -k LocalService -p -s WdiServiceHost
C:\WINDOWS\System32\svchost.exe -k NetSvcs -p -s iphlpsvc
C:\WINDOWS\system32\svchost.exe -k LocalSystemNetworkRestricted -p -s DeviceAssociationService
C:\WINDOWS\System32\svchost.exe -k netsvcs
C:\WINDOWS\System32\svchost.exe -k LocalServiceNetworkRestricted -s RmSvc

"C:\Program Files\Avast Software\Avast\aswEngSrv.exe" /pipename="78C22C8D-659C-120E-3E1A-BD56BE14FD36" /binpath="C:\Program Files\Avast Software\Avast"
C:\WINDOWS\system32\svchost.exe -k NetworkServiceNetworkRestricted -p -s PolicyAgent
C:\WINDOWS\system32\wbem\wmiprvse.exe
C:\WINDOWS\System32\svchost.exe -k LocalSystemNetworkRestricted -p -s WdiSystemHost
C:\WINDOWS\system32\svchost.exe -k LocalSystemNetworkRestricted -p -s PcaSvc
C:\WINDOWS\system32\SearchIndexer.exe /Embedding
sihost.exe
C:\WINDOWS\system32\svchost.exe -k UnistackSvcGroup -s CDPUserSvc
C:\WINDOWS\system32\svchost.exe -k UnistackSvcGroup -s WpnUserService
C:\WINDOWS\system32\svchost.exe -k netsvcs -p -s TokenBroker
taskhostw.exe {222A245B-E637-4AE9-A93F-A59CA119A75E}
C:\WINDOWS\System32\svchost.exe -k LocalSystemNetworkRestricted -p -s TabletInputService
"ctfmon.exe"
C:\WINDOWS\system32\wbem\wmiprvse.exe

C:\WINDOWS\Explorer.EXE
C:\WINDOWS\System32\svchost.exe -k netsvcs -p -s NetSetupSvc
C:\WINDOWS\system32\svchost.exe -k LocalService -p -s CDPSvc
C:\WINDOWS\system32\svchost.exe -k ClipboardSvcGroup -p -s cbdhsvc
C:\WINDOWS\system32\wbem\unsecapp.exe -Embedding
"C:\WINDOWS\SystemApps\Microsoft.Windows.StartMenuExperienceHost_cw5n1h2txyewy\StartMenuExperienceHost.exe" -ServerName:App.AppXywbrabmsek0gm3tkwpr5kwzbs55tkqay.mca
C:\Windows\System32\RuntimeBroker.exe -Embedding
"C:\Windows\SystemApps\Microsoft.Windows.Search_cw5n1h2txyewy\SearchApp.exe" -ServerName:CortanaUI.AppX8z9r6jm96hw4bsbneegw0kyxx296wr9t.mca
"C:\WINDOWS\SystemApps\MicrosoftWindows.Client.CBS_cw5n1h2txyewy\InputApp\TextInputHost.exe" -ServerName:InputApp.AppX9jnwykgrccxc8by3hsrsh07r423xzvav.mca
C:\Windows\System32\RuntimeBroker.exe -Embedding
C:\WINDOWS\system32\ApplicationFrameHost.exe -Embedding
"C:\Windows\SystemApps\Microsoft.MicrosoftEdge_8wekyb3d8bbwe\MicrosoftEdge.exe" -ServerName:MicrosoftEdge.AppXdnhjhccw3zf0j06tkg3jtqr00qdm0khc.mca
"C:\Program Files\WindowsApps\Microsoft.YourPhone_1.21011.127.0_x64__8wekyb3d8bbwe\YourPhone.exe" -ServerName:App.AppX9yct9q388jvt4h7y0gn06smzkxcsnt8m.mca
C:\WINDOWS\system32\browser_broker.exe -Embedding
C:\Windows\System32\RuntimeBroker.exe -Embedding
"C:\Windows\System32\MicrosoftEdgeCP.exe" -ServerName:Windows.Internal.WebRuntime.ContentProcessServer
C:\WINDOWS\system32\MicrosoftEdgeSH.exe SCODEF:4612 CREDAT:9730 APH:1000000000000004 JITHOST /prefetch:2
"C:\Windows\System32\MicrosoftEdgeCP.exe" -ServerName:Windows.Internal.WebRuntime.ContentProcessServer
C:\Windows\System32\RuntimeBroker.exe -Embedding
C:\WINDOWS\system32\SettingSyncHost.exe -Embedding
AvastUI.exe /nogui
"C:\Program Files (x86)\Google\Update\1.3.36.72\GoogleCrashHandler.exe"
C:\Windows\System32\RuntimeBroker.exe -Embedding
"C:\Program Files (x86)\Google\Update\1.3.36.72\GoogleCrashHandler64.exe"

C:\WINDOWS\System32\svchost.exe -k LocalSystemNetworkRestricted -p -s StorSvc


C:\WINDOWS\system32\svchost.exe -k netsvcs -p -s UsoSvc
C:\WINDOWS\system32\svchost.exe -k UnistackSvcGroup
"C:\Program Files\Avast Software\Avast\AvastUI.exe" --type=gpu-process --field-trial-handle=5308,8331625725604989362,9521112801252250434,131072 --enable-features=CastMediaRouteProvider --disable-features=OutOfBlinkCors --no-sandbox --disable-gpu-driver-bug-workarounds --log-file="C:\Users\Kengura\AppData\Roaming\Avast Software\Avast\log\cef_log.txt" --log-severity=error --user-agent="Mozilla/5.0 AppleWebKit/537.36 (KHTML, like Gecko) Chrome/72.3.3626.1895 Safari/537.36 Avastium (20.10.2442)" --lang=en-US --proxy-auto-detect --disable-webaudio --force-wave-audio --disable-software-rasterizer --no-sandbox --blacklist-accelerated-compositing --disable-accelerated-2d-canvas --disable-accelerated-compositing --disable-accelerated-layers --disable-accelerated-video-decode --blacklist-webgl --disable-bundled-ppapi-flash --disable-flash-3d --enable-aggressive-domstorage-flushing --enable-media-stream --allow-file-access-from-files=1 --force-device-scale-factor=1.25 --pack_loading_disabled=1 --gpu-preferences=MAAAAAAAAADgAABwAAAAAAAAAAAAAAAAAABgAAAAAAAQAAAAAAAAAAAAAAAAAAAAKAAAAAQAAAAgAAAAAAAAACgAAAAAAAAAMAAAAAAAAAA4AAAAAAAAABAAAAAAAAAAAAAAAAUAAAAQAAAAAAAAAAAAAAAGAAAAEAAAAAAAAAABAAAABQAAABAAAAAAAAAAAQAAAAYAAAA= --use-gl=swiftshader-webgl --log-file="C:\Users\Kengura\AppData\Roaming\Avast Software\Avast\log\cef_log.txt" --mojo-platform-channel-handle=9684 /prefetch:2
"C:\Program Files\Avast Software\Avast\AvastUI.exe" --type=utility --utility-sub-type=network.mojom.NetworkService --field-trial-handle=5308,8331625725604989362,9521112801252250434,131072 --enable-features=CastMediaRouteProvider --disable-features=OutOfBlinkCors --lang=en-US --service-sandbox-type=network --no-sandbox --force-wave-audio --log-file="C:\Users\Kengura\AppData\Roaming\Avast Software\Avast\log\cef_log.txt" --log-severity=error --user-agent="Mozilla/5.0 AppleWebKit/537.36 (KHTML, like Gecko) Chrome/72.3.3626.1895 Safari/537.36 Avastium (20.10.2442)" --lang=en-US --proxy-auto-detect --disable-webaudio --force-wave-audio --disable-software-rasterizer --no-sandbox --blacklist-accelerated-compositing --disable-accelerated-2d-canvas --disable-accelerated-compositing --disable-accelerated-layers --disable-accelerated-video-decode --blacklist-webgl --disable-bundled-ppapi-flash --disable-flash-3d --enable-aggressive-domstorage-flushing --enable-media-stream --allow-file-access-from-files=1 --force-device-scale-factor=1.25 --pack_loading_disabled=1 --log-file="C:\Users\Kengura\AppData\Roaming\Avast Software\Avast\log\cef_log.txt" --mojo-platform-channel-handle=5952 /prefetch:8
C:\WINDOWS\system32\svchost.exe -k netsvcs -p -s wuauserv
"C:\Program Files\WindowsApps\Microsoft.WindowsStore_12011.1001.1.0_x64__8wekyb3d8bbwe\WinStore.App.exe" -ServerName:App.AppXc75wvwned5vhz4xyxxecvgdjhdkgsdza.mca
C:\Windows\System32\RuntimeBroker.exe -Embedding
C:\WINDOWS\System32\svchost.exe -k LocalService -p -s LicenseManager

"C:\Windows\ImmersiveControlPanel\SystemSettings.exe" -ServerName:microsoft.windows.immersivecontrolpanel
C:\Windows\System32\smartscreen.exe -Embedding
C:\WINDOWS\system32\svchost.exe -k netsvcs -p -s wlidsvc
C:\WINDOWS\system32\svchost.exe -k netsvcs -p -s Appinfo
C:\WINDOWS\system32\AUDIODG.EXE 0x5a4
"C:\Users\Kengura\Pictures\RSITx64.exe"

======Scheduled tasks folder======

C:\WINDOWS\tasks\CreateExplorerShellUnelevatedTask.job - C:\WINDOWS\explorer.exe /NOUACCHECK

=========Mozilla firefox=========

ProfilePath - C:\Users\Kengura\AppData\Roaming\Mozilla\Firefox\Profiles\neqb5u83.default-release-1605118126751

prefs.js - "browser.startup.homepage" - "https://www.seznam.cz/"

[HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\MozillaPlugins\@microsoft.com/Lync,version=15.0]
"Description"=Microsoft Lync Plug-in for Firefox
"Path"=C:\Program Files (x86)\Mozilla Firefox\plugins\npmeetingjoinpluginoc.dll

[HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\MozillaPlugins\@microsoft.com/SharePoint,version=14.0]
"Description"=Microsoft SharePoint Plug-in for Firefox
"Path"=C:\PROGRA~2\MICROS~1\Office15\NPSPWRAP.DLL

[HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\MozillaPlugins\@nvidia.com/3DVision]
"Description"=NVIDIA stereo images plugin for Mozilla browsers
"Path"=C:\Program Files (x86)\NVIDIA Corporation\3D Vision\npnv3dv.dll

[HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\MozillaPlugins\@nvidia.com/3DVisionStreaming]
"Description"=NVIDIA 3D Vision Streaming plugin for Mozilla browsers
"Path"=C:\Program Files (x86)\NVIDIA Corporation\3D Vision\npnv3dvstreaming.dll

[HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\MozillaPlugins\Adobe Reader]
"Description"=Handles PDFs in-place in Firefox
"Path"=C:\Program Files (x86)\Adobe\Acrobat Reader DC\Reader\AIR\nppdf32.dll


======Registry dump======

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{31D09BA0-12F5-4CCE-BE8A-2923E76605DA}]
Skype for Business Browser Helper - C:\Program Files\Microsoft Office\Office15\OCHelper.dll [2020-04-15 222088]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{D0498E0A-45B7-42AE-A9AA-ABA463DBD3BF}]
Microsoft SkyDrive Pro Browser Helper - C:\PROGRA~1\MICROS~1\Office15\GROOVEEX.DLL [2018-07-18 2353944]

[HKEY_LOCAL_MACHINE\SOFTWARE\wow6432node\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{31D09BA0-12F5-4CCE-BE8A-2923E76605DA}]
Skype for Business Browser Helper - C:\Program Files (x86)\Microsoft Office\Office15\OCHelper.dll [2020-04-15 156560]

[HKEY_LOCAL_MACHINE\SOFTWARE\wow6432node\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{D0498E0A-45B7-42AE-A9AA-ABA463DBD3BF}]
Microsoft SkyDrive Pro Browser Helper - C:\PROGRA~2\MICROS~1\Office15\GROOVEEX.DLL [2018-07-18 1744672]

[HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Run]
"AvastUI.exe"=C:\Program Files\Avast Software\Avast\AvLaunch.exe [2020-12-20 117352]
"PowerDVD20Agent"=C:\Program Files\CyberLink\PowerDVD20\PowerDVD20Agent.exe [2020-03-20 534848]

[HKEY_CURRENT_USER\Software\Microsoft\Windows\CurrentVersion\Run]
"CCleaner Smart Cleaning"=C:\Program Files\CCleaner\CCleaner64.exe [2021-01-06 32440376]
"CyberlinkPowerPlayerMediaServer"=C:\Program Files\CyberLink\PowerDVD20\Common\CLMediaServer\clmediaserver.exe [2020-03-20 5446976]
"Zoner Photo Studio Autoupdate"=C:\PROGRAM FILES\ZONER\PHOTO STUDIO 16\Program32\ZPSTRAY.EXE [2014-12-23 833240]

[HKEY_LOCAL_MACHINE\Software\wow6432node\Microsoft\Windows\CurrentVersion\Run]
"PowerDVD20Agent"=C:\Program Files\CyberLink\PowerDVD20\PowerDVD20Agent.exe [2020-03-20 534848]

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\Ahcache.sys]

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\AudioEndpointBuilder]

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\AudioSrv]

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\CBDHSvc]

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\CoreMessagingRegistrar]

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\HdAudAddService.Sys]

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\HdAudBus.Sys]

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\iai2c.sys]

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\MBAMService]

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\NgcCtnrSvc]

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\NgcSvc]

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\SerCx2.sys]

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\SpbCx.sys]

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\StateRepository]

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\uefi.sys]

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\usbaudio.sys]

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\UserManager]

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\{4D36E96C-E325-11CE-BFC1-08002BE10318}]

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\{F2E7DD72-6468-4E36-B6F1-6488F42C1B52}]

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\network\Ahcache.sys]

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\network\AudioEndpointBuilder]

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\network\AudioSrv]

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\network\CBDHSvc]

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\network\CoreMessagingRegistrar]

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\network\HdAudAddService.Sys]

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\network\HdAudBus.Sys]

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\network\MBAMService]

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\network\MsQuic]

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\network\NetSetupSvc]

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\network\NgcCtnrSvc]

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\network\NgcSvc]

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\network\SerCx2.sys]

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\network\SpbCx.sys]

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\network\StateRepository]

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\network\uefi.sys]

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\network\usbaudio.sys]

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\network\UserManager]

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\network\{4D36E96C-E325-11CE-BFC1-08002BE10318}]

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\network\{F2E7DD72-6468-4E36-B6F1-6488F42C1B52}]

[HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Policies\System]
"DSCAutomationHostEnabled"=2
"EnableFullTrustStartupTasks"=2
"EnableUwpStartupTasks"=2
"PromptOnSecureDesktop"=0
"SupportFullTrustStartupTasks"=1
"SupportUwpStartupTasks"=1

[HKEY_LOCAL_MACHINE\system\currentcontrolset\services\sharedaccess\parameters\firewallpolicy\standardprofile\authorizedapplications\list]

[HKEY_LOCAL_MACHINE\system\currentcontrolset\services\sharedaccess\parameters\firewallpolicy\domainprofile\authorizedapplications\list]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Drivers32]
"aux"=wdmaud.drv
"midi"=wdmaud.drv
"midimapper"=midimap.dll
"mixer"=wdmaud.drv
"msacm.imaadpcm"=imaadp32.acm
"msacm.msadpcm"=msadp32.acm
"msacm.msg711"=msg711.acm
"msacm.msgsm610"=msgsm32.acm
"vidc.i420"=iyuv_32.dll
"vidc.iyuv"=iyuv_32.dll
"vidc.mrle"=msrle32.dll
"vidc.msvc"=msvidc32.dll
"vidc.uyvy"=msyuv.dll
"vidc.yuy2"=msyuv.dll
"vidc.yvu9"=tsbyuv.dll
"vidc.yvyu"=msyuv.dll
"wave"=wdmaud.drv
"wavemapper"=msacm32.drv
"msacm.l3acm"=C:\Windows\System32\l3codeca.acm
"midi2"=wdmaud.drv
"mixer2"=wdmaud.drv
"wave2"=wdmaud.drv
"midi3"=wdmaud.drv
"mixer3"=wdmaud.drv
"wave3"=wdmaud.drv
"midi4"=wdmaud.drv
"mixer4"=wdmaud.drv
"wave4"=wdmaud.drv
"midi5"=wdmaud.drv
"mixer5"=wdmaud.drv
"wave5"=wdmaud.drv
"aux1"=wdmaud.drv
"midi1"=wdmaud.drv
"mixer1"=wdmaud.drv
"wave1"=wdmaud.drv
"msacm.l3codecp"=l3codecp.acm
"midi6"=wdmaud.drv
"mixer6"=wdmaud.drv
"wave6"=wdmaud.drv

======File associations======

.inf - open - "%SystemRoot%\system32\NOTEPAD.EXE" %1
.inf - install -
.ini - open - "%SystemRoot%\system32\NOTEPAD.EXE" %1
.js - edit - C:\Windows\System32\Notepad.exe %1
.js - open - "C:\WINDOWS\System32\WScript.exe" "%1" %*
.txt - open - "%SystemRoot%\system32\NOTEPAD.EXE" %1

======List of files/folders created in the last 1 month======

2021-02-11 13:32:35 ----D---- C:\rsit
2021-02-11 13:23:28 ----D---- C:\WINDOWS\AppReadiness
2021-02-11 13:23:22 ----D---- C:\WINDOWS\Panther
2021-02-07 18:09:55 ----D---- C:\AdwCleaner
2021-02-07 13:28:00 ----D---- C:\Program Files (x86)\NSIS Uninstall Information
2021-02-07 13:26:26 ----D---- C:\Program Files\CyberLink
2021-02-07 13:25:40 ----D---- C:\ProgramData\install_backup
2021-02-05 19:28:40 ----D---- C:\ProgramData\Informer Technologies, Inc
2021-02-05 19:28:25 ----D---- C:\Users\Kengura\AppData\Roaming\Software Informer
2021-01-30 16:33:19 ----D---- C:\Program Files\Zoner
2021-01-30 11:58:29 ----D---- C:\Program Files (x86)\WinTools Software
2021-01-28 19:17:48 ----D---- C:\WINDOWS\system32\catroot2
2021-01-28 19:09:46 ----D---- C:\WINDOWS\SoftwareDistribution
2021-01-28 13:07:58 ----D---- C:\Users\Kengura\AppData\Roaming\TeamViewer
2021-01-22 17:35:06 ----D---- C:\Program Files\Calibre2
2021-01-21 19:50:49 ----D---- C:\Users\Kengura\AppData\Roaming\calibre
2021-01-20 17:33:43 ----SHD---- C:\$RECYCLE.BIN
2021-01-20 17:31:24 ----A---- C:\WINDOWS\zoek-delete.exe
2021-01-20 17:31:23 ----D---- C:\WINDOWS\Temp
2021-01-19 14:07:09 ----A---- C:\WINDOWS\system32\aswBoot.exe
2021-01-13 14:08:11 ----A---- C:\WINDOWS\system32\drivers\aswTap.sys
2021-01-13 12:26:45 ----A---- C:\WINDOWS\SYSWOW64\poqexec.exe
2021-01-13 12:26:44 ----A---- C:\WINDOWS\system32\poqexec.exe

======List of files/folders modified in the last 1 month======

2021-02-11 13:32:42 ----D---- C:\ProgramData\NVIDIA
2021-02-11 13:32:38 ----D---- C:\Program Files\trend micro
2021-02-11 13:25:42 ----D---- C:\Windows
2021-02-11 13:25:27 ----D---- C:\ProgramData\regid.1991-06.com.microsoft
2021-02-11 13:25:22 ----D---- C:\Program Files\CCleaner
2021-02-11 13:24:29 ----D---- C:\WINDOWS\Prefetch
2021-02-11 13:23:06 ----ASH---- C:\DumpStack.log.tmp
2021-02-11 13:22:17 ----D---- C:\WINDOWS\system32\sru
2021-02-11 13:21:00 ----D---- C:\WINDOWS\INF
2021-02-11 13:09:00 ----D---- C:\WINDOWS\system32\SleepStudy
2021-02-11 12:48:36 ----D---- C:\WINDOWS\Logs
2021-02-11 12:09:34 ----D---- C:\WINDOWS\system32\config
2021-02-11 11:08:29 ----D---- C:\ProgramData\Mozilla
2021-02-11 11:07:50 ----D---- C:\ProgramData\Avast Software
2021-02-10 19:50:08 ----D---- C:\FFOutput
2021-02-10 19:45:07 ----RD---- C:\WINDOWS\Microsoft.NET
2021-02-10 15:30:12 ----D---- C:\Program Files\Mozilla Firefox
2021-02-10 12:55:05 ----D---- C:\WINDOWS\system32\Tasks
2021-02-10 10:42:48 ----RD---- C:\Program Files (x86)
2021-02-09 15:01:45 ----D---- C:\Program Files
2021-02-09 13:17:46 ----D---- C:\WINDOWS\WinSxS
2021-02-09 12:49:04 ----SHD---- C:\System Volume Information
2021-02-07 14:57:30 ----D---- C:\Users\Kengura\AppData\Roaming\CyberLink
2021-02-07 13:30:10 ----HD---- C:\ProgramData
2021-02-07 13:29:48 ----D---- C:\ProgramData\CLSK
2021-02-07 13:29:22 ----D---- C:\WINDOWS\system32\drivers\CLFCL5.20
2021-02-07 13:29:20 ----D---- C:\WINDOWS\system32\DriverStore
2021-02-07 13:28:02 ----HD---- C:\Program Files (x86)\InstallShield Installation Information
2021-02-07 11:48:11 ----D---- C:\WINDOWS\system32\drivers
2021-02-06 17:37:47 ----D---- C:\Program Files\Avast Software
2021-02-06 15:51:13 ----HD---- C:\Program Files\WindowsApps
2021-02-06 12:48:42 ----D---- C:\ProgramData\install_clap
2021-02-06 12:47:09 ----HD---- C:\ProgramData\CyberLink
2021-02-05 19:56:36 ----SHD---- C:\WINDOWS\Installer
2021-02-05 15:32:35 ----RSD---- C:\WINDOWS\assembly
2021-02-03 13:10:38 ----D---- C:\ProgramData\Microsoft Help
2021-01-31 11:54:19 ----D---- C:\WINDOWS\system32\NDF
2021-01-30 21:22:24 ----RSD---- C:\WINDOWS\Fonts
2021-01-30 19:46:29 ----D---- C:\Users\Kengura\AppData\Roaming\WinTools
2021-01-28 19:17:48 ----D---- C:\WINDOWS\System32
2021-01-28 18:19:11 ----D---- C:\WINDOWS\system32\Catroot2.old
2021-01-28 18:05:51 ----D---- C:\WINDOWS\SoftwareDistribution.old
2021-01-27 20:16:35 ----D---- C:\WINDOWS\pss
2021-01-27 20:04:00 ----D---- C:\WINDOWS\Tasks
2021-01-22 18:27:20 ----D---- C:\ProgramData\Malwarebytes
2021-01-22 16:02:45 ----D---- C:\WINDOWS\LiveKernelReports
2021-01-21 14:03:18 ----D---- C:\Program Files (x86)\Microsoft
2021-01-20 16:16:59 ----D---- C:\WINDOWS\system32\drivers\etc
2021-01-20 16:12:01 ----D---- C:\WINDOWS\SysWOW64
2021-01-19 23:01:40 ----D---- C:\WINDOWS\SYSWOW64\wbem
2021-01-19 23:01:39 ----SD---- C:\WINDOWS\system32\Nui
2021-01-19 23:01:39 ----RSD---- C:\WINDOWS\Media
2021-01-19 23:01:39 ----D---- C:\WINDOWS\SYSWOW64\migration
2021-01-19 23:01:39 ----D---- C:\WINDOWS\SYSWOW64\Keywords
2021-01-19 23:01:39 ----D---- C:\WINDOWS\SYSWOW64\Dism
2021-01-19 23:01:39 ----D---- C:\WINDOWS\SystemResources
2021-01-19 23:01:39 ----D---- C:\WINDOWS\system32\wbem
2021-01-19 23:01:39 ----D---- C:\WINDOWS\system32\oobe
2021-01-19 23:01:39 ----D---- C:\WINDOWS\system32\icsxml
2021-01-19 23:01:39 ----D---- C:\WINDOWS\system32\Dism
2021-01-19 23:01:39 ----D---- C:\WINDOWS\system32\DDFs
2021-01-19 23:01:39 ----D---- C:\WINDOWS\ShellExperiences
2021-01-19 23:01:39 ----D---- C:\WINDOWS\Provisioning
2021-01-19 23:01:39 ----D---- C:\WINDOWS\L2Schemas
2021-01-19 23:01:39 ----D---- C:\WINDOWS\DiagTrack
2021-01-19 23:01:39 ----D---- C:\Program Files (x86)\Internet Explorer
2021-01-19 23:01:35 ----D---- C:\WINDOWS\SYSWOW64\ras
2021-01-19 23:01:34 ----SD---- C:\WINDOWS\SYSWOW64\F12
2021-01-19 23:01:34 ----SD---- C:\WINDOWS\system32\UNP
2021-01-19 23:01:34 ----D---- C:\WINDOWS\system32\WinBioPlugIns
2021-01-19 23:01:34 ----D---- C:\WINDOWS\system32\ras
2021-01-19 23:01:33 ----D---- C:\WINDOWS\system32\MSDRM
2021-01-19 23:01:33 ----D---- C:\WINDOWS\Cursors
2021-01-19 23:01:33 ----D---- C:\Program Files\Windows Defender Advanced Threat Protection
2021-01-19 22:52:56 ----D---- C:\WINDOWS\registration
2021-01-19 14:55:39 ----D---- C:\Program Files (x86)\FormatFactory
2021-01-19 14:07:09 ----HD---- C:\WINDOWS\ELAMBKUP
2021-01-17 15:06:25 ----D---- C:\Program Files (x86)\Mozilla Maintenance Service
2021-01-14 14:56:57 ----D---- C:\WINDOWS\debug
2021-01-13 14:40:04 ----D---- C:\Users\Kengura\AppData\Roaming\Avast Software
2021-01-13 14:07:58 ----D---- C:\Program Files\Common Files\Avast Software
2021-01-13 12:21:07 ----D---- C:\WINDOWS\system32\MRT
2021-01-13 12:12:36 ----AC---- C:\WINDOWS\system32\MRT.exe

======List of drivers (R=Running, S=Stopped, 0=Boot, 1=System, 2=Auto, 3=Demand, 4=Disabled)======

R0 aswbidsh;aswbidsh; C:\WINDOWS\system32\drivers\aswbidsh.sys [2020-12-20 247888]
R0 aswbuniv;aswbuniv; C:\WINDOWS\system32\drivers\aswbuniv.sys [2020-12-20 97360]
R0 aswElam;aswElam; C:\WINDOWS\system32\drivers\aswElam.sys [2020-12-20 16832]
R0 aswRvrt;aswRvrt; C:\WINDOWS\system32\drivers\aswRvrt.sys [2020-12-20 84496]
R0 aswVmm;aswVmm; C:\WINDOWS\system32\drivers\aswVmm.sys [2021-01-07 324904]
R0 iorate;@%SystemRoot%\system32\drivers\iorate.sys,-101; C:\WINDOWS\system32\drivers\iorate.sys [2019-12-07 57360]
R0 MsSecFlt;@%SystemRoot%\System32\Drivers\mssecflt.sys,-1001; C:\WINDOWS\system32\drivers\mssecflt.sys [2020-09-12 293176]
R1 afunix;afunix; C:\WINDOWS\system32\drivers\afunix.sys [2020-09-12 41984]
R1 aswArPot;aswArPot; C:\WINDOWS\system32\drivers\aswArPot.sys [2020-12-20 208672]
R1 aswbidsdriver;aswbidsdriver; C:\WINDOWS\system32\drivers\aswbidsdriver.sys [2020-12-20 332880]
R1 aswKbd;aswKbd; C:\WINDOWS\system32\drivers\aswKbd.sys [2020-12-20 42424]
R1 aswMonFlt;aswMonFlt; C:\WINDOWS\system32\drivers\aswMonFlt.sys [2020-12-20 176384]
R1 aswNetHub;aswNetHub; C:\WINDOWS\system32\drivers\aswNetHub.sys [2020-12-20 522480]
R1 aswRdr;aswRdr; C:\WINDOWS\system32\drivers\aswRdr2.sys [2020-12-20 108928]
R1 aswSnx;aswSnx; C:\WINDOWS\system32\drivers\aswSnx.sys [2020-12-20 851256]
R1 aswSP;aswSP; C:\WINDOWS\system32\drivers\aswSP.sys [2021-01-08 468888]
R1 bam;@%SystemRoot%\system32\drivers\bam.sys,-100; C:\WINDOWS\system32\drivers\bam.sys [2019-12-07 78136]
R1 CimFS;CimFS; C:\WINDOWS\system32\drivers\CimFS.sys [2019-12-07 91136]
R1 eamonm;eamonm; C:\WINDOWS\system32\DRIVERS\eamonm.sys [2018-09-04 141512]
R1 epfwwfp;epfwwfp; C:\WINDOWS\system32\DRIVERS\epfwwfp.sys [2018-09-04 109864]
R1 ESProtectionDriver;Malwarebytes Anti-Exploit; \??\C:\WINDOWS\system32\drivers\mbae64.sys [2018-09-11 152688]
R1 FileCrypt;@%systemroot%\system32\drivers\filecrypt.sys,-100; C:\WINDOWS\system32\drivers\filecrypt.sys [2019-12-07 59392]
R1 GpuEnergyDrv;@%SystemRoot%\system32\drivers\gpuenergydrv.sys,-100; C:\WINDOWS\System32\drivers\gpuenergydrv.sys [2019-12-07 8704]
R1 SCDEmu;SCDEmu; C:\WINDOWS\system32\drivers\SCDEmu.sys [2017-06-07 138296]
R2 aswStm;aswStm; C:\WINDOWS\system32\drivers\aswStm.sys [2021-01-07 214808]
R2 bindflt;@%systemroot%\system32\drivers\bindflt.sys,-100; C:\WINDOWS\system32\drivers\bindflt.sys [2020-12-01 149320]
R2 CldFlt;Windows Cloud Files Filter Driver; C:\WINDOWS\system32\drivers\cldflt.sys [2020-12-09 491520]
R2 CLFCL5.20;@oem7.inf,%ServiceName%;CyberLink FCL Service 5.20; C:\WINDOWS\System32\drivers\CLFCL5.20\000.fcl [2020-03-20 46952]
R2 MMCSS;@%systemroot%\system32\drivers\mmcss.sys,-100; C:\WINDOWS\system32\drivers\mmcss.sys [2020-10-08 53248]
R3 amdfendr;@oem18.inf,%AMDFENDR_svcdesc%;AMD Crash Defender Driver; C:\WINDOWS\system32\DRIVERS\amdfendr.sys [2020-06-11 70576]
R3 AMDXE;@oem17.inf,%AMDXE.SVCDESC%;AMD Link Controller Emulation; C:\WINDOWS\System32\drivers\amdxe.sys [2020-06-04 61032]
R3 IntcAzAudAddService;Service for Realtek HD Audio (WDM); C:\WINDOWS\system32\drivers\RTKVHD64.sys [2015-06-18 4496600]
R3 MsQuic;@%SystemRoot%\system32\drivers\msquic.sys,-1; C:\WINDOWS\system32\drivers\msquic.sys [2020-09-12 322376]
R3 NVHDA;@oem10.inf,%NVHDA.SvcDesc%;Service for NVIDIA High Definition Audio Driver; C:\WINDOWS\system32\drivers\nvhda64v.sys [2013-11-28 197408]
R3 nvlddmkm;nvlddmkm; C:\WINDOWS\system32\DRIVERS\nvlddmkm.sys [2016-11-14 12905016]
R3 NvModuleTracker;@oem20.inf,%ServiceName%;NvModuleTracker; C:\WINDOWS\System32\drivers\NvModuleTracker.sys [2020-03-04 50592]
R3 nvvad_WaveExtensible;@oem12.inf,%nvvad_WaveExtensible.SvcDesc%;NVIDIA Virtual Audio Device (Wave Extensible) (WDM); C:\WINDOWS\system32\drivers\nvvad64v.sys [2020-03-06 69840]
R3 nvvhci;@oem21.inf,%ServiceDesc%;NVVHCI Enumerator Service; C:\WINDOWS\System32\drivers\nvvhci.sys [2020-03-11 67456]
R3 rt640x64;@oem2.inf,%rt640.Service.DispName%;Realtek RT640 NT Driver; C:\WINDOWS\System32\drivers\rt640x64.sys [2017-01-23 888064]
S0 bttflt;@virtdisk.inf,%service_desc%;Microsoft Hyper-V VHDPMEM BTT Filter; C:\WINDOWS\System32\drivers\bttflt.sys [2019-12-07 43832]
S0 eelam;eelam; C:\WINDOWS\system32\DRIVERS\eelam.sys [2018-09-04 15872]
S0 cht4iscsi;cht4iscsi; C:\WINDOWS\System32\drivers\cht4sx64.sys [2019-12-07 319800]
S0 iaStorAVC;@iastorav.inf,%iaStorAVC.DeviceDesc%;Intel Chipset SATA RAID Controller; C:\WINDOWS\System32\drivers\iaStorAVC.sys [2019-12-07 884752]
S0 ItSas35i;ItSas35i; C:\WINDOWS\System32\drivers\ItSas35i.sys [2019-12-07 172344]
S0 LSI_SAS2i;LSI_SAS2i; C:\WINDOWS\System32\drivers\lsi_sas2i.sys [2019-12-07 124216]
S0 LSI_SAS3i;LSI_SAS3i; C:\WINDOWS\System32\drivers\lsi_sas3i.sys [2019-12-07 135992]
S0 megasas2i;megasas2i; C:\WINDOWS\System32\drivers\MegaSas2i.sys [2019-12-07 81720]
S0 megasas35i;megasas35i; C:\WINDOWS\System32\drivers\megasas35i.sys [2019-12-07 105480]
S0 nvdimm;@nvdimm.inf,%nvdimm.SvcDesc%;Microsoft NVDIMM device driver; C:\WINDOWS\System32\drivers\nvdimm.sys [2019-12-07 168464]
S0 percsas2i;percsas2i; C:\WINDOWS\System32\drivers\percsas2i.sys [2019-12-07 58680]
S0 percsas3i;percsas3i; C:\WINDOWS\System32\drivers\percsas3i.sys [2019-12-07 68408]
S0 pmem;@pmem.inf,%pmem.SvcDesc%;Microsoft persistent memory disk driver; C:\WINDOWS\System32\drivers\pmem.sys [2019-12-07 138040]
S0 Ramdisk;Windows RAM Disk Driver; C:\WINDOWS\system32\DRIVERS\ramdisk.sys [2019-12-07 42296]
S0 scmbus;@scmbus.inf,%scmbus.SvcDesc%;Microsoft Storage Class Memory Bus Driver; C:\WINDOWS\System32\drivers\scmbus.sys [2019-12-07 158736]
S1 ehdrv;ehdrv; C:\WINDOWS\system32\DRIVERS\ehdrv.sys [2018-09-04 188824]
S3 AcpiDev;@acpidev.inf,%AcpiDev.SvcDesc%;ACPI Devices driver; C:\WINDOWS\System32\drivers\AcpiDev.sys [2019-12-07 23040]
S3 Acx01000;@%SystemRoot%\system32\drivers\Acx01000.sys,-1000; C:\WINDOWS\system32\drivers\Acx01000.sys [2019-12-07 415232]
S3 amdgpio2;@amdgpio2.inf,%GPIO.SvcDesc%;AMD GPIO Client Driver; C:\WINDOWS\System32\drivers\amdgpio2.sys [2019-12-07 18432]
S3 amdi2c;@amdi2c.inf,%amdi2c.SVCDESC%;AMD I2C Controller Service; C:\WINDOWS\System32\drivers\amdi2c.sys [2019-12-07 45568]
S3 applockerfltr;@%systemroot%\system32\srpapi.dll,-102; C:\WINDOWS\system32\drivers\applockerfltr.sys [2020-10-08 18432]
S3 AppvStrm;@%systemroot%\system32\drivers\AppvStrm.sys,-101; C:\WINDOWS\system32\drivers\AppvStrm.sys [2019-12-07 138272]
S3 AppvVemgr;@%systemroot%\system32\drivers\AppvVemgr.sys,-101; C:\WINDOWS\system32\drivers\AppvVemgr.sys [2019-12-07 174608]
S3 AppvVfs;@%systemroot%\system32\drivers\AppvVfs.sys,-101; C:\WINDOWS\system32\drivers\AppvVfs.sys [2019-12-07 154936]
S3 aswTap;@oem22.inf,%DeviceDescription%;avast! SecureLine TAP Adapter v3; C:\WINDOWS\System32\drivers\aswTap.sys [2021-01-13 53904]
S3 BthA2dp;@microsoft_bluetooth_a2dp.inf,%BthA2dp.ServiceDescription%;Microsoft Bluetooth A2dp driver; C:\WINDOWS\System32\drivers\BthA2dp.sys [2019-12-07 279040]
S3 BthEnum;@bth.inf,%BthEnum.SVCDESC%;Bluetooth Enumerator Service; C:\WINDOWS\System32\drivers\BthEnum.sys [2020-12-01 113664]
S3 BthLEEnum;@bthleenum.inf,%BthLEEnum.SVCDESC%;Bluetooth Low Energy Driver; C:\WINDOWS\System32\drivers\Microsoft.Bluetooth.Legacy.LEEnumerator.sys [2020-09-12 106496]
S3 BthMini;@bth.inf,%BTHMINI.SvcDesc%;Bluetooth Radio Driver; C:\WINDOWS\System32\drivers\BTHMINI.sys [2020-12-01 45568]
S3 BTHPORT;@bth.inf,%BTHPORT.SvcDesc%;Bluetooth Port Driver; C:\WINDOWS\System32\drivers\BTHport.sys [2020-12-01 1554944]
S3 BTHUSB;@bth.inf,%BTHUSB.SvcDesc%;Bluetooth Radio USB Driver; C:\WINDOWS\System32\drivers\BTHUSB.sys [2020-12-01 110592]
S3 buttonconverter;@buttonconverter.inf,%btnconv.SvcDesc%;Service for Portable Device Control devices; C:\WINDOWS\System32\drivers\buttonconverter.sys [2019-12-07 44032]
S3 CAD;@ChargeArbitration.inf,%CAD_DevDesc%;Charge Arbitration Driver; C:\WINDOWS\System32\drivers\CAD.sys [2019-12-07 66576]
S3 genericusbfn;@genericusbfn.inf,%genericusbfn.ServiceName%;Generic USB Function Class; C:\WINDOWS\System32\DriverStore\FileRepository\genericusbfn.inf_amd64_53931f0ae21d6d2c\genericusbfn.sys [2019-12-07 23040]
S3 hidinterrupt;@hidinterrupt.inf,%HID_Interrupt.SvcDesc%;Common Driver for HID Buttons implemented with interrupts; C:\WINDOWS\System32\drivers\hidinterrupt.sys [2019-12-07 55824]
S3 hidspi;@hidspi_km.inf,%hidspi.SVCDESC%;Microsoft SPI HID Miniport Driver; C:\WINDOWS\System32\drivers\hidspi.sys [2019-12-07 66560]
S3 hvservice;@%SystemRoot%\system32\drivers\hvservice.sys,-16; C:\WINDOWS\system32\drivers\hvservice.sys [2020-12-01 95048]
S3 HwNClx0101;Microsoft Hardware Notifications Class Extension Driver; C:\WINDOWS\System32\Drivers\mshwnclx.sys [2019-12-07 30208]
S3 cht4vbd;@cht4vx64.inf,%cht4vbd.generic%;Chelsio Virtual Bus Driver; C:\WINDOWS\System32\drivers\cht4vx64.sys [2019-12-07 1853752]
S3 iagpio;@iagpio.inf,%iagpio.SVCDESC%;Intel Serial IO GPIO Controller Driver; C:\WINDOWS\System32\drivers\iagpio.sys [2019-12-07 36352]
S3 iai2c;@iai2c.inf,%iai2c.SVCDESC%;Intel(R) Serial IO I2C Host Controller; C:\WINDOWS\System32\drivers\iai2c.sys [2019-12-07 91136]
S3 iaLPSS2i_GPIO2;@iaLPSS2i_GPIO2_SKL.inf,%iaLPSS2i_GPIO2.SVCDESC%;Intel(R) Serial IO GPIO Driver v2; C:\WINDOWS\System32\drivers\iaLPSS2i_GPIO2.sys [2019-12-07 79360]
S3 iaLPSS2i_GPIO2_BXT_P;@iaLPSS2i_GPIO2_BXT_P.inf,%iaLPSS2i_GPIO2_BXT_P.SVCDESC%;Intel(R) Serial IO GPIO Driver v2; C:\WINDOWS\System32\drivers\iaLPSS2i_GPIO2_BXT_P.sys [2019-12-07 93184]
S3 iaLPSS2i_GPIO2_CNL;@iaLPSS2i_GPIO2_CNL.inf,%iaLPSS2i_GPIO2_CNL.SVCDESC%;Intel(R) Serial IO GPIO Driver v2; C:\WINDOWS\System32\drivers\iaLPSS2i_GPIO2_CNL.sys [2019-12-07 112128]
S3 iaLPSS2i_GPIO2_GLK;@iaLPSS2i_GPIO2_GLK.inf,%iaLPSS2i_GPIO2_GLK.SVCDESC%;Intel(R) Serial IO GPIO Driver v2; C:\WINDOWS\System32\drivers\iaLPSS2i_GPIO2_GLK.sys [2019-12-07 96256]
S3 iaLPSS2i_I2C;@iaLPSS2i_I2C_SKL.inf,%iaLPSS2i_I2C.SVCDESC%;Intel(R) Serial IO I2C Driver v2; C:\WINDOWS\System32\drivers\iaLPSS2i_I2C.sys [2019-12-07 171520]
S3 iaLPSS2i_I2C_BXT_P;@iaLPSS2i_I2C_BXT_P.inf,%iaLPSS2i_I2C_BXT_P.SVCDESC%;Intel(R) Serial IO I2C Driver v2; C:\WINDOWS\System32\drivers\iaLPSS2i_I2C_BXT_P.sys [2019-12-07 175104]
S3 iaLPSS2i_I2C_CNL;@iaLPSS2i_I2C_CNL.inf,%iaLPSS2i_I2C_CNL.SVCDESC%;Intel(R) Serial IO I2C Driver v2; C:\WINDOWS\System32\drivers\iaLPSS2i_I2C_CNL.sys [2019-12-07 177152]
S3 iaLPSS2i_I2C_GLK;@iaLPSS2i_I2C_GLK.inf,%iaLPSS2i_I2C_GLK.SVCDESC%;Intel(R) Serial IO I2C Driver v2; C:\WINDOWS\System32\drivers\iaLPSS2i_I2C_GLK.sys [2019-12-07 177664]
S3 ibbus;@mlx4_bus.inf,%Ibbus.ServiceDesc%;Mellanox InfiniBand Bus/AL (Filter Driver); C:\WINDOWS\System32\drivers\ibbus.sys [2019-12-07 558904]
S3 IndirectKmd;@%SystemRoot%\system32\drivers\IndirectKmd.sys,-100; C:\WINDOWS\System32\drivers\IndirectKmd.sys [2020-10-08 47104]
S3 intelpmax;@intelpmax.inf,%SvcDesc%;Intel(R) Dynamic Device Peak Power Manager Driver; C:\WINDOWS\System32\drivers\intelpmax.sys [2019-12-07 30720]
S3 IPT;IPT; C:\WINDOWS\System32\drivers\ipt.sys [2019-12-07 59704]
S3 mausbhost;@mausbhost.inf,%MAUSBHost.ServiceName%;MA-USB Host Controller Driver; C:\WINDOWS\System32\drivers\mausbhost.sys [2019-12-07 537608]
S3 mausbip;@mausbhost.inf,%MAUSBIP.ServiceName%;MA-USB IP Filter Driver; C:\WINDOWS\System32\drivers\mausbip.sys [2019-12-07 64016]
S3 MBAMFarflt;MBAMFarflt; C:\WINDOWS\system32\DRIVERS\farflt.sys []
S3 MBAMProtection;MBAMProtection; C:\WINDOWS\system32\DRIVERS\mbam.sys []
S3 MBAMWebProtection;MBAMWebProtection; C:\WINDOWS\system32\DRIVERS\mwac.sys []
S3 MbbCx;MBB Network Adapter Class Extension; C:\WINDOWS\system32\drivers\MbbCx.sys [2020-09-12 386048]
S3 Microsoft_Bluetooth_AvrcpTransport;@microsoft_bluetooth_avrcptransport.inf,%Microsoft_Bluetooth_AvrcpTransport.ServiceDescription%;Microsoft Bluetooth Avrcp Transport Driver; C:\WINDOWS\System32\drivers\Microsoft.Bluetooth.AvrcpTransport.sys [2019-12-07 65024]
S3 mlx4_bus;@mlx4_bus.inf,%MLX4BUS.ServiceDesc%;Mellanox ConnectX Bus Enumerator; C:\WINDOWS\System32\drivers\mlx4_bus.sys [2019-12-07 1131320]
S3 ndfltr;@mlx4_bus.inf,%ndfltr.ServiceDesc%;NetworkDirect Service; C:\WINDOWS\System32\drivers\ndfltr.sys [2019-12-07 146232]
S3 NDKPing;NDKPing Driver; C:\WINDOWS\system32\drivers\NDKPing.sys [2019-12-07 72720]
S3 NetAdapterCx;Network Adapter Wdf Class Extension Library; C:\WINDOWS\system32\drivers\NetAdapterCx.sys [2020-12-01 213504]
S3 PktMon;Packet Monitor Driver; C:\WINDOWS\system32\drivers\PktMon.sys [2020-11-13 104760]
S3 PNPMEM;@memory.inf,%PNPMEM.SvcDesc%;Microsoft Memory Module Driver; C:\WINDOWS\System32\drivers\pnpmem.sys [2019-12-07 17408]
S3 portcfg;portcfg; C:\WINDOWS\System32\drivers\portcfg.sys [2019-12-07 27136]
S3 ReFSv1;ReFSv1; C:\WINDOWS\system32\drivers\ReFSv1.sys [2019-12-07 990008]
S3 RFCOMM;@tdibth.inf,%RFCOMM.DisplayName%;Bluetooth Device (RFCOMM Protocol TDI); C:\WINDOWS\System32\drivers\rfcomm.sys [2019-12-07 213504]
S3 rhproxy;@rhproxy.inf,%rhproxy.SVCDESC%;Resource Hub proxy driver; C:\WINDOWS\System32\drivers\rhproxy.sys [2019-12-07 115712]
S3 SDFRd;@SDFRd.inf,%SDFRd.ServiceDesc%;SDF Reflector; C:\WINDOWS\System32\drivers\SDFRd.sys [2019-12-07 35128]
S4 hvcrash;hvcrash; C:\WINDOWS\System32\drivers\hvcrash.sys [2019-12-07 35128]

======List of services (R=Running, S=Stopped, 0=Boot, 1=System, 2=Auto, 3=Demand, 4=Disabled)======

R2 AMD Crash Defender Service;AMD Crash Defender Service; C:\WINDOWS\system32\amdfendrsr.exe [2020-06-11 486320]
R2 avast! Antivirus;Avast Antivirus; C:\Program Files\Avast Software\Avast\AvastSvc.exe [2020-12-20 621728]
R2 avast! Firewall;Avast Firewall Service; C:\Program Files\Avast Software\Avast\afwServ.exe [2021-01-13 1230608]
R2 avast! Tools;Avast Tools; C:\Program Files\Avast Software\Avast\aswToolsSvc.exe [2020-12-20 351848]
R2 AvastWscReporter;AvastWscReporter; C:\Program Files\Avast Software\Avast\wsc_proxy.exe [2020-12-20 58048]
R2 CDPSvc;@%SystemRoot%\system32\cdpsvc.dll,-100; C:\WINDOWS\system32\svchost.exe [2020-10-08 57360]
R2 CDPUserSvc_57a46;Connected Devices Platform User Service_57a46; C:\WINDOWS\system32\svchost.exe [2020-10-08 57360]
R2 CoreMessagingRegistrar;@%SystemRoot%\system32\coremessaging.dll,-1; C:\WINDOWS\system32\svchost.exe [2020-10-08 57360]
R2 DiagTrack;@%SystemRoot%\system32\diagtrack.dll,-3001; C:\WINDOWS\System32\svchost.exe [2020-10-08 57360]
R2 DispBrokerDesktopSvc;@%SystemRoot%\system32\dispbroker.desktop.dll,-101; C:\WINDOWS\system32\svchost.exe [2020-10-08 57360]
R2 DoSvc;@%systemroot%\system32\dosvc.dll,-100; C:\WINDOWS\System32\svchost.exe [2020-10-08 57360]
R2 DusmSvc;@%SystemRoot%\System32\dusmsvc.dll,-1; C:\WINDOWS\System32\svchost.exe [2020-10-08 57360]
R2 nvsvc;NVIDIA Display Driver Service; C:\Windows\system32\nvvsvc.exe [2016-11-14 932728]
R2 OneSyncSvc_57a46;Sync Host_57a46; C:\WINDOWS\system32\svchost.exe [2020-10-08 57360]
R3 aswbIDSAgent;aswbIDSAgent; C:\Program Files\Avast Software\Avast\aswidsagent.exe [2020-12-20 8477080]
R3 cbdhsvc_57a46;Clipboard User Service_57a46; C:\WINDOWS\system32\svchost.exe [2020-10-08 57360]
R3 ClipSVC;@%SystemRoot%\system32\ClipSVC.dll,-103; C:\WINDOWS\System32\svchost.exe [2020-10-08 57360]
R3 LicenseManager;@%SystemRoot%\system32\licensemanagersvc.dll,-200; C:\WINDOWS\System32\svchost.exe [2020-10-08 57360]
R3 NetSetupSvc;@%SystemRoot%\system32\NetSetupSvc.dll,-3; C:\WINDOWS\System32\svchost.exe [2020-10-08 57360]
R3 RmSvc;@%SystemRoot%\system32\RMapi.dll,-1001; C:\WINDOWS\System32\svchost.exe [2020-10-08 57360]
R3 SecurityHealthService;@%systemroot%\system32\SecurityHealthAgent.dll,-1002; C:\WINDOWS\system32\SecurityHealthService.exe [2020-12-01 988064]
S2 CDPUserSvc;@%SystemRoot%\system32\cdpusersvc.dll,-100; C:\WINDOWS\system32\svchost.exe [2020-10-08 57360]
S2 DriverUpdSvc;Avast Driver Updater; C:\Program Files\Avast Software\Driver Updater\DriverUpdSvc.exe [2021-01-13 5986528]
S2 gupdate;Služba Aktualizace Google (gupdate); C:\Program Files (x86)\Google\Update\GoogleUpdate.exe [2020-12-17 155592]
S2 MapsBroker;@%SystemRoot%\System32\moshost.dll,-100; C:\WINDOWS\System32\svchost.exe [2020-10-08 57360]
S2 NvContainerLocalSystem;NVIDIA LocalSystem Container; C:\Program Files\NVIDIA Corporation\NvContainer\nvcontainer.exe [2020-10-17 874472]
S2 OneSyncSvc;@%SystemRoot%\system32\APHostRes.dll,-10002; C:\WINDOWS\system32\svchost.exe [2020-10-08 57360]
S3 AarSvc;@%SystemRoot%\system32\AarSvc.dll,-100; C:\WINDOWS\system32\svchost.exe [2020-10-08 57360]
S3 AarSvc_57a46;Agent Activation Runtime_57a46; C:\WINDOWS\system32\svchost.exe [2020-10-08 57360]
S3 AJRouter;@%SystemRoot%\system32\AJRouter.dll,-2; C:\WINDOWS\system32\svchost.exe [2020-10-08 57360]
S3 AssignedAccessManagerSvc;@%SystemRoot%\system32\assignedaccessmanagersvc.dll,-100; C:\WINDOWS\system32\svchost.exe [2020-10-08 57360]
S3 autotimesvc;@%SystemRoot%\System32\autotimesvc.dll,-6; C:\WINDOWS\system32\svchost.exe [2020-10-08 57360]
S3 BcastDVRUserService;@%SystemRoot%\system32\BcastDVRUserService.dll,-100; C:\WINDOWS\system32\svchost.exe [2020-10-08 57360]
S3 BcastDVRUserService_57a46;GameDVR and Broadcast User Service_57a46; C:\WINDOWS\system32\svchost.exe [2020-10-08 57360]
S3 BluetoothUserService;@%SystemRoot%\system32\Microsoft.Bluetooth.UserService.dll,-101; C:\WINDOWS\system32\svchost.exe [2020-10-08 57360]
S3 BluetoothUserService_57a46;Bluetooth User Support Service_57a46; C:\WINDOWS\system32\svchost.exe [2020-10-08 57360]
S3 BTAGService;@%SystemRoot%\system32\BTAGService.dll,-101; C:\WINDOWS\system32\svchost.exe [2020-10-08 57360]
S3 BthAvctpSvc;@%SystemRoot%\system32\BthAvctpSvc.dll,-101; C:\WINDOWS\system32\svchost.exe [2020-10-08 57360]
S3 camsvc;@%SystemRoot%\system32\CapabilityAccessManager.dll,-1; C:\WINDOWS\system32\svchost.exe [2020-10-08 57360]
S3 CaptureService;@%SystemRoot%\system32\CaptureService.dll,-100; C:\WINDOWS\system32\svchost.exe [2020-10-08 57360]
S3 CaptureService_57a46;CaptureService_57a46; C:\WINDOWS\system32\svchost.exe [2020-10-08 57360]
S3 cbdhsvc;@%SystemRoot%\system32\cbdhsvc.dll,-100; C:\WINDOWS\system32\svchost.exe [2020-10-08 57360]
S3 ConsentUxUserSvc;@%SystemRoot%\system32\ConsentUxClient.dll,-100; C:\WINDOWS\system32\svchost.exe [2020-10-08 57360]
S3 ConsentUxUserSvc_57a46;ConsentUX_57a46; C:\WINDOWS\system32\svchost.exe [2020-10-08 57360]
S3 CredentialEnrollmentManagerUserSvc;@%SystemRoot%\system32\CredentialEnrollmentManager.exe,-100; C:\WINDOWS\system32\CredentialEnrollmentManager.exe [2020-10-08 385240]
S3 CredentialEnrollmentManagerUserSvc_57a46;CredentialEnrollmentManagerUserSvc_57a46; C:\WINDOWS\system32\CredentialEnrollmentManager.exe [2020-10-08 385240]
S3 DeviceAssociationBrokerSvc;@%SystemRoot%\system32\deviceaccess.dll,-107; C:\WINDOWS\system32\svchost.exe [2020-10-08 57360]
S3 DeviceAssociationBrokerSvc_57a46;DeviceAssociationBroker_57a46; C:\WINDOWS\system32\svchost.exe [2020-10-08 57360]
S3 DevicePickerUserSvc;@%SystemRoot%\system32\Windows.Devices.Picker.dll,-1006; C:\WINDOWS\system32\svchost.exe [2020-10-08 57360]
S3 DevicePickerUserSvc_57a46;DevicePicker_57a46; C:\WINDOWS\system32\svchost.exe [2020-10-08 57360]
S3 DevicesFlowUserSvc;@%SystemRoot%\system32\DevicesFlowBroker.dll,-103; C:\WINDOWS\system32\svchost.exe [2020-10-08 57360]
S3 DevicesFlowUserSvc_57a46;DevicesFlow_57a46; C:\WINDOWS\system32\svchost.exe [2020-10-08 57360]
S3 DevQueryBroker;@%SystemRoot%\system32\DevQueryBroker.dll,-100; C:\WINDOWS\system32\svchost.exe [2020-10-08 57360]
S3 diagnosticshub.standardcollector.service;@%SystemRoot%\system32\DiagSvcs\DiagnosticsHub.StandardCollector.ServiceRes.dll,-1000; C:\WINDOWS\system32\DiagSvcs\DiagnosticsHub.StandardCollector.Service.exe [2020-09-12 94208]
S3 diagsvc;@%systemroot%\system32\DiagSvc.dll,-100; C:\WINDOWS\System32\svchost.exe [2020-10-08 57360]
S3 DisplayEnhancementService;@%SystemRoot%\System32\Microsoft.Graphics.Display.DisplayEnhancementService.dll,-1000; C:\WINDOWS\system32\svchost.exe [2020-10-08 57360]
S3 DmEnrollmentSvc;@%systemroot%\system32\Windows.Internal.Management.dll,-100; C:\WINDOWS\system32\svchost.exe [2020-10-08 57360]
S3 dmwappushservice;@%SystemRoot%\system32\dmwappushsvc.dll,-200; C:\WINDOWS\system32\svchost.exe [2020-10-08 57360]
S3 DsSvc;@%SystemRoot%\system32\dssvc.dll,-10003; C:\WINDOWS\System32\svchost.exe [2020-10-08 57360]
S3 embeddedmode;@%SystemRoot%\system32\embeddedmodesvc.dll,-201; C:\WINDOWS\System32\svchost.exe [2020-10-08 57360]
S3 EntAppSvc;@EnterpriseAppMgmtSvc.dll,-1; C:\WINDOWS\system32\svchost.exe [2020-10-08 57360]
S3 FontCache3.0.0.0;@%SystemRoot%\system32\PresentationHost.exe,-3309; C:\WINDOWS\Microsoft.Net\Framework64\v3.0\WPF\PresentationFontCache.exe [2019-11-08 46184]
S3 FrameServer;@%systemroot%\system32\FrameServer.dll,-100; C:\WINDOWS\System32\svchost.exe [2020-10-08 57360]
S3 FvSvc;NVIDIA FrameView SDK service; C:\Program Files\NVIDIA Corporation\FrameViewSDK\nvfvsdksvc_x64.exe [2020-10-19 287720]
S3 GoogleChromeElevationService;Google Chrome Elevation Service (GoogleChromeElevationService); C:\Program Files\Google\Chrome\Application\88.0.4324.150\elevation_service.exe [2021-02-04 1434224]
S3 GraphicsPerfSvc;@%SystemRoot%\system32\GraphicsPerfSvc.dll,-100; C:\WINDOWS\System32\svchost.exe [2020-10-08 57360]
S3 gupdatem;Služba Aktualizace Google (gupdatem); C:\Program Files (x86)\Google\Update\GoogleUpdate.exe [2020-12-17 155592]
S3 HvHost;@%SystemRoot%\system32\hvhostsvc.dll,-100; C:\WINDOWS\system32\svchost.exe [2020-10-08 57360]
S3 icssvc;@%SystemRoot%\System32\tetheringservice.dll,-4097; C:\WINDOWS\system32\svchost.exe [2020-10-08 57360]
S3 InstallService;@%SystemRoot%\system32\InstallService.dll,-200; C:\WINDOWS\System32\svchost.exe [2020-10-08 57360]
S3 IpxlatCfgSvc;@%Systemroot%\system32\ipxlatcfg.dll,-500; C:\WINDOWS\System32\svchost.exe [2020-10-08 57360]
S3 LxpSvc;@%SystemRoot%\system32\LanguageOverlayServer.dll,-100; C:\WINDOWS\system32\svchost.exe [2020-10-08 57360]
S3 MessagingService;@%SystemRoot%\system32\MessagingService.dll,-100; C:\WINDOWS\system32\svchost.exe [2020-10-08 57360]
S3 MessagingService_57a46;MessagingService_57a46; C:\WINDOWS\system32\svchost.exe [2020-10-08 57360]
S3 MixedRealityOpenXRSvc;@%SystemRoot%\system32\MixedRealityRuntime.dll,-101; C:\WINDOWS\system32\svchost.exe [2020-10-08 57360]
S3 NaturalAuthentication;@%systemroot%\system32\NaturalAuth.dll,-100; C:\WINDOWS\system32\svchost.exe [2020-10-08 57360]
S3 NgcCtnrSvc;@%SystemRoot%\System32\NgcCtnrSvc.dll,-1; C:\WINDOWS\system32\svchost.exe [2020-10-08 57360]
S3 NgcSvc;@%SystemRoot%\System32\ngcsvc.dll,-100; C:\WINDOWS\system32\svchost.exe [2020-10-08 57360]
S3 ose64;Office 64 Source Engine; C:\Program Files\Common Files\Microsoft Shared\Source Engine\OSE.EXE [2018-06-12 189640]
S3 perceptionsimulation;@%systemroot%\system32\PerceptionSimulation\PerceptionSimulationService.exe,-101; C:\WINDOWS\system32\PerceptionSimulation\PerceptionSimulationService.exe [2020-09-12 105984]
S3 PhoneSvc;@%SystemRoot%\system32\PhoneserviceRes.dll,-10000; C:\WINDOWS\system32\svchost.exe [2020-10-08 57360]
S3 PimIndexMaintenanceSvc;@%SystemRoot%\system32\UserDataAccessRes.dll,-15001; C:\WINDOWS\system32\svchost.exe [2020-10-08 57360]
S3 PimIndexMaintenanceSvc_57a46;Contact Data_57a46; C:\WINDOWS\system32\svchost.exe [2020-10-08 57360]
S3 PrintWorkflowUserSvc;@%SystemRoot%\system32\PrintWorkflowService.dll,-100; C:\WINDOWS\system32\svchost.exe [2020-10-08 57360]
S3 PrintWorkflowUserSvc_57a46;PrintWorkflow_57a46; C:\WINDOWS\system32\svchost.exe [2020-10-08 57360]
S3 PushToInstall;@%SystemRoot%\system32\pushtoinstall.dll,-200; C:\WINDOWS\System32\svchost.exe [2020-10-08 57360]
S3 RetailDemo;@%SystemRoot%\System32\RDXService.dll,-256; C:\WINDOWS\System32\svchost.exe [2020-10-08 57360]
S4 AdobeARMservice;Adobe Acrobat Update Service; C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\armsvc.exe [2020-11-03 170056]
S4 AppVClient;@%systemroot%\system32\AppVClient.exe,-102; C:\WINDOWS\system32\AppVClient.exe [2020-09-12 756552]

-----------------EOF-----------------

Uživatelský avatar
Diallix
Rádce
Rádce
Příspěvky: 2760
Registrován: 27 dub 2008 10:34
Kontaktovat uživatele:

Re: Prosím o preventivní kontrolu

#2 Příspěvek od Diallix »

Dobry den.

:arrow: Stiahnite si na plochu nastroj AdwCleaner, link. na stiahnutie tu: https://toolslib.net/downloads/finish/1/
Pred spustenim nastroja povypinajte vsetke beziace okna programov, to su vsetke beziace programy pod desktopom.
Kliknite pravym tlacidlom mysi na program -> spustit ako Administrator.
Pokracujte kliknutim na tlacidlo Prehladaj teraz (Scan now) a pockajte, kym sa system doskenuje.
Po skene nechajte oznacene vsetky chlieviky, pripadne najdene hrozieby a pokracujte v dolnom pravom rohu tlacidlom Vycistit Teraz (Clean and Repair).
Po restartovani PC sa spusti nastroj AdwCleaner, kliknite na Zobrazit soubor protokolu.
Spusti sa log, jeho obsah skopirujte sem.
Vyšla moja nová kniha BOTNETY! :173: Informácie o nej nájdete tu: >> BOTNETY <<

¯­­­¯­­­¯­­­¯­­­¯­­­¯­­­¯­­­¯­­­¯­­­¯­­­¯­­­¯­­­¯­­­¯­­­¯­­­¯­­­¯­­­¯­­­¯­­­¯­­­¯­­­¯­­­¯­­­¯­­­¯­­­¯­­­¯­­­¯­­­¯­­­¯­­­¯­­­¯­­­¯­­­¯­­­¯­­­¯­­­¯­­­¯­­­¯­­­¯­­­¯­­­¯­­­¯­­­¯­­­¯­­­¯­­­¯­­­¯­­­¯­­­¯­­­¯­­­¯­­­¯­­­¯­­­¯­­­¯­­­¯­­­¯­­­¯­­­¯­­­¯­­­¯­­­¯­­­¯­­­¯­­­¯­­­¯­­­¯­­­¯­­­¯­­­¯­­­¯­­­¯­­­¯­­­¯­­­¯­­­¯­­­¯­­­¯­­­¯­­­¯­­­¯­­­¯­­­¯­­­¯­­­¯­­­¯­­­¯­­­¯­­­¯­­­¯­­­¯­­­¯­­­¯­­­¯­­­¯­­­¯­­­¯­­­¯­­­¯­­­¯­­­¯­­­¯­­­¯­­­¯­­­¯­­­¯­­­¯­­­¯­­­¯­­­¯­­­¯­­­¯­­­¯­­­¯­­­¯­­­¯­­­¯­­­¯­­­¯­­­¯­­­¯­­­¯­­­¯­­­¯­­­¯­­­¯­­­¯­­­¯­­­¯­­­¯­­­¯­­­¯­­­¯­­­¯­­­¯­­­¯­­­¯­­­¯­­­¯­­­¯­­­
---
Obrázek Hľadáme nové posily do nášej CyberSecurity UNIT jednotky. Viac informácií o tom, čo to obnáša a ako sa pripojiť nájdete tu: >> CyberSecurity UNIT << Obrázek
----
Nízkoúrovňový, Vysokoúrovňový programátor - profilová karta tu: card <<
----
Háveťárna - UPLOAD Malwaru: >> upload <<
---
Ak sa Vám ľúbi moja práca a ste sňou spokojný, môžete ma kontaktovať na: diallix@centrum.sk, info@diallix.net alebo diallix@forum.viry.cz .
---
Momentálne aktívny ako:
- konzultant, vývojár a tutor výskumu inteligentného malwaru.
- tutor v oblasti dotazovacích jazykoch SQL (TSQL, PLSQL), objektového programovania (c++,c#,php) pre študentov.

Na fóre pôsobím ako:
- Bezpečnostná autorita viry.cz
- Zástupca tutora pre vzdelávanie nováčikov
- Zakladateľ Cyber Security jednotky

kemgura07
Návštěvník
Návštěvník
Příspěvky: 43
Registrován: 26 lis 2019 22:56

Re: Prosím o preventivní kontrolu

#3 Příspěvek od kemgura07 »

Malwarebytes AdwCleaner 8.0.9.1
# -------------------------------
# Build: 01-20-2021
# Database: 2021-01-26.1 (Cloud)
# Support: https://www.malwarebytes.com/support
#
# -------------------------------
# Mode: Scan
# -------------------------------
# Start: 02-12-2021
# Duration: 00:00:49
# OS: Windows 10 Pro
# Scanned: 31956
# Detected: 0


***** [ Services ] *****

No malicious services found.

***** [ Folders ] *****

No malicious folders found.

***** [ Files ] *****

No malicious files found.

***** [ DLL ] *****

No malicious DLLs found.

***** [ WMI ] *****

Uživatelský avatar
Diallix
Rádce
Rádce
Příspěvky: 2760
Registrován: 27 dub 2008 10:34
Kontaktovat uživatele:

Re: Prosím o preventivní kontrolu

#4 Příspěvek od Diallix »

Log nie je kompletny.
Vyšla moja nová kniha BOTNETY! :173: Informácie o nej nájdete tu: >> BOTNETY <<

¯­­­¯­­­¯­­­¯­­­¯­­­¯­­­¯­­­¯­­­¯­­­¯­­­¯­­­¯­­­¯­­­¯­­­¯­­­¯­­­¯­­­¯­­­¯­­­¯­­­¯­­­¯­­­¯­­­¯­­­¯­­­¯­­­¯­­­¯­­­¯­­­¯­­­¯­­­¯­­­¯­­­¯­­­¯­­­¯­­­¯­­­¯­­­¯­­­¯­­­¯­­­¯­­­¯­­­¯­­­¯­­­¯­­­¯­­­¯­­­¯­­­¯­­­¯­­­¯­­­¯­­­¯­­­¯­­­¯­­­¯­­­¯­­­¯­­­¯­­­¯­­­¯­­­¯­­­¯­­­¯­­­¯­­­¯­­­¯­­­¯­­­¯­­­¯­­­¯­­­¯­­­¯­­­¯­­­¯­­­¯­­­¯­­­¯­­­¯­­­¯­­­¯­­­¯­­­¯­­­¯­­­¯­­­¯­­­¯­­­¯­­­¯­­­¯­­­¯­­­¯­­­¯­­­¯­­­¯­­­¯­­­¯­­­¯­­­¯­­­¯­­­¯­­­¯­­­¯­­­¯­­­¯­­­¯­­­¯­­­¯­­­¯­­­¯­­­¯­­­¯­­­¯­­­¯­­­¯­­­¯­­­¯­­­¯­­­¯­­­¯­­­¯­­­¯­­­¯­­­¯­­­¯­­­¯­­­¯­­­¯­­­¯­­­¯­­­¯­­­¯­­­¯­­­¯­­­¯­­­¯­­­¯­­­¯­­­¯­­­¯­­­
---
Obrázek Hľadáme nové posily do nášej CyberSecurity UNIT jednotky. Viac informácií o tom, čo to obnáša a ako sa pripojiť nájdete tu: >> CyberSecurity UNIT << Obrázek
----
Nízkoúrovňový, Vysokoúrovňový programátor - profilová karta tu: card <<
----
Háveťárna - UPLOAD Malwaru: >> upload <<
---
Ak sa Vám ľúbi moja práca a ste sňou spokojný, môžete ma kontaktovať na: diallix@centrum.sk, info@diallix.net alebo diallix@forum.viry.cz .
---
Momentálne aktívny ako:
- konzultant, vývojár a tutor výskumu inteligentného malwaru.
- tutor v oblasti dotazovacích jazykoch SQL (TSQL, PLSQL), objektového programovania (c++,c#,php) pre študentov.

Na fóre pôsobím ako:
- Bezpečnostná autorita viry.cz
- Zástupca tutora pre vzdelávanie nováčikov
- Zakladateľ Cyber Security jednotky

kemgura07
Návštěvník
Návštěvník
Příspěvky: 43
Registrován: 26 lis 2019 22:56

Re: Prosím o preventivní kontrolu

#5 Příspěvek od kemgura07 »

# Malwarebytes AdwCleaner 8.0.9.1
# -------------------------------
# Build: 01-20-2021
# Database: 2021-01-26.1 (Cloud)
# Support: https://www.malwarebytes.com/support
#
# -------------------------------
# Mode: Scan
# -------------------------------
# Start: 02-13-2021
# Duration: 00:00:51
# OS: Windows 10 Pro
# Scanned: 31956
# Detected: 0


***** [ Services ] *****

No malicious services found.

***** [ Folders ] *****

No malicious folders found.

***** [ Files ] *****

No malicious files found.

***** [ DLL ] *****

No malicious DLLs found.

***** [ WMI ] *****

No malicious WMI found.

***** [ Shortcuts ] *****

No malicious shortcuts found.

***** [ Tasks ] *****

No malicious tasks found.

***** [ Registry ] *****

No malicious registry entries found.

***** [ Chromium (and derivatives) ] *****

No malicious Chromium entries found.

***** [ Chromium URLs ] *****

No malicious Chromium URLs found.

***** [ Firefox (and derivatives) ] *****

No malicious Firefox entries found.

***** [ Firefox URLs ] *****

No malicious Firefox URLs found.

***** [ Hosts File Entries ] *****

No malicious hosts file entries found.

***** [ Preinstalled Software ] *****

No Preinstalled Software found.



########## EOF - C:\AdwCleaner\Logs\AdwCleaner[S00].txt ##########

Uživatelský avatar
Diallix
Rádce
Rádce
Příspěvky: 2760
Registrován: 27 dub 2008 10:34
Kontaktovat uživatele:

Re: Prosím o preventivní kontrolu

#6 Příspěvek od Diallix »

Dobre.

Preskenujte pocitac s FRST - navod tu: https://forum.viry.cz/viewtopic.php?f=24&t=132509, skopirujte FRST.log + Addition log sem.
Vyšla moja nová kniha BOTNETY! :173: Informácie o nej nájdete tu: >> BOTNETY <<

¯­­­¯­­­¯­­­¯­­­¯­­­¯­­­¯­­­¯­­­¯­­­¯­­­¯­­­¯­­­¯­­­¯­­­¯­­­¯­­­¯­­­¯­­­¯­­­¯­­­¯­­­¯­­­¯­­­¯­­­¯­­­¯­­­¯­­­¯­­­¯­­­¯­­­¯­­­¯­­­¯­­­¯­­­¯­­­¯­­­¯­­­¯­­­¯­­­¯­­­¯­­­¯­­­¯­­­¯­­­¯­­­¯­­­¯­­­¯­­­¯­­­¯­­­¯­­­¯­­­¯­­­¯­­­¯­­­¯­­­¯­­­¯­­­¯­­­¯­­­¯­­­¯­­­¯­­­¯­­­¯­­­¯­­­¯­­­¯­­­¯­­­¯­­­¯­­­¯­­­¯­­­¯­­­¯­­­¯­­­¯­­­¯­­­¯­­­¯­­­¯­­­¯­­­¯­­­¯­­­¯­­­¯­­­¯­­­¯­­­¯­­­¯­­­¯­­­¯­­­¯­­­¯­­­¯­­­¯­­­¯­­­¯­­­¯­­­¯­­­¯­­­¯­­­¯­­­¯­­­¯­­­¯­­­¯­­­¯­­­¯­­­¯­­­¯­­­¯­­­¯­­­¯­­­¯­­­¯­­­¯­­­¯­­­¯­­­¯­­­¯­­­¯­­­¯­­­¯­­­¯­­­¯­­­¯­­­¯­­­¯­­­¯­­­¯­­­¯­­­¯­­­¯­­­¯­­­¯­­­¯­­­¯­­­¯­­­¯­­­¯­­­
---
Obrázek Hľadáme nové posily do nášej CyberSecurity UNIT jednotky. Viac informácií o tom, čo to obnáša a ako sa pripojiť nájdete tu: >> CyberSecurity UNIT << Obrázek
----
Nízkoúrovňový, Vysokoúrovňový programátor - profilová karta tu: card <<
----
Háveťárna - UPLOAD Malwaru: >> upload <<
---
Ak sa Vám ľúbi moja práca a ste sňou spokojný, môžete ma kontaktovať na: diallix@centrum.sk, info@diallix.net alebo diallix@forum.viry.cz .
---
Momentálne aktívny ako:
- konzultant, vývojár a tutor výskumu inteligentného malwaru.
- tutor v oblasti dotazovacích jazykoch SQL (TSQL, PLSQL), objektového programovania (c++,c#,php) pre študentov.

Na fóre pôsobím ako:
- Bezpečnostná autorita viry.cz
- Zástupca tutora pre vzdelávanie nováčikov
- Zakladateľ Cyber Security jednotky

kemgura07
Návštěvník
Návštěvník
Příspěvky: 43
Registrován: 26 lis 2019 22:56

Re: Prosím o preventivní kontrolu

#7 Příspěvek od kemgura07 »

If an item is included in the fixlist, if it is a registry item it will be removed or restored to default.)

Tcpip\Parameters: [DhcpNameServer] 212.96.160.6 212.96.161.7
Tcpip\..\Interfaces\{adf0c0f2-0c58-455c-a3d5-cd2ef4d4bb55}: [DhcpNameServer] 212.96.160.6 212.96.161.7

Edge:
=======
DownloadDir: C:\Users\Kengura\Downloads
Edge DefaultProfile: Default
Edge HKLM-x32\...\Edge\Extension: [ihcjicgdanjaechkgeegckofjjedodee]

FireFox:
========
FF DefaultProfile: jmsljlgl.default
FF ProfilePath: C:\Users\Kengura\AppData\Roaming\Mozilla\Firefox\Profiles\jmsljlgl.default [2021-02-12]
FF Homepage: Mozilla\Firefox\Profiles\jmsljlgl.default -> about:home
FF NewTab: Mozilla\Firefox\Profiles\jmsljlgl.default -> about:newtab
FF Extension: (Facebook Container) - C:\Users\Kengura\AppData\Roaming\Mozilla\Firefox\Profiles\jmsljlgl.default\Extensions\@contain-facebook.xpi [2020-09-23]
FF ProfilePath: C:\Users\Kengura\AppData\Roaming\Mozilla\Firefox\Profiles\neqb5u83.default-release-1605118126751 [2021-02-12]
FF Homepage: Mozilla\Firefox\Profiles\neqb5u83.default-release-1605118126751 -> hxxps://www.seznam.cz/
FF NewTab: Mozilla\Firefox\Profiles\neqb5u83.default-release-1605118126751 -> about:newtab
FF Notifications: Mozilla\Firefox\Profiles\neqb5u83.default-release-1605118126751 -> hxxps://forum24.os.tc; hxxps://aukro.cz; hxxps://www.reflex.cz
FF Extension: (Facebook Container) - C:\Users\Kengura\AppData\Roaming\Mozilla\Firefox\Profiles\neqb5u83.default-release-1605118126751\Extensions\@contain-facebook.xpi [2020-11-11]
FF Plugin-x32: @microsoft.com/Lync,version=15.0 -> C:\Program Files (x86)\Mozilla Firefox\plugins\npmeetingjoinpluginoc.dll [2019-06-25] (Microsoft Corporation -> Microsoft Corporation)
FF Plugin-x32: @microsoft.com/SharePoint,version=14.0 -> C:\PROGRA~2\MICROS~1\Office15\NPSPWRAP.DLL [2014-01-22] (Microsoft Corporation -> Microsoft Corporation)
FF Plugin-x32: @nvidia.com/3DVision -> C:\Program Files (x86)\NVIDIA Corporation\3D Vision\npnv3dv.dll [2016-11-14] (NVIDIA Corporation PE Sign v2016 -> NVIDIA Corporation) [File not signed]
FF Plugin-x32: @nvidia.com/3DVisionStreaming -> C:\Program Files (x86)\NVIDIA Corporation\3D Vision\npnv3dvstreaming.dll [2016-11-14] (NVIDIA Corporation PE Sign v2016 -> NVIDIA Corporation) [File not signed]
FF Plugin-x32: Adobe Reader -> C:\Program Files (x86)\Adobe\Acrobat Reader DC\Reader\AIR\nppdf32.dll [2020-12-07] (Adobe Inc. -> Adobe Systems Inc.)

Chrome:
=======
CHR DefaultProfile: Default
CHR Profile: C:\Users\Kengura\AppData\Local\Google\Chrome\User Data\Default [2021-02-12]
CHR StartupUrls: Default -> "hxxps://www.centrum.cz/"
CHR DefaultSearchURL: Default -> hxxps://search.yahoo.com/search?fr=mcafee_uninternational&type=E210CZ91082G91461&p={searchTerms}
CHR DefaultSearchKeyword: Default -> mcafee
CHR Extension: (Dokumenty) - C:\Users\Kengura\AppData\Local\Google\Chrome\User Data\Default\Extensions\aohghmighlieiainnegkcijnfilokake [2021-01-20]
CHR Extension: (Disk Google) - C:\Users\Kengura\AppData\Local\Google\Chrome\User Data\Default\Extensions\apdfllckaahabafndbhieahigkjlhalf [2021-01-20]
CHR Extension: (YouTube) - C:\Users\Kengura\AppData\Local\Google\Chrome\User Data\Default\Extensions\blpcfgokakmgnkcojhhkbfbldkacnbeo [2021-01-20]
CHR Extension: (Dokumenty Google offline) - C:\Users\Kengura\AppData\Local\Google\Chrome\User Data\Default\Extensions\ghbmnnjooekpmoecnnnilnnbdlolhkhi [2021-01-20]
CHR Extension: (Platby Internetového obchodu Chrome) - C:\Users\Kengura\AppData\Local\Google\Chrome\User Data\Default\Extensions\nmmhkkegccagdldgiimedpiccmgmieda [2021-01-30]
CHR Extension: (Gmail) - C:\Users\Kengura\AppData\Local\Google\Chrome\User Data\Default\Extensions\pjkljhegncpnkpknbcohdijeoejaedia [2021-01-20]
CHR Extension: (Chrome Media Router) - C:\Users\Kengura\AppData\Local\Google\Chrome\User Data\Default\Extensions\pkedcjkdefgpdelpbcmbmeomcjbeemfm [2021-01-26]
CHR Profile: C:\Users\Kengura\AppData\Local\Google\Chrome\User Data\Guest Profile [2021-02-12]
CHR Profile: C:\Users\Kengura\AppData\Local\Google\Chrome\User Data\System Profile [2021-02-12]
CHR HKLM-x32\...\Chrome\Extension: [ihcjicgdanjaechkgeegckofjjedodee]

Opera:
=======
OPR Profile: C:\Users\Kengura\AppData\Roaming\Opera Software\Opera Stable [2021-01-30]
OPR DefaultSuggestURL: Opera Stable -> hxxps://www.google.com/complete/search?client=o ... utEncoding}

==================== Services (Whitelisted) ===================

(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)

S4 AdobeARMservice; C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\armsvc.exe [170056 2020-11-03] (Adobe Inc. -> Adobe Inc.)
R3 aswbIDSAgent; C:\Program Files\Avast Software\Avast\aswidsagent.exe [8477080 2020-12-20] (Avast Software s.r.o. -> AVAST Software)
R2 avast! Antivirus; C:\Program Files\Avast Software\Avast\AvastSvc.exe [621728 2020-12-20] (Avast Software s.r.o. -> AVAST Software)
R2 avast! Firewall; C:\Program Files\Avast Software\Avast\afwServ.exe [1230608 2021-01-13] (Avast Software s.r.o. -> AVAST Software)
R2 avast! Tools; C:\Program Files\Avast Software\Avast\aswToolsSvc.exe [351848 2020-12-20] (Avast Software s.r.o. -> AVAST Software)
R2 AvastWscReporter; C:\Program Files\Avast Software\Avast\wsc_proxy.exe [58048 2020-12-20] (Avast Software s.r.o. -> AVAST Software)
S2 DriverUpdSvc; C:\Program Files\Avast Software\Driver Updater\DriverUpdSvc.exe [5986528 2021-01-13] (Avast Software s.r.o. -> AVAST Software)
S3 FvSvc; C:\Program Files\NVIDIA Corporation\FrameViewSDK\nvfvsdksvc_x64.exe [287720 2020-10-19] (NVIDIA Corporation -> NVIDIA)
S3 Sense; C:\Program Files\Windows Defender Advanced Threat Protection\MsSense.exe [5197552 2020-12-01] (Microsoft Windows Publisher -> Microsoft Corporation)
S3 WdNisSvc; C:\ProgramData\Microsoft\Windows Defender\platform\4.18.2011.6-0\NisSrv.exe [2491880 2020-12-15] (Microsoft Windows Publisher -> Microsoft Corporation)
S3 WinDefend; C:\ProgramData\Microsoft\Windows Defender\platform\4.18.2011.6-0\MsMpEng.exe [128376 2020-12-15] (Microsoft Windows Publisher -> Microsoft Corporation)

===================== Drivers (Whitelisted) ===================

(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)

R1 aswArPot; C:\WINDOWS\System32\drivers\aswArPot.sys [208672 2020-12-20] (Avast Software s.r.o. -> AVAST Software)
R1 aswbidsdriver; C:\WINDOWS\System32\drivers\aswbidsdriver.sys [332880 2020-12-20] (Avast Software s.r.o. -> AVAST Software)
R0 aswbidsh; C:\WINDOWS\System32\drivers\aswbidsh.sys [247888 2020-12-20] (Avast Software s.r.o. -> AVAST Software)
R0 aswbuniv; C:\WINDOWS\System32\drivers\aswbuniv.sys [97360 2020-12-20] (Avast Software s.r.o. -> AVAST Software)
R0 aswElam; C:\WINDOWS\System32\drivers\aswElam.sys [16832 2020-12-20] (Microsoft Windows Early Launch Anti-malware Publisher -> AVAST Software)
R1 aswKbd; C:\WINDOWS\System32\drivers\aswKbd.sys [42424 2020-12-20] (Avast Software s.r.o. -> AVAST Software)
R1 aswMonFlt; C:\WINDOWS\System32\drivers\aswMonFlt.sys [176384 2020-12-20] (Avast Software s.r.o. -> AVAST Software)
R1 aswNetHub; C:\WINDOWS\System32\drivers\aswNetHub.sys [522480 2020-12-20] (Avast Software s.r.o. -> AVAST Software)
R1 aswRdr; C:\WINDOWS\System32\drivers\aswRdr2.sys [108928 2020-12-20] (Avast Software s.r.o. -> AVAST Software)
R0 aswRvrt; C:\WINDOWS\System32\drivers\aswRvrt.sys [84496 2020-12-20] (Avast Software s.r.o. -> AVAST Software)
R1 aswSnx; C:\WINDOWS\System32\drivers\aswSnx.sys [851256 2020-12-20] (Avast Software s.r.o. -> AVAST Software)
R1 aswSP; C:\WINDOWS\System32\drivers\aswSP.sys [468888 2021-01-08] (Avast Software s.r.o. -> AVAST Software)
R2 aswStm; C:\WINDOWS\System32\drivers\aswStm.sys [214808 2021-01-07] (Avast Software s.r.o. -> AVAST Software)
S3 aswTap; C:\WINDOWS\System32\drivers\aswTap.sys [53904 2021-01-13] (AVAST Software s.r.o. -> The OpenVPN Project)
R0 aswVmm; C:\WINDOWS\System32\drivers\aswVmm.sys [324904 2021-01-07] (Avast Software s.r.o. -> AVAST Software)
S3 BthA2dp; C:\WINDOWS\System32\drivers\BthA2dp.sys [279040 2019-12-07] (Microsoft Corporation) [File not signed]
R2 CLFCL5.20; C:\WINDOWS\System32\drivers\CLFCL5.20\000.fcl [46952 2020-03-20] (CyberLink Corp. -> CyberLink Corp.)
R1 eamonm; C:\WINDOWS\System32\DRIVERS\eamonm.sys [141512 2018-09-04] (ESET, spol. s r.o. -> ESET)
S0 eelam; C:\WINDOWS\System32\DRIVERS\eelam.sys [15872 2018-09-04] (Microsoft Windows Early Launch Anti-malware Publisher -> ESET)
S1 ehdrv; C:\WINDOWS\system32\DRIVERS\ehdrv.sys [188824 2018-09-04] (ESET, spol. s r.o. -> ESET)
R1 epfwwfp; C:\WINDOWS\system32\DRIVERS\epfwwfp.sys [109864 2018-09-04] (ESET, spol. s r.o. -> ESET)
R1 ESProtectionDriver; C:\WINDOWS\system32\drivers\mbae64.sys [152688 2018-09-11] (Malwarebytes Corporation -> Malwarebytes)
S3 WdBoot; C:\WINDOWS\system32\drivers\wd\WdBoot.sys [48536 2020-12-15] (Microsoft Windows Early Launch Anti-malware Publisher -> Microsoft Corporation)
S3 WdFilter; C:\WINDOWS\system32\drivers\wd\WdFilter.sys [429296 2020-12-15] (Microsoft Windows -> Microsoft Corporation)
S3 WdNisDrv; C:\WINDOWS\System32\drivers\wd\WdNisDrv.sys [70896 2020-12-15] (Microsoft Windows -> Microsoft Corporation)
S3 MBAMFarflt; system32\DRIVERS\farflt.sys [X]
S3 MBAMProtection; \SystemRoot\system32\DRIVERS\mbam.sys [X]
S3 MBAMWebProtection; \SystemRoot\system32\DRIVERS\mwac.sys [X]

==================== NetSvcs (Whitelisted) ===================

(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)


==================== One month (created) (Whitelisted) =========

(If an entry is included in the fixlist, the file/folder will be moved.)

2021-02-12 19:36 - 2021-02-12 19:37 - 000009830 _____ C:\Users\Kengura\Desktop\FRST.txt
2021-02-12 19:35 - 2021-02-12 19:35 - 000000000 ____D C:\Users\Kengura\Desktop\FRST-OlderVersion
2021-02-12 19:34 - 2021-02-12 19:36 - 000000000 ____D C:\FRST
2021-02-12 18:35 - 2021-02-12 18:35 - 003671513 _____ C:\Users\Kengura\Downloads\Přichází dodavatel vakcín .mp4
2021-02-12 12:34 - 2021-02-12 12:34 - 000002076 _____ C:\ProgramData\Desktop\CyberLink PowerDVD 20.lnk
2021-02-12 12:34 - 2021-02-12 12:34 - 000000000 ___RD C:\ProgramData\Microsoft\Windows\Start Menu\Programs\CyberLink PowerDVD 20
2021-02-12 12:34 - 2021-02-12 12:34 - 000000000 ____D C:\Program Files (x86)\NSIS Uninstall Information
2021-02-12 12:32 - 2021-02-12 12:32 - 000000000 ____D C:\ProgramData\install_backup
2021-02-11 17:43 - 2021-02-11 17:43 - 000001140 _____ C:\Users\Kengura\Desktop\Format Factory.lnk
2021-02-11 17:43 - 2021-02-11 17:43 - 000000000 ____D C:\Users\Kengura\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\FormatFactory
2021-02-11 17:32 - 2021-02-11 17:39 - 000000000 ____D C:\Users\Kengura\Downloads\FormatFactory2021_02_11
2021-02-11 17:00 - 2021-02-11 17:00 - 001142338 _____ C:\Users\Kengura\Downloads\VID-20210103-WA0003.mp4
2021-02-11 14:49 - 2021-02-12 19:35 - 002297344 _____ (Farbar) C:\Users\Kengura\Desktop\FRST64.exe
2021-02-11 13:32 - 2021-02-11 13:32 - 000000000 ____D C:\rsit
2021-02-11 13:23 - 2021-02-11 13:23 - 000000000 ____D C:\WINDOWS\Panther
2021-02-11 11:40 - 2021-02-11 16:58 - 005287241 _____ C:\Users\Kengura\Downloads\radost.mp4
2021-02-10 12:55 - 2021-02-10 12:55 - 000000000 ____D C:\WINDOWS\system32\Tasks\Mozilla
2021-02-09 15:43 - 2021-02-09 15:43 - 000000110 ____H C:\Users\Kengura\Downloads\120824076_2711413509116044_9168557092328109456_o.jpg.uid-zps
2021-02-09 15:39 - 2021-02-09 15:39 - 000000110 ____H C:\Users\Kengura\Downloads\121419726_2715390862051642_1922455239914236170_o.jpg.uid-zps
2021-02-09 15:21 - 2021-02-09 15:21 - 000000110 ____H C:\Users\Kengura\Downloads\121494762_2715390858718309_1526678300369370339_o.jpg.uid-zps
2021-02-09 15:19 - 2021-02-09 15:19 - 000000110 ____H C:\Users\Kengura\Downloads\126854433_2752993254958069_7662203413404071461_o.jpg.uid-zps
2021-02-09 15:17 - 2021-02-09 15:17 - 000000110 ____H C:\Users\Kengura\Downloads\133579261_2779044829019578_7110965461662077724_o.jpg.uid-zps
2021-02-09 15:14 - 2021-02-09 15:14 - 000000110 ____H C:\Users\Kengura\Downloads\135249760_2783333205257407_1496598418690007038_o.jpg.uid-zps
2021-02-09 15:13 - 2021-02-09 15:13 - 000000110 ____H C:\Users\Kengura\Downloads\137588650_2789757167948344_1990776809383200596_o.jpg.uid-zps
2021-02-09 15:10 - 2021-02-09 15:10 - 000000110 ____H C:\Users\Kengura\Downloads\147572269_2810271319230262_3713081136388808338_o.jpg.uid-zps
2021-02-09 15:08 - 2021-02-09 15:08 - 000000110 ____H C:\Users\Kengura\Downloads\148628694_2810271065896954_8026989339141434546_o.jpg.uid-zps
2021-02-09 15:05 - 2021-02-09 15:05 - 000000110 ____H C:\Users\Kengura\Downloads\120818811_2711413462449382_1354154157831541484_o.jpg.uid-zps
2021-02-07 18:09 - 2021-02-07 18:11 - 000000000 ____D C:\AdwCleaner
2021-02-07 13:26 - 2021-02-12 12:50 - 000000000 ____D C:\Program Files\CyberLink
2021-02-05 19:28 - 2021-02-05 19:38 - 000000000 ____D C:\Users\Kengura\AppData\Roaming\Software Informer
2021-02-05 19:28 - 2021-02-05 19:28 - 000000000 ____D C:\ProgramData\Informer Technologies, Inc
2021-02-02 18:05 - 2021-02-02 07:01 - 000072484 ____N C:\Users\Kengura\Downloads\Roční vyúčtování k pojistné smlouvě č 7182366191 .pdf
2021-02-02 18:05 - 2021-02-02 07:01 - 000052504 ____N C:\Users\Kengura\Downloads\Informace k platbě Vašeho pojištění č 7182366191.pdf
2021-01-30 16:33 - 2021-01-30 16:33 - 000001887 _____ C:\ProgramData\Desktop\Zoner Photo Studio 16 x64.lnk
2021-01-30 16:33 - 2021-01-30 16:33 - 000000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Zoner Photo Studio 16
2021-01-30 16:33 - 2021-01-30 16:33 - 000000000 ____D C:\Program Files\Zoner
2021-01-30 11:58 - 2021-01-30 19:42 - 000000000 ____D C:\Program Files (x86)\WinTools Software
2021-01-30 11:58 - 2021-01-30 11:58 - 000001381 _____ C:\ProgramData\Desktop\WinTools.net Premium.lnk
2021-01-30 11:58 - 2021-01-30 11:58 - 000000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\WinTools.net Premium
2021-01-28 13:08 - 2021-01-28 17:56 - 000000000 ____D C:\Users\Kengura\AppData\Local\TeamViewer
2021-01-28 13:07 - 2021-01-28 13:08 - 000000000 ____D C:\Users\Kengura\AppData\Roaming\TeamViewer
2021-01-23 21:13 - 2021-01-23 21:13 - 003791862 _____ C:\Users\Kengura\Downloads\Ivrit-min-hahatchala-1-74.pdf
2021-01-22 17:35 - 2021-01-23 12:09 - 000000959 _____ C:\ProgramData\Desktop\calibre 64bit - E-book management.lnk
2021-01-22 17:35 - 2021-01-23 12:09 - 000000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\calibre 64bit - E-book Management
2021-01-22 17:35 - 2021-01-23 12:09 - 000000000 ____D C:\Program Files\Calibre2
2021-01-22 16:21 - 2021-01-22 16:21 - 000000000 ____D C:\Users\Kengura\AppData\Local\cache
2021-01-21 19:50 - 2021-01-23 12:39 - 000000000 ____D C:\Users\Kengura\AppData\Roaming\calibre
2021-01-21 18:44 - 2021-01-21 18:44 - 008457584 _____ (Malwarebytes) C:\Users\Kengura\Desktop\adwcleaner_8.0.9.1.exe
2021-01-21 14:29 - 2021-02-11 19:10 - 000000000 ____D C:\Users\Kengura\AppData\Local\D3DSCache
2021-01-20 19:43 - 2021-01-20 19:43 - 000000000 ____D C:\Users\Kengura\AppData\Local\FTMod
2021-01-20 19:14 - 2021-01-20 19:14 - 000000000 ____D C:\Users\Kengura\AppData\Local\PeerDistRepub
2021-01-20 17:31 - 2021-01-20 16:11 - 000024064 _____ C:\WINDOWS\zoek-delete.exe
2021-01-19 14:07 - 2020-12-20 12:03 - 000340576 _____ (AVAST Software) C:\WINDOWS\system32\aswBoot.exe
2021-01-13 14:40 - 2021-01-13 14:40 - 000002247 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Avast Driver Updater.lnk
2021-01-13 14:08 - 2021-01-13 14:08 - 000053904 _____ (The OpenVPN Project) C:\WINDOWS\system32\Drivers\aswTap.sys
2021-01-13 13:57 - 2021-01-19 14:08 - 000002048 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Avast Premium Security.lnk
2021-01-13 13:57 - 2021-01-19 14:08 - 000002036 _____ C:\ProgramData\Desktop\Avast Premium Security.lnk

==================== One month (modified) ==================

(If an entry is included in the fixlist, the file/folder will be moved.)

2021-02-12 19:38 - 2020-08-28 14:13 - 000000000 ____D C:\ProgramData\NVIDIA
2021-02-12 19:29 - 2019-12-07 10:14 - 000000000 ____D C:\ProgramData\regid.1991-06.com.microsoft
2021-02-12 19:27 - 2020-08-28 20:11 - 000000000 ____D C:\Program Files (x86)\WinRAR
2021-02-12 19:20 - 2019-12-07 10:13 - 000000000 ____D C:\WINDOWS\INF
2021-02-12 19:19 - 2020-11-12 12:22 - 000000000 ____D C:\Program Files\CCleaner
2021-02-12 19:17 - 2020-08-28 14:48 - 000000000 ____D C:\Users\Kengura\AppData\LocalLow\Mozilla
2021-02-12 19:13 - 2020-08-28 14:47 - 000000000 ____D C:\ProgramData\Mozilla
2021-02-12 17:50 - 2020-08-28 20:01 - 000000000 ____D C:\Program Files\WinRAR
2021-02-12 17:39 - 2020-09-12 13:32 - 000000006 ____H C:\WINDOWS\Tasks\SA.DAT
2021-02-12 17:39 - 2020-09-12 13:05 - 000008192 ___SH C:\DumpStack.log.tmp
2021-02-12 17:16 - 2020-09-02 18:30 - 000000000 ____D C:\ProgramData\Avast Software
2021-02-12 17:16 - 2019-12-07 10:03 - 000524288 _____ C:\WINDOWS\system32\config\BBI
2021-02-12 17:13 - 2020-09-13 14:07 - 000000000 ____D C:\FFOutput
2021-02-12 15:55 - 2020-09-01 16:09 - 000000000 ____D C:\Users\Kengura\AppData\Roaming\CyberLink
2021-02-12 15:47 - 2020-09-12 13:06 - 000000000 ____D C:\WINDOWS\system32\SleepStudy
2021-02-12 12:35 - 2020-09-01 15:06 - 000000000 ____D C:\ProgramData\CLSK
2021-02-12 12:34 - 2020-09-12 12:10 - 000000000 ____D C:\WINDOWS\system32\Drivers\CLFCL5.20
2021-02-12 12:34 - 2020-08-29 10:04 - 000000000 ___HD C:\Program Files (x86)\InstallShield Installation Information
2021-02-12 12:27 - 2020-09-01 15:06 - 000000000 ____D C:\ProgramData\install_clap
2021-02-12 12:26 - 2020-09-01 15:06 - 000000000 ___HD C:\ProgramData\CyberLink
2021-02-12 12:23 - 2020-12-17 17:50 - 000003400 _____ C:\WINDOWS\system32\Tasks\GoogleUpdateTaskMachineUA
2021-02-12 12:23 - 2020-12-17 17:50 - 000003176 _____ C:\WINDOWS\system32\Tasks\GoogleUpdateTaskMachineCore
2021-02-12 12:23 - 2020-11-28 12:36 - 000003250 _____ C:\WINDOWS\system32\Tasks\Antivirus Emergency Update
2021-02-12 12:23 - 2020-11-28 12:35 - 000003396 _____ C:\WINDOWS\system32\Tasks\AVGUpdateTaskMachineUA
2021-02-12 12:23 - 2020-11-28 12:35 - 000003172 _____ C:\WINDOWS\system32\Tasks\AVGUpdateTaskMachineCore
2021-02-12 12:23 - 2020-11-28 12:35 - 000003088 _____ C:\WINDOWS\system32\Tasks\AVG Secure Browser Heartbeat Task (Hourly)
2021-02-12 12:23 - 2020-11-28 12:35 - 000002606 _____ C:\WINDOWS\system32\Tasks\AVG Secure Browser Heartbeat Task (Logon)
2021-02-12 12:23 - 2020-11-14 18:11 - 000002238 _____ C:\WINDOWS\system32\Tasks\CCleanerSkipUAC
2021-02-12 12:23 - 2020-11-12 12:22 - 000003194 _____ C:\WINDOWS\system32\Tasks\CCleaner Update
2021-02-12 12:23 - 2020-11-05 18:01 - 000002914 _____ C:\WINDOWS\system32\Tasks\NvNodeLauncher_{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}
2021-02-12 12:23 - 2020-11-05 18:00 - 000003398 _____ C:\WINDOWS\system32\Tasks\NvDriverUpdateCheckDaily_{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}
2021-02-12 12:23 - 2020-11-05 18:00 - 000003196 _____ C:\WINDOWS\system32\Tasks\NvBatteryBoostCheckOnLogon_{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}
2021-02-12 12:23 - 2020-09-12 13:32 - 000000000 ____D C:\WINDOWS\system32\Tasks\AVAST Software
2021-02-11 17:43 - 2020-09-13 13:43 - 000000000 ____D C:\Program Files (x86)\FormatFactory
2021-02-11 13:32 - 2020-10-05 13:04 - 000000000 ____D C:\Program Files\trend micro
2021-02-10 15:30 - 2020-10-28 20:23 - 000000000 ____D C:\Program Files\Mozilla Firefox
2021-02-10 12:54 - 2020-08-28 14:47 - 000001005 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Firefox.lnk
2021-02-10 12:49 - 2020-08-29 10:13 - 000000000 ____D C:\Users\Kengura\AppData\Local\CrashDumps
2021-02-10 11:03 - 2020-12-17 17:50 - 000002207 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Google Chrome.lnk
2021-02-10 11:03 - 2020-12-17 17:50 - 000002166 _____ C:\ProgramData\Desktop\Google Chrome.lnk
2021-02-07 16:43 - 2020-12-20 12:04 - 000004264 _____ C:\WINDOWS\system32\Tasks\Avast Emergency Update
2021-02-06 17:50 - 2020-08-28 14:09 - 000000000 ____D C:\Users\Kengura\AppData\Local\Packages
2021-02-06 17:37 - 2020-12-20 12:03 - 000000000 ____D C:\Program Files\Avast Software
2021-02-06 15:51 - 2019-12-07 10:14 - 000000000 ___HD C:\Program Files\WindowsApps
2021-02-05 15:34 - 2020-08-28 15:55 - 000000000 ____D C:\Users\Kengura\Knihovna Calibre
2021-02-03 12:59 - 2020-11-02 21:01 - 000000000 ___RD C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Microsoft Office 2013
2021-01-31 21:10 - 2020-09-12 12:13 - 000000000 ____D C:\Users\Kengura
2021-01-31 11:54 - 2019-12-07 10:14 - 000000000 ____D C:\WINDOWS\system32\NDF
2021-01-31 11:40 - 2020-12-15 18:15 - 000355752 _____ C:\WINDOWS\system32\FNTCACHE.DAT
2021-01-30 19:46 - 2021-01-01 22:02 - 000000000 ____D C:\Users\Kengura\AppData\Roaming\WinTools
2021-01-28 18:19 - 2019-12-07 10:14 - 000000000 ____D C:\WINDOWS\system32\Catroot2.old
2021-01-28 18:05 - 2020-08-28 14:03 - 000000000 ____D C:\WINDOWS\SoftwareDistribution.old
2021-01-28 12:25 - 2020-09-03 18:27 - 000000000 ____D C:\Users\Kengura\AppData\Local\NVIDIA Corporation
2021-01-27 20:16 - 2020-12-17 10:30 - 000000000 ____D C:\WINDOWS\pss
2021-01-27 20:04 - 2020-12-15 18:16 - 000000214 _____ C:\WINDOWS\Tasks\CreateExplorerShellUnelevatedTask.job
2021-01-22 18:27 - 2020-11-13 17:04 - 000000000 ____D C:\ProgramData\Malwarebytes
2021-01-22 16:02 - 2019-12-07 10:14 - 000000000 ____D C:\WINDOWS\LiveKernelReports
2021-01-19 23:01 - 2019-12-07 10:54 - 000000000 ____D C:\Program Files\Windows Defender Advanced Threat Protection
2021-01-19 23:01 - 2019-12-07 10:14 - 000000000 __RSD C:\WINDOWS\Media
2021-01-19 23:01 - 2019-12-07 10:14 - 000000000 ___SD C:\WINDOWS\SysWOW64\F12
2021-01-19 23:01 - 2019-12-07 10:14 - 000000000 ___SD C:\WINDOWS\system32\UNP
2021-01-19 23:01 - 2019-12-07 10:14 - 000000000 ___SD C:\WINDOWS\system32\Nui
2021-01-19 23:01 - 2019-12-07 10:14 - 000000000 ____D C:\WINDOWS\SysWOW64\ras
2021-01-19 23:01 - 2019-12-07 10:14 - 000000000 ____D C:\WINDOWS\SysWOW64\Keywords
2021-01-19 23:01 - 2019-12-07 10:14 - 000000000 ____D C:\WINDOWS\SysWOW64\Dism
2021-01-19 23:01 - 2019-12-07 10:14 - 000000000 ____D C:\WINDOWS\SystemResources
2021-01-19 23:01 - 2019-12-07 10:14 - 000000000 ____D C:\WINDOWS\system32\WinBioPlugIns
2021-01-19 23:01 - 2019-12-07 10:14 - 000000000 ____D C:\WINDOWS\system32\ras
2021-01-19 23:01 - 2019-12-07 10:14 - 000000000 ____D C:\WINDOWS\system32\oobe
2021-01-19 23:01 - 2019-12-07 10:14 - 000000000 ____D C:\WINDOWS\system32\icsxml
2021-01-19 23:01 - 2019-12-07 10:14 - 000000000 ____D C:\WINDOWS\system32\Dism
2021-01-19 23:01 - 2019-12-07 10:14 - 000000000 ____D C:\WINDOWS\system32\DDFs
2021-01-19 23:01 - 2019-12-07 10:14 - 000000000 ____D C:\WINDOWS\ShellExperiences
2021-01-19 23:01 - 2019-12-07 10:14 - 000000000 ____D C:\WINDOWS\Provisioning
2021-01-19 23:01 - 2019-12-07 10:14 - 000000000 ____D C:\WINDOWS\L2Schemas
2021-01-19 23:01 - 2019-12-07 10:14 - 000000000 ____D C:\WINDOWS\DiagTrack
2021-01-19 23:01 - 2019-12-07 10:14 - 000000000 ____D C:\WINDOWS\Cursors
2021-01-19 22:52 - 2019-12-07 10:14 - 000000000 ____D C:\WINDOWS\registration
2021-01-19 14:07 - 2019-12-07 10:14 - 000000000 ___HD C:\WINDOWS\ELAMBKUP
2021-01-17 15:06 - 2020-08-28 14:47 - 000000000 ____D C:\Program Files (x86)\Mozilla Maintenance Service
2021-01-13 14:40 - 2020-12-20 12:06 - 000000000 ____D C:\Users\Kengura\AppData\Roaming\Avast Software
2021-01-13 14:07 - 2020-12-20 12:03 - 000000000 ____D C:\Program Files\Common Files\Avast Software
2021-01-13 12:21 - 2020-09-01 15:02 - 000000000 ____D C:\WINDOWS\system32\MRT
2021-01-13 12:12 - 2020-09-01 15:02 - 135062968 ____C (Microsoft Corporation) C:\WINDOWS\system32\MRT.exe

==================== Files in the root of some directories ========

2021-01-07 17:05 - 2021-01-07 17:05 - 000000017 _____ () C:\Users\Kengura\AppData\Local\resmon.resmoncfg

==================== SigCheck ============================

(There is no automatic fix for files that do not pass verification.)

==================== End of FRST.txt ========================

Additional scan result of Farbar Recovery Scan Tool (x64) Version: 12-02-2021
Ran by Kengura (12-02-2021 19:38:57)
Running from C:\Users\Kengura\Desktop
Windows 10 Pro Version 20H2 19042.685 (X64) (2020-09-12 12:33:06)
Boot Mode: Normal
==========================================================


==================== Accounts: =============================

Administrator (S-1-5-21-3670144830-1670747954-2962517199-500 - Administrator - Disabled)
DefaultAccount (S-1-5-21-3670144830-1670747954-2962517199-503 - Limited - Disabled)
Guest (S-1-5-21-3670144830-1670747954-2962517199-501 - Limited - Disabled)
Kengura (S-1-5-21-3670144830-1670747954-2962517199-1002 - Administrator - Enabled) => C:\Users\Kengura
WDAGUtilityAccount (S-1-5-21-3670144830-1670747954-2962517199-504 - Limited - Disabled)

==================== Security Center ========================

(If an entry is included in the fixlist, it will be removed.)

AV: Windows Defender (Disabled - Up to date) {D68DDC3A-831F-4fae-9E44-DA132C1ACF46}
AV: AVG Antivirus (Enabled - Up to date) {18A975F9-A60C-37D8-E30B-4BEF31AD3411}
AV: Avast Antivirus (Enabled - Up to date) {EB19B86E-3998-C706-90EF-92B41EB091AF}
FW: AVG Antivirus (Enabled) {2092F4DC-EC63-3680-C854-E2DACF7E736A}
FW: Avast Antivirus (Enabled) {D322394B-73F7-C65E-BBB0-3B81E063D6D4}

==================== Installed Programs ======================

(Only the adware programs with "Hidden" flag could be added to the fixlist to unhide them. The adware programs should be uninstalled manually.)

Adobe Acrobat Reader DC - Czech (HKLM-x32\...\{AC76BA86-7AD7-1029-7B44-AC0F074E4100}) (Version: 20.013.20074 - Adobe Systems Incorporated)
Aktualizace NVIDIA 38.0.5.0 (HKLM\...\{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_Display.Update) (Version: 38.0.5.0 - NVIDIA Corporation) Hidden
Avast Premium Security (HKLM-x32\...\Avast Antivirus) (Version: 20.10.2442 - Avast Software)
calibre 64bit (HKLM\...\{6AE87DB6-FB23-4B5C-A57D-74E294A29228}) (Version: 5.10.1 - Kovid Goyal)
CCleaner (HKLM\...\CCleaner) (Version: 5.76 - Piriform)
centrum.cz (HKU\S-1-5-21-3670144830-1670747954-2962517199-1002\...\27688f8a7e4ac8b4a98e5fb3d179aca5) (Version: 1.0 - centrum.cz)
CyberLink PowerDVD 20 (HKLM-x32\...\{E5B8E5C5-4C42-407B-A2BC-BAC724D1F43F}) (Version: 20.0.1519.62 - CyberLink Corp.)
Excel (HKU\S-1-5-21-3670144830-1670747954-2962517199-1002\...\1fc5b090eab9aa41f8a2f5987367e6da) (Version: 1.0 - Excel)
FormatFactory 5.6.5.0 (HKLM-x32\...\FormatFactory) (Version: 5.6.5.0 - Free Time)
Google Chrome (HKLM-x32\...\Google Chrome) (Version: 88.0.4324.150 - Google LLC)
Microsoft ASP.NET MVC 4 Runtime (HKLM-x32\...\{3FE312D5-B862-40CE-8E4E-A6D8ABF62736}) (Version: 4.0.40804.0 - Microsoft Corporation)
Microsoft Visual C++ 2010 x86 Redistributable - 10.0.40219 (HKLM-x32\...\{F0C3E5D1-1ADE-321E-8167-68EF0DE699A5}) (Version: 10.0.40219 - Microsoft Corporation)
Microsoft Visual C++ 2012 Redistributable (x64) - 11.0.61030 (HKLM-x32\...\{ca67548a-5ebe-413a-b50c-4b9ceb6d66c6}) (Version: 11.0.61030.0 - Microsoft Corporation)
Microsoft Visual C++ 2012 Redistributable (x86) - 11.0.61030 (HKLM-x32\...\{33d1fd90-4274-48a1-9bc1-97e33d9c2d6f}) (Version: 11.0.61030.0 - Microsoft Corporation)
Microsoft Visual C++ 2013 Redistributable (x64) - 12.0.21005 (HKLM-x32\...\{7f51bdb9-ee21-49ee-94d6-90afc321780e}) (Version: 12.0.21005.1 - Microsoft Corporation)
Microsoft Visual C++ 2017 Redistributable (x64) - 14.13.26020 (HKLM-x32\...\{7474cd6e-76cc-4257-837e-5b9261e526af}) (Version: 14.13.26020.0 - Microsoft Corporation)
Microsoft Visual C++ 2017 Redistributable (x86) - 14.13.26020 (HKLM-x32\...\{5c045b7f-e561-4794-91f8-c6cda0893107}) (Version: 14.13.26020.0 - Microsoft Corporation)
Mozilla Firefox 85.0.2 (x64 cs) (HKLM\...\Mozilla Firefox 85.0.2 (x64 cs)) (Version: 85.0.2 - Mozilla)
Nástroje kontroly pravopisu pro Microsoft Office 2013 – čeština (HKLM\...\{90150000-001F-0405-1000-0000000FF1CE}) (Version: 15.0.4569.1506 - Microsoft Corporation) Hidden
Nástroje korektúry balíka Microsoft Office 2013 - slovenčina (HKLM\...\{90150000-001F-041B-1000-0000000FF1CE}) (Version: 15.0.4569.1506 - Microsoft Corporation) Hidden
NVAPI Monitor plugin for NvContainer (HKLM\...\{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_NvContainer.NvapiMonitor) (Version: 1.27 - NVIDIA Corporation) Hidden
NVIDIA 3D Vision Driver 342.01 (HKLM\...\{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_Display.3DVision) (Version: 342.01 - NVIDIA Corporation)
NVIDIA FrameView SDK 1.1.4923.29214634 (HKLM\...\{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_FrameViewSdk) (Version: 1.1.4923.29214634 - NVIDIA Corporation)
NVIDIA GeForce Experience 3.20.5.70 (HKLM\...\{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_Display.GFExperience) (Version: 3.20.5.70 - NVIDIA Corporation)
NVIDIA Ovladač řídící jednotky 3D Vision 340.50 (HKLM\...\{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_Display.NVIRUSB) (Version: 340.50 - NVIDIA Corporation)
NVIDIA Systémový software PhysX 9.13.1220 (HKLM\...\{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_Display.PhysX) (Version: 9.13.1220 - NVIDIA Corporation)
NvModuleTracker (HKLM\...\{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_NvModuleTracker.Driver) (Version: 6.14.24033.38719 - NVIDIA Corporation) Hidden
Outlook (HKU\S-1-5-21-3670144830-1670747954-2962517199-1002\...\6b0f23e57a39ebfbf2814acb1a24293d) (Version: 1.0 - Outlook)
PowerISO (HKLM-x32\...\PowerISO) (Version: 7.7 - Power Software Ltd)
PowerPoint (HKU\S-1-5-21-3670144830-1670747954-2962517199-1002\...\319814cb56b667dff88f54e08be8f51f) (Version: 1.0 - PowerPoint)
Realtek High Definition Audio Driver (HKLM-x32\...\{F132AF7F-7BCA-4EDE-8A7C-958108FE7DBC}) (Version: 6.0.1.7541 - Realtek Semiconductor Corp.)
TiMoC (HKLM-x32\...\TiMoC1.1) (Version: 1.1 - Oblivion CZ team)
Update for Skype for Business 2015 (KB4484289) 64-Bit Edition (HKLM\...\{90150000-012B-0405-1000-0000000FF1CE}_Office15.PROPLUSR_{1C76EBD9-0A70-4094-A543-00CAA3B62113}) (Version: - Microsoft)
WinRAR 6.00 (64-bit) (HKLM\...\WinRAR archiver) (Version: 6.00.0 - win.rar GmbH)
WinTools.net Premium version 20.7 (HKLM-x32\...\{AA9A6236-EE61-41B7-A7EC-5F4496409D55}_is1) (Version: 20.7 - WinTools Software Engineering, Ltd.)
Zoner Photo Studio 16 (HKLM\...\ZonerPhotoStudio16_CZ_is1) (Version: - ZONER software)

Packages:
=========
Microsoft Advertising SDK for XAML -> C:\Program Files\WindowsApps\Microsoft.Advertising.Xaml_10.1811.1.0_x64__8wekyb3d8bbwe [2021-01-19] (Microsoft Corporation) [MS Ad]
Microsoft Advertising SDK for XAML -> C:\Program Files\WindowsApps\Microsoft.Advertising.Xaml_10.1811.1.0_x86__8wekyb3d8bbwe [2021-01-19] (Microsoft Corporation) [MS Ad]
PDF Viewer and Reader -> C:\Program Files\WindowsApps\22450.PDFViewerandReader_1.3.2.0_x64__0aqw1zw0x2snt [2021-01-19] (韵华软件) [MS Ad]

==================== Custom CLSID (Whitelisted): ==============

(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)


==================== Codecs (Whitelisted) ====================

==================== Shortcuts & WMI ========================

==================== Loaded Modules (Whitelisted) =============

2020-09-12 13:17 - 2016-11-14 10:45 - 001408200 _____ (NVIDIA Corporation PE Sign v2016 -> NVIDIA Corporation) [File not signed] C:\Program Files (x86)\NVIDIA Corporation\3D Vision\nvSCPAPI64.dll

==================== Alternate Data Streams (Whitelisted) ========

==================== Safe Mode (Whitelisted) ==================

(If an entry is included in the fixlist, it will be removed from the registry. The "AlternateShell" will be restored.)

HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\MBAMService => ""="Service"
HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Network\MBAMService => ""="Service"

==================== Association (Whitelisted) =================

==================== Internet Explorer (Whitelisted) ==========

HKLM\Software\Wow6432Node\Microsoft\Internet Explorer\Main,Start Page = about:blank
HKLM\Software\Wow6432Node\Microsoft\Internet Explorer\Main,Default_Page_URL =
HKLM\Software\Wow6432Node\Microsoft\Internet Explorer\Main,Default_Search_URL =
HKLM\Software\Microsoft\Internet Explorer\Main,Local Page =
HKU\S-1-5-21-3670144830-1670747954-2962517199-1002\Software\Microsoft\Internet Explorer\Main,Search Page = hxxp://www.microsoft.com/isapi/redir.dll?prd=ie&ar=iesearch
HKU\S-1-5-21-3670144830-1670747954-2962517199-1002\Software\Microsoft\Internet Explorer\Main,Default_Search_URL = hxxp://www.microsoft.com/isapi/redir.dll?prd=ie&ar=iesearch
SearchScopes: HKU\S-1-5-21-3670144830-1670747954-2962517199-1002 -> DefaultScope {012E1000-F331-11DB-8314-0800200C9A66} URL = hxxp://www.google.com/search?q={searchTerms}
SearchScopes: HKU\S-1-5-21-3670144830-1670747954-2962517199-1002 -> {012E1000-F331-11DB-8314-0800200C9A66} URL = hxxp://www.google.com/search?q={searchTerms}
BHO: Skype for Business Browser Helper -> {31D09BA0-12F5-4CCE-BE8A-2923E76605DA} -> C:\Program Files\Microsoft Office\Office15\OCHelper.dll [2020-04-15] (Microsoft Corporation -> Microsoft Corporation)
BHO: Microsoft SkyDrive Pro Browser Helper -> {D0498E0A-45B7-42AE-A9AA-ABA463DBD3BF} -> C:\Program Files\Microsoft Office\Office15\GROOVEEX.DLL [2018-07-18] (Microsoft Corporation -> Microsoft Corporation)
BHO-x32: Skype for Business Browser Helper -> {31D09BA0-12F5-4CCE-BE8A-2923E76605DA} -> C:\Program Files (x86)\Microsoft Office\Office15\OCHelper.dll [2020-04-15] (Microsoft Corporation -> Microsoft Corporation)
BHO-x32: Microsoft SkyDrive Pro Browser Helper -> {D0498E0A-45B7-42AE-A9AA-ABA463DBD3BF} -> C:\Program Files (x86)\Microsoft Office\Office15\GROOVEEX.DLL [2018-07-18] (Microsoft Corporation -> Microsoft Corporation)

==================== Hosts content: =========================

(If needed Hosts: directive could be included in the fixlist to reset Hosts.)

2019-03-19 05:49 - 2021-01-20 16:16 - 000000753 _____ C:\WINDOWS\system32\drivers\etc\hosts
127.0.0.1 localhost

==================== Other Areas ===========================

(Currently there is no automatic fix for this section.)

HKLM\System\CurrentControlSet\Control\Session Manager\Environment\\Path -> C:\Program Files (x86)\NVIDIA Corporation\PhysX\Common;C:\WINDOWS\system32;C:\WINDOWS;C:\WINDOWS\System32\Wbem;C:\WINDOWS\System32\WindowsPowerShell\v1.0\;C:\WINDOWS\System32\OpenSSH\;C:\Program Files\NVIDIA Corporation\NVIDIA NvDLISR;C:\Program Files\Calibre2\
HKU\S-1-5-21-3670144830-1670747954-2962517199-1002\Control Panel\Desktop\\Wallpaper -> E:\Foto\Pozadí plochy.bmp
DNS Servers: 212.96.160.6 - 212.96.161.7
HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Policies\System => (ConsentPromptBehaviorAdmin: 5) (ConsentPromptBehaviorUser: 3) (EnableLUA: 1)
HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer => (SmartScreenEnabled: Off)
Windows Firewall is enabled.

==================== MSCONFIG/TASK MANAGER disabled items ==

(If an entry is included in the fixlist, it will be removed.)

HKLM\...\StartupApproved\StartupFolder: => "Avast SecureLine VPN.lnk"
HKLM\...\StartupApproved\Run: => "SecurityHealth"
HKLM\...\StartupApproved\Run: => "NvBackend"
HKLM\...\StartupApproved\Run: => "RTHDVCPL"
HKLM\...\StartupApproved\Run: => "PowerDVD20Agent"
HKLM\...\StartupApproved\Run: => "TuneupUI.exe"
HKLM\...\StartupApproved\Run: => "PWRISOVM.EXE"
HKLM\...\StartupApproved\Run: => "DriverUpdUI.exe"
HKLM\...\StartupApproved\Run32: => "SunJavaUpdateSched"
HKLM\...\StartupApproved\Run32: => "SecurityHealth"
HKLM\...\StartupApproved\Run32: => "NvBackend"
HKLM\...\StartupApproved\Run32: => "PWRISOVM.EXE"
HKLM\...\StartupApproved\Run32: => "PowerDVD20Agent"
HKU\S-1-5-21-3670144830-1670747954-2962517199-1002\...\StartupApproved\Run: => "OneDriveSetup"
HKU\S-1-5-21-3670144830-1670747954-2962517199-1002\...\StartupApproved\Run: => "OneDrive"
HKU\S-1-5-21-3670144830-1670747954-2962517199-1002\...\StartupApproved\Run: => "CCleaner Smart Cleaning"
HKU\S-1-5-21-3670144830-1670747954-2962517199-1002\...\StartupApproved\Run: => "Zoner Photo Studio Service 16"
HKU\S-1-5-21-3670144830-1670747954-2962517199-1002\...\StartupApproved\Run: => "Zoner Photo Studio Autoupdate"
HKU\S-1-5-21-3670144830-1670747954-2962517199-1002\...\StartupApproved\Run: => "CyberlinkPowerPlayerMediaServer"

==================== FirewallRules (Whitelisted) ================

(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)

FirewallRules: [{8C3070C3-6238-4ECE-85C2-372C00BEAB7F}] => (Allow) C:\Program Files\Mozilla Firefox\firefox.exe (Mozilla Corporation -> Mozilla Corporation)
FirewallRules: [{8D9F6756-0DFA-4B22-9146-2EE5434841F2}] => (Allow) C:\Program Files\Mozilla Firefox\firefox.exe (Mozilla Corporation -> Mozilla Corporation)
FirewallRules: [{1F7BFEEC-0436-47F7-B9D1-F19AA88F4388}] => (Allow) C:\Program Files\WindowsApps\Microsoft.SkypeApp_15.63.76.0_x86__kzf8qxf38zg5c\Skype\Skype.exe (Skype Software Sarl -> Skype Technologies S.A.)
FirewallRules: [{97BCBBC4-2075-4B99-AB4E-4FD106FD6F1F}] => (Allow) C:\Program Files\WindowsApps\Microsoft.SkypeApp_15.63.76.0_x86__kzf8qxf38zg5c\Skype\Skype.exe (Skype Software Sarl -> Skype Technologies S.A.)
FirewallRules: [{E3887C08-37A5-46B1-9430-25C843EB2D7E}] => (Allow) C:\Program Files\WindowsApps\Microsoft.SkypeApp_15.63.76.0_x86__kzf8qxf38zg5c\Skype\Skype.exe (Skype Software Sarl -> Skype Technologies S.A.)
FirewallRules: [{140A41F6-B602-44EF-8FAB-0E64D3A96CED}] => (Allow) C:\Program Files\WindowsApps\Microsoft.SkypeApp_15.63.76.0_x86__kzf8qxf38zg5c\Skype\Skype.exe (Skype Software Sarl -> Skype Technologies S.A.)
FirewallRules: [{F85B926F-E03D-4D90-B2A3-9E164EA2AAE8}] => (Allow) C:\Program Files (x86)\FormatFactory\FormatFactory.exe (暇光软件科技(上海)有限公司 -> Free Time Co., Ltd.)
FirewallRules: [{05E3D3B1-BC59-4A49-BE1A-1AB248ACD9A3}] => (Allow) C:\Program Files (x86)\FormatFactory\FormatFactory.exe (暇光软件科技(上海)有限公司 -> Free Time Co., Ltd.)
FirewallRules: [{722FF6B0-04DF-40D1-A782-4E53E97A8477}] => (Allow) C:\Program Files\Microsoft Office\Office15\lync.exe (Microsoft Corporation -> Microsoft Corporation)
FirewallRules: [{028CE70F-5D23-4E6C-8CA1-BD4A5E6D088C}] => (Allow) C:\Program Files\Microsoft Office\Office15\lync.exe (Microsoft Corporation -> Microsoft Corporation)
FirewallRules: [{1DEB7742-6118-41AD-A80B-A834116128E0}] => (Allow) C:\Program Files\Microsoft Office\Office15\UcMapi.exe (Microsoft Corporation -> Microsoft Corporation)
FirewallRules: [{6AB84F71-02E7-4474-B9B8-94E839BFA7EF}] => (Allow) C:\Program Files\Microsoft Office\Office15\UcMapi.exe (Microsoft Corporation -> Microsoft Corporation)
FirewallRules: [{AA4A3C49-38D3-4CC7-85DF-B548486260A8}] => (Allow) C:\Program Files\NVIDIA Corporation\NvContainer\nvcontainer.exe (NVIDIA Corporation -> NVIDIA Corporation)
FirewallRules: [{BDB18E74-377B-481B-9EDC-21DE62C1841A}] => (Allow) C:\Program Files\NVIDIA Corporation\NvContainer\nvcontainer.exe (NVIDIA Corporation -> NVIDIA Corporation)
FirewallRules: [{72BE112C-76E4-42B0-876B-47D34DE0835D}] => (Allow) C:\Program Files\NVIDIA Corporation\NvContainer\nvcontainer.exe (NVIDIA Corporation -> NVIDIA Corporation)
FirewallRules: [{ACAB3B1D-6607-44F9-A3C8-A6E095CF720C}] => (Allow) C:\Program Files\NVIDIA Corporation\NvContainer\nvcontainer.exe (NVIDIA Corporation -> NVIDIA Corporation)
FirewallRules: [{AA1EB3D6-A9F4-47EB-82EB-ADE8D3E2E5A7}] => (Allow) C:\Program Files\NVIDIA Corporation\NvStreamSrv\nvstreamer.exe (NVIDIA Corporation -> NVIDIA Corporation)
FirewallRules: [{B4E12168-5488-43CA-8517-3ACBAF9AD30C}] => (Allow) C:\Program Files\NVIDIA Corporation\NvStreamSrv\nvstreamer.exe (NVIDIA Corporation -> NVIDIA Corporation)
FirewallRules: [{CBE2BAD3-C5C8-4C63-948D-78BBE7EAFB46}] => (Allow) C:\Program Files (x86)\FormatFactory\FormatFactory.exe (暇光软件科技(上海)有限公司 -> Free Time Co., Ltd.)
FirewallRules: [{9CACF243-3600-491E-9AE8-C20D94527D5C}] => (Allow) C:\Program Files (x86)\FormatFactory\FormatFactory.exe (暇光软件科技(上海)有限公司 -> Free Time Co., Ltd.)
FirewallRules: [{616D17AF-E40A-40EB-A6FD-2542891D3245}] => (Allow) C:\Program Files\Microsoft Office\Office15\lync.exe (Microsoft Corporation -> Microsoft Corporation)
FirewallRules: [{A5188F5E-07F8-433C-9DFD-B9C1A44885DB}] => (Allow) C:\Program Files\Microsoft Office\Office15\lync.exe (Microsoft Corporation -> Microsoft Corporation)
FirewallRules: [{C4578A91-8E63-4EF2-9900-1EB24A06229E}] => (Allow) C:\Program Files\Microsoft Office\Office15\UcMapi.exe (Microsoft Corporation -> Microsoft Corporation)
FirewallRules: [{9AED6DEE-6757-4C50-BC8B-6020A4B4710C}] => (Allow) C:\Program Files\Microsoft Office\Office15\UcMapi.exe (Microsoft Corporation -> Microsoft Corporation)
FirewallRules: [{9085EEB5-8762-490A-9A64-0C77E1BCB66B}] => (Allow) C:\Program Files (x86)\FormatFactory\FormatFactory.exe (暇光软件科技(上海)有限公司 -> Free Time Co., Ltd.)
FirewallRules: [{ED0172D2-8590-4E16-BB79-7BA770012652}] => (Allow) C:\Program Files\Google\Chrome\Application\chrome.exe (Google LLC -> Google LLC)
FirewallRules: [{33371334-535E-4F72-9C85-693FE36F2697}] => (Allow) C:\Program Files (x86)\FormatFactory\FormatFactory.exe (暇光软件科技(上海)有限公司 -> Free Time Co., Ltd.)
FirewallRules: [{DA62B04C-914B-4A8A-BEE5-1C4C83BCF0DF}] => (Allow) C:\Program Files\CyberLink\PowerDVD20\PowerDVD.exe (CyberLink Corp. -> CyberLink Corp.)
FirewallRules: [{D83B7CA5-B6E5-4BB7-95DB-8DCDF15A0E49}] => (Allow) C:\Program Files\CyberLink\PowerDVD20\ShareModule32\Kernel\DMS\CLMSServerPDVD20.exe (CyberLink Corp. -> CyberLink)
FirewallRules: [{D1A28C25-AFFE-4D75-BA71-5A41D3FB167F}] => (Allow) C:\Program Files\CyberLink\PowerDVD20\PowerDVD20Agent.exe (CyberLink Corp. -> CyberLink Corp.)
FirewallRules: [{909E8704-F6C6-42A0-9828-B0BCCE275DD5}] => (Allow) C:\Program Files\CyberLink\PowerDVD20\Movie\PowerDVDMovie.exe (CyberLink Corp. -> CyberLink Corp.)
FirewallRules: [{9211387F-92BD-45E9-8C56-41DB24506577}] => (Allow) C:\Program Files\CyberLink\PowerDVD20\CastingStation.exe (CyberLink Corp. -> CyberLink Corp.)
FirewallRules: [{092D6786-3DD2-405C-AD7B-BFBAAF631BE4}] => (Allow) C:\Program Files\CyberLink\PowerDVD20\Common\CLMediaServer\clmediaserver.exe (CyberLink Corp. -> CyberLink Corp.)
FirewallRules: [{86EFF522-8CF7-4BA2-A278-A6DEB3E5D769}] => (Allow) C:\Program Files\CyberLink\PowerDVD20\Common\dynamic_transcode.exe (CyberLink Corp. -> CyberLink Corp.)
FirewallRules: [{C8FCC4B4-AE8B-471F-970A-4BE84ADD6ADA}] => (Allow) C:\Program Files\CyberLink\PowerDVD20\Common\CLMediaServer\clmediaserver.exe (CyberLink Corp. -> CyberLink Corp.)
FirewallRules: [{4B6A49CF-B3A3-4749-BDA5-04610901343E}] => (Allow) LPort=31300

==================== Restore Points =========================

05-02-2021 17:44:12 Windows Modules Installer
06-02-2021 16:01:23 Windows Modules Installer
09-02-2021 11:47:18 Windows Modules Installer

==================== Faulty Device Manager Devices ============


==================== Event log errors: ========================

Application errors:
==================
Error: (02/12/2021 05:40:38 PM) (Source: Application Error) (EventID: 1000) (User: )
Description: Název chybující aplikace: DriverUpdSvc.exe, verze: 20.2.1042.0, časové razítko: 0x5ff30f75
Název chybujícího modulu: ucrtbase.dll, verze: 10.0.19041.546, časové razítko: 0x43cbc11d
Kód výjimky: 0xc0000409
Posun chyby: 0x000000000007287e
ID chybujícího procesu: 0xcf4
Čas spuštění chybující aplikace: 0x01d7015dca5090cb
Cesta k chybující aplikaci: C:\Program Files\Avast Software\Driver Updater\DriverUpdSvc.exe
Cesta k chybujícímu modulu: C:\WINDOWS\System32\ucrtbase.dll
ID zprávy: 68df8dbc-a85e-4561-8993-e8afff3e2c8a
Úplný název chybujícího balíčku:
ID aplikace související s chybujícím balíčkem:

Error: (02/12/2021 05:40:23 PM) (Source: Application Error) (EventID: 1000) (User: )
Description: Název chybující aplikace: DriverUpdSvc.exe, verze: 20.2.1042.0, časové razítko: 0x5ff30f75
Název chybujícího modulu: ucrtbase.dll, verze: 10.0.19041.546, časové razítko: 0x43cbc11d
Kód výjimky: 0xc0000409
Posun chyby: 0x000000000007287e
ID chybujícího procesu: 0x1c8c
Čas spuštění chybující aplikace: 0x01d7015dbe072200
Cesta k chybující aplikaci: C:\Program Files\Avast Software\Driver Updater\DriverUpdSvc.exe
Cesta k chybujícímu modulu: C:\WINDOWS\System32\ucrtbase.dll
ID zprávy: 748ca0fc-8d1c-4d0a-aea4-486ca5853da7
Úplný název chybujícího balíčku:
ID aplikace související s chybujícím balíčkem:

Error: (02/12/2021 05:40:03 PM) (Source: Application Error) (EventID: 1000) (User: )
Description: Název chybující aplikace: DriverUpdSvc.exe, verze: 20.2.1042.0, časové razítko: 0x5ff30f75
Název chybujícího modulu: ucrtbase.dll, verze: 10.0.19041.546, časové razítko: 0x43cbc11d
Kód výjimky: 0xc0000409
Posun chyby: 0x000000000007287e
ID chybujícího procesu: 0x1ac8
Čas spuštění chybující aplikace: 0x01d7015db4cc94b2
Cesta k chybující aplikaci: C:\Program Files\Avast Software\Driver Updater\DriverUpdSvc.exe
Cesta k chybujícímu modulu: C:\WINDOWS\System32\ucrtbase.dll
ID zprávy: 0188f2fb-0ed5-42f6-99ba-69de7fb8e196
Úplný název chybujícího balíčku:
ID aplikace související s chybujícím balíčkem:

Error: (02/12/2021 05:39:45 PM) (Source: Application Error) (EventID: 1000) (User: )
Description: Název chybující aplikace: DriverUpdSvc.exe, verze: 20.2.1042.0, časové razítko: 0x5ff30f75
Název chybujícího modulu: ucrtbase.dll, verze: 10.0.19041.546, časové razítko: 0x43cbc11d
Kód výjimky: 0xc0000409
Posun chyby: 0x000000000007287e
ID chybujícího procesu: 0xe74
Čas spuštění chybující aplikace: 0x01d7015da8e775fa
Cesta k chybující aplikaci: C:\Program Files\Avast Software\Driver Updater\DriverUpdSvc.exe
Cesta k chybujícímu modulu: C:\WINDOWS\System32\ucrtbase.dll
ID zprávy: 7be3f3fb-8635-4411-a93e-2d4834bd07af
Úplný název chybujícího balíčku:
ID aplikace související s chybujícím balíčkem:

Error: (02/12/2021 01:31:05 PM) (Source: Application Error) (EventID: 1000) (User: )
Description: Název chybující aplikace: bad_module_info, verze: 0.0.0.0, časové razítko: 0x00000000
Název chybujícího modulu: unknown, verze: 0.0.0.0, časové razítko: 0x00000000
Kód výjimky: 0x00000000
Posun chyby: 0x0000000000000000
ID chybujícího procesu: 0x65c
Čas spuštění chybující aplikace: 0x01d7013aed5a3fa7
Cesta k chybující aplikaci: bad_module_info
Cesta k chybujícímu modulu: unknown
ID zprávy: 85677ccc-645a-4fd6-aad0-196df1d86925
Úplný název chybujícího balíčku:
ID aplikace související s chybujícím balíčkem:

Error: (02/12/2021 12:11:22 PM) (Source: Application Error) (EventID: 1000) (User: )
Description: Název chybující aplikace: DriverUpdSvc.exe, verze: 20.2.1042.0, časové razítko: 0x5ff30f75
Název chybujícího modulu: ucrtbase.dll, verze: 10.0.19041.546, časové razítko: 0x43cbc11d
Kód výjimky: 0xc0000409
Posun chyby: 0x000000000007287e
ID chybujícího procesu: 0x91c
Čas spuštění chybující aplikace: 0x01d7012fcb9fbd64
Cesta k chybující aplikaci: C:\Program Files\Avast Software\Driver Updater\DriverUpdSvc.exe
Cesta k chybujícímu modulu: C:\WINDOWS\System32\ucrtbase.dll
ID zprávy: 2041bbae-4869-478f-8bc0-22af20981bd4
Úplný název chybujícího balíčku:
ID aplikace související s chybujícím balíčkem:

Error: (02/12/2021 12:11:08 PM) (Source: Application Error) (EventID: 1000) (User: )
Description: Název chybující aplikace: DriverUpdSvc.exe, verze: 20.2.1042.0, časové razítko: 0x5ff30f75
Název chybujícího modulu: ucrtbase.dll, verze: 10.0.19041.546, časové razítko: 0x43cbc11d
Kód výjimky: 0xc0000409
Posun chyby: 0x000000000007287e
ID chybujícího procesu: 0x21b0
Čas spuštění chybující aplikace: 0x01d7012fc251f7fd
Cesta k chybující aplikaci: C:\Program Files\Avast Software\Driver Updater\DriverUpdSvc.exe
Cesta k chybujícímu modulu: C:\WINDOWS\System32\ucrtbase.dll
ID zprávy: 188c5426-0816-433a-ad96-f34ddca50681
Úplný název chybujícího balíčku:
ID aplikace související s chybujícím balíčkem:

Error: (02/12/2021 12:10:44 PM) (Source: Application Error) (EventID: 1000) (User: )
Description: Název chybující aplikace: DriverUpdSvc.exe, verze: 20.2.1042.0, časové razítko: 0x5ff30f75
Název chybujícího modulu: ucrtbase.dll, verze: 10.0.19041.546, časové razítko: 0x43cbc11d
Kód výjimky: 0xc0000409
Posun chyby: 0x000000000007287e
ID chybujícího procesu: 0xd6c
Čas spuštění chybující aplikace: 0x01d7012fb2cbb6fe
Cesta k chybující aplikaci: C:\Program Files\Avast Software\Driver Updater\DriverUpdSvc.exe
Cesta k chybujícímu modulu: C:\WINDOWS\System32\ucrtbase.dll
ID zprávy: f35928ca-d6bc-4ca8-a364-7380584ada72
Úplný název chybujícího balíčku:
ID aplikace související s chybujícím balíčkem:


System errors:
=============
Error: (02/12/2021 07:41:09 PM) (Source: Service Control Manager) (EventID: 7031) (User: )
Description: Služba NVIDIA LocalSystem Container byla nečekaně ukončena. Stalo se to 2 krát. Následující opravná akce bude spuštěna za 8000 milisekund: Restart the service.

Error: (02/12/2021 07:41:09 PM) (Source: Service Control Manager) (EventID: 7023) (User: )
Description: Služba NVIDIA LocalSystem Container byla ukončena s následující chybou:
Obecný spustitelný příkaz vrátil výsledek označující selhání.

Error: (02/12/2021 07:41:01 PM) (Source: Service Control Manager) (EventID: 7031) (User: )
Description: Služba NVIDIA LocalSystem Container byla nečekaně ukončena. Stalo se to 1 krát. Následující opravná akce bude spuštěna za 6000 milisekund: Restart the service.

Error: (02/12/2021 07:41:01 PM) (Source: Service Control Manager) (EventID: 7023) (User: )
Description: Služba NVIDIA LocalSystem Container byla ukončena s následující chybou:
Obecný spustitelný příkaz vrátil výsledek označující selhání.

Error: (02/12/2021 07:40:50 PM) (Source: Service Control Manager) (EventID: 7031) (User: )
Description: Služba NVIDIA LocalSystem Container byla nečekaně ukončena. Stalo se to 2 krát. Následující opravná akce bude spuštěna za 8000 milisekund: Restart the service.

Error: (02/12/2021 07:40:50 PM) (Source: Service Control Manager) (EventID: 7023) (User: )
Description: Služba NVIDIA LocalSystem Container byla ukončena s následující chybou:
Obecný spustitelný příkaz vrátil výsledek označující selhání.

Error: (02/12/2021 07:40:43 PM) (Source: Service Control Manager) (EventID: 7031) (User: )
Description: Služba NVIDIA LocalSystem Container byla nečekaně ukončena. Stalo se to 1 krát. Následující opravná akce bude spuštěna za 6000 milisekund: Restart the service.

Error: (02/12/2021 07:40:43 PM) (Source: Service Control Manager) (EventID: 7023) (User: )
Description: Služba NVIDIA LocalSystem Container byla ukončena s následující chybou:
Obecný spustitelný příkaz vrátil výsledek označující selhání.

Windows Defender:
=================

Date: 2020-12-19 13:33:30.7770000Z
Description:
Microsoft Defender Antivirus zjistil malware nebo jin� potenci�lne ne��douc� software.
Dal�� informace:
https://go.microsoft.com/fwlink/?linkid ... terprise=0
N�zev: PUA:Win32/DriverPack
ID: 234392
Z�va�nost: Low
Kategorie: Potentially Unwanted Software
Cesta: file:_C:\Users\Kengura\Desktop\DriverPack-17-Online.exe
Puvod detekce: Local machine
Typ detekce: Concrete
Zdroj detekce: Real-Time Protection
U�ivatel: DESKTOP-956HS9G\Kengura
N�zev procesu: C:\Windows\explorer.exe
Verze bezpecnostn�ch informac�: AV: 1.329.658.0, AS: 1.329.658.0, NIS: 1.329.658.0
Verze modulu: AM: 1.1.17700.4, NIS: 1.1.17700.4

Date: 2020-12-17 16:07:35.9380000Z
Description:
Microsoft Defender Antivirus zjistil malware nebo jin� potenci�lne ne��douc� software.
Dal�� informace:
https://go.microsoft.com/fwlink/?linkid ... terprise=0
N�zev: PUA:Win32/AskToolbar
ID: 227072
Z�va�nost: Low
Kategorie: Potentially Unwanted Software
Cesta: file:_E:\Instal\The_KMPlayer_1435.exe
Puvod detekce: Local machine
Typ detekce: FastPath
Zdroj detekce: Real-Time Protection
U�ivatel: DESKTOP-956HS9G\Kengura
N�zev procesu: C:\Windows\explorer.exe
Verze bezpecnostn�ch informac�: AV: 1.329.551.0, AS: 1.329.551.0, NIS: 1.329.551.0
Verze modulu: AM: 1.1.17700.4, NIS: 1.1.17700.4

Date: 2020-12-17 16:01:45.7880000Z
Description:
Microsoft Defender Antivirus zjistil malware nebo jin� potenci�lne ne��douc� software.
Dal�� informace:
https://go.microsoft.com/fwlink/?linkid ... terprise=0
N�zev: PUA:Win32/FusionCore
ID: 229442
Z�va�nost: Low
Kategorie: Potentially Unwanted Software
Cesta: file:_E:\Instal\FFSetup4.10.5.0.exe
Puvod detekce: Local machine
Typ detekce: FastPath
Zdroj detekce: System
U�ivatel: NT AUTHORITY\SYSTEM
N�zev procesu: Unknown
Verze bezpecnostn�ch informac�: AV: 1.329.545.0, AS: 1.329.545.0, NIS: 1.329.545.0
Verze modulu: AM: 1.1.17700.4, NIS: 1.1.17700.4

Date: 2020-12-17 13:17:10.0850000Z
Description:
Prohled�v�n� Microsoft Defender Antivirus bylo zastaveno pred dokoncen�m.
ID prohled�v�n�: {FBC3A124-3EEA-4F95-BAB6-631EBE6250D7}
Typ prohled�v�n�: Antimalware
Parametry prohled�v�n�: Full Scan
U�ivatel: DESKTOP-956HS9G\Kengura

Date: 2020-12-17 13:17:10.0780000Z
Description:
Microsoft Defender Antivirus zjistil malware nebo jin� potenci�lne ne��douc� software.
Dal�� informace:
https://go.microsoft.com/fwlink/?linkid ... terprise=0
N�zev: HackTool:Win32/Crack
ID: 2147734096
Z�va�nost: High
Kategorie: Tool
Cesta: file:_C:\Program Files (x86)\Bethesda Softworks\The Elder Scrolls V Skyrim - Legendary Edition\steam_api.dll
Puvod detekce: Local machine
Typ detekce: Concrete
Zdroj detekce: User
U�ivatel: DESKTOP-956HS9G\Kengura
N�zev procesu: Unknown
Verze bezpecnostn�ch informac�: AV: 1.329.537.0, AS: 1.329.537.0, NIS: 1.329.537.0
Verze modulu: AM: 1.1.17700.4, NIS: 1.1.17700.4

Date: 2021-01-19 14:18:25.5600000Z
Description:
Microsoft Defender Antivirus narazil na chybu pri pokusu o aktualizaci bezpecnostn�ch informac�.
Nov� verze bezpecnostn�ch informac�: 1.329.2468.0
Predchoz� verze bezpecnostn�ch informac�: 1.329.722.0
Zdroj aktualizace: User
Typ bezpecnostn�ch informac�: AntiSpyware
Typ aktualizace: Delta
U�ivatel: NT AUTHORITY\SYSTEM
Aktu�ln� verze modulu: 1.1.17700.4
Predchoz� verze modulu: 1.1.17700.4
K�d chyby: 0x80509004
Popis chyby: An unexpected problem occurred. Install any available updates, and then try to start the program again. For information on installing updates, see Help and Support.

Date: 2021-01-19 14:18:25.5570000Z
Description:
Microsoft Defender Antivirus narazil na chybu pri pokusu o aktualizaci bezpecnostn�ch informac�.
Nov� verze bezpecnostn�ch informac�: 1.329.2468.0
Predchoz� verze bezpecnostn�ch informac�: 1.329.722.0
Zdroj aktualizace: User
Typ bezpecnostn�ch informac�: AntiVirus
Typ aktualizace: Delta
U�ivatel: NT AUTHORITY\SYSTEM
Aktu�ln� verze modulu: 1.1.17700.4
Predchoz� verze modulu: 1.1.17700.4
K�d chyby: 0x80509004
Popis chyby: An unexpected problem occurred. Install any available updates, and then try to start the program again. For information on installing updates, see Help and Support.

Date: 2020-12-17 10:36:25.1760000Z
Description:
Microsoft Defender Antivirus narazil na chybu pri pokusu o nacten� bezpecnostn�ch informac� a pokus� se o obnoven� posledn� zn�m� funkcn� verze.
Bezpecnostn� informace, kter� se mely nac�st: Current
K�d chyby: 0x80070003
Popis chyby: The system cannot find the path specified.
Verze bezpecnostn�ch informac�: 0.0.0.0;0.0.0.0
Verze modulu: 0.0.0.0

Date: 2020-11-11 12:57:02.2150000Z
Description:
Antivirov� ochrana v programu Microsoft Defender narazil na chybu pri pokusu o aktualizaci bezpecnostn�ch informac�.
Nov� verze bezpecnostn�ch informac�:
Predchoz� verze bezpecnostn�ch informac�: 1.323.46.0
Zdroj aktualizace: Server Microsoft Update
Typ bezpecnostn�ch informac�: Antivirov� program
Typ aktualizace: �pln�
U�ivatel: NT AUTHORITY\SYSTEM
Aktu�ln� verze modulu:
Predchoz� verze modulu: 1.1.17400.5
K�d chyby: 0x80240022
Popis chyby: The program can't check for definition updates.

Date: 2020-11-11 12:57:02.2120000Z
Description:
Antivirov� ochrana v programu Microsoft Defender narazil na chybu pri pokusu o aktualizaci bezpecnostn�ch informac�.
Nov� verze bezpecnostn�ch informac�:
Predchoz� verze bezpecnostn�ch informac�: 1.323.46.0
Zdroj aktualizace: Server Microsoft Update
Typ bezpecnostn�ch informac�: Antivirov� program
Typ aktualizace: �pln�
U�ivatel: NT AUTHORITY\SYSTEM
Aktu�ln� verze modulu:
Predchoz� verze modulu: 1.1.17400.5
K�d chyby: 0x80240022
Popis chyby: The program can't check for definition updates.
CodeIntegrity:
=================

Date: 2021-02-12 18:12:58.6230000Z
Description:
Code Integrity determined that a process (\Device\HarddiskVolume2\Program Files\Google\Chrome\Application\chrome.exe) attempted to load \Device\HarddiskVolume2\Program Files\Avast Software\Avast\aswhook.dll that did not meet the Microsoft signing level requirements.

Date: 2021-02-12 18:12:46.8030000Z
Description:
Code Integrity determined that a process (\Device\HarddiskVolume2\Program Files\Google\Chrome\Application\chrome.exe) attempted to load \Device\HarddiskVolume2\Program Files\Avast Software\Avast\aswhook.dll that did not meet the Microsoft signing level requirements.

Date: 2021-02-12 18:10:41.9640000Z
Description:
Code Integrity determined that a process (\Device\HarddiskVolume2\Program Files\Google\Chrome\Application\chrome.exe) attempted to load \Device\HarddiskVolume2\Program Files\Avast Software\Avast\aswhook.dll that did not meet the Microsoft signing level requirements.

Date: 2021-02-12 18:10:36.2860000Z
Description:
Code Integrity determined that a process (\Device\HarddiskVolume2\Program Files\Google\Chrome\Application\chrome.exe) attempted to load \Device\HarddiskVolume2\Program Files\Avast Software\Avast\aswhook.dll that did not meet the Microsoft signing level requirements.

Date: 2021-02-12 18:10:34.3550000Z
Description:
Code Integrity determined that a process (\Device\HarddiskVolume2\Program Files\Google\Chrome\Application\chrome.exe) attempted to load \Device\HarddiskVolume2\Program Files\Avast Software\Avast\aswhook.dll that did not meet the Microsoft signing level requirements.

Date: 2021-02-12 18:09:48.1030000Z
Description:
Code Integrity determined that a process (\Device\HarddiskVolume2\Program Files\Google\Chrome\Application\chrome.exe) attempted to load \Device\HarddiskVolume2\Program Files\Avast Software\Avast\aswhook.dll that did not meet the Microsoft signing level requirements.

Date: 2021-02-12 18:09:46.8230000Z
Description:
Code Integrity determined that a process (\Device\HarddiskVolume2\Program Files\Google\Chrome\Application\chrome.exe) attempted to load \Device\HarddiskVolume2\Program Files\Avast Software\Avast\aswhook.dll that did not meet the Microsoft signing level requirements.

Date: 2021-02-12 18:09:46.2500000Z
Description:
Code Integrity determined that a process (\Device\HarddiskVolume2\Program Files\Google\Chrome\Application\chrome.exe) attempted to load \Device\HarddiskVolume2\Program Files\Avast Software\Avast\aswhook.dll that did not meet the Microsoft signing level requirements.

==================== Memory info ===========================

BIOS: American Megatrends Inc. P1.30 08/23/2013
Motherboard: ASRock 960GC-GS FX
Processor: AMD Athlon(tm) Dual Core Processor 4850e
Percentage of memory in use: 67%
Total physical RAM: 3839.23 MB
Available physical RAM: 1259.57 MB
Total Virtual: 7679.23 MB
Available Virtual: 4959.61 MB

==================== Drives ================================

Drive c: () (Fixed) (Total:482.8 GB) (Free:415.37 GB) NTFS
Drive d: (PHILIPS UFD) (Removable) (Total:7.28 GB) (Free:0.44 GB) NTFS
Drive e: (Data) (Fixed) (Total:448.11 GB) (Free:172.25 GB) NTFS

\\?\Volume{0e265546-0000-0000-0000-100000000000}\ (Rezervováno systémem) (Fixed) (Total:0.1 GB) (Free:0.05 GB) NTFS
\\?\Volume{0e265546-0000-0000-0000-80b978000000}\ () (Fixed) (Total:0.5 GB) (Free:0.08 GB) NTFS

==================== MBR & Partition Table ====================

==========================================================
Disk: 0 (MBR Code: Windows 7/8/10) (Size: 931.5 GB) (Disk ID: 0E265546)
Partition 1: (Active) - (Size=100 MB) - (Type=07 NTFS)
Partition 2: (Not Active) - (Size=482.8 GB) - (Type=07 NTFS)
Partition 3: (Not Active) - (Size=512 MB) - (Type=27)
Partition 4: (Not Active) - (Size=448.1 GB) - (Type=07 NTFS)

==========================================================
Disk: 1 (Size: 7.3 GB) (Disk ID: 0E62F8E5)
Partition 1: (Not Active) - (Size=7.3 GB) - (Type=07 NTFS)

==================== End of Addition.txt =======================

Uživatelský avatar
Diallix
Rádce
Rádce
Příspěvky: 2760
Registrován: 27 dub 2008 10:34
Kontaktovat uživatele:

Re: Prosím o preventivní kontrolu

#8 Příspěvek od Diallix »

Logy nie su kompletne
Vyšla moja nová kniha BOTNETY! :173: Informácie o nej nájdete tu: >> BOTNETY <<

¯­­­¯­­­¯­­­¯­­­¯­­­¯­­­¯­­­¯­­­¯­­­¯­­­¯­­­¯­­­¯­­­¯­­­¯­­­¯­­­¯­­­¯­­­¯­­­¯­­­¯­­­¯­­­¯­­­¯­­­¯­­­¯­­­¯­­­¯­­­¯­­­¯­­­¯­­­¯­­­¯­­­¯­­­¯­­­¯­­­¯­­­¯­­­¯­­­¯­­­¯­­­¯­­­¯­­­¯­­­¯­­­¯­­­¯­­­¯­­­¯­­­¯­­­¯­­­¯­­­¯­­­¯­­­¯­­­¯­­­¯­­­¯­­­¯­­­¯­­­¯­­­¯­­­¯­­­¯­­­¯­­­¯­­­¯­­­¯­­­¯­­­¯­­­¯­­­¯­­­¯­­­¯­­­¯­­­¯­­­¯­­­¯­­­¯­­­¯­­­¯­­­¯­­­¯­­­¯­­­¯­­­¯­­­¯­­­¯­­­¯­­­¯­­­¯­­­¯­­­¯­­­¯­­­¯­­­¯­­­¯­­­¯­­­¯­­­¯­­­¯­­­¯­­­¯­­­¯­­­¯­­­¯­­­¯­­­¯­­­¯­­­¯­­­¯­­­¯­­­¯­­­¯­­­¯­­­¯­­­¯­­­¯­­­¯­­­¯­­­¯­­­¯­­­¯­­­¯­­­¯­­­¯­­­¯­­­¯­­­¯­­­¯­­­¯­­­¯­­­¯­­­¯­­­¯­­­¯­­­¯­­­¯­­­¯­­­¯­­­¯­­­
---
Obrázek Hľadáme nové posily do nášej CyberSecurity UNIT jednotky. Viac informácií o tom, čo to obnáša a ako sa pripojiť nájdete tu: >> CyberSecurity UNIT << Obrázek
----
Nízkoúrovňový, Vysokoúrovňový programátor - profilová karta tu: card <<
----
Háveťárna - UPLOAD Malwaru: >> upload <<
---
Ak sa Vám ľúbi moja práca a ste sňou spokojný, môžete ma kontaktovať na: diallix@centrum.sk, info@diallix.net alebo diallix@forum.viry.cz .
---
Momentálne aktívny ako:
- konzultant, vývojár a tutor výskumu inteligentného malwaru.
- tutor v oblasti dotazovacích jazykoch SQL (TSQL, PLSQL), objektového programovania (c++,c#,php) pre študentov.

Na fóre pôsobím ako:
- Bezpečnostná autorita viry.cz
- Zástupca tutora pre vzdelávanie nováčikov
- Zakladateľ Cyber Security jednotky

kemgura07
Návštěvník
Návštěvník
Příspěvky: 43
Registrován: 26 lis 2019 22:56

Re: Prosím o preventivní kontrolu

#9 Příspěvek od kemgura07 »

==================== Internet (Whitelisted) ====================

(If an item is included in the fixlist, if it is a registry item it will be removed or restored to default.)

Tcpip\Parameters: [DhcpNameServer] 212.96.160.6 212.96.161.7
Tcpip\..\Interfaces\{adf0c0f2-0c58-455c-a3d5-cd2ef4d4bb55}: [DhcpNameServer] 212.96.160.6 212.96.161.7

Edge:
=======
DownloadDir: C:\Users\Kengura\Downloads
Edge DefaultProfile: Default
Edge HKLM-x32\...\Edge\Extension: [ihcjicgdanjaechkgeegckofjjedodee]

FireFox:
========
FF DefaultProfile: jmsljlgl.default
FF ProfilePath: C:\Users\Kengura\AppData\Roaming\Mozilla\Firefox\Profiles\jmsljlgl.default [2021-02-12]
FF Homepage: Mozilla\Firefox\Profiles\jmsljlgl.default -> about:home
FF NewTab: Mozilla\Firefox\Profiles\jmsljlgl.default -> about:newtab
FF Extension: (Facebook Container) - C:\Users\Kengura\AppData\Roaming\Mozilla\Firefox\Profiles\jmsljlgl.default\Extensions\@contain-facebook.xpi [2020-09-23]
FF ProfilePath: C:\Users\Kengura\AppData\Roaming\Mozilla\Firefox\Profiles\neqb5u83.default-release-1605118126751 [2021-02-12]
FF Homepage: Mozilla\Firefox\Profiles\neqb5u83.default-release-1605118126751 -> hxxps://www.seznam.cz/
FF NewTab: Mozilla\Firefox\Profiles\neqb5u83.default-release-1605118126751 -> about:newtab
FF Notifications: Mozilla\Firefox\Profiles\neqb5u83.default-release-1605118126751 -> hxxps://forum24.os.tc; hxxps://aukro.cz; hxxps://www.reflex.cz
FF Extension: (Facebook Container) - C:\Users\Kengura\AppData\Roaming\Mozilla\Firefox\Profiles\neqb5u83.default-release-1605118126751\Extensions\@contain-facebook.xpi [2020-11-11]
FF Plugin-x32: @microsoft.com/Lync,version=15.0 -> C:\Program Files (x86)\Mozilla Firefox\plugins\npmeetingjoinpluginoc.dll [2019-06-25] (Microsoft Corporation -> Microsoft Corporation)
FF Plugin-x32: @microsoft.com/SharePoint,version=14.0 -> C:\PROGRA~2\MICROS~1\Office15\NPSPWRAP.DLL [2014-01-22] (Microsoft Corporation -> Microsoft Corporation)
FF Plugin-x32: @nvidia.com/3DVision -> C:\Program Files (x86)\NVIDIA Corporation\3D Vision\npnv3dv.dll [2016-11-14] (NVIDIA Corporation PE Sign v2016 -> NVIDIA Corporation) [File not signed]
FF Plugin-x32: @nvidia.com/3DVisionStreaming -> C:\Program Files (x86)\NVIDIA Corporation\3D Vision\npnv3dvstreaming.dll [2016-11-14] (NVIDIA Corporation PE Sign v2016 -> NVIDIA Corporation) [File not signed]
FF Plugin-x32: Adobe Reader -> C:\Program Files (x86)\Adobe\Acrobat Reader DC\Reader\AIR\nppdf32.dll [2020-12-07] (Adobe Inc. -> Adobe Systems Inc.)

Chrome:
=======
CHR DefaultProfile: Default
CHR Profile: C:\Users\Kengura\AppData\Local\Google\Chrome\User Data\Default [2021-02-12]
CHR StartupUrls: Default -> "hxxps://www.centrum.cz/"
CHR DefaultSearchURL: Default -> hxxps://search.yahoo.com/search?fr=mcafee_uninternational&type=E210CZ91082G91461&p={searchTerms}
CHR DefaultSearchKeyword: Default -> mcafee
CHR Extension: (Dokumenty) - C:\Users\Kengura\AppData\Local\Google\Chrome\User Data\Default\Extensions\aohghmighlieiainnegkcijnfilokake [2021-01-20]
CHR Extension: (Disk Google) - C:\Users\Kengura\AppData\Local\Google\Chrome\User Data\Default\Extensions\apdfllckaahabafndbhieahigkjlhalf [2021-01-20]
CHR Extension: (YouTube) - C:\Users\Kengura\AppData\Local\Google\Chrome\User Data\Default\Extensions\blpcfgokakmgnkcojhhkbfbldkacnbeo [2021-01-20]
CHR Extension: (Dokumenty Google offline) - C:\Users\Kengura\AppData\Local\Google\Chrome\User Data\Default\Extensions\ghbmnnjooekpmoecnnnilnnbdlolhkhi [2021-01-20]
CHR Extension: (Platby Internetového obchodu Chrome) - C:\Users\Kengura\AppData\Local\Google\Chrome\User Data\Default\Extensions\nmmhkkegccagdldgiimedpiccmgmieda [2021-01-30]
CHR Extension: (Gmail) - C:\Users\Kengura\AppData\Local\Google\Chrome\User Data\Default\Extensions\pjkljhegncpnkpknbcohdijeoejaedia [2021-01-20]
CHR Extension: (Chrome Media Router) - C:\Users\Kengura\AppData\Local\Google\Chrome\User Data\Default\Extensions\pkedcjkdefgpdelpbcmbmeomcjbeemfm [2021-01-26]
CHR Profile: C:\Users\Kengura\AppData\Local\Google\Chrome\User Data\Guest Profile [2021-02-12]
CHR Profile: C:\Users\Kengura\AppData\Local\Google\Chrome\User Data\System Profile [2021-02-12]
CHR HKLM-x32\...\Chrome\Extension: [ihcjicgdanjaechkgeegckofjjedodee]

Opera:
=======
OPR Profile: C:\Users\Kengura\AppData\Roaming\Opera Software\Opera Stable [2021-01-30]
OPR DefaultSuggestURL: Opera Stable -> hxxps://www.google.com/complete/search?client=o ... utEncoding}

==================== Services (Whitelisted) ===================

(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)

S4 AdobeARMservice; C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\armsvc.exe [170056 2020-11-03] (Adobe Inc. -> Adobe Inc.)
R3 aswbIDSAgent; C:\Program Files\Avast Software\Avast\aswidsagent.exe [8477080 2020-12-20] (Avast Software s.r.o. -> AVAST Software)
R2 avast! Antivirus; C:\Program Files\Avast Software\Avast\AvastSvc.exe [621728 2020-12-20] (Avast Software s.r.o. -> AVAST Software)
R2 avast! Firewall; C:\Program Files\Avast Software\Avast\afwServ.exe [1230608 2021-01-13] (Avast Software s.r.o. -> AVAST Software)
R2 avast! Tools; C:\Program Files\Avast Software\Avast\aswToolsSvc.exe [351848 2020-12-20] (Avast Software s.r.o. -> AVAST Software)
R2 AvastWscReporter; C:\Program Files\Avast Software\Avast\wsc_proxy.exe [58048 2020-12-20] (Avast Software s.r.o. -> AVAST Software)
S2 DriverUpdSvc; C:\Program Files\Avast Software\Driver Updater\DriverUpdSvc.exe [5986528 2021-01-13] (Avast Software s.r.o. -> AVAST Software)
S3 FvSvc; C:\Program Files\NVIDIA Corporation\FrameViewSDK\nvfvsdksvc_x64.exe [287720 2020-10-19] (NVIDIA Corporation -> NVIDIA)
S3 Sense; C:\Program Files\Windows Defender Advanced Threat Protection\MsSense.exe [5197552 2020-12-01] (Microsoft Windows Publisher -> Microsoft Corporation)
S3 WdNisSvc; C:\ProgramData\Microsoft\Windows Defender\platform\4.18.2011.6-0\NisSrv.exe [2491880 2020-12-15] (Microsoft Windows Publisher -> Microsoft Corporation)
S3 WinDefend; C:\ProgramData\Microsoft\Windows Defender\platform\4.18.2011.6-0\MsMpEng.exe [128376 2020-12-15] (Microsoft Windows Publisher -> Microsoft Corporation)

===================== Drivers (Whitelisted) ===================

(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)

R1 aswArPot; C:\WINDOWS\System32\drivers\aswArPot.sys [208672 2020-12-20] (Avast Software s.r.o. -> AVAST Software)
R1 aswbidsdriver; C:\WINDOWS\System32\drivers\aswbidsdriver.sys [332880 2020-12-20] (Avast Software s.r.o. -> AVAST Software)
R0 aswbidsh; C:\WINDOWS\System32\drivers\aswbidsh.sys [247888 2020-12-20] (Avast Software s.r.o. -> AVAST Software)
R0 aswbuniv; C:\WINDOWS\System32\drivers\aswbuniv.sys [97360 2020-12-20] (Avast Software s.r.o. -> AVAST Software)
R0 aswElam; C:\WINDOWS\System32\drivers\aswElam.sys [16832 2020-12-20] (Microsoft Windows Early Launch Anti-malware Publisher -> AVAST Software)
R1 aswKbd; C:\WINDOWS\System32\drivers\aswKbd.sys [42424 2020-12-20] (Avast Software s.r.o. -> AVAST Software)
R1 aswMonFlt; C:\WINDOWS\System32\drivers\aswMonFlt.sys [176384 2020-12-20] (Avast Software s.r.o. -> AVAST Software)
R1 aswNetHub; C:\WINDOWS\System32\drivers\aswNetHub.sys [522480 2020-12-20] (Avast Software s.r.o. -> AVAST Software)
R1 aswRdr; C:\WINDOWS\System32\drivers\aswRdr2.sys [108928 2020-12-20] (Avast Software s.r.o. -> AVAST Software)
R0 aswRvrt; C:\WINDOWS\System32\drivers\aswRvrt.sys [84496 2020-12-20] (Avast Software s.r.o. -> AVAST Software)
R1 aswSnx; C:\WINDOWS\System32\drivers\aswSnx.sys [851256 2020-12-20] (Avast Software s.r.o. -> AVAST Software)
R1 aswSP; C:\WINDOWS\System32\drivers\aswSP.sys [468888 2021-01-08] (Avast Software s.r.o. -> AVAST Software)
R2 aswStm; C:\WINDOWS\System32\drivers\aswStm.sys [214808 2021-01-07] (Avast Software s.r.o. -> AVAST Software)
S3 aswTap; C:\WINDOWS\System32\drivers\aswTap.sys [53904 2021-01-13] (AVAST Software s.r.o. -> The OpenVPN Project)
R0 aswVmm; C:\WINDOWS\System32\drivers\aswVmm.sys [324904 2021-01-07] (Avast Software s.r.o. -> AVAST Software)
S3 BthA2dp; C:\WINDOWS\System32\drivers\BthA2dp.sys [279040 2019-12-07] (Microsoft Corporation) [File not signed]
R2 CLFCL5.20; C:\WINDOWS\System32\drivers\CLFCL5.20\000.fcl [46952 2020-03-20] (CyberLink Corp. -> CyberLink Corp.)
R1 eamonm; C:\WINDOWS\System32\DRIVERS\eamonm.sys [141512 2018-09-04] (ESET, spol. s r.o. -> ESET)
S0 eelam; C:\WINDOWS\System32\DRIVERS\eelam.sys [15872 2018-09-04] (Microsoft Windows Early Launch Anti-malware Publisher -> ESET)
S1 ehdrv; C:\WINDOWS\system32\DRIVERS\ehdrv.sys [188824 2018-09-04] (ESET, spol. s r.o. -> ESET)
R1 epfwwfp; C:\WINDOWS\system32\DRIVERS\epfwwfp.sys [109864 2018-09-04] (ESET, spol. s r.o. -> ESET)
R1 ESProtectionDriver; C:\WINDOWS\system32\drivers\mbae64.sys [152688 2018-09-11] (Malwarebytes Corporation -> Malwarebytes)
S3 WdBoot; C:\WINDOWS\system32\drivers\wd\WdBoot.sys [48536 2020-12-15] (Microsoft Windows Early Launch Anti-malware Publisher -> Microsoft Corporation)
S3 WdFilter; C:\WINDOWS\system32\drivers\wd\WdFilter.sys [429296 2020-12-15] (Microsoft Windows -> Microsoft Corporation)
S3 WdNisDrv; C:\WINDOWS\System32\drivers\wd\WdNisDrv.sys [70896 2020-12-15] (Microsoft Windows -> Microsoft Corporation)
S3 MBAMFarflt; system32\DRIVERS\farflt.sys [X]
S3 MBAMProtection; \SystemRoot\system32\DRIVERS\mbam.sys [X]
S3 MBAMWebProtection; \SystemRoot\system32\DRIVERS\mwac.sys [X]

==================== NetSvcs (Whitelisted) ===================

(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)


==================== One month (created) (Whitelisted) =========

(If an entry is included in the fixlist, the file/folder will be moved.)

2021-02-12 19:36 - 2021-02-12 19:37 - 000009830 _____ C:\Users\Kengura\Desktop\FRST.txt
2021-02-12 19:35 - 2021-02-12 19:35 - 000000000 ____D C:\Users\Kengura\Desktop\FRST-OlderVersion
2021-02-12 19:34 - 2021-02-12 19:36 - 000000000 ____D C:\FRST
2021-02-12 18:35 - 2021-02-12 18:35 - 003671513 _____ C:\Users\Kengura\Downloads\Přichází dodavatel vakcín .mp4
2021-02-12 12:34 - 2021-02-12 12:34 - 000002076 _____ C:\ProgramData\Desktop\CyberLink PowerDVD 20.lnk
2021-02-12 12:34 - 2021-02-12 12:34 - 000000000 ___RD C:\ProgramData\Microsoft\Windows\Start Menu\Programs\CyberLink PowerDVD 20
2021-02-12 12:34 - 2021-02-12 12:34 - 000000000 ____D C:\Program Files (x86)\NSIS Uninstall Information
2021-02-12 12:32 - 2021-02-12 12:32 - 000000000 ____D C:\ProgramData\install_backup
2021-02-11 17:43 - 2021-02-11 17:43 - 000001140 _____ C:\Users\Kengura\Desktop\Format Factory.lnk
2021-02-11 17:43 - 2021-02-11 17:43 - 000000000 ____D C:\Users\Kengura\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\FormatFactory
2021-02-11 17:32 - 2021-02-11 17:39 - 000000000 ____D C:\Users\Kengura\Downloads\FormatFactory2021_02_11
2021-02-11 17:00 - 2021-02-11 17:00 - 001142338 _____ C:\Users\Kengura\Downloads\VID-20210103-WA0003.mp4
2021-02-11 14:49 - 2021-02-12 19:35 - 002297344 _____ (Farbar) C:\Users\Kengura\Desktop\FRST64.exe
2021-02-11 13:32 - 2021-02-11 13:32 - 000000000 ____D C:\rsit
2021-02-11 13:23 - 2021-02-11 13:23 - 000000000 ____D C:\WINDOWS\Panther
2021-02-11 11:40 - 2021-02-11 16:58 - 005287241 _____ C:\Users\Kengura\Downloads\radost.mp4
2021-02-10 12:55 - 2021-02-10 12:55 - 000000000 ____D C:\WINDOWS\system32\Tasks\Mozilla
2021-02-09 15:43 - 2021-02-09 15:43 - 000000110 ____H C:\Users\Kengura\Downloads\120824076_2711413509116044_9168557092328109456_o.jpg.uid-zps
2021-02-09 15:39 - 2021-02-09 15:39 - 000000110 ____H C:\Users\Kengura\Downloads\121419726_2715390862051642_1922455239914236170_o.jpg.uid-zps
2021-02-09 15:21 - 2021-02-09 15:21 - 000000110 ____H C:\Users\Kengura\Downloads\121494762_2715390858718309_1526678300369370339_o.jpg.uid-zps
2021-02-09 15:19 - 2021-02-09 15:19 - 000000110 ____H C:\Users\Kengura\Downloads\126854433_2752993254958069_7662203413404071461_o.jpg.uid-zps
2021-02-09 15:17 - 2021-02-09 15:17 - 000000110 ____H C:\Users\Kengura\Downloads\133579261_2779044829019578_7110965461662077724_o.jpg.uid-zps
2021-02-09 15:14 - 2021-02-09 15:14 - 000000110 ____H C:\Users\Kengura\Downloads\135249760_2783333205257407_1496598418690007038_o.jpg.uid-zps
2021-02-09 15:13 - 2021-02-09 15:13 - 000000110 ____H C:\Users\Kengura\Downloads\137588650_2789757167948344_1990776809383200596_o.jpg.uid-zps
2021-02-09 15:10 - 2021-02-09 15:10 - 000000110 ____H C:\Users\Kengura\Downloads\147572269_2810271319230262_3713081136388808338_o.jpg.uid-zps
2021-02-09 15:08 - 2021-02-09 15:08 - 000000110 ____H C:\Users\Kengura\Downloads\148628694_2810271065896954_8026989339141434546_o.jpg.uid-zps
2021-02-09 15:05 - 2021-02-09 15:05 - 000000110 ____H C:\Users\Kengura\Downloads\120818811_2711413462449382_1354154157831541484_o.jpg.uid-zps
2021-02-07 18:09 - 2021-02-07 18:11 - 000000000 ____D C:\AdwCleaner
2021-02-07 13:26 - 2021-02-12 12:50 - 000000000 ____D C:\Program Files\CyberLink
2021-02-05 19:28 - 2021-02-05 19:38 - 000000000 ____D C:\Users\Kengura\AppData\Roaming\Software Informer
2021-02-05 19:28 - 2021-02-05 19:28 - 000000000 ____D C:\ProgramData\Informer Technologies, Inc
2021-02-02 18:05 - 2021-02-02 07:01 - 000072484 ____N C:\Users\Kengura\Downloads\Roční vyúčtování k pojistné smlouvě č 7182366191 .pdf
2021-02-02 18:05 - 2021-02-02 07:01 - 000052504 ____N C:\Users\Kengura\Downloads\Informace k platbě Vašeho pojištění č 7182366191.pdf
2021-01-30 16:33 - 2021-01-30 16:33 - 000001887 _____ C:\ProgramData\Desktop\Zoner Photo Studio 16 x64.lnk
2021-01-30 16:33 - 2021-01-30 16:33 - 000000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Zoner Photo Studio 16
2021-01-30 16:33 - 2021-01-30 16:33 - 000000000 ____D C:\Program Files\Zoner
2021-01-30 11:58 - 2021-01-30 19:42 - 000000000 ____D C:\Program Files (x86)\WinTools Software
2021-01-30 11:58 - 2021-01-30 11:58 - 000001381 _____ C:\ProgramData\Desktop\WinTools.net Premium.lnk
2021-01-30 11:58 - 2021-01-30 11:58 - 000000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\WinTools.net Premium
2021-01-28 13:08 - 2021-01-28 17:56 - 000000000 ____D C:\Users\Kengura\AppData\Local\TeamViewer
2021-01-28 13:07 - 2021-01-28 13:08 - 000000000 ____D C:\Users\Kengura\AppData\Roaming\TeamViewer
2021-01-23 21:13 - 2021-01-23 21:13 - 003791862 _____ C:\Users\Kengura\Downloads\Ivrit-min-hahatchala-1-74.pdf
2021-01-22 17:35 - 2021-01-23 12:09 - 000000959 _____ C:\ProgramData\Desktop\calibre 64bit - E-book management.lnk
2021-01-22 17:35 - 2021-01-23 12:09 - 000000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\calibre 64bit - E-book Management
2021-01-22 17:35 - 2021-01-23 12:09 - 000000000 ____D C:\Program Files\Calibre2
2021-01-22 16:21 - 2021-01-22 16:21 - 000000000 ____D C:\Users\Kengura\AppData\Local\cache
2021-01-21 19:50 - 2021-01-23 12:39 - 000000000 ____D C:\Users\Kengura\AppData\Roaming\calibre
2021-01-21 18:44 - 2021-01-21 18:44 - 008457584 _____ (Malwarebytes) C:\Users\Kengura\Desktop\adwcleaner_8.0.9.1.exe
2021-01-21 14:29 - 2021-02-11 19:10 - 000000000 ____D C:\Users\Kengura\AppData\Local\D3DSCache
2021-01-20 19:43 - 2021-01-20 19:43 - 000000000 ____D C:\Users\Kengura\AppData\Local\FTMod
2021-01-20 19:14 - 2021-01-20 19:14 - 000000000 ____D C:\Users\Kengura\AppData\Local\PeerDistRepub
2021-01-20 17:31 - 2021-01-20 16:11 - 000024064 _____ C:\WINDOWS\zoek-delete.exe
2021-01-19 14:07 - 2020-12-20 12:03 - 000340576 _____ (AVAST Software) C:\WINDOWS\system32\aswBoot.exe
2021-01-13 14:40 - 2021-01-13 14:40 - 000002247 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Avast Driver Updater.lnk
2021-01-13 14:08 - 2021-01-13 14:08 - 000053904 _____ (The OpenVPN Project) C:\WINDOWS\system32\Drivers\aswTap.sys
2021-01-13 13:57 - 2021-01-19 14:08 - 000002048 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Avast Premium Security.lnk
2021-01-13 13:57 - 2021-01-19 14:08 - 000002036 _____ C:\ProgramData\Desktop\Avast Premium Security.lnk

==================== One month (modified) ==================

(If an entry is included in the fixlist, the file/folder will be moved.)

2021-02-12 19:38 - 2020-08-28 14:13 - 000000000 ____D C:\ProgramData\NVIDIA
2021-02-12 19:29 - 2019-12-07 10:14 - 000000000 ____D C:\ProgramData\regid.1991-06.com.microsoft
2021-02-12 19:27 - 2020-08-28 20:11 - 000000000 ____D C:\Program Files (x86)\WinRAR
2021-02-12 19:20 - 2019-12-07 10:13 - 000000000 ____D C:\WINDOWS\INF
2021-02-12 19:19 - 2020-11-12 12:22 - 000000000 ____D C:\Program Files\CCleaner
2021-02-12 19:17 - 2020-08-28 14:48 - 000000000 ____D C:\Users\Kengura\AppData\LocalLow\Mozilla
2021-02-12 19:13 - 2020-08-28 14:47 - 000000000 ____D C:\ProgramData\Mozilla
2021-02-12 17:50 - 2020-08-28 20:01 - 000000000 ____D C:\Program Files\WinRAR
2021-02-12 17:39 - 2020-09-12 13:32 - 000000006 ____H C:\WINDOWS\Tasks\SA.DAT
2021-02-12 17:39 - 2020-09-12 13:05 - 000008192 ___SH C:\DumpStack.log.tmp
2021-02-12 17:16 - 2020-09-02 18:30 - 000000000 ____D C:\ProgramData\Avast Software
2021-02-12 17:16 - 2019-12-07 10:03 - 000524288 _____ C:\WINDOWS\system32\config\BBI
2021-02-12 17:13 - 2020-09-13 14:07 - 000000000 ____D C:\FFOutput
2021-02-12 15:55 - 2020-09-01 16:09 - 000000000 ____D C:\Users\Kengura\AppData\Roaming\CyberLink
2021-02-12 15:47 - 2020-09-12 13:06 - 000000000 ____D C:\WINDOWS\system32\SleepStudy
2021-02-12 12:35 - 2020-09-01 15:06 - 000000000 ____D C:\ProgramData\CLSK
2021-02-12 12:34 - 2020-09-12 12:10 - 000000000 ____D C:\WINDOWS\system32\Drivers\CLFCL5.20
2021-02-12 12:34 - 2020-08-29 10:04 - 000000000 ___HD C:\Program Files (x86)\InstallShield Installation Information
2021-02-12 12:27 - 2020-09-01 15:06 - 000000000 ____D C:\ProgramData\install_clap
2021-02-12 12:26 - 2020-09-01 15:06 - 000000000 ___HD C:\ProgramData\CyberLink
2021-02-12 12:23 - 2020-12-17 17:50 - 000003400 _____ C:\WINDOWS\system32\Tasks\GoogleUpdateTaskMachineUA
2021-02-12 12:23 - 2020-12-17 17:50 - 000003176 _____ C:\WINDOWS\system32\Tasks\GoogleUpdateTaskMachineCore
2021-02-12 12:23 - 2020-11-28 12:36 - 000003250 _____ C:\WINDOWS\system32\Tasks\Antivirus Emergency Update
2021-02-12 12:23 - 2020-11-28 12:35 - 000003396 _____ C:\WINDOWS\system32\Tasks\AVGUpdateTaskMachineUA
2021-02-12 12:23 - 2020-11-28 12:35 - 000003172 _____ C:\WINDOWS\system32\Tasks\AVGUpdateTaskMachineCore
2021-02-12 12:23 - 2020-11-28 12:35 - 000003088 _____ C:\WINDOWS\system32\Tasks\AVG Secure Browser Heartbeat Task (Hourly)
2021-02-12 12:23 - 2020-11-28 12:35 - 000002606 _____ C:\WINDOWS\system32\Tasks\AVG Secure Browser Heartbeat Task (Logon)
2021-02-12 12:23 - 2020-11-14 18:11 - 000002238 _____ C:\WINDOWS\system32\Tasks\CCleanerSkipUAC
2021-02-12 12:23 - 2020-11-12 12:22 - 000003194 _____ C:\WINDOWS\system32\Tasks\CCleaner Update
2021-02-12 12:23 - 2020-11-05 18:01 - 000002914 _____ C:\WINDOWS\system32\Tasks\NvNodeLauncher_{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}
2021-02-12 12:23 - 2020-11-05 18:00 - 000003398 _____ C:\WINDOWS\system32\Tasks\NvDriverUpdateCheckDaily_{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}
2021-02-12 12:23 - 2020-11-05 18:00 - 000003196 _____ C:\WINDOWS\system32\Tasks\NvBatteryBoostCheckOnLogon_{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}
2021-02-12 12:23 - 2020-09-12 13:32 - 000000000 ____D C:\WINDOWS\system32\Tasks\AVAST Software
2021-02-11 17:43 - 2020-09-13 13:43 - 000000000 ____D C:\Program Files (x86)\FormatFactory
2021-02-11 13:32 - 2020-10-05 13:04 - 000000000 ____D C:\Program Files\trend micro
2021-02-10 15:30 - 2020-10-28 20:23 - 000000000 ____D C:\Program Files\Mozilla Firefox
2021-02-10 12:54 - 2020-08-28 14:47 - 000001005 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Firefox.lnk
2021-02-10 12:49 - 2020-08-29 10:13 - 000000000 ____D C:\Users\Kengura\AppData\Local\CrashDumps
2021-02-10 11:03 - 2020-12-17 17:50 - 000002207 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Google Chrome.lnk
2021-02-10 11:03 - 2020-12-17 17:50 - 000002166 _____ C:\ProgramData\Desktop\Google Chrome.lnk
2021-02-07 16:43 - 2020-12-20 12:04 - 000004264 _____ C:\WINDOWS\system32\Tasks\Avast Emergency Update
2021-02-06 17:50 - 2020-08-28 14:09 - 000000000 ____D C:\Users\Kengura\AppData\Local\Packages
2021-02-06 17:37 - 2020-12-20 12:03 - 000000000 ____D C:\Program Files\Avast Software
2021-02-06 15:51 - 2019-12-07 10:14 - 000000000 ___HD C:\Program Files\WindowsApps
2021-02-05 15:34 - 2020-08-28 15:55 - 000000000 ____D C:\Users\Kengura\Knihovna Calibre
2021-02-03 12:59 - 2020-11-02 21:01 - 000000000 ___RD C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Microsoft Office 2013
2021-01-31 21:10 - 2020-09-12 12:13 - 000000000 ____D C:\Users\Kengura
2021-01-31 11:54 - 2019-12-07 10:14 - 000000000 ____D C:\WINDOWS\system32\NDF
2021-01-31 11:40 - 2020-12-15 18:15 - 000355752 _____ C:\WINDOWS\system32\FNTCACHE.DAT
2021-01-30 19:46 - 2021-01-01 22:02 - 000000000 ____D C:\Users\Kengura\AppData\Roaming\WinTools
2021-01-28 18:19 - 2019-12-07 10:14 - 000000000 ____D C:\WINDOWS\system32\Catroot2.old
2021-01-28 18:05 - 2020-08-28 14:03 - 000000000 ____D C:\WINDOWS\SoftwareDistribution.old
2021-01-28 12:25 - 2020-09-03 18:27 - 000000000 ____D C:\Users\Kengura\AppData\Local\NVIDIA Corporation
2021-01-27 20:16 - 2020-12-17 10:30 - 000000000 ____D C:\WINDOWS\pss
2021-01-27 20:04 - 2020-12-15 18:16 - 000000214 _____ C:\WINDOWS\Tasks\CreateExplorerShellUnelevatedTask.job
2021-01-22 18:27 - 2020-11-13 17:04 - 000000000 ____D C:\ProgramData\Malwarebytes
2021-01-22 16:02 - 2019-12-07 10:14 - 000000000 ____D C:\WINDOWS\LiveKernelReports
2021-01-19 23:01 - 2019-12-07 10:54 - 000000000 ____D C:\Program Files\Windows Defender Advanced Threat Protection
2021-01-19 23:01 - 2019-12-07 10:14 - 000000000 __RSD C:\WINDOWS\Media
2021-01-19 23:01 - 2019-12-07 10:14 - 000000000 ___SD C:\WINDOWS\SysWOW64\F12
2021-01-19 23:01 - 2019-12-07 10:14 - 000000000 ___SD C:\WINDOWS\system32\UNP
2021-01-19 23:01 - 2019-12-07 10:14 - 000000000 ___SD C:\WINDOWS\system32\Nui
2021-01-19 23:01 - 2019-12-07 10:14 - 000000000 ____D C:\WINDOWS\SysWOW64\ras
2021-01-19 23:01 - 2019-12-07 10:14 - 000000000 ____D C:\WINDOWS\SysWOW64\Keywords
2021-01-19 23:01 - 2019-12-07 10:14 - 000000000 ____D C:\WINDOWS\SysWOW64\Dism
2021-01-19 23:01 - 2019-12-07 10:14 - 000000000 ____D C:\WINDOWS\SystemResources
2021-01-19 23:01 - 2019-12-07 10:14 - 000000000 ____D C:\WINDOWS\system32\WinBioPlugIns
2021-01-19 23:01 - 2019-12-07 10:14 - 000000000 ____D C:\WINDOWS\system32\ras
2021-01-19 23:01 - 2019-12-07 10:14 - 000000000 ____D C:\WINDOWS\system32\oobe
2021-01-19 23:01 - 2019-12-07 10:14 - 000000000 ____D C:\WINDOWS\system32\icsxml
2021-01-19 23:01 - 2019-12-07 10:14 - 000000000 ____D C:\WINDOWS\system32\Dism
2021-01-19 23:01 - 2019-12-07 10:14 - 000000000 ____D C:\WINDOWS\system32\DDFs
2021-01-19 23:01 - 2019-12-07 10:14 - 000000000 ____D C:\WINDOWS\ShellExperiences
2021-01-19 23:01 - 2019-12-07 10:14 - 000000000 ____D C:\WINDOWS\Provisioning
2021-01-19 23:01 - 2019-12-07 10:14 - 000000000 ____D C:\WINDOWS\L2Schemas
2021-01-19 23:01 - 2019-12-07 10:14 - 000000000 ____D C:\WINDOWS\DiagTrack
2021-01-19 23:01 - 2019-12-07 10:14 - 000000000 ____D C:\WINDOWS\Cursors
2021-01-19 22:52 - 2019-12-07 10:14 - 000000000 ____D C:\WINDOWS\registration
2021-01-19 14:07 - 2019-12-07 10:14 - 000000000 ___HD C:\WINDOWS\ELAMBKUP
2021-01-17 15:06 - 2020-08-28 14:47 - 000000000 ____D C:\Program Files (x86)\Mozilla Maintenance Service
2021-01-13 14:40 - 2020-12-20 12:06 - 000000000 ____D C:\Users\Kengura\AppData\Roaming\Avast Software
2021-01-13 14:07 - 2020-12-20 12:03 - 000000000 ____D C:\Program Files\Common Files\Avast Software
2021-01-13 12:21 - 2020-09-01 15:02 - 000000000 ____D C:\WINDOWS\system32\MRT
2021-01-13 12:12 - 2020-09-01 15:02 - 135062968 ____C (Microsoft Corporation) C:\WINDOWS\system32\MRT.exe

==================== Files in the root of some directories ========

2021-01-07 17:05 - 2021-01-07 17:05 - 000000017 _____ () C:\Users\Kengura\AppData\Local\resmon.resmoncfg

==================== SigCheck ============================

(There is no automatic fix for files that do not pass verification.)

==================== End of FRST.txt ========================

kemgura07
Návštěvník
Návštěvník
Příspěvky: 43
Registrován: 26 lis 2019 22:56

Re: Prosím o preventivní kontrolu

#10 Příspěvek od kemgura07 »

Additional scan result of Farbar Recovery Scan Tool (x64) Version: 12-02-2021
Ran by Kengura (12-02-2021 19:38:57)
Running from C:\Users\Kengura\Desktop
Windows 10 Pro Version 20H2 19042.685 (X64) (2020-09-12 12:33:06)
Boot Mode: Normal
==========================================================


==================== Accounts: =============================

Administrator (S-1-5-21-3670144830-1670747954-2962517199-500 - Administrator - Disabled)
DefaultAccount (S-1-5-21-3670144830-1670747954-2962517199-503 - Limited - Disabled)
Guest (S-1-5-21-3670144830-1670747954-2962517199-501 - Limited - Disabled)
Kengura (S-1-5-21-3670144830-1670747954-2962517199-1002 - Administrator - Enabled) => C:\Users\Kengura
WDAGUtilityAccount (S-1-5-21-3670144830-1670747954-2962517199-504 - Limited - Disabled)

==================== Security Center ========================

(If an entry is included in the fixlist, it will be removed.)

AV: Windows Defender (Disabled - Up to date) {D68DDC3A-831F-4fae-9E44-DA132C1ACF46}
AV: AVG Antivirus (Enabled - Up to date) {18A975F9-A60C-37D8-E30B-4BEF31AD3411}
AV: Avast Antivirus (Enabled - Up to date) {EB19B86E-3998-C706-90EF-92B41EB091AF}
FW: AVG Antivirus (Enabled) {2092F4DC-EC63-3680-C854-E2DACF7E736A}
FW: Avast Antivirus (Enabled) {D322394B-73F7-C65E-BBB0-3B81E063D6D4}

==================== Installed Programs ======================

(Only the adware programs with "Hidden" flag could be added to the fixlist to unhide them. The adware programs should be uninstalled manually.)

Adobe Acrobat Reader DC - Czech (HKLM-x32\...\{AC76BA86-7AD7-1029-7B44-AC0F074E4100}) (Version: 20.013.20074 - Adobe Systems Incorporated)
Aktualizace NVIDIA 38.0.5.0 (HKLM\...\{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_Display.Update) (Version: 38.0.5.0 - NVIDIA Corporation) Hidden
Avast Premium Security (HKLM-x32\...\Avast Antivirus) (Version: 20.10.2442 - Avast Software)
calibre 64bit (HKLM\...\{6AE87DB6-FB23-4B5C-A57D-74E294A29228}) (Version: 5.10.1 - Kovid Goyal)
CCleaner (HKLM\...\CCleaner) (Version: 5.76 - Piriform)
centrum.cz (HKU\S-1-5-21-3670144830-1670747954-2962517199-1002\...\27688f8a7e4ac8b4a98e5fb3d179aca5) (Version: 1.0 - centrum.cz)
CyberLink PowerDVD 20 (HKLM-x32\...\{E5B8E5C5-4C42-407B-A2BC-BAC724D1F43F}) (Version: 20.0.1519.62 - CyberLink Corp.)
Excel (HKU\S-1-5-21-3670144830-1670747954-2962517199-1002\...\1fc5b090eab9aa41f8a2f5987367e6da) (Version: 1.0 - Excel)
FormatFactory 5.6.5.0 (HKLM-x32\...\FormatFactory) (Version: 5.6.5.0 - Free Time)
Google Chrome (HKLM-x32\...\Google Chrome) (Version: 88.0.4324.150 - Google LLC)
Microsoft ASP.NET MVC 4 Runtime (HKLM-x32\...\{3FE312D5-B862-40CE-8E4E-A6D8ABF62736}) (Version: 4.0.40804.0 - Microsoft Corporation)
Microsoft Visual C++ 2010 x86 Redistributable - 10.0.40219 (HKLM-x32\...\{F0C3E5D1-1ADE-321E-8167-68EF0DE699A5}) (Version: 10.0.40219 - Microsoft Corporation)
Microsoft Visual C++ 2012 Redistributable (x64) - 11.0.61030 (HKLM-x32\...\{ca67548a-5ebe-413a-b50c-4b9ceb6d66c6}) (Version: 11.0.61030.0 - Microsoft Corporation)
Microsoft Visual C++ 2012 Redistributable (x86) - 11.0.61030 (HKLM-x32\...\{33d1fd90-4274-48a1-9bc1-97e33d9c2d6f}) (Version: 11.0.61030.0 - Microsoft Corporation)
Microsoft Visual C++ 2013 Redistributable (x64) - 12.0.21005 (HKLM-x32\...\{7f51bdb9-ee21-49ee-94d6-90afc321780e}) (Version: 12.0.21005.1 - Microsoft Corporation)
Microsoft Visual C++ 2017 Redistributable (x64) - 14.13.26020 (HKLM-x32\...\{7474cd6e-76cc-4257-837e-5b9261e526af}) (Version: 14.13.26020.0 - Microsoft Corporation)
Microsoft Visual C++ 2017 Redistributable (x86) - 14.13.26020 (HKLM-x32\...\{5c045b7f-e561-4794-91f8-c6cda0893107}) (Version: 14.13.26020.0 - Microsoft Corporation)
Mozilla Firefox 85.0.2 (x64 cs) (HKLM\...\Mozilla Firefox 85.0.2 (x64 cs)) (Version: 85.0.2 - Mozilla)
Nástroje kontroly pravopisu pro Microsoft Office 2013 – čeština (HKLM\...\{90150000-001F-0405-1000-0000000FF1CE}) (Version: 15.0.4569.1506 - Microsoft Corporation) Hidden
Nástroje korektúry balíka Microsoft Office 2013 - slovenčina (HKLM\...\{90150000-001F-041B-1000-0000000FF1CE}) (Version: 15.0.4569.1506 - Microsoft Corporation) Hidden
NVAPI Monitor plugin for NvContainer (HKLM\...\{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_NvContainer.NvapiMonitor) (Version: 1.27 - NVIDIA Corporation) Hidden
NVIDIA 3D Vision Driver 342.01 (HKLM\...\{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_Display.3DVision) (Version: 342.01 - NVIDIA Corporation)
NVIDIA FrameView SDK 1.1.4923.29214634 (HKLM\...\{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_FrameViewSdk) (Version: 1.1.4923.29214634 - NVIDIA Corporation)
NVIDIA GeForce Experience 3.20.5.70 (HKLM\...\{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_Display.GFExperience) (Version: 3.20.5.70 - NVIDIA Corporation)
NVIDIA Ovladač řídící jednotky 3D Vision 340.50 (HKLM\...\{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_Display.NVIRUSB) (Version: 340.50 - NVIDIA Corporation)
NVIDIA Systémový software PhysX 9.13.1220 (HKLM\...\{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_Display.PhysX) (Version: 9.13.1220 - NVIDIA Corporation)
NvModuleTracker (HKLM\...\{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_NvModuleTracker.Driver) (Version: 6.14.24033.38719 - NVIDIA Corporation) Hidden
Outlook (HKU\S-1-5-21-3670144830-1670747954-2962517199-1002\...\6b0f23e57a39ebfbf2814acb1a24293d) (Version: 1.0 - Outlook)
PowerISO (HKLM-x32\...\PowerISO) (Version: 7.7 - Power Software Ltd)
PowerPoint (HKU\S-1-5-21-3670144830-1670747954-2962517199-1002\...\319814cb56b667dff88f54e08be8f51f) (Version: 1.0 - PowerPoint)
Realtek High Definition Audio Driver (HKLM-x32\...\{F132AF7F-7BCA-4EDE-8A7C-958108FE7DBC}) (Version: 6.0.1.7541 - Realtek Semiconductor Corp.)
TiMoC (HKLM-x32\...\TiMoC1.1) (Version: 1.1 - Oblivion CZ team)
Update for Skype for Business 2015 (KB4484289) 64-Bit Edition (HKLM\...\{90150000-012B-0405-1000-0000000FF1CE}_Office15.PROPLUSR_{1C76EBD9-0A70-4094-A543-00CAA3B62113}) (Version: - Microsoft)
WinRAR 6.00 (64-bit) (HKLM\...\WinRAR archiver) (Version: 6.00.0 - win.rar GmbH)
WinTools.net Premium version 20.7 (HKLM-x32\...\{AA9A6236-EE61-41B7-A7EC-5F4496409D55}_is1) (Version: 20.7 - WinTools Software Engineering, Ltd.)
Zoner Photo Studio 16 (HKLM\...\ZonerPhotoStudio16_CZ_is1) (Version: - ZONER software)

Packages:
=========
Microsoft Advertising SDK for XAML -> C:\Program Files\WindowsApps\Microsoft.Advertising.Xaml_10.1811.1.0_x64__8wekyb3d8bbwe [2021-01-19] (Microsoft Corporation) [MS Ad]
Microsoft Advertising SDK for XAML -> C:\Program Files\WindowsApps\Microsoft.Advertising.Xaml_10.1811.1.0_x86__8wekyb3d8bbwe [2021-01-19] (Microsoft Corporation) [MS Ad]
PDF Viewer and Reader -> C:\Program Files\WindowsApps\22450.PDFViewerandReader_1.3.2.0_x64__0aqw1zw0x2snt [2021-01-19] (韵华软件) [MS Ad]

==================== Custom CLSID (Whitelisted): ==============

(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)


==================== Codecs (Whitelisted) ====================

==================== Shortcuts & WMI ========================

==================== Loaded Modules (Whitelisted) =============

2020-09-12 13:17 - 2016-11-14 10:45 - 001408200 _____ (NVIDIA Corporation PE Sign v2016 -> NVIDIA Corporation) [File not signed] C:\Program Files (x86)\NVIDIA Corporation\3D Vision\nvSCPAPI64.dll

==================== Alternate Data Streams (Whitelisted) ========

==================== Safe Mode (Whitelisted) ==================

(If an entry is included in the fixlist, it will be removed from the registry. The "AlternateShell" will be restored.)

HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\MBAMService => ""="Service"
HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Network\MBAMService => ""="Service"

==================== Association (Whitelisted) =================

==================== Internet Explorer (Whitelisted) ==========

HKLM\Software\Wow6432Node\Microsoft\Internet Explorer\Main,Start Page = about:blank
HKLM\Software\Wow6432Node\Microsoft\Internet Explorer\Main,Default_Page_URL =
HKLM\Software\Wow6432Node\Microsoft\Internet Explorer\Main,Default_Search_URL =
HKLM\Software\Microsoft\Internet Explorer\Main,Local Page =
HKU\S-1-5-21-3670144830-1670747954-2962517199-1002\Software\Microsoft\Internet Explorer\Main,Search Page = hxxp://www.microsoft.com/isapi/redir.dll?prd=ie&ar=iesearch
HKU\S-1-5-21-3670144830-1670747954-2962517199-1002\Software\Microsoft\Internet Explorer\Main,Default_Search_URL = hxxp://www.microsoft.com/isapi/redir.dll?prd=ie&ar=iesearch
SearchScopes: HKU\S-1-5-21-3670144830-1670747954-2962517199-1002 -> DefaultScope {012E1000-F331-11DB-8314-0800200C9A66} URL = hxxp://www.google.com/search?q={searchTerms}
SearchScopes: HKU\S-1-5-21-3670144830-1670747954-2962517199-1002 -> {012E1000-F331-11DB-8314-0800200C9A66} URL = hxxp://www.google.com/search?q={searchTerms}
BHO: Skype for Business Browser Helper -> {31D09BA0-12F5-4CCE-BE8A-2923E76605DA} -> C:\Program Files\Microsoft Office\Office15\OCHelper.dll [2020-04-15] (Microsoft Corporation -> Microsoft Corporation)
BHO: Microsoft SkyDrive Pro Browser Helper -> {D0498E0A-45B7-42AE-A9AA-ABA463DBD3BF} -> C:\Program Files\Microsoft Office\Office15\GROOVEEX.DLL [2018-07-18] (Microsoft Corporation -> Microsoft Corporation)
BHO-x32: Skype for Business Browser Helper -> {31D09BA0-12F5-4CCE-BE8A-2923E76605DA} -> C:\Program Files (x86)\Microsoft Office\Office15\OCHelper.dll [2020-04-15] (Microsoft Corporation -> Microsoft Corporation)
BHO-x32: Microsoft SkyDrive Pro Browser Helper -> {D0498E0A-45B7-42AE-A9AA-ABA463DBD3BF} -> C:\Program Files (x86)\Microsoft Office\Office15\GROOVEEX.DLL [2018-07-18] (Microsoft Corporation -> Microsoft Corporation)

==================== Hosts content: =========================

(If needed Hosts: directive could be included in the fixlist to reset Hosts.)

2019-03-19 05:49 - 2021-01-20 16:16 - 000000753 _____ C:\WINDOWS\system32\drivers\etc\hosts
127.0.0.1 localhost

==================== Other Areas ===========================

(Currently there is no automatic fix for this section.)

HKLM\System\CurrentControlSet\Control\Session Manager\Environment\\Path -> C:\Program Files (x86)\NVIDIA Corporation\PhysX\Common;C:\WINDOWS\system32;C:\WINDOWS;C:\WINDOWS\System32\Wbem;C:\WINDOWS\System32\WindowsPowerShell\v1.0\;C:\WINDOWS\System32\OpenSSH\;C:\Program Files\NVIDIA Corporation\NVIDIA NvDLISR;C:\Program Files\Calibre2\
HKU\S-1-5-21-3670144830-1670747954-2962517199-1002\Control Panel\Desktop\\Wallpaper -> E:\Foto\Pozadí plochy.bmp
DNS Servers: 212.96.160.6 - 212.96.161.7
HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Policies\System => (ConsentPromptBehaviorAdmin: 5) (ConsentPromptBehaviorUser: 3) (EnableLUA: 1)
HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer => (SmartScreenEnabled: Off)
Windows Firewall is enabled.

==================== MSCONFIG/TASK MANAGER disabled items ==

(If an entry is included in the fixlist, it will be removed.)

HKLM\...\StartupApproved\StartupFolder: => "Avast SecureLine VPN.lnk"
HKLM\...\StartupApproved\Run: => "SecurityHealth"
HKLM\...\StartupApproved\Run: => "NvBackend"
HKLM\...\StartupApproved\Run: => "RTHDVCPL"
HKLM\...\StartupApproved\Run: => "PowerDVD20Agent"
HKLM\...\StartupApproved\Run: => "TuneupUI.exe"
HKLM\...\StartupApproved\Run: => "PWRISOVM.EXE"
HKLM\...\StartupApproved\Run: => "DriverUpdUI.exe"
HKLM\...\StartupApproved\Run32: => "SunJavaUpdateSched"
HKLM\...\StartupApproved\Run32: => "SecurityHealth"
HKLM\...\StartupApproved\Run32: => "NvBackend"
HKLM\...\StartupApproved\Run32: => "PWRISOVM.EXE"
HKLM\...\StartupApproved\Run32: => "PowerDVD20Agent"
HKU\S-1-5-21-3670144830-1670747954-2962517199-1002\...\StartupApproved\Run: => "OneDriveSetup"
HKU\S-1-5-21-3670144830-1670747954-2962517199-1002\...\StartupApproved\Run: => "OneDrive"
HKU\S-1-5-21-3670144830-1670747954-2962517199-1002\...\StartupApproved\Run: => "CCleaner Smart Cleaning"
HKU\S-1-5-21-3670144830-1670747954-2962517199-1002\...\StartupApproved\Run: => "Zoner Photo Studio Service 16"
HKU\S-1-5-21-3670144830-1670747954-2962517199-1002\...\StartupApproved\Run: => "Zoner Photo Studio Autoupdate"
HKU\S-1-5-21-3670144830-1670747954-2962517199-1002\...\StartupApproved\Run: => "CyberlinkPowerPlayerMediaServer"

==================== FirewallRules (Whitelisted) ================

(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)

FirewallRules: [{8C3070C3-6238-4ECE-85C2-372C00BEAB7F}] => (Allow) C:\Program Files\Mozilla Firefox\firefox.exe (Mozilla Corporation -> Mozilla Corporation)
FirewallRules: [{8D9F6756-0DFA-4B22-9146-2EE5434841F2}] => (Allow) C:\Program Files\Mozilla Firefox\firefox.exe (Mozilla Corporation -> Mozilla Corporation)
FirewallRules: [{1F7BFEEC-0436-47F7-B9D1-F19AA88F4388}] => (Allow) C:\Program Files\WindowsApps\Microsoft.SkypeApp_15.63.76.0_x86__kzf8qxf38zg5c\Skype\Skype.exe (Skype Software Sarl -> Skype Technologies S.A.)
FirewallRules: [{97BCBBC4-2075-4B99-AB4E-4FD106FD6F1F}] => (Allow) C:\Program Files\WindowsApps\Microsoft.SkypeApp_15.63.76.0_x86__kzf8qxf38zg5c\Skype\Skype.exe (Skype Software Sarl -> Skype Technologies S.A.)
FirewallRules: [{E3887C08-37A5-46B1-9430-25C843EB2D7E}] => (Allow) C:\Program Files\WindowsApps\Microsoft.SkypeApp_15.63.76.0_x86__kzf8qxf38zg5c\Skype\Skype.exe (Skype Software Sarl -> Skype Technologies S.A.)
FirewallRules: [{140A41F6-B602-44EF-8FAB-0E64D3A96CED}] => (Allow) C:\Program Files\WindowsApps\Microsoft.SkypeApp_15.63.76.0_x86__kzf8qxf38zg5c\Skype\Skype.exe (Skype Software Sarl -> Skype Technologies S.A.)
FirewallRules: [{F85B926F-E03D-4D90-B2A3-9E164EA2AAE8}] => (Allow) C:\Program Files (x86)\FormatFactory\FormatFactory.exe (暇光软件科技(上海)有限公司 -> Free Time Co., Ltd.)
FirewallRules: [{05E3D3B1-BC59-4A49-BE1A-1AB248ACD9A3}] => (Allow) C:\Program Files (x86)\FormatFactory\FormatFactory.exe (暇光软件科技(上海)有限公司 -> Free Time Co., Ltd.)
FirewallRules: [{722FF6B0-04DF-40D1-A782-4E53E97A8477}] => (Allow) C:\Program Files\Microsoft Office\Office15\lync.exe (Microsoft Corporation -> Microsoft Corporation)
FirewallRules: [{028CE70F-5D23-4E6C-8CA1-BD4A5E6D088C}] => (Allow) C:\Program Files\Microsoft Office\Office15\lync.exe (Microsoft Corporation -> Microsoft Corporation)
FirewallRules: [{1DEB7742-6118-41AD-A80B-A834116128E0}] => (Allow) C:\Program Files\Microsoft Office\Office15\UcMapi.exe (Microsoft Corporation -> Microsoft Corporation)
FirewallRules: [{6AB84F71-02E7-4474-B9B8-94E839BFA7EF}] => (Allow) C:\Program Files\Microsoft Office\Office15\UcMapi.exe (Microsoft Corporation -> Microsoft Corporation)
FirewallRules: [{AA4A3C49-38D3-4CC7-85DF-B548486260A8}] => (Allow) C:\Program Files\NVIDIA Corporation\NvContainer\nvcontainer.exe (NVIDIA Corporation -> NVIDIA Corporation)
FirewallRules: [{BDB18E74-377B-481B-9EDC-21DE62C1841A}] => (Allow) C:\Program Files\NVIDIA Corporation\NvContainer\nvcontainer.exe (NVIDIA Corporation -> NVIDIA Corporation)
FirewallRules: [{72BE112C-76E4-42B0-876B-47D34DE0835D}] => (Allow) C:\Program Files\NVIDIA Corporation\NvContainer\nvcontainer.exe (NVIDIA Corporation -> NVIDIA Corporation)
FirewallRules: [{ACAB3B1D-6607-44F9-A3C8-A6E095CF720C}] => (Allow) C:\Program Files\NVIDIA Corporation\NvContainer\nvcontainer.exe (NVIDIA Corporation -> NVIDIA Corporation)
FirewallRules: [{AA1EB3D6-A9F4-47EB-82EB-ADE8D3E2E5A7}] => (Allow) C:\Program Files\NVIDIA Corporation\NvStreamSrv\nvstreamer.exe (NVIDIA Corporation -> NVIDIA Corporation)
FirewallRules: [{B4E12168-5488-43CA-8517-3ACBAF9AD30C}] => (Allow) C:\Program Files\NVIDIA Corporation\NvStreamSrv\nvstreamer.exe (NVIDIA Corporation -> NVIDIA Corporation)
FirewallRules: [{CBE2BAD3-C5C8-4C63-948D-78BBE7EAFB46}] => (Allow) C:\Program Files (x86)\FormatFactory\FormatFactory.exe (暇光软件科技(上海)有限公司 -> Free Time Co., Ltd.)
FirewallRules: [{9CACF243-3600-491E-9AE8-C20D94527D5C}] => (Allow) C:\Program Files (x86)\FormatFactory\FormatFactory.exe (暇光软件科技(上海)有限公司 -> Free Time Co., Ltd.)
FirewallRules: [{616D17AF-E40A-40EB-A6FD-2542891D3245}] => (Allow) C:\Program Files\Microsoft Office\Office15\lync.exe (Microsoft Corporation -> Microsoft Corporation)
FirewallRules: [{A5188F5E-07F8-433C-9DFD-B9C1A44885DB}] => (Allow) C:\Program Files\Microsoft Office\Office15\lync.exe (Microsoft Corporation -> Microsoft Corporation)
FirewallRules: [{C4578A91-8E63-4EF2-9900-1EB24A06229E}] => (Allow) C:\Program Files\Microsoft Office\Office15\UcMapi.exe (Microsoft Corporation -> Microsoft Corporation)
FirewallRules: [{9AED6DEE-6757-4C50-BC8B-6020A4B4710C}] => (Allow) C:\Program Files\Microsoft Office\Office15\UcMapi.exe (Microsoft Corporation -> Microsoft Corporation)
FirewallRules: [{9085EEB5-8762-490A-9A64-0C77E1BCB66B}] => (Allow) C:\Program Files (x86)\FormatFactory\FormatFactory.exe (暇光软件科技(上海)有限公司 -> Free Time Co., Ltd.)
FirewallRules: [{ED0172D2-8590-4E16-BB79-7BA770012652}] => (Allow) C:\Program Files\Google\Chrome\Application\chrome.exe (Google LLC -> Google LLC)
FirewallRules: [{33371334-535E-4F72-9C85-693FE36F2697}] => (Allow) C:\Program Files (x86)\FormatFactory\FormatFactory.exe (暇光软件科技(上海)有限公司 -> Free Time Co., Ltd.)
FirewallRules: [{DA62B04C-914B-4A8A-BEE5-1C4C83BCF0DF}] => (Allow) C:\Program Files\CyberLink\PowerDVD20\PowerDVD.exe (CyberLink Corp. -> CyberLink Corp.)
FirewallRules: [{D83B7CA5-B6E5-4BB7-95DB-8DCDF15A0E49}] => (Allow) C:\Program Files\CyberLink\PowerDVD20\ShareModule32\Kernel\DMS\CLMSServerPDVD20.exe (CyberLink Corp. -> CyberLink)
FirewallRules: [{D1A28C25-AFFE-4D75-BA71-5A41D3FB167F}] => (Allow) C:\Program Files\CyberLink\PowerDVD20\PowerDVD20Agent.exe (CyberLink Corp. -> CyberLink Corp.)
FirewallRules: [{909E8704-F6C6-42A0-9828-B0BCCE275DD5}] => (Allow) C:\Program Files\CyberLink\PowerDVD20\Movie\PowerDVDMovie.exe (CyberLink Corp. -> CyberLink Corp.)
FirewallRules: [{9211387F-92BD-45E9-8C56-41DB24506577}] => (Allow) C:\Program Files\CyberLink\PowerDVD20\CastingStation.exe (CyberLink Corp. -> CyberLink Corp.)
FirewallRules: [{092D6786-3DD2-405C-AD7B-BFBAAF631BE4}] => (Allow) C:\Program Files\CyberLink\PowerDVD20\Common\CLMediaServer\clmediaserver.exe (CyberLink Corp. -> CyberLink Corp.)
FirewallRules: [{86EFF522-8CF7-4BA2-A278-A6DEB3E5D769}] => (Allow) C:\Program Files\CyberLink\PowerDVD20\Common\dynamic_transcode.exe (CyberLink Corp. -> CyberLink Corp.)
FirewallRules: [{C8FCC4B4-AE8B-471F-970A-4BE84ADD6ADA}] => (Allow) C:\Program Files\CyberLink\PowerDVD20\Common\CLMediaServer\clmediaserver.exe (CyberLink Corp. -> CyberLink Corp.)
FirewallRules: [{4B6A49CF-B3A3-4749-BDA5-04610901343E}] => (Allow) LPort=31300

==================== Restore Points =========================

05-02-2021 17:44:12 Windows Modules Installer
06-02-2021 16:01:23 Windows Modules Installer
09-02-2021 11:47:18 Windows Modules Installer

==================== Faulty Device Manager Devices ============


==================== Event log errors: ========================

Application errors:
==================
Error: (02/12/2021 05:40:38 PM) (Source: Application Error) (EventID: 1000) (User: )
Description: Název chybující aplikace: DriverUpdSvc.exe, verze: 20.2.1042.0, časové razítko: 0x5ff30f75
Název chybujícího modulu: ucrtbase.dll, verze: 10.0.19041.546, časové razítko: 0x43cbc11d
Kód výjimky: 0xc0000409
Posun chyby: 0x000000000007287e
ID chybujícího procesu: 0xcf4
Čas spuštění chybující aplikace: 0x01d7015dca5090cb
Cesta k chybující aplikaci: C:\Program Files\Avast Software\Driver Updater\DriverUpdSvc.exe
Cesta k chybujícímu modulu: C:\WINDOWS\System32\ucrtbase.dll
ID zprávy: 68df8dbc-a85e-4561-8993-e8afff3e2c8a
Úplný název chybujícího balíčku:
ID aplikace související s chybujícím balíčkem:

Error: (02/12/2021 05:40:23 PM) (Source: Application Error) (EventID: 1000) (User: )
Description: Název chybující aplikace: DriverUpdSvc.exe, verze: 20.2.1042.0, časové razítko: 0x5ff30f75
Název chybujícího modulu: ucrtbase.dll, verze: 10.0.19041.546, časové razítko: 0x43cbc11d
Kód výjimky: 0xc0000409
Posun chyby: 0x000000000007287e
ID chybujícího procesu: 0x1c8c
Čas spuštění chybující aplikace: 0x01d7015dbe072200
Cesta k chybující aplikaci: C:\Program Files\Avast Software\Driver Updater\DriverUpdSvc.exe
Cesta k chybujícímu modulu: C:\WINDOWS\System32\ucrtbase.dll
ID zprávy: 748ca0fc-8d1c-4d0a-aea4-486ca5853da7
Úplný název chybujícího balíčku:
ID aplikace související s chybujícím balíčkem:

Error: (02/12/2021 05:40:03 PM) (Source: Application Error) (EventID: 1000) (User: )
Description: Název chybující aplikace: DriverUpdSvc.exe, verze: 20.2.1042.0, časové razítko: 0x5ff30f75
Název chybujícího modulu: ucrtbase.dll, verze: 10.0.19041.546, časové razítko: 0x43cbc11d
Kód výjimky: 0xc0000409
Posun chyby: 0x000000000007287e
ID chybujícího procesu: 0x1ac8
Čas spuštění chybující aplikace: 0x01d7015db4cc94b2
Cesta k chybující aplikaci: C:\Program Files\Avast Software\Driver Updater\DriverUpdSvc.exe
Cesta k chybujícímu modulu: C:\WINDOWS\System32\ucrtbase.dll
ID zprávy: 0188f2fb-0ed5-42f6-99ba-69de7fb8e196
Úplný název chybujícího balíčku:
ID aplikace související s chybujícím balíčkem:

Error: (02/12/2021 05:39:45 PM) (Source: Application Error) (EventID: 1000) (User: )
Description: Název chybující aplikace: DriverUpdSvc.exe, verze: 20.2.1042.0, časové razítko: 0x5ff30f75
Název chybujícího modulu: ucrtbase.dll, verze: 10.0.19041.546, časové razítko: 0x43cbc11d
Kód výjimky: 0xc0000409
Posun chyby: 0x000000000007287e
ID chybujícího procesu: 0xe74
Čas spuštění chybující aplikace: 0x01d7015da8e775fa
Cesta k chybující aplikaci: C:\Program Files\Avast Software\Driver Updater\DriverUpdSvc.exe
Cesta k chybujícímu modulu: C:\WINDOWS\System32\ucrtbase.dll
ID zprávy: 7be3f3fb-8635-4411-a93e-2d4834bd07af
Úplný název chybujícího balíčku:
ID aplikace související s chybujícím balíčkem:

Error: (02/12/2021 01:31:05 PM) (Source: Application Error) (EventID: 1000) (User: )
Description: Název chybující aplikace: bad_module_info, verze: 0.0.0.0, časové razítko: 0x00000000
Název chybujícího modulu: unknown, verze: 0.0.0.0, časové razítko: 0x00000000
Kód výjimky: 0x00000000
Posun chyby: 0x0000000000000000
ID chybujícího procesu: 0x65c
Čas spuštění chybující aplikace: 0x01d7013aed5a3fa7
Cesta k chybující aplikaci: bad_module_info
Cesta k chybujícímu modulu: unknown
ID zprávy: 85677ccc-645a-4fd6-aad0-196df1d86925
Úplný název chybujícího balíčku:
ID aplikace související s chybujícím balíčkem:

Error: (02/12/2021 12:11:22 PM) (Source: Application Error) (EventID: 1000) (User: )
Description: Název chybující aplikace: DriverUpdSvc.exe, verze: 20.2.1042.0, časové razítko: 0x5ff30f75
Název chybujícího modulu: ucrtbase.dll, verze: 10.0.19041.546, časové razítko: 0x43cbc11d
Kód výjimky: 0xc0000409
Posun chyby: 0x000000000007287e
ID chybujícího procesu: 0x91c
Čas spuštění chybující aplikace: 0x01d7012fcb9fbd64
Cesta k chybující aplikaci: C:\Program Files\Avast Software\Driver Updater\DriverUpdSvc.exe
Cesta k chybujícímu modulu: C:\WINDOWS\System32\ucrtbase.dll
ID zprávy: 2041bbae-4869-478f-8bc0-22af20981bd4
Úplný název chybujícího balíčku:
ID aplikace související s chybujícím balíčkem:

Error: (02/12/2021 12:11:08 PM) (Source: Application Error) (EventID: 1000) (User: )
Description: Název chybující aplikace: DriverUpdSvc.exe, verze: 20.2.1042.0, časové razítko: 0x5ff30f75
Název chybujícího modulu: ucrtbase.dll, verze: 10.0.19041.546, časové razítko: 0x43cbc11d
Kód výjimky: 0xc0000409
Posun chyby: 0x000000000007287e
ID chybujícího procesu: 0x21b0
Čas spuštění chybující aplikace: 0x01d7012fc251f7fd
Cesta k chybující aplikaci: C:\Program Files\Avast Software\Driver Updater\DriverUpdSvc.exe
Cesta k chybujícímu modulu: C:\WINDOWS\System32\ucrtbase.dll
ID zprávy: 188c5426-0816-433a-ad96-f34ddca50681
Úplný název chybujícího balíčku:
ID aplikace související s chybujícím balíčkem:

Error: (02/12/2021 12:10:44 PM) (Source: Application Error) (EventID: 1000) (User: )
Description: Název chybující aplikace: DriverUpdSvc.exe, verze: 20.2.1042.0, časové razítko: 0x5ff30f75
Název chybujícího modulu: ucrtbase.dll, verze: 10.0.19041.546, časové razítko: 0x43cbc11d
Kód výjimky: 0xc0000409
Posun chyby: 0x000000000007287e
ID chybujícího procesu: 0xd6c
Čas spuštění chybující aplikace: 0x01d7012fb2cbb6fe
Cesta k chybující aplikaci: C:\Program Files\Avast Software\Driver Updater\DriverUpdSvc.exe
Cesta k chybujícímu modulu: C:\WINDOWS\System32\ucrtbase.dll
ID zprávy: f35928ca-d6bc-4ca8-a364-7380584ada72
Úplný název chybujícího balíčku:
ID aplikace související s chybujícím balíčkem:


System errors:
=============
Error: (02/12/2021 07:41:09 PM) (Source: Service Control Manager) (EventID: 7031) (User: )
Description: Služba NVIDIA LocalSystem Container byla nečekaně ukončena. Stalo se to 2 krát. Následující opravná akce bude spuštěna za 8000 milisekund: Restart the service.

Error: (02/12/2021 07:41:09 PM) (Source: Service Control Manager) (EventID: 7023) (User: )
Description: Služba NVIDIA LocalSystem Container byla ukončena s následující chybou:
Obecný spustitelný příkaz vrátil výsledek označující selhání.

Error: (02/12/2021 07:41:01 PM) (Source: Service Control Manager) (EventID: 7031) (User: )
Description: Služba NVIDIA LocalSystem Container byla nečekaně ukončena. Stalo se to 1 krát. Následující opravná akce bude spuštěna za 6000 milisekund: Restart the service.

Error: (02/12/2021 07:41:01 PM) (Source: Service Control Manager) (EventID: 7023) (User: )
Description: Služba NVIDIA LocalSystem Container byla ukončena s následující chybou:
Obecný spustitelný příkaz vrátil výsledek označující selhání.

Error: (02/12/2021 07:40:50 PM) (Source: Service Control Manager) (EventID: 7031) (User: )
Description: Služba NVIDIA LocalSystem Container byla nečekaně ukončena. Stalo se to 2 krát. Následující opravná akce bude spuštěna za 8000 milisekund: Restart the service.

Error: (02/12/2021 07:40:50 PM) (Source: Service Control Manager) (EventID: 7023) (User: )
Description: Služba NVIDIA LocalSystem Container byla ukončena s následující chybou:
Obecný spustitelný příkaz vrátil výsledek označující selhání.

Error: (02/12/2021 07:40:43 PM) (Source: Service Control Manager) (EventID: 7031) (User: )
Description: Služba NVIDIA LocalSystem Container byla nečekaně ukončena. Stalo se to 1 krát. Následující opravná akce bude spuštěna za 6000 milisekund: Restart the service.

Error: (02/12/2021 07:40:43 PM) (Source: Service Control Manager) (EventID: 7023) (User: )
Description: Služba NVIDIA LocalSystem Container byla ukončena s následující chybou:
Obecný spustitelný příkaz vrátil výsledek označující selhání.

Windows Defender:
=================

Date: 2020-12-19 13:33:30.7770000Z
Description:
Microsoft Defender Antivirus zjistil malware nebo jin� potenci�lne ne��douc� software.
Dal�� informace:
https://go.microsoft.com/fwlink/?linkid ... terprise=0
N�zev: PUA:Win32/DriverPack
ID: 234392
Z�va�nost: Low
Kategorie: Potentially Unwanted Software
Cesta: file:_C:\Users\Kengura\Desktop\DriverPack-17-Online.exe
Puvod detekce: Local machine
Typ detekce: Concrete
Zdroj detekce: Real-Time Protection
U�ivatel: DESKTOP-956HS9G\Kengura
N�zev procesu: C:\Windows\explorer.exe
Verze bezpecnostn�ch informac�: AV: 1.329.658.0, AS: 1.329.658.0, NIS: 1.329.658.0
Verze modulu: AM: 1.1.17700.4, NIS: 1.1.17700.4

Date: 2020-12-17 16:07:35.9380000Z
Description:
Microsoft Defender Antivirus zjistil malware nebo jin� potenci�lne ne��douc� software.
Dal�� informace:
https://go.microsoft.com/fwlink/?linkid ... terprise=0
N�zev: PUA:Win32/AskToolbar
ID: 227072
Z�va�nost: Low
Kategorie: Potentially Unwanted Software
Cesta: file:_E:\Instal\The_KMPlayer_1435.exe
Puvod detekce: Local machine
Typ detekce: FastPath
Zdroj detekce: Real-Time Protection
U�ivatel: DESKTOP-956HS9G\Kengura
N�zev procesu: C:\Windows\explorer.exe
Verze bezpecnostn�ch informac�: AV: 1.329.551.0, AS: 1.329.551.0, NIS: 1.329.551.0
Verze modulu: AM: 1.1.17700.4, NIS: 1.1.17700.4

Date: 2020-12-17 16:01:45.7880000Z
Description:
Microsoft Defender Antivirus zjistil malware nebo jin� potenci�lne ne��douc� software.
Dal�� informace:
https://go.microsoft.com/fwlink/?linkid ... terprise=0
N�zev: PUA:Win32/FusionCore
ID: 229442
Z�va�nost: Low
Kategorie: Potentially Unwanted Software
Cesta: file:_E:\Instal\FFSetup4.10.5.0.exe
Puvod detekce: Local machine
Typ detekce: FastPath
Zdroj detekce: System
U�ivatel: NT AUTHORITY\SYSTEM
N�zev procesu: Unknown
Verze bezpecnostn�ch informac�: AV: 1.329.545.0, AS: 1.329.545.0, NIS: 1.329.545.0
Verze modulu: AM: 1.1.17700.4, NIS: 1.1.17700.4

Date: 2020-12-17 13:17:10.0850000Z
Description:
Prohled�v�n� Microsoft Defender Antivirus bylo zastaveno pred dokoncen�m.
ID prohled�v�n�: {FBC3A124-3EEA-4F95-BAB6-631EBE6250D7}
Typ prohled�v�n�: Antimalware
Parametry prohled�v�n�: Full Scan
U�ivatel: DESKTOP-956HS9G\Kengura

Date: 2020-12-17 13:17:10.0780000Z
Description:
Microsoft Defender Antivirus zjistil malware nebo jin� potenci�lne ne��douc� software.
Dal�� informace:
https://go.microsoft.com/fwlink/?linkid ... terprise=0
N�zev: HackTool:Win32/Crack
ID: 2147734096
Z�va�nost: High
Kategorie: Tool
Cesta: file:_C:\Program Files (x86)\Bethesda Softworks\The Elder Scrolls V Skyrim - Legendary Edition\steam_api.dll
Puvod detekce: Local machine
Typ detekce: Concrete
Zdroj detekce: User
U�ivatel: DESKTOP-956HS9G\Kengura
N�zev procesu: Unknown
Verze bezpecnostn�ch informac�: AV: 1.329.537.0, AS: 1.329.537.0, NIS: 1.329.537.0
Verze modulu: AM: 1.1.17700.4, NIS: 1.1.17700.4

Date: 2021-01-19 14:18:25.5600000Z
Description:
Microsoft Defender Antivirus narazil na chybu pri pokusu o aktualizaci bezpecnostn�ch informac�.
Nov� verze bezpecnostn�ch informac�: 1.329.2468.0
Predchoz� verze bezpecnostn�ch informac�: 1.329.722.0
Zdroj aktualizace: User
Typ bezpecnostn�ch informac�: AntiSpyware
Typ aktualizace: Delta
U�ivatel: NT AUTHORITY\SYSTEM
Aktu�ln� verze modulu: 1.1.17700.4
Predchoz� verze modulu: 1.1.17700.4
K�d chyby: 0x80509004
Popis chyby: An unexpected problem occurred. Install any available updates, and then try to start the program again. For information on installing updates, see Help and Support.

Date: 2021-01-19 14:18:25.5570000Z
Description:
Microsoft Defender Antivirus narazil na chybu pri pokusu o aktualizaci bezpecnostn�ch informac�.
Nov� verze bezpecnostn�ch informac�: 1.329.2468.0
Predchoz� verze bezpecnostn�ch informac�: 1.329.722.0
Zdroj aktualizace: User
Typ bezpecnostn�ch informac�: AntiVirus
Typ aktualizace: Delta
U�ivatel: NT AUTHORITY\SYSTEM
Aktu�ln� verze modulu: 1.1.17700.4
Predchoz� verze modulu: 1.1.17700.4
K�d chyby: 0x80509004
Popis chyby: An unexpected problem occurred. Install any available updates, and then try to start the program again. For information on installing updates, see Help and Support.

Date: 2020-12-17 10:36:25.1760000Z
Description:
Microsoft Defender Antivirus narazil na chybu pri pokusu o nacten� bezpecnostn�ch informac� a pokus� se o obnoven� posledn� zn�m� funkcn� verze.
Bezpecnostn� informace, kter� se mely nac�st: Current
K�d chyby: 0x80070003
Popis chyby: The system cannot find the path specified.
Verze bezpecnostn�ch informac�: 0.0.0.0;0.0.0.0
Verze modulu: 0.0.0.0

Date: 2020-11-11 12:57:02.2150000Z
Description:
Antivirov� ochrana v programu Microsoft Defender narazil na chybu pri pokusu o aktualizaci bezpecnostn�ch informac�.
Nov� verze bezpecnostn�ch informac�:
Predchoz� verze bezpecnostn�ch informac�: 1.323.46.0
Zdroj aktualizace: Server Microsoft Update
Typ bezpecnostn�ch informac�: Antivirov� program
Typ aktualizace: �pln�
U�ivatel: NT AUTHORITY\SYSTEM
Aktu�ln� verze modulu:
Predchoz� verze modulu: 1.1.17400.5
K�d chyby: 0x80240022
Popis chyby: The program can't check for definition updates.

Date: 2020-11-11 12:57:02.2120000Z
Description:
Antivirov� ochrana v programu Microsoft Defender narazil na chybu pri pokusu o aktualizaci bezpecnostn�ch informac�.
Nov� verze bezpecnostn�ch informac�:
Predchoz� verze bezpecnostn�ch informac�: 1.323.46.0
Zdroj aktualizace: Server Microsoft Update
Typ bezpecnostn�ch informac�: Antivirov� program
Typ aktualizace: �pln�
U�ivatel: NT AUTHORITY\SYSTEM
Aktu�ln� verze modulu:
Predchoz� verze modulu: 1.1.17400.5
K�d chyby: 0x80240022
Popis chyby: The program can't check for definition updates.
CodeIntegrity:
=================

Date: 2021-02-12 18:12:58.6230000Z
Description:
Code Integrity determined that a process (\Device\HarddiskVolume2\Program Files\Google\Chrome\Application\chrome.exe) attempted to load \Device\HarddiskVolume2\Program Files\Avast Software\Avast\aswhook.dll that did not meet the Microsoft signing level requirements.

Date: 2021-02-12 18:12:46.8030000Z
Description:
Code Integrity determined that a process (\Device\HarddiskVolume2\Program Files\Google\Chrome\Application\chrome.exe) attempted to load \Device\HarddiskVolume2\Program Files\Avast Software\Avast\aswhook.dll that did not meet the Microsoft signing level requirements.

Date: 2021-02-12 18:10:41.9640000Z
Description:
Code Integrity determined that a process (\Device\HarddiskVolume2\Program Files\Google\Chrome\Application\chrome.exe) attempted to load \Device\HarddiskVolume2\Program Files\Avast Software\Avast\aswhook.dll that did not meet the Microsoft signing level requirements.

Date: 2021-02-12 18:10:36.2860000Z
Description:
Code Integrity determined that a process (\Device\HarddiskVolume2\Program Files\Google\Chrome\Application\chrome.exe) attempted to load \Device\HarddiskVolume2\Program Files\Avast Software\Avast\aswhook.dll that did not meet the Microsoft signing level requirements.

Date: 2021-02-12 18:10:34.3550000Z
Description:
Code Integrity determined that a process (\Device\HarddiskVolume2\Program Files\Google\Chrome\Application\chrome.exe) attempted to load \Device\HarddiskVolume2\Program Files\Avast Software\Avast\aswhook.dll that did not meet the Microsoft signing level requirements.

Date: 2021-02-12 18:09:48.1030000Z
Description:
Code Integrity determined that a process (\Device\HarddiskVolume2\Program Files\Google\Chrome\Application\chrome.exe) attempted to load \Device\HarddiskVolume2\Program Files\Avast Software\Avast\aswhook.dll that did not meet the Microsoft signing level requirements.

Date: 2021-02-12 18:09:46.8230000Z
Description:
Code Integrity determined that a process (\Device\HarddiskVolume2\Program Files\Google\Chrome\Application\chrome.exe) attempted to load \Device\HarddiskVolume2\Program Files\Avast Software\Avast\aswhook.dll that did not meet the Microsoft signing level requirements.

Date: 2021-02-12 18:09:46.2500000Z
Description:
Code Integrity determined that a process (\Device\HarddiskVolume2\Program Files\Google\Chrome\Application\chrome.exe) attempted to load \Device\HarddiskVolume2\Program Files\Avast Software\Avast\aswhook.dll that did not meet the Microsoft signing level requirements.

==================== Memory info ===========================

BIOS: American Megatrends Inc. P1.30 08/23/2013
Motherboard: ASRock 960GC-GS FX
Processor: AMD Athlon(tm) Dual Core Processor 4850e
Percentage of memory in use: 67%
Total physical RAM: 3839.23 MB
Available physical RAM: 1259.57 MB
Total Virtual: 7679.23 MB
Available Virtual: 4959.61 MB

==================== Drives ================================

Drive c: () (Fixed) (Total:482.8 GB) (Free:415.37 GB) NTFS
Drive d: (PHILIPS UFD) (Removable) (Total:7.28 GB) (Free:0.44 GB) NTFS
Drive e: (Data) (Fixed) (Total:448.11 GB) (Free:172.25 GB) NTFS

\\?\Volume{0e265546-0000-0000-0000-100000000000}\ (Rezervováno systémem) (Fixed) (Total:0.1 GB) (Free:0.05 GB) NTFS
\\?\Volume{0e265546-0000-0000-0000-80b978000000}\ () (Fixed) (Total:0.5 GB) (Free:0.08 GB) NTFS

==================== MBR & Partition Table ====================

==========================================================
Disk: 0 (MBR Code: Windows 7/8/10) (Size: 931.5 GB) (Disk ID: 0E265546)
Partition 1: (Active) - (Size=100 MB) - (Type=07 NTFS)
Partition 2: (Not Active) - (Size=482.8 GB) - (Type=07 NTFS)
Partition 3: (Not Active) - (Size=512 MB) - (Type=27)
Partition 4: (Not Active) - (Size=448.1 GB) - (Type=07 NTFS)

==========================================================
Disk: 1 (Size: 7.3 GB) (Disk ID: 0E62F8E5)
Partition 1: (Not Active) - (Size=7.3 GB) - (Type=07 NTFS)

==================== End of Addition.txt =======================

Uživatelský avatar
Diallix
Rádce
Rádce
Příspěvky: 2760
Registrován: 27 dub 2008 10:34
Kontaktovat uživatele:

Re: Prosím o preventivní kontrolu

#11 Příspěvek od Diallix »

Log FRST u vas zacina :

==================== Internet (Whitelisted) ====================

(If an item is included in the fixlist, if it is a registry item it will be removed or restored to default.)

Tcpip\Parameters: [DhcpNameServer] 212.96.160.6 212.96.161.7
Tcpip\..\Interfaces\{adf0c0f2-0c58-455c-a3d5-cd2ef4d4bb55}: [DhcpNameServer] 212.96.160.6 212.96.161.7


Chyba hlavicka, beziace procesy, regitre run, atd.
Vyšla moja nová kniha BOTNETY! :173: Informácie o nej nájdete tu: >> BOTNETY <<

¯­­­¯­­­¯­­­¯­­­¯­­­¯­­­¯­­­¯­­­¯­­­¯­­­¯­­­¯­­­¯­­­¯­­­¯­­­¯­­­¯­­­¯­­­¯­­­¯­­­¯­­­¯­­­¯­­­¯­­­¯­­­¯­­­¯­­­¯­­­¯­­­¯­­­¯­­­¯­­­¯­­­¯­­­¯­­­¯­­­¯­­­¯­­­¯­­­¯­­­¯­­­¯­­­¯­­­¯­­­¯­­­¯­­­¯­­­¯­­­¯­­­¯­­­¯­­­¯­­­¯­­­¯­­­¯­­­¯­­­¯­­­¯­­­¯­­­¯­­­¯­­­¯­­­¯­­­¯­­­¯­­­¯­­­¯­­­¯­­­¯­­­¯­­­¯­­­¯­­­¯­­­¯­­­¯­­­¯­­­¯­­­¯­­­¯­­­¯­­­¯­­­¯­­­¯­­­¯­­­¯­­­¯­­­¯­­­¯­­­¯­­­¯­­­¯­­­¯­­­¯­­­¯­­­¯­­­¯­­­¯­­­¯­­­¯­­­¯­­­¯­­­¯­­­¯­­­¯­­­¯­­­¯­­­¯­­­¯­­­¯­­­¯­­­¯­­­¯­­­¯­­­¯­­­¯­­­¯­­­¯­­­¯­­­¯­­­¯­­­¯­­­¯­­­¯­­­¯­­­¯­­­¯­­­¯­­­¯­­­¯­­­¯­­­¯­­­¯­­­¯­­­¯­­­¯­­­¯­­­¯­­­¯­­­¯­­­¯­­­¯­­­
---
Obrázek Hľadáme nové posily do nášej CyberSecurity UNIT jednotky. Viac informácií o tom, čo to obnáša a ako sa pripojiť nájdete tu: >> CyberSecurity UNIT << Obrázek
----
Nízkoúrovňový, Vysokoúrovňový programátor - profilová karta tu: card <<
----
Háveťárna - UPLOAD Malwaru: >> upload <<
---
Ak sa Vám ľúbi moja práca a ste sňou spokojný, môžete ma kontaktovať na: diallix@centrum.sk, info@diallix.net alebo diallix@forum.viry.cz .
---
Momentálne aktívny ako:
- konzultant, vývojár a tutor výskumu inteligentného malwaru.
- tutor v oblasti dotazovacích jazykoch SQL (TSQL, PLSQL), objektového programovania (c++,c#,php) pre študentov.

Na fóre pôsobím ako:
- Bezpečnostná autorita viry.cz
- Zástupca tutora pre vzdelávanie nováčikov
- Zakladateľ Cyber Security jednotky

kemgura07
Návštěvník
Návštěvník
Příspěvky: 43
Registrován: 26 lis 2019 22:56

Re: Prosím o preventivní kontrolu

#12 Příspěvek od kemgura07 »

Prosím smazat...
Naposledy upravil(a) kemgura07 dne 13 úno 2021 18:46, celkem upraveno 1 x.

kemgura07
Návštěvník
Návštěvník
Příspěvky: 43
Registrován: 26 lis 2019 22:56

Re: Prosím o preventivní kontrolu

#13 Příspěvek od kemgura07 »

Je to lepší?
Scan result of Farbar Recovery Scan Tool (FRST) (x64) Version: 13-02-2021
Ran by Kengura (administrator) on DESKTOP-956HS9G (13-02-2021 16:44:52)
Running from C:\Users\Kengura\Desktop
Loaded Profiles: Kengura
Platform: Windows 10 Pro Version 20H2 19042.685 (X64) Language: Angličtina (Spojené státy)
Default browser: Edge
Boot Mode: Normal

==================== Processes (Whitelisted) =================

(If an entry is included in the fixlist, the process will be closed. The file will not be moved.)

(Avast Software s.r.o. -> AVAST Software) C:\Program Files\Avast Software\Avast\afwServ.exe
(Avast Software s.r.o. -> AVAST Software) C:\Program Files\Avast Software\Avast\aswEngSrv.exe
(Avast Software s.r.o. -> AVAST Software) C:\Program Files\Avast Software\Avast\aswidsagent.exe
(Avast Software s.r.o. -> AVAST Software) C:\Program Files\Avast Software\Avast\aswToolsSvc.exe
(Avast Software s.r.o. -> AVAST Software) C:\Program Files\Avast Software\Avast\AvastSvc.exe
(Avast Software s.r.o. -> AVAST Software) C:\Program Files\Avast Software\Avast\AvastUI.exe <3>
(Avast Software s.r.o. -> AVAST Software) C:\Program Files\Avast Software\Avast\wsc_proxy.exe
(Google LLC -> Google LLC) C:\Program Files (x86)\Google\Update\1.3.36.72\GoogleCrashHandler.exe
(Google LLC -> Google LLC) C:\Program Files (x86)\Google\Update\1.3.36.72\GoogleCrashHandler64.exe
(Microsoft Corporation -> Microsoft Corporation) C:\Windows\SystemApps\Microsoft.MicrosoftEdge_8wekyb3d8bbwe\MicrosoftEdge.exe
(Microsoft Corporation) C:\Program Files\WindowsApps\Microsoft.WindowsStore_12011.1001.1.0_x64__8wekyb3d8bbwe\WinStore.App.exe
(Microsoft Windows -> Microsoft Corporation) C:\Windows\ImmersiveControlPanel\SystemSettings.exe
(Microsoft Windows -> Microsoft Corporation) C:\Windows\System32\browser_broker.exe
(Microsoft Windows -> Microsoft Corporation) C:\Windows\System32\dllhost.exe
(Microsoft Windows -> Microsoft Corporation) C:\Windows\System32\MicrosoftEdgeCP.exe <2>
(Microsoft Windows -> Microsoft Corporation) C:\Windows\System32\MicrosoftEdgeSH.exe
(Microsoft Windows -> Microsoft Corporation) C:\Windows\System32\oobe\UserOOBEBroker.exe
(Microsoft Windows -> Microsoft Corporation) C:\Windows\System32\smartscreen.exe
(Microsoft Windows Hardware Compatibility Publisher -> Advanced Micro Devices, Inc.) C:\Windows\System32\amdfendrsr.exe
(NVIDIA Corporation -> NVIDIA Corporation) C:\Program Files (x86)\NVIDIA Corporation\3D Vision\nvSCPAPISvr.exe
(NVIDIA Corporation -> NVIDIA Corporation) C:\Program Files\NVIDIA Corporation\Display\nvxdsync.exe
(NVIDIA Corporation -> NVIDIA Corporation) C:\Program Files\NVIDIA Corporation\NvContainer\nvcontainer.exe
(NVIDIA Corporation -> NVIDIA Corporation) C:\Windows\System32\nvvsvc.exe <2>
(Piriform Software Ltd -> Piriform Software Ltd) C:\Program Files\CCleaner\CCleaner64.exe
(Realtek Semiconductor Corp -> Realtek Semiconductor) C:\Program Files\Realtek\Audio\HDA\RAVCpl64.exe

==================== Registry (Whitelisted) ===================

(If an entry is included in the fixlist, the registry item will be restored to default or removed. The file will not be moved.)

HKLM\...\Run: [AvastUI.exe] => C:\Program Files\Avast Software\Avast\AvLaunch.exe [117352 2020-12-20] (Avast Software s.r.o. -> AVAST Software)
HKU\S-1-5-21-3670144830-1670747954-2962517199-1002\...\Run: [CCleaner Smart Cleaning] => C:\Program Files\CCleaner\CCleaner64.exe [32440376 2021-01-06] (Piriform Software Ltd -> Piriform Software Ltd)
HKU\S-1-5-21-3670144830-1670747954-2962517199-1002\Control Panel\Desktop\\SCRNSAVE.EXE -> C:\WINDOWS\system32\Mystify.scr [154624 2019-12-07] (Microsoft Windows -> Microsoft Corporation)
HKLM\Software\Microsoft\Active Setup\Installed Components: [{8A69D345-D564-463c-AFF1-A69D9E530F96}] -> C:\Program Files\Google\Chrome\Application\88.0.4324.150\Installer\chrmstp.exe [2021-02-10] (Google LLC -> Google LLC)
BootExecute: autocheck autochk * icarus_rvrt.exe
HKLM\SOFTWARE\Policies\Mozilla\Firefox: Restriction <==== ATTENTION

==================== Scheduled Tasks (Whitelisted) ============

(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)

Task: {0AB1CB44-CF77-4E14-9CEE-D4F7C0DAF7C0} - System32\Tasks\AVG\AVG TuneUp Update => C:\Program Files\Common Files\AVG\Icarus\avg-tu\icarus.exe [5495432 2020-11-25] (AVG Technologies USA, LLC -> AVG Technologies)
Task: {0FE89BA3-BB48-4272-8B25-905D6839265B} - System32\Tasks\GoogleUpdateTaskMachineUA => C:\Program Files (x86)\Google\Update\GoogleUpdate.exe [155592 2020-12-17] (Google LLC -> Google LLC)
Task: {1062020D-A447-4943-AC93-F78B93C4813D} - System32\Tasks\AVGUpdateTaskMachineUA => C:\Program Files (x86)\AVG\Browser\Update\AVGBrowserUpdate.exe
Task: {13E87BA6-1DE9-4020-94BB-0EE4A9BB4CD1} - \Outbyte\PC Repair\NewDeceptors -> No File <==== ATTENTION
Task: {158EFFAD-BDA6-40C0-81DA-9854795E0DF6} - System32\Tasks\NvDriverUpdateCheckDaily_{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8} => C:\Program Files\NVIDIA Corporation\NvContainer\nvcontainer.exe [874472 2020-10-17] (NVIDIA Corporation -> NVIDIA Corporation) -> -d "C:\Program Files\NVIDIA Corporation\NvDriverUpdateCheck" -l 3 -f C:\ProgramData\NVIDIA\NvContainerDriverUpdateCheck.log
Task: {16910791-F5F8-442E-AF43-C2023BBB51FA} - System32\Tasks\NvBatteryBoostCheckOnLogon_{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8} => C:\Program Files\NVIDIA Corporation\NvContainer\nvcontainer.exe [874472 2020-10-17] (NVIDIA Corporation -> NVIDIA Corporation) -> -d "C:\Program Files\NVIDIA Corporation\NvBackend\NvBatteryBoostCheck" -l 3 -f C:\ProgramData\NVIDIA\NvContainerBatteryBoostCheck.log
Task: {16B81076-F62A-4DAD-8D44-F083E8FDDC56} - System32\Tasks\AVG\AVG TuneUp Update BugReport => C:\Program Files\AVG\TuneUp\AvBugReport.exe -> --send "dumps|report" --silent --product 74 --programpath "C:\Program Files\AVG\TuneUp\Setup\.." --configpath "C:\Program Files\AVG\TuneUp\Setup" --path "C:\ProgramData\AVG\TuneUp\log" --path "C:\ProgramData\AVG\Icarus\Logs" --guid 7cd3833b-4e5f-4007-9271-c89586a97a1e
Task: {18EB57F9-C5E9-4863-887E-2222A27FA762} - System32\Tasks\NvTmRep_CrashReport3_{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8} => C:\Program Files\NVIDIA Corporation\NvBackend\NvTmRep.exe [1128424 2020-10-19] (NVIDIA Corporation -> NVIDIA Corporation)
Task: {1B919A7F-5475-4A92-B092-AAF016E98FB2} - System32\Tasks\Mozilla\Firefox Default Browser Agent 308046B0AF4A39CB => C:\Program Files\Mozilla Firefox\default-browser-agent.exe [677344 2021-02-10] (Mozilla Corporation -> Mozilla Foundation)
Task: {327F1CAA-2173-47F0-BE67-9AE03B2D915E} - System32\Tasks\NvTmRep_CrashReport4_{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8} => C:\Program Files\NVIDIA Corporation\NvBackend\NvTmRep.exe [1128424 2020-10-19] (NVIDIA Corporation -> NVIDIA Corporation)
Task: {397F86FA-B046-4318-B2FB-68E0C9C80BC7} - System32\Tasks\Avast Software\Avast Driver Updater BugReport => C:\Program Files\Avast Software\Driver Updater\AvBugReport.exe [4648160 2021-01-13] (Avast Software s.r.o. -> AVAST Software) -> --send "dumps|report" --silent --product 148 --programpath "C:\Program Files\Avast Software\Driver Updater\Setup\.." --configpath "C:\Program Files\Avast Software\Driver Updater\Setup" --path "C:\ProgramData\Avast Software\Driver Updater\log" --path "C:\ProgramData\Avast Software\Icarus\Logs" --guid 9ca2fc92-710a-44ad-851f-fa0cd92eefdb
Task: {4147F182-6619-4204-A71A-83D78BEF1D8B} - System32\Tasks\AVG\Overseer => C:\Program Files\Common Files\AVG\Overseer\overseer.exe
Task: {5590148C-68C9-4C91-BC09-F6AB5213AB68} - System32\Tasks\NVIDIA GeForce Experience SelfUpdate_{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8} => C:\Program Files\NVIDIA Corporation\NVIDIA GeForce Experience\NVIDIA GeForce Experience.exe [3301176 2020-10-20] (NVIDIA Corporation -> NVIDIA Corporation)
Task: {5AB95BF8-3FCA-40FA-8111-C77716652810} - System32\Tasks\GoogleUpdateTaskMachineCore => C:\Program Files (x86)\Google\Update\GoogleUpdate.exe [155592 2020-12-17] (Google LLC -> Google LLC)
Task: {5DFF856F-1348-48CA-9679-653B9E774232} - System32\Tasks\NvProfileUpdaterDaily_{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8} => C:\Program Files\NVIDIA Corporation\Update Core\NvProfileUpdater64.exe [907240 2020-10-19] (NVIDIA Corporation -> NVIDIA Corporation)
Task: {6266C81F-134A-46FF-A38F-9A8BCF5E0FEA} - System32\Tasks\AVG Secure Browser Heartbeat Task (Logon) => C:\Program Files (x86)\AVG\Browser\Application\AVGBrowser.exe
Task: {710BB331-ECD8-4FBA-A71F-0868720C06C3} - System32\Tasks\NvProfileUpdaterOnLogon_{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8} => C:\Program Files\NVIDIA Corporation\Update Core\NvProfileUpdater64.exe [907240 2020-10-19] (NVIDIA Corporation -> NVIDIA Corporation)
Task: {783263B1-011F-4A28-A4D1-251005E8040E} - System32\Tasks\Microsoft\Office\OfficeTelemetryAgentFallBack => C:\Program Files\Microsoft Office\Office15\msoia.exe [376496 2014-01-23] (Microsoft Corporation -> Microsoft Corporation)
Task: {8A82DF83-C8A2-4598-9F1F-016061EBCB3D} - System32\Tasks\NvTmRep_CrashReport2_{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8} => C:\Program Files\NVIDIA Corporation\NvBackend\NvTmRep.exe [1128424 2020-10-19] (NVIDIA Corporation -> NVIDIA Corporation)
Task: {94A87B7C-8DA0-4DD8-AE4A-C1BAB2895863} - System32\Tasks\Adobe Acrobat Update Task => C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\AdobeARM.exe [1349200 2020-11-03] (Adobe Inc. -> Adobe Inc.)
Task: {995BCE01-7ED6-4EE4-BAA7-7F73D2FE6028} - System32\Tasks\NvTmRep_CrashReport1_{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8} => C:\Program Files\NVIDIA Corporation\NvBackend\NvTmRep.exe [1128424 2020-10-19] (NVIDIA Corporation -> NVIDIA Corporation)
Task: {9A910760-A685-4EBF-8C90-A373C6BADC2E} - System32\Tasks\Avast Emergency Update => C:\Program Files\Avast Software\Avast\AvEmUpdate.exe [4621920 2020-12-20] (Avast Software s.r.o. -> AVAST Software)
Task: {9D835467-DA8B-4384-A16E-F1D0E35AF77F} - System32\Tasks\Microsoft\Office\OfficeTelemetryAgentLogOn => C:\Program Files\Microsoft Office\Office15\msoia.exe [376496 2014-01-23] (Microsoft Corporation -> Microsoft Corporation)
Task: {9F58C2FD-64BC-4EEF-9333-11EC8A9768FB} - System32\Tasks\Avast Software\Avast Driver Updater Update => C:\Program Files\Common Files\Avast Software\Icarus\avast-du\icarus.exe [5491424 2021-01-04] (Avast Software s.r.o. -> Avast Software)
Task: {A32F19D6-96D7-4AF5-8D1C-A427091128C4} - System32\Tasks\AVG Secure Browser Heartbeat Task (Hourly) => C:\Program Files (x86)\AVG\Browser\Application\AVGBrowser.exe
Task: {A9A75290-B00C-4DC1-9BE2-5C5FA2064C0D} - System32\Tasks\Avast Software\Overseer => C:\Program Files\Common Files\Avast Software\Overseer\overseer.exe [1741416 2020-12-20] (Avast Software s.r.o. -> Avast Software)
Task: {C75EAA2F-67AC-4636-B1F4-6EF70EE9B335} - System32\Tasks\CCleaner Update => C:\Program Files\CCleaner\CCUpdate.exe [686384 2021-01-06] (Piriform Software Ltd -> Piriform Software Ltd)
Task: {CAF52BA6-1C64-45F7-8FD1-85715F4B4B7F} - System32\Tasks\NvNodeLauncher_{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8} => C:\Program Files (x86)\NVIDIA Corporation\NvNode\nvnodejslauncher.exe [646456 2020-10-19] (NVIDIA Corporation -> NVIDIA Corporation)
Task: {CF9B0475-0849-44A4-BAB2-20F9597A119D} - System32\Tasks\OneDrive Standalone Update Task-S-1-5-21-3670144830-1670747954-2962517199-500 => C:\Users\Kengura\AppData\Local\Microsoft\OneDrive\OneDriveStandaloneUpdater.exe
Task: {D05A1EA8-6F2E-4E2E-BBB0-C87D09E247D8} - System32\Tasks\CCleanerSkipUAC => C:\Program Files\CCleaner\CCleaner.exe [26913848 2021-01-06] (Piriform Software Ltd -> Piriform Software Ltd)
Task: {E6D8724D-5187-4704-8972-BFD4C5B92324} - System32\Tasks\Microsoft\Office\Office 15 Subscription Heartbeat => C:\Program Files\Common Files\Microsoft Shared\Office15\OLicenseHeartbeat.exe [1626328 2014-01-23] (Microsoft Corporation -> Microsoft Corporation)
Task: {ED44F595-27F6-4966-BC9F-307599FBD363} - System32\Tasks\AVGUpdateTaskMachineCore => C:\Program Files (x86)\AVG\Browser\Update\AVGBrowserUpdate.exe
Task: {EFC04A37-ACCE-4688-B34D-11DCA3CB3A91} - System32\Tasks\Antivirus Emergency Update => C:\Program Files\AVG\Antivirus\AvEmUpdate.exe

(If an entry is included in the fixlist, the task (.job) file will be moved. The file which is running by the task will not be moved.)

Task: C:\WINDOWS\Tasks\CreateExplorerShellUnelevatedTask.job => C:\WINDOWS\explorer.exe

==================== Internet (Whitelisted) ====================

(If an item is included in the fixlist, if it is a registry item it will be removed or restored to default.)

Tcpip\Parameters: [DhcpNameServer] 212.96.160.6 212.96.161.7
Tcpip\..\Interfaces\{adf0c0f2-0c58-455c-a3d5-cd2ef4d4bb55}: [DhcpNameServer] 212.96.160.6 212.96.161.7

Edge:
=======
DownloadDir: C:\Users\Kengura\Downloads
Edge DefaultProfile: Default
Edge HKLM-x32\...\Edge\Extension: [ihcjicgdanjaechkgeegckofjjedodee]

FireFox:
========
FF DefaultProfile: jmsljlgl.default
FF ProfilePath: C:\Users\Kengura\AppData\Roaming\Mozilla\Firefox\Profiles\jmsljlgl.default [2021-02-13]
FF Homepage: Mozilla\Firefox\Profiles\jmsljlgl.default -> about:home
FF NewTab: Mozilla\Firefox\Profiles\jmsljlgl.default -> about:newtab
FF Extension: (Facebook Container) - C:\Users\Kengura\AppData\Roaming\Mozilla\Firefox\Profiles\jmsljlgl.default\Extensions\@contain-facebook.xpi [2020-09-23]
FF ProfilePath: C:\Users\Kengura\AppData\Roaming\Mozilla\Firefox\Profiles\neqb5u83.default-release-1605118126751 [2021-02-13]
FF Homepage: Mozilla\Firefox\Profiles\neqb5u83.default-release-1605118126751 -> hxxps://www.seznam.cz/
FF NewTab: Mozilla\Firefox\Profiles\neqb5u83.default-release-1605118126751 -> about:newtab
FF Notifications: Mozilla\Firefox\Profiles\neqb5u83.default-release-1605118126751 -> hxxps://forum24.os.tc; hxxps://aukro.cz; hxxps://www.reflex.cz
FF Extension: (Facebook Container) - C:\Users\Kengura\AppData\Roaming\Mozilla\Firefox\Profiles\neqb5u83.default-release-1605118126751\Extensions\@contain-facebook.xpi [2020-11-11]
FF Extension: (Reset Search Defaults) - C:\Users\Kengura\AppData\Roaming\Mozilla\Firefox\Profiles\neqb5u83.default-release-1605118126751\features\{ea9a6495-ed5e-4ee8-9d14-3d8f3e46a192}\reset-search-defaults@mozilla.com.xpi [2021-02-12]
FF Plugin-x32: @microsoft.com/Lync,version=15.0 -> C:\Program Files (x86)\Mozilla Firefox\plugins\npmeetingjoinpluginoc.dll [2019-06-25] (Microsoft Corporation -> Microsoft Corporation)
FF Plugin-x32: @microsoft.com/SharePoint,version=14.0 -> C:\PROGRA~2\MICROS~1\Office15\NPSPWRAP.DLL [2014-01-22] (Microsoft Corporation -> Microsoft Corporation)
FF Plugin-x32: @nvidia.com/3DVision -> C:\Program Files (x86)\NVIDIA Corporation\3D Vision\npnv3dv.dll [2016-11-14] (NVIDIA Corporation PE Sign v2016 -> NVIDIA Corporation) [File not signed]
FF Plugin-x32: @nvidia.com/3DVisionStreaming -> C:\Program Files (x86)\NVIDIA Corporation\3D Vision\npnv3dvstreaming.dll [2016-11-14] (NVIDIA Corporation PE Sign v2016 -> NVIDIA Corporation) [File not signed]
FF Plugin-x32: Adobe Reader -> C:\Program Files (x86)\Adobe\Acrobat Reader DC\Reader\AIR\nppdf32.dll [2020-12-07] (Adobe Inc. -> Adobe Systems Inc.)

Chrome:
=======
CHR DefaultProfile: Default
CHR Profile: C:\Users\Kengura\AppData\Local\Google\Chrome\User Data\Default [2021-02-13]
CHR Notifications: Default -> hxxps://fastshare.cz; hxxps://www.youtube.com
CHR StartupUrls: Default -> "hxxps://www.centrum.cz/"
CHR DefaultSearchURL: Default -> hxxps://search.yahoo.com/search?fr=mcafee_uninternational&type=E210CZ91082G91461&p={searchTerms}
CHR DefaultSearchKeyword: Default -> mcafee
CHR Extension: (Dokumenty) - C:\Users\Kengura\AppData\Local\Google\Chrome\User Data\Default\Extensions\aohghmighlieiainnegkcijnfilokake [2021-01-20]
CHR Extension: (Disk Google) - C:\Users\Kengura\AppData\Local\Google\Chrome\User Data\Default\Extensions\apdfllckaahabafndbhieahigkjlhalf [2021-01-20]
CHR Extension: (YouTube) - C:\Users\Kengura\AppData\Local\Google\Chrome\User Data\Default\Extensions\blpcfgokakmgnkcojhhkbfbldkacnbeo [2021-01-20]
CHR Extension: (Dokumenty Google offline) - C:\Users\Kengura\AppData\Local\Google\Chrome\User Data\Default\Extensions\ghbmnnjooekpmoecnnnilnnbdlolhkhi [2021-01-20]
CHR Extension: (Platby Internetového obchodu Chrome) - C:\Users\Kengura\AppData\Local\Google\Chrome\User Data\Default\Extensions\nmmhkkegccagdldgiimedpiccmgmieda [2021-01-30]
CHR Extension: (Gmail) - C:\Users\Kengura\AppData\Local\Google\Chrome\User Data\Default\Extensions\pjkljhegncpnkpknbcohdijeoejaedia [2021-01-20]
CHR Extension: (Chrome Media Router) - C:\Users\Kengura\AppData\Local\Google\Chrome\User Data\Default\Extensions\pkedcjkdefgpdelpbcmbmeomcjbeemfm [2021-01-26]
CHR Profile: C:\Users\Kengura\AppData\Local\Google\Chrome\User Data\Guest Profile [2021-02-13]
CHR Profile: C:\Users\Kengura\AppData\Local\Google\Chrome\User Data\System Profile [2021-02-13]
CHR HKLM-x32\...\Chrome\Extension: [ihcjicgdanjaechkgeegckofjjedodee]

Opera:
=======
OPR Profile: C:\Users\Kengura\AppData\Roaming\Opera Software\Opera Stable [2021-01-30]
OPR DefaultSuggestURL: Opera Stable -> hxxps://www.google.com/complete/search?client=o ... utEncoding}

==================== Services (Whitelisted) ===================

(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)

S4 AdobeARMservice; C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\armsvc.exe [170056 2020-11-03] (Adobe Inc. -> Adobe Inc.)
R3 aswbIDSAgent; C:\Program Files\Avast Software\Avast\aswidsagent.exe [8477080 2020-12-20] (Avast Software s.r.o. -> AVAST Software)
R2 avast! Antivirus; C:\Program Files\Avast Software\Avast\AvastSvc.exe [621728 2020-12-20] (Avast Software s.r.o. -> AVAST Software)
R2 avast! Firewall; C:\Program Files\Avast Software\Avast\afwServ.exe [1230608 2021-01-13] (Avast Software s.r.o. -> AVAST Software)
R2 avast! Tools; C:\Program Files\Avast Software\Avast\aswToolsSvc.exe [351848 2020-12-20] (Avast Software s.r.o. -> AVAST Software)
R2 AvastWscReporter; C:\Program Files\Avast Software\Avast\wsc_proxy.exe [58048 2020-12-20] (Avast Software s.r.o. -> AVAST Software)
S2 DriverUpdSvc; C:\Program Files\Avast Software\Driver Updater\DriverUpdSvc.exe [5986528 2021-01-13] (Avast Software s.r.o. -> AVAST Software)
S3 FvSvc; C:\Program Files\NVIDIA Corporation\FrameViewSDK\nvfvsdksvc_x64.exe [287720 2020-10-19] (NVIDIA Corporation -> NVIDIA)
S3 Sense; C:\Program Files\Windows Defender Advanced Threat Protection\MsSense.exe [5197552 2020-12-01] (Microsoft Windows Publisher -> Microsoft Corporation)
S3 WdNisSvc; C:\ProgramData\Microsoft\Windows Defender\platform\4.18.2011.6-0\NisSrv.exe [2491880 2020-12-15] (Microsoft Windows Publisher -> Microsoft Corporation)
S3 WinDefend; C:\ProgramData\Microsoft\Windows Defender\platform\4.18.2011.6-0\MsMpEng.exe [128376 2020-12-15] (Microsoft Windows Publisher -> Microsoft Corporation)

===================== Drivers (Whitelisted) ===================

(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)

R1 aswArPot; C:\WINDOWS\System32\drivers\aswArPot.sys [208672 2020-12-20] (Avast Software s.r.o. -> AVAST Software)
R1 aswbidsdriver; C:\WINDOWS\System32\drivers\aswbidsdriver.sys [332880 2020-12-20] (Avast Software s.r.o. -> AVAST Software)
R0 aswbidsh; C:\WINDOWS\System32\drivers\aswbidsh.sys [247888 2020-12-20] (Avast Software s.r.o. -> AVAST Software)
R0 aswbuniv; C:\WINDOWS\System32\drivers\aswbuniv.sys [97360 2020-12-20] (Avast Software s.r.o. -> AVAST Software)
R0 aswElam; C:\WINDOWS\System32\drivers\aswElam.sys [16832 2020-12-20] (Microsoft Windows Early Launch Anti-malware Publisher -> AVAST Software)
R1 aswKbd; C:\WINDOWS\System32\drivers\aswKbd.sys [42424 2020-12-20] (Avast Software s.r.o. -> AVAST Software)
R1 aswMonFlt; C:\WINDOWS\System32\drivers\aswMonFlt.sys [176384 2020-12-20] (Avast Software s.r.o. -> AVAST Software)
R1 aswNetHub; C:\WINDOWS\System32\drivers\aswNetHub.sys [522480 2020-12-20] (Avast Software s.r.o. -> AVAST Software)
R1 aswRdr; C:\WINDOWS\System32\drivers\aswRdr2.sys [108928 2020-12-20] (Avast Software s.r.o. -> AVAST Software)
R0 aswRvrt; C:\WINDOWS\System32\drivers\aswRvrt.sys [84496 2020-12-20] (Avast Software s.r.o. -> AVAST Software)
R1 aswSnx; C:\WINDOWS\System32\drivers\aswSnx.sys [851256 2020-12-20] (Avast Software s.r.o. -> AVAST Software)
R1 aswSP; C:\WINDOWS\System32\drivers\aswSP.sys [468888 2021-01-08] (Avast Software s.r.o. -> AVAST Software)
R2 aswStm; C:\WINDOWS\System32\drivers\aswStm.sys [214808 2021-01-07] (Avast Software s.r.o. -> AVAST Software)
S3 aswTap; C:\WINDOWS\System32\drivers\aswTap.sys [53904 2021-01-13] (AVAST Software s.r.o. -> The OpenVPN Project)
R0 aswVmm; C:\WINDOWS\System32\drivers\aswVmm.sys [324904 2021-01-07] (Avast Software s.r.o. -> AVAST Software)
S3 BthA2dp; C:\WINDOWS\System32\drivers\BthA2dp.sys [279040 2019-12-07] (Microsoft Corporation) [File not signed]
R2 CLFCL5.20; C:\WINDOWS\System32\drivers\CLFCL5.20\000.fcl [46952 2020-03-20] (CyberLink Corp. -> CyberLink Corp.)
R1 eamonm; C:\WINDOWS\System32\DRIVERS\eamonm.sys [141512 2018-09-04] (ESET, spol. s r.o. -> ESET)
S0 eelam; C:\WINDOWS\System32\DRIVERS\eelam.sys [15872 2018-09-04] (Microsoft Windows Early Launch Anti-malware Publisher -> ESET)
S1 ehdrv; C:\WINDOWS\system32\DRIVERS\ehdrv.sys [188824 2018-09-04] (ESET, spol. s r.o. -> ESET)
R1 epfwwfp; C:\WINDOWS\system32\DRIVERS\epfwwfp.sys [109864 2018-09-04] (ESET, spol. s r.o. -> ESET)
R1 ESProtectionDriver; C:\WINDOWS\system32\drivers\mbae64.sys [152688 2018-09-11] (Malwarebytes Corporation -> Malwarebytes)
S3 WdBoot; C:\WINDOWS\system32\drivers\wd\WdBoot.sys [48536 2020-12-15] (Microsoft Windows Early Launch Anti-malware Publisher -> Microsoft Corporation)
S3 WdFilter; C:\WINDOWS\system32\drivers\wd\WdFilter.sys [429296 2020-12-15] (Microsoft Windows -> Microsoft Corporation)
S3 WdNisDrv; C:\WINDOWS\System32\drivers\wd\WdNisDrv.sys [70896 2020-12-15] (Microsoft Windows -> Microsoft Corporation)
S3 MBAMFarflt; system32\DRIVERS\farflt.sys [X]
S3 MBAMProtection; \SystemRoot\system32\DRIVERS\mbam.sys [X]
S3 MBAMWebProtection; \SystemRoot\system32\DRIVERS\mwac.sys [X]

==================== NetSvcs (Whitelisted) ===================

(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)


==================== One month (created) (Whitelisted) =========

(If an entry is included in the fixlist, the file/folder will be moved.)

2021-02-13 16:44 - 2021-02-13 16:47 - 000022544 _____ C:\Users\Kengura\Desktop\FRST.txt
2021-02-13 12:29 - 2021-02-13 12:30 - 000000000 ____D C:\AdwCleaner
2021-02-12 19:34 - 2021-02-13 16:46 - 000000000 ____D C:\FRST
2021-02-12 18:35 - 2021-02-12 18:35 - 003671513 _____ C:\Users\Kengura\Downloads\Přichází dodavatel vakcín .mp4
2021-02-12 12:34 - 2021-02-12 12:34 - 000002076 _____ C:\ProgramData\Desktop\CyberLink PowerDVD 20.lnk
2021-02-12 12:34 - 2021-02-12 12:34 - 000000000 ___RD C:\ProgramData\Microsoft\Windows\Start Menu\Programs\CyberLink PowerDVD 20
2021-02-12 12:34 - 2021-02-12 12:34 - 000000000 ____D C:\Program Files (x86)\NSIS Uninstall Information
2021-02-12 12:32 - 2021-02-12 12:32 - 000000000 ____D C:\ProgramData\install_backup
2021-02-11 17:43 - 2021-02-11 17:43 - 000001140 _____ C:\Users\Kengura\Desktop\Format Factory.lnk
2021-02-11 17:43 - 2021-02-11 17:43 - 000000000 ____D C:\Users\Kengura\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\FormatFactory
2021-02-11 17:32 - 2021-02-11 17:39 - 000000000 ____D C:\Users\Kengura\Downloads\FormatFactory2021_02_11
2021-02-11 17:00 - 2021-02-11 17:00 - 001142338 _____ C:\Users\Kengura\Downloads\VID-20210103-WA0003.mp4
2021-02-11 14:49 - 2021-02-13 13:09 - 002297344 _____ (Farbar) C:\Users\Kengura\Desktop\FRST64.exe
2021-02-11 13:32 - 2021-02-11 13:32 - 000000000 ____D C:\rsit
2021-02-11 13:23 - 2021-02-11 13:23 - 000000000 ____D C:\WINDOWS\Panther
2021-02-11 11:40 - 2021-02-11 16:58 - 005287241 _____ C:\Users\Kengura\Downloads\radost.mp4
2021-02-10 12:55 - 2021-02-10 12:55 - 000000000 ____D C:\WINDOWS\system32\Tasks\Mozilla
2021-02-09 15:43 - 2021-02-09 15:43 - 000000110 ____H C:\Users\Kengura\Downloads\120824076_2711413509116044_9168557092328109456_o.jpg.uid-zps
2021-02-09 15:39 - 2021-02-09 15:39 - 000000110 ____H C:\Users\Kengura\Downloads\121419726_2715390862051642_1922455239914236170_o.jpg.uid-zps
2021-02-09 15:21 - 2021-02-09 15:21 - 000000110 ____H C:\Users\Kengura\Downloads\121494762_2715390858718309_1526678300369370339_o.jpg.uid-zps
2021-02-09 15:19 - 2021-02-09 15:19 - 000000110 ____H C:\Users\Kengura\Downloads\126854433_2752993254958069_7662203413404071461_o.jpg.uid-zps
2021-02-09 15:17 - 2021-02-09 15:17 - 000000110 ____H C:\Users\Kengura\Downloads\133579261_2779044829019578_7110965461662077724_o.jpg.uid-zps
2021-02-09 15:14 - 2021-02-09 15:14 - 000000110 ____H C:\Users\Kengura\Downloads\135249760_2783333205257407_1496598418690007038_o.jpg.uid-zps
2021-02-09 15:13 - 2021-02-09 15:13 - 000000110 ____H C:\Users\Kengura\Downloads\137588650_2789757167948344_1990776809383200596_o.jpg.uid-zps
2021-02-09 15:10 - 2021-02-09 15:10 - 000000110 ____H C:\Users\Kengura\Downloads\147572269_2810271319230262_3713081136388808338_o.jpg.uid-zps
2021-02-09 15:08 - 2021-02-09 15:08 - 000000110 ____H C:\Users\Kengura\Downloads\148628694_2810271065896954_8026989339141434546_o.jpg.uid-zps
2021-02-09 15:05 - 2021-02-09 15:05 - 000000110 ____H C:\Users\Kengura\Downloads\120818811_2711413462449382_1354154157831541484_o.jpg.uid-zps
2021-02-07 13:26 - 2021-02-12 12:50 - 000000000 ____D C:\Program Files\CyberLink
2021-02-05 19:28 - 2021-02-05 19:38 - 000000000 ____D C:\Users\Kengura\AppData\Roaming\Software Informer
2021-02-05 19:28 - 2021-02-05 19:28 - 000000000 ____D C:\ProgramData\Informer Technologies, Inc
2021-02-02 18:05 - 2021-02-02 07:01 - 000072484 ____N C:\Users\Kengura\Downloads\Roční vyúčtování k pojistné smlouvě č 7182366191 .pdf
2021-02-02 18:05 - 2021-02-02 07:01 - 000052504 ____N C:\Users\Kengura\Downloads\Informace k platbě Vašeho pojištění č 7182366191.pdf
2021-01-30 16:33 - 2021-01-30 16:33 - 000001887 _____ C:\ProgramData\Desktop\Zoner Photo Studio 16 x64.lnk
2021-01-30 16:33 - 2021-01-30 16:33 - 000000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Zoner Photo Studio 16
2021-01-30 16:33 - 2021-01-30 16:33 - 000000000 ____D C:\Program Files\Zoner
2021-01-30 11:58 - 2021-01-30 19:42 - 000000000 ____D C:\Program Files (x86)\WinTools Software
2021-01-30 11:58 - 2021-01-30 11:58 - 000001381 _____ C:\ProgramData\Desktop\WinTools.net Premium.lnk
2021-01-30 11:58 - 2021-01-30 11:58 - 000000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\WinTools.net Premium
2021-01-28 13:08 - 2021-01-28 17:56 - 000000000 ____D C:\Users\Kengura\AppData\Local\TeamViewer
2021-01-28 13:07 - 2021-01-28 13:08 - 000000000 ____D C:\Users\Kengura\AppData\Roaming\TeamViewer
2021-01-23 21:13 - 2021-01-23 21:13 - 003791862 _____ C:\Users\Kengura\Downloads\Ivrit-min-hahatchala-1-74.pdf
2021-01-22 17:35 - 2021-01-23 12:09 - 000000959 _____ C:\ProgramData\Desktop\calibre 64bit - E-book management.lnk
2021-01-22 17:35 - 2021-01-23 12:09 - 000000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\calibre 64bit - E-book Management
2021-01-22 17:35 - 2021-01-23 12:09 - 000000000 ____D C:\Program Files\Calibre2
2021-01-22 16:21 - 2021-01-22 16:21 - 000000000 ____D C:\Users\Kengura\AppData\Local\cache
2021-01-21 19:50 - 2021-01-23 12:39 - 000000000 ____D C:\Users\Kengura\AppData\Roaming\calibre
2021-01-21 18:44 - 2021-01-21 18:44 - 008457584 _____ (Malwarebytes) C:\Users\Kengura\Desktop\adwcleaner_8.0.9.1.exe
2021-01-21 14:29 - 2021-02-11 19:10 - 000000000 ____D C:\Users\Kengura\AppData\Local\D3DSCache
2021-01-20 19:43 - 2021-01-20 19:43 - 000000000 ____D C:\Users\Kengura\AppData\Local\FTMod
2021-01-20 19:14 - 2021-01-20 19:14 - 000000000 ____D C:\Users\Kengura\AppData\Local\PeerDistRepub
2021-01-20 17:31 - 2021-01-20 16:11 - 000024064 _____ C:\WINDOWS\zoek-delete.exe
2021-01-19 14:07 - 2020-12-20 12:03 - 000340576 _____ (AVAST Software) C:\WINDOWS\system32\aswBoot.exe

==================== One month (modified) ==================

(If an entry is included in the fixlist, the file/folder will be moved.)

2021-02-13 16:49 - 2020-08-28 14:13 - 000000000 ____D C:\ProgramData\NVIDIA
2021-02-13 16:47 - 2020-08-28 14:48 - 000000000 ____D C:\Users\Kengura\AppData\LocalLow\Mozilla
2021-02-13 16:46 - 2020-08-28 14:47 - 000000000 ____D C:\ProgramData\Mozilla
2021-02-13 16:27 - 2019-12-07 10:14 - 000000000 ____D C:\ProgramData\regid.1991-06.com.microsoft
2021-02-13 15:40 - 2020-11-12 12:22 - 000000000 ____D C:\Program Files\CCleaner
2021-02-13 11:53 - 2020-09-12 13:06 - 000000000 ____D C:\WINDOWS\system32\SleepStudy
2021-02-13 11:43 - 2020-09-02 18:30 - 000000000 ____D C:\ProgramData\Avast Software
2021-02-13 11:27 - 2020-09-12 13:32 - 000000006 ____H C:\WINDOWS\Tasks\SA.DAT
2021-02-13 11:27 - 2020-09-12 13:05 - 000008192 ___SH C:\DumpStack.log.tmp
2021-02-12 21:28 - 2019-12-07 10:03 - 000524288 _____ C:\WINDOWS\system32\config\BBI
2021-02-12 19:27 - 2020-08-28 20:11 - 000000000 ____D C:\Program Files (x86)\WinRAR
2021-02-12 19:20 - 2019-12-07 10:13 - 000000000 ____D C:\WINDOWS\INF
2021-02-12 17:50 - 2020-08-28 20:01 - 000000000 ____D C:\Program Files\WinRAR
2021-02-12 17:13 - 2020-09-13 14:07 - 000000000 ____D C:\FFOutput
2021-02-12 15:55 - 2020-09-01 16:09 - 000000000 ____D C:\Users\Kengura\AppData\Roaming\CyberLink
2021-02-12 12:35 - 2020-09-01 15:06 - 000000000 ____D C:\ProgramData\CLSK
2021-02-12 12:34 - 2020-09-12 12:10 - 000000000 ____D C:\WINDOWS\system32\Drivers\CLFCL5.20
2021-02-12 12:34 - 2020-08-29 10:04 - 000000000 ___HD C:\Program Files (x86)\InstallShield Installation Information
2021-02-12 12:27 - 2020-09-01 15:06 - 000000000 ____D C:\ProgramData\install_clap
2021-02-12 12:26 - 2020-09-01 15:06 - 000000000 ___HD C:\ProgramData\CyberLink
2021-02-12 12:23 - 2020-12-17 17:50 - 000003400 _____ C:\WINDOWS\system32\Tasks\GoogleUpdateTaskMachineUA
2021-02-12 12:23 - 2020-12-17 17:50 - 000003176 _____ C:\WINDOWS\system32\Tasks\GoogleUpdateTaskMachineCore
2021-02-12 12:23 - 2020-11-28 12:36 - 000003250 _____ C:\WINDOWS\system32\Tasks\Antivirus Emergency Update
2021-02-12 12:23 - 2020-11-28 12:35 - 000003396 _____ C:\WINDOWS\system32\Tasks\AVGUpdateTaskMachineUA
2021-02-12 12:23 - 2020-11-28 12:35 - 000003172 _____ C:\WINDOWS\system32\Tasks\AVGUpdateTaskMachineCore
2021-02-12 12:23 - 2020-11-28 12:35 - 000003088 _____ C:\WINDOWS\system32\Tasks\AVG Secure Browser Heartbeat Task (Hourly)
2021-02-12 12:23 - 2020-11-28 12:35 - 000002606 _____ C:\WINDOWS\system32\Tasks\AVG Secure Browser Heartbeat Task (Logon)
2021-02-12 12:23 - 2020-11-14 18:11 - 000002238 _____ C:\WINDOWS\system32\Tasks\CCleanerSkipUAC
2021-02-12 12:23 - 2020-11-12 12:22 - 000003194 _____ C:\WINDOWS\system32\Tasks\CCleaner Update
2021-02-12 12:23 - 2020-11-05 18:01 - 000002914 _____ C:\WINDOWS\system32\Tasks\NvNodeLauncher_{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}
2021-02-12 12:23 - 2020-11-05 18:00 - 000003398 _____ C:\WINDOWS\system32\Tasks\NvDriverUpdateCheckDaily_{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}
2021-02-12 12:23 - 2020-11-05 18:00 - 000003196 _____ C:\WINDOWS\system32\Tasks\NvBatteryBoostCheckOnLogon_{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}
2021-02-12 12:23 - 2020-09-12 13:32 - 000000000 ____D C:\WINDOWS\system32\Tasks\AVAST Software
2021-02-11 17:43 - 2020-09-13 13:43 - 000000000 ____D C:\Program Files (x86)\FormatFactory
2021-02-11 13:32 - 2020-10-05 13:04 - 000000000 ____D C:\Program Files\trend micro
2021-02-10 15:30 - 2020-10-28 20:23 - 000000000 ____D C:\Program Files\Mozilla Firefox
2021-02-10 12:54 - 2020-08-28 14:47 - 000001005 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Firefox.lnk
2021-02-10 12:49 - 2020-08-29 10:13 - 000000000 ____D C:\Users\Kengura\AppData\Local\CrashDumps
2021-02-10 11:03 - 2020-12-17 17:50 - 000002207 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Google Chrome.lnk
2021-02-10 11:03 - 2020-12-17 17:50 - 000002166 _____ C:\ProgramData\Desktop\Google Chrome.lnk
2021-02-07 16:43 - 2020-12-20 12:04 - 000004264 _____ C:\WINDOWS\system32\Tasks\Avast Emergency Update
2021-02-06 17:50 - 2020-08-28 14:09 - 000000000 ____D C:\Users\Kengura\AppData\Local\Packages
2021-02-06 17:37 - 2020-12-20 12:03 - 000000000 ____D C:\Program Files\Avast Software
2021-02-06 15:51 - 2019-12-07 10:14 - 000000000 ___HD C:\Program Files\WindowsApps
2021-02-05 15:34 - 2020-08-28 15:55 - 000000000 ____D C:\Users\Kengura\Knihovna Calibre
2021-02-03 12:59 - 2020-11-02 21:01 - 000000000 ___RD C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Microsoft Office 2013
2021-01-31 21:10 - 2020-09-12 12:13 - 000000000 ____D C:\Users\Kengura
2021-01-31 11:54 - 2019-12-07 10:14 - 000000000 ____D C:\WINDOWS\system32\NDF
2021-01-31 11:40 - 2020-12-15 18:15 - 000355752 _____ C:\WINDOWS\system32\FNTCACHE.DAT
2021-01-30 19:46 - 2021-01-01 22:02 - 000000000 ____D C:\Users\Kengura\AppData\Roaming\WinTools
2021-01-28 18:19 - 2019-12-07 10:14 - 000000000 ____D C:\WINDOWS\system32\Catroot2.old
2021-01-28 18:05 - 2020-08-28 14:03 - 000000000 ____D C:\WINDOWS\SoftwareDistribution.old
2021-01-28 12:25 - 2020-09-03 18:27 - 000000000 ____D C:\Users\Kengura\AppData\Local\NVIDIA Corporation
2021-01-27 20:16 - 2020-12-17 10:30 - 000000000 ____D C:\WINDOWS\pss
2021-01-27 20:04 - 2020-12-15 18:16 - 000000214 _____ C:\WINDOWS\Tasks\CreateExplorerShellUnelevatedTask.job
2021-01-22 18:27 - 2020-11-13 17:04 - 000000000 ____D C:\ProgramData\Malwarebytes
2021-01-22 16:02 - 2019-12-07 10:14 - 000000000 ____D C:\WINDOWS\LiveKernelReports
2021-01-19 23:01 - 2019-12-07 10:54 - 000000000 ____D C:\Program Files\Windows Defender Advanced Threat Protection
2021-01-19 23:01 - 2019-12-07 10:14 - 000000000 __RSD C:\WINDOWS\Media
2021-01-19 23:01 - 2019-12-07 10:14 - 000000000 ___SD C:\WINDOWS\SysWOW64\F12
2021-01-19 23:01 - 2019-12-07 10:14 - 000000000 ___SD C:\WINDOWS\system32\UNP
2021-01-19 23:01 - 2019-12-07 10:14 - 000000000 ___SD C:\WINDOWS\system32\Nui
2021-01-19 23:01 - 2019-12-07 10:14 - 000000000 ____D C:\WINDOWS\SysWOW64\ras
2021-01-19 23:01 - 2019-12-07 10:14 - 000000000 ____D C:\WINDOWS\SysWOW64\Keywords
2021-01-19 23:01 - 2019-12-07 10:14 - 000000000 ____D C:\WINDOWS\SysWOW64\Dism
2021-01-19 23:01 - 2019-12-07 10:14 - 000000000 ____D C:\WINDOWS\SystemResources
2021-01-19 23:01 - 2019-12-07 10:14 - 000000000 ____D C:\WINDOWS\system32\WinBioPlugIns
2021-01-19 23:01 - 2019-12-07 10:14 - 000000000 ____D C:\WINDOWS\system32\ras
2021-01-19 23:01 - 2019-12-07 10:14 - 000000000 ____D C:\WINDOWS\system32\oobe
2021-01-19 23:01 - 2019-12-07 10:14 - 000000000 ____D C:\WINDOWS\system32\icsxml
2021-01-19 23:01 - 2019-12-07 10:14 - 000000000 ____D C:\WINDOWS\system32\Dism
2021-01-19 23:01 - 2019-12-07 10:14 - 000000000 ____D C:\WINDOWS\system32\DDFs
2021-01-19 23:01 - 2019-12-07 10:14 - 000000000 ____D C:\WINDOWS\ShellExperiences
2021-01-19 23:01 - 2019-12-07 10:14 - 000000000 ____D C:\WINDOWS\Provisioning
2021-01-19 23:01 - 2019-12-07 10:14 - 000000000 ____D C:\WINDOWS\L2Schemas
2021-01-19 23:01 - 2019-12-07 10:14 - 000000000 ____D C:\WINDOWS\DiagTrack
2021-01-19 23:01 - 2019-12-07 10:14 - 000000000 ____D C:\WINDOWS\Cursors
2021-01-19 22:52 - 2019-12-07 10:14 - 000000000 ____D C:\WINDOWS\registration
2021-01-19 14:08 - 2021-01-13 13:57 - 000002048 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Avast Premium Security.lnk
2021-01-19 14:08 - 2021-01-13 13:57 - 000002036 _____ C:\ProgramData\Desktop\Avast Premium Security.lnk
2021-01-19 14:07 - 2019-12-07 10:14 - 000000000 ___HD C:\WINDOWS\ELAMBKUP
2021-01-17 15:06 - 2020-08-28 14:47 - 000000000 ____D C:\Program Files (x86)\Mozilla Maintenance Service

==================== Files in the root of some directories ========

2021-01-07 17:05 - 2021-01-07 17:05 - 000000017 _____ () C:\Users\Kengura\AppData\Local\resmon.resmoncfg

==================== SigCheck ============================

(There is no automatic fix for files that do not pass verification.)

==================== End of FRST.txt ========================

Uživatelský avatar
Diallix
Rádce
Rádce
Příspěvky: 2760
Registrován: 27 dub 2008 10:34
Kontaktovat uživatele:

Re: Prosím o preventivní kontrolu

#14 Příspěvek od Diallix »

Ano, to je ono :]]

V prvom rade odinstalujte jeden antivirus.

Do poznamkoveho bloku skopirujte obsah dole:

Kód: Vybrat vše

CloseProcesses:
CreateRestorePoint:

KLM\SOFTWARE\Policies\Mozilla\Firefox: Restriction <==== ATTENTION
Task: {0FE89BA3-BB48-4272-8B25-905D6839265B} - System32\Tasks\GoogleUpdateTaskMachineUA => C:\Program Files (x86)\Google\Update\GoogleUpdate.exe [155592 2020-12-17] (Google LLC -> Google LLC)
Task: {13E87BA6-1DE9-4020-94BB-0EE4A9BB4CD1} - \Outbyte\PC Repair\NewDeceptors -> No File <==== ATTENTION
Task: {5AB95BF8-3FCA-40FA-8111-C77716652810} - System32\Tasks\GoogleUpdateTaskMachineCore => C:\Program Files (x86)\Google\Update\GoogleUpdate.exe [155592 2020-12-17] (Google LLC -> Google LLC)
FF Homepage: Mozilla\Firefox\Profiles\jmsljlgl.default -> about:home
FF NewTab: Mozilla\Firefox\Profiles\jmsljlgl.default -> about:newtab
FF NewTab: Mozilla\Firefox\Profiles\neqb5u83.default-release-1605118126751 -> about:newtab
CHR DefaultSearchURL: Default -> hxxps://search.yahoo.com/search?fr=mcafee_uninternational&type=E210CZ91082G91461&p={searchTerms}
CHR DefaultSearchKeyword: Default -> mcafee
S3 MBAMFarflt; system32\DRIVERS\farflt.sys [X]
S3 MBAMProtection; \SystemRoot\system32\DRIVERS\mbam.sys [X]
S3 MBAMWebProtection; \SystemRoot\system32\DRIVERS\mwac.sys [X]
HKLM\Software\Wow6432Node\Microsoft\Internet Explorer\Main,Start Page = about:blank
HKLM\Software\Wow6432Node\Microsoft\Internet Explorer\Main,Default_Page_URL =
HKLM\Software\Wow6432Node\Microsoft\Internet Explorer\Main,Default_Search_URL =
HKLM\Software\Microsoft\Internet Explorer\Main,Local Page =
FirewallRules: [{4B6A49CF-B3A3-4749-BDA5-04610901343E}] => (Allow) LPort=31300
HKLM\...\StartupApproved\Run32: => "SunJavaUpdateSched"
HKLM\...\StartupApproved\Run32: => "PWRISOVM.EXE"
HKLM\...\StartupApproved\Run32: => "PowerDVD20Agent"
HKLM\...\StartupApproved\Run: => "PowerDVD20Agent"
HKLM\...\StartupApproved\Run: => "PWRISOVM.EXE"

EmptyTemp:

Poznamkovy blok ulozte pod nazvom fixlist.txt do umiestnenia kde je FRST.
Spustite FRST a odkliknite tlacidlo: Fix
Vykona sa funkcionalita po ktorej sa pocitac rebootuje. Po reboote sem vlozte obsah logu: fixlog.txt ulozeneho v umiestneni FRST.
Vyšla moja nová kniha BOTNETY! :173: Informácie o nej nájdete tu: >> BOTNETY <<

¯­­­¯­­­¯­­­¯­­­¯­­­¯­­­¯­­­¯­­­¯­­­¯­­­¯­­­¯­­­¯­­­¯­­­¯­­­¯­­­¯­­­¯­­­¯­­­¯­­­¯­­­¯­­­¯­­­¯­­­¯­­­¯­­­¯­­­¯­­­¯­­­¯­­­¯­­­¯­­­¯­­­¯­­­¯­­­¯­­­¯­­­¯­­­¯­­­¯­­­¯­­­¯­­­¯­­­¯­­­¯­­­¯­­­¯­­­¯­­­¯­­­¯­­­¯­­­¯­­­¯­­­¯­­­¯­­­¯­­­¯­­­¯­­­¯­­­¯­­­¯­­­¯­­­¯­­­¯­­­¯­­­¯­­­¯­­­¯­­­¯­­­¯­­­¯­­­¯­­­¯­­­¯­­­¯­­­¯­­­¯­­­¯­­­¯­­­¯­­­¯­­­¯­­­¯­­­¯­­­¯­­­¯­­­¯­­­¯­­­¯­­­¯­­­¯­­­¯­­­¯­­­¯­­­¯­­­¯­­­¯­­­¯­­­¯­­­¯­­­¯­­­¯­­­¯­­­¯­­­¯­­­¯­­­¯­­­¯­­­¯­­­¯­­­¯­­­¯­­­¯­­­¯­­­¯­­­¯­­­¯­­­¯­­­¯­­­¯­­­¯­­­¯­­­¯­­­¯­­­¯­­­¯­­­¯­­­¯­­­¯­­­¯­­­¯­­­¯­­­¯­­­¯­­­¯­­­¯­­­¯­­­¯­­­¯­­­¯­­­¯­­­
---
Obrázek Hľadáme nové posily do nášej CyberSecurity UNIT jednotky. Viac informácií o tom, čo to obnáša a ako sa pripojiť nájdete tu: >> CyberSecurity UNIT << Obrázek
----
Nízkoúrovňový, Vysokoúrovňový programátor - profilová karta tu: card <<
----
Háveťárna - UPLOAD Malwaru: >> upload <<
---
Ak sa Vám ľúbi moja práca a ste sňou spokojný, môžete ma kontaktovať na: diallix@centrum.sk, info@diallix.net alebo diallix@forum.viry.cz .
---
Momentálne aktívny ako:
- konzultant, vývojár a tutor výskumu inteligentného malwaru.
- tutor v oblasti dotazovacích jazykoch SQL (TSQL, PLSQL), objektového programovania (c++,c#,php) pre študentov.

Na fóre pôsobím ako:
- Bezpečnostná autorita viry.cz
- Zástupca tutora pre vzdelávanie nováčikov
- Zakladateľ Cyber Security jednotky

kemgura07
Návštěvník
Návštěvník
Příspěvky: 43
Registrován: 26 lis 2019 22:56

Re: Prosím o preventivní kontrolu

#15 Příspěvek od kemgura07 »

Jaký antivirus máte na mysli? Mám jen Avast...

Zamčeno