Preventivní kontrola logu starý ntb

[vev]

Dobrý večer,
prosím o preventivní kontrolu logu na starém notebooku. Je to už dědeček, ale mělo by vše fungovat, každopádně budu vděčná za kontrolu. Moc děkuji...


log z RSIT


Logfile of random's system information tool 1.10 (written by random/random)
Run by vev at 2022-01-27 21:25:20
Microsoft Windows 7 Home Premium Service Pack 1
System drive C: has 44 GB (37%) free of 119 GB
Total RAM: 2925 MB (53% free)

Logfile of Trend Micro HijackThis v2.0.4
Scan saved at 21:25:25, on 27.1.2022
Platform: Windows 7 SP1 (WinNT 6.00.3505)
MSIE: Internet Explorer v11.0 (11.00.9600.19597)
Boot mode: Normal

Running processes:
C:\Program Files (x86)\syncables\syncables desktop\syncables.exe
C:\Program Files (x86)\syncables\syncables desktop\jre\bin\javaw.exe
C:\Program Files (x86)\ASUS\ASUS Data Security Manager\ADSMTray.exe
C:\Program Files (x86)\ASUS\SmartLogon\sensorsrv.exe
C:\Windows\AsScrPro.exe
C:\Program Files (x86)\ASUS\ATK Package\ATKOSD2\ATKOSD2.exe
C:\Program Files (x86)\Boingo\Boingo Wi-Fi\Boingo Wi-Fi.exe
C:\Program Files (x86)\ASUS\ATK Package\ATK Media\DMedia.exe
C:\Program Files (x86)\ASUS\ATK Package\ATK Hotkey\HControlUser.exe
C:\Program Files (x86)\ASUS\Wireless Console 3\wcourier.exe
C:\Program Files (x86)\PDF24\pdf24.exe
C:\Program Files (x86)\syncables\syncables desktop\syncablesMAPI.exe
C:\Program Files\WIDCOMM\Bluetooth Software\BluetoothHeadsetProxy.exe
C:\Program Files\trend micro\vev.exe

R1 - HKCU\Software\Microsoft\Internet Explorer\Main,Search Bar = https://www.seznam.cz/?clid=22668
R1 - HKCU\Software\Microsoft\Internet Explorer\Main,Search Page = http://search.seznam.cz/?sourceid=quick ... earchTerms}
R0 - HKCU\Software\Microsoft\Internet Explorer\Main,Start Page = http://www.seznam.cz/?clid=12454
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = http://go.microsoft.com/fwlink/?LinkId=69157
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Search_URL = http://go.microsoft.com/fwlink/?LinkId=54896
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Search Bar = https://www.seznam.cz/?clid=22668
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Search Page = http://search.seznam.cz/?sourceid=quick ... earchTerms}
R0 - HKLM\Software\Microsoft\Internet Explorer\Main,Start Page = https://www.seznam.cz/?clid=22668
R0 - HKLM\Software\Microsoft\Internet Explorer\Search,SearchAssistant =
R0 - HKLM\Software\Microsoft\Internet Explorer\Search,CustomizeSearch =
R0 - HKLM\Software\Microsoft\Internet Explorer\Main,Local Page = C:\Windows\SysWOW64\blank.htm
R0 - HKCU\Software\Microsoft\Internet Explorer\Toolbar,LinksFolderName =
O4 - HKLM\..\Run: [Boingo Wi-Fi] "C:\Program Files (x86)\Boingo\Boingo Wi-Fi\Boingo.lnk"
O4 - HKLM\..\Run: [ATKMEDIA] C:\Program Files (x86)\ASUS\ATK Package\ATK Media\DMedia.exe
O4 - HKLM\..\Run: [HControlUser] C:\Program Files (x86)\ASUS\ATK Package\ATK Hotkey\HControlUser.exe
O4 - HKLM\..\Run: [Wireless Console 3] C:\Program Files (x86)\ASUS\Wireless Console 3\wcourier.exe
O4 - HKLM\..\Run: [PDFPrint] C:\Program Files (x86)\PDF24\pdf24.exe
O4 - HKCU\..\Run: [Syncables] C:\Program Files (x86)\syncables\syncables desktop\Syncables.exe
O4 - HKCU\..\Run: [EPSON Stylus DX4400 Series] C:\Windows\system32\spool\DRIVERS\x64\3\E_IATICAE.EXE /FU "C:\Windows\TEMP\E_SE1C8.tmp" /EF "HKCU"
O4 - HKCU\..\Run: [CCleaner Smart Cleaning] "C:\Program Files (x86)\CCleaner\CCleaner64.exe" /MONITOR
O4 - HKUS\S-1-5-19\..\Run: [Sidebar] %ProgramFiles%\Windows Sidebar\Sidebar.exe /autoRun (User 'LOCAL SERVICE')
O4 - HKUS\S-1-5-20\..\Run: [Sidebar] %ProgramFiles%\Windows Sidebar\Sidebar.exe /autoRun (User 'NETWORK SERVICE')
O4 - Global Startup: Bluetooth.lnk = ?
O4 - Global Startup: Microsoft Office.lnk = C:\Program Files (x86)\Microsoft Office\Office10\OSA.EXE
O4 - Global Startup: SRS Premium Sound.lnk = ?
O8 - Extra context menu item: E&xportovat do aplikace Microsoft Excel - res://C:\PROGRA~2\MICROS~1\Office12\EXCEL.EXE/3000
O8 - Extra context menu item: Od&eslat do aplikace OneNote - res://C:\PROGRA~2\MICROS~1\Office14\ONBttnIE.dll/105
O9 - Extra button: Odeslat do aplikace OneNote - {2670000A-7350-4f3c-8081-5663EE0C6C49} - C:\PROGRA~2\MICROS~1\Office12\ONBttnIE.dll
O9 - Extra 'Tools' menuitem: Od&eslat do aplikace OneNote - {2670000A-7350-4f3c-8081-5663EE0C6C49} - C:\PROGRA~2\MICROS~1\Office12\ONBttnIE.dll
O10 - Unknown file in Winsock LSP: c:\program files (x86)\common files\microsoft shared\windows live\wlidnsp.dll
O10 - Unknown file in Winsock LSP: c:\program files (x86)\common files\microsoft shared\windows live\wlidnsp.dll
O11 - Options group: [ACCELERATED_GRAPHICS] Accelerated graphics
O17 - HKLM\System\CCS\Services\Tcpip\..\{49A5CF24-CAF7-482B-B1E1-E76E49B50515}: NameServer = 10.255.255.10,10.255.255.20
O18 - Protocol: grooveLocalGWS - {88FED34C-F0CA-4636-A375-3CB6248B04CD} - C:\Program Files (x86)\Microsoft Office\Office12\GrooveSystemServices.dll
O18 - Protocol: skype4com - {FFC8B962-9B40-4DFF-9458-1830C7DD7F5D} - (no file)
O18 - Protocol: wlpg - {E43EF6CD-A37A-4A9B-9E6F-83F89B8E6324} - C:\Program Files (x86)\Windows Live\Photo Gallery\AlbumDownloadProtocolHandler.dll
O23 - Service: ADSM Service (ADSMService) - ASUSTek Computer Inc. - C:\Program Files (x86)\ASUS\ASUS Data Security Manager\ADSMSrv.exe
O23 - Service: AFBAgent - Unknown owner - C:\Windows\system32\FBAgent.exe (file missing)
O23 - Service: @%SystemRoot%\system32\Alg.exe,-112 (ALG) - Unknown owner - C:\Windows\System32\alg.exe (file missing)
O23 - Service: ASLDR Service (ASLDRService) - ASUS - C:\Program Files (x86)\ASUS\ATK Package\ATK Hotkey\ASLDRSrv.exe
O23 - Service: aswbIDSAgent - AVAST Software - C:\Program Files\AVAST Software\Avast\aswidsagent.exe
O23 - Service: ATKGFNEX Service (ATKGFNEXSrv) - ASUS - C:\Program Files (x86)\ASUS\ATK Package\ATKGFNEX\GFNEXSrv.exe
O23 - Service: Avast Antivirus (avast! Antivirus) - AVAST Software - C:\Program Files\AVAST Software\Avast\AvastSvc.exe
O23 - Service: Avast Tools (avast! Tools) - AVAST Software - C:\Program Files\AVAST Software\Avast\aswToolsSvc.exe
O23 - Service: AvastWscReporter - AVAST Software - C:\Program Files\AVAST Software\Avast\wsc_proxy.exe
O23 - Service: Bluetooth Service (btwdins) - Broadcom Corporation. - C:\Program Files\WIDCOMM\Bluetooth Software\btwdins.exe
O23 - Service: COMODO Dragon Update Service (DragonUpdater) - Comodo Security Solutions, Inc. - C:\Program Files (x86)\Comodo\Dragon\dragon_updater.exe
O23 - Service: @%SystemRoot%\system32\efssvc.dll,-100 (EFS) - Unknown owner - C:\Windows\System32\lsass.exe (file missing)
O23 - Service: EPSON V3 Service4(01) (EPSON_PM_RPCV4_01) - SEIKO EPSON CORPORATION - C:\ProgramData\EPSON\EPW!3 SSRP\E_S40RPB.EXE
O23 - Service: @%systemroot%\system32\fxsresm.dll,-118 (Fax) - Unknown owner - C:\Windows\system32\fxssvc.exe (file missing)
O23 - Service: Google Chrome Elevation Service (GoogleChromeElevationService) (GoogleChromeElevationService) - Google LLC - C:\Program Files (x86)\Google\Chrome\Application\97.0.4692.99\elevation_service.exe
O23 - Service: Služba Google Update (gupdate) (gupdate) - Google Inc. - C:\Program Files (x86)\Google\Update\GoogleUpdate.exe
O23 - Service: Služba Google Update (gupdatem) (gupdatem) - Google Inc. - C:\Program Files (x86)\Google\Update\GoogleUpdate.exe
O23 - Service: @%SystemRoot%\system32\ieetwcollectorres.dll,-1000 (IEEtwCollectorService) - Unknown owner - C:\Windows\system32\IEEtwCollector.exe (file missing)
O23 - Service: @keyiso.dll,-100 (KeyIso) - Unknown owner - C:\Windows\system32\lsass.exe (file missing)
O23 - Service: Intel(R) Management and Security Application Local Management Service (LMS) - Intel Corporation - C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\LMS\LMS.exe
O23 - Service: MBAMService - Malwarebytes Corporation - C:\Program Files (x86)\Malwarebytes Anti-Malware\mbamservice.exe
O23 - Service: @comres.dll,-2797 (MSDTC) - Unknown owner - C:\Windows\System32\msdtc.exe (file missing)
O23 - Service: @%SystemRoot%\System32\netlogon.dll,-102 (Netlogon) - Unknown owner - C:\Windows\system32\lsass.exe (file missing)
O23 - Service: @%systemroot%\system32\psbase.dll,-300 (ProtectedStorage) - Unknown owner - C:\Windows\system32\lsass.exe (file missing)
O23 - Service: Cyberlink RichVideo Service(CRVS) (RichVideo) - Unknown owner - C:\Program Files (x86)\CyberLink\Shared files\RichVideo.exe
O23 - Service: @%systemroot%\system32\Locator.exe,-2 (RpcLocator) - Unknown owner - C:\Windows\system32\locator.exe (file missing)
O23 - Service: @%SystemRoot%\system32\samsrv.dll,-1 (SamSs) - Unknown owner - C:\Windows\system32\lsass.exe (file missing)
O23 - Service: @%SystemRoot%\system32\snmptrap.exe,-3 (SNMPTRAP) - Unknown owner - C:\Windows\System32\snmptrap.exe (file missing)
O23 - Service: @%systemroot%\system32\spoolsv.exe,-1 (Spooler) - Unknown owner - C:\Windows\System32\spoolsv.exe (file missing)
O23 - Service: @%SystemRoot%\system32\sppsvc.exe,-101 (sppsvc) - Unknown owner - C:\Windows\system32\sppsvc.exe (file missing)
O23 - Service: @%SystemRoot%\system32\ui0detect.exe,-101 (UI0Detect) - Unknown owner - C:\Windows\system32\UI0Detect.exe (file missing)
O23 - Service: @%SystemRoot%\system32\vaultsvc.dll,-1003 (VaultSvc) - Unknown owner - C:\Windows\system32\lsass.exe (file missing)
O23 - Service: @%SystemRoot%\system32\vds.exe,-100 (vds) - Unknown owner - C:\Windows\System32\vds.exe (file missing)
O23 - Service: @%systemroot%\system32\vssvc.exe,-102 (VSS) - Unknown owner - C:\Windows\system32\vssvc.exe (file missing)
O23 - Service: @%SystemRoot%\system32\Wat\WatUX.exe,-601 (WatAdminSvc) - Unknown owner - C:\Windows\system32\Wat\WatAdminSvc.exe (file missing)
O23 - Service: @%systemroot%\system32\wbengine.exe,-104 (wbengine) - Unknown owner - C:\Windows\system32\wbengine.exe (file missing)
O23 - Service: @%Systemroot%\system32\wbem\wmiapsrv.exe,-110 (wmiApSrv) - Unknown owner - C:\Windows\system32\wbem\WmiApSrv.exe (file missing)
O23 - Service: @%PROGRAMFILES%\Windows Media Player\wmpnetwk.exe,-101 (WMPNetworkSvc) - Unknown owner - C:\Program Files (x86)\Windows Media Player\wmpnetwk.exe (file missing)

--
End of file - 9816 bytes

======Listing Processes======



\SystemRoot\System32\smss.exe
%SystemRoot%\system32\csrss.exe ObjectDirectory=\Windows SharedSection=1024,20480,768 Windows=On SubSystemType=Windows ServerDll=basesrv,1 ServerDll=winsrv:UserServerDllInitialization,3 ServerDll=winsrv:ConServerDllInitialization,2 ServerDll=sxssrv,4 ProfileControl=Off MaxRequestThreads=16
wininit.exe
%SystemRoot%\system32\csrss.exe ObjectDirectory=\Windows SharedSection=1024,20480,768 Windows=On SubSystemType=Windows ServerDll=basesrv,1 ServerDll=winsrv:UserServerDllInitialization,3 ServerDll=winsrv:ConServerDllInitialization,2 ServerDll=sxssrv,4 ProfileControl=Off MaxRequestThreads=16
C:\Windows\system32\services.exe
C:\Windows\system32\lsass.exe
C:\Windows\system32\lsm.exe
winlogon.exe
C:\Windows\system32\svchost.exe -k DcomLaunch
C:\Windows\system32\svchost.exe -k RPCSS
C:\Windows\System32\svchost.exe -k LocalServiceNetworkRestricted
C:\Windows\System32\svchost.exe -k LocalSystemNetworkRestricted
C:\Windows\system32\svchost.exe -k LocalService
C:\Windows\system32\svchost.exe -k netsvcs
"C:\Program Files\AVAST Software\Avast\wsc_proxy.exe" /runassvc /rpcserver
C:\Windows\system32\svchost.exe -k NetworkService
"C:\Windows\system32\FBAgent.exe"
"C:\Program Files (x86)\ASUS\ATK Package\ATK Hotkey\ASLDRSrv.exe"
"C:\Program Files (x86)\ASUS\ATK Package\ATKGFNEX\GFNEXSrv.exe"
"C:\Program Files\AVAST Software\Avast\AvastSvc.exe" /runassvc
"C:\Windows\system32\Dwm.exe"
C:\Windows\Explorer.EXE
"C:\Program Files\AVAST Software\Avast\aswToolsSvc.exe" /runassvc
"C:\Program Files\Elantech\ETDCtrl.exe"
"C:\Windows\System32\igfxtray.exe"
"C:\Windows\System32\hkcmd.exe"
"C:\Windows\System32\igfxpers.exe"
C:\Windows\System32\spoolsv.exe
AvastUI.exe /nogui
"C:\Program Files (x86)\syncables\syncables desktop\syncables.exe"
taskeng.exe {8C46DA87-D627-4BE7-AA01-CAAA169317E3}
C:\Windows\system32\svchost.exe -k LocalServiceNoNetwork
"taskhost.exe"
"C:\Program Files\WIDCOMM\Bluetooth Software\BTTray.exe"
"C:\Program Files (x86)\syncables\syncables desktop\jre\bin\javaw.exe" -Xms56m -Xmx112m -classpath .;syncables.jar migoDesktop.migoDesktopMain sid=S-1-5-21-2238446362-149773792-617086920-1000
taskeng.exe {69FE9C87-BD5F-4CCA-9D96-B1BC96A4549D}
"C:\Program Files (x86)\ASUS\ATK Package\ATK Hotkey\HControl.exe"
"C:\Program Files (x86)\ASUS\ASUS Data Security Manager\ADSMTray.exe"
"C:\Program Files\SRS Labs\SRS Premium Sound Control Panel\SRSPremiumPanel_64.exe" /f=srs_premium_sound_nopreset.zip /h
taskeng.exe {581FFAC4-7FAB-44E7-AC68-4D7B39C76008}
"C:\Program Files (x86)\ASUS\SmartLogon\sensorsrv.exe"
"C:\Program Files\P4G\BatteryLife.exe"
"C:\Program Files (x86)\ASUS\ASUS CopyProtect\aspg.exe"
"C:\Windows\AsScrPro.exe"
"C:\Program Files (x86)\Microsoft\EdgeUpdate\MicrosoftEdgeUpdate.exe" /c
"C:\Program Files (x86)\ASUS\ATK Package\ATKOSD2\ATKOSD2.exe"
"C:\Program Files (x86)\CCleaner\CCleaner.exe" /MONITOR /uac
"C:\Program Files (x86)\Boingo\Boingo Wi-Fi\Boingo Wi-Fi.exe"
"C:\Program Files (x86)\ASUS\ATK Package\ATK Media\DMedia.exe"
"C:\Program Files (x86)\ASUS\ATK Package\ATK Hotkey\HControlUser.exe"
"C:\Program Files (x86)\ASUS\Wireless Console 3\wcourier.exe"
"C:\Program Files (x86)\PDF24\pdf24.exe"
"C:\Program Files\WIDCOMM\Bluetooth Software\btwdins.exe"
C:\Windows\System32\svchost.exe -k utcsvc
"C:\Program Files (x86)\Comodo\Dragon\dragon_updater.exe"
"C:\ProgramData\EPSON\EPW!3 SSRP\E_S40RPB.EXE"
"C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\LMS\LMS.exe"
"C:\Program Files (x86)\syncables\syncables desktop\\syncablesMAPI.exe"
"C:\Program Files\AVAST Software\Avast\aswEngSrv.exe" /pipename="5F5B5483-E0B2-316F-2FD8-484375EE3F3C" /binpath="C:\Program Files\AVAST Software\Avast" /logpath="C:\ProgramData\AVAST Software\Avast\log"
C:\Windows\system32\svchost.exe -k imgsvc
"C:\Program Files\Common Files\Microsoft Shared\Windows Live\WLIDSVC.EXE"
WLIDSvcM.exe 2568
C:\Windows\system32\SearchIndexer.exe /Embedding
"C:\Program Files (x86)\ASUS\ASUS Data Security Manager\ADSMSrv.exe"
C:\Windows\system32\svchost.exe -k bthsvcs
C:\Windows\system32\svchost.exe -k NetworkServiceNetworkRestricted
"C:\Program Files\WIDCOMM\Bluetooth Software\BtStackServer.exe" -Embedding
C:\Windows\servicing\TrustedInstaller.exe
"C:\Program Files (x86)\CyberLink\Shared files\RichVideo.exe"
"C:\Program Files\Elantech\ETDCtrlHelper.exe"
C:\Windows\system32\wbem\wmiprvse.exe
C:\Windows\system32\wbem\wmiprvse.exe
"C:\Program Files\AVAST Software\Avast\aswidsagent.exe"
ATKOSD.exe
WDC.exe
"C:\Program Files\WIDCOMM\Bluetooth Software\BluetoothHeadsetProxy.exe"
C:\Windows\system32\wbem\unsecapp.exe -Embedding
"C:\Program Files\AVAST Software\Avast\AvastUI.exe" --type=gpu-process --field-trial-handle=2312,5240316981483910046,7138858319509981544,131072 --disable-features=CookiesWithoutSameSiteMustBeSecure,ForcedColors,SameSiteByDefaultCookies,SameSiteDefaultChecksMethodRigorously --no-sandbox --disable-gpu-driver-bug-workarounds --log-file="C:\Users\vev\AppData\Roaming\Avast Software\Avast\log\cef_log.txt" --log-severity=error --user-agent="Mozilla/5.0 AppleWebKit/537.36 (KHTML, like Gecko) Chrome/72.3.3626.1895 Safari/537.36 Avastium (0.0.0)" --lang=cs-CZ --proxy-auto-detect --disable-webaudio --force-wave-audio --disable-software-rasterizer --no-sandbox --blacklist-accelerated-compositing --disable-accelerated-2d-canvas --disable-accelerated-compositing --disable-accelerated-layers --disable-accelerated-video-decode --blacklist-webgl --disable-bundled-ppapi-flash --disable-flash-3d --enable-aggressive-domstorage-flushing --enable-media-stream --allow-file-access-from-files=1 --pack_loading_disabled=1 --gpu-preferences=SAAAAAAAAADgAABwAAAAAAAAAAAAAAAAAABgAAAAAAAoAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAB4AAAAAAAAAHgAAAAAAAAAKAAAAAQAAAAgAAAAAAAAACgAAAAAAAAAMAAAAAAAAAA4AAAAAAAAABAAAAAAAAAAAAAAAAUAAAAQAAAAAAAAAAAAAAAGAAAAEAAAAAAAAAABAAAABQAAABAAAAAAAAAAAQAAAAYAAAAIAAAAAAAAAAgAAAAAAAAA --use-gl=swiftshader-webgl --log-file="C:\Users\vev\AppData\Roaming\Avast Software\Avast\log\cef_log.txt" --mojo-platform-channel-handle=3588 /prefetch:2
"C:\Program Files\AVAST Software\Avast\AvastUI.exe" --type=utility --utility-sub-type=storage.mojom.StorageService --field-trial-handle=2312,5240316981483910046,7138858319509981544,131072 --disable-features=CookiesWithoutSameSiteMustBeSecure,ForcedColors,SameSiteByDefaultCookies,SameSiteDefaultChecksMethodRigorously --lang=cs --service-sandbox-type=utility --no-sandbox --force-wave-audio --log-file="C:\Users\vev\AppData\Roaming\Avast Software\Avast\log\cef_log.txt" --log-severity=error --user-agent="Mozilla/5.0 AppleWebKit/537.36 (KHTML, like Gecko) Chrome/72.3.3626.1895 Safari/537.36 Avastium (0.0.0)" --lang=cs-CZ --proxy-auto-detect --disable-webaudio --force-wave-audio --disable-software-rasterizer --no-sandbox --blacklist-accelerated-compositing --disable-accelerated-2d-canvas --disable-accelerated-compositing --disable-accelerated-layers --disable-accelerated-video-decode --blacklist-webgl --disable-bundled-ppapi-flash --disable-flash-3d --enable-aggressive-domstorage-flushing --enable-media-stream --allow-file-access-from-files=1 --pack_loading_disabled=1 --log-file="C:\Users\vev\AppData\Roaming\Avast Software\Avast\log\cef_log.txt" --mojo-platform-channel-handle=7292 /prefetch:8
"C:\Program Files\AVAST Software\Avast\AvastUI.exe" --type=utility --utility-sub-type=network.mojom.NetworkService --field-trial-handle=2312,5240316981483910046,7138858319509981544,131072 --disable-features=CookiesWithoutSameSiteMustBeSecure,ForcedColors,SameSiteByDefaultCookies,SameSiteDefaultChecksMethodRigorously --lang=cs --service-sandbox-type=none --no-sandbox --force-wave-audio --log-file="C:\Users\vev\AppData\Roaming\Avast Software\Avast\log\cef_log.txt" --log-severity=error --user-agent="Mozilla/5.0 AppleWebKit/537.36 (KHTML, like Gecko) Chrome/72.3.3626.1895 Safari/537.36 Avastium (0.0.0)" --lang=cs-CZ --proxy-auto-detect --disable-webaudio --force-wave-audio --disable-software-rasterizer --no-sandbox --blacklist-accelerated-compositing --disable-accelerated-2d-canvas --disable-accelerated-compositing --disable-accelerated-layers --disable-accelerated-video-decode --blacklist-webgl --disable-bundled-ppapi-flash --disable-flash-3d --enable-aggressive-domstorage-flushing --enable-media-stream --allow-file-access-from-files=1 --pack_loading_disabled=1 --log-file="C:\Users\vev\AppData\Roaming\Avast Software\Avast\log\cef_log.txt" --mojo-platform-channel-handle=7588 /prefetch:8
C:\Windows\system32\svchost.exe -k LocalServiceAndNoImpersonation
"C:\Program Files\Windows Media Player\wmpnetwk.exe"

C:\Windows\system32\igfxsrvc.exe -Embedding
"C:\Setup - instalačky\RSITx64.exe"


======Registry dump======

[HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Run]
"ETDWare"=C:\Program Files\Elantech\ETDCtrl.exe [2010-06-10 649608]
"SmartAudio"=C:\Program Files\CONEXANT\SAII\SAIICpl.exe [2009-11-19 307768]
"IgfxTray"=C:\Windows\system32\igfxtray.exe [2012-01-10 167704]
"HotKeysCmds"=C:\Windows\system32\hkcmd.exe [2012-01-10 392984]
"Persistence"=C:\Windows\system32\igfxpers.exe [2012-01-10 417560]
"AvastUI.exe"=C:\Program Files\AVAST Software\Avast\AvLaunch.exe [2021-12-20 157464]

[HKEY_CURRENT_USER\Software\Microsoft\Windows\CurrentVersion\Run]
"Syncables"=C:\Program Files (x86)\syncables\syncables desktop\Syncables.exe [2010-04-05 370480]
"EPSON Stylus DX4400 Series"=C:\Windows\system32\spool\DRIVERS\x64\3\E_IATICAE.EXE [2007-03-01 211456]
"CCleaner Smart Cleaning"=C:\Program Files (x86)\CCleaner\CCleaner64.exe [2018-09-16 18630056]

[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\Adobe Reader Speed Launcher]
C:\Program Files (x86)\Adobe\Reader 9.0\Reader\Reader_sl.exe [2013-05-08 41056]

[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\ADSMTray]
C:\Program Files (x86)\ASUS\ASUS Data Security Manager\ADSMTray.exe [2009-06-24 272952]

[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\ASUS Screen Saver Protector]
C:\Windows\AsScrPro.exe [2010-10-28 3054136]

[HKEY_LOCAL_MACHINE\Software\wow6432node\Microsoft\Windows\CurrentVersion\Run]
"Boingo Wi-Fi"=C:\Program Files (x86)\Boingo\Boingo Wi-Fi\Boingo.lnk [2010-10-28 2429]
"ATKMEDIA"=C:\Program Files (x86)\ASUS\ATK Package\ATK Media\DMedia.exe [2010-05-03 170624]
"HControlUser"=C:\Program Files (x86)\ASUS\ATK Package\ATK Hotkey\HControlUser.exe [2009-06-19 105016]
"Wireless Console 3"=C:\Program Files (x86)\ASUS\Wireless Console 3\wcourier.exe [2010-08-12 1597440]
"PDFPrint"=C:\Program Files (x86)\PDF24\pdf24.exe [2014-11-28 193568]

C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Startup
Bluetooth.lnk - C:\Program Files\WIDCOMM\Bluetooth Software\BTTray.exe
Microsoft Office.lnk - C:\Program Files (x86)\Microsoft Office\Office10\OSA.EXE
SRS Premium Sound.lnk - C:\Windows\Installer\{E5CF6B9C-3ABE-43C9-9413-AD5FFC98F049}\NewShortcut5_21C7B668029A47458B27645FE6E4A715.exe

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Winlogon\Notify\igfxcui]
C:\Windows\system32\igfxdev.dll [2012-01-10 390656]

[HKEY_LOCAL_MACHINE\SOFTWARE\wow6432node\Microsoft\Windows\CurrentVersion\Explorer\ShellExecuteHooks]
"{B5A7F190-DDA6-4420-B3BA-52453494E6CD}"=C:\Program Files (x86)\Microsoft Office\Office12\GrooveShellExtensions.dll [2009-02-26 2217832]

[HKEY_LOCAL_MACHINE\system\currentcontrolset\control\securityproviders]
"SecurityProviders"=credssp.dll

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\aswSP.sys]

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\network\AFD]

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\network\aswSP.sys]

[HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Policies\System]
"ConsentPromptBehaviorAdmin"=5
"ConsentPromptBehaviorUser"=3
"EnableUIADesktopToggle"=0
"dontdisplaylastusername"=0
"legalnoticecaption"=
"legalnoticetext"=
"shutdownwithoutlogon"=1
"undockwithoutlogon"=1
"SoftwareSASGeneration"=1

[HKEY_CURRENT_USER\Software\Microsoft\Windows\CurrentVersion\Policies\explorer]
"NoDriveTypeAutoRun"=0x00000000

[HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Policies\explorer]
"ForceActiveDesktopOn"=0

[HKEY_LOCAL_MACHINE\system\currentcontrolset\services\sharedaccess\parameters\firewallpolicy\standardprofile\authorizedapplications\list]

[HKEY_LOCAL_MACHINE\system\currentcontrolset\services\sharedaccess\parameters\firewallpolicy\domainprofile\authorizedapplications\list]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Drivers32]
"vidc.mrle"=msrle32.dll
"vidc.msvc"=msvidc32.dll
"msacm.imaadpcm"=imaadp32.acm
"msacm.msg711"=msg711.acm
"msacm.msgsm610"=msgsm32.acm
"msacm.msadpcm"=msadp32.acm
"midimapper"=midimap.dll
"wavemapper"=msacm32.drv
"VIDC.UYVY"=msyuv.dll
"VIDC.YUY2"=msyuv.dll
"VIDC.YVYU"=msyuv.dll
"VIDC.IYUV"=iyuv_32.dll
"vidc.i420"=iyuv_32.dll
"VIDC.YVU9"=tsbyuv.dll
"msacm.l3acm"=C:\Windows\System32\l3codeca.acm
"MSVideo8"=VfWWDM32.dll
"wave1"=wdmaud.drv
"midi1"=wdmaud.drv
"mixer1"=wdmaud.drv
"aux1"=wdmaud.drv
"wave"=wdmaud.drv
"midi"=wdmaud.drv
"mixer"=wdmaud.drv
"aux"=wdmaud.drv
"wave2"=wdmaud.drv
"midi2"=wdmaud.drv
"mixer2"=wdmaud.drv
"wave3"=wdmaud.drv
"midi3"=wdmaud.drv
"mixer3"=wdmaud.drv
"wave4"=wdmaud.drv
"midi4"=wdmaud.drv
"mixer4"=wdmaud.drv

======File associations======

.js - edit - C:\Windows\System32\Notepad.exe %1
.js - open - C:\Windows\System32\WScript.exe "%1" %*

======List of files/folders created in the last 1 month======


======List of files/folders modified in the last 1 month======

2022-01-27 21:25:25 ----D---- C:\Windows\Prefetch
2022-01-27 21:25:23 ----D---- C:\Program Files\trend micro
2022-01-27 21:24:25 ----D---- C:\Program Files (x86)\Google
2022-01-27 21:23:58 ----D---- C:\Windows\Temp
2022-01-27 21:08:52 ----D---- C:\Windows\system32\Tasks
2022-01-27 21:08:52 ----D---- C:\ProgramData\AVAST Software
2022-01-27 21:08:43 ----D---- C:\Windows\system32\config
2022-01-27 21:08:43 ----D---- C:\Windows\inf
2022-01-27 21:08:22 ----A---- C:\Windows\SYSWOW64\log.txt
2022-01-27 21:08:07 ----D---- C:\Windows
2022-01-25 21:28:02 ----D---- C:\Windows\System32
2022-01-25 21:28:02 ----A---- C:\Windows\system32\PerfStringBackup.INI
2022-01-23 21:01:32 ----SHD---- C:\System Volume Information
2022-01-23 19:32:01 ----D---- C:\Windows\debug
2022-01-15 17:03:28 ----D---- C:\Windows\system32\MRT
2022-01-15 16:56:35 ----AC---- C:\Windows\system32\MRT.exe
2022-01-15 16:04:50 ----D---- C:\Windows\winsxs
2022-01-15 16:00:37 ----RD---- C:\Program Files (x86)
2022-01-15 15:56:17 ----D---- C:\Program Files (x86)\Webteh
2022-01-15 15:40:17 ----SHD---- C:\Windows\Installer
2022-01-15 15:40:11 ----SHD---- C:\Config.Msi
2022-01-15 15:39:52 ----D---- C:\Program Files
2022-01-15 15:38:57 ----D---- C:\Program Files\Common Files
2022-01-15 15:30:36 ----D---- C:\Program Files (x86)\PDF Architect
2022-01-15 15:30:13 ----D---- C:\Program Files (x86)\Common Files
2022-01-15 15:27:56 ----D---- C:\Windows\system32\DriverStore
2022-01-15 15:27:54 ----D---- C:\Windows\system32\catroot
2022-01-15 15:27:07 ----HD---- C:\ProgramData
2022-01-15 15:11:39 ----D---- C:\Windows\system32\Macromed
2022-01-15 15:11:37 ----D---- C:\Windows\SysWOW64
2022-01-15 15:11:29 ----D---- C:\Windows\SYSWOW64\Macromed

======List of drivers (R=Running, S=Stopped, 0=Boot, 1=System, 2=Auto, 3=Demand, 4=Disabled)======

R0 AsDsm;AsDsm; C:\Windows\system32\drivers\AsDsm.sys [2010-10-28 35384]
R0 aswArDisk;aswArDisk; C:\Windows\system32\drivers\aswArDisk.sys [2021-12-20 36784]
R0 aswbidsh;aswbidsh; C:\Windows\system32\drivers\aswbidsh.sys [2021-12-20 252992]
R0 aswbuniv;aswbuniv; C:\Windows\system32\drivers\aswbuniv.sys [2021-12-20 100416]
R0 aswRvrt;aswRvrt; C:\Windows\system32\drivers\aswRvrt.sys [2021-12-20 83976]
R0 aswVmm;aswVmm; C:\Windows\system32\drivers\aswVmm.sys [2021-12-20 318760]
R0 iaStor;Intel AHCI Controller; C:\Windows\system32\DRIVERS\iaStor.sys [2009-08-06 408600]
R0 lullaby;lullaby; C:\Windows\system32\DRIVERS\lullaby.sys [2009-06-18 15928]
R0 pciide;pciide; C:\Windows\system32\drivers\pciide.sys [2009-07-14 12352]
R0 rdyboost;ReadyBoost; C:\Windows\System32\drivers\rdyboost.sys [2018-01-01 213736]
R1 aswArPot;aswArPot; C:\Windows\system32\drivers\aswArPot.sys [2021-12-20 223176]
R1 aswbidsdriver;aswbidsdriver; C:\Windows\system32\drivers\aswbidsdriver.sys [2021-12-20 369216]
R1 aswKbd;aswKbd; C:\Windows\system32\drivers\aswKbd.sys [2021-12-20 42416]
R1 aswMonFlt;aswMonFlt; C:\Windows\system32\drivers\aswMonFlt.sys [2021-12-20 186280]
R1 aswNetHub;aswNetHub; C:\Windows\system32\drivers\aswNetHub.sys [2021-12-20 540056]
R1 aswRdr;aswRdr; C:\Windows\system32\drivers\aswRdr2.sys [2021-12-20 108912]
R1 aswSnx;aswSnx; C:\Windows\system32\drivers\aswSnx.sys [2021-12-20 853800]
R1 aswSP;aswSP; C:\Windows\system32\drivers\aswSP.sys [2021-12-20 545176]
R1 vwififlt;Virtual WiFi Filter Driver; C:\Windows\system32\DRIVERS\vwififlt.sys [2009-07-14 59904]
R2 ASMMAP64;ASMMAP64; \??\C:\Program Files (x86)\ASUS\ATK Package\ATKGFNEX\ASMMAP64.sys [2009-07-03 15416]
R2 aswStm;aswStm; C:\Windows\system32\drivers\aswStm.sys [2021-12-20 215432]
R3 aswNetNd6;Avast Firewall NDIS6 Helper; C:\Windows\system32\DRIVERS\aswNetNd6.sys [2020-04-15 38152]
R3 athr;Atheros Extensible Wireless LAN device driver; C:\Windows\system32\DRIVERS\athrx.sys [2011-06-27 2753536]
R3 BthEnum;Ovladač pro Bluetooth Request Block; C:\Windows\system32\drivers\BthEnum.sys [2019-07-30 41984]
R3 BthPan;Zařízení Bluetooth (síť PAN); C:\Windows\system32\drivers\bthpan.sys [2017-07-06 119296]
R3 BTHUSB;Ovladač rozhraní USB radiostanice Bluetooth; C:\Windows\System32\Drivers\BTHUSB.sys [2019-07-30 80384]
R3 btusbflt;Bluetooth USB Filter; C:\Windows\system32\drivers\btusbflt.sys [2009-12-14 53800]
R3 btwaudio;Bluetooth Audio Device Service; C:\Windows\system32\drivers\btwaudio.sys [2010-01-15 98344]
R3 btwavdt;Bluetooth AVDT Service; C:\Windows\system32\DRIVERS\btwavdt.sys [2010-01-15 132648]
R3 btwl2cap;Bluetooth L2CAP Service; C:\Windows\system32\DRIVERS\btwl2cap.sys [2009-04-07 35104]
R3 btwrchid;btwrchid; C:\Windows\system32\DRIVERS\btwrchid.sys [2010-01-15 21288]
R3 CnxtHdAudService;Conexant UAA Function Driver for High Definition Audio Service; C:\Windows\system32\drivers\CHDRT64.sys [2010-01-18 717368]
R3 ETD;ELAN PS/2 Port Input Device; C:\Windows\system32\DRIVERS\ETD.sys [2010-07-21 129024]
R3 HECIx64;Intel(R) Management Engine Interface; C:\Windows\system32\DRIVERS\HECIx64.sys [2009-09-17 56344]
R3 igfx;igfx; C:\Windows\system32\DRIVERS\igdkmd64.sys [2012-01-10 12311904]
R3 Impcd;Impcd; C:\Windows\system32\DRIVERS\Impcd.sys [2010-02-26 158976]
R3 IntcDAud;Intel(R) Display Audio; C:\Windows\system32\DRIVERS\IntcDAud.sys [2010-02-02 271872]
R3 JMCR;JMCR; C:\Windows\system32\DRIVERS\jmcr.sys [2009-08-18 143472]
R3 JME;JMicron Ethernet Adapter NDIS6.20 Driver (Amd64 Bits); C:\Windows\system32\DRIVERS\JME.sys [2010-02-25 115312]
R3 kbfiltr;Keyboard Filter; C:\Windows\system32\DRIVERS\kbfiltr.sys [2009-07-20 15416]
R3 MBAMProtector;MBAMProtector; \??\C:\Windows\system32\drivers\mbam.sys [2015-06-18 25816]
R3 MTsensor;ATK0100 ACPI UTILITY; C:\Windows\system32\DRIVERS\ATK64AMD.sys [2009-05-13 15928]
R3 RFCOMM;Bluetooth Device (RFCOMM Protocol TDI); C:\Windows\system32\DRIVERS\rfcomm.sys [2009-07-14 158720]
R3 SNP2UVC;USB2.0 PC Camera (SNP2UVC); C:\Windows\system32\DRIVERS\snp2uvc.sys [2009-08-20 1800192]
R3 vwifimp;Microsoft Virtual WiFi Miniport Service; C:\Windows\system32\DRIVERS\vwifimp.sys [2009-07-14 17920]
S3 BTHPORT;Ovladač portu Bluetooth; C:\Windows\System32\Drivers\BTHport.sys [2019-07-30 556032]
S3 fssfltr;FssFltr; C:\Windows\system32\DRIVERS\fssfltr.sys [2014-03-31 58056]
S3 MBAMWebAccessControl;MBAMWebAccessControl; \??\C:\Windows\system32\drivers\mwac.sys [2015-06-18 63704]
S3 nmwcd;Nokia USB Phone Parent Driver; C:\Windows\system32\drivers\ccdcmbx64.sys [2011-08-17 19968]
S3 sdbus;sdbus; C:\Windows\system32\drivers\sdbus.sys [2010-11-20 109056]
S3 SiSGbeLH;SiS191/SiS190 Ethernet Device NDIS 6.0 Driver; C:\Windows\system32\DRIVERS\SiSG664.sys [2009-06-10 56832]
S3 TsUsbFlt;TsUsbFlt; C:\Windows\system32\drivers\tsusbflt.sys [2010-11-20 59392]
S3 usbscan;Ovladač skeneru USB; C:\Windows\system32\drivers\usbscan.sys [2019-12-10 42496]
S3 WimFltr;WimFltr; C:\Windows\system32\DRIVERS\wimfltr.sys [2008-05-24 154168]
S3 WinUsb;WinUSB Driver; C:\Windows\system32\DRIVERS\WinUsb.sys [2010-11-20 41984]

======List of services (R=Running, S=Stopped, 0=Boot, 1=System, 2=Auto, 3=Demand, 4=Disabled)======

R2 AFBAgent;AFBAgent; C:\Windows\system32\FBAgent.exe [2010-06-22 379520]
R2 ASLDRService;ASLDR Service; C:\Program Files (x86)\ASUS\ATK Package\ATK Hotkey\ASLDRSrv.exe [2009-06-16 84536]
R2 ATKGFNEXSrv;ATKGFNEX Service; C:\Program Files (x86)\ASUS\ATK Package\ATKGFNEX\GFNEXSrv.exe [2009-12-15 96896]
R2 avast! Antivirus;Avast Antivirus; C:\Program Files\AVAST Software\Avast\AvastSvc.exe [2021-12-20 452888]
R2 avast! Tools;Avast Tools; C:\Program Files\AVAST Software\Avast\aswToolsSvc.exe [2021-12-20 452888]
R2 AvastWscReporter;AvastWscReporter; C:\Program Files\AVAST Software\Avast\wsc_proxy.exe [2021-05-30 56912]
R2 btwdins;Bluetooth Service; C:\Program Files\WIDCOMM\Bluetooth Software\btwdins.exe [2010-03-12 873248]
R2 DiagTrack;@%SystemRoot%\system32\UtcResources.dll,-3001; C:\Windows\System32\svchost.exe [2009-07-14 27136]
R2 DragonUpdater;COMODO Dragon Update Service; C:\Program Files (x86)\Comodo\Dragon\dragon_updater.exe [2014-05-27 2139328]
R2 EPSON_PM_RPCV4_01;EPSON V3 Service4(01); C:\ProgramData\EPSON\EPW!3 SSRP\E_S40RPB.EXE [2007-01-11 126464]
R2 LMS;Intel(R) Management and Security Application Local Management Service; C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\LMS\LMS.exe [2009-10-01 262144]
R2 wlidsvc;Windows Live ID Sign-in Assistant; C:\Program Files\Common Files\Microsoft Shared\Windows Live\WLIDSVC.EXE [2012-07-17 2292480]
R3 ADSMService;ADSM Service; C:\Program Files (x86)\ASUS\ASUS Data Security Manager\ADSMSrv.exe [2008-03-31 225280]
R3 aswbIDSAgent;aswbIDSAgent; C:\Program Files\AVAST Software\Avast\aswidsagent.exe [2021-12-20 8480848]
R3 RichVideo;Cyberlink RichVideo Service(CRVS); C:\Program Files (x86)\CyberLink\Shared files\RichVideo.exe [2010-04-06 244904]
S2 clr_optimization_v4.0.30319_32;Microsoft .NET Framework NGEN v4.0.30319_X86; C:\Windows\Microsoft.NET\Framework\v4.0.30319\mscorsvw.exe [2019-03-28 132792]
S2 clr_optimization_v4.0.30319_64;Microsoft .NET Framework NGEN v4.0.30319_X64; C:\Windows\Microsoft.NET\Framework64\v4.0.30319\mscorsvw.exe [2019-03-28 158912]
S2 edgeupdate;Služba Microsoft Edge Update (edgeupdate); C:\Program Files (x86)\Microsoft\EdgeUpdate\MicrosoftEdgeUpdate.exe [2020-07-08 224152]
S2 gupdate;Služba Google Update (gupdate); C:\Program Files (x86)\Google\Update\GoogleUpdate.exe [2015-08-31 144200]
S2 MBAMService;MBAMService; C:\Program Files (x86)\Malwarebytes Anti-Malware\mbamservice.exe [2015-06-18 1133880]
S3 edgeupdatem;Služba Microsoft Edge Update (edgeupdatem); C:\Program Files (x86)\Microsoft\EdgeUpdate\MicrosoftEdgeUpdate.exe [2020-07-08 224152]
S3 fsssvc;Windows Live Family Safety Service; C:\Program Files (x86)\Windows Live\Family Safety\fsssvc.exe [2014-03-31 1512640]
S3 GoogleChromeElevationService;Google Chrome Elevation Service (GoogleChromeElevationService); C:\Program Files (x86)\Google\Chrome\Application\97.0.4692.99\elevation_service.exe [2022-01-19 1279832]
S3 gupdatem;Služba Google Update (gupdatem); C:\Program Files (x86)\Google\Update\GoogleUpdate.exe [2015-08-31 144200]
S3 IEEtwCollectorService;@%SystemRoot%\system32\ieetwcollectorres.dll,-1000; C:\Windows\system32\IEEtwCollector.exe [2019-12-17 116224]
S3 Microsoft Office Groove Audit Service;Microsoft Office Groove Audit Service; C:\Program Files (x86)\Microsoft Office\Office12\GrooveAuditService.exe [2009-02-26 64856]
S3 MicrosoftEdgeElevationService;Microsoft Edge Elevation Service (MicrosoftEdgeElevationService); C:\Program Files (x86)\Microsoft\Edge\Application\83.0.478.50\elevation_service.exe [2020-06-12 1507216]
S3 odserv;Microsoft Office Diagnostics Service; C:\Program Files (x86)\Common Files\Microsoft Shared\OFFICE12\ODSERV.EXE [2011-07-20 440696]
S3 ose;Office Source Engine; C:\Program Files (x86)\Common Files\Microsoft Shared\Source Engine\OSE.EXE [2006-10-26 145184]
S3 WatAdminSvc;@%SystemRoot%\system32\Wat\WatUX.exe,-601; C:\Windows\system32\Wat\WatAdminSvc.exe [2011-08-31 1255736]
S3 WiaRpc;@%SystemRoot%\system32\wiarpc.dll,-2; C:\Windows\system32\svchost.exe [2009-07-14 27136]
S4 aspnet_state;Stavová služba ASP.NET; C:\Windows\Microsoft.NET\Framework64\v4.0.30319\aspnet_state.exe [2019-03-28 54912]
S4 NetMsmqActivator;@C:\Windows\Microsoft.NET\Framework64\v4.0.30319\\ServiceModelInstallRC.dll,-8195; C:\Windows\Microsoft.NET\Framework64\v4.0.30319\SMSvcHost.exe [2019-03-28 136256]
S4 NetPipeActivator;@C:\Windows\Microsoft.NET\Framework64\v4.0.30319\\ServiceModelInstallRC.dll,-8197; C:\Windows\Microsoft.NET\Framework64\v4.0.30319\SMSvcHost.exe [2019-03-28 136256]
S4 NetTcpActivator;@C:\Windows\Microsoft.NET\Framework64\v4.0.30319\\ServiceModelInstallRC.dll,-8199; C:\Windows\Microsoft.NET\Framework64\v4.0.30319\SMSvcHost.exe [2019-03-28 136256]

-----------------EOF-----------------

[Rudy]

Zdravím!
Dejte logy FRST+Addition: https://forum.viry.cz/viewtopic.php?f=13&t=154679 . Je plně kompatibilní s 64b systémy a podrobnější. Děkuji.

[vev]

Zdravím

vkládám log z FRST:


Scan result of Farbar Recovery Scan Tool (FRST) (x64) Version: 26-01-2022
Ran by vev (administrator) on VEV-PC (ASUSTeK Computer Inc. K52F) (30-01-2022 12:13:36)
Running from C:\Users\vev\Pictures\Desktop
Loaded Profiles: vev
Platform: Microsoft Windows 7 Home Premium Service Pack 1 (X64) Language: Čeština (Česká republika)
Default browser: Chrome
Boot Mode: Normal

==================== Processes (Whitelisted) =================

(If an entry is included in the fixlist, the process will be closed. The file will not be moved.)

() [File not signed] C:\Program Files (x86)\ASUS\Wireless Console 3\wcourier.exe
(ASUSTeK Computer Inc. -> ASUS) C:\Program Files (x86)\ASUS\ASUS CopyProtect\ASPG.exe
(ASUSTeK Computer Inc. -> ASUS) C:\Program Files (x86)\ASUS\ATK Package\ATK Hotkey\AsLdrSrv.exe
(ASUSTeK Computer Inc. -> ASUS) C:\Program Files (x86)\ASUS\ATK Package\ATK Hotkey\ATKOSD.exe
(ASUSTeK Computer Inc. -> ASUS) C:\Program Files (x86)\ASUS\ATK Package\ATK Hotkey\HControl.exe
(ASUSTeK Computer Inc. -> ASUS) C:\Program Files (x86)\ASUS\ATK Package\ATK Hotkey\HControlUser.exe
(ASUSTeK Computer Inc. -> ASUS) C:\Program Files (x86)\ASUS\ATK Package\ATK Hotkey\WDC.exe
(ASUSTeK Computer Inc. -> ASUS) C:\Program Files (x86)\ASUS\ATK Package\ATK Media\DMedia.exe
(ASUSTeK Computer Inc. -> ASUS) C:\Program Files (x86)\ASUS\ATK Package\ATKGFNEX\GFNEXSrv.exe
(ASUSTeK Computer Inc. -> ASUS) C:\Program Files (x86)\ASUS\ATK Package\ATKOSD2\ATKOSD2.exe
(ASUSTeK Computer Inc. -> ASUS) C:\Program Files (x86)\ASUS\SmartLogon\sensorsrv.exe
(ASUSTeK Computer Inc. -> ASUS) C:\Program Files (x86)\ASUS\SmartLogon\smartlogon.exe
(ASUSTeK Computer Inc. -> ASUS) C:\Windows\AsScrPro.exe
(ASUSTeK Computer Inc. -> ASUSTek Computer Inc.) C:\Program Files (x86)\ASUS\ASUS Data Security Manager\ADSMTray.exe
(ASUSTeK Computer Inc. -> ASUSTeK Computer Inc.) C:\Windows\System32\FBAgent.exe
(ASUSTeK Computer Inc. -> ATK) C:\Program Files\P4G\BatteryLife.exe
(ASUSTek Computer Inc.) [File not signed] C:\Program Files (x86)\ASUS\ASUS Data Security Manager\ADSMSrv.exe
(Avast Software s.r.o. -> AVAST Software) C:\Program Files\AVAST Software\Avast\aswEngSrv.exe
(Avast Software s.r.o. -> AVAST Software) C:\Program Files\AVAST Software\Avast\aswidsagent.exe
(Avast Software s.r.o. -> AVAST Software) C:\Program Files\AVAST Software\Avast\aswToolsSvc.exe
(Avast Software s.r.o. -> AVAST Software) C:\Program Files\AVAST Software\Avast\AvastSvc.exe
(Avast Software s.r.o. -> AVAST Software) C:\Program Files\AVAST Software\Avast\AvastUI.exe <4>
(Avast Software s.r.o. -> AVAST Software) C:\Program Files\AVAST Software\Avast\AvEmUpdate.exe
(Avast Software s.r.o. -> AVAST Software) C:\Program Files\AVAST Software\Avast\wsc_proxy.exe
(Boingo Wireless -> Boingo Wireless, Inc.) C:\Program Files (x86)\Boingo\Boingo Wi-Fi\Boingo Wi-Fi.exe
(Broadcom Corporation -> Broadcom Corporation.) C:\Program Files\WIDCOMM\Bluetooth Software\BluetoothHeadsetProxy.exe
(Broadcom Corporation -> Broadcom Corporation.) C:\Program Files\WIDCOMM\Bluetooth Software\BTStackServer.exe
(Broadcom Corporation -> Broadcom Corporation.) C:\Program Files\WIDCOMM\Bluetooth Software\BTTray.exe
(Broadcom Corporation -> Broadcom Corporation.) C:\Program Files\WIDCOMM\Bluetooth Software\btwdins.exe
(Comodo Security Solutions -> Comodo Security Solutions, Inc.) C:\Program Files (x86)\Comodo\Dragon\dragon_updater.exe
(CyberLink -> ) [File not signed] C:\Program Files (x86)\CyberLink\Shared files\RichVideo.exe
(DATA TRANSFER OF NEVADA, LLC -> Sun Microsystems, Inc.) C:\Program Files (x86)\syncables\syncables desktop\jre\bin\javaw.exe
(DATA TRANSFER OF NEVADA, LLC -> syncables, LLC) C:\Program Files (x86)\syncables\syncables desktop\syncables.exe
(DATA TRANSFER OF NEVADA, LLC -> syncables, LLC) C:\Program Files (x86)\syncables\syncables desktop\syncablesMAPI.exe
(ELAN Microelectronics Corporation -> ELAN Microelectronic Corp.) C:\Program Files\Elantech\ETDCtrl.exe
(ELAN Microelectronics Corporation -> ELAN Microelectronic Corp.) C:\Program Files\Elantech\ETDCtrlHelper.exe
(Geek Software GmbH -> Geek Software GmbH) C:\Program Files (x86)\PDF24\pdf24.exe
(Google Inc -> Google Inc.) C:\Program Files (x86)\Google\Update\GoogleUpdate.exe <4>
(Google LLC -> Google LLC) C:\Program Files (x86)\Google\Update\1.3.36.122\GoogleCrashHandler.exe
(Google LLC -> Google LLC) C:\Program Files (x86)\Google\Update\1.3.36.122\GoogleCrashHandler64.exe
(Intel Corporation -> Intel Corporation) C:\Windows\System32\hkcmd.exe
(Intel Corporation -> Intel Corporation) C:\Windows\System32\igfxpers.exe
(Intel Corporation -> Intel Corporation) C:\Windows\System32\igfxtray.exe
(Intel Corporation) [File not signed] C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\LMS\LMS.exe
(Microsoft Corporation -> Microsoft Corp.) C:\Program Files\Common Files\Microsoft Shared\Windows Live\WLIDSVC.EXE
(Microsoft Corporation -> Microsoft Corp.) C:\Program Files\Common Files\Microsoft Shared\Windows Live\WLIDSVCM.EXE
(Microsoft Corporation -> Microsoft Corporation) C:\Program Files (x86)\Microsoft\EdgeUpdate\MicrosoftEdgeUpdate.exe <4>
(Microsoft Windows -> Microsoft Corporation) C:\Windows\System32\CompatTelRunner.exe
(Microsoft Windows -> Microsoft Corporation) C:\Windows\System32\dllhost.exe
(Microsoft Windows -> Microsoft Corporation) C:\Windows\System32\lpksetup.exe
(Microsoft Windows -> Microsoft Corporation) C:\Windows\System32\sdclt.exe
(Microsoft Windows -> Microsoft Corporation) C:\Windows\System32\sipnotify.exe
(Microsoft Windows -> Microsoft Corporation) C:\Windows\System32\wbem\WMIADAP.exe
(Microsoft Windows Hardware Compatibility Publisher -> SEIKO EPSON CORPORATION) C:\ProgramData\EPSON\EPW!3 SSRP\E_S40RPB.EXE
(Piriform Software Ltd -> Piriform Software Ltd) C:\Program Files (x86)\CCleaner\CCUpdate.exe
(SRS Labs, Inc -> SRS Labs, Inc.) C:\Program Files\SRS Labs\SRS Premium Sound Control Panel\SRSPremiumPanel_64.exe

==================== Registry (Whitelisted) ===================

(If an entry is included in the fixlist, the registry item will be restored to default or removed. The file will not be moved.)

HKLM\...\Run: [ETDWare] => C:\Program Files\Elantech\ETDCtrl.exe [649608 2010-06-10] (ELAN Microelectronics Corporation -> ELAN Microelectronic Corp.)
HKLM\...\Run: [SmartAudio] => C:\Program Files\CONEXANT\SAII\SAIICpl.exe [307768 2009-11-19] (Conexant Systems, Inc. -> )
HKLM\...\Run: [AvastUI.exe] => C:\Program Files\AVAST Software\Avast\AvLaunch.exe [157464 2021-12-20] (Avast Software s.r.o. -> AVAST Software)
HKLM-x32\...\Run: [Boingo Wi-Fi] => C:\Program Files (x86)\Boingo\Boingo Wi-Fi\Boingo.lnk [2429 2010-10-28] () [File not signed]
HKLM-x32\...\Run: [ATKMEDIA] => C:\Program Files (x86)\ASUS\ATK Package\ATK Media\DMedia.exe [170624 2010-05-03] (ASUSTeK Computer Inc. -> ASUS)
HKLM-x32\...\Run: [HControlUser] => C:\Program Files (x86)\ASUS\ATK Package\ATK Hotkey\HControlUser.exe [105016 2009-06-19] (ASUSTeK Computer Inc. -> ASUS)
HKLM-x32\...\Run: [Wireless Console 3] => C:\Program Files (x86)\ASUS\Wireless Console 3\wcourier.exe [1597440 2010-08-12] () [File not signed]
HKLM-x32\...\Run: [PDFPrint] => C:\Program Files (x86)\PDF24\pdf24.exe [193568 2014-11-28] (Geek Software GmbH -> Geek Software GmbH)
HKLM\SOFTWARE\Policies\Microsoft\Windows Defender: Restriction <==== ATTENTION
HKU\S-1-5-21-2238446362-149773792-617086920-1000\...\Run: [Syncables] => C:\Program Files (x86)\syncables\syncables desktop\Syncables.exe [370480 2010-04-05] (DATA TRANSFER OF NEVADA, LLC -> syncables, LLC)
HKU\S-1-5-21-2238446362-149773792-617086920-1000\...\Run: [EPSON Stylus DX4400 Series] => C:\Windows\system32\spool\DRIVERS\x64\3\E_IATICAE.EXE [211456 2007-03-01] (Microsoft Windows Hardware Compatibility Publisher -> SEIKO EPSON CORPORATION)
HKU\S-1-5-21-2238446362-149773792-617086920-1000\...\Run: [CCleaner Smart Cleaning] => C:\Program Files (x86)\CCleaner\CCleaner64.exe [18630056 2018-09-16] (Piriform Ltd -> Piriform Ltd)
HKU\S-1-5-21-2238446362-149773792-617086920-1000\Software\Policies\...\system: [DisableCMD] 0
HKU\S-1-5-21-2238446362-149773792-617086920-1000\...\MountPoints2: F - F:\HiSuiteDownLoader.exe
HKU\S-1-5-21-2238446362-149773792-617086920-1000\...\MountPoints2: {702f8e39-46ce-11e8-bd56-74f06db1599f} - F:\HiSuiteDownLoader.exe
HKU\S-1-5-21-2238446362-149773792-617086920-1000\...\MountPoints2: {7fed36bd-43c8-11eb-b06c-74f06db1599f} - F:\HiSuiteDownLoader.exe
HKLM\...\Print\Monitors\EPSON Stylus DX4400 Series 64MonitorBE: C:\Windows\system32\E_ILMCAE.DLL [129536 2006-12-08] (Microsoft Windows Hardware Compatibility Publisher -> SEIKO EPSON CORPORATION)
HKLM\Software\Microsoft\Active Setup\Installed Components: [{2D46B6DC-2207-486B-B523-A557E6D54B47}] -> C:\Windows\system32\cmd.exe /D /C start C:\Windows\system32\ie4uinit.exe -ClearIconCache
HKLM\Software\Wow6432Node\Microsoft\Active Setup\Installed Components: [{2D46B6DC-2207-486B-B523-A557E6D54B47}] -> C:\Windows\system32\cmd.exe /D /C start C:\Windows\system32\ie4uinit.exe -ClearIconCache
HKLM\Software\Wow6432Node\Microsoft\Active Setup\Installed Components: [{73FA19D0-2D75-11D2-995D-00C04F98BBC9}] ->
HKLM\Software\Wow6432Node\Microsoft\Active Setup\Installed Components: [{8A69D345-D564-463c-AFF1-A69D9E530F96}] -> C:\Program Files (x86)\Google\Chrome\Application\97.0.4692.99\Installer\chrmstp.exe [2022-01-25] (Google LLC -> Google LLC)
HKLM\Software\...\Authentication\Credential Providers: [{06FE45A8-6D92-44ba-A0F1-9A9BCDC8F5A7}] -> C:\Program Files (x86)\ASUS\SmartLogon\system\FaceCredentialProvider64.dll [2009-06-19] (ASUSTeK Computer Inc. -> ASUS)
HKLM\Software\...\Authentication\Credential Providers: [{2AD920F6-D745-4d8b-9526-619171C2CC4D}] -> C:\Program Files (x86)\ASUS\ASUS Data Security Manager\ShlExt\x64\AdsmCredentialProvider.dll [2009-04-02] (ASUSTek Computer Inc.) [File not signed]
HKLM\Software\...\Authentication\Credential Providers: [{455BD3EC-20A5-44c3-8D77-396909825B5E}] -> C:\Program Files (x86)\ASUS\ASUS Data Security Manager\ShlExt\x64\AdsmCredentialProvider.dll [2009-04-02] (ASUSTek Computer Inc.) [File not signed]
HKLM\Software\...\Authentication\Credential Providers: [{50968FF7-10C1-4fb3-98B0-CD654D6CB97E}] -> C:\Program Files\WIDCOMM\Bluetooth Software\\BtwCP.dll [2010-03-12] (Broadcom Corporation -> Broadcom Corporation.)
HKLM\Software\...\Authentication\Credential Providers: [{F8A0B131-5F68-486c-8040-7E8FC3C85BB6}] -> C:\Program Files\Common Files\Microsoft Shared\Windows Live\WLIDCREDPROV.DLL [2012-07-17] (Microsoft Corporation -> Microsoft Corp.)
HKLM\Software\...\Authentication\Credential Provider Filters: [{120495C2-9E38-48a2-A08B-C302F7487628}] -> C:\Program Files (x86)\ASUS\ASUS Data Security Manager\ShlExt\x64\AdsmCredentialProvider.dll [2009-04-02] (ASUSTek Computer Inc.) [File not signed]
Startup: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Startup\Bluetooth.lnk [2010-10-28]
ShortcutTarget: Bluetooth.lnk -> C:\Program Files\WIDCOMM\Bluetooth Software\BTTray.exe (Broadcom Corporation -> Broadcom Corporation.)
Startup: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Startup\Microsoft Office.lnk [2011-08-28]
ShortcutTarget: Microsoft Office.lnk -> C:\Program Files (x86)\Microsoft Office\Office10\OSA.EXE (Microsoft Corporation -> Microsoft Corporation)
Startup: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Startup\SRS Premium Sound.lnk [2010-10-28]
ShortcutTarget: SRS Premium Sound.lnk -> C:\Windows\Installer\{E5CF6B9C-3ABE-43C9-9413-AD5FFC98F049}\NewShortcut5_21C7B668029A47458B27645FE6E4A715.exe (SRS Labs, Inc -> Acresso Software Inc.)
HKLM\SOFTWARE\Policies\Mozilla\Firefox: Restriction <==== ATTENTION
HKLM\SOFTWARE\Policies\Google: Restriction <==== ATTENTION

==================== Scheduled Tasks (Whitelisted) ============

(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)

Task: {0CE47DD5-A5FF-436E-A16D-837DF8DF47C3} - System32\Tasks\Microsoft\Windows Live\SOXE\Extractor Definitions Update Task => {3519154C-227E-47F3-9CC9-12C3F05817F1}
Task: {0D7767ED-0D20-459B-9CB1-FD876B5FEF41} - System32\Tasks\{B7F918E3-FC9A-439D-95AA-EE1AA7BC37EB} => C:\Windows\system32\pcalua.exe -a C:\Users\vev\Desktop\O2InternetKonfigurator.exe -d C:\Users\vev\Desktop
Task: {0E4D74A3-54B9-4C6D-902A-BE9FF01DA2BE} - System32\Tasks\{CE372306-0048-4383-9E6A-18B913E979E9} => C:\Windows\twain_32\escndv\escndv.exe [118784 2006-03-07] (Microsoft Windows Hardware Compatibility Publisher -> SEIKO EPSON CORP.)
Task: {2E9BEA59-5A7B-4CAF-8ED4-9F89999A3C73} - System32\Tasks\Opera scheduled Autoupdate 1528634260 => C:\Users\vev\AppData\Local\Programs\Opera\launcher.exe --scheduledautoupdate $(Arg0) (No File)
Task: {32E29195-00AB-46F0-ACE5-995AF716AD3D} - System32\Tasks\{0F86AE1F-BAB6-4002-AD15-0E1E4006FA14} => C:\Program Files (x86)\Ahead\Nero StartSmart\NeroStartSmart.exe (No File)
Task: {35A60BC9-713E-478B-99F1-FA7263A772EA} - System32\Tasks\GoogleUpdateTaskMachineCore => C:\Program Files (x86)\Google\Update\GoogleUpdate.exe [144200 2015-08-31] (Google Inc -> Google Inc.)
Task: {3883F2EE-AA07-4021-946C-3DF86F8FDE55} - System32\Tasks\ATKOSD2 => C:\Program Files (x86)\ASUS\ATK Package\ATKOSD2\ATKOSD2.exe [5732992 2010-08-17] (ASUSTeK Computer Inc. -> ASUS)
Task: {3A92FBF1-057B-4F4C-B627-257BF24A5B28} - System32\Tasks\Avast Software\Overseer => C:\Program Files\Common Files\Avast Software\Overseer\overseer.exe [1790184 2021-04-30] (Avast Software s.r.o. -> Avast Software)
Task: {3C54595A-65AC-4A9A-B9AA-AF1517435D2B} - System32\Tasks\ASUS SmartLogon Console Sensor => C:\Program Files (x86)\ASUS\SmartLogon\sensorsrv.exe [305720 2009-07-31] (ASUSTeK Computer Inc. -> ASUS)
Task: {4FB2C349-152F-4988-BC48-CE923FD7791E} - System32\Tasks\CCleaner Update => C:\Program Files (x86)\CCleaner\CCUpdate.exe [619416 2019-02-08] (Piriform Software Ltd -> Piriform Software Ltd)
Task: {5B322985-3AB9-4940-AC88-37E6597ACBA5} - System32\Tasks\ASUS P4G => C:\Program Files\P4G\BatteryLife.exe [339072 2010-05-28] (ASUSTeK Computer Inc. -> ATK)
Task: {5F7B9762-9213-40D5-B3A8-F472DB0ADAD3} - System32\Tasks\{6191827E-D7C0-41BA-A66A-229546CEBBDF} => C:\Windows\twain_32\escndv\escndv.exe [118784 2006-03-07] (Microsoft Windows Hardware Compatibility Publisher -> SEIKO EPSON CORP.)
Task: {6930A105-696A-46C4-BCA6-5963EFCFC7A4} - System32\Tasks\GoogleUpdateTaskMachineUA => C:\Program Files (x86)\Google\Update\GoogleUpdate.exe [144200 2015-08-31] (Google Inc -> Google Inc.)
Task: {75EDC1C0-6034-4284-8F5B-DDE0758C0F3C} - System32\Tasks\{1A67A6CB-7C54-4832-B9C5-CA7151B1CD86} => C:\Program Files (x86)\PDFCreator\PDFCreator.exe (No File)
Task: {7F402C2F-28D0-4B5F-9E9E-B982CA010CA5} - System32\Tasks\{C98D2361-5F6D-4EFF-80A8-34B065F26049} => C:\Windows\system32\pcalua.exe -a C:\PROGRA~2\MYASHA~1\UNWISE.EXE -c /U C:\PROGRA~2\MYASHA~1\INSTALL.LOG
Task: {801CD57E-3311-4E00-BB3F-62493FA34B99} - System32\Tasks\{2352ED13-CB22-4F67-8A0A-F8BAE8F77D22} => C:\Program Files (x86)\Microsoft\Skype for Desktop\Skype.exe [49805160 2018-11-09] (Skype Software Sarl -> Skype Technologies S.A.)
Task: {88E60535-550E-487B-B7E7-BF6D4B152963} - System32\Tasks\avastBCLRestartS-1-5-21-2238446362-149773792-617086920-1000 => C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
Task: {8E1078B2-D7C5-47BA-B55E-38AE9F7F19CC} - System32\Tasks\{C7C4BDC8-FC51-48B9-B78D-867378D794D0} => C:\Program Files (x86)\Microsoft\Skype for Desktop\Skype.exe [49805160 2018-11-09] (Skype Software Sarl -> Skype Technologies S.A.)
Task: {90DB81AF-BF54-4D37-BA43-38B8ECD00320} - System32\Tasks\{B10294AB-ACF5-459F-AA32-1936119DA719} => C:\Program Files (x86)\Ahead\Nero StartSmart\NeroStartSmart.exe (No File)
Task: {95843E51-1AE1-4CE5-9BBE-6CA083595C76} - System32\Tasks\CCleanerSkipUAC => C:\Program Files (x86)\CCleaner\CCleaner.exe [13797712 2018-09-16] (Piriform Ltd -> Piriform Ltd)
Task: {9A4A1C6E-F420-441F-87CF-1F00486FEB7D} - System32\Tasks\ASPG => C:\Program Files (x86)\ASUS\ASUS CopyProtect\aspg.exe [163384 2009-06-29] (ASUSTeK Computer Inc. -> ASUS)
Task: {B2189CBD-F585-494A-BC7C-A913416D67E4} - System32\Tasks\{C5A07AAB-88E1-43E9-84F0-07D9455475C8} => C:\Windows\system32\pcalua.exe -a C:\Windows\system32\pcwrun.exe -c "C:\Program Files (x86)\Ahead\Nero StartSmart\NeroStartSmart.exe"
Task: {B6A23542-D7C8-40C0-98BC-74A6DC1A39BA} - System32\Tasks\Avast Emergency Update => C:\Program Files\AVAST Software\Avast\AvEmUpdate.exe [4969240 2021-12-20] (Avast Software s.r.o. -> AVAST Software)
Task: {BD64756A-BA3A-4595-9FDA-1FBAA68C4CF3} - System32\Tasks\AVAST Software\Avast settings backup => C:\Program Files\Common Files\AV\avast! Antivirus\backup.exe /backup /iavs (No File)

(If an entry is included in the fixlist, the task (.job) file will be moved. The file which is running by the task will not be moved.)


==================== Internet (Whitelisted) ====================

(If an item is included in the fixlist, if it is a registry item it will be removed or restored to default.)

Winsock: Catalog5 08 C:\Program Files (x86)\Common Files\Microsoft Shared\Windows Live\WLIDNSP.DLL [145648 2012-07-17] (Microsoft Corporation -> Microsoft Corp.)
Winsock: Catalog5 09 C:\Program Files (x86)\Common Files\Microsoft Shared\Windows Live\WLIDNSP.DLL [145648 2012-07-17] (Microsoft Corporation -> Microsoft Corp.)
Winsock: Catalog5-x64 08 C:\Program Files\Common Files\Microsoft Shared\Windows Live\WLIDNSP.DLL [171760 2012-07-17] (Microsoft Corporation -> Microsoft Corp.)
Winsock: Catalog5-x64 09 C:\Program Files\Common Files\Microsoft Shared\Windows Live\WLIDNSP.DLL [171760 2012-07-17] (Microsoft Corporation -> Microsoft Corp.)
Tcpip\Parameters: [DhcpNameServer] 62.129.50.20 85.135.32.100
Tcpip\..\Interfaces\{1D0E1FEC-1D2D-431B-96C4-8C4903F74E79}: [DhcpNameServer] 62.129.50.20 85.135.32.100
Tcpip\..\Interfaces\{49A5CF24-CAF7-482B-B1E1-E76E49B50515}: [NameServer] 10.255.255.10,10.255.255.20
Tcpip\..\Interfaces\{49A5CF24-CAF7-482B-B1E1-E76E49B50515}: [DhcpNameServer] 192.168.0.1

Edge:
=======
Edge DefaultProfile: Default
Edge Profile: C:\Users\vev\AppData\Local\Microsoft\Edge\User Data\Default [2021-11-27]

FireFox:
========
FF DefaultProfile: sgaow1n5.default-1377703720272
FF ProfilePath: C:\Users\vev\AppData\Roaming\Mozilla\Firefox\Profiles\sgaow1n5.default-1377703720272 [2015-02-17]
FF DownloadDir: C:\Users\vev\Desktop
FF Plugin: @Microsoft.com/NpCtrl,version=1.0 -> C:\Program Files\Microsoft Silverlight\5.1.50918.0\npctrl.dll [2018-10-23] (Microsoft Corporation -> Microsoft Corporation)
FF Plugin-x32: @Microsoft.com/NpCtrl,version=1.0 -> C:\Program Files (x86)\Microsoft Silverlight\5.1.50918.0\npctrl.dll [2018-10-23] (Microsoft Corporation -> Microsoft Corporation)
FF Plugin-x32: @microsoft.com/WLPG,version=16.4.3528.0331 -> C:\Program Files (x86)\Windows Live\Photo Gallery\NPWLPG.dll [2014-03-31] (Microsoft Corporation -> Microsoft Corporation)
FF Plugin-x32: @videolan.org/vlc,version=2.2.1 -> C:\Program Files (x86)\VideoLAN\VLC\npvlc.dll [2017-11-29] (VideoLAN -> VideoLAN)
FF Plugin-x32: @videolan.org/vlc,version=2.2.6 -> C:\Program Files (x86)\VideoLAN\VLC\npvlc.dll [2017-11-29] (VideoLAN -> VideoLAN)
FF Plugin-x32: @videolan.org/vlc,version=2.2.8 -> C:\Program Files (x86)\VideoLAN\VLC\npvlc.dll [2017-11-29] (VideoLAN -> VideoLAN)
FF Plugin-x32: Adobe Reader -> C:\Program Files (x86)\Adobe\Reader 9.0\Reader\AIR\nppdf32.dll [2013-05-08] (Adobe Systems, Incorporated -> Adobe Systems Inc.)

Chrome:
=======
CHR DefaultProfile: Default
CHR Profile: C:\Users\vev\AppData\Local\Google\Chrome\User Data\Default [2022-01-30]
CHR DownloadDir: C:\Users\vev\Desktop
CHR HomePage: Default -> hxxp://www.google.cz/
CHR StartupUrls: Default -> "hxxps://www.google.cz/"
CHR Extension: (Dokumenty) - C:\Users\vev\AppData\Local\Google\Chrome\User Data\Default\Extensions\aohghmighlieiainnegkcijnfilokake [2017-10-16]
CHR Extension: (Disk Google) - C:\Users\vev\AppData\Local\Google\Chrome\User Data\Default\Extensions\apdfllckaahabafndbhieahigkjlhalf [2020-10-25]
CHR Extension: (YouTube) - C:\Users\vev\AppData\Local\Google\Chrome\User Data\Default\Extensions\blpcfgokakmgnkcojhhkbfbldkacnbeo [2015-09-24]
CHR Extension: (Vyhledávání Google) - C:\Users\vev\AppData\Local\Google\Chrome\User Data\Default\Extensions\coobgpohoikkiipiblmjeljniedjpjpf [2015-10-27]
CHR Extension: (Dokumenty Google offline) - C:\Users\vev\AppData\Local\Google\Chrome\User Data\Default\Extensions\ghbmnnjooekpmoecnnnilnnbdlolhkhi [2022-01-27]
CHR Extension: (Platby Internetového obchodu Chrome) - C:\Users\vev\AppData\Local\Google\Chrome\User Data\Default\Extensions\nmmhkkegccagdldgiimedpiccmgmieda [2021-01-31]
CHR Extension: (Seznam doplněk - Esko) - C:\Users\vev\AppData\Local\Google\Chrome\User Data\Default\Extensions\olfeabkoenfaoljndfecamgilllcpiak [2020-10-27]
CHR Extension: (Gmail) - C:\Users\vev\AppData\Local\Google\Chrome\User Data\Default\Extensions\pjkljhegncpnkpknbcohdijeoejaedia [2020-10-25]
CHR HKU\S-1-5-21-2238446362-149773792-617086920-1000\SOFTWARE\Google\Chrome\Extensions\...\Chrome\Extension: [bgjpfhpjcgdppjbgnpnjllokbmcdllig]
CHR HKU\S-1-5-21-2238446362-149773792-617086920-1000\SOFTWARE\Google\Chrome\Extensions\...\Chrome\Extension: [olfeabkoenfaoljndfecamgilllcpiak]
CHR HKLM-x32\...\Chrome\Extension: [eofcbnmajmjmplflapaojjnihcjkigck]

==================== Services (Whitelisted) ===================

(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)

R3 ADSMService; C:\Program Files (x86)\ASUS\ASUS Data Security Manager\ADSMSrv.exe [225280 2008-03-31] (ASUSTek Computer Inc.) [File not signed]
R3 aswbIDSAgent; C:\Program Files\AVAST Software\Avast\aswidsagent.exe [8480848 2021-12-20] (Avast Software s.r.o. -> AVAST Software)
R2 avast! Antivirus; C:\Program Files\AVAST Software\Avast\AvastSvc.exe [452888 2021-12-20] (Avast Software s.r.o. -> AVAST Software)
R2 avast! Tools; C:\Program Files\AVAST Software\Avast\aswToolsSvc.exe [452888 2021-12-20] (Avast Software s.r.o. -> AVAST Software)
R2 AvastWscReporter; C:\Program Files\AVAST Software\Avast\wsc_proxy.exe [56912 2021-05-30] (Avast Software s.r.o. -> AVAST Software)
S4 clr_optimization_v2.0.50727_64; C:\Windows\Microsoft.NET\Framework64\v2.0.50727\mscorsvw.exe [90776 2014-03-20] (Microsoft Corporation -> Microsoft Corporation)
S2 clr_optimization_v4.0.30319_64; C:\Windows\Microsoft.NET\Framework64\v4.0.30319\mscorsvw.exe [158912 2019-03-28] (Microsoft Dynamic Code Publisher -> Microsoft Corporation)
R2 DragonUpdater; C:\Program Files (x86)\Comodo\Dragon\dragon_updater.exe [2139328 2014-05-27] (Comodo Security Solutions -> Comodo Security Solutions, Inc.)
R2 EPSON_PM_RPCV4_01; C:\ProgramData\EPSON\EPW!3 SSRP\E_S40RPB.EXE [126464 2007-01-11] (Microsoft Windows Hardware Compatibility Publisher -> SEIKO EPSON CORPORATION)
R2 LMS; C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\LMS\LMS.exe [262144 2009-10-01] (Intel Corporation) [File not signed]
S2 MBAMService; C:\Program Files (x86)\Malwarebytes Anti-Malware\mbamservice.exe [1133880 2015-06-18] (Malwarebytes Corporation -> Malwarebytes Corporation)
R3 RichVideo; C:\Program Files (x86)\CyberLink\Shared files\RichVideo.exe [244904 2010-04-06] (CyberLink -> ) [File not signed]
S3 WinDefend; C:\Program Files\Windows Defender\mpsvc.dll [1011712 2013-05-27] (Microsoft Windows -> Microsoft Corporation)
R2 wlidsvc; C:\Program Files\Common Files\Microsoft Shared\Windows Live\WLIDSVC.EXE [2292480 2012-07-17] (Microsoft Corporation -> Microsoft Corp.)

===================== Drivers (Whitelisted) ===================

(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)

R0 aswArDisk; C:\Windows\System32\drivers\aswArDisk.sys [36784 2021-12-20] (Avast Software s.r.o. -> AVAST Software)
R1 aswArPot; C:\Windows\System32\drivers\aswArPot.sys [223176 2021-12-20] (Avast Software s.r.o. -> AVAST Software)
R1 aswbidsdriver; C:\Windows\System32\drivers\aswbidsdriver.sys [369216 2021-12-20] (Avast Software s.r.o. -> AVAST Software)
R0 aswbidsh; C:\Windows\System32\drivers\aswbidsh.sys [252992 2021-12-20] (Avast Software s.r.o. -> AVAST Software)
R0 aswbuniv; C:\Windows\System32\drivers\aswbuniv.sys [100416 2021-12-20] (Avast Software s.r.o. -> AVAST Software)
R1 aswKbd; C:\Windows\System32\drivers\aswKbd.sys [42416 2021-12-20] (Avast Software s.r.o. -> AVAST Software)
R1 aswMonFlt; C:\Windows\System32\drivers\aswMonFlt.sys [186280 2021-12-20] (Avast Software s.r.o. -> AVAST Software)
R1 aswNetHub; C:\Windows\System32\drivers\aswNetHub.sys [540056 2021-12-20] (Avast Software s.r.o. -> AVAST Software)
R3 aswNetNd6; C:\Windows\System32\DRIVERS\aswNetNd6.sys [38152 2020-04-15] (AVAST Software s.r.o. -> AVAST Software)
R1 aswRdr; C:\Windows\System32\drivers\aswRdr2.sys [108912 2021-12-20] (Avast Software s.r.o. -> AVAST Software)
R0 aswRvrt; C:\Windows\System32\drivers\aswRvrt.sys [83976 2021-12-20] (Avast Software s.r.o. -> AVAST Software)
R1 aswSnx; C:\Windows\System32\drivers\aswSnx.sys [853800 2021-12-20] (Avast Software s.r.o. -> AVAST Software)
R1 aswSP; C:\Windows\System32\drivers\aswSP.sys [545176 2021-12-20] (Avast Software s.r.o. -> AVAST Software)
R2 aswStm; C:\Windows\System32\drivers\aswStm.sys [215432 2021-12-20] (Avast Software s.r.o. -> AVAST Software)
R0 aswVmm; C:\Windows\System32\drivers\aswVmm.sys [318760 2021-12-20] (Avast Software s.r.o. -> AVAST Software)
R3 athr; C:\Windows\System32\DRIVERS\athrx.sys [2753536 2011-06-27] (Microsoft Windows Hardware Compatibility Publisher -> Atheros Communications, Inc.)
R3 ETD; C:\Windows\System32\DRIVERS\ETD.sys [129024 2010-07-21] (Microsoft Windows Hardware Compatibility Publisher -> ELAN Microelectronic Corp.)
R3 kbfiltr; C:\Windows\System32\DRIVERS\kbfiltr.sys [15416 2009-07-20] (ASUSTeK Computer Inc. -> )
R0 lullaby; C:\Windows\System32\DRIVERS\lullaby.sys [15928 2009-06-18] (ASUSTeK Computer Inc. -> Windows (R) Win 7 DDK provider)
R3 MBAMProtector; C:\Windows\system32\drivers\mbam.sys [25816 2015-06-18] (Malwarebytes Corporation -> Malwarebytes Corporation)
S3 MBAMWebAccessControl; C:\Windows\system32\drivers\mwac.sys [63704 2015-06-18] (Malwarebytes Corporation -> Malwarebytes Corporation)
S3 nmwcd; C:\Windows\System32\drivers\ccdcmbx64.sys [19968 2011-08-17] (Microsoft Windows Hardware Compatibility Publisher -> Nokia)
R3 SNP2UVC; C:\Windows\System32\DRIVERS\snp2uvc.sys [1800192 2009-08-20] (Microsoft Windows Hardware Compatibility Publisher -> )

==================== NetSvcs (Whitelisted) ===================

(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)


==================== One month (created) (Whitelisted) =========

(If an entry is included in the fixlist, the file/folder will be moved.)


==================== One month (modified) ==================

(If an entry is included in the fixlist, the file/folder will be moved.)

2022-01-30 12:15 - 2010-10-28 09:50 - 000000000 ____D C:\Program Files (x86)\Google
2022-01-30 12:14 - 2017-12-06 19:00 - 000000000 ____D C:\FRST
2022-01-30 12:14 - 2009-08-03 21:00 - 000681562 _____ C:\Windows\system32\perfh005.dat
2022-01-30 12:14 - 2009-08-03 21:00 - 000145976 _____ C:\Windows\system32\perfc005.dat
2022-01-30 12:14 - 2009-07-14 06:13 - 001610364 _____ C:\Windows\system32\PerfStringBackup.INI
2022-01-30 12:14 - 2009-07-14 04:20 - 000000000 ____D C:\Windows\inf
2022-01-30 11:56 - 2011-08-28 16:42 - 000000000 ____D C:\ProgramData\AVAST Software
2022-01-30 11:55 - 2009-07-14 06:08 - 000000006 ____H C:\Windows\Tasks\SA.DAT
2022-01-29 12:21 - 2011-08-28 15:14 - 000000000 ____D C:\Users\vev
2022-01-29 12:18 - 2009-07-14 05:45 - 000022592 ____H C:\Windows\system32\7B296FB0-376B-497e-B012-9C450E1B7327-5P-1.C7483456-A289-439d-8115-601632D005A0
2022-01-29 12:18 - 2009-07-14 05:45 - 000022592 ____H C:\Windows\system32\7B296FB0-376B-497e-B012-9C450E1B7327-5P-0.C7483456-A289-439d-8115-601632D005A0
2022-01-29 12:12 - 2020-07-08 15:57 - 000003484 _____ C:\Windows\system32\Tasks\MicrosoftEdgeUpdateTaskMachineUA
2022-01-29 12:12 - 2020-07-08 15:57 - 000003356 _____ C:\Windows\system32\Tasks\MicrosoftEdgeUpdateTaskMachineCore
2022-01-29 12:12 - 2018-11-06 19:15 - 000002978 _____ C:\Windows\system32\Tasks\{2352ED13-CB22-4F67-8A0A-F8BAE8F77D22}
2022-01-29 12:12 - 2018-11-06 18:13 - 000002978 _____ C:\Windows\system32\Tasks\{C7C4BDC8-FC51-48B9-B78D-867378D794D0}
2022-01-29 12:12 - 2018-06-10 13:37 - 000004030 _____ C:\Windows\system32\Tasks\Opera scheduled Autoupdate 1528634260
2022-01-29 12:12 - 2018-05-19 11:47 - 000003388 _____ C:\Windows\system32\Tasks\GoogleUpdateTaskMachineUA
2022-01-29 12:12 - 2018-05-19 11:47 - 000003260 _____ C:\Windows\system32\Tasks\GoogleUpdateTaskMachineCore
2022-01-29 12:12 - 2018-03-29 07:49 - 000004140 _____ C:\Windows\system32\Tasks\CCleaner Update
2022-01-29 12:12 - 2018-01-29 13:27 - 000003130 _____ C:\Windows\system32\Tasks\{C98D2361-5F6D-4EFF-80A8-34B065F26049}
2022-01-29 12:12 - 2016-06-15 15:51 - 000002932 _____ C:\Windows\system32\Tasks\{CE372306-0048-4383-9E6A-18B913E979E9}
2022-01-29 12:12 - 2016-06-15 15:50 - 000002932 _____ C:\Windows\system32\Tasks\{6191827E-D7C0-41BA-A66A-229546CEBBDF}
2022-01-29 12:12 - 2016-01-04 23:07 - 000003094 _____ C:\Windows\system32\Tasks\P4G Sidebar
2022-01-29 12:12 - 2015-12-03 18:51 - 000000000 ____D C:\Windows\system32\Tasks\AVAST Software
2022-01-29 12:12 - 2013-11-17 22:44 - 000002954 _____ C:\Windows\system32\Tasks\{1A67A6CB-7C54-4832-B9C5-CA7151B1CD86}
2022-01-29 12:12 - 2012-08-09 14:48 - 000002780 _____ C:\Windows\system32\Tasks\CCleanerSkipUAC
2022-01-29 12:12 - 2011-11-20 13:38 - 000002984 _____ C:\Windows\system32\Tasks\{B10294AB-ACF5-459F-AA32-1936119DA719}
2022-01-29 12:12 - 2011-11-20 13:37 - 000003184 _____ C:\Windows\system32\Tasks\{C5A07AAB-88E1-43E9-84F0-07D9455475C8}
2022-01-29 12:12 - 2011-11-20 13:37 - 000002984 _____ C:\Windows\system32\Tasks\{0F86AE1F-BAB6-4002-AD15-0E1E4006FA14}
2022-01-29 12:12 - 2011-09-10 16:54 - 000003128 _____ C:\Windows\system32\Tasks\{B7F918E3-FC9A-439D-95AA-EE1AA7BC37EB}
2022-01-29 12:12 - 2010-10-28 10:14 - 000002872 _____ C:\Windows\system32\Tasks\ASPG
2022-01-29 12:12 - 2010-10-28 10:13 - 000002986 _____ C:\Windows\system32\Tasks\ASUS SmartLogon Console Sensor
2022-01-29 12:12 - 2010-10-28 10:11 - 000003040 _____ C:\Windows\system32\Tasks\ASUS P4G
2022-01-29 12:12 - 2010-10-28 10:10 - 000002988 _____ C:\Windows\system32\Tasks\ATKOSD2
2022-01-28 21:54 - 2015-02-03 14:52 - 000113880 _____ (Malwarebytes Corporation) C:\Windows\system32\Drivers\MBAMSwissArmy.sys
2022-01-27 21:25 - 2016-06-23 19:58 - 000000000 ____D C:\Program Files\trend micro
2022-01-25 21:28 - 2013-08-30 12:49 - 000002226 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Google Chrome.lnk
2022-01-25 21:28 - 2013-08-30 12:49 - 000002185 _____ C:\Users\Public\Desktop\Google Chrome.lnk
2022-01-23 18:14 - 2018-06-10 12:55 - 000000000 ____D C:\Users\vev\AppData\Local\ElevatedDiagnostics
2022-01-15 17:03 - 2013-08-01 18:52 - 000000000 ____D C:\Windows\system32\MRT
2022-01-15 16:56 - 2011-09-01 18:36 - 145765912 ____C (Microsoft Corporation) C:\Windows\system32\MRT.exe
2022-01-15 15:56 - 2011-08-30 17:49 - 000000000 ____D C:\Program Files (x86)\Webteh
2022-01-15 15:30 - 2013-11-17 22:35 - 000000000 ____D C:\Program Files (x86)\PDF Architect
2022-01-15 15:11 - 2011-10-19 20:19 - 000000000 ____D C:\Windows\system32\Macromed
2022-01-15 15:11 - 2010-10-28 09:54 - 000000000 ____D C:\Windows\SysWOW64\Macromed
2022-01-02 15:27 - 2017-03-12 15:02 - 000004168 _____ C:\Windows\system32\Tasks\Avast Emergency Update

==================== Files in the root of some directories ========

2007-06-12 17:34 - 2007-06-12 17:34 - 000035822 _____ () C:\Program Files (x86)\Common Files\ASPG_icon.ico
2008-05-22 16:35 - 2008-05-22 16:35 - 000051962 _____ () C:\Program Files (x86)\Common Files\banner.jpg
2009-04-08 18:31 - 2009-04-08 18:31 - 000106496 _____ () C:\Program Files (x86)\Common Files\CPInstallAction.dll
2008-08-12 05:45 - 2008-08-12 05:45 - 000155648 _____ (ASUS) C:\Program Files (x86)\Common Files\MSIactionall.dll
2012-05-12 12:18 - 2012-05-12 12:18 - 000099384 _____ () C:\Users\vev\AppData\Roaming\inst.exe
2012-05-12 12:18 - 2012-05-12 12:18 - 000007859 _____ () C:\Users\vev\AppData\Roaming\pcouffin.cat
2012-05-12 12:18 - 2012-05-12 12:18 - 000001167 _____ () C:\Users\vev\AppData\Roaming\pcouffin.inf
2012-05-12 12:18 - 2012-05-12 12:18 - 000000074 _____ () C:\Users\vev\AppData\Roaming\pcouffin.log
2012-05-12 12:18 - 2012-05-12 12:18 - 000082816 _____ (VSO Software) C:\Users\vev\AppData\Roaming\pcouffin.sys
2013-08-26 12:39 - 2013-08-26 12:39 - 000033193 _____ () C:\Users\vev\AppData\Roaming\UserTile.png
2014-11-29 13:33 - 2014-11-29 13:33 - 000000000 _____ () C:\Users\vev\AppData\Local\{0896EA8B-49A8-4B6E-8B72-CD487BECDED9}
2012-01-26 20:58 - 2012-01-26 20:58 - 000000000 _____ () C:\Users\vev\AppData\Local\{D7A6F389-6203-423E-8387-FC08B9B207A7}
2012-01-28 21:01 - 2012-01-28 21:02 - 000000000 _____ () C:\Users\vev\AppData\Local\{FDD68CB9-6E59-4DE3-B062-676D74DD6E30}

==================== SigCheck ============================

(There is no automatic fix for files that do not pass verification.)


LastRegBack: 2022-01-23 18:06
==================== End of FRST.txt ========================

[vev]

A log Addition:


Additional scan result of Farbar Recovery Scan Tool (x64) Version: 26-01-2022
Ran by vev (30-01-2022 12:16:29)
Running from C:\Users\vev\Pictures\Desktop
Microsoft Windows 7 Home Premium Service Pack 1 (X64) (2011-08-28 14:14:46)
Boot Mode: Normal
==========================================================


==================== Accounts: =============================


(If an entry is included in the fixlist, it will be removed.)

Administrator (S-1-5-21-2238446362-149773792-617086920-500 - Administrator - Disabled)
Guest (S-1-5-21-2238446362-149773792-617086920-501 - Limited - Disabled)
HomeGroupUser$ (S-1-5-21-2238446362-149773792-617086920-1185 - Limited - Enabled)
vev (S-1-5-21-2238446362-149773792-617086920-1000 - Administrator - Enabled) => C:\Users\vev

==================== Security Center ========================

(If an entry is included in the fixlist, it will be removed.)

AV: Avast Antivirus (Enabled - Up to date) {EB19B86E-3998-C706-90EF-92B41EB091AF}
AS: Windows Defender (Disabled - Out of date) {D68DDC3A-831F-4fae-9E44-DA132C1ACF46}
AS: Avast Antivirus (Enabled - Up to date) {5078598A-1FA2-C888-AA5F-A9C66537DB12}

==================== Installed Programs ======================

(Only the adware programs with "Hidden" flag could be added to the fixlist to unhide them. The adware programs should be uninstalled manually.)

Acrobat.com (HKLM-x32\...\{287ECFA4-719A-2143-A09B-D6A12DE54E40}) (Version: 1.6.65 - Adobe Systems Incorporated)
Adobe AIR (HKLM-x32\...\Adobe AIR) (Version: 29.0.0.112 - Adobe Systems Incorporated)
Adobe Photoshop 7.0 CE (HKLM-x32\...\Adobe Photoshop 7.0 CE) (Version: 7.0 CE - Adobe Systems, Inc.)
Adobe Reader 9.5.5 MUI (HKLM-x32\...\{AC76BA86-7AD7-FFFF-7B44-A91000000001}) (Version: 9.5.5 - Adobe Systems Incorporated)
Aktualizace produktu Microsoft Office Excel 2007 Help (KB963678) (HKLM-x32\...\{90120000-0016-0405-0000-0000000FF1CE}_ENTERPRISE_{0A1FAC46-B899-421D-B1A2-470896DC45DB}) (Version: - Microsoft)
Aktualizace produktu Microsoft Office Powerpoint 2007 Help (KB963669) (HKLM-x32\...\{90120000-0018-0405-0000-0000000FF1CE}_ENTERPRISE_{5260BB53-C1F7-4A3B-9AEB-3EC9B37FF194}) (Version: - Microsoft)
Aktualizace produktu Microsoft Office Word 2007 Help (KB963665) (HKLM-x32\...\{90120000-001B-0405-0000-0000000FF1CE}_ENTERPRISE_{E68DD413-B834-4923-8181-0A03B7555187}) (Version: - Microsoft)
Ashampoo Burning Studio 6 FREE v.6.80 (HKLM-x32\...\Ashampoo Burning Studio 6 FREE_is1) (Version: 6.8.0 - ashampoo GmbH & Co. KG)
ASUS AI Recovery (HKLM-x32\...\{D39F0676-163E-4595-A917-E28F99BBD4D2}) (Version: 1.0.24 - ASUS)
ASUS CopyProtect (HKLM-x32\...\{6B77A7F6-DD63-4F13-A6FF-83137A5AC354}) (Version: 1.0.0015 - ASUS)
ASUS Data Security Manager (HKLM-x32\...\{FA2092C5-7979-412D-A962-6485274AE1EE}) (Version: 1.00.0014 - ASUS)
ASUS LifeFrame3 (HKLM-x32\...\{1DBD1F12-ED93-49C0-A7CC-56CBDE488158}) (Version: 3.0.20 - ASUS)
ASUS Live Update (HKLM-x32\...\{E657B243-9AD4-4ECC-BE81-4CCF8D667FD0}) (Version: 2.5.9 - ASUS)
ASUS MultiFrame (HKLM-x32\...\{9D48531D-2135-49FC-BC29-ACCDA5396A76}) (Version: 1.0.0021 - ASUS)
ASUS Power4Gear Hybrid (HKLM\...\{91EFE3A1-585E-4F66-B5F6-F118F56C4C47}) (Version: 1.1.37 - ASUS)
ASUS SmartLogon (HKLM-x32\...\{64452561-169F-4A36-A2FF-B5E118EC65F5}) (Version: 1.0.0008 - ASUS)
ASUS Video Magic (HKLM-x32\...\{1FBF6C24-C1FD-4101-A42B-0C564F9E8E79}) (Version: 6.0.4015 - CyberLink Corp.) Hidden
ASUS Video Magic (HKLM-x32\...\InstallShield_{1FBF6C24-C1FD-4101-A42B-0C564F9E8E79}) (Version: 6.0.4015 - CyberLink Corp.)
ATK Package (HKLM-x32\...\{AB5C933E-5C7D-4D30-B314-9C83A49B94BE}) (Version: 1.0.0006 - ASUS)
aTube Catcher verze 3.8 (HKLM-x32\...\{D43B360E-722D-421B-BC77-20B9E0F8B6CD}_is1) (Version: 3.8 - DsNET Corp)
Avast Free Antivirus (HKLM\...\Avast Antivirus) (Version: 21.11.2500 - Avast Software)
Boingo Wi-Fi (HKLM-x32\...\{B653A2EC-D816-4498-A4FD-651047AB9DC9}) (Version: 1.7.0048 - Boingo Wireless, Inc.)
CCleaner (HKLM\...\CCleaner) (Version: 5.46 - Piriform)
Comodo Dragon (HKLM-x32\...\Comodo Dragon) (Version: 33.1.0.1 - Comodo)
Compatibility Pack for the 2007 Office system (HKLM-x32\...\{90120000-0020-0409-0000-0000000FF1CE}) (Version: 12.0.6612.1000 - Microsoft Corporation)
Conexant HD Audio (HKLM\...\CNXT_AUDIO_HDA) (Version: 4.111.0.63 - Conexant)
ConvertXtoDVD 2.2.3.258 (HKLM-x32\...\{BB406CEB-6207-4512-9BB2-89950DC9D6B6}_is1) (Version: 2.2.3.258 - VSO-Software SARL)
CX4300_5500_DX4400 Manuál (HKLM-x32\...\CX4300_5500_DX4400 Manuál) (Version: - )
CyberLink PhotoNow (HKLM-x32\...\InstallShield_{D36DD326-7280-11D8-97C8-000129760CBE}) (Version: 1.1.6904 - CyberLink Corp.)
CyberLink PowerDirector (HKLM-x32\...\InstallShield_{CB099890-1D5F-11D5-9EA9-0050BAE317E1}) (Version: 8.0.2609a - CyberLink Corp.)
CyberLink PowerDVD 9 (HKLM-x32\...\InstallShield_{A8516AC9-AAF1-47F9-9766-03E2D4CDBCF8}) (Version: 9.0.3009.50 - CyberLink Corp.)
D3DX10 (HKLM-x32\...\{E09C4DB7-630C-4F06-A631-8EA7239923AF}) (Version: 15.4.2368.0902 - Microsoft) Hidden
Emergency Download Driver (HKLM-x32\...\{3F0F5AB4-C9CE-4226-8393-E9CFF8369D9D}) (Version: 1.1.16.1526 - Microsoft)
EPSON Attach To Email (HKLM-x32\...\InstallShield_{20C45B32-5AB6-46A4-94EF-58950CAF05E5}) (Version: 1.01.0000 - SEIKO EPSON)
EPSON Copy Utility 3 (HKLM-x32\...\{67EDD823-135A-4D59-87BD-950616D6E857}) (Version: 3.2.0.0 - )
EPSON File Manager (HKLM-x32\...\{2EB81825-E9EE-44F4-8F51-1240C3898DC6}) (Version: 1.3.0.0 - )
EPSON Scan (HKLM-x32\...\EPSON Scanner) (Version: - )
ETDWare PS/2-x64 7.0.5.13_WHQL (HKLM\...\Elantech) (Version: 7.0.5.13 - ELAN Microelectronics Corp.)
Fast Boot (HKLM\...\{13F4A7F3-EABC-4261-AF6B-1317777F0755}) (Version: 1.0.6 - ASUS)
FormatFactory 3.8.0.0 (HKLM-x32\...\FormatFactory) (Version: 3.8.0.0 - Free Time)
Fotogalerie (HKLM-x32\...\{F37D360D-9308-4BB1-8515-DC6B637B9486}) (Version: 16.4.3528.0331 - Microsoft Corporation) Hidden
FreeRecorderExplorer (HKU\S-1-5-21-2238446362-149773792-617086920-1000\...\3bfbd47b6b1a7a66) (Version: 1.0.0.0 - FreeRecorderExplorer)
Google Chrome (HKLM-x32\...\Google Chrome) (Version: 97.0.4692.99 - Google LLC)
Google Update Helper (HKLM-x32\...\{A92DAB39-4E2C-4304-9AB6-BC44E68B55E2}) (Version: 1.3.25.11 - Google Inc.) Hidden
Intel(R) Control Center (HKLM-x32\...\{F8A9085D-4C7A-41a9-8A77-C8998A96C421}) (Version: 1.2.1.1007 - Intel Corporation)
Intel(R) Graphics Media Accelerator Driver (HKLM-x32\...\{F0E3AD40-2BBD-4360-9C76-B9AC9A5886EA}) (Version: 8.15.10.2125 - Intel Corporation)
Intel(R) Management Engine Components (HKLM-x32\...\{65153EA5-8B6E-43B6-857B-C6E4FC25798A}) (Version: 6.0.0.1179 - Intel Corporation)
IrfanView 4.50 (32-bit) (HKLM-x32\...\IrfanView) (Version: 4.50 - Irfan Skiljan)
JMicron Ethernet Adapter NDIS Driver (HKLM-x32\...\{96DCEE2F-98EE-4F80-8C0F-7C04D1FB9D7F}) (Version: 6.0.17.1 - JMicron Technology Corp.)
JMicron Flash Media Controller Driver (HKLM-x32\...\{26604C7E-A313-4D12-867F-7C6E7820BE4C}) (Version: 1.0.33.2 - JMicron Technology Corp.)
Jpeg Resampler Vs 6+ (HKLM-x32\...\JpegResampler2010_is1) (Version: - Jpeg Resampler)
Junk Mail filter update (HKLM-x32\...\{0BE9E708-5DC0-4963-9CFD-0AA519090E79}) (Version: 16.4.3528.0331 - Microsoft Corporation) Hidden
Kyodai Mahjongg (HKLM-x32\...\Kyodai Mahjongg_is1) (Version: - Rene-Gilles Deberdt)
Malwarebytes Anti-Malware verze 2.1.8.1057 (HKLM-x32\...\Malwarebytes Anti-Malware_is1) (Version: 2.1.8.1057 - Malwarebytes Corporation)
Media Feature Pack for Windows 7 N and KN (HKLM-x32\...\{59ba0f4a-dcb6-4377-a4f1-d86816a82500}) (Version: 1.0.0 - Microsoft) Hidden
Microsoft .NET Framework 4.8 (čeština) (HKLM\...\{92FB6C44-E685-45AD-9B20-CADF4CABA132} - 1029) (Version: 4.8.03761 - Microsoft Corporation)
Microsoft .NET Framework 4.8 (HKLM\...\{92FB6C44-E685-45AD-9B20-CADF4CABA132} - 1033) (Version: 4.8.03761 - Microsoft Corporation)
Microsoft Edge (HKLM-x32\...\Microsoft Edge) (Version: 83.0.478.50 - Microsoft Corporation)
Microsoft Office 2007 Service Pack 3 (SP3) (HKLM-x32\...\{90120000-0030-0000-0000-0000000FF1CE}_ENTERPRISE_{6E107EB7-8B55-48BF-ACCB-199F86A2CD93}) (Version: - Microsoft)
Microsoft Office Enterprise 2007 (HKLM-x32\...\ENTERPRISE) (Version: 12.0.6612.1000 - Microsoft Corporation)
Microsoft Office File Validation Add-In (HKLM-x32\...\{90140000-2005-0000-0000-0000000FF1CE}) (Version: 14.0.5130.5003 - Microsoft Corporation)
Microsoft Office XP Professional s aplikací FrontPage (HKLM-x32\...\{90280405-6000-11D3-8CFE-0050048383C9}) (Version: 10.0.6626.0 - Microsoft Corporation)
Microsoft Silverlight (HKLM\...\{89F4137D-6C26-4A84-BDB8-2E5A4BB71E00}) (Version: 5.1.50918.0 - Microsoft Corporation)
Microsoft SQL Server 2005 Compact Edition [ENU] (HKLM-x32\...\{F0B430D1-B6AA-473D-9B06-AA3DD01FD0B8}) (Version: 3.1.0000 - Microsoft Corporation)
Microsoft Visual C++ 2005 ATL Update kb973923 - x86 8.0.50727.4053 (HKLM-x32\...\{770657D0-A123-3C07-8E44-1C83EC895118}) (Version: 8.0.50727.4053 - Microsoft Corporation)
Microsoft Visual C++ 2005 Redistributable (HKLM-x32\...\{710f4c1c-cc18-4c49-8cbf-51240c89a1a2}) (Version: 8.0.61001 - Microsoft Corporation)
Microsoft Visual C++ 2005 Redistributable (HKLM-x32\...\{7299052b-02a4-4627-81f2-1818da5d550d}) (Version: 8.0.56336 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.17 (HKLM-x32\...\{9A25302D-30C0-39D9-BD6F-21E6EC160475}) (Version: 9.0.30729 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.4148 (HKLM-x32\...\{1F1C2DFC-2D24-3E06-BCB8-725134ADF989}) (Version: 9.0.30729.4148 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.6161 (HKLM-x32\...\{9BE518E6-ECC6-35A9-88E4-87755C07200F}) (Version: 9.0.30729.6161 - Microsoft Corporation)
Microsoft Visual C++ 2012 Redistributable (x64) - 11.0.61030 (HKLM-x32\...\{ca67548a-5ebe-413a-b50c-4b9ceb6d66c6}) (Version: 11.0.61030.0 - Microsoft Corporation)
Microsoft Visual C++ 2012 Redistributable (x86) - 11.0.61030 (HKLM-x32\...\{33d1fd90-4274-48a1-9bc1-97e33d9c2d6f}) (Version: 11.0.61030.0 - Microsoft Corporation)
Microsoft Visual C++ 2015 Redistributable (x86) - 14.0.24215 (HKLM-x32\...\{e2803110-78b3-4664-a479-3611a381656a}) (Version: 14.0.24215.1 - Microsoft Corporation)
Moorhuhn 2 V1.1 (HKLM-x32\...\Moorhuhn 2 V1.1) (Version: - )
Movie Maker (HKLM-x32\...\{3D2CF65C-B544-4308-B996-700D3E5F6C4C}) (Version: 16.4.3528.0331 - Microsoft Corporation) Hidden
Movie Maker (HKLM-x32\...\{DD67BE4B-7E62-4215-AFA3-F123A800A389}) (Version: 16.4.3528.0331 - Microsoft Corporation) Hidden
MSXML 4.0 SP3 Parser (KB2721691) (HKLM-x32\...\{355B5AC0-CEEE-42C5-AD4D-7F3CFD806C36}) (Version: 4.30.2114.0 - Microsoft Corporation)
MSXML 4.0 SP3 Parser (KB2758694) (HKLM-x32\...\{1D95BA90-F4F8-47EC-A882-441C99D30C1E}) (Version: 4.30.2117.0 - Microsoft Corporation)
MSXML 4.0 SP3 Parser (KB973685) (HKLM-x32\...\{859DFA95-E4A6-48CD-B88E-A3E483E89B44}) (Version: 4.30.2107.0 - Microsoft Corporation)
MyAshampoo Toolbar (HKLM-x32\...\MyAshampoo Toolbar) (Version: 6.2.6.0 - MyAshampoo)
PDF24 Creator 6.9.2 (HKLM-x32\...\{81A6F461-0DBA-4F12-B56F-0E977EC10576}_is1) (Version: - PDF24.org)
Sada Compatibility Pack pro systém Office 2007 (HKLM-x32\...\{90120000-0020-0405-0000-0000000FF1CE}) (Version: 12.0.6612.1000 - Microsoft Corporation)
Skype Click to Call (HKLM-x32\...\{B6CF2967-C81E-40C0-9815-C05774FEF120}) (Version: 6.11.13348 - Skype Technologies S.A.)
Skype verze 8.34 (HKLM-x32\...\Skype_is1) (Version: 8.34 - Skype Technologies S.A.)
Software tiskárny EPSON (HKLM\...\EPSON Printer and Utilities) (Version: - SEIKO EPSON Corporation)
syncables desktop SE (HKLM-x32\...\{BBED4F90-7AE5-40BF-AFB7-1B495692F4AB}) (Version: 5.5.615.9518 - syncables)
Teta CEWE fotosvet (HKLM-x32\...\Teta CEWE fotosvet) (Version: 6.3.6 - CEWE Stiftung u Co. KGaA)
Total Commander (Remove or Repair) (HKLM-x32\...\Totalcmd) (Version: - )
Update for 2007 Microsoft Office System (KB967642) (HKLM-x32\...\{90120000-0030-0000-0000-0000000FF1CE}_ENTERPRISE_{C444285D-5E4F-48A4-91DD-47AAAA68E92D}) (Version: - Microsoft)
USB2.0 UVC VGA WebCam (HKLM\...\USB2.0 UVC VGA WebCam) (Version: 5.8.54000.207 - Sonix)
VLC media player (HKLM-x32\...\VLC media player) (Version: 2.2.8 - VideoLAN)
WIDCOMM Bluetooth Software (HKLM\...\{9E9D49A4-1DF4-4138-B7DB-5D87A893088E}) (Version: 6.2.5.600 - Broadcom Corporation)
Windows Driver Package - Broadcom (BTHUSB) Bluetooth (02/25/2010 6.2.0.9419) (HKLM\...\85CE3A3657FAE5FD305B143E90E6FC89BA53001C) (Version: 02/25/2010 6.2.0.9419 - Broadcom)
Windows Driver Package - Broadcom Bluetooth (01/19/2010 6.2.0.1417) (HKLM\...\7341A1B43E7FE58942EB1E820A17C18305DFBCE6) (Version: 01/19/2010 6.2.0.1417 - Broadcom)
Windows Driver Package - Broadcom Bluetooth (07/29/2009 6.1.7100.0) (HKLM\...\2AA10AB519DC7432D599A0E860206A7DDCC27764) (Version: 07/29/2009 6.1.7100.0 - Broadcom)
Windows Driver Package - Broadcom Bluetooth (07/30/2009 6.2.0.9405) (HKLM\...\6B6B5E96843E55CF5CF8C7E45FB457F1FE642FF1) (Version: 07/30/2009 6.2.0.9405 - Broadcom)
Windows Driver Package - Broadcom HIDClass (07/28/2009 6.2.0.9800) (HKLM\...\3BA80AB4C7E9F8497C115C844953A3D4BEB84D21) (Version: 07/28/2009 6.2.0.9800 - Broadcom)
Windows Live Essentials (HKLM-x32\...\WinLiveSuite) (Version: 16.4.3528.0331 - Microsoft Corporation)
Windows Live Sync (HKLM-x32\...\{4B4451CE-D1E6-4BDE-B4B2-59F03BB83B7C}) (Version: 14.0.8050.1202 - Microsoft Corporation)
Windows Media Player Firefox Plugin (HKLM-x32\...\{69FDFBB6-351D-4B8C-89D8-867DC9D0A2A4}) (Version: 1.0.0.8 - Microsoft Corp)
WinFlash (HKLM-x32\...\{8F21291E-0444-4B1D-B9F9-4370A73E346D}) (Version: 2.30.3 - ASUS)
WinRAR 5.70 (32-bit) (HKLM-x32\...\WinRAR archiver) (Version: 5.70.0 - win.rar GmbH)
WinUsb CoInstallers (HKLM-x32\...\{9755918A-CDF8-4F1E-8453-6359CF1A330A}) (Version: 1.1.12.1526 - Microsoft)
WinUSB Compatible ID Drivers (HKLM-x32\...\{A4A0B236-6046-4CAB-8177-1EAF61112C75}) (Version: 1.1.11.1526 - Microsoft)
WinUSB Drivers ext (HKLM-x32\...\{29BAAF65-09E5-4F52-8D15-2FAF2E23A8DC}) (Version: 1.1.24.1544 - Microsoft)
Wireless Console 3 (HKLM-x32\...\{20FDF948-C8ED-4543-A539-F7F4AEF5AFA2}) (Version: 3.0.18 - ASUS)

==================== Custom CLSID (Whitelisted): ==============

(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)

ShellExecuteHooks-x32: Groove GFS Stub Execution Hook - {B5A7F190-DDA6-4420-B3BA-52453494E6CD} - C:\Program Files (x86)\Microsoft Office\Office12\GrooveShellExtensions.dll [2217832 2009-02-26] (Microsoft Corporation -> Microsoft Corporation)
ShellIconOverlayIdentifiers: [00asw] -> {472083B0-C522-11CF-8763-00608CC02F24} => C:\Program Files\AVAST Software\Avast\ashShell.dll [2021-12-20] (Avast Software s.r.o. -> AVAST Software)
ShellIconOverlayIdentifiers: [ADSMOverlayIcon] -> {A825576B-0042-4F0F-8FB0-93CE0F054E69} => C:\Program Files (x86)\ASUS\ASUS Data Security Manager\ShlExt\x64\OverlayIconShlExt64.dll [2007-06-15] () [File not signed]
ShellIconOverlayIdentifiers: [ADSMOverlayIcon1] -> {A8D448F4-0431-45AC-9F5E-E1B434AB2249} => C:\Program Files (x86)\ASUS\ASUS Data Security Manager\ShlExt\x64\OverlayIconShlExt1_64.dll [2007-06-02] () [File not signed]
ShellIconOverlayIdentifiers: [AsusWSShellExt_B] -> {6D4133E5-0742-4ADC-8A8C-9303440F7190} => -> No File
ShellIconOverlayIdentifiers: [AsusWSShellExt_O] -> {64174815-8D98-4CE6-8646-4C039977D808} => C:\Program Files (x86)\ASUS\ASUS WebStorage\service\AsusWSShellExt64.dll [2009-11-26] (eCareme Technologies, Inc.) [File not signed]
ShellIconOverlayIdentifiers-x32: [00asw] -> {472083B0-C522-11CF-8763-00608CC02F24} => C:\Program Files\AVAST Software\Avast\ashShell.dll [2021-12-20] (Avast Software s.r.o. -> AVAST Software)
ShellIconOverlayIdentifiers-x32: [ADSMOverlayIcon] -> {A825576B-0042-4F0F-8FB0-93CE0F054E69} => C:\Program Files (x86)\ASUS\ASUS Data Security Manager\ShlExt\x64\OverlayIconShlExt64.dll [2007-06-15] () [File not signed]
ShellIconOverlayIdentifiers-x32: [ADSMOverlayIcon1] -> {A8D448F4-0431-45AC-9F5E-E1B434AB2249} => C:\Program Files (x86)\ASUS\ASUS Data Security Manager\ShlExt\x64\OverlayIconShlExt1_64.dll [2007-06-02] () [File not signed]
ContextMenuHandlers1: [ADSMEnDecExt] -> {8BB925EB-A385-4F4D-B463-D9CC4A4F98F5} => C:\Program Files (x86)\ASUS\ASUS Data Security Manager\ShlExt\x64\AdsmendecExt.dll [2009-09-29] (ASUSTeK Computer Inc. -> ASUSTek Computer Inc.)
ContextMenuHandlers1: [avast] -> {472083B0-C522-11CF-8763-00608CC02F24} => C:\Program Files\AVAST Software\Avast\ashShell.dll [2021-12-20] (Avast Software s.r.o. -> AVAST Software)
ContextMenuHandlers1: [BackupContextMenuExtension] -> {b1b96b20-da1d-4a3c-92c1-7229b32f2325} => C:\Program Files (x86)\ASUS\ASUS WebStorage\XPClient.DLL [2010-03-16] (eCareme Technologies, Inc. -> Ecareme)
ContextMenuHandlers1-x32: [JRcm] -> {C20B9A7B-ED5B-4CEB-B2A6-F1F62E99C539} => C:\Program Files (x86)\JpegResampler2010\JRcm.dll [2010-08-18] () [File not signed]
ContextMenuHandlers1: [JRcm64] -> {013BF2A8-A4B1-11DF-A865-F509E0D72085} => C:\Program Files (x86)\JpegResampler2010\JRcm64.dll [2010-09-06] () [File not signed]
ContextMenuHandlers1: [WinRAR] -> {B41DB860-64E4-11D2-9906-E49FADC173CA} => C:\Program Files (x86)\WinRAR\rarext64.dll [2019-02-24] (win.rar GmbH -> Alexander Roshal)
ContextMenuHandlers1-x32: [WinRAR32] -> {B41DB860-8EE4-11D2-9906-E49FADC173CA} => C:\Program Files (x86)\WinRAR\rarext.dll [2019-02-24] (win.rar GmbH -> Alexander Roshal)
ContextMenuHandlers3: [00asw] -> {472083B0-C522-11CF-8763-00608CC02F24} => C:\Program Files\AVAST Software\Avast\ashShell.dll [2021-12-20] (Avast Software s.r.o. -> AVAST Software)
ContextMenuHandlers3: [BackupContextMenuExtension] -> {b1b96b20-da1d-4a3c-92c1-7229b32f2325} => C:\Program Files (x86)\ASUS\ASUS WebStorage\XPClient.DLL [2010-03-16] (eCareme Technologies, Inc. -> Ecareme)
ContextMenuHandlers4: [ADSMEnDecExt] -> {8BB925EB-A385-4F4D-B463-D9CC4A4F98F5} => C:\Program Files (x86)\ASUS\ASUS Data Security Manager\ShlExt\x64\AdsmendecExt.dll [2009-09-29] (ASUSTeK Computer Inc. -> ASUSTek Computer Inc.)
ContextMenuHandlers5: [igfxcui] -> {3AB1675A-CCFF-11D2-8B20-00A0C93CB1F4} => C:\Windows\system32\igfxpph.dll [2012-01-10] (Microsoft Windows Hardware Compatibility Publisher -> Intel Corporation)
ContextMenuHandlers6: [avast] -> {472083B0-C522-11CF-8763-00608CC02F24} => C:\Program Files\AVAST Software\Avast\ashShell.dll [2021-12-20] (Avast Software s.r.o. -> AVAST Software)
ContextMenuHandlers6-x32: [JRcm] -> {C20B9A7B-ED5B-4CEB-B2A6-F1F62E99C539} => C:\Program Files (x86)\JpegResampler2010\JRcm.dll [2010-08-18] () [File not signed]
ContextMenuHandlers6: [JRcm64] -> {013BF2A8-A4B1-11DF-A865-F509E0D72085} => C:\Program Files (x86)\JpegResampler2010\JRcm64.dll [2010-09-06] () [File not signed]
ContextMenuHandlers6: [WinRAR] -> {B41DB860-64E4-11D2-9906-E49FADC173CA} => C:\Program Files (x86)\WinRAR\rarext64.dll [2019-02-24] (win.rar GmbH -> Alexander Roshal)
ContextMenuHandlers6-x32: [WinRAR32] -> {B41DB860-8EE4-11D2-9906-E49FADC173CA} => C:\Program Files (x86)\WinRAR\rarext.dll [2019-02-24] (win.rar GmbH -> Alexander Roshal)

==================== Codecs (Whitelisted) ====================

(If an entry is included in the fixlist, the registry item will be restored to default or removed. The file will not be moved.)

HKLM\...\Drivers32: [VIDC.FMVC] => C:\Windows\SysWOW64\fmcodec.dll [77824 2008-08-18] (Fox Magic Software) [File not signed]

==================== Shortcuts & WMI ========================

==================== Loaded Modules (Whitelisted) =============

2009-10-26 04:38 - 2009-10-26 04:38 - 000221184 _____ () [File not signed] [File is in use] C:\Program Files (x86)\ASUS\ASUS WebStorage\LogicNP.EZNamespaceExtensions.dll
2009-03-02 03:07 - 2009-03-02 03:07 - 000200704 _____ () [File not signed] [File is in use] C:\Program Files (x86)\ASUS\ASUS WebStorage\LogicNP.EZShellExtensions.dll
2010-10-28 09:51 - 2010-10-28 09:51 - 000931840 _____ () [File not signed] [File is in use] C:\Windows\assembly\GAC_64\System.Data.SQLite\1.0.60.0__db937bc2d44ff139\System.Data.SQLite.dll
2007-06-02 00:52 - 2007-06-02 00:52 - 000159744 _____ () [File not signed] C:\Program Files (x86)\ASUS\ASUS Data Security Manager\ShlExt\x64\OverlayIconShlExt1_64.dll
2007-06-15 18:28 - 2007-06-15 18:28 - 000104960 _____ () [File not signed] C:\Program Files (x86)\ASUS\ASUS Data Security Manager\ShlExt\x64\OverlayIconShlExt64.dll
2013-02-13 18:01 - 2010-09-06 18:21 - 000538435 _____ () [File not signed] C:\Program Files (x86)\JpegResampler2010\JRcm64.dll
2010-01-11 18:27 - 2010-01-11 18:27 - 000017920 _____ () [File not signed] C:\Program Files\P4G\DevMng.dll
2010-05-06 02:22 - 2010-05-06 02:22 - 000108544 _____ () [File not signed] C:\Program Files\P4G\OvrClk.dll
2004-05-28 02:13 - 2004-05-28 02:13 - 000080384 _____ (ACTIONTEC Electronics,Inc) [File not signed] C:\Program Files (x86)\ASUS\Wireless Console 3\ATKWLIOC.DLL
2005-09-22 01:30 - 2005-09-22 01:30 - 000036864 _____ (ATK) [File not signed] C:\Program Files (x86)\ASUS\Wireless Console 3\inter_f2.dll
2009-11-26 06:49 - 2009-11-26 06:49 - 000070656 _____ (eCareme Technologies, Inc.) [File not signed] C:\Program Files (x86)\ASUS\ASUS WebStorage\service\AsusWSShellExt64.dll
2015-03-24 22:46 - 2015-03-24 22:46 - 001656320 _____ (Microsoft Corporation) [File not signed] C:\Windows\WinSxS\amd64_microsoft.vc80.mfc_1fc8b3b9a1e18e3b_8.0.50727.762_none_c46a533c8a667ee7\MFC80.DLL
2015-03-24 22:46 - 2015-03-24 22:46 - 001652736 _____ (Microsoft Corporation) [File not signed] C:\Windows\WinSxS\amd64_microsoft.vc80.mfc_1fc8b3b9a1e18e3b_8.0.50727.762_none_c46a533c8a667ee7\MFC80U.DLL
2021-11-13 14:15 - 2021-11-13 14:15 - 000000000 ____L (Microsoft Corporation) [simlink -> C:\Program Files\AVAST Software\Avast\avast.local_vc142.crt\api-ms-win-core-file-l1-2-0.dll] C:\Program Files\AVAST Software\Avast\1029\avast.local_vc142.crt\api-ms-win-core-file-l1-2-0.dll
2022-01-30 11:59 - 2022-01-30 11:59 - 000000000 ____L (Microsoft Corporation) [simlink -> C:\Program Files\AVAST Software\Avast\avast.local_vc142.crt\api-ms-win-core-file-l1-2-0.dll] C:\Program Files\AVAST Software\Avast\defs\22013000\avast.local_vc142.crt\api-ms-win-core-file-l1-2-0.dll
2021-11-13 14:15 - 2021-11-13 14:15 - 000000000 ____L (Microsoft Corporation) [simlink -> C:\Program Files\AVAST Software\Avast\avast.local_vc142.crt\api-ms-win-core-file-l2-1-0.dll] C:\Program Files\AVAST Software\Avast\1029\avast.local_vc142.crt\api-ms-win-core-file-l2-1-0.dll
2022-01-30 11:59 - 2022-01-30 11:59 - 000000000 ____L (Microsoft Corporation) [simlink -> C:\Program Files\AVAST Software\Avast\avast.local_vc142.crt\api-ms-win-core-file-l2-1-0.dll] C:\Program Files\AVAST Software\Avast\defs\22013000\avast.local_vc142.crt\api-ms-win-core-file-l2-1-0.dll
2021-11-13 14:15 - 2021-11-13 14:15 - 000000000 ____L (Microsoft Corporation) [simlink -> C:\Program Files\AVAST Software\Avast\avast.local_vc142.crt\api-ms-win-core-localization-l1-2-0.dll] C:\Program Files\AVAST Software\Avast\1029\avast.local_vc142.crt\api-ms-win-core-localization-l1-2-0.dll
2022-01-30 11:59 - 2022-01-30 11:59 - 000000000 ____L (Microsoft Corporation) [simlink -> C:\Program Files\AVAST Software\Avast\avast.local_vc142.crt\api-ms-win-core-localization-l1-2-0.dll] C:\Program Files\AVAST Software\Avast\defs\22013000\avast.local_vc142.crt\api-ms-win-core-localization-l1-2-0.dll
2021-11-13 14:15 - 2021-11-13 14:15 - 000000000 ____L (Microsoft Corporation) [simlink -> C:\Program Files\AVAST Software\Avast\avast.local_vc142.crt\api-ms-win-core-processthreads-l1-1-1.dll] C:\Program Files\AVAST Software\Avast\1029\avast.local_vc142.crt\api-ms-win-core-processthreads-l1-1-1.dll
2022-01-30 11:59 - 2022-01-30 11:59 - 000000000 ____L (Microsoft Corporation) [simlink -> C:\Program Files\AVAST Software\Avast\avast.local_vc142.crt\api-ms-win-core-processthreads-l1-1-1.dll] C:\Program Files\AVAST Software\Avast\defs\22013000\avast.local_vc142.crt\api-ms-win-core-processthreads-l1-1-1.dll
2021-11-13 14:15 - 2021-11-13 14:15 - 000000000 ____L (Microsoft Corporation) [simlink -> C:\Program Files\AVAST Software\Avast\avast.local_vc142.crt\api-ms-win-core-synch-l1-2-0.dll] C:\Program Files\AVAST Software\Avast\1029\avast.local_vc142.crt\api-ms-win-core-synch-l1-2-0.dll
2022-01-30 11:59 - 2022-01-30 11:59 - 000000000 ____L (Microsoft Corporation) [simlink -> C:\Program Files\AVAST Software\Avast\avast.local_vc142.crt\api-ms-win-core-synch-l1-2-0.dll] C:\Program Files\AVAST Software\Avast\defs\22013000\avast.local_vc142.crt\api-ms-win-core-synch-l1-2-0.dll
2021-11-13 14:15 - 2021-11-13 14:15 - 000000000 ____L (Microsoft Corporation) [simlink -> C:\Program Files\AVAST Software\Avast\avast.local_vc142.crt\api-ms-win-core-timezone-l1-1-0.dll] C:\Program Files\AVAST Software\Avast\1029\avast.local_vc142.crt\api-ms-win-core-timezone-l1-1-0.dll
2022-01-30 11:59 - 2022-01-30 11:59 - 000000000 ____L (Microsoft Corporation) [simlink -> C:\Program Files\AVAST Software\Avast\avast.local_vc142.crt\api-ms-win-core-timezone-l1-1-0.dll] C:\Program Files\AVAST Software\Avast\defs\22013000\avast.local_vc142.crt\api-ms-win-core-timezone-l1-1-0.dll
2021-11-13 14:15 - 2021-11-13 14:15 - 000000000 ____L (Microsoft Corporation) [simlink -> C:\Program Files\AVAST Software\Avast\avast.local_vc142.crt\api-ms-win-crt-convert-l1-1-0.dll] C:\Program Files\AVAST Software\Avast\1029\avast.local_vc142.crt\api-ms-win-crt-convert-l1-1-0.dll
2022-01-30 11:59 - 2022-01-30 11:59 - 000000000 ____L (Microsoft Corporation) [simlink -> C:\Program Files\AVAST Software\Avast\avast.local_vc142.crt\api-ms-win-crt-convert-l1-1-0.dll] C:\Program Files\AVAST Software\Avast\defs\22013000\avast.local_vc142.crt\api-ms-win-crt-convert-l1-1-0.dll
2022-01-30 11:59 - 2022-01-30 11:59 - 000000000 ____L (Microsoft Corporation) [simlink -> C:\Program Files\AVAST Software\Avast\avast.local_vc142.crt\api-ms-win-crt-environment-l1-1-0.dll] C:\Program Files\AVAST Software\Avast\defs\22013000\avast.local_vc142.crt\api-ms-win-crt-environment-l1-1-0.dll
2022-01-30 11:59 - 2022-01-30 11:59 - 000000000 ____L (Microsoft Corporation) [simlink -> C:\Program Files\AVAST Software\Avast\avast.local_vc142.crt\api-ms-win-crt-filesystem-l1-1-0.dll] C:\Program Files\AVAST Software\Avast\defs\22013000\avast.local_vc142.crt\api-ms-win-crt-filesystem-l1-1-0.dll
2021-11-13 14:15 - 2021-11-13 14:15 - 000000000 ____L (Microsoft Corporation) [simlink -> C:\Program Files\AVAST Software\Avast\avast.local_vc142.crt\api-ms-win-crt-heap-l1-1-0.dll] C:\Program Files\AVAST Software\Avast\1029\avast.local_vc142.crt\api-ms-win-crt-heap-l1-1-0.dll
2022-01-30 11:59 - 2022-01-30 11:59 - 000000000 ____L (Microsoft Corporation) [simlink -> C:\Program Files\AVAST Software\Avast\avast.local_vc142.crt\api-ms-win-crt-heap-l1-1-0.dll] C:\Program Files\AVAST Software\Avast\defs\22013000\avast.local_vc142.crt\api-ms-win-crt-heap-l1-1-0.dll
2022-01-30 11:59 - 2022-01-30 11:59 - 000000000 ____L (Microsoft Corporation) [simlink -> C:\Program Files\AVAST Software\Avast\avast.local_vc142.crt\api-ms-win-crt-locale-l1-1-0.dll] C:\Program Files\AVAST Software\Avast\defs\22013000\avast.local_vc142.crt\api-ms-win-crt-locale-l1-1-0.dll
2022-01-30 11:59 - 2022-01-30 11:59 - 000000000 ____L (Microsoft Corporation) [simlink -> C:\Program Files\AVAST Software\Avast\avast.local_vc142.crt\api-ms-win-crt-math-l1-1-0.dll] C:\Program Files\AVAST Software\Avast\defs\22013000\avast.local_vc142.crt\api-ms-win-crt-math-l1-1-0.dll
2022-01-30 11:59 - 2022-01-30 11:59 - 000000000 ____L (Microsoft Corporation) [simlink -> C:\Program Files\AVAST Software\Avast\avast.local_vc142.crt\api-ms-win-crt-multibyte-l1-1-0.dll] C:\Program Files\AVAST Software\Avast\defs\22013000\avast.local_vc142.crt\api-ms-win-crt-multibyte-l1-1-0.dll
2021-11-13 14:15 - 2021-11-13 14:15 - 000000000 ____L (Microsoft Corporation) [simlink -> C:\Program Files\AVAST Software\Avast\avast.local_vc142.crt\api-ms-win-crt-runtime-l1-1-0.dll] C:\Program Files\AVAST Software\Avast\1029\avast.local_vc142.crt\api-ms-win-crt-runtime-l1-1-0.dll
2022-01-30 11:59 - 2022-01-30 11:59 - 000000000 ____L (Microsoft Corporation) [simlink -> C:\Program Files\AVAST Software\Avast\avast.local_vc142.crt\api-ms-win-crt-runtime-l1-1-0.dll] C:\Program Files\AVAST Software\Avast\defs\22013000\avast.local_vc142.crt\api-ms-win-crt-runtime-l1-1-0.dll
2021-11-13 14:15 - 2021-11-13 14:15 - 000000000 ____L (Microsoft Corporation) [simlink -> C:\Program Files\AVAST Software\Avast\avast.local_vc142.crt\api-ms-win-crt-stdio-l1-1-0.dll] C:\Program Files\AVAST Software\Avast\1029\avast.local_vc142.crt\api-ms-win-crt-stdio-l1-1-0.dll
2022-01-30 11:59 - 2022-01-30 11:59 - 000000000 ____L (Microsoft Corporation) [simlink -> C:\Program Files\AVAST Software\Avast\avast.local_vc142.crt\api-ms-win-crt-stdio-l1-1-0.dll] C:\Program Files\AVAST Software\Avast\defs\22013000\avast.local_vc142.crt\api-ms-win-crt-stdio-l1-1-0.dll
2021-11-13 14:15 - 2021-11-13 14:15 - 000000000 ____L (Microsoft Corporation) [simlink -> C:\Program Files\AVAST Software\Avast\avast.local_vc142.crt\api-ms-win-crt-string-l1-1-0.dll] C:\Program Files\AVAST Software\Avast\1029\avast.local_vc142.crt\api-ms-win-crt-string-l1-1-0.dll
2022-01-30 11:59 - 2022-01-30 11:59 - 000000000 ____L (Microsoft Corporation) [simlink -> C:\Program Files\AVAST Software\Avast\avast.local_vc142.crt\api-ms-win-crt-string-l1-1-0.dll] C:\Program Files\AVAST Software\Avast\defs\22013000\avast.local_vc142.crt\api-ms-win-crt-string-l1-1-0.dll
2022-01-30 11:59 - 2022-01-30 11:59 - 000000000 ____L (Microsoft Corporation) [simlink -> C:\Program Files\AVAST Software\Avast\avast.local_vc142.crt\api-ms-win-crt-time-l1-1-0.dll] C:\Program Files\AVAST Software\Avast\defs\22013000\avast.local_vc142.crt\api-ms-win-crt-time-l1-1-0.dll
2022-01-30 11:59 - 2022-01-30 11:59 - 000000000 ____L (Microsoft Corporation) [simlink -> C:\Program Files\AVAST Software\Avast\avast.local_vc142.crt\api-ms-win-crt-utility-l1-1-0.dll] C:\Program Files\AVAST Software\Avast\defs\22013000\avast.local_vc142.crt\api-ms-win-crt-utility-l1-1-0.dll
2022-01-30 11:59 - 2022-01-30 11:59 - 000000000 ____L (Microsoft Corporation) [simlink -> C:\Program Files\AVAST Software\Avast\avast.local_vc142.crt\msvcp140.dll] C:\Program Files\AVAST Software\Avast\defs\22013000\avast.local_vc142.crt\MSVCP140.dll
2021-11-13 14:15 - 2021-11-13 14:15 - 000000000 ____L (Microsoft Corporation) [simlink -> C:\Program Files\AVAST Software\Avast\avast.local_vc142.crt\ucrtbase.dll] C:\Program Files\AVAST Software\Avast\1029\avast.local_vc142.crt\ucrtbase.DLL
2022-01-30 11:59 - 2022-01-30 11:59 - 000000000 ____L (Microsoft Corporation) [simlink -> C:\Program Files\AVAST Software\Avast\avast.local_vc142.crt\ucrtbase.dll] C:\Program Files\AVAST Software\Avast\defs\22013000\avast.local_vc142.crt\ucrtbase.DLL
2021-11-13 14:15 - 2021-11-13 14:15 - 000000000 ____L (Microsoft Corporation) [simlink -> C:\Program Files\AVAST Software\Avast\avast.local_vc142.crt\vcruntime140.dll] C:\Program Files\AVAST Software\Avast\1029\avast.local_vc142.crt\VCRUNTIME140.dll
2022-01-30 11:59 - 2022-01-30 11:59 - 000000000 ____L (Microsoft Corporation) [simlink -> C:\Program Files\AVAST Software\Avast\avast.local_vc142.crt\vcruntime140.dll] C:\Program Files\AVAST Software\Avast\defs\22013000\avast.local_vc142.crt\VCRUNTIME140.dll
2022-01-30 11:59 - 2022-01-30 11:59 - 000000000 ____L (Microsoft Corporation) [simlink -> C:\Program Files\AVAST Software\Avast\avast.local_vc142.crt\vcruntime140_1.dll] C:\Program Files\AVAST Software\Avast\defs\22013000\avast.local_vc142.crt\VCRUNTIME140_1.dll
2005-01-13 08:36 - 2005-01-13 08:36 - 000303104 _____ (Silicon Integrated Systems Corp.) [File not signed] C:\Program Files (x86)\ASUS\Wireless Console 3\SiSPkt.dll
2006-03-30 06:24 - 2006-03-30 06:24 - 000270336 _____ (The Apache Software Foundation) [File not signed] [File is in use] C:\Program Files (x86)\ASUS\ASUS WebStorage\log4net.dll

==================== Alternate Data Streams (Whitelisted) ========

==================== Safe Mode (Whitelisted) ==================

(If an entry is included in the fixlist, it will be removed from the registry. The "AlternateShell" will be restored.)

HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\aswSP.sys => ""="Driver"
HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Network\aswSP.sys => ""="Driver"

==================== Association (Whitelisted) =================

==================== Internet Explorer (Version 11) (Whitelisted) ==========

HKLM\Software\Wow6432Node\Microsoft\Internet Explorer\Main,Start Page = hxxps://www.seznam.cz/?clid=22668
HKLM\Software\Wow6432Node\Microsoft\Internet Explorer\Main,Search Page = hxxp://search.seznam.cz/?sourceid=quicksearch_22668&q={searchTerms}
HKU\S-1-5-21-2238446362-149773792-617086920-1000\Software\Microsoft\Internet Explorer\Main,Start Page = hxxp://www.seznam.cz/?clid=12454
HKU\S-1-5-21-2238446362-149773792-617086920-1000\Software\Microsoft\Internet Explorer\Main,Search Page = hxxp://search.seznam.cz/?sourceid=quicksearch_22668&q={searchTerms}
SearchScopes: HKLM-x32 -> {15C4DF55-4B67-495A-A3D3-A497C4A49EE0} URL = hxxp://search.seznam.cz/?sourceid=quicksearch_22668&q={searchTerms}
SearchScopes: HKU\S-1-5-21-2238446362-149773792-617086920-1000 -> {08C6706A-AE75-4F5A-A99E-56720012B48E} URL = hxxp://encyklopedie.seznam.cz/search?q={searchTerms}&sourceid=QuickSearch_12454
SearchScopes: HKU\S-1-5-21-2238446362-149773792-617086920-1000 -> {0FD46DBA-2E3F-4E97-A75D-CF49DFAC1380} URL = hxxp://www.zbozi.cz/?q={searchTerms}&r=campmoz ... arch_12454
SearchScopes: HKU\S-1-5-21-2238446362-149773792-617086920-1000 -> {363B35F8-3C58-4749-8B43-E72332702754} URL = hxxp://slovnik.seznam.cz/?q={searchTerms}&lang=cz_en&sourceid=QuickSearch_12454
SearchScopes: HKU\S-1-5-21-2238446362-149773792-617086920-1000 -> {4C65E1FD-3585-4267-A688-BEDC23E80BB7} URL = hxxp://www.firmy.cz/?q={searchTerms}&sourceid= ... arch_12454
SearchScopes: HKU\S-1-5-21-2238446362-149773792-617086920-1000 -> {591D8012-01FB-4D6C-8A40-7877CB865DED} URL = hxxp://tv.seznam.cz/hledej?w={searchTerms}&sourceid=QuickSearch_12454
SearchScopes: HKU\S-1-5-21-2238446362-149773792-617086920-1000 -> {A6328E39-CFED-49A1-A4E9-E050BD2F5CDB} URL = hxxp://search.seznam.cz/?q={searchTerms}&sourceid=QuickSearch_12454
SearchScopes: HKU\S-1-5-21-2238446362-149773792-617086920-1000 -> {C5C0259C-8A6B-4679-A81A-6D7D2D3F169E} URL = hxxp://www.novinky.cz/hledej?w={searchTerms}&s ... arch_12454
SearchScopes: HKU\S-1-5-21-2238446362-149773792-617086920-1000 -> {FE9D8FE5-5C1A-436B-BC53-7C93731FF4D4} URL = hxxp://slovnik.seznam.cz/?q={searchTerms}&lang=en_cz&sourceid=QuickSearch_12454
SearchScopes: HKU\S-1-5-21-2238446362-149773792-617086920-1000 -> {FF3F341C-0C4A-4123-BD4C-EDF5192DF5EC} URL = hxxp://www.mapy.cz/?query={searchTerms}&source ... arch_12454
Handler-x32: http - {E1D2BF42-A96B-11d1-9C6B-0000F875AC61} - C:\Program Files (x86)\Common Files\System\OLE DB\msdaipp.dll [2004-01-29] (Microsoft Corporation) [File not signed]
Handler-x32: http - {E1D2BF40-A96B-11d1-9C6B-0000F875AC61} - C:\Program Files (x86)\Common Files\System\OLE DB\msdaipp.dll [2004-01-29] (Microsoft Corporation) [File not signed]
Handler-x32: https - {E1D2BF42-A96B-11d1-9C6B-0000F875AC61} - C:\Program Files (x86)\Common Files\System\OLE DB\msdaipp.dll [2004-01-29] (Microsoft Corporation) [File not signed]
Handler-x32: https - {E1D2BF40-A96B-11d1-9C6B-0000F875AC61} - C:\Program Files (x86)\Common Files\System\OLE DB\msdaipp.dll [2004-01-29] (Microsoft Corporation) [File not signed]
Handler-x32: msdaipp - {E1D2BF42-A96B-11d1-9C6B-0000F875AC61} - C:\Program Files (x86)\Common Files\System\OLE DB\msdaipp.dll [2004-01-29] (Microsoft Corporation) [File not signed]
Handler-x32: msdaipp - {E1D2BF40-A96B-11d1-9C6B-0000F875AC61} - C:\Program Files (x86)\Common Files\System\OLE DB\msdaipp.dll [2004-01-29] (Microsoft Corporation) [File not signed]
Handler: skype4com - {FFC8B962-9B40-4DFF-9458-1830C7DD7F5D} - No File

==================== Hosts content: =========================

(If needed Hosts: directive could be included in the fixlist to reset Hosts.)

2009-07-14 03:34 - 2019-01-04 19:32 - 000000035 _____ C:\Windows\system32\drivers\etc\hosts

==================== Other Areas ===========================

(Currently there is no automatic fix for this section.)

HKLM\System\CurrentControlSet\Control\Session Manager\Environment\\Path -> C:\Program Files\Common Files\Microsoft Shared\Windows Live;C:\Program Files (x86)\Common Files\Microsoft Shared\Windows Live;%SystemRoot%\system32;%SystemRoot%;%SystemRoot%\System32\Wbem;%SYSTEMROOT%\System32\WindowsPowerShell\v1.0\;C:\Program Files\WIDCOMM\Bluetooth Software\;C:\Program Files\WIDCOMM\Bluetooth Software\syswow64;C:\Program Files (x86)\Windows Live\Shared
HKU\S-1-5-21-2238446362-149773792-617086920-1000\Control Panel\Desktop\\Wallpaper -> C:\Users\vev\AppData\Roaming\Microsoft\Windows\Themes\TranscodedWallpaper.jpg
DNS Servers: 62.129.50.20 - 85.135.32.100
HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Policies\System => (ConsentPromptBehaviorAdmin: 5) (ConsentPromptBehaviorUser: 3) (EnableLUA: 1)
Windows Firewall is enabled.

==================== MSCONFIG/TASK MANAGER disabled items ==

(If an entry is included in the fixlist, it will be removed.)

MSCONFIG\startupreg: Adobe Reader Speed Launcher => "C:\Program Files (x86)\Adobe\Reader 9.0\Reader\Reader_sl.exe"
MSCONFIG\startupreg: ADSMTray => C:\Program Files (x86)\ASUS\ASUS Data Security Manager\ADSMTray.exe
MSCONFIG\startupreg: ASUS Screen Saver Protector => C:\Windows\AsScrPro.exe

==================== FirewallRules (Whitelisted) ================

(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)

FirewallRules: [{1039291D-0C37-447F-982C-A8A192FEDAD8}] => (Allow) C:\Program Files (x86)\Cyberlink\PowerDVD9\PowerDVD Cinema\PowerDVDCinema.exe (CyberLink -> CyberLink Corp.)
FirewallRules: [{224E3BE4-3A8F-4478-ABCB-1F21E3208370}] => (Allow) C:\Program Files (x86)\Cyberlink\PowerDVD9\PowerDVD9.EXE (CyberLink -> CyberLink Corp.)
FirewallRules: [{E9722CB1-C1B6-46F5-BB58-9F1331C9D3B9}] => (Allow) LPort=5353
FirewallRules: [{1EA0832C-ABAA-469D-8BE4-EC0E27A00389}] => (Allow) LPort=8182
FirewallRules: [{4E5F60C5-56D2-489F-B02C-C8669DABC6DF}] => (Allow) C:\Program Files (x86)\Windows Live\Sync\WindowsLiveSync.exe (Microsoft Corporation -> Microsoft Corporation)
FirewallRules: [TCP Query User{7A757196-7F02-4CE3-A007-1AA90E2B4198}C:\program files (x86)\syncables\syncables desktop\jre\bin\javaw.exe] => (Block) C:\program files (x86)\syncables\syncables desktop\jre\bin\javaw.exe
FirewallRules: [UDP Query User{423C039D-6178-4C2D-83A0-9C4E40322D13}C:\program files (x86)\syncables\syncables desktop\jre\bin\javaw.exe] => (Block) C:\program files (x86)\syncables\syncables desktop\jre\bin\javaw.exe
FirewallRules: [TCP Query User{58E91DCC-0688-4D33-AB7F-0C84F0688451}C:\program files (x86)\dsnet corp\atube catcher 2.0\yct.exe] => (Block) C:\program files (x86)\dsnet corp\atube catcher 2.0\yct.exe (DS NET CORP SA DE CV -> DsNET)
FirewallRules: [UDP Query User{63A693BD-57E8-48FD-8F60-D4E0A1151316}C:\program files (x86)\dsnet corp\atube catcher 2.0\yct.exe] => (Block) C:\program files (x86)\dsnet corp\atube catcher 2.0\yct.exe (DS NET CORP SA DE CV -> DsNET)
FirewallRules: [TCP Query User{0B2FE04A-A191-4F98-B41E-D4368823F174}C:\program files (x86)\skype\phone\skype.exe] => (Allow) C:\program files (x86)\skype\phone\skype.exe => No File
FirewallRules: [UDP Query User{42031A72-9BA0-4C08-A592-1A354B5E06F8}C:\program files (x86)\skype\phone\skype.exe] => (Allow) C:\program files (x86)\skype\phone\skype.exe => No File
FirewallRules: [{6B7DCB32-AD05-45AD-836E-9886F9FCBA3B}] => (Allow) C:\Program Files (x86)\Windows Live\Contacts\wlcomm.exe (Microsoft Corporation -> Microsoft Corporation)
FirewallRules: [{33036CDB-650D-46B7-8418-2983A0566D3C}] => (Allow) LPort=2869
FirewallRules: [{984035FF-A347-481C-8069-3075D9B8948B}] => (Allow) LPort=1900
FirewallRules: [{FD8B2576-1DFD-46E7-BFC4-1F1250358D87}] => (Allow) C:\Program Files (x86)\Windows Live\Messenger\msnmsgr.exe (Microsoft Corporation -> Microsoft Corporation)
FirewallRules: [TCP Query User{0BB5FE32-7F77-476E-8F18-65FA4D7AFF10}C:\users\vev\appdata\local\apps\2.0\vz6e0xd9.eaj\rhz2a3e8.7ee\free..tion_a281ef6b72e478c8_0001.0000_1144c8d4a41ea84f\freerecorderexplorer.exe] => (Allow) C:\users\vev\appdata\local\apps\2.0\vz6e0xd9.eaj\rhz2a3e8.7ee\free..tion_a281ef6b72e478c8_0001.0000_1144c8d4a41ea84f\freerecorderexplorer.exe () [File not signed]
FirewallRules: [UDP Query User{7DE63BC4-AAEB-4C01-8CAB-DE5F33DF535D}C:\users\vev\appdata\local\apps\2.0\vz6e0xd9.eaj\rhz2a3e8.7ee\free..tion_a281ef6b72e478c8_0001.0000_1144c8d4a41ea84f\freerecorderexplorer.exe] => (Allow) C:\users\vev\appdata\local\apps\2.0\vz6e0xd9.eaj\rhz2a3e8.7ee\free..tion_a281ef6b72e478c8_0001.0000_1144c8d4a41ea84f\freerecorderexplorer.exe () [File not signed]
FirewallRules: [{283D9DA3-7C72-4E63-8EE2-BFBF27464528}] => (Block) C:\users\vev\appdata\local\apps\2.0\vz6e0xd9.eaj\rhz2a3e8.7ee\free..tion_a281ef6b72e478c8_0001.0000_1144c8d4a41ea84f\freerecorderexplorer.exe () [File not signed]
FirewallRules: [{5406EA47-0354-4002-8746-4B1FF2A5AE58}] => (Block) C:\users\vev\appdata\local\apps\2.0\vz6e0xd9.eaj\rhz2a3e8.7ee\free..tion_a281ef6b72e478c8_0001.0000_1144c8d4a41ea84f\freerecorderexplorer.exe () [File not signed]
FirewallRules: [{52E63B10-1DD8-49D3-8557-088B02037CAA}] => (Allow) C:\Program Files (x86)\FormatFactory\FormatFactory.exe (chen jun hao -> Free Time) [File not signed]
FirewallRules: [{72A0F244-0B61-4E8F-A169-B6A922581D22}] => (Allow) C:\Program Files (x86)\FormatFactory\FFModules\Encoder\Doc\EBookCodec.exe (chen jun hao -> Free Time) [File not signed]
FirewallRules: [{B878DA62-98F8-4DE0-BC22-8B4D7276E321}] => (Allow) C:\Program Files (x86)\FormatFactory\FormatFactory.exe (chen jun hao -> Free Time) [File not signed]
FirewallRules: [{C3C294E9-61C2-4D23-A586-18E8E1407F26}] => (Allow) C:\Program Files (x86)\FormatFactory\FFModules\Encoder\Doc\EBookCodec.exe (chen jun hao -> Free Time) [File not signed]
FirewallRules: [{076E6FFF-15BF-4064-B39D-B32A5435EF1F}] => (Allow) C:\Program Files (x86)\FormatFactory\FFModules\Package\PTInstOnline.exe (Free Time) [File not signed]
FirewallRules: [{4228B195-7B75-48A4-8C93-3AB11028828B}] => (Allow) C:\Program Files (x86)\FormatFactory\FormatFactory.exe (chen jun hao -> Free Time) [File not signed]
FirewallRules: [{8D9DCC91-F1F4-4A61-9721-07A16D0935C3}] => (Allow) C:\Program Files (x86)\FormatFactory\FFModules\Encoder\Doc\EBookCodec.exe (chen jun hao -> Free Time) [File not signed]
FirewallRules: [{F01A252E-0B97-4059-B73D-86466786DEBB}] => (Allow) C:\Program Files (x86)\FormatFactory\FormatFactory.exe (chen jun hao -> Free Time) [File not signed]
FirewallRules: [{FC497559-30C7-443A-A12E-DC49269A63AB}] => (Allow) C:\Program Files (x86)\FormatFactory\FFModules\Encoder\Doc\EBookCodec.exe (chen jun hao -> Free Time) [File not signed]
FirewallRules: [{A6AD9192-7047-4DDD-B0A2-CF39CE7CBFC4}] => (Allow) C:\Program Files (x86)\FormatFactory\FFModules\Package\PTInstOnline.exe (Free Time) [File not signed]
FirewallRules: [{20DF083A-9684-42DD-B499-981F52A39990}] => (Allow) C:\Program Files (x86)\CCleaner\CCUpdate.exe (Piriform Software Ltd -> Piriform Software Ltd)
FirewallRules: [{CA9C4BC1-FF46-4D19-BAB8-83C4D0C963F9}] => (Allow) C:\Program Files (x86)\CCleaner\CCUpdate.exe (Piriform Software Ltd -> Piriform Software Ltd)
FirewallRules: [{87F9CF60-0397-4CE1-B6DB-7F16EA357DC9}] => (Allow) C:\Program Files (x86)\Microsoft\Skype for Desktop\Skype.exe (Skype Software Sarl -> Skype Technologies S.A.)
FirewallRules: [{16CEB2CF-91E6-4993-9A7A-088ED33C4F7B}] => (Allow) C:\Program Files (x86)\Microsoft\Skype for Desktop\Skype.exe (Skype Software Sarl -> Skype Technologies S.A.)
FirewallRules: [TCP Query User{F645F6C9-BD6B-4A61-A800-242D2F4D9F31}C:\users\vev\pictures\desktop\anydesk.exe] => (Block) C:\users\vev\pictures\desktop\anydesk.exe => No File
FirewallRules: [UDP Query User{B42C6688-7521-4F68-9F36-13CFE85F78C8}C:\users\vev\pictures\desktop\anydesk.exe] => (Block) C:\users\vev\pictures\desktop\anydesk.exe => No File
FirewallRules: [{F3D9A7AB-8FC8-40F6-B865-9328C5B7642C}] => (Allow) C:\Program Files (x86)\Microsoft\Skype for Desktop\Skype.exe (Skype Software Sarl -> Skype Technologies S.A.)
FirewallRules: [{22A86080-FF16-4821-9EAD-43B261D69AD9}] => (Allow) C:\Program Files (x86)\Microsoft\Skype for Desktop\Skype.exe (Skype Software Sarl -> Skype Technologies S.A.)
FirewallRules: [{901EC7C6-D5DE-40DE-B2BB-9B57D902FAE3}] => (Block) C:\Program Files\AVAST Software\Avast\AvastUI.exe (Avast Software s.r.o. -> AVAST Software)
FirewallRules: [{4E176B58-A4EA-4303-9DC7-6F9F4DEB7B29}] => (Block) C:\Program Files\AVAST Software\Avast\AvastUI.exe (Avast Software s.r.o. -> AVAST Software)
FirewallRules: [{F867BCC1-B711-4823-9BE8-7E9382BC0DB7}] => (Block) C:\Program Files\AVAST Software\Avast\AvastUI.exe (Avast Software s.r.o. -> AVAST Software)
FirewallRules: [{B521DD54-A1CD-4179-B4D0-2394C083779D}] => (Block) C:\Program Files\AVAST Software\Avast\AvastUI.exe (Avast Software s.r.o. -> AVAST Software)
FirewallRules: [{F5455B53-C9C7-4910-9374-FDD1EFB5A6FF}] => (Block) C:\Program Files\AVAST Software\Avast\AvastUI.exe (Avast Software s.r.o. -> AVAST Software)
FirewallRules: [{0F66FD9C-BE0B-4EDD-96DF-A8C73B306D61}] => (Block) C:\Program Files\AVAST Software\Avast\AvastUI.exe (Avast Software s.r.o. -> AVAST Software)
FirewallRules: [{78608577-25B4-487B-9591-AC3255C0C53C}] => (Block) C:\Program Files\AVAST Software\Avast\AvastUI.exe (Avast Software s.r.o. -> AVAST Software)
FirewallRules: [{E4704E14-0050-4B46-8E06-AE9937139CA9}] => (Block) C:\Program Files\AVAST Software\Avast\AvastUI.exe (Avast Software s.r.o. -> AVAST Software)
FirewallRules: [{7B149868-1BED-429B-82A6-CC32D2B7CB9C}] => (Block) C:\Program Files\AVAST Software\Avast\AvastUI.exe (Avast Software s.r.o. -> AVAST Software)
FirewallRules: [{EDD115BC-3CD2-44E1-B706-4392C84E5DBE}] => (Block) C:\Program Files\AVAST Software\Avast\AvastUI.exe (Avast Software s.r.o. -> AVAST Software)
FirewallRules: [{95E453D9-8047-4D52-BC7D-EFF3E1A732C1}] => (Allow) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe (Google LLC -> Google LLC)

==================== Restore Points =========================


==================== Faulty Device Manager Devices ============

Name: pcouffin device ...
Description: pcouffin device ...
Class Guid:
Manufacturer:
Service:
Problem: : The drivers for this device are not installed. (Code 28)
Resolution: To install the drivers for this device, click "Update Driver", which starts the Hardware Update wizard.


==================== Event log errors: ========================

Application errors:
==================
Error: (01/30/2022 11:56:21 AM) (Source: Outlook) (EventID: 34) (User: )
Description: Nepodařilo se získat správce oboru procházení. Chyba=0x8001010d.

Error: (01/29/2022 10:22:07 AM) (Source: ESENT) (EventID: 489) (User: )
Description: taskhost (1788) Pokus o otevření souboru C:\Users\vev\AppData\Local\Microsoft\Windows\WebCache\WebCacheV01.dat jen pro čtení se nezdařil. Došlo k systémové chybě 32 (0x00000020): Proces nemá přístup k souboru, neboť jej právě využívá jiný proces. . Operace otevření souboru se nezdaří a dojde k chybě -1032 (0xfffffbf8).

Error: (01/29/2022 09:57:45 AM) (Source: Outlook) (EventID: 34) (User: )
Description: Nepodařilo se získat správce oboru procházení. Chyba=0x8001010d.

Error: (01/28/2022 09:36:57 PM) (Source: Outlook) (EventID: 34) (User: )
Description: Nepodařilo se získat správce oboru procházení. Chyba=0x8001010d.

Error: (01/27/2022 09:08:33 PM) (Source: Outlook) (EventID: 34) (User: )
Description: Nepodařilo se získat správce oboru procházení. Chyba=0x8001010d.

Error: (01/26/2022 09:05:48 PM) (Source: Outlook) (EventID: 34) (User: )
Description: Nepodařilo se získat správce oboru procházení. Chyba=0x8001010d.

Error: (01/25/2022 09:14:48 PM) (Source: Outlook) (EventID: 35) (User: )
Description: Nelze určit, zda se zásobník nachází v oboru procházení (chyba=0x800706ba).

Error: (01/25/2022 09:14:18 PM) (Source: Windows Search Service) (EventID: 7010) (User: )
Description: Index nebyl inicializován.

Podrobnosti:
Katalog indexu obsahu je poškozený. (HRESULT : 0xc0041801) (0xc0041801)


System errors:
=============
Error: (01/30/2022 12:21:37 PM) (Source: DCOM) (EventID: 10010) (User: )
Description: Server {BB6DF56B-CACE-11DC-9992-0019B93A3A84} se v daném časovém limitu neregistroval u služby DCOM.

Error: (01/30/2022 12:17:59 PM) (Source: Schannel) (EventID: 4119) (User: NT AUTHORITY)
Description: Byla přijata následující výstraha o závažné chybě: 40.

Error: (01/30/2022 12:17:59 PM) (Source: Schannel) (EventID: 4119) (User: NT AUTHORITY)
Description: Byla přijata následující výstraha o závažné chybě: 70.

Error: (01/30/2022 12:17:05 PM) (Source: Schannel) (EventID: 4119) (User: NT AUTHORITY)
Description: Byla přijata následující výstraha o závažné chybě: 40.

Error: (01/30/2022 12:17:05 PM) (Source: Schannel) (EventID: 4119) (User: NT AUTHORITY)
Description: Byla přijata následující výstraha o závažné chybě: 70.

Error: (01/30/2022 12:16:32 PM) (Source: Schannel) (EventID: 4119) (User: NT AUTHORITY)
Description: Byla přijata následující výstraha o závažné chybě: 40.

Error: (01/30/2022 12:16:32 PM) (Source: Schannel) (EventID: 4119) (User: NT AUTHORITY)
Description: Byla přijata následující výstraha o závažné chybě: 70.

Error: (01/30/2022 12:14:04 PM) (Source: Schannel) (EventID: 4119) (User: NT AUTHORITY)
Description: Byla přijata následující výstraha o závažné chybě: 40.


==================== Memory info ===========================

BIOS: American Megatrends Inc. K52F.210 08/30/2010
Motherboard: ASUSTeK Computer Inc. K52F
Processor: Intel(R) Pentium(R) CPU P6100 @ 2.00GHz
Percentage of memory in use: 78%
Total physical RAM: 2924.57 MB
Available physical RAM: 631.04 MB
Total Virtual: 6312.34 MB
Available Virtual: 2743.18 MB

==================== Drives ================================

Drive c: (OS) (Fixed) (Total:116.44 GB) (Free:42.66 GB) NTFS ==>[system with boot components (obtained from drive)]
Drive d: (Data) (Fixed) (Total:329.79 GB) (Free:294.68 GB) NTFS


==================== MBR & Partition Table ====================

==========================================================
Disk: 0 (MBR Code: Windows 7/8/10) (Size: 465.8 GB) (Disk ID: 849C66B0)
Partition 1: (Not Active) - (Size=19.5 GB) - (Type=1C)
Partition 2: (Active) - (Size=116.4 GB) - (Type=07 NTFS)
Partition 3: (Not Active) - (Size=329.8 GB) - (Type=0F Extended)

==================== End of Addition.txt =======================

[Rudy]

Otevřte poznámkový blok a zkopírujte do něj:

Start

CloseProcesses:
ShellIconOverlayIdentifiers: [AsusWSShellExt_B] -> {6D4133E5-0742-4ADC-8A8C-9303440F7190} => -> No File
Handler: skype4com - {FFC8B962-9B40-4DFF-9458-1830C7DD7F5D} - No File
FirewallRules: [TCP Query User{0B2FE04A-A191-4F98-B41E-D4368823F174}C:\program files (x86)\skype\phone\skype.exe] => (Allow) C:\program files (x86)\skype\phone\skype.exe => No File
FirewallRules: [UDP Query User{42031A72-9BA0-4C08-A592-1A354B5E06F8}C:\program files (x86)\skype\phone\skype.exe] => (Allow) C:\program files (x86)\skype\phone\skype.exe => No File
HKLM\SOFTWARE\Policies\Microsoft\Windows Defender: Restriction <==== ATTENTION
HKLM\Software\Wow6432Node\Microsoft\Active Setup\Installed Components: [{73FA19D0-2D75-11D2-995D-00C04F98BBC9}] ->
HKLM\SOFTWARE\Policies\Mozilla\Firefox: Restriction <==== ATTENTION
HKLM\SOFTWARE\Policies\Google: Restriction <==== ATTENTION
Task: {2E9BEA59-5A7B-4CAF-8ED4-9F89999A3C73} - System32\Tasks\Opera scheduled Autoupdate 1528634260 => C:\Users\vev\AppData\Local\Programs\Opera\launcher.exe --scheduledautoupdate $(Arg0) (No File)
Task: {32E29195-00AB-46F0-ACE5-995AF716AD3D} - System32\Tasks\{0F86AE1F-BAB6-4002-AD15-0E1E4006FA14} => C:\Program Files (x86)\Ahead\Nero StartSmart\NeroStartSmart.exe (No File)
Task: {90DB81AF-BF54-4D37-BA43-38B8ECD00320} - System32\Tasks\{B10294AB-ACF5-459F-AA32-1936119DA719} => C:\Program Files (x86)\Ahead\Nero StartSmart\NeroStartSmart.exe (No File)
Task: {BD64756A-BA3A-4595-9FDA-1FBAA68C4CF3} - System32\Tasks\AVAST Software\Avast settings backup => C:\Program Files\Common Files\AV\avast! Antivirus\backup.exe /backup /iavs (No File)
C:\Windows\system32\Tasks\{2352ED13-CB22-4F67-8A0A-F8BAE8F77D22}
C:\Windows\system32\Tasks\{C7C4BDC8-FC51-48B9-B78D-867378D794D0}
C:\Windows\system32\Tasks\GoogleUpdateTaskMachineUA
C:\Windows\system32\Tasks\GoogleUpdateTaskMachineCore
C:\Windows\system32\Tasks\{C98D2361-5F6D-4EFF-80A8-34B065F26049}
C:\Windows\system32\Tasks\{CE372306-0048-4383-9E6A-18B913E979E9}
C:\Windows\system32\Tasks\{6191827E-D7C0-41BA-A66A-229546CEBBDF}
C:\Windows\system32\Tasks\{1A67A6CB-7C54-4832-B9C5-CA7151B1CD86}
C:\Windows\system32\Tasks\{B10294AB-ACF5-459F-AA32-1936119DA719}
C:\Windows\system32\Tasks\{C5A07AAB-88E1-43E9-84F0-07D9455475C8}
C:\Windows\system32\Tasks\{0F86AE1F-BAB6-4002-AD15-0E1E4006FA14}
C:\Windows\system32\Tasks\{B7F918E3-FC9A-439D-95AA-EE1AA7BC37EB}
C:\Users\vev\AppData\Local\{0896EA8B-49A8-4B6E-8B72-CD487BECDED9}
C:\Users\vev\AppData\Local\{D7A6F389-6203-423E-8387-FC08B9B207A7}
C:\Users\vev\AppData\Local\{FDD68CB9-6E59-4DE3-B062-676D74DD6E30}

EmptyTemp:
End

Uložte na plochu jako fixlist.txt. Spusťte znovu FRST a klikněte na >Fix<. Po skončení akce se objeví log, který sem zkopírujte.

[vev]

Dobré odpoledne,
fixlist jsem uložila na plochu, ze které jsem spustila program frst. Po ukončení mi to zahlásilo, že je fix hotový. Objevila se hláška, že fixlog je uložen ve stejném adresáři, jako je frst. Poté to chtělo restart. Po restartu jsem hledala fixlog, ale nenašla jsem ho na ploše. Tak jsem hledala na disku C, kde mám složku FRST (ještě asi z minula) a tam nějaké logy jsou, ale žádný fixlog. Prosím, poradíte, kde bych fixlog mohla najít? Posílám print screen složky frst, kde jsou uložené logy...
Děkuji

[Rudy]

Fixlog musí být ve stejném adresáři jako mát samotný FRST, tj. v C:\Users\vev\Pictures\Desktop.

[vev]

Přidávám printscreen Vámi zmiňovaného umístění... nenašla jsem to... mám tedy provést fix znovu?
Přemýšlím, jestli nějak nevadí, že už jsem program frst měla kdysi asi nainstalovaný, nemůže to nějak haprovat v těch složkách a proto se mi tam nechce fixlog ukázat? Jsem z toho jelen.

[Rudy]

Nějdy se vyjímečně stane, že se fixlog nevytvoří. Asi nějaká chyba FRST. Dejte tedy nové logy FRST+Addition.

[vev]

Vkládám tedy nové logy FRST a děkuji za kontrolu.



==================== Processes (Whitelisted) =================

(If an entry is included in the fixlist, the process will be closed. The file will not be moved.)

() [File not signed] C:\Program Files (x86)\ASUS\Wireless Console 3\wcourier.exe
(ASUSTeK Computer Inc. -> ASUS) C:\Program Files (x86)\ASUS\ASUS CopyProtect\ASPG.exe
(ASUSTeK Computer Inc. -> ASUS) C:\Program Files (x86)\ASUS\ATK Package\ATK Hotkey\AsLdrSrv.exe
(ASUSTeK Computer Inc. -> ASUS) C:\Program Files (x86)\ASUS\ATK Package\ATK Hotkey\ATKOSD.exe
(ASUSTeK Computer Inc. -> ASUS) C:\Program Files (x86)\ASUS\ATK Package\ATK Hotkey\HControl.exe
(ASUSTeK Computer Inc. -> ASUS) C:\Program Files (x86)\ASUS\ATK Package\ATK Hotkey\HControlUser.exe
(ASUSTeK Computer Inc. -> ASUS) C:\Program Files (x86)\ASUS\ATK Package\ATK Hotkey\WDC.exe
(ASUSTeK Computer Inc. -> ASUS) C:\Program Files (x86)\ASUS\ATK Package\ATK Media\DMedia.exe
(ASUSTeK Computer Inc. -> ASUS) C:\Program Files (x86)\ASUS\ATK Package\ATKGFNEX\GFNEXSrv.exe
(ASUSTeK Computer Inc. -> ASUS) C:\Program Files (x86)\ASUS\ATK Package\ATKOSD2\ATKOSD2.exe
(ASUSTeK Computer Inc. -> ASUS) C:\Program Files (x86)\ASUS\SmartLogon\sensorsrv.exe
(ASUSTeK Computer Inc. -> ASUS) C:\Program Files (x86)\ASUS\SmartLogon\smartlogon.exe
(ASUSTeK Computer Inc. -> ASUS) C:\Windows\AsScrPro.exe
(ASUSTeK Computer Inc. -> ASUSTeK Computer Inc.) C:\Windows\System32\FBAgent.exe
(ASUSTeK Computer Inc. -> ATK) C:\Program Files\P4G\BatteryLife.exe
(ASUSTek Computer Inc.) [File not signed] C:\Program Files (x86)\ASUS\ASUS Data Security Manager\ADSMSrv.exe
(Avast Software s.r.o. -> AVAST Software) C:\Program Files\AVAST Software\Avast\aswEngSrv.exe
(Avast Software s.r.o. -> AVAST Software) C:\Program Files\AVAST Software\Avast\aswidsagent.exe
(Avast Software s.r.o. -> AVAST Software) C:\Program Files\AVAST Software\Avast\aswToolsSvc.exe
(Avast Software s.r.o. -> AVAST Software) C:\Program Files\AVAST Software\Avast\AvastSvc.exe
(Avast Software s.r.o. -> AVAST Software) C:\Program Files\AVAST Software\Avast\AvastUI.exe <5>
(Avast Software s.r.o. -> AVAST Software) C:\Program Files\AVAST Software\Avast\wsc_proxy.exe
(Boingo Wireless -> Boingo Wireless, Inc.) C:\Program Files (x86)\Boingo\Boingo Wi-Fi\Boingo Wi-Fi.exe
(Broadcom Corporation -> Broadcom Corporation.) C:\Program Files\WIDCOMM\Bluetooth Software\BluetoothHeadsetProxy.exe
(Broadcom Corporation -> Broadcom Corporation.) C:\Program Files\WIDCOMM\Bluetooth Software\BTStackServer.exe
(Broadcom Corporation -> Broadcom Corporation.) C:\Program Files\WIDCOMM\Bluetooth Software\BTTray.exe
(Broadcom Corporation -> Broadcom Corporation.) C:\Program Files\WIDCOMM\Bluetooth Software\btwdins.exe
(Comodo Security Solutions -> Comodo Security Solutions, Inc.) C:\Program Files (x86)\Comodo\Dragon\dragon_updater.exe
(CyberLink -> ) [File not signed] C:\Program Files (x86)\CyberLink\Shared files\RichVideo.exe
(DATA TRANSFER OF NEVADA, LLC -> Sun Microsystems, Inc.) C:\Program Files (x86)\syncables\syncables desktop\jre\bin\javaw.exe
(DATA TRANSFER OF NEVADA, LLC -> syncables, LLC) C:\Program Files (x86)\syncables\syncables desktop\syncables.exe
(ELAN Microelectronics Corporation -> ELAN Microelectronic Corp.) C:\Program Files\Elantech\ETDCtrl.exe
(ELAN Microelectronics Corporation -> ELAN Microelectronic Corp.) C:\Program Files\Elantech\ETDCtrlHelper.exe
(Geek Software GmbH -> Geek Software GmbH) C:\Program Files (x86)\PDF24\pdf24.exe
(Google Inc -> Google Inc.) C:\Program Files (x86)\Google\Update\GoogleUpdate.exe
(Intel Corporation -> Intel Corporation) C:\Windows\System32\hkcmd.exe
(Intel Corporation -> Intel Corporation) C:\Windows\System32\igfxpers.exe
(Intel Corporation -> Intel Corporation) C:\Windows\System32\igfxsrvc.exe
(Intel Corporation -> Intel Corporation) C:\Windows\System32\igfxtray.exe
(Intel Corporation) [File not signed] C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\LMS\LMS.exe
(Microsoft Corporation -> Microsoft Corp.) C:\Program Files\Common Files\Microsoft Shared\Windows Live\WLIDSVC.EXE
(Microsoft Corporation -> Microsoft Corp.) C:\Program Files\Common Files\Microsoft Shared\Windows Live\WLIDSVCM.EXE
(Microsoft Corporation -> Microsoft Corporation) C:\Program Files (x86)\Microsoft\EdgeUpdate\MicrosoftEdgeUpdate.exe
(Microsoft Windows -> Microsoft Corporation) C:\Windows\System32\dllhost.exe
(Microsoft Windows Hardware Compatibility Publisher -> SEIKO EPSON CORPORATION) C:\ProgramData\EPSON\EPW!3 SSRP\E_S40RPB.EXE
(Piriform Ltd -> Piriform Ltd) C:\Program Files (x86)\CCleaner\CCleaner64.exe
(SRS Labs, Inc -> SRS Labs, Inc.) C:\Program Files\SRS Labs\SRS Premium Sound Control Panel\SRSPremiumPanel_64.exe

==================== Registry (Whitelisted) ===================

(If an entry is included in the fixlist, the registry item will be restored to default or removed. The file will not be moved.)

HKLM\...\Run: [ETDWare] => C:\Program Files\Elantech\ETDCtrl.exe [649608 2010-06-10] (ELAN Microelectronics Corporation -> ELAN Microelectronic Corp.)
HKLM\...\Run: [SmartAudio] => C:\Program Files\CONEXANT\SAII\SAIICpl.exe [307768 2009-11-19] (Conexant Systems, Inc. -> )
HKLM\...\Run: [AvastUI.exe] => C:\Program Files\AVAST Software\Avast\AvLaunch.exe [157464 2021-12-20] (Avast Software s.r.o. -> AVAST Software)
HKLM-x32\...\Run: [Boingo Wi-Fi] => C:\Program Files (x86)\Boingo\Boingo Wi-Fi\Boingo.lnk [2429 2010-10-28] () [File not signed]
HKLM-x32\...\Run: [ATKMEDIA] => C:\Program Files (x86)\ASUS\ATK Package\ATK Media\DMedia.exe [170624 2010-05-03] (ASUSTeK Computer Inc. -> ASUS)
HKLM-x32\...\Run: [HControlUser] => C:\Program Files (x86)\ASUS\ATK Package\ATK Hotkey\HControlUser.exe [105016 2009-06-19] (ASUSTeK Computer Inc. -> ASUS)
HKLM-x32\...\Run: [Wireless Console 3] => C:\Program Files (x86)\ASUS\Wireless Console 3\wcourier.exe [1597440 2010-08-12] () [File not signed]
HKLM-x32\...\Run: [PDFPrint] => C:\Program Files (x86)\PDF24\pdf24.exe [193568 2014-11-28] (Geek Software GmbH -> Geek Software GmbH)
HKLM\SOFTWARE\Policies\Microsoft\Windows Defender: Restriction <==== ATTENTION
HKU\S-1-5-21-2238446362-149773792-617086920-1000\...\Run: [Syncables] => C:\Program Files (x86)\syncables\syncables desktop\Syncables.exe [370480 2010-04-05] (DATA TRANSFER OF NEVADA, LLC -> syncables, LLC)
HKU\S-1-5-21-2238446362-149773792-617086920-1000\...\Run: [EPSON Stylus DX4400 Series] => C:\Windows\system32\spool\DRIVERS\x64\3\E_IATICAE.EXE [211456 2007-03-01] (Microsoft Windows Hardware Compatibility Publisher -> SEIKO EPSON CORPORATION)
HKU\S-1-5-21-2238446362-149773792-617086920-1000\...\Run: [CCleaner Smart Cleaning] => C:\Program Files (x86)\CCleaner\CCleaner64.exe [18630056 2018-09-16] (Piriform Ltd -> Piriform Ltd)
HKU\S-1-5-21-2238446362-149773792-617086920-1000\Software\Policies\...\system: [DisableCMD] 0
HKU\S-1-5-21-2238446362-149773792-617086920-1000\...\MountPoints2: F - F:\HiSuiteDownLoader.exe
HKU\S-1-5-21-2238446362-149773792-617086920-1000\...\MountPoints2: {702f8e39-46ce-11e8-bd56-74f06db1599f} - F:\HiSuiteDownLoader.exe
HKU\S-1-5-21-2238446362-149773792-617086920-1000\...\MountPoints2: {7fed36bd-43c8-11eb-b06c-74f06db1599f} - F:\HiSuiteDownLoader.exe
HKLM\...\Print\Monitors\EPSON Stylus DX4400 Series 64MonitorBE: C:\Windows\system32\E_ILMCAE.DLL [129536 2006-12-08] (Microsoft Windows Hardware Compatibility Publisher -> SEIKO EPSON CORPORATION)
HKLM\Software\Microsoft\Active Setup\Installed Components: [{2D46B6DC-2207-486B-B523-A557E6D54B47}] -> C:\Windows\system32\cmd.exe /D /C start C:\Windows\system32\ie4uinit.exe -ClearIconCache
HKLM\Software\Wow6432Node\Microsoft\Active Setup\Installed Components: [{2D46B6DC-2207-486B-B523-A557E6D54B47}] -> C:\Windows\system32\cmd.exe /D /C start C:\Windows\system32\ie4uinit.exe -ClearIconCache
HKLM\Software\Wow6432Node\Microsoft\Active Setup\Installed Components: [{8A69D345-D564-463c-AFF1-A69D9E530F96}] -> C:\Program Files (x86)\Google\Chrome\Application\97.0.4692.99\Installer\chrmstp.exe [2022-01-25] (Google LLC -> Google LLC)
HKLM\Software\...\Authentication\Credential Providers: [{06FE45A8-6D92-44ba-A0F1-9A9BCDC8F5A7}] -> C:\Program Files (x86)\ASUS\SmartLogon\system\FaceCredentialProvider64.dll [2009-06-19] (ASUSTeK Computer Inc. -> ASUS)
HKLM\Software\...\Authentication\Credential Providers: [{2AD920F6-D745-4d8b-9526-619171C2CC4D}] -> C:\Program Files (x86)\ASUS\ASUS Data Security Manager\ShlExt\x64\AdsmCredentialProvider.dll [2009-04-02] (ASUSTek Computer Inc.) [File not signed]
HKLM\Software\...\Authentication\Credential Providers: [{455BD3EC-20A5-44c3-8D77-396909825B5E}] -> C:\Program Files (x86)\ASUS\ASUS Data Security Manager\ShlExt\x64\AdsmCredentialProvider.dll [2009-04-02] (ASUSTek Computer Inc.) [File not signed]
HKLM\Software\...\Authentication\Credential Providers: [{50968FF7-10C1-4fb3-98B0-CD654D6CB97E}] -> C:\Program Files\WIDCOMM\Bluetooth Software\\BtwCP.dll [2010-03-12] (Broadcom Corporation -> Broadcom Corporation.)
HKLM\Software\...\Authentication\Credential Providers: [{F8A0B131-5F68-486c-8040-7E8FC3C85BB6}] -> C:\Program Files\Common Files\Microsoft Shared\Windows Live\WLIDCREDPROV.DLL [2012-07-17] (Microsoft Corporation -> Microsoft Corp.)
HKLM\Software\...\Authentication\Credential Provider Filters: [{120495C2-9E38-48a2-A08B-C302F7487628}] -> C:\Program Files (x86)\ASUS\ASUS Data Security Manager\ShlExt\x64\AdsmCredentialProvider.dll [2009-04-02] (ASUSTek Computer Inc.) [File not signed]
Startup: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Startup\Bluetooth.lnk [2010-10-28]
ShortcutTarget: Bluetooth.lnk -> C:\Program Files\WIDCOMM\Bluetooth Software\BTTray.exe (Broadcom Corporation -> Broadcom Corporation.)
Startup: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Startup\Microsoft Office.lnk [2011-08-28]
ShortcutTarget: Microsoft Office.lnk -> C:\Program Files (x86)\Microsoft Office\Office10\OSA.EXE (Microsoft Corporation -> Microsoft Corporation)
Startup: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Startup\SRS Premium Sound.lnk [2010-10-28]
ShortcutTarget: SRS Premium Sound.lnk -> C:\Windows\Installer\{E5CF6B9C-3ABE-43C9-9413-AD5FFC98F049}\NewShortcut5_21C7B668029A47458B27645FE6E4A715.exe (SRS Labs, Inc -> Acresso Software Inc.)
HKLM\SOFTWARE\Policies\Mozilla\Firefox: Restriction <==== ATTENTION

==================== Scheduled Tasks (Whitelisted) ============

(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)

Task: {0CE47DD5-A5FF-436E-A16D-837DF8DF47C3} - System32\Tasks\Microsoft\Windows Live\SOXE\Extractor Definitions Update Task => {3519154C-227E-47F3-9CC9-12C3F05817F1}
Task: {0D7767ED-0D20-459B-9CB1-FD876B5FEF41} - \{B7F918E3-FC9A-439D-95AA-EE1AA7BC37EB} -> No File <==== ATTENTION
Task: {0E4D74A3-54B9-4C6D-902A-BE9FF01DA2BE} - \{CE372306-0048-4383-9E6A-18B913E979E9} -> No File <==== ATTENTION
Task: {35A60BC9-713E-478B-99F1-FA7263A772EA} - \GoogleUpdateTaskMachineCore -> No File <==== ATTENTION
Task: {3883F2EE-AA07-4021-946C-3DF86F8FDE55} - System32\Tasks\ATKOSD2 => C:\Program Files (x86)\ASUS\ATK Package\ATKOSD2\ATKOSD2.exe [5732992 2010-08-17] (ASUSTeK Computer Inc. -> ASUS)
Task: {3A92FBF1-057B-4F4C-B627-257BF24A5B28} - System32\Tasks\Avast Software\Overseer => C:\Program Files\Common Files\Avast Software\Overseer\overseer.exe [1790184 2021-04-30] (Avast Software s.r.o. -> Avast Software)
Task: {3C54595A-65AC-4A9A-B9AA-AF1517435D2B} - System32\Tasks\ASUS SmartLogon Console Sensor => C:\Program Files (x86)\ASUS\SmartLogon\sensorsrv.exe [305720 2009-07-31] (ASUSTeK Computer Inc. -> ASUS)
Task: {4FB2C349-152F-4988-BC48-CE923FD7791E} - System32\Tasks\CCleaner Update => C:\Program Files (x86)\CCleaner\CCUpdate.exe [619416 2019-02-08] (Piriform Software Ltd -> Piriform Software Ltd)
Task: {5B322985-3AB9-4940-AC88-37E6597ACBA5} - System32\Tasks\ASUS P4G => C:\Program Files\P4G\BatteryLife.exe [339072 2010-05-28] (ASUSTeK Computer Inc. -> ATK)
Task: {5F7B9762-9213-40D5-B3A8-F472DB0ADAD3} - \{6191827E-D7C0-41BA-A66A-229546CEBBDF} -> No File <==== ATTENTION
Task: {6930A105-696A-46C4-BCA6-5963EFCFC7A4} - \GoogleUpdateTaskMachineUA -> No File <==== ATTENTION
Task: {75EDC1C0-6034-4284-8F5B-DDE0758C0F3C} - \{1A67A6CB-7C54-4832-B9C5-CA7151B1CD86} -> No File <==== ATTENTION
Task: {7F402C2F-28D0-4B5F-9E9E-B982CA010CA5} - \{C98D2361-5F6D-4EFF-80A8-34B065F26049} -> No File <==== ATTENTION
Task: {801CD57E-3311-4E00-BB3F-62493FA34B99} - \{2352ED13-CB22-4F67-8A0A-F8BAE8F77D22} -> No File <==== ATTENTION
Task: {88E60535-550E-487B-B7E7-BF6D4B152963} - System32\Tasks\avastBCLRestartS-1-5-21-2238446362-149773792-617086920-1000 => C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
Task: {8E1078B2-D7C5-47BA-B55E-38AE9F7F19CC} - \{C7C4BDC8-FC51-48B9-B78D-867378D794D0} -> No File <==== ATTENTION
Task: {95843E51-1AE1-4CE5-9BBE-6CA083595C76} - System32\Tasks\CCleanerSkipUAC => C:\Program Files (x86)\CCleaner\CCleaner.exe [13797712 2018-09-16] (Piriform Ltd -> Piriform Ltd)
Task: {9A4A1C6E-F420-441F-87CF-1F00486FEB7D} - System32\Tasks\ASPG => C:\Program Files (x86)\ASUS\ASUS CopyProtect\aspg.exe [163384 2009-06-29] (ASUSTeK Computer Inc. -> ASUS)
Task: {B2189CBD-F585-494A-BC7C-A913416D67E4} - \{C5A07AAB-88E1-43E9-84F0-07D9455475C8} -> No File <==== ATTENTION
Task: {B6A23542-D7C8-40C0-98BC-74A6DC1A39BA} - System32\Tasks\Avast Emergency Update => C:\Program Files\AVAST Software\Avast\AvEmUpdate.exe [4969240 2021-12-20] (Avast Software s.r.o. -> AVAST Software)

(If an entry is included in the fixlist, the task (.job) file will be moved. The file which is running by the task will not be moved.)


==================== Internet (Whitelisted) ====================

(If an item is included in the fixlist, if it is a registry item it will be removed or restored to default.)

Winsock: Catalog5 08 C:\Program Files (x86)\Common Files\Microsoft Shared\Windows Live\WLIDNSP.DLL [145648 2012-07-17] (Microsoft Corporation -> Microsoft Corp.)
Winsock: Catalog5 09 C:\Program Files (x86)\Common Files\Microsoft Shared\Windows Live\WLIDNSP.DLL [145648 2012-07-17] (Microsoft Corporation -> Microsoft Corp.)
Winsock: Catalog5-x64 08 C:\Program Files\Common Files\Microsoft Shared\Windows Live\WLIDNSP.DLL [171760 2012-07-17] (Microsoft Corporation -> Microsoft Corp.)
Winsock: Catalog5-x64 09 C:\Program Files\Common Files\Microsoft Shared\Windows Live\WLIDNSP.DLL [171760 2012-07-17] (Microsoft Corporation -> Microsoft Corp.)
Tcpip\Parameters: [DhcpNameServer] 62.129.50.20 85.135.32.100
Tcpip\..\Interfaces\{1D0E1FEC-1D2D-431B-96C4-8C4903F74E79}: [DhcpNameServer] 62.129.50.20 85.135.32.100
Tcpip\..\Interfaces\{49A5CF24-CAF7-482B-B1E1-E76E49B50515}: [NameServer] 10.255.255.10,10.255.255.20
Tcpip\..\Interfaces\{49A5CF24-CAF7-482B-B1E1-E76E49B50515}: [DhcpNameServer] 192.168.0.1

Edge:
=======
Edge DefaultProfile: Default
Edge Profile: C:\Users\vev\AppData\Local\Microsoft\Edge\User Data\Default [2021-11-27]

FireFox:
========
FF DefaultProfile: sgaow1n5.default-1377703720272
FF ProfilePath: C:\Users\vev\AppData\Roaming\Mozilla\Firefox\Profiles\sgaow1n5.default-1377703720272 [2022-01-30]
FF DownloadDir: C:\Users\vev\Desktop
FF Plugin: @Microsoft.com/NpCtrl,version=1.0 -> C:\Program Files\Microsoft Silverlight\5.1.50918.0\npctrl.dll [2018-10-23] (Microsoft Corporation -> Microsoft Corporation)
FF Plugin-x32: @Microsoft.com/NpCtrl,version=1.0 -> C:\Program Files (x86)\Microsoft Silverlight\5.1.50918.0\npctrl.dll [2018-10-23] (Microsoft Corporation -> Microsoft Corporation)
FF Plugin-x32: @microsoft.com/WLPG,version=16.4.3528.0331 -> C:\Program Files (x86)\Windows Live\Photo Gallery\NPWLPG.dll [2014-03-31] (Microsoft Corporation -> Microsoft Corporation)
FF Plugin-x32: @videolan.org/vlc,version=2.2.1 -> C:\Program Files (x86)\VideoLAN\VLC\npvlc.dll [2017-11-29] (VideoLAN -> VideoLAN)
FF Plugin-x32: @videolan.org/vlc,version=2.2.6 -> C:\Program Files (x86)\VideoLAN\VLC\npvlc.dll [2017-11-29] (VideoLAN -> VideoLAN)
FF Plugin-x32: @videolan.org/vlc,version=2.2.8 -> C:\Program Files (x86)\VideoLAN\VLC\npvlc.dll [2017-11-29] (VideoLAN -> VideoLAN)
FF Plugin-x32: Adobe Reader -> C:\Program Files (x86)\Adobe\Reader 9.0\Reader\AIR\nppdf32.dll [2013-05-08] (Adobe Systems, Incorporated -> Adobe Systems Inc.)

Chrome:
=======
CHR DefaultProfile: Default
CHR Profile: C:\Users\vev\AppData\Local\Google\Chrome\User Data\Default [2022-01-30]
CHR DownloadDir: C:\Users\vev\Desktop
CHR HomePage: Default -> hxxp://www.google.cz/
CHR StartupUrls: Default -> "hxxps://www.google.cz/"
CHR Extension: (Dokumenty) - C:\Users\vev\AppData\Local\Google\Chrome\User Data\Default\Extensions\aohghmighlieiainnegkcijnfilokake [2017-10-16]
CHR Extension: (Disk Google) - C:\Users\vev\AppData\Local\Google\Chrome\User Data\Default\Extensions\apdfllckaahabafndbhieahigkjlhalf [2020-10-25]
CHR Extension: (YouTube) - C:\Users\vev\AppData\Local\Google\Chrome\User Data\Default\Extensions\blpcfgokakmgnkcojhhkbfbldkacnbeo [2015-09-24]
CHR Extension: (Vyhledávání Google) - C:\Users\vev\AppData\Local\Google\Chrome\User Data\Default\Extensions\coobgpohoikkiipiblmjeljniedjpjpf [2015-10-27]
CHR Extension: (Dokumenty Google offline) - C:\Users\vev\AppData\Local\Google\Chrome\User Data\Default\Extensions\ghbmnnjooekpmoecnnnilnnbdlolhkhi [2022-01-27]
CHR Extension: (Platby Internetového obchodu Chrome) - C:\Users\vev\AppData\Local\Google\Chrome\User Data\Default\Extensions\nmmhkkegccagdldgiimedpiccmgmieda [2021-01-31]
CHR Extension: (Seznam doplněk - Esko) - C:\Users\vev\AppData\Local\Google\Chrome\User Data\Default\Extensions\olfeabkoenfaoljndfecamgilllcpiak [2020-10-27]
CHR Extension: (Gmail) - C:\Users\vev\AppData\Local\Google\Chrome\User Data\Default\Extensions\pjkljhegncpnkpknbcohdijeoejaedia [2020-10-25]
CHR HKU\S-1-5-21-2238446362-149773792-617086920-1000\SOFTWARE\Google\Chrome\Extensions\...\Chrome\Extension: [bgjpfhpjcgdppjbgnpnjllokbmcdllig]
CHR HKU\S-1-5-21-2238446362-149773792-617086920-1000\SOFTWARE\Google\Chrome\Extensions\...\Chrome\Extension: [olfeabkoenfaoljndfecamgilllcpiak]
CHR HKLM-x32\...\Chrome\Extension: [eofcbnmajmjmplflapaojjnihcjkigck]

==================== Services (Whitelisted) ===================

(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)

R3 ADSMService; C:\Program Files (x86)\ASUS\ASUS Data Security Manager\ADSMSrv.exe [225280 2008-03-31] (ASUSTek Computer Inc.) [File not signed]
R3 aswbIDSAgent; C:\Program Files\AVAST Software\Avast\aswidsagent.exe [8480848 2021-12-20] (Avast Software s.r.o. -> AVAST Software)
R2 avast! Antivirus; C:\Program Files\AVAST Software\Avast\AvastSvc.exe [452888 2021-12-20] (Avast Software s.r.o. -> AVAST Software)
R2 avast! Tools; C:\Program Files\AVAST Software\Avast\aswToolsSvc.exe [452888 2021-12-20] (Avast Software s.r.o. -> AVAST Software)
R2 AvastWscReporter; C:\Program Files\AVAST Software\Avast\wsc_proxy.exe [56912 2021-05-30] (Avast Software s.r.o. -> AVAST Software)
S4 clr_optimization_v2.0.50727_64; C:\Windows\Microsoft.NET\Framework64\v2.0.50727\mscorsvw.exe [90776 2014-03-20] (Microsoft Corporation -> Microsoft Corporation)
S2 clr_optimization_v4.0.30319_64; C:\Windows\Microsoft.NET\Framework64\v4.0.30319\mscorsvw.exe [158912 2019-03-28] (Microsoft Dynamic Code Publisher -> Microsoft Corporation)
R2 DragonUpdater; C:\Program Files (x86)\Comodo\Dragon\dragon_updater.exe [2139328 2014-05-27] (Comodo Security Solutions -> Comodo Security Solutions, Inc.)
R2 EPSON_PM_RPCV4_01; C:\ProgramData\EPSON\EPW!3 SSRP\E_S40RPB.EXE [126464 2007-01-11] (Microsoft Windows Hardware Compatibility Publisher -> SEIKO EPSON CORPORATION)
R2 LMS; C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\LMS\LMS.exe [262144 2009-10-01] (Intel Corporation) [File not signed]
S2 MBAMService; C:\Program Files (x86)\Malwarebytes Anti-Malware\mbamservice.exe [1133880 2015-06-18] (Malwarebytes Corporation -> Malwarebytes Corporation)
R3 RichVideo; C:\Program Files (x86)\CyberLink\Shared files\RichVideo.exe [244904 2010-04-06] (CyberLink -> ) [File not signed]
S3 WinDefend; C:\Program Files\Windows Defender\mpsvc.dll [1011712 2013-05-27] (Microsoft Windows -> Microsoft Corporation)
R2 wlidsvc; C:\Program Files\Common Files\Microsoft Shared\Windows Live\WLIDSVC.EXE [2292480 2012-07-17] (Microsoft Corporation -> Microsoft Corp.)

===================== Drivers (Whitelisted) ===================

(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)

R0 aswArDisk; C:\Windows\System32\drivers\aswArDisk.sys [36784 2021-12-20] (Avast Software s.r.o. -> AVAST Software)
R1 aswArPot; C:\Windows\System32\drivers\aswArPot.sys [223176 2021-12-20] (Avast Software s.r.o. -> AVAST Software)
R1 aswbidsdriver; C:\Windows\System32\drivers\aswbidsdriver.sys [369216 2021-12-20] (Avast Software s.r.o. -> AVAST Software)
R0 aswbidsh; C:\Windows\System32\drivers\aswbidsh.sys [252992 2021-12-20] (Avast Software s.r.o. -> AVAST Software)
R0 aswbuniv; C:\Windows\System32\drivers\aswbuniv.sys [100416 2021-12-20] (Avast Software s.r.o. -> AVAST Software)
R1 aswKbd; C:\Windows\System32\drivers\aswKbd.sys [42416 2021-12-20] (Avast Software s.r.o. -> AVAST Software)
R1 aswMonFlt; C:\Windows\System32\drivers\aswMonFlt.sys [186280 2021-12-20] (Avast Software s.r.o. -> AVAST Software)
R1 aswNetHub; C:\Windows\System32\drivers\aswNetHub.sys [540056 2021-12-20] (Avast Software s.r.o. -> AVAST Software)
R3 aswNetNd6; C:\Windows\System32\DRIVERS\aswNetNd6.sys [38152 2020-04-15] (AVAST Software s.r.o. -> AVAST Software)
R1 aswRdr; C:\Windows\System32\drivers\aswRdr2.sys [108912 2021-12-20] (Avast Software s.r.o. -> AVAST Software)
R0 aswRvrt; C:\Windows\System32\drivers\aswRvrt.sys [83976 2021-12-20] (Avast Software s.r.o. -> AVAST Software)
R1 aswSnx; C:\Windows\System32\drivers\aswSnx.sys [853800 2021-12-20] (Avast Software s.r.o. -> AVAST Software)
R1 aswSP; C:\Windows\System32\drivers\aswSP.sys [545176 2021-12-20] (Avast Software s.r.o. -> AVAST Software)
R2 aswStm; C:\Windows\System32\drivers\aswStm.sys [215432 2021-12-20] (Avast Software s.r.o. -> AVAST Software)
R0 aswVmm; C:\Windows\System32\drivers\aswVmm.sys [318760 2021-12-20] (Avast Software s.r.o. -> AVAST Software)
R3 athr; C:\Windows\System32\DRIVERS\athrx.sys [2753536 2011-06-27] (Microsoft Windows Hardware Compatibility Publisher -> Atheros Communications, Inc.)
R3 ETD; C:\Windows\System32\DRIVERS\ETD.sys [129024 2010-07-21] (Microsoft Windows Hardware Compatibility Publisher -> ELAN Microelectronic Corp.)
R3 kbfiltr; C:\Windows\System32\DRIVERS\kbfiltr.sys [15416 2009-07-20] (ASUSTeK Computer Inc. -> )
R0 lullaby; C:\Windows\System32\DRIVERS\lullaby.sys [15928 2009-06-18] (ASUSTeK Computer Inc. -> Windows (R) Win 7 DDK provider)
R3 MBAMProtector; C:\Windows\system32\drivers\mbam.sys [25816 2015-06-18] (Malwarebytes Corporation -> Malwarebytes Corporation)
S3 MBAMWebAccessControl; C:\Windows\system32\drivers\mwac.sys [63704 2015-06-18] (Malwarebytes Corporation -> Malwarebytes Corporation)
S3 nmwcd; C:\Windows\System32\drivers\ccdcmbx64.sys [19968 2011-08-17] (Microsoft Windows Hardware Compatibility Publisher -> Nokia)
R3 SNP2UVC; C:\Windows\System32\DRIVERS\snp2uvc.sys [1800192 2009-08-20] (Microsoft Windows Hardware Compatibility Publisher -> )

==================== NetSvcs (Whitelisted) ===================

(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)


==================== One month (created) (Whitelisted) =========

(If an entry is included in the fixlist, the file/folder will be moved.)


==================== One month (modified) ==================

(If an entry is included in the fixlist, the file/folder will be moved.)

2022-01-30 17:17 - 2017-12-06 19:00 - 000000000 ____D C:\FRST
2022-01-30 16:51 - 2010-10-28 09:50 - 000000000 ____D C:\Program Files (x86)\Google
2022-01-30 15:46 - 2009-07-14 05:45 - 000022592 ____H C:\Windows\system32\7B296FB0-376B-497e-B012-9C450E1B7327-5P-1.C7483456-A289-439d-8115-601632D005A0
2022-01-30 15:46 - 2009-07-14 05:45 - 000022592 ____H C:\Windows\system32\7B296FB0-376B-497e-B012-9C450E1B7327-5P-0.C7483456-A289-439d-8115-601632D005A0
2022-01-30 15:41 - 2015-01-23 19:20 - 000000000 ____D C:\Users\vev\AppData\Local\Apps\2.0
2022-01-30 15:37 - 2011-08-28 16:42 - 000000000 ____D C:\ProgramData\AVAST Software
2022-01-30 15:37 - 2009-07-14 06:08 - 000000006 ____H C:\Windows\Tasks\SA.DAT
2022-01-30 15:29 - 2015-12-03 18:51 - 000000000 ____D C:\Windows\system32\Tasks\AVAST Software
2022-01-30 12:14 - 2009-08-03 21:00 - 000681562 _____ C:\Windows\system32\perfh005.dat
2022-01-30 12:14 - 2009-08-03 21:00 - 000145976 _____ C:\Windows\system32\perfc005.dat
2022-01-30 12:14 - 2009-07-14 06:13 - 001610364 _____ C:\Windows\system32\PerfStringBackup.INI
2022-01-30 12:14 - 2009-07-14 04:20 - 000000000 ____D C:\Windows\inf
2022-01-29 12:21 - 2011-08-28 15:14 - 000000000 ____D C:\Users\vev
2022-01-29 12:12 - 2020-07-08 15:57 - 000003484 _____ C:\Windows\system32\Tasks\MicrosoftEdgeUpdateTaskMachineUA
2022-01-29 12:12 - 2020-07-08 15:57 - 000003356 _____ C:\Windows\system32\Tasks\MicrosoftEdgeUpdateTaskMachineCore
2022-01-29 12:12 - 2018-03-29 07:49 - 000004140 _____ C:\Windows\system32\Tasks\CCleaner Update
2022-01-29 12:12 - 2016-01-04 23:07 - 000003094 _____ C:\Windows\system32\Tasks\P4G Sidebar
2022-01-29 12:12 - 2012-08-09 14:48 - 000002780 _____ C:\Windows\system32\Tasks\CCleanerSkipUAC
2022-01-29 12:12 - 2010-10-28 10:14 - 000002872 _____ C:\Windows\system32\Tasks\ASPG
2022-01-29 12:12 - 2010-10-28 10:13 - 000002986 _____ C:\Windows\system32\Tasks\ASUS SmartLogon Console Sensor
2022-01-29 12:12 - 2010-10-28 10:11 - 000003040 _____ C:\Windows\system32\Tasks\ASUS P4G
2022-01-29 12:12 - 2010-10-28 10:10 - 000002988 _____ C:\Windows\system32\Tasks\ATKOSD2
2022-01-28 21:54 - 2015-02-03 14:52 - 000113880 _____ (Malwarebytes Corporation) C:\Windows\system32\Drivers\MBAMSwissArmy.sys
2022-01-27 21:25 - 2016-06-23 19:58 - 000000000 ____D C:\Program Files\trend micro
2022-01-25 21:28 - 2013-08-30 12:49 - 000002226 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Google Chrome.lnk
2022-01-25 21:28 - 2013-08-30 12:49 - 000002185 _____ C:\Users\Public\Desktop\Google Chrome.lnk
2022-01-23 18:14 - 2018-06-10 12:55 - 000000000 ____D C:\Users\vev\AppData\Local\ElevatedDiagnostics
2022-01-15 17:03 - 2013-08-01 18:52 - 000000000 ____D C:\Windows\system32\MRT
2022-01-15 16:56 - 2011-09-01 18:36 - 145765912 ____C (Microsoft Corporation) C:\Windows\system32\MRT.exe
2022-01-15 15:56 - 2011-08-30 17:49 - 000000000 ____D C:\Program Files (x86)\Webteh
2022-01-15 15:30 - 2013-11-17 22:35 - 000000000 ____D C:\Program Files (x86)\PDF Architect
2022-01-15 15:11 - 2011-10-19 20:19 - 000000000 ____D C:\Windows\system32\Macromed
2022-01-15 15:11 - 2010-10-28 09:54 - 000000000 ____D C:\Windows\SysWOW64\Macromed
2022-01-02 15:27 - 2017-03-12 15:02 - 000004168 _____ C:\Windows\system32\Tasks\Avast Emergency Update

==================== Files in the root of some directories ========

2007-06-12 17:34 - 2007-06-12 17:34 - 000035822 _____ () C:\Program Files (x86)\Common Files\ASPG_icon.ico
2008-05-22 16:35 - 2008-05-22 16:35 - 000051962 _____ () C:\Program Files (x86)\Common Files\banner.jpg
2009-04-08 18:31 - 2009-04-08 18:31 - 000106496 _____ () C:\Program Files (x86)\Common Files\CPInstallAction.dll
2008-08-12 05:45 - 2008-08-12 05:45 - 000155648 _____ (ASUS) C:\Program Files (x86)\Common Files\MSIactionall.dll
2012-05-12 12:18 - 2012-05-12 12:18 - 000099384 _____ () C:\Users\vev\AppData\Roaming\inst.exe
2012-05-12 12:18 - 2012-05-12 12:18 - 000007859 _____ () C:\Users\vev\AppData\Roaming\pcouffin.cat
2012-05-12 12:18 - 2012-05-12 12:18 - 000001167 _____ () C:\Users\vev\AppData\Roaming\pcouffin.inf
2012-05-12 12:18 - 2012-05-12 12:18 - 000000074 _____ () C:\Users\vev\AppData\Roaming\pcouffin.log
2012-05-12 12:18 - 2012-05-12 12:18 - 000082816 _____ (VSO Software) C:\Users\vev\AppData\Roaming\pcouffin.sys
2013-08-26 12:39 - 2013-08-26 12:39 - 000033193 _____ () C:\Users\vev\AppData\Roaming\UserTile.png

==================== SigCheck ============================

(There is no automatic fix for files that do not pass verification.)


LastRegBack: 2022-01-30 13:36
==================== End of FRST.txt ========================

[vev]

A Addition



==================== Memory info ===========================

BIOS: American Megatrends Inc. K52F.210 08/30/2010
Motherboard: ASUSTeK Computer Inc. K52F
Processor: Intel(R) Pentium(R) CPU P6100 @ 2.00GHz
Percentage of memory in use: 91%
Total physical RAM: 2924.57 MB
Available physical RAM: 242.75 MB
Total Virtual: 5847.28 MB
Available Virtual: 2408.12 MB

==================== Drives ================================

Drive c: (OS) (Fixed) (Total:116.44 GB) (Free:42.45 GB) NTFS ==>[system with boot components (obtained from drive)]
Drive d: (Data) (Fixed) (Total:329.79 GB) (Free:294.68 GB) NTFS


==================== MBR & Partition Table ====================

==========================================================
Disk: 0 (MBR Code: Windows 7/8/10) (Size: 465.8 GB) (Disk ID: 849C66B0)
Partition 1: (Not Active) - (Size=19.5 GB) - (Type=1C)
Partition 2: (Active) - (Size=116.4 GB) - (Type=07 NTFS)
Partition 3: (Not Active) - (Size=329.8 GB) - (Type=0F Extended)

==================== End of Addition.txt =======================

[Rudy]

Log Addition sice není kompletní, nicméně konstatuji, že vše bylo smazáno.

[vev]

Zdál se mi nějaký krátký... OK, dobře, takže hotovo... Mockrát děkuji.

[Rudy]

Pro tuto kontrolu (když není fixlog), FRST postačí. Rádo se stalo!