Odvirování PC, zrychlení počítače, vzdálená pomoc prostřednictvím služby neslape.cz

PC dlouho od spuštění stále něco načítá

Nemáte v tuto chvíli žádný problém s pc a chcete se jen ujistit, že je vše v pořádku?
Vložte log z FRST nebo RSIT.

Moderátor: Moderátoři

Pravidla fóra
Pokud chcete pomoc, vložte log z FRST [návod zde] nebo RSIT [návod zde]

Jednotlivé thready budou po vyřešení uzamčeny. Stejně tak ty, které budou nečinné déle než 14 dní. Vizte Pravidlo o zamykání témat. Děkujeme za pochopení.

!NOVINKA!
Nově lze využívat služby vzdálené pomoci, kdy se k vašemu počítači připojí odborník a bližší informace o problému si od vás získá telefonicky! Více na www.neslape.cz
Zamčeno
Zpráva
Autor
mlzd
Návštěvník
Návštěvník
Příspěvky: 114
Registrován: 02 led 2005 00:36
Bydliště: VDF

PC dlouho od spuštění stále něco načítá

#1 Příspěvek od mlzd »

Dobrý den.
prosím o kontrolu. PC ještě dlouho pos puštění stále něco načítá, zpomaluje se ostatní činnost na něm. Děkuji, Zdenek.

Scan result of Farbar Recovery Scan Tool (FRST) (x64) Version: 15-05-2021
Ran by wow (administrator) on DESKTOP-89RL4UG (LENOVO 90F1001ECK) (17-05-2021 09:21:15)
Running from C:\Users\wow\Desktop
Loaded Profiles: wow
Platform: Windows 10 Home Version 2004 19041.985 (X64) Language: Angličtina (Spojené státy) -> Čeština (Česko)
Default browser: FF
Boot Mode: Normal

==================== Processes (Whitelisted) =================

(If an entry is included in the fixlist, the process will be closed. The file will not be moved.)

() [File not signed] C:\Program Files (x86)\Intel\Intel(R) Security Assist\isaHelperService.exe
() [File not signed] C:\Program Files\Lenovo\Lenovo Slim USB Keyboard\Sks8821.exe
(Adobe Inc. -> Adobe Inc.) C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\armsvc.exe
(Adobe Inc. -> Adobe Systems, Incorporated) C:\Program Files (x86)\Common Files\Adobe\AdobeGCClient\AGMService.exe
(Adobe Inc. -> Adobe Systems, Incorporated) C:\Program Files (x86)\Common Files\Adobe\AdobeGCClient\AGSService.exe
(Avast Software s.r.o. -> AVAST Software) C:\Program Files (x86)\AVAST Software\Browser\Update\1.8.1065.0\AvastBrowserCrashHandler.exe
(Avast Software s.r.o. -> AVAST Software) C:\Program Files (x86)\AVAST Software\Browser\Update\1.8.1065.0\AvastBrowserCrashHandler64.exe
(Avast Software s.r.o. -> AVAST Software) C:\Program Files\AVAST Software\Avast\aswEngSrv.exe
(Avast Software s.r.o. -> AVAST Software) C:\Program Files\AVAST Software\Avast\aswidsagent.exe
(Avast Software s.r.o. -> AVAST Software) C:\Program Files\AVAST Software\Avast\aswToolsSvc.exe
(Avast Software s.r.o. -> AVAST Software) C:\Program Files\AVAST Software\Avast\AvastSvc.exe
(Avast Software s.r.o. -> AVAST Software) C:\Program Files\AVAST Software\Avast\AvastUI.exe <3>
(Avast Software s.r.o. -> AVAST Software) C:\Program Files\AVAST Software\Avast\wsc_proxy.exe
(Google LLC -> ) C:\Program Files\Google\Drive\googledrivesync.exe <2>
(Google LLC -> Google LLC) C:\Program Files (x86)\Google\Update\1.3.36.82\GoogleCrashHandler.exe
(Google LLC -> Google LLC) C:\Program Files (x86)\Google\Update\1.3.36.82\GoogleCrashHandler64.exe
(HP Inc. -> HP Inc.) C:\Program Files\HPPrintScanDoctor\HPPrintScanDoctorService.exe
(Intel Corporation - Embedded Subsystems and IP Blocks Group -> Intel Corporation) C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\DAL\jhi_service.exe
(Intel Corporation - Embedded Subsystems and IP Blocks Group -> Intel Corporation) C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\LMS\LMS.exe
(LITEON) [File not signed] C:\Program Files\Lenovo\Lenovo Slim USB Keyboard\skdh8821.exe
(Malwarebytes Inc -> Malwarebytes) C:\Program Files\Malwarebytes\Anti-Malware\MBAMService.exe
(Malwarebytes Inc -> Malwarebytes) C:\Program Files\Malwarebytes\Anti-Malware\mbamtray.exe
(Microsoft Corporation -> Microsoft Corporation) C:\Windows\Microsoft.NET\Framework64\v3.0\WPF\PresentationFontCache.exe
(Microsoft Windows -> Microsoft Corporation) C:\Windows\System32\dllhost.exe <2>
(Microsoft Windows -> Microsoft Corporation) C:\Windows\System32\MusNotifyIcon.exe
(Microsoft Windows -> Microsoft Corporation) C:\Windows\System32\oobe\UserOOBEBroker.exe
(Microsoft Windows -> Microsoft Corporation) C:\Windows\System32\smartscreen.exe
(Microsoft Windows Hardware Compatibility Publisher -> ) C:\Windows\System32\igfxTray.exe
(Microsoft Windows Hardware Compatibility Publisher -> Intel Corporation) C:\Windows\System32\igfxCUIService.exe
(Microsoft Windows Hardware Compatibility Publisher -> Intel Corporation) C:\Windows\System32\igfxEM.exe
(Microsoft Windows Hardware Compatibility Publisher -> Intel Corporation) C:\Windows\System32\igfxHK.exe
(Mozilla Corporation -> Mozilla Corporation) C:\Program Files\Mozilla Firefox\firefox.exe <7>
(Realtek Semiconductor Corp -> Realtek Semiconductor) C:\Program Files\Realtek\Audio\HDA\RAVBg64.exe
(Realtek Semiconductor Corp -> Realtek Semiconductor) C:\Program Files\Realtek\Audio\HDA\RAVCpl64.exe

==================== Registry (Whitelisted) ===================

(If an entry is included in the fixlist, the registry item will be restored to default or removed. The file will not be moved.)

HKLM\...\Run: [Skd8821] => C:\Program Files\Lenovo\Lenovo Slim USB Keyboard\Skd8821.exe [2203648 2015-07-24] (LITE-ON TECHNOLOGY CORP.) [File not signed]
HKLM\...\Run: [AvastUI.exe] => C:\Program Files\AVAST Software\Avast\AvLaunch.exe [118496 2021-04-30] (Avast Software s.r.o. -> AVAST Software)
HKLM\...\Run: [UMonit] => C:\WINDOWS\SysWOW64\UMonit64.exe [53832 2015-07-15] (Microsoft Windows Hardware Compatibility Publisher -> )
HKLM\...\Run: [AdobeGCInvoker-1.0] => C:\Program Files (x86)\Common Files\Adobe\AdobeGCClient\AGCInvokerUtility.exe [3412680 2021-02-17] (Adobe Inc. -> Adobe Systems, Incorporated)
HKLM-x32\...\Run: [GrooveMonitor] => C:\Program Files (x86)\Microsoft Office\Office12\GrooveMonitor.exe [30040 2009-02-26] (Microsoft Corporation -> Microsoft Corporation)
HKU\S-1-5-21-3829197068-2955107618-1151059083-1001\...\Run: [GoogleDriveSync] => C:\Program Files\Google\Drive\googledrivesync.exe [50041472 2021-03-12] (Google LLC -> )
HKU\S-1-5-21-3829197068-2955107618-1151059083-1001\...\Run: [CCleaner Smart Cleaning] => C:\Program Files\CCleaner\CCleaner64.exe [33698888 2021-04-22] (Piriform Software Ltd -> Piriform Software Ltd)
HKU\S-1-5-21-3829197068-2955107618-1151059083-1001\...\Run: [Zoner Photo Studio Autoupdate] => C:\Program Files\Zoner\Photo Studio 17\Program32\ZPSTRAY.EXE [563416 2015-07-12] (ZONER software, a.s. -> ZONER software)
HKU\S-1-5-21-3829197068-2955107618-1151059083-1001\...\MountPoints2: {c238881e-3093-11e7-9bcb-b8aeed9e8c33} - "G:\WD Drive Unlock.exe" autoplay=true
HKLM\Software\Microsoft\Active Setup\Installed Components: [{30C521FB-255B-46C8-9F0D-EE5AE371C9AA}] -> C:\Program Files (x86)\AVAST Software\Browser\Application\90.0.9316.93\Installer\chrmstp.exe [2021-05-06] (Avast Software s.r.o. -> AVAST Software)
HKLM\Software\Microsoft\Active Setup\Installed Components: [{8A69D345-D564-463c-AFF1-A69D9E530F96}] -> C:\Program Files (x86)\Google\Chrome\Application\90.0.4430.212\Installer\chrmstp.exe [2021-05-13] (Google LLC -> Google LLC)
HKLM\Software\Wow6432Node\Microsoft\Active Setup\Installed Components: [{30C521FB-255B-46C8-9F0D-EE5AE371C9AA}] -> "C:\Program Files (x86)\AVAST Software\Browser\Application\86.1.6782.183\Installer\chrmstp.exe" --configure-user-settings --verbose-logging --system-level
BootExecute: autocheck autochk * icarus_rvrt.exe
HKLM\SOFTWARE\Policies\Mozilla\Firefox: Restriction <==== ATTENTION

==================== Scheduled Tasks (Whitelisted) ============

(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)

Task: {0477F3B5-7BD9-4915-B799-5733351AD00A} - System32\Tasks\HP\HP Print Scan Doctor\Printer Health Monitor => C:\Program Files\HPPrintScanDoctor\HPPrinterHealthMonitor.exe [38504 2021-05-10] (HP Inc. -> HP Inc.)
Task: {0B027715-E8F3-471C-8E12-38A46BB1B152} - System32\Tasks\RTKCPL => C:\Program Files\Realtek\Audio\HDA\RAVCpl64.exe [14021336 2015-06-18] (Realtek Semiconductor Corp -> Realtek Semiconductor)
Task: {10624289-28C4-44D3-B739-B9A39B5D9DD8} - System32\Tasks\CCleaner Update => C:\Program Files\CCleaner\CCUpdate.exe [684976 2021-04-22] (Piriform Software Ltd -> Piriform)
Task: {13A71560-E1FF-4F3C-9351-5C5CD38EA73B} - System32\Tasks\GoogleUpdateTaskMachineCore => C:\Program Files (x86)\Google\Update\GoogleUpdate.exe [153168 2017-05-04] (Google Inc -> Google Inc.)
Task: {1F384BCA-F7BC-4900-8EC0-5EFF9A6E64A2} - System32\Tasks\Avast Secure Browser Heartbeat Task (Logon) => C:\Program Files (x86)\AVAST Software\Browser\Application\AvastBrowser.exe [2235800 2021-04-27] (Avast Software s.r.o. -> AVAST Software)
Task: {332BEADE-FA59-4DE0-A8AE-703E098EF9EE} - System32\Tasks\Lenovo\Lenovo Customer Feedback Program 64 35 => C:\Program Files (x86)\Lenovo\Customer Feedback Program 35\Lenovo.TVT.CustomerFeedback.Agent35.exe [16832 2015-07-02] (LENOVO -> Lenovo)
Task: {3604CD51-66DB-41D2-BE66-177777A8D7EF} - System32\Tasks\Avast Software\Overseer => C:\Program Files\Common Files\Avast Software\Overseer\overseer.exe [1790184 2021-04-30] (Avast Software s.r.o. -> Avast Software)
Task: {376BF646-AAB3-4006-BEF8-63BEFDC4FF3A} - System32\Tasks\Avast Secure Browser Heartbeat Task (Hourly) => C:\Program Files (x86)\AVAST Software\Browser\Application\AvastBrowser.exe [2235800 2021-04-27] (Avast Software s.r.o. -> AVAST Software)
Task: {3CA42C64-BB1B-4A4F-910E-D797E5FEBC39} - System32\Tasks\RtHDVBg_LENOVO_MICPKEY => C:\Program Files\Realtek\Audio\HDA\RAVBg64.exe [1393880 2015-04-28] (Realtek Semiconductor Corp -> Realtek Semiconductor)
Task: {5853D4A8-F101-4BD6-8222-1D11E87D930D} - System32\Tasks\CCleanerSkipUAC => C:\Program Files\CCleaner\CCleaner.exe [28082760 2021-04-22] (Piriform Software Ltd -> Piriform Software Ltd)
Task: {682FA09C-6ECB-4EC5-AF92-A8247A922FD3} - System32\Tasks\Lenovo\Experience Improvement => C:\Program Files\Lenovo\ExperienceImprovement\LenovoExperienceImprovement.exe
Task: {6910D012-B236-413F-91E3-E3E7F31B80B1} - System32\Tasks\Microsoft\Windows Live\SOXE\Extractor Definitions Update Task => {3519154C-227E-47F3-9CC9-12C3F05817F1}
Task: {A263ED01-D78A-4D57-9923-E968C83B26C1} - System32\Tasks\Adobe Acrobat Update Task => C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\AdobeARM.exe [1557200 2021-01-25] (Adobe Inc. -> Adobe Inc.)
Task: {A8440C5E-8D72-4D08-9A8C-9B1E29F496E5} - System32\Tasks\AvastUpdateTaskMachineUA => C:\Program Files (x86)\AVAST Software\Browser\Update\AvastBrowserUpdate.exe [194200 2020-10-27] (Avast Software s.r.o. -> AVAST Software)
Task: {B2940D65-C518-40F4-A879-CE4A2C35D1B1} - System32\Tasks\HP\HP Print Scan Doctor\Printer Health Monitor Logon => C:\Program Files\HPPrintScanDoctor\HPPrinterHealthMonitor.exe [38504 2021-05-10] (HP Inc. -> HP Inc.)
Task: {B442D0A0-2348-426C-930B-F851EAE5F57B} - System32\Tasks\Mozilla\Firefox Default Browser Agent 308046B0AF4A39CB => C:\Program Files\Mozilla Firefox\default-browser-agent.exe [696304 2021-05-08] (Mozilla Corporation -> Mozilla Foundation)
Task: {B91AAD48-B722-4AEC-94F6-A3D60CF2428F} - System32\Tasks\GoogleUpdateTaskMachineUA => C:\Program Files (x86)\Google\Update\GoogleUpdate.exe [153168 2017-05-04] (Google Inc -> Google Inc.)
Task: {BFF500AA-A1F8-4461-8B39-991B0538D9B0} - System32\Tasks\AVAST Software\Avast settings backup => C:\Program Files\Common Files\AV\avast! Antivirus\backup.exe
Task: {D32679CA-202F-495E-BDC5-25DA16392DDA} - System32\Tasks\AvastUpdateTaskMachineCore => C:\Program Files (x86)\AVAST Software\Browser\Update\AvastBrowserUpdate.exe [194200 2020-10-27] (Avast Software s.r.o. -> AVAST Software)
Task: {D921ED68-211B-4E87-8CD1-D966195A8B45} - System32\Tasks\Microsoft\Windows\PLA\LSC Memory => C:\Windows\system32\rundll32.exe C:\Windows\system32\pla.dll,PlaHost "LSC Memory" "$(Arg0)"
Task: {E107EB7E-DA3E-477F-A8CA-600CAC5A6F71} - System32\Tasks\AdobeGCInvoker-1.0 => C:\Program Files (x86)\Common Files\Adobe\AdobeGCClient\AGCInvokerUtility.exe [3412680 2021-02-17] (Adobe Inc. -> Adobe Systems, Incorporated)
Task: {F033AC8C-01D9-4C7B-97AB-5C0504184217} - System32\Tasks\Avast Emergency Update => C:\Program Files\AVAST Software\Avast\AvEmUpdate.exe [4699872 2021-04-30] (Avast Software s.r.o. -> AVAST Software)

(If an entry is included in the fixlist, the task (.job) file will be moved. The file which is running by the task will not be moved.)


==================== Internet (Whitelisted) ====================

(If an item is included in the fixlist, if it is a registry item it will be removed or restored to default.)

Tcpip\Parameters: [DhcpNameServer] 10.0.0.138
Tcpip\..\Interfaces\{39597aef-b25c-4b33-9f95-6ddc1c9a2f2a}: [DhcpNameServer] 10.0.0.138

Edge:
=======
Edge Extension: (No Name) -> AutoFormFill_5ED10D46BD7E47DEB1F3685D2C0FCE08 => C:\Windows\SystemApps\Microsoft.MicrosoftEdge_8wekyb3d8bbwe\Assets\HostExtensions\AutoFormFill [not found]
Edge Extension: (No Name) -> BookReader_B171F20233094AC88D05A8EF7B9763E8 => C:\Windows\SystemApps\Microsoft.MicrosoftEdge_8wekyb3d8bbwe\Assets\BookViewer [not found]
Edge Extension: (No Name) -> LearningTools_7706F933-971C-41D1-9899-8A026EB5D824 => C:\Windows\SystemApps\Microsoft.MicrosoftEdge_8wekyb3d8bbwe\Assets\HostExtensions\LearningTools [not found]
Edge Extension: (No Name) -> PinJSAPI_EC01B57063BE468FAB6DB7EBFC3BF368 => C:\Windows\SystemApps\Microsoft.MicrosoftEdge_8wekyb3d8bbwe\Assets\HostExtensions\PinJSAPI [not found]

FireFox:
========
FF DefaultProfile: py09br4x.default-1604058508666
FF ProfilePath: C:\Users\wow\AppData\Roaming\Mozilla\Firefox\Profiles\py09br4x.default-1604058508666 [2021-05-17]
FF Homepage: Mozilla\Firefox\Profiles\py09br4x.default-1604058508666 -> hxxps://www.seznam.cz/
FF Notifications: Mozilla\Firefox\Profiles\py09br4x.default-1604058508666 -> hxxps://www.pinterest.ca
FF ProfilePath: C:\Users\wow\AppData\Roaming\KompoZer\Profiles\qhlhqfx9.default [2018-04-30]
FF Plugin-x32: @intel-webapi.intel.com/Intel WebAPI ipt;version=4.0.68 -> C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\IPT\npIntelWebAPIIPT.dll [2015-04-21] (Intel(R) Identity Protection Technology Software -> Intel Corporation)
FF Plugin-x32: @intel-webapi.intel.com/Intel WebAPI updater -> C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\IPT\npIntelWebAPIUpdater.dll [2015-04-21] (Intel(R) Identity Protection Technology Software -> Intel Corporation)
FF Plugin-x32: @microsoft.com/WLPG,version=16.4.3528.0331 -> C:\Program Files (x86)\Windows Live\Photo Gallery\NPWLPG.dll [2014-03-31] (Microsoft Corporation -> Microsoft Corporation)
FF Plugin-x32: @update.avastbrowser.com/Avast Browser;version=3 -> C:\Program Files (x86)\AVAST Software\Browser\Update\1.8.1065.0\npAvastBrowserUpdate3.dll [2020-10-27] (Avast Software s.r.o. -> AVAST Software)
FF Plugin-x32: @update.avastbrowser.com/Avast Browser;version=9 -> C:\Program Files (x86)\AVAST Software\Browser\Update\1.8.1065.0\npAvastBrowserUpdate3.dll [2020-10-27] (Avast Software s.r.o. -> AVAST Software)
FF Plugin-x32: Adobe Reader -> C:\Program Files (x86)\Adobe\Acrobat Reader DC\Reader\AIR\nppdf32.dll [2021-04-27] (Adobe Inc. -> Adobe Systems Inc.)

Chrome:
=======
CHR Profile: C:\Users\wow\AppData\Local\Google\Chrome\User Data\Default [2021-05-16]
CHR Extension: (Slides) - C:\Users\wow\AppData\Local\Google\Chrome\User Data\Default\Extensions\aapocclcgogkmnckokdopfmhonfmgoek [2017-10-18]
CHR Extension: (Docs) - C:\Users\wow\AppData\Local\Google\Chrome\User Data\Default\Extensions\aohghmighlieiainnegkcijnfilokake [2017-10-18]
CHR Extension: (Google Drive) - C:\Users\wow\AppData\Local\Google\Chrome\User Data\Default\Extensions\apdfllckaahabafndbhieahigkjlhalf [2020-10-26]
CHR Extension: (YouTube) - C:\Users\wow\AppData\Local\Google\Chrome\User Data\Default\Extensions\blpcfgokakmgnkcojhhkbfbldkacnbeo [2017-05-04]
CHR Extension: (Sheets) - C:\Users\wow\AppData\Local\Google\Chrome\User Data\Default\Extensions\felcaaldnbdncclmgdcncolpebgiejap [2017-10-18]
CHR Extension: (Google Docs Offline) - C:\Users\wow\AppData\Local\Google\Chrome\User Data\Default\Extensions\ghbmnnjooekpmoecnnnilnnbdlolhkhi [2021-04-22]
CHR Extension: (Application Launcher For Drive (by Google)) - C:\Users\wow\AppData\Local\Google\Chrome\User Data\Default\Extensions\lmjegmlicamnimmfhcmpkclmigmmcbeh [2021-01-24]
CHR Extension: (Chrome Web Store Payments) - C:\Users\wow\AppData\Local\Google\Chrome\User Data\Default\Extensions\nmmhkkegccagdldgiimedpiccmgmieda [2021-01-29]
CHR Extension: (Gmail) - C:\Users\wow\AppData\Local\Google\Chrome\User Data\Default\Extensions\pjkljhegncpnkpknbcohdijeoejaedia [2020-10-23]
CHR Extension: (Chrome Media Router) - C:\Users\wow\AppData\Local\Google\Chrome\User Data\Default\Extensions\pkedcjkdefgpdelpbcmbmeomcjbeemfm [2021-04-23]
CHR HKU\S-1-5-21-3829197068-2955107618-1151059083-1001\SOFTWARE\Google\Chrome\Extensions\...\Chrome\Extension: [lmjegmlicamnimmfhcmpkclmigmmcbeh]

==================== Services (Whitelisted) ===================

(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)

R2 AdobeARMservice; C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\armsvc.exe [169672 2021-01-25] (Adobe Inc. -> Adobe Inc.)
R2 AGMService; C:\Program Files (x86)\Common Files\Adobe\AdobeGCClient\AGMService.exe [3780296 2021-02-17] (Adobe Inc. -> Adobe Systems, Incorporated)
R2 AGSService; C:\Program Files (x86)\Common Files\Adobe\AdobeGCClient\AGSService.exe [3548360 2021-02-17] (Adobe Inc. -> Adobe Systems, Incorporated)
R3 aswbIDSAgent; C:\Program Files\AVAST Software\Avast\aswidsagent.exe [7894040 2021-04-30] (Avast Software s.r.o. -> AVAST Software)
S2 avast; C:\Program Files (x86)\AVAST Software\Browser\Update\AvastBrowserUpdate.exe [194200 2020-10-27] (Avast Software s.r.o. -> AVAST Software)
R2 avast! Antivirus; C:\Program Files\AVAST Software\Avast\AvastSvc.exe [606944 2021-04-30] (Avast Software s.r.o. -> AVAST Software)
R2 avast! Tools; C:\Program Files\AVAST Software\Avast\aswToolsSvc.exe [356064 2021-04-30] (Avast Software s.r.o. -> AVAST Software)
S3 avastm; C:\Program Files (x86)\AVAST Software\Browser\Update\AvastBrowserUpdate.exe [194200 2020-10-27] (Avast Software s.r.o. -> AVAST Software)
S3 AvastSecureBrowserElevationService; C:\Program Files (x86)\AVAST Software\Browser\Application\90.0.9316.93\elevation_service.exe [1396968 2021-04-27] (Avast Software s.r.o. -> AVAST Software)
R2 AvastWscReporter; C:\Program Files\AVAST Software\Avast\wsc_proxy.exe [56920 2021-04-30] (Avast Software s.r.o. -> AVAST Software)
S2 Freemake Improver; C:\ProgramData\Freemake\FreemakeUtilsService\FreemakeUtilsService.exe [82216 2020-09-30] (Mixbyte Inc -> Freemake)
R2 HPPrintScanDoctorService; C:\Program Files\HPPrintScanDoctor\HPPrintScanDoctorService.exe [288360 2021-05-10] (HP Inc. -> HP Inc.)
S3 Intel(R) Security Assist; C:\Program Files (x86)\Intel\Intel(R) Security Assist\isa.exe [335872 2015-05-19] (Intel Corporation) [File not signed]
R2 isaHelperSvc; C:\Program Files (x86)\Intel\Intel(R) Security Assist\isaHelperService.exe [7680 2015-05-19] () [File not signed]
S3 Lenovo EasyPlus Hotspot; C:\Program Files (x86)\Common Files\LENOVO\easyplussdk\bin\EPHotspot64.exe [619776 2015-01-15] (LENOVO -> Lenovo)
R2 MBAMService; C:\Program Files\Malwarebytes\Anti-Malware\MBAMService.exe [7391408 2021-05-14] (Malwarebytes Inc -> Malwarebytes)
R2 Sks8821; C:\Program Files\Lenovo\Lenovo Slim USB Keyboard\Sks8821.exe [137216 2010-05-04] () [File not signed]
S3 WdNisSvc; C:\ProgramData\Microsoft\Windows Defender\platform\4.18.1911.3-0\NisSrv.exe [3206472 2019-12-14] (Microsoft Windows Publisher -> Microsoft Corporation)
S3 WinDefend; C:\ProgramData\Microsoft\Windows Defender\platform\4.18.1911.3-0\MsMpEng.exe [103376 2019-12-14] (Microsoft Windows Publisher -> Microsoft Corporation)

===================== Drivers (Whitelisted) ===================

(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)

R0 aswArDisk; C:\WINDOWS\System32\drivers\aswArDisk.sys [35664 2021-04-30] (Avast Software s.r.o. -> AVAST Software)
R1 aswArPot; C:\WINDOWS\System32\drivers\aswArPot.sys [212192 2021-04-30] (Avast Software s.r.o. -> AVAST Software)
R1 aswbidsdriver; C:\WINDOWS\System32\drivers\aswbidsdriver.sys [365024 2021-04-30] (Avast Software s.r.o. -> AVAST Software)
R0 aswbidsh; C:\WINDOWS\System32\drivers\aswbidsh.sys [250336 2021-04-30] (Avast Software s.r.o. -> AVAST Software)
R0 aswbuniv; C:\WINDOWS\System32\drivers\aswbuniv.sys [99288 2021-04-30] (Avast Software s.r.o. -> AVAST Software)
R0 aswElam; C:\WINDOWS\System32\drivers\aswElam.sys [17352 2021-04-30] (Microsoft Windows Early Launch Anti-malware Publisher -> AVAST Software)
R1 aswKbd; C:\WINDOWS\System32\drivers\aswKbd.sys [41296 2021-04-30] (Avast Software s.r.o. -> AVAST Software)
R1 aswMonFlt; C:\WINDOWS\System32\drivers\aswMonFlt.sys [180448 2021-04-30] (Avast Software s.r.o. -> AVAST Software)
R1 aswNetHub; C:\WINDOWS\System32\drivers\aswNetHub.sys [522896 2021-05-14] (Avast Software s.r.o. -> AVAST Software)
R1 aswRdr; C:\WINDOWS\System32\drivers\aswRdr2.sys [107792 2021-04-30] (Avast Software s.r.o. -> AVAST Software)
R0 AswRvrt; C:\WINDOWS\System32\drivers\aswRvrt.sys [82872 2021-04-30] (Avast Software s.r.o. -> AVAST Software)
R1 aswSnx; C:\WINDOWS\System32\drivers\aswSnx.sys [850632 2021-04-30] (Avast Software s.r.o. -> AVAST Software)
R1 aswSP; C:\WINDOWS\System32\drivers\aswSP.sys [467720 2021-04-30] (Avast Software s.r.o. -> AVAST Software)
R2 aswStm; C:\WINDOWS\System32\drivers\aswStm.sys [215352 2021-04-30] (Avast Software s.r.o. -> AVAST Software)
R0 aswVmm; C:\WINDOWS\System32\drivers\aswVmm.sys [326992 2021-04-30] (Avast Software s.r.o. -> AVAST Software)
S3 BthA2dp; C:\WINDOWS\System32\drivers\BthA2dp.sys [279040 2019-12-07] (Microsoft Corporation) [File not signed]
R3 GeneStor; C:\WINDOWS\system32\DRIVERS\GeneStor.sys [115704 2015-07-15] (GENESYS LOGIC, INC. -> GenesysLogic)
R2 MBAMChameleon; C:\WINDOWS\System32\Drivers\MbamChameleon.sys [220752 2021-05-17] (Malwarebytes Inc -> Malwarebytes)
S0 MbamElam; C:\WINDOWS\System32\DRIVERS\MbamElam.sys [19912 2020-10-13] (Microsoft Windows Early Launch Anti-malware Publisher -> Malwarebytes)
R3 MBAMSwissArmy; C:\WINDOWS\System32\Drivers\mbamswissarmy.sys [248992 2021-05-14] (Malwarebytes Inc -> Malwarebytes)
S3 WdBoot; C:\WINDOWS\system32\drivers\wd\WdBoot.sys [45664 2019-12-14] (Microsoft Windows Early Launch Anti-malware Publisher -> Microsoft Corporation)
S3 WDC_SAM; C:\WINDOWS\System32\drivers\wdcsam64.sys [26880 2017-05-04] (WDKTestCert wdclab,130885612892544312 -> Western Digital Technologies, Inc.)
S3 WdFilter; C:\WINDOWS\system32\drivers\wd\WdFilter.sys [355760 2019-12-14] (Microsoft Windows -> Microsoft Corporation)
S3 WdNisDrv; C:\WINDOWS\System32\drivers\wd\WdNisDrv.sys [54192 2019-12-14] (Microsoft Windows -> Microsoft Corporation)
S3 wsvd; C:\WINDOWS\system32\DRIVERS\wsvd.sys [102376 2012-06-14] (CyberLink -> "CyberLink)

==================== NetSvcs (Whitelisted) ===================

(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)


==================== One month (created) (Whitelisted) =========

(If an entry is included in the fixlist, the file/folder will be moved.)

2021-05-17 09:21 - 2021-05-17 09:22 - 000022548 _____ C:\Users\wow\Desktop\FRST.txt
2021-05-17 09:19 - 2021-05-17 09:19 - 002299392 _____ (Farbar) C:\Users\wow\Desktop\FRST64.exe
2021-05-17 09:02 - 2021-05-17 09:02 - 000220752 _____ (Malwarebytes) C:\WINDOWS\system32\Drivers\MbamChameleon.sys
2021-05-14 09:51 - 2021-05-14 09:51 - 001687040 _____ C:\WINDOWS\system32\libcrypto.dll
2021-05-14 09:50 - 2021-05-14 09:50 - 002755584 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\mshtml.tlb
2021-05-14 09:50 - 2021-05-14 09:50 - 002755584 _____ (Microsoft Corporation) C:\WINDOWS\system32\mshtml.tlb
2021-05-14 09:50 - 2021-05-14 09:50 - 000700928 _____ C:\WINDOWS\system32\FsNVSDeviceSource.dll
2021-05-14 09:49 - 2021-05-14 09:49 - 001314120 _____ (Microsoft Corporation) C:\WINDOWS\system32\SecConfig.efi
2021-05-14 09:49 - 2021-05-14 09:49 - 001163776 _____ C:\WINDOWS\system32\MBR2GPT.EXE
2021-05-14 09:49 - 2021-05-14 09:49 - 000011351 _____ C:\WINDOWS\system32\DrtmAuthTxt.wim
2021-05-14 09:48 - 2021-05-14 09:48 - 001823816 _____ (Microsoft Corporation) C:\WINDOWS\system32\winload.efi
2021-05-14 09:48 - 2021-05-14 09:48 - 001393504 _____ (Microsoft Corporation) C:\WINDOWS\system32\winresume.efi
2021-05-14 09:48 - 2021-05-14 09:48 - 000060928 _____ C:\WINDOWS\system32\runexehelper.exe
2021-05-14 09:47 - 2021-05-14 09:47 - 000165888 _____ C:\WINDOWS\system32\DataStoreCacheDumpTool.exe
2021-05-14 09:47 - 2021-05-14 09:47 - 000013312 _____ C:\WINDOWS\system32\agentactivationruntimestarter.exe
2021-05-12 08:31 - 2021-05-12 08:31 - 000000000 ____D C:\Program Files\HPPrintScanDoctor
2021-05-10 22:20 - 2021-05-10 22:20 - 000000000 ____D C:\WINDOWS\system32\Tasks\Mozilla
2021-05-08 08:17 - 2021-05-11 12:47 - 000000000 ____D C:\Program Files\Mozilla Firefox
2021-05-04 11:52 - 2021-05-04 11:52 - 000136191 _____ C:\Users\wow\Downloads\Vypis_z_uctu_0-165905043_z_20210430.pdf
2021-04-30 09:26 - 2021-04-30 09:26 - 000339680 _____ (AVAST Software) C:\WINDOWS\system32\aswBoot.exe
2021-04-30 09:26 - 2021-04-30 09:26 - 000215352 _____ (AVAST Software) C:\WINDOWS\system32\Drivers\aswStm.sys

==================== One month (modified) ==================

(If an entry is included in the fixlist, the file/folder will be moved.)

2021-05-17 09:22 - 2020-10-14 12:47 - 000000000 ____D C:\FRST
2021-05-17 09:17 - 2019-12-07 11:14 - 000000000 ____D C:\WINDOWS\AppReadiness
2021-05-17 09:12 - 2019-12-07 11:14 - 000000000 ____D C:\ProgramData\regid.1991-06.com.microsoft
2021-05-17 09:10 - 2019-02-06 10:50 - 000000000 ____D C:\ProgramData\Mozilla
2021-05-17 09:09 - 2019-12-07 11:03 - 000000000 ____D C:\WINDOWS\CbsTemp
2021-05-17 09:09 - 2018-05-19 08:46 - 000000000 ___HD C:\Users\wow\Documents\.tmp.drivedownload
2021-05-17 09:09 - 2017-05-04 19:21 - 000000000 ____D C:\Users\wow\AppData\LocalLow\Mozilla
2021-05-17 09:08 - 2020-08-27 21:33 - 000716748 _____ C:\WINDOWS\system32\perfh005.dat
2021-05-17 09:08 - 2020-08-27 21:33 - 000144946 _____ C:\WINDOWS\system32\perfc005.dat
2021-05-17 09:08 - 2020-08-27 12:16 - 001693136 _____ C:\WINDOWS\system32\PerfStringBackup.INI
2021-05-17 09:08 - 2019-12-07 11:13 - 000000000 ____D C:\WINDOWS\INF
2021-05-17 09:06 - 2019-10-03 10:00 - 000000000 ___HD C:\Users\Public\Documents\AdobeGCData
2021-05-17 09:06 - 2019-10-03 10:00 - 000000000 ___HD C:\ProgramData\Documents\AdobeGCData
2021-05-17 09:06 - 2017-05-03 22:34 - 000000000 ____D C:\Program Files\CCleaner
2021-05-17 09:04 - 2017-10-08 13:23 - 000000000 ____D C:\Users\wow\AppData\Local\AVAST Software
2021-05-17 09:03 - 2017-05-04 22:08 - 000000000 ___RD C:\Users\wow\Disk Google
2021-05-17 09:01 - 2020-10-19 10:53 - 000000180 _____ C:\WINDOWS\system32\{A6D608F0-0BDE-491A-97AE-5C4B05D86E01}.bat
2021-05-17 09:01 - 2020-08-27 12:22 - 000000006 ____H C:\WINDOWS\Tasks\SA.DAT
2021-05-17 09:01 - 2020-08-27 12:00 - 000008192 ___SH C:\DumpStack.log.tmp
2021-05-17 09:01 - 2017-05-04 09:35 - 000000000 ____D C:\ProgramData\AVAST Software
2021-05-17 09:01 - 2017-05-04 08:39 - 000000000 __SHD C:\Users\wow\IntelGraphicsProfiles
2021-05-16 13:15 - 2019-12-07 11:03 - 000524288 _____ C:\WINDOWS\system32\config\BBI
2021-05-16 13:13 - 2021-03-06 17:14 - 000002612 _____ C:\WINDOWS\system32\Tasks\AdobeGCInvoker-1.0
2021-05-16 13:13 - 2020-12-05 02:41 - 000003400 _____ C:\WINDOWS\system32\Tasks\GoogleUpdateTaskMachineUA
2021-05-16 13:13 - 2020-12-05 02:41 - 000003176 _____ C:\WINDOWS\system32\Tasks\GoogleUpdateTaskMachineCore
2021-05-16 13:13 - 2020-11-26 20:03 - 000003482 _____ C:\WINDOWS\system32\Tasks\Adobe Acrobat Update Task
2021-05-16 13:13 - 2020-08-27 12:22 - 000002988 _____ C:\WINDOWS\system32\Tasks\CCleaner Update
2021-05-16 13:13 - 2020-08-27 12:22 - 000002862 _____ C:\WINDOWS\system32\Tasks\OneDrive Standalone Update Task-S-1-5-21-3829197068-2955107618-1151059083-1001
2021-05-16 13:13 - 2020-08-27 12:22 - 000002336 _____ C:\WINDOWS\system32\Tasks\RtHDVBg_LENOVO_MICPKEY
2021-05-16 13:13 - 2020-08-27 12:22 - 000002280 _____ C:\WINDOWS\system32\Tasks\RTKCPL
2021-05-16 13:13 - 2020-08-27 12:22 - 000002220 _____ C:\WINDOWS\system32\Tasks\CCleanerSkipUAC
2021-05-16 11:38 - 2020-08-27 12:22 - 000000000 ____D C:\WINDOWS\system32\Tasks\AVAST Software
2021-05-16 11:30 - 2019-12-07 11:14 - 000000000 ___HD C:\Program Files\WindowsApps
2021-05-16 11:01 - 2017-11-30 18:55 - 000000000 ____D C:\Users\wow\AppData\Local\Packages
2021-05-16 10:37 - 2020-08-27 12:22 - 000004264 _____ C:\WINDOWS\system32\Tasks\Avast Emergency Update
2021-05-14 10:16 - 2019-12-07 11:14 - 000000000 ___RD C:\WINDOWS\ImmersiveControlPanel
2021-05-14 10:12 - 2020-08-27 12:00 - 000470464 _____ C:\WINDOWS\system32\FNTCACHE.DAT
2021-05-14 10:08 - 2019-12-07 11:50 - 000000000 ____D C:\WINDOWS\system32\OpenSSH
2021-05-14 10:08 - 2019-12-07 11:14 - 000000000 ___RD C:\WINDOWS\PrintDialog
2021-05-14 10:08 - 2019-12-07 11:14 - 000000000 ____D C:\WINDOWS\SysWOW64\WinMetadata
2021-05-14 10:08 - 2019-12-07 11:14 - 000000000 ____D C:\WINDOWS\SysWOW64\setup
2021-05-14 10:08 - 2019-12-07 11:14 - 000000000 ____D C:\WINDOWS\SysWOW64\oobe
2021-05-14 10:08 - 2019-12-07 11:14 - 000000000 ____D C:\WINDOWS\SysWOW64\lt-LT
2021-05-14 10:08 - 2019-12-07 11:14 - 000000000 ____D C:\WINDOWS\SysWOW64\Dism
2021-05-14 10:08 - 2019-12-07 11:14 - 000000000 ____D C:\WINDOWS\SystemResources
2021-05-14 10:08 - 2019-12-07 11:14 - 000000000 ____D C:\WINDOWS\system32\WinMetadata
2021-05-14 10:08 - 2019-12-07 11:14 - 000000000 ____D C:\WINDOWS\system32\SystemResetPlatform
2021-05-14 10:08 - 2019-12-07 11:14 - 000000000 ____D C:\WINDOWS\system32\setup
2021-05-14 10:08 - 2019-12-07 11:14 - 000000000 ____D C:\WINDOWS\system32\oobe
2021-05-14 10:08 - 2019-12-07 11:14 - 000000000 ____D C:\WINDOWS\system32\lt-LT
2021-05-14 10:08 - 2019-12-07 11:14 - 000000000 ____D C:\WINDOWS\system32\Dism
2021-05-14 10:08 - 2019-12-07 11:14 - 000000000 ____D C:\WINDOWS\Provisioning
2021-05-14 10:08 - 2019-12-07 11:14 - 000000000 ____D C:\WINDOWS\PolicyDefinitions
2021-05-14 10:08 - 2019-12-07 11:14 - 000000000 ____D C:\WINDOWS\DiagTrack
2021-05-14 10:08 - 2019-12-07 11:14 - 000000000 ____D C:\WINDOWS\bcastdvr
2021-05-14 10:07 - 2019-12-07 11:52 - 000023552 _____ (Microsoft Corporation) C:\WINDOWS\system32\OEMDefaultAssociations.dll
2021-05-14 09:44 - 2020-10-13 23:51 - 000248992 _____ (Malwarebytes) C:\WINDOWS\system32\Drivers\mbamswissarmy.sys
2021-05-14 09:44 - 2020-10-13 23:51 - 000002040 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Malwarebytes.lnk
2021-05-14 09:44 - 2020-02-16 11:30 - 000002028 _____ C:\Users\Public\Desktop\Malwarebytes.lnk
2021-05-14 09:44 - 2020-02-16 11:30 - 000002028 _____ C:\ProgramData\Desktop\Malwarebytes.lnk
2021-05-14 09:43 - 2020-02-16 11:30 - 000199128 _____ (Malwarebytes) C:\WINDOWS\system32\Drivers\mbae64.sys
2021-05-14 09:28 - 2020-04-02 12:56 - 000522896 _____ (AVAST Software) C:\WINDOWS\system32\Drivers\aswNetHub.sys
2021-05-13 11:05 - 2020-08-27 12:04 - 000002366 _____ C:\Users\wow\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\OneDrive.lnk
2021-05-13 11:05 - 2017-05-04 08:42 - 000000000 ___RD C:\Users\wow\OneDrive
2021-05-13 10:59 - 2017-10-18 18:44 - 000001006 _____ C:\Users\Public\Desktop\calibre 64bit - E-book management.lnk
2021-05-13 10:59 - 2017-10-18 18:44 - 000001006 _____ C:\ProgramData\Desktop\calibre 64bit - E-book management.lnk
2021-05-13 10:59 - 2017-05-04 20:54 - 000000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\calibre 64bit - E-book Management
2021-05-13 10:59 - 2017-05-04 20:54 - 000000000 ____D C:\Program Files\Calibre2
2021-05-13 09:23 - 2017-05-04 11:49 - 000002308 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Google Chrome.lnk
2021-05-13 09:23 - 2017-05-04 11:49 - 000002267 _____ C:\Users\Public\Desktop\Google Chrome.lnk
2021-05-13 09:23 - 2017-05-04 11:49 - 000002267 _____ C:\ProgramData\Desktop\Google Chrome.lnk
2021-05-13 09:17 - 2017-05-04 11:23 - 000000000 ____D C:\WINDOWS\system32\MRT
2021-05-13 09:13 - 2017-05-04 11:23 - 132732536 ____C (Microsoft Corporation) C:\WINDOWS\system32\MRT.exe
2021-05-12 08:31 - 2021-04-07 11:33 - 000000000 ____D C:\WINDOWS\system32\Tasks\HP
2021-05-11 13:01 - 2017-05-05 13:57 - 000002143 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Acrobat Reader DC.lnk
2021-05-11 12:47 - 2017-05-04 19:21 - 000000000 ____D C:\Program Files (x86)\Mozilla Maintenance Service
2021-05-10 22:20 - 2017-05-04 19:21 - 000001012 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Firefox.lnk
2021-05-06 10:25 - 2018-07-08 17:46 - 000002505 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Avast Secure Browser.lnk
2021-05-06 10:25 - 2018-07-08 17:46 - 000002470 _____ C:\Users\Public\Desktop\Avast Secure Browser.lnk
2021-05-06 10:25 - 2018-07-08 17:46 - 000002470 _____ C:\ProgramData\Desktop\Avast Secure Browser.lnk
2021-05-02 16:57 - 2021-01-24 15:08 - 000000000 ____D C:\Program Files\Microsoft Update Health Tools
2021-04-30 09:26 - 2020-10-27 09:56 - 000180448 _____ (AVAST Software) C:\WINDOWS\system32\Drivers\aswMonFlt.sys
2021-04-30 09:26 - 2019-12-07 11:14 - 000000000 ___HD C:\WINDOWS\ELAMBKUP
2021-04-30 09:26 - 2019-01-27 00:23 - 000365024 _____ (AVAST Software) C:\WINDOWS\system32\Drivers\aswbidsdriver.sys
2021-04-30 09:26 - 2019-01-18 20:23 - 000250336 _____ (AVAST Software) C:\WINDOWS\system32\Drivers\aswbidsh.sys
2021-04-30 09:26 - 2019-01-18 20:23 - 000099288 _____ (AVAST Software) C:\WINDOWS\system32\Drivers\aswbuniv.sys
2021-04-30 09:26 - 2019-01-18 20:23 - 000035664 _____ (AVAST Software) C:\WINDOWS\system32\Drivers\aswArDisk.sys
2021-04-30 09:26 - 2018-10-12 12:10 - 000041296 _____ (AVAST Software) C:\WINDOWS\system32\Drivers\aswKbd.sys
2021-04-30 09:26 - 2018-06-27 09:18 - 000017352 _____ (AVAST Software) C:\WINDOWS\system32\Drivers\aswElam.sys
2021-04-30 09:26 - 2017-11-30 18:27 - 000850632 _____ (AVAST Software) C:\WINDOWS\system32\Drivers\aswSnx.sys
2021-04-30 09:26 - 2017-11-30 18:27 - 000467720 _____ (AVAST Software) C:\WINDOWS\system32\Drivers\aswSP.sys
2021-04-30 09:26 - 2017-11-30 18:27 - 000326992 _____ (AVAST Software) C:\WINDOWS\system32\Drivers\aswVmm.sys
2021-04-30 09:26 - 2017-11-30 18:27 - 000212192 _____ (AVAST Software) C:\WINDOWS\system32\Drivers\aswArPot.sys
2021-04-30 09:26 - 2017-11-30 18:27 - 000107792 _____ (AVAST Software) C:\WINDOWS\system32\Drivers\aswRdr2.sys
2021-04-30 09:26 - 2017-11-30 18:27 - 000082872 _____ (AVAST Software) C:\WINDOWS\system32\Drivers\aswRvrt.sys

==================== Files in the root of some directories ========

2021-03-06 17:24 - 2021-03-06 17:24 - 000000000 _____ () C:\Users\wow\AppData\Local\oobelibMkey.log

==================== SigCheck ============================

(There is no automatic fix for files that do not pass verification.)

==================== End of FRST.txt ========================


Additional scan result of Farbar Recovery Scan Tool (x64) Version: 15-05-2021
Ran by wow (17-05-2021 09:24:10)
Running from C:\Users\wow\Desktop
Windows 10 Home Version 2004 19041.985 (X64) (2020-08-27 10:22:50)
Boot Mode: Normal
==========================================================


==================== Accounts: =============================

Administrator (S-1-5-21-3829197068-2955107618-1151059083-500 - Administrator - Disabled)
DefaultAccount (S-1-5-21-3829197068-2955107618-1151059083-503 - Limited - Disabled)
Guest (S-1-5-21-3829197068-2955107618-1151059083-501 - Limited - Disabled)
WDAGUtilityAccount (S-1-5-21-3829197068-2955107618-1151059083-504 - Limited - Disabled)
wow (S-1-5-21-3829197068-2955107618-1151059083-1001 - Administrator - Enabled) => C:\Users\wow

==================== Security Center ========================

(If an entry is included in the fixlist, it will be removed.)

AV: Avast Antivirus (Enabled - Up to date) {8EA8924E-BC81-DC44-8BB0-8BAE75D86EBF}
AV: Windows Defender (Disabled - Up to date) {D68DDC3A-831F-4fae-9E44-DA132C1ACF46}
AV: Avast Antivirus (Enabled - Up to date) {EB19B86E-3998-C706-90EF-92B41EB091AF}
AS: Windows Defender (Disabled - Up to date) {D68DDC3A-831F-4fae-9E44-DA132C1ACF46}
AS: Avast Antivirus (Enabled - Up to date) {35C973AA-9ABB-D3CA-B100-B0DC0E5F2402}

==================== Installed Programs ======================

(Only the adware programs with "Hidden" flag could be added to the fixlist to unhide them. The adware programs should be uninstalled manually.)

7z Extractor (HKLM-x32\...\{FA71EF19-3822-44F1-B843-B84CA34266CB}_is1) (Version: - 7zextractor.com)
Adobe Acrobat Reader DC - Czech (HKLM-x32\...\{AC76BA86-7AD7-1029-7B44-AC0F074E4100}) (Version: 21.001.20155 - Adobe Systems Incorporated)
Adobe dreamweaver (HKLM\...\{F91C3A80-17BA-41E3-8288-A36778F03035}) (Version: 1.0.0000 - Adobe Systems Incorporated) Hidden
Adobe Genuine Service (HKLM-x32\...\AdobeGenuineService) (Version: - Adobe)
Aktualizace produktu Microsoft Office Excel 2007 Help (KB963678) (HKLM-x32\...\{90120000-0016-0405-0000-0000000FF1CE}_ENTERPRISE_{0A1FAC46-B899-421D-B1A2-470896DC45DB}) (Version: - Microsoft)
Aktualizace produktu Microsoft Office Powerpoint 2007 Help (KB963669) (HKLM-x32\...\{90120000-0018-0405-0000-0000000FF1CE}_ENTERPRISE_{5260BB53-C1F7-4A3B-9AEB-3EC9B37FF194}) (Version: - Microsoft)
Aktualizace produktu Microsoft Office Word 2007 Help (KB963665) (HKLM-x32\...\{90120000-001B-0405-0000-0000000FF1CE}_ENTERPRISE_{E68DD413-B834-4923-8181-0A03B7555187}) (Version: - Microsoft)
Altap Salamander 3.03 (x86) (HKLM-x32\...\Altap Salamander 3.03 (x86)) (Version: 3.03 - ALTAP)
Avast Free Antivirus (HKLM-x32\...\Avast Antivirus) (Version: 21.3.2459 - Avast Software)
Avast Secure Browser (HKLM-x32\...\Avast Secure Browser) (Version: 90.0.9316.93 - Autoři prohlížeče Avast Secure Browser)
Avast Update Helper (HKLM-x32\...\{A92DAB39-4E2C-4304-9AB6-BC44E68B55E2}) (Version: 1.8.1065.0 - AVAST Software) Hidden
Backup and Sync from Google (HKLM\...\{3CBE1074-3A4F-4BA6-95E3-7A660B54FE33}) (Version: 3.55.3625.9414 - Google, Inc.)
BitTorrent (HKU\S-1-5-21-3829197068-2955107618-1151059083-1001\...\BitTorrent) (Version: 7.10.5.45857 - BitTorrent Inc.)
calibre 64bit (HKLM\...\{839721E4-35F6-4563-A3A0-931603356771}) (Version: 5.17.0 - Kovid Goyal)
CCleaner (HKLM\...\CCleaner) (Version: 5.79 - Piriform)
CDBurnerXP (HKLM-x32\...\{7E265513-8CDA-4631-B696-F40D983F3B07}_is1) (Version: 4.5.7.6623 - CDBurnerXP)
Cool Edit Pro 2.1 (HKLM-x32\...\Cool Edit Pro 2.1) (Version: - )
D3DX10 (HKLM-x32\...\{E09C4DB7-630C-4F06-A631-8EA7239923AF}) (Version: 15.4.2368.0902 - Microsoft) Hidden
Genesys USB Mass Storage Device (HKLM-x32\...\{959B7F35-2819-40C5-A0CD-3C53B5FCC935}) (Version: 4.5.0.6.1001 - Genesys Logic)
Google Chrome (HKLM-x32\...\Google Chrome) (Version: 90.0.4430.212 - Google LLC)
HappyFoto DESIGNER 5.4 (HKLM-x32\...\HappyFoto-Designer_is1) (Version: - )
Intel(R) Chipset Device Software (HKLM-x32\...\{c7f54569-0018-439c-809a-48046a4d4ebc}) (Version: 10.1.1.9 - Intel(R) Corporation) Hidden
Intel(R) Management Engine Components (HKLM\...\{1CEAC85D-2590-4760-800F-8DE5E91F3700}) (Version: 11.0.0.1158 - Intel Corporation)
Intel(R) Processor Graphics (HKLM-x32\...\{F0E3AD40-2BBD-4360-9C76-B9AC9A5886EA}) (Version: 20.19.15.4963 - Intel Corporation)
Intel® Security Assist (HKLM-x32\...\{4B230374-6475-4A73-BA6E-41015E9C5013}) (Version: 1.0.0.532 - Intel Corporation)
IrfanView 4.54 (32-bit) (HKLM-x32\...\IrfanView) (Version: 4.54 - Irfan Skiljan)
Lenovo Rescue System (HKLM\...\{46F4D124-20E5-4D12-BE52-EC177A7A4B42}) (Version: 4.0.0.5015 - CyberLink Corp.) Hidden
Lenovo Rescue System (HKLM-x32\...\InstallShield_{46F4D124-20E5-4D12-BE52-EC177A7A4B42}) (Version: 4.0.0.5015 - CyberLink Corp.)
Lenovo Slim USB Keyboard (HKLM\...\{494D80C4-3557-4D73-A153-65FE4B3ECDC3}) (Version: 1.17 - Lenovo)
Malwarebytes version 4.3.3.116 (HKLM\...\{35065F43-4BB2-439A-BFF7-0F1014F2E0CD}_is1) (Version: 4.3.3.116 - Malwarebytes)
Manual (HKLM-x32\...\{693F92E5-37D1-46B7-A0D6-19A74A2FD0EC}) (Version: 1.00.0701 - Lenovo)
Metric Collection SDK 35 (HKLM-x32\...\{C2B5B5B0-2545-4E94-B4BA-548D4BF0B196}) (Version: 1.2.0006.00 - Lenovo Group Limited) Hidden
Microsoft Office (HKLM-x32\...\{90150000-0138-0409-0000-0000000FF1CE}) (Version: 15.0.4693.1005 - Microsoft Corporation)
Microsoft Office 2007 Service Pack 3 (SP3) (HKLM-x32\...\{90120000-0030-0000-0000-0000000FF1CE}_ENTERPRISE_{6E107EB7-8B55-48BF-ACCB-199F86A2CD93}) (Version: - Microsoft)
Microsoft Office Enterprise 2007 (HKLM-x32\...\ENTERPRISE) (Version: 12.0.6612.1000 - Microsoft Corporation)
Microsoft Office File Validation Add-In (HKLM-x32\...\{90140000-2005-0000-0000-0000000FF1CE}) (Version: 14.0.5130.5003 - Microsoft Corporation)
Microsoft OneDrive (HKU\S-1-5-21-3829197068-2955107618-1151059083-1001\...\OneDriveSetup.exe) (Version: 21.073.0411.0002 - Microsoft Corporation)
Microsoft Update Health Tools (HKLM\...\{A0E1B43D-5F4A-46AF-9925-ABA3423325DC}) (Version: 2.77.0.0 - Microsoft Corporation)
Microsoft Visual C++ 2005 Redistributable (HKLM-x32\...\{710f4c1c-cc18-4c49-8cbf-51240c89a1a2}) (Version: 8.0.61001 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.17 (HKLM-x32\...\{9A25302D-30C0-39D9-BD6F-21E6EC160475}) (Version: 9.0.30729 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.4148 (HKLM-x32\...\{1F1C2DFC-2D24-3E06-BCB8-725134ADF989}) (Version: 9.0.30729.4148 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.6161 (HKLM-x32\...\{9BE518E6-ECC6-35A9-88E4-87755C07200F}) (Version: 9.0.30729.6161 - Microsoft Corporation)
Microsoft Visual C++ 2010 x86 Redistributable - 10.0.40219 (HKLM-x32\...\{F0C3E5D1-1ADE-321E-8167-68EF0DE699A5}) (Version: 10.0.40219 - Microsoft Corporation)
Microsoft Visual C++ 2012 Redistributable (x86) - 11.0.61030 (HKLM-x32\...\{33d1fd90-4274-48a1-9bc1-97e33d9c2d6f}) (Version: 11.0.61030.0 - Microsoft Corporation)
Microsoft Visual C++ 2013 Redistributable (x64) - 12.0.30501 (HKLM-x32\...\{050d4fc8-5d48-4b8f-8972-47c82c46020f}) (Version: 12.0.30501.0 - Microsoft Corporation)
Microsoft Visual C++ 2013 Redistributable (x86) - 12.0.30501 (HKLM-x32\...\{f65db027-aff3-4070-886a-0d87064aabb1}) (Version: 12.0.30501.0 - Microsoft Corporation)
Microsoft Visual C++ 2015 Redistributable (x64) - 14.0.24212 (HKLM-x32\...\{323dad84-0974-4d90-a1c1-e006c7fdbb7d}) (Version: 14.0.24212.0 - Microsoft Corporation)
Movie Maker (HKLM-x32\...\{38F03569-A636-4CF3-BDDE-032C8C251304}) (Version: 16.4.3528.0331 - Microsoft Corporation) Hidden
Movie Maker (HKLM-x32\...\{DD67BE4B-7E62-4215-AFA3-F123A800A389}) (Version: 16.4.3528.0331 - Microsoft Corporation) Hidden
Mozilla Firefox 88.0.1 (x64 cs) (HKLM\...\Mozilla Firefox 88.0.1 (x64 cs)) (Version: 88.0.1 - Mozilla)
Mozilla Maintenance Service (HKLM\...\MozillaMaintenanceService) (Version: 53.0 - Mozilla)
OnScreen Control (HKLM-x32\...\{E5C1B339-0E4E-49A5-859E-5E1DE1938706}) (Version: 1.39 - LG Electronics Inc)
Rajče průvodce verze 1.59.54.269 (HKLM-x32\...\rajce.net_is1) (Version: - rajce.net)
Realtek Ethernet Controller All-In-One Windows Driver (HKLM-x32\...\{F7E7F0CB-AA41-4D5A-B6F2-8E6738EB063F}) (Version: 10.1.505.2015 - Realtek)
Realtek High Definition Audio Driver (HKLM-x32\...\{F132AF7F-7BCA-4EDE-8A7C-958108FE7DBC}) (Version: 6.0.1.7543 - Realtek Semiconductor Corp.)
Shredder 12 (HKLM-x32\...\{3892F602-F5D6-4B99-8F08-12EE6B01F66B}) (Version: 12.0.0 - ChessBase)
Update for 2007 Microsoft Office System (KB967642) (HKLM-x32\...\{90120000-0030-0000-0000-0000000FF1CE}_ENTERPRISE_{C444285D-5E4F-48A4-91DD-47AAAA68E92D}) (Version: - Microsoft)
Update for Windows 10 for x64-based Systems (KB4023057) (HKLM\...\{16AD6161-2E47-4BF1-AA77-0946EFE93E08}) (Version: 2.61.0.0 - Microsoft Corporation)
Windows Driver Package - Genesys Logic (GeneStor) USB (07/13/2015 4.5.0.6) (HKLM\...\AE2E6FAB44844413B4C6F53C908EACC8AFC838F0) (Version: 07/13/2015 4.5.0.6 - Genesys Logic)
Windows Driver Package - Intel Corporation (igfx) Display (07/17/2015 10.18.15.4256) (HKLM\...\00B7AF24A3F134555C104D6FD6BA2E998DF37957) (Version: 07/17/2015 10.18.15.4256 - Intel Corporation)
Windows Driver Package - Realtek (rt640x64) Net (05/05/2015 10.001.0505.2015) (HKLM\...\6A304520C2F25CD034E477A379C47308AA84A2DC) (Version: 05/05/2015 10.001.0505.2015 - Realtek)
Windows Movie Maker 2016 (HKLM-x32\...\{3CC29C1A-B5FE-457B-8F22-32A2videowin}}_is1) (Version: - videowinsoft.com)
xrecode II 1.0.0.231 (HKLM-x32\...\{AFE83615-88BE-47F6-B3E4-A3FEF8B7B57F}_is1) (Version: - )
Zoner Photo Studio 17 (HKLM\...\ZonerPhotoStudio17_CZ_is1) (Version: 17.0.1.12 - ZONER software)

Packages:
=========
HP Smart -> C:\Program Files\WindowsApps\AD2F1837.HPPrinterControl_127.1.115.0_x64__v10z8vjag6ke6 [2021-05-10] (HP Inc.)
Lenovo Vantage -> C:\Program Files\WindowsApps\E046963F.LenovoCompanion_10.2103.17.0_x64__k1h2ywk1493x8 [2021-04-09] (LENOVO INC.)
Microsoft Advertising SDK for XAML -> C:\Program Files\WindowsApps\Microsoft.Advertising.Xaml_10.1811.1.0_x64__8wekyb3d8bbwe [2019-02-14] (Microsoft Corporation) [MS Ad]
Microsoft Advertising SDK for XAML -> C:\Program Files\WindowsApps\Microsoft.Advertising.Xaml_10.1811.1.0_x86__8wekyb3d8bbwe [2019-02-14] (Microsoft Corporation) [MS Ad]
Microsoft Solitaire Collection -> C:\Program Files\WindowsApps\Microsoft.MicrosoftSolitaireCollection_4.9.5060.0_x64__8wekyb3d8bbwe [2021-05-10] (Microsoft Studios) [MS Ad]
MSN Sports -> C:\Program Files\WindowsApps\Microsoft.BingSports_4.36.20714.0_x64__8wekyb3d8bbwe [2020-03-26] (Microsoft Corporation) [MS Ad]
Uživatelský portál Lenovo -> C:\Program Files\WindowsApps\LenovoCorporation.LenovoID_2.0.37.0_x86__4642shxvsv8s2 [2017-05-04] (LENOVO INCORPORATED.)

==================== Custom CLSID (Whitelisted): ==============

(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)

CustomCLSID: HKU\S-1-5-21-3829197068-2955107618-1151059083-1001_Classes\CLSID\{C78B6149-F3EA-11D2-94A1-00E0292A01E3}\InprocServer32 -> C:\Program Files (x86)\Altap Salamander\utils\salextx64.dll (ALTAP) [File not signed]
ShellExecuteHooks-x32: Groove GFS Stub Execution Hook - {B5A7F190-DDA6-4420-B3BA-52453494E6CD} - C:\Program Files (x86)\Microsoft Office\Office12\GrooveShellExtensions.dll [2217832 2009-02-26] (Microsoft Corporation -> Microsoft Corporation)
ShellIconOverlayIdentifiers: [ GoogleDriveBlacklisted] -> {81539FE6-33C7-4CE7-90C7-1C7B8F2F2D42} => C:\Program Files\Google\Drive\googledrivesync64.dll [2021-03-12] (Google LLC -> Google)
ShellIconOverlayIdentifiers: [ GoogleDriveSynced] -> {81539FE6-33C7-4CE7-90C7-1C7B8F2F2D40} => C:\Program Files\Google\Drive\googledrivesync64.dll [2021-03-12] (Google LLC -> Google)
ShellIconOverlayIdentifiers: [ GoogleDriveSyncing] -> {81539FE6-33C7-4CE7-90C7-1C7B8F2F2D41} => C:\Program Files\Google\Drive\googledrivesync64.dll [2021-03-12] (Google LLC -> Google)
ShellIconOverlayIdentifiers: [00asw] -> {472083B0-C522-11CF-8763-00608CC02F24} => C:\Program Files\AVAST Software\Avast\ashShell.dll [2021-04-30] (Avast Software s.r.o. -> AVAST Software)
ShellIconOverlayIdentifiers-x32: [00asw] -> {472083B0-C522-11CF-8763-00608CC02F24} => C:\Program Files\AVAST Software\Avast\ashShell.dll [2021-04-30] (Avast Software s.r.o. -> AVAST Software)
ContextMenuHandlers1: [avast] -> {472083B0-C522-11CF-8763-00608CC02F24} => C:\Program Files\AVAST Software\Avast\ashShell.dll [2021-04-30] (Avast Software s.r.o. -> AVAST Software)
ContextMenuHandlers1: [GDContextMenu] -> {BB02B294-8425-42E5-983F-41A1FA970CD6} => C:\Program Files\Google\Drive\contextmenu64.dll [2021-03-12] (Google LLC -> Google)
ContextMenuHandlers3: [00asw] -> {472083B0-C522-11CF-8763-00608CC02F24} => C:\Program Files\AVAST Software\Avast\ashShell.dll [2021-04-30] (Avast Software s.r.o. -> AVAST Software)
ContextMenuHandlers3: [MBAMShlExt] -> {57CE581A-0CB6-4266-9CA0-19364C90A0B3} => C:\Program Files\Malwarebytes\Anti-Malware\mbshlext.dll [2020-02-16] (Malwarebytes Corporation -> Malwarebytes)
ContextMenuHandlers4: [GDContextMenu] -> {BB02B294-8425-42E5-983F-41A1FA970CD6} => C:\Program Files\Google\Drive\contextmenu64.dll [2021-03-12] (Google LLC -> Google)
ContextMenuHandlers5: [igfxDTCM] -> {9B5F5829-A529-4B12-814A-E81BCB8D93FC} => C:\WINDOWS\system32\igfxDTCM.dll [2018-07-16] (Microsoft Windows Hardware Compatibility Publisher -> Intel Corporation)
ContextMenuHandlers6: [avast] -> {472083B0-C522-11CF-8763-00608CC02F24} => C:\Program Files\AVAST Software\Avast\ashShell.dll [2021-04-30] (Avast Software s.r.o. -> AVAST Software)
ContextMenuHandlers6: [MBAMShlExt] -> {57CE581A-0CB6-4266-9CA0-19364C90A0B3} => C:\Program Files\Malwarebytes\Anti-Malware\mbshlext.dll [2020-02-16] (Malwarebytes Corporation -> Malwarebytes)

==================== Codecs (Whitelisted) ====================

==================== Shortcuts & WMI ========================

==================== Loaded Modules (Whitelisted) =============

2021-05-17 09:02 - 2021-05-17 09:02 - 000114176 _____ () [File not signed] C:\Users\wow\AppData\Local\Temp\_MEI73282\_ctypes.pyd
2021-05-17 09:02 - 2021-05-17 09:02 - 000172544 _____ () [File not signed] C:\Users\wow\AppData\Local\Temp\_MEI73282\_elementtree.pyd
2021-05-17 09:02 - 2021-05-17 09:02 - 002255872 _____ () [File not signed] C:\Users\wow\AppData\Local\Temp\_MEI73282\_hashlib.pyd
2021-05-17 09:02 - 2021-05-17 09:02 - 000032256 _____ () [File not signed] C:\Users\wow\AppData\Local\Temp\_MEI73282\_multiprocessing.pyd
2021-05-17 09:02 - 2021-05-17 09:02 - 000046080 _____ () [File not signed] C:\Users\wow\AppData\Local\Temp\_MEI73282\_psutil_windows.pyd
2021-05-17 09:02 - 2021-05-17 09:02 - 000047616 _____ () [File not signed] C:\Users\wow\AppData\Local\Temp\_MEI73282\_socket.pyd
2021-05-17 09:02 - 2021-05-17 09:02 - 002824704 _____ () [File not signed] C:\Users\wow\AppData\Local\Temp\_MEI73282\_ssl.pyd
2021-05-17 09:02 - 2021-05-17 09:02 - 000026112 _____ () [File not signed] C:\Users\wow\AppData\Local\Temp\_MEI73282\_yappi.pyd
2021-05-17 09:02 - 2021-05-17 09:02 - 000080896 _____ () [File not signed] C:\Users\wow\AppData\Local\Temp\_MEI73282\bz2.pyd
2021-05-17 09:02 - 2021-05-17 09:02 - 000015872 _____ () [File not signed] C:\Users\wow\AppData\Local\Temp\_MEI73282\common.time34.pyd
2021-05-17 09:02 - 2021-05-17 09:02 - 000007680 _____ () [File not signed] C:\Users\wow\AppData\Local\Temp\_MEI73282\hashobjs_ext.pyd
2021-05-17 09:02 - 2021-05-17 09:02 - 000301568 _____ () [File not signed] C:\Users\wow\AppData\Local\Temp\_MEI73282\PIL._imaging.pyd
2021-05-17 09:02 - 2021-05-17 09:02 - 000168448 _____ () [File not signed] C:\Users\wow\AppData\Local\Temp\_MEI73282\pyexpat.pyd
2021-05-17 09:02 - 2021-05-17 09:02 - 001084416 _____ () [File not signed] C:\Users\wow\AppData\Local\Temp\_MEI73282\pysqlite2._sqlite.pyd
2021-05-17 09:02 - 2021-05-17 09:02 - 000548864 _____ () [File not signed] C:\Users\wow\AppData\Local\Temp\_MEI73282\pythoncom27.dll
2021-05-17 09:02 - 2021-05-17 09:02 - 000137728 _____ () [File not signed] C:\Users\wow\AppData\Local\Temp\_MEI73282\pywintypes27.dll
2021-05-17 09:02 - 2021-05-17 09:02 - 000010752 _____ () [File not signed] C:\Users\wow\AppData\Local\Temp\_MEI73282\select.pyd
2021-05-17 09:02 - 2021-05-17 09:02 - 000020992 _____ () [File not signed] C:\Users\wow\AppData\Local\Temp\_MEI73282\thumbnails_ext.pyd
2021-05-17 09:02 - 2021-05-17 09:02 - 000689664 _____ () [File not signed] C:\Users\wow\AppData\Local\Temp\_MEI73282\unicodedata.pyd
2021-05-17 09:02 - 2021-05-17 09:02 - 000119808 _____ () [File not signed] C:\Users\wow\AppData\Local\Temp\_MEI73282\usb_ext.pyd
2021-05-17 09:02 - 2021-05-17 09:02 - 000128512 _____ () [File not signed] C:\Users\wow\AppData\Local\Temp\_MEI73282\win32api.pyd
2021-05-17 09:02 - 2021-05-17 09:02 - 000438784 _____ () [File not signed] C:\Users\wow\AppData\Local\Temp\_MEI73282\win32com.shell.shell.pyd
2021-05-17 09:02 - 2021-05-17 09:02 - 000011776 _____ () [File not signed] C:\Users\wow\AppData\Local\Temp\_MEI73282\win32crypt.pyd
2021-05-17 09:02 - 2021-05-17 09:02 - 000023040 _____ () [File not signed] C:\Users\wow\AppData\Local\Temp\_MEI73282\win32event.pyd
2021-05-17 09:02 - 2021-05-17 09:02 - 000149504 _____ () [File not signed] C:\Users\wow\AppData\Local\Temp\_MEI73282\win32file.pyd
2021-05-17 09:02 - 2021-05-17 09:02 - 000223232 _____ () [File not signed] C:\Users\wow\AppData\Local\Temp\_MEI73282\win32gui.pyd
2021-05-17 09:02 - 2021-05-17 09:02 - 000048128 _____ () [File not signed] C:\Users\wow\AppData\Local\Temp\_MEI73282\win32inet.pyd
2021-05-17 09:02 - 2021-05-17 09:02 - 000029696 _____ () [File not signed] C:\Users\wow\AppData\Local\Temp\_MEI73282\win32pdh.pyd
2021-05-17 09:02 - 2021-05-17 09:02 - 000027648 _____ () [File not signed] C:\Users\wow\AppData\Local\Temp\_MEI73282\win32pipe.pyd
2021-05-17 09:02 - 2021-05-17 09:02 - 000044032 _____ () [File not signed] C:\Users\wow\AppData\Local\Temp\_MEI73282\win32process.pyd
2021-05-17 09:02 - 2021-05-17 09:02 - 000020480 _____ () [File not signed] C:\Users\wow\AppData\Local\Temp\_MEI73282\win32profile.pyd
2021-05-17 09:02 - 2021-05-17 09:02 - 000136192 _____ () [File not signed] C:\Users\wow\AppData\Local\Temp\_MEI73282\win32security.pyd
2021-05-17 09:02 - 2021-05-17 09:02 - 000026624 _____ () [File not signed] C:\Users\wow\AppData\Local\Temp\_MEI73282\win32ts.pyd
2021-05-17 09:02 - 2021-05-17 09:02 - 000034304 _____ () [File not signed] C:\Users\wow\AppData\Local\Temp\_MEI73282\windows.conditional.pyd
2021-05-17 09:02 - 2021-05-17 09:02 - 000037888 _____ () [File not signed] C:\Users\wow\AppData\Local\Temp\_MEI73282\windows.connectivity.pyd
2021-05-17 09:02 - 2021-05-17 09:02 - 000071680 _____ () [File not signed] C:\Users\wow\AppData\Local\Temp\_MEI73282\windows.device_monitor.pyd
2021-05-17 09:02 - 2021-05-17 09:02 - 000103936 _____ () [File not signed] C:\Users\wow\AppData\Local\Temp\_MEI73282\windows.volumes.pyd
2021-05-17 09:02 - 2021-05-17 09:02 - 000019968 _____ () [File not signed] C:\Users\wow\AppData\Local\Temp\_MEI73282\windows.winwrap.pyd
2021-05-17 09:02 - 2021-05-17 09:02 - 001325056 _____ () [File not signed] C:\Users\wow\AppData\Local\Temp\_MEI73282\wx._controls_.pyd
2021-05-17 09:02 - 2021-05-17 09:02 - 001489408 _____ () [File not signed] C:\Users\wow\AppData\Local\Temp\_MEI73282\wx._core_.pyd
2021-05-17 09:02 - 2021-05-17 09:02 - 001007104 _____ () [File not signed] C:\Users\wow\AppData\Local\Temp\_MEI73282\wx._gdi_.pyd
2021-05-17 09:02 - 2021-05-17 09:02 - 000103424 _____ () [File not signed] C:\Users\wow\AppData\Local\Temp\_MEI73282\wx._html2.pyd
2021-05-17 09:02 - 2021-05-17 09:02 - 000916992 _____ () [File not signed] C:\Users\wow\AppData\Local\Temp\_MEI73282\wx._misc_.pyd
2021-05-17 09:02 - 2021-05-17 09:02 - 001039872 _____ () [File not signed] C:\Users\wow\AppData\Local\Temp\_MEI73282\wx._windows_.pyd
2009-04-07 19:16 - 2009-04-07 19:16 - 000061440 _____ (LITE-ON Corp.) [File not signed] C:\Program Files\Lenovo\Lenovo Slim USB Keyboard\skhooks.dll
2021-05-17 09:02 - 2021-05-17 09:02 - 003043328 _____ (Python Software Foundation) [File not signed] C:\Users\wow\AppData\Local\Temp\_MEI73282\python27.dll
2021-05-17 09:02 - 2021-05-17 09:02 - 000202240 _____ (wxWidgets development team) [File not signed] C:\Users\wow\AppData\Local\Temp\_MEI73282\wxbase30u_net_vc90_x64.dll
2021-05-17 09:02 - 2021-05-17 09:02 - 002831872 _____ (wxWidgets development team) [File not signed] C:\Users\wow\AppData\Local\Temp\_MEI73282\wxbase30u_vc90_x64.dll
2021-05-17 09:02 - 2021-05-17 09:02 - 001654784 _____ (wxWidgets development team) [File not signed] C:\Users\wow\AppData\Local\Temp\_MEI73282\wxmsw30u_adv_vc90_x64.dll
2021-05-17 09:02 - 2021-05-17 09:02 - 006542336 _____ (wxWidgets development team) [File not signed] C:\Users\wow\AppData\Local\Temp\_MEI73282\wxmsw30u_core_vc90_x64.dll
2021-05-17 09:02 - 2021-05-17 09:02 - 000773632 _____ (wxWidgets development team) [File not signed] C:\Users\wow\AppData\Local\Temp\_MEI73282\wxmsw30u_html_vc90_x64.dll
2021-05-17 09:02 - 2021-05-17 09:02 - 000137216 _____ (wxWidgets development team) [File not signed] C:\Users\wow\AppData\Local\Temp\_MEI73282\wxmsw30u_webview_vc90_x64.dll

==================== Alternate Data Streams (Whitelisted) ========

==================== Safe Mode (Whitelisted) ==================

(If an entry is included in the fixlist, it will be removed from the registry. The "AlternateShell" will be restored.)

HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\aswSP.sys => ""="Driver"
HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\MBAMService => ""="Service"
HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Network\aswSP.sys => ""="Driver"
HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Network\MBAMService => ""="Service"

==================== Association (Whitelisted) =================

==================== Internet Explorer (Whitelisted) ==========

SearchScopes: HKU\S-1-5-21-3829197068-2955107618-1151059083-1001 -> DefaultScope {7DCCD605-BF48-4263-B88F-15581608CFFB} URL =
SearchScopes: HKU\S-1-5-21-3829197068-2955107618-1151059083-1001 -> {7DCCD605-BF48-4263-B88F-15581608CFFB} URL =
BHO-x32: Groove GFS Browser Helper -> {72853161-30C5-4D22-B7F9-0BBC1D38A37E} -> C:\Program Files (x86)\Microsoft Office\Office12\GrooveShellExtensions.dll [2009-02-26] (Microsoft Corporation -> Microsoft Corporation)

==================== Hosts content: =========================

(If needed Hosts: directive could be included in the fixlist to reset Hosts.)

2015-07-10 13:04 - 2019-12-16 12:26 - 000000027 _____ C:\WINDOWS\system32\drivers\etc\hosts
127.0.0.1 localhost

==================== Other Areas ===========================

(Currently there is no automatic fix for this section.)

HKLM\System\CurrentControlSet\Control\Session Manager\Environment\\Path -> C:\Program Files (x86)\Intel\iCLS Client\;C:\Program Files\Intel\iCLS Client\;%SystemRoot%\system32;%SystemRoot%;%SystemRoot%\System32\Wbem;%SYSTEMROOT%\System32\WindowsPowerShell\v1.0\;C:\Program Files (x86)\Common Files\lenovo\easyplussdk\bin;C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\DAL;C:\Program Files\Intel\Intel(R) Management Engine Components\DAL;C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\IPT;C:\Program Files\Intel\Intel(R) Management Engine Components\IPT;C:\Program Files\Calibre2\;%SYSTEMROOT%\System32\OpenSSH\
HKU\S-1-5-21-3829197068-2955107618-1151059083-1001\Control Panel\Desktop\\Wallpaper -> D:\Fotky\IMG_20200521_123756.jpg
DNS Servers: 10.0.0.138
HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Policies\System => (ConsentPromptBehaviorAdmin: 5) (ConsentPromptBehaviorUser: 3) (EnableLUA: 1)
HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer => (SmartScreenEnabled: RequireAdmin)
Windows Firewall is enabled.

==================== MSCONFIG/TASK MANAGER disabled items ==

(If an entry is included in the fixlist, it will be removed.)

HKLM\...\StartupApproved\Run: => "SecurityHealth"
HKLM\...\StartupApproved\Run: => "WindowsDefender"
HKLM\...\StartupApproved\Run: => "snpstd3"
HKLM\...\StartupApproved\Run: => "UMonit"
HKLM\...\StartupApproved\Run: => "Skd8821"
HKLM\...\StartupApproved\Run: => "AdobeGCInvoker-1.0"
HKLM\...\StartupApproved\Run32: => "GrooveMonitor"
HKLM\...\StartupApproved\Run32: => "SecurityHealth"
HKLM\...\StartupApproved\Run32: => "snpstd3"
HKLM\...\StartupApproved\Run32: => "UMonit"
HKLM\...\StartupApproved\Run32: => "WindowsDefender"
HKLM\...\StartupApproved\Run32: => "AdobeGCInvoker-1.0"
HKLM\...\StartupApproved\Run32: => "MagicPlusHelper"
HKU\S-1-5-21-3829197068-2955107618-1151059083-1001\...\StartupApproved\Run: => "OneDrive"
HKU\S-1-5-21-3829197068-2955107618-1151059083-1001\...\StartupApproved\Run: => "Zoner Photo Studio Autoupdate"
HKU\S-1-5-21-3829197068-2955107618-1151059083-1001\...\StartupApproved\Run: => "AvastBrowserAutoLaunch_6F12923EB02AD11E91B5AF5FC2A0240C"
HKU\S-1-5-21-3829197068-2955107618-1151059083-1001\...\StartupApproved\Run: => "CCleaner Smart Cleaning"

==================== FirewallRules (Whitelisted) ================

(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)

FirewallRules: [UDP Query User{C0711B30-D3EA-4386-9F51-4CEF39293F80}C:\program files\mozilla firefox\firefox.exe] => (Block) C:\program files\mozilla firefox\firefox.exe (Mozilla Corporation -> Mozilla Corporation)
FirewallRules: [TCP Query User{B4817637-7AF7-4747-BBA9-5A2D8BEBFF1F}C:\program files\mozilla firefox\firefox.exe] => (Block) C:\program files\mozilla firefox\firefox.exe (Mozilla Corporation -> Mozilla Corporation)
FirewallRules: [{44FBBCFC-AF47-4FD2-BDAB-6DF495E8236B}] => (Allow) C:\Program Files\Zoner\Photo Studio 17\Program32\MediaServer.exe (ZONER software, a.s. -> ZONER software)
FirewallRules: [UDP Query User{3E0DABE0-9F24-4D78-BA70-F1078169061C}C:\users\wow\appdata\roaming\bittorrent\bittorrent.exe] => (Block) C:\users\wow\appdata\roaming\bittorrent\bittorrent.exe (BitTorrent Inc -> BitTorrent Inc.)
FirewallRules: [TCP Query User{C67B52E9-E180-4A22-BC5B-D16E824E4486}C:\users\wow\appdata\roaming\bittorrent\bittorrent.exe] => (Block) C:\users\wow\appdata\roaming\bittorrent\bittorrent.exe (BitTorrent Inc -> BitTorrent Inc.)
FirewallRules: [{6E18ACE4-A7AB-4F16-99DC-EB75BEE3C474}] => (Allow) C:\Program Files\Mozilla Firefox\firefox.exe (Mozilla Corporation -> Mozilla Corporation)
FirewallRules: [{D826F392-DEBE-4E4D-BD2D-26A5FBD338C3}] => (Allow) C:\Program Files\Mozilla Firefox\firefox.exe (Mozilla Corporation -> Mozilla Corporation)
FirewallRules: [TCP Query User{51E6F166-45BF-4E73-B198-17F6D2E3E5C6}C:\users\wow\appdata\roaming\bittorrent\bittorrent.exe] => (Allow) C:\users\wow\appdata\roaming\bittorrent\bittorrent.exe (BitTorrent Inc -> BitTorrent Inc.)
FirewallRules: [UDP Query User{B43F2FAB-D3EB-4A22-A0EF-223F46811C43}C:\users\wow\appdata\roaming\bittorrent\bittorrent.exe] => (Allow) C:\users\wow\appdata\roaming\bittorrent\bittorrent.exe (BitTorrent Inc -> BitTorrent Inc.)
FirewallRules: [{4CA95690-EFB8-4BBF-91C0-1DFF79901928}] => (Allow) C:\Program Files\CCleaner\CCUpdate.exe (Piriform Software Ltd -> Piriform)
FirewallRules: [{7C89660B-0081-43D1-B52A-5848B3CF00A6}] => (Allow) C:\Program Files\CCleaner\CCUpdate.exe (Piriform Software Ltd -> Piriform)
FirewallRules: [{F8652DAF-59F9-475D-AC16-E8A023C4840C}] => (Allow) C:\Program Files (x86)\AVAST Software\Browser\Application\AvastBrowser.exe (Avast Software s.r.o. -> AVAST Software)
FirewallRules: [{85585CAA-B4E9-47C9-B5A3-CF1234849A5D}] => (Allow) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe (Google LLC -> Google LLC)

==================== Restore Points =========================

15-03-2021 13:39:16 Windows Modules Installer
27-03-2021 02:59:44 Scheduled Checkpoint
04-04-2021 13:31:15 Scheduled Checkpoint
15-04-2021 08:29:42 Windows Modules Installer
15-04-2021 08:42:34 Windows Modules Installer
14-05-2021 09:06:49 Windows Modules Installer
14-05-2021 09:20:14 Windows Modules Installer
17-05-2021 09:07:54 Windows Modules Installer

==================== Faulty Device Manager Devices ============


==================== Event log errors: ========================

Application errors:
==================
Error: (05/17/2021 09:01:35 AM) (Source: Application Error) (EventID: 1000) (User: )
Description: Název chybující aplikace: FreemakeUtilsService.exe, verze: 1.0.0.0, časové razítko: 0x5f742b96
Název chybujícího modulu: KERNELBASE.dll, verze: 10.0.19041.964, časové razítko: 0x11253621
Kód výjimky: 0xe0434352
Posun chyby: 0x0012a6e2
ID chybujícího procesu: 0xd2c
Čas spuštění chybující aplikace: 0x01d74aea77c4e0dc
Cesta k chybující aplikaci: C:\ProgramData\Freemake\FreemakeUtilsService\FreemakeUtilsService.exe
Cesta k chybujícímu modulu: C:\WINDOWS\System32\KERNELBASE.dll
ID zprávy: 767b777e-1de0-4738-80c6-638169622789
Úplný název chybujícího balíčku:
ID aplikace související s chybujícím balíčkem:

Error: (05/17/2021 09:01:32 AM) (Source: .NET Runtime) (EventID: 1026) (User: )
Description: Application: FreemakeUtilsService.exe
Framework Version: v4.0.30319
Description: The process was terminated due to an unhandled exception.
Exception Info: System.IO.FileNotFoundException
at FreemakeUtilsService.Program.Main(System.String[])

Error: (05/16/2021 10:34:29 AM) (Source: Application Error) (EventID: 1000) (User: )
Description: Název chybující aplikace: FreemakeUtilsService.exe, verze: 1.0.0.0, časové razítko: 0x5f742b96
Název chybujícího modulu: KERNELBASE.dll, verze: 10.0.19041.964, časové razítko: 0x11253621
Kód výjimky: 0xe0434352
Posun chyby: 0x0012a6e2
ID chybujícího procesu: 0xd84
Čas spuštění chybující aplikace: 0x01d74a2e42de40ff
Cesta k chybující aplikaci: C:\ProgramData\Freemake\FreemakeUtilsService\FreemakeUtilsService.exe
Cesta k chybujícímu modulu: C:\WINDOWS\System32\KERNELBASE.dll
ID zprávy: ce15dbe6-f16c-41a7-a874-be7f1424fe75
Úplný název chybujícího balíčku:
ID aplikace související s chybujícím balíčkem:

Error: (05/16/2021 10:34:25 AM) (Source: .NET Runtime) (EventID: 1026) (User: )
Description: Application: FreemakeUtilsService.exe
Framework Version: v4.0.30319
Description: The process was terminated due to an unhandled exception.
Exception Info: System.IO.FileNotFoundException
at FreemakeUtilsService.Program.Main(System.String[])

Error: (05/15/2021 11:18:08 PM) (Source: Application Error) (EventID: 1000) (User: )
Description: Název chybující aplikace: FreemakeUtilsService.exe, verze: 1.0.0.0, časové razítko: 0x5f742b96
Název chybujícího modulu: KERNELBASE.dll, verze: 10.0.19041.964, časové razítko: 0x11253621
Kód výjimky: 0xe0434352
Posun chyby: 0x0012a6e2
ID chybujícího procesu: 0xdc0
Čas spuštění chybující aplikace: 0x01d749cfcc78f02a
Cesta k chybující aplikaci: C:\ProgramData\Freemake\FreemakeUtilsService\FreemakeUtilsService.exe
Cesta k chybujícímu modulu: C:\WINDOWS\System32\KERNELBASE.dll
ID zprávy: 694ef8e5-28af-464d-87e0-c098cb0aa952
Úplný název chybujícího balíčku:
ID aplikace související s chybujícím balíčkem:

Error: (05/15/2021 11:18:07 PM) (Source: .NET Runtime) (EventID: 1026) (User: )
Description: Application: FreemakeUtilsService.exe
Framework Version: v4.0.30319
Description: The process was terminated due to an unhandled exception.
Exception Info: System.IO.FileNotFoundException
at FreemakeUtilsService.Program.Main(System.String[])

Error: (05/14/2021 05:19:41 PM) (Source: Application Error) (EventID: 1000) (User: )
Description: Název chybující aplikace: FreemakeUtilsService.exe, verze: 1.0.0.0, časové razítko: 0x5f742b96
Název chybujícího modulu: KERNELBASE.dll, verze: 10.0.19041.964, časové razítko: 0x11253621
Kód výjimky: 0xe0434352
Posun chyby: 0x0012a6e2
ID chybujícího procesu: 0xd5c
Čas spuštění chybující aplikace: 0x01d748d48ae08d89
Cesta k chybující aplikaci: C:\ProgramData\Freemake\FreemakeUtilsService\FreemakeUtilsService.exe
Cesta k chybujícímu modulu: C:\WINDOWS\System32\KERNELBASE.dll
ID zprávy: 61e647f7-2ba7-4785-a642-9db19c5eb7d8
Úplný název chybujícího balíčku:
ID aplikace související s chybujícím balíčkem:

Error: (05/14/2021 05:19:38 PM) (Source: .NET Runtime) (EventID: 1026) (User: )
Description: Application: FreemakeUtilsService.exe
Framework Version: v4.0.30319
Description: The process was terminated due to an unhandled exception.
Exception Info: System.IO.FileNotFoundException
at FreemakeUtilsService.Program.Main(System.String[])


System errors:
=============
Error: (05/17/2021 09:17:18 AM) (Source: DCOM) (EventID: 10001) (User: DESKTOP-89RL4UG)
Description: Nelze spustit server DCOM: Microsoft.MicrosoftEdge_44.19041.964.0_neutral__8wekyb3d8bbwe!MicrosoftEdge jako Není k dispozici/Není k dispozici. Došlo k chybě:
2147942402
při provádění příkazu:
"C:\WINDOWS\SystemApps\Microsoft.MicrosoftEdge_8wekyb3d8bbwe\MicrosoftEdge.exe" -ServerName:MicrosoftEdge.AppXdnhjhccw3zf0j06tkg3jtqr00qdm0khc.mca

Error: (05/17/2021 09:01:37 AM) (Source: Service Control Manager) (EventID: 7000) (User: )
Description: Služba Freemake Improver neuspěla při spuštění v důsledku následující chyby:
Služba neodpověděla na řídicí nebo zahajovací požadavek dostatečně včas.

Error: (05/17/2021 09:01:37 AM) (Source: Service Control Manager) (EventID: 7009) (User: )
Description: Při čekání na připojení služby Freemake Improver bylo dosaženo časového limitu (45000 ms).

Error: (05/16/2021 11:00:42 AM) (Source: DCOM) (EventID: 10001) (User: DESKTOP-89RL4UG)
Description: Nelze spustit server DCOM: Microsoft.MicrosoftEdge_44.19041.964.0_neutral__8wekyb3d8bbwe!MicrosoftEdge.AppXeb42j1vh6rk395pm0vmcx57dxqjhej5d.mca jako Není k dispozici/Není k dispozici. Došlo k chybě:
2147942402
při provádění příkazu:
"C:\WINDOWS\SystemApps\Microsoft.MicrosoftEdge_8wekyb3d8bbwe\MicrosoftEdge.exe" -ServerName:MicrosoftEdge.AppXdnhjhccw3zf0j06tkg3jtqr00qdm0khc.mca

Error: (05/16/2021 10:57:44 AM) (Source: Service Control Manager) (EventID: 7031) (User: )
Description: Služba Print Spooler byla nečekaně ukončena. Stalo se to 1 krát. Následující opravná akce bude spuštěna za 5000 milisekund: Restart the service.

Error: (05/16/2021 10:55:47 AM) (Source: Service Control Manager) (EventID: 7034) (User: )
Description: Služba Adobe Acrobat Update Service byla neočekávaně ukončena. Tento stav nastal již 1krát.

Error: (05/16/2021 10:34:35 AM) (Source: Service Control Manager) (EventID: 7000) (User: )
Description: Služba Freemake Improver neuspěla při spuštění v důsledku následující chyby:
Služba neodpověděla na řídicí nebo zahajovací požadavek dostatečně včas.

Error: (05/16/2021 10:34:35 AM) (Source: Service Control Manager) (EventID: 7009) (User: )
Description: Při čekání na připojení služby Freemake Improver bylo dosaženo časového limitu (45000 ms).


CodeIntegrity:
===============
Date: 2021-05-17 09:21:34
Description:
Code Integrity determined that a process (\Device\HarddiskVolume3\Program Files (x86)\Common Files\Adobe\AdobeGCClient\AGSService.exe) attempted to load \Device\HarddiskVolume3\Program Files\AVAST Software\Avast\x86\aswAMSI.dll that did not meet the Microsoft signing level requirements.

Date: 2021-05-17 09:16:49
Description:
Code Integrity determined that a process (\Device\HarddiskVolume3\Program Files (x86)\AVAST Software\Browser\Application\AvastBrowser.exe) attempted to load \Device\HarddiskVolume3\Program Files\AVAST Software\Avast\aswhook.dll that did not meet the Microsoft signing level requirements.


==================== Memory info ===========================

BIOS: LENOVO M0KKT17A 08/20/2015
Motherboard: LENOVO SHARKBAY
Processor: Intel(R) Pentium(R) CPU G3260 @ 3.30GHz
Percentage of memory in use: 79%
Total physical RAM: 4005.27 MB
Available physical RAM: 817.03 MB
Total Virtual: 5285.27 MB
Available Virtual: 1717.06 MB

==================== Drives ================================

Drive c: (Windows) (Fixed) (Total:411.39 GB) (Free:314.03 GB) NTFS ==>[system with boot components (obtained from drive)]
Drive d: (Back) (Fixed) (Total:488.28 GB) (Free:403.87 GB) NTFS
Drive l: (KINGSTON) (Removable) (Total:28.85 GB) (Free:26.38 GB) FAT32

\\?\Volume{5c54ca0b-3d03-42ee-bf86-f01bfb318e30}\ (WinRE_DRV) (Fixed) (Total:0.98 GB) (Free:0.5 GB) NTFS
\\?\Volume{5e2dc3bb-2067-4d79-81ea-aa2a9ec717e1}\ (LENOVO_PART) (Fixed) (Total:30 GB) (Free:17.25 GB) NTFS
\\?\Volume{d4fd223c-2cf9-4313-a8e0-2b06e7cec4a5}\ (SYSTEM) (Fixed) (Total:0.25 GB) (Free:0.22 GB) FAT32

==================== MBR & Partition Table ====================

==========================================================
Disk: 0 (Size: 931.5 GB) (Disk ID: E7B780F0)

Partition: GPT.

==========================================================
Disk: 1 (MBR Code: Windows XP) (Size: 28.9 GB) (Disk ID: 77E40D7F)
Partition 1: (Active) - (Size=28.9 GB) - (Type=0C)

==================== End of Addition.txt =======================

Uživatelský avatar
Diallix
Rádce
Rádce
Příspěvky: 2760
Registrován: 27 dub 2008 10:34
Kontaktovat uživatele:

Re: PC dlouho od spuštění stále něco načítá

#2 Příspěvek od Diallix »

Dobry den.

:arrow: Stiahnite si na plochu nastroj AdwCleaner, link. na stiahnutie tu: https://toolslib.net/downloads/finish/1/
Pred spustenim nastroja povypinajte vsetke beziace okna programov, to su vsetke beziace programy pod desktopom.
Kliknite pravym tlacidlom mysi na program -> spustit ako Administrator.
Pokracujte kliknutim na tlacidlo Prehladaj teraz (Scan now) a pockajte, kym sa system doskenuje.
Po skene nechajte oznacene vsetky chlieviky, pripadne najdene hrozieby a pokracujte v dolnom pravom rohu tlacidlom Vycistit Teraz (Clean and Repair).
Po restartovani PC sa spusti nastroj AdwCleaner, kliknite na Zobrazit soubor protokolu.
Spusti sa log, jeho obsah skopirujte sem.
Vyšla moja nová kniha BOTNETY! :173: Informácie o nej nájdete tu: >> BOTNETY <<

¯­­­¯­­­¯­­­¯­­­¯­­­¯­­­¯­­­¯­­­¯­­­¯­­­¯­­­¯­­­¯­­­¯­­­¯­­­¯­­­¯­­­¯­­­¯­­­¯­­­¯­­­¯­­­¯­­­¯­­­¯­­­¯­­­¯­­­¯­­­¯­­­¯­­­¯­­­¯­­­¯­­­¯­­­¯­­­¯­­­¯­­­¯­­­¯­­­¯­­­¯­­­¯­­­¯­­­¯­­­¯­­­¯­­­¯­­­¯­­­¯­­­¯­­­¯­­­¯­­­¯­­­¯­­­¯­­­¯­­­¯­­­¯­­­¯­­­¯­­­¯­­­¯­­­¯­­­¯­­­¯­­­¯­­­¯­­­¯­­­¯­­­¯­­­¯­­­¯­­­¯­­­¯­­­¯­­­¯­­­¯­­­¯­­­¯­­­¯­­­¯­­­¯­­­¯­­­¯­­­¯­­­¯­­­¯­­­¯­­­¯­­­¯­­­¯­­­¯­­­¯­­­¯­­­¯­­­¯­­­¯­­­¯­­­¯­­­¯­­­¯­­­¯­­­¯­­­¯­­­¯­­­¯­­­¯­­­¯­­­¯­­­¯­­­¯­­­¯­­­¯­­­¯­­­¯­­­¯­­­¯­­­¯­­­¯­­­¯­­­¯­­­¯­­­¯­­­¯­­­¯­­­¯­­­¯­­­¯­­­¯­­­¯­­­¯­­­¯­­­¯­­­¯­­­¯­­­¯­­­¯­­­¯­­­¯­­­¯­­­¯­­­
---
Obrázek Hľadáme nové posily do nášej CyberSecurity UNIT jednotky. Viac informácií o tom, čo to obnáša a ako sa pripojiť nájdete tu: >> CyberSecurity UNIT << Obrázek
----
Nízkoúrovňový, Vysokoúrovňový programátor - profilová karta tu: card <<
----
Háveťárna - UPLOAD Malwaru: >> upload <<
---
Ak sa Vám ľúbi moja práca a ste sňou spokojný, môžete ma kontaktovať na: diallix@centrum.sk, info@diallix.net alebo diallix@forum.viry.cz .
---
Momentálne aktívny ako:
- konzultant, vývojár a tutor výskumu inteligentného malwaru.
- tutor v oblasti dotazovacích jazykoch SQL (TSQL, PLSQL), objektového programovania (c++,c#,php) pre študentov.

Na fóre pôsobím ako:
- Bezpečnostná autorita viry.cz
- Zástupca tutora pre vzdelávanie nováčikov
- Zakladateľ Cyber Security jednotky

mlzd
Návštěvník
Návštěvník
Příspěvky: 114
Registrován: 02 led 2005 00:36
Bydliště: VDF

Re: PC dlouho od spuštění stále něco načítá

#3 Příspěvek od mlzd »

# -------------------------------
# Malwarebytes AdwCleaner 8.2.0.0
# -------------------------------
# Build: 03-22-2021
# Database: 2021-05-17.1 (Cloud)
# Support: https://www.malwarebytes.com/support
#
# -------------------------------
# Mode: Scan
# -------------------------------
# Start: 05-19-2021
# Duration: 00:00:07
# OS: Windows 10 Home
# Scanned: 31987
# Detected: 0


***** [ Services ] *****

No malicious services found.

***** [ Folders ] *****

No malicious folders found.

***** [ Files ] *****

No malicious files found.

***** [ DLL ] *****

No malicious DLLs found.

***** [ WMI ] *****

No malicious WMI found.

***** [ Shortcuts ] *****

No malicious shortcuts found.

***** [ Tasks ] *****

No malicious tasks found.

***** [ Registry ] *****

No malicious registry entries found.

***** [ Chromium (and derivatives) ] *****

No malicious Chromium entries found.

***** [ Chromium URLs ] *****

No malicious Chromium URLs found.

***** [ Firefox (and derivatives) ] *****

No malicious Firefox entries found.

***** [ Firefox URLs ] *****

No malicious Firefox URLs found.

***** [ Hosts File Entries ] *****

No malicious hosts file entries found.

***** [ Preinstalled Software ] *****

No Preinstalled Software found.


AdwCleaner[S00].txt - [1950 octets] - [15/10/2020 11:56:14]
AdwCleaner[C00].txt - [2028 octets] - [15/10/2020 11:57:01]
AdwCleaner[S01].txt - [1528 octets] - [20/10/2020 22:55:22]
AdwCleaner[S02].txt - [1589 octets] - [01/11/2020 09:46:33]
AdwCleaner[S03].txt - [1650 octets] - [01/11/2020 09:47:41]
AdwCleaner[S04].txt - [1711 octets] - [01/11/2020 09:48:19]
AdwCleaner[S05].txt - [1772 octets] - [15/01/2021 12:09:59]
AdwCleaner[S06].txt - [1833 octets] - [15/01/2021 12:11:51]
AdwCleaner[S07].txt - [1893 octets] - [15/02/2021 14:01:22]
AdwCleaner[S08].txt - [1955 octets] - [15/04/2021 09:14:54]
AdwCleaner[S09].txt - [2016 octets] - [15/04/2021 09:16:04]
AdwCleaner[S10].txt - [2077 octets] - [19/05/2021 11:08:25]
AdwCleaner[S11].txt - [2138 octets] - [19/05/2021 11:09:37]
AdwCleaner[S12].txt - [2199 octets] - [19/05/2021 11:11:19]

########## EOF - C:\AdwCleaner\Logs\AdwCleaner[S13].txt ##########

Snad jsem stáhl správnou aplikaci... (?)

Uživatelský avatar
Diallix
Rádce
Rádce
Příspěvky: 2760
Registrován: 27 dub 2008 10:34
Kontaktovat uživatele:

Re: PC dlouho od spuštění stále něco načítá

#4 Příspěvek od Diallix »

:arrow: Do poznamkoveho bloku skopirujte obsah dole:

Kód: Vybrat vše

HKLM\...\Run: [AdobeGCInvoker-1.0] => C:\Program Files (x86)\Common Files\Adobe\AdobeGCClient\AGCInvokerUtility.exe [3412680 2021-02-17] (Adobe Inc. -> Adobe Systems, Incorporated)
HKLM-x32\...\Run: [GrooveMonitor] => C:\Program Files (x86)\Microsoft Office\Office12\GrooveMonitor.exe [30040 2009-02-26] (Microsoft Corporation -> Microsoft Corporation)
HKU\S-1-5-21-3829197068-2955107618-1151059083-1001\...\MountPoints2: {c238881e-3093-11e7-9bcb-b8aeed9e8c33} - "G:\WD Drive Unlock.exe" autoplay=true
HKLM\SOFTWARE\Policies\Mozilla\Firefox: Restriction <==== ATTENTION
Task: {13A71560-E1FF-4F3C-9351-5C5CD38EA73B} - System32\Tasks\GoogleUpdateTaskMachineCore => C:\Program Files (x86)\Google\Update\GoogleUpdate.exe [153168 2017-05-04] (Google Inc -> Google Inc.)
Task: {682FA09C-6ECB-4EC5-AF92-A8247A922FD3} - System32\Tasks\Lenovo\Experience Improvement => C:\Program Files\Lenovo\ExperienceImprovement\LenovoExperienceImprovement.exe
Task: {6910D012-B236-413F-91E3-E3E7F31B80B1} - System32\Tasks\Microsoft\Windows Live\SOXE\Extractor Definitions Update Task => {3519154C-227E-47F3-9CC9-12C3F05817F1}
Task: {B91AAD48-B722-4AEC-94F6-A3D60CF2428F} - System32\Tasks\GoogleUpdateTaskMachineUA => C:\Program Files (x86)\Google\Update\GoogleUpdate.exe [153168 2017-05-04] (Google Inc -> Google Inc.)
Task: {E107EB7E-DA3E-477F-A8CA-600CAC5A6F71} - System32\Tasks\AdobeGCInvoker-1.0 => C:\Program Files (x86)\Common Files\Adobe\AdobeGCClient\AGCInvokerUtility.exe [3412680 2021-02-17] (Adobe Inc. -> Adobe Systems, Incorporated)
Edge Extension: (No Name) -> AutoFormFill_5ED10D46BD7E47DEB1F3685D2C0FCE08 => C:\Windows\SystemApps\Microsoft.MicrosoftEdge_8wekyb3d8bbwe\Assets\HostExtensions\AutoFormFill [not found]
Edge Extension: (No Name) -> BookReader_B171F20233094AC88D05A8EF7B9763E8 => C:\Windows\SystemApps\Microsoft.MicrosoftEdge_8wekyb3d8bbwe\Assets\BookViewer [not found]
Edge Extension: (No Name) -> LearningTools_7706F933-971C-41D1-9899-8A026EB5D824 => C:\Windows\SystemApps\Microsoft.MicrosoftEdge_8wekyb3d8bbwe\Assets\HostExtensions\LearningTools [not found]
Edge Extension: (No Name) -> PinJSAPI_EC01B57063BE468FAB6DB7EBFC3BF368 => C:\Windows\SystemApps\Microsoft.MicrosoftEdge_8wekyb3d8bbwe\Assets\HostExtensions\PinJSAPI [not found]
FF Notifications: Mozilla\Firefox\Profiles\py09br4x.default-1604058508666 -> hxxps://www.pinterest.ca
CHR HKU\S-1-5-21-3829197068-2955107618-1151059083-1001\SOFTWARE\Google\Chrome\Extensions\...\Chrome\Extension: [lmjegmlicamnimmfhcmpkclmigmmcbeh]
SearchScopes: HKU\S-1-5-21-3829197068-2955107618-1151059083-1001 -> DefaultScope {7DCCD605-BF48-4263-B88F-15581608CFFB} URL =
SearchScopes: HKU\S-1-5-21-3829197068-2955107618-1151059083-1001 -> {7DCCD605-BF48-4263-B88F-15581608CFFB} URL =
HKU\S-1-5-21-3829197068-2955107618-1151059083-1001\...\StartupApproved\Run: => "Zoner Photo Studio Autoupdate"
HKLM\...\StartupApproved\Run32: => "AdobeGCInvoker-1.0"
HKLM\...\StartupApproved\Run32: => "MagicPlusHelper"
HKLM\...\StartupApproved\Run32: => "snpstd3"
HKLM\...\StartupApproved\Run32: => "UMonit"
HKLM\...\StartupApproved\Run: => "snpstd3"
HKLM\...\StartupApproved\Run: => "UMonit"
HKLM\...\StartupApproved\Run: => "Skd8821"
HKLM\...\StartupApproved\Run: => "AdobeGCInvoker-1.0"
HKLM\...\StartupApproved\Run32: => "GrooveMonitor"

EmptyTemp:
Poznamkovy blok ulozte pod nazvom fixlist.txt do umiestnenia kde je FRST.
Spustite FRST a odkliknite tlacidlo: Fix
Vykona sa funkcionalita po ktorej sa pocitac rebootuje. Po reboote sem vlozte obsah logu: fixlog.txt ulozeneho v umiestneni FRST.

:arrow: Poprosim po predoslom kroku nove logy FRST + ADDITION
Vyšla moja nová kniha BOTNETY! :173: Informácie o nej nájdete tu: >> BOTNETY <<

¯­­­¯­­­¯­­­¯­­­¯­­­¯­­­¯­­­¯­­­¯­­­¯­­­¯­­­¯­­­¯­­­¯­­­¯­­­¯­­­¯­­­¯­­­¯­­­¯­­­¯­­­¯­­­¯­­­¯­­­¯­­­¯­­­¯­­­¯­­­¯­­­¯­­­¯­­­¯­­­¯­­­¯­­­¯­­­¯­­­¯­­­¯­­­¯­­­¯­­­¯­­­¯­­­¯­­­¯­­­¯­­­¯­­­¯­­­¯­­­¯­­­¯­­­¯­­­¯­­­¯­­­¯­­­¯­­­¯­­­¯­­­¯­­­¯­­­¯­­­¯­­­¯­­­¯­­­¯­­­¯­­­¯­­­¯­­­¯­­­¯­­­¯­­­¯­­­¯­­­¯­­­¯­­­¯­­­¯­­­¯­­­¯­­­¯­­­¯­­­¯­­­¯­­­¯­­­¯­­­¯­­­¯­­­¯­­­¯­­­¯­­­¯­­­¯­­­¯­­­¯­­­¯­­­¯­­­¯­­­¯­­­¯­­­¯­­­¯­­­¯­­­¯­­­¯­­­¯­­­¯­­­¯­­­¯­­­¯­­­¯­­­¯­­­¯­­­¯­­­¯­­­¯­­­¯­­­¯­­­¯­­­¯­­­¯­­­¯­­­¯­­­¯­­­¯­­­¯­­­¯­­­¯­­­¯­­­¯­­­¯­­­¯­­­¯­­­¯­­­¯­­­¯­­­¯­­­¯­­­¯­­­¯­­­¯­­­¯­­­¯­­­
---
Obrázek Hľadáme nové posily do nášej CyberSecurity UNIT jednotky. Viac informácií o tom, čo to obnáša a ako sa pripojiť nájdete tu: >> CyberSecurity UNIT << Obrázek
----
Nízkoúrovňový, Vysokoúrovňový programátor - profilová karta tu: card <<
----
Háveťárna - UPLOAD Malwaru: >> upload <<
---
Ak sa Vám ľúbi moja práca a ste sňou spokojný, môžete ma kontaktovať na: diallix@centrum.sk, info@diallix.net alebo diallix@forum.viry.cz .
---
Momentálne aktívny ako:
- konzultant, vývojár a tutor výskumu inteligentného malwaru.
- tutor v oblasti dotazovacích jazykoch SQL (TSQL, PLSQL), objektového programovania (c++,c#,php) pre študentov.

Na fóre pôsobím ako:
- Bezpečnostná autorita viry.cz
- Zástupca tutora pre vzdelávanie nováčikov
- Zakladateľ Cyber Security jednotky

mlzd
Návštěvník
Návštěvník
Příspěvky: 114
Registrován: 02 led 2005 00:36
Bydliště: VDF

Re: PC dlouho od spuštění stále něco načítá

#5 Příspěvek od mlzd »

Fix result of Farbar Recovery Scan Tool (x64) Version: 19-05-2021
Ran by wow (19-05-2021 22:52:49) Run:2
Running from C:\Users\wow\Desktop
Loaded Profiles: wow
Boot Mode: Normal
==============================================

fixlist content:
*****************
HKLM\...\Run: [AdobeGCInvoker-1.0] => C:\Program Files (x86)\Common Files\Adobe\AdobeGCClient\AGCInvokerUtility.exe [3412680 2021-02-17] (Adobe Inc. -> Adobe Systems, Incorporated)
HKLM-x32\...\Run: [GrooveMonitor] => C:\Program Files (x86)\Microsoft Office\Office12\GrooveMonitor.exe [30040 2009-02-26] (Microsoft Corporation -> Microsoft Corporation)
HKU\S-1-5-21-3829197068-2955107618-1151059083-1001\...\MountPoints2: {c238881e-3093-11e7-9bcb-b8aeed9e8c33} - "G:\WD Drive Unlock.exe" autoplay=true
HKLM\SOFTWARE\Policies\Mozilla\Firefox: Restriction <==== ATTENTION
Task: {13A71560-E1FF-4F3C-9351-5C5CD38EA73B} - System32\Tasks\GoogleUpdateTaskMachineCore => C:\Program Files (x86)\Google\Update\GoogleUpdate.exe [153168 2017-05-04] (Google Inc -> Google Inc.)
Task: {682FA09C-6ECB-4EC5-AF92-A8247A922FD3} - System32\Tasks\Lenovo\Experience Improvement => C:\Program Files\Lenovo\ExperienceImprovement\LenovoExperienceImprovement.exe
Task: {6910D012-B236-413F-91E3-E3E7F31B80B1} - System32\Tasks\Microsoft\Windows Live\SOXE\Extractor Definitions Update Task => {3519154C-227E-47F3-9CC9-12C3F05817F1}
Task: {B91AAD48-B722-4AEC-94F6-A3D60CF2428F} - System32\Tasks\GoogleUpdateTaskMachineUA => C:\Program Files (x86)\Google\Update\GoogleUpdate.exe [153168 2017-05-04] (Google Inc -> Google Inc.)
Task: {E107EB7E-DA3E-477F-A8CA-600CAC5A6F71} - System32\Tasks\AdobeGCInvoker-1.0 => C:\Program Files (x86)\Common Files\Adobe\AdobeGCClient\AGCInvokerUtility.exe [3412680 2021-02-17] (Adobe Inc. -> Adobe Systems, Incorporated)
Edge Extension: (No Name) -> AutoFormFill_5ED10D46BD7E47DEB1F3685D2C0FCE08 => C:\Windows\SystemApps\Microsoft.MicrosoftEdge_8wekyb3d8bbwe\Assets\HostExtensions\AutoFormFill [not found]
Edge Extension: (No Name) -> BookReader_B171F20233094AC88D05A8EF7B9763E8 => C:\Windows\SystemApps\Microsoft.MicrosoftEdge_8wekyb3d8bbwe\Assets\BookViewer [not found]
Edge Extension: (No Name) -> LearningTools_7706F933-971C-41D1-9899-8A026EB5D824 => C:\Windows\SystemApps\Microsoft.MicrosoftEdge_8wekyb3d8bbwe\Assets\HostExtensions\LearningTools [not found]
Edge Extension: (No Name) -> PinJSAPI_EC01B57063BE468FAB6DB7EBFC3BF368 => C:\Windows\SystemApps\Microsoft.MicrosoftEdge_8wekyb3d8bbwe\Assets\HostExtensions\PinJSAPI [not found]
FF Notifications: Mozilla\Firefox\Profiles\py09br4x.default-1604058508666 -> hxxps://www.pinterest.ca
CHR HKU\S-1-5-21-3829197068-2955107618-1151059083-1001\SOFTWARE\Google\Chrome\Extensions\...\Chrome\Extension: [lmjegmlicamnimmfhcmpkclmigmmcbeh]
SearchScopes: HKU\S-1-5-21-3829197068-2955107618-1151059083-1001 -> DefaultScope {7DCCD605-BF48-4263-B88F-15581608CFFB} URL =
SearchScopes: HKU\S-1-5-21-3829197068-2955107618-1151059083-1001 -> {7DCCD605-BF48-4263-B88F-15581608CFFB} URL =
HKU\S-1-5-21-3829197068-2955107618-1151059083-1001\...\StartupApproved\Run: => "Zoner Photo Studio Autoupdate"
HKLM\...\StartupApproved\Run32: => "AdobeGCInvoker-1.0"
HKLM\...\StartupApproved\Run32: => "MagicPlusHelper"
HKLM\...\StartupApproved\Run32: => "snpstd3"
HKLM\...\StartupApproved\Run32: => "UMonit"
HKLM\...\StartupApproved\Run: => "snpstd3"
HKLM\...\StartupApproved\Run: => "UMonit"
HKLM\...\StartupApproved\Run: => "Skd8821"
HKLM\...\StartupApproved\Run: => "AdobeGCInvoker-1.0"
HKLM\...\StartupApproved\Run32: => "GrooveMonitor"

EmptyTemp:

*****************

"HKLM\Software\Microsoft\Windows\CurrentVersion\Run\\AdobeGCInvoker-1.0" => removed successfully
"HKLM\Software\WOW6432Node\Microsoft\Windows\CurrentVersion\Run\\GrooveMonitor" => removed successfully
HKU\S-1-5-21-3829197068-2955107618-1151059083-1001\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\MountPoints2\{c238881e-3093-11e7-9bcb-b8aeed9e8c33} => removed successfully
HKLM\SOFTWARE\Policies\Mozilla => removed successfully
"HKLM\Software\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Logon\{13A71560-E1FF-4F3C-9351-5C5CD38EA73B}" => removed successfully
"HKLM\Software\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tasks\{13A71560-E1FF-4F3C-9351-5C5CD38EA73B}" => removed successfully
C:\WINDOWS\System32\Tasks\GoogleUpdateTaskMachineCore => moved successfully
"HKLM\Software\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tree\GoogleUpdateTaskMachineCore" => removed successfully
HKLM\Software\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Plain\{682FA09C-6ECB-4EC5-AF92-A8247A922FD3} => removed successfully
HKLM\Software\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tasks\{682FA09C-6ECB-4EC5-AF92-A8247A922FD3} => removed successfully
C:\WINDOWS\System32\Tasks\Lenovo\Experience Improvement => moved successfully
HKLM\Software\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tree\Lenovo\Experience Improvement => removed successfully
"HKLM\Software\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Logon\{6910D012-B236-413F-91E3-E3E7F31B80B1}" => removed successfully
"HKLM\Software\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tasks\{6910D012-B236-413F-91E3-E3E7F31B80B1}" => removed successfully
C:\WINDOWS\System32\Tasks\Microsoft\Windows Live\SOXE\Extractor Definitions Update Task => moved successfully
"HKLM\Software\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tree\Microsoft\Windows Live\SOXE\Extractor Definitions Update Task" => removed successfully
"HKLM\Software\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Plain\{B91AAD48-B722-4AEC-94F6-A3D60CF2428F}" => removed successfully
"HKLM\Software\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tasks\{B91AAD48-B722-4AEC-94F6-A3D60CF2428F}" => removed successfully
C:\WINDOWS\System32\Tasks\GoogleUpdateTaskMachineUA => moved successfully
"HKLM\Software\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tree\GoogleUpdateTaskMachineUA" => removed successfully
"HKLM\Software\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Plain\{E107EB7E-DA3E-477F-A8CA-600CAC5A6F71}" => removed successfully
"HKLM\Software\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tasks\{E107EB7E-DA3E-477F-A8CA-600CAC5A6F71}" => removed successfully
C:\WINDOWS\System32\Tasks\AdobeGCInvoker-1.0 => moved successfully
"HKLM\Software\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tree\AdobeGCInvoker-1.0" => removed successfully
HKCU\Software\Classes\Local Settings\Software\Microsoft\Windows\CurrentVersion\AppContainer\Storage\microsoft.microsoftedge_8wekyb3d8bbwe\MicrosoftEdge\ExtensionsStore\datastore\Config\AutoFormFill_5ED10D46BD7E47DEB1F3685D2C0FCE08 => removed successfully
HKCU\Software\Classes\Local Settings\Software\Microsoft\Windows\CurrentVersion\AppContainer\Storage\microsoft.microsoftedge_8wekyb3d8bbwe\MicrosoftEdge\ExtensionsStore\datastore\Config\BookReader_B171F20233094AC88D05A8EF7B9763E8 => removed successfully
HKCU\Software\Classes\Local Settings\Software\Microsoft\Windows\CurrentVersion\AppContainer\Storage\microsoft.microsoftedge_8wekyb3d8bbwe\MicrosoftEdge\ExtensionsStore\datastore\Config\LearningTools_7706F933-971C-41D1-9899-8A026EB5D824 => removed successfully
HKCU\Software\Classes\Local Settings\Software\Microsoft\Windows\CurrentVersion\AppContainer\Storage\microsoft.microsoftedge_8wekyb3d8bbwe\MicrosoftEdge\ExtensionsStore\datastore\Config\PinJSAPI_EC01B57063BE468FAB6DB7EBFC3BF368 => removed successfully
"FF Notifications:" => removed successfully
HKU\S-1-5-21-3829197068-2955107618-1151059083-1001\SOFTWARE\Google\Chrome\Extensions\lmjegmlicamnimmfhcmpkclmigmmcbeh => removed successfully
"HKU\S-1-5-21-3829197068-2955107618-1151059083-1001\SOFTWARE\Microsoft\Internet Explorer\SearchScopes\\DefaultScope" => removed successfully
HKU\S-1-5-21-3829197068-2955107618-1151059083-1001\SOFTWARE\Microsoft\Internet Explorer\SearchScopes\{7DCCD605-BF48-4263-B88F-15581608CFFB} => removed successfully
"HKU\S-1-5-21-3829197068-2955107618-1151059083-1001\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\StartupApproved\Run\\Zoner Photo Studio Autoupdate" => removed successfully
"HKU\S-1-5-21-3829197068-2955107618-1151059083-1001\SOFTWARE\Microsoft\Windows\CurrentVersion\Run\\Zoner Photo Studio Autoupdate" => removed successfully
"HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\StartupApproved\Run32\\AdobeGCInvoker-1.0" => removed successfully
"HKLM\SOFTWARE\WOW6432Node\Microsoft\Windows\CurrentVersion\Run\\AdobeGCInvoker-1.0" => not found
"HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\StartupApproved\Run32\\MagicPlusHelper" => removed successfully
"HKLM\SOFTWARE\WOW6432Node\Microsoft\Windows\CurrentVersion\Run\\MagicPlusHelper" => not found
"HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\StartupApproved\Run32\\snpstd3" => removed successfully
"HKLM\SOFTWARE\WOW6432Node\Microsoft\Windows\CurrentVersion\Run\\snpstd3" => not found
"HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\StartupApproved\Run32\\UMonit" => removed successfully
"HKLM\SOFTWARE\WOW6432Node\Microsoft\Windows\CurrentVersion\Run\\UMonit" => not found
"HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\StartupApproved\Run\\snpstd3" => removed successfully
"HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Run\\snpstd3" => not found
"HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\StartupApproved\Run\\UMonit" => removed successfully
"HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Run\\UMonit" => removed successfully
"HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\StartupApproved\Run\\Skd8821" => removed successfully
"HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Run\\Skd8821" => removed successfully
"HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\StartupApproved\Run\\AdobeGCInvoker-1.0" => removed successfully
"HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Run\\AdobeGCInvoker-1.0" => not found
"HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\StartupApproved\Run32\\GrooveMonitor" => removed successfully
"HKLM\SOFTWARE\WOW6432Node\Microsoft\Windows\CurrentVersion\Run\\GrooveMonitor" => not found

=========== EmptyTemp: ==========

BITS transfer queue => 10510336 B
DOMStore, IE Recovery, AppCache, Feeds Cache, Thumbcache, IconCache => 11658409 B
Java, Flash, Steam htmlcache => 291 B
Windows/system/drivers => 55658 B
Edge => 0 B
Chrome => 141860 B
Firefox => 186819399 B
Opera => 0 B

Temp, IE cache, history, cookies, recent:
Default => 0 B
ProgramData => 0 B
Public => 0 B
systemprofile => 0 B
systemprofile32 => 0 B
LocalService => 1408642 B
NetworkService => 1408642 B
wow => 44346393 B

RecycleBin => 125891310 B
EmptyTemp: => 364.5 MB temporary data Removed.

================================


The system needed a reboot.

==== End of Fixlog 22:53:54 ====

Uživatelský avatar
Diallix
Rádce
Rádce
Příspěvky: 2760
Registrován: 27 dub 2008 10:34
Kontaktovat uživatele:

Re: PC dlouho od spuštění stále něco načítá

#6 Příspěvek od Diallix »

Vlozte sem nove logy FRST + ADDITION
Vyšla moja nová kniha BOTNETY! :173: Informácie o nej nájdete tu: >> BOTNETY <<

¯­­­¯­­­¯­­­¯­­­¯­­­¯­­­¯­­­¯­­­¯­­­¯­­­¯­­­¯­­­¯­­­¯­­­¯­­­¯­­­¯­­­¯­­­¯­­­¯­­­¯­­­¯­­­¯­­­¯­­­¯­­­¯­­­¯­­­¯­­­¯­­­¯­­­¯­­­¯­­­¯­­­¯­­­¯­­­¯­­­¯­­­¯­­­¯­­­¯­­­¯­­­¯­­­¯­­­¯­­­¯­­­¯­­­¯­­­¯­­­¯­­­¯­­­¯­­­¯­­­¯­­­¯­­­¯­­­¯­­­¯­­­¯­­­¯­­­¯­­­¯­­­¯­­­¯­­­¯­­­¯­­­¯­­­¯­­­¯­­­¯­­­¯­­­¯­­­¯­­­¯­­­¯­­­¯­­­¯­­­¯­­­¯­­­¯­­­¯­­­¯­­­¯­­­¯­­­¯­­­¯­­­¯­­­¯­­­¯­­­¯­­­¯­­­¯­­­¯­­­¯­­­¯­­­¯­­­¯­­­¯­­­¯­­­¯­­­¯­­­¯­­­¯­­­¯­­­¯­­­¯­­­¯­­­¯­­­¯­­­¯­­­¯­­­¯­­­¯­­­¯­­­¯­­­¯­­­¯­­­¯­­­¯­­­¯­­­¯­­­¯­­­¯­­­¯­­­¯­­­¯­­­¯­­­¯­­­¯­­­¯­­­¯­­­¯­­­¯­­­¯­­­¯­­­¯­­­¯­­­¯­­­¯­­­¯­­­¯­­­¯­­­
---
Obrázek Hľadáme nové posily do nášej CyberSecurity UNIT jednotky. Viac informácií o tom, čo to obnáša a ako sa pripojiť nájdete tu: >> CyberSecurity UNIT << Obrázek
----
Nízkoúrovňový, Vysokoúrovňový programátor - profilová karta tu: card <<
----
Háveťárna - UPLOAD Malwaru: >> upload <<
---
Ak sa Vám ľúbi moja práca a ste sňou spokojný, môžete ma kontaktovať na: diallix@centrum.sk, info@diallix.net alebo diallix@forum.viry.cz .
---
Momentálne aktívny ako:
- konzultant, vývojár a tutor výskumu inteligentného malwaru.
- tutor v oblasti dotazovacích jazykoch SQL (TSQL, PLSQL), objektového programovania (c++,c#,php) pre študentov.

Na fóre pôsobím ako:
- Bezpečnostná autorita viry.cz
- Zástupca tutora pre vzdelávanie nováčikov
- Zakladateľ Cyber Security jednotky

mlzd
Návštěvník
Návštěvník
Příspěvky: 114
Registrován: 02 led 2005 00:36
Bydliště: VDF

Re: PC dlouho od spuštění stále něco načítá

#7 Příspěvek od mlzd »

Scan result of Farbar Recovery Scan Tool (FRST) (x64) Version: 19-05-2021
Ran by wow (administrator) on DESKTOP-89RL4UG (LENOVO 90F1001ECK) (20-05-2021 10:12:08)
Running from C:\Users\wow\Desktop
Loaded Profiles: wow
Platform: Windows 10 Home Version 2004 19041.985 (X64) Language: Angličtina (Spojené státy) -> Čeština (Česko)
Default browser: FF
Boot Mode: Normal

==================== Processes (Whitelisted) =================

(If an entry is included in the fixlist, the process will be closed. The file will not be moved.)

() [File not signed] C:\Program Files\Lenovo\Lenovo Slim USB Keyboard\Sks8821.exe
(Adobe Inc. -> Adobe Inc.) C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\armsvc.exe
(Adobe Inc. -> Adobe Systems, Incorporated) C:\Program Files (x86)\Common Files\Adobe\AdobeGCClient\AGMService.exe
(Adobe Inc. -> Adobe Systems, Incorporated) C:\Program Files (x86)\Common Files\Adobe\AdobeGCClient\AGSService.exe
(Avast Software s.r.o. -> AVAST Software) C:\Program Files (x86)\AVAST Software\Browser\Update\1.8.1065.0\AvastBrowserCrashHandler.exe
(Avast Software s.r.o. -> AVAST Software) C:\Program Files (x86)\AVAST Software\Browser\Update\1.8.1065.0\AvastBrowserCrashHandler64.exe
(Avast Software s.r.o. -> AVAST Software) C:\Program Files\AVAST Software\Avast\aswEngSrv.exe
(Avast Software s.r.o. -> AVAST Software) C:\Program Files\AVAST Software\Avast\aswidsagent.exe
(Avast Software s.r.o. -> AVAST Software) C:\Program Files\AVAST Software\Avast\aswToolsSvc.exe
(Avast Software s.r.o. -> AVAST Software) C:\Program Files\AVAST Software\Avast\AvastSvc.exe
(Avast Software s.r.o. -> AVAST Software) C:\Program Files\AVAST Software\Avast\AvastUI.exe <3>
(Avast Software s.r.o. -> AVAST Software) C:\Program Files\AVAST Software\Avast\wsc_proxy.exe
(Google Inc -> Google Inc.) C:\Program Files (x86)\Google\Update\GoogleUpdate.exe
(Google LLC -> ) C:\Program Files\Google\Drive\googledrivesync.exe <2>
(Google LLC -> Google LLC) C:\Program Files (x86)\Google\Update\1.3.36.82\GoogleCrashHandler.exe
(Google LLC -> Google LLC) C:\Program Files (x86)\Google\Update\1.3.36.82\GoogleCrashHandler64.exe
(HP Inc. -> HP Inc.) C:\Program Files\HPPrintScanDoctor\HPPrintScanDoctorService.exe
(Intel Corporation - Embedded Subsystems and IP Blocks Group -> Intel Corporation) C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\DAL\jhi_service.exe
(Intel Corporation - Embedded Subsystems and IP Blocks Group -> Intel Corporation) C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\LMS\LMS.exe
(Intel Corporation) [File not signed] C:\Program Files (x86)\Intel\Intel(R) Security Assist\isa.exe
(LITEON) [File not signed] C:\Program Files\Lenovo\Lenovo Slim USB Keyboard\skdh8821.exe
(Microsoft Corporation -> Microsoft Corporation) C:\Windows\Microsoft.NET\Framework64\v3.0\WPF\PresentationFontCache.exe
(Microsoft Windows -> Microsoft Corporation) C:\Windows\ImmersiveControlPanel\SystemSettings.exe
(Microsoft Windows -> Microsoft Corporation) C:\Windows\System32\oobe\UserOOBEBroker.exe
(Microsoft Windows -> Microsoft Corporation) C:\Windows\System32\smartscreen.exe
(Microsoft Windows Hardware Compatibility Publisher -> ) C:\Windows\System32\igfxTray.exe
(Microsoft Windows Hardware Compatibility Publisher -> Intel Corporation) C:\Windows\System32\igfxCUIService.exe
(Microsoft Windows Hardware Compatibility Publisher -> Intel Corporation) C:\Windows\System32\igfxEM.exe
(Microsoft Windows Hardware Compatibility Publisher -> Intel Corporation) C:\Windows\System32\igfxHK.exe
(Mozilla Corporation -> Mozilla Corporation) C:\Program Files\Mozilla Firefox\firefox.exe <7>
(Piriform Software Ltd -> Piriform Software Ltd) C:\Program Files\CCleaner\CCleaner64.exe
(Realtek Semiconductor Corp -> Realtek Semiconductor) C:\Program Files\Realtek\Audio\HDA\RAVBg64.exe
(Realtek Semiconductor Corp -> Realtek Semiconductor) C:\Program Files\Realtek\Audio\HDA\RAVCpl64.exe

==================== Registry (Whitelisted) ===================

(If an entry is included in the fixlist, the registry item will be restored to default or removed. The file will not be moved.)

HKLM\...\Run: [AvastUI.exe] => C:\Program Files\AVAST Software\Avast\AvLaunch.exe [118496 2021-04-30] (Avast Software s.r.o. -> AVAST Software)
HKU\S-1-5-21-3829197068-2955107618-1151059083-1001\...\Run: [GoogleDriveSync] => C:\Program Files\Google\Drive\googledrivesync.exe [50041472 2021-03-12] (Google LLC -> )
HKU\S-1-5-21-3829197068-2955107618-1151059083-1001\...\Run: [CCleaner Smart Cleaning] => C:\Program Files\CCleaner\CCleaner64.exe [33698888 2021-04-22] (Piriform Software Ltd -> Piriform Software Ltd)
HKLM\Software\Microsoft\Active Setup\Installed Components: [{30C521FB-255B-46C8-9F0D-EE5AE371C9AA}] -> C:\Program Files (x86)\AVAST Software\Browser\Application\90.0.9316.93\Installer\chrmstp.exe [2021-05-06] (Avast Software s.r.o. -> AVAST Software)
HKLM\Software\Microsoft\Active Setup\Installed Components: [{8A69D345-D564-463c-AFF1-A69D9E530F96}] -> C:\Program Files (x86)\Google\Chrome\Application\90.0.4430.212\Installer\chrmstp.exe [2021-05-13] (Google LLC -> Google LLC)
HKLM\Software\Wow6432Node\Microsoft\Active Setup\Installed Components: [{30C521FB-255B-46C8-9F0D-EE5AE371C9AA}] -> "C:\Program Files (x86)\AVAST Software\Browser\Application\86.1.6782.183\Installer\chrmstp.exe" --configure-user-settings --verbose-logging --system-level
BootExecute: autocheck autochk * icarus_rvrt.exe
HKLM\SOFTWARE\Policies\Mozilla\Firefox: Restriction <==== ATTENTION

==================== Scheduled Tasks (Whitelisted) ============

(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)

Task: {0477F3B5-7BD9-4915-B799-5733351AD00A} - System32\Tasks\HP\HP Print Scan Doctor\Printer Health Monitor => C:\Program Files\HPPrintScanDoctor\HPPrinterHealthMonitor.exe [38504 2021-05-10] (HP Inc. -> HP Inc.)
Task: {0B027715-E8F3-471C-8E12-38A46BB1B152} - System32\Tasks\RTKCPL => C:\Program Files\Realtek\Audio\HDA\RAVCpl64.exe [14021336 2015-06-18] (Realtek Semiconductor Corp -> Realtek Semiconductor)
Task: {10624289-28C4-44D3-B739-B9A39B5D9DD8} - System32\Tasks\CCleaner Update => C:\Program Files\CCleaner\CCUpdate.exe [684976 2021-04-22] (Piriform Software Ltd -> Piriform)
Task: {1F384BCA-F7BC-4900-8EC0-5EFF9A6E64A2} - System32\Tasks\Avast Secure Browser Heartbeat Task (Logon) => C:\Program Files (x86)\AVAST Software\Browser\Application\AvastBrowser.exe [2235800 2021-04-27] (Avast Software s.r.o. -> AVAST Software)
Task: {332BEADE-FA59-4DE0-A8AE-703E098EF9EE} - System32\Tasks\Lenovo\Lenovo Customer Feedback Program 64 35 => C:\Program Files (x86)\Lenovo\Customer Feedback Program 35\Lenovo.TVT.CustomerFeedback.Agent35.exe [16832 2015-07-02] (LENOVO -> Lenovo)
Task: {3604CD51-66DB-41D2-BE66-177777A8D7EF} - System32\Tasks\Avast Software\Overseer => C:\Program Files\Common Files\Avast Software\Overseer\overseer.exe [1790184 2021-04-30] (Avast Software s.r.o. -> Avast Software)
Task: {376BF646-AAB3-4006-BEF8-63BEFDC4FF3A} - System32\Tasks\Avast Secure Browser Heartbeat Task (Hourly) => C:\Program Files (x86)\AVAST Software\Browser\Application\AvastBrowser.exe [2235800 2021-04-27] (Avast Software s.r.o. -> AVAST Software)
Task: {3CA42C64-BB1B-4A4F-910E-D797E5FEBC39} - System32\Tasks\RtHDVBg_LENOVO_MICPKEY => C:\Program Files\Realtek\Audio\HDA\RAVBg64.exe [1393880 2015-04-28] (Realtek Semiconductor Corp -> Realtek Semiconductor)
Task: {5853D4A8-F101-4BD6-8222-1D11E87D930D} - System32\Tasks\CCleanerSkipUAC => C:\Program Files\CCleaner\CCleaner.exe [28082760 2021-04-22] (Piriform Software Ltd -> Piriform Software Ltd)
Task: {A263ED01-D78A-4D57-9923-E968C83B26C1} - System32\Tasks\Adobe Acrobat Update Task => C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\AdobeARM.exe [1557200 2021-01-25] (Adobe Inc. -> Adobe Inc.)
Task: {A8440C5E-8D72-4D08-9A8C-9B1E29F496E5} - System32\Tasks\AvastUpdateTaskMachineUA => C:\Program Files (x86)\AVAST Software\Browser\Update\AvastBrowserUpdate.exe [194200 2020-10-27] (Avast Software s.r.o. -> AVAST Software)
Task: {B2940D65-C518-40F4-A879-CE4A2C35D1B1} - System32\Tasks\HP\HP Print Scan Doctor\Printer Health Monitor Logon => C:\Program Files\HPPrintScanDoctor\HPPrinterHealthMonitor.exe [38504 2021-05-10] (HP Inc. -> HP Inc.)
Task: {B442D0A0-2348-426C-930B-F851EAE5F57B} - System32\Tasks\Mozilla\Firefox Default Browser Agent 308046B0AF4A39CB => C:\Program Files\Mozilla Firefox\default-browser-agent.exe [696304 2021-05-08] (Mozilla Corporation -> Mozilla Foundation)
Task: {BFF500AA-A1F8-4461-8B39-991B0538D9B0} - System32\Tasks\AVAST Software\Avast settings backup => C:\Program Files\Common Files\AV\avast! Antivirus\backup.exe
Task: {D32679CA-202F-495E-BDC5-25DA16392DDA} - System32\Tasks\AvastUpdateTaskMachineCore => C:\Program Files (x86)\AVAST Software\Browser\Update\AvastBrowserUpdate.exe [194200 2020-10-27] (Avast Software s.r.o. -> AVAST Software)
Task: {D921ED68-211B-4E87-8CD1-D966195A8B45} - System32\Tasks\Microsoft\Windows\PLA\LSC Memory => C:\Windows\system32\rundll32.exe C:\Windows\system32\pla.dll,PlaHost "LSC Memory" "$(Arg0)"
Task: {F033AC8C-01D9-4C7B-97AB-5C0504184217} - System32\Tasks\Avast Emergency Update => C:\Program Files\AVAST Software\Avast\AvEmUpdate.exe [4699872 2021-04-30] (Avast Software s.r.o. -> AVAST Software)

(If an entry is included in the fixlist, the task (.job) file will be moved. The file which is running by the task will not be moved.)


==================== Internet (Whitelisted) ====================

(If an item is included in the fixlist, if it is a registry item it will be removed or restored to default.)

Tcpip\Parameters: [DhcpNameServer] 10.0.0.138
Tcpip\..\Interfaces\{39597aef-b25c-4b33-9f95-6ddc1c9a2f2a}: [DhcpNameServer] 10.0.0.138

Edge:
=======
Edge Profile: C:\Users\wow\AppData\Local\Microsoft\Edge\User Data\Default [2021-05-20]
Edge StartupUrls: Default -> "hxxps://www.chess.com/club/czechoslovakia-team"

FireFox:
========
FF DefaultProfile: py09br4x.default-1604058508666
FF ProfilePath: C:\Users\wow\AppData\Roaming\Mozilla\Firefox\Profiles\py09br4x.default-1604058508666 [2021-05-20]
FF Homepage: Mozilla\Firefox\Profiles\py09br4x.default-1604058508666 -> hxxps://www.seznam.cz/
FF ProfilePath: C:\Users\wow\AppData\Roaming\KompoZer\Profiles\qhlhqfx9.default [2018-04-30]
FF Plugin-x32: @intel-webapi.intel.com/Intel WebAPI ipt;version=4.0.68 -> C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\IPT\npIntelWebAPIIPT.dll [2015-04-21] (Intel(R) Identity Protection Technology Software -> Intel Corporation)
FF Plugin-x32: @intel-webapi.intel.com/Intel WebAPI updater -> C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\IPT\npIntelWebAPIUpdater.dll [2015-04-21] (Intel(R) Identity Protection Technology Software -> Intel Corporation)
FF Plugin-x32: @microsoft.com/WLPG,version=16.4.3528.0331 -> C:\Program Files (x86)\Windows Live\Photo Gallery\NPWLPG.dll [2014-03-31] (Microsoft Corporation -> Microsoft Corporation)
FF Plugin-x32: @update.avastbrowser.com/Avast Browser;version=3 -> C:\Program Files (x86)\AVAST Software\Browser\Update\1.8.1065.0\npAvastBrowserUpdate3.dll [2020-10-27] (Avast Software s.r.o. -> AVAST Software)
FF Plugin-x32: @update.avastbrowser.com/Avast Browser;version=9 -> C:\Program Files (x86)\AVAST Software\Browser\Update\1.8.1065.0\npAvastBrowserUpdate3.dll [2020-10-27] (Avast Software s.r.o. -> AVAST Software)
FF Plugin-x32: Adobe Reader -> C:\Program Files (x86)\Adobe\Acrobat Reader DC\Reader\AIR\nppdf32.dll [2021-04-27] (Adobe Inc. -> Adobe Systems Inc.)

Chrome:
=======
CHR Profile: C:\Users\wow\AppData\Local\Google\Chrome\User Data\Default [2021-05-19]
CHR Extension: (Slides) - C:\Users\wow\AppData\Local\Google\Chrome\User Data\Default\Extensions\aapocclcgogkmnckokdopfmhonfmgoek [2017-10-18]
CHR Extension: (Docs) - C:\Users\wow\AppData\Local\Google\Chrome\User Data\Default\Extensions\aohghmighlieiainnegkcijnfilokake [2017-10-18]
CHR Extension: (Google Drive) - C:\Users\wow\AppData\Local\Google\Chrome\User Data\Default\Extensions\apdfllckaahabafndbhieahigkjlhalf [2020-10-26]
CHR Extension: (YouTube) - C:\Users\wow\AppData\Local\Google\Chrome\User Data\Default\Extensions\blpcfgokakmgnkcojhhkbfbldkacnbeo [2017-05-04]
CHR Extension: (Sheets) - C:\Users\wow\AppData\Local\Google\Chrome\User Data\Default\Extensions\felcaaldnbdncclmgdcncolpebgiejap [2017-10-18]
CHR Extension: (Google Docs Offline) - C:\Users\wow\AppData\Local\Google\Chrome\User Data\Default\Extensions\ghbmnnjooekpmoecnnnilnnbdlolhkhi [2021-05-19]
CHR Extension: (Application Launcher For Drive (by Google)) - C:\Users\wow\AppData\Local\Google\Chrome\User Data\Default\Extensions\lmjegmlicamnimmfhcmpkclmigmmcbeh [2021-01-24]
CHR Extension: (Chrome Web Store Payments) - C:\Users\wow\AppData\Local\Google\Chrome\User Data\Default\Extensions\nmmhkkegccagdldgiimedpiccmgmieda [2021-01-29]
CHR Extension: (Gmail) - C:\Users\wow\AppData\Local\Google\Chrome\User Data\Default\Extensions\pjkljhegncpnkpknbcohdijeoejaedia [2020-10-23]
CHR Extension: (Chrome Media Router) - C:\Users\wow\AppData\Local\Google\Chrome\User Data\Default\Extensions\pkedcjkdefgpdelpbcmbmeomcjbeemfm [2021-04-23]

==================== Services (Whitelisted) ===================

(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)

R3 AdobeARMservice; C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\armsvc.exe [169672 2021-01-25] (Adobe Inc. -> Adobe Inc.)
R3 AGMService; C:\Program Files (x86)\Common Files\Adobe\AdobeGCClient\AGMService.exe [3780296 2021-02-17] (Adobe Inc. -> Adobe Systems, Incorporated)
R3 AGSService; C:\Program Files (x86)\Common Files\Adobe\AdobeGCClient\AGSService.exe [3548360 2021-02-17] (Adobe Inc. -> Adobe Systems, Incorporated)
R3 aswbIDSAgent; C:\Program Files\AVAST Software\Avast\aswidsagent.exe [7894040 2021-04-30] (Avast Software s.r.o. -> AVAST Software)
S2 avast; C:\Program Files (x86)\AVAST Software\Browser\Update\AvastBrowserUpdate.exe [194200 2020-10-27] (Avast Software s.r.o. -> AVAST Software)
R2 avast! Antivirus; C:\Program Files\AVAST Software\Avast\AvastSvc.exe [606944 2021-04-30] (Avast Software s.r.o. -> AVAST Software)
R2 avast! Tools; C:\Program Files\AVAST Software\Avast\aswToolsSvc.exe [356064 2021-04-30] (Avast Software s.r.o. -> AVAST Software)
S3 avastm; C:\Program Files (x86)\AVAST Software\Browser\Update\AvastBrowserUpdate.exe [194200 2020-10-27] (Avast Software s.r.o. -> AVAST Software)
S3 AvastSecureBrowserElevationService; C:\Program Files (x86)\AVAST Software\Browser\Application\90.0.9316.93\elevation_service.exe [1396968 2021-04-27] (Avast Software s.r.o. -> AVAST Software)
R2 AvastWscReporter; C:\Program Files\AVAST Software\Avast\wsc_proxy.exe [56920 2021-04-30] (Avast Software s.r.o. -> AVAST Software)
S2 Freemake Improver; C:\ProgramData\Freemake\FreemakeUtilsService\FreemakeUtilsService.exe [82216 2020-09-30] (Mixbyte Inc -> Freemake)
R3 HPPrintScanDoctorService; C:\Program Files\HPPrintScanDoctor\HPPrintScanDoctorService.exe [288360 2021-05-10] (HP Inc. -> HP Inc.)
R3 Intel(R) Security Assist; C:\Program Files (x86)\Intel\Intel(R) Security Assist\isa.exe [335872 2015-05-19] (Intel Corporation) [File not signed]
S2 isaHelperSvc; C:\Program Files (x86)\Intel\Intel(R) Security Assist\isaHelperService.exe [7680 2015-05-19] () [File not signed]
S3 Lenovo EasyPlus Hotspot; C:\Program Files (x86)\Common Files\LENOVO\easyplussdk\bin\EPHotspot64.exe [619776 2015-01-15] (LENOVO -> Lenovo)
R2 Sks8821; C:\Program Files\Lenovo\Lenovo Slim USB Keyboard\Sks8821.exe [137216 2010-05-04] () [File not signed]
S3 WdNisSvc; C:\ProgramData\Microsoft\Windows Defender\platform\4.18.1911.3-0\NisSrv.exe [3206472 2019-12-14] (Microsoft Windows Publisher -> Microsoft Corporation)
S3 WinDefend; C:\ProgramData\Microsoft\Windows Defender\platform\4.18.1911.3-0\MsMpEng.exe [103376 2019-12-14] (Microsoft Windows Publisher -> Microsoft Corporation)

===================== Drivers (Whitelisted) ===================

(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)

R0 aswArDisk; C:\WINDOWS\System32\drivers\aswArDisk.sys [35664 2021-04-30] (Avast Software s.r.o. -> AVAST Software)
R1 aswArPot; C:\WINDOWS\System32\drivers\aswArPot.sys [212192 2021-04-30] (Avast Software s.r.o. -> AVAST Software)
R1 aswbidsdriver; C:\WINDOWS\System32\drivers\aswbidsdriver.sys [365024 2021-04-30] (Avast Software s.r.o. -> AVAST Software)
R0 aswbidsh; C:\WINDOWS\System32\drivers\aswbidsh.sys [250336 2021-04-30] (Avast Software s.r.o. -> AVAST Software)
R0 aswbuniv; C:\WINDOWS\System32\drivers\aswbuniv.sys [99288 2021-04-30] (Avast Software s.r.o. -> AVAST Software)
R0 aswElam; C:\WINDOWS\System32\drivers\aswElam.sys [17352 2021-04-30] (Microsoft Windows Early Launch Anti-malware Publisher -> AVAST Software)
R1 aswKbd; C:\WINDOWS\System32\drivers\aswKbd.sys [41296 2021-04-30] (Avast Software s.r.o. -> AVAST Software)
R1 aswMonFlt; C:\WINDOWS\System32\drivers\aswMonFlt.sys [180448 2021-04-30] (Avast Software s.r.o. -> AVAST Software)
R1 aswNetHub; C:\WINDOWS\System32\drivers\aswNetHub.sys [522896 2021-05-14] (Avast Software s.r.o. -> AVAST Software)
R1 aswRdr; C:\WINDOWS\System32\drivers\aswRdr2.sys [107792 2021-04-30] (Avast Software s.r.o. -> AVAST Software)
R0 AswRvrt; C:\WINDOWS\System32\drivers\aswRvrt.sys [82872 2021-04-30] (Avast Software s.r.o. -> AVAST Software)
R1 aswSnx; C:\WINDOWS\System32\drivers\aswSnx.sys [850632 2021-04-30] (Avast Software s.r.o. -> AVAST Software)
R1 aswSP; C:\WINDOWS\System32\drivers\aswSP.sys [467720 2021-04-30] (Avast Software s.r.o. -> AVAST Software)
R2 aswStm; C:\WINDOWS\System32\drivers\aswStm.sys [215352 2021-04-30] (Avast Software s.r.o. -> AVAST Software)
R0 aswVmm; C:\WINDOWS\System32\drivers\aswVmm.sys [326992 2021-04-30] (Avast Software s.r.o. -> AVAST Software)
S3 BthA2dp; C:\WINDOWS\System32\drivers\BthA2dp.sys [279040 2019-12-07] (Microsoft Corporation) [File not signed]
R3 GeneStor; C:\WINDOWS\system32\DRIVERS\GeneStor.sys [115704 2015-07-15] (GENESYS LOGIC, INC. -> GenesysLogic)
S3 WdBoot; C:\WINDOWS\system32\drivers\wd\WdBoot.sys [45664 2019-12-14] (Microsoft Windows Early Launch Anti-malware Publisher -> Microsoft Corporation)
S3 WDC_SAM; C:\WINDOWS\System32\drivers\wdcsam64.sys [26880 2017-05-04] (WDKTestCert wdclab,130885612892544312 -> Western Digital Technologies, Inc.)
S3 WdFilter; C:\WINDOWS\system32\drivers\wd\WdFilter.sys [355760 2019-12-14] (Microsoft Windows -> Microsoft Corporation)
S3 WdNisDrv; C:\WINDOWS\System32\drivers\wd\WdNisDrv.sys [54192 2019-12-14] (Microsoft Windows -> Microsoft Corporation)
S3 wsvd; C:\WINDOWS\system32\DRIVERS\wsvd.sys [102376 2012-06-14] (CyberLink -> "CyberLink)

==================== NetSvcs (Whitelisted) ===================

(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)


==================== One month (created) (Whitelisted) =========

(If an entry is included in the fixlist, the file/folder will be moved.)

2021-05-19 22:52 - 2021-05-19 22:53 - 000010932 _____ C:\Users\wow\Desktop\Fixlog.txt
2021-05-19 22:52 - 2021-05-19 22:52 - 002299904 _____ (Farbar) C:\Users\wow\Desktop\FRST64.exe
2021-05-19 11:05 - 2021-05-19 11:06 - 008534696 _____ (Malwarebytes) C:\Users\wow\Desktop\adwcleaner_8.2.exe
2021-05-17 12:10 - 2021-05-19 10:58 - 000002445 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Microsoft Edge.lnk
2021-05-17 12:10 - 2021-05-19 10:58 - 000002283 _____ C:\Users\Public\Desktop\Microsoft Edge.lnk
2021-05-17 12:10 - 2021-05-19 10:58 - 000002283 _____ C:\ProgramData\Desktop\Microsoft Edge.lnk
2021-05-17 12:09 - 2021-05-19 13:24 - 000003512 _____ C:\WINDOWS\system32\Tasks\MicrosoftEdgeUpdateTaskMachineUA
2021-05-17 12:09 - 2021-05-19 13:24 - 000003288 _____ C:\WINDOWS\system32\Tasks\MicrosoftEdgeUpdateTaskMachineCore
2021-05-17 09:24 - 2021-05-17 09:26 - 000037513 _____ C:\Users\wow\Desktop\Addition.txt
2021-05-17 09:21 - 2021-05-20 10:13 - 000019174 _____ C:\Users\wow\Desktop\FRST.txt
2021-05-14 09:51 - 2021-05-14 09:51 - 001687040 _____ C:\WINDOWS\system32\libcrypto.dll
2021-05-14 09:50 - 2021-05-14 09:50 - 002755584 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\mshtml.tlb
2021-05-14 09:50 - 2021-05-14 09:50 - 002755584 _____ (Microsoft Corporation) C:\WINDOWS\system32\mshtml.tlb
2021-05-14 09:50 - 2021-05-14 09:50 - 000700928 _____ C:\WINDOWS\system32\FsNVSDeviceSource.dll
2021-05-14 09:49 - 2021-05-14 09:49 - 001314120 _____ (Microsoft Corporation) C:\WINDOWS\system32\SecConfig.efi
2021-05-14 09:49 - 2021-05-14 09:49 - 001163776 _____ C:\WINDOWS\system32\MBR2GPT.EXE
2021-05-14 09:49 - 2021-05-14 09:49 - 000011351 _____ C:\WINDOWS\system32\DrtmAuthTxt.wim
2021-05-14 09:48 - 2021-05-14 09:48 - 001823816 _____ (Microsoft Corporation) C:\WINDOWS\system32\winload.efi
2021-05-14 09:48 - 2021-05-14 09:48 - 001393504 _____ (Microsoft Corporation) C:\WINDOWS\system32\winresume.efi
2021-05-14 09:48 - 2021-05-14 09:48 - 000060928 _____ C:\WINDOWS\system32\runexehelper.exe
2021-05-14 09:47 - 2021-05-14 09:47 - 000165888 _____ C:\WINDOWS\system32\DataStoreCacheDumpTool.exe
2021-05-14 09:47 - 2021-05-14 09:47 - 000013312 _____ C:\WINDOWS\system32\agentactivationruntimestarter.exe
2021-05-12 08:31 - 2021-05-12 08:31 - 000000000 ____D C:\Program Files\HPPrintScanDoctor
2021-05-10 22:20 - 2021-05-10 22:20 - 000000000 ____D C:\WINDOWS\system32\Tasks\Mozilla
2021-05-08 08:17 - 2021-05-11 12:47 - 000000000 ____D C:\Program Files\Mozilla Firefox
2021-05-04 11:52 - 2021-05-04 11:52 - 000136191 _____ C:\Users\wow\Downloads\Vypis_z_uctu_0-165905043_z_20210430.pdf
2021-04-30 09:26 - 2021-04-30 09:26 - 000339680 _____ (AVAST Software) C:\WINDOWS\system32\aswBoot.exe
2021-04-30 09:26 - 2021-04-30 09:26 - 000215352 _____ (AVAST Software) C:\WINDOWS\system32\Drivers\aswStm.sys

==================== One month (modified) ==================

(If an entry is included in the fixlist, the file/folder will be moved.)

2021-05-20 10:12 - 2020-10-14 12:47 - 000000000 ____D C:\FRST
2021-05-20 10:01 - 2020-08-27 12:00 - 000000000 ____D C:\WINDOWS\system32\SleepStudy
2021-05-20 10:01 - 2019-12-07 11:14 - 000000000 ____D C:\ProgramData\regid.1991-06.com.microsoft
2021-05-20 09:10 - 2019-10-03 10:00 - 000000000 ___HD C:\Users\Public\Documents\AdobeGCData
2021-05-20 09:10 - 2019-10-03 10:00 - 000000000 ___HD C:\ProgramData\Documents\AdobeGCData
2021-05-20 09:07 - 2019-02-06 10:50 - 000000000 ____D C:\ProgramData\Mozilla
2021-05-20 09:06 - 2017-05-04 19:21 - 000000000 ____D C:\Users\wow\AppData\LocalLow\Mozilla
2021-05-20 09:05 - 2019-12-07 11:14 - 000000000 ___HD C:\WINDOWS\ELAMBKUP
2021-05-20 09:04 - 2017-05-03 22:34 - 000000000 ____D C:\Program Files\CCleaner
2021-05-20 09:03 - 2020-08-27 21:33 - 000716748 _____ C:\WINDOWS\system32\perfh005.dat
2021-05-20 09:03 - 2020-08-27 21:33 - 000144946 _____ C:\WINDOWS\system32\perfc005.dat
2021-05-20 09:03 - 2020-08-27 12:16 - 001693136 _____ C:\WINDOWS\system32\PerfStringBackup.INI
2021-05-20 09:03 - 2019-12-07 11:13 - 000000000 ____D C:\WINDOWS\INF
2021-05-20 09:01 - 2017-10-08 13:23 - 000000000 ____D C:\Users\wow\AppData\Local\AVAST Software
2021-05-20 09:00 - 2017-05-04 22:08 - 000000000 ___RD C:\Users\wow\Disk Google
2021-05-20 08:58 - 2020-10-19 10:53 - 000000180 _____ C:\WINDOWS\system32\{A6D608F0-0BDE-491A-97AE-5C4B05D86E01}.bat
2021-05-20 08:58 - 2017-05-04 09:35 - 000000000 ____D C:\ProgramData\AVAST Software
2021-05-20 08:58 - 2017-05-04 08:39 - 000000000 __SHD C:\Users\wow\IntelGraphicsProfiles
2021-05-20 08:57 - 2020-08-27 12:22 - 000000006 ____H C:\WINDOWS\Tasks\SA.DAT
2021-05-20 08:57 - 2020-08-27 12:00 - 000008192 ___SH C:\DumpStack.log.tmp
2021-05-19 23:23 - 2019-12-07 11:03 - 000524288 _____ C:\WINDOWS\system32\config\BBI
2021-05-19 23:22 - 2018-05-19 08:46 - 000000000 ___HD C:\Users\wow\Documents\.tmp.drivedownload
2021-05-19 22:52 - 2020-08-27 12:22 - 000000000 ____D C:\WINDOWS\system32\Tasks\Lenovo
2021-05-19 22:35 - 2020-08-27 12:22 - 000004264 _____ C:\WINDOWS\system32\Tasks\Avast Emergency Update
2021-05-19 13:24 - 2020-11-26 20:03 - 000003482 _____ C:\WINDOWS\system32\Tasks\Adobe Acrobat Update Task
2021-05-19 13:24 - 2020-08-27 12:22 - 000002988 _____ C:\WINDOWS\system32\Tasks\CCleaner Update
2021-05-19 13:24 - 2020-08-27 12:22 - 000002862 _____ C:\WINDOWS\system32\Tasks\OneDrive Standalone Update Task-S-1-5-21-3829197068-2955107618-1151059083-1001
2021-05-19 13:24 - 2020-08-27 12:22 - 000002336 _____ C:\WINDOWS\system32\Tasks\RtHDVBg_LENOVO_MICPKEY
2021-05-19 13:24 - 2020-08-27 12:22 - 000002280 _____ C:\WINDOWS\system32\Tasks\RTKCPL
2021-05-19 13:24 - 2020-08-27 12:22 - 000002220 _____ C:\WINDOWS\system32\Tasks\CCleanerSkipUAC
2021-05-19 13:24 - 2020-08-27 12:22 - 000000000 ____D C:\WINDOWS\system32\Tasks\AVAST Software
2021-05-19 11:00 - 2019-12-07 11:14 - 000000000 ____D C:\WINDOWS\AppReadiness
2021-05-19 10:58 - 2019-12-07 11:14 - 000000000 ___HD C:\Program Files\WindowsApps
2021-05-17 12:12 - 2017-11-30 18:55 - 000000000 ____D C:\Users\wow\AppData\Local\Packages
2021-05-17 09:09 - 2019-12-07 11:03 - 000000000 ____D C:\WINDOWS\CbsTemp
2021-05-14 10:16 - 2019-12-07 11:14 - 000000000 ___RD C:\WINDOWS\ImmersiveControlPanel
2021-05-14 10:12 - 2020-08-27 12:00 - 000470464 _____ C:\WINDOWS\system32\FNTCACHE.DAT
2021-05-14 10:08 - 2019-12-07 11:50 - 000000000 ____D C:\WINDOWS\system32\OpenSSH
2021-05-14 10:08 - 2019-12-07 11:14 - 000000000 ___RD C:\WINDOWS\PrintDialog
2021-05-14 10:08 - 2019-12-07 11:14 - 000000000 ____D C:\WINDOWS\SysWOW64\WinMetadata
2021-05-14 10:08 - 2019-12-07 11:14 - 000000000 ____D C:\WINDOWS\SysWOW64\setup
2021-05-14 10:08 - 2019-12-07 11:14 - 000000000 ____D C:\WINDOWS\SysWOW64\oobe
2021-05-14 10:08 - 2019-12-07 11:14 - 000000000 ____D C:\WINDOWS\SysWOW64\lt-LT
2021-05-14 10:08 - 2019-12-07 11:14 - 000000000 ____D C:\WINDOWS\SysWOW64\Dism
2021-05-14 10:08 - 2019-12-07 11:14 - 000000000 ____D C:\WINDOWS\SystemResources
2021-05-14 10:08 - 2019-12-07 11:14 - 000000000 ____D C:\WINDOWS\system32\WinMetadata
2021-05-14 10:08 - 2019-12-07 11:14 - 000000000 ____D C:\WINDOWS\system32\SystemResetPlatform
2021-05-14 10:08 - 2019-12-07 11:14 - 000000000 ____D C:\WINDOWS\system32\setup
2021-05-14 10:08 - 2019-12-07 11:14 - 000000000 ____D C:\WINDOWS\system32\oobe
2021-05-14 10:08 - 2019-12-07 11:14 - 000000000 ____D C:\WINDOWS\system32\lt-LT
2021-05-14 10:08 - 2019-12-07 11:14 - 000000000 ____D C:\WINDOWS\system32\Dism
2021-05-14 10:08 - 2019-12-07 11:14 - 000000000 ____D C:\WINDOWS\Provisioning
2021-05-14 10:08 - 2019-12-07 11:14 - 000000000 ____D C:\WINDOWS\PolicyDefinitions
2021-05-14 10:08 - 2019-12-07 11:14 - 000000000 ____D C:\WINDOWS\DiagTrack
2021-05-14 10:08 - 2019-12-07 11:14 - 000000000 ____D C:\WINDOWS\bcastdvr
2021-05-14 10:07 - 2019-12-07 11:52 - 000023552 _____ (Microsoft Corporation) C:\WINDOWS\system32\OEMDefaultAssociations.dll
2021-05-14 09:28 - 2020-04-02 12:56 - 000522896 _____ (AVAST Software) C:\WINDOWS\system32\Drivers\aswNetHub.sys
2021-05-13 11:05 - 2020-08-27 12:04 - 000002366 _____ C:\Users\wow\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\OneDrive.lnk
2021-05-13 11:05 - 2017-05-04 08:42 - 000000000 ___RD C:\Users\wow\OneDrive
2021-05-13 10:59 - 2017-10-18 18:44 - 000001006 _____ C:\Users\Public\Desktop\calibre 64bit - E-book management.lnk
2021-05-13 10:59 - 2017-10-18 18:44 - 000001006 _____ C:\ProgramData\Desktop\calibre 64bit - E-book management.lnk
2021-05-13 10:59 - 2017-05-04 20:54 - 000000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\calibre 64bit - E-book Management
2021-05-13 10:59 - 2017-05-04 20:54 - 000000000 ____D C:\Program Files\Calibre2
2021-05-13 09:23 - 2017-05-04 11:49 - 000002308 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Google Chrome.lnk
2021-05-13 09:23 - 2017-05-04 11:49 - 000002267 _____ C:\Users\Public\Desktop\Google Chrome.lnk
2021-05-13 09:23 - 2017-05-04 11:49 - 000002267 _____ C:\ProgramData\Desktop\Google Chrome.lnk
2021-05-13 09:17 - 2017-05-04 11:23 - 000000000 ____D C:\WINDOWS\system32\MRT
2021-05-13 09:13 - 2017-05-04 11:23 - 132732536 ____C (Microsoft Corporation) C:\WINDOWS\system32\MRT.exe
2021-05-12 08:31 - 2021-04-07 11:33 - 000000000 ____D C:\WINDOWS\system32\Tasks\HP
2021-05-11 13:01 - 2017-05-05 13:57 - 000002143 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Acrobat Reader DC.lnk
2021-05-11 12:47 - 2017-05-04 19:21 - 000000000 ____D C:\Program Files (x86)\Mozilla Maintenance Service
2021-05-10 22:20 - 2017-05-04 19:21 - 000001012 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Firefox.lnk
2021-05-06 10:25 - 2018-07-08 17:46 - 000002505 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Avast Secure Browser.lnk
2021-05-06 10:25 - 2018-07-08 17:46 - 000002470 _____ C:\Users\Public\Desktop\Avast Secure Browser.lnk
2021-05-06 10:25 - 2018-07-08 17:46 - 000002470 _____ C:\ProgramData\Desktop\Avast Secure Browser.lnk
2021-05-02 16:57 - 2021-01-24 15:08 - 000000000 ____D C:\Program Files\Microsoft Update Health Tools
2021-04-30 09:26 - 2020-10-27 09:56 - 000180448 _____ (AVAST Software) C:\WINDOWS\system32\Drivers\aswMonFlt.sys
2021-04-30 09:26 - 2019-01-27 00:23 - 000365024 _____ (AVAST Software) C:\WINDOWS\system32\Drivers\aswbidsdriver.sys
2021-04-30 09:26 - 2019-01-18 20:23 - 000250336 _____ (AVAST Software) C:\WINDOWS\system32\Drivers\aswbidsh.sys
2021-04-30 09:26 - 2019-01-18 20:23 - 000099288 _____ (AVAST Software) C:\WINDOWS\system32\Drivers\aswbuniv.sys
2021-04-30 09:26 - 2019-01-18 20:23 - 000035664 _____ (AVAST Software) C:\WINDOWS\system32\Drivers\aswArDisk.sys
2021-04-30 09:26 - 2018-10-12 12:10 - 000041296 _____ (AVAST Software) C:\WINDOWS\system32\Drivers\aswKbd.sys
2021-04-30 09:26 - 2018-06-27 09:18 - 000017352 _____ (AVAST Software) C:\WINDOWS\system32\Drivers\aswElam.sys
2021-04-30 09:26 - 2017-11-30 18:27 - 000850632 _____ (AVAST Software) C:\WINDOWS\system32\Drivers\aswSnx.sys
2021-04-30 09:26 - 2017-11-30 18:27 - 000467720 _____ (AVAST Software) C:\WINDOWS\system32\Drivers\aswSP.sys
2021-04-30 09:26 - 2017-11-30 18:27 - 000326992 _____ (AVAST Software) C:\WINDOWS\system32\Drivers\aswVmm.sys
2021-04-30 09:26 - 2017-11-30 18:27 - 000212192 _____ (AVAST Software) C:\WINDOWS\system32\Drivers\aswArPot.sys
2021-04-30 09:26 - 2017-11-30 18:27 - 000107792 _____ (AVAST Software) C:\WINDOWS\system32\Drivers\aswRdr2.sys
2021-04-30 09:26 - 2017-11-30 18:27 - 000082872 _____ (AVAST Software) C:\WINDOWS\system32\Drivers\aswRvrt.sys

==================== Files in the root of some directories ========

2021-03-06 17:24 - 2021-03-06 17:24 - 000000000 _____ () C:\Users\wow\AppData\Local\oobelibMkey.log

==================== SigCheck ============================

(There is no automatic fix for files that do not pass verification.)

==================== End of FRST.txt ========================



Additional scan result of Farbar Recovery Scan Tool (x64) Version: 19-05-2021
Ran by wow (20-05-2021 10:14:41)
Running from C:\Users\wow\Desktop
Windows 10 Home Version 2004 19041.985 (X64) (2020-08-27 10:22:50)
Boot Mode: Normal
==========================================================


==================== Accounts: =============================

Administrator (S-1-5-21-3829197068-2955107618-1151059083-500 - Administrator - Disabled)
DefaultAccount (S-1-5-21-3829197068-2955107618-1151059083-503 - Limited - Disabled)
Guest (S-1-5-21-3829197068-2955107618-1151059083-501 - Limited - Disabled)
WDAGUtilityAccount (S-1-5-21-3829197068-2955107618-1151059083-504 - Limited - Disabled)
wow (S-1-5-21-3829197068-2955107618-1151059083-1001 - Administrator - Enabled) => C:\Users\wow

==================== Security Center ========================

(If an entry is included in the fixlist, it will be removed.)

AV: Avast Antivirus (Enabled - Up to date) {8EA8924E-BC81-DC44-8BB0-8BAE75D86EBF}
AV: Windows Defender (Disabled - Up to date) {D68DDC3A-831F-4fae-9E44-DA132C1ACF46}
AV: Avast Antivirus (Enabled - Up to date) {EB19B86E-3998-C706-90EF-92B41EB091AF}
AS: Windows Defender (Disabled - Up to date) {D68DDC3A-831F-4fae-9E44-DA132C1ACF46}
AS: Avast Antivirus (Enabled - Up to date) {35C973AA-9ABB-D3CA-B100-B0DC0E5F2402}

==================== Installed Programs ======================

(Only the adware programs with "Hidden" flag could be added to the fixlist to unhide them. The adware programs should be uninstalled manually.)

7z Extractor (HKLM-x32\...\{FA71EF19-3822-44F1-B843-B84CA34266CB}_is1) (Version: - 7zextractor.com)
Adobe Acrobat Reader DC - Czech (HKLM-x32\...\{AC76BA86-7AD7-1029-7B44-AC0F074E4100}) (Version: 21.001.20155 - Adobe Systems Incorporated)
Adobe dreamweaver (HKLM\...\{F91C3A80-17BA-41E3-8288-A36778F03035}) (Version: 1.0.0000 - Adobe Systems Incorporated) Hidden
Adobe Genuine Service (HKLM-x32\...\AdobeGenuineService) (Version: - Adobe)
Aktualizace produktu Microsoft Office Excel 2007 Help (KB963678) (HKLM-x32\...\{90120000-0016-0405-0000-0000000FF1CE}_ENTERPRISE_{0A1FAC46-B899-421D-B1A2-470896DC45DB}) (Version: - Microsoft)
Aktualizace produktu Microsoft Office Powerpoint 2007 Help (KB963669) (HKLM-x32\...\{90120000-0018-0405-0000-0000000FF1CE}_ENTERPRISE_{5260BB53-C1F7-4A3B-9AEB-3EC9B37FF194}) (Version: - Microsoft)
Aktualizace produktu Microsoft Office Word 2007 Help (KB963665) (HKLM-x32\...\{90120000-001B-0405-0000-0000000FF1CE}_ENTERPRISE_{E68DD413-B834-4923-8181-0A03B7555187}) (Version: - Microsoft)
Altap Salamander 3.03 (x86) (HKLM-x32\...\Altap Salamander 3.03 (x86)) (Version: 3.03 - ALTAP)
Avast Free Antivirus (HKLM-x32\...\Avast Antivirus) (Version: 21.3.2459 - Avast Software)
Avast Secure Browser (HKLM-x32\...\Avast Secure Browser) (Version: 90.0.9316.93 - Autoři prohlížeče Avast Secure Browser)
Avast Update Helper (HKLM-x32\...\{A92DAB39-4E2C-4304-9AB6-BC44E68B55E2}) (Version: 1.8.1065.0 - AVAST Software) Hidden
Backup and Sync from Google (HKLM\...\{3CBE1074-3A4F-4BA6-95E3-7A660B54FE33}) (Version: 3.55.3625.9414 - Google, Inc.)
BitTorrent (HKU\S-1-5-21-3829197068-2955107618-1151059083-1001\...\BitTorrent) (Version: 7.10.5.45857 - BitTorrent Inc.)
calibre 64bit (HKLM\...\{839721E4-35F6-4563-A3A0-931603356771}) (Version: 5.17.0 - Kovid Goyal)
CCleaner (HKLM\...\CCleaner) (Version: 5.79 - Piriform)
CDBurnerXP (HKLM-x32\...\{7E265513-8CDA-4631-B696-F40D983F3B07}_is1) (Version: 4.5.7.6623 - CDBurnerXP)
Cool Edit Pro 2.1 (HKLM-x32\...\Cool Edit Pro 2.1) (Version: - )
D3DX10 (HKLM-x32\...\{E09C4DB7-630C-4F06-A631-8EA7239923AF}) (Version: 15.4.2368.0902 - Microsoft) Hidden
Genesys USB Mass Storage Device (HKLM-x32\...\{959B7F35-2819-40C5-A0CD-3C53B5FCC935}) (Version: 4.5.0.6.1001 - Genesys Logic)
Google Chrome (HKLM-x32\...\Google Chrome) (Version: 90.0.4430.212 - Google LLC)
HappyFoto DESIGNER 5.4 (HKLM-x32\...\HappyFoto-Designer_is1) (Version: - )
Intel(R) Chipset Device Software (HKLM-x32\...\{c7f54569-0018-439c-809a-48046a4d4ebc}) (Version: 10.1.1.9 - Intel(R) Corporation) Hidden
Intel(R) Management Engine Components (HKLM\...\{1CEAC85D-2590-4760-800F-8DE5E91F3700}) (Version: 11.0.0.1158 - Intel Corporation)
Intel(R) Processor Graphics (HKLM-x32\...\{F0E3AD40-2BBD-4360-9C76-B9AC9A5886EA}) (Version: 20.19.15.4963 - Intel Corporation)
Intel® Security Assist (HKLM-x32\...\{4B230374-6475-4A73-BA6E-41015E9C5013}) (Version: 1.0.0.532 - Intel Corporation)
IrfanView 4.54 (32-bit) (HKLM-x32\...\IrfanView) (Version: 4.54 - Irfan Skiljan)
Lenovo Rescue System (HKLM\...\{46F4D124-20E5-4D12-BE52-EC177A7A4B42}) (Version: 4.0.0.5015 - CyberLink Corp.) Hidden
Lenovo Rescue System (HKLM-x32\...\InstallShield_{46F4D124-20E5-4D12-BE52-EC177A7A4B42}) (Version: 4.0.0.5015 - CyberLink Corp.)
Lenovo Slim USB Keyboard (HKLM\...\{494D80C4-3557-4D73-A153-65FE4B3ECDC3}) (Version: 1.17 - Lenovo)
Manual (HKLM-x32\...\{693F92E5-37D1-46B7-A0D6-19A74A2FD0EC}) (Version: 1.00.0701 - Lenovo)
Metric Collection SDK 35 (HKLM-x32\...\{C2B5B5B0-2545-4E94-B4BA-548D4BF0B196}) (Version: 1.2.0006.00 - Lenovo Group Limited) Hidden
Microsoft Edge (HKLM-x32\...\Microsoft Edge) (Version: 90.0.818.62 - Microsoft Corporation)
Microsoft Office (HKLM-x32\...\{90150000-0138-0409-0000-0000000FF1CE}) (Version: 15.0.4693.1005 - Microsoft Corporation)
Microsoft Office 2007 Service Pack 3 (SP3) (HKLM-x32\...\{90120000-0030-0000-0000-0000000FF1CE}_ENTERPRISE_{6E107EB7-8B55-48BF-ACCB-199F86A2CD93}) (Version: - Microsoft)
Microsoft Office Enterprise 2007 (HKLM-x32\...\ENTERPRISE) (Version: 12.0.6612.1000 - Microsoft Corporation)
Microsoft Office File Validation Add-In (HKLM-x32\...\{90140000-2005-0000-0000-0000000FF1CE}) (Version: 14.0.5130.5003 - Microsoft Corporation)
Microsoft OneDrive (HKU\S-1-5-21-3829197068-2955107618-1151059083-1001\...\OneDriveSetup.exe) (Version: 21.073.0411.0002 - Microsoft Corporation)
Microsoft Update Health Tools (HKLM\...\{A0E1B43D-5F4A-46AF-9925-ABA3423325DC}) (Version: 2.77.0.0 - Microsoft Corporation)
Microsoft Visual C++ 2005 Redistributable (HKLM-x32\...\{710f4c1c-cc18-4c49-8cbf-51240c89a1a2}) (Version: 8.0.61001 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.17 (HKLM-x32\...\{9A25302D-30C0-39D9-BD6F-21E6EC160475}) (Version: 9.0.30729 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.4148 (HKLM-x32\...\{1F1C2DFC-2D24-3E06-BCB8-725134ADF989}) (Version: 9.0.30729.4148 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.6161 (HKLM-x32\...\{9BE518E6-ECC6-35A9-88E4-87755C07200F}) (Version: 9.0.30729.6161 - Microsoft Corporation)
Microsoft Visual C++ 2010 x86 Redistributable - 10.0.40219 (HKLM-x32\...\{F0C3E5D1-1ADE-321E-8167-68EF0DE699A5}) (Version: 10.0.40219 - Microsoft Corporation)
Microsoft Visual C++ 2012 Redistributable (x86) - 11.0.61030 (HKLM-x32\...\{33d1fd90-4274-48a1-9bc1-97e33d9c2d6f}) (Version: 11.0.61030.0 - Microsoft Corporation)
Microsoft Visual C++ 2013 Redistributable (x64) - 12.0.30501 (HKLM-x32\...\{050d4fc8-5d48-4b8f-8972-47c82c46020f}) (Version: 12.0.30501.0 - Microsoft Corporation)
Microsoft Visual C++ 2013 Redistributable (x86) - 12.0.30501 (HKLM-x32\...\{f65db027-aff3-4070-886a-0d87064aabb1}) (Version: 12.0.30501.0 - Microsoft Corporation)
Microsoft Visual C++ 2015 Redistributable (x64) - 14.0.24212 (HKLM-x32\...\{323dad84-0974-4d90-a1c1-e006c7fdbb7d}) (Version: 14.0.24212.0 - Microsoft Corporation)
Movie Maker (HKLM-x32\...\{38F03569-A636-4CF3-BDDE-032C8C251304}) (Version: 16.4.3528.0331 - Microsoft Corporation) Hidden
Movie Maker (HKLM-x32\...\{DD67BE4B-7E62-4215-AFA3-F123A800A389}) (Version: 16.4.3528.0331 - Microsoft Corporation) Hidden
Mozilla Firefox 88.0.1 (x64 cs) (HKLM\...\Mozilla Firefox 88.0.1 (x64 cs)) (Version: 88.0.1 - Mozilla)
Mozilla Maintenance Service (HKLM\...\MozillaMaintenanceService) (Version: 53.0 - Mozilla)
OnScreen Control (HKLM-x32\...\{E5C1B339-0E4E-49A5-859E-5E1DE1938706}) (Version: 1.39 - LG Electronics Inc)
Rajče průvodce verze 1.59.54.269 (HKLM-x32\...\rajce.net_is1) (Version: - rajce.net)
Realtek Ethernet Controller All-In-One Windows Driver (HKLM-x32\...\{F7E7F0CB-AA41-4D5A-B6F2-8E6738EB063F}) (Version: 10.1.505.2015 - Realtek)
Realtek High Definition Audio Driver (HKLM-x32\...\{F132AF7F-7BCA-4EDE-8A7C-958108FE7DBC}) (Version: 6.0.1.7543 - Realtek Semiconductor Corp.)
Shredder 12 (HKLM-x32\...\{3892F602-F5D6-4B99-8F08-12EE6B01F66B}) (Version: 12.0.0 - ChessBase)
Update for 2007 Microsoft Office System (KB967642) (HKLM-x32\...\{90120000-0030-0000-0000-0000000FF1CE}_ENTERPRISE_{C444285D-5E4F-48A4-91DD-47AAAA68E92D}) (Version: - Microsoft)
Update for Windows 10 for x64-based Systems (KB4023057) (HKLM\...\{16AD6161-2E47-4BF1-AA77-0946EFE93E08}) (Version: 2.61.0.0 - Microsoft Corporation)
Windows Driver Package - Genesys Logic (GeneStor) USB (07/13/2015 4.5.0.6) (HKLM\...\AE2E6FAB44844413B4C6F53C908EACC8AFC838F0) (Version: 07/13/2015 4.5.0.6 - Genesys Logic)
Windows Driver Package - Intel Corporation (igfx) Display (07/17/2015 10.18.15.4256) (HKLM\...\00B7AF24A3F134555C104D6FD6BA2E998DF37957) (Version: 07/17/2015 10.18.15.4256 - Intel Corporation)
Windows Driver Package - Realtek (rt640x64) Net (05/05/2015 10.001.0505.2015) (HKLM\...\6A304520C2F25CD034E477A379C47308AA84A2DC) (Version: 05/05/2015 10.001.0505.2015 - Realtek)
Windows Movie Maker 2016 (HKLM-x32\...\{3CC29C1A-B5FE-457B-8F22-32A2videowin}}_is1) (Version: - videowinsoft.com)
xrecode II 1.0.0.231 (HKLM-x32\...\{AFE83615-88BE-47F6-B3E4-A3FEF8B7B57F}_is1) (Version: - )
Zoner Photo Studio 17 (HKLM\...\ZonerPhotoStudio17_CZ_is1) (Version: 17.0.1.12 - ZONER software)

Packages:
=========
HP Smart -> C:\Program Files\WindowsApps\AD2F1837.HPPrinterControl_127.1.115.0_x64__v10z8vjag6ke6 [2021-05-10] (HP Inc.)
Lenovo Vantage -> C:\Program Files\WindowsApps\E046963F.LenovoCompanion_10.2103.17.0_x64__k1h2ywk1493x8 [2021-04-09] (LENOVO INC.)
Microsoft Advertising SDK for XAML -> C:\Program Files\WindowsApps\Microsoft.Advertising.Xaml_10.1811.1.0_x64__8wekyb3d8bbwe [2019-02-14] (Microsoft Corporation) [MS Ad]
Microsoft Advertising SDK for XAML -> C:\Program Files\WindowsApps\Microsoft.Advertising.Xaml_10.1811.1.0_x86__8wekyb3d8bbwe [2019-02-14] (Microsoft Corporation) [MS Ad]
Microsoft Solitaire Collection -> C:\Program Files\WindowsApps\Microsoft.MicrosoftSolitaireCollection_4.9.5060.0_x64__8wekyb3d8bbwe [2021-05-10] (Microsoft Studios) [MS Ad]
MSN Sports -> C:\Program Files\WindowsApps\Microsoft.BingSports_4.36.20714.0_x64__8wekyb3d8bbwe [2020-03-26] (Microsoft Corporation) [MS Ad]
Uživatelský portál Lenovo -> C:\Program Files\WindowsApps\LenovoCorporation.LenovoID_2.0.37.0_x86__4642shxvsv8s2 [2017-05-04] (LENOVO INCORPORATED.)

==================== Custom CLSID (Whitelisted): ==============

(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)

CustomCLSID: HKU\S-1-5-21-3829197068-2955107618-1151059083-1001_Classes\CLSID\{C78B6149-F3EA-11D2-94A1-00E0292A01E3}\InprocServer32 -> C:\Program Files (x86)\Altap Salamander\utils\salextx64.dll (ALTAP) [File not signed]
ShellExecuteHooks-x32: Groove GFS Stub Execution Hook - {B5A7F190-DDA6-4420-B3BA-52453494E6CD} - C:\Program Files (x86)\Microsoft Office\Office12\GrooveShellExtensions.dll [2217832 2009-02-26] (Microsoft Corporation -> Microsoft Corporation)
ShellIconOverlayIdentifiers: [ GoogleDriveBlacklisted] -> {81539FE6-33C7-4CE7-90C7-1C7B8F2F2D42} => C:\Program Files\Google\Drive\googledrivesync64.dll [2021-03-12] (Google LLC -> Google)
ShellIconOverlayIdentifiers: [ GoogleDriveSynced] -> {81539FE6-33C7-4CE7-90C7-1C7B8F2F2D40} => C:\Program Files\Google\Drive\googledrivesync64.dll [2021-03-12] (Google LLC -> Google)
ShellIconOverlayIdentifiers: [ GoogleDriveSyncing] -> {81539FE6-33C7-4CE7-90C7-1C7B8F2F2D41} => C:\Program Files\Google\Drive\googledrivesync64.dll [2021-03-12] (Google LLC -> Google)
ShellIconOverlayIdentifiers: [00asw] -> {472083B0-C522-11CF-8763-00608CC02F24} => C:\Program Files\AVAST Software\Avast\ashShell.dll [2021-04-30] (Avast Software s.r.o. -> AVAST Software)
ShellIconOverlayIdentifiers-x32: [00asw] -> {472083B0-C522-11CF-8763-00608CC02F24} => C:\Program Files\AVAST Software\Avast\ashShell.dll [2021-04-30] (Avast Software s.r.o. -> AVAST Software)
ContextMenuHandlers1: [avast] -> {472083B0-C522-11CF-8763-00608CC02F24} => C:\Program Files\AVAST Software\Avast\ashShell.dll [2021-04-30] (Avast Software s.r.o. -> AVAST Software)
ContextMenuHandlers1: [GDContextMenu] -> {BB02B294-8425-42E5-983F-41A1FA970CD6} => C:\Program Files\Google\Drive\contextmenu64.dll [2021-03-12] (Google LLC -> Google)
ContextMenuHandlers3: [00asw] -> {472083B0-C522-11CF-8763-00608CC02F24} => C:\Program Files\AVAST Software\Avast\ashShell.dll [2021-04-30] (Avast Software s.r.o. -> AVAST Software)
ContextMenuHandlers4: [GDContextMenu] -> {BB02B294-8425-42E5-983F-41A1FA970CD6} => C:\Program Files\Google\Drive\contextmenu64.dll [2021-03-12] (Google LLC -> Google)
ContextMenuHandlers5: [igfxDTCM] -> {9B5F5829-A529-4B12-814A-E81BCB8D93FC} => C:\WINDOWS\system32\igfxDTCM.dll [2018-07-16] (Microsoft Windows Hardware Compatibility Publisher -> Intel Corporation)
ContextMenuHandlers6: [avast] -> {472083B0-C522-11CF-8763-00608CC02F24} => C:\Program Files\AVAST Software\Avast\ashShell.dll [2021-04-30] (Avast Software s.r.o. -> AVAST Software)

==================== Codecs (Whitelisted) ====================

==================== Shortcuts & WMI ========================

==================== Loaded Modules (Whitelisted) =============

2021-05-20 08:59 - 2021-05-20 08:59 - 000114176 _____ () [File not signed] C:\Users\wow\AppData\Local\Temp\_MEI78562\_ctypes.pyd
2021-05-20 08:59 - 2021-05-20 08:59 - 000172544 _____ () [File not signed] C:\Users\wow\AppData\Local\Temp\_MEI78562\_elementtree.pyd
2021-05-20 08:59 - 2021-05-20 08:59 - 002255872 _____ () [File not signed] C:\Users\wow\AppData\Local\Temp\_MEI78562\_hashlib.pyd
2021-05-20 08:59 - 2021-05-20 08:59 - 000032256 _____ () [File not signed] C:\Users\wow\AppData\Local\Temp\_MEI78562\_multiprocessing.pyd
2021-05-20 08:59 - 2021-05-20 08:59 - 000046080 _____ () [File not signed] C:\Users\wow\AppData\Local\Temp\_MEI78562\_psutil_windows.pyd
2021-05-20 08:59 - 2021-05-20 08:59 - 000047616 _____ () [File not signed] C:\Users\wow\AppData\Local\Temp\_MEI78562\_socket.pyd
2021-05-20 08:59 - 2021-05-20 08:59 - 002824704 _____ () [File not signed] C:\Users\wow\AppData\Local\Temp\_MEI78562\_ssl.pyd
2021-05-20 08:59 - 2021-05-20 08:59 - 000026112 _____ () [File not signed] C:\Users\wow\AppData\Local\Temp\_MEI78562\_yappi.pyd
2021-05-20 08:59 - 2021-05-20 08:59 - 000080896 _____ () [File not signed] C:\Users\wow\AppData\Local\Temp\_MEI78562\bz2.pyd
2021-05-20 08:59 - 2021-05-20 08:59 - 000015872 _____ () [File not signed] C:\Users\wow\AppData\Local\Temp\_MEI78562\common.time34.pyd
2021-05-20 08:59 - 2021-05-20 08:59 - 000007680 _____ () [File not signed] C:\Users\wow\AppData\Local\Temp\_MEI78562\hashobjs_ext.pyd
2021-05-20 08:59 - 2021-05-20 08:59 - 000301568 _____ () [File not signed] C:\Users\wow\AppData\Local\Temp\_MEI78562\PIL._imaging.pyd
2021-05-20 08:59 - 2021-05-20 08:59 - 000168448 _____ () [File not signed] C:\Users\wow\AppData\Local\Temp\_MEI78562\pyexpat.pyd
2021-05-20 08:59 - 2021-05-20 08:59 - 001084416 _____ () [File not signed] C:\Users\wow\AppData\Local\Temp\_MEI78562\pysqlite2._sqlite.pyd
2021-05-20 08:59 - 2021-05-20 08:59 - 000548864 _____ () [File not signed] C:\Users\wow\AppData\Local\Temp\_MEI78562\pythoncom27.dll
2021-05-20 08:59 - 2021-05-20 08:59 - 000137728 _____ () [File not signed] C:\Users\wow\AppData\Local\Temp\_MEI78562\pywintypes27.dll
2021-05-20 08:59 - 2021-05-20 08:59 - 000010752 _____ () [File not signed] C:\Users\wow\AppData\Local\Temp\_MEI78562\select.pyd
2021-05-20 08:59 - 2021-05-20 08:59 - 000020992 _____ () [File not signed] C:\Users\wow\AppData\Local\Temp\_MEI78562\thumbnails_ext.pyd
2021-05-20 08:59 - 2021-05-20 08:59 - 000689664 _____ () [File not signed] C:\Users\wow\AppData\Local\Temp\_MEI78562\unicodedata.pyd
2021-05-20 08:59 - 2021-05-20 08:59 - 000119808 _____ () [File not signed] C:\Users\wow\AppData\Local\Temp\_MEI78562\usb_ext.pyd
2021-05-20 08:59 - 2021-05-20 08:59 - 000128512 _____ () [File not signed] C:\Users\wow\AppData\Local\Temp\_MEI78562\win32api.pyd
2021-05-20 08:59 - 2021-05-20 08:59 - 000438784 _____ () [File not signed] C:\Users\wow\AppData\Local\Temp\_MEI78562\win32com.shell.shell.pyd
2021-05-20 08:59 - 2021-05-20 08:59 - 000011776 _____ () [File not signed] C:\Users\wow\AppData\Local\Temp\_MEI78562\win32crypt.pyd
2021-05-20 08:59 - 2021-05-20 08:59 - 000023040 _____ () [File not signed] C:\Users\wow\AppData\Local\Temp\_MEI78562\win32event.pyd
2021-05-20 08:59 - 2021-05-20 08:59 - 000149504 _____ () [File not signed] C:\Users\wow\AppData\Local\Temp\_MEI78562\win32file.pyd
2021-05-20 08:59 - 2021-05-20 08:59 - 000223232 _____ () [File not signed] C:\Users\wow\AppData\Local\Temp\_MEI78562\win32gui.pyd
2021-05-20 08:59 - 2021-05-20 08:59 - 000048128 _____ () [File not signed] C:\Users\wow\AppData\Local\Temp\_MEI78562\win32inet.pyd
2021-05-20 08:59 - 2021-05-20 08:59 - 000029696 _____ () [File not signed] C:\Users\wow\AppData\Local\Temp\_MEI78562\win32pdh.pyd
2021-05-20 08:59 - 2021-05-20 08:59 - 000027648 _____ () [File not signed] C:\Users\wow\AppData\Local\Temp\_MEI78562\win32pipe.pyd
2021-05-20 08:59 - 2021-05-20 08:59 - 000044032 _____ () [File not signed] C:\Users\wow\AppData\Local\Temp\_MEI78562\win32process.pyd
2021-05-20 08:59 - 2021-05-20 08:59 - 000020480 _____ () [File not signed] C:\Users\wow\AppData\Local\Temp\_MEI78562\win32profile.pyd
2021-05-20 08:59 - 2021-05-20 08:59 - 000136192 _____ () [File not signed] C:\Users\wow\AppData\Local\Temp\_MEI78562\win32security.pyd
2021-05-20 08:59 - 2021-05-20 08:59 - 000026624 _____ () [File not signed] C:\Users\wow\AppData\Local\Temp\_MEI78562\win32ts.pyd
2021-05-20 08:59 - 2021-05-20 08:59 - 000034304 _____ () [File not signed] C:\Users\wow\AppData\Local\Temp\_MEI78562\windows.conditional.pyd
2021-05-20 08:59 - 2021-05-20 08:59 - 000037888 _____ () [File not signed] C:\Users\wow\AppData\Local\Temp\_MEI78562\windows.connectivity.pyd
2021-05-20 08:59 - 2021-05-20 08:59 - 000071680 _____ () [File not signed] C:\Users\wow\AppData\Local\Temp\_MEI78562\windows.device_monitor.pyd
2021-05-20 08:59 - 2021-05-20 08:59 - 000103936 _____ () [File not signed] C:\Users\wow\AppData\Local\Temp\_MEI78562\windows.volumes.pyd
2021-05-20 08:59 - 2021-05-20 08:59 - 000019968 _____ () [File not signed] C:\Users\wow\AppData\Local\Temp\_MEI78562\windows.winwrap.pyd
2021-05-20 08:59 - 2021-05-20 08:59 - 001325056 _____ () [File not signed] C:\Users\wow\AppData\Local\Temp\_MEI78562\wx._controls_.pyd
2021-05-20 08:59 - 2021-05-20 08:59 - 001489408 _____ () [File not signed] C:\Users\wow\AppData\Local\Temp\_MEI78562\wx._core_.pyd
2021-05-20 08:59 - 2021-05-20 08:59 - 001007104 _____ () [File not signed] C:\Users\wow\AppData\Local\Temp\_MEI78562\wx._gdi_.pyd
2021-05-20 08:59 - 2021-05-20 08:59 - 000103424 _____ () [File not signed] C:\Users\wow\AppData\Local\Temp\_MEI78562\wx._html2.pyd
2021-05-20 08:59 - 2021-05-20 08:59 - 000916992 _____ () [File not signed] C:\Users\wow\AppData\Local\Temp\_MEI78562\wx._misc_.pyd
2021-05-20 08:59 - 2021-05-20 08:59 - 001039872 _____ () [File not signed] C:\Users\wow\AppData\Local\Temp\_MEI78562\wx._windows_.pyd
2009-04-07 19:16 - 2009-04-07 19:16 - 000061440 _____ (LITE-ON Corp.) [File not signed] C:\Program Files\Lenovo\Lenovo Slim USB Keyboard\skhooks.dll
2021-05-20 08:59 - 2021-05-20 08:59 - 003043328 _____ (Python Software Foundation) [File not signed] C:\Users\wow\AppData\Local\Temp\_MEI78562\python27.dll
2021-05-20 08:59 - 2021-05-20 08:59 - 000202240 _____ (wxWidgets development team) [File not signed] C:\Users\wow\AppData\Local\Temp\_MEI78562\wxbase30u_net_vc90_x64.dll
2021-05-20 08:59 - 2021-05-20 08:59 - 002831872 _____ (wxWidgets development team) [File not signed] C:\Users\wow\AppData\Local\Temp\_MEI78562\wxbase30u_vc90_x64.dll
2021-05-20 08:59 - 2021-05-20 08:59 - 001654784 _____ (wxWidgets development team) [File not signed] C:\Users\wow\AppData\Local\Temp\_MEI78562\wxmsw30u_adv_vc90_x64.dll
2021-05-20 08:59 - 2021-05-20 08:59 - 006542336 _____ (wxWidgets development team) [File not signed] C:\Users\wow\AppData\Local\Temp\_MEI78562\wxmsw30u_core_vc90_x64.dll
2021-05-20 08:59 - 2021-05-20 08:59 - 000773632 _____ (wxWidgets development team) [File not signed] C:\Users\wow\AppData\Local\Temp\_MEI78562\wxmsw30u_html_vc90_x64.dll
2021-05-20 08:59 - 2021-05-20 08:59 - 000137216 _____ (wxWidgets development team) [File not signed] C:\Users\wow\AppData\Local\Temp\_MEI78562\wxmsw30u_webview_vc90_x64.dll

==================== Alternate Data Streams (Whitelisted) ========

==================== Safe Mode (Whitelisted) ==================

(If an entry is included in the fixlist, it will be removed from the registry. The "AlternateShell" will be restored.)

HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\aswSP.sys => ""="Driver"
HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Network\aswSP.sys => ""="Driver"

==================== Association (Whitelisted) =================

==================== Internet Explorer (Whitelisted) ==========

BHO-x32: Groove GFS Browser Helper -> {72853161-30C5-4D22-B7F9-0BBC1D38A37E} -> C:\Program Files (x86)\Microsoft Office\Office12\GrooveShellExtensions.dll [2009-02-26] (Microsoft Corporation -> Microsoft Corporation)

==================== Hosts content: =========================

(If needed Hosts: directive could be included in the fixlist to reset Hosts.)

2015-07-10 13:04 - 2019-12-16 12:26 - 000000027 _____ C:\WINDOWS\system32\drivers\etc\hosts
127.0.0.1 localhost

==================== Other Areas ===========================

(Currently there is no automatic fix for this section.)

HKLM\System\CurrentControlSet\Control\Session Manager\Environment\\Path -> C:\Program Files (x86)\Intel\iCLS Client\;C:\Program Files\Intel\iCLS Client\;%SystemRoot%\system32;%SystemRoot%;%SystemRoot%\System32\Wbem;%SYSTEMROOT%\System32\WindowsPowerShell\v1.0\;C:\Program Files (x86)\Common Files\lenovo\easyplussdk\bin;C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\DAL;C:\Program Files\Intel\Intel(R) Management Engine Components\DAL;C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\IPT;C:\Program Files\Intel\Intel(R) Management Engine Components\IPT;C:\Program Files\Calibre2\;%SYSTEMROOT%\System32\OpenSSH\
HKU\S-1-5-21-3829197068-2955107618-1151059083-1001\Control Panel\Desktop\\Wallpaper -> D:\Fotky\IMG_20200521_123756.jpg
DNS Servers: 10.0.0.138
HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Policies\System => (ConsentPromptBehaviorAdmin: 5) (ConsentPromptBehaviorUser: 3) (EnableLUA: 1)
HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer => (SmartScreenEnabled: RequireAdmin)
Windows Firewall is enabled.

==================== MSCONFIG/TASK MANAGER disabled items ==

(If an entry is included in the fixlist, it will be removed.)

HKLM\...\StartupApproved\Run: => "SecurityHealth"
HKLM\...\StartupApproved\Run: => "WindowsDefender"
HKLM\...\StartupApproved\Run32: => "SecurityHealth"
HKLM\...\StartupApproved\Run32: => "WindowsDefender"
HKU\S-1-5-21-3829197068-2955107618-1151059083-1001\...\StartupApproved\Run: => "OneDrive"
HKU\S-1-5-21-3829197068-2955107618-1151059083-1001\...\StartupApproved\Run: => "AvastBrowserAutoLaunch_6F12923EB02AD11E91B5AF5FC2A0240C"
HKU\S-1-5-21-3829197068-2955107618-1151059083-1001\...\StartupApproved\Run: => "CCleaner Smart Cleaning"

==================== FirewallRules (Whitelisted) ================

(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)

FirewallRules: [UDP Query User{C0711B30-D3EA-4386-9F51-4CEF39293F80}C:\program files\mozilla firefox\firefox.exe] => (Block) C:\program files\mozilla firefox\firefox.exe (Mozilla Corporation -> Mozilla Corporation)
FirewallRules: [TCP Query User{B4817637-7AF7-4747-BBA9-5A2D8BEBFF1F}C:\program files\mozilla firefox\firefox.exe] => (Block) C:\program files\mozilla firefox\firefox.exe (Mozilla Corporation -> Mozilla Corporation)
FirewallRules: [{44FBBCFC-AF47-4FD2-BDAB-6DF495E8236B}] => (Allow) C:\Program Files\Zoner\Photo Studio 17\Program32\MediaServer.exe (ZONER software, a.s. -> ZONER software)
FirewallRules: [UDP Query User{3E0DABE0-9F24-4D78-BA70-F1078169061C}C:\users\wow\appdata\roaming\bittorrent\bittorrent.exe] => (Block) C:\users\wow\appdata\roaming\bittorrent\bittorrent.exe (BitTorrent Inc -> BitTorrent Inc.)
FirewallRules: [TCP Query User{C67B52E9-E180-4A22-BC5B-D16E824E4486}C:\users\wow\appdata\roaming\bittorrent\bittorrent.exe] => (Block) C:\users\wow\appdata\roaming\bittorrent\bittorrent.exe (BitTorrent Inc -> BitTorrent Inc.)
FirewallRules: [{6E18ACE4-A7AB-4F16-99DC-EB75BEE3C474}] => (Allow) C:\Program Files\Mozilla Firefox\firefox.exe (Mozilla Corporation -> Mozilla Corporation)
FirewallRules: [{D826F392-DEBE-4E4D-BD2D-26A5FBD338C3}] => (Allow) C:\Program Files\Mozilla Firefox\firefox.exe (Mozilla Corporation -> Mozilla Corporation)
FirewallRules: [TCP Query User{51E6F166-45BF-4E73-B198-17F6D2E3E5C6}C:\users\wow\appdata\roaming\bittorrent\bittorrent.exe] => (Allow) C:\users\wow\appdata\roaming\bittorrent\bittorrent.exe (BitTorrent Inc -> BitTorrent Inc.)
FirewallRules: [UDP Query User{B43F2FAB-D3EB-4A22-A0EF-223F46811C43}C:\users\wow\appdata\roaming\bittorrent\bittorrent.exe] => (Allow) C:\users\wow\appdata\roaming\bittorrent\bittorrent.exe (BitTorrent Inc -> BitTorrent Inc.)
FirewallRules: [{4CA95690-EFB8-4BBF-91C0-1DFF79901928}] => (Allow) C:\Program Files\CCleaner\CCUpdate.exe (Piriform Software Ltd -> Piriform)
FirewallRules: [{7C89660B-0081-43D1-B52A-5848B3CF00A6}] => (Allow) C:\Program Files\CCleaner\CCUpdate.exe (Piriform Software Ltd -> Piriform)
FirewallRules: [{F8652DAF-59F9-475D-AC16-E8A023C4840C}] => (Allow) C:\Program Files (x86)\AVAST Software\Browser\Application\AvastBrowser.exe (Avast Software s.r.o. -> AVAST Software)
FirewallRules: [{85585CAA-B4E9-47C9-B5A3-CF1234849A5D}] => (Allow) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe (Google LLC -> Google LLC)

==================== Restore Points =========================

15-04-2021 08:42:34 Windows Modules Installer
14-05-2021 09:06:49 Windows Modules Installer
14-05-2021 09:20:14 Windows Modules Installer
17-05-2021 09:07:54 Windows Modules Installer

==================== Faulty Device Manager Devices ============


==================== Event log errors: ========================

Application errors:
==================
Error: (05/20/2021 09:40:38 AM) (Source: Microsoft-Windows-Defrag) (EventID: 264) (User: )
Description: Optimalizátor úložiště nemohl dokončit retrim na Back (D:), protože: The operation requested is not supported by the hardware backing the volume. (0x8900002A)

Error: (05/20/2021 08:57:51 AM) (Source: Application Error) (EventID: 1000) (User: )
Description: Název chybující aplikace: FreemakeUtilsService.exe, verze: 1.0.0.0, časové razítko: 0x5f742b96
Název chybujícího modulu: KERNELBASE.dll, verze: 10.0.19041.964, časové razítko: 0x11253621
Kód výjimky: 0xe0434352
Posun chyby: 0x0012a6e2
ID chybujícího procesu: 0xd10
Čas spuštění chybující aplikace: 0x01d74d457121d886
Cesta k chybující aplikaci: C:\ProgramData\Freemake\FreemakeUtilsService\FreemakeUtilsService.exe
Cesta k chybujícímu modulu: C:\WINDOWS\System32\KERNELBASE.dll
ID zprávy: 1765ee2c-8256-4923-ab8b-17825e12163b
Úplný název chybujícího balíčku:
ID aplikace související s chybujícím balíčkem:

Error: (05/20/2021 08:57:48 AM) (Source: .NET Runtime) (EventID: 1026) (User: )
Description: Application: FreemakeUtilsService.exe
Framework Version: v4.0.30319
Description: The process was terminated due to an unhandled exception.
Exception Info: System.IO.FileNotFoundException
at FreemakeUtilsService.Program.Main(System.String[])

Error: (05/19/2021 11:10:50 PM) (Source: Application Hang) (EventID: 1002) (User: )
Description: Program mbamtray.exe verze 4.0.0.987 přestal spolupracovat s Windows a byl ukončen. Pokud chcete zjistit, jestli je k dispozici více informací o tomto problému, vyhledejte historii problému na ovládacím panelu Zabezpečení a údržba.

ID procesu: 1690

Čas spuštění: 01d74cf14fad6c84

Čas ukončení: 4294967295

Cesta k aplikaci: C:\Program Files\Malwarebytes\Anti-Malware\mbamtray.exe

ID hlášení: 0e3b0c66-7941-426a-b478-14eaa904356f

Úplný název balíčku s chybou:

ID aplikace relativní podle balíčku s chybou:

Typ zablokování: Top level window is idle

Error: (05/19/2021 10:55:20 PM) (Source: Application Error) (EventID: 1000) (User: )
Description: Název chybující aplikace: FreemakeUtilsService.exe, verze: 1.0.0.0, časové razítko: 0x5f742b96
Název chybujícího modulu: KERNELBASE.dll, verze: 10.0.19041.964, časové razítko: 0x11253621
Kód výjimky: 0xe0434352
Posun chyby: 0x0012a6e2
ID chybujícího procesu: 0xc94
Čas spuštění chybující aplikace: 0x01d74cf146fc29a8
Cesta k chybující aplikaci: C:\ProgramData\Freemake\FreemakeUtilsService\FreemakeUtilsService.exe
Cesta k chybujícímu modulu: C:\WINDOWS\System32\KERNELBASE.dll
ID zprávy: 703d2dfb-cd1d-42e5-96f6-9b6770d5395f
Úplný název chybujícího balíčku:
ID aplikace související s chybujícím balíčkem:

Error: (05/19/2021 10:55:19 PM) (Source: .NET Runtime) (EventID: 1026) (User: )
Description: Application: FreemakeUtilsService.exe
Framework Version: v4.0.30319
Description: The process was terminated due to an unhandled exception.
Exception Info: System.IO.FileNotFoundException
at FreemakeUtilsService.Program.Main(System.String[])

Error: (05/19/2021 10:48:11 PM) (Source: Application Error) (EventID: 1000) (User: )
Description: Název chybující aplikace: FreemakeUtilsService.exe, verze: 1.0.0.0, časové razítko: 0x5f742b96
Název chybujícího modulu: KERNELBASE.dll, verze: 10.0.19041.964, časové razítko: 0x11253621
Kód výjimky: 0xe0434352
Posun chyby: 0x0012a6e2
ID chybujícího procesu: 0xcb8
Čas spuštění chybující aplikace: 0x01d74cf046e91095
Cesta k chybující aplikaci: C:\ProgramData\Freemake\FreemakeUtilsService\FreemakeUtilsService.exe
Cesta k chybujícímu modulu: C:\WINDOWS\System32\KERNELBASE.dll
ID zprávy: 71056f47-4bf1-4f3d-a2a4-874d21739875
Úplný název chybujícího balíčku:
ID aplikace související s chybujícím balíčkem:

Error: (05/19/2021 10:48:09 PM) (Source: .NET Runtime) (EventID: 1026) (User: )
Description: Application: FreemakeUtilsService.exe
Framework Version: v4.0.30319
Description: The process was terminated due to an unhandled exception.
Exception Info: System.IO.FileNotFoundException
at FreemakeUtilsService.Program.Main(System.String[])


System errors:
=============
Error: (05/20/2021 08:57:58 AM) (Source: Service Control Manager) (EventID: 7000) (User: )
Description: Služba Freemake Improver neuspěla při spuštění v důsledku následující chyby:
Služba neodpověděla na řídicí nebo zahajovací požadavek dostatečně včas.

Error: (05/20/2021 08:57:58 AM) (Source: Service Control Manager) (EventID: 7009) (User: )
Description: Při čekání na připojení služby Freemake Improver bylo dosaženo časového limitu (45000 ms).

Error: (05/19/2021 11:11:00 PM) (Source: Service Control Manager) (EventID: 7034) (User: )
Description: Služba Adobe Genuine Monitor Service byla neočekávaně ukončena. Tento stav nastal již 1krát.

Error: (05/19/2021 11:10:57 PM) (Source: Service Control Manager) (EventID: 7034) (User: )
Description: Služba Adobe Genuine Software Integrity Service byla neočekávaně ukončena. Tento stav nastal již 1krát.

Error: (05/19/2021 11:10:54 PM) (Source: Service Control Manager) (EventID: 7034) (User: )
Description: Služba Adobe Acrobat Update Service byla neočekávaně ukončena. Tento stav nastal již 1krát.

Error: (05/19/2021 10:55:23 PM) (Source: Service Control Manager) (EventID: 7000) (User: )
Description: Služba Freemake Improver neuspěla při spuštění v důsledku následující chyby:
Služba neodpověděla na řídicí nebo zahajovací požadavek dostatečně včas.

Error: (05/19/2021 10:55:23 PM) (Source: Service Control Manager) (EventID: 7009) (User: )
Description: Při čekání na připojení služby Freemake Improver bylo dosaženo časového limitu (45000 ms).

Error: (05/19/2021 10:54:02 PM) (Source: DCOM) (EventID: 10010) (User: DESKTOP-89RL4UG)
Description: Server {AB8902B4-09CA-4BB6-B78D-A8F59079A8D5} se v daném časovém limitu neregistroval u služby DCOM.


CodeIntegrity:
===============
Date: 2021-05-20 10:06:54
Description:
Code Integrity determined that a process (\Device\HarddiskVolume3\Program Files (x86)\AVAST Software\Browser\Application\AvastBrowser.exe) attempted to load \Device\HarddiskVolume3\Program Files\AVAST Software\Avast\aswhook.dll that did not meet the Microsoft signing level requirements.

Date: 2021-05-20 09:58:48
Description:
Code Integrity determined that a process (\Device\HarddiskVolume3\Program Files\AVAST Software\Avast\AvastSvc.exe) attempted to load \Device\HarddiskVolume3\Program Files\Common Files\microsoft shared\OFFICE12\MSOXMLMF.DLL that did not meet the Custom 3 / Antimalware signing level requirements.

Date: 2021-05-20 09:42:42
Description:
Code Integrity determined that a process (\Device\HarddiskVolume3\Windows\System32\svchost.exe) attempted to load \Device\HarddiskVolume3\Program Files\AVAST Software\Avast\aswAMSI.dll that did not meet the Windows signing level requirements.


==================== Memory info ===========================

BIOS: LENOVO M0KKT17A 08/20/2015
Motherboard: LENOVO SHARKBAY
Processor: Intel(R) Pentium(R) CPU G3260 @ 3.30GHz
Percentage of memory in use: 74%
Total physical RAM: 4005.27 MB
Available physical RAM: 1016.95 MB
Total Virtual: 5285.27 MB
Available Virtual: 1453.99 MB

==================== Drives ================================

Drive c: (Windows) (Fixed) (Total:411.39 GB) (Free:326.69 GB) NTFS ==>[system with boot components (obtained from drive)]
Drive d: (Back) (Fixed) (Total:488.28 GB) (Free:403.87 GB) NTFS
Drive l: (KINGSTON) (Removable) (Total:28.85 GB) (Free:26.38 GB) FAT32

\\?\Volume{5c54ca0b-3d03-42ee-bf86-f01bfb318e30}\ (WinRE_DRV) (Fixed) (Total:0.98 GB) (Free:0.5 GB) NTFS
\\?\Volume{5e2dc3bb-2067-4d79-81ea-aa2a9ec717e1}\ (LENOVO_PART) (Fixed) (Total:30 GB) (Free:17.25 GB) NTFS
\\?\Volume{d4fd223c-2cf9-4313-a8e0-2b06e7cec4a5}\ (SYSTEM) (Fixed) (Total:0.25 GB) (Free:0.22 GB) FAT32

==================== MBR & Partition Table ====================

==========================================================
Disk: 0 (Size: 931.5 GB) (Disk ID: E7B780F0)

Partition: GPT.

==========================================================
Disk: 1 (MBR Code: Windows XP) (Size: 28.9 GB) (Disk ID: 77E40D7F)
Partition 1: (Active) - (Size=28.9 GB) - (Type=0C)

==================== End of Addition.txt =======================

Uživatelský avatar
Diallix
Rádce
Rádce
Příspěvky: 2760
Registrován: 27 dub 2008 10:34
Kontaktovat uživatele:

Re: PC dlouho od spuštění stále něco načítá

#8 Příspěvek od Diallix »

Posledne docistenie.

Do poznamkoveho bloku skopirujte obsah dole:

Kód: Vybrat vše

HKLM\SOFTWARE\Policies\Mozilla\Firefox: Restriction <==== ATTENTION
Task: {A263ED01-D78A-4D57-9923-E968C83B26C1} - System32\Tasks\Adobe Acrobat Update Task => C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\AdobeARM.exe [1557200 2021-01-25] (Adobe Inc. -> Adobe Inc.)

EmptyTemp:

Poznamkovy blok ulozte pod nazvom fixlist.txt do umiestnenia kde je FRST.
Spustite FRST a odkliknite tlacidlo: Fix
Vykona sa funkcionalita po ktorej sa pocitac rebootuje. Po reboote sem vlozte obsah logu: fixlog.txt ulozeneho v umiestneni FRST.



Referujte ako je na tom pocitac.
Vyšla moja nová kniha BOTNETY! :173: Informácie o nej nájdete tu: >> BOTNETY <<

¯­­­¯­­­¯­­­¯­­­¯­­­¯­­­¯­­­¯­­­¯­­­¯­­­¯­­­¯­­­¯­­­¯­­­¯­­­¯­­­¯­­­¯­­­¯­­­¯­­­¯­­­¯­­­¯­­­¯­­­¯­­­¯­­­¯­­­¯­­­¯­­­¯­­­¯­­­¯­­­¯­­­¯­­­¯­­­¯­­­¯­­­¯­­­¯­­­¯­­­¯­­­¯­­­¯­­­¯­­­¯­­­¯­­­¯­­­¯­­­¯­­­¯­­­¯­­­¯­­­¯­­­¯­­­¯­­­¯­­­¯­­­¯­­­¯­­­¯­­­¯­­­¯­­­¯­­­¯­­­¯­­­¯­­­¯­­­¯­­­¯­­­¯­­­¯­­­¯­­­¯­­­¯­­­¯­­­¯­­­¯­­­¯­­­¯­­­¯­­­¯­­­¯­­­¯­­­¯­­­¯­­­¯­­­¯­­­¯­­­¯­­­¯­­­¯­­­¯­­­¯­­­¯­­­¯­­­¯­­­¯­­­¯­­­¯­­­¯­­­¯­­­¯­­­¯­­­¯­­­¯­­­¯­­­¯­­­¯­­­¯­­­¯­­­¯­­­¯­­­¯­­­¯­­­¯­­­¯­­­¯­­­¯­­­¯­­­¯­­­¯­­­¯­­­¯­­­¯­­­¯­­­¯­­­¯­­­¯­­­¯­­­¯­­­¯­­­¯­­­¯­­­¯­­­¯­­­¯­­­¯­­­¯­­­¯­­­¯­­­¯­­­
---
Obrázek Hľadáme nové posily do nášej CyberSecurity UNIT jednotky. Viac informácií o tom, čo to obnáša a ako sa pripojiť nájdete tu: >> CyberSecurity UNIT << Obrázek
----
Nízkoúrovňový, Vysokoúrovňový programátor - profilová karta tu: card <<
----
Háveťárna - UPLOAD Malwaru: >> upload <<
---
Ak sa Vám ľúbi moja práca a ste sňou spokojný, môžete ma kontaktovať na: diallix@centrum.sk, info@diallix.net alebo diallix@forum.viry.cz .
---
Momentálne aktívny ako:
- konzultant, vývojár a tutor výskumu inteligentného malwaru.
- tutor v oblasti dotazovacích jazykoch SQL (TSQL, PLSQL), objektového programovania (c++,c#,php) pre študentov.

Na fóre pôsobím ako:
- Bezpečnostná autorita viry.cz
- Zástupca tutora pre vzdelávanie nováčikov
- Zakladateľ Cyber Security jednotky

mlzd
Návštěvník
Návštěvník
Příspěvky: 114
Registrován: 02 led 2005 00:36
Bydliště: VDF

Re: PC dlouho od spuštění stále něco načítá

#9 Příspěvek od mlzd »

Fix result of Farbar Recovery Scan Tool (x64) Version: 26-06-2021
Ran by wow (28-06-2021 12:32:57) Run:3
Running from C:\Users\wow\Desktop
Loaded Profiles: wow
Boot Mode: Normal
==============================================

fixlist content:
*****************
HKLM\SOFTWARE\Policies\Mozilla\Firefox: Restriction <==== ATTENTION
Task: {A263ED01-D78A-4D57-9923-E968C83B26C1} - System32\Tasks\Adobe Acrobat Update Task => C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\AdobeARM.exe [1557200 2021-01-25] (Adobe Inc. -> Adobe Inc.)

EmptyTemp:


*****************

HKLM\SOFTWARE\Policies\Mozilla => removed successfully
"HKLM\Software\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tasks\{A263ED01-D78A-4D57-9923-E968C83B26C1}" => not found
C:\WINDOWS\System32\Tasks\Adobe Acrobat Update Task => moved successfully
"HKLM\Software\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tree\Adobe Acrobat Update Task" => removed successfully

=========== EmptyTemp: ==========

BITS transfer queue => 10510336 B
DOMStore, IE Recovery, AppCache, Feeds Cache, Thumbcache, IconCache => 16899853 B
Java, Flash, Steam htmlcache => 0 B
Windows/system/drivers => 41739 B
Edge => 0 B
Chrome => 143360 B
Firefox => 85554398 B
Opera => 0 B

Temp, IE cache, history, cookies, recent:
Default => 0 B
ProgramData => 0 B
Public => 0 B
systemprofile => 0 B
systemprofile32 => 0 B
LocalService => 200796 B
NetworkService => 200796 B
wow => 87709547 B

RecycleBin => 22091 B
EmptyTemp: => 192 MB temporary data Removed.

================================


The system needed a reboot.

==== End of Fixlog 12:33:34 ====

Po restartu PC načetl co je třeba a pak se rychle zklidnil. Zdá se, že to bude OK
Mockrát díky!! Zdenek.

Uživatelský avatar
Diallix
Rádce
Rádce
Příspěvky: 2760
Registrován: 27 dub 2008 10:34
Kontaktovat uživatele:

Re: PC dlouho od spuštění stále něco načítá

#10 Příspěvek od Diallix »

Podla mna je to ok :]] mate este neake problemy?
Vyšla moja nová kniha BOTNETY! :173: Informácie o nej nájdete tu: >> BOTNETY <<

¯­­­¯­­­¯­­­¯­­­¯­­­¯­­­¯­­­¯­­­¯­­­¯­­­¯­­­¯­­­¯­­­¯­­­¯­­­¯­­­¯­­­¯­­­¯­­­¯­­­¯­­­¯­­­¯­­­¯­­­¯­­­¯­­­¯­­­¯­­­¯­­­¯­­­¯­­­¯­­­¯­­­¯­­­¯­­­¯­­­¯­­­¯­­­¯­­­¯­­­¯­­­¯­­­¯­­­¯­­­¯­­­¯­­­¯­­­¯­­­¯­­­¯­­­¯­­­¯­­­¯­­­¯­­­¯­­­¯­­­¯­­­¯­­­¯­­­¯­­­¯­­­¯­­­¯­­­¯­­­¯­­­¯­­­¯­­­¯­­­¯­­­¯­­­¯­­­¯­­­¯­­­¯­­­¯­­­¯­­­¯­­­¯­­­¯­­­¯­­­¯­­­¯­­­¯­­­¯­­­¯­­­¯­­­¯­­­¯­­­¯­­­¯­­­¯­­­¯­­­¯­­­¯­­­¯­­­¯­­­¯­­­¯­­­¯­­­¯­­­¯­­­¯­­­¯­­­¯­­­¯­­­¯­­­¯­­­¯­­­¯­­­¯­­­¯­­­¯­­­¯­­­¯­­­¯­­­¯­­­¯­­­¯­­­¯­­­¯­­­¯­­­¯­­­¯­­­¯­­­¯­­­¯­­­¯­­­¯­­­¯­­­¯­­­¯­­­¯­­­¯­­­¯­­­¯­­­¯­­­¯­­­¯­­­¯­­­¯­­­¯­­­
---
Obrázek Hľadáme nové posily do nášej CyberSecurity UNIT jednotky. Viac informácií o tom, čo to obnáša a ako sa pripojiť nájdete tu: >> CyberSecurity UNIT << Obrázek
----
Nízkoúrovňový, Vysokoúrovňový programátor - profilová karta tu: card <<
----
Háveťárna - UPLOAD Malwaru: >> upload <<
---
Ak sa Vám ľúbi moja práca a ste sňou spokojný, môžete ma kontaktovať na: diallix@centrum.sk, info@diallix.net alebo diallix@forum.viry.cz .
---
Momentálne aktívny ako:
- konzultant, vývojár a tutor výskumu inteligentného malwaru.
- tutor v oblasti dotazovacích jazykoch SQL (TSQL, PLSQL), objektového programovania (c++,c#,php) pre študentov.

Na fóre pôsobím ako:
- Bezpečnostná autorita viry.cz
- Zástupca tutora pre vzdelávanie nováčikov
- Zakladateľ Cyber Security jednotky

mlzd
Návštěvník
Návštěvník
Příspěvky: 114
Registrován: 02 led 2005 00:36
Bydliště: VDF

Re: PC dlouho od spuštění stále něco načítá

#11 Příspěvek od mlzd »

Zatím OK. Můžeme toto téma uzavřít.
Ještě jednou díky. Zdraví Zdenek.

Uživatelský avatar
Diallix
Rádce
Rádce
Příspěvky: 2760
Registrován: 27 dub 2008 10:34
Kontaktovat uživatele:

Re: PC dlouho od spuštění stále něco načítá

#12 Příspěvek od Diallix »

Oki, nemte zaco, zamykam :]]
Vyšla moja nová kniha BOTNETY! :173: Informácie o nej nájdete tu: >> BOTNETY <<

¯­­­¯­­­¯­­­¯­­­¯­­­¯­­­¯­­­¯­­­¯­­­¯­­­¯­­­¯­­­¯­­­¯­­­¯­­­¯­­­¯­­­¯­­­¯­­­¯­­­¯­­­¯­­­¯­­­¯­­­¯­­­¯­­­¯­­­¯­­­¯­­­¯­­­¯­­­¯­­­¯­­­¯­­­¯­­­¯­­­¯­­­¯­­­¯­­­¯­­­¯­­­¯­­­¯­­­¯­­­¯­­­¯­­­¯­­­¯­­­¯­­­¯­­­¯­­­¯­­­¯­­­¯­­­¯­­­¯­­­¯­­­¯­­­¯­­­¯­­­¯­­­¯­­­¯­­­¯­­­¯­­­¯­­­¯­­­¯­­­¯­­­¯­­­¯­­­¯­­­¯­­­¯­­­¯­­­¯­­­¯­­­¯­­­¯­­­¯­­­¯­­­¯­­­¯­­­¯­­­¯­­­¯­­­¯­­­¯­­­¯­­­¯­­­¯­­­¯­­­¯­­­¯­­­¯­­­¯­­­¯­­­¯­­­¯­­­¯­­­¯­­­¯­­­¯­­­¯­­­¯­­­¯­­­¯­­­¯­­­¯­­­¯­­­¯­­­¯­­­¯­­­¯­­­¯­­­¯­­­¯­­­¯­­­¯­­­¯­­­¯­­­¯­­­¯­­­¯­­­¯­­­¯­­­¯­­­¯­­­¯­­­¯­­­¯­­­¯­­­¯­­­¯­­­¯­­­¯­­­¯­­­¯­­­¯­­­¯­­­¯­­­
---
Obrázek Hľadáme nové posily do nášej CyberSecurity UNIT jednotky. Viac informácií o tom, čo to obnáša a ako sa pripojiť nájdete tu: >> CyberSecurity UNIT << Obrázek
----
Nízkoúrovňový, Vysokoúrovňový programátor - profilová karta tu: card <<
----
Háveťárna - UPLOAD Malwaru: >> upload <<
---
Ak sa Vám ľúbi moja práca a ste sňou spokojný, môžete ma kontaktovať na: diallix@centrum.sk, info@diallix.net alebo diallix@forum.viry.cz .
---
Momentálne aktívny ako:
- konzultant, vývojár a tutor výskumu inteligentného malwaru.
- tutor v oblasti dotazovacích jazykoch SQL (TSQL, PLSQL), objektového programovania (c++,c#,php) pre študentov.

Na fóre pôsobím ako:
- Bezpečnostná autorita viry.cz
- Zástupca tutora pre vzdelávanie nováčikov
- Zakladateľ Cyber Security jednotky

Zamčeno