Preventivní kontrola

Zpráva

Kowy · #1 Příspěvek od **Kowy** » 12 lis 2020 18:51

Zdravím,

prosím o preventivní kontrolu. Děkuji

Logfile of random's system information tool 1.10 (written by random/random)
Run by PC at 2020-11-12 18:43:52
Microsoft Windows 7 Professional Service Pack 1
System drive C: has 144 GB (60%) free of 238 GB
Total RAM: 3241 MB (42% free)

Logfile of Trend Micro HijackThis v2.0.4
Scan saved at 18:45:06, on 12.11.2020
Platform: Windows 7 SP1 (WinNT 6.00.3505)
MSIE: Internet Explorer v11.0 (11.00.9600.19597)
Boot mode: Normal

Running processes:
C:\Windows\system32\taskhost.exe
C:\Program Files\AVAST Software\Avast\aswEngSrv.exe
C:\Windows\system32\Dwm.exe
C:\Windows\Explorer.EXE
C:\Windows\System32\igfxtray.exe
C:\Windows\System32\hkcmd.exe
C:\Windows\System32\igfxpers.exe
C:\Program Files\ESET\ESET Endpoint Security\egui.exe
C:\Program Files\TeamViewer\TeamViewer.exe
C:\Program Files\Cobian Backup 11\cbInterface.exe
C:\Program Files\DAEMON Tools Ultra\DTAgent.exe
C:\Program Files\AVAST Software\Avast\AvastUI.exe
C:\Program Files\Safe In Cloud\SafeInCloud.exe
C:\Windows\system32\taskeng.exe
C:\Program Files\CCleaner\CCleaner.exe
C:\Users\PC\AppData\Local\SynologyDrive\SynologyDrive.app\bin\cloud-drive-ui.exe
C:\Users\PC\AppData\Local\SynologyDrive\SynologyDrive.app\bin\cloud-drive-connect.exe
C:\Windows\system32\conhost.exe
C:\Users\PC\AppData\Local\SynologyDrive\SynologyDrive.app\bin\cloud-drive-daemon.exe
C:\Windows\system32\conhost.exe
C:\Program Files\AVAST Software\Avast\AvastUI.exe
C:\Program Files\AVAST Software\Avast\AvastUI.exe
C:\Program Files\DAEMON Tools Ultra\DTShellHlp.exe
C:\Windows\system32\igfxsrvc.exe
C:\Program Files\Google\Chrome\Application\chrome.exe
C:\Program Files\Google\Chrome\Application\chrome.exe
C:\Program Files\Google\Chrome\Application\chrome.exe
C:\Program Files\Google\Chrome\Application\chrome.exe
C:\Program Files\Google\Chrome\Application\chrome.exe
C:\Program Files\Google\Chrome\Application\chrome.exe
C:\Program Files\Google\Chrome\Application\chrome.exe
C:\Program Files\Google\Chrome\Application\chrome.exe
C:\Program Files\Google\Chrome\Application\chrome.exe
C:\totalcmd\TOTALCMD.EXE
C:\Program Files\Google\Chrome\Application\chrome.exe
C:\Program Files\Google\Chrome\Application\chrome.exe
C:\Program Files\Google\Chrome\Application\chrome.exe
C:\Users\PC\Downloads\RSIT (1).exe
C:\Program Files\trend micro\PC.exe

R1 - HKCU\Software\Microsoft\Internet Explorer\Main,Search Page = http://go.microsoft.com/fwlink/?LinkId=54896
R0 - HKCU\Software\Microsoft\Internet Explorer\Main,Start Page = http://go.microsoft.com/fwlink/?LinkId=69157
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = http://go.microsoft.com/fwlink/p/?LinkId=255141
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Search_URL = http://go.microsoft.com/fwlink/?LinkId=54896
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Search Page = http://go.microsoft.com/fwlink/?LinkId=54896
R0 - HKLM\Software\Microsoft\Internet Explorer\Main,Start Page = http://go.microsoft.com/fwlink/p/?LinkId=255141
R0 - HKLM\Software\Microsoft\Internet Explorer\Search,SearchAssistant =
R0 - HKLM\Software\Microsoft\Internet Explorer\Search,CustomizeSearch =
R0 - HKCU\Software\Microsoft\Internet Explorer\Toolbar,LinksFolderName =
O2 - BHO: IEToEdge BHO - {1FD49718-1D00-4B19-AF5F-070AF6D5D54C} - C:\Program Files\Microsoft\Edge\Application\86.0.622.63\BHO\ie_to_edge_bho.dll
O2 - BHO: PDF Architect 5 Helper - {AEA429F3-D2D4-4BD7-A03E-5357DA017733} - C:\Program Files\PDF Architect 5\creator-ie-helper.dll
O3 - Toolbar: PDF Architect 5 Toolbar - {84F23192-A475-4038-B5C0-8584777F2DF4} - C:\Program Files\PDF Architect 5\creator-ie-plugin.dll
O4 - HKLM\..\Run: [IgfxTray] "C:\Windows\system32\igfxtray.exe"
O4 - HKLM\..\Run: [HotKeysCmds] "C:\Windows\system32\hkcmd.exe"
O4 - HKLM\..\Run: [Persistence] "C:\Windows\system32\igfxpers.exe"
O4 - HKLM\..\Run: [Cobian Backup 11 interface] "C:\Program Files\Cobian Backup 11\cbInterface.exe" -service
O4 - HKLM\..\Run: [AvastUI.exe] "C:\Program Files\AVAST Software\Avast\AvLaunch.exe" /gui
O4 - HKCU\..\Run: [DAEMON Tools Ultra Agent] "C:\Program Files\DAEMON Tools Ultra\DTAgent.exe" -autorun
O4 - HKCU\..\Run: [SafeInCloud] "C:\Program Files\Safe In Cloud\SafeInCloud.exe" /auto-start
O4 - HKCU\..\Run: [CCleaner Smart Cleaning] "C:\Program Files\CCleaner\CCleaner.exe" /MONITOR
O4 - HKUS\S-1-5-19\..\Run: [Sidebar] %ProgramFiles%\Windows Sidebar\Sidebar.exe /autoRun (User 'LOCAL SERVICE')
O4 - HKUS\S-1-5-19\..\RunOnce: [mctadmin] C:\Windows\System32\mctadmin.exe (User 'LOCAL SERVICE')
O4 - HKUS\S-1-5-20\..\Run: [Sidebar] %ProgramFiles%\Windows Sidebar\Sidebar.exe /autoRun (User 'NETWORK SERVICE')
O4 - HKUS\S-1-5-20\..\RunOnce: [mctadmin] C:\Windows\System32\mctadmin.exe (User 'NETWORK SERVICE')
O4 - HKUS\S-1-5-18\..\RunOnce: [SPReview] "C:\Windows\System32\SPReview\SPReview.exe" /sp:1 /errorfwlink:"http://go.microsoft.com/fwlink/?LinkID=122915" /build:7601 (User 'SYSTEM')
O4 - HKUS\.DEFAULT\..\RunOnce: [SPReview] "C:\Windows\System32\SPReview\SPReview.exe" /sp:1 /errorfwlink:"http://go.microsoft.com/fwlink/?LinkID=122915" /build:7601 (User 'Default user')
O4 - Startup: Synology Drive.lnk = C:\Program Files\Synology\SynologyDrive\bin\launcher.exe
O8 - Extra context menu item: E&xportovat do aplikace Microsoft Office Excel - res://C:\PROGRA~1\MICROS~1\OFFICE11\EXCEL.EXE/3000
O9 - Extra button: Zdroje informací - {92780B25-18CC-41C8-B9BE-3C9C571A8263} - C:\PROGRA~1\MICROS~1\OFFICE11\REFIEBAR.DLL
O11 - Options group: [ACCELERATED_GRAPHICS] Accelerated graphics
O15 - Trusted Zone: *.dell.com
O23 - Service: 602Updater (602XML Updater) - Software602 a.s. - C:\Program Files\Common Files\soft602\602updsvc\602updsvc.exe
O23 - Service: Adobe Acrobat Update Service (AdobeARMservice) - Adobe Inc. - C:\Program Files\Common Files\Adobe\ARM\1.0\armsvc.exe
O23 - Service: Adobe Flash Player Update Service (AdobeFlashPlayerUpdateSvc) - Adobe - C:\Windows\system32\Macromed\Flash\FlashPlayerUpdateService.exe
O23 - Service: aswbIDSAgent - AVAST Software - C:\Program Files\AVAST Software\Avast\aswidsagent.exe
O23 - Service: Služba Avast Browser Update (avast) (avast) - AVAST Software - C:\Program Files\AVAST Software\Browser\Update\AvastBrowserUpdate.exe
O23 - Service: Avast Antivirus (avast! Antivirus) - AVAST Software - C:\Program Files\AVAST Software\Avast\AvastSvc.exe
O23 - Service: Služba Avast Browser Update (avastm) (avastm) - AVAST Software - C:\Program Files\AVAST Software\Browser\Update\AvastBrowserUpdate.exe
O23 - Service: Avast Secure Browser Elevation Service (AvastSecureBrowserElevationService) - AVAST Software - C:\Program Files\AVAST Software\Browser\Application\86.1.6738.112\elevation_service.exe
O23 - Service: Cobian Backup 11 Stínová kopie - Requester (cbVSCService11) - CobianSoft, Luis Cobian - C:\Program Files\Cobian Backup 11\cbVSCService11.exe
O23 - Service: Služba CCleaner Browser Update (ccleaner) (ccleaner) - Piriform Software - C:\Program Files\CCleaner Browser\Update\CCleanerBrowserUpdate.exe
O23 - Service: CCleaner Browser Elevation Service (CCleanerBrowserElevationService) - Piriform Software - C:\Program Files\CCleaner Browser\Application\86.0.6404.78\elevation_service.exe
O23 - Service: Služba CCleaner Browser Update (ccleanerm) (ccleanerm) - Piriform Software - C:\Program Files\CCleaner Browser\Update\CCleanerBrowserUpdate.exe
O23 - Service: Cobian Backup 11 Gravity (CobianBackup11) - Luis Cobian, CobianSoft - C:\Program Files\Cobian Backup 11\cbService.exe
O23 - Service: Intel(R) Content Protection HECI Service (cphs) - Intel Corporation - C:\Windows\system32\IntelCpHeciSvc.exe
O23 - Service: Disc Soft Ultra Bus Service - Disc Soft Ltd - C:\Program Files\DAEMON Tools Ultra\DiscSoftBusServiceUltra.exe
O23 - Service: ESET Service (ekrn) - ESET - C:\Program Files\ESET\ESET Endpoint Security\ekrn.exe
O23 - Service: Google Chrome Elevation Service (GoogleChromeElevationService) - Google LLC - C:\Program Files\Google\Chrome\Application\86.0.4240.193\elevation_service.exe
O23 - Service: Služba Aktualizace Google (gupdate) (gupdate) - Google Inc. - C:\Program Files\Google\Update\GoogleUpdate.exe
O23 - Service: Služba Aktualizace Google (gupdatem) (gupdatem) - Google Inc. - C:\Program Files\Google\Update\GoogleUpdate.exe
O23 - Service: HP Support Solutions Framework Service (HPSupportSolutionsFrameworkService) - HP Inc. - C:\Program Files\Hewlett-Packard\HP Support Solutions\HPSupportSolutionsFrameworkService.exe
O23 - Service: LiveUpdate - Symantec Corporation - C:\PROGRA~1\Symantec\LIVEUP~1\LUCOMS~1.EXE
O23 - Service: Mozilla Maintenance Service (MozillaMaintenance) - Mozilla Foundation - C:\Program Files\Mozilla Maintenance Service\maintenanceservice.exe
O23 - Service: PDF Architect 5 - pdfforge GmbH - C:\Program Files\PDF Architect 5\ws.exe
O23 - Service: PDF Architect 5 CrashHandler - pdfforge GmbH - C:\Program Files\PDF Architect 5\crash-handler-ws.exe
O23 - Service: PDF Architect 5 Creator - pdfforge GmbH - C:\Program Files\PDF Architect 5\creator-ws.exe
O23 - Service: PDF Architect 5 Manager - Â© pdfforge GmbH. - C:\Program Files\PDF Architect 5 Manager\PDF Architect 5\Architect Manager.exe
O23 - Service: Synology Drive VSS Service - Unknown owner - C:\Program Files\Synology\SynologyDrive\bin\vss-service.exe
O23 - Service: TeamViewer 13 (TeamViewer) - TeamViewer GmbH - C:\Program Files\TeamViewer\TeamViewer_Service.exe

--
End of file - 9234 bytes

=========Mozilla firefox=========

ProfilePath - C:\Users\PC\AppData\Roaming\Mozilla\Firefox\Profiles\3qzsf14o.default-1496819535780

[HKEY_LOCAL_MACHINE\SOFTWARE\MozillaPlugins\@adobe.com/FlashPlayer]
"Description"=Adobe® Flash® Player 32.0.0.453 Plugin
"Path"=C:\Windows\system32\Macromed\Flash\NPSWF32_32_0_0_453.dll

[HKEY_LOCAL_MACHINE\SOFTWARE\MozillaPlugins\@software602.cz/602XML Filler]
"Description"=602XML Filler Plugin
"Path"=C:\Program Files\Software602\602XML\Filler\npfiller.dll

[HKEY_LOCAL_MACHINE\SOFTWARE\MozillaPlugins\@update.avastbrowser.com/Avast Browser;version=3]
"Description"=Avast Browser
"Path"=C:\Program Files\AVAST Software\Browser\Update\1.8.1065.0\npAvastBrowserUpdate3.dll

[HKEY_LOCAL_MACHINE\SOFTWARE\MozillaPlugins\@update.avastbrowser.com/Avast Browser;version=9]
"Description"=Avast Browser
"Path"=C:\Program Files\AVAST Software\Browser\Update\1.8.1065.0\npAvastBrowserUpdate3.dll

[HKEY_LOCAL_MACHINE\SOFTWARE\MozillaPlugins\@update.ccleanerbrowser.com/CCleaner Browser;version=3]
"Description"=CCleaner Browser
"Path"=C:\Program Files\CCleaner Browser\Update\1.8.1067.0\npCCleanerBrowserUpdate3.dll

[HKEY_LOCAL_MACHINE\SOFTWARE\MozillaPlugins\@update.ccleanerbrowser.com/CCleaner Browser;version=9]
"Description"=CCleaner Browser
"Path"=C:\Program Files\CCleaner Browser\Update\1.8.1067.0\npCCleanerBrowserUpdate3.dll

[HKEY_LOCAL_MACHINE\SOFTWARE\MozillaPlugins\Adobe Reader]
"Description"=Handles PDFs in-place in Firefox
"Path"=C:\Program Files\Adobe\Acrobat Reader DC\Reader\AIR\nppdf32.dll

[HKEY_LOCAL_MACHINE\SOFTWARE\MozillaPlugins\PDF Architect 5]
"Description"=
"Path"=C:\Program Files\PDF Architect 5\np-previewer.dll

======Registry dump======

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{1FD49718-1D00-4B19-AF5F-070AF6D5D54C}]
IEToEdge BHO - C:\Program Files\Microsoft\Edge\Application\86.0.622.63\BHO\ie_to_edge_bho.dll [2020-11-04 398224]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{AEA429F3-D2D4-4BD7-A03E-5357DA017733}]
PDF Architect 5 Helper - C:\Program Files\PDF Architect 5\creator-ie-helper.dll [2017-07-05 45744]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Internet Explorer\Toolbar]
{84F23192-A475-4038-B5C0-8584777F2DF4} - PDF Architect 5 Toolbar - C:\Program Files\PDF Architect 5\creator-ie-plugin.dll [2017-07-05 555696]

[HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Run]
"IgfxTray"=C:\Windows\system32\igfxtray.exe [2015-06-01 157104]
"HotKeysCmds"=C:\Windows\system32\hkcmd.exe [2015-06-01 192432]
"Persistence"=C:\Windows\system32\igfxpers.exe [2015-06-01 201136]
"Cobian Backup 11 interface"=C:\Program Files\Cobian Backup 11\cbInterface.exe [2013-03-07 4407808]
"AvastUI.exe"=C:\Program Files\AVAST Software\Avast\AvLaunch.exe [2020-10-31 98408]

[HKEY_CURRENT_USER\Software\Microsoft\Windows\CurrentVersion\Run]
"DAEMON Tools Ultra Agent"=C:\Program Files\DAEMON Tools Ultra\DTAgent.exe [2018-02-15 955072]
"SafeInCloud"=C:\Program Files\Safe In Cloud\SafeInCloud.exe [2019-02-13 2337792]
"CCleaner Smart Cleaning"=C:\Program Files\CCleaner\CCleaner.exe [2020-11-10 26781880]

C:\Users\PC\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup
Synology Drive.lnk - C:\Program Files\Synology\SynologyDrive\bin\launcher.exe

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Winlogon\Notify\igfxcui]
C:\Windows\system32\igfxdev.dll [2015-06-01 339456]

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\Lsa]
"notification packages"=scecli
C:\Program Files\TrueKey\McAfeeTrueKeyPasswordFilter
"C:\Program Files\TrueKey\McAfeeTrueKeyPasswordFilter"

[HKEY_LOCAL_MACHINE\system\currentcontrolset\control\securityproviders]
"SecurityProviders"=credssp.dll

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\network\AFD]

[HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Policies\System]
"ConsentPromptBehaviorAdmin"=5
"ConsentPromptBehaviorUser"=3
"EnableUIADesktopToggle"=0
"dontdisplaylastusername"=0
"legalnoticecaption"=
"legalnoticetext"=
"shutdownwithoutlogon"=1
"undockwithoutlogon"=1

[HKEY_LOCAL_MACHINE\system\currentcontrolset\services\sharedaccess\parameters\firewallpolicy\standardprofile\authorizedapplications\list]

[HKEY_LOCAL_MACHINE\system\currentcontrolset\services\sharedaccess\parameters\firewallpolicy\domainprofile\authorizedapplications\list]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Drivers32]
"vidc.mrle"=msrle32.dll
"vidc.msvc"=msvidc32.dll
"msacm.imaadpcm"=imaadp32.acm
"msacm.msg711"=msg711.acm
"msacm.msgsm610"=msgsm32.acm
"msacm.msadpcm"=msadp32.acm
"midimapper"=midimap.dll
"wavemapper"=msacm32.drv
"vidc.uyvy"=msyuv.dll
"vidc.yuy2"=msyuv.dll
"vidc.yvyu"=msyuv.dll
"vidc.iyuv"=iyuv_32.dll
"vidc.i420"=iyuv_32.dll
"vidc.yvu9"=tsbyuv.dll
"msacm.l3acm"=C:\Windows\System32\l3codeca.acm
"vidc.cvid"=iccvid.dll
"wave"=wdmaud.drv
"midi"=wdmaud.drv
"mixer"=wdmaud.drv
"aux"=wdmaud.drv
"wave1"=wdmaud.drv
"midi1"=wdmaud.drv
"mixer1"=wdmaud.drv
"aux1"=wdmaud.drv

======File associations======

.js - edit - C:\Windows\System32\Notepad.exe %1
.js - open - C:\Windows\System32\WScript.exe "%1" %*

======List of files/folders created in the last 1 month======

2020-11-12 18:43:52 ----D---- C:\Program Files\trend micro
2020-11-12 18:43:51 ----D---- C:\rsit
2020-10-31 15:22:07 ----D---- C:\Users\PC\AppData\Roaming\DidaktaCZ
2020-10-31 15:22:00 ----D---- C:\Program Files\DidaktaCZ
2020-10-31 12:55:42 ----D---- C:\Program Files\Microsoft
2020-10-31 11:48:39 ----A---- C:\Windows\system32\aswBoot.exe
2020-10-31 11:48:34 ----A---- C:\Windows\system32\drivers\aswStm.sys
2020-10-31 11:48:32 ----A---- C:\Windows\system32\drivers\aswNetHub.sys
2020-10-31 11:48:32 ----A---- C:\Windows\system32\drivers\aswMonFlt.sys
2020-10-31 11:46:04 ----A---- C:\Windows\system32\drivers\aswNetNd6.sys

======List of files/folders modified in the last 1 month======

2020-11-12 18:43:52 ----RD---- C:\Program Files
2020-11-12 18:40:37 ----D---- C:\Windows\Temp
2020-11-12 18:34:44 ----D---- C:\Program Files\CCleaner
2020-11-12 18:33:51 ----SHD---- C:\Windows\Installer
2020-11-12 18:28:32 ----D---- C:\Windows\system32\Tasks
2020-11-12 18:25:19 ----D---- C:\ProgramData\AVAST Software
2020-11-12 18:24:12 ----D---- C:\Windows\system32\config
2020-11-12 18:10:08 ----D---- C:\Program Files\TeamViewer
2020-11-12 18:09:46 ----D---- C:\Windows
2020-11-12 17:53:34 ----D---- C:\Windows\system32\MRT
2020-11-12 17:53:33 ----D---- C:\Windows\debug
2020-11-12 17:53:21 ----AC---- C:\Windows\system32\MRT.exe
2020-11-12 17:52:30 ----SHD---- C:\System Volume Information
2020-11-12 17:40:17 ----D---- C:\Program Files\CCleaner Browser
2020-11-12 17:38:56 ----HD---- C:\Config.Msi
2020-11-12 17:37:08 ----D---- C:\Windows\System32
2020-11-12 17:37:05 ----A---- C:\Windows\system32\FlashPlayerApp.exe
2020-11-12 17:37:02 ----D---- C:\Windows\system32\Macromed
2020-11-12 17:36:51 ----D---- C:\Windows\Prefetch
2020-11-07 11:14:48 ----D---- C:\Windows\inf
2020-11-07 11:14:48 ----A---- C:\Windows\system32\PerfStringBackup.INI
2020-10-31 12:58:33 ----D---- C:\Windows\winsxs
2020-10-31 12:56:14 ----SD---- C:\ProgramData\Microsoft
2020-10-31 12:54:03 ----D---- C:\Windows\system32\drivers
2020-10-31 11:59:19 ----D---- C:\Windows\Minidump
2020-10-31 11:49:45 ----D---- C:\Windows\system32\DriverStore
2020-10-31 11:28:09 ----SD---- C:\Windows\system32\Microsoft

======List of drivers (R=Running, S=Stopped, 0=Boot, 1=System, 2=Auto, 3=Demand, 4=Disabled)======

R0 aswArDisk;aswArDisk; C:\Windows\system32\drivers\aswArDisk.sys [2020-10-31 35040]
R0 aswbidsh;aswbidsh; C:\Windows\system32\drivers\aswbidsh.sys [2020-10-31 154696]
R0 aswbuniv;aswbuniv; C:\Windows\system32\drivers\aswbuniv.sys [2020-10-31 55888]
R0 aswRvrt;aswRvrt; C:\Windows\system32\drivers\aswRvrt.sys [2020-10-31 72840]
R0 aswVmm;aswVmm; C:\Windows\system32\drivers\aswVmm.sys [2020-10-31 277960]
R0 pciide;pciide; C:\Windows\system32\drivers\pciide.sys [2009-07-14 12368]
R0 rdyboost;ReadyBoost; C:\Windows\System32\drivers\rdyboost.sys [2018-01-01 173288]
R0 vmbus;@%SystemRoot%\system32\vmbusres.dll,-1000; C:\Windows\system32\drivers\vmbus.sys [2010-11-20 175360]
R1 aswArPot;aswArPot; C:\Windows\system32\drivers\aswArPot.sys [2020-10-31 175776]
R1 aswbidsdriver;aswbidsdriver; C:\Windows\system32\drivers\aswbidsdriver.sys [2020-10-31 189520]
R1 aswKbd;aswKbd; C:\Windows\system32\drivers\aswKbd.sys [2020-10-31 40736]
R1 aswNetHub;aswNetHub; C:\Windows\system32\drivers\aswNetHub.sys [2020-10-31 375192]
R1 aswRdr;aswRdr; C:\Windows\system32\drivers\aswRdr2.sys [2020-10-31 94192]
R1 aswSnx;aswSnx; C:\Windows\system32\drivers\aswSnx.sys [2020-10-31 691064]
R1 aswSP;aswSP; C:\Windows\system32\drivers\aswSP.sys [2020-10-31 396616]
R1 CSC;@%systemroot%\system32\cscsvc.dll,-202; C:\Windows\system32\drivers\csc.sys [2018-06-29 389632]
R1 eamonm;eamonm; C:\Windows\system32\DRIVERS\eamonm.sys [2017-02-09 215336]
R1 ehdrv;ehdrv; C:\Windows\system32\DRIVERS\ehdrv.sys [2017-02-09 160736]
R1 epfw;epfw; C:\Windows\system32\DRIVERS\epfw.sys [2017-02-09 121224]
R1 epfwwfp;epfwwfp; C:\Windows\system32\DRIVERS\epfwwfp.sys [2017-02-09 86952]
R2 aswMonFlt;aswMonFlt; C:\Windows\system32\drivers\aswMonFlt.sys [2020-10-31 147712]
R2 aswStm;aswStm; C:\Windows\system32\drivers\aswStm.sys [2020-10-31 163312]
R3 aswNetNd6;Avast Firewall NDIS6 Helper; C:\Windows\system32\DRIVERS\aswNetNd6.sys [2020-10-31 36104]
R3 dtultrascsibus;DAEMON Tools Ultra Virtual SCSI Bus; C:\Windows\system32\DRIVERS\dtultrascsibus.sys [2018-03-14 26168]
R3 dtultrausbbus;DAEMON Tools Ultra Virtual USB Bus; C:\Windows\system32\DRIVERS\dtultrausbbus.sys [2018-03-14 40504]
R3 igfx;igfx; C:\Windows\system32\DRIVERS\igdkmd32.sys [2015-06-01 3788752]
R3 MEI;Intel(R) Management Engine Interface; C:\Windows\system32\DRIVERS\HECI.sys [2011-04-20 41088]
R3 RTL8167;Realtek 8167 NT Driver; C:\Windows\system32\DRIVERS\Rt86win7.sys [2011-06-10 394856]
S1 EpfwLWF;ESET Personal Firewall; C:\Windows\system32\DRIVERS\EpfwLWF.sys [2017-02-09 52680]
S2 npf;NetGroup Packet Filter Driver; \??\C:\Windows\system32\drivers\npf.sys []
S2 Parvdm;Parvdm; C:\Windows\system32\DRIVERS\parvdm.sys [2009-07-14 8704]
S3 aic78xx;aic78xx; C:\Windows\system32\DRIVERS\djsvs.sys [2009-07-14 70720]
S3 amdagp;Ovladač filtru AMD portu AGP; C:\Windows\system32\drivers\amdagp.sys [2019-04-19 52968]
S3 b57nd60x;Broadcom NetXtreme Gigabit Ethernet - NDIS 6.0; C:\Windows\system32\DRIVERS\b57nd60x.sys [2009-07-13 229888]
S3 RDPDR;Terminal Server Device Redirector Driver; C:\Windows\System32\drivers\rdpdr.sys [2010-11-20 133632]
S3 RdpVideoMiniport;Remote Desktop Video Miniport Driver; C:\Windows\System32\drivers\rdpvideominiport.sys [2012-08-23 14848]
S3 s3cap;s3cap; C:\Windows\system32\drivers\vms3cap.sys [2010-11-20 5632]
S3 sisagp;Filtr SIS sběrnice AGP; C:\Windows\system32\drivers\sisagp.sys [2019-04-19 51944]
S3 StillCam;Ovladač digitálního fotoaparátu pro sériový port; C:\Windows\system32\DRIVERS\serscan.sys [2009-07-14 9216]
S3 storvsc;storvsc; C:\Windows\system32\drivers\storvsc.sys [2010-11-20 28032]
S3 TsUsbFlt;@%SystemRoot%\system32\drivers\tsusbflt.sys,-1; C:\Windows\System32\drivers\tsusbflt.sys [2013-10-02 49152]
S3 viaagp;Filtr VIA sběrnice AGP; C:\Windows\system32\drivers\viaagp.sys [2019-04-19 52968]
S3 ViaC7;Ovladač procesoru VIA C7; C:\Windows\system32\drivers\viac7.sys [2020-01-03 53248]
S3 VMBusHID;VMBusHID; C:\Windows\system32\drivers\VMBusHID.sys [2010-11-20 17920]
S3 WDC_SAM;WD SCSI Pass Thru driver; C:\Windows\system32\DRIVERS\wdcsam.sys [2015-04-29 20256]
S3 WinUsb;WinUsb; C:\Windows\system32\DRIVERS\WinUsb.sys [2010-11-20 35968]

======List of services (R=Running, S=Stopped, 0=Boot, 1=System, 2=Auto, 3=Demand, 4=Disabled)======

R2 602XML Updater;602Updater; C:\Program Files\Common Files\soft602\602updsvc\602updsvc.exe [2011-10-10 85344]
R2 AdobeARMservice;Adobe Acrobat Update Service; C:\Program Files\Common Files\Adobe\ARM\1.0\armsvc.exe [2020-09-06 169544]
R2 avast! Antivirus;Avast Antivirus; C:\Program Files\AVAST Software\Avast\AvastSvc.exe [2020-10-31 332344]
R2 cbVSCService11;Cobian Backup 11 Stínová kopie - Requester; C:\Program Files\Cobian Backup 11\cbVSCService11.exe [2013-03-07 67584]
R2 CobianBackup11;Cobian Backup 11 Gravity; C:\Program Files\Cobian Backup 11\cbService.exe [2013-03-07 1131008]
R2 CscService;@%systemroot%\system32\cscsvc.dll,-200; C:\Windows\System32\svchost.exe [2009-07-14 20992]
R2 DiagTrack;@%SystemRoot%\system32\UtcResources.dll,-3001; C:\Windows\System32\svchost.exe [2009-07-14 20992]
R2 ekrn;ESET Service; C:\Program Files\ESET\ESET Endpoint Security\ekrn.exe [2017-02-24 2002480]
R2 HPSupportSolutionsFrameworkService;HP Support Solutions Framework Service; C:\Program Files\Hewlett-Packard\HP Support Solutions\HPSupportSolutionsFrameworkService.exe [2016-12-07 31776]
R2 Net Driver HPZ12;Net Driver HPZ12; C:\Windows\System32\svchost.exe [2009-07-14 20992]
R2 PDF Architect 5 Creator;PDF Architect 5 Creator; C:\Program Files\PDF Architect 5\creator-ws.exe [2017-07-05 780984]
R2 PDF Architect 5 Manager;PDF Architect 5 Manager; C:\Program Files\PDF Architect 5 Manager\PDF Architect 5\Architect Manager.exe [2017-05-16 985848]
R2 Pml Driver HPZ12;Pml Driver HPZ12; C:\Windows\System32\svchost.exe [2009-07-14 20992]
R2 Synology Drive VSS Service;Synology Drive VSS Service; C:\Program Files\Synology\SynologyDrive\bin\vss-service.exe [2018-09-03 247320]
R2 TeamViewer;TeamViewer 13; C:\Program Files\TeamViewer\TeamViewer_Service.exe [2020-07-13 11481104]
R3 aswbIDSAgent;aswbIDSAgent; C:\Program Files\AVAST Software\Avast\aswidsagent.exe [2020-10-31 7522208]
R3 Disc Soft Ultra Bus Service;Disc Soft Ultra Bus Service; C:\Program Files\DAEMON Tools Ultra\DiscSoftBusServiceUltra.exe [2018-02-15 4848832]
S2 avast;Služba Avast Browser Update (avast); C:\Program Files\AVAST Software\Browser\Update\AvastBrowserUpdate.exe [2020-10-31 194200]
S2 ccleaner;Služba CCleaner Browser Update (ccleaner); C:\Program Files\CCleaner Browser\Update\CCleanerBrowserUpdate.exe [2020-10-31 200928]
S2 clr_optimization_v4.0.30319_32;Microsoft .NET Framework NGEN v4.0.30319_X86; C:\Windows\Microsoft.NET\Framework\v4.0.30319\mscorsvw.exe [2019-03-28 132792]
S2 edgeupdate;Služba Microsoft Edge Update (edgeupdate); C:\Program Files\Microsoft\EdgeUpdate\MicrosoftEdgeUpdate.exe [2020-10-31 224152]
S2 gupdate;Služba Aktualizace Google (gupdate); C:\Program Files\Google\Update\GoogleUpdate.exe [2017-06-07 153168]
S3 AdobeFlashPlayerUpdateSvc;Adobe Flash Player Update Service; C:\Windows\system32\Macromed\Flash\FlashPlayerUpdateService.exe [2020-11-12 335416]
S3 AppMgmt;@appmgmts.dll,-3250; C:\Windows\system32\svchost.exe [2009-07-14 20992]
S3 avastm;Služba Avast Browser Update (avastm); C:\Program Files\AVAST Software\Browser\Update\AvastBrowserUpdate.exe [2020-10-31 194200]
S3 AvastSecureBrowserElevationService;Avast Secure Browser Elevation Service; C:\Program Files\AVAST Software\Browser\Application\86.1.6738.112\elevation_service.exe [2020-11-02 1136920]
S3 CCleanerBrowserElevationService;CCleaner Browser Elevation Service; C:\Program Files\CCleaner Browser\Application\86.0.6404.78\elevation_service.exe [2020-10-14 1136920]
S3 ccleanerm;Služba CCleaner Browser Update (ccleanerm); C:\Program Files\CCleaner Browser\Update\CCleanerBrowserUpdate.exe [2020-10-31 200928]
S3 cphs;Intel(R) Content Protection HECI Service; C:\Windows\system32\IntelCpHeciSvc.exe [2015-06-01 290224]
S3 edgeupdatem;Služba Microsoft Edge Update (edgeupdatem); C:\Program Files\Microsoft\EdgeUpdate\MicrosoftEdgeUpdate.exe [2020-10-31 224152]
S3 GoogleChromeElevationService;Google Chrome Elevation Service; C:\Program Files\Google\Chrome\Application\86.0.4240.193\elevation_service.exe [2020-11-08 1123312]
S3 gupdatem;Služba Aktualizace Google (gupdatem); C:\Program Files\Google\Update\GoogleUpdate.exe [2017-06-07 153168]
S3 IEEtwCollectorService;@%SystemRoot%\system32\ieetwcollectorres.dll,-1000; C:\Windows\system32\IEEtwCollector.exe [2019-12-17 104960]
S3 LiveUpdate;LiveUpdate; C:\PROGRA~1\Symantec\LIVEUP~1\LUCOMS~1.EXE [2006-10-31 2541248]
S3 MicrosoftEdgeElevationService;Microsoft Edge Elevation Service (MicrosoftEdgeElevationService); C:\Program Files\Microsoft\Edge\Application\86.0.622.63\elevation_service.exe [2020-11-04 1360272]
S3 MozillaMaintenance;Mozilla Maintenance Service; C:\Program Files\Mozilla Maintenance Service\maintenanceservice.exe [2020-03-28 223432]
S3 ose;Office Source Engine; C:\Program Files\Common Files\Microsoft Shared\Source Engine\OSE.EXE [2003-07-28 89136]
S3 PDF Architect 5 CrashHandler;PDF Architect 5 CrashHandler; C:\Program Files\PDF Architect 5\crash-handler-ws.exe [2017-07-05 982200]
S3 PDF Architect 5;PDF Architect 5; C:\Program Files\PDF Architect 5\ws.exe [2017-07-05 2470576]
S3 PeerDistSvc;@%SystemRoot%\system32\peerdistsvc.dll,-9000; C:\Windows\System32\svchost.exe [2009-07-14 20992]
S3 StorSvc;@%SystemRoot%\System32\StorSvc.dll,-100; C:\Windows\System32\svchost.exe [2009-07-14 20992]
S3 UmRdpService;@%SystemRoot%\system32\umrdp.dll,-1000; C:\Windows\System32\svchost.exe [2009-07-14 20992]
S3 WiaRpc;@%SystemRoot%\system32\wiarpc.dll,-2; C:\Windows\system32\svchost.exe [2009-07-14 20992]
S4 aspnet_state;Stavová služba ASP.NET; C:\Windows\Microsoft.NET\Framework\v4.0.30319\aspnet_state.exe [2019-03-28 47960]
S4 NetMsmqActivator;@C:\Windows\Microsoft.NET\Framework\v4.0.30319\\ServiceModelInstallRC.dll,-8195; C:\Windows\Microsoft.NET\Framework\v4.0.30319\SMSvcHost.exe [2019-03-28 136256]
S4 NetPipeActivator;@C:\Windows\Microsoft.NET\Framework\v4.0.30319\\ServiceModelInstallRC.dll,-8197; C:\Windows\Microsoft.NET\Framework\v4.0.30319\SMSvcHost.exe [2019-03-28 136256]
S4 NetTcpActivator;@C:\Windows\Microsoft.NET\Framework\v4.0.30319\\ServiceModelInstallRC.dll,-8199; C:\Windows\Microsoft.NET\Framework\v4.0.30319\SMSvcHost.exe [2019-03-28 136256]

-----------------EOF-----------------

#2 Příspěvek od **Diallix** » 12 lis 2020 18:57

Dobry den.

Stiahnite si na plochu nastroj AdwCleaner, link. na stiahnutie tu: https://toolslib.net/downloads/finish/1/
Pred spustenim nastroja povypinajte vsetke beziace okna programov, to su vsetke beziace programy pod desktopom.
Kliknite pravym tlacidlom mysi na program -> spustit ako Administrator.
Pokracujte kliknutim na tlacidlo Prehladaj teraz (Scan now) a pockajte, kym sa system doskenuje.
Po skene nechajte oznacene vsetky chlieviky, pripadne najdene hrozieby a pokracujte v dolnom pravom rohu tlacidlom Vycistit Teraz (Clean and Repair).
Po restartovani PC sa spusti nastroj AdwCleaner, kliknite na Zobrazit soubor protokolu.
Spusti sa log, jeho obsah skopirujte sem.

Kowy · #3 Příspěvek od **Kowy** » 12 lis 2020 19:13

# -------------------------------
# Malwarebytes AdwCleaner 8.0.8.0
# -------------------------------
# Build: 10-08-2020
# Database: 2020-11-12.1 (Cloud)
# Support: https://www.malwarebytes.com/support
#
# -------------------------------
# Mode: Clean
# -------------------------------
# Start: 11-12-2020
# Duration: 00:00:20
# OS: Windows 7 Professional
# Cleaned: 7
# Failed: 1

***** [ Services ] *****

No malicious services cleaned.

***** [ Folders ] *****

No malicious folders cleaned.

***** [ Files ] *****

No malicious files cleaned.

***** [ DLL ] *****

No malicious DLLs cleaned.

***** [ WMI ] *****

No malicious WMI cleaned.

***** [ Shortcuts ] *****

No malicious shortcuts cleaned.

***** [ Tasks ] *****

No malicious tasks cleaned.

***** [ Registry ] *****

No malicious registry entries cleaned.

***** [ Chromium (and derivatives) ] *****

No malicious Chromium entries cleaned.

***** [ Chromium URLs ] *****

No malicious Chromium URLs cleaned.

***** [ Firefox (and derivatives) ] *****

No malicious Firefox entries cleaned.

***** [ Firefox URLs ] *****

No malicious Firefox URLs cleaned.

***** [ Hosts File Entries ] *****

No malicious hosts file entries cleaned.

***** [ Preinstalled Software ] *****

Deleted Preinstalled.HPSupportAssistant Folder C:\Program Files\HEWLETT-PACKARD\HP CUSTOMER FEEDBACK
Deleted Preinstalled.HPSupportAssistant Folder C:\Program Files\HEWLETT-PACKARD\HP SUPPORT FRAMEWORK
Deleted Preinstalled.HPSupportAssistant Folder C:\ProgramData\HEWLETT-PACKARD\HP SUPPORT FRAMEWORK
Deleted Preinstalled.HPSupportAssistant Folder C:\Users\PC\AppData\Local\HEWLETT-PACKARD\HP SUPPORT FRAMEWORK
Deleted Preinstalled.HPSupportAssistant Folder C:\Users\PC\AppData\Roaming\HEWLETT-PACKARD\HP SUPPORT FRAMEWORK
Deleted Preinstalled.HPSupportAssistant Registry HKLM\Software\Classes\CLSID\{C0ABBA07-B636-47B8-B9E1-BB96D7CD4831}
Deleted Preinstalled.HPSupportAssistant Registry HKLM\Software\Microsoft\Windows\CurrentVersion\Uninstall\{4780AF24-213D-4187-86F2-0014A6D6077B}
Not Deleted Preinstalled.HPSupportAssistant Folder C:\Program Files\HEWLETT-PACKARD\HP SUPPORT SOLUTIONS

*************************

[+] Delete Tracing Keys
[+] Reset Winsock

*************************

AdwCleaner[S00].txt - [2249 octets] - [12/11/2020 19:01:35]
AdwCleaner[S01].txt - [2310 octets] - [12/11/2020 19:05:54]

########## EOF - C:\AdwCleaner\Logs\AdwCleaner[C01].txt ##########

#4 Příspěvek od **Diallix** » 12 lis 2020 19:21

Poprosim o nove logy FRST + Addition

Kowy · #5 Příspěvek od **Kowy** » 12 lis 2020 20:39

logy z FRST mám prázdné, zasílám log z RSIT

Logfile of random's system information tool 1.10 (written by random/random)
Run by PC at 2020-11-12 20:34:45
Microsoft Windows 7 Professional Service Pack 1
System drive C: has 142 GB (60%) free of 238 GB
Total RAM: 3241 MB (68% free)

Logfile of Trend Micro HijackThis v2.0.4
Scan saved at 20:35:55, on 12.11.2020
Platform: Windows 7 SP1 (WinNT 6.00.3505)
MSIE: Internet Explorer v11.0 (11.00.9600.19597)
Boot mode: Normal

Running processes:
C:\Windows\system32\taskhost.exe
C:\Program Files\AVAST Software\Avast\aswEngSrv.exe
C:\Windows\Explorer.EXE
C:\Windows\system32\Dwm.exe
C:\Windows\System32\igfxtray.exe
C:\Windows\System32\hkcmd.exe
C:\Windows\System32\igfxpers.exe
C:\Program Files\Cobian Backup 11\cbInterface.exe
C:\Program Files\ESET\ESET Endpoint Security\egui.exe
C:\Program Files\AVAST Software\Avast\AvastUI.exe
C:\Program Files\DAEMON Tools Ultra\DTAgent.exe
C:\Program Files\Safe In Cloud\SafeInCloud.exe
C:\Windows\system32\taskeng.exe
C:\Program Files\CCleaner\CCleaner.exe
C:\Users\PC\AppData\Local\SynologyDrive\SynologyDrive.app\bin\cloud-drive-ui.exe
C:\Program Files\TeamViewer\TeamViewer.exe
C:\Users\PC\AppData\Local\SynologyDrive\SynologyDrive.app\bin\cloud-drive-connect.exe
C:\Windows\system32\conhost.exe
C:\Users\PC\AppData\Local\SynologyDrive\SynologyDrive.app\bin\cloud-drive-daemon.exe
C:\Windows\system32\conhost.exe
C:\Program Files\DAEMON Tools Ultra\DTShellHlp.exe
C:\Program Files\AVAST Software\Avast\AvastUI.exe
C:\Program Files\AVAST Software\Avast\AvastUI.exe
C:\totalcmd\TOTALCMD.EXE
C:\Users\PC\Desktop\RSIT (1).exe
C:\Program Files\trend micro\PC.exe

R1 - HKCU\Software\Microsoft\Internet Explorer\Main,Search Page = http://go.microsoft.com/fwlink/?LinkId=54896
R0 - HKCU\Software\Microsoft\Internet Explorer\Main,Start Page = http://go.microsoft.com/fwlink/?LinkId=69157
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = http://go.microsoft.com/fwlink/p/?LinkId=255141
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Search_URL = http://go.microsoft.com/fwlink/?LinkId=54896
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Search Page = http://go.microsoft.com/fwlink/?LinkId=54896
R0 - HKLM\Software\Microsoft\Internet Explorer\Main,Start Page = http://go.microsoft.com/fwlink/p/?LinkId=255141
R0 - HKLM\Software\Microsoft\Internet Explorer\Search,SearchAssistant =
R0 - HKLM\Software\Microsoft\Internet Explorer\Search,CustomizeSearch =
R0 - HKCU\Software\Microsoft\Internet Explorer\Toolbar,LinksFolderName =
O2 - BHO: IEToEdge BHO - {1FD49718-1D00-4B19-AF5F-070AF6D5D54C} - C:\Program Files\Microsoft\Edge\Application\86.0.622.63\BHO\ie_to_edge_bho.dll
O2 - BHO: PDF Architect 5 Helper - {AEA429F3-D2D4-4BD7-A03E-5357DA017733} - C:\Program Files\PDF Architect 5\creator-ie-helper.dll
O3 - Toolbar: PDF Architect 5 Toolbar - {84F23192-A475-4038-B5C0-8584777F2DF4} - C:\Program Files\PDF Architect 5\creator-ie-plugin.dll
O4 - HKLM\..\Run: [IgfxTray] "C:\Windows\system32\igfxtray.exe"
O4 - HKLM\..\Run: [HotKeysCmds] "C:\Windows\system32\hkcmd.exe"
O4 - HKLM\..\Run: [Persistence] "C:\Windows\system32\igfxpers.exe"
O4 - HKLM\..\Run: [Cobian Backup 11 interface] "C:\Program Files\Cobian Backup 11\cbInterface.exe" -service
O4 - HKLM\..\Run: [AvastUI.exe] "C:\Program Files\AVAST Software\Avast\AvLaunch.exe" /gui
O4 - HKCU\..\Run: [DAEMON Tools Ultra Agent] "C:\Program Files\DAEMON Tools Ultra\DTAgent.exe" -autorun
O4 - HKCU\..\Run: [SafeInCloud] "C:\Program Files\Safe In Cloud\SafeInCloud.exe" /auto-start
O4 - HKCU\..\Run: [CCleaner Smart Cleaning] "C:\Program Files\CCleaner\CCleaner.exe" /MONITOR
O4 - HKUS\S-1-5-19\..\Run: [Sidebar] %ProgramFiles%\Windows Sidebar\Sidebar.exe /autoRun (User 'LOCAL SERVICE')
O4 - HKUS\S-1-5-19\..\RunOnce: [mctadmin] C:\Windows\System32\mctadmin.exe (User 'LOCAL SERVICE')
O4 - HKUS\S-1-5-20\..\Run: [Sidebar] %ProgramFiles%\Windows Sidebar\Sidebar.exe /autoRun (User 'NETWORK SERVICE')
O4 - HKUS\S-1-5-20\..\RunOnce: [mctadmin] C:\Windows\System32\mctadmin.exe (User 'NETWORK SERVICE')
O4 - HKUS\S-1-5-18\..\RunOnce: [SPReview] "C:\Windows\System32\SPReview\SPReview.exe" /sp:1 /errorfwlink:"http://go.microsoft.com/fwlink/?LinkID=122915" /build:7601 (User 'SYSTEM')
O4 - HKUS\.DEFAULT\..\RunOnce: [SPReview] "C:\Windows\System32\SPReview\SPReview.exe" /sp:1 /errorfwlink:"http://go.microsoft.com/fwlink/?LinkID=122915" /build:7601 (User 'Default user')
O4 - Startup: Synology Drive.lnk = C:\Program Files\Synology\SynologyDrive\bin\launcher.exe
O8 - Extra context menu item: E&xportovat do aplikace Microsoft Office Excel - res://C:\PROGRA~1\MICROS~1\OFFICE11\EXCEL.EXE/3000
O9 - Extra button: Zdroje informací - {92780B25-18CC-41C8-B9BE-3C9C571A8263} - C:\PROGRA~1\MICROS~1\OFFICE11\REFIEBAR.DLL
O11 - Options group: [ACCELERATED_GRAPHICS] Accelerated graphics
O15 - Trusted Zone: *.dell.com
O23 - Service: 602Updater (602XML Updater) - Software602 a.s. - C:\Program Files\Common Files\soft602\602updsvc\602updsvc.exe
O23 - Service: Adobe Acrobat Update Service (AdobeARMservice) - Adobe Inc. - C:\Program Files\Common Files\Adobe\ARM\1.0\armsvc.exe
O23 - Service: Adobe Flash Player Update Service (AdobeFlashPlayerUpdateSvc) - Adobe - C:\Windows\system32\Macromed\Flash\FlashPlayerUpdateService.exe
O23 - Service: aswbIDSAgent - AVAST Software - C:\Program Files\AVAST Software\Avast\aswidsagent.exe
O23 - Service: Služba Avast Browser Update (avast) (avast) - AVAST Software - C:\Program Files\AVAST Software\Browser\Update\AvastBrowserUpdate.exe
O23 - Service: Avast Antivirus (avast! Antivirus) - AVAST Software - C:\Program Files\AVAST Software\Avast\AvastSvc.exe
O23 - Service: Služba Avast Browser Update (avastm) (avastm) - AVAST Software - C:\Program Files\AVAST Software\Browser\Update\AvastBrowserUpdate.exe
O23 - Service: Avast Secure Browser Elevation Service (AvastSecureBrowserElevationService) - AVAST Software - C:\Program Files\AVAST Software\Browser\Application\86.1.6738.112\elevation_service.exe
O23 - Service: Cobian Backup 11 Stínová kopie - Requester (cbVSCService11) - CobianSoft, Luis Cobian - C:\Program Files\Cobian Backup 11\cbVSCService11.exe
O23 - Service: Služba CCleaner Browser Update (ccleaner) (ccleaner) - Piriform Software - C:\Program Files\CCleaner Browser\Update\CCleanerBrowserUpdate.exe
O23 - Service: CCleaner Browser Elevation Service (CCleanerBrowserElevationService) - Piriform Software - C:\Program Files\CCleaner Browser\Application\86.0.6404.78\elevation_service.exe
O23 - Service: Služba CCleaner Browser Update (ccleanerm) (ccleanerm) - Piriform Software - C:\Program Files\CCleaner Browser\Update\CCleanerBrowserUpdate.exe
O23 - Service: Cobian Backup 11 Gravity (CobianBackup11) - Luis Cobian, CobianSoft - C:\Program Files\Cobian Backup 11\cbService.exe
O23 - Service: Intel(R) Content Protection HECI Service (cphs) - Intel Corporation - C:\Windows\system32\IntelCpHeciSvc.exe
O23 - Service: Disc Soft Ultra Bus Service - Disc Soft Ltd - C:\Program Files\DAEMON Tools Ultra\DiscSoftBusServiceUltra.exe
O23 - Service: ESET Service (ekrn) - ESET - C:\Program Files\ESET\ESET Endpoint Security\ekrn.exe
O23 - Service: Google Chrome Elevation Service (GoogleChromeElevationService) - Google LLC - C:\Program Files\Google\Chrome\Application\86.0.4240.193\elevation_service.exe
O23 - Service: Služba Aktualizace Google (gupdate) (gupdate) - Google Inc. - C:\Program Files\Google\Update\GoogleUpdate.exe
O23 - Service: Služba Aktualizace Google (gupdatem) (gupdatem) - Google Inc. - C:\Program Files\Google\Update\GoogleUpdate.exe
O23 - Service: HP Support Solutions Framework Service (HPSupportSolutionsFrameworkService) - HP Inc. - C:\Program Files\Hewlett-Packard\HP Support Solutions\HPSupportSolutionsFrameworkService.exe
O23 - Service: LiveUpdate - Symantec Corporation - C:\PROGRA~1\Symantec\LIVEUP~1\LUCOMS~1.EXE
O23 - Service: Mozilla Maintenance Service (MozillaMaintenance) - Mozilla Foundation - C:\Program Files\Mozilla Maintenance Service\maintenanceservice.exe
O23 - Service: PDF Architect 5 - pdfforge GmbH - C:\Program Files\PDF Architect 5\ws.exe
O23 - Service: PDF Architect 5 CrashHandler - pdfforge GmbH - C:\Program Files\PDF Architect 5\crash-handler-ws.exe
O23 - Service: PDF Architect 5 Creator - pdfforge GmbH - C:\Program Files\PDF Architect 5\creator-ws.exe
O23 - Service: PDF Architect 5 Manager - Â© pdfforge GmbH. - C:\Program Files\PDF Architect 5 Manager\PDF Architect 5\Architect Manager.exe
O23 - Service: Synology Drive VSS Service - Unknown owner - C:\Program Files\Synology\SynologyDrive\bin\vss-service.exe
O23 - Service: TeamViewer 13 (TeamViewer) - TeamViewer GmbH - C:\Program Files\TeamViewer\TeamViewer_Service.exe

--
End of file - 8538 bytes

=========Mozilla firefox=========

ProfilePath - C:\Users\PC\AppData\Roaming\Mozilla\Firefox\Profiles\3qzsf14o.default-1496819535780

[HKEY_LOCAL_MACHINE\SOFTWARE\MozillaPlugins\@adobe.com/FlashPlayer]
"Description"=Adobe® Flash® Player 32.0.0.453 Plugin
"Path"=C:\Windows\system32\Macromed\Flash\NPSWF32_32_0_0_453.dll

[HKEY_LOCAL_MACHINE\SOFTWARE\MozillaPlugins\@software602.cz/602XML Filler]
"Description"=602XML Filler Plugin
"Path"=C:\Program Files\Software602\602XML\Filler\npfiller.dll

[HKEY_LOCAL_MACHINE\SOFTWARE\MozillaPlugins\@update.avastbrowser.com/Avast Browser;version=3]
"Description"=Avast Browser
"Path"=C:\Program Files\AVAST Software\Browser\Update\1.8.1065.0\npAvastBrowserUpdate3.dll

[HKEY_LOCAL_MACHINE\SOFTWARE\MozillaPlugins\@update.avastbrowser.com/Avast Browser;version=9]
"Description"=Avast Browser
"Path"=C:\Program Files\AVAST Software\Browser\Update\1.8.1065.0\npAvastBrowserUpdate3.dll

[HKEY_LOCAL_MACHINE\SOFTWARE\MozillaPlugins\@update.ccleanerbrowser.com/CCleaner Browser;version=3]
"Description"=CCleaner Browser
"Path"=C:\Program Files\CCleaner Browser\Update\1.8.1067.0\npCCleanerBrowserUpdate3.dll

[HKEY_LOCAL_MACHINE\SOFTWARE\MozillaPlugins\@update.ccleanerbrowser.com/CCleaner Browser;version=9]
"Description"=CCleaner Browser
"Path"=C:\Program Files\CCleaner Browser\Update\1.8.1067.0\npCCleanerBrowserUpdate3.dll

[HKEY_LOCAL_MACHINE\SOFTWARE\MozillaPlugins\Adobe Reader]
"Description"=Handles PDFs in-place in Firefox
"Path"=C:\Program Files\Adobe\Acrobat Reader DC\Reader\AIR\nppdf32.dll

[HKEY_LOCAL_MACHINE\SOFTWARE\MozillaPlugins\PDF Architect 5]
"Description"=
"Path"=C:\Program Files\PDF Architect 5\np-previewer.dll

======Registry dump======

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{1FD49718-1D00-4B19-AF5F-070AF6D5D54C}]
IEToEdge BHO - C:\Program Files\Microsoft\Edge\Application\86.0.622.63\BHO\ie_to_edge_bho.dll [2020-11-04 398224]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{AEA429F3-D2D4-4BD7-A03E-5357DA017733}]
PDF Architect 5 Helper - C:\Program Files\PDF Architect 5\creator-ie-helper.dll [2017-07-05 45744]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Internet Explorer\Toolbar]
{84F23192-A475-4038-B5C0-8584777F2DF4} - PDF Architect 5 Toolbar - C:\Program Files\PDF Architect 5\creator-ie-plugin.dll [2017-07-05 555696]

[HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Run]
"IgfxTray"=C:\Windows\system32\igfxtray.exe [2015-06-01 157104]
"HotKeysCmds"=C:\Windows\system32\hkcmd.exe [2015-06-01 192432]
"Persistence"=C:\Windows\system32\igfxpers.exe [2015-06-01 201136]
"Cobian Backup 11 interface"=C:\Program Files\Cobian Backup 11\cbInterface.exe [2013-03-07 4407808]
"AvastUI.exe"=C:\Program Files\AVAST Software\Avast\AvLaunch.exe [2020-10-31 98408]

[HKEY_CURRENT_USER\Software\Microsoft\Windows\CurrentVersion\Run]
"DAEMON Tools Ultra Agent"=C:\Program Files\DAEMON Tools Ultra\DTAgent.exe [2018-02-15 955072]
"SafeInCloud"=C:\Program Files\Safe In Cloud\SafeInCloud.exe [2019-02-13 2337792]
"CCleaner Smart Cleaning"=C:\Program Files\CCleaner\CCleaner.exe [2020-11-10 26781880]

C:\Users\PC\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup
Synology Drive.lnk - C:\Program Files\Synology\SynologyDrive\bin\launcher.exe

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Winlogon\Notify\igfxcui]
C:\Windows\system32\igfxdev.dll [2015-06-01 339456]

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\Lsa]
"notification packages"=scecli
C:\Program Files\TrueKey\McAfeeTrueKeyPasswordFilter
"C:\Program Files\TrueKey\McAfeeTrueKeyPasswordFilter"

[HKEY_LOCAL_MACHINE\system\currentcontrolset\control\securityproviders]
"SecurityProviders"=credssp.dll

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\network\AFD]

[HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Policies\System]
"ConsentPromptBehaviorAdmin"=5
"ConsentPromptBehaviorUser"=3
"EnableUIADesktopToggle"=0
"dontdisplaylastusername"=0
"legalnoticecaption"=
"legalnoticetext"=
"shutdownwithoutlogon"=1
"undockwithoutlogon"=1

[HKEY_LOCAL_MACHINE\system\currentcontrolset\services\sharedaccess\parameters\firewallpolicy\standardprofile\authorizedapplications\list]

[HKEY_LOCAL_MACHINE\system\currentcontrolset\services\sharedaccess\parameters\firewallpolicy\domainprofile\authorizedapplications\list]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Drivers32]
"vidc.mrle"=msrle32.dll
"vidc.msvc"=msvidc32.dll
"msacm.imaadpcm"=imaadp32.acm
"msacm.msg711"=msg711.acm
"msacm.msgsm610"=msgsm32.acm
"msacm.msadpcm"=msadp32.acm
"midimapper"=midimap.dll
"wavemapper"=msacm32.drv
"vidc.uyvy"=msyuv.dll
"vidc.yuy2"=msyuv.dll
"vidc.yvyu"=msyuv.dll
"vidc.iyuv"=iyuv_32.dll
"vidc.i420"=iyuv_32.dll
"vidc.yvu9"=tsbyuv.dll
"msacm.l3acm"=C:\Windows\System32\l3codeca.acm
"vidc.cvid"=iccvid.dll
"wave"=wdmaud.drv
"midi"=wdmaud.drv
"mixer"=wdmaud.drv
"aux"=wdmaud.drv
"wave1"=wdmaud.drv
"midi1"=wdmaud.drv
"mixer1"=wdmaud.drv
"aux1"=wdmaud.drv

======File associations======

.js - edit - C:\Windows\System32\Notepad.exe %1
.js - open - C:\Windows\System32\WScript.exe "%1" %*

======List of files/folders created in the last 1 month======

2020-11-12 19:38:21 ----D---- C:\FRST
2020-11-12 19:01:05 ----D---- C:\AdwCleaner
2020-11-12 18:43:52 ----D---- C:\Program Files\trend micro
2020-11-12 18:43:51 ----D---- C:\rsit
2020-10-31 15:22:07 ----D---- C:\Users\PC\AppData\Roaming\DidaktaCZ
2020-10-31 15:22:00 ----D---- C:\Program Files\DidaktaCZ
2020-10-31 12:55:42 ----D---- C:\Program Files\Microsoft
2020-10-31 11:48:39 ----A---- C:\Windows\system32\aswBoot.exe
2020-10-31 11:48:34 ----A---- C:\Windows\system32\drivers\aswStm.sys
2020-10-31 11:48:32 ----A---- C:\Windows\system32\drivers\aswNetHub.sys
2020-10-31 11:48:32 ----A---- C:\Windows\system32\drivers\aswMonFlt.sys
2020-10-31 11:46:04 ----A---- C:\Windows\system32\drivers\aswNetNd6.sys

======List of files/folders modified in the last 1 month======

2020-11-12 20:29:45 ----D---- C:\Windows\Temp
2020-11-12 20:23:28 ----D---- C:\ProgramData\AVAST Software
2020-11-12 20:21:34 ----SHD---- C:\System Volume Information
2020-11-12 20:19:24 ----D---- C:\Windows\system32\config
2020-11-12 20:10:47 ----D---- C:\Program Files\CCleaner
2020-11-12 20:08:23 ----D---- C:\Program Files\TeamViewer
2020-11-12 20:03:34 ----SHD---- C:\Windows\Installer
2020-11-12 19:09:18 ----D---- C:\Windows\system32\Tasks
2020-11-12 19:06:27 ----D---- C:\Users\PC\AppData\Roaming\Hewlett-Packard
2020-11-12 19:06:27 ----D---- C:\Program Files\Hewlett-Packard
2020-11-12 18:43:52 ----RD---- C:\Program Files
2020-11-12 18:09:46 ----D---- C:\Windows
2020-11-12 17:57:40 ----D---- C:\Windows\system32\MRT
2020-11-12 17:53:33 ----D---- C:\Windows\debug
2020-11-12 17:53:21 ----AC---- C:\Windows\system32\MRT.exe
2020-11-12 17:40:17 ----D---- C:\Program Files\CCleaner Browser
2020-11-12 17:38:56 ----HD---- C:\Config.Msi
2020-11-12 17:37:08 ----D---- C:\Windows\System32
2020-11-12 17:37:05 ----A---- C:\Windows\system32\FlashPlayerApp.exe
2020-11-12 17:37:02 ----D---- C:\Windows\system32\Macromed
2020-11-12 17:36:51 ----D---- C:\Windows\Prefetch
2020-11-07 11:14:48 ----D---- C:\Windows\inf
2020-11-07 11:14:48 ----A---- C:\Windows\system32\PerfStringBackup.INI
2020-10-31 12:58:33 ----D---- C:\Windows\winsxs
2020-10-31 12:56:14 ----SD---- C:\ProgramData\Microsoft
2020-10-31 12:54:03 ----D---- C:\Windows\system32\drivers
2020-10-31 11:59:19 ----D---- C:\Windows\Minidump
2020-10-31 11:49:45 ----D---- C:\Windows\system32\DriverStore
2020-10-31 11:28:09 ----SD---- C:\Windows\system32\Microsoft

======List of drivers (R=Running, S=Stopped, 0=Boot, 1=System, 2=Auto, 3=Demand, 4=Disabled)======

R0 aswArDisk;aswArDisk; C:\Windows\system32\drivers\aswArDisk.sys [2020-10-31 35040]
R0 aswbidsh;aswbidsh; C:\Windows\system32\drivers\aswbidsh.sys [2020-10-31 154696]
R0 aswbuniv;aswbuniv; C:\Windows\system32\drivers\aswbuniv.sys [2020-10-31 55888]
R0 aswRvrt;aswRvrt; C:\Windows\system32\drivers\aswRvrt.sys [2020-10-31 72840]
R0 aswVmm;aswVmm; C:\Windows\system32\drivers\aswVmm.sys [2020-10-31 277960]
R0 pciide;pciide; C:\Windows\system32\drivers\pciide.sys [2009-07-14 12368]
R0 rdyboost;ReadyBoost; C:\Windows\System32\drivers\rdyboost.sys [2018-01-01 173288]
R0 vmbus;@%SystemRoot%\system32\vmbusres.dll,-1000; C:\Windows\system32\drivers\vmbus.sys [2010-11-20 175360]
R1 aswArPot;aswArPot; C:\Windows\system32\drivers\aswArPot.sys [2020-10-31 175776]
R1 aswbidsdriver;aswbidsdriver; C:\Windows\system32\drivers\aswbidsdriver.sys [2020-10-31 189520]
R1 aswKbd;aswKbd; C:\Windows\system32\drivers\aswKbd.sys [2020-10-31 40736]
R1 aswNetHub;aswNetHub; C:\Windows\system32\drivers\aswNetHub.sys [2020-10-31 375192]
R1 aswRdr;aswRdr; C:\Windows\system32\drivers\aswRdr2.sys [2020-10-31 94192]
R1 aswSnx;aswSnx; C:\Windows\system32\drivers\aswSnx.sys [2020-10-31 691064]
R1 aswSP;aswSP; C:\Windows\system32\drivers\aswSP.sys [2020-10-31 396616]
R1 CSC;@%systemroot%\system32\cscsvc.dll,-202; C:\Windows\system32\drivers\csc.sys [2018-06-29 389632]
R1 eamonm;eamonm; C:\Windows\system32\DRIVERS\eamonm.sys [2017-02-09 215336]
R1 ehdrv;ehdrv; C:\Windows\system32\DRIVERS\ehdrv.sys [2017-02-09 160736]
R1 epfw;epfw; C:\Windows\system32\DRIVERS\epfw.sys [2017-02-09 121224]
R1 epfwwfp;epfwwfp; C:\Windows\system32\DRIVERS\epfwwfp.sys [2017-02-09 86952]
R2 aswMonFlt;aswMonFlt; C:\Windows\system32\drivers\aswMonFlt.sys [2020-10-31 147712]
R2 aswStm;aswStm; C:\Windows\system32\drivers\aswStm.sys [2020-10-31 163312]
R3 aswNetNd6;Avast Firewall NDIS6 Helper; C:\Windows\system32\DRIVERS\aswNetNd6.sys [2020-10-31 36104]
R3 dtultrascsibus;DAEMON Tools Ultra Virtual SCSI Bus; C:\Windows\system32\DRIVERS\dtultrascsibus.sys [2018-03-14 26168]
R3 dtultrausbbus;DAEMON Tools Ultra Virtual USB Bus; C:\Windows\system32\DRIVERS\dtultrausbbus.sys [2018-03-14 40504]
R3 igfx;igfx; C:\Windows\system32\DRIVERS\igdkmd32.sys [2015-06-01 3788752]
R3 MEI;Intel(R) Management Engine Interface; C:\Windows\system32\DRIVERS\HECI.sys [2011-04-20 41088]
R3 RTL8167;Realtek 8167 NT Driver; C:\Windows\system32\DRIVERS\Rt86win7.sys [2011-06-10 394856]
S1 EpfwLWF;ESET Personal Firewall; C:\Windows\system32\DRIVERS\EpfwLWF.sys [2017-02-09 52680]
S2 npf;NetGroup Packet Filter Driver; \??\C:\Windows\system32\drivers\npf.sys []
S2 Parvdm;Parvdm; C:\Windows\system32\DRIVERS\parvdm.sys [2009-07-14 8704]
S3 aic78xx;aic78xx; C:\Windows\system32\DRIVERS\djsvs.sys [2009-07-14 70720]
S3 amdagp;Ovladač filtru AMD portu AGP; C:\Windows\system32\drivers\amdagp.sys [2019-04-19 52968]
S3 b57nd60x;Broadcom NetXtreme Gigabit Ethernet - NDIS 6.0; C:\Windows\system32\DRIVERS\b57nd60x.sys [2009-07-13 229888]
S3 RDPDR;Terminal Server Device Redirector Driver; C:\Windows\System32\drivers\rdpdr.sys [2010-11-20 133632]
S3 RdpVideoMiniport;Remote Desktop Video Miniport Driver; C:\Windows\System32\drivers\rdpvideominiport.sys [2012-08-23 14848]
S3 s3cap;s3cap; C:\Windows\system32\drivers\vms3cap.sys [2010-11-20 5632]
S3 sisagp;Filtr SIS sběrnice AGP; C:\Windows\system32\drivers\sisagp.sys [2019-04-19 51944]
S3 StillCam;Ovladač digitálního fotoaparátu pro sériový port; C:\Windows\system32\DRIVERS\serscan.sys [2009-07-14 9216]
S3 storvsc;storvsc; C:\Windows\system32\drivers\storvsc.sys [2010-11-20 28032]
S3 TsUsbFlt;@%SystemRoot%\system32\drivers\tsusbflt.sys,-1; C:\Windows\System32\drivers\tsusbflt.sys [2013-10-02 49152]
S3 viaagp;Filtr VIA sběrnice AGP; C:\Windows\system32\drivers\viaagp.sys [2019-04-19 52968]
S3 ViaC7;Ovladač procesoru VIA C7; C:\Windows\system32\drivers\viac7.sys [2020-01-03 53248]
S3 VMBusHID;VMBusHID; C:\Windows\system32\drivers\VMBusHID.sys [2010-11-20 17920]
S3 WDC_SAM;WD SCSI Pass Thru driver; C:\Windows\system32\DRIVERS\wdcsam.sys [2015-04-29 20256]
S3 WinUsb;WinUsb; C:\Windows\system32\DRIVERS\WinUsb.sys [2010-11-20 35968]

======List of services (R=Running, S=Stopped, 0=Boot, 1=System, 2=Auto, 3=Demand, 4=Disabled)======

R2 602XML Updater;602Updater; C:\Program Files\Common Files\soft602\602updsvc\602updsvc.exe [2011-10-10 85344]
R2 AdobeARMservice;Adobe Acrobat Update Service; C:\Program Files\Common Files\Adobe\ARM\1.0\armsvc.exe [2020-09-06 169544]
R2 avast! Antivirus;Avast Antivirus; C:\Program Files\AVAST Software\Avast\AvastSvc.exe [2020-10-31 332344]
R2 cbVSCService11;Cobian Backup 11 Stínová kopie - Requester; C:\Program Files\Cobian Backup 11\cbVSCService11.exe [2013-03-07 67584]
R2 CobianBackup11;Cobian Backup 11 Gravity; C:\Program Files\Cobian Backup 11\cbService.exe [2013-03-07 1131008]
R2 CscService;@%systemroot%\system32\cscsvc.dll,-200; C:\Windows\System32\svchost.exe [2009-07-14 20992]
R2 DiagTrack;@%SystemRoot%\system32\UtcResources.dll,-3001; C:\Windows\System32\svchost.exe [2009-07-14 20992]
R2 ekrn;ESET Service; C:\Program Files\ESET\ESET Endpoint Security\ekrn.exe [2017-02-24 2002480]
R2 HPSupportSolutionsFrameworkService;HP Support Solutions Framework Service; C:\Program Files\Hewlett-Packard\HP Support Solutions\HPSupportSolutionsFrameworkService.exe [2016-12-07 31776]
R2 Net Driver HPZ12;Net Driver HPZ12; C:\Windows\System32\svchost.exe [2009-07-14 20992]
R2 PDF Architect 5 Creator;PDF Architect 5 Creator; C:\Program Files\PDF Architect 5\creator-ws.exe [2017-07-05 780984]
R2 PDF Architect 5 Manager;PDF Architect 5 Manager; C:\Program Files\PDF Architect 5 Manager\PDF Architect 5\Architect Manager.exe [2017-05-16 985848]
R2 Pml Driver HPZ12;Pml Driver HPZ12; C:\Windows\System32\svchost.exe [2009-07-14 20992]
R2 Synology Drive VSS Service;Synology Drive VSS Service; C:\Program Files\Synology\SynologyDrive\bin\vss-service.exe [2018-09-03 247320]
R2 TeamViewer;TeamViewer 13; C:\Program Files\TeamViewer\TeamViewer_Service.exe [2020-07-13 11481104]
R3 aswbIDSAgent;aswbIDSAgent; C:\Program Files\AVAST Software\Avast\aswidsagent.exe [2020-10-31 7522208]
R3 Disc Soft Ultra Bus Service;Disc Soft Ultra Bus Service; C:\Program Files\DAEMON Tools Ultra\DiscSoftBusServiceUltra.exe [2018-02-15 4848832]
S2 avast;Služba Avast Browser Update (avast); C:\Program Files\AVAST Software\Browser\Update\AvastBrowserUpdate.exe [2020-10-31 194200]
S2 ccleaner;Služba CCleaner Browser Update (ccleaner); C:\Program Files\CCleaner Browser\Update\CCleanerBrowserUpdate.exe [2020-10-31 200928]
S2 clr_optimization_v4.0.30319_32;Microsoft .NET Framework NGEN v4.0.30319_X86; C:\Windows\Microsoft.NET\Framework\v4.0.30319\mscorsvw.exe [2019-03-28 132792]
S2 edgeupdate;Služba Microsoft Edge Update (edgeupdate); C:\Program Files\Microsoft\EdgeUpdate\MicrosoftEdgeUpdate.exe [2020-10-31 224152]
S2 gupdate;Služba Aktualizace Google (gupdate); C:\Program Files\Google\Update\GoogleUpdate.exe [2017-06-07 153168]
S3 AdobeFlashPlayerUpdateSvc;Adobe Flash Player Update Service; C:\Windows\system32\Macromed\Flash\FlashPlayerUpdateService.exe [2020-11-12 335416]
S3 AppMgmt;@appmgmts.dll,-3250; C:\Windows\system32\svchost.exe [2009-07-14 20992]
S3 avastm;Služba Avast Browser Update (avastm); C:\Program Files\AVAST Software\Browser\Update\AvastBrowserUpdate.exe [2020-10-31 194200]
S3 AvastSecureBrowserElevationService;Avast Secure Browser Elevation Service; C:\Program Files\AVAST Software\Browser\Application\86.1.6738.112\elevation_service.exe [2020-11-02 1136920]
S3 CCleanerBrowserElevationService;CCleaner Browser Elevation Service; C:\Program Files\CCleaner Browser\Application\86.0.6404.78\elevation_service.exe [2020-10-14 1136920]
S3 ccleanerm;Služba CCleaner Browser Update (ccleanerm); C:\Program Files\CCleaner Browser\Update\CCleanerBrowserUpdate.exe [2020-10-31 200928]
S3 cphs;Intel(R) Content Protection HECI Service; C:\Windows\system32\IntelCpHeciSvc.exe [2015-06-01 290224]
S3 edgeupdatem;Služba Microsoft Edge Update (edgeupdatem); C:\Program Files\Microsoft\EdgeUpdate\MicrosoftEdgeUpdate.exe [2020-10-31 224152]
S3 GoogleChromeElevationService;Google Chrome Elevation Service; C:\Program Files\Google\Chrome\Application\86.0.4240.193\elevation_service.exe [2020-11-08 1123312]
S3 gupdatem;Služba Aktualizace Google (gupdatem); C:\Program Files\Google\Update\GoogleUpdate.exe [2017-06-07 153168]
S3 IEEtwCollectorService;@%SystemRoot%\system32\ieetwcollectorres.dll,-1000; C:\Windows\system32\IEEtwCollector.exe [2019-12-17 104960]
S3 LiveUpdate;LiveUpdate; C:\PROGRA~1\Symantec\LIVEUP~1\LUCOMS~1.EXE [2006-10-31 2541248]
S3 MicrosoftEdgeElevationService;Microsoft Edge Elevation Service (MicrosoftEdgeElevationService); C:\Program Files\Microsoft\Edge\Application\86.0.622.63\elevation_service.exe [2020-11-04 1360272]
S3 MozillaMaintenance;Mozilla Maintenance Service; C:\Program Files\Mozilla Maintenance Service\maintenanceservice.exe [2020-03-28 223432]
S3 ose;Office Source Engine; C:\Program Files\Common Files\Microsoft Shared\Source Engine\OSE.EXE [2003-07-28 89136]
S3 PDF Architect 5 CrashHandler;PDF Architect 5 CrashHandler; C:\Program Files\PDF Architect 5\crash-handler-ws.exe [2017-07-05 982200]
S3 PDF Architect 5;PDF Architect 5; C:\Program Files\PDF Architect 5\ws.exe [2017-07-05 2470576]
S3 PeerDistSvc;@%SystemRoot%\system32\peerdistsvc.dll,-9000; C:\Windows\System32\svchost.exe [2009-07-14 20992]
S3 StorSvc;@%SystemRoot%\System32\StorSvc.dll,-100; C:\Windows\System32\svchost.exe [2009-07-14 20992]
S3 UmRdpService;@%SystemRoot%\system32\umrdp.dll,-1000; C:\Windows\System32\svchost.exe [2009-07-14 20992]
S3 WiaRpc;@%SystemRoot%\system32\wiarpc.dll,-2; C:\Windows\system32\svchost.exe [2009-07-14 20992]
S4 aspnet_state;Stavová služba ASP.NET; C:\Windows\Microsoft.NET\Framework\v4.0.30319\aspnet_state.exe [2019-03-28 47960]
S4 NetMsmqActivator;@C:\Windows\Microsoft.NET\Framework\v4.0.30319\\ServiceModelInstallRC.dll,-8195; C:\Windows\Microsoft.NET\Framework\v4.0.30319\SMSvcHost.exe [2019-03-28 136256]
S4 NetPipeActivator;@C:\Windows\Microsoft.NET\Framework\v4.0.30319\\ServiceModelInstallRC.dll,-8197; C:\Windows\Microsoft.NET\Framework\v4.0.30319\SMSvcHost.exe [2019-03-28 136256]
S4 NetTcpActivator;@C:\Windows\Microsoft.NET\Framework\v4.0.30319\\ServiceModelInstallRC.dll,-8199; C:\Windows\Microsoft.NET\Framework\v4.0.30319\SMSvcHost.exe [2019-03-28 136256]

-----------------EOF-----------------

#6 Příspěvek od **Diallix** » 12 lis 2020 21:47

Ako myslite, ze prazdne?

Po skene vam naskocia dve okna, ich obsah skopirujte sem, potrebujem tie.

Kowy · #7 Příspěvek od **Kowy** » 13 lis 2020 18:46

Právě, že v těch oknech nic není

#8 Příspěvek od **Diallix** » 13 lis 2020 19:11

Mate dostatocne opravnenia? Z akej zlozky program spustate?

Skuste ho spustit z umiestnenia plochy pod administratorskym opravnenim.

Kowy · #9 Příspěvek od **Kowy** » 13 lis 2020 19:30

Už to jde, dával jsem to "spustit jako správce" až když jsem to spustil normálně, tak to funguje

==================== Registry (Whitelisted) ===================

(If an entry is included in the fixlist, the registry item will be restored to default or removed. The file will not be moved.)

HKLM\...\Run: [AvastUI.exe] => C:\Program Files\AVAST Software\Avast\AvLaunch.exe [98408 2020-10-31] (Avast Software s.r.o. -> AVAST Software)
HKLM\SOFTWARE\Policies\Microsoft\Windows Defender: Restriction <==== ATTENTION
HKU\S-1-5-21-656636110-7618775-4091062772-1000\...\Run: [SafeInCloud] => C:\Program Files\Safe In Cloud\SafeInCloud.exe [2337792 2019-02-13] () [File not signed]
HKU\S-1-5-21-656636110-7618775-4091062772-1000\...\MountPoints2: E - E:\SETUP.EXE
HKU\S-1-5-21-656636110-7618775-4091062772-1000\...\MountPoints2: {c96bcce9-2750-11e8-abfd-7845c4106ea3} - E:\SETUP.EXE
HKU\S-1-5-18\...\RunOnce: [SPReview] => C:\Windows\System32\SPReview\SPReview.exe [280576 2016-07-29] (Microsoft Windows -> Microsoft Corporation)
HKLM\...\Windows NT x86\Print Processors\hpcpp093: C:\Windows\System32\spool\prtprocs\W32X86\hpcpp093.DLL [281600 2009-10-14] (Hewlett-Packard Corporation) [File not signed]
HKLM\...\Windows NT x86\Print Processors\hpcpp108: C:\Windows\System32\spool\prtprocs\W32X86\hpcpp108.DLL [306688 2011-04-13] (Hewlett-Packard Corporation) [File not signed]
HKLM\...\Windows NT x86\Print Processors\ModiPrint: C:\Windows\System32\spool\prtprocs\W32X86\mdippr.dll [18944 2003-06-19] (Microsoft Corporation) [File not signed]
HKLM\...\Print\Monitors\HP Standard TCP/IP Port: C:\Windows\system32\HpTcpMon.dll [200704 2009-09-16] (Hewlett Packard) [File not signed]
HKLM\...\Print\Monitors\Microsoft Document Imaging Writer Monitor: C:\Windows\system32\mdimon.dll [17920 2003-06-19] (Microsoft Corporation) [File not signed]
HKLM\...\Print\Monitors\pdfcmon: C:\Windows\system32\pdfcmon.dll [97792 2017-10-18] (pdfforge GmbH) [File not signed]
HKLM\...\Print\Monitors\Software602 XPS port monitor: C:\Windows\system32\602localmon.dll [29696 2015-07-14] (Windows (R) Win 7 DDK provider) [File not signed]
HKLM\Software\Microsoft\Active Setup\Installed Components: [{052EB454-9F19-CB42-7875-807F79F311C4}] -> C:\Program Files\CCleaner Browser\Application\86.1.6738.114\Installer\chrmstp.exe [2020-11-12] (Piriform Software Ltd -> Piriform Software)
HKLM\Software\Microsoft\Active Setup\Installed Components: [{73FA19D0-2D75-11D2-995D-00C04F98BBC9}] ->
HKLM\Software\Microsoft\Active Setup\Installed Components: [{8A69D345-D564-463c-AFF1-A69D9E530F96}] -> C:\Program Files\Google\Chrome\Application\86.0.4240.193\Installer\chrmstp.exe [2020-11-12] (Google LLC -> Google LLC)
HKLM\Software\Microsoft\Active Setup\Installed Components: [{A6EADE66-0000-0000-484E-7E8A45000000}] -> C:\Program Files\Adobe\Acrobat Reader DC\Esl\AiodLite.dll [2020-09-11] (Adobe Inc. -> Adobe Systems, Inc.)
HKLM\Software\Microsoft\Active Setup\Installed Components: [{A8504530-742B-42BC-895D-2BAD6406F698}] -> C:\Program Files\AVAST Software\Browser\Application\86.1.6738.112\Installer\chrmstp.exe [2020-11-12] (Avast Software s.r.o. -> AVAST Software)
Lsa: [Notification Packages] scecli C:\Program Files\TrueKey\McAfeeTrueKeyPasswordFilter "C:\Program Files\TrueKey\McAfeeTrueKeyPasswordFilter"
HKLM\SOFTWARE\Policies\Mozilla\Firefox: Restriction <==== ATTENTION

==================== Scheduled Tasks (Whitelisted) ============

(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)

Task: {022A1EEA-0DDC-4E60-9D79-D6FD8675F934} - System32\Tasks\Avast Secure Browser Heartbeat Task (Hourly) => C:\Program Files\AVAST Software\Browser\Application\AvastBrowser.exe [1926680 2020-11-02] (Avast Software s.r.o. -> AVAST Software)
Task: {133049FE-C85A-46A0-A256-3736E0D3DAF6} - System32\Tasks\Avast Emergency Update => C:\Program Files\AVAST Software\Avast\AvEmUpdate.exe [3918440 2020-10-31] (Avast Software s.r.o. -> AVAST Software)
Task: {1F7B2C70-01D9-4F6E-87C7-8BF8E734D580} - System32\Tasks\CCleaner Browser Heartbeat Task (Hourly) => C:\Program Files\CCleaner Browser\Application\CCleanerBrowser.exe [1946312 2020-11-02] (Piriform Software Ltd -> Piriform Software)
Task: {314B608D-4025-4427-9EE0-5373931F61B3} - System32\Tasks\GoogleUpdateTaskMachineCore => C:\Program Files\Google\Update\GoogleUpdate.exe [153168 2017-06-07] (Google Inc -> Google Inc.)
Task: {3DBB05C0-852D-4FA6-9E03-F38E45B1AE19} - System32\Tasks\CCleanerUpdateTaskMachineUA => C:\Program Files\CCleaner Browser\Update\CCleanerBrowserUpdate.exe [200928 2020-10-31] (Piriform Software Ltd -> Piriform Software)
Task: {43E9DB6E-3B0D-4811-9BC5-D93EC3E14534} - System32\Tasks\Adobe Flash Player Updater => C:\Windows\system32\Macromed\Flash\FlashPlayerUpdateService.exe [335416 2020-11-12] (Adobe Inc. -> Adobe)
Task: {46CA06CC-F3B7-449B-8EC5-DDEA2B7432F5} - System32\Tasks\CCleaner Browser Heartbeat Task (Logon) => C:\Program Files\CCleaner Browser\Application\CCleanerBrowser.exe [1946312 2020-11-02] (Piriform Software Ltd -> Piriform Software)
Task: {5D05B4B9-3033-4DB9-8675-2A916D8A6B79} - System32\Tasks\AvastUpdateTaskMachineUA => C:\Program Files\AVAST Software\Browser\Update\AvastBrowserUpdate.exe [194200 2020-10-31] (Avast Software s.r.o. -> AVAST Software)
Task: {78EB2030-F45B-4058-9D65-E8E2644ECCAD} - System32\Tasks\Hewlett-Packard\HP Support Assistant\HP Support Assistant Quick Start => C:\Program Files\Hewlett-Packard\HP Support Framework\HPSF.exe
Task: {83ABEA7F-9ECC-461E-A433-B648BA68B000} - System32\Tasks\Avast Secure Browser Heartbeat Task (Logon) => C:\Program Files\AVAST Software\Browser\Application\AvastBrowser.exe [1926680 2020-11-02] (Avast Software s.r.o. -> AVAST Software)
Task: {83DA379F-D10B-4940-89F9-16D269A47D06} - System32\Tasks\Hewlett-Packard\HP Support Assistant\PC Health Analysis => C:\Program Files\Hewlett-Packard\HP Support Framework\HPSF.exe
Task: {8D35B152-44F3-484A-B9B5-B36C8CFA1122} - System32\Tasks\CCleanerUpdateTaskMachineCore => C:\Program Files\CCleaner Browser\Update\CCleanerBrowserUpdate.exe [200928 2020-10-31] (Piriform Software Ltd -> Piriform Software)
Task: {92161CA9-2C4A-4FAD-BE28-AB0AD208E84B} - System32\Tasks\GoogleUpdateTaskMachineUA => C:\Program Files\Google\Update\GoogleUpdate.exe [153168 2017-06-07] (Google Inc -> Google Inc.)
Task: {997EE4EE-820F-42F9-B3B2-D7F10530CE27} - System32\Tasks\AvastUpdateTaskMachineCore => C:\Program Files\AVAST Software\Browser\Update\AvastBrowserUpdate.exe [194200 2020-10-31] (Avast Software s.r.o. -> AVAST Software)
Task: {9FE5C054-BE19-4DC5-8F20-ACF1BCE8962F} - System32\Tasks\Avast Software\Overseer => C:\Program Files\Common Files\AVAST Software\Overseer\overseer.exe [1499240 2020-10-31] (Avast Software s.r.o. -> Avast Software)
Task: {A65671B7-7928-41D0-A55F-2802B6C4BB98} - System32\Tasks\Hewlett-Packard\HP Support Assistant\Product Configurator => C:\Program Files\Hewlett-Packard\HP Support Framework\Resources\ProductConfig.exe
Task: {AF2697DE-D33D-43FB-B7A7-E3F999760379} - System32\Tasks\Adobe Acrobat Update Task => C:\Program Files\Common Files\Adobe\ARM\1.0\AdobeARM.exe [1341008 2020-09-06] (Adobe Inc. -> Adobe Inc.)
Task: {B0C41C40-AB93-4D28-BE42-E64DB1E038AF} - System32\Tasks\Adobe Flash Player NPAPI Notifier => C:\Windows\system32\Macromed\Flash\FlashUtil32_32_0_0_453_Plugin.exe [1502776 2020-11-12] (Adobe Inc. -> Adobe)
Task: {BCF50786-B9AD-4566-BA41-E8EE19525B84} - System32\Tasks\Hewlett-Packard\HP Support Assistant\HP Support Solutions Framework Report => C:\Program Files\Hewlett-Packard\HP Support Solutions\Modules\HPSFReport.exe [107368 2016-12-21] (HP Inc. -> HP Inc.)
Task: {D7DCBF69-828D-45BC-AB8F-850CBA899628} - System32\Tasks\CCleaner Update => C:\Program Files\CCleaner\CCUpdate.exe [686384 2020-11-10] (Piriform Software Ltd -> Piriform Software Ltd)
Task: {E2DCA6AA-74AF-49B2-89FD-CAD9942B7416} - System32\Tasks\Hewlett-Packard\HP Support Assistant\HP Support Solutions Framework Updater => C:\Program Files\Hewlett-Packard\HP Support Solutions\Modules\HPSSFUpdater.exe [651400 2017-09-20] (Hewlett Packard -> HP Inc.)
Task: {FD929B77-72A8-4280-9077-992E205B9963} - System32\Tasks\CCleanerSkipUAC => C:\Program Files\CCleaner\CCleaner.exe [26781880 2020-11-10] (Piriform Software Ltd -> Piriform Software Ltd)

(If an entry is included in the fixlist, the task (.job) file will be moved. The file which is running by the task will not be moved.)

==================== Internet (Whitelisted) ====================

(If an item is included in the fixlist, if it is a registry item it will be removed or restored to default.)

Hosts: There are more than one entry in Hosts. See Hosts section of Addition.txt
Tcpip\Parameters: [DhcpNameServer] 192.168.0.1
Tcpip\..\Interfaces\{77119A74-DD67-4A64-88AB-F09A043C43BF}: [DhcpNameServer] 192.168.0.1

Edge:
======
Edge Profile: C:\Users\PC\AppData\Local\Microsoft\Edge\User Data\Default [2020-11-12]
Edge HomePage: Default -> hxxp://go.microsoft.com/fwlink/?LinkId=69157

FireFox:
========
FF DefaultProfile: 3qzsf14o.default-1496819535780
FF ProfilePath: C:\Users\PC\AppData\Roaming\Mozilla\Firefox\Profiles\3qzsf14o.default-1496819535780 [2020-11-13]
FF Extension: (SafeInCloud Password Manager) - C:\Users\PC\AppData\Roaming\Mozilla\Firefox\Profiles\3qzsf14o.default-1496819535780\Extensions\info@safe-in-cloud.com.xpi [2020-03-26]
FF Extension: (Video DownloadHelper) - C:\Users\PC\AppData\Roaming\Mozilla\Firefox\Profiles\3qzsf14o.default-1496819535780\Extensions\{b9db16a4-6edc-47ec-a1f4-b86292ed211d}.xpi [2020-03-31]
FF HKLM\...\Thunderbird\Extensions: [eplgTb@eset.com] - C:\Program Files\ESET\ESET Smart Security\Mozilla Thunderbird => not found
FF Plugin: @adobe.com/FlashPlayer -> C:\Windows\system32\Macromed\Flash\NPSWF32_32_0_0_453.dll [2020-11-12] (Adobe Inc. -> )
FF Plugin: @software602.cz/602XML Filler -> C:\Program Files\Software602\602XML\Filler\npfiller.dll [2012-08-06] (Software602 a.s. -> Software602 a.s.)
FF Plugin: @update.avastbrowser.com/Avast Browser;version=3 -> C:\Program Files\AVAST Software\Browser\Update\1.8.1065.0\npAvastBrowserUpdate3.dll [2020-10-31] (Avast Software s.r.o. -> AVAST Software)
FF Plugin: @update.avastbrowser.com/Avast Browser;version=9 -> C:\Program Files\AVAST Software\Browser\Update\1.8.1065.0\npAvastBrowserUpdate3.dll [2020-10-31] (Avast Software s.r.o. -> AVAST Software)
FF Plugin: @update.ccleanerbrowser.com/CCleaner Browser;version=3 -> C:\Program Files\CCleaner Browser\Update\1.8.1067.0\npCCleanerBrowserUpdate3.dll [2020-10-31] (Piriform Software Ltd -> Piriform Software)
FF Plugin: @update.ccleanerbrowser.com/CCleaner Browser;version=9 -> C:\Program Files\CCleaner Browser\Update\1.8.1067.0\npCCleanerBrowserUpdate3.dll [2020-10-31] (Piriform Software Ltd -> Piriform Software)
FF Plugin: Adobe Reader -> C:\Program Files\Adobe\Acrobat Reader DC\Reader\AIR\nppdf32.dll [2020-10-22] (Adobe Inc. -> Adobe Systems Inc.)
FF Plugin: PDF Architect 5 -> C:\Program Files\PDF Architect 5\np-previewer.dll [2017-07-05] (pdfforge GmbH -> pdfforge GmbH)

Chrome:
=======
CHR Profile: C:\Users\PC\AppData\Local\Google\Chrome\User Data\Default [2020-11-13]
CHR Extension: (Prezentace) - C:\Users\PC\AppData\Local\Google\Chrome\User Data\Default\Extensions\aapocclcgogkmnckokdopfmhonfmgoek [2017-10-16]
CHR Extension: (Dokumenty) - C:\Users\PC\AppData\Local\Google\Chrome\User Data\Default\Extensions\aohghmighlieiainnegkcijnfilokake [2017-10-16]
CHR Extension: (Disk Google) - C:\Users\PC\AppData\Local\Google\Chrome\User Data\Default\Extensions\apdfllckaahabafndbhieahigkjlhalf [2020-10-31]
CHR Extension: (YouTube) - C:\Users\PC\AppData\Local\Google\Chrome\User Data\Default\Extensions\blpcfgokakmgnkcojhhkbfbldkacnbeo [2017-06-07]
CHR Extension: (Adobe Acrobat) - C:\Users\PC\AppData\Local\Google\Chrome\User Data\Default\Extensions\efaidnbmnnnibpcajpcglclefindmkaj [2020-10-31]
CHR Extension: (Tabulky) - C:\Users\PC\AppData\Local\Google\Chrome\User Data\Default\Extensions\felcaaldnbdncclmgdcncolpebgiejap [2017-10-16]
CHR Extension: (Dokumenty Google offline) - C:\Users\PC\AppData\Local\Google\Chrome\User Data\Default\Extensions\ghbmnnjooekpmoecnnnilnnbdlolhkhi [2020-11-13]
CHR Extension: (SafeInCloud Password Manager) - C:\Users\PC\AppData\Local\Google\Chrome\User Data\Default\Extensions\lchdigjbcmdgcfeijpfkpadacbijihjl [2020-10-31]
CHR Extension: (Platby Internetového obchodu Chrome) - C:\Users\PC\AppData\Local\Google\Chrome\User Data\Default\Extensions\nmmhkkegccagdldgiimedpiccmgmieda [2020-03-24]
CHR Extension: (Gmail) - C:\Users\PC\AppData\Local\Google\Chrome\User Data\Default\Extensions\pjkljhegncpnkpknbcohdijeoejaedia [2020-10-31]
CHR Extension: (Chrome Media Router) - C:\Users\PC\AppData\Local\Google\Chrome\User Data\Default\Extensions\pkedcjkdefgpdelpbcmbmeomcjbeemfm [2020-11-12]
CHR HKLM\...\Chrome\Extension: [efaidnbmnnnibpcajpcglclefindmkaj]

==================== Services (Whitelisted) ===================

(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)

R2 602XML Updater; C:\Program Files\Common Files\soft602\602updsvc\602updsvc.exe [85344 2011-10-10] (Software602 a.s. -> Software602 a.s.)
R2 AdobeARMservice; C:\Program Files\Common Files\Adobe\ARM\1.0\armsvc.exe [169544 2020-09-06] (Adobe Inc. -> Adobe Inc.)
S3 AdobeFlashPlayerUpdateSvc; C:\Windows\system32\Macromed\Flash\FlashPlayerUpdateService.exe [335416 2020-11-12] (Adobe Inc. -> Adobe)
R3 aswbIDSAgent; C:\Program Files\AVAST Software\Avast\aswidsagent.exe [7522208 2020-10-31] (Avast Software s.r.o. -> AVAST Software)
S2 avast; C:\Program Files\AVAST Software\Browser\Update\AvastBrowserUpdate.exe [194200 2020-10-31] (Avast Software s.r.o. -> AVAST Software)
R2 avast! Antivirus; C:\Program Files\AVAST Software\Avast\AvastSvc.exe [332344 2020-10-31] (Avast Software s.r.o. -> AVAST Software)
S3 avastm; C:\Program Files\AVAST Software\Browser\Update\AvastBrowserUpdate.exe [194200 2020-10-31] (Avast Software s.r.o. -> AVAST Software)
S3 AvastSecureBrowserElevationService; C:\Program Files\AVAST Software\Browser\Application\86.1.6738.112\elevation_service.exe [1136920 2020-11-02] (Avast Software s.r.o. -> AVAST Software)
R2 cbVSCService11; C:\Program Files\Cobian Backup 11\cbVSCService11.exe [67584 2013-03-07] (CobianSoft, Luis Cobian) [File not signed]
S2 ccleaner; C:\Program Files\CCleaner Browser\Update\CCleanerBrowserUpdate.exe [200928 2020-10-31] (Piriform Software Ltd -> Piriform Software)
S3 CCleanerBrowserElevationService; C:\Program Files\CCleaner Browser\Application\86.1.6738.114\elevation_service.exe [1136920 2020-11-02] (Piriform Software Ltd -> Piriform Software)
S3 ccleanerm; C:\Program Files\CCleaner Browser\Update\CCleanerBrowserUpdate.exe [200928 2020-10-31] (Piriform Software Ltd -> Piriform Software)
R2 CobianBackup11; C:\Program Files\Cobian Backup 11\cbService.exe [1131008 2013-03-07] (Luis Cobian, CobianSoft) [File not signed]
S3 cphs; C:\Windows\system32\IntelCpHeciSvc.exe [290224 2015-06-01] (Intel Corporation - pGFX -> Intel Corporation)
R3 Disc Soft Ultra Bus Service; C:\Program Files\DAEMON Tools Ultra\DiscSoftBusServiceUltra.exe [4848832 2018-02-15] (Disc Soft Ltd -> Disc Soft Ltd)
R2 ekrn; C:\Program Files\ESET\ESET Endpoint Security\ekrn.exe [2002480 2017-02-24] (ESET, spol. s r.o. -> ESET)
R2 HPSupportSolutionsFrameworkService; C:\Program Files\Hewlett-Packard\HP Support Solutions\HPSupportSolutionsFrameworkService.exe [31776 2016-12-07] (HP Inc. -> HP Inc.)
S3 LiveUpdate; C:\Program Files\Symantec\LiveUpdate\LuComServer_3_2.EXE [2541248 2006-10-31] (Symantec Corporation -> Symantec Corporation)
R2 Net Driver HPZ12; C:\Windows\system32\HPZinw12.dll [44032 2010-08-06] (Hewlett-Packard) [File not signed]
S3 PDF Architect 5; C:\Program Files\PDF Architect 5\ws.exe [2470576 2017-07-05] (pdfforge GmbH -> pdfforge GmbH)
S3 PDF Architect 5 CrashHandler; C:\Program Files\PDF Architect 5\crash-handler-ws.exe [982200 2017-07-05] (pdfforge GmbH -> pdfforge GmbH)
R2 PDF Architect 5 Creator; C:\Program Files\PDF Architect 5\creator-ws.exe [780984 2017-07-05] (pdfforge GmbH -> pdfforge GmbH)
R2 PDF Architect 5 Manager; C:\Program Files\PDF Architect 5 Manager\PDF Architect 5\Architect Manager.exe [985848 2017-05-16] (pdfforge GmbH -> Â© pdfforge GmbH.)
R2 Pml Driver HPZ12; C:\Windows\system32\HPZipm12.dll [53760 2010-08-06] (Hewlett-Packard) [File not signed]
R2 Synology Drive VSS Service; C:\Program Files\Synology\SynologyDrive\bin\vss-service.exe [247320 2018-09-03] (Synology Inc. -> ) [File not signed]
R2 TeamViewer; C:\Program Files\TeamViewer\TeamViewer_Service.exe [11481104 2020-07-13] (TeamViewer Germany GmbH -> TeamViewer GmbH)
S3 WinDefend; C:\Program Files\Windows Defender\mpsvc.dll [680960 2013-05-27] (Microsoft Windows -> Microsoft Corporation)

===================== Drivers (Whitelisted) ===================

(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)

R0 aswArDisk; C:\Windows\System32\drivers\aswArDisk.sys [35040 2020-10-31] (Avast Software s.r.o. -> AVAST Software)
R1 aswArPot; C:\Windows\System32\drivers\aswArPot.sys [175776 2020-10-31] (Avast Software s.r.o. -> AVAST Software)
R1 aswbidsdriver; C:\Windows\System32\drivers\aswbidsdriver.sys [189520 2020-10-31] (Avast Software s.r.o. -> AVAST Software)
R0 aswbidsh; C:\Windows\System32\drivers\aswbidsh.sys [154696 2020-10-31] (Avast Software s.r.o. -> AVAST Software)
R0 aswbuniv; C:\Windows\System32\drivers\aswbuniv.sys [55888 2020-10-31] (Avast Software s.r.o. -> AVAST Software)
R1 aswKbd; C:\Windows\System32\drivers\aswKbd.sys [40736 2020-10-31] (Avast Software s.r.o. -> AVAST Software)
R2 aswMonFlt; C:\Windows\System32\drivers\aswMonFlt.sys [147712 2020-10-31] (Avast Software s.r.o. -> AVAST Software)
R1 aswNetHub; C:\Windows\System32\drivers\aswNetHub.sys [375192 2020-10-31] (Avast Software s.r.o. -> AVAST Software)
R3 aswNetNd6; C:\Windows\System32\DRIVERS\aswNetNd6.sys [36104 2020-10-31] (AVAST Software s.r.o. -> AVAST Software)
R1 aswRdr; C:\Windows\System32\drivers\aswRdr2.sys [94192 2020-10-31] (Avast Software s.r.o. -> AVAST Software)
R0 aswRvrt; C:\Windows\System32\drivers\aswRvrt.sys [72840 2020-10-31] (Avast Software s.r.o. -> AVAST Software)
R1 aswSnx; C:\Windows\System32\drivers\aswSnx.sys [691064 2020-10-31] (Avast Software s.r.o. -> AVAST Software)
R1 aswSP; C:\Windows\System32\drivers\aswSP.sys [396616 2020-10-31] (Avast Software s.r.o. -> AVAST Software)
R2 aswStm; C:\Windows\System32\drivers\aswStm.sys [163312 2020-10-31] (Avast Software s.r.o. -> AVAST Software)
R0 aswVmm; C:\Windows\System32\drivers\aswVmm.sys [277960 2020-10-31] (Avast Software s.r.o. -> AVAST Software)
R3 dtultrascsibus; C:\Windows\System32\DRIVERS\dtultrascsibus.sys [26168 2018-03-14] (Disc Soft Ltd -> Disc Soft Ltd)
R3 dtultrausbbus; C:\Windows\System32\DRIVERS\dtultrausbbus.sys [40504 2018-03-14] (Disc Soft Ltd -> Disc Soft Ltd)
R1 eamonm; C:\Windows\System32\DRIVERS\eamonm.sys [215336 2017-02-09] (ESET, spol. s r.o. -> ESET)
R1 ehdrv; C:\Windows\System32\DRIVERS\ehdrv.sys [160736 2017-02-09] (ESET, spol. s r.o. -> ESET)
R1 epfw; C:\Windows\System32\DRIVERS\epfw.sys [121224 2017-02-09] (ESET, spol. s r.o. -> ESET)
U1 EpfwLWF; C:\Windows\System32\DRIVERS\EpfwLWF.sys [52680 2017-02-09] (ESET, spol. s r.o. -> ESET)
R1 epfwwfp; C:\Windows\System32\DRIVERS\epfwwfp.sys [86952 2017-02-09] (ESET, spol. s r.o. -> ESET)
R3 MEI; C:\Windows\System32\DRIVERS\HECI.sys [41088 2011-04-20] (Microsoft Windows Hardware Compatibility Publisher -> Intel Corporation)
U5 VWiFiFlt; C:\Windows\System32\Drivers\VWiFiFlt.sys [48128 2009-07-14] (Microsoft Windows -> Microsoft Corporation)
S3 WDC_SAM; C:\Windows\System32\DRIVERS\wdcsam.sys [20256 2015-04-29] (Microsoft Windows Hardware Compatibility Publisher -> Western Digital Technologies)
S2 npf; \??\C:\Windows\system32\drivers\npf.sys [X]

==================== NetSvcs (Whitelisted) ===================

(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)

==================== One month (created) ===================

(If an entry is included in the fixlist, the file/folder will be moved.)

2020-11-13 19:22 - 2020-11-13 19:23 - 000020204 _____ C:\Users\PC\Desktop\FRST.txt
2020-11-13 18:54 - 2020-11-13 18:54 - 000000000 ____D C:\Windows\pss
2020-11-13 18:50 - 2020-11-13 18:51 - 028438545 _____ C:\Users\PC\Downloads\ccsetup574.zip
2020-11-13 18:40 - 2020-11-13 18:40 - 000000000 _____ C:\Users\PC\Desktop\Addition.txt
2020-11-12 19:38 - 2020-11-13 19:22 - 000000000 ____D C:\FRST
2020-11-12 19:37 - 2020-11-12 19:37 - 002012160 _____ (Farbar) C:\Users\PC\Downloads\FRST.exe
2020-11-12 19:37 - 2020-11-12 19:37 - 002012160 _____ (Farbar) C:\Users\PC\Desktop\FRST.exe
2020-11-12 19:01 - 2020-11-12 19:06 - 000000000 ____D C:\AdwCleaner
2020-11-12 18:59 - 2020-11-12 18:59 - 008447152 _____ (Malwarebytes) C:\Users\PC\Downloads\adwcleaner_8.0.8.exe
2020-11-12 18:59 - 2020-11-12 18:59 - 008447152 _____ (Malwarebytes) C:\Users\PC\Desktop\adwcleaner_8.0.8.exe
2020-11-12 18:43 - 2020-11-12 20:34 - 000000000 ____D C:\Program Files\trend micro
2020-11-12 18:43 - 2020-11-12 18:45 - 000000000 ____D C:\rsit
2020-11-12 18:43 - 2020-11-12 18:43 - 001107968 _____ C:\Users\PC\Desktop\RSIT (1).exe
2020-11-12 18:42 - 2020-11-12 18:42 - 001107968 _____ C:\Users\PC\Downloads\RSIT.exe
2020-11-12 17:39 - 2020-11-12 17:39 - 030469496 _____ (Piriform Software Ltd) C:\Users\PC\Downloads\ccsetup574.exe
2020-10-31 15:22 - 2020-11-07 10:47 - 000000000 ____D C:\Users\PC\AppData\Roaming\DidaktaCZ
2020-10-31 15:22 - 2020-10-31 15:22 - 000002081 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Programs\DidaktaCZ.lnk
2020-10-31 15:22 - 2020-10-31 15:22 - 000002069 _____ C:\Users\Public\Desktop\DidaktaCZ.lnk
2020-10-31 15:22 - 2020-10-31 15:22 - 000002069 _____ C:\ProgramData\Desktop\DidaktaCZ.lnk
2020-10-31 15:22 - 2020-10-31 15:22 - 000000000 ____D C:\Program Files\DidaktaCZ
2020-10-31 15:21 - 2020-10-31 15:21 - 058698429 _____ C:\Users\PC\Downloads\DidaktaCZ-Setup-1.0.0.zip
2020-10-31 12:57 - 2020-11-13 03:40 - 000002167 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Microsoft Edge.lnk
2020-10-31 12:57 - 2020-11-13 03:40 - 000002126 _____ C:\Users\Public\Desktop\Microsoft Edge.lnk
2020-10-31 12:57 - 2020-11-13 03:40 - 000002126 _____ C:\ProgramData\Desktop\Microsoft Edge.lnk
2020-10-31 12:56 - 2020-11-07 20:45 - 000003472 _____ C:\Windows\system32\Tasks\MicrosoftEdgeUpdateTaskMachineUA
2020-10-31 12:56 - 2020-11-07 20:45 - 000003344 _____ C:\Windows\system32\Tasks\MicrosoftEdgeUpdateTaskMachineCore
2020-10-31 11:48 - 2020-10-31 11:59 - 000375192 _____ (AVAST Software) C:\Windows\system32\Drivers\aswNetHub.sys
2020-10-31 11:48 - 2020-10-31 11:46 - 000163312 _____ (AVAST Software) C:\Windows\system32\Drivers\aswStm.sys
2020-10-31 11:48 - 2020-10-31 11:46 - 000147712 _____ (AVAST Software) C:\Windows\system32\Drivers\aswMonFlt.sys
2020-10-31 11:48 - 2020-10-31 11:45 - 000285280 _____ (AVAST Software) C:\Windows\system32\aswBoot.exe
2020-10-31 11:46 - 2020-10-31 11:46 - 000036104 _____ (AVAST Software) C:\Windows\system32\Drivers\aswNetNd6.sys
2020-10-31 11:42 - 2020-10-31 11:42 - 029853224 _____ (Piriform Software Ltd) C:\Users\PC\Downloads\ccsetup573.exe

==================== One month (modified) ==================

(If an entry is included in the fixlist, the file/folder will be moved.)

2020-11-13 18:57 - 2020-03-26 23:19 - 000000000 ____D C:\Users\PC\AppData\Local\AVAST Software
2020-11-13 18:57 - 2009-07-14 05:34 - 000028928 ____H C:\Windows\system32\7B296FB0-376B-497e-B012-9C450E1B7327-5P-1.C7483456-A289-439d-8115-601632D005A0
2020-11-13 18:57 - 2009-07-14 05:34 - 000028928 ____H C:\Windows\system32\7B296FB0-376B-497e-B012-9C450E1B7327-5P-0.C7483456-A289-439d-8115-601632D005A0
2020-11-13 18:52 - 2020-03-28 19:54 - 000000000 ____D C:\Users\PC\Instal
2020-11-13 18:44 - 2017-12-22 07:55 - 000000000 ____D C:\Users\PC\AppData\Local\SafeInCloud
2020-11-13 18:42 - 2019-06-03 15:35 - 000000000 ____D C:\Program Files\CCleaner
2020-11-13 18:41 - 2017-03-29 08:24 - 000000000 ____D C:\ProgramData\Hewlett-Packard
2020-11-13 18:28 - 2020-03-26 23:13 - 000004168 _____ C:\Windows\system32\Tasks\Avast Emergency Update
2020-11-13 18:28 - 2018-12-17 14:08 - 000000000 ___RD C:\Users\PC\Documents\SynologyDrive
2020-11-13 18:28 - 2018-12-17 14:06 - 000000000 ____D C:\Users\PC\AppData\Local\SynologyDrive
2020-11-13 18:27 - 2020-03-26 23:12 - 000000000 ____D C:\ProgramData\AVAST Software
2020-11-13 18:27 - 2016-07-29 14:47 - 000000000 ____D C:\Users\PC
2020-11-13 18:25 - 2017-05-26 13:07 - 000000000 ____D C:\Program Files\TeamViewer
2020-11-13 18:24 - 2009-07-14 05:53 - 000000006 ____H C:\Windows\Tasks\SA.DAT
2020-11-12 23:09 - 2020-03-31 16:45 - 000003714 _____ C:\Windows\system32\Tasks\CCleaner Browser Heartbeat Task (Hourly)
2020-11-12 23:09 - 2020-03-31 16:45 - 000002268 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Programs\CCleaner Browser.lnk
2020-11-12 23:09 - 2020-03-31 16:45 - 000002225 _____ C:\Users\Public\Desktop\CCleaner Browser.lnk
2020-11-12 23:09 - 2020-03-31 16:45 - 000002225 _____ C:\ProgramData\Desktop\CCleaner Browser.lnk
2020-11-12 23:09 - 2020-03-31 16:43 - 000000000 ____D C:\Program Files\CCleaner Browser
2020-11-12 19:06 - 2017-03-29 09:46 - 000000000 ____D C:\Users\PC\AppData\Roaming\Hewlett-Packard
2020-11-12 19:06 - 2017-03-29 08:01 - 000000000 ____D C:\Users\PC\AppData\Local\Hewlett-Packard
2020-11-12 19:06 - 2017-03-29 07:59 - 000000000 ____D C:\Program Files\Hewlett-Packard
2020-11-12 18:28 - 2020-03-26 23:19 - 000003720 _____ C:\Windows\system32\Tasks\Avast Secure Browser Heartbeat Task (Hourly)
2020-11-12 18:28 - 2020-03-26 23:19 - 000002375 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Avast Secure Browser.lnk
2020-11-12 18:28 - 2020-03-26 23:19 - 000002332 _____ C:\Users\Public\Desktop\Avast Secure Browser.lnk
2020-11-12 18:28 - 2020-03-26 23:19 - 000002332 _____ C:\ProgramData\Desktop\Avast Secure Browser.lnk
2020-11-12 18:23 - 2017-06-07 08:42 - 000002170 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Google Chrome.lnk
2020-11-12 18:23 - 2017-06-07 08:42 - 000002129 _____ C:\Users\Public\Desktop\Google Chrome.lnk
2020-11-12 18:23 - 2017-06-07 08:42 - 000002129 _____ C:\ProgramData\Desktop\Google Chrome.lnk
2020-11-12 17:57 - 2016-07-29 16:44 - 000000000 ____D C:\Windows\system32\MRT
2020-11-12 17:53 - 2016-07-29 16:44 - 131089152 ____C (Microsoft Corporation) C:\Windows\system32\MRT.exe
2020-11-12 17:47 - 2018-07-13 19:28 - 000000000 ____D C:\Users\PC\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\MÚZO Praha s.r.o
2020-11-12 17:47 - 2016-08-02 13:18 - 000000000 ____D C:\Users\PC\AppData\Local\Deployment
2020-11-12 17:41 - 2019-06-03 15:35 - 000003870 _____ C:\Windows\system32\Tasks\CCleaner Update
2020-11-12 17:41 - 2019-06-03 15:35 - 000000961 _____ C:\Users\Public\Desktop\CCleaner.lnk
2020-11-12 17:41 - 2019-06-03 15:35 - 000000961 _____ C:\ProgramData\Desktop\CCleaner.lnk
2020-11-12 17:37 - 2018-03-15 09:37 - 000004516 _____ C:\Windows\system32\Tasks\Adobe Flash Player NPAPI Notifier
2020-11-12 17:37 - 2017-05-18 13:33 - 000004408 _____ C:\Windows\system32\Tasks\Adobe Flash Player Updater
2020-11-12 17:37 - 2017-04-17 13:03 - 000002029 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Acrobat Reader DC.lnk
2020-11-12 17:37 - 2017-04-11 19:10 - 000842296 _____ (Adobe) C:\Windows\system32\FlashPlayerApp.exe
2020-11-12 17:37 - 2017-04-11 19:10 - 000175160 _____ (Adobe) C:\Windows\system32\FlashPlayerCPLApp.cpl
2020-11-12 17:37 - 2017-04-11 19:10 - 000000000 ____D C:\Windows\system32\Macromed
2020-11-07 20:45 - 2020-03-31 16:45 - 000003132 _____ C:\Windows\system32\Tasks\CCleaner Browser Heartbeat Task (Logon)
2020-11-07 20:45 - 2020-03-31 16:44 - 000003426 _____ C:\Windows\system32\Tasks\CCleanerUpdateTaskMachineUA
2020-11-07 20:45 - 2020-03-31 16:44 - 000003298 _____ C:\Windows\system32\Tasks\CCleanerUpdateTaskMachineCore
2020-11-07 20:45 - 2019-06-03 15:35 - 000002796 _____ C:\Windows\system32\Tasks\CCleanerSkipUAC
2020-11-07 20:45 - 2017-06-07 08:41 - 000003374 _____ C:\Windows\system32\Tasks\GoogleUpdateTaskMachineUA
2020-11-07 20:45 - 2017-06-07 08:41 - 000003246 _____ C:\Windows\system32\Tasks\GoogleUpdateTaskMachineCore
2020-11-07 20:45 - 2017-03-31 07:44 - 000004464 _____ C:\Windows\system32\Tasks\Adobe Acrobat Update Task
2020-11-07 16:34 - 2020-03-26 23:13 - 000000000 ____D C:\Windows\system32\Tasks\Avast Software
2020-11-07 11:14 - 2016-07-29 23:32 - 000668542 _____ C:\Windows\system32\perfh005.dat
2020-11-07 11:14 - 2016-07-29 23:32 - 000141202 _____ C:\Windows\system32\perfc005.dat
2020-11-07 11:14 - 2016-07-29 13:42 - 001583226 _____ C:\Windows\system32\PerfStringBackup.INI
2020-11-07 11:14 - 2009-07-14 03:37 - 000000000 ____D C:\Windows\inf
2020-10-31 11:59 - 2019-01-27 06:38 - 000000000 ____D C:\Windows\Minidump
2020-10-31 11:58 - 2020-03-26 23:19 - 000003414 _____ C:\Windows\system32\Tasks\AvastUpdateTaskMachineUA
2020-10-31 11:58 - 2020-03-26 23:19 - 000003286 _____ C:\Windows\system32\Tasks\AvastUpdateTaskMachineCore
2020-10-31 11:57 - 2018-07-02 13:50 - 000000929 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Programs\TeamViewer 13.lnk
2020-10-31 11:57 - 2018-07-02 13:50 - 000000917 _____ C:\Users\Public\Desktop\TeamViewer 13.lnk
2020-10-31 11:57 - 2018-07-02 13:50 - 000000917 _____ C:\ProgramData\Desktop\TeamViewer 13.lnk
2020-10-31 11:46 - 2020-03-26 23:13 - 000396616 _____ (AVAST Software) C:\Windows\system32\Drivers\aswSP.sys
2020-10-31 11:46 - 2020-03-26 23:13 - 000277960 _____ (AVAST Software) C:\Windows\system32\Drivers\aswVmm.sys
2020-10-31 11:46 - 2020-03-26 23:13 - 000154696 _____ (AVAST Software) C:\Windows\system32\Drivers\aswbidsh.sys
2020-10-31 11:46 - 2020-03-26 23:13 - 000094192 _____ (AVAST Software) C:\Windows\system32\Drivers\aswRdr2.sys
2020-10-31 11:46 - 2020-03-26 23:13 - 000072840 _____ (AVAST Software) C:\Windows\system32\Drivers\aswRvrt.sys
2020-10-31 11:46 - 2020-03-26 23:13 - 000055888 _____ (AVAST Software) C:\Windows\system32\Drivers\aswbuniv.sys
2020-10-31 11:46 - 2020-03-26 23:13 - 000040736 _____ (AVAST Software) C:\Windows\system32\Drivers\aswKbd.sys
2020-10-31 11:44 - 2020-03-26 23:13 - 000691064 _____ (AVAST Software) C:\Windows\system32\Drivers\aswSnx.sys
2020-10-31 11:44 - 2020-03-26 23:13 - 000189520 _____ (AVAST Software) C:\Windows\system32\Drivers\aswbidsdriver.sys
2020-10-31 11:44 - 2020-03-26 23:13 - 000175776 _____ (AVAST Software) C:\Windows\system32\Drivers\aswArPot.sys
2020-10-31 11:44 - 2020-03-26 23:13 - 000035040 _____ (AVAST Software) C:\Windows\system32\Drivers\aswArDisk.sys

==================== Files in the root of some directories ========

2016-08-01 16:02 - 2016-08-01 16:02 - 000007627 _____ () C:\Users\PC\AppData\Local\Resmon.ResmonCfg

==================== SigCheck ============================

(There is no automatic fix for files that do not pass verification.)

LastRegBack: 2020-11-13 00:38
==================== End of FRST.txt ========================

Additional scan result of Farbar Recovery Scan Tool (x86) Version: 11-11-2020
Ran by PC (13-11-2020 19:23:50)
Running from C:\Users\PC\Desktop
Microsoft Windows 7 Professional Service Pack 1 (X86) (2016-07-29 13:47:32)
Boot Mode: Normal
==========================================================

==================== Accounts: =============================

Administrator (S-1-5-21-656636110-7618775-4091062772-500 - Administrator - Disabled)
Guest (S-1-5-21-656636110-7618775-4091062772-501 - Limited - Disabled)
PC (S-1-5-21-656636110-7618775-4091062772-1000 - Administrator - Enabled) => C:\Users\PC

==================== Security Center ========================

(If an entry is included in the fixlist, it will be removed.)

AV: Avast Antivirus (Enabled - Up to date) {EB19B86E-3998-C706-90EF-92B41EB091AF}
AS: Windows Defender (Disabled - Up to date) {D68DDC3A-831F-4fae-9E44-DA132C1ACF46}
AS: Avast Antivirus (Enabled - Up to date) {5078598A-1FA2-C888-AA5F-A9C66537DB12}

==================== Installed Programs ======================

(Only the adware programs with "Hidden" flag could be added to the fixlist to unhide them. The adware programs should be uninstalled manually.)

32 Bit HP CIO Components Installer (HKLM\...\{D7EC8A27-CDA2-46AE-8A26-4104A04FA5BE}) (Version: 8.1.1 - Hewlett-Packard) Hidden
Adobe Acrobat Reader DC - Czech (HKLM\...\{AC76BA86-7AD7-1029-7B44-AC0F074E4100}) (Version: 20.013.20064 - Adobe Systems Incorporated)
Adobe Flash Player 32 NPAPI (HKLM\...\Adobe Flash Player NPAPI) (Version: 32.0.0.453 - Adobe)
AnyMP4 DVD Ripper 7.2.30 (HKLM\...\{991684FE-29A2-4b20-8CD5-FFD2275FD2CD}_is1) (Version: 7.2.30 - AnyMP4 Studio)
Avast Free Antivirus (HKLM\...\Avast Antivirus) (Version: 20.8.2432 - Avast Software)
Avast Secure Browser (HKLM\...\Avast Secure Browser) (Version: 86.1.6738.112 - Autoři prohlížeče Avast Secure Browser)
Avast Update Helper (HKLM\...\{A92DAB39-4E2C-4304-9AB6-BC44E68B55E2}) (Version: 1.8.1065.0 - AVAST Software) Hidden
CCleaner (HKLM\...\CCleaner) (Version: 5.74 - Piriform)
CCleaner Browser (HKLM\...\CCleaner Browser) (Version: 86.1.6738.114 - Autoři prohlížeče CCleaner Browser)
Cobian Backup 11 Gravity (HKLM\...\CobBackup11) (Version: - )
DAEMON Tools Ultra (HKLM\...\DAEMON Tools Ultra) (Version: 5.3.0.0717 - Disc Soft Ltd)
DataNumen Word Repair v2.5 (HKLM\...\DataNumen Word Repair v2.5) (Version: - )
Dell System Detect (HKU\S-1-5-21-656636110-7618775-4091062772-1000\...\58d94f3ce2c27db0) (Version: 7.6.0.17 - Dell)
DidaktaCZ 1.0.0 (HKLM\...\7e81f6ca-38af-5207-b03c-2ecbe5f1ce8e) (Version: 1.0.0 - SILCOM Multimedia, s.r.o.)
FreeFileSync 9.8 (HKLM\...\FreeFileSync_is1) (Version: 9.8 - FreeFileSync.org)
Google Chrome (HKLM\...\Google Chrome) (Version: 86.0.4240.193 - Google LLC)
Google Update Helper (HKLM\...\{60EC980A-BDA2-4CB6-A427-B07A5498B4CA}) (Version: 1.3.36.31 - Google LLC) Hidden
High Quality Photo Resizer 5.02 (HKLM\...\High Quality Photo Resizer_is1) (Version: - Naturpic Software)
HP Support Solutions Framework (HKLM\...\{83D9E6C0-5F20-49B4-9ACF-80A24A1A045D}) (Version: 12.5.32.203 - HP Inc.)
hppQFolderCM1312 (HKLM\...\{583EDB12-4CEA-48B5-A7BA-88069DD47BA2}) (Version: 1.00.0000 - Hewlett-Packard) Hidden
Intel(R) Processor Graphics (HKLM\...\{F0E3AD40-2BBD-4360-9C76-B9AC9A5886EA}) (Version: 9.17.10.4229 - Intel Corporation)
LiveUpdate 3.2 (Symantec Corporation) (HKLM\...\LiveUpdate) (Version: 3.2.0.26 - Symantec Corporation)
Manager (HKLM\...\{8DED36D9-54D6-4127-A112-5A1BA1CDD66B}) (Version: 5.0.26.33533 - 2017 pdfforge GmbH. All rights reserved) Hidden
Microsoft .NET Framework 4.8 (čeština) (HKLM\...\{92FB6C44-E685-45AD-9B20-CADF4CABA132} - 1029) (Version: 4.8.03761 - Microsoft Corporation)
Microsoft .NET Framework 4.8 (HKLM\...\{92FB6C44-E685-45AD-9B20-CADF4CABA132} - 1033) (Version: 4.8.03761 - Microsoft Corporation)
Microsoft Edge (HKLM\...\Microsoft Edge) (Version: 86.0.622.68 - Microsoft Corporation)
Microsoft Edge Update (HKLM\...\Microsoft Edge Update) (Version: 1.3.137.99 - )
Microsoft Office Standard Edition 2003 (HKLM\...\{90120405-6000-11D3-8CFE-0150048383C9}) (Version: 11.0.5614.0 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.6161 (HKLM\...\{9BE518E6-ECC6-35A9-88E4-87755C07200F}) (Version: 9.0.30729.6161 - Microsoft Corporation)
Microsoft Visual C++ 2013 Redistributable (x86) - 12.0.30501 (HKLM\...\{f65db027-aff3-4070-886a-0d87064aabb1}) (Version: 12.0.30501.0 - Microsoft Corporation)
Mozilla Firefox 74.0 (x86 cs) (HKLM\...\Mozilla Firefox 74.0 (x86 cs)) (Version: 74.0 - Mozilla)
Mozilla Maintenance Service (HKLM\...\MozillaMaintenanceService) (Version: 74.0.0.7373 - Mozilla)
MSXML 4.0 SP3 Parser (KB2758694) (HKLM\...\{1D95BA90-F4F8-47EC-A882-441C99D30C1E}) (Version: 4.30.2117.0 - Microsoft Corporation)
OpenOffice 4.1.3 (HKLM\...\{7308600A-5231-459C-A3E2-A637F842CACA}) (Version: 4.13.9783 - Apache Software Foundation)
PDF Architect 5 Create Module (HKLM\...\{195F60E3-5445-4DDA-8A65-C1A221E1D6FA}) (Version: 5.0.28.34044 - pdfforge GmbH) Hidden
PDF Architect 5 Edit Module (HKLM\...\{1EC3144E-90D5-4936-8292-E8C5152ADF77}) (Version: 5.0.28.34044 - pdfforge GmbH) Hidden
PDF Architect 5 View Module (HKLM\...\{BD9CE601-084F-49A2-9E13-F0BF6AD7FEEB}) (Version: 5.0.28.34044 - pdfforge GmbH) Hidden
PDFCreator (HKLM\...\{0001B4FD-9EA3-4D90-A79E-FD14BA3AB01D}) (Version: 3.0.2 - pdfforge GmbH)
Převodník VN (HKU\S-1-5-21-656636110-7618775-4091062772-1000\...\7aababc7ae06e4b7) (Version: 1.0.3.2 - MÚZO Praha s.r.o.)
SafeInCloud Password Manager (HKLM\...\{8CAE5539-82E6-4309-A390-70BBB8A22B1F}) (Version: 19.0.2 - Andrey Shcherbakov)
Software602 Form Filler (HKLM\...\{04703FE3-1A8B-4467-88E6-3D6A1A0FA65A}) (Version: 4.70 - Software602 a.s.)
Synology Drive (HKLM\...\{DB16BADF-E4EA-416D-AAB8-5E4882FCCABC}) (Version: 5.1.2.10562 - Synology)
TeamViewer 13 (HKLM\...\TeamViewer) (Version: 13.2.36220 - TeamViewer)
Total Commander (Remove or Repair) (HKLM\...\Totalcmd) (Version: 9.0a - Ghisler Software GmbH)
VdhCoApp 1.2.4 (HKLM\...\weh-iss-net.downloadhelper.coapp_is1) (Version: - DownloadHelper)

==================== Custom CLSID (Whitelisted): ==============

(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)

CustomCLSID: HKU\S-1-5-21-656636110-7618775-4091062772-1000_Classes\CLSID\{2C4A5D61-009C-4561-9A33-6AFD542FD237}\InprocServer32 -> C:\Users\PC\AppData\Local\SynologyDrive\SynologyDrive.app\icon-overlay\20\x86\ContextMenu.dll () [File not signed]
CustomCLSID: HKU\S-1-5-21-656636110-7618775-4091062772-1000_Classes\CLSID\{472CE1AD-5D53-4BCF-A1FB-3982A5F55138}\InprocServer32 -> C:\Users\PC\AppData\Local\SynologyDrive\SynologyDrive.app\icon-overlay\20\x86\iconOverlay.dll (TODO: <Company name>) [File not signed]
CustomCLSID: HKU\S-1-5-21-656636110-7618775-4091062772-1000_Classes\CLSID\{48AB5ADA-36B1-4137-99C9-2BD97F8788AB}\InprocServer32 -> C:\Users\PC\AppData\Local\SynologyDrive\SynologyDrive.app\icon-overlay\20\x86\iconOverlay.dll (TODO: <Company name>) [File not signed]
CustomCLSID: HKU\S-1-5-21-656636110-7618775-4091062772-1000_Classes\CLSID\{A433C3E0-8B24-40EB-93C3-4B10D9959F58}\InprocServer32 -> C:\Users\PC\AppData\Local\SynologyDrive\SynologyDrive.app\icon-overlay\20\x86\iconOverlay.dll (TODO: <Company name>) [File not signed]
CustomCLSID: HKU\S-1-5-21-656636110-7618775-4091062772-1000_Classes\CLSID\{AEB16659-2125-4ADA-A4AB-45EE21E86469}\InprocServer32 -> C:\Users\PC\AppData\Local\SynologyDrive\SynologyDrive.app\icon-overlay\20\x86\iconOverlay.dll (TODO: <Company name>) [File not signed]
CustomCLSID: HKU\S-1-5-21-656636110-7618775-4091062772-1000_Classes\CLSID\{C701AD67-3DF0-47C9-89CB-DFA6207BE229}\InprocServer32 -> C:\Users\PC\AppData\Local\SynologyDrive\SynologyDrive.app\icon-overlay\20\x86\iconOverlay.dll (TODO: <Company name>) [File not signed]
ShellIconOverlayIdentifiers: [ 01UnsuppModule] -> {AEB16659-2125-4ADA-A4AB-45EE21E86469} => C:\Users\PC\AppData\Local\SynologyDrive\SynologyDrive.app\icon-overlay\20\x86\iconOverlay.dll [2018-12-17] (TODO: <Company name>) [File not signed]
ShellIconOverlayIdentifiers: [ 02SyncingModule] -> {48AB5ADA-36B1-4137-99C9-2BD97F8788AB} => C:\Users\PC\AppData\Local\SynologyDrive\SynologyDrive.app\icon-overlay\20\x86\iconOverlay.dll [2018-12-17] (TODO: <Company name>) [File not signed]
ShellIconOverlayIdentifiers: [ 03SyncedModule] -> {472CE1AD-5D53-4BCF-A1FB-3982A5F55138} => C:\Users\PC\AppData\Local\SynologyDrive\SynologyDrive.app\icon-overlay\20\x86\iconOverlay.dll [2018-12-17] (TODO: <Company name>) [File not signed]
ShellIconOverlayIdentifiers: [ 04ReadOnlyModule] -> {A433C3E0-8B24-40EB-93C3-4B10D9959F58} => C:\Users\PC\AppData\Local\SynologyDrive\SynologyDrive.app\icon-overlay\20\x86\iconOverlay.dll [2018-12-17] (TODO: <Company name>) [File not signed]
ShellIconOverlayIdentifiers: [ 05NoPermModule] -> {C701AD67-3DF0-47C9-89CB-DFA6207BE229} => C:\Users\PC\AppData\Local\SynologyDrive\SynologyDrive.app\icon-overlay\20\x86\iconOverlay.dll [2018-12-17] (TODO: <Company name>) [File not signed]
ShellIconOverlayIdentifiers: [00asw] -> {472083B0-C522-11CF-8763-00608CC02F24} => C:\Program Files\AVAST Software\Avast\ashShell.dll [2020-10-31] (Avast Software s.r.o. -> AVAST Software)
ContextMenuHandlers1: [avast] -> {472083B0-C522-11CF-8763-00608CC02F24} => C:\Program Files\AVAST Software\Avast\ashShell.dll [2020-10-31] (Avast Software s.r.o. -> AVAST Software)
ContextMenuHandlers1: [PDFArchitect5_ManagerExt] -> {00B7B69F-6774-4906-9C7F-7D117A3644A9} => C:\Program Files\PDF Architect 5\creator-context-menu.dll [2017-07-05] (pdfforge GmbH -> pdfforge GmbH)
ContextMenuHandlers1: [PDFCreator.ShellContextMenu] -> {d9cea52e-100d-4159-89ea-76e845bc13e1} => C:\Program Files\PDFCreator\PDFCreatorShell.DLL [2017-09-04] (pdfforge GmbH -> pdfforge GmbH)
ContextMenuHandlers2: [DaemonShellExtDriveUltra] -> {F0E53CA3-02F8-40AE-9470-309F0309036F} => C:\Program Files\DAEMON Tools Ultra\DTShl32.dll [2018-02-15] (Disc Soft Ltd -> Disc Soft Ltd)
ContextMenuHandlers3: [00asw] -> {472083B0-C522-11CF-8763-00608CC02F24} => C:\Program Files\AVAST Software\Avast\ashShell.dll [2020-10-31] (Avast Software s.r.o. -> AVAST Software)
ContextMenuHandlers3: [DaemonShellExtImageUltra] -> {B5EBA666-2B94-4C7A-9CAA-A4539F329646} => C:\Program Files\DAEMON Tools Ultra\DTShl32.dll [2018-02-15] (Disc Soft Ltd -> Disc Soft Ltd)
ContextMenuHandlers5: [igfxcui] -> {3AB1675A-CCFF-11D2-8B20-00A0C93CB1F4} => C:\Windows\system32\igfxpph.dll [2015-06-01] (Microsoft Windows Hardware Compatibility Publisher -> Intel Corporation)
ContextMenuHandlers6: [avast] -> {472083B0-C522-11CF-8763-00608CC02F24} => C:\Program Files\AVAST Software\Avast\ashShell.dll [2020-10-31] (Avast Software s.r.o. -> AVAST Software)
ContextMenuHandlers1_S-1-5-21-656636110-7618775-4091062772-1000: [CloudStation.SyncFolderContextMenu] -> {2C4A5D61-009C-4561-9A33-6AFD542FD237} => C:\Users\PC\AppData\Local\SynologyDrive\SynologyDrive.app\icon-overlay\20\x86\ContextMenu.dll [2018-12-17] () [File not signed]
ContextMenuHandlers6_S-1-5-21-656636110-7618775-4091062772-1000: [CloudStation.SyncFolderContextMenu] -> {2C4A5D61-009C-4561-9A33-6AFD542FD237} => C:\Users\PC\AppData\Local\SynologyDrive\SynologyDrive.app\icon-overlay\20\x86\ContextMenu.dll [2018-12-17] () [File not signed]

==================== Codecs (Whitelisted) ====================

==================== Shortcuts & WMI ========================

==================== Loaded Modules (Whitelisted) =============

2018-12-17 14:06 - 2018-12-17 14:06 - 021565192 _____ () [File not signed] C:\Users\PC\AppData\Local\SynologyDrive\SynologyDrive.app\bin\icudt53.dll
2018-12-17 14:06 - 2018-12-17 14:06 - 003095505 _____ () [File not signed] C:\Users\PC\AppData\Local\SynologyDrive\SynologyDrive.app\bin\icuin53.dll
2018-12-17 14:06 - 2018-12-17 14:06 - 001798570 _____ () [File not signed] C:\Users\PC\AppData\Local\SynologyDrive\SynologyDrive.app\bin\icuuc53.dll
2018-12-17 14:06 - 2018-12-17 14:06 - 000031744 _____ () [File not signed] C:\Users\PC\AppData\Local\SynologyDrive\SynologyDrive.app\bin\imageformats\qgif.dll
2018-12-17 14:06 - 2018-12-17 14:06 - 000046080 _____ () [File not signed] C:\Users\PC\AppData\Local\SynologyDrive\SynologyDrive.app\bin\imageformats\qicns.dll
2018-12-17 14:06 - 2018-12-17 14:06 - 000032768 _____ () [File not signed] C:\Users\PC\AppData\Local\SynologyDrive\SynologyDrive.app\bin\imageformats\qico.dll
2018-12-17 14:06 - 2018-12-17 14:06 - 000516608 _____ () [File not signed] C:\Users\PC\AppData\Local\SynologyDrive\SynologyDrive.app\bin\imageformats\qjp2.dll
2018-12-17 14:06 - 2018-12-17 14:06 - 000243200 _____ () [File not signed] C:\Users\PC\AppData\Local\SynologyDrive\SynologyDrive.app\bin\imageformats\qjpeg.dll
2018-12-17 14:06 - 2018-12-17 14:06 - 000431616 _____ () [File not signed] C:\Users\PC\AppData\Local\SynologyDrive\SynologyDrive.app\bin\imageformats\qtiff.dll
2018-12-17 14:06 - 2018-12-17 14:06 - 000596986 _____ () [File not signed] C:\Users\PC\AppData\Local\SynologyDrive\SynologyDrive.app\bin\libcurl-4.dll
2018-12-17 14:06 - 2018-12-17 14:06 - 000123918 _____ () [File not signed] C:\Users\PC\AppData\Local\SynologyDrive\SynologyDrive.app\bin\libgcc_s_dw2-1.dll
2018-12-17 14:06 - 2018-12-17 14:06 - 003036430 _____ () [File not signed] C:\Users\PC\AppData\Local\SynologyDrive\SynologyDrive.app\bin\libsqlite3-0.dll
2018-12-17 14:06 - 2018-12-17 14:06 - 001026062 _____ () [File not signed] C:\Users\PC\AppData\Local\SynologyDrive\SynologyDrive.app\bin\libstdc++-6.dll
2018-12-17 14:06 - 2018-12-17 14:06 - 000712704 _____ () [File not signed] C:\Users\PC\AppData\Local\SynologyDrive\SynologyDrive.app\bin\platforms\qwindows.dll
2018-12-17 14:06 - 2018-12-17 14:06 - 000374272 _____ () [File not signed] C:\Users\PC\AppData\Local\SynologyDrive\SynologyDrive.app\bin\synocat-qt.dll
2018-12-17 14:06 - 2018-12-17 14:06 - 000120334 _____ () [File not signed] C:\Users\PC\AppData\Local\SynologyDrive\SynologyDrive.app\bin\zlib1.dll
2018-12-17 14:06 - 2018-12-17 14:06 - 001024512 _____ () [File not signed] C:\Users\PC\AppData\Local\SynologyDrive\SynologyDrive.app\icon-overlay\20\x86\ContextMenu.dll
2020-03-24 22:57 - 2020-03-24 22:57 - 003806208 _____ () [File not signed] C:\Windows\assembly\NativeImages_v4.0.30319_32\DiscSoft.NET.Common\9d627d954ad533060fa817be16c5bbab\DiscSoft.NET.Common.ni.dll
2020-03-24 22:58 - 2020-03-24 22:58 - 002503680 _____ () [File not signed] C:\Windows\assembly\NativeImages_v4.0.30319_32\DotNetCommon\7b789a3af4e697df30d70b57654d0fa4\DotNetCommon.ni.dll
2018-12-17 14:06 - 2018-12-17 14:06 - 000028672 _____ (Digia Plc and/or its subsidiary(-ies)) [File not signed] C:\Users\PC\AppData\Local\SynologyDrive\SynologyDrive.app\bin\Qt5Concurrent.dll
2018-12-17 14:06 - 2018-12-17 14:06 - 004855296 _____ (Digia Plc and/or its subsidiary(-ies)) [File not signed] C:\Users\PC\AppData\Local\SynologyDrive\SynologyDrive.app\bin\Qt5Core.dll
2018-12-17 14:06 - 2018-12-17 14:06 - 004083712 _____ (Digia Plc and/or its subsidiary(-ies)) [File not signed] C:\Users\PC\AppData\Local\SynologyDrive\SynologyDrive.app\bin\Qt5Gui.dll
2018-12-17 14:06 - 2018-12-17 14:06 - 001537536 _____ (Digia Plc and/or its subsidiary(-ies)) [File not signed] C:\Users\PC\AppData\Local\SynologyDrive\SynologyDrive.app\bin\Qt5Network.dll
2018-12-17 14:06 - 2018-12-17 14:06 - 006338560 _____ (Digia Plc and/or its subsidiary(-ies)) [File not signed] C:\Users\PC\AppData\Local\SynologyDrive\SynologyDrive.app\bin\Qt5Widgets.dll
2009-09-16 17:37 - 2009-09-16 17:37 - 000118784 _____ (Hewlett Packard) [File not signed] C:\Windows\System32\hptcpmib.dll
2009-09-16 17:38 - 2009-09-16 17:38 - 000200704 _____ (Hewlett Packard) [File not signed] C:\Windows\System32\HpTcpMon.dll
2006-10-03 09:55 - 2006-10-03 09:55 - 000139264 _____ (Hewlett Packard) [File not signed] C:\Windows\System32\hpzjrd01.dll
2017-03-29 08:24 - 2009-10-14 12:13 - 000281600 _____ (Hewlett-Packard Corporation) [File not signed] C:\Windows\system32\spool\PRTPROCS\W32X86\hpcpp093.DLL
2017-04-26 13:49 - 2011-04-13 12:08 - 000306688 _____ (Hewlett-Packard Corporation) [File not signed] C:\Windows\system32\spool\PRTPROCS\W32X86\hpcpp108.DLL
2010-08-06 10:13 - 2010-08-06 10:13 - 000044032 _____ (Hewlett-Packard) [File not signed] c:\windows\system32\hpzinw12.dll
2010-08-06 10:13 - 2010-08-06 10:13 - 000053760 _____ (Hewlett-Packard) [File not signed] c:\windows\system32\hpzipm12.dll
2018-02-12 10:27 - 2013-03-07 23:07 - 000009728 _____ (Luis Cobian) [File not signed] C:\Program Files\Cobian Backup 11\CobStringList.dll
2018-02-12 10:27 - 2013-03-07 23:27 - 002684928 _____ (Luis Cobian, CobianSoft) [File not signed] C:\Program Files\Cobian Backup 11\cbEngine.dll
2009-09-16 17:40 - 2009-09-16 17:40 - 000245760 _____ (Microsoft Corporation) [File not signed] C:\Windows\System32\HPTcpMUI.dll
2017-11-06 10:25 - 2003-06-19 01:31 - 000017920 _____ (Microsoft Corporation) [File not signed] C:\Windows\System32\mdimon.dll
2017-11-06 10:25 - 2003-06-19 01:31 - 000018944 _____ (Microsoft Corporation) [File not signed] C:\Windows\system32\spool\PRTPROCS\W32X86\mdippr.dll
2020-11-13 18:28 - 2020-11-13 18:28 - 000000000 ____L (Microsoft Corporation) C:\Program Files\AVAST Software\Avast\defs\20111302\avast.local_vc142.crt\api-ms-win-core-file-l1-2-0.dll
2020-11-13 18:28 - 2020-11-13 18:28 - 000000000 ____L (Microsoft Corporation) C:\Program Files\AVAST Software\Avast\defs\20111302\avast.local_vc142.crt\api-ms-win-core-file-l2-1-0.dll
2020-11-13 18:28 - 2020-11-13 18:28 - 000000000 ____L (Microsoft Corporation) C:\Program Files\AVAST Software\Avast\defs\20111302\avast.local_vc142.crt\api-ms-win-core-localization-l1-2-0.dll
2020-11-13 18:28 - 2020-11-13 18:28 - 000000000 ____L (Microsoft Corporation) C:\Program Files\AVAST Software\Avast\defs\20111302\avast.local_vc142.crt\api-ms-win-core-processthreads-l1-1-1.dll
2020-11-13 18:28 - 2020-11-13 18:28 - 000000000 ____L (Microsoft Corporation) C:\Program Files\AVAST Software\Avast\defs\20111302\avast.local_vc142.crt\api-ms-win-core-synch-l1-2-0.dll
2020-11-13 18:28 - 2020-11-13 18:28 - 000000000 ____L (Microsoft Corporation) C:\Program Files\AVAST Software\Avast\defs\20111302\avast.local_vc142.crt\api-ms-win-core-timezone-l1-1-0.dll
2020-11-13 18:28 - 2020-11-13 18:28 - 000000000 ____L (Microsoft Corporation) C:\Program Files\AVAST Software\Avast\defs\20111302\avast.local_vc142.crt\api-ms-win-crt-convert-l1-1-0.dll
2020-11-13 18:28 - 2020-11-13 18:28 - 000000000 ____L (Microsoft Corporation) C:\Program Files\AVAST Software\Avast\defs\20111302\avast.local_vc142.crt\api-ms-win-crt-environment-l1-1-0.dll
2020-11-13 18:28 - 2020-11-13 18:28 - 000000000 ____L (Microsoft Corporation) C:\Program Files\AVAST Software\Avast\defs\20111302\avast.local_vc142.crt\api-ms-win-crt-filesystem-l1-1-0.dll
2020-11-13 18:28 - 2020-11-13 18:28 - 000000000 ____L (Microsoft Corporation) C:\Program Files\AVAST Software\Avast\defs\20111302\avast.local_vc142.crt\api-ms-win-crt-heap-l1-1-0.dll
2020-11-13 18:28 - 2020-11-13 18:28 - 000000000 ____L (Microsoft Corporation) C:\Program Files\AVAST Software\Avast\defs\20111302\avast.local_vc142.crt\api-ms-win-crt-locale-l1-1-0.dll
2020-11-13 18:28 - 2020-11-13 18:28 - 000000000 ____L (Microsoft Corporation) C:\Program Files\AVAST Software\Avast\defs\20111302\avast.local_vc142.crt\api-ms-win-crt-math-l1-1-0.dll
2020-11-13 18:28 - 2020-11-13 18:28 - 000000000 ____L (Microsoft Corporation) C:\Program Files\AVAST Software\Avast\defs\20111302\avast.local_vc142.crt\api-ms-win-crt-multibyte-l1-1-0.dll
2020-11-13 18:28 - 2020-11-13 18:28 - 000000000 ____L (Microsoft Corporation) C:\Program Files\AVAST Software\Avast\defs\20111302\avast.local_vc142.crt\api-ms-win-crt-runtime-l1-1-0.dll
2020-11-13 18:28 - 2020-11-13 18:28 - 000000000 ____L (Microsoft Corporation) C:\Program Files\AVAST Software\Avast\defs\20111302\avast.local_vc142.crt\api-ms-win-crt-stdio-l1-1-0.dll
2020-11-13 18:28 - 2020-11-13 18:28 - 000000000 ____L (Microsoft Corporation) C:\Program Files\AVAST Software\Avast\defs\20111302\avast.local_vc142.crt\api-ms-win-crt-string-l1-1-0.dll
2020-11-13 18:28 - 2020-11-13 18:28 - 000000000 ____L (Microsoft Corporation) C:\Program Files\AVAST Software\Avast\defs\20111302\avast.local_vc142.crt\api-ms-win-crt-time-l1-1-0.dll
2020-11-13 18:28 - 2020-11-13 18:28 - 000000000 ____L (Microsoft Corporation) C:\Program Files\AVAST Software\Avast\defs\20111302\avast.local_vc142.crt\api-ms-win-crt-utility-l1-1-0.dll
2020-11-13 18:28 - 2020-11-13 18:28 - 000000000 ____L (Microsoft Corporation) C:\Program Files\AVAST Software\Avast\defs\20111302\avast.local_vc142.crt\MSVCP140.dll
2020-11-13 18:28 - 2020-11-13 18:28 - 000000000 ____L (Microsoft Corporation) C:\Program Files\AVAST Software\Avast\defs\20111302\avast.local_vc142.crt\ucrtbase.DLL
2020-11-13 18:28 - 2020-11-13 18:28 - 000000000 ____L (Microsoft Corporation) C:\Program Files\AVAST Software\Avast\defs\20111302\avast.local_vc142.crt\VCRUNTIME140.dll
2018-12-17 14:06 - 2018-12-17 14:06 - 000049152 _____ (MingW-W64 Project. All rights reserved.) [File not signed] C:\Users\PC\AppData\Local\SynologyDrive\SynologyDrive.app\bin\libwinpthread-1.dll
2017-10-18 08:21 - 2017-10-18 08:21 - 000097792 _____ (pdfforge GmbH) [File not signed] C:\Windows\System32\pdfcmon.dll
2018-12-17 14:06 - 2018-12-17 14:06 - 002520650 _____ (The OpenSSL Project, hxxp://www.openssl.org/) [File not signed] C:\Users\PC\AppData\Local\SynologyDrive\SynologyDrive.app\bin\LIBEAY32.dll
2018-12-17 14:06 - 2018-12-17 14:06 - 000571131 _____ (The OpenSSL Project, hxxp://www.openssl.org/) [File not signed] C:\Users\PC\AppData\Local\SynologyDrive\SynologyDrive.app\bin\SSLEAY32.dll
2018-12-17 14:06 - 2018-12-17 14:06 - 002531840 _____ (TODO: <Company name>) [File not signed] C:\Users\PC\AppData\Local\SynologyDrive\SynologyDrive.app\icon-overlay\20\x86\iconOverlay.dll
2015-07-14 10:02 - 2015-07-14 10:02 - 000029696 _____ (Windows (R) Win 7 DDK provider) [File not signed] C:\Windows\System32\602localmon.dll

==================== Alternate Data Streams (Whitelisted) ========

==================== Safe Mode (Whitelisted) ==================

==================== Association (Whitelisted) =================

==================== Internet Explorer (Version 11) (Whitelisted) ==========

BHO: PDF Architect 5 Helper -> {AEA429F3-D2D4-4BD7-A03E-5357DA017733} -> C:\Program Files\PDF Architect 5\creator-ie-helper.dll [2017-07-05] (pdfforge GmbH -> pdfforge GmbH)
Toolbar: HKLM - PDF Architect 5 Toolbar - {84F23192-A475-4038-B5C0-8584777F2DF4} - C:\Program Files\PDF Architect 5\creator-ie-plugin.dll [2017-07-05] (pdfforge GmbH -> pdfforge GmbH)

(If an entry is included in the fixlist, it will be removed from the registry.)

IE trusted site: HKU\S-1-5-21-656636110-7618775-4091062772-1000\...\dell.com -> dell.com

==================== Hosts content: =========================

(If needed Hosts: directive could be included in the fixlist to reset Hosts.)

2009-07-14 03:04 - 2010-04-30 14:56 - 000001798 _____ C:\Windows\system32\drivers\etc\hosts
127.0.0.1 activate.adobe.com
127.0.0.1 practivate.adobe.com
127.0.0.1 ereg.adobe.com
127.0.0.1 activate.wip3.adobe.com
127.0.0.1 wip3.adobe.com
127.0.0.1 3dns-3.adobe.com
127.0.0.1 3dns-2.adobe.com
127.0.0.1 adobe-dns.adobe.com
127.0.0.1 adobe-dns-2.adobe.com
127.0.0.1 adobe-dns-3.adobe.com
127.0.0.1 ereg.wip3.adobe.com
127.0.0.1 activate-sea.adobe.com
127.0.0.1 wwis-dubc1-vip60.adobe.com
127.0.0.1 activate-sjc0.adobe.com
127.0.0.1 adobe.activate.com
127.0.0.1 adobeereg.com
127.0.0.1 www.adobeereg.com
127.0.0.1 wwis-dubc1-vip60.adobe.com
127.0.0.1 125.252.224.90
127.0.0.1 125.252.224.91
127.0.0.1 hl2rcv.adobe.com

==================== Other Areas ===========================

(Currently there is no automatic fix for this section.)

HKU\S-1-5-21-656636110-7618775-4091062772-1000\Control Panel\Desktop\\Wallpaper -> C:\Users\PC\AppData\Roaming\Microsoft\Windows\Themes\TranscodedWallpaper.jpg
DNS Servers: 192.168.0.1
HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Policies\System => (ConsentPromptBehaviorAdmin: 5) (ConsentPromptBehaviorUser: 3) (EnableLUA: 1)
Windows Firewall is enabled.

==================== MSCONFIG/TASK MANAGER disabled items ==

(If an entry is included in the fixlist, it will be removed.)

MSCONFIG\startupfolder: C:^Users^PC^AppData^Roaming^Microsoft^Windows^Start Menu^Programs^Startup^Synology Drive.lnk => C:\Windows\pss\Synology Drive.lnk.Startup
MSCONFIG\startupreg: CCleaner Smart Cleaning => "C:\Program Files\CCleaner\CCleaner.exe" /MONITOR
MSCONFIG\startupreg: Cobian Backup 11 interface => "C:\Program Files\Cobian Backup 11\cbInterface.exe" -service
MSCONFIG\startupreg: DAEMON Tools Ultra Agent => "C:\Program Files\DAEMON Tools Ultra\DTAgent.exe" -autorun

==================== FirewallRules (Whitelisted) ================

(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)

FirewallRules: [SPPSVC-In-TCP] => (Allow) C:\Windows\system32\sppsvc.exe (Microsoft Windows -> Microsoft Corporation)
FirewallRules: [SPPSVC-In-TCP-NoScope] => (Allow) C:\Windows\system32\sppsvc.exe (Microsoft Windows -> Microsoft Corporation)
FirewallRules: [{5953388D-3565-4D00-8D6A-3E81A1F1EA2D}] => (Allow) C:\Program Files\Mozilla Firefox\firefox.exe (Mozilla Corporation -> Mozilla Corporation)
FirewallRules: [{228958DF-5558-4B86-830F-E05F79C4024A}] => (Allow) C:\Windows\Microsoft.NET\Framework\v4.0.30319\SMSvcHost.exe (Microsoft Corporation -> Microsoft Corporation)
FirewallRules: [{2ACD1DBB-BBD9-4CC5-966A-AC86D40290BE}] => (Allow) C:\Program Files\Common Files\soft602\langserv.exe (Software602 a.s. -> ) [File not signed]
FirewallRules: [{B1BA4D71-CDD9-461F-9F22-3CAF0E4AC41B}] => (Allow) C:\Program Files\Common Files\soft602\langserv.exe (Software602 a.s. -> ) [File not signed]
FirewallRules: [TCP Query User{7AEF5C23-397B-4BA5-8E17-A390286E225B}C:\users\pc\appdata\roaming\utorrent\utorrent.exe] => (Allow) C:\users\pc\appdata\roaming\utorrent\utorrent.exe (uTorrent.CZ -> BitTorrent, Inc.) [File not signed]
FirewallRules: [UDP Query User{D441D8A5-B19B-49E3-9498-9AFD8DE29EF1}C:\users\pc\appdata\roaming\utorrent\utorrent.exe] => (Allow) C:\users\pc\appdata\roaming\utorrent\utorrent.exe (uTorrent.CZ -> BitTorrent, Inc.) [File not signed]
FirewallRules: [{5BA395E5-ED4F-494C-B5A9-1002F28BEBC6}] => (Allow) C:\Program Files\TeamViewer\TeamViewer.exe (TeamViewer Germany GmbH -> TeamViewer GmbH)
FirewallRules: [{3E12DFAC-8299-4047-AE62-3F6AAF68F134}] => (Allow) C:\Program Files\TeamViewer\TeamViewer.exe (TeamViewer Germany GmbH -> TeamViewer GmbH)
FirewallRules: [{F1D41AEC-CFBF-45FC-AFCF-51E24FFE5DC0}] => (Allow) C:\Program Files\TeamViewer\TeamViewer_Service.exe (TeamViewer Germany GmbH -> TeamViewer GmbH)
FirewallRules: [{F9C86A2E-7DFD-4ACA-9057-DE438A36A42F}] => (Allow) C:\Program Files\TeamViewer\TeamViewer_Service.exe (TeamViewer Germany GmbH -> TeamViewer GmbH)
FirewallRules: [{5CC5AF3D-55B3-48ED-BBAA-9F0D6F96A277}] => (Allow) C:\Program Files\Google\Chrome\Application\chrome.exe (Google LLC -> Google LLC)
FirewallRules: [{BF79DA81-C0D4-4D35-AF55-D4706D856B06}] => (Allow) C:\Program Files\AVAST Software\Browser\Application\AvastBrowser.exe (Avast Software s.r.o. -> AVAST Software)
FirewallRules: [{4D9E67D5-9ADF-4BD9-BCBD-5E148045139D}] => (Allow) C:\Program Files\CCleaner Browser\Application\CCleanerBrowser.exe (Piriform Software Ltd -> Piriform Software)

==================== Restore Points =========================

31-10-2020 12:22:14 Windows Update
07-11-2020 12:43:56 Naplánovaný kontrolní bod
12-11-2020 17:52:03 Windows Update
12-11-2020 19:06:10 AdwCleaner_BeforeCleaning_12/11/2020_19:06:06

==================== Faulty Device Manager Devices ============

Name: NetGroup Packet Filter Driver
Description: NetGroup Packet Filter Driver
Class Guid: {8ECC055D-047F-11D1-A537-0000F8753ED1}
Manufacturer:
Service: npf
Problem: : This device is not present, is not working properly, or does not have all its drivers installed. (Code 24)
Resolution: The device is installed incorrectly. The problem could be a hardware failure, or a new driver might be needed.
Devices stay in this state if they have been prepared for removal.
After you remove the device, this error disappears.Remove the device, and this error should be resolved.

==================== Event log errors: ========================

Application errors:
==================
Error: (11/13/2020 07:03:42 PM) (Source: MsiInstaller) (EventID: 11316) (User: NT AUTHORITY)
Description: Product: CCleaner Update Helper -- Error 1316. Zadaný účet již existuje.

Error: (11/13/2020 06:37:05 PM) (Source: MsiInstaller) (EventID: 11316) (User: NT AUTHORITY)
Description: Product: CCleaner Update Helper -- Error 1316. Zadaný účet již existuje.

Error: (11/13/2020 07:03:31 AM) (Source: MsiInstaller) (EventID: 11316) (User: NT AUTHORITY)
Description: Product: CCleaner Update Helper -- Error 1316. Zadaný účet již existuje.

Error: (11/13/2020 06:03:31 AM) (Source: MsiInstaller) (EventID: 11316) (User: NT AUTHORITY)
Description: Product: CCleaner Update Helper -- Error 1316. Zadaný účet již existuje.

Error: (11/13/2020 05:03:31 AM) (Source: MsiInstaller) (EventID: 11316) (User: NT AUTHORITY)
Description: Product: CCleaner Update Helper -- Error 1316. Zadaný účet již existuje.

Error: (11/13/2020 04:03:32 AM) (Source: MsiInstaller) (EventID: 11316) (User: NT AUTHORITY)
Description: Product: CCleaner Update Helper -- Error 1316. Zadaný účet již existuje.

Error: (11/13/2020 03:03:31 AM) (Source: MsiInstaller) (EventID: 11316) (User: NT AUTHORITY)
Description: Product: CCleaner Update Helper -- Error 1316. Zadaný účet již existuje.

Error: (11/13/2020 02:03:31 AM) (Source: MsiInstaller) (EventID: 11316) (User: NT AUTHORITY)
Description: Product: CCleaner Update Helper -- Error 1316. Zadaný účet již existuje.

System errors:
=============
Error: (11/13/2020 06:25:33 PM) (Source: Service Control Manager) (EventID: 7026) (User: )
Description: Zavedení následujícího ovladače pro spouštění počítače nebo systému se nezdařilo:
cdrom

Error: (11/13/2020 06:25:00 PM) (Source: Service Control Manager) (EventID: 7000) (User: )
Description: Služba NetGroup Packet Filter Driver neuspěla při spuštění v důsledku následující chyby:
Systém nemůže nalézt uvedený soubor.

Error: (11/13/2020 07:36:20 AM) (Source: DCOM) (EventID: 10010) (User: )
Description: Server {995C996E-D918-4A8C-A302-45719A6F4EA7} se v daném časovém limitu neregistroval u služby DCOM.

Error: (11/12/2020 08:08:40 PM) (Source: Service Control Manager) (EventID: 7026) (User: )
Description: Zavedení následujícího ovladače pro spouštění počítače nebo systému se nezdařilo:
cdrom

Error: (11/12/2020 08:08:21 PM) (Source: Service Control Manager) (EventID: 7000) (User: )
Description: Služba NetGroup Packet Filter Driver neuspěla při spuštění v důsledku následující chyby:
Systém nemůže nalézt uvedený soubor.

Error: (11/12/2020 07:09:42 PM) (Source: Service Control Manager) (EventID: 7026) (User: )
Description: Zavedení následujícího ovladače pro spouštění počítače nebo systému se nezdařilo:
cdrom

Error: (11/12/2020 07:09:16 PM) (Source: Service Control Manager) (EventID: 7000) (User: )
Description: Služba NetGroup Packet Filter Driver neuspěla při spuštění v důsledku následující chyby:
Systém nemůže nalézt uvedený soubor.

Error: (11/12/2020 07:06:30 PM) (Source: Service Control Manager) (EventID: 7034) (User: )
Description: Služba PDF Architect 5 Manager byla neočekávaně ukončena. Tento stav nastal již 1krát.

==================== Memory info ===========================

BIOS: Dell Inc. A09 07/24/2012
Motherboard: Dell Inc. 0F6X5P
Processor: Intel(R) Core(TM) i3-2120 CPU @ 3.30GHz
Percentage of memory in use: 82%
Total physical RAM: 3241.06 MB
Available physical RAM: 556.31 MB
Total Virtual: 6480.49 MB
Available Virtual: 2320.91 MB

==================== Drives ================================

Drive c: () (Fixed) (Total:232.79 GB) (Free:136.85 GB) NTFS

\\?\Volume{b4f84fc4-5588-11e6-8f49-806e6f6e6963}\ (Rezervováno systémem) (Fixed) (Total:0.1 GB) (Free:0.07 GB) NTFS

==================== MBR & Partition Table ====================

==========================================================
Disk: 0 (MBR Code: Windows 7/8/10) (Size: 232.9 GB) (Disk ID: B745BB90)
Partition 1: (Active) - (Size=100 MB) - (Type=07 NTFS)
Partition 2: (Not Active) - (Size=232.8 GB) - (Type=07 NTFS)

==================== End of Addition.txt =======================

#10 Příspěvek od **Diallix** » 13 lis 2020 19:39

Super.

FRST neni kompletny, chyba hlavicka suboru s procesmi.

Kowy · #11 Příspěvek od **Kowy** » 13 lis 2020 19:50

Nový FRST, celý

Scan result of Farbar Recovery Scan Tool (FRST) (x86) Version: 11-11-2020
Ran by PC (administrator) on PC-PC (Dell Inc. OptiPlex 390) (13-11-2020 19:41:13)
Running from C:\Users\PC\Desktop
Loaded Profiles: PC
Platform: Microsoft Windows 7 Professional Service Pack 1 (X86) Language: Čeština (Česká republika)
Default browser: Chrome
Boot Mode: Normal
Tutorial for Farbar Recovery Scan Tool: http://www.geekstogo.com/forum/topic/33 ... scan-tool/

==================== Processes (Whitelisted) =================

(If an entry is included in the fixlist, the process will be closed. The file will not be moved.)

() [File not signed] C:\Program Files\Safe In Cloud\SafeInCloud.exe
(Adobe Inc. -> Adobe Inc.) C:\Program Files\Common Files\Adobe\ARM\1.0\armsvc.exe
(Avast Software s.r.o. -> AVAST Software) C:\Program Files\AVAST Software\Avast\aswEngSrv.exe
(Avast Software s.r.o. -> AVAST Software) C:\Program Files\AVAST Software\Avast\aswidsagent.exe
(Avast Software s.r.o. -> AVAST Software) C:\Program Files\AVAST Software\Avast\AvastSvc.exe
(Avast Software s.r.o. -> AVAST Software) C:\Program Files\AVAST Software\Avast\AvastUI.exe <4>
(Avast Software s.r.o. -> AVAST Software) C:\Program Files\AVAST Software\Browser\Update\1.8.1065.0\AvastBrowserCrashHandler.exe
(CobianSoft, Luis Cobian) [File not signed] C:\Program Files\Cobian Backup 11\cbVSCService11.exe
(Disc Soft Ltd -> Disc Soft Ltd) C:\Program Files\DAEMON Tools Ultra\DiscSoftBusServiceUltra.exe
(Disc Soft Ltd -> Disc Soft Ltd) C:\Program Files\DAEMON Tools Ultra\DTAgent.exe
(Disc Soft Ltd -> Disc Soft Ltd) C:\Program Files\DAEMON Tools Ultra\DTShellHlp.exe
(ESET, spol. s r.o. -> ESET) C:\Program Files\ESET\ESET Endpoint Security\egui.exe
(ESET, spol. s r.o. -> ESET) C:\Program Files\ESET\ESET Endpoint Security\ekrn.exe
(Ghisler Software GmbH -> Ghisler Software GmbH) C:\totalcmd\TOTALCMD.EXE
(Google LLC -> Google LLC) C:\Program Files\Google\Chrome\Application\chrome.exe <18>
(Google LLC -> Google LLC) C:\Program Files\Google\Update\1.3.36.32\GoogleCrashHandler.exe
(HP Inc. -> HP Inc.) C:\Program Files\Hewlett-Packard\HP Support Solutions\HPSupportSolutionsFrameworkService.exe
(Intel Corporation - pGFX -> Intel Corporation) C:\Windows\System32\hkcmd.exe
(Intel Corporation - pGFX -> Intel Corporation) C:\Windows\System32\igfxpers.exe
(Intel Corporation - pGFX -> Intel Corporation) C:\Windows\System32\igfxtray.exe
(Luis Cobian, CobianSoft) [File not signed] C:\Program Files\Cobian Backup 11\cbInterface.exe
(Luis Cobian, CobianSoft) [File not signed] C:\Program Files\Cobian Backup 11\cbService.exe
(Microsoft Windows -> Microsoft Corporation) C:\Windows\System32\dllhost.exe <3>
(pdfforge GmbH -> Â© pdfforge GmbH.) C:\Program Files\PDF Architect 5 Manager\PDF Architect 5\Architect Manager.exe
(pdfforge GmbH -> pdfforge GmbH) C:\Program Files\PDF Architect 5\creator-ws.exe
(Piriform Software Ltd -> Piriform Software Ltd) C:\Program Files\CCleaner\CCleaner.exe
(Piriform Software Ltd -> Piriform Software) C:\Program Files\CCleaner Browser\Update\1.8.1067.0\CCleanerBrowserCrashHandler.exe
(Software602 a.s. -> Software602 a.s.) C:\Program Files\Common Files\soft602\602updsvc\602updsvc.exe
(Synology Inc. -> ) [File not signed] C:\Program Files\Synology\SynologyDrive\bin\vss-service.exe
(Synology Inc. -> Synology Inc.) [File not signed] C:\Users\PC\AppData\Local\SynologyDrive\SynologyDrive.app\bin\cloud-drive-connect.exe
(Synology Inc. -> Synology Inc.) [File not signed] C:\Users\PC\AppData\Local\SynologyDrive\SynologyDrive.app\bin\cloud-drive-daemon.exe
(Synology Inc. -> Synology Inc.) [File not signed] C:\Users\PC\AppData\Local\SynologyDrive\SynologyDrive.app\bin\cloud-drive-ui.exe
(TeamViewer Germany GmbH -> TeamViewer GmbH) C:\Program Files\TeamViewer\TeamViewer.exe
(TeamViewer Germany GmbH -> TeamViewer GmbH) C:\Program Files\TeamViewer\TeamViewer_Service.exe
(TeamViewer Germany GmbH -> TeamViewer GmbH) C:\Program Files\TeamViewer\tv_w32.exe

==================== Registry (Whitelisted) ===================

(If an entry is included in the fixlist, the registry item will be restored to default or removed. The file will not be moved.)

HKLM\...\Run: [AvastUI.exe] => C:\Program Files\AVAST Software\Avast\AvLaunch.exe [98408 2020-10-31] (Avast Software s.r.o. -> AVAST Software)
HKLM\SOFTWARE\Policies\Microsoft\Windows Defender: Restriction <==== ATTENTION
HKU\S-1-5-21-656636110-7618775-4091062772-1000\...\Run: [SafeInCloud] => C:\Program Files\Safe In Cloud\SafeInCloud.exe [2337792 2019-02-13] () [File not signed]
HKU\S-1-5-21-656636110-7618775-4091062772-1000\...\MountPoints2: E - E:\SETUP.EXE
HKU\S-1-5-21-656636110-7618775-4091062772-1000\...\MountPoints2: {c96bcce9-2750-11e8-abfd-7845c4106ea3} - E:\SETUP.EXE
HKU\S-1-5-18\...\RunOnce: [SPReview] => C:\Windows\System32\SPReview\SPReview.exe [280576 2016-07-29] (Microsoft Windows -> Microsoft Corporation)
HKLM\...\Windows NT x86\Print Processors\hpcpp093: C:\Windows\System32\spool\prtprocs\W32X86\hpcpp093.DLL [281600 2009-10-14] (Hewlett-Packard Corporation) [File not signed]
HKLM\...\Windows NT x86\Print Processors\hpcpp108: C:\Windows\System32\spool\prtprocs\W32X86\hpcpp108.DLL [306688 2011-04-13] (Hewlett-Packard Corporation) [File not signed]
HKLM\...\Windows NT x86\Print Processors\ModiPrint: C:\Windows\System32\spool\prtprocs\W32X86\mdippr.dll [18944 2003-06-19] (Microsoft Corporation) [File not signed]
HKLM\...\Print\Monitors\HP Standard TCP/IP Port: C:\Windows\system32\HpTcpMon.dll [200704 2009-09-16] (Hewlett Packard) [File not signed]
HKLM\...\Print\Monitors\Microsoft Document Imaging Writer Monitor: C:\Windows\system32\mdimon.dll [17920 2003-06-19] (Microsoft Corporation) [File not signed]
HKLM\...\Print\Monitors\pdfcmon: C:\Windows\system32\pdfcmon.dll [97792 2017-10-18] (pdfforge GmbH) [File not signed]
HKLM\...\Print\Monitors\Software602 XPS port monitor: C:\Windows\system32\602localmon.dll [29696 2015-07-14] (Windows (R) Win 7 DDK provider) [File not signed]
HKLM\Software\Microsoft\Active Setup\Installed Components: [{052EB454-9F19-CB42-7875-807F79F311C4}] -> C:\Program Files\CCleaner Browser\Application\86.1.6738.114\Installer\chrmstp.exe [2020-11-12] (Piriform Software Ltd -> Piriform Software)
HKLM\Software\Microsoft\Active Setup\Installed Components: [{73FA19D0-2D75-11D2-995D-00C04F98BBC9}] ->
HKLM\Software\Microsoft\Active Setup\Installed Components: [{8A69D345-D564-463c-AFF1-A69D9E530F96}] -> C:\Program Files\Google\Chrome\Application\86.0.4240.193\Installer\chrmstp.exe [2020-11-12] (Google LLC -> Google LLC)
HKLM\Software\Microsoft\Active Setup\Installed Components: [{A6EADE66-0000-0000-484E-7E8A45000000}] -> C:\Program Files\Adobe\Acrobat Reader DC\Esl\AiodLite.dll [2020-09-11] (Adobe Inc. -> Adobe Systems, Inc.)
HKLM\Software\Microsoft\Active Setup\Installed Components: [{A8504530-742B-42BC-895D-2BAD6406F698}] -> C:\Program Files\AVAST Software\Browser\Application\86.1.6738.112\Installer\chrmstp.exe [2020-11-12] (Avast Software s.r.o. -> AVAST Software)
Lsa: [Notification Packages] scecli C:\Program Files\TrueKey\McAfeeTrueKeyPasswordFilter "C:\Program Files\TrueKey\McAfeeTrueKeyPasswordFilter"
HKLM\SOFTWARE\Policies\Mozilla\Firefox: Restriction <==== ATTENTION

==================== Scheduled Tasks (Whitelisted) ============

(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)

Task: {022A1EEA-0DDC-4E60-9D79-D6FD8675F934} - System32\Tasks\Avast Secure Browser Heartbeat Task (Hourly) => C:\Program Files\AVAST Software\Browser\Application\AvastBrowser.exe [1926680 2020-11-02] (Avast Software s.r.o. -> AVAST Software)
Task: {133049FE-C85A-46A0-A256-3736E0D3DAF6} - System32\Tasks\Avast Emergency Update => C:\Program Files\AVAST Software\Avast\AvEmUpdate.exe [3918440 2020-10-31] (Avast Software s.r.o. -> AVAST Software)
Task: {1F7B2C70-01D9-4F6E-87C7-8BF8E734D580} - System32\Tasks\CCleaner Browser Heartbeat Task (Hourly) => C:\Program Files\CCleaner Browser\Application\CCleanerBrowser.exe [1946312 2020-11-02] (Piriform Software Ltd -> Piriform Software)
Task: {314B608D-4025-4427-9EE0-5373931F61B3} - System32\Tasks\GoogleUpdateTaskMachineCore => C:\Program Files\Google\Update\GoogleUpdate.exe [153168 2017-06-07] (Google Inc -> Google Inc.)
Task: {3DBB05C0-852D-4FA6-9E03-F38E45B1AE19} - System32\Tasks\CCleanerUpdateTaskMachineUA => C:\Program Files\CCleaner Browser\Update\CCleanerBrowserUpdate.exe [200928 2020-10-31] (Piriform Software Ltd -> Piriform Software)
Task: {43E9DB6E-3B0D-4811-9BC5-D93EC3E14534} - System32\Tasks\Adobe Flash Player Updater => C:\Windows\system32\Macromed\Flash\FlashPlayerUpdateService.exe [335416 2020-11-12] (Adobe Inc. -> Adobe)
Task: {46CA06CC-F3B7-449B-8EC5-DDEA2B7432F5} - System32\Tasks\CCleaner Browser Heartbeat Task (Logon) => C:\Program Files\CCleaner Browser\Application\CCleanerBrowser.exe [1946312 2020-11-02] (Piriform Software Ltd -> Piriform Software)
Task: {5D05B4B9-3033-4DB9-8675-2A916D8A6B79} - System32\Tasks\AvastUpdateTaskMachineUA => C:\Program Files\AVAST Software\Browser\Update\AvastBrowserUpdate.exe [194200 2020-10-31] (Avast Software s.r.o. -> AVAST Software)
Task: {78EB2030-F45B-4058-9D65-E8E2644ECCAD} - System32\Tasks\Hewlett-Packard\HP Support Assistant\HP Support Assistant Quick Start => C:\Program Files\Hewlett-Packard\HP Support Framework\HPSF.exe
Task: {83ABEA7F-9ECC-461E-A433-B648BA68B000} - System32\Tasks\Avast Secure Browser Heartbeat Task (Logon) => C:\Program Files\AVAST Software\Browser\Application\AvastBrowser.exe [1926680 2020-11-02] (Avast Software s.r.o. -> AVAST Software)
Task: {83DA379F-D10B-4940-89F9-16D269A47D06} - System32\Tasks\Hewlett-Packard\HP Support Assistant\PC Health Analysis => C:\Program Files\Hewlett-Packard\HP Support Framework\HPSF.exe
Task: {8D35B152-44F3-484A-B9B5-B36C8CFA1122} - System32\Tasks\CCleanerUpdateTaskMachineCore => C:\Program Files\CCleaner Browser\Update\CCleanerBrowserUpdate.exe [200928 2020-10-31] (Piriform Software Ltd -> Piriform Software)
Task: {92161CA9-2C4A-4FAD-BE28-AB0AD208E84B} - System32\Tasks\GoogleUpdateTaskMachineUA => C:\Program Files\Google\Update\GoogleUpdate.exe [153168 2017-06-07] (Google Inc -> Google Inc.)
Task: {997EE4EE-820F-42F9-B3B2-D7F10530CE27} - System32\Tasks\AvastUpdateTaskMachineCore => C:\Program Files\AVAST Software\Browser\Update\AvastBrowserUpdate.exe [194200 2020-10-31] (Avast Software s.r.o. -> AVAST Software)
Task: {9FE5C054-BE19-4DC5-8F20-ACF1BCE8962F} - System32\Tasks\Avast Software\Overseer => C:\Program Files\Common Files\AVAST Software\Overseer\overseer.exe [1499240 2020-10-31] (Avast Software s.r.o. -> Avast Software)
Task: {A65671B7-7928-41D0-A55F-2802B6C4BB98} - System32\Tasks\Hewlett-Packard\HP Support Assistant\Product Configurator => C:\Program Files\Hewlett-Packard\HP Support Framework\Resources\ProductConfig.exe
Task: {AF2697DE-D33D-43FB-B7A7-E3F999760379} - System32\Tasks\Adobe Acrobat Update Task => C:\Program Files\Common Files\Adobe\ARM\1.0\AdobeARM.exe [1341008 2020-09-06] (Adobe Inc. -> Adobe Inc.)
Task: {B0C41C40-AB93-4D28-BE42-E64DB1E038AF} - System32\Tasks\Adobe Flash Player NPAPI Notifier => C:\Windows\system32\Macromed\Flash\FlashUtil32_32_0_0_453_Plugin.exe [1502776 2020-11-12] (Adobe Inc. -> Adobe)
Task: {BCF50786-B9AD-4566-BA41-E8EE19525B84} - System32\Tasks\Hewlett-Packard\HP Support Assistant\HP Support Solutions Framework Report => C:\Program Files\Hewlett-Packard\HP Support Solutions\Modules\HPSFReport.exe [107368 2016-12-21] (HP Inc. -> HP Inc.)
Task: {D7DCBF69-828D-45BC-AB8F-850CBA899628} - System32\Tasks\CCleaner Update => C:\Program Files\CCleaner\CCUpdate.exe [686384 2020-11-10] (Piriform Software Ltd -> Piriform Software Ltd)
Task: {E2DCA6AA-74AF-49B2-89FD-CAD9942B7416} - System32\Tasks\Hewlett-Packard\HP Support Assistant\HP Support Solutions Framework Updater => C:\Program Files\Hewlett-Packard\HP Support Solutions\Modules\HPSSFUpdater.exe [651400 2017-09-20] (Hewlett Packard -> HP Inc.)
Task: {FD929B77-72A8-4280-9077-992E205B9963} - System32\Tasks\CCleanerSkipUAC => C:\Program Files\CCleaner\CCleaner.exe [26781880 2020-11-10] (Piriform Software Ltd -> Piriform Software Ltd)

(If an entry is included in the fixlist, the task (.job) file will be moved. The file which is running by the task will not be moved.)

==================== Internet (Whitelisted) ====================

(If an item is included in the fixlist, if it is a registry item it will be removed or restored to default.)

Hosts: There are more than one entry in Hosts. See Hosts section of Addition.txt
Tcpip\Parameters: [DhcpNameServer] 192.168.0.1
Tcpip\..\Interfaces\{77119A74-DD67-4A64-88AB-F09A043C43BF}: [DhcpNameServer] 192.168.0.1

Edge:
======
Edge Profile: C:\Users\PC\AppData\Local\Microsoft\Edge\User Data\Default [2020-11-12]
Edge HomePage: Default -> hxxp://go.microsoft.com/fwlink/?LinkId=69157

FireFox:
========
FF DefaultProfile: 3qzsf14o.default-1496819535780
FF ProfilePath: C:\Users\PC\AppData\Roaming\Mozilla\Firefox\Profiles\3qzsf14o.default-1496819535780 [2020-11-13]
FF Extension: (SafeInCloud Password Manager) - C:\Users\PC\AppData\Roaming\Mozilla\Firefox\Profiles\3qzsf14o.default-1496819535780\Extensions\info@safe-in-cloud.com.xpi [2020-03-26]
FF Extension: (Video DownloadHelper) - C:\Users\PC\AppData\Roaming\Mozilla\Firefox\Profiles\3qzsf14o.default-1496819535780\Extensions\{b9db16a4-6edc-47ec-a1f4-b86292ed211d}.xpi [2020-03-31]
FF HKLM\...\Thunderbird\Extensions: [eplgTb@eset.com] - C:\Program Files\ESET\ESET Smart Security\Mozilla Thunderbird => not found
FF Plugin: @adobe.com/FlashPlayer -> C:\Windows\system32\Macromed\Flash\NPSWF32_32_0_0_453.dll [2020-11-12] (Adobe Inc. -> )
FF Plugin: @software602.cz/602XML Filler -> C:\Program Files\Software602\602XML\Filler\npfiller.dll [2012-08-06] (Software602 a.s. -> Software602 a.s.)
FF Plugin: @update.avastbrowser.com/Avast Browser;version=3 -> C:\Program Files\AVAST Software\Browser\Update\1.8.1065.0\npAvastBrowserUpdate3.dll [2020-10-31] (Avast Software s.r.o. -> AVAST Software)
FF Plugin: @update.avastbrowser.com/Avast Browser;version=9 -> C:\Program Files\AVAST Software\Browser\Update\1.8.1065.0\npAvastBrowserUpdate3.dll [2020-10-31] (Avast Software s.r.o. -> AVAST Software)
FF Plugin: @update.ccleanerbrowser.com/CCleaner Browser;version=3 -> C:\Program Files\CCleaner Browser\Update\1.8.1067.0\npCCleanerBrowserUpdate3.dll [2020-10-31] (Piriform Software Ltd -> Piriform Software)
FF Plugin: @update.ccleanerbrowser.com/CCleaner Browser;version=9 -> C:\Program Files\CCleaner Browser\Update\1.8.1067.0\npCCleanerBrowserUpdate3.dll [2020-10-31] (Piriform Software Ltd -> Piriform Software)
FF Plugin: Adobe Reader -> C:\Program Files\Adobe\Acrobat Reader DC\Reader\AIR\nppdf32.dll [2020-10-22] (Adobe Inc. -> Adobe Systems Inc.)
FF Plugin: PDF Architect 5 -> C:\Program Files\PDF Architect 5\np-previewer.dll [2017-07-05] (pdfforge GmbH -> pdfforge GmbH)

Chrome:
=======
CHR Profile: C:\Users\PC\AppData\Local\Google\Chrome\User Data\Default [2020-11-13]
CHR Extension: (Prezentace) - C:\Users\PC\AppData\Local\Google\Chrome\User Data\Default\Extensions\aapocclcgogkmnckokdopfmhonfmgoek [2017-10-16]
CHR Extension: (Dokumenty) - C:\Users\PC\AppData\Local\Google\Chrome\User Data\Default\Extensions\aohghmighlieiainnegkcijnfilokake [2017-10-16]
CHR Extension: (Disk Google) - C:\Users\PC\AppData\Local\Google\Chrome\User Data\Default\Extensions\apdfllckaahabafndbhieahigkjlhalf [2020-10-31]
CHR Extension: (YouTube) - C:\Users\PC\AppData\Local\Google\Chrome\User Data\Default\Extensions\blpcfgokakmgnkcojhhkbfbldkacnbeo [2017-06-07]
CHR Extension: (Adobe Acrobat) - C:\Users\PC\AppData\Local\Google\Chrome\User Data\Default\Extensions\efaidnbmnnnibpcajpcglclefindmkaj [2020-10-31]
CHR Extension: (Tabulky) - C:\Users\PC\AppData\Local\Google\Chrome\User Data\Default\Extensions\felcaaldnbdncclmgdcncolpebgiejap [2017-10-16]
CHR Extension: (Dokumenty Google offline) - C:\Users\PC\AppData\Local\Google\Chrome\User Data\Default\Extensions\ghbmnnjooekpmoecnnnilnnbdlolhkhi [2020-11-13]
CHR Extension: (SafeInCloud Password Manager) - C:\Users\PC\AppData\Local\Google\Chrome\User Data\Default\Extensions\lchdigjbcmdgcfeijpfkpadacbijihjl [2020-10-31]
CHR Extension: (Platby Internetového obchodu Chrome) - C:\Users\PC\AppData\Local\Google\Chrome\User Data\Default\Extensions\nmmhkkegccagdldgiimedpiccmgmieda [2020-03-24]
CHR Extension: (Gmail) - C:\Users\PC\AppData\Local\Google\Chrome\User Data\Default\Extensions\pjkljhegncpnkpknbcohdijeoejaedia [2020-10-31]
CHR Extension: (Chrome Media Router) - C:\Users\PC\AppData\Local\Google\Chrome\User Data\Default\Extensions\pkedcjkdefgpdelpbcmbmeomcjbeemfm [2020-11-12]
CHR HKLM\...\Chrome\Extension: [efaidnbmnnnibpcajpcglclefindmkaj]

==================== Services (Whitelisted) ===================

(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)

R2 602XML Updater; C:\Program Files\Common Files\soft602\602updsvc\602updsvc.exe [85344 2011-10-10] (Software602 a.s. -> Software602 a.s.)
R2 AdobeARMservice; C:\Program Files\Common Files\Adobe\ARM\1.0\armsvc.exe [169544 2020-09-06] (Adobe Inc. -> Adobe Inc.)
S3 AdobeFlashPlayerUpdateSvc; C:\Windows\system32\Macromed\Flash\FlashPlayerUpdateService.exe [335416 2020-11-12] (Adobe Inc. -> Adobe)
R3 aswbIDSAgent; C:\Program Files\AVAST Software\Avast\aswidsagent.exe [7522208 2020-10-31] (Avast Software s.r.o. -> AVAST Software)
S2 avast; C:\Program Files\AVAST Software\Browser\Update\AvastBrowserUpdate.exe [194200 2020-10-31] (Avast Software s.r.o. -> AVAST Software)
R2 avast! Antivirus; C:\Program Files\AVAST Software\Avast\AvastSvc.exe [332344 2020-10-31] (Avast Software s.r.o. -> AVAST Software)
S3 avastm; C:\Program Files\AVAST Software\Browser\Update\AvastBrowserUpdate.exe [194200 2020-10-31] (Avast Software s.r.o. -> AVAST Software)
S3 AvastSecureBrowserElevationService; C:\Program Files\AVAST Software\Browser\Application\86.1.6738.112\elevation_service.exe [1136920 2020-11-02] (Avast Software s.r.o. -> AVAST Software)
R2 cbVSCService11; C:\Program Files\Cobian Backup 11\cbVSCService11.exe [67584 2013-03-07] (CobianSoft, Luis Cobian) [File not signed]
S2 ccleaner; C:\Program Files\CCleaner Browser\Update\CCleanerBrowserUpdate.exe [200928 2020-10-31] (Piriform Software Ltd -> Piriform Software)
S3 CCleanerBrowserElevationService; C:\Program Files\CCleaner Browser\Application\86.1.6738.114\elevation_service.exe [1136920 2020-11-02] (Piriform Software Ltd -> Piriform Software)
S3 ccleanerm; C:\Program Files\CCleaner Browser\Update\CCleanerBrowserUpdate.exe [200928 2020-10-31] (Piriform Software Ltd -> Piriform Software)
R2 CobianBackup11; C:\Program Files\Cobian Backup 11\cbService.exe [1131008 2013-03-07] (Luis Cobian, CobianSoft) [File not signed]
S3 cphs; C:\Windows\system32\IntelCpHeciSvc.exe [290224 2015-06-01] (Intel Corporation - pGFX -> Intel Corporation)
R3 Disc Soft Ultra Bus Service; C:\Program Files\DAEMON Tools Ultra\DiscSoftBusServiceUltra.exe [4848832 2018-02-15] (Disc Soft Ltd -> Disc Soft Ltd)
R2 ekrn; C:\Program Files\ESET\ESET Endpoint Security\ekrn.exe [2002480 2017-02-24] (ESET, spol. s r.o. -> ESET)
R2 HPSupportSolutionsFrameworkService; C:\Program Files\Hewlett-Packard\HP Support Solutions\HPSupportSolutionsFrameworkService.exe [31776 2016-12-07] (HP Inc. -> HP Inc.)
S3 LiveUpdate; C:\Program Files\Symantec\LiveUpdate\LuComServer_3_2.EXE [2541248 2006-10-31] (Symantec Corporation -> Symantec Corporation)
R2 Net Driver HPZ12; C:\Windows\system32\HPZinw12.dll [44032 2010-08-06] (Hewlett-Packard) [File not signed]
S3 PDF Architect 5; C:\Program Files\PDF Architect 5\ws.exe [2470576 2017-07-05] (pdfforge GmbH -> pdfforge GmbH)
S3 PDF Architect 5 CrashHandler; C:\Program Files\PDF Architect 5\crash-handler-ws.exe [982200 2017-07-05] (pdfforge GmbH -> pdfforge GmbH)
R2 PDF Architect 5 Creator; C:\Program Files\PDF Architect 5\creator-ws.exe [780984 2017-07-05] (pdfforge GmbH -> pdfforge GmbH)
R2 PDF Architect 5 Manager; C:\Program Files\PDF Architect 5 Manager\PDF Architect 5\Architect Manager.exe [985848 2017-05-16] (pdfforge GmbH -> Â© pdfforge GmbH.)
R2 Pml Driver HPZ12; C:\Windows\system32\HPZipm12.dll [53760 2010-08-06] (Hewlett-Packard) [File not signed]
R2 Synology Drive VSS Service; C:\Program Files\Synology\SynologyDrive\bin\vss-service.exe [247320 2018-09-03] (Synology Inc. -> ) [File not signed]
R2 TeamViewer; C:\Program Files\TeamViewer\TeamViewer_Service.exe [11481104 2020-07-13] (TeamViewer Germany GmbH -> TeamViewer GmbH)
S3 WinDefend; C:\Program Files\Windows Defender\mpsvc.dll [680960 2013-05-27] (Microsoft Windows -> Microsoft Corporation)

===================== Drivers (Whitelisted) ===================

(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)

R0 aswArDisk; C:\Windows\System32\drivers\aswArDisk.sys [35040 2020-10-31] (Avast Software s.r.o. -> AVAST Software)
R1 aswArPot; C:\Windows\System32\drivers\aswArPot.sys [175776 2020-10-31] (Avast Software s.r.o. -> AVAST Software)
R1 aswbidsdriver; C:\Windows\System32\drivers\aswbidsdriver.sys [189520 2020-10-31] (Avast Software s.r.o. -> AVAST Software)
R0 aswbidsh; C:\Windows\System32\drivers\aswbidsh.sys [154696 2020-10-31] (Avast Software s.r.o. -> AVAST Software)
R0 aswbuniv; C:\Windows\System32\drivers\aswbuniv.sys [55888 2020-10-31] (Avast Software s.r.o. -> AVAST Software)
R1 aswKbd; C:\Windows\System32\drivers\aswKbd.sys [40736 2020-10-31] (Avast Software s.r.o. -> AVAST Software)
R2 aswMonFlt; C:\Windows\System32\drivers\aswMonFlt.sys [147712 2020-10-31] (Avast Software s.r.o. -> AVAST Software)
R1 aswNetHub; C:\Windows\System32\drivers\aswNetHub.sys [375192 2020-10-31] (Avast Software s.r.o. -> AVAST Software)
R3 aswNetNd6; C:\Windows\System32\DRIVERS\aswNetNd6.sys [36104 2020-10-31] (AVAST Software s.r.o. -> AVAST Software)
R1 aswRdr; C:\Windows\System32\drivers\aswRdr2.sys [94192 2020-10-31] (Avast Software s.r.o. -> AVAST Software)
R0 aswRvrt; C:\Windows\System32\drivers\aswRvrt.sys [72840 2020-10-31] (Avast Software s.r.o. -> AVAST Software)
R1 aswSnx; C:\Windows\System32\drivers\aswSnx.sys [691064 2020-10-31] (Avast Software s.r.o. -> AVAST Software)
R1 aswSP; C:\Windows\System32\drivers\aswSP.sys [396616 2020-10-31] (Avast Software s.r.o. -> AVAST Software)
R2 aswStm; C:\Windows\System32\drivers\aswStm.sys [163312 2020-10-31] (Avast Software s.r.o. -> AVAST Software)
R0 aswVmm; C:\Windows\System32\drivers\aswVmm.sys [277960 2020-10-31] (Avast Software s.r.o. -> AVAST Software)
R3 dtultrascsibus; C:\Windows\System32\DRIVERS\dtultrascsibus.sys [26168 2018-03-14] (Disc Soft Ltd -> Disc Soft Ltd)
R3 dtultrausbbus; C:\Windows\System32\DRIVERS\dtultrausbbus.sys [40504 2018-03-14] (Disc Soft Ltd -> Disc Soft Ltd)
R1 eamonm; C:\Windows\System32\DRIVERS\eamonm.sys [215336 2017-02-09] (ESET, spol. s r.o. -> ESET)
R1 ehdrv; C:\Windows\System32\DRIVERS\ehdrv.sys [160736 2017-02-09] (ESET, spol. s r.o. -> ESET)
R1 epfw; C:\Windows\System32\DRIVERS\epfw.sys [121224 2017-02-09] (ESET, spol. s r.o. -> ESET)
U1 EpfwLWF; C:\Windows\System32\DRIVERS\EpfwLWF.sys [52680 2017-02-09] (ESET, spol. s r.o. -> ESET)
R1 epfwwfp; C:\Windows\System32\DRIVERS\epfwwfp.sys [86952 2017-02-09] (ESET, spol. s r.o. -> ESET)
R3 MEI; C:\Windows\System32\DRIVERS\HECI.sys [41088 2011-04-20] (Microsoft Windows Hardware Compatibility Publisher -> Intel Corporation)
U5 VWiFiFlt; C:\Windows\System32\Drivers\VWiFiFlt.sys [48128 2009-07-14] (Microsoft Windows -> Microsoft Corporation)
S3 WDC_SAM; C:\Windows\System32\DRIVERS\wdcsam.sys [20256 2015-04-29] (Microsoft Windows Hardware Compatibility Publisher -> Western Digital Technologies)
S2 npf; \??\C:\Windows\system32\drivers\npf.sys [X]

==================== NetSvcs (Whitelisted) ===================

(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)

==================== One month (created) ===================

(If an entry is included in the fixlist, the file/folder will be moved.)

2020-11-13 19:22 - 2020-11-13 19:42 - 000024251 _____ C:\Users\PC\Desktop\FRST.txt
2020-11-13 18:54 - 2020-11-13 18:54 - 000000000 ____D C:\Windows\pss
2020-11-13 18:50 - 2020-11-13 18:51 - 028438545 _____ C:\Users\PC\Downloads\ccsetup574.zip
2020-11-13 18:40 - 2020-11-13 19:25 - 000033322 _____ C:\Users\PC\Desktop\Addition.txt
2020-11-12 19:38 - 2020-11-13 19:41 - 000000000 ____D C:\FRST
2020-11-12 19:37 - 2020-11-12 19:37 - 002012160 _____ (Farbar) C:\Users\PC\Downloads\FRST.exe
2020-11-12 19:37 - 2020-11-12 19:37 - 002012160 _____ (Farbar) C:\Users\PC\Desktop\FRST.exe
2020-11-12 19:01 - 2020-11-12 19:06 - 000000000 ____D C:\AdwCleaner
2020-11-12 18:59 - 2020-11-12 18:59 - 008447152 _____ (Malwarebytes) C:\Users\PC\Downloads\adwcleaner_8.0.8.exe
2020-11-12 18:59 - 2020-11-12 18:59 - 008447152 _____ (Malwarebytes) C:\Users\PC\Desktop\adwcleaner_8.0.8.exe
2020-11-12 18:43 - 2020-11-12 20:34 - 000000000 ____D C:\Program Files\trend micro
2020-11-12 18:43 - 2020-11-12 18:45 - 000000000 ____D C:\rsit
2020-11-12 18:43 - 2020-11-12 18:43 - 001107968 _____ C:\Users\PC\Desktop\RSIT (1).exe
2020-11-12 18:42 - 2020-11-12 18:42 - 001107968 _____ C:\Users\PC\Downloads\RSIT.exe
2020-11-12 17:39 - 2020-11-12 17:39 - 030469496 _____ (Piriform Software Ltd) C:\Users\PC\Downloads\ccsetup574.exe
2020-10-31 15:22 - 2020-11-07 10:47 - 000000000 ____D C:\Users\PC\AppData\Roaming\DidaktaCZ
2020-10-31 15:22 - 2020-10-31 15:22 - 000002081 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Programs\DidaktaCZ.lnk
2020-10-31 15:22 - 2020-10-31 15:22 - 000002069 _____ C:\Users\Public\Desktop\DidaktaCZ.lnk
2020-10-31 15:22 - 2020-10-31 15:22 - 000002069 _____ C:\ProgramData\Desktop\DidaktaCZ.lnk
2020-10-31 15:22 - 2020-10-31 15:22 - 000000000 ____D C:\Program Files\DidaktaCZ
2020-10-31 15:21 - 2020-10-31 15:21 - 058698429 _____ C:\Users\PC\Downloads\DidaktaCZ-Setup-1.0.0.zip
2020-10-31 12:57 - 2020-11-13 03:40 - 000002167 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Microsoft Edge.lnk
2020-10-31 12:57 - 2020-11-13 03:40 - 000002126 _____ C:\Users\Public\Desktop\Microsoft Edge.lnk
2020-10-31 12:57 - 2020-11-13 03:40 - 000002126 _____ C:\ProgramData\Desktop\Microsoft Edge.lnk
2020-10-31 12:56 - 2020-11-07 20:45 - 000003472 _____ C:\Windows\system32\Tasks\MicrosoftEdgeUpdateTaskMachineUA
2020-10-31 12:56 - 2020-11-07 20:45 - 000003344 _____ C:\Windows\system32\Tasks\MicrosoftEdgeUpdateTaskMachineCore
2020-10-31 11:48 - 2020-10-31 11:59 - 000375192 _____ (AVAST Software) C:\Windows\system32\Drivers\aswNetHub.sys
2020-10-31 11:48 - 2020-10-31 11:46 - 000163312 _____ (AVAST Software) C:\Windows\system32\Drivers\aswStm.sys
2020-10-31 11:48 - 2020-10-31 11:46 - 000147712 _____ (AVAST Software) C:\Windows\system32\Drivers\aswMonFlt.sys
2020-10-31 11:48 - 2020-10-31 11:45 - 000285280 _____ (AVAST Software) C:\Windows\system32\aswBoot.exe
2020-10-31 11:46 - 2020-10-31 11:46 - 000036104 _____ (AVAST Software) C:\Windows\system32\Drivers\aswNetNd6.sys
2020-10-31 11:42 - 2020-10-31 11:42 - 029853224 _____ (Piriform Software Ltd) C:\Users\PC\Downloads\ccsetup573.exe

==================== One month (modified) ==================

(If an entry is included in the fixlist, the file/folder will be moved.)

2020-11-13 18:57 - 2020-03-26 23:19 - 000000000 ____D C:\Users\PC\AppData\Local\AVAST Software
2020-11-13 18:57 - 2009-07-14 05:34 - 000028928 ____H C:\Windows\system32\7B296FB0-376B-497e-B012-9C450E1B7327-5P-1.C7483456-A289-439d-8115-601632D005A0
2020-11-13 18:57 - 2009-07-14 05:34 - 000028928 ____H C:\Windows\system32\7B296FB0-376B-497e-B012-9C450E1B7327-5P-0.C7483456-A289-439d-8115-601632D005A0
2020-11-13 18:52 - 2020-03-28 19:54 - 000000000 ____D C:\Users\PC\Instal
2020-11-13 18:44 - 2017-12-22 07:55 - 000000000 ____D C:\Users\PC\AppData\Local\SafeInCloud
2020-11-13 18:42 - 2019-06-03 15:35 - 000000000 ____D C:\Program Files\CCleaner
2020-11-13 18:41 - 2017-03-29 08:24 - 000000000 ____D C:\ProgramData\Hewlett-Packard
2020-11-13 18:28 - 2020-03-26 23:13 - 000004168 _____ C:\Windows\system32\Tasks\Avast Emergency Update
2020-11-13 18:28 - 2018-12-17 14:08 - 000000000 ___RD C:\Users\PC\Documents\SynologyDrive
2020-11-13 18:28 - 2018-12-17 14:06 - 000000000 ____D C:\Users\PC\AppData\Local\SynologyDrive
2020-11-13 18:27 - 2020-03-26 23:12 - 000000000 ____D C:\ProgramData\AVAST Software
2020-11-13 18:27 - 2016-07-29 14:47 - 000000000 ____D C:\Users\PC
2020-11-13 18:25 - 2017-05-26 13:07 - 000000000 ____D C:\Program Files\TeamViewer
2020-11-13 18:24 - 2009-07-14 05:53 - 000000006 ____H C:\Windows\Tasks\SA.DAT
2020-11-12 23:09 - 2020-03-31 16:45 - 000003714 _____ C:\Windows\system32\Tasks\CCleaner Browser Heartbeat Task (Hourly)
2020-11-12 23:09 - 2020-03-31 16:45 - 000002268 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Programs\CCleaner Browser.lnk
2020-11-12 23:09 - 2020-03-31 16:45 - 000002225 _____ C:\Users\Public\Desktop\CCleaner Browser.lnk
2020-11-12 23:09 - 2020-03-31 16:45 - 000002225 _____ C:\ProgramData\Desktop\CCleaner Browser.lnk
2020-11-12 23:09 - 2020-03-31 16:43 - 000000000 ____D C:\Program Files\CCleaner Browser
2020-11-12 19:06 - 2017-03-29 09:46 - 000000000 ____D C:\Users\PC\AppData\Roaming\Hewlett-Packard
2020-11-12 19:06 - 2017-03-29 08:01 - 000000000 ____D C:\Users\PC\AppData\Local\Hewlett-Packard
2020-11-12 19:06 - 2017-03-29 07:59 - 000000000 ____D C:\Program Files\Hewlett-Packard
2020-11-12 18:28 - 2020-03-26 23:19 - 000003720 _____ C:\Windows\system32\Tasks\Avast Secure Browser Heartbeat Task (Hourly)
2020-11-12 18:28 - 2020-03-26 23:19 - 000002375 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Avast Secure Browser.lnk
2020-11-12 18:28 - 2020-03-26 23:19 - 000002332 _____ C:\Users\Public\Desktop\Avast Secure Browser.lnk
2020-11-12 18:28 - 2020-03-26 23:19 - 000002332 _____ C:\ProgramData\Desktop\Avast Secure Browser.lnk
2020-11-12 18:23 - 2017-06-07 08:42 - 000002170 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Google Chrome.lnk
2020-11-12 18:23 - 2017-06-07 08:42 - 000002129 _____ C:\Users\Public\Desktop\Google Chrome.lnk
2020-11-12 18:23 - 2017-06-07 08:42 - 000002129 _____ C:\ProgramData\Desktop\Google Chrome.lnk
2020-11-12 17:57 - 2016-07-29 16:44 - 000000000 ____D C:\Windows\system32\MRT
2020-11-12 17:53 - 2016-07-29 16:44 - 131089152 ____C (Microsoft Corporation) C:\Windows\system32\MRT.exe
2020-11-12 17:47 - 2018-07-13 19:28 - 000000000 ____D C:\Users\PC\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\MÚZO Praha s.r.o
2020-11-12 17:47 - 2016-08-02 13:18 - 000000000 ____D C:\Users\PC\AppData\Local\Deployment
2020-11-12 17:41 - 2019-06-03 15:35 - 000003870 _____ C:\Windows\system32\Tasks\CCleaner Update
2020-11-12 17:41 - 2019-06-03 15:35 - 000000961 _____ C:\Users\Public\Desktop\CCleaner.lnk
2020-11-12 17:41 - 2019-06-03 15:35 - 000000961 _____ C:\ProgramData\Desktop\CCleaner.lnk
2020-11-12 17:37 - 2018-03-15 09:37 - 000004516 _____ C:\Windows\system32\Tasks\Adobe Flash Player NPAPI Notifier
2020-11-12 17:37 - 2017-05-18 13:33 - 000004408 _____ C:\Windows\system32\Tasks\Adobe Flash Player Updater
2020-11-12 17:37 - 2017-04-17 13:03 - 000002029 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Acrobat Reader DC.lnk
2020-11-12 17:37 - 2017-04-11 19:10 - 000842296 _____ (Adobe) C:\Windows\system32\FlashPlayerApp.exe
2020-11-12 17:37 - 2017-04-11 19:10 - 000175160 _____ (Adobe) C:\Windows\system32\FlashPlayerCPLApp.cpl
2020-11-12 17:37 - 2017-04-11 19:10 - 000000000 ____D C:\Windows\system32\Macromed
2020-11-07 20:45 - 2020-03-31 16:45 - 000003132 _____ C:\Windows\system32\Tasks\CCleaner Browser Heartbeat Task (Logon)
2020-11-07 20:45 - 2020-03-31 16:44 - 000003426 _____ C:\Windows\system32\Tasks\CCleanerUpdateTaskMachineUA
2020-11-07 20:45 - 2020-03-31 16:44 - 000003298 _____ C:\Windows\system32\Tasks\CCleanerUpdateTaskMachineCore
2020-11-07 20:45 - 2019-06-03 15:35 - 000002796 _____ C:\Windows\system32\Tasks\CCleanerSkipUAC
2020-11-07 20:45 - 2017-06-07 08:41 - 000003374 _____ C:\Windows\system32\Tasks\GoogleUpdateTaskMachineUA
2020-11-07 20:45 - 2017-06-07 08:41 - 000003246 _____ C:\Windows\system32\Tasks\GoogleUpdateTaskMachineCore
2020-11-07 20:45 - 2017-03-31 07:44 - 000004464 _____ C:\Windows\system32\Tasks\Adobe Acrobat Update Task
2020-11-07 16:34 - 2020-03-26 23:13 - 000000000 ____D C:\Windows\system32\Tasks\Avast Software
2020-11-07 11:14 - 2016-07-29 23:32 - 000668542 _____ C:\Windows\system32\perfh005.dat
2020-11-07 11:14 - 2016-07-29 23:32 - 000141202 _____ C:\Windows\system32\perfc005.dat
2020-11-07 11:14 - 2016-07-29 13:42 - 001583226 _____ C:\Windows\system32\PerfStringBackup.INI
2020-11-07 11:14 - 2009-07-14 03:37 - 000000000 ____D C:\Windows\inf
2020-10-31 11:59 - 2019-01-27 06:38 - 000000000 ____D C:\Windows\Minidump
2020-10-31 11:58 - 2020-03-26 23:19 - 000003414 _____ C:\Windows\system32\Tasks\AvastUpdateTaskMachineUA
2020-10-31 11:58 - 2020-03-26 23:19 - 000003286 _____ C:\Windows\system32\Tasks\AvastUpdateTaskMachineCore
2020-10-31 11:57 - 2018-07-02 13:50 - 000000929 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Programs\TeamViewer 13.lnk
2020-10-31 11:57 - 2018-07-02 13:50 - 000000917 _____ C:\Users\Public\Desktop\TeamViewer 13.lnk
2020-10-31 11:57 - 2018-07-02 13:50 - 000000917 _____ C:\ProgramData\Desktop\TeamViewer 13.lnk
2020-10-31 11:46 - 2020-03-26 23:13 - 000396616 _____ (AVAST Software) C:\Windows\system32\Drivers\aswSP.sys
2020-10-31 11:46 - 2020-03-26 23:13 - 000277960 _____ (AVAST Software) C:\Windows\system32\Drivers\aswVmm.sys
2020-10-31 11:46 - 2020-03-26 23:13 - 000154696 _____ (AVAST Software) C:\Windows\system32\Drivers\aswbidsh.sys
2020-10-31 11:46 - 2020-03-26 23:13 - 000094192 _____ (AVAST Software) C:\Windows\system32\Drivers\aswRdr2.sys
2020-10-31 11:46 - 2020-03-26 23:13 - 000072840 _____ (AVAST Software) C:\Windows\system32\Drivers\aswRvrt.sys
2020-10-31 11:46 - 2020-03-26 23:13 - 000055888 _____ (AVAST Software) C:\Windows\system32\Drivers\aswbuniv.sys
2020-10-31 11:46 - 2020-03-26 23:13 - 000040736 _____ (AVAST Software) C:\Windows\system32\Drivers\aswKbd.sys
2020-10-31 11:44 - 2020-03-26 23:13 - 000691064 _____ (AVAST Software) C:\Windows\system32\Drivers\aswSnx.sys
2020-10-31 11:44 - 2020-03-26 23:13 - 000189520 _____ (AVAST Software) C:\Windows\system32\Drivers\aswbidsdriver.sys
2020-10-31 11:44 - 2020-03-26 23:13 - 000175776 _____ (AVAST Software) C:\Windows\system32\Drivers\aswArPot.sys
2020-10-31 11:44 - 2020-03-26 23:13 - 000035040 _____ (AVAST Software) C:\Windows\system32\Drivers\aswArDisk.sys

==================== Files in the root of some directories ========

2016-08-01 16:02 - 2016-08-01 16:02 - 000007627 _____ () C:\Users\PC\AppData\Local\Resmon.ResmonCfg

==================== SigCheck ============================

(There is no automatic fix for files that do not pass verification.)

LastRegBack: 2020-11-13 00:38
==================== End of FRST.txt ========================

#12 Příspěvek od **Diallix** » 13 lis 2020 22:02

Mate nainstalovane Avast a Eset. Jeden z AV odinstalujte.

Do poznamkoveho bloku skopirujte obsah dole:

Kód: Vybrat vše

HKLM\SOFTWARE\Policies\Microsoft\Windows Defender: Restriction <==== ATTENTION
HKU\S-1-5-21-656636110-7618775-4091062772-1000\...\MountPoints2: E - E:\SETUP.EXE
HKU\S-1-5-21-656636110-7618775-4091062772-1000\...\MountPoints2: {c96bcce9-2750-11e8-abfd-7845c4106ea3} - E:\SETUP.EXE
HKLM\Software\Microsoft\Active Setup\Installed Components: [{73FA19D0-2D75-11D2-995D-00C04F98BBC9}] ->
HKLM\SOFTWARE\Policies\Mozilla\Firefox: Restriction <==== ATTENTION
Task: {314B608D-4025-4427-9EE0-5373931F61B3} - System32\Tasks\GoogleUpdateTaskMachineCore => C:\Program Files\Google\Update\GoogleUpdate.exe [153168 2017-06-07] (Google Inc -> Google Inc.)
Task: {92161CA9-2C4A-4FAD-BE28-AB0AD208E84B} - System32\Tasks\GoogleUpdateTaskMachineUA => C:\Program Files\Google\Update\GoogleUpdate.exe [153168 2017-06-07] (Google Inc -> Google Inc.)

EmptyTemp:
Hosts:

Poznamkovy blok ulozte pod nazvom fixlist.txt do umiestnenia kde je FRST.
Spustite FRST a odkliknite tlacidlo: Fix
Vykona sa funkcionalita po ktorej sa pocitac rebootuje. Po reboote sem vlozte obsah logu: fixlog.txt ulozeneho v umiestneni FRST.

Kowy · #13 Příspěvek od **Kowy** » 14 lis 2020 11:03

Eset mi právě nešel normálně odinstalovat, ale povedlo se ručně pomocí esetuninstaller.

Fix result of Farbar Recovery Scan Tool (x86) Version: 11-11-2020
Ran by PC (14-11-2020 10:48:14) Run:1
Running from C:\Users\PC\Desktop
Loaded Profiles: PC
Boot Mode: Normal

==============================================

fixlist content:
*****************
HKLM\SOFTWARE\Policies\Microsoft\Windows Defender: Restriction <==== ATTENTION
HKU\S-1-5-21-656636110-7618775-4091062772-1000\...\MountPoints2: E - E:\SETUP.EXE
HKU\S-1-5-21-656636110-7618775-4091062772-1000\...\MountPoints2: {c96bcce9-2750-11e8-abfd-7845c4106ea3} - E:\SETUP.EXE
HKLM\Software\Microsoft\Active Setup\Installed Components: [{73FA19D0-2D75-11D2-995D-00C04F98BBC9}] ->
HKLM\SOFTWARE\Policies\Mozilla\Firefox: Restriction <==== ATTENTION
Task: {314B608D-4025-4427-9EE0-5373931F61B3} - System32\Tasks\GoogleUpdateTaskMachineCore => C:\Program Files\Google\Update\GoogleUpdate.exe [153168 2017-06-07] (Google Inc -> Google Inc.)
Task: {92161CA9-2C4A-4FAD-BE28-AB0AD208E84B} - System32\Tasks\GoogleUpdateTaskMachineUA => C:\Program Files\Google\Update\GoogleUpdate.exe [153168 2017-06-07] (Google Inc -> Google Inc.)

EmptyTemp:
Hosts:

*****************

HKLM\SOFTWARE\Policies\Microsoft\Windows Defender => removed successfully.
HKU\S-1-5-21-656636110-7618775-4091062772-1000\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\MountPoints2\E => removed successfully.
HKU\S-1-5-21-656636110-7618775-4091062772-1000\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\MountPoints2\{c96bcce9-2750-11e8-abfd-7845c4106ea3} => removed successfully.
HKLM\Software\Microsoft\Active Setup\Installed Components\{73FA19D0-2D75-11D2-995D-00C04F98BBC9} => removed successfully.
HKLM\SOFTWARE\Policies\Mozilla => removed successfully.
"HKLM\Software\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Logon\{314B608D-4025-4427-9EE0-5373931F61B3}" => removed successfully.
"HKLM\Software\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tasks\{314B608D-4025-4427-9EE0-5373931F61B3}" => removed successfully.
C:\Windows\System32\Tasks\GoogleUpdateTaskMachineCore => moved successfully
"HKLM\Software\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tree\GoogleUpdateTaskMachineCore" => removed successfully.
"HKLM\Software\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Plain\{92161CA9-2C4A-4FAD-BE28-AB0AD208E84B}" => removed successfully.
"HKLM\Software\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tasks\{92161CA9-2C4A-4FAD-BE28-AB0AD208E84B}" => removed successfully.
C:\Windows\System32\Tasks\GoogleUpdateTaskMachineUA => moved successfully
"HKLM\Software\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tree\GoogleUpdateTaskMachineUA" => removed successfully.
C:\Windows\System32\Drivers\etc\hosts => moved successfully
Hosts restored successfully.

=========== EmptyTemp: ==========

BITS transfer queue => 8388608 B
DOMStoree, IE Recovery, AppCache, Feeds Cache, Thumbcache, IconCache => 4209951 B
Java, Flash, Steam htmlcache => 410 B
Windows/system/drivers => 564805705 B
Edge => 0 B
Chrome => 117475068 B
Firefox => 9947617 B
Opera => 0 B

Temp, IE cache, history, cookies, recent:
Users => 0 B
Default => 66228 B
Public => 66228 B
ProgramData => 66228 B
systemprofile => 29658997 B
LocalService => 31345414 B
NetworkService => 31345414 B
PC => 70433005 B

RecycleBin => 2779 B
EmptyTemp: => 827.6 MB temporary data Removed.

================================

The system needed a reboot.

==== End of Fixlog 10:50:04 ====

#14 Příspěvek od **Diallix** » 14 lis 2020 11:22

Ako je na tom pocitac?

Kowy · #15 Příspěvek od **Kowy** » 15 lis 2020 18:43

Zatim to vypadá v pohodě. Děkuji.

VIRY.CZ

Preventivní kontrola

Preventivní kontrola

Re: Preventivní kontrola

Re: Preventivní kontrola

Re: Preventivní kontrola

Re: Preventivní kontrola

Re: Preventivní kontrola

Re: Preventivní kontrola

Re: Preventivní kontrola

Re: Preventivní kontrola

Re: Preventivní kontrola

Re: Preventivní kontrola

Re: Preventivní kontrola

Re: Preventivní kontrola

Re: Preventivní kontrola

Re: Preventivní kontrola