Prosím o kontrolu

Zpráva

mlzd · #1 Příspěvek od **mlzd** » 11 úno 2022 15:57

Prosím o preventivku. Ale zdá se mi, že na pozadí často maká něco nežádoucího, co zpomaluje.

Scan result of Farbar Recovery Scan Tool (FRST) (x64) Version: 05-02-2022
Ran by wow (administrator) on DESKTOP-89RL4UG (LENOVO 90F1001ECK) (11-02-2022 15:47:53)
Running from C:\Users\wow\Desktop
Loaded Profiles: wow
Platform: Microsoft Windows 10 Home Version 21H1 19043.1466 (X64) Language: Angličtina (Spojené státy) -> Čeština (Česko)
Default browser: FF
Boot Mode: Normal

==================== Processes (Whitelisted) =================

(If an entry is included in the fixlist, the process will be closed. The file will not be moved.)

() [File not signed] C:\Program Files\Lenovo\Lenovo Slim USB Keyboard\Sks8821.exe
(Adobe Inc. -> Adobe Inc.) C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\armsvc.exe
(ALTAP, spol. s r.o. -> ALTAP) C:\Program Files (x86)\Altap Salamander\salamand.exe
(ALTAP, spol. s r.o. -> ALTAP) C:\Program Files (x86)\Altap Salamander\utils\salmon.exe
(Avast Software s.r.o. -> AVAST Software) C:\Program Files (x86)\AVAST Software\Browser\Update\1.8.1065.0\AvastBrowserCrashHandler.exe
(Avast Software s.r.o. -> AVAST Software) C:\Program Files (x86)\AVAST Software\Browser\Update\1.8.1065.0\AvastBrowserCrashHandler64.exe
(Avast Software s.r.o. -> AVAST Software) C:\Program Files\AVAST Software\Avast\aswEngSrv.exe
(Avast Software s.r.o. -> AVAST Software) C:\Program Files\AVAST Software\Avast\aswidsagent.exe
(Avast Software s.r.o. -> AVAST Software) C:\Program Files\AVAST Software\Avast\aswToolsSvc.exe
(Avast Software s.r.o. -> AVAST Software) C:\Program Files\AVAST Software\Avast\AvastSvc.exe
(Avast Software s.r.o. -> AVAST Software) C:\Program Files\AVAST Software\Avast\AvastUI.exe <4>
(Avast Software s.r.o. -> AVAST Software) C:\Program Files\AVAST Software\Avast\wsc_proxy.exe
(Google LLC -> ) C:\Program Files\Google\Drive File Stream\55.0.3.0\crashpad_handler.exe <2>
(Google LLC -> Google LLC) C:\Program Files (x86)\Google\Update\1.3.36.122\GoogleCrashHandler.exe
(Google LLC -> Google LLC) C:\Program Files (x86)\Google\Update\1.3.36.122\GoogleCrashHandler64.exe
(Google LLC -> Google, Inc.) C:\Program Files\Google\Drive File Stream\55.0.3.0\GoogleDriveFS.exe <7>
(Intel Corporation - Embedded Subsystems and IP Blocks Group -> Intel Corporation) C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\DAL\jhi_service.exe
(Intel Corporation - Embedded Subsystems and IP Blocks Group -> Intel Corporation) C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\LMS\LMS.exe
(Intel Corporation) [File not signed] C:\Program Files (x86)\Intel\Intel(R) Security Assist\isa.exe
(LITEON) [File not signed] C:\Program Files\Lenovo\Lenovo Slim USB Keyboard\skdh8821.exe
(Microsoft Corporation -> Microsoft Corporation) C:\Windows\Microsoft.NET\Framework64\v3.0\WPF\PresentationFontCache.exe
(Microsoft Windows -> Microsoft Corporation) C:\Windows\ImmersiveControlPanel\SystemSettings.exe
(Microsoft Windows -> Microsoft Corporation) C:\Windows\System32\MusNotifyIcon.exe
(Microsoft Windows -> Microsoft Corporation) C:\Windows\System32\smartscreen.exe
(Microsoft Windows Hardware Compatibility Publisher -> ) C:\Windows\System32\igfxTray.exe
(Microsoft Windows Hardware Compatibility Publisher -> Intel Corporation) C:\Windows\System32\igfxCUIService.exe
(Microsoft Windows Hardware Compatibility Publisher -> Intel Corporation) C:\Windows\System32\igfxEM.exe
(Microsoft Windows Hardware Compatibility Publisher -> Intel Corporation) C:\Windows\System32\igfxHK.exe
(Mozilla Corporation -> Mozilla Corporation) C:\Program Files\Mozilla Firefox\firefox.exe <11>
(Realtek Semiconductor Corp -> Realtek Semiconductor) C:\Program Files\Realtek\Audio\HDA\RAVBg64.exe
(Realtek Semiconductor Corp -> Realtek Semiconductor) C:\Program Files\Realtek\Audio\HDA\RAVCpl64.exe

==================== Registry (Whitelisted) ===================

(If an entry is included in the fixlist, the registry item will be restored to default or removed. The file will not be moved.)

HKLM\...\Run: [AvastUI.exe] => C:\Program Files\AVAST Software\Avast\AvLaunch.exe [157464 2021-12-28] (Avast Software s.r.o. -> AVAST Software)
HKU\S-1-5-19\...\Run: [GoogleDriveFS] => C:\Program Files\Google\Drive File Stream\55.0.3.0\GoogleDriveFS.exe [55334232 2022-01-25] (Google LLC -> Google, Inc.)
HKU\S-1-5-20\...\Run: [GoogleDriveFS] => C:\Program Files\Google\Drive File Stream\55.0.3.0\GoogleDriveFS.exe [55334232 2022-01-25] (Google LLC -> Google, Inc.)
HKU\S-1-5-21-3829197068-2955107618-1151059083-1001\...\Run: [CCleaner Smart Cleaning] => C:\Program Files\CCleaner\CCleaner64.exe [35320448 2022-01-25] (Piriform Software Ltd -> Piriform Software Ltd)
HKU\S-1-5-21-3829197068-2955107618-1151059083-1001\...\Run: [GoogleDriveFS] => C:\Program Files\Google\Drive File Stream\55.0.3.0\GoogleDriveFS.exe [55334232 2022-01-25] (Google LLC -> Google, Inc.)
HKU\S-1-5-21-3829197068-2955107618-1151059083-1001\...\Run: [Zoner Photo Studio Autoupdate] => "D:\Photo Studio 17\Program32\ZPSTRAY.EXE" (No File)
HKU\S-1-5-21-3829197068-2955107618-1151059083-1001\...\MountPoints2: {c238881e-3093-11e7-9bcb-b8aeed9e8c33} - "F:\WD Drive Unlock.exe" autoplay=true
HKU\S-1-5-18\...\Run: [GoogleDriveFS] => C:\Program Files\Google\Drive File Stream\55.0.3.0\GoogleDriveFS.exe [55334232 2022-01-25] (Google LLC -> Google, Inc.)
HKLM\Software\Microsoft\Active Setup\Installed Components: [{30C521FB-255B-46C8-9F0D-EE5AE371C9AA}] -> "C:\Program Files (x86)\AVAST Software\Browser\Application\92.2.11577.159\Installer\chrmstp.exe" --configure-user-settings --verbose-logging --system-level
HKLM\Software\Microsoft\Active Setup\Installed Components: [{8A69D345-D564-463c-AFF1-A69D9E530F96}] -> C:\Program Files (x86)\Google\Chrome\Application\98.0.4758.82\Installer\chrmstp.exe [2022-02-09] (Google LLC -> Google LLC)
HKLM\Software\Microsoft\Active Setup\Installed Components: [{A8504530-742B-42BC-895D-2BAD6406F698}] -> C:\Program Files (x86)\AVAST Software\Browser\Application\97.1.13818.100\Installer\chrmstp.exe [2022-01-27] (Avast Software s.r.o. -> AVAST Software)
HKLM\Software\Wow6432Node\Microsoft\Active Setup\Installed Components: [{30C521FB-255B-46C8-9F0D-EE5AE371C9AA}] -> "C:\Program Files (x86)\AVAST Software\Browser\Application\86.1.6782.183\Installer\chrmstp.exe" --configure-user-settings --verbose-logging --system-level
BootExecute: autocheck autochk * icarus_rvrt.exe
HKLM\SOFTWARE\Policies\Mozilla\Firefox: Restriction <==== ATTENTION

==================== Scheduled Tasks (Whitelisted) ============

(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)

Task: {0477F3B5-7BD9-4915-B799-5733351AD00A} - System32\Tasks\HP\HP Print Scan Doctor\Printer Health Monitor => C:\Program Files\HPPrintScanDoctor\HPPrinterHealthMonitor.exe [38504 2021-05-10] (HP Inc. -> HP Inc.)
Task: {0B027715-E8F3-471C-8E12-38A46BB1B152} - System32\Tasks\RTKCPL => C:\Program Files\Realtek\Audio\HDA\RAVCpl64.exe [14021336 2015-06-18] (Realtek Semiconductor Corp -> Realtek Semiconductor)
Task: {1CE85176-70E3-447E-9490-C344448D993F} - System32\Tasks\CCleaner Update => C:\Program Files\CCleaner\CCUpdate.exe [684976 2022-01-25] (Piriform Software Ltd -> Piriform)
Task: {1F384BCA-F7BC-4900-8EC0-5EFF9A6E64A2} - System32\Tasks\Avast Secure Browser Heartbeat Task (Logon) => C:\Program Files (x86)\AVAST Software\Browser\Application\AvastBrowser.exe [2552432 2022-01-20] (Avast Software s.r.o. -> AVAST Software)
Task: {24B58E4E-49C8-4ABE-B1B3-3FF66E1F0832} - System32\Tasks\CCleanerSkipUAC - wow => C:\Program Files\CCleaner\CCleaner.exe [29453952 2022-01-25] (Piriform Software Ltd -> Piriform Software Ltd)
Task: {332BEADE-FA59-4DE0-A8AE-703E098EF9EE} - System32\Tasks\Lenovo\Lenovo Customer Feedback Program 64 35 => C:\Program Files (x86)\Lenovo\Customer Feedback Program 35\Lenovo.TVT.CustomerFeedback.Agent35.exe [16832 2015-07-02] (LENOVO -> Lenovo)
Task: {3604CD51-66DB-41D2-BE66-177777A8D7EF} - System32\Tasks\Avast Software\Overseer => C:\Program Files\Common Files\Avast Software\Overseer\overseer.exe [1790184 2021-04-30] (Avast Software s.r.o. -> Avast Software)
Task: {376BF646-AAB3-4006-BEF8-63BEFDC4FF3A} - System32\Tasks\Avast Secure Browser Heartbeat Task (Hourly) => C:\Program Files (x86)\AVAST Software\Browser\Application\AvastBrowser.exe [2552432 2022-01-20] (Avast Software s.r.o. -> AVAST Software)
Task: {3CA42C64-BB1B-4A4F-910E-D797E5FEBC39} - System32\Tasks\RtHDVBg_LENOVO_MICPKEY => C:\Program Files\Realtek\Audio\HDA\RAVBg64.exe [1393880 2015-04-28] (Realtek Semiconductor Corp -> Realtek Semiconductor)
Task: {4419F48C-F12E-42E2-86CD-52897B9729C3} - System32\Tasks\GoogleUpdateTaskMachineUA => C:\Program Files (x86)\Google\Update\GoogleUpdate.exe [153168 2017-05-04] (Google Inc -> Google Inc.)
Task: {5700A2BE-63E1-4949-89FC-8A1300D03DCE} - System32\Tasks\Mozilla\Firefox Default Browser Agent 308046B0AF4A39CB => C:\Program Files\Mozilla Firefox\default-browser-agent.exe do-task "308046B0AF4A39CB"
Task: {854E1F45-B284-4A7F-87E9-1437C8008809} - System32\Tasks\AVAST Software\Gaming mode Task Scheduler recovery => Command(1): schtasks.exe -> /Change /TN "\Adobe Acrobat Update Task" /ENABLE
Task: {854E1F45-B284-4A7F-87E9-1437C8008809} - System32\Tasks\AVAST Software\Gaming mode Task Scheduler recovery => Command(2): schtasks.exe -> /Change /TN "\CCleaner Update" /ENABLE
Task: {854E1F45-B284-4A7F-87E9-1437C8008809} - System32\Tasks\AVAST Software\Gaming mode Task Scheduler recovery => Command(3): schtasks.exe -> /Change /TN "\CCleanerSkipUAC - wow" /ENABLE
Task: {854E1F45-B284-4A7F-87E9-1437C8008809} - System32\Tasks\AVAST Software\Gaming mode Task Scheduler recovery => Command(4): schtasks.exe -> /Change /TN "\GoogleUpdateTaskMachineCore" /ENABLE
Task: {854E1F45-B284-4A7F-87E9-1437C8008809} - System32\Tasks\AVAST Software\Gaming mode Task Scheduler recovery => Command(5): schtasks.exe -> /Change /TN "\GoogleUpdateTaskMachineUA" /ENABLE
Task: {854E1F45-B284-4A7F-87E9-1437C8008809} - System32\Tasks\AVAST Software\Gaming mode Task Scheduler recovery => Command(6): schtasks.exe -> /Change /TN "\MicrosoftEdgeUpdateTaskMachineCore" /ENABLE
Task: {854E1F45-B284-4A7F-87E9-1437C8008809} - System32\Tasks\AVAST Software\Gaming mode Task Scheduler recovery => Command(7): schtasks.exe -> /Change /TN "\MicrosoftEdgeUpdateTaskMachineUA" /ENABLE
Task: {854E1F45-B284-4A7F-87E9-1437C8008809} - System32\Tasks\AVAST Software\Gaming mode Task Scheduler recovery => Command(8): schtasks.exe -> /Change /TN "\OneDrive Reporting Task-S-1-5-21-3829197068-2955107618-1151059083-1001" /ENABLE
Task: {854E1F45-B284-4A7F-87E9-1437C8008809} - System32\Tasks\AVAST Software\Gaming mode Task Scheduler recovery => Command(9): schtasks.exe -> /Change /TN "\OneDrive Standalone Update Task-S-1-5-21-3829197068-2955107618-1151059083-1001" /ENABLE
Task: {854E1F45-B284-4A7F-87E9-1437C8008809} - System32\Tasks\AVAST Software\Gaming mode Task Scheduler recovery => Command(10): schtasks.exe -> /Change /TN "\RtHDVBg_LENOVO_MICPKEY" /ENABLE
Task: {854E1F45-B284-4A7F-87E9-1437C8008809} - System32\Tasks\AVAST Software\Gaming mode Task Scheduler recovery => Command(11): schtasks.exe -> /Change /TN "\RTKCPL" /ENABLE
Task: {854E1F45-B284-4A7F-87E9-1437C8008809} - System32\Tasks\AVAST Software\Gaming mode Task Scheduler recovery => Command(12): schtasks.exe -> /Change /TN "\AVAST Software\Gaming mode Task Scheduler recovery" /DISABLE
Task: {8BC575E8-82EE-4E09-8D14-39E117C43942} - System32\Tasks\Adobe Acrobat Update Task => C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\AdobeARM.exe [1564424 2021-11-17] (Adobe Inc. -> Adobe Inc.)
Task: {93DEB2A7-22B6-4831-B211-053B472111FE} - System32\Tasks\GoogleUpdateTaskMachineCore => C:\Program Files (x86)\Google\Update\GoogleUpdate.exe [153168 2017-05-04] (Google Inc -> Google Inc.)
Task: {A8440C5E-8D72-4D08-9A8C-9B1E29F496E5} - System32\Tasks\AvastUpdateTaskMachineUA => C:\Program Files (x86)\AVAST Software\Browser\Update\AvastBrowserUpdate.exe [194200 2020-10-27] (Avast Software s.r.o. -> AVAST Software)
Task: {B2940D65-C518-40F4-A879-CE4A2C35D1B1} - System32\Tasks\HP\HP Print Scan Doctor\Printer Health Monitor Logon => C:\Program Files\HPPrintScanDoctor\HPPrinterHealthMonitor.exe [38504 2021-05-10] (HP Inc. -> HP Inc.)
Task: {BD2AD8B0-6364-49E3-825E-D4C5F297634B} - System32\Tasks\Avast Emergency Update => C:\Program Files\AVAST Software\Avast\AvEmUpdate.exe [4969240 2021-12-28] (Avast Software s.r.o. -> AVAST Software)
Task: {BFF500AA-A1F8-4461-8B39-991B0538D9B0} - System32\Tasks\AVAST Software\Avast settings backup => C:\Program Files\Common Files\AV\avast! Antivirus\backup.exe /backup /iavs (No File)
Task: {D32679CA-202F-495E-BDC5-25DA16392DDA} - System32\Tasks\AvastUpdateTaskMachineCore => C:\Program Files (x86)\AVAST Software\Browser\Update\AvastBrowserUpdate.exe [194200 2020-10-27] (Avast Software s.r.o. -> AVAST Software)
Task: {D921ED68-211B-4E87-8CD1-D966195A8B45} - System32\Tasks\Microsoft\Windows\PLA\LSC Memory => C:\Windows\system32\rundll32.exe C:\Windows\system32\pla.dll,PlaHost "LSC Memory" "$(Arg0)"
Task: {F27BA4E7-FD8E-47A2-A253-05B554EDC65B} - System32\Tasks\Mozilla\Firefox Background Update 308046B0AF4A39CB => C:\Program Files\Mozilla Firefox\firefox.exe --MOZ_LOG sync,prependheader,timestamp,append,maxsize:1,Dump:5 --MOZ_LOG_FILE C:\ProgramData\Mozilla-1de4eec8-1241-4177-a864-e594e8d1fb38\updates\308046B0AF4A39CB\backgroundupdate.moz_log --backgroundtask backgroundupdate

(If an entry is included in the fixlist, the task (.job) file will be moved. The file which is running by the task will not be moved.)

==================== Internet (Whitelisted) ====================

(If an item is included in the fixlist, if it is a registry item it will be removed or restored to default.)

Hosts: There are more than one entry in Hosts. See Hosts section of Addition.txt
Tcpip\Parameters: [DhcpNameServer] 10.0.0.138
Tcpip\..\Interfaces\{39597aef-b25c-4b33-9f95-6ddc1c9a2f2a}: [DhcpNameServer] 10.0.0.138

Edge:
=======
Edge Profile: C:\Users\wow\AppData\Local\Microsoft\Edge\User Data\Default [2022-02-10]
Edge StartupUrls: Default -> "hxxps://www.chess.com/club/czechoslovakia-team"

FireFox:
========
FF DefaultProfile: py09br4x.default-1604058508666
FF ProfilePath: C:\Users\wow\AppData\Roaming\Mozilla\Firefox\Profiles\py09br4x.default-1604058508666 [2022-02-11]
FF Homepage: Mozilla\Firefox\Profiles\py09br4x.default-1604058508666 -> hxxps://www.seznam.cz/
FF Notifications: Mozilla\Firefox\Profiles\py09br4x.default-1604058508666 -> hxxps://www.pinterest.ca; hxxps://www.youtube.com
FF ProfilePath: C:\Users\wow\AppData\Roaming\KompoZer\Profiles\qhlhqfx9.default [2018-04-30]
FF Plugin: Adobe Acrobat -> C:\Program Files\Adobe\Acrobat DC\Acrobat\Air\nppdf32.dll [2021-12-24] (Adobe Inc. -> Adobe Systems Inc.)
FF Plugin-x32: @intel-webapi.intel.com/Intel WebAPI ipt;version=4.0.68 -> C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\IPT\npIntelWebAPIIPT.dll [2015-04-21] (Intel(R) Identity Protection Technology Software -> Intel Corporation)
FF Plugin-x32: @intel-webapi.intel.com/Intel WebAPI updater -> C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\IPT\npIntelWebAPIUpdater.dll [2015-04-21] (Intel(R) Identity Protection Technology Software -> Intel Corporation)
FF Plugin-x32: @microsoft.com/WLPG,version=16.4.3528.0331 -> C:\Program Files (x86)\Windows Live\Photo Gallery\NPWLPG.dll [2014-03-31] (Microsoft Corporation -> Microsoft Corporation)
FF Plugin-x32: @update.avastbrowser.com/Avast Browser;version=3 -> C:\Program Files (x86)\AVAST Software\Browser\Update\1.8.1065.0\npAvastBrowserUpdate3.dll [2020-10-27] (Avast Software s.r.o. -> AVAST Software)
FF Plugin-x32: @update.avastbrowser.com/Avast Browser;version=9 -> C:\Program Files (x86)\AVAST Software\Browser\Update\1.8.1065.0\npAvastBrowserUpdate3.dll [2020-10-27] (Avast Software s.r.o. -> AVAST Software)

Chrome:
=======
CHR Profile: C:\Users\wow\AppData\Local\Google\Chrome\User Data\Default [2022-02-10]
CHR Extension: (Slides) - C:\Users\wow\AppData\Local\Google\Chrome\User Data\Default\Extensions\aapocclcgogkmnckokdopfmhonfmgoek [2017-10-18]
CHR Extension: (Docs) - C:\Users\wow\AppData\Local\Google\Chrome\User Data\Default\Extensions\aohghmighlieiainnegkcijnfilokake [2017-10-18]
CHR Extension: (Google Drive) - C:\Users\wow\AppData\Local\Google\Chrome\User Data\Default\Extensions\apdfllckaahabafndbhieahigkjlhalf [2020-10-26]
CHR Extension: (YouTube) - C:\Users\wow\AppData\Local\Google\Chrome\User Data\Default\Extensions\blpcfgokakmgnkcojhhkbfbldkacnbeo [2017-05-04]
CHR Extension: (Sheets) - C:\Users\wow\AppData\Local\Google\Chrome\User Data\Default\Extensions\felcaaldnbdncclmgdcncolpebgiejap [2017-10-18]
CHR Extension: (Google Docs Offline) - C:\Users\wow\AppData\Local\Google\Chrome\User Data\Default\Extensions\ghbmnnjooekpmoecnnnilnnbdlolhkhi [2022-01-30]
CHR Extension: (Application Launcher For Drive (by Google)) - C:\Users\wow\AppData\Local\Google\Chrome\User Data\Default\Extensions\lmjegmlicamnimmfhcmpkclmigmmcbeh [2021-05-21]
CHR Extension: (Chrome Web Store Payments) - C:\Users\wow\AppData\Local\Google\Chrome\User Data\Default\Extensions\nmmhkkegccagdldgiimedpiccmgmieda [2021-01-29]
CHR Extension: (Gmail) - C:\Users\wow\AppData\Local\Google\Chrome\User Data\Default\Extensions\pjkljhegncpnkpknbcohdijeoejaedia [2020-10-23]
CHR HKU\S-1-5-21-3829197068-2955107618-1151059083-1001\SOFTWARE\Google\Chrome\Extensions\...\Chrome\Extension: [lmjegmlicamnimmfhcmpkclmigmmcbeh]

==================== Services (Whitelisted) ===================

(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)

R2 AdobeARMservice; C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\armsvc.exe [169728 2021-11-17] (Adobe Inc. -> Adobe Inc.)
S3 AGMService; C:\Program Files (x86)\Common Files\Adobe\AdobeGCClient\AGMService.exe [3780296 2021-02-17] (Adobe Inc. -> Adobe Systems, Incorporated)
S3 AGSService; C:\Program Files (x86)\Common Files\Adobe\AdobeGCClient\AGSService.exe [3548360 2021-02-17] (Adobe Inc. -> Adobe Systems, Incorporated)
R3 aswbIDSAgent; C:\Program Files\AVAST Software\Avast\aswidsagent.exe [8480848 2021-12-28] (Avast Software s.r.o. -> AVAST Software)
S2 avast; C:\Program Files (x86)\AVAST Software\Browser\Update\AvastBrowserUpdate.exe [194200 2020-10-27] (Avast Software s.r.o. -> AVAST Software)
R2 avast! Antivirus; C:\Program Files\AVAST Software\Avast\AvastSvc.exe [452888 2021-12-28] (Avast Software s.r.o. -> AVAST Software)
R2 avast! Tools; C:\Program Files\AVAST Software\Avast\aswToolsSvc.exe [452888 2021-12-28] (Avast Software s.r.o. -> AVAST Software)
S3 avastm; C:\Program Files (x86)\AVAST Software\Browser\Update\AvastBrowserUpdate.exe [194200 2020-10-27] (Avast Software s.r.o. -> AVAST Software)
S3 AvastSecureBrowserElevationService; C:\Program Files (x86)\AVAST Software\Browser\Application\97.1.13818.100\elevation_service.exe [1798360 2022-01-20] (Avast Software s.r.o. -> AVAST Software)
R2 AvastWscReporter; C:\Program Files\AVAST Software\Avast\wsc_proxy.exe [56912 2021-06-04] (Avast Software s.r.o. -> AVAST Software)
S2 Freemake Improver; C:\ProgramData\Freemake\FreemakeUtilsService\FreemakeUtilsService.exe [82216 2020-09-30] (Mixbyte Inc -> Freemake)
S3 HPPrintScanDoctorService; C:\Program Files\HPPrintScanDoctor\HPPrintScanDoctorService.exe [288360 2021-05-10] (HP Inc. -> HP Inc.)
R3 Intel(R) Security Assist; C:\Program Files (x86)\Intel\Intel(R) Security Assist\isa.exe [335872 2015-05-19] (Intel Corporation) [File not signed]
S2 isaHelperSvc; C:\Program Files (x86)\Intel\Intel(R) Security Assist\isaHelperService.exe [7680 2015-05-19] () [File not signed]
S3 Lenovo EasyPlus Hotspot; C:\Program Files (x86)\Common Files\LENOVO\easyplussdk\bin\EPHotspot64.exe [619776 2015-01-15] (LENOVO -> Lenovo)
R2 Sks8821; C:\Program Files\Lenovo\Lenovo Slim USB Keyboard\Sks8821.exe [137216 2010-05-04] () [File not signed]
S3 WdNisSvc; C:\ProgramData\Microsoft\Windows Defender\platform\4.18.1911.3-0\NisSrv.exe [3206472 2019-12-13] (Microsoft Windows Publisher -> Microsoft Corporation)
S3 WinDefend; C:\ProgramData\Microsoft\Windows Defender\platform\4.18.1911.3-0\MsMpEng.exe [103376 2019-12-13] (Microsoft Windows Publisher -> Microsoft Corporation)

===================== Drivers (Whitelisted) ===================

(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)

R0 aswArDisk; C:\WINDOWS\System32\drivers\aswArDisk.sys [36784 2021-12-28] (Avast Software s.r.o. -> AVAST Software)
R1 aswArPot; C:\WINDOWS\System32\drivers\aswArPot.sys [223176 2021-12-28] (Avast Software s.r.o. -> AVAST Software)
R1 aswbidsdriver; C:\WINDOWS\System32\drivers\aswbidsdriver.sys [369216 2021-12-28] (Avast Software s.r.o. -> AVAST Software)
R0 aswbidsh; C:\WINDOWS\System32\drivers\aswbidsh.sys [252992 2021-12-28] (Avast Software s.r.o. -> AVAST Software)
R0 aswbuniv; C:\WINDOWS\System32\drivers\aswbuniv.sys [100416 2021-12-28] (Avast Software s.r.o. -> AVAST Software)
R0 aswElam; C:\WINDOWS\System32\drivers\aswElam.sys [21936 2021-10-06] (Microsoft Windows Early Launch Anti-malware Publisher -> AVAST Software)
R1 aswKbd; C:\WINDOWS\System32\drivers\aswKbd.sys [42416 2021-12-28] (Avast Software s.r.o. -> AVAST Software)
R1 aswMonFlt; C:\WINDOWS\System32\drivers\aswMonFlt.sys [186280 2021-12-28] (Avast Software s.r.o. -> AVAST Software)
R1 aswNetHub; C:\WINDOWS\System32\drivers\aswNetHub.sys [540056 2021-12-28] (Avast Software s.r.o. -> AVAST Software)
R1 aswRdr; C:\WINDOWS\System32\drivers\aswRdr2.sys [108912 2021-12-28] (Avast Software s.r.o. -> AVAST Software)
R0 AswRvrt; C:\WINDOWS\System32\drivers\aswRvrt.sys [83976 2021-12-28] (Avast Software s.r.o. -> AVAST Software)
R1 aswSnx; C:\WINDOWS\System32\drivers\aswSnx.sys [853800 2021-12-28] (Avast Software s.r.o. -> AVAST Software)
R1 aswSP; C:\WINDOWS\System32\drivers\aswSP.sys [545176 2021-12-28] (Avast Software s.r.o. -> AVAST Software)
R2 aswStm; C:\WINDOWS\System32\drivers\aswStm.sys [215432 2021-12-28] (Avast Software s.r.o. -> AVAST Software)
R0 aswVmm; C:\WINDOWS\System32\drivers\aswVmm.sys [318760 2021-12-28] (Avast Software s.r.o. -> AVAST Software)
S3 BthA2dp; C:\WINDOWS\System32\drivers\BthA2dp.sys [279040 2019-12-07] (Microsoft Corporation) [File not signed]
S3 BthHFEnum; C:\WINDOWS\System32\drivers\bthhfenum.sys [144896 2019-12-07] (Microsoft Corporation) [File not signed]
R3 GeneStor; C:\WINDOWS\system32\DRIVERS\GeneStor.sys [115704 2015-07-15] (GENESYS LOGIC, INC. -> GenesysLogic)
R1 googledrivefs3688; C:\WINDOWS\System32\DRIVERS\googledrivefs3688.sys [381456 2021-12-14] (Microsoft Windows Hardware Compatibility Publisher -> Google, Inc.)
S3 WdBoot; C:\WINDOWS\system32\drivers\wd\WdBoot.sys [45664 2019-12-13] (Microsoft Windows Early Launch Anti-malware Publisher -> Microsoft Corporation)
S3 WDC_SAM; C:\WINDOWS\System32\drivers\wdcsam64.sys [26880 2017-05-04] (WDKTestCert wdclab,130885612892544312 -> Western Digital Technologies, Inc.)
S3 WdFilter; C:\WINDOWS\system32\drivers\wd\WdFilter.sys [355760 2019-12-13] (Microsoft Windows -> Microsoft Corporation)
S3 WdNisDrv; C:\WINDOWS\System32\drivers\wd\WdNisDrv.sys [54192 2019-12-13] (Microsoft Windows -> Microsoft Corporation)
S3 wsvd; C:\WINDOWS\system32\DRIVERS\wsvd.sys [102376 2012-06-14] (CyberLink -> "CyberLink)

==================== NetSvcs (Whitelisted) ===================

(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)

==================== One month (created) (Whitelisted) =========

(If an entry is included in the fixlist, the file/folder will be moved.)

2022-02-11 15:47 - 2022-02-11 15:49 - 000023738 _____ C:\Users\wow\Desktop\FRST.txt
2022-02-11 15:47 - 2022-02-11 15:47 - 000000000 ___HD C:\Users\wow\Documents\.tmp.driveupload
2022-02-11 14:16 - 2022-02-11 10:51 - 002311680 _____ (Farbar) C:\Users\wow\Desktop\FRST64.exe
2022-02-11 13:32 - 2022-02-11 13:32 - 000000000 ___HD C:\$WinREAgent
2022-02-11 13:31 - 2022-02-11 13:31 - 000000000 ____D C:\Program Files\Malwarebytes
2022-02-11 10:53 - 2022-02-11 15:48 - 000000000 ____D C:\FRST
2022-02-10 11:24 - 2022-02-11 14:20 - 000000000 ____D C:\ProgramData\Mozilla-1de4eec8-1241-4177-a864-e594e8d1fb38
2022-02-10 09:16 - 2022-02-10 16:13 - 000000000 ____D C:\Program Files\Mozilla Firefox
2022-02-08 11:45 - 2022-02-08 11:45 - 002376962 _____ C:\Users\wow\Downloads\Swerling Beverly - Mesto slavy.mobi
2022-01-27 16:48 - 2022-01-27 16:48 - 000132119 _____ C:\Users\wow\Downloads\pojisteni_vkladu_2021.pdf
2022-01-27 16:41 - 2022-01-27 16:41 - 000973954 _____ C:\Users\wow\Downloads\ČSPS - Výpis - Doplňkové penzijní spoření 1.pdf
2022-01-14 13:19 - 2022-01-14 13:19 - 000523776 _____ (curl, hxxps://curl.se/) C:\WINDOWS\system32\curl.exe
2022-01-14 13:19 - 2022-01-14 13:19 - 000464384 _____ (curl, hxxps://curl.se/) C:\WINDOWS\SysWOW64\curl.exe
2022-01-14 13:19 - 2022-01-14 13:19 - 000011797 _____ C:\WINDOWS\system32\DrtmAuthTxt.wim

==================== One month (modified) ==================

(If an entry is included in the fixlist, the file/folder will be moved.)

2022-02-11 15:31 - 2019-12-07 10:14 - 000000000 ____D C:\ProgramData\regid.1991-06.com.microsoft
2022-02-11 14:47 - 2021-12-14 09:56 - 000003126 _____ C:\WINDOWS\system32\Tasks\OneDrive Reporting Task-S-1-5-21-3829197068-2955107618-1151059083-1001
2022-02-11 14:47 - 2021-08-20 10:18 - 000002310 _____ C:\WINDOWS\system32\Tasks\CCleanerSkipUAC - wow
2022-02-11 14:47 - 2021-08-18 10:01 - 000003542 _____ C:\WINDOWS\system32\Tasks\Adobe Acrobat Update Task
2022-02-11 14:47 - 2021-07-17 07:34 - 000003462 _____ C:\WINDOWS\system32\Tasks\GoogleUpdateTaskMachineUA
2022-02-11 14:47 - 2021-07-17 07:34 - 000003238 _____ C:\WINDOWS\system32\Tasks\GoogleUpdateTaskMachineCore
2022-02-11 14:47 - 2021-05-17 11:09 - 000003572 _____ C:\WINDOWS\system32\Tasks\MicrosoftEdgeUpdateTaskMachineUA
2022-02-11 14:47 - 2021-05-17 11:09 - 000003348 _____ C:\WINDOWS\system32\Tasks\MicrosoftEdgeUpdateTaskMachineCore
2022-02-11 14:47 - 2020-08-27 11:22 - 000003048 _____ C:\WINDOWS\system32\Tasks\CCleaner Update
2022-02-11 14:47 - 2020-08-27 11:22 - 000002922 _____ C:\WINDOWS\system32\Tasks\OneDrive Standalone Update Task-S-1-5-21-3829197068-2955107618-1151059083-1001
2022-02-11 14:47 - 2020-08-27 11:22 - 000002396 _____ C:\WINDOWS\system32\Tasks\RtHDVBg_LENOVO_MICPKEY
2022-02-11 14:47 - 2020-08-27 11:22 - 000002340 _____ C:\WINDOWS\system32\Tasks\RTKCPL
2022-02-11 14:47 - 2020-08-27 11:22 - 000000000 ____D C:\WINDOWS\system32\Tasks\AVAST Software
2022-02-11 14:44 - 2019-12-07 10:14 - 000000000 ____D C:\WINDOWS\AppReadiness
2022-02-11 14:43 - 2019-12-07 10:14 - 000000000 ___HD C:\Program Files\WindowsApps
2022-02-11 14:31 - 2019-12-07 10:03 - 000000000 ____D C:\WINDOWS\CbsTemp
2022-02-11 14:19 - 2017-05-04 18:21 - 000000000 ____D C:\Users\wow\AppData\LocalLow\Mozilla
2022-02-11 14:16 - 2017-05-04 21:04 - 000000000 ____D C:\Program Files (x86)\Google
2022-02-11 14:15 - 2017-10-08 12:23 - 000000000 ____D C:\Users\wow\AppData\Local\AVAST Software
2022-02-11 14:14 - 2019-12-07 10:14 - 000000000 ___HD C:\WINDOWS\ELAMBKUP
2022-02-11 13:31 - 2017-05-03 21:34 - 000000000 ____D C:\Program Files\CCleaner
2022-02-11 13:30 - 2021-09-14 20:38 - 000000297 _____ C:\Users\wow\Disk Google.lnk
2022-02-11 13:30 - 2020-08-27 11:04 - 000000000 ____D C:\Users\wow
2022-02-11 13:30 - 2018-02-20 19:31 - 000000000 ___RD C:\Users\wow\Documents\Scanned Documents
2022-02-11 13:30 - 2018-02-20 19:31 - 000000000 ___RD C:\Users\wow\Documents\Fax
2022-02-11 13:30 - 2017-12-08 14:29 - 000000000 ___RD C:\Users\wow\Documents\OnScreen Control
2022-02-11 13:30 - 2017-06-08 10:11 - 000000000 ___RD C:\Users\wow\Documents\FeedbackHub
2022-02-11 13:30 - 2017-05-04 19:02 - 000000000 ___RD C:\Users\wow\Documents\ChessBase
2022-02-11 13:30 - 2017-05-03 21:51 - 000000000 ___RD C:\Users\wow\Documents\ZPS14
2022-02-11 13:29 - 2017-05-04 08:35 - 000000000 ____D C:\ProgramData\AVAST Software
2022-02-11 13:28 - 2020-10-19 09:53 - 000000180 _____ C:\WINDOWS\system32\{A6D608F0-0BDE-491A-97AE-5C4B05D86E01}.bat
2022-02-11 13:28 - 2020-08-27 11:22 - 000000006 ____H C:\WINDOWS\Tasks\SA.DAT
2022-02-11 13:28 - 2020-08-27 11:00 - 000008192 ___SH C:\DumpStack.log.tmp
2022-02-11 13:28 - 2017-05-04 07:39 - 000000000 __SHD C:\Users\wow\IntelGraphicsProfiles
2022-02-11 11:06 - 2019-12-07 10:03 - 000524288 _____ C:\WINDOWS\system32\config\BBI
2022-02-11 10:40 - 2017-05-04 10:23 - 000000000 ____D C:\WINDOWS\system32\MRT
2022-02-11 10:34 - 2017-05-04 10:23 - 149611728 ____C (Microsoft Corporation) C:\WINDOWS\system32\MRT.exe
2022-02-10 16:17 - 2021-10-09 10:57 - 000000000 ____D C:\WINDOWS\system32\Tasks\Mozilla
2022-02-10 16:17 - 2020-08-27 11:22 - 000004264 _____ C:\WINDOWS\system32\Tasks\Avast Emergency Update
2022-02-10 16:13 - 2017-05-04 18:21 - 000000000 ____D C:\Program Files (x86)\Mozilla Maintenance Service
2022-02-10 11:24 - 2019-02-06 09:50 - 000000000 ____D C:\ProgramData\Mozilla
2022-02-10 11:24 - 2017-05-04 18:21 - 000001012 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Firefox.lnk
2022-02-09 10:44 - 2017-05-04 10:49 - 000002308 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Google Chrome.lnk
2022-02-09 10:44 - 2017-05-04 10:49 - 000002267 _____ C:\Users\Public\Desktop\Google Chrome.lnk
2022-02-08 11:24 - 2020-08-27 11:00 - 000000000 ____D C:\WINDOWS\system32\SleepStudy
2022-02-08 03:08 - 2021-09-14 20:19 - 000002064 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Google Drive.lnk
2022-02-08 03:08 - 2021-09-14 20:19 - 000001906 _____ C:\Users\Default\Desktop\Google Slides.lnk
2022-02-08 03:08 - 2021-09-14 20:19 - 000001906 _____ C:\Users\Default\Desktop\Google Sheets.lnk
2022-02-08 03:08 - 2021-09-14 20:19 - 000001894 _____ C:\Users\Default\Desktop\Google Docs.lnk
2022-02-06 13:56 - 2017-10-18 17:44 - 000001060 _____ C:\Users\Public\Desktop\calibre 64bit - E-book management.lnk
2022-02-06 13:56 - 2017-05-04 19:54 - 000000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\calibre 64bit - E-book Management
2022-02-06 13:56 - 2017-05-04 19:54 - 000000000 ____D C:\Program Files\Calibre2
2022-02-05 10:35 - 2021-05-17 11:10 - 000002445 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Microsoft Edge.lnk
2022-02-05 10:35 - 2021-05-17 11:10 - 000002283 _____ C:\Users\Public\Desktop\Microsoft Edge.lnk
2022-02-05 00:09 - 2017-09-14 09:43 - 000000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Backup and Sync from Google
2022-01-27 16:42 - 2018-07-08 16:46 - 000002505 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Avast Secure Browser.lnk
2022-01-27 16:42 - 2018-07-08 16:46 - 000002470 _____ C:\Users\Public\Desktop\Avast Secure Browser.lnk
2022-01-27 16:35 - 2020-08-27 11:04 - 000002382 _____ C:\Users\wow\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\OneDrive.lnk
2022-01-19 12:40 - 2017-11-30 17:55 - 000000000 ____D C:\Users\wow\AppData\Local\Packages
2022-01-17 12:50 - 2017-05-04 19:01 - 000000000 ____D C:\Users\wow\AppData\Local\CrashDumps
2022-01-16 18:09 - 2019-12-07 10:13 - 000000000 ____D C:\WINDOWS\INF
2022-01-16 16:52 - 2020-08-27 20:33 - 000716748 _____ C:\WINDOWS\system32\perfh005.dat
2022-01-16 16:52 - 2020-08-27 20:33 - 000144946 _____ C:\WINDOWS\system32\perfc005.dat
2022-01-16 16:52 - 2020-08-27 11:16 - 001693136 _____ C:\WINDOWS\system32\PerfStringBackup.INI
2022-01-16 16:45 - 2020-08-27 11:00 - 000470464 _____ C:\WINDOWS\system32\FNTCACHE.DAT
2022-01-14 13:55 - 2019-12-07 10:14 - 000000000 ___SD C:\WINDOWS\system32\DiagSvcs
2022-01-14 13:55 - 2019-12-07 10:14 - 000000000 ____D C:\WINDOWS\SysWOW64\Dism
2022-01-14 13:55 - 2019-12-07 10:14 - 000000000 ____D C:\WINDOWS\SystemResources
2022-01-14 13:55 - 2019-12-07 10:14 - 000000000 ____D C:\WINDOWS\system32\setup
2022-01-14 13:55 - 2019-12-07 10:14 - 000000000 ____D C:\WINDOWS\system32\oobe
2022-01-14 13:55 - 2019-12-07 10:14 - 000000000 ____D C:\WINDOWS\system32\Dism
2022-01-14 13:54 - 2019-12-07 10:14 - 000000000 ____D C:\WINDOWS\bcastdvr
2022-01-13 10:03 - 2021-12-06 10:13 - 000002080 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Adobe Acrobat DC.lnk

==================== Files in the root of some directories ========

2021-03-06 16:24 - 2021-03-06 16:24 - 000000000 _____ () C:\Users\wow\AppData\Local\oobelibMkey.log
2021-10-15 10:12 - 2021-10-15 10:12 - 000000017 _____ () C:\Users\wow\AppData\Local\resmon.resmoncfg
2021-06-13 12:18 - 2021-06-13 12:18 - 000000000 _____ () C:\Users\wow\AppData\Local\{D776AA14-D752-4F04-BED3-8CE7F067DD8B}

==================== SigCheck ============================

(There is no automatic fix for files that do not pass verification.)

==================== End of FRST.txt ========================

Additional scan result of Farbar Recovery Scan Tool (x64) Version: 05-02-2022
Ran by wow (11-02-2022 15:50:52)
Running from C:\Users\wow\Desktop
Microsoft Windows 10 Home Version 21H1 19043.1466 (X64) (2020-08-27 10:22:50)
Boot Mode: Normal
==========================================================

==================== Accounts: =============================

(If an entry is included in the fixlist, it will be removed.)

Administrator (S-1-5-21-3829197068-2955107618-1151059083-500 - Administrator - Disabled)
DefaultAccount (S-1-5-21-3829197068-2955107618-1151059083-503 - Limited - Disabled)
Guest (S-1-5-21-3829197068-2955107618-1151059083-501 - Limited - Disabled)
WDAGUtilityAccount (S-1-5-21-3829197068-2955107618-1151059083-504 - Limited - Disabled)
wow (S-1-5-21-3829197068-2955107618-1151059083-1001 - Administrator - Enabled) => C:\Users\wow

==================== Security Center ========================

(If an entry is included in the fixlist, it will be removed.)

AV: Windows Defender (Disabled - Up to date) {D68DDC3A-831F-4fae-9E44-DA132C1ACF46}
AV: Avast Antivirus (Enabled - Up to date) {EB19B86E-3998-C706-90EF-92B41EB091AF}
AS: Windows Defender (Disabled - Up to date) {D68DDC3A-831F-4fae-9E44-DA132C1ACF46}
AS: Avast Antivirus (Enabled - Up to date) {35C973AA-9ABB-D3CA-B100-B0DC0E5F2402}

==================== Installed Programs ======================

(Only the adware programs with "Hidden" flag could be added to the fixlist to unhide them. The adware programs should be uninstalled manually.)

7z Extractor (HKLM-x32\...\{FA71EF19-3822-44F1-B843-B84CA34266CB}_is1) (Version: - 7zextractor.com)
Adobe Acrobat DC (64-bit) (HKLM\...\{AC76BA86-1029-1033-7760-BC15014EA700}) (Version: 21.011.20039 - Adobe)
Adobe dreamweaver (HKLM\...\{F91C3A80-17BA-41E3-8288-A36778F03035}) (Version: 1.0.0000 - Adobe Systems Incorporated) Hidden
Adobe Genuine Service (HKLM-x32\...\AdobeGenuineService) (Version: - Adobe)
Aktualizace produktu Microsoft Office Excel 2007 Help (KB963678) (HKLM-x32\...\{90120000-0016-0405-0000-0000000FF1CE}_ENTERPRISE_{0A1FAC46-B899-421D-B1A2-470896DC45DB}) (Version: - Microsoft)
Aktualizace produktu Microsoft Office Powerpoint 2007 Help (KB963669) (HKLM-x32\...\{90120000-0018-0405-0000-0000000FF1CE}_ENTERPRISE_{5260BB53-C1F7-4A3B-9AEB-3EC9B37FF194}) (Version: - Microsoft)
Aktualizace produktu Microsoft Office Word 2007 Help (KB963665) (HKLM-x32\...\{90120000-001B-0405-0000-0000000FF1CE}_ENTERPRISE_{E68DD413-B834-4923-8181-0A03B7555187}) (Version: - Microsoft)
Altap Salamander 3.03 (x86) (HKLM-x32\...\Altap Salamander 3.03 (x86)) (Version: 3.03 - ALTAP)
Avast Free Antivirus (HKLM\...\Avast Antivirus) (Version: 21.11.2500 - Avast Software)
Avast Secure Browser (HKLM-x32\...\Avast Secure Browser) (Version: 97.1.13818.100 - Autoři prohlížeče Avast Secure Browser)
Avast Update Helper (HKLM-x32\...\{A92DAB39-4E2C-4304-9AB6-BC44E68B55E2}) (Version: 1.8.1065.0 - AVAST Software) Hidden
Backup and Sync from Google (HKLM\...\{696895F7-52C7-4C9E-998B-C7E0CC907092}) (Version: 3.57.4256.0809 - Google, Inc.)
BitTorrent (HKU\S-1-5-21-3829197068-2955107618-1151059083-1001\...\BitTorrent) (Version: 7.10.5.46097 - BitTorrent Inc.)
calibre 64bit (HKLM\...\{B7D1DB66-A0AE-47DA-9A01-3F51CD62897D}) (Version: 5.36.0 - Kovid Goyal)
CCleaner (HKLM\...\CCleaner) (Version: 5.89 - Piriform)
CDBurnerXP (HKLM-x32\...\{7E265513-8CDA-4631-B696-F40D983F3B07}_is1) (Version: 4.5.7.6623 - CDBurnerXP)
Cool Edit Pro 2.1 (HKLM-x32\...\Cool Edit Pro 2.1) (Version: - )
D3DX10 (HKLM-x32\...\{E09C4DB7-630C-4F06-A631-8EA7239923AF}) (Version: 15.4.2368.0902 - Microsoft) Hidden
Genesys USB Mass Storage Device (HKLM-x32\...\{959B7F35-2819-40C5-A0CD-3C53B5FCC935}) (Version: 4.5.0.6.1001 - Genesys Logic)
Google Drive (HKLM\...\{6BBAE539-2232-434A-A4E5-9A33560C6283}) (Version: 55.0.3.0 - Google LLC)
Google Chrome (HKLM-x32\...\Google Chrome) (Version: 98.0.4758.82 - Google LLC)
HappyFoto DESIGNER 5.4 (HKLM-x32\...\HappyFoto-Designer_is1) (Version: - )
Intel(R) Chipset Device Software (HKLM-x32\...\{c7f54569-0018-439c-809a-48046a4d4ebc}) (Version: 10.1.1.9 - Intel(R) Corporation) Hidden
Intel(R) Management Engine Components (HKLM\...\{1CEAC85D-2590-4760-800F-8DE5E91F3700}) (Version: 11.0.0.1158 - Intel Corporation)
Intel(R) Processor Graphics (HKLM-x32\...\{F0E3AD40-2BBD-4360-9C76-B9AC9A5886EA}) (Version: 20.19.15.4963 - Intel Corporation)
Intel® Security Assist (HKLM-x32\...\{4B230374-6475-4A73-BA6E-41015E9C5013}) (Version: 1.0.0.532 - Intel Corporation)
IrfanView 4.57 (32-bit) (HKLM-x32\...\IrfanView) (Version: 4.57 - Irfan Skiljan)
Kontrola stavu osobního počítače s Windows (HKLM\...\{88EC8D4A-54AB-4A7F-BDE9-4AD906D9D11F}) (Version: 3.2.2110.14001 - Microsoft Corporation)
Lenovo Rescue System (HKLM\...\{46F4D124-20E5-4D12-BE52-EC177A7A4B42}) (Version: 4.0.0.5015 - CyberLink Corp.) Hidden
Lenovo Rescue System (HKLM-x32\...\InstallShield_{46F4D124-20E5-4D12-BE52-EC177A7A4B42}) (Version: 4.0.0.5015 - CyberLink Corp.)
Lenovo Slim USB Keyboard (HKLM\...\{494D80C4-3557-4D73-A153-65FE4B3ECDC3}) (Version: 1.17 - Lenovo)
Manual (HKLM-x32\...\{693F92E5-37D1-46B7-A0D6-19A74A2FD0EC}) (Version: 1.00.0701 - Lenovo)
Metric Collection SDK 35 (HKLM-x32\...\{C2B5B5B0-2545-4E94-B4BA-548D4BF0B196}) (Version: 1.2.0006.00 - Lenovo Group Limited) Hidden
Microsoft Edge (HKLM-x32\...\Microsoft Edge) (Version: 98.0.1108.43 - Microsoft Corporation)
Microsoft Office (HKLM-x32\...\{90150000-0138-0409-0000-0000000FF1CE}) (Version: 15.0.4693.1005 - Microsoft Corporation)
Microsoft Office 2007 Service Pack 3 (SP3) (HKLM-x32\...\{90120000-0030-0000-0000-0000000FF1CE}_ENTERPRISE_{6E107EB7-8B55-48BF-ACCB-199F86A2CD93}) (Version: - Microsoft)
Microsoft Office Enterprise 2007 (HKLM-x32\...\ENTERPRISE) (Version: 12.0.6612.1000 - Microsoft Corporation)
Microsoft Office File Validation Add-In (HKLM-x32\...\{90140000-2005-0000-0000-0000000FF1CE}) (Version: 14.0.5130.5003 - Microsoft Corporation)
Microsoft OneDrive (HKU\S-1-5-21-3829197068-2955107618-1151059083-1001\...\OneDriveSetup.exe) (Version: 22.002.0103.0004 - Microsoft Corporation)
Microsoft Update Health Tools (HKLM\...\{29B15818-E79F-4AB0-8938-9410C807AD76}) (Version: 2.84.0.0 - Microsoft Corporation)
Microsoft Visual C++ 2005 Redistributable (HKLM-x32\...\{710f4c1c-cc18-4c49-8cbf-51240c89a1a2}) (Version: 8.0.61001 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.17 (HKLM-x32\...\{9A25302D-30C0-39D9-BD6F-21E6EC160475}) (Version: 9.0.30729 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.4148 (HKLM-x32\...\{1F1C2DFC-2D24-3E06-BCB8-725134ADF989}) (Version: 9.0.30729.4148 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.6161 (HKLM-x32\...\{9BE518E6-ECC6-35A9-88E4-87755C07200F}) (Version: 9.0.30729.6161 - Microsoft Corporation)
Microsoft Visual C++ 2010 x86 Redistributable - 10.0.40219 (HKLM-x32\...\{F0C3E5D1-1ADE-321E-8167-68EF0DE699A5}) (Version: 10.0.40219 - Microsoft Corporation)
Microsoft Visual C++ 2012 Redistributable (x86) - 11.0.61030 (HKLM-x32\...\{33d1fd90-4274-48a1-9bc1-97e33d9c2d6f}) (Version: 11.0.61030.0 - Microsoft Corporation)
Microsoft Visual C++ 2013 Redistributable (x64) - 12.0.30501 (HKLM-x32\...\{050d4fc8-5d48-4b8f-8972-47c82c46020f}) (Version: 12.0.30501.0 - Microsoft Corporation)
Microsoft Visual C++ 2013 Redistributable (x86) - 12.0.30501 (HKLM-x32\...\{f65db027-aff3-4070-886a-0d87064aabb1}) (Version: 12.0.30501.0 - Microsoft Corporation)
Microsoft Visual C++ 2015 Redistributable (x64) - 14.0.24212 (HKLM-x32\...\{323dad84-0974-4d90-a1c1-e006c7fdbb7d}) (Version: 14.0.24212.0 - Microsoft Corporation)
Movie Maker (HKLM-x32\...\{38F03569-A636-4CF3-BDDE-032C8C251304}) (Version: 16.4.3528.0331 - Microsoft Corporation) Hidden
Movie Maker (HKLM-x32\...\{DD67BE4B-7E62-4215-AFA3-F123A800A389}) (Version: 16.4.3528.0331 - Microsoft Corporation) Hidden
Mozilla Firefox (x64 cs) (HKLM\...\Mozilla Firefox 97.0 (x64 cs)) (Version: 97.0 - Mozilla)
Mozilla Maintenance Service (HKLM\...\MozillaMaintenanceService) (Version: 53.0 - Mozilla)
OnScreen Control (HKLM-x32\...\{E5C1B339-0E4E-49A5-859E-5E1DE1938706}) (Version: 1.39 - LG Electronics Inc)
Rajče průvodce verze 1.59.54.269 (HKLM-x32\...\rajce.net_is1) (Version: - rajce.net)
Realtek Ethernet Controller All-In-One Windows Driver (HKLM-x32\...\{F7E7F0CB-AA41-4D5A-B6F2-8E6738EB063F}) (Version: 10.1.505.2015 - Realtek)
Realtek High Definition Audio Driver (HKLM-x32\...\{F132AF7F-7BCA-4EDE-8A7C-958108FE7DBC}) (Version: 6.0.1.7543 - Realtek Semiconductor Corp.)
Shredder 12 (HKLM-x32\...\{3892F602-F5D6-4B99-8F08-12EE6B01F66B}) (Version: 12.0.0 - ChessBase)
Update for 2007 Microsoft Office System (KB967642) (HKLM-x32\...\{90120000-0030-0000-0000-0000000FF1CE}_ENTERPRISE_{C444285D-5E4F-48A4-91DD-47AAAA68E92D}) (Version: - Microsoft)
Update for Windows 10 for x64-based Systems (KB4023057) (HKLM\...\{16AD6161-2E47-4BF1-AA77-0946EFE93E08}) (Version: 2.61.0.0 - Microsoft Corporation)
Windows Driver Package - Genesys Logic (GeneStor) USB (07/13/2015 4.5.0.6) (HKLM\...\AE2E6FAB44844413B4C6F53C908EACC8AFC838F0) (Version: 07/13/2015 4.5.0.6 - Genesys Logic)
Windows Driver Package - Intel Corporation (igfx) Display (07/17/2015 10.18.15.4256) (HKLM\...\00B7AF24A3F134555C104D6FD6BA2E998DF37957) (Version: 07/17/2015 10.18.15.4256 - Intel Corporation)
Windows Driver Package - Realtek (rt640x64) Net (05/05/2015 10.001.0505.2015) (HKLM\...\6A304520C2F25CD034E477A379C47308AA84A2DC) (Version: 05/05/2015 10.001.0505.2015 - Realtek)
Windows Movie Maker 2016 (HKLM-x32\...\{3CC29C1A-B5FE-457B-8F22-32A2videowin}}_is1) (Version: - videowinsoft.com)
xrecode II 1.0.0.231 (HKLM-x32\...\{AFE83615-88BE-47F6-B3E4-A3FEF8B7B57F}_is1) (Version: - )
Zoner Photo Studio 17 (HKLM\...\ZonerPhotoStudio17_CZ_is1) (Version: 17.0.1.3 - ZONER software)

Packages:
=========
HP Smart -> C:\Program Files\WindowsApps\AD2F1837.HPPrinterControl_134.1.221.0_x64__v10z8vjag6ke6 [2022-01-27] (HP Inc.)
Lenovo Vantage -> C:\Program Files\WindowsApps\E046963F.LenovoCompanion_10.2112.10.0_x64__k1h2ywk1493x8 [2021-12-28] (LENOVO INC.)
Microsoft Advertising SDK for XAML -> C:\Program Files\WindowsApps\Microsoft.Advertising.Xaml_10.1811.1.0_x64__8wekyb3d8bbwe [2019-02-14] (Microsoft Corporation) [MS Ad]
Microsoft Advertising SDK for XAML -> C:\Program Files\WindowsApps\Microsoft.Advertising.Xaml_10.1811.1.0_x86__8wekyb3d8bbwe [2019-02-14] (Microsoft Corporation) [MS Ad]
Microsoft Solitaire Collection -> C:\Program Files\WindowsApps\Microsoft.MicrosoftSolitaireCollection_4.12.1050.0_x64__8wekyb3d8bbwe [2022-01-12] (Microsoft Studios) [MS Ad]
Uživatelský portál Lenovo -> C:\Program Files\WindowsApps\LenovoCorporation.LenovoID_2.0.37.0_x86__4642shxvsv8s2 [2017-05-04] (LENOVO INCORPORATED.)

==================== Custom CLSID (Whitelisted): ==============

(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)

CustomCLSID: HKU\S-1-5-21-3829197068-2955107618-1151059083-1001_Classes\CLSID\{C78B6149-F3EA-11D2-94A1-00E0292A01E3}\InprocServer32 -> C:\Program Files (x86)\Altap Salamander\utils\salextx64.dll (ALTAP) [File not signed]
ShellExecuteHooks-x32: Groove GFS Stub Execution Hook - {B5A7F190-DDA6-4420-B3BA-52453494E6CD} - C:\Program Files (x86)\Microsoft Office\Office12\GrooveShellExtensions.dll [2217832 2009-02-26] (Microsoft Corporation -> Microsoft Corporation)
ShellIconOverlayIdentifiers: [ GoogleDriveCloudOverlayIconHandler] -> {A8E52322-8734-481D-A7E2-27B309EF8D56} => C:\Program Files\Google\Drive File Stream\55.0.3.0\drivefsext.dll [2022-01-25] (Google LLC -> Google, Inc.)
ShellIconOverlayIdentifiers: [ GoogleDriveMirrorBlacklistedOverlayIconHandler] -> {51EF1569-67EE-4AD6-9646-E726C3FFC8A2} => C:\Program Files\Google\Drive File Stream\55.0.3.0\drivefsext.dll [2022-01-25] (Google LLC -> Google, Inc.)
ShellIconOverlayIdentifiers: [ GoogleDrivePinnedOverlayIconHandler] -> {CFE8B367-77A7-41D7-9C90-75D16D7DC6B6} => C:\Program Files\Google\Drive File Stream\55.0.3.0\drivefsext.dll [2022-01-25] (Google LLC -> Google, Inc.)
ShellIconOverlayIdentifiers: [ GoogleDriveProgressOverlayIconHandler] -> {C973DA94-CBDF-4E77-81D1-E5B794FBD146} => C:\Program Files\Google\Drive File Stream\55.0.3.0\drivefsext.dll [2022-01-25] (Google LLC -> Google, Inc.)
ShellIconOverlayIdentifiers: [ GoogleDriveBlacklisted] -> {81539FE6-33C7-4CE7-90C7-1C7B8F2F2D42} => C:\Program Files\Google\Drive\googledrivesync64.dll [2022-02-01] (Google LLC -> Google)
ShellIconOverlayIdentifiers: [ GoogleDriveSynced] -> {81539FE6-33C7-4CE7-90C7-1C7B8F2F2D40} => C:\Program Files\Google\Drive\googledrivesync64.dll [2022-02-01] (Google LLC -> Google)
ShellIconOverlayIdentifiers: [ GoogleDriveSyncing] -> {81539FE6-33C7-4CE7-90C7-1C7B8F2F2D41} => C:\Program Files\Google\Drive\googledrivesync64.dll [2022-02-01] (Google LLC -> Google)
ShellIconOverlayIdentifiers: [00asw] -> {472083B0-C522-11CF-8763-00608CC02F24} => C:\Program Files\AVAST Software\Avast\ashShell.dll [2021-12-28] (Avast Software s.r.o. -> AVAST Software)
ShellIconOverlayIdentifiers-x32: [00asw] -> {472083B0-C522-11CF-8763-00608CC02F24} => C:\Program Files\AVAST Software\Avast\ashShell.dll [2021-12-28] (Avast Software s.r.o. -> AVAST Software)
ContextMenuHandlers1: [avast] -> {472083B0-C522-11CF-8763-00608CC02F24} => C:\Program Files\AVAST Software\Avast\ashShell.dll [2021-12-28] (Avast Software s.r.o. -> AVAST Software)
ContextMenuHandlers1: [DriveFS 28 or later] -> {EE15C2BD-CECB-49F8-A113-CA1BFC528F5B} => C:\Program Files\Google\Drive File Stream\55.0.3.0\drivefsext.dll [2022-01-25] (Google LLC -> Google, Inc.)
ContextMenuHandlers1: [GDContextMenu] -> {BB02B294-8425-42E5-983F-41A1FA970CD6} => C:\Program Files\Google\Drive\contextmenu64.dll [2022-02-01] (Google LLC -> Google)
ContextMenuHandlers3: [00asw] -> {472083B0-C522-11CF-8763-00608CC02F24} => C:\Program Files\AVAST Software\Avast\ashShell.dll [2021-12-28] (Avast Software s.r.o. -> AVAST Software)
ContextMenuHandlers4: [DriveFS 28 or later] -> {EE15C2BD-CECB-49F8-A113-CA1BFC528F5B} => C:\Program Files\Google\Drive File Stream\55.0.3.0\drivefsext.dll [2022-01-25] (Google LLC -> Google, Inc.)
ContextMenuHandlers4: [GDContextMenu] -> {BB02B294-8425-42E5-983F-41A1FA970CD6} => C:\Program Files\Google\Drive\contextmenu64.dll [2022-02-01] (Google LLC -> Google)
ContextMenuHandlers5: [DriveFS 28 or later] -> {EE15C2BD-CECB-49F8-A113-CA1BFC528F5B} => C:\Program Files\Google\Drive File Stream\55.0.3.0\drivefsext.dll [2022-01-25] (Google LLC -> Google, Inc.)
ContextMenuHandlers5: [igfxDTCM] -> {9B5F5829-A529-4B12-814A-E81BCB8D93FC} => C:\WINDOWS\system32\igfxDTCM.dll [2018-07-16] (Microsoft Windows Hardware Compatibility Publisher -> Intel Corporation)
ContextMenuHandlers6: [avast] -> {472083B0-C522-11CF-8763-00608CC02F24} => C:\Program Files\AVAST Software\Avast\ashShell.dll [2021-12-28] (Avast Software s.r.o. -> AVAST Software)

==================== Codecs (Whitelisted) ====================

==================== Shortcuts & WMI ========================

==================== Loaded Modules (Whitelisted) =============

2017-05-04 07:54 - 2014-08-29 21:37 - 000257024 _____ () [File not signed] C:\Program Files (x86)\Altap Salamander\lang\czech.slg
2017-05-04 07:54 - 2014-08-28 10:12 - 000614400 _____ (ALTAP) [File not signed] C:\Program Files (x86)\Altap Salamander\SALRTL9.DLL
2009-04-07 18:16 - 2009-04-07 18:16 - 000061440 _____ (LITE-ON Corp.) [File not signed] C:\Program Files\Lenovo\Lenovo Slim USB Keyboard\skhooks.dll
2020-08-27 11:07 - 2020-08-27 11:07 - 000097280 _____ (Microsoft Corporation) [File not signed] C:\WINDOWS\WinSxS\x86_microsoft.vc80.atl_1fc8b3b9a1e18e3b_8.0.50727.6195_none_d1cb102c435421de\ATL80.DLL

==================== Alternate Data Streams (Whitelisted) ========

==================== Safe Mode (Whitelisted) ==================

(If an entry is included in the fixlist, it will be removed from the registry. The "AlternateShell" will be restored.)

HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\aswSP.sys => ""="Driver"
HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Network\aswSP.sys => ""="Driver"

==================== Association (Whitelisted) =================

==================== Internet Explorer (Whitelisted) ==========

BHO-x32: Groove GFS Browser Helper -> {72853161-30C5-4D22-B7F9-0BBC1D38A37E} -> C:\Program Files (x86)\Microsoft Office\Office12\GrooveShellExtensions.dll [2009-02-26] (Microsoft Corporation -> Microsoft Corporation)

==================== Hosts content: =========================

(If needed Hosts: directive could be included in the fixlist to reset Hosts.)

2015-07-10 12:04 - 2021-11-18 13:14 - 000000052 _____ C:\WINDOWS\system32\drivers\etc\hosts
127.0.0.1 localhost
0.0.0.0 account.zoner.com

==================== Other Areas ===========================

(Currently there is no automatic fix for this section.)

HKLM\System\CurrentControlSet\Control\Session Manager\Environment\\Path -> C:\Program Files (x86)\Intel\iCLS Client\;C:\Program Files\Intel\iCLS Client\;%SystemRoot%\system32;%SystemRoot%;%SystemRoot%\System32\Wbem;%SYSTEMROOT%\System32\WindowsPowerShell\v1.0\;C:\Program Files (x86)\Common Files\lenovo\easyplussdk\bin;C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\DAL;C:\Program Files\Intel\Intel(R) Management Engine Components\DAL;C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\IPT;C:\Program Files\Intel\Intel(R) Management Engine Components\IPT;C:\Program Files\Calibre2\;%SYSTEMROOT%\System32\OpenSSH\
HKU\S-1-5-21-3829197068-2955107618-1151059083-1001\Control Panel\Desktop\\Wallpaper -> D:\Fotky\IMG_20200521_123756.jpg
DNS Servers: 10.0.0.138
HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Policies\System => (ConsentPromptBehaviorAdmin: 5) (ConsentPromptBehaviorUser: 3) (EnableLUA: 1)
HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer => (SmartScreenEnabled: RequireAdmin)
Windows Firewall is enabled.

==================== MSCONFIG/TASK MANAGER disabled items ==

(If an entry is included in the fixlist, it will be removed.)

HKLM\...\StartupApproved\Run: => "SecurityHealth"
HKLM\...\StartupApproved\Run: => "WindowsDefender"
HKLM\...\StartupApproved\Run32: => "SecurityHealth"
HKLM\...\StartupApproved\Run32: => "WindowsDefender"
HKU\S-1-5-21-3829197068-2955107618-1151059083-1001\...\StartupApproved\Run: => "OneDrive"
HKU\S-1-5-21-3829197068-2955107618-1151059083-1001\...\StartupApproved\Run: => "AvastBrowserAutoLaunch_6F12923EB02AD11E91B5AF5FC2A0240C"
HKU\S-1-5-21-3829197068-2955107618-1151059083-1001\...\StartupApproved\Run: => "CCleaner Smart Cleaning"
HKU\S-1-5-21-3829197068-2955107618-1151059083-1001\...\StartupApproved\Run: => "Zoner Photo Studio Autoupdate"

==================== FirewallRules (Whitelisted) ================

(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)

FirewallRules: [UDP Query User{C0711B30-D3EA-4386-9F51-4CEF39293F80}C:\program files\mozilla firefox\firefox.exe] => (Block) C:\program files\mozilla firefox\firefox.exe (Mozilla Corporation -> Mozilla Corporation)
FirewallRules: [TCP Query User{B4817637-7AF7-4747-BBA9-5A2D8BEBFF1F}C:\program files\mozilla firefox\firefox.exe] => (Block) C:\program files\mozilla firefox\firefox.exe (Mozilla Corporation -> Mozilla Corporation)
FirewallRules: [UDP Query User{3E0DABE0-9F24-4D78-BA70-F1078169061C}C:\users\wow\appdata\roaming\bittorrent\bittorrent.exe] => (Block) C:\users\wow\appdata\roaming\bittorrent\bittorrent.exe (BitTorrent Inc -> BitTorrent Inc.)
FirewallRules: [TCP Query User{C67B52E9-E180-4A22-BC5B-D16E824E4486}C:\users\wow\appdata\roaming\bittorrent\bittorrent.exe] => (Block) C:\users\wow\appdata\roaming\bittorrent\bittorrent.exe (BitTorrent Inc -> BitTorrent Inc.)
FirewallRules: [{6E18ACE4-A7AB-4F16-99DC-EB75BEE3C474}] => (Allow) C:\Program Files\Mozilla Firefox\firefox.exe (Mozilla Corporation -> Mozilla Corporation)
FirewallRules: [{D826F392-DEBE-4E4D-BD2D-26A5FBD338C3}] => (Allow) C:\Program Files\Mozilla Firefox\firefox.exe (Mozilla Corporation -> Mozilla Corporation)
FirewallRules: [TCP Query User{51E6F166-45BF-4E73-B198-17F6D2E3E5C6}C:\users\wow\appdata\roaming\bittorrent\bittorrent.exe] => (Allow) C:\users\wow\appdata\roaming\bittorrent\bittorrent.exe (BitTorrent Inc -> BitTorrent Inc.)
FirewallRules: [UDP Query User{B43F2FAB-D3EB-4A22-A0EF-223F46811C43}C:\users\wow\appdata\roaming\bittorrent\bittorrent.exe] => (Allow) C:\users\wow\appdata\roaming\bittorrent\bittorrent.exe (BitTorrent Inc -> BitTorrent Inc.)
FirewallRules: [{4CA95690-EFB8-4BBF-91C0-1DFF79901928}] => (Allow) C:\Program Files\CCleaner\CCUpdate.exe (Piriform Software Ltd -> Piriform)
FirewallRules: [{7C89660B-0081-43D1-B52A-5848B3CF00A6}] => (Allow) C:\Program Files\CCleaner\CCUpdate.exe (Piriform Software Ltd -> Piriform)
FirewallRules: [{AE11DEAE-66CF-4EE6-AFE3-8FEADAB5289C}] => (Block) C:\Program Files\AVAST Software\Avast\AvastUI.exe (Avast Software s.r.o. -> AVAST Software)
FirewallRules: [{CB2F99ED-8A52-4660-89E0-BA3A804F5531}] => (Block) C:\Program Files\AVAST Software\Avast\AvastUI.exe (Avast Software s.r.o. -> AVAST Software)
FirewallRules: [{F79E1383-2879-4D0A-8F9C-77A9ED1A6AE1}] => (Block) C:\Program Files\AVAST Software\Avast\AvastUI.exe (Avast Software s.r.o. -> AVAST Software)
FirewallRules: [{99402519-7677-47FA-94B3-A5C1FF9972D2}] => (Block) C:\Program Files\AVAST Software\Avast\AvastUI.exe (Avast Software s.r.o. -> AVAST Software)
FirewallRules: [{8D8C7E9A-6B2A-4309-BB93-19A688F81C52}] => (Block) C:\Program Files\AVAST Software\Avast\AvastUI.exe (Avast Software s.r.o. -> AVAST Software)
FirewallRules: [{A73589B0-0E93-4C48-BC8B-D7CC23463980}] => (Block) C:\Program Files\AVAST Software\Avast\AvastUI.exe (Avast Software s.r.o. -> AVAST Software)
FirewallRules: [{ABAE4134-5AEA-476B-AFA3-067D46790231}] => (Block) C:\Program Files\AVAST Software\Avast\AvastUI.exe (Avast Software s.r.o. -> AVAST Software)
FirewallRules: [{363012F1-47D0-49F8-989E-D0A0DC515A79}] => (Block) C:\Program Files\AVAST Software\Avast\AvastUI.exe (Avast Software s.r.o. -> AVAST Software)
FirewallRules: [{9D93213A-EA93-421E-A7D4-11FAC23586DB}] => (Block) C:\Program Files\AVAST Software\Avast\AvastUI.exe (Avast Software s.r.o. -> AVAST Software)
FirewallRules: [{36D1B11F-E643-4A20-9C99-7B7DEBAD0D0A}] => (Block) C:\Program Files\AVAST Software\Avast\AvastUI.exe (Avast Software s.r.o. -> AVAST Software)
FirewallRules: [{3C4CE453-874E-4BDA-B0A7-AA8BBAEBFC20}] => (Allow) C:\Program Files (x86)\AVAST Software\Browser\Application\AvastBrowser.exe (Avast Software s.r.o. -> AVAST Software)
FirewallRules: [{2DFABA8C-4BD8-4C3D-8DD7-286289863EF3}] => (Allow) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe (Google LLC -> Google LLC)

==================== Restore Points =========================

12-11-2021 10:14:11 Windows Modules Installer
12-11-2021 10:18:52 Windows Modules Installer
12-11-2021 10:42:57 Windows Modules Installer
17-12-2021 10:38:58 Windows Modules Installer
17-12-2021 10:59:41 Windows Modules Installer
13-01-2022 09:53:26 Windows Modules Installer
14-01-2022 12:52:53 Windows Modules Installer
11-02-2022 10:31:00 Windows Modules Installer
11-02-2022 10:40:38 Windows Modules Installer
11-02-2022 13:32:18 Windows Modules Installer

==================== Faulty Device Manager Devices ============

==================== Event log errors: ========================

Application errors:
==================
Error: (02/11/2022 02:14:17 PM) (Source: SecurityCenter) (EventID: 17) (User: )
Description: Centru zabezpečení se nepodařilo ověřit volajícího s chybou %1.

Error: (02/11/2022 01:28:26 PM) (Source: Application Error) (EventID: 1000) (User: )
Description: Název chybující aplikace: FreemakeUtilsService.exe, verze: 1.0.0.0, časové razítko: 0x5f742b96
Název chybujícího modulu: KERNELBASE.dll, verze: 10.0.19041.1466, časové razítko: 0xc79f51a9
Kód výjimky: 0xe0434352
Posun chyby: 0x0012b662
ID chybujícího procesu: 0x1130
Čas spuštění chybující aplikace: 0x01d81f42daf15d78
Cesta k chybující aplikaci: C:\ProgramData\Freemake\FreemakeUtilsService\FreemakeUtilsService.exe
Cesta k chybujícímu modulu: C:\WINDOWS\System32\KERNELBASE.dll
ID zprávy: 019c2105-215d-4e7c-8a70-1d0ea0956776
Úplný název chybujícího balíčku:
ID aplikace související s chybujícím balíčkem:

Error: (02/11/2022 01:28:25 PM) (Source: .NET Runtime) (EventID: 1026) (User: )
Description: Application: FreemakeUtilsService.exe
Framework Version: v4.0.30319
Description: The process was terminated due to an unhandled exception.
Exception Info: System.IO.FileNotFoundException
at FreemakeUtilsService.Program.Main(System.String[])

Error: (02/11/2022 11:06:27 AM) (Source: VSS) (EventID: 8193) (User: )
Description: Chyba služby Stínová kopie svazků: Při volání rutiny CoCreateInstance došlo k neočekávané chybě. hr= 0x8007045b, A system shutdown is in progress.
.

Error: (02/11/2022 11:06:27 AM) (Source: VSS) (EventID: 13) (User: )
Description: Informace služby Stínová kopie svazku: Server COM s identifikátorem CLSID {4e14fba2-2e22-11d1-9964-00c04fbbb345} a názvem CEventSystem nelze spustit. [0x8007045b, A system shutdown is in progress.
]

Error: (02/11/2022 10:56:36 AM) (Source: Application Hang) (EventID: 1002) (User: )
Description: Program FRST64.exe verze 5.2.2022.0 přestal spolupracovat s Windows a byl ukončen. Pokud chcete zjistit, jestli je k dispozici více informací o tomto problému, vyhledejte historii problému na ovládacím panelu Zabezpečení a údržba.

ID procesu: 2fe0

Čas spuštění: 01d81f2d295c0b83

Čas ukončení: 60000

Cesta k aplikaci: D:\Programy\safety\FRST64.exe

ID hlášení: 64279cc0-48f9-4aeb-a90e-ed72270fdf67

Úplný název balíčku s chybou:

ID aplikace relativní podle balíčku s chybou:

Typ zablokování: Unknown

Error: (02/11/2022 10:27:10 AM) (Source: Application Error) (EventID: 1000) (User: )
Description: Název chybující aplikace: FreemakeUtilsService.exe, verze: 1.0.0.0, časové razítko: 0x5f742b96
Název chybujícího modulu: KERNELBASE.dll, verze: 10.0.19041.1466, časové razítko: 0xc79f51a9
Kód výjimky: 0xe0434352
Posun chyby: 0x0012b662
ID chybujícího procesu: 0xe5c
Čas spuštění chybující aplikace: 0x01d81f29895ba75c
Cesta k chybující aplikaci: C:\ProgramData\Freemake\FreemakeUtilsService\FreemakeUtilsService.exe
Cesta k chybujícímu modulu: C:\WINDOWS\System32\KERNELBASE.dll
ID zprávy: 2dd8b837-af5c-4ea2-8205-9f02935def8b
Úplný název chybujícího balíčku:
ID aplikace související s chybujícím balíčkem:

Error: (02/11/2022 10:27:07 AM) (Source: .NET Runtime) (EventID: 1026) (User: )
Description: Application: FreemakeUtilsService.exe
Framework Version: v4.0.30319
Description: The process was terminated due to an unhandled exception.
Exception Info: System.IO.FileNotFoundException
at FreemakeUtilsService.Program.Main(System.String[])

System errors:
=============
Error: (02/11/2022 01:28:33 PM) (Source: Service Control Manager) (EventID: 7000) (User: )
Description: Služba Freemake Improver neuspěla při spuštění v důsledku následující chyby:
Služba neodpověděla na řídicí nebo zahajovací požadavek dostatečně včas.

Error: (02/11/2022 01:28:33 PM) (Source: Service Control Manager) (EventID: 7009) (User: )
Description: Při čekání na připojení služby Freemake Improver bylo dosaženo časového limitu (45000 ms).

Error: (02/11/2022 11:06:55 AM) (Source: Service Control Manager) (EventID: 7011) (User: )
Description: Při čekání na odezvu transakce služby AppXSvc bylo dosaženo časového limitu (30000 ms).

Error: (02/11/2022 11:06:24 AM) (Source: Service Control Manager) (EventID: 7043) (User: )
Description: Služba Windows Update se po přijetí pokynu pro vypnutí neukončila správně.

Error: (02/11/2022 10:57:24 AM) (Source: DCOM) (EventID: 10010) (User: DESKTOP-89RL4UG)
Description: Server Microsoft.ZuneVideo_10.21111.10511.0_x64__8wekyb3d8bbwe!Microsoft.ZuneVideo.AppXjgy0dfr6tssa93yj5px65cbv2gsc8r39.mca se v daném časovém limitu neregistroval u služby DCOM.

Error: (02/11/2022 10:27:18 AM) (Source: Service Control Manager) (EventID: 7000) (User: )
Description: Služba Freemake Improver neuspěla při spuštění v důsledku následující chyby:
Služba neodpověděla na řídicí nebo zahajovací požadavek dostatečně včas.

Error: (02/11/2022 10:27:18 AM) (Source: Service Control Manager) (EventID: 7009) (User: )
Description: Při čekání na připojení služby Freemake Improver bylo dosaženo časového limitu (45000 ms).

Error: (02/10/2022 04:14:04 PM) (Source: Service Control Manager) (EventID: 7000) (User: )
Description: Služba Freemake Improver neuspěla při spuštění v důsledku následující chyby:
Služba neodpověděla na řídicí nebo zahajovací požadavek dostatečně včas.

CodeIntegrity:
===============
Date: 2022-02-11 14:42:44
Description:
Code Integrity determined that a process (\Device\HarddiskVolume3\Windows\System32\svchost.exe) attempted to load \Device\HarddiskVolume3\Program Files\AVAST Software\Avast\aswAMSI.dll that did not meet the Windows signing level requirements.

Date: 2022-02-11 14:29:14
Description:
Code Integrity determined that a process (\Device\HarddiskVolume3\Program Files\AVAST Software\Avast\AvastSvc.exe) attempted to load \Device\HarddiskVolume3\Program Files\Common Files\microsoft shared\OFFICE12\MSOXMLMF.DLL that did not meet the Custom 3 / Antimalware signing level requirements.

Date: 2022-02-11 14:14:18
Description:
Code Integrity determined that a process (\Device\HarddiskVolume3\Program Files\Windows Defender\MpCmdRun.exe) attempted to load \Device\HarddiskVolume3\Program Files\AVAST Software\Avast\aswAMSI.dll that did not meet the Microsoft signing level requirements.

==================== Memory info ===========================

BIOS: LENOVO M0KKT17A 08/20/2015
Motherboard: LENOVO SHARKBAY
Processor: Intel(R) Pentium(R) CPU G3260 @ 3.30GHz
Percentage of memory in use: 77%
Total physical RAM: 4005.27 MB
Available physical RAM: 907.52 MB
Total Virtual: 6532.09 MB
Available Virtual: 2207.75 MB

==================== Drives ================================

Drive c: (Windows) (Fixed) (Total:411.39 GB) (Free:306.35 GB) NTFS ==>[system with boot components (obtained from drive)]
Drive d: (Back) (Fixed) (Total:488.28 GB) (Free:399.45 GB) NTFS
Drive g: (Google Drive) (Fixed) (Total:15 GB) (Free:11.35 GB) FAT32
Drive l: (KINGSTON) (Removable) (Total:28.85 GB) (Free:25.99 GB) FAT32

\\?\Volume{5c54ca0b-3d03-42ee-bf86-f01bfb318e30}\ (WinRE_DRV) (Fixed) (Total:0.98 GB) (Free:0.49 GB) NTFS
\\?\Volume{5e2dc3bb-2067-4d79-81ea-aa2a9ec717e1}\ (LENOVO_PART) (Fixed) (Total:30 GB) (Free:17.25 GB) NTFS
\\?\Volume{d4fd223c-2cf9-4313-a8e0-2b06e7cec4a5}\ (SYSTEM) (Fixed) (Total:0.25 GB) (Free:0.22 GB) FAT32

==================== MBR & Partition Table ====================

==========================================================
Disk: 0 (Size: 931.5 GB) (Disk ID: E7B780F0)

Partition: GPT.

==========================================================
Disk: 1 (MBR Code: Windows XP) (Size: 28.9 GB) (Disk ID: 77E40D7F)
Partition 1: (Active) - (Size=28.9 GB) - (Type=0C)

==================== End of Addition.txt =======================

#2 Příspěvek od **Rudy** » 12 úno 2022 16:23

Zdravím!
Spousťte tuto utilitu:

lozte na plochu AdwCleaner https://malwarebytes.com/adwcleaner/ nebo http://www.bleepingcomputer.com/download/adwcleaner/

ukoncete vsechny programy
odsouhlaste licencni podmiky (EULA) klikem na Souhlasim
kliknete pravym na ikonu AdwCleaneru a vyberte Spustit jako spravce (v pripade Win XP spustte obycejne dvojklikem)
kliknete na Skenovat nyni (Scan now), pote na Cisteni a opravy (Clean and Repair)
po restartu na Vas vyskoci log (pripadne jej najdete v C:\AdwCleaner\Logs\AdwCleaner[Cxx].txt), jehoz obsah zkopirujte do pristi odpovedi

mlzd · #3 Příspěvek od **mlzd** » 13 úno 2022 10:10

# -------------------------------
# Malwarebytes AdwCleaner 8.3.1.0
# -------------------------------
# Build: 11-18-2021
# Database: 2022-02-03.4 (Cloud)
# Support: https://www.malwarebytes.com/support
#
# -------------------------------
# Mode: Clean
# -------------------------------
# Start: 02-13-2022
# Duration: 00:00:04
# OS: Windows 10 Home
# Cleaned: 0
# Failed: 0

***** [ Services ] *****

No malicious services cleaned.

***** [ Folders ] *****

No malicious folders cleaned.

***** [ Files ] *****

No malicious files cleaned.

***** [ DLL ] *****

No malicious DLLs cleaned.

***** [ WMI ] *****

No malicious WMI cleaned.

***** [ Shortcuts ] *****

No malicious shortcuts cleaned.

***** [ Tasks ] *****

No malicious tasks cleaned.

***** [ Registry ] *****

No malicious registry entries cleaned.

***** [ Chromium (and derivatives) ] *****

No malicious Chromium entries cleaned.

***** [ Chromium URLs ] *****

No malicious Chromium URLs cleaned.

***** [ Firefox (and derivatives) ] *****

No malicious Firefox entries cleaned.

***** [ Firefox URLs ] *****

No malicious Firefox URLs cleaned.

***** [ Hosts File Entries ] *****

No malicious hosts file entries cleaned.

***** [ Preinstalled Software ] *****

No Preinstalled Software cleaned.

*************************

[+] Delete Tracing Keys
[+] Reset Winsock

*************************

AdwCleaner[S00].txt - [1950 octets] - [15/10/2020 11:56:14]
AdwCleaner[C00].txt - [2028 octets] - [15/10/2020 11:57:01]
AdwCleaner[S01].txt - [1528 octets] - [20/10/2020 22:55:22]
AdwCleaner[S02].txt - [1589 octets] - [01/11/2020 09:46:33]
AdwCleaner[S03].txt - [1650 octets] - [01/11/2020 09:47:41]
AdwCleaner[S04].txt - [1711 octets] - [01/11/2020 09:48:19]
AdwCleaner[S05].txt - [1772 octets] - [15/01/2021 12:09:59]
AdwCleaner[S06].txt - [1833 octets] - [15/01/2021 12:11:51]
AdwCleaner[S07].txt - [1893 octets] - [15/02/2021 14:01:22]
AdwCleaner[S08].txt - [1955 octets] - [15/04/2021 09:14:54]
AdwCleaner[S09].txt - [2016 octets] - [15/04/2021 09:16:04]
AdwCleaner[S10].txt - [2077 octets] - [19/05/2021 11:08:25]
AdwCleaner[S11].txt - [2138 octets] - [19/05/2021 11:09:37]
AdwCleaner[S12].txt - [2199 octets] - [19/05/2021 11:11:19]
AdwCleaner[S13].txt - [2260 octets] - [19/05/2021 11:11:58]
AdwCleaner[S14].txt - [2321 octets] - [13/06/2021 13:31:41]
AdwCleaner[S15].txt - [2382 octets] - [12/09/2021 13:16:54]
AdwCleaner[S16].txt - [2443 octets] - [12/09/2021 13:18:24]
AdwCleaner[S17].txt - [2504 octets] - [17/11/2021 11:33:05]
AdwCleaner[S18].txt - [2565 octets] - [17/11/2021 11:33:21]
AdwCleaner[C18].txt - [2755 octets] - [17/11/2021 11:33:50]
AdwCleaner[S19].txt - [2687 octets] - [18/11/2021 11:34:09]
AdwCleaner[S20].txt - [2748 octets] - [05/02/2022 00:14:40]
AdwCleaner[S21].txt - [2809 octets] - [05/02/2022 00:15:18]
AdwCleaner[S22].txt - [2870 octets] - [13/02/2022 10:07:58]

########## EOF - C:\AdwCleaner\Logs\AdwCleaner[C22].txt ##########

#4 Příspěvek od **Rudy** » 13 úno 2022 11:21

Toto je OK. Otevřte poznámkový blok a zkopírujte do něj:

Start

CloseProcesses:
HKU\S-1-5-21-3829197068-2955107618-1151059083-1001\...\MountPoints2: {c238881e-3093-11e7-9bcb-b8aeed9e8c33} - "F:\WD Drive Unlock.exe" autoplay=true
HKU\S-1-5-21-3829197068-2955107618-1151059083-1001\...\Run: [Zoner Photo Studio Autoupdate] => "D:\Photo Studio 17\Program32\ZPSTRAY.EXE" (No File)
HKLM\SOFTWARE\Policies\Mozilla\Firefox: Restriction <==== ATTENTION
Task: {4419F48C-F12E-42E2-86CD-52897B9729C3} - System32\Tasks\GoogleUpdateTaskMachineUA => C:\Program Files (x86)\Google\Update\GoogleUpdate.exe [153168 2017-05-04] (Google Inc -> Google Inc.)
Task: {93DEB2A7-22B6-4831-B211-053B472111FE} - System32\Tasks\GoogleUpdateTaskMachineCore => C:\Program Files (x86)\Google\Update\GoogleUpdate.exe [153168 2017-05-04] (Google Inc -> Google Inc.)
C:\WINDOWS\system32\Tasks\GoogleUpdateTaskMachineUA
C:\WINDOWS\system32\Tasks\GoogleUpdateTaskMachineCore
C:\WINDOWS\system32\{A6D608F0-0BDE-491A-97AE-5C4B05D86E01}.bat
C:\Users\wow\AppData\Local\{D776AA14-D752-4F04-BED3-8CE7F067DD8B}

EmptyTemp:
Hosts:
End

Uložte na plochu jako fixlist.txt. Spusťte znovu FRST a klikněte na >Fix<. Po skončení akce se objeví log, který sem zkopírujte.

mlzd · #5 Příspěvek od **mlzd** » 13 úno 2022 16:04

Fix result of Farbar Recovery Scan Tool (x64) Version: 05-02-2022
Ran by wow (13-02-2022 15:57:16) Run:1
Running from C:\Users\wow\Desktop
Loaded Profiles: wow
Boot Mode: Normal
==============================================

fixlist content:
*****************
Start

CloseProcesses:
HKU\S-1-5-21-3829197068-2955107618-1151059083-1001\...\MountPoints2: {c238881e-3093-11e7-9bcb-b8aeed9e8c33} - "F:\WD Drive Unlock.exe" autoplay=true
HKU\S-1-5-21-3829197068-2955107618-1151059083-1001\...\Run: [Zoner Photo Studio Autoupdate] => "D:\Photo Studio 17\Program32\ZPSTRAY.EXE" (No File)
HKLM\SOFTWARE\Policies\Mozilla\Firefox: Restriction <==== ATTENTION
Task: {4419F48C-F12E-42E2-86CD-52897B9729C3} - System32\Tasks\GoogleUpdateTaskMachineUA => C:\Program Files (x86)\Google\Update\GoogleUpdate.exe [153168 2017-05-04] (Google Inc -> Google Inc.)
Task: {93DEB2A7-22B6-4831-B211-053B472111FE} - System32\Tasks\GoogleUpdateTaskMachineCore => C:\Program Files (x86)\Google\Update\GoogleUpdate.exe [153168 2017-05-04] (Google Inc -> Google Inc.)
C:\WINDOWS\system32\Tasks\GoogleUpdateTaskMachineUA
C:\WINDOWS\system32\Tasks\GoogleUpdateTaskMachineCore
C:\WINDOWS\system32\{A6D608F0-0BDE-491A-97AE-5C4B05D86E01}.bat
C:\Users\wow\AppData\Local\{D776AA14-D752-4F04-BED3-8CE7F067DD8B}

EmptyTemp:
Hosts:
End
*****************

Processes closed successfully.
HKU\S-1-5-21-3829197068-2955107618-1151059083-1001\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\MountPoints2\{c238881e-3093-11e7-9bcb-b8aeed9e8c33} => removed successfully
"HKU\S-1-5-21-3829197068-2955107618-1151059083-1001\Software\Microsoft\Windows\CurrentVersion\Run\\Zoner Photo Studio Autoupdate" => removed successfully
HKLM\SOFTWARE\Policies\Mozilla => removed successfully
"HKLM\Software\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Plain\{4419F48C-F12E-42E2-86CD-52897B9729C3}" => removed successfully
"HKLM\Software\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tasks\{4419F48C-F12E-42E2-86CD-52897B9729C3}" => removed successfully
C:\WINDOWS\System32\Tasks\GoogleUpdateTaskMachineUA => moved successfully
"HKLM\Software\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tree\GoogleUpdateTaskMachineUA" => removed successfully
"HKLM\Software\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Logon\{93DEB2A7-22B6-4831-B211-053B472111FE}" => removed successfully
"HKLM\Software\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tasks\{93DEB2A7-22B6-4831-B211-053B472111FE}" => removed successfully
C:\WINDOWS\System32\Tasks\GoogleUpdateTaskMachineCore => moved successfully
"HKLM\Software\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tree\GoogleUpdateTaskMachineCore" => removed successfully
"C:\WINDOWS\system32\Tasks\GoogleUpdateTaskMachineUA" => not found
"C:\WINDOWS\system32\Tasks\GoogleUpdateTaskMachineCore" => not found
C:\WINDOWS\system32\{A6D608F0-0BDE-491A-97AE-5C4B05D86E01}.bat => moved successfully
C:\Users\wow\AppData\Local\{D776AA14-D752-4F04-BED3-8CE7F067DD8B} => moved successfully
C:\Windows\System32\Drivers\etc\hosts => moved successfully
Hosts restored successfully.

=========== EmptyTemp: ==========

BITS transfer queue => 1310720 B
DOMStore, IE Recovery, AppCache, Feeds Cache, Thumbcache, IconCache => 10585654 B
Java, Flash, Steam htmlcache => 0 B
Windows/system/drivers => 48939 B
Edge => 0 B
Chrome => 191466 B
Firefox => 89589133 B
Opera => 0 B

Temp, IE cache, history, cookies, recent:
Default => 0 B
ProgramData => 0 B
Public => 0 B
systemprofile => 0 B
systemprofile32 => 0 B
LocalService => 639468 B
NetworkService => 639468 B
wow => 1941158 B

RecycleBin => 772182 B
EmptyTemp: => 100.8 MB temporary data Removed.

================================

The system needed a reboot.

==== End of Fixlog 15:57:59 ====

#6 Příspěvek od **Rudy** » 13 úno 2022 16:36

Smazáno. Nastala nějaká změna?

mlzd · #7 Příspěvek od **mlzd** » 14 úno 2022 10:26

Určitě znatelná změna k lepšímu.
Po zapnutí se PC mnohem dřív "zklidní", rychleji reaguje... Myslím, že jsem spokojen a moc díky!! Zdenek.

#8 Příspěvek od **Rudy** » 14 úno 2022 14:09

Rádo se stalo!

VIRY.CZ

Prosím o kontrolu

Prosím o kontrolu

Re: Prosím o kontrolu

Re: Prosím o kontrolu

Re: Prosím o kontrolu

Re: Prosím o kontrolu

Re: Prosím o kontrolu

Re: Prosím o kontrolu

Re: Prosím o kontrolu