Preventívka pomalý ntb

Zpráva

T-Bag · #1 Příspěvek od **T-Bag** » 22 pro 2020 14:06

zdravím, mam strašne pomalý ntb a nemyslím si že má až taký zlý HW. Preinštaloval som windows žiadna zmena tak či neni nahodou niekde inde problem dakujem.

Scan result of Farbar Recovery Scan Tool (FRST) (x64) Version: 14-12-2020
Ran by Tibor (administrator) on TIBOR (Acer Aspire E5-573G) (22-12-2020 13:47:07)
Running from C:\Users\Tibor\Downloads
Loaded Profiles: Tibor
Platform: Windows 10 Home Version 2004 19041.685 (X64) Language: Slovenčina (Slovensko)
Default browser: FF
Boot Mode: Normal

==================== Processes (Whitelisted) =================

(If an entry is included in the fixlist, the process will be closed. The file will not be moved.)

() [File not signed] C:\Program Files (x86)\ASUS\USB-AC51 WLAN Card Utilities\Common\ASUSService.exe
(Adobe Inc. -> Adobe Inc.) C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\armsvc.exe
(ASUSTeK Computer Inc.) [File not signed] C:\Program Files (x86)\ASUS\USB-AC51 WLAN Card Utilities\Common\RaUI.exe
(Avast Software s.r.o. -> AVAST Software) C:\Program Files\Avast Software\Avast\aswEngSrv.exe
(Avast Software s.r.o. -> AVAST Software) C:\Program Files\Avast Software\Avast\aswidsagent.exe
(Avast Software s.r.o. -> AVAST Software) C:\Program Files\Avast Software\Avast\aswToolsSvc.exe
(Avast Software s.r.o. -> AVAST Software) C:\Program Files\Avast Software\Avast\AvastSvc.exe
(Avast Software s.r.o. -> AVAST Software) C:\Program Files\Avast Software\Avast\AvastUI.exe <3>
(Avast Software s.r.o. -> AVAST Software) C:\Program Files\Avast Software\Avast\wsc_proxy.exe
(FingerPower Digital Technology Ltd. -> ) C:\Users\Tibor\AppData\Local\Kingosoft\Kingo Root\update_27205\bin\KingoSoftService.exe
(Google LLC -> Google LLC) C:\Program Files (x86)\Google\Update\1.3.36.52\GoogleCrashHandler.exe
(Google LLC -> Google LLC) C:\Program Files (x86)\Google\Update\1.3.36.52\GoogleCrashHandler64.exe
(Intel(R) Embedded Subsystems and IP Blocks Group -> Intel Corporation) C:\Windows\System32\DriverStore\FileRepository\dal.inf_amd64_ffc75848a6342fdf\jhi_service.exe
(Intel(R) pGFX -> ) C:\Windows\System32\igfxTray.exe
(Intel(R) pGFX -> Intel Corporation) C:\Windows\System32\igfxCUIService.exe
(Intel(R) pGFX -> Intel Corporation) C:\Windows\System32\igfxEM.exe
(Intel(R) pGFX -> Intel Corporation) C:\Windows\System32\igfxHK.exe
(LAVASOFT SOFTWARE CANADA INC -> ) C:\Program Files (x86)\Lavasoft\Web Companion\Application\Lavasoft.WCAssistant.WinService.exe
(LAVASOFT SOFTWARE CANADA INC -> Lavasoft) C:\Program Files (x86)\Lavasoft\Web Companion\Application\WebCompanion.exe
(Mega Limited -> Mega Limited) C:\Windows.old\Users\Tibor\AppData\Local\MEGAsync\MEGAsync.exe
(Microsoft Corporation -> Microsoft Corporation) C:\Users\Tibor\AppData\Local\Microsoft\OneDrive\OneDrive.exe
(Microsoft Corporation -> Microsoft Corporation) C:\Windows\Microsoft.NET\Framework64\v3.0\WPF\PresentationFontCache.exe
(Microsoft Corporation) C:\Program Files\WindowsApps\Microsoft.WindowsCalculator_10.2010.0.0_x64__8wekyb3d8bbwe\Calculator.exe
(Microsoft Corporation) C:\Program Files\WindowsApps\Microsoft.WindowsStore_12011.1001.1.0_x64__8wekyb3d8bbwe\WinStore.App.exe
(Microsoft Windows -> Microsoft Corporation) C:\Windows\ImmersiveControlPanel\SystemSettings.exe
(Microsoft Windows -> Microsoft Corporation) C:\Windows\System32\dllhost.exe
(Microsoft Windows -> Microsoft Corporation) C:\Windows\System32\MoUsoCoreWorker.exe
(Microsoft Windows -> Microsoft Corporation) C:\Windows\System32\oobe\UserOOBEBroker.exe
(Microsoft Windows -> Microsoft Corporation) C:\Windows\System32\smartscreen.exe
(Microsoft Windows -> Microsoft Corporation) C:\Windows\System32\Speech_OneCore\common\SpeechRuntime.exe
(Microsoft Windows Hardware Compatibility Publisher -> SEIKO EPSON CORPORATION) C:\Windows\System32\spool\drivers\x64\3\E_IATIGCE.EXE
(Mozilla Corporation -> Mozilla Corporation) C:\Program Files\Mozilla Firefox\firefox.exe <9>
(NVIDIA Corporation -> NVIDIA Corporation) C:\Program Files\NVIDIA Corporation\Display.NvContainer\NVDisplay.Container.exe <2>
(Qualcomm Atheros -> Windows (R) Win 7 DDK provider) C:\Windows\System32\AdminService.exe
(Ralink Technology, Corp.) [File not signed] C:\Program Files (x86)\ASUS\USB-AC51 WLAN Card Utilities\Common\RaRegistry64.exe
(Realtek Semiconductor Corp -> Realtek Semiconductor) C:\Program Files\Realtek\Audio\HDA\RAVCpl64.exe
(SatoshiLabs, s.r.o. -> ) C:\Program Files (x86)\TREZOR Bridge\trezord.exe
(Spotify AB -> Spotify Ltd) C:\Users\Tibor\AppData\Roaming\Spotify\Spotify.exe <5>

==================== Registry (Whitelisted) ===================

(If an entry is included in the fixlist, the registry item will be restored to default or removed. The file will not be moved.)

HKLM\...\Run: [RTHDVCPL] => C:\Program Files\Realtek\Audio\HDA\RAVCpl64.exe [14049536 2015-07-09] (Realtek Semiconductor Corp -> Realtek Semiconductor)
HKLM\...\Run: [AvastUI.exe] => C:\Program Files\Avast Software\Avast\AvLaunch.exe [109664 2020-10-08] (Avast Software s.r.o. -> AVAST Software)
HKU\S-1-5-21-2813316739-561623387-2885406294-1001\...\Run: [Spotify] => C:\Users\Tibor\AppData\Roaming\Spotify\Spotify.exe [23592304 2020-12-22] (Spotify AB -> Spotify Ltd)
HKU\S-1-5-21-2813316739-561623387-2885406294-1001\...\Run: [Web Companion] => C:\Program Files (x86)\Lavasoft\Web Companion\Application\WebCompanion.exe [8442464 2020-12-12] (LAVASOFT SOFTWARE CANADA INC -> Lavasoft)
HKU\S-1-5-21-2813316739-561623387-2885406294-1001\...\Run: [utweb] => "C:\Users\Tibor\AppData\Roaming\uTorrent Web\utweb.exe" /MINIMIZED
HKU\S-1-5-21-2813316739-561623387-2885406294-1001\...\Run: [uTorrent] => "C:\Users\Tibor\AppData\Roaming\uTorrent\uTorrent.exe" /MINIMIZED
HKU\S-1-5-21-2813316739-561623387-2885406294-1001\...\Run: [EPSON1D24F2 (Epson Stylus SX420W)] => C:\WINDOWS\system32\spool\DRIVERS\x64\3\E_IATIGCE.EXE [224768 2009-09-14] (Microsoft Windows Hardware Compatibility Publisher -> SEIKO EPSON CORPORATION)
HKU\S-1-5-21-2813316739-561623387-2885406294-1001\...\Run: [Steam] => C:\Program Files (x86)\Steam\steam.exe [3421984 2020-12-07] (Valve -> Valve Corporation)
HKU\S-1-5-21-2813316739-561623387-2885406294-1001\...\Run: [Opera Browser Assistant] => C:\Users\Tibor\AppData\Local\Programs\Opera\assistant\browser_assistant.exe [3152920 2020-11-10] (Opera Software AS -> Opera Software)
HKU\S-1-5-21-2813316739-561623387-2885406294-1001\...\MountPoints2: {cd8775a6-ff27-11e4-825f-806e6f6e6963} - "D:\setup.exe"
HKLM\...\Print\Monitors\EPSON SX420W Series 64MonitorBE: C:\WINDOWS\system32\E_ILMGCE.DLL [118784 2008-11-12] (Microsoft Windows Hardware Compatibility Publisher -> SEIKO EPSON CORPORATION)
Startup: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Startup\ASUS USB-AC51 WLAN Control Center.lnk [2020-12-22]
ShortcutTarget: ASUS USB-AC51 WLAN Control Center.lnk -> C:\Program Files (x86)\ASUS\USB-AC51 WLAN Card Utilities\Common\RaUI.exe (ASUSTeK Computer Inc.) [File not signed]
Startup: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Startup\TREZOR Bridge.lnk [2020-11-17]
ShortcutTarget: TREZOR Bridge.lnk -> C:\Program Files (x86)\TREZOR Bridge\trezord.exe (SatoshiLabs, s.r.o. -> )
Startup: C:\Users\Tibor\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup\MEGAsync.lnk [2020-10-08]
ShortcutTarget: MEGAsync.lnk -> C:\Windows.old\Users\Tibor\AppData\Local\MEGAsync\MEGAsync.exe (Mega Limited -> Mega Limited)
HKLM\SOFTWARE\Policies\Mozilla\Firefox: Restriction <==== ATTENTION

==================== Scheduled Tasks (Whitelisted) ============

(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)

Task: {17939D27-A36D-4BDF-8340-FA74B4740C1F} - System32\Tasks\Adobe Acrobat Update Task => C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\AdobeARM.exe [1349200 2020-11-03] (Adobe Inc. -> Adobe Inc.)
Task: {1AC05320-3413-4ACD-A9D4-0A09BD13966F} - System32\Tasks\MEGA\MEGAsync Update Task S-1-5-21-2813316739-561623387-2885406294-1001 => C:\Windows.old\Users\Tibor\AppData\Local\MEGAsync\MEGAupdater.exe [1303800 2020-12-12] (Mega Limited -> Mega Limited)
Task: {540750B6-30A4-4261-93E8-6E65A40F8A73} - System32\Tasks\Opera scheduled Autoupdate 1602954829 => C:\Users\Tibor\AppData\Local\Programs\Opera\launcher.exe [1776664 2020-12-16] (Opera Software AS -> Opera Software)
Task: {639C6B9E-1E7A-4BE9-92F9-ED7157D9C0F4} - System32\Tasks\GoogleUpdateTaskMachineCore => C:\Program Files (x86)\Google\Update\GoogleUpdate.exe [156104 2020-10-08] (Google LLC -> Google LLC)
Task: {73FE12DC-AE49-4D26-BFDD-C6DB4511E7C8} - System32\Tasks\Avast Emergency Update => C:\Program Files\Avast Software\Avast\AvEmUpdate.exe [4496488 2020-10-08] (Avast Software s.r.o. -> AVAST Software)
Task: {84C939F4-D939-4F2B-B01B-92F2B4E69124} - System32\Tasks\Intel PTT EK Recertification => C:\WINDOWS\System32\DriverStore\FileRepository\iclsclient.inf_amd64_75ffca5eec865b4b\lib\IntelPTTEKRecertification.exe [918288 2020-04-22] (Intel(R) Trust Services -> Intel(R) Corporation)
Task: {A3BCBE96-599B-4827-BC39-8CE690B8583F} - System32\Tasks\Mozilla\Firefox Default Browser Agent 308046B0AF4A39CB => C:\Program Files\Mozilla Firefox\default-browser-agent.exe [693456 2020-12-19] (Mozilla Corporation -> Mozilla Foundation)
Task: {BAFA2E52-2E2B-48AD-B467-AD9DDD0020E3} - System32\Tasks\Opera scheduled assistant Autoupdate 1602954848 => C:\Users\Tibor\AppData\Local\Programs\Opera\launcher.exe [1776664 2020-12-16] (Opera Software AS -> Opera Software) -> --scheduledautoupdate --component-name=assistant --component-path="C:\Users\Tibor\AppData\Local\Programs\Opera\assistant" $(Arg0)
Task: {C61E8B24-30DF-43FE-A848-2841AD26F90A} - System32\Tasks\GoogleUpdateTaskMachineUA => C:\Program Files (x86)\Google\Update\GoogleUpdate.exe [156104 2020-10-08] (Google LLC -> Google LLC)
Task: {FE82577C-64CC-4550-A27A-CD7443349B65} - System32\Tasks\Avast Software\Overseer => C:\Program Files\Common Files\Avast Software\Overseer\overseer.exe [1741416 2020-10-08] (Avast Software s.r.o. -> Avast Software)

(If an entry is included in the fixlist, the task (.job) file will be moved. The file which is running by the task will not be moved.)

==================== Internet (Whitelisted) ====================

(If an item is included in the fixlist, if it is a registry item it will be removed or restored to default.)

Tcpip\Parameters: [DhcpNameServer] 195.146.132.59 8.8.8.8
Tcpip\..\Interfaces\{38361781-665b-4bac-baa9-7292d430fe54}: [DhcpNameServer] 195.146.132.59 8.8.8.8
Tcpip\..\Interfaces\{7f91a368-a36a-489f-985d-b120411bfc58}: [DhcpNameServer] 195.146.132.59 8.8.8.8

Edge:
======
Edge DefaultProfile: Default
Edge Profile: C:\Users\Tibor\AppData\Local\Microsoft\Edge\User Data\Default [2020-12-21]
Edge Extension: (Outlook) - C:\Users\Tibor\AppData\Local\Microsoft\Edge\User Data\Default\Extensions\bjhmmnoficofgoiacjaajpkfndojknpb [2020-10-15]
Edge Extension: (Word) - C:\Users\Tibor\AppData\Local\Microsoft\Edge\User Data\Default\Extensions\hikhggiobiflkdfdgdajcfklmcibbopi [2020-10-15]
Edge Extension: (Excel) - C:\Users\Tibor\AppData\Local\Microsoft\Edge\User Data\Default\Extensions\leffmjdabcgaflkikcefahmlgpodjkdm [2020-10-15]
Edge Extension: (PowerPoint) - C:\Users\Tibor\AppData\Local\Microsoft\Edge\User Data\Default\Extensions\opfacbhaojodjaojgocnibmklknchehf [2020-10-15]

FireFox:
========
FF DefaultProfile: umm8z632.default
FF ProfilePath: C:\Users\Tibor\AppData\Roaming\Mozilla\Firefox\Profiles\umm8z632.default [2020-10-10]
FF NewTab: Mozilla\Firefox\Profiles\umm8z632.default -> hxxps://securesearch.org/homepage?hp=2&pId=BT170603&iDate=2020-10-10 06:06:17&bName=
FF ProfilePath: C:\Users\Tibor\AppData\Roaming\Mozilla\Firefox\Profiles\8wtweije.default-release [2020-12-22]
FF NewTab: Mozilla\Firefox\Profiles\8wtweije.default-release -> hxxps://securesearch.org/homepage?hp=2&pId=BT170603&iDate=2020-10-10 06:06:17&bName=
FF Session Restore: Mozilla\Firefox\Profiles\8wtweije.default-release -> is enabled.
FF Extension: (Facebook Container) - C:\Users\Tibor\AppData\Roaming\Mozilla\Firefox\Profiles\8wtweije.default-release\Extensions\@contain-facebook.xpi [2020-10-29]
FF Extension: (Enhancer for YouTube™) - C:\Users\Tibor\AppData\Roaming\Mozilla\Firefox\Profiles\8wtweije.default-release\Extensions\enhancerforyoutube@maximerf.addons.mozilla.org.xpi [2020-10-29]
FF Plugin: @videolan.org/vlc,version=3.0.11 -> C:\Program Files\VideoLAN\VLC\npvlc.dll [2020-06-04] (VideoLAN -> VideoLAN)
FF Plugin-x32: Adobe Reader -> C:\Program Files (x86)\Adobe\Acrobat Reader DC\Reader\AIR\nppdf32.dll [2020-12-07] (Adobe Inc. -> Adobe Systems Inc.)

Opera:
=======
OPR Extension: (Rich Hints Agent) - C:\Users\Tibor\AppData\Roaming\Opera Software\Opera Stable\Extensions\enegjkbbakeegngfapepobipndnebkdk [2020-10-24]

==================== Services (Whitelisted) ===================

(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)

R2 AdobeARMservice; C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\armsvc.exe [170056 2020-11-03] (Adobe Inc. -> Adobe Inc.)
R2 ASUSWireless; C:\Program Files (x86)\ASUS\USB-AC51 WLAN Card Utilities\Common\ASUSService.exe [184320 2014-03-05] () [File not signed]
R3 aswbIDSAgent; C:\Program Files\Avast Software\Avast\aswidsagent.exe [8450976 2020-10-08] (Avast Software s.r.o. -> AVAST Software)
R2 avast! Antivirus; C:\Program Files\Avast Software\Avast\AvastSvc.exe [360408 2020-10-08] (Avast Software s.r.o. -> AVAST Software)
R2 avast! Tools; C:\Program Files\Avast Software\Avast\aswToolsSvc.exe [2748520 2020-10-08] (Avast Software s.r.o. -> AVAST Software)
R2 AvastWscReporter; C:\Program Files\Avast Software\Avast\wsc_proxy.exe [58048 2020-10-08] (Avast Software s.r.o. -> AVAST Software)
R2 KingoSoftService; C:\Users\Tibor\AppData\Local\Kingosoft\Kingo Root\update_27205\bin\checkupdate.exe [377832 2018-03-08] (FingerPower Digital Technology Ltd. -> )
R2 RalinkRegistryWriter; C:\Program Files (x86)\ASUS\USB-AC51 WLAN Card Utilities\Common\RaRegistry64.exe [447488 2014-03-05] (Ralink Technology, Corp.) [File not signed]
S2 RaMediaServer; C:\Program Files (x86)\ASUS\USB-AC51 WLAN Card Utilities\Common\RaMediaServer.exe [1863680 2014-03-05] (Ralink) [File not signed]
R2 WCAssistantService; C:\Program Files (x86)\Lavasoft\Web Companion\Application\Lavasoft.WCAssistant.WinService.exe [29280 2020-12-12] (LAVASOFT SOFTWARE CANADA INC -> )
S3 WdNisSvc; C:\Program Files\Windows Defender\NisSrv.exe [3004048 2019-12-07] (Microsoft Windows Publisher -> Microsoft Corporation)
S3 WinDefend; C:\Program Files\Windows Defender\MsMpEng.exe [103384 2019-12-07] (Microsoft Windows Publisher -> Microsoft Corporation)

===================== Drivers (Whitelisted) ===================

(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)

S3 AppleKmdfFilter; C:\WINDOWS\System32\drivers\AppleKmdfFilter.sys [20640 2018-05-10] (WDKTestCert build,131474841775766162 -> Apple Inc.)
S3 AppleLowerFilter; C:\WINDOWS\System32\drivers\AppleLowerFilter.sys [35560 2018-05-10] (WDKTestCert build,131474841775766162 -> Apple Inc.)
R0 aswArDisk; C:\WINDOWS\System32\drivers\aswArDisk.sys [37152 2020-10-08] (Avast Software s.r.o. -> AVAST Software)
R1 aswArPot; C:\WINDOWS\System32\drivers\aswArPot.sys [206408 2020-10-08] (Avast Software s.r.o. -> AVAST Software)
R1 aswbidsdriver; C:\WINDOWS\System32\drivers\aswbidsdriver.sys [236112 2020-10-08] (Avast Software s.r.o. -> AVAST Software)
R0 aswbidsh; C:\WINDOWS\System32\drivers\aswbidsh.sys [195664 2020-10-08] (Avast Software s.r.o. -> AVAST Software)
R0 aswbuniv; C:\WINDOWS\System32\drivers\aswbuniv.sys [60496 2020-10-08] (Avast Software s.r.o. -> AVAST Software)
R0 aswElam; C:\WINDOWS\System32\drivers\aswElam.sys [16824 2020-10-08] (Microsoft Windows Early Launch Anti-malware Publisher -> AVAST Software)
R1 aswKbd; C:\WINDOWS\System32\drivers\aswKbd.sys [42784 2020-10-08] (Avast Software s.r.o. -> AVAST Software)
R2 aswMonFlt; C:\WINDOWS\System32\drivers\aswMonFlt.sys [175720 2020-10-08] (Avast Software s.r.o. -> AVAST Software)
R1 aswNetHub; C:\WINDOWS\System32\drivers\aswNetHub.sys [518680 2020-11-24] (Avast Software s.r.o. -> AVAST Software)
R1 aswRdr; C:\WINDOWS\System32\drivers\aswRdr2.sys [109280 2020-10-08] (Avast Software s.r.o. -> AVAST Software)
R0 aswRvrt; C:\WINDOWS\System32\drivers\aswRvrt.sys [84856 2020-10-08] (Avast Software s.r.o. -> AVAST Software)
R1 aswSnx; C:\WINDOWS\System32\drivers\aswSnx.sys [851608 2020-10-08] (Avast Software s.r.o. -> AVAST Software)
R1 aswSP; C:\WINDOWS\System32\drivers\aswSP.sys [470912 2020-10-08] (Avast Software s.r.o. -> AVAST Software)
R2 aswStm; C:\WINDOWS\System32\drivers\aswStm.sys [217336 2020-10-08] (Avast Software s.r.o. -> AVAST Software)
R0 aswVmm; C:\WINDOWS\System32\drivers\aswVmm.sys [326928 2020-10-08] (Avast Software s.r.o. -> AVAST Software)
S3 BthA2dp; C:\WINDOWS\System32\drivers\BthA2dp.sys [279040 2019-12-07] (Microsoft Corporation) [File not signed]
S3 LMDriver; C:\WINDOWS\System32\drivers\LMDriver.sys [21360 2013-07-18] (Acer Incorporated -> Acer Incorporated)
S3 qcusbser; C:\WINDOWS\System32\drivers\qcusbser.sys [242688 2016-05-18] (Xiaomi Technology Inc -> QUALCOMM Incorporated)
S3 RadioShim; C:\WINDOWS\System32\drivers\RadioShim.sys [14680 2013-07-18] (Acer Incorporated -> Acer Incorporated)
S3 WdBoot; C:\WINDOWS\system32\drivers\WdBoot.sys [46688 2019-12-07] (Microsoft Windows Early Launch Anti-malware Publisher -> Microsoft Corporation)
S3 WdFilter; C:\WINDOWS\system32\drivers\WdFilter.sys [350136 2019-12-07] (Microsoft Windows -> Microsoft Corporation)
S3 WdNisDrv; C:\WINDOWS\System32\Drivers\WdNisDrv.sys [54200 2019-12-07] (Microsoft Windows -> Microsoft Corporation)

==================== NetSvcs (Whitelisted) ===================

(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)

==================== One month (created) (Whitelisted) =========

(If an entry is included in the fixlist, the file/folder will be moved.)

2020-12-22 13:47 - 2020-12-22 13:49 - 000017949 _____ C:\Users\Tibor\Downloads\FRST.txt
2020-12-22 13:46 - 2020-12-22 13:46 - 002286592 _____ (Farbar) C:\Users\Tibor\Downloads\FRST64.exe
2020-12-22 13:39 - 2020-12-22 13:39 - 000000000 ____D C:\WINDOWS\system32\Tasks\Mozilla
2020-12-22 13:35 - 2020-12-22 13:35 - 000000000 ____D C:\ProgramData\Ralink
2020-12-22 13:34 - 2020-12-22 13:34 - 000002352 _____ C:\Users\Public\Desktop\ASUS USB-AC51 WLAN Control Center.lnk
2020-12-22 13:34 - 2020-12-22 13:34 - 000002352 _____ C:\ProgramData\Desktop\ASUS USB-AC51 WLAN Control Center.lnk
2020-12-22 13:34 - 2020-12-22 13:34 - 000000000 ___HD C:\Program Files (x86)\InstallShield Installation Information
2020-12-22 13:34 - 2020-12-22 13:34 - 000000000 ____D C:\WINDOWS\system32\RaLanguages
2020-12-22 13:34 - 2020-12-22 13:34 - 000000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\ASUS Utility
2020-12-22 13:34 - 2020-12-22 13:34 - 000000000 ____D C:\ProgramData\ASUS Driver
2020-12-22 13:34 - 2020-12-22 13:34 - 000000000 ____D C:\Program Files (x86)\ASUS
2020-12-22 13:34 - 2016-03-17 16:11 - 000180224 _____ C:\WINDOWS\system32\RT0B0517D1.exe
2020-12-22 13:34 - 2016-02-25 14:23 - 000000440 _____ C:\WINDOWS\system32\Drivers\PwrTable7610KR.dat
2020-12-22 13:34 - 2016-02-25 14:08 - 000000440 _____ C:\WINDOWS\system32\Drivers\PwrTable7610CE.dat
2020-12-22 13:34 - 2015-09-21 01:48 - 000079216 _____ C:\WINDOWS\SysWOW64\Drivers\FW_7662.bin
2020-12-22 13:34 - 2015-09-21 01:48 - 000079216 _____ C:\WINDOWS\system32\Drivers\FW_7662.bin
2020-12-22 13:34 - 2015-09-21 01:48 - 000020626 _____ C:\WINDOWS\SysWOW64\Drivers\Patch_7662.bin
2020-12-22 13:34 - 2015-09-21 01:48 - 000020626 _____ C:\WINDOWS\system32\Drivers\Patch_7662.bin
2020-12-22 13:34 - 2015-09-21 01:48 - 000016103 _____ C:\WINDOWS\SysWOW64\RaCoInst.dat
2020-12-22 13:34 - 2015-09-21 01:48 - 000016103 _____ C:\WINDOWS\system32\RaCoInst.dat
2020-12-22 13:34 - 2014-06-10 16:29 - 000000164 _____ C:\WINDOWS\SysWOW64\HWID.ini
2020-12-22 13:34 - 2014-03-05 14:47 - 002403392 _____ (Ralink Technology, Corp.) C:\WINDOWS\system32\RaCertMgr.dll
2020-12-22 13:34 - 2014-03-05 14:47 - 001608768 _____ (Ralink Technology, Corp.) C:\WINDOWS\SysWOW64\RaCertMgr.dll
2020-12-22 13:34 - 2014-03-05 14:47 - 001115648 _____ (Ralink Technology, Corp.) C:\WINDOWS\SysWOW64\RAIHV.dll
2020-12-22 13:34 - 2014-03-05 14:47 - 001115648 _____ (Ralink Technology, Corp.) C:\WINDOWS\system32\RAIHV.dll
2020-12-22 13:34 - 2014-03-05 14:47 - 000792416 _____ C:\WINDOWS\SysWOW64\DiagFunc.dll
2020-12-22 13:34 - 2014-03-05 14:47 - 000792416 _____ C:\WINDOWS\system32\DiagFunc.dll
2020-12-22 13:34 - 2014-03-05 14:47 - 000127488 _____ (Ralink Technology, Corp.) C:\WINDOWS\SysWOW64\RAEXTUI.dll
2020-12-22 13:34 - 2014-03-05 14:47 - 000127488 _____ (Ralink Technology, Corp.) C:\WINDOWS\system32\RAEXTUI.dll
2020-12-22 13:34 - 2014-03-05 14:47 - 000086880 _____ (Microsoft Corporation) C:\WINDOWS\system32\devcon64.exe
2020-12-22 13:34 - 2014-03-05 14:47 - 000083296 _____ (Microsoft Corporation) C:\WINDOWS\system32\devcon.exe
2020-12-22 13:34 - 2014-03-05 14:47 - 000000451 _____ C:\WINDOWS\SysWOW64\DiagFunc.ini
2020-12-22 13:34 - 2014-03-05 14:47 - 000000451 _____ C:\WINDOWS\system32\DiagFunc.ini
2020-12-22 13:34 - 2014-03-05 14:47 - 000000440 _____ C:\WINDOWS\system32\Drivers\PwrTable7610Other.dat
2020-12-22 13:34 - 2014-03-05 14:47 - 000000440 _____ C:\WINDOWS\system32\Drivers\PwrTable7610FCC.dat
2020-12-21 19:54 - 2020-12-21 19:54 - 002755584 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\mshtml.tlb
2020-12-21 19:54 - 2020-12-21 19:54 - 002755584 _____ (Microsoft Corporation) C:\WINDOWS\system32\mshtml.tlb
2020-12-21 19:53 - 2020-12-21 19:53 - 001333248 _____ C:\WINDOWS\SysWOW64\TextInputMethodFormatter.dll
2020-12-21 19:53 - 2020-12-21 19:53 - 000266240 _____ C:\WINDOWS\SysWOW64\Windows.Internal.UI.Shell.WindowTabManager.dll
2020-12-21 19:53 - 2020-12-21 19:53 - 000240640 _____ C:\WINDOWS\SysWOW64\CoreMas.dll
2020-12-21 19:53 - 2020-12-21 19:53 - 000102912 _____ (Microsoft Corporation) C:\WINDOWS\system32\ncpa.cpl
2020-12-21 19:53 - 2020-12-21 19:53 - 000100864 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\ncpa.cpl
2020-12-21 19:53 - 2020-12-21 19:53 - 000039936 _____ (Adobe Systems) C:\WINDOWS\SysWOW64\atmlib.dll
2020-12-21 19:53 - 2020-12-21 19:53 - 000010912 _____ C:\WINDOWS\system32\DrtmAuthTxt.wim
2020-12-21 19:53 - 2020-12-21 19:53 - 000010752 _____ C:\WINDOWS\SysWOW64\agentactivationruntimestarter.exe
2020-12-21 19:52 - 2020-12-21 19:52 - 001822272 _____ (Microsoft Corporation) C:\WINDOWS\system32\winload.efi
2020-12-21 19:52 - 2020-12-21 19:52 - 001393496 _____ (Microsoft Corporation) C:\WINDOWS\system32\winresume.efi
2020-12-21 19:52 - 2020-12-21 19:52 - 000060928 _____ C:\WINDOWS\system32\runexehelper.exe
2020-12-21 19:52 - 2020-12-21 19:52 - 000048640 _____ (Adobe Systems) C:\WINDOWS\system32\atmlib.dll
2020-12-21 19:52 - 2020-12-21 19:52 - 000001370 _____ C:\WINDOWS\system32\ThirdPartyNoticesBySHS.txt
2020-12-21 19:51 - 2020-12-21 19:51 - 002260480 _____ C:\WINDOWS\system32\TextInputMethodFormatter.dll
2020-12-21 19:51 - 2020-12-21 19:51 - 000363520 _____ C:\WINDOWS\system32\Windows.Internal.UI.Shell.WindowTabManager.dll
2020-12-21 19:51 - 2020-12-21 19:51 - 000287232 _____ C:\WINDOWS\system32\CoreMas.dll
2020-12-21 19:51 - 2020-12-21 19:51 - 000165376 _____ C:\WINDOWS\system32\DataStoreCacheDumpTool.exe
2020-12-21 19:51 - 2020-12-21 19:51 - 000089088 _____ C:\WINDOWS\system32\windows.applicationmodel.conversationalagent.proxystub.dll
2020-12-21 19:51 - 2020-12-21 19:51 - 000073216 _____ C:\WINDOWS\system32\windows.applicationmodel.conversationalagent.internal.proxystub.dll
2020-12-21 19:50 - 2020-12-21 19:50 - 000013312 _____ C:\WINDOWS\system32\agentactivationruntimestarter.exe
2020-12-19 16:36 - 2020-12-19 16:36 - 000000000 ____D C:\Program Files\Mozilla Firefox
2020-12-19 16:22 - 2020-12-19 16:22 - 000000000 ____D C:\Users\Tibor\AppData\Local\OneDrive

==================== One month (modified) ==================

(If an entry is included in the fixlist, the file/folder will be moved.)

2020-12-22 13:47 - 2019-10-14 19:51 - 000000000 ____D C:\FRST
2020-12-22 13:42 - 2020-10-08 18:51 - 000000000 ____D C:\Users\Tibor\AppData\Roaming\Spotify
2020-12-22 13:41 - 2019-12-07 10:14 - 000000000 ____D C:\ProgramData\regid.1991-06.com.microsoft
2020-12-22 13:40 - 2020-10-08 18:52 - 000000000 ____D C:\ProgramData\Avast Software
2020-12-22 13:39 - 2020-10-08 18:45 - 000001009 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Firefox.lnk
2020-12-22 13:39 - 2020-10-08 18:45 - 000000000 ____D C:\Program Files (x86)\Mozilla Maintenance Service
2020-12-22 13:39 - 2018-01-26 16:54 - 000000000 ____D C:\Users\Tibor\AppData\LocalLow\Mozilla
2020-12-22 13:38 - 2020-10-08 18:52 - 000000000 ____D C:\Users\Tibor\AppData\Local\Spotify
2020-12-22 13:35 - 2019-12-07 10:13 - 000000000 ____D C:\WINDOWS\INF
2020-12-22 13:34 - 2019-12-07 10:14 - 000000176 _____ C:\WINDOWS\win.ini
2020-12-22 13:31 - 2020-10-08 18:55 - 000004264 _____ C:\WINDOWS\system32\Tasks\Avast Emergency Update
2020-12-22 13:31 - 2020-10-08 17:18 - 000840598 _____ C:\WINDOWS\system32\PerfStringBackup.INI
2020-12-22 13:30 - 2020-11-02 11:14 - 000000000 ____D C:\Program Files (x86)\Steam
2020-12-22 13:27 - 2019-12-07 10:14 - 000000000 ___HD C:\Program Files\WindowsApps
2020-12-22 13:27 - 2019-12-07 10:14 - 000000000 ____D C:\WINDOWS\AppReadiness
2020-12-22 13:25 - 2020-10-08 16:53 - 000000180 _____ C:\WINDOWS\system32\{A6D608F0-0BDE-491A-97AE-5C4B05D86E01}.bat
2020-12-22 13:25 - 2015-09-17 16:40 - 000000000 __SHD C:\Users\Tibor\IntelGraphicsProfiles
2020-12-22 13:23 - 2020-10-08 16:54 - 000000000 ____D C:\ProgramData\NVIDIA
2020-12-22 13:23 - 2020-10-08 16:49 - 000000006 ____H C:\WINDOWS\Tasks\SA.DAT
2020-12-22 13:23 - 2020-09-20 20:33 - 000008192 ___SH C:\DumpStack.log.tmp
2020-12-21 22:25 - 2019-12-07 10:03 - 000524288 _____ C:\WINDOWS\system32\config\BBI
2020-12-21 22:22 - 2020-10-08 16:41 - 000258088 _____ C:\WINDOWS\system32\FNTCACHE.DAT
2020-12-21 22:19 - 2019-12-07 10:14 - 000000000 ____D C:\WINDOWS\SysWOW64\Dism
2020-12-21 22:19 - 2019-12-07 10:14 - 000000000 ____D C:\WINDOWS\SystemResources
2020-12-21 22:19 - 2019-12-07 10:14 - 000000000 ____D C:\WINDOWS\system32\migwiz
2020-12-21 22:19 - 2019-12-07 10:14 - 000000000 ____D C:\WINDOWS\system32\Dism
2020-12-21 22:19 - 2019-12-07 10:14 - 000000000 ____D C:\WINDOWS\bcastdvr
2020-12-21 22:19 - 2019-12-07 10:14 - 000000000 ____D C:\Program Files\Windows Defender
2020-12-21 22:19 - 2019-12-07 10:14 - 000000000 ____D C:\Program Files (x86)\Windows Defender
2020-12-21 22:02 - 2020-10-08 16:41 - 000000000 ____D C:\WINDOWS\system32\SleepStudy
2020-12-21 20:53 - 2020-10-08 18:42 - 000000000 ____D C:\Users\Tibor\AppData\Local\PlaceholderTileLogoFolder
2020-12-21 20:09 - 2019-12-07 10:03 - 000000000 ____D C:\WINDOWS\CbsTemp
2020-12-21 19:50 - 2020-10-17 18:14 - 000004158 _____ C:\WINDOWS\system32\Tasks\Opera scheduled Autoupdate 1602954829
2020-12-21 19:50 - 2020-10-17 18:13 - 000001409 _____ C:\Users\Tibor\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Prehliadač Opera.lnk
2020-12-19 16:41 - 2020-09-14 09:03 - 000000000 ___HD C:\$WinREAgent
2020-12-19 16:38 - 2020-10-10 19:01 - 000000000 ____D C:\Users\Tibor\AppData\Local\CrashDumps
2020-12-19 16:35 - 2020-10-14 21:14 - 000002448 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Microsoft Edge.lnk
2020-12-19 16:35 - 2020-10-14 21:14 - 000002286 _____ C:\Users\Public\Desktop\Microsoft Edge.lnk
2020-12-19 16:35 - 2020-10-14 21:14 - 000002286 _____ C:\ProgramData\Desktop\Microsoft Edge.lnk
2020-12-12 21:46 - 2020-10-08 19:03 - 000004562 _____ C:\WINDOWS\system32\Tasks\Adobe Acrobat Update Task
2020-12-12 21:44 - 2020-10-08 19:01 - 000002140 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Acrobat Reader DC.lnk
2020-12-12 21:40 - 2020-10-14 21:14 - 000003576 _____ C:\WINDOWS\system32\Tasks\MicrosoftEdgeUpdateTaskMachineUA
2020-12-12 21:40 - 2020-10-14 21:14 - 000003452 _____ C:\WINDOWS\system32\Tasks\MicrosoftEdgeUpdateTaskMachineCore
2020-12-12 21:39 - 2020-10-08 19:03 - 000003456 _____ C:\WINDOWS\system32\Tasks\GoogleUpdateTaskMachineUA
2020-12-12 21:39 - 2020-10-08 19:03 - 000003332 _____ C:\WINDOWS\system32\Tasks\GoogleUpdateTaskMachineCore
2020-12-12 21:32 - 2020-10-08 18:01 - 000003358 _____ C:\WINDOWS\system32\Tasks\OneDrive Standalone Update Task-S-1-5-21-2813316739-561623387-2885406294-1001
2020-12-12 21:32 - 2020-10-08 17:05 - 000002355 _____ C:\Users\Tibor\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\OneDrive.lnk
2020-12-12 21:32 - 2015-09-17 16:48 - 000000000 ___RD C:\Users\Tibor\OneDrive
2020-11-24 19:29 - 2020-11-12 23:53 - 000003220 _____ C:\WINDOWS\system32\Tasks\Intel PTT EK Recertification
2020-11-24 19:29 - 2020-10-17 18:14 - 000003726 _____ C:\WINDOWS\system32\Tasks\Opera scheduled assistant Autoupdate 1602954848
2020-11-24 19:29 - 2020-10-08 18:56 - 000000000 ____D C:\WINDOWS\system32\Tasks\Avast Software
2020-11-24 16:08 - 2020-10-08 18:54 - 000518680 _____ (AVAST Software) C:\WINDOWS\system32\Drivers\aswNetHub.sys

==================== SigCheck ============================

(There is no automatic fix for files that do not pass verification.)

==================== End of FRST.txt ========================

T-Bag · #2 Příspěvek od **T-Bag** » 22 pro 2020 14:06

Additional scan result of Farbar Recovery Scan Tool (x64) Version: 14-12-2020
Ran by Tibor (22-12-2020 13:56:35)
Running from C:\Users\Tibor\Downloads
Windows 10 Home Version 2004 19041.685 (X64) (2020-10-08 16:31:48)
Boot Mode: Normal
==========================================================

==================== Accounts: =============================

Administrator (S-1-5-21-2813316739-561623387-2885406294-500 - Administrator - Disabled)
DefaultAccount (S-1-5-21-2813316739-561623387-2885406294-503 - Limited - Disabled)
Guest (S-1-5-21-2813316739-561623387-2885406294-501 - Limited - Disabled)
HomeGroupUser$ (S-1-5-21-2813316739-561623387-2885406294-1003 - Limited - Enabled)
Tibor (S-1-5-21-2813316739-561623387-2885406294-1001 - Administrator - Enabled) => C:\Users\Tibor
WDAGUtilityAccount (S-1-5-21-2813316739-561623387-2885406294-504 - Limited - Disabled)

==================== Security Center ========================

(If an entry is included in the fixlist, it will be removed.)

AV: Windows Defender (Disabled - Up to date) {D68DDC3A-831F-4fae-9E44-DA132C1ACF46}
AV: Avast Antivirus (Enabled - Up to date) {EB19B86E-3998-C706-90EF-92B41EB091AF}

==================== Installed Programs ======================

(Only the adware programs with "Hidden" flag could be added to the fixlist to unhide them. The adware programs should be uninstalled manually.)

Adobe Acrobat Reader DC - Slovak (HKLM-x32\...\{AC76BA86-7AD7-1051-7B44-AC0F074E4100}) (Version: 20.013.20074 - Adobe Systems Incorporated)
ASUS USB-AC51 WLAN Card Utilities & Driver (HKLM-x32\...\{DDEA12A2-E130-4318-ABE3-8D4E20367E66}) (Version: 1.0.1.6 - ASUS)
Avast Free Antivirus (HKLM-x32\...\Avast Antivirus) (Version: 20.8.2432 - Avast Software)
EPSON SX420W Series Printer Uninstall (HKLM\...\EPSON SX420W Series) (Version: - SEIKO EPSON Corporation)
Excel (HKU\S-1-5-21-2813316739-561623387-2885406294-1001\...\1fc5b090eab9aa41f8a2f5987367e6da) (Version: 1.0 - Excel)
Google Earth Pro (HKLM\...\{FB8010D4-05F4-420D-8DFC-2F911A6DD100}) (Version: 7.3.3.7786 - Google)
Google Update Helper (HKLM-x32\...\{60EC980A-BDA2-4CB6-A427-B07A5498B4CA}) (Version: 1.3.36.51 - Google LLC) Hidden
Kingo ROOT version 1.5.8.3353 (HKLM-x32\...\{AE7675D6-0B31-494F-ABFA-822E1A0FDF17}_is1) (Version: 1.5.8.3353 - Kingosoft Technology Ltd.)
KingRoot °ć±ľ 3.5.0.1157 (HKLM-x32\...\{FA3B7324-9EB4-4ADC-84D0-5461BE113832}_is1) (Version: 3.5.0.1157 - KingRoot)
Microsoft Edge (HKLM-x32\...\Microsoft Edge) (Version: 87.0.664.66 - Microsoft Corporation)
Microsoft Edge Update (HKLM-x32\...\Microsoft Edge Update) (Version: 1.3.139.59 - )
Microsoft OneDrive (HKU\S-1-5-21-2813316739-561623387-2885406294-1001\...\OneDriveSetup.exe) (Version: 20.201.1005.0009 - Microsoft Corporation)
Microsoft Visual C++ 2010 x64 Redistributable - 10.0.40219 (HKLM\...\{1D8E6291-B0D5-35EC-8441-6616F567A0F7}) (Version: 10.0.40219 - Microsoft Corporation)
Microsoft Visual C++ 2010 x86 Redistributable - 10.0.40219 (HKLM-x32\...\{F0C3E5D1-1ADE-321E-8167-68EF0DE699A5}) (Version: 10.0.40219 - Microsoft Corporation)
Microsoft Visual C++ 2015 Redistributable (x86) - 14.0.24215 (HKLM-x32\...\{e2803110-78b3-4664-a479-3611a381656a}) (Version: 14.0.24215.1 - Microsoft Corporation)
Mozilla Firefox 84.0 (x64 sk) (HKLM\...\Mozilla Firefox 84.0 (x64 sk)) (Version: 84.0 - Mozilla)
Mozilla Maintenance Service (HKLM\...\MozillaMaintenanceService) (Version: 81.0.1 - Mozilla)
Opera Stable 73.0.3856.284 (HKU\S-1-5-21-2813316739-561623387-2885406294-1001\...\Opera 73.0.3856.284) (Version: 73.0.3856.284 - Opera Software)
Outlook (HKU\S-1-5-21-2813316739-561623387-2885406294-1001\...\6b0f23e57a39ebfbf2814acb1a24293d) (Version: 1.0 - Outlook)
Ovládací panel NVIDIA 416.34 (HKLM\...\{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_Display.ControlPanel) (Version: 416.34 - NVIDIA Corporation) Hidden
PowerPoint (HKU\S-1-5-21-2813316739-561623387-2885406294-1001\...\319814cb56b667dff88f54e08be8f51f) (Version: 1.0 - PowerPoint)
Realtek Card Reader (HKLM-x32\...\{5BC2B5AB-80DE-4E83-B8CF-426902051D0A}) (Version: 10.0.10586.31222 - Realtek Semiconduct Corp.)
Realtek High Definition Audio Driver (HKLM-x32\...\{F132AF7F-7BCA-4EDE-8A7C-958108FE7DBC}) (Version: 6.0.1.7553 - Realtek Semiconductor Corp.)
Spotify (HKU\S-1-5-21-2813316739-561623387-2885406294-1001\...\Spotify) (Version: 1.1.48.625.g1c87c7f7 - Spotify AB)
Steam (HKLM-x32\...\Steam) (Version: 2.10.91.91 - Valve Corporation)
VLC media player (HKLM\...\VLC media player) (Version: 3.0.11 - VideoLAN)
Vysor (HKU\S-1-5-21-2813316739-561623387-2885406294-1001\...\vysor) (Version: 3.1.4 - Vysor Inc.)
Web Companion (HKLM-x32\...\{edb94bca-af20-42be-8ba0-ce1c4b9f44b6}) (Version: 7.0.2388.4219 - Lavasoft)
Word (HKU\S-1-5-21-2813316739-561623387-2885406294-1001\...\1b837d0bf93d01407352736c91b7bf50) (Version: 1.0 - Word)

Packages:
=========
Microsoft Solitaire Collection -> C:\Program Files\WindowsApps\Microsoft.MicrosoftSolitaireCollection_4.7.10142.0_x64__8wekyb3d8bbwe [2020-10-22] (Microsoft Studios) [MS Ad]

==================== Custom CLSID (Whitelisted): ==============

(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)

ShellIconOverlayIdentifiers: [00asw] -> {472083B0-C522-11CF-8763-00608CC02F24} => C:\Program Files\Avast Software\Avast\ashShell.dll [2020-10-08] (Avast Software s.r.o. -> AVAST Software)
ContextMenuHandlers1: [avast] -> {472083B0-C522-11CF-8763-00608CC02F24} => C:\Program Files\Avast Software\Avast\ashShell.dll [2020-10-08] (Avast Software s.r.o. -> AVAST Software)
ContextMenuHandlers3: [00asw] -> {472083B0-C522-11CF-8763-00608CC02F24} => C:\Program Files\Avast Software\Avast\ashShell.dll [2020-10-08] (Avast Software s.r.o. -> AVAST Software)
ContextMenuHandlers5: [igfxcui] -> {3AB1675A-CCFF-11D2-8B20-00A0C93CB1F4} => -> No File
ContextMenuHandlers5: [igfxDTCM] -> {9B5F5829-A529-4B12-814A-E81BCB8D93FC} => C:\WINDOWS\system32\igfxDTCM.dll [2017-09-25] (Microsoft Windows Hardware Compatibility Publisher -> Intel Corporation)
ContextMenuHandlers5: [NvCplDesktopContext] -> {3D1975AF-48C6-4f8e-A182-BE0E08FA86A9} => C:\WINDOWS\system32\nvshext.dll [2018-10-11] (NVIDIA Corporation -> NVIDIA Corporation)
ContextMenuHandlers6: [avast] -> {472083B0-C522-11CF-8763-00608CC02F24} => C:\Program Files\Avast Software\Avast\ashShell.dll [2020-10-08] (Avast Software s.r.o. -> AVAST Software)

==================== Codecs (Whitelisted) ====================

==================== Shortcuts & WMI ========================

(The entries could be listed to be restored or removed.)

ShortcutWithArgument: C:\Users\Tibor\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Excel.lnk -> C:\Program Files (x86)\Microsoft\Edge\Application\msedge_proxy.exe (Microsoft Corporation) -> --profile-directory=Default --app-id=leffmjdabcgaflkikcefahmlgpodjkdm
ShortcutWithArgument: C:\Users\Tibor\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Outlook.lnk -> C:\Program Files (x86)\Microsoft\Edge\Application\msedge_proxy.exe (Microsoft Corporation) -> --profile-directory=Default --app-id=bjhmmnoficofgoiacjaajpkfndojknpb
ShortcutWithArgument: C:\Users\Tibor\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\PowerPoint.lnk -> C:\Program Files (x86)\Microsoft\Edge\Application\msedge_proxy.exe (Microsoft Corporation) -> --profile-directory=Default --app-id=opfacbhaojodjaojgocnibmklknchehf
ShortcutWithArgument: C:\Users\Tibor\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Word.lnk -> C:\Program Files (x86)\Microsoft\Edge\Application\msedge_proxy.exe (Microsoft Corporation) -> --profile-directory=Default --app-id=hikhggiobiflkdfdgdajcfklmcibbopi

==================== Loaded Modules (Whitelisted) =============

2020-10-08 20:19 - 2020-10-08 20:19 - 013053440 _____ () [File not signed] C:\Windows.old\Users\Tibor\AppData\Local\MEGAsync\avcodec-58.dll
2020-10-08 20:19 - 2020-10-08 20:19 - 002290176 _____ () [File not signed] C:\Windows.old\Users\Tibor\AppData\Local\MEGAsync\avformat-58.dll
2020-10-08 20:19 - 2020-10-08 20:19 - 000521728 _____ () [File not signed] C:\Windows.old\Users\Tibor\AppData\Local\MEGAsync\avutil-56.dll
2017-09-10 20:08 - 2020-10-08 20:19 - 000065024 _____ () [File not signed] C:\Windows.old\Users\Tibor\AppData\Local\MEGAsync\cares.dll
2020-10-08 20:19 - 2020-10-08 20:19 - 000145408 _____ () [File not signed] C:\Windows.old\Users\Tibor\AppData\Local\MEGAsync\swresample-3.dll
2020-10-08 20:19 - 2020-10-08 20:19 - 000570880 _____ () [File not signed] C:\Windows.old\Users\Tibor\AppData\Local\MEGAsync\swscale-5.dll
2020-12-22 13:34 - 2014-03-05 14:47 - 001069056 _____ (Cisco Systems, Inc.) [File not signed] C:\Program Files (x86)\ASUS\USB-AC51 WLAN Card Utilities\Common\CiscoEapFast.dll
2018-04-02 18:21 - 2020-10-08 20:19 - 000295936 _____ (The curl library, hxxps://curl.haxx.se/) [File not signed] C:\Windows.old\Users\Tibor\AppData\Local\MEGAsync\libcurl.dll
2020-10-08 20:19 - 2020-10-08 20:19 - 002444288 _____ (The OpenSSL Project, hxxps://www.openssl.org/) [File not signed] C:\Windows.old\Users\Tibor\AppData\Local\MEGAsync\libcrypto-1_1.dll
2020-10-08 20:19 - 2020-10-08 20:19 - 000504320 _____ (The OpenSSL Project, hxxps://www.openssl.org/) [File not signed] C:\Windows.old\Users\Tibor\AppData\Local\MEGAsync\libssl-1_1.dll
2017-09-25 15:30 - 2020-10-08 20:19 - 005118072 _____ (The Qt Company Oy -> The Qt Company Ltd.) [File not signed] C:\Windows.old\Users\Tibor\AppData\Local\MEGAsync\Qt5Core.dll

==================== Alternate Data Streams (Whitelisted) ========

==================== Safe Mode (Whitelisted) ==================

==================== Association (Whitelisted) =================

==================== Internet Explorer (Whitelisted) ==========

HKU\S-1-5-21-2813316739-561623387-2885406294-1001\Software\Microsoft\Internet Explorer\Main,Start Page = hxxps://securesearch.org/homepage?hp=2&pId=BT170603&iDate=2020-10-10 06:06:17&bName=
SearchScopes: HKU\S-1-5-21-2813316739-561623387-2885406294-1001 -> {993F5746-4C15-42BC-99C1-064A1764271B} URL = hxxps://securesearch.org?q={searchTerms}

(If an entry is included in the fixlist, it will be removed from the registry.)

IE trusted site: HKU\.DEFAULT\...\localhost -> localhost
IE trusted site: HKU\.DEFAULT\...\webcompanion.com -> hxxp://webcompanion.com
IE trusted site: HKU\S-1-5-21-2813316739-561623387-2885406294-1001\...\localhost -> localhost
IE trusted site: HKU\S-1-5-21-2813316739-561623387-2885406294-1001\...\webcompanion.com -> hxxp://webcompanion.com

==================== Hosts content: =========================

(If needed Hosts: directive could be included in the fixlist to reset Hosts.)

2019-12-07 10:14 - 2019-12-07 10:12 - 000000824 _____ C:\WINDOWS\system32\drivers\etc\hosts

==================== Other Areas ===========================

(Currently there is no automatic fix for this section.)

HKU\S-1-5-21-2813316739-561623387-2885406294-1001\Control Panel\Desktop\\Wallpaper -> C:\Users\Tibor\Documents\MOJE\grafika\LP\soul.jpg
DNS Servers: 195.146.132.59 - 8.8.8.8
HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Policies\System => (ConsentPromptBehaviorAdmin: 5) (ConsentPromptBehaviorUser: 3) (EnableLUA: 1)
HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer => (SmartScreenEnabled: RequireAdmin)
Windows Firewall is enabled.

==================== MSCONFIG/TASK MANAGER disabled items ==

==================== FirewallRules (Whitelisted) ================

(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)

FirewallRules: [{7D061C90-3D70-4853-BC4F-CB0757CB07E1}] => (Allow) C:\Program Files\Mozilla Firefox\firefox.exe (Mozilla Corporation -> Mozilla Corporation)
FirewallRules: [{B94FB95A-5ED4-4F7F-B90E-7E373746DC44}] => (Allow) C:\Program Files\Mozilla Firefox\firefox.exe (Mozilla Corporation -> Mozilla Corporation)
FirewallRules: [TCP Query User{4514E595-D995-4ADC-9B27-4BC0E1EC392D}C:\users\tibor\appdata\roaming\spotify\spotify.exe] => (Allow) C:\users\tibor\appdata\roaming\spotify\spotify.exe (Spotify AB -> Spotify Ltd)
FirewallRules: [UDP Query User{56AF6791-032A-41CE-8005-848FCE3D2AAF}C:\users\tibor\appdata\roaming\spotify\spotify.exe] => (Allow) C:\users\tibor\appdata\roaming\spotify\spotify.exe (Spotify AB -> Spotify Ltd)
FirewallRules: [{ABF101A4-E343-4D02-84FA-D58462CD7BFE}] => (Allow) C:\Users\Tibor\AppData\Roaming\uTorrent Web\utweb.exe => No File
FirewallRules: [{1E39254B-279B-4B5C-9959-699BA214E8C1}] => (Allow) C:\Users\Tibor\AppData\Roaming\uTorrent Web\utweb.exe => No File
FirewallRules: [{83CC309D-80BC-4D38-9EE8-E3FF3CD8B19C}] => (Allow) C:\Users\Tibor\AppData\Roaming\uTorrent\uTorrent.exe => No File
FirewallRules: [{3D615B81-5A2E-476E-8D52-5C83E9F92BA2}] => (Allow) C:\Users\Tibor\AppData\Roaming\uTorrent\uTorrent.exe => No File
FirewallRules: [TCP Query User{11C1E296-10F3-47D9-B5A2-322A41684285}C:\users\tibor\appdata\local\programs\opera\71.0.3770.271\opera.exe] => (Allow) C:\users\tibor\appdata\local\programs\opera\71.0.3770.271\opera.exe => No File
FirewallRules: [UDP Query User{86F37B8D-1EF8-4A42-A9CA-643D1249B97E}C:\users\tibor\appdata\local\programs\opera\71.0.3770.271\opera.exe] => (Allow) C:\users\tibor\appdata\local\programs\opera\71.0.3770.271\opera.exe => No File
FirewallRules: [TCP Query User{0BA363F4-62B2-4C84-B16D-EC5C46A054D3}C:\users\tibor\appdata\roaming\utorrent web\utweb.exe] => (Block) C:\users\tibor\appdata\roaming\utorrent web\utweb.exe => No File
FirewallRules: [UDP Query User{33C46E11-A8AD-4E9C-8ADF-A9DD8C1CA830}C:\users\tibor\appdata\roaming\utorrent web\utweb.exe] => (Block) C:\users\tibor\appdata\roaming\utorrent web\utweb.exe => No File
FirewallRules: [TCP Query User{7F066300-1C7F-42D9-9A9C-EC1C61AE2C05}C:\program files (x86)\heroes of the storm\versions\base82169\heroesofthestorm_x64.exe] => (Allow) C:\program files (x86)\heroes of the storm\versions\base82169\heroesofthestorm_x64.exe => No File
FirewallRules: [UDP Query User{9004CE0D-E594-480E-ABFF-47151985196F}C:\program files (x86)\heroes of the storm\versions\base82169\heroesofthestorm_x64.exe] => (Allow) C:\program files (x86)\heroes of the storm\versions\base82169\heroesofthestorm_x64.exe => No File
FirewallRules: [TCP Query User{4D9B21A7-1930-45B8-BE3C-FBEC70B247F5}C:\users\tibor\appdata\local\programs\opera\71.0.3770.284\opera.exe] => (Allow) C:\users\tibor\appdata\local\programs\opera\71.0.3770.284\opera.exe => No File
FirewallRules: [UDP Query User{3ABB7685-3F53-41E6-9D4C-B2777A8538DA}C:\users\tibor\appdata\local\programs\opera\71.0.3770.284\opera.exe] => (Allow) C:\users\tibor\appdata\local\programs\opera\71.0.3770.284\opera.exe => No File
FirewallRules: [{8A3EF0EB-F258-43B4-AFB7-D23851E1B3C0}] => (Allow) C:\Program Files (x86)\Steam\Steam.exe (Valve -> Valve Corporation)
FirewallRules: [{BAF879E4-1578-46C4-85D3-4C7AB8209160}] => (Allow) C:\Program Files (x86)\Steam\Steam.exe (Valve -> Valve Corporation)
FirewallRules: [{3AAE6F48-B024-4461-AF21-6B372F84E4DF}] => (Allow) C:\Program Files (x86)\Steam\bin\cef\cef.win7\steamwebhelper.exe => No File
FirewallRules: [{603BD7EC-9D9D-441D-B4B0-2CB1146A1310}] => (Allow) C:\Program Files (x86)\Steam\bin\cef\cef.win7\steamwebhelper.exe => No File
FirewallRules: [{7D590BFA-7FE9-408B-AE4F-DBB79CCFA016}] => (Allow) C:\Program Files (x86)\Steam\steamapps\common\dota 2 beta\game\bin\win64\dota2.exe (Valve -> )
FirewallRules: [{6ECDA67D-C114-4382-B72E-B6548EEE6F5F}] => (Allow) C:\Program Files (x86)\Steam\steamapps\common\dota 2 beta\game\bin\win64\dota2.exe (Valve -> )
FirewallRules: [{4AEADD62-041D-4640-9B55-0C0FE50810B3}] => (Allow) C:\program files (x86)\common files\tencent\qqdownload\125\tencentdl.exe (Tencent Technology(Shenzhen) Company Limited -> Tencent)
FirewallRules: [{BC1476A9-595F-449C-9BFF-A81F2749C737}] => (Allow) C:\Program Files (x86)\Steam\bin\cef\cef.win7x64\steamwebhelper.exe (Valve -> Valve Corporation)
FirewallRules: [{40073C69-A303-4786-BA7F-07147345508B}] => (Allow) C:\Program Files (x86)\Steam\bin\cef\cef.win7x64\steamwebhelper.exe (Valve -> Valve Corporation)
FirewallRules: [TCP Query User{122116D3-C3F6-4FFD-9B33-5F0E5BBA680C}C:\users\tibor\appdata\local\programs\opera\72.0.3815.186\opera.exe] => (Allow) C:\users\tibor\appdata\local\programs\opera\72.0.3815.186\opera.exe => No File
FirewallRules: [UDP Query User{DA347C06-DD82-4893-AE94-7A4668BB45E2}C:\users\tibor\appdata\local\programs\opera\72.0.3815.186\opera.exe] => (Allow) C:\users\tibor\appdata\local\programs\opera\72.0.3815.186\opera.exe => No File
FirewallRules: [TCP Query User{1EBCB1DE-EB40-46F7-92E0-11C849332B25}C:\users\tibor\appdata\local\vysor\app-3.1.4\vysor.exe] => (Allow) C:\users\tibor\appdata\local\vysor\app-3.1.4\vysor.exe (Vysor Inc.) [File not signed]
FirewallRules: [UDP Query User{F4D4D39F-3342-4F41-AF8F-95C986D1F97F}C:\users\tibor\appdata\local\vysor\app-3.1.4\vysor.exe] => (Allow) C:\users\tibor\appdata\local\vysor\app-3.1.4\vysor.exe (Vysor Inc.) [File not signed]
FirewallRules: [{F986030F-3CC3-4764-B732-035712306A3A}] => (Allow) C:\Program Files\WindowsApps\Microsoft.SkypeApp_15.66.77.0_x86__kzf8qxf38zg5c\Skype\Skype.exe (Skype Software Sarl -> Skype Technologies S.A.)
FirewallRules: [{D7C953A4-4BA4-4D50-A602-4CB80F257F33}] => (Allow) C:\Program Files\WindowsApps\Microsoft.SkypeApp_15.66.77.0_x86__kzf8qxf38zg5c\Skype\Skype.exe (Skype Software Sarl -> Skype Technologies S.A.)
FirewallRules: [{863B6AF8-BB34-4FD8-A186-E23A4D3B4359}] => (Allow) C:\Program Files\WindowsApps\Microsoft.SkypeApp_15.66.77.0_x86__kzf8qxf38zg5c\Skype\Skype.exe (Skype Software Sarl -> Skype Technologies S.A.)
FirewallRules: [{147AC631-9CC8-4119-8E72-B53F90B7A9EE}] => (Allow) C:\Program Files\WindowsApps\Microsoft.SkypeApp_15.66.77.0_x86__kzf8qxf38zg5c\Skype\Skype.exe (Skype Software Sarl -> Skype Technologies S.A.)
FirewallRules: [TCP Query User{C3F1F020-0828-4A85-A208-BC33C34E6A8D}C:\users\tibor\appdata\local\programs\opera\72.0.3815.320\opera.exe] => (Allow) C:\users\tibor\appdata\local\programs\opera\72.0.3815.320\opera.exe => No File
FirewallRules: [UDP Query User{723A9B87-3011-426B-811C-46E8152F8859}C:\users\tibor\appdata\local\programs\opera\72.0.3815.320\opera.exe] => (Allow) C:\users\tibor\appdata\local\programs\opera\72.0.3815.320\opera.exe => No File
FirewallRules: [TCP Query User{30F1AF5E-0CEE-4E10-858E-6276F0BBD4E1}C:\users\tibor\appdata\local\programs\opera\72.0.3815.400\opera.exe] => (Allow) C:\users\tibor\appdata\local\programs\opera\72.0.3815.400\opera.exe (Opera Software AS -> Opera Software)
FirewallRules: [UDP Query User{406F9982-70F7-41D6-BBEE-5B2E45CE4F3A}C:\users\tibor\appdata\local\programs\opera\72.0.3815.400\opera.exe] => (Allow) C:\users\tibor\appdata\local\programs\opera\72.0.3815.400\opera.exe (Opera Software AS -> Opera Software)
FirewallRules: [TCP Query User{04BAE72E-3F48-4F9E-A681-BE89EA56ED07}C:\users\tibor\appdata\roaming\spotify\spotify.exe] => (Allow) C:\users\tibor\appdata\roaming\spotify\spotify.exe (Spotify AB -> Spotify Ltd)
FirewallRules: [UDP Query User{9ACFACCF-D812-407B-B7DD-BA7257ADE726}C:\users\tibor\appdata\roaming\spotify\spotify.exe] => (Allow) C:\users\tibor\appdata\roaming\spotify\spotify.exe (Spotify AB -> Spotify Ltd)
FirewallRules: [{EFEEF5D2-DAA5-49F3-A490-A10D0C3D14BB}] => (Allow) C:\Program Files (x86)\ASUS\USB-AC51 WLAN Card Utilities\Common\RaMediaServer.exe (Ralink) [File not signed]
FirewallRules: [{AC93B3F2-AEF4-4415-A2ED-7A59F505CFBB}] => (Allow) C:\Program Files (x86)\ASUS\USB-AC51 WLAN Card Utilities\Common\RaMediaServer.exe (Ralink) [File not signed]

==================== Restore Points =========================

19-11-2020 17:44:23 Scheduled Checkpoint
19-12-2020 16:34:34 Inštalátor modulov systému Windows
21-12-2020 19:24:49 Inštalátor modulov systému Windows

==================== Faulty Device Manager Devices ============

==================== Event log errors: ========================

Application errors:
==================
Error: (12/21/2020 07:20:12 PM) (Source: Firefox Default Browser Agent) (EventID: 12007) (User: )
Description: Event-ID 12007

Error: (12/21/2020 07:20:12 PM) (Source: Firefox Default Browser Agent) (EventID: 0) (User: )
Description: Event-ID 0

Error: (12/19/2020 04:38:37 PM) (Source: Application Error) (EventID: 1000) (User: )
Description: Názov chybujúcej aplikácie: GameBar.exe, verzia: 5.420.11102.0, časová značka: 0x5faaa7cb
Názov chybujúceho modulu: KERNELBASE.dll, verzia: 10.0.19041.572, časová značka: 0x1183946c
Kód výnimky: 0xc0000409
Odstup chyby: 0x000000000010b65c
Identifikácia chybujúceho procesu: 0x1e10
Čas spustenia chybujúcej aplikácie: 0x01d6d619fa5ecbc2
Cesta chybujúcej aplikácie: C:\Program Files\WindowsApps\Microsoft.XboxGamingOverlay_5.420.11102.0_x64__8wekyb3d8bbwe\GameBar.exe
Cesta chybujúceho modulu: C:\WINDOWS\System32\KERNELBASE.dll
Identifikácia hlásenia: 25fa3b13-e5d8-4cc1-a88a-86eed5d97649
Celé meno chybujúceho balíka: Microsoft.XboxGamingOverlay_5.420.11102.0_x64__8wekyb3d8bbwe
Identifikácia chybujúcej aplikácie vzhľadom na balík: App

Error: (12/19/2020 04:34:31 PM) (Source: Application Hang) (EventID: 1002) (User: )
Description: The program YourPhone.exe version 1.20112.68.0 stopped interacting with Windows and was closed. To see if more information about the problem is available, check the problem history in the Security and Maintenance control panel.

Process ID: 1ef4

Start Time: 01d6d61c4a44696c

Termination Time: 4294967295

Application Path: C:\Program Files\WindowsApps\Microsoft.YourPhone_1.20112.68.0_x64__8wekyb3d8bbwe\YourPhone.exe

Report Id: 573ffff4-f518-4330-aacc-dd3888bc5e39

Faulting package full name: Microsoft.YourPhone_1.20112.68.0_x64__8wekyb3d8bbwe

Faulting package-relative application ID: App

Hang type: Activation

Error: (12/12/2020 11:37:17 PM) (Source: Microsoft-Windows-Defrag) (EventID: 264) (User: )
Description: Optimalizátor úložiska nemohol dokončiť opätovné vystrihnutie v Záloha (F:), pretože: Hardvér, ktorý podporuje tento zväzok, nepodporuje požadovanú operáciu. (0x8900002A)

Error: (12/12/2020 11:37:17 PM) (Source: Microsoft-Windows-Defrag) (EventID: 264) (User: )
Description: Optimalizátor úložiska nemohol dokončiť opätovné vystrihnutie v Acer (C:), pretože: Hardvér, ktorý podporuje tento zväzok, nepodporuje požadovanú operáciu. (0x8900002A)

Error: (12/12/2020 09:32:34 PM) (Source: Application Error) (EventID: 1000) (User: )
Description: Názov chybujúcej aplikácie: GameBar.exe, verzia: 5.420.11102.0, časová značka: 0x5faaa7cb
Názov chybujúceho modulu: KERNELBASE.dll, verzia: 10.0.19041.572, časová značka: 0x1183946c
Kód výnimky: 0xc0000409
Odstup chyby: 0x000000000010b65c
Identifikácia chybujúceho procesu: 0x3180
Čas spustenia chybujúcej aplikácie: 0x01d6d0c5be456f5f
Cesta chybujúcej aplikácie: C:\Program Files\WindowsApps\Microsoft.XboxGamingOverlay_5.420.11102.0_x64__8wekyb3d8bbwe\GameBar.exe
Cesta chybujúceho modulu: C:\WINDOWS\System32\KERNELBASE.dll
Identifikácia hlásenia: 8d7612dd-3048-48a0-ac99-869613cacff3
Celé meno chybujúceho balíka: Microsoft.XboxGamingOverlay_5.420.11102.0_x64__8wekyb3d8bbwe
Identifikácia chybujúcej aplikácie vzhľadom na balík: App

Error: (11/20/2020 06:49:52 PM) (Source: Microsoft-Windows-Defrag) (EventID: 264) (User: )
Description: Optimalizátor úložiska nemohol dokončiť opätovné vystrihnutie v Záloha (F:), pretože: Hardvér, ktorý podporuje tento zväzok, nepodporuje požadovanú operáciu. (0x8900002A)

System errors:
=============
Error: (12/22/2020 01:38:15 PM) (Source: Service Control Manager) (EventID: 7023) (User: )
Description: Služba Function Discovery Resource Publication bola ukončená s nasledujúcou chybou:
%%2147952449 = The requested address is not valid in its context.

Error: (12/21/2020 10:25:19 PM) (Source: Service Control Manager) (EventID: 7023) (User: )
Description: Služba Windows Search bola ukončená s nasledujúcou chybou:
A system shutdown is in progress.

Error: (12/21/2020 10:25:10 PM) (Source: Service Control Manager) (EventID: 7043) (User: )
Description: Služba Avast Antivirus sa po prijatí ovládacieho príkazu pred vypnutím nevypla správne.

Error: (12/21/2020 10:24:57 PM) (Source: DCOM) (EventID: 10005) (User: NT AUTHORITY)
Description: DCOM got error "1115" attempting to start the service TrustedInstaller with arguments "Unavailable" in order to run the server:
{752073A1-23F2-4396-85F0-8FDB879ED0ED}

Error: (12/21/2020 10:24:54 PM) (Source: Service Control Manager) (EventID: 7043) (User: )
Description: Služba aswbIDSAgent sa po prijatí ovládacieho príkazu pred vypnutím nevypla správne.

Error: (12/21/2020 10:20:39 PM) (Source: Service Control Manager) (EventID: 7043) (User: )
Description: Služba Avast Antivirus sa po prijatí ovládacieho príkazu pred vypnutím nevypla správne.

Error: (12/12/2020 09:33:51 PM) (Source: Service Control Manager) (EventID: 7000) (User: )
Description: Spustenie služby Steam Client Service zlyhalo kvôli nasledujúcej chybe:
The service did not respond to the start or control request in a timely fashion.

Error: (12/12/2020 09:33:51 PM) (Source: Service Control Manager) (EventID: 7009) (User: )
Description: Počas čakania na pripojenie služby Steam Client Service bol dosiahnutý časový limit (30000 ms).

CodeIntegrity:
===================================

Date: 2020-12-22 13:41:14.3620000Z
Description:
Code Integrity determined that a process (\Device\HarddiskVolume4\Windows\System32\svchost.exe) attempted to load \Device\HarddiskVolume4\Program Files\Avast Software\Avast\aswAMSI.dll that did not meet the Windows signing level requirements.

Date: 2020-12-22 13:41:14.2680000Z
Description:
Code Integrity determined that a process (\Device\HarddiskVolume4\Windows\System32\svchost.exe) attempted to load \Device\HarddiskVolume4\Program Files\Avast Software\Avast\aswAMSI.dll that did not meet the Windows signing level requirements.

Date: 2020-12-22 13:41:14.1630000Z
Description:
Code Integrity determined that a process (\Device\HarddiskVolume4\Windows\System32\svchost.exe) attempted to load \Device\HarddiskVolume4\Program Files\Avast Software\Avast\aswAMSI.dll that did not meet the Windows signing level requirements.

Date: 2020-12-22 13:41:14.0310000Z
Description:
Code Integrity determined that a process (\Device\HarddiskVolume4\Windows\System32\svchost.exe) attempted to load \Device\HarddiskVolume4\Program Files\Avast Software\Avast\aswAMSI.dll that did not meet the Windows signing level requirements.

Date: 2020-12-22 13:30:06.3370000Z
Description:
Code Integrity determined that a process (\Device\HarddiskVolume4\Windows\System32\svchost.exe) attempted to load \Device\HarddiskVolume4\Program Files\Avast Software\Avast\aswAMSI.dll that did not meet the Windows signing level requirements.

Date: 2020-12-22 13:30:06.3190000Z
Description:
Code Integrity determined that a process (\Device\HarddiskVolume4\Windows\System32\svchost.exe) attempted to load \Device\HarddiskVolume4\Program Files\Avast Software\Avast\aswAMSI.dll that did not meet the Windows signing level requirements.

Date: 2020-12-22 13:30:06.2920000Z
Description:
Code Integrity determined that a process (\Device\HarddiskVolume4\Windows\System32\svchost.exe) attempted to load \Device\HarddiskVolume4\Program Files\Avast Software\Avast\aswAMSI.dll that did not meet the Windows signing level requirements.

Date: 2020-12-22 13:28:28.3160000Z
Description:
Code Integrity determined that a process (\Device\HarddiskVolume4\Windows\System32\SIHClient.exe) attempted to load \Device\HarddiskVolume4\Program Files\Avast Software\Avast\aswAMSI.dll that did not meet the Windows signing level requirements.

==================== Memory info ===========================

BIOS: Insyde Corp. V1.11 04/20/2015
Motherboard: Acer ZORO_BH
Processor: Intel(R) Core(TM) i5-5200U CPU @ 2.20GHz
Percentage of memory in use: 56%
Total physical RAM: 8106.7 MB
Available physical RAM: 3504.25 MB
Total Virtual: 9386.7 MB
Available Virtual: 4124.93 MB

==================== Drives ================================

Drive c: (Acer) (Fixed) (Total:814.21 GB) (Free:342.88 GB) NTFS
Drive f: (Záloha) (Fixed) (Total:100 GB) (Free:25.38 GB) NTFS

\\?\Volume{1306b144-0e03-49b6-aed4-69658cf79121}\ (Recovery) (Fixed) (Total:0.59 GB) (Free:0.28 GB) NTFS
\\?\Volume{bb1b77a1-c939-4a61-b2af-a5d42064ba4d}\ (Push Button Reset) (Fixed) (Total:16.29 GB) (Free:1.82 GB) NTFS
\\?\Volume{eeb75141-f900-40d1-b25c-a3cc7b18018f}\ (ESP) (Fixed) (Total:0.29 GB) (Free:0.24 GB) FAT32

==================== MBR & Partition Table ====================

==========================================================
Disk: 0 (Size: 931.5 GB) (Disk ID: 4E2DB25E)

Partition: GPT.

==================== End of Addition.txt =======================

#3 Příspěvek od **JaRon** » 23 pro 2020 07:50

ahoj,
vycisti PC s ADWCleanerom

T-Bag · #4 Příspěvek od **T-Bag** » 23 pro 2020 16:54

Malwarebytes
www.malwarebytes.com

-Podrobnosti denníka-
Dátum skenovania: 23. 12. 2020
Čas skenovania: 16:43
Súbor denníka: ab5b29b8-4535-11eb-b9be-2c600c85c4f1.json

-Údaje o softvéri-
Verzia: 4.3.0.98
Verzia súčastí: 1.0.1130
Aktualizovať verziu balíka: 1.0.34675
Licencia: Skúšobná verzia

-Systémové informácie-
OS: Windows 10 (Build 19041.685)
Procesor: x64
Systém súborov: NTFS
Používateľ: TIBOR\Tibor

-Zhrnutie skenovania-
Typ skenovania: Vyhľadávanie hrozieb
Skenovanie bolo spustené: Manuálne
Výsledok: Dokončené
Preskenované objekty: 275990
Zistené hrozby: 5
Hrozby umiestnené do karantény: 0
Uplynulý čas: 6 min, 46 s

-Možnosti skenovania-
Pamäť: Povolené
Spúšťanie: Povolené
Systém súborov: Povolené
Archívy: Povolené
Rootkity: Zakázané
Heuristika: Povolené
PUP: Zistiť
PUM: Zistiť

-Podrobnosti skenovania-
Proces: 0
(Nezistili sa nijaké škodlivé položky)

Modul: 0
(Nezistili sa nijaké škodlivé položky)

Kľúč databázy Registry: 1
PUP.Optional.SearchYa, HKU\S-1-5-21-2813316739-561623387-2885406294-1001\SOFTWARE\MICROSOFT\INTERNET EXPLORER\SEARCHSCOPES\{993F5746-4C15-42BC-99C1-064A1764271B}, Bez zásahu používateľa, 2160, 242794, 1.0.34675, , ame, , ,

Hodnota databázy Registry: 1
PUP.Optional.SearchYa, HKU\S-1-5-21-2813316739-561623387-2885406294-1001\SOFTWARE\MICROSOFT\INTERNET EXPLORER\SEARCHSCOPES\{993F5746-4C15-42BC-99C1-064A1764271B}|DISPLAYNAME, Bez zásahu používateľa, 2160, 242794, 1.0.34675, , ame, , ,

Údaje databázy Registry: 0
(Nezistili sa nijaké škodlivé položky)

Prúd údajov: 0
(Nezistili sa nijaké škodlivé položky)

Priečinok: 0
(Nezistili sa nijaké škodlivé položky)

Súbor: 3
PUP.Optional.BundleInstaller, C:\USERS\TIBOR\DOWNLOADS\UTORRENT(1).EXE, Bez zásahu používateľa, 150, 790622, 1.0.34675, , ame, , 021DB6AE2083C0DD60B343BBB78B2EA8, CDCA0C3E8950AC521395D73CFE10078AE5977827CAE5457CF18999793ED800B6
PUP.Optional.BundleInstaller, C:\USERS\TIBOR\DOWNLOADS\UTWEB_INSTALLER.EXE, Bez zásahu používateľa, 150, 790622, 1.0.34675, , ame, , 9D550A85F25EFE0B043EF1459FD434FA, 4B86168BE0E13E145AC40FA363CEBF8517B9A84C6EB64357A09A79457F515046
PUP.Optional.BundleInstaller, C:\USERS\TIBOR\DOWNLOADS\UTWEB_INSTALLER(1).EXE, Bez zásahu používateľa, 150, 790622, 1.0.34675, , ame, , B7F8111075D03C1B357B9E98D48289EB, 62B560EDC86F21755BE4C295D94B657D7AF29A0C949B1D8364A223B999D106E4

Fyzický sektor: 0
(Nezistili sa nijaké škodlivé položky)

WMI: 0
(Nezistili sa nijaké škodlivé položky)

(end)

#5 Příspěvek od **JaRon** » 23 pro 2020 19:17

Najdene nechaj odstranita napis, ci je to stale pomale?

T-Bag · #6 Příspěvek od **T-Bag** » 24 pro 2020 11:00

pomohlo to celkom výrazne, ešte som to prebehol ccleanerom.

#7 Příspěvek od **JaRon** » 24 pro 2020 12:29

Fajn, pekne sviatky

VIRY.CZ

Preventívka pomalý ntb

Preventívka pomalý ntb

Re: Preventívka pomalý ntb

Re: Preventívka pomalý ntb

Re: Preventívka pomalý ntb

Re: Preventívka pomalý ntb

Re: Preventívka pomalý ntb

Re: Preventívka pomalý ntb