Odvirování PC, zrychlení počítače, vzdálená pomoc prostřednictvím služby neslape.cz

Kontrolu logu, prosím - zdlouhavé načítání

Nemáte v tuto chvíli žádný problém s pc a chcete se jen ujistit, že je vše v pořádku?
Vložte log z FRST nebo RSIT.

Moderátor: Moderátoři

Pravidla fóra
Pokud chcete pomoc, vložte log z FRST [návod zde] nebo RSIT [návod zde]

Jednotlivé thready budou po vyřešení uzamčeny. Stejně tak ty, které budou nečinné déle než 14 dní. Vizte Pravidlo o zamykání témat. Děkujeme za pochopení.

!NOVINKA!
Nově lze využívat služby vzdálené pomoci, kdy se k vašemu počítači připojí odborník a bližší informace o problému si od vás získá telefonicky! Více na www.neslape.cz
Zamčeno
Zpráva
Autor
mlzd
Návštěvník
Návštěvník
Příspěvky: 114
Registrován: 02 led 2005 00:36
Bydliště: VDF

Kontrolu logu, prosím - zdlouhavé načítání

#1 Příspěvek od mlzd »

Zdravím! Asi se numusí jednat o vir, ale v poslední době mi nějak PC zdlouhavě načítá něco na pozadí a vytěžuje dost procesor. Děkuji předem za kontrolu a poskytnutou radu. Zdenek

Scan result of Farbar Recovery Scan Tool (FRST) (x64) Version: 11-10-2020
Ran by wow (administrator) on DESKTOP-89RL4UG (LENOVO 90F1001ECK) (14-10-2020 12:48:48)
Running from C:\Users\wow\Desktop
Loaded Profiles: wow
Platform: Windows 10 Home Version 2004 19041.508 (X64) Language: Angličtina (Spojené státy)
Default browser: FF
Boot Mode: Normal
Tutorial for Farbar Recovery Scan Tool: http://www.geekstogo.com/forum/topic/33 ... scan-tool/

==================== Processes (Whitelisted) =================

(If an entry is included in the fixlist, the process will be closed. The file will not be moved.)

() [File not signed] C:\Program Files\Lenovo\Lenovo Slim USB Keyboard\Sks8821.exe
(AVAST Software s.r.o. -> AVAST Software) C:\Program Files (x86)\AVAST Software\Browser\Update\1.4.154.333\AvastBrowserCrashHandler.exe
(AVAST Software s.r.o. -> AVAST Software) C:\Program Files (x86)\AVAST Software\Browser\Update\1.4.154.333\AvastBrowserCrashHandler64.exe
(Avast Software s.r.o. -> AVAST Software) C:\Program Files\AVAST Software\Avast\aswEngSrv.exe
(Avast Software s.r.o. -> AVAST Software) C:\Program Files\AVAST Software\Avast\aswidsagent.exe
(Avast Software s.r.o. -> AVAST Software) C:\Program Files\AVAST Software\Avast\AvastSvc.exe
(Avast Software s.r.o. -> AVAST Software) C:\Program Files\AVAST Software\Avast\AvastUI.exe <3>
(Avast Software s.r.o. -> AVAST Software) C:\Program Files\AVAST Software\Avast\wsc_proxy.exe
(Google LLC -> ) C:\Program Files\Google\Drive\googledrivesync.exe <2>
(Google LLC -> Google LLC) C:\Program Files (x86)\Google\Update\1.3.35.452\GoogleCrashHandler.exe
(Google LLC -> Google LLC) C:\Program Files (x86)\Google\Update\1.3.35.452\GoogleCrashHandler64.exe
(Malwarebytes Inc -> Malwarebytes) C:\Program Files\Malwarebytes\Anti-Malware\MBAMService.exe
(Malwarebytes Inc -> Malwarebytes) C:\Program Files\Malwarebytes\Anti-Malware\mbamtray.exe
(Microsoft Corporation -> Microsoft Corporation) C:\Windows\Microsoft.NET\Framework64\v3.0\WPF\PresentationFontCache.exe
(Microsoft Windows -> Microsoft Corporation) C:\Windows\ImmersiveControlPanel\SystemSettings.exe
(Microsoft Windows -> Microsoft Corporation) C:\Windows\System32\oobe\UserOOBEBroker.exe
(Microsoft Windows -> Microsoft Corporation) C:\Windows\System32\smartscreen.exe
(Mozilla Corporation -> Mozilla Corporation) C:\Program Files\Mozilla Firefox\firefox.exe <7>
(Realtek Semiconductor Corp -> Realtek Semiconductor) C:\Program Files\Realtek\Audio\HDA\RAVBg64.exe
(Realtek Semiconductor Corp -> Realtek Semiconductor) C:\Program Files\Realtek\Audio\HDA\RAVCpl64.exe

==================== Registry (Whitelisted) ===================

(If an entry is included in the fixlist, the registry item will be restored to default or removed. The file will not be moved.)

HKLM\...\Run: [Skd8821] => C:\Program Files\Lenovo\Lenovo Slim USB Keyboard\Skd8821.exe [2203648 2015-07-24] (LITE-ON TECHNOLOGY CORP.) [File not signed]
HKLM\...\Run: [AvastUI.exe] => C:\Program Files\AVAST Software\Avast\AvLaunch.exe [109160 2020-09-22] (Avast Software s.r.o. -> AVAST Software)
HKLM\...\Run: [AdobeGCInvoker-1.0] => C:\Program Files (x86)\Common Files\Adobe\AdobeGCClient\AGCInvokerUtility.exe [3325520 2020-06-04] (Adobe Inc. -> Adobe Systems, Incorporated)
HKLM\...\Run: [UMonit] => C:\WINDOWS\SysWOW64\UMonit64.exe [53832 2015-07-15] (Microsoft Windows Hardware Compatibility Publisher -> )
HKLM-x32\...\Run: [GrooveMonitor] => C:\Program Files (x86)\Microsoft Office\Office12\GrooveMonitor.exe [30040 2009-02-26] (Microsoft Corporation -> Microsoft Corporation)
HKU\S-1-5-21-3829197068-2955107618-1151059083-1001\...\Run: [GoogleDriveSync] => C:\Program Files\Google\Drive\googledrivesync.exe [48737752 2020-09-09] (Google LLC -> )
HKU\S-1-5-21-3829197068-2955107618-1151059083-1001\...\Run: [AvastBrowserAutoLaunch_6F12923EB02AD11E91B5AF5FC2A0240C] => C:\Program Files (x86)\AVAST Software\Browser\Application\AvastBrowser.exe [1910664 2020-09-09] (Avast Software s.r.o. -> AVAST Software)
HKU\S-1-5-21-3829197068-2955107618-1151059083-1001\...\Run: [CCleaner Smart Cleaning] => C:\Program Files\CCleaner\CCleaner64.exe [30870200 2020-09-22] (Piriform Software Ltd -> Piriform Software Ltd)
HKU\S-1-5-21-3829197068-2955107618-1151059083-1001\...\Run: [Zoner Photo Studio Autoupdate] => C:\Program Files\Zoner\Photo Studio 17\Program32\ZPSTRAY.EXE [563416 2015-07-12] (ZONER software, a.s. -> ZONER software)
HKU\S-1-5-21-3829197068-2955107618-1151059083-1001\...\MountPoints2: {c238881e-3093-11e7-9bcb-b8aeed9e8c33} - "F:\WD Drive Unlock.exe" autoplay=true
HKLM\Software\Microsoft\Active Setup\Installed Components: [{8A69D345-D564-463c-AFF1-A69D9E530F96}] -> C:\Program Files (x86)\Google\Chrome\Application\86.0.4240.75\Installer\chrmstp.exe [2020-10-08] (Google LLC -> Google LLC)
HKLM\Software\Wow6432Node\Microsoft\Active Setup\Installed Components: [{30C521FB-255B-46C8-9F0D-EE5AE371C9AA}] -> C:\Program Files (x86)\AVAST Software\Browser\Application\85.0.5814.102\Installer\chrmstp.exe [2020-09-22] (Avast Software s.r.o. -> AVAST Software)
HKLM\SOFTWARE\Policies\Mozilla\Firefox: Restriction <==== ATTENTION
HKLM\SOFTWARE\Policies\Google: Restriction <==== ATTENTION

==================== Scheduled Tasks (Whitelisted) ============

(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)

Task: {0B027715-E8F3-471C-8E12-38A46BB1B152} - System32\Tasks\RTKCPL => C:\Program Files\Realtek\Audio\HDA\RAVCpl64.exe [14021336 2015-06-18] (Realtek Semiconductor Corp -> Realtek Semiconductor)
Task: {1F384BCA-F7BC-4900-8EC0-5EFF9A6E64A2} - System32\Tasks\Avast Secure Browser Heartbeat Task (Logon) => C:\Program Files (x86)\AVAST Software\Browser\Application\AvastBrowser.exe [1910664 2020-09-09] (Avast Software s.r.o. -> AVAST Software)
Task: {2B37EC79-DC0B-40B9-BFB7-2868DF6E9C49} - System32\Tasks\AdobeGCInvoker-1.0 => C:\Program Files (x86)\Common Files\Adobe\AdobeGCClient\AGCInvokerUtility.exe [3325520 2020-06-04] (Adobe Inc. -> Adobe Systems, Incorporated)
Task: {332BEADE-FA59-4DE0-A8AE-703E098EF9EE} - System32\Tasks\Lenovo\Lenovo Customer Feedback Program 64 35 => C:\Program Files (x86)\Lenovo\Customer Feedback Program 35\Lenovo.TVT.CustomerFeedback.Agent35.exe [16832 2015-07-02] (LENOVO -> Lenovo)
Task: {3604CD51-66DB-41D2-BE66-177777A8D7EF} - System32\Tasks\Avast Software\Overseer => C:\Program Files\Common Files\Avast Software\Overseer\overseer.exe [1741416 2020-09-18] (Avast Software s.r.o. -> Avast Software)
Task: {376BF646-AAB3-4006-BEF8-63BEFDC4FF3A} - System32\Tasks\Avast Secure Browser Heartbeat Task (Hourly) => C:\Program Files (x86)\AVAST Software\Browser\Application\AvastBrowser.exe [1910664 2020-09-09] (Avast Software s.r.o. -> AVAST Software)
Task: {3CA42C64-BB1B-4A4F-910E-D797E5FEBC39} - System32\Tasks\RtHDVBg_LENOVO_MICPKEY => C:\Program Files\Realtek\Audio\HDA\RAVBg64.exe [1393880 2015-04-28] (Realtek Semiconductor Corp -> Realtek Semiconductor)
Task: {5853D4A8-F101-4BD6-8222-1D11E87D930D} - System32\Tasks\CCleanerSkipUAC => C:\Program Files\CCleaner\CCleaner.exe [25492152 2020-09-22] (Piriform Software Ltd -> Piriform Software Ltd)
Task: {5FACED1A-309F-4D22-AB86-B4A1F8455210} - System32\Tasks\Adobe Acrobat Update Task => C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\AdobeARM.exe [1341008 2020-09-06] (Adobe Inc. -> Adobe Inc.)
Task: {682FA09C-6ECB-4EC5-AF92-A8247A922FD3} - System32\Tasks\Lenovo\Experience Improvement => C:\Program Files\Lenovo\ExperienceImprovement\LenovoExperienceImprovement.exe
Task: {68D983E9-833D-4429-882D-2110821B6919} - System32\Tasks\CCleaner Update => C:\Program Files\CCleaner\CCUpdate.exe [686384 2020-09-22] (Piriform Software Ltd -> Piriform Software Ltd)
Task: {6910D012-B236-413F-91E3-E3E7F31B80B1} - System32\Tasks\Microsoft\Windows Live\SOXE\Extractor Definitions Update Task => {3519154C-227E-47F3-9CC9-12C3F05817F1}
Task: {6950C17C-B842-4F7D-9124-7E02A3B2EAFB} - System32\Tasks\AdobeAAMUpdater-1.0-DESKTOP-89RL4UG-wow => C:\Program Files (x86)\Common Files\Adobe\OOBE\PDApp\UWA\UpdaterStartupUtility.exe
Task: {8099E23A-872C-4308-94AB-E51546340684} - System32\Tasks\GoogleUpdateTaskMachineCore => C:\Program Files (x86)\Google\Update\GoogleUpdate.exe [153168 2017-05-04] (Google Inc -> Google Inc.)
Task: {80E825D2-0663-4575-97D1-B7C2950BD93B} - System32\Tasks\Adobe Flash Player Updater => C:\WINDOWS\SysWOW64\Macromed\Flash\FlashPlayerUpdateService.exe [335416 2020-09-12] (Adobe Inc. -> Adobe)
Task: {B69FD22A-9A0C-441C-B60C-2C1F9C81D3F3} - System32\Tasks\AvastUpdateTaskMachineUA => C:\Program Files (x86)\AVAST Software\Browser\Update\AvastBrowserUpdate.exe [164984 2018-07-08] (AVAST Software s.r.o. -> AVAST Software)
Task: {BFF500AA-A1F8-4461-8B39-991B0538D9B0} - System32\Tasks\AVAST Software\Avast settings backup => C:\Program Files\Common Files\AV\avast! Antivirus\backup.exe
Task: {C2410997-5690-4741-8B79-B0B53E96DF62} - System32\Tasks\Mozilla\Firefox Default Browser Agent 308046B0AF4A39CB => C:\Program Files\Mozilla Firefox\default-browser-agent.exe [664784 2020-10-02] (Mozilla Corporation -> Mozilla Foundation)
Task: {D32679CA-202F-495E-BDC5-25DA16392DDA} - System32\Tasks\AvastUpdateTaskMachineCore => C:\Program Files (x86)\AVAST Software\Browser\Update\AvastBrowserUpdate.exe [164984 2018-07-08] (AVAST Software s.r.o. -> AVAST Software)
Task: {D921ED68-211B-4E87-8CD1-D966195A8B45} - System32\Tasks\Microsoft\Windows\PLA\LSC Memory => C:\Windows\system32\rundll32.exe C:\Windows\system32\pla.dll,PlaHost "LSC Memory" "$(Arg0)"
Task: {DAB66E47-0302-4E9D-8B6D-AD33F73694F0} - System32\Tasks\Avast Emergency Update => C:\Program Files\AVAST Software\Avast\AvEmUpdate.exe [3850336 2020-09-22] (Avast Software s.r.o. -> AVAST Software)
Task: {E8961676-42B6-4068-BE5D-4C9690304F05} - System32\Tasks\GoogleUpdateTaskMachineUA => C:\Program Files (x86)\Google\Update\GoogleUpdate.exe [153168 2017-05-04] (Google Inc -> Google Inc.)
Task: {F5739B75-3C77-4231-BDC8-A478EB653E69} - System32\Tasks\Adobe Flash Player NPAPI Notifier => C:\WINDOWS\SysWOW64\Macromed\Flash\FlashUtil32_32_0_0_433_Plugin.exe [1502264 2020-09-12] (Adobe Inc. -> Adobe)

(If an entry is included in the fixlist, the task (.job) file will be moved. The file which is running by the task will not be moved.)


==================== Internet (Whitelisted) ====================

(If an item is included in the fixlist, if it is a registry item it will be removed or restored to default.)

Tcpip\Parameters: [DhcpNameServer] 10.0.0.138
Tcpip\..\Interfaces\{39597aef-b25c-4b33-9f95-6ddc1c9a2f2a}: [DhcpNameServer] 10.0.0.138

Edge:
======
Edge Profile: C:\Users\wow\AppData\Local\Microsoft\Edge\User Data\Default [2020-10-12]
Edge StartupUrls: Default -> "hxxps://www.chess.com/club/czechoslovakia-team"

FireFox:
========
FF DefaultProfile: sex1ek5a.default
FF ProfilePath: C:\Users\wow\AppData\Roaming\Mozilla\Firefox\Profiles\sex1ek5a.default [2020-10-14]
FF Homepage: Mozilla\Firefox\Profiles\sex1ek5a.default -> hxxps://www.seznam.cz/
FF Extension: (No Name) - C:\Users\wow\AppData\Roaming\Mozilla\Firefox\Profiles\sex1ek5a.default\extensions\{ea614400-e918-4741-9a97-7a972ff7c30b} [not found]
FF ProfilePath: C:\Users\wow\AppData\Roaming\KompoZer\Profiles\qhlhqfx9.default [2018-04-30]
FF Plugin: @adobe.com/FlashPlayer -> C:\WINDOWS\system32\Macromed\Flash\NPSWF64_32_0_0_433.dll [2020-09-12] (Adobe Inc. -> )
FF Plugin-x32: @adobe.com/FlashPlayer -> C:\WINDOWS\SysWOW64\Macromed\Flash\NPSWF32_32_0_0_433.dll [2020-09-12] (Adobe Inc. -> )
FF Plugin-x32: @intel-webapi.intel.com/Intel WebAPI ipt;version=4.0.68 -> C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\IPT\npIntelWebAPIIPT.dll [2015-04-21] (Intel(R) Identity Protection Technology Software -> Intel Corporation)
FF Plugin-x32: @intel-webapi.intel.com/Intel WebAPI updater -> C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\IPT\npIntelWebAPIUpdater.dll [2015-04-21] (Intel(R) Identity Protection Technology Software -> Intel Corporation)
FF Plugin-x32: @microsoft.com/WLPG,version=16.4.3528.0331 -> C:\Program Files (x86)\Windows Live\Photo Gallery\NPWLPG.dll [2014-03-31] (Microsoft Corporation -> Microsoft Corporation)
FF Plugin-x32: Adobe Reader -> C:\Program Files (x86)\Adobe\Acrobat Reader DC\Reader\AIR\nppdf32.dll [2020-09-11] (Adobe Inc. -> Adobe Systems Inc.)

Chrome:
=======
CHR Profile: C:\Users\wow\AppData\Local\Google\Chrome\User Data\Default [2020-10-13]
CHR Extension: (Slides) - C:\Users\wow\AppData\Local\Google\Chrome\User Data\Default\Extensions\aapocclcgogkmnckokdopfmhonfmgoek [2017-10-18]
CHR Extension: (Docs) - C:\Users\wow\AppData\Local\Google\Chrome\User Data\Default\Extensions\aohghmighlieiainnegkcijnfilokake [2017-10-18]
CHR Extension: (Google Drive) - C:\Users\wow\AppData\Local\Google\Chrome\User Data\Default\Extensions\apdfllckaahabafndbhieahigkjlhalf [2017-05-04]
CHR Extension: (YouTube) - C:\Users\wow\AppData\Local\Google\Chrome\User Data\Default\Extensions\blpcfgokakmgnkcojhhkbfbldkacnbeo [2017-05-04]
CHR Extension: (Sheets) - C:\Users\wow\AppData\Local\Google\Chrome\User Data\Default\Extensions\felcaaldnbdncclmgdcncolpebgiejap [2017-10-18]
CHR Extension: (Google Docs Offline) - C:\Users\wow\AppData\Local\Google\Chrome\User Data\Default\Extensions\ghbmnnjooekpmoecnnnilnnbdlolhkhi [2020-09-17]
CHR Extension: (Application Launcher for Drive (by Google)) - C:\Users\wow\AppData\Local\Google\Chrome\User Data\Default\Extensions\lmjegmlicamnimmfhcmpkclmigmmcbeh [2020-10-13]
CHR Extension: (Chrome Web Store Payments) - C:\Users\wow\AppData\Local\Google\Chrome\User Data\Default\Extensions\nmmhkkegccagdldgiimedpiccmgmieda [2019-10-05]
CHR Extension: (Gmail) - C:\Users\wow\AppData\Local\Google\Chrome\User Data\Default\Extensions\pjkljhegncpnkpknbcohdijeoejaedia [2019-05-01]
CHR Extension: (Chrome Media Router) - C:\Users\wow\AppData\Local\Google\Chrome\User Data\Default\Extensions\pkedcjkdefgpdelpbcmbmeomcjbeemfm [2020-10-09]
CHR HKU\S-1-5-21-3829197068-2955107618-1151059083-1001\SOFTWARE\Google\Chrome\Extensions\...\Chrome\Extension: [lmjegmlicamnimmfhcmpkclmigmmcbeh]
CHR HKLM-x32\...\Chrome\Extension: [eofcbnmajmjmplflapaojjnihcjkigck]

==================== Services (Whitelisted) ===================

(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)

S2 AdobeARMservice; C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\armsvc.exe [169544 2020-09-06] (Adobe Inc. -> Adobe Inc.)
S3 AdobeFlashPlayerUpdateSvc; C:\WINDOWS\SysWOW64\Macromed\Flash\FlashPlayerUpdateService.exe [335416 2020-09-12] (Adobe Inc. -> Adobe)
S2 AGMService; C:\Program Files (x86)\Common Files\Adobe\AdobeGCClient\AGMService.exe [3673680 2020-06-04] (Adobe Inc. -> Adobe Systems, Incorporated)
S2 AGSService; C:\Program Files (x86)\Common Files\Adobe\AdobeGCClient\AGSService.exe [3406416 2020-06-04] (Adobe Inc. -> Adobe Systems, Incorporated)
R3 aswbIDSAgent; C:\Program Files\AVAST Software\Avast\aswidsagent.exe [7824280 2020-09-22] (Avast Software s.r.o. -> AVAST Software)
S2 avast; C:\Program Files (x86)\AVAST Software\Browser\Update\AvastBrowserUpdate.exe [164984 2018-07-08] (AVAST Software s.r.o. -> AVAST Software)
R2 avast! Antivirus; C:\Program Files\AVAST Software\Avast\AvastSvc.exe [357848 2020-09-22] (Avast Software s.r.o. -> AVAST Software)
S3 avastm; C:\Program Files (x86)\AVAST Software\Browser\Update\AvastBrowserUpdate.exe [164984 2018-07-08] (AVAST Software s.r.o. -> AVAST Software)
S3 AvastSecureBrowserElevationService; C:\Program Files (x86)\AVAST Software\Browser\Application\85.0.5814.102\elevation_service.exe [1080640 2020-09-09] (Avast Software s.r.o. -> AVAST Software)
R2 AvastWscReporter; C:\Program Files\AVAST Software\Avast\wsc_proxy.exe [58048 2020-09-22] (Avast Software s.r.o. -> AVAST Software)
S2 Freemake Improver; C:\ProgramData\Freemake\FreemakeUtilsService\FreemakeUtilsService.exe [82216 2020-09-30] (Mixbyte Inc -> Freemake)
S3 Intel(R) Security Assist; C:\Program Files (x86)\Intel\Intel(R) Security Assist\isa.exe [335872 2015-05-19] (Intel Corporation) [File not signed]
S2 isaHelperSvc; C:\Program Files (x86)\Intel\Intel(R) Security Assist\isaHelperService.exe [7680 2015-05-19] () [File not signed]
S3 Lenovo EasyPlus Hotspot; C:\Program Files (x86)\Common Files\LENOVO\easyplussdk\bin\EPHotspot64.exe [619776 2015-01-15] (LENOVO -> Lenovo)
R3 MBAMService; C:\Program Files\Malwarebytes\Anti-Malware\MBAMService.exe [7185288 2020-10-13] (Malwarebytes Inc -> Malwarebytes)
R2 Sks8821; C:\Program Files\Lenovo\Lenovo Slim USB Keyboard\Sks8821.exe [137216 2010-05-04] () [File not signed]
S3 WdNisSvc; C:\ProgramData\Microsoft\Windows Defender\platform\4.18.1911.3-0\NisSrv.exe [3206472 2019-12-14] (Microsoft Windows Publisher -> Microsoft Corporation)
S3 WinDefend; C:\ProgramData\Microsoft\Windows Defender\platform\4.18.1911.3-0\MsMpEng.exe [103376 2019-12-14] (Microsoft Windows Publisher -> Microsoft Corporation)

===================== Drivers (Whitelisted) ===================

(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)

R0 aswArDisk; C:\WINDOWS\System32\drivers\aswArDisk.sys [37136 2020-09-22] (Avast Software s.r.o. -> AVAST Software)
R1 aswArPot; C:\WINDOWS\System32\drivers\aswArPot.sys [206392 2020-09-22] (Avast Software s.r.o. -> AVAST Software)
R1 aswbidsdriver; C:\WINDOWS\System32\drivers\aswbidsdriver.sys [235584 2020-09-22] (Avast Software s.r.o. -> AVAST Software)
R0 aswbidsh; C:\WINDOWS\System32\drivers\aswbidsh.sys [195648 2020-09-22] (Avast Software s.r.o. -> AVAST Software)
R0 aswbuniv; C:\WINDOWS\System32\drivers\aswbuniv.sys [60480 2020-09-22] (Avast Software s.r.o. -> AVAST Software)
R0 aswElam; C:\WINDOWS\System32\drivers\aswElam.sys [16824 2020-07-21] (Microsoft Windows Early Launch Anti-malware Publisher -> AVAST Software)
R1 aswKbd; C:\WINDOWS\System32\drivers\aswKbd.sys [42768 2020-09-22] (Avast Software s.r.o. -> AVAST Software)
R2 aswMonFlt; C:\WINDOWS\System32\drivers\aswMonFlt.sys [175192 2020-09-22] (Avast Software s.r.o. -> AVAST Software)
R1 aswNetHub; C:\WINDOWS\System32\drivers\aswNetHub.sys [517592 2020-09-24] (Avast Software s.r.o. -> AVAST Software)
R1 aswRdr; C:\WINDOWS\System32\drivers\aswRdr2.sys [109272 2020-09-22] (Avast Software s.r.o. -> AVAST Software)
R0 AswRvrt; C:\WINDOWS\System32\drivers\aswRvrt.sys [84848 2020-09-22] (Avast Software s.r.o. -> AVAST Software)
R1 aswSnx; C:\WINDOWS\System32\drivers\aswSnx.sys [851600 2020-09-22] (Avast Software s.r.o. -> AVAST Software)
R1 aswSP; C:\WINDOWS\System32\drivers\aswSP.sys [469880 2020-09-22] (Avast Software s.r.o. -> AVAST Software)
R2 aswStm; C:\WINDOWS\System32\drivers\aswStm.sys [217328 2020-09-22] (Avast Software s.r.o. -> AVAST Software)
R0 aswVmm; C:\WINDOWS\System32\drivers\aswVmm.sys [326408 2020-09-22] (Avast Software s.r.o. -> AVAST Software)
S3 BthA2dp; C:\WINDOWS\System32\drivers\BthA2dp.sys [279040 2019-12-07] (Microsoft Corporation) [File not signed]
R3 GeneStor; C:\WINDOWS\system32\DRIVERS\GeneStor.sys [115704 2015-07-15] (GENESYS LOGIC, INC. -> GenesysLogic)
R2 MBAMChameleon; C:\WINDOWS\System32\Drivers\MbamChameleon.sys [217592 2020-10-13] (Malwarebytes Inc -> Malwarebytes)
S0 MbamElam; C:\WINDOWS\System32\DRIVERS\MbamElam.sys [19912 2020-10-13] (Microsoft Windows Early Launch Anti-malware Publisher -> Malwarebytes)
R3 MBAMSwissArmy; C:\WINDOWS\System32\Drivers\mbamswissarmy.sys [248968 2020-10-13] (Malwarebytes Inc -> Malwarebytes)
S3 WdBoot; C:\WINDOWS\system32\drivers\wd\WdBoot.sys [45664 2019-12-14] (Microsoft Windows Early Launch Anti-malware Publisher -> Microsoft Corporation)
S3 WDC_SAM; C:\WINDOWS\System32\drivers\wdcsam64.sys [26880 2017-05-04] (WDKTestCert wdclab,130885612892544312 -> Western Digital Technologies, Inc.)
S3 WdFilter; C:\WINDOWS\system32\drivers\wd\WdFilter.sys [355760 2019-12-14] (Microsoft Windows -> Microsoft Corporation)
S3 WdNisDrv; C:\WINDOWS\System32\drivers\wd\WdNisDrv.sys [54192 2019-12-14] (Microsoft Windows -> Microsoft Corporation)
S3 wsvd; C:\WINDOWS\system32\DRIVERS\wsvd.sys [102376 2012-06-14] (CyberLink -> "CyberLink)

==================== NetSvcs (Whitelisted) ===================

(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)


==================== One month (created) ===================

(If an entry is included in the fixlist, the file/folder will be moved.)

2020-10-14 12:48 - 2020-10-14 12:50 - 000020573 _____ C:\Users\wow\Desktop\FRST.txt
2020-10-14 12:47 - 2020-10-14 12:49 - 000000000 ____D C:\FRST
2020-10-14 12:46 - 2020-10-14 12:46 - 002299392 _____ (Farbar) C:\Users\wow\Desktop\FRST64.exe
2020-10-13 23:51 - 2020-10-13 23:51 - 000248968 _____ (Malwarebytes) C:\WINDOWS\system32\Drivers\mbamswissarmy.sys
2020-10-13 23:51 - 2020-10-13 23:51 - 000217592 _____ (Malwarebytes) C:\WINDOWS\system32\Drivers\MbamChameleon.sys
2020-10-13 23:51 - 2020-10-13 23:51 - 000002040 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Malwarebytes.lnk
2020-10-13 23:51 - 2020-10-13 23:50 - 000019912 _____ (Malwarebytes) C:\WINDOWS\system32\Drivers\MbamElam.sys
2020-10-12 18:40 - 2020-10-12 18:40 - 000135670 _____ C:\Users\wow\Downloads\Vypis_z_uctu_0-165905043_z_20200930.pdf
2020-10-09 19:13 - 2020-10-09 19:14 - 000000000 ____D C:\Users\wow\AppData\Local\FreemakeVideoConverter
2020-10-09 19:12 - 2020-10-09 19:23 - 000000000 ____D C:\Program Files (x86)\Freemake
2020-10-09 19:12 - 2020-10-09 19:13 - 000000000 ____D C:\ProgramData\Freemake
2020-10-09 19:05 - 2020-10-09 19:05 - 000000000 ____D C:\Users\wow\.fontconfig
2020-10-09 19:04 - 2020-10-09 19:04 - 000000000 ____D C:\Users\wow\AppData\Local\Movavi
2020-10-09 19:04 - 2020-10-09 19:04 - 000000000 ____D C:\Users\wow\AppData\Local\CrashRpt
2020-10-09 19:04 - 2020-10-09 19:04 - 000000000 ____D C:\Users\wow\AppData\Local\ConverterAgent
2020-10-09 19:04 - 2020-10-09 19:04 - 000000000 ____D C:\Users\wow\AppData\Local\converter
2020-10-09 19:04 - 2020-10-09 19:04 - 000000000 ____D C:\ProgramData\movavi
2020-10-09 19:03 - 2020-10-09 19:09 - 000000000 ____D C:\Users\wow\AppData\Roaming\Movavi Video Converter 20 Premium
2020-10-09 19:03 - 2020-10-09 19:03 - 000005030 _____ C:\ProgramData\ziwxpjps.faw
2020-10-09 19:03 - 2020-10-09 19:03 - 000000016 _____ C:\ProgramData\mntemp
2020-10-09 18:28 - 2020-10-09 18:28 - 000000000 ____D C:\Users\wow\AppData\Roaming\dvdcss
2020-10-09 18:26 - 2020-10-09 18:26 - 000000000 ____D C:\Users\wow\AppData\Local\Blu-ray Master
2020-10-05 12:52 - 2020-10-05 12:53 - 000000000 ____D C:\Users\wow\Downloads\film
2020-10-02 10:12 - 2020-10-02 10:12 - 000000000 ____D C:\WINDOWS\system32\Tasks\Mozilla
2020-10-02 00:24 - 2020-10-14 12:11 - 000000000 ____D C:\Program Files\Mozilla Firefox
2020-09-22 14:58 - 2020-09-22 14:57 - 000338528 _____ (AVAST Software) C:\WINDOWS\system32\aswBoot.exe
2020-09-22 14:58 - 2020-09-22 14:57 - 000217328 _____ (AVAST Software) C:\WINDOWS\system32\Drivers\aswStm.sys
2020-09-22 14:58 - 2020-09-22 14:57 - 000175192 _____ (AVAST Software) C:\WINDOWS\system32\Drivers\aswMonFlt.sys

==================== One month (modified) ==================

(If an entry is included in the fixlist, the file/folder will be moved.)

2020-10-14 12:45 - 2020-08-27 12:22 - 000004208 _____ C:\WINDOWS\system32\Tasks\User_Feed_Synchronization-{AFE96C0B-29CD-44E2-AC4A-5583F4CD3869}
2020-10-14 12:40 - 2019-12-07 11:14 - 000000000 ____D C:\ProgramData\regid.1991-06.com.microsoft
2020-10-14 12:40 - 2017-10-08 13:23 - 000000000 ____D C:\Users\wow\AppData\Local\AVAST Software
2020-10-14 12:37 - 2018-05-19 08:46 - 000000000 ___HD C:\Users\wow\Documents\.tmp.drivedownload
2020-10-14 12:15 - 2019-12-07 11:14 - 000000000 ____D C:\WINDOWS\AppReadiness
2020-10-14 12:10 - 2017-05-04 19:21 - 000000000 ____D C:\Users\wow\AppData\LocalLow\Mozilla
2020-10-14 12:08 - 2017-05-04 22:08 - 000000000 ___RD C:\Users\wow\Disk Google
2020-10-13 23:51 - 2020-02-16 11:30 - 000002028 _____ C:\Users\Public\Desktop\Malwarebytes.lnk
2020-10-13 23:51 - 2020-02-16 11:30 - 000002028 _____ C:\ProgramData\Desktop\Malwarebytes.lnk
2020-10-13 23:51 - 2019-12-07 11:14 - 000000000 ___HD C:\WINDOWS\ELAMBKUP
2020-10-13 23:50 - 2020-02-16 11:30 - 000153312 _____ (Malwarebytes) C:\WINDOWS\system32\Drivers\mbae64.sys
2020-10-13 23:40 - 2019-10-03 10:00 - 000000000 ___HD C:\Users\Public\Documents\AdobeGCData
2020-10-13 23:40 - 2019-10-03 10:00 - 000000000 ___HD C:\ProgramData\Documents\AdobeGCData
2020-10-13 23:39 - 2020-08-27 12:22 - 000003584 _____ C:\WINDOWS\system32\Tasks\MicrosoftEdgeUpdateTaskMachineUA
2020-10-13 23:39 - 2020-08-27 12:22 - 000003460 _____ C:\WINDOWS\system32\Tasks\MicrosoftEdgeUpdateTaskMachineCore
2020-10-13 23:38 - 2020-08-27 12:22 - 000004264 _____ C:\WINDOWS\system32\Tasks\Avast Emergency Update
2020-10-12 13:03 - 2020-08-27 12:22 - 000003752 _____ C:\WINDOWS\system32\Tasks\Adobe Flash Player NPAPI Notifier
2020-10-12 13:03 - 2020-08-27 12:22 - 000003482 _____ C:\WINDOWS\system32\Tasks\Adobe Acrobat Update Task
2020-10-12 13:03 - 2020-08-27 12:22 - 000003402 _____ C:\WINDOWS\system32\Tasks\GoogleUpdateTaskMachineUA
2020-10-12 13:03 - 2020-08-27 12:22 - 000003194 _____ C:\WINDOWS\system32\Tasks\CCleaner Update
2020-10-12 13:03 - 2020-08-27 12:22 - 000003178 _____ C:\WINDOWS\system32\Tasks\GoogleUpdateTaskMachineCore
2020-10-12 13:03 - 2020-08-27 12:22 - 000002862 _____ C:\WINDOWS\system32\Tasks\OneDrive Standalone Update Task-S-1-5-21-3829197068-2955107618-1151059083-1001
2020-10-12 13:03 - 2020-08-27 12:22 - 000002770 _____ C:\WINDOWS\system32\Tasks\AdobeAAMUpdater-1.0-DESKTOP-89RL4UG-wow
2020-10-12 13:03 - 2020-08-27 12:22 - 000002612 _____ C:\WINDOWS\system32\Tasks\AdobeGCInvoker-1.0
2020-10-12 13:03 - 2020-08-27 12:22 - 000002336 _____ C:\WINDOWS\system32\Tasks\RtHDVBg_LENOVO_MICPKEY
2020-10-12 13:03 - 2020-08-27 12:22 - 000002280 _____ C:\WINDOWS\system32\Tasks\RTKCPL
2020-10-12 13:03 - 2020-08-27 12:22 - 000002220 _____ C:\WINDOWS\system32\Tasks\CCleanerSkipUAC
2020-10-12 13:03 - 2020-08-27 12:22 - 000000000 ____D C:\WINDOWS\system32\Tasks\AVAST Software
2020-10-12 10:50 - 2019-12-07 11:14 - 000000000 ___HD C:\Program Files\WindowsApps
2020-10-10 10:40 - 2020-06-10 15:17 - 000002428 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Microsoft Edge.lnk
2020-10-10 10:40 - 2020-06-10 15:17 - 000002266 _____ C:\Users\Public\Desktop\Microsoft Edge.lnk
2020-10-10 10:40 - 2020-06-10 15:17 - 000002266 _____ C:\ProgramData\Desktop\Microsoft Edge.lnk
2020-10-10 10:20 - 2017-12-03 20:31 - 000000180 _____ C:\WINDOWS\system32\{A6D608F0-0BDE-491A-97AE-5C4B05D86E01}.bat
2020-10-10 10:20 - 2017-05-04 08:39 - 000000000 __SHD C:\Users\wow\IntelGraphicsProfiles
2020-10-09 19:05 - 2020-08-27 12:04 - 000000000 ____D C:\Users\wow
2020-10-09 19:05 - 2020-02-16 11:31 - 000000000 ____D C:\Users\wow\AppData\Local\cache
2020-10-08 22:35 - 2020-08-27 12:00 - 000000000 ____D C:\WINDOWS\system32\SleepStudy
2020-10-08 22:32 - 2019-12-07 11:13 - 000000000 ____D C:\WINDOWS\INF
2020-10-08 21:21 - 2017-05-04 11:49 - 000002308 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Google Chrome.lnk
2020-10-08 21:21 - 2017-05-04 11:49 - 000002267 _____ C:\Users\Public\Desktop\Google Chrome.lnk
2020-10-08 21:21 - 2017-05-04 11:49 - 000002267 _____ C:\ProgramData\Desktop\Google Chrome.lnk
2020-10-05 10:55 - 2017-10-18 18:44 - 000001006 _____ C:\Users\Public\Desktop\calibre 64bit - E-book management.lnk
2020-10-05 10:55 - 2017-10-18 18:44 - 000001006 _____ C:\ProgramData\Desktop\calibre 64bit - E-book management.lnk
2020-10-05 10:55 - 2017-05-04 20:54 - 000000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\calibre 64bit - E-book Management
2020-10-05 10:55 - 2017-05-04 20:54 - 000000000 ____D C:\Program Files\Calibre2
2020-10-02 10:12 - 2017-05-04 19:21 - 000001012 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Firefox.lnk
2020-09-26 13:24 - 2017-05-04 20:01 - 000000000 ____D C:\Users\wow\AppData\Local\CrashDumps
2020-09-25 16:32 - 2018-01-05 23:27 - 000000000 ____D C:\Program Files (x86)\HappyFoto DESIGNER
2020-09-25 10:46 - 2020-08-24 12:07 - 000000000 ____D C:\Users\wow\AppData\Local\ElevatedDiagnostics
2020-09-25 09:32 - 2017-05-05 13:57 - 000002143 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Acrobat Reader DC.lnk
2020-09-24 14:22 - 2017-05-03 22:34 - 000000870 _____ C:\Users\Public\Desktop\CCleaner.lnk
2020-09-24 14:22 - 2017-05-03 22:34 - 000000870 _____ C:\ProgramData\Desktop\CCleaner.lnk
2020-09-24 10:19 - 2020-04-02 12:56 - 000517592 _____ (AVAST Software) C:\WINDOWS\system32\Drivers\aswNetHub.sys
2020-09-24 09:22 - 2017-09-14 10:43 - 000000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Backup and Sync from Google
2020-09-23 09:54 - 2019-02-06 10:50 - 000000000 ____D C:\ProgramData\Mozilla
2020-09-23 09:52 - 2017-05-04 19:21 - 000000000 ____D C:\Program Files (x86)\Mozilla Maintenance Service
2020-09-22 21:03 - 2017-05-04 09:35 - 000000000 ____D C:\ProgramData\AVAST Software
2020-09-22 15:20 - 2020-08-27 21:33 - 000716586 _____ C:\WINDOWS\system32\perfh005.dat
2020-09-22 15:20 - 2020-08-27 21:33 - 000144784 _____ C:\WINDOWS\system32\perfc005.dat
2020-09-22 15:20 - 2020-08-27 12:16 - 001693136 _____ C:\WINDOWS\system32\PerfStringBackup.INI
2020-09-22 15:13 - 2020-08-27 12:22 - 000000006 ____H C:\WINDOWS\Tasks\SA.DAT
2020-09-22 15:13 - 2020-08-27 12:00 - 000008192 ___SH C:\DumpStack.log.tmp
2020-09-22 15:12 - 2019-12-07 11:03 - 000524288 _____ C:\WINDOWS\system32\config\BBI
2020-09-22 14:59 - 2020-04-02 12:56 - 000517080 _____ (AVAST Software) C:\WINDOWS\system32\Drivers\aswNetHub.sys.160093558248401
2020-09-22 14:59 - 2017-11-30 18:27 - 000326408 _____ (AVAST Software) C:\WINDOWS\system32\Drivers\aswVmm.sys
2020-09-22 14:57 - 2019-01-27 00:23 - 000235584 _____ (AVAST Software) C:\WINDOWS\system32\Drivers\aswbidsdriver.sys
2020-09-22 14:57 - 2019-01-18 20:23 - 000195648 _____ (AVAST Software) C:\WINDOWS\system32\Drivers\aswbidsh.sys
2020-09-22 14:57 - 2019-01-18 20:23 - 000060480 _____ (AVAST Software) C:\WINDOWS\system32\Drivers\aswbuniv.sys
2020-09-22 14:57 - 2019-01-18 20:23 - 000037136 _____ (AVAST Software) C:\WINDOWS\system32\Drivers\aswArDisk.sys
2020-09-22 14:57 - 2018-10-12 12:10 - 000042768 _____ (AVAST Software) C:\WINDOWS\system32\Drivers\aswKbd.sys
2020-09-22 14:57 - 2017-11-30 18:27 - 000851600 _____ (AVAST Software) C:\WINDOWS\system32\Drivers\aswSnx.sys
2020-09-22 14:57 - 2017-11-30 18:27 - 000469880 _____ (AVAST Software) C:\WINDOWS\system32\Drivers\aswSP.sys
2020-09-22 14:57 - 2017-11-30 18:27 - 000206392 _____ (AVAST Software) C:\WINDOWS\system32\Drivers\aswArPot.sys
2020-09-22 14:57 - 2017-11-30 18:27 - 000109272 _____ (AVAST Software) C:\WINDOWS\system32\Drivers\aswRdr2.sys
2020-09-22 14:57 - 2017-11-30 18:27 - 000084848 _____ (AVAST Software) C:\WINDOWS\system32\Drivers\aswRvrt.sys
2020-09-22 09:41 - 2018-07-08 17:46 - 000002505 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Avast Secure Browser.lnk
2020-09-22 09:41 - 2018-07-08 17:46 - 000002470 _____ C:\Users\Public\Desktop\Avast Secure Browser.lnk
2020-09-22 09:41 - 2018-07-08 17:46 - 000002470 _____ C:\ProgramData\Desktop\Avast Secure Browser.lnk
2020-09-22 09:37 - 2017-05-04 11:23 - 000000000 ____D C:\WINDOWS\system32\MRT
2020-09-22 09:31 - 2017-05-04 11:23 - 129170736 ____C (Microsoft Corporation) C:\WINDOWS\system32\MRT.exe

==================== Files in the root of some directories ========

2017-05-04 08:56 - 2017-05-04 09:20 - 000000600 _____ () C:\Users\wow\AppData\Roaming\winscp.rnd
2018-05-19 09:31 - 2019-05-01 21:33 - 000003584 _____ () C:\Users\wow\AppData\Local\DCBC2A71-70D8-4DAN-EHR8-E0D61DEA3FDF.ini
2018-10-13 17:28 - 2018-10-13 17:28 - 000000000 _____ () C:\Users\wow\AppData\Local\oobelibMkey.log
2017-05-08 20:42 - 2017-11-30 12:50 - 000007605 _____ () C:\Users\wow\AppData\Local\Resmon.ResmonCfg

==================== SigCheck ============================

(There is no automatic fix for files that do not pass verification.)

==================== End of FRST.txt ========================



Additional scan result of Farbar Recovery Scan Tool (x64) Version: 11-10-2020
Ran by wow (14-10-2020 12:53:28)
Running from C:\Users\wow\Desktop
Windows 10 Home Version 2004 19041.508 (X64) (2020-08-27 10:22:50)
Boot Mode: Normal
==========================================================


==================== Accounts: =============================

Administrator (S-1-5-21-3829197068-2955107618-1151059083-500 - Administrator - Disabled)
DefaultAccount (S-1-5-21-3829197068-2955107618-1151059083-503 - Limited - Disabled)
Guest (S-1-5-21-3829197068-2955107618-1151059083-501 - Limited - Disabled)
WDAGUtilityAccount (S-1-5-21-3829197068-2955107618-1151059083-504 - Limited - Disabled)
wow (S-1-5-21-3829197068-2955107618-1151059083-1001 - Administrator - Enabled) => C:\Users\wow

==================== Security Center ========================

(If an entry is included in the fixlist, it will be removed.)

AV: Avast Antivirus (Enabled - Up to date) {8EA8924E-BC81-DC44-8BB0-8BAE75D86EBF}
AV: Windows Defender (Disabled - Up to date) {D68DDC3A-831F-4fae-9E44-DA132C1ACF46}
AV: Avast Antivirus (Enabled - Up to date) {EB19B86E-3998-C706-90EF-92B41EB091AF}
AS: Windows Defender (Disabled - Up to date) {D68DDC3A-831F-4fae-9E44-DA132C1ACF46}
AS: Avast Antivirus (Enabled - Up to date) {35C973AA-9ABB-D3CA-B100-B0DC0E5F2402}

==================== Installed Programs ======================

(Only the adware programs with "Hidden" flag could be added to the fixlist to unhide them. The adware programs should be uninstalled manually.)

7z Extractor (HKLM-x32\...\{FA71EF19-3822-44F1-B843-B84CA34266CB}_is1) (Version: - 7zextractor.com)
Adobe Acrobat Reader DC - Czech (HKLM-x32\...\{AC76BA86-7AD7-1029-7B44-AC0F074E4100}) (Version: 20.012.20048 - Adobe Systems Incorporated)
Adobe dreamweaver (HKLM\...\{F91C3A80-17BA-41E3-8288-A36778F03035}) (Version: 1.0.0000 - Adobe Systems Incorporated) Hidden
Adobe Flash Player 32 NPAPI (HKLM-x32\...\Adobe Flash Player NPAPI) (Version: 32.0.0.433 - Adobe)
Aktualizace produktu Microsoft Office Excel 2007 Help (KB963678) (HKLM-x32\...\{90120000-0016-0405-0000-0000000FF1CE}_ENTERPRISE_{0A1FAC46-B899-421D-B1A2-470896DC45DB}) (Version: - Microsoft)
Aktualizace produktu Microsoft Office Powerpoint 2007 Help (KB963669) (HKLM-x32\...\{90120000-0018-0405-0000-0000000FF1CE}_ENTERPRISE_{5260BB53-C1F7-4A3B-9AEB-3EC9B37FF194}) (Version: - Microsoft)
Aktualizace produktu Microsoft Office Word 2007 Help (KB963665) (HKLM-x32\...\{90120000-001B-0405-0000-0000000FF1CE}_ENTERPRISE_{E68DD413-B834-4923-8181-0A03B7555187}) (Version: - Microsoft)
Altap Salamander 3.03 (x86) (HKLM-x32\...\Altap Salamander 3.03 (x86)) (Version: 3.03 - ALTAP)
Avast Free Antivirus (HKLM-x32\...\Avast Antivirus) (Version: 20.7.2425 - Avast Software)
Avast Secure Browser (HKLM-x32\...\Avast Secure Browser) (Version: 85.0.5814.102 - AVAST Software)
Avast Update Helper (HKLM-x32\...\{A92DAB39-4E2C-4304-9AB6-BC44E68B55E2}) (Version: 1.4.154.333 - AVAST Software) Hidden
Backup and Sync from Google (HKLM\...\{B109BD68-709A-485B-97E6-651FEB234AC9}) (Version: 3.51.3307.8076 - Google, Inc.)
BitTorrent (HKU\S-1-5-21-3829197068-2955107618-1151059083-1001\...\BitTorrent) (Version: 7.10.5.45785 - BitTorrent Inc.)
calibre 64bit (HKLM\...\{E1931DC1-CC9E-4D15-8ACF-B6BF2FD62CC5}) (Version: 5.1.0 - Kovid Goyal)
CCleaner (HKLM\...\CCleaner) (Version: 5.72 - Piriform)
CDBurnerXP (HKLM-x32\...\{7E265513-8CDA-4631-B696-F40D983F3B07}_is1) (Version: 4.5.7.6623 - CDBurnerXP)
Cool Edit Pro 2.1 (HKLM-x32\...\Cool Edit Pro 2.1) (Version: - )
D3DX10 (HKLM-x32\...\{E09C4DB7-630C-4F06-A631-8EA7239923AF}) (Version: 15.4.2368.0902 - Microsoft) Hidden
Genesys USB Mass Storage Device (HKLM-x32\...\{959B7F35-2819-40C5-A0CD-3C53B5FCC935}) (Version: 4.5.0.6.1001 - Genesys Logic)
Google Chrome (HKLM-x32\...\Google Chrome) (Version: 86.0.4240.75 - Google LLC)
Google Update Helper (HKLM-x32\...\{60EC980A-BDA2-4CB6-A427-B07A5498B4CA}) (Version: 1.3.35.451 - Google LLC) Hidden
HappyFoto DESIGNER 5.4 (HKLM-x32\...\HappyFoto-Designer_is1) (Version: - )
Intel(R) Chipset Device Software (HKLM-x32\...\{c7f54569-0018-439c-809a-48046a4d4ebc}) (Version: 10.1.1.9 - Intel(R) Corporation) Hidden
Intel(R) Management Engine Components (HKLM\...\{1CEAC85D-2590-4760-800F-8DE5E91F3700}) (Version: 11.0.0.1158 - Intel Corporation)
Intel(R) Processor Graphics (HKLM-x32\...\{F0E3AD40-2BBD-4360-9C76-B9AC9A5886EA}) (Version: 20.19.15.4963 - Intel Corporation)
Intel® Security Assist (HKLM-x32\...\{4B230374-6475-4A73-BA6E-41015E9C5013}) (Version: 1.0.0.532 - Intel Corporation)
IrfanView 4.54 (32-bit) (HKLM-x32\...\IrfanView) (Version: 4.54 - Irfan Skiljan)
Lenovo Rescue System (HKLM\...\{46F4D124-20E5-4D12-BE52-EC177A7A4B42}) (Version: 4.0.0.5015 - CyberLink Corp.) Hidden
Lenovo Rescue System (HKLM-x32\...\InstallShield_{46F4D124-20E5-4D12-BE52-EC177A7A4B42}) (Version: 4.0.0.5015 - CyberLink Corp.)
Lenovo Slim USB Keyboard (HKLM\...\{494D80C4-3557-4D73-A153-65FE4B3ECDC3}) (Version: 1.17 - Lenovo)
Malwarebytes version 4.2.1.89 (HKLM\...\{35065F43-4BB2-439A-BFF7-0F1014F2E0CD}_is1) (Version: 4.2.1.89 - Malwarebytes)
Manual (HKLM-x32\...\{693F92E5-37D1-46B7-A0D6-19A74A2FD0EC}) (Version: 1.00.0701 - Lenovo)
Metric Collection SDK 35 (HKLM-x32\...\{C2B5B5B0-2545-4E94-B4BA-548D4BF0B196}) (Version: 1.2.0006.00 - Lenovo Group Limited) Hidden
Microsoft Edge (HKLM-x32\...\Microsoft Edge) (Version: 86.0.622.38 - Microsoft Corporation)
Microsoft Edge Update (HKLM-x32\...\Microsoft Edge Update) (Version: 1.3.135.41 - )
Microsoft Office (HKLM-x32\...\{90150000-0138-0409-0000-0000000FF1CE}) (Version: 15.0.4693.1005 - Microsoft Corporation)
Microsoft Office 2007 Service Pack 3 (SP3) (HKLM-x32\...\{90120000-0030-0000-0000-0000000FF1CE}_ENTERPRISE_{6E107EB7-8B55-48BF-ACCB-199F86A2CD93}) (Version: - Microsoft)
Microsoft Office Enterprise 2007 (HKLM-x32\...\ENTERPRISE) (Version: 12.0.6612.1000 - Microsoft Corporation)
Microsoft Office File Validation Add-In (HKLM-x32\...\{90140000-2005-0000-0000-0000000FF1CE}) (Version: 14.0.5130.5003 - Microsoft Corporation)
Microsoft OneDrive (HKU\S-1-5-21-3829197068-2955107618-1151059083-1001\...\OneDriveSetup.exe) (Version: 20.143.0716.0003 - Microsoft Corporation)
Microsoft Visual C++ 2005 Redistributable (HKLM-x32\...\{710f4c1c-cc18-4c49-8cbf-51240c89a1a2}) (Version: 8.0.61001 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.17 (HKLM-x32\...\{9A25302D-30C0-39D9-BD6F-21E6EC160475}) (Version: 9.0.30729 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.4148 (HKLM-x32\...\{1F1C2DFC-2D24-3E06-BCB8-725134ADF989}) (Version: 9.0.30729.4148 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.6161 (HKLM-x32\...\{9BE518E6-ECC6-35A9-88E4-87755C07200F}) (Version: 9.0.30729.6161 - Microsoft Corporation)
Microsoft Visual C++ 2010 x86 Redistributable - 10.0.40219 (HKLM-x32\...\{F0C3E5D1-1ADE-321E-8167-68EF0DE699A5}) (Version: 10.0.40219 - Microsoft Corporation)
Microsoft Visual C++ 2012 Redistributable (x86) - 11.0.61030 (HKLM-x32\...\{33d1fd90-4274-48a1-9bc1-97e33d9c2d6f}) (Version: 11.0.61030.0 - Microsoft Corporation)
Microsoft Visual C++ 2013 Redistributable (x64) - 12.0.30501 (HKLM-x32\...\{050d4fc8-5d48-4b8f-8972-47c82c46020f}) (Version: 12.0.30501.0 - Microsoft Corporation)
Microsoft Visual C++ 2013 Redistributable (x86) - 12.0.30501 (HKLM-x32\...\{f65db027-aff3-4070-886a-0d87064aabb1}) (Version: 12.0.30501.0 - Microsoft Corporation)
Microsoft Visual C++ 2015 Redistributable (x64) - 14.0.24212 (HKLM-x32\...\{323dad84-0974-4d90-a1c1-e006c7fdbb7d}) (Version: 14.0.24212.0 - Microsoft Corporation)
Movie Maker (HKLM-x32\...\{38F03569-A636-4CF3-BDDE-032C8C251304}) (Version: 16.4.3528.0331 - Microsoft Corporation) Hidden
Movie Maker (HKLM-x32\...\{DD67BE4B-7E62-4215-AFA3-F123A800A389}) (Version: 16.4.3528.0331 - Microsoft Corporation) Hidden
Mozilla Firefox 81.0.1 (x64 cs) (HKLM\...\Mozilla Firefox 81.0.1 (x64 cs)) (Version: 81.0.1 - Mozilla)
Mozilla Maintenance Service (HKLM\...\MozillaMaintenanceService) (Version: 53.0 - Mozilla)
OnScreen Control (HKLM-x32\...\{E5C1B339-0E4E-49A5-859E-5E1DE1938706}) (Version: 1.39 - LG Electronics Inc)
Rajče průvodce verze 1.59.54.269 (HKLM-x32\...\rajce.net_is1) (Version: - rajce.net)
Realtek Ethernet Controller All-In-One Windows Driver (HKLM-x32\...\{F7E7F0CB-AA41-4D5A-B6F2-8E6738EB063F}) (Version: 10.1.505.2015 - Realtek)
Realtek High Definition Audio Driver (HKLM-x32\...\{F132AF7F-7BCA-4EDE-8A7C-958108FE7DBC}) (Version: 6.0.1.7543 - Realtek Semiconductor Corp.)
Shredder 12 (HKLM-x32\...\{3892F602-F5D6-4B99-8F08-12EE6B01F66B}) (Version: 12.0.0 - ChessBase)
Shredder 12 (HKLM-x32\...\{631D1741-E5F6-433B-A0BF-5216DC1D846D}) (Version: 12.0.0 - ChessBase) Hidden
Update for 2007 Microsoft Office System (KB967642) (HKLM-x32\...\{90120000-0030-0000-0000-0000000FF1CE}_ENTERPRISE_{C444285D-5E4F-48A4-91DD-47AAAA68E92D}) (Version: - Microsoft)
Update for Windows 10 for x64-based Systems (KB4023057) (HKLM\...\{16AD6161-2E47-4BF1-AA77-0946EFE93E08}) (Version: 2.61.0.0 - Microsoft Corporation)
Windows Driver Package - Genesys Logic (GeneStor) USB (07/13/2015 4.5.0.6) (HKLM\...\AE2E6FAB44844413B4C6F53C908EACC8AFC838F0) (Version: 07/13/2015 4.5.0.6 - Genesys Logic)
Windows Driver Package - Intel Corporation (igfx) Display (07/17/2015 10.18.15.4256) (HKLM\...\00B7AF24A3F134555C104D6FD6BA2E998DF37957) (Version: 07/17/2015 10.18.15.4256 - Intel Corporation)
Windows Driver Package - Realtek (rt640x64) Net (05/05/2015 10.001.0505.2015) (HKLM\...\6A304520C2F25CD034E477A379C47308AA84A2DC) (Version: 05/05/2015 10.001.0505.2015 - Realtek)
Windows Movie Maker 2016 (HKLM-x32\...\{3CC29C1A-B5FE-457B-8F22-32A2videowin}}_is1) (Version: - videowinsoft.com)
xrecode II 1.0.0.231 (HKLM-x32\...\{AFE83615-88BE-47F6-B3E4-A3FEF8B7B57F}_is1) (Version: - )
Zoner Photo Studio 17 (HKLM\...\ZonerPhotoStudio17_CZ_is1) (Version: 17.0.1.12 - ZONER software)

Packages:
=========
HP Smart -> C:\Program Files\WindowsApps\AD2F1837.HPPrinterControl_120.1.741.0_x64__v10z8vjag6ke6 [2020-10-09] (HP Inc.)
Lenovo Vantage -> C:\Program Files\WindowsApps\E046963F.LenovoCompanion_10.2009.18.0_x64__k1h2ywk1493x8 [2020-09-28] (LENOVO INC.)
Microsoft Advertising SDK for XAML -> C:\Program Files\WindowsApps\Microsoft.Advertising.Xaml_10.1811.1.0_x64__8wekyb3d8bbwe [2019-02-14] (Microsoft Corporation) [MS Ad]
Microsoft Advertising SDK for XAML -> C:\Program Files\WindowsApps\Microsoft.Advertising.Xaml_10.1811.1.0_x86__8wekyb3d8bbwe [2019-02-14] (Microsoft Corporation) [MS Ad]
Microsoft Solitaire Collection -> C:\Program Files\WindowsApps\Microsoft.MicrosoftSolitaireCollection_4.7.8101.0_x64__8wekyb3d8bbwe [2020-08-19] (Microsoft Studios) [MS Ad]
MSN Sports -> C:\Program Files\WindowsApps\Microsoft.BingSports_4.36.20714.0_x64__8wekyb3d8bbwe [2020-03-26] (Microsoft Corporation) [MS Ad]
Uživatelský portál Lenovo -> C:\Program Files\WindowsApps\LenovoCorporation.LenovoID_2.0.37.0_x86__4642shxvsv8s2 [2017-05-04] (LENOVO INCORPORATED.)

==================== Custom CLSID (Whitelisted): ==============

(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)

CustomCLSID: HKU\S-1-5-21-3829197068-2955107618-1151059083-1001_Classes\CLSID\{C78B6149-F3EA-11D2-94A1-00E0292A01E3}\InprocServer32 -> C:\Program Files (x86)\Altap Salamander\utils\salextx64.dll (ALTAP) [File not signed]
ShellExecuteHooks-x32: Groove GFS Stub Execution Hook - {B5A7F190-DDA6-4420-B3BA-52453494E6CD} - C:\Program Files (x86)\Microsoft Office\Office12\GrooveShellExtensions.dll [2217832 2009-02-26] (Microsoft Corporation -> Microsoft Corporation)
ShellIconOverlayIdentifiers: [ GoogleDriveBlacklisted] -> {81539FE6-33C7-4CE7-90C7-1C7B8F2F2D42} => C:\Program Files\Google\Drive\googledrivesync64.dll [2020-09-09] (Google LLC -> Google)
ShellIconOverlayIdentifiers: [ GoogleDriveSynced] -> {81539FE6-33C7-4CE7-90C7-1C7B8F2F2D40} => C:\Program Files\Google\Drive\googledrivesync64.dll [2020-09-09] (Google LLC -> Google)
ShellIconOverlayIdentifiers: [ GoogleDriveSyncing] -> {81539FE6-33C7-4CE7-90C7-1C7B8F2F2D41} => C:\Program Files\Google\Drive\googledrivesync64.dll [2020-09-09] (Google LLC -> Google)
ShellIconOverlayIdentifiers: [00asw] -> {472083B0-C522-11CF-8763-00608CC02F24} => C:\Program Files\AVAST Software\Avast\ashShell.dll [2020-09-22] (Avast Software s.r.o. -> AVAST Software)
ContextMenuHandlers1: [avast] -> {472083B0-C522-11CF-8763-00608CC02F24} => C:\Program Files\AVAST Software\Avast\ashShell.dll [2020-09-22] (Avast Software s.r.o. -> AVAST Software)
ContextMenuHandlers1: [GDContextMenu] -> {BB02B294-8425-42E5-983F-41A1FA970CD6} => C:\Program Files\Google\Drive\contextmenu64.dll [2020-09-09] (Google LLC -> Google)
ContextMenuHandlers3: [00asw] -> {472083B0-C522-11CF-8763-00608CC02F24} => C:\Program Files\AVAST Software\Avast\ashShell.dll [2020-09-22] (Avast Software s.r.o. -> AVAST Software)
ContextMenuHandlers3: [MBAMShlExt] -> {57CE581A-0CB6-4266-9CA0-19364C90A0B3} => C:\Program Files\Malwarebytes\Anti-Malware\mbshlext.dll [2020-02-16] (Malwarebytes Corporation -> Malwarebytes)
ContextMenuHandlers4: [GDContextMenu] -> {BB02B294-8425-42E5-983F-41A1FA970CD6} => C:\Program Files\Google\Drive\contextmenu64.dll [2020-09-09] (Google LLC -> Google)
ContextMenuHandlers5: [igfxcui] -> {3AB1675A-CCFF-11D2-8B20-00A0C93CB1F4} => -> No File
ContextMenuHandlers5: [igfxDTCM] -> {9B5F5829-A529-4B12-814A-E81BCB8D93FC} => C:\WINDOWS\system32\igfxDTCM.dll [2018-07-16] (Microsoft Windows Hardware Compatibility Publisher -> Intel Corporation)
ContextMenuHandlers6: [avast] -> {472083B0-C522-11CF-8763-00608CC02F24} => C:\Program Files\AVAST Software\Avast\ashShell.dll [2020-09-22] (Avast Software s.r.o. -> AVAST Software)
ContextMenuHandlers6: [MBAMShlExt] -> {57CE581A-0CB6-4266-9CA0-19364C90A0B3} => C:\Program Files\Malwarebytes\Anti-Malware\mbshlext.dll [2020-02-16] (Malwarebytes Corporation -> Malwarebytes)

==================== Codecs (Whitelisted) ====================

==================== Shortcuts & WMI ========================

==================== Loaded Modules (Whitelisted) =============

2020-10-14 12:05 - 2020-10-14 12:05 - 000114176 _____ () [File not signed] C:\Users\wow\AppData\Local\Temp\_MEI15842\_ctypes.pyd
2020-10-14 12:05 - 2020-10-14 12:05 - 000172544 _____ () [File not signed] C:\Users\wow\AppData\Local\Temp\_MEI15842\_elementtree.pyd
2020-10-14 12:05 - 2020-10-14 12:05 - 002250240 _____ () [File not signed] C:\Users\wow\AppData\Local\Temp\_MEI15842\_hashlib.pyd
2020-10-14 12:05 - 2020-10-14 12:05 - 000032256 _____ () [File not signed] C:\Users\wow\AppData\Local\Temp\_MEI15842\_multiprocessing.pyd
2020-10-14 12:05 - 2020-10-14 12:05 - 000046080 _____ () [File not signed] C:\Users\wow\AppData\Local\Temp\_MEI15842\_psutil_windows.pyd
2020-10-14 12:05 - 2020-10-14 12:05 - 000047616 _____ () [File not signed] C:\Users\wow\AppData\Local\Temp\_MEI15842\_socket.pyd
2020-10-14 12:05 - 2020-10-14 12:05 - 002819584 _____ () [File not signed] C:\Users\wow\AppData\Local\Temp\_MEI15842\_ssl.pyd
2020-10-14 12:05 - 2020-10-14 12:05 - 000026112 _____ () [File not signed] C:\Users\wow\AppData\Local\Temp\_MEI15842\_yappi.pyd
2020-10-14 12:05 - 2020-10-14 12:05 - 000080896 _____ () [File not signed] C:\Users\wow\AppData\Local\Temp\_MEI15842\bz2.pyd
2020-10-14 12:05 - 2020-10-14 12:05 - 000016384 _____ () [File not signed] C:\Users\wow\AppData\Local\Temp\_MEI15842\common.time34.pyd
2020-10-14 12:05 - 2020-10-14 12:05 - 000007680 _____ () [File not signed] C:\Users\wow\AppData\Local\Temp\_MEI15842\hashobjs_ext.pyd
2020-10-14 12:05 - 2020-10-14 12:05 - 000301568 _____ () [File not signed] C:\Users\wow\AppData\Local\Temp\_MEI15842\PIL._imaging.pyd
2020-10-14 12:05 - 2020-10-14 12:05 - 000168448 _____ () [File not signed] C:\Users\wow\AppData\Local\Temp\_MEI15842\pyexpat.pyd
2020-10-14 12:05 - 2020-10-14 12:05 - 001084416 _____ () [File not signed] C:\Users\wow\AppData\Local\Temp\_MEI15842\pysqlite2._sqlite.pyd
2020-10-14 12:05 - 2020-10-14 12:05 - 000548864 _____ () [File not signed] C:\Users\wow\AppData\Local\Temp\_MEI15842\pythoncom27.dll
2020-10-14 12:05 - 2020-10-14 12:05 - 000137728 _____ () [File not signed] C:\Users\wow\AppData\Local\Temp\_MEI15842\pywintypes27.dll
2020-10-14 12:05 - 2020-10-14 12:05 - 000010752 _____ () [File not signed] C:\Users\wow\AppData\Local\Temp\_MEI15842\select.pyd
2020-10-14 12:05 - 2020-10-14 12:05 - 000020992 _____ () [File not signed] C:\Users\wow\AppData\Local\Temp\_MEI15842\thumbnails_ext.pyd
2020-10-14 12:05 - 2020-10-14 12:05 - 000689664 _____ () [File not signed] C:\Users\wow\AppData\Local\Temp\_MEI15842\unicodedata.pyd
2020-10-14 12:05 - 2020-10-14 12:05 - 000119808 _____ () [File not signed] C:\Users\wow\AppData\Local\Temp\_MEI15842\usb_ext.pyd
2020-10-14 12:05 - 2020-10-14 12:05 - 000128512 _____ () [File not signed] C:\Users\wow\AppData\Local\Temp\_MEI15842\win32api.pyd
2020-10-14 12:05 - 2020-10-14 12:05 - 000438784 _____ () [File not signed] C:\Users\wow\AppData\Local\Temp\_MEI15842\win32com.shell.shell.pyd
2020-10-14 12:05 - 2020-10-14 12:05 - 000011776 _____ () [File not signed] C:\Users\wow\AppData\Local\Temp\_MEI15842\win32crypt.pyd
2020-10-14 12:05 - 2020-10-14 12:05 - 000023040 _____ () [File not signed] C:\Users\wow\AppData\Local\Temp\_MEI15842\win32event.pyd
2020-10-14 12:05 - 2020-10-14 12:05 - 000149504 _____ () [File not signed] C:\Users\wow\AppData\Local\Temp\_MEI15842\win32file.pyd
2020-10-14 12:05 - 2020-10-14 12:05 - 000223232 _____ () [File not signed] C:\Users\wow\AppData\Local\Temp\_MEI15842\win32gui.pyd
2020-10-14 12:05 - 2020-10-14 12:05 - 000048128 _____ () [File not signed] C:\Users\wow\AppData\Local\Temp\_MEI15842\win32inet.pyd
2020-10-14 12:05 - 2020-10-14 12:05 - 000029696 _____ () [File not signed] C:\Users\wow\AppData\Local\Temp\_MEI15842\win32pdh.pyd
2020-10-14 12:05 - 2020-10-14 12:05 - 000027648 _____ () [File not signed] C:\Users\wow\AppData\Local\Temp\_MEI15842\win32pipe.pyd
2020-10-14 12:05 - 2020-10-14 12:05 - 000044032 _____ () [File not signed] C:\Users\wow\AppData\Local\Temp\_MEI15842\win32process.pyd
2020-10-14 12:05 - 2020-10-14 12:05 - 000020480 _____ () [File not signed] C:\Users\wow\AppData\Local\Temp\_MEI15842\win32profile.pyd
2020-10-14 12:05 - 2020-10-14 12:05 - 000136192 _____ () [File not signed] C:\Users\wow\AppData\Local\Temp\_MEI15842\win32security.pyd
2020-10-14 12:05 - 2020-10-14 12:05 - 000026624 _____ () [File not signed] C:\Users\wow\AppData\Local\Temp\_MEI15842\win32ts.pyd
2020-10-14 12:05 - 2020-10-14 12:05 - 000034816 _____ () [File not signed] C:\Users\wow\AppData\Local\Temp\_MEI15842\windows.conditional.pyd
2020-10-14 12:05 - 2020-10-14 12:05 - 000038400 _____ () [File not signed] C:\Users\wow\AppData\Local\Temp\_MEI15842\windows.connectivity.pyd
2020-10-14 12:05 - 2020-10-14 12:05 - 000071680 _____ () [File not signed] C:\Users\wow\AppData\Local\Temp\_MEI15842\windows.device_monitor.pyd
2020-10-14 12:05 - 2020-10-14 12:05 - 000109056 _____ () [File not signed] C:\Users\wow\AppData\Local\Temp\_MEI15842\windows.volumes.pyd
2020-10-14 12:05 - 2020-10-14 12:05 - 000020480 _____ () [File not signed] C:\Users\wow\AppData\Local\Temp\_MEI15842\windows.winwrap.pyd
2020-10-14 12:05 - 2020-10-14 12:05 - 001325056 _____ () [File not signed] C:\Users\wow\AppData\Local\Temp\_MEI15842\wx._controls_.pyd
2020-10-14 12:05 - 2020-10-14 12:05 - 001489408 _____ () [File not signed] C:\Users\wow\AppData\Local\Temp\_MEI15842\wx._core_.pyd
2020-10-14 12:05 - 2020-10-14 12:05 - 001007104 _____ () [File not signed] C:\Users\wow\AppData\Local\Temp\_MEI15842\wx._gdi_.pyd
2020-10-14 12:05 - 2020-10-14 12:05 - 000103424 _____ () [File not signed] C:\Users\wow\AppData\Local\Temp\_MEI15842\wx._html2.pyd
2020-10-14 12:05 - 2020-10-14 12:05 - 000916992 _____ () [File not signed] C:\Users\wow\AppData\Local\Temp\_MEI15842\wx._misc_.pyd
2020-10-14 12:05 - 2020-10-14 12:05 - 001039872 _____ () [File not signed] C:\Users\wow\AppData\Local\Temp\_MEI15842\wx._windows_.pyd
2020-10-14 12:05 - 2020-10-14 12:05 - 003043328 _____ (Python Software Foundation) [File not signed] C:\Users\wow\AppData\Local\Temp\_MEI15842\python27.dll
2020-10-14 12:05 - 2020-10-14 12:05 - 000202240 _____ (wxWidgets development team) [File not signed] C:\Users\wow\AppData\Local\Temp\_MEI15842\wxbase30u_net_vc90_x64.dll
2020-10-14 12:05 - 2020-10-14 12:05 - 002831872 _____ (wxWidgets development team) [File not signed] C:\Users\wow\AppData\Local\Temp\_MEI15842\wxbase30u_vc90_x64.dll
2020-10-14 12:05 - 2020-10-14 12:05 - 001654784 _____ (wxWidgets development team) [File not signed] C:\Users\wow\AppData\Local\Temp\_MEI15842\wxmsw30u_adv_vc90_x64.dll
2020-10-14 12:05 - 2020-10-14 12:05 - 006542336 _____ (wxWidgets development team) [File not signed] C:\Users\wow\AppData\Local\Temp\_MEI15842\wxmsw30u_core_vc90_x64.dll
2020-10-14 12:05 - 2020-10-14 12:05 - 000773632 _____ (wxWidgets development team) [File not signed] C:\Users\wow\AppData\Local\Temp\_MEI15842\wxmsw30u_html_vc90_x64.dll
2020-10-14 12:05 - 2020-10-14 12:05 - 000137216 _____ (wxWidgets development team) [File not signed] C:\Users\wow\AppData\Local\Temp\_MEI15842\wxmsw30u_webview_vc90_x64.dll

==================== Alternate Data Streams (Whitelisted) ========

==================== Safe Mode (Whitelisted) ==================

(If an entry is included in the fixlist, it will be removed from the registry. The "AlternateShell" will be restored.)

HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\MBAMService => ""="Service"
HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Network\MBAMService => ""="Service"

==================== Association (Whitelisted) =================

==================== Internet Explorer (Whitelisted) ==========

BHO-x32: Groove GFS Browser Helper -> {72853161-30C5-4D22-B7F9-0BBC1D38A37E} -> C:\Program Files (x86)\Microsoft Office\Office12\GrooveShellExtensions.dll [2009-02-26] (Microsoft Corporation -> Microsoft Corporation)

==================== Hosts content: =========================

(If needed Hosts: directive could be included in the fixlist to reset Hosts.)

2015-07-10 13:04 - 2019-12-16 12:26 - 000000027 _____ C:\WINDOWS\system32\drivers\etc\hosts
127.0.0.1 localhost

==================== Other Areas ===========================

(Currently there is no automatic fix for this section.)

HKLM\System\CurrentControlSet\Control\Session Manager\Environment\\Path -> C:\Program Files (x86)\Intel\iCLS Client\;C:\Program Files\Intel\iCLS Client\;%SystemRoot%\system32;%SystemRoot%;%SystemRoot%\System32\Wbem;%SYSTEMROOT%\System32\WindowsPowerShell\v1.0\;C:\Program Files (x86)\Common Files\lenovo\easyplussdk\bin;C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\DAL;C:\Program Files\Intel\Intel(R) Management Engine Components\DAL;C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\IPT;C:\Program Files\Intel\Intel(R) Management Engine Components\IPT;C:\Program Files\Calibre2\;%SYSTEMROOT%\System32\OpenSSH\
HKU\S-1-5-21-3829197068-2955107618-1151059083-1001\Control Panel\Desktop\\Wallpaper -> D:\Fotky\IMG_20200521_123756.jpg
DNS Servers: 10.0.0.138
HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Policies\System => (ConsentPromptBehaviorAdmin: 5) (ConsentPromptBehaviorUser: 3) (EnableLUA: 1)
HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer => (SmartScreenEnabled: RequireAdmin)
Windows Firewall is enabled.

==================== MSCONFIG/TASK MANAGER disabled items ==

(If an entry is included in the fixlist, it will be removed.)

HKLM\...\StartupApproved\Run: => "SecurityHealth"
HKLM\...\StartupApproved\Run: => "WindowsDefender"
HKLM\...\StartupApproved\Run: => "snpstd3"
HKLM\...\StartupApproved\Run: => "UMonit"
HKLM\...\StartupApproved\Run: => "Skd8821"
HKLM\...\StartupApproved\Run: => "AdobeGCInvoker-1.0"
HKLM\...\StartupApproved\Run32: => "GrooveMonitor"
HKLM\...\StartupApproved\Run32: => "SecurityHealth"
HKLM\...\StartupApproved\Run32: => "snpstd3"
HKLM\...\StartupApproved\Run32: => "UMonit"
HKLM\...\StartupApproved\Run32: => "WindowsDefender"
HKLM\...\StartupApproved\Run32: => "AdobeGCInvoker-1.0"
HKLM\...\StartupApproved\Run32: => "MagicPlusHelper"
HKU\S-1-5-21-3829197068-2955107618-1151059083-1001\...\StartupApproved\Run: => "OneDrive"
HKU\S-1-5-21-3829197068-2955107618-1151059083-1001\...\StartupApproved\Run: => "Zoner Photo Studio Autoupdate"
HKU\S-1-5-21-3829197068-2955107618-1151059083-1001\...\StartupApproved\Run: => "AvastBrowserAutoLaunch_6F12923EB02AD11E91B5AF5FC2A0240C"
HKU\S-1-5-21-3829197068-2955107618-1151059083-1001\...\StartupApproved\Run: => "CCleaner Smart Cleaning"

==================== FirewallRules (Whitelisted) ================

(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)

FirewallRules: [UDP Query User{C0711B30-D3EA-4386-9F51-4CEF39293F80}C:\program files\mozilla firefox\firefox.exe] => (Block) C:\program files\mozilla firefox\firefox.exe (Mozilla Corporation -> Mozilla Corporation)
FirewallRules: [TCP Query User{B4817637-7AF7-4747-BBA9-5A2D8BEBFF1F}C:\program files\mozilla firefox\firefox.exe] => (Block) C:\program files\mozilla firefox\firefox.exe (Mozilla Corporation -> Mozilla Corporation)
FirewallRules: [{44FBBCFC-AF47-4FD2-BDAB-6DF495E8236B}] => (Allow) C:\Program Files\Zoner\Photo Studio 17\Program32\MediaServer.exe (ZONER software, a.s. -> ZONER software)
FirewallRules: [UDP Query User{3E0DABE0-9F24-4D78-BA70-F1078169061C}C:\users\wow\appdata\roaming\bittorrent\bittorrent.exe] => (Block) C:\users\wow\appdata\roaming\bittorrent\bittorrent.exe (BitTorrent Inc -> BitTorrent Inc.)
FirewallRules: [TCP Query User{C67B52E9-E180-4A22-BC5B-D16E824E4486}C:\users\wow\appdata\roaming\bittorrent\bittorrent.exe] => (Block) C:\users\wow\appdata\roaming\bittorrent\bittorrent.exe (BitTorrent Inc -> BitTorrent Inc.)
FirewallRules: [{6E18ACE4-A7AB-4F16-99DC-EB75BEE3C474}] => (Allow) C:\Program Files\Mozilla Firefox\firefox.exe (Mozilla Corporation -> Mozilla Corporation)
FirewallRules: [{D826F392-DEBE-4E4D-BD2D-26A5FBD338C3}] => (Allow) C:\Program Files\Mozilla Firefox\firefox.exe (Mozilla Corporation -> Mozilla Corporation)
FirewallRules: [TCP Query User{51E6F166-45BF-4E73-B198-17F6D2E3E5C6}C:\users\wow\appdata\roaming\bittorrent\bittorrent.exe] => (Allow) C:\users\wow\appdata\roaming\bittorrent\bittorrent.exe (BitTorrent Inc -> BitTorrent Inc.)
FirewallRules: [UDP Query User{B43F2FAB-D3EB-4A22-A0EF-223F46811C43}C:\users\wow\appdata\roaming\bittorrent\bittorrent.exe] => (Allow) C:\users\wow\appdata\roaming\bittorrent\bittorrent.exe (BitTorrent Inc -> BitTorrent Inc.)
FirewallRules: [{4CA95690-EFB8-4BBF-91C0-1DFF79901928}] => (Allow) C:\Program Files\CCleaner\CCUpdate.exe (Piriform Software Ltd -> Piriform Software Ltd)
FirewallRules: [{7C89660B-0081-43D1-B52A-5848B3CF00A6}] => (Allow) C:\Program Files\CCleaner\CCUpdate.exe (Piriform Software Ltd -> Piriform Software Ltd)
FirewallRules: [{BA9B3BA2-B930-4FBC-A7DD-460C77B1F820}] => (Allow) C:\Program Files (x86)\AVAST Software\Browser\Application\AvastBrowser.exe (Avast Software s.r.o. -> AVAST Software)
FirewallRules: [{0FC65B2B-5529-4994-B28C-2A5E15C79F74}] => (Allow) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe (Google LLC -> Google LLC)

==================== Restore Points =========================

12-09-2020 10:09:02 Windows Modules Installer
07-10-2020 11:17:56 Scheduled Checkpoint

==================== Faulty Device Manager Devices ============


==================== Event log errors: ========================

Application errors:
==================
Error: (10/10/2020 10:49:19 AM) (Source: Application Hang) (EventID: 1002) (User: )
Description: Program ChessProgram12.exe verze 12.0.0.7 přestal spolupracovat s Windows a byl ukončen. Pokud chcete zjistit, jestli je k dispozici více informací o tomto problému, vyhledejte historii problému na ovládacím panelu Zabezpečení a údržba.

ID procesu: 2460

Čas spuštění: 01d69ee154d2aa30

Čas ukončení: 4294967295

Cesta k aplikaci: C:\Program Files (x86)\ChessBase\ChessProgram12\ChessProgram12.exe

ID hlášení: 52742780-e05b-47d1-bcfa-a6b0e82e2f27

Úplný název balíčku s chybou:

ID aplikace relativní podle balíčku s chybou:

Typ zablokování: Top level window is idle

Error: (10/09/2020 07:23:48 PM) (Source: Application Error) (EventID: 1000) (User: )
Description: Název chybující aplikace: FreemakeUtilsService.exe, verze: 1.0.0.0, časové razítko: 0x5f742b96
Název chybujícího modulu: KERNELBASE.dll, verze: 10.0.19041.488, časové razítko: 0x42f14898
Kód výjimky: 0xe0434352
Posun chyby: 0x00129962
ID chybujícího procesu: 0x468
Čas spuštění chybující aplikace: 0x01d69e60f1175c58
Cesta k chybující aplikaci: C:\ProgramData\Freemake\FreemakeUtilsService\FreemakeUtilsService.exe
Cesta k chybujícímu modulu: C:\WINDOWS\System32\KERNELBASE.dll
ID zprávy: 72912162-191d-49d1-87e9-5aa43e5f53d8
Úplný název chybujícího balíčku:
ID aplikace související s chybujícím balíčkem:

Error: (10/09/2020 07:23:45 PM) (Source: .NET Runtime) (EventID: 1026) (User: )
Description: Application: FreemakeUtilsService.exe
Framework Version: v4.0.30319
Description: The process was terminated due to an unhandled exception.
Exception Info: System.IO.FileNotFoundException
at FreemakeUtilsService.Program.Main(System.String[])

Error: (10/08/2020 09:44:30 PM) (Source: Application Hang) (EventID: 1002) (User: )
Description: Program HappyFoto-Designer.exe verze 5.6.13.0 přestal spolupracovat s Windows a byl ukončen. Pokud chcete zjistit, jestli je k dispozici více informací o tomto problému, vyhledejte historii problému na ovládacím panelu Zabezpečení a údržba.

ID procesu: 2ecc

Čas spuštění: 01d69dab2884895b

Čas ukončení: 97

Cesta k aplikaci: C:\Program Files (x86)\HappyFoto DESIGNER\HappyFoto-Designer.exe

ID hlášení: f4e2cc6a-f8de-4de4-8bcc-9d0170a06bd5

Úplný název balíčku s chybou:

ID aplikace relativní podle balíčku s chybou:

Typ zablokování: Unknown

Error: (10/05/2020 12:46:58 PM) (Source: Microsoft-Windows-Defrag) (EventID: 264) (User: )
Description: Optimalizátor úložiště nemohl dokončit retrim na Back (D:), protože: The operation requested is not supported by the hardware backing the volume. (0x8900002A)

Error: (09/26/2020 04:37:20 PM) (Source: Application Hang) (EventID: 1002) (User: )
Description: Program HappyFoto-Designer.exe verze 5.6.13.0 přestal spolupracovat s Windows a byl ukončen. Pokud chcete zjistit, jestli je k dispozici více informací o tomto problému, vyhledejte historii problému na ovládacím panelu Zabezpečení a údržba.

ID procesu: 227c

Čas spuštění: 01d6941263e71151

Čas ukončení: 4294967295

Cesta k aplikaci: C:\Program Files (x86)\HappyFoto DESIGNER\HappyFoto-Designer.exe

ID hlášení: 1370020e-5e4f-4c14-be40-c1c7d2c72834

Úplný název balíčku s chybou:

ID aplikace relativní podle balíčku s chybou:

Typ zablokování: Top level window is idle

Error: (09/26/2020 04:36:04 PM) (Source: Application Hang) (EventID: 1002) (User: )
Description: Program HappyFoto-Designer.exe verze 5.6.13.0 přestal spolupracovat s Windows a byl ukončen. Pokud chcete zjistit, jestli je k dispozici více informací o tomto problému, vyhledejte historii problému na ovládacím panelu Zabezpečení a údržba.

ID procesu: 21e8

Čas spuštění: 01d69411f0dccda3

Čas ukončení: 4294967295

Cesta k aplikaci: C:\Program Files (x86)\HappyFoto DESIGNER\HappyFoto-Designer.exe

ID hlášení: 2e08f9d4-cb12-487a-b4b4-f2f6ee41d875

Úplný název balíčku s chybou:

ID aplikace relativní podle balíčku s chybou:

Typ zablokování: Top level window is idle

Error: (09/25/2020 04:32:32 PM) (Source: Application Error) (EventID: 1000) (User: )
Description: Název chybující aplikace: HappyFoto-Designer.exe, verze: 5.6.13.0, časové razítko: 0x5c868191
Název chybujícího modulu: unknown, verze: 0.0.0.0, časové razítko: 0x00000000
Kód výjimky: 0x00000000
Posun chyby: 0x00000000
ID chybujícího procesu: 0x2a0c
Čas spuštění chybující aplikace: 0x01d6934897962eeb
Cesta k chybující aplikaci: C:\Program Files (x86)\HappyFoto DESIGNER\HappyFoto-Designer.exe
Cesta k chybujícímu modulu: unknown
ID zprávy: 1d1c49d0-7967-4e70-8a83-68e049016f0a
Úplný název chybujícího balíčku:
ID aplikace související s chybujícím balíčkem:


System errors:
=============
Error: (10/13/2020 01:02:27 PM) (Source: DCOM) (EventID: 10010) (User: DESKTOP-89RL4UG)
Description: Server Microsoft.MicrosoftOfficeHub_18.2008.12711.0_x64__8wekyb3d8bbwe!Microsoft.MicrosoftOfficeHub.AppXt4mh7c9swwc5cmd5jgmtmwcfmvkddpn1.mca se v daném časovém limitu neregistroval u služby DCOM.

Error: (10/11/2020 10:41:49 AM) (Source: DCOM) (EventID: 10010) (User: DESKTOP-89RL4UG)
Description: Server {5F7F3F7B-1177-4D4B-B1DB-BC6F671B8F25} se v daném časovém limitu neregistroval u služby DCOM.

Error: (10/10/2020 10:40:02 AM) (Source: Service Control Manager) (EventID: 7034) (User: )
Description: Služba Intel(R) Management and Security Application Local Management Service byla neočekávaně ukončena. Tento stav nastal již 1krát.

Error: (10/10/2020 10:19:48 AM) (Source: Tcpip) (EventID: 4199) (User: )
Description: Systém zjistil konflikt IP adresy 10.0.0.1 se systémem,
jehož síťová hardwarová adresa je 48-88-CA-F9-24-36. Síťové operace v systému mohou
být přerušeny.

Error: (10/09/2020 07:23:50 PM) (Source: Service Control Manager) (EventID: 7000) (User: )
Description: Služba Freemake Improver neuspěla při spuštění v důsledku následující chyby:
Služba neodpověděla na řídicí nebo zahajovací požadavek dostatečně včas.

Error: (10/09/2020 07:23:50 PM) (Source: Service Control Manager) (EventID: 7009) (User: )
Description: Při čekání na připojení služby Freemake Improver bylo dosaženo časového limitu (30000 ms).

Error: (10/07/2020 01:17:31 PM) (Source: DCOM) (EventID: 10010) (User: DESKTOP-89RL4UG)
Description: Server {5F7F3F7B-1177-4D4B-B1DB-BC6F671B8F25} se v daném časovém limitu neregistroval u služby DCOM.

Error: (10/06/2020 11:50:02 AM) (Source: DCOM) (EventID: 10010) (User: DESKTOP-89RL4UG)
Description: Server {5F7F3F7B-1177-4D4B-B1DB-BC6F671B8F25} se v daném časovém limitu neregistroval u služby DCOM.


CodeIntegrity:
===================================

Date: 2020-10-14 12:18:42.5540000Z
Description:
Code Integrity determined that a process (\Device\HarddiskVolume3\Program Files (x86)\AVAST Software\Browser\Application\AvastBrowser.exe) attempted to load \Device\HarddiskVolume3\Program Files\AVAST Software\Avast\x86\aswhook.dll that did not meet the Microsoft signing level requirements.

Date: 2020-10-14 12:18:30.0810000Z
Description:
Code Integrity determined that a process (\Device\HarddiskVolume3\Program Files (x86)\AVAST Software\Browser\Application\AvastBrowser.exe) attempted to load \Device\HarddiskVolume3\Program Files\AVAST Software\Avast\x86\aswhook.dll that did not meet the Microsoft signing level requirements.

Date: 2020-10-14 12:18:30.0190000Z
Description:
Code Integrity determined that a process (\Device\HarddiskVolume3\Program Files (x86)\AVAST Software\Browser\Application\AvastBrowser.exe) attempted to load \Device\HarddiskVolume3\Program Files\AVAST Software\Avast\x86\aswhook.dll that did not meet the Microsoft signing level requirements.

Date: 2020-10-14 12:18:27.8340000Z
Description:
Code Integrity determined that a process (\Device\HarddiskVolume3\Program Files (x86)\AVAST Software\Browser\Application\AvastBrowser.exe) attempted to load \Device\HarddiskVolume3\Program Files\AVAST Software\Avast\x86\aswhook.dll that did not meet the Microsoft signing level requirements.

Date: 2020-10-14 12:18:22.3070000Z
Description:
Code Integrity determined that a process (\Device\HarddiskVolume3\Program Files (x86)\AVAST Software\Browser\Application\AvastBrowser.exe) attempted to load \Device\HarddiskVolume3\Program Files\AVAST Software\Avast\x86\aswhook.dll that did not meet the Microsoft signing level requirements.

Date: 2020-10-14 12:18:22.0290000Z
Description:
Code Integrity determined that a process (\Device\HarddiskVolume3\Program Files (x86)\AVAST Software\Browser\Application\AvastBrowser.exe) attempted to load \Device\HarddiskVolume3\Program Files\AVAST Software\Avast\x86\aswhook.dll that did not meet the Microsoft signing level requirements.

Date: 2020-10-14 12:18:17.4410000Z
Description:
Code Integrity determined that a process (\Device\HarddiskVolume3\Program Files (x86)\AVAST Software\Browser\Application\AvastBrowser.exe) attempted to load \Device\HarddiskVolume3\Program Files\AVAST Software\Avast\x86\aswhook.dll that did not meet the Microsoft signing level requirements.

Date: 2020-10-14 12:18:10.2630000Z
Description:
Code Integrity determined that a process (\Device\HarddiskVolume3\Program Files (x86)\AVAST Software\Browser\Application\AvastBrowser.exe) attempted to load \Device\HarddiskVolume3\Program Files\AVAST Software\Avast\x86\aswhook.dll that did not meet the Microsoft signing level requirements.

==================== Memory info ===========================

BIOS: LENOVO M0KKT17A 08/20/2015
Motherboard: LENOVO SHARKBAY
Processor: Intel(R) Pentium(R) CPU G3260 @ 3.30GHz
Percentage of memory in use: 80%
Total physical RAM: 4005.27 MB
Available physical RAM: 770.36 MB
Total Virtual: 8870.62 MB
Available Virtual: 3355.48 MB

==================== Drives ================================

Drive c: (Windows) (Fixed) (Total:411.39 GB) (Free:336.63 GB) NTFS ==>[system with boot components (obtained from drive)]
Drive d: (Back) (Fixed) (Total:488.28 GB) (Free:410.09 GB) NTFS
Drive l: (KINGSTON) (Removable) (Total:28.85 GB) (Free:26.35 GB) FAT32

\\?\Volume{5c54ca0b-3d03-42ee-bf86-f01bfb318e30}\ (WinRE_DRV) (Fixed) (Total:0.98 GB) (Free:0.52 GB) NTFS
\\?\Volume{5e2dc3bb-2067-4d79-81ea-aa2a9ec717e1}\ (LENOVO_PART) (Fixed) (Total:30 GB) (Free:17.25 GB) NTFS
\\?\Volume{d4fd223c-2cf9-4313-a8e0-2b06e7cec4a5}\ (SYSTEM) (Fixed) (Total:0.25 GB) (Free:0.22 GB) FAT32

==================== MBR & Partition Table ====================

==========================================================
Disk: 0 (Size: 931.5 GB) (Disk ID: E7B780F0)

Partition: GPT.

==========================================================
Disk: 1 (MBR Code: Windows XP) (Size: 28.9 GB) (Disk ID: 77E40D7F)
Partition 1: (Active) - (Size=28.9 GB) - (Type=0C)

==================== End of Addition.txt =======================

Uživatelský avatar
Diallix
Rádce
Rádce
Příspěvky: 2760
Registrován: 27 dub 2008 10:34
Kontaktovat uživatele:

Re: Kontrolu logu, prosím - zdlouhavé načítání

#2 Příspěvek od Diallix »

Dobry den.

:arrow: Stiahnite si na plochu nastroj AdwCleaner, link. na stiahnutie tu: https://toolslib.net/downloads/finish/1/
Pred spustenim nastroja povypinajte vsetke beziace okna programov, to su vsetke beziace programy pod desktopom.
Kliknite pravym tlacidlom mysi na program -> spustit ako Administrator.
Pokracujte kliknutim na tlacidlo Prehladaj teraz (Scan now) a pockajte, kym sa system doskenuje.
Po skene nechajte oznacene vsetky chlieviky, pripadne najdene hrozieby a pokracujte v dolnom pravom rohu tlacidlom Vycistit Teraz (Clean and Repair).
Po restartovani PC sa spusti nastroj AdwCleaner, kliknite na Zobrazit soubor protokolu.
Spusti sa log, jeho obsah skopirujte sem.
Vyšla moja nová kniha BOTNETY! :173: Informácie o nej nájdete tu: >> BOTNETY <<

¯­­­¯­­­¯­­­¯­­­¯­­­¯­­­¯­­­¯­­­¯­­­¯­­­¯­­­¯­­­¯­­­¯­­­¯­­­¯­­­¯­­­¯­­­¯­­­¯­­­¯­­­¯­­­¯­­­¯­­­¯­­­¯­­­¯­­­¯­­­¯­­­¯­­­¯­­­¯­­­¯­­­¯­­­¯­­­¯­­­¯­­­¯­­­¯­­­¯­­­¯­­­¯­­­¯­­­¯­­­¯­­­¯­­­¯­­­¯­­­¯­­­¯­­­¯­­­¯­­­¯­­­¯­­­¯­­­¯­­­¯­­­¯­­­¯­­­¯­­­¯­­­¯­­­¯­­­¯­­­¯­­­¯­­­¯­­­¯­­­¯­­­¯­­­¯­­­¯­­­¯­­­¯­­­¯­­­¯­­­¯­­­¯­­­¯­­­¯­­­¯­­­¯­­­¯­­­¯­­­¯­­­¯­­­¯­­­¯­­­¯­­­¯­­­¯­­­¯­­­¯­­­¯­­­¯­­­¯­­­¯­­­¯­­­¯­­­¯­­­¯­­­¯­­­¯­­­¯­­­¯­­­¯­­­¯­­­¯­­­¯­­­¯­­­¯­­­¯­­­¯­­­¯­­­¯­­­¯­­­¯­­­¯­­­¯­­­¯­­­¯­­­¯­­­¯­­­¯­­­¯­­­¯­­­¯­­­¯­­­¯­­­¯­­­¯­­­¯­­­¯­­­¯­­­¯­­­¯­­­¯­­­¯­­­¯­­­¯­­­¯­­­
---
Obrázek Hľadáme nové posily do nášej CyberSecurity UNIT jednotky. Viac informácií o tom, čo to obnáša a ako sa pripojiť nájdete tu: >> CyberSecurity UNIT << Obrázek
----
Nízkoúrovňový, Vysokoúrovňový programátor - profilová karta tu: card <<
----
Háveťárna - UPLOAD Malwaru: >> upload <<
---
Ak sa Vám ľúbi moja práca a ste sňou spokojný, môžete ma kontaktovať na: diallix@centrum.sk, info@diallix.net alebo diallix@forum.viry.cz .
---
Momentálne aktívny ako:
- konzultant, vývojár a tutor výskumu inteligentného malwaru.
- tutor v oblasti dotazovacích jazykoch SQL (TSQL, PLSQL), objektového programovania (c++,c#,php) pre študentov.

Na fóre pôsobím ako:
- Bezpečnostná autorita viry.cz
- Zástupca tutora pre vzdelávanie nováčikov
- Zakladateľ Cyber Security jednotky

mlzd
Návštěvník
Návštěvník
Příspěvky: 114
Registrován: 02 led 2005 00:36
Bydliště: VDF

Re: Kontrolu logu, prosím - zdlouhavé načítání

#3 Příspěvek od mlzd »

# -------------------------------
# Malwarebytes AdwCleaner 8.0.8.0
# -------------------------------
# Build: 10-08-2020
# Database: 2020-09-29.1 (Cloud)
# Support: https://www.malwarebytes.com/support
#
# -------------------------------
# Mode: Clean
# -------------------------------
# Start: 10-15-2020
# Duration: 00:00:08
# OS: Windows 10 Home
# Cleaned: 6
# Failed: 0


***** [ Services ] *****

No malicious services cleaned.

***** [ Folders ] *****

Deleted C:\Program Files (x86)\Seznam.cz
Deleted C:\Users\wow\AppData\Roaming\Seznam.cz

***** [ Files ] *****

No malicious files cleaned.

***** [ DLL ] *****

No malicious DLLs cleaned.

***** [ WMI ] *****

No malicious WMI cleaned.

***** [ Shortcuts ] *****

No malicious shortcuts cleaned.

***** [ Tasks ] *****

No malicious tasks cleaned.

***** [ Registry ] *****

Deleted HKCU\Software\Microsoft\Windows\CurrentVersion\Explorer\StartupApproved\Run|cz.seznam.software.autoupdate
Deleted HKCU\Software\Microsoft\Windows\CurrentVersion\Explorer\StartupApproved\Run|cz.seznam.software.szndesktop
Deleted HKCU\Software\Seznam.cz
Deleted HKLM\Software\Microsoft\Windows\CurrentVersion\Explorer\StartupApproved\Run32|seznam-listicka-distribuce

***** [ Chromium (and derivatives) ] *****

No malicious Chromium entries cleaned.

***** [ Chromium URLs ] *****

No malicious Chromium URLs cleaned.

***** [ Firefox (and derivatives) ] *****

No malicious Firefox entries cleaned.

***** [ Firefox URLs ] *****

No malicious Firefox URLs cleaned.

***** [ Hosts File Entries ] *****

No malicious hosts file entries cleaned.

***** [ Preinstalled Software ] *****

No Preinstalled Software cleaned.


*************************

[+] Delete Tracing Keys
[+] Reset Winsock

*************************

AdwCleaner[S00].txt - [1950 octets] - [15/10/2020 11:56:14]

########## EOF - C:\AdwCleaner\Logs\AdwCleaner[C00].txt ##########

Uživatelský avatar
Diallix
Rádce
Rádce
Příspěvky: 2760
Registrován: 27 dub 2008 10:34
Kontaktovat uživatele:

Re: Kontrolu logu, prosím - zdlouhavé načítání

#4 Příspěvek od Diallix »

Poprosim o nove logy FRST + ADDITION.
Vyšla moja nová kniha BOTNETY! :173: Informácie o nej nájdete tu: >> BOTNETY <<

¯­­­¯­­­¯­­­¯­­­¯­­­¯­­­¯­­­¯­­­¯­­­¯­­­¯­­­¯­­­¯­­­¯­­­¯­­­¯­­­¯­­­¯­­­¯­­­¯­­­¯­­­¯­­­¯­­­¯­­­¯­­­¯­­­¯­­­¯­­­¯­­­¯­­­¯­­­¯­­­¯­­­¯­­­¯­­­¯­­­¯­­­¯­­­¯­­­¯­­­¯­­­¯­­­¯­­­¯­­­¯­­­¯­­­¯­­­¯­­­¯­­­¯­­­¯­­­¯­­­¯­­­¯­­­¯­­­¯­­­¯­­­¯­­­¯­­­¯­­­¯­­­¯­­­¯­­­¯­­­¯­­­¯­­­¯­­­¯­­­¯­­­¯­­­¯­­­¯­­­¯­­­¯­­­¯­­­¯­­­¯­­­¯­­­¯­­­¯­­­¯­­­¯­­­¯­­­¯­­­¯­­­¯­­­¯­­­¯­­­¯­­­¯­­­¯­­­¯­­­¯­­­¯­­­¯­­­¯­­­¯­­­¯­­­¯­­­¯­­­¯­­­¯­­­¯­­­¯­­­¯­­­¯­­­¯­­­¯­­­¯­­­¯­­­¯­­­¯­­­¯­­­¯­­­¯­­­¯­­­¯­­­¯­­­¯­­­¯­­­¯­­­¯­­­¯­­­¯­­­¯­­­¯­­­¯­­­¯­­­¯­­­¯­­­¯­­­¯­­­¯­­­¯­­­¯­­­¯­­­¯­­­¯­­­¯­­­¯­­­¯­­­
---
Obrázek Hľadáme nové posily do nášej CyberSecurity UNIT jednotky. Viac informácií o tom, čo to obnáša a ako sa pripojiť nájdete tu: >> CyberSecurity UNIT << Obrázek
----
Nízkoúrovňový, Vysokoúrovňový programátor - profilová karta tu: card <<
----
Háveťárna - UPLOAD Malwaru: >> upload <<
---
Ak sa Vám ľúbi moja práca a ste sňou spokojný, môžete ma kontaktovať na: diallix@centrum.sk, info@diallix.net alebo diallix@forum.viry.cz .
---
Momentálne aktívny ako:
- konzultant, vývojár a tutor výskumu inteligentného malwaru.
- tutor v oblasti dotazovacích jazykoch SQL (TSQL, PLSQL), objektového programovania (c++,c#,php) pre študentov.

Na fóre pôsobím ako:
- Bezpečnostná autorita viry.cz
- Zástupca tutora pre vzdelávanie nováčikov
- Zakladateľ Cyber Security jednotky

mlzd
Návštěvník
Návštěvník
Příspěvky: 114
Registrován: 02 led 2005 00:36
Bydliště: VDF

Re: Kontrolu logu, prosím - zdlouhavé načítání

#5 Příspěvek od mlzd »

==================== Internet (Whitelisted) ====================

(If an item is included in the fixlist, if it is a registry item it will be removed or restored to default.)

Tcpip\Parameters: [DhcpNameServer] 10.0.0.138
Tcpip\..\Interfaces\{39597aef-b25c-4b33-9f95-6ddc1c9a2f2a}: [DhcpNameServer] 10.0.0.138

Edge:
======
Edge Profile: C:\Users\wow\AppData\Local\Microsoft\Edge\User Data\Default [2020-10-14]
Edge StartupUrls: Default -> "hxxps://www.chess.com/club/czechoslovakia-team"

FireFox:
========
FF DefaultProfile: sex1ek5a.default
FF ProfilePath: C:\Users\wow\AppData\Roaming\Mozilla\Firefox\Profiles\sex1ek5a.default [2020-10-15]
FF Homepage: Mozilla\Firefox\Profiles\sex1ek5a.default -> hxxps://www.seznam.cz/
FF Extension: (No Name) - C:\Users\wow\AppData\Roaming\Mozilla\Firefox\Profiles\sex1ek5a.default\extensions\{ea614400-e918-4741-9a97-7a972ff7c30b} [not found]
FF ProfilePath: C:\Users\wow\AppData\Roaming\KompoZer\Profiles\qhlhqfx9.default [2018-04-30]
FF Plugin: @adobe.com/FlashPlayer -> C:\WINDOWS\system32\Macromed\Flash\NPSWF64_32_0_0_433.dll [2020-09-12] (Adobe Inc. -> )
FF Plugin-x32: @adobe.com/FlashPlayer -> C:\WINDOWS\SysWOW64\Macromed\Flash\NPSWF32_32_0_0_433.dll [2020-09-12] (Adobe Inc. -> )
FF Plugin-x32: @intel-webapi.intel.com/Intel WebAPI ipt;version=4.0.68 -> C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\IPT\npIntelWebAPIIPT.dll [2015-04-21] (Intel(R) Identity Protection Technology Software -> Intel Corporation)
FF Plugin-x32: @intel-webapi.intel.com/Intel WebAPI updater -> C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\IPT\npIntelWebAPIUpdater.dll [2015-04-21] (Intel(R) Identity Protection Technology Software -> Intel Corporation)
FF Plugin-x32: @microsoft.com/WLPG,version=16.4.3528.0331 -> C:\Program Files (x86)\Windows Live\Photo Gallery\NPWLPG.dll [2014-03-31] (Microsoft Corporation -> Microsoft Corporation)
FF Plugin-x32: Adobe Reader -> C:\Program Files (x86)\Adobe\Acrobat Reader DC\Reader\AIR\nppdf32.dll [2020-09-11] (Adobe Inc. -> Adobe Systems Inc.)

Chrome:
=======
CHR Profile: C:\Users\wow\AppData\Local\Google\Chrome\User Data\Default [2020-10-14]
CHR Extension: (Slides) - C:\Users\wow\AppData\Local\Google\Chrome\User Data\Default\Extensions\aapocclcgogkmnckokdopfmhonfmgoek [2017-10-18]
CHR Extension: (Docs) - C:\Users\wow\AppData\Local\Google\Chrome\User Data\Default\Extensions\aohghmighlieiainnegkcijnfilokake [2017-10-18]
CHR Extension: (Google Drive) - C:\Users\wow\AppData\Local\Google\Chrome\User Data\Default\Extensions\apdfllckaahabafndbhieahigkjlhalf [2017-05-04]
CHR Extension: (YouTube) - C:\Users\wow\AppData\Local\Google\Chrome\User Data\Default\Extensions\blpcfgokakmgnkcojhhkbfbldkacnbeo [2017-05-04]
CHR Extension: (Sheets) - C:\Users\wow\AppData\Local\Google\Chrome\User Data\Default\Extensions\felcaaldnbdncclmgdcncolpebgiejap [2017-10-18]
CHR Extension: (Google Docs Offline) - C:\Users\wow\AppData\Local\Google\Chrome\User Data\Default\Extensions\ghbmnnjooekpmoecnnnilnnbdlolhkhi [2020-09-17]
CHR Extension: (Application Launcher for Drive (by Google)) - C:\Users\wow\AppData\Local\Google\Chrome\User Data\Default\Extensions\lmjegmlicamnimmfhcmpkclmigmmcbeh [2020-10-13]
CHR Extension: (Chrome Web Store Payments) - C:\Users\wow\AppData\Local\Google\Chrome\User Data\Default\Extensions\nmmhkkegccagdldgiimedpiccmgmieda [2019-10-05]
CHR Extension: (Gmail) - C:\Users\wow\AppData\Local\Google\Chrome\User Data\Default\Extensions\pjkljhegncpnkpknbcohdijeoejaedia [2019-05-01]
CHR Extension: (Chrome Media Router) - C:\Users\wow\AppData\Local\Google\Chrome\User Data\Default\Extensions\pkedcjkdefgpdelpbcmbmeomcjbeemfm [2020-10-09]
CHR HKU\S-1-5-21-3829197068-2955107618-1151059083-1001\SOFTWARE\Google\Chrome\Extensions\...\Chrome\Extension: [lmjegmlicamnimmfhcmpkclmigmmcbeh]
CHR HKLM-x32\...\Chrome\Extension: [eofcbnmajmjmplflapaojjnihcjkigck]

==================== Services (Whitelisted) ===================

(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)

R2 AdobeARMservice; C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\armsvc.exe [169544 2020-09-06] (Adobe Inc. -> Adobe Inc.)
S3 AdobeFlashPlayerUpdateSvc; C:\WINDOWS\SysWOW64\Macromed\Flash\FlashPlayerUpdateService.exe [335416 2020-09-12] (Adobe Inc. -> Adobe)
S2 AGMService; C:\Program Files (x86)\Common Files\Adobe\AdobeGCClient\AGMService.exe [3739728 2020-09-23] (Adobe Inc. -> Adobe Systems, Incorporated)
R2 AGSService; C:\Program Files (x86)\Common Files\Adobe\AdobeGCClient\AGSService.exe [3511376 2020-09-23] (Adobe Inc. -> Adobe Systems, Incorporated)
R3 aswbIDSAgent; C:\Program Files\AVAST Software\Avast\aswidsagent.exe [7824280 2020-09-22] (Avast Software s.r.o. -> AVAST Software)
S2 avast; C:\Program Files (x86)\AVAST Software\Browser\Update\AvastBrowserUpdate.exe [164984 2018-07-08] (AVAST Software s.r.o. -> AVAST Software)
R2 avast! Antivirus; C:\Program Files\AVAST Software\Avast\AvastSvc.exe [357848 2020-09-22] (Avast Software s.r.o. -> AVAST Software)
S3 avastm; C:\Program Files (x86)\AVAST Software\Browser\Update\AvastBrowserUpdate.exe [164984 2018-07-08] (AVAST Software s.r.o. -> AVAST Software)
S3 AvastSecureBrowserElevationService; C:\Program Files (x86)\AVAST Software\Browser\Application\85.0.5814.102\elevation_service.exe [1080640 2020-09-09] (Avast Software s.r.o. -> AVAST Software)
R2 AvastWscReporter; C:\Program Files\AVAST Software\Avast\wsc_proxy.exe [58048 2020-09-22] (Avast Software s.r.o. -> AVAST Software)
S2 Freemake Improver; C:\ProgramData\Freemake\FreemakeUtilsService\FreemakeUtilsService.exe [82216 2020-09-30] (Mixbyte Inc -> Freemake)
R3 Intel(R) Security Assist; C:\Program Files (x86)\Intel\Intel(R) Security Assist\isa.exe [335872 2015-05-19] (Intel Corporation) [File not signed]
S2 isaHelperSvc; C:\Program Files (x86)\Intel\Intel(R) Security Assist\isaHelperService.exe [7680 2015-05-19] () [File not signed]
S3 Lenovo EasyPlus Hotspot; C:\Program Files (x86)\Common Files\LENOVO\easyplussdk\bin\EPHotspot64.exe [619776 2015-01-15] (LENOVO -> Lenovo)
S3 MBAMService; C:\Program Files\Malwarebytes\Anti-Malware\MBAMService.exe [7185288 2020-10-13] (Malwarebytes Inc -> Malwarebytes)
R2 Sks8821; C:\Program Files\Lenovo\Lenovo Slim USB Keyboard\Sks8821.exe [137216 2010-05-04] () [File not signed]
S3 WdNisSvc; C:\ProgramData\Microsoft\Windows Defender\platform\4.18.1911.3-0\NisSrv.exe [3206472 2019-12-14] (Microsoft Windows Publisher -> Microsoft Corporation)
S3 WinDefend; C:\ProgramData\Microsoft\Windows Defender\platform\4.18.1911.3-0\MsMpEng.exe [103376 2019-12-14] (Microsoft Windows Publisher -> Microsoft Corporation)

===================== Drivers (Whitelisted) ===================

(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)

R0 aswArDisk; C:\WINDOWS\System32\drivers\aswArDisk.sys [37136 2020-09-22] (Avast Software s.r.o. -> AVAST Software)
R1 aswArPot; C:\WINDOWS\System32\drivers\aswArPot.sys [206392 2020-09-22] (Avast Software s.r.o. -> AVAST Software)
R1 aswbidsdriver; C:\WINDOWS\System32\drivers\aswbidsdriver.sys [235584 2020-09-22] (Avast Software s.r.o. -> AVAST Software)
R0 aswbidsh; C:\WINDOWS\System32\drivers\aswbidsh.sys [195648 2020-09-22] (Avast Software s.r.o. -> AVAST Software)
R0 aswbuniv; C:\WINDOWS\System32\drivers\aswbuniv.sys [60480 2020-09-22] (Avast Software s.r.o. -> AVAST Software)
R0 aswElam; C:\WINDOWS\System32\drivers\aswElam.sys [16824 2020-07-21] (Microsoft Windows Early Launch Anti-malware Publisher -> AVAST Software)
R1 aswKbd; C:\WINDOWS\System32\drivers\aswKbd.sys [42768 2020-09-22] (Avast Software s.r.o. -> AVAST Software)
R2 aswMonFlt; C:\WINDOWS\System32\drivers\aswMonFlt.sys [175192 2020-09-22] (Avast Software s.r.o. -> AVAST Software)
R1 aswNetHub; C:\WINDOWS\System32\drivers\aswNetHub.sys [517592 2020-09-24] (Avast Software s.r.o. -> AVAST Software)
R1 aswRdr; C:\WINDOWS\System32\drivers\aswRdr2.sys [109272 2020-09-22] (Avast Software s.r.o. -> AVAST Software)
R0 AswRvrt; C:\WINDOWS\System32\drivers\aswRvrt.sys [84848 2020-09-22] (Avast Software s.r.o. -> AVAST Software)
R1 aswSnx; C:\WINDOWS\System32\drivers\aswSnx.sys [851600 2020-09-22] (Avast Software s.r.o. -> AVAST Software)
R1 aswSP; C:\WINDOWS\System32\drivers\aswSP.sys [469880 2020-09-22] (Avast Software s.r.o. -> AVAST Software)
R2 aswStm; C:\WINDOWS\System32\drivers\aswStm.sys [217328 2020-09-22] (Avast Software s.r.o. -> AVAST Software)
R0 aswVmm; C:\WINDOWS\System32\drivers\aswVmm.sys [326408 2020-09-22] (Avast Software s.r.o. -> AVAST Software)
S3 BthA2dp; C:\WINDOWS\System32\drivers\BthA2dp.sys [279040 2019-12-07] (Microsoft Corporation) [File not signed]
R3 GeneStor; C:\WINDOWS\system32\DRIVERS\GeneStor.sys [115704 2015-07-15] (GENESYS LOGIC, INC. -> GenesysLogic)
S0 MbamElam; C:\WINDOWS\System32\DRIVERS\MbamElam.sys [19912 2020-10-13] (Microsoft Windows Early Launch Anti-malware Publisher -> Malwarebytes)
S3 MBAMSwissArmy; C:\WINDOWS\System32\Drivers\mbamswissarmy.sys [248968 2020-10-13] (Malwarebytes Inc -> Malwarebytes)
S3 WdBoot; C:\WINDOWS\system32\drivers\wd\WdBoot.sys [45664 2019-12-14] (Microsoft Windows Early Launch Anti-malware Publisher -> Microsoft Corporation)
S3 WDC_SAM; C:\WINDOWS\System32\drivers\wdcsam64.sys [26880 2017-05-04] (WDKTestCert wdclab,130885612892544312 -> Western Digital Technologies, Inc.)
S3 WdFilter; C:\WINDOWS\system32\drivers\wd\WdFilter.sys [355760 2019-12-14] (Microsoft Windows -> Microsoft Corporation)
S3 WdNisDrv; C:\WINDOWS\System32\drivers\wd\WdNisDrv.sys [54192 2019-12-14] (Microsoft Windows -> Microsoft Corporation)
S3 wsvd; C:\WINDOWS\system32\DRIVERS\wsvd.sys [102376 2012-06-14] (CyberLink -> "CyberLink)

==================== NetSvcs (Whitelisted) ===================

(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)


==================== One month (created) ===================

(If an entry is included in the fixlist, the file/folder will be moved.)

2020-10-15 13:06 - 2020-10-15 13:07 - 000010061 _____ C:\Users\wow\Desktop\FRST.txt
2020-10-15 13:05 - 2020-10-15 13:05 - 000000000 ____D C:\Users\wow\Desktop\FRST-OlderVersion
2020-10-15 11:55 - 2020-10-15 11:56 - 000000000 ____D C:\AdwCleaner
2020-10-15 11:53 - 2020-10-15 11:53 - 008447152 _____ (Malwarebytes) C:\Users\wow\Desktop\adwcleaner_8.0.8.exe
2020-10-14 14:13 - 2020-10-14 14:13 - 000000000 ____D C:\WINDOWS\system32\Tasks\Mozilla
2020-10-14 12:47 - 2020-10-15 13:06 - 000000000 ____D C:\FRST
2020-10-14 12:46 - 2020-10-15 13:05 - 002299904 _____ (Farbar) C:\Users\wow\Desktop\FRST64.exe
2020-10-14 12:11 - 2020-10-15 11:58 - 000000000 ____D C:\Program Files\Mozilla Firefox
2020-10-13 23:51 - 2020-10-13 23:51 - 000248968 _____ (Malwarebytes) C:\WINDOWS\system32\Drivers\mbamswissarmy.sys
2020-10-13 23:51 - 2020-10-13 23:51 - 000002040 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Malwarebytes.lnk
2020-10-13 23:51 - 2020-10-13 23:50 - 000019912 _____ (Malwarebytes) C:\WINDOWS\system32\Drivers\MbamElam.sys
2020-10-12 18:40 - 2020-10-12 18:40 - 000135670 _____ C:\Users\wow\Downloads\Vypis_z_uctu_0-165905043_z_20200930.pdf
2020-10-09 19:13 - 2020-10-09 19:14 - 000000000 ____D C:\Users\wow\AppData\Local\FreemakeVideoConverter
2020-10-09 19:12 - 2020-10-09 19:23 - 000000000 ____D C:\Program Files (x86)\Freemake
2020-10-09 19:12 - 2020-10-09 19:13 - 000000000 ____D C:\ProgramData\Freemake
2020-10-09 19:05 - 2020-10-09 19:05 - 000000000 ____D C:\Users\wow\.fontconfig
2020-10-09 19:04 - 2020-10-09 19:04 - 000000000 ____D C:\Users\wow\AppData\Local\Movavi
2020-10-09 19:04 - 2020-10-09 19:04 - 000000000 ____D C:\Users\wow\AppData\Local\CrashRpt
2020-10-09 19:04 - 2020-10-09 19:04 - 000000000 ____D C:\Users\wow\AppData\Local\ConverterAgent
2020-10-09 19:04 - 2020-10-09 19:04 - 000000000 ____D C:\Users\wow\AppData\Local\converter
2020-10-09 19:04 - 2020-10-09 19:04 - 000000000 ____D C:\ProgramData\movavi
2020-10-09 19:03 - 2020-10-09 19:09 - 000000000 ____D C:\Users\wow\AppData\Roaming\Movavi Video Converter 20 Premium
2020-10-09 19:03 - 2020-10-09 19:03 - 000005030 _____ C:\ProgramData\ziwxpjps.faw
2020-10-09 19:03 - 2020-10-09 19:03 - 000000016 _____ C:\ProgramData\mntemp
2020-10-09 18:28 - 2020-10-09 18:28 - 000000000 ____D C:\Users\wow\AppData\Roaming\dvdcss
2020-10-09 18:26 - 2020-10-09 18:26 - 000000000 ____D C:\Users\wow\AppData\Local\Blu-ray Master
2020-10-05 12:52 - 2020-10-05 12:53 - 000000000 ____D C:\Users\wow\Downloads\film
2020-09-22 14:58 - 2020-09-22 14:57 - 000338528 _____ (AVAST Software) C:\WINDOWS\system32\aswBoot.exe
2020-09-22 14:58 - 2020-09-22 14:57 - 000217328 _____ (AVAST Software) C:\WINDOWS\system32\Drivers\aswStm.sys
2020-09-22 14:58 - 2020-09-22 14:57 - 000175192 _____ (AVAST Software) C:\WINDOWS\system32\Drivers\aswMonFlt.sys

==================== One month (modified) ==================

(If an entry is included in the fixlist, the file/folder will be moved.)

2020-10-15 13:11 - 2019-12-07 11:14 - 000000000 ____D C:\ProgramData\regid.1991-06.com.microsoft
2020-10-15 13:06 - 2020-08-27 12:22 - 000004208 _____ C:\WINDOWS\system32\Tasks\User_Feed_Synchronization-{AFE96C0B-29CD-44E2-AC4A-5583F4CD3869}
2020-10-15 12:32 - 2017-10-08 13:23 - 000000000 ____D C:\Users\wow\AppData\Local\AVAST Software
2020-10-15 12:06 - 2020-08-27 21:33 - 000716586 _____ C:\WINDOWS\system32\perfh005.dat
2020-10-15 12:06 - 2020-08-27 21:33 - 000144784 _____ C:\WINDOWS\system32\perfc005.dat
2020-10-15 12:06 - 2020-08-27 12:22 - 000003584 _____ C:\WINDOWS\system32\Tasks\MicrosoftEdgeUpdateTaskMachineUA
2020-10-15 12:06 - 2020-08-27 12:22 - 000003460 _____ C:\WINDOWS\system32\Tasks\MicrosoftEdgeUpdateTaskMachineCore
2020-10-15 12:06 - 2020-08-27 12:16 - 001693136 _____ C:\WINDOWS\system32\PerfStringBackup.INI
2020-10-15 12:06 - 2019-12-07 11:13 - 000000000 ____D C:\WINDOWS\INF
2020-10-15 12:03 - 2020-08-27 12:22 - 000003522 _____ C:\WINDOWS\system32\Tasks\AdobeGCInvoker-1.0
2020-10-15 12:01 - 2017-05-04 22:08 - 000000000 ___RD C:\Users\wow\Disk Google
2020-10-15 12:01 - 2017-05-04 19:21 - 000000000 ____D C:\Users\wow\AppData\LocalLow\Mozilla
2020-10-15 11:59 - 2017-12-03 20:31 - 000000180 _____ C:\WINDOWS\system32\{A6D608F0-0BDE-491A-97AE-5C4B05D86E01}.bat
2020-10-15 11:59 - 2017-05-04 08:39 - 000000000 __SHD C:\Users\wow\IntelGraphicsProfiles
2020-10-15 11:58 - 2020-08-27 12:22 - 000000006 ____H C:\WINDOWS\Tasks\SA.DAT
2020-10-15 11:58 - 2020-08-27 12:00 - 000008192 ___SH C:\DumpStack.log.tmp
2020-10-15 11:58 - 2019-12-07 11:03 - 000524288 _____ C:\WINDOWS\system32\config\BBI
2020-10-15 11:58 - 2017-05-04 19:21 - 000000000 ____D C:\Program Files (x86)\Mozilla Maintenance Service
2020-10-15 11:35 - 2020-08-27 12:22 - 000003376 _____ C:\WINDOWS\system32\Tasks\OneDrive Standalone Update Task-S-1-5-21-3829197068-2955107618-1151059083-1001
2020-10-15 11:34 - 2020-08-27 12:04 - 000002366 _____ C:\Users\wow\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\OneDrive.lnk
2020-10-15 11:34 - 2017-05-04 08:42 - 000000000 ___RD C:\Users\wow\OneDrive
2020-10-15 11:31 - 2020-08-27 12:22 - 000003472 _____ C:\WINDOWS\system32\Tasks\GoogleUpdateTaskMachineUA
2020-10-15 11:31 - 2020-08-27 12:22 - 000003348 _____ C:\WINDOWS\system32\Tasks\GoogleUpdateTaskMachineCore
2020-10-15 11:31 - 2019-10-03 10:00 - 000000000 ___HD C:\Users\Public\Documents\AdobeGCData
2020-10-15 11:31 - 2019-10-03 10:00 - 000000000 ___HD C:\ProgramData\Documents\AdobeGCData
2020-10-15 11:29 - 2020-08-27 12:22 - 000004264 _____ C:\WINDOWS\system32\Tasks\Avast Emergency Update
2020-10-14 14:13 - 2017-05-04 19:21 - 000001012 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Firefox.lnk
2020-10-14 14:12 - 2020-08-27 12:22 - 000003752 _____ C:\WINDOWS\system32\Tasks\Adobe Flash Player NPAPI Notifier
2020-10-14 14:12 - 2020-08-27 12:22 - 000003482 _____ C:\WINDOWS\system32\Tasks\Adobe Acrobat Update Task
2020-10-14 14:12 - 2020-08-27 12:22 - 000003194 _____ C:\WINDOWS\system32\Tasks\CCleaner Update
2020-10-14 14:12 - 2020-08-27 12:22 - 000002770 _____ C:\WINDOWS\system32\Tasks\AdobeAAMUpdater-1.0-DESKTOP-89RL4UG-wow
2020-10-14 14:12 - 2020-08-27 12:22 - 000002336 _____ C:\WINDOWS\system32\Tasks\RtHDVBg_LENOVO_MICPKEY
2020-10-14 14:12 - 2020-08-27 12:22 - 000002280 _____ C:\WINDOWS\system32\Tasks\RTKCPL
2020-10-14 14:12 - 2020-08-27 12:22 - 000002220 _____ C:\WINDOWS\system32\Tasks\CCleanerSkipUAC
2020-10-14 14:12 - 2020-08-27 12:22 - 000000000 ____D C:\WINDOWS\system32\Tasks\AVAST Software
2020-10-14 12:37 - 2018-05-19 08:46 - 000000000 ___HD C:\Users\wow\Documents\.tmp.drivedownload
2020-10-14 12:15 - 2019-12-07 11:14 - 000000000 ____D C:\WINDOWS\AppReadiness
2020-10-13 23:51 - 2020-02-16 11:30 - 000002028 _____ C:\Users\Public\Desktop\Malwarebytes.lnk
2020-10-13 23:51 - 2020-02-16 11:30 - 000002028 _____ C:\ProgramData\Desktop\Malwarebytes.lnk
2020-10-13 23:51 - 2019-12-07 11:14 - 000000000 ___HD C:\WINDOWS\ELAMBKUP
2020-10-13 23:50 - 2020-02-16 11:30 - 000153312 _____ (Malwarebytes) C:\WINDOWS\system32\Drivers\mbae64.sys
2020-10-12 10:50 - 2019-12-07 11:14 - 000000000 ___HD C:\Program Files\WindowsApps
2020-10-10 10:40 - 2020-06-10 15:17 - 000002428 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Microsoft Edge.lnk
2020-10-10 10:40 - 2020-06-10 15:17 - 000002266 _____ C:\Users\Public\Desktop\Microsoft Edge.lnk
2020-10-10 10:40 - 2020-06-10 15:17 - 000002266 _____ C:\ProgramData\Desktop\Microsoft Edge.lnk
2020-10-09 19:05 - 2020-08-27 12:04 - 000000000 ____D C:\Users\wow
2020-10-09 19:05 - 2020-02-16 11:31 - 000000000 ____D C:\Users\wow\AppData\Local\cache
2020-10-08 22:35 - 2020-08-27 12:00 - 000000000 ____D C:\WINDOWS\system32\SleepStudy
2020-10-08 21:21 - 2017-05-04 11:49 - 000002308 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Google Chrome.lnk
2020-10-08 21:21 - 2017-05-04 11:49 - 000002267 _____ C:\Users\Public\Desktop\Google Chrome.lnk
2020-10-08 21:21 - 2017-05-04 11:49 - 000002267 _____ C:\ProgramData\Desktop\Google Chrome.lnk
2020-10-05 10:55 - 2017-10-18 18:44 - 000001006 _____ C:\Users\Public\Desktop\calibre 64bit - E-book management.lnk
2020-10-05 10:55 - 2017-10-18 18:44 - 000001006 _____ C:\ProgramData\Desktop\calibre 64bit - E-book management.lnk
2020-10-05 10:55 - 2017-05-04 20:54 - 000000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\calibre 64bit - E-book Management
2020-10-05 10:55 - 2017-05-04 20:54 - 000000000 ____D C:\Program Files\Calibre2
2020-09-26 13:24 - 2017-05-04 20:01 - 000000000 ____D C:\Users\wow\AppData\Local\CrashDumps
2020-09-25 16:32 - 2018-01-05 23:27 - 000000000 ____D C:\Program Files (x86)\HappyFoto DESIGNER
2020-09-25 10:46 - 2020-08-24 12:07 - 000000000 ____D C:\Users\wow\AppData\Local\ElevatedDiagnostics
2020-09-25 09:32 - 2017-05-05 13:57 - 000002143 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Acrobat Reader DC.lnk
2020-09-24 14:22 - 2017-05-03 22:34 - 000000870 _____ C:\Users\Public\Desktop\CCleaner.lnk
2020-09-24 14:22 - 2017-05-03 22:34 - 000000870 _____ C:\ProgramData\Desktop\CCleaner.lnk
2020-09-24 10:19 - 2020-04-02 12:56 - 000517592 _____ (AVAST Software) C:\WINDOWS\system32\Drivers\aswNetHub.sys
2020-09-24 09:22 - 2017-09-14 10:43 - 000000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Backup and Sync from Google
2020-09-23 09:54 - 2019-02-06 10:50 - 000000000 ____D C:\ProgramData\Mozilla
2020-09-22 21:03 - 2017-05-04 09:35 - 000000000 ____D C:\ProgramData\AVAST Software
2020-09-22 14:59 - 2017-11-30 18:27 - 000326408 _____ (AVAST Software) C:\WINDOWS\system32\Drivers\aswVmm.sys
2020-09-22 14:57 - 2019-01-27 00:23 - 000235584 _____ (AVAST Software) C:\WINDOWS\system32\Drivers\aswbidsdriver.sys
2020-09-22 14:57 - 2019-01-18 20:23 - 000195648 _____ (AVAST Software) C:\WINDOWS\system32\Drivers\aswbidsh.sys
2020-09-22 14:57 - 2019-01-18 20:23 - 000060480 _____ (AVAST Software) C:\WINDOWS\system32\Drivers\aswbuniv.sys
2020-09-22 14:57 - 2019-01-18 20:23 - 000037136 _____ (AVAST Software) C:\WINDOWS\system32\Drivers\aswArDisk.sys
2020-09-22 14:57 - 2018-10-12 12:10 - 000042768 _____ (AVAST Software) C:\WINDOWS\system32\Drivers\aswKbd.sys
2020-09-22 14:57 - 2017-11-30 18:27 - 000851600 _____ (AVAST Software) C:\WINDOWS\system32\Drivers\aswSnx.sys
2020-09-22 14:57 - 2017-11-30 18:27 - 000469880 _____ (AVAST Software) C:\WINDOWS\system32\Drivers\aswSP.sys
2020-09-22 14:57 - 2017-11-30 18:27 - 000206392 _____ (AVAST Software) C:\WINDOWS\system32\Drivers\aswArPot.sys
2020-09-22 14:57 - 2017-11-30 18:27 - 000109272 _____ (AVAST Software) C:\WINDOWS\system32\Drivers\aswRdr2.sys
2020-09-22 14:57 - 2017-11-30 18:27 - 000084848 _____ (AVAST Software) C:\WINDOWS\system32\Drivers\aswRvrt.sys
2020-09-22 09:41 - 2018-07-08 17:46 - 000002505 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Avast Secure Browser.lnk
2020-09-22 09:41 - 2018-07-08 17:46 - 000002470 _____ C:\Users\Public\Desktop\Avast Secure Browser.lnk
2020-09-22 09:41 - 2018-07-08 17:46 - 000002470 _____ C:\ProgramData\Desktop\Avast Secure Browser.lnk
2020-09-22 09:37 - 2017-05-04 11:23 - 000000000 ____D C:\WINDOWS\system32\MRT
2020-09-22 09:31 - 2017-05-04 11:23 - 129170736 ____C (Microsoft Corporation) C:\WINDOWS\system32\MRT.exe

==================== Files in the root of some directories ========

2017-05-04 08:56 - 2017-05-04 09:20 - 000000600 _____ () C:\Users\wow\AppData\Roaming\winscp.rnd
2018-05-19 09:31 - 2019-05-01 21:33 - 000003584 _____ () C:\Users\wow\AppData\Local\DCBC2A71-70D8-4DAN-EHR8-E0D61DEA3FDF.ini
2018-10-13 17:28 - 2018-10-13 17:28 - 000000000 _____ () C:\Users\wow\AppData\Local\oobelibMkey.log
2017-05-08 20:42 - 2017-11-30 12:50 - 000007605 _____ () C:\Users\wow\AppData\Local\Resmon.ResmonCfg

==================== SigCheck ============================

(There is no automatic fix for files that do not pass verification.)

==================== End of FRST.txt ========================




Additional scan result of Farbar Recovery Scan Tool (x64) Version: 14-10-2020
Ran by wow (15-10-2020 13:12:06)
Running from C:\Users\wow\Desktop
Windows 10 Home Version 2004 19041.508 (X64) (2020-08-27 10:22:50)
Boot Mode: Normal
==========================================================


==================== Accounts: =============================

Administrator (S-1-5-21-3829197068-2955107618-1151059083-500 - Administrator - Disabled)
DefaultAccount (S-1-5-21-3829197068-2955107618-1151059083-503 - Limited - Disabled)
Guest (S-1-5-21-3829197068-2955107618-1151059083-501 - Limited - Disabled)
WDAGUtilityAccount (S-1-5-21-3829197068-2955107618-1151059083-504 - Limited - Disabled)
wow (S-1-5-21-3829197068-2955107618-1151059083-1001 - Administrator - Enabled) => C:\Users\wow

==================== Security Center ========================

(If an entry is included in the fixlist, it will be removed.)

AV: Avast Antivirus (Enabled - Up to date) {8EA8924E-BC81-DC44-8BB0-8BAE75D86EBF}
AV: Windows Defender (Disabled - Up to date) {D68DDC3A-831F-4fae-9E44-DA132C1ACF46}
AV: Avast Antivirus (Enabled - Up to date) {EB19B86E-3998-C706-90EF-92B41EB091AF}
AS: Windows Defender (Disabled - Up to date) {D68DDC3A-831F-4fae-9E44-DA132C1ACF46}
AS: Avast Antivirus (Enabled - Up to date) {35C973AA-9ABB-D3CA-B100-B0DC0E5F2402}

==================== Installed Programs ======================

(Only the adware programs with "Hidden" flag could be added to the fixlist to unhide them. The adware programs should be uninstalled manually.)

7z Extractor (HKLM-x32\...\{FA71EF19-3822-44F1-B843-B84CA34266CB}_is1) (Version: - 7zextractor.com)
Adobe Acrobat Reader DC - Czech (HKLM-x32\...\{AC76BA86-7AD7-1029-7B44-AC0F074E4100}) (Version: 20.012.20048 - Adobe Systems Incorporated)
Adobe dreamweaver (HKLM\...\{F91C3A80-17BA-41E3-8288-A36778F03035}) (Version: 1.0.0000 - Adobe Systems Incorporated) Hidden
Adobe Flash Player 32 NPAPI (HKLM-x32\...\Adobe Flash Player NPAPI) (Version: 32.0.0.433 - Adobe)
Aktualizace produktu Microsoft Office Excel 2007 Help (KB963678) (HKLM-x32\...\{90120000-0016-0405-0000-0000000FF1CE}_ENTERPRISE_{0A1FAC46-B899-421D-B1A2-470896DC45DB}) (Version: - Microsoft)
Aktualizace produktu Microsoft Office Powerpoint 2007 Help (KB963669) (HKLM-x32\...\{90120000-0018-0405-0000-0000000FF1CE}_ENTERPRISE_{5260BB53-C1F7-4A3B-9AEB-3EC9B37FF194}) (Version: - Microsoft)
Aktualizace produktu Microsoft Office Word 2007 Help (KB963665) (HKLM-x32\...\{90120000-001B-0405-0000-0000000FF1CE}_ENTERPRISE_{E68DD413-B834-4923-8181-0A03B7555187}) (Version: - Microsoft)
Altap Salamander 3.03 (x86) (HKLM-x32\...\Altap Salamander 3.03 (x86)) (Version: 3.03 - ALTAP)
Avast Free Antivirus (HKLM-x32\...\Avast Antivirus) (Version: 20.7.2425 - Avast Software)
Avast Secure Browser (HKLM-x32\...\Avast Secure Browser) (Version: 85.0.5814.102 - AVAST Software)
Avast Update Helper (HKLM-x32\...\{A92DAB39-4E2C-4304-9AB6-BC44E68B55E2}) (Version: 1.4.154.333 - AVAST Software) Hidden
Backup and Sync from Google (HKLM\...\{B109BD68-709A-485B-97E6-651FEB234AC9}) (Version: 3.51.3307.8076 - Google, Inc.)
BitTorrent (HKU\S-1-5-21-3829197068-2955107618-1151059083-1001\...\BitTorrent) (Version: 7.10.5.45785 - BitTorrent Inc.)
calibre 64bit (HKLM\...\{E1931DC1-CC9E-4D15-8ACF-B6BF2FD62CC5}) (Version: 5.1.0 - Kovid Goyal)
CCleaner (HKLM\...\CCleaner) (Version: 5.72 - Piriform)
CDBurnerXP (HKLM-x32\...\{7E265513-8CDA-4631-B696-F40D983F3B07}_is1) (Version: 4.5.7.6623 - CDBurnerXP)
Cool Edit Pro 2.1 (HKLM-x32\...\Cool Edit Pro 2.1) (Version: - )
D3DX10 (HKLM-x32\...\{E09C4DB7-630C-4F06-A631-8EA7239923AF}) (Version: 15.4.2368.0902 - Microsoft) Hidden
Genesys USB Mass Storage Device (HKLM-x32\...\{959B7F35-2819-40C5-A0CD-3C53B5FCC935}) (Version: 4.5.0.6.1001 - Genesys Logic)
Google Chrome (HKLM-x32\...\Google Chrome) (Version: 86.0.4240.75 - Google LLC)
Google Update Helper (HKLM-x32\...\{60EC980A-BDA2-4CB6-A427-B07A5498B4CA}) (Version: 1.3.36.31 - Google LLC) Hidden
HappyFoto DESIGNER 5.4 (HKLM-x32\...\HappyFoto-Designer_is1) (Version: - )
Intel(R) Chipset Device Software (HKLM-x32\...\{c7f54569-0018-439c-809a-48046a4d4ebc}) (Version: 10.1.1.9 - Intel(R) Corporation) Hidden
Intel(R) Management Engine Components (HKLM\...\{1CEAC85D-2590-4760-800F-8DE5E91F3700}) (Version: 11.0.0.1158 - Intel Corporation)
Intel(R) Processor Graphics (HKLM-x32\...\{F0E3AD40-2BBD-4360-9C76-B9AC9A5886EA}) (Version: 20.19.15.4963 - Intel Corporation)
Intel® Security Assist (HKLM-x32\...\{4B230374-6475-4A73-BA6E-41015E9C5013}) (Version: 1.0.0.532 - Intel Corporation)
IrfanView 4.54 (32-bit) (HKLM-x32\...\IrfanView) (Version: 4.54 - Irfan Skiljan)
Lenovo Rescue System (HKLM\...\{46F4D124-20E5-4D12-BE52-EC177A7A4B42}) (Version: 4.0.0.5015 - CyberLink Corp.) Hidden
Lenovo Rescue System (HKLM-x32\...\InstallShield_{46F4D124-20E5-4D12-BE52-EC177A7A4B42}) (Version: 4.0.0.5015 - CyberLink Corp.)
Lenovo Slim USB Keyboard (HKLM\...\{494D80C4-3557-4D73-A153-65FE4B3ECDC3}) (Version: 1.17 - Lenovo)
Malwarebytes version 4.2.1.89 (HKLM\...\{35065F43-4BB2-439A-BFF7-0F1014F2E0CD}_is1) (Version: 4.2.1.89 - Malwarebytes)
Manual (HKLM-x32\...\{693F92E5-37D1-46B7-A0D6-19A74A2FD0EC}) (Version: 1.00.0701 - Lenovo)
Metric Collection SDK 35 (HKLM-x32\...\{C2B5B5B0-2545-4E94-B4BA-548D4BF0B196}) (Version: 1.2.0006.00 - Lenovo Group Limited) Hidden
Microsoft Edge (HKLM-x32\...\Microsoft Edge) (Version: 86.0.622.38 - Microsoft Corporation)
Microsoft Edge Update (HKLM-x32\...\Microsoft Edge Update) (Version: 1.3.135.41 - )
Microsoft Office (HKLM-x32\...\{90150000-0138-0409-0000-0000000FF1CE}) (Version: 15.0.4693.1005 - Microsoft Corporation)
Microsoft Office 2007 Service Pack 3 (SP3) (HKLM-x32\...\{90120000-0030-0000-0000-0000000FF1CE}_ENTERPRISE_{6E107EB7-8B55-48BF-ACCB-199F86A2CD93}) (Version: - Microsoft)
Microsoft Office Enterprise 2007 (HKLM-x32\...\ENTERPRISE) (Version: 12.0.6612.1000 - Microsoft Corporation)
Microsoft Office File Validation Add-In (HKLM-x32\...\{90140000-2005-0000-0000-0000000FF1CE}) (Version: 14.0.5130.5003 - Microsoft Corporation)
Microsoft OneDrive (HKU\S-1-5-21-3829197068-2955107618-1151059083-1001\...\OneDriveSetup.exe) (Version: 20.169.0823.0006 - Microsoft Corporation)
Microsoft Visual C++ 2005 Redistributable (HKLM-x32\...\{710f4c1c-cc18-4c49-8cbf-51240c89a1a2}) (Version: 8.0.61001 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.17 (HKLM-x32\...\{9A25302D-30C0-39D9-BD6F-21E6EC160475}) (Version: 9.0.30729 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.4148 (HKLM-x32\...\{1F1C2DFC-2D24-3E06-BCB8-725134ADF989}) (Version: 9.0.30729.4148 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.6161 (HKLM-x32\...\{9BE518E6-ECC6-35A9-88E4-87755C07200F}) (Version: 9.0.30729.6161 - Microsoft Corporation)
Microsoft Visual C++ 2010 x86 Redistributable - 10.0.40219 (HKLM-x32\...\{F0C3E5D1-1ADE-321E-8167-68EF0DE699A5}) (Version: 10.0.40219 - Microsoft Corporation)
Microsoft Visual C++ 2012 Redistributable (x86) - 11.0.61030 (HKLM-x32\...\{33d1fd90-4274-48a1-9bc1-97e33d9c2d6f}) (Version: 11.0.61030.0 - Microsoft Corporation)
Microsoft Visual C++ 2013 Redistributable (x64) - 12.0.30501 (HKLM-x32\...\{050d4fc8-5d48-4b8f-8972-47c82c46020f}) (Version: 12.0.30501.0 - Microsoft Corporation)
Microsoft Visual C++ 2013 Redistributable (x86) - 12.0.30501 (HKLM-x32\...\{f65db027-aff3-4070-886a-0d87064aabb1}) (Version: 12.0.30501.0 - Microsoft Corporation)
Microsoft Visual C++ 2015 Redistributable (x64) - 14.0.24212 (HKLM-x32\...\{323dad84-0974-4d90-a1c1-e006c7fdbb7d}) (Version: 14.0.24212.0 - Microsoft Corporation)
Movie Maker (HKLM-x32\...\{38F03569-A636-4CF3-BDDE-032C8C251304}) (Version: 16.4.3528.0331 - Microsoft Corporation) Hidden
Movie Maker (HKLM-x32\...\{DD67BE4B-7E62-4215-AFA3-F123A800A389}) (Version: 16.4.3528.0331 - Microsoft Corporation) Hidden
Mozilla Firefox 81.0.2 (x64 cs) (HKLM\...\Mozilla Firefox 81.0.2 (x64 cs)) (Version: 81.0.2 - Mozilla)
Mozilla Maintenance Service (HKLM\...\MozillaMaintenanceService) (Version: 53.0 - Mozilla)
OnScreen Control (HKLM-x32\...\{E5C1B339-0E4E-49A5-859E-5E1DE1938706}) (Version: 1.39 - LG Electronics Inc)
Rajče průvodce verze 1.59.54.269 (HKLM-x32\...\rajce.net_is1) (Version: - rajce.net)
Realtek Ethernet Controller All-In-One Windows Driver (HKLM-x32\...\{F7E7F0CB-AA41-4D5A-B6F2-8E6738EB063F}) (Version: 10.1.505.2015 - Realtek)
Realtek High Definition Audio Driver (HKLM-x32\...\{F132AF7F-7BCA-4EDE-8A7C-958108FE7DBC}) (Version: 6.0.1.7543 - Realtek Semiconductor Corp.)
Shredder 12 (HKLM-x32\...\{3892F602-F5D6-4B99-8F08-12EE6B01F66B}) (Version: 12.0.0 - ChessBase)
Shredder 12 (HKLM-x32\...\{631D1741-E5F6-433B-A0BF-5216DC1D846D}) (Version: 12.0.0 - ChessBase) Hidden
Update for 2007 Microsoft Office System (KB967642) (HKLM-x32\...\{90120000-0030-0000-0000-0000000FF1CE}_ENTERPRISE_{C444285D-5E4F-48A4-91DD-47AAAA68E92D}) (Version: - Microsoft)
Update for Windows 10 for x64-based Systems (KB4023057) (HKLM\...\{16AD6161-2E47-4BF1-AA77-0946EFE93E08}) (Version: 2.61.0.0 - Microsoft Corporation)
Windows Driver Package - Genesys Logic (GeneStor) USB (07/13/2015 4.5.0.6) (HKLM\...\AE2E6FAB44844413B4C6F53C908EACC8AFC838F0) (Version: 07/13/2015 4.5.0.6 - Genesys Logic)
Windows Driver Package - Intel Corporation (igfx) Display (07/17/2015 10.18.15.4256) (HKLM\...\00B7AF24A3F134555C104D6FD6BA2E998DF37957) (Version: 07/17/2015 10.18.15.4256 - Intel Corporation)
Windows Driver Package - Realtek (rt640x64) Net (05/05/2015 10.001.0505.2015) (HKLM\...\6A304520C2F25CD034E477A379C47308AA84A2DC) (Version: 05/05/2015 10.001.0505.2015 - Realtek)
Windows Movie Maker 2016 (HKLM-x32\...\{3CC29C1A-B5FE-457B-8F22-32A2videowin}}_is1) (Version: - videowinsoft.com)
xrecode II 1.0.0.231 (HKLM-x32\...\{AFE83615-88BE-47F6-B3E4-A3FEF8B7B57F}_is1) (Version: - )
Zoner Photo Studio 17 (HKLM\...\ZonerPhotoStudio17_CZ_is1) (Version: 17.0.1.12 - ZONER software)

Packages:
=========
HP Smart -> C:\Program Files\WindowsApps\AD2F1837.HPPrinterControl_120.1.741.0_x64__v10z8vjag6ke6 [2020-10-09] (HP Inc.)
Lenovo Vantage -> C:\Program Files\WindowsApps\E046963F.LenovoCompanion_10.2009.18.0_x64__k1h2ywk1493x8 [2020-09-28] (LENOVO INC.)
Microsoft Advertising SDK for XAML -> C:\Program Files\WindowsApps\Microsoft.Advertising.Xaml_10.1811.1.0_x64__8wekyb3d8bbwe [2019-02-14] (Microsoft Corporation) [MS Ad]
Microsoft Advertising SDK for XAML -> C:\Program Files\WindowsApps\Microsoft.Advertising.Xaml_10.1811.1.0_x86__8wekyb3d8bbwe [2019-02-14] (Microsoft Corporation) [MS Ad]
Microsoft Solitaire Collection -> C:\Program Files\WindowsApps\Microsoft.MicrosoftSolitaireCollection_4.7.8101.0_x64__8wekyb3d8bbwe [2020-08-19] (Microsoft Studios) [MS Ad]
MSN Sports -> C:\Program Files\WindowsApps\Microsoft.BingSports_4.36.20714.0_x64__8wekyb3d8bbwe [2020-03-26] (Microsoft Corporation) [MS Ad]
Uživatelský portál Lenovo -> C:\Program Files\WindowsApps\LenovoCorporation.LenovoID_2.0.37.0_x86__4642shxvsv8s2 [2017-05-04] (LENOVO INCORPORATED.)

==================== Custom CLSID (Whitelisted): ==============

(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)

CustomCLSID: HKU\S-1-5-21-3829197068-2955107618-1151059083-1001_Classes\CLSID\{C78B6149-F3EA-11D2-94A1-00E0292A01E3}\InprocServer32 -> C:\Program Files (x86)\Altap Salamander\utils\salextx64.dll (ALTAP) [File not signed]
ShellExecuteHooks-x32: Groove GFS Stub Execution Hook - {B5A7F190-DDA6-4420-B3BA-52453494E6CD} - C:\Program Files (x86)\Microsoft Office\Office12\GrooveShellExtensions.dll [2217832 2009-02-26] (Microsoft Corporation -> Microsoft Corporation)
ShellIconOverlayIdentifiers: [ GoogleDriveBlacklisted] -> {81539FE6-33C7-4CE7-90C7-1C7B8F2F2D42} => C:\Program Files\Google\Drive\googledrivesync64.dll [2020-09-09] (Google LLC -> Google)
ShellIconOverlayIdentifiers: [ GoogleDriveSynced] -> {81539FE6-33C7-4CE7-90C7-1C7B8F2F2D40} => C:\Program Files\Google\Drive\googledrivesync64.dll [2020-09-09] (Google LLC -> Google)
ShellIconOverlayIdentifiers: [ GoogleDriveSyncing] -> {81539FE6-33C7-4CE7-90C7-1C7B8F2F2D41} => C:\Program Files\Google\Drive\googledrivesync64.dll [2020-09-09] (Google LLC -> Google)
ShellIconOverlayIdentifiers: [00asw] -> {472083B0-C522-11CF-8763-00608CC02F24} => C:\Program Files\AVAST Software\Avast\ashShell.dll [2020-09-22] (Avast Software s.r.o. -> AVAST Software)
ContextMenuHandlers1: [avast] -> {472083B0-C522-11CF-8763-00608CC02F24} => C:\Program Files\AVAST Software\Avast\ashShell.dll [2020-09-22] (Avast Software s.r.o. -> AVAST Software)
ContextMenuHandlers1: [GDContextMenu] -> {BB02B294-8425-42E5-983F-41A1FA970CD6} => C:\Program Files\Google\Drive\contextmenu64.dll [2020-09-09] (Google LLC -> Google)
ContextMenuHandlers3: [00asw] -> {472083B0-C522-11CF-8763-00608CC02F24} => C:\Program Files\AVAST Software\Avast\ashShell.dll [2020-09-22] (Avast Software s.r.o. -> AVAST Software)
ContextMenuHandlers3: [MBAMShlExt] -> {57CE581A-0CB6-4266-9CA0-19364C90A0B3} => C:\Program Files\Malwarebytes\Anti-Malware\mbshlext.dll [2020-02-16] (Malwarebytes Corporation -> Malwarebytes)
ContextMenuHandlers4: [GDContextMenu] -> {BB02B294-8425-42E5-983F-41A1FA970CD6} => C:\Program Files\Google\Drive\contextmenu64.dll [2020-09-09] (Google LLC -> Google)
ContextMenuHandlers5: [igfxcui] -> {3AB1675A-CCFF-11D2-8B20-00A0C93CB1F4} => -> No File
ContextMenuHandlers5: [igfxDTCM] -> {9B5F5829-A529-4B12-814A-E81BCB8D93FC} => C:\WINDOWS\system32\igfxDTCM.dll [2018-07-16] (Microsoft Windows Hardware Compatibility Publisher -> Intel Corporation)
ContextMenuHandlers6: [avast] -> {472083B0-C522-11CF-8763-00608CC02F24} => C:\Program Files\AVAST Software\Avast\ashShell.dll [2020-09-22] (Avast Software s.r.o. -> AVAST Software)
ContextMenuHandlers6: [MBAMShlExt] -> {57CE581A-0CB6-4266-9CA0-19364C90A0B3} => C:\Program Files\Malwarebytes\Anti-Malware\mbshlext.dll [2020-02-16] (Malwarebytes Corporation -> Malwarebytes)

==================== Codecs (Whitelisted) ====================

==================== Shortcuts & WMI ========================

==================== Loaded Modules (Whitelisted) =============

2017-05-04 20:04 - 2009-11-21 00:16 - 000779264 _____ () [File not signed] C:\Program Files (x86)\ChessBase\Engines\Crafty 23-01.eng
2017-05-04 20:02 - 2009-10-13 22:48 - 004212224 _____ () [File not signed] C:\Program Files (x86)\ChessBase\ChessProgram12\FrameRes.dll
2017-05-04 20:02 - 2009-12-11 12:21 - 001152512 _____ () [File not signed] C:\Program Files (x86)\ChessBase\ChessProgram12\ChessRes.dll
2020-10-15 12:00 - 2020-10-15 12:00 - 000114176 _____ () [File not signed] C:\Users\wow\AppData\Local\Temp\_MEI48682\_ctypes.pyd
2020-10-15 12:00 - 2020-10-15 12:00 - 000172544 _____ () [File not signed] C:\Users\wow\AppData\Local\Temp\_MEI48682\_elementtree.pyd
2020-10-15 12:00 - 2020-10-15 12:00 - 002250240 _____ () [File not signed] C:\Users\wow\AppData\Local\Temp\_MEI48682\_hashlib.pyd
2020-10-15 12:00 - 2020-10-15 12:00 - 000032256 _____ () [File not signed] C:\Users\wow\AppData\Local\Temp\_MEI48682\_multiprocessing.pyd
2020-10-15 12:00 - 2020-10-15 12:00 - 000046080 _____ () [File not signed] C:\Users\wow\AppData\Local\Temp\_MEI48682\_psutil_windows.pyd
2020-10-15 12:00 - 2020-10-15 12:00 - 000047616 _____ () [File not signed] C:\Users\wow\AppData\Local\Temp\_MEI48682\_socket.pyd
2020-10-15 12:00 - 2020-10-15 12:00 - 002819584 _____ () [File not signed] C:\Users\wow\AppData\Local\Temp\_MEI48682\_ssl.pyd
2020-10-15 12:00 - 2020-10-15 12:00 - 000026112 _____ () [File not signed] C:\Users\wow\AppData\Local\Temp\_MEI48682\_yappi.pyd
2020-10-15 12:00 - 2020-10-15 12:00 - 000080896 _____ () [File not signed] C:\Users\wow\AppData\Local\Temp\_MEI48682\bz2.pyd
2020-10-15 12:00 - 2020-10-15 12:00 - 000016384 _____ () [File not signed] C:\Users\wow\AppData\Local\Temp\_MEI48682\common.time34.pyd
2020-10-15 12:00 - 2020-10-15 12:00 - 000007680 _____ () [File not signed] C:\Users\wow\AppData\Local\Temp\_MEI48682\hashobjs_ext.pyd
2020-10-15 12:00 - 2020-10-15 12:00 - 000301568 _____ () [File not signed] C:\Users\wow\AppData\Local\Temp\_MEI48682\PIL._imaging.pyd
2020-10-15 12:00 - 2020-10-15 12:00 - 000168448 _____ () [File not signed] C:\Users\wow\AppData\Local\Temp\_MEI48682\pyexpat.pyd
2020-10-15 12:00 - 2020-10-15 12:00 - 001084416 _____ () [File not signed] C:\Users\wow\AppData\Local\Temp\_MEI48682\pysqlite2._sqlite.pyd
2020-10-15 12:00 - 2020-10-15 12:00 - 000548864 _____ () [File not signed] C:\Users\wow\AppData\Local\Temp\_MEI48682\pythoncom27.dll
2020-10-15 12:00 - 2020-10-15 12:00 - 000137728 _____ () [File not signed] C:\Users\wow\AppData\Local\Temp\_MEI48682\pywintypes27.dll
2020-10-15 12:00 - 2020-10-15 12:00 - 000010752 _____ () [File not signed] C:\Users\wow\AppData\Local\Temp\_MEI48682\select.pyd
2020-10-15 12:00 - 2020-10-15 12:00 - 000020992 _____ () [File not signed] C:\Users\wow\AppData\Local\Temp\_MEI48682\thumbnails_ext.pyd
2020-10-15 12:00 - 2020-10-15 12:00 - 000689664 _____ () [File not signed] C:\Users\wow\AppData\Local\Temp\_MEI48682\unicodedata.pyd
2020-10-15 12:00 - 2020-10-15 12:00 - 000119808 _____ () [File not signed] C:\Users\wow\AppData\Local\Temp\_MEI48682\usb_ext.pyd
2020-10-15 12:00 - 2020-10-15 12:00 - 000128512 _____ () [File not signed] C:\Users\wow\AppData\Local\Temp\_MEI48682\win32api.pyd
2020-10-15 12:00 - 2020-10-15 12:00 - 000438784 _____ () [File not signed] C:\Users\wow\AppData\Local\Temp\_MEI48682\win32com.shell.shell.pyd
2020-10-15 12:00 - 2020-10-15 12:00 - 000011776 _____ () [File not signed] C:\Users\wow\AppData\Local\Temp\_MEI48682\win32crypt.pyd
2020-10-15 12:00 - 2020-10-15 12:00 - 000023040 _____ () [File not signed] C:\Users\wow\AppData\Local\Temp\_MEI48682\win32event.pyd
2020-10-15 12:00 - 2020-10-15 12:00 - 000149504 _____ () [File not signed] C:\Users\wow\AppData\Local\Temp\_MEI48682\win32file.pyd
2020-10-15 12:00 - 2020-10-15 12:00 - 000223232 _____ () [File not signed] C:\Users\wow\AppData\Local\Temp\_MEI48682\win32gui.pyd
2020-10-15 12:00 - 2020-10-15 12:00 - 000048128 _____ () [File not signed] C:\Users\wow\AppData\Local\Temp\_MEI48682\win32inet.pyd
2020-10-15 12:00 - 2020-10-15 12:00 - 000029696 _____ () [File not signed] C:\Users\wow\AppData\Local\Temp\_MEI48682\win32pdh.pyd
2020-10-15 12:00 - 2020-10-15 12:00 - 000027648 _____ () [File not signed] C:\Users\wow\AppData\Local\Temp\_MEI48682\win32pipe.pyd
2020-10-15 12:00 - 2020-10-15 12:00 - 000044032 _____ () [File not signed] C:\Users\wow\AppData\Local\Temp\_MEI48682\win32process.pyd
2020-10-15 12:00 - 2020-10-15 12:00 - 000020480 _____ () [File not signed] C:\Users\wow\AppData\Local\Temp\_MEI48682\win32profile.pyd
2020-10-15 12:00 - 2020-10-15 12:00 - 000136192 _____ () [File not signed] C:\Users\wow\AppData\Local\Temp\_MEI48682\win32security.pyd
2020-10-15 12:00 - 2020-10-15 12:00 - 000026624 _____ () [File not signed] C:\Users\wow\AppData\Local\Temp\_MEI48682\win32ts.pyd
2020-10-15 12:00 - 2020-10-15 12:00 - 000034816 _____ () [File not signed] C:\Users\wow\AppData\Local\Temp\_MEI48682\windows.conditional.pyd
2020-10-15 12:00 - 2020-10-15 12:00 - 000038400 _____ () [File not signed] C:\Users\wow\AppData\Local\Temp\_MEI48682\windows.connectivity.pyd
2020-10-15 12:00 - 2020-10-15 12:00 - 000071680 _____ () [File not signed] C:\Users\wow\AppData\Local\Temp\_MEI48682\windows.device_monitor.pyd
2020-10-15 12:00 - 2020-10-15 12:00 - 000109056 _____ () [File not signed] C:\Users\wow\AppData\Local\Temp\_MEI48682\windows.volumes.pyd
2020-10-15 12:00 - 2020-10-15 12:00 - 000020480 _____ () [File not signed] C:\Users\wow\AppData\Local\Temp\_MEI48682\windows.winwrap.pyd
2020-10-15 12:00 - 2020-10-15 12:00 - 001325056 _____ () [File not signed] C:\Users\wow\AppData\Local\Temp\_MEI48682\wx._controls_.pyd
2020-10-15 12:00 - 2020-10-15 12:00 - 001489408 _____ () [File not signed] C:\Users\wow\AppData\Local\Temp\_MEI48682\wx._core_.pyd
2020-10-15 12:00 - 2020-10-15 12:00 - 001007104 _____ () [File not signed] C:\Users\wow\AppData\Local\Temp\_MEI48682\wx._gdi_.pyd
2020-10-15 12:00 - 2020-10-15 12:00 - 000103424 _____ () [File not signed] C:\Users\wow\AppData\Local\Temp\_MEI48682\wx._html2.pyd
2020-10-15 12:00 - 2020-10-15 12:00 - 000916992 _____ () [File not signed] C:\Users\wow\AppData\Local\Temp\_MEI48682\wx._misc_.pyd
2020-10-15 12:00 - 2020-10-15 12:00 - 001039872 _____ () [File not signed] C:\Users\wow\AppData\Local\Temp\_MEI48682\wx._windows_.pyd
2017-05-04 20:02 - 2009-09-27 21:28 - 000057856 _____ (ChessBase GmbH) [File not signed] C:\Program Files (x86)\ChessBase\ChessProgram12\Device32.dll
2017-05-04 20:02 - 2009-10-17 17:05 - 000125952 _____ (ChessBase GmbH) [File not signed] C:\Program Files (x86)\ChessBase\ChessProgram12\Chess32.dll
2017-05-04 20:02 - 2009-12-17 13:00 - 001273856 _____ (ChessBase GmbH) [File not signed] C:\Program Files (x86)\ChessBase\ChessProgram12\SView3.dll
2017-05-04 20:02 - 2009-11-20 13:52 - 000652288 _____ (ChessBase GmbH) [File not signed] C:\Program Files (x86)\ChessBase\ChessProgram12\TBAccess.dll
2017-05-04 20:02 - 2009-11-25 17:44 - 028607488 _____ (ChessBase GmbH) [File not signed] C:\Program Files (x86)\ChessBase\ChessProgram12\Textures3.dll
2009-04-07 19:16 - 2009-04-07 19:16 - 000061440 _____ (LITE-ON Corp.) [File not signed] C:\Program Files\Lenovo\Lenovo Slim USB Keyboard\skhooks.dll
2020-10-15 12:00 - 2020-10-15 12:00 - 003043328 _____ (Python Software Foundation) [File not signed] C:\Users\wow\AppData\Local\Temp\_MEI48682\python27.dll
2020-10-15 12:00 - 2020-10-15 12:00 - 000202240 _____ (wxWidgets development team) [File not signed] C:\Users\wow\AppData\Local\Temp\_MEI48682\wxbase30u_net_vc90_x64.dll
2020-10-15 12:00 - 2020-10-15 12:00 - 002831872 _____ (wxWidgets development team) [File not signed] C:\Users\wow\AppData\Local\Temp\_MEI48682\wxbase30u_vc90_x64.dll
2020-10-15 12:00 - 2020-10-15 12:00 - 001654784 _____ (wxWidgets development team) [File not signed] C:\Users\wow\AppData\Local\Temp\_MEI48682\wxmsw30u_adv_vc90_x64.dll
2020-10-15 12:00 - 2020-10-15 12:00 - 006542336 _____ (wxWidgets development team) [File not signed] C:\Users\wow\AppData\Local\Temp\_MEI48682\wxmsw30u_core_vc90_x64.dll
2020-10-15 12:00 - 2020-10-15 12:00 - 000773632 _____ (wxWidgets development team) [File not signed] C:\Users\wow\AppData\Local\Temp\_MEI48682\wxmsw30u_html_vc90_x64.dll
2020-10-15 12:00 - 2020-10-15 12:00 - 000137216 _____ (wxWidgets development team) [File not signed] C:\Users\wow\AppData\Local\Temp\_MEI48682\wxmsw30u_webview_vc90_x64.dll

==================== Alternate Data Streams (Whitelisted) ========

==================== Safe Mode (Whitelisted) ==================

(If an entry is included in the fixlist, it will be removed from the registry. The "AlternateShell" will be restored.)

HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\MBAMService => ""="Service"
HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Network\MBAMService => ""="Service"

==================== Association (Whitelisted) =================

==================== Internet Explorer (Whitelisted) ==========

BHO-x32: Groove GFS Browser Helper -> {72853161-30C5-4D22-B7F9-0BBC1D38A37E} -> C:\Program Files (x86)\Microsoft Office\Office12\GrooveShellExtensions.dll [2009-02-26] (Microsoft Corporation -> Microsoft Corporation)

==================== Hosts content: =========================

(If needed Hosts: directive could be included in the fixlist to reset Hosts.)

2015-07-10 13:04 - 2019-12-16 12:26 - 000000027 _____ C:\WINDOWS\system32\drivers\etc\hosts
127.0.0.1 localhost

==================== Other Areas ===========================

(Currently there is no automatic fix for this section.)

HKLM\System\CurrentControlSet\Control\Session Manager\Environment\\Path -> C:\Program Files (x86)\Intel\iCLS Client\;C:\Program Files\Intel\iCLS Client\;%SystemRoot%\system32;%SystemRoot%;%SystemRoot%\System32\Wbem;%SYSTEMROOT%\System32\WindowsPowerShell\v1.0\;C:\Program Files (x86)\Common Files\lenovo\easyplussdk\bin;C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\DAL;C:\Program Files\Intel\Intel(R) Management Engine Components\DAL;C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\IPT;C:\Program Files\Intel\Intel(R) Management Engine Components\IPT;C:\Program Files\Calibre2\;%SYSTEMROOT%\System32\OpenSSH\
HKU\S-1-5-21-3829197068-2955107618-1151059083-1001\Control Panel\Desktop\\Wallpaper -> D:\Fotky\IMG_20200521_123756.jpg
DNS Servers: 10.0.0.138
HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Policies\System => (ConsentPromptBehaviorAdmin: 5) (ConsentPromptBehaviorUser: 3) (EnableLUA: 1)
HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer => (SmartScreenEnabled: RequireAdmin)
Windows Firewall is enabled.

==================== MSCONFIG/TASK MANAGER disabled items ==

(If an entry is included in the fixlist, it will be removed.)

HKLM\...\StartupApproved\Run: => "SecurityHealth"
HKLM\...\StartupApproved\Run: => "WindowsDefender"
HKLM\...\StartupApproved\Run: => "snpstd3"
HKLM\...\StartupApproved\Run: => "UMonit"
HKLM\...\StartupApproved\Run: => "Skd8821"
HKLM\...\StartupApproved\Run: => "AdobeGCInvoker-1.0"
HKLM\...\StartupApproved\Run32: => "GrooveMonitor"
HKLM\...\StartupApproved\Run32: => "SecurityHealth"
HKLM\...\StartupApproved\Run32: => "snpstd3"
HKLM\...\StartupApproved\Run32: => "UMonit"
HKLM\...\StartupApproved\Run32: => "WindowsDefender"
HKLM\...\StartupApproved\Run32: => "AdobeGCInvoker-1.0"
HKLM\...\StartupApproved\Run32: => "MagicPlusHelper"
HKU\S-1-5-21-3829197068-2955107618-1151059083-1001\...\StartupApproved\Run: => "OneDrive"
HKU\S-1-5-21-3829197068-2955107618-1151059083-1001\...\StartupApproved\Run: => "Zoner Photo Studio Autoupdate"
HKU\S-1-5-21-3829197068-2955107618-1151059083-1001\...\StartupApproved\Run: => "AvastBrowserAutoLaunch_6F12923EB02AD11E91B5AF5FC2A0240C"
HKU\S-1-5-21-3829197068-2955107618-1151059083-1001\...\StartupApproved\Run: => "CCleaner Smart Cleaning"

==================== FirewallRules (Whitelisted) ================

(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)

FirewallRules: [UDP Query User{C0711B30-D3EA-4386-9F51-4CEF39293F80}C:\program files\mozilla firefox\firefox.exe] => (Block) C:\program files\mozilla firefox\firefox.exe (Mozilla Corporation -> Mozilla Corporation)
FirewallRules: [TCP Query User{B4817637-7AF7-4747-BBA9-5A2D8BEBFF1F}C:\program files\mozilla firefox\firefox.exe] => (Block) C:\program files\mozilla firefox\firefox.exe (Mozilla Corporation -> Mozilla Corporation)
FirewallRules: [{44FBBCFC-AF47-4FD2-BDAB-6DF495E8236B}] => (Allow) C:\Program Files\Zoner\Photo Studio 17\Program32\MediaServer.exe (ZONER software, a.s. -> ZONER software)
FirewallRules: [UDP Query User{3E0DABE0-9F24-4D78-BA70-F1078169061C}C:\users\wow\appdata\roaming\bittorrent\bittorrent.exe] => (Block) C:\users\wow\appdata\roaming\bittorrent\bittorrent.exe (BitTorrent Inc -> BitTorrent Inc.)
FirewallRules: [TCP Query User{C67B52E9-E180-4A22-BC5B-D16E824E4486}C:\users\wow\appdata\roaming\bittorrent\bittorrent.exe] => (Block) C:\users\wow\appdata\roaming\bittorrent\bittorrent.exe (BitTorrent Inc -> BitTorrent Inc.)
FirewallRules: [{6E18ACE4-A7AB-4F16-99DC-EB75BEE3C474}] => (Allow) C:\Program Files\Mozilla Firefox\firefox.exe (Mozilla Corporation -> Mozilla Corporation)
FirewallRules: [{D826F392-DEBE-4E4D-BD2D-26A5FBD338C3}] => (Allow) C:\Program Files\Mozilla Firefox\firefox.exe (Mozilla Corporation -> Mozilla Corporation)
FirewallRules: [TCP Query User{51E6F166-45BF-4E73-B198-17F6D2E3E5C6}C:\users\wow\appdata\roaming\bittorrent\bittorrent.exe] => (Allow) C:\users\wow\appdata\roaming\bittorrent\bittorrent.exe (BitTorrent Inc -> BitTorrent Inc.)
FirewallRules: [UDP Query User{B43F2FAB-D3EB-4A22-A0EF-223F46811C43}C:\users\wow\appdata\roaming\bittorrent\bittorrent.exe] => (Allow) C:\users\wow\appdata\roaming\bittorrent\bittorrent.exe (BitTorrent Inc -> BitTorrent Inc.)
FirewallRules: [{4CA95690-EFB8-4BBF-91C0-1DFF79901928}] => (Allow) C:\Program Files\CCleaner\CCUpdate.exe (Piriform Software Ltd -> Piriform Software Ltd)
FirewallRules: [{7C89660B-0081-43D1-B52A-5848B3CF00A6}] => (Allow) C:\Program Files\CCleaner\CCUpdate.exe (Piriform Software Ltd -> Piriform Software Ltd)
FirewallRules: [{BA9B3BA2-B930-4FBC-A7DD-460C77B1F820}] => (Allow) C:\Program Files (x86)\AVAST Software\Browser\Application\AvastBrowser.exe (Avast Software s.r.o. -> AVAST Software)
FirewallRules: [{0FC65B2B-5529-4994-B28C-2A5E15C79F74}] => (Allow) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe (Google LLC -> Google LLC)

==================== Restore Points =========================

12-09-2020 10:09:02 Windows Modules Installer
07-10-2020 11:17:56 Scheduled Checkpoint

==================== Faulty Device Manager Devices ============


==================== Event log errors: ========================

Application errors:
==================
Error: (10/15/2020 11:59:10 AM) (Source: Application Error) (EventID: 1000) (User: )
Description: Název chybující aplikace: FreemakeUtilsService.exe, verze: 1.0.0.0, časové razítko: 0x5f742b96
Název chybujícího modulu: KERNELBASE.dll, verze: 10.0.19041.488, časové razítko: 0x42f14898
Kód výjimky: 0xe0434352
Posun chyby: 0x00129962
ID chybujícího procesu: 0xe90
Čas spuštění chybující aplikace: 0x01d6a2d9cfb6d6bc
Cesta k chybující aplikaci: C:\ProgramData\Freemake\FreemakeUtilsService\FreemakeUtilsService.exe
Cesta k chybujícímu modulu: C:\WINDOWS\System32\KERNELBASE.dll
ID zprávy: a45390a3-c819-4405-8a68-88cb7f8115c3
Úplný název chybujícího balíčku:
ID aplikace související s chybujícím balíčkem:

Error: (10/15/2020 11:59:07 AM) (Source: .NET Runtime) (EventID: 1026) (User: )
Description: Application: FreemakeUtilsService.exe
Framework Version: v4.0.30319
Description: The process was terminated due to an unhandled exception.
Exception Info: System.IO.FileNotFoundException
at FreemakeUtilsService.Program.Main(System.String[])

Error: (10/10/2020 10:49:19 AM) (Source: Application Hang) (EventID: 1002) (User: )
Description: Program ChessProgram12.exe verze 12.0.0.7 přestal spolupracovat s Windows a byl ukončen. Pokud chcete zjistit, jestli je k dispozici více informací o tomto problému, vyhledejte historii problému na ovládacím panelu Zabezpečení a údržba.

ID procesu: 2460

Čas spuštění: 01d69ee154d2aa30

Čas ukončení: 4294967295

Cesta k aplikaci: C:\Program Files (x86)\ChessBase\ChessProgram12\ChessProgram12.exe

ID hlášení: 52742780-e05b-47d1-bcfa-a6b0e82e2f27

Úplný název balíčku s chybou:

ID aplikace relativní podle balíčku s chybou:

Typ zablokování: Top level window is idle

Error: (10/09/2020 07:23:48 PM) (Source: Application Error) (EventID: 1000) (User: )
Description: Název chybující aplikace: FreemakeUtilsService.exe, verze: 1.0.0.0, časové razítko: 0x5f742b96
Název chybujícího modulu: KERNELBASE.dll, verze: 10.0.19041.488, časové razítko: 0x42f14898
Kód výjimky: 0xe0434352
Posun chyby: 0x00129962
ID chybujícího procesu: 0x468
Čas spuštění chybující aplikace: 0x01d69e60f1175c58
Cesta k chybující aplikaci: C:\ProgramData\Freemake\FreemakeUtilsService\FreemakeUtilsService.exe
Cesta k chybujícímu modulu: C:\WINDOWS\System32\KERNELBASE.dll
ID zprávy: 72912162-191d-49d1-87e9-5aa43e5f53d8
Úplný název chybujícího balíčku:
ID aplikace související s chybujícím balíčkem:

Error: (10/09/2020 07:23:45 PM) (Source: .NET Runtime) (EventID: 1026) (User: )
Description: Application: FreemakeUtilsService.exe
Framework Version: v4.0.30319
Description: The process was terminated due to an unhandled exception.
Exception Info: System.IO.FileNotFoundException
at FreemakeUtilsService.Program.Main(System.String[])

Error: (10/08/2020 09:44:30 PM) (Source: Application Hang) (EventID: 1002) (User: )
Description: Program HappyFoto-Designer.exe verze 5.6.13.0 přestal spolupracovat s Windows a byl ukončen. Pokud chcete zjistit, jestli je k dispozici více informací o tomto problému, vyhledejte historii problému na ovládacím panelu Zabezpečení a údržba.

ID procesu: 2ecc

Čas spuštění: 01d69dab2884895b

Čas ukončení: 97

Cesta k aplikaci: C:\Program Files (x86)\HappyFoto DESIGNER\HappyFoto-Designer.exe

ID hlášení: f4e2cc6a-f8de-4de4-8bcc-9d0170a06bd5

Úplný název balíčku s chybou:

ID aplikace relativní podle balíčku s chybou:

Typ zablokování: Unknown

Error: (10/05/2020 12:46:58 PM) (Source: Microsoft-Windows-Defrag) (EventID: 264) (User: )
Description: Optimalizátor úložiště nemohl dokončit retrim na Back (D:), protože: The operation requested is not supported by the hardware backing the volume. (0x8900002A)

Error: (09/26/2020 04:37:20 PM) (Source: Application Hang) (EventID: 1002) (User: )
Description: Program HappyFoto-Designer.exe verze 5.6.13.0 přestal spolupracovat s Windows a byl ukončen. Pokud chcete zjistit, jestli je k dispozici více informací o tomto problému, vyhledejte historii problému na ovládacím panelu Zabezpečení a údržba.

ID procesu: 227c

Čas spuštění: 01d6941263e71151

Čas ukončení: 4294967295

Cesta k aplikaci: C:\Program Files (x86)\HappyFoto DESIGNER\HappyFoto-Designer.exe

ID hlášení: 1370020e-5e4f-4c14-be40-c1c7d2c72834

Úplný název balíčku s chybou:

ID aplikace relativní podle balíčku s chybou:

Typ zablokování: Top level window is idle


System errors:
=============
Error: (10/15/2020 12:01:55 PM) (Source: Service Control Manager) (EventID: 7011) (User: )
Description: Při čekání na odezvu transakce služby AGMService bylo dosaženo časového limitu (30000 ms).

Error: (10/15/2020 11:59:25 AM) (Source: Service Control Manager) (EventID: 7000) (User: )
Description: Služba Freemake Improver neuspěla při spuštění v důsledku následující chyby:
Služba neodpověděla na řídicí nebo zahajovací požadavek dostatečně včas.

Error: (10/15/2020 11:59:25 AM) (Source: Service Control Manager) (EventID: 7009) (User: )
Description: Při čekání na připojení služby Freemake Improver bylo dosaženo časového limitu (45000 ms).

Error: (10/15/2020 11:57:42 AM) (Source: Service Control Manager) (EventID: 7043) (User: )
Description: Služba Avast Antivirus se po přijetí pokynu pro vypnutí neukončila správně.

Error: (10/15/2020 11:56:53 AM) (Source: Service Control Manager) (EventID: 7031) (User: )
Description: Služba Windows Presentation Foundation Font Cache 3.0.0.0 byla nečekaně ukončena. Stalo se to 1 krát. Následující opravná akce bude spuštěna za 0 milisekund: Restart the service.

Error: (10/15/2020 11:56:53 AM) (Source: Service Control Manager) (EventID: 7034) (User: )
Description: Služba Skdaemon Service byla neočekávaně ukončena. Tento stav nastal již 1krát.

Error: (10/15/2020 11:26:57 AM) (Source: Tcpip) (EventID: 4199) (User: )
Description: Systém zjistil konflikt IP adresy 10.0.0.1 se systémem,
jehož síťová hardwarová adresa je 48-88-CA-F9-24-36. Síťové operace v systému mohou
být přerušeny.

Error: (10/13/2020 01:02:27 PM) (Source: DCOM) (EventID: 10010) (User: DESKTOP-89RL4UG)
Description: Server Microsoft.MicrosoftOfficeHub_18.2008.12711.0_x64__8wekyb3d8bbwe!Microsoft.MicrosoftOfficeHub.AppXt4mh7c9swwc5cmd5jgmtmwcfmvkddpn1.mca se v daném časovém limitu neregistroval u služby DCOM.


CodeIntegrity:
===================================

Date: 2020-10-15 13:16:01.5890000Z
Description:
Code Integrity determined that a process (\Device\HarddiskVolume3\Program Files (x86)\AVAST Software\Browser\Application\AvastBrowser.exe) attempted to load \Device\HarddiskVolume3\Program Files\AVAST Software\Avast\x86\aswhook.dll that did not meet the Microsoft signing level requirements.

Date: 2020-10-15 13:15:37.0930000Z
Description:
Code Integrity determined that a process (\Device\HarddiskVolume3\Program Files (x86)\AVAST Software\Browser\Application\AvastBrowser.exe) attempted to load \Device\HarddiskVolume3\Program Files\AVAST Software\Avast\x86\aswhook.dll that did not meet the Microsoft signing level requirements.

Date: 2020-10-15 13:15:25.4820000Z
Description:
Code Integrity determined that a process (\Device\HarddiskVolume3\Program Files (x86)\AVAST Software\Browser\Application\AvastBrowser.exe) attempted to load \Device\HarddiskVolume3\Program Files\AVAST Software\Avast\x86\aswhook.dll that did not meet the Microsoft signing level requirements.

Date: 2020-10-15 13:14:56.8460000Z
Description:
Code Integrity determined that a process (\Device\HarddiskVolume3\Program Files (x86)\AVAST Software\Browser\Application\AvastBrowser.exe) attempted to load \Device\HarddiskVolume3\Program Files\AVAST Software\Avast\x86\aswhook.dll that did not meet the Microsoft signing level requirements.

Date: 2020-10-15 13:14:41.2070000Z
Description:
Code Integrity determined that a process (\Device\HarddiskVolume3\Program Files (x86)\AVAST Software\Browser\Application\AvastBrowser.exe) attempted to load \Device\HarddiskVolume3\Program Files\AVAST Software\Avast\x86\aswhook.dll that did not meet the Microsoft signing level requirements.

Date: 2020-10-15 13:14:23.4220000Z
Description:
Code Integrity determined that a process (\Device\HarddiskVolume3\Program Files (x86)\AVAST Software\Browser\Application\AvastBrowser.exe) attempted to load \Device\HarddiskVolume3\Program Files\AVAST Software\Avast\x86\aswhook.dll that did not meet the Microsoft signing level requirements.

Date: 2020-10-15 13:14:08.3990000Z
Description:
Code Integrity determined that a process (\Device\HarddiskVolume3\Program Files (x86)\AVAST Software\Browser\Application\AvastBrowser.exe) attempted to load \Device\HarddiskVolume3\Program Files\AVAST Software\Avast\x86\aswhook.dll that did not meet the Microsoft signing level requirements.

Date: 2020-10-15 13:13:48.9270000Z
Description:
Code Integrity determined that a process (\Device\HarddiskVolume3\Program Files (x86)\AVAST Software\Browser\Application\AvastBrowser.exe) attempted to load \Device\HarddiskVolume3\Program Files\AVAST Software\Avast\x86\aswhook.dll that did not meet the Microsoft signing level requirements.

==================== Memory info ===========================

BIOS: LENOVO M0KKT17A 08/20/2015
Motherboard: LENOVO SHARKBAY
Processor: Intel(R) Pentium(R) CPU G3260 @ 3.30GHz
Percentage of memory in use: 83%
Total physical RAM: 4005.27 MB
Available physical RAM: 669.11 MB
Total Virtual: 6053.27 MB
Available Virtual: 1182.74 MB

==================== Drives ================================

Drive c: (Windows) (Fixed) (Total:411.39 GB) (Free:339.11 GB) NTFS ==>[system with boot components (obtained from drive)]
Drive d: (Back) (Fixed) (Total:488.28 GB) (Free:410.09 GB) NTFS
Drive l: (KINGSTON) (Removable) (Total:28.85 GB) (Free:26.35 GB) FAT32

\\?\Volume{5c54ca0b-3d03-42ee-bf86-f01bfb318e30}\ (WinRE_DRV) (Fixed) (Total:0.98 GB) (Free:0.52 GB) NTFS
\\?\Volume{5e2dc3bb-2067-4d79-81ea-aa2a9ec717e1}\ (LENOVO_PART) (Fixed) (Total:30 GB) (Free:17.25 GB) NTFS
\\?\Volume{d4fd223c-2cf9-4313-a8e0-2b06e7cec4a5}\ (SYSTEM) (Fixed) (Total:0.25 GB) (Free:0.22 GB) FAT32

==================== MBR & Partition Table ====================

==========================================================
Disk: 0 (Size: 931.5 GB) (Disk ID: E7B780F0)

Partition: GPT.

==========================================================
Disk: 1 (MBR Code: Windows XP) (Size: 28.9 GB) (Disk ID: 77E40D7F)
Partition 1: (Active) - (Size=28.9 GB) - (Type=0C)

==================== End of Addition.txt =======================

Uživatelský avatar
Diallix
Rádce
Rádce
Příspěvky: 2760
Registrován: 27 dub 2008 10:34
Kontaktovat uživatele:

Re: Kontrolu logu, prosím - zdlouhavé načítání

#6 Příspěvek od Diallix »

FRST log nie je kompletny.
Vyšla moja nová kniha BOTNETY! :173: Informácie o nej nájdete tu: >> BOTNETY <<

¯­­­¯­­­¯­­­¯­­­¯­­­¯­­­¯­­­¯­­­¯­­­¯­­­¯­­­¯­­­¯­­­¯­­­¯­­­¯­­­¯­­­¯­­­¯­­­¯­­­¯­­­¯­­­¯­­­¯­­­¯­­­¯­­­¯­­­¯­­­¯­­­¯­­­¯­­­¯­­­¯­­­¯­­­¯­­­¯­­­¯­­­¯­­­¯­­­¯­­­¯­­­¯­­­¯­­­¯­­­¯­­­¯­­­¯­­­¯­­­¯­­­¯­­­¯­­­¯­­­¯­­­¯­­­¯­­­¯­­­¯­­­¯­­­¯­­­¯­­­¯­­­¯­­­¯­­­¯­­­¯­­­¯­­­¯­­­¯­­­¯­­­¯­­­¯­­­¯­­­¯­­­¯­­­¯­­­¯­­­¯­­­¯­­­¯­­­¯­­­¯­­­¯­­­¯­­­¯­­­¯­­­¯­­­¯­­­¯­­­¯­­­¯­­­¯­­­¯­­­¯­­­¯­­­¯­­­¯­­­¯­­­¯­­­¯­­­¯­­­¯­­­¯­­­¯­­­¯­­­¯­­­¯­­­¯­­­¯­­­¯­­­¯­­­¯­­­¯­­­¯­­­¯­­­¯­­­¯­­­¯­­­¯­­­¯­­­¯­­­¯­­­¯­­­¯­­­¯­­­¯­­­¯­­­¯­­­¯­­­¯­­­¯­­­¯­­­¯­­­¯­­­¯­­­¯­­­¯­­­¯­­­¯­­­¯­­­¯­­­¯­­­
---
Obrázek Hľadáme nové posily do nášej CyberSecurity UNIT jednotky. Viac informácií o tom, čo to obnáša a ako sa pripojiť nájdete tu: >> CyberSecurity UNIT << Obrázek
----
Nízkoúrovňový, Vysokoúrovňový programátor - profilová karta tu: card <<
----
Háveťárna - UPLOAD Malwaru: >> upload <<
---
Ak sa Vám ľúbi moja práca a ste sňou spokojný, môžete ma kontaktovať na: diallix@centrum.sk, info@diallix.net alebo diallix@forum.viry.cz .
---
Momentálne aktívny ako:
- konzultant, vývojár a tutor výskumu inteligentného malwaru.
- tutor v oblasti dotazovacích jazykoch SQL (TSQL, PLSQL), objektového programovania (c++,c#,php) pre študentov.

Na fóre pôsobím ako:
- Bezpečnostná autorita viry.cz
- Zástupca tutora pre vzdelávanie nováčikov
- Zakladateľ Cyber Security jednotky

mlzd
Návštěvník
Návštěvník
Příspěvky: 114
Registrován: 02 led 2005 00:36
Bydliště: VDF

Re: Kontrolu logu, prosím - zdlouhavé načítání

#7 Příspěvek od mlzd »

Omlouvám se za chybu. Snad už bude OK.

Scan result of Farbar Recovery Scan Tool (FRST) (x64) Version: 14-10-2020
Ran by wow (administrator) on DESKTOP-89RL4UG (LENOVO 90F1001ECK) (18-10-2020 13:12:57)
Running from C:\Users\wow\Desktop
Loaded Profiles: wow
Platform: Windows 10 Home Version 2004 19041.508 (X64) Language: Angličtina (Spojené státy)
Default browser: FF
Boot Mode: Normal
Tutorial for Farbar Recovery Scan Tool: http://www.geekstogo.com/forum/topic/33 ... scan-tool/

==================== Processes (Whitelisted) =================

(If an entry is included in the fixlist, the process will be closed. The file will not be moved.)

() [File not signed] C:\Program Files\Lenovo\Lenovo Slim USB Keyboard\Sks8821.exe
(AVAST Software s.r.o. -> AVAST Software) C:\Program Files (x86)\AVAST Software\Browser\Update\1.4.154.333\AvastBrowserCrashHandler.exe
(AVAST Software s.r.o. -> AVAST Software) C:\Program Files (x86)\AVAST Software\Browser\Update\1.4.154.333\AvastBrowserCrashHandler64.exe
(Avast Software s.r.o. -> AVAST Software) C:\Program Files\AVAST Software\Avast\aswEngSrv.exe
(Avast Software s.r.o. -> AVAST Software) C:\Program Files\AVAST Software\Avast\aswidsagent.exe
(Avast Software s.r.o. -> AVAST Software) C:\Program Files\AVAST Software\Avast\AvastSvc.exe
(Avast Software s.r.o. -> AVAST Software) C:\Program Files\AVAST Software\Avast\AvastUI.exe <3>
(Avast Software s.r.o. -> AVAST Software) C:\Program Files\AVAST Software\Avast\wsc_proxy.exe
(Google LLC -> ) C:\Program Files\Google\Drive\googledrivesync.exe <2>
(Microsoft Corporation -> Microsoft Corporation) C:\Program Files (x86)\Microsoft\EdgeUpdate\MicrosoftEdgeUpdate.exe
(Microsoft Corporation -> Microsoft Corporation) C:\Windows\Microsoft.NET\Framework64\v3.0\WPF\PresentationFontCache.exe
(Microsoft Windows -> Microsoft Corporation) C:\Windows\ImmersiveControlPanel\SystemSettings.exe
(Microsoft Windows -> Microsoft Corporation) C:\Windows\System32\MoUsoCoreWorker.exe
(Microsoft Windows -> Microsoft Corporation) C:\Windows\System32\MusNotifyIcon.exe
(Microsoft Windows -> Microsoft Corporation) C:\Windows\System32\oobe\UserOOBEBroker.exe
(Microsoft Windows -> Microsoft Corporation) C:\Windows\System32\smartscreen.exe
(Microsoft Windows -> Microsoft Corporation) C:\Windows\WinSxS\amd64_microsoft-windows-servicingstack_31bf3856ad364e35_10.0.19041.504_none_e781e76525fb2269\TiWorker.exe
(Microsoft Windows Hardware Compatibility Publisher -> Intel Corporation) C:\Windows\System32\igfxEM.exe
(Microsoft Windows Hardware Compatibility Publisher -> Intel Corporation) C:\Windows\System32\igfxHK.exe
(Realtek Semiconductor Corp -> Realtek Semiconductor) C:\Program Files\Realtek\Audio\HDA\RAVBg64.exe
(Realtek Semiconductor Corp -> Realtek Semiconductor) C:\Program Files\Realtek\Audio\HDA\RAVCpl64.exe

==================== Registry (Whitelisted) ===================

(If an entry is included in the fixlist, the registry item will be restored to default or removed. The file will not be moved.)

HKLM\...\Run: [Skd8821] => C:\Program Files\Lenovo\Lenovo Slim USB Keyboard\Skd8821.exe [2203648 2015-07-24] (LITE-ON TECHNOLOGY CORP.) [File not signed]
HKLM\...\Run: [AvastUI.exe] => C:\Program Files\AVAST Software\Avast\AvLaunch.exe [109160 2020-09-22] (Avast Software s.r.o. -> AVAST Software)
HKLM\...\Run: [AdobeGCInvoker-1.0] => C:\Program Files (x86)\Common Files\Adobe\AdobeGCClient\AGCInvokerUtility.exe [3402832 2020-09-23] (Adobe Inc. -> Adobe Systems, Incorporated)
HKLM\...\Run: [UMonit] => C:\WINDOWS\SysWOW64\UMonit64.exe [53832 2015-07-15] (Microsoft Windows Hardware Compatibility Publisher -> )
HKLM-x32\...\Run: [GrooveMonitor] => C:\Program Files (x86)\Microsoft Office\Office12\GrooveMonitor.exe [30040 2009-02-26] (Microsoft Corporation -> Microsoft Corporation)
HKU\S-1-5-21-3829197068-2955107618-1151059083-1001\...\Run: [GoogleDriveSync] => C:\Program Files\Google\Drive\googledrivesync.exe [48737752 2020-09-09] (Google LLC -> )
HKU\S-1-5-21-3829197068-2955107618-1151059083-1001\...\Run: [AvastBrowserAutoLaunch_6F12923EB02AD11E91B5AF5FC2A0240C] => C:\Program Files (x86)\AVAST Software\Browser\Application\AvastBrowser.exe [1910664 2020-09-09] (Avast Software s.r.o. -> AVAST Software)
HKU\S-1-5-21-3829197068-2955107618-1151059083-1001\...\Run: [CCleaner Smart Cleaning] => C:\Program Files\CCleaner\CCleaner64.exe [30870200 2020-09-22] (Piriform Software Ltd -> Piriform Software Ltd)
HKU\S-1-5-21-3829197068-2955107618-1151059083-1001\...\Run: [Zoner Photo Studio Autoupdate] => C:\Program Files\Zoner\Photo Studio 17\Program32\ZPSTRAY.EXE [563416 2015-07-12] (ZONER software, a.s. -> ZONER software)
HKU\S-1-5-21-3829197068-2955107618-1151059083-1001\...\MountPoints2: {c238881e-3093-11e7-9bcb-b8aeed9e8c33} - "F:\WD Drive Unlock.exe" autoplay=true
HKLM\Software\Microsoft\Active Setup\Installed Components: [{8A69D345-D564-463c-AFF1-A69D9E530F96}] -> C:\Program Files (x86)\Google\Chrome\Application\86.0.4240.75\Installer\chrmstp.exe [2020-10-08] (Google LLC -> Google LLC)
HKLM\Software\Wow6432Node\Microsoft\Active Setup\Installed Components: [{30C521FB-255B-46C8-9F0D-EE5AE371C9AA}] -> C:\Program Files (x86)\AVAST Software\Browser\Application\85.0.5814.102\Installer\chrmstp.exe [2020-09-22] (Avast Software s.r.o. -> AVAST Software)
HKLM\SOFTWARE\Policies\Mozilla\Firefox: Restriction <==== ATTENTION
HKLM\SOFTWARE\Policies\Google: Restriction <==== ATTENTION

==================== Scheduled Tasks (Whitelisted) ============

(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)

Task: {0B027715-E8F3-471C-8E12-38A46BB1B152} - System32\Tasks\RTKCPL => C:\Program Files\Realtek\Audio\HDA\RAVCpl64.exe [14021336 2015-06-18] (Realtek Semiconductor Corp -> Realtek Semiconductor)
Task: {1F384BCA-F7BC-4900-8EC0-5EFF9A6E64A2} - System32\Tasks\Avast Secure Browser Heartbeat Task (Logon) => C:\Program Files (x86)\AVAST Software\Browser\Application\AvastBrowser.exe [1910664 2020-09-09] (Avast Software s.r.o. -> AVAST Software)
Task: {2AB8667D-C5F6-4D6F-880F-0C5BEB1CD428} - System32\Tasks\AdobeGCInvoker-1.0 => C:\Program Files (x86)\Common Files\Adobe\AdobeGCClient\AGCInvokerUtility.exe [3402832 2020-09-23] (Adobe Inc. -> Adobe Systems, Incorporated)
Task: {332BEADE-FA59-4DE0-A8AE-703E098EF9EE} - System32\Tasks\Lenovo\Lenovo Customer Feedback Program 64 35 => C:\Program Files (x86)\Lenovo\Customer Feedback Program 35\Lenovo.TVT.CustomerFeedback.Agent35.exe [16832 2015-07-02] (LENOVO -> Lenovo)
Task: {3604CD51-66DB-41D2-BE66-177777A8D7EF} - System32\Tasks\Avast Software\Overseer => C:\Program Files\Common Files\Avast Software\Overseer\overseer.exe [1741416 2020-09-18] (Avast Software s.r.o. -> Avast Software)
Task: {376BF646-AAB3-4006-BEF8-63BEFDC4FF3A} - System32\Tasks\Avast Secure Browser Heartbeat Task (Hourly) => C:\Program Files (x86)\AVAST Software\Browser\Application\AvastBrowser.exe [1910664 2020-09-09] (Avast Software s.r.o. -> AVAST Software)
Task: {3CA42C64-BB1B-4A4F-910E-D797E5FEBC39} - System32\Tasks\RtHDVBg_LENOVO_MICPKEY => C:\Program Files\Realtek\Audio\HDA\RAVBg64.exe [1393880 2015-04-28] (Realtek Semiconductor Corp -> Realtek Semiconductor)
Task: {5853D4A8-F101-4BD6-8222-1D11E87D930D} - System32\Tasks\CCleanerSkipUAC => C:\Program Files\CCleaner\CCleaner.exe [25492152 2020-09-22] (Piriform Software Ltd -> Piriform Software Ltd)
Task: {5FACED1A-309F-4D22-AB86-B4A1F8455210} - System32\Tasks\Adobe Acrobat Update Task => C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\AdobeARM.exe [1341008 2020-09-06] (Adobe Inc. -> Adobe Inc.)
Task: {682FA09C-6ECB-4EC5-AF92-A8247A922FD3} - System32\Tasks\Lenovo\Experience Improvement => C:\Program Files\Lenovo\ExperienceImprovement\LenovoExperienceImprovement.exe
Task: {68D983E9-833D-4429-882D-2110821B6919} - System32\Tasks\CCleaner Update => C:\Program Files\CCleaner\CCUpdate.exe [686384 2020-09-22] (Piriform Software Ltd -> Piriform Software Ltd)
Task: {6910D012-B236-413F-91E3-E3E7F31B80B1} - System32\Tasks\Microsoft\Windows Live\SOXE\Extractor Definitions Update Task => {3519154C-227E-47F3-9CC9-12C3F05817F1}
Task: {6950C17C-B842-4F7D-9124-7E02A3B2EAFB} - System32\Tasks\AdobeAAMUpdater-1.0-DESKTOP-89RL4UG-wow => C:\Program Files (x86)\Common Files\Adobe\OOBE\PDApp\UWA\UpdaterStartupUtility.exe
Task: {8099E23A-872C-4308-94AB-E51546340684} - System32\Tasks\GoogleUpdateTaskMachineCore => C:\Program Files (x86)\Google\Update\GoogleUpdate.exe [153168 2017-05-04] (Google Inc -> Google Inc.)
Task: {80E825D2-0663-4575-97D1-B7C2950BD93B} - System32\Tasks\Adobe Flash Player Updater => C:\WINDOWS\SysWOW64\Macromed\Flash\FlashPlayerUpdateService.exe [335416 2020-09-12] (Adobe Inc. -> Adobe)
Task: {8EC59382-D07A-4AF2-BDB9-E2AB6A4052C8} - System32\Tasks\Mozilla\Firefox Default Browser Agent 308046B0AF4A39CB => C:\Program Files\Mozilla Firefox\default-browser-agent.exe [660688 2020-10-14] (Mozilla Corporation -> Mozilla Foundation)
Task: {B69FD22A-9A0C-441C-B60C-2C1F9C81D3F3} - System32\Tasks\AvastUpdateTaskMachineUA => C:\Program Files (x86)\AVAST Software\Browser\Update\AvastBrowserUpdate.exe [164984 2018-07-08] (AVAST Software s.r.o. -> AVAST Software)
Task: {BFF500AA-A1F8-4461-8B39-991B0538D9B0} - System32\Tasks\AVAST Software\Avast settings backup => C:\Program Files\Common Files\AV\avast! Antivirus\backup.exe
Task: {D32679CA-202F-495E-BDC5-25DA16392DDA} - System32\Tasks\AvastUpdateTaskMachineCore => C:\Program Files (x86)\AVAST Software\Browser\Update\AvastBrowserUpdate.exe [164984 2018-07-08] (AVAST Software s.r.o. -> AVAST Software)
Task: {D921ED68-211B-4E87-8CD1-D966195A8B45} - System32\Tasks\Microsoft\Windows\PLA\LSC Memory => C:\Windows\system32\rundll32.exe C:\Windows\system32\pla.dll,PlaHost "LSC Memory" "$(Arg0)"
Task: {DAB66E47-0302-4E9D-8B6D-AD33F73694F0} - System32\Tasks\Avast Emergency Update => C:\Program Files\AVAST Software\Avast\AvEmUpdate.exe [3850336 2020-09-22] (Avast Software s.r.o. -> AVAST Software)
Task: {E8961676-42B6-4068-BE5D-4C9690304F05} - System32\Tasks\GoogleUpdateTaskMachineUA => C:\Program Files (x86)\Google\Update\GoogleUpdate.exe [153168 2017-05-04] (Google Inc -> Google Inc.)
Task: {F5739B75-3C77-4231-BDC8-A478EB653E69} - System32\Tasks\Adobe Flash Player NPAPI Notifier => C:\WINDOWS\SysWOW64\Macromed\Flash\FlashUtil32_32_0_0_433_Plugin.exe [1502264 2020-09-12] (Adobe Inc. -> Adobe)

(If an entry is included in the fixlist, the task (.job) file will be moved. The file which is running by the task will not be moved.)


==================== Internet (Whitelisted) ====================

(If an item is included in the fixlist, if it is a registry item it will be removed or restored to default.)

Tcpip\Parameters: [DhcpNameServer] 10.0.0.138
Tcpip\..\Interfaces\{39597aef-b25c-4b33-9f95-6ddc1c9a2f2a}: [DhcpNameServer] 10.0.0.138

Edge:
======
Edge Profile: C:\Users\wow\AppData\Local\Microsoft\Edge\User Data\Default [2020-10-16]
Edge StartupUrls: Default -> "hxxps://www.chess.com/club/czechoslovakia-team"

FireFox:
========
FF DefaultProfile: sex1ek5a.default
FF ProfilePath: C:\Users\wow\AppData\Roaming\Mozilla\Firefox\Profiles\sex1ek5a.default [2020-10-18]
FF Homepage: Mozilla\Firefox\Profiles\sex1ek5a.default -> hxxps://www.seznam.cz/
FF Extension: (No Name) - C:\Users\wow\AppData\Roaming\Mozilla\Firefox\Profiles\sex1ek5a.default\extensions\{ea614400-e918-4741-9a97-7a972ff7c30b} [not found]
FF ProfilePath: C:\Users\wow\AppData\Roaming\KompoZer\Profiles\qhlhqfx9.default [2018-04-30]
FF Plugin: @adobe.com/FlashPlayer -> C:\WINDOWS\system32\Macromed\Flash\NPSWF64_32_0_0_433.dll [2020-09-12] (Adobe Inc. -> )
FF Plugin-x32: @adobe.com/FlashPlayer -> C:\WINDOWS\SysWOW64\Macromed\Flash\NPSWF32_32_0_0_433.dll [2020-09-12] (Adobe Inc. -> )
FF Plugin-x32: @intel-webapi.intel.com/Intel WebAPI ipt;version=4.0.68 -> C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\IPT\npIntelWebAPIIPT.dll [2015-04-21] (Intel(R) Identity Protection Technology Software -> Intel Corporation)
FF Plugin-x32: @intel-webapi.intel.com/Intel WebAPI updater -> C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\IPT\npIntelWebAPIUpdater.dll [2015-04-21] (Intel(R) Identity Protection Technology Software -> Intel Corporation)
FF Plugin-x32: @microsoft.com/WLPG,version=16.4.3528.0331 -> C:\Program Files (x86)\Windows Live\Photo Gallery\NPWLPG.dll [2014-03-31] (Microsoft Corporation -> Microsoft Corporation)
FF Plugin-x32: Adobe Reader -> C:\Program Files (x86)\Adobe\Acrobat Reader DC\Reader\AIR\nppdf32.dll [2020-09-11] (Adobe Inc. -> Adobe Systems Inc.)

Chrome:
=======
CHR Profile: C:\Users\wow\AppData\Local\Google\Chrome\User Data\Default [2020-10-16]
CHR Extension: (Slides) - C:\Users\wow\AppData\Local\Google\Chrome\User Data\Default\Extensions\aapocclcgogkmnckokdopfmhonfmgoek [2017-10-18]
CHR Extension: (Docs) - C:\Users\wow\AppData\Local\Google\Chrome\User Data\Default\Extensions\aohghmighlieiainnegkcijnfilokake [2017-10-18]
CHR Extension: (Google Drive) - C:\Users\wow\AppData\Local\Google\Chrome\User Data\Default\Extensions\apdfllckaahabafndbhieahigkjlhalf [2017-05-04]
CHR Extension: (YouTube) - C:\Users\wow\AppData\Local\Google\Chrome\User Data\Default\Extensions\blpcfgokakmgnkcojhhkbfbldkacnbeo [2017-05-04]
CHR Extension: (Sheets) - C:\Users\wow\AppData\Local\Google\Chrome\User Data\Default\Extensions\felcaaldnbdncclmgdcncolpebgiejap [2017-10-18]
CHR Extension: (Google Docs Offline) - C:\Users\wow\AppData\Local\Google\Chrome\User Data\Default\Extensions\ghbmnnjooekpmoecnnnilnnbdlolhkhi [2020-09-17]
CHR Extension: (Application Launcher for Drive (by Google)) - C:\Users\wow\AppData\Local\Google\Chrome\User Data\Default\Extensions\lmjegmlicamnimmfhcmpkclmigmmcbeh [2020-10-13]
CHR Extension: (Chrome Web Store Payments) - C:\Users\wow\AppData\Local\Google\Chrome\User Data\Default\Extensions\nmmhkkegccagdldgiimedpiccmgmieda [2019-10-05]
CHR Extension: (Gmail) - C:\Users\wow\AppData\Local\Google\Chrome\User Data\Default\Extensions\pjkljhegncpnkpknbcohdijeoejaedia [2019-05-01]
CHR Extension: (Chrome Media Router) - C:\Users\wow\AppData\Local\Google\Chrome\User Data\Default\Extensions\pkedcjkdefgpdelpbcmbmeomcjbeemfm [2020-10-09]
CHR HKU\S-1-5-21-3829197068-2955107618-1151059083-1001\SOFTWARE\Google\Chrome\Extensions\...\Chrome\Extension: [lmjegmlicamnimmfhcmpkclmigmmcbeh]
CHR HKLM-x32\...\Chrome\Extension: [eofcbnmajmjmplflapaojjnihcjkigck]

==================== Services (Whitelisted) ===================

(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)

S2 AdobeARMservice; C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\armsvc.exe [169544 2020-09-06] (Adobe Inc. -> Adobe Inc.)
S3 AdobeFlashPlayerUpdateSvc; C:\WINDOWS\SysWOW64\Macromed\Flash\FlashPlayerUpdateService.exe [335416 2020-09-12] (Adobe Inc. -> Adobe)
S2 AGMService; C:\Program Files (x86)\Common Files\Adobe\AdobeGCClient\AGMService.exe [3739728 2020-09-23] (Adobe Inc. -> Adobe Systems, Incorporated)
S2 AGSService; C:\Program Files (x86)\Common Files\Adobe\AdobeGCClient\AGSService.exe [3511376 2020-09-23] (Adobe Inc. -> Adobe Systems, Incorporated)
R3 aswbIDSAgent; C:\Program Files\AVAST Software\Avast\aswidsagent.exe [7824280 2020-09-22] (Avast Software s.r.o. -> AVAST Software)
S2 avast; C:\Program Files (x86)\AVAST Software\Browser\Update\AvastBrowserUpdate.exe [164984 2018-07-08] (AVAST Software s.r.o. -> AVAST Software)
R2 avast! Antivirus; C:\Program Files\AVAST Software\Avast\AvastSvc.exe [357848 2020-09-22] (Avast Software s.r.o. -> AVAST Software)
S3 avastm; C:\Program Files (x86)\AVAST Software\Browser\Update\AvastBrowserUpdate.exe [164984 2018-07-08] (AVAST Software s.r.o. -> AVAST Software)
S3 AvastSecureBrowserElevationService; C:\Program Files (x86)\AVAST Software\Browser\Application\85.0.5814.102\elevation_service.exe [1080640 2020-09-09] (Avast Software s.r.o. -> AVAST Software)
R2 AvastWscReporter; C:\Program Files\AVAST Software\Avast\wsc_proxy.exe [58048 2020-09-22] (Avast Software s.r.o. -> AVAST Software)
S2 Freemake Improver; C:\ProgramData\Freemake\FreemakeUtilsService\FreemakeUtilsService.exe [82216 2020-09-30] (Mixbyte Inc -> Freemake)
S3 Intel(R) Security Assist; C:\Program Files (x86)\Intel\Intel(R) Security Assist\isa.exe [335872 2015-05-19] (Intel Corporation) [File not signed]
S2 isaHelperSvc; C:\Program Files (x86)\Intel\Intel(R) Security Assist\isaHelperService.exe [7680 2015-05-19] () [File not signed]
S3 Lenovo EasyPlus Hotspot; C:\Program Files (x86)\Common Files\LENOVO\easyplussdk\bin\EPHotspot64.exe [619776 2015-01-15] (LENOVO -> Lenovo)
S3 MBAMService; C:\Program Files\Malwarebytes\Anti-Malware\MBAMService.exe [7185288 2020-10-13] (Malwarebytes Inc -> Malwarebytes)
R2 Sks8821; C:\Program Files\Lenovo\Lenovo Slim USB Keyboard\Sks8821.exe [137216 2010-05-04] () [File not signed]
S3 WdNisSvc; C:\ProgramData\Microsoft\Windows Defender\platform\4.18.1911.3-0\NisSrv.exe [3206472 2019-12-14] (Microsoft Windows Publisher -> Microsoft Corporation)
S3 WinDefend; C:\ProgramData\Microsoft\Windows Defender\platform\4.18.1911.3-0\MsMpEng.exe [103376 2019-12-14] (Microsoft Windows Publisher -> Microsoft Corporation)

===================== Drivers (Whitelisted) ===================

(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)

R0 aswArDisk; C:\WINDOWS\System32\drivers\aswArDisk.sys [37136 2020-09-22] (Avast Software s.r.o. -> AVAST Software)
R1 aswArPot; C:\WINDOWS\System32\drivers\aswArPot.sys [206392 2020-09-22] (Avast Software s.r.o. -> AVAST Software)
R1 aswbidsdriver; C:\WINDOWS\System32\drivers\aswbidsdriver.sys [235584 2020-09-22] (Avast Software s.r.o. -> AVAST Software)
R0 aswbidsh; C:\WINDOWS\System32\drivers\aswbidsh.sys [195648 2020-09-22] (Avast Software s.r.o. -> AVAST Software)
R0 aswbuniv; C:\WINDOWS\System32\drivers\aswbuniv.sys [60480 2020-09-22] (Avast Software s.r.o. -> AVAST Software)
R0 aswElam; C:\WINDOWS\System32\drivers\aswElam.sys [16824 2020-07-21] (Microsoft Windows Early Launch Anti-malware Publisher -> AVAST Software)
R1 aswKbd; C:\WINDOWS\System32\drivers\aswKbd.sys [42768 2020-09-22] (Avast Software s.r.o. -> AVAST Software)
R2 aswMonFlt; C:\WINDOWS\System32\drivers\aswMonFlt.sys [175192 2020-09-22] (Avast Software s.r.o. -> AVAST Software)
R1 aswNetHub; C:\WINDOWS\System32\drivers\aswNetHub.sys [517592 2020-09-24] (Avast Software s.r.o. -> AVAST Software)
R1 aswRdr; C:\WINDOWS\System32\drivers\aswRdr2.sys [109272 2020-09-22] (Avast Software s.r.o. -> AVAST Software)
R0 AswRvrt; C:\WINDOWS\System32\drivers\aswRvrt.sys [84848 2020-09-22] (Avast Software s.r.o. -> AVAST Software)
R1 aswSnx; C:\WINDOWS\System32\drivers\aswSnx.sys [851600 2020-09-22] (Avast Software s.r.o. -> AVAST Software)
R1 aswSP; C:\WINDOWS\System32\drivers\aswSP.sys [469880 2020-09-22] (Avast Software s.r.o. -> AVAST Software)
R2 aswStm; C:\WINDOWS\System32\drivers\aswStm.sys [217328 2020-09-22] (Avast Software s.r.o. -> AVAST Software)
R0 aswVmm; C:\WINDOWS\System32\drivers\aswVmm.sys [326408 2020-09-22] (Avast Software s.r.o. -> AVAST Software)
S3 BthA2dp; C:\WINDOWS\System32\drivers\BthA2dp.sys [279040 2019-12-07] (Microsoft Corporation) [File not signed]
R3 GeneStor; C:\WINDOWS\system32\DRIVERS\GeneStor.sys [115704 2015-07-15] (GENESYS LOGIC, INC. -> GenesysLogic)
S0 MbamElam; C:\WINDOWS\System32\DRIVERS\MbamElam.sys [19912 2020-10-13] (Microsoft Windows Early Launch Anti-malware Publisher -> Malwarebytes)
S3 MBAMSwissArmy; C:\WINDOWS\System32\Drivers\mbamswissarmy.sys [248968 2020-10-13] (Malwarebytes Inc -> Malwarebytes)
S3 WdBoot; C:\WINDOWS\system32\drivers\wd\WdBoot.sys [45664 2019-12-14] (Microsoft Windows Early Launch Anti-malware Publisher -> Microsoft Corporation)
S3 WDC_SAM; C:\WINDOWS\System32\drivers\wdcsam64.sys [26880 2017-05-04] (WDKTestCert wdclab,130885612892544312 -> Western Digital Technologies, Inc.)
S3 WdFilter; C:\WINDOWS\system32\drivers\wd\WdFilter.sys [355760 2019-12-14] (Microsoft Windows -> Microsoft Corporation)
S3 WdNisDrv; C:\WINDOWS\System32\drivers\wd\WdNisDrv.sys [54192 2019-12-14] (Microsoft Windows -> Microsoft Corporation)
S3 wsvd; C:\WINDOWS\system32\DRIVERS\wsvd.sys [102376 2012-06-14] (CyberLink -> "CyberLink)

==================== NetSvcs (Whitelisted) ===================

(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)


==================== One month (created) ===================

(If an entry is included in the fixlist, the file/folder will be moved.)

2020-10-18 13:12 - 2020-10-18 13:14 - 000020641 _____ C:\Users\wow\Desktop\FRST.txt
2020-10-18 12:31 - 2020-10-18 12:31 - 000000000 ___HD C:\Users\Public\Documents\AdobeGC
2020-10-18 12:31 - 2020-10-18 12:31 - 000000000 ___HD C:\ProgramData\Documents\AdobeGC
2020-10-15 11:55 - 2020-10-15 11:56 - 000000000 ____D C:\AdwCleaner
2020-10-15 11:53 - 2020-10-15 11:53 - 008447152 _____ (Malwarebytes) C:\Users\wow\Desktop\adwcleaner_8.0.8.exe
2020-10-14 14:13 - 2020-10-14 14:13 - 000000000 ____D C:\WINDOWS\system32\Tasks\Mozilla
2020-10-14 12:47 - 2020-10-18 13:13 - 000000000 ____D C:\FRST
2020-10-14 12:46 - 2020-10-15 13:05 - 002299904 _____ (Farbar) C:\Users\wow\Desktop\FRST64.exe
2020-10-14 12:11 - 2020-10-15 11:58 - 000000000 ____D C:\Program Files\Mozilla Firefox
2020-10-13 23:51 - 2020-10-13 23:51 - 000248968 _____ (Malwarebytes) C:\WINDOWS\system32\Drivers\mbamswissarmy.sys
2020-10-13 23:51 - 2020-10-13 23:51 - 000002040 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Malwarebytes.lnk
2020-10-13 23:51 - 2020-10-13 23:50 - 000019912 _____ (Malwarebytes) C:\WINDOWS\system32\Drivers\MbamElam.sys
2020-10-12 18:40 - 2020-10-12 18:40 - 000135670 _____ C:\Users\wow\Downloads\Vypis_z_uctu_0-165905043_z_20200930.pdf
2020-10-09 19:13 - 2020-10-09 19:14 - 000000000 ____D C:\Users\wow\AppData\Local\FreemakeVideoConverter
2020-10-09 19:12 - 2020-10-09 19:23 - 000000000 ____D C:\Program Files (x86)\Freemake
2020-10-09 19:12 - 2020-10-09 19:13 - 000000000 ____D C:\ProgramData\Freemake
2020-10-09 19:05 - 2020-10-09 19:05 - 000000000 ____D C:\Users\wow\.fontconfig
2020-10-09 19:04 - 2020-10-09 19:04 - 000000000 ____D C:\Users\wow\AppData\Local\Movavi
2020-10-09 19:04 - 2020-10-09 19:04 - 000000000 ____D C:\Users\wow\AppData\Local\CrashRpt
2020-10-09 19:04 - 2020-10-09 19:04 - 000000000 ____D C:\Users\wow\AppData\Local\ConverterAgent
2020-10-09 19:04 - 2020-10-09 19:04 - 000000000 ____D C:\Users\wow\AppData\Local\converter
2020-10-09 19:04 - 2020-10-09 19:04 - 000000000 ____D C:\ProgramData\movavi
2020-10-09 19:03 - 2020-10-09 19:09 - 000000000 ____D C:\Users\wow\AppData\Roaming\Movavi Video Converter 20 Premium
2020-10-09 19:03 - 2020-10-09 19:03 - 000005030 _____ C:\ProgramData\ziwxpjps.faw
2020-10-09 19:03 - 2020-10-09 19:03 - 000000016 _____ C:\ProgramData\mntemp
2020-10-09 18:28 - 2020-10-09 18:28 - 000000000 ____D C:\Users\wow\AppData\Roaming\dvdcss
2020-10-09 18:26 - 2020-10-09 18:26 - 000000000 ____D C:\Users\wow\AppData\Local\Blu-ray Master
2020-10-05 12:52 - 2020-10-05 12:53 - 000000000 ____D C:\Users\wow\Downloads\film
2020-09-22 14:58 - 2020-09-22 14:57 - 000338528 _____ (AVAST Software) C:\WINDOWS\system32\aswBoot.exe
2020-09-22 14:58 - 2020-09-22 14:57 - 000217328 _____ (AVAST Software) C:\WINDOWS\system32\Drivers\aswStm.sys
2020-09-22 14:58 - 2020-09-22 14:57 - 000175192 _____ (AVAST Software) C:\WINDOWS\system32\Drivers\aswMonFlt.sys

==================== One month (modified) ==================

(If an entry is included in the fixlist, the file/folder will be moved.)

2020-10-18 13:13 - 2020-08-27 12:22 - 000004208 _____ C:\WINDOWS\system32\Tasks\User_Feed_Synchronization-{AFE96C0B-29CD-44E2-AC4A-5583F4CD3869}
2020-10-18 13:05 - 2019-12-07 11:03 - 000000000 ____D C:\WINDOWS\CbsTemp
2020-10-18 13:02 - 2019-12-07 11:14 - 000000000 ____D C:\WINDOWS\AppReadiness
2020-10-18 13:02 - 2019-12-07 11:14 - 000000000 ____D C:\ProgramData\regid.1991-06.com.microsoft
2020-10-18 12:58 - 2017-10-08 13:23 - 000000000 ____D C:\Users\wow\AppData\Local\AVAST Software
2020-10-18 12:58 - 2017-05-04 19:21 - 000000000 ____D C:\Users\wow\AppData\LocalLow\Mozilla
2020-10-18 12:47 - 2018-05-19 08:46 - 000000000 ___HD C:\Users\wow\Documents\.tmp.drivedownload
2020-10-18 12:43 - 2020-06-10 15:17 - 000002428 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Microsoft Edge.lnk
2020-10-18 12:43 - 2020-06-10 15:17 - 000002266 _____ C:\Users\Public\Desktop\Microsoft Edge.lnk
2020-10-18 12:43 - 2020-06-10 15:17 - 000002266 _____ C:\ProgramData\Desktop\Microsoft Edge.lnk
2020-10-18 12:43 - 2019-12-07 11:14 - 000000000 ___HD C:\Program Files\WindowsApps
2020-10-18 12:27 - 2017-05-04 09:35 - 000000000 ____D C:\ProgramData\AVAST Software
2020-10-18 12:20 - 2020-08-27 12:22 - 000003584 _____ C:\WINDOWS\system32\Tasks\MicrosoftEdgeUpdateTaskMachineUA
2020-10-18 12:20 - 2020-08-27 12:22 - 000003460 _____ C:\WINDOWS\system32\Tasks\MicrosoftEdgeUpdateTaskMachineCore
2020-10-18 12:20 - 2017-05-04 22:08 - 000000000 ___RD C:\Users\wow\Disk Google
2020-10-18 12:18 - 2017-12-03 20:31 - 000000180 _____ C:\WINDOWS\system32\{A6D608F0-0BDE-491A-97AE-5C4B05D86E01}.bat
2020-10-18 12:18 - 2017-05-04 08:39 - 000000000 __SHD C:\Users\wow\IntelGraphicsProfiles
2020-10-16 13:10 - 2020-08-27 21:33 - 000716586 _____ C:\WINDOWS\system32\perfh005.dat
2020-10-16 13:10 - 2020-08-27 21:33 - 000144784 _____ C:\WINDOWS\system32\perfc005.dat
2020-10-16 13:10 - 2020-08-27 12:16 - 001693136 _____ C:\WINDOWS\system32\PerfStringBackup.INI
2020-10-16 13:10 - 2019-12-07 11:13 - 000000000 ____D C:\WINDOWS\INF
2020-10-16 13:09 - 2020-08-07 11:35 - 000000000 ___HD C:\$WinREAgent
2020-10-16 13:03 - 2020-08-27 12:22 - 000000006 ____H C:\WINDOWS\Tasks\SA.DAT
2020-10-16 13:03 - 2020-08-27 12:00 - 000008192 ___SH C:\DumpStack.log.tmp
2020-10-16 13:02 - 2019-12-07 11:03 - 000524288 _____ C:\WINDOWS\system32\config\BBI
2020-10-16 13:00 - 2020-08-27 12:22 - 000003752 _____ C:\WINDOWS\system32\Tasks\Adobe Flash Player NPAPI Notifier
2020-10-16 13:00 - 2020-08-27 12:22 - 000003482 _____ C:\WINDOWS\system32\Tasks\Adobe Acrobat Update Task
2020-10-16 13:00 - 2020-08-27 12:22 - 000003400 _____ C:\WINDOWS\system32\Tasks\GoogleUpdateTaskMachineUA
2020-10-16 13:00 - 2020-08-27 12:22 - 000003194 _____ C:\WINDOWS\system32\Tasks\CCleaner Update
2020-10-16 13:00 - 2020-08-27 12:22 - 000003176 _____ C:\WINDOWS\system32\Tasks\GoogleUpdateTaskMachineCore
2020-10-16 13:00 - 2020-08-27 12:22 - 000002862 _____ C:\WINDOWS\system32\Tasks\OneDrive Standalone Update Task-S-1-5-21-3829197068-2955107618-1151059083-1001
2020-10-16 13:00 - 2020-08-27 12:22 - 000002770 _____ C:\WINDOWS\system32\Tasks\AdobeAAMUpdater-1.0-DESKTOP-89RL4UG-wow
2020-10-16 13:00 - 2020-08-27 12:22 - 000002612 _____ C:\WINDOWS\system32\Tasks\AdobeGCInvoker-1.0
2020-10-16 13:00 - 2020-08-27 12:22 - 000002336 _____ C:\WINDOWS\system32\Tasks\RtHDVBg_LENOVO_MICPKEY
2020-10-16 13:00 - 2020-08-27 12:22 - 000002280 _____ C:\WINDOWS\system32\Tasks\RTKCPL
2020-10-16 13:00 - 2020-08-27 12:22 - 000002220 _____ C:\WINDOWS\system32\Tasks\CCleanerSkipUAC
2020-10-16 13:00 - 2020-08-27 12:22 - 000000000 ____D C:\WINDOWS\system32\Tasks\AVAST Software
2020-10-16 11:37 - 2020-08-27 12:00 - 000000000 ____D C:\WINDOWS\system32\SleepStudy
2020-10-16 10:14 - 2020-08-27 12:22 - 000004264 _____ C:\WINDOWS\system32\Tasks\Avast Emergency Update
2020-10-16 01:08 - 2017-10-18 18:44 - 000001006 _____ C:\Users\Public\Desktop\calibre 64bit - E-book management.lnk
2020-10-16 01:08 - 2017-10-18 18:44 - 000001006 _____ C:\ProgramData\Desktop\calibre 64bit - E-book management.lnk
2020-10-16 01:08 - 2017-05-04 20:54 - 000000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\calibre 64bit - E-book Management
2020-10-16 01:08 - 2017-05-04 20:54 - 000000000 ____D C:\Program Files\Calibre2
2020-10-15 11:58 - 2017-05-04 19:21 - 000000000 ____D C:\Program Files (x86)\Mozilla Maintenance Service
2020-10-15 11:34 - 2020-08-27 12:04 - 000002366 _____ C:\Users\wow\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\OneDrive.lnk
2020-10-15 11:34 - 2017-05-04 08:42 - 000000000 ___RD C:\Users\wow\OneDrive
2020-10-15 11:31 - 2019-10-03 10:00 - 000000000 ___HD C:\Users\Public\Documents\AdobeGCData
2020-10-15 11:31 - 2019-10-03 10:00 - 000000000 ___HD C:\ProgramData\Documents\AdobeGCData
2020-10-14 14:13 - 2017-05-04 19:21 - 000001012 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Firefox.lnk
2020-10-13 23:51 - 2020-02-16 11:30 - 000002028 _____ C:\Users\Public\Desktop\Malwarebytes.lnk
2020-10-13 23:51 - 2020-02-16 11:30 - 000002028 _____ C:\ProgramData\Desktop\Malwarebytes.lnk
2020-10-13 23:51 - 2019-12-07 11:14 - 000000000 ___HD C:\WINDOWS\ELAMBKUP
2020-10-13 23:50 - 2020-02-16 11:30 - 000153312 _____ (Malwarebytes) C:\WINDOWS\system32\Drivers\mbae64.sys
2020-10-09 19:05 - 2020-08-27 12:04 - 000000000 ____D C:\Users\wow
2020-10-09 19:05 - 2020-02-16 11:31 - 000000000 ____D C:\Users\wow\AppData\Local\cache
2020-10-08 21:21 - 2017-05-04 11:49 - 000002308 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Google Chrome.lnk
2020-10-08 21:21 - 2017-05-04 11:49 - 000002267 _____ C:\Users\Public\Desktop\Google Chrome.lnk
2020-10-08 21:21 - 2017-05-04 11:49 - 000002267 _____ C:\ProgramData\Desktop\Google Chrome.lnk
2020-10-03 02:33 - 2019-12-07 11:18 - 000835472 _____ (Adobe) C:\WINDOWS\SysWOW64\FlashPlayerApp.exe
2020-10-03 02:33 - 2019-12-07 11:18 - 000179608 _____ (Adobe) C:\WINDOWS\SysWOW64\FlashPlayerCPLApp.cpl
2020-09-26 13:24 - 2017-05-04 20:01 - 000000000 ____D C:\Users\wow\AppData\Local\CrashDumps
2020-09-25 16:32 - 2018-01-05 23:27 - 000000000 ____D C:\Program Files (x86)\HappyFoto DESIGNER
2020-09-25 10:46 - 2020-08-24 12:07 - 000000000 ____D C:\Users\wow\AppData\Local\ElevatedDiagnostics
2020-09-25 09:32 - 2017-05-05 13:57 - 000002143 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Acrobat Reader DC.lnk
2020-09-24 14:22 - 2017-05-03 22:34 - 000000870 _____ C:\Users\Public\Desktop\CCleaner.lnk
2020-09-24 14:22 - 2017-05-03 22:34 - 000000870 _____ C:\ProgramData\Desktop\CCleaner.lnk
2020-09-24 10:19 - 2020-04-02 12:56 - 000517592 _____ (AVAST Software) C:\WINDOWS\system32\Drivers\aswNetHub.sys
2020-09-24 09:22 - 2017-09-14 10:43 - 000000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Backup and Sync from Google
2020-09-23 09:54 - 2019-02-06 10:50 - 000000000 ____D C:\ProgramData\Mozilla
2020-09-22 14:59 - 2017-11-30 18:27 - 000326408 _____ (AVAST Software) C:\WINDOWS\system32\Drivers\aswVmm.sys
2020-09-22 14:57 - 2019-01-27 00:23 - 000235584 _____ (AVAST Software) C:\WINDOWS\system32\Drivers\aswbidsdriver.sys
2020-09-22 14:57 - 2019-01-18 20:23 - 000195648 _____ (AVAST Software) C:\WINDOWS\system32\Drivers\aswbidsh.sys
2020-09-22 14:57 - 2019-01-18 20:23 - 000060480 _____ (AVAST Software) C:\WINDOWS\system32\Drivers\aswbuniv.sys
2020-09-22 14:57 - 2019-01-18 20:23 - 000037136 _____ (AVAST Software) C:\WINDOWS\system32\Drivers\aswArDisk.sys
2020-09-22 14:57 - 2018-10-12 12:10 - 000042768 _____ (AVAST Software) C:\WINDOWS\system32\Drivers\aswKbd.sys
2020-09-22 14:57 - 2017-11-30 18:27 - 000851600 _____ (AVAST Software) C:\WINDOWS\system32\Drivers\aswSnx.sys
2020-09-22 14:57 - 2017-11-30 18:27 - 000469880 _____ (AVAST Software) C:\WINDOWS\system32\Drivers\aswSP.sys
2020-09-22 14:57 - 2017-11-30 18:27 - 000206392 _____ (AVAST Software) C:\WINDOWS\system32\Drivers\aswArPot.sys
2020-09-22 14:57 - 2017-11-30 18:27 - 000109272 _____ (AVAST Software) C:\WINDOWS\system32\Drivers\aswRdr2.sys
2020-09-22 14:57 - 2017-11-30 18:27 - 000084848 _____ (AVAST Software) C:\WINDOWS\system32\Drivers\aswRvrt.sys
2020-09-22 09:41 - 2018-07-08 17:46 - 000002505 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Avast Secure Browser.lnk
2020-09-22 09:41 - 2018-07-08 17:46 - 000002470 _____ C:\Users\Public\Desktop\Avast Secure Browser.lnk
2020-09-22 09:41 - 2018-07-08 17:46 - 000002470 _____ C:\ProgramData\Desktop\Avast Secure Browser.lnk
2020-09-22 09:37 - 2017-05-04 11:23 - 000000000 ____D C:\WINDOWS\system32\MRT
2020-09-22 09:31 - 2017-05-04 11:23 - 129170736 ____C (Microsoft Corporation) C:\WINDOWS\system32\MRT.exe

==================== Files in the root of some directories ========

2017-05-04 08:56 - 2017-05-04 09:20 - 000000600 _____ () C:\Users\wow\AppData\Roaming\winscp.rnd
2018-05-19 09:31 - 2019-05-01 21:33 - 000003584 _____ () C:\Users\wow\AppData\Local\DCBC2A71-70D8-4DAN-EHR8-E0D61DEA3FDF.ini
2018-10-13 17:28 - 2018-10-13 17:28 - 000000000 _____ () C:\Users\wow\AppData\Local\oobelibMkey.log
2017-05-08 20:42 - 2017-11-30 12:50 - 000007605 _____ () C:\Users\wow\AppData\Local\Resmon.ResmonCfg

==================== SigCheck ============================

(There is no automatic fix for files that do not pass verification.)

==================== End of FRST.txt ========================


Additional scan result of Farbar Recovery Scan Tool (x64) Version: 14-10-2020
Ran by wow (18-10-2020 13:16:20)
Running from C:\Users\wow\Desktop
Windows 10 Home Version 2004 19041.508 (X64) (2020-08-27 10:22:50)
Boot Mode: Normal
==========================================================


==================== Accounts: =============================

Administrator (S-1-5-21-3829197068-2955107618-1151059083-500 - Administrator - Disabled)
DefaultAccount (S-1-5-21-3829197068-2955107618-1151059083-503 - Limited - Disabled)
Guest (S-1-5-21-3829197068-2955107618-1151059083-501 - Limited - Disabled)
WDAGUtilityAccount (S-1-5-21-3829197068-2955107618-1151059083-504 - Limited - Disabled)
wow (S-1-5-21-3829197068-2955107618-1151059083-1001 - Administrator - Enabled) => C:\Users\wow

==================== Security Center ========================

(If an entry is included in the fixlist, it will be removed.)

AV: Avast Antivirus (Enabled - Up to date) {8EA8924E-BC81-DC44-8BB0-8BAE75D86EBF}
AV: Windows Defender (Disabled - Up to date) {D68DDC3A-831F-4fae-9E44-DA132C1ACF46}
AV: Avast Antivirus (Enabled - Up to date) {EB19B86E-3998-C706-90EF-92B41EB091AF}
AS: Windows Defender (Disabled - Up to date) {D68DDC3A-831F-4fae-9E44-DA132C1ACF46}
AS: Avast Antivirus (Enabled - Up to date) {35C973AA-9ABB-D3CA-B100-B0DC0E5F2402}

==================== Installed Programs ======================

(Only the adware programs with "Hidden" flag could be added to the fixlist to unhide them. The adware programs should be uninstalled manually.)

7z Extractor (HKLM-x32\...\{FA71EF19-3822-44F1-B843-B84CA34266CB}_is1) (Version: - 7zextractor.com)
Adobe Acrobat Reader DC - Czech (HKLM-x32\...\{AC76BA86-7AD7-1029-7B44-AC0F074E4100}) (Version: 20.012.20048 - Adobe Systems Incorporated)
Adobe dreamweaver (HKLM\...\{F91C3A80-17BA-41E3-8288-A36778F03035}) (Version: 1.0.0000 - Adobe Systems Incorporated) Hidden
Adobe Flash Player 32 NPAPI (HKLM-x32\...\Adobe Flash Player NPAPI) (Version: 32.0.0.433 - Adobe)
Aktualizace produktu Microsoft Office Excel 2007 Help (KB963678) (HKLM-x32\...\{90120000-0016-0405-0000-0000000FF1CE}_ENTERPRISE_{0A1FAC46-B899-421D-B1A2-470896DC45DB}) (Version: - Microsoft)
Aktualizace produktu Microsoft Office Powerpoint 2007 Help (KB963669) (HKLM-x32\...\{90120000-0018-0405-0000-0000000FF1CE}_ENTERPRISE_{5260BB53-C1F7-4A3B-9AEB-3EC9B37FF194}) (Version: - Microsoft)
Aktualizace produktu Microsoft Office Word 2007 Help (KB963665) (HKLM-x32\...\{90120000-001B-0405-0000-0000000FF1CE}_ENTERPRISE_{E68DD413-B834-4923-8181-0A03B7555187}) (Version: - Microsoft)
Altap Salamander 3.03 (x86) (HKLM-x32\...\Altap Salamander 3.03 (x86)) (Version: 3.03 - ALTAP)
Avast Free Antivirus (HKLM-x32\...\Avast Antivirus) (Version: 20.7.2425 - Avast Software)
Avast Secure Browser (HKLM-x32\...\Avast Secure Browser) (Version: 85.0.5814.102 - AVAST Software)
Avast Update Helper (HKLM-x32\...\{A92DAB39-4E2C-4304-9AB6-BC44E68B55E2}) (Version: 1.4.154.333 - AVAST Software) Hidden
Backup and Sync from Google (HKLM\...\{B109BD68-709A-485B-97E6-651FEB234AC9}) (Version: 3.51.3307.8076 - Google, Inc.)
BitTorrent (HKU\S-1-5-21-3829197068-2955107618-1151059083-1001\...\BitTorrent) (Version: 7.10.5.45785 - BitTorrent Inc.)
calibre 64bit (HKLM\...\{60D51DD1-4BDE-44C4-A28C-F07D4740ACA1}) (Version: 5.2.0 - Kovid Goyal)
CCleaner (HKLM\...\CCleaner) (Version: 5.72 - Piriform)
CDBurnerXP (HKLM-x32\...\{7E265513-8CDA-4631-B696-F40D983F3B07}_is1) (Version: 4.5.7.6623 - CDBurnerXP)
Cool Edit Pro 2.1 (HKLM-x32\...\Cool Edit Pro 2.1) (Version: - )
D3DX10 (HKLM-x32\...\{E09C4DB7-630C-4F06-A631-8EA7239923AF}) (Version: 15.4.2368.0902 - Microsoft) Hidden
Genesys USB Mass Storage Device (HKLM-x32\...\{959B7F35-2819-40C5-A0CD-3C53B5FCC935}) (Version: 4.5.0.6.1001 - Genesys Logic)
Google Chrome (HKLM-x32\...\Google Chrome) (Version: 86.0.4240.75 - Google LLC)
Google Update Helper (HKLM-x32\...\{60EC980A-BDA2-4CB6-A427-B07A5498B4CA}) (Version: 1.3.36.31 - Google LLC) Hidden
HappyFoto DESIGNER 5.4 (HKLM-x32\...\HappyFoto-Designer_is1) (Version: - )
Intel(R) Chipset Device Software (HKLM-x32\...\{c7f54569-0018-439c-809a-48046a4d4ebc}) (Version: 10.1.1.9 - Intel(R) Corporation) Hidden
Intel(R) Management Engine Components (HKLM\...\{1CEAC85D-2590-4760-800F-8DE5E91F3700}) (Version: 11.0.0.1158 - Intel Corporation)
Intel(R) Processor Graphics (HKLM-x32\...\{F0E3AD40-2BBD-4360-9C76-B9AC9A5886EA}) (Version: 20.19.15.4963 - Intel Corporation)
Intel® Security Assist (HKLM-x32\...\{4B230374-6475-4A73-BA6E-41015E9C5013}) (Version: 1.0.0.532 - Intel Corporation)
IrfanView 4.54 (32-bit) (HKLM-x32\...\IrfanView) (Version: 4.54 - Irfan Skiljan)
Lenovo Rescue System (HKLM\...\{46F4D124-20E5-4D12-BE52-EC177A7A4B42}) (Version: 4.0.0.5015 - CyberLink Corp.) Hidden
Lenovo Rescue System (HKLM-x32\...\InstallShield_{46F4D124-20E5-4D12-BE52-EC177A7A4B42}) (Version: 4.0.0.5015 - CyberLink Corp.)
Lenovo Slim USB Keyboard (HKLM\...\{494D80C4-3557-4D73-A153-65FE4B3ECDC3}) (Version: 1.17 - Lenovo)
Malwarebytes version 4.2.1.89 (HKLM\...\{35065F43-4BB2-439A-BFF7-0F1014F2E0CD}_is1) (Version: 4.2.1.89 - Malwarebytes)
Manual (HKLM-x32\...\{693F92E5-37D1-46B7-A0D6-19A74A2FD0EC}) (Version: 1.00.0701 - Lenovo)
Metric Collection SDK 35 (HKLM-x32\...\{C2B5B5B0-2545-4E94-B4BA-548D4BF0B196}) (Version: 1.2.0006.00 - Lenovo Group Limited) Hidden
Microsoft Edge (HKLM-x32\...\Microsoft Edge) (Version: 86.0.622.43 - Microsoft Corporation)
Microsoft Edge Update (HKLM-x32\...\Microsoft Edge Update) (Version: 1.3.135.49 - )
Microsoft Office (HKLM-x32\...\{90150000-0138-0409-0000-0000000FF1CE}) (Version: 15.0.4693.1005 - Microsoft Corporation)
Microsoft Office 2007 Service Pack 3 (SP3) (HKLM-x32\...\{90120000-0030-0000-0000-0000000FF1CE}_ENTERPRISE_{6E107EB7-8B55-48BF-ACCB-199F86A2CD93}) (Version: - Microsoft)
Microsoft Office Enterprise 2007 (HKLM-x32\...\ENTERPRISE) (Version: 12.0.6612.1000 - Microsoft Corporation)
Microsoft Office File Validation Add-In (HKLM-x32\...\{90140000-2005-0000-0000-0000000FF1CE}) (Version: 14.0.5130.5003 - Microsoft Corporation)
Microsoft OneDrive (HKU\S-1-5-21-3829197068-2955107618-1151059083-1001\...\OneDriveSetup.exe) (Version: 20.169.0823.0006 - Microsoft Corporation)
Microsoft Visual C++ 2005 Redistributable (HKLM-x32\...\{710f4c1c-cc18-4c49-8cbf-51240c89a1a2}) (Version: 8.0.61001 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.17 (HKLM-x32\...\{9A25302D-30C0-39D9-BD6F-21E6EC160475}) (Version: 9.0.30729 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.4148 (HKLM-x32\...\{1F1C2DFC-2D24-3E06-BCB8-725134ADF989}) (Version: 9.0.30729.4148 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.6161 (HKLM-x32\...\{9BE518E6-ECC6-35A9-88E4-87755C07200F}) (Version: 9.0.30729.6161 - Microsoft Corporation)
Microsoft Visual C++ 2010 x86 Redistributable - 10.0.40219 (HKLM-x32\...\{F0C3E5D1-1ADE-321E-8167-68EF0DE699A5}) (Version: 10.0.40219 - Microsoft Corporation)
Microsoft Visual C++ 2012 Redistributable (x86) - 11.0.61030 (HKLM-x32\...\{33d1fd90-4274-48a1-9bc1-97e33d9c2d6f}) (Version: 11.0.61030.0 - Microsoft Corporation)
Microsoft Visual C++ 2013 Redistributable (x64) - 12.0.30501 (HKLM-x32\...\{050d4fc8-5d48-4b8f-8972-47c82c46020f}) (Version: 12.0.30501.0 - Microsoft Corporation)
Microsoft Visual C++ 2013 Redistributable (x86) - 12.0.30501 (HKLM-x32\...\{f65db027-aff3-4070-886a-0d87064aabb1}) (Version: 12.0.30501.0 - Microsoft Corporation)
Microsoft Visual C++ 2015 Redistributable (x64) - 14.0.24212 (HKLM-x32\...\{323dad84-0974-4d90-a1c1-e006c7fdbb7d}) (Version: 14.0.24212.0 - Microsoft Corporation)
Movie Maker (HKLM-x32\...\{38F03569-A636-4CF3-BDDE-032C8C251304}) (Version: 16.4.3528.0331 - Microsoft Corporation) Hidden
Movie Maker (HKLM-x32\...\{DD67BE4B-7E62-4215-AFA3-F123A800A389}) (Version: 16.4.3528.0331 - Microsoft Corporation) Hidden
Mozilla Firefox 81.0.2 (x64 cs) (HKLM\...\Mozilla Firefox 81.0.2 (x64 cs)) (Version: 81.0.2 - Mozilla)
Mozilla Maintenance Service (HKLM\...\MozillaMaintenanceService) (Version: 53.0 - Mozilla)
OnScreen Control (HKLM-x32\...\{E5C1B339-0E4E-49A5-859E-5E1DE1938706}) (Version: 1.39 - LG Electronics Inc)
Rajče průvodce verze 1.59.54.269 (HKLM-x32\...\rajce.net_is1) (Version: - rajce.net)
Realtek Ethernet Controller All-In-One Windows Driver (HKLM-x32\...\{F7E7F0CB-AA41-4D5A-B6F2-8E6738EB063F}) (Version: 10.1.505.2015 - Realtek)
Realtek High Definition Audio Driver (HKLM-x32\...\{F132AF7F-7BCA-4EDE-8A7C-958108FE7DBC}) (Version: 6.0.1.7543 - Realtek Semiconductor Corp.)
Shredder 12 (HKLM-x32\...\{3892F602-F5D6-4B99-8F08-12EE6B01F66B}) (Version: 12.0.0 - ChessBase)
Shredder 12 (HKLM-x32\...\{631D1741-E5F6-433B-A0BF-5216DC1D846D}) (Version: 12.0.0 - ChessBase) Hidden
Update for 2007 Microsoft Office System (KB967642) (HKLM-x32\...\{90120000-0030-0000-0000-0000000FF1CE}_ENTERPRISE_{C444285D-5E4F-48A4-91DD-47AAAA68E92D}) (Version: - Microsoft)
Update for Windows 10 for x64-based Systems (KB4023057) (HKLM\...\{16AD6161-2E47-4BF1-AA77-0946EFE93E08}) (Version: 2.61.0.0 - Microsoft Corporation)
Windows Driver Package - Genesys Logic (GeneStor) USB (07/13/2015 4.5.0.6) (HKLM\...\AE2E6FAB44844413B4C6F53C908EACC8AFC838F0) (Version: 07/13/2015 4.5.0.6 - Genesys Logic)
Windows Driver Package - Intel Corporation (igfx) Display (07/17/2015 10.18.15.4256) (HKLM\...\00B7AF24A3F134555C104D6FD6BA2E998DF37957) (Version: 07/17/2015 10.18.15.4256 - Intel Corporation)
Windows Driver Package - Realtek (rt640x64) Net (05/05/2015 10.001.0505.2015) (HKLM\...\6A304520C2F25CD034E477A379C47308AA84A2DC) (Version: 05/05/2015 10.001.0505.2015 - Realtek)
Windows Movie Maker 2016 (HKLM-x32\...\{3CC29C1A-B5FE-457B-8F22-32A2videowin}}_is1) (Version: - videowinsoft.com)
xrecode II 1.0.0.231 (HKLM-x32\...\{AFE83615-88BE-47F6-B3E4-A3FEF8B7B57F}_is1) (Version: - )
Zoner Photo Studio 17 (HKLM\...\ZonerPhotoStudio17_CZ_is1) (Version: 17.0.1.12 - ZONER software)

Packages:
=========
HP Smart -> C:\Program Files\WindowsApps\AD2F1837.HPPrinterControl_120.1.741.0_x64__v10z8vjag6ke6 [2020-10-09] (HP Inc.)
Lenovo Vantage -> C:\Program Files\WindowsApps\E046963F.LenovoCompanion_10.2009.18.0_x64__k1h2ywk1493x8 [2020-09-28] (LENOVO INC.)
Microsoft Advertising SDK for XAML -> C:\Program Files\WindowsApps\Microsoft.Advertising.Xaml_10.1811.1.0_x64__8wekyb3d8bbwe [2019-02-14] (Microsoft Corporation) [MS Ad]
Microsoft Advertising SDK for XAML -> C:\Program Files\WindowsApps\Microsoft.Advertising.Xaml_10.1811.1.0_x86__8wekyb3d8bbwe [2019-02-14] (Microsoft Corporation) [MS Ad]
Microsoft Solitaire Collection -> C:\Program Files\WindowsApps\Microsoft.MicrosoftSolitaireCollection_4.7.8101.0_x64__8wekyb3d8bbwe [2020-08-19] (Microsoft Studios) [MS Ad]
MSN Sports -> C:\Program Files\WindowsApps\Microsoft.BingSports_4.36.20714.0_x64__8wekyb3d8bbwe [2020-03-26] (Microsoft Corporation) [MS Ad]
Uživatelský portál Lenovo -> C:\Program Files\WindowsApps\LenovoCorporation.LenovoID_2.0.37.0_x86__4642shxvsv8s2 [2017-05-04] (LENOVO INCORPORATED.)

==================== Custom CLSID (Whitelisted): ==============

(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)

CustomCLSID: HKU\S-1-5-21-3829197068-2955107618-1151059083-1001_Classes\CLSID\{C78B6149-F3EA-11D2-94A1-00E0292A01E3}\InprocServer32 -> C:\Program Files (x86)\Altap Salamander\utils\salextx64.dll (ALTAP) [File not signed]
ShellExecuteHooks-x32: Groove GFS Stub Execution Hook - {B5A7F190-DDA6-4420-B3BA-52453494E6CD} - C:\Program Files (x86)\Microsoft Office\Office12\GrooveShellExtensions.dll [2217832 2009-02-26] (Microsoft Corporation -> Microsoft Corporation)
ShellIconOverlayIdentifiers: [ GoogleDriveBlacklisted] -> {81539FE6-33C7-4CE7-90C7-1C7B8F2F2D42} => C:\Program Files\Google\Drive\googledrivesync64.dll [2020-09-09] (Google LLC -> Google)
ShellIconOverlayIdentifiers: [ GoogleDriveSynced] -> {81539FE6-33C7-4CE7-90C7-1C7B8F2F2D40} => C:\Program Files\Google\Drive\googledrivesync64.dll [2020-09-09] (Google LLC -> Google)
ShellIconOverlayIdentifiers: [ GoogleDriveSyncing] -> {81539FE6-33C7-4CE7-90C7-1C7B8F2F2D41} => C:\Program Files\Google\Drive\googledrivesync64.dll [2020-09-09] (Google LLC -> Google)
ShellIconOverlayIdentifiers: [00asw] -> {472083B0-C522-11CF-8763-00608CC02F24} => C:\Program Files\AVAST Software\Avast\ashShell.dll [2020-09-22] (Avast Software s.r.o. -> AVAST Software)
ContextMenuHandlers1: [avast] -> {472083B0-C522-11CF-8763-00608CC02F24} => C:\Program Files\AVAST Software\Avast\ashShell.dll [2020-09-22] (Avast Software s.r.o. -> AVAST Software)
ContextMenuHandlers1: [GDContextMenu] -> {BB02B294-8425-42E5-983F-41A1FA970CD6} => C:\Program Files\Google\Drive\contextmenu64.dll [2020-09-09] (Google LLC -> Google)
ContextMenuHandlers3: [00asw] -> {472083B0-C522-11CF-8763-00608CC02F24} => C:\Program Files\AVAST Software\Avast\ashShell.dll [2020-09-22] (Avast Software s.r.o. -> AVAST Software)
ContextMenuHandlers3: [MBAMShlExt] -> {57CE581A-0CB6-4266-9CA0-19364C90A0B3} => C:\Program Files\Malwarebytes\Anti-Malware\mbshlext.dll [2020-02-16] (Malwarebytes Corporation -> Malwarebytes)
ContextMenuHandlers4: [GDContextMenu] -> {BB02B294-8425-42E5-983F-41A1FA970CD6} => C:\Program Files\Google\Drive\contextmenu64.dll [2020-09-09] (Google LLC -> Google)
ContextMenuHandlers5: [igfxcui] -> {3AB1675A-CCFF-11D2-8B20-00A0C93CB1F4} => -> No File
ContextMenuHandlers5: [igfxDTCM] -> {9B5F5829-A529-4B12-814A-E81BCB8D93FC} => C:\WINDOWS\system32\igfxDTCM.dll [2018-07-16] (Microsoft Windows Hardware Compatibility Publisher -> Intel Corporation)
ContextMenuHandlers6: [avast] -> {472083B0-C522-11CF-8763-00608CC02F24} => C:\Program Files\AVAST Software\Avast\ashShell.dll [2020-09-22] (Avast Software s.r.o. -> AVAST Software)
ContextMenuHandlers6: [MBAMShlExt] -> {57CE581A-0CB6-4266-9CA0-19364C90A0B3} => C:\Program Files\Malwarebytes\Anti-Malware\mbshlext.dll [2020-02-16] (Malwarebytes Corporation -> Malwarebytes)

==================== Codecs (Whitelisted) ====================

==================== Shortcuts & WMI ========================

==================== Loaded Modules (Whitelisted) =============

2020-10-18 12:19 - 2020-10-18 12:19 - 000114176 _____ () [File not signed] C:\Users\wow\AppData\Local\Temp\_MEI76282\_ctypes.pyd
2020-10-18 12:19 - 2020-10-18 12:19 - 000172544 _____ () [File not signed] C:\Users\wow\AppData\Local\Temp\_MEI76282\_elementtree.pyd
2020-10-18 12:19 - 2020-10-18 12:19 - 002250240 _____ () [File not signed] C:\Users\wow\AppData\Local\Temp\_MEI76282\_hashlib.pyd
2020-10-18 12:19 - 2020-10-18 12:19 - 000032256 _____ () [File not signed] C:\Users\wow\AppData\Local\Temp\_MEI76282\_multiprocessing.pyd
2020-10-18 12:19 - 2020-10-18 12:19 - 000046080 _____ () [File not signed] C:\Users\wow\AppData\Local\Temp\_MEI76282\_psutil_windows.pyd
2020-10-18 12:19 - 2020-10-18 12:19 - 000047616 _____ () [File not signed] C:\Users\wow\AppData\Local\Temp\_MEI76282\_socket.pyd
2020-10-18 12:19 - 2020-10-18 12:19 - 002819584 _____ () [File not signed] C:\Users\wow\AppData\Local\Temp\_MEI76282\_ssl.pyd
2020-10-18 12:19 - 2020-10-18 12:19 - 000026112 _____ () [File not signed] C:\Users\wow\AppData\Local\Temp\_MEI76282\_yappi.pyd
2020-10-18 12:19 - 2020-10-18 12:19 - 000080896 _____ () [File not signed] C:\Users\wow\AppData\Local\Temp\_MEI76282\bz2.pyd
2020-10-18 12:19 - 2020-10-18 12:19 - 000016384 _____ () [File not signed] C:\Users\wow\AppData\Local\Temp\_MEI76282\common.time34.pyd
2020-10-18 12:19 - 2020-10-18 12:19 - 000007680 _____ () [File not signed] C:\Users\wow\AppData\Local\Temp\_MEI76282\hashobjs_ext.pyd
2020-10-18 12:19 - 2020-10-18 12:19 - 000301568 _____ () [File not signed] C:\Users\wow\AppData\Local\Temp\_MEI76282\PIL._imaging.pyd
2020-10-18 12:19 - 2020-10-18 12:19 - 000168448 _____ () [File not signed] C:\Users\wow\AppData\Local\Temp\_MEI76282\pyexpat.pyd
2020-10-18 12:19 - 2020-10-18 12:19 - 001084416 _____ () [File not signed] C:\Users\wow\AppData\Local\Temp\_MEI76282\pysqlite2._sqlite.pyd
2020-10-18 12:19 - 2020-10-18 12:19 - 000548864 _____ () [File not signed] C:\Users\wow\AppData\Local\Temp\_MEI76282\pythoncom27.dll
2020-10-18 12:19 - 2020-10-18 12:19 - 000137728 _____ () [File not signed] C:\Users\wow\AppData\Local\Temp\_MEI76282\pywintypes27.dll
2020-10-18 12:19 - 2020-10-18 12:19 - 000010752 _____ () [File not signed] C:\Users\wow\AppData\Local\Temp\_MEI76282\select.pyd
2020-10-18 12:19 - 2020-10-18 12:19 - 000020992 _____ () [File not signed] C:\Users\wow\AppData\Local\Temp\_MEI76282\thumbnails_ext.pyd
2020-10-18 12:19 - 2020-10-18 12:19 - 000689664 _____ () [File not signed] C:\Users\wow\AppData\Local\Temp\_MEI76282\unicodedata.pyd
2020-10-18 12:19 - 2020-10-18 12:19 - 000119808 _____ () [File not signed] C:\Users\wow\AppData\Local\Temp\_MEI76282\usb_ext.pyd
2020-10-18 12:19 - 2020-10-18 12:19 - 000128512 _____ () [File not signed] C:\Users\wow\AppData\Local\Temp\_MEI76282\win32api.pyd
2020-10-18 12:19 - 2020-10-18 12:19 - 000438784 _____ () [File not signed] C:\Users\wow\AppData\Local\Temp\_MEI76282\win32com.shell.shell.pyd
2020-10-18 12:19 - 2020-10-18 12:19 - 000011776 _____ () [File not signed] C:\Users\wow\AppData\Local\Temp\_MEI76282\win32crypt.pyd
2020-10-18 12:19 - 2020-10-18 12:19 - 000023040 _____ () [File not signed] C:\Users\wow\AppData\Local\Temp\_MEI76282\win32event.pyd
2020-10-18 12:19 - 2020-10-18 12:19 - 000149504 _____ () [File not signed] C:\Users\wow\AppData\Local\Temp\_MEI76282\win32file.pyd
2020-10-18 12:19 - 2020-10-18 12:19 - 000223232 _____ () [File not signed] C:\Users\wow\AppData\Local\Temp\_MEI76282\win32gui.pyd
2020-10-18 12:19 - 2020-10-18 12:19 - 000048128 _____ () [File not signed] C:\Users\wow\AppData\Local\Temp\_MEI76282\win32inet.pyd
2020-10-18 12:19 - 2020-10-18 12:19 - 000029696 _____ () [File not signed] C:\Users\wow\AppData\Local\Temp\_MEI76282\win32pdh.pyd
2020-10-18 12:19 - 2020-10-18 12:19 - 000027648 _____ () [File not signed] C:\Users\wow\AppData\Local\Temp\_MEI76282\win32pipe.pyd
2020-10-18 12:19 - 2020-10-18 12:19 - 000044032 _____ () [File not signed] C:\Users\wow\AppData\Local\Temp\_MEI76282\win32process.pyd
2020-10-18 12:19 - 2020-10-18 12:19 - 000020480 _____ () [File not signed] C:\Users\wow\AppData\Local\Temp\_MEI76282\win32profile.pyd
2020-10-18 12:19 - 2020-10-18 12:19 - 000136192 _____ () [File not signed] C:\Users\wow\AppData\Local\Temp\_MEI76282\win32security.pyd
2020-10-18 12:19 - 2020-10-18 12:19 - 000026624 _____ () [File not signed] C:\Users\wow\AppData\Local\Temp\_MEI76282\win32ts.pyd
2020-10-18 12:19 - 2020-10-18 12:19 - 000034816 _____ () [File not signed] C:\Users\wow\AppData\Local\Temp\_MEI76282\windows.conditional.pyd
2020-10-18 12:19 - 2020-10-18 12:19 - 000038400 _____ () [File not signed] C:\Users\wow\AppData\Local\Temp\_MEI76282\windows.connectivity.pyd
2020-10-18 12:19 - 2020-10-18 12:19 - 000071680 _____ () [File not signed] C:\Users\wow\AppData\Local\Temp\_MEI76282\windows.device_monitor.pyd
2020-10-18 12:19 - 2020-10-18 12:19 - 000109056 _____ () [File not signed] C:\Users\wow\AppData\Local\Temp\_MEI76282\windows.volumes.pyd
2020-10-18 12:19 - 2020-10-18 12:19 - 000020480 _____ () [File not signed] C:\Users\wow\AppData\Local\Temp\_MEI76282\windows.winwrap.pyd
2020-10-18 12:19 - 2020-10-18 12:19 - 001325056 _____ () [File not signed] C:\Users\wow\AppData\Local\Temp\_MEI76282\wx._controls_.pyd
2020-10-18 12:19 - 2020-10-18 12:19 - 001489408 _____ () [File not signed] C:\Users\wow\AppData\Local\Temp\_MEI76282\wx._core_.pyd
2020-10-18 12:19 - 2020-10-18 12:19 - 001007104 _____ () [File not signed] C:\Users\wow\AppData\Local\Temp\_MEI76282\wx._gdi_.pyd
2020-10-18 12:19 - 2020-10-18 12:19 - 000103424 _____ () [File not signed] C:\Users\wow\AppData\Local\Temp\_MEI76282\wx._html2.pyd
2020-10-18 12:19 - 2020-10-18 12:19 - 000916992 _____ () [File not signed] C:\Users\wow\AppData\Local\Temp\_MEI76282\wx._misc_.pyd
2020-10-18 12:19 - 2020-10-18 12:19 - 001039872 _____ () [File not signed] C:\Users\wow\AppData\Local\Temp\_MEI76282\wx._windows_.pyd
2017-05-04 08:54 - 2014-08-29 15:05 - 000013312 _____ (ALTAP) [File not signed] C:\Program Files (x86)\Altap Salamander\utils\salextx64.dll
2020-10-18 12:19 - 2020-10-18 12:19 - 003043328 _____ (Python Software Foundation) [File not signed] C:\Users\wow\AppData\Local\Temp\_MEI76282\python27.dll
2020-10-18 12:19 - 2020-10-18 12:19 - 000202240 _____ (wxWidgets development team) [File not signed] C:\Users\wow\AppData\Local\Temp\_MEI76282\wxbase30u_net_vc90_x64.dll
2020-10-18 12:19 - 2020-10-18 12:19 - 002831872 _____ (wxWidgets development team) [File not signed] C:\Users\wow\AppData\Local\Temp\_MEI76282\wxbase30u_vc90_x64.dll
2020-10-18 12:19 - 2020-10-18 12:19 - 001654784 _____ (wxWidgets development team) [File not signed] C:\Users\wow\AppData\Local\Temp\_MEI76282\wxmsw30u_adv_vc90_x64.dll
2020-10-18 12:19 - 2020-10-18 12:19 - 006542336 _____ (wxWidgets development team) [File not signed] C:\Users\wow\AppData\Local\Temp\_MEI76282\wxmsw30u_core_vc90_x64.dll
2020-10-18 12:19 - 2020-10-18 12:19 - 000773632 _____ (wxWidgets development team) [File not signed] C:\Users\wow\AppData\Local\Temp\_MEI76282\wxmsw30u_html_vc90_x64.dll
2020-10-18 12:19 - 2020-10-18 12:19 - 000137216 _____ (wxWidgets development team) [File not signed] C:\Users\wow\AppData\Local\Temp\_MEI76282\wxmsw30u_webview_vc90_x64.dll

==================== Alternate Data Streams (Whitelisted) ========

==================== Safe Mode (Whitelisted) ==================

(If an entry is included in the fixlist, it will be removed from the registry. The "AlternateShell" will be restored.)

HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\MBAMService => ""="Service"
HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Network\MBAMService => ""="Service"

==================== Association (Whitelisted) =================

==================== Internet Explorer (Whitelisted) ==========

BHO-x32: Groove GFS Browser Helper -> {72853161-30C5-4D22-B7F9-0BBC1D38A37E} -> C:\Program Files (x86)\Microsoft Office\Office12\GrooveShellExtensions.dll [2009-02-26] (Microsoft Corporation -> Microsoft Corporation)

==================== Hosts content: =========================

(If needed Hosts: directive could be included in the fixlist to reset Hosts.)

2015-07-10 13:04 - 2019-12-16 12:26 - 000000027 _____ C:\WINDOWS\system32\drivers\etc\hosts
127.0.0.1 localhost

==================== Other Areas ===========================

(Currently there is no automatic fix for this section.)

HKLM\System\CurrentControlSet\Control\Session Manager\Environment\\Path -> C:\Program Files (x86)\Intel\iCLS Client\;C:\Program Files\Intel\iCLS Client\;%SystemRoot%\system32;%SystemRoot%;%SystemRoot%\System32\Wbem;%SYSTEMROOT%\System32\WindowsPowerShell\v1.0\;C:\Program Files (x86)\Common Files\lenovo\easyplussdk\bin;C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\DAL;C:\Program Files\Intel\Intel(R) Management Engine Components\DAL;C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\IPT;C:\Program Files\Intel\Intel(R) Management Engine Components\IPT;C:\Program Files\Calibre2\;%SYSTEMROOT%\System32\OpenSSH\
HKU\S-1-5-21-3829197068-2955107618-1151059083-1001\Control Panel\Desktop\\Wallpaper -> D:\Fotky\IMG_20200521_123756.jpg
DNS Servers: 10.0.0.138
HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Policies\System => (ConsentPromptBehaviorAdmin: 5) (ConsentPromptBehaviorUser: 3) (EnableLUA: 1)
HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer => (SmartScreenEnabled: RequireAdmin)
Windows Firewall is enabled.

==================== MSCONFIG/TASK MANAGER disabled items ==

(If an entry is included in the fixlist, it will be removed.)

HKLM\...\StartupApproved\Run: => "SecurityHealth"
HKLM\...\StartupApproved\Run: => "WindowsDefender"
HKLM\...\StartupApproved\Run: => "snpstd3"
HKLM\...\StartupApproved\Run: => "UMonit"
HKLM\...\StartupApproved\Run: => "Skd8821"
HKLM\...\StartupApproved\Run: => "AdobeGCInvoker-1.0"
HKLM\...\StartupApproved\Run32: => "GrooveMonitor"
HKLM\...\StartupApproved\Run32: => "SecurityHealth"
HKLM\...\StartupApproved\Run32: => "snpstd3"
HKLM\...\StartupApproved\Run32: => "UMonit"
HKLM\...\StartupApproved\Run32: => "WindowsDefender"
HKLM\...\StartupApproved\Run32: => "AdobeGCInvoker-1.0"
HKLM\...\StartupApproved\Run32: => "MagicPlusHelper"
HKU\S-1-5-21-3829197068-2955107618-1151059083-1001\...\StartupApproved\Run: => "OneDrive"
HKU\S-1-5-21-3829197068-2955107618-1151059083-1001\...\StartupApproved\Run: => "Zoner Photo Studio Autoupdate"
HKU\S-1-5-21-3829197068-2955107618-1151059083-1001\...\StartupApproved\Run: => "AvastBrowserAutoLaunch_6F12923EB02AD11E91B5AF5FC2A0240C"
HKU\S-1-5-21-3829197068-2955107618-1151059083-1001\...\StartupApproved\Run: => "CCleaner Smart Cleaning"

==================== FirewallRules (Whitelisted) ================

(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)

FirewallRules: [UDP Query User{C0711B30-D3EA-4386-9F51-4CEF39293F80}C:\program files\mozilla firefox\firefox.exe] => (Block) C:\program files\mozilla firefox\firefox.exe (Mozilla Corporation -> Mozilla Corporation)
FirewallRules: [TCP Query User{B4817637-7AF7-4747-BBA9-5A2D8BEBFF1F}C:\program files\mozilla firefox\firefox.exe] => (Block) C:\program files\mozilla firefox\firefox.exe (Mozilla Corporation -> Mozilla Corporation)
FirewallRules: [{44FBBCFC-AF47-4FD2-BDAB-6DF495E8236B}] => (Allow) C:\Program Files\Zoner\Photo Studio 17\Program32\MediaServer.exe (ZONER software, a.s. -> ZONER software)
FirewallRules: [UDP Query User{3E0DABE0-9F24-4D78-BA70-F1078169061C}C:\users\wow\appdata\roaming\bittorrent\bittorrent.exe] => (Block) C:\users\wow\appdata\roaming\bittorrent\bittorrent.exe (BitTorrent Inc -> BitTorrent Inc.)
FirewallRules: [TCP Query User{C67B52E9-E180-4A22-BC5B-D16E824E4486}C:\users\wow\appdata\roaming\bittorrent\bittorrent.exe] => (Block) C:\users\wow\appdata\roaming\bittorrent\bittorrent.exe (BitTorrent Inc -> BitTorrent Inc.)
FirewallRules: [{6E18ACE4-A7AB-4F16-99DC-EB75BEE3C474}] => (Allow) C:\Program Files\Mozilla Firefox\firefox.exe (Mozilla Corporation -> Mozilla Corporation)
FirewallRules: [{D826F392-DEBE-4E4D-BD2D-26A5FBD338C3}] => (Allow) C:\Program Files\Mozilla Firefox\firefox.exe (Mozilla Corporation -> Mozilla Corporation)
FirewallRules: [TCP Query User{51E6F166-45BF-4E73-B198-17F6D2E3E5C6}C:\users\wow\appdata\roaming\bittorrent\bittorrent.exe] => (Allow) C:\users\wow\appdata\roaming\bittorrent\bittorrent.exe (BitTorrent Inc -> BitTorrent Inc.)
FirewallRules: [UDP Query User{B43F2FAB-D3EB-4A22-A0EF-223F46811C43}C:\users\wow\appdata\roaming\bittorrent\bittorrent.exe] => (Allow) C:\users\wow\appdata\roaming\bittorrent\bittorrent.exe (BitTorrent Inc -> BitTorrent Inc.)
FirewallRules: [{4CA95690-EFB8-4BBF-91C0-1DFF79901928}] => (Allow) C:\Program Files\CCleaner\CCUpdate.exe (Piriform Software Ltd -> Piriform Software Ltd)
FirewallRules: [{7C89660B-0081-43D1-B52A-5848B3CF00A6}] => (Allow) C:\Program Files\CCleaner\CCUpdate.exe (Piriform Software Ltd -> Piriform Software Ltd)
FirewallRules: [{BA9B3BA2-B930-4FBC-A7DD-460C77B1F820}] => (Allow) C:\Program Files (x86)\AVAST Software\Browser\Application\AvastBrowser.exe (Avast Software s.r.o. -> AVAST Software)
FirewallRules: [{0FC65B2B-5529-4994-B28C-2A5E15C79F74}] => (Allow) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe (Google LLC -> Google LLC)

==================== Restore Points =========================

12-09-2020 10:09:02 Windows Modules Installer
07-10-2020 11:17:56 Scheduled Checkpoint
16-10-2020 10:18:27 Windows Modules Installer

==================== Faulty Device Manager Devices ============


==================== Event log errors: ========================

Application errors:
==================
Error: (10/16/2020 01:03:40 PM) (Source: Application Error) (EventID: 1000) (User: )
Description: Název chybující aplikace: FreemakeUtilsService.exe, verze: 1.0.0.0, časové razítko: 0x5f742b96
Název chybujícího modulu: KERNELBASE.dll, verze: 10.0.19041.488, časové razítko: 0x42f14898
Kód výjimky: 0xe0434352
Posun chyby: 0x00129962
ID chybujícího procesu: 0xe54
Čas spuštění chybující aplikace: 0x01d6a3abfd2e438b
Cesta k chybující aplikaci: C:\ProgramData\Freemake\FreemakeUtilsService\FreemakeUtilsService.exe
Cesta k chybujícímu modulu: C:\WINDOWS\System32\KERNELBASE.dll
ID zprávy: dffc1493-f783-43fa-9e55-82cab9a5331c
Úplný název chybujícího balíčku:
ID aplikace související s chybujícím balíčkem:

Error: (10/16/2020 01:03:38 PM) (Source: .NET Runtime) (EventID: 1026) (User: )
Description: Application: FreemakeUtilsService.exe
Framework Version: v4.0.30319
Description: The process was terminated due to an unhandled exception.
Exception Info: System.IO.FileNotFoundException
at FreemakeUtilsService.Program.Main(System.String[])

Error: (10/16/2020 01:02:38 PM) (Source: VSS) (EventID: 8193) (User: )
Description: Chyba služby Stínová kopie svazků: Při volání rutiny CoCreateInstance došlo k neočekávané chybě. hr= 0x8007045b, A system shutdown is in progress.
.

Error: (10/16/2020 01:02:38 PM) (Source: VSS) (EventID: 13) (User: )
Description: Informace služby Stínová kopie svazku: Server COM s identifikátorem CLSID {4e14fba2-2e22-11d1-9964-00c04fbbb345} a názvem CEventSystem nelze spustit. [0x8007045b, A system shutdown is in progress.
]

Error: (10/16/2020 01:02:38 PM) (Source: VSS) (EventID: 8193) (User: )
Description: Chyba služby Stínová kopie svazků: Při volání rutiny CoCreateInstance došlo k neočekávané chybě. hr= 0x8007045b, A system shutdown is in progress.
.

Error: (10/16/2020 01:02:38 PM) (Source: VSS) (EventID: 13) (User: )
Description: Informace služby Stínová kopie svazku: Server COM s identifikátorem CLSID {4e14fba2-2e22-11d1-9964-00c04fbbb345} a názvem CEventSystem nelze spustit. [0x8007045b, A system shutdown is in progress.
]

Error: (10/16/2020 01:10:54 AM) (Source: Application Error) (EventID: 1000) (User: )
Description: Název chybující aplikace: FreemakeUtilsService.exe, verze: 1.0.0.0, časové razítko: 0x5f742b96
Název chybujícího modulu: KERNELBASE.dll, verze: 10.0.19041.488, časové razítko: 0x42f14898
Kód výjimky: 0xe0434352
Posun chyby: 0x00129962
ID chybujícího procesu: 0xd54
Čas spuštění chybující aplikace: 0x01d6a348684772d3
Cesta k chybující aplikaci: C:\ProgramData\Freemake\FreemakeUtilsService\FreemakeUtilsService.exe
Cesta k chybujícímu modulu: C:\WINDOWS\System32\KERNELBASE.dll
ID zprávy: c3ff87cb-6fe6-41d7-b532-40e20a5448af
Úplný název chybujícího balíčku:
ID aplikace související s chybujícím balíčkem:

Error: (10/16/2020 01:10:50 AM) (Source: .NET Runtime) (EventID: 1026) (User: )
Description: Application: FreemakeUtilsService.exe
Framework Version: v4.0.30319
Description: The process was terminated due to an unhandled exception.
Exception Info: System.IO.FileNotFoundException
at FreemakeUtilsService.Program.Main(System.String[])


System errors:
=============
Error: (10/18/2020 12:47:32 PM) (Source: Service Control Manager) (EventID: 7034) (User: )
Description: Služba Intel(R) Dynamic Application Loader Host Interface Service byla neočekávaně ukončena. Tento stav nastal již 1krát.

Error: (10/18/2020 12:46:34 PM) (Source: Service Control Manager) (EventID: 7034) (User: )
Description: Služba Adobe Genuine Monitor Service byla neočekávaně ukončena. Tento stav nastal již 1krát.

Error: (10/18/2020 12:45:05 PM) (Source: Service Control Manager) (EventID: 7034) (User: )
Description: Služba Intel(R) Management and Security Application Local Management Service byla neočekávaně ukončena. Tento stav nastal již 1krát.

Error: (10/18/2020 12:40:13 PM) (Source: Service Control Manager) (EventID: 7000) (User: )
Description: Služba Intel(R) Security Assist neuspěla při spuštění v důsledku následující chyby:
Služba neodpověděla na řídicí nebo zahajovací požadavek dostatečně včas.

Error: (10/18/2020 12:40:13 PM) (Source: Service Control Manager) (EventID: 7009) (User: )
Description: Při čekání na připojení služby Intel(R) Security Assist bylo dosaženo časového limitu (30000 ms).

Error: (10/16/2020 01:03:47 PM) (Source: Service Control Manager) (EventID: 7000) (User: )
Description: Služba Freemake Improver neuspěla při spuštění v důsledku následující chyby:
Služba neodpověděla na řídicí nebo zahajovací požadavek dostatečně včas.

Error: (10/16/2020 01:03:47 PM) (Source: Service Control Manager) (EventID: 7009) (User: )
Description: Při čekání na připojení služby Freemake Improver bylo dosaženo časového limitu (45000 ms).

Error: (10/16/2020 10:11:44 AM) (Source: Tcpip) (EventID: 4199) (User: )
Description: Systém zjistil konflikt IP adresy 10.0.0.1 se systémem,
jehož síťová hardwarová adresa je 48-88-CA-F9-24-36. Síťové operace v systému mohou
být přerušeny.


CodeIntegrity:
===================================

Date: 2020-10-18 13:07:01.7430000Z
Description:
Code Integrity determined that a process (\Device\HarddiskVolume3\Program Files (x86)\AVAST Software\Browser\Application\AvastBrowser.exe) attempted to load \Device\HarddiskVolume3\Program Files\AVAST Software\Avast\x86\aswhook.dll that did not meet the Microsoft signing level requirements.

Date: 2020-10-18 13:07:01.0670000Z
Description:
Code Integrity determined that a process (\Device\HarddiskVolume3\Program Files (x86)\AVAST Software\Browser\Application\AvastBrowser.exe) attempted to load \Device\HarddiskVolume3\Program Files\AVAST Software\Avast\x86\aswhook.dll that did not meet the Microsoft signing level requirements.

Date: 2020-10-18 13:07:00.1270000Z
Description:
Code Integrity determined that a process (\Device\HarddiskVolume3\Program Files (x86)\AVAST Software\Browser\Application\AvastBrowser.exe) attempted to load \Device\HarddiskVolume3\Program Files\AVAST Software\Avast\x86\aswhook.dll that did not meet the Microsoft signing level requirements.

Date: 2020-10-18 13:06:59.5660000Z
Description:
Code Integrity determined that a process (\Device\HarddiskVolume3\Program Files (x86)\AVAST Software\Browser\Application\AvastBrowser.exe) attempted to load \Device\HarddiskVolume3\Program Files\AVAST Software\Avast\x86\aswhook.dll that did not meet the Microsoft signing level requirements.

Date: 2020-10-18 13:06:59.4300000Z
Description:
Code Integrity determined that a process (\Device\HarddiskVolume3\Program Files (x86)\AVAST Software\Browser\Application\AvastBrowser.exe) attempted to load \Device\HarddiskVolume3\Program Files\AVAST Software\Avast\x86\aswhook.dll that did not meet the Microsoft signing level requirements.

Date: 2020-10-18 13:06:58.8250000Z
Description:
Code Integrity determined that a process (\Device\HarddiskVolume3\Program Files (x86)\AVAST Software\Browser\Application\AvastBrowser.exe) attempted to load \Device\HarddiskVolume3\Program Files\AVAST Software\Avast\x86\aswhook.dll that did not meet the Microsoft signing level requirements.

Date: 2020-10-18 13:06:58.2400000Z
Description:
Code Integrity determined that a process (\Device\HarddiskVolume3\Program Files (x86)\AVAST Software\Browser\Application\AvastBrowser.exe) attempted to load \Device\HarddiskVolume3\Program Files\AVAST Software\Avast\x86\aswhook.dll that did not meet the Microsoft signing level requirements.

Date: 2020-10-18 13:06:58.1630000Z
Description:
Code Integrity determined that a process (\Device\HarddiskVolume3\Program Files (x86)\AVAST Software\Browser\Application\AvastBrowser.exe) attempted to load \Device\HarddiskVolume3\Program Files\AVAST Software\Avast\x86\aswhook.dll that did not meet the Microsoft signing level requirements.

==================== Memory info ===========================

BIOS: LENOVO M0KKT17A 08/20/2015
Motherboard: LENOVO SHARKBAY
Processor: Intel(R) Pentium(R) CPU G3260 @ 3.30GHz
Percentage of memory in use: 60%
Total physical RAM: 4005.27 MB
Available physical RAM: 1570.95 MB
Total Virtual: 6053.27 MB
Available Virtual: 3009.08 MB

==================== Drives ================================

Drive c: (Windows) (Fixed) (Total:411.39 GB) (Free:331.8 GB) NTFS ==>[system with boot components (obtained from drive)]
Drive d: (Back) (Fixed) (Total:488.28 GB) (Free:409.97 GB) NTFS
Drive l: (KINGSTON) (Removable) (Total:28.85 GB) (Free:26.35 GB) FAT32

\\?\Volume{5c54ca0b-3d03-42ee-bf86-f01bfb318e30}\ (WinRE_DRV) (Fixed) (Total:0.98 GB) (Free:0.52 GB) NTFS
\\?\Volume{5e2dc3bb-2067-4d79-81ea-aa2a9ec717e1}\ (LENOVO_PART) (Fixed) (Total:30 GB) (Free:17.25 GB) NTFS
\\?\Volume{d4fd223c-2cf9-4313-a8e0-2b06e7cec4a5}\ (SYSTEM) (Fixed) (Total:0.25 GB) (Free:0.22 GB) FAT32

==================== MBR & Partition Table ====================

==========================================================
Disk: 0 (Size: 931.5 GB) (Disk ID: E7B780F0)

Partition: GPT.

==========================================================
Disk: 1 (MBR Code: Windows XP) (Size: 28.9 GB) (Disk ID: 77E40D7F)
Partition 1: (Active) - (Size=28.9 GB) - (Type=0C)

==================== End of Addition.txt =======================

Uživatelský avatar
Diallix
Rádce
Rádce
Příspěvky: 2760
Registrován: 27 dub 2008 10:34
Kontaktovat uživatele:

Re: Kontrolu logu, prosím - zdlouhavé načítání

#8 Příspěvek od Diallix »

Do poznamkoveho bloku skopirujte obsah dole:

Kód: Vybrat vše

HKLM\...\Run: [AdobeGCInvoker-1.0] => C:\Program Files (x86)\Common Files\Adobe\AdobeGCClient\AGCInvokerUtility.exe [3402832 2020-09-23] (Adobe Inc. -> Adobe Systems, Incorporated)
HKU\S-1-5-21-3829197068-2955107618-1151059083-1001\...\MountPoints2: {c238881e-3093-11e7-9bcb-b8aeed9e8c33} - "F:\WD Drive Unlock.exe" autoplay=true
HKLM\SOFTWARE\Policies\Mozilla\Firefox: Restriction <==== ATTENTION
HKLM\SOFTWARE\Policies\Google: Restriction <==== ATTENTION
Task: {2AB8667D-C5F6-4D6F-880F-0C5BEB1CD428} - System32\Tasks\AdobeGCInvoker-1.0 => C:\Program Files (x86)\Common Files\Adobe\AdobeGCClient\AGCInvokerUtility.exe [3402832 2020-09-23] (Adobe Inc. -> Adobe Systems, Incorporated)
Task: {5FACED1A-309F-4D22-AB86-B4A1F8455210} - System32\Tasks\Adobe Acrobat Update Task => C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\AdobeARM.exe [1341008 2020-09-06] (Adobe Inc. -> Adobe Inc.)
Task: {6950C17C-B842-4F7D-9124-7E02A3B2EAFB} - System32\Tasks\AdobeAAMUpdater-1.0-DESKTOP-89RL4UG-wow => C:\Program Files (x86)\Common Files\Adobe\OOBE\PDApp\UWA\UpdaterStartupUtility.exe
Task: {8099E23A-872C-4308-94AB-E51546340684} - System32\Tasks\GoogleUpdateTaskMachineCore => C:\Program Files (x86)\Google\Update\GoogleUpdate.exe [153168 2017-05-04] (Google Inc -> Google Inc.)
Task: {80E825D2-0663-4575-97D1-B7C2950BD93B} - System32\Tasks\Adobe Flash Player Updater => C:\WINDOWS\SysWOW64\Macromed\Flash\FlashPlayerUpdateService.exe [335416 2020-09-12] (Adobe Inc. -> Adobe)
Task: {B69FD22A-9A0C-441C-B60C-2C1F9C81D3F3} - System32\Tasks\AvastUpdateTaskMachineUA => C:\Program Files (x86)\AVAST Software\Browser\Update\AvastBrowserUpdate.exe [164984 2018-07-08] (AVAST Software s.r.o. -> AVAST Software)
Task: {E8961676-42B6-4068-BE5D-4C9690304F05} - System32\Tasks\GoogleUpdateTaskMachineUA => C:\Program Files (x86)\Google\Update\GoogleUpdate.exe [153168 2017-05-04] (Google Inc -> Google Inc.)
FF Extension: (No Name) - C:\Users\wow\AppData\Roaming\Mozilla\Firefox\Profiles\sex1ek5a.default\extensions\{ea614400-e918-4741-9a97-7a972ff7c30b} [not found]
CHR HKU\S-1-5-21-3829197068-2955107618-1151059083-1001\SOFTWARE\Google\Chrome\Extensions\...\Chrome\Extension: [lmjegmlicamnimmfhcmpkclmigmmcbeh]
CHR HKLM-x32\...\Chrome\Extension: [eofcbnmajmjmplflapaojjnihcjkigck]
2020-10-18 12:18 - 2017-12-03 20:31 - 000000180 _____ C:\WINDOWS\system32\{A6D608F0-0BDE-491A-97AE-5C4B05D86E01}.bat
2017-05-04 08:56 - 2017-05-04 09:20 - 000000600 _____ () C:\Users\wow\AppData\Roaming\winscp.rnd
2018-05-19 09:31 - 2019-05-01 21:33 - 000003584 _____ () C:\Users\wow\AppData\Local\DCBC2A71-70D8-4DAN-EHR8-E0D61DEA3FDF.ini
2018-10-13 17:28 - 2018-10-13 17:28 - 000000000 _____ () C:\Users\wow\AppData\Local\oobelibMkey.log
2017-05-08 20:42 - 2017-11-30 12:50 - 000007605 _____ () C:\Users\wow\AppData\Local\Resmon.ResmonCfg
ContextMenuHandlers5: [igfxcui] -> {3AB1675A-CCFF-11D2-8B20-00A0C93CB1F4} => -> No File

EmptyTemp:

Poznamkovy blok ulozte pod nazvom fixlist.txt do umiestnenia kde je FRST.
Spustite FRST a odkliknite tlacidlo: Fix
Vykona sa funkcionalita po ktorej sa pocitac rebootuje. Po reboote sem vlozte obsah logu: fixlog.txt ulozeneho v umiestneni FRST.
Vyšla moja nová kniha BOTNETY! :173: Informácie o nej nájdete tu: >> BOTNETY <<

¯­­­¯­­­¯­­­¯­­­¯­­­¯­­­¯­­­¯­­­¯­­­¯­­­¯­­­¯­­­¯­­­¯­­­¯­­­¯­­­¯­­­¯­­­¯­­­¯­­­¯­­­¯­­­¯­­­¯­­­¯­­­¯­­­¯­­­¯­­­¯­­­¯­­­¯­­­¯­­­¯­­­¯­­­¯­­­¯­­­¯­­­¯­­­¯­­­¯­­­¯­­­¯­­­¯­­­¯­­­¯­­­¯­­­¯­­­¯­­­¯­­­¯­­­¯­­­¯­­­¯­­­¯­­­¯­­­¯­­­¯­­­¯­­­¯­­­¯­­­¯­­­¯­­­¯­­­¯­­­¯­­­¯­­­¯­­­¯­­­¯­­­¯­­­¯­­­¯­­­¯­­­¯­­­¯­­­¯­­­¯­­­¯­­­¯­­­¯­­­¯­­­¯­­­¯­­­¯­­­¯­­­¯­­­¯­­­¯­­­¯­­­¯­­­¯­­­¯­­­¯­­­¯­­­¯­­­¯­­­¯­­­¯­­­¯­­­¯­­­¯­­­¯­­­¯­­­¯­­­¯­­­¯­­­¯­­­¯­­­¯­­­¯­­­¯­­­¯­­­¯­­­¯­­­¯­­­¯­­­¯­­­¯­­­¯­­­¯­­­¯­­­¯­­­¯­­­¯­­­¯­­­¯­­­¯­­­¯­­­¯­­­¯­­­¯­­­¯­­­¯­­­¯­­­¯­­­¯­­­¯­­­¯­­­¯­­­¯­­­¯­­­
---
Obrázek Hľadáme nové posily do nášej CyberSecurity UNIT jednotky. Viac informácií o tom, čo to obnáša a ako sa pripojiť nájdete tu: >> CyberSecurity UNIT << Obrázek
----
Nízkoúrovňový, Vysokoúrovňový programátor - profilová karta tu: card <<
----
Háveťárna - UPLOAD Malwaru: >> upload <<
---
Ak sa Vám ľúbi moja práca a ste sňou spokojný, môžete ma kontaktovať na: diallix@centrum.sk, info@diallix.net alebo diallix@forum.viry.cz .
---
Momentálne aktívny ako:
- konzultant, vývojár a tutor výskumu inteligentného malwaru.
- tutor v oblasti dotazovacích jazykoch SQL (TSQL, PLSQL), objektového programovania (c++,c#,php) pre študentov.

Na fóre pôsobím ako:
- Bezpečnostná autorita viry.cz
- Zástupca tutora pre vzdelávanie nováčikov
- Zakladateľ Cyber Security jednotky

mlzd
Návštěvník
Návštěvník
Příspěvky: 114
Registrován: 02 led 2005 00:36
Bydliště: VDF

Re: Kontrolu logu, prosím - zdlouhavé načítání

#9 Příspěvek od mlzd »

Fix result of Farbar Recovery Scan Tool (x64) Version: 14-10-2020
Ran by wow (19-10-2020 10:49:55) Run:1
Running from C:\Users\wow\Desktop
Loaded Profiles: wow
Boot Mode: Normal
==============================================

fixlist content:
*****************
HKLM\...\Run: [AdobeGCInvoker-1.0] => C:\Program Files (x86)\Common Files\Adobe\AdobeGCClient\AGCInvokerUtility.exe [3402832 2020-09-23] (Adobe Inc. -> Adobe Systems, Incorporated)
HKU\S-1-5-21-3829197068-2955107618-1151059083-1001\...\MountPoints2: {c238881e-3093-11e7-9bcb-b8aeed9e8c33} - "F:\WD Drive Unlock.exe" autoplay=true
HKLM\SOFTWARE\Policies\Mozilla\Firefox: Restriction <==== ATTENTION
HKLM\SOFTWARE\Policies\Google: Restriction <==== ATTENTION
Task: {2AB8667D-C5F6-4D6F-880F-0C5BEB1CD428} - System32\Tasks\AdobeGCInvoker-1.0 => C:\Program Files (x86)\Common Files\Adobe\AdobeGCClient\AGCInvokerUtility.exe [3402832 2020-09-23] (Adobe Inc. -> Adobe Systems, Incorporated)
Task: {5FACED1A-309F-4D22-AB86-B4A1F8455210} - System32\Tasks\Adobe Acrobat Update Task => C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\AdobeARM.exe [1341008 2020-09-06] (Adobe Inc. -> Adobe Inc.)
Task: {6950C17C-B842-4F7D-9124-7E02A3B2EAFB} - System32\Tasks\AdobeAAMUpdater-1.0-DESKTOP-89RL4UG-wow => C:\Program Files (x86)\Common Files\Adobe\OOBE\PDApp\UWA\UpdaterStartupUtility.exe
Task: {8099E23A-872C-4308-94AB-E51546340684} - System32\Tasks\GoogleUpdateTaskMachineCore => C:\Program Files (x86)\Google\Update\GoogleUpdate.exe [153168 2017-05-04] (Google Inc -> Google Inc.)
Task: {80E825D2-0663-4575-97D1-B7C2950BD93B} - System32\Tasks\Adobe Flash Player Updater => C:\WINDOWS\SysWOW64\Macromed\Flash\FlashPlayerUpdateService.exe [335416 2020-09-12] (Adobe Inc. -> Adobe)
Task: {B69FD22A-9A0C-441C-B60C-2C1F9C81D3F3} - System32\Tasks\AvastUpdateTaskMachineUA => C:\Program Files (x86)\AVAST Software\Browser\Update\AvastBrowserUpdate.exe [164984 2018-07-08] (AVAST Software s.r.o. -> AVAST Software)
Task: {E8961676-42B6-4068-BE5D-4C9690304F05} - System32\Tasks\GoogleUpdateTaskMachineUA => C:\Program Files (x86)\Google\Update\GoogleUpdate.exe [153168 2017-05-04] (Google Inc -> Google Inc.)
FF Extension: (No Name) - C:\Users\wow\AppData\Roaming\Mozilla\Firefox\Profiles\sex1ek5a.default\extensions\{ea614400-e918-4741-9a97-7a972ff7c30b} [not found]
CHR HKU\S-1-5-21-3829197068-2955107618-1151059083-1001\SOFTWARE\Google\Chrome\Extensions\...\Chrome\Extension: [lmjegmlicamnimmfhcmpkclmigmmcbeh]
CHR HKLM-x32\...\Chrome\Extension: [eofcbnmajmjmplflapaojjnihcjkigck]
2020-10-18 12:18 - 2017-12-03 20:31 - 000000180 _____ C:\WINDOWS\system32\{A6D608F0-0BDE-491A-97AE-5C4B05D86E01}.bat
2017-05-04 08:56 - 2017-05-04 09:20 - 000000600 _____ () C:\Users\wow\AppData\Roaming\winscp.rnd
2018-05-19 09:31 - 2019-05-01 21:33 - 000003584 _____ () C:\Users\wow\AppData\Local\DCBC2A71-70D8-4DAN-EHR8-E0D61DEA3FDF.ini
2018-10-13 17:28 - 2018-10-13 17:28 - 000000000 _____ () C:\Users\wow\AppData\Local\oobelibMkey.log
2017-05-08 20:42 - 2017-11-30 12:50 - 000007605 _____ () C:\Users\wow\AppData\Local\Resmon.ResmonCfg
ContextMenuHandlers5: [igfxcui] -> {3AB1675A-CCFF-11D2-8B20-00A0C93CB1F4} => -> No File

EmptyTemp:


*****************

"HKLM\Software\Microsoft\Windows\CurrentVersion\Run\\AdobeGCInvoker-1.0" => removed successfully
HKU\S-1-5-21-3829197068-2955107618-1151059083-1001\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\MountPoints2\{c238881e-3093-11e7-9bcb-b8aeed9e8c33} => removed successfully
HKLM\SOFTWARE\Policies\Mozilla => removed successfully
HKLM\SOFTWARE\Policies\Google => removed successfully
"HKLM\Software\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Plain\{2AB8667D-C5F6-4D6F-880F-0C5BEB1CD428}" => removed successfully
"HKLM\Software\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tasks\{2AB8667D-C5F6-4D6F-880F-0C5BEB1CD428}" => removed successfully
C:\WINDOWS\System32\Tasks\AdobeGCInvoker-1.0 => moved successfully
"HKLM\Software\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tree\AdobeGCInvoker-1.0" => removed successfully
"HKLM\Software\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Logon\{5FACED1A-309F-4D22-AB86-B4A1F8455210}" => removed successfully
"HKLM\Software\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tasks\{5FACED1A-309F-4D22-AB86-B4A1F8455210}" => removed successfully
C:\WINDOWS\System32\Tasks\Adobe Acrobat Update Task => moved successfully
"HKLM\Software\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tree\Adobe Acrobat Update Task" => removed successfully
"HKLM\Software\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Plain\{6950C17C-B842-4F7D-9124-7E02A3B2EAFB}" => removed successfully
"HKLM\Software\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tasks\{6950C17C-B842-4F7D-9124-7E02A3B2EAFB}" => removed successfully
C:\WINDOWS\System32\Tasks\AdobeAAMUpdater-1.0-DESKTOP-89RL4UG-wow => moved successfully
"HKLM\Software\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tree\AdobeAAMUpdater-1.0-DESKTOP-89RL4UG-wow" => removed successfully
"HKLM\Software\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Logon\{8099E23A-872C-4308-94AB-E51546340684}" => removed successfully
"HKLM\Software\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tasks\{8099E23A-872C-4308-94AB-E51546340684}" => removed successfully
C:\WINDOWS\System32\Tasks\GoogleUpdateTaskMachineCore => moved successfully
"HKLM\Software\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tree\GoogleUpdateTaskMachineCore" => removed successfully
HKLM\Software\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Plain\{80E825D2-0663-4575-97D1-B7C2950BD93B} => removed successfully
HKLM\Software\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tasks\{80E825D2-0663-4575-97D1-B7C2950BD93B} => removed successfully
C:\WINDOWS\System32\Tasks\Adobe Flash Player Updater => moved successfully
HKLM\Software\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tree\Adobe Flash Player Updater => removed successfully
"HKLM\Software\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Plain\{B69FD22A-9A0C-441C-B60C-2C1F9C81D3F3}" => removed successfully
"HKLM\Software\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tasks\{B69FD22A-9A0C-441C-B60C-2C1F9C81D3F3}" => removed successfully
C:\WINDOWS\System32\Tasks\AvastUpdateTaskMachineUA => moved successfully
"HKLM\Software\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tree\AvastUpdateTaskMachineUA" => removed successfully
"HKLM\Software\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Plain\{E8961676-42B6-4068-BE5D-4C9690304F05}" => removed successfully
"HKLM\Software\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tasks\{E8961676-42B6-4068-BE5D-4C9690304F05}" => removed successfully
C:\WINDOWS\System32\Tasks\GoogleUpdateTaskMachineUA => moved successfully
"HKLM\Software\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tree\GoogleUpdateTaskMachineUA" => removed successfully
C:\Users\wow\AppData\Roaming\Mozilla\Firefox\Profiles\sex1ek5a.default\extensions\{ea614400-e918-4741-9a97-7a972ff7c30b} => path removed successfully
HKU\S-1-5-21-3829197068-2955107618-1151059083-1001\SOFTWARE\Google\Chrome\Extensions\lmjegmlicamnimmfhcmpkclmigmmcbeh => removed successfully
HKLM\SOFTWARE\Wow6432Node\Google\Chrome\Extensions\eofcbnmajmjmplflapaojjnihcjkigck => removed successfully
C:\WINDOWS\system32\{A6D608F0-0BDE-491A-97AE-5C4B05D86E01}.bat => moved successfully
C:\Users\wow\AppData\Roaming\winscp.rnd => moved successfully
C:\Users\wow\AppData\Local\DCBC2A71-70D8-4DAN-EHR8-E0D61DEA3FDF.ini => moved successfully
C:\Users\wow\AppData\Local\oobelibMkey.log => moved successfully
C:\Users\wow\AppData\Local\Resmon.ResmonCfg => moved successfully
HKLM\Software\Classes\Directory\Background\ShellEx\ContextMenuHandlers\igfxcui => removed successfully

=========== EmptyTemp: ==========

BITS transfer queue => 10510336 B
DOMStore, IE Recovery, AppCache, Feeds Cache, Thumbcache, IconCache => 7416674 B
Java, Flash, Steam htmlcache => 291 B
Windows/system/drivers => 414003 B
Edge => 0 B
Chrome => 139264 B
Firefox => 30362056 B
Opera => 0 B

Temp, IE cache, history, cookies, recent:
Default => 0 B
Users => 0 B
ProgramData => 0 B
Public => 0 B
systemprofile => 0 B
systemprofile32 => 0 B
LocalService => 53186 B
NetworkService => 53186 B
wow => 60523662 B

RecycleBin => 77330084 B
EmptyTemp: => 178.1 MB temporary data Removed.

================================


The system needed a reboot.

==== End of Fixlog 10:52:04 ====

Uživatelský avatar
Diallix
Rádce
Rádce
Příspěvky: 2760
Registrován: 27 dub 2008 10:34
Kontaktovat uživatele:

Re: Kontrolu logu, prosím - zdlouhavé načítání

#10 Příspěvek od Diallix »

Ako je na tom pocitac?
Vyšla moja nová kniha BOTNETY! :173: Informácie o nej nájdete tu: >> BOTNETY <<

¯­­­¯­­­¯­­­¯­­­¯­­­¯­­­¯­­­¯­­­¯­­­¯­­­¯­­­¯­­­¯­­­¯­­­¯­­­¯­­­¯­­­¯­­­¯­­­¯­­­¯­­­¯­­­¯­­­¯­­­¯­­­¯­­­¯­­­¯­­­¯­­­¯­­­¯­­­¯­­­¯­­­¯­­­¯­­­¯­­­¯­­­¯­­­¯­­­¯­­­¯­­­¯­­­¯­­­¯­­­¯­­­¯­­­¯­­­¯­­­¯­­­¯­­­¯­­­¯­­­¯­­­¯­­­¯­­­¯­­­¯­­­¯­­­¯­­­¯­­­¯­­­¯­­­¯­­­¯­­­¯­­­¯­­­¯­­­¯­­­¯­­­¯­­­¯­­­¯­­­¯­­­¯­­­¯­­­¯­­­¯­­­¯­­­¯­­­¯­­­¯­­­¯­­­¯­­­¯­­­¯­­­¯­­­¯­­­¯­­­¯­­­¯­­­¯­­­¯­­­¯­­­¯­­­¯­­­¯­­­¯­­­¯­­­¯­­­¯­­­¯­­­¯­­­¯­­­¯­­­¯­­­¯­­­¯­­­¯­­­¯­­­¯­­­¯­­­¯­­­¯­­­¯­­­¯­­­¯­­­¯­­­¯­­­¯­­­¯­­­¯­­­¯­­­¯­­­¯­­­¯­­­¯­­­¯­­­¯­­­¯­­­¯­­­¯­­­¯­­­¯­­­¯­­­¯­­­¯­­­¯­­­¯­­­¯­­­¯­­­¯­­­
---
Obrázek Hľadáme nové posily do nášej CyberSecurity UNIT jednotky. Viac informácií o tom, čo to obnáša a ako sa pripojiť nájdete tu: >> CyberSecurity UNIT << Obrázek
----
Nízkoúrovňový, Vysokoúrovňový programátor - profilová karta tu: card <<
----
Háveťárna - UPLOAD Malwaru: >> upload <<
---
Ak sa Vám ľúbi moja práca a ste sňou spokojný, môžete ma kontaktovať na: diallix@centrum.sk, info@diallix.net alebo diallix@forum.viry.cz .
---
Momentálne aktívny ako:
- konzultant, vývojár a tutor výskumu inteligentného malwaru.
- tutor v oblasti dotazovacích jazykoch SQL (TSQL, PLSQL), objektového programovania (c++,c#,php) pre študentov.

Na fóre pôsobím ako:
- Bezpečnostná autorita viry.cz
- Zástupca tutora pre vzdelávanie nováčikov
- Zakladateľ Cyber Security jednotky

mlzd
Návštěvník
Návštěvník
Příspěvky: 114
Registrován: 02 led 2005 00:36
Bydliště: VDF

Re: Kontrolu logu, prosím - zdlouhavé načítání

#11 Příspěvek od mlzd »

Zatím to vypadá na to, že se "umoudřil". Startovací doba je přiměřená a pak běží celkem v klidu. Vaše pomoc byla účinná - děkuji! Zdenek

Uživatelský avatar
Diallix
Rádce
Rádce
Příspěvky: 2760
Registrován: 27 dub 2008 10:34
Kontaktovat uživatele:

Re: Kontrolu logu, prosím - zdlouhavé načítání

#12 Příspěvek od Diallix »

Za malicko, nemate zac :]]
Vyšla moja nová kniha BOTNETY! :173: Informácie o nej nájdete tu: >> BOTNETY <<

¯­­­¯­­­¯­­­¯­­­¯­­­¯­­­¯­­­¯­­­¯­­­¯­­­¯­­­¯­­­¯­­­¯­­­¯­­­¯­­­¯­­­¯­­­¯­­­¯­­­¯­­­¯­­­¯­­­¯­­­¯­­­¯­­­¯­­­¯­­­¯­­­¯­­­¯­­­¯­­­¯­­­¯­­­¯­­­¯­­­¯­­­¯­­­¯­­­¯­­­¯­­­¯­­­¯­­­¯­­­¯­­­¯­­­¯­­­¯­­­¯­­­¯­­­¯­­­¯­­­¯­­­¯­­­¯­­­¯­­­¯­­­¯­­­¯­­­¯­­­¯­­­¯­­­¯­­­¯­­­¯­­­¯­­­¯­­­¯­­­¯­­­¯­­­¯­­­¯­­­¯­­­¯­­­¯­­­¯­­­¯­­­¯­­­¯­­­¯­­­¯­­­¯­­­¯­­­¯­­­¯­­­¯­­­¯­­­¯­­­¯­­­¯­­­¯­­­¯­­­¯­­­¯­­­¯­­­¯­­­¯­­­¯­­­¯­­­¯­­­¯­­­¯­­­¯­­­¯­­­¯­­­¯­­­¯­­­¯­­­¯­­­¯­­­¯­­­¯­­­¯­­­¯­­­¯­­­¯­­­¯­­­¯­­­¯­­­¯­­­¯­­­¯­­­¯­­­¯­­­¯­­­¯­­­¯­­­¯­­­¯­­­¯­­­¯­­­¯­­­¯­­­¯­­­¯­­­¯­­­¯­­­¯­­­¯­­­¯­­­¯­­­
---
Obrázek Hľadáme nové posily do nášej CyberSecurity UNIT jednotky. Viac informácií o tom, čo to obnáša a ako sa pripojiť nájdete tu: >> CyberSecurity UNIT << Obrázek
----
Nízkoúrovňový, Vysokoúrovňový programátor - profilová karta tu: card <<
----
Háveťárna - UPLOAD Malwaru: >> upload <<
---
Ak sa Vám ľúbi moja práca a ste sňou spokojný, môžete ma kontaktovať na: diallix@centrum.sk, info@diallix.net alebo diallix@forum.viry.cz .
---
Momentálne aktívny ako:
- konzultant, vývojár a tutor výskumu inteligentného malwaru.
- tutor v oblasti dotazovacích jazykoch SQL (TSQL, PLSQL), objektového programovania (c++,c#,php) pre študentov.

Na fóre pôsobím ako:
- Bezpečnostná autorita viry.cz
- Zástupca tutora pre vzdelávanie nováčikov
- Zakladateľ Cyber Security jednotky

Zamčeno